Update Bouncy Castle to 1.61 Test: cts -m CtsLibcoreTestCases Test: cts -m CtsLibcoreWycheproofBCTestCases Change-Id: Ifcd182a8537439b945aedf80741bd51cbce37e49

commit: 27254450f01adef5f4bb25a648d42eeacc14c438 [log] [tgz]
author: Adam Vartanian <flooey@google.com> Thu Feb 14 14:42:19 2019 +0000
committer: Adam Vartanian <flooey@google.com> Mon Feb 18 10:18:52 2019 +0000
tree: 90eb8fa6c24a44780cc4c4be2d50555f955d29f4
parent: bdfb209e7c1139588c82722a809c46667775a314 [diff]
parent: 1b335c5efbcf241b55345622fe9978047c3fdf9e [diff]
diff --git a/Android.bp b/Android.bp
new file mode 100644
index 0000000..7d37383
--- /dev/null
+++ b/Android.bp

@@ -0,0 +1,148 @@
+//
+// Copyright (C) 2010 The Android Open Source Project
+//
+// Licensed under the Apache License, Version 2.0 (the "License");
+// you may not use this file except in compliance with the License.
+// You may obtain a copy of the License at
+//
+//      http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+//
+
+java_defaults {
+    name: "bouncycastle-errorprone-defaults",
+    errorprone: {
+        javacflags: [
+            "-Xep:MissingOverride:OFF",  // Ignore missing @Override.
+        ],
+    },
+}
+
+// These cannot build in the PDK, because the PDK requires all libraries
+// compile against SDK versions.
+java_defaults {
+    name: "bouncycastle-defaults",
+    defaults: [
+        "bouncycastle-errorprone-defaults",
+    ],
+    hostdex: true,
+    target: {
+        android: {
+            product_variables: {
+                pdk: {
+                    enabled: false,
+                },
+            },
+        },
+    },
+}
+
+// A bouncycastle library in the original org.bouncycastle package for use
+// outside of the platform. e.g. for host or in unbundled apps.
+java_library_static {
+    name: "bouncycastle-unbundled",
+    defaults: ["bouncycastle-defaults"],
+    host_supported: true,
+
+    srcs: ["bcprov/src/main/java/**/*.java"],
+    exclude_srcs: [
+        "bcprov/src/main/java/org/bouncycastle/asn1/ocsp/**/*.java",
+    ],
+
+    sdk_version: "core_current",
+    java_version: "1.7",
+}
+
+// The src files for bouncycastle, used to generate core platform / intra-core
+// API stubs.
+filegroup {
+    name: "bouncycastle_java_files",
+    srcs: ["repackaged/bcprov/src/main/java/**/*.java"],
+}
+
+// A bouncycastle library repackaged in com.android.org.bouncycastle for use
+// in the Android platform where it is important not to conflict with the
+// original org.bouncycastle package.
+java_library {
+    name: "bouncycastle",
+    defaults: ["bouncycastle-defaults"],
+    installable: true,
+
+    srcs: [":bouncycastle_java_files"],
+
+    no_standard_libs: true,
+    libs: [
+        "core-all",
+    ],
+    system_modules: "core-all-system-modules",
+}
+
+// A guaranteed unstripped version of bouncycastle.
+// The build system may or may not strip the bouncycastle jar, but this one will
+// not be stripped. See b/24535627.
+java_library {
+    name: "bouncycastle-testdex",
+    defaults: ["bouncycastle-defaults"],
+    installable: true,
+
+    srcs: [":bouncycastle_java_files"],
+
+    no_standard_libs: true,
+    libs: [
+        "core-all",
+    ],
+    dex_preopt: {
+        enabled: false,
+    },
+    system_modules: "core-all-system-modules",
+    java_version: "1.7",
+}
+
+// Bouncycastle PKIX classes in the original org.bouncycastle package for use
+// outside of the platform. e.g. for host or in unbundled apps / CTS tests.
+java_library_static {
+    name: "bouncycastle-bcpkix-unbundled",
+    defaults: ["bouncycastle-defaults"],
+    host_supported: true,
+
+    srcs: ["bcpkix/src/main/java/**/*.java"],
+    exclude_srcs: ["bcpkix/src/main/java/org/bouncycastle/cert/ocsp/**/*.java"],
+    libs: ["bouncycastle-unbundled"],
+
+    sdk_version: "core_current",
+}
+
+// Bouncycastle OCSP classes in the original org.bouncycastle package for use
+// outside of the platform. e.g. for host or in unbundled apps / CTS tests.
+java_library_static {
+    name: "bouncycastle-ocsp-unbundled",
+    defaults: ["bouncycastle-defaults"],
+    host_supported: true,
+
+    srcs: [
+        "bcpkix/src/main/java/org/bouncycastle/cert/ocsp/**/*.java",
+        "bcprov/src/main/java/org/bouncycastle/asn1/ocsp/**/*.java",
+    ],
+    libs: [ "bouncycastle-unbundled",
+            "bouncycastle-bcpkix-unbundled"
+    ],
+
+    sdk_version: "core_current",
+}
+
+// For compatibility with old bouncycastle-host name.
+java_library_host {
+    name: "bouncycastle-host",
+    static_libs: ["bouncycastle-unbundled"],
+}
+
+// For compatibility with old bouncycastle-bcpkix-host name.
+java_library_host {
+    name: "bouncycastle-bcpkix-host",
+    static_libs: ["bouncycastle-bcpkix-unbundled"],
+}

diff --git a/Android.mk b/Android.mk
deleted file mode 100644
index f2ab2a8..0000000
--- a/Android.mk
+++ /dev/null

@@ -1,220 +0,0 @@
-#
-# Copyright (C) 2010 The Android Open Source Project
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-LOCAL_PATH := $(call my-dir)
-
-# All the files needed for OCSP testing
-all_bc_ocsp_files := $(call all-java-files-under,bcpkix/src/main/java/org/bouncycastle/cert/ocsp) \
- $(call all-java-files-under,bcprov/src/main/java/org/bouncycastle/asn1/ocsp)
-
-# used for bouncycastle-hostdex where we want everything for testing
-all_bcprov_src_files := $(filter-out \
- $(all_bc_ocsp_files), \
- $(call all-java-files-under,bcprov/src/main/java))
-
-# used for bouncycastle for target where we want to be sure to use OpenSSLDigest
-android_bcprov_src_files := $(filter-out \
- bcprov/src/main/java/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java, \
- $(all_bcprov_src_files))
-
-# used for bouncycastle-host where we can't use OpenSSLDigest
-ri_bcprov_src_files := $(filter-out \
- bcprov/src/main/java/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java \
- bcprov/src/main/java/org/bouncycastle/crypto/digests/OpenSSLDigest.java, \
- $(all_bcprov_src_files))
-
-# used for host tools, but OCSP is only for testing
-all_bcpkix_src_files := $(filter-out \
- $(all_bc_ocsp_files), \
- $(call all-java-files-under,bcpkix/src/main/java))
-
-# These cannot build in the PDK, because the PDK requires all libraries
-# compile against SDK versions. LOCAL_NO_STANDARD_LIBRARIES conflicts with
-# this requirement.
-ifneq ($(TARGET_BUILD_PDK),true)
-
-    # non-jarjar version to build okhttp-tests
-    include $(CLEAR_VARS)
-    LOCAL_MODULE := bouncycastle-nojarjar
-    LOCAL_MODULE_TAGS := optional
-    LOCAL_SRC_FILES := $(android_bcprov_src_files)
-    LOCAL_JAVA_LIBRARIES := core-oj core-libart conscrypt
-    LOCAL_NO_STANDARD_LIBRARIES := true
-    LOCAL_JAVA_LANGUAGE_VERSION := 1.7
-    include $(BUILD_STATIC_JAVA_LIBRARY)
-
-    include $(CLEAR_VARS)
-    LOCAL_MODULE := bouncycastle
-    LOCAL_MODULE_TAGS := optional
-    LOCAL_STATIC_JAVA_LIBRARIES := bouncycastle-nojarjar
-    LOCAL_JAVA_LIBRARIES := core-oj core-libart conscrypt
-    LOCAL_NO_STANDARD_LIBRARIES := true
-    LOCAL_JARJAR_RULES := $(LOCAL_PATH)/jarjar-rules.txt
-    LOCAL_JAVA_LANGUAGE_VERSION := 1.7
-    include $(BUILD_JAVA_LIBRARY)
-
-    # unbundled bouncycastle jar
-    include $(CLEAR_VARS)
-    LOCAL_MODULE := bouncycastle-unbundled
-    LOCAL_MODULE_TAGS := optional
-    LOCAL_SDK_VERSION := 9
-    LOCAL_SRC_FILES := $(ri_bcprov_src_files)
-    include $(BUILD_STATIC_JAVA_LIBRARY)
-
-    # PKIX classes used for testing
-    include $(CLEAR_VARS)
-    LOCAL_MODULE := bouncycastle-bcpkix-nojarjar
-    LOCAL_MODULE_TAGS := optional
-    LOCAL_SRC_FILES := $(all_bcpkix_src_files)
-    LOCAL_NO_STANDARD_LIBRARIES := true
-    LOCAL_JAVA_LIBRARIES := bouncycastle-nojarjar core-oj core-libart conscrypt
-    include $(BUILD_STATIC_JAVA_LIBRARY)
-
-    include $(CLEAR_VARS)
-    LOCAL_MODULE := bouncycastle-bcpkix
-    LOCAL_MODULE_TAGS := optional
-    LOCAL_STATIC_JAVA_LIBRARIES := bouncycastle-bcpkix-nojarjar
-    LOCAL_JAVA_LIBRARIES := core-oj core-libart conscrypt
-    LOCAL_NO_STANDARD_LIBRARIES := true
-    LOCAL_JARJAR_RULES := $(LOCAL_PATH)/jarjar-rules.txt
-    include $(BUILD_STATIC_JAVA_LIBRARY)
-
-    # OCSP classes used for testing
-    include $(CLEAR_VARS)
-    LOCAL_MODULE := bouncycastle-ocsp
-    LOCAL_MODULE_TAGS := optional
-    LOCAL_SRC_FILES := $(all_bc_ocsp_files)
-    LOCAL_JAVA_LIBRARIES := bouncycastle-nojarjar bouncycastle-bcpkix-nojarjar core-oj core-libart conscrypt
-    LOCAL_JARJAR_RULES := $(LOCAL_PATH)/jarjar-rules.txt
-    LOCAL_JAVA_LANGUAGE_VERSION := 1.7
-    LOCAL_NO_STANDARD_LIBRARIES := true
-    include $(BUILD_STATIC_JAVA_LIBRARY)
-endif # TARGET_BUILD_PDK != true
-
-# This is used to generate a list of what is unused so it can be removed when bouncycastle is updated.
-# Based on "Finding dead code" example in ProGuard manual at http://proguard.sourceforge.net/
-.PHONY: bouncycastle-proguard-deadcode
-bouncycastle-proguard-deadcode: $(full_classes_compiled_jar) $(full_java_libs)
-	$(PROGUARD) \
-		-injars $(full_classes_compiled_jar) \
-		-libraryjars "$(call normalize-path-list,$(addsuffix (!org/bouncycastle/**.class,!com/android/org/conscrypt/OpenSSLMessageDigest.class),$(full_java_libs)))" \
-		-dontoptimize \
-		-dontobfuscate \
-		-dontpreverify \
-		-ignorewarnings \
-		-printusage \
-		-keep class org.bouncycastle.jce.provider.BouncyCastleProvider "{ public protected *; }" \
-		-keep class org.bouncycastle.jce.provider.symmetric.AESMappings "{ public protected *; }" \
-		-keep class org.bouncycastle.asn1.ASN1TaggedObject "{ public protected *; }" \
-		-keep class org.bouncycastle.asn1.x509.CertificateList "{ public protected *; }" \
-		-keep class org.bouncycastle.crypto.AsymmetricBlockCipher "{ public protected *; }" \
-		-keep class org.bouncycastle.x509.ExtendedPKIXBuilderParameters "{ public protected *; }" \
-		`(find $(LOCAL_PATH) -name '*.java' | xargs grep '"org.bouncycastle' | egrep '  (put|add)' | sed -e 's/");//' -e 's/.*"//'; \
-		  find $(LOCAL_PATH) -name '*.java' | xargs grep '  addHMACAlgorithm' | sed 's/"org.bouncycastle/\norg.bouncycastle/g' | grep ^org.bouncycastle | sed 's/".*//'; \
-                  find . -name '*.java' | xargs grep 'import org.bouncycastle' | grep -v /bouncycastle/ | sed -e 's/.*:import //' -e 's/;//') \
-		  | sed -e 's/^/-keep class /' -e 's/$$/ { public protected \*; } /' | sort | uniq` \
-		-keepclassmembers "class * { \
-		    static final %                *; \
-		    static final java.lang.String *; \
-		}" \
-		-keepclassmembers "class * implements java.io.Serializable { \
-		    private static final java.io.ObjectStreamField[] serialPersistentFields; \
-		    private void writeObject(java.io.ObjectOutputStream); \
-		    private void readObject(java.io.ObjectInputStream); \
-		    java.lang.Object writeReplace(); \
-		    java.lang.Object readResolve(); \
-		}" \
-		-keepclassmembers "interface org.bouncycastle.crypto.paddings.BlockCipherPadding { \
-		    abstract public java.lang.String getPaddingName(); \
-		}" \
-		-keepclassmembers "class * implements org.bouncycastle.crypto.paddings.BlockCipherPadding { \
-		    public java.lang.String getPaddingName(); \
-		}"
-
-# Conscrypt isn't built in the PDK or on non-linux OSes, so this cannot be built
-# because it has a dependency on conscrypt-hostdex.
-ifneq ($(TARGET_BUILD_PDK),true)
-  ifeq ($(HOST_OS),linux)
-    include $(CLEAR_VARS)
-    LOCAL_MODULE := bouncycastle-hostdex-nojarjar
-    LOCAL_MODULE_TAGS := optional
-    LOCAL_SRC_FILES := $(all_bcprov_src_files)
-    LOCAL_JAVA_LIBRARIES := conscrypt-hostdex
-    include $(BUILD_HOST_DALVIK_JAVA_LIBRARY)
-
-    include $(CLEAR_VARS)
-    LOCAL_MODULE := bouncycastle-hostdex
-    LOCAL_MODULE_TAGS := optional
-    LOCAL_STATIC_JAVA_LIBRARIES := bouncycastle-hostdex-nojarjar
-    LOCAL_JAVA_LIBRARIES := conscrypt-hostdex
-    LOCAL_JARJAR_RULES := $(LOCAL_PATH)/jarjar-rules.txt
-    LOCAL_JAVA_LANGUAGE_VERSION := 1.7
-    include $(BUILD_HOST_DALVIK_JAVA_LIBRARY)
-
-    include $(CLEAR_VARS)
-    LOCAL_MODULE := bouncycastle-bcpkix-hostdex-nojarjar
-    LOCAL_MODULE_TAGS := optional
-    LOCAL_SRC_FILES := $(all_bcpkix_src_files)
-    LOCAL_JAVA_LIBRARIES := bouncycastle-hostdex-nojarjar
-    include $(BUILD_HOST_DALVIK_JAVA_LIBRARY)
-
-    include $(CLEAR_VARS)
-    LOCAL_MODULE := bouncycastle-bcpkix-hostdex
-    LOCAL_MODULE_TAGS := optional
-    LOCAL_STATIC_JAVA_LIBRARIES := bouncycastle-bcpkix-hostdex-nojarjar
-    LOCAL_JAVA_LIBRARIES := bouncycastle-hostdex-nojarjar
-    LOCAL_JARJAR_RULES := $(LOCAL_PATH)/jarjar-rules.txt
-    include $(BUILD_HOST_DALVIK_JAVA_LIBRARY)
-
-    # OCSP classes used for testing
-    include $(CLEAR_VARS)
-    LOCAL_MODULE := bouncycastle-ocsp-hostdex
-    LOCAL_MODULE_TAGS := optional
-    LOCAL_SRC_FILES := $(all_bc_ocsp_files)
-    LOCAL_JAVA_LIBRARIES := bouncycastle-hostdex-nojarjar bouncycastle-bcpkix-hostdex-nojarjar
-    LOCAL_JARJAR_RULES := $(LOCAL_PATH)/jarjar-rules.txt
-    include $(BUILD_HOST_DALVIK_JAVA_LIBRARY)
-  endif  # ($(HOST_OS),linux)
-endif
-
-include $(CLEAR_VARS)
-LOCAL_MODULE := bouncycastle-host
-LOCAL_MODULE_TAGS := optional
-LOCAL_SRC_FILES := $(ri_bcprov_src_files)
-LOCAL_JAVA_LANGUAGE_VERSION := 1.7
-include $(BUILD_HOST_JAVA_LIBRARY)
-
-include $(CLEAR_VARS)
-LOCAL_MODULE := bouncycastle-bcpkix-host
-LOCAL_MODULE_TAGS := optional
-LOCAL_SRC_FILES := $(all_bcpkix_src_files)
-LOCAL_JAVA_LIBRARIES := bouncycastle-host
-LOCAL_JAVA_LANGUAGE_VERSION := 1.7
-include $(BUILD_HOST_JAVA_LIBRARY)
-
-# OCSP classes used for testing
-include $(CLEAR_VARS)
-LOCAL_MODULE := bouncycastle-ocsp-host
-LOCAL_MODULE_TAGS := optional
-LOCAL_SRC_FILES := $(all_bc_ocsp_files)
-LOCAL_JAVA_LIBRARIES := bouncycastle-host bouncycastle-bcpkix-host
-include $(BUILD_HOST_JAVA_LIBRARY)
-
-# Unset these so they don't linger in the next makefile
-all_bcprov_src_files :=
-android_bcprov_src_files :=
-ri_bcprov_src_files :=
-all_bcpkix_src_files :=
-all_bc_ocsp_files :=

diff --git a/OWNERS b/OWNERS
new file mode 100644
index 0000000..77c1c3c
--- /dev/null
+++ b/OWNERS

@@ -0,0 +1,3 @@
+flooey@google.com
+kroot@google.com
+prb@google.com

diff --git a/README.android b/README.android
index 5a3e9b5..2b6c07f 100644
--- a/README.android
+++ b/README.android

@@ -2,8 +2,8 @@
 ---
 
 The code in this directory is based on $BOUNCYCASTLE_VERSION in the
-file bouncycastle.version. See patches/README for more information on
-how the code differs from $BOUNCYCASTLE_VERSION.
+file bouncycastle.version. See the in-file change markers for more information
+on how the code differs from $BOUNCYCASTLE_VERSION.
 
 Porting New Versions of Bouncy Castle.
 --
@@ -21,257 +21,62 @@
      md5sum bcpkix-jdk*-*.tar.gz
      sha1sum bcpkix-jdk*-*.tar.gz
 
-2) Update the variables in bouncycastle.config and bouncycastle.version as appropriate.
-   At the very least you will need to update the bouncycastle.version.
+2) Submit the code to the upstream-master branch:
 
-3) Run:
+  a) Create a new branch tracking upstream-master
 
-     ./import_bouncycastle.sh import bcprov-jdk*-*.tar.gz
+      git checkout -b upgrade-to-xxx --track aosp/upstream-master
 
-   Note the script expects to find the bcpkix-jdk*-*.tar.gz alongside the bcprov file.
+  b) Update the variables in bouncycastle.version.
 
-4) If there are any errors, then modify bouncycastle.config, bouncycastle.version
-   and patches in patches/ as appropriate.  You might want to use:
+  c) Expand the source from the .tar.gz files
 
-     ./import_bouncycastle.sh regenerate patches/*.patch
+  d) Replace bc{prov,pkix}/src/main/java/org with the equivalent source
+     directory
 
-   Repeat step 3.
+  e) Ensure any new files are added
 
-5) Cleanup before building with:
+      git add bc{prov,pkix}
 
-     m -j16 clean-bouncycastle
+  f) Commit the change
 
-6) Build the bouncycastle target from the external/bouncycastle directory with:
+      git commit -a -m 'bouncycastle: Android tree with upstream code for version X.XX'
 
-     mm -j16 snod && adb sync system
+  g) Get the change reviewed
 
-   If there are build errors, then patches/*.mk or bouncycastle.config
-   may need updating.
+      repo upload . -D upstream-master
 
-7) Run tests to make sure things are working:
+3) Merge the code into the master branch
 
-     Some suggested tests by area:
-     - java.security.AlgorithmParameterGenerator
-       libcore/luni/src/test/java/libcore/java/security/OldAlgorithmParameterGeneratorTest.java
-       libcore/luni/src/test/java/libcore/javax/crypto/spec/AlgorithmParameterGeneratorTestDH.java
-       libcore/luni/src/test/java/libcore/javax/crypto/spec/AlgorithmParameterGeneratorTestDSA.java
-     - java.security.AlgorithmParameters
-       libcore/luni/src/test/java/libcore/javax/crypto/spec/AlgorithmParametersTestDSA.java
-       libcore/luni/src/test/java/libcore/javax/crypto/spec/AlgorithmParametersTestAES.java
-       libcore/luni/src/test/java/libcore/javax/crypto/spec/AlgorithmParametersTestDH.java
-       libcore/luni/src/test/java/libcore/javax/crypto/spec/AlgorithmParametersTestDESede.java
-       libcore/luni/src/test/java/libcore/javax/crypto/spec/AlgorithmParametersTestDES.java
-       libcore/luni/src/test/java/libcore/javax/crypto/spec/AlgorithmParametersTestOAEP.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/AlgorithmParameterGenerator1Test.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/AlgorithmParameterGenerator2Test.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/AlgorithmParametersSpiTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/AlgorithmParametersTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/AlgorithmParametersTest.java
-     - java.security.cert.CertPathBuilder
-       libcore/luni/src/test/java/tests/targets/security/cert/CertPathBuilderTestPKIX.java
-     - java.security.cert.CertPathValidator
-       libcore/luni/src/test/java/tests/targets/security/cert/CertPathValidatorTestPKIX.java
-     - java.security.cert.CertStore
-       libcore/luni/src/test/java/tests/security/cert/CertStoreSpiTest.java
-       libcore/luni/src/test/java/tests/security/cert/CertStore2Test.java
-       libcore/luni/src/test/java/tests/security/cert/CertStore1Test.java
-       libcore/luni/src/test/java/tests/security/cert/CertStoreExceptionTest.java
-     - java.security.cert.Certificate
-       libcore/luni/src/test/java/libcore/java/security/cert/X509CertificateTest.java
-       libcore/luni/src/test/java/tests/api/javax/security/cert/X509CertificateTest.java
-       libcore/luni/src/test/java/tests/security/cert/CertificateCertificateRepTest.java
-       libcore/luni/src/test/java/tests/security/cert/CertificateTest.java
-       libcore/luni/src/test/java/tests/security/cert/X509Certificate2Test.java
-       libcore/luni/src/test/java/tests/targets/security/cert/CertificateTest.java
-     - java.security.cert.CertificateFactory
-       libcore/luni/src/test/java/libcore/java/security/cert/CertificateFactoryTest.java
-       libcore/luni/src/test/java/tests/security/cert/CertificateFactory1Test.java
-       libcore/luni/src/test/java/tests/security/cert/CertificateFactory2Test.java
-       libcore/luni/src/test/java/tests/security/cert/CertificateFactory3Test.java
-       libcore/luni/src/test/java/tests/security/cert/CertificateFactory4Test.java
-       libcore/luni/src/test/java/tests/targets/security/cert/CertificateFactoryTestX509.java
-     - java.security.cert.CertificateFactorySpi
-       libcore/luni/src/test/java/tests/security/cert/CertificateFactorySpiTest.java
-     - java.security.cert.CRL
-       libcore/luni/src/test/java/libcore/java/security/cert/X509CRLSelectorTest.java
-       libcore/luni/src/test/java/libcore/java/security/cert/X509CRLTest.java
-       libcore/luni/src/test/java/tests/security/cert/CRLTest.java
-       libcore/luni/src/test/java/tests/security/cert/X509CRL2Test.java
-       libcore/luni/src/test/java/tests/security/cert/X509CRLEntryTest.java
-       libcore/luni/src/test/java/tests/security/cert/X509CRLSelector2Test.java
-       libcore/luni/src/test/java/tests/security/cert/X509CRLSelectorTest.java
-       libcore/luni/src/test/java/tests/security/cert/X509CRLTest.java
-     - javax.security.cert.Certificate
-       libcore/luni/src/test/java/tests/api/javax/security/cert/CertificateTest.java
-     - java.security.CodeSigner
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/CodeSignerTest.java
-     - javax.crypto.Cipher
-       libcore/luni/src/test/java/libcore/javax/crypto/CipherTest.java
-       libcore/luni/src/test/java/org/apache/harmony/crypto/tests/javax/crypto/CipherTest.java
-       libcore/luni/src/test/java/org/apache/harmony/crypto/tests/javax/crypto/NullCipherTest.java
-     - java.security.DigestInputStream
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/DigestInputStream2Test.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/DigestInputStreamTest.java
-     - java.security.DigestOutputStream
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/DigestOutputStreamTest.java
-     - javax.crypto.spec.GCMParameterSpec
-       libcore/luni/src/test/java/org/apache/harmony/crypto/tests/javax/crypto/spec/GCMParameterSpecTest.java
-     - java.security.GuardedObject
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/GuardedObjectTest.java
-     - java.security.Identity
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/Identity2Test.java
-     - java.security.IdentityScope
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/IdentityScope2Test.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/IdentityScopeTest.java
-     - javax.crypto.Key
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyTest.java
-     - javax.crypto.KeyAgreement
-       libcore/luni/src/test/java/org/apache/harmony/crypto/tests/javax/crypto/KeyAgreementTest.java
-     - java.security.KeyFactory
-       libcore/luni/src/test/java/libcore/javax/crypto/spec/KeyFactoryTestDH.java
-       libcore/luni/src/test/java/libcore/javax/crypto/spec/KeyFactoryTestDSA.java
-       libcore/luni/src/test/java/libcore/javax/crypto/spec/KeyFactoryTestRSA.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyFactory2Test.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyFactoryTest.java
-     - java.security.KeyFactorySpi
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyFactorySpiTest.java
-     - javax.crypto.KeyGenerator
-       libcore/luni/src/test/java/libcore/javax/crypto/KeyGeneratorTest.java
-       libcore/luni/src/test/java/org/apache/harmony/crypto/tests/javax/crypto/KeyGeneratorTest.java
-     - javax.net.ssl.KeyManagerFactory
-       libcore/luni/src/test/java/libcore/javax/net/ssl/KeyManagerFactoryTest.java
-     - java.security.KeyPair
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyPairTest.java
-     - java.security.KeyPairGenerator
-       libcore/luni/src/test/java/libcore/java/security/KeyPairGeneratorTest.java
-       libcore/luni/src/test/java/libcore/java/security/OldKeyPairGeneratorTestDH.java
-       libcore/luni/src/test/java/libcore/javax/crypto/spec/KeyPairGeneratorTestDH.java
-       libcore/luni/src/test/java/libcore/javax/crypto/spec/KeyPairGeneratorTestDSA.java
-       libcore/luni/src/test/java/libcore/javax/crypto/spec/KeyPairGeneratorTestRSA.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyPairGenerator1Test.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyPairGenerator2Test.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyPairGenerator3Test.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyPairGenerator4Test.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyPairGeneratorSpiTest.java
-       libcore/luni/src/test/java/tests/security/interfaces/DSAKeyPairGeneratorTest.java
-     - java.security.KeyRep
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyRepTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyRepTypeTest.java
-     - java.security.KeyStore
-       libcore/luni/src/test/java/libcore/java/security/KeyStoreTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KSCallbackHandlerProtectionTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KSPasswordProtectionTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KSPrivateKeyEntryTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KSSecretKeyEntryTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KSTrustedCertificateEntryTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyStore2Test.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyStore3Test.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyStore4Test.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyStoreBuilderTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyStorePrivateKeyEntryTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyStoreTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyStoreTest.java
-     - java.security.KeyStoreSpi
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyStoreSpiTest.java
-     - javax.crypto.Mac
-       libcore/luni/src/test/java/org/apache/harmony/crypto/tests/javax/crypto/MacTest.java
-     - java.security.MessageDigest
-       libcore/luni/src/test/java/libcore/java/security/MessageDigestTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/MessageDigest1Test.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/MessageDigest2Test.java
-       libcore/luni/src/test/java/tests/targets/security/MessageDigestTestMD2.java
-       libcore/luni/src/test/java/tests/targets/security/MessageDigestTestMD5.java
-       libcore/luni/src/test/java/tests/targets/security/MessageDigestTestSHA1.java
-       libcore/luni/src/test/java/tests/targets/security/MessageDigestTestSHA256.java
-       libcore/luni/src/test/java/tests/targets/security/MessageDigestTestSHA384.java
-       libcore/luni/src/test/java/tests/targets/security/MessageDigestTestSHA512.java
-     - java.security.MessageDigestSpi
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/MessageDigestSpiTest.java
-     - java.security.PrivateKey
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/PrivateKeyTest.java
-     - java.security.PrivilegedAction
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/PrivilegedActionTest.java
-     - java.security.Provider
-       libcore/luni/src/test/java/libcore/java/security/ProviderTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/Provider2Test.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/ProviderServiceTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/ProviderTest.java
-     - java.security.PublicKey
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/PublicKeyTest.java
-     - java.security.Security
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/Security2Test.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/SecurityTest.java
-     - javax.net.ssl.SSLContext
-       libcore/luni/src/test/java/libcore/javax/net/ssl/SSLContextTest.java
-     - javax.crypto.SecretKeyFactory
-       libcore/luni/src/test/java/libcore/javax/crypto/SecretKeyFactoryTest.java
-       libcore/luni/src/test/java/org/apache/harmony/crypto/tests/javax/crypto/SecretKeyFactoryTest.java
-     - java.security.SecureRandom
-       libcore/luni/src/test/java/libcore/java/security/SecureRandomTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/SecureRandom2Test.java
-       libcore/luni/src/test/java/tests/java/security/SecureRandomTest.java
-       libcore/luni/src/test/java/tests/targets/security/SecureRandomTestSHA1PRNG.java
-     - java.security.SecureRandomSpi
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/SecureRandomSpiTest.java
-     - java.security.Signature
-       libcore/crypto/src/test/java/org/conscrypt/OpenSSLSignatureTest.java
-       libcore/luni/src/test/java/libcore/java/security/SignatureTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/Signature2Test.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/SignatureTest.java
-       libcore/luni/src/test/java/tests/targets/security/SignatureTestMD2withRSA.java
-     - java.security.SignatureSpi
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/SignatureSpiTest.java
-     - java.security.SignedObject
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/SignedObjectTest.java
-     - java.security.Signer
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/SignerTest.java
-     - java.security.Timestamp
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/TimestampTest.java
-     - java.security.cert.TrustAnchor
-       libcore/luni/src/test/java/tests/security/cert/TrustAnchorTest.java
-     - javax.net.ssl.TrustManagerFactory
-       libcore/luni/src/test/java/libcore/javax/net/ssl/TrustManagerFactoryTest.java
-     - java.net.URLConnection
-       libcore/luni/src/test/java/libcore/java/net/URLConnectionTest.java
-       libcore/luni/src/test/java/org/apache/harmony/luni/tests/java/net/URLConnectionTest.java
-     - javax.security.auth.x500.X500Principal
-       libcore/luni/src/test/java/libcore/javax/net/ssl/DistinguishedNameParserTest.java
-       libcore/luni/src/test/java/libcore/javax/security/auth/x500/X500PrincipalTest.java
-       libcore/luni/src/test/java/tests/api/javax/security/auth/X500PrincipalTest.java
-     - javax.net.ssl.SSLSocket and javax.net.ssl.SSLEngine (which touch on Cipher, MessageDigest, Signature)
-       libcore/luni/src/test/java/libcore/javax/net/ssl/
-     - Test Android additions to bouncycastle such as org.bouncycastle.crypto.digests.OpenSSLDigest and org.bouncycastle.jce.provider.CertBlacklist
-       libcore/luni/src/test/java/com/android/org/bouncycastle/
-     - Exception "tests"
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/DigestExceptionTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/GeneralSecurityExceptionTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/InvalidAlgorithmParameterExceptionTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/InvalidKeyExceptionTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/InvalidParameterExceptionTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyExceptionTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyManagementExceptionTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/KeyStoreExceptionTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/NoSuchAlgorithmExceptionTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/NoSuchProviderExceptionTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/ProviderExceptionTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/SignatureExceptionTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/UnrecoverableEntryExceptionTest.java
-       libcore/luni/src/test/java/org/apache/harmony/security/tests/java/security/UnrecoverableKeyExceptionTest.java
-       libcore/luni/src/test/java/tests/api/javax/security/cert/CertificateEncodingExceptionTest.java
-       libcore/luni/src/test/java/tests/api/javax/security/cert/CertificateExceptionTest.java
-       libcore/luni/src/test/java/tests/api/javax/security/cert/CertificateExpiredExceptionTest.java
-       libcore/luni/src/test/java/tests/api/javax/security/cert/CertificateNotYetValidExceptionTest.java
-       libcore/luni/src/test/java/tests/api/javax/security/cert/CertificateParsingExceptionTest.java
-       libcore/luni/src/test/java/tests/security/cert/CRLExceptionTest.java
-       libcore/luni/src/test/java/tests/security/cert/CertificateEncodingException2Test.java
-       libcore/luni/src/test/java/tests/security/cert/CertificateEncodingExceptionTest.java
-       libcore/luni/src/test/java/tests/security/cert/CertificateException2Test.java
-       libcore/luni/src/test/java/tests/security/cert/CertificateExceptionTest.java
-       libcore/luni/src/test/java/tests/security/cert/CertificateExpiredExceptionTest.java
-       libcore/luni/src/test/java/tests/security/cert/CertificateNotYetValidExceptionTest.java
-       libcore/luni/src/test/java/tests/security/cert/CertificateParsingExceptionTest.java
+  a) Create a new branch
 
+      repo start merge-xxx
 
-8) Do a full build before checking in:
+  b) Merge the changes in
 
-     m -j16
+      git fetch aosp upstream-master
+      git merge aosp/upstream-master
+
+  c) Resolve any conflicts.  Some common cases:
+
+     * If upstream changed a file that's deleted locally, we probably don't
+       need it
+     * If upstream added a file to a directory we deleted, we probably don't
+       need it
+
+  d) Confirm all changes
+
+      git diff aosp/master
+
+  e) Run the tests, commonly at least
+
+      cts -m CtsLibcoreTestCases
+      cts -m CtsLibcoreFileIOTestCases
+      cts -m CtsLibcoreJsr166TestCases
+      cts -m CtsLibcoreOjTestCases
+      cts -m CtsLibcoreOkHttpTestCases
+      cts -m CtsLibcoreWycheproofBCTestCases
+
+  e) Get the change reviewed
+
+      repo upload .

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/CertRuntimeException.java b/bcpkix/src/main/java/org/bouncycastle/cert/CertRuntimeException.java
deleted file mode 100644
index 5384148..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/CertRuntimeException.java
+++ /dev/null

@@ -1,19 +0,0 @@
-package org.bouncycastle.cert;
-
-public class CertRuntimeException
-    extends RuntimeException
-{
-    private Throwable cause;
-
-    public CertRuntimeException(String msg, Throwable cause)
-    {
-        super(msg);
-
-        this.cause = cause;
-    }
-
-    public Throwable getCause()
-    {
-        return cause;
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/X509ContentVerifierProviderBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/X509ContentVerifierProviderBuilder.java
deleted file mode 100644
index af3bd09..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/X509ContentVerifierProviderBuilder.java
+++ /dev/null

@@ -1,14 +0,0 @@
-package org.bouncycastle.cert;
-
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.operator.ContentVerifierProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-
-public interface X509ContentVerifierProviderBuilder
-{
-    ContentVerifierProvider build(SubjectPublicKeyInfo validatingKeyInfo)
-        throws OperatorCreationException;
-
-    ContentVerifierProvider build(X509CertificateHolder validatingKeyInfo)
-        throws OperatorCreationException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/X509ExtensionUtils.java b/bcpkix/src/main/java/org/bouncycastle/cert/X509ExtensionUtils.java
deleted file mode 100644
index fa8cb1e..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/X509ExtensionUtils.java
+++ /dev/null

@@ -1,154 +0,0 @@
-package org.bouncycastle.cert;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.GeneralNames;
-import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.operator.DigestCalculator;
-
-/**
- * General utility class for creating calculated extensions using the standard methods.
- * <p>
- * <b>Note:</b> This class is not thread safe!
- * </p>
- */
-public class X509ExtensionUtils
-{
-    private DigestCalculator calculator;
-
-    /**
-     * Base constructor - for conformance to RFC 5280 use a calculator based on SHA-1.
-     *
-     * @param calculator  a calculator for calculating subject key ids.
-     */
-    public X509ExtensionUtils(DigestCalculator calculator)
-    {
-        this.calculator = calculator;
-    }
-
-    /**
-     * Create an AuthorityKeyIdentifier from the passed in arguments.
-     *
-     * @param certHolder the issuer certificate that the AuthorityKeyIdentifier should refer to.
-     * @return an AuthorityKeyIdentifier.
-     */
-    public AuthorityKeyIdentifier createAuthorityKeyIdentifier(
-        X509CertificateHolder certHolder)
-    {
-        GeneralName             genName = new GeneralName(certHolder.getIssuer());
-
-        return new AuthorityKeyIdentifier(
-                getSubjectKeyIdentifier(certHolder), new GeneralNames(genName), certHolder.getSerialNumber());
-    }
-
-    /**
-     * Create an AuthorityKeyIdentifier from the passed in SubjectPublicKeyInfo.
-     *
-     * @param publicKeyInfo the SubjectPublicKeyInfo to base the key identifier on.
-     * @return an AuthorityKeyIdentifier.
-     */
-    public AuthorityKeyIdentifier createAuthorityKeyIdentifier(SubjectPublicKeyInfo publicKeyInfo)
-    {
-        return new AuthorityKeyIdentifier(calculateIdentifier(publicKeyInfo));
-    }
-
-    /**
-     * Create an AuthorityKeyIdentifier from the passed in arguments.
-     *
-     * @param publicKeyInfo the SubjectPublicKeyInfo to base the key identifier on.
-     * @param generalNames the general names to associate with the issuer cert's issuer.
-     * @param serial the serial number of the issuer cert.
-     * @return an AuthorityKeyIdentifier.
-     */
-    public AuthorityKeyIdentifier createAuthorityKeyIdentifier(SubjectPublicKeyInfo publicKeyInfo, GeneralNames generalNames, BigInteger serial)
-    {
-        return new AuthorityKeyIdentifier(calculateIdentifier(publicKeyInfo), generalNames, serial);
-    }
-
-    /**
-     * Return a RFC 5280 type 1 key identifier. As in:
-     * <pre>
-     * (1) The keyIdentifier is composed of the 160-bit SHA-1 hash of the
-     * value of the BIT STRING subjectPublicKey (excluding the tag,
-     * length, and number of unused bits).
-     * </pre>
-     * @param publicKeyInfo the key info object containing the subjectPublicKey field.
-     * @return the key identifier.
-     */
-    public SubjectKeyIdentifier createSubjectKeyIdentifier(
-        SubjectPublicKeyInfo publicKeyInfo)
-    {
-        return new SubjectKeyIdentifier(calculateIdentifier(publicKeyInfo));
-    }
-
-    /**
-     * Return a RFC 5280 type 2 key identifier. As in:
-     * <pre>
-     * (2) The keyIdentifier is composed of a four bit type field with
-     * the value 0100 followed by the least significant 60 bits of the
-     * SHA-1 hash of the value of the BIT STRING subjectPublicKey.
-     * </pre>
-     * @param publicKeyInfo the key info object containing the subjectPublicKey field.
-     * @return the key identifier.
-     */
-    public SubjectKeyIdentifier createTruncatedSubjectKeyIdentifier(SubjectPublicKeyInfo publicKeyInfo)
-    {
-        byte[] digest = calculateIdentifier(publicKeyInfo);
-        byte[] id = new byte[8];
-
-        System.arraycopy(digest, digest.length - 8, id, 0, id.length);
-
-        id[0] &= 0x0f;
-        id[0] |= 0x40;
-
-        return new SubjectKeyIdentifier(id);
-    }
-
-    private byte[] getSubjectKeyIdentifier(X509CertificateHolder certHolder)
-    {
-        if (certHolder.getVersionNumber() != 3)
-        {
-            return calculateIdentifier(certHolder.getSubjectPublicKeyInfo());
-        }
-        else
-        {
-            Extension ext = certHolder.getExtension(Extension.subjectKeyIdentifier);
-
-            if (ext != null)
-            {
-                return ASN1OctetString.getInstance(ext.getParsedValue()).getOctets();
-            }
-            else
-            {
-                return calculateIdentifier(certHolder.getSubjectPublicKeyInfo());
-            }
-        }
-    }
-
-    private byte[] calculateIdentifier(SubjectPublicKeyInfo publicKeyInfo)
-    {
-        byte[] bytes = publicKeyInfo.getPublicKeyData().getBytes();
-
-        OutputStream cOut = calculator.getOutputStream();
-
-        try
-        {
-            cOut.write(bytes);
-
-            cOut.close();
-        }
-        catch (IOException e)
-        {   // it's hard to imagine this happening, but yes it does!
-            throw new CertRuntimeException("unable to calculate identifier: " + e.getMessage(), e);
-        }
-
-        return calculator.getDigest();
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/X509v1CertificateBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/X509v1CertificateBuilder.java
deleted file mode 100644
index 3652ba9..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/X509v1CertificateBuilder.java
+++ /dev/null

@@ -1,101 +0,0 @@
-package org.bouncycastle.cert;
-
-import java.math.BigInteger;
-import java.util.Date;
-import java.util.Locale;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.ExtensionsGenerator;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x509.Time;
-import org.bouncycastle.asn1.x509.V1TBSCertificateGenerator;
-import org.bouncycastle.asn1.x509.V3TBSCertificateGenerator;
-import org.bouncycastle.operator.ContentSigner;
-
-
-/**
- * class to produce an X.509 Version 1 certificate.
- */
-public class X509v1CertificateBuilder
-{
-    private V1TBSCertificateGenerator   tbsGen;
-
-    /**
-     * Create a builder for a version 1 certificate.
-     *
-     * @param issuer the certificate issuer
-     * @param serial the certificate serial number
-     * @param notBefore the date before which the certificate is not valid
-     * @param notAfter the date after which the certificate is not valid
-     * @param subject the certificate subject
-     * @param publicKeyInfo the info structure for the public key to be associated with this certificate.
-     */
-    public X509v1CertificateBuilder(X500Name issuer, BigInteger serial, Date notBefore, Date notAfter, X500Name subject, SubjectPublicKeyInfo publicKeyInfo)
-    {
-        this(issuer, serial, new Time(notBefore), new Time(notAfter), subject, publicKeyInfo);
-    }
-
-   /**
-    * Create a builder for a version 1 certificate. You may need to use this constructor if the default locale
-    * doesn't use a Gregorian calender so that the Time produced is compatible with other ASN.1 implementations.
-    *
-    * @param issuer the certificate issuer
-    * @param serial the certificate serial number
-    * @param notBefore the date before which the certificate is not valid
-    * @param notAfter the date after which the certificate is not valid
-    * @param dateLocale locale to be used for date interpretation.
-    * @param subject the certificate subject
-    * @param publicKeyInfo the info structure for the public key to be associated with this certificate.
-    */
-   public X509v1CertificateBuilder(X500Name issuer, BigInteger serial, Date notBefore, Date notAfter, Locale dateLocale, X500Name subject, SubjectPublicKeyInfo publicKeyInfo)
-   {
-       this(issuer, serial, new Time(notBefore, dateLocale), new Time(notAfter, dateLocale), subject, publicKeyInfo);
-   }
-
-   /**
-    * Create a builder for a version 1 certificate.
-    *
-    * @param issuer the certificate issuer
-    * @param serial the certificate serial number
-    * @param notBefore the Time before which the certificate is not valid
-    * @param notAfter the Time after which the certificate is not valid
-    * @param subject the certificate subject
-    * @param publicKeyInfo the info structure for the public key to be associated with this certificate.
-    */
-   public X509v1CertificateBuilder(X500Name issuer, BigInteger serial, Time notBefore, Time notAfter, X500Name subject, SubjectPublicKeyInfo publicKeyInfo)
-   {
-       if (issuer == null)
-       {
-           throw new IllegalArgumentException("issuer must not be null");
-       }
-
-       if (publicKeyInfo == null)
-       {
-           throw new IllegalArgumentException("publicKeyInfo must not be null");
-       }
-
-       tbsGen = new V1TBSCertificateGenerator();
-       tbsGen.setSerialNumber(new ASN1Integer(serial));
-       tbsGen.setIssuer(issuer);
-       tbsGen.setStartDate(notBefore);
-       tbsGen.setEndDate(notAfter);
-       tbsGen.setSubject(subject);
-       tbsGen.setSubjectPublicKeyInfo(publicKeyInfo);
-   }
-
-    /**
-     * Generate an X509 certificate, based on the current issuer and subject
-     * using the passed in signer.
-     *
-     * @param signer the content signer to be used to generate the signature validating the certificate.
-     * @return a holder containing the resulting signed certificate.
-     */
-    public X509CertificateHolder build(
-        ContentSigner signer)
-    {
-        tbsGen.setSignature(signer.getAlgorithmIdentifier());
-
-        return CertUtils.generateFullCert(signer, tbsGen.generateTBSCertificate());
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/X509v2AttributeCertificateBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/X509v2AttributeCertificateBuilder.java
deleted file mode 100644
index b5c3f59..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/X509v2AttributeCertificateBuilder.java
+++ /dev/null

@@ -1,178 +0,0 @@
-package org.bouncycastle.cert;
-
-import java.math.BigInteger;
-import java.util.Date;
-import java.util.Locale;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.x509.AttCertIssuer;
-import org.bouncycastle.asn1.x509.Attribute;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.ExtensionsGenerator;
-import org.bouncycastle.asn1.x509.V2AttributeCertificateInfoGenerator;
-import org.bouncycastle.operator.ContentSigner;
-
-/**
- * class to produce an X.509 Version 2 AttributeCertificate.
- */
-public class X509v2AttributeCertificateBuilder
-{
-    private V2AttributeCertificateInfoGenerator   acInfoGen;
-    private ExtensionsGenerator extGenerator;
-
-    /**
-     * Base constructor.
-     *
-     * @param holder holder certificate details
-     * @param issuer issuer of this attribute certificate.
-     * @param serialNumber serial number of this attribute certificate.
-     * @param notBefore the date before which the certificate is not valid.
-     * @param notAfter the date after which the certificate is not valid.
-     */
-    public X509v2AttributeCertificateBuilder(AttributeCertificateHolder holder, AttributeCertificateIssuer  issuer, BigInteger serialNumber, Date notBefore, Date notAfter)
-    {
-        acInfoGen = new V2AttributeCertificateInfoGenerator();
-        extGenerator = new ExtensionsGenerator();
-
-        acInfoGen.setHolder(holder.holder);
-        acInfoGen.setIssuer(AttCertIssuer.getInstance(issuer.form));
-        acInfoGen.setSerialNumber(new ASN1Integer(serialNumber));
-        acInfoGen.setStartDate(new ASN1GeneralizedTime(notBefore));
-        acInfoGen.setEndDate(new ASN1GeneralizedTime(notAfter));
-    }
-
-    /**
-     * Base constructor with locale for interpreting dates. You may need to use this constructor if the default locale
-     * doesn't use a Gregorian calender so that the GeneralizedTime produced is compatible with other ASN.1 implementations.
-     *
-     * @param holder holder certificate details
-     * @param issuer issuer of this attribute certificate.
-     * @param serialNumber serial number of this attribute certificate.
-     * @param notBefore the date before which the certificate is not valid.
-     * @param notAfter the date after which the certificate is not valid.
-     * @param dateLocale locale to be used for date interpretation.
-     */
-    public X509v2AttributeCertificateBuilder(AttributeCertificateHolder holder, AttributeCertificateIssuer  issuer, BigInteger serialNumber, Date notBefore, Date notAfter, Locale dateLocale)
-    {
-        acInfoGen = new V2AttributeCertificateInfoGenerator();
-        extGenerator = new ExtensionsGenerator();
-
-        acInfoGen.setHolder(holder.holder);
-        acInfoGen.setIssuer(AttCertIssuer.getInstance(issuer.form));
-        acInfoGen.setSerialNumber(new ASN1Integer(serialNumber));
-        acInfoGen.setStartDate(new ASN1GeneralizedTime(notBefore, dateLocale));
-        acInfoGen.setEndDate(new ASN1GeneralizedTime(notAfter, dateLocale));
-    }
-
-    /**
-     * Add an attribute to the certification request we are building.
-     *
-     * @param attrType the OID giving the type of the attribute.
-     * @param attrValue the ASN.1 structure that forms the value of the attribute.
-     * @return this builder object.
-     */
-    public X509v2AttributeCertificateBuilder addAttribute(ASN1ObjectIdentifier attrType, ASN1Encodable attrValue)
-    {
-        acInfoGen.addAttribute(new Attribute(attrType, new DERSet(attrValue)));
-
-        return this;
-    }
-
-    /**
-     * Add an attribute with multiple values to the certification request we are building.
-     *
-     * @param attrType the OID giving the type of the attribute.
-     * @param attrValues an array of ASN.1 structures that form the value of the attribute.
-     * @return this builder object.
-     */
-    public X509v2AttributeCertificateBuilder addAttribute(ASN1ObjectIdentifier attrType, ASN1Encodable[] attrValues)
-    {
-        acInfoGen.addAttribute(new Attribute(attrType, new DERSet(attrValues)));
-
-        return this;
-    }
-
-    public void setIssuerUniqueId(
-        boolean[] iui)
-    {
-        acInfoGen.setIssuerUniqueID(CertUtils.booleanToBitString(iui));
-    }
-
-    /**
-     * Add a given extension field for the standard extensions tag made up of the passed in parameters.
-     *
-     * @param oid the OID defining the extension type.
-     * @param isCritical true if the extension is critical, false otherwise.
-     * @param value the ASN.1 structure that forms the extension's value.
-     * @return this builder object.
-     */
-    public X509v2AttributeCertificateBuilder addExtension(
-        ASN1ObjectIdentifier oid,
-        boolean isCritical,
-        ASN1Encodable value)
-        throws CertIOException
-    {
-        CertUtils.addExtension(extGenerator, oid, isCritical, value);
-
-        return this;
-    }
-
-    /**
-     * Add a given extension field for the standard extensions using a byte encoding of the
-     * extension value.
-     *
-     * @param oid the OID defining the extension type.
-     * @param isCritical true if the extension is critical, false otherwise.
-     * @param encodedValue a byte array representing the encoding of the extension value.
-     * @return this builder object.
-     */
-    public X509v2AttributeCertificateBuilder addExtension(
-        ASN1ObjectIdentifier oid,
-        boolean isCritical,
-        byte[] encodedValue)
-        throws CertIOException
-    {
-        extGenerator.addExtension(oid, isCritical, encodedValue);
-
-        return this;
-    }
-
-    /**
-     * Add a given extension field for the standard extensions.
-     *
-     * @param extension the full extension value.
-     * @return this builder object.
-     */
-    public X509v2AttributeCertificateBuilder addExtension(
-        Extension extension)
-        throws CertIOException
-    {
-        extGenerator.addExtension(extension);
-
-        return this;
-    }
-
-   /**
-     * Generate an X509 certificate, based on the current issuer and subject
-     * using the passed in signer.
-     *
-     * @param signer the content signer to be used to generate the signature validating the certificate.
-     * @return a holder containing the resulting signed certificate.
-     */
-    public X509AttributeCertificateHolder build(
-        ContentSigner signer)
-    {
-        acInfoGen.setSignature(signer.getAlgorithmIdentifier());
-
-        if (!extGenerator.isEmpty())
-        {
-            acInfoGen.setExtensions(extGenerator.generate());
-        }
-
-        return CertUtils.generateFullAttrCert(signer, acInfoGen.generateAttributeCertificateInfo());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/X509v2CRLBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/X509v2CRLBuilder.java
deleted file mode 100644
index 95a3d91..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/X509v2CRLBuilder.java
+++ /dev/null

@@ -1,265 +0,0 @@
-package org.bouncycastle.cert;
-
-import java.math.BigInteger;
-import java.util.Date;
-import java.util.Enumeration;
-import java.util.Locale;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.Extensions;
-import org.bouncycastle.asn1.x509.ExtensionsGenerator;
-import org.bouncycastle.asn1.x509.TBSCertList;
-import org.bouncycastle.asn1.x509.Time;
-import org.bouncycastle.asn1.x509.V2TBSCertListGenerator;
-import org.bouncycastle.operator.ContentSigner;
-
-/**
- * class to produce an X.509 Version 2 CRL.
- */
-public class X509v2CRLBuilder
-{
-    private V2TBSCertListGenerator      tbsGen;
-    private ExtensionsGenerator         extGenerator;
-
-    /**
-     * Basic constructor.
-     *
-     * @param issuer the issuer this CRL is associated with.
-     * @param thisUpdate  the date of this update.
-     */
-    public X509v2CRLBuilder(
-        X500Name issuer,
-        Date     thisUpdate)
-    {
-        tbsGen = new V2TBSCertListGenerator();
-        extGenerator = new ExtensionsGenerator();
-
-        tbsGen.setIssuer(issuer);
-        tbsGen.setThisUpdate(new Time(thisUpdate));
-    }
-
-    /**
-     * Basic constructor with Locale. You may need to use this constructor if the default locale
-     * doesn't use a Gregorian calender so that the Time produced is compatible with other ASN.1 implementations.
-     *
-     * @param issuer the issuer this CRL is associated with.
-     * @param thisUpdate  the date of this update.
-     * @param dateLocale locale to be used for date interpretation.
-     */
-    public X509v2CRLBuilder(
-        X500Name issuer,
-        Date     thisUpdate,
-        Locale   dateLocale)
-    {
-        tbsGen = new V2TBSCertListGenerator();
-        extGenerator = new ExtensionsGenerator();
-
-        tbsGen.setIssuer(issuer);
-        tbsGen.setThisUpdate(new Time(thisUpdate, dateLocale));
-    }
-
-    /**
-     * Basic constructor.
-     *
-     * @param issuer the issuer this CRL is associated with.
-     * @param thisUpdate  the Time of this update.
-     */
-    public X509v2CRLBuilder(
-        X500Name issuer,
-        Time     thisUpdate)
-    {
-        tbsGen = new V2TBSCertListGenerator();
-        extGenerator = new ExtensionsGenerator();
-
-        tbsGen.setIssuer(issuer);
-        tbsGen.setThisUpdate(thisUpdate);
-    }
-
-    /**
-     * Set the date by which the next CRL will become available.
-     *
-     * @param date  date of next CRL update.
-     * @return the current builder.
-     */
-    public X509v2CRLBuilder setNextUpdate(
-        Date    date)
-    {
-        return this.setNextUpdate(new Time(date));
-    }
-
-    /**
-     * Set the date by which the next CRL will become available.
-     *
-     * @param date  date of next CRL update.
-     * @param dateLocale locale to be used for date interpretation.
-     * @return the current builder.
-     */
-    public X509v2CRLBuilder setNextUpdate(
-        Date    date,
-        Locale  dateLocale)
-    {
-        return this.setNextUpdate(new Time(date, dateLocale));
-    }
-
-    /**
-     * Set the date by which the next CRL will become available.
-     *
-     * @param date  date of next CRL update.
-     * @return the current builder.
-     */
-    public X509v2CRLBuilder setNextUpdate(
-        Time    date)
-    {
-        tbsGen.setNextUpdate(date);
-
-        return this;
-    }
-
-    /**
-     * Add a CRL entry with the just reasonCode extension.
-     *
-     * @param userCertificateSerial serial number of revoked certificate.
-     * @param revocationDate date of certificate revocation.
-     * @param reason the reason code, as indicated in CRLReason, i.e CRLReason.keyCompromise, or 0 if not to be used.
-     * @return the current builder.
-     */
-    public X509v2CRLBuilder addCRLEntry(BigInteger userCertificateSerial, Date revocationDate, int reason)
-    {
-        tbsGen.addCRLEntry(new ASN1Integer(userCertificateSerial), new Time(revocationDate), reason);
-
-        return this;
-    }
-
-    /**
-     * Add a CRL entry with an invalidityDate extension as well as a reasonCode extension. This is used
-     * where the date of revocation might be after issues with the certificate may have occurred.
-     *
-     * @param userCertificateSerial serial number of revoked certificate.
-     * @param revocationDate date of certificate revocation.
-     * @param reason the reason code, as indicated in CRLReason, i.e CRLReason.keyCompromise, or 0 if not to be used.
-     * @param invalidityDate the date on which the private key for the certificate became compromised or the certificate otherwise became invalid.
-     * @return the current builder.
-     */
-    public X509v2CRLBuilder addCRLEntry(BigInteger userCertificateSerial, Date revocationDate, int reason, Date invalidityDate)
-    {
-        tbsGen.addCRLEntry(new ASN1Integer(userCertificateSerial), new Time(revocationDate), reason, new ASN1GeneralizedTime(invalidityDate));
-
-        return this;
-    }
-
-    /**
-     * Add a CRL entry with extensions.
-     *
-     * @param userCertificateSerial serial number of revoked certificate.
-     * @param revocationDate date of certificate revocation.
-     * @param extensions extension set to be associated with this CRLEntry.
-     * @return the current builder.
-     */
-    public X509v2CRLBuilder addCRLEntry(BigInteger userCertificateSerial, Date revocationDate, Extensions extensions)
-    {
-        tbsGen.addCRLEntry(new ASN1Integer(userCertificateSerial), new Time(revocationDate), extensions);
-
-        return this;
-    }
-
-    /**
-     * Add the CRLEntry objects contained in a previous CRL.
-     * 
-     * @param other the X509CRLHolder to source the other entries from.
-     * @return the current builder.
-     */
-    public X509v2CRLBuilder addCRL(X509CRLHolder other)
-    {
-        TBSCertList revocations = other.toASN1Structure().getTBSCertList();
-
-        if (revocations != null)
-        {
-            for (Enumeration en = revocations.getRevokedCertificateEnumeration(); en.hasMoreElements();)
-            {
-                tbsGen.addCRLEntry(ASN1Sequence.getInstance(((ASN1Encodable)en.nextElement()).toASN1Primitive()));
-            }
-        }
-
-        return this;
-    }
-
-    /**
-     * Add a given extension field for the standard extensions tag (tag 3)
-     *
-     * @param oid the OID defining the extension type.
-     * @param isCritical true if the extension is critical, false otherwise.
-     * @param value the ASN.1 structure that forms the extension's value.
-     * @return this builder object.
-     */
-    public X509v2CRLBuilder addExtension(
-        ASN1ObjectIdentifier oid,
-        boolean isCritical,
-        ASN1Encodable value)
-        throws CertIOException
-    {
-        CertUtils.addExtension(extGenerator, oid, isCritical, value);
-
-        return this;
-    }
-
-    /**
-     * Add a given extension field for the standard extensions tag (tag 3) using a byte encoding of the
-     * extension value.
-     *
-     * @param oid the OID defining the extension type.
-     * @param isCritical true if the extension is critical, false otherwise.
-     * @param encodedValue a byte array representing the encoding of the extension value.
-     * @return this builder object.
-     */
-    public X509v2CRLBuilder addExtension(
-        ASN1ObjectIdentifier oid,
-        boolean isCritical,
-        byte[] encodedValue)
-        throws CertIOException
-    {
-        extGenerator.addExtension(oid, isCritical, encodedValue);
-
-        return this;
-    }
-
-    /**
-     * Add a given extension field for the standard extensions tag (tag 3).
-     *
-     * @param extension the full extension value.
-     * @return this builder object.
-     */
-    public X509v2CRLBuilder addExtension(
-        Extension extension)
-        throws CertIOException
-    {
-        extGenerator.addExtension(extension);
-
-        return this;
-    }
-
-    /**
-     * Generate an X.509 CRL, based on the current issuer and subject
-     * using the passed in signer.
-     *
-     * @param signer the content signer to be used to generate the signature validating the certificate.
-     * @return a holder containing the resulting signed certificate.
-     */
-    public X509CRLHolder build(
-        ContentSigner signer)
-    {
-        tbsGen.setSignature(signer.getAlgorithmIdentifier());
-
-        if (!extGenerator.isEmpty())
-        {
-            tbsGen.setExtensions(extGenerator.generate());
-        }
-
-        return CertUtils.generateFullCRL(signer, tbsGen.generateTBSCertList());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/bc/BcX509ExtensionUtils.java b/bcpkix/src/main/java/org/bouncycastle/cert/bc/BcX509ExtensionUtils.java
deleted file mode 100644
index c5a0953..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/bc/BcX509ExtensionUtils.java
+++ /dev/null

@@ -1,91 +0,0 @@
-package org.bouncycastle.cert.bc;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
-import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
-import org.bouncycastle.cert.X509ExtensionUtils;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.util.SubjectPublicKeyInfoFactory;
-import org.bouncycastle.operator.DigestCalculator;
-
-public class BcX509ExtensionUtils
-    extends X509ExtensionUtils
-{
-    /**
-     * Create a utility class pre-configured with a SHA-1 digest calculator based on the
-     * BC implementation.
-     */
-    public BcX509ExtensionUtils()
-    {
-        super(new SHA1DigestCalculator());
-    }
-
-    public BcX509ExtensionUtils(DigestCalculator calculator)
-    {
-        super(calculator);
-    }
-
-    public AuthorityKeyIdentifier createAuthorityKeyIdentifier(
-        AsymmetricKeyParameter publicKey)
-        throws IOException
-    {
-        return super.createAuthorityKeyIdentifier(SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(publicKey));
-    }
-
-    /**
-     * Return a RFC 3280 type 1 key identifier. As in:
-     * <pre>
-     * (1) The keyIdentifier is composed of the 160-bit SHA-1 hash of the
-     * value of the BIT STRING subjectPublicKey (excluding the tag,
-     * length, and number of unused bits).
-     * </pre>
-     * @param publicKey the key object containing the key identifier is to be based on.
-     * @return the key identifier.
-     */
-    public SubjectKeyIdentifier createSubjectKeyIdentifier(
-        AsymmetricKeyParameter publicKey)
-        throws IOException
-    {
-        return super.createSubjectKeyIdentifier(SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(publicKey));
-    }
-
-    private static class SHA1DigestCalculator
-        implements DigestCalculator
-    {
-        private ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        public AlgorithmIdentifier getAlgorithmIdentifier()
-        {
-            return new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1);
-        }
-
-        public OutputStream getOutputStream()
-        {
-            return bOut;
-        }
-
-        public byte[] getDigest()
-        {
-            byte[] bytes = bOut.toByteArray();
-
-            bOut.reset();
-
-            Digest sha1 = new SHA1Digest();
-
-            sha1.update(bytes, 0, bytes.length);
-
-            byte[] digest = new byte[sha1.getDigestSize()];
-
-            sha1.doFinal(digest, 0);
-
-            return digest;
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/bc/BcX509v1CertificateBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/bc/BcX509v1CertificateBuilder.java
deleted file mode 100644
index 5120030..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/bc/BcX509v1CertificateBuilder.java
+++ /dev/null

@@ -1,33 +0,0 @@
-package org.bouncycastle.cert.bc;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.util.Date;
-
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.cert.X509v1CertificateBuilder;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.util.SubjectPublicKeyInfoFactory;
-
-/**
- * JCA helper class to allow BC lightweight objects to be used in the construction of a Version 1 certificate.
- */
-public class BcX509v1CertificateBuilder
-    extends X509v1CertificateBuilder
-{
-    /**
-     * Initialise the builder using an AsymmetricKeyParameter.
-     *
-     * @param issuer X500Name representing the issuer of this certificate.
-     * @param serial the serial number for the certificate.
-     * @param notBefore date before which the certificate is not valid.
-     * @param notAfter date after which the certificate is not valid.
-     * @param subject X500Name representing the subject of this certificate.
-     * @param publicKey the public key to be associated with the certificate.
-     */
-    public BcX509v1CertificateBuilder(X500Name issuer, BigInteger serial, Date notBefore, Date notAfter, X500Name subject, AsymmetricKeyParameter publicKey)
-        throws IOException
-    {
-        super(issuer, serial, notBefore, notAfter, subject, SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(publicKey));
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/bc/BcX509v3CertificateBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/bc/BcX509v3CertificateBuilder.java
deleted file mode 100644
index e85fce1..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/bc/BcX509v3CertificateBuilder.java
+++ /dev/null

@@ -1,51 +0,0 @@
-package org.bouncycastle.cert.bc;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.util.Date;
-
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.X509v3CertificateBuilder;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.util.SubjectPublicKeyInfoFactory;
-
-/**
- * JCA helper class to allow BC lightweight objects to be used in the construction of a Version 3 certificate.
- */
-public class BcX509v3CertificateBuilder
-    extends X509v3CertificateBuilder
-{
-    /**
-     * Initialise the builder using a PublicKey.
-     *
-     * @param issuer X500Name representing the issuer of this certificate.
-     * @param serial the serial number for the certificate.
-     * @param notBefore date before which the certificate is not valid.
-     * @param notAfter date after which the certificate is not valid.
-     * @param subject X500Name representing the subject of this certificate.
-     * @param publicKey the public key to be associated with the certificate.
-     */
-    public BcX509v3CertificateBuilder(X500Name issuer, BigInteger serial, Date notBefore, Date notAfter, X500Name subject, AsymmetricKeyParameter publicKey)
-        throws IOException
-    {
-        super(issuer, serial, notBefore, notAfter, subject, SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(publicKey));
-    }
-
-    /**
-     * Initialise the builder using the subject from the passed in issuerCert as the issuer, as well as
-     * passing through and converting the other objects provided.
-     *
-     * @param issuerCert holder for certificate who's subject is the issuer of the certificate we are building.
-     * @param serial the serial number for the certificate.
-     * @param notBefore date before which the certificate is not valid.
-     * @param notAfter date after which the certificate is not valid.
-     * @param subject principal representing the subject of this certificate.
-     * @param publicKey the public key to be associated with the certificate.
-     */
-    public BcX509v3CertificateBuilder(X509CertificateHolder issuerCert, BigInteger serial, Date notBefore, Date notAfter, X500Name subject, AsymmetricKeyParameter publicKey)
-        throws IOException
-    {
-        super(issuerCert.getSubject(), serial, notBefore, notAfter, subject, SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(publicKey));
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/cmp/CMPException.java b/bcpkix/src/main/java/org/bouncycastle/cert/cmp/CMPException.java
deleted file mode 100644
index 2a1cc86..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/cmp/CMPException.java
+++ /dev/null

@@ -1,24 +0,0 @@
-package org.bouncycastle.cert.cmp;
-
-public class CMPException
-    extends Exception
-{
-    private Throwable cause;
-
-    public CMPException(String msg, Throwable cause)
-    {
-        super(msg);
-
-        this.cause = cause;
-    }
-
-    public CMPException(String msg)
-    {
-        super(msg);
-    }
-
-    public Throwable getCause()
-    {
-        return cause;
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/cmp/CMPRuntimeException.java b/bcpkix/src/main/java/org/bouncycastle/cert/cmp/CMPRuntimeException.java
deleted file mode 100644
index 35b2d3f..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/cmp/CMPRuntimeException.java
+++ /dev/null

@@ -1,19 +0,0 @@
-package org.bouncycastle.cert.cmp;
-
-public class CMPRuntimeException
-    extends RuntimeException
-{
-    private Throwable cause;
-
-    public CMPRuntimeException(String msg, Throwable cause)
-    {
-        super(msg);
-
-        this.cause = cause;
-    }
-
-    public Throwable getCause()
-    {
-        return cause;
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/cmp/CMPUtil.java b/bcpkix/src/main/java/org/bouncycastle/cert/cmp/CMPUtil.java
deleted file mode 100644
index cc2ef04..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/cmp/CMPUtil.java
+++ /dev/null

@@ -1,26 +0,0 @@
-package org.bouncycastle.cert.cmp;
-
-import java.io.IOException;
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.DEROutputStream;
-
-class CMPUtil
-{
-    static void derEncodeToStream(ASN1Encodable obj, OutputStream stream)
-    {
-        DEROutputStream dOut = new DEROutputStream(stream);
-
-        try
-        {
-            dOut.writeObject(obj);
-
-            dOut.close();
-        }
-        catch (IOException e)
-        {
-            throw new CMPRuntimeException("unable to DER encode object: " + e.getMessage(), e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/cmp/CertificateConfirmationContent.java b/bcpkix/src/main/java/org/bouncycastle/cert/cmp/CertificateConfirmationContent.java
deleted file mode 100644
index d1a2e64..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/cmp/CertificateConfirmationContent.java
+++ /dev/null

@@ -1,41 +0,0 @@
-package org.bouncycastle.cert.cmp;
-
-import org.bouncycastle.asn1.cmp.CertConfirmContent;
-import org.bouncycastle.asn1.cmp.CertStatus;
-import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
-import org.bouncycastle.operator.DigestAlgorithmIdentifierFinder;
-
-public class CertificateConfirmationContent
-{
-    private DigestAlgorithmIdentifierFinder digestAlgFinder;
-    private CertConfirmContent content;
-
-    public CertificateConfirmationContent(CertConfirmContent content)
-    {
-        this(content, new DefaultDigestAlgorithmIdentifierFinder());
-    }
-
-    public CertificateConfirmationContent(CertConfirmContent content, DigestAlgorithmIdentifierFinder digestAlgFinder)
-    {
-        this.digestAlgFinder = digestAlgFinder;
-        this.content = content;
-    }
-
-    public CertConfirmContent toASN1Structure()
-    {
-        return content;
-    }
-
-    public CertificateStatus[] getStatusMessages()
-    {
-        CertStatus[] statusArray = content.toCertStatusArray();
-        CertificateStatus[] ret = new CertificateStatus[statusArray.length];
-
-        for (int i = 0; i != ret.length; i++)
-        {
-            ret[i] = new CertificateStatus(digestAlgFinder, statusArray[i]);
-        }
-
-        return ret;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/cmp/CertificateConfirmationContentBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/cmp/CertificateConfirmationContentBuilder.java
deleted file mode 100644
index 578ae14..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/cmp/CertificateConfirmationContentBuilder.java
+++ /dev/null

@@ -1,78 +0,0 @@
-package org.bouncycastle.cert.cmp;
-
-import java.math.BigInteger;
-import java.util.ArrayList;
-import java.util.List;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cmp.CertConfirmContent;
-import org.bouncycastle.asn1.cmp.CertStatus;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
-import org.bouncycastle.operator.DigestAlgorithmIdentifierFinder;
-import org.bouncycastle.operator.DigestCalculator;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-
-public class CertificateConfirmationContentBuilder
-{
-    private DigestAlgorithmIdentifierFinder digestAlgFinder;
-    private List acceptedCerts = new ArrayList();
-    private List acceptedReqIds = new ArrayList();
-
-    public CertificateConfirmationContentBuilder()
-    {
-        this(new DefaultDigestAlgorithmIdentifierFinder());
-    }
-
-    public CertificateConfirmationContentBuilder(DigestAlgorithmIdentifierFinder digestAlgFinder)
-    {
-        this.digestAlgFinder = digestAlgFinder;
-    }
-    
-    public CertificateConfirmationContentBuilder addAcceptedCertificate(X509CertificateHolder certHolder, BigInteger certReqID)
-    {
-        acceptedCerts.add(certHolder);
-        acceptedReqIds.add(certReqID);
-
-        return this;
-    }
-
-    public CertificateConfirmationContent build(DigestCalculatorProvider digesterProvider)
-        throws CMPException
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        for (int i = 0; i != acceptedCerts.size(); i++)
-        {
-            X509CertificateHolder certHolder = (X509CertificateHolder)acceptedCerts.get(i);
-            BigInteger reqID = (BigInteger)acceptedReqIds.get(i);
-
-            AlgorithmIdentifier digAlg = digestAlgFinder.find(certHolder.toASN1Structure().getSignatureAlgorithm());
-            if (digAlg == null)
-            {
-                throw new CMPException("cannot find algorithm for digest from signature");
-            }
-
-            DigestCalculator digester;
-
-            try
-            {
-                digester = digesterProvider.get(digAlg);
-            }
-            catch (OperatorCreationException e)
-            {
-                throw new CMPException("unable to create digest: " + e.getMessage(), e);
-            }
-
-            CMPUtil.derEncodeToStream(certHolder.toASN1Structure(), digester.getOutputStream());
-
-            v.add(new CertStatus(digester.getDigest(), reqID));
-        }
-
-        return new CertificateConfirmationContent(CertConfirmContent.getInstance(new DERSequence(v)), digestAlgFinder);
-    }
-
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/cmp/CertificateStatus.java b/bcpkix/src/main/java/org/bouncycastle/cert/cmp/CertificateStatus.java
deleted file mode 100644
index 50df835..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/cmp/CertificateStatus.java
+++ /dev/null

@@ -1,60 +0,0 @@
-package org.bouncycastle.cert.cmp;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.cmp.CertStatus;
-import org.bouncycastle.asn1.cmp.PKIStatusInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.operator.DigestAlgorithmIdentifierFinder;
-import org.bouncycastle.operator.DigestCalculator;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.util.Arrays;
-
-public class CertificateStatus
-{
-    private DigestAlgorithmIdentifierFinder digestAlgFinder;    
-    private CertStatus certStatus;
-
-    CertificateStatus(DigestAlgorithmIdentifierFinder digestAlgFinder, CertStatus certStatus)
-    {
-        this.digestAlgFinder = digestAlgFinder;
-        this.certStatus = certStatus;
-    }
-
-    public PKIStatusInfo getStatusInfo()
-    {
-        return certStatus.getStatusInfo();
-    }
-
-    public BigInteger getCertRequestID()
-    {
-        return certStatus.getCertReqId().getValue();
-    }
-
-    public boolean isVerified(X509CertificateHolder certHolder, DigestCalculatorProvider digesterProvider)
-        throws CMPException
-    {
-        AlgorithmIdentifier digAlg = digestAlgFinder.find(certHolder.toASN1Structure().getSignatureAlgorithm());
-        if (digAlg == null)
-        {
-            throw new CMPException("cannot find algorithm for digest from signature");
-        }
-
-        DigestCalculator digester;
-
-        try
-        {
-            digester = digesterProvider.get(digAlg);
-        }
-        catch (OperatorCreationException e)
-        {
-            throw new CMPException("unable to create digester: " + e.getMessage(), e);
-        }
-
-        CMPUtil.derEncodeToStream(certHolder.toASN1Structure(), digester.getOutputStream());
-
-        return Arrays.areEqual(certStatus.getCertHash().getOctets(), digester.getDigest());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/cmp/GeneralPKIMessage.java b/bcpkix/src/main/java/org/bouncycastle/cert/cmp/GeneralPKIMessage.java
deleted file mode 100644
index a928623..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/cmp/GeneralPKIMessage.java
+++ /dev/null

@@ -1,82 +0,0 @@
-package org.bouncycastle.cert.cmp;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.cmp.PKIBody;
-import org.bouncycastle.asn1.cmp.PKIHeader;
-import org.bouncycastle.asn1.cmp.PKIMessage;
-import org.bouncycastle.cert.CertIOException;
-
-/**
- * General wrapper for a generic PKIMessage
- */
-public class GeneralPKIMessage
-{
-    private final PKIMessage pkiMessage;
-
-    private static PKIMessage parseBytes(byte[] encoding)
-        throws IOException
-    {
-        try
-        {
-            return PKIMessage.getInstance(ASN1Primitive.fromByteArray(encoding));
-        }
-        catch (ClassCastException e)
-        {
-            throw new CertIOException("malformed data: " + e.getMessage(), e);
-        }
-        catch (IllegalArgumentException e)
-        {
-            throw new CertIOException("malformed data: " + e.getMessage(), e);
-        }
-    }
-
-    /**
-     * Create a PKIMessage from the passed in bytes.
-     *
-     * @param encoding BER/DER encoding of the PKIMessage
-     * @throws IOException in the event of corrupted data, or an incorrect structure.
-     */
-    public GeneralPKIMessage(byte[] encoding)
-        throws IOException
-    {
-        this(parseBytes(encoding));
-    }
-
-    /**
-     * Wrap a PKIMessage ASN.1 structure.
-     *
-     * @param pkiMessage base PKI message.
-     */
-    public GeneralPKIMessage(PKIMessage pkiMessage)
-    {
-        this.pkiMessage = pkiMessage;
-    }
-
-    public PKIHeader getHeader()
-    {
-        return pkiMessage.getHeader();
-    }
-
-    public PKIBody getBody()
-    {
-        return pkiMessage.getBody();
-    }
-
-    /**
-     * Return true if this message has protection bits on it. A return value of true
-     * indicates the message can be used to construct a ProtectedPKIMessage.
-     *
-     * @return true if message has protection, false otherwise.
-     */
-    public boolean hasProtection()
-    {
-        return pkiMessage.getHeader().getProtectionAlg() != null;
-    }
-
-    public PKIMessage toASN1Structure()
-    {
-        return pkiMessage;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/cmp/ProtectedPKIMessage.java b/bcpkix/src/main/java/org/bouncycastle/cert/cmp/ProtectedPKIMessage.java
deleted file mode 100644
index 2749d90..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/cmp/ProtectedPKIMessage.java
+++ /dev/null

@@ -1,198 +0,0 @@
-package org.bouncycastle.cert.cmp;
-
-import java.io.IOException;
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cmp.CMPCertificate;
-import org.bouncycastle.asn1.cmp.CMPObjectIdentifiers;
-import org.bouncycastle.asn1.cmp.PBMParameter;
-import org.bouncycastle.asn1.cmp.PKIBody;
-import org.bouncycastle.asn1.cmp.PKIHeader;
-import org.bouncycastle.asn1.cmp.PKIMessage;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.crmf.PKMACBuilder;
-import org.bouncycastle.operator.ContentVerifier;
-import org.bouncycastle.operator.ContentVerifierProvider;
-import org.bouncycastle.operator.MacCalculator;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Wrapper for a PKIMessage with protection attached to it.
- */
-public class ProtectedPKIMessage
-{
-    private PKIMessage pkiMessage;
-
-    /**
-     * Base constructor.
-     *
-     * @param pkiMessage a GeneralPKIMessage with
-     */
-    public ProtectedPKIMessage(GeneralPKIMessage pkiMessage)
-    {
-        if (!pkiMessage.hasProtection())
-        {
-            throw new IllegalArgumentException("PKIMessage not protected");
-        }
-        
-        this.pkiMessage = pkiMessage.toASN1Structure();
-    }
-
-    ProtectedPKIMessage(PKIMessage pkiMessage)
-    {
-        if (pkiMessage.getHeader().getProtectionAlg() == null)
-        {
-            throw new IllegalArgumentException("PKIMessage not protected");
-        }
-
-        this.pkiMessage = pkiMessage;
-    }
-
-    /**
-     * Return the message header.
-     *
-     * @return the message's PKIHeader structure.
-     */
-    public PKIHeader getHeader()
-    {
-        return pkiMessage.getHeader();
-    }
-
-    /**
-     * Return the message body.
-     *
-     * @return the message's PKIBody structure.
-     */
-    public PKIBody getBody()
-    {
-        return pkiMessage.getBody();
-    }
-
-    /**
-     * Return the underlying ASN.1 structure contained in this object.
-     *
-     * @return a PKIMessage structure.
-     */
-    public PKIMessage toASN1Structure()
-    {
-        return pkiMessage;
-    }
-
-    /**
-     * Determine whether the message is protected by a password based MAC. Use verify(PKMACBuilder, char[])
-     * to verify the message if this method returns true.
-     *
-     * @return true if protection MAC PBE based, false otherwise.
-     */
-    public boolean hasPasswordBasedMacProtection()
-    {
-        return pkiMessage.getHeader().getProtectionAlg().getAlgorithm().equals(CMPObjectIdentifiers.passwordBasedMac);
-    }
-
-    /**
-     * Return the extra certificates associated with this message.
-     *
-     * @return an array of extra certificates, zero length if none present.
-     */
-    public X509CertificateHolder[] getCertificates()
-    {
-        CMPCertificate[] certs = pkiMessage.getExtraCerts();
-
-        if (certs == null)
-        {
-            return new X509CertificateHolder[0];
-        }
-
-        X509CertificateHolder[] res = new X509CertificateHolder[certs.length];
-        for (int i = 0; i != certs.length; i++)
-        {
-            res[i] = new X509CertificateHolder(certs[i].getX509v3PKCert());
-        }
-
-        return res;
-    }
-
-    /**
-     * Verify a message with a public key based signature attached.
-     *
-     * @param verifierProvider a provider of signature verifiers.
-     * @return true if the provider is able to create a verifier that validates
-     * the signature, false otherwise.
-     * @throws CMPException if an exception is thrown trying to verify the signature.
-     */
-    public boolean verify(ContentVerifierProvider verifierProvider)
-        throws CMPException
-    {
-        ContentVerifier verifier;
-        try
-        {
-            verifier = verifierProvider.get(pkiMessage.getHeader().getProtectionAlg());
-
-            return verifySignature(pkiMessage.getProtection().getBytes(), verifier);
-        }
-        catch (Exception e)
-        {
-            throw new CMPException("unable to verify signature: " + e.getMessage(), e);
-        }
-    }
-
-    /**
-     * Verify a message with password based MAC protection.
-     *
-     * @param pkMacBuilder MAC builder that can be used to construct the appropriate MacCalculator
-     * @param password the MAC password
-     * @return true if the passed in password and MAC builder verify the message, false otherwise.
-     * @throws CMPException if algorithm not MAC based, or an exception is thrown verifying the MAC.
-     */
-    public boolean verify(PKMACBuilder pkMacBuilder, char[] password)
-        throws CMPException
-    {
-        if (!CMPObjectIdentifiers.passwordBasedMac.equals(pkiMessage.getHeader().getProtectionAlg().getAlgorithm()))
-        {
-            throw new CMPException("protection algorithm not mac based");
-        }
-
-        try
-        {
-            pkMacBuilder.setParameters(PBMParameter.getInstance(pkiMessage.getHeader().getProtectionAlg().getParameters()));
-            MacCalculator calculator = pkMacBuilder.build(password);
-
-            OutputStream macOut = calculator.getOutputStream();
-
-            ASN1EncodableVector v = new ASN1EncodableVector();
-
-            v.add(pkiMessage.getHeader());
-            v.add(pkiMessage.getBody());
-
-            macOut.write(new DERSequence(v).getEncoded(ASN1Encoding.DER));
-
-            macOut.close();
-
-            return Arrays.areEqual(calculator.getMac(), pkiMessage.getProtection().getBytes());
-        }
-        catch (Exception e)
-        {
-            throw new CMPException("unable to verify MAC: " + e.getMessage(), e);
-        }
-    }
-
-    private boolean verifySignature(byte[] signature, ContentVerifier verifier)
-        throws IOException
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(pkiMessage.getHeader());
-        v.add(pkiMessage.getBody());
-
-        OutputStream sOut = verifier.getOutputStream();
-
-        sOut.write(new DERSequence(v).getEncoded(ASN1Encoding.DER));
-
-        sOut.close();
-
-        return verifier.verify(signature);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/cmp/ProtectedPKIMessageBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/cmp/ProtectedPKIMessageBuilder.java
deleted file mode 100644
index 2919156..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/cmp/ProtectedPKIMessageBuilder.java
+++ /dev/null

@@ -1,306 +0,0 @@
-package org.bouncycastle.cert.cmp;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.util.ArrayList;
-import java.util.Date;
-import java.util.List;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cmp.CMPCertificate;
-import org.bouncycastle.asn1.cmp.InfoTypeAndValue;
-import org.bouncycastle.asn1.cmp.PKIBody;
-import org.bouncycastle.asn1.cmp.PKIFreeText;
-import org.bouncycastle.asn1.cmp.PKIHeader;
-import org.bouncycastle.asn1.cmp.PKIHeaderBuilder;
-import org.bouncycastle.asn1.cmp.PKIMessage;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.operator.ContentSigner;
-import org.bouncycastle.operator.MacCalculator;
-
-/**
- * Builder for creating a protected PKI message.
- */
-public class ProtectedPKIMessageBuilder
-{
-    private PKIHeaderBuilder hdrBuilder;
-    private PKIBody body;
-    private List generalInfos = new ArrayList();
-    private List extraCerts = new ArrayList();
-
-    /**
-     * Commence a message with the header version CMP_2000.
-     *
-     * @param sender message sender.
-     * @param recipient intended recipient.
-     */
-    public ProtectedPKIMessageBuilder(GeneralName sender, GeneralName recipient)
-    {
-        this(PKIHeader.CMP_2000, sender, recipient);
-    }
-
-    /**
-     * Commence a message with a specific header type.
-     *
-     * @param pvno  the version CMP_1999 or CMP_2000.
-     * @param sender message sender.
-     * @param recipient intended recipient.
-     */
-    public ProtectedPKIMessageBuilder(int pvno, GeneralName sender, GeneralName recipient)
-    {
-        hdrBuilder = new PKIHeaderBuilder(pvno, sender, recipient);
-    }
-
-    /**
-     * Set the identifier for the transaction the new message will belong to.
-     *
-     * @param tid  the transaction ID.
-     * @return the current builder instance.
-     */
-    public ProtectedPKIMessageBuilder setTransactionID(byte[] tid)
-    {
-        hdrBuilder.setTransactionID(tid);
-
-        return this;
-    }
-
-    /**
-     * Include a human-readable message in the new message.
-     *
-     * @param freeText the contents of the human readable message,
-     * @return the current builder instance.
-     */
-    public ProtectedPKIMessageBuilder setFreeText(PKIFreeText freeText)
-    {
-        hdrBuilder.setFreeText(freeText);
-
-        return this;
-    }
-
-    /**
-     * Add a generalInfo data record to the header of the new message.
-     *
-     * @param genInfo the generalInfo data to be added.
-     * @return the current builder instance.
-     */
-    public ProtectedPKIMessageBuilder addGeneralInfo(InfoTypeAndValue genInfo)
-    {
-        generalInfos.add(genInfo);
-
-        return this;
-    }
-
-    /**
-     * Set the creation time for the new message.
-     *
-     * @param time the message creation time.
-     * @return the current builder instance.
-     */
-    public ProtectedPKIMessageBuilder setMessageTime(Date time)
-    {
-        hdrBuilder.setMessageTime(new ASN1GeneralizedTime(time));
-
-        return this;
-    }
-
-    /**
-     * Set the recipient key identifier for the key to be used to verify the new message.
-     *
-     * @param kid a key identifier.
-     * @return the current builder instance.
-     */
-    public ProtectedPKIMessageBuilder setRecipKID(byte[] kid)
-    {
-        hdrBuilder.setRecipKID(kid);
-
-        return this;
-    }
-
-    /**
-     * Set the recipient nonce field on the new message.
-     *
-     * @param nonce a NONCE, typically copied from the sender nonce of the previous message.
-     * @return the current builder instance.
-     */
-    public ProtectedPKIMessageBuilder setRecipNonce(byte[] nonce)
-    {
-        hdrBuilder.setRecipNonce(nonce);
-
-        return this;
-    }
-
-    /**
-     * Set the sender key identifier for the key used to protect the new message.
-     *
-     * @param kid a key identifier.
-     * @return the current builder instance.
-     */
-    public ProtectedPKIMessageBuilder setSenderKID(byte[] kid)
-    {
-        hdrBuilder.setSenderKID(kid);
-
-        return this;
-    }
-
-    /**
-     * Set the sender nonce field on the new message.
-     *
-     * @param nonce a NONCE, typically 128 bits of random data.
-     * @return the current builder instance.
-     */
-    public ProtectedPKIMessageBuilder setSenderNonce(byte[] nonce)
-    {
-        hdrBuilder.setSenderNonce(nonce);
-
-        return this;
-    }
-
-    /**
-     * Set the body for the new message
-     *
-     * @param body the message body.
-     * @return the current builder instance.
-     */
-    public ProtectedPKIMessageBuilder setBody(PKIBody body)
-    {
-        this.body = body;
-
-        return this;
-    }
-
-    /**
-     * Add an "extra certificate" to the message.
-     *
-     * @param extraCert the extra certificate to add.
-     * @return the current builder instance.
-     */
-    public ProtectedPKIMessageBuilder addCMPCertificate(X509CertificateHolder extraCert)
-    {
-        extraCerts.add(extraCert);
-
-        return this;
-    }
-
-    /**
-     * Build a protected PKI message which has MAC based integrity protection.
-     *
-     * @param macCalculator MAC calculator.
-     * @return the resulting protected PKI message.
-     * @throws CMPException if the protection MAC cannot be calculated.
-     */
-    public ProtectedPKIMessage build(MacCalculator macCalculator)
-        throws CMPException
-    {
-        finaliseHeader(macCalculator.getAlgorithmIdentifier());
-
-        PKIHeader header = hdrBuilder.build();
-
-        try
-        {
-            DERBitString protection = new DERBitString(calculateMac(macCalculator, header, body));
-
-            return finaliseMessage(header, protection);
-        }
-        catch (IOException e)
-        {
-            throw new CMPException("unable to encode MAC input: " + e.getMessage(), e);
-        }
-    }
-
-    /**
-     * Build a protected PKI message which has MAC based integrity protection.
-     *
-     * @param signer the ContentSigner to be used to calculate the signature.
-     * @return the resulting protected PKI message.
-     * @throws CMPException if the protection signature cannot be calculated.
-     */
-    public ProtectedPKIMessage build(ContentSigner signer)
-        throws CMPException
-    {
-        finaliseHeader(signer.getAlgorithmIdentifier());
-
-        PKIHeader header = hdrBuilder.build();
-        
-        try
-        {
-            DERBitString protection = new DERBitString(calculateSignature(signer, header, body));
-
-            return finaliseMessage(header, protection);
-        }
-        catch (IOException e)
-        {
-            throw new CMPException("unable to encode signature input: " + e.getMessage(), e);
-        }
-    }
-
-    private void finaliseHeader(AlgorithmIdentifier algorithmIdentifier)
-    {
-        hdrBuilder.setProtectionAlg(algorithmIdentifier);
-
-        if (!generalInfos.isEmpty())
-        {
-            InfoTypeAndValue[] genInfos = new InfoTypeAndValue[generalInfos.size()];
-
-            hdrBuilder.setGeneralInfo((InfoTypeAndValue[])generalInfos.toArray(genInfos));
-        }
-    }
-
-    private ProtectedPKIMessage finaliseMessage(PKIHeader header, DERBitString protection)
-    {
-        if (!extraCerts.isEmpty())
-        {
-            CMPCertificate[] cmpCerts = new CMPCertificate[extraCerts.size()];
-
-            for (int i = 0; i != cmpCerts.length; i++)
-            {
-                cmpCerts[i] = new CMPCertificate(((X509CertificateHolder)extraCerts.get(i)).toASN1Structure());
-            }
-
-            return new ProtectedPKIMessage(new PKIMessage(header, body, protection, cmpCerts));
-        }
-        else
-        {
-            return new ProtectedPKIMessage(new PKIMessage(header, body, protection));
-        }
-    }
-
-    private byte[] calculateSignature(ContentSigner signer, PKIHeader header, PKIBody body)
-        throws IOException
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(header);
-        v.add(body);
-
-        OutputStream sOut = signer.getOutputStream();
-
-        sOut.write(new DERSequence(v).getEncoded(ASN1Encoding.DER));
-
-        sOut.close();
-
-        return signer.getSignature();
-    }
-
-    private byte[] calculateMac(MacCalculator macCalculator, PKIHeader header, PKIBody body)
-        throws IOException
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(header);
-        v.add(body);
-
-        OutputStream sOut = macCalculator.getOutputStream();
-
-        sOut.write(new DERSequence(v).getEncoded(ASN1Encoding.DER));
-
-        sOut.close();
-
-        return macCalculator.getMac();
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/cmp/RevocationDetails.java b/bcpkix/src/main/java/org/bouncycastle/cert/cmp/RevocationDetails.java
deleted file mode 100644
index f382c69..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/cmp/RevocationDetails.java
+++ /dev/null

@@ -1,36 +0,0 @@
-package org.bouncycastle.cert.cmp;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.cmp.RevDetails;
-import org.bouncycastle.asn1.x500.X500Name;
-
-public class RevocationDetails
-{
-    private RevDetails revDetails;
-
-    public RevocationDetails(RevDetails revDetails)
-    {
-        this.revDetails = revDetails;
-    }
-
-    public X500Name getSubject()
-    {
-        return revDetails.getCertDetails().getSubject();
-    }
-
-    public X500Name getIssuer()
-    {
-        return revDetails.getCertDetails().getIssuer();
-    }
-
-    public BigInteger getSerialNumber()
-    {
-        return revDetails.getCertDetails().getSerialNumber().getValue();
-    }
-
-    public RevDetails toASN1Structure()
-    {
-        return revDetails;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/cmp/RevocationDetailsBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/cmp/RevocationDetailsBuilder.java
deleted file mode 100644
index e662d28..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/cmp/RevocationDetailsBuilder.java
+++ /dev/null

@@ -1,59 +0,0 @@
-package org.bouncycastle.cert.cmp;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.cmp.RevDetails;
-import org.bouncycastle.asn1.crmf.CertTemplateBuilder;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-
-public class RevocationDetailsBuilder
-{
-    private CertTemplateBuilder templateBuilder = new CertTemplateBuilder();
-    
-    public RevocationDetailsBuilder setPublicKey(SubjectPublicKeyInfo publicKey)
-    {
-        if (publicKey != null)
-        {
-            templateBuilder.setPublicKey(publicKey);
-        }
-
-        return this;
-    }
-
-    public RevocationDetailsBuilder setIssuer(X500Name issuer)
-    {
-        if (issuer != null)
-        {
-            templateBuilder.setIssuer(issuer);
-        }
-
-        return this;
-    }
-
-    public RevocationDetailsBuilder setSerialNumber(BigInteger serialNumber)
-    {
-        if (serialNumber != null)
-        {
-            templateBuilder.setSerialNumber(new ASN1Integer(serialNumber));
-        }
-
-        return this;
-    }
-
-    public RevocationDetailsBuilder setSubject(X500Name subject)
-    {
-        if (subject != null)
-        {
-            templateBuilder.setSubject(subject);
-        }
-
-        return this;
-    }
-
-    public RevocationDetails build()
-    {
-        return new RevocationDetails(new RevDetails(templateBuilder.build()));
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/cmp/package.html b/bcpkix/src/main/java/org/bouncycastle/cert/cmp/package.html
deleted file mode 100644
index a58af18..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/cmp/package.html
+++ /dev/null

@@ -1,7 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
-        "http://www.w3.org/TR/html4/loose.dtd">
-<html>
-<body bgcolor="#ffffff">
-Basic support package for handling and creating CMP (RFC 4210) certificate management messages.
-</body>
-</html>
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/cmp/test/AllTests.java b/bcpkix/src/main/java/org/bouncycastle/cert/cmp/test/AllTests.java
deleted file mode 100644
index 05d5946..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/cmp/test/AllTests.java
+++ /dev/null

@@ -1,407 +0,0 @@
-package org.bouncycastle.cert.cmp.test;
-
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.math.BigInteger;
-import java.security.GeneralSecurityException;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.Security;
-import java.security.cert.X509Certificate;
-import java.util.Date;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cmp.CMPCertificate;
-import org.bouncycastle.asn1.cmp.CertConfirmContent;
-import org.bouncycastle.asn1.cmp.CertOrEncCert;
-import org.bouncycastle.asn1.cmp.CertRepMessage;
-import org.bouncycastle.asn1.cmp.CertResponse;
-import org.bouncycastle.asn1.cmp.CertifiedKeyPair;
-import org.bouncycastle.asn1.cmp.PKIBody;
-import org.bouncycastle.asn1.cmp.PKIMessage;
-import org.bouncycastle.asn1.cmp.PKIStatus;
-import org.bouncycastle.asn1.cmp.PKIStatusInfo;
-import org.bouncycastle.asn1.crmf.CertReqMessages;
-import org.bouncycastle.asn1.crmf.CertReqMsg;
-import org.bouncycastle.asn1.crmf.EncryptedValue;
-import org.bouncycastle.asn1.crmf.ProofOfPossession;
-import org.bouncycastle.asn1.crmf.SubsequentMessage;
-import org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.cert.CertException;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.X509v3CertificateBuilder;
-import org.bouncycastle.cert.cmp.CertificateConfirmationContent;
-import org.bouncycastle.cert.cmp.CertificateConfirmationContentBuilder;
-import org.bouncycastle.cert.cmp.CertificateStatus;
-import org.bouncycastle.cert.cmp.GeneralPKIMessage;
-import org.bouncycastle.cert.cmp.ProtectedPKIMessage;
-import org.bouncycastle.cert.cmp.ProtectedPKIMessageBuilder;
-import org.bouncycastle.cert.crmf.CertificateRequestMessage;
-import org.bouncycastle.cert.crmf.CertificateRequestMessageBuilder;
-import org.bouncycastle.cert.crmf.PKMACBuilder;
-import org.bouncycastle.cert.crmf.jcajce.JcaCertificateRequestMessageBuilder;
-import org.bouncycastle.cert.crmf.jcajce.JcaEncryptedValueBuilder;
-import org.bouncycastle.cert.crmf.jcajce.JceCRMFEncryptorBuilder;
-import org.bouncycastle.cert.crmf.jcajce.JcePKMACValuesCalculator;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
-import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
-import org.bouncycastle.cms.CMSAlgorithm;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.operator.AsymmetricKeyUnwrapper;
-import org.bouncycastle.operator.ContentSigner;
-import org.bouncycastle.operator.ContentVerifierProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
-import org.bouncycastle.operator.jcajce.JcaContentVerifierProviderBuilder;
-import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
-import org.bouncycastle.operator.jcajce.JceAsymmetricKeyUnwrapper;
-import org.bouncycastle.operator.jcajce.JceAsymmetricKeyWrapper;
-import org.bouncycastle.operator.jcajce.JceInputDecryptorProviderBuilder;
-import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.io.Streams;
-
-public class AllTests
-    extends TestCase
-{
-    private static final byte[] TEST_DATA = "Hello world!".getBytes();
-    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
-    private static final String TEST_DATA_HOME = "bc.test.data.home";
-
-    /*
-     *
-     *  INFRASTRUCTURE
-     *
-     */
-
-    public AllTests(String name)
-    {
-        super(name);
-    }
-
-    public static void main(String args[])
-    {
-        junit.textui.TestRunner.run(AllTests.class);
-    }
-
-    public static Test suite()
-    {
-        return new TestSuite(AllTests.class);
-    }
-
-    public void setUp()
-    {
-        Security.addProvider(new BouncyCastleProvider());
-    }
-
-    public void tearDown()
-    {
-
-    }
-
-    public void testProtectedMessage()
-        throws Exception
-    {
-        KeyPairGenerator kGen = KeyPairGenerator.getInstance("RSA", BC);
-
-        kGen.initialize(512);
-
-        KeyPair kp = kGen.generateKeyPair();
-        X509CertificateHolder cert = makeV3Certificate(kp, "CN=Test", kp, "CN=Test");
-
-        GeneralName sender = new GeneralName(new X500Name("CN=Sender"));
-        GeneralName recipient = new GeneralName(new X500Name("CN=Recip"));
-
-        ContentSigner signer = new JcaContentSignerBuilder("MD5WithRSAEncryption").setProvider(BC).build(kp.getPrivate());
-        ProtectedPKIMessage message = new ProtectedPKIMessageBuilder(sender, recipient)
-                                                  .setBody(new PKIBody(PKIBody.TYPE_INIT_REP, CertRepMessage.getInstance(new DERSequence(new DERSequence()))))
-                                                  .addCMPCertificate(cert)
-                                                  .build(signer);
-
-        X509Certificate jcaCert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(message.getCertificates()[0]);
-        ContentVerifierProvider verifierProvider = new JcaContentVerifierProviderBuilder().setProvider(BC).build(jcaCert.getPublicKey());
-
-        assertTrue(message.verify(verifierProvider));
-
-        assertEquals(sender, message.getHeader().getSender());
-        assertEquals(recipient, message.getHeader().getRecipient());
-    }
-
-    public void testMacProtectedMessage()
-        throws Exception
-    {
-        KeyPairGenerator kGen = KeyPairGenerator.getInstance("RSA", BC);
-
-        kGen.initialize(512);
-
-        KeyPair kp = kGen.generateKeyPair();
-        X509CertificateHolder cert = makeV3Certificate(kp, "CN=Test", kp, "CN=Test");
-
-        GeneralName sender = new GeneralName(new X500Name("CN=Sender"));
-        GeneralName recipient = new GeneralName(new X500Name("CN=Recip"));
-
-        ProtectedPKIMessage message = new ProtectedPKIMessageBuilder(sender, recipient)
-                                                  .setBody(new PKIBody(PKIBody.TYPE_INIT_REP, CertRepMessage.getInstance(new DERSequence(new DERSequence()))))
-                                                  .addCMPCertificate(cert)
-                                                  .build(new PKMACBuilder(new JcePKMACValuesCalculator().setProvider(BC)).build("secret".toCharArray()));
-
-        PKMACBuilder pkMacBuilder = new PKMACBuilder(new JcePKMACValuesCalculator().setProvider(BC));
-
-        assertTrue(message.verify(pkMacBuilder, "secret".toCharArray()));
-
-        assertEquals(sender, message.getHeader().getSender());
-        assertEquals(recipient, message.getHeader().getRecipient());
-    }
-
-    public void testConfirmationMessage()
-        throws Exception
-    {
-        KeyPairGenerator kGen = KeyPairGenerator.getInstance("RSA", BC);
-
-        kGen.initialize(512);
-
-        KeyPair kp = kGen.generateKeyPair();
-        X509CertificateHolder cert = makeV3Certificate(kp, "CN=Test", kp, "CN=Test");
-
-        GeneralName sender = new GeneralName(new X500Name("CN=Sender"));
-        GeneralName recipient = new GeneralName(new X500Name("CN=Recip"));
-
-        CertificateConfirmationContent content = new CertificateConfirmationContentBuilder()
-                             .addAcceptedCertificate(cert, BigInteger.valueOf(1))
-                             .build(new JcaDigestCalculatorProviderBuilder().build());
-
-        ContentSigner signer = new JcaContentSignerBuilder("MD5WithRSAEncryption").setProvider(BC).build(kp.getPrivate());
-        ProtectedPKIMessage message = new ProtectedPKIMessageBuilder(sender, recipient)
-                                                  .setBody(new PKIBody(PKIBody.TYPE_CERT_CONFIRM, content.toASN1Structure()))
-                                                  .addCMPCertificate(cert)
-                                                  .build(signer);
-
-        X509Certificate jcaCert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(message.getCertificates()[0]);
-        ContentVerifierProvider verifierProvider = new JcaContentVerifierProviderBuilder().setProvider(BC).build(jcaCert.getPublicKey());
-
-        assertTrue(message.verify(verifierProvider));
-
-        assertEquals(sender, message.getHeader().getSender());
-        assertEquals(recipient, message.getHeader().getRecipient());
-
-        content = new CertificateConfirmationContent(CertConfirmContent.getInstance(message.getBody().getContent()));
-
-        CertificateStatus[] statusList = content.getStatusMessages();
-
-        assertEquals(1, statusList.length);
-        assertTrue(statusList[0].isVerified(cert, new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()));
-    }
-
-    public void testSampleCr()
-        throws Exception
-    {
-        PKIMessage msg = loadMessage("sample_cr.der");
-        ProtectedPKIMessage procMsg = new ProtectedPKIMessage(new GeneralPKIMessage(msg));
-
-        assertTrue(procMsg.verify(new PKMACBuilder(new JcePKMACValuesCalculator().setProvider(BC)), "TopSecret1234".toCharArray()));
-    }
-
-    public void testSubsequentMessage()
-        throws Exception
-    {
-        KeyPairGenerator kGen = KeyPairGenerator.getInstance("RSA", BC);
-
-        kGen.initialize(512);
-
-        KeyPair kp = kGen.generateKeyPair();
-        X509CertificateHolder cert = makeV3Certificate(kp, "CN=Test", kp, "CN=Test");
-
-        ContentSigner signer = new JcaContentSignerBuilder("SHA256withRSA").setProvider(BC).build(
-                    kp.getPrivate());
-
-        GeneralName user = new GeneralName(new X500Name("CN=Test"));
-
-        CertificateRequestMessageBuilder builder = new JcaCertificateRequestMessageBuilder(
-                    BigInteger.valueOf(1)).setPublicKey(kp.getPublic()).setProofOfPossessionSubsequentMessage(
-                    SubsequentMessage.encrCert);
-
-                ProtectedPKIMessage certRequestMsg = new ProtectedPKIMessageBuilder(user,
-                    user).setTransactionID(new byte[] { 1, 2, 3, 4, 5 }).setBody(
-                    new PKIBody(PKIBody.TYPE_KEY_UPDATE_REQ, new CertReqMessages(builder.build().toASN1Structure()))).addCMPCertificate(
-                    cert).build(signer);
-
-        ProtectedPKIMessage msg = new ProtectedPKIMessage(new GeneralPKIMessage(certRequestMsg.toASN1Structure().getEncoded()));
-
-        CertReqMessages reqMsgs = CertReqMessages.getInstance(msg.getBody().getContent());
-
-        CertReqMsg reqMsg = reqMsgs.toCertReqMsgArray()[0];
-
-        assertEquals(ProofOfPossession.TYPE_KEY_ENCIPHERMENT, reqMsg.getPopo().getType());
-    }
-
-    public void testServerSideKey()
-        throws Exception
-    {
-        KeyPairGenerator kGen = KeyPairGenerator.getInstance("RSA", BC);
-
-        kGen.initialize(512);
-
-        KeyPair kp = kGen.generateKeyPair();
-        X509CertificateHolder cert = makeV3Certificate(kp, "CN=Test", kp, "CN=Test");
-
-        JcaEncryptedValueBuilder encBldr = new JcaEncryptedValueBuilder(
-            new JceAsymmetricKeyWrapper(kp.getPublic()).setProvider(BC),
-            new JceCRMFEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-
-        GeneralName sender = new GeneralName(new X500Name("CN=Sender"));
-        GeneralName recipient = new GeneralName(new X500Name("CN=Recip"));
-
-        CertRepMessage msg = new CertRepMessage(null, new CertResponse[] {
-            new CertResponse(
-                new ASN1Integer(2),
-                new PKIStatusInfo(PKIStatus.granted),
-                new CertifiedKeyPair(
-                    new CertOrEncCert(CMPCertificate.getInstance(cert.getEncoded())),
-                    encBldr.build(kp.getPrivate()),
-                    null), null) });
-
-        ContentSigner signer = new JcaContentSignerBuilder("MD5WithRSAEncryption").setProvider(BC).build(kp.getPrivate());
-        ProtectedPKIMessage message = new ProtectedPKIMessageBuilder(sender, recipient)
-                                                  .setBody(new PKIBody(PKIBody.TYPE_INIT_REP, msg))
-                                                  .addCMPCertificate(cert)
-                                                  .build(signer);
-
-        X509Certificate jcaCert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(message.getCertificates()[0]);
-        ContentVerifierProvider verifierProvider = new JcaContentVerifierProviderBuilder().setProvider(BC).build(jcaCert.getPublicKey());
-
-        assertTrue(message.verify(verifierProvider));
-
-        assertEquals(sender, message.getHeader().getSender());
-        assertEquals(recipient, message.getHeader().getRecipient());
-
-        CertRepMessage content = CertRepMessage.getInstance(message.getBody().getContent());
-
-        CertResponse[] responseList = content.getResponse();
-
-        assertEquals(1, responseList.length);
-
-        CertResponse response = responseList[0];
-
-        assertEquals(PKIStatus.granted.getValue(), response.getStatus().getStatus());
-
-        CertifiedKeyPair certKp = response.getCertifiedKeyPair();
-
-        // steps to unwrap private key
-        EncryptedValue encValue = certKp.getPrivateKey();
-
-        // recover symmetric key
-        AsymmetricKeyUnwrapper unwrapper = new JceAsymmetricKeyUnwrapper(encValue.getKeyAlg(), kp.getPrivate());
-        
-        byte[] secKeyBytes = (byte[])unwrapper.generateUnwrappedKey(encValue.getKeyAlg(), encValue.getEncSymmKey().getBytes()).getRepresentation();
-
-        // recover private key
-        PKCS8EncryptedPrivateKeyInfo respInfo = new PKCS8EncryptedPrivateKeyInfo(
-            new EncryptedPrivateKeyInfo(encValue.getSymmAlg(), encValue.getEncValue().getBytes()));
-
-        PrivateKeyInfo keyInfo = respInfo.decryptPrivateKeyInfo(new JceInputDecryptorProviderBuilder().setProvider("BC").build(secKeyBytes));
-
-        assertEquals(keyInfo.getPrivateKeyAlgorithm(), encValue.getIntendedAlg());
-        assertTrue(Arrays.areEqual(kp.getPrivate().getEncoded(), keyInfo.getEncoded()));
-    }
-
-
-    public void testNotBeforeNotAfter()
-        throws Exception
-    {
-        KeyPairGenerator kGen = KeyPairGenerator.getInstance("RSA", BC);
-
-        kGen.initialize(512);
-
-        KeyPair kp = kGen.generateKeyPair();
-
-        doNotBeforeNotAfterTest(kp, new Date(0L), new Date(60000L));
-        doNotBeforeNotAfterTest(kp, null, new Date(60000L));
-        doNotBeforeNotAfterTest(kp, new Date(0L), null);
-    }
-
-    private void doNotBeforeNotAfterTest(KeyPair kp, Date notBefore, Date notAfter)
-        throws Exception
-    {
-        CertificateRequestMessageBuilder builder = new JcaCertificateRequestMessageBuilder(
-                    BigInteger.valueOf(1)).setPublicKey(kp.getPublic()).setProofOfPossessionSubsequentMessage(
-                    SubsequentMessage.encrCert);
-
-        builder.setValidity(notBefore, notAfter);
-
-        CertificateRequestMessage message = builder.build();
-
-        if (notBefore != null)
-        {
-            assertEquals(notBefore.getTime(), message.getCertTemplate().getValidity().getNotBefore().getDate().getTime());
-        }
-        else
-        {
-            assertNull(message.getCertTemplate().getValidity().getNotBefore());
-        }
-
-        if (notAfter != null)
-        {
-            assertEquals(notAfter.getTime(), message.getCertTemplate().getValidity().getNotAfter().getDate().getTime());
-        }
-        else
-        {
-            assertNull(message.getCertTemplate().getValidity().getNotAfter());
-        }
-    }
-
-    private static X509CertificateHolder makeV3Certificate(KeyPair subKP, String _subDN, KeyPair issKP, String _issDN)
-        throws GeneralSecurityException, IOException, OperatorCreationException, CertException
-    {
-
-        PublicKey subPub  = subKP.getPublic();
-        PrivateKey issPriv = issKP.getPrivate();
-        PublicKey  issPub  = issKP.getPublic();
-
-        X509v3CertificateBuilder v1CertGen = new JcaX509v3CertificateBuilder(
-            new X500Name(_issDN),
-            BigInteger.valueOf(System.currentTimeMillis()),
-            new Date(System.currentTimeMillis()),
-            new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 100)),
-            new X500Name(_subDN),
-            subPub);
-
-        ContentSigner signer = new JcaContentSignerBuilder("SHA1WithRSA").setProvider(BC).build(issPriv);
-
-        X509CertificateHolder certHolder = v1CertGen.build(signer);
-
-        ContentVerifierProvider verifier = new JcaContentVerifierProviderBuilder().setProvider(BC).build(issPub);
-
-        assertTrue(certHolder.isSignatureValid(verifier));
-
-        return certHolder;
-    }
-
-    private static PKIMessage loadMessage(String name)
-    {
-        String dataHome = System.getProperty(TEST_DATA_HOME);
-
-        if (dataHome == null)
-        {
-            throw new IllegalStateException(TEST_DATA_HOME + " property not set");
-        }
-
-        try
-        {
-            return PKIMessage.getInstance(ASN1Primitive.fromByteArray(Streams.readAll(new FileInputStream(dataHome + "/cmp/" + name))));
-        }
-        catch (IOException e)
-        {
-            throw new RuntimeException(e.toString());
-        }
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/AuthenticatorControl.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/AuthenticatorControl.java
deleted file mode 100644
index 3cb7f47..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/AuthenticatorControl.java
+++ /dev/null

@@ -1,57 +0,0 @@
-package org.bouncycastle.cert.crmf;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.asn1.crmf.CRMFObjectIdentifiers;
-
-/**
- * Carrier for an authenticator control.
- */
-public class AuthenticatorControl
-    implements Control
-{
-    private static final ASN1ObjectIdentifier type = CRMFObjectIdentifiers.id_regCtrl_authenticator;
-
-    private final DERUTF8String token;
-
-    /**
-     * Basic constructor - build from a UTF-8 string representing the token.
-     *
-     * @param token UTF-8 string representing the token.
-     */
-    public AuthenticatorControl(DERUTF8String token)
-    {
-        this.token = token;
-    }
-
-    /**
-     * Basic constructor - build from a string representing the token.
-     *
-     * @param token string representing the token.
-     */
-    public AuthenticatorControl(String token)
-    {
-        this.token = new DERUTF8String(token);
-    }
-
-    /**
-     * Return the type of this control.
-     *
-     * @return CRMFObjectIdentifiers.id_regCtrl_authenticator
-     */
-    public ASN1ObjectIdentifier getType()
-    {
-        return type;
-    }
-
-    /**
-     * Return the token associated with this control (a UTF8String).
-     *
-     * @return a UTF8String.
-     */
-    public ASN1Encodable getValue()
-    {
-        return token;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/CRMFException.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/CRMFException.java
deleted file mode 100644
index 04673d6..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/CRMFException.java
+++ /dev/null

@@ -1,24 +0,0 @@
-package org.bouncycastle.cert.crmf;
-
-public class CRMFException
-    extends Exception
-{
-    private Throwable cause;
-
-    public CRMFException(String msg)
-    {
-        this(msg, null);
-    }
-
-    public CRMFException(String msg, Throwable cause)
-    {
-        super(msg);
-
-        this.cause = cause;
-    }
-
-    public Throwable getCause()
-    {
-        return cause;
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/CRMFRuntimeException.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/CRMFRuntimeException.java
deleted file mode 100644
index 89d6a53..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/CRMFRuntimeException.java
+++ /dev/null

@@ -1,19 +0,0 @@
-package org.bouncycastle.cert.crmf;
-
-public class CRMFRuntimeException
-    extends RuntimeException
-{
-    private Throwable cause;
-
-    public CRMFRuntimeException(String msg, Throwable cause)
-    {
-        super(msg);
-
-        this.cause = cause;
-    }
-
-    public Throwable getCause()
-    {
-        return cause;
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/CRMFUtil.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/CRMFUtil.java
deleted file mode 100644
index f314a95..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/CRMFUtil.java
+++ /dev/null

@@ -1,42 +0,0 @@
-package org.bouncycastle.cert.crmf;
-
-import java.io.IOException;
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DEROutputStream;
-import org.bouncycastle.asn1.x509.ExtensionsGenerator;
-import org.bouncycastle.cert.CertIOException;
-
-class CRMFUtil
-{
-    static void derEncodeToStream(ASN1Encodable obj, OutputStream stream)
-    {
-        DEROutputStream dOut = new DEROutputStream(stream);
-
-        try
-        {
-            dOut.writeObject(obj);
-
-            dOut.close();
-        }
-        catch (IOException e)
-        {
-            throw new CRMFRuntimeException("unable to DER encode object: " + e.getMessage(), e);
-        }
-    }
-
-    static void addExtension(ExtensionsGenerator extGenerator, ASN1ObjectIdentifier oid, boolean isCritical, ASN1Encodable value)
-        throws CertIOException
-    {
-        try
-        {
-            extGenerator.addExtension(oid, isCritical, value);
-        }
-        catch (IOException e)
-        {
-            throw new CertIOException("cannot encode extension: " + e.getMessage(), e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/CertificateRequestMessage.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/CertificateRequestMessage.java
deleted file mode 100644
index 2fd3dad..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/CertificateRequestMessage.java
+++ /dev/null

@@ -1,311 +0,0 @@
-package org.bouncycastle.cert.crmf;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.asn1.crmf.AttributeTypeAndValue;
-import org.bouncycastle.asn1.crmf.CRMFObjectIdentifiers;
-import org.bouncycastle.asn1.crmf.CertReqMsg;
-import org.bouncycastle.asn1.crmf.CertTemplate;
-import org.bouncycastle.asn1.crmf.Controls;
-import org.bouncycastle.asn1.crmf.PKIArchiveOptions;
-import org.bouncycastle.asn1.crmf.PKMACValue;
-import org.bouncycastle.asn1.crmf.POPOSigningKey;
-import org.bouncycastle.asn1.crmf.ProofOfPossession;
-import org.bouncycastle.cert.CertIOException;
-import org.bouncycastle.operator.ContentVerifier;
-import org.bouncycastle.operator.ContentVerifierProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.util.Encodable;
-
-/**
- * Carrier for a CRMF CertReqMsg.
- */
-public class CertificateRequestMessage
-    implements Encodable
-{
-    public static final int popRaVerified = ProofOfPossession.TYPE_RA_VERIFIED;
-    public static final int popSigningKey = ProofOfPossession.TYPE_SIGNING_KEY;
-    public static final int popKeyEncipherment = ProofOfPossession.TYPE_KEY_ENCIPHERMENT;
-    public static final int popKeyAgreement = ProofOfPossession.TYPE_KEY_AGREEMENT;
-
-    private final CertReqMsg certReqMsg;
-    private final Controls controls;
-
-    private static CertReqMsg parseBytes(byte[] encoding)
-        throws IOException
-    {
-        try
-        {
-            return CertReqMsg.getInstance(ASN1Primitive.fromByteArray(encoding));
-        }
-        catch (ClassCastException e)
-        {
-            throw new CertIOException("malformed data: " + e.getMessage(), e);
-        }
-        catch (IllegalArgumentException e)
-        {
-            throw new CertIOException("malformed data: " + e.getMessage(), e);
-        }
-    }
-
-    /**
-     * Create a CertificateRequestMessage from the passed in bytes.
-     *
-     * @param certReqMsg BER/DER encoding of the CertReqMsg structure.
-     * @throws IOException in the event of corrupted data, or an incorrect structure.
-     */
-    public CertificateRequestMessage(byte[] certReqMsg)
-        throws IOException
-    {
-        this(parseBytes(certReqMsg));
-    }
-
-    public CertificateRequestMessage(CertReqMsg certReqMsg)
-    {
-        this.certReqMsg = certReqMsg;
-        this.controls = certReqMsg.getCertReq().getControls();
-    }
-
-    /**
-     * Return the underlying ASN.1 object defining this CertificateRequestMessage object.
-     *
-     * @return a CertReqMsg.
-     */
-    public CertReqMsg toASN1Structure()
-    {
-        return certReqMsg;
-    }
-
-    /**
-     * Return the certificate template contained in this message.
-     *
-     * @return  a CertTemplate structure.
-     */
-    public CertTemplate getCertTemplate()
-    {
-        return this.certReqMsg.getCertReq().getCertTemplate();
-    }
-
-    /**
-     * Return whether or not this request has control values associated with it.
-     *
-     * @return true if there are control values present, false otherwise.
-     */
-    public boolean hasControls()
-    {
-        return controls != null;
-    }
-
-    /**
-     * Return whether or not this request has a specific type of control value.
-     *
-     * @param type the type OID for the control value we are checking for.
-     * @return true if a control value of type is present, false otherwise.
-     */
-    public boolean hasControl(ASN1ObjectIdentifier type)
-    {
-        return findControl(type) != null;
-    }
-
-    /**
-     * Return a control value of the specified type.
-     *
-     * @param type the type OID for the control value we are checking for.
-     * @return the control value if present, null otherwise.
-     */
-    public Control getControl(ASN1ObjectIdentifier type)
-    {
-        AttributeTypeAndValue found = findControl(type);
-
-        if (found != null)
-        {
-            if (found.getType().equals(CRMFObjectIdentifiers.id_regCtrl_pkiArchiveOptions))
-            {
-                return new PKIArchiveControl(PKIArchiveOptions.getInstance(found.getValue()));
-            }
-            if (found.getType().equals(CRMFObjectIdentifiers.id_regCtrl_regToken))
-            {
-                return new RegTokenControl(DERUTF8String.getInstance(found.getValue()));
-            }
-            if (found.getType().equals(CRMFObjectIdentifiers.id_regCtrl_authenticator))
-            {
-                return new AuthenticatorControl(DERUTF8String.getInstance(found.getValue()));
-            }
-        }
-
-        return null;
-    }
-
-    private AttributeTypeAndValue findControl(ASN1ObjectIdentifier type)
-    {
-        if (controls == null)
-        {
-            return null;
-        }
-
-        AttributeTypeAndValue[] tAndVs = controls.toAttributeTypeAndValueArray();
-        AttributeTypeAndValue found = null;
-
-        for (int i = 0; i != tAndVs.length; i++)
-        {
-            if (tAndVs[i].getType().equals(type))
-            {
-                found = tAndVs[i];
-                break;
-            }
-        }
-
-        return found;
-    }
-
-    /**
-     * Return whether or not this request message has a proof-of-possession field in it.
-     *
-     * @return true if proof-of-possession is present, false otherwise.
-     */
-    public boolean hasProofOfPossession()
-    {
-        return this.certReqMsg.getPopo() != null;
-    }
-
-    /**
-     * Return the type of the proof-of-possession this request message provides.
-     *
-     * @return one of: popRaVerified, popSigningKey, popKeyEncipherment, popKeyAgreement
-     */
-    public int getProofOfPossessionType()
-    {
-        return this.certReqMsg.getPopo().getType();
-    }
-
-    /**
-     * Return whether or not the proof-of-possession (POP) is of the type popSigningKey and
-     * it has a public key MAC associated with it.
-     *
-     * @return true if POP is popSigningKey and a PKMAC is present, false otherwise.
-     */
-    public boolean hasSigningKeyProofOfPossessionWithPKMAC()
-    {
-        ProofOfPossession pop = certReqMsg.getPopo();
-
-        if (pop.getType() == popSigningKey)
-        {
-            POPOSigningKey popoSign = POPOSigningKey.getInstance(pop.getObject());
-
-            return popoSign.getPoposkInput().getPublicKeyMAC() != null;
-        }
-
-        return false;
-    }
-
-    /**
-     * Return whether or not a signing key proof-of-possession (POP) is valid.
-     *
-     * @param verifierProvider a provider that can produce content verifiers for the signature contained in this POP.
-     * @return true if the POP is valid, false otherwise.
-     * @throws CRMFException if there is a problem in verification or content verifier creation.
-     * @throws IllegalStateException if POP not appropriate.
-     */
-    public boolean isValidSigningKeyPOP(ContentVerifierProvider verifierProvider)
-        throws CRMFException, IllegalStateException
-    {
-        ProofOfPossession pop = certReqMsg.getPopo();
-
-        if (pop.getType() == popSigningKey)
-        {
-            POPOSigningKey popoSign = POPOSigningKey.getInstance(pop.getObject());
-
-            if (popoSign.getPoposkInput() != null && popoSign.getPoposkInput().getPublicKeyMAC() != null)
-            {
-                throw new IllegalStateException("verification requires password check");
-            }
-
-            return verifySignature(verifierProvider, popoSign);
-        }
-        else
-        {
-            throw new IllegalStateException("not Signing Key type of proof of possession");
-        }
-    }
-
-    /**
-     * Return whether or not a signing key proof-of-possession (POP), with an associated PKMAC, is valid.
-     *
-     * @param verifierProvider a provider that can produce content verifiers for the signature contained in this POP.
-     * @param macBuilder a suitable PKMACBuilder to create the MAC verifier.
-     * @param password the password used to key the MAC calculation.
-     * @return true if the POP is valid, false otherwise.
-     * @throws CRMFException if there is a problem in verification or content verifier creation.
-     * @throws IllegalStateException if POP not appropriate.
-     */
-    public boolean isValidSigningKeyPOP(ContentVerifierProvider verifierProvider, PKMACBuilder macBuilder, char[] password)
-        throws CRMFException, IllegalStateException
-    {
-        ProofOfPossession pop = certReqMsg.getPopo();
-
-        if (pop.getType() == popSigningKey)
-        {
-            POPOSigningKey popoSign = POPOSigningKey.getInstance(pop.getObject());
-
-            if (popoSign.getPoposkInput() == null || popoSign.getPoposkInput().getSender() != null)
-            {
-                throw new IllegalStateException("no PKMAC present in proof of possession");
-            }
-
-            PKMACValue pkMAC = popoSign.getPoposkInput().getPublicKeyMAC();
-            PKMACValueVerifier macVerifier = new PKMACValueVerifier(macBuilder);
-
-            if (macVerifier.isValid(pkMAC, password, this.getCertTemplate().getPublicKey()))
-            {
-                return verifySignature(verifierProvider, popoSign);
-            }
-
-            return false;
-        }
-        else
-        {
-            throw new IllegalStateException("not Signing Key type of proof of possession");
-        }
-    }
-
-    private boolean verifySignature(ContentVerifierProvider verifierProvider, POPOSigningKey popoSign)
-        throws CRMFException
-    {
-        ContentVerifier verifier;
-
-        try
-        {
-            verifier = verifierProvider.get(popoSign.getAlgorithmIdentifier());
-        }
-        catch (OperatorCreationException e)
-        {
-            throw new CRMFException("unable to create verifier: " + e.getMessage(), e);
-        }
-
-        if (popoSign.getPoposkInput() != null)
-        {
-            CRMFUtil.derEncodeToStream(popoSign.getPoposkInput(), verifier.getOutputStream());
-        }
-        else
-        {
-            CRMFUtil.derEncodeToStream(certReqMsg.getCertReq(), verifier.getOutputStream());
-        }
-
-        return verifier.verify(popoSign.getSignature().getOctets());
-    }
-
-    /**
-     * Return the ASN.1 encoding of the certReqMsg we wrap.
-     *
-     * @return a byte array containing the binary encoding of the certReqMsg.
-     * @throws IOException if there is an exception creating the encoding.
-     */
-    public byte[] getEncoded()
-        throws IOException
-    {
-        return certReqMsg.getEncoded();
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/CertificateRequestMessageBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/CertificateRequestMessageBuilder.java
deleted file mode 100644
index 3294285..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/CertificateRequestMessageBuilder.java
+++ /dev/null

@@ -1,319 +0,0 @@
-package org.bouncycastle.cert.crmf;
-
-import java.math.BigInteger;
-import java.util.ArrayList;
-import java.util.Date;
-import java.util.Iterator;
-import java.util.List;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Null;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.crmf.AttributeTypeAndValue;
-import org.bouncycastle.asn1.crmf.CertReqMsg;
-import org.bouncycastle.asn1.crmf.CertRequest;
-import org.bouncycastle.asn1.crmf.CertTemplate;
-import org.bouncycastle.asn1.crmf.CertTemplateBuilder;
-import org.bouncycastle.asn1.crmf.OptionalValidity;
-import org.bouncycastle.asn1.crmf.PKMACValue;
-import org.bouncycastle.asn1.crmf.POPOPrivKey;
-import org.bouncycastle.asn1.crmf.ProofOfPossession;
-import org.bouncycastle.asn1.crmf.SubsequentMessage;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.ExtensionsGenerator;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x509.Time;
-import org.bouncycastle.cert.CertIOException;
-import org.bouncycastle.operator.ContentSigner;
-
-public class CertificateRequestMessageBuilder
-{
-    private final BigInteger certReqId;
-
-    private ExtensionsGenerator extGenerator;
-    private CertTemplateBuilder templateBuilder;
-    private List controls;
-    private ContentSigner popSigner;
-    private PKMACBuilder pkmacBuilder;
-    private char[] password;
-    private GeneralName sender;
-    private int popoType = ProofOfPossession.TYPE_KEY_ENCIPHERMENT;
-    private POPOPrivKey popoPrivKey;
-    private ASN1Null popRaVerified;
-    private PKMACValue agreeMAC;
-
-    public CertificateRequestMessageBuilder(BigInteger certReqId)
-    {
-        this.certReqId = certReqId;
-
-        this.extGenerator = new ExtensionsGenerator();
-        this.templateBuilder = new CertTemplateBuilder();
-        this.controls = new ArrayList();
-    }
-
-    public CertificateRequestMessageBuilder setPublicKey(SubjectPublicKeyInfo publicKey)
-    {
-        if (publicKey != null)
-        {
-            templateBuilder.setPublicKey(publicKey);
-        }
-
-        return this;
-    }
-
-    public CertificateRequestMessageBuilder setIssuer(X500Name issuer)
-    {
-        if (issuer != null)
-        {
-            templateBuilder.setIssuer(issuer);
-        }
-
-        return this;
-    }
-
-    public CertificateRequestMessageBuilder setSubject(X500Name subject)
-    {
-        if (subject != null)
-        {
-            templateBuilder.setSubject(subject);
-        }
-
-        return this;
-    }
-
-    public CertificateRequestMessageBuilder setSerialNumber(BigInteger serialNumber)
-    {
-        if (serialNumber != null)
-        {
-            templateBuilder.setSerialNumber(new ASN1Integer(serialNumber));
-        }
-
-        return this;
-    }
-
-    /**
-     * Request a validity period for the certificate. Either, but not both, of the date parameters may be null.
-     *
-     * @param notBeforeDate not before date for certificate requested.
-     * @param notAfterDate not after date for the certificate requested.
-     *
-     * @return the current builder.
-     */
-    public CertificateRequestMessageBuilder setValidity(Date notBeforeDate, Date notAfterDate)
-    {
-        templateBuilder.setValidity(new OptionalValidity(createTime(notBeforeDate), createTime(notAfterDate)));
-
-        return this;
-    }
-
-    private Time createTime(Date date)
-    {
-        if (date != null)
-        {
-            return new Time(date);
-        }
-
-        return null;
-    }
-
-    public CertificateRequestMessageBuilder addExtension(
-        ASN1ObjectIdentifier oid,
-        boolean              critical,
-        ASN1Encodable        value)
-        throws CertIOException
-    {
-        CRMFUtil.addExtension(extGenerator, oid, critical, value);
-
-        return this;
-    }
-
-    public CertificateRequestMessageBuilder addExtension(
-        ASN1ObjectIdentifier oid,
-        boolean              critical,
-        byte[]               value)
-    {
-        extGenerator.addExtension(oid, critical, value);
-
-        return this;
-    }
-
-    public CertificateRequestMessageBuilder addControl(Control control)
-    {
-        controls.add(control);
-
-        return this;
-    }
-
-    public CertificateRequestMessageBuilder setProofOfPossessionSigningKeySigner(ContentSigner popSigner)
-    {
-        if (popoPrivKey != null || popRaVerified != null || agreeMAC != null)
-        {
-            throw new IllegalStateException("only one proof of possession allowed");
-        }
-
-        this.popSigner = popSigner;
-
-        return this;
-    }
-
-    public CertificateRequestMessageBuilder setProofOfPossessionSubsequentMessage(SubsequentMessage msg)
-    {
-        if (popSigner != null || popRaVerified != null || agreeMAC != null)
-        {
-            throw new IllegalStateException("only one proof of possession allowed");
-        }
-
-        this.popoType = ProofOfPossession.TYPE_KEY_ENCIPHERMENT;
-        this.popoPrivKey = new POPOPrivKey(msg);
-
-        return this;
-    }
-
-    public CertificateRequestMessageBuilder setProofOfPossessionSubsequentMessage(int type, SubsequentMessage msg)
-    {
-        if (popSigner != null || popRaVerified != null || agreeMAC != null)
-        {
-            throw new IllegalStateException("only one proof of possession allowed");
-        }
-        if (type != ProofOfPossession.TYPE_KEY_ENCIPHERMENT && type != ProofOfPossession.TYPE_KEY_AGREEMENT)
-        {
-            throw new IllegalArgumentException("type must be ProofOfPossession.TYPE_KEY_ENCIPHERMENT || ProofOfPossession.TYPE_KEY_AGREEMENT");
-        }
-
-        this.popoType = type;
-        this.popoPrivKey = new POPOPrivKey(msg);
-
-        return this;
-    }
-
-    public CertificateRequestMessageBuilder setProofOfPossessionAgreeMAC(PKMACValue macValue)
-    {
-        if (popSigner != null || popRaVerified != null || popoPrivKey != null)
-        {
-            throw new IllegalStateException("only one proof of possession allowed");
-        }
-
-        this.agreeMAC = macValue;
-
-        return this;
-    }
-
-    public CertificateRequestMessageBuilder setProofOfPossessionRaVerified()
-    {
-        if (popSigner != null || popoPrivKey != null)
-        {
-            throw new IllegalStateException("only one proof of possession allowed");
-        }
-
-        this.popRaVerified = DERNull.INSTANCE;
-
-        return this;
-    }
-
-    public CertificateRequestMessageBuilder setAuthInfoPKMAC(PKMACBuilder pkmacBuilder, char[] password)
-    {
-        this.pkmacBuilder = pkmacBuilder;
-        this.password = password;
-
-        return this;
-    }
-
-    public CertificateRequestMessageBuilder setAuthInfoSender(X500Name sender)
-    {
-        return setAuthInfoSender(new GeneralName(sender));
-    }
-
-    public CertificateRequestMessageBuilder setAuthInfoSender(GeneralName sender)
-    {
-        this.sender = sender;
-
-        return this;
-    }
-
-    public CertificateRequestMessage build()
-        throws CRMFException
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(new ASN1Integer(certReqId));
-
-        if (!extGenerator.isEmpty())
-        {
-            templateBuilder.setExtensions(extGenerator.generate());
-        }
-
-        v.add(templateBuilder.build());
-
-        if (!controls.isEmpty())
-        {
-            ASN1EncodableVector controlV = new ASN1EncodableVector();
-
-            for (Iterator it = controls.iterator(); it.hasNext();)
-            {
-                Control control = (Control)it.next();
-
-                controlV.add(new AttributeTypeAndValue(control.getType(), control.getValue()));
-            }
-
-            v.add(new DERSequence(controlV));
-        }
-
-        CertRequest request = CertRequest.getInstance(new DERSequence(v));
-
-        v = new ASN1EncodableVector();
-
-        v.add(request);
-
-        if (popSigner != null)
-        {
-            CertTemplate template = request.getCertTemplate();
-
-            if (template.getSubject() == null || template.getPublicKey() == null)
-            {
-                SubjectPublicKeyInfo pubKeyInfo = request.getCertTemplate().getPublicKey();
-                ProofOfPossessionSigningKeyBuilder builder = new ProofOfPossessionSigningKeyBuilder(pubKeyInfo);
-
-                if (sender != null)
-                {
-                    builder.setSender(sender);
-                }
-                else
-                {
-                    PKMACValueGenerator pkmacGenerator = new PKMACValueGenerator(pkmacBuilder);
-
-                    builder.setPublicKeyMac(pkmacGenerator, password);
-                }
-
-                v.add(new ProofOfPossession(builder.build(popSigner)));
-            }
-            else
-            {
-                ProofOfPossessionSigningKeyBuilder builder = new ProofOfPossessionSigningKeyBuilder(request);
-
-                v.add(new ProofOfPossession(builder.build(popSigner)));
-            }
-        }
-        else if (popoPrivKey != null)
-        {
-            v.add(new ProofOfPossession(popoType, popoPrivKey));
-        }
-        else if (agreeMAC != null)
-        {
-            v.add(new ProofOfPossession(ProofOfPossession.TYPE_KEY_AGREEMENT,
-                    POPOPrivKey.getInstance(new DERTaggedObject(false, POPOPrivKey.agreeMAC, agreeMAC))));
-
-        }
-        else if (popRaVerified != null)
-        {
-            v.add(new ProofOfPossession());
-        }
-
-        return new CertificateRequestMessage(CertReqMsg.getInstance(new DERSequence(v)));
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/Control.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/Control.java
deleted file mode 100644
index f86f8a0..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/Control.java
+++ /dev/null

@@ -1,24 +0,0 @@
-package org.bouncycastle.cert.crmf;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-
-/**
- * Generic interface for a CertificateRequestMessage control value.
- */
-public interface Control
-{
-    /**
-     * Return the type of this control.
-     *
-     * @return an ASN1ObjectIdentifier representing the type.
-     */
-    ASN1ObjectIdentifier getType();
-
-    /**
-     * Return the value contained in this control object.
-     *
-     * @return the value of the control.
-     */
-    ASN1Encodable getValue();
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/EncryptedValueBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/EncryptedValueBuilder.java
deleted file mode 100644
index c9aacc5..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/EncryptedValueBuilder.java
+++ /dev/null

@@ -1,174 +0,0 @@
-package org.bouncycastle.cert.crmf;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.crmf.EncryptedValue;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.operator.KeyWrapper;
-import org.bouncycastle.operator.OperatorException;
-import org.bouncycastle.operator.OutputEncryptor;
-import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;
-import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfoBuilder;
-import org.bouncycastle.util.Strings;
-
-/**
- * Builder for EncryptedValue structures.
- */
-public class EncryptedValueBuilder
-{
-    private KeyWrapper wrapper;
-    private OutputEncryptor encryptor;
-    private EncryptedValuePadder padder;
-
-    /**
-     * Create a builder that makes EncryptedValue structures.
-     *
-     * @param wrapper a wrapper for key used to encrypt the actual data contained in the EncryptedValue.
-     * @param encryptor  an output encryptor to encrypt the actual data contained in the EncryptedValue. 
-     */
-    public EncryptedValueBuilder(KeyWrapper wrapper, OutputEncryptor encryptor)
-    {
-        this(wrapper, encryptor, null);
-    }
-
-    /**
-     * Create a builder that makes EncryptedValue structures with fixed length blocks padded using the passed in padder.
-     *
-     * @param wrapper a wrapper for key used to encrypt the actual data contained in the EncryptedValue.
-     * @param encryptor  an output encryptor to encrypt the actual data contained in the EncryptedValue.
-     * @param padder a padder to ensure that the EncryptedValue created will always be a constant length.
-     */
-    public EncryptedValueBuilder(KeyWrapper wrapper, OutputEncryptor encryptor, EncryptedValuePadder padder)
-    {
-        this.wrapper = wrapper;
-        this.encryptor = encryptor;
-        this.padder = padder;
-    }
-
-    /**
-     * Build an EncryptedValue structure containing the passed in pass phrase.
-     *
-     * @param revocationPassphrase  a revocation pass phrase.
-     * @return an EncryptedValue containing the encrypted pass phrase.
-     * @throws CRMFException on a failure to encrypt the data, or wrap the symmetric key for this value.
-     */
-    public EncryptedValue build(char[] revocationPassphrase)
-        throws CRMFException
-    {
-        return encryptData(padData(Strings.toUTF8ByteArray(revocationPassphrase)));
-    }
-
-    /**
-     * Build an EncryptedValue structure containing the certificate contained in
-     * the passed in holder.
-     *
-     * @param holder  a holder containing a certificate.
-     * @return an EncryptedValue containing the encrypted certificate.
-     * @throws CRMFException on a failure to encrypt the data, or wrap the symmetric key for this value.
-     */
-    public EncryptedValue build(X509CertificateHolder holder)
-        throws CRMFException
-    {
-        try
-        {
-            return encryptData(padData(holder.getEncoded()));
-        }
-        catch (IOException e)
-        {
-            throw new CRMFException("cannot encode certificate: " + e.getMessage(), e);
-        }
-    }
-
-    /**
-     * Build an EncryptedValue structure containing the private key contained in
-     * the passed info structure.
-     *
-     * @param privateKeyInfo  a PKCS#8 private key info structure.
-     * @return an EncryptedValue containing an EncryptedPrivateKeyInfo structure.
-     * @throws CRMFException on a failure to encrypt the data, or wrap the symmetric key for this value.
-     */
-    public EncryptedValue build(PrivateKeyInfo privateKeyInfo)
-        throws CRMFException
-    {
-        PKCS8EncryptedPrivateKeyInfoBuilder encInfoBldr = new PKCS8EncryptedPrivateKeyInfoBuilder(privateKeyInfo);
-
-        AlgorithmIdentifier intendedAlg = privateKeyInfo.getPrivateKeyAlgorithm();
-        AlgorithmIdentifier symmAlg = encryptor.getAlgorithmIdentifier();
-        DERBitString encSymmKey;
-
-        try
-        {
-            PKCS8EncryptedPrivateKeyInfo encInfo = encInfoBldr.build(encryptor);
-            
-            encSymmKey = new DERBitString(wrapper.generateWrappedKey(encryptor.getKey()));
-
-            AlgorithmIdentifier keyAlg = wrapper.getAlgorithmIdentifier();
-            ASN1OctetString valueHint = null;
-
-            return new EncryptedValue(intendedAlg, symmAlg, encSymmKey, keyAlg, valueHint, new DERBitString(encInfo.getEncryptedData()));
-        }
-        catch (IllegalStateException e)
-        {
-            throw new CRMFException("cannot encode key: " + e.getMessage(), e);
-        }
-        catch (OperatorException e)
-        {
-            throw new CRMFException("cannot wrap key: " + e.getMessage(), e);
-        }
-    }
-
-    private EncryptedValue encryptData(byte[] data)
-       throws CRMFException
-    {
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        OutputStream eOut = encryptor.getOutputStream(bOut);
-
-        try
-        {
-            eOut.write(data);
-
-            eOut.close();
-        }
-        catch (IOException e)
-        {
-            throw new CRMFException("cannot process data: " + e.getMessage(), e);
-        }
-
-        AlgorithmIdentifier intendedAlg = null;
-        AlgorithmIdentifier symmAlg = encryptor.getAlgorithmIdentifier();
-        DERBitString encSymmKey;
-
-        try
-        {
-            wrapper.generateWrappedKey(encryptor.getKey());
-            encSymmKey = new DERBitString(wrapper.generateWrappedKey(encryptor.getKey()));
-        }
-        catch (OperatorException e)
-        {
-            throw new CRMFException("cannot wrap key: " + e.getMessage(), e);
-        }
-
-        AlgorithmIdentifier keyAlg = wrapper.getAlgorithmIdentifier();
-        ASN1OctetString valueHint = null;
-        DERBitString encValue = new DERBitString(bOut.toByteArray());
-
-        return new EncryptedValue(intendedAlg, symmAlg, encSymmKey, keyAlg, valueHint, encValue);
-    }
-
-    private byte[] padData(byte[] data)
-    {
-        if (padder != null)
-        {
-            return padder.getPaddedData(data);
-        }
-
-        return data;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/EncryptedValuePadder.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/EncryptedValuePadder.java
deleted file mode 100644
index 41ca866..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/EncryptedValuePadder.java
+++ /dev/null

@@ -1,24 +0,0 @@
-package org.bouncycastle.cert.crmf;
-
-/**
- * An encrypted value padder is used to make sure that prior to a value been
- * encrypted the data is padded to a standard length.
- */
-public interface EncryptedValuePadder
-{
-    /**
-     * Return a byte array of padded data.
-     *
-     * @param data the data to be padded.
-     * @return a padded byte array containing data.
-     */
-    byte[] getPaddedData(byte[] data);
-
-    /**
-     * Return a byte array of with padding removed.
-     *
-     * @param paddedData the data to be padded.
-     * @return an array containing the original unpadded data.
-     */
-    byte[] getUnpaddedData(byte[] paddedData);
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/EncryptedValueParser.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/EncryptedValueParser.java
deleted file mode 100644
index 3390064..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/EncryptedValueParser.java
+++ /dev/null

@@ -1,119 +0,0 @@
-package org.bouncycastle.cert.crmf;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.bouncycastle.asn1.crmf.EncryptedValue;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.Certificate;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.operator.InputDecryptor;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.io.Streams;
-
-/**
- * Parser for EncryptedValue structures.
- */
-public class EncryptedValueParser
-{
-    private EncryptedValue value;
-    private EncryptedValuePadder padder;
-
-    /**
-     * Basic constructor - create a parser to read the passed in value.
-     *
-     * @param value the value to be parsed.
-     */
-    public EncryptedValueParser(EncryptedValue value)
-    {
-        this.value = value;
-    }
-
-    /**
-     * Create a parser to read the passed in value, assuming the padder was
-     * applied to the data prior to encryption.
-     *
-     * @param value  the value to be parsed.
-     * @param padder the padder to be used to remove padding from the decrypted value..
-     */
-    public EncryptedValueParser(EncryptedValue value, EncryptedValuePadder padder)
-    {
-        this.value = value;
-        this.padder = padder;
-    }
-
-    public AlgorithmIdentifier getIntendedAlg()
-    {
-        return value.getIntendedAlg();
-    }
-
-    private byte[] decryptValue(ValueDecryptorGenerator decGen)
-        throws CRMFException
-    {
-        if (value.getValueHint() != null)
-        {
-            throw new UnsupportedOperationException();
-        }
-
-        InputDecryptor decryptor = decGen.getValueDecryptor(value.getKeyAlg(),
-            value.getSymmAlg(), value.getEncSymmKey().getBytes());
-        InputStream dataIn = decryptor.getInputStream(new ByteArrayInputStream(
-            value.getEncValue().getBytes()));
-        try
-        {
-            byte[] data = Streams.readAll(dataIn);
-
-            if (padder != null)
-            {
-                return padder.getUnpaddedData(data);
-            }
-            
-            return data;
-        }
-        catch (IOException e)
-        {
-            throw new CRMFException("Cannot parse decrypted data: " + e.getMessage(), e);
-        }
-    }
-
-    /**
-     * Read a X.509 certificate.
-     *
-     * @param decGen the decryptor generator to decrypt the encrypted value.
-     * @return an X509CertificateHolder containing the certificate read.
-     * @throws CRMFException if the decrypted data cannot be parsed, or a decryptor cannot be generated.
-     */
-    public X509CertificateHolder readCertificateHolder(ValueDecryptorGenerator decGen)
-        throws CRMFException
-    {
-        return new X509CertificateHolder(Certificate.getInstance(decryptValue(decGen)));
-    }
-
-    /**
-     * Read a PKCS#8 PrivateKeyInfo.
-     *
-     * @param decGen the decryptor generator to decrypt the encrypted value.
-     * @return an PrivateKeyInfo containing the private key that was read.
-     * @throws CRMFException if the decrypted data cannot be parsed, or a decryptor cannot be generated.
-     */
-    public PrivateKeyInfo readPrivateKeyInfo(ValueDecryptorGenerator decGen)
-        throws CRMFException
-    {
-        return PrivateKeyInfo.getInstance(decryptValue(decGen));
-    }
-
-    /**
-     * Read a pass phrase.
-     *
-     * @param decGen the decryptor generator to decrypt the encrypted value.
-     * @return a pass phrase as recovered from the encrypted value.
-     * @throws CRMFException if the decrypted data cannot be parsed, or a decryptor cannot be generated.
-     */
-    public char[] readPassphrase(ValueDecryptorGenerator decGen)
-        throws CRMFException
-    {
-        return Strings.fromUTF8ByteArray(decryptValue(decGen)).toCharArray();
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/PKIArchiveControl.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/PKIArchiveControl.java
deleted file mode 100644
index 7bc9957..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/PKIArchiveControl.java
+++ /dev/null

@@ -1,104 +0,0 @@
-package org.bouncycastle.cert.crmf;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.cms.EnvelopedData;
-import org.bouncycastle.asn1.crmf.CRMFObjectIdentifiers;
-import org.bouncycastle.asn1.crmf.EncryptedKey;
-import org.bouncycastle.asn1.crmf.PKIArchiveOptions;
-import org.bouncycastle.cms.CMSEnvelopedData;
-import org.bouncycastle.cms.CMSException;
-
-/**
- * Carrier for a PKIArchiveOptions structure.
- */
-public class PKIArchiveControl
-    implements Control
-{
-    public static final int encryptedPrivKey = PKIArchiveOptions.encryptedPrivKey;
-    public static final int keyGenParameters = PKIArchiveOptions.keyGenParameters;
-    public static final int archiveRemGenPrivKey = PKIArchiveOptions.archiveRemGenPrivKey;
-
-    private static final ASN1ObjectIdentifier type = CRMFObjectIdentifiers.id_regCtrl_pkiArchiveOptions;
-
-    private final PKIArchiveOptions pkiArchiveOptions;
-
-    /**
-     * Basic constructor - build from an PKIArchiveOptions structure.
-     *
-     * @param pkiArchiveOptions  the ASN.1 structure that will underlie this control.
-     */
-    public PKIArchiveControl(PKIArchiveOptions pkiArchiveOptions)
-    {
-        this.pkiArchiveOptions = pkiArchiveOptions;
-    }
-
-    /**
-     * Return the type of this control.
-     *
-     * @return CRMFObjectIdentifiers.id_regCtrl_pkiArchiveOptions
-     */
-    public ASN1ObjectIdentifier getType()
-    {
-        return type;
-    }
-
-    /**
-     * Return the underlying ASN.1 object.
-     *
-     * @return a PKIArchiveOptions structure.
-     */
-    public ASN1Encodable getValue()
-    {
-        return pkiArchiveOptions;
-    }
-
-    /**
-     * Return the archive control type, one of: encryptedPrivKey,keyGenParameters,or archiveRemGenPrivKey.
-     *
-     * @return the archive control type.
-     */
-    public int getArchiveType()
-    {
-        return pkiArchiveOptions.getType();
-    }
-
-    /**
-     * Return whether this control contains enveloped data.
-     *
-     * @return true if the control contains enveloped data, false otherwise.
-     */
-    public boolean isEnvelopedData()
-    {
-        EncryptedKey encKey = EncryptedKey.getInstance(pkiArchiveOptions.getValue());
-
-        return !encKey.isEncryptedValue();
-    }
-
-    /**
-     * Return the enveloped data structure contained in this control.
-     *
-     * @return a CMSEnvelopedData object.
-     */
-    public CMSEnvelopedData getEnvelopedData()
-        throws CRMFException
-    {
-        try
-        {
-            EncryptedKey encKey = EncryptedKey.getInstance(pkiArchiveOptions.getValue());
-            EnvelopedData data = EnvelopedData.getInstance(encKey.getValue());
-
-            return new CMSEnvelopedData(new ContentInfo(CMSObjectIdentifiers.envelopedData, data));
-        }
-        catch (CMSException e)
-        {
-            throw new CRMFException("CMS parsing error: " + e.getMessage(), e.getCause());
-        }
-        catch (Exception e)
-        {
-            throw new CRMFException("CRMF parsing error: " + e.getMessage(), e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/PKIArchiveControlBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/PKIArchiveControlBuilder.java
deleted file mode 100644
index 9edf75c..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/PKIArchiveControlBuilder.java
+++ /dev/null

@@ -1,78 +0,0 @@
-package org.bouncycastle.cert.crmf;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.cms.EnvelopedData;
-import org.bouncycastle.asn1.crmf.CRMFObjectIdentifiers;
-import org.bouncycastle.asn1.crmf.EncKeyWithID;
-import org.bouncycastle.asn1.crmf.EncryptedKey;
-import org.bouncycastle.asn1.crmf.PKIArchiveOptions;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.cms.CMSEnvelopedData;
-import org.bouncycastle.cms.CMSEnvelopedDataGenerator;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.CMSProcessableByteArray;
-import org.bouncycastle.cms.RecipientInfoGenerator;
-import org.bouncycastle.operator.OutputEncryptor;
-
-/**
- * Builder for a PKIArchiveControl structure.
- */
-public class PKIArchiveControlBuilder
-{
-    private CMSEnvelopedDataGenerator envGen;
-    private CMSProcessableByteArray keyContent;
-
-    /**
-     * Basic constructor - specify the contents of the PKIArchiveControl structure.
-     *
-     * @param privateKeyInfo the private key to be archived.
-     * @param generalName the general name to be associated with the private key.
-     */
-    public PKIArchiveControlBuilder(PrivateKeyInfo privateKeyInfo, GeneralName generalName)
-    {
-        EncKeyWithID encKeyWithID = new EncKeyWithID(privateKeyInfo, generalName);
-
-        try
-        {
-            this.keyContent = new CMSProcessableByteArray(CRMFObjectIdentifiers.id_ct_encKeyWithID, encKeyWithID.getEncoded());
-        }
-        catch (IOException e)
-        {
-            throw new IllegalStateException("unable to encode key and general name info");
-        }
-
-        this.envGen = new CMSEnvelopedDataGenerator();
-    }
-
-    /**
-     * Add a recipient generator to this control.
-     *
-     * @param recipientGen recipient generator created for a specific recipient.
-     * @return this builder object.
-     */
-    public PKIArchiveControlBuilder addRecipientGenerator(RecipientInfoGenerator recipientGen)
-    {
-        envGen.addRecipientInfoGenerator(recipientGen);
-
-        return this;
-    }
-
-    /**
-     * Build the PKIArchiveControl using the passed in encryptor to encrypt its contents.
-     *
-     * @param contentEncryptor a suitable content encryptor.
-     * @return a PKIArchiveControl object.
-     * @throws CMSException in the event the build fails.
-     */
-    public PKIArchiveControl build(OutputEncryptor contentEncryptor)
-        throws CMSException
-    {
-        CMSEnvelopedData envContent = envGen.generate(keyContent, contentEncryptor);
-
-        EnvelopedData envD = EnvelopedData.getInstance(envContent.toASN1Structure().getContent());
-
-        return new PKIArchiveControl(new PKIArchiveOptions(new EncryptedKey(envD)));
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/PKMACBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/PKMACBuilder.java
deleted file mode 100644
index abbdaed..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/PKMACBuilder.java
+++ /dev/null

@@ -1,199 +0,0 @@
-package org.bouncycastle.cert.crmf;
-
-import java.io.ByteArrayOutputStream;
-import java.io.OutputStream;
-import java.security.SecureRandom;
-
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.cmp.CMPObjectIdentifiers;
-import org.bouncycastle.asn1.cmp.PBMParameter;
-import org.bouncycastle.asn1.iana.IANAObjectIdentifiers;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.MacCalculator;
-import org.bouncycastle.operator.RuntimeOperatorException;
-import org.bouncycastle.util.Strings;
-
-public class PKMACBuilder
-{
-    private AlgorithmIdentifier owf;
-    private int iterationCount;
-    private AlgorithmIdentifier mac;
-    private int saltLength = 20;
-    private SecureRandom random;
-    private PKMACValuesCalculator calculator;
-    private PBMParameter parameters;
-    private int maxIterations;
-
-    public PKMACBuilder(PKMACValuesCalculator calculator)
-    {
-        this(new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1), 1000, new AlgorithmIdentifier(IANAObjectIdentifiers.hmacSHA1, DERNull.INSTANCE), calculator);
-    }
-
-    /**
-     * Create a PKMAC builder enforcing a ceiling on the maximum iteration count.
-     *
-     * @param calculator     supporting calculator
-     * @param maxIterations  max allowable value for iteration count.
-     */
-    public PKMACBuilder(PKMACValuesCalculator calculator, int maxIterations)
-    {
-        this.maxIterations = maxIterations;
-        this.calculator = calculator;
-    }
-
-    private PKMACBuilder(AlgorithmIdentifier hashAlgorithm, int iterationCount, AlgorithmIdentifier macAlgorithm, PKMACValuesCalculator calculator)
-    {
-        this.owf = hashAlgorithm;
-        this.iterationCount = iterationCount;
-        this.mac = macAlgorithm;
-        this.calculator = calculator;
-    }
-
-    /**
-     * Set the salt length in octets.
-     *
-     * @param saltLength length in octets of the salt to be generated.
-     * @return the generator
-     */
-    public PKMACBuilder setSaltLength(int saltLength)
-    {
-        if (saltLength < 8)
-        {
-            throw new IllegalArgumentException("salt length must be at least 8 bytes");
-        }
-
-        this.saltLength = saltLength;
-
-        return this;
-    }
-
-    public PKMACBuilder setIterationCount(int iterationCount)
-    {
-        if (iterationCount < 100)
-        {
-            throw new IllegalArgumentException("iteration count must be at least 100");
-        }
-        checkIterationCountCeiling(iterationCount);
-
-        this.iterationCount = iterationCount;
-
-        return this;
-    }
-
-    public PKMACBuilder setSecureRandom(SecureRandom random)
-    {
-        this.random = random;
-
-        return this;
-    }
-
-    public PKMACBuilder setParameters(PBMParameter parameters)
-    {
-        checkIterationCountCeiling(parameters.getIterationCount().getValue().intValue());
-
-        this.parameters = parameters;
-
-        return this;
-    }
-
-    public MacCalculator build(char[] password)
-        throws CRMFException
-    {
-        if (parameters != null)
-        {
-            return genCalculator(parameters, password);
-        }
-        else
-        {
-            byte[] salt = new byte[saltLength];
-
-            if (random == null)
-            {
-                this.random = new SecureRandom();
-            }
-
-            random.nextBytes(salt);
-
-            return genCalculator(new PBMParameter(salt, owf, iterationCount, mac), password);
-        }
-    }
-
-    private void checkIterationCountCeiling(int iterationCount)
-    {
-        if (maxIterations > 0 && iterationCount > maxIterations)
-        {
-            throw new IllegalArgumentException("iteration count exceeds limit (" + iterationCount + " > " + maxIterations + ")");
-        }
-    }
-
-    private MacCalculator genCalculator(final PBMParameter params, char[] password)
-        throws CRMFException
-    {
-        // From RFC 4211
-        //
-        //   1.  Generate a random salt value S
-        //
-        //   2.  Append the salt to the pw.  K = pw || salt.
-        //
-        //   3.  Hash the value of K.  K = HASH(K)
-        //
-        //   4.  Iter = Iter - 1.  If Iter is greater than zero.  Goto step 3.
-        //
-        //   5.  Compute an HMAC as documented in [HMAC].
-        //
-        //       MAC = HASH( K XOR opad, HASH( K XOR ipad, data) )
-        //
-        //       Where opad and ipad are defined in [HMAC].
-        byte[] pw = Strings.toUTF8ByteArray(password);
-        byte[] salt = params.getSalt().getOctets();
-        byte[] K = new byte[pw.length + salt.length];
-
-        System.arraycopy(pw, 0, K, 0, pw.length);
-        System.arraycopy(salt, 0, K, pw.length, salt.length);
-
-        calculator.setup(params.getOwf(), params.getMac());
-
-        int iter = params.getIterationCount().getValue().intValue();
-        do
-        {
-            K = calculator.calculateDigest(K);
-        }
-        while (--iter > 0);
-
-        final byte[] key = K;
-
-        return new MacCalculator()
-        {
-            ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-            public AlgorithmIdentifier getAlgorithmIdentifier()
-            {
-                return new AlgorithmIdentifier(CMPObjectIdentifiers.passwordBasedMac, params);
-            }
-
-            public GenericKey getKey()
-            {
-                return new GenericKey(getAlgorithmIdentifier(), key);
-            }
-
-            public OutputStream getOutputStream()
-            {
-                return bOut;
-            }
-
-            public byte[] getMac()
-            {
-                try
-                {
-                    return calculator.calculateMac(key, bOut.toByteArray());
-                }
-                catch (CRMFException e)
-                {
-                    throw new RuntimeOperatorException("exception calculating mac: " + e.getMessage(), e);
-                }
-            }
-        };
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/PKMACValueGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/PKMACValueGenerator.java
deleted file mode 100644
index 2457687..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/PKMACValueGenerator.java
+++ /dev/null

@@ -1,41 +0,0 @@
-package org.bouncycastle.cert.crmf;
-
-import java.io.IOException;
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.crmf.PKMACValue;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.operator.MacCalculator;
-
-class PKMACValueGenerator
-{
-    private PKMACBuilder builder;
-
-    public PKMACValueGenerator(PKMACBuilder builder)
-    {
-        this.builder = builder;
-    }
-
-    public PKMACValue generate(char[] password, SubjectPublicKeyInfo keyInfo)
-        throws CRMFException
-    {
-        MacCalculator calculator = builder.build(password);
-
-        OutputStream macOut = calculator.getOutputStream();
-
-        try
-        {
-            macOut.write(keyInfo.getEncoded(ASN1Encoding.DER));
-
-            macOut.close();
-        }
-        catch (IOException e)
-        {
-            throw new CRMFException("exception encoding mac input: " + e.getMessage(), e);
-        }
-
-        return new PKMACValue(calculator.getAlgorithmIdentifier(), new DERBitString(calculator.getMac()));
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/PKMACValueVerifier.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/PKMACValueVerifier.java
deleted file mode 100644
index 02073b3..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/PKMACValueVerifier.java
+++ /dev/null

@@ -1,43 +0,0 @@
-package org.bouncycastle.cert.crmf;
-
-import java.io.IOException;
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.cmp.PBMParameter;
-import org.bouncycastle.asn1.crmf.PKMACValue;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.operator.MacCalculator;
-import org.bouncycastle.util.Arrays;
-
-class PKMACValueVerifier
-{
-    private final PKMACBuilder builder;
-
-    public PKMACValueVerifier(PKMACBuilder builder)
-    {
-        this.builder = builder;
-    }
-
-    public boolean isValid(PKMACValue value, char[] password, SubjectPublicKeyInfo keyInfo)
-        throws CRMFException
-    {
-        builder.setParameters(PBMParameter.getInstance(value.getAlgId().getParameters()));
-        MacCalculator calculator = builder.build(password);
-
-        OutputStream macOut = calculator.getOutputStream();
-
-        try
-        {
-            macOut.write(keyInfo.getEncoded(ASN1Encoding.DER));
-
-            macOut.close();
-        }
-        catch (IOException e)
-        {
-            throw new CRMFException("exception encoding mac input: " + e.getMessage(), e);
-        }
-
-        return Arrays.constantTimeAreEqual(calculator.getMac(), value.getValue().getBytes());
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/PKMACValuesCalculator.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/PKMACValuesCalculator.java
deleted file mode 100644
index 2813b6c..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/PKMACValuesCalculator.java
+++ /dev/null

@@ -1,15 +0,0 @@
-package org.bouncycastle.cert.crmf;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-public interface PKMACValuesCalculator
-{
-    void setup(AlgorithmIdentifier digestAlg, AlgorithmIdentifier macAlg)
-        throws CRMFException;
-
-    byte[] calculateDigest(byte[] data)
-        throws CRMFException;
-
-    byte[] calculateMac(byte[] pwd, byte[] data)
-        throws CRMFException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/ProofOfPossessionSigningKeyBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/ProofOfPossessionSigningKeyBuilder.java
deleted file mode 100644
index 7297980..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/ProofOfPossessionSigningKeyBuilder.java
+++ /dev/null

@@ -1,75 +0,0 @@
-package org.bouncycastle.cert.crmf;
-
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.crmf.CertRequest;
-import org.bouncycastle.asn1.crmf.PKMACValue;
-import org.bouncycastle.asn1.crmf.POPOSigningKey;
-import org.bouncycastle.asn1.crmf.POPOSigningKeyInput;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.operator.ContentSigner;
-
-public class ProofOfPossessionSigningKeyBuilder
-{
-    private CertRequest certRequest;
-    private SubjectPublicKeyInfo pubKeyInfo;
-    private GeneralName name;
-    private PKMACValue publicKeyMAC;
-
-    public ProofOfPossessionSigningKeyBuilder(CertRequest certRequest)
-    {
-        this.certRequest = certRequest;
-    }
-
-
-    public ProofOfPossessionSigningKeyBuilder(SubjectPublicKeyInfo pubKeyInfo)
-    {
-        this.pubKeyInfo = pubKeyInfo;
-    }
-
-    public ProofOfPossessionSigningKeyBuilder setSender(GeneralName name)
-    {
-        this.name = name;
-
-        return this;
-    }
-
-    public ProofOfPossessionSigningKeyBuilder setPublicKeyMac(PKMACValueGenerator generator, char[] password)
-        throws CRMFException
-    {
-        this.publicKeyMAC = generator.generate(password, pubKeyInfo);
-
-        return this;
-    }
-
-    public POPOSigningKey build(ContentSigner signer)
-    {
-        if (name != null && publicKeyMAC != null)
-        {
-            throw new IllegalStateException("name and publicKeyMAC cannot both be set.");
-        }
-
-        POPOSigningKeyInput popo;
-
-        if (certRequest != null)
-        {
-            popo = null;
-
-            CRMFUtil.derEncodeToStream(certRequest, signer.getOutputStream());
-        }
-        else if (name != null)
-        {
-            popo = new POPOSigningKeyInput(name, pubKeyInfo);
-
-            CRMFUtil.derEncodeToStream(popo, signer.getOutputStream());
-        }
-        else
-        {
-            popo = new POPOSigningKeyInput(publicKeyMAC, pubKeyInfo);
-
-            CRMFUtil.derEncodeToStream(popo, signer.getOutputStream());
-        }
-
-        return new POPOSigningKey(popo, signer.getAlgorithmIdentifier(), new DERBitString(signer.getSignature()));
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/RegTokenControl.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/RegTokenControl.java
deleted file mode 100644
index 81af172..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/RegTokenControl.java
+++ /dev/null

@@ -1,57 +0,0 @@
-package org.bouncycastle.cert.crmf;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.asn1.crmf.CRMFObjectIdentifiers;
-
-/**
- * Carrier for a registration token control.
- */
-public class RegTokenControl
-    implements Control
-{
-    private static final ASN1ObjectIdentifier type = CRMFObjectIdentifiers.id_regCtrl_regToken;
-
-    private final DERUTF8String token;
-
-    /**
-     * Basic constructor - build from a UTF-8 string representing the token.
-     *
-     * @param token UTF-8 string representing the token.
-     */
-    public RegTokenControl(DERUTF8String token)
-    {
-        this.token = token;
-    }
-
-    /**
-     * Basic constructor - build from a string representing the token.
-     *
-     * @param token string representing the token.
-     */
-    public RegTokenControl(String token)
-    {
-        this.token = new DERUTF8String(token);
-    }
-
-    /**
-     * Return the type of this control.
-     *
-     * @return CRMFObjectIdentifiers.id_regCtrl_regToken
-     */
-    public ASN1ObjectIdentifier getType()
-    {
-        return type;
-    }
-
-    /**
-     * Return the token associated with this control (a UTF8String).
-     *
-     * @return a UTF8String.
-     */
-    public ASN1Encodable getValue()
-    {
-        return token;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/ValueDecryptorGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/ValueDecryptorGenerator.java
deleted file mode 100644
index 7125f56..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/ValueDecryptorGenerator.java
+++ /dev/null

@@ -1,10 +0,0 @@
-package org.bouncycastle.cert.crmf;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.operator.InputDecryptor;
-
-public interface ValueDecryptorGenerator
-{
-    InputDecryptor getValueDecryptor(AlgorithmIdentifier keyAlg, AlgorithmIdentifier symmAlg, byte[] encKey)
-        throws CRMFException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/bc/BcCRMFEncryptorBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/bc/BcCRMFEncryptorBuilder.java
deleted file mode 100644
index df40133..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/bc/BcCRMFEncryptorBuilder.java
+++ /dev/null

@@ -1,88 +0,0 @@
-package org.bouncycastle.cert.crmf.bc;
-
-import java.io.OutputStream;
-import java.security.SecureRandom;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cert.crmf.CRMFException;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.util.CipherFactory;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.OutputEncryptor;
-
-/**
- * Lightweight CRMFOutputEncryptor builder.
- */
-public class BcCRMFEncryptorBuilder
-{
-    private final ASN1ObjectIdentifier encryptionOID;
-    private final int                  keySize;
-
-    private CRMFHelper helper = new CRMFHelper();
-    private SecureRandom random;
-
-    public BcCRMFEncryptorBuilder(ASN1ObjectIdentifier encryptionOID)
-    {
-        this(encryptionOID, -1);
-    }
-
-    public BcCRMFEncryptorBuilder(ASN1ObjectIdentifier encryptionOID, int keySize)
-    {
-        this.encryptionOID = encryptionOID;
-        this.keySize = keySize;
-    }
-
-    public BcCRMFEncryptorBuilder setSecureRandom(SecureRandom random)
-    {
-        this.random = random;
-
-        return this;
-    }
-
-    public OutputEncryptor build()
-        throws CRMFException
-    {
-        return new CRMFOutputEncryptor(encryptionOID, keySize, random);
-    }
-
-    private class CRMFOutputEncryptor
-        implements OutputEncryptor
-    {
-        private KeyParameter encKey;
-        private AlgorithmIdentifier algorithmIdentifier;
-        private Object cipher;
-
-        CRMFOutputEncryptor(ASN1ObjectIdentifier encryptionOID, int keySize, SecureRandom random)
-            throws CRMFException
-        {
-            if (random == null)
-            {
-                random = CryptoServicesRegistrar.getSecureRandom();
-            }
-
-            CipherKeyGenerator keyGen = helper.createKeyGenerator(encryptionOID, random);
-
-            encKey = new KeyParameter(keyGen.generateKey());
-            algorithmIdentifier = helper.generateEncryptionAlgID(encryptionOID, encKey, random);
-            cipher = helper.createContentCipher(true, encKey, algorithmIdentifier);
-        }
-
-        public AlgorithmIdentifier getAlgorithmIdentifier()
-        {
-            return algorithmIdentifier;
-        }
-
-        public OutputStream getOutputStream(OutputStream dOut)
-        {
-            return CipherFactory.createOutputStream(dOut, cipher);
-        }
-
-        public GenericKey getKey()
-        {
-            return new GenericKey(algorithmIdentifier, encKey.getKey());
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/bc/BcEncryptedValueBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/bc/BcEncryptedValueBuilder.java
deleted file mode 100644
index a39215c..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/bc/BcEncryptedValueBuilder.java
+++ /dev/null

@@ -1,53 +0,0 @@
-package org.bouncycastle.cert.crmf.bc;
-
-import java.io.IOException;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.X509Certificate;
-
-import org.bouncycastle.asn1.crmf.EncryptedValue;
-import org.bouncycastle.cert.crmf.CRMFException;
-import org.bouncycastle.cert.crmf.EncryptedValueBuilder;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.util.PrivateKeyInfoFactory;
-import org.bouncycastle.operator.KeyWrapper;
-import org.bouncycastle.operator.OutputEncryptor;
-
-/**
- * Lightweight convenience class for EncryptedValueBuilder
- */
-public class BcEncryptedValueBuilder
-    extends EncryptedValueBuilder
-{
-    public BcEncryptedValueBuilder(KeyWrapper wrapper, OutputEncryptor encryptor)
-    {
-        super(wrapper, encryptor);
-    }
-
-    /**
-     * Build an EncryptedValue structure containing the passed in certificate.
-     *
-     * @param certificate the certificate to be encrypted.
-     * @return an EncryptedValue containing the encrypted certificate.
-     * @throws CRMFException on a failure to encrypt the data, or wrap the symmetric key for this value.
-     */
-    public EncryptedValue build(X509Certificate certificate)
-        throws CertificateEncodingException, CRMFException
-    {
-        return build(new JcaX509CertificateHolder(certificate));
-    }
-
-    /**
-     * Build an EncryptedValue structure containing the private key details contained in
-     * the passed PrivateKey.
-     *
-     * @param privateKey a private key parameter.
-     * @return an EncryptedValue containing an EncryptedPrivateKeyInfo structure.
-     * @throws CRMFException on a failure to encrypt the data, or wrap the symmetric key for this value.
-     */
-    public EncryptedValue build(AsymmetricKeyParameter privateKey)
-        throws CRMFException, IOException
-    {
-        return build(PrivateKeyInfoFactory.createPrivateKeyInfo(privateKey));
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/bc/BcFixedLengthMGF1Padder.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/bc/BcFixedLengthMGF1Padder.java
deleted file mode 100644
index 9fa53d6..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/bc/BcFixedLengthMGF1Padder.java
+++ /dev/null

@@ -1,121 +0,0 @@
-package org.bouncycastle.cert.crmf.bc;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.cert.crmf.EncryptedValuePadder;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.generators.MGF1BytesGenerator;
-import org.bouncycastle.crypto.params.MGFParameters;
-
-/**
- * An encrypted value padder that uses MGF1 as the basis of the padding.
- */
-public class BcFixedLengthMGF1Padder
-    implements EncryptedValuePadder
-{
-    private int length;
-    private SecureRandom random;
-    private Digest dig = new SHA1Digest();
-
-    /**
-     * Create a padder to so that padded output will always be at least
-     * length bytes long.
-     *
-     * @param length fixed length for padded output.
-     */
-    public BcFixedLengthMGF1Padder(int length)
-    {
-        this(length, null);
-    }
-
-    /**
-     * Create a padder to so that padded output will always be at least
-     * length bytes long, using the passed in source of randomness to
-     * provide the random material for the padder.
-     *
-     * @param length fixed length for padded output.
-     * @param random a source of randomness.
-     */
-    public BcFixedLengthMGF1Padder(int length, SecureRandom random)
-    {
-        this.length = length;
-        this.random = random;
-    }
-
-    public byte[] getPaddedData(byte[] data)
-    {
-        byte[] bytes = new byte[length];
-        byte[] seed = new byte[dig.getDigestSize()];
-        byte[] mask = new byte[length - dig.getDigestSize()];
-
-        if (random == null)
-        {
-            random = new SecureRandom();
-        }
-
-        random.nextBytes(seed);
-
-        MGF1BytesGenerator maskGen = new MGF1BytesGenerator(dig);
-
-        maskGen.init(new MGFParameters(seed));
-
-        maskGen.generateBytes(mask, 0, mask.length);
-
-        System.arraycopy(seed, 0, bytes, 0, seed.length);
-        System.arraycopy(data, 0, bytes, seed.length, data.length);
-
-        for (int i = seed.length + data.length + 1; i != bytes.length; i++)
-        {
-            bytes[i] = (byte)(1 + random.nextInt(255));
-        }
-
-        for (int i = 0; i != mask.length; i++)
-        {
-            bytes[i + seed.length] ^= mask[i];
-        }
-
-        return bytes;
-    }
-
-    public byte[] getUnpaddedData(byte[] paddedData)
-    {
-        byte[] seed = new byte[dig.getDigestSize()];
-        byte[] mask = new byte[length - dig.getDigestSize()];
-
-        System.arraycopy(paddedData, 0, seed, 0, seed.length);
-
-        MGF1BytesGenerator maskGen = new MGF1BytesGenerator(dig);
-
-        maskGen.init(new MGFParameters(seed));
-
-        maskGen.generateBytes(mask, 0, mask.length);
-
-        for (int i = 0; i != mask.length; i++)
-        {
-            paddedData[i + seed.length] ^= mask[i];
-        }
-
-        int end = 0;
-
-        for (int i = paddedData.length - 1; i != seed.length; i--)
-        {
-            if (paddedData[i] == 0)
-            {
-                end = i;
-                break;
-            }
-        }
-
-        if (end == 0)
-        {
-            throw new IllegalStateException("bad padding in encoding");
-        }
-
-        byte[] data = new byte[end - seed.length];
-
-        System.arraycopy(paddedData, seed.length, data, 0, data.length);
-
-        return data;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/bc/CRMFHelper.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/bc/CRMFHelper.java
deleted file mode 100644
index eb36b97..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/bc/CRMFHelper.java
+++ /dev/null

@@ -1,59 +0,0 @@
-package org.bouncycastle.cert.crmf.bc;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cert.crmf.CRMFException;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.util.AlgorithmIdentifierFactory;
-import org.bouncycastle.crypto.util.CipherFactory;
-import org.bouncycastle.crypto.util.CipherKeyGeneratorFactory;
-
-class CRMFHelper
-{
-    CRMFHelper()
-    {
-    }
-
-    CipherKeyGenerator createKeyGenerator(ASN1ObjectIdentifier algorithm, SecureRandom random)
-        throws CRMFException
-    {
-        try
-        {
-            return CipherKeyGeneratorFactory.createKeyGenerator(algorithm, random);
-        }
-        catch (IllegalArgumentException e)
-        {
-            throw new CRMFException(e.getMessage(), e);
-        }
-    }
-
-    static Object createContentCipher(boolean forEncryption, CipherParameters encKey, AlgorithmIdentifier encryptionAlgID)
-        throws CRMFException
-    {
-        try
-        {
-            return CipherFactory.createContentCipher(forEncryption, encKey, encryptionAlgID);
-        }
-        catch (IllegalArgumentException e)
-        {
-            throw new CRMFException(e.getMessage(), e);
-        }
-    }
-
-    AlgorithmIdentifier generateEncryptionAlgID(ASN1ObjectIdentifier encryptionOID, KeyParameter encKey, SecureRandom random)
-        throws CRMFException
-    {
-        try
-        {
-            return AlgorithmIdentifierFactory.generateEncryptionAlgID(encryptionOID, encKey.getKey().length * 8, random);
-        }
-        catch (IllegalArgumentException e)
-        {
-            throw new CRMFException(e.getMessage(), e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/jcajce/CRMFHelper.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/jcajce/CRMFHelper.java
deleted file mode 100644
index c482b86..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/jcajce/CRMFHelper.java
+++ /dev/null

@@ -1,450 +0,0 @@
-package org.bouncycastle.cert.crmf.jcajce;
-
-import java.io.IOException;
-import java.security.AlgorithmParameterGenerator;
-import java.security.AlgorithmParameters;
-import java.security.GeneralSecurityException;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.KeyFactory;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.spec.InvalidParameterSpecException;
-import java.security.spec.X509EncodedKeySpec;
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.crypto.Cipher;
-import javax.crypto.KeyGenerator;
-import javax.crypto.Mac;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.SecretKey;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.RC2ParameterSpec;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Null;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.iana.IANAObjectIdentifiers;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-import org.bouncycastle.cert.crmf.CRMFException;
-import org.bouncycastle.cms.CMSAlgorithm;
-import org.bouncycastle.jcajce.util.AlgorithmParametersUtils;
-import org.bouncycastle.jcajce.util.JcaJceHelper;
-
-class CRMFHelper
-{
-    protected static final Map BASE_CIPHER_NAMES = new HashMap();
-    protected static final Map CIPHER_ALG_NAMES = new HashMap();
-    protected static final Map DIGEST_ALG_NAMES = new HashMap();
-    protected static final Map KEY_ALG_NAMES = new HashMap();
-    protected static final Map MAC_ALG_NAMES = new HashMap();
-
-    static
-    {
-        BASE_CIPHER_NAMES.put(PKCSObjectIdentifiers.des_EDE3_CBC,  "DESEDE");
-        BASE_CIPHER_NAMES.put(NISTObjectIdentifiers.id_aes128_CBC,  "AES");
-        BASE_CIPHER_NAMES.put(NISTObjectIdentifiers.id_aes192_CBC,  "AES");
-        BASE_CIPHER_NAMES.put(NISTObjectIdentifiers.id_aes256_CBC,  "AES");
-        
-        CIPHER_ALG_NAMES.put(CMSAlgorithm.DES_EDE3_CBC,  "DESEDE/CBC/PKCS5Padding");
-        CIPHER_ALG_NAMES.put(CMSAlgorithm.AES128_CBC,  "AES/CBC/PKCS5Padding");
-        CIPHER_ALG_NAMES.put(CMSAlgorithm.AES192_CBC,  "AES/CBC/PKCS5Padding");
-        CIPHER_ALG_NAMES.put(CMSAlgorithm.AES256_CBC,  "AES/CBC/PKCS5Padding");
-        CIPHER_ALG_NAMES.put(new ASN1ObjectIdentifier(PKCSObjectIdentifiers.rsaEncryption.getId()), "RSA/ECB/PKCS1Padding");
-        
-        DIGEST_ALG_NAMES.put(OIWObjectIdentifiers.idSHA1, "SHA1");
-        DIGEST_ALG_NAMES.put(NISTObjectIdentifiers.id_sha224, "SHA224");
-        DIGEST_ALG_NAMES.put(NISTObjectIdentifiers.id_sha256, "SHA256");
-        DIGEST_ALG_NAMES.put(NISTObjectIdentifiers.id_sha384, "SHA384");
-        DIGEST_ALG_NAMES.put(NISTObjectIdentifiers.id_sha512, "SHA512");
-
-        MAC_ALG_NAMES.put(IANAObjectIdentifiers.hmacSHA1, "HMACSHA1");
-        MAC_ALG_NAMES.put(PKCSObjectIdentifiers.id_hmacWithSHA1, "HMACSHA1");
-        MAC_ALG_NAMES.put(PKCSObjectIdentifiers.id_hmacWithSHA224, "HMACSHA224");
-        MAC_ALG_NAMES.put(PKCSObjectIdentifiers.id_hmacWithSHA256, "HMACSHA256");
-        MAC_ALG_NAMES.put(PKCSObjectIdentifiers.id_hmacWithSHA384, "HMACSHA384");
-        MAC_ALG_NAMES.put(PKCSObjectIdentifiers.id_hmacWithSHA512, "HMACSHA512");
-
-        KEY_ALG_NAMES.put(PKCSObjectIdentifiers.rsaEncryption, "RSA");
-        KEY_ALG_NAMES.put(X9ObjectIdentifiers.id_dsa, "DSA");
-    }
-
-    private JcaJceHelper helper;
-
-    CRMFHelper(JcaJceHelper helper)
-    {
-        this.helper = helper;
-    }
-
-    PublicKey toPublicKey(SubjectPublicKeyInfo subjectPublicKeyInfo)
-        throws CRMFException
-    {
-        try
-        {
-            X509EncodedKeySpec xspec = new X509EncodedKeySpec(subjectPublicKeyInfo.getEncoded());
-            AlgorithmIdentifier keyAlg = subjectPublicKeyInfo.getAlgorithm();
-
-            return createKeyFactory(keyAlg.getAlgorithm()).generatePublic(xspec);
-        }
-        catch (Exception e)
-        {
-            throw new CRMFException("invalid key: " + e.getMessage(), e);
-        }
-    }
-
-    Cipher createCipher(ASN1ObjectIdentifier algorithm)
-        throws CRMFException
-    {
-        try
-        {
-            String cipherName = (String)CIPHER_ALG_NAMES.get(algorithm);
-
-            if (cipherName != null)
-            {
-                try
-                {
-                    // this is reversed as the Sun policy files now allow unlimited strength RSA
-                    return helper.createCipher(cipherName);
-                }
-                catch (NoSuchAlgorithmException e)
-                {
-                    // Ignore
-                }
-            }
-            return helper.createCipher(algorithm.getId());
-        }
-        catch (GeneralSecurityException e)
-        {
-            throw new CRMFException("cannot create cipher: " + e.getMessage(), e);
-        }
-    }
-    
-    public KeyGenerator createKeyGenerator(ASN1ObjectIdentifier algorithm)
-        throws CRMFException
-    {
-        try
-        {
-            String cipherName = (String)BASE_CIPHER_NAMES.get(algorithm);
-
-            if (cipherName != null)
-            {
-                try
-                {
-                    // this is reversed as the Sun policy files now allow unlimited strength RSA
-                    return helper.createKeyGenerator(cipherName);
-                }
-                catch (NoSuchAlgorithmException e)
-                {
-                    // Ignore
-                }
-            }
-            return helper.createKeyGenerator(algorithm.getId());
-        }
-        catch (GeneralSecurityException e)
-        {
-            throw new CRMFException("cannot create key generator: " + e.getMessage(), e);
-        }
-    }
-
-
-
-    Cipher createContentCipher(final Key sKey, final AlgorithmIdentifier encryptionAlgID)
-        throws CRMFException
-    {
-        return (Cipher)execute(new JCECallback()
-        {
-            public Object doInJCE()
-                throws CRMFException, InvalidAlgorithmParameterException,
-                InvalidKeyException, InvalidParameterSpecException, NoSuchAlgorithmException,
-                NoSuchPaddingException, NoSuchProviderException
-            {
-                Cipher cipher = createCipher(encryptionAlgID.getAlgorithm());
-                ASN1Primitive sParams = (ASN1Primitive)encryptionAlgID.getParameters();
-                ASN1ObjectIdentifier encAlg = encryptionAlgID.getAlgorithm();
-
-                if (sParams != null && !(sParams instanceof ASN1Null))
-                {
-                    try
-                    {
-                        AlgorithmParameters params = createAlgorithmParameters(encryptionAlgID.getAlgorithm());
-
-                        try
-                        {
-                            AlgorithmParametersUtils.loadParameters(params, sParams);
-                        }
-                        catch (IOException e)
-                        {
-                            throw new CRMFException("error decoding algorithm parameters.", e);
-                        }
-
-                        cipher.init(Cipher.DECRYPT_MODE, sKey, params);
-                    }
-                    catch (NoSuchAlgorithmException e)
-                    {
-                        if (encAlg.equals(CMSAlgorithm.DES_EDE3_CBC)
-                            || encAlg.equals(CMSAlgorithm.IDEA_CBC)
-                            || encAlg.equals(CMSAlgorithm.AES128_CBC)
-                            || encAlg.equals(CMSAlgorithm.AES192_CBC)
-                            || encAlg.equals(CMSAlgorithm.AES256_CBC))
-                        {
-                            cipher.init(Cipher.DECRYPT_MODE, sKey, new IvParameterSpec(
-                                ASN1OctetString.getInstance(sParams).getOctets()));
-                        }
-                        else
-                        {
-                            throw e;
-                        }
-                    }
-                }
-                else
-                {
-                    if (encAlg.equals(CMSAlgorithm.DES_EDE3_CBC)
-                        || encAlg.equals(CMSAlgorithm.IDEA_CBC)
-                        || encAlg.equals(CMSAlgorithm.CAST5_CBC))
-                    {
-                        cipher.init(Cipher.DECRYPT_MODE, sKey, new IvParameterSpec(new byte[8]));
-                    }
-                    else
-                    {
-                        cipher.init(Cipher.DECRYPT_MODE, sKey);
-                    }
-                }
-
-                return cipher;
-            }
-        });
-    }
-    
-    AlgorithmParameters createAlgorithmParameters(ASN1ObjectIdentifier algorithm)
-        throws NoSuchAlgorithmException, NoSuchProviderException
-    {
-        String algorithmName = (String)BASE_CIPHER_NAMES.get(algorithm);
-
-        if (algorithmName != null)
-        {
-            try
-            {
-                // this is reversed as the Sun policy files now allow unlimited strength RSA
-                return helper.createAlgorithmParameters(algorithmName);
-            }
-            catch (NoSuchAlgorithmException e)
-            {
-                // Ignore
-            }
-        }
-        return helper.createAlgorithmParameters(algorithm.getId());
-    }
-    
-    KeyFactory createKeyFactory(ASN1ObjectIdentifier algorithm)
-        throws CRMFException
-    {
-        try
-        {
-            String algName = (String)KEY_ALG_NAMES.get(algorithm);
-
-            if (algName != null)
-            {
-                try
-                {
-                    // this is reversed as the Sun policy files now allow unlimited strength RSA
-                    return helper.createKeyFactory(algName);
-                }
-                catch (NoSuchAlgorithmException e)
-                {
-                    // Ignore
-                }
-            }
-            return helper.createKeyFactory(algorithm.getId());
-        }
-        catch (GeneralSecurityException e)
-        {
-            throw new CRMFException("cannot create cipher: " + e.getMessage(), e);
-        }
-    }
-
-    MessageDigest createDigest(ASN1ObjectIdentifier algorithm)
-        throws CRMFException
-    {
-        try
-        {
-            String digestName = (String)DIGEST_ALG_NAMES.get(algorithm);
-
-            if (digestName != null)
-            {
-                try
-                {
-                    // this is reversed as the Sun policy files now allow unlimited strength RSA
-                    return helper.createDigest(digestName);
-                }
-                catch (NoSuchAlgorithmException e)
-                {
-                    // Ignore
-                }
-            }
-            return helper.createDigest(algorithm.getId());
-        }
-        catch (GeneralSecurityException e)
-        {
-            throw new CRMFException("cannot create cipher: " + e.getMessage(), e);
-        }
-    }
-
-    Mac createMac(ASN1ObjectIdentifier algorithm)
-        throws CRMFException
-    {
-        try
-        {
-            String macName = (String)MAC_ALG_NAMES.get(algorithm);
-
-            if (macName != null)
-            {
-                try
-                {
-                    // this is reversed as the Sun policy files now allow unlimited strength RSA
-                    return helper.createMac(macName);
-                }
-                catch (NoSuchAlgorithmException e)
-                {
-                    // Ignore
-                }
-            }
-            return helper.createMac(algorithm.getId());
-        }
-        catch (GeneralSecurityException e)
-        {
-            throw new CRMFException("cannot create mac: " + e.getMessage(), e);
-        }
-    }
-
-    AlgorithmParameterGenerator createAlgorithmParameterGenerator(ASN1ObjectIdentifier algorithm)
-        throws GeneralSecurityException
-    {
-        String algorithmName = (String)BASE_CIPHER_NAMES.get(algorithm);
-
-        if (algorithmName != null)
-        {
-            try
-            {
-                // this is reversed as the Sun policy files now allow unlimited strength RSA
-                return helper.createAlgorithmParameterGenerator(algorithmName);
-            }
-            catch (NoSuchAlgorithmException e)
-            {
-                // Ignore
-            }
-        }
-        return helper.createAlgorithmParameterGenerator(algorithm.getId());
-    }
-
-    AlgorithmParameters generateParameters(ASN1ObjectIdentifier encryptionOID, SecretKey encKey, SecureRandom rand)
-        throws CRMFException
-    {
-        try
-        {
-            AlgorithmParameterGenerator pGen = createAlgorithmParameterGenerator(encryptionOID);
-
-            if (encryptionOID.equals(CMSAlgorithm.RC2_CBC))
-            {
-                byte[]  iv = new byte[8];
-
-                rand.nextBytes(iv);
-
-                try
-                {
-                    pGen.init(new RC2ParameterSpec(encKey.getEncoded().length * 8, iv), rand);
-                }
-                catch (InvalidAlgorithmParameterException e)
-                {
-                    throw new CRMFException("parameters generation error: " + e, e);
-                }
-            }
-
-            return pGen.generateParameters();
-        }
-        catch (NoSuchAlgorithmException e)
-        {
-            return null;
-        }
-        catch (GeneralSecurityException e)
-        {
-            throw new CRMFException("exception creating algorithm parameter generator: " + e, e);
-        }
-    }
-
-    AlgorithmIdentifier getAlgorithmIdentifier(ASN1ObjectIdentifier encryptionOID, AlgorithmParameters params)
-        throws CRMFException
-    {
-        ASN1Encodable asn1Params;
-        if (params != null)
-        {
-            try
-            {
-                asn1Params = AlgorithmParametersUtils.extractParameters(params);
-            }
-            catch (IOException e)
-            {
-                throw new CRMFException("cannot encode parameters: " + e.getMessage(), e);
-            }
-        }
-        else
-        {
-            asn1Params = DERNull.INSTANCE;
-        }
-
-        return new AlgorithmIdentifier(
-            encryptionOID,
-            asn1Params);
-    }
-    
-    static Object execute(JCECallback callback) throws CRMFException
-    {
-        try
-        {
-            return callback.doInJCE();
-        }
-        catch (NoSuchAlgorithmException e)
-        {
-            throw new CRMFException("can't find algorithm.", e);
-        }
-        catch (InvalidKeyException e)
-        {
-            throw new CRMFException("key invalid in message.", e);
-        }
-        catch (NoSuchProviderException e)
-        {
-            throw new CRMFException("can't find provider.", e);
-        }
-        catch (NoSuchPaddingException e)
-        {
-            throw new CRMFException("required padding not supported.", e);
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            throw new CRMFException("algorithm parameters invalid.", e);
-        }
-        catch (InvalidParameterSpecException e)
-        {
-            throw new CRMFException("MAC algorithm parameter spec invalid.", e);
-        }
-    }
-    
-    static interface JCECallback
-    {
-        Object doInJCE()
-            throws CRMFException, InvalidAlgorithmParameterException, InvalidKeyException, InvalidParameterSpecException,
-            NoSuchAlgorithmException, NoSuchPaddingException, NoSuchProviderException;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/jcajce/JcaCertificateRequestMessage.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/jcajce/JcaCertificateRequestMessage.java
deleted file mode 100644
index 7f33d17..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/jcajce/JcaCertificateRequestMessage.java
+++ /dev/null

@@ -1,84 +0,0 @@
-package org.bouncycastle.cert.crmf.jcajce;
-
-import java.io.IOException;
-import java.security.Provider;
-import java.security.PublicKey;
-
-import javax.security.auth.x500.X500Principal;
-
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.crmf.CertReqMsg;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.cert.crmf.CRMFException;
-import org.bouncycastle.cert.crmf.CertificateRequestMessage;
-import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
-import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
-import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
-
-public class JcaCertificateRequestMessage
-    extends CertificateRequestMessage
-{
-    private CRMFHelper helper = new CRMFHelper(new DefaultJcaJceHelper());
-
-    public JcaCertificateRequestMessage(byte[] certReqMsg)
-    {
-        this(CertReqMsg.getInstance(certReqMsg));
-    }
-
-    public JcaCertificateRequestMessage(CertificateRequestMessage certReqMsg)
-    {
-        this(certReqMsg.toASN1Structure());
-    }
-
-    public JcaCertificateRequestMessage(CertReqMsg certReqMsg)
-    {
-        super(certReqMsg);
-    }
-
-    public JcaCertificateRequestMessage setProvider(String providerName)
-    {
-        this.helper = new CRMFHelper(new NamedJcaJceHelper(providerName));
-
-        return this;
-    }
-
-    public JcaCertificateRequestMessage setProvider(Provider provider)
-    {
-        this.helper = new CRMFHelper(new ProviderJcaJceHelper(provider));
-
-        return this;
-    }
-
-    public X500Principal getSubjectX500Principal()
-    {
-        X500Name subject = this.getCertTemplate().getSubject();
-
-        if (subject != null)
-        {
-            try
-            {
-                return new X500Principal(subject.getEncoded(ASN1Encoding.DER));
-            }
-            catch (IOException e)
-            {
-                throw new IllegalStateException("unable to construct DER encoding of name: " + e.getMessage());
-            }
-        }
-
-        return null;
-    }
-
-    public PublicKey getPublicKey()
-        throws CRMFException
-    {
-        SubjectPublicKeyInfo subjectPublicKeyInfo = getCertTemplate().getPublicKey();
-
-        if (subjectPublicKeyInfo != null)
-        {
-            return helper.toPublicKey(subjectPublicKeyInfo);
-        }
-
-        return null;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/jcajce/JcaCertificateRequestMessageBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/jcajce/JcaCertificateRequestMessageBuilder.java
deleted file mode 100644
index 63eea67..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/jcajce/JcaCertificateRequestMessageBuilder.java
+++ /dev/null

@@ -1,57 +0,0 @@
-package org.bouncycastle.cert.crmf.jcajce;
-
-import java.math.BigInteger;
-import java.security.PublicKey;
-
-import javax.security.auth.x500.X500Principal;
-
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.cert.crmf.CertificateRequestMessageBuilder;
-
-public class JcaCertificateRequestMessageBuilder
-    extends CertificateRequestMessageBuilder
-{
-    public JcaCertificateRequestMessageBuilder(BigInteger certReqId)
-    {
-        super(certReqId);
-    }
-
-    public JcaCertificateRequestMessageBuilder setIssuer(X500Principal issuer)
-    {
-        if (issuer != null)
-        {
-            setIssuer(X500Name.getInstance(issuer.getEncoded()));
-        }
-
-        return this;
-    }
-
-    public JcaCertificateRequestMessageBuilder setSubject(X500Principal subject)
-    {
-        if (subject != null)
-        {
-            setSubject(X500Name.getInstance(subject.getEncoded()));
-        }
-
-        return this;
-    }
-
-    public JcaCertificateRequestMessageBuilder setAuthInfoSender(X500Principal sender)
-    {
-        if (sender != null)
-        {
-            setAuthInfoSender(new GeneralName(X500Name.getInstance(sender.getEncoded())));
-        }
-
-        return this;
-    }
-
-    public JcaCertificateRequestMessageBuilder setPublicKey(PublicKey publicKey)
-    {
-        setPublicKey(SubjectPublicKeyInfo.getInstance(publicKey.getEncoded()));
-
-        return this;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/jcajce/JcaEncryptedValueBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/jcajce/JcaEncryptedValueBuilder.java
deleted file mode 100644
index 31f1b89..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/jcajce/JcaEncryptedValueBuilder.java
+++ /dev/null

@@ -1,52 +0,0 @@
-package org.bouncycastle.cert.crmf.jcajce;
-
-import java.security.PrivateKey;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.X509Certificate;
-
-import org.bouncycastle.asn1.crmf.EncryptedValue;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.cert.crmf.CRMFException;
-import org.bouncycastle.cert.crmf.EncryptedValueBuilder;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
-import org.bouncycastle.operator.KeyWrapper;
-import org.bouncycastle.operator.OutputEncryptor;
-
-/**
- * JCA convenience class for EncryptedValueBuilder
- */
-public class JcaEncryptedValueBuilder
-    extends EncryptedValueBuilder
-{
-    public JcaEncryptedValueBuilder(KeyWrapper wrapper, OutputEncryptor encryptor)
-    {
-        super(wrapper, encryptor);
-    }
-
-    /**
-     * Build an EncryptedValue structure containing the passed in certificate.
-     *
-     * @param certificate the certificate to be encrypted.
-     * @return an EncryptedValue containing the encrypted certificate.
-     * @throws CRMFException on a failure to encrypt the data, or wrap the symmetric key for this value.
-     */
-    public EncryptedValue build(X509Certificate certificate)
-        throws CertificateEncodingException, CRMFException
-    {
-        return build(new JcaX509CertificateHolder(certificate));
-    }
-
-    /**
-     * Build an EncryptedValue structure containing the private key details contained in
-     * the passed PrivateKey.
-     *
-     * @param privateKey the asymmetric private key.
-     * @return an EncryptedValue containing an EncryptedPrivateKeyInfo structure.
-     * @throws CRMFException on a failure to encrypt the data, or wrap the symmetric key for this value.
-     */
-    public EncryptedValue build(PrivateKey privateKey)
-        throws CertificateEncodingException, CRMFException
-    {
-        return build(PrivateKeyInfo.getInstance(privateKey.getEncoded()));
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/jcajce/JcaPKIArchiveControlBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/jcajce/JcaPKIArchiveControlBuilder.java
deleted file mode 100644
index ab89241..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/jcajce/JcaPKIArchiveControlBuilder.java
+++ /dev/null

@@ -1,29 +0,0 @@
-package org.bouncycastle.cert.crmf.jcajce;
-
-import java.security.PrivateKey;
-
-import javax.security.auth.x500.X500Principal;
-
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.cert.crmf.PKIArchiveControlBuilder;
-
-public class JcaPKIArchiveControlBuilder
-    extends PKIArchiveControlBuilder
-{
-    public JcaPKIArchiveControlBuilder(PrivateKey privateKey, X500Name name)
-    {
-        this(privateKey, new GeneralName(name));
-    }
-
-    public JcaPKIArchiveControlBuilder(PrivateKey privateKey, X500Principal name)
-    {
-        this(privateKey, X500Name.getInstance(name.getEncoded()));
-    }
-
-    public JcaPKIArchiveControlBuilder(PrivateKey privateKey, GeneralName generalName)
-    {
-        super(PrivateKeyInfo.getInstance(privateKey.getEncoded()), generalName);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/jcajce/JceAsymmetricValueDecryptorGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/jcajce/JceAsymmetricValueDecryptorGenerator.java
deleted file mode 100644
index b12ded5..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/jcajce/JceAsymmetricValueDecryptorGenerator.java
+++ /dev/null

@@ -1,96 +0,0 @@
-package org.bouncycastle.cert.crmf.jcajce;
-
-import java.io.InputStream;
-import java.security.Key;
-import java.security.PrivateKey;
-import java.security.Provider;
-
-import javax.crypto.Cipher;
-import javax.crypto.CipherInputStream;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cert.crmf.CRMFException;
-import org.bouncycastle.cert.crmf.ValueDecryptorGenerator;
-import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
-import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
-import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
-import org.bouncycastle.operator.InputDecryptor;
-import org.bouncycastle.operator.OperatorException;
-import org.bouncycastle.operator.jcajce.JceAsymmetricKeyUnwrapper;
-
-public class JceAsymmetricValueDecryptorGenerator
-    implements ValueDecryptorGenerator
-{
-    private PrivateKey recipientKey;
-    private CRMFHelper helper = new CRMFHelper(new DefaultJcaJceHelper());
-    private Provider provider = null;
-    private String providerName = null;
-
-    public JceAsymmetricValueDecryptorGenerator(PrivateKey recipientKey)
-    {
-        this.recipientKey = recipientKey;
-    }
-
-    public JceAsymmetricValueDecryptorGenerator setProvider(Provider provider)
-    {
-        this.helper = new CRMFHelper(new ProviderJcaJceHelper(provider));
-        this.provider = provider;
-        this.providerName = null;
-
-        return this;
-    }
-
-    public JceAsymmetricValueDecryptorGenerator setProvider(String providerName)
-    {
-        this.helper = new CRMFHelper(new NamedJcaJceHelper(providerName));
-        this.provider = null;
-        this.providerName = providerName;
-
-        return this;
-    }
-
-    private Key extractSecretKey(AlgorithmIdentifier keyEncryptionAlgorithm, AlgorithmIdentifier contentEncryptionAlgorithm, byte[] encryptedContentEncryptionKey)
-        throws CRMFException
-    {
-        try
-        {
-            JceAsymmetricKeyUnwrapper unwrapper = new JceAsymmetricKeyUnwrapper(keyEncryptionAlgorithm, recipientKey);
-            if (provider != null)
-            {
-                unwrapper.setProvider(provider);
-            }
-            if (providerName != null)
-            {
-                unwrapper.setProvider(providerName);
-            }
-
-            return new SecretKeySpec((byte[])unwrapper.generateUnwrappedKey(contentEncryptionAlgorithm, encryptedContentEncryptionKey).getRepresentation(), contentEncryptionAlgorithm.getAlgorithm().getId());
-        }
-        catch (OperatorException e)
-        {
-            throw new CRMFException("key invalid in message: " + e.getMessage(), e);
-        }
-    }
-
-    public InputDecryptor getValueDecryptor(AlgorithmIdentifier keyEncryptionAlgorithm, final AlgorithmIdentifier contentEncryptionAlgorithm, byte[] encryptedContentEncryptionKey)
-        throws CRMFException
-    {
-        Key secretKey = extractSecretKey(keyEncryptionAlgorithm, contentEncryptionAlgorithm, encryptedContentEncryptionKey);
-
-        final Cipher dataCipher = helper.createContentCipher(secretKey, contentEncryptionAlgorithm);
-
-        return new InputDecryptor()
-        {
-            public AlgorithmIdentifier getAlgorithmIdentifier()
-            {
-                return contentEncryptionAlgorithm;
-            }
-
-            public InputStream getInputStream(InputStream dataIn)
-            {
-                return new CipherInputStream(dataIn, dataCipher);
-            }
-        };
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/jcajce/JceCRMFEncryptorBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/jcajce/JceCRMFEncryptorBuilder.java
deleted file mode 100644
index 009ddfe..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/jcajce/JceCRMFEncryptorBuilder.java
+++ /dev/null

@@ -1,145 +0,0 @@
-package org.bouncycastle.cert.crmf.jcajce;
-
-import java.io.OutputStream;
-import java.security.AlgorithmParameters;
-import java.security.GeneralSecurityException;
-import java.security.Provider;
-import java.security.SecureRandom;
-
-import javax.crypto.Cipher;
-import javax.crypto.CipherOutputStream;
-import javax.crypto.KeyGenerator;
-import javax.crypto.SecretKey;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cert.crmf.CRMFException;
-import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
-import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
-import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
-import org.bouncycastle.operator.DefaultSecretKeySizeProvider;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.OutputEncryptor;
-import org.bouncycastle.operator.SecretKeySizeProvider;
-import org.bouncycastle.operator.jcajce.JceGenericKey;
-
-public class JceCRMFEncryptorBuilder
-{
-    private static final SecretKeySizeProvider KEY_SIZE_PROVIDER = DefaultSecretKeySizeProvider.INSTANCE;
-
-    private final ASN1ObjectIdentifier encryptionOID;
-    private final int                  keySize;
-
-    private CRMFHelper helper = new CRMFHelper(new DefaultJcaJceHelper());
-    private SecureRandom random;
-
-    public JceCRMFEncryptorBuilder(ASN1ObjectIdentifier encryptionOID)
-    {
-        this(encryptionOID, -1);
-    }
-
-    public JceCRMFEncryptorBuilder(ASN1ObjectIdentifier encryptionOID, int keySize)
-    {
-        this.encryptionOID = encryptionOID;
-        this.keySize = keySize;
-    }
-
-    public JceCRMFEncryptorBuilder setProvider(Provider provider)
-    {
-        this.helper = new CRMFHelper(new ProviderJcaJceHelper(provider));
-
-        return this;
-    }
-
-    public JceCRMFEncryptorBuilder setProvider(String providerName)
-    {
-        this.helper = new CRMFHelper(new NamedJcaJceHelper(providerName));
-
-        return this;
-    }
-
-    public JceCRMFEncryptorBuilder setSecureRandom(SecureRandom random)
-    {
-        this.random = random;
-
-        return this;
-    }
-
-    public OutputEncryptor build()
-        throws CRMFException
-    {
-        return new CRMFOutputEncryptor(encryptionOID, keySize, random);
-    }
-
-    private class CRMFOutputEncryptor
-        implements OutputEncryptor
-    {
-        private SecretKey encKey;
-        private AlgorithmIdentifier algorithmIdentifier;
-        private Cipher cipher;
-
-        CRMFOutputEncryptor(ASN1ObjectIdentifier encryptionOID, int keySize, SecureRandom random)
-            throws CRMFException
-        {
-            KeyGenerator keyGen = helper.createKeyGenerator(encryptionOID);
-
-            if (random == null)
-            {
-                random = new SecureRandom();
-            }
-
-            if (keySize < 0)
-            {
-                keySize = KEY_SIZE_PROVIDER.getKeySize(encryptionOID);
-            }
-
-            if (keySize < 0)
-            {
-                keyGen.init(random);
-            }
-            else
-            {
-                keyGen.init(keySize, random);
-            }
-
-            cipher = helper.createCipher(encryptionOID);
-            encKey = keyGen.generateKey();
-            AlgorithmParameters params = helper.generateParameters(encryptionOID, encKey, random);
-
-            try
-            {
-                cipher.init(Cipher.ENCRYPT_MODE, encKey, params, random);
-            }
-            catch (GeneralSecurityException e)
-            {
-                throw new CRMFException("unable to initialize cipher: " + e.getMessage(), e);
-            }
-
-            //
-            // If params are null we try and second guess on them as some providers don't provide
-            // algorithm parameter generation explicity but instead generate them under the hood.
-            //
-            if (params == null)
-            {
-                params = cipher.getParameters();
-            }
-
-            algorithmIdentifier = helper.getAlgorithmIdentifier(encryptionOID, params);
-        }
-
-        public AlgorithmIdentifier getAlgorithmIdentifier()
-        {
-            return algorithmIdentifier;
-        }
-
-        public OutputStream getOutputStream(OutputStream dOut)
-        {
-            return new CipherOutputStream(dOut, cipher);
-        }
-
-        public GenericKey getKey()
-        {
-            return new JceGenericKey(algorithmIdentifier, encKey);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/jcajce/JcePKMACValuesCalculator.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/jcajce/JcePKMACValuesCalculator.java
deleted file mode 100644
index 30423db..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/jcajce/JcePKMACValuesCalculator.java
+++ /dev/null

@@ -1,69 +0,0 @@
-package org.bouncycastle.cert.crmf.jcajce;
-
-import java.security.GeneralSecurityException;
-import java.security.MessageDigest;
-import java.security.Provider;
-
-import javax.crypto.Mac;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cert.crmf.CRMFException;
-import org.bouncycastle.cert.crmf.PKMACValuesCalculator;
-import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
-import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
-import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
-
-public class JcePKMACValuesCalculator
-    implements PKMACValuesCalculator
-{
-    private MessageDigest digest;
-    private Mac           mac;
-    private CRMFHelper    helper;
-
-    public JcePKMACValuesCalculator()
-    {
-        this.helper = new CRMFHelper(new DefaultJcaJceHelper());
-    }
-
-    public JcePKMACValuesCalculator setProvider(Provider provider)
-    {
-        this.helper = new CRMFHelper(new ProviderJcaJceHelper(provider));
-
-        return this;
-    }
-
-    public JcePKMACValuesCalculator setProvider(String providerName)
-    {
-        this.helper = new CRMFHelper(new NamedJcaJceHelper(providerName));
-
-        return this;
-    }
-
-    public void setup(AlgorithmIdentifier digAlg, AlgorithmIdentifier macAlg)
-        throws CRMFException
-    {
-        digest = helper.createDigest(digAlg.getAlgorithm());
-        mac = helper.createMac(macAlg.getAlgorithm());
-    }
-
-    public byte[] calculateDigest(byte[] data)
-    {
-        return digest.digest(data);
-    }
-
-    public byte[] calculateMac(byte[] pwd, byte[] data)
-        throws CRMFException
-    {
-        try
-        {
-            mac.init(new SecretKeySpec(pwd, mac.getAlgorithm()));
-
-            return mac.doFinal(data);
-        }
-        catch (GeneralSecurityException e)
-        {
-            throw new CRMFException("failure in setup: " + e.getMessage(), e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/jcajce/package.html b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/jcajce/package.html
deleted file mode 100644
index e9bc53f..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/jcajce/package.html
+++ /dev/null

@@ -1,7 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
-        "http://www.w3.org/TR/html4/loose.dtd">
-<html>
-<body bgcolor="#ffffff">
-JCA extensions to the CRMF online certificate request package.
-</body>
-</html>
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/package.html b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/package.html
deleted file mode 100644
index 521fc44..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/package.html
+++ /dev/null

@@ -1,7 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
-        "http://www.w3.org/TR/html4/loose.dtd">
-<html>
-<body bgcolor="#ffffff">
-Basic support package for handling and creating CRMF (RFC 4211) certificate request messages.
-</body>
-</html>
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/test/AllTests.java b/bcpkix/src/main/java/org/bouncycastle/cert/crmf/test/AllTests.java
deleted file mode 100644
index 8c4e2ec..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/crmf/test/AllTests.java
+++ /dev/null

@@ -1,600 +0,0 @@
-package org.bouncycastle.cert.crmf.test;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.security.GeneralSecurityException;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.Signature;
-import java.security.cert.X509Certificate;
-import java.security.interfaces.RSAPublicKey;
-import java.security.spec.MGF1ParameterSpec;
-import java.util.Date;
-
-import javax.crypto.spec.OAEPParameterSpec;
-import javax.crypto.spec.PSource;
-import javax.security.auth.x500.X500Principal;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.crmf.CRMFObjectIdentifiers;
-import org.bouncycastle.asn1.crmf.EncKeyWithID;
-import org.bouncycastle.asn1.crmf.EncryptedValue;
-import org.bouncycastle.asn1.crmf.POPOSigningKey;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.pkcs.RSAESOAEPparams;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.X509v1CertificateBuilder;
-import org.bouncycastle.cert.crmf.CRMFException;
-import org.bouncycastle.cert.crmf.EncryptedValueBuilder;
-import org.bouncycastle.cert.crmf.EncryptedValuePadder;
-import org.bouncycastle.cert.crmf.EncryptedValueParser;
-import org.bouncycastle.cert.crmf.PKIArchiveControl;
-import org.bouncycastle.cert.crmf.PKMACBuilder;
-import org.bouncycastle.cert.crmf.ValueDecryptorGenerator;
-import org.bouncycastle.cert.crmf.bc.BcCRMFEncryptorBuilder;
-import org.bouncycastle.cert.crmf.bc.BcEncryptedValueBuilder;
-import org.bouncycastle.cert.crmf.bc.BcFixedLengthMGF1Padder;
-import org.bouncycastle.cert.crmf.jcajce.JcaCertificateRequestMessage;
-import org.bouncycastle.cert.crmf.jcajce.JcaCertificateRequestMessageBuilder;
-import org.bouncycastle.cert.crmf.jcajce.JcaEncryptedValueBuilder;
-import org.bouncycastle.cert.crmf.jcajce.JcaPKIArchiveControlBuilder;
-import org.bouncycastle.cert.crmf.jcajce.JceAsymmetricValueDecryptorGenerator;
-import org.bouncycastle.cert.crmf.jcajce.JceCRMFEncryptorBuilder;
-import org.bouncycastle.cert.crmf.jcajce.JcePKMACValuesCalculator;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
-import org.bouncycastle.cert.jcajce.JcaX509v1CertificateBuilder;
-import org.bouncycastle.cms.CMSAlgorithm;
-import org.bouncycastle.cms.CMSEnvelopedDataGenerator;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.RecipientId;
-import org.bouncycastle.cms.RecipientInformation;
-import org.bouncycastle.cms.RecipientInformationStore;
-import org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder;
-import org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient;
-import org.bouncycastle.cms.jcajce.JceKeyTransRecipientId;
-import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;
-import org.bouncycastle.crypto.util.PrivateKeyFactory;
-import org.bouncycastle.crypto.util.PublicKeyFactory;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.OutputEncryptor;
-import org.bouncycastle.operator.bc.BcRSAAsymmetricKeyWrapper;
-import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
-import org.bouncycastle.operator.jcajce.JcaContentVerifierProviderBuilder;
-import org.bouncycastle.operator.jcajce.JceAsymmetricKeyWrapper;
-import org.bouncycastle.util.Arrays;
-
-public class AllTests
-    extends TestCase
-{
-    private static final byte[] TEST_DATA = "Hello world!".getBytes();
-    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
-    private static final String PASSPHRASE = "hello world";
-
-    /*
-     *
-     *  INFRASTRUCTURE
-     *
-     */
-
-    public AllTests(String name)
-    {
-        super(name);
-    }
-
-    public static void main(String args[])
-    {
-        junit.textui.TestRunner.run(AllTests.class);
-    }
-
-    public static Test suite()
-    {
-        return new TestSuite(AllTests.class);
-    }
-
-    public void setUp()
-    {
-        Security.addProvider(new BouncyCastleProvider());
-    }
-
-    public void tearDown()
-    {
-
-    }
-
-    public void testBasicMessage()
-        throws Exception
-    {
-        KeyPairGenerator kGen = KeyPairGenerator.getInstance("RSA", BC);
-
-        kGen.initialize(512);
-
-        KeyPair kp = kGen.generateKeyPair();
-
-        JcaCertificateRequestMessageBuilder certReqBuild = new JcaCertificateRequestMessageBuilder(BigInteger.ONE);
-
-        certReqBuild.setSubject(new X500Principal("CN=Test"))
-                    .setPublicKey(kp.getPublic())
-                    .setProofOfPossessionSigningKeySigner(new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(kp.getPrivate()));
-
-        JcaCertificateRequestMessage certReqMsg = new JcaCertificateRequestMessage(certReqBuild.build()).setProvider(BC);
-
-
-        POPOSigningKey popoSign = POPOSigningKey.getInstance(certReqMsg.toASN1Structure().getPopo().getObject());
-
-        Signature sig = Signature.getInstance("SHA1withRSA", "BC");
-
-        sig.initVerify(certReqMsg.getPublicKey());
-
-        // this is the original approach in RFC 2511 - there's a typo in RFC 4211, the standard contradicts itself
-        // between 4.1. 3 and then a couple of paragraphs later.
-        sig.update(certReqMsg.toASN1Structure().getCertReq().getEncoded(ASN1Encoding.DER));
-
-        TestCase.assertTrue(sig.verify(popoSign.getSignature().getOctets()));
-
-        TestCase.assertEquals(new X500Principal("CN=Test"), certReqMsg.getSubjectX500Principal());
-        TestCase.assertEquals(kp.getPublic(), certReqMsg.getPublicKey());
-    }
-
-    public void testBasicMessageWithArchiveControl()
-        throws Exception
-    {
-        KeyPairGenerator kGen = KeyPairGenerator.getInstance("RSA", BC);
-
-        kGen.initialize(512);
-
-        KeyPair kp = kGen.generateKeyPair();
-        X509Certificate cert = makeV1Certificate(kp, "CN=Test", kp, "CN=Test");
-
-        JcaCertificateRequestMessageBuilder certReqBuild = new JcaCertificateRequestMessageBuilder(BigInteger.ONE);
-
-        certReqBuild.setSubject(new X500Principal("CN=Test"))
-                    .setPublicKey(kp.getPublic());
-
-        certReqBuild.addControl(new JcaPKIArchiveControlBuilder(kp.getPrivate(), new X500Principal("CN=Test"))
-            .addRecipientGenerator(new JceKeyTransRecipientInfoGenerator(cert).setProvider(BC))
-            .build(new JceCMSContentEncryptorBuilder(new ASN1ObjectIdentifier(CMSEnvelopedDataGenerator.AES128_CBC)).setProvider(BC).build()));
-
-        JcaCertificateRequestMessage certReqMsg = new JcaCertificateRequestMessage(certReqBuild.build()).setProvider(BC);
-
-        TestCase.assertEquals(new X500Principal("CN=Test"), certReqMsg.getSubjectX500Principal());
-        TestCase.assertEquals(kp.getPublic(), certReqMsg.getPublicKey());
-
-        checkCertReqMsgWithArchiveControl(kp, cert, certReqMsg);
-        checkCertReqMsgWithArchiveControl(kp, cert, new JcaCertificateRequestMessage(certReqMsg.getEncoded()));
-    }
-
-    private void checkCertReqMsgWithArchiveControl(KeyPair kp, X509Certificate cert, JcaCertificateRequestMessage certReqMsg)
-        throws CRMFException, CMSException, IOException
-    {
-        PKIArchiveControl archiveControl = (PKIArchiveControl)certReqMsg.getControl(CRMFObjectIdentifiers.id_regCtrl_pkiArchiveOptions);
-
-        TestCase.assertEquals(PKIArchiveControl.encryptedPrivKey, archiveControl.getArchiveType());
-
-        TestCase.assertTrue(archiveControl.isEnvelopedData());
-
-        RecipientInformationStore recips = archiveControl.getEnvelopedData().getRecipientInfos();
-
-        RecipientId recipientId = new JceKeyTransRecipientId(cert);
-
-        RecipientInformation recipientInformation = recips.get(recipientId);
-
-        TestCase.assertNotNull(recipientInformation);
-
-        EncKeyWithID encKeyWithID = EncKeyWithID.getInstance(recipientInformation.getContent(new JceKeyTransEnvelopedRecipient(kp.getPrivate()).setProvider(BC)));
-
-        TestCase.assertTrue(encKeyWithID.hasIdentifier());
-        TestCase.assertFalse(encKeyWithID.isIdentifierUTF8String());
-
-        TestCase.assertEquals(new GeneralName(X500Name.getInstance(new X500Principal("CN=Test").getEncoded())), encKeyWithID.getIdentifier());
-        TestCase.assertTrue(Arrays.areEqual(kp.getPrivate().getEncoded(), encKeyWithID.getPrivateKey().getEncoded()));
-    }
-
-    public void testProofOfPossessionWithoutSender()
-        throws Exception
-    {
-        KeyPairGenerator kGen = KeyPairGenerator.getInstance("RSA", BC);
-
-        kGen.initialize(512);
-
-        KeyPair kp = kGen.generateKeyPair();
-        X509Certificate cert = makeV1Certificate(kp, "CN=Test", kp, "CN=Test");
-
-        JcaCertificateRequestMessageBuilder certReqBuild = new JcaCertificateRequestMessageBuilder(BigInteger.ONE);
-
-        certReqBuild.setPublicKey(kp.getPublic())
-                    .setAuthInfoPKMAC(new PKMACBuilder(new JcePKMACValuesCalculator()), "fred".toCharArray())
-                    .setProofOfPossessionSigningKeySigner(new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(kp.getPrivate()));
-
-        certReqBuild.addControl(new JcaPKIArchiveControlBuilder(kp.getPrivate(), new X500Principal("CN=test"))
-            .addRecipientGenerator(new JceKeyTransRecipientInfoGenerator(cert).setProvider(BC))
-            .build(new JceCMSContentEncryptorBuilder(new ASN1ObjectIdentifier(CMSEnvelopedDataGenerator.AES128_CBC)).setProvider(BC).build()));
-
-        JcaCertificateRequestMessage certReqMsg = new JcaCertificateRequestMessage(certReqBuild.build().getEncoded()).setProvider(BC);
-
-        // check that internal check on popo signing is working okay
-        try
-        {
-            certReqMsg.isValidSigningKeyPOP(new JcaContentVerifierProviderBuilder().setProvider(BC).build(kp.getPublic()));
-            TestCase.fail("IllegalStateException not thrown");
-        }
-        catch (IllegalStateException e)
-        {
-            // ignore
-        }
-
-        TestCase.assertTrue(certReqMsg.isValidSigningKeyPOP(new JcaContentVerifierProviderBuilder().setProvider(BC).build(kp.getPublic()), new PKMACBuilder(new JcePKMACValuesCalculator().setProvider(BC)), "fred".toCharArray()));
-
-        TestCase.assertEquals(kp.getPublic(), certReqMsg.getPublicKey());
-
-        certReqMsg = new JcaCertificateRequestMessage(certReqBuild.build()).setProvider(BC);
-
-                // check that internal check on popo signing is working okay
-        try
-        {
-            certReqMsg.isValidSigningKeyPOP(new JcaContentVerifierProviderBuilder().setProvider(BC).build(kp.getPublic()));
-            TestCase.fail("IllegalStateException not thrown");
-        }
-        catch (IllegalStateException e)
-        {
-            // ignore
-        }
-
-        TestCase.assertTrue(certReqMsg.isValidSigningKeyPOP(new JcaContentVerifierProviderBuilder().setProvider(BC).build(kp.getPublic()), new PKMACBuilder(new JcePKMACValuesCalculator().setProvider(BC)), "fred".toCharArray()));
-
-        TestCase.assertEquals(kp.getPublic(), certReqMsg.getPublicKey());
-    }
-
-    public void testEncryptedValueWithKey()
-        throws Exception
-    {
-        KeyPairGenerator kGen = KeyPairGenerator.getInstance("RSA", BC);
-
-        kGen.initialize(512);
-
-        KeyPair kp = kGen.generateKeyPair();
-        
-        JcaEncryptedValueBuilder build = new JcaEncryptedValueBuilder(new JceAsymmetricKeyWrapper(kp.getPublic()).setProvider(BC), new JceCRMFEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-
-        EncryptedValue value = build.build(kp.getPrivate());
-
-        ValueDecryptorGenerator decGen = new JceAsymmetricValueDecryptorGenerator(kp.getPrivate()).setProvider(BC);
-
-        EncryptedValueParser  parser = new EncryptedValueParser(value);
-
-        PrivateKeyInfo privInfo = parser.readPrivateKeyInfo(decGen);
-
-        TestCase.assertEquals(privInfo.getPrivateKeyAlgorithm(), parser.getIntendedAlg());
-
-        TestCase.assertTrue(Arrays.areEqual(privInfo.getEncoded(), kp.getPrivate().getEncoded()));
-    }
-
-    public void testBcEncryptedValueWithKey()
-        throws Exception
-    {
-        KeyPairGenerator kGen = KeyPairGenerator.getInstance("RSA", BC);
-
-        kGen.initialize(512);
-
-        KeyPair kp = kGen.generateKeyPair();
-
-        BcEncryptedValueBuilder build = new BcEncryptedValueBuilder(new BcRSAAsymmetricKeyWrapper(
-            new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE),
-            PublicKeyFactory.createKey(SubjectPublicKeyInfo.getInstance(kp.getPublic().getEncoded()))),
-            new BcCRMFEncryptorBuilder(CMSAlgorithm.AES128_CBC).build());
-
-        EncryptedValue value = build.build(
-            PrivateKeyFactory.createKey(PrivateKeyInfo.getInstance(kp.getPrivate().getEncoded())));
-
-        ValueDecryptorGenerator decGen = new JceAsymmetricValueDecryptorGenerator(kp.getPrivate()).setProvider(BC);
-
-        EncryptedValueParser  parser = new EncryptedValueParser(value);
-
-        PrivateKeyInfo privInfo = parser.readPrivateKeyInfo(decGen);
-
-        TestCase.assertEquals(privInfo.getPrivateKeyAlgorithm(), parser.getIntendedAlg());
-
-        TestCase.assertTrue(Arrays.areEqual(privInfo.getEncoded(), kp.getPrivate().getEncoded()));
-    }
-
-    public void testProofOfPossessionWithSender()
-        throws Exception
-    {
-        KeyPairGenerator kGen = KeyPairGenerator.getInstance("RSA", BC);
-
-        kGen.initialize(512);
-
-        KeyPair kp = kGen.generateKeyPair();
-        X509Certificate cert = makeV1Certificate(kp, "CN=Test", kp, "CN=Test");
-
-        JcaCertificateRequestMessageBuilder certReqBuild = new JcaCertificateRequestMessageBuilder(BigInteger.ONE);
-
-        certReqBuild.setPublicKey(kp.getPublic())
-                    .setAuthInfoSender(new X500Principal("CN=Test"))
-                    .setProofOfPossessionSigningKeySigner(new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(kp.getPrivate()));
-
-        certReqBuild.addControl(new JcaPKIArchiveControlBuilder(kp.getPrivate(), new X500Principal("CN=test"))
-                                      .addRecipientGenerator(new JceKeyTransRecipientInfoGenerator(cert).setProvider(BC))
-                                      .build(new JceCMSContentEncryptorBuilder(new ASN1ObjectIdentifier(CMSEnvelopedDataGenerator.AES128_CBC)).setProvider(BC).build()));
-
-        JcaCertificateRequestMessage certReqMsg = new JcaCertificateRequestMessage(certReqBuild.build().getEncoded());
-
-        // check that internal check on popo signing is working okay
-        try
-        {
-            certReqMsg.isValidSigningKeyPOP(new JcaContentVerifierProviderBuilder().setProvider(BC).build(kp.getPublic()), new PKMACBuilder(new JcePKMACValuesCalculator().setProvider(BC)), "fred".toCharArray());
-
-            fail("IllegalStateException not thrown");
-        }
-        catch (IllegalStateException e)
-        {
-            // ignore
-        }
-
-
-        assertTrue(certReqMsg.isValidSigningKeyPOP(new JcaContentVerifierProviderBuilder().setProvider(BC).build(kp.getPublic())));
-
-        assertEquals(kp.getPublic(), certReqMsg.getPublicKey());
-    }
-
-    public void testProofOfPossessionWithTemplate()
-        throws Exception
-    {
-        KeyPairGenerator kGen = KeyPairGenerator.getInstance("RSA", BC);
-
-        kGen.initialize(512);
-
-        KeyPair kp = kGen.generateKeyPair();
-        X509Certificate cert = makeV1Certificate(kp, "CN=Test", kp, "CN=Test");
-
-        JcaCertificateRequestMessageBuilder certReqBuild = new JcaCertificateRequestMessageBuilder(BigInteger.ONE);
-
-        certReqBuild.setPublicKey(kp.getPublic())
-                    .setSubject(new X500Principal("CN=Test"))
-                    .setAuthInfoSender(new X500Principal("CN=Test"))
-                    .setProofOfPossessionSigningKeySigner(new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(kp.getPrivate()));
-
-        certReqBuild.addControl(new JcaPKIArchiveControlBuilder(kp.getPrivate(), new X500Principal("CN=test"))
-                                      .addRecipientGenerator(new JceKeyTransRecipientInfoGenerator(cert).setProvider(BC))
-                                      .build(new JceCMSContentEncryptorBuilder(new ASN1ObjectIdentifier(CMSEnvelopedDataGenerator.AES128_CBC)).setProvider(BC).build()));
-
-        JcaCertificateRequestMessage certReqMsg = new JcaCertificateRequestMessage(certReqBuild.build().getEncoded());
-
-        assertTrue(certReqMsg.isValidSigningKeyPOP(new JcaContentVerifierProviderBuilder().setProvider(BC).build(kp.getPublic())));
-
-        assertEquals(kp.getPublic(), certReqMsg.getPublicKey());
-    }
-
-    public void testKeySizes()
-        throws Exception
-    {
-        verifyKeySize(NISTObjectIdentifiers.id_aes128_CBC, 128);
-        verifyKeySize(NISTObjectIdentifiers.id_aes192_CBC, 192);
-        verifyKeySize(NISTObjectIdentifiers.id_aes256_CBC, 256);
-
-        verifyKeySize(NTTObjectIdentifiers.id_camellia128_cbc, 128);
-        verifyKeySize(NTTObjectIdentifiers.id_camellia192_cbc, 192);
-        verifyKeySize(NTTObjectIdentifiers.id_camellia256_cbc, 256);
-
-        verifyKeySize(PKCSObjectIdentifiers.des_EDE3_CBC, 192);
-    }
-
-    private void verifyKeySize(ASN1ObjectIdentifier oid, int keySize)
-        throws Exception
-    {
-        JceCRMFEncryptorBuilder encryptorBuilder = new JceCRMFEncryptorBuilder(oid).setProvider(BC);
-
-        OutputEncryptor outputEncryptor = encryptorBuilder.build();
-
-        assertEquals(keySize / 8, ((byte[])(outputEncryptor.getKey().getRepresentation())).length);
-    }
-
-    public void testEncryptedValue()
-        throws Exception
-    {
-        KeyPairGenerator kGen = KeyPairGenerator.getInstance("RSA", BC);
-
-        kGen.initialize(512);
-
-        KeyPair kp = kGen.generateKeyPair();
-        X509Certificate cert = makeV1Certificate(kp, "CN=Test", kp, "CN=Test");
-
-        JcaEncryptedValueBuilder build = new JcaEncryptedValueBuilder(new JceAsymmetricKeyWrapper(cert.getPublicKey()).setProvider(BC), new JceCRMFEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-        EncryptedValue value = build.build(cert);
-        ValueDecryptorGenerator decGen = new JceAsymmetricValueDecryptorGenerator(kp.getPrivate()).setProvider(BC);
-
-        // try direct
-        encryptedValueParserTest(value, decGen, cert);
-
-        // try indirect
-        encryptedValueParserTest(EncryptedValue.getInstance(value.getEncoded()), decGen, cert);
-    }
-
-    public void testEncryptedValueOAEP1()
-        throws Exception
-    {
-        KeyPairGenerator kGen = KeyPairGenerator.getInstance("RSA", BC);
-
-        kGen.initialize(2048);
-
-        KeyPair kp = kGen.generateKeyPair();
-        X509Certificate cert = makeV1Certificate(kp, "CN=Test", kp, "CN=Test");
-
-        AlgorithmIdentifier sha256 = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, DERNull.INSTANCE);
-
-        JcaEncryptedValueBuilder build = new JcaEncryptedValueBuilder(new JceAsymmetricKeyWrapper(
-            new AlgorithmIdentifier(PKCSObjectIdentifiers.id_RSAES_OAEP,
-                new RSAESOAEPparams(sha256, new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, sha256),
-                    RSAESOAEPparams.DEFAULT_P_SOURCE_ALGORITHM)),
-            cert.getPublicKey()).setProvider(BC),
-            new JceCRMFEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-
-        EncryptedValue value = build.build(cert);
-        ValueDecryptorGenerator decGen = new JceAsymmetricValueDecryptorGenerator(kp.getPrivate()).setProvider(BC);
-
-        // try direct
-        encryptedValueParserTest(value, decGen, cert);
-
-        // try indirect
-        encryptedValueParserTest(EncryptedValue.getInstance(value.getEncoded()), decGen, cert);
-    }
-
-    public void testEncryptedValueOAEP2()
-        throws Exception
-    {
-        KeyPairGenerator kGen = KeyPairGenerator.getInstance("RSA", BC);
-
-        kGen.initialize(2048);
-
-        KeyPair kp = kGen.generateKeyPair();
-        X509Certificate cert = makeV1Certificate(kp, "CN=Test", kp, "CN=Test");
-
-        JcaEncryptedValueBuilder build = new JcaEncryptedValueBuilder(new JceAsymmetricKeyWrapper(
-            new OAEPParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-256"), new PSource.PSpecified(new byte[2])),
-            cert.getPublicKey()).setProvider(BC),
-            new JceCRMFEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-
-        EncryptedValue value = build.build(cert);
-
-        assertEquals(PKCSObjectIdentifiers.id_RSAES_OAEP, value.getKeyAlg().getAlgorithm());
-        assertEquals(NISTObjectIdentifiers.id_sha256, RSAESOAEPparams.getInstance(value.getKeyAlg().getParameters()).getHashAlgorithm().getAlgorithm());
-        assertEquals(new DEROctetString(new byte[2]), RSAESOAEPparams.getInstance(value.getKeyAlg().getParameters()).getPSourceAlgorithm().getParameters());
-
-        ValueDecryptorGenerator decGen = new JceAsymmetricValueDecryptorGenerator(kp.getPrivate()).setProvider(BC);
-
-        // try direct
-        encryptedValueParserTest(value, decGen, cert);
-
-        // try indirect
-        encryptedValueParserTest(EncryptedValue.getInstance(value.getEncoded()), decGen, cert);
-    }
-
-    private void encryptedValueParserTest(EncryptedValue value, ValueDecryptorGenerator decGen, X509Certificate cert)
-        throws Exception
-    {
-        EncryptedValueParser  parser = new EncryptedValueParser(value);
-
-        X509CertificateHolder holder = parser.readCertificateHolder(decGen);
-
-        assertTrue(Arrays.areEqual(cert.getEncoded(), holder.getEncoded()));
-    }
-
-    public void testEncryptedValuePassphrase()
-        throws Exception
-    {
-        char[] passphrase = PASSPHRASE.toCharArray();
-        KeyPairGenerator kGen = KeyPairGenerator.getInstance("RSA", BC);
-
-        kGen.initialize(512);
-
-        KeyPair kp = kGen.generateKeyPair();
-        X509Certificate cert = makeV1Certificate(kp, "CN=Test", kp, "CN=Test");
-
-        EncryptedValueBuilder build = new EncryptedValueBuilder(new JceAsymmetricKeyWrapper(cert.getPublicKey()).setProvider(BC), new JceCRMFEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-        EncryptedValue value = build.build(passphrase);
-        ValueDecryptorGenerator decGen = new JceAsymmetricValueDecryptorGenerator(kp.getPrivate()).setProvider(BC);
-
-        // try direct
-        encryptedValuePassphraseParserTest(value, null, decGen, cert);
-
-        // try indirect
-        encryptedValuePassphraseParserTest(EncryptedValue.getInstance(value.getEncoded()), null, decGen, cert);
-    }
-
-    public void testEncryptedValuePassphraseWithPadding()
-        throws Exception
-    {
-        char[] passphrase = PASSPHRASE.toCharArray();
-        KeyPairGenerator kGen = KeyPairGenerator.getInstance("RSA", BC);
-
-        kGen.initialize(512);
-
-        KeyPair kp = kGen.generateKeyPair();
-        X509Certificate cert = makeV1Certificate(kp, "CN=Test", kp, "CN=Test");
-
-        BcFixedLengthMGF1Padder mgf1Padder = new BcFixedLengthMGF1Padder(200, new SecureRandom());
-        EncryptedValueBuilder build = new EncryptedValueBuilder(new JceAsymmetricKeyWrapper(cert.getPublicKey()).setProvider(BC), new JceCRMFEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build(), mgf1Padder);
-        EncryptedValue value = build.build(passphrase);
-        ValueDecryptorGenerator decGen = new JceAsymmetricValueDecryptorGenerator(kp.getPrivate()).setProvider(BC);
-
-        // try direct
-        encryptedValuePassphraseParserTest(value, mgf1Padder, decGen, cert);
-
-        // try indirect
-        encryptedValuePassphraseParserTest(EncryptedValue.getInstance(value.getEncoded()), mgf1Padder, decGen, cert);
-    }
-
-    private void encryptedValuePassphraseParserTest(EncryptedValue value, EncryptedValuePadder padder, ValueDecryptorGenerator decGen, X509Certificate cert)
-        throws Exception
-    {
-        EncryptedValueParser  parser = new EncryptedValueParser(value, padder);
-
-        assertTrue(Arrays.areEqual(PASSPHRASE.toCharArray(), parser.readPassphrase(decGen)));
-    }
-
-    private static X509Certificate makeV1Certificate(KeyPair subKP, String _subDN, KeyPair issKP, String _issDN)
-        throws GeneralSecurityException, IOException, OperatorCreationException
-    {
-
-        PublicKey subPub  = subKP.getPublic();
-        PrivateKey issPriv = issKP.getPrivate();
-        PublicKey  issPub  = issKP.getPublic();
-
-        X509v1CertificateBuilder v1CertGen = new JcaX509v1CertificateBuilder(
-            new X500Name(_issDN),
-            BigInteger.valueOf(System.currentTimeMillis()),
-            new Date(System.currentTimeMillis()),
-            new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 100)),
-            new X500Name(_subDN),
-            subPub);
-
-        JcaContentSignerBuilder signerBuilder = null;
-
-        if (issPub instanceof RSAPublicKey)
-        {
-            signerBuilder = new JcaContentSignerBuilder("SHA1WithRSA");
-        }
-        else if (issPub.getAlgorithm().equals("DSA"))
-        {
-            signerBuilder = new JcaContentSignerBuilder("SHA1withDSA");
-        }
-        else if (issPub.getAlgorithm().equals("ECDSA"))
-        {
-            signerBuilder = new JcaContentSignerBuilder("SHA1withECDSA");
-        }
-        else if (issPub.getAlgorithm().equals("ECGOST3410"))
-        {
-            signerBuilder = new JcaContentSignerBuilder("GOST3411withECGOST3410");
-        }
-        else
-        {
-            signerBuilder = new JcaContentSignerBuilder("GOST3411WithGOST3410");
-        }
-
-        signerBuilder.setProvider(BC);
-
-        X509Certificate _cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(v1CertGen.build(signerBuilder.build(issPriv)));
-
-        _cert.checkValidity(new Date());
-        _cert.verify(issPub);
-
-        return _cert;
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANECertificateFetcher.java b/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANECertificateFetcher.java
deleted file mode 100644
index 7395cdc..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANECertificateFetcher.java
+++ /dev/null

@@ -1,57 +0,0 @@
-package org.bouncycastle.cert.dane;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.Iterator;
-import java.util.List;
-
-import org.bouncycastle.operator.DigestCalculator;
-
-/**
- * A single shot fetcher for a certificate which will only request the specific DNS record if the
- * DANEEntryFetcher used on construction supports it.
- */
-public class DANECertificateFetcher
-{
-    private final DANEEntryFetcherFactory fetcherFactory;
-    private final DANEEntrySelectorFactory selectorFactory;
-
-    /**
-     * Base constructor.
-     *
-     * @param fetcherFactory the fetcher to use for resolving requests.
-     * @param digestCalculator the digest calculator to use for calculating sub-domains.
-     */
-    public DANECertificateFetcher(DANEEntryFetcherFactory fetcherFactory, DigestCalculator digestCalculator)
-    {
-        this.fetcherFactory = fetcherFactory;
-        this.selectorFactory= new DANEEntrySelectorFactory(digestCalculator);
-    }
-
-    /**
-     * Fetch the certificates associated with the passed in email address if any exists.
-     *
-     * @param emailAddress the email address of interest.
-     * @return a list of X509CertificateHolder objects, or an empty list if none present.
-     * @throws DANEException in case of an underlying DNS or record parsing problem.
-     */
-    public List fetch(String emailAddress)
-        throws DANEException
-    {
-        DANEEntrySelector daneSelector = selectorFactory.createSelector(emailAddress);
-
-        List matches = fetcherFactory.build(daneSelector.getDomainName()).getEntries();
-        List certs = new ArrayList(matches.size());
-
-        for (Iterator it = matches.iterator(); it.hasNext();)
-        {
-            DANEEntry next = (DANEEntry)it.next();
-            if (daneSelector.match(next))
-            {
-                certs.add(next.getCertificate());
-            }
-        }
-
-        return Collections.unmodifiableList(certs);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANEEntry.java b/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANEEntry.java
deleted file mode 100644
index 8d6e4e0..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANEEntry.java
+++ /dev/null

@@ -1,88 +0,0 @@
-package org.bouncycastle.cert.dane;
-
-import java.io.IOException;
-
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Carrier class for a DANE entry.
- */
-public class DANEEntry
-{
-    public static final int CERT_USAGE_CA = 0;
-    public static final int CERT_USAGE_PKIX_VALIDATE = 1;
-    public static final int CERT_USAGE_TRUST_ANCHOR = 2;
-    public static final int CERT_USAGE_ACCEPT = 3;
-
-    static final int CERT_USAGE = 0;
-    static final int SELECTOR = 1;
-    static final int MATCHING_TYPE = 2;
-
-    private final String domainName;
-    private final byte[] flags;
-    private final X509CertificateHolder certHolder;
-
-    DANEEntry(String domainName, byte[] flags, X509CertificateHolder certHolder)
-    {
-        this.flags = flags;
-        this.domainName = domainName;
-        this.certHolder = certHolder;
-    }
-
-    public DANEEntry(String domainName, byte[] data)
-        throws IOException
-    {
-        this(domainName, Arrays.copyOfRange(data, 0, 3), new X509CertificateHolder(Arrays.copyOfRange(data, 3, data.length)));
-    }
-
-    public byte[] getFlags()
-    {
-        return Arrays.clone(flags);
-    }
-
-    /**
-     * Return the certificate associated with this entry.
-     *
-     * @return the entry's certificate.
-     */
-    public X509CertificateHolder getCertificate()
-    {
-        return certHolder;
-    }
-
-    public String getDomainName()
-    {
-        return domainName;
-    }
-
-    /**
-     * Return the full data string as it would appear in the DNS record - flags + encoding
-     *
-     * @return byte array representing the full data string.
-     * @throws IOException if there is an issue encoding the certificate inside this entry.
-     */
-    public byte[] getRDATA()
-        throws IOException
-    {
-        byte[] certEnc = certHolder.getEncoded();
-        byte[] data = new byte[flags.length + certEnc.length];
-
-        System.arraycopy(flags, 0, data, 0, flags.length);
-        System.arraycopy(certEnc, 0, data, flags.length, certEnc.length);
-
-        return data;
-    }
-
-    /**
-     * Return true if the byte string has the correct flag bytes to indicate a certificate entry.
-     *
-     * @param data the byte string of interest.
-     * @return true if flags indicate a valid certificate, false otherwise.
-     */
-    public static boolean isValidCertificate(byte[] data)
-    {
-        // TODO: perhaps validate ASN.1 data as well...
-        return ((data[CERT_USAGE] >= 0 || data[CERT_USAGE] <= 3)&& data[SELECTOR] == 0 && data[MATCHING_TYPE] == 0);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANEEntryFactory.java b/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANEEntryFactory.java
deleted file mode 100644
index cf4e074..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANEEntryFactory.java
+++ /dev/null

@@ -1,62 +0,0 @@
-package org.bouncycastle.cert.dane;
-
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.operator.DigestCalculator;
-
-/**
- * Factory class for creating DANEEntry objects.
- */
-public class DANEEntryFactory
-{
-    private final DANEEntrySelectorFactory selectorFactory;
-
-    /**
-     * Base constructor.
-     *
-     * @param digestCalculator a calculator for the message digest to filter email addresses currently SHA-224.
-     */
-    public DANEEntryFactory(DigestCalculator digestCalculator)
-    {
-        this.selectorFactory = new DANEEntrySelectorFactory(digestCalculator);
-    }
-
-    /**
-     * Return a DANEEntry for the passed in email address and certificate.
-     * This method sets the entry's certificate usage field to 3.
-     *
-     * @param emailAddress the emails address of interest.
-     * @param certificate the certificate to be associated with the email address.
-     * @throws DANEException in case of issue generating a matching name.
-     */
-    public DANEEntry createEntry(String emailAddress, X509CertificateHolder certificate)
-        throws DANEException
-    {
-        return createEntry(emailAddress, DANEEntry.CERT_USAGE_ACCEPT, certificate);
-    }
-
-    /**
-     * Return a DANEEntry for the passed in email address and certificate.
-     *
-     * @param emailAddress the emails address of interest.
-     * @param certUsage the certificate usage field value to use.
-     * @param certificate the certificate to be associated with the email address.
-     * @throws DANEException in case of issue generating a matching name.
-     */
-    public DANEEntry createEntry(String emailAddress, int certUsage, X509CertificateHolder certificate)
-        throws DANEException
-    {
-        if (certUsage < 0 || certUsage > 3)
-        {
-            throw new DANEException("unknown certificate usage: " + certUsage);
-        }
-
-        DANEEntrySelector entrySelector = selectorFactory.createSelector(emailAddress);
-        byte[] flags = new byte[3];
-
-        flags[DANEEntry.CERT_USAGE] = (byte)certUsage;
-        flags[DANEEntry.SELECTOR] = 0;
-        flags[DANEEntry.MATCHING_TYPE] = 0;
-
-        return new DANEEntry(entrySelector.getDomainName(), flags, certificate);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANEEntryFetcher.java b/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANEEntryFetcher.java
deleted file mode 100644
index 66dde4a..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANEEntryFetcher.java
+++ /dev/null

@@ -1,8 +0,0 @@
-package org.bouncycastle.cert.dane;
-
-import java.util.List;
-
-public interface DANEEntryFetcher
-{
-    List getEntries() throws DANEException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANEEntryFetcherFactory.java b/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANEEntryFetcherFactory.java
deleted file mode 100644
index 603dc2a..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANEEntryFetcherFactory.java
+++ /dev/null

@@ -1,25 +0,0 @@
-package org.bouncycastle.cert.dane;
-
-/**
- * Factories for DANEEntryFetcher objects should implement this.
- * <p>
- * Note: the fetcher should be able to manage both requests of the form
- * <pre>
- *     fetcher.build("test.org");
- * </pre>
- * and
- * <pre>
- *     91d23d115b68072e7a38afeb7e295bd6392a19f25f8328b4ecae4778._smimecert.test.org
- * </pre>
- * In the case of the later ideally just returning a list containing the single entry.
- */
-public interface DANEEntryFetcherFactory
-{
-    /**
-     * Build an entry fetcher for the specified domain name.
-     *
-     * @param domainName the domain name of interest.
-     * @return a resolver for fetching entry's associated with domainName.
-     */
-    DANEEntryFetcher build(String domainName);
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANEEntrySelector.java b/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANEEntrySelector.java
deleted file mode 100644
index 4e96291..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANEEntrySelector.java
+++ /dev/null

@@ -1,31 +0,0 @@
-package org.bouncycastle.cert.dane;
-
-import org.bouncycastle.util.Selector;
-
-public class DANEEntrySelector
-    implements Selector
-{
-    private final String domainName;
-
-    DANEEntrySelector(String domainName)
-    {
-        this.domainName = domainName;
-    }
-
-    public boolean match(Object obj)
-    {
-        DANEEntry dEntry = (DANEEntry)obj;
-
-        return dEntry.getDomainName().equals(domainName);
-    }
-
-    public Object clone()
-    {
-        return this;
-    }
-
-    public String getDomainName()
-    {
-        return domainName;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANEEntrySelectorFactory.java b/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANEEntrySelectorFactory.java
deleted file mode 100644
index 38fa9fb..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANEEntrySelectorFactory.java
+++ /dev/null

@@ -1,62 +0,0 @@
-package org.bouncycastle.cert.dane;
-
-import java.io.IOException;
-import java.io.OutputStream;
-
-import org.bouncycastle.operator.DigestCalculator;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-
-/**
- * Factory for creating selector objects to use with the DANECertificateStore.
- */
-public class DANEEntrySelectorFactory
-{
-    private final DigestCalculator digestCalculator;
-
-    /**
-     * Base constructor.
-     * <p>
-     * At the moment you would call this as:
-     * <pre>
-     *     new DANEEntrySelectorFactory(new TruncatingDigestCalculator(new SHA256DigestCalculator()));
-     * </pre>
-     * or some equivalent.
-     *
-     * @param digestCalculator a calculator for the message digest to filter email addresses currently truncated SHA-256 (originally SHA-224).
-     */
-    public DANEEntrySelectorFactory(DigestCalculator digestCalculator)
-    {
-        this.digestCalculator = digestCalculator;
-    }
-
-    /**
-     * Create a selector for the passed in email address.
-     * @param emailAddress the emails address of interest.
-     * @throws DANEException in case of issue generating a matching name.
-     */
-    public DANEEntrySelector createSelector(String emailAddress)
-        throws DANEException
-    {
-        final byte[] enc = Strings.toUTF8ByteArray(emailAddress.substring(0, emailAddress.indexOf('@')));
-
-        try
-        {
-            OutputStream cOut = digestCalculator.getOutputStream();
-
-            cOut.write(enc);
-
-            cOut.close();
-        }
-        catch (IOException e)
-        {
-            throw new DANEException("Unable to calculate digest string: " + e.getMessage(), e);
-        }
-
-        byte[] hash = digestCalculator.getDigest();
-
-        final String domainName = Strings.fromByteArray(Hex.encode(hash)) + "._smimecert." + emailAddress.substring(emailAddress.indexOf('@') + 1);
-
-        return new DANEEntrySelector(domainName);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANEEntryStore.java b/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANEEntryStore.java
deleted file mode 100644
index 0d29c80..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANEEntryStore.java
+++ /dev/null

@@ -1,87 +0,0 @@
-package org.bouncycastle.cert.dane;
-
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-
-import org.bouncycastle.util.CollectionStore;
-import org.bouncycastle.util.Selector;
-import org.bouncycastle.util.Store;
-import org.bouncycastle.util.StoreException;
-
-/**
- * Class storing DANEEntry objects.
- */
-public class DANEEntryStore
-    implements Store
-{
-    private final Map entries;
-
-    DANEEntryStore(List entries)
-    {
-        Map entryMap = new HashMap();
-
-         for (Iterator it = entries.iterator(); it.hasNext();)
-         {
-             DANEEntry entry = (DANEEntry)it.next();
-
-             entryMap.put(entry.getDomainName(), entry);
-         }
-
-        this.entries = Collections.unmodifiableMap(entryMap);
-    }
-
-    /**
-     * Return a collection of entries matching the passed in selector.
-     *
-     * @param selector the selector to validate entries against.
-     * @return a possibly empty collection of matched entries.
-     * @throws StoreException in case of an underlying issue.
-     */
-    public Collection getMatches(Selector selector)
-        throws StoreException
-    {
-        if (selector == null)
-        {
-            return entries.values();
-        }
-
-        List results = new ArrayList();
-
-        for (Iterator it = entries.values().iterator(); it.hasNext();)
-        {
-            Object next = it.next();
-            if (selector.match(next))
-            {
-                results.add(next);
-            }
-        }
-
-        return Collections.unmodifiableList(results);
-    }
-
-    /**
-     * Return a Store of X509CertificateHolder objects representing all the certificates associated with
-     * entries in the store.
-     *
-     * @return a Store of X509CertificateHolder.
-     */
-    public Store toCertificateStore()
-    {
-        Collection col = this.getMatches(null);
-        List certColl = new ArrayList(col.size());
-
-        for (Iterator it = col.iterator(); it.hasNext();)
-        {
-            DANEEntry entry = (DANEEntry)it.next();
-
-            certColl.add(entry.getCertificate());
-        }
-
-        return new CollectionStore(certColl);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANEEntryStoreBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANEEntryStoreBuilder.java
deleted file mode 100644
index 82bcb48..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANEEntryStoreBuilder.java
+++ /dev/null

@@ -1,27 +0,0 @@
-package org.bouncycastle.cert.dane;
-
-/**
- * Builder for the DANECertificateStore.
- */
-public class DANEEntryStoreBuilder
-{
-    private final DANEEntryFetcherFactory daneEntryFetcher;
-
-    public DANEEntryStoreBuilder(DANEEntryFetcherFactory daneEntryFetcher)
-    {
-        this.daneEntryFetcher = daneEntryFetcher;
-    }
-
-    /**
-     * Build a DANECertificateStore from the provided domainName details.
-     *
-     * @param domainName the domain name to look up the _smimecert entries in.
-     * @return a Store of DANEEntry representing the _smimecert entries containing certificates.
-     * @throws DANEException in the case of a DNS issue or encoding issue with a DNS record.
-     */
-    public DANEEntryStore build(String domainName)
-        throws DANEException
-    {
-        return new DANEEntryStore(daneEntryFetcher.build(domainName).getEntries());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANEException.java b/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANEException.java
deleted file mode 100644
index 7871fd7..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/dane/DANEException.java
+++ /dev/null

@@ -1,27 +0,0 @@
-package org.bouncycastle.cert.dane;
-
-/**
- * General checked Exception thrown in the DANE package.
- */
-public class DANEException
-    extends Exception
-{
-    private Throwable cause;
-
-    public DANEException(String msg, Throwable cause)
-    {
-        super(msg);
-
-        this.cause = cause;
-    }
-
-    public DANEException(String msg)
-    {
-        super(msg);
-    }
-
-    public Throwable getCause()
-    {
-        return cause;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/dane/TruncatingDigestCalculator.java b/bcpkix/src/main/java/org/bouncycastle/cert/dane/TruncatingDigestCalculator.java
deleted file mode 100644
index f9a5382..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/dane/TruncatingDigestCalculator.java
+++ /dev/null

@@ -1,60 +0,0 @@
-package org.bouncycastle.cert.dane;
-
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.operator.DigestCalculator;
-
-/**
- * A calculator which produces a truncated digest from a regular one, with the truncation
- * achieved by dropping off the right most octets.
- */
-public class TruncatingDigestCalculator
-    implements DigestCalculator
-{
-    private final DigestCalculator baseCalculator;
-    private final int length;
-
-    /**
-     * Default constructor - truncate to 28.
-     *
-     * @param baseCalculator actual calculator for working out the digest.
-     */
-    public TruncatingDigestCalculator(DigestCalculator baseCalculator)
-    {
-       this(baseCalculator, 28);
-    }
-
-    /**
-     * Constructor specifying a length.
-     *
-     * @param baseCalculator actual calculator for working out the digest.
-     * @param length length in bytes of the final result.
-     */
-    public TruncatingDigestCalculator(DigestCalculator baseCalculator, int length)
-    {
-        this.baseCalculator = baseCalculator;
-        this.length = length;
-    }
-
-    public AlgorithmIdentifier getAlgorithmIdentifier()
-    {
-        return baseCalculator.getAlgorithmIdentifier();
-    }
-
-    public OutputStream getOutputStream()
-    {
-        return baseCalculator.getOutputStream();
-    }
-
-    public byte[] getDigest()
-    {
-        byte[] rv = new byte[length];
-
-        byte[] dig = baseCalculator.getDigest();
-
-        System.arraycopy(dig, 0, rv, 0, rv.length);
-
-        return rv;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/dane/fetcher/JndiDANEFetcherFactory.java b/bcpkix/src/main/java/org/bouncycastle/cert/dane/fetcher/JndiDANEFetcherFactory.java
deleted file mode 100644
index fa0d462..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/dane/fetcher/JndiDANEFetcherFactory.java
+++ /dev/null

@@ -1,168 +0,0 @@
-package org.bouncycastle.cert.dane.fetcher;
-
-import java.io.IOException;
-import java.util.ArrayList;
-import java.util.Hashtable;
-import java.util.Iterator;
-import java.util.List;
-
-import javax.naming.Binding;
-import javax.naming.Context;
-import javax.naming.NamingEnumeration;
-import javax.naming.NamingException;
-import javax.naming.directory.Attribute;
-import javax.naming.directory.Attributes;
-import javax.naming.directory.DirContext;
-import javax.naming.directory.InitialDirContext;
-
-import org.bouncycastle.cert.dane.DANEEntry;
-import org.bouncycastle.cert.dane.DANEEntryFetcher;
-import org.bouncycastle.cert.dane.DANEEntryFetcherFactory;
-import org.bouncycastle.cert.dane.DANEException;
-
-/**
- * A DANE entry fetcher implemented using JNDI.
- */
-public class JndiDANEFetcherFactory
-    implements DANEEntryFetcherFactory
-{
-    private static final String DANE_TYPE = "53";
-
-    private List dnsServerList = new ArrayList();
-    private boolean isAuthoritative;
-
-    /**
-     * Specify the dnsServer to use.
-     *
-     * @param dnsServer IP address/name of the dns server
-     * @return the current factory.
-     */
-    public JndiDANEFetcherFactory usingDNSServer(String dnsServer)
-    {
-        this.dnsServerList.add(dnsServer);
-
-        return this;
-    }
-
-    /**
-     * Specify requests must be authoritative, or not (default false).
-     *
-     * @param isAuthoritative true if requests must be authoritative, false otherwise.
-     * @return the current factory..
-     */
-    public JndiDANEFetcherFactory setAuthoritative(boolean isAuthoritative)
-    {
-        this.isAuthoritative = isAuthoritative;
-
-        return this;
-    }
-
-    /**
-     * Build an entry fetcher for the specified domain name.
-     *
-     * @param domainName the domain name of interest.
-     * @return a resolver for fetching entry's associated with domainName.
-     */
-    public DANEEntryFetcher build(final String domainName)
-    {
-        final Hashtable env = new Hashtable();
-
-        env.put(Context.INITIAL_CONTEXT_FACTORY, "com.sun.jndi.dns.DnsContextFactory");
-        env.put(Context.AUTHORITATIVE, isAuthoritative ? "true" : "false"); // JDK compatibility
-
-        if (dnsServerList.size() > 0)
-        {
-            StringBuffer dnsServers = new StringBuffer();
-
-            for (Iterator it = dnsServerList.iterator(); it.hasNext(); )
-            {
-                if (dnsServers.length() > 0)
-                {
-                    dnsServers.append(" ");
-                }
-                dnsServers.append("dns://" + it.next());
-            }
-
-            env.put(Context.PROVIDER_URL, dnsServers.toString());
-        }
-
-        return new DANEEntryFetcher()
-        {
-            public List getEntries()
-                throws DANEException
-            {
-                List entries = new ArrayList();
-
-                try
-                {
-                    DirContext ctx = new InitialDirContext(env);
-
-                    NamingEnumeration bindings;
-                    if (domainName.indexOf("_smimecert.") > 0)
-                    {
-                        // need to use fully qualified domain name if using named DNS server.
-                        Attributes attrs = ctx.getAttributes(domainName, new String[]{DANE_TYPE});
-                        Attribute smimeAttr = attrs.get(DANE_TYPE);
-
-                        if (smimeAttr != null)
-                        {
-                            addEntries(entries, domainName, smimeAttr);
-                        }
-                    }
-                    else
-                    {
-                        bindings = ctx.listBindings("_smimecert." + domainName);
-
-                        while (bindings.hasMore())
-                        {
-                            Binding b = (Binding)bindings.next();
-
-                            DirContext sc = (DirContext)b.getObject();
-
-                            String name = sc.getNameInNamespace().substring(1, sc.getNameInNamespace().length() - 1);
-
-                            // need to use fully qualified domain name if using named DNS server.
-                            Attributes attrs = ctx.getAttributes(name, new String[]{DANE_TYPE});
-                            Attribute smimeAttr = attrs.get(DANE_TYPE);
-
-                            if (smimeAttr != null)
-                            {
-                                String fullName = sc.getNameInNamespace();
-                                String domainName = fullName.substring(1, fullName.length() - 1);
-
-                                addEntries(entries, domainName, smimeAttr);
-                            }
-                        }
-                    }
-
-                    return entries;
-                }
-                catch (NamingException e)
-                {
-                    throw new DANEException("Exception dealing with DNS: " + e.getMessage(), e);
-                }
-            }
-        };
-    }
-
-    private void addEntries(List entries, String domainName, Attribute smimeAttr)
-        throws NamingException, DANEException
-    {
-        for (int index = 0; index != smimeAttr.size(); index++)
-        {
-            byte[] data = (byte[])smimeAttr.get(index);
-
-            if (DANEEntry.isValidCertificate(data))
-            {
-                try
-                {
-                    entries.add(new DANEEntry(domainName, data));
-                }
-                catch (IOException e)
-                {
-                    throw new DANEException("Exception parsing entry: " + e.getMessage(), e);
-                }
-            }
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/CertHelper.java b/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/CertHelper.java
deleted file mode 100644
index dee6996..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/CertHelper.java
+++ /dev/null

@@ -1,17 +0,0 @@
-package org.bouncycastle.cert.jcajce;
-
-import java.security.NoSuchProviderException;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
-
-abstract class CertHelper
-{
-    public CertificateFactory getCertificateFactory(String type)
-        throws NoSuchProviderException, CertificateException
-    {
-        return createCertificateFactory(type);
-    }
-
-    protected abstract CertificateFactory createCertificateFactory(String type)
-        throws CertificateException, NoSuchProviderException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/DefaultCertHelper.java b/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/DefaultCertHelper.java
deleted file mode 100644
index 3966b49..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/DefaultCertHelper.java
+++ /dev/null

@@ -1,14 +0,0 @@
-package org.bouncycastle.cert.jcajce;
-
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
-
-class DefaultCertHelper
-    extends CertHelper
-{
-    protected CertificateFactory createCertificateFactory(String type)
-        throws CertificateException
-    {
-        return CertificateFactory.getInstance(type);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaAttributeCertificateIssuer.java b/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaAttributeCertificateIssuer.java
deleted file mode 100644
index f5bfa68..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaAttributeCertificateIssuer.java
+++ /dev/null

@@ -1,32 +0,0 @@
-package org.bouncycastle.cert.jcajce;
-
-import java.security.cert.X509Certificate;
-
-import javax.security.auth.x500.X500Principal;
-
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.cert.AttributeCertificateIssuer;
-
-public class JcaAttributeCertificateIssuer
-    extends AttributeCertificateIssuer
-{
-    /**
-     * Base constructor.
-     *
-     * @param issuerCert certificate for the issuer of the attribute certificate.
-     */
-    public JcaAttributeCertificateIssuer(X509Certificate issuerCert)
-    {
-        this(issuerCert.getIssuerX500Principal());
-    }
-
-    /**
-     * Base constructor.
-     *
-     * @param issuerDN X.500 DN for the issuer of the attribute certificate.
-     */
-    public JcaAttributeCertificateIssuer(X500Principal issuerDN)
-    {
-        super(X500Name.getInstance(issuerDN.getEncoded()));
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaCRLStore.java b/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaCRLStore.java
deleted file mode 100644
index 2e8209e..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaCRLStore.java
+++ /dev/null

@@ -1,63 +0,0 @@
-package org.bouncycastle.cert.jcajce;
-
-import java.io.IOException;
-import java.security.cert.CRLException;
-import java.security.cert.X509CRL;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Iterator;
-import java.util.List;
-
-import org.bouncycastle.cert.X509CRLHolder;
-import org.bouncycastle.util.CollectionStore;
-
-/**
- * Class for storing CRLs for later lookup.
- * <p>
- * The class will convert X509CRL objects into X509CRLHolder objects.
- * </p>
- */
-public class JcaCRLStore
-    extends CollectionStore
-{
-    /**
-     * Basic constructor.
-     *
-     * @param collection - initial contents for the store, this is copied.
-     */
-    public JcaCRLStore(Collection collection)
-        throws CRLException
-    {
-        super(convertCRLs(collection));
-    }
-
-    private static Collection convertCRLs(Collection collection)
-        throws CRLException
-    {
-        List list = new ArrayList(collection.size());
-
-        for (Iterator it = collection.iterator(); it.hasNext();)
-        {
-            Object crl = it.next();
-
-            if (crl instanceof X509CRL)
-            {
-                try
-                {
-                    list.add(new X509CRLHolder(((X509CRL)crl).getEncoded()));
-                }
-                catch (IOException e)
-                {
-                    throw new CRLException("cannot read encoding: " + e.getMessage());
-                    
-                }
-            }
-            else
-            {
-                list.add((X509CRLHolder)crl);
-            }
-        }
-
-        return list;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaCertStoreBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaCertStoreBuilder.java
deleted file mode 100644
index 3051a45..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaCertStoreBuilder.java
+++ /dev/null

@@ -1,148 +0,0 @@
-package org.bouncycastle.cert.jcajce;
-
-import java.security.GeneralSecurityException;
-import java.security.Provider;
-import java.security.cert.CRLException;
-import java.security.cert.CertStore;
-import java.security.cert.CertificateException;
-import java.security.cert.CollectionCertStoreParameters;
-import java.util.ArrayList;
-import java.util.Iterator;
-import java.util.List;
-
-import org.bouncycastle.cert.X509CRLHolder;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.util.Store;
-
-/**
- * Builder to create a CertStore from certificate and CRL stores.
- */
-public class JcaCertStoreBuilder
-{
-    private List certs = new ArrayList();
-    private List crls = new ArrayList();
-    private Object provider;
-    private JcaX509CertificateConverter certificateConverter = new JcaX509CertificateConverter();
-    private JcaX509CRLConverter crlConverter = new JcaX509CRLConverter();
-    private String type = "Collection";
-
-    /**
-     *  Add a store full of X509CertificateHolder objects.
-     *
-     * @param certStore a store of X509CertificateHolder objects.
-     */
-    public JcaCertStoreBuilder addCertificates(Store certStore)
-    {
-        certs.addAll(certStore.getMatches(null));
-
-        return this;
-    }
-
-    /**
-     * Add a single certificate.
-     *
-     * @param cert  the X509 certificate holder containing the certificate.
-     */
-    public JcaCertStoreBuilder addCertificate(X509CertificateHolder cert)
-    {
-        certs.add(cert);
-
-        return this;
-    }
-
-    /**
-     * Add a store full of X509CRLHolder objects.
-     * @param crlStore  a store of X509CRLHolder objects.
-     */
-    public JcaCertStoreBuilder addCRLs(Store crlStore)
-    {
-        crls.addAll(crlStore.getMatches(null));
-
-        return this;
-    }
-
-    /**
-     * Add a single CRL.
-     *
-     * @param crl  the X509 CRL holder containing the CRL.
-     */
-    public JcaCertStoreBuilder addCRL(X509CRLHolder crl)
-    {
-        crls.add(crl);
-
-        return this;
-    }
-
-    public JcaCertStoreBuilder setProvider(String providerName)
-    {
-        certificateConverter.setProvider(providerName);
-        crlConverter.setProvider(providerName);
-        this.provider = providerName;
-
-        return this;
-    }
-
-    public JcaCertStoreBuilder setProvider(Provider provider)
-    {
-        certificateConverter.setProvider(provider);
-        crlConverter.setProvider(provider);
-        this.provider = provider;
-
-        return this;
-    }
-
-    /**
-     * Set the type of the CertStore generated. By default it is "Collection".
-     *
-     * @param type type of CertStore passed to CertStore.getInstance().
-     * @return the current builder.
-     */
-    public JcaCertStoreBuilder setType(String type)
-    {
-        this.type = type;
-
-        return this;
-    }
-
-    /**
-     * Build the CertStore from the current inputs.
-     *
-     * @return  a CertStore.
-     * @throws GeneralSecurityException
-     */
-    public CertStore build()
-        throws GeneralSecurityException
-    {
-        CollectionCertStoreParameters params = convertHolders(certificateConverter, crlConverter);
-
-        if (provider instanceof String)
-        {
-            return CertStore.getInstance(type, params, (String)provider);
-        }
-
-        if (provider instanceof Provider)
-        {
-            return CertStore.getInstance(type, params, (Provider)provider);
-        }
-
-        return CertStore.getInstance(type, params);
-    }
-
-    private CollectionCertStoreParameters convertHolders(JcaX509CertificateConverter certificateConverter, JcaX509CRLConverter crlConverter)
-        throws CertificateException, CRLException
-    {
-        List jcaObjs = new ArrayList(certs.size() + crls.size());
-
-        for (Iterator it = certs.iterator(); it.hasNext();)
-        {
-            jcaObjs.add(certificateConverter.getCertificate((X509CertificateHolder)it.next()));
-        }
-
-        for (Iterator it = crls.iterator(); it.hasNext();)
-        {
-            jcaObjs.add(crlConverter.getCRL((X509CRLHolder)it.next()));
-        }
-
-        return new CollectionCertStoreParameters(jcaObjs);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaX500NameUtil.java b/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaX500NameUtil.java
deleted file mode 100644
index 2b64340..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaX500NameUtil.java
+++ /dev/null

@@ -1,29 +0,0 @@
-package org.bouncycastle.cert.jcajce;
-
-import java.security.cert.X509Certificate;
-
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x500.X500NameStyle;
-
-public class JcaX500NameUtil
-{
-    public static X500Name getIssuer(X509Certificate certificate)
-    {
-        return X500Name.getInstance(certificate.getIssuerX500Principal().getEncoded());
-    }
-
-    public static X500Name getSubject(X509Certificate certificate)
-    {
-        return X500Name.getInstance(certificate.getSubjectX500Principal().getEncoded());
-    }
-
-    public static X500Name getIssuer(X500NameStyle style, X509Certificate certificate)
-    {
-        return X500Name.getInstance(style, certificate.getIssuerX500Principal().getEncoded());
-    }
-
-    public static X500Name getSubject(X500NameStyle style, X509Certificate certificate)
-    {
-        return X500Name.getInstance(style, certificate.getSubjectX500Principal().getEncoded());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaX509CRLConverter.java b/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaX509CRLConverter.java
deleted file mode 100644
index ae06334..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaX509CRLConverter.java
+++ /dev/null

@@ -1,103 +0,0 @@
-package org.bouncycastle.cert.jcajce;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.security.NoSuchProviderException;
-import java.security.Provider;
-import java.security.cert.CRLException;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509CRL;
-
-import org.bouncycastle.cert.X509CRLHolder;
-
-/**
- * Class for converting an X509CRLHolder into a corresponding X509CRL object tied to a
- * particular JCA provider.
- */
-public class JcaX509CRLConverter
-{
-    private CertHelper helper = new DefaultCertHelper();
-
-    /**
-     * Base constructor, configure with the default provider.
-     */
-    public JcaX509CRLConverter()
-    {
-        this.helper = new DefaultCertHelper();
-    }
-
-    /**
-     * Set the provider to use from a Provider object.
-     *
-     * @param provider the provider to use.
-     * @return the converter instance.
-     */
-    public JcaX509CRLConverter setProvider(Provider provider)
-    {
-        this.helper = new ProviderCertHelper(provider);
-
-        return this;
-    }
-
-    /**
-     * Set the provider to use by name.
-     *
-     * @param providerName name of the provider to use.
-     * @return the converter instance.
-     */
-    public JcaX509CRLConverter setProvider(String providerName)
-    {
-        this.helper = new NamedCertHelper(providerName);
-
-        return this;
-    }
-
-    /**
-     * Use the configured converter to produce a X509CRL object from a X509CRLHolder object.
-     *
-     * @param crlHolder  the holder to be converted
-     * @return a X509CRL object
-     * @throws CRLException if the conversion is unable to be made.
-     */
-    public X509CRL getCRL(X509CRLHolder crlHolder)
-        throws CRLException
-    {
-        try
-        {
-            CertificateFactory cFact = helper.getCertificateFactory("X.509");
-
-            return (X509CRL)cFact.generateCRL(new ByteArrayInputStream(crlHolder.getEncoded()));
-        }
-        catch (IOException e)
-        {
-            throw new ExCRLException("exception parsing certificate: " + e.getMessage(), e);
-        }
-        catch (NoSuchProviderException e)
-        {
-            throw new ExCRLException("cannot find required provider:" + e.getMessage(), e);
-        }
-        catch (CertificateException e)
-        {
-            throw new ExCRLException("cannot create factory: " + e.getMessage(), e);
-        }
-    }
-
-    private class ExCRLException
-        extends CRLException
-    {
-        private Throwable cause;
-
-        public ExCRLException(String msg, Throwable cause)
-        {
-            super(msg);
-
-            this.cause = cause;
-        }
-
-        public Throwable getCause()
-        {
-            return cause;
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaX509CRLHolder.java b/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaX509CRLHolder.java
deleted file mode 100644
index 43665c0..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaX509CRLHolder.java
+++ /dev/null

@@ -1,26 +0,0 @@
-package org.bouncycastle.cert.jcajce;
-
-import java.security.cert.CRLException;
-import java.security.cert.X509CRL;
-
-import org.bouncycastle.asn1.x509.CertificateList;
-import org.bouncycastle.cert.X509CRLHolder;
-
-/**
- * JCA helper class for converting an X509CRL into a X509CRLHolder object.
- */
-public class JcaX509CRLHolder
-    extends X509CRLHolder
-{
-    /**
-     * Base constructor.
-     *
-     * @param crl CRL to be used a the source for the holder creation.
-     * @throws CRLException if there is a problem extracting the CRL information.
-     */
-    public JcaX509CRLHolder(X509CRL crl)
-        throws CRLException
-    {
-        super(CertificateList.getInstance(crl.getEncoded()));
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaX509CertificateConverter.java b/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaX509CertificateConverter.java
deleted file mode 100644
index 39e63aa..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaX509CertificateConverter.java
+++ /dev/null

@@ -1,116 +0,0 @@
-package org.bouncycastle.cert.jcajce;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.security.NoSuchProviderException;
-import java.security.Provider;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.CertificateParsingException;
-import java.security.cert.X509Certificate;
-
-import org.bouncycastle.cert.X509CertificateHolder;
-
-/**
- * Converter for producing X509Certificate objects tied to a specific provider from X509CertificateHolder objects.
- */
-public class JcaX509CertificateConverter
-{
-    private CertHelper helper = new DefaultCertHelper();
-
-    /**
-     * Base constructor, configure with the default provider.
-     */
-    public JcaX509CertificateConverter()
-    {
-        this.helper = new DefaultCertHelper();
-    }
-
-    /**
-     * Set the provider to use from a Provider object.
-     *
-     * @param provider the provider to use.
-     * @return the converter instance.
-     */
-    public JcaX509CertificateConverter setProvider(Provider provider)
-    {
-        this.helper = new ProviderCertHelper(provider);
-
-        return this;
-    }
-
-    /**
-     * Set the provider to use by name.
-     *
-     * @param providerName name of the provider to use.
-     * @return the converter instance.
-     */
-    public JcaX509CertificateConverter setProvider(String providerName)
-    {
-        this.helper = new NamedCertHelper(providerName);
-
-        return this;
-    }
-
-    /**
-     * Use the configured converter to produce a X509Certificate object from a X509CertificateHolder object.
-     *
-     * @param certHolder  the holder to be converted
-     * @return a X509Certificate object
-     * @throws CertificateException if the conversion is unable to be made.
-     */
-    public X509Certificate getCertificate(X509CertificateHolder certHolder)
-        throws CertificateException
-    {
-        try
-        {
-            CertificateFactory cFact = helper.getCertificateFactory("X.509");
-
-            return (X509Certificate)cFact.generateCertificate(new ByteArrayInputStream(certHolder.getEncoded()));
-        }
-        catch (IOException e)
-        {
-            throw new ExCertificateParsingException("exception parsing certificate: " + e.getMessage(), e);
-        }
-        catch (NoSuchProviderException e)
-        {
-            throw new ExCertificateException("cannot find required provider:" + e.getMessage(), e);
-        }
-    }
-
-    private class ExCertificateParsingException
-        extends CertificateParsingException
-    {
-        private Throwable cause;
-
-        public ExCertificateParsingException(String msg, Throwable cause)
-        {
-            super(msg);
-
-            this.cause = cause;
-        }
-
-        public Throwable getCause()
-        {
-            return cause;
-        }
-    }
-    
-    private class ExCertificateException
-        extends CertificateException
-    {
-        private Throwable cause;
-
-        public ExCertificateException(String msg, Throwable cause)
-        {
-            super(msg);
-
-            this.cause = cause;
-        }
-
-        public Throwable getCause()
-        {
-            return cause;
-        }
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaX509ContentVerifierProviderBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaX509ContentVerifierProviderBuilder.java
deleted file mode 100644
index 5f4c530..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaX509ContentVerifierProviderBuilder.java
+++ /dev/null

@@ -1,50 +0,0 @@
-package org.bouncycastle.cert.jcajce;
-
-import java.security.Provider;
-import java.security.cert.CertificateException;
-
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.X509ContentVerifierProviderBuilder;
-import org.bouncycastle.operator.ContentVerifierProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.jcajce.JcaContentVerifierProviderBuilder;
-
-public class JcaX509ContentVerifierProviderBuilder
-    implements X509ContentVerifierProviderBuilder
-{
-    private JcaContentVerifierProviderBuilder builder = new JcaContentVerifierProviderBuilder();
-
-    public JcaX509ContentVerifierProviderBuilder setProvider(Provider provider)
-    {
-        this.builder.setProvider(provider);
-
-        return this;
-    }
-
-    public JcaX509ContentVerifierProviderBuilder setProvider(String providerName)
-    {
-        this.builder.setProvider(providerName);
-
-        return this;
-    }
-
-    public ContentVerifierProvider build(SubjectPublicKeyInfo validatingKeyInfo)
-        throws OperatorCreationException
-    {
-        return builder.build(validatingKeyInfo);
-    }
-
-    public ContentVerifierProvider build(X509CertificateHolder validatingKeyInfo)
-        throws OperatorCreationException
-    {
-        try
-        {
-            return builder.build(validatingKeyInfo);
-        }
-        catch (CertificateException e)
-        {
-            throw new OperatorCreationException("Unable to process certificate: " + e.getMessage(), e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaX509ExtensionUtils.java b/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaX509ExtensionUtils.java
deleted file mode 100644
index 63c5d57..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaX509ExtensionUtils.java
+++ /dev/null

@@ -1,224 +0,0 @@
-package org.bouncycastle.cert.jcajce;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-import java.math.BigInteger;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.security.PublicKey;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.CertificateParsingException;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.Enumeration;
-import java.util.List;
-
-import javax.security.auth.x500.X500Principal;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1String;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.GeneralNames;
-import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.cert.X509ExtensionUtils;
-import org.bouncycastle.operator.DigestCalculator;
-import org.bouncycastle.util.Integers;
-
-public class JcaX509ExtensionUtils
-    extends X509ExtensionUtils
-{
-    /**
-     * Create a utility class pre-configured with a SHA-1 digest calculator based on the
-     * default implementation.
-     *
-     * @throws NoSuchAlgorithmException
-     */
-    public JcaX509ExtensionUtils()
-        throws NoSuchAlgorithmException
-    {
-        super(new SHA1DigestCalculator(MessageDigest.getInstance("SHA1")));
-    }
-
-    public JcaX509ExtensionUtils(DigestCalculator calculator)
-    {
-        super(calculator);
-    }
-
-    public AuthorityKeyIdentifier createAuthorityKeyIdentifier(
-        X509Certificate cert)
-        throws CertificateEncodingException
-    {
-        return super.createAuthorityKeyIdentifier(new JcaX509CertificateHolder(cert));
-    }
-
-    public AuthorityKeyIdentifier createAuthorityKeyIdentifier(
-        PublicKey pubKey)
-    {
-        return super.createAuthorityKeyIdentifier(SubjectPublicKeyInfo.getInstance(pubKey.getEncoded()));
-    }
-
-    public AuthorityKeyIdentifier createAuthorityKeyIdentifier(PublicKey pubKey, X500Principal name, BigInteger serial)
-    {
-        return super.createAuthorityKeyIdentifier(SubjectPublicKeyInfo.getInstance(pubKey.getEncoded()), new GeneralNames(new GeneralName(X500Name.getInstance(name.getEncoded()))), serial);
-    }
-
-    public AuthorityKeyIdentifier createAuthorityKeyIdentifier(PublicKey pubKey, GeneralNames generalNames, BigInteger serial)
-    {
-        return super.createAuthorityKeyIdentifier(SubjectPublicKeyInfo.getInstance(pubKey.getEncoded()), generalNames, serial);
-    }
-
-    /**
-     * Return a RFC 3280 type 1 key identifier. As in:
-     * <pre>
-     * (1) The keyIdentifier is composed of the 160-bit SHA-1 hash of the
-     * value of the BIT STRING subjectPublicKey (excluding the tag,
-     * length, and number of unused bits).
-     * </pre>
-     * @param publicKey the key object containing the key identifier is to be based on.
-     * @return the key identifier.
-     */
-    public SubjectKeyIdentifier createSubjectKeyIdentifier(
-        PublicKey publicKey)
-    {
-        return super.createSubjectKeyIdentifier(SubjectPublicKeyInfo.getInstance(publicKey.getEncoded()));
-    }
-
-    /**
-     * Return a RFC 3280 type 2 key identifier. As in:
-     * <pre>
-     * (2) The keyIdentifier is composed of a four bit type field with
-     * the value 0100 followed by the least significant 60 bits of the
-     * SHA-1 hash of the value of the BIT STRING subjectPublicKey.
-     * </pre>
-     * @param publicKey the key object of interest.
-     * @return the key identifier.
-     */
-    public SubjectKeyIdentifier createTruncatedSubjectKeyIdentifier(PublicKey publicKey)
-    {
-       return super.createTruncatedSubjectKeyIdentifier(SubjectPublicKeyInfo.getInstance(publicKey.getEncoded()));
-    }
-
-    /**
-     * Return the ASN.1 object contained in a byte[] returned by a getExtensionValue() call.
-     *
-     * @param encExtValue DER encoded OCTET STRING containing the DER encoded extension object.
-     * @return an ASN.1 object
-     * @throws java.io.IOException on a parsing error.
-     */
-    public static ASN1Primitive parseExtensionValue(byte[] encExtValue)
-        throws IOException
-    {
-        return ASN1Primitive.fromByteArray(ASN1OctetString.getInstance(encExtValue).getOctets());
-    }
-
-    public static Collection getIssuerAlternativeNames(X509Certificate cert)
-            throws CertificateParsingException
-    {
-        byte[] extVal = cert.getExtensionValue(Extension.issuerAlternativeName.getId());
-
-        return getAlternativeNames(extVal);
-    }
-
-    public static Collection getSubjectAlternativeNames(X509Certificate cert)
-            throws CertificateParsingException
-    {
-        byte[] extVal = cert.getExtensionValue(Extension.subjectAlternativeName.getId());
-
-        return getAlternativeNames(extVal);
-    }
-
-    private static Collection getAlternativeNames(byte[] extVal)
-        throws CertificateParsingException
-    {
-        if (extVal == null)
-        {
-            return Collections.EMPTY_LIST;
-        }
-        try
-        {
-            Collection temp = new ArrayList();
-            Enumeration it = DERSequence.getInstance(parseExtensionValue(extVal)).getObjects();
-            while (it.hasMoreElements())
-            {
-                GeneralName genName = GeneralName.getInstance(it.nextElement());
-                List list = new ArrayList();
-                list.add(Integers.valueOf(genName.getTagNo()));
-                switch (genName.getTagNo())
-                {
-                case GeneralName.ediPartyName:
-                case GeneralName.x400Address:
-                case GeneralName.otherName:
-                    list.add(genName.getName().toASN1Primitive());
-                    break;
-                case GeneralName.directoryName:
-                    list.add(X500Name.getInstance(genName.getName()).toString());
-                    break;
-                case GeneralName.dNSName:
-                case GeneralName.rfc822Name:
-                case GeneralName.uniformResourceIdentifier:
-                    list.add(((ASN1String)genName.getName()).getString());
-                    break;
-                case GeneralName.registeredID:
-                    list.add(ASN1ObjectIdentifier.getInstance(genName.getName()).getId());
-                    break;
-                case GeneralName.iPAddress:
-                    list.add(DEROctetString.getInstance(genName.getName()).getOctets());
-                    break;
-                default:
-                    throw new IOException("Bad tag number: " + genName.getTagNo());
-                }
-
-                temp.add(list);
-            }
-            return Collections.unmodifiableCollection(temp);
-        }
-        catch (Exception e)
-        {
-            throw new CertificateParsingException(e.getMessage());
-        }
-    }
-
-    private static class SHA1DigestCalculator
-        implements DigestCalculator
-    {
-        private ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        private MessageDigest digest;
-
-        public SHA1DigestCalculator(MessageDigest digest)
-        {
-            this.digest = digest;
-        }
-
-        public AlgorithmIdentifier getAlgorithmIdentifier()
-        {
-            return new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1);
-        }
-
-        public OutputStream getOutputStream()
-        {
-            return bOut;
-        }
-
-        public byte[] getDigest()
-        {
-            byte[] bytes = digest.digest(bOut.toByteArray());
-
-            bOut.reset();
-
-            return bytes;
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaX509v1CertificateBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaX509v1CertificateBuilder.java
deleted file mode 100644
index e453fc7..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaX509v1CertificateBuilder.java
+++ /dev/null

@@ -1,48 +0,0 @@
-package org.bouncycastle.cert.jcajce;
-
-import java.math.BigInteger;
-import java.security.PublicKey;
-import java.util.Date;
-
-import javax.security.auth.x500.X500Principal;
-
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.cert.X509v1CertificateBuilder;
-
-/**
- * JCA helper class to allow JCA objects to be used in the construction of a Version 1 certificate.
- */
-public class JcaX509v1CertificateBuilder
-    extends X509v1CertificateBuilder
-{
-    /**
-     * Initialise the builder using a PublicKey.
-     *
-     * @param issuer X500Name representing the issuer of this certificate.
-     * @param serial the serial number for the certificate.
-     * @param notBefore date before which the certificate is not valid.
-     * @param notAfter date after which the certificate is not valid.
-     * @param subject X500Name representing the subject of this certificate.
-     * @param publicKey the public key to be associated with the certificate.
-     */
-    public JcaX509v1CertificateBuilder(X500Name issuer, BigInteger serial, Date notBefore, Date notAfter, X500Name subject, PublicKey publicKey)
-    {
-        super(issuer, serial, notBefore, notAfter, subject, SubjectPublicKeyInfo.getInstance(publicKey.getEncoded()));
-    }
-
-    /**
-     * Initialise the builder using X500Principal objects and a PublicKey.
-     *
-     * @param issuer principal representing the issuer of this certificate.
-     * @param serial the serial number for the certificate.
-     * @param notBefore date before which the certificate is not valid.
-     * @param notAfter date after which the certificate is not valid.
-     * @param subject principal representing the subject of this certificate.
-     * @param publicKey the public key to be associated with the certificate.
-     */
-    public JcaX509v1CertificateBuilder(X500Principal issuer, BigInteger serial, Date notBefore, Date notAfter, X500Principal subject, PublicKey publicKey)
-    {
-        super(X500Name.getInstance(issuer.getEncoded()), serial, notBefore, notAfter, X500Name.getInstance(subject.getEncoded()), SubjectPublicKeyInfo.getInstance(publicKey.getEncoded()));
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaX509v2CRLBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaX509v2CRLBuilder.java
deleted file mode 100644
index 43c3918..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaX509v2CRLBuilder.java
+++ /dev/null

@@ -1,23 +0,0 @@
-package org.bouncycastle.cert.jcajce;
-
-import java.security.cert.X509Certificate;
-import java.util.Date;
-
-import javax.security.auth.x500.X500Principal;
-
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.cert.X509v2CRLBuilder;
-
-public class JcaX509v2CRLBuilder
-    extends X509v2CRLBuilder
-{
-    public JcaX509v2CRLBuilder(X500Principal issuer, Date now)
-    {
-        super(X500Name.getInstance(issuer.getEncoded()), now);
-    }
-
-    public JcaX509v2CRLBuilder(X509Certificate issuerCert, Date now)
-    {
-        this(issuerCert.getSubjectX500Principal(), now);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaX509v3CertificateBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaX509v3CertificateBuilder.java
deleted file mode 100644
index ae33009..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/JcaX509v3CertificateBuilder.java
+++ /dev/null

@@ -1,119 +0,0 @@
-package org.bouncycastle.cert.jcajce;
-
-import java.math.BigInteger;
-import java.security.PublicKey;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.X509Certificate;
-import java.util.Date;
-
-import javax.security.auth.x500.X500Principal;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x509.Time;
-import org.bouncycastle.cert.X509v3CertificateBuilder;
-
-/**
- * JCA helper class to allow JCA objects to be used in the construction of a Version 3 certificate.
- */
-public class JcaX509v3CertificateBuilder
-    extends X509v3CertificateBuilder
-{
-    /**
-     * Initialise the builder using a PublicKey.
-     *
-     * @param issuer X500Name representing the issuer of this certificate.
-     * @param serial the serial number for the certificate.
-     * @param notBefore date before which the certificate is not valid.
-     * @param notAfter date after which the certificate is not valid.
-     * @param subject X500Name representing the subject of this certificate.
-     * @param publicKey the public key to be associated with the certificate.
-     */
-    public JcaX509v3CertificateBuilder(X500Name issuer, BigInteger serial, Date notBefore, Date notAfter, X500Name subject, PublicKey publicKey)
-    {
-        super(issuer, serial, notBefore, notAfter, subject, SubjectPublicKeyInfo.getInstance(publicKey.getEncoded()));
-    }
-
-    /**
-     * Initialise the builder using a PublicKey.
-     *
-     * @param issuer X500Name representing the issuer of this certificate.
-     * @param serial the serial number for the certificate.
-     * @param notBefore Time before which the certificate is not valid.
-     * @param notAfter Time after which the certificate is not valid.
-     * @param subject X500Name representing the subject of this certificate.
-     * @param publicKey the public key to be associated with the certificate.
-     */
-    public JcaX509v3CertificateBuilder(X500Name issuer, BigInteger serial, Time notBefore, Time notAfter, X500Name subject, PublicKey publicKey)
-    {
-        super(issuer, serial, notBefore, notAfter, subject, SubjectPublicKeyInfo.getInstance(publicKey.getEncoded()));
-    }
-
-    /**
-     * Initialise the builder using X500Principal objects and a PublicKey.
-     *
-     * @param issuer principal representing the issuer of this certificate.
-     * @param serial the serial number for the certificate.
-     * @param notBefore date before which the certificate is not valid.
-     * @param notAfter date after which the certificate is not valid.
-     * @param subject principal representing the subject of this certificate.
-     * @param publicKey the public key to be associated with the certificate.
-     */
-    public JcaX509v3CertificateBuilder(X500Principal issuer, BigInteger serial, Date notBefore, Date notAfter, X500Principal subject, PublicKey publicKey)
-    {
-        super(X500Name.getInstance(issuer.getEncoded()), serial, notBefore, notAfter, X500Name.getInstance(subject.getEncoded()), SubjectPublicKeyInfo.getInstance(publicKey.getEncoded()));
-    }
-
-    /**
-     * Initialise the builder using the subject from the passed in issuerCert as the issuer, as well as
-     * passing through and converting the other objects provided.
-     *
-     * @param issuerCert certificate who's subject is the issuer of the certificate we are building.
-     * @param serial the serial number for the certificate.
-     * @param notBefore date before which the certificate is not valid.
-     * @param notAfter date after which the certificate is not valid.
-     * @param subject principal representing the subject of this certificate.
-     * @param publicKey the public key to be associated with the certificate.
-     */
-    public JcaX509v3CertificateBuilder(X509Certificate issuerCert, BigInteger serial, Date notBefore, Date notAfter, X500Principal subject, PublicKey publicKey)
-    {
-        this(issuerCert.getSubjectX500Principal(), serial, notBefore, notAfter, subject, publicKey);
-    }
-
-    /**
-     * Initialise the builder using the subject from the passed in issuerCert as the issuer, as well as
-     * passing through and converting the other objects provided.
-     *
-     * @param issuerCert certificate who's subject is the issuer of the certificate we are building.
-     * @param serial the serial number for the certificate.
-     * @param notBefore date before which the certificate is not valid.
-     * @param notAfter date after which the certificate is not valid.
-     * @param subject principal representing the subject of this certificate.
-     * @param publicKey the public key to be associated with the certificate.
-     */
-    public JcaX509v3CertificateBuilder(X509Certificate issuerCert, BigInteger serial, Date notBefore, Date notAfter, X500Name subject, PublicKey publicKey)
-    {
-        this(X500Name.getInstance(issuerCert.getSubjectX500Principal().getEncoded()), serial, notBefore, notAfter, subject, publicKey);
-    }
-
-    /**
-     * Add a given extension field for the standard extensions tag (tag 3)
-     * copying the extension value from another certificate.
-     *
-     * @param oid the type of the extension to be copied.
-     * @param critical true if the extension is to be marked critical, false otherwise.
-     * @param certificate the source of the extension to be copied.
-     * @return the builder instance.
-     */
-    public JcaX509v3CertificateBuilder copyAndAddExtension(
-        ASN1ObjectIdentifier oid,
-        boolean critical,
-        X509Certificate certificate)
-        throws CertificateEncodingException
-    {
-        this.copyAndAddExtension(oid, critical, new JcaX509CertificateHolder(certificate));
-
-        return this;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/NamedCertHelper.java b/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/NamedCertHelper.java
deleted file mode 100644
index 5cd2feb..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/NamedCertHelper.java
+++ /dev/null

@@ -1,22 +0,0 @@
-package org.bouncycastle.cert.jcajce;
-
-import java.security.NoSuchProviderException;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
-
-class NamedCertHelper
-    extends CertHelper
-{
-    private final String providerName;
-
-    NamedCertHelper(String providerName)
-    {
-        this.providerName = providerName;
-    }
-
-    protected CertificateFactory createCertificateFactory(String type)
-        throws CertificateException, NoSuchProviderException
-    {
-        return CertificateFactory.getInstance(type, providerName);
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/ProviderCertHelper.java b/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/ProviderCertHelper.java
deleted file mode 100644
index 15c9e72..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/ProviderCertHelper.java
+++ /dev/null

@@ -1,22 +0,0 @@
-package org.bouncycastle.cert.jcajce;
-
-import java.security.Provider;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
-
-class ProviderCertHelper
-    extends CertHelper
-{
-    private final Provider provider;
-
-    ProviderCertHelper(Provider provider)
-    {
-        this.provider = provider;
-    }
-
-    protected CertificateFactory createCertificateFactory(String type)
-        throws CertificateException
-    {
-        return CertificateFactory.getInstance(type, provider);
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/package.html b/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/package.html
deleted file mode 100644
index cc15e01..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/jcajce/package.html
+++ /dev/null

@@ -1,7 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
-        "http://www.w3.org/TR/html4/loose.dtd">
-<html>
-<body bgcolor="#ffffff">
-JCA extensions to the certificate building and processing package.
-</body>
-</html>
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/ocsp/package.html b/bcpkix/src/main/java/org/bouncycastle/cert/ocsp/package.html
deleted file mode 100644
index 234cb32..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/ocsp/package.html
+++ /dev/null

@@ -1,7 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
-        "http://www.w3.org/TR/html4/loose.dtd">
-<html>
-<body bgcolor="#ffffff">
-Basic support package for handling and creating OCSP (RFC 2560) online certificate status requests.
-</body>
-</html>
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/ocsp/test/AllTests.java b/bcpkix/src/main/java/org/bouncycastle/cert/ocsp/test/AllTests.java
deleted file mode 100644
index 1f720de..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/ocsp/test/AllTests.java
+++ /dev/null

@@ -1,44 +0,0 @@
-package org.bouncycastle.cert.ocsp.test;
-
-import java.security.Security;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.test.SimpleTestResult;
-
-public class AllTests
-    extends TestCase
-{
-    public void testOCSP()
-    {   
-        Security.addProvider(new BouncyCastleProvider());
-        
-        org.bouncycastle.util.test.Test[] tests = new org.bouncycastle.util.test.Test[] { new OCSPTest() };
-        
-        for (int i = 0; i != tests.length; i++)
-        {
-            SimpleTestResult  result = (SimpleTestResult)tests[i].perform();
-            
-            if (!result.isSuccessful())
-            {
-                fail(result.toString());
-            }
-        }
-    }
-    
-    public static void main (String[] args)
-    {
-        junit.textui.TestRunner.run(suite());
-    }
-    
-    public static Test suite()
-    {
-        TestSuite suite = new TestSuite("OCSP Tests");
-        
-        suite.addTestSuite(AllTests.class);
-        
-        return suite;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/ocsp/test/OCSPTest.java b/bcpkix/src/main/java/org/bouncycastle/cert/ocsp/test/OCSPTest.java
deleted file mode 100644
index 6e7de68..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/ocsp/test/OCSPTest.java
+++ /dev/null

@@ -1,971 +0,0 @@
-package org.bouncycastle.cert.ocsp.test;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.security.KeyPair;
-import java.security.Security;
-import java.util.Date;
-import java.util.Random;
-import java.util.Set;
-import java.util.Vector;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Exception;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.ocsp.OCSPObjectIdentifiers;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.ExtensionsGenerator;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.cert.CertIOException;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
-import org.bouncycastle.cert.ocsp.BasicOCSPResp;
-import org.bouncycastle.cert.ocsp.BasicOCSPRespBuilder;
-import org.bouncycastle.cert.ocsp.CertificateID;
-import org.bouncycastle.cert.ocsp.CertificateStatus;
-import org.bouncycastle.cert.ocsp.OCSPReq;
-import org.bouncycastle.cert.ocsp.OCSPReqBuilder;
-import org.bouncycastle.cert.ocsp.OCSPResp;
-import org.bouncycastle.cert.ocsp.OCSPRespBuilder;
-import org.bouncycastle.cert.ocsp.Req;
-import org.bouncycastle.cert.ocsp.RespID;
-import org.bouncycastle.cert.ocsp.SingleResp;
-import org.bouncycastle.cert.ocsp.jcajce.JcaBasicOCSPRespBuilder;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
-import org.bouncycastle.operator.jcajce.JcaContentVerifierProviderBuilder;
-import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class OCSPTest
-    extends SimpleTest
-{
-    byte[] testResp1 = Base64.decode(
-        "MIIFnAoBAKCCBZUwggWRBgkrBgEFBQcwAQEEggWCMIIFfjCCARehgZ8wgZwx"
-            + "CzAJBgNVBAYTAklOMRcwFQYDVQQIEw5BbmRocmEgcHJhZGVzaDESMBAGA1UE"
-            + "BxMJSHlkZXJhYmFkMQwwCgYDVQQKEwNUQ1MxDDAKBgNVBAsTA0FUQzEeMBwG"
-            + "A1UEAxMVVENTLUNBIE9DU1AgUmVzcG9uZGVyMSQwIgYJKoZIhvcNAQkBFhVv"
-            + "Y3NwQHRjcy1jYS50Y3MuY28uaW4YDzIwMDMwNDAyMTIzNDU4WjBiMGAwOjAJ"
-            + "BgUrDgMCGgUABBRs07IuoCWNmcEl1oHwIak1BPnX8QQUtGyl/iL9WJ1VxjxF"
-            + "j0hAwJ/s1AcCAQKhERgPMjAwMjA4MjkwNzA5MjZaGA8yMDAzMDQwMjEyMzQ1"
-            + "OFowDQYJKoZIhvcNAQEFBQADgYEAfbN0TCRFKdhsmvOdUoiJ+qvygGBzDxD/"
-            + "VWhXYA+16AphHLIWNABR3CgHB3zWtdy2j7DJmQ/R7qKj7dUhWLSqclAiPgFt"
-            + "QQ1YvSJAYfEIdyHkxv4NP0LSogxrumANcDyC9yt/W9yHjD2ICPBIqCsZLuLk"
-            + "OHYi5DlwWe9Zm9VFwCGgggPMMIIDyDCCA8QwggKsoAMCAQICAQYwDQYJKoZI"
-            + "hvcNAQEFBQAwgZQxFDASBgNVBAMTC1RDUy1DQSBPQ1NQMSYwJAYJKoZIhvcN"
-            + "AQkBFhd0Y3MtY2FAdGNzLWNhLnRjcy5jby5pbjEMMAoGA1UEChMDVENTMQww"
-            + "CgYDVQQLEwNBVEMxEjAQBgNVBAcTCUh5ZGVyYWJhZDEXMBUGA1UECBMOQW5k"
-            + "aHJhIHByYWRlc2gxCzAJBgNVBAYTAklOMB4XDTAyMDgyOTA3MTE0M1oXDTAz"
-            + "MDgyOTA3MTE0M1owgZwxCzAJBgNVBAYTAklOMRcwFQYDVQQIEw5BbmRocmEg"
-            + "cHJhZGVzaDESMBAGA1UEBxMJSHlkZXJhYmFkMQwwCgYDVQQKEwNUQ1MxDDAK"
-            + "BgNVBAsTA0FUQzEeMBwGA1UEAxMVVENTLUNBIE9DU1AgUmVzcG9uZGVyMSQw"
-            + "IgYJKoZIhvcNAQkBFhVvY3NwQHRjcy1jYS50Y3MuY28uaW4wgZ8wDQYJKoZI"
-            + "hvcNAQEBBQADgY0AMIGJAoGBAM+XWW4caMRv46D7L6Bv8iwtKgmQu0SAybmF"
-            + "RJiz12qXzdvTLt8C75OdgmUomxp0+gW/4XlTPUqOMQWv463aZRv9Ust4f8MH"
-            + "EJh4ekP/NS9+d8vEO3P40ntQkmSMcFmtA9E1koUtQ3MSJlcs441JjbgUaVnm"
-            + "jDmmniQnZY4bU3tVAgMBAAGjgZowgZcwDAYDVR0TAQH/BAIwADALBgNVHQ8E"
-            + "BAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwkwNgYIKwYBBQUHAQEEKjAoMCYG"
-            + "CCsGAQUFBzABhhpodHRwOi8vMTcyLjE5LjQwLjExMDo3NzAwLzAtBgNVHR8E"
-            + "JjAkMCKgIKAehhxodHRwOi8vMTcyLjE5LjQwLjExMC9jcmwuY3JsMA0GCSqG"
-            + "SIb3DQEBBQUAA4IBAQB6FovM3B4VDDZ15o12gnADZsIk9fTAczLlcrmXLNN4"
-            + "PgmqgnwF0Ymj3bD5SavDOXxbA65AZJ7rBNAguLUo+xVkgxmoBH7R2sBxjTCc"
-            + "r07NEadxM3HQkt0aX5XYEl8eRoifwqYAI9h0ziZfTNes8elNfb3DoPPjqq6V"
-            + "mMg0f0iMS4W8LjNPorjRB+kIosa1deAGPhq0eJ8yr0/s2QR2/WFD5P4aXc8I"
-            + "KWleklnIImS3zqiPrq6tl2Bm8DZj7vXlTOwmraSQxUwzCKwYob1yGvNOUQTq"
-            + "pG6jxn7jgDawHU1+WjWQe4Q34/pWeGLysxTraMa+Ug9kPe+jy/qRX2xwvKBZ");
-
-    byte[] testResp2 = Base64.decode(
-        "MIII1QoBAKCCCM4wggjKBgkrBgEFBQcwAQEEggi7MIIItzCBjqADAgEAoSMw"
-            + "ITEfMB0GA1UEAxMWT0NTUCBjZXJ0LVFBLUNMSUVOVC04NxgPMjAwMzA1MTky"
-            + "MDI2MzBaMFEwTzA6MAkGBSsOAwIaBQAEFJniwiUuyrhKIEF2TjVdVdCAOw0z"
-            + "BBR2olPKrPOJUVyGZ7BXOC4L2BmAqgIBL4AAGA8yMDAzMDUxOTIwMjYzMFow"
-            + "DQYJKoZIhvcNAQEEBQADggEBALImFU3kUtpNVf4tIFKg/1sDHvGpk5Pk0uhH"
-            + "TiNp6vdPfWjOgPkVXskx9nOTabVOBE8RusgwEcK1xeBXSHODb6mnjt9pkfv3"
-            + "ZdbFLFvH/PYjOb6zQOgdIOXhquCs5XbcaSFCX63hqnSaEqvc9w9ctmQwds5X"
-            + "tCuyCB1fWu/ie8xfuXR5XZKTBf5c6dO82qFE65gTYbGOxJBYiRieIPW1XutZ"
-            + "A76qla4m+WdxubV6SPG8PVbzmAseqjsJRn4jkSKOGenqSOqbPbZn9oBsU0Ku"
-            + "hul3pwsNJvcBvw2qxnWybqSzV+n4OvYXk+xFmtTjw8H9ChV3FYYDs8NuUAKf"
-            + "jw1IjWegggcOMIIHCjCCAzMwggIboAMCAQICAQIwDQYJKoZIhvcNAQEEBQAw"
-            + "bzELMAkGA1UEBhMCVVMxCzAJBgNVBAgTAk1BMRAwDgYDVQQHEwdXYWx0aGFt"
-            + "MRYwFAYDVQQKEw1Gb3J1bSBTeXN0ZW1zMQswCQYDVQQLEwJRQTEcMBoGA1UE"
-            + "AxMTQ2VydGlmaWNhdGUgTWFuYWdlcjAeFw0wMzAzMjEwNTAwMDBaFw0yNTAz"
-            + "MjEwNTAwMDBaMCExHzAdBgNVBAMTFk9DU1AgY2VydC1RQS1DTElFTlQtODcw"
-            + "ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDVuxRCZgJAYAftYuRy"
-            + "9axdtsHrkIJyVVRorLCTWOoLmx2tlrGqKbHOGKmvqEPEpeCDYQk+0WIlWMuM"
-            + "2pgiYAolwqSFBwCjkjQN3fCIHXiby0JBgCCLoe7wa0pZffE+8XZH0JdSjoT3"
-            + "2OYD19wWZeY2VB0JWJFWYAnIL+R5Eg7LwJ5QZSdvghnOWKTv60m/O1rC0see"
-            + "9lbPO+3jRuaDyCUKYy/YIKBYC9rtC4hS47jg70dTfmE2nccjn7rFCPBrVr4M"
-            + "5szqdRzwu3riL9W+IE99LTKXOH/24JX0S4woeGXMS6me7SyZE6x7P2tYkNXM"
-            + "OfXk28b3SJF75K7vX6T6ecWjAgMBAAGjKDAmMBMGA1UdJQQMMAoGCCsGAQUF"
-            + "BwMJMA8GCSsGAQUFBzABBQQCBQAwDQYJKoZIhvcNAQEEBQADggEBAKNSn7pp"
-            + "UEC1VTN/Iqk8Sc2cAYM7KSmeB++tuyes1iXY4xSQaEgOxRa5AvPAKnXKSzfY"
-            + "vqi9WLdzdkpTo4AzlHl5nqU/NCUv3yOKI9lECVMgMxLAvZgMALS5YXNZsqrs"
-            + "hP3ASPQU99+5CiBGGYa0PzWLstXLa6SvQYoHG2M8Bb2lHwgYKsyrUawcfc/s"
-            + "jE3jFJeyCyNwzH0eDJUVvW1/I3AhLNWcPaT9/VfyIWu5qqZU+ukV/yQXrKiB"
-            + "glY8v4QDRD4aWQlOuiV2r9sDRldOPJe2QSFDBe4NtBbynQ+MRvF2oQs/ocu+"
-            + "OAHX7uiskg9GU+9cdCWPwJf9cP/Zem6MemgwggPPMIICt6ADAgECAgEBMA0G"
-            + "CSqGSIb3DQEBBQUAMG8xCzAJBgNVBAYTAlVTMQswCQYDVQQIEwJNQTEQMA4G"
-            + "A1UEBxMHV2FsdGhhbTEWMBQGA1UEChMNRm9ydW0gU3lzdGVtczELMAkGA1UE"
-            + "CxMCUUExHDAaBgNVBAMTE0NlcnRpZmljYXRlIE1hbmFnZXIwHhcNMDMwMzIx"
-            + "MDUwMDAwWhcNMjUwMzIxMDUwMDAwWjBvMQswCQYDVQQGEwJVUzELMAkGA1UE"
-            + "CBMCTUExEDAOBgNVBAcTB1dhbHRoYW0xFjAUBgNVBAoTDUZvcnVtIFN5c3Rl"
-            + "bXMxCzAJBgNVBAsTAlFBMRwwGgYDVQQDExNDZXJ0aWZpY2F0ZSBNYW5hZ2Vy"
-            + "MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4VeU+48VBjI0mGRt"
-            + "9qlD+WAhx3vv4KCOD5f3HWLj8D2DcoszVTVDqtRK+HS1eSpO/xWumyXhjV55"
-            + "FhG2eYi4e0clv0WyswWkGLqo7IxYn3ZhVmw04ohdTjdhVv8oS+96MUqPmvVW"
-            + "+MkVRyqm75HdgWhKRr/lEpDNm+RJe85xMCipkyesJG58p5tRmAZAAyRs3jYw"
-            + "5YIFwDOnt6PCme7ui4xdas2zolqOlynMuq0ctDrUPKGLlR4mVBzgAVPeatcu"
-            + "ivEQdB3rR6UN4+nv2jx9kmQNNb95R1M3J9xHfOWX176UWFOZHJwVq8eBGF9N"
-            + "pav4ZGBAyqagW7HMlo7Hw0FzUwIDAQABo3YwdDARBglghkgBhvhCAQEEBAMC"
-            + "AJcwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQU64zBxl1yKES8tjU3/rBA"
-            + "NaeBpjkwHwYDVR0jBBgwFoAU64zBxl1yKES8tjU3/rBANaeBpjkwDgYDVR0P"
-            + "AQH/BAQDAgGGMA0GCSqGSIb3DQEBBQUAA4IBAQAzHnf+Z+UgxDVOpCu0DHF+"
-            + "qYZf8IaUQxLhUD7wjwnt3lJ0QV1z4oyc6Vs9J5xa8Mvf7u1WMmOxvN8r8Kb0"
-            + "k8DlFszLd0Qwr+NVu5NQO4Vn01UAzCtH4oX2bgrVzotqDnzZ4TcIr11EX3Nb"
-            + "tO8yWWl+xWIuxKoAO8a0Rh97TyYfAj4++GIm43b2zIvRXEWAytjz7rXUMwRC"
-            + "1ipRQwSA9gyw2y0s8emV/VwJQXsTe9xtDqlEC67b90V/BgL/jxck5E8yrY9Z"
-            + "gNxlOgcqscObisAkB5I6GV+dfa+BmZrhSJ/bvFMUrnFzjLFvZp/9qiK11r5K"
-            + "A5oyOoNv0w+8bbtMNEc1");
-
-    /**
-     * extra version number encoding.
-     */
-    private static byte[] irregReq = Base64.decode(
-          "MIIQpTBUoAMCAQAwTTBLMEkwCQYFKw4DAhoFAAQUIcFvFFVjPem15pKox4cfcnzF"
-        + "Kf4EFJf8OQzmVmyJ/hc4EhitQbXcqAzDAhB9ePsP19SuP6CsAgFwQuEAoIIQSzCC"
-        + "EEcwDQYJKoZIhvcNAQEFBQADgYEAlq/Tjl8OtFM8Tib1JYTiaPy9vFDr8UZhqXJI"
-        + "FyrdgtUyyDt0EcrgnBGacAeRZzF5sokIC6DjXweU7EItGqrpw/RaCUPUWFpPxR6y"
-        + "HjuzrLmICocTI9MH7dRUXm0qpxoY987sx1PtWB4pSR99ixBtq3OPNdsI0uJ+Qkei"
-        + "LbEZyvWggg+wMIIPrDCCA5owggKCoAMCAQICEEAxXx/eFe7gm/NX7AkcS68wDQYJ"
-        + "KoZIhvcNAQEFBQAwgZoxCzAJBgNVBAYTAlNFMTMwMQYDVQQKDCpMw6Ruc2bDtnJz"
-        + "w6RrcmluZ2FyIEJhbmsgQWt0aWVib2xhZyAocHVibCkxFTATBgNVBAUTDDExMTEx"
-        + "MTExMTExMTE/MD0GA1UEAww2TMOkbnNmw7Zyc8Oka3JpbmdhciBCYW5rIFB1cmNo"
-        + "YXNlciBDQTEgZm9yIEJhbmtJRCBURVNUMB4XDTA4MTAwNjIyMDAwMFoXDTEwMTAx"
-        + "MDIxNTk1OVowgZExCzAJBgNVBAYTAlNFMTMwMQYDVQQKDCpMw6Ruc2bDtnJzw6Rr"
-        + "cmluZ2FyIEJhbmsgQWt0aWVib2xhZyAocHVibCkxFTATBgNVBAUTDDExMTExMTEx"
-        + "MTExMTE2MDQGA1UEAwwtTMOkbnNmw7Zyc8Oka3JpbmdhciBCYW5rIE9DU1AgZm9y"
-        + "IEJhbmtJRCBURVNUMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5e/h6aL2m"
-        + "DVpWeu5e5p1Ps9kbvuuGeAp9zJDYLbZz7uzT67X+s59HaViroD2+2my/gg7rX7tK"
-        + "H9VXpJad1W9O19SjfNyxgeAMwVMkrbb4IlrQwu0v/Ub8JPxSWwZZXYiODq5abeXA"
-        + "abMYIHxSaSkhrsUj1dpSAohHLJRlq707swIDAQABo2cwZTAfBgNVHSMEGDAWgBTR"
-        + "vcp2QyNdNGZ+q7TjKSrrHZqxmDATBgNVHSAEDDAKMAgGBiqFcDwBBjAOBgNVHQ8B"
-        + "Af8EBAMCBkAwHQYDVR0OBBYEFF/3557FEvkA8iiPv2XcBclxKnTdMA0GCSqGSIb3"
-        + "DQEBBQUAA4IBAQAOxRvHO89XJ0v83BZdPFzEBA4B2Tqc1oABUn13S6fAkcGWvOmG"
-        + "eY61MK16aMnLPNDadZrAqJc6PEtVY57uaywE9acwv9XpHO0bcS94tLwvZZJ2KBt0"
-        + "Oq96gaI6gnJViUjyWjm+qBZvod0QPOLGv6wUPoiNcCpSid/COTjKpLYpCJj3ZWUV"
-        + "nsTRWSRVXsdY/xI0gs/A8/c5P1PuTxoi99RTmcruoFxvV4MmhWyX7IGqG4OAtLdo"
-        + "yefz/90FPGOrmqY9OgEb+gNuTM26YDvSs1dfarPl89d8jjwxHgNbZjh2VHFqKolJ"
-        + "8TB8ZS5aNvhHPumOOE47y95rTBxrxSmGvKb8MIIENDCCAxygAwIBAgIRAJAFaeOw"
-        + "7XbxH/DN/Vvhjx8wDQYJKoZIhvcNAQEFBQAwgZUxCzAJBgNVBAYTAlNFMTMwMQYD"
-        + "VQQKDCpMw6Ruc2bDtnJzw6RrcmluZ2FyIEJhbmsgQWt0aWVib2xhZyAocHVibCkx"
-        + "FTATBgNVBAUTDDExMTExMTExMTExMTE6MDgGA1UEAwwxTMOkbnNmw7Zyc8Oka3Jp"
-        + "bmdhciBCYW5rIFJvb3QgQ0ExIGZvciBCYW5rSUQgVEVTVDAeFw0wNzEwMDExMjAw"
-        + "MzdaFw0yOTA3MDExMjAwMzdaMIGaMQswCQYDVQQGEwJTRTEzMDEGA1UECgwqTMOk"
-        + "bnNmw7Zyc8Oka3JpbmdhciBCYW5rIEFrdGllYm9sYWcgKHB1YmwpMRUwEwYDVQQF"
-        + "EwwxMTExMTExMTExMTExPzA9BgNVBAMMNkzDpG5zZsO2cnPDpGtyaW5nYXIgQmFu"
-        + "ayBQdXJjaGFzZXIgQ0ExIGZvciBCYW5rSUQgVEVTVDCCASIwDQYJKoZIhvcNAQEB"
-        + "BQADggEPADCCAQoCggEBAMK5WbYojYRX1ZKrbxJBgbd4x503LfMWgr67sVD5L0NY"
-        + "1RPhZVFJRKJWvawE5/eXJ4oNQwc831h2jiOgINXuKyGXqdAVGBcpFwIxTfzxwT4l"
-        + "fvztr8pE6wk7mLLwKUvIjbM3EF1IL3zUI3UU/U5ioyGmcb/o4GGN71kMmvV/vrkU"
-        + "02/s7xicXNxYej4ExLiCkS5+j/+3sR47Uq5cL9e8Yg7t5/6FyLGQjKoS8HU/abYN"
-        + "4kpx/oyrxzrXMhnMVDiI8QX9NYGJwI8KZ/LU6GDq/NnZ3gG5v4l4UU1GhgUbrk4I"
-        + "AZPDu99zvwCtkdj9lJN0eDv8jdyEPZ6g1qPBE0pCNqcCAwEAAaN4MHYwDwYDVR0T"
-        + "AQH/BAUwAwEB/zATBgNVHSAEDDAKMAgGBiqFcDwBBjAOBgNVHQ8BAf8EBAMCAQYw"
-        + "HwYDVR0jBBgwFoAUnkjp1bkQUOrkRiLgxpxwAe2GQFYwHQYDVR0OBBYEFNG9ynZD"
-        + "I100Zn6rtOMpKusdmrGYMA0GCSqGSIb3DQEBBQUAA4IBAQAPVSC4HEd+yCtSgL0j"
-        + "NI19U2hJeP28lAD7OA37bcLP7eNrvfU/2tuqY7rEn1m44fUbifewdgR8x2DzhM0m"
-        + "fJcA5Z12PYUb85L9z8ewGQdyHLNlMpKSTP+0lebSc/obFbteC4jjuvux60y5KVOp"
-        + "osXbGw2qyrS6uhZJrTDP1B+bYg/XBttG+i7Qzx0S5Tq//VU9OfAQZWpvejadKAk9"
-        + "WCcXq6zALiJcxsUwOHZRvvHDxkHuf5eZpPvm1gaqa+G9CtV+oysZMU1eTRasBHsB"
-        + "NRWYfOSXggsyqRHfIAVieB4VSsB8WhZYm8UgYoLhAQfSJ5Xq5cwBOHkVj33MxAyP"
-        + "c7Y5MIID/zCCAuegAwIBAgIRAOXEoBcV4gV3Z92gk5AuRgwwDQYJKoZIhvcNAQEF"
-        + "BQAwZjEkMCIGA1UECgwbRmluYW5zaWVsbCBJRC1UZWtuaWsgQklEIEFCMR8wHQYD"
-        + "VQQLDBZCYW5rSUQgTWVtYmVyIEJhbmtzIENBMR0wGwYDVQQDDBRCYW5rSUQgUm9v"
-        + "dCBDQSBURVNUMjAeFw0wNzEwMDExMTQ1NDlaFw0yOTA4MDExMTU4MjVaMIGVMQsw"
-        + "CQYDVQQGEwJTRTEzMDEGA1UECgwqTMOkbnNmw7Zyc8Oka3JpbmdhciBCYW5rIEFr"
-        + "dGllYm9sYWcgKHB1YmwpMRUwEwYDVQQFEwwxMTExMTExMTExMTExOjA4BgNVBAMM"
-        + "MUzDpG5zZsO2cnPDpGtyaW5nYXIgQmFuayBSb290IENBMSBmb3IgQmFua0lEIFRF"
-        + "U1QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDBzn7IXIpyOGCCTuzL"
-        + "DKE/T+pFRTgFh3QgKtifZ4zxdvB2Sd5+90vUEGcGExUhzpgb9gOUrT1eE0XhdiUR"
-        + "YuYYpJI/nzPQWTsRtEaql7NHBPKnEauoA9oAhCT4pE5gLlqpTfkB8nAsRTI2XqpI"
-        + "hQ7vTvnTRx20xog21NIbz1GztV8H1kBH2eDvRX7cXGiugp6CXV/le9cB+/4TBNUN"
-        + "Xqupt79dM49KCoDuYr72W7Hv4BSWw3IInEN2m8T2X6UBpBGkCiGwLQy/+KOmYRK7"
-        + "1PSFC0rXDwOJ0HJ/8fHwx6vLMxHAQ6s/9vOW10MjgjSQlbVqH/4Pa+TlpWumSV4E"
-        + "l0z9AgMBAAGjeDB2MA8GA1UdEwEB/wQFMAMBAf8wEwYDVR0gBAwwCjAIBgYqhXA8"
-        + "AQYwDgYDVR0PAQH/BAQDAgEGMB8GA1UdIwQYMBaAFJuTMPljHcYdrRO9sEi1amb4"
-        + "tE3VMB0GA1UdDgQWBBSeSOnVuRBQ6uRGIuDGnHAB7YZAVjANBgkqhkiG9w0BAQUF"
-        + "AAOCAQEArnW/9n+G+84JOgv1Wn4tsBBS7QgJp1rdCoiNrZPx2du/7Wz3wQVNKBjL"
-        + "eMCyLjg0OVHuq4hpCv9MZpUqdcUW8gpp4dLDAAd1uE7xqVuG8g4Ir5qocxbZHQew"
-        + "fnqSJJDlEZgDeZIzod92OO+htv0MWqKWbr3Mo2Hqhn+t0+UVWsW4k44e7rUw3xQq"
-        + "r2VdMJv/C68BXUgqh3pplUDjWyXfreiACTT0q3HT6v6WaihKCa2WY9Kd1IkDcLHb"
-        + "TZk8FqMmGn72SgJw3H5Dvu7AiZijjNAUulMnMpxBEKyFTU2xRBlZZVcp50VJ2F7+"
-        + "siisxbcYOAX4GztLMlcyq921Ov/ipDCCA88wggK3oAMCAQICEQCmaX+5+m5bF5us"
-        + "CtyMq41SMA0GCSqGSIb3DQEBBQUAMGYxJDAiBgNVBAoMG0ZpbmFuc2llbGwgSUQt"
-        + "VGVrbmlrIEJJRCBBQjEfMB0GA1UECwwWQmFua0lEIE1lbWJlciBCYW5rcyBDQTEd"
-        + "MBsGA1UEAwwUQmFua0lEIFJvb3QgQ0EgVEVTVDIwHhcNMDQwODEzMDcyMDEwWhcN"
-        + "MjkwODEyMTIwMjQ2WjBmMSQwIgYDVQQKDBtGaW5hbnNpZWxsIElELVRla25payBC"
-        + "SUQgQUIxHzAdBgNVBAsMFkJhbmtJRCBNZW1iZXIgQmFua3MgQ0ExHTAbBgNVBAMM"
-        + "FEJhbmtJRCBSb290IENBIFRFU1QyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB"
-        + "CgKCAQEA25D0f1gipbACk4Bg3t6ODUlCWOU0TWeTkzAHR7IRB5T++yvsVosedMMW"
-        + "6KYYTbPONeJSt5kydX+wZi9nVNdlhkNULLbDKWfRY7x+B9MR1Q0Kq/e4VR0uRsak"
-        + "Bv5iwEYZ7cSR63HfBaPTqQsGobq+wtGH5JeTBrmCt4A3kN1UWgX32Dv/I3m7v8bK"
-        + "iwh4cnvAD9PIOtq6pOmAkSvLvp8jCy3qFLe9KAxm8M/ZAmnxYaRV8DVEg57FGoG6"
-        + "oiG3Ixx8PSVVdzpFY4kuUFLi4ueMPwjnXFiBhhWJJeOtFG3Lc2aW3zvcDbD/MsDm"
-        + "rSZNTmtbOOou8xuMKjlNY9PU5MHIaQIDAQABo3gwdjAPBgNVHRMBAf8EBTADAQH/"
-        + "MBMGA1UdIAQMMAowCAYGKoVwPAEGMA4GA1UdDwEB/wQEAwIBBjAfBgNVHSMEGDAW"
-        + "gBSbkzD5Yx3GHa0TvbBItWpm+LRN1TAdBgNVHQ4EFgQUm5Mw+WMdxh2tE72wSLVq"
-        + "Zvi0TdUwDQYJKoZIhvcNAQEFBQADggEBAIQ4ZBHWssA38pfNzH5A+H3SXpAlI8Jc"
-        + "LuoMVOIwwbfd1Up0xopCs+Ay41v8FZtcTMFqCVTih2nzVusTgnFBPMPJ2cnTlRue"
-        + "kAtVRNsiWn2/Ool/OXoYf5YnpgYu8t9jLCBCoDS5YJg714r9V9hCwfey8TCWBU80"
-        + "vL7EIfjK13nUxf8d49GzZlFMNqGDMjfMp1FYrHBGLZBr8br/G/7em1Cprw7iR8cw"
-        + "pddz+QXXFIrIz5Y9D/x1RrwoLibPw0kMrSwI2G4aCvoBySfbD6cpnJf6YHRctdSb"
-        + "755zhdBW7XWTl6ReUVuEt0hTFms4F60kFAi5hIbDRSN1Slv5yP2b0EA=");
-
-    private static byte[] invalidResp = Base64.decode(
-        "MIIGggoAoIIGfDCCBngGCSsGAQUFBzABAQSCBmkwggZlMIHeoTQwMjELMAkG"
-      + "A1UEBhMCVVMxDTALBgNVBAoMBGlXYXkxFDASBgNVBAMMC2lXYXkgT3BlbkNB"
-      + "GA8yMDEyMDEyMzIxMjkxMVowbjBsMEQwCQYFKw4DAhoFAAQUPA5ymcOyHyZJ"
-      + "d7DAidsEh79Uh6QEFMHnDLGSc/VElMBzr5f0+LQnpN2YAgsA5xIzv2Ln0dAa"
-      + "94IAGA8yMDEyMDEyMzIxMjkxMVqgERgPMjAxMjAxMjMyMTM0MTFaoSUwIzAh"
-      + "BgkrBgEFBQcwAQIEFCHEdgCz5w64KgppPIetaRzxewinMA0GCSqGSIb3DQEB"
-      + "CwUAA4IBAQBsW8cXR4eOLgclY/uRodjso/5xkHIAiJy+DpgqELRrnzKe87HO"
-      + "Km7DCicz1nwsPJskK14xtIw1rfQ8nzgztriComAUVc/pxJ9wQWGZI3d2dNbW"
-      + "AmecKb/mG0QrJrt3U5D0+CFTUq5u7NOs1jZRe+df9TDLBr0vIA6a0I6K9M9F"
-      + "ZOPWU/j5KVjoi0/kv4wnxRzQ2zc4Z3b5gm9T0MXMH5bST3z4yhOs/NRezNTA"
-      + "fBQvimS60d4fybH0pXcVYUH81y5fm9rCpuwQ6rMt2vi0ZKrfyVom4OIAr/gh"
-      + "Doj8Yh/LdtI1RvFkAL3pvzs06cfg3qM38b9Uh9w93w4/Hguw14eroIIEbDCC"
-      + "BGgwggRkMIIDTKADAgECAgEBMA0GCSqGSIb3DQEBCwUAMDIxCzAJBgNVBAYT"
-      + "AlVTMQ0wCwYDVQQKDARpV2F5MRQwEgYDVQQDDAtpV2F5IE9wZW5DQTAeFw0x"
-      + "MjAxMjAxNTIyMjFaFw0zMjAxMTUxNTIyMjFaMDIxCzAJBgNVBAYTAlVTMQ0w"
-      + "CwYDVQQKDARpV2F5MRQwEgYDVQQDDAtpV2F5IE9wZW5DQTCCASIwDQYJKoZI"
-      + "hvcNAQEBBQADggEPADCCAQoCggEBALOnLWYPvGNLxodQQ16tqCKflpEQF2OA"
-      + "0inZbIeUVxOgph5Qf562XV1Mtbv5Agv+z4/LSLbwuo28NTkhSlEEwf1k9vL9"
-      + "/wFvpPZ4ecpqXOS6LJ6khmMh53IwK/QpG8CeF9UxTZskjQzD9XgnNGYd2BIj"
-      + "qVbzU5qWhsPYPRrsAaE2jS6My5+xfiw46/Xj26VZQ/PR/rVURsc40fpCE30y"
-      + "TyORQeeZfjb/LxXH3e/3wjya04MBACv+uX89n5YXG7OH6zTriMAOn/aiXPfE"
-      + "E8g834RKvVS7ruELWG/IcZDC+Eoy2qtgG7y1rFlXd3H/6rny+Xd+BZrt0WP/"
-      + "hfezklVw3asCAwEAAaOCAYMwggF/MA8GA1UdEwEB/wQFMAMBAf8wCwYDVR0P"
-      + "BAQDAgEGMB0GA1UdDgQWBBTB5wyxknP1RJTAc6+X9Pi0J6TdmDAfBgNVHSME"
-      + "GDAWgBTB5wyxknP1RJTAc6+X9Pi0J6TdmDAjBgNVHREEHDAagRhzdXBwb3J0"
-      + "QGl3YXlzb2Z0d2FyZS5jb20wIwYDVR0SBBwwGoEYc3VwcG9ydEBpd2F5c29m"
-      + "dHdhcmUuY29tMIGYBggrBgEFBQcBAQSBizCBiDA5BggrBgEFBQcwAoYtaHR0"
-      + "cDovL2l3NTRjZW50LXZtMi9wa2kvcHViL2NhY2VydC9jYWNlcnQuY3J0MCUG"
-      + "CCsGAQUFBzABhhlodHRwOi8vaXc1NGNlbnQtdm0yOjI1NjAvMCQGCCsGAQUF"
-      + "BzAMhhhodHRwOi8vaXc1NGNlbnQtdm0yOjgzMC8wOgYDVR0fBDMwMTAvoC2g"
-      + "K4YpaHR0cDovL2l3NTRjZW50LXZtMi9wa2kvcHViL2NybC9jYWNybC5jcmww"
-      + "DQYJKoZIhvcNAQELBQADggEBAE9wBjQ1c+HAO2gIzT+J5Gqgrcu/m7t4hnHN"
-      + "m5eyIfwXD1T6wOhovFmzPTaO9BSNsi4G5R7yZxOHeLN4PIY2kwFIbSkg7mwe"
-      + "5aGp2RPIuK/MtzMZT6pq8uMGhzyHGsqtdkz7p26/G0anU2u59eimcvISdwNE"
-      + "QXOIp/KNUC+Vx+Pmfw8PuFYDNacZ6YXp5qKoEjyUoBhNicmVINTNfDu0CQhu"
-      + "pDr2UmDMDT2cdmTSRC0rcTe3BNzWqtsXNmIBFL1oB7B0PZbmFm8Bgvk1azxa"
-      + "ClrcOKZWKOWa14XJy/DJk6nlOiq5W2AglUt8JVOpa5oVdiNRIT2WoGnpqVV9"
-      + "tUeoWog=");
-
-    private static final String BC = "BC";
-
-    public String getName()
-    {
-        return "OCSP";
-    }
-
-    private void testECDSA()
-        throws Exception
-    {
-        String signDN = "O=Bouncy Castle, C=AU";
-        KeyPair signKP = OCSPTestUtil.makeECKeyPair();
-        X509CertificateHolder testCert = new JcaX509CertificateHolder(OCSPTestUtil.makeECDSACertificate(signKP, signDN, signKP, signDN));
-        DigestCalculatorProvider digCalcProv = new JcaDigestCalculatorProviderBuilder().setProvider(BC).build();
-
-        String origDN = "CN=Eric H. Echidna, E=eric@bouncycastle.org, O=Bouncy Castle, C=AU";
-        GeneralName origName = new GeneralName(new X500Name(origDN));
-
-        //
-        // general id value for our test issuer cert and a serial number.
-        //
-        CertificateID id = new CertificateID(digCalcProv.get(CertificateID.HASH_SHA1), testCert, BigInteger.valueOf(1));
-
-        //
-        // basic request generation
-        //
-        OCSPReqBuilder gen = new OCSPReqBuilder();
-        gen.addRequest(id);
-
-        OCSPReq req = gen.build();
-
-        if (req.isSigned())
-        {
-            fail("signed but shouldn't be");
-        }
-
-        X509CertificateHolder[] certs = req.getCerts();
-
-        if (certs.length != 0)
-        {
-            fail("0 certs expected, but not found");
-        }
-
-        Req[] requests = req.getRequestList();
-
-        if (!requests[0].getCertID().equals(id))
-        {
-            fail("Failed isFor test");
-        }
-
-        //
-        // request generation with signing
-        //
-        X509CertificateHolder[] chain = new X509CertificateHolder[1];
-
-        gen = new OCSPReqBuilder();
-
-        gen.setRequestorName(new GeneralName(GeneralName.directoryName, new X500Name("CN=fred")));
-
-        gen.addRequest(
-            new CertificateID(digCalcProv.get(CertificateID.HASH_SHA1), testCert, BigInteger.valueOf(1)));
-
-        chain[0] = testCert;
-
-        req = gen.build(new JcaContentSignerBuilder("SHA1withECDSA").setProvider(BC).build( signKP.getPrivate()), chain);
-
-        if (!req.isSigned())
-        {
-            fail("not signed but should be");
-        }
-
-        if (!req.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(signKP.getPublic())))
-        {
-            fail("signature failed to verify");
-        }
-
-        requests = req.getRequestList();
-
-        if (!requests[0].getCertID().equals(id))
-        {
-            fail("Failed isFor test");
-        }
-
-        certs = req.getCerts();
-
-        if (certs == null)
-        {
-            fail("null certs found");
-        }
-
-        if (certs.length != 1 || !certs[0].equals(testCert))
-        {
-            fail("incorrect certs found in request");
-        }
-
-        //
-        // encoding test
-        //
-        byte[] reqEnc = req.getEncoded();
-
-        OCSPReq newReq = new OCSPReq(reqEnc);
-
-        if (!newReq.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(signKP.getPublic())))
-        {
-            fail("newReq signature failed to verify");
-        }
-
-        //
-        // request generation with signing and nonce
-        //
-        chain = new X509CertificateHolder[1];
-
-        gen = new OCSPReqBuilder();
-
-        Vector oids = new Vector();
-        Vector values = new Vector();
-        byte[] sampleNonce = new byte[16];
-        Random rand = new Random();
-
-        rand.nextBytes(sampleNonce);
-
-        gen.setRequestorName(new GeneralName(GeneralName.directoryName, new X500Name("CN=fred")));
-
-        ExtensionsGenerator extGen = new ExtensionsGenerator();
-
-        extGen.addExtension(OCSPObjectIdentifiers.id_pkix_ocsp_nonce, false, new DEROctetString(sampleNonce));
-
-        gen.setRequestExtensions(extGen.generate());
-
-        gen.addRequest(
-            new CertificateID(digCalcProv.get(CertificateID.HASH_SHA1), testCert, BigInteger.valueOf(1)));
-
-        chain[0] = testCert;
-
-        req = gen.build(new JcaContentSignerBuilder("SHA1withECDSA").setProvider(BC).build(signKP.getPrivate()), chain);
-
-        if (!req.isSigned())
-        {
-            fail("not signed but should be");
-        }
-
-        if (!req.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(signKP.getPublic())))
-        {
-            fail("signature failed to verify");
-        }
-
-        //
-        // extension check.
-        //
-        Set extOids = req.getCriticalExtensionOIDs();
-
-        if (extOids.size() != 0)
-        {
-            fail("wrong number of critical extensions in OCSP request.");
-        }
-
-        extOids = req.getNonCriticalExtensionOIDs();
-
-        if (extOids.size() != 1)
-        {
-            fail("wrong number of non-critical extensions in OCSP request.");
-        }
-
-        Extension extValue = req.getExtension(OCSPObjectIdentifiers.id_pkix_ocsp_nonce);
-
-        ASN1Encodable extObj = extValue.getParsedValue();
-
-        if (!(extObj instanceof ASN1OctetString))
-        {
-            fail("wrong extension type found.");
-        }
-
-        if (!areEqual(((ASN1OctetString)extObj).getOctets(), sampleNonce))
-        {
-            fail("wrong extension value found.");
-        }
-
-        //
-        // request list check
-        //
-        requests = req.getRequestList();
-
-        if (!requests[0].getCertID().equals(id))
-        {
-            fail("Failed isFor test");
-        }
-
-        //
-        // response generation
-        //
-        BasicOCSPRespBuilder respGen = new JcaBasicOCSPRespBuilder(signKP.getPublic(), digCalcProv.get(RespID.HASH_SHA1));
-
-        respGen.addResponse(id, CertificateStatus.GOOD);
-
-        BasicOCSPResp resp = respGen.build(new JcaContentSignerBuilder("SHA1withECDSA").setProvider(BC).build(signKP.getPrivate()), chain, new Date());
-    }
-
-    private void testRSA()
-        throws Exception
-    {
-        String signDN = "O=Bouncy Castle, C=AU";
-        KeyPair signKP = OCSPTestUtil.makeKeyPair();
-        X509CertificateHolder testCert = new JcaX509CertificateHolder(OCSPTestUtil.makeCertificate(signKP, signDN, signKP, signDN));
-        DigestCalculatorProvider digCalcProv = new JcaDigestCalculatorProviderBuilder().setProvider(BC).build();
-
-        String origDN = "CN=Eric H. Echidna, E=eric@bouncycastle.org, O=Bouncy Castle, C=AU";
-        GeneralName origName = new GeneralName(new X500Name(origDN));
-
-        //
-        // general id value for our test issuer cert and a serial number.
-        //
-        CertificateID id = new CertificateID(digCalcProv.get(CertificateID.HASH_SHA1), testCert, BigInteger.valueOf(1));
-
-        //
-        // basic request generation
-        //
-        OCSPReqBuilder gen = new OCSPReqBuilder();
-
-        gen.addRequest(
-            new CertificateID(digCalcProv.get(CertificateID.HASH_SHA1), testCert, BigInteger.valueOf(1)));
-
-        OCSPReq req = gen.build();
-
-        if (req.isSigned())
-        {
-            fail("signed but shouldn't be");
-        }
-
-        X509CertificateHolder[] certs = req.getCerts();
-
-        if (certs.length != 0)
-        {
-            fail("0 certs expected, but not found");
-        }
-
-        Req[] requests = req.getRequestList();
-
-        if (!requests[0].getCertID().equals(id))
-        {
-            fail("Failed isFor test");
-        }
-
-        //
-        // request generation with signing
-        //
-        X509CertificateHolder[] chain = new X509CertificateHolder[1];
-
-        gen = new OCSPReqBuilder();
-
-        gen.setRequestorName(new GeneralName(GeneralName.directoryName, new X500Name("CN=fred")));
-
-        gen.addRequest(
-            new CertificateID(digCalcProv.get(CertificateID.HASH_SHA1), testCert, BigInteger.valueOf(1)));
-
-        chain[0] = testCert;
-
-        req = gen.build(new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(signKP.getPrivate()), chain);
-
-        if (!req.isSigned())
-        {
-            fail("not signed but should be");
-        }
-
-        if (!req.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(signKP.getPublic())))
-        {
-            fail("signature failed to verify");
-        }
-
-        requests = req.getRequestList();
-
-        if (!requests[0].getCertID().equals(id))
-        {
-            fail("Failed isFor test");
-        }
-
-        certs = req.getCerts();
-
-        if (certs == null)
-        {
-            fail("null certs found");
-        }
-
-        if (certs.length != 1 || !certs[0].equals(testCert))
-        {
-            fail("incorrect certs found in request");
-        }
-
-        //
-        // encoding test
-        //
-        byte[] reqEnc = req.getEncoded();
-
-        OCSPReq newReq = new OCSPReq(reqEnc);
-
-        if (!newReq.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(signKP.getPublic())))
-        {
-            fail("newReq signature failed to verify");
-        }
-
-        //
-        // request generation with signing and nonce
-        //
-        chain = new X509CertificateHolder[1];
-
-        gen = new OCSPReqBuilder();
-
-        byte[] sampleNonce = new byte[16];
-        Random rand = new Random();
-
-        rand.nextBytes(sampleNonce);
-
-        gen.setRequestorName(new GeneralName(GeneralName.directoryName, new X500Name("CN=fred")));
-
-        ExtensionsGenerator extGen = new ExtensionsGenerator();
-
-        extGen.addExtension(OCSPObjectIdentifiers.id_pkix_ocsp_nonce, false, new DEROctetString(sampleNonce));
-
-        gen.setRequestExtensions(extGen.generate());
-
-        gen.addRequest(
-            new CertificateID(digCalcProv.get(CertificateID.HASH_SHA1), testCert, BigInteger.valueOf(1)));
-
-        chain[0] = testCert;
-
-        req = gen.build(new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(signKP.getPrivate()), chain);
-
-        if (!req.isSigned())
-        {
-            fail("not signed but should be");
-        }
-
-        if (!req.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(signKP.getPublic())))
-        {
-            fail("signature failed to verify");
-        }
-
-        //
-        // extension check.
-        //
-        Set extOids = req.getCriticalExtensionOIDs();
-
-        if (extOids.size() != 0)
-        {
-            fail("wrong number of critical extensions in OCSP request.");
-        }
-
-        extOids = req.getNonCriticalExtensionOIDs();
-
-        if (extOids.size() != 1)
-        {
-            fail("wrong number of non-critical extensions in OCSP request.");
-        }
-
-        Extension ext = req.getExtension(OCSPObjectIdentifiers.id_pkix_ocsp_nonce);
-
-        ASN1Encodable extObj = ext.getParsedValue();
-
-        if (!(extObj instanceof ASN1OctetString))
-        {
-            fail("wrong extension type found.");
-        }
-
-        if (!areEqual(((ASN1OctetString)extObj).getOctets(), sampleNonce))
-        {
-            fail("wrong extension value found.");
-        }
-
-        //
-        // request list check
-        //
-        requests = req.getRequestList();
-
-        if (!requests[0].getCertID().equals(id))
-        {
-            fail("Failed isFor test");
-        }
-
-        //
-        // response generation
-        //
-        BasicOCSPRespBuilder respGen = new JcaBasicOCSPRespBuilder(signKP.getPublic(), digCalcProv.get(RespID.HASH_SHA1));
-
-        respGen.addResponse(id, CertificateStatus.GOOD);
-
-        BasicOCSPResp resp = respGen.build(new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(signKP.getPrivate()), chain, new Date());
-        OCSPRespBuilder rGen = new OCSPRespBuilder();
-
-        byte[] enc = rGen.build(OCSPRespBuilder.SUCCESSFUL, resp).getEncoded();
-    }
-
-    private void testIrregularVersionReq()
-        throws Exception
-    {
-        OCSPReq ocspRequest = new OCSPReq(irregReq);
-        X509CertificateHolder cert = ocspRequest.getCerts()[0];
-        if (!ocspRequest.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(cert)))
-        {
-            fail("extra version encoding test failed");
-        }
-    }
-
-    public void testInvalidResp()
-        throws Exception
-    {
-        try
-        {
-            OCSPResp response = new OCSPResp(invalidResp);
-        }
-        catch (CertIOException e)
-        {
-            if (e.getCause() instanceof ASN1Exception)
-            {
-                Throwable c = ((ASN1Exception)e.getCause()).getCause();
-
-                if (!c.getMessage().equals("ENUMERATED has zero length"))
-                {
-                    fail("parsing failed, but for wrong reason: " + c.getMessage());
-                }
-            }
-            else
-            {
-                fail("parsing failed, but for wrong reason: " + e.getMessage());
-            }
-        }
-
-
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        String signDN = "O=Bouncy Castle, C=AU";
-        KeyPair signKP = OCSPTestUtil.makeKeyPair();
-        X509CertificateHolder testCert = new JcaX509CertificateHolder(OCSPTestUtil.makeCertificate(signKP, signDN, signKP, signDN));
-
-        String origDN = "CN=Eric H. Echidna, E=eric@bouncycastle.org, O=Bouncy Castle, C=AU";
-        GeneralName origName = new GeneralName(new X500Name(origDN));
-        DigestCalculatorProvider digCalcProv = new JcaDigestCalculatorProviderBuilder().setProvider(BC).build();
-
-        //
-        // general id value for our test issuer cert and a serial number.
-        //
-        CertificateID id = new CertificateID(digCalcProv.get(CertificateID.HASH_SHA1), testCert, BigInteger.valueOf(1));
-
-        //
-        // basic request generation
-        //
-        OCSPReqBuilder gen = new OCSPReqBuilder();
-
-        gen.addRequest(
-            new CertificateID(digCalcProv.get(CertificateID.HASH_SHA1), testCert, BigInteger.valueOf(1)));
-
-        OCSPReq req = gen.build();
-
-        if (req.isSigned())
-        {
-            fail("signed but shouldn't be");
-        }
-
-        X509CertificateHolder[] certs = req.getCerts();
-
-        if (certs.length != 0)
-        {
-            fail("0 certs expected, but not found");
-        }
-
-        Req[] requests = req.getRequestList();
-
-        if (!requests[0].getCertID().equals(id))
-        {
-            fail("Failed isFor test");
-        }
-
-        //
-        // request generation with signing
-        //
-        X509CertificateHolder[] chain = new X509CertificateHolder[1];
-
-        gen = new OCSPReqBuilder();
-
-        gen.setRequestorName(new GeneralName(GeneralName.directoryName, new X500Name("CN=fred")));
-
-        gen.addRequest(
-            new CertificateID(digCalcProv.get(CertificateID.HASH_SHA1), testCert, BigInteger.valueOf(1)));
-
-        chain[0] = testCert;
-
-        req = gen.build(new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(signKP.getPrivate()), chain);
-
-        if (!req.isSigned())
-        {
-            fail("not signed but should be");
-        }
-
-        if (!req.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(signKP.getPublic())))
-        {
-            fail("signature failed to verify");
-        }
-
-        requests = req.getRequestList();
-
-        if (!requests[0].getCertID().equals(id))
-        {
-            fail("Failed isFor test");
-        }
-
-        certs = req.getCerts();
-
-        if (certs == null)
-        {
-            fail("null certs found");
-        }
-
-        if (certs.length != 1 || !certs[0].equals(testCert))
-        {
-            fail("incorrect certs found in request");
-        }
-
-        //
-        // encoding test
-        //
-        byte[] reqEnc = req.getEncoded();
-
-        OCSPReq newReq = new OCSPReq(reqEnc);
-
-        if (!newReq.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(signKP.getPublic())))
-        {
-            fail("newReq signature failed to verify");
-        }
-
-        //
-        // request generation with signing and nonce
-        //
-        chain = new X509CertificateHolder[1];
-
-        gen = new OCSPReqBuilder();
-
-        Vector oids = new Vector();
-        Vector values = new Vector();
-        byte[] sampleNonce = new byte[16];
-        Random rand = new Random();
-
-        rand.nextBytes(sampleNonce);
-
-        gen.setRequestorName(new GeneralName(GeneralName.directoryName, new X500Name("CN=fred")));
-
-        ExtensionsGenerator extGen = new ExtensionsGenerator();
-
-        extGen.addExtension(OCSPObjectIdentifiers.id_pkix_ocsp_nonce, false, new DEROctetString(sampleNonce));
-
-        gen.setRequestExtensions(extGen.generate());
-
-        gen.addRequest(
-            new CertificateID(digCalcProv.get(CertificateID.HASH_SHA1), testCert, BigInteger.valueOf(1)));
-
-        chain[0] = testCert;
-
-        req = gen.build(new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(signKP.getPrivate()), chain);
-
-        if (!req.isSigned())
-        {
-            fail("not signed but should be");
-        }
-
-        if (!req.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(signKP.getPublic())))
-        {
-            fail("signature failed to verify");
-        }
-
-        //
-        // extension check.
-        //
-        Set extOids = req.getCriticalExtensionOIDs();
-
-        if (extOids.size() != 0)
-        {
-            fail("wrong number of critical extensions in OCSP request.");
-        }
-
-        extOids = req.getNonCriticalExtensionOIDs();
-
-        if (extOids.size() != 1)
-        {
-            fail("wrong number of non-critical extensions in OCSP request.");
-        }
-
-        Extension ext = req.getExtension(OCSPObjectIdentifiers.id_pkix_ocsp_nonce);
-
-        ASN1Encodable extObj = ext.getParsedValue();
-
-        if (!(extObj instanceof ASN1OctetString))
-        {
-            fail("wrong extension type found.");
-        }
-
-        if (!areEqual(((ASN1OctetString)extObj).getOctets(), sampleNonce))
-        {
-            fail("wrong extension value found.");
-        }
-
-        //
-        // request list check
-        //
-        requests = req.getRequestList();
-
-        if (!requests[0].getCertID().equals(id))
-        {
-            fail("Failed isFor test");
-        }
-
-        //
-        // response parsing - test 1
-        //
-        OCSPResp response = new OCSPResp(testResp1);
-
-        if (response.getStatus() != 0)
-        {
-            fail("response status not zero.");
-        }
-
-        BasicOCSPResp brep = (BasicOCSPResp)response.getResponseObject();
-        chain = brep.getCerts();
-
-        if (!brep.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(chain[0])))
-        {
-            fail("response 1 failed to verify.");
-        }
-
-        //
-        // test 2
-        //
-        SingleResp[] singleResp = brep.getResponses();
-
-        response = new OCSPResp(testResp2);
-
-        if (response.getStatus() != 0)
-        {
-            fail("response status not zero.");
-        }
-
-        brep = (BasicOCSPResp)response.getResponseObject();
-        chain = brep.getCerts();
-        
-        if (!brep.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(chain[0])))
-        {
-            fail("response 2 failed to verify.");
-        }
-
-        singleResp = brep.getResponses();
-
-        //
-        // simple response generation
-        //
-        OCSPRespBuilder respGen = new OCSPRespBuilder();
-        OCSPResp resp = respGen.build(OCSPRespBuilder.SUCCESSFUL, response.getResponseObject());
-
-        if (!resp.getResponseObject().equals(response.getResponseObject()))
-        {
-            fail("response fails to match");
-        }
-
-        testECDSA();
-        testRSA();
-        testIrregularVersionReq();
-        testInvalidResp();
-
-        //
-        // Empty data test
-        //
-        try
-        {
-            response = new OCSPResp(new byte[0]);
-            fail("no exception thrown");
-        }
-        catch (IOException e)
-        {
-             if (!e.getMessage().equals("malformed response: no response data found"))
-             {
-                 fail("wrong exception");
-             }
-        }
-
-        try
-        {
-            req = new OCSPReq(new byte[0]);
-            fail("no exception thrown");
-        }
-        catch (IOException e)
-        {
-             if (!e.getMessage().equals("malformed request: no request data found"))
-             {
-                 fail("wrong exception");
-             }
-        }
-    }
-
-    public static void main(
-        String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new OCSPTest());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/ocsp/test/OCSPTestUtil.java b/bcpkix/src/main/java/org/bouncycastle/cert/ocsp/test/OCSPTestUtil.java
deleted file mode 100644
index f6dd98c..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/ocsp/test/OCSPTestUtil.java
+++ /dev/null

@@ -1,170 +0,0 @@
-package org.bouncycastle.cert.ocsp.test;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.cert.X509Certificate;
-import java.util.Date;
-
-import javax.crypto.KeyGenerator;
-
-import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
-import org.bouncycastle.asn1.x509.BasicConstraints;
-import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x509.X509Extensions;
-import org.bouncycastle.asn1.x509.X509Name;
-import org.bouncycastle.cert.bc.BcX509ExtensionUtils;
-import org.bouncycastle.x509.X509V3CertificateGenerator;
-
-public class OCSPTestUtil
-{
-    
-    public static SecureRandom     rand;
-    public static KeyPairGenerator kpg, eckpg;
-    public static KeyGenerator     desede128kg;
-    public static KeyGenerator     desede192kg;
-    public static KeyGenerator     rc240kg;
-    public static KeyGenerator     rc264kg;
-    public static KeyGenerator     rc2128kg;
-    public static BigInteger       serialNumber;
-    
-    public static final boolean DEBUG = true;
-    
-    static
-    {
-        try
-        {
-            rand = new SecureRandom();
-
-            kpg  = KeyPairGenerator.getInstance("RSA", "BC");
-            kpg.initialize(1024, rand);
-
-            serialNumber = new BigInteger("1");
-
-            eckpg = KeyPairGenerator.getInstance("ECDSA", "BC");
-            eckpg.initialize(192, rand);
-        }
-        catch(Exception ex)
-        {
-            throw new RuntimeException(ex.toString());
-        }
-    }
-    
-    public static KeyPair makeKeyPair()
-    {
-        return kpg.generateKeyPair();
-    }
-
-    public static KeyPair makeECKeyPair()
-    {
-        return eckpg.generateKeyPair();
-    }
-
-    public static X509Certificate makeCertificate(KeyPair _subKP,
-            String _subDN, KeyPair _issKP, String _issDN)
-            throws Exception
-    {
-
-        return makeCertificate(_subKP, _subDN, _issKP, _issDN, false);
-    }
-
-    public static X509Certificate makeECDSACertificate(KeyPair _subKP,
-            String _subDN, KeyPair _issKP, String _issDN)
-            throws Exception
-    {
-
-        return makeECDSACertificate(_subKP, _subDN, _issKP, _issDN, false);
-    }
-
-    public static X509Certificate makeCACertificate(KeyPair _subKP,
-            String _subDN, KeyPair _issKP, String _issDN)
-            throws Exception
-    {
-
-        return makeCertificate(_subKP, _subDN, _issKP, _issDN, true);
-    }
-
-    public static X509Certificate makeCertificate(KeyPair _subKP,
-            String _subDN, KeyPair _issKP, String _issDN, boolean _ca)
-            throws Exception
-    {
-        return makeCertificate(_subKP,_subDN, _issKP, _issDN, "MD5withRSA", _ca);
-    }
-
-    public static X509Certificate makeECDSACertificate(KeyPair _subKP,
-            String _subDN, KeyPair _issKP, String _issDN, boolean _ca)
-            throws Exception
-    {
-        return makeCertificate(_subKP,_subDN, _issKP, _issDN, "SHA1WithECDSA", _ca);
-    }
-
-    public static X509Certificate makeCertificate(KeyPair _subKP,
-            String _subDN, KeyPair _issKP, String _issDN, String algorithm, boolean _ca)
-            throws Exception
-    {
-
-        PublicKey _subPub = _subKP.getPublic();
-        PrivateKey _issPriv = _issKP.getPrivate();
-        PublicKey _issPub = _issKP.getPublic();
-
-        X509V3CertificateGenerator _v3CertGen = new X509V3CertificateGenerator();
-
-        _v3CertGen.reset();
-        _v3CertGen.setSerialNumber(allocateSerialNumber());
-        _v3CertGen.setIssuerDN(new X509Name(_issDN));
-        _v3CertGen.setNotBefore(new Date(System.currentTimeMillis()));
-        _v3CertGen.setNotAfter(new Date(System.currentTimeMillis()
-                + (1000L * 60 * 60 * 24 * 100)));
-        _v3CertGen.setSubjectDN(new X509Name(_subDN));
-        _v3CertGen.setPublicKey(_subPub);
-        _v3CertGen.setSignatureAlgorithm(algorithm);
-
-        _v3CertGen.addExtension(X509Extensions.SubjectKeyIdentifier, false,
-                createSubjectKeyId(_subPub));
-
-        _v3CertGen.addExtension(X509Extensions.AuthorityKeyIdentifier, false,
-                createAuthorityKeyId(_issPub));
-
-        _v3CertGen.addExtension(X509Extensions.BasicConstraints, false,
-                new BasicConstraints(_ca));
-
-        X509Certificate _cert = _v3CertGen.generate(_issPriv);
-
-        _cert.checkValidity(new Date());
-        _cert.verify(_issPub);
-
-        return _cert;
-    }
-
-    /*
-     * 
-     * INTERNAL METHODS
-     * 
-     */
-
-    private static AuthorityKeyIdentifier createAuthorityKeyId(PublicKey _pubKey)
-            throws IOException
-    {
-        SubjectPublicKeyInfo _info = SubjectPublicKeyInfo.getInstance(_pubKey.getEncoded());
-
-        return new AuthorityKeyIdentifier(_info);
-    }
-
-    private static SubjectKeyIdentifier createSubjectKeyId(PublicKey _pubKey)
-            throws IOException
-    {
-        return new BcX509ExtensionUtils().createSubjectKeyIdentifier(SubjectPublicKeyInfo.getInstance(_pubKey.getEncoded()));
-    }
-
-    private static BigInteger allocateSerialNumber()
-    {
-        BigInteger _tmp = serialNumber;
-        serialNumber = serialNumber.add(BigInteger.valueOf(1));
-        return _tmp;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/package.html b/bcpkix/src/main/java/org/bouncycastle/cert/package.html
deleted file mode 100644
index 1b2a305..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Basic support package for handling and creating X.509 certificates, CRLs, and attribute certificates.
-</body>
-</html>

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/path/CertPath.java b/bcpkix/src/main/java/org/bouncycastle/cert/path/CertPath.java
deleted file mode 100644
index 1c1d93a..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/path/CertPath.java
+++ /dev/null

@@ -1,80 +0,0 @@
-package org.bouncycastle.cert.path;
-
-import org.bouncycastle.cert.X509CertificateHolder;
-
-public class CertPath
-{
-    private final X509CertificateHolder[] certificates;
-
-    public CertPath(X509CertificateHolder[] certificates)
-    {
-        this.certificates = copyArray(certificates);
-    }
-
-    public X509CertificateHolder[] getCertificates()
-    {
-        return copyArray(certificates);
-    }
-
-    public CertPathValidationResult validate(CertPathValidation[] ruleSet)
-    {
-        CertPathValidationContext context = new CertPathValidationContext(CertPathUtils.getCriticalExtensionsOIDs(certificates));
-
-        for (int i = 0; i != ruleSet.length; i++)
-        {
-            for (int j = certificates.length - 1; j >= 0; j--)
-            {
-                try
-                {
-                    context.setIsEndEntity(j == 0);
-                    ruleSet[i].validate(context, certificates[j]);
-                }
-                catch (CertPathValidationException e)
-                {   // TODO: introduce object to hold (i and e)
-                    return new CertPathValidationResult(context, j, i, e);
-                }
-            }
-        }
-
-        return new CertPathValidationResult(context);
-    }
-
-    public CertPathValidationResult evaluate(CertPathValidation[] ruleSet)
-    {
-        CertPathValidationContext context = new CertPathValidationContext(CertPathUtils.getCriticalExtensionsOIDs(certificates));
-
-        CertPathValidationResultBuilder builder = new CertPathValidationResultBuilder(context);
-
-        for (int i = 0; i != ruleSet.length; i++)
-        {
-            for (int j = certificates.length - 1; j >= 0; j--)
-            {
-                try
-                {
-                    context.setIsEndEntity(j == 0);
-                    ruleSet[i].validate(context, certificates[j]);
-                }
-                catch (CertPathValidationException e)
-                {
-                   builder.addException(j, i, e);
-                }
-            }
-        }
-
-        return builder.build();
-    }
-
-    private X509CertificateHolder[] copyArray(X509CertificateHolder[] array)
-    {
-        X509CertificateHolder[] rv = new X509CertificateHolder[array.length];
-
-        System.arraycopy(array, 0, rv, 0, rv.length);
-
-        return rv;
-    }
-
-    public int length()
-    {
-        return certificates.length;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/path/CertPathUtils.java b/bcpkix/src/main/java/org/bouncycastle/cert/path/CertPathUtils.java
deleted file mode 100644
index 4811a3d..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/path/CertPathUtils.java
+++ /dev/null

@@ -1,21 +0,0 @@
-package org.bouncycastle.cert.path;
-
-import java.util.HashSet;
-import java.util.Set;
-
-import org.bouncycastle.cert.X509CertificateHolder;
-
-class CertPathUtils
-{
-    static Set getCriticalExtensionsOIDs(X509CertificateHolder[] certificates)
-    {
-        Set criticalExtensions = new HashSet();
-
-        for (int i = 0; i != certificates.length; i++)
-        {
-            criticalExtensions.addAll(certificates[i].getCriticalExtensionOIDs());
-        }
-
-        return criticalExtensions;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/path/CertPathValidation.java b/bcpkix/src/main/java/org/bouncycastle/cert/path/CertPathValidation.java
deleted file mode 100644
index 2704fe6..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/path/CertPathValidation.java
+++ /dev/null

@@ -1,11 +0,0 @@
-package org.bouncycastle.cert.path;
-
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.util.Memoable;
-
-public interface CertPathValidation
-    extends Memoable
-{
-    public void validate(CertPathValidationContext context, X509CertificateHolder certificate)
-        throws CertPathValidationException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/path/CertPathValidationContext.java b/bcpkix/src/main/java/org/bouncycastle/cert/path/CertPathValidationContext.java
deleted file mode 100644
index 6a4b0ec..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/path/CertPathValidationContext.java
+++ /dev/null

@@ -1,61 +0,0 @@
-package org.bouncycastle.cert.path;
-
-import java.util.HashSet;
-import java.util.Set;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.util.Memoable;
-
-public class CertPathValidationContext
-    implements Memoable
-{
-    private Set criticalExtensions;
-
-    private Set handledExtensions = new HashSet();
-    private boolean endEntity;
-    private int index;
-
-    public CertPathValidationContext(Set criticalExtensionsOIDs)
-    {
-        this.criticalExtensions = criticalExtensionsOIDs;
-    }
-
-    public void addHandledExtension(ASN1ObjectIdentifier extensionIdentifier)
-    {
-        this.handledExtensions.add(extensionIdentifier);
-    }
-
-    public void setIsEndEntity(boolean isEndEntity)
-    {
-        this.endEntity = isEndEntity;
-    }
-
-    public Set getUnhandledCriticalExtensionOIDs()
-    {
-        Set rv = new HashSet(criticalExtensions);
-
-        rv.removeAll(handledExtensions);
-
-        return rv;
-    }
-
-    /**
-     * Returns true if the current certificate is the end-entity certificate.
-     *
-     * @return if current cert end-entity, false otherwise.
-     */
-    public boolean isEndEntity()
-    {
-        return endEntity;
-    }
-
-    public Memoable copy()
-    {
-        return null;  //To change body of implemented methods use File | Settings | File Templates.
-    }
-
-    public void reset(Memoable other)
-    {
-        //To change body of implemented methods use File | Settings | File Templates.
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/path/CertPathValidationException.java b/bcpkix/src/main/java/org/bouncycastle/cert/path/CertPathValidationException.java
deleted file mode 100644
index 958f2d0..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/path/CertPathValidationException.java
+++ /dev/null

@@ -1,24 +0,0 @@
-package org.bouncycastle.cert.path;
-
-public class CertPathValidationException
-    extends Exception
-{
-    private final Exception cause;
-
-    public CertPathValidationException(String msg)
-    {
-        this(msg, null);
-    }
-
-    public CertPathValidationException(String msg, Exception cause)
-    {
-        super(msg);
-
-        this.cause = cause;
-    }
-
-    public Throwable getCause()
-    {
-        return cause;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/path/CertPathValidationResult.java b/bcpkix/src/main/java/org/bouncycastle/cert/path/CertPathValidationResult.java
deleted file mode 100644
index 0a4e618..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/path/CertPathValidationResult.java
+++ /dev/null

@@ -1,119 +0,0 @@
-package org.bouncycastle.cert.path;
-
-import java.util.Collections;
-import java.util.Set;
-
-import org.bouncycastle.util.Arrays;
-
-public class CertPathValidationResult
-{
-    private final boolean isValid;
-    private final CertPathValidationException cause;
-    private final Set unhandledCriticalExtensionOIDs;
-    private final int certIndex;
-    private final int ruleIndex;
-
-    private CertPathValidationException[] causes;
-    private int[] certIndexes;
-    private int[] ruleIndexes;
-
-    public CertPathValidationResult(CertPathValidationContext context)
-    {
-        this.unhandledCriticalExtensionOIDs = Collections.unmodifiableSet(context.getUnhandledCriticalExtensionOIDs());
-        this.isValid = this.unhandledCriticalExtensionOIDs.isEmpty();
-        this.certIndex = -1;
-        this.ruleIndex = -1;
-        cause = null;
-    }
-
-    public CertPathValidationResult(CertPathValidationContext context, int certIndex, int ruleIndex, CertPathValidationException cause)
-    {
-        this.unhandledCriticalExtensionOIDs = Collections.unmodifiableSet(context.getUnhandledCriticalExtensionOIDs());
-        this.isValid = false;
-        this.certIndex = certIndex;
-        this.ruleIndex = ruleIndex;
-        this.cause = cause;
-    }
-
-    public CertPathValidationResult(CertPathValidationContext context, int[] certIndexes, int[] ruleIndexes, CertPathValidationException[] causes)
-    {
-        this.unhandledCriticalExtensionOIDs = Collections.unmodifiableSet(context.getUnhandledCriticalExtensionOIDs());
-        this.isValid = false;
-        this.cause = causes[0];
-        this.certIndex = certIndexes[0];
-        this.ruleIndex = ruleIndexes[0];
-        this.causes = causes;
-        this.certIndexes = certIndexes;
-        this.ruleIndexes = ruleIndexes;
-    }
-
-    public boolean isValid()
-    {
-        return isValid;
-    }
-
-    public CertPathValidationException getCause()
-    {
-        if (cause != null)
-        {
-            return cause;
-        }
-
-        if (!unhandledCriticalExtensionOIDs.isEmpty())
-        {
-            return new CertPathValidationException("Unhandled Critical Extensions");
-        }
-
-        return null;
-    }
-
-    public int getFailingCertIndex()
-    {
-        return certIndex;
-    }
-
-    public int getFailingRuleIndex()
-    {
-        return ruleIndex;
-    }
-
-    public Set getUnhandledCriticalExtensionOIDs()
-    {
-        return unhandledCriticalExtensionOIDs;
-    }
-
-    public boolean isDetailed()
-    {
-        return this.certIndexes != null;
-    }
-
-    public CertPathValidationException[] getCauses()
-    {
-        if (causes != null)
-        {
-            CertPathValidationException[] rv = new CertPathValidationException[causes.length];
-
-            System.arraycopy(causes, 0, rv, 0, causes.length);
-
-            return rv;
-        }
-
-        if (!unhandledCriticalExtensionOIDs.isEmpty())
-        {
-            return new CertPathValidationException[]
-                { new CertPathValidationException("Unhandled Critical Extensions") };
-        }
-
-        return null;
-    }
-
-    public int[] getFailingCertIndexes()
-    {
-        return Arrays.clone(certIndexes);
-    }
-
-    public int[] getFailingRuleIndexes()
-    {
-        return Arrays.clone(ruleIndexes);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/path/CertPathValidationResultBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/path/CertPathValidationResultBuilder.java
deleted file mode 100644
index c00d5f7..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/path/CertPathValidationResultBuilder.java
+++ /dev/null

@@ -1,51 +0,0 @@
-package org.bouncycastle.cert.path;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import org.bouncycastle.util.Integers;
-
-class CertPathValidationResultBuilder
-{
-    private final CertPathValidationContext context;
-    private final List<Integer> certIndexes = new ArrayList<Integer>();
-    private final List<Integer> ruleIndexes = new ArrayList<Integer>();
-    private final List<CertPathValidationException> exceptions = new ArrayList<CertPathValidationException>();
-
-    CertPathValidationResultBuilder(CertPathValidationContext context)
-    {
-        this.context = context;
-    }
-
-    public CertPathValidationResult build()
-    {
-        if (exceptions.isEmpty())
-        {
-            return new CertPathValidationResult(context);
-        }
-        else
-        {
-            return new CertPathValidationResult(context,
-                toInts(certIndexes), toInts(ruleIndexes), (CertPathValidationException[])exceptions.toArray(new CertPathValidationException[exceptions.size()]));
-        }
-    }
-
-    public void addException(int certIndex, int ruleIndex, CertPathValidationException exception)
-    {
-        this.certIndexes.add(Integers.valueOf(certIndex));
-        this.ruleIndexes.add(Integers.valueOf(ruleIndex));
-        this.exceptions.add(exception);
-    }
-
-    private int[] toInts(List<Integer> values)
-    {
-        int[] rv = new int[values.size()];
-
-        for (int i = 0; i != rv.length; i++)
-        {
-            rv[i] = ((Integer)values.get(i)).intValue();
-        }
-
-        return rv;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/path/test/AllTests.java b/bcpkix/src/main/java/org/bouncycastle/cert/path/test/AllTests.java
deleted file mode 100644
index 8644cb1..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/path/test/AllTests.java
+++ /dev/null

@@ -1,67 +0,0 @@
-package org.bouncycastle.cert.path.test;
-
-import java.security.Security;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.test.SimpleTestResult;
-
-public class AllTests
-    extends TestCase
-{
-    public void testSimpleTests()
-    {
-        org.bouncycastle.util.test.Test[] tests = new org.bouncycastle.util.test.Test[] { new CertPathTest(), new CertPathValidationTest() };
-
-        for (int i = 0; i != tests.length; i++)
-        {
-            SimpleTestResult  result = (SimpleTestResult)tests[i].perform();
-
-            if (!result.isSuccessful())
-            {
-                if (result.getException() != null)
-                {
-                    result.getException().printStackTrace();
-                }
-                fail(result.toString());
-            }
-        }
-    }
-
-    public static void main (String[] args)
-    {
-        junit.textui.TestRunner.run(suite());
-    }
-
-    public static Test suite()
-    {
-        TestSuite suite = new TestSuite("Cert Path Tests");
-
-        suite.addTestSuite(AllTests.class);
-
-        return new BCTestSetup(suite);
-    }
-
-    static class BCTestSetup
-        extends TestSetup
-    {
-        public BCTestSetup(Test test)
-        {
-            super(test);
-        }
-
-        protected void setUp()
-        {
-            Security.addProvider(new BouncyCastleProvider());
-        }
-
-        protected void tearDown()
-        {
-            Security.removeProvider("BC");
-        }
-    }
-
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/path/test/CertPathTest.java b/bcpkix/src/main/java/org/bouncycastle/cert/path/test/CertPathTest.java
deleted file mode 100644
index b1e55da..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/path/test/CertPathTest.java
+++ /dev/null

@@ -1,369 +0,0 @@
-package org.bouncycastle.cert.path.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.ObjectOutputStream;
-import java.security.InvalidKeyException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PublicKey;
-import java.security.Security;
-import java.security.SignatureException;
-import java.security.cert.CertPath;
-import java.security.cert.CertPathBuilder;
-import java.security.cert.CertPathBuilderException;
-import java.security.cert.CertPathBuilderResult;
-import java.security.cert.CertStore;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.CollectionCertStoreParameters;
-import java.security.cert.PKIXBuilderParameters;
-import java.security.cert.TrustAnchor;
-import java.security.cert.X509CertSelector;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Set;
-import java.util.Vector;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class CertPathTest
-    extends SimpleTest
-{
-    public static byte[] rootCertBin = Base64.decode(
-        "MIIBqzCCARQCAQEwDQYJKoZIhvcNAQEFBQAwHjEcMBoGA1UEAxMTVGVzdCBDQSBDZXJ0aWZpY2F0ZTAeFw0wODA5MDQwNDQ1MDhaFw0wODA5MTEwNDQ1MDhaMB4xHDAaBgNVBAMTE1Rlc3QgQ0EgQ2VydGlmaWNhdGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMRLUjhPe4YUdLo6EcjKcWUOG7CydFTH53Pr1lWjOkbmszYDpkhCTT9LOsI+disk18nkBxSl8DAHTqV+VxtuTPt64iyi10YxyDeep+DwZG/f8cVQv97U3hA9cLurZ2CofkMLGr6JpSGCMZ9FcstcTdHB4lbErIJ54YqfF4pNOs4/AgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAgyrTEFY7ALpeY59jL6xFOLpuPqoBOWrUWv6O+zy5BCU0qiX71r3BpigtxRj+DYcfLIM9FNERDoHu3TthD3nwYWUBtFX8N0QUJIdJabxqAMhLjSC744koiFpCYse5Ye3ZvEdFwDzgAQsJTp5eFGgTZPkPzcdhkFJ2p9+OWs+cb24=");
-
-
-    static byte[] interCertBin = Base64.decode(
-        "MIICSzCCAbSgAwIBAgIBATANBgkqhkiG9w0BAQUFADAeMRwwGgYDVQQDExNUZXN0IENBIENlcnRpZmljYXRlMB4XDTA4MDkwNDA0NDUwOFoXDTA4MDkxMTA0NDUwOFowKDEmMCQGA1UEAxMdVGVzdCBJbnRlcm1lZGlhdGUgQ2VydGlmaWNhdGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAISS9OOZ2wxzdWny9aVvk4Joq+dwSJ+oqvHUxX3PflZyuiLiCBUOUE4q59dGKdtNX5fIfwyK3cpV0e73Y/0fwfM3m9rOWFrCKOhfeswNTes0w/2PqPVVDDsF/nj7NApuqXwioeQlgTL251RDF4sVoxXqAU7lRkcqwZt3mwqS4KTJAgMBAAGjgY4wgYswRgYDVR0jBD8wPYAUhv8BOT27EB9JaCccJD4YASPP5XWhIqQgMB4xHDAaBgNVBAMTE1Rlc3QgQ0EgQ2VydGlmaWNhdGWCAQEwHQYDVR0OBBYEFL/IwAGOkHzaQyPZegy79CwM5oTFMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBBQUAA4GBAE4TRgUz4sUvZyVdZxqV+XyNRnqXAeLOOqFGYv2D96tQrS+zjd0elVlT6lFrtchZdOmmX7R6/H/tjMWMcTBICZyRYrvK8cCAmDOI+EIdq5p6lj2Oq6Pbw/wruojAqNrpaR6IkwNpWtdOSSupv4IJL+YU9q2YFTh4R1j3tOkPoFGr");
-
-    static byte[] finalCertBin = Base64.decode(
-        "MIICRjCCAa+gAwIBAgIBATANBgkqhkiG9w0BAQUFADAoMSYwJAYDVQQDEx1UZXN0IEludGVybWVkaWF0ZSBDZXJ0aWZpY2F0ZTAeFw0wODA5MDQwNDQ1MDhaFw0wODA5MTEwNDQ1MDhaMB8xHTAbBgNVBAMTFFRlc3QgRW5kIENlcnRpZmljYXRlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQChpUeo0tPYywWKiLlbWKNJBcCpSaLSlaZ+4+yer1AxI5yJIVHP6SAlBghlbD5Qne5ImnN/15cz1xwYAiul6vGKJkVPlFEe2Mr+g/J/WJPQQPsjbZ1G+vxbAwXEDA4KaQrnpjRZFq+CdKHwOjuPLYS/MYQNgdIvDVEQcTbPQ8GaiQIDAQABo4GIMIGFMEYGA1UdIwQ/MD2AFL/IwAGOkHzaQyPZegy79CwM5oTFoSKkIDAeMRwwGgYDVQQDExNUZXN0IENBIENlcnRpZmljYXRlggEBMB0GA1UdDgQWBBSVkw+VpqBf3zsLc/9GdkK9TzHPwDAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIFoDANBgkqhkiG9w0BAQUFAAOBgQBLv/0bVDjzTs/y1vN3FUiZNknEbzupIZduTuXJjqv/vBX+LDPjUfu/+iOCXOSKoRn6nlOWhwB1z6taG2usQkFG8InMkRcPREi2uVgFdhJ/1C3dAWhsdlubjdL926bftXvxnx/koDzyrePW5U96RlOQM2qLvbaky2Giz6hrc3Wl+w==");
-    public static byte[] rootCrlBin = Base64.decode(
-        "MIIBYjCBzAIBATANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDExNUZXN0IENBIENlcnRpZmljYXRlFw0wODA5MDQwNDQ1MDhaFw0wODA5MDQwNzMxNDhaMCIwIAIBAhcNMDgwOTA0MDQ0NTA4WjAMMAoGA1UdFQQDCgEJoFYwVDBGBgNVHSMEPzA9gBSG/wE5PbsQH0loJxwkPhgBI8/ldaEipCAwHjEcMBoGA1UEAxMTVGVzdCBDQSBDZXJ0aWZpY2F0ZYIBATAKBgNVHRQEAwIBATANBgkqhkiG9w0BAQsFAAOBgQCAbaFCo0BNG4AktVf6jjBLeawP1u0ELYkOCEGvYZE0mBpQ+OvFg7subZ6r3lRIj030nUli28sPFtu5ZQMBNcpE4nS1ziF44RfT3Lp5UgHx9x17Krz781iEyV+7zU8YxYMY9wULD+DCuK294kGKIssVNbmTYXZatBNoXQN5CLIocA==");
-    static byte[] interCrlBin = Base64.decode(
-        "MIIBbDCB1gIBATANBgkqhkiG9w0BAQsFADAoMSYwJAYDVQQDEx1UZXN0IEludGVybWVkaWF0ZSBDZXJ0aWZpY2F0ZRcNMDgwOTA0MDQ0NTA4WhcNMDgwOTA0MDczMTQ4WjAiMCACAQIXDTA4MDkwNDA0NDUwOFowDDAKBgNVHRUEAwoBCaBWMFQwRgYDVR0jBD8wPYAUv8jAAY6QfNpDI9l6DLv0LAzmhMWhIqQgMB4xHDAaBgNVBAMTE1Rlc3QgQ0EgQ2VydGlmaWNhdGWCAQEwCgYDVR0UBAMCAQEwDQYJKoZIhvcNAQELBQADgYEAEVCr5TKs5yguGgLH+dBzmSPoeSIWJFLsgWwJEit/iUDJH3dgYmaczOcGxIDtbYYHLWIHM+P2YRyQz3MEkCXEgm/cx4y7leAmux5l+xQWgmxFPz+197vaphPeCZo+B7V1CWtm518gcq4mrs9ovfgNqgyFj7KGjcBpWdJE32KMt50=");
-
-    /*
-     * certpath with a circular reference
-     */
-    static byte[] certA = Base64.decode(
-        "MIIC6jCCAlOgAwIBAgIBBTANBgkqhkiG9w0BAQUFADCBjTEPMA0GA1UEAxMGSW50"
-      + "ZXIzMQswCQYDVQQGEwJDSDEPMA0GA1UEBxMGWnVyaWNoMQswCQYDVQQIEwJaSDEX"
-      + "MBUGA1UEChMOUHJpdmFzcGhlcmUgQUcxEDAOBgNVBAsTB1Rlc3RpbmcxJDAiBgkq"
-      + "hkiG9w0BCQEWFWFybWluQHByaXZhc3BoZXJlLmNvbTAeFw0wNzA0MDIwODQ2NTda"
-      + "Fw0xNzAzMzAwODQ0MDBaMIGlMScwJQYDVQQDHh4AQQByAG0AaQBuACAASADkAGIA"
-      + "ZQByAGwAaQBuAGcxCzAJBgNVBAYTAkNIMQ8wDQYDVQQHEwZadXJpY2gxCzAJBgNV"
-      + "BAgTAlpIMRcwFQYDVQQKEw5Qcml2YXNwaGVyZSBBRzEQMA4GA1UECxMHVGVzdGlu"
-      + "ZzEkMCIGCSqGSIb3DQEJARYVYXJtaW5AcHJpdmFzcGhlcmUuY29tMIGfMA0GCSqG"
-      + "SIb3DQEBAQUAA4GNADCBiQKBgQCfHfyVs5dbxG35H/Thd29qR4NZU88taCu/OWA1"
-      + "GdACI02lXWYpmLWiDgnU0ULP+GG8OnVp1IES9fz2zcrXKQ19xZzsen/To3h5sNte"
-      + "cJpS00XMM24q/jDwy5NvkBP9YIfFKQ1E/0hFHXcqwlw+b/y/v6YGsZCU2h6QDzc4"
-      + "5m0+BwIDAQABo0AwPjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIE8DAeBglg"
-      + "hkgBhvhCAQ0EERYPeGNhIGNlcnRpZmljYXRlMA0GCSqGSIb3DQEBBQUAA4GBAJEu"
-      + "KiSfIwsY7SfobMLrv2v/BtLhGLi4RnmjiwzBhuv5rn4rRfBpq1ppmqQMJ2pmA67v"
-      + "UWCY+mNwuyjHyivpCCyJGsZ9d5H09g2vqxzkDBMz7X9VNMZYFH8j/R3/Cfvqks31"
-      + "z0OFslJkeKLa1I0P/dfVHsRKNkLRT3Ws5LKksErQ");
-
-    static byte[] certB = Base64.decode(
-        "MIICtTCCAh6gAwIBAgIBBDANBgkqhkiG9w0BAQQFADCBjTEPMA0GA1UEAxMGSW50"
-      + "ZXIyMQswCQYDVQQGEwJDSDEPMA0GA1UEBxMGWnVyaWNoMQswCQYDVQQIEwJaSDEX"
-      + "MBUGA1UEChMOUHJpdmFzcGhlcmUgQUcxEDAOBgNVBAsTB1Rlc3RpbmcxJDAiBgkq"
-      + "hkiG9w0BCQEWFWFybWluQHByaXZhc3BoZXJlLmNvbTAeFw0wNzA0MDIwODQ2Mzha"
-      + "Fw0xNzAzMzAwODQ0MDBaMIGNMQ8wDQYDVQQDEwZJbnRlcjMxCzAJBgNVBAYTAkNI"
-      + "MQ8wDQYDVQQHEwZadXJpY2gxCzAJBgNVBAgTAlpIMRcwFQYDVQQKEw5Qcml2YXNw"
-      + "aGVyZSBBRzEQMA4GA1UECxMHVGVzdGluZzEkMCIGCSqGSIb3DQEJARYVYXJtaW5A"
-      + "cHJpdmFzcGhlcmUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCxCXIB"
-      + "QRnmVvl2h7Q+0SsRxDLnyM1dJG9jMa+UCCmHy0k/ZHs5VirSbjEJSjkQ9BGeh9SC"
-      + "7JwbMpXO7UE+gcVc2RnWUY+MA+fWIeTV4KtkYA8WPu8wVGCXbN8wwh/StOocszxb"
-      + "g+iLvGeh8CYSRqg6QN3S/02etH3o8H4e7Z0PZwIDAQABoyMwITAPBgNVHRMBAf8E"
-      + "BTADAQH/MA4GA1UdDwEB/wQEAwIB9jANBgkqhkiG9w0BAQQFAAOBgQCtWdirSsmt"
-      + "+CBBCNn6ZnbU3QqQfiiQIomjenNEHESJgaS/+PvPE5i3xWFXsunTHLW321/Km16I"
-      + "7+ZvT8Su1cqHg79NAT8QB0yke1saKSy2C0Pic4HwrNqVBWFNSxMU0hQzpx/ZXDbZ"
-      + "DqIXAp5EfyRYBy2ul+jm6Rot6aFgzuopKg==");
-
-    static byte[] certC = Base64.decode(
-        "MIICtTCCAh6gAwIBAgIBAjANBgkqhkiG9w0BAQQFADCBjTEPMA0GA1UEAxMGSW50"
-      + "ZXIxMQswCQYDVQQGEwJDSDEPMA0GA1UEBxMGWnVyaWNoMQswCQYDVQQIEwJaSDEX"
-      + "MBUGA1UEChMOUHJpdmFzcGhlcmUgQUcxEDAOBgNVBAsTB1Rlc3RpbmcxJDAiBgkq"
-      + "hkiG9w0BCQEWFWFybWluQHByaXZhc3BoZXJlLmNvbTAeFw0wNzA0MDIwODQ0Mzla"
-      + "Fw0xNzAzMzAwODQ0MDBaMIGNMQ8wDQYDVQQDEwZJbnRlcjIxCzAJBgNVBAYTAkNI"
-      + "MQ8wDQYDVQQHEwZadXJpY2gxCzAJBgNVBAgTAlpIMRcwFQYDVQQKEw5Qcml2YXNw"
-      + "aGVyZSBBRzEQMA4GA1UECxMHVGVzdGluZzEkMCIGCSqGSIb3DQEJARYVYXJtaW5A"
-      + "cHJpdmFzcGhlcmUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD0rLr6"
-      + "f2/ONeJzTb0q9M/NNX+MnAFMSqiQGVBkT76u5nOH4KLkpHXkzI82JI7GuQMzoT3a"
-      + "+RP1hO6FneO92ms2soC6xiOFb4EC69Dfhh87Nww5O35JxVF0bzmbmIAWd6P/7zGh"
-      + "nd2S4tKkaZcubps+C0j9Fgi0hipVicAOUVVoDQIDAQABoyMwITAPBgNVHRMBAf8E"
-      + "BTADAQH/MA4GA1UdDwEB/wQEAwIB9jANBgkqhkiG9w0BAQQFAAOBgQCLPvc1IMA4"
-      + "YP+PmnEldyUoRWRnvPWjBGeu0WheBP7fdcnGBf93Nmc5j68ZN+eTZ5VMuZ99YdvH"
-      + "CXGNX6oodONLU//LlFKdLl5xjLAS5X9p1RbOEGytnalqeiEpjk4+C/7rIBG1kllO"
-      + "dItmI6LlEMV09Hkpg6ZRAUmRkb8KrM4X7A==");
-
-    static byte[] certD = Base64.decode(
-        "MIICtTCCAh6gAwIBAgIBBjANBgkqhkiG9w0BAQQFADCBjTEPMA0GA1UEAxMGSW50"
-      + "ZXIzMQswCQYDVQQGEwJDSDEPMA0GA1UEBxMGWnVyaWNoMQswCQYDVQQIEwJaSDEX"
-      + "MBUGA1UEChMOUHJpdmFzcGhlcmUgQUcxEDAOBgNVBAsTB1Rlc3RpbmcxJDAiBgkq"
-      + "hkiG9w0BCQEWFWFybWluQHByaXZhc3BoZXJlLmNvbTAeFw0wNzA0MDIwODQ5NTNa"
-      + "Fw0xNzAzMzAwODQ0MDBaMIGNMQ8wDQYDVQQDEwZJbnRlcjExCzAJBgNVBAYTAkNI"
-      + "MQ8wDQYDVQQHEwZadXJpY2gxCzAJBgNVBAgTAlpIMRcwFQYDVQQKEw5Qcml2YXNw"
-      + "aGVyZSBBRzEQMA4GA1UECxMHVGVzdGluZzEkMCIGCSqGSIb3DQEJARYVYXJtaW5A"
-      + "cHJpdmFzcGhlcmUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCae3TP"
-      + "jIVKeASqvNabaiUHAMGUgFxB7L0yUsIj39azLcLtUj4S7XkDf7SMGtYV0JY1XNaQ"
-      + "sHJAsnJivDZc50oiYvqDYfgFZx5+AsN5l5X5rjRzs/OX+Jo+k1OgsIyu6+mf9Kfb"
-      + "5IdWOVB2EcOg4f9tPjLM8CIj9Pp7RbKLyqUUgwIDAQABoyMwITAPBgNVHRMBAf8E"
-      + "BTADAQH/MA4GA1UdDwEB/wQEAwIB9jANBgkqhkiG9w0BAQQFAAOBgQCgr9kUdWUT"
-      + "Lt9UcztSzR3pnHRsyvS0E/z850OKQKS5/VxLEalpFvhj+3EcZ7Y6mFxaaS2B7vXg"
-      + "2YWyqV1PRb6iF7/u9EXkpSTKGrJahwANirCa3V/HTUuPdCE2GITlnWI8h3eVA+xQ"
-      + "D4LF0PXHOkXbwmhXRSb10lW1bSGkUxE9jg==");
-
-    private void testExceptions()
-        throws Exception
-    {
-        byte[] enc = { (byte)0, (byte)2, (byte)3, (byte)4, (byte)5 };
-        MyCertPath mc = new MyCertPath(enc);
-        ByteArrayOutputStream os = new ByteArrayOutputStream();
-        ByteArrayInputStream is;
-        byte[] arr;
-
-        ObjectOutputStream oOut = new ObjectOutputStream(os);
-        oOut.writeObject(mc);
-        oOut.flush();
-        oOut.close();
-
-        try
-        {
-            CertificateFactory cFac = CertificateFactory.getInstance("X.509",
-                    "BC");
-            arr = os.toByteArray();
-            is = new ByteArrayInputStream(arr);
-            cFac.generateCertPath(is);
-        }
-        catch (CertificateException e)
-        {
-            // ignore okay
-        }
-
-        CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
-        List certCol = new ArrayList();
-
-        certCol.add(cf.generateCertificate(new ByteArrayInputStream(certA)));
-        certCol.add(cf.generateCertificate(new ByteArrayInputStream(certB)));
-        certCol.add(cf.generateCertificate(new ByteArrayInputStream(certC)));
-        certCol.add(cf.generateCertificate(new ByteArrayInputStream(certD)));
-
-        CertPathBuilder pathBuilder = CertPathBuilder.getInstance("PKIX", "BC");
-        X509CertSelector select = new X509CertSelector();
-        select.setSubject(((X509Certificate)certCol.get(0)).getSubjectX500Principal().getEncoded());
-
-        Set trustanchors = new HashSet();
-        trustanchors.add(new TrustAnchor((X509Certificate)cf.generateCertificate(new ByteArrayInputStream(rootCertBin)), null));
-
-        CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certCol));
-
-        PKIXBuilderParameters params = new PKIXBuilderParameters(trustanchors, select);
-        params.addCertStore(certStore);
-
-        try
-        {
-            CertPathBuilderResult result = pathBuilder.build(params);
-            CertPath path = result.getCertPath();
-            fail("found cert path in circular set");
-        }
-        catch (CertPathBuilderException e) 
-        {
-            // expected
-        }
-    }
-    
-    public void performTest()
-        throws Exception
-    {
-        CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
-
-        X509Certificate rootCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(rootCertBin));
-        X509Certificate interCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(interCertBin));
-        X509Certificate finalCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(finalCertBin));
-
-            //Testing CertPath generation from List
-        List list = new ArrayList();
-        list.add(interCert);
-        CertPath certPath1 = cf.generateCertPath(list);
-
-            //Testing CertPath encoding as PkiPath
-        byte[] encoded = certPath1.getEncoded("PkiPath");
-
-            //Testing CertPath generation from InputStream
-        ByteArrayInputStream inStream = new ByteArrayInputStream(encoded);
-        CertPath certPath2 = cf.generateCertPath(inStream, "PkiPath");
-
-            //Comparing both CertPathes
-        if (!certPath2.equals(certPath1))
-        {
-            fail("CertPath differ after encoding and decoding.");
-        }
-
-        encoded = certPath1.getEncoded("PKCS7");
-
-            //Testing CertPath generation from InputStream
-        inStream = new ByteArrayInputStream(encoded);
-        certPath2 = cf.generateCertPath(inStream, "PKCS7");
-
-            //Comparing both CertPathes
-        if (!certPath2.equals(certPath1))
-        {
-            fail("CertPath differ after encoding and decoding.");
-        }
-
-        encoded = certPath1.getEncoded("PEM");
-
-            //Testing CertPath generation from InputStream
-        inStream = new ByteArrayInputStream(encoded);
-        certPath2 = cf.generateCertPath(inStream, "PEM");
-
-            //Comparing both CertPathes
-        if (!certPath2.equals(certPath1))
-        {
-            fail("CertPath differ after encoding and decoding.");
-        }
-
-        //
-        // empty list test
-        //
-        list = new ArrayList();
-
-        CertPath certPath = CertificateFactory.getInstance("X.509", "BC").generateCertPath(list);
-        if (certPath.getCertificates().size() != 0)
-        {
-            fail("list wrong size.");
-        }
-
-        //
-        // exception tests
-        //
-        testExceptions();
-    }
-
-    public String getName()
-    {
-        return "CertPath";
-    }
-
-    public static void main(
-        String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new CertPathTest());
-    }
-
-    private static class MyCertificate extends Certificate
-    {
-        private final byte[] encoding;
-
-        public MyCertificate(String type, byte[] encoding)
-        {
-            super(type);
-            // don't copy to allow null parameter in test
-            this.encoding = encoding;
-        }
-
-        public byte[] getEncoded() throws CertificateEncodingException
-        {
-            // do copy to force NPE in test
-            return (byte[])encoding.clone();
-        }
-
-        public void verify(PublicKey key) throws CertificateException,
-                NoSuchAlgorithmException, InvalidKeyException,
-                NoSuchProviderException, SignatureException
-        {
-        }
-
-        public void verify(PublicKey key, String sigProvider)
-                throws CertificateException, NoSuchAlgorithmException,
-                InvalidKeyException, NoSuchProviderException,
-                SignatureException
-        {
-        }
-
-        public String toString()
-        {
-            return "[My test Certificate, type: " + getType() + "]";
-        }
-
-        public PublicKey getPublicKey()
-        {
-            return new PublicKey()
-            {
-                public String getAlgorithm()
-                {
-                    return "TEST";
-                }
-
-                public byte[] getEncoded()
-                {
-                    return new byte[] { (byte)1, (byte)2, (byte)3 };
-                }
-
-                public String getFormat()
-                {
-                    return "TEST_FORMAT";
-                }
-            };
-        }
-    }
-
-    private static class MyCertPath extends CertPath
-    {
-        private final Vector certificates;
-
-        private final Vector encodingNames;
-
-        private final byte[] encoding;
-
-        public MyCertPath(byte[] encoding)
-        {
-            super("MyEncoding");
-            this.encoding = encoding;
-            certificates = new Vector();
-            certificates.add(new MyCertificate("MyEncoding", encoding));
-            encodingNames = new Vector();
-            encodingNames.add("MyEncoding");
-        }
-
-        public List getCertificates()
-        {
-            return Collections.unmodifiableList(certificates);
-        }
-
-        public byte[] getEncoded() throws CertificateEncodingException
-        {
-            return (byte[])encoding.clone();
-        }
-
-        public byte[] getEncoded(String encoding)
-                throws CertificateEncodingException
-        {
-            if (getType().equals(encoding))
-            {
-                return (byte[])this.encoding.clone();
-            }
-            throw new CertificateEncodingException("Encoding not supported: "
-                    + encoding);
-        }
-
-        public Iterator getEncodings()
-        {
-            return Collections.unmodifiableCollection(encodingNames).iterator();
-        }
-    }
-}
-

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/path/test/CertPathValidationTest.java b/bcpkix/src/main/java/org/bouncycastle/cert/path/test/CertPathValidationTest.java
deleted file mode 100644
index 48cd306..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/path/test/CertPathValidationTest.java
+++ /dev/null

@@ -1,429 +0,0 @@
-package org.bouncycastle.cert.path.test;
-
-import java.security.Security;
-import java.util.ArrayList;
-import java.util.HashSet;
-import java.util.List;
-
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.cert.X509CRLHolder;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.X509ContentVerifierProviderBuilder;
-import org.bouncycastle.cert.jcajce.JcaX509ContentVerifierProviderBuilder;
-import org.bouncycastle.cert.path.CertPath;
-import org.bouncycastle.cert.path.CertPathValidation;
-import org.bouncycastle.cert.path.CertPathValidationContext;
-import org.bouncycastle.cert.path.CertPathValidationResult;
-import org.bouncycastle.cert.path.validations.BasicConstraintsValidation;
-import org.bouncycastle.cert.path.validations.CRLValidation;
-import org.bouncycastle.cert.path.validations.KeyUsageValidation;
-import org.bouncycastle.cert.path.validations.ParentCertIssuedValidation;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.CollectionStore;
-import org.bouncycastle.util.Store;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class CertPathValidationTest
-    extends SimpleTest
-{
-    private byte[] AC_PR = Base64.decode(
-           "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlFU1RDQ0F6R2dBd0lC"
-        + "QWdJQkJUQU5CZ2txaGtpRzl3MEJBUVVGQURDQnRERUxNQWtHQTFVRUJoTUNR"
-        + "bEl4DQpFekFSQmdOVkJBb1RDa2xEVUMxQ2NtRnphV3d4UFRBN0JnTlZCQXNU"
-        + "TkVsdWMzUnBkSFYwYnlCT1lXTnBiMjVoDQpiQ0JrWlNCVVpXTnViMnh2WjJs"
-        + "aElHUmhJRWx1Wm05eWJXRmpZVzhnTFNCSlZFa3hFVEFQQmdOVkJBY1RDRUp5"
-        + "DQpZWE5wYkdsaE1Rc3dDUVlEVlFRSUV3SkVSakV4TUM4R0ExVUVBeE1vUVhW"
-        + "MGIzSnBaR0ZrWlNCRFpYSjBhV1pwDQpZMkZrYjNKaElGSmhhWG9nUW5KaGMy"
-        + "bHNaV2x5WVRBZUZ3MHdNakEwTURReE9UTTVNREJhRncwd05UQTBNRFF5DQpN"
-        + "elU1TURCYU1HRXhDekFKQmdOVkJBWVRBa0pTTVJNd0VRWURWUVFLRXdwSlEx"
-        + "QXRRbkpoYzJsc01UMHdPd1lEDQpWUVFERXpSQmRYUnZjbWxrWVdSbElFTmxj"
-        + "blJwWm1sallXUnZjbUVnWkdFZ1VISmxjMmxrWlc1amFXRWdaR0VnDQpVbVZ3"
-        + "ZFdKc2FXTmhNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJD"
-        + "Z0tDQVFFQXMwc0t5NGsrDQp6b016aldyMTQxeTVYQ045UGJMZERFQXN2cjZ4"
-        + "Z0NCN1l5bEhIQ1NBYmpGR3dOQ0R5NlVxN1h0VjZ6UHdIMXpGDQpFWENlS3Jm"
-        + "UUl5YXBXSEZ4V1VKajBMblFrY1RZM1FOR1huK0JuVk9EVTZDV3M1c3NoZktH"
-        + "RXZyVlQ1Z214V1NmDQp4OFlsdDgzY1dwUE1QZzg3VDlCaHVIbHQzazh2M2Ev"
-        + "NmRPbmF2dytOYTAyZExBaDBlNzZqcCtQUS9LK0pHZlBuDQphQjVVWURrZkd0"
-        + "em5uTTNBV01tY3VJK0o0ek5OMDZaa3ZnbDFsdEo2UU1qcnZEUFlSak9ndDlT"
-        + "cklpY1NmbEo4DQptVDdHWGRRaXJnQUNXc3g1QURBSklRK253TU1vNHlyTUtx"
-        + "SlFhNFFDMHhhT0QvdkdVcG9SaDQzT0FTZFp3c3YvDQpPWFlybmVJeVAwVCs4"
-        + "UUlEQVFBQm80RzNNSUcwTUQwR0ExVWRId1EyTURRd01xQXdvQzZHTEdoMGRI"
-        + "QTZMeTloDQpZM0poYVhvdWFXTndZbkpoYzJsc0xtZHZkaTVpY2k5TVExSmhZ"
-        + "M0poYVhvdVkzSnNNQklHQTFVZElBUUxNQWt3DQpCd1lGWUV3QkFRRXdIUVlE"
-        + "VlIwT0JCWUVGREpUVFlKNE9TWVB5T09KZkVMZXhDaHppK2hiTUI4R0ExVWRJ"
-        + "d1FZDQpNQmFBRklyNjhWZUVFUk0xa0VMNlYwbFVhUTJreFBBM01BNEdBMVVk"
-        + "RHdFQi93UUVBd0lCQmpBUEJnTlZIUk1CDQpBZjhFQlRBREFRSC9NQTBHQ1Nx"
-        + "R1NJYjNEUUVCQlFVQUE0SUJBUUJRUFNoZ1lidnFjaWV2SDVVb3ZMeXhkbkYr"
-        + "DQpFcjlOeXF1SWNkMnZ3Y0N1SnpKMkQ3WDBUcWhHQ0JmUEpVVkdBVWorS0NP"
-        + "SDFCVkgva1l1OUhsVHB1MGtKWFBwDQpBQlZkb2hJUERqRHhkbjhXcFFSL0Yr"
-        + "ejFDaWtVcldIMDR4eTd1N1p6UUpLSlBuR0loY1FpOElyRm1PYkllMEc3DQpY"
-        + "WTZPTjdPRUZxY21KTFFHWWdtRzFXMklXcytQd1JwWTdENGhLVEFoVjFSNkVv"
-        + "amE1L3BPcmVDL09kZXlQWmVxDQo1SUZTOUZZZk02U0Npd2hrK3l2Q1FHbVo0"
-        + "YzE5SjM0ZjVFYkRrK1NQR2tEK25EQ0E3L3VMUWNUMlJURE14SzBaDQpuZlo2"
-        + "Nm1Sc0ZjcXRGaWdScjVFcmtKZDdoUVV6eHNOV0VrNzJEVUFIcVgvNlNjeWtt"
-        + "SkR2V0plSUpqZlcNCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0NCg==");
-
-    private byte[] AC_RAIZ_ICPBRASIL = Base64.decode(
-          "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlFdURDQ0E2Q2dBd0lC"
-        + "QWdJQkJEQU5CZ2txaGtpRzl3MEJBUVVGQURDQnRERUxNQWtHQTFVRUJoTUNR"
-        + "bEl4DQpFekFSQmdOVkJBb1RDa2xEVUMxQ2NtRnphV3d4UFRBN0JnTlZCQXNU"
-        + "TkVsdWMzUnBkSFYwYnlCT1lXTnBiMjVoDQpiQ0JrWlNCVVpXTnViMnh2WjJs"
-        + "aElHUmhJRWx1Wm05eWJXRmpZVzhnTFNCSlZFa3hFVEFQQmdOVkJBY1RDRUp5"
-        + "DQpZWE5wYkdsaE1Rc3dDUVlEVlFRSUV3SkVSakV4TUM4R0ExVUVBeE1vUVhW"
-        + "MGIzSnBaR0ZrWlNCRFpYSjBhV1pwDQpZMkZrYjNKaElGSmhhWG9nUW5KaGMy"
-        + "bHNaV2x5WVRBZUZ3MHdNVEV4TXpBeE1qVTRNREJhRncweE1URXhNekF5DQpN"
-        + "elU1TURCYU1JRzBNUXN3Q1FZRFZRUUdFd0pDVWpFVE1CRUdBMVVFQ2hNS1NV"
-        + "TlFMVUp5WVhOcGJERTlNRHNHDQpBMVVFQ3hNMFNXNXpkR2wwZFhSdklFNWhZ"
-        + "Mmx2Ym1Gc0lHUmxJRlJsWTI1dmJHOW5hV0VnWkdFZ1NXNW1iM0p0DQpZV05o"
-        + "YnlBdElFbFVTVEVSTUE4R0ExVUVCeE1JUW5KaGMybHNhV0V4Q3pBSkJnTlZC"
-        + "QWdUQWtSR01URXdMd1lEDQpWUVFERXloQmRYUnZjbWxrWVdSbElFTmxjblJw"
-        + "Wm1sallXUnZjbUVnVW1GcGVpQkNjbUZ6YVd4bGFYSmhNSUlCDQpJakFOQmdr"
-        + "cWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBd1BNdWR3WC9odm0r"
-        + "VWgyYi9sUUFjSFZBDQppc2FtYUxrV2Rrd1A5L1MvdE9LSWdSckw2T3krWklH"
-        + "bE9VZGQ2dVl0azlNYS8zcFVwZ2NmTkFqMHZZbTVnc3lqDQpRbzllbXNjK3g2"
-        + "bTRWV3drOWlxTVpTQ0s1RVFrQXEvVXQ0bjdLdUxFMStnZGZ0d2RJZ3hmVXNQ"
-        + "dDRDeU5yWTUwDQpRVjU3S00yVVQ4eDVycm16RWpyN1RJQ0dwU1VBbDJnVnFl"
-        + "NnhhaWkrYm1ZUjFRcm1XYUJTQUc1OUxya3Jqcll0DQpiUmhGYm9VRGUxREsr"
-        + "NlQ4czVMNms4Yzhva3BiSHBhOXZlTXp0RFZDOXNQSjYwTVdYaDZhblZLbzFV"
-        + "Y0xjYlVSDQp5RWVOdlpuZVZSS0FBVTZvdXdkakR2d2xzYUt5ZEZLd2VkMFRv"
-        + "UTQ3Ym1VS2djbSt3VjNlVFJrMzZVT25Ud0lEDQpBUUFCbzRIU01JSFBNRTRH"
-        + "QTFVZElBUkhNRVV3UXdZRllFd0JBUUF3T2pBNEJnZ3JCZ0VGQlFjQ0FSWXNh"
-        + "SFIwDQpjRG92TDJGamNtRnBlaTVwWTNCaWNtRnphV3d1WjI5MkxtSnlMMFJR"
-        + "UTJGamNtRnBlaTV3WkdZd1BRWURWUjBmDQpCRFl3TkRBeW9EQ2dMb1lzYUhS"
-        + "MGNEb3ZMMkZqY21GcGVpNXBZM0JpY21GemFXd3VaMjkyTG1KeUwweERVbUZq"
-        + "DQpjbUZwZWk1amNtd3dIUVlEVlIwT0JCWUVGSXI2OFZlRUVSTTFrRUw2VjBs"
-        + "VWFRMmt4UEEzTUE4R0ExVWRFd0VCDQovd1FGTUFNQkFmOHdEZ1lEVlIwUEFR"
-        + "SC9CQVFEQWdFR01BMEdDU3FHU0liM0RRRUJCUVVBQTRJQkFRQVpBNWMxDQpV"
-        + "L2hnSWg2T2NnTEFmaUpnRldwdm1EWldxbFYzMC9iSEZwajhpQm9iSlNtNXVE"
-        + "cHQ3VGlyWWgxVXhlM2ZRYUdsDQpZakplKzl6ZCtpelBSYkJxWFBWUUEzNEVY"
-        + "Y3drNHFwV3VmMWhIcmlXZmRyeDhBY3FTcXI2Q3VRRndTcjc1Rm9zDQpTemx3"
-        + "REFEYTcwbVQ3d1pqQW1RaG5aeDJ4SjZ3ZldsVDlWUWZTLy9KWWVJYzdGdWUy"
-        + "Sk5MZDAwVU9TTU1haUsvDQp0NzllbktOSEVBMmZ1cEgzdkVpZ2Y1RWg0YlZB"
-        + "TjVWb2hyVG02TVk1M3g3WFFaWnIxTUU3YTU1bEZFblNlVDB1DQptbE9BalIy"
-        + "bUFidlNNNVg1b1NaTnJtZXRkenlUajJmbENNOENDN01MYWIwa2tkbmdSSWxV"
-        + "QkdIRjEvUzVubVBiDQpLKzlBNDZzZDMzb3FLOG44DQotLS0tLUVORCBDRVJU"
-        + "SUZJQ0FURS0tLS0tDQo=");
-
-    private byte[] schefer = Base64.decode(
-          "MIIEnDCCBAWgAwIBAgICIPAwDQYJKoZIhvcNAQEEBQAwgcAxCzAJBgNVBAYT"
-        + "AkRFMQ8wDQYDVQQIEwZIRVNTRU4xGDAWBgNVBAcTDzY1MDA4IFdpZXNiYWRl"
-        + "bjEaMBgGA1UEChMRU0NIVUZBIEhPTERJTkcgQUcxGjAYBgNVBAsTEVNDSFVG"
-        + "QSBIT0xESU5HIEFHMSIwIAYDVQQDExlJbnRlcm5ldCBCZW51dHplciBTZXJ2"
-        + "aWNlMSowKAYJKoZIhvcNAQkBFht6ZXJ0aWZpa2F0QHNjaHVmYS1vbmxpbmUu"
-        + "ZGUwHhcNMDQwMzMwMTEwODAzWhcNMDUwMzMwMTEwODAzWjCBnTELMAkGA1UE"
-        + "BhMCREUxCjAIBgNVBAcTASAxIzAhBgNVBAoTGlNIUyBJbmZvcm1hdGlvbnNz"
-        + "eXN0ZW1lIEFHMRwwGgYDVQQLExM2MDAvMDU5NDktNjAwLzA1OTQ5MRgwFgYD"
-        + "VQQDEw9TY2hldHRlciBTdGVmYW4xJTAjBgkqhkiG9w0BCQEWFlN0ZWZhbi5T"
-        + "Y2hldHRlckBzaHMuZGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJD0"
-        + "95Bi76fkAMjJNTGPDiLPHmZXNsmakngDeS0juzKMeJA+TjXFouhYh6QyE4Bl"
-        + "Nf18fT4mInlgLefwf4t6meIWbiseeTo7VQdM+YrbXERMx2uHsRcgZMsiMYHM"
-        + "kVfYMK3SMJ4nhCmZxrBkoTRed4gXzVA1AA8YjjTqMyyjvt4TAgMBAAGjggHE"
-        + "MIIBwDAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIEsDALBgNVHQ8EBAMC"
-        + "BNAwOQYJYIZIAYb4QgENBCwWKlplcnRpZmlrYXQgbnVyIGZ1ZXIgU0NIVUZB"
-        + "LU9ubGluZSBndWVsdGlnLjAdBgNVHQ4EFgQUXReirhBfg0Yhf6MsBWoo/nPa"
-        + "hGwwge0GA1UdIwSB5TCB4oAUf2UyCaBV9JUeG9lS1Yo6OFBUdEKhgcakgcMw"
-        + "gcAxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZIRVNTRU4xGDAWBgNVBAcTDzY1"
-        + "MDA4IFdpZXNiYWRlbjEaMBgGA1UEChMRU0NIVUZBIEhPTERJTkcgQUcxGjAY"
-        + "BgNVBAsTEVNDSFVGQSBIT0xESU5HIEFHMSIwIAYDVQQDExlJbnRlcm5ldCBC"
-        + "ZW51dHplciBTZXJ2aWNlMSowKAYJKoZIhvcNAQkBFht6ZXJ0aWZpa2F0QHNj"
-        + "aHVmYS1vbmxpbmUuZGWCAQAwIQYDVR0RBBowGIEWU3RlZmFuLlNjaGV0dGVy"
-        + "QHNocy5kZTAmBgNVHRIEHzAdgRt6ZXJ0aWZpa2F0QHNjaHVmYS1vbmxpbmUu"
-        + "ZGUwDQYJKoZIhvcNAQEEBQADgYEAWzZtN9XQ9uyrFXqSy3hViYwV751+XZr0"
-        + "YH5IFhIS+9ixNAu8orP3bxqTaMhpwoU7T/oSsyGGSkb3fhzclgUADbA2lrOI"
-        + "GkeB/m+FArTwRbwpqhCNTwZywOp0eDosgPjCX1t53BB/m/2EYkRiYdDGsot0"
-        + "kQPOVGSjQSQ4+/D+TM8=");
-
-    // circular dependency certificates
-    private static final byte[] circCA = Base64.decode(
-        "MIIDTzCCAjegAwIBAgIDARAAMA0GCSqGSIb3DQEBBQUAMDkxCzAJBgNVBAYT"
-      + "AkZSMRAwDgYDVQQKEwdHSVAtQ1BTMRgwFgYDVQQLEw9HSVAtQ1BTIEFOT05Z"
-      + "TUUwHhcNMDQxMDExMDAwMDAxWhcNMTQxMjMxMjM1OTU5WjA5MQswCQYDVQQG"
-      + "EwJGUjEQMA4GA1UEChMHR0lQLUNQUzEYMBYGA1UECxMPR0lQLUNQUyBBTk9O"
-      + "WU1FMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WyWDwcM58aU"
-      + "hPX4ueI1mwETt3WdQtMfIdRiCXeBrjCkYCc7nIgCmGbnfTzXSplHRgKColWh"
-      + "q/Z+1rHYayje1gjAEU2+4/r1P2pnBmPgquDuguktCIbDtCcGZu0ylyKeHh37"
-      + "aeIKzkcmRSLRzvGf/eO3RdFksrvaPaSjqCVfGRXVDKK2uftE8rIFJE+bCqow"
-      + "6+WiaAaDDiJaSJPuu5hC1NA5jw0/BFodlCuAvl1GJ8A+TICkYWcSpKS9bkSC"
-      + "0i8xdGbSSk94shA1PdDvRdFMfFys8g4aupBXV8yqqEAUkBYmOtZSJckc3W4y"
-      + "2Gx53y7vY07Xh63mcgtJs2T82WJICwIDAQABo2AwXjAdBgNVHQ4EFgQU8c/P"
-      + "NNJaL0srd9SwHwgtvwPB/3cwDgYDVR0PAQH/BAQDAgIEMBkGA1UdIAQSMBAw"
-      + "DgYMKoF6AUcDBwgAAAABMBIGA1UdEwEB/wQIMAYBAf8CAQEwDQYJKoZIhvcN"
-      + "AQEFBQADggEBAHRjYDPJKlfUzID0YzajZpgR/i2ngJrJqYeaWCmwzBgNUPad"
-      + "uBKSGHmPVg21sfULMSnirnR+e90i/D0EVzLwQzcbjPDD/85rp9QDCeMxqqPe"
-      + "9ZCHGs2BpE/HOQMP0QfQ3/Kpk7SvOH/ZcpIf6+uE6lLBQYAGs5cxvtTGOzZk"
-      + "jCVFG+TrAnF4V5sNkn3maCWiYLmyqcnxtKEFSONy2bYqqudx/dBBlRrDbRfZ"
-      + "9XsCBdiXAHY1hFHldbfDs8rslmkXJi3fJC028HZYB6oiBX/JE7BbMk7bRnUf"
-      + "HSpP7Sjxeso2SY7Yit+hQDVAlqTDGmh6kLt/hQMpsOMry4vgBL6XHKw=");
-
-    private static final byte[] circCRLCA = Base64.decode(
-       "MIIDXDCCAkSgAwIBAgIDASAAMA0GCSqGSIb3DQEBBQUAMDkxCzAJBgNVBAYT"
-     + "AkZSMRAwDgYDVQQKEwdHSVAtQ1BTMRgwFgYDVQQLEw9HSVAtQ1BTIEFOT05Z"
-     + "TUUwHhcNMDQxMDExMDAwMDAxWhcNMTQxMjMxMjM1OTU5WjA5MQswCQYDVQQG"
-     + "EwJGUjEQMA4GA1UEChMHR0lQLUNQUzEYMBYGA1UECxMPR0lQLUNQUyBBTk9O"
-     + "WU1FMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfEcFK0g7Kfo"
-     + "o5f2IBF7VEd/AG+RVGSds0Yg+u2kNYu4k04HR/+tOdBQtJvyr4W5jrQKsC5X"
-     + "skeFWMyWaFKzAjZDWB52HWp/kiMivGcxnYDuYf5piukSC+d2+vL8YaAphDzV"
-     + "HPnxEKqoM/J66uUussDTqfcL3JC/Bc7kBwn4srrsZOsamMWTQQtEqVQxNN7A"
-     + "ROSRsdiTt3hMOKditc9/NBNmjZWxgc7Twr/SaZ8CfN5wf2wuOl23knWL0QsJ"
-     + "0lSMBSBTzTcfAke4/jIT7d4nVMp3t7dsna8rt56pFK4wpRFGuCt+1P5gi51x"
-     + "xVSdI+JoNXv6zGO4o8YVaRpC5rQeGQIDAQABo20wazAfBgNVHSMEGDAWgBTx"
-     + "z8800lovSyt31LAfCC2/A8H/dzAdBgNVHQ4EFgQUGa3SbBrJx/wa2MQwhWPl"
-     + "dwLw1+IwDgYDVR0PAQH/BAQDAgECMBkGA1UdIAQSMBAwDgYMKoF6AUcDBwgA"
-     + "AAABMA0GCSqGSIb3DQEBBQUAA4IBAQAPDpYe2WPYnXTLsXSIUREBNMLmg+/7"
-     + "4Yhq9uOm5Hb5LVkDuHoEHGfmpXXEvucx5Ehu69hw+F4YSrd9wPjOiG8G6GXi"
-     + "RcrK8nE8XDvvV+E1HpJ7NKN4fSAoSb+0gliiq3aF15bvXP8nfespdd/x1xWQ"
-     + "mpYCx/mJeuqONQv2/D/7hfRKYoDBaAkWGodenPFPVs6FxwnEuH2R+KWCUdA9"
-     + "L04v8JBeL3kZiALkU7+DCCm7A0imUAgeeArbAbfIPu6eDygm+XndZ9qi7o4O"
-     + "AntPxrqbeXFIbDrQ4GV1kpxnW+XpSGDd96SWKe715gxkkDBppR5IKYJwRb6O"
-     + "1TRQIf2F+muQ");
-
-    private static final byte[] circCRL = Base64.decode(
-        "MIIB1DCBvQIBATANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGUjEQMA4G"
-      + "A1UEChMHR0lQLUNQUzEYMBYGA1UECxMPR0lQLUNQUyBBTk9OWU1FFw0xMDAx"
-      + "MDcwMzAwMTVaFw0xMDAxMTMwMzAwMTVaMACgTjBMMB8GA1UdIwQYMBaAFBmt"
-      + "0mwaycf8GtjEMIVj5XcC8NfiMAsGA1UdFAQEAgILgzAcBgNVHRIEFTATgRFh"
-      + "Yy1naXBAZ2lwLWNwcy5mcjANBgkqhkiG9w0BAQUFAAOCAQEAtF1DdFl1MQvf"
-      + "vNkbrCPuppNYcHen4+za/ZDepKuwHsH/OpKuaDJc4LndRgd5IwzfpCHkQGzt"
-      + "shK50bakN8oaYJgthKIOIJzR+fn6NMjftfR2a27Hdk2o3eQXRHQ360qMbpSy"
-      + "qPb3WfuBhxO2/DlLChJP+OxZIHtT/rNYgE0tlIv7swYi81Gq+DafzaZ9+A5t"
-      + "I0L2Gp/NUDsp5dF6PllAGiXQzl27qkcu+r50w+u0gul3nobXgbwPcMSYuWUz"
-      + "1lhA+uDn/EUWV4RSiJciCGSS10WCkFh1/YPo++mV15KDB0m+8chscrSu/bAl"
-      + "B19LxL/pCX3qr5iLE9ss3olVImyFZg==");
-
-//    private void checkCircProcessing()
-//        throws Exception
-//    {
-//        CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
-//
-//        X509Certificate caCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(circCA));
-//        X509Certificate crlCaCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(circCRLCA));
-//        X509CRL crl = (X509CRL)cf.generateCRL(new ByteArrayInputStream(circCRL));
-//
-//        List list = new ArrayList();
-//
-//        list.add(caCert);
-//        list.add(crlCaCert);
-//        list.add(crl);
-//
-//        CertStoreParameters ccsp = new CollectionCertStoreParameters(list);
-//        CertStore store = CertStore.getInstance("Collection", ccsp);
-//
-//        Calendar validDate = Calendar.getInstance();
-//        validDate.set(2010,0,8,2,21,10);
-//
-//            //validating path
-//        List certchain = new ArrayList();
-//
-//        certchain.add(crlCaCert);
-//        CertPath cp = CertificateFactory.getInstance("X.509","BC").generateCertPath(certchain);
-//
-//        Set trust = new HashSet();
-//        trust.add(new TrustAnchor(caCert, null));
-//
-//        CertPathValidator cpv = CertPathValidator.getInstance("PKIX","BC");
-//        //PKIXParameters param = new PKIXParameters(trust);
-//
-//        PKIXBuilderParameters param = new PKIXBuilderParameters(trust, null);
-//        X509CertSelector certSelector = new X509CertSelector();
-//        certSelector.setCertificate(crlCaCert);
-//        param.setTargetCertConstraints(certSelector);
-//        param.addCertStore(store);
-//        param.setRevocationEnabled(true);
-//        param.setDate(validDate.getTime());
-//
-//        PKIXCertPathValidatorResult result = (PKIXCertPathValidatorResult)cpv.validate(cp, param);
-//    }
-
-    private void basicConstraintsTest()
-        throws Exception
-    {
-        byte[] cert = Base64.decode("MIIDRzCCAi+gAwIBAgIBATANBgkqhkiG9w0BAQsFADBFMQswCQYDVQQGEwJVUzEfMB0GA1UEChMWVGVzdCBDZXJ0aWZpY2F0ZXMgMjAxMTEVMBMGA1UEAxMMVHJ1c3QgQW5jaG9yMB4XDTEwMDEwMTA4MzAwMFoXDTMwMTIzMTA4MzAwMFowRTELMAkGA1UEBhMCVVMxHzAdBgNVBAoTFlRlc3QgQ2VydGlmaWNhdGVzIDIwMTExFTATBgNVBAMTDFRydXN0IEFuY2hvcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALmZUYkRR+DNRbmEJ4ITAhbNRDmqrNsJw97iLE7bpFeflDUoNcJrZPZbC208bG+g5M0ATzV0vOqg88Ds1/FjFDK1oPItqsiDImJIq0xb/et5w72WNPxHVrcsr7Ap6DHfdwLpNMncqtzX92hU/iGVHLE/w/OCWwAIIbTHaxdrGMUG7DkJJ6iI7mzqpcyPvyAAo9O3SHjJr+uw5vSrHRretnV2un0bohvGslN64MY/UIiRnPFwd2gD76byDzoM1ioyLRCllfBJ5sRDz9xrUHNigTAUdlblb6yrnNtNJmkrROYvkh6sLETUh9EYh0Ar+94fZVXfGVi57Sw7x1jyANTlA40CAwEAAaNCMEAwHQYDVR0OBBYEFOR9X9FclYYILAWuvnW2ZafZXahmMA4GA1UdDwEB/wQEAwIBBjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUAA4IBAQCYoa9uR55KJTkpwyPihIgXHq7/Z8dx3qZlCJQwE5qQBZXIsf5eC8Va/QjnTHOC4Gt4MwpnqqmoDqyqSW8pBVQgAUFAXqO91nLCQb4+/yfjiiNjzprpxQlcqIZYjJSVtckH1IDWFLFeuGW+OgPPEFgN4hjU5YFIsE2r1i4+ixkeuorxxsK1D/jYbVwQMXLqn1pjJttOPJwuA8+ho1f2c8FrKlqjHgOwxuHhsiGN6MKgs1baalpR/lnNFCIpq+/+3cnhufDjvxMy5lg+cwgMCiGzCxn4n4dBMw41C+4KhNF7ZtKuKSZ1eczztXD9NUkGUGw3LzpLDJazz3JhlZ/9pXzF");
-
-        new BasicConstraintsValidation(true).validate(new CertPathValidationContext(new HashSet()), new X509CertificateHolder(cert));
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        basicConstraintsTest();
-
-            // initialise CertStore
-        X509CertificateHolder rootCert = new X509CertificateHolder(CertPathTest.rootCertBin);
-        X509CertificateHolder interCert = new X509CertificateHolder(CertPathTest.interCertBin);
-        X509CertificateHolder finalCert = new X509CertificateHolder(CertPathTest.finalCertBin);
-        X509CRLHolder rootCrl = new X509CRLHolder(CertPathTest.rootCrlBin);
-        X509CRLHolder interCrl =  new X509CRLHolder(CertPathTest.interCrlBin);
-
-        CertPath path = new CertPath(new X509CertificateHolder[] { finalCert, interCert });
-        X509ContentVerifierProviderBuilder verifier = new JcaX509ContentVerifierProviderBuilder().setProvider(BouncyCastleProvider.PROVIDER_NAME);
-
-        CertPathValidationResult result = path.validate(new CertPathValidation[]{new ParentCertIssuedValidation(verifier), new BasicConstraintsValidation(), new KeyUsageValidation()});
-
-        if (!result.isValid())
-        {
-            fail("basic validation (1) not working");
-        }
-
-        result = path.evaluate(new CertPathValidation[]{new ParentCertIssuedValidation(verifier), new BasicConstraintsValidation(), new KeyUsageValidation()});
-
-        if (!result.isValid())
-        {
-            fail("basic evaluation (1) not working");
-        }
-
-        List crlList = new ArrayList();
-
-        crlList.add(rootCrl);
-        crlList.add(interCrl);
-
-        Store crls = new CollectionStore(crlList);
-
-        result = path.validate(new CertPathValidation[]{new ParentCertIssuedValidation(verifier), new BasicConstraintsValidation(), new KeyUsageValidation(), new CRLValidation(rootCert.getSubject(), crls)});
-
-        if (!result.isValid())
-        {
-            fail("basic validation (2) not working");
-        }
-
-        result = path.validate(new CertPathValidation[]{new ParentCertIssuedValidation(verifier), new KeyUsageValidation(), new CRLValidation(rootCert.getSubject(), crls)});
-
-        if (result.isValid() || result.getUnhandledCriticalExtensionOIDs().size() != 1
-            || !result.getUnhandledCriticalExtensionOIDs().contains(Extension.basicConstraints))
-        {
-            fail("basic validation (3) not working");
-        }
-
-        result = path.validate(new CertPathValidation[]{new ParentCertIssuedValidation(verifier), new CRLValidation(rootCert.getSubject(), crls)});
-
-        if (result.isValid() || result.getUnhandledCriticalExtensionOIDs().size() != 2
-            || !result.getUnhandledCriticalExtensionOIDs().contains(Extension.basicConstraints)
-            || !result.getUnhandledCriticalExtensionOIDs().contains(Extension.keyUsage))
-        {
-            fail("basic validation (4) not working");
-        }
-
-        path = new CertPath(new X509CertificateHolder[] { interCert, finalCert });
-
-        result = path.validate(new CertPathValidation[]{new ParentCertIssuedValidation(verifier)});
-
-        if (result.isValid())
-        {
-            fail("incorrect path validated!!");
-        }
-
-        result = path.evaluate(new CertPathValidation[]{new ParentCertIssuedValidation(verifier)});
-
-        if (result.isValid())
-        {
-            fail("incorrect path validated!!");
-        }
-
-        isTrue(result.isDetailed());
-        
-//        List list = new ArrayList();
-//        list.add(rootCert);
-//        list.add(interCert);
-//        list.add(finalCert);
-//        list.add(rootCrl);
-//        list.add(interCrl);
-//        CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
-//        CertStore store = CertStore.getInstance("Collection", ccsp, "BC");
-//        Calendar validDate = Calendar.getInstance();
-//        validDate.set(2008,8,4,14,49,10);
-//            //validating path
-//        List certchain = new ArrayList();
-//        certchain.add(finalCert);
-//        certchain.add(interCert);
-//        CertPath cp = CertificateFactory.getInstance("X.509","BC").generateCertPath(certchain);
-//        Set trust = new HashSet();
-//        trust.add(new TrustAnchor(rootCert, null));
-//
-//        CertPathValidator cpv = CertPathValidator.getInstance("PKIX","BC");
-//        PKIXParameters param = new PKIXParameters(trust);
-//        param.addCertStore(store);
-//        param.setDate(validDate.getTime());
-//        MyChecker checker = new MyChecker();
-//        param.addCertPathChecker(checker);
-//
-//        PKIXCertPathValidatorResult result =
-//            (PKIXCertPathValidatorResult) cpv.validate(cp, param);
-//        PolicyNode policyTree = result.getPolicyTree();
-//        PublicKey subjectPublicKey = result.getPublicKey();
-//
-//        if (checker.getCount() != 2)
-//        {
-//            fail("checker not evaluated for each certificate");
-//        }
-//
-//        if (!subjectPublicKey.equals(finalCert.getPublicKey()))
-//        {
-//            fail("wrong public key returned");
-//        }
-//
-//        //
-//        // invalid path containing a valid one test
-//        //
-//        try
-//        {
-//                // initialise CertStore
-//            rootCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(AC_RAIZ_ICPBRASIL));
-//            interCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(AC_PR));
-//            finalCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(schefer));
-//
-//            list = new ArrayList();
-//            list.add(rootCert);
-//            list.add(interCert);
-//            list.add(finalCert);
-//
-//            ccsp = new CollectionCertStoreParameters(list);
-//            store = CertStore.getInstance("Collection", ccsp);
-//            validDate = Calendar.getInstance();
-//            validDate.set(2004,2,21,2,21,10);
-//
-//                //validating path
-//            certchain = new ArrayList();
-//            certchain.add(finalCert);
-//            certchain.add(interCert);
-//            cp = CertificateFactory.getInstance("X.509","BC").generateCertPath(certchain);
-//            trust = new HashSet();
-//            trust.add(new TrustAnchor(rootCert, null));
-//
-//            cpv = CertPathValidator.getInstance("PKIX","BC");
-//            param = new PKIXParameters(trust);
-//            param.addCertStore(store);
-//            param.setRevocationEnabled(false);
-//            param.setDate(validDate.getTime());
-//
-//            result =(PKIXCertPathValidatorResult) cpv.validate(cp, param);
-//            policyTree = result.getPolicyTree();
-//            subjectPublicKey = result.getPublicKey();
-//
-//            fail("Invalid path validated");
-//        }
-//        catch (Exception e)
-//        {
-//            if (!(e instanceof CertPathValidatorException
-//                && e.getMessage().startsWith("Could not validate certificate signature.")))
-//            {
-//                fail("unexpected exception", e);
-//            }
-//        }
-//
-//        checkCircProcessing();
-    }
-
-    public String getName()
-    {
-        return "CertPathValidator";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new CertPathValidationTest());
-    }
-}
-

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/path/validations/BasicConstraintsValidation.java b/bcpkix/src/main/java/org/bouncycastle/cert/path/validations/BasicConstraintsValidation.java
deleted file mode 100644
index bf67a82..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/path/validations/BasicConstraintsValidation.java
+++ /dev/null

@@ -1,109 +0,0 @@
-package org.bouncycastle.cert.path.validations;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.x509.BasicConstraints;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.path.CertPathValidation;
-import org.bouncycastle.cert.path.CertPathValidationContext;
-import org.bouncycastle.cert.path.CertPathValidationException;
-import org.bouncycastle.util.Memoable;
-
-public class BasicConstraintsValidation
-    implements CertPathValidation
-{
-    private boolean          isMandatory;
-    private BasicConstraints bc;
-    private int pathLengthRemaining;
-    private BigInteger maxPathLength;
-
-    public BasicConstraintsValidation()
-    {
-        this(true);
-    }
-
-    public BasicConstraintsValidation(boolean isMandatory)
-    {
-        this.isMandatory = isMandatory;
-    }
-
-    public void validate(CertPathValidationContext context, X509CertificateHolder certificate)
-        throws CertPathValidationException
-    {
-        if (maxPathLength != null && pathLengthRemaining < 0)
-        {
-            throw new CertPathValidationException("BasicConstraints path length exceeded");
-        }
-
-        context.addHandledExtension(Extension.basicConstraints);
-
-        BasicConstraints certBC = BasicConstraints.fromExtensions(certificate.getExtensions());
-
-        if (certBC != null)
-        {
-            if (bc != null)
-            {
-                if (certBC.isCA())
-                {
-                    BigInteger pathLengthConstraint = certBC.getPathLenConstraint();
-
-                    if (pathLengthConstraint != null)
-                    {
-                        int plc = pathLengthConstraint.intValue();
-
-                        if (plc < pathLengthRemaining)
-                        {
-                            pathLengthRemaining = plc;
-                            bc = certBC;
-                        }
-                    }
-                }
-            }
-            else
-            {
-                bc = certBC;
-                if (certBC.isCA())
-                {
-                    maxPathLength = certBC.getPathLenConstraint();
-
-                    if (maxPathLength != null)
-                    {
-                        pathLengthRemaining = maxPathLength.intValue();
-                    }
-                }
-            }
-        }
-        else
-        {
-            if (bc != null)
-            {
-                pathLengthRemaining--;
-            }
-        }
-
-        if (isMandatory && bc == null)
-        {
-            throw new CertPathValidationException("BasicConstraints not present in path");
-        }
-    }
-
-    public Memoable copy()
-    {
-        BasicConstraintsValidation v = new BasicConstraintsValidation(isMandatory);
-
-        v.bc = this.bc;
-        v.pathLengthRemaining = this.pathLengthRemaining;
-
-        return v;
-    }
-
-    public void reset(Memoable other)
-    {
-        BasicConstraintsValidation v = (BasicConstraintsValidation)other;
-
-        this.isMandatory = v.isMandatory;
-        this.bc = v.bc;
-        this.pathLengthRemaining = v.pathLengthRemaining;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/path/validations/CRLValidation.java b/bcpkix/src/main/java/org/bouncycastle/cert/path/validations/CRLValidation.java
deleted file mode 100644
index c44b7c0..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/path/validations/CRLValidation.java
+++ /dev/null

@@ -1,78 +0,0 @@
-package org.bouncycastle.cert.path.validations;
-
-import java.util.Collection;
-import java.util.Iterator;
-
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.cert.X509CRLHolder;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.path.CertPathValidation;
-import org.bouncycastle.cert.path.CertPathValidationContext;
-import org.bouncycastle.cert.path.CertPathValidationException;
-import org.bouncycastle.util.Memoable;
-import org.bouncycastle.util.Selector;
-import org.bouncycastle.util.Store;
-
-public class CRLValidation
-    implements CertPathValidation
-{
-    private Store crls;
-    private X500Name workingIssuerName;
-
-    public CRLValidation(X500Name trustAnchorName, Store crls)
-    {
-        this.workingIssuerName = trustAnchorName;
-        this.crls = crls;
-    }
-
-    public void validate(CertPathValidationContext context, X509CertificateHolder certificate)
-        throws CertPathValidationException
-    {
-        // TODO: add handling of delta CRLs
-        Collection matches = crls.getMatches(new Selector()
-        {
-            public boolean match(Object obj)
-            {
-                X509CRLHolder crl = (X509CRLHolder)obj;
-
-                return (crl.getIssuer().equals(workingIssuerName));
-            }
-
-            public Object clone()
-            {
-                return this;
-            }
-        });
-
-        if (matches.isEmpty())
-        {
-            throw new CertPathValidationException("CRL for " + workingIssuerName + " not found");
-        }
-
-        for (Iterator it = matches.iterator(); it.hasNext();)
-        {
-            X509CRLHolder crl = (X509CRLHolder)it.next();
-
-            // TODO: not quite right!
-            if (crl.getRevokedCertificate(certificate.getSerialNumber()) != null)
-            {
-                throw new CertPathValidationException("Certificate revoked");
-            }
-        }
-
-        this.workingIssuerName = certificate.getSubject();
-    }
-
-    public Memoable copy()
-    {
-        return new CRLValidation(workingIssuerName, crls);
-    }
-
-    public void reset(Memoable other)
-    {
-        CRLValidation v = (CRLValidation)other;
-
-        this.workingIssuerName = v.workingIssuerName;
-        this.crls = v.crls;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/path/validations/CertificatePoliciesValidation.java b/bcpkix/src/main/java/org/bouncycastle/cert/path/validations/CertificatePoliciesValidation.java
deleted file mode 100644
index ebaf989..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/path/validations/CertificatePoliciesValidation.java
+++ /dev/null

@@ -1,146 +0,0 @@
-package org.bouncycastle.cert.path.validations;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.PolicyConstraints;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.path.CertPathValidation;
-import org.bouncycastle.cert.path.CertPathValidationContext;
-import org.bouncycastle.cert.path.CertPathValidationException;
-import org.bouncycastle.util.Memoable;
-
-public class CertificatePoliciesValidation
-    implements CertPathValidation
-{
-    private int              explicitPolicy;
-    private int              policyMapping;
-    private int              inhibitAnyPolicy;
-
-    CertificatePoliciesValidation(int pathLength)
-    {
-        this(pathLength, false, false, false);
-    }
-
-    CertificatePoliciesValidation(int pathLength, boolean isExplicitPolicyRequired, boolean isAnyPolicyInhibited, boolean isPolicyMappingInhibited)
-    {
-        //
-        // (d)
-        //
-
-        if (isExplicitPolicyRequired)
-        {
-            explicitPolicy = 0;
-        }
-        else
-        {
-            explicitPolicy = pathLength + 1;
-        }
-
-        //
-        // (e)
-        //
-        if (isAnyPolicyInhibited)
-        {
-            inhibitAnyPolicy = 0;
-        }
-        else
-        {
-            inhibitAnyPolicy = pathLength + 1;
-        }
-
-        //
-        // (f)
-        //
-        if (isPolicyMappingInhibited)
-        {
-            policyMapping = 0;
-        }
-        else
-        {
-            policyMapping = pathLength + 1;
-        }
-    }
-
-    public void validate(CertPathValidationContext context, X509CertificateHolder certificate)
-        throws CertPathValidationException
-    {
-        context.addHandledExtension(Extension.policyConstraints);
-        context.addHandledExtension(Extension.inhibitAnyPolicy);
-
-        if (!context.isEndEntity())
-        {
-            if (!ValidationUtils.isSelfIssued(certificate))
-            {
-                 //
-                // H (1), (2), (3)
-                //
-                explicitPolicy = countDown(explicitPolicy);
-                policyMapping = countDown(policyMapping);
-                inhibitAnyPolicy = countDown(inhibitAnyPolicy);
-
-                //
-                // I (1), (2)
-                //
-                PolicyConstraints policyConstraints = PolicyConstraints.fromExtensions(certificate.getExtensions());
-
-                if (policyConstraints != null)
-                {
-                    BigInteger requireExplicitPolicyMapping = policyConstraints.getRequireExplicitPolicyMapping();
-                    if (requireExplicitPolicyMapping != null)
-                    {
-                        if (requireExplicitPolicyMapping.intValue() < explicitPolicy)
-                        {
-                            explicitPolicy = requireExplicitPolicyMapping.intValue();
-                        }
-                    }
-
-                    BigInteger inhibitPolicyMapping = policyConstraints.getInhibitPolicyMapping();
-                    if (inhibitPolicyMapping != null)
-                    {
-                        if (inhibitPolicyMapping.intValue() < policyMapping)
-                        {
-                            policyMapping = inhibitPolicyMapping.intValue();
-                        }
-                    }
-                }
-
-                //
-                // J
-                //
-                Extension ext = certificate.getExtension(Extension.inhibitAnyPolicy);
-
-                if (ext != null)
-                {
-                    int extValue = ASN1Integer.getInstance(ext.getParsedValue()).getValue().intValue();
-
-                    if (extValue < inhibitAnyPolicy)
-                    {
-                        inhibitAnyPolicy = extValue;
-                    }
-                }
-            }
-        }
-    }
-
-    private int countDown(int policyCounter)
-    {
-        if (policyCounter != 0)
-        {
-            return policyCounter - 1;
-        }
-
-        return 0;
-    }
-
-    public Memoable copy()
-    {
-        return new CertificatePoliciesValidation(0);    // TODO:
-    }
-
-    public void reset(Memoable other)
-    {
-        CertificatePoliciesValidation v = (CertificatePoliciesValidation)other;      // TODO:
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/path/validations/CertificatePoliciesValidationBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/path/validations/CertificatePoliciesValidationBuilder.java
deleted file mode 100644
index 74b622e..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/path/validations/CertificatePoliciesValidationBuilder.java
+++ /dev/null

@@ -1,35 +0,0 @@
-package org.bouncycastle.cert.path.validations;
-
-import org.bouncycastle.cert.path.CertPath;
-
-public class CertificatePoliciesValidationBuilder
-{
-    private boolean isExplicitPolicyRequired;
-    private boolean isAnyPolicyInhibited;
-    private boolean isPolicyMappingInhibited;
-
-    public void setAnyPolicyInhibited(boolean anyPolicyInhibited)
-    {
-        isAnyPolicyInhibited = anyPolicyInhibited;
-    }
-
-    public void setExplicitPolicyRequired(boolean explicitPolicyRequired)
-    {
-        isExplicitPolicyRequired = explicitPolicyRequired;
-    }
-
-    public void setPolicyMappingInhibited(boolean policyMappingInhibited)
-    {
-        isPolicyMappingInhibited = policyMappingInhibited;
-    }
-
-    public CertificatePoliciesValidation build(int pathLen)
-    {
-        return new CertificatePoliciesValidation(pathLen, isExplicitPolicyRequired, isAnyPolicyInhibited, isPolicyMappingInhibited);
-    }
-
-    public CertificatePoliciesValidation build(CertPath path)
-    {
-        return build(path.length());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/path/validations/KeyUsageValidation.java b/bcpkix/src/main/java/org/bouncycastle/cert/path/validations/KeyUsageValidation.java
deleted file mode 100644
index 5d9adc8..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/path/validations/KeyUsageValidation.java
+++ /dev/null

@@ -1,63 +0,0 @@
-package org.bouncycastle.cert.path.validations;
-
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.KeyUsage;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.path.CertPathValidation;
-import org.bouncycastle.cert.path.CertPathValidationContext;
-import org.bouncycastle.cert.path.CertPathValidationException;
-import org.bouncycastle.util.Memoable;
-
-public class KeyUsageValidation
-    implements CertPathValidation
-{
-    private boolean          isMandatory;
-
-    public KeyUsageValidation()
-    {
-        this(true);
-    }
-
-    public KeyUsageValidation(boolean isMandatory)
-    {
-        this.isMandatory = isMandatory;
-    }
-
-    public void validate(CertPathValidationContext context, X509CertificateHolder certificate)
-        throws CertPathValidationException
-    {
-        context.addHandledExtension(Extension.keyUsage);
-
-        if (!context.isEndEntity())
-        {
-            KeyUsage usage = KeyUsage.fromExtensions(certificate.getExtensions());
-
-            if (usage != null)
-            {
-                if (!usage.hasUsages(KeyUsage.keyCertSign))
-                {
-                    throw new CertPathValidationException("Issuer certificate KeyUsage extension does not permit key signing");
-                }
-            }
-            else
-            {
-                if (isMandatory)
-                {
-                    throw new CertPathValidationException("KeyUsage extension not present in CA certificate");
-                }
-            }
-        }
-    }
-
-    public Memoable copy()
-    {
-        return new KeyUsageValidation(isMandatory);
-    }
-
-    public void reset(Memoable other)
-    {
-        KeyUsageValidation v = (KeyUsageValidation)other;
-
-        this.isMandatory = v.isMandatory;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/path/validations/ParentCertIssuedValidation.java b/bcpkix/src/main/java/org/bouncycastle/cert/path/validations/ParentCertIssuedValidation.java
deleted file mode 100644
index a21ad1c..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/path/validations/ParentCertIssuedValidation.java
+++ /dev/null

@@ -1,127 +0,0 @@
-package org.bouncycastle.cert.path.validations;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Null;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.cert.CertException;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.X509ContentVerifierProviderBuilder;
-import org.bouncycastle.cert.path.CertPathValidation;
-import org.bouncycastle.cert.path.CertPathValidationContext;
-import org.bouncycastle.cert.path.CertPathValidationException;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.util.Memoable;
-
-public class ParentCertIssuedValidation
-    implements CertPathValidation
-{
-    private X509ContentVerifierProviderBuilder contentVerifierProvider;
-
-    private X500Name workingIssuerName;
-    private SubjectPublicKeyInfo workingPublicKey;
-    private AlgorithmIdentifier workingAlgId;
-
-    public ParentCertIssuedValidation(X509ContentVerifierProviderBuilder contentVerifierProvider)
-    {
-        this.contentVerifierProvider = contentVerifierProvider;
-    }
-
-    public void validate(CertPathValidationContext context, X509CertificateHolder certificate)
-        throws CertPathValidationException
-    {
-        if (workingIssuerName != null)
-        {
-           if (!workingIssuerName.equals(certificate.getIssuer()))
-           {
-               throw new CertPathValidationException("Certificate issue does not match parent");
-           }
-        }
-
-        if (workingPublicKey != null)
-        {
-            try
-            {
-                SubjectPublicKeyInfo validatingKeyInfo;
-
-                if (workingPublicKey.getAlgorithm().equals(workingAlgId))
-                {
-                    validatingKeyInfo = workingPublicKey;
-                }
-                else
-                {
-                    validatingKeyInfo = new SubjectPublicKeyInfo(workingAlgId, workingPublicKey.parsePublicKey());
-                }
-
-                if (!certificate.isSignatureValid(contentVerifierProvider.build(validatingKeyInfo)))
-                {
-                    throw new CertPathValidationException("Certificate signature not for public key in parent");
-                }
-            }
-            catch (OperatorCreationException e)
-            {
-                throw new CertPathValidationException("Unable to create verifier: " + e.getMessage(), e);
-            }
-            catch (CertException e)
-            {
-                throw new CertPathValidationException("Unable to validate signature: " + e.getMessage(), e);
-            }
-            catch (IOException e)
-            {
-                throw new CertPathValidationException("Unable to build public key: " + e.getMessage(), e);
-            }
-        }
-
-        workingIssuerName = certificate.getSubject();
-        workingPublicKey = certificate.getSubjectPublicKeyInfo();
-
-        if (workingAlgId != null)
-        {
-            // check for inherited parameters
-            if (workingPublicKey.getAlgorithm().getAlgorithm().equals(workingAlgId.getAlgorithm()))
-            {
-                if (!isNull(workingPublicKey.getAlgorithm().getParameters()))
-                {
-                    workingAlgId = workingPublicKey.getAlgorithm();
-                }
-            }
-            else
-            {
-                workingAlgId = workingPublicKey.getAlgorithm();
-            }
-        }
-        else
-        {
-            workingAlgId = workingPublicKey.getAlgorithm();
-        }
-    }
-
-    private boolean isNull(ASN1Encodable obj)
-    {
-        return obj == null || obj instanceof ASN1Null;
-    }
-
-    public Memoable copy()
-    {
-        ParentCertIssuedValidation v = new ParentCertIssuedValidation(contentVerifierProvider);
-
-        v.workingAlgId = this.workingAlgId;
-        v.workingIssuerName = this.workingIssuerName;
-        v.workingPublicKey = this.workingPublicKey;
-
-        return v;
-    }
-
-    public void reset(Memoable other)
-    {
-        ParentCertIssuedValidation v = (ParentCertIssuedValidation)other;
-
-        this.contentVerifierProvider = v.contentVerifierProvider;
-        this.workingAlgId = v.workingAlgId;
-        this.workingIssuerName = v.workingIssuerName;
-        this.workingPublicKey = v.workingPublicKey;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/path/validations/ValidationUtils.java b/bcpkix/src/main/java/org/bouncycastle/cert/path/validations/ValidationUtils.java
deleted file mode 100644
index 2a58706..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/path/validations/ValidationUtils.java
+++ /dev/null

@@ -1,11 +0,0 @@
-package org.bouncycastle.cert.path.validations;
-
-import org.bouncycastle.cert.X509CertificateHolder;
-
-class ValidationUtils
-{
-    static boolean isSelfIssued(X509CertificateHolder cert)
-    {
-        return cert.getSubject().equals(cert.getIssuer());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/selector/X509AttributeCertificateHolderSelector.java b/bcpkix/src/main/java/org/bouncycastle/cert/selector/X509AttributeCertificateHolderSelector.java
deleted file mode 100644
index c325fba..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/selector/X509AttributeCertificateHolderSelector.java
+++ /dev/null

@@ -1,268 +0,0 @@
-package org.bouncycastle.cert.selector;
-
-import java.math.BigInteger;
-import java.util.Collection;
-import java.util.Date;
-
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.Target;
-import org.bouncycastle.asn1.x509.TargetInformation;
-import org.bouncycastle.asn1.x509.Targets;
-import org.bouncycastle.cert.AttributeCertificateHolder;
-import org.bouncycastle.cert.AttributeCertificateIssuer;
-import org.bouncycastle.cert.X509AttributeCertificateHolder;
-import org.bouncycastle.util.Selector;
-
-/**
- * This class is an <code>Selector</code> like implementation to select
- * attribute certificates from a given set of criteria.
- */
-public class X509AttributeCertificateHolderSelector
-    implements Selector
-{
-
-    // TODO: name constraints???
-
-    private final AttributeCertificateHolder holder;
-
-    private final AttributeCertificateIssuer issuer;
-
-    private final BigInteger serialNumber;
-
-    private final Date attributeCertificateValid;
-
-    private final X509AttributeCertificateHolder attributeCert;
-
-    private final Collection targetNames;
-
-    private final Collection targetGroups;
-
-    X509AttributeCertificateHolderSelector(
-        AttributeCertificateHolder holder,
-        AttributeCertificateIssuer issuer,
-        BigInteger serialNumber,
-        Date attributeCertificateValid,
-        X509AttributeCertificateHolder attributeCert,
-        Collection targetNames,
-        Collection targetGroups)
-    {
-        this.holder = holder;
-        this.issuer = issuer;
-        this.serialNumber = serialNumber;
-        this.attributeCertificateValid = attributeCertificateValid;
-        this.attributeCert = attributeCert;
-        this.targetNames = targetNames;
-        this.targetGroups = targetGroups;
-    }
-
-    /**
-     * Decides if the given attribute certificate should be selected.
-     *
-     * @param obj The X509AttributeCertificateHolder which should be checked.
-     * @return <code>true</code> if the attribute certificate is a match
-     *         <code>false</code> otherwise.
-     */
-    public boolean match(Object obj)
-    {
-        if (!(obj instanceof X509AttributeCertificateHolder))
-        {
-            return false;
-        }
-
-        X509AttributeCertificateHolder attrCert = (X509AttributeCertificateHolder)obj;
-
-        if (this.attributeCert != null)
-        {
-            if (!this.attributeCert.equals(attrCert))
-            {
-                return false;
-            }
-        }
-        if (serialNumber != null)
-        {
-            if (!attrCert.getSerialNumber().equals(serialNumber))
-            {
-                return false;
-            }
-        }
-        if (holder != null)
-        {
-            if (!attrCert.getHolder().equals(holder))
-            {
-                return false;
-            }
-        }
-        if (issuer != null)
-        {
-            if (!attrCert.getIssuer().equals(issuer))
-            {
-                return false;
-            }
-        }
-
-        if (attributeCertificateValid != null)
-        {
-            if (!attrCert.isValidOn(attributeCertificateValid))
-            {
-                return false;
-            }
-        }
-        if (!targetNames.isEmpty() || !targetGroups.isEmpty())
-        {
-            Extension targetInfoExt = attrCert.getExtension(Extension.targetInformation);
-            if (targetInfoExt != null)
-            {
-                TargetInformation targetinfo;
-                try
-                {
-                    targetinfo = TargetInformation.getInstance(targetInfoExt.getParsedValue());
-                }
-                catch (IllegalArgumentException e)
-                {
-                    return false;
-                }
-                Targets[] targetss = targetinfo.getTargetsObjects();
-                if (!targetNames.isEmpty())
-                {
-                    boolean found = false;
-
-                    for (int i=0; i<targetss.length; i++)
-                    {
-                        Targets t = targetss[i];
-                        Target[] targets = t.getTargets();
-                        for (int j=0; j<targets.length; j++)
-                        {
-                            if (targetNames.contains(GeneralName.getInstance(targets[j]
-                                                       .getTargetName())))
-                            {
-                                found = true;
-                                break;
-                            }
-                        }
-                    }
-                    if (!found)
-                    {
-                        return false;
-                    }
-                }
-                if (!targetGroups.isEmpty())
-                {
-                    boolean found = false;
-
-                    for (int i=0; i<targetss.length; i++)
-                    {
-                        Targets t = targetss[i];
-                        Target[] targets = t.getTargets();
-                        for (int j=0; j<targets.length; j++)
-                        {
-                            if (targetGroups.contains(GeneralName.getInstance(targets[j]
-                                                        .getTargetGroup())))
-                            {
-                                found = true;
-                                break;
-                            }
-                        }
-                    }
-                    if (!found)
-                    {
-                        return false;
-                    }
-                }
-            }
-        }
-        return true;
-    }
-
-    /**
-     * Returns a clone of this object.
-     *
-     * @return the clone.
-     */
-    public Object clone()
-    {
-        X509AttributeCertificateHolderSelector sel = new X509AttributeCertificateHolderSelector(
-            holder, issuer, serialNumber, attributeCertificateValid, attributeCert, targetNames, targetGroups);
-
-        return sel;
-    }
-
-    /**
-     * Returns the attribute certificate holder which must be matched.
-     *
-     * @return Returns an X509AttributeCertificateHolder
-     */
-    public X509AttributeCertificateHolder getAttributeCert()
-    {
-        return attributeCert;
-    }
-
-    /**
-     * Get the criteria for the validity.
-     *
-     * @return Returns the attributeCertificateValid.
-     */
-    public Date getAttributeCertificateValid()
-    {
-        if (attributeCertificateValid != null)
-        {
-            return new Date(attributeCertificateValid.getTime());
-        }
-
-        return null;
-    }
-
-    /**
-     * Gets the holder.
-     *
-     * @return Returns the holder.
-     */
-    public AttributeCertificateHolder getHolder()
-    {
-        return holder;
-    }
-
-    /**
-     * Returns the issuer criterion.
-     *
-     * @return Returns the issuer.
-     */
-    public AttributeCertificateIssuer getIssuer()
-    {
-        return issuer;
-    }
-
-    /**
-     * Gets the serial number the attribute certificate must have.
-     *
-     * @return Returns the serialNumber.
-     */
-    public BigInteger getSerialNumber()
-    {
-        return serialNumber;
-    }
-
-    /**
-     * Gets the target names. The collection consists of GeneralName objects.
-     * <p>
-     * The returned collection is immutable.
-     *
-     * @return The collection of target names
-     */
-    public Collection getTargetNames()
-    {
-        return targetNames;
-    }
-
-    /**
-     * Gets the target groups. The collection consists of GeneralName objects.
-     * <p>
-     * The returned collection is immutable.
-     *
-     * @return The collection of target groups.
-     */
-    public Collection getTargetGroups()
-    {
-        return targetGroups;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/selector/X509AttributeCertificateHolderSelectorBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cert/selector/X509AttributeCertificateHolderSelectorBuilder.java
deleted file mode 100644
index ee73302..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/selector/X509AttributeCertificateHolderSelectorBuilder.java
+++ /dev/null

@@ -1,194 +0,0 @@
-package org.bouncycastle.cert.selector;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.Date;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.Set;
-
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.cert.AttributeCertificateHolder;
-import org.bouncycastle.cert.AttributeCertificateIssuer;
-import org.bouncycastle.cert.X509AttributeCertificateHolder;
-
-/**
- * This class builds selectors according to the set criteria.
- */
-public class X509AttributeCertificateHolderSelectorBuilder
-{
-
-    // TODO: name constraints???
-
-    private AttributeCertificateHolder holder;
-
-    private AttributeCertificateIssuer issuer;
-
-    private BigInteger serialNumber;
-
-    private Date attributeCertificateValid;
-
-    private X509AttributeCertificateHolder attributeCert;
-
-    private Collection targetNames = new HashSet();
-
-    private Collection targetGroups = new HashSet();
-
-    public X509AttributeCertificateHolderSelectorBuilder()
-    {
-    }
-
-    /**
-     * Set the attribute certificate to be matched. If <code>null</code> is
-     * given any will do.
-     *
-     * @param attributeCert The attribute certificate holder to set.
-     */
-    public void setAttributeCert(X509AttributeCertificateHolder attributeCert)
-    {
-        this.attributeCert = attributeCert;
-    }
-
-    /**
-     * Set the time, when the certificate must be valid. If <code>null</code>
-     * is given any will do.
-     *
-     * @param attributeCertificateValid The attribute certificate validation
-     *            time to set.
-     */
-    public void setAttributeCertificateValid(Date attributeCertificateValid)
-    {
-        if (attributeCertificateValid != null)
-        {
-            this.attributeCertificateValid = new Date(attributeCertificateValid
-                .getTime());
-        }
-        else
-        {
-            this.attributeCertificateValid = null;
-        }
-    }
-
-    /**
-     * Sets the holder. If <code>null</code> is given any will do.
-     *
-     * @param holder The holder to set.
-     */
-    public void setHolder(AttributeCertificateHolder holder)
-    {
-        this.holder = holder;
-    }
-
-    /**
-     * Sets the issuer the attribute certificate must have. If <code>null</code>
-     * is given any will do.
-     *
-     * @param issuer The issuer to set.
-     */
-    public void setIssuer(AttributeCertificateIssuer issuer)
-    {
-        this.issuer = issuer;
-    }
-
-    /**
-     * Sets the serial number the attribute certificate must have. If
-     * <code>null</code> is given any will do.
-     *
-     * @param serialNumber The serialNumber to set.
-     */
-    public void setSerialNumber(BigInteger serialNumber)
-    {
-        this.serialNumber = serialNumber;
-    }
-
-    /**
-     * Adds a target name criterion for the attribute certificate to the target
-     * information extension criteria. The <code>X509AttributeCertificateHolder</code>
-     * must contain at least one of the specified target names.
-     * <p>
-     * Each attribute certificate may contain a target information extension
-     * limiting the servers where this attribute certificate can be used. If
-     * this extension is not present, the attribute certificate is not targeted
-     * and may be accepted by any server.
-     *
-     * @param name The name as a GeneralName (not <code>null</code>)
-     */
-    public void addTargetName(GeneralName name)
-    {
-        targetNames.add(name);
-    }
-
-    /**
-     * Adds a collection with target names criteria. If <code>null</code> is
-     * given any will do.
-     * <p>
-     * The collection consists of either GeneralName objects or byte[] arrays representing
-     * DER encoded GeneralName structures.
-     *
-     * @param names A collection of target names.
-     * @throws java.io.IOException if a parsing error occurs.
-     * @see #addTargetName(org.bouncycastle.asn1.x509.GeneralName)
-     */
-    public void setTargetNames(Collection names) throws IOException
-    {
-        targetNames = extractGeneralNames(names);
-    }
-
-    /**
-     * Adds a target group criterion for the attribute certificate to the target
-     * information extension criteria. The <code>X509AttributeCertificateHolder</code>
-     * must contain at least one of the specified target groups.
-     * <p>
-     * Each attribute certificate may contain a target information extension
-     * limiting the servers where this attribute certificate can be used. If
-     * this extension is not present, the attribute certificate is not targeted
-     * and may be accepted by any server.
-     *
-     * @param group The group as GeneralName form (not <code>null</code>)
-     */
-    public void addTargetGroup(GeneralName group)
-    {
-        targetGroups.add(group);
-    }
-
-    /**
-     * Adds a collection with target groups criteria. If <code>null</code> is
-     * given any will do.
-     * <p>
-     * The collection consists of <code>GeneralName</code> objects or <code>byte[]</code>
-     * representing DER encoded GeneralNames.
-     *
-     * @param names A collection of target groups.
-     * @throws java.io.IOException if a parsing error occurs.
-     * @see #addTargetGroup(org.bouncycastle.asn1.x509.GeneralName)
-     */
-    public void setTargetGroups(Collection names) throws IOException
-    {
-        targetGroups = extractGeneralNames(names);
-    }
-
-    private Set extractGeneralNames(Collection names)
-        throws IOException
-    {
-        if (names == null || names.isEmpty())
-        {
-            return new HashSet();
-        }
-        Set temp = new HashSet();
-        for (Iterator it = names.iterator(); it.hasNext();)
-        {
-            temp.add(GeneralName.getInstance(it.next()));
-        }
-        return temp;
-    }
-
-    public X509AttributeCertificateHolderSelector build()
-    {
-        X509AttributeCertificateHolderSelector sel = new X509AttributeCertificateHolderSelector(
-            holder, issuer, serialNumber, attributeCertificateValid, attributeCert, Collections.unmodifiableCollection(new HashSet(targetNames)), Collections.unmodifiableCollection(new HashSet(targetGroups)));
-
-        return sel;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/selector/jcajce/JcaSelectorConverter.java b/bcpkix/src/main/java/org/bouncycastle/cert/selector/jcajce/JcaSelectorConverter.java
deleted file mode 100644
index 13e9e6b..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/selector/jcajce/JcaSelectorConverter.java
+++ /dev/null

@@ -1,35 +0,0 @@
-package org.bouncycastle.cert.selector.jcajce;
-
-import java.io.IOException;
-import java.security.cert.X509CertSelector;
-
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.cert.selector.X509CertificateHolderSelector;
-
-public class JcaSelectorConverter
-{
-    public JcaSelectorConverter()
-    {
-
-    }
-
-    public X509CertificateHolderSelector getCertificateHolderSelector(X509CertSelector certSelector)
-    {
-        try
-        {
-            if (certSelector.getSubjectKeyIdentifier() != null)
-            {
-                return new X509CertificateHolderSelector(X500Name.getInstance(certSelector.getIssuerAsBytes()), certSelector.getSerialNumber(), ASN1OctetString.getInstance(certSelector.getSubjectKeyIdentifier()).getOctets());
-            }
-            else
-            {
-                return new X509CertificateHolderSelector(X500Name.getInstance(certSelector.getIssuerAsBytes()), certSelector.getSerialNumber());
-            }
-        }
-        catch (IOException e)
-        {
-            throw new IllegalArgumentException("unable to convert issuer: " + e.getMessage());
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/selector/jcajce/JcaX509CertSelectorConverter.java b/bcpkix/src/main/java/org/bouncycastle/cert/selector/jcajce/JcaX509CertSelectorConverter.java
deleted file mode 100644
index 22a3537..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/selector/jcajce/JcaX509CertSelectorConverter.java
+++ /dev/null

@@ -1,57 +0,0 @@
-package org.bouncycastle.cert.selector.jcajce;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.security.cert.X509CertSelector;
-
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.cert.selector.X509CertificateHolderSelector;
-
-public class JcaX509CertSelectorConverter
-{
-    public JcaX509CertSelectorConverter()
-    {
-    }
-
-    protected X509CertSelector doConversion(X500Name issuer, BigInteger serialNumber, byte[] subjectKeyIdentifier)
-    {
-        X509CertSelector selector = new X509CertSelector();
-
-        if (issuer != null)
-        {
-            try
-            {
-                selector.setIssuer(issuer.getEncoded());
-            }
-            catch (IOException e)
-            {
-                throw new IllegalArgumentException("unable to convert issuer: " + e.getMessage());
-            }
-        }
-
-        if (serialNumber != null)
-        {
-            selector.setSerialNumber(serialNumber);
-        }
-
-        if (subjectKeyIdentifier != null)
-        {
-            try
-            {
-                selector.setSubjectKeyIdentifier(new DEROctetString(subjectKeyIdentifier).getEncoded());
-            }
-            catch (IOException e)
-            {
-                throw new IllegalArgumentException("unable to convert issuer: " + e.getMessage());
-            }
-        }
-
-        return selector;
-    }
-
-    public X509CertSelector getCertSelector(X509CertificateHolderSelector holderSelector)
-    {
-        return doConversion(holderSelector.getIssuer(), holderSelector.getSerialNumber(), holderSelector.getSubjectKeyIdentifier());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/selector/jcajce/JcaX509CertificateHolderSelector.java b/bcpkix/src/main/java/org/bouncycastle/cert/selector/jcajce/JcaX509CertificateHolderSelector.java
deleted file mode 100644
index b1c2b49..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/selector/jcajce/JcaX509CertificateHolderSelector.java
+++ /dev/null

@@ -1,72 +0,0 @@
-package org.bouncycastle.cert.selector.jcajce;
-
-import java.math.BigInteger;
-import java.security.cert.X509Certificate;
-
-import javax.security.auth.x500.X500Principal;
-
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.cert.selector.X509CertificateHolderSelector;
-
-public class JcaX509CertificateHolderSelector
-    extends X509CertificateHolderSelector
-{
-    /**
-     * Construct a signer identifier based on the issuer, serial number and subject key identifier (if present) of the passed in
-     * certificate.
-     *
-     * @param certificate certificate providing the issue and serial number and subject key identifier.
-     */
-    public JcaX509CertificateHolderSelector(X509Certificate certificate)
-    {
-        super(convertPrincipal(certificate.getIssuerX500Principal()), certificate.getSerialNumber(), getSubjectKeyId(certificate));
-    }
-
-    /**
-     * Construct a signer identifier based on the provided issuer and serial number..
-     *
-     * @param issuer the issuer to use.
-     * @param serialNumber  the serial number to use.
-     */
-    public JcaX509CertificateHolderSelector(X500Principal issuer, BigInteger serialNumber)
-    {
-        super(convertPrincipal(issuer), serialNumber);
-    }
-
-    /**
-     * Construct a signer identifier based on the provided issuer, serial number, and subjectKeyId..
-     *
-     * @param issuer the issuer to use.
-     * @param serialNumber  the serial number to use.
-     * @param subjectKeyId the subject key ID to use.
-     */
-    public JcaX509CertificateHolderSelector(X500Principal issuer, BigInteger serialNumber, byte[] subjectKeyId)
-    {
-        super(convertPrincipal(issuer), serialNumber, subjectKeyId);
-    }
-
-    private static X500Name convertPrincipal(X500Principal issuer)
-    {
-        if (issuer == null)
-        {
-            return null;
-        }
-        return X500Name.getInstance(issuer.getEncoded());
-    }
-
-    private static byte[] getSubjectKeyId(X509Certificate cert)
-    {
-        byte[] ext = cert.getExtensionValue(Extension.subjectKeyIdentifier.getId());
-
-        if (ext != null)
-        {
-            return ASN1OctetString.getInstance(ASN1OctetString.getInstance(ext).getOctets()).getOctets();
-        }
-        else
-        {
-            return null;
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/selector/package.html b/bcpkix/src/main/java/org/bouncycastle/cert/selector/package.html
deleted file mode 100644
index c5c4211..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/selector/package.html
+++ /dev/null

@@ -1,7 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
-        "http://www.w3.org/TR/html4/loose.dtd">
-<html>
-<body bgcolor="#ffffff">
-Specialised Selector classes for certificates, CRLs, and attribute certificates.
-</body>
-</html>
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/test/AllTests.java b/bcpkix/src/main/java/org/bouncycastle/cert/test/AllTests.java
deleted file mode 100644
index 5f0e9b5..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/test/AllTests.java
+++ /dev/null

@@ -1,78 +0,0 @@
-package org.bouncycastle.cert.test;
-
-import java.security.Security;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.test.SimpleTestResult;
-
-public class AllTests
-    extends TestCase
-{
-    public void testSimpleTests()
-    {
-        org.bouncycastle.util.test.Test[] tests = new org.bouncycastle.util.test.Test[] { new CertTest(), new DANETest(), new PKCS10Test(), new AttrCertSelectorTest(), new AttrCertTest(), new X509ExtensionUtilsTest(), new CertPathLoopTest(), new GOST3410_2012CMSTest() };
-
-        for (int i = 0; i != tests.length; i++)
-        {
-            SimpleTestResult  result = (SimpleTestResult)tests[i].perform();
-
-            if (!result.isSuccessful())
-            {
-                if (result.getException() != null)
-                {
-                    result.getException().printStackTrace();
-                }
-                fail(result.toString());
-            }
-        }
-    }
-
-    public static void main (String[] args)
-    {
-        junit.textui.TestRunner.run(suite());
-    }
-
-    public static Test suite()
-    {
-        TestSuite suite = new TestSuite("Cert Tests");
-
-        if (Security.getProvider("BC") == null)
-        {
-            Security.addProvider(new BouncyCastleProvider());
-        }
-
-        suite.addTestSuite(AllTests.class);
-        suite.addTestSuite(BcAttrCertSelectorTest.class);
-        suite.addTestSuite(BcAttrCertSelectorTest.class);
-        suite.addTestSuite(BcAttrCertTest.class);
-        suite.addTestSuite(BcCertTest.class);
-        suite.addTestSuite(BcPKCS10Test.class);
-        suite.addTest(ConverterTest.suite());
-
-        return new BCTestSetup(suite);
-    }
-
-    static class BCTestSetup
-        extends TestSetup
-    {
-        public BCTestSetup(Test test)
-        {
-            super(test);
-        }
-
-        protected void setUp()
-        {
-            Security.addProvider(new BouncyCastleProvider());
-        }
-
-        protected void tearDown()
-        {
-            Security.removeProvider("BC");
-        }
-    }
-
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/test/AttrCertSelectorTest.java b/bcpkix/src/main/java/org/bouncycastle/cert/test/AttrCertSelectorTest.java
deleted file mode 100644
index 3fe3694..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/test/AttrCertSelectorTest.java
+++ /dev/null

@@ -1,243 +0,0 @@
-package org.bouncycastle.cert.test;
-
-import java.io.ByteArrayInputStream;
-import java.math.BigInteger;
-import java.security.KeyFactory;
-import java.security.PrivateKey;
-import java.security.Security;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-import java.security.spec.RSAPrivateCrtKeySpec;
-import java.util.Date;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.Target;
-import org.bouncycastle.asn1.x509.TargetInformation;
-import org.bouncycastle.asn1.x509.X509Extension;
-import org.bouncycastle.cert.AttributeCertificateHolder;
-import org.bouncycastle.cert.AttributeCertificateIssuer;
-import org.bouncycastle.cert.X509AttributeCertificateHolder;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.X509v2AttributeCertificateBuilder;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
-import org.bouncycastle.cert.selector.X509AttributeCertificateHolderSelectorBuilder;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.operator.ContentSigner;
-import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-public class AttrCertSelectorTest
-    extends SimpleTest
-{
-    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
-
-    static final RSAPrivateCrtKeySpec RSA_PRIVATE_KEY_SPEC = new RSAPrivateCrtKeySpec(
-        new BigInteger(
-            "b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7",
-            16),
-        new BigInteger("11", 16),
-        new BigInteger(
-            "9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89",
-            16), new BigInteger(
-            "c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb",
-            16), new BigInteger(
-            "f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5",
-            16), new BigInteger(
-            "b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391",
-            16), new BigInteger(
-            "d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd",
-            16), new BigInteger(
-            "b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19",
-            16));
-
-    static final byte[] holderCert = Base64
-        .decode("MIIGjTCCBXWgAwIBAgICAPswDQYJKoZIhvcNAQEEBQAwaTEdMBsGCSqGSIb3DQEJ"
-            + "ARYOaXJtaGVscEB2dC5lZHUxLjAsBgNVBAMTJVZpcmdpbmlhIFRlY2ggQ2VydGlm"
-            + "aWNhdGlvbiBBdXRob3JpdHkxCzAJBgNVBAoTAnZ0MQswCQYDVQQGEwJVUzAeFw0w"
-            + "MzAxMzExMzUyMTRaFw0wNDAxMzExMzUyMTRaMIGDMRswGQYJKoZIhvcNAQkBFgxz"
-            + "c2hhaEB2dC5lZHUxGzAZBgNVBAMTElN1bWl0IFNoYWggKHNzaGFoKTEbMBkGA1UE"
-            + "CxMSVmlyZ2luaWEgVGVjaCBVc2VyMRAwDgYDVQQLEwdDbGFzcyAxMQswCQYDVQQK"
-            + "EwJ2dDELMAkGA1UEBhMCVVMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAPDc"
-            + "scgSKmsEp0VegFkuitD5j5PUkDuzLjlfaYONt2SN8WeqU4j2qtlCnsipa128cyKS"
-            + "JzYe9duUdNxquh5BPIkMkHBw4jHoQA33tk0J/sydWdN74/AHPpPieK5GHwhU7GTG"
-            + "rCCS1PJRxjXqse79ExAlul+gjQwHeldAC+d4A6oZAgMBAAGjggOmMIIDojAMBgNV"
-            + "HRMBAf8EAjAAMBEGCWCGSAGG+EIBAQQEAwIFoDAOBgNVHQ8BAf8EBAMCA/gwHQYD"
-            + "VR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMB0GA1UdDgQWBBRUIoWAzlXbzBYE"
-            + "yVTjQFWyMMKo1jCBkwYDVR0jBIGLMIGIgBTgc3Fm+TGqKDhen+oKfbl+xVbj2KFt"
-            + "pGswaTEdMBsGCSqGSIb3DQEJARYOaXJtaGVscEB2dC5lZHUxLjAsBgNVBAMTJVZp"
-            + "cmdpbmlhIFRlY2ggQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxCzAJBgNVBAoTAnZ0"
-            + "MQswCQYDVQQGEwJVU4IBADCBiwYJYIZIAYb4QgENBH4WfFZpcmdpbmlhIFRlY2gg"
-            + "Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgZGlnaXRhbCBjZXJ0aWZpY2F0ZXMgYXJl"
-            + "IHN1YmplY3QgdG8gcG9saWNpZXMgbG9jYXRlZCBhdCBodHRwOi8vd3d3LnBraS52"
-            + "dC5lZHUvY2EvY3BzLy4wFwYDVR0RBBAwDoEMc3NoYWhAdnQuZWR1MBkGA1UdEgQS"
-            + "MBCBDmlybWhlbHBAdnQuZWR1MEMGCCsGAQUFBwEBBDcwNTAzBggrBgEFBQcwAoYn"
-            + "aHR0cDovL2JveDE3Ny5jYy52dC5lZHUvY2EvaXNzdWVycy5odG1sMEQGA1UdHwQ9"
-            + "MDswOaA3oDWGM2h0dHA6Ly9ib3gxNzcuY2MudnQuZWR1L2h0ZG9jcy1wdWJsaWMv"
-            + "Y3JsL2NhY3JsLmNybDBUBgNVHSAETTBLMA0GCysGAQQBtGgFAQEBMDoGCysGAQQB"
-            + "tGgFAQEBMCswKQYIKwYBBQUHAgEWHWh0dHA6Ly93d3cucGtpLnZ0LmVkdS9jYS9j"
-            + "cHMvMD8GCWCGSAGG+EIBBAQyFjBodHRwOi8vYm94MTc3LmNjLnZ0LmVkdS9jZ2kt"
-            + "cHVibGljL2NoZWNrX3Jldl9jYT8wPAYJYIZIAYb4QgEDBC8WLWh0dHA6Ly9ib3gx"
-            + "NzcuY2MudnQuZWR1L2NnaS1wdWJsaWMvY2hlY2tfcmV2PzBLBglghkgBhvhCAQcE"
-            + "PhY8aHR0cHM6Ly9ib3gxNzcuY2MudnQuZWR1L35PcGVuQ0E4LjAxMDYzMC9jZ2kt"
-            + "cHVibGljL3JlbmV3YWw/MCwGCWCGSAGG+EIBCAQfFh1odHRwOi8vd3d3LnBraS52"
-            + "dC5lZHUvY2EvY3BzLzANBgkqhkiG9w0BAQQFAAOCAQEAHJ2ls9yjpZVcu5DqiE67"
-            + "r7BfkdMnm7IOj2v8cd4EAlPp6OPBmjwDMwvKRBb/P733kLBqFNWXWKTpT008R0KB"
-            + "8kehbx4h0UPz9vp31zhGv169+5iReQUUQSIwTGNWGLzrT8kPdvxiSAvdAJxcbRBm"
-            + "KzDic5I8PoGe48kSCkPpT1oNmnivmcu5j1SMvlx0IS2BkFMksr0OHiAW1elSnE/N"
-            + "RuX2k73b3FucwVxB3NRo3vgoHPCTnh9r4qItAHdxFlF+pPtbw2oHESKRfMRfOIHz"
-            + "CLQWSIa6Tvg4NIV3RRJ0sbCObesyg08lymalQMdkXwtRn5eGE00SHWwEUjSXP2gR"
-            + "3g==");
-
-    public String getName()
-    {
-        return "AttrCertSelector";
-    }
-
-    private X509AttributeCertificateHolder createAttrCert() throws Exception
-    {
-        CertificateFactory fact = CertificateFactory.getInstance("X.509", "BC");
-        X509Certificate iCert = (X509Certificate) fact
-            .generateCertificate(new ByteArrayInputStream(holderCert));
-        X509CertificateHolder iCertHolder = new JcaX509CertificateHolder(iCert);
-        //
-        // a sample key pair.
-        //
-        // RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(
-        // new BigInteger(
-        // "b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7",
-        // 16), new BigInteger("11", 16));
-
-        //
-        // set up the keys
-        //
-        PrivateKey privKey;
-
-        KeyFactory kFact = KeyFactory.getInstance("RSA", "BC");
-
-        privKey = kFact.generatePrivate(RSA_PRIVATE_KEY_SPEC);
-
-        X509v2AttributeCertificateBuilder gen = new X509v2AttributeCertificateBuilder(
-                new AttributeCertificateHolder(iCertHolder.getSubject()),
-                new AttributeCertificateIssuer(new X500Name("cn=test")),
-                BigInteger.valueOf(1),
-                new Date(System.currentTimeMillis() - 50000),
-                new Date(System.currentTimeMillis() + 50000));
-
-        // the actual attributes
-        GeneralName roleName = new GeneralName(GeneralName.rfc822Name,
-            "DAU123456789@test.com");
-        ASN1EncodableVector roleSyntax = new ASN1EncodableVector();
-        roleSyntax.add(roleName);
-
-        // roleSyntax OID: 2.5.24.72
-        gen.addAttribute(new ASN1ObjectIdentifier("2.5.24.72"), new DERSequence(roleSyntax));
-
-
-        ContentSigner sigGen = new JcaContentSignerBuilder("SHA1WithRSAEncryption").setProvider(BC).build(privKey);
-
-        Target targetName = new Target(Target.targetName, new GeneralName(GeneralName.dNSName,
-            "www.test.com"));
-
-        Target targetGroup = new Target(Target.targetGroup, new GeneralName(
-            GeneralName.directoryName, "o=Test, ou=Test"));
-        Target[] targets = new Target[2];
-        targets[0] = targetName;
-        targets[1] = targetGroup;
-        TargetInformation targetInformation = new TargetInformation(targets);
-
-        gen.addExtension(X509Extension.targetInformation, true, targetInformation);
-
-        return gen.build(sigGen);
-    }
-
-    public void testSelector() throws Exception
-    {
-        X509AttributeCertificateHolder aCert = createAttrCert();
-        X509AttributeCertificateHolderSelectorBuilder sel = new X509AttributeCertificateHolderSelectorBuilder();
-        sel.setAttributeCert(aCert);
-        boolean match = sel.build().match(aCert);
-        if (!match)
-        {
-            fail("Selector does not match attribute certificate.");
-        }
-        sel.setAttributeCert(null);
-        match = sel.build().match(aCert);
-        if (!match)
-        {
-            fail("Selector does not match attribute certificate.");
-        }
-        sel.setHolder(aCert.getHolder());
-        match = sel.build().match(aCert);
-        if (!match)
-        {
-            fail("Selector does not match attribute certificate holder.");
-        }
-        sel.setHolder(null);
-        sel.setIssuer(aCert.getIssuer());
-        match = sel.build().match(aCert);
-        if (!match)
-        {
-            fail("Selector does not match attribute certificate issuer.");
-        }
-        sel.setIssuer(null);
-
-        CertificateFactory fact = CertificateFactory.getInstance("X.509", "BC");
-        X509CertificateHolder iCert = new JcaX509CertificateHolder((X509Certificate) fact
-            .generateCertificate(new ByteArrayInputStream(holderCert)));
-        match = aCert.getHolder().match(iCert);
-        if (!match)
-        {
-            fail("Issuer holder does not match signing certificate of attribute certificate.");
-        }
-
-        sel.setSerialNumber(aCert.getSerialNumber());
-        match = sel.build().match(aCert);
-        if (!match)
-        {
-            fail("Selector does not match attribute certificate serial number.");
-        }
-
-        sel.setAttributeCertificateValid(new Date());
-        match = sel.build().match(aCert);
-        if (!match)
-        {
-            fail("Selector does not match attribute certificate time.");
-        }
-
-        sel.addTargetName(new GeneralName(2, "www.test.com"));
-        match = sel.build().match(aCert);
-        if (!match)
-        {
-            fail("Selector does not match attribute certificate target name.");
-        }
-        sel.setTargetNames(null);
-        sel.addTargetGroup(new GeneralName(4, "o=Test, ou=Test"));
-        match = sel.build().match(aCert);
-        if (!match)
-        {
-            fail("Selector does not match attribute certificate target group.");
-        }
-        sel.setTargetGroups(null);
-    }
-
-    public void performTest() throws Exception
-    {
-        Security.addProvider(new BouncyCastleProvider());
-        testSelector();
-    }
-
-    public static void main(String[] args)
-    {
-        Test test = new AttrCertSelectorTest();
-        TestResult result = test.perform();
-        System.out.println(result);
-    }
-}
-

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/test/AttrCertTest.java b/bcpkix/src/main/java/org/bouncycastle/cert/test/AttrCertTest.java
deleted file mode 100644
index 4c32ded..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/test/AttrCertTest.java
+++ /dev/null

@@ -1,667 +0,0 @@
-package org.bouncycastle.cert.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.math.BigInteger;
-import java.security.KeyFactory;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.Security;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-import java.security.spec.RSAPrivateCrtKeySpec;
-import java.security.spec.RSAPublicKeySpec;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Date;
-import java.util.List;
-import java.util.Set;
-
-import javax.security.auth.x500.X500Principal;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1String;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.Attribute;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.GeneralNames;
-import org.bouncycastle.cert.AttributeCertificateHolder;
-import org.bouncycastle.cert.AttributeCertificateIssuer;
-import org.bouncycastle.cert.X509AttributeCertificateHolder;
-import org.bouncycastle.cert.X509v2AttributeCertificateBuilder;
-import org.bouncycastle.cert.jcajce.JcaCertStore;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.operator.ContentSigner;
-import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
-import org.bouncycastle.operator.jcajce.JcaContentVerifierProviderBuilder;
-import org.bouncycastle.util.Store;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class AttrCertTest
-    extends SimpleTest
-{
-    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
-
-    private static final RSAPrivateCrtKeySpec RSA_PRIVATE_KEY_SPEC = new RSAPrivateCrtKeySpec(
-                new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-                new BigInteger("11", 16),
-                new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
-                new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
-                new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
-                new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
-                new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
-                new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));
-
-    public static byte[]  attrCert = Base64.decode(
-            "MIIHQDCCBqkCAQEwgZChgY2kgYowgYcxHDAaBgkqhkiG9w0BCQEWDW1sb3JjaEB2"
-          + "dC5lZHUxHjAcBgNVBAMTFU1hcmt1cyBMb3JjaCAobWxvcmNoKTEbMBkGA1UECxMS"
-          + "VmlyZ2luaWEgVGVjaCBVc2VyMRAwDgYDVQQLEwdDbGFzcyAyMQswCQYDVQQKEwJ2"
-          + "dDELMAkGA1UEBhMCVVMwgYmkgYYwgYMxGzAZBgkqhkiG9w0BCQEWDHNzaGFoQHZ0"
-          + "LmVkdTEbMBkGA1UEAxMSU3VtaXQgU2hhaCAoc3NoYWgpMRswGQYDVQQLExJWaXJn"
-          + "aW5pYSBUZWNoIFVzZXIxEDAOBgNVBAsTB0NsYXNzIDExCzAJBgNVBAoTAnZ0MQsw"
-          + "CQYDVQQGEwJVUzANBgkqhkiG9w0BAQQFAAIBBTAiGA8yMDAzMDcxODE2MDgwMloY"
-          + "DzIwMDMwNzI1MTYwODAyWjCCBU0wggVJBgorBgEEAbRoCAEBMYIFORaCBTU8UnVs"
-          + "ZSBSdWxlSWQ9IkZpbGUtUHJpdmlsZWdlLVJ1bGUiIEVmZmVjdD0iUGVybWl0Ij4K"
-          + "IDxUYXJnZXQ+CiAgPFN1YmplY3RzPgogICA8U3ViamVjdD4KICAgIDxTdWJqZWN0"
-          + "TWF0Y2ggTWF0Y2hJZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjEuMDpmdW5j"
-          + "dGlvbjpzdHJpbmctZXF1YWwiPgogICAgIDxBdHRyaWJ1dGVWYWx1ZSBEYXRhVHlw"
-          + "ZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjc3RyaW5nIj4KICAg"
-          + "ICAgIENOPU1hcmt1cyBMb3JjaDwvQXR0cmlidXRlVmFsdWU+CiAgICAgPFN1Ympl"
-          + "Y3RBdHRyaWJ1dGVEZXNpZ25hdG9yIEF0dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFt"
-          + "ZXM6dGM6eGFjbWw6MS4wOnN1YmplY3Q6c3ViamVjdC1pZCIgRGF0YVR5cGU9Imh0"
-          + "dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hI3N0cmluZyIgLz4gCiAgICA8"
-          + "L1N1YmplY3RNYXRjaD4KICAgPC9TdWJqZWN0PgogIDwvU3ViamVjdHM+CiAgPFJl"
-          + "c291cmNlcz4KICAgPFJlc291cmNlPgogICAgPFJlc291cmNlTWF0Y2ggTWF0Y2hJ"
-          + "ZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjEuMDpmdW5jdGlvbjpzdHJpbmct"
-          + "ZXF1YWwiPgogICAgIDxBdHRyaWJ1dGVWYWx1ZSBEYXRhVHlwZT0iaHR0cDovL3d3"
-          + "dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjYW55VVJJIj4KICAgICAgaHR0cDovL3p1"
-          + "bmkuY3MudnQuZWR1PC9BdHRyaWJ1dGVWYWx1ZT4KICAgICA8UmVzb3VyY2VBdHRy"
-          + "aWJ1dGVEZXNpZ25hdG9yIEF0dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFtZXM6dGM6"
-          + "eGFjbWw6MS4wOnJlc291cmNlOnJlc291cmNlLWlkIiBEYXRhVHlwZT0iaHR0cDov"
-          + "L3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjYW55VVJJIiAvPiAKICAgIDwvUmVz"
-          + "b3VyY2VNYXRjaD4KICAgPC9SZXNvdXJjZT4KICA8L1Jlc291cmNlcz4KICA8QWN0"
-          + "aW9ucz4KICAgPEFjdGlvbj4KICAgIDxBY3Rpb25NYXRjaCBNYXRjaElkPSJ1cm46"
-          + "b2FzaXM6bmFtZXM6dGM6eGFjbWw6MS4wOmZ1bmN0aW9uOnN0cmluZy1lcXVhbCI+"
-          + "CiAgICAgPEF0dHJpYnV0ZVZhbHVlIERhdGFUeXBlPSJodHRwOi8vd3d3LnczLm9y"
-          + "Zy8yMDAxL1hNTFNjaGVtYSNzdHJpbmciPgpEZWxlZ2F0ZSBBY2Nlc3MgICAgIDwv"
-          + "QXR0cmlidXRlVmFsdWU+CgkgIDxBY3Rpb25BdHRyaWJ1dGVEZXNpZ25hdG9yIEF0"
-          + "dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFtZXM6dGM6eGFjbWw6MS4wOmFjdGlvbjph"
-          + "Y3Rpb24taWQiIERhdGFUeXBlPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNj"
-          + "aGVtYSNzdHJpbmciIC8+IAogICAgPC9BY3Rpb25NYXRjaD4KICAgPC9BY3Rpb24+"
-          + "CiAgPC9BY3Rpb25zPgogPC9UYXJnZXQ+CjwvUnVsZT4KMA0GCSqGSIb3DQEBBAUA"
-          + "A4GBAGiJSM48XsY90HlYxGmGVSmNR6ZW2As+bot3KAfiCIkUIOAqhcphBS23egTr"
-          + "6asYwy151HshbPNYz+Cgeqs45KkVzh7bL/0e1r8sDVIaaGIkjHK3CqBABnfSayr3"
-          + "Rd1yBoDdEv8Qb+3eEPH6ab9021AsLEnJ6LWTmybbOpMNZ3tv");
-
-    byte[]  signCert = Base64.decode(
-            "MIIGjTCCBXWgAwIBAgICAPswDQYJKoZIhvcNAQEEBQAwaTEdMBsGCSqGSIb3DQEJ"
-          + "ARYOaXJtaGVscEB2dC5lZHUxLjAsBgNVBAMTJVZpcmdpbmlhIFRlY2ggQ2VydGlm"
-          + "aWNhdGlvbiBBdXRob3JpdHkxCzAJBgNVBAoTAnZ0MQswCQYDVQQGEwJVUzAeFw0w"
-          + "MzAxMzExMzUyMTRaFw0wNDAxMzExMzUyMTRaMIGDMRswGQYJKoZIhvcNAQkBFgxz"
-          + "c2hhaEB2dC5lZHUxGzAZBgNVBAMTElN1bWl0IFNoYWggKHNzaGFoKTEbMBkGA1UE"
-          + "CxMSVmlyZ2luaWEgVGVjaCBVc2VyMRAwDgYDVQQLEwdDbGFzcyAxMQswCQYDVQQK"
-          + "EwJ2dDELMAkGA1UEBhMCVVMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAPDc"
-          + "scgSKmsEp0VegFkuitD5j5PUkDuzLjlfaYONt2SN8WeqU4j2qtlCnsipa128cyKS"
-          + "JzYe9duUdNxquh5BPIkMkHBw4jHoQA33tk0J/sydWdN74/AHPpPieK5GHwhU7GTG"
-          + "rCCS1PJRxjXqse79ExAlul+gjQwHeldAC+d4A6oZAgMBAAGjggOmMIIDojAMBgNV"
-          + "HRMBAf8EAjAAMBEGCWCGSAGG+EIBAQQEAwIFoDAOBgNVHQ8BAf8EBAMCA/gwHQYD"
-          + "VR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMB0GA1UdDgQWBBRUIoWAzlXbzBYE"
-          + "yVTjQFWyMMKo1jCBkwYDVR0jBIGLMIGIgBTgc3Fm+TGqKDhen+oKfbl+xVbj2KFt"
-          + "pGswaTEdMBsGCSqGSIb3DQEJARYOaXJtaGVscEB2dC5lZHUxLjAsBgNVBAMTJVZp"
-          + "cmdpbmlhIFRlY2ggQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxCzAJBgNVBAoTAnZ0"
-          + "MQswCQYDVQQGEwJVU4IBADCBiwYJYIZIAYb4QgENBH4WfFZpcmdpbmlhIFRlY2gg"
-          + "Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgZGlnaXRhbCBjZXJ0aWZpY2F0ZXMgYXJl"
-          + "IHN1YmplY3QgdG8gcG9saWNpZXMgbG9jYXRlZCBhdCBodHRwOi8vd3d3LnBraS52"
-          + "dC5lZHUvY2EvY3BzLy4wFwYDVR0RBBAwDoEMc3NoYWhAdnQuZWR1MBkGA1UdEgQS"
-          + "MBCBDmlybWhlbHBAdnQuZWR1MEMGCCsGAQUFBwEBBDcwNTAzBggrBgEFBQcwAoYn"
-          + "aHR0cDovL2JveDE3Ny5jYy52dC5lZHUvY2EvaXNzdWVycy5odG1sMEQGA1UdHwQ9"
-          + "MDswOaA3oDWGM2h0dHA6Ly9ib3gxNzcuY2MudnQuZWR1L2h0ZG9jcy1wdWJsaWMv"
-          + "Y3JsL2NhY3JsLmNybDBUBgNVHSAETTBLMA0GCysGAQQBtGgFAQEBMDoGCysGAQQB"
-          + "tGgFAQEBMCswKQYIKwYBBQUHAgEWHWh0dHA6Ly93d3cucGtpLnZ0LmVkdS9jYS9j"
-          + "cHMvMD8GCWCGSAGG+EIBBAQyFjBodHRwOi8vYm94MTc3LmNjLnZ0LmVkdS9jZ2kt"
-          + "cHVibGljL2NoZWNrX3Jldl9jYT8wPAYJYIZIAYb4QgEDBC8WLWh0dHA6Ly9ib3gx"
-          + "NzcuY2MudnQuZWR1L2NnaS1wdWJsaWMvY2hlY2tfcmV2PzBLBglghkgBhvhCAQcE"
-          + "PhY8aHR0cHM6Ly9ib3gxNzcuY2MudnQuZWR1L35PcGVuQ0E4LjAxMDYzMC9jZ2kt"
-          + "cHVibGljL3JlbmV3YWw/MCwGCWCGSAGG+EIBCAQfFh1odHRwOi8vd3d3LnBraS52"
-          + "dC5lZHUvY2EvY3BzLzANBgkqhkiG9w0BAQQFAAOCAQEAHJ2ls9yjpZVcu5DqiE67"
-          + "r7BfkdMnm7IOj2v8cd4EAlPp6OPBmjwDMwvKRBb/P733kLBqFNWXWKTpT008R0KB"
-          + "8kehbx4h0UPz9vp31zhGv169+5iReQUUQSIwTGNWGLzrT8kPdvxiSAvdAJxcbRBm"
-          + "KzDic5I8PoGe48kSCkPpT1oNmnivmcu5j1SMvlx0IS2BkFMksr0OHiAW1elSnE/N"
-          + "RuX2k73b3FucwVxB3NRo3vgoHPCTnh9r4qItAHdxFlF+pPtbw2oHESKRfMRfOIHz"
-          + "CLQWSIa6Tvg4NIV3RRJ0sbCObesyg08lymalQMdkXwtRn5eGE00SHWwEUjSXP2gR"
-          + "3g==");
-
-    static byte[] certWithBaseCertificateID = Base64.decode(
-            "MIIBqzCCARQCAQEwSKBGMD6kPDA6MQswCQYDVQQGEwJJVDEOMAwGA1UEChMFVU5JVE4xDDAKBgNV"
-          + "BAsTA0RJVDENMAsGA1UEAxMEcm9vdAIEAVMVjqB6MHikdjB0MQswCQYDVQQGEwJBVTEoMCYGA1UE"
-          + "ChMfVGhlIExlZ2lvbiBvZiB0aGUgQm91bmN5IENhc3RsZTEjMCEGA1UECxMaQm91bmN5IFByaW1h"
-          + "cnkgQ2VydGlmaWNhdGUxFjAUBgNVBAMTDUJvdW5jeSBDYXN0bGUwDQYJKoZIhvcNAQEFBQACBQKW"
-          + "RhnHMCIYDzIwMDUxMjEyMTIwMDQyWhgPMjAwNTEyMTkxMjAxMzJaMA8wDQYDVRhIMQaBBGVWSVAw"
-          + "DQYJKoZIhvcNAQEFBQADgYEAUAVin9StDaA+InxtXq/av6rUQLI9p1X6louBcj4kYJnxRvTrHpsr"
-          + "N3+i9Uq/uk5lRdAqmPFvcmSbuE3TRAsjrXON5uFiBBKZ1AouLqcr8nHbwcdwjJ9TyUNO9I4hfpSH"
-          + "UHHXMtBKgp4MOkhhX8xTGyWg3hp23d3GaUeg/IYlXBI=");
-    
-    byte[] holderCertWithBaseCertificateID = Base64.decode(
-            "MIIBwDCCASmgAwIBAgIEAVMVjjANBgkqhkiG9w0BAQUFADA6MQswCQYDVQQGEwJJVDEOMAwGA1UE"
-          + "ChMFVU5JVE4xDDAKBgNVBAsTA0RJVDENMAsGA1UEAxMEcm9vdDAeFw0wNTExMTExMjAxMzJaFw0w"
-          + "NjA2MTYxMjAxMzJaMD4xCzAJBgNVBAYTAklUMQ4wDAYDVQQKEwVVTklUTjEMMAoGA1UECxMDRElU"
-          + "MREwDwYDVQQDEwhMdWNhQm9yejBaMA0GCSqGSIb3DQEBAQUAA0kAMEYCQQC0p+RhcFdPFqlwgrIr"
-          + "5YtqKmKXmEGb4ShypL26Ymz66ZAPdqv7EhOdzl3lZWT6srZUMWWgQMYGiHQg4z2R7X7XAgERoxUw"
-          + "EzARBglghkgBhvhCAQEEBAMCBDAwDQYJKoZIhvcNAQEFBQADgYEAsX50VPQQCWmHvPq9y9DeCpmS"
-          + "4szcpFAhpZyn6gYRwY9CRZVtmZKH8713XhkGDWcIEMcG0u3oTz3tdKgPU5uyIPrDEWr6w8ClUj4x"
-          + "5aVz5c2223+dVY7KES//JSB2bE/KCIchN3kAioQ4K8O3e0OL6oDVjsqKGw5bfahgKuSIk/Q=");
-
-    
-    public String getName()
-    {
-        return "AttrCertTest";
-    }
-
-    private void testCertWithBaseCertificateID()
-        throws Exception
-    {
-        X509AttributeCertificateHolder attrCert = new X509AttributeCertificateHolder(certWithBaseCertificateID);
-        CertificateFactory       fact = CertificateFactory.getInstance("X.509", "BC");   
-        X509Certificate          cert = (X509Certificate)fact.generateCertificate(new ByteArrayInputStream(holderCertWithBaseCertificateID));
-        
-        AttributeCertificateHolder holder = attrCert.getHolder();
-        
-        if (holder.getEntityNames() != null)
-        {
-            fail("entity names set when none expected");
-        }
-        
-        if (!holder.getSerialNumber().equals(cert.getSerialNumber()))
-        {
-            fail("holder serial number doesn't match");
-        }
-
-        if (!holder.getIssuer()[0].equals(X500Name.getInstance(cert.getIssuerX500Principal().getEncoded())))
-        {
-            fail("holder issuer doesn't match");
-        }
-        
-        if (!holder.match(new JcaX509CertificateHolder(cert)))
-        {
-            fail("holder not matching holder certificate");
-        }
-
-        if (!holder.equals(holder.clone()))
-        {
-            fail("holder clone test failed");
-        }
-
-        if (!attrCert.getIssuer().equals(attrCert.getIssuer().clone()))
-        {
-            fail("issuer clone test failed");
-        }
-        
-        //equalityAndHashCodeTest(attrCert, certWithBaseCertificateID);
-    }
-
-    private void equalityAndHashCodeTest(X509AttributeCertificateHolder attrCert, byte[] encoding)
-        throws IOException
-    {
-        if (!attrCert.equals(attrCert))
-        {
-            fail("same certificate not equal");
-        }
-
-        if (!attrCert.getHolder().equals(attrCert.getHolder()))
-        {
-            fail("same holder not equal");
-        }
-
-        if (!attrCert.getIssuer().equals(attrCert.getIssuer()))
-        {
-            fail("same issuer not equal");
-        }
-
-        if (attrCert.getHolder().equals(attrCert.getIssuer()))
-        {
-            fail("wrong holder equal");
-        }
-
-        if (attrCert.getIssuer().equals(attrCert.getHolder()))
-        {
-            fail("wrong issuer equal");
-        }
-
-        X509AttributeCertificateHolder attrCert2 = new X509AttributeCertificateHolder(encoding);
-
-        if (attrCert2.getHolder().hashCode() != attrCert.getHolder().hashCode())
-        {
-            fail("holder hashCode test failed");
-        }
-
-        if (!attrCert2.getHolder().equals(attrCert.getHolder()))
-        {
-            fail("holder equals test failed");
-        }
-
-        if (attrCert2.getIssuer().hashCode() != attrCert.getIssuer().hashCode())
-        {
-            fail("issuer hashCode test failed");
-        }
-
-        if (!attrCert2.getIssuer().equals(attrCert.getIssuer()))
-        {
-            fail("issuer equals test failed");
-        }
-    }
-
-    private void testGenerateWithCert()
-        throws Exception
-    {
-        CertificateFactory          fact = CertificateFactory.getInstance("X.509","BC");
-        X509Certificate             iCert = (X509Certificate)fact.generateCertificate(new ByteArrayInputStream(signCert));
-        
-        //
-        // a sample key pair.
-        //
-        RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(
-            new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-            new BigInteger("11", 16));
-
-        //
-        // set up the keys
-        //
-        PrivateKey          privKey;
-        PublicKey           pubKey;
-
-        KeyFactory  kFact = KeyFactory.getInstance("RSA", "BC");
-
-        privKey = kFact.generatePrivate(RSA_PRIVATE_KEY_SPEC);
-        pubKey = kFact.generatePublic(pubKeySpec);
-        
-        X509v2AttributeCertificateBuilder gen = new X509v2AttributeCertificateBuilder(
-            new AttributeCertificateHolder(new JcaX509CertificateHolder(iCert)),
-            new AttributeCertificateIssuer(new X500Name("cn=test")),
-            BigInteger.ONE,
-            new Date(System.currentTimeMillis() - 50000),
-            new Date(System.currentTimeMillis() + 50000));
-
-        // the actual attributes
-        GeneralName roleName = new GeneralName(GeneralName.rfc822Name, "DAU123456789");
-        ASN1EncodableVector roleSyntax = new ASN1EncodableVector();
-        roleSyntax.add(roleName);
-
-        // roleSyntax OID: 2.5.24.72;
-
-        gen.addAttribute(new ASN1ObjectIdentifier("2.5.24.72"), new DERSequence(roleSyntax));
-
-        ContentSigner sigGen = new JcaContentSignerBuilder("SHA1WithRSAEncryption").setProvider(BC).build(privKey);
-
-        X509AttributeCertificateHolder aCert = gen.build(sigGen);
-        
-        if (!aCert.isValidOn(new Date()))
-        {
-            fail("certificate invalid");
-        }
-        
-        if (!aCert.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(pubKey)))
-        {
-            fail("certificate signature not valid");
-        }
-        
-        AttributeCertificateHolder holder = aCert.getHolder();
-        
-        if (holder.getEntityNames() != null)
-        {
-            fail("entity names set when none expected");
-        }
-        
-        if (!holder.getSerialNumber().equals(iCert.getSerialNumber()))
-        {
-            fail("holder serial number doesn't match");
-        }
-
-        if (!holder.getIssuer()[0].equals(X500Name.getInstance(iCert.getIssuerX500Principal().getEncoded())))
-        {
-            fail("holder issuer doesn't match");
-        }
-        
-        if (!holder.match(new JcaX509CertificateHolder(iCert)))
-        {
-            fail("generated holder not matching holder certificate");
-        }
-        
-        Attribute[] attrs = aCert.getAttributes(new ASN1ObjectIdentifier("2.5.24.72"));
-        
-        if (attrs == null)
-        {
-            fail("attributes related to 2.5.24.72 not found");
-        }
-        
-        Attribute attr = attrs[0];
-        
-        if (!attr.getAttrType().getId().equals("2.5.24.72"))
-        {
-            fail("attribute oid mismatch");
-        }
-        
-        ASN1Encodable[] values = attr.getAttrValues().toArray();
-        
-        GeneralName role = GeneralNames.getInstance(values[0]).getNames()[0];
-        
-        if (role.getTagNo() != GeneralName.rfc822Name)
-        {
-            fail("wrong general name type found in role");
-        }
-        
-        if (!((ASN1String)role.getName()).getString().equals("DAU123456789"))
-        {
-            fail("wrong general name value found in role");
-        }
-        
-        X509Certificate             sCert = (X509Certificate)fact.generateCertificate(new ByteArrayInputStream(holderCertWithBaseCertificateID));
-        
-        if (holder.match(new JcaX509CertificateHolder(sCert)))
-        {
-            fail("generated holder matching wrong certificate");
-        }
-
-        equalityAndHashCodeTest(aCert, aCert.getEncoded());
-    }
-    
-    private void testGenerateWithPrincipal()
-        throws Exception
-    {
-        CertificateFactory          fact = CertificateFactory.getInstance("X.509","BC");
-        X509Certificate             iCert = (X509Certificate)fact.generateCertificate(new ByteArrayInputStream(signCert));
-        
-        //
-        // a sample key pair.
-        //
-        RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(
-            new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-            new BigInteger("11", 16));
-    
-        //
-        // set up the keys
-        //
-        PrivateKey          privKey;
-        PublicKey           pubKey;
-    
-        KeyFactory  kFact = KeyFactory.getInstance("RSA", "BC");
-    
-        privKey = kFact.generatePrivate(RSA_PRIVATE_KEY_SPEC);
-        pubKey = kFact.generatePublic(pubKeySpec);
-        
-        X509v2AttributeCertificateBuilder gen = new X509v2AttributeCertificateBuilder(
-            new AttributeCertificateHolder(new JcaX509CertificateHolder(iCert).getSubject()),
-            new AttributeCertificateIssuer(new X500Name("cn=test")),
-            BigInteger.ONE,
-            new Date(System.currentTimeMillis() - 50000),
-            new Date(System.currentTimeMillis() + 50000));
-        
-        // the actual attributes
-        GeneralName roleName = new GeneralName(GeneralName.rfc822Name, "DAU123456789");
-        ASN1EncodableVector roleSyntax = new ASN1EncodableVector();
-        roleSyntax.add(roleName);
-    
-        // roleSyntax OID: 2.5.24.72
-    
-        gen.addAttribute(new ASN1ObjectIdentifier("2.5.24.72"), new DERSequence(roleSyntax));
-
-        ContentSigner sigGen = new JcaContentSignerBuilder("SHA1WithRSAEncryption").setProvider(BC).build(privKey);
-
-        X509AttributeCertificateHolder aCert = gen.build(sigGen);
-        
-        if (!aCert.isValidOn(new Date()))
-        {
-            fail("certificate invalid");
-        }
-        
-        if (!aCert.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(pubKey)))
-        {
-            fail("certificate signature not valid");
-        }
-        
-        AttributeCertificateHolder holder = aCert.getHolder();
-        
-        if (holder.getEntityNames() == null)
-        {
-            fail("entity names not set when expected");
-        }
-        
-        if (holder.getSerialNumber() != null)
-        {
-            fail("holder serial number found when none expected");
-        }
-    
-        if (holder.getIssuer() != null)
-        {
-            fail("holder issuer found when none expected");
-        }
-        
-        if (!holder.match(new JcaX509CertificateHolder(iCert)))
-        {
-            fail("generated holder not matching holder certificate");
-        }
-        
-        X509Certificate             sCert = (X509Certificate)fact.generateCertificate(new ByteArrayInputStream(holderCertWithBaseCertificateID));
-        
-        if (holder.match(sCert))
-        {
-            fail("principal generated holder matching wrong certificate");
-        }
-
-        equalityAndHashCodeTest(aCert, aCert.getEncoded());
-    }
-    
-    public void performTest()
-        throws Exception
-    {
-        X509AttributeCertificateHolder    aCert = new X509AttributeCertificateHolder(attrCert);
-        CertificateFactory          fact = CertificateFactory.getInstance("X.509","BC");
-        X509Certificate             sCert = (X509Certificate)fact.generateCertificate(new ByteArrayInputStream(signCert));
-        
-        if (!aCert.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(sCert)))
-        {
-            fail("certificate signature not valid");
-        }
-
-        //
-        // search test
-        //
-        
-        List      list = new ArrayList();
-        
-        list.add(sCert);
-
-        Store store = new JcaCertStore(list);
-        
-        Collection certs = store.getMatches(aCert.getIssuer());
-        if (certs.size() != 1 || !certs.contains(new JcaX509CertificateHolder(sCert)))
-        {
-            fail("sCert not found by issuer");
-        }
-        
-        Attribute[] attrs = aCert.getAttributes(new ASN1ObjectIdentifier("1.3.6.1.4.1.6760.8.1.1"));
-        if (attrs == null || attrs.length != 1)
-        {
-            fail("attribute not found");
-        }
-
-        //
-        // reencode test
-        //
-        aCert = new X509AttributeCertificateHolder(aCert.getEncoded());
-        
-        if (!aCert.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(sCert)))
-        {
-            fail("certificate signature not valid");
-        }
-
-        X509AttributeCertificateHolder saCert = new X509AttributeCertificateHolder(aCert.getEncoded());
-        
-        if (!aCert.getNotAfter().equals(saCert.getNotAfter()))
-        {
-            fail("failed date comparison");
-        }
-        
-        // base generator test
-        
-        //
-        // a sample key pair.
-        //
-        RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(
-            new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-            new BigInteger("11", 16));
-
-        RSAPrivateCrtKeySpec privKeySpec = RSA_PRIVATE_KEY_SPEC;
-
-        //
-        // set up the keys
-        //
-        PrivateKey          privKey;
-        PublicKey           pubKey;
-
-        KeyFactory  kFact = KeyFactory.getInstance("RSA", "BC");
-
-        privKey = kFact.generatePrivate(privKeySpec);
-        pubKey = kFact.generatePublic(pubKeySpec);
-        
-        X509v2AttributeCertificateBuilder gen = new X509v2AttributeCertificateBuilder(
-            aCert.getHolder(),
-            aCert.getIssuer(),
-            aCert.getSerialNumber(),
-            new Date(System.currentTimeMillis() - 50000),
-            new Date(System.currentTimeMillis() + 50000));
-
-        gen.addAttribute(attrs[0].getAttrType(), attrs[0].getAttributeValues());
-
-        ContentSigner sigGen = new JcaContentSignerBuilder("SHA1WithRSAEncryption").setProvider(BC).build(privKey);
-
-        aCert = gen.build(sigGen);
-        
-        if (!aCert.isValidOn(new Date()))
-        {
-            fail("certificate not valid");
-        }
-        
-        if (!aCert.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(pubKey)))
-        {
-            fail("signature not valid");
-        }
-        
-        // as the issuer is the same this should still work (even though it is not
-        // technically correct
-        
-        certs = store.getMatches(aCert.getIssuer());
-        if (certs.size() != 1 || !certs.contains(new JcaX509CertificateHolder(sCert)))
-        {
-            fail("sCert not found by issuer");
-        }
-        
-        attrs = aCert.getAttributes(new ASN1ObjectIdentifier("1.3.6.1.4.1.6760.8.1.1"));
-        if (attrs == null || attrs.length != 1)
-        {
-            fail("attribute not found");
-        }
-        
-        //
-        // reencode test
-        //
-        aCert = new X509AttributeCertificateHolder(aCert.getEncoded());
-        
-        if (!aCert.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(pubKey)))
-        {
-            fail("signature not valid");
-        }
-        
-        AttributeCertificateIssuer  issuer = aCert.getIssuer();
-        
-        X500Name[] principals = issuer.getNames();
-        
-        //
-        // test holder
-        //
-        AttributeCertificateHolder holder = aCert.getHolder();
-        
-        if (holder.getEntityNames() == null)
-        {
-            fail("entity names not set");
-        }
-        
-        if (holder.getSerialNumber() != null)
-        {
-            fail("holder serial number set when none expected");
-        }
-
-        if (holder.getIssuer() != null)
-        {
-            fail("holder issuer set when none expected");
-        }
-        
-        principals = holder.getEntityNames();
-
-        X500Principal principal0 = new X500Principal(principals[0].getEncoded());
-        if (!principal0.toString().equals("C=US, O=vt, OU=Class 2, OU=Virginia Tech User, CN=Markus Lorch (mlorch), EMAILADDRESS=mlorch@vt.edu"))
-        {
-            fail("principal[0] for entity names don't match");
-        }
-
-        //
-        // extension test
-        //
-        
-        if (aCert.hasExtensions())
-        {
-            fail("hasExtensions true with no extensions");
-        }
-        
-        gen.addExtension(new ASN1ObjectIdentifier("1.1"), true, new DEROctetString(new byte[10]));
-        
-        gen.addExtension(new ASN1ObjectIdentifier("2.2"), false, new DEROctetString(new byte[20]));
-        
-        aCert = gen.build(new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(privKey));
-        
-        Set exts = aCert.getCriticalExtensionOIDs();
-        
-        if (exts.size() != 1 || !exts.contains(new ASN1ObjectIdentifier("1.1")))
-        {               System.err.println(exts);
-            fail("critical extension test failed");
-        }
-
-        exts = aCert.getNonCriticalExtensionOIDs();
-        
-        if (exts.size() != 1 || !exts.contains(new ASN1ObjectIdentifier("2.2")))
-        {
-            fail("non-critical extension test failed");
-        }
-        
-        if (aCert.getCriticalExtensionOIDs().isEmpty())
-        {
-            fail("critical extensions not found");
-        }
-        
-        Extension ext = aCert.getExtension(new ASN1ObjectIdentifier("1.1"));
-        ASN1Encodable extValue = ext.getParsedValue();
-        
-        if (!extValue.equals(new DEROctetString(new byte[10])))
-        {
-            fail("wrong extension value found for 1.1");
-        }
-        
-        testCertWithBaseCertificateID();
-        testGenerateWithCert();
-        testGenerateWithPrincipal();
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new AttrCertTest());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/test/BcAttrCertSelectorTest.java b/bcpkix/src/main/java/org/bouncycastle/cert/test/BcAttrCertSelectorTest.java
deleted file mode 100644
index 8be11c5..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/test/BcAttrCertSelectorTest.java
+++ /dev/null

@@ -1,212 +0,0 @@
-package org.bouncycastle.cert.test;
-
-import java.math.BigInteger;
-import java.util.Date;
-
-import junit.framework.TestCase;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.Target;
-import org.bouncycastle.asn1.x509.TargetInformation;
-import org.bouncycastle.cert.AttributeCertificateHolder;
-import org.bouncycastle.cert.AttributeCertificateIssuer;
-import org.bouncycastle.cert.X509AttributeCertificateHolder;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.X509v2AttributeCertificateBuilder;
-import org.bouncycastle.cert.selector.X509AttributeCertificateHolderSelectorBuilder;
-import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
-import org.bouncycastle.operator.ContentSigner;
-import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
-import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
-import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder;
-import org.bouncycastle.util.encoders.Base64;
-
-public class BcAttrCertSelectorTest
-    extends TestCase
-{
-    DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder();
-    DefaultDigestAlgorithmIdentifierFinder digAlgFinder = new DefaultDigestAlgorithmIdentifierFinder();
-
-    static final RSAPrivateCrtKeyParameters RSA_PRIVATE_KEY_SPEC = new RSAPrivateCrtKeyParameters(
-        new BigInteger(
-            "b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7",
-            16),
-        new BigInteger("11", 16),
-        new BigInteger(
-            "9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89",
-            16), new BigInteger(
-            "c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb",
-            16), new BigInteger(
-            "f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5",
-            16), new BigInteger(
-            "b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391",
-            16), new BigInteger(
-            "d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd",
-            16), new BigInteger(
-            "b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19",
-            16));
-
-    static final byte[] holderCert = Base64
-        .decode("MIIGjTCCBXWgAwIBAgICAPswDQYJKoZIhvcNAQEEBQAwaTEdMBsGCSqGSIb3DQEJ"
-            + "ARYOaXJtaGVscEB2dC5lZHUxLjAsBgNVBAMTJVZpcmdpbmlhIFRlY2ggQ2VydGlm"
-            + "aWNhdGlvbiBBdXRob3JpdHkxCzAJBgNVBAoTAnZ0MQswCQYDVQQGEwJVUzAeFw0w"
-            + "MzAxMzExMzUyMTRaFw0wNDAxMzExMzUyMTRaMIGDMRswGQYJKoZIhvcNAQkBFgxz"
-            + "c2hhaEB2dC5lZHUxGzAZBgNVBAMTElN1bWl0IFNoYWggKHNzaGFoKTEbMBkGA1UE"
-            + "CxMSVmlyZ2luaWEgVGVjaCBVc2VyMRAwDgYDVQQLEwdDbGFzcyAxMQswCQYDVQQK"
-            + "EwJ2dDELMAkGA1UEBhMCVVMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAPDc"
-            + "scgSKmsEp0VegFkuitD5j5PUkDuzLjlfaYONt2SN8WeqU4j2qtlCnsipa128cyKS"
-            + "JzYe9duUdNxquh5BPIkMkHBw4jHoQA33tk0J/sydWdN74/AHPpPieK5GHwhU7GTG"
-            + "rCCS1PJRxjXqse79ExAlul+gjQwHeldAC+d4A6oZAgMBAAGjggOmMIIDojAMBgNV"
-            + "HRMBAf8EAjAAMBEGCWCGSAGG+EIBAQQEAwIFoDAOBgNVHQ8BAf8EBAMCA/gwHQYD"
-            + "VR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMB0GA1UdDgQWBBRUIoWAzlXbzBYE"
-            + "yVTjQFWyMMKo1jCBkwYDVR0jBIGLMIGIgBTgc3Fm+TGqKDhen+oKfbl+xVbj2KFt"
-            + "pGswaTEdMBsGCSqGSIb3DQEJARYOaXJtaGVscEB2dC5lZHUxLjAsBgNVBAMTJVZp"
-            + "cmdpbmlhIFRlY2ggQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxCzAJBgNVBAoTAnZ0"
-            + "MQswCQYDVQQGEwJVU4IBADCBiwYJYIZIAYb4QgENBH4WfFZpcmdpbmlhIFRlY2gg"
-            + "Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgZGlnaXRhbCBjZXJ0aWZpY2F0ZXMgYXJl"
-            + "IHN1YmplY3QgdG8gcG9saWNpZXMgbG9jYXRlZCBhdCBodHRwOi8vd3d3LnBraS52"
-            + "dC5lZHUvY2EvY3BzLy4wFwYDVR0RBBAwDoEMc3NoYWhAdnQuZWR1MBkGA1UdEgQS"
-            + "MBCBDmlybWhlbHBAdnQuZWR1MEMGCCsGAQUFBwEBBDcwNTAzBggrBgEFBQcwAoYn"
-            + "aHR0cDovL2JveDE3Ny5jYy52dC5lZHUvY2EvaXNzdWVycy5odG1sMEQGA1UdHwQ9"
-            + "MDswOaA3oDWGM2h0dHA6Ly9ib3gxNzcuY2MudnQuZWR1L2h0ZG9jcy1wdWJsaWMv"
-            + "Y3JsL2NhY3JsLmNybDBUBgNVHSAETTBLMA0GCysGAQQBtGgFAQEBMDoGCysGAQQB"
-            + "tGgFAQEBMCswKQYIKwYBBQUHAgEWHWh0dHA6Ly93d3cucGtpLnZ0LmVkdS9jYS9j"
-            + "cHMvMD8GCWCGSAGG+EIBBAQyFjBodHRwOi8vYm94MTc3LmNjLnZ0LmVkdS9jZ2kt"
-            + "cHVibGljL2NoZWNrX3Jldl9jYT8wPAYJYIZIAYb4QgEDBC8WLWh0dHA6Ly9ib3gx"
-            + "NzcuY2MudnQuZWR1L2NnaS1wdWJsaWMvY2hlY2tfcmV2PzBLBglghkgBhvhCAQcE"
-            + "PhY8aHR0cHM6Ly9ib3gxNzcuY2MudnQuZWR1L35PcGVuQ0E4LjAxMDYzMC9jZ2kt"
-            + "cHVibGljL3JlbmV3YWw/MCwGCWCGSAGG+EIBCAQfFh1odHRwOi8vd3d3LnBraS52"
-            + "dC5lZHUvY2EvY3BzLzANBgkqhkiG9w0BAQQFAAOCAQEAHJ2ls9yjpZVcu5DqiE67"
-            + "r7BfkdMnm7IOj2v8cd4EAlPp6OPBmjwDMwvKRBb/P733kLBqFNWXWKTpT008R0KB"
-            + "8kehbx4h0UPz9vp31zhGv169+5iReQUUQSIwTGNWGLzrT8kPdvxiSAvdAJxcbRBm"
-            + "KzDic5I8PoGe48kSCkPpT1oNmnivmcu5j1SMvlx0IS2BkFMksr0OHiAW1elSnE/N"
-            + "RuX2k73b3FucwVxB3NRo3vgoHPCTnh9r4qItAHdxFlF+pPtbw2oHESKRfMRfOIHz"
-            + "CLQWSIa6Tvg4NIV3RRJ0sbCObesyg08lymalQMdkXwtRn5eGE00SHWwEUjSXP2gR"
-            + "3g==");
-
-    public String getName()
-    {
-        return "AttrCertSelector";
-    }
-
-    private X509AttributeCertificateHolder createAttrCert() throws Exception
-    {
-        X509CertificateHolder iCertHolder = new X509CertificateHolder(holderCert);
-        //
-        // a sample key pair.
-        //
-        // RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(
-        // new BigInteger(
-        // "b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7",
-        // 16), new BigInteger("11", 16));
-
-        X509v2AttributeCertificateBuilder gen = new X509v2AttributeCertificateBuilder(
-                new AttributeCertificateHolder(iCertHolder.getSubject()),
-                new AttributeCertificateIssuer(new X500Name("cn=test")),
-                BigInteger.ONE,
-                new Date(System.currentTimeMillis() - 50000),
-                new Date(System.currentTimeMillis() + 50000));
-
-        // the actual attributes
-        GeneralName roleName = new GeneralName(GeneralName.rfc822Name,
-            "DAU123456789@test.com");
-        ASN1EncodableVector roleSyntax = new ASN1EncodableVector();
-        roleSyntax.add(roleName);
-
-        // roleSyntax OID: 2.5.24.72
-        gen.addAttribute(new ASN1ObjectIdentifier("2.5.24.72"), new DERSequence(roleSyntax));
-
-
-        AlgorithmIdentifier sigAlg = sigAlgFinder.find("SHA1withRSA");
-        AlgorithmIdentifier digAlg = digAlgFinder.find(sigAlg);
-
-        ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlg, digAlg).build(RSA_PRIVATE_KEY_SPEC);
-        Target targetName = new Target(Target.targetName, new GeneralName(GeneralName.dNSName,
-            "www.test.com"));
-
-        Target targetGroup = new Target(Target.targetGroup, new GeneralName(
-            GeneralName.directoryName, "o=Test, ou=Test"));
-        Target[] targets = new Target[2];
-        targets[0] = targetName;
-        targets[1] = targetGroup;
-        TargetInformation targetInformation = new TargetInformation(targets);
-
-        gen.addExtension(Extension.targetInformation, true, targetInformation);
-
-        return gen.build(sigGen);
-    }
-
-    public void testSelector() throws Exception
-    {
-        X509AttributeCertificateHolder aCert = createAttrCert();
-        X509AttributeCertificateHolderSelectorBuilder sel = new X509AttributeCertificateHolderSelectorBuilder();
-        sel.setAttributeCert(aCert);
-        boolean match = sel.build().match(aCert);
-        if (!match)
-        {
-            fail("Selector does not match attribute certificate.");
-        }
-        sel.setAttributeCert(null);
-        match = sel.build().match(aCert);
-        if (!match)
-        {
-            fail("Selector does not match attribute certificate.");
-        }
-        sel.setHolder(aCert.getHolder());
-        match = sel.build().match(aCert);
-        if (!match)
-        {
-            fail("Selector does not match attribute certificate holder.");
-        }
-        sel.setHolder(null);
-        sel.setIssuer(aCert.getIssuer());
-        match = sel.build().match(aCert);
-        if (!match)
-        {
-            fail("Selector does not match attribute certificate issuer.");
-        }
-        sel.setIssuer(null);
-
-        X509CertificateHolder iCert = new X509CertificateHolder(holderCert);
-        match = aCert.getHolder().match(iCert);
-        if (!match)
-        {
-            fail("Issuer holder does not match signing certificate of attribute certificate.");
-        }
-
-        sel.setSerialNumber(aCert.getSerialNumber());
-        match = sel.build().match(aCert);
-        if (!match)
-        {
-            fail("Selector does not match attribute certificate serial number.");
-        }
-
-        sel.setAttributeCertificateValid(new Date());
-        match = sel.build().match(aCert);
-        if (!match)
-        {
-            fail("Selector does not match attribute certificate time.");
-        }
-
-        sel.addTargetName(new GeneralName(2, "www.test.com"));
-        match = sel.build().match(aCert);
-        if (!match)
-        {
-            fail("Selector does not match attribute certificate target name.");
-        }
-        sel.setTargetNames(null);
-        sel.addTargetGroup(new GeneralName(4, "o=Test, ou=Test"));
-        match = sel.build().match(aCert);
-        if (!match)
-        {
-            fail("Selector does not match attribute certificate target group.");
-        }
-        sel.setTargetGroups(null);
-    }
-}
-

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/test/BcAttrCertTest.java b/bcpkix/src/main/java/org/bouncycastle/cert/test/BcAttrCertTest.java
deleted file mode 100644
index e4ca215..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/test/BcAttrCertTest.java
+++ /dev/null

@@ -1,636 +0,0 @@
-package org.bouncycastle.cert.test;
-
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Date;
-import java.util.List;
-import java.util.Set;
-
-import junit.framework.TestCase;
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1String;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x500.style.RFC4519Style;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.Attribute;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.GeneralNames;
-import org.bouncycastle.cert.AttributeCertificateHolder;
-import org.bouncycastle.cert.AttributeCertificateIssuer;
-import org.bouncycastle.cert.X509AttributeCertificateHolder;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.X509v2AttributeCertificateBuilder;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
-import org.bouncycastle.operator.ContentSigner;
-import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
-import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
-import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder;
-import org.bouncycastle.operator.bc.BcRSAContentVerifierProviderBuilder;
-import org.bouncycastle.util.CollectionStore;
-import org.bouncycastle.util.Store;
-import org.bouncycastle.util.encoders.Base64;
-
-public class BcAttrCertTest
-    extends TestCase
-{
-    DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder();
-    DefaultDigestAlgorithmIdentifierFinder digAlgFinder = new DefaultDigestAlgorithmIdentifierFinder();
-
-    private static final AsymmetricKeyParameter RSA_PRIVATE_KEY_SPEC = new RSAPrivateCrtKeyParameters(
-                new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-                new BigInteger("11", 16),
-                new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
-                new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
-                new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
-                new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
-                new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
-                new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));
-
-    public static byte[]  attrCert = Base64.decode(
-        "MIIHQDCCBqkCAQEwgZChgY2kgYowgYcxHDAaBgkqhkiG9w0BCQEWDW1sb3JjaEB2"
-            + "dC5lZHUxHjAcBgNVBAMTFU1hcmt1cyBMb3JjaCAobWxvcmNoKTEbMBkGA1UECxMS"
-            + "VmlyZ2luaWEgVGVjaCBVc2VyMRAwDgYDVQQLEwdDbGFzcyAyMQswCQYDVQQKEwJ2"
-            + "dDELMAkGA1UEBhMCVVMwgYmkgYYwgYMxGzAZBgkqhkiG9w0BCQEWDHNzaGFoQHZ0"
-            + "LmVkdTEbMBkGA1UEAxMSU3VtaXQgU2hhaCAoc3NoYWgpMRswGQYDVQQLExJWaXJn"
-            + "aW5pYSBUZWNoIFVzZXIxEDAOBgNVBAsTB0NsYXNzIDExCzAJBgNVBAoTAnZ0MQsw"
-            + "CQYDVQQGEwJVUzANBgkqhkiG9w0BAQQFAAIBBTAiGA8yMDAzMDcxODE2MDgwMloY"
-            + "DzIwMDMwNzI1MTYwODAyWjCCBU0wggVJBgorBgEEAbRoCAEBMYIFORaCBTU8UnVs"
-            + "ZSBSdWxlSWQ9IkZpbGUtUHJpdmlsZWdlLVJ1bGUiIEVmZmVjdD0iUGVybWl0Ij4K"
-            + "IDxUYXJnZXQ+CiAgPFN1YmplY3RzPgogICA8U3ViamVjdD4KICAgIDxTdWJqZWN0"
-            + "TWF0Y2ggTWF0Y2hJZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjEuMDpmdW5j"
-            + "dGlvbjpzdHJpbmctZXF1YWwiPgogICAgIDxBdHRyaWJ1dGVWYWx1ZSBEYXRhVHlw"
-            + "ZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjc3RyaW5nIj4KICAg"
-            + "ICAgIENOPU1hcmt1cyBMb3JjaDwvQXR0cmlidXRlVmFsdWU+CiAgICAgPFN1Ympl"
-            + "Y3RBdHRyaWJ1dGVEZXNpZ25hdG9yIEF0dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFt"
-            + "ZXM6dGM6eGFjbWw6MS4wOnN1YmplY3Q6c3ViamVjdC1pZCIgRGF0YVR5cGU9Imh0"
-            + "dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hI3N0cmluZyIgLz4gCiAgICA8"
-            + "L1N1YmplY3RNYXRjaD4KICAgPC9TdWJqZWN0PgogIDwvU3ViamVjdHM+CiAgPFJl"
-            + "c291cmNlcz4KICAgPFJlc291cmNlPgogICAgPFJlc291cmNlTWF0Y2ggTWF0Y2hJ"
-            + "ZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjEuMDpmdW5jdGlvbjpzdHJpbmct"
-            + "ZXF1YWwiPgogICAgIDxBdHRyaWJ1dGVWYWx1ZSBEYXRhVHlwZT0iaHR0cDovL3d3"
-            + "dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjYW55VVJJIj4KICAgICAgaHR0cDovL3p1"
-            + "bmkuY3MudnQuZWR1PC9BdHRyaWJ1dGVWYWx1ZT4KICAgICA8UmVzb3VyY2VBdHRy"
-            + "aWJ1dGVEZXNpZ25hdG9yIEF0dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFtZXM6dGM6"
-            + "eGFjbWw6MS4wOnJlc291cmNlOnJlc291cmNlLWlkIiBEYXRhVHlwZT0iaHR0cDov"
-            + "L3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjYW55VVJJIiAvPiAKICAgIDwvUmVz"
-            + "b3VyY2VNYXRjaD4KICAgPC9SZXNvdXJjZT4KICA8L1Jlc291cmNlcz4KICA8QWN0"
-            + "aW9ucz4KICAgPEFjdGlvbj4KICAgIDxBY3Rpb25NYXRjaCBNYXRjaElkPSJ1cm46"
-            + "b2FzaXM6bmFtZXM6dGM6eGFjbWw6MS4wOmZ1bmN0aW9uOnN0cmluZy1lcXVhbCI+"
-            + "CiAgICAgPEF0dHJpYnV0ZVZhbHVlIERhdGFUeXBlPSJodHRwOi8vd3d3LnczLm9y"
-            + "Zy8yMDAxL1hNTFNjaGVtYSNzdHJpbmciPgpEZWxlZ2F0ZSBBY2Nlc3MgICAgIDwv"
-            + "QXR0cmlidXRlVmFsdWU+CgkgIDxBY3Rpb25BdHRyaWJ1dGVEZXNpZ25hdG9yIEF0"
-            + "dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFtZXM6dGM6eGFjbWw6MS4wOmFjdGlvbjph"
-            + "Y3Rpb24taWQiIERhdGFUeXBlPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNj"
-            + "aGVtYSNzdHJpbmciIC8+IAogICAgPC9BY3Rpb25NYXRjaD4KICAgPC9BY3Rpb24+"
-            + "CiAgPC9BY3Rpb25zPgogPC9UYXJnZXQ+CjwvUnVsZT4KMA0GCSqGSIb3DQEBBAUA"
-            + "A4GBAGiJSM48XsY90HlYxGmGVSmNR6ZW2As+bot3KAfiCIkUIOAqhcphBS23egTr"
-            + "6asYwy151HshbPNYz+Cgeqs45KkVzh7bL/0e1r8sDVIaaGIkjHK3CqBABnfSayr3"
-            + "Rd1yBoDdEv8Qb+3eEPH6ab9021AsLEnJ6LWTmybbOpMNZ3tv");
-
-    byte[]  signCert = Base64.decode(
-            "MIIGjTCCBXWgAwIBAgICAPswDQYJKoZIhvcNAQEEBQAwaTEdMBsGCSqGSIb3DQEJ"
-          + "ARYOaXJtaGVscEB2dC5lZHUxLjAsBgNVBAMTJVZpcmdpbmlhIFRlY2ggQ2VydGlm"
-          + "aWNhdGlvbiBBdXRob3JpdHkxCzAJBgNVBAoTAnZ0MQswCQYDVQQGEwJVUzAeFw0w"
-          + "MzAxMzExMzUyMTRaFw0wNDAxMzExMzUyMTRaMIGDMRswGQYJKoZIhvcNAQkBFgxz"
-          + "c2hhaEB2dC5lZHUxGzAZBgNVBAMTElN1bWl0IFNoYWggKHNzaGFoKTEbMBkGA1UE"
-          + "CxMSVmlyZ2luaWEgVGVjaCBVc2VyMRAwDgYDVQQLEwdDbGFzcyAxMQswCQYDVQQK"
-          + "EwJ2dDELMAkGA1UEBhMCVVMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAPDc"
-          + "scgSKmsEp0VegFkuitD5j5PUkDuzLjlfaYONt2SN8WeqU4j2qtlCnsipa128cyKS"
-          + "JzYe9duUdNxquh5BPIkMkHBw4jHoQA33tk0J/sydWdN74/AHPpPieK5GHwhU7GTG"
-          + "rCCS1PJRxjXqse79ExAlul+gjQwHeldAC+d4A6oZAgMBAAGjggOmMIIDojAMBgNV"
-          + "HRMBAf8EAjAAMBEGCWCGSAGG+EIBAQQEAwIFoDAOBgNVHQ8BAf8EBAMCA/gwHQYD"
-          + "VR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMB0GA1UdDgQWBBRUIoWAzlXbzBYE"
-          + "yVTjQFWyMMKo1jCBkwYDVR0jBIGLMIGIgBTgc3Fm+TGqKDhen+oKfbl+xVbj2KFt"
-          + "pGswaTEdMBsGCSqGSIb3DQEJARYOaXJtaGVscEB2dC5lZHUxLjAsBgNVBAMTJVZp"
-          + "cmdpbmlhIFRlY2ggQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxCzAJBgNVBAoTAnZ0"
-          + "MQswCQYDVQQGEwJVU4IBADCBiwYJYIZIAYb4QgENBH4WfFZpcmdpbmlhIFRlY2gg"
-          + "Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgZGlnaXRhbCBjZXJ0aWZpY2F0ZXMgYXJl"
-          + "IHN1YmplY3QgdG8gcG9saWNpZXMgbG9jYXRlZCBhdCBodHRwOi8vd3d3LnBraS52"
-          + "dC5lZHUvY2EvY3BzLy4wFwYDVR0RBBAwDoEMc3NoYWhAdnQuZWR1MBkGA1UdEgQS"
-          + "MBCBDmlybWhlbHBAdnQuZWR1MEMGCCsGAQUFBwEBBDcwNTAzBggrBgEFBQcwAoYn"
-          + "aHR0cDovL2JveDE3Ny5jYy52dC5lZHUvY2EvaXNzdWVycy5odG1sMEQGA1UdHwQ9"
-          + "MDswOaA3oDWGM2h0dHA6Ly9ib3gxNzcuY2MudnQuZWR1L2h0ZG9jcy1wdWJsaWMv"
-          + "Y3JsL2NhY3JsLmNybDBUBgNVHSAETTBLMA0GCysGAQQBtGgFAQEBMDoGCysGAQQB"
-          + "tGgFAQEBMCswKQYIKwYBBQUHAgEWHWh0dHA6Ly93d3cucGtpLnZ0LmVkdS9jYS9j"
-          + "cHMvMD8GCWCGSAGG+EIBBAQyFjBodHRwOi8vYm94MTc3LmNjLnZ0LmVkdS9jZ2kt"
-          + "cHVibGljL2NoZWNrX3Jldl9jYT8wPAYJYIZIAYb4QgEDBC8WLWh0dHA6Ly9ib3gx"
-          + "NzcuY2MudnQuZWR1L2NnaS1wdWJsaWMvY2hlY2tfcmV2PzBLBglghkgBhvhCAQcE"
-          + "PhY8aHR0cHM6Ly9ib3gxNzcuY2MudnQuZWR1L35PcGVuQ0E4LjAxMDYzMC9jZ2kt"
-          + "cHVibGljL3JlbmV3YWw/MCwGCWCGSAGG+EIBCAQfFh1odHRwOi8vd3d3LnBraS52"
-          + "dC5lZHUvY2EvY3BzLzANBgkqhkiG9w0BAQQFAAOCAQEAHJ2ls9yjpZVcu5DqiE67"
-          + "r7BfkdMnm7IOj2v8cd4EAlPp6OPBmjwDMwvKRBb/P733kLBqFNWXWKTpT008R0KB"
-          + "8kehbx4h0UPz9vp31zhGv169+5iReQUUQSIwTGNWGLzrT8kPdvxiSAvdAJxcbRBm"
-          + "KzDic5I8PoGe48kSCkPpT1oNmnivmcu5j1SMvlx0IS2BkFMksr0OHiAW1elSnE/N"
-          + "RuX2k73b3FucwVxB3NRo3vgoHPCTnh9r4qItAHdxFlF+pPtbw2oHESKRfMRfOIHz"
-          + "CLQWSIa6Tvg4NIV3RRJ0sbCObesyg08lymalQMdkXwtRn5eGE00SHWwEUjSXP2gR"
-          + "3g==");
-
-    static byte[] certWithBaseCertificateID = Base64.decode(
-            "MIIBqzCCARQCAQEwSKBGMD6kPDA6MQswCQYDVQQGEwJJVDEOMAwGA1UEChMFVU5JVE4xDDAKBgNV"
-          + "BAsTA0RJVDENMAsGA1UEAxMEcm9vdAIEAVMVjqB6MHikdjB0MQswCQYDVQQGEwJBVTEoMCYGA1UE"
-          + "ChMfVGhlIExlZ2lvbiBvZiB0aGUgQm91bmN5IENhc3RsZTEjMCEGA1UECxMaQm91bmN5IFByaW1h"
-          + "cnkgQ2VydGlmaWNhdGUxFjAUBgNVBAMTDUJvdW5jeSBDYXN0bGUwDQYJKoZIhvcNAQEFBQACBQKW"
-          + "RhnHMCIYDzIwMDUxMjEyMTIwMDQyWhgPMjAwNTEyMTkxMjAxMzJaMA8wDQYDVRhIMQaBBGVWSVAw"
-          + "DQYJKoZIhvcNAQEFBQADgYEAUAVin9StDaA+InxtXq/av6rUQLI9p1X6louBcj4kYJnxRvTrHpsr"
-          + "N3+i9Uq/uk5lRdAqmPFvcmSbuE3TRAsjrXON5uFiBBKZ1AouLqcr8nHbwcdwjJ9TyUNO9I4hfpSH"
-          + "UHHXMtBKgp4MOkhhX8xTGyWg3hp23d3GaUeg/IYlXBI=");
-    
-    byte[] holderCertWithBaseCertificateID = Base64.decode(
-            "MIIBwDCCASmgAwIBAgIEAVMVjjANBgkqhkiG9w0BAQUFADA6MQswCQYDVQQGEwJJVDEOMAwGA1UE"
-          + "ChMFVU5JVE4xDDAKBgNVBAsTA0RJVDENMAsGA1UEAxMEcm9vdDAeFw0wNTExMTExMjAxMzJaFw0w"
-          + "NjA2MTYxMjAxMzJaMD4xCzAJBgNVBAYTAklUMQ4wDAYDVQQKEwVVTklUTjEMMAoGA1UECxMDRElU"
-          + "MREwDwYDVQQDEwhMdWNhQm9yejBaMA0GCSqGSIb3DQEBAQUAA0kAMEYCQQC0p+RhcFdPFqlwgrIr"
-          + "5YtqKmKXmEGb4ShypL26Ymz66ZAPdqv7EhOdzl3lZWT6srZUMWWgQMYGiHQg4z2R7X7XAgERoxUw"
-          + "EzARBglghkgBhvhCAQEEBAMCBDAwDQYJKoZIhvcNAQEFBQADgYEAsX50VPQQCWmHvPq9y9DeCpmS"
-          + "4szcpFAhpZyn6gYRwY9CRZVtmZKH8713XhkGDWcIEMcG0u3oTz3tdKgPU5uyIPrDEWr6w8ClUj4x"
-          + "5aVz5c2223+dVY7KES//JSB2bE/KCIchN3kAioQ4K8O3e0OL6oDVjsqKGw5bfahgKuSIk/Q=");
-
-    
-    public String getName()
-    {
-        return "AttrCertTest";
-    }
-
-    public void testCertWithBaseCertificateID()
-        throws Exception
-    {
-        X509AttributeCertificateHolder attrCert = new X509AttributeCertificateHolder(certWithBaseCertificateID);
-        X509CertificateHolder cert = new X509CertificateHolder(holderCertWithBaseCertificateID);
-        
-        AttributeCertificateHolder holder = attrCert.getHolder();
-        
-        if (holder.getEntityNames() != null)
-        {
-            fail("entity names set when none expected");
-        }
-        
-        if (!holder.getSerialNumber().equals(cert.getSerialNumber()))
-        {
-            fail("holder serial number doesn't match");
-        }
-
-        if (!holder.getIssuer()[0].equals(cert.getIssuer()))
-        {
-            fail("holder issuer doesn't match");
-        }
-        
-        if (!holder.match(cert))
-        {
-            fail("holder not matching holder certificate");
-        }
-
-        if (!holder.equals(holder.clone()))
-        {
-            fail("holder clone test failed");
-        }
-
-        if (!attrCert.getIssuer().equals(attrCert.getIssuer().clone()))
-        {
-            fail("issuer clone test failed");
-        }
-        
-        //equalityAndHashCodeTest(attrCert, certWithBaseCertificateID);
-    }
-
-    private void equalityAndHashCodeTest(X509AttributeCertificateHolder attrCert, byte[] encoding)
-        throws IOException
-    {
-        if (!attrCert.equals(attrCert))
-        {
-            fail("same certificate not equal");
-        }
-
-        if (!attrCert.getHolder().equals(attrCert.getHolder()))
-        {
-            fail("same holder not equal");
-        }
-
-        if (!attrCert.getIssuer().equals(attrCert.getIssuer()))
-        {
-            fail("same issuer not equal");
-        }
-
-        if (attrCert.getHolder().equals(attrCert.getIssuer()))
-        {
-            fail("wrong holder equal");
-        }
-
-        if (attrCert.getIssuer().equals(attrCert.getHolder()))
-        {
-            fail("wrong issuer equal");
-        }
-
-        X509AttributeCertificateHolder attrCert2 = new X509AttributeCertificateHolder(encoding);
-
-        if (attrCert2.getHolder().hashCode() != attrCert.getHolder().hashCode())
-        {
-            fail("holder hashCode test failed");
-        }
-
-        if (!attrCert2.getHolder().equals(attrCert.getHolder()))
-        {
-            fail("holder equals test failed");
-        }
-
-        if (attrCert2.getIssuer().hashCode() != attrCert.getIssuer().hashCode())
-        {
-            fail("issuer hashCode test failed");
-        }
-
-        if (!attrCert2.getIssuer().equals(attrCert.getIssuer()))
-        {
-            fail("issuer equals test failed");
-        }
-    }
-
-    public void testGenerateWithCert()
-        throws Exception
-    {
-        X509CertificateHolder       iCert = new X509CertificateHolder(signCert);
-        
-        //
-        // a sample key pair.
-        //
-        AsymmetricKeyParameter pubKey = new RSAKeyParameters(
-            false,
-            new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-            new BigInteger("11", 16));
-
-        //
-        // set up the keys
-        //
-        AsymmetricKeyParameter          privKey = RSA_PRIVATE_KEY_SPEC;
-
-        X509v2AttributeCertificateBuilder gen = new X509v2AttributeCertificateBuilder(
-            new AttributeCertificateHolder(iCert),
-            new AttributeCertificateIssuer(new X500Name("cn=test")),
-            BigInteger.ONE,
-            new Date(System.currentTimeMillis() - 50000),
-            new Date(System.currentTimeMillis() + 50000));
-
-        // the actual attributes
-        GeneralName roleName = new GeneralName(GeneralName.rfc822Name, "DAU123456789");
-        ASN1EncodableVector roleSyntax = new ASN1EncodableVector();
-        roleSyntax.add(roleName);
-
-        // roleSyntax OID: 2.5.24.72;
-
-        gen.addAttribute(new ASN1ObjectIdentifier("2.5.24.72"), new DERSequence(roleSyntax));
-
-        AlgorithmIdentifier sigAlg = sigAlgFinder.find("SHA1withRSA");
-        AlgorithmIdentifier digAlg = digAlgFinder.find(sigAlg);
-
-        ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlg, digAlg).build(privKey);
-
-        X509AttributeCertificateHolder aCert = gen.build(sigGen);
-        
-        if (!aCert.isValidOn(new Date()))
-        {
-            fail("certificate invalid");
-        }
-        
-        if (!aCert.isSignatureValid(new BcRSAContentVerifierProviderBuilder(digAlgFinder).build(pubKey)))
-        {
-            fail("certificate signature not valid");
-        }
-        
-        AttributeCertificateHolder holder = aCert.getHolder();
-        
-        if (holder.getEntityNames() != null)
-        {
-            fail("entity names set when none expected");
-        }
-        
-        if (!holder.getSerialNumber().equals(iCert.getSerialNumber()))
-        {
-            fail("holder serial number doesn't match");
-        }
-
-        if (!holder.getIssuer()[0].equals(iCert.getIssuer()))
-        {
-            fail("holder issuer doesn't match");
-        }
-        
-        if (!holder.match(iCert))
-        {
-            fail("generated holder not matching holder certificate");
-        }
-        
-        Attribute[] attrs = aCert.getAttributes(new ASN1ObjectIdentifier("2.5.24.72"));
-        
-        if (attrs == null)
-        {
-            fail("attributes related to 2.5.24.72 not found");
-        }
-        
-        Attribute attr = attrs[0];
-        
-        if (!attr.getAttrType().getId().equals("2.5.24.72"))
-        {
-            fail("attribute oid mismatch");
-        }
-        
-        ASN1Encodable[] values = attr.getAttrValues().toArray();
-        
-        GeneralName role = GeneralNames.getInstance(values[0]).getNames()[0];
-        
-        if (role.getTagNo() != GeneralName.rfc822Name)
-        {
-            fail("wrong general name type found in role");
-        }
-        
-        if (!((ASN1String)role.getName()).getString().equals("DAU123456789"))
-        {
-            fail("wrong general name value found in role");
-        }
-        
-        X509CertificateHolder             sCert = new X509CertificateHolder(holderCertWithBaseCertificateID);
-        
-        if (holder.match(sCert))
-        {
-            fail("generated holder matching wrong certificate");
-        }
-
-        equalityAndHashCodeTest(aCert, aCert.getEncoded());
-    }
-    
-    public void testGenerateWithPrincipal()
-        throws Exception
-    {
-        X509CertificateHolder iCert = new X509CertificateHolder(signCert);
-        
-        //
-        // a sample key pair.
-        //
-        RSAKeyParameters pubKey = new RSAKeyParameters(
-            false,
-            new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-            new BigInteger("11", 16));
-    
-        //
-        // set up the keys
-        //
-        AsymmetricKeyParameter          privKey = RSA_PRIVATE_KEY_SPEC;
-
-        X509v2AttributeCertificateBuilder gen = new X509v2AttributeCertificateBuilder(
-            new AttributeCertificateHolder(iCert.getSubject()),
-            new AttributeCertificateIssuer(new X500Name("cn=test")),
-            BigInteger.ONE,
-            new Date(System.currentTimeMillis() - 50000),
-            new Date(System.currentTimeMillis() + 50000));
-        
-        // the actual attributes
-        GeneralName roleName = new GeneralName(GeneralName.rfc822Name, "DAU123456789");
-        ASN1EncodableVector roleSyntax = new ASN1EncodableVector();
-        roleSyntax.add(roleName);
-    
-        // roleSyntax OID: 2.5.24.72
-    
-        gen.addAttribute(new ASN1ObjectIdentifier("2.5.24.72"), new DERSequence(roleSyntax));
-
-        AlgorithmIdentifier sigAlg = sigAlgFinder.find("SHA1withRSA");
-        AlgorithmIdentifier digAlg = digAlgFinder.find(sigAlg);
-
-        ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlg, digAlg).build(privKey);
-        X509AttributeCertificateHolder aCert = gen.build(sigGen);
-        
-        if (!aCert.isValidOn(new Date()))
-        {
-            fail("certificate invalid");
-        }
-        
-        if (!aCert.isSignatureValid(new BcRSAContentVerifierProviderBuilder(digAlgFinder).build(pubKey)))
-        {
-            fail("certificate signature not valid");
-        }
-        
-        AttributeCertificateHolder holder = aCert.getHolder();
-        
-        if (holder.getEntityNames() == null)
-        {
-            fail("entity names not set when expected");
-        }
-        
-        if (holder.getSerialNumber() != null)
-        {
-            fail("holder serial number found when none expected");
-        }
-    
-        if (holder.getIssuer() != null)
-        {
-            fail("holder issuer found when none expected");
-        }
-        
-        if (!holder.match(iCert))
-        {
-            fail("generated holder not matching holder certificate");
-        }
-        
-        X509CertificateHolder            sCert = new X509CertificateHolder(holderCertWithBaseCertificateID);
-        
-        if (holder.match(sCert))
-        {
-            fail("principal generated holder matching wrong certificate");
-        }
-
-        equalityAndHashCodeTest(aCert, aCert.getEncoded());
-    }
-    
-    public void testFully()
-        throws Exception
-    {
-        X509AttributeCertificateHolder    aCert = new X509AttributeCertificateHolder(attrCert);
-        X509CertificateHolder             sCert = new X509CertificateHolder(signCert);
-        
-        if (!aCert.isSignatureValid(new BcRSAContentVerifierProviderBuilder(digAlgFinder).build(sCert)))
-        {
-            fail("certificate signature not valid");
-        }
-
-        //
-        // search test
-        //
-        
-        List list = new ArrayList();
-        
-        list.add(sCert);
-
-        Store store = new CollectionStore(list);
-        
-        Collection certs = store.getMatches(aCert.getIssuer());
-        if (certs.size() != 1 || !certs.contains(sCert))
-        {
-            fail("sCert not found by issuer");
-        }
-        
-        Attribute[] attrs = aCert.getAttributes(new ASN1ObjectIdentifier("1.3.6.1.4.1.6760.8.1.1"));
-        if (attrs == null || attrs.length != 1)
-        {
-            fail("attribute not found");
-        }
-
-        //
-        // reencode test
-        //
-        aCert = new X509AttributeCertificateHolder(aCert.getEncoded());
-        
-        if (!aCert.isSignatureValid(new BcRSAContentVerifierProviderBuilder(digAlgFinder).build(sCert)))
-        {
-            fail("certificate signature not valid");
-        }
-
-        X509AttributeCertificateHolder saCert = new X509AttributeCertificateHolder(aCert.getEncoded());
-        
-        if (!aCert.getNotAfter().equals(saCert.getNotAfter()))
-        {
-            fail("failed date comparison");
-        }
-        
-        // base generator test
-        
-        //
-        // a sample key pair.
-        //
-        AsymmetricKeyParameter pubKey = new RSAKeyParameters(
-            false,
-            new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-            new BigInteger("11", 16));
-
-        AsymmetricKeyParameter privKey = RSA_PRIVATE_KEY_SPEC;
-
-        X509v2AttributeCertificateBuilder gen = new X509v2AttributeCertificateBuilder(
-            aCert.getHolder(),
-            aCert.getIssuer(),
-            aCert.getSerialNumber(),
-            new Date(System.currentTimeMillis() - 50000),
-            new Date(System.currentTimeMillis() + 50000));
-
-        gen.addAttribute(attrs[0].getAttrType(), attrs[0].getAttributeValues());
-
-        AlgorithmIdentifier sigAlg = sigAlgFinder.find("SHA1withRSA");
-        AlgorithmIdentifier digAlg = digAlgFinder.find(sigAlg);
-
-        ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlg, digAlg).build(privKey);
-        aCert = gen.build(sigGen);
-        
-        if (!aCert.isValidOn(new Date()))
-        {
-            fail("certificate not valid");
-        }
-        
-        if (!aCert.isSignatureValid(new BcRSAContentVerifierProviderBuilder(digAlgFinder).build(pubKey)))
-        {
-            fail("signature not valid");
-        }
-        
-        // as the issuer is the same this should still work (even though it is not
-        // technically correct
-        
-        certs = store.getMatches(aCert.getIssuer());
-        if (certs.size() != 1 || !certs.contains(sCert))
-        {
-            fail("sCert not found by issuer");
-        }
-        
-        attrs = aCert.getAttributes(new ASN1ObjectIdentifier("1.3.6.1.4.1.6760.8.1.1"));
-        if (attrs == null || attrs.length != 1)
-        {
-            fail("attribute not found");
-        }
-        
-        //
-        // reencode test
-        //
-        aCert = new X509AttributeCertificateHolder(aCert.getEncoded());
-        
-        if (!aCert.isSignatureValid(new BcRSAContentVerifierProviderBuilder(digAlgFinder).build(pubKey)))
-        {
-            fail("signature not valid");
-        }
-        
-        AttributeCertificateIssuer  issuer = aCert.getIssuer();
-        
-        X500Name[] principals = issuer.getNames();
-        
-        //
-        // test holder
-        //
-        AttributeCertificateHolder holder = aCert.getHolder();
-        
-        if (holder.getEntityNames() == null)
-        {
-            fail("entity names not set");
-        }
-        
-        if (holder.getSerialNumber() != null)
-        {
-            fail("holder serial number set when none expected");
-        }
-
-        if (holder.getIssuer() != null)
-        {
-            fail("holder issuer set when none expected");
-        }
-        
-        principals = holder.getEntityNames();
-
-        X500Name principal0 = X500Name.getInstance(RFC4519Style.INSTANCE, principals[0]);
-        if (!principal0.toString().equals("c=US,o=vt,ou=Class 2,ou=Virginia Tech User,cn=Markus Lorch (mlorch),1.2.840.113549.1.9.1=mlorch@vt.edu"))
-        {
-            System.err.println(principal0.toString());
-            fail("principal[0] for entity names don't match");
-        }
-
-        //
-        // extension test
-        //
-        
-        if (aCert.hasExtensions())
-        {
-            fail("hasExtensions true with no extensions");
-        }
-        
-        gen.addExtension(new ASN1ObjectIdentifier("1.1"), true, new DEROctetString(new byte[10]));
-        
-        gen.addExtension(new ASN1ObjectIdentifier("2.2"), false, new DEROctetString(new byte[20]));
-        
-        aCert = gen.build(sigGen);
-        
-        Set exts = aCert.getCriticalExtensionOIDs();
-        
-        if (exts.size() != 1 || !exts.contains(new ASN1ObjectIdentifier("1.1")))
-        {
-            fail("critical extension test failed");
-        }
-
-        exts = aCert.getNonCriticalExtensionOIDs();
-        
-        if (exts.size() != 1 || !exts.contains(new ASN1ObjectIdentifier("2.2")))
-        {
-            fail("non-critical extension test failed");
-        }
-        
-        if (aCert.getCriticalExtensionOIDs().isEmpty())
-        {
-            fail("critical extensions not found");
-        }
-        
-        Extension ext = aCert.getExtension(new ASN1ObjectIdentifier("1.1"));
-        ASN1Encodable extValue = ext.getParsedValue();
-        
-        if (!extValue.equals(new DEROctetString(new byte[10])))
-        {
-            fail("wrong extension value found for 1.1");
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/test/BcCertTest.java b/bcpkix/src/main/java/org/bouncycastle/cert/test/BcCertTest.java
deleted file mode 100644
index e289fd0..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/test/BcCertTest.java
+++ /dev/null

@@ -1,1513 +0,0 @@
-package org.bouncycastle.cert.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.UnsupportedEncodingException;
-import java.math.BigInteger;
-import java.security.SecureRandom;
-import java.security.cert.CRL;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509CRL;
-import java.security.cert.X509Certificate;
-import java.util.Collection;
-import java.util.Date;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Set;
-
-import junit.framework.TestCase;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Enumerated;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x500.X500NameBuilder;
-import org.bouncycastle.asn1.x500.style.RFC4519Style;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
-import org.bouncycastle.asn1.x509.CRLReason;
-import org.bouncycastle.asn1.x509.Certificate;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.Extensions;
-import org.bouncycastle.asn1.x509.ExtensionsGenerator;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.GeneralNames;
-import org.bouncycastle.asn1.x509.KeyPurposeId;
-import org.bouncycastle.asn1.x509.KeyUsage;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x9.ECNamedCurveTable;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-import org.bouncycastle.cert.CertException;
-import org.bouncycastle.cert.X509CRLEntryHolder;
-import org.bouncycastle.cert.X509CRLHolder;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.X509v1CertificateBuilder;
-import org.bouncycastle.cert.X509v2CRLBuilder;
-import org.bouncycastle.cert.X509v3CertificateBuilder;
-import org.bouncycastle.cert.bc.BcX509ExtensionUtils;
-import org.bouncycastle.cert.bc.BcX509v1CertificateBuilder;
-import org.bouncycastle.cert.bc.BcX509v3CertificateBuilder;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
-import org.bouncycastle.crypto.generators.DSAKeyPairGenerator;
-import org.bouncycastle.crypto.generators.DSAParametersGenerator;
-import org.bouncycastle.crypto.generators.RSAKeyPairGenerator;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.DSAKeyGenerationParameters;
-import org.bouncycastle.crypto.params.DSAParameters;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.RSAKeyGenerationParameters;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
-import org.bouncycastle.crypto.util.PublicKeyFactory;
-import org.bouncycastle.crypto.util.SubjectPublicKeyInfoFactory;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.operator.ContentSigner;
-import org.bouncycastle.operator.ContentVerifierProvider;
-import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
-import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.bc.BcDSAContentSignerBuilder;
-import org.bouncycastle.operator.bc.BcDSAContentVerifierProviderBuilder;
-import org.bouncycastle.operator.bc.BcECContentSignerBuilder;
-import org.bouncycastle.operator.bc.BcECContentVerifierProviderBuilder;
-import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder;
-import org.bouncycastle.operator.bc.BcRSAContentVerifierProviderBuilder;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-
-public class BcCertTest
-    extends TestCase
-{
-    DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder();
-    DefaultDigestAlgorithmIdentifierFinder digAlgFinder = new DefaultDigestAlgorithmIdentifierFinder();
-
-    //
-    // server.crt
-    //
-    byte[]  cert1 = Base64.decode(
-        "MIIDXjCCAsegAwIBAgIBBzANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx"
-            + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY"
-            + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB"
-            + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ"
-            + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU2MjFaFw0wMTA2"
-            + "MDIwNzU2MjFaMIG4MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW"
-            + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM"
-            + "dGQxFzAVBgNVBAsTDldlYnNlcnZlciBUZWFtMR0wGwYDVQQDExR3d3cyLmNvbm5l"
-            + "Y3Q0LmNvbS5hdTEoMCYGCSqGSIb3DQEJARYZd2VibWFzdGVyQGNvbm5lY3Q0LmNv"
-            + "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArvDxclKAhyv7Q/Wmr2re"
-            + "Gw4XL9Cnh9e+6VgWy2AWNy/MVeXdlxzd7QAuc1eOWQkGQEiLPy5XQtTY+sBUJ3AO"
-            + "Rvd2fEVJIcjf29ey7bYua9J/vz5MG2KYo9/WCHIwqD9mmG9g0xLcfwq/s8ZJBswE"
-            + "7sb85VU+h94PTvsWOsWuKaECAwEAAaN3MHUwJAYDVR0RBB0wG4EZd2VibWFzdGVy"
-            + "QGNvbm5lY3Q0LmNvbS5hdTA6BglghkgBhvhCAQ0ELRYrbW9kX3NzbCBnZW5lcmF0"
-            + "ZWQgY3VzdG9tIHNlcnZlciBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCBkAw"
-            + "DQYJKoZIhvcNAQEEBQADgYEAotccfKpwSsIxM1Hae8DR7M/Rw8dg/RqOWx45HNVL"
-            + "iBS4/3N/TO195yeQKbfmzbAA2jbPVvIvGgTxPgO1MP4ZgvgRhasaa0qCJCkWvpM4"
-            + "yQf33vOiYQbpv4rTwzU8AmRlBG45WdjyNIigGV+oRc61aKCTnLq7zB8N3z1TF/bF"
-            + "5/8=");
-
-    //
-    // ca.crt
-    //
-    byte[]  cert2 = Base64.decode(
-           "MIIDbDCCAtWgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx"
-         + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY"
-         + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB"
-         + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ"
-         + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU1MzNaFw0wMTA2"
-         + "MDIwNzU1MzNaMIG3MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW"
-         + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM"
-         + "dGQxHjAcBgNVBAsTFUNlcnRpZmljYXRlIEF1dGhvcml0eTEVMBMGA1UEAxMMQ29u"
-         + "bmVjdCA0IENBMSgwJgYJKoZIhvcNAQkBFhl3ZWJtYXN0ZXJAY29ubmVjdDQuY29t"
-         + "LmF1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgs5ptNG6Qv1ZpCDuUNGmv"
-         + "rhjqMDPd3ri8JzZNRiiFlBA4e6/ReaO1U8ASewDeQMH6i9R6degFdQRLngbuJP0s"
-         + "xcEE+SksEWNvygfzLwV9J/q+TQDyJYK52utb++lS0b48A1KPLwEsyL6kOAgelbur"
-         + "ukwxowprKUIV7Knf1ajetQIDAQABo4GFMIGCMCQGA1UdEQQdMBuBGXdlYm1hc3Rl"
-         + "ckBjb25uZWN0NC5jb20uYXUwDwYDVR0TBAgwBgEB/wIBADA2BglghkgBhvhCAQ0E"
-         + "KRYnbW9kX3NzbCBnZW5lcmF0ZWQgY3VzdG9tIENBIGNlcnRpZmljYXRlMBEGCWCG"
-         + "SAGG+EIBAQQEAwICBDANBgkqhkiG9w0BAQQFAAOBgQCsGvfdghH8pPhlwm1r3pQk"
-         + "msnLAVIBb01EhbXm2861iXZfWqGQjrGAaA0ZpXNk9oo110yxoqEoSJSzniZa7Xtz"
-         + "soTwNUpE0SLHvWf/SlKdFWlzXA+vOZbzEv4UmjeelekTm7lc01EEa5QRVzOxHFtQ"
-         + "DhkaJ8VqOMajkQFma2r9iA==");
-
-    //
-    // testx509.pem
-    //
-    byte[]  cert3 = Base64.decode(
-           "MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV"
-         + "BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz"
-         + "MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM"
-         + "RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF"
-         + "AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO"
-         + "/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE"
-         + "Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ"
-         + "zl9HYIMxATFyqSiD9jsx");
-
-    //
-    // v3-cert1.pem
-    //
-    byte[]  cert4 = Base64.decode(
-           "MIICjTCCAfigAwIBAgIEMaYgRzALBgkqhkiG9w0BAQQwRTELMAkGA1UEBhMCVVMx"
-         + "NjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlz"
-         + "dHJhdGlvbjAmFxE5NjA1MjgxMzQ5MDUrMDgwMBcROTgwNTI4MTM0OTA1KzA4MDAw"
-         + "ZzELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu"
-         + "ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEgMAkGA1UEBRMCMTYwEwYDVQQDEwxTdGV2"
-         + "ZSBTY2hvY2gwWDALBgkqhkiG9w0BAQEDSQAwRgJBALrAwyYdgxmzNP/ts0Uyf6Bp"
-         + "miJYktU/w4NG67ULaN4B5CnEz7k57s9o3YY3LecETgQ5iQHmkwlYDTL2fTgVfw0C"
-         + "AQOjgaswgagwZAYDVR0ZAQH/BFowWDBWMFQxCzAJBgNVBAYTAlVTMTYwNAYDVQQK"
-         + "Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x"
-         + "DTALBgNVBAMTBENSTDEwFwYDVR0BAQH/BA0wC4AJODMyOTcwODEwMBgGA1UdAgQR"
-         + "MA8ECTgzMjk3MDgyM4ACBSAwDQYDVR0KBAYwBAMCBkAwCwYJKoZIhvcNAQEEA4GB"
-         + "AH2y1VCEw/A4zaXzSYZJTTUi3uawbbFiS2yxHvgf28+8Js0OHXk1H1w2d6qOHH21"
-         + "X82tZXd/0JtG0g1T9usFFBDvYK8O0ebgz/P5ELJnBL2+atObEuJy1ZZ0pBDWINR3"
-         + "WkDNLCGiTkCKp0F5EWIrVDwh54NNevkCQRZita+z4IBO");
-
-    //
-    // v3-cert2.pem
-    //
-    byte[]  cert5 = Base64.decode(
-           "MIICiTCCAfKgAwIBAgIEMeZfHzANBgkqhkiG9w0BAQQFADB9MQswCQYDVQQGEwJD"
-         + "YTEPMA0GA1UEBxMGTmVwZWFuMR4wHAYDVQQLExVObyBMaWFiaWxpdHkgQWNjZXB0"
-         + "ZWQxHzAdBgNVBAoTFkZvciBEZW1vIFB1cnBvc2VzIE9ubHkxHDAaBgNVBAMTE0Vu"
-         + "dHJ1c3QgRGVtbyBXZWIgQ0EwHhcNOTYwNzEyMTQyMDE1WhcNOTYxMDEyMTQyMDE1"
-         + "WjB0MSQwIgYJKoZIhvcNAQkBExVjb29rZUBpc3NsLmF0bC5ocC5jb20xCzAJBgNV"
-         + "BAYTAlVTMScwJQYDVQQLEx5IZXdsZXR0IFBhY2thcmQgQ29tcGFueSAoSVNTTCkx"
-         + "FjAUBgNVBAMTDVBhdWwgQS4gQ29va2UwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA"
-         + "6ceSq9a9AU6g+zBwaL/yVmW1/9EE8s5you1mgjHnj0wAILuoB3L6rm6jmFRy7QZT"
-         + "G43IhVZdDua4e+5/n1ZslwIDAQABo2MwYTARBglghkgBhvhCAQEEBAMCB4AwTAYJ"
-         + "YIZIAYb4QgENBD8WPVRoaXMgY2VydGlmaWNhdGUgaXMgb25seSBpbnRlbmRlZCBm"
-         + "b3IgZGVtb25zdHJhdGlvbiBwdXJwb3Nlcy4wDQYJKoZIhvcNAQEEBQADgYEAi8qc"
-         + "F3zfFqy1sV8NhjwLVwOKuSfhR/Z8mbIEUeSTlnH3QbYt3HWZQ+vXI8mvtZoBc2Fz"
-         + "lexKeIkAZXCesqGbs6z6nCt16P6tmdfbZF3I3AWzLquPcOXjPf4HgstkyvVBn0Ap"
-         + "jAFN418KF/Cx4qyHB4cjdvLrRjjQLnb2+ibo7QU=");
-
-    //
-    // pem encoded pkcs7
-    //
-    byte[]  cert6 = Base64.decode(
-          "MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIJbzCCAj0w"
-        + "ggGmAhEAzbp/VvDf5LxU/iKss3KqVTANBgkqhkiG9w0BAQIFADBfMQswCQYDVQQGEwJVUzEXMBUG"
-        + "A1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVibGljIFByaW1hcnkgQ2Vy"
-        + "dGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNOTYwMTI5MDAwMDAwWhcNMjgwODAxMjM1OTU5WjBfMQsw"
-        + "CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVi"
-        + "bGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwgZ8wDQYJKoZIhvcNAQEBBQADgY0A"
-        + "MIGJAoGBAOUZv22jVmEtmUhx9mfeuY3rt56GgAqRDvo4Ja9GiILlc6igmyRdDR/MZW4MsNBWhBiH"
-        + "mgabEKFz37RYOWtuwfYV1aioP6oSBo0xrH+wNNePNGeICc0UEeJORVZpH3gCgNrcR5EpuzbJY1zF"
-        + "4Ncth3uhtzKwezC6Ki8xqu6jZ9rbAgMBAAEwDQYJKoZIhvcNAQECBQADgYEATD+4i8Zo3+5DMw5d"
-        + "6abLB4RNejP/khv0Nq3YlSI2aBFsfELM85wuxAc/FLAPT/+Qknb54rxK6Y/NoIAK98Up8YIiXbix"
-        + "3YEjo3slFUYweRb46gVLlH8dwhzI47f0EEA8E8NfH1PoSOSGtHuhNbB7Jbq4046rPzidADQAmPPR"
-        + "cZQwggMuMIICl6ADAgECAhEA0nYujRQMPX2yqCVdr+4NdTANBgkqhkiG9w0BAQIFADBfMQswCQYD"
-        + "VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVibGlj"
-        + "IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNOTgwNTEyMDAwMDAwWhcNMDgwNTEy"
-        + "MjM1OTU5WjCBzDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRy"
-        + "dXN0IE5ldHdvcmsxRjBEBgNVBAsTPXd3dy52ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9SUEEgSW5j"
-        + "b3JwLiBCeSBSZWYuLExJQUIuTFREKGMpOTgxSDBGBgNVBAMTP1ZlcmlTaWduIENsYXNzIDEgQ0Eg"
-        + "SW5kaXZpZHVhbCBTdWJzY3JpYmVyLVBlcnNvbmEgTm90IFZhbGlkYXRlZDCBnzANBgkqhkiG9w0B"
-        + "AQEFAAOBjQAwgYkCgYEAu1pEigQWu1X9A3qKLZRPFXg2uA1Ksm+cVL+86HcqnbnwaLuV2TFBcHqB"
-        + "S7lIE1YtxwjhhEKrwKKSq0RcqkLwgg4C6S/7wju7vsknCl22sDZCM7VuVIhPh0q/Gdr5FegPh7Yc"
-        + "48zGmo5/aiSS4/zgZbqnsX7vyds3ashKyAkG5JkCAwEAAaN8MHowEQYJYIZIAYb4QgEBBAQDAgEG"
-        + "MEcGA1UdIARAMD4wPAYLYIZIAYb4RQEHAQEwLTArBggrBgEFBQcCARYfd3d3LnZlcmlzaWduLmNv"
-        + "bS9yZXBvc2l0b3J5L1JQQTAPBgNVHRMECDAGAQH/AgEAMAsGA1UdDwQEAwIBBjANBgkqhkiG9w0B"
-        + "AQIFAAOBgQCIuDc73dqUNwCtqp/hgQFxHpJqbS/28Z3TymQ43BuYDAeGW4UVag+5SYWklfEXfWe0"
-        + "fy0s3ZpCnsM+tI6q5QsG3vJWKvozx74Z11NMw73I4xe1pElCY+zCphcPXVgaSTyQXFWjZSAA/Rgg"
-        + "5V+CprGoksVYasGNAzzrw80FopCubjCCA/gwggNhoAMCAQICEBbbn/1G1zppD6KsP01bwywwDQYJ"
-        + "KoZIhvcNAQEEBQAwgcwxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2ln"
-        + "biBUcnVzdCBOZXR3b3JrMUYwRAYDVQQLEz13d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvUlBB"
-        + "IEluY29ycC4gQnkgUmVmLixMSUFCLkxURChjKTk4MUgwRgYDVQQDEz9WZXJpU2lnbiBDbGFzcyAx"
-        + "IENBIEluZGl2aWR1YWwgU3Vic2NyaWJlci1QZXJzb25hIE5vdCBWYWxpZGF0ZWQwHhcNMDAxMDAy"
-        + "MDAwMDAwWhcNMDAxMjAxMjM1OTU5WjCCAQcxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYD"
-        + "VQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMUYwRAYDVQQLEz13d3cudmVyaXNpZ24uY29tL3Jl"
-        + "cG9zaXRvcnkvUlBBIEluY29ycC4gYnkgUmVmLixMSUFCLkxURChjKTk4MR4wHAYDVQQLExVQZXJz"
-        + "b25hIE5vdCBWYWxpZGF0ZWQxJzAlBgNVBAsTHkRpZ2l0YWwgSUQgQ2xhc3MgMSAtIE1pY3Jvc29m"
-        + "dDETMBEGA1UEAxQKRGF2aWQgUnlhbjElMCMGCSqGSIb3DQEJARYWZGF2aWRAbGl2ZW1lZGlhLmNv"
-        + "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqxBsdeNmSvFqhMNwhQgNzM8mdjX9eSXb"
-        + "DawpHtQHjmh0AKJSa3IwUY0VIsyZHuXWktO/CgaMBVPt6OVf/n0R2sQigMP6Y+PhEiS0vCJBL9aK"
-        + "0+pOo2qXrjVBmq+XuCyPTnc+BOSrU26tJsX0P9BYorwySiEGxGanBNATdVL4NdUCAwEAAaOBnDCB"
-        + "mTAJBgNVHRMEAjAAMEQGA1UdIAQ9MDswOQYLYIZIAYb4RQEHAQgwKjAoBggrBgEFBQcCARYcaHR0"
-        + "cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYTARBglghkgBhvhCAQEEBAMCB4AwMwYDVR0fBCwwKjAo"
-        + "oCagJIYiaHR0cDovL2NybC52ZXJpc2lnbi5jb20vY2xhc3MxLmNybDANBgkqhkiG9w0BAQQFAAOB"
-        + "gQBC8yIIdVGpFTf8/YiL14cMzcmL0nIRm4kGR3U59z7UtcXlfNXXJ8MyaeI/BnXwG/gD5OKYqW6R"
-        + "yca9vZOxf1uoTBl82gInk865ED3Tej6msCqFzZffnSUQvOIeqLxxDlqYRQ6PmW2nAnZeyjcnbI5Y"
-        + "syQSM2fmo7n6qJFP+GbFezGCAkUwggJBAgEBMIHhMIHMMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5j"
-        + "LjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazFGMEQGA1UECxM9d3d3LnZlcmlzaWdu"
-        + "LmNvbS9yZXBvc2l0b3J5L1JQQSBJbmNvcnAuIEJ5IFJlZi4sTElBQi5MVEQoYyk5ODFIMEYGA1UE"
-        + "AxM/VmVyaVNpZ24gQ2xhc3MgMSBDQSBJbmRpdmlkdWFsIFN1YnNjcmliZXItUGVyc29uYSBOb3Qg"
-        + "VmFsaWRhdGVkAhAW25/9Rtc6aQ+irD9NW8MsMAkGBSsOAwIaBQCggbowGAYJKoZIhvcNAQkDMQsG"
-        + "CSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDAxMDAyMTczNTE4WjAjBgkqhkiG9w0BCQQxFgQU"
-        + "gZjSaBEY2oxGvlQUIMnxSXhivK8wWwYJKoZIhvcNAQkPMU4wTDAKBggqhkiG9w0DBzAOBggqhkiG"
-        + "9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZIhvcNAwICASgwBwYFKw4DAh0w"
-        + "DQYJKoZIhvcNAQEBBQAEgYAzk+PU91/ZFfoiuKOECjxEh9fDYE2jfDCheBIgh5gdcCo+sS1WQs8O"
-        + "HreQ9Nop/JdJv1DQMBK6weNBBDoP0EEkRm1XCC144XhXZC82jBZohYmi2WvDbbC//YN58kRMYMyy"
-        + "srrfn4Z9I+6kTriGXkrpGk9Q0LSGjmG2BIsqiF0dvwAAAAAAAA==");
-
-    //
-    // dsaWithSHA1 cert
-    //
-    byte[]  cert7 = Base64.decode(
-          "MIIEXAYJKoZIhvcNAQcCoIIETTCCBEkCAQExCzAJBgUrDgMCGgUAMAsGCSqG"
-        + "SIb3DQEHAaCCAsMwggK/MIIB4AIBADCBpwYFKw4DAhswgZ0CQQEkJRHP+mN7"
-        + "d8miwTMN55CUSmo3TO8WGCxgY61TX5k+7NU4XPf1TULjw3GobwaJX13kquPh"
-        + "fVXk+gVy46n4Iw3hAhUBSe/QF4BUj+pJOF9ROBM4u+FEWA8CQQD4mSJbrABj"
-        + "TUWrlnAte8pS22Tq4/FPO7jHSqjijUHfXKTrHL1OEqV3SVWcFy5j/cqBgX/z"
-        + "m8Q12PFp/PjOhh+nMA4xDDAKBgNVBAMTA0lEMzAeFw05NzEwMDEwMDAwMDBa"
-        + "Fw0zODAxMDEwMDAwMDBaMA4xDDAKBgNVBAMTA0lEMzCB8DCBpwYFKw4DAhsw"
-        + "gZ0CQQEkJRHP+mN7d8miwTMN55CUSmo3TO8WGCxgY61TX5k+7NU4XPf1TULj"
-        + "w3GobwaJX13kquPhfVXk+gVy46n4Iw3hAhUBSe/QF4BUj+pJOF9ROBM4u+FE"
-        + "WA8CQQD4mSJbrABjTUWrlnAte8pS22Tq4/FPO7jHSqjijUHfXKTrHL1OEqV3"
-        + "SVWcFy5j/cqBgX/zm8Q12PFp/PjOhh+nA0QAAkEAkYkXLYMtGVGWj9OnzjPn"
-        + "sB9sefSRPrVegZJCZbpW+Iv0/1RP1u04pHG9vtRpIQLjzUiWvLMU9EKQTThc"
-        + "eNMmWDCBpwYFKw4DAhswgZ0CQQEkJRHP+mN7d8miwTMN55CUSmo3TO8WGCxg"
-        + "Y61TX5k+7NU4XPf1TULjw3GobwaJX13kquPhfVXk+gVy46n4Iw3hAhUBSe/Q"
-        + "F4BUj+pJOF9ROBM4u+FEWA8CQQD4mSJbrABjTUWrlnAte8pS22Tq4/FPO7jH"
-        + "SqjijUHfXKTrHL1OEqV3SVWcFy5j/cqBgX/zm8Q12PFp/PjOhh+nAy8AMCwC"
-        + "FBY3dBSdeprGcqpr6wr3xbG+6WW+AhRMm/facKJNxkT3iKgJbp7R8Xd3QTGC"
-        + "AWEwggFdAgEBMBMwDjEMMAoGA1UEAxMDSUQzAgEAMAkGBSsOAwIaBQCgXTAY"
-        + "BgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wMjA1"
-        + "MjQyMzEzMDdaMCMGCSqGSIb3DQEJBDEWBBS4WMsoJhf7CVbZYCFcjoTRzPkJ"
-        + "xjCBpwYFKw4DAhswgZ0CQQEkJRHP+mN7d8miwTMN55CUSmo3TO8WGCxgY61T"
-        + "X5k+7NU4XPf1TULjw3GobwaJX13kquPhfVXk+gVy46n4Iw3hAhUBSe/QF4BU"
-        + "j+pJOF9ROBM4u+FEWA8CQQD4mSJbrABjTUWrlnAte8pS22Tq4/FPO7jHSqji"
-        + "jUHfXKTrHL1OEqV3SVWcFy5j/cqBgX/zm8Q12PFp/PjOhh+nBC8wLQIVALID"
-        + "dt+MHwawrDrwsO1Z6sXBaaJsAhRaKssrpevmLkbygKPV07XiAKBG02Zvb2Jh"
-        + "cg==");
-
-    //
-    // testcrl.pem
-    //
-    byte[]  crl1 = Base64.decode(
-        "MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT"
-        + "F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy"
-        + "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw"
-        + "MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw"
-        + "MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw"
-        + "MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw"
-        + "MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw"
-        + "MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw"
-        + "MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw"
-        + "NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw"
-        + "NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF"
-        + "AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ"
-        + "wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt"
-        + "JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v");
-
-    //
-    // ecdsa cert with extra octet string.
-    //
-    byte[]  oldEcdsa = Base64.decode(
-          "MIICljCCAkCgAwIBAgIBATALBgcqhkjOPQQBBQAwgY8xCzAJBgNVBAYTAkFVMSgwJ"
-        + "gYDVQQKEx9UaGUgTGVnaW9uIG9mIHRoZSBCb3VuY3kgQ2FzdGxlMRIwEAYDVQQHEw"
-        + "lNZWxib3VybmUxETAPBgNVBAgTCFZpY3RvcmlhMS8wLQYJKoZIhvcNAQkBFiBmZWV"
-        + "kYmFjay1jcnlwdG9AYm91bmN5Y2FzdGxlLm9yZzAeFw0wMTEyMDcwMTAwMDRaFw0w"
-        + "MTEyMDcwMTAxNDRaMIGPMQswCQYDVQQGEwJBVTEoMCYGA1UEChMfVGhlIExlZ2lvb"
-        + "iBvZiB0aGUgQm91bmN5IENhc3RsZTESMBAGA1UEBxMJTWVsYm91cm5lMREwDwYDVQ"
-        + "QIEwhWaWN0b3JpYTEvMC0GCSqGSIb3DQEJARYgZmVlZGJhY2stY3J5cHRvQGJvdW5"
-        + "jeWNhc3RsZS5vcmcwgeQwgb0GByqGSM49AgEwgbECAQEwKQYHKoZIzj0BAQIef///"
-        + "////////////f///////gAAAAAAAf///////MEAEHn///////////////3///////"
-        + "4AAAAAAAH///////AQeawFsO9zxiUHQ1lSSFHXKcanbL7J9HTd5YYXClCwKBB8CD/"
-        + "qWPNyogWzMM7hkK+35BcPTWFc9Pyf7vTs8uaqvAh5///////////////9///+eXpq"
-        + "fXZBx+9FSJoiQnQsDIgAEHwJbbcU7xholSP+w9nFHLebJUhqdLSU05lq/y9X+DHAw"
-        + "CwYHKoZIzj0EAQUAA0MAMEACHnz6t4UNoVROp74ma4XNDjjGcjaqiIWPZLK8Bdw3G"
-        + "QIeLZ4j3a6ividZl344UH+UPUE7xJxlYGuy7ejTsqRR");
-
-    byte[]  keyUsage = Base64.decode(
-          "MIIE7TCCBFagAwIBAgIEOAOR7jANBgkqhkiG9w0BAQQFADCByTELMAkGA1UE"
-        + "BhMCVVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MUgwRgYDVQQLFD93d3cuZW50"
-        + "cnVzdC5uZXQvQ2xpZW50X0NBX0luZm8vQ1BTIGluY29ycC4gYnkgcmVmLiBs"
-        + "aW1pdHMgbGlhYi4xJTAjBgNVBAsTHChjKSAxOTk5IEVudHJ1c3QubmV0IExp"
-        + "bWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENsaWVudCBDZXJ0aWZpY2F0"
-        + "aW9uIEF1dGhvcml0eTAeFw05OTEwMTIxOTI0MzBaFw0xOTEwMTIxOTU0MzBa"
-        + "MIHJMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50cnVzdC5uZXQxSDBGBgNV"
-        + "BAsUP3d3dy5lbnRydXN0Lm5ldC9DbGllbnRfQ0FfSW5mby9DUFMgaW5jb3Jw"
-        + "LiBieSByZWYuIGxpbWl0cyBsaWFiLjElMCMGA1UECxMcKGMpIDE5OTkgRW50"
-        + "cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50cnVzdC5uZXQgQ2xpZW50"
-        + "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGdMA0GCSqGSIb3DQEBAQUAA4GL"
-        + "ADCBhwKBgQDIOpleMRffrCdvkHvkGf9FozTC28GoT/Bo6oT9n3V5z8GKUZSv"
-        + "x1cDR2SerYIbWtp/N3hHuzeYEpbOxhN979IMMFGpOZ5V+Pux5zDeg7K6PvHV"
-        + "iTs7hbqqdCz+PzFur5GVbgbUB01LLFZHGARS2g4Qk79jkJvh34zmAqTmT173"
-        + "iwIBA6OCAeAwggHcMBEGCWCGSAGG+EIBAQQEAwIABzCCASIGA1UdHwSCARkw"
-        + "ggEVMIHkoIHhoIHepIHbMIHYMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50"
-        + "cnVzdC5uZXQxSDBGBgNVBAsUP3d3dy5lbnRydXN0Lm5ldC9DbGllbnRfQ0Ff"
-        + "SW5mby9DUFMgaW5jb3JwLiBieSByZWYuIGxpbWl0cyBsaWFiLjElMCMGA1UE"
-        + "CxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50"
-        + "cnVzdC5uZXQgQ2xpZW50IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MQ0wCwYD"
-        + "VQQDEwRDUkwxMCygKqAohiZodHRwOi8vd3d3LmVudHJ1c3QubmV0L0NSTC9D"
-        + "bGllbnQxLmNybDArBgNVHRAEJDAigA8xOTk5MTAxMjE5MjQzMFqBDzIwMTkx"
-        + "MDEyMTkyNDMwWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUxPucKXuXzUyW"
-        + "/O5bs8qZdIuV6kwwHQYDVR0OBBYEFMT7nCl7l81MlvzuW7PKmXSLlepMMAwG"
-        + "A1UdEwQFMAMBAf8wGQYJKoZIhvZ9B0EABAwwChsEVjQuMAMCBJAwDQYJKoZI"
-        + "hvcNAQEEBQADgYEAP66K8ddmAwWePvrqHEa7pFuPeJoSSJn59DXeDDYHAmsQ"
-        + "OokUgZwxpnyyQbJq5wcBoUv5nyU7lsqZwz6hURzzwy5E97BnRqqS5TvaHBkU"
-        + "ODDV4qIxJS7x7EU47fgGWANzYrAQMY9Av2TgXD7FTx/aEkP/TOYGJqibGapE"
-        + "PHayXOw=");
-
-    byte[] nameCert = Base64.decode(
-            "MIIEFjCCA3+gAwIBAgIEdS8BozANBgkqhkiG9w0BAQUFADBKMQswCQYDVQQGEwJE"+
-            "RTERMA8GA1UEChQIREFURVYgZUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRQ0Eg"+
-            "REFURVYgRDAzIDE6UE4wIhgPMjAwMTA1MTAxMDIyNDhaGA8yMDA0MDUwOTEwMjI0"+
-            "OFowgYQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIFAZCYXllcm4xEjAQBgNVBAcUCU7I"+
-            "dXJuYmVyZzERMA8GA1UEChQIREFURVYgZUcxHTAbBgNVBAUTFDAwMDAwMDAwMDA4"+
-            "OTU3NDM2MDAxMR4wHAYDVQQDFBVEaWV0bWFyIFNlbmdlbmxlaXRuZXIwgaEwDQYJ"+
-            "KoZIhvcNAQEBBQADgY8AMIGLAoGBAJLI/LJLKaHoMk8fBECW/od8u5erZi6jI8Ug"+
-            "C0a/LZyQUO/R20vWJs6GrClQtXB+AtfiBSnyZOSYzOdfDI8yEKPEv8qSuUPpOHps"+
-            "uNCFdLZF1vavVYGEEWs2+y+uuPmg8q1oPRyRmUZ+x9HrDvCXJraaDfTEd9olmB/Z"+
-            "AuC/PqpjAgUAwAAAAaOCAcYwggHCMAwGA1UdEwEB/wQCMAAwDwYDVR0PAQH/BAUD"+
-            "AwdAADAxBgNVHSAEKjAoMCYGBSskCAEBMB0wGwYIKwYBBQUHAgEWD3d3dy56cy5k"+
-            "YXRldi5kZTApBgNVHREEIjAggR5kaWV0bWFyLnNlbmdlbmxlaXRuZXJAZGF0ZXYu"+
-            "ZGUwgYQGA1UdIwR9MHuhc6RxMG8xCzAJBgNVBAYTAkRFMT0wOwYDVQQKFDRSZWd1"+
-            "bGllcnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21tdW5pa2F0aW9uIHVuZCBQb3N0"+
-            "MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjVSLUNBIDE6UE6CBACm8LkwDgYHAoIG"+
-            "AQoMAAQDAQEAMEcGA1UdHwRAMD4wPKAUoBKGEHd3dy5jcmwuZGF0ZXYuZGWiJKQi"+
-            "MCAxCzAJBgNVBAYTAkRFMREwDwYDVQQKFAhEQVRFViBlRzAWBgUrJAgDBAQNMAsT"+
-            "A0VVUgIBBQIBATAdBgNVHQ4EFgQUfv6xFP0xk7027folhy+ziZvBJiwwLAYIKwYB"+
-            "BQUHAQEEIDAeMBwGCCsGAQUFBzABhhB3d3cuZGlyLmRhdGV2LmRlMA0GCSqGSIb3"+
-            "DQEBBQUAA4GBAEOVX6uQxbgtKzdgbTi6YLffMftFr2mmNwch7qzpM5gxcynzgVkg"+
-            "pnQcDNlm5AIbS6pO8jTCLfCd5TZ5biQksBErqmesIl3QD+VqtB+RNghxectZ3VEs"+
-            "nCUtcE7tJ8O14qwCb3TxS9dvIUFiVi4DjbxX46TdcTbTaK8/qr6AIf+l");
-
-    byte[] probSelfSignedCert = Base64.decode(
-              "MIICxTCCAi6gAwIBAgIQAQAAAAAAAAAAAAAAAAAAATANBgkqhkiG9w0BAQUFADBF"
-            + "MScwJQYDVQQKEx4gRElSRUNUSU9OIEdFTkVSQUxFIERFUyBJTVBPVFMxGjAYBgNV"
-            + "BAMTESBBQyBNSU5FRkkgQiBURVNUMB4XDTA0MDUwNzEyMDAwMFoXDTE0MDUwNzEy"
-            + "MDAwMFowRTEnMCUGA1UEChMeIERJUkVDVElPTiBHRU5FUkFMRSBERVMgSU1QT1RT"
-            + "MRowGAYDVQQDExEgQUMgTUlORUZJIEIgVEVTVDCBnzANBgkqhkiG9w0BAQEFAAOB"
-            + "jQAwgYkCgYEAveoCUOAukZdcFCs2qJk76vSqEX0ZFzHqQ6faBPZWjwkgUNwZ6m6m"
-            + "qWvvyq1cuxhoDvpfC6NXILETawYc6MNwwxsOtVVIjuXlcF17NMejljJafbPximEt"
-            + "DQ4LcQeSp4K7FyFlIAMLyt3BQ77emGzU5fjFTvHSUNb3jblx0sV28c0CAwEAAaOB"
-            + "tTCBsjAfBgNVHSMEGDAWgBSEJ4bLbvEQY8cYMAFKPFD1/fFXlzAdBgNVHQ4EFgQU"
-            + "hCeGy27xEGPHGDABSjxQ9f3xV5cwDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIB"
-            + "AQQEAwIBBjA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vYWRvbmlzLnBrNy5jZXJ0"
-            + "cGx1cy5uZXQvZGdpLXRlc3QuY3JsMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcN"
-            + "AQEFBQADgYEAmToHJWjd3+4zknfsP09H6uMbolHNGG0zTS2lrLKpzcmkQfjhQpT9"
-            + "LUTBvfs1jdjo9fGmQLvOG+Sm51Rbjglb8bcikVI5gLbclOlvqLkm77otjl4U4Z2/"
-            + "Y0vP14Aov3Sn3k+17EfReYUZI4liuB95ncobC4e8ZM++LjQcIM0s+Vs=");
-
-
-    byte[] gost34102001base = Base64.decode(
-              "MIIB1DCCAYECEEjpVKXP6Wn1yVz3VeeDQa8wCgYGKoUDAgIDBQAwbTEfMB0G"
-            + "A1UEAwwWR29zdFIzNDEwLTIwMDEgZXhhbXBsZTESMBAGA1UECgwJQ3J5cHRv"
-            + "UHJvMQswCQYDVQQGEwJSVTEpMCcGCSqGSIb3DQEJARYaR29zdFIzNDEwLTIw"
-            + "MDFAZXhhbXBsZS5jb20wHhcNMDUwMjAzMTUxNjQ2WhcNMTUwMjAzMTUxNjQ2"
-            + "WjBtMR8wHQYDVQQDDBZHb3N0UjM0MTAtMjAwMSBleGFtcGxlMRIwEAYDVQQK"
-            + "DAlDcnlwdG9Qcm8xCzAJBgNVBAYTAlJVMSkwJwYJKoZIhvcNAQkBFhpHb3N0"
-            + "UjM0MTAtMjAwMUBleGFtcGxlLmNvbTBjMBwGBiqFAwICEzASBgcqhQMCAiQA"
-            + "BgcqhQMCAh4BA0MABECElWh1YAIaQHUIzROMMYks/eUFA3pDXPRtKw/nTzJ+"
-            + "V4/rzBa5lYgD0Jp8ha4P5I3qprt+VsfLsN8PZrzK6hpgMAoGBiqFAwICAwUA"
-            + "A0EAHw5dw/aw/OiNvHyOE65kvyo4Hp0sfz3csM6UUkp10VO247ofNJK3tsLb"
-            + "HOLjUaqzefrlGb11WpHYrvWFg+FcLA==");
-
-    private final byte[] emptyDNCert = Base64.decode(
-              "MIICfTCCAeagAwIBAgIBajANBgkqhkiG9w0BAQQFADB8MQswCQYDVQQGEwJVUzEMMAoGA1UEChMD"
-            + "Q0RXMQkwBwYDVQQLEwAxCTAHBgNVBAcTADEJMAcGA1UECBMAMRowGAYDVQQDExFUZW1wbGFyIFRl"
-            + "c3QgMTAyNDEiMCAGCSqGSIb3DQEJARYTdGVtcGxhcnRlc3RAY2R3LmNvbTAeFw0wNjA1MjIwNTAw"
-            + "MDBaFw0xMDA1MjIwNTAwMDBaMHwxCzAJBgNVBAYTAlVTMQwwCgYDVQQKEwNDRFcxCTAHBgNVBAsT"
-            + "ADEJMAcGA1UEBxMAMQkwBwYDVQQIEwAxGjAYBgNVBAMTEVRlbXBsYXIgVGVzdCAxMDI0MSIwIAYJ"
-            + "KoZIhvcNAQkBFhN0ZW1wbGFydGVzdEBjZHcuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB"
-            + "gQDH3aJpJBfM+A3d84j5YcU6zEQaQ76u5xO9NSBmHjZykKS2kCcUqPpvVOPDA5WgV22dtKPh+lYV"
-            + "iUp7wyCVwAKibq8HIbihHceFqMKzjwC639rMoDJ7bi/yzQWz1Zg+075a4FGPlUKn7Yfu89wKkjdW"
-            + "wDpRPXc/agqBnrx5pJTXzQIDAQABow8wDTALBgNVHQ8EBAMCALEwDQYJKoZIhvcNAQEEBQADgYEA"
-            + "RRsRsjse3i2/KClFVd6YLZ+7K1BE0WxFyY2bbytkwQJSxvv3vLSuweFUbhNxutb68wl/yW4GLy4b"
-            + "1QdyswNxrNDXTuu5ILKhRDDuWeocz83aG2KGtr3JlFyr3biWGEyn5WUOE6tbONoQDJ0oPYgI6CAc"
-            + "EHdUp0lioOCt6UOw7Cs=");
-
-    private AsymmetricKeyParameter dudPublicKey = new AsymmetricKeyParameter(true)
-    {
-        public String getAlgorithm()
-        {
-            return null;
-        }
-
-        public String getFormat()
-        {
-            return null;
-        }
-
-        public byte[] getEncoded()
-        {
-            return null;
-        }
-
-    };
-
-    public String getName()
-    {
-        return "CertTest";
-    }
-
-    public void checkCertificate(
-        int     id,
-        byte[]  bytes)
-    {
-        try
-        {
-            X509CertificateHolder certHldr = new X509CertificateHolder(bytes);
-
-            SubjectPublicKeyInfo k = certHldr.getSubjectPublicKeyInfo();
-            // System.out.println(cert);
-        }
-        catch (Exception e)
-        {
-            fail(e.toString());
-        }
-    }
-            /*
-    public void checkNameCertificate(
-        int     id,
-        byte[]  bytes)
-    {
-        ByteArrayInputStream    bIn;
-        String                  dump = "";
-
-        try
-        {
-            bIn = new ByteArrayInputStream(bytes);
-
-            CertificateFactory  fact = CertificateFactory.getInstance("X.509", "LKBX-BC");
-
-            X509Certificate cert = (X509Certificate)fact.generateCertificate(bIn);
-
-            AsymmetricKeyParameter    k = cert.getAsymmetricKeyParameter();
-            if (!cert.getIssuerDN().toString().equals("C=DE,O=DATEV eG,0.2.262.1.10.7.20=1+CN=CA DATEV D03 1:PN"))
-            {
-                fail(id + " failed - name test.");
-            }
-            // System.out.println(cert);
-        }
-        catch (Exception e)
-        {
-            fail(dump + Strings.lineSeparator() + getName() + ": "+ id + " failed - exception " + e.toString(), e);
-        }
-
-    }
-     */
-    public void checkKeyUsage(
-        int     id,
-        byte[]  bytes)
-        throws IOException
-    {
-
-            X509CertificateHolder certHld = new X509CertificateHolder(bytes);
-
-            if ((DERBitString.getInstance(certHld.getExtension(Extension.keyUsage).getParsedValue()).getBytes()[0] & 0x01) != 0)
-            {
-                fail("error generating cert - key usage wrong.");
-            }
-
-
-    }
-
-
-    public void checkSelfSignedCertificate(
-        int     id,
-        byte[]  bytes)
-        throws OperatorCreationException, IOException, CertException
-    {
-
-            X509CertificateHolder certHolder = new X509CertificateHolder(bytes);
-
-            assertTrue(certHolder.isSignatureValid(new BcRSAContentVerifierProviderBuilder(digAlgFinder).build(certHolder)));
-
-
-    }
-
-    /**
-     * we generate a self signed certificate for the sake of testing - RSA
-     */
-    public void checkCreation1()
-        throws Exception
-    {
-        //
-        // a sample key pair.
-        //
-        AsymmetricKeyParameter pubKey = new RSAKeyParameters(
-            false,
-            new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-            new BigInteger("11", 16));
-
-        AsymmetricKeyParameter privKey = new RSAPrivateCrtKeyParameters(
-            new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-            new BigInteger("11", 16),
-            new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
-            new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
-            new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
-            new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
-            new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
-            new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));
-
-        //
-        // distinguished name table.
-        //
-        X500NameBuilder builder = new X500NameBuilder(RFC4519Style.INSTANCE);
-
-        builder.addRDN(RFC4519Style.c, "AU");
-        builder.addRDN(RFC4519Style.o, "The Legion of the Bouncy Castle");
-        builder.addRDN(RFC4519Style.l, "Melbourne");
-        builder.addRDN(RFC4519Style.st, "Victoria");
-        builder.addRDN(PKCSObjectIdentifiers.pkcs_9_at_emailAddress, "feedback-crypto@bouncycastle.org");
-
-        //
-        // extensions
-        //
-
-        //
-        // create the certificate - version 3 - without extensions
-        //
-        AlgorithmIdentifier sigAlg = sigAlgFinder.find("SHA256WithRSAEncryption");
-        ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlg, digAlgFinder.find(sigAlg)).build(privKey);
-        X509v3CertificateBuilder certGen = new BcX509v3CertificateBuilder(builder.build(), BigInteger.valueOf(1), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000),builder.build(), pubKey);
-
-        X509CertificateHolder certH = certGen.build(sigGen);
-
-        assertTrue(certH.isValidOn(new Date()));
-
-        ContentVerifierProvider contentVerifierProvider = new BcRSAContentVerifierProviderBuilder(new DefaultDigestAlgorithmIdentifierFinder()).build(pubKey);
-
-        assertTrue(certH.isSignatureValid(contentVerifierProvider));
-
-        X509Certificate cert = new JcaX509CertificateConverter().getCertificate(certH);
-        Set dummySet = cert.getNonCriticalExtensionOIDs();
-        if (dummySet != null)
-        {
-            fail("non-critical oid set should be null");
-        }
-        dummySet = cert.getCriticalExtensionOIDs();
-        if (dummySet != null)
-        {
-            fail("critical oid set should be null");
-        }
-
-        //
-        // create the certificate - version 3 - with extensions
-        //
-        sigGen = new BcRSAContentSignerBuilder(sigAlgFinder.find("MD5WithRSA"), digAlgFinder.find(sigAlgFinder.find("MD5withRSA"))).build(privKey);
-        certGen = new BcX509v3CertificateBuilder(builder.build(), BigInteger.valueOf(1)
-            , new Date(System.currentTimeMillis() - 50000)
-            , new Date(System.currentTimeMillis() + 50000)
-            , builder.build()
-            , pubKey)
-            .addExtension(new ASN1ObjectIdentifier("2.5.29.15"), true,
-                new KeyUsage(KeyUsage.encipherOnly))
-            .addExtension(new ASN1ObjectIdentifier("2.5.29.37"), true,
-                new DERSequence(KeyPurposeId.anyExtendedKeyUsage))
-            .addExtension(new ASN1ObjectIdentifier("2.5.29.17"), true,
-                new GeneralNames(new GeneralName(GeneralName.rfc822Name, "test@test.test")));
-
-        X509CertificateHolder certHolder = certGen.build(sigGen);
-
-        assertTrue(certHolder.isValidOn(new Date()));
-
-        contentVerifierProvider = new BcRSAContentVerifierProviderBuilder(digAlgFinder).build(pubKey);
-        if (!certHolder.isSignatureValid(contentVerifierProvider))
-        {
-            fail("signature test failed");
-        }
-
-        ByteArrayInputStream   bIn = new ByteArrayInputStream(certHolder.getEncoded());
-        CertificateFactory     certFact = CertificateFactory.getInstance("X.509");
-
-        cert = (X509Certificate)certFact.generateCertificate(bIn);
-
-        if (!cert.getKeyUsage()[7])
-        {
-            fail("error generating cert - key usage wrong.");
-        }
-
-        List l = cert.getExtendedKeyUsage();
-        if (!l.get(0).equals(KeyPurposeId.anyExtendedKeyUsage.getId()))
-        {
-            fail("failed extended key usage test");
-        }
-
-        Collection c = cert.getSubjectAlternativeNames();
-        Iterator   it = c.iterator();
-        while (it.hasNext())
-        {
-            List    gn = (List)it.next();
-            if (!gn.get(1).equals("test@test.test"))
-            {
-                fail("failed subject alternative names test");
-            }
-        }
-
-        // System.out.println(cert);
-
-        //
-        // create the certificate - version 1
-        //
-        sigGen = new BcRSAContentSignerBuilder(sigAlgFinder.find("MD5WithRSA"), digAlgFinder.find(sigAlgFinder.find("MD5withRSA"))).build(privKey);
-        X509v1CertificateBuilder certGen1 = new BcX509v1CertificateBuilder(builder.build(), BigInteger.valueOf(1), new Date(System.currentTimeMillis() - 50000),new Date(System.currentTimeMillis() + 50000),builder.build(),pubKey);
-
-        cert = new JcaX509CertificateConverter().getCertificate(certGen1.build(sigGen));
-
-        assertTrue(certHolder.isValidOn(new Date()));
-
-        contentVerifierProvider = new BcRSAContentVerifierProviderBuilder(new DefaultDigestAlgorithmIdentifierFinder()).build(pubKey);
-
-        assertTrue(certHolder.isSignatureValid(contentVerifierProvider));
-
-        bIn = new ByteArrayInputStream(cert.getEncoded());
-        certFact = CertificateFactory.getInstance("X.509");
-
-        cert = (X509Certificate)certFact.generateCertificate(bIn);
-
-        // System.out.println(cert);
-        if (!cert.getIssuerDN().equals(cert.getSubjectDN()))
-        {
-            fail("name comparison fails");
-        }
-
-//
-        // a lightweight key pair.
-        //
-        RSAKeyParameters lwPubKey = new RSAKeyParameters(
-            false,
-            new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-            new BigInteger("11", 16));
-
-        RSAPrivateCrtKeyParameters lwPrivKey = new RSAPrivateCrtKeyParameters(
-            new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-            new BigInteger("11", 16),
-            new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
-            new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
-            new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
-            new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
-            new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
-            new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));
-
-        //
-        // distinguished name table.
-        //
-        builder = new X500NameBuilder(RFC4519Style.INSTANCE);
-
-        builder.addRDN(RFC4519Style.c, "AU");
-        builder.addRDN(RFC4519Style.o, "The Legion of the Bouncy Castle");
-        builder.addRDN(RFC4519Style.l, "Melbourne");
-        builder.addRDN(RFC4519Style.st, "Victoria");
-        builder.addRDN(PKCSObjectIdentifiers.pkcs_9_at_emailAddress, "feedback-crypto@bouncycastle.org");
-
-        //
-        // extensions
-        //
-
-        //
-        // create the certificate - version 3 - without extensions
-        //
-        AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA256WithRSAEncryption");
-        AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
-
-        sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(lwPrivKey);
-        SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(lwPubKey);
-        certGen = new X509v3CertificateBuilder(builder.build(), BigInteger.valueOf(1), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), builder.build(), pubInfo);
-
-        certHolder = certGen.build(sigGen);
-
-        assertTrue(certHolder.isValidOn(new Date()));
-
-        contentVerifierProvider = new BcRSAContentVerifierProviderBuilder(new DefaultDigestAlgorithmIdentifierFinder()).build(lwPubKey);
-
-        assertTrue(certHolder.isSignatureValid(contentVerifierProvider));
-
-        if (!certHolder.isSignatureValid(contentVerifierProvider))
-        {
-            fail("lw sig verification failed");
-        }
-    }
-
-    /**
-     * we generate a self signed certificate for the sake of testing - DSA
-     */
-    public void checkCreation2()
-        throws Exception
-    {
-        //
-        // set up the keys
-        //
-        AsymmetricKeyParameter          privKey;
-        AsymmetricKeyParameter          pubKey;
-
-        AsymmetricCipherKeyPairGenerator kpg = new DSAKeyPairGenerator();
-        BigInteger              r = new BigInteger("68076202252361894315274692543577577550894681403");
-        BigInteger              s = new BigInteger("1089214853334067536215539335472893651470583479365");
-        DSAParametersGenerator pGen = new DSAParametersGenerator();
-
-        pGen.init(512, 80, new SecureRandom());
-
-        DSAParameters params = pGen.generateParameters();
-        DSAKeyGenerationParameters genParam = new DSAKeyGenerationParameters(new SecureRandom(), params);
-
-        kpg.init(genParam);
-
-        AsymmetricCipherKeyPair pair = kpg.generateKeyPair();
-
-        privKey = (AsymmetricKeyParameter)pair.getPrivate();
-        pubKey = (AsymmetricKeyParameter)pair.getPublic();
-
-        //
-        // distinguished name table.
-        //
-        X500NameBuilder builder = createStdBuilder();
-
-        //
-        // extensions
-        //
-
-        //
-        // create the certificate - version 3
-        //
-        AlgorithmIdentifier sigAlgId = sigAlgFinder.find("SHA1withDSA");
-        AlgorithmIdentifier digAlgId = digAlgFinder.find(sigAlgId);
-
-        ContentSigner sigGen = new BcDSAContentSignerBuilder(sigAlgId, digAlgId).build(privKey);
-        X509v3CertificateBuilder  certGen = new BcX509v3CertificateBuilder(builder.build(),BigInteger.valueOf(1),new Date(System.currentTimeMillis() - 50000),new Date(System.currentTimeMillis() + 50000),builder.build(),pubKey);
-
-
-        X509CertificateHolder cert = certGen.build(sigGen);
-
-        assertTrue(cert.isValidOn(new Date()));
-
-        assertTrue(cert.isSignatureValid(new BcDSAContentVerifierProviderBuilder(digAlgFinder).build(pubKey)));
-
-
-        //
-        // create the certificate - version 1
-        //
-        sigAlgId = sigAlgFinder.find("SHA1withDSA");
-        digAlgId = digAlgFinder.find(sigAlgId);
-
-        sigGen = new BcDSAContentSignerBuilder(sigAlgId, digAlgId).build(privKey);
-        X509v1CertificateBuilder  certGen1 = new BcX509v1CertificateBuilder(builder.build(),BigInteger.valueOf(1),new Date(System.currentTimeMillis() - 50000),new Date(System.currentTimeMillis() + 50000),builder.build(),pubKey);
-
-        cert = certGen1.build(sigGen);
-
-        assertTrue(cert.isValidOn(new Date()));
-
-        assertTrue(cert.isSignatureValid(new BcDSAContentVerifierProviderBuilder(digAlgFinder).build(pubKey)));
-
-        AsymmetricKeyParameter certPubKey = PublicKeyFactory.createKey(cert.getSubjectPublicKeyInfo());
-
-        assertTrue(cert.isSignatureValid(new BcDSAContentVerifierProviderBuilder(digAlgFinder).build(certPubKey)));
-
-        ByteArrayInputStream bIn = new ByteArrayInputStream(cert.getEncoded());
-        CertificateFactory fact = CertificateFactory.getInstance("X.509");
-
-        X509Certificate x509cert = (X509Certificate)fact.generateCertificate(bIn);
-
-            //System.out.println(cert);
-    }
-
-    /**
-      * we generate a self signed certificate for the sake of testing - ECDSA
-      */
-     public void checkCreation3()
-     {
-         X9ECParameters x9 = ECNamedCurveTable.getByName("prime239v1");
-         ECCurve curve = x9.getCurve();
-         ECDomainParameters params = new ECDomainParameters(curve, x9.getG(), x9.getN(), x9.getH());
-
-         ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(
-             new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d
-             params);
-
-         ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
-             curve.decodePoint(Hex.decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q
-             params);
-
-         //
-         // distinguished name table.
-         //
-         X500NameBuilder builder = createStdBuilder();
-
-         //
-         // toString test
-         //
-         X500Name p = builder.build();
-         String s = p.toString();
-
-         if (!s.equals("1.2.840.113549.1.9.1=feedback-crypto@bouncycastle.org,st=Victoria,l=Melbourne,o=The Legion of the Bouncy Castle,c=AU"))
-         {
-             fail("ordered X509Principal test failed - s = " + s + ".");
-         }
-
-         //
-         // create the certificate - version 3
-         //
-         try
-         {
-             ContentSigner sigGen = new BcECContentSignerBuilder(
-                 new AlgorithmIdentifier(X9ObjectIdentifiers.ecdsa_with_SHA1),
-                 new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1)).build(privKey);
-             BcX509v3CertificateBuilder certGen = new BcX509v3CertificateBuilder(builder.build(), BigInteger.valueOf(1), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), builder.build(), pubKey);
-
-             X509CertificateHolder cert = certGen.build(sigGen);
-
-             if (!cert.isValidOn(new Date()))
-             {
-                 fail("not valid on date");
-             }
-
-             if (!cert.isSignatureValid(new BcECContentVerifierProviderBuilder(new DefaultDigestAlgorithmIdentifierFinder()).build(pubKey)))
-             {
-                 fail("signature invalid");
-             }
-         }
-         catch (Exception e)
-         {
-             fail("error setting generating cert - " + e.toString());
-         }
-     }
-
-    private X500NameBuilder createStdBuilder()
-    {
-        X500NameBuilder builder = new X500NameBuilder(RFC4519Style.INSTANCE);
-
-        builder.addRDN(RFC4519Style.c, "AU");
-        builder.addRDN(RFC4519Style.o, "The Legion of the Bouncy Castle");
-        builder.addRDN(RFC4519Style.l, "Melbourne");
-        builder.addRDN(RFC4519Style.st, "Victoria");
-        builder.addRDN(PKCSObjectIdentifiers.pkcs_9_at_emailAddress, "feedback-crypto@bouncycastle.org");
-
-        return builder;
-    }
-
-    private void checkCRL(
-        int     id,
-        byte[]  bytes)
-    {
-        String                  dump = "";
-
-        try
-        {
-            X509CRLHolder crlHolder = new X509CRLHolder(bytes);
-
-        }
-        catch (Exception e)
-        {
-            fail(dump + Strings.lineSeparator() + getName() + ": "+ id + " failed - exception " + e.toString());
-        }
-
-    }
-
-    public void checkCRLCreation1()
-        throws Exception
-    {
-        AsymmetricCipherKeyPairGenerator kpg = new RSAKeyPairGenerator();
-        RSAKeyGenerationParameters genParam = new RSAKeyGenerationParameters(
-                                            BigInteger.valueOf(0x1001), new SecureRandom(), 1024, 25);
-
-        kpg.init(genParam);
-
-        AsymmetricCipherKeyPair pair = kpg.generateKeyPair();
-        Date                 now = new Date();
-
-        X509v2CRLBuilder     crlGen = new X509v2CRLBuilder(new X500Name("CN=Test CA"), now);
-
-        BcX509ExtensionUtils extFact = new BcX509ExtensionUtils(new SHA1DigestCalculator());
-
-        crlGen.setNextUpdate(new Date(now.getTime() + 100000));
-
-        crlGen.addCRLEntry(BigInteger.ONE, now, CRLReason.privilegeWithdrawn);
-
-        crlGen.addExtension(Extension.authorityKeyIdentifier, false, extFact.createAuthorityKeyIdentifier(pair.getPublic()));
-
-        AlgorithmIdentifier sigAlg = sigAlgFinder.find("SHA256withRSAEncryption");
-        AlgorithmIdentifier digAlg = digAlgFinder.find(sigAlg);
-
-        X509CRLHolder crl = crlGen.build(new BcRSAContentSignerBuilder(sigAlg, digAlg).build(pair.getPrivate()));
-
-        if (!crl.getIssuer().equals(new X500Name("CN=Test CA")))
-        {
-            fail("failed CRL issuer test");
-        }
-
-        Extension authExt = crl.getExtension(Extension.authorityKeyIdentifier);
-
-        if (authExt == null)
-        {
-            fail("failed to find CRL extension");
-        }
-
-        AuthorityKeyIdentifier authId = AuthorityKeyIdentifier.getInstance(authExt.getParsedValue());
-
-        X509CRLEntryHolder entry = crl.getRevokedCertificate(BigInteger.ONE);
-
-        if (entry == null)
-        {
-            fail("failed to find CRL entry");
-        }
-
-        if (!entry.getSerialNumber().equals(BigInteger.ONE))
-        {
-            fail("CRL cert serial number does not match");
-        }
-
-        if (!entry.hasExtensions())
-        {
-            fail("CRL entry extension not found");
-        }
-
-        Extension ext = entry.getExtension(Extension.reasonCode);
-
-        if (ext != null)
-        {
-            ASN1Enumerated reasonCode = ASN1Enumerated.getInstance(ext.getParsedValue());
-
-            if (reasonCode.getValue().intValue() != CRLReason.privilegeWithdrawn)
-            {
-                fail("CRL entry reasonCode wrong");
-            }
-        }
-        else
-        {
-            fail("CRL entry reasonCode not found");
-        }
-    }
-
-    public void checkCRLCreation2()
-        throws Exception
-    {
-        AsymmetricCipherKeyPairGenerator kpg = new RSAKeyPairGenerator();
-        RSAKeyGenerationParameters genParam = new RSAKeyGenerationParameters(
-                                            BigInteger.valueOf(0x1001), new SecureRandom(), 1024, 25);
-
-        kpg.init(genParam);
-
-        AsymmetricCipherKeyPair pair = kpg.generateKeyPair();
-        Date                 now = new Date();
-
-        X509v2CRLBuilder     crlGen = new X509v2CRLBuilder(new X500Name("CN=Test CA"), now);
-
-        crlGen.setNextUpdate(new Date(now.getTime() + 100000));
-
-        ExtensionsGenerator extGen = new ExtensionsGenerator();
-
-        CRLReason crlReason = CRLReason.lookup(CRLReason.privilegeWithdrawn);
-
-        extGen.addExtension(Extension.reasonCode, false, crlReason);
-
-        BcX509ExtensionUtils extFact = new BcX509ExtensionUtils(new SHA1DigestCalculator());
-
-        crlGen.addCRLEntry(BigInteger.ONE, now, extGen.generate());
-
-        crlGen.addExtension(Extension.authorityKeyIdentifier, false, extFact.createAuthorityKeyIdentifier((AsymmetricKeyParameter)pair.getPublic()));
-
-        AlgorithmIdentifier sigAlg = sigAlgFinder.find("SHA256withRSAEncryption");
-        AlgorithmIdentifier digAlg = digAlgFinder.find(sigAlg);
-
-        X509CRLHolder crlHolder = crlGen.build(new BcRSAContentSignerBuilder(sigAlg, digAlg).build((AsymmetricKeyParameter)pair.getPrivate()));
-
-        if (!crlHolder.getIssuer().equals(new X500Name("CN=Test CA")))
-        {
-            fail("failed CRL issuer test");
-        }
-
-        Extension authExt = crlHolder.getExtension(Extension.authorityKeyIdentifier);
-
-        if (authExt == null)
-        {
-            fail("failed to find CRL extension");
-        }
-
-        AuthorityKeyIdentifier authId = AuthorityKeyIdentifier.getInstance(authExt.getParsedValue());
-
-        X509CRLEntryHolder entry = crlHolder.getRevokedCertificate(BigInteger.ONE);
-
-        if (entry == null)
-        {
-            fail("failed to find CRL entry");
-        }
-
-        if (!entry.getSerialNumber().equals(BigInteger.ONE))
-        {
-            fail("CRL cert serial number does not match");
-        }
-
-        if (!entry.hasExtensions())
-        {
-            fail("CRL entry extension not found");
-        }
-
-        Extension ext = entry.getExtension(Extension.reasonCode);
-
-        if (ext != null)
-        {
-            ASN1Enumerated   reasonCode = ASN1Enumerated.getInstance(ext.getParsedValue());
-
-            if (reasonCode.getValue().intValue() != CRLReason.privilegeWithdrawn)
-            {
-                fail("CRL entry reasonCode wrong");
-            }
-        }
-        else
-        {
-            fail("CRL entry reasonCode not found");
-        }
-    }
-
-    public void checkCRLCreation3()
-        throws Exception
-    {
-        AsymmetricCipherKeyPairGenerator kpg = new RSAKeyPairGenerator();
-        RSAKeyGenerationParameters genParam = new RSAKeyGenerationParameters(
-                                            BigInteger.valueOf(0x1001), new SecureRandom(), 1024, 25);
-
-        kpg.init(genParam);
-
-        AsymmetricCipherKeyPair pair = kpg.generateKeyPair();
-        Date                 now = new Date();
-        X509v2CRLBuilder     crlGen = new X509v2CRLBuilder(new X500Name("CN=Test CA"), now);
-
-        crlGen.setNextUpdate(new Date(now.getTime() + 100000));
-
-        ExtensionsGenerator extGen = new ExtensionsGenerator();
-
-        CRLReason crlReason = CRLReason.lookup(CRLReason.privilegeWithdrawn);
-
-        extGen.addExtension(Extension.reasonCode, false, crlReason);
-
-        BcX509ExtensionUtils extFact = new BcX509ExtensionUtils(new SHA1DigestCalculator());
-
-        Extensions entryExtensions = extGen.generate();
-
-        crlGen.addCRLEntry(BigInteger.ONE, now, entryExtensions);
-
-        crlGen.addExtension(Extension.authorityKeyIdentifier, false, extFact.createAuthorityKeyIdentifier((AsymmetricKeyParameter)pair.getPublic()));
-
-        AlgorithmIdentifier sigAlg = sigAlgFinder.find("SHA256withRSAEncryption");
-        AlgorithmIdentifier digAlg = digAlgFinder.find(sigAlg);
-
-        X509CRLHolder crlHolder = crlGen.build(new BcRSAContentSignerBuilder(sigAlg, digAlg).build((AsymmetricKeyParameter)pair.getPrivate()));
-
-        if (!crlHolder.getIssuer().equals(new X500Name("CN=Test CA")))
-        {
-            fail("failed CRL issuer test");
-        }
-
-        Extension authExt = crlHolder.getExtension(Extension.authorityKeyIdentifier);
-
-        if (authExt == null)
-        {
-            fail("failed to find CRL extension");
-        }
-
-        AuthorityKeyIdentifier authId = AuthorityKeyIdentifier.getInstance(authExt.getParsedValue());
-
-        X509CRLEntryHolder entry = crlHolder.getRevokedCertificate(BigInteger.ONE);
-
-        if (entry == null)
-        {
-            fail("failed to find CRL entry");
-        }
-
-        if (!entry.getSerialNumber().equals(BigInteger.ONE))
-        {
-            fail("CRL cert serial number does not match");
-        }
-
-        if (!entry.hasExtensions())
-        {
-            fail("CRL entry extension not found");
-        }
-
-        Extension  ext = entry.getExtension(Extension.reasonCode);
-
-        if (ext != null)
-        {
-            ASN1Enumerated   reasonCode = ASN1Enumerated.getInstance(ext.getParsedValue());
-
-            if (reasonCode.getValue().intValue() != CRLReason.privilegeWithdrawn)
-            {
-                fail("CRL entry reasonCode wrong");
-            }
-        }
-        else
-        {
-            fail("CRL entry reasonCode not found");
-        }
-
-        //
-        // check loading of existing CRL
-        //
-        now = new Date();
-        crlGen = new X509v2CRLBuilder(new X500Name("CN=Test CA"), now);
-
-        crlGen.setNextUpdate(new Date(now.getTime() + 100000));
-
-        crlGen.addCRL(crlHolder);
-
-        crlGen.addCRLEntry(BigInteger.valueOf(2), now, entryExtensions);
-
-        crlGen.addExtension(Extension.authorityKeyIdentifier, false, extFact.createAuthorityKeyIdentifier(pair.getPublic()));
-
-        crlHolder = crlGen.build(new BcRSAContentSignerBuilder(sigAlg, digAlg).build(pair.getPrivate()));
-
-        int     count = 0;
-        boolean oneFound = false;
-        boolean twoFound = false;
-
-        Iterator it = crlHolder.getRevokedCertificates().iterator();
-        while (it.hasNext())
-        {
-            X509CRLEntryHolder crlEnt = (X509CRLEntryHolder)it.next();
-
-            if (crlEnt.getSerialNumber().intValue() == 1)
-            {
-                oneFound = true;
-                Extension extn = crlEnt.getExtension(Extension.reasonCode);
-
-                if (extn != null)
-                {
-                    ASN1Enumerated reasonCode = ASN1Enumerated.getInstance(extn.getParsedValue());
-
-                    if (reasonCode.getValue().intValue() != CRLReason.privilegeWithdrawn)
-                    {
-                        fail("CRL entry reasonCode wrong on recheck");
-                    }
-                }
-                else
-                {
-                    fail("CRL entry reasonCode not found on recheck");
-                }
-            }
-            else if (crlEnt.getSerialNumber().intValue() == 2)
-            {
-                twoFound = true;
-            }
-
-            count++;
-        }
-
-        if (count != 2)
-        {
-            fail("wrong number of CRLs found, got: " + count);
-        }
-
-        if (!oneFound || !twoFound)
-        {
-            fail("wrong CRLs found in copied list");
-        }
-
-        //
-        // check factory read back
-        //
-        CertificateFactory cFact = CertificateFactory.getInstance("X.509");
-
-        X509CRL readCrl = (X509CRL)cFact.generateCRL(new ByteArrayInputStream(crlHolder.getEncoded()));
-
-        if (readCrl == null)
-        {
-            fail("crl not returned!");
-        }
-
-        Collection col = cFact.generateCRLs(new ByteArrayInputStream(crlHolder.getEncoded()));
-
-        if (col.size() != 1)
-        {
-            fail("wrong number of CRLs found in collection");
-        }
-    }
-
-    public void checkCreation5()
-        throws Exception
-    {
-        //
-        // a sample key pair.
-        //
-        AsymmetricKeyParameter pubKey = new RSAKeyParameters(
-            false,
-            new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-            new BigInteger("11", 16));
-
-        AsymmetricKeyParameter privKey = new RSAPrivateCrtKeyParameters(
-            new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-            new BigInteger("11", 16),
-            new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
-            new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
-            new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
-            new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
-            new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
-            new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));
-
-        //
-        // set up the keys
-        //
-        SecureRandom        rand = new SecureRandom();
-
-        //
-        // distinguished name table.
-        //
-        X500NameBuilder builder = createStdBuilder();
-
-        //
-        // create base certificate - version 3
-        //
-        AlgorithmIdentifier sigAlg = sigAlgFinder.find("MD5WithRSA");
-        AlgorithmIdentifier digAlg = digAlgFinder.find(sigAlg);
-
-        ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlg, digAlg).build(privKey);
-        ASN1ObjectIdentifier extOid = new ASN1ObjectIdentifier("2.5.29.37");
-        X509v3CertificateBuilder certGen = new BcX509v3CertificateBuilder(builder.build(),BigInteger.valueOf(1),new Date(System.currentTimeMillis() - 50000),new Date(System.currentTimeMillis() + 50000),builder.build(),pubKey)
-            .addExtension(new ASN1ObjectIdentifier("2.5.29.15"), true,
-            new KeyUsage(KeyUsage.encipherOnly))
-            .addExtension(extOid, true,
-            new DERSequence(KeyPurposeId.anyExtendedKeyUsage))
-            .addExtension(new ASN1ObjectIdentifier("2.5.29.17"), true,
-            new GeneralNames(new GeneralName(GeneralName.rfc822Name, "test@test.test")));
-
-        X509CertificateHolder baseCert = certGen.build(sigGen);
-
-        //
-        // copy certificate
-        //
-
-        certGen = new BcX509v3CertificateBuilder(builder.build(),BigInteger.valueOf(1),new Date(System.currentTimeMillis() - 50000),new Date(System.currentTimeMillis() + 50000),builder.build(),pubKey)
-            .copyAndAddExtension(new ASN1ObjectIdentifier("2.5.29.15"), true, baseCert)
-            .copyAndAddExtension(extOid, false, baseCert);
-
-        X509CertificateHolder cert = certGen.build(sigGen);
-
-        assertTrue(cert.isValidOn(new Date()));
-
-        assertTrue(cert.isSignatureValid(new BcRSAContentVerifierProviderBuilder(digAlgFinder).build(pubKey)));
-
-        if (!baseCert.getExtension(new ASN1ObjectIdentifier("2.5.29.15")).equals(cert.getExtension(new ASN1ObjectIdentifier("2.5.29.15"))))
-        {
-            fail("2.5.29.15 differs");
-        }
-
-        assertTrue(baseCert.getExtension(extOid).getExtnId().equals(cert.getExtension(extOid).getExtnId()));
-        assertFalse(baseCert.getExtension(extOid).isCritical() == cert.getExtension(extOid).isCritical());
-        if (!baseCert.getExtension(extOid).getParsedValue().equals(cert.getExtension(extOid).getParsedValue()))
-        {
-            fail("2.5.29.37 differs");
-        }
-
-        //
-        // exception test
-        //
-
-        try
-        {
-            certGen.copyAndAddExtension(new ASN1ObjectIdentifier("2.5.99.99"), true, baseCert);
-
-            fail("exception not thrown on dud extension copy");
-        }
-        catch (NullPointerException e)
-        {
-            // expected
-        }
-
-//        try
-//        {
-//            certGen.setPublicKey(dudPublicKey);
-//
-//            certGen.generate(privKey, BC);
-//
-//            fail("key without encoding not detected in v3");
-//        }
-//        catch (IllegalArgumentException e)
-//        {
-//            // expected
-//        }
-
-    }
-
-    public void testForgedSignature()
-        throws Exception
-    {
-        String cert = "MIIBsDCCAVoCAQYwDQYJKoZIhvcNAQEFBQAwYzELMAkGA1UEBhMCQVUxEzARBgNV"
-                    + "BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSMwIQYD"
-                    + "VQQDExpTZXJ2ZXIgdGVzdCBjZXJ0ICg1MTIgYml0KTAeFw0wNjA5MTEyMzU4NTVa"
-                    + "Fw0wNjEwMTEyMzU4NTVaMGMxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNs"
-                    + "YW5kMRowGAYDVQQKExFDcnlwdFNvZnQgUHR5IEx0ZDEjMCEGA1UEAxMaU2VydmVy"
-                    + "IHRlc3QgY2VydCAoNTEyIGJpdCkwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAn7PD"
-                    + "hCeV/xIxUg8V70YRxK2A5jZbD92A12GN4PxyRQk0/lVmRUNMaJdq/qigpd9feP/u"
-                    + "12S4PwTLb/8q/v657QIDAQABMA0GCSqGSIb3DQEBBQUAA0EAbynCRIlUQgaqyNgU"
-                    + "DF6P14yRKUtX8akOP2TwStaSiVf/akYqfLFm3UGka5XbPj4rifrZ0/sOoZEEBvHQ"
-                    + "e20sRA==";
-
-        X509CertificateHolder hldr = new X509CertificateHolder(Base64.decode(cert));
-
-        assertFalse(hldr.isSignatureValid(new BcRSAContentVerifierProviderBuilder(digAlgFinder).build(hldr)));
-    }
-
-    private void pemTest()
-        throws Exception
-    {
-        CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
-
-        X509Certificate cert = readPEMCert(cf, PEMData.CERTIFICATE_1);
-        if (cert == null)
-        {
-            fail("PEM cert not read");
-        }
-        cert = readPEMCert(cf, "-----BEGIN CERTIFICATE-----" + PEMData.CERTIFICATE_2);
-        if (cert == null)
-        {
-            fail("PEM cert with extraneous header not read");
-        }
-        CRL crl = cf.generateCRL(new ByteArrayInputStream(PEMData.CRL_1.getBytes("US-ASCII")));
-        if (crl == null)
-        {
-            fail("PEM crl not read");
-        }
-        Collection col = cf.generateCertificates(new ByteArrayInputStream(PEMData.CERTIFICATE_2.getBytes("US-ASCII")));
-        if (col.size() != 1 || !col.contains(cert))
-        {
-            fail("PEM cert collection not right");
-        }
-        col = cf.generateCRLs(new ByteArrayInputStream(PEMData.CRL_2.getBytes("US-ASCII")));
-        if (col.size() != 1 || !col.contains(crl))
-        {
-            fail("PEM crl collection not right");
-        }
-    }
-
-    private static X509Certificate readPEMCert(CertificateFactory cf, String pemData)
-        throws CertificateException, UnsupportedEncodingException
-    {
-        return (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(pemData.getBytes("US-ASCII")));
-    }
-
-    private void createPSSCert(String algorithm)
-        throws Exception
-    {
-        AsymmetricCipherKeyPair pair = generateLongFixedKeys();
-
-        AsymmetricKeyParameter privKey = (AsymmetricKeyParameter)pair.getPrivate();
-        AsymmetricKeyParameter pubKey = (AsymmetricKeyParameter)pair.getPublic();
-
-        //
-        // distinguished name table.
-        //
-
-        X500NameBuilder builder = createStdBuilder();
-
-        //
-        // create base certificate - version 3
-        //
-        BcX509ExtensionUtils extFact = new BcX509ExtensionUtils(new SHA1DigestCalculator());
-
-        AlgorithmIdentifier sigAlgId = sigAlgFinder.find(algorithm);
-        AlgorithmIdentifier digAlgId = digAlgFinder.find(sigAlgId);
-
-        ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(privKey);
-        BcX509v3CertificateBuilder  certGen = new BcX509v3CertificateBuilder(builder.build(),BigInteger.valueOf(1),
-        new Date(System.currentTimeMillis() - 50000),new Date(System.currentTimeMillis() + 50000),builder.build(),pubKey);
-
-        certGen.addExtension(new ASN1ObjectIdentifier("2.5.29.15"), true,
-            new KeyUsage(KeyUsage.encipherOnly));
-        certGen.addExtension(new ASN1ObjectIdentifier("2.5.29.37"), true,
-            new DERSequence(KeyPurposeId.anyExtendedKeyUsage));
-        certGen.addExtension(new ASN1ObjectIdentifier("2.5.29.17"), true,
-            new GeneralNames(new GeneralName(GeneralName.rfc822Name, "test@test.test")));
-
-        certGen.addExtension(Extension.authorityKeyIdentifier, true, extFact.createAuthorityKeyIdentifier(pubKey));
-
-        X509CertificateHolder baseCert = certGen.build(sigGen);
-
-        assertTrue(baseCert.isSignatureValid(new BcRSAContentVerifierProviderBuilder(digAlgFinder).build(pubKey)));
-    }
-
-    private AsymmetricCipherKeyPair generateLongFixedKeys()
-    {
-        RSAKeyParameters pubKeySpec = new RSAKeyParameters(
-            false,
-            new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
-            new BigInteger("010001",16));
-
-        RSAKeyParameters privKeySpec = new RSAPrivateCrtKeyParameters(
-            new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
-            new BigInteger("010001",16),
-            new BigInteger("33a5042a90b27d4f5451ca9bbbd0b44771a101af884340aef9885f2a4bbe92e894a724ac3c568c8f97853ad07c0266c8c6a3ca0929f1e8f11231884429fc4d9ae55fee896a10ce707c3ed7e734e44727a39574501a532683109c2abacaba283c31b4bd2f53c3ee37e352cee34f9e503bd80c0622ad79c6dcee883547c6a3b325",16),
-            new BigInteger("e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443",16),
-            new BigInteger("b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd",16),
-            new BigInteger("28fa13938655be1f8a159cbaca5a72ea190c30089e19cd274a556f36c4f6e19f554b34c077790427bbdd8dd3ede2448328f385d81b30e8e43b2fffa027861979",16),
-            new BigInteger("1a8b38f398fa712049898d7fb79ee0a77668791299cdfa09efc0e507acb21ed74301ef5bfd48be455eaeb6e1678255827580a8e4e8e14151d1510a82a3f2e729",16),
-            new BigInteger("27156aba4126d24a81f3a528cbfb27f56886f840a9f6e86e17a44b94fe9319584b8e22fdde1e5a2e3bd8aa5ba8d8584194eb2190acf832b847f13a3d24a79f4d",16));
-
-        return new AsymmetricCipherKeyPair(pubKeySpec, privKeySpec);
-    }
-
-    public void testNullDerNullCert()
-        throws Exception
-    {
-        AsymmetricCipherKeyPair pair = generateLongFixedKeys();
-        AsymmetricKeyParameter pubKey = (AsymmetricKeyParameter)pair.getPublic();
-        AsymmetricKeyParameter privKey = (AsymmetricKeyParameter)pair.getPrivate();
-
-        DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder();
-        DefaultDigestAlgorithmIdentifierFinder digAlgFinder = new DefaultDigestAlgorithmIdentifierFinder();
-
-        AlgorithmIdentifier sigAlgId = sigAlgFinder.find("MD5withRSA");
-        AlgorithmIdentifier digAlgId = digAlgFinder.find(sigAlgId);
-
-        ContentSigner sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(privKey);
-        BcX509v3CertificateBuilder  certGen = new BcX509v3CertificateBuilder(new X500Name("CN=Test"),BigInteger.valueOf(1),new Date(System.currentTimeMillis() - 50000),new Date(System.currentTimeMillis() + 50000),new X500Name("CN=Test"),pubKey);
-        X509CertificateHolder cert = certGen.build(sigGen);
-
-        Certificate struct = Certificate.getInstance(cert.getEncoded());
-
-        ASN1Object tbsCertificate = struct.getTBSCertificate();
-        AlgorithmIdentifier sig = struct.getSignatureAlgorithm();
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(tbsCertificate);
-        v.add(new AlgorithmIdentifier(sig.getAlgorithm()));
-        v.add(struct.getSignature());
-
-        // verify
-        ByteArrayInputStream    bIn;
-        String                  dump = "";
-
-        bIn = new ByteArrayInputStream(new DERSequence(v).getEncoded());
-
-        cert = new X509CertificateHolder(new DERSequence(v).getEncoded());
-
-        assertTrue(cert.isSignatureValid(new BcRSAContentVerifierProviderBuilder(digAlgFinder).build(pubKey)));
-    }
-
-    public void testCertificates()
-        throws Exception
-    {
-        checkCertificate(1, cert1);
-        checkCertificate(2, cert2);
-        checkCertificate(3, cert3);
-        checkCertificate(4, cert4);
-        checkCertificate(5, cert5);
-        //checkCertificate(7, cert7);
-
-        checkKeyUsage(8, keyUsage);
-
-        checkSelfSignedCertificate(11, probSelfSignedCert);
-
-        checkCRL(1, crl1);
-
-        checkCreation1();
-        checkCreation2();
-        checkCreation3();
-        checkCreation5();
-
-        createPSSCert("SHA1withRSAandMGF1");
-        createPSSCert("SHA224withRSAandMGF1");
-        createPSSCert("SHA256withRSAandMGF1");
-        createPSSCert("SHA384withRSAandMGF1");
-
-        checkCRLCreation1();
-        checkCRLCreation2();
-        checkCRLCreation3();
-
-        pemTest();
-
-        checkCertificate(18, emptyDNCert);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/test/BcPKCS10Test.java b/bcpkix/src/main/java/org/bouncycastle/cert/test/BcPKCS10Test.java
deleted file mode 100644
index 01a8dd5..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/test/BcPKCS10Test.java
+++ /dev/null

@@ -1,230 +0,0 @@
-package org.bouncycastle.cert.test;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import junit.framework.TestCase;
-import org.bouncycastle.asn1.pkcs.Attribute;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x500.X500NameBuilder;
-import org.bouncycastle.asn1.x500.style.RFC4519Style;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.BasicConstraints;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.ExtensionsGenerator;
-import org.bouncycastle.asn1.x509.KeyUsage;
-import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
-import org.bouncycastle.cert.bc.BcX509ExtensionUtils;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
-import org.bouncycastle.crypto.generators.RSAKeyPairGenerator;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.RSAKeyGenerationParameters;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
-import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
-import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
-import org.bouncycastle.operator.bc.BcContentSignerBuilder;
-import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder;
-import org.bouncycastle.operator.bc.BcRSAContentVerifierProviderBuilder;
-import org.bouncycastle.pkcs.PKCS10CertificationRequest;
-import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder;
-import org.bouncycastle.pkcs.bc.BcPKCS10CertificationRequest;
-import org.bouncycastle.pkcs.bc.BcPKCS10CertificationRequestBuilder;
-import org.bouncycastle.util.Arrays;
-
-public class BcPKCS10Test
-    extends TestCase
-{
-    public String getName()
-    {
-        return "PKCS10CertRequest";
-    }
-
-    private void generationTest(int keySize, String keyName, String sigName)
-        throws Exception
-    {
-        AsymmetricCipherKeyPairGenerator kpg = new RSAKeyPairGenerator();
-        RSAKeyGenerationParameters genParam = new RSAKeyGenerationParameters(
-                                            BigInteger.valueOf(0x1001), new SecureRandom(), keySize, 25);
-
-        kpg.init(genParam);
-
-        AsymmetricCipherKeyPair kp = kpg.generateKeyPair();
-
-
-        X500NameBuilder x500NameBld = new X500NameBuilder(RFC4519Style.INSTANCE);
-
-        x500NameBld.addRDN(RFC4519Style.c, "AU");
-        x500NameBld.addRDN(RFC4519Style.o, "The Legion of the Bouncy Castle");
-        x500NameBld.addRDN(RFC4519Style.l, "Melbourne");
-        x500NameBld.addRDN(RFC4519Style.st, "Victoria");
-        x500NameBld.addRDN(PKCSObjectIdentifiers.pkcs_9_at_emailAddress, "feedback-crypto@bouncycastle.org");
-
-        X500Name subject = x500NameBld.build();
-
-        PKCS10CertificationRequestBuilder requestBuilder = new BcPKCS10CertificationRequestBuilder(subject, kp.getPublic());
-
-        DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder();
-        DefaultDigestAlgorithmIdentifierFinder digAlgFinder = new DefaultDigestAlgorithmIdentifierFinder();
-
-        AlgorithmIdentifier sigAlgId = sigAlgFinder.find("SHA1withRSA");
-
-        AlgorithmIdentifier digAlgId = digAlgFinder.find(sigAlgId);
-
-        BcContentSignerBuilder contentSignerBuilder = new BcRSAContentSignerBuilder(sigAlgId, digAlgId);
-
-        PKCS10CertificationRequest req1 = requestBuilder.build(contentSignerBuilder.build(kp.getPrivate()));
-
-        BcPKCS10CertificationRequest req2 = new BcPKCS10CertificationRequest(req1.getEncoded());
-
-        if (!req2.isSignatureValid(new BcRSAContentVerifierProviderBuilder(digAlgFinder).build(kp.getPublic())))
-        {
-            fail(sigName + ": Failed verify check.");
-        }
-
-        if (!Arrays.areEqual(req2.getSubjectPublicKeyInfo().getEncoded(), req1.getSubjectPublicKeyInfo().getEncoded()))
-        {
-            fail(keyName + ": Failed public key check.");
-        }
-    }
-
-    private void createPSSTest(String algorithm)
-        throws Exception
-    {
-        AsymmetricKeyParameter pubKey = new RSAKeyParameters(
-            false,
-            new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
-            new BigInteger("010001",16));
-
-        AsymmetricKeyParameter privKey = new RSAPrivateCrtKeyParameters(
-            new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
-            new BigInteger("010001",16),
-            new BigInteger("33a5042a90b27d4f5451ca9bbbd0b44771a101af884340aef9885f2a4bbe92e894a724ac3c568c8f97853ad07c0266c8c6a3ca0929f1e8f11231884429fc4d9ae55fee896a10ce707c3ed7e734e44727a39574501a532683109c2abacaba283c31b4bd2f53c3ee37e352cee34f9e503bd80c0622ad79c6dcee883547c6a3b325",16),
-            new BigInteger("e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443",16),
-            new BigInteger("b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd",16),
-            new BigInteger("28fa13938655be1f8a159cbaca5a72ea190c30089e19cd274a556f36c4f6e19f554b34c077790427bbdd8dd3ede2448328f385d81b30e8e43b2fffa027861979",16),
-            new BigInteger("1a8b38f398fa712049898d7fb79ee0a77668791299cdfa09efc0e507acb21ed74301ef5bfd48be455eaeb6e1678255827580a8e4e8e14151d1510a82a3f2e729",16),
-            new BigInteger("27156aba4126d24a81f3a528cbfb27f56886f840a9f6e86e17a44b94fe9319584b8e22fdde1e5a2e3bd8aa5ba8d8584194eb2190acf832b847f13a3d24a79f4d",16));
-
-        DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder();
-        DefaultDigestAlgorithmIdentifierFinder digAlgFinder = new DefaultDigestAlgorithmIdentifierFinder();
-
-        AlgorithmIdentifier sigAlgId = sigAlgFinder.find(algorithm);
-        AlgorithmIdentifier digAlgId = digAlgFinder.find(sigAlgId);
-        BcContentSignerBuilder contentSignerBuilder = new BcRSAContentSignerBuilder(sigAlgId, digAlgId);
-
-        PKCS10CertificationRequest req = new BcPKCS10CertificationRequestBuilder(new X500Name("CN=XXX"), pubKey).build(contentSignerBuilder.build(privKey));
-        if (!req.isSignatureValid(new BcRSAContentVerifierProviderBuilder(digAlgFinder).build(pubKey)))
-        {
-            fail("Failed verify check PSS.");
-        }
-
-        BcPKCS10CertificationRequest bcReq = new BcPKCS10CertificationRequest(req.getEncoded());
-        if (!bcReq.isSignatureValid(new BcRSAContentVerifierProviderBuilder(digAlgFinder).build(bcReq.getPublicKey())))
-        {
-            fail("Failed verify check PSS encoded.");
-        }
-
-        if (!bcReq.getSignatureAlgorithm().getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS))
-        {
-            fail("PSS oid incorrect.");
-        }
-
-        if (bcReq.getSignatureAlgorithm().getParameters() == null)
-        {
-            fail("PSS parameters incorrect.");
-        }
-    }
-
-     // previous code found to cause a NullPointerException
-    private void nullPointerTest()
-        throws Exception
-    {
-        AsymmetricCipherKeyPairGenerator kpg = new RSAKeyPairGenerator();
-        RSAKeyGenerationParameters genParam = new RSAKeyGenerationParameters(
-                                            BigInteger.valueOf(0x1001), new SecureRandom(), 1024, 25);
-
-        kpg.init(genParam);
-
-        AsymmetricCipherKeyPair kp = kpg.generateKeyPair();
-        ExtensionsGenerator extGen = new ExtensionsGenerator();
-
-        extGen.addExtension(Extension.basicConstraints, true, new BasicConstraints(true));
-        extGen.addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.keyCertSign | KeyUsage.cRLSign));
-
-        BcX509ExtensionUtils extUtils = new BcX509ExtensionUtils(new SHA1DigestCalculator());
-
-        SubjectKeyIdentifier subjectKeyIdentifier = extUtils.createSubjectKeyIdentifier(kp.getPublic());
-
-        extGen.addExtension(Extension.subjectKeyIdentifier, false, subjectKeyIdentifier);
-
-        DefaultSignatureAlgorithmIdentifierFinder sigAlgFinder = new DefaultSignatureAlgorithmIdentifierFinder();
-        DefaultDigestAlgorithmIdentifierFinder digAlgFinder = new DefaultDigestAlgorithmIdentifierFinder();
-
-        AlgorithmIdentifier sigAlgId = sigAlgFinder.find("SHA1withRSA");
-
-        AlgorithmIdentifier digAlgId = digAlgFinder.find(sigAlgId);
-
-        BcContentSignerBuilder contentSignerBuilder = new BcRSAContentSignerBuilder(sigAlgId, digAlgId);
-
-        PKCS10CertificationRequest p1 = new BcPKCS10CertificationRequestBuilder(
-            new X500Name("cn=csr"), kp.getPublic())
-            .addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate())
-            .build(contentSignerBuilder.build(kp.getPrivate()));
-        PKCS10CertificationRequest p2 = new BcPKCS10CertificationRequestBuilder(
-            new X500Name("cn=csr"), kp.getPublic())
-            .addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, extGen.generate())
-            .build(contentSignerBuilder.build(kp.getPrivate()));
-
-        if (!p1.equals(p2))
-        {
-            fail("cert request comparison failed");
-        }
-
-        Attribute[] attr1 = p1.getAttributes();
-        Attribute[] attr2 = p1.getAttributes();
-
-        checkAttrs(1, attr1, attr2);
-
-        attr1 = p1.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest);
-        attr2 = p1.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest);
-
-        checkAttrs(1, attr1, attr2);
-    }
-
-    private void checkAttrs(int expectedLength, Attribute[] attr1, Attribute[] attr2)
-    {
-        if (expectedLength != attr1.length)
-        {
-            fail("expected length mismatch");
-        }
-
-        if (attr1.length != attr2.length)
-        {
-            fail("atrribute length mismatch");
-        }
-
-        for (int i = 0; i != attr1.length; i++)
-        {
-            if (!attr1[i].equals(attr2[i]))
-            {
-                fail("atrribute mismatch");
-            }
-        }
-    }
-
-    public void testPKCS10()
-        throws Exception
-    {
-        generationTest(512, "RSA", "SHA1withRSA");
-
-        createPSSTest("SHA1withRSAandMGF1");
-        createPSSTest("SHA224withRSAandMGF1");
-        createPSSTest("SHA256withRSAandMGF1");
-        createPSSTest("SHA384withRSAandMGF1");
-
-        nullPointerTest();
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/test/CertPathLoopTest.java b/bcpkix/src/main/java/org/bouncycastle/cert/test/CertPathLoopTest.java
deleted file mode 100644
index 91314b1..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/test/CertPathLoopTest.java
+++ /dev/null

@@ -1,304 +0,0 @@
-package org.bouncycastle.cert.test;
-
-import java.math.BigInteger;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.NoSuchAlgorithmException;
-import java.security.PublicKey;
-import java.security.Security;
-import java.security.cert.CertPathBuilder;
-import java.security.cert.CertPathBuilderException;
-import java.security.cert.CertPathBuilderResult;
-import java.security.cert.CertStore;
-import java.security.cert.CertStoreParameters;
-import java.security.cert.CollectionCertStoreParameters;
-import java.security.cert.PKIXBuilderParameters;
-import java.security.cert.TrustAnchor;
-import java.security.cert.X509CRL;
-import java.security.cert.X509CertSelector;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.Date;
-import java.util.GregorianCalendar;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Set;
-
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.BasicConstraints;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.KeyUsage;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.cert.X509CRLHolder;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.X509v2CRLBuilder;
-import org.bouncycastle.cert.X509v3CertificateBuilder;
-import org.bouncycastle.cert.jcajce.JcaX509CRLConverter;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.operator.ContentSigner;
-import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-/**
- * BC bug test case.
- */
-public class CertPathLoopTest
-    extends SimpleTest
-{
-    /**
-     * List of trust anchors
-     */
-    private static Set<TrustAnchor> taSet;
-    /**
-     * List of certificates and CRLs
-     */
-    private static List<Object> otherList;
-
-    /**
-     * Asks the user about the configuration he want's to test
-     *
-     * @param caA
-     * @param caB
-     */
-    private static void checkUseDistinctCAs(CA caA, CA caB)
-    {
-        //Standard configuration : everything in caA
-        taSet = new HashSet<TrustAnchor>();
-        taSet.add(caA.ta);
-        otherList = new ArrayList<Object>();
-        otherList.add(caA.acCertCrl);
-        otherList.add(caA.crl);
-        //User specified configuration : parts of caB
-
-        taSet.add(caB.ta);
-        otherList.add(caB.acCertCrl);
-        otherList.add(caB.crl);
-    }
-
-    /**
-     * Creates a collection cert store
-     */
-    static CertStore getStore(Collection col)
-        throws InvalidAlgorithmParameterException, NoSuchAlgorithmException
-    {
-        CertStoreParameters csp = new CollectionCertStoreParameters(col);
-        return CertStore.getInstance("Collection", csp);
-    }
-
-    public String getName()
-    {
-        return "CertPath Loop Test";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-              //Add the provider
-        Security.addProvider(new BouncyCastleProvider());
-        //Generate two Cert authorities
-        CA caA = new CA();
-        CA caB = new CA();
-        //Ask the user the conf he want's to test
-        checkUseDistinctCAs(caA, caB);
-
-        //Let's create a target cert under caA
-        X509CertSelector target = new X509CertSelector();
-        target.setCertificate(caA.makeNewCert());
-        //create control parameters
-        PKIXBuilderParameters params = new PKIXBuilderParameters(taSet, target);
-        params.addCertStore(getStore(Collections.singleton(target.getCertificate())));
-        params.addCertStore(getStore(otherList));
-        //enable revocation check
-        params.setRevocationEnabled(true);
-
-        //Lets Build the path
-        try
-        {
-            CertPathBuilderResult cpbr = CertPathBuilder.getInstance("PKIX", "BC").build(params);
-
-            fail("invalid path build");
-        }
-        catch (CertPathBuilderException e)
-        {
-            if (!e.getCause().getMessage().equals("CertPath for CRL signer failed to validate."))
-            {
-                fail("Exception thrown, but wrong one", e.getCause());
-            }
-        }
-    }
-
-    /**
-     * Class simulating a certification authority
-     */
-    private static class CA
-    {
-        /**
-         * key pair generator
-         */
-        final static KeyPairGenerator kpg;
-
-        static
-        {
-            try
-            {
-                kpg = KeyPairGenerator.getInstance("RSA");
-                //Key size doesn't matter, smaller == Faster
-                kpg.initialize(512);
-            }
-            catch (NoSuchAlgorithmException e)
-            {
-                throw new RuntimeException(e);
-            }
-        }
-
-        /**
-         * KeyPair signing certificates
-         */
-        private KeyPair caCertKp;
-        /**
-         * KeyPair signing CRLs
-         */
-        private KeyPair caCrlKp;
-        TrustAnchor ta;
-        /**
-         * Subject of this CA
-         */
-        X500Name acSubject;
-        /**
-         * Certificate signing certificates
-         */
-        X509Certificate acCertAc;
-        /**
-         * Certificate signing CRLs
-         */
-        X509Certificate acCertCrl;
-        /**
-         * the CRL
-         */
-        X509CRL crl;
-        /**
-         * Signers
-         */
-        private ContentSigner caCrlSigner, caCertSigner;
-        /**
-         * Serial number counter
-         */
-        private int counter = 1;
-
-        /**
-         * Constructor
-         */
-        public CA()
-            throws Exception
-        {
-            //Init both keypairs
-            caCertKp = kpg.generateKeyPair();
-            caCrlKp = kpg.generateKeyPair();
-            //subject
-            acSubject = new X500Name("CN=AC_0");
-            //validity
-            GregorianCalendar gc = new GregorianCalendar();
-            Date notBefore = gc.getTime();
-            gc.add(GregorianCalendar.DAY_OF_YEAR, 1);
-            Date notAfter = gc.getTime();
-            //first signer
-            caCertSigner = new JcaContentSignerBuilder("SHA1withRSA").build(caCertKp.getPrivate());
-            //top level : issuer is self
-            X500Name issuer = acSubject;
-            //reserved for future use (another test case)
-            ContentSigner thisAcSigner = caCertSigner;
-            //reserved for future use (another test case)
-            //First certificate: Certificate authority (BasicConstraints=true) but not CRLSigner
-            X509CertificateHolder certH = new X509v3CertificateBuilder(
-                issuer, BigInteger.valueOf(counter++), notBefore, notAfter, acSubject, getPublicKeyInfo(caCertKp.getPublic()))
-                .addExtension(Extension.basicConstraints, true, new BasicConstraints(true))
-                .addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.keyCertSign))
-                .build(thisAcSigner);
-            //lets convert to X509Certificate
-            acCertAc = convert(certH);
-            //and build a trust Anchor
-            ta = new TrustAnchor(acCertAc, null);
-
-            //Second signer
-            caCrlSigner = new JcaContentSignerBuilder("SHA1withRSA").build(caCrlKp.getPrivate());
-            //second certificate: CRLSigner but not Certificate authority (BasicConstraints=false)
-            certH = new X509v3CertificateBuilder(
-                issuer, BigInteger.valueOf(counter++), notBefore, notAfter, acSubject, getPublicKeyInfo(caCrlKp.getPublic()))
-                .addExtension(Extension.basicConstraints, false, new BasicConstraints(false))
-                .addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.cRLSign))
-                .build(thisAcSigner);
-            //lets convert to X509Certificate
-            acCertCrl = convert(certH);
-            //And create the CRL
-            X509CRLHolder crlH = new X509v2CRLBuilder(acSubject, notBefore).setNextUpdate(notAfter).build(caCrlSigner);
-            //lets convert to X509CRL
-            crl = convert(crlH);
-        }
-
-        /**
-         * Creates a child certificate
-         */
-        public X509Certificate makeNewCert()
-            throws Exception
-        {
-            //private key doesn't matter for the test
-            PublicKey publicKey = kpg.generateKeyPair().getPublic();
-            //Validity
-            GregorianCalendar gc = new GregorianCalendar();
-            Date notBefore = gc.getTime();
-            gc.add(GregorianCalendar.DAY_OF_YEAR, 1);
-            Date notAfter = gc.getTime();
-            //serial
-            BigInteger certSerial = BigInteger.valueOf(counter++);
-            //Distinct name based on the serial
-            X500Name subject = new X500Name("CN=EU_" + certSerial.toString());
-            //End user certificate, not allowed to do anything
-            X509CertificateHolder enUserCertH = new X509v3CertificateBuilder(
-                acSubject, certSerial, notBefore, notAfter, subject, getPublicKeyInfo(publicKey))
-                .addExtension(Extension.basicConstraints, false, new BasicConstraints(false))
-                .addExtension(Extension.keyUsage, true, new KeyUsage(0))
-                .build(caCertSigner);
-
-            //lets convert to X509Certificate
-            return convert(enUserCertH);
-        }
-
-
-        /**
-         * convert to X509Certificate
-         */
-        static X509Certificate convert(X509CertificateHolder h)
-            throws Exception
-        {
-            return new JcaX509CertificateConverter().getCertificate(h);
-        }
-
-        /**
-         * convert to X509CRL
-         */
-        static X509CRL convert(X509CRLHolder h)
-            throws Exception
-        {
-            return new JcaX509CRLConverter().getCRL(h);
-        }
-
-        /**
-         * convert to SubjectPublicKeyInfo
-         */
-        static SubjectPublicKeyInfo getPublicKeyInfo(PublicKey k)
-            throws Exception
-        {
-            return SubjectPublicKeyInfo.getInstance(k.getEncoded());
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new CertPathLoopTest());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/test/CertTest.java b/bcpkix/src/main/java/org/bouncycastle/cert/test/CertTest.java
deleted file mode 100644
index fc2aa23..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/test/CertTest.java
+++ /dev/null

@@ -1,4107 +0,0 @@
-package org.bouncycastle.cert.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.io.Serializable;
-import java.io.UnsupportedEncodingException;
-import java.math.BigInteger;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.KeyStore;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.Signature;
-import java.security.cert.CRL;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509CRL;
-import java.security.cert.X509CRLEntry;
-import java.security.cert.X509Certificate;
-import java.security.spec.DSAParameterSpec;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.MGF1ParameterSpec;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.PSSParameterSpec;
-import java.security.spec.RSAPrivateCrtKeySpec;
-import java.security.spec.RSAPublicKeySpec;
-import java.util.Collection;
-import java.util.Date;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Set;
-import java.util.Vector;
-
-import javax.security.auth.x500.X500Principal;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Enumerated;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.bc.BCObjectIdentifiers;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.RSAPublicKey;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x500.X500NameBuilder;
-import org.bouncycastle.asn1.x500.style.BCStyle;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
-import org.bouncycastle.asn1.x509.CRLReason;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.Extensions;
-import org.bouncycastle.asn1.x509.ExtensionsGenerator;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.GeneralNames;
-import org.bouncycastle.asn1.x509.IssuingDistributionPoint;
-import org.bouncycastle.asn1.x509.KeyPurposeId;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x9.ECNamedCurveTable;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-import org.bouncycastle.cert.X509AttributeCertificateHolder;
-import org.bouncycastle.cert.X509CRLEntryHolder;
-import org.bouncycastle.cert.X509CRLHolder;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.X509v1CertificateBuilder;
-import org.bouncycastle.cert.X509v2CRLBuilder;
-import org.bouncycastle.cert.X509v3CertificateBuilder;
-import org.bouncycastle.cert.jcajce.JcaX509CRLConverter;
-import org.bouncycastle.cert.jcajce.JcaX509CRLHolder;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
-import org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils;
-import org.bouncycastle.cert.jcajce.JcaX509v1CertificateBuilder;
-import org.bouncycastle.cert.jcajce.JcaX509v2CRLBuilder;
-import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
-import org.bouncycastle.crypto.params.DSAParameters;
-import org.bouncycastle.crypto.params.DSAValidationParameters;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
-import org.bouncycastle.jce.X509KeyUsage;
-import org.bouncycastle.jce.X509Principal;
-import org.bouncycastle.jce.interfaces.ECPointEncoder;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECNamedCurveGenParameterSpec;
-import org.bouncycastle.jce.spec.ECParameterSpec;
-import org.bouncycastle.jce.spec.ECPrivateKeySpec;
-import org.bouncycastle.jce.spec.ECPublicKeySpec;
-import org.bouncycastle.jce.spec.GOST3410ParameterSpec;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.operator.ContentSigner;
-import org.bouncycastle.operator.ContentVerifierProvider;
-import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
-import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
-import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder;
-import org.bouncycastle.operator.bc.BcRSAContentVerifierProviderBuilder;
-import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
-import org.bouncycastle.operator.jcajce.JcaContentVerifierProviderBuilder;
-import org.bouncycastle.pqc.jcajce.provider.BouncyCastlePQCProvider;
-import org.bouncycastle.pqc.jcajce.spec.QTESLAParameterSpec;
-import org.bouncycastle.pqc.jcajce.spec.SPHINCS256KeyGenParameterSpec;
-import org.bouncycastle.pqc.jcajce.spec.XMSSMTParameterSpec;
-import org.bouncycastle.pqc.jcajce.spec.XMSSParameterSpec;
-import org.bouncycastle.util.Encodable;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class CertTest
-    extends SimpleTest
-{
-    private static final String BC = org.bouncycastle.jce.provider.BouncyCastleProvider.PROVIDER_NAME;
-
-    // test CA
-    byte[] testCAp12 = Base64.decode(
-        "MIACAQMwgAYJKoZIhvcNAQcBoIAkgASCA+gwgDCABgkqhkiG9w0BBwGggCSA"
-            + "BIID6DCCCFIwggL/BgsqhkiG9w0BDAoBAqCCArIwggKuMCgGCiqGSIb3DQEM"
-            + "AQMwGgQUjWJR94N+oDQ1XlXO/kUSwu3UOL0CAgQABIICgFjzMa65mpNKYQRA"
-            + "+avbnOjYZ7JkTA5XY7CBcOVwNySY6/ye5Ms6VYl7mCgqzzdDQhT02Th8wXMr"
-            + "fibaC5E/tJRfdWt1zYr9NTLxLG6iCNPXJGGV6aXznv+UFTnzbzGGIAf0zpYf"
-            + "DOOUMusnBeJO2GVETk6DyjtVqx0sLAJKDZQadpao4K5mr5t4bz7zGoykoKNN"
-            + "TRH1tcrb6FYIPy5cf9vAHbyEB6pBdRjFQMYt50fpQGdQ8az9vvf6fLgQe20x"
-            + "e9PtDeqVU+5xNHeWauyVWIjp5penVkptAMYBr5qqNHfg1WuP2V1BO4SI/VWQ"
-            + "+EBKzlOjbH84KDVPDtOQGtmGYmZElxvfpz+S5rHajfzgIKQDT6Y4PTKPtMuF"
-            + "3OYcrVb7EKhTv1lXEQcNrR2+Apa4r2SZnTBq+1JeAGMNzwsMbAEcolljNiVs"
-            + "Lbvxng/WYTBb7+v8EjhthVdyMIY9KoKLXWMtfadEchRPqHGcEJDJ0BlwaVcn"
-            + "UQrexG/UILyVCaKc8yZOI9plAquDx2bGHi6FI4LdToAllX6gX2GncTeuCSuo"
-            + "o0//DBO3Hj7Pj5sGPZsSqzVQ1kH90/jResUN3vm09WtXKo8TELmmjA1yMqXe"
-            + "1r0mP6uN+yvjF1djC9SjovIh/jOG2RiqRy7bGtPRRchgIJCJlC1UoWygJpD6"
-            + "5dlzKMnQLikJ5BhsCIx2F96rmQXXKd7pIwCH7tiKHefQrszHpYO7QvBhwLsk"
-            + "y1bUnakLrgF3wdgwGGxbmuE9mNRVh3piVLGtVw6pH/9jOjmJ6JPbZ8idOpl5"
-            + "fEXOc81CFHTwv/U4oTfjKej4PTCZr58tYO6DdhA5XoEGNmjv4rgZJH1m6iUx"
-            + "OjATBgkqhkiG9w0BCRQxBh4EAGMAYTAjBgkqhkiG9w0BCRUxFgQUKBwy0CF7"
-            + "51A+BhNFCrsws2AG0nYwggVLBgsqhkiG9w0BDAoBAqCCBPowggT2MCgGCiqG"
-            + "SIb3DQEMAQMwGgQUf9t4IA/TP6OsH4GCiDg1BsRCqTwCAgQABIIEyHjGPJZg"
-            + "zhkF93/jM4WTnQUgWOR3PlTmhUSKjyMCLUBSrICocLVsz316NHPT3lqr0Lu2"
-            + "eKXlE5GRDp/c8RToTzMvEDdwi2PHP8sStrGJa1ruNRpOMnVAj8gnyd5KcyYJ"
-            + "3j+Iv/56hzPFXsZMg8gtbPphRxb3xHEZj/xYXYfUhfdElezrBIID6LcWRZS2"
-            + "MuuVddZToLOIdVWSTDZLscR6BIID6Ok+m+VC82JjvLNK4pZqO7Re9s/KAxV9"
-            + "f3wfJ7C7kmr8ar4Mlp9jYfO11lCcBEL86sM93JypgayWp53NN2nYQjnQDafR"
-            + "NrtlthQuR36ir2DEuSp4ySqsSXX/nD3AVOvrpbN88RUIK8Yx36tRaBOBL8tv"
-            + "9aKDfgpWKK4NHxA7V3QkHCAVqLpUZlIvVqEcvjNpzn6ydDQLGk7x5itNlWdn"
-            + "Kq/LfgMlXrTY/kKC4k7xogFS/FRIR10NP3lU+vAEa5T299QZv7c7n2OSVg6K"
-            + "xEXwjYNhfsLP3PlaCppouc2xsq/zSvymZPWsVztuoMwEfVeTtoSEUU8cqOiw"
-            + "Q1NpGtvrO1R28uRdelAVcrIu0qBAbdB5xb+xMfMhVhk7iuSZsYzKJVjK1CNK"
-            + "4w+zNqfkZQQOdh1Qj1t5u/22HDTSzZKTot4brIywo6lxboFE0IDJwU8y62vF"
-            + "4PEBPJDeXBuzbqurQhMS19J8h9wjw2quPAJ0E8dPR5B/1qPAuWYs1i2z2AtL"
-            + "FwNU2B+u53EpI4kM/+Wh3wPZ7lxlXcooUc3+5tZdBqcN+s1A2JU5fkMu05/J"
-            + "FSMG89+L5cwygPZssQ0uQFMqIpbbJp2IF76DYvVOdMnnWMgmw4n9sTcLb7Tf"
-            + "GZAQEr3OLtXHxTAX6WnQ1rdDMiMGTvx4Kj1JrtENPI8Y7m6bhIfSuwUk4v3j"
-            + "/DlPmCzGKsZHfjUvaqiZ/Kg+V4gdOMiIlhUwrR3jbxrX1xXNJ+RjwQzC0wX8"
-            + "C8kGF4hK/DUil20EVZNmrTgqsBBqKLMKDNM7rGhyadlG1eg55rJL07ROmXfY"
-            + "PbMtgPQBVVGcvM58jsW8NlCF5XUBNVSOfNSePUOOccPMTCt4VqRZobciIn7i"
-            + "G6lGby6sS8KMRxmnviLWNVWqWyxjFhuv3S8zVplFmzJR7oXk8bcGW9QV93yN"
-            + "fceR9ZVQdEITPTqVE3r2sgrzgFYZAJ+tMzDfkL4NcSBnivfCS1APRttG1RHJ"
-            + "6nxjpf1Ya6CGkM17BdAeEtdXqBb/0B9n0hgPA8EIe5hfL+cGRx4aO8HldCMb"
-            + "YQUFIOFmuj4xn83eFSlh2zllSVaVj0epIqtcXWWefVpjZKlOgoivrTy9JSGp"
-            + "fbsDw/xZMPGYHehbtm60alZK/t4yrfyGLkeWq7FjK31WfIgx9KAEQM4G1cPx"
-            + "dX6Jj0YdoWKrJh7GdqoCSdrwtR5NkG8ecuYPm9P+UUFg+nbcqR7zWVv0MulQ"
-            + "X4LQoKN8iOXZYZDmKbgLYdh4BY8bqVELaHFZ3rU33EUoATO+43IQXHq5qyB5"
-            + "xJVvT6AEggPo0DNHyUyRNMHoT3feYuDiQszN/4N5qVLZL6UeBIGGwmAQq7CK"
-            + "2A2P67/7bjze+LZcvXgoBmkKPn9hVembyEPwow6wGVhrGDWiEvdNE/Tp3n6D"
-            + "NqLIOhnWfTnsinWNXIlqxa6V/jE+MBcGCSqGSIb3DQEJFDEKHggAcgBvAG8A"
-            + "dDAjBgkqhkiG9w0BCRUxFgQUioImRvGskdQCWPVdgD2wKGBiE/0AAAAAAAAw"
-            + "gAYJKoZIhvcNAQcGoIAwgAIBADCABgkqhkiG9w0BBwEwKAYKKoZIhvcNAQwB"
-            + "BjAaBBTOsaVE8IK7OpXHzfobYSfBfnKvTwICBACggASCCLirl2JOsxIiKwDT"
-            + "/iW4D7qRq4W2mdXiLuH8RTJzfARcWtfWRrszakA6Fi0WAsslor3EYMgBpNtJ"
-            + "yctpSfAO2ToEWNlzqRNffiy1UvxC7Pxo9coaDBfsD9hi253dxsCS+fkGlywA"
-            + "eSlHJ2JEhDz7Y7CO6i95LzvZTzz7075UZvSP5FcVjNlKyfDMVVN3tPXl5/Ej"
-            + "4l/rakdyg72d/ajx/VaG5S81Oy2sjTdG+j6G7aMgpAx7dkgiNr65f9rLU7M9"
-            + "sm24II3RZzfUcjHHSZUvwtXIJSBnHkYft7GqzCFHnikLapFh9ObMdc4qTQQA"
-            + "H7Upo0WD/rxgdKN0Bdj9BLZHm1Ixca6rBVOecg80t/kFXipwBihMUmPbHlWB"
-            + "UGjX1kDRyfvqlcDDWr7elGenqNX1qTYCGi41ChLC9igaQRP48NI3aqgx0bu4"
-            + "P2G19T+/E7UZrCc8VIlKUEGRNKSqVtC7IlqyoLdPms9TXzrYJkklB0m23VXI"
-            + "PyJ5MmmRFXOAtLXwqnLGNLYcafbS2F4MPOjkclWgEtOHKmJctBRI14eMlpN2"
-            + "gBMTYxVkOG7ehUtMbWnjTvivqRxsYPmRCC+m7wiHQodtm2fgJtfwhpRSmLu1"
-            + "/KHohc6ESh62ACsn8nfBthsbzuDxV0fsCgbUDomjWpGs+nBgZFYGAkE1z2Ao"
-            + "Xd7CvA3PZJ5HFtyJrEu8VAbCtU5ZLjXzbALiJ7BqJdzigqsxeieabsR+GCKz"
-            + "Drwk1RltTIZnP3EeQbD+mGPa2BjchseaaLNMVDngkc91Zdg2j18dfIabG4AS"
-            + "CvfM4DfwPdwD2UT48V8608u5OWc7O2sIcxVWv1IrbEFLSKchTPPnfKmdDji3"
-            + "LEoD6t1VPYfn0Ch/NEANOLdncsOUDzQCWscA3+6pkfH8ZaCxfyUU/SHGYKkW"
-            + "7twRpR9ka3Wr7rjMjmT0c24YNIUx9ZDt7iquCAdyRHHc13JQ+IWaoqo1z3b8"
-            + "tz6AIfm1dWgcMlzEAc80Jg/SdASCA+g2sROpkVxAyhOY/EIp1Fm+PSIPQ5dE"
-            + "r5wV7ne2gr40Zuxs5Mrra9Jm79hrErhe4nepA6/DkcHqVDW5sqDwSgLuwVui"
-            + "I2yjBt4xBShc6jUxKTRN43cMlZa4rKaEF636gBMUZHDD+zTRE5rtHKFggvwc"
-            + "LiitHXI+Fg9mH/h0cQRDYebc02bQikxKagfeUxm0DbEFH172VV+4L69MP6SY"
-            + "eyMyRyBXNvLBKDVI5klORE7ZMJGCf2pi3vQr+tSM3W51QmK3HuL+tcish4QW"
-            + "WOxVimmczo7tT/JPwSWcklTV4uvnAVLEfptl66Bu9I2/Kn3yPWElAoQvHjMD"
-            + "O47+CVcuhgX5OXt0Sy8OX09j733FG4XFImnBneae6FrxNoi3tMRyHaIwBjIo"
-            + "8VvqhWjPIJKytMT2/42TpsuD4Pj64m77sIx0rAjmU7s0kG4YdkgeSi+1R4X7"
-            + "hkEFVJe3fId7/sItU2BMHkQGBDELAP7gJFzqTLDuSoiVNJ6kB6vkC+VQ7nmn"
-            + "0xyzrOTNcrSBGc2dCXEI6eYi8/2K9y7ZS9dOEUi8SHfc4WNT4EJ8Qsvn61EW"
-            + "jM8Ye5av/t3iE8NGtiMbbsIorEweL8y88vEMkgqZ7MpLbb2iiAv8Zm16GWAv"
-            + "GRD7rUJfi/3dcXiskUCOg5rIRcn2ImVehqKAPArLbLAx7NJ6UZmB+99N3DpH"
-            + "Jk81BkWPwQF8UlPdwjQh7qJUHTjEYAQI2wmL2jttToq59g3xbrLVUM/5X2Xy"
-            + "Fy619lDydw0TZiGq8zA39lwT92WpziDeV5/vuj2gpcFs3f0cUSJlPsw7Y0mE"
-            + "D/uPk7Arn/iP1oZboM9my/H3tm3rOP5xYxkXI/kVsNucTMLwd4WWdtKk3DLg"
-            + "Ms1tcEdAUQ/ZJ938OJf1uzSixDhlMVedweIJMw72V9VpWUf+QC+SHOvGpdSz"
-            + "2a7mU340J0rsQp7HnS71XWPjtxVCN0Mva+gnF+VTEnamQFEETrEydaqFYQEh"
-            + "im5qr32YOiQiwdrIXJ+p9bNxAbaDBmBI/1bdDU9ffr+AGrxxgjvYGiUQk0d/"
-            + "SDvxlE+S9EZlTWirRatglklVndYdkzJDte7ZJSgjlXkbTgy++QW/xRQ0Ya3o"
-            + "ouQepoTkJ2b48ELe4KCKKTOfR0fTzd0578hSdpYuOCylYBZeuLIo6JH3VeoV"
-            + "dggXMYHtYPuj+ABN3utwP/5s5LZ553sMkI/0bJq8ytE/+BFh1rTbRksAuT6B"
-            + "d98lpDAXjyM1HcKD78YiXotdSISU+pYkIbyn4UG8SKzV9mCxAed1cgjE1BWW"
-            + "DUB+xwlFMQTFpj8fhhYYMcwUF8tmv22Snemkaq3pjJKPBIIB7/jK7pfLMSSS"
-            + "5ojMvWzu9mTegbl9v2K73XqZ/N4LZ5BqxnMdCBM4cCbA2LMwX8WAVlKper6X"
-            + "zdTxRf4SWuzzlOXIyhWaH1g9Yp3PkaWh/BpPne/DXZmfyrTCPWGlbu1oqdKq"
-            + "CgORN9B0+biTWiqgozvtbnCkK+LXqRYbghsWNlOhpm5NykUl7T2xRswYK8gz"
-            + "5vq/xCY5hq+TvgZOT0Fzx426nbNqyGmdjbCpPf2t4s5o3C48WhNSg3vSSJes"
-            + "RVJ4dV1TfXkytIKk/gzLafJfS+AcLeE48MyCOohhLFHdYC9f+lrk51xEANTc"
-            + "xpn26JO1sO7iha8iccRmMYwi6tgDRVKFp6X5VVHXy8hXzxEbWWFL/GkUIjyD"
-            + "hm0KXaarhP9Iah+/j6CI6eVLIhyMsA5itsYX+bJ0I8KmVkXelbwX7tcwSUAs"
-            + "0Wq8oiV8Mi+DawkhTWE2etz07uMseR71jHEr7KE6WXo+SO995Xyop74fLtje"
-            + "GLZroH91GWF4rDZvTJg9l8319oqF0DJ7bTukl3CJqVS3sVNrRIF33vRsmqWL"
-            + "BaaZ1Q8Bt04L19Ka2HsEYLMfTLPGO7HSb9baHezRCQTnVoABm+8iZEXj3Od9"
-            + "ga9TnxFa5KhXerqUscjdXPauElDwmqGhCgAAAAAAAAAAAAAAAAAAAAAAADA9"
-            + "MCEwCQYFKw4DAhoFAAQUWT4N9h+ObRftdP8+GldXCQRf9JoEFDjO/tjAH7We"
-            + "HLhcYQcQ1R+RucctAgIEAAAA");
-
-    //
-    // server.crt
-    //
-    byte[] cert1 = Base64.decode(
-        "MIIDXjCCAsegAwIBAgIBBzANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx"
-            + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY"
-            + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB"
-            + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ"
-            + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU2MjFaFw0wMTA2"
-            + "MDIwNzU2MjFaMIG4MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW"
-            + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM"
-            + "dGQxFzAVBgNVBAsTDldlYnNlcnZlciBUZWFtMR0wGwYDVQQDExR3d3cyLmNvbm5l"
-            + "Y3Q0LmNvbS5hdTEoMCYGCSqGSIb3DQEJARYZd2VibWFzdGVyQGNvbm5lY3Q0LmNv"
-            + "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArvDxclKAhyv7Q/Wmr2re"
-            + "Gw4XL9Cnh9e+6VgWy2AWNy/MVeXdlxzd7QAuc1eOWQkGQEiLPy5XQtTY+sBUJ3AO"
-            + "Rvd2fEVJIcjf29ey7bYua9J/vz5MG2KYo9/WCHIwqD9mmG9g0xLcfwq/s8ZJBswE"
-            + "7sb85VU+h94PTvsWOsWuKaECAwEAAaN3MHUwJAYDVR0RBB0wG4EZd2VibWFzdGVy"
-            + "QGNvbm5lY3Q0LmNvbS5hdTA6BglghkgBhvhCAQ0ELRYrbW9kX3NzbCBnZW5lcmF0"
-            + "ZWQgY3VzdG9tIHNlcnZlciBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCBkAw"
-            + "DQYJKoZIhvcNAQEEBQADgYEAotccfKpwSsIxM1Hae8DR7M/Rw8dg/RqOWx45HNVL"
-            + "iBS4/3N/TO195yeQKbfmzbAA2jbPVvIvGgTxPgO1MP4ZgvgRhasaa0qCJCkWvpM4"
-            + "yQf33vOiYQbpv4rTwzU8AmRlBG45WdjyNIigGV+oRc61aKCTnLq7zB8N3z1TF/bF"
-            + "5/8=");
-
-    //
-    // ca.crt
-    //
-    byte[] cert2 = Base64.decode(
-        "MIIDbDCCAtWgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx"
-            + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY"
-            + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB"
-            + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ"
-            + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU1MzNaFw0wMTA2"
-            + "MDIwNzU1MzNaMIG3MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW"
-            + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM"
-            + "dGQxHjAcBgNVBAsTFUNlcnRpZmljYXRlIEF1dGhvcml0eTEVMBMGA1UEAxMMQ29u"
-            + "bmVjdCA0IENBMSgwJgYJKoZIhvcNAQkBFhl3ZWJtYXN0ZXJAY29ubmVjdDQuY29t"
-            + "LmF1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgs5ptNG6Qv1ZpCDuUNGmv"
-            + "rhjqMDPd3ri8JzZNRiiFlBA4e6/ReaO1U8ASewDeQMH6i9R6degFdQRLngbuJP0s"
-            + "xcEE+SksEWNvygfzLwV9J/q+TQDyJYK52utb++lS0b48A1KPLwEsyL6kOAgelbur"
-            + "ukwxowprKUIV7Knf1ajetQIDAQABo4GFMIGCMCQGA1UdEQQdMBuBGXdlYm1hc3Rl"
-            + "ckBjb25uZWN0NC5jb20uYXUwDwYDVR0TBAgwBgEB/wIBADA2BglghkgBhvhCAQ0E"
-            + "KRYnbW9kX3NzbCBnZW5lcmF0ZWQgY3VzdG9tIENBIGNlcnRpZmljYXRlMBEGCWCG"
-            + "SAGG+EIBAQQEAwICBDANBgkqhkiG9w0BAQQFAAOBgQCsGvfdghH8pPhlwm1r3pQk"
-            + "msnLAVIBb01EhbXm2861iXZfWqGQjrGAaA0ZpXNk9oo110yxoqEoSJSzniZa7Xtz"
-            + "soTwNUpE0SLHvWf/SlKdFWlzXA+vOZbzEv4UmjeelekTm7lc01EEa5QRVzOxHFtQ"
-            + "DhkaJ8VqOMajkQFma2r9iA==");
-
-    //
-    // testx509.pem
-    //
-    byte[] cert3 = Base64.decode(
-        "MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV"
-            + "BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz"
-            + "MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM"
-            + "RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF"
-            + "AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO"
-            + "/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE"
-            + "Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ"
-            + "zl9HYIMxATFyqSiD9jsx");
-
-    //
-    // v3-cert1.pem
-    //
-    byte[] cert4 = Base64.decode(
-        "MIICjTCCAfigAwIBAgIEMaYgRzALBgkqhkiG9w0BAQQwRTELMAkGA1UEBhMCVVMx"
-            + "NjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlz"
-            + "dHJhdGlvbjAmFxE5NjA1MjgxMzQ5MDUrMDgwMBcROTgwNTI4MTM0OTA1KzA4MDAw"
-            + "ZzELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu"
-            + "ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEgMAkGA1UEBRMCMTYwEwYDVQQDEwxTdGV2"
-            + "ZSBTY2hvY2gwWDALBgkqhkiG9w0BAQEDSQAwRgJBALrAwyYdgxmzNP/ts0Uyf6Bp"
-            + "miJYktU/w4NG67ULaN4B5CnEz7k57s9o3YY3LecETgQ5iQHmkwlYDTL2fTgVfw0C"
-            + "AQOjgaswgagwZAYDVR0ZAQH/BFowWDBWMFQxCzAJBgNVBAYTAlVTMTYwNAYDVQQK"
-            + "Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x"
-            + "DTALBgNVBAMTBENSTDEwFwYDVR0BAQH/BA0wC4AJODMyOTcwODEwMBgGA1UdAgQR"
-            + "MA8ECTgzMjk3MDgyM4ACBSAwDQYDVR0KBAYwBAMCBkAwCwYJKoZIhvcNAQEEA4GB"
-            + "AH2y1VCEw/A4zaXzSYZJTTUi3uawbbFiS2yxHvgf28+8Js0OHXk1H1w2d6qOHH21"
-            + "X82tZXd/0JtG0g1T9usFFBDvYK8O0ebgz/P5ELJnBL2+atObEuJy1ZZ0pBDWINR3"
-            + "WkDNLCGiTkCKp0F5EWIrVDwh54NNevkCQRZita+z4IBO");
-
-    //
-    // v3-cert2.pem
-    //
-    byte[] cert5 = Base64.decode(
-        "MIICiTCCAfKgAwIBAgIEMeZfHzANBgkqhkiG9w0BAQQFADB9MQswCQYDVQQGEwJD"
-            + "YTEPMA0GA1UEBxMGTmVwZWFuMR4wHAYDVQQLExVObyBMaWFiaWxpdHkgQWNjZXB0"
-            + "ZWQxHzAdBgNVBAoTFkZvciBEZW1vIFB1cnBvc2VzIE9ubHkxHDAaBgNVBAMTE0Vu"
-            + "dHJ1c3QgRGVtbyBXZWIgQ0EwHhcNOTYwNzEyMTQyMDE1WhcNOTYxMDEyMTQyMDE1"
-            + "WjB0MSQwIgYJKoZIhvcNAQkBExVjb29rZUBpc3NsLmF0bC5ocC5jb20xCzAJBgNV"
-            + "BAYTAlVTMScwJQYDVQQLEx5IZXdsZXR0IFBhY2thcmQgQ29tcGFueSAoSVNTTCkx"
-            + "FjAUBgNVBAMTDVBhdWwgQS4gQ29va2UwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA"
-            + "6ceSq9a9AU6g+zBwaL/yVmW1/9EE8s5you1mgjHnj0wAILuoB3L6rm6jmFRy7QZT"
-            + "G43IhVZdDua4e+5/n1ZslwIDAQABo2MwYTARBglghkgBhvhCAQEEBAMCB4AwTAYJ"
-            + "YIZIAYb4QgENBD8WPVRoaXMgY2VydGlmaWNhdGUgaXMgb25seSBpbnRlbmRlZCBm"
-            + "b3IgZGVtb25zdHJhdGlvbiBwdXJwb3Nlcy4wDQYJKoZIhvcNAQEEBQADgYEAi8qc"
-            + "F3zfFqy1sV8NhjwLVwOKuSfhR/Z8mbIEUeSTlnH3QbYt3HWZQ+vXI8mvtZoBc2Fz"
-            + "lexKeIkAZXCesqGbs6z6nCt16P6tmdfbZF3I3AWzLquPcOXjPf4HgstkyvVBn0Ap"
-            + "jAFN418KF/Cx4qyHB4cjdvLrRjjQLnb2+ibo7QU=");
-
-    //
-    // pem encoded pkcs7
-    //
-    byte[] cert6 = Base64.decode(
-        "MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIJbzCCAj0w"
-            + "ggGmAhEAzbp/VvDf5LxU/iKss3KqVTANBgkqhkiG9w0BAQIFADBfMQswCQYDVQQGEwJVUzEXMBUG"
-            + "A1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVibGljIFByaW1hcnkgQ2Vy"
-            + "dGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNOTYwMTI5MDAwMDAwWhcNMjgwODAxMjM1OTU5WjBfMQsw"
-            + "CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVi"
-            + "bGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwgZ8wDQYJKoZIhvcNAQEBBQADgY0A"
-            + "MIGJAoGBAOUZv22jVmEtmUhx9mfeuY3rt56GgAqRDvo4Ja9GiILlc6igmyRdDR/MZW4MsNBWhBiH"
-            + "mgabEKFz37RYOWtuwfYV1aioP6oSBo0xrH+wNNePNGeICc0UEeJORVZpH3gCgNrcR5EpuzbJY1zF"
-            + "4Ncth3uhtzKwezC6Ki8xqu6jZ9rbAgMBAAEwDQYJKoZIhvcNAQECBQADgYEATD+4i8Zo3+5DMw5d"
-            + "6abLB4RNejP/khv0Nq3YlSI2aBFsfELM85wuxAc/FLAPT/+Qknb54rxK6Y/NoIAK98Up8YIiXbix"
-            + "3YEjo3slFUYweRb46gVLlH8dwhzI47f0EEA8E8NfH1PoSOSGtHuhNbB7Jbq4046rPzidADQAmPPR"
-            + "cZQwggMuMIICl6ADAgECAhEA0nYujRQMPX2yqCVdr+4NdTANBgkqhkiG9w0BAQIFADBfMQswCQYD"
-            + "VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVibGlj"
-            + "IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNOTgwNTEyMDAwMDAwWhcNMDgwNTEy"
-            + "MjM1OTU5WjCBzDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRy"
-            + "dXN0IE5ldHdvcmsxRjBEBgNVBAsTPXd3dy52ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9SUEEgSW5j"
-            + "b3JwLiBCeSBSZWYuLExJQUIuTFREKGMpOTgxSDBGBgNVBAMTP1ZlcmlTaWduIENsYXNzIDEgQ0Eg"
-            + "SW5kaXZpZHVhbCBTdWJzY3JpYmVyLVBlcnNvbmEgTm90IFZhbGlkYXRlZDCBnzANBgkqhkiG9w0B"
-            + "AQEFAAOBjQAwgYkCgYEAu1pEigQWu1X9A3qKLZRPFXg2uA1Ksm+cVL+86HcqnbnwaLuV2TFBcHqB"
-            + "S7lIE1YtxwjhhEKrwKKSq0RcqkLwgg4C6S/7wju7vsknCl22sDZCM7VuVIhPh0q/Gdr5FegPh7Yc"
-            + "48zGmo5/aiSS4/zgZbqnsX7vyds3ashKyAkG5JkCAwEAAaN8MHowEQYJYIZIAYb4QgEBBAQDAgEG"
-            + "MEcGA1UdIARAMD4wPAYLYIZIAYb4RQEHAQEwLTArBggrBgEFBQcCARYfd3d3LnZlcmlzaWduLmNv"
-            + "bS9yZXBvc2l0b3J5L1JQQTAPBgNVHRMECDAGAQH/AgEAMAsGA1UdDwQEAwIBBjANBgkqhkiG9w0B"
-            + "AQIFAAOBgQCIuDc73dqUNwCtqp/hgQFxHpJqbS/28Z3TymQ43BuYDAeGW4UVag+5SYWklfEXfWe0"
-            + "fy0s3ZpCnsM+tI6q5QsG3vJWKvozx74Z11NMw73I4xe1pElCY+zCphcPXVgaSTyQXFWjZSAA/Rgg"
-            + "5V+CprGoksVYasGNAzzrw80FopCubjCCA/gwggNhoAMCAQICEBbbn/1G1zppD6KsP01bwywwDQYJ"
-            + "KoZIhvcNAQEEBQAwgcwxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2ln"
-            + "biBUcnVzdCBOZXR3b3JrMUYwRAYDVQQLEz13d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvUlBB"
-            + "IEluY29ycC4gQnkgUmVmLixMSUFCLkxURChjKTk4MUgwRgYDVQQDEz9WZXJpU2lnbiBDbGFzcyAx"
-            + "IENBIEluZGl2aWR1YWwgU3Vic2NyaWJlci1QZXJzb25hIE5vdCBWYWxpZGF0ZWQwHhcNMDAxMDAy"
-            + "MDAwMDAwWhcNMDAxMjAxMjM1OTU5WjCCAQcxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYD"
-            + "VQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMUYwRAYDVQQLEz13d3cudmVyaXNpZ24uY29tL3Jl"
-            + "cG9zaXRvcnkvUlBBIEluY29ycC4gYnkgUmVmLixMSUFCLkxURChjKTk4MR4wHAYDVQQLExVQZXJz"
-            + "b25hIE5vdCBWYWxpZGF0ZWQxJzAlBgNVBAsTHkRpZ2l0YWwgSUQgQ2xhc3MgMSAtIE1pY3Jvc29m"
-            + "dDETMBEGA1UEAxQKRGF2aWQgUnlhbjElMCMGCSqGSIb3DQEJARYWZGF2aWRAbGl2ZW1lZGlhLmNv"
-            + "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqxBsdeNmSvFqhMNwhQgNzM8mdjX9eSXb"
-            + "DawpHtQHjmh0AKJSa3IwUY0VIsyZHuXWktO/CgaMBVPt6OVf/n0R2sQigMP6Y+PhEiS0vCJBL9aK"
-            + "0+pOo2qXrjVBmq+XuCyPTnc+BOSrU26tJsX0P9BYorwySiEGxGanBNATdVL4NdUCAwEAAaOBnDCB"
-            + "mTAJBgNVHRMEAjAAMEQGA1UdIAQ9MDswOQYLYIZIAYb4RQEHAQgwKjAoBggrBgEFBQcCARYcaHR0"
-            + "cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYTARBglghkgBhvhCAQEEBAMCB4AwMwYDVR0fBCwwKjAo"
-            + "oCagJIYiaHR0cDovL2NybC52ZXJpc2lnbi5jb20vY2xhc3MxLmNybDANBgkqhkiG9w0BAQQFAAOB"
-            + "gQBC8yIIdVGpFTf8/YiL14cMzcmL0nIRm4kGR3U59z7UtcXlfNXXJ8MyaeI/BnXwG/gD5OKYqW6R"
-            + "yca9vZOxf1uoTBl82gInk865ED3Tej6msCqFzZffnSUQvOIeqLxxDlqYRQ6PmW2nAnZeyjcnbI5Y"
-            + "syQSM2fmo7n6qJFP+GbFezGCAkUwggJBAgEBMIHhMIHMMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5j"
-            + "LjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazFGMEQGA1UECxM9d3d3LnZlcmlzaWdu"
-            + "LmNvbS9yZXBvc2l0b3J5L1JQQSBJbmNvcnAuIEJ5IFJlZi4sTElBQi5MVEQoYyk5ODFIMEYGA1UE"
-            + "AxM/VmVyaVNpZ24gQ2xhc3MgMSBDQSBJbmRpdmlkdWFsIFN1YnNjcmliZXItUGVyc29uYSBOb3Qg"
-            + "VmFsaWRhdGVkAhAW25/9Rtc6aQ+irD9NW8MsMAkGBSsOAwIaBQCggbowGAYJKoZIhvcNAQkDMQsG"
-            + "CSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDAxMDAyMTczNTE4WjAjBgkqhkiG9w0BCQQxFgQU"
-            + "gZjSaBEY2oxGvlQUIMnxSXhivK8wWwYJKoZIhvcNAQkPMU4wTDAKBggqhkiG9w0DBzAOBggqhkiG"
-            + "9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZIhvcNAwICASgwBwYFKw4DAh0w"
-            + "DQYJKoZIhvcNAQEBBQAEgYAzk+PU91/ZFfoiuKOECjxEh9fDYE2jfDCheBIgh5gdcCo+sS1WQs8O"
-            + "HreQ9Nop/JdJv1DQMBK6weNBBDoP0EEkRm1XCC144XhXZC82jBZohYmi2WvDbbC//YN58kRMYMyy"
-            + "srrfn4Z9I+6kTriGXkrpGk9Q0LSGjmG2BIsqiF0dvwAAAAAAAA==");
-
-    //
-    // dsaWithSHA1 cert
-    //
-    byte[] cert7 = Base64.decode(
-        "MIIEXAYJKoZIhvcNAQcCoIIETTCCBEkCAQExCzAJBgUrDgMCGgUAMAsGCSqG"
-            + "SIb3DQEHAaCCAsMwggK/MIIB4AIBADCBpwYFKw4DAhswgZ0CQQEkJRHP+mN7"
-            + "d8miwTMN55CUSmo3TO8WGCxgY61TX5k+7NU4XPf1TULjw3GobwaJX13kquPh"
-            + "fVXk+gVy46n4Iw3hAhUBSe/QF4BUj+pJOF9ROBM4u+FEWA8CQQD4mSJbrABj"
-            + "TUWrlnAte8pS22Tq4/FPO7jHSqjijUHfXKTrHL1OEqV3SVWcFy5j/cqBgX/z"
-            + "m8Q12PFp/PjOhh+nMA4xDDAKBgNVBAMTA0lEMzAeFw05NzEwMDEwMDAwMDBa"
-            + "Fw0zODAxMDEwMDAwMDBaMA4xDDAKBgNVBAMTA0lEMzCB8DCBpwYFKw4DAhsw"
-            + "gZ0CQQEkJRHP+mN7d8miwTMN55CUSmo3TO8WGCxgY61TX5k+7NU4XPf1TULj"
-            + "w3GobwaJX13kquPhfVXk+gVy46n4Iw3hAhUBSe/QF4BUj+pJOF9ROBM4u+FE"
-            + "WA8CQQD4mSJbrABjTUWrlnAte8pS22Tq4/FPO7jHSqjijUHfXKTrHL1OEqV3"
-            + "SVWcFy5j/cqBgX/zm8Q12PFp/PjOhh+nA0QAAkEAkYkXLYMtGVGWj9OnzjPn"
-            + "sB9sefSRPrVegZJCZbpW+Iv0/1RP1u04pHG9vtRpIQLjzUiWvLMU9EKQTThc"
-            + "eNMmWDCBpwYFKw4DAhswgZ0CQQEkJRHP+mN7d8miwTMN55CUSmo3TO8WGCxg"
-            + "Y61TX5k+7NU4XPf1TULjw3GobwaJX13kquPhfVXk+gVy46n4Iw3hAhUBSe/Q"
-            + "F4BUj+pJOF9ROBM4u+FEWA8CQQD4mSJbrABjTUWrlnAte8pS22Tq4/FPO7jH"
-            + "SqjijUHfXKTrHL1OEqV3SVWcFy5j/cqBgX/zm8Q12PFp/PjOhh+nAy8AMCwC"
-            + "FBY3dBSdeprGcqpr6wr3xbG+6WW+AhRMm/facKJNxkT3iKgJbp7R8Xd3QTGC"
-            + "AWEwggFdAgEBMBMwDjEMMAoGA1UEAxMDSUQzAgEAMAkGBSsOAwIaBQCgXTAY"
-            + "BgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wMjA1"
-            + "MjQyMzEzMDdaMCMGCSqGSIb3DQEJBDEWBBS4WMsoJhf7CVbZYCFcjoTRzPkJ"
-            + "xjCBpwYFKw4DAhswgZ0CQQEkJRHP+mN7d8miwTMN55CUSmo3TO8WGCxgY61T"
-            + "X5k+7NU4XPf1TULjw3GobwaJX13kquPhfVXk+gVy46n4Iw3hAhUBSe/QF4BU"
-            + "j+pJOF9ROBM4u+FEWA8CQQD4mSJbrABjTUWrlnAte8pS22Tq4/FPO7jHSqji"
-            + "jUHfXKTrHL1OEqV3SVWcFy5j/cqBgX/zm8Q12PFp/PjOhh+nBC8wLQIVALID"
-            + "dt+MHwawrDrwsO1Z6sXBaaJsAhRaKssrpevmLkbygKPV07XiAKBG02Zvb2Jh"
-            + "cg==");
-
-    //
-    // testcrl.pem
-    //
-    byte[] crl1 = Base64.decode(
-        "MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT"
-            + "F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy"
-            + "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw"
-            + "MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw"
-            + "MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw"
-            + "MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw"
-            + "MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw"
-            + "MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw"
-            + "MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw"
-            + "NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw"
-            + "NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF"
-            + "AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ"
-            + "wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt"
-            + "JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v");
-
-    //
-    // ecdsa cert with extra octet string.
-    //
-    byte[] oldEcdsa = Base64.decode(
-        "MIICljCCAkCgAwIBAgIBATALBgcqhkjOPQQBBQAwgY8xCzAJBgNVBAYTAkFVMSgwJ"
-            + "gYDVQQKEx9UaGUgTGVnaW9uIG9mIHRoZSBCb3VuY3kgQ2FzdGxlMRIwEAYDVQQHEw"
-            + "lNZWxib3VybmUxETAPBgNVBAgTCFZpY3RvcmlhMS8wLQYJKoZIhvcNAQkBFiBmZWV"
-            + "kYmFjay1jcnlwdG9AYm91bmN5Y2FzdGxlLm9yZzAeFw0wMTEyMDcwMTAwMDRaFw0w"
-            + "MTEyMDcwMTAxNDRaMIGPMQswCQYDVQQGEwJBVTEoMCYGA1UEChMfVGhlIExlZ2lvb"
-            + "iBvZiB0aGUgQm91bmN5IENhc3RsZTESMBAGA1UEBxMJTWVsYm91cm5lMREwDwYDVQ"
-            + "QIEwhWaWN0b3JpYTEvMC0GCSqGSIb3DQEJARYgZmVlZGJhY2stY3J5cHRvQGJvdW5"
-            + "jeWNhc3RsZS5vcmcwgeQwgb0GByqGSM49AgEwgbECAQEwKQYHKoZIzj0BAQIef///"
-            + "////////////f///////gAAAAAAAf///////MEAEHn///////////////3///////"
-            + "4AAAAAAAH///////AQeawFsO9zxiUHQ1lSSFHXKcanbL7J9HTd5YYXClCwKBB8CD/"
-            + "qWPNyogWzMM7hkK+35BcPTWFc9Pyf7vTs8uaqvAh5///////////////9///+eXpq"
-            + "fXZBx+9FSJoiQnQsDIgAEHwJbbcU7xholSP+w9nFHLebJUhqdLSU05lq/y9X+DHAw"
-            + "CwYHKoZIzj0EAQUAA0MAMEACHnz6t4UNoVROp74ma4XNDjjGcjaqiIWPZLK8Bdw3G"
-            + "QIeLZ4j3a6ividZl344UH+UPUE7xJxlYGuy7ejTsqRR");
-
-    byte[] uncompressedPtEC = Base64.decode(
-        "MIIDKzCCAsGgAwIBAgICA+kwCwYHKoZIzj0EAQUAMGYxCzAJBgNVBAYTAkpQ"
-            + "MRUwEwYDVQQKEwxuaXRlY2guYWMuanAxDjAMBgNVBAsTBWFpbGFiMQ8wDQYD"
-            + "VQQDEwZ0ZXN0Y2ExHzAdBgkqhkiG9w0BCQEWEHRlc3RjYUBsb2NhbGhvc3Qw"
-            + "HhcNMDExMDEzMTE1MzE3WhcNMjAxMjEyMTE1MzE3WjBmMQswCQYDVQQGEwJK"
-            + "UDEVMBMGA1UEChMMbml0ZWNoLmFjLmpwMQ4wDAYDVQQLEwVhaWxhYjEPMA0G"
-            + "A1UEAxMGdGVzdGNhMR8wHQYJKoZIhvcNAQkBFhB0ZXN0Y2FAbG9jYWxob3N0"
-            + "MIIBczCCARsGByqGSM49AgEwggEOAgEBMDMGByqGSM49AQECKEdYWnajFmnZ"
-            + "tzrukK2XWdle2v+GsD9l1ZiR6g7ozQDbhFH/bBiMDQcwVAQoJ5EQKrI54/CT"
-            + "xOQ2pMsd/fsXD+EX8YREd8bKHWiLz8lIVdD5cBNeVwQoMKSc6HfI7vKZp8Q2"
-            + "zWgIFOarx1GQoWJbMcSt188xsl30ncJuJT2OoARRBAqJ4fD+q6hbqgNSjTQ7"
-            + "htle1KO3eiaZgcJ8rrnyN8P+5A8+5K+H9aQ/NbBR4Gs7yto5PXIUZEUgodHA"
-            + "TZMSAcSq5ZYt4KbnSYaLY0TtH9CqAigEwZ+hglbT21B7ZTzYX2xj0x+qooJD"
-            + "hVTLtIPaYJK2HrMPxTw6/zfrAgEPA1IABAnvfFcFDgD/JicwBGn6vR3N8MIn"
-            + "mptZf/mnJ1y649uCF60zOgdwIyI7pVSxBFsJ7ohqXEHW0x7LrGVkdSEiipiH"
-            + "LYslqh3xrqbAgPbl93GUo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB"
-            + "/wQEAwIBxjAdBgNVHQ4EFgQUAEo62Xm9H6DcsE0zUDTza4BRG90wCwYHKoZI"
-            + "zj0EAQUAA1cAMFQCKAQsCHHSNOqfJXLgt3bg5+k49hIBGVr/bfG0B9JU3rNt"
-            + "Ycl9Y2zfRPUCKAK2ccOQXByAWfsasDu8zKHxkZv7LVDTFjAIffz3HaCQeVhD"
-            + "z+fauEg=");
-
-    byte[] keyUsage = Base64.decode(
-        "MIIE7TCCBFagAwIBAgIEOAOR7jANBgkqhkiG9w0BAQQFADCByTELMAkGA1UE"
-            + "BhMCVVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MUgwRgYDVQQLFD93d3cuZW50"
-            + "cnVzdC5uZXQvQ2xpZW50X0NBX0luZm8vQ1BTIGluY29ycC4gYnkgcmVmLiBs"
-            + "aW1pdHMgbGlhYi4xJTAjBgNVBAsTHChjKSAxOTk5IEVudHJ1c3QubmV0IExp"
-            + "bWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENsaWVudCBDZXJ0aWZpY2F0"
-            + "aW9uIEF1dGhvcml0eTAeFw05OTEwMTIxOTI0MzBaFw0xOTEwMTIxOTU0MzBa"
-            + "MIHJMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50cnVzdC5uZXQxSDBGBgNV"
-            + "BAsUP3d3dy5lbnRydXN0Lm5ldC9DbGllbnRfQ0FfSW5mby9DUFMgaW5jb3Jw"
-            + "LiBieSByZWYuIGxpbWl0cyBsaWFiLjElMCMGA1UECxMcKGMpIDE5OTkgRW50"
-            + "cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50cnVzdC5uZXQgQ2xpZW50"
-            + "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGdMA0GCSqGSIb3DQEBAQUAA4GL"
-            + "ADCBhwKBgQDIOpleMRffrCdvkHvkGf9FozTC28GoT/Bo6oT9n3V5z8GKUZSv"
-            + "x1cDR2SerYIbWtp/N3hHuzeYEpbOxhN979IMMFGpOZ5V+Pux5zDeg7K6PvHV"
-            + "iTs7hbqqdCz+PzFur5GVbgbUB01LLFZHGARS2g4Qk79jkJvh34zmAqTmT173"
-            + "iwIBA6OCAeAwggHcMBEGCWCGSAGG+EIBAQQEAwIABzCCASIGA1UdHwSCARkw"
-            + "ggEVMIHkoIHhoIHepIHbMIHYMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50"
-            + "cnVzdC5uZXQxSDBGBgNVBAsUP3d3dy5lbnRydXN0Lm5ldC9DbGllbnRfQ0Ff"
-            + "SW5mby9DUFMgaW5jb3JwLiBieSByZWYuIGxpbWl0cyBsaWFiLjElMCMGA1UE"
-            + "CxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50"
-            + "cnVzdC5uZXQgQ2xpZW50IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MQ0wCwYD"
-            + "VQQDEwRDUkwxMCygKqAohiZodHRwOi8vd3d3LmVudHJ1c3QubmV0L0NSTC9D"
-            + "bGllbnQxLmNybDArBgNVHRAEJDAigA8xOTk5MTAxMjE5MjQzMFqBDzIwMTkx"
-            + "MDEyMTkyNDMwWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUxPucKXuXzUyW"
-            + "/O5bs8qZdIuV6kwwHQYDVR0OBBYEFMT7nCl7l81MlvzuW7PKmXSLlepMMAwG"
-            + "A1UdEwQFMAMBAf8wGQYJKoZIhvZ9B0EABAwwChsEVjQuMAMCBJAwDQYJKoZI"
-            + "hvcNAQEEBQADgYEAP66K8ddmAwWePvrqHEa7pFuPeJoSSJn59DXeDDYHAmsQ"
-            + "OokUgZwxpnyyQbJq5wcBoUv5nyU7lsqZwz6hURzzwy5E97BnRqqS5TvaHBkU"
-            + "ODDV4qIxJS7x7EU47fgGWANzYrAQMY9Av2TgXD7FTx/aEkP/TOYGJqibGapE"
-            + "PHayXOw=");
-
-    byte[] nameCert = Base64.decode(
-        "MIIEFjCCA3+gAwIBAgIEdS8BozANBgkqhkiG9w0BAQUFADBKMQswCQYDVQQGEwJE" +
-            "RTERMA8GA1UEChQIREFURVYgZUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRQ0Eg" +
-            "REFURVYgRDAzIDE6UE4wIhgPMjAwMTA1MTAxMDIyNDhaGA8yMDA0MDUwOTEwMjI0" +
-            "OFowgYQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIFAZCYXllcm4xEjAQBgNVBAcUCU7I" +
-            "dXJuYmVyZzERMA8GA1UEChQIREFURVYgZUcxHTAbBgNVBAUTFDAwMDAwMDAwMDA4" +
-            "OTU3NDM2MDAxMR4wHAYDVQQDFBVEaWV0bWFyIFNlbmdlbmxlaXRuZXIwgaEwDQYJ" +
-            "KoZIhvcNAQEBBQADgY8AMIGLAoGBAJLI/LJLKaHoMk8fBECW/od8u5erZi6jI8Ug" +
-            "C0a/LZyQUO/R20vWJs6GrClQtXB+AtfiBSnyZOSYzOdfDI8yEKPEv8qSuUPpOHps" +
-            "uNCFdLZF1vavVYGEEWs2+y+uuPmg8q1oPRyRmUZ+x9HrDvCXJraaDfTEd9olmB/Z" +
-            "AuC/PqpjAgUAwAAAAaOCAcYwggHCMAwGA1UdEwEB/wQCMAAwDwYDVR0PAQH/BAUD" +
-            "AwdAADAxBgNVHSAEKjAoMCYGBSskCAEBMB0wGwYIKwYBBQUHAgEWD3d3dy56cy5k" +
-            "YXRldi5kZTApBgNVHREEIjAggR5kaWV0bWFyLnNlbmdlbmxlaXRuZXJAZGF0ZXYu" +
-            "ZGUwgYQGA1UdIwR9MHuhc6RxMG8xCzAJBgNVBAYTAkRFMT0wOwYDVQQKFDRSZWd1" +
-            "bGllcnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21tdW5pa2F0aW9uIHVuZCBQb3N0" +
-            "MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjVSLUNBIDE6UE6CBACm8LkwDgYHAoIG" +
-            "AQoMAAQDAQEAMEcGA1UdHwRAMD4wPKAUoBKGEHd3dy5jcmwuZGF0ZXYuZGWiJKQi" +
-            "MCAxCzAJBgNVBAYTAkRFMREwDwYDVQQKFAhEQVRFViBlRzAWBgUrJAgDBAQNMAsT" +
-            "A0VVUgIBBQIBATAdBgNVHQ4EFgQUfv6xFP0xk7027folhy+ziZvBJiwwLAYIKwYB" +
-            "BQUHAQEEIDAeMBwGCCsGAQUFBzABhhB3d3cuZGlyLmRhdGV2LmRlMA0GCSqGSIb3" +
-            "DQEBBQUAA4GBAEOVX6uQxbgtKzdgbTi6YLffMftFr2mmNwch7qzpM5gxcynzgVkg" +
-            "pnQcDNlm5AIbS6pO8jTCLfCd5TZ5biQksBErqmesIl3QD+VqtB+RNghxectZ3VEs" +
-            "nCUtcE7tJ8O14qwCb3TxS9dvIUFiVi4DjbxX46TdcTbTaK8/qr6AIf+l");
-
-    byte[] probSelfSignedCert = Base64.decode(
-        "MIICxTCCAi6gAwIBAgIQAQAAAAAAAAAAAAAAAAAAATANBgkqhkiG9w0BAQUFADBF"
-            + "MScwJQYDVQQKEx4gRElSRUNUSU9OIEdFTkVSQUxFIERFUyBJTVBPVFMxGjAYBgNV"
-            + "BAMTESBBQyBNSU5FRkkgQiBURVNUMB4XDTA0MDUwNzEyMDAwMFoXDTE0MDUwNzEy"
-            + "MDAwMFowRTEnMCUGA1UEChMeIERJUkVDVElPTiBHRU5FUkFMRSBERVMgSU1QT1RT"
-            + "MRowGAYDVQQDExEgQUMgTUlORUZJIEIgVEVTVDCBnzANBgkqhkiG9w0BAQEFAAOB"
-            + "jQAwgYkCgYEAveoCUOAukZdcFCs2qJk76vSqEX0ZFzHqQ6faBPZWjwkgUNwZ6m6m"
-            + "qWvvyq1cuxhoDvpfC6NXILETawYc6MNwwxsOtVVIjuXlcF17NMejljJafbPximEt"
-            + "DQ4LcQeSp4K7FyFlIAMLyt3BQ77emGzU5fjFTvHSUNb3jblx0sV28c0CAwEAAaOB"
-            + "tTCBsjAfBgNVHSMEGDAWgBSEJ4bLbvEQY8cYMAFKPFD1/fFXlzAdBgNVHQ4EFgQU"
-            + "hCeGy27xEGPHGDABSjxQ9f3xV5cwDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIB"
-            + "AQQEAwIBBjA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vYWRvbmlzLnBrNy5jZXJ0"
-            + "cGx1cy5uZXQvZGdpLXRlc3QuY3JsMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcN"
-            + "AQEFBQADgYEAmToHJWjd3+4zknfsP09H6uMbolHNGG0zTS2lrLKpzcmkQfjhQpT9"
-            + "LUTBvfs1jdjo9fGmQLvOG+Sm51Rbjglb8bcikVI5gLbclOlvqLkm77otjl4U4Z2/"
-            + "Y0vP14Aov3Sn3k+17EfReYUZI4liuB95ncobC4e8ZM++LjQcIM0s+Vs=");
-
-
-    byte[] gost34102001base = Base64.decode(
-        "MIIB1DCCAYECEEjpVKXP6Wn1yVz3VeeDQa8wCgYGKoUDAgIDBQAwbTEfMB0G"
-            + "A1UEAwwWR29zdFIzNDEwLTIwMDEgZXhhbXBsZTESMBAGA1UECgwJQ3J5cHRv"
-            + "UHJvMQswCQYDVQQGEwJSVTEpMCcGCSqGSIb3DQEJARYaR29zdFIzNDEwLTIw"
-            + "MDFAZXhhbXBsZS5jb20wHhcNMDUwMjAzMTUxNjQ2WhcNMTUwMjAzMTUxNjQ2"
-            + "WjBtMR8wHQYDVQQDDBZHb3N0UjM0MTAtMjAwMSBleGFtcGxlMRIwEAYDVQQK"
-            + "DAlDcnlwdG9Qcm8xCzAJBgNVBAYTAlJVMSkwJwYJKoZIhvcNAQkBFhpHb3N0"
-            + "UjM0MTAtMjAwMUBleGFtcGxlLmNvbTBjMBwGBiqFAwICEzASBgcqhQMCAiQA"
-            + "BgcqhQMCAh4BA0MABECElWh1YAIaQHUIzROMMYks/eUFA3pDXPRtKw/nTzJ+"
-            + "V4/rzBa5lYgD0Jp8ha4P5I3qprt+VsfLsN8PZrzK6hpgMAoGBiqFAwICAwUA"
-            + "A0EAHw5dw/aw/OiNvHyOE65kvyo4Hp0sfz3csM6UUkp10VO247ofNJK3tsLb"
-            + "HOLjUaqzefrlGb11WpHYrvWFg+FcLA==");
-
-    byte[] gost341094base = Base64.decode(
-        "MIICDzCCAbwCEBcxKsIb0ghYvAQeUjfQdFAwCgYGKoUDAgIEBQAwaTEdMBsG"
-            + "A1UEAwwUR29zdFIzNDEwLTk0IGV4YW1wbGUxEjAQBgNVBAoMCUNyeXB0b1By"
-            + "bzELMAkGA1UEBhMCUlUxJzAlBgkqhkiG9w0BCQEWGEdvc3RSMzQxMC05NEBl"
-            + "eGFtcGxlLmNvbTAeFw0wNTAyMDMxNTE2NTFaFw0xNTAyMDMxNTE2NTFaMGkx"
-            + "HTAbBgNVBAMMFEdvc3RSMzQxMC05NCBleGFtcGxlMRIwEAYDVQQKDAlDcnlw"
-            + "dG9Qcm8xCzAJBgNVBAYTAlJVMScwJQYJKoZIhvcNAQkBFhhHb3N0UjM0MTAt"
-            + "OTRAZXhhbXBsZS5jb20wgaUwHAYGKoUDAgIUMBIGByqFAwICIAIGByqFAwIC"
-            + "HgEDgYQABIGAu4Rm4XmeWzTYLIB/E6gZZnFX/oxUJSFHbzALJ3dGmMb7R1W+"
-            + "t7Lzk2w5tUI3JoTiDRCKJA4fDEJNKzsRK6i/ZjkyXJSLwaj+G2MS9gklh8x1"
-            + "G/TliYoJgmjTXHemD7aQEBON4z58nJHWrA0ILD54wbXCtrcaqCqLRYGTMjJ2"
-            + "+nswCgYGKoUDAgIEBQADQQBxKNhOmjgz/i5CEgLOyKyz9pFGkDcaymsWYQWV"
-            + "v7CZ0pTM8IzMzkUBW3GHsUjCFpanFZDfg2zuN+3kT+694n9B");
-
-    byte[] gost341094A = Base64.decode(
-        "MIICSDCCAfWgAwIBAgIBATAKBgYqhQMCAgQFADCBgTEXMBUGA1UEAxMOZGVmYXVsdDM0MTAtOTQx"
-            + "DTALBgNVBAoTBERpZ3QxDzANBgNVBAsTBkNyeXB0bzEOMAwGA1UEBxMFWS1vbGExDDAKBgNVBAgT"
-            + "A01FTDELMAkGA1UEBhMCcnUxGzAZBgkqhkiG9w0BCQEWDHRlc3RAdGVzdC5ydTAeFw0wNTAzMjkx"
-            + "MzExNTdaFw0wNjAzMjkxMzExNTdaMIGBMRcwFQYDVQQDEw5kZWZhdWx0MzQxMC05NDENMAsGA1UE"
-            + "ChMERGlndDEPMA0GA1UECxMGQ3J5cHRvMQ4wDAYDVQQHEwVZLW9sYTEMMAoGA1UECBMDTUVMMQsw"
-            + "CQYDVQQGEwJydTEbMBkGCSqGSIb3DQEJARYMdGVzdEB0ZXN0LnJ1MIGlMBwGBiqFAwICFDASBgcq"
-            + "hQMCAiACBgcqhQMCAh4BA4GEAASBgIQACDLEuxSdRDGgdZxHmy30g/DUYkRxO9Mi/uSHX5NjvZ31"
-            + "b7JMEMFqBtyhql1HC5xZfUwZ0aT3UnEFDfFjLP+Bf54gA+LPkQXw4SNNGOj+klnqgKlPvoqMGlwa"
-            + "+hLPKbS561WpvB2XSTgbV+pqqXR3j6j30STmybelEV3RdS2Now8wDTALBgNVHQ8EBAMCB4AwCgYG"
-            + "KoUDAgIEBQADQQBCFy7xWRXtNVXflKvDs0pBdBuPzjCMeZAXVxK8vUxsxxKu76d9CsvhgIFknFRi"
-            + "wWTPiZenvNoJ4R1uzeX+vREm");
-
-    byte[] gost341094B = Base64.decode(
-        "MIICSDCCAfWgAwIBAgIBATAKBgYqhQMCAgQFADCBgTEXMBUGA1UEAxMOcGFyYW0xLTM0MTAtOTQx"
-            + "DTALBgNVBAoTBERpZ3QxDzANBgNVBAsTBkNyeXB0bzEOMAwGA1UEBxMFWS1PbGExDDAKBgNVBAgT"
-            + "A01lbDELMAkGA1UEBhMCcnUxGzAZBgkqhkiG9w0BCQEWDHRlc3RAdGVzdC5ydTAeFw0wNTAzMjkx"
-            + "MzEzNTZaFw0wNjAzMjkxMzEzNTZaMIGBMRcwFQYDVQQDEw5wYXJhbTEtMzQxMC05NDENMAsGA1UE"
-            + "ChMERGlndDEPMA0GA1UECxMGQ3J5cHRvMQ4wDAYDVQQHEwVZLU9sYTEMMAoGA1UECBMDTWVsMQsw"
-            + "CQYDVQQGEwJydTEbMBkGCSqGSIb3DQEJARYMdGVzdEB0ZXN0LnJ1MIGlMBwGBiqFAwICFDASBgcq"
-            + "hQMCAiADBgcqhQMCAh4BA4GEAASBgEa+AAcZmijWs1M9x5Pn9efE8D9ztG1NMoIt0/hNZNqln3+j"
-            + "lMZjyqPt+kTLIjtmvz9BRDmIDk6FZz+4LhG2OTL7yGpWfrMxMRr56nxomTN9aLWRqbyWmn3brz9Y"
-            + "AUD3ifnwjjIuW7UM84JNlDTOdxx0XRUfLQIPMCXe9cO02Xskow8wDTALBgNVHQ8EBAMCB4AwCgYG"
-            + "KoUDAgIEBQADQQBzFcnuYc/639OTW+L5Ecjw9KxGr+dwex7lsS9S1BUgKa3m1d5c+cqI0B2XUFi5"
-            + "4iaHHJG0dCyjtQYLJr0OZjRw");
-
-    byte[] gost34102001A = Base64.decode(
-        "MIICCzCCAbigAwIBAgIBATAKBgYqhQMCAgMFADCBhDEaMBgGA1UEAxMRZGVmYXVsdC0zNDEwLTIw"
-            + "MDExDTALBgNVBAoTBERpZ3QxDzANBgNVBAsTBkNyeXB0bzEOMAwGA1UEBxMFWS1PbGExDDAKBgNV"
-            + "BAgTA01lbDELMAkGA1UEBhMCcnUxGzAZBgkqhkiG9w0BCQEWDHRlc3RAdGVzdC5ydTAeFw0wNTAz"
-            + "MjkxMzE4MzFaFw0wNjAzMjkxMzE4MzFaMIGEMRowGAYDVQQDExFkZWZhdWx0LTM0MTAtMjAwMTEN"
-            + "MAsGA1UEChMERGlndDEPMA0GA1UECxMGQ3J5cHRvMQ4wDAYDVQQHEwVZLU9sYTEMMAoGA1UECBMD"
-            + "TWVsMQswCQYDVQQGEwJydTEbMBkGCSqGSIb3DQEJARYMdGVzdEB0ZXN0LnJ1MGMwHAYGKoUDAgIT"
-            + "MBIGByqFAwICIwEGByqFAwICHgEDQwAEQG/4c+ZWb10IpeHfmR+vKcbpmSOClJioYmCVgnojw0Xn"
-            + "ned0KTg7TJreRUc+VX7vca4hLQaZ1o/TxVtfEApK/O6jDzANMAsGA1UdDwQEAwIHgDAKBgYqhQMC"
-            + "AgMFAANBAN8y2b6HuIdkD3aWujpfQbS1VIA/7hro4vLgDhjgVmev/PLzFB8oTh3gKhExpDo82IEs"
-            + "ZftGNsbbyp1NFg7zda0=");
-
-    byte[] gostCA1 = Base64.decode(
-        "MIIDNDCCAuGgAwIBAgIQZLcKDcWcQopF+jp4p9jylDAKBgYqhQMCAgQFADBm"
-            + "MQswCQYDVQQGEwJSVTEPMA0GA1UEBxMGTW9zY293MRcwFQYDVQQKEw5PT08g"
-            + "Q3J5cHRvLVBybzEUMBIGA1UECxMLRGV2ZWxvcG1lbnQxFzAVBgNVBAMTDkNQ"
-            + "IENTUCBUZXN0IENBMB4XDTAyMDYwOTE1NTIyM1oXDTA5MDYwOTE1NTkyOVow"
-            + "ZjELMAkGA1UEBhMCUlUxDzANBgNVBAcTBk1vc2NvdzEXMBUGA1UEChMOT09P"
-            + "IENyeXB0by1Qcm8xFDASBgNVBAsTC0RldmVsb3BtZW50MRcwFQYDVQQDEw5D"
-            + "UCBDU1AgVGVzdCBDQTCBpTAcBgYqhQMCAhQwEgYHKoUDAgIgAgYHKoUDAgIe"
-            + "AQOBhAAEgYAYglywKuz1nMc9UiBYOaulKy53jXnrqxZKbCCBSVaJ+aCKbsQm"
-            + "glhRFrw6Mwu8Cdeabo/ojmea7UDMZd0U2xhZFRti5EQ7OP6YpqD0alllo7za"
-            + "4dZNXdX+/ag6fOORSLFdMpVx5ganU0wHMPk67j+audnCPUj/plbeyccgcdcd"
-            + "WaOCASIwggEeMAsGA1UdDwQEAwIBxjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud"
-            + "DgQWBBTe840gTo4zt2twHilw3PD9wJaX0TCBygYDVR0fBIHCMIG/MDygOqA4"
-            + "hjYtaHR0cDovL2ZpZXdhbGwvQ2VydEVucm9sbC9DUCUyMENTUCUyMFRlc3Ql"
-            + "MjBDQSgzKS5jcmwwRKBCoECGPmh0dHA6Ly93d3cuY3J5cHRvcHJvLnJ1L0Nl"
-            + "cnRFbnJvbGwvQ1AlMjBDU1AlMjBUZXN0JTIwQ0EoMykuY3JsMDmgN6A1hjMt"
-            + "ZmlsZTovL1xcZmlld2FsbFxDZXJ0RW5yb2xsXENQIENTUCBUZXN0IENBKDMp"
-            + "LmNybC8wEgYJKwYBBAGCNxUBBAUCAwMAAzAKBgYqhQMCAgQFAANBAIJi7ni7"
-            + "9rwMR5rRGTFftt2k70GbqyUEfkZYOzrgdOoKiB4IIsIstyBX0/ne6GsL9Xan"
-            + "G2IN96RB7KrowEHeW+k=");
-
-    byte[] gostCA2 = Base64.decode(
-        "MIIC2DCCAoWgAwIBAgIQe9ZCugm42pRKNcHD8466zTAKBgYqhQMCAgMFADB+"
-            + "MRowGAYJKoZIhvcNAQkBFgtzYmFAZGlndC5ydTELMAkGA1UEBhMCUlUxDDAK"
-            + "BgNVBAgTA01FTDEUMBIGA1UEBxMLWW9zaGthci1PbGExDTALBgNVBAoTBERp"
-            + "Z3QxDzANBgNVBAsTBkNyeXB0bzEPMA0GA1UEAxMGc2JhLUNBMB4XDTA0MDgw"
-            + "MzEzMzE1OVoXDTE0MDgwMzEzNDAxMVowfjEaMBgGCSqGSIb3DQEJARYLc2Jh"
-            + "QGRpZ3QucnUxCzAJBgNVBAYTAlJVMQwwCgYDVQQIEwNNRUwxFDASBgNVBAcT"
-            + "C1lvc2hrYXItT2xhMQ0wCwYDVQQKEwREaWd0MQ8wDQYDVQQLEwZDcnlwdG8x"
-            + "DzANBgNVBAMTBnNiYS1DQTBjMBwGBiqFAwICEzASBgcqhQMCAiMBBgcqhQMC"
-            + "Ah4BA0MABEDMSy10CuOH+i8QKG2UWA4XmCt6+BFrNTZQtS6bOalyDY8Lz+G7"
-            + "HybyipE3PqdTB4OIKAAPsEEeZOCZd2UXGQm5o4HaMIHXMBMGCSsGAQQBgjcU"
-            + "AgQGHgQAQwBBMAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud"
-            + "DgQWBBRJJl3LcNMxkZI818STfoi3ng1xoDBxBgNVHR8EajBoMDGgL6Athito"
-            + "dHRwOi8vc2JhLmRpZ3QubG9jYWwvQ2VydEVucm9sbC9zYmEtQ0EuY3JsMDOg"
-            + "MaAvhi1maWxlOi8vXFxzYmEuZGlndC5sb2NhbFxDZXJ0RW5yb2xsXHNiYS1D"
-            + "QS5jcmwwEAYJKwYBBAGCNxUBBAMCAQAwCgYGKoUDAgIDBQADQQA+BRJHbc/p"
-            + "q8EYl6iJqXCuR+ozRmH7hPAP3c4KqYSC38TClCgBloLapx/3/WdatctFJW/L"
-            + "mcTovpq088927shE");
-
-    byte[] inDirectCrl = Base64.decode(
-        "MIIdXjCCHMcCAQEwDQYJKoZIhvcNAQEFBQAwdDELMAkGA1UEBhMCREUxHDAaBgNV"
-            + "BAoUE0RldXRzY2hlIFRlbGVrb20gQUcxFzAVBgNVBAsUDlQtVGVsZVNlYyBUZXN0"
-            + "MS4wDAYHAoIGAQoHFBMBMTAeBgNVBAMUF1QtVGVsZVNlYyBUZXN0IERJUiA4OlBO"
-            + "Fw0wNjA4MDQwODQ1MTRaFw0wNjA4MDQxNDQ1MTRaMIIbfzB+AgQvrj/pFw0wMzA3"
-            + "MjIwNTQxMjhaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD"
-            + "VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU"
-            + "EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP+oXDTAzMDcyMjA1NDEyOFowZzBlBgNV"
-            + "HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
-            + "bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6"
-            + "UE4wfgIEL64/5xcNMDQwNDA1MTMxODE3WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw"
-            + "CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC"
-            + "BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/oFw0wNDA0"
-            + "MDUxMzE4MTdaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD"
-            + "VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU"
-            + "EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP+UXDTAzMDExMzExMTgxMVowZzBlBgNV"
-            + "HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
-            + "bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6"
-            + "UE4wfgIEL64/5hcNMDMwMTEzMTExODExWjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw"
-            + "CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC"
-            + "BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/jFw0wMzAx"
-            + "MTMxMTI2NTZaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD"
-            + "VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU"
-            + "EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP+QXDTAzMDExMzExMjY1NlowZzBlBgNV"
-            + "HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
-            + "bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6"
-            + "UE4wfgIEL64/4hcNMDQwNzEzMDc1ODM4WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw"
-            + "CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC"
-            + "BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/eFw0wMzAy"
-            + "MTcwNjMzMjVaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD"
-            + "VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU"
-            + "EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP98XDTAzMDIxNzA2MzMyNVowZzBlBgNV"
-            + "HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
-            + "bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6"
-            + "UE4wfgIEL64/0xcNMDMwMjE3MDYzMzI1WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw"
-            + "CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC"
-            + "BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/dFw0wMzAx"
-            + "MTMxMTI4MTRaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD"
-            + "VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU"
-            + "EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP9cXDTAzMDExMzExMjcwN1owZzBlBgNV"
-            + "HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
-            + "bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6"
-            + "UE4wfgIEL64/2BcNMDMwMTEzMTEyNzA3WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw"
-            + "CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC"
-            + "BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/VFw0wMzA0"
-            + "MzAxMjI3NTNaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD"
-            + "VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU"
-            + "EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP9YXDTAzMDQzMDEyMjc1M1owZzBlBgNV"
-            + "HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
-            + "bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6"
-            + "UE4wfgIEL64/xhcNMDMwMjEyMTM0NTQwWjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw"
-            + "CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC"
-            + "BgEKBxQTATEwGAYDVQQDFBFUVEMgVGVzdCBDQSAxMTpQTjCBkAIEL64/xRcNMDMw"
-            + "MjEyMTM0NTQwWjB5MHcGA1UdHQEB/wRtMGukaTBnMQswCQYDVQQGEwJERTEcMBoG"
-            + "A1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEQMA4GA1UECxQHVGVsZVNlYzEoMAwG"
-            + "BwKCBgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNTpQTjB+AgQvrj/CFw0w"
-            + "MzAyMTIxMzA5MTZaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRww"
-            + "GgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNV"
-            + "BAMUEVRUQyBUZXN0IENBIDExOlBOMIGQAgQvrj/BFw0wMzAyMTIxMzA4NDBaMHkw"
-            + "dwYDVR0dAQH/BG0wa6RpMGcxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2No"
-            + "ZSBUZWxla29tIEFHMRAwDgYDVQQLFAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAY"
-            + "BgNVBAMUEVNpZ0cgVGVzdCBDQSA1OlBOMH4CBC+uP74XDTAzMDIxNzA2MzcyNVow"
-            + "ZzBlBgNVHR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRz"
-            + "Y2hlIFRlbGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRVFRDIFRlc3Qg"
-            + "Q0EgMTE6UE4wgZACBC+uP70XDTAzMDIxNzA2MzcyNVoweTB3BgNVHR0BAf8EbTBr"
-            + "pGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcx"
-            + "EDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBU"
-            + "ZXN0IENBIDU6UE4wgZACBC+uP7AXDTAzMDIxMjEzMDg1OVoweTB3BgNVHR0BAf8E"
-            + "bTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20g"
-            + "QUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2ln"
-            + "RyBUZXN0IENBIDU6UE4wgZACBC+uP68XDTAzMDIxNzA2MzcyNVoweTB3BgNVHR0B"
-            + "Af8EbTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVr"
-            + "b20gQUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQR"
-            + "U2lnRyBUZXN0IENBIDU6UE4wfgIEL64/kxcNMDMwNDEwMDUyNjI4WjBnMGUGA1Ud"
-            + "HQEB/wRbMFmkVzBVMQswCQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVs"
-            + "ZWtvbSBBRzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFUVEMgVGVzdCBDQSAxMTpQ"
-            + "TjCBkAIEL64/khcNMDMwNDEwMDUyNjI4WjB5MHcGA1UdHQEB/wRtMGukaTBnMQsw"
-            + "CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEQMA4GA1UE"
-            + "CxQHVGVsZVNlYzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0Eg"
-            + "NTpQTjB+AgQvrj8/Fw0wMzAyMjYxMTA0NDRaMGcwZQYDVR0dAQH/BFswWaRXMFUx"
-            + "CzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYH"
-            + "AoIGAQoHFBMBMTAYBgNVBAMUEVRUQyBUZXN0IENBIDExOlBOMIGQAgQvrj8+Fw0w"
-            + "MzAyMjYxMTA0NDRaMHkwdwYDVR0dAQH/BG0wa6RpMGcxCzAJBgNVBAYTAkRFMRww"
-            + "GgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMRAwDgYDVQQLFAdUZWxlU2VjMSgw"
-            + "DAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cgVGVzdCBDQSA1OlBOMH4CBC+uPs0X"
-            + "DTAzMDUyMDA1MjczNlowZzBlBgNVHR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUx"
-            + "HDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgG"
-            + "A1UEAxQRVFRDIFRlc3QgQ0EgMTE6UE4wgZACBC+uPswXDTAzMDUyMDA1MjczNlow"
-            + "eTB3BgNVHR0BAf8EbTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRz"
-            + "Y2hlIFRlbGVrb20gQUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwEx"
-            + "MBgGA1UEAxQRU2lnRyBUZXN0IENBIDY6UE4wfgIEL64+PBcNMDMwNjE3MTAzNDE2"
-            + "WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQswCQYDVQQGEwJERTEcMBoGA1UEChQTRGV1"
-            + "dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFUVEMgVGVz"
-            + "dCBDQSAxMTpQTjCBkAIEL64+OxcNMDMwNjE3MTAzNDE2WjB5MHcGA1UdHQEB/wRt"
-            + "MGukaTBnMQswCQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBB"
-            + "RzEQMA4GA1UECxQHVGVsZVNlYzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFTaWdH"
-            + "IFRlc3QgQ0EgNjpQTjCBkAIEL64+OhcNMDMwNjE3MTAzNDE2WjB5MHcGA1UdHQEB"
-            + "/wRtMGukaTBnMQswCQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtv"
-            + "bSBBRzEQMA4GA1UECxQHVGVsZVNlYzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFT"
-            + "aWdHIFRlc3QgQ0EgNjpQTjB+AgQvrj45Fw0wMzA2MTcxMzAxMDBaMGcwZQYDVR0d"
-            + "AQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxl"
-            + "a29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVRUQyBUZXN0IENBIDExOlBO"
-            + "MIGQAgQvrj44Fw0wMzA2MTcxMzAxMDBaMHkwdwYDVR0dAQH/BG0wa6RpMGcxCzAJ"
-            + "BgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMRAwDgYDVQQL"
-            + "FAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cgVGVzdCBDQSA2"
-            + "OlBOMIGQAgQvrj43Fw0wMzA2MTcxMzAxMDBaMHkwdwYDVR0dAQH/BG0wa6RpMGcx"
-            + "CzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMRAwDgYD"
-            + "VQQLFAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cgVGVzdCBD"
-            + "QSA2OlBOMIGQAgQvrj42Fw0wMzA2MTcxMzAxMDBaMHkwdwYDVR0dAQH/BG0wa6Rp"
-            + "MGcxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMRAw"
-            + "DgYDVQQLFAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cgVGVz"
-            + "dCBDQSA2OlBOMIGQAgQvrj4zFw0wMzA2MTcxMDM3NDlaMHkwdwYDVR0dAQH/BG0w"
-            + "a6RpMGcxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFH"
-            + "MRAwDgYDVQQLFAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cg"
-            + "VGVzdCBDQSA2OlBOMH4CBC+uPjEXDTAzMDYxNzEwNDI1OFowZzBlBgNVHR0BAf8E"
-            + "WzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20g"
-            + "QUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRVFRDIFRlc3QgQ0EgMTE6UE4wgZAC"
-            + "BC+uPjAXDTAzMDYxNzEwNDI1OFoweTB3BgNVHR0BAf8EbTBrpGkwZzELMAkGA1UE"
-            + "BhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxEDAOBgNVBAsUB1Rl"
-            + "bGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDY6UE4w"
-            + "gZACBC+uPakXDTAzMTAyMjExMzIyNFoweTB3BgNVHR0BAf8EbTBrpGkwZzELMAkG"
-            + "A1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxEDAOBgNVBAsU"
-            + "B1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDY6"
-            + "UE4wgZACBC+uPLIXDTA1MDMxMTA2NDQyNFoweTB3BgNVHR0BAf8EbTBrpGkwZzEL"
-            + "MAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxEDAOBgNV"
-            + "BAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENB"
-            + "IDY6UE4wgZACBC+uPKsXDTA0MDQwMjA3NTQ1M1oweTB3BgNVHR0BAf8EbTBrpGkw"
-            + "ZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxEDAO"
-            + "BgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0"
-            + "IENBIDY6UE4wgZACBC+uOugXDTA1MDEyNzEyMDMyNFoweTB3BgNVHR0BAf8EbTBr"
-            + "pGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcx"
-            + "EDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBU"
-            + "ZXN0IENBIDY6UE4wgZACBC+uOr4XDTA1MDIxNjA3NTcxNloweTB3BgNVHR0BAf8E"
-            + "bTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20g"
-            + "QUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2ln"
-            + "RyBUZXN0IENBIDY6UE4wgZACBC+uOqcXDTA1MDMxMDA1NTkzNVoweTB3BgNVHR0B"
-            + "Af8EbTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVr"
-            + "b20gQUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQR"
-            + "U2lnRyBUZXN0IENBIDY6UE4wgZACBC+uOjwXDTA1MDUxMTEwNDk0NloweTB3BgNV"
-            + "HR0BAf8EbTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
-            + "bGVrb20gQUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UE"
-            + "AxQRU2lnRyBUZXN0IENBIDY6UE4wgaoCBC+sbdUXDTA1MTExMTEwMDMyMVowgZIw"
-            + "gY8GA1UdHQEB/wSBhDCBgaR/MH0xCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0"
-            + "c2NoZSBUZWxla29tIEFHMR8wHQYDVQQLFBZQcm9kdWt0emVudHJ1bSBUZWxlU2Vj"
-            + "MS8wDAYHAoIGAQoHFBMBMTAfBgNVBAMUGFRlbGVTZWMgUEtTIFNpZ0cgQ0EgMTpQ"
-            + "TjCBlQIEL64uaBcNMDYwMTIzMTAyNTU1WjB+MHwGA1UdHQEB/wRyMHCkbjBsMQsw"
-            + "CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEWMBQGA1UE"
-            + "CxQNWmVudHJhbGUgQm9ubjEnMAwGBwKCBgEKBxQTATEwFwYDVQQDFBBUVEMgVGVz"
-            + "dCBDQSA5OlBOMIGVAgQvribHFw0wNjA4MDEwOTQ4NDRaMH4wfAYDVR0dAQH/BHIw"
-            + "cKRuMGwxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFH"
-            + "MRYwFAYDVQQLFA1aZW50cmFsZSBCb25uMScwDAYHAoIGAQoHFBMBMTAXBgNVBAMU"
-            + "EFRUQyBUZXN0IENBIDk6UE6ggZswgZgwCwYDVR0UBAQCAhEMMB8GA1UdIwQYMBaA"
-            + "FANbyNumDI9545HwlCF26NuOJC45MA8GA1UdHAEB/wQFMAOEAf8wVwYDVR0SBFAw"
-            + "ToZMbGRhcDovL3Brc2xkYXAudHR0Yy5kZS9vdT1ULVRlbGVTZWMgVGVzdCBESVIg"
-            + "ODpQTixvPURldXRzY2hlIFRlbGVrb20gQUcsYz1kZTANBgkqhkiG9w0BAQUFAAOB"
-            + "gQBewL5gLFHpeOWO07Vk3Gg7pRDuAlvaovBH4coCyCWpk5jEhUfFSYEDuaQB7do4"
-            + "IlJmeTHvkI0PIZWJ7bwQ2PVdipPWDx0NVwS/Cz5jUKiS3BbAmZQZOueiKLFpQq3A"
-            + "b8aOHA7WHU4078/1lM+bgeu33Ln1CGykEbmSjA/oKPi/JA==");
-
-    byte[] directCRL = Base64.decode(
-        "MIIGXTCCBckCAQEwCgYGKyQDAwECBQAwdDELMAkGA1UEBhMCREUxHDAaBgNVBAoU"
-            + "E0RldXRzY2hlIFRlbGVrb20gQUcxFzAVBgNVBAsUDlQtVGVsZVNlYyBUZXN0MS4w"
-            + "DAYHAoIGAQoHFBMBMTAeBgNVBAMUF1QtVGVsZVNlYyBUZXN0IERJUiA4OlBOFw0w"
-            + "NjA4MDQwODQ1MTRaFw0wNjA4MDQxNDQ1MTRaMIIElTAVAgQvrj/pFw0wMzA3MjIw"
-            + "NTQxMjhaMBUCBC+uP+oXDTAzMDcyMjA1NDEyOFowFQIEL64/5xcNMDQwNDA1MTMx"
-            + "ODE3WjAVAgQvrj/oFw0wNDA0MDUxMzE4MTdaMBUCBC+uP+UXDTAzMDExMzExMTgx"
-            + "MVowFQIEL64/5hcNMDMwMTEzMTExODExWjAVAgQvrj/jFw0wMzAxMTMxMTI2NTZa"
-            + "MBUCBC+uP+QXDTAzMDExMzExMjY1NlowFQIEL64/4hcNMDQwNzEzMDc1ODM4WjAV"
-            + "AgQvrj/eFw0wMzAyMTcwNjMzMjVaMBUCBC+uP98XDTAzMDIxNzA2MzMyNVowFQIE"
-            + "L64/0xcNMDMwMjE3MDYzMzI1WjAVAgQvrj/dFw0wMzAxMTMxMTI4MTRaMBUCBC+u"
-            + "P9cXDTAzMDExMzExMjcwN1owFQIEL64/2BcNMDMwMTEzMTEyNzA3WjAVAgQvrj/V"
-            + "Fw0wMzA0MzAxMjI3NTNaMBUCBC+uP9YXDTAzMDQzMDEyMjc1M1owFQIEL64/xhcN"
-            + "MDMwMjEyMTM0NTQwWjAVAgQvrj/FFw0wMzAyMTIxMzQ1NDBaMBUCBC+uP8IXDTAz"
-            + "MDIxMjEzMDkxNlowFQIEL64/wRcNMDMwMjEyMTMwODQwWjAVAgQvrj++Fw0wMzAy"
-            + "MTcwNjM3MjVaMBUCBC+uP70XDTAzMDIxNzA2MzcyNVowFQIEL64/sBcNMDMwMjEy"
-            + "MTMwODU5WjAVAgQvrj+vFw0wMzAyMTcwNjM3MjVaMBUCBC+uP5MXDTAzMDQxMDA1"
-            + "MjYyOFowFQIEL64/khcNMDMwNDEwMDUyNjI4WjAVAgQvrj8/Fw0wMzAyMjYxMTA0"
-            + "NDRaMBUCBC+uPz4XDTAzMDIyNjExMDQ0NFowFQIEL64+zRcNMDMwNTIwMDUyNzM2"
-            + "WjAVAgQvrj7MFw0wMzA1MjAwNTI3MzZaMBUCBC+uPjwXDTAzMDYxNzEwMzQxNlow"
-            + "FQIEL64+OxcNMDMwNjE3MTAzNDE2WjAVAgQvrj46Fw0wMzA2MTcxMDM0MTZaMBUC"
-            + "BC+uPjkXDTAzMDYxNzEzMDEwMFowFQIEL64+OBcNMDMwNjE3MTMwMTAwWjAVAgQv"
-            + "rj43Fw0wMzA2MTcxMzAxMDBaMBUCBC+uPjYXDTAzMDYxNzEzMDEwMFowFQIEL64+"
-            + "MxcNMDMwNjE3MTAzNzQ5WjAVAgQvrj4xFw0wMzA2MTcxMDQyNThaMBUCBC+uPjAX"
-            + "DTAzMDYxNzEwNDI1OFowFQIEL649qRcNMDMxMDIyMTEzMjI0WjAVAgQvrjyyFw0w"
-            + "NTAzMTEwNjQ0MjRaMBUCBC+uPKsXDTA0MDQwMjA3NTQ1M1owFQIEL6466BcNMDUw"
-            + "MTI3MTIwMzI0WjAVAgQvrjq+Fw0wNTAyMTYwNzU3MTZaMBUCBC+uOqcXDTA1MDMx"
-            + "MDA1NTkzNVowFQIEL646PBcNMDUwNTExMTA0OTQ2WjAVAgQvrG3VFw0wNTExMTEx"
-            + "MDAzMjFaMBUCBC+uLmgXDTA2MDEyMzEwMjU1NVowFQIEL64mxxcNMDYwODAxMDk0"
-            + "ODQ0WqCBijCBhzALBgNVHRQEBAICEQwwHwYDVR0jBBgwFoAUA1vI26YMj3njkfCU"
-            + "IXbo244kLjkwVwYDVR0SBFAwToZMbGRhcDovL3Brc2xkYXAudHR0Yy5kZS9vdT1U"
-            + "LVRlbGVTZWMgVGVzdCBESVIgODpQTixvPURldXRzY2hlIFRlbGVrb20gQUcsYz1k"
-            + "ZTAKBgYrJAMDAQIFAAOBgQArj4eMlbAwuA2aS5O4UUUHQMKKdK/dtZi60+LJMiMY"
-            + "ojrMIf4+ZCkgm1Ca0Cd5T15MJxVHhh167Ehn/Hd48pdnAP6Dfz/6LeqkIHGWMHR+"
-            + "z6TXpwWB+P4BdUec1ztz04LypsznrHcLRa91ixg9TZCb1MrOG+InNhleRs1ImXk8"
-            + "MQ==");
-
-    private final byte[] pkcs7CrlProblem = Base64.decode(
-        "MIIwSAYJKoZIhvcNAQcCoIIwOTCCMDUCAQExCzAJBgUrDgMCGgUAMAsGCSqG"
-            + "SIb3DQEHAaCCEsAwggP4MIIC4KADAgECAgF1MA0GCSqGSIb3DQEBBQUAMEUx"
-            + "CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMR4wHAYDVQQD"
-            + "ExVHZW9UcnVzdCBDQSBmb3IgQWRvYmUwHhcNMDQxMjAyMjEyNTM5WhcNMDYx"
-            + "MjMwMjEyNTM5WjBMMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMR2VvVHJ1c3Qg"
-            + "SW5jMSYwJAYDVQQDEx1HZW9UcnVzdCBBZG9iZSBPQ1NQIFJlc3BvbmRlcjCB"
-            + "nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4gnNYhtw7U6QeVXZODnGhHMj"
-            + "+OgZ0DB393rEk6a2q9kq129IA2e03yKBTfJfQR9aWKc2Qj90dsSqPjvTDHFG"
-            + "Qsagm2FQuhnA3fb1UWhPzeEIdm6bxDsnQ8nWqKqxnWZzELZbdp3I9bBLizIq"
-            + "obZovzt60LNMghn/unvvuhpeVSsCAwEAAaOCAW4wggFqMA4GA1UdDwEB/wQE"
-            + "AwIE8DCB5QYDVR0gAQH/BIHaMIHXMIHUBgkqhkiG9y8BAgEwgcYwgZAGCCsG"
-            + "AQUFBwICMIGDGoGAVGhpcyBjZXJ0aWZpY2F0ZSBoYXMgYmVlbiBpc3N1ZWQg"
-            + "aW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBBY3JvYmF0IENyZWRlbnRpYWxzIENQ"
-            + "UyBsb2NhdGVkIGF0IGh0dHA6Ly93d3cuZ2VvdHJ1c3QuY29tL3Jlc291cmNl"
-            + "cy9jcHMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuZ2VvdHJ1c3QuY29tL3Jl"
-            + "c291cmNlcy9jcHMwEwYDVR0lBAwwCgYIKwYBBQUHAwkwOgYDVR0fBDMwMTAv"
-            + "oC2gK4YpaHR0cDovL2NybC5nZW90cnVzdC5jb20vY3Jscy9hZG9iZWNhMS5j"
-            + "cmwwHwYDVR0jBBgwFoAUq4BZw2WDbR19E70Zw+wajw1HaqMwDQYJKoZIhvcN"
-            + "AQEFBQADggEBAENJf1BD7PX5ivuaawt90q1OGzXpIQL/ClzEeFVmOIxqPc1E"
-            + "TFRq92YuxG5b6+R+k+tGkmCwPLcY8ipg6ZcbJ/AirQhohzjlFuT6YAXsTfEj"
-            + "CqEZfWM2sS7crK2EYxCMmKE3xDfPclYtrAoz7qZvxfQj0TuxHSstHZv39wu2"
-            + "ZiG1BWiEcyDQyTgqTOXBoZmfJtshuAcXmTpgkrYSrS37zNlPTGh+pMYQ0yWD"
-            + "c8OQRJR4OY5ZXfdna01mjtJTOmj6/6XPoLPYTq2gQrc2BCeNJ4bEhLb7sFVB"
-            + "PbwPrpzTE/HRbQHDrzj0YimDxeOUV/UXctgvYwHNtEkcBLsOm/uytMYwggSh"
-            + "MIIDiaADAgECAgQ+HL0oMA0GCSqGSIb3DQEBBQUAMGkxCzAJBgNVBAYTAlVT"
-            + "MSMwIQYDVQQKExpBZG9iZSBTeXN0ZW1zIEluY29ycG9yYXRlZDEdMBsGA1UE"
-            + "CxMUQWRvYmUgVHJ1c3QgU2VydmljZXMxFjAUBgNVBAMTDUFkb2JlIFJvb3Qg"
-            + "Q0EwHhcNMDMwMTA4MjMzNzIzWhcNMjMwMTA5MDAwNzIzWjBpMQswCQYDVQQG"
-            + "EwJVUzEjMCEGA1UEChMaQWRvYmUgU3lzdGVtcyBJbmNvcnBvcmF0ZWQxHTAb"
-            + "BgNVBAsTFEFkb2JlIFRydXN0IFNlcnZpY2VzMRYwFAYDVQQDEw1BZG9iZSBS"
-            + "b290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzE9UhPen"
-            + "ouczU38/nBKIayyZR2d+Dx65rRSI+cMQ2B3w8NWfaQovWTWwzGypTJwVoJ/O"
-            + "IL+gz1Ti4CBmRT85hjh+nMSOByLGJPYBErA131XqaZCw24U3HuJOB7JCoWoT"
-            + "aaBm6oCREVkqmwh5WiBELcm9cziLPC/gQxtdswvwrzUaKf7vppLdgUydPVmO"
-            + "rTE8QH6bkTYG/OJcjdGNJtVcRc+vZT+xqtJilvSoOOq6YEL09BxKNRXO+E4i"
-            + "Vg+VGMX4lp+f+7C3eCXpgGu91grwxnSUnfMPUNuad85LcIMjjaDKeCBEXDxU"
-            + "ZPHqojAZn+pMBk0GeEtekt8i0slns3rSAQIDAQABo4IBTzCCAUswEQYJYIZI"
-            + "AYb4QgEBBAQDAgAHMIGOBgNVHR8EgYYwgYMwgYCgfqB8pHoweDELMAkGA1UE"
-            + "BhMCVVMxIzAhBgNVBAoTGkFkb2JlIFN5c3RlbXMgSW5jb3Jwb3JhdGVkMR0w"
-            + "GwYDVQQLExRBZG9iZSBUcnVzdCBTZXJ2aWNlczEWMBQGA1UEAxMNQWRvYmUg"
-            + "Um9vdCBDQTENMAsGA1UEAxMEQ1JMMTArBgNVHRAEJDAigA8yMDAzMDEwODIz"
-            + "MzcyM1qBDzIwMjMwMTA5MDAwNzIzWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgw"
-            + "FoAUgrc4SpOqmxDvgLvZVOLxD/uAnN4wHQYDVR0OBBYEFIK3OEqTqpsQ74C7"
-            + "2VTi8Q/7gJzeMAwGA1UdEwQFMAMBAf8wHQYJKoZIhvZ9B0EABBAwDhsIVjYu"
-            + "MDo0LjADAgSQMA0GCSqGSIb3DQEBBQUAA4IBAQAy2p9DdcH6b8lv26sdNjc+"
-            + "vGEZNrcCPB0jWZhsnu5NhedUyCAfp9S74r8Ad30ka3AvXME6dkm10+AjhCpx"
-            + "aiLzwScpmBX2NZDkBEzDjbyfYRzn/SSM0URDjBa6m02l1DUvvBHOvfdRN42f"
-            + "kOQU8Rg/vulZEjX5M5LznuDVa5pxm5lLyHHD4bFhCcTl+pHwQjo3fTT5cujN"
-            + "qmIcIenV9IIQ43sFti1oVgt+fpIsb01yggztVnSynbmrLSsdEF/bJ3Vwj/0d"
-            + "1+ICoHnlHOX/r2RAUS2em0fbQqV8H8KmSLDXvpJpTaT2KVfFeBEY3IdRyhOy"
-            + "Yp1PKzK9MaXB+lKrBYjIMIIEyzCCA7OgAwIBAgIEPhy9tTANBgkqhkiG9w0B"
-            + "AQUFADBpMQswCQYDVQQGEwJVUzEjMCEGA1UEChMaQWRvYmUgU3lzdGVtcyBJ"
-            + "bmNvcnBvcmF0ZWQxHTAbBgNVBAsTFEFkb2JlIFRydXN0IFNlcnZpY2VzMRYw"
-            + "FAYDVQQDEw1BZG9iZSBSb290IENBMB4XDTA0MDExNzAwMDMzOVoXDTE1MDEx"
-            + "NTA4MDAwMFowRTELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IElu"
-            + "Yy4xHjAcBgNVBAMTFUdlb1RydXN0IENBIGZvciBBZG9iZTCCASIwDQYJKoZI"
-            + "hvcNAQEBBQADggEPADCCAQoCggEBAKfld+BkeFrnOYW8r9L1WygTDlTdSfrO"
-            + "YvWS/Z6Ye5/l+HrBbOHqQCXBcSeCpz7kB2WdKMh1FOE4e9JlmICsHerBLdWk"
-            + "emU+/PDb69zh8E0cLoDfxukF6oVPXj6WSThdSG7H9aXFzRr6S3XGCuvgl+Qw"
-            + "DTLiLYW+ONF6DXwt3TQQtKReJjOJZk46ZZ0BvMStKyBaeB6DKZsmiIo89qso"
-            + "13VDZINH2w1KvXg0ygDizoNtbvgAPFymwnsINS1klfQlcvn0x0RJm9bYQXK3"
-            + "5GNZAgL3M7Lqrld0jMfIUaWvuHCLyivytRuzq1dJ7E8rmidjDEk/G+27pf13"
-            + "fNZ7vR7M+IkCAwEAAaOCAZ0wggGZMBIGA1UdEwEB/wQIMAYBAf8CAQEwUAYD"
-            + "VR0gBEkwRzBFBgkqhkiG9y8BAgEwODA2BggrBgEFBQcCARYqaHR0cHM6Ly93"
-            + "d3cuYWRvYmUuY29tL21pc2MvcGtpL2Nkc19jcC5odG1sMBQGA1UdJQQNMAsG"
-            + "CSqGSIb3LwEBBTCBsgYDVR0fBIGqMIGnMCKgIKAehhxodHRwOi8vY3JsLmFk"
-            + "b2JlLmNvbS9jZHMuY3JsMIGAoH6gfKR6MHgxCzAJBgNVBAYTAlVTMSMwIQYD"
-            + "VQQKExpBZG9iZSBTeXN0ZW1zIEluY29ycG9yYXRlZDEdMBsGA1UECxMUQWRv"
-            + "YmUgVHJ1c3QgU2VydmljZXMxFjAUBgNVBAMTDUFkb2JlIFJvb3QgQ0ExDTAL"
-            + "BgNVBAMTBENSTDEwCwYDVR0PBAQDAgEGMB8GA1UdIwQYMBaAFIK3OEqTqpsQ"
-            + "74C72VTi8Q/7gJzeMB0GA1UdDgQWBBSrgFnDZYNtHX0TvRnD7BqPDUdqozAZ"
-            + "BgkqhkiG9n0HQQAEDDAKGwRWNi4wAwIEkDANBgkqhkiG9w0BAQUFAAOCAQEA"
-            + "PzlZLqIAjrFeEWEs0uC29YyJhkXOE9mf3YSaFGsITF+Gl1j0pajTjyH4R35Q"
-            + "r3floW2q3HfNzTeZ90Jnr1DhVERD6zEMgJpCtJqVuk0sixuXJHghS/KicKf4"
-            + "YXJJPx9epuIRF1siBRnznnF90svmOJMXApc0jGnYn3nQfk4kaShSnDaYaeYR"
-            + "DJKcsiWhl6S5zfwS7Gg8hDeyckhMQKKWnlG1CQrwlSFisKCduoodwRtWgft8"
-            + "kx13iyKK3sbalm6vnVc+5nufS4vI+TwMXoV63NqYaSroafBWk0nL53zGXPEy"
-            + "+A69QhzEViJKn2Wgqt5gt++jMMNImbRObIqgfgF1VjCCBUwwggQ0oAMCAQIC"
-            + "AgGDMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1H"
-            + "ZW9UcnVzdCBJbmMuMR4wHAYDVQQDExVHZW9UcnVzdCBDQSBmb3IgQWRvYmUw"
-            + "HhcNMDYwMzI0MTU0MjI5WhcNMDkwNDA2MTQ0MjI5WjBzMQswCQYDVQQGEwJV"
-            + "UzELMAkGA1UECBMCTUExETAPBgNVBAoTCEdlb1RydXN0MR0wGwYDVQQDExRN"
-            + "YXJrZXRpbmcgRGVwYXJ0bWVudDElMCMGCSqGSIb3DQEJARYWbWFya2V0aW5n"
-            + "QGdlb3RydXN0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB"
-            + "ANmvajTO4XJvAU2nVcLmXeCnAQX7RZt+7+ML3InmqQ3LCGo1weop09zV069/"
-            + "1x/Nmieol7laEzeXxd2ghjGzwfXafqQEqHn6+vBCvqdNPoSi63fSWhnuDVWp"
-            + "KVDOYgxOonrXl+Cc43lu4zRSq+Pi5phhrjDWcH74a3/rdljUt4c4GFezFXfa"
-            + "w2oTzWkxj2cTSn0Szhpr17+p66UNt8uknlhmu4q44Speqql2HwmCEnpLYJrK"
-            + "W3fOq5D4qdsvsLR2EABLhrBezamLI3iGV8cRHOUTsbTMhWhv/lKfHAyf4XjA"
-            + "z9orzvPN5jthhIfICOFq/nStTgakyL4Ln+nFAB/SMPkCAwEAAaOCAhYwggIS"
-            + "MA4GA1UdDwEB/wQEAwIF4DCB5QYDVR0gAQH/BIHaMIHXMIHUBgkqhkiG9y8B"
-            + "AgEwgcYwgZAGCCsGAQUFBwICMIGDGoGAVGhpcyBjZXJ0aWZpY2F0ZSBoYXMg"
-            + "YmVlbiBpc3N1ZWQgaW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBBY3JvYmF0IENy"
-            + "ZWRlbnRpYWxzIENQUyBsb2NhdGVkIGF0IGh0dHA6Ly93d3cuZ2VvdHJ1c3Qu"
-            + "Y29tL3Jlc291cmNlcy9jcHMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuZ2Vv"
-            + "dHJ1c3QuY29tL3Jlc291cmNlcy9jcHMwOgYDVR0fBDMwMTAvoC2gK4YpaHR0"
-            + "cDovL2NybC5nZW90cnVzdC5jb20vY3Jscy9hZG9iZWNhMS5jcmwwHwYDVR0j"
-            + "BBgwFoAUq4BZw2WDbR19E70Zw+wajw1HaqMwRAYIKwYBBQUHAQEEODA2MDQG"
-            + "CCsGAQUFBzABhihodHRwOi8vYWRvYmUtb2NzcC5nZW90cnVzdC5jb20vcmVz"
-            + "cG9uZGVyMBQGA1UdJQQNMAsGCSqGSIb3LwEBBTA8BgoqhkiG9y8BAQkBBC4w"
-            + "LAIBAYYnaHR0cDovL2Fkb2JlLXRpbWVzdGFtcC5nZW90cnVzdC5jb20vdHNh"
-            + "MBMGCiqGSIb3LwEBCQIEBTADAgEBMAwGA1UdEwQFMAMCAQAwDQYJKoZIhvcN"
-            + "AQEFBQADggEBAAOhy6QxOo+i3h877fvDvTa0plGD2bIqK7wMdNqbMDoSWied"
-            + "FIcgcBOIm2wLxOjZBAVj/3lDq59q2rnVeNnfXM0/N0MHI9TumHRjU7WNk9e4"
-            + "+JfJ4M+c3anrWOG3NE5cICDVgles+UHjXetHWql/LlP04+K2ZOLb6LE2xGnI"
-            + "YyLW9REzCYNAVF+/WkYdmyceHtaBZdbyVAJq0NAJPsfgY1pWcBo31Mr1fpX9"
-            + "WrXNTYDCqMyxMImJTmN3iI68tkXlNrhweQoArKFqBysiBkXzG/sGKYY6tWKU"
-            + "pzjLc3vIp/LrXC5zilROes8BSvwu1w9qQrJNcGwo7O4uijoNtyYil1Exgh1Q"
-            + "MIIdTAIBATBLMEUxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJ"
-            + "bmMuMR4wHAYDVQQDExVHZW9UcnVzdCBDQSBmb3IgQWRvYmUCAgGDMAkGBSsO"
-            + "AwIaBQCgggxMMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwIwYJKoZIhvcN"
-            + "AQkEMRYEFP4R6qIdpQJzWyzrqO8X1ZfJOgChMIIMCQYJKoZIhvcvAQEIMYIL"
-            + "+jCCC/agggZ5MIIGdTCCA6gwggKQMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV"
-            + "BAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMR4wHAYDVQQDExVHZW9U"
-            + "cnVzdCBDQSBmb3IgQWRvYmUXDTA2MDQwNDE3NDAxMFoXDTA2MDQwNTE3NDAx"
-            + "MFowggIYMBMCAgC5Fw0wNTEwMTEyMDM2MzJaMBICAVsXDTA0MTEwNDE1MDk0"
-            + "MVowEwICALgXDTA1MTIxMjIyMzgzOFowEgIBWhcNMDQxMTA0MTUwOTMzWjAT"
-            + "AgIA5hcNMDUwODI3MDQwOTM4WjATAgIAtxcNMDYwMTE2MTc1NTEzWjATAgIA"
-            + "hhcNMDUxMjEyMjIzODU1WjATAgIAtRcNMDUwNzA2MTgzODQwWjATAgIA4BcN"
-            + "MDYwMzIwMDc0ODM0WjATAgIAgRcNMDUwODAyMjIzMTE1WjATAgIA3xcNMDUx"
-            + "MjEyMjIzNjUwWjASAgFKFw0wNDExMDQxNTA5MTZaMBICAUQXDTA0MTEwNDE1"
-            + "MDg1M1owEgIBQxcNMDQxMDAzMDEwMDQwWjASAgFsFw0wNDEyMDYxOTQ0MzFa"
-            + "MBMCAgEoFw0wNjAzMDkxMjA3MTJaMBMCAgEkFw0wNjAxMTYxNzU1MzRaMBIC"
-            + "AWcXDTA1MDMxODE3NTYxNFowEwICAVEXDTA2MDEzMTExMjcxMVowEgIBZBcN"
-            + "MDQxMTExMjI0ODQxWjATAgIA8RcNMDUwOTE2MTg0ODAxWjATAgIBThcNMDYw"
-            + "MjIxMjAxMDM2WjATAgIAwRcNMDUxMjEyMjIzODE2WjASAgFiFw0wNTAxMTAx"
-            + "NjE5MzRaMBICAWAXDTA1MDExMDE5MDAwNFowEwICAL4XDTA1MDUxNzE0NTYx"
-            + "MFowDQYJKoZIhvcNAQEFBQADggEBAEKhRMS3wVho1U3EvEQJZC8+JlUngmZQ"
-            + "A78KQbHPWNZWFlNvPuf/b0s7Lu16GfNHXh1QAW6Y5Hi1YtYZ3YOPyMd4Xugt"
-            + "gCdumbB6xtKsDyN5RvTht6ByXj+CYlYqsL7RX0izJZ6mJn4fjMkqzPKNOjb8"
-            + "kSn5T6rn93BjlATtCE8tPVOM8dnqGccRE0OV59+nDBXc90UMt5LdEbwaUOap"
-            + "snVB0oLcNm8d/HnlVH6RY5LnDjrT4vwfe/FApZtTecEWsllVUXDjSpwfcfD/"
-            + "476/lpGySB2otALqzImlA9R8Ok3hJ8dnF6hhQ5Oe6OJMnGYgdhkKbxsKkdib"
-            + "tTVl3qmH5QAwggLFMIIBrQIBATANBgkqhkiG9w0BAQUFADBpMQswCQYDVQQG"
-            + "EwJVUzEjMCEGA1UEChMaQWRvYmUgU3lzdGVtcyBJbmNvcnBvcmF0ZWQxHTAb"
-            + "BgNVBAsTFEFkb2JlIFRydXN0IFNlcnZpY2VzMRYwFAYDVQQDEw1BZG9iZSBS"
-            + "b290IENBFw0wNjAxMjcxODMzMzFaFw0wNzAxMjcwMDAwMDBaMIHeMCMCBD4c"
-            + "vUAXDTAzMDEyMTIzNDY1NlowDDAKBgNVHRUEAwoBBDAjAgQ+HL1BFw0wMzAx"
-            + "MjEyMzQ3MjJaMAwwCgYDVR0VBAMKAQQwIwIEPhy9YhcNMDMwMTIxMjM0NzQy"
-            + "WjAMMAoGA1UdFQQDCgEEMCMCBD4cvWEXDTA0MDExNzAxMDg0OFowDDAKBgNV"
-            + "HRUEAwoBBDAjAgQ+HL2qFw0wNDAxMTcwMTA5MDVaMAwwCgYDVR0VBAMKAQQw"
-            + "IwIEPhy9qBcNMDQwMTE3MDEzOTI5WjAMMAoGA1UdFQQDCgEEoC8wLTAKBgNV"
-            + "HRQEAwIBDzAfBgNVHSMEGDAWgBSCtzhKk6qbEO+Au9lU4vEP+4Cc3jANBgkq"
-            + "hkiG9w0BAQUFAAOCAQEAwtXF9042wG39icUlsotn5tpE3oCusLb/hBpEONhx"
-            + "OdfEQOq0w5hf/vqaxkcf71etA+KpbEUeSVaHMHRPhx/CmPrO9odE139dJdbt"
-            + "9iqbrC9iZokFK3h/es5kg73xujLKd7C/u5ngJ4mwBtvhMLjFjF2vJhPKHL4C"
-            + "IgMwdaUAhrcNzy16v+mw/VGJy3Fvc6oCESW1K9tvFW58qZSNXrMlsuidgunM"
-            + "hPKG+z0SXVyCqL7pnqKiaGddcgujYGOSY4S938oVcfZeZQEODtSYGlzldojX"
-            + "C1U1hCK5+tHAH0Ox/WqRBIol5VCZQwJftf44oG8oviYq52aaqSejXwmfT6zb"
-            + "76GCBXUwggVxMIIFbQoBAKCCBWYwggViBgkrBgEFBQcwAQEEggVTMIIFTzCB"
-            + "taIWBBS+8EpykfXdl4h3z7m/NZfdkAQQERgPMjAwNjA0MDQyMDIwMTVaMGUw"
-            + "YzA7MAkGBSsOAwIaBQAEFEb4BuZYkbjBjOjT6VeA/00fBvQaBBT3fTSQniOp"
-            + "BbHBSkz4xridlX0bsAICAYOAABgPMjAwNjA0MDQyMDIwMTVaoBEYDzIwMDYw"
-            + "NDA1MDgyMDE1WqEjMCEwHwYJKwYBBQUHMAECBBIEEFqooq/R2WltD7TposkT"
-            + "BhMwDQYJKoZIhvcNAQEFBQADgYEAMig6lty4b0JDsT/oanfQG5x6jVKPACpp"
-            + "1UA9SJ0apJJa7LeIdDFmu5C2S/CYiKZm4A4P9cAu0YzgLHxE4r6Op+HfVlAG"
-            + "6bzUe1P/hi1KCJ8r8wxOZAktQFPSzs85RAZwkHMfB0lP2e/h666Oye+Zf8VH"
-            + "RaE+/xZ7aswE89HXoumgggQAMIID/DCCA/gwggLgoAMCAQICAXUwDQYJKoZI"
-            + "hvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IElu"
-            + "Yy4xHjAcBgNVBAMTFUdlb1RydXN0IENBIGZvciBBZG9iZTAeFw0wNDEyMDIy"
-            + "MTI1MzlaFw0wNjEyMzAyMTI1MzlaMEwxCzAJBgNVBAYTAlVTMRUwEwYDVQQK"
-            + "EwxHZW9UcnVzdCBJbmMxJjAkBgNVBAMTHUdlb1RydXN0IEFkb2JlIE9DU1Ag"
-            + "UmVzcG9uZGVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDiCc1iG3Dt"
-            + "TpB5Vdk4OcaEcyP46BnQMHf3esSTprar2SrXb0gDZ7TfIoFN8l9BH1pYpzZC"
-            + "P3R2xKo+O9MMcUZCxqCbYVC6GcDd9vVRaE/N4Qh2bpvEOydDydaoqrGdZnMQ"
-            + "tlt2ncj1sEuLMiqhtmi/O3rQs0yCGf+6e++6Gl5VKwIDAQABo4IBbjCCAWow"
-            + "DgYDVR0PAQH/BAQDAgTwMIHlBgNVHSABAf8EgdowgdcwgdQGCSqGSIb3LwEC"
-            + "ATCBxjCBkAYIKwYBBQUHAgIwgYMagYBUaGlzIGNlcnRpZmljYXRlIGhhcyBi"
-            + "ZWVuIGlzc3VlZCBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIEFjcm9iYXQgQ3Jl"
-            + "ZGVudGlhbHMgQ1BTIGxvY2F0ZWQgYXQgaHR0cDovL3d3dy5nZW90cnVzdC5j"
-            + "b20vcmVzb3VyY2VzL2NwczAxBggrBgEFBQcCARYlaHR0cDovL3d3dy5nZW90"
-            + "cnVzdC5jb20vcmVzb3VyY2VzL2NwczATBgNVHSUEDDAKBggrBgEFBQcDCTA6"
-            + "BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLmdlb3RydXN0LmNvbS9jcmxz"
-            + "L2Fkb2JlY2ExLmNybDAfBgNVHSMEGDAWgBSrgFnDZYNtHX0TvRnD7BqPDUdq"
-            + "ozANBgkqhkiG9w0BAQUFAAOCAQEAQ0l/UEPs9fmK+5prC33SrU4bNekhAv8K"
-            + "XMR4VWY4jGo9zURMVGr3Zi7Eblvr5H6T60aSYLA8txjyKmDplxsn8CKtCGiH"
-            + "OOUW5PpgBexN8SMKoRl9YzaxLtysrYRjEIyYoTfEN89yVi2sCjPupm/F9CPR"
-            + "O7EdKy0dm/f3C7ZmIbUFaIRzINDJOCpM5cGhmZ8m2yG4BxeZOmCSthKtLfvM"
-            + "2U9MaH6kxhDTJYNzw5BElHg5jlld92drTWaO0lM6aPr/pc+gs9hOraBCtzYE"
-            + "J40nhsSEtvuwVUE9vA+unNMT8dFtAcOvOPRiKYPF45RX9Rdy2C9jAc20SRwE"
-            + "uw6b+7K0xjANBgkqhkiG9w0BAQEFAASCAQC7a4yICFGCEMPlJbydK5qLG3rV"
-            + "sip7Ojjz9TB4nLhC2DgsIHds8jjdq2zguInluH2nLaBCVS+qxDVlTjgbI2cB"
-            + "TaWS8nglC7nNjzkKAsa8vThA8FZUVXTW0pb74jNJJU2AA27bb4g+4WgunCrj"
-            + "fpYp+QjDyMmdrJVqRmt5eQN+dpVxMS9oq+NrhOSEhyIb4/rejgNg9wnVK1ms"
-            + "l5PxQ4x7kpm7+Ua41//owkJVWykRo4T1jo4eHEz1DolPykAaKie2VKH/sMqR"
-            + "Spjh4E5biKJLOV9fKivZWKAXByXfwUbbMsJvz4v/2yVHFy9xP+tqB5ZbRoDK"
-            + "k8PzUyCprozn+/22oYIPijCCD4YGCyqGSIb3DQEJEAIOMYIPdTCCD3EGCSqG"
-            + "SIb3DQEHAqCCD2Iwgg9eAgEDMQswCQYFKw4DAhoFADCB+gYLKoZIhvcNAQkQ"
-            + "AQSggeoEgecwgeQCAQEGAikCMCEwCQYFKw4DAhoFAAQUoT97qeCv3FXYaEcS"
-            + "gY8patCaCA8CAiMHGA8yMDA2MDQwNDIwMjA1N1owAwIBPAEB/wIIO0yRre3L"
-            + "8/6ggZCkgY0wgYoxCzAJBgNVBAYTAlVTMRYwFAYDVQQIEw1NYXNzYWNodXNl"
-            + "dHRzMRAwDgYDVQQHEwdOZWVkaGFtMRUwEwYDVQQKEwxHZW9UcnVzdCBJbmMx"
-            + "EzARBgNVBAsTClByb2R1Y3Rpb24xJTAjBgNVBAMTHGFkb2JlLXRpbWVzdGFt"
-            + "cC5nZW90cnVzdC5jb22gggzJMIIDUTCCAjmgAwIBAgICAI8wDQYJKoZIhvcN"
-            + "AQEFBQAwRTELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4x"
-            + "HjAcBgNVBAMTFUdlb1RydXN0IENBIGZvciBBZG9iZTAeFw0wNTAxMTAwMTI5"
-            + "MTBaFw0xNTAxMTUwODAwMDBaMIGKMQswCQYDVQQGEwJVUzEWMBQGA1UECBMN"
-            + "TWFzc2FjaHVzZXR0czEQMA4GA1UEBxMHTmVlZGhhbTEVMBMGA1UEChMMR2Vv"
-            + "VHJ1c3QgSW5jMRMwEQYDVQQLEwpQcm9kdWN0aW9uMSUwIwYDVQQDExxhZG9i"
-            + "ZS10aW1lc3RhbXAuZ2VvdHJ1c3QuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GN"
-            + "ADCBiQKBgQDRbxJotLFPWQuuEDhKtOMaBUJepGxIvWxeahMbq1DVmqnk88+j"
-            + "w/5lfPICPzQZ1oHrcTLSAFM7Mrz3pyyQKQKMqUyiemzuG/77ESUNfBNSUfAF"
-            + "PdtHuDMU8Is8ABVnFk63L+wdlvvDIlKkE08+VTKCRdjmuBVltMpQ6QcLFQzm"
-            + "AQIDAQABo4GIMIGFMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwuZ2Vv"
-            + "dHJ1c3QuY29tL2NybHMvYWRvYmVjYTEuY3JsMB8GA1UdIwQYMBaAFKuAWcNl"
-            + "g20dfRO9GcPsGo8NR2qjMA4GA1UdDwEB/wQEAwIGwDAWBgNVHSUBAf8EDDAK"
-            + "BggrBgEFBQcDCDANBgkqhkiG9w0BAQUFAAOCAQEAmnyXjdtX+F79Nf0KggTd"
-            + "6YC2MQD9s09IeXTd8TP3rBmizfM+7f3icggeCGakNfPRmIUMLoa0VM5Kt37T"
-            + "2X0TqzBWusfbKx7HnX4v1t/G8NJJlT4SShSHv+8bjjU4lUoCmW2oEcC5vXwP"
-            + "R5JfjCyois16npgcO05ZBT+LLDXyeBijE6qWmwLDfEpLyILzVRmyU4IE7jvm"
-            + "rgb3GXwDUvd3yQXGRRHbPCh3nj9hBGbuzyt7GnlqnEie3wzIyMG2ET/wvTX5"
-            + "4BFXKNe7lDLvZj/MXvd3V7gMTSVW0kAszKao56LfrVTgp1VX3UBQYwmQqaoA"
-            + "UwFezih+jEvjW6cYJo/ErDCCBKEwggOJoAMCAQICBD4cvSgwDQYJKoZIhvcN"
-            + "AQEFBQAwaTELMAkGA1UEBhMCVVMxIzAhBgNVBAoTGkFkb2JlIFN5c3RlbXMg"
-            + "SW5jb3Jwb3JhdGVkMR0wGwYDVQQLExRBZG9iZSBUcnVzdCBTZXJ2aWNlczEW"
-            + "MBQGA1UEAxMNQWRvYmUgUm9vdCBDQTAeFw0wMzAxMDgyMzM3MjNaFw0yMzAx"
-            + "MDkwMDA3MjNaMGkxCzAJBgNVBAYTAlVTMSMwIQYDVQQKExpBZG9iZSBTeXN0"
-            + "ZW1zIEluY29ycG9yYXRlZDEdMBsGA1UECxMUQWRvYmUgVHJ1c3QgU2Vydmlj"
-            + "ZXMxFjAUBgNVBAMTDUFkb2JlIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUA"
-            + "A4IBDwAwggEKAoIBAQDMT1SE96ei5zNTfz+cEohrLJlHZ34PHrmtFIj5wxDY"
-            + "HfDw1Z9pCi9ZNbDMbKlMnBWgn84gv6DPVOLgIGZFPzmGOH6cxI4HIsYk9gES"
-            + "sDXfVeppkLDbhTce4k4HskKhahNpoGbqgJERWSqbCHlaIEQtyb1zOIs8L+BD"
-            + "G12zC/CvNRop/u+mkt2BTJ09WY6tMTxAfpuRNgb84lyN0Y0m1VxFz69lP7Gq"
-            + "0mKW9Kg46rpgQvT0HEo1Fc74TiJWD5UYxfiWn5/7sLd4JemAa73WCvDGdJSd"
-            + "8w9Q25p3zktwgyONoMp4IERcPFRk8eqiMBmf6kwGTQZ4S16S3yLSyWezetIB"
-            + "AgMBAAGjggFPMIIBSzARBglghkgBhvhCAQEEBAMCAAcwgY4GA1UdHwSBhjCB"
-            + "gzCBgKB+oHykejB4MQswCQYDVQQGEwJVUzEjMCEGA1UEChMaQWRvYmUgU3lz"
-            + "dGVtcyBJbmNvcnBvcmF0ZWQxHTAbBgNVBAsTFEFkb2JlIFRydXN0IFNlcnZp"
-            + "Y2VzMRYwFAYDVQQDEw1BZG9iZSBSb290IENBMQ0wCwYDVQQDEwRDUkwxMCsG"
-            + "A1UdEAQkMCKADzIwMDMwMTA4MjMzNzIzWoEPMjAyMzAxMDkwMDA3MjNaMAsG"
-            + "A1UdDwQEAwIBBjAfBgNVHSMEGDAWgBSCtzhKk6qbEO+Au9lU4vEP+4Cc3jAd"
-            + "BgNVHQ4EFgQUgrc4SpOqmxDvgLvZVOLxD/uAnN4wDAYDVR0TBAUwAwEB/zAd"
-            + "BgkqhkiG9n0HQQAEEDAOGwhWNi4wOjQuMAMCBJAwDQYJKoZIhvcNAQEFBQAD"
-            + "ggEBADLan0N1wfpvyW/bqx02Nz68YRk2twI8HSNZmGye7k2F51TIIB+n1Lvi"
-            + "vwB3fSRrcC9cwTp2SbXT4COEKnFqIvPBJymYFfY1kOQETMONvJ9hHOf9JIzR"
-            + "REOMFrqbTaXUNS+8Ec6991E3jZ+Q5BTxGD++6VkSNfkzkvOe4NVrmnGbmUvI"
-            + "ccPhsWEJxOX6kfBCOjd9NPly6M2qYhwh6dX0ghDjewW2LWhWC35+kixvTXKC"
-            + "DO1WdLKduastKx0QX9sndXCP/R3X4gKgeeUc5f+vZEBRLZ6bR9tCpXwfwqZI"
-            + "sNe+kmlNpPYpV8V4ERjch1HKE7JinU8rMr0xpcH6UqsFiMgwggTLMIIDs6AD"
-            + "AgECAgQ+HL21MA0GCSqGSIb3DQEBBQUAMGkxCzAJBgNVBAYTAlVTMSMwIQYD"
-            + "VQQKExpBZG9iZSBTeXN0ZW1zIEluY29ycG9yYXRlZDEdMBsGA1UECxMUQWRv"
-            + "YmUgVHJ1c3QgU2VydmljZXMxFjAUBgNVBAMTDUFkb2JlIFJvb3QgQ0EwHhcN"
-            + "MDQwMTE3MDAwMzM5WhcNMTUwMTE1MDgwMDAwWjBFMQswCQYDVQQGEwJVUzEW"
-            + "MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgQ0Eg"
-            + "Zm9yIEFkb2JlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+V3"
-            + "4GR4Wuc5hbyv0vVbKBMOVN1J+s5i9ZL9nph7n+X4esFs4epAJcFxJ4KnPuQH"
-            + "ZZ0oyHUU4Th70mWYgKwd6sEt1aR6ZT788Nvr3OHwTRwugN/G6QXqhU9ePpZJ"
-            + "OF1Ibsf1pcXNGvpLdcYK6+CX5DANMuIthb440XoNfC3dNBC0pF4mM4lmTjpl"
-            + "nQG8xK0rIFp4HoMpmyaIijz2qyjXdUNkg0fbDUq9eDTKAOLOg21u+AA8XKbC"
-            + "ewg1LWSV9CVy+fTHREmb1thBcrfkY1kCAvczsuquV3SMx8hRpa+4cIvKK/K1"
-            + "G7OrV0nsTyuaJ2MMST8b7bul/Xd81nu9Hsz4iQIDAQABo4IBnTCCAZkwEgYD"
-            + "VR0TAQH/BAgwBgEB/wIBATBQBgNVHSAESTBHMEUGCSqGSIb3LwECATA4MDYG"
-            + "CCsGAQUFBwIBFipodHRwczovL3d3dy5hZG9iZS5jb20vbWlzYy9wa2kvY2Rz"
-            + "X2NwLmh0bWwwFAYDVR0lBA0wCwYJKoZIhvcvAQEFMIGyBgNVHR8Egaowgacw"
-            + "IqAgoB6GHGh0dHA6Ly9jcmwuYWRvYmUuY29tL2Nkcy5jcmwwgYCgfqB8pHow"
-            + "eDELMAkGA1UEBhMCVVMxIzAhBgNVBAoTGkFkb2JlIFN5c3RlbXMgSW5jb3Jw"
-            + "b3JhdGVkMR0wGwYDVQQLExRBZG9iZSBUcnVzdCBTZXJ2aWNlczEWMBQGA1UE"
-            + "AxMNQWRvYmUgUm9vdCBDQTENMAsGA1UEAxMEQ1JMMTALBgNVHQ8EBAMCAQYw"
-            + "HwYDVR0jBBgwFoAUgrc4SpOqmxDvgLvZVOLxD/uAnN4wHQYDVR0OBBYEFKuA"
-            + "WcNlg20dfRO9GcPsGo8NR2qjMBkGCSqGSIb2fQdBAAQMMAobBFY2LjADAgSQ"
-            + "MA0GCSqGSIb3DQEBBQUAA4IBAQA/OVkuogCOsV4RYSzS4Lb1jImGRc4T2Z/d"
-            + "hJoUawhMX4aXWPSlqNOPIfhHflCvd+Whbarcd83NN5n3QmevUOFUREPrMQyA"
-            + "mkK0mpW6TSyLG5ckeCFL8qJwp/hhckk/H16m4hEXWyIFGfOecX3Sy+Y4kxcC"
-            + "lzSMadifedB+TiRpKFKcNphp5hEMkpyyJaGXpLnN/BLsaDyEN7JySExAopae"
-            + "UbUJCvCVIWKwoJ26ih3BG1aB+3yTHXeLIorextqWbq+dVz7me59Li8j5PAxe"
-            + "hXrc2phpKuhp8FaTScvnfMZc8TL4Dr1CHMRWIkqfZaCq3mC376Mww0iZtE5s"
-            + "iqB+AXVWMYIBgDCCAXwCAQEwSzBFMQswCQYDVQQGEwJVUzEWMBQGA1UEChMN"
-            + "R2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgQ0EgZm9yIEFkb2Jl"
-            + "AgIAjzAJBgUrDgMCGgUAoIGMMBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRAB"
-            + "BDAcBgkqhkiG9w0BCQUxDxcNMDYwNDA0MjAyMDU3WjAjBgkqhkiG9w0BCQQx"
-            + "FgQUp7AnXBqoNcarvO7fMJut1og2U5AwKwYLKoZIhvcNAQkQAgwxHDAaMBgw"
-            + "FgQU1dH4eZTNhgxdiSABrat6zsPdth0wDQYJKoZIhvcNAQEBBQAEgYCinr/F"
-            + "rMiQz/MRm9ZD5YGcC0Qo2dRTPd0Aop8mZ4g1xAhKFLnp7lLsjCbkSDpVLDBh"
-            + "cnCk7CV+3FT5hlvt8OqZlR0CnkSnCswLFhrppiWle6cpxlwGqyAteC8uKtQu"
-            + "wjE5GtBKLcCOAzQYyyuNZZeB6oCZ+3mPhZ62FxrvvEGJCgAAAAAAAAAAAAAA"
-            + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
-            + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
-            + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
-            + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
-            + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
-            + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
-            + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
-            + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
-            + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==");
-
-    private final byte[] emptyDNCert = Base64.decode(
-        "MIICfTCCAeagAwIBAgIBajANBgkqhkiG9w0BAQQFADB8MQswCQYDVQQGEwJVUzEMMAoGA1UEChMD"
-            + "Q0RXMQkwBwYDVQQLEwAxCTAHBgNVBAcTADEJMAcGA1UECBMAMRowGAYDVQQDExFUZW1wbGFyIFRl"
-            + "c3QgMTAyNDEiMCAGCSqGSIb3DQEJARYTdGVtcGxhcnRlc3RAY2R3LmNvbTAeFw0wNjA1MjIwNTAw"
-            + "MDBaFw0xMDA1MjIwNTAwMDBaMHwxCzAJBgNVBAYTAlVTMQwwCgYDVQQKEwNDRFcxCTAHBgNVBAsT"
-            + "ADEJMAcGA1UEBxMAMQkwBwYDVQQIEwAxGjAYBgNVBAMTEVRlbXBsYXIgVGVzdCAxMDI0MSIwIAYJ"
-            + "KoZIhvcNAQkBFhN0ZW1wbGFydGVzdEBjZHcuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB"
-            + "gQDH3aJpJBfM+A3d84j5YcU6zEQaQ76u5xO9NSBmHjZykKS2kCcUqPpvVOPDA5WgV22dtKPh+lYV"
-            + "iUp7wyCVwAKibq8HIbihHceFqMKzjwC639rMoDJ7bi/yzQWz1Zg+075a4FGPlUKn7Yfu89wKkjdW"
-            + "wDpRPXc/agqBnrx5pJTXzQIDAQABow8wDTALBgNVHQ8EBAMCALEwDQYJKoZIhvcNAQEEBQADgYEA"
-            + "RRsRsjse3i2/KClFVd6YLZ+7K1BE0WxFyY2bbytkwQJSxvv3vLSuweFUbhNxutb68wl/yW4GLy4b"
-            + "1QdyswNxrNDXTuu5ILKhRDDuWeocz83aG2KGtr3JlFyr3biWGEyn5WUOE6tbONoQDJ0oPYgI6CAc"
-            + "EHdUp0lioOCt6UOw7Cs=");
-    
-    private final byte[] gostRFC4491_94 = Base64.decode(
-        "MIICCzCCAboCECMO42BGlSTOxwvklBgufuswCAYGKoUDAgIEMGkxHTAbBgNVBAMM" +
-            "FEdvc3RSMzQxMC05NCBleGFtcGxlMRIwEAYDVQQKDAlDcnlwdG9Qcm8xCzAJBgNV" +
-            "BAYTAlJVMScwJQYJKoZIhvcNAQkBFhhHb3N0UjM0MTAtOTRAZXhhbXBsZS5jb20w" +
-            "HhcNMDUwODE2MTIzMjUwWhcNMTUwODE2MTIzMjUwWjBpMR0wGwYDVQQDDBRHb3N0" +
-            "UjM0MTAtOTQgZXhhbXBsZTESMBAGA1UECgwJQ3J5cHRvUHJvMQswCQYDVQQGEwJS" +
-            "VTEnMCUGCSqGSIb3DQEJARYYR29zdFIzNDEwLTk0QGV4YW1wbGUuY29tMIGlMBwG" +
-            "BiqFAwICFDASBgcqhQMCAiACBgcqhQMCAh4BA4GEAASBgLuEZuF5nls02CyAfxOo" +
-            "GWZxV/6MVCUhR28wCyd3RpjG+0dVvrey85NsObVCNyaE4g0QiiQOHwxCTSs7ESuo" +
-            "v2Y5MlyUi8Go/htjEvYJJYfMdRv05YmKCYJo01x3pg+2kBATjeM+fJyR1qwNCCw+" +
-            "eMG1wra3Gqgqi0WBkzIydvp7MAgGBiqFAwICBANBABHHCH4S3ALxAiMpR3aPRyqB" +
-            "g1DjB8zy5DEjiULIc+HeIveF81W9lOxGkZxnrFjXBSqnjLeFKgF1hffXOAP7zUM=");
-
-    private final byte[] gostRFC4491_2001 = Base64.decode(
-        "MIIB0DCCAX8CECv1xh7CEb0Xx9zUYma0LiEwCAYGKoUDAgIDMG0xHzAdBgNVBAMM" +
-            "Fkdvc3RSMzQxMC0yMDAxIGV4YW1wbGUxEjAQBgNVBAoMCUNyeXB0b1BybzELMAkG" +
-            "A1UEBhMCUlUxKTAnBgkqhkiG9w0BCQEWGkdvc3RSMzQxMC0yMDAxQGV4YW1wbGUu" +
-            "Y29tMB4XDTA1MDgxNjE0MTgyMFoXDTE1MDgxNjE0MTgyMFowbTEfMB0GA1UEAwwW" +
-            "R29zdFIzNDEwLTIwMDEgZXhhbXBsZTESMBAGA1UECgwJQ3J5cHRvUHJvMQswCQYD" +
-            "VQQGEwJSVTEpMCcGCSqGSIb3DQEJARYaR29zdFIzNDEwLTIwMDFAZXhhbXBsZS5j" +
-            "b20wYzAcBgYqhQMCAhMwEgYHKoUDAgIkAAYHKoUDAgIeAQNDAARAhJVodWACGkB1" +
-            "CM0TjDGJLP3lBQN6Q1z0bSsP508yfleP68wWuZWIA9CafIWuD+SN6qa7flbHy7Df" +
-            "D2a8yuoaYDAIBgYqhQMCAgMDQQA8L8kJRLcnqeyn1en7U23Sw6pkfEQu3u0xFkVP" +
-            "vFQ/3cHeF26NG+xxtZPz3TaTVXdoiYkXYiD02rEx1bUcM97i");
-
-    private final byte[] sha3Cert = Base64.decode(
-        "MIID8jCCAqagAwIBAgIICfBykpzUT+IwQQYJKoZIhvcNAQEKMDSgDzANBglg"
-            + "hkgBZQMEAggFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAggFAKIDAgEg"
-            + "MCwxCzAJBgNVBAYTAkRFMQ4wDAYDVQQKDAV4aXBraTENMAsGA1UEAwwEUkNB"
-            + "MTAeFw0xNjEwMTgxODQzMjhaFw0yNjEwMTgxODQzMjdaMCwxCzAJBgNVBAYT"
-            + "AkRFMQ4wDAYDVQQKDAV4aXBraTENMAsGA1UEAwwEUkNBMTCCASIwDQYJKoZI"
-            + "hvcNAQEBBQADggEPADCCAQoCggEBAK/pzm1RASDYDg3WBXyW3AnAESRF/+li"
-            + "qh0X8Y89m+JFJeOi1u89bOSPjsFfo5SbRSElyRXedh/d37KrONg39NEKIcC6"
-            + "iSuiNfXu0D6nlSzhrQzmvHIyfLnm8N2JtHDr/hZIprOcFO+lZTJIjjrOVe9y"
-            + "lFGgGDd/uQCEJk1Cmi5Ivi9odeiN3z8lVlGNeN9/Q5n47ijuYWr73z/FyyAK"
-            + "gAG3B5nhAYWs4ft0O3JWBc0QJZzShqsRjm3SNhAqMDnRoTq04PFgbDYizV8T"
-            + "ydz2kCne79TDwsY4MckYYaGoNcPoQXVS+9YjQjI72ktSlxiJxodL9WMFl+ED"
-            + "5ZLBRIRsDJECAwEAAaOBrzCBrDAPBgNVHRMBAf8EBTADAQH/MGoGCCsGAQUF"
-            + "BwEBBF4wXDAnBggrBgEFBQcwAoYbaHR0cDovL2V4YW1wbGUub3JnL1JDQTEu"
-            + "ZGVyMDEGCCsGAQUFBzABhiVodHRwOi8vbG9jYWxob3N0OjgwODAvb2NzcC9y"
-            + "ZXNwb25kZXIxMB0GA1UdDgQWBBRTXKdJI3P1kveLlRxPvzUfDnC8JjAOBgNV"
-            + "HQ8BAf8EBAMCAQYwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAggFAKEc"
-            + "MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAggFAKIDAgEgA4IBAQCpSVaqOMKz"
-            + "6NT0+mivEhig9cKsglFhnWStKUtdhrG4HqOf6Qjny9Xvq1nE7x8e2xAoaZLd"
-            + "GMsNAWFCbwzoJrDL7Ct6itQ5ymxi2haN+Urc5UWJd/8C0R74OdP1uPCiljZ9"
-            + "DdjbNk/hS36UPYi+FT5r6Jr/1X/EqgL1MOUsSTEXdYlZH662zjbV4D9QSBzx"
-            + "ul9bYyWrqSZFKvKef4UQwUy8yXtChwiwp50mfJQBdVcIqPBYCgmLYclamjQx"
-            + "hlkk5VbZb4D/Cv4HxrdxpJfy/ewUZR7uHlzDx0/m4qjzNzWgq+sh3ZbveDrV"
-            + "wd/FDMFOxSIno9qgHtdfgXRwZJ+l07fF");
-
-    private static byte[] sm_root = Base64.decode(
-        "MIICwzCCAmmgAwIBAgIIIBQGIgAAAAMwCgYIKoEcz1UBg3UwgdgxCzAJBgNVBAYT" +
-            "AkNOMRIwEAYDVQQIDAnmsZ/oi4/nnIExEjAQBgNVBAcMCeWNl+S6rOW4gjE8MDoG" +
-            "A1UECgwz5rGf6IuP55yB55S15a2Q5ZWG5Yqh5pyN5Yqh5Lit5b+D5pyJ6ZmQ6LSj" +
-            "5Lu75YWs5Y+4MUswSQYDVQQLDELmsZ/oi4/nnIHnlLXlrZDllYbliqHmnI3liqHk" +
-            "uK3lv4PmnInpmZDotKPku7vlhazlj7jlronlhajkuovkuJrpg6gxFjAUBgNVBAMM" +
-            "DUpTQ0FfUk9PVF9TTTIwHhcNMTQwNjIyMDQ1MzAyWhcNMzQwNjIyMDQ1MzAyWjCB" +
-            "1jELMAkGA1UEBhMCQ04xEjAQBgNVBAgMCeaxn+iLj+ecgTESMBAGA1UEBwwJ5Y2X" +
-            "5Lqs5biCMTwwOgYDVQQKDDPmsZ/oi4/nnIHnlLXlrZDllYbliqHmnI3liqHkuK3l" +
-            "v4PmnInpmZDotKPku7vlhazlj7gxSzBJBgNVBAsMQuaxn+iLj+ecgeeUteWtkOWV" +
-            "huWKoeacjeWKoeS4reW/g+aciemZkOi0o+S7u+WFrOWPuOWuieWFqOS6i+S4mumD" +
-            "qDEUMBIGA1UEAwwLSlNDQV9DQV9TTTIwWTATBgcqhkjOPQIBBggqgRzPVQGCLQNC" +
-            "AAS/gvW90+LvyXPgpR7L0pwlVoZQdan7V5YQMEpxt47tzer31/8WJIfldx9NL/1A" +
-            "swkk6ItveCVW5k0u+IIk6crLox0wGzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIB" +
-            "BjAKBggqgRzPVQGDdQNIADBFAiEAy9NkogihHCj9Jx0ZiHdkMyCHF0wHWX58KZco" +
-            "CW5mjbgCIC9cAyuVV91ygLWk14PDuIAPFWKm6rJPXbiZL6KzwHQA");
-
-    private static byte[] sm_sign = Base64.decode(
-        "MIID9zCCA5ygAwIBAgIIIBcEJwKSCCMwCgYIKoEcz1UBg3UwgccxCzAJBgNVBAYT" +
-            "AkNOMRIwEAYDVQQIDAnmsZ/oi4/nnIExEjAQBgNVBAcMCeWNl+S6rOW4gjE8MDoG" +
-            "A1UECgwz5rGf6IuP55yB55S15a2Q5ZWG5Yqh5pyN5Yqh5Lit5b+D5pyJ6ZmQ6LSj" +
-            "5Lu75YWs5Y+4MTwwOgYDVQQLDDPmsZ/oi4/nnIHnlLXlrZDllYbliqHmnI3liqHk" +
-            "uK3lv4PmnInpmZDotKPku7vlhazlj7gxFDASBgNVBAMMC0pTQ0FfQ0FfU00yMB4X" +
-            "DTE3MDQyNzAwMzkwNVoXDTE4MDQyNzAwMzkwNVowggEdMQ4wDAYDVQRYDAUwMDAw" +
-            "MTESMBAGA1UEGgwJ5biC6L6W5Yy6MRswGQYDVQQBDBIzMjAxMTIxOTgxMDUxMTAw" +
-            "MTQxDTALBgRVBIhYDAM0NTYxDTALBgRVBIhXDAMxMjMxEjAQBgNVBC0MCXVzZXJD" +
-            "ZXJ0MjELMAkGA1UEBhMCQ04xEjAQBgNVBAgMCeaxn+iLj+ecgTESMBAGA1UEBwwJ" +
-            "5Y2X5Lqs5biCMQwwCgYDVQQLDAMwMDgxHzAdBgkqhkiG9w0BCQEWEDMyNzMyMTU2" +
-            "OEBxcS5jb20xITAfBgNVBCoMGOa1i+ivlee9keWFs1NNMueul+azlTEyMzEhMB8G" +
-            "A1UEAwwY5rWL6K+V572R5YWzU00y566X5rOVMTIzMFkwEwYHKoZIzj0CAQYIKoEc" +
-            "z1UBgi0DQgAEdbrBzy2y8Gz4grOF23iaDipPhRPQRApAMIAP0cAuL1tATFjFuWJs" +
-            "pBc1cnCZmsOJnVpV4W7VF8hNOaqv3Tq4NqOCARcwggETMAkGA1UdEwQCMAAwCwYD" +
-            "VR0PBAQDAgbAMB0GA1UdDgQWBBRsWSOQDniy75t7UEvTXugwfq0HpzAfBgNVHSME" +
-            "GDAWgBT/02hyCI7lesT55ixTRU6RpLF6AzAxBgNVHSUEKjAoBggrBgEFBQcDAgYI" +
-            "KwYBBQUHAwgGCCsGAQUFBwMEBggrBgEFBQcDCDA9BgNVHR8ENjA0MDKgMKAuhixo" +
-            "dHRwOi8vY3JsLmpzY2EuY29tLmNuL2NybC9TTTJDUkxfRU5USVRZLmNybDBHBggr" +
-            "BgEFBQcBAQQ7MDkwNwYIKwYBBQUHMAKBK2h0dHA6Ly8xMC4xMDguNS4yOjg4ODAv" +
-            "ZG93bmxvYWQvSlNDQV9DQS5jZXIwCgYIKoEcz1UBg3UDSQAwRgIhALFoMoA1+uO4" +
-            "tXfmoyePz1pmv0CWPBgEP1EfDeS6FPitAiEAjHJYq7ryHKULqpRg6ph9r+xUDoWd" +
-            "0TPMOQ9jj4XJPO4=");
-
-    private static byte[] gost_2012_cert = Base64.decode(
-        "MIIEfDCCBCmgAwIBAgIECiew2zAKBggqhQMHAQEDAjCB8TELMAkGA1UEBhMCUlUxKjAoBgNVBAgMIdCh0LDQvdC60YLRii3Q" +
-            "n9C10YLQtdGA0LHRg9GA0LPRijEuMCwGA1UECgwl0JbRg9GA0L3QsNC7ICLQodC+0LLRgNC10LzQtdC90L3QuNC6IjEfMB0G" +
-            "A1UECwwW0KDRg9C60L7QstC+0LTRgdGC0LLQvjEoMCYGA1UEDAwf0JPQu9Cw0LLQvdGL0Lkg0YDQtdC00LDQutGC0L7RgDE7" +
-            "MDkGA1UEAwwy0JDQu9C10LrRgdCw0L3QtNGAINCh0LXRgNCz0LXQtdCy0LjRhyDQn9GD0YjQutC40L0wHhcNMTcwNzAyMTQw" +
-            "MDAwWhcNMzcwNzAyMTQwMDAwWjCB8TELMAkGA1UEBhMCUlUxKjAoBgNVBAgMIdCh0LDQvdC60YLRii3Qn9C10YLQtdGA0LHR" +
-            "g9GA0LPRijEuMCwGA1UECgwl0JbRg9GA0L3QsNC7ICLQodC+0LLRgNC10LzQtdC90L3QuNC6IjEfMB0GA1UECwwW0KDRg9C6" +
-            "0L7QstC+0LTRgdGC0LLQvjEoMCYGA1UEDAwf0JPQu9Cw0LLQvdGL0Lkg0YDQtdC00LDQutGC0L7RgDE7MDkGA1UEAwwy0JDQ" +
-            "u9C10LrRgdCw0L3QtNGAINCh0LXRgNCz0LXQtdCy0LjRhyDQn9GD0YjQutC40L0wZjAfBggqhQMHAQEBATATBgcqhQMCAiQA" +
-            "BggqhQMHAQECAgNDAARA6UpRcgr4pVAKuYkEQ0XKicUxjhd8jbCEz3OFYQ/wSQnuXR5RquASztlnnmnb5W/PKEAnElAUxW0j" +
-            "ROLOGZrDWaOCAZ4wggGaMA4GA1UdDwEB/wQEAwIB/jAxBgNVHSUEKjAoBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUFBwMD" +
-            "BggrBgEFBQcDBDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBQLWqbXBTDJanrRowAoQbAaXbKRDTCCASMGA1UdIwSCARow" +
-            "ggEWgBQLWqbXBTDJanrRowAoQbAaXbKRDaGB96SB9DCB8TELMAkGA1UEBhMCUlUxKjAoBgNVBAgMIdCh0LDQvdC60YLRii3Q" +
-            "n9C10YLQtdGA0LHRg9GA0LPRijEuMCwGA1UECgwl0JbRg9GA0L3QsNC7ICLQodC+0LLRgNC10LzQtdC90L3QuNC6IjEfMB0G" +
-            "A1UECwwW0KDRg9C60L7QstC+0LTRgdGC0LLQvjEoMCYGA1UEDAwf0JPQu9Cw0LLQvdGL0Lkg0YDQtdC00LDQutGC0L7RgDE7" +
-            "MDkGA1UEAwwy0JDQu9C10LrRgdCw0L3QtNGAINCh0LXRgNCz0LXQtdCy0LjRhyDQn9GD0YjQutC40L2CBAonsNswCgYIKoUD" +
-            "BwEBAwIDQQDL2un6Wxn0frStAheZsd34ANDFwAb0rCOInrXsi6HOAxgIuS+9iICiQNTRlQ6x9LSWOUf+aa7kDDU5P4Ovd5od");
-
-    private static byte[] gost_2012_privateKey = Base64.decode(
-        "MEgCAQAwHwYIKoUDBwEBBgEwEwYHKoUDAgIkAAYIKoUDBwEBAgIEIgQg0MVlKYHb5/AwO1ZjNW8nhjyX3IgHo7nPSKuvKf87" +
-            "tTU=");
-
-    private static DSAParameters def2048Params = new DSAParameters(
-        new BigInteger("95475cf5d93e596c3fcd1d902add02f427f5f3c7210313bb45fb4d5b" +
-                        "b2e5fe1cbd678cd4bbdd84c9836be1f31c0777725aeb6c2fc38b85f4" +
-                        "8076fa76bcd8146cc89a6fb2f706dd719898c2083dc8d896f84062e2" +
-                        "c9c94d137b054a8d8096adb8d51952398eeca852a0af12df83e475aa" +
-                        "65d4ec0c38a9560d5661186ff98b9fc9eb60eee8b030376b236bc73b" +
-                        "e3acdbd74fd61c1d2475fa3077b8f080467881ff7e1ca56fee066d79" +
-                        "506ade51edbb5443a563927dbc4ba520086746175c8885925ebc64c6" +
-                        "147906773496990cb714ec667304e261faee33b3cbdf008e0c3fa906" +
-                        "50d97d3909c9275bf4ac86ffcb3d03e6dfc8ada5934242dd6d3bcca2" +
-                        "a406cb0b", 16),
-        new BigInteger("f8183668ba5fc5bb06b5981e6d8b795d30b8978d43ca0ec572e37e09939a9773", 16),
-        new BigInteger("42debb9da5b3d88cc956e08787ec3f3a09bba5f48b889a74aaf53174" +
-                        "aa0fbe7e3c5b8fcd7a53bef563b0e98560328960a9517f4014d3325f" +
-                        "c7962bf1e049370d76d1314a76137e792f3f0db859d095e4a5b93202" +
-                        "4f079ecf2ef09c797452b0770e1350782ed57ddf794979dcef23cb96" +
-                        "f183061965c4ebc93c9c71c56b925955a75f94cccf1449ac43d586d0" +
-                        "beee43251b0b2287349d68de0d144403f13e802f4146d882e057af19" +
-                        "b6f6275c6676c8fa0e3ca2713a3257fd1b27d0639f695e347d8d1cf9" +
-                        "ac819a26ca9b04cb0eb9b7b035988d15bbac65212a55239cfc7e58fa" +
-                        "e38d7250ab9991ffbc97134025fe8ce04c4399ad96569be91a546f49" +
-                        "78693c7a", 16),
-        new DSAValidationParameters(Hex.decode("b0b4417601b59cbc9d8ac8f935cadaec4f5fbb2f23785609ae466748d9b5a536"), 497));
-
-    private PublicKey dudPublicKey = new PublicKey()
-    {
-        public String getAlgorithm()
-        {
-            return null;
-        }
-
-        public String getFormat()
-        {
-            return null;
-        }
-
-        public byte[] getEncoded()
-        {
-            return null;
-        }
-
-    };
-
-    public String getName()
-    {
-        return "CertTest";
-    }
-
-    public void checkCertificate(
-        int id,
-        byte[] bytes)
-    {
-        ByteArrayInputStream bIn;
-        String dump = "";
-
-        try
-        {
-            bIn = new ByteArrayInputStream(bytes);
-
-            CertificateFactory fact = CertificateFactory.getInstance("X.509", "BC");
-
-            Certificate cert = fact.generateCertificate(bIn);
-
-            PublicKey k = cert.getPublicKey();
-//            System.out.println("****** " + id + " ******");
-//            System.out.println(cert);
-        }
-        catch (Exception e)
-        {
-            fail(dump + Strings.lineSeparator() + getName() + ": " + id + " failed - exception " + e.toString(), e);
-        }
-
-    }
-
-    public void checkNameCertificate(
-        int id,
-        byte[] bytes)
-    {
-        ByteArrayInputStream bIn;
-        String dump = "";
-
-        try
-        {
-            bIn = new ByteArrayInputStream(bytes);
-
-            CertificateFactory fact = CertificateFactory.getInstance("X.509", "BC");
-
-            X509Certificate cert = (X509Certificate)fact.generateCertificate(bIn);
-
-            PublicKey k = cert.getPublicKey();
-            if (!cert.getIssuerDN().toString().equals("C=DE,O=DATEV eG,0.2.262.1.10.7.20=1+CN=CA DATEV D03 1:PN"))
-            {
-                fail(id + " failed - name test.");
-            }
-            // System.out.println(cert);
-        }
-        catch (Exception e)
-        {
-            fail(dump + Strings.lineSeparator() + getName() + ": " + id + " failed - exception " + e.toString(), e);
-        }
-
-    }
-
-    public void checkKeyUsage(
-        int id,
-        byte[] bytes)
-    {
-        ByteArrayInputStream bIn;
-        String dump = "";
-
-        try
-        {
-            bIn = new ByteArrayInputStream(bytes);
-
-            CertificateFactory fact = CertificateFactory.getInstance("X.509", "BC");
-
-            X509Certificate cert = (X509Certificate)fact.generateCertificate(bIn);
-
-            PublicKey k = cert.getPublicKey();
-
-            if (cert.getKeyUsage()[7])
-            {
-                fail("error generating cert - key usage wrong.");
-            }
-
-            // System.out.println(cert);
-        }
-        catch (Exception e)
-        {
-            fail(dump + Strings.lineSeparator() + getName() + ": " + id + " failed - exception " + e.toString(), e);
-        }
-
-    }
-
-
-    public void checkSelfSignedCertificate(
-        int id,
-        byte[] bytes)
-    {
-        ByteArrayInputStream bIn;
-        String dump = "";
-
-        try
-        {
-            bIn = new ByteArrayInputStream(bytes);
-
-            CertificateFactory fact = CertificateFactory.getInstance("X.509", "BC");
-
-            Certificate cert = fact.generateCertificate(bIn);
-
-            PublicKey k = cert.getPublicKey();
-
-            X509CertificateHolder certHldr = new X509CertificateHolder(bytes);
-
-            isTrue(certHldr.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider("BC").build(k)));
-            // System.out.println(cert);
-        }
-        catch (Exception e)
-        {
-            fail(dump + Strings.lineSeparator() + getName() + ": " + id + " failed - exception " + e.toString(), e);
-        }
-
-    }
-
-    public void checkSelfSignedCertificateAndKey(
-        int id,
-        byte[] certBytes,
-        String sigAlgorithm,
-        byte[] keyBytes)
-    {
-        ByteArrayInputStream bIn;
-        String dump = "";
-
-        try
-        {
-            bIn = new ByteArrayInputStream(certBytes);
-
-            CertificateFactory fact = CertificateFactory.getInstance("X.509", "BC");
-
-            Certificate cert = fact.generateCertificate(bIn);
-
-            PublicKey k = cert.getPublicKey();
-
-            X509CertificateHolder certHldr = new X509CertificateHolder(certBytes);
-
-            isTrue(certHldr.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider("BC").build(k)));
-            // System.out.println(cert);
-
-            KeyFactory keyFactory = KeyFactory.getInstance(k.getAlgorithm(), "BC");
-
-            PrivateKey privKey = keyFactory.generatePrivate(new PKCS8EncodedKeySpec(keyBytes));
-
-            Signature signer = Signature.getInstance(sigAlgorithm, "BC");
-
-            signer.initSign(privKey);
-
-            signer.update(certBytes);
-
-            byte[] sig = signer.sign();
-
-            signer.initVerify(cert);
-
-            signer.update(certBytes);
-
-            isTrue(signer.verify(sig));
-        }
-        catch (Exception e)
-        {
-            fail(dump + Strings.lineSeparator() + getName() + ": " + id + " failed - exception " + e.toString(), e);
-        }
-    }
-
-    /**
-     * Test a generated certificate with the sun provider
-     */
-    private void sunProviderCheck(byte[] encoding)
-        throws CertificateException
-    {
-        CertificateFactory certFact = CertificateFactory.getInstance("X.509");
-
-        certFact.generateCertificate(new ByteArrayInputStream(encoding));
-    }
-
-    /*
-     * we generate a self signed certificate for the sake of testing - RSA
-     */
-    public void checkCreation1()
-        throws Exception
-    {
-        //
-        // a sample key pair.
-        //
-        RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(
-            new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-            new BigInteger("11", 16));
-
-        RSAPrivateCrtKeySpec privKeySpec = new RSAPrivateCrtKeySpec(
-            new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-            new BigInteger("11", 16),
-            new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
-            new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
-            new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
-            new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
-            new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
-            new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));
-
-        //
-        // set up the keys
-        //
-        PrivateKey privKey;
-        PublicKey pubKey;
-
-        KeyFactory fact = KeyFactory.getInstance("RSA", "BC");
-
-        privKey = fact.generatePrivate(privKeySpec);
-        pubKey = fact.generatePublic(pubKeySpec);
-
-        //
-        // distinguished name table.
-        //
-        X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE);
-
-        builder.addRDN(BCStyle.C, "AU");
-        builder.addRDN(BCStyle.O, "The Legion of the Bouncy Castle");
-        builder.addRDN(BCStyle.L, "Melbourne");
-        builder.addRDN(BCStyle.ST, "Victoria");
-        builder.addRDN(BCStyle.E, "feedback-crypto@bouncycastle.org");
-
-        //
-        // extensions
-        //
-
-        //
-        // create the certificate - version 3 - without extensions
-        //
-        ContentSigner sigGen = new JcaContentSignerBuilder("SHA256WithRSAEncryption").setProvider(BC).build(privKey);
-        X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(builder.build(), BigInteger.valueOf(1), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), builder.build(), pubKey);
-
-        X509Certificate cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen.build(sigGen));
-
-        cert.checkValidity(new Date());
-
-        cert.verify(pubKey);
-
-        cert.verify(cert.getPublicKey());
-
-        Set dummySet = cert.getNonCriticalExtensionOIDs();
-        if (dummySet != null)
-        {
-            fail("non-critical oid set should be null");
-        }
-        dummySet = cert.getCriticalExtensionOIDs();
-        if (dummySet != null)
-        {
-            fail("critical oid set should be null");
-        }
-
-        //
-        // create the certificate - version 3 - with extensions
-        //
-        sigGen = new JcaContentSignerBuilder("MD5WithRSAEncryption").setProvider(BC).build(privKey);
-        certGen = new JcaX509v3CertificateBuilder(builder.build(), BigInteger.valueOf(1)
-            , new Date(System.currentTimeMillis() - 50000)
-            , new Date(System.currentTimeMillis() + 50000)
-            , builder.build()
-            , pubKey)
-            .addExtension(new ASN1ObjectIdentifier("2.5.29.15"), true,
-                new X509KeyUsage(X509KeyUsage.encipherOnly))
-            .addExtension(new ASN1ObjectIdentifier("2.5.29.37"), true,
-                new DERSequence(KeyPurposeId.anyExtendedKeyUsage))
-            .addExtension(new ASN1ObjectIdentifier("2.5.29.17"), true,
-                new GeneralNames(new GeneralName[]
-                    {
-                        new GeneralName(GeneralName.rfc822Name, "test@test.test"),
-                        new GeneralName(GeneralName.dNSName, "dom.test.test")
-                    }));
-
-        X509CertificateHolder certHolder = certGen.build(sigGen);
-
-        cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certHolder);
-
-        cert.checkValidity(new Date());
-
-        cert.verify(pubKey);
-        cert.verify(cert.getPublicKey());
-
-        ContentVerifierProvider contentVerifierProvider = new JcaContentVerifierProviderBuilder().setProvider(BC).build(pubKey);
-        if (!certHolder.isSignatureValid(contentVerifierProvider))
-        {
-            fail("signature test failed");
-        }
-
-        ByteArrayInputStream bIn = new ByteArrayInputStream(cert.getEncoded());
-        CertificateFactory certFact = CertificateFactory.getInstance("X.509", "BC");
-
-        cert = (X509Certificate)certFact.generateCertificate(bIn);
-
-        if (!cert.getKeyUsage()[7])
-        {
-            fail("error generating cert - key usage wrong.");
-        }
-
-        List l = cert.getExtendedKeyUsage();
-        if (!l.get(0).equals(KeyPurposeId.anyExtendedKeyUsage.getId()))
-        {
-            fail("failed extended key usage test");
-        }
-
-        Collection c = cert.getSubjectAlternativeNames();
-        Iterator it = c.iterator();
-        while (it.hasNext())
-        {
-            List gn = (List)it.next();
-            if (!gn.get(1).equals("test@test.test") && !gn.get(1).equals("dom.test.test"))
-            {
-                fail("failed subject alternative names test");
-            }
-        }
-
-        sunProviderCheck(certHolder.getEncoded());
-        sunProviderCheck(cert.getEncoded());
-
-        // System.out.println(cert);
-
-        //
-        // create the certificate - version 1
-        //
-        sigGen = new JcaContentSignerBuilder("MD5WithRSAEncryption").setProvider(BC).build(privKey);
-        X509v1CertificateBuilder certGen1 = new JcaX509v1CertificateBuilder(builder.build(), BigInteger.valueOf(1), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), builder.build(), pubKey);
-
-        cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen1.build(sigGen));
-
-        cert.checkValidity(new Date());
-
-        cert.verify(pubKey);
-        cert.verify(cert.getPublicKey());
-
-        bIn = new ByteArrayInputStream(cert.getEncoded());
-        certFact = CertificateFactory.getInstance("X.509", "BC");
-
-        cert = (X509Certificate)certFact.generateCertificate(bIn);
-
-        // System.out.println(cert);
-        if (!cert.getIssuerDN().equals(cert.getSubjectDN()))
-        {
-            fail("name comparison fails");
-        }
-
-        sunProviderCheck(certHolder.getEncoded());
-        sunProviderCheck(cert.getEncoded());
-//
-        // a lightweight key pair.
-        //
-        RSAKeyParameters lwPubKey = new RSAKeyParameters(
-            false,
-            new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-            new BigInteger("11", 16));
-
-        RSAPrivateCrtKeyParameters lwPrivKey = new RSAPrivateCrtKeyParameters(
-            new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-            new BigInteger("11", 16),
-            new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
-            new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
-            new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
-            new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
-            new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
-            new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));
-
-        //
-        // distinguished name table.
-        //
-        builder = new X500NameBuilder(BCStyle.INSTANCE);
-
-        builder.addRDN(BCStyle.C, "AU");
-        builder.addRDN(BCStyle.O, "The Legion of the Bouncy Castle");
-        builder.addRDN(BCStyle.L, "Melbourne");
-        builder.addRDN(BCStyle.ST, "Victoria");
-        builder.addRDN(BCStyle.E, "feedback-crypto@bouncycastle.org");
-
-        //
-        // extensions
-        //
-
-        //
-        // create the certificate - version 3 - without extensions
-        //
-        AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA256WithRSAEncryption");
-        AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
-
-        sigGen = new BcRSAContentSignerBuilder(sigAlgId, digAlgId).build(lwPrivKey);
-        SubjectPublicKeyInfo pubInfo = new SubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new RSAPublicKey(lwPubKey.getModulus(), lwPubKey.getExponent()));
-        certGen = new X509v3CertificateBuilder(builder.build(), BigInteger.valueOf(1), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), builder.build(), pubInfo);
-
-        certHolder = certGen.build(sigGen);
-
-        cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certHolder);
-
-        cert.checkValidity(new Date());
-
-        cert.verify(pubKey);
-
-        contentVerifierProvider = new BcRSAContentVerifierProviderBuilder(new DefaultDigestAlgorithmIdentifierFinder()).build(lwPubKey);
-
-        if (!certHolder.isSignatureValid(contentVerifierProvider))
-        {
-            fail("lw sig verification failed");
-        }
-    }
-
-    /*
-     * we generate a self signed certificate for the sake of testing - DSA
-     */
-    public void checkCreation2()
-        throws Exception
-    {
-        //
-        // set up the keys
-        //
-        PrivateKey privKey;
-        PublicKey pubKey;
-
-        try
-        {
-            KeyPairGenerator g = KeyPairGenerator.getInstance("DSA", "SUN");
-
-            g.initialize(512, new SecureRandom());
-
-            KeyPair p = g.generateKeyPair();
-
-            privKey = p.getPrivate();
-            pubKey = p.getPublic();
-        }
-        catch (Exception e)
-        {
-            fail("error setting up keys - " + e.toString());
-            return;
-        }
-
-        //
-        // distinguished name table.
-        //
-        X500NameBuilder builder = createStdBuilder();
-
-        //
-        // extensions
-        //
-
-        //
-        // create the certificate - version 3
-        //
-
-        ContentSigner sigGen = new JcaContentSignerBuilder("SHA1withDSA").setProvider(BC).build(privKey);
-        JcaX509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(builder.build(), BigInteger.valueOf(1), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), builder.build(), pubKey);
-
-
-        X509Certificate cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen.build(sigGen));
-
-        cert.checkValidity(new Date());
-
-        cert.verify(pubKey);
-
-        ByteArrayInputStream bIn = new ByteArrayInputStream(cert.getEncoded());
-        CertificateFactory fact = CertificateFactory.getInstance("X.509", BC);
-
-        cert = (X509Certificate)fact.generateCertificate(bIn);
-
-        // System.out.println(cert);
-
-
-        //
-        // create the certificate - version 1
-        //
-        sigGen = new JcaContentSignerBuilder("SHA1withDSA").setProvider(BC).build(privKey);
-        JcaX509v1CertificateBuilder certGen1 = new JcaX509v1CertificateBuilder(builder.build(), BigInteger.valueOf(1), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), builder.build(), pubKey);
-
-        cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen1.build(sigGen));
-
-        cert.checkValidity(new Date());
-
-        cert.verify(pubKey);
-
-        bIn = new ByteArrayInputStream(cert.getEncoded());
-        fact = CertificateFactory.getInstance("X.509", BC);
-
-        cert = (X509Certificate)fact.generateCertificate(bIn);
-
-        //System.out.println(cert);
-
-        //
-        // exception test
-        //
-        try
-        {
-            certGen1 = new JcaX509v1CertificateBuilder(builder.build(), BigInteger.valueOf(1), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), builder.build(), dudPublicKey);
-
-
-            fail("key without encoding not detected in v1");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    /*
-     * we generate a self signed certificate for the sake of testing - SM3withSM2
-     */
-    public void checkSm3WithSm2Creation()
-        throws Exception
-    {
-        //
-        // set up the keys
-        //
-        PrivateKey privKey;
-        PublicKey pubKey;
-
-        try
-        {
-            KeyPairGenerator g = KeyPairGenerator.getInstance("EC", "BC");
-
-            g.initialize(new ECNamedCurveGenParameterSpec("sm2p256v1"));
-
-            KeyPair p = g.generateKeyPair();
-
-            privKey = p.getPrivate();
-            pubKey = p.getPublic();
-        }
-        catch (Exception e)
-        {
-            fail("error setting up keys - " + e.toString());
-            return;
-        }
-
-        //
-        // distinguished name table.
-        //
-        X500NameBuilder builder = createStdBuilder();
-
-        //
-        // extensions
-        //
-
-        //
-        // create the certificate - version 1
-        //
-
-        ContentSigner sigGen = new JcaContentSignerBuilder("SM3withSM2").setProvider(BC).build(privKey);
-        JcaX509v1CertificateBuilder certGen = new JcaX509v1CertificateBuilder(
-            builder.build(),
-            BigInteger.valueOf(1),
-            new Date(System.currentTimeMillis() - 50000),
-            new Date(System.currentTimeMillis() + 50000),
-            builder.build(),
-            pubKey);
-
-
-        X509Certificate cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen.build(sigGen));
-
-        cert.checkValidity(new Date());
-
-        cert.verify(pubKey);
-
-        ByteArrayInputStream bIn = new ByteArrayInputStream(cert.getEncoded());
-        CertificateFactory fact = CertificateFactory.getInstance("X.509", BC);
-
-        cert = (X509Certificate)fact.generateCertificate(bIn);
-
-        cert.getEncoded();
-    }
-
-    private void checkComparison(byte[] encCert)
-        throws NoSuchProviderException, CertificateException
-    {
-        CertificateFactory bcFact = CertificateFactory.getInstance("X.509", "BC");
-        CertificateFactory sunFact = CertificateFactory.getInstance("X.509", "SUN");
-
-        X509Certificate bcCert = (X509Certificate)bcFact.generateCertificate(new ByteArrayInputStream(encCert));
-        X509Certificate sunCert = (X509Certificate)sunFact.generateCertificate(new ByteArrayInputStream(encCert));
-
-        if (!bcCert.equals(sunCert) || !sunCert.equals(bcCert))
-        {
-            fail("BC/Sun equals test failed");
-        }
-
-        if (bcCert.hashCode() != sunCert.hashCode())
-        {
-            fail("BC/Sun hashCode test failed");
-        }
-    }
-
-    private X500NameBuilder createStdBuilder()
-    {
-        X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE);
-
-        builder.addRDN(BCStyle.C, "AU");
-        builder.addRDN(BCStyle.O, "The Legion of the Bouncy Castle");
-        builder.addRDN(BCStyle.L, "Melbourne");
-        builder.addRDN(BCStyle.ST, "Victoria");
-        builder.addRDN(BCStyle.E, "feedback-crypto@bouncycastle.org");
-
-        return builder;
-    }
-
-    /*
-     * we generate a self signed certificate for the sake of testing - ECDSA
-     */
-    public void checkCreation3()
-    {
-        X9ECParameters x9 = ECNamedCurveTable.getByName("prime239v1");
-        ECCurve curve = x9.getCurve();
-        ECParameterSpec spec = new ECParameterSpec(curve, x9.getG(), x9.getN(), x9.getH());
-
-        ECPrivateKeySpec privKeySpec = new ECPrivateKeySpec(
-            new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d
-            spec);
-
-        ECPublicKeySpec pubKeySpec = new ECPublicKeySpec(
-            curve.decodePoint(Hex.decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q
-            spec);
-
-        //
-        // set up the keys
-        //
-        PrivateKey privKey;
-        PublicKey pubKey;
-
-        try
-        {
-            KeyFactory fact = KeyFactory.getInstance("ECDSA", BC);
-
-            privKey = fact.generatePrivate(privKeySpec);
-            pubKey = fact.generatePublic(pubKeySpec);
-        }
-        catch (Exception e)
-        {
-            fail("error setting up keys - " + e.toString());
-            return;
-        }
-
-        //
-        // distinguished name table.
-        //
-        X500NameBuilder builder = createStdBuilder();
-
-
-        //
-        // toString test
-        //
-        X500Name p = builder.build();
-        String s = p.toString();
-
-        if (!s.equals("C=AU,O=The Legion of the Bouncy Castle,L=Melbourne,ST=Victoria,E=feedback-crypto@bouncycastle.org"))
-        {
-            fail("ordered X509Principal test failed - s = " + s + ".");
-        }
-
-//        p = new X509Principal(attrs);
-//        s = p.toString();
-//
-//        //
-//        // we need two of these as the hash code for strings changed...
-//        //
-//        if (!s.equals("O=The Legion of the Bouncy Castle,E=feedback-crypto@bouncycastle.org,ST=Victoria,L=Melbourne,C=AU") && !s.equals("ST=Victoria,L=Melbourne,C=AU,E=feedback-crypto@bouncycastle.org,O=The Legion of the Bouncy Castle"))
-//        {
-//            fail("unordered X509Principal test failed.");
-//        }
-
-        //
-        // create the certificate - version 3
-        //
-        try
-        {
-            ContentSigner sigGen = new JcaContentSignerBuilder("SHA1withECDSA").setProvider(BC).build(privKey);
-            JcaX509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(builder.build(), BigInteger.valueOf(1), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), builder.build(), pubKey);
-
-            X509Certificate cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen.build(sigGen));
-
-            cert.checkValidity(new Date());
-
-            cert.verify(pubKey);
-
-            ByteArrayInputStream bIn = new ByteArrayInputStream(cert.getEncoded());
-            CertificateFactory fact = CertificateFactory.getInstance("X.509", BC);
-
-            cert = (X509Certificate)fact.generateCertificate(bIn);
-
-            //
-            // try with point compression turned off
-            //
-            ((ECPointEncoder)pubKey).setPointFormat("UNCOMPRESSED");
-
-            certGen = new JcaX509v3CertificateBuilder(builder.build(), BigInteger.valueOf(1), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), builder.build(), pubKey);
-
-            cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen.build(sigGen));
-
-            cert.checkValidity(new Date());
-
-            cert.verify(pubKey);
-
-            bIn = new ByteArrayInputStream(cert.getEncoded());
-            fact = CertificateFactory.getInstance("X.509", BC);
-
-            cert = (X509Certificate)fact.generateCertificate(bIn);
-            // System.out.println(cert);
-        }
-        catch (Exception e)
-        {
-            fail("error setting generating cert - " + e.toString());
-        }
-
-        X509Principal pr = new X509Principal("O=\"The Bouncy Castle, The Legion of\",E=feedback-crypto@bouncycastle.org,ST=Victoria,L=Melbourne,C=AU");
-
-        if (!pr.toString().equals("O=The Bouncy Castle\\, The Legion of,E=feedback-crypto@bouncycastle.org,ST=Victoria,L=Melbourne,C=AU"))
-        {
-            fail("string based X509Principal test failed.");
-        }
-
-        pr = new X509Principal("O=The Bouncy Castle\\, The Legion of,E=feedback-crypto@bouncycastle.org,ST=Victoria,L=Melbourne,C=AU");
-
-        if (!pr.toString().equals("O=The Bouncy Castle\\, The Legion of,E=feedback-crypto@bouncycastle.org,ST=Victoria,L=Melbourne,C=AU"))
-        {
-            fail("string based X509Principal test failed.");
-        }
-
-    }
-
-    /*
-     * we generate a self signed certificate for the sake of testing - SHA224withECDSA
-     */
-    private void createECCert(String algorithm, ASN1ObjectIdentifier algOid)
-        throws Exception
-    {
-        X9ECParameters x9 = ECNamedCurveTable.getByName("secp521r1");
-        ECCurve curve = x9.getCurve();
-        ECParameterSpec spec = new ECParameterSpec(curve, x9.getG(), x9.getN(), x9.getH());
-
-        ECPrivateKeySpec privKeySpec = new ECPrivateKeySpec(
-            new BigInteger("5769183828869504557786041598510887460263120754767955773309066354712783118202294874205844512909370791582896372147797293913785865682804434049019366394746072023"), // d
-            spec);
-
-        ECPublicKeySpec pubKeySpec = new ECPublicKeySpec(
-            curve.decodePoint(Hex.decode("02006BFDD2C9278B63C92D6624F151C9D7A822CC75BD983B17D25D74C26740380022D3D8FAF304781E416175EADF4ED6E2B47142D2454A7AC7801DD803CF44A4D1F0AC")), // Q
-            spec);
-
-        //
-        // set up the keys
-        //
-        PrivateKey privKey;
-        PublicKey pubKey;
-
-        KeyFactory fact = KeyFactory.getInstance("ECDSA", BC);
-
-        privKey = fact.generatePrivate(privKeySpec);
-        pubKey = fact.generatePublic(pubKeySpec);
-
-
-        //
-        // distinguished name table.
-        //
-        X500NameBuilder builder = createStdBuilder();
-
-        //
-        // create the certificate - version 3
-        //
-        ContentSigner sigGen = new JcaContentSignerBuilder(algorithm).setProvider(BC).build(privKey);
-        X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(builder.build(), BigInteger.valueOf(1), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), builder.build(), pubKey);
-
-        X509Certificate cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen.build(sigGen));
-
-        cert.checkValidity(new Date());
-
-        cert.verify(pubKey);
-
-        ByteArrayInputStream bIn = new ByteArrayInputStream(cert.getEncoded());
-        CertificateFactory certFact = CertificateFactory.getInstance("X.509", BC);
-
-        cert = (X509Certificate)certFact.generateCertificate(bIn);
-
-        //
-        // try with point compression turned off
-        //
-        ((ECPointEncoder)pubKey).setPointFormat("UNCOMPRESSED");
-
-        certGen = new JcaX509v3CertificateBuilder(builder.build(), BigInteger.valueOf(1), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), builder.build(), pubKey);
-
-        cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen.build(sigGen));
-
-        cert.checkValidity(new Date());
-
-        cert.verify(pubKey);
-
-        bIn = new ByteArrayInputStream(cert.getEncoded());
-        certFact = CertificateFactory.getInstance("X.509", BC);
-
-        cert = (X509Certificate)certFact.generateCertificate(bIn);
-
-        if (!cert.getSigAlgOID().equals(algOid.toString()))
-        {
-            fail("ECDSA oid incorrect.");
-        }
-
-        if (cert.getSigAlgParams() != null)
-        {
-            fail("sig parameters present");
-        }
-
-        Signature sig = Signature.getInstance(algorithm, BC);
-
-        sig.initVerify(pubKey);
-
-        sig.update(cert.getTBSCertificate());
-
-        if (!sig.verify(cert.getSignature()))
-        {
-            fail("EC certificate signature not mapped correctly.");
-        }
-        // System.out.println(cert);
-    }
-
-    private void checkCRL(
-        int id,
-        byte[] bytes)
-    {
-        ByteArrayInputStream bIn;
-        String dump = "";
-
-        try
-        {
-            bIn = new ByteArrayInputStream(bytes);
-
-            CertificateFactory fact = CertificateFactory.getInstance("X.509", BC);
-
-            CRL cert = fact.generateCRL(bIn);
-
-            // System.out.println(cert);
-        }
-        catch (Exception e)
-        {
-            fail(dump + Strings.lineSeparator() + getName() + ": " + id + " failed - exception " + e.toString(), e);
-        }
-
-    }
-
-    public void checkCRLCreation1()
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", BC);
-        Date now = new Date();
-        KeyPair pair = kpGen.generateKeyPair();
-        X509v2CRLBuilder crlGen = new X509v2CRLBuilder(new X500Name("CN=Test CA"), now);
-
-        crlGen.setNextUpdate(new Date(now.getTime() + 100000));
-
-        crlGen.addCRLEntry(BigInteger.ONE, now, CRLReason.privilegeWithdrawn);
-
-        JcaX509ExtensionUtils extUtils = new JcaX509ExtensionUtils();
-
-        crlGen.addExtension(Extension.authorityKeyIdentifier, false, extUtils.createAuthorityKeyIdentifier(pair.getPublic()));
-
-        X509CRLHolder crl = crlGen.build(new JcaContentSignerBuilder("SHA256withRSAEncryption").setProvider(BC).build(pair.getPrivate()));
-
-        if (!crl.getIssuer().equals(new X500Name("CN=Test CA")))
-        {
-            fail("failed CRL issuer test");
-        }
-
-        Extension authExt = crl.getExtension(Extension.authorityKeyIdentifier);
-
-        if (authExt == null)
-        {
-            fail("failed to find CRL extension");
-        }
-
-        AuthorityKeyIdentifier authId = AuthorityKeyIdentifier.getInstance(authExt.getParsedValue());
-
-        X509CRLEntryHolder entry = crl.getRevokedCertificate(BigInteger.ONE);
-
-        if (entry == null)
-        {
-            fail("failed to find CRL entry");
-        }
-
-        if (!entry.getSerialNumber().equals(BigInteger.ONE))
-        {
-            fail("CRL cert serial number does not match");
-        }
-
-        if (!entry.hasExtensions())
-        {
-            fail("CRL entry extension not found");
-        }
-
-        Extension ext = entry.getExtension(Extension.reasonCode);
-
-        if (ext != null)
-        {
-            ASN1Enumerated reasonCode = ASN1Enumerated.getInstance(ext.getParsedValue());
-
-            if (reasonCode.getValue().intValue() != CRLReason.privilegeWithdrawn)
-            {
-                fail("CRL entry reasonCode wrong");
-            }
-        }
-        else
-        {
-            fail("CRL entry reasonCode not found");
-        }
-    }
-
-    public void checkCRLCreation2()
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", BC);
-
-        Date now = new Date();
-        KeyPair pair = kpGen.generateKeyPair();
-        X509v2CRLBuilder crlGen = new JcaX509v2CRLBuilder(new X500Principal("CN=Test CA"), now);
-
-        crlGen.setNextUpdate(new Date(now.getTime() + 100000));
-
-        Vector extOids = new Vector();
-        Vector extValues = new Vector();
-
-        CRLReason crlReason = CRLReason.lookup(CRLReason.privilegeWithdrawn);
-
-        try
-        {
-            extOids.addElement(Extension.reasonCode);
-            extValues.addElement(new Extension(Extension.reasonCode, false, new DEROctetString(crlReason.getEncoded())));
-        }
-        catch (IOException e)
-        {
-            throw new IllegalArgumentException("error encoding reason: " + e);
-        }
-
-        Extensions entryExtensions = generateExtensions(extOids, extValues);
-
-        crlGen.addCRLEntry(BigInteger.ONE, now, entryExtensions);
-
-        JcaX509ExtensionUtils extUtils = new JcaX509ExtensionUtils();
-
-        crlGen.addExtension(Extension.authorityKeyIdentifier, false, extUtils.createAuthorityKeyIdentifier(pair.getPublic()));
-
-        X509CRLHolder crlHolder = crlGen.build(new JcaContentSignerBuilder("SHA256withRSAEncryption").setProvider(BC).build(pair.getPrivate()));
-
-        X509CRL crl = new JcaX509CRLConverter().setProvider(BC).getCRL(crlHolder);
-
-        crl.verify(pair.getPublic(), "BC");
-
-        if (!crl.getIssuerX500Principal().equals(new X500Principal("CN=Test CA")))
-        {
-            fail("failed CRL issuer test");
-        }
-
-        byte[] authExt = crl.getExtensionValue(Extension.authorityKeyIdentifier.getId());
-
-        if (authExt == null)
-        {
-            fail("failed to find CRL extension");
-        }
-
-        AuthorityKeyIdentifier authId = AuthorityKeyIdentifier.getInstance(ASN1OctetString.getInstance(authExt).getOctets());
-
-        X509CRLEntry entry = crl.getRevokedCertificate(BigInteger.ONE);
-
-        if (entry == null)
-        {
-            fail("failed to find CRL entry");
-        }
-
-        if (!entry.getSerialNumber().equals(BigInteger.ONE))
-        {
-            fail("CRL cert serial number does not match");
-        }
-
-        if (!entry.hasExtensions())
-        {
-            fail("CRL entry extension not found");
-        }
-
-        byte[] ext = entry.getExtensionValue(Extension.reasonCode.getId());
-
-        if (ext != null)
-        {
-            ASN1Enumerated reasonCode = (ASN1Enumerated)fromExtensionValue(ext);
-
-            if (reasonCode.getValue().intValue() != CRLReason.privilegeWithdrawn)
-            {
-                fail("CRL entry reasonCode wrong");
-            }
-        }
-        else
-        {
-            fail("CRL entry reasonCode not found");
-        }
-    }
-
-    public void checkCRLCreation3()
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", BC);
-        Date now = new Date();
-        KeyPair pair = kpGen.generateKeyPair();
-        X509v2CRLBuilder crlGen = new JcaX509v2CRLBuilder(new X500Principal("CN=Test CA"), now);
-
-        crlGen.setNextUpdate(new Date(now.getTime() + 100000));
-
-        Vector extOids = new Vector();
-        Vector extValues = new Vector();
-
-        CRLReason crlReason = CRLReason.lookup(CRLReason.privilegeWithdrawn);
-
-        try
-        {
-            extOids.addElement(Extension.reasonCode);
-            extValues.addElement(new Extension(Extension.reasonCode, false, new DEROctetString(crlReason.getEncoded())));
-        }
-        catch (IOException e)
-        {
-            throw new IllegalArgumentException("error encoding reason: " + e);
-        }
-
-        Extensions entryExtensions = generateExtensions(extOids, extValues);
-
-        crlGen.addCRLEntry(BigInteger.ONE, now, entryExtensions);
-
-        JcaX509ExtensionUtils extUtils = new JcaX509ExtensionUtils();
-
-        crlGen.addExtension(Extension.authorityKeyIdentifier, false, extUtils.createAuthorityKeyIdentifier(pair.getPublic()));
-
-        X509CRLHolder crlHolder = crlGen.build(new JcaContentSignerBuilder("SHA256withRSAEncryption").setProvider(BC).build(pair.getPrivate()));
-
-        X509CRL crl = new JcaX509CRLConverter().setProvider(BC).getCRL(crlHolder);
-
-        if (!crl.getIssuerX500Principal().equals(new X500Principal("CN=Test CA")))
-        {
-            fail("failed CRL issuer test");
-        }
-
-        byte[] authExt = crl.getExtensionValue(Extension.authorityKeyIdentifier.getId());
-
-        if (authExt == null)
-        {
-            fail("failed to find CRL extension");
-        }
-
-        AuthorityKeyIdentifier authId = AuthorityKeyIdentifier.getInstance(ASN1OctetString.getInstance(authExt).getOctets());
-
-        X509CRLEntry entry = crl.getRevokedCertificate(BigInteger.ONE);
-
-        if (entry == null)
-        {
-            fail("failed to find CRL entry");
-        }
-
-        if (!entry.getSerialNumber().equals(BigInteger.ONE))
-        {
-            fail("CRL cert serial number does not match");
-        }
-
-        if (!entry.hasExtensions())
-        {
-            fail("CRL entry extension not found");
-        }
-
-        byte[] ext = entry.getExtensionValue(Extension.reasonCode.getId());
-
-        if (ext != null)
-        {
-            ASN1Enumerated reasonCode = (ASN1Enumerated)fromExtensionValue(ext);
-
-            if (reasonCode.getValue().intValue() != CRLReason.privilegeWithdrawn)
-            {
-                fail("CRL entry reasonCode wrong");
-            }
-        }
-        else
-        {
-            fail("CRL entry reasonCode not found");
-        }
-
-        //
-        // check loading of existing CRL
-        //
-        now = new Date();
-        crlGen = new X509v2CRLBuilder(new X500Name("CN=Test CA"), now);
-
-        crlGen.setNextUpdate(new Date(now.getTime() + 100000));
-
-        crlGen.addCRL(new JcaX509CRLHolder(crl));
-
-        crlGen.addCRLEntry(BigInteger.valueOf(2), now, entryExtensions);
-
-        crlGen.addExtension(Extension.authorityKeyIdentifier, false, extUtils.createAuthorityKeyIdentifier(pair.getPublic()));
-
-        crlHolder = crlGen.build(new JcaContentSignerBuilder("SHA256withRSAEncryption").setProvider(BC).build(pair.getPrivate()));
-
-        int count = 0;
-        boolean oneFound = false;
-        boolean twoFound = false;
-
-        Iterator it = crlHolder.getRevokedCertificates().iterator();
-        while (it.hasNext())
-        {
-            X509CRLEntryHolder crlEnt = (X509CRLEntryHolder)it.next();
-
-            if (crlEnt.getSerialNumber().intValue() == 1)
-            {
-                oneFound = true;
-                Extension extn = crlEnt.getExtension(Extension.reasonCode);
-
-                if (extn != null)
-                {
-                    ASN1Enumerated reasonCode = (ASN1Enumerated)ASN1Enumerated.getInstance(extn.getParsedValue());
-
-                    if (reasonCode.getValue().intValue() != CRLReason.privilegeWithdrawn)
-                    {
-                        fail("CRL entry reasonCode wrong");
-                    }
-                }
-                else
-                {
-                    fail("CRL entry reasonCode not found");
-                }
-            }
-            else if (crlEnt.getSerialNumber().intValue() == 2)
-            {
-                twoFound = true;
-            }
-
-            count++;
-        }
-
-        if (count != 2)
-        {
-            fail("wrong number of CRLs found");
-        }
-
-        if (!oneFound || !twoFound)
-        {
-            fail("wrong CRLs found in copied list");
-        }
-
-        //
-        // check factory read back
-        //
-        CertificateFactory cFact = CertificateFactory.getInstance("X.509", BC);
-
-        X509CRL readCrl = (X509CRL)cFact.generateCRL(new ByteArrayInputStream(crlHolder.getEncoded()));
-
-        readCrl.verify(pair.getPublic(), "BC");
-
-        if (readCrl == null)
-        {
-            fail("crl not returned!");
-        }
-
-        Collection col = cFact.generateCRLs(new ByteArrayInputStream(crlHolder.getEncoded()));
-
-        if (col.size() != 1)
-        {
-            fail("wrong number of CRLs found in collection");
-        }
-    }
-
-    public void checkCRLCreation4()
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", BC);
-
-        Date now = new Date();
-        KeyPair pair = kpGen.generateKeyPair();
-        X509v2CRLBuilder crlGen = new JcaX509v2CRLBuilder(new X500Principal("CN=Test CA"), now);
-
-        crlGen.setNextUpdate(new Date(now.getTime() + 100000));
-
-        Vector extOids = new Vector();
-        Vector extValues = new Vector();
-
-        CRLReason crlReason = CRLReason.lookup(CRLReason.privilegeWithdrawn);
-
-        try
-        {
-            extOids.addElement(Extension.reasonCode);
-            extValues.addElement(new Extension(Extension.reasonCode, false, new DEROctetString(crlReason.getEncoded())));
-        }
-        catch (IOException e)
-        {
-            throw new IllegalArgumentException("error encoding reason: " + e);
-        }
-
-        Extensions entryExtensions = generateExtensions(extOids, extValues);
-
-        crlGen.addCRLEntry(BigInteger.ONE, now, entryExtensions);
-
-        JcaX509ExtensionUtils extUtils = new JcaX509ExtensionUtils();
-
-        crlGen.addExtension(Extension.authorityKeyIdentifier, false, extUtils.createAuthorityKeyIdentifier(pair.getPublic()));
-
-        X509CRLHolder crlHolder = crlGen.build(new JcaContentSignerBuilder("SHA256withRSAandMGF1").setProvider(BC).build(pair.getPrivate()));
-
-        X509CRL crl = new JcaX509CRLConverter().setProvider(BC).getCRL(crlHolder);
-
-        crl.verify(pair.getPublic(), "BC");
-
-        if (!crl.getIssuerX500Principal().equals(new X500Principal("CN=Test CA")))
-        {
-            fail("failed CRL issuer test");
-        }
-
-        byte[] authExt = crl.getExtensionValue(Extension.authorityKeyIdentifier.getId());
-
-        if (authExt == null)
-        {
-            fail("failed to find CRL extension");
-        }
-
-        AuthorityKeyIdentifier authId = AuthorityKeyIdentifier.getInstance(ASN1OctetString.getInstance(authExt).getOctets());
-
-        X509CRLEntry entry = crl.getRevokedCertificate(BigInteger.ONE);
-
-        if (entry == null)
-        {
-            fail("failed to find CRL entry");
-        }
-
-        if (!entry.getSerialNumber().equals(BigInteger.ONE))
-        {
-            fail("CRL cert serial number does not match");
-        }
-
-        if (!entry.hasExtensions())
-        {
-            fail("CRL entry extension not found");
-        }
-
-        byte[] ext = entry.getExtensionValue(Extension.reasonCode.getId());
-
-        if (ext != null)
-        {
-            ASN1Enumerated reasonCode = (ASN1Enumerated)fromExtensionValue(ext);
-
-            if (reasonCode.getValue().intValue() != CRLReason.privilegeWithdrawn)
-            {
-                fail("CRL entry reasonCode wrong");
-            }
-        }
-        else
-        {
-            fail("CRL entry reasonCode not found");
-        }
-    }
-
-    public void checkCRLCreation5()
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", BC);
-
-        Date now = new Date();
-        KeyPair pair = kpGen.generateKeyPair();
-        X509v2CRLBuilder crlGen = new JcaX509v2CRLBuilder(new X500Principal("CN=Test CA"), now);
-
-        crlGen.setNextUpdate(new Date(now.getTime() + 100000));
-
-        Vector extOids = new Vector();
-        Vector extValues = new Vector();
-
-        CRLReason crlReason = CRLReason.lookup(CRLReason.privilegeWithdrawn);
-
-        try
-        {
-            extOids.addElement(Extension.reasonCode);
-            extValues.addElement(new Extension(Extension.reasonCode, false, new DEROctetString(crlReason.getEncoded())));
-        }
-        catch (IOException e)
-        {
-            throw new IllegalArgumentException("error encoding reason: " + e);
-        }
-
-        Extensions entryExtensions = generateExtensions(extOids, extValues);
-
-        crlGen.addCRLEntry(BigInteger.ONE, now, entryExtensions);
-
-        JcaX509ExtensionUtils extUtils = new JcaX509ExtensionUtils();
-
-        crlGen.addExtension(Extension.authorityKeyIdentifier, false, extUtils.createAuthorityKeyIdentifier(pair.getPublic()));
-
-        ContentSigner signer = new JcaContentSignerBuilder(
-            "RSAPSS",
-            new PSSParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-256"), 20, 1))
-                                        .setProvider(BC).build(pair.getPrivate());
-        X509CRLHolder crlHolder = crlGen.build(signer);
-
-        X509CRL crl = new JcaX509CRLConverter().setProvider(BC).getCRL(crlHolder);
-
-        crl.verify(pair.getPublic(), "BC");
-
-        if (!crl.getIssuerX500Principal().equals(new X500Principal("CN=Test CA")))
-        {
-            fail("failed CRL issuer test");
-        }
-
-        byte[] authExt = crl.getExtensionValue(Extension.authorityKeyIdentifier.getId());
-
-        if (authExt == null)
-        {
-            fail("failed to find CRL extension");
-        }
-
-        AuthorityKeyIdentifier authId = AuthorityKeyIdentifier.getInstance(ASN1OctetString.getInstance(authExt).getOctets());
-
-        X509CRLEntry entry = crl.getRevokedCertificate(BigInteger.ONE);
-
-        if (entry == null)
-        {
-            fail("failed to find CRL entry");
-        }
-
-        if (!entry.getSerialNumber().equals(BigInteger.ONE))
-        {
-            fail("CRL cert serial number does not match");
-        }
-
-        if (!entry.hasExtensions())
-        {
-            fail("CRL entry extension not found");
-        }
-
-        byte[] ext = entry.getExtensionValue(Extension.reasonCode.getId());
-
-        if (ext != null)
-        {
-            ASN1Enumerated reasonCode = (ASN1Enumerated)fromExtensionValue(ext);
-
-            if (reasonCode.getValue().intValue() != CRLReason.privilegeWithdrawn)
-            {
-                fail("CRL entry reasonCode wrong");
-            }
-        }
-        else
-        {
-            fail("CRL entry reasonCode not found");
-        }
-    }
-
-    /*
-     * we generate a self signed certificate for the sake of testing - GOST3410
-     */
-    public void checkCreation4()
-        throws Exception
-    {
-        //
-        // set up the keys
-        //
-        PrivateKey privKey;
-        PublicKey pubKey;
-
-        KeyPairGenerator g = KeyPairGenerator.getInstance("GOST3410", BC);
-        GOST3410ParameterSpec gost3410P = new GOST3410ParameterSpec("GostR3410-94-CryptoPro-A");
-
-        g.initialize(gost3410P, new SecureRandom());
-
-        KeyPair p = g.generateKeyPair();
-
-        privKey = p.getPrivate();
-        pubKey = p.getPublic();
-
-        //
-        // distinguished name table.
-        //
-        X500NameBuilder builder = createStdBuilder();
-
-        //
-        // extensions
-        //
-
-        //
-        // create the certificate - version 3
-        //
-        ContentSigner sigGen = new JcaContentSignerBuilder("GOST3411withGOST3410").setProvider(BC).build(privKey);
-        X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(builder.build(), BigInteger.valueOf(1), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), builder.build(), pubKey);
-
-        X509Certificate cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen.build(sigGen));
-
-        cert.checkValidity(new Date());
-
-        //
-        // check verifies in general
-        //
-        cert.verify(pubKey);
-
-        //
-        // check verifies with contained key
-        //
-        cert.verify(cert.getPublicKey());
-
-        ByteArrayInputStream bIn = new ByteArrayInputStream(cert.getEncoded());
-        CertificateFactory fact = CertificateFactory.getInstance("X.509", BC);
-
-        cert = (X509Certificate)fact.generateCertificate(bIn);
-
-        //System.out.println(cert);
-
-        //check getEncoded()
-        byte[] bytes = cert.getEncoded();
-    }
-
-    public void checkCreation5()
-        throws Exception
-    {
-        //
-        // a sample key pair.
-        //
-        RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(
-            new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-            new BigInteger("11", 16));
-
-        RSAPrivateCrtKeySpec privKeySpec = new RSAPrivateCrtKeySpec(
-            new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-            new BigInteger("11", 16),
-            new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
-            new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
-            new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
-            new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
-            new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
-            new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));
-
-        //
-        // set up the keys
-        //
-        SecureRandom rand = new SecureRandom();
-        PrivateKey privKey;
-        PublicKey pubKey;
-
-        KeyFactory fact = KeyFactory.getInstance("RSA", BC);
-
-        privKey = fact.generatePrivate(privKeySpec);
-        pubKey = fact.generatePublic(pubKeySpec);
-
-        //
-        // distinguished name table.
-        //
-        Vector ord = new Vector();
-        Vector values = new Vector();
-
-        X500NameBuilder builder = createStdBuilder();
-
-        //
-        // create base certificate - version 3
-        //
-        ContentSigner sigGen = new JcaContentSignerBuilder("MD5WithRSAEncryption").setProvider(BC).build(privKey);
-        X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(builder.build(), BigInteger.valueOf(1), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), builder.build(), pubKey)
-            .addExtension(new ASN1ObjectIdentifier("2.5.29.15"), true,
-                new X509KeyUsage(X509KeyUsage.encipherOnly))
-            .addExtension(new ASN1ObjectIdentifier("2.5.29.37"), true,
-                new DERSequence(KeyPurposeId.anyExtendedKeyUsage))
-            .addExtension(new ASN1ObjectIdentifier("2.5.29.17"), true,
-                new GeneralNames(new GeneralName(GeneralName.rfc822Name, "test@test.test")));
-
-        X509Certificate baseCert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen.build(sigGen));
-
-        //
-        // copy certificate
-        //
-
-        certGen = new JcaX509v3CertificateBuilder(builder.build(), BigInteger.valueOf(1), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), builder.build(), pubKey)
-            .copyAndAddExtension(new ASN1ObjectIdentifier("2.5.29.15"), true, baseCert)
-            .copyAndAddExtension(new ASN1ObjectIdentifier("2.5.29.37"), false, baseCert);
-
-        X509Certificate cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen.build(sigGen));
-
-        cert.checkValidity(new Date());
-
-        cert.verify(pubKey);
-
-        if (!areEqual(baseCert.getExtensionValue("2.5.29.15"), cert.getExtensionValue("2.5.29.15")))
-        {
-            fail("2.5.29.15 differs");
-        }
-
-        if (!areEqual(baseCert.getExtensionValue("2.5.29.37"), cert.getExtensionValue("2.5.29.37")))
-        {
-            fail("2.5.29.37 differs");
-        }
-
-        //
-        // exception test
-        //
-
-        try
-        {
-            certGen.copyAndAddExtension(new ASN1ObjectIdentifier("2.5.99.99"), true, new JcaX509CertificateHolder(baseCert));
-
-            fail("exception not thrown on dud extension copy");
-        }
-        catch (NullPointerException e)
-        {
-            // expected
-        }
-    }
-
-    public void checkCreation6()
-        throws Exception
-    {
-        if (Security.getProvider("BCPQC") == null)
-        {
-            Security.addProvider(new BouncyCastlePQCProvider());
-        }
-
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("SPHINCS256", "BCPQC");
-
-        kpGen.initialize(new SPHINCS256KeyGenParameterSpec(), new SecureRandom());
-
-        KeyPair kp = kpGen.generateKeyPair();
-
-        PrivateKey privKey = kp.getPrivate();
-        PublicKey pubKey = kp.getPublic();
-
-        //
-        // distinguished name table.
-        //
-        X500NameBuilder builder = createStdBuilder();
-
-        //
-        // create base certificate - version 3
-        //
-        ContentSigner sigGen = new JcaContentSignerBuilder("SHA512withSPHINCS256").setProvider("BCPQC").build(privKey);
-        X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(builder.build(), BigInteger.valueOf(1), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), builder.build(), pubKey)
-            .addExtension(new ASN1ObjectIdentifier("2.5.29.15"), true,
-                new X509KeyUsage(X509KeyUsage.encipherOnly))
-            .addExtension(new ASN1ObjectIdentifier("2.5.29.37"), true,
-                new DERSequence(KeyPurposeId.anyExtendedKeyUsage))
-            .addExtension(new ASN1ObjectIdentifier("2.5.29.17"), true,
-                new GeneralNames(new GeneralName(GeneralName.rfc822Name, "test@test.test")));
-
-        X509Certificate baseCert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen.build(sigGen));
-
-        isTrue("oid wrong", BCObjectIdentifiers.sphincs256_with_SHA512.getId().equals(baseCert.getSigAlgOID()));
-        isTrue("params wrong", null == baseCert.getSigAlgParams());
-
-        //
-        // copy certificate
-        //
-
-        certGen = new JcaX509v3CertificateBuilder(builder.build(), BigInteger.valueOf(1), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), builder.build(), pubKey)
-            .copyAndAddExtension(new ASN1ObjectIdentifier("2.5.29.15"), true, baseCert)
-            .copyAndAddExtension(new ASN1ObjectIdentifier("2.5.29.37"), false, baseCert);
-
-        X509Certificate cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen.build(sigGen));
-
-        cert.checkValidity(new Date());
-
-        cert.verify(cert.getPublicKey());
-
-        // check encoded works
-        cert.getEncoded();
-
-        if (!areEqual(baseCert.getExtensionValue("2.5.29.15"), cert.getExtensionValue("2.5.29.15")))
-        {
-            fail("2.5.29.15 differs");
-        }
-
-        if (!areEqual(baseCert.getExtensionValue("2.5.29.37"), cert.getExtensionValue("2.5.29.37")))
-        {
-            fail("2.5.29.37 differs");
-        }
-
-        //
-        // exception test
-        //
-
-        try
-        {
-            certGen.copyAndAddExtension(new ASN1ObjectIdentifier("2.5.99.99"), true, new JcaX509CertificateHolder(baseCert));
-
-            fail("exception not thrown on dud extension copy");
-        }
-        catch (NullPointerException e)
-        {
-            // expected
-        }
-
-        // certificate with NewHope key
-        kpGen = KeyPairGenerator.getInstance("NH", "BCPQC");
-
-        kpGen.initialize(1024, new SecureRandom());
-
-        KeyPair nhKp = kpGen.generateKeyPair();
-
-        certGen = new JcaX509v3CertificateBuilder(builder.build(), BigInteger.valueOf(1), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), builder.build(), nhKp.getPublic())
-            .copyAndAddExtension(new ASN1ObjectIdentifier("2.5.29.15"), true, baseCert)
-            .copyAndAddExtension(new ASN1ObjectIdentifier("2.5.29.37"), false, baseCert);
-
-        cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen.build(sigGen));
-
-        cert.checkValidity(new Date());
-
-        cert.verify(pubKey);
-
-        isTrue(nhKp.getPublic().equals(cert.getPublicKey()));
-
-        // check encoded works
-        cert.getEncoded();
-    }
-
-    /*
-     * we generate a self signed certificate for the sake of testing - ECGOST3410-2012
-     */
-    public void checkCreation7()
-        throws Exception
-    {
-        //
-        // set up the keys
-        //
-        KeyPairGenerator g = KeyPairGenerator.getInstance("ECGOST3410-2012", BC);
-
-        g.initialize(new ECNamedCurveGenParameterSpec("Tc26-Gost-3410-12-512-paramSetA"), new SecureRandom());
-
-        KeyPair p = g.generateKeyPair();
-
-        PrivateKey privKey = p.getPrivate();
-        PublicKey pubKey = p.getPublic();
-
-        //
-        // distinguished name table.
-        //
-        X500NameBuilder builder = createStdBuilder();
-
-        //
-        // create the certificate - version 3
-        //
-        ContentSigner sigGen = new JcaContentSignerBuilder("GOST3411-2012-512WITHECGOST3410-2012-512").setProvider(BC).build(privKey);
-        X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(builder.build(), BigInteger.valueOf(1), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), builder.build(), pubKey);
-
-        X509Certificate cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen.build(sigGen));
-
-        cert.checkValidity(new Date());
-
-        //
-        // check verifies in general
-        //
-        cert.verify(pubKey);
-
-        //
-        // check verifies with contained key
-        //
-        cert.verify(cert.getPublicKey());
-
-        ByteArrayInputStream bIn = new ByteArrayInputStream(cert.getEncoded());
-        CertificateFactory fact = CertificateFactory.getInstance("X.509", BC);
-
-        cert = (X509Certificate)fact.generateCertificate(bIn);
-
-        //System.out.println(cert);
-    }
-
-    /*
-     * we generate a self signed certificate for the sake of testing - XMSS
-     */
-    public void checkCreation8()
-        throws Exception
-    {
-        //
-        // set up the keys
-        //
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSS", "BCPQC");
-
-        kpg.initialize(new XMSSParameterSpec(10, XMSSParameterSpec.SHA256), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        PrivateKey privKey = kp.getPrivate();
-        PublicKey pubKey = kp.getPublic();
-
-        //
-        // distinguished name table.
-        //
-        X500NameBuilder builder = createStdBuilder();
-
-        //
-        // create the certificate - version 3
-        //
-        ContentSigner sigGen = new JcaContentSignerBuilder("SHA256withXMSS").setProvider("BCPQC").build(privKey);
-        X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(builder.build(), BigInteger.valueOf(1), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), builder.build(), pubKey);
-
-        X509Certificate cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen.build(sigGen));
-
-        cert.checkValidity(new Date());
-
-        //
-        // check verifies in general
-        //
-        cert.verify(pubKey);
-
-        //
-        // check verifies with contained key
-        //
-        cert.verify(cert.getPublicKey());
-
-        ByteArrayInputStream bIn = new ByteArrayInputStream(cert.getEncoded());
-        CertificateFactory fact = CertificateFactory.getInstance("X.509", BC);
-
-        cert = (X509Certificate)fact.generateCertificate(bIn);
-
-        //System.out.println(cert);
-    }
-
-    /*
-     * we generate a self signed certificate for the sake of testing - XMSS^MT
-     */
-    public void checkCreation9()
-        throws Exception
-    {
-        //
-        // set up the keys
-        //
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSSMT", "BCPQC");
-
-        kpg.initialize(new XMSSMTParameterSpec(10, 5, XMSSMTParameterSpec.SHAKE256), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        PrivateKey privKey = kp.getPrivate();
-        PublicKey pubKey = kp.getPublic();
-
-        //
-        // distinguished name table.
-        //
-        X500NameBuilder builder = createStdBuilder();
-
-        //
-        // create the certificate - version 3
-        //
-        ContentSigner sigGen = new JcaContentSignerBuilder("SHAKE256withXMSSMT").setProvider("BCPQC").build(privKey);
-        X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(builder.build(), BigInteger.valueOf(1), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), builder.build(), pubKey);
-
-        X509Certificate cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen.build(sigGen));
-
-        cert.checkValidity(new Date());
-
-        //
-        // check verifies in general
-        //
-        cert.verify(pubKey);
-
-        //
-        // check verifies with contained key
-        //
-        cert.verify(cert.getPublicKey());
-
-        ByteArrayInputStream bIn = new ByteArrayInputStream(cert.getEncoded());
-        CertificateFactory fact = CertificateFactory.getInstance("X.509", BC);
-
-        cert = (X509Certificate)fact.generateCertificate(bIn);
-
-        //System.out.println(cert);
-    }
-
-    /*
-     * we generate a self signed certificate for the sake of testing - qTESLA
-     */
-    public void checkCreationQTESLA()
-        throws Exception
-    {
-        //
-        // set up the keys
-        //
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("qTESLA", "BCPQC");
-
-        kpg.initialize(new QTESLAParameterSpec(QTESLAParameterSpec.HEURISTIC_I), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        PrivateKey privKey = kp.getPrivate();
-        PublicKey pubKey = kp.getPublic();
-
-        //
-        // distinguished name table.
-        //
-        X500NameBuilder builder = createStdBuilder();
-
-        //
-        // create the certificate - version 3
-        //
-        ContentSigner sigGen = new JcaContentSignerBuilder(pubKey.getAlgorithm()).setProvider("BCPQC").build(privKey);
-        X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(builder.build(), BigInteger.valueOf(1), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), builder.build(), pubKey);
-
-        X509Certificate cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen.build(sigGen));
-
-        cert.checkValidity(new Date());
-
-        //
-        // check verifies in general
-        //
-        cert.verify(pubKey);
-
-        //
-        // check verifies with contained key
-        //
-        cert.verify(cert.getPublicKey());
-
-        ByteArrayInputStream bIn = new ByteArrayInputStream(cert.getEncoded());
-        CertificateFactory fact = CertificateFactory.getInstance("X.509", BC);
-
-        cert = (X509Certificate)fact.generateCertificate(bIn);
-
-        //System.out.println(cert);
-    }
-
-    /*
-     * we generate a self signed certificate across the range of DSA algorithms
-     */
-    public void checkCreationDSA()
-        throws Exception
-    {
-        //
-        // set up the keys
-        //
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("DSA", "BC");
-
-        kpg.initialize(new DSAParameterSpec(def2048Params.getP(), def2048Params.getQ(), def2048Params.getG()), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        PrivateKey privKey = kp.getPrivate();
-        PublicKey pubKey = kp.getPublic();
-
-        String[] algs = new String[]
-            {
-                "SHA1WITHDSA",
-                "DSAWITHSHA1",
-                "SHA224WITHDSA",
-                "SHA256WITHDSA",
-                "SHA384WITHDSA",
-                "SHA512WITHDSA",
-                "SHA3-224WITHDSA",
-                "SHA3-256WITHDSA",
-                "SHA3-384WITHDSA",
-                "SHA3-512WITHDSA"
-            };
-
-        ASN1ObjectIdentifier[] oids = new ASN1ObjectIdentifier[]
-            {
-                X9ObjectIdentifiers.id_dsa_with_sha1,
-                X9ObjectIdentifiers.id_dsa_with_sha1,
-                NISTObjectIdentifiers.dsa_with_sha224,
-                NISTObjectIdentifiers.dsa_with_sha256,
-                NISTObjectIdentifiers.dsa_with_sha384,
-                NISTObjectIdentifiers.dsa_with_sha512,
-                NISTObjectIdentifiers.id_dsa_with_sha3_224,
-                NISTObjectIdentifiers.id_dsa_with_sha3_256,
-                NISTObjectIdentifiers.id_dsa_with_sha3_384,
-                NISTObjectIdentifiers.id_dsa_with_sha3_512
-            };
-
-        doGenSelfSignedCert(privKey, pubKey, algs, oids);
-    }
-
-    /*
-     * we generate a self signed certificate across the range of RSA algorithms
-     */
-    public void checkCreationRSA()
-        throws Exception
-    {
-        //
-        // set up the keys
-        //
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", "BC");
-
-        kpg.initialize(2048, new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        PrivateKey privKey = kp.getPrivate();
-        PublicKey pubKey = kp.getPublic();
-
-        String[] algs = new String[]
-            {
-                "SHA1WITHRSA",
-                "SHA1WITHRSAENCRYPTION",
-                "SHA224WITHRSA",
-                "SHA224WITHRSAENCRYPTION",
-                "SHA256WITHRSA",
-                "SHA256WITHRSAENCRYPTION",
-                "SHA384WITHRSA",
-                "SHA384WITHRSAENCRYPTION",
-                "SHA512WITHRSA",
-                "SHA512WITHRSAENCRYPTION",
-                "SHA3-224WITHRSA",
-                "SHA3-224WITHRSAENCRYPTION",
-                "SHA3-256WITHRSA",
-                "SHA3-256WITHRSAENCRYPTION",
-                "SHA3-384WITHRSA",
-                "SHA3-384WITHRSAENCRYPTION",
-                "SHA3-512WITHRSA",
-                "SHA3-512WITHRSAENCRYPTION",
-                "SHA1WITHRSAANDMGF1",
-                "SHA224WITHRSAANDMGF1",
-                "SHA256WITHRSAANDMGF1",
-                "SHA384WITHRSAANDMGF1",
-                "SHA512WITHRSAANDMGF1",
-                "SHA3-224WITHRSAANDMGF1",
-                "SHA3-256WITHRSAANDMGF1",
-                "SHA3-384WITHRSAANDMGF1",
-                "SHA3-512WITHRSAANDMGF1",
-            };
-
-        ASN1ObjectIdentifier[] oids = new ASN1ObjectIdentifier[]
-            {
-                PKCSObjectIdentifiers.sha1WithRSAEncryption,
-                PKCSObjectIdentifiers.sha1WithRSAEncryption,
-                PKCSObjectIdentifiers.sha224WithRSAEncryption,
-                PKCSObjectIdentifiers.sha224WithRSAEncryption,
-                PKCSObjectIdentifiers.sha256WithRSAEncryption,
-                PKCSObjectIdentifiers.sha256WithRSAEncryption,
-                PKCSObjectIdentifiers.sha384WithRSAEncryption,
-                PKCSObjectIdentifiers.sha384WithRSAEncryption,
-                PKCSObjectIdentifiers.sha512WithRSAEncryption,
-                PKCSObjectIdentifiers.sha512WithRSAEncryption,
-                NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224,
-                NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224,
-                NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256,
-                NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256,
-                NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384,
-                NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384,
-                NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512,
-                NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512,
-                PKCSObjectIdentifiers.id_RSASSA_PSS,
-                PKCSObjectIdentifiers.id_RSASSA_PSS,
-                PKCSObjectIdentifiers.id_RSASSA_PSS,
-                PKCSObjectIdentifiers.id_RSASSA_PSS,
-                PKCSObjectIdentifiers.id_RSASSA_PSS,
-                PKCSObjectIdentifiers.id_RSASSA_PSS,
-                PKCSObjectIdentifiers.id_RSASSA_PSS,
-                PKCSObjectIdentifiers.id_RSASSA_PSS,
-                PKCSObjectIdentifiers.id_RSASSA_PSS
-            };
-
-        doGenSelfSignedCert(privKey, pubKey, algs, oids);
-
-        X500NameBuilder builder = createStdBuilder();
-
-        //
-        // create the certificate - version 3
-        //
-        ContentSigner sigGen = new JcaContentSignerBuilder("RSAPSS",
-            new PSSParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-256"), 20, 1))
-            .setProvider("BC").build(privKey);
-        X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(builder.build(), BigInteger.valueOf(1), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), builder.build(), pubKey);
-        
-        X509Certificate cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen.build(sigGen));
-
-        cert.checkValidity(new Date());
-
-        //
-        // check verifies in general
-        //
-        cert.verify(pubKey);
-
-        //
-        // check verifies with contained key
-        //
-        cert.verify(cert.getPublicKey());
-
-        ByteArrayInputStream bIn = new ByteArrayInputStream(cert.getEncoded());
-        CertificateFactory fact = CertificateFactory.getInstance("X.509", BC);
-
-        cert = (X509Certificate)fact.generateCertificate(bIn);
-
-        //System.out.println(cert);
-    }
-
-    /*
-     * we generate a self signed certificate across the range of ECDSA algorithms
-     */
-    public void checkCreationECDSA()
-        throws Exception
-    {
-        //
-        // set up the keys
-        //
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("EC", "BC");
-
-        kpg.initialize(256, new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        PrivateKey privKey = kp.getPrivate();
-        PublicKey pubKey = kp.getPublic();
-
-        //
-        // distinguished name table.
-        //
-        X500NameBuilder builder = createStdBuilder();
-
-        String[] algs = new String[]
-            {
-                "SHA1WITHECDSA",
-                "ECDSAWITHSHA1",
-                "SHA224WITHECDSA",
-                "SHA256WITHECDSA",
-                "SHA384WITHECDSA",
-                "SHA512WITHECDSA",
-                "SHA3-224WITHECDSA",
-                "SHA3-256WITHECDSA",
-                "SHA3-384WITHECDSA",
-                "SHA3-512WITHECDSA"
-            };
-
-        ASN1ObjectIdentifier[] oids = new ASN1ObjectIdentifier[]
-            {
-                X9ObjectIdentifiers.ecdsa_with_SHA1,
-                X9ObjectIdentifiers.ecdsa_with_SHA1,
-                X9ObjectIdentifiers.ecdsa_with_SHA224,
-                X9ObjectIdentifiers.ecdsa_with_SHA256,
-                X9ObjectIdentifiers.ecdsa_with_SHA384,
-                X9ObjectIdentifiers.ecdsa_with_SHA512,
-                NISTObjectIdentifiers.id_ecdsa_with_sha3_224,
-                NISTObjectIdentifiers.id_ecdsa_with_sha3_256,
-                NISTObjectIdentifiers.id_ecdsa_with_sha3_384,
-                NISTObjectIdentifiers.id_ecdsa_with_sha3_512
-            };
-
-        doGenSelfSignedCert(privKey, pubKey, algs, oids);
-    }
-
-    private void doGenSelfSignedCert(PrivateKey privKey, PublicKey pubKey, String[] algs, ASN1ObjectIdentifier[] oids)
-        throws Exception
-    {
-        X500NameBuilder builder = createStdBuilder();
-
-        for (int i = 0; i != algs.length; i++)
-        {
-            //
-            // create the certificate - version 3
-            //
-            ContentSigner sigGen = new JcaContentSignerBuilder(algs[i]).setProvider("BC").build(privKey);
-            X509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(builder.build(), BigInteger.valueOf(1), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), builder.build(), pubKey);
-
-            isEquals("oid mismatch", sigGen.getAlgorithmIdentifier().getAlgorithm(), oids[i]);
-
-            X509Certificate cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen.build(sigGen));
-
-            cert.checkValidity(new Date());
-
-            //
-            // check verifies in general
-            //
-            cert.verify(pubKey);
-
-            //
-            // check verifies with contained key
-            //
-            cert.verify(cert.getPublicKey());
-
-            ByteArrayInputStream bIn = new ByteArrayInputStream(cert.getEncoded());
-            CertificateFactory fact = CertificateFactory.getInstance("X.509", BC);
-
-            cert = (X509Certificate)fact.generateCertificate(bIn);
-
-//            System.out.println(cert);
-        }
-    }
-
-    private void testForgedSignature()
-        throws Exception
-    {
-        String cert = "MIIBsDCCAVoCAQYwDQYJKoZIhvcNAQEFBQAwYzELMAkGA1UEBhMCQVUxEzARBgNV"
-            + "BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSMwIQYD"
-            + "VQQDExpTZXJ2ZXIgdGVzdCBjZXJ0ICg1MTIgYml0KTAeFw0wNjA5MTEyMzU4NTVa"
-            + "Fw0wNjEwMTEyMzU4NTVaMGMxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNs"
-            + "YW5kMRowGAYDVQQKExFDcnlwdFNvZnQgUHR5IEx0ZDEjMCEGA1UEAxMaU2VydmVy"
-            + "IHRlc3QgY2VydCAoNTEyIGJpdCkwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAn7PD"
-            + "hCeV/xIxUg8V70YRxK2A5jZbD92A12GN4PxyRQk0/lVmRUNMaJdq/qigpd9feP/u"
-            + "12S4PwTLb/8q/v657QIDAQABMA0GCSqGSIb3DQEBBQUAA0EAbynCRIlUQgaqyNgU"
-            + "DF6P14yRKUtX8akOP2TwStaSiVf/akYqfLFm3UGka5XbPj4rifrZ0/sOoZEEBvHQ"
-            + "e20sRA==";
-
-        CertificateFactory certFact = CertificateFactory.getInstance("X.509", BC);
-
-        X509Certificate x509 = (X509Certificate)certFact.generateCertificate(new ByteArrayInputStream(Base64.decode(cert)));
-        try
-        {
-            x509.verify(x509.getPublicKey());
-
-            fail("forged RSA signature passed");
-        }
-        catch (Exception e)
-        {
-            // expected
-        }
-    }
-
-
-    private void pemTest()
-        throws Exception
-    {
-        CertificateFactory cf = CertificateFactory.getInstance("X.509", BC);
-
-        Certificate cert = readPEMCert(cf, PEMData.CERTIFICATE_1);
-        if (cert == null)
-        {
-            fail("PEM cert not read");
-        }
-        cert = readPEMCert(cf, "-----BEGIN CERTIFICATE-----" + PEMData.CERTIFICATE_2);
-        if (cert == null)
-        {
-            fail("PEM cert with extraneous header not read");
-        }
-        CRL crl = cf.generateCRL(new ByteArrayInputStream(PEMData.CRL_1.getBytes("US-ASCII")));
-        if (crl == null)
-        {
-            fail("PEM crl not read");
-        }
-        Collection col = cf.generateCertificates(new ByteArrayInputStream(PEMData.CERTIFICATE_2.getBytes("US-ASCII")));
-        if (col.size() != 1 || !col.contains(cert))
-        {
-            fail("PEM cert collection not right");
-        }
-        col = cf.generateCRLs(new ByteArrayInputStream(PEMData.CRL_2.getBytes("US-ASCII")));
-        if (col.size() != 1 || !col.contains(crl))
-        {
-            fail("PEM crl collection not right");
-        }
-    }
-
-    private static Certificate readPEMCert(CertificateFactory cf, String pemData)
-        throws CertificateException, UnsupportedEncodingException
-    {
-        return cf.generateCertificate(new ByteArrayInputStream(pemData.getBytes("US-ASCII")));
-    }
-
-    private void pkcs7Test()
-        throws Exception
-    {
-        /*
-        ASN1EncodableVector certs = new ASN1EncodableVector();
-
-        certs.add(new ASN1InputStream(CertPathTest.rootCertBin).readObject());
-        certs.add(new DERTaggedObject(false, 2, new ASN1InputStream(AttrCertTest.attrCert).readObject()));
-
-        ASN1EncodableVector crls = new ASN1EncodableVector();
-
-        crls.add(new ASN1InputStream(CertPathTest.rootCrlBin).readObject());
-        SignedData sigData = new SignedData(new DERSet(), new ContentInfo(CMSObjectIdentifiers.data, null), new DERSet(certs), new DERSet(crls), new DERSet());
-
-        ContentInfo info = new ContentInfo(CMSObjectIdentifiers.signedData, sigData);
-
-        CertificateFactory cf = CertificateFactory.getInstance("X.509", BC);
-
-        X509Certificate cert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(info.getEncoded()));
-        if (cert == null || !areEqual(cert.getEncoded(), certs.get(0).getDERObject().getEncoded()))
-        {
-            fail("PKCS7 cert not read");
-        }
-        X509CRL crl = (X509CRL)cf.generateCRL(new ByteArrayInputStream(info.getEncoded()));
-        if (crl == null || !areEqual(crl.getEncoded(), crls.get(0).getDERObject().getEncoded()))
-        {
-            fail("PKCS7 crl not read");
-        }
-        Collection col = cf.generateCertificates(new ByteArrayInputStream(info.getEncoded()));
-        if (col.size() != 1 || !col.contains(cert))
-        {
-            fail("PKCS7 cert collection not right");
-        }
-        col = cf.generateCRLs(new ByteArrayInputStream(info.getEncoded()));
-        if (col.size() != 1 || !col.contains(crl))
-        {
-            fail("PKCS7 crl collection not right");
-        }
-
-        // data with no certificates or CRLs
-
-        sigData = new SignedData(new DERSet(), new ContentInfo(CMSObjectIdentifiers.data, null), new DERSet(), new DERSet(), new DERSet());
-
-        info = new ContentInfo(CMSObjectIdentifiers.signedData, sigData);
-
-        cert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(info.getEncoded()));
-        if (cert != null)
-        {
-            fail("PKCS7 cert present");
-        }
-        crl = (X509CRL)cf.generateCRL(new ByteArrayInputStream(info.getEncoded()));
-        if (crl != null)
-        {
-            fail("PKCS7 crl present");
-        }
-
-        // data with absent certificates and CRLS
-
-        sigData = new SignedData(new DERSet(), new ContentInfo(CMSObjectIdentifiers.data, null), null, null, new DERSet());
-
-        info = new ContentInfo(CMSObjectIdentifiers.signedData, sigData);
-
-        cert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(info.getEncoded()));
-        if (cert != null)
-        {
-            fail("PKCS7 cert present");
-        }
-        crl = (X509CRL)cf.generateCRL(new ByteArrayInputStream(info.getEncoded()));
-        if (crl != null)
-        {
-            fail("PKCS7 crl present");
-        }
-
-        //
-        // sample message
-        //
-        InputStream in = new ByteArrayInputStream(pkcs7CrlProblem);
-        Collection certCol = cf.generateCertificates(in);
-        Collection crlCol = cf.generateCRLs(in);
-
-        if (crlCol.size() != 0)
-        {
-            fail("wrong number of CRLs: " + crlCol.size());
-        }
-
-        if (certCol.size() != 4)
-        {
-            fail("wrong number of Certs: " + certCol.size());
-        }
-        */
-    }
-
-    private void createPSSCert(String algorithm)
-        throws Exception
-    {
-        KeyPair pair = generateLongFixedKeys();
-
-        PrivateKey privKey = pair.getPrivate();
-        PublicKey pubKey = pair.getPublic();
-
-        //
-        // distinguished name table.
-        //
-
-        X500NameBuilder builder = createStdBuilder();
-
-        //
-        // create base certificate - version 3
-        //
-        ContentSigner sigGen = new JcaContentSignerBuilder(algorithm).setProvider(BC).build(privKey);
-        JcaX509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(builder.build(), BigInteger.valueOf(1),
-            new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), builder.build(), pubKey);
-
-        certGen.addExtension(new ASN1ObjectIdentifier("2.5.29.15"), true,
-            new X509KeyUsage(X509KeyUsage.encipherOnly));
-        certGen.addExtension(new ASN1ObjectIdentifier("2.5.29.37"), true,
-            new DERSequence(KeyPurposeId.anyExtendedKeyUsage));
-        certGen.addExtension(new ASN1ObjectIdentifier("2.5.29.17"), true,
-            new GeneralNames(new GeneralName(GeneralName.rfc822Name, "test@test.test")));
-
-        X509Certificate baseCert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen.build(sigGen));
-
-        baseCert.verify(pubKey);
-    }
-
-    private KeyPair generateLongFixedKeys()
-        throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeySpecException
-    {
-        RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(
-            new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137", 16),
-            new BigInteger("010001", 16));
-
-        RSAPrivateCrtKeySpec privKeySpec = new RSAPrivateCrtKeySpec(
-            new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137", 16),
-            new BigInteger("010001", 16),
-            new BigInteger("33a5042a90b27d4f5451ca9bbbd0b44771a101af884340aef9885f2a4bbe92e894a724ac3c568c8f97853ad07c0266c8c6a3ca0929f1e8f11231884429fc4d9ae55fee896a10ce707c3ed7e734e44727a39574501a532683109c2abacaba283c31b4bd2f53c3ee37e352cee34f9e503bd80c0622ad79c6dcee883547c6a3b325", 16),
-            new BigInteger("e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443", 16),
-            new BigInteger("b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd", 16),
-            new BigInteger("28fa13938655be1f8a159cbaca5a72ea190c30089e19cd274a556f36c4f6e19f554b34c077790427bbdd8dd3ede2448328f385d81b30e8e43b2fffa027861979", 16),
-            new BigInteger("1a8b38f398fa712049898d7fb79ee0a77668791299cdfa09efc0e507acb21ed74301ef5bfd48be455eaeb6e1678255827580a8e4e8e14151d1510a82a3f2e729", 16),
-            new BigInteger("27156aba4126d24a81f3a528cbfb27f56886f840a9f6e86e17a44b94fe9319584b8e22fdde1e5a2e3bd8aa5ba8d8584194eb2190acf832b847f13a3d24a79f4d", 16));
-
-        KeyFactory fact = KeyFactory.getInstance("RSA", BC);
-
-        return new KeyPair(fact.generatePublic(pubKeySpec), fact.generatePrivate(privKeySpec));
-    }
-
-    private void rfc4491Test()
-        throws Exception
-    {
-        CertificateFactory certFact = CertificateFactory.getInstance("X.509", BC);
-
-        X509Certificate x509 = (X509Certificate)certFact.generateCertificate(new ByteArrayInputStream(gostRFC4491_94));
-
-        x509.verify(x509.getPublicKey(), BC);
-
-        x509 = (X509Certificate)certFact.generateCertificate(new ByteArrayInputStream(gostRFC4491_2001));
-
-        x509.verify(x509.getPublicKey(), BC);
-    }
-
-    private void testNullDerNullCert()
-        throws Exception
-    {
-        KeyPair pair = generateLongFixedKeys();
-        PublicKey pubKey = pair.getPublic();
-        PrivateKey privKey = pair.getPrivate();
-
-        ContentSigner sigGen = new JcaContentSignerBuilder("MD5WithRSAEncryption").setProvider(BC).build(privKey);
-        JcaX509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(new X500Name("CN=Test"), BigInteger.valueOf(1), new Date(System.currentTimeMillis() - 50000), new Date(System.currentTimeMillis() + 50000), new X500Name("CN=Test"), pubKey);
-        X509Certificate cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen.build(sigGen));
-
-        org.bouncycastle.asn1.x509.Certificate struct = org.bouncycastle.asn1.x509.Certificate.getInstance(ASN1Primitive.fromByteArray(cert.getEncoded()));
-
-        ASN1Encodable tbsCertificate = struct.getTBSCertificate();
-        AlgorithmIdentifier sig = struct.getSignatureAlgorithm();
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(tbsCertificate);
-        v.add(new AlgorithmIdentifier(sig.getAlgorithm()));
-        v.add(struct.getSignature());
-
-        // verify
-        ByteArrayInputStream bIn;
-        String dump = "";
-
-        try
-        {
-            bIn = new ByteArrayInputStream(new DERSequence(v).getEncoded());
-
-            CertificateFactory fact = CertificateFactory.getInstance("X.509", BC);
-
-            cert = (X509Certificate)fact.generateCertificate(bIn);
-
-            cert.verify(cert.getPublicKey());
-        }
-        catch (Exception e)
-        {
-            fail(dump + Strings.lineSeparator() + getName() + ": testNullDerNull failed - exception " + e.toString(), e);
-        }
-    }
-
-    private void testDirect()
-        throws Exception
-    {
-        KeyStore keyStore = KeyStore.getInstance("PKCS12", "BC");
-
-        ByteArrayInputStream input = new ByteArrayInputStream(testCAp12);
-
-        keyStore.load(input, "test".toCharArray());
-
-        X509Certificate certificate = (X509Certificate)keyStore.getCertificate("ca");
-        PrivateKey privateKey = (PrivateKey)keyStore.getKey("ca", null);
-
-        X500Name issuer = X500Name.getInstance(certificate.getIssuerX500Principal().getEncoded());
-
-        X509v2CRLBuilder builder = new X509v2CRLBuilder(issuer, new Date());
-
-        builder.addCRLEntry(certificate.getSerialNumber(), new Date(), CRLReason.cACompromise);
-
-        JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder("SHA256WithRSAEncryption");
-
-        contentSignerBuilder.setProvider("BC");
-
-        X509CRLHolder cRLHolder = builder.build(contentSignerBuilder.build(privateKey));
-
-        if (!cRLHolder.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider("BC").build(certificate)))
-        {
-            fail("CRL signature not valid");
-        }
-
-        X509CRLEntryHolder cRLEntryHolder = cRLHolder.getRevokedCertificate(certificate.getSerialNumber());
-
-        if (!cRLEntryHolder.getCertificateIssuer().equals(new GeneralNames(new GeneralName(cRLHolder.getIssuer()))))
-        {
-            fail("certificate issuer incorrect");
-        }
-
-        JcaX509CRLConverter converter = new JcaX509CRLConverter();
-
-        converter.setProvider("BC");
-
-        X509CRL crl = converter.getCRL(cRLHolder);
-
-        crl.verify(certificate.getPublicKey());
-
-        if (!crl.isRevoked(certificate))
-        {
-            fail("Certificate should be revoked");
-        }
-
-        // now encode the CRL and load the CRL with the JCE provider
-
-        CertificateFactory fac = CertificateFactory.getInstance("X.509");
-
-        X509CRL jceCRL = (X509CRL)fac.generateCRL(new ByteArrayInputStream(crl.getEncoded()));
-
-        jceCRL.verify(certificate.getPublicKey());
-
-        if (!jceCRL.isRevoked(certificate))
-        {
-            fail("This certificate should also be revoked");
-        }
-    }
-
-    private void testIndirect()
-        throws Exception
-    {
-        KeyStore keyStore = KeyStore.getInstance("PKCS12", "BC");
-
-        ByteArrayInputStream input = new ByteArrayInputStream(testCAp12);
-
-        keyStore.load(input, "test".toCharArray());
-
-        X509Certificate certificate = (X509Certificate)keyStore.getCertificate("ca");
-        PrivateKey privateKey = (PrivateKey)keyStore.getKey("ca", null);
-
-        X500Name crlIssuer = X500Name.getInstance(certificate.getSubjectX500Principal().getEncoded());
-        X500Name caName = X500Name.getInstance(certificate.getIssuerX500Principal().getEncoded());
-
-        X509v2CRLBuilder builder = new X509v2CRLBuilder(crlIssuer, new Date());
-
-        builder.addExtension(Extension.issuingDistributionPoint, true, new IssuingDistributionPoint(null, true, false));
-
-        ExtensionsGenerator extGen = new ExtensionsGenerator();
-
-        extGen.addExtension(Extension.reasonCode, false, CRLReason.lookup(CRLReason.cACompromise));
-        extGen.addExtension(Extension.certificateIssuer, true, new GeneralNames(new GeneralName(caName)));
-
-        builder.addCRLEntry(certificate.getSerialNumber(), new Date(), extGen.generate());
-
-        JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder("SHA256WithRSAEncryption");
-
-        contentSignerBuilder.setProvider("BC");
-
-        X509CRLHolder cRLHolder = builder.build(contentSignerBuilder.build(privateKey));
-
-        if (!cRLHolder.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider("BC").build(certificate)))
-        {
-            fail("CRL signature not valid");
-        }
-
-        X509CRLEntryHolder cRLEntryHolder = cRLHolder.getRevokedCertificate(certificate.getSerialNumber());
-
-        if (!cRLEntryHolder.getCertificateIssuer().equals(new GeneralNames(new GeneralName(X500Name.getInstance(certificate.getIssuerX500Principal().getEncoded())))))
-        {
-            fail("certificate issuer incorrect");
-        }
-
-        JcaX509CRLConverter converter = new JcaX509CRLConverter();
-
-        converter.setProvider("BC");
-
-        X509CRL crl = converter.getCRL(cRLHolder);
-
-        crl.verify(certificate.getPublicKey());
-
-        if (!crl.isRevoked(certificate))
-        {
-            fail("Certificate should be revoked");
-        }
-
-        // now encode the CRL and load the CRL with the JCE provider
-
-        CertificateFactory fac = CertificateFactory.getInstance("X.509");
-
-        X509CRL jceCRL = (X509CRL)fac.generateCRL(new ByteArrayInputStream(crl.getEncoded()));
-
-        jceCRL.verify(certificate.getPublicKey());
-
-        if (!jceCRL.isRevoked(certificate))
-        {
-            fail("This certificate should also be revoked");
-        }
-    }
-
-    private void testIndirect2()
-        throws Exception
-    {
-        KeyStore keyStore = KeyStore.getInstance("PKCS12", "BC");
-
-        ByteArrayInputStream input = new ByteArrayInputStream(testCAp12);
-
-        keyStore.load(input, "test".toCharArray());
-
-        X509Certificate certificate = (X509Certificate)keyStore.getCertificate("ca");
-        PrivateKey privateKey = (PrivateKey)keyStore.getKey("ca", null);
-
-        X500Name crlIssuer = X500Name.getInstance(certificate.getSubjectX500Principal().getEncoded());
-        X500Name caName = X500Name.getInstance(certificate.getIssuerX500Principal().getEncoded());
-
-        X509v2CRLBuilder builder = new X509v2CRLBuilder(crlIssuer, new Date());
-
-        builder.addExtension(Extension.issuingDistributionPoint, true, new IssuingDistributionPoint(null, true, false));
-
-        builder.addCRLEntry(BigInteger.valueOf(100), new Date(), CRLReason.cACompromise);
-        builder.addCRLEntry(BigInteger.valueOf(120), new Date(), CRLReason.cACompromise);
-
-        ExtensionsGenerator extGen = new ExtensionsGenerator();
-
-        extGen.addExtension(Extension.reasonCode, false, CRLReason.lookup(CRLReason.cACompromise));
-        extGen.addExtension(Extension.certificateIssuer, true, new GeneralNames(new GeneralName(caName)));
-
-        builder.addCRLEntry(certificate.getSerialNumber(), new Date(), extGen.generate());
-
-        builder.addCRLEntry(BigInteger.valueOf(130), new Date(), CRLReason.cACompromise);
-
-        JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder("SHA256WithRSAEncryption");
-
-        contentSignerBuilder.setProvider("BC");
-
-        X509CRLHolder cRLHolder = builder.build(contentSignerBuilder.build(privateKey));
-
-        if (!cRLHolder.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider("BC").build(certificate)))
-        {
-            fail("CRL signature not valid");
-        }
-
-        X509CRLEntryHolder cRLEntryHolder = cRLHolder.getRevokedCertificate(certificate.getSerialNumber());
-
-        if (!cRLEntryHolder.getCertificateIssuer().equals(new GeneralNames(new GeneralName(caName))))
-        {
-            fail("certificate issuer incorrect");
-        }
-
-        cRLEntryHolder = cRLHolder.getRevokedCertificate(BigInteger.valueOf(130));
-
-        if (!cRLEntryHolder.getCertificateIssuer().equals(new GeneralNames(new GeneralName(caName))))
-        {
-            fail("certificate issuer incorrect");
-        }
-
-        cRLEntryHolder = cRLHolder.getRevokedCertificate(BigInteger.valueOf(100));
-
-        if (!cRLEntryHolder.getCertificateIssuer().equals(new GeneralNames(new GeneralName(cRLHolder.getIssuer()))))
-        {
-            fail("certificate issuer incorrect");
-        }
-
-        JcaX509CRLConverter converter = new JcaX509CRLConverter();
-
-        converter.setProvider("BC");
-
-        X509CRL crl = converter.getCRL(cRLHolder);
-
-        crl.verify(certificate.getPublicKey());
-
-        X509CRLEntry crlEntry = crl.getRevokedCertificate(BigInteger.valueOf(100));
-
-        if (crlEntry.getCertificateIssuer() != null)
-        {
-            fail("JCA 1 certificate issuer incorrect");
-        }
-
-        crlEntry = crl.getRevokedCertificate(BigInteger.valueOf(130));
-        if (!(new X500Principal(caName.getEncoded())).equals(crlEntry.getCertificateIssuer()))
-        {
-            fail("JCA 2 certificate issuer incorrect");
-        }
-    }
-
-    // issuing distribution point must be set for an indirect CRL to be recognised
-    private void testMalformedIndirect()
-        throws Exception
-    {
-        KeyStore keyStore = KeyStore.getInstance("PKCS12", "BC");
-
-        ByteArrayInputStream input = new ByteArrayInputStream(testCAp12);
-
-        keyStore.load(input, "test".toCharArray());
-
-        X509Certificate certificate = (X509Certificate)keyStore.getCertificate("ca");
-        PrivateKey privateKey = (PrivateKey)keyStore.getKey("ca", null);
-
-        X500Name crlIssuer = X500Name.getInstance(certificate.getSubjectX500Principal().getEncoded());
-        X500Name caName = X500Name.getInstance(certificate.getIssuerX500Principal().getEncoded());
-
-        X509v2CRLBuilder builder = new X509v2CRLBuilder(crlIssuer, new Date());
-
-        ExtensionsGenerator extGen = new ExtensionsGenerator();
-
-        extGen.addExtension(Extension.reasonCode, false, CRLReason.lookup(CRLReason.cACompromise));
-        extGen.addExtension(Extension.certificateIssuer, true, new GeneralNames(new GeneralName(caName)));
-
-        builder.addCRLEntry(certificate.getSerialNumber(), new Date(), extGen.generate());
-
-        JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder("SHA256WithRSAEncryption");
-
-        contentSignerBuilder.setProvider("BC");
-
-        X509CRLHolder cRLHolder = builder.build(contentSignerBuilder.build(privateKey));
-
-        if (!cRLHolder.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider("BC").build(certificate)))
-        {
-            fail("CRL signature not valid");
-        }
-
-        X509CRLEntryHolder cRLEntryHolder = cRLHolder.getRevokedCertificate(certificate.getSerialNumber());
-
-        if (!cRLEntryHolder.getCertificateIssuer().equals(new GeneralNames(new GeneralName(cRLHolder.getIssuer()))))
-        {
-            fail("certificate issuer incorrect");
-        }
-
-        JcaX509CRLConverter converter = new JcaX509CRLConverter();
-
-        converter.setProvider("BC");
-
-        X509CRL crl = converter.getCRL(cRLHolder);
-
-        crl.verify(certificate.getPublicKey());
-
-        if (crl.isRevoked(certificate))
-        {
-            throw new Exception("Certificate should not be revoked");
-        }
-    }
-
-    private void zeroDataTest()
-        throws Exception
-    {
-        try
-        {
-            new X509CertificateHolder(new byte[0]);
-        }
-        catch (IOException e)
-        {
-            isTrue("no content found".equals(e.getMessage()));
-        }
-
-        try
-        {
-            new X509AttributeCertificateHolder(new byte[0]);
-        }
-        catch (IOException e)
-        {
-            isTrue("no content found".equals(e.getMessage()));
-        }
-
-        try
-        {
-            new X509CRLHolder(new byte[0]);
-        }
-        catch (IOException e)
-        {
-            isTrue("no content found".equals(e.getMessage()));
-        }
-    }
-
-    private void checkSerialisation()
-        throws Exception
-    {
-        X509CertificateHolder crtHolder = new X509CertificateHolder(cert1);
-
-        doSerialize(crtHolder);
-
-        X509CRLHolder crlHolder = new X509CRLHolder(crl1);
-
-        doSerialize(crlHolder);
-
-        X509AttributeCertificateHolder attrHolder = new X509AttributeCertificateHolder(AttrCertTest.attrCert);
-
-        doSerialize(attrHolder);
-    }
-
-    private void doSerialize(Serializable encodable)
-        throws Exception
-    {
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        ObjectOutputStream oOut = new ObjectOutputStream(bOut);
-
-        oOut.writeObject(encodable);
-
-        oOut.close();
-
-        ObjectInputStream oIn = new ObjectInputStream(new ByteArrayInputStream(bOut.toByteArray()));
-
-        Encodable obj = (Encodable)oIn.readObject();
-
-        isEquals(encodable, obj);
-        isEquals(encodable.hashCode(), obj.hashCode());
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        if (Security.getProvider("BCPQC") == null)
-        {
-            Security.addProvider(new BouncyCastlePQCProvider());
-        }
-        
-        testDirect();
-        testIndirect();
-        testIndirect2();
-        testMalformedIndirect();
-
-        checkCertificate(1, cert1);
-        checkCertificate(2, cert2);
-        checkCertificate(3, cert3);
-        checkCertificate(4, cert4);
-        checkCertificate(5, cert5);
-        checkCertificate(6, oldEcdsa);
-        checkCertificate(7, cert7);
-
-        checkComparison(cert1);
-        checkComparison(cert2);
-
-        checkKeyUsage(8, keyUsage);
-        checkSelfSignedCertificate(9, uncompressedPtEC);
-        checkNameCertificate(10, nameCert);
-
-        checkSelfSignedCertificate(11, probSelfSignedCert);
-        checkSelfSignedCertificate(12, gostCA1);
-        checkSelfSignedCertificate(13, gostCA2);
-        checkSelfSignedCertificate(14, gost341094base);
-        checkSelfSignedCertificate(15, gost34102001base);
-        checkSelfSignedCertificate(16, gost341094A);
-        checkSelfSignedCertificate(17, gost341094B);
-        checkSelfSignedCertificate(18, gost34102001A);
-        checkSelfSignedCertificate(19, sha3Cert);
-
-        checkSelfSignedCertificateAndKey(20, gost_2012_cert, "ECGOST3410-2012-256", gost_2012_privateKey);
-        checkCRL(1, crl1);
-
-        checkCreation1();
-        checkCreation2();
-        checkCreation3();
-        checkCreation4();
-        checkCreation5();
-
-        checkCreation6();
-        checkCreation7();
-        checkCreation8();
-        checkCreation9();
-
-        checkCreationQTESLA();
-        checkCreationDSA();
-        checkCreationECDSA();
-        checkCreationRSA();
-
-        checkSm3WithSm2Creation();
-
-        createECCert("SHA1withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA1);
-        createECCert("SHA224withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224);
-        createECCert("SHA256withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256);
-        createECCert("SHA384withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384);
-        createECCert("SHA512withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512);
-
-        createPSSCert("SHA1withRSAandMGF1");
-        createPSSCert("SHA224withRSAandMGF1");
-        createPSSCert("SHA256withRSAandMGF1");
-        createPSSCert("SHA384withRSAandMGF1");
-
-        checkCRLCreation1();
-        checkCRLCreation2();
-        checkCRLCreation3();
-        checkCRLCreation4();
-        checkCRLCreation5();
-
-        pemTest();
-        pkcs7Test();
-        rfc4491Test();
-
-        testForgedSignature();
-
-        testNullDerNullCert();
-
-        checkCertificate(18, emptyDNCert);
-
-        zeroDataTest();
-
-        checkSerialisation();
-    }
-
-    private Extensions generateExtensions(Vector oids, Vector values)
-        throws IOException
-    {
-        ExtensionsGenerator extGen = new ExtensionsGenerator();
-
-        for (int i = 0; i != oids.size(); i++)
-        {
-            Extension ext = (Extension)values.elementAt(i);
-
-            extGen.addExtension((ASN1ObjectIdentifier)oids.elementAt(i), ext.isCritical(), ext.getParsedValue());
-        }
-
-        return extGen.generate();
-    }
-
-    private static ASN1Primitive fromExtensionValue(
-        byte[] encodedValue)
-        throws IOException
-    {
-        ASN1OctetString octs = (ASN1OctetString)ASN1Primitive.fromByteArray(encodedValue);
-
-        return ASN1Primitive.fromByteArray(octs.getOctets());
-    }
-
-    public static void main(
-        String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-        
-        runTest(new CertTest());
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/test/ConverterTest.java b/bcpkix/src/main/java/org/bouncycastle/cert/test/ConverterTest.java
deleted file mode 100644
index 6413b52..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/test/ConverterTest.java
+++ /dev/null

@@ -1,66 +0,0 @@
-package org.bouncycastle.cert.test;
-
-import java.math.BigInteger;
-import java.security.cert.X509CertSelector;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.cert.selector.X509CertificateHolderSelector;
-import org.bouncycastle.cert.selector.jcajce.JcaSelectorConverter;
-import org.bouncycastle.cert.selector.jcajce.JcaX509CertSelectorConverter;
-import org.bouncycastle.util.Arrays;
-
-public class ConverterTest
-    extends TestCase
-{
-    public void testCertificateSelectorConversion()
-        throws Exception
-    {
-        JcaX509CertSelectorConverter converter = new JcaX509CertSelectorConverter();
-        JcaSelectorConverter toSelector = new JcaSelectorConverter();
-
-        X509CertificateHolderSelector sid1 = new X509CertificateHolderSelector(new X500Name("CN=Test"), BigInteger.valueOf(1), new byte[20]);
-
-        X509CertSelector conv = converter.getCertSelector(sid1);
-
-        assertTrue(conv.getIssuerAsString().equals("CN=Test"));
-        assertTrue(Arrays.areEqual(conv.getSubjectKeyIdentifier(), new DEROctetString(new byte[20]).getEncoded()));
-        assertEquals(conv.getSerialNumber(), sid1.getSerialNumber());
-
-        X509CertificateHolderSelector sid2 = toSelector.getCertificateHolderSelector(conv);
-
-        assertEquals(sid1, sid2);
-
-        sid1 = new X509CertificateHolderSelector(new X500Name("CN=Test"), BigInteger.valueOf(1));
-
-        conv = converter.getCertSelector(sid1);
-
-        assertTrue(conv.getIssuerAsString().equals("CN=Test"));
-        assertNull(conv.getSubjectKeyIdentifier());
-        assertEquals(conv.getSerialNumber(), sid1.getSerialNumber());
-
-        sid2 = toSelector.getCertificateHolderSelector(conv);
-
-        assertEquals(sid1, sid2);
-
-        sid1 = new X509CertificateHolderSelector(new byte[20]);
-
-        conv = converter.getCertSelector(sid1);
-
-        assertNull(conv.getIssuerAsString());
-        assertTrue(Arrays.areEqual(conv.getSubjectKeyIdentifier(), new DEROctetString(new byte[20]).getEncoded()));
-        assertNull(conv.getSerialNumber());
-
-        sid2 = toSelector.getCertificateHolderSelector(conv);
-
-        assertEquals(sid1, sid2);
-    }
-    
-    public static Test suite() 
-    {
-        return new TestSuite(ConverterTest.class);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/test/DANETest.java b/bcpkix/src/main/java/org/bouncycastle/cert/test/DANETest.java
deleted file mode 100644
index 28aa4dc..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/test/DANETest.java
+++ /dev/null

@@ -1,86 +0,0 @@
-package org.bouncycastle.cert.test;
-
-import java.io.IOException;
-import java.security.Security;
-
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.dane.DANEEntry;
-import org.bouncycastle.cert.dane.DANEEntryFactory;
-import org.bouncycastle.cert.dane.DANEException;
-import org.bouncycastle.cert.dane.TruncatingDigestCalculator;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class DANETest
-    extends SimpleTest
-{
-    byte[]  randomCert = Base64.decode(
-            "MIIDbDCCAtWgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx"
-                + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY"
-                + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB"
-                + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ"
-                + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU1MzNaFw0wMTA2"
-                + "MDIwNzU1MzNaMIG3MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW"
-                + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM"
-                + "dGQxHjAcBgNVBAsTFUNlcnRpZmljYXRlIEF1dGhvcml0eTEVMBMGA1UEAxMMQ29u"
-                + "bmVjdCA0IENBMSgwJgYJKoZIhvcNAQkBFhl3ZWJtYXN0ZXJAY29ubmVjdDQuY29t"
-                + "LmF1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgs5ptNG6Qv1ZpCDuUNGmv"
-                + "rhjqMDPd3ri8JzZNRiiFlBA4e6/ReaO1U8ASewDeQMH6i9R6degFdQRLngbuJP0s"
-                + "xcEE+SksEWNvygfzLwV9J/q+TQDyJYK52utb++lS0b48A1KPLwEsyL6kOAgelbur"
-                + "ukwxowprKUIV7Knf1ajetQIDAQABo4GFMIGCMCQGA1UdEQQdMBuBGXdlYm1hc3Rl"
-                + "ckBjb25uZWN0NC5jb20uYXUwDwYDVR0TBAgwBgEB/wIBADA2BglghkgBhvhCAQ0E"
-                + "KRYnbW9kX3NzbCBnZW5lcmF0ZWQgY3VzdG9tIENBIGNlcnRpZmljYXRlMBEGCWCG"
-                + "SAGG+EIBAQQEAwICBDANBgkqhkiG9w0BAQQFAAOBgQCsGvfdghH8pPhlwm1r3pQk"
-                + "msnLAVIBb01EhbXm2861iXZfWqGQjrGAaA0ZpXNk9oo110yxoqEoSJSzniZa7Xtz"
-                + "soTwNUpE0SLHvWf/SlKdFWlzXA+vOZbzEv4UmjeelekTm7lc01EEa5QRVzOxHFtQ"
-                + "DhkaJ8VqOMajkQFma2r9iA==");
-
-    public String getName()
-    {
-        return "DANETest";
-    }
-
-    private void shouldCreateDANEEntry()
-        throws IOException, DANEException
-    {
-        DANEEntryFactory daneEntryFactory = new DANEEntryFactory(new TruncatingDigestCalculator(new SHA256DigestCalculator()));
-
-        DANEEntry entry = daneEntryFactory.createEntry("test@test.com", new X509CertificateHolder(randomCert));
-
-        if (!DANEEntry.isValidCertificate(entry.getRDATA()))
-        {
-            fail("encoding error in RDATA");
-        }
-
-        if (!"9f86d081884c7d659a2feaa0c55ad015a3bf4f1b2b0b822cd15d6c15._smimecert.test.com".equals(entry.getDomainName()))
-        {
-            fail("domain name associated with entry wrong");
-        }
-
-        byte[] rdata = entry.getRDATA();
-        byte[] certData = new byte[rdata.length - 3];
-
-        System.arraycopy(rdata, 3, certData, 0, certData.length);
-
-        if (!Arrays.areEqual(certData, randomCert))
-        {
-            fail("certificate encoding does not match");
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-         shouldCreateDANEEntry();
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new DANETest());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/test/GOST3410_2012CMSTest.java b/bcpkix/src/main/java/org/bouncycastle/cert/test/GOST3410_2012CMSTest.java
deleted file mode 100644
index 6839bdf..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/test/GOST3410_2012CMSTest.java
+++ /dev/null

@@ -1,241 +0,0 @@
-package org.bouncycastle.cert.test;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.cert.CertificateException;
-import java.util.Collection;
-import java.util.Date;
-import java.util.Iterator;
-
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.BasicConstraints;
-import org.bouncycastle.asn1.x509.ExtendedKeyUsage;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.KeyPurposeId;
-import org.bouncycastle.asn1.x509.KeyUsage;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.X509v3CertificateBuilder;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.CMSProcessableByteArray;
-import org.bouncycastle.cms.CMSSignedData;
-import org.bouncycastle.cms.CMSSignedDataGenerator;
-import org.bouncycastle.cms.CMSTypedData;
-import org.bouncycastle.cms.SignerId;
-import org.bouncycastle.cms.SignerInfoGenerator;
-import org.bouncycastle.cms.SignerInformation;
-import org.bouncycastle.cms.SignerInformationStore;
-import org.bouncycastle.cms.SignerInformationVerifier;
-import org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
-import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.util.SubjectPublicKeyInfoFactory;
-import org.bouncycastle.jce.interfaces.ECPrivateKey;
-import org.bouncycastle.jce.interfaces.ECPublicKey;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECNamedCurveGenParameterSpec;
-import org.bouncycastle.jce.spec.ECParameterSpec;
-import org.bouncycastle.operator.ContentSigner;
-import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
-import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.bc.BcContentSignerBuilder;
-import org.bouncycastle.operator.bc.BcECContentSignerBuilder;
-import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
-import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
-import org.bouncycastle.util.Store;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-
-public class GOST3410_2012CMSTest
-    extends SimpleTest
-{
-
-    public String getName()
-    {
-        return "GOST3410 2012 CMS TEST";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        if (Security.getProvider("BC").containsKey("KeyFactory.ECGOST3410-2012"))
-        {
-            cmsTest("GOST-3410-2012", "Tc26-Gost-3410-12-512-paramSetA", "GOST3411-2012-512WITHECGOST3410-2012-512",
-                RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512.getId());
-            cmsTest("GOST-3410-2012", "Tc26-Gost-3410-12-512-paramSetB", "GOST3411-2012-512WITHECGOST3410-2012-512",
-                RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512.getId());
-            cmsTest("GOST-3410-2012", "Tc26-Gost-3410-12-512-paramSetC", "GOST3411-2012-512WITHECGOST3410-2012-512",
-                RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512.getId());
-            cmsTest("GOST-3410-2012", "Tc26-Gost-3410-12-256-paramSetA", "GOST3411-2012-256WITHECGOST3410-2012-256",
-                RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256.getId());
-        }
-    }
-
-    public void cmsTest(String keyAlgorithm, String paramName, String signAlgorithm, String digestId)
-    {
-        try
-        {
-            KeyPairGenerator keyPairGenerator =
-                KeyPairGenerator.getInstance(keyAlgorithm, "BC");
-            keyPairGenerator.initialize(new ECNamedCurveGenParameterSpec(paramName), new SecureRandom());
-            KeyPair keyPair = keyPairGenerator.generateKeyPair();
-
-            X509CertificateHolder signingCertificate = selfSignedCertificate(keyPair, signAlgorithm);
-
-            // CMS
-            byte[] dataContent = new byte[]{1, 2, 3, 4, 33, 22, 11, 33, 52, 21, 23};
-            CMSTypedData cmsTypedData = new CMSProcessableByteArray(dataContent);
-
-
-            final JcaSignerInfoGeneratorBuilder signerInfoGeneratorBuilder = new JcaSignerInfoGeneratorBuilder(
-                new JcaDigestCalculatorProviderBuilder().setProvider("BC").build());
-
-            final ContentSigner contentSigner = new
-                JcaContentSignerBuilder(signAlgorithm).setProvider("BC")
-                .build(keyPair.getPrivate());
-
-            final SignerInfoGenerator signerInfoGenerator = signerInfoGeneratorBuilder.build(contentSigner, signingCertificate);
-
-            CMSSignedDataGenerator cmsSignedDataGenerator = new CMSSignedDataGenerator();
-
-            cmsSignedDataGenerator.addCertificate(signingCertificate);
-            cmsSignedDataGenerator.addSignerInfoGenerator(signerInfoGenerator);
-
-            CMSSignedData cmsSignedData = cmsSignedDataGenerator.generate(cmsTypedData, false);
-            if (cmsSignedData == null)
-            {
-                fail("Cant create CMS");
-            }
-
-            boolean algIdContains = false;
-            for (Iterator it = cmsSignedData.getDigestAlgorithmIDs().iterator(); it.hasNext();)
-            {
-                AlgorithmIdentifier algorithmIdentifier = (AlgorithmIdentifier)it.next();
-                if (algorithmIdentifier.getAlgorithm().getId().equals(digestId))
-                {
-                    algIdContains = true;
-                    break;
-                }
-            }
-            if (!algIdContains)
-            {
-                fail("identifier not valid");
-            }
-            boolean result = verify(cmsSignedData, cmsTypedData);
-            if (!result)
-            {
-                fail("Verification fails ");
-            }
-
-        }
-        catch (Exception ex)
-        {
-            ex.printStackTrace();
-            fail("fail with exception:", ex);
-        }
-    }
-
-    private boolean verify(CMSSignedData signature, CMSTypedData typedData)
-        throws CertificateException, OperatorCreationException, IOException, CMSException
-    {
-        CMSSignedData signedDataToVerify = new CMSSignedData(typedData, signature.getEncoded());
-        Store certs = signedDataToVerify.getCertificates();
-        SignerInformationStore signers = signedDataToVerify.getSignerInfos();
-        Collection<SignerInformation> c = signers.getSigners();
-        for (Iterator it = c.iterator(); it.hasNext();)
-        {
-            SignerInformation signer = (SignerInformation)it.next();
-            SignerId signerId = signer.getSID();
-            Collection certCollection = certs.getMatches(signerId);
-
-            Iterator certIt = certCollection.iterator();
-            Object certificate = certIt.next();
-            SignerInformationVerifier verifier =
-                new JcaSimpleSignerInfoVerifierBuilder()
-                    .setProvider("BC").build((X509CertificateHolder)certificate);
-
-
-            boolean result = signer.verify(verifier);
-            if (result)
-            {
-                return true;
-            }
-        }
-        return false;
-    }
-
-    private X509CertificateHolder selfSignedCertificate(KeyPair keyPair, String signatureAlgName)
-        throws IOException, OperatorCreationException
-    {
-
-        X500Name name = new X500Name("CN=BB, C=aa");
-        ECPublicKey k = (ECPublicKey)keyPair.getPublic();
-        ECParameterSpec s = k.getParameters();
-        ECPublicKeyParameters ecPublicKeyParameters = new ECPublicKeyParameters(
-            k.getQ(),
-            new ECDomainParameters(s.getCurve(), s.getG(), s.getN()));
-
-        ECPrivateKey kk = (ECPrivateKey)keyPair.getPrivate();
-        ECParameterSpec ss = kk.getParameters();
-
-        ECPrivateKeyParameters ecPrivateKeyParameters = new ECPrivateKeyParameters(
-            kk.getD(),
-            new ECDomainParameters(ss.getCurve(), ss.getG(), ss.getN()));
-
-        AsymmetricKeyParameter publicKey = ecPublicKeyParameters;
-        AsymmetricKeyParameter privateKey = ecPrivateKeyParameters;
-        X509v3CertificateBuilder myCertificateGenerator = new X509v3CertificateBuilder(
-            name,
-            BigInteger.ONE,
-            new Date(),
-            new Date(new Date().getTime() + 364 * 50 * 3600),
-            name,
-            SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(publicKey));
-
-        DefaultSignatureAlgorithmIdentifierFinder signatureAlgorithmIdentifierFinder = new DefaultSignatureAlgorithmIdentifierFinder();
-        DefaultDigestAlgorithmIdentifierFinder digestAlgorithmIdentifierFinder = new DefaultDigestAlgorithmIdentifierFinder();
-
-        AlgorithmIdentifier signAlgId = signatureAlgorithmIdentifierFinder.find(signatureAlgName);
-        AlgorithmIdentifier digestAlgId = digestAlgorithmIdentifierFinder.find(signAlgId);
-
-        BcContentSignerBuilder signerBuilder = new BcECContentSignerBuilder(signAlgId, digestAlgId);
-
-        int val = KeyUsage.cRLSign;
-        val = val | KeyUsage.dataEncipherment;
-        val = val | KeyUsage.decipherOnly;
-        val = val | KeyUsage.digitalSignature;
-        val = val | KeyUsage.encipherOnly;
-        val = val | KeyUsage.keyAgreement;
-        val = val | KeyUsage.keyEncipherment;
-        val = val | KeyUsage.nonRepudiation;
-        myCertificateGenerator.addExtension(Extension.keyUsage, true, new KeyUsage(val));
-
-        myCertificateGenerator.addExtension(Extension.basicConstraints, true, new BasicConstraints(false));
-
-        myCertificateGenerator.addExtension(Extension.extendedKeyUsage, true, new ExtendedKeyUsage(KeyPurposeId.id_kp_timeStamping));
-
-
-        X509CertificateHolder holder = myCertificateGenerator.build(signerBuilder.build(privateKey));
-
-        return holder;
-    }
-
-    public static void main(String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-        Test test = new GOST3410_2012CMSTest();
-        TestResult result = test.perform();
-        System.out.println(result);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/test/PEMData.java b/bcpkix/src/main/java/org/bouncycastle/cert/test/PEMData.java
deleted file mode 100644
index 6159f36..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/test/PEMData.java
+++ /dev/null

@@ -1,114 +0,0 @@
-package org.bouncycastle.cert.test;
-
-public class PEMData
-{
-    public static String CERTIFICATE_1 =
-       "-----BEGIN X509 CERTIFICATE-----\r"
-     + "MIIDXjCCAsegAwIBAgIBBzANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx\r"
-     + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY\r"
-     + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB\r"
-     + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ\r"
-     + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU2MjFaFw0wMTA2\r"
-     + "MDIwNzU2MjFaMIG4MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW\r"
-     + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM\r"
-     + "dGQxFzAVBgNVBAsTDldlYnNlcnZlciBUZWFtMR0wGwYDVQQDExR3d3cyLmNvbm5l\r"
-     + "Y3Q0LmNvbS5hdTEoMCYGCSqGSIb3DQEJARYZd2VibWFzdGVyQGNvbm5lY3Q0LmNv\r"
-     + "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArvDxclKAhyv7Q/Wmr2re\r"
-     + "Gw4XL9Cnh9e+6VgWy2AWNy/MVeXdlxzd7QAuc1eOWQkGQEiLPy5XQtTY+sBUJ3AO\r"
-     + "Rvd2fEVJIcjf29ey7bYua9J/vz5MG2KYo9/WCHIwqD9mmG9g0xLcfwq/s8ZJBswE\r"
-     + "7sb85VU+h94PTvsWOsWuKaECAwEAAaN3MHUwJAYDVR0RBB0wG4EZd2VibWFzdGVy\r"
-     + "QGNvbm5lY3Q0LmNvbS5hdTA6BglghkgBhvhCAQ0ELRYrbW9kX3NzbCBnZW5lcmF0\r"
-     + "ZWQgY3VzdG9tIHNlcnZlciBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCBkAw\r"
-     + "DQYJKoZIhvcNAQEEBQADgYEAotccfKpwSsIxM1Hae8DR7M/Rw8dg/RqOWx45HNVL\r"
-     + "iBS4/3N/TO195yeQKbfmzbAA2jbPVvIvGgTxPgO1MP4ZgvgRhasaa0qCJCkWvpM4\r"
-     + "yQf33vOiYQbpv4rTwzU8AmRlBG45WdjyNIigGV+oRc61aKCTnLq7zB8N3z1TF/bF\r"
-     + "5/8=\r"
-     + "-----END X509 CERTIFICATE-----\r";
-
-    public static String CERTIFICATE_2 =
-       "-----BEGIN CERTIFICATE-----\n"
-     + "MIIDXjCCAsegAwIBAgIBBzANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx\n"
-     + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY\n"
-     + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB\n"
-     + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ\n"
-     + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU2MjFaFw0wMTA2\n"
-     + "MDIwNzU2MjFaMIG4MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW\n"
-     + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM\n"
-     + "dGQxFzAVBgNVBAsTDldlYnNlcnZlciBUZWFtMR0wGwYDVQQDExR3d3cyLmNvbm5l\n"
-     + "Y3Q0LmNvbS5hdTEoMCYGCSqGSIb3DQEJARYZd2VibWFzdGVyQGNvbm5lY3Q0LmNv\n"
-     + "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArvDxclKAhyv7Q/Wmr2re\n"
-     + "Gw4XL9Cnh9e+6VgWy2AWNy/MVeXdlxzd7QAuc1eOWQkGQEiLPy5XQtTY+sBUJ3AO\n"
-     + "Rvd2fEVJIcjf29ey7bYua9J/vz5MG2KYo9/WCHIwqD9mmG9g0xLcfwq/s8ZJBswE\n"
-     + "7sb85VU+h94PTvsWOsWuKaECAwEAAaN3MHUwJAYDVR0RBB0wG4EZd2VibWFzdGVy\n"
-     + "QGNvbm5lY3Q0LmNvbS5hdTA6BglghkgBhvhCAQ0ELRYrbW9kX3NzbCBnZW5lcmF0\n"
-     + "ZWQgY3VzdG9tIHNlcnZlciBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCBkAw\n"
-     + "DQYJKoZIhvcNAQEEBQADgYEAotccfKpwSsIxM1Hae8DR7M/Rw8dg/RqOWx45HNVL\n"
-     + "iBS4/3N/TO195yeQKbfmzbAA2jbPVvIvGgTxPgO1MP4ZgvgRhasaa0qCJCkWvpM4\n"
-     + "yQf33vOiYQbpv4rTwzU8AmRlBG45WdjyNIigGV+oRc61aKCTnLq7zB8N3z1TF/bF\n"
-     + "5/8=\n"
-     + "-----END CERTIFICATE-----\n";
-
-    public static String CRL_1 =
-       "-----BEGIN X509 CRL-----\r\n"
-     + "MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT\r\n"
-     + "F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy\r\n"
-     + "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw\r\n"
-     + "MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw\r\n"
-     + "MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw\r\n"
-     + "MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw\r\n"
-     + "MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw\r\n"
-     + "MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw\r\n"
-     + "MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw\r\n"
-     + "NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw\r\n"
-     + "NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF\r\n"
-     + "AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ\r\n"
-     + "wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt\r\n"
-     + "JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v\r\n"
-     + "-----END X509 CRL-----\r\n";
-
-    public static String CRL_2 =
-       "-----BEGIN CRL-----\r\n"
-     + "MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT\r\n"
-     + "F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy\r\n"
-     + "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw\r\n"
-     + "MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw\r\n"
-     + "MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw\r\n"
-     + "MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw\r\n"
-     + "MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw\r\n"
-     + "MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw\r\n"
-     + "MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw\r\n"
-     + "NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw\r\n"
-     + "NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF\r\n"
-     + "AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ\r\n"
-     + "wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt\r\n"
-     + "JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v\r\n"
-     + "-----END CRL-----\r\n";
-
-    static String ATTRIBUTE_CERTIFICATE_1 =
-       "-----BEGIN X509 ATTRIBUTE CERTIFICATE-----\r\n"
-     + "MIIBuDCCASECAQEwZ6BlMGCkXjBcMQswCQYDVQQGEwJBVTEoMCYGA1UEChMfVGhl\r\n"
-     + "IExlZ2lvbiBvZiB0aGUgQm91bmN5IENhc3RsZTEjMCEGA1UECxMaQm91bmN5IFBy\r\n"
-     + "aW1hcnkgQ2VydGlmaWNhdGUCARSgYjBgpF4wXDELMAkGA1UEBhMCQVUxKDAmBgNV\r\n"
-     + "BAoTH1RoZSBMZWdpb24gb2YgdGhlIEJvdW5jeSBDYXN0bGUxIzAhBgNVBAsTGkJv\r\n"
-     + "dW5jeSBQcmltYXJ5IENlcnRpZmljYXRlMA0GCSqGSIb3DQEBBQUAAgEBMCIYDzIw\r\n"
-     + "MDUwNjEwMDI0MTMzWhgPMjAwNTA2MTAwMjQzMTNaMBkwFwYDVRhIMRAwDoEMREFV\r\n"
-     + "MTIzNDU2Nzg5MA0GCSqGSIb3DQEBBQUAA4GBALAYXT9zdxSR5zdPLAon1xIPehgI\r\n"
-     + "NZhjM7w0uu3OdzSV5sC31X1Kx9vi5RIWiM9VimRTwbQIod9POttD5QMXCwQb/fm7\r\n"
-     + "eiJqL2YBIXOeClB19VrQe8xQtMFbyuFpDiM7QdvIam9ShZZMEMGjv9QHI64M4b0G\r\n"
-     + "odUBlSsJwPPQjZSU\r\n"
-     + "-----END X509 ATTRIBUTE CERTIFICATE-----\r\n";
-
-    static String ATTRIBUTE_CERTIFICATE_2 =
-       "-----BEGIN ATTRIBUTE CERTIFICATE-----\r\n"
-     + "MIIBuDCCASECAQEwZ6BlMGCkXjBcMQswCQYDVQQGEwJBVTEoMCYGA1UEChMfVGhl\r\n"
-     + "IExlZ2lvbiBvZiB0aGUgQm91bmN5IENhc3RsZTEjMCEGA1UECxMaQm91bmN5IFBy\r\n"
-     + "aW1hcnkgQ2VydGlmaWNhdGUCARSgYjBgpF4wXDELMAkGA1UEBhMCQVUxKDAmBgNV\r\n"
-     + "BAoTH1RoZSBMZWdpb24gb2YgdGhlIEJvdW5jeSBDYXN0bGUxIzAhBgNVBAsTGkJv\r\n"
-     + "dW5jeSBQcmltYXJ5IENlcnRpZmljYXRlMA0GCSqGSIb3DQEBBQUAAgEBMCIYDzIw\r\n"
-     + "MDUwNjEwMDI0MTMzWhgPMjAwNTA2MTAwMjQzMTNaMBkwFwYDVRhIMRAwDoEMREFV\r\n"
-     + "MTIzNDU2Nzg5MA0GCSqGSIb3DQEBBQUAA4GBALAYXT9zdxSR5zdPLAon1xIPehgI\r\n"
-     + "NZhjM7w0uu3OdzSV5sC31X1Kx9vi5RIWiM9VimRTwbQIod9POttD5QMXCwQb/fm7\r\n"
-     + "eiJqL2YBIXOeClB19VrQe8xQtMFbyuFpDiM7QdvIam9ShZZMEMGjv9QHI64M4b0G\r\n"
-     + "odUBlSsJwPPQjZSU\r\n"
-     + "-----END ATTRIBUTE CERTIFICATE-----\r\n";
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/test/PKCS10Test.java b/bcpkix/src/main/java/org/bouncycastle/cert/test/PKCS10Test.java
deleted file mode 100644
index 135716c..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/test/PKCS10Test.java
+++ /dev/null

@@ -1,605 +0,0 @@
-package org.bouncycastle.cert.test;
-
-import java.math.BigInteger;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.Signature;
-import java.security.spec.RSAPrivateCrtKeySpec;
-import java.security.spec.RSAPublicKeySpec;
-
-import javax.security.auth.x500.X500Principal;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.Attribute;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x500.X500NameBuilder;
-import org.bouncycastle.asn1.x500.style.BCStyle;
-import org.bouncycastle.asn1.x509.BasicConstraints;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.Extensions;
-import org.bouncycastle.asn1.x509.KeyUsage;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-import org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils;
-import org.bouncycastle.jce.ECGOST3410NamedCurveTable;
-import org.bouncycastle.jce.ECNamedCurveTable;
-import org.bouncycastle.jce.interfaces.ECPointEncoder;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
-import org.bouncycastle.jce.spec.ECParameterSpec;
-import org.bouncycastle.jce.spec.ECPrivateKeySpec;
-import org.bouncycastle.jce.spec.ECPublicKeySpec;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.operator.ContentSigner;
-import org.bouncycastle.operator.ContentVerifierProvider;
-import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
-import org.bouncycastle.operator.jcajce.JcaContentVerifierProviderBuilder;
-import org.bouncycastle.pkcs.PKCS10CertificationRequest;
-import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder;
-import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequest;
-import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- **/
-public class PKCS10Test
-    extends SimpleTest
-{
-    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
-
-    private byte[] gost3410EC_A = Base64.decode(
-  "MIIBOzCB6wIBADB/MQ0wCwYDVQQDEwR0ZXN0MRUwEwYDVQQKEwxEZW1vcyBDbyBMdGQxHjAcBgNV"
- +"BAsTFUNyeXB0b2dyYXBoeSBkaXZpc2lvbjEPMA0GA1UEBxMGTW9zY293MQswCQYDVQQGEwJydTEZ"
- +"MBcGCSqGSIb3DQEJARYKc2RiQGRvbC5ydTBjMBwGBiqFAwICEzASBgcqhQMCAiMBBgcqhQMCAh4B"
- +"A0MABEBYx0P2D7YuuZo5HgdIAUKAXcLBDZ+4LYFgbKjrfStVfH59lc40BQ2FZ7M703hLpXK8GiBQ"
- +"GEYpKaAuQZnMIpByoAAwCAYGKoUDAgIDA0EAgXMcTrhdOY2Er2tHOSAgnMezqrYxocZTWhxmW5Rl"
- +"JY6lbXH5rndCn4swFzXU+YhgAsJv1wQBaoZEWRl5WV4/nA==");
-
-    private byte[] gost3410EC_B = Base64.decode(
-  "MIIBPTCB7QIBADCBgDENMAsGA1UEAxMEdGVzdDEWMBQGA1UEChMNRGVtb3MgQ28gTHRkLjEeMBwG"
- +"A1UECxMVQ3J5cHRvZ3JhcGh5IGRpdmlzaW9uMQ8wDQYDVQQHEwZNb3Njb3cxCzAJBgNVBAYTAnJ1"
- +"MRkwFwYJKoZIhvcNAQkBFgpzZGJAZG9sLnJ1MGMwHAYGKoUDAgITMBIGByqFAwICIwIGByqFAwIC"
- +"HgEDQwAEQI5SLoWT7dZVilbV9j5B/fyIDuDs6x4pjqNC2TtFYbpRHrk/Wc5g/mcHvD80tsm5o1C7"
- +"7cizNzkvAVUM4VT4Dz6gADAIBgYqhQMCAgMDQQAoT5TwJ8o+bSrxckymyo3diwG7ZbSytX4sRiKy"
- +"wXPWRS9LlBvPO2NqwpS2HUnxSU8rzfL9fJcybATf7Yt1OEVq");
-
-    private byte[] gost3410EC_C = Base64.decode(
-  "MIIBRDCB9AIBADCBhzEVMBMGA1UEAxMMdGVzdCByZXF1ZXN0MRUwEwYDVQQKEwxEZW1vcyBDbyBM"
- +"dGQxHjAcBgNVBAsTFUNyeXB0b2dyYXBoeSBkaXZpc2lvbjEPMA0GA1UEBxMGTW9zY293MQswCQYD"
- +"VQQGEwJydTEZMBcGCSqGSIb3DQEJARYKc2RiQGRvbC5ydTBjMBwGBiqFAwICEzASBgcqhQMCAiMD"
- +"BgcqhQMCAh4BA0MABEBcmGh7OmR4iqqj+ycYo1S1fS7r5PhisSQU2Ezuz8wmmmR2zeTZkdMYCOBa"
- +"UTMNms0msW3wuYDho7nTDNscHTB5oAAwCAYGKoUDAgIDA0EAVoOMbfyo1Un4Ss7WQrUjHJoiaYW8"
- +"Ime5LeGGU2iW3ieAv6es/FdMrwTKkqn5dhd3aL/itFg5oQbhyfXw5yw/QQ==");
-    
-    private byte[] gost3410EC_ExA = Base64.decode(
-     "MIIBOzCB6wIBADB/MQ0wCwYDVQQDEwR0ZXN0MRUwEwYDVQQKEwxEZW1vcyBDbyBMdGQxHjAcBgNV"
-   + "BAsTFUNyeXB0b2dyYXBoeSBkaXZpc2lvbjEPMA0GA1UEBxMGTW9zY293MQswCQYDVQQGEwJydTEZ"
-   + "MBcGCSqGSIb3DQEJARYKc2RiQGRvbC5ydTBjMBwGBiqFAwICEzASBgcqhQMCAiQABgcqhQMCAh4B"
-   + "A0MABEDkqNT/3f8NHj6EUiWnK4JbVZBh31bEpkwq9z3jf0u8ZndG56Vt+K1ZB6EpFxLT7hSIos0w"
-   + "weZ2YuTZ4w43OgodoAAwCAYGKoUDAgIDA0EASk/IUXWxoi6NtcUGVF23VRV1L3undB4sRZLp4Vho"
-   + "gQ7m3CMbZFfJ2cPu6QyarseXGYHmazoirH5lGjEo535c1g==");
-
-    private byte[] gost3410EC_ExB = Base64.decode(
-      "MIIBPTCB7QIBADCBgDENMAsGA1UEAxMEdGVzdDEWMBQGA1UEChMNRGVtb3MgQ28gTHRkLjEeMBwG"
-    + "A1UECxMVQ3J5cHRvZ3JhcGh5IGRpdmlzaW9uMQ8wDQYDVQQHEwZNb3Njb3cxCzAJBgNVBAYTAnJ1"
-    + "MRkwFwYJKoZIhvcNAQkBFgpzZGJAZG9sLnJ1MGMwHAYGKoUDAgITMBIGByqFAwICJAEGByqFAwIC"
-    + "HgEDQwAEQMBWYUKPy/1Kxad9ChAmgoSWSYOQxRnXo7KEGLU5RNSXA4qMUvArWzvhav+EYUfTbWLh"
-    + "09nELDyHt2XQcvgQHnSgADAIBgYqhQMCAgMDQQAdaNhgH/ElHp64mbMaEo1tPCg9Q22McxpH8rCz"
-    + "E0QBpF4H5mSSQVGI5OAXHToetnNuh7gHHSynyCupYDEHTbkZ");
-
-    public String getName()
-    {
-        return "PKCS10CertRequest";
-    }
-
-    private void generationTest(int keySize, String keyName, String sigName, String provider)
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance(keyName, "BC");
-
-        kpg.initialize(keySize);
-
-        KeyPair kp = kpg.genKeyPair();
-
-
-        X500NameBuilder x500NameBld = new X500NameBuilder(BCStyle.INSTANCE);
-
-        x500NameBld.addRDN(BCStyle.C, "AU");
-        x500NameBld.addRDN(BCStyle.O, "The Legion of the Bouncy Castle");
-        x500NameBld.addRDN(BCStyle.L, "Melbourne");
-        x500NameBld.addRDN(BCStyle.ST, "Victoria");
-        x500NameBld.addRDN(BCStyle.EmailAddress, "feedback-crypto@bouncycastle.org");
-
-        X500Name    subject = x500NameBld.build();
-
-        PKCS10CertificationRequestBuilder requestBuilder = new JcaPKCS10CertificationRequestBuilder(subject, kp.getPublic());
-                            
-        PKCS10CertificationRequest req1 = requestBuilder.build(new JcaContentSignerBuilder(sigName).setProvider(provider).build(kp.getPrivate()));
-
-        JcaPKCS10CertificationRequest req2 = new JcaPKCS10CertificationRequest(req1.getEncoded()).setProvider(provider);
-
-        if (!req2.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(provider).build(kp.getPublic())))
-        {
-            fail(sigName + ": Failed verify check.");
-        }
-
-        if (!Arrays.areEqual(req2.getPublicKey().getEncoded(), req1.getSubjectPublicKeyInfo().getEncoded()))
-        {
-            fail(keyName + ": Failed public key check.");
-        }
-    }
-
-    private void generationTestX500Principal(int keySize, String keyName, String sigName, String provider)
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance(keyName, "BC");
-
-        kpg.initialize(keySize);
-
-        KeyPair kp = kpg.genKeyPair();
-
-
-        X500NameBuilder x500NameBld = new X500NameBuilder(BCStyle.INSTANCE);
-
-        x500NameBld.addRDN(BCStyle.C, "AU");
-        x500NameBld.addRDN(BCStyle.O, "The Legion of the Bouncy Castle");
-        x500NameBld.addRDN(BCStyle.L, "Melbourne");
-        x500NameBld.addRDN(BCStyle.ST, "Victoria");
-        x500NameBld.addRDN(BCStyle.EmailAddress, "feedback-crypto@bouncycastle.org");
-
-        X500Name    subject = x500NameBld.build();
-
-        PKCS10CertificationRequestBuilder requestBuilder = new JcaPKCS10CertificationRequestBuilder(new X500Principal(subject.getEncoded()), kp.getPublic());
-
-        PKCS10CertificationRequest req1 = requestBuilder.build(new JcaContentSignerBuilder(sigName).setProvider(provider).build(kp.getPrivate()));
-
-        JcaPKCS10CertificationRequest req2 = new JcaPKCS10CertificationRequest(req1.getEncoded()).setProvider(provider);
-
-        if (!req2.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(provider).build(kp.getPublic())))
-        {
-            fail(sigName + ": Failed verify check.");
-        }
-
-        if (!Arrays.areEqual(req2.getPublicKey().getEncoded(), req1.getSubjectPublicKeyInfo().getEncoded()))
-        {
-            fail(keyName + ": Failed public key check.");
-        }
-
-        if (!Arrays.areEqual(req2.getSubject().getEncoded(), req1.getSubject().getEncoded()))
-        {
-            fail(keyName + ": Failed subject key check.");
-        }
-    }
-
-    /*
-     * we generate a self signed certificate for the sake of testing - SHA224withECDSA
-     */
-    private void createECRequest(String algorithm, ASN1ObjectIdentifier algOid, ASN1ObjectIdentifier curveOid)
-        throws Exception
-    {
-        ECNamedCurveParameterSpec spec = ECNamedCurveTable.getParameterSpec(curveOid.getId());
-        KeyPairGenerator ecGen = KeyPairGenerator.getInstance("ECDSA", "BC");
-
-        ecGen.initialize(spec);
-
-        //
-        // set up the keys
-        //
-        PrivateKey          privKey;
-        PublicKey           pubKey;
-
-        KeyPair pair = ecGen.generateKeyPair();
-
-        privKey = pair.getPrivate();
-        pubKey = pair.getPublic();
-
-        ContentSigner signer = new JcaContentSignerBuilder(algorithm).setProvider(BC).build(privKey);
-
-        PKCS10CertificationRequestBuilder reqBuilder = new JcaPKCS10CertificationRequestBuilder(new X500Name("CN=XXX"), pubKey);
-        PKCS10CertificationRequest req = reqBuilder.build(signer);
-
-        ContentVerifierProvider verifier = new JcaContentVerifierProviderBuilder().setProvider(BC).build(pubKey);
-
-        if (!req.isSignatureValid(verifier))
-        {
-            fail("Failed verify check EC.");
-        }
-
-        req = new PKCS10CertificationRequest(req.getEncoded());
-        if (!req.isSignatureValid(verifier))
-        {
-            fail("Failed verify check EC encoded.");
-        }
-        
-        //
-        // try with point compression turned off
-        //
-        ((ECPointEncoder)pubKey).setPointFormat("UNCOMPRESSED");
-
-        reqBuilder = new JcaPKCS10CertificationRequestBuilder(new X500Name("CN=XXX"), pubKey);
-        req = reqBuilder.build(signer);
-
-        if (!req.isSignatureValid(verifier))
-        {
-            fail("Failed verify check EC uncompressed.");
-        }
-        
-        req = new PKCS10CertificationRequest(req.getEncoded());
-        if (!req.isSignatureValid(verifier))
-        {
-            fail("Failed verify check EC uncompressed encoded.");
-        }
-        
-        if (!req.toASN1Structure().getSignatureAlgorithm().getAlgorithm().equals(algOid))
-        {
-            fail("ECDSA oid incorrect.");
-        }
-        
-        if (req.toASN1Structure().getSignatureAlgorithm().getParameters() != null)
-        {
-            fail("ECDSA parameters incorrect.");
-        }
-        
-        Signature sig = Signature.getInstance(algorithm, "BC");
-        
-        sig.initVerify(pubKey);
-        
-        sig.update(req.toASN1Structure().getCertificationRequestInfo().getEncoded());
-        
-        if (!sig.verify(req.toASN1Structure().getSignature().getBytes()))
-        {
-            fail("signature not mapped correctly.");
-        }
-    }
-
-    private void createECRequest(String algorithm, ASN1ObjectIdentifier algOid)
-        throws Exception
-    {
-        X9ECParameters x9 = org.bouncycastle.asn1.x9.ECNamedCurveTable.getByName("secp521r1");
-        ECCurve curve = x9.getCurve();
-        ECParameterSpec spec = new ECParameterSpec(curve, x9.getG(), x9.getN(), x9.getH());
-
-        ECPrivateKeySpec privKeySpec = new ECPrivateKeySpec(
-            new BigInteger("5769183828869504557786041598510887460263120754767955773309066354712783118202294874205844512909370791582896372147797293913785865682804434049019366394746072023"), // d
-            spec);
-
-        ECPublicKeySpec pubKeySpec = new ECPublicKeySpec(
-            curve.decodePoint(Hex.decode("02006BFDD2C9278B63C92D6624F151C9D7A822CC75BD983B17D25D74C26740380022D3D8FAF304781E416175EADF4ED6E2B47142D2454A7AC7801DD803CF44A4D1F0AC")), // Q
-            spec);
-
-        //
-        // set up the keys
-        //
-        PrivateKey          privKey;
-        PublicKey           pubKey;
-
-        KeyFactory     fact = KeyFactory.getInstance("ECDSA", "BC");
-
-        privKey = fact.generatePrivate(privKeySpec);
-        pubKey = fact.generatePublic(pubKeySpec);
-
-        PKCS10CertificationRequest req = new JcaPKCS10CertificationRequestBuilder(
-                        new X500Name("CN=XXX"), pubKey).build(new JcaContentSignerBuilder(algorithm).setProvider(BC).build(privKey));
-        if (!req.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(pubKey)))
-        {
-            fail("Failed verify check EC.");
-        }
-
-        req = new PKCS10CertificationRequest(req.getEncoded());
-        if (!req.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(pubKey)))
-        {
-            fail("Failed verify check EC encoded.");
-        }
-
-        //
-        // try with point compression turned off
-        //
-        ((ECPointEncoder)pubKey).setPointFormat("UNCOMPRESSED");
-
-        req = new JcaPKCS10CertificationRequestBuilder(
-                        new X500Name("CN=XXX"), pubKey).build(new JcaContentSignerBuilder(algorithm).setProvider(BC).build(privKey));
-        if (!req.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(pubKey)))
-        {
-            fail("Failed verify check EC uncompressed.");
-        }
-
-        JcaPKCS10CertificationRequest jcaReq = new JcaPKCS10CertificationRequest(new PKCS10CertificationRequest(req.getEncoded()));
-        if (!jcaReq.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(jcaReq.getPublicKey())))
-        {
-            fail("Failed verify check EC uncompressed encoded.");
-        }
-
-        if (!jcaReq.getSignatureAlgorithm().getAlgorithm().equals(algOid))
-        {
-            fail("ECDSA oid incorrect.");
-        }
-
-        if (jcaReq.getSignatureAlgorithm().getParameters() != null)
-        {
-            fail("ECDSA parameters incorrect.");
-        }
-
-        Signature sig = Signature.getInstance(algorithm, BC);
-
-        sig.initVerify(pubKey);
-
-        sig.update(req.toASN1Structure().getCertificationRequestInfo().getEncoded());
-
-        if (!sig.verify(req.getSignature()))
-        {
-            fail("signature not mapped correctly.");
-        }
-    }
-
-    private void createECGOSTRequest()
-        throws Exception
-    {
-        String           algorithm = "GOST3411withECGOST3410";
-        KeyPairGenerator ecGostKpg = KeyPairGenerator.getInstance("ECGOST3410", "BC");
-
-        ecGostKpg.initialize(ECGOST3410NamedCurveTable.getParameterSpec("GostR3410-2001-CryptoPro-A"), new SecureRandom());
-
-        //
-        // set up the keys
-        //
-        KeyPair             pair = ecGostKpg.generateKeyPair();
-        PrivateKey          privKey = pair.getPrivate();
-        PublicKey           pubKey = pair.getPublic();
-
-        PKCS10CertificationRequest req = new JcaPKCS10CertificationRequestBuilder(
-                        new X500Name("CN=XXX"), pubKey).build(new JcaContentSignerBuilder(algorithm).setProvider(BC).build(privKey));
-        if (!req.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(pubKey)))
-        {
-            fail("Failed verify check EC.");
-        }
-
-        req = new PKCS10CertificationRequest(req.getEncoded());
-        if (!req.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(pubKey)))
-        {
-            fail("Failed verify check EC encoded.");
-        }
-
-        if (!req.getSignatureAlgorithm().getAlgorithm().equals(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001))
-        {
-            fail("ECGOST oid incorrect.");
-        }
-
-        if (req.getSignatureAlgorithm().getParameters() != null)
-        {
-            fail("ECGOST parameters incorrect.");
-        }
-
-        Signature sig = Signature.getInstance(algorithm, "BC");
-
-        sig.initVerify(pubKey);
-
-        sig.update(req.toASN1Structure().getCertificationRequestInfo().getEncoded());
-
-        if (!sig.verify(req.getSignature()))
-        {
-            fail("signature not mapped correctly.");
-        }
-    }
-
-    private void createPSSTest(String algorithm)
-        throws Exception
-    {
-        RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(
-            new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
-            new BigInteger("010001",16));
-
-        RSAPrivateCrtKeySpec privKeySpec = new RSAPrivateCrtKeySpec(
-            new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
-            new BigInteger("010001",16),
-            new BigInteger("33a5042a90b27d4f5451ca9bbbd0b44771a101af884340aef9885f2a4bbe92e894a724ac3c568c8f97853ad07c0266c8c6a3ca0929f1e8f11231884429fc4d9ae55fee896a10ce707c3ed7e734e44727a39574501a532683109c2abacaba283c31b4bd2f53c3ee37e352cee34f9e503bd80c0622ad79c6dcee883547c6a3b325",16),
-            new BigInteger("e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443",16),
-            new BigInteger("b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd",16),
-            new BigInteger("28fa13938655be1f8a159cbaca5a72ea190c30089e19cd274a556f36c4f6e19f554b34c077790427bbdd8dd3ede2448328f385d81b30e8e43b2fffa027861979",16),
-            new BigInteger("1a8b38f398fa712049898d7fb79ee0a77668791299cdfa09efc0e507acb21ed74301ef5bfd48be455eaeb6e1678255827580a8e4e8e14151d1510a82a3f2e729",16),
-            new BigInteger("27156aba4126d24a81f3a528cbfb27f56886f840a9f6e86e17a44b94fe9319584b8e22fdde1e5a2e3bd8aa5ba8d8584194eb2190acf832b847f13a3d24a79f4d",16));
-
-        KeyFactory  fact = KeyFactory.getInstance("RSA", "BC");
-
-        PrivateKey privKey = fact.generatePrivate(privKeySpec);
-        PublicKey pubKey = fact.generatePublic(pubKeySpec);
-
-        PKCS10CertificationRequest req = new JcaPKCS10CertificationRequestBuilder(
-                        new X500Name("CN=XXX"), pubKey).build(new JcaContentSignerBuilder(algorithm).setProvider(BC).build(privKey));
-        if (!req.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(pubKey)))
-        {
-            fail("Failed verify check PSS.");
-        }
-
-        JcaPKCS10CertificationRequest jcaReq = new JcaPKCS10CertificationRequest(req.getEncoded()).setProvider(BC);
-        if (!jcaReq.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(jcaReq.getPublicKey())))
-        {
-            fail("Failed verify check PSS encoded.");
-        }
-
-        if (!jcaReq.getSignatureAlgorithm().getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS))
-        {
-            fail("PSS oid incorrect.");
-        }
-
-        if (jcaReq.getSignatureAlgorithm().getParameters() == null)
-        {
-            fail("PSS parameters incorrect.");
-        }
-
-        Signature sig = Signature.getInstance(algorithm, "BC");
-
-        sig.initVerify(pubKey);
-
-        sig.update(jcaReq.toASN1Structure().getCertificationRequestInfo().getEncoded());
-
-        if (!sig.verify(req.getSignature()))
-        {
-            fail("signature not mapped correctly.");
-        }
-    }
-
-     // previous code found to cause a NullPointerException
-    private void nullPointerTest()
-        throws Exception
-    {
-        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA", "BC");
-        keyGen.initialize(1024, new SecureRandom());
-        KeyPair pair = keyGen.generateKeyPair();
-        JcaX509ExtensionUtils extUtils = new JcaX509ExtensionUtils();
-
-        Extension[] ext = new Extension[] {
-            new Extension(Extension.basicConstraints, true, new DEROctetString(new BasicConstraints(true))),
-            new Extension(Extension.keyUsage, true, new DEROctetString(new KeyUsage(KeyUsage.keyCertSign | KeyUsage.cRLSign))),
-            new Extension(Extension.subjectKeyIdentifier, false, new DEROctetString(extUtils.createSubjectKeyIdentifier(pair.getPublic())))
-        };
-
-        PKCS10CertificationRequest p1 = new JcaPKCS10CertificationRequestBuilder(
-            new X500Name("cn=csr"),
-            pair.getPublic())
-            .addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, new Extensions(ext))
-            .build(new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(pair.getPrivate()));
-        PKCS10CertificationRequest p2 = new JcaPKCS10CertificationRequestBuilder(
-            new X500Name("cn=csr"),
-            pair.getPublic())
-            .addAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest, new Extensions(ext))
-            .build(new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(pair.getPrivate()));
-
-        if (!p1.equals(p2))
-        {
-            fail("cert request comparison failed");
-        }
-
-        Attribute[] attr1 = p1.getAttributes();
-        Attribute[] attr2 = p1.getAttributes();
-
-        checkAttrs(1, attr1, attr2);
-
-        attr1 = p1.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest);
-        attr2 = p1.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest);
-
-        checkAttrs(1, attr1, attr2);
-    }
-
-    private void checkAttrs(int expectedLength, Attribute[] attr1, Attribute[] attr2)
-    {
-        if (expectedLength != attr1.length)
-        {
-            fail("expected length mismatch");
-        }
-
-        if (attr1.length != attr2.length)
-        {
-            fail("atrribute length mismatch");
-        }
-
-        for (int i = 0; i != attr1.length; i++)
-        {
-            if (!attr1[i].equals(attr2[i]))
-            {
-                fail("atrribute mismatch");
-            }
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        generationTest(512, "RSA", "SHA1withRSA", "BC");
-        generationTestX500Principal(512, "RSA", "SHA1withRSA", "BC");
-        generationTest(512, "GOST3410", "GOST3411withGOST3410", "BC");
-        
-        if (Security.getProvider("SunRsaSign") != null)
-        {
-            generationTest(512, "RSA", "SHA1withRSA", "SunRsaSign"); 
-        }
-        
-        // elliptic curve GOST A parameter set
-        JcaPKCS10CertificationRequest req = new JcaPKCS10CertificationRequest(gost3410EC_A).setProvider(BC);
-        if (!req.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(req.getPublicKey())))
-        {
-            fail("Failed verify check gost3410EC_A.");
-        }
-
-        // elliptic curve GOST B parameter set
-        req = new JcaPKCS10CertificationRequest(gost3410EC_B).setProvider(BC);
-        if (!req.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(req.getPublicKey())))
-        {
-            fail("Failed verify check gost3410EC_B.");
-        }
-
-        // elliptic curve GOST C parameter set
-        req = new JcaPKCS10CertificationRequest(gost3410EC_C).setProvider(BC);
-        if (!req.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(req.getPublicKey())))
-        {
-            fail("Failed verify check gost3410EC_C.");
-        }
-        
-        // elliptic curve GOST ExA parameter set
-        req = new JcaPKCS10CertificationRequest(gost3410EC_ExA).setProvider(BC);
-        if (!req.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(req.getPublicKey())))
-        {
-            fail("Failed verify check gost3410EC_ExA.");
-        }
-
-        // elliptic curve GOST ExB parameter set
-        req = new JcaPKCS10CertificationRequest(gost3410EC_ExB).setProvider(BC);
-        if (!req.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(req.getPublicKey())))
-        {
-            fail("Failed verify check gost3410EC_ExA.");
-        }
-
-        // elliptic curve openSSL
-        KeyPairGenerator g = KeyPairGenerator.getInstance("ECDSA", "BC");
-
-        X9ECParameters x9 = org.bouncycastle.asn1.x9.ECNamedCurveTable.getByName("prime239v1");
-        ECCurve curve = x9.getCurve();
-        ECParameterSpec ecSpec = new ECParameterSpec(curve, x9.getG(), x9.getN(), x9.getH());
-
-        g.initialize(ecSpec, new SecureRandom());
-
-        KeyPair kp = g.generateKeyPair();
-
-        req = new JcaPKCS10CertificationRequest(new JcaPKCS10CertificationRequestBuilder(
-               new X500Name("CN=XXX"), kp.getPublic()).build(new JcaContentSignerBuilder( "ECDSAWITHSHA1").setProvider(BC).build(kp.getPrivate())));
-        if (!req.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider(BC).build(req.getPublicKey())))
-        {
-            fail("Failed verify check EC.");
-        }
-        
-        createECRequest("SHA1withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA1);
-        createECRequest("SHA224withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224);
-        createECRequest("SHA256withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256);
-        createECRequest("SHA384withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384);
-        createECRequest("SHA512withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512);
-
-        createECRequest("SHA1withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA1, new ASN1ObjectIdentifier("1.3.132.0.34"));
-
-        createECGOSTRequest();
-
-        createPSSTest("SHA1withRSAandMGF1");
-        createPSSTest("SHA224withRSAandMGF1");
-        createPSSTest("SHA256withRSAandMGF1");
-        createPSSTest("SHA384withRSAandMGF1");
-
-        nullPointerTest();
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new PKCS10Test());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/test/SHA1DigestCalculator.java b/bcpkix/src/main/java/org/bouncycastle/cert/test/SHA1DigestCalculator.java
deleted file mode 100644
index 4e8e7c1..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/test/SHA1DigestCalculator.java
+++ /dev/null

@@ -1,44 +0,0 @@
-package org.bouncycastle.cert.test;
-
-import java.io.ByteArrayOutputStream;
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.operator.DigestCalculator;
-
-
-class SHA1DigestCalculator
-    implements DigestCalculator
-{
-    private ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-    public AlgorithmIdentifier getAlgorithmIdentifier()
-    {
-        return new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1);
-    }
-
-    public OutputStream getOutputStream()
-    {
-        return bOut;
-    }
-
-    public byte[] getDigest()
-    {
-        byte[] bytes = bOut.toByteArray();
-
-        bOut.reset();
-
-        Digest sha1 = new SHA1Digest();
-
-        sha1.update(bytes, 0, bytes.length);
-
-        byte[] digest = new byte[sha1.getDigestSize()];
-
-        sha1.doFinal(digest, 0);
-
-        return digest;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/test/SHA256DigestCalculator.java b/bcpkix/src/main/java/org/bouncycastle/cert/test/SHA256DigestCalculator.java
deleted file mode 100644
index 69dc235..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/test/SHA256DigestCalculator.java
+++ /dev/null

@@ -1,44 +0,0 @@
-package org.bouncycastle.cert.test;
-
-import java.io.ByteArrayOutputStream;
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.operator.DigestCalculator;
-
-
-class SHA256DigestCalculator
-    implements DigestCalculator
-{
-    private ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-    public AlgorithmIdentifier getAlgorithmIdentifier()
-    {
-        return new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256);
-    }
-
-    public OutputStream getOutputStream()
-    {
-        return bOut;
-    }
-
-    public byte[] getDigest()
-    {
-        byte[] bytes = bOut.toByteArray();
-
-        bOut.reset();
-
-        Digest sha256 = new SHA256Digest();
-
-        sha256.update(bytes, 0, bytes.length);
-
-        byte[] digest = new byte[sha256.getDigestSize()];
-
-        sha256.doFinal(digest, 0);
-
-        return digest;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cert/test/X509ExtensionUtilsTest.java b/bcpkix/src/main/java/org/bouncycastle/cert/test/X509ExtensionUtilsTest.java
deleted file mode 100644
index 2333846..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cert/test/X509ExtensionUtilsTest.java
+++ /dev/null

@@ -1,182 +0,0 @@
-package org.bouncycastle.cert.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.math.BigInteger;
-import java.security.KeyFactory;
-import java.security.PublicKey;
-import java.security.Security;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-import java.security.spec.X509EncodedKeySpec;
-
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.GeneralNames;
-import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.X509ExtensionUtils;
-import org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class X509ExtensionUtilsTest
-    extends SimpleTest
-{
-    private static byte[] pubKeyInfo = Base64.decode(
-        "MFgwCwYJKoZIhvcNAQEBA0kAMEYCQQC6wMMmHYMZszT/7bNFMn+gaZoiWJLVP8ODRuu1C2jeAe" +
-        "QpxM+5Oe7PaN2GNy3nBE4EOYkB5pMJWA0y9n04FX8NAgED");
-
-    private static byte[] shaID = Hex.decode("d8128a06d6c2feb0865994a2936e7b75b836a021");
-    private static byte[] shaTruncID = Hex.decode("436e7b75b836a021");
-
-    private static byte[] v0Cert = Base64.decode("MIIBuTCCASICAQEwDQYJKoZIhvcNAQEFBQAwJTEWMBQGA1UECgwNQm91bmN5IENhc3RsZTELMAkGA1UEBhMCQVUwHhcNMTUwNzIxMjIwNzI3WhcNMTUxMDI5MjIwNzI3WjAlMRYwFAYDVQQKDA1Cb3VuY3kgQ2FzdGxlMQswCQYDVQQGEwJBVTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA9MhYrfDoC69iS/56gdvuwOvXKMsx9dSBZnK9KOnCFtc3fTeVp+61CeExuKXafqz0ZK/5ps0D+RMCOcIZXtXZsdC3CwgVx3k/CHKgrnp51v8sbgFzRrGr68Mp9Dr01wdgxjDCGgToUiBybU8IhsUc2nmwn3+Y+ZoIOvyQDuh3hXUCAwEAATANBgkqhkiG9w0BAQUFAAOBgQDvpEa3KFe7b+y7/MPNloabj6lfwW4vdKk4bg9+yMHFsb62OB8/RP4sJ+XIB91cGYINgA4d511juc9t6t7kEp6GijqWwAUtQfbyhZIO8DsCl96y3RfUag1L7Q3pn0SfyW0NAI8O9eKG/Hl6WmxRlvx3zmKz1bU+VSlnZoYt+6qZyg==");
-    private static byte[] v3Cert = Base64.decode("MIICKzCCAZSgAwIBAgIBAjANBgkqhkiG9w0BAQUFADAlMRYwFAYDVQQKDA1Cb3VuY3kgQ2FzdGxlMQswCQYDVQQGEwJBVTAeFw0xNTA3MjEyMjA3MjdaFw0xNTEwMjkyMjA3MjdaMEMxDDAKBgNVBAMMA0JvYjEOMAwGA1UECwwFU2FsZXMxFjAUBgNVBAoMDUJvdW5jeSBDYXN0bGUxCzAJBgNVBAYTAkFVMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCHpUGlsn0Y+az7XGj3wq+om/kGNbdP+bKE6Du6x92Mq2SC8Fez5RdOkhJJqxk5U8O+Hj9dqoxBkpeqA5NA52agXNz4WlSDBii17U9PPoj7LPXlfXMujf18k/IY71M79/XRjj/xbqNEJQQAH+EHyFMVxFDaOHJ4huL3gq/C7v9tTQIDAQABo00wSzAdBgNVHQ4EFgQUxHM/5+X91RvdmNdbNFZ02Fug92wwHwYDVR0jBBgwFoAU8NRqCpfiTCDshX7mgx4L6KeXxJ0wCQYDVR0TBAIwADANBgkqhkiG9w0BAQUFAAOBgQCvqwjs+9IiWGlLmFc9b+ON7upBb8JCwVh5+Ks7F4waZ5gmLuUXZLEeMDvosSB6bPFgDWSIZsdxn/V4/hUMEJkvfRZJ5J/k1a7Yogi3XyFcE4k1p1W5ZQ+wm+CQwAWmOFdpJUCMsC1h2xJUu9agEPWowdc9P2+LL04ghFq9SnXsYg==");
-
-    public String getName()
-    {
-        return "X509ExtensionUtilsTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        basicTest();
-        jcaTest();
-    }
-
-    public void basicTest()
-        throws IOException
-    {
-        X509ExtensionUtils x509ExtensionUtils = new X509ExtensionUtils(new SHA1DigestCalculator());
-
-        SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(pubKeyInfo));
-
-        SubjectKeyIdentifier ski = x509ExtensionUtils.createSubjectKeyIdentifier(pubInfo);
-
-        if (!Arrays.areEqual(shaID, ski.getKeyIdentifier()))
-        {
-            fail("basic SHA-1 ID does not match");
-        }
-
-        ski = x509ExtensionUtils.createTruncatedSubjectKeyIdentifier(pubInfo);
-
-        if (!Arrays.areEqual(shaTruncID, ski.getKeyIdentifier()))
-        {
-            fail("basic truncated SHA-1 ID does not match");
-        }
-
-        AuthorityKeyIdentifier authKeyId = x509ExtensionUtils.createAuthorityKeyIdentifier(new X509CertificateHolder(v0Cert));
-        if (!authKeyId.getAuthorityCertIssuer().equals(new GeneralNames(new GeneralName(new X500Name("O=Bouncy Castle, C=AU")))))
-        {
-            fail("v0 issuer not matched");
-        }
-        if (!Arrays.areEqual(Hex.decode("f0d46a0a97e24c20ec857ee6831e0be8a797c49d"), authKeyId.getKeyIdentifier()))
-        {
-            fail("v0 keyID not matched");
-        }
-        if (!authKeyId.getAuthorityCertSerialNumber().equals(BigInteger.valueOf(1)))
-        {
-            fail("v0 serial not matched");
-        }
-
-        authKeyId = x509ExtensionUtils.createAuthorityKeyIdentifier(new X509CertificateHolder(v3Cert));
-        if (!authKeyId.getAuthorityCertIssuer().equals(new GeneralNames(new GeneralName(new X500Name("O=Bouncy Castle, C=AU")))))
-        {
-            fail("v3 issuer not matched");
-        }
-        if (!Arrays.areEqual(Hex.decode("c4733fe7e5fdd51bdd98d75b345674d85ba0f76c"), authKeyId.getKeyIdentifier()))
-        {
-            fail("v3 keyID not matched");
-        }
-        if (!authKeyId.getAuthorityCertSerialNumber().equals(BigInteger.valueOf(2)))
-        {
-            fail("v3 serial not matched");
-        }
-    }
-
-    public void jcaTest()
-        throws Exception
-    {
-        JcaX509ExtensionUtils x509ExtensionUtils = new JcaX509ExtensionUtils();
-
-        PublicKey key = KeyFactory.getInstance("RSA", "BC").generatePublic(new X509EncodedKeySpec(pubKeyInfo));
-
-        SubjectKeyIdentifier ski = x509ExtensionUtils.createSubjectKeyIdentifier(key);
-
-        if (!Arrays.areEqual(shaID, ski.getKeyIdentifier()))
-        {
-            fail("jca SHA-1 ID does not match");
-        }
-
-        ski = x509ExtensionUtils.createTruncatedSubjectKeyIdentifier(key);
-
-        if (!Arrays.areEqual(shaTruncID, ski.getKeyIdentifier()))
-        {
-            fail("jca truncated SHA-1 ID does not match");
-        }
-
-        CertificateFactory cFact = CertificateFactory.getInstance("X.509", "BC");
-
-        X509Certificate v0certificate = (X509Certificate)cFact.generateCertificate(new ByteArrayInputStream(v0Cert));
-        X509Certificate v3certificate = (X509Certificate)cFact.generateCertificate(new ByteArrayInputStream(v3Cert));
-
-        AuthorityKeyIdentifier authKeyId = x509ExtensionUtils.createAuthorityKeyIdentifier(v0certificate);
-        if (!authKeyId.getAuthorityCertIssuer().equals(new GeneralNames(new GeneralName(new X500Name("O=Bouncy Castle, C=AU")))))
-        {
-            fail("v0 issuer not matched");
-        }
-        if (!Arrays.areEqual(Hex.decode("f0d46a0a97e24c20ec857ee6831e0be8a797c49d"), authKeyId.getKeyIdentifier()))
-        {
-            fail("v0 keyID not matched");
-        }
-        if (!authKeyId.getAuthorityCertSerialNumber().equals(BigInteger.valueOf(1)))
-        {
-            fail("v0 serial not matched");
-        }
-
-        authKeyId = x509ExtensionUtils.createAuthorityKeyIdentifier(v3certificate);
-        if (!authKeyId.getAuthorityCertIssuer().equals(new GeneralNames(new GeneralName(new X500Name("O=Bouncy Castle, C=AU")))))
-        {
-            fail("v3 issuer not matched");
-        }
-        if (!Arrays.areEqual(Hex.decode("c4733fe7e5fdd51bdd98d75b345674d85ba0f76c"), authKeyId.getKeyIdentifier()))
-        {
-            fail("v3 keyID not matched");
-        }
-        if (!authKeyId.getAuthorityCertSerialNumber().equals(BigInteger.valueOf(2)))
-        {
-            fail("v3 serial not matched");
-        }
-
-        // simulate the JCA X509Certificate.getExtension() method.
-        authKeyId = AuthorityKeyIdentifier.getInstance(JcaX509ExtensionUtils.parseExtensionValue(new DEROctetString(authKeyId).getEncoded()));
-        if (!authKeyId.getAuthorityCertIssuer().equals(new GeneralNames(new GeneralName(new X500Name("O=Bouncy Castle, C=AU")))))
-        {
-            fail("v3 issuer not matched");
-        }
-        if (!Arrays.areEqual(Hex.decode("c4733fe7e5fdd51bdd98d75b345674d85ba0f76c"), authKeyId.getKeyIdentifier()))
-        {
-            fail("v3 keyID not matched");
-        }
-        if (!authKeyId.getAuthorityCertSerialNumber().equals(BigInteger.valueOf(2)))
-        {
-            fail("v3 serial not matched");
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new X509ExtensionUtilsTest());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/AuthAttributesProvider.java b/bcpkix/src/main/java/org/bouncycastle/cms/AuthAttributesProvider.java
deleted file mode 100644
index a17325b..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/AuthAttributesProvider.java
+++ /dev/null

@@ -1,8 +0,0 @@
-package org.bouncycastle.cms;
-
-import org.bouncycastle.asn1.ASN1Set;
-
-interface AuthAttributesProvider
-{
-    ASN1Set getAuthAttributes();
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSAlgorithm.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSAlgorithm.java
deleted file mode 100644
index bb251f6..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSAlgorithm.java
+++ /dev/null

@@ -1,98 +0,0 @@
-package org.bouncycastle.cms;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.kisa.KISAObjectIdentifiers;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.asn1.sec.SECObjectIdentifiers;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-
-public class CMSAlgorithm
-{
-    public static final ASN1ObjectIdentifier  DES_CBC         = OIWObjectIdentifiers.desCBC.intern();
-    public static final ASN1ObjectIdentifier  DES_EDE3_CBC    = PKCSObjectIdentifiers.des_EDE3_CBC.intern();
-    public static final ASN1ObjectIdentifier  RC2_CBC         = PKCSObjectIdentifiers.RC2_CBC.intern();
-    public static final ASN1ObjectIdentifier  IDEA_CBC        = new ASN1ObjectIdentifier("1.3.6.1.4.1.188.7.1.1.2").intern();
-    public static final ASN1ObjectIdentifier  CAST5_CBC       = new ASN1ObjectIdentifier("1.2.840.113533.7.66.10").intern();
-
-    public static final ASN1ObjectIdentifier  AES128_CBC      = NISTObjectIdentifiers.id_aes128_CBC.intern();
-    public static final ASN1ObjectIdentifier  AES192_CBC      = NISTObjectIdentifiers.id_aes192_CBC.intern();
-    public static final ASN1ObjectIdentifier  AES256_CBC      = NISTObjectIdentifiers.id_aes256_CBC.intern();
-    public static final ASN1ObjectIdentifier  AES128_CCM      = NISTObjectIdentifiers.id_aes128_CCM.intern();
-    public static final ASN1ObjectIdentifier  AES192_CCM      = NISTObjectIdentifiers.id_aes192_CCM.intern();
-    public static final ASN1ObjectIdentifier  AES256_CCM      = NISTObjectIdentifiers.id_aes256_CCM.intern();
-    public static final ASN1ObjectIdentifier  AES128_GCM      = NISTObjectIdentifiers.id_aes128_GCM.intern();
-    public static final ASN1ObjectIdentifier  AES192_GCM      = NISTObjectIdentifiers.id_aes192_GCM.intern();
-    public static final ASN1ObjectIdentifier  AES256_GCM      = NISTObjectIdentifiers.id_aes256_GCM.intern();
-
-//	public static final ASN1ObjectIdentifier  AES128_CBC_CMAC      = BSIObjectIdentifiers.id_aes128_CBC_CMAC;
-//	public static final ASN1ObjectIdentifier  AES192_CBC_CMAC      = BSIObjectIdentifiers.id_aes192_CBC_CMAC;
-//	public static final ASN1ObjectIdentifier  AES256_CBC_CMAC      = BSIObjectIdentifiers.id_aes256_CBC_CMAC;
-
-    public static final ASN1ObjectIdentifier  CAMELLIA128_CBC = NTTObjectIdentifiers.id_camellia128_cbc.intern();
-    public static final ASN1ObjectIdentifier  CAMELLIA192_CBC = NTTObjectIdentifiers.id_camellia192_cbc.intern();
-    public static final ASN1ObjectIdentifier  CAMELLIA256_CBC = NTTObjectIdentifiers.id_camellia256_cbc.intern();
-    public static final ASN1ObjectIdentifier  GOST28147_GCFB  = CryptoProObjectIdentifiers.gostR28147_gcfb.intern();
-    public static final ASN1ObjectIdentifier  SEED_CBC        = KISAObjectIdentifiers.id_seedCBC.intern();
-
-    public static final ASN1ObjectIdentifier  DES_EDE3_WRAP   = PKCSObjectIdentifiers.id_alg_CMS3DESwrap.intern();
-    public static final ASN1ObjectIdentifier  AES128_WRAP     = NISTObjectIdentifiers.id_aes128_wrap.intern();
-    public static final ASN1ObjectIdentifier  AES192_WRAP     = NISTObjectIdentifiers.id_aes192_wrap.intern();
-    public static final ASN1ObjectIdentifier  AES256_WRAP     = NISTObjectIdentifiers.id_aes256_wrap.intern();
-    public static final ASN1ObjectIdentifier  CAMELLIA128_WRAP = NTTObjectIdentifiers.id_camellia128_wrap.intern();
-    public static final ASN1ObjectIdentifier  CAMELLIA192_WRAP = NTTObjectIdentifiers.id_camellia192_wrap.intern();
-    public static final ASN1ObjectIdentifier  CAMELLIA256_WRAP = NTTObjectIdentifiers.id_camellia256_wrap.intern();
-    public static final ASN1ObjectIdentifier  SEED_WRAP       = KISAObjectIdentifiers.id_npki_app_cmsSeed_wrap.intern();
-
-    public static final ASN1ObjectIdentifier  GOST28147_WRAP  = CryptoProObjectIdentifiers.id_Gost28147_89_None_KeyWrap.intern();
-    public static final ASN1ObjectIdentifier  GOST28147_CRYPTOPRO_WRAP  = CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_KeyWrap.intern();
-
-    public static final ASN1ObjectIdentifier  ECDH_SHA1KDF    = X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme.intern();
-    public static final ASN1ObjectIdentifier  ECCDH_SHA1KDF    = X9ObjectIdentifiers.dhSinglePass_cofactorDH_sha1kdf_scheme.intern();
-    public static final ASN1ObjectIdentifier  ECMQV_SHA1KDF   = X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme.intern();
-
-    public static final ASN1ObjectIdentifier  ECDH_SHA224KDF    = SECObjectIdentifiers.dhSinglePass_stdDH_sha224kdf_scheme.intern();
-    public static final ASN1ObjectIdentifier  ECCDH_SHA224KDF    = SECObjectIdentifiers.dhSinglePass_cofactorDH_sha224kdf_scheme.intern();
-    public static final ASN1ObjectIdentifier  ECMQV_SHA224KDF   = SECObjectIdentifiers.mqvSinglePass_sha224kdf_scheme.intern();
-
-    public static final ASN1ObjectIdentifier  ECDH_SHA256KDF    = SECObjectIdentifiers.dhSinglePass_stdDH_sha256kdf_scheme.intern();
-    public static final ASN1ObjectIdentifier  ECCDH_SHA256KDF    = SECObjectIdentifiers.dhSinglePass_cofactorDH_sha256kdf_scheme.intern();
-    public static final ASN1ObjectIdentifier  ECMQV_SHA256KDF   = SECObjectIdentifiers.mqvSinglePass_sha256kdf_scheme.intern();
-
-    public static final ASN1ObjectIdentifier  ECDH_SHA384KDF    = SECObjectIdentifiers.dhSinglePass_stdDH_sha384kdf_scheme.intern();
-    public static final ASN1ObjectIdentifier  ECCDH_SHA384KDF    = SECObjectIdentifiers.dhSinglePass_cofactorDH_sha384kdf_scheme.intern();
-    public static final ASN1ObjectIdentifier  ECMQV_SHA384KDF   = SECObjectIdentifiers.mqvSinglePass_sha384kdf_scheme.intern();
-
-    public static final ASN1ObjectIdentifier  ECDH_SHA512KDF    = SECObjectIdentifiers.dhSinglePass_stdDH_sha512kdf_scheme.intern();
-    public static final ASN1ObjectIdentifier  ECCDH_SHA512KDF    = SECObjectIdentifiers.dhSinglePass_cofactorDH_sha512kdf_scheme.intern();
-    public static final ASN1ObjectIdentifier  ECMQV_SHA512KDF   = SECObjectIdentifiers.mqvSinglePass_sha512kdf_scheme.intern();
-
-    public static final ASN1ObjectIdentifier  ECDHGOST3410_2001    = CryptoProObjectIdentifiers.gostR3410_2001.intern();
-    public static final ASN1ObjectIdentifier  ECDHGOST3410_2012_256 = RosstandartObjectIdentifiers.id_tc26_agreement_gost_3410_12_256.intern();
-    public static final ASN1ObjectIdentifier  ECDHGOST3410_2012_512 = RosstandartObjectIdentifiers.id_tc26_agreement_gost_3410_12_512.intern();
-
-	public static final ASN1ObjectIdentifier  ECKA_EG_X963KDF  = BSIObjectIdentifiers.ecka_eg_X963kdf;
-	public static final ASN1ObjectIdentifier  ECKA_EG_X963KDF_SHA256  = BSIObjectIdentifiers.ecka_eg_X963kdf_SHA256;
-	public static final ASN1ObjectIdentifier  ECKA_EG_X963KDF_SHA384  = BSIObjectIdentifiers.ecka_eg_X963kdf_SHA384;
-	public static final ASN1ObjectIdentifier  ECKA_EG_X963KDF_SHA512  = BSIObjectIdentifiers.ecka_eg_X963kdf_SHA512;
-
-    public static final ASN1ObjectIdentifier  SHA1 = OIWObjectIdentifiers.idSHA1.intern();
-    public static final ASN1ObjectIdentifier  SHA224 = NISTObjectIdentifiers.id_sha224.intern();
-    public static final ASN1ObjectIdentifier  SHA256 = NISTObjectIdentifiers.id_sha256.intern();
-    public static final ASN1ObjectIdentifier  SHA384 = NISTObjectIdentifiers.id_sha384.intern();
-    public static final ASN1ObjectIdentifier  SHA512 = NISTObjectIdentifiers.id_sha512.intern();
-    public static final ASN1ObjectIdentifier  MD5 = PKCSObjectIdentifiers.md5.intern();
-    public static final ASN1ObjectIdentifier  GOST3411 = CryptoProObjectIdentifiers.gostR3411.intern();
-    public static final ASN1ObjectIdentifier  GOST3411_2012_256 = RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256.intern();
-    public static final ASN1ObjectIdentifier  GOST3411_2012_512 = RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512.intern();
-    public static final ASN1ObjectIdentifier  RIPEMD128 = TeleTrusTObjectIdentifiers.ripemd128.intern();
-    public static final ASN1ObjectIdentifier  RIPEMD160 = TeleTrusTObjectIdentifiers.ripemd160.intern();
-    public static final ASN1ObjectIdentifier  RIPEMD256 = TeleTrusTObjectIdentifiers.ripemd256.intern();
-
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSAuthEnvelopedData.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSAuthEnvelopedData.java
deleted file mode 100644
index 010e12c..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSAuthEnvelopedData.java
+++ /dev/null

@@ -1,78 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.cms.AuthEnvelopedData;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.cms.EncryptedContentInfo;
-import org.bouncycastle.asn1.cms.OriginatorInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * containing class for an CMS AuthEnveloped Data object
- */
-class CMSAuthEnvelopedData
-{
-    RecipientInformationStore recipientInfoStore;
-    ContentInfo contentInfo;
-
-    private OriginatorInfo      originator;
-    private AlgorithmIdentifier authEncAlg;
-    private ASN1Set             authAttrs;
-    private byte[]              mac;
-    private ASN1Set             unauthAttrs;
-
-    public CMSAuthEnvelopedData(byte[] authEnvData) throws CMSException
-    {
-        this(CMSUtils.readContentInfo(authEnvData));
-    }
-
-    public CMSAuthEnvelopedData(InputStream authEnvData) throws CMSException
-    {
-        this(CMSUtils.readContentInfo(authEnvData));
-    }
-
-    public CMSAuthEnvelopedData(ContentInfo contentInfo) throws CMSException
-    {
-        this.contentInfo = contentInfo;
-
-        AuthEnvelopedData authEnvData = AuthEnvelopedData.getInstance(contentInfo.getContent());
-
-        this.originator = authEnvData.getOriginatorInfo();
-
-        //
-        // read the recipients
-        //
-        ASN1Set recipientInfos = authEnvData.getRecipientInfos();
-
-        //
-        // read the auth-encrypted content info
-        //
-        EncryptedContentInfo authEncInfo = authEnvData.getAuthEncryptedContentInfo();
-        this.authEncAlg = authEncInfo.getContentEncryptionAlgorithm();
-//        final CMSProcessable processable = new CMSProcessableByteArray(
-//            authEncInfo.getEncryptedContent().getOctets());
-        CMSSecureReadable secureReadable = new CMSSecureReadable()
-        {
-
-            public InputStream getInputStream()
-                throws IOException, CMSException
-            {
-                return null;
-            }
-        };
-
-        //
-        // build the RecipientInformationStore
-        //
-        this.recipientInfoStore = CMSEnvelopedHelper.buildRecipientInformationStore(
-            recipientInfos, this.authEncAlg, secureReadable);
-
-        // FIXME These need to be passed to the AEAD cipher as AAD (Additional Authenticated Data)
-        this.authAttrs = authEnvData.getAuthAttrs();
-        this.mac = authEnvData.getMac().getOctets();
-        this.unauthAttrs = authEnvData.getUnauthAttrs();
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSAuthEnvelopedGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSAuthEnvelopedGenerator.java
deleted file mode 100644
index 9065857..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSAuthEnvelopedGenerator.java
+++ /dev/null

@@ -1,13 +0,0 @@
-package org.bouncycastle.cms;
-
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-
-class CMSAuthEnvelopedGenerator
-{
-    public static final String AES128_CCM = NISTObjectIdentifiers.id_aes128_CCM.getId();
-    public static final String AES192_CCM = NISTObjectIdentifiers.id_aes192_CCM.getId();
-    public static final String AES256_CCM = NISTObjectIdentifiers.id_aes256_CCM.getId();
-    public static final String AES128_GCM = NISTObjectIdentifiers.id_aes128_GCM.getId();
-    public static final String AES192_GCM = NISTObjectIdentifiers.id_aes192_GCM.getId();
-    public static final String AES256_GCM = NISTObjectIdentifiers.id_aes256_GCM.getId();
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSAuthenticatedData.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSAuthenticatedData.java
deleted file mode 100644
index 2476050..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSAuthenticatedData.java
+++ /dev/null

@@ -1,301 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.cms.Attribute;
-import org.bouncycastle.asn1.cms.AttributeTable;
-import org.bouncycastle.asn1.cms.AuthenticatedData;
-import org.bouncycastle.asn1.cms.CMSAlgorithmProtection;
-import org.bouncycastle.asn1.cms.CMSAttributes;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Encodable;
-
-/**
- * containing class for an CMS Authenticated Data object
- */
-public class CMSAuthenticatedData
-    implements Encodable
-{
-    RecipientInformationStore   recipientInfoStore;
-    ContentInfo                 contentInfo;
-
-    private AlgorithmIdentifier macAlg;
-    private ASN1Set authAttrs;
-    private ASN1Set unauthAttrs;
-    private byte[] mac;
-    private OriginatorInformation originatorInfo;
-
-    public CMSAuthenticatedData(
-        byte[]    authData)
-        throws CMSException
-    {
-        this(CMSUtils.readContentInfo(authData));
-    }
-
-    public CMSAuthenticatedData(
-        byte[]    authData,
-        DigestCalculatorProvider digestCalculatorProvider)
-        throws CMSException
-    {
-        this(CMSUtils.readContentInfo(authData), digestCalculatorProvider);
-    }
-
-    public CMSAuthenticatedData(
-        InputStream    authData)
-        throws CMSException
-    {
-        this(CMSUtils.readContentInfo(authData));
-    }
-
-    public CMSAuthenticatedData(
-        InputStream    authData,
-        DigestCalculatorProvider digestCalculatorProvider)
-        throws CMSException
-    {
-        this(CMSUtils.readContentInfo(authData), digestCalculatorProvider);
-    }
-
-    public CMSAuthenticatedData(
-        ContentInfo contentInfo)
-        throws CMSException
-    {
-        this(contentInfo, null);
-    }
-
-    public CMSAuthenticatedData(
-        ContentInfo contentInfo,
-        DigestCalculatorProvider digestCalculatorProvider)
-        throws CMSException
-    {
-        this.contentInfo = contentInfo;
-
-        AuthenticatedData authData = AuthenticatedData.getInstance(contentInfo.getContent());
-
-        if (authData.getOriginatorInfo() != null)
-        {
-            this.originatorInfo = new OriginatorInformation(authData.getOriginatorInfo());
-        }
-
-        //
-        // read the recipients
-        //
-        ASN1Set recipientInfos = authData.getRecipientInfos();
-
-        this.macAlg = authData.getMacAlgorithm();
-
-        this.authAttrs = authData.getAuthAttrs();
-        this.mac = authData.getMac().getOctets();
-        this.unauthAttrs = authData.getUnauthAttrs();
-
-        //
-        // read the authenticated content info
-        //
-        ContentInfo encInfo = authData.getEncapsulatedContentInfo();
-        CMSReadable readable = new CMSProcessableByteArray(
-            ASN1OctetString.getInstance(encInfo.getContent()).getOctets());
-
-        //
-        // build the RecipientInformationStore
-        //
-        if (authAttrs != null)
-        {
-            if (digestCalculatorProvider == null)
-            {
-                throw new CMSException("a digest calculator provider is required if authenticated attributes are present");
-            }
-
-            AttributeTable table = new AttributeTable(authAttrs);
-
-            ASN1EncodableVector protectionAttributes = table.getAll(CMSAttributes.cmsAlgorithmProtect);
-            if (protectionAttributes.size() > 1)
-            {
-                throw new CMSException("Only one instance of a cmsAlgorithmProtect attribute can be present");
-            }
-
-            if (protectionAttributes.size() > 0)
-            {
-                Attribute attr = Attribute.getInstance(protectionAttributes.get(0));
-                if (attr.getAttrValues().size() != 1)
-                {
-                    throw new CMSException("A cmsAlgorithmProtect attribute MUST contain exactly one value");
-                }
-
-                CMSAlgorithmProtection algorithmProtection = CMSAlgorithmProtection.getInstance(attr.getAttributeValues()[0]);
-
-                if (!CMSUtils.isEquivalent(algorithmProtection.getDigestAlgorithm(), authData.getDigestAlgorithm()))
-                {
-                    throw new CMSException("CMS Algorithm Identifier Protection check failed for digestAlgorithm");
-                }
-
-                if (!CMSUtils.isEquivalent(algorithmProtection.getMacAlgorithm(), macAlg))
-                {
-                    throw new CMSException("CMS Algorithm Identifier Protection check failed for macAlgorithm");
-                }
-            }
-            try
-            {
-                CMSSecureReadable secureReadable = new CMSEnvelopedHelper.CMSDigestAuthenticatedSecureReadable(digestCalculatorProvider.get(authData.getDigestAlgorithm()), readable);
-
-                this.recipientInfoStore = CMSEnvelopedHelper.buildRecipientInformationStore(recipientInfos, this.macAlg, secureReadable, new AuthAttributesProvider()
-                {
-                    public ASN1Set getAuthAttributes()
-                    {
-                        return authAttrs;
-                    }
-                });
-            }
-            catch (OperatorCreationException e)
-            {
-                throw new CMSException("unable to create digest calculator: " + e.getMessage(), e);
-            }
-        }
-        else
-        {
-            CMSSecureReadable secureReadable = new CMSEnvelopedHelper.CMSAuthenticatedSecureReadable(this.macAlg, readable);
-
-            this.recipientInfoStore = CMSEnvelopedHelper.buildRecipientInformationStore(recipientInfos, this.macAlg, secureReadable);
-        }
-    }
-
-    /**
-     * Return the originator information associated with this message if present.
-     *
-     * @return OriginatorInformation, null if not present.
-     */
-    public OriginatorInformation getOriginatorInfo()
-    {
-        return originatorInfo;
-    }
-
-    public byte[] getMac()
-    {
-        return Arrays.clone(mac);
-    }
-
-    private byte[] encodeObj(
-        ASN1Encodable obj)
-        throws IOException
-    {
-        if (obj != null)
-        {
-            return obj.toASN1Primitive().getEncoded();
-        }
-
-        return null;
-    }
-
-    /**
-     * Return the MAC algorithm details for the MAC associated with the data in this object.
-     *
-     * @return AlgorithmIdentifier representing the MAC algorithm.
-     */
-    public AlgorithmIdentifier getMacAlgorithm()
-    {
-        return macAlg;
-    }
-
-    /**
-     * return the object identifier for the content MAC algorithm.
-     */
-    public String getMacAlgOID()
-    {
-        return macAlg.getAlgorithm().getId();
-    }
-
-    /**
-     * return the ASN.1 encoded MAC algorithm parameters, or null if
-     * there aren't any.
-     */
-    public byte[] getMacAlgParams()
-    {
-        try
-        {
-            return encodeObj(macAlg.getParameters());
-        }
-        catch (Exception e)
-        {
-            throw new RuntimeException("exception getting encryption parameters " + e);
-        }
-    }
-
-    /**
-     * return a store of the intended recipients for this message
-     */
-    public RecipientInformationStore getRecipientInfos()
-    {
-        return recipientInfoStore;
-    }
-
-    /**
-     * return the ContentInfo
-     * @deprecated use toASN1Structure()
-     */
-    public ContentInfo getContentInfo()
-    {
-        return contentInfo;
-    }
-
-    /**
-     * return the ContentInfo
-     */
-    public ContentInfo toASN1Structure()
-    {
-        return contentInfo;
-    }
-
-    /**
-     * return a table of the digested attributes indexed by
-     * the OID of the attribute.
-     */
-    public AttributeTable getAuthAttrs()
-    {
-        if (authAttrs == null)
-        {
-            return null;
-        }
-
-        return new AttributeTable(authAttrs);
-    }
-
-    /**
-     * return a table of the undigested attributes indexed by
-     * the OID of the attribute.
-     */
-    public AttributeTable getUnauthAttrs()
-    {
-        if (unauthAttrs == null)
-        {
-            return null;
-        }
-
-        return new AttributeTable(unauthAttrs);
-    }
-
-    /**
-     * return the ASN.1 encoded representation of this object.
-     */
-    public byte[] getEncoded()
-        throws IOException
-    {
-        return contentInfo.getEncoded();
-    }
-
-    public byte[] getContentDigest()
-    {
-        if (authAttrs != null)
-        {
-            return ASN1OctetString.getInstance(getAuthAttrs().get(CMSAttributes.messageDigest).getAttrValues().getObjectAt(0)).getOctets();
-        }
-
-        return null;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSAuthenticatedDataGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSAuthenticatedDataGenerator.java
deleted file mode 100644
index 44dd8d3..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSAuthenticatedDataGenerator.java
+++ /dev/null

@@ -1,181 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.Map;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.BEROctetString;
-import org.bouncycastle.asn1.BERSet;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.cms.AuthenticatedData;
-import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.operator.DigestCalculator;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-import org.bouncycastle.operator.MacCalculator;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.util.io.TeeOutputStream;
-
-/**
- * General class for generating a CMS authenticated-data message.
- *
- * A simple example of usage.
- *
- * <pre>
- *      CMSAuthenticatedDataGenerator  fact = new CMSAuthenticatedDataGenerator();
- *
- *      adGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(recipientCert).setProvider("BC"));
- *
- *      CMSAuthenticatedData         data = fact.generate(new CMSProcessableByteArray(data),
- *                              new JceCMSMacCalculatorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(BC).build()));
- * </pre>
- */
-public class CMSAuthenticatedDataGenerator
-    extends CMSAuthenticatedGenerator
-{
-    /**
-     * base constructor
-     */
-    public CMSAuthenticatedDataGenerator()
-    {
-    }
-
-    /**
-     * Generate an authenticated data object from the passed in typedData and MacCalculator.
-     *
-     * @param typedData the data to have a MAC attached.
-     * @param macCalculator the calculator of the MAC to be attached.
-     * @return the resulting CMSAuthenticatedData object.
-     * @throws CMSException on failure in encoding data or processing recipients.
-     */
-    public CMSAuthenticatedData generate(CMSTypedData typedData, MacCalculator macCalculator)
-        throws CMSException
-    {
-        return generate(typedData, macCalculator, null);
-    }
-
-    /**
-     * Generate an authenticated data object from the passed in typedData and MacCalculator.
-     *
-     * @param typedData the data to have a MAC attached.
-     * @param macCalculator the calculator of the MAC to be attached.
-     * @param digestCalculator calculator for computing digest of the encapsulated data.
-     * @return the resulting CMSAuthenticatedData object.
-     * @throws CMSException on failure in encoding data or processing recipients.    
-     */
-    public CMSAuthenticatedData generate(CMSTypedData typedData, MacCalculator macCalculator, final DigestCalculator digestCalculator)
-        throws CMSException
-    {
-        ASN1EncodableVector     recipientInfos = new ASN1EncodableVector();
-        ASN1OctetString         encContent;
-        ASN1OctetString         macResult;
-
-        for (Iterator it = recipientInfoGenerators.iterator(); it.hasNext();)
-        {
-            RecipientInfoGenerator recipient = (RecipientInfoGenerator)it.next();
-
-            recipientInfos.add(recipient.generate(macCalculator.getKey()));
-        }
-
-        AuthenticatedData authData;
-
-        if (digestCalculator != null)
-        {
-            try
-            {
-                ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-                OutputStream out = new TeeOutputStream(digestCalculator.getOutputStream(), bOut);
-
-                typedData.write(out);
-
-                out.close();
-
-                encContent = new BEROctetString(bOut.toByteArray());
-            }
-            catch (IOException e)
-            {
-                throw new CMSException("unable to perform digest calculation: " + e.getMessage(), e);
-            }
-
-            Map parameters = getBaseParameters(typedData.getContentType(), digestCalculator.getAlgorithmIdentifier(), macCalculator.getAlgorithmIdentifier(), digestCalculator.getDigest());
-
-            if (authGen == null)
-            {
-                authGen = new DefaultAuthenticatedAttributeTableGenerator();
-            }
-            ASN1Set authed = new DERSet(authGen.getAttributes(Collections.unmodifiableMap(parameters)).toASN1EncodableVector());
-
-            try
-            {
-                OutputStream mOut = macCalculator.getOutputStream();
-
-                mOut.write(authed.getEncoded(ASN1Encoding.DER));
-
-                mOut.close();
-
-                macResult = new DEROctetString(macCalculator.getMac());
-            }
-            catch (IOException e)
-            {
-                throw new CMSException("exception decoding algorithm parameters.", e);
-            }
-            ASN1Set unauthed = (unauthGen != null) ? new BERSet(unauthGen.getAttributes(Collections.unmodifiableMap(parameters)).toASN1EncodableVector()) : null;
-
-            ContentInfo  eci = new ContentInfo(
-                            CMSObjectIdentifiers.data,
-                            encContent);
-
-            authData = new AuthenticatedData(originatorInfo, new DERSet(recipientInfos), macCalculator.getAlgorithmIdentifier(), digestCalculator.getAlgorithmIdentifier(), eci, authed, macResult, unauthed);
-        }
-        else
-        {
-            try
-            {
-                ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
-                OutputStream mOut = new TeeOutputStream(bOut, macCalculator.getOutputStream());
-
-                typedData.write(mOut);
-
-                mOut.close();
-
-                encContent = new BEROctetString(bOut.toByteArray());
-
-                macResult = new DEROctetString(macCalculator.getMac());
-            }
-            catch (IOException e)
-            {
-                throw new CMSException("exception decoding algorithm parameters.", e);
-            }
-
-            ASN1Set unauthed = (unauthGen != null) ? new BERSet(unauthGen.getAttributes(new HashMap()).toASN1EncodableVector()) : null;
-
-            ContentInfo  eci = new ContentInfo(
-                            CMSObjectIdentifiers.data,
-                            encContent);
-
-            authData = new AuthenticatedData(originatorInfo, new DERSet(recipientInfos), macCalculator.getAlgorithmIdentifier(), null, eci, null, macResult, unauthed);
-        }
-
-        ContentInfo contentInfo = new ContentInfo(
-                CMSObjectIdentifiers.authenticatedData, authData);
-
-        return new CMSAuthenticatedData(contentInfo, new DigestCalculatorProvider()
-        {
-            public DigestCalculator get(AlgorithmIdentifier digestAlgorithmIdentifier)
-                throws OperatorCreationException
-            {
-                return digestCalculator;
-            }
-        });
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSAuthenticatedDataParser.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSAuthenticatedDataParser.java
deleted file mode 100644
index 11c90c6..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSAuthenticatedDataParser.java
+++ /dev/null

@@ -1,348 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1OctetStringParser;
-import org.bouncycastle.asn1.ASN1SequenceParser;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.ASN1SetParser;
-import org.bouncycastle.asn1.BERTags;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.cms.AttributeTable;
-import org.bouncycastle.asn1.cms.AuthenticatedDataParser;
-import org.bouncycastle.asn1.cms.CMSAttributes;
-import org.bouncycastle.asn1.cms.ContentInfoParser;
-import org.bouncycastle.asn1.cms.OriginatorInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Parsing class for an CMS Authenticated Data object from an input stream.
- * <p>
- * Note: that because we are in a streaming mode only one recipient can be tried and it is important
- * that the methods on the parser are called in the appropriate order.
- * </p>
- * <p>
- * Example of use - assuming the first recipient matches the private key we have.
- * <pre>
- *      CMSAuthenticatedDataParser     ad = new CMSAuthenticatedDataParser(inputStream);
- *
- *      RecipientInformationStore  recipients = ad.getRecipientInfos();
- *
- *      Collection  c = recipients.getRecipients();
- *      Iterator    it = c.iterator();
- *
- *      if (it.hasNext())
- *      {
- *          RecipientInformation   recipient = (RecipientInformation)it.next();
- *
- *          CMSTypedStream recData = recipient.getContentStream(new JceKeyTransAuthenticatedRecipient(privateKey).setProvider("BC"));
- *
- *          processDataStream(recData.getContentStream());
- *
- *          if (!Arrays.equals(ad.getMac(), recipient.getMac())
- *          {
- *              System.err.println("Data corrupted!!!!");
- *          }
- *      }
- *  </pre>
- *  Note: this class does not introduce buffering - if you are processing large files you should create
- *  the parser with:
- *  <pre>
- *          CMSAuthenticatedDataParser     ep = new CMSAuthenticatedDataParser(new BufferedInputStream(inputStream, bufSize));
- *  </pre>
- *  where bufSize is a suitably large buffer size.
- */
-public class CMSAuthenticatedDataParser
-    extends CMSContentInfoParser
-{
-    RecipientInformationStore recipientInfoStore;
-    AuthenticatedDataParser authData;
-
-    private AlgorithmIdentifier macAlg;
-    private byte[] mac;
-    private AttributeTable authAttrs;
-    private ASN1Set authAttrSet;
-    private AttributeTable unauthAttrs;
-
-    private boolean authAttrNotRead;
-    private boolean unauthAttrNotRead;
-    private OriginatorInformation originatorInfo;
-
-    public CMSAuthenticatedDataParser(
-        byte[] envelopedData)
-        throws CMSException, IOException
-    {
-        this(new ByteArrayInputStream(envelopedData));
-    }
-
-    public CMSAuthenticatedDataParser(
-        byte[] envelopedData,
-        DigestCalculatorProvider digestCalculatorProvider)
-        throws CMSException, IOException
-    {
-        this(new ByteArrayInputStream(envelopedData), digestCalculatorProvider);
-    }
-
-    public CMSAuthenticatedDataParser(
-        InputStream envelopedData)
-        throws CMSException, IOException
-    {
-        this(envelopedData, null);
-    }
-
-    public CMSAuthenticatedDataParser(
-        InputStream envelopedData,
-        DigestCalculatorProvider digestCalculatorProvider)
-        throws CMSException, IOException
-    {
-        super(envelopedData);
-
-        this.authAttrNotRead = true;
-        this.authData = new AuthenticatedDataParser((ASN1SequenceParser)_contentInfo.getContent(BERTags.SEQUENCE));
-
-        // TODO Validate version?
-        //ASN1Integer version = this.authData.getVersion();
-
-        OriginatorInfo info = authData.getOriginatorInfo();
-
-        if (info != null)
-        {
-            this.originatorInfo = new OriginatorInformation(info);
-        }
-        //
-        // read the recipients
-        //
-        ASN1Set recipientInfos = ASN1Set.getInstance(authData.getRecipientInfos().toASN1Primitive());
-
-        this.macAlg = authData.getMacAlgorithm();
-
-        //
-        // build the RecipientInformationStore
-        //
-        AlgorithmIdentifier digestAlgorithm = authData.getDigestAlgorithm();
-
-        if (digestAlgorithm != null)
-        {
-            if (digestCalculatorProvider == null)
-            {
-                throw new CMSException("a digest calculator provider is required if authenticated attributes are present");
-            }
-
-            //
-            // read the authenticated content info
-            //
-            ContentInfoParser data = authData.getEncapsulatedContentInfo();
-            CMSReadable readable = new CMSProcessableInputStream(
-                ((ASN1OctetStringParser)data.getContent(BERTags.OCTET_STRING)).getOctetStream());
-
-            try
-            {
-                CMSSecureReadable secureReadable = new CMSEnvelopedHelper.CMSDigestAuthenticatedSecureReadable(digestCalculatorProvider.get(digestAlgorithm), readable);
-
-                this.recipientInfoStore = CMSEnvelopedHelper.buildRecipientInformationStore(recipientInfos, this.macAlg, secureReadable, new AuthAttributesProvider()
-                {
-                    public ASN1Set getAuthAttributes()
-                    {
-                        try
-                        {
-                            return getAuthAttrSet();
-                        }
-                        catch (IOException e)
-                        {
-                            throw new IllegalStateException("can't parse authenticated attributes!");
-                        }
-                    }
-                });
-            }
-            catch (OperatorCreationException e)
-            {
-                throw new CMSException("unable to create digest calculator: " + e.getMessage(), e);
-            }
-        }
-        else
-        {
-            //
-            // read the authenticated content info
-            //
-            ContentInfoParser data = authData.getEncapsulatedContentInfo();
-            CMSReadable readable = new CMSProcessableInputStream(
-                ((ASN1OctetStringParser)data.getContent(BERTags.OCTET_STRING)).getOctetStream());
-
-            CMSSecureReadable secureReadable = new CMSEnvelopedHelper.CMSAuthenticatedSecureReadable(this.macAlg, readable);
-
-            this.recipientInfoStore = CMSEnvelopedHelper.buildRecipientInformationStore(recipientInfos, this.macAlg, secureReadable);
-        }
-
-
-    }
-
-    /**
-     * Return the originator information associated with this message if present.
-     *
-     * @return OriginatorInformation, null if not present.
-     */
-    public OriginatorInformation getOriginatorInfo()
-    {
-        return originatorInfo;
-    }
-
-    /**
-     * Return the MAC algorithm details for the MAC associated with the data in this object.
-     *
-     * @return AlgorithmIdentifier representing the MAC algorithm.
-     */
-    public AlgorithmIdentifier getMacAlgorithm()
-    {
-        return macAlg;
-    }
-
-    /**
-     * return the object identifier for the mac algorithm.
-     */
-    public String getMacAlgOID()
-    {
-        return macAlg.getAlgorithm().toString();
-    }
-
-    /**
-     * return the ASN.1 encoded encryption algorithm parameters, or null if
-     * there aren't any.
-     */
-    public byte[] getMacAlgParams()
-    {
-        try
-        {
-            return encodeObj(macAlg.getParameters());
-        }
-        catch (Exception e)
-        {
-            throw new RuntimeException("exception getting encryption parameters " + e);
-        }
-    }
-
-    /**
-     * return a store of the intended recipients for this message
-     */
-    public RecipientInformationStore getRecipientInfos()
-    {
-        return recipientInfoStore;
-    }
-
-    public byte[] getMac()
-        throws IOException
-    {
-        if (mac == null)
-        {
-            getAuthAttrs();
-            mac = authData.getMac().getOctets();
-        }
-        return Arrays.clone(mac);
-    }
-
-    private ASN1Set getAuthAttrSet()
-        throws IOException
-    {
-        if (authAttrs == null && authAttrNotRead)
-        {
-            ASN1SetParser set = authData.getAuthAttrs();
-
-            if (set != null)
-            {
-                authAttrSet = (ASN1Set)set.toASN1Primitive();
-            }
-
-            authAttrNotRead = false;
-        }
-
-        return authAttrSet;
-    }
-
-    /**
-     * return a table of the unauthenticated attributes indexed by
-     * the OID of the attribute.
-     * @exception java.io.IOException
-     */
-    public AttributeTable getAuthAttrs()
-        throws IOException
-    {
-        if (authAttrs == null && authAttrNotRead)
-        {
-            ASN1Set set = getAuthAttrSet();
-
-            if (set != null)
-            {
-                authAttrs = new AttributeTable(set);
-            }
-        }
-
-        return authAttrs;
-    }
-
-    /**
-     * return a table of the unauthenticated attributes indexed by
-     * the OID of the attribute.
-     * @exception java.io.IOException
-     */
-    public AttributeTable getUnauthAttrs()
-        throws IOException
-    {
-        if (unauthAttrs == null && unauthAttrNotRead)
-        {
-            ASN1SetParser set = authData.getUnauthAttrs();
-
-            unauthAttrNotRead = false;
-
-            if (set != null)
-            {
-                ASN1EncodableVector v = new ASN1EncodableVector();
-                ASN1Encodable o;
-
-                while ((o = set.readObject()) != null)
-                {
-                    ASN1SequenceParser seq = (ASN1SequenceParser)o;
-
-                    v.add(seq.toASN1Primitive());
-                }
-
-                unauthAttrs = new AttributeTable(new DERSet(v));
-            }
-        }
-
-        return unauthAttrs;
-    }
-
-    private byte[] encodeObj(
-        ASN1Encodable obj)
-        throws IOException
-    {
-        if (obj != null)
-        {
-            return obj.toASN1Primitive().getEncoded();
-        }
-
-        return null;
-    }
-
-    /**
-     * This will only be valid after the content has been read.
-     *
-     * @return the contents of the messageDigest attribute, if available. Null if not present.
-     */
-    public byte[] getContentDigest()
-    {
-        if (authAttrs != null)
-        {
-            return ASN1OctetString.getInstance(authAttrs.get(CMSAttributes.messageDigest).getAttrValues().getObjectAt(0)).getOctets();
-        }
-
-        return null;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSAuthenticatedDataStreamGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSAuthenticatedDataStreamGenerator.java
deleted file mode 100644
index c35097c..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSAuthenticatedDataStreamGenerator.java
+++ /dev/null

@@ -1,310 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.Map;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.BERSequenceGenerator;
-import org.bouncycastle.asn1.BERSet;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.cms.AuthenticatedData;
-import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.operator.DigestCalculator;
-import org.bouncycastle.operator.MacCalculator;
-import org.bouncycastle.util.io.TeeOutputStream;
-
-/**
- * General class for generating a CMS authenticated-data message stream.
- * <p>
- * A simple example of usage.
- * <pre>
- *      CMSAuthenticatedDataStreamGenerator edGen = new CMSAuthenticatedDataStreamGenerator();
- *
- *      edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(cert).setProvider("BC"));
- *
- *      ByteArrayOutputStream  bOut = new ByteArrayOutputStream();
- *
- *      OutputStream out = edGen.open(
- *                              bOut, new JceCMSMacCalculatorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider("BC").build());*
- *      out.write(data);
- *
- *      out.close();
- * </pre>
- */
-public class CMSAuthenticatedDataStreamGenerator
-    extends CMSAuthenticatedGenerator
-{
-    // Currently not handled
-//    private Object              _originatorInfo = null;
-//    private Object              _unprotectedAttributes = null;
-    private int bufferSize;
-    private boolean berEncodeRecipientSet;
-    private MacCalculator macCalculator;
-
-    /**
-     * base constructor
-     */
-    public CMSAuthenticatedDataStreamGenerator()
-    {
-    }
-
-    /**
-     * Set the underlying string size for encapsulated data
-     *
-     * @param bufferSize length of octet strings to buffer the data.
-     */
-    public void setBufferSize(
-        int bufferSize)
-    {
-        this.bufferSize = bufferSize;
-    }
-
-    /**
-     * Use a BER Set to store the recipient information. By default recipients are
-     * stored in a DER encoding.
-     *
-     * @param useBerEncodingForRecipients true if a BER set should be used, false if DER.
-     */
-    public void setBEREncodeRecipients(
-        boolean useBerEncodingForRecipients)
-    {
-        berEncodeRecipientSet = useBerEncodingForRecipients;
-    }
-
-    /**
-     * generate an authenticated data structure with the encapsulated bytes marked as DATA.
-     *
-     * @param out the stream to store the authenticated structure in.
-     * @param macCalculator calculator for the MAC to be attached to the data.
-     */
-    public OutputStream open(
-        OutputStream    out,
-        MacCalculator   macCalculator)
-        throws CMSException
-    {
-        return open(CMSObjectIdentifiers.data, out, macCalculator);
-    }
-
-    public OutputStream open(
-        OutputStream    out,
-        MacCalculator   macCalculator,
-        DigestCalculator digestCalculator)
-        throws CMSException
-    {
-        return open(CMSObjectIdentifiers.data, out, macCalculator, digestCalculator);
-    }
-
-    /**
-     * generate an authenticated data structure with the encapsulated bytes marked as type dataType.
-     *
-     * @param dataType the type of the data been written to the object.
-     * @param out the stream to store the authenticated structure in.
-     * @param macCalculator calculator for the MAC to be attached to the data.
-     */
-    public OutputStream open(
-        ASN1ObjectIdentifier dataType,
-        OutputStream         out,
-        MacCalculator        macCalculator)
-        throws CMSException
-    {
-        return open(dataType, out, macCalculator, null);
-    }
-
-    /**
-     * generate an authenticated data structure with the encapsulated bytes marked as type dataType.
-     *
-     * @param dataType the type of the data been written to the object.
-     * @param out the stream to store the authenticated structure in.
-     * @param macCalculator calculator for the MAC to be attached to the data.
-     * @param digestCalculator calculator for computing digest of the encapsulated data.
-     */
-    public OutputStream open(
-        ASN1ObjectIdentifier dataType,
-        OutputStream         out,
-        MacCalculator        macCalculator,
-        DigestCalculator     digestCalculator)
-        throws CMSException
-    {
-        this.macCalculator = macCalculator;
-
-        try
-        {
-            ASN1EncodableVector recipientInfos = new ASN1EncodableVector();
-
-            for (Iterator it = recipientInfoGenerators.iterator(); it.hasNext();)
-            {
-                RecipientInfoGenerator recipient = (RecipientInfoGenerator)it.next();
-
-                recipientInfos.add(recipient.generate(macCalculator.getKey()));
-            }
-
-            //
-            // ContentInfo
-            //
-            BERSequenceGenerator cGen = new BERSequenceGenerator(out);
-
-            cGen.addObject(CMSObjectIdentifiers.authenticatedData);
-
-            //
-            // Authenticated Data
-            //
-            BERSequenceGenerator authGen = new BERSequenceGenerator(cGen.getRawOutputStream(), 0, true);
-
-            authGen.addObject(new ASN1Integer(AuthenticatedData.calculateVersion(originatorInfo)));
-
-            if (originatorInfo != null)
-            {
-                authGen.addObject(new DERTaggedObject(false, 0, originatorInfo));
-            }
-
-            if (berEncodeRecipientSet)
-            {
-                authGen.getRawOutputStream().write(new BERSet(recipientInfos).getEncoded());
-            }
-            else
-            {
-                authGen.getRawOutputStream().write(new DERSet(recipientInfos).getEncoded());
-            }
-
-            AlgorithmIdentifier macAlgId = macCalculator.getAlgorithmIdentifier();
-
-            authGen.getRawOutputStream().write(macAlgId.getEncoded());
-
-            if (digestCalculator != null)
-            {
-                authGen.addObject(new DERTaggedObject(false, 1, digestCalculator.getAlgorithmIdentifier()));
-            }
-            
-            BERSequenceGenerator eiGen = new BERSequenceGenerator(authGen.getRawOutputStream());
-
-            eiGen.addObject(dataType);
-
-            OutputStream octetStream = CMSUtils.createBEROctetOutputStream(
-                    eiGen.getRawOutputStream(), 0, false, bufferSize);
-
-            OutputStream mOut;
-
-            if (digestCalculator != null)
-            {
-                mOut = new TeeOutputStream(octetStream, digestCalculator.getOutputStream());
-            }
-            else
-            {
-                mOut = new TeeOutputStream(octetStream, macCalculator.getOutputStream());
-            }
-
-            return new CmsAuthenticatedDataOutputStream(macCalculator, digestCalculator, dataType, mOut, cGen, authGen, eiGen);
-        }
-        catch (IOException e)
-        {
-            throw new CMSException("exception decoding algorithm parameters.", e);
-        }
-    }
-
-    private class CmsAuthenticatedDataOutputStream
-        extends OutputStream
-    {
-        private OutputStream dataStream;
-        private BERSequenceGenerator cGen;
-        private BERSequenceGenerator envGen;
-        private BERSequenceGenerator eiGen;
-        private MacCalculator macCalculator;
-        private DigestCalculator digestCalculator;
-        private ASN1ObjectIdentifier contentType;
-
-        public CmsAuthenticatedDataOutputStream(
-            MacCalculator   macCalculator,
-            DigestCalculator digestCalculator,
-            ASN1ObjectIdentifier contentType,
-            OutputStream dataStream,
-            BERSequenceGenerator cGen,
-            BERSequenceGenerator envGen,
-            BERSequenceGenerator eiGen)
-        {
-            this.macCalculator = macCalculator;
-            this.digestCalculator = digestCalculator;
-            this.contentType = contentType;
-            this.dataStream = dataStream;
-            this.cGen = cGen;
-            this.envGen = envGen;
-            this.eiGen = eiGen;
-        }
-
-        public void write(
-            int b)
-            throws IOException
-        {
-            dataStream.write(b);
-        }
-
-        public void write(
-            byte[] bytes,
-            int    off,
-            int    len)
-            throws IOException
-        {
-            dataStream.write(bytes, off, len);
-        }
-
-        public void write(
-            byte[] bytes)
-            throws IOException
-        {
-            dataStream.write(bytes);
-        }
-
-        public void close()
-            throws IOException
-        {
-            dataStream.close();
-            eiGen.close();
-
-            Map parameters;
-
-            if (digestCalculator != null)
-            {
-                parameters = Collections.unmodifiableMap(getBaseParameters(contentType, digestCalculator.getAlgorithmIdentifier(), macCalculator.getAlgorithmIdentifier(), digestCalculator.getDigest()));
-
-                if (authGen == null)
-                {
-                    authGen = new DefaultAuthenticatedAttributeTableGenerator();
-                }
-                
-                ASN1Set authed = new DERSet(authGen.getAttributes(parameters).toASN1EncodableVector());
-
-                OutputStream mOut = macCalculator.getOutputStream();
-
-                mOut.write(authed.getEncoded(ASN1Encoding.DER));
-
-                mOut.close();
-
-                envGen.addObject(new DERTaggedObject(false, 2, authed));
-            }
-            else
-            {
-                parameters = Collections.unmodifiableMap(new HashMap());                
-            }
-
-            envGen.addObject(new DEROctetString(macCalculator.getMac()));
-
-            if (unauthGen != null)
-            {
-                envGen.addObject(new DERTaggedObject(false, 3, new BERSet(unauthGen.getAttributes(parameters).toASN1EncodableVector())));
-            }
-
-            envGen.close();
-            cGen.close();
-        }
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSAuthenticatedGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSAuthenticatedGenerator.java
deleted file mode 100644
index e50e03a..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSAuthenticatedGenerator.java
+++ /dev/null

@@ -1,42 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.Arrays;
-
-public class CMSAuthenticatedGenerator
-    extends CMSEnvelopedGenerator
-{
-    protected CMSAttributeTableGenerator authGen;
-    protected CMSAttributeTableGenerator unauthGen;
-
-    /**
-     * base constructor
-     */
-    public CMSAuthenticatedGenerator()
-    {
-    }
-
-    public void setAuthenticatedAttributeGenerator(CMSAttributeTableGenerator authGen)
-    {
-        this.authGen = authGen;
-    }
-
-    public void setUnauthenticatedAttributeGenerator(CMSAttributeTableGenerator unauthGen)
-    {
-        this.unauthGen = unauthGen;
-    }
-
-    protected Map getBaseParameters(ASN1ObjectIdentifier contentType, AlgorithmIdentifier digAlgId, AlgorithmIdentifier macAlgId, byte[] hash)
-    {
-        Map param = new HashMap();
-        param.put(CMSAttributeTableGenerator.CONTENT_TYPE, contentType);
-        param.put(CMSAttributeTableGenerator.DIGEST_ALGORITHM_IDENTIFIER, digAlgId);
-        param.put(CMSAttributeTableGenerator.DIGEST,  Arrays.clone(hash));
-        param.put(CMSAttributeTableGenerator.MAC_ALGORITHM_IDENTIFIER,  macAlgId);
-        return param;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSCompressedData.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSCompressedData.java
deleted file mode 100644
index e110de5..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSCompressedData.java
+++ /dev/null

@@ -1,109 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.cms.CompressedData;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.operator.InputExpander;
-import org.bouncycastle.operator.InputExpanderProvider;
-import org.bouncycastle.util.Encodable;
-
-/**
- * containing class for an CMS Compressed Data object
- * <pre>
- *     CMSCompressedData cd = new CMSCompressedData(inputStream);
- *
- *     process(cd.getContent(new ZlibExpanderProvider()));
- * </pre>
- */
-public class CMSCompressedData
-    implements Encodable
-{
-    ContentInfo                 contentInfo;
-    CompressedData              comData;
-
-    public CMSCompressedData(
-        byte[]    compressedData) 
-        throws CMSException
-    {
-        this(CMSUtils.readContentInfo(compressedData));
-    }
-
-    public CMSCompressedData(
-        InputStream    compressedData) 
-        throws CMSException
-    {
-        this(CMSUtils.readContentInfo(compressedData));
-    }
-
-    public CMSCompressedData(
-        ContentInfo contentInfo)
-        throws CMSException
-    {
-        this.contentInfo = contentInfo;
-
-        try
-        {
-            this.comData = CompressedData.getInstance(contentInfo.getContent());
-        }
-        catch (ClassCastException e)
-        {
-            throw new CMSException("Malformed content.", e);
-        }
-        catch (IllegalArgumentException e)
-        {
-            throw new CMSException("Malformed content.", e);
-        }
-    }
-
-    public ASN1ObjectIdentifier getContentType()
-    {
-        return contentInfo.getContentType();
-    }
-
-    /**
-     * Return the uncompressed content.
-     *
-     * @param expanderProvider a provider of expander algorithm implementations.
-     * @return the uncompressed content
-     * @throws CMSException if there is an exception un-compressing the data.
-     */
-    public byte[] getContent(InputExpanderProvider expanderProvider)
-        throws CMSException
-    {
-        ContentInfo     content = comData.getEncapContentInfo();
-
-        ASN1OctetString bytes = (ASN1OctetString)content.getContent();
-        InputExpander   expander = expanderProvider.get(comData.getCompressionAlgorithmIdentifier());
-        InputStream     zIn = expander.getInputStream(bytes.getOctetStream());
-
-        try
-        {
-            return CMSUtils.streamToByteArray(zIn);
-        }
-        catch (IOException e)
-        {
-            throw new CMSException("exception reading compressed stream.", e);
-        }
-    }
-
-    /**
-     * return the ContentInfo
-     */
-    public ContentInfo toASN1Structure()
-    {
-        return contentInfo;
-    }
-    
-    /**
-     * return the ASN.1 encoded representation of this object.
-     */
-    public byte[] getEncoded()
-        throws IOException
-    {
-        return contentInfo.getEncoded();
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSCompressedDataGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSCompressedDataGenerator.java
deleted file mode 100644
index d50391a..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSCompressedDataGenerator.java
+++ /dev/null

@@ -1,74 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.BEROctetString;
-import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
-import org.bouncycastle.asn1.cms.CompressedData;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.operator.OutputCompressor;
-
-/**
- * General class for generating a compressed CMS message.
- * <p>
- * A simple example of usage.
- * <p>
- * <pre>
- *      CMSCompressedDataGenerator  fact = new CMSCompressedDataGenerator();
- *
- *      CMSCompressedData           data = fact.generate(content, new ZlibCompressor());
- * </pre>
- */
-public class CMSCompressedDataGenerator
-{
-    public static final String  ZLIB    = "1.2.840.113549.1.9.16.3.8";
-
-    /**
-     * base constructor
-     */
-    public CMSCompressedDataGenerator()
-    {
-    }
-
-    /**
-     * generate an object that contains an CMS Compressed Data
-     */
-    public CMSCompressedData generate(
-        CMSTypedData content,
-        OutputCompressor compressor)
-        throws CMSException
-    {
-        AlgorithmIdentifier     comAlgId;
-        ASN1OctetString         comOcts;
-
-        try
-        {
-            ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-            OutputStream zOut = compressor.getOutputStream(bOut);
-
-            content.write(zOut);
-
-            zOut.close();
-
-            comAlgId = compressor.getAlgorithmIdentifier();
-            comOcts = new BEROctetString(bOut.toByteArray());
-        }
-        catch (IOException e)
-        {
-            throw new CMSException("exception encoding data.", e);
-        }
-
-        ContentInfo     comContent = new ContentInfo(
-                                    content.getContentType(), comOcts);
-
-        ContentInfo     contentInfo = new ContentInfo(
-                                    CMSObjectIdentifiers.compressedData,
-                                    new CompressedData(comAlgId, comContent));
-
-        return new CMSCompressedData(contentInfo);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSCompressedDataParser.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSCompressedDataParser.java
deleted file mode 100644
index c3da87b..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSCompressedDataParser.java
+++ /dev/null

@@ -1,72 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.bouncycastle.asn1.ASN1OctetStringParser;
-import org.bouncycastle.asn1.ASN1SequenceParser;
-import org.bouncycastle.asn1.BERTags;
-import org.bouncycastle.asn1.cms.CompressedDataParser;
-import org.bouncycastle.asn1.cms.ContentInfoParser;
-import org.bouncycastle.operator.InputExpander;
-import org.bouncycastle.operator.InputExpanderProvider;
-
-/**
- * Class for reading a CMS Compressed Data stream.
- * <pre>
- *     CMSCompressedDataParser cp = new CMSCompressedDataParser(inputStream);
- *      
- *     process(cp.getContent(new ZlibExpanderProvider()).getContentStream());
- * </pre>
- *  Note: this class does not introduce buffering - if you are processing large files you should create
- *  the parser with:
- *  <pre>
- *      CMSCompressedDataParser     ep = new CMSCompressedDataParser(new BufferedInputStream(inputStream, bufSize));
- *  </pre>
- *  where bufSize is a suitably large buffer size.
- */
-public class CMSCompressedDataParser
-    extends CMSContentInfoParser
-{
-    public CMSCompressedDataParser(
-        byte[]    compressedData) 
-        throws CMSException
-    {
-        this(new ByteArrayInputStream(compressedData));
-    }
-
-    public CMSCompressedDataParser(
-        InputStream    compressedData) 
-        throws CMSException
-    {
-        super(compressedData);
-    }
-
-    /**
-     * Return a typed stream which will allow the reading of the compressed content in
-     * expanded form.
-     *
-     * @param expanderProvider a provider of expander algorithm implementations.
-     * @return a type stream which will yield the un-compressed content.
-     * @throws CMSException if there is an exception parsing the CompressedData object.
-     */
-    public CMSTypedStream  getContent(InputExpanderProvider expanderProvider)
-        throws CMSException
-    {
-        try
-        {
-            CompressedDataParser  comData = new CompressedDataParser((ASN1SequenceParser)_contentInfo.getContent(BERTags.SEQUENCE));
-            ContentInfoParser     content = comData.getEncapContentInfo();
-            InputExpander expander = expanderProvider.get(comData.getCompressionAlgorithmIdentifier());
-
-            ASN1OctetStringParser bytes = (ASN1OctetStringParser)content.getContent(BERTags.OCTET_STRING);
-
-            return new CMSTypedStream(content.getContentType().getId(), expander.getInputStream(bytes.getOctetStream()));
-        }
-        catch (IOException e)
-        {
-            throw new CMSException("IOException reading compressed content.", e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSCompressedDataStreamGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSCompressedDataStreamGenerator.java
deleted file mode 100644
index 8a34eb0..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSCompressedDataStreamGenerator.java
+++ /dev/null

@@ -1,165 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.IOException;
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.BERSequenceGenerator;
-import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
-import org.bouncycastle.operator.OutputCompressor;
-
-/**
- * General class for generating a compressed CMS message stream.
- * <p>
- * A simple example of usage.
- * </p>
- * <pre>
- *      CMSCompressedDataStreamGenerator gen = new CMSCompressedDataStreamGenerator();
- *      
- *      OutputStream cOut = gen.open(outputStream, new ZlibCompressor());
- *      
- *      cOut.write(data);
- *      
- *      cOut.close();
- * </pre>
- */
-public class CMSCompressedDataStreamGenerator
-{
-    public static final String  ZLIB    = "1.2.840.113549.1.9.16.3.8";
-
-    private int _bufferSize;
-    
-    /**
-     * base constructor
-     */
-    public CMSCompressedDataStreamGenerator()
-    {
-    }
-
-    /**
-     * Set the underlying string size for encapsulated data
-     *
-     * @param bufferSize length of octet strings to buffer the data.
-     */
-    public void setBufferSize(
-        int bufferSize)
-    {
-        _bufferSize = bufferSize;
-    }
-
-    /**
-     * Open a compressing output stream with the PKCS#7 content type OID of "data".
-     *
-     * @param out the stream to encode to.
-     * @param compressor the type of compressor to use.
-     * @return an output stream to write the data be compressed to.
-     * @throws IOException
-     */
-    public OutputStream open(
-        OutputStream out,
-        OutputCompressor compressor)
-        throws IOException
-    {
-        return open(CMSObjectIdentifiers.data, out, compressor);
-    }
-
-    /**
-     * Open a compressing output stream.
-     *
-     * @param contentOID the content type OID.
-     * @param out the stream to encode to.
-     * @param compressor the type of compressor to use.
-     * @return an output stream to write the data be compressed to.
-     * @throws IOException
-     */
-    public OutputStream open(
-        ASN1ObjectIdentifier contentOID,
-        OutputStream out,
-        OutputCompressor compressor)
-        throws IOException
-    {
-        BERSequenceGenerator sGen = new BERSequenceGenerator(out);
-
-        sGen.addObject(CMSObjectIdentifiers.compressedData);
-
-        //
-        // Compressed Data
-        //
-        BERSequenceGenerator cGen = new BERSequenceGenerator(sGen.getRawOutputStream(), 0, true);
-
-        cGen.addObject(new ASN1Integer(0));
-
-        //
-        // AlgorithmIdentifier
-        //
-        cGen.addObject(compressor.getAlgorithmIdentifier());
-
-        //
-        // Encapsulated ContentInfo
-        //
-        BERSequenceGenerator eiGen = new BERSequenceGenerator(cGen.getRawOutputStream());
-
-        eiGen.addObject(contentOID);
-
-        OutputStream octetStream = CMSUtils.createBEROctetOutputStream(
-            eiGen.getRawOutputStream(), 0, true, _bufferSize);
-
-        return new CmsCompressedOutputStream(
-            compressor.getOutputStream(octetStream), sGen, cGen, eiGen);
-    }
-
-    private class CmsCompressedOutputStream
-        extends OutputStream
-    {
-        private OutputStream _out;
-        private BERSequenceGenerator _sGen;
-        private BERSequenceGenerator _cGen;
-        private BERSequenceGenerator _eiGen;
-        
-        CmsCompressedOutputStream(
-            OutputStream out,
-            BERSequenceGenerator sGen,
-            BERSequenceGenerator cGen,
-            BERSequenceGenerator eiGen)
-        {
-            _out = out;
-            _sGen = sGen;
-            _cGen = cGen;
-            _eiGen = eiGen;
-        }
-        
-        public void write(
-            int b)
-            throws IOException
-        {
-            _out.write(b); 
-        }
-        
-        
-        public void write(
-            byte[] bytes,
-            int    off,
-            int    len)
-            throws IOException
-        {
-            _out.write(bytes, off, len);
-        }
-        
-        public void write(
-            byte[] bytes)
-            throws IOException
-        {
-            _out.write(bytes);
-        }
-        
-        public void close()
-            throws IOException
-        {
-            _out.close();
-            _eiGen.close();
-            _cGen.close();
-            _sGen.close();
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSConfig.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSConfig.java
deleted file mode 100644
index 6a45155..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSConfig.java
+++ /dev/null

@@ -1,35 +0,0 @@
-package org.bouncycastle.cms;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-
-public class CMSConfig
-{
-    /**
-     * Set the mapping for the encryption algorithm used in association with a SignedData generation
-     * or interpretation.
-     *
-     * @param oid object identifier to map.
-     * @param algorithmName algorithm name to use.
-     */
-    public static void setSigningEncryptionAlgorithmMapping(String oid, String algorithmName)
-    {
-        ASN1ObjectIdentifier id = new ASN1ObjectIdentifier(oid);
-
-        CMSSignedHelper.INSTANCE.setSigningEncryptionAlgorithmMapping(id, algorithmName);
-    }
-
-    /**
-     * Set the mapping for the digest algorithm to use in conjunction with a SignedData generation
-     * or interpretation.
-     *
-     * @param oid object identifier to map.
-     * @param algorithmName algorithm name to use.
-     * @deprecated no longer required.
-     */
-    public static void setSigningDigestAlgorithmMapping(String oid, String algorithmName)
-    {
-        ASN1ObjectIdentifier id = new ASN1ObjectIdentifier(oid);
-
-        //CMSSignedHelper.INSTANCE.setSigningDigestAlgorithmMapping(id, algorithmName);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSContentInfoParser.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSContentInfoParser.java
deleted file mode 100644
index 9edcda2..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSContentInfoParser.java
+++ /dev/null

@@ -1,51 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.bouncycastle.asn1.ASN1SequenceParser;
-import org.bouncycastle.asn1.ASN1StreamParser;
-import org.bouncycastle.asn1.cms.ContentInfoParser;
-
-public class CMSContentInfoParser
-{
-    protected ContentInfoParser _contentInfo;
-    protected InputStream       _data;
-
-    protected CMSContentInfoParser(
-        InputStream data)
-        throws CMSException
-    {
-        _data = data;
-        
-        try
-        {
-            ASN1StreamParser in = new ASN1StreamParser(data);
-            ASN1SequenceParser seqParser = (ASN1SequenceParser)in.readObject();
-
-            if (seqParser == null)
-            {
-                throw new CMSException("No content found.");
-            }
-
-            _contentInfo = new ContentInfoParser(seqParser);
-        }
-        catch (IOException e)
-        {
-            throw new CMSException("IOException reading content.", e);
-        }
-        catch (ClassCastException e)
-        {
-            throw new CMSException("Unexpected object reading content.", e);
-        }
-    }
-    
-    /**
-     * Close the underlying data stream.
-     * @throws IOException if the close fails.
-     */
-    public void close() throws IOException
-    {
-        _data.close();
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSDigestedData.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSDigestedData.java
deleted file mode 100644
index b33def6..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSDigestedData.java
+++ /dev/null

@@ -1,138 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.cms.DigestedData;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.operator.DigestCalculator;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Encodable;
-
-/**
- * containing class for an CMS Digested Data object
- * <pre>
- *     CMSDigestedData cd = new CMSDigestedData(inputStream);
- *
- *
- *     process(cd.getContent());
- * </pre>
- */
-public class CMSDigestedData
-    implements Encodable
-{
-    private ContentInfo  contentInfo;
-    private DigestedData digestedData;
-
-    public CMSDigestedData(
-        byte[] compressedData)
-        throws CMSException
-    {
-        this(CMSUtils.readContentInfo(compressedData));
-    }
-
-    public CMSDigestedData(
-        InputStream compressedData)
-        throws CMSException
-    {
-        this(CMSUtils.readContentInfo(compressedData));
-    }
-
-    public CMSDigestedData(
-        ContentInfo contentInfo)
-        throws CMSException
-    {
-        this.contentInfo = contentInfo;
-
-        try
-        {
-            this.digestedData = DigestedData.getInstance(contentInfo.getContent());
-        }
-        catch (ClassCastException e)
-        {
-            throw new CMSException("Malformed content.", e);
-        }
-        catch (IllegalArgumentException e)
-        {
-            throw new CMSException("Malformed content.", e);
-        }
-    }
-
-    public ASN1ObjectIdentifier getContentType()
-    {
-        return contentInfo.getContentType();
-    }
-
-    public AlgorithmIdentifier getDigestAlgorithm()
-    {
-        return digestedData.getDigestAlgorithm();
-    }
-
-    /**
-     * Return the digested content
-     *
-     * @return the digested content
-     * @throws CMSException if there is an exception un-compressing the data.
-     */
-    public CMSProcessable getDigestedContent()
-        throws CMSException
-    {
-        ContentInfo     content = digestedData.getEncapContentInfo();
-
-        try
-        {
-            return new CMSProcessableByteArray(content.getContentType(), ((ASN1OctetString)content.getContent()).getOctets());
-        }
-        catch (Exception e)
-        {
-            throw new CMSException("exception reading digested stream.", e);
-        }
-    }
-
-    /**
-     * return the ContentInfo
-     */
-    public ContentInfo toASN1Structure()
-    {
-        return contentInfo;
-    }
-
-    /**
-     * return the ASN.1 encoded representation of this object.
-     */
-    public byte[] getEncoded()
-        throws IOException
-    {
-        return contentInfo.getEncoded();
-    }
-
-    public boolean verify(DigestCalculatorProvider calculatorProvider)
-        throws CMSException
-    {
-        try
-        {
-            ContentInfo     content = digestedData.getEncapContentInfo();
-            DigestCalculator calc = calculatorProvider.get(digestedData.getDigestAlgorithm());
-
-            OutputStream dOut = calc.getOutputStream();
-
-            dOut.write(((ASN1OctetString)content.getContent()).getOctets());
-
-            return Arrays.areEqual(digestedData.getDigest(), calc.getDigest());
-        }
-        catch (OperatorCreationException e)
-        {
-            throw new CMSException("unable to create digest calculator: " + e.getMessage(), e);
-        }
-        catch (IOException e)
-        {
-            throw new CMSException("unable process content: " + e.getMessage(), e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSEncryptedData.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSEncryptedData.java
deleted file mode 100644
index f96e756..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSEncryptedData.java
+++ /dev/null

@@ -1,62 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.cms.EncryptedContentInfo;
-import org.bouncycastle.asn1.cms.EncryptedData;
-import org.bouncycastle.operator.InputDecryptor;
-import org.bouncycastle.operator.InputDecryptorProvider;
-
-public class CMSEncryptedData
-{
-    private ContentInfo contentInfo;
-    private EncryptedData encryptedData;
-
-    public CMSEncryptedData(ContentInfo contentInfo)
-    {
-        this.contentInfo = contentInfo;
-
-        this.encryptedData = EncryptedData.getInstance(contentInfo.getContent());
-    }
-
-    public byte[] getContent(InputDecryptorProvider inputDecryptorProvider)
-        throws CMSException
-    {
-        try
-        {
-            return CMSUtils.streamToByteArray(getContentStream(inputDecryptorProvider).getContentStream());
-        }
-        catch (IOException e)
-        {
-            throw new CMSException("unable to parse internal stream: " + e.getMessage(), e);
-        }
-    }
-
-    public CMSTypedStream getContentStream(InputDecryptorProvider inputDecryptorProvider)
-        throws CMSException
-    {
-        try
-        {
-            EncryptedContentInfo encContentInfo = encryptedData.getEncryptedContentInfo();
-            InputDecryptor decrytor = inputDecryptorProvider.get(encContentInfo.getContentEncryptionAlgorithm());
-
-            ByteArrayInputStream encIn = new ByteArrayInputStream(encContentInfo.getEncryptedContent().getOctets());
-
-            return new CMSTypedStream(encContentInfo.getContentType(), decrytor.getInputStream(encIn));
-        }
-        catch (Exception e)
-        {
-            throw new CMSException("unable to create stream: " + e.getMessage(), e);
-        }
-    }
-
-    /**
-     * return the ContentInfo
-     */
-    public ContentInfo toASN1Structure()
-    {
-        return contentInfo;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSEncryptedDataGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSEncryptedDataGenerator.java
deleted file mode 100644
index 6f2f42b..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSEncryptedDataGenerator.java
+++ /dev/null

@@ -1,109 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-import java.util.HashMap;
-
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.BEROctetString;
-import org.bouncycastle.asn1.BERSet;
-import org.bouncycastle.asn1.cms.AttributeTable;
-import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.cms.EncryptedContentInfo;
-import org.bouncycastle.asn1.cms.EncryptedData;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.operator.OutputEncryptor;
-
-/**
- * General class for generating a CMS encrypted-data message.
- *
- * A simple example of usage.
- *
- * <pre>
- *       CMSTypedData msg     = new CMSProcessableByteArray("Hello World!".getBytes());
- *
- *       CMSEncryptedDataGenerator edGen = new CMSEncryptedDataGenerator();
- *
- *       CMSEncryptedData ed = edGen.generate(
- *                                       msg,
- *                                       new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC)
- *                                              .setProvider("BC").build());
- *
- * </pre>
- */
-public class CMSEncryptedDataGenerator
-    extends CMSEncryptedGenerator
-{
-    /**
-     * base constructor
-     */
-    public CMSEncryptedDataGenerator()
-    {
-    }
-
-    private CMSEncryptedData doGenerate(
-        CMSTypedData content,
-        OutputEncryptor contentEncryptor)
-        throws CMSException
-    {
-        AlgorithmIdentifier     encAlgId;
-        ASN1OctetString         encContent;
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        try
-        {
-            OutputStream cOut = contentEncryptor.getOutputStream(bOut);
-
-            content.write(cOut);
-
-            cOut.close();
-        }
-        catch (IOException e)
-        {
-            throw new CMSException("");
-        }
-
-        byte[] encryptedContent = bOut.toByteArray();
-
-        encAlgId = contentEncryptor.getAlgorithmIdentifier();
-
-        encContent = new BEROctetString(encryptedContent);
-
-        EncryptedContentInfo  eci = new EncryptedContentInfo(
-                        content.getContentType(),
-                        encAlgId,
-                        encContent);
-
-        ASN1Set unprotectedAttrSet = null;
-        if (unprotectedAttributeGenerator != null)
-        {
-            AttributeTable attrTable = unprotectedAttributeGenerator.getAttributes(new HashMap());
-
-            unprotectedAttrSet = new BERSet(attrTable.toASN1EncodableVector());
-        }
-
-        ContentInfo contentInfo = new ContentInfo(
-                CMSObjectIdentifiers.encryptedData,
-                new EncryptedData(eci, unprotectedAttrSet));
-
-        return new CMSEncryptedData(contentInfo);
-    }
-
-    /**
-     * generate an encrypted object that contains an CMS Encrypted Data structure.
-     *
-     * @param content the content to be encrypted
-     * @param contentEncryptor the symmetric key based encryptor to encrypt the content with.
-     */
-    public CMSEncryptedData generate(
-        CMSTypedData content,
-        OutputEncryptor contentEncryptor)
-        throws CMSException
-    {
-        return doGenerate(content, contentEncryptor);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSEncryptedGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSEncryptedGenerator.java
deleted file mode 100644
index eece680..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSEncryptedGenerator.java
+++ /dev/null

@@ -1,21 +0,0 @@
-package org.bouncycastle.cms;
-
-/**
- * General class for generating a CMS encrypted-data message.
- */
-public class CMSEncryptedGenerator
-{
-    protected CMSAttributeTableGenerator unprotectedAttributeGenerator = null;
-
-    /**
-     * base constructor
-     */
-    protected CMSEncryptedGenerator()
-    {
-    }
-
-    public void setUnprotectedAttributeGenerator(CMSAttributeTableGenerator unprotectedAttributeGenerator)
-    {
-        this.unprotectedAttributeGenerator = unprotectedAttributeGenerator;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSEnvelopedData.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSEnvelopedData.java
deleted file mode 100644
index d4541fb..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSEnvelopedData.java
+++ /dev/null

@@ -1,208 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.cms.AttributeTable;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.cms.EncryptedContentInfo;
-import org.bouncycastle.asn1.cms.EnvelopedData;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.Encodable;
-
-/**
- * containing class for an CMS Enveloped Data object
- * <p>
- * Example of use - assuming the first recipient matches the private key we have.
- * <pre>
- *      CMSEnvelopedData     ed = new CMSEnvelopedData(inputStream);
- *
- *      RecipientInformationStore  recipients = ed.getRecipientInfos();
- *
- *      Collection  c = recipients.getRecipients();
- *      Iterator    it = c.iterator();
- *
- *      if (it.hasNext())
- *      {
- *          RecipientInformation   recipient = (RecipientInformation)it.next();
- *
- *          byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(privateKey).setProvider("BC"));
- *
- *          processData(recData);
- *      }
- *  </pre>
- */
-public class CMSEnvelopedData
-    implements Encodable
-{
-    RecipientInformationStore   recipientInfoStore;
-    ContentInfo                 contentInfo;
-
-    private AlgorithmIdentifier    encAlg;
-    private ASN1Set                unprotectedAttributes;
-    private OriginatorInformation  originatorInfo;
-
-    public CMSEnvelopedData(
-        byte[]    envelopedData)
-        throws CMSException
-    {
-        this(CMSUtils.readContentInfo(envelopedData));
-    }
-
-    public CMSEnvelopedData(
-        InputStream    envelopedData)
-        throws CMSException
-    {
-        this(CMSUtils.readContentInfo(envelopedData));
-    }
-
-    /**
-     * Construct a CMSEnvelopedData object from a content info object.
-     *
-     * @param contentInfo the contentInfo containing the CMS EnvelopedData object.
-     * @throws CMSException in the case where malformed content is encountered.
-     */
-    public CMSEnvelopedData(
-        ContentInfo contentInfo)
-        throws CMSException
-    {
-        this.contentInfo = contentInfo;
-
-        try
-        {
-            EnvelopedData  envData = EnvelopedData.getInstance(contentInfo.getContent());
-
-            if (envData.getOriginatorInfo() != null)
-            {
-                originatorInfo = new OriginatorInformation(envData.getOriginatorInfo());
-            }
-
-            //
-            // read the recipients
-            //
-            ASN1Set recipientInfos = envData.getRecipientInfos();
-
-            //
-            // read the encrypted content info
-            //
-            EncryptedContentInfo encInfo = envData.getEncryptedContentInfo();
-            this.encAlg = encInfo.getContentEncryptionAlgorithm();
-            CMSReadable readable = new CMSProcessableByteArray(encInfo.getEncryptedContent().getOctets());
-            CMSSecureReadable secureReadable = new CMSEnvelopedHelper.CMSEnvelopedSecureReadable(
-                this.encAlg, readable);
-
-            //
-            // build the RecipientInformationStore
-            //
-            this.recipientInfoStore = CMSEnvelopedHelper.buildRecipientInformationStore(
-                recipientInfos, this.encAlg, secureReadable);
-
-            this.unprotectedAttributes = envData.getUnprotectedAttrs();
-        }
-        catch (ClassCastException e)
-        {
-            throw new CMSException("Malformed content.", e);
-        }
-        catch (IllegalArgumentException e)
-        {
-            throw new CMSException("Malformed content.", e);
-        }
-    }
-
-    private byte[] encodeObj(
-        ASN1Encodable obj)
-        throws IOException
-    {
-        if (obj != null)
-        {
-            return obj.toASN1Primitive().getEncoded();
-        }
-
-        return null;
-    }
-
-    /**
-     * Return the originator information associated with this message if present.
-     *
-     * @return OriginatorInformation, null if not present.
-     */
-    public OriginatorInformation getOriginatorInfo()
-    {
-        return originatorInfo;
-    }
-
-    /**
-     * Return the content encryption algorithm details for the data in this object.
-     *
-     * @return AlgorithmIdentifier representing the content encryption algorithm.
-     */
-    public AlgorithmIdentifier getContentEncryptionAlgorithm()
-    {
-        return encAlg;
-    }
-
-    /**
-     * return the object identifier for the content encryption algorithm.
-     */
-    public String getEncryptionAlgOID()
-    {
-        return encAlg.getAlgorithm().getId();
-    }
-
-    /**
-     * return the ASN.1 encoded encryption algorithm parameters, or null if
-     * there aren't any.
-     */
-    public byte[] getEncryptionAlgParams()
-    {
-        try
-        {
-            return encodeObj(encAlg.getParameters());
-        }
-        catch (Exception e)
-        {
-            throw new RuntimeException("exception getting encryption parameters " + e);
-        }
-    }
-
-    /**
-     * return a store of the intended recipients for this message
-     */
-    public RecipientInformationStore getRecipientInfos()
-    {
-        return recipientInfoStore;
-    }
-
-    /**
-     * return the ContentInfo
-     */
-    public ContentInfo toASN1Structure()
-    {
-        return contentInfo;
-    }
-
-    /**
-     * return a table of the unprotected attributes indexed by
-     * the OID of the attribute.
-     */
-    public AttributeTable getUnprotectedAttributes()
-    {
-        if (unprotectedAttributes == null)
-        {
-            return null;
-        }
-
-        return new AttributeTable(unprotectedAttributes);
-    }
-
-    /**
-     * return the ASN.1 encoded representation of this object.
-     */
-    public byte[] getEncoded()
-        throws IOException
-    {
-        return contentInfo.getEncoded();
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSEnvelopedDataGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSEnvelopedDataGenerator.java
deleted file mode 100644
index 0038f90..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSEnvelopedDataGenerator.java
+++ /dev/null

@@ -1,131 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-import java.util.HashMap;
-import java.util.Iterator;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.BEROctetString;
-import org.bouncycastle.asn1.BERSet;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.cms.AttributeTable;
-import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.cms.EncryptedContentInfo;
-import org.bouncycastle.asn1.cms.EnvelopedData;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.OutputEncryptor;
-
-/**
- * General class for generating a CMS enveloped-data message.
- *
- * A simple example of usage.
- *
- * <pre>
- *       CMSTypedData msg     = new CMSProcessableByteArray("Hello World!".getBytes());
- *
- *       CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
- *
- *       edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(recipientCert).setProvider("BC"));
- *
- *       CMSEnvelopedData ed = edGen.generate(
- *                                       msg,
- *                                       new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC)
- *                                              .setProvider("BC").build());
- *
- * </pre>
- */
-public class CMSEnvelopedDataGenerator
-    extends CMSEnvelopedGenerator
-{
-    /**
-     * base constructor
-     */
-    public CMSEnvelopedDataGenerator()
-    {
-    }
-
-    private CMSEnvelopedData doGenerate(
-        CMSTypedData content,
-        OutputEncryptor contentEncryptor)
-        throws CMSException
-    {
-        if (!oldRecipientInfoGenerators.isEmpty())
-        {
-            throw new IllegalStateException("can only use addRecipientGenerator() with this method");
-        }
-
-        ASN1EncodableVector     recipientInfos = new ASN1EncodableVector();
-        AlgorithmIdentifier     encAlgId;
-        ASN1OctetString         encContent;
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        try
-        {
-            OutputStream cOut = contentEncryptor.getOutputStream(bOut);
-
-            content.write(cOut);
-
-            cOut.close();
-        }
-        catch (IOException e)
-        {
-            throw new CMSException("");
-        }
-
-        byte[] encryptedContent = bOut.toByteArray();
-
-        encAlgId = contentEncryptor.getAlgorithmIdentifier();
-
-        encContent = new BEROctetString(encryptedContent);
-
-        GenericKey encKey = contentEncryptor.getKey();
-
-        for (Iterator it = recipientInfoGenerators.iterator(); it.hasNext();)
-        {
-            RecipientInfoGenerator recipient = (RecipientInfoGenerator)it.next();
-
-            recipientInfos.add(recipient.generate(encKey));
-        }
-
-        EncryptedContentInfo  eci = new EncryptedContentInfo(
-                        content.getContentType(),
-                        encAlgId,
-                        encContent);
-
-        ASN1Set unprotectedAttrSet = null;
-        if (unprotectedAttributeGenerator != null)
-        {
-            AttributeTable attrTable = unprotectedAttributeGenerator.getAttributes(new HashMap());
-
-            unprotectedAttrSet = new BERSet(attrTable.toASN1EncodableVector());
-        }
-
-        ContentInfo contentInfo = new ContentInfo(
-                CMSObjectIdentifiers.envelopedData,
-                new EnvelopedData(originatorInfo, new DERSet(recipientInfos), eci, unprotectedAttrSet));
-
-        return new CMSEnvelopedData(contentInfo);
-    }
-
-    /**
-     * generate an enveloped object that contains an CMS Enveloped Data
-     * object using the given provider.
-     *
-     * @param content the content to be encrypted
-     * @param contentEncryptor the symmetric key based encryptor to encrypt the content with.
-     */
-    public CMSEnvelopedData generate(
-        CMSTypedData content,
-        OutputEncryptor contentEncryptor)
-        throws CMSException
-    {
-        return doGenerate(content, contentEncryptor);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSEnvelopedDataParser.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSEnvelopedDataParser.java
deleted file mode 100644
index 67c9d91..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSEnvelopedDataParser.java
+++ /dev/null

@@ -1,208 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1OctetStringParser;
-import org.bouncycastle.asn1.ASN1SequenceParser;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.ASN1SetParser;
-import org.bouncycastle.asn1.BERTags;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.cms.AttributeTable;
-import org.bouncycastle.asn1.cms.EncryptedContentInfoParser;
-import org.bouncycastle.asn1.cms.EnvelopedDataParser;
-import org.bouncycastle.asn1.cms.OriginatorInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * Parsing class for an CMS Enveloped Data object from an input stream.
- * <p>
- * Note: that because we are in a streaming mode only one recipient can be tried and it is important 
- * that the methods on the parser are called in the appropriate order.
- * </p>
- * <p>
- * Example of use - assuming the first recipient matches the private key we have.
- * <pre>
- *      CMSEnvelopedDataParser     ep = new CMSEnvelopedDataParser(inputStream);
- *
- *      RecipientInformationStore  recipients = ep.getRecipientInfos();
- *
- *      Collection  c = recipients.getRecipients();
- *      Iterator    it = c.iterator();
- *      
- *      if (it.hasNext())
- *      {
- *          RecipientInformation   recipient = (RecipientInformation)it.next();
- *
- *          CMSTypedStream recData = recipient.getContentStream(new JceKeyTransEnvelopedRecipient(privateKey).setProvider("BC"));
- *          
- *          processDataStream(recData.getContentStream());
- *      }
- *  </pre>
- *  Note: this class does not introduce buffering - if you are processing large files you should create
- *  the parser with:
- *  <pre>
- *          CMSEnvelopedDataParser     ep = new CMSEnvelopedDataParser(new BufferedInputStream(inputStream, bufSize));
- *  </pre>
- *  where bufSize is a suitably large buffer size.
- */
-public class CMSEnvelopedDataParser
-    extends CMSContentInfoParser
-{
-    RecipientInformationStore recipientInfoStore;
-    EnvelopedDataParser envelopedData;
-    
-    private AlgorithmIdentifier encAlg;
-    private AttributeTable unprotectedAttributes;
-    private boolean attrNotRead;
-    private OriginatorInformation  originatorInfo;
-
-    public CMSEnvelopedDataParser(
-        byte[]    envelopedData) 
-        throws CMSException, IOException
-    {
-        this(new ByteArrayInputStream(envelopedData));
-    }
-
-    public CMSEnvelopedDataParser(
-        InputStream    envelopedData) 
-        throws CMSException, IOException
-    {
-        super(envelopedData);
-
-        this.attrNotRead = true;
-        this.envelopedData = new EnvelopedDataParser((ASN1SequenceParser)_contentInfo.getContent(BERTags.SEQUENCE));
-
-        // TODO Validate version?
-        //ASN1Integer version = this._envelopedData.getVersion();
-
-        OriginatorInfo info = this.envelopedData.getOriginatorInfo();
-
-        if (info != null)
-        {
-            this.originatorInfo = new OriginatorInformation(info);
-        }
-
-        //
-        // read the recipients
-        //
-        ASN1Set recipientInfos = ASN1Set.getInstance(this.envelopedData.getRecipientInfos().toASN1Primitive());
-
-        //
-        // read the encrypted content info
-        //
-        EncryptedContentInfoParser encInfo = this.envelopedData.getEncryptedContentInfo();
-        this.encAlg = encInfo.getContentEncryptionAlgorithm();
-        CMSReadable readable = new CMSProcessableInputStream(
-            ((ASN1OctetStringParser)encInfo.getEncryptedContent(BERTags.OCTET_STRING)).getOctetStream());
-        CMSSecureReadable secureReadable = new CMSEnvelopedHelper.CMSEnvelopedSecureReadable(
-            this.encAlg, readable);
-
-        //
-        // build the RecipientInformationStore
-        //
-        this.recipientInfoStore = CMSEnvelopedHelper.buildRecipientInformationStore(
-            recipientInfos, this.encAlg, secureReadable);
-    }
-
-    /**
-     * return the object identifier for the content encryption algorithm.
-     */
-    public String getEncryptionAlgOID()
-    {
-        return encAlg.getAlgorithm().toString();
-    }
-
-    /**
-     * return the ASN.1 encoded encryption algorithm parameters, or null if
-     * there aren't any.
-     */
-    public byte[] getEncryptionAlgParams()
-    {
-        try
-        {
-            return encodeObj(encAlg.getParameters());
-        }
-        catch (Exception e)
-        {
-            throw new RuntimeException("exception getting encryption parameters " + e);
-        }
-    }
-
-    /**
-     * Return the content encryption algorithm details for the data in this object.
-     *
-     * @return AlgorithmIdentifier representing the content encryption algorithm.
-     */
-    public AlgorithmIdentifier getContentEncryptionAlgorithm()
-    {
-        return encAlg;
-    }
-
-    /**
-     * Return the originator information associated with this message if present.
-     *
-     * @return OriginatorInformation, null if not present.
-     */
-    public OriginatorInformation getOriginatorInfo()
-    {
-        return originatorInfo;
-    }
-
-    /**
-     * return a store of the intended recipients for this message
-     */
-    public RecipientInformationStore getRecipientInfos()
-    {
-        return recipientInfoStore;
-    }
-
-    /**
-     * return a table of the unprotected attributes indexed by
-     * the OID of the attribute.
-     * @exception IOException 
-     */
-    public AttributeTable getUnprotectedAttributes() 
-        throws IOException
-    {
-        if (unprotectedAttributes == null && attrNotRead)
-        {
-            ASN1SetParser             set = envelopedData.getUnprotectedAttrs();
-            
-            attrNotRead = false;
-            
-            if (set != null)
-            {
-                ASN1EncodableVector v = new ASN1EncodableVector();
-                ASN1Encodable        o;
-                
-                while ((o = set.readObject()) != null)
-                {
-                    ASN1SequenceParser    seq = (ASN1SequenceParser)o;
-                    
-                    v.add(seq.toASN1Primitive());
-                }
-                
-                unprotectedAttributes = new AttributeTable(new DERSet(v));
-            }
-        }
-
-        return unprotectedAttributes;
-    }
-
-    private byte[] encodeObj(
-        ASN1Encodable obj)
-        throws IOException
-    {
-        if (obj != null)
-        {
-            return obj.toASN1Primitive().getEncoded();
-        }
-
-        return null;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSEnvelopedDataStreamGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSEnvelopedDataStreamGenerator.java
deleted file mode 100644
index 92abca0..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSEnvelopedDataStreamGenerator.java
+++ /dev/null

@@ -1,305 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.util.HashMap;
-import java.util.Iterator;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.BERSequenceGenerator;
-import org.bouncycastle.asn1.BERSet;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.cms.AttributeTable;
-import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
-import org.bouncycastle.asn1.cms.EnvelopedData;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.OutputEncryptor;
-
-/**
- * General class for generating a CMS enveloped-data message stream.
- * <p>
- * A simple example of usage.
- * <pre>
- *      CMSEnvelopedDataStreamGenerator edGen = new CMSEnvelopedDataStreamGenerator();
- *
- *      edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(recipientCert).setProvider("BC"));
- *
- *      ByteArrayOutputStream  bOut = new ByteArrayOutputStream();
- *      
- *      OutputStream out = edGen.open(
- *                              bOut, new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC)
- *                                              .setProvider("BC").build());
- *      out.write(data);
- *      
- *      out.close();
- * </pre>
- */
-public class CMSEnvelopedDataStreamGenerator
-    extends CMSEnvelopedGenerator
-{
-    private ASN1Set              _unprotectedAttributes = null;
-    private int                 _bufferSize;
-    private boolean             _berEncodeRecipientSet;
-
-    /**
-     * base constructor
-     */
-    public CMSEnvelopedDataStreamGenerator()
-    {
-    }
-
-    /**
-     * Set the underlying string size for encapsulated data
-     * 
-     * @param bufferSize length of octet strings to buffer the data.
-     */
-    public void setBufferSize(
-        int bufferSize)
-    {
-        _bufferSize = bufferSize;
-    }
-
-    /**
-     * Use a BER Set to store the recipient information
-     */
-    public void setBEREncodeRecipients(
-        boolean berEncodeRecipientSet)
-    {
-        _berEncodeRecipientSet = berEncodeRecipientSet;
-    }
-
-    private ASN1Integer getVersion()
-    {
-        if (originatorInfo != null || _unprotectedAttributes != null)
-        {
-            return new ASN1Integer(2);
-        }
-        else
-        {
-            return new ASN1Integer(0);
-        }
-    }
-
-    private OutputStream doOpen(
-        ASN1ObjectIdentifier dataType,
-        OutputStream         out,
-        OutputEncryptor      encryptor)
-        throws IOException, CMSException
-    {
-        ASN1EncodableVector recipientInfos = new ASN1EncodableVector();
-        GenericKey encKey = encryptor.getKey();
-        Iterator it = recipientInfoGenerators.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInfoGenerator recipient = (RecipientInfoGenerator)it.next();
-
-            recipientInfos.add(recipient.generate(encKey));
-        }
-
-        return open(dataType, out, recipientInfos, encryptor);
-    }
-
-    protected OutputStream open(
-        ASN1ObjectIdentifier dataType,
-        OutputStream         out,
-        ASN1EncodableVector  recipientInfos,
-        OutputEncryptor      encryptor)
-        throws IOException
-    {
-        //
-        // ContentInfo
-        //
-        BERSequenceGenerator cGen = new BERSequenceGenerator(out);
-
-        cGen.addObject(CMSObjectIdentifiers.envelopedData);
-
-        //
-        // Encrypted Data
-        //
-        BERSequenceGenerator envGen = new BERSequenceGenerator(cGen.getRawOutputStream(), 0, true);
-
-        envGen.addObject(getVersion());
-
-        if (originatorInfo != null)
-        {
-            envGen.addObject(new DERTaggedObject(false, 0, originatorInfo));
-        }
-
-        if (_berEncodeRecipientSet)
-        {
-            envGen.getRawOutputStream().write(new BERSet(recipientInfos).getEncoded());
-        }
-        else
-        {
-            envGen.getRawOutputStream().write(new DERSet(recipientInfos).getEncoded());
-        }
-
-        BERSequenceGenerator eiGen = new BERSequenceGenerator(envGen.getRawOutputStream());
-
-        eiGen.addObject(dataType);
-
-        AlgorithmIdentifier encAlgId = encryptor.getAlgorithmIdentifier();
-
-        eiGen.getRawOutputStream().write(encAlgId.getEncoded());
-
-        OutputStream octetStream = CMSUtils.createBEROctetOutputStream(
-            eiGen.getRawOutputStream(), 0, false, _bufferSize);
-
-        OutputStream cOut = encryptor.getOutputStream(octetStream);
-
-        return new CmsEnvelopedDataOutputStream(cOut, cGen, envGen, eiGen);
-    }
-
-    protected OutputStream open(
-        OutputStream        out,
-        ASN1EncodableVector recipientInfos,
-        OutputEncryptor     encryptor)
-        throws CMSException
-    {
-        try
-        {
-            //
-            // ContentInfo
-            //
-            BERSequenceGenerator cGen = new BERSequenceGenerator(out);
-
-            cGen.addObject(CMSObjectIdentifiers.envelopedData);
-
-            //
-            // Encrypted Data
-            //
-            BERSequenceGenerator envGen = new BERSequenceGenerator(cGen.getRawOutputStream(), 0, true);
-
-            ASN1Set recipients;
-            if (_berEncodeRecipientSet)
-            {
-                recipients = new BERSet(recipientInfos);
-            }
-            else
-            {
-                recipients = new DERSet(recipientInfos);
-            }
-
-            envGen.addObject(new ASN1Integer(EnvelopedData.calculateVersion(originatorInfo, recipients, _unprotectedAttributes)));
-
-            if (originatorInfo != null)
-            {
-                envGen.addObject(new DERTaggedObject(false, 0, originatorInfo));
-            }
-
-            envGen.getRawOutputStream().write(recipients.getEncoded());
-
-            BERSequenceGenerator eiGen = new BERSequenceGenerator(envGen.getRawOutputStream());
-
-            eiGen.addObject(CMSObjectIdentifiers.data);
-
-            AlgorithmIdentifier encAlgId = encryptor.getAlgorithmIdentifier();
-
-            eiGen.getRawOutputStream().write(encAlgId.getEncoded());
-
-            OutputStream octetStream = CMSUtils.createBEROctetOutputStream(
-                eiGen.getRawOutputStream(), 0, false, _bufferSize);
-
-            return new CmsEnvelopedDataOutputStream(encryptor.getOutputStream(octetStream), cGen, envGen, eiGen);
-        }
-        catch (IOException e)
-        {
-            throw new CMSException("exception decoding algorithm parameters.", e);
-        }
-    }
-
-    /**
-     * generate an enveloped object that contains an CMS Enveloped Data
-     * object using the given encryptor.
-     */
-    public OutputStream open(
-        OutputStream    out,
-        OutputEncryptor encryptor)
-        throws CMSException, IOException
-    {
-        return doOpen(new ASN1ObjectIdentifier(CMSObjectIdentifiers.data.getId()), out, encryptor);
-    }
-
-    /**
-     * generate an enveloped object that contains an CMS Enveloped Data
-     * object using the given encryptor and marking the data as being of the passed
-     * in type.
-     */
-    public OutputStream open(
-        ASN1ObjectIdentifier dataType,
-        OutputStream         out,
-        OutputEncryptor      encryptor)
-        throws CMSException, IOException
-    {
-        return doOpen(dataType, out, encryptor);
-    }
-
-    private class CmsEnvelopedDataOutputStream
-        extends OutputStream
-    {
-        private OutputStream   _out;
-        private BERSequenceGenerator _cGen;
-        private BERSequenceGenerator _envGen;
-        private BERSequenceGenerator _eiGen;
-    
-        public CmsEnvelopedDataOutputStream(
-            OutputStream   out,
-            BERSequenceGenerator cGen,
-            BERSequenceGenerator envGen,
-            BERSequenceGenerator eiGen)
-        {
-            _out = out;
-            _cGen = cGen;
-            _envGen = envGen;
-            _eiGen = eiGen;
-        }
-    
-        public void write(
-            int b)
-            throws IOException
-        {
-            _out.write(b);
-        }
-        
-        public void write(
-            byte[] bytes,
-            int    off,
-            int    len)
-            throws IOException
-        {
-            _out.write(bytes, off, len);
-        }
-        
-        public void write(
-            byte[] bytes)
-            throws IOException
-        {
-            _out.write(bytes);
-        }
-        
-        public void close()
-            throws IOException
-        {
-            _out.close();
-            _eiGen.close();
-
-            if (unprotectedAttributeGenerator != null)
-            {
-                AttributeTable attrTable = unprotectedAttributeGenerator.getAttributes(new HashMap());
-      
-                ASN1Set unprotectedAttrs = new BERSet(attrTable.toASN1EncodableVector());
-
-                _envGen.addObject(new DERTaggedObject(false, 1, unprotectedAttrs));
-            }
-    
-            _envGen.close();
-            _cGen.close();
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSEnvelopedGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSEnvelopedGenerator.java
deleted file mode 100644
index 012b440..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSEnvelopedGenerator.java
+++ /dev/null

@@ -1,75 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import org.bouncycastle.asn1.cms.OriginatorInfo;
-import org.bouncycastle.asn1.kisa.KISAObjectIdentifiers;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-
-/**
- * General class for generating a CMS enveloped-data message.
- */
-public class CMSEnvelopedGenerator
-{
-    public static final String  DES_EDE3_CBC    = PKCSObjectIdentifiers.des_EDE3_CBC.getId();
-    public static final String  RC2_CBC         = PKCSObjectIdentifiers.RC2_CBC.getId();
-    public static final String  IDEA_CBC        = "1.3.6.1.4.1.188.7.1.1.2";
-    public static final String  CAST5_CBC       = "1.2.840.113533.7.66.10";
-    public static final String  AES128_CBC      = NISTObjectIdentifiers.id_aes128_CBC.getId();
-    public static final String  AES192_CBC      = NISTObjectIdentifiers.id_aes192_CBC.getId();
-    public static final String  AES256_CBC      = NISTObjectIdentifiers.id_aes256_CBC.getId();
-    public static final String  CAMELLIA128_CBC = NTTObjectIdentifiers.id_camellia128_cbc.getId();
-    public static final String  CAMELLIA192_CBC = NTTObjectIdentifiers.id_camellia192_cbc.getId();
-    public static final String  CAMELLIA256_CBC = NTTObjectIdentifiers.id_camellia256_cbc.getId();
-    public static final String  SEED_CBC        = KISAObjectIdentifiers.id_seedCBC.getId();
-
-    public static final String  DES_EDE3_WRAP   = PKCSObjectIdentifiers.id_alg_CMS3DESwrap.getId();
-    public static final String  AES128_WRAP     = NISTObjectIdentifiers.id_aes128_wrap.getId();
-    public static final String  AES192_WRAP     = NISTObjectIdentifiers.id_aes192_wrap.getId();
-    public static final String  AES256_WRAP     = NISTObjectIdentifiers.id_aes256_wrap.getId();
-    public static final String  CAMELLIA128_WRAP = NTTObjectIdentifiers.id_camellia128_wrap.getId();
-    public static final String  CAMELLIA192_WRAP = NTTObjectIdentifiers.id_camellia192_wrap.getId();
-    public static final String  CAMELLIA256_WRAP = NTTObjectIdentifiers.id_camellia256_wrap.getId();
-    public static final String  SEED_WRAP       = KISAObjectIdentifiers.id_npki_app_cmsSeed_wrap.getId();
-
-    public static final String  ECDH_SHA1KDF    = X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme.getId();
-    public static final String  ECMQV_SHA1KDF   = X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme.getId();
-
-    final List oldRecipientInfoGenerators = new ArrayList();
-    final List recipientInfoGenerators = new ArrayList();
-
-    protected CMSAttributeTableGenerator unprotectedAttributeGenerator = null;
-
-    protected OriginatorInfo originatorInfo;
-
-    /**
-     * base constructor
-     */
-    public CMSEnvelopedGenerator()
-    {
-    }
-
-    public void setUnprotectedAttributeGenerator(CMSAttributeTableGenerator unprotectedAttributeGenerator)
-    {
-        this.unprotectedAttributeGenerator = unprotectedAttributeGenerator;
-    }
-
-    public void setOriginatorInfo(OriginatorInformation originatorInfo)
-    {
-        this.originatorInfo = originatorInfo.toASN1Structure();
-    }
-
-    /**
-     * Add a generator to produce the recipient info required.
-     * 
-     * @param recipientGenerator a generator of a recipient info object.
-     */
-    public void addRecipientInfoGenerator(RecipientInfoGenerator recipientGenerator)
-    {
-        recipientInfoGenerators.add(recipientGenerator);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSEnvelopedHelper.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSEnvelopedHelper.java
deleted file mode 100644
index 5b1bad4..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSEnvelopedHelper.java
+++ /dev/null

@@ -1,154 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.FilterInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.ArrayList;
-import java.util.List;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.cms.KEKRecipientInfo;
-import org.bouncycastle.asn1.cms.KeyAgreeRecipientInfo;
-import org.bouncycastle.asn1.cms.KeyTransRecipientInfo;
-import org.bouncycastle.asn1.cms.PasswordRecipientInfo;
-import org.bouncycastle.asn1.cms.RecipientInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.operator.DigestCalculator;
-
-class CMSEnvelopedHelper
-{
-    static RecipientInformationStore buildRecipientInformationStore(
-        ASN1Set recipientInfos, AlgorithmIdentifier messageAlgorithm, CMSSecureReadable secureReadable)
-    {
-        return buildRecipientInformationStore(recipientInfos, messageAlgorithm, secureReadable, null);
-    }
-
-    static RecipientInformationStore buildRecipientInformationStore(
-        ASN1Set recipientInfos, AlgorithmIdentifier messageAlgorithm, CMSSecureReadable secureReadable, AuthAttributesProvider additionalData)
-    {
-        List infos = new ArrayList();
-        for (int i = 0; i != recipientInfos.size(); i++)
-        {
-            RecipientInfo info = RecipientInfo.getInstance(recipientInfos.getObjectAt(i));
-
-            readRecipientInfo(infos, info, messageAlgorithm, secureReadable, additionalData);
-        }
-        return new RecipientInformationStore(infos);
-    }
-
-    private static void readRecipientInfo(
-        List infos, RecipientInfo info, AlgorithmIdentifier messageAlgorithm, CMSSecureReadable secureReadable, AuthAttributesProvider additionalData)
-    {
-        ASN1Encodable recipInfo = info.getInfo();
-        if (recipInfo instanceof KeyTransRecipientInfo)
-        {
-            infos.add(new KeyTransRecipientInformation(
-                (KeyTransRecipientInfo)recipInfo, messageAlgorithm, secureReadable, additionalData));
-        }
-        else if (recipInfo instanceof KEKRecipientInfo)
-        {
-            infos.add(new KEKRecipientInformation(
-                (KEKRecipientInfo)recipInfo, messageAlgorithm, secureReadable, additionalData));
-        }
-        else if (recipInfo instanceof KeyAgreeRecipientInfo)
-        {
-            KeyAgreeRecipientInformation.readRecipientInfo(infos,
-                (KeyAgreeRecipientInfo)recipInfo, messageAlgorithm, secureReadable, additionalData);
-        }
-        else if (recipInfo instanceof PasswordRecipientInfo)
-        {
-            infos.add(new PasswordRecipientInformation(
-                (PasswordRecipientInfo)recipInfo, messageAlgorithm, secureReadable, additionalData));
-        }
-    }
-
-    static class CMSDigestAuthenticatedSecureReadable
-        implements CMSSecureReadable
-    {
-        private DigestCalculator digestCalculator;
-        private CMSReadable readable;
-
-        public CMSDigestAuthenticatedSecureReadable(DigestCalculator digestCalculator, CMSReadable readable)
-        {
-            this.digestCalculator = digestCalculator;
-            this.readable = readable;
-        }
-
-        public InputStream getInputStream()
-            throws IOException, CMSException
-        {
-            return new FilterInputStream(readable.getInputStream())
-            {
-                public int read()
-                    throws IOException
-                {
-                    int b = in.read();
-
-                    if (b >= 0)
-                    {
-                        digestCalculator.getOutputStream().write(b);
-                    }
-
-                    return b;
-                }
-
-                public int read(byte[] inBuf, int inOff, int inLen)
-                    throws IOException
-                {
-                    int n = in.read(inBuf, inOff, inLen);
-                    
-                    if (n >= 0)
-                    {
-                        digestCalculator.getOutputStream().write(inBuf, inOff, n);
-                    }
-
-                    return n;
-                }
-            };
-        }
-
-        public byte[] getDigest()
-        {
-            return digestCalculator.getDigest();
-        }
-    }
-
-    static class CMSAuthenticatedSecureReadable implements CMSSecureReadable
-    {
-        private AlgorithmIdentifier algorithm;
-        private CMSReadable readable;
-
-        CMSAuthenticatedSecureReadable(AlgorithmIdentifier algorithm, CMSReadable readable)
-        {
-            this.algorithm = algorithm;
-            this.readable = readable;
-        }
-
-        public InputStream getInputStream()
-            throws IOException, CMSException
-        {
-            return readable.getInputStream();
-        }
-
-    }
-
-    static class CMSEnvelopedSecureReadable implements CMSSecureReadable
-    {
-        private AlgorithmIdentifier algorithm;
-        private CMSReadable readable;
-
-        CMSEnvelopedSecureReadable(AlgorithmIdentifier algorithm, CMSReadable readable)
-        {
-            this.algorithm = algorithm;
-            this.readable = readable;
-        }
-
-        public InputStream getInputStream()
-            throws IOException, CMSException
-        {
-            return readable.getInputStream();
-        }
-
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSProcessableFile.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSProcessableFile.java
deleted file mode 100644
index 10b5d55..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSProcessableFile.java
+++ /dev/null

@@ -1,80 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.BufferedInputStream;
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
-
-/**
- * a holding class for a file of data to be processed.
- */
-public class CMSProcessableFile
-    implements CMSTypedData, CMSReadable
-{
-    private static final int DEFAULT_BUF_SIZE = 32 * 1024;
-
-    private final ASN1ObjectIdentifier type;
-    private final File file;
-    private final byte[] buf;
-
-    public CMSProcessableFile(
-        File file)
-    {
-        this(file, DEFAULT_BUF_SIZE);
-    }
-    
-    public CMSProcessableFile(
-        File file,
-        int  bufSize)
-    {
-        this(CMSObjectIdentifiers.data, file, bufSize);
-    }
-
-    public CMSProcessableFile(
-        ASN1ObjectIdentifier type,
-        File file,
-        int  bufSize)
-    {
-        this.type = type;
-        this.file = file;
-        buf = new byte[bufSize];
-    }
-
-    public InputStream getInputStream()
-        throws IOException, CMSException
-    {
-        return new BufferedInputStream(new FileInputStream(file), DEFAULT_BUF_SIZE);
-    }
-
-    public void write(OutputStream zOut)
-        throws IOException, CMSException
-    {
-        FileInputStream     fIn = new FileInputStream(file);
-        int                 len;
-        
-        while ((len = fIn.read(buf, 0, buf.length)) > 0)
-        {
-            zOut.write(buf, 0, len);
-        }
-        
-        fIn.close();
-    }
-
-    /**
-     * Return the file handle.
-     */
-    public Object getContent()
-    {
-        return file;
-    }
-
-    public ASN1ObjectIdentifier getContentType()
-    {
-        return type;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSProcessableInputStream.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSProcessableInputStream.java
deleted file mode 100644
index a73e232..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSProcessableInputStream.java
+++ /dev/null

@@ -1,50 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-
-import org.bouncycastle.util.io.Streams;
-
-class CMSProcessableInputStream implements CMSProcessable, CMSReadable
-{
-    private InputStream input;
-    private boolean used = false;
-
-    public CMSProcessableInputStream(
-        InputStream input)
-    {
-        this.input = input;
-    }
-
-    public InputStream getInputStream()
-    {
-        checkSingleUsage();
-
-        return input;
-    }
-
-    public void write(OutputStream zOut)
-        throws IOException, CMSException
-    {
-        checkSingleUsage();
-
-        Streams.pipeAll(input, zOut);
-        input.close();
-    }
-
-    public Object getContent()
-    {
-        return getInputStream();
-    }
-
-    private synchronized void checkSingleUsage()
-    {
-        if (used)
-        {
-            throw new IllegalStateException("CMSProcessableInputStream can only be used once");
-        }
-
-        used = true;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSSecureReadable.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSSecureReadable.java
deleted file mode 100644
index 620d123..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSSecureReadable.java
+++ /dev/null

@@ -1,10 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-interface CMSSecureReadable
-{
-    InputStream getInputStream()
-            throws IOException, CMSException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedData.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedData.java
index 98b4ee1..b3a39a9 100644
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedData.java
+++ b/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedData.java

@@ -320,6 +320,8 @@
         return HELPER.getAttributeCertificates(signedData.getCertificates());
     }
 
+    // BEGIN Android-removed: OtherRevocationInfoFormat isn't supported
+    /*
     /**
      * Return any OtherRevocationInfo OtherRevInfo objects of the type indicated by otherRevocationInfoFormat in
      * this SignedData structure.
@@ -327,11 +329,13 @@
      * @param otherRevocationInfoFormat OID of the format type been looked for.
      *
      * @return a Store of ASN1Encodable objects representing any objects of otherRevocationInfoFormat found.
-     */
+     *
     public Store getOtherRevocationInfo(ASN1ObjectIdentifier otherRevocationInfoFormat)
     {
         return HELPER.getOtherRevocationInfo(otherRevocationInfoFormat, signedData.getCRLs());
     }
+    */
+    // END Android-removed: OtherRevocationInfoFormat isn't supported
 
     /**
      * Return the digest algorithm identifiers for the SignedData object
@@ -383,6 +387,8 @@
         return contentInfo.getEncoded();
     }
 
+    // BEGIN Android-removed: Unknown reason
+    /*
     /**
      * Verify all the SignerInformation objects and their associated counter signatures attached
      * to this CMS SignedData object.
@@ -390,7 +396,7 @@
      * @param verifierProvider  a provider of SignerInformationVerifier objects.
      * @return true if all verify, false otherwise.
      * @throws CMSException  if an exception occurs during the verification process.
-     */
+     *
     public boolean verifySignatures(SignerInformationVerifierProvider verifierProvider)
         throws CMSException
     {
@@ -405,7 +411,7 @@
      * @param ignoreCounterSignatures if true don't check counter signatures. If false check counter signatures as well.
      * @return true if all verify, false otherwise.
      * @throws CMSException  if an exception occurs during the verification process.
-     */
+     *
     public boolean verifySignatures(SignerInformationVerifierProvider verifierProvider, boolean ignoreCounterSignatures)
         throws CMSException
     {
@@ -467,6 +473,8 @@
 
         return true;
     }
+    */
+    // END Android-removed: Unknown reason
 
     /**
      * Replace the SignerInformation store associated with this

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedDataParser.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedDataParser.java
deleted file mode 100644
index 267fde3..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedDataParser.java
+++ /dev/null

@@ -1,662 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Generator;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetStringParser;
-import org.bouncycastle.asn1.ASN1SequenceParser;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.ASN1SetParser;
-import org.bouncycastle.asn1.ASN1StreamParser;
-import org.bouncycastle.asn1.BERSequenceGenerator;
-import org.bouncycastle.asn1.BERSetParser;
-import org.bouncycastle.asn1.BERTaggedObject;
-import org.bouncycastle.asn1.BERTags;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
-import org.bouncycastle.asn1.cms.ContentInfoParser;
-import org.bouncycastle.asn1.cms.SignedDataParser;
-import org.bouncycastle.asn1.cms.SignerInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.operator.DigestCalculator;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.util.Store;
-import org.bouncycastle.util.io.Streams;
-
-/**
- * Parsing class for an CMS Signed Data object from an input stream.
- * <p>
- * Note: that because we are in a streaming mode only one signer can be tried and it is important 
- * that the methods on the parser are called in the appropriate order.
- * </p>
- * <p>
- * A simple example of usage for an encapsulated signature.
- * </p>
- * <p>
- * Two notes: first, in the example below the validity of
- * the certificate isn't verified, just the fact that one of the certs 
- * matches the given signer, and, second, because we are in a streaming
- * mode the order of the operations is important.
- * </p>
- * <pre>
- *      CMSSignedDataParser     sp = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider("BC").build(), encapSigData);
- *
- *      sp.getSignedContent().drain();
- *
- *      Store                   certStore = sp.getCertificates();
- *      SignerInformationStore  signers = sp.getSignerInfos();
- *      
- *      Collection              c = signers.getSigners();
- *      Iterator                it = c.iterator();
- *
- *      while (it.hasNext())
- *      {
- *          SignerInformation   signer = (SignerInformation)it.next();
- *          Collection          certCollection = certStore.getMatches(signer.getSID());
- *
- *          Iterator        certIt = certCollection.iterator();
- *          X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
- *
- *          System.out.println("verify returns: " + signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert)));
- *      }
- * </pre>
- *  Note also: this class does not introduce buffering - if you are processing large files you should create
- *  the parser with:
- *  <pre>
- *          CMSSignedDataParser     ep = new CMSSignedDataParser(new BufferedInputStream(encapSigData, bufSize));
- *  </pre>
- *  where bufSize is a suitably large buffer size.
- */
-public class CMSSignedDataParser
-    extends CMSContentInfoParser
-{
-    private static final CMSSignedHelper HELPER = CMSSignedHelper.INSTANCE;
-
-    private SignedDataParser        _signedData;
-    private ASN1ObjectIdentifier    _signedContentType;
-    private CMSTypedStream          _signedContent;
-    private Map                     digests;
-    private Set<AlgorithmIdentifier> digestAlgorithms;
-
-    private SignerInformationStore  _signerInfoStore;
-    private ASN1Set                 _certSet, _crlSet;
-    private boolean                 _isCertCrlParsed;
-
-    public CMSSignedDataParser(
-        DigestCalculatorProvider digestCalculatorProvider,
-        byte[]      sigBlock)
-        throws CMSException
-    {
-        this(digestCalculatorProvider, new ByteArrayInputStream(sigBlock));
-    }
-
-    public CMSSignedDataParser(
-        DigestCalculatorProvider digestCalculatorProvider,
-        CMSTypedStream  signedContent,
-        byte[]          sigBlock)
-        throws CMSException
-    {
-        this(digestCalculatorProvider, signedContent, new ByteArrayInputStream(sigBlock));
-    }
-
-    /**
-     * base constructor - with encapsulated content
-     */
-    public CMSSignedDataParser(
-        DigestCalculatorProvider digestCalculatorProvider,
-        InputStream sigData)
-        throws CMSException
-    {
-        this(digestCalculatorProvider, null, sigData);
-    }
-
-    /**
-     * base constructor
-     *
-     * @param digestCalculatorProvider for generating accumulating digests
-     * @param signedContent the content that was signed.
-     * @param sigData the signature object stream.
-     */
-    public CMSSignedDataParser(
-        DigestCalculatorProvider digestCalculatorProvider,
-        CMSTypedStream  signedContent,
-        InputStream     sigData)
-        throws CMSException
-    {
-        super(sigData);
-        
-        try
-        {
-            _signedContent = signedContent;
-            _signedData = SignedDataParser.getInstance(_contentInfo.getContent(BERTags.SEQUENCE));
-            digests = new HashMap();
-            
-            ASN1SetParser digAlgs = _signedData.getDigestAlgorithms();
-            ASN1Encodable  o;
-
-            Set<AlgorithmIdentifier> algSet = new HashSet<AlgorithmIdentifier>();
-
-            while ((o = digAlgs.readObject()) != null)
-            {
-                AlgorithmIdentifier algId = AlgorithmIdentifier.getInstance(o);
-
-                algSet.add(algId);
-
-                try
-                {
-                    DigestCalculator calculator = digestCalculatorProvider.get(algId);
-
-                    if (calculator != null)
-                    {
-                        this.digests.put(algId.getAlgorithm(), calculator);
-                    }
-                }
-                catch (OperatorCreationException e)
-                {
-                     //  ignore
-                }
-            }
-
-            digestAlgorithms = Collections.unmodifiableSet(algSet);
-
-            //
-            // If the message is simply a certificate chain message getContent() may return null.
-            //
-            ContentInfoParser     cont = _signedData.getEncapContentInfo();
-            ASN1Encodable contentParser = cont.getContent(BERTags.OCTET_STRING);
-
-            if (contentParser instanceof ASN1OctetStringParser)
-            {
-                ASN1OctetStringParser octs = (ASN1OctetStringParser)contentParser;
-
-                CMSTypedStream ctStr = new CMSTypedStream(
-                    cont.getContentType(), octs.getOctetStream());
-
-                if (_signedContent == null)
-                {
-                    _signedContent = ctStr;
-                }
-                else
-                {
-                    //
-                    // content passed in, need to read past empty encapsulated content info object if present
-                    //
-                    ctStr.drain();
-                }
-            }
-            else if (contentParser != null)
-            {
-                PKCS7TypedStream pkcs7Stream = new PKCS7TypedStream(cont.getContentType(), contentParser);
-
-                if (_signedContent == null)
-                {
-                    _signedContent = pkcs7Stream;
-                }
-                else
-                {
-                    //
-                    // content passed in, need to read past empty encapsulated content info object if present
-                    //
-                    pkcs7Stream.drain();
-                }
-            }
-
-            if (signedContent == null)
-            {
-                _signedContentType = cont.getContentType();
-            }
-            else
-            {
-                _signedContentType = _signedContent.getContentType();
-            }
-        }
-        catch (IOException e)
-        {
-            throw new CMSException("io exception: " + e.getMessage(), e);
-        }
-    }
-
-    /**
-     * Return the version number for the SignedData object
-     *
-     * @return the version number
-     */
-    public int getVersion()
-    {
-        return _signedData.getVersion().getValue().intValue();
-    }
-
-    /**
-     * Return the digest algorithm identifiers for the SignedData object
-     *
-     * @return the set of digest algorithm identifiers
-     */
-    public Set<AlgorithmIdentifier> getDigestAlgorithmIDs()
-    {
-        return digestAlgorithms;
-    }
-
-    /**
-     * return the collection of signers that are associated with the
-     * signatures for the message.
-     * @throws CMSException 
-     */
-    public SignerInformationStore getSignerInfos() 
-        throws CMSException
-    {
-        if (_signerInfoStore == null)
-        {
-            populateCertCrlSets();
-            
-            List      signerInfos = new ArrayList();
-            Map       hashes = new HashMap();
-            
-            Iterator  it = digests.keySet().iterator();
-            while (it.hasNext())
-            {
-                Object digestKey = it.next();
-
-                hashes.put(digestKey, ((DigestCalculator)digests.get(digestKey)).getDigest());
-            }
-            
-            try
-            {
-                ASN1SetParser     s = _signedData.getSignerInfos();
-                ASN1Encodable      o;
-
-                while ((o = s.readObject()) != null)
-                {
-                    SignerInfo info = SignerInfo.getInstance(o.toASN1Primitive());
-
-                    byte[] hash = (byte[])hashes.get(info.getDigestAlgorithm().getAlgorithm());
-
-                    signerInfos.add(new SignerInformation(info, _signedContentType, null, hash));
-                }
-            }
-            catch (IOException e)
-            {
-                throw new CMSException("io exception: " + e.getMessage(), e);
-            }
-
-            _signerInfoStore = new SignerInformationStore(signerInfos);
-        }
-
-        return _signerInfoStore;
-    }
-
-    /**
-     * Return any X.509 certificate objects in this SignedData structure as a Store of X509CertificateHolder objects.
-     *
-     * @return a Store of X509CertificateHolder objects.
-     */
-    public Store getCertificates()
-        throws CMSException
-    {
-        populateCertCrlSets();
-
-        return HELPER.getCertificates(_certSet);
-    }
-
-    /**
-     * Return any X.509 CRL objects in this SignedData structure as a Store of X509CRLHolder objects.
-     *
-     * @return a Store of X509CRLHolder objects.
-     */
-    public Store getCRLs()
-        throws CMSException
-    {
-        populateCertCrlSets();
-
-        return HELPER.getCRLs(_crlSet);
-    }
-
-    /**
-     * Return any X.509 attribute certificate objects in this SignedData structure as a Store of X509AttributeCertificateHolder objects.
-     *
-     * @return a Store of X509AttributeCertificateHolder objects.
-     */
-    public Store getAttributeCertificates()
-        throws CMSException
-    {
-        populateCertCrlSets();
-
-        return HELPER.getAttributeCertificates(_certSet);
-    }
-
-    /**
-     * Return any OtherRevocationInfo OtherRevInfo objects of the type indicated by otherRevocationInfoFormat in
-     * this SignedData structure.
-     *
-     * @param otherRevocationInfoFormat OID of the format type been looked for.
-     *
-     * @return a Store of ASN1Encodable objects representing any objects of otherRevocationInfoFormat found.
-     */
-    public Store getOtherRevocationInfo(ASN1ObjectIdentifier otherRevocationInfoFormat)
-        throws CMSException
-    {
-        populateCertCrlSets();
-
-        return HELPER.getOtherRevocationInfo(otherRevocationInfoFormat, _crlSet);
-    }
-
-    private void populateCertCrlSets()
-        throws CMSException
-    {
-        if (_isCertCrlParsed)
-        {
-            return;
-        }
-
-        _isCertCrlParsed = true;
-
-        try
-        {
-            // care! Streaming - these must be done in exactly this order.
-            _certSet = getASN1Set(_signedData.getCertificates());
-            _crlSet = getASN1Set(_signedData.getCrls());
-        }
-        catch (IOException e)
-        {
-            throw new CMSException("problem parsing cert/crl sets", e);
-        }
-    }
-
-    /**
-     * Return the a string representation of the OID associated with the
-     * encapsulated content info structure carried in the signed data.
-     * 
-     * @return the OID for the content type.
-     */
-    public String getSignedContentTypeOID()
-    {
-        return _signedContentType.getId();
-    }
-
-    public CMSTypedStream getSignedContent()
-    {
-        if (_signedContent == null)
-        {
-            return null;
-        }
-
-        InputStream digStream = CMSUtils.attachDigestsToInputStream(
-            digests.values(), _signedContent.getContentStream());
-
-        return new CMSTypedStream(_signedContent.getContentType(), digStream);
-    }
-
-    /**
-     * Replace the signerinformation store associated with the passed
-     * in message contained in the stream original with the new one passed in.
-     * You would probably only want to do this if you wanted to change the unsigned
-     * attributes associated with a signer, or perhaps delete one.
-     * <p>
-     * The output stream is returned unclosed.
-     * </p>
-     * @param original the signed data stream to be used as a base.
-     * @param signerInformationStore the new signer information store to use.
-     * @param out the stream to write the new signed data object to.
-     * @return out.
-     */
-    public static OutputStream replaceSigners(
-        InputStream             original,
-        SignerInformationStore  signerInformationStore,
-        OutputStream            out)
-        throws CMSException, IOException
-    {
-        ASN1StreamParser in = new ASN1StreamParser(original);
-        ContentInfoParser contentInfo = new ContentInfoParser((ASN1SequenceParser)in.readObject());
-        SignedDataParser signedData = SignedDataParser.getInstance(contentInfo.getContent(BERTags.SEQUENCE));
-
-        BERSequenceGenerator sGen = new BERSequenceGenerator(out);
-
-        sGen.addObject(CMSObjectIdentifiers.signedData);
-
-        BERSequenceGenerator sigGen = new BERSequenceGenerator(sGen.getRawOutputStream(), 0, true);
-
-        // version number
-        sigGen.addObject(signedData.getVersion());
-
-        // digests
-        signedData.getDigestAlgorithms().toASN1Primitive();  // skip old ones
-
-        ASN1EncodableVector digestAlgs = new ASN1EncodableVector();
-
-        for (Iterator it = signerInformationStore.getSigners().iterator(); it.hasNext();)
-        {
-            SignerInformation signer = (SignerInformation)it.next();
-            digestAlgs.add(CMSSignedHelper.INSTANCE.fixAlgID(signer.getDigestAlgorithmID()));
-        }
-
-        sigGen.getRawOutputStream().write(new DERSet(digestAlgs).getEncoded());
-
-        // encap content info
-        ContentInfoParser encapContentInfo = signedData.getEncapContentInfo();
-
-        BERSequenceGenerator eiGen = new BERSequenceGenerator(sigGen.getRawOutputStream());
-
-        eiGen.addObject(encapContentInfo.getContentType());
-
-        pipeEncapsulatedOctetString(encapContentInfo, eiGen.getRawOutputStream());
-
-        eiGen.close();
-
-
-        writeSetToGeneratorTagged(sigGen, signedData.getCertificates(), 0);
-        writeSetToGeneratorTagged(sigGen, signedData.getCrls(), 1);
-
-
-        ASN1EncodableVector signerInfos = new ASN1EncodableVector();
-        for (Iterator it = signerInformationStore.getSigners().iterator(); it.hasNext();)
-        {
-            SignerInformation        signer = (SignerInformation)it.next();
-
-            signerInfos.add(signer.toASN1Structure());
-        }
-
-        sigGen.getRawOutputStream().write(new DERSet(signerInfos).getEncoded());
-
-        sigGen.close();
-
-        sGen.close();
-
-        return out;
-    }
-
-    /**
-     * Replace the certificate and CRL information associated with this
-     * CMSSignedData object with the new one passed in.
-     * <p>
-     * The output stream is returned unclosed.
-     * </p>
-     * @param original the signed data stream to be used as a base.
-     * @param certs new certificates to be used, if any.
-     * @param crls new CRLs to be used, if any.
-     * @param attrCerts new attribute certificates to be used, if any.
-     * @param out the stream to write the new signed data object to.
-     * @return out.
-     * @exception CMSException if there is an error processing the CertStore
-     */
-    public static OutputStream replaceCertificatesAndCRLs(
-        InputStream   original,
-        Store         certs,
-        Store         crls,
-        Store         attrCerts,
-        OutputStream  out)
-        throws CMSException, IOException
-    {
-        ASN1StreamParser in = new ASN1StreamParser(original);
-        ContentInfoParser contentInfo = new ContentInfoParser((ASN1SequenceParser)in.readObject());
-        SignedDataParser signedData = SignedDataParser.getInstance(contentInfo.getContent(BERTags.SEQUENCE));
-
-        BERSequenceGenerator sGen = new BERSequenceGenerator(out);
-
-        sGen.addObject(CMSObjectIdentifiers.signedData);
-
-        BERSequenceGenerator sigGen = new BERSequenceGenerator(sGen.getRawOutputStream(), 0, true);
-
-        // version number
-        sigGen.addObject(signedData.getVersion());
-
-        // digests
-        sigGen.getRawOutputStream().write(signedData.getDigestAlgorithms().toASN1Primitive().getEncoded());
-
-        // encap content info
-        ContentInfoParser encapContentInfo = signedData.getEncapContentInfo();
-
-        BERSequenceGenerator eiGen = new BERSequenceGenerator(sigGen.getRawOutputStream());
-
-        eiGen.addObject(encapContentInfo.getContentType());
-
-        pipeEncapsulatedOctetString(encapContentInfo, eiGen.getRawOutputStream());
-
-        eiGen.close();
-
-        //
-        // skip existing certs and CRLs
-        //
-        getASN1Set(signedData.getCertificates());
-        getASN1Set(signedData.getCrls());
-
-        //
-        // replace the certs and crls in the SignedData object
-        //
-        if (certs != null || attrCerts != null)
-        {
-            List certificates = new ArrayList();
-
-            if (certs != null)
-            {
-                certificates.addAll(CMSUtils.getCertificatesFromStore(certs));
-            }
-            if (attrCerts != null)
-            {
-                certificates.addAll(CMSUtils.getAttributeCertificatesFromStore(attrCerts));
-            }
-
-            ASN1Set asn1Certs = CMSUtils.createBerSetFromList(certificates);
-
-            if (asn1Certs.size() > 0)
-            {
-                sigGen.getRawOutputStream().write(new DERTaggedObject(false, 0, asn1Certs).getEncoded());
-            }
-        }
-
-        if (crls != null)
-        {
-            ASN1Set asn1Crls = CMSUtils.createBerSetFromList(CMSUtils.getCRLsFromStore(crls));
-
-            if (asn1Crls.size() > 0)
-            {
-                sigGen.getRawOutputStream().write(new DERTaggedObject(false, 1, asn1Crls).getEncoded());
-            }
-        }
-
-        sigGen.getRawOutputStream().write(signedData.getSignerInfos().toASN1Primitive().getEncoded());
-
-        sigGen.close();
-
-        sGen.close();
-
-        return out;
-    }
-
-    private static void writeSetToGeneratorTagged(
-        ASN1Generator asn1Gen,
-        ASN1SetParser asn1SetParser,
-        int           tagNo)
-        throws IOException
-    {
-        ASN1Set asn1Set = getASN1Set(asn1SetParser);
-
-        if (asn1Set != null)
-        {
-            if (asn1SetParser instanceof BERSetParser)
-            {
-                asn1Gen.getRawOutputStream().write(new BERTaggedObject(false, tagNo, asn1Set).getEncoded());
-            }
-            else
-            {
-                asn1Gen.getRawOutputStream().write(new DERTaggedObject(false, tagNo, asn1Set).getEncoded());
-            }
-        }
-    }
-
-    private static ASN1Set getASN1Set(
-        ASN1SetParser asn1SetParser)
-    {
-        return asn1SetParser == null
-            ?   null
-            :   ASN1Set.getInstance(asn1SetParser.toASN1Primitive());
-    }
-
-    private static void pipeEncapsulatedOctetString(ContentInfoParser encapContentInfo,
-        OutputStream rawOutputStream) throws IOException
-    {
-        ASN1OctetStringParser octs = (ASN1OctetStringParser)
-            encapContentInfo.getContent(BERTags.OCTET_STRING);
-
-        if (octs != null)
-        {
-            pipeOctetString(octs, rawOutputStream);
-        }
-
-//        BERTaggedObjectParser contentObject = (BERTaggedObjectParser)encapContentInfo.getContentObject();
-//        if (contentObject != null)
-//        {
-//            // Handle IndefiniteLengthInputStream safely
-//            InputStream input = ASN1StreamParser.getSafeRawInputStream(contentObject.getContentStream(true));
-//
-//            // TODO BerTaggedObjectGenerator?
-//            BEROutputStream berOut = new BEROutputStream(rawOutputStream);
-//            berOut.write(DERTags.CONSTRUCTED | DERTags.TAGGED | 0);
-//            berOut.write(0x80);
-//
-//            pipeRawOctetString(input, rawOutputStream);
-//
-//            berOut.write(0x00);
-//            berOut.write(0x00);
-//
-//            input.close();
-//        }
-    }
-
-    private static void pipeOctetString(
-        ASN1OctetStringParser octs,
-        OutputStream          output)
-        throws IOException
-    {
-        // TODO Allow specification of a specific fragment size?
-        OutputStream outOctets = CMSUtils.createBEROctetOutputStream(
-            output, 0, true, 0);
-        Streams.pipeAll(octs.getOctetStream(), outOctets);
-        outOctets.close();
-    }
-
-//    private static void pipeRawOctetString(
-//        InputStream     rawInput,
-//        OutputStream    rawOutput)
-//        throws IOException
-//    {
-//        InputStream tee = new TeeInputStream(rawInput, rawOutput);
-//        ASN1StreamParser sp = new ASN1StreamParser(tee);
-//        ASN1OctetStringParser octs = (ASN1OctetStringParser)sp.readObject();
-//        Streams.drain(octs.getOctetStream());
-//    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedDataStreamGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedDataStreamGenerator.java
deleted file mode 100644
index 04dbf52..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedDataStreamGenerator.java
+++ /dev/null

@@ -1,524 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.util.ArrayList;
-import java.util.Iterator;
-import java.util.List;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.BERSequenceGenerator;
-import org.bouncycastle.asn1.BERTaggedObject;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
-import org.bouncycastle.asn1.cms.SignerInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * General class for generating a pkcs7-signature message stream.
- * <p>
- * A simple example of usage.
- * </p>
- * <pre>
- *      X509Certificate signCert = ...
- *      certList.add(signCert);
- *
- *      Store           certs = new JcaCertStore(certList);
- *      ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(signKP.getPrivate());
- *
- *      CMSSignedDataStreamGenerator gen = new CMSSignedDataStreamGenerator();
- *  
- *      gen.addSignerInfoGenerator(
- *                new JcaSignerInfoGeneratorBuilder(
- *                     new JcaDigestCalculatorProviderBuilder().setProvider("BC").build())
- *                     .build(sha1Signer, signCert));
- *
- *      gen.addCertificates(certs);
- *  
- *      OutputStream sigOut = gen.open(bOut);
- *  
- *      sigOut.write("Hello World!".getBytes());
- *      
- *      sigOut.close();
- * </pre>
- */
-public class CMSSignedDataStreamGenerator
-    extends CMSSignedGenerator
-{
-    private int  _bufferSize;
-
-    /**
-     * base constructor
-     */
-    public CMSSignedDataStreamGenerator()
-    {
-    }
-
-    /**
-     * Set the underlying string size for encapsulated data
-     * 
-     * @param bufferSize length of octet strings to buffer the data.
-     */
-    public void setBufferSize(
-        int bufferSize)
-    {
-        _bufferSize = bufferSize;
-    }
-
-    /**
-     * generate a signed object that for a CMS Signed Data
-     * object using the given provider.
-     */
-    public OutputStream open(
-        OutputStream out)
-        throws IOException
-    {
-        return open(out, false);
-    }
-
-    /**
-     * generate a signed object that for a CMS Signed Data
-     * object using the given provider - if encapsulate is true a copy
-     * of the message will be included in the signature with the
-     * default content type "data".
-     */
-    public OutputStream open(
-        OutputStream out,
-        boolean      encapsulate)
-        throws IOException
-    {
-        return open(CMSObjectIdentifiers.data, out, encapsulate);
-    }
-
-    /**
-     * generate a signed object that for a CMS Signed Data
-     * object using the given provider - if encapsulate is true a copy
-     * of the message will be included in the signature with the
-     * default content type "data". If dataOutputStream is non null the data
-     * being signed will be written to the stream as it is processed.
-     * @param out stream the CMS object is to be written to.
-     * @param encapsulate true if data should be encapsulated.
-     * @param dataOutputStream output stream to copy the data being signed to.
-     */
-    public OutputStream open(
-        OutputStream out,
-        boolean      encapsulate,
-        OutputStream dataOutputStream)
-        throws IOException
-    {
-        return open(CMSObjectIdentifiers.data, out, encapsulate, dataOutputStream);
-    }
-
-    /**
-     * generate a signed object that for a CMS Signed Data
-     * object using the given provider - if encapsulate is true a copy
-     * of the message will be included in the signature. The content type
-     * is set according to the OID represented by the string signedContentType.
-     */
-    public OutputStream open(
-        ASN1ObjectIdentifier eContentType,
-        OutputStream out,
-        boolean encapsulate)
-        throws IOException
-    {
-        return open(eContentType, out, encapsulate, null);
-    }
-
-    /**
-     * generate a signed object that for a CMS Signed Data
-     * object using the given provider - if encapsulate is true a copy
-     * of the message will be included in the signature. The content type
-     * is set according to the OID represented by the string signedContentType.
-     * @param eContentType OID for data to be signed.
-     * @param out stream the CMS object is to be written to.
-     * @param encapsulate true if data should be encapsulated.
-     * @param dataOutputStream output stream to copy the data being signed to.
-     */
-    public OutputStream open(
-        ASN1ObjectIdentifier eContentType,
-        OutputStream out,
-        boolean encapsulate,
-        OutputStream dataOutputStream)
-        throws IOException
-    {
-        // TODO
-//        if (_signerInfs.isEmpty())
-//        {
-//            /* RFC 3852 5.2
-//             * "In the degenerate case where there are no signers, the
-//             * EncapsulatedContentInfo value being "signed" is irrelevant.  In this
-//             * case, the content type within the EncapsulatedContentInfo value being
-//             * "signed" MUST be id-data (as defined in section 4), and the content
-//             * field of the EncapsulatedContentInfo value MUST be omitted."
-//             */
-//            if (encapsulate)
-//            {
-//                throw new IllegalArgumentException("no signers, encapsulate must be false");
-//            }
-//            if (!DATA.equals(eContentType))
-//            {
-//                throw new IllegalArgumentException("no signers, eContentType must be id-data");
-//            }
-//        }
-//
-//        if (!DATA.equals(eContentType))
-//        {
-//            /* RFC 3852 5.3
-//             * [The 'signedAttrs']...
-//             * field is optional, but it MUST be present if the content type of
-//             * the EncapsulatedContentInfo value being signed is not id-data.
-//             */
-//            // TODO signedAttrs must be present for all signers
-//        }
-
-        //
-        // ContentInfo
-        //
-        BERSequenceGenerator sGen = new BERSequenceGenerator(out);
-        
-        sGen.addObject(CMSObjectIdentifiers.signedData);
-        
-        //
-        // Signed Data
-        //
-        BERSequenceGenerator sigGen = new BERSequenceGenerator(sGen.getRawOutputStream(), 0, true);
-        
-        sigGen.addObject(calculateVersion(eContentType));
-        
-        ASN1EncodableVector  digestAlgs = new ASN1EncodableVector();
-
-        //
-        // add the precalculated SignerInfo digest algorithms.
-        //
-        for (Iterator it = _signers.iterator(); it.hasNext();)
-        {
-            SignerInformation signer = (SignerInformation)it.next();
-            AlgorithmIdentifier digAlg = CMSSignedHelper.INSTANCE.fixAlgID(signer.getDigestAlgorithmID());
-
-            digestAlgs.add(digAlg);
-        }
-        
-        //
-        // add the new digests
-        //
-
-        for (Iterator it = signerGens.iterator(); it.hasNext();)
-        {
-            SignerInfoGenerator signerGen = (SignerInfoGenerator)it.next();
-
-            digestAlgs.add(signerGen.getDigestAlgorithm());
-        }
-
-        sigGen.getRawOutputStream().write(new DERSet(digestAlgs).getEncoded());
-        
-        BERSequenceGenerator eiGen = new BERSequenceGenerator(sigGen.getRawOutputStream());
-        eiGen.addObject(eContentType);
-
-        // If encapsulating, add the data as an octet string in the sequence
-        OutputStream encapStream = encapsulate
-            ? CMSUtils.createBEROctetOutputStream(eiGen.getRawOutputStream(), 0, true, _bufferSize)
-            : null;
-
-        // Also send the data to 'dataOutputStream' if necessary
-        OutputStream contentStream = CMSUtils.getSafeTeeOutputStream(dataOutputStream, encapStream);
-
-        // Let all the signers see the data as it is written
-        OutputStream sigStream = CMSUtils.attachSignersToOutputStream(signerGens, contentStream);
-
-        return new CmsSignedDataOutputStream(sigStream, eContentType, sGen, sigGen, eiGen);
-    }
-
-    /**
-     * Return a list of the current Digest AlgorithmIdentifiers applying to the next signature.
-     *
-     * @return a list of the Digest AlgorithmIdentifiers
-     */
-    public List<AlgorithmIdentifier> getDigestAlgorithms()
-    {
-        List  digestAlorithms = new ArrayList();
-
-        //
-        // add the precalculated SignerInfo digest algorithms.
-        //
-        for (Iterator it = _signers.iterator(); it.hasNext();)
-        {
-            SignerInformation signer = (SignerInformation)it.next();
-            AlgorithmIdentifier digAlg = CMSSignedHelper.INSTANCE.fixAlgID(signer.getDigestAlgorithmID());
-
-            digestAlorithms.add(digAlg);
-        }
-
-        //
-        // add the new digests
-        //
-
-        for (Iterator it = signerGens.iterator(); it.hasNext();)
-        {
-            SignerInfoGenerator signerGen = (SignerInfoGenerator)it.next();
-
-            digestAlorithms.add(signerGen.getDigestAlgorithm());
-        }
-
-       return digestAlorithms;
-    }
-
-    // RFC3852, section 5.1:
-    // IF ((certificates is present) AND
-    //    (any certificates with a type of other are present)) OR
-    //    ((crls is present) AND
-    //    (any crls with a type of other are present))
-    // THEN version MUST be 5
-    // ELSE
-    //    IF (certificates is present) AND
-    //       (any version 2 attribute certificates are present)
-    //    THEN version MUST be 4
-    //    ELSE
-    //       IF ((certificates is present) AND
-    //          (any version 1 attribute certificates are present)) OR
-    //          (any SignerInfo structures are version 3) OR
-    //          (encapContentInfo eContentType is other than id-data)
-    //       THEN version MUST be 3
-    //       ELSE version MUST be 1
-    //
-    private ASN1Integer calculateVersion(
-        ASN1ObjectIdentifier contentOid)
-    {
-        boolean otherCert = false;
-        boolean otherCrl = false;
-        boolean attrCertV1Found = false;
-        boolean attrCertV2Found = false;
-
-        if (certs != null)
-        {
-            for (Iterator it = certs.iterator(); it.hasNext();)
-            {
-                Object obj = it.next();
-                if (obj instanceof ASN1TaggedObject)
-                {
-                    ASN1TaggedObject tagged = (ASN1TaggedObject)obj;
-
-                    if (tagged.getTagNo() == 1)
-                    {
-                        attrCertV1Found = true;
-                    }
-                    else if (tagged.getTagNo() == 2)
-                    {
-                        attrCertV2Found = true;
-                    }
-                    else if (tagged.getTagNo() == 3)
-                    {
-                        otherCert = true;
-                    }
-                }
-            }
-        }
-
-        if (otherCert)
-        {
-            return new ASN1Integer(5);
-        }
-
-        if (crls != null)         // no need to check if otherCert is true
-        {
-            for (Iterator it = crls.iterator(); it.hasNext();)
-            {
-                Object obj = it.next();
-                if (obj instanceof ASN1TaggedObject)
-                {
-                    otherCrl = true;
-                }
-            }
-        }
-
-        if (otherCrl)
-        {
-            return new ASN1Integer(5);
-        }
-
-        if (attrCertV2Found)
-        {
-            return new ASN1Integer(4);
-        }
-
-        if (attrCertV1Found)
-        {
-            return new ASN1Integer(3);
-        }
-
-        if (checkForVersion3(_signers, signerGens))
-        {
-            return new ASN1Integer(3);
-        }
-
-        if (!CMSObjectIdentifiers.data.equals(contentOid))
-        {
-            return new ASN1Integer(3);
-        }
-
-        return new ASN1Integer(1);
-    }
-
-    private boolean checkForVersion3(List signerInfos, List signerInfoGens)
-    {
-        for (Iterator it = signerInfos.iterator(); it.hasNext();)
-        {
-            SignerInfo s = SignerInfo.getInstance(((SignerInformation)it.next()).toASN1Structure());
-
-            if (s.getVersion().getValue().intValue() == 3)
-            {
-                return true;
-            }
-        }
-
-        for (Iterator it = signerInfoGens.iterator(); it.hasNext();)
-        {
-            SignerInfoGenerator s = (SignerInfoGenerator)it.next();
-
-            if (s.getGeneratedVersion() == 3)
-            {
-                return true;
-            }
-        }
-
-        return false;
-    }
-
-    private class CmsSignedDataOutputStream
-        extends OutputStream
-    {
-        private OutputStream         _out;
-        private ASN1ObjectIdentifier _contentOID;
-        private BERSequenceGenerator _sGen;
-        private BERSequenceGenerator _sigGen;
-        private BERSequenceGenerator _eiGen;
-
-        public CmsSignedDataOutputStream(
-            OutputStream         out,
-            ASN1ObjectIdentifier contentOID,
-            BERSequenceGenerator sGen,
-            BERSequenceGenerator sigGen,
-            BERSequenceGenerator eiGen)
-        {
-            _out = out;
-            _contentOID = contentOID;
-            _sGen = sGen;
-            _sigGen = sigGen;
-            _eiGen = eiGen;
-        }
-
-        public void write(
-            int b)
-            throws IOException
-        {
-            _out.write(b);
-        }
-        
-        public void write(
-            byte[] bytes,
-            int    off,
-            int    len)
-            throws IOException
-        {
-            _out.write(bytes, off, len);
-        }
-        
-        public void write(
-            byte[] bytes)
-            throws IOException
-        {
-            _out.write(bytes);
-        }
-        
-        public void close()
-            throws IOException
-        {
-            _out.close();
-            _eiGen.close();
-
-            digests.clear();    // clear the current preserved digest state
-
-            if (certs.size() != 0)
-            {
-                ASN1Set certSet = CMSUtils.createBerSetFromList(certs);
-
-                _sigGen.getRawOutputStream().write(new BERTaggedObject(false, 0, certSet).getEncoded());
-            }
-
-            if (crls.size() != 0)
-            {
-                ASN1Set crlSet = CMSUtils.createBerSetFromList(crls);
-
-                _sigGen.getRawOutputStream().write(new BERTaggedObject(false, 1, crlSet).getEncoded());
-            }
-
-            //
-            // collect all the SignerInfo objects
-            //
-            ASN1EncodableVector signerInfos = new ASN1EncodableVector();
-
-            //
-            // add the generated SignerInfo objects
-            //
-
-            for (Iterator it = signerGens.iterator(); it.hasNext();)
-            {
-                SignerInfoGenerator sigGen = (SignerInfoGenerator)it.next();
-
-
-                try
-                {
-                    signerInfos.add(sigGen.generate(_contentOID));
-
-                    byte[] calculatedDigest = sigGen.getCalculatedDigest();
-
-                    digests.put(sigGen.getDigestAlgorithm().getAlgorithm().getId(), calculatedDigest);
-                }
-                catch (CMSException e)
-                {
-                    throw new CMSStreamException("exception generating signers: " + e.getMessage(), e);
-                }
-            }
-
-            //
-            // add the precalculated SignerInfo objects
-            //
-            {
-                Iterator it = _signers.iterator();
-                while (it.hasNext())
-                {
-                    SignerInformation signer = (SignerInformation)it.next();
-
-                    // TODO Verify the content type and calculated digest match the precalculated SignerInfo
-//                    if (!signer.getContentType().equals(_contentOID))
-//                    {
-//                        // TODO The precalculated content type did not match - error?
-//                    }
-//                    
-//                    byte[] calculatedDigest = (byte[])_digests.get(signer.getDigestAlgOID());
-//                    if (calculatedDigest == null)
-//                    {
-//                        // TODO We can't confirm this digest because we didn't calculate it - error?
-//                    }
-//                    else
-//                    {
-//                        if (!Arrays.areEqual(signer.getContentDigest(), calculatedDigest))
-//                        {
-//                            // TODO The precalculated digest did not match - error?
-//                        }
-//                    }
-
-                    signerInfos.add(signer.toASN1Structure());
-                }
-            }
-            
-            _sigGen.getRawOutputStream().write(new DERSet(signerInfos).getEncoded());
-
-            _sigGen.close();
-            _sGen.close();
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedGenerator.java
index 37a697f..995de4f 100644
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedGenerator.java
+++ b/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedGenerator.java

@@ -12,12 +12,14 @@
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
 import org.bouncycastle.asn1.DERTaggedObject;
 import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
-import org.bouncycastle.asn1.cms.OtherRevocationInfoFormat;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cms.OtherRevocationInfoFormat;
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
 import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
 import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
@@ -40,19 +42,23 @@
     public static final String  DIGEST_SHA384 = NISTObjectIdentifiers.id_sha384.getId();
     public static final String  DIGEST_SHA512 = NISTObjectIdentifiers.id_sha512.getId();
     public static final String  DIGEST_MD5 = PKCSObjectIdentifiers.md5.getId();
-    public static final String  DIGEST_GOST3411 = CryptoProObjectIdentifiers.gostR3411.getId();
-    public static final String  DIGEST_RIPEMD128 = TeleTrusTObjectIdentifiers.ripemd128.getId();
-    public static final String  DIGEST_RIPEMD160 = TeleTrusTObjectIdentifiers.ripemd160.getId();
-    public static final String  DIGEST_RIPEMD256 = TeleTrusTObjectIdentifiers.ripemd256.getId();
+    // BEGIN Android-removed: Unsupported algorithms
+    // public static final String  DIGEST_GOST3411 = CryptoProObjectIdentifiers.gostR3411.getId();
+    // public static final String  DIGEST_RIPEMD128 = TeleTrusTObjectIdentifiers.ripemd128.getId();
+    // public static final String  DIGEST_RIPEMD160 = TeleTrusTObjectIdentifiers.ripemd160.getId();
+    // public static final String  DIGEST_RIPEMD256 = TeleTrusTObjectIdentifiers.ripemd256.getId();
+    // END Android-removed: Unsupported algorithms
 
     public static final String  ENCRYPTION_RSA = PKCSObjectIdentifiers.rsaEncryption.getId();
     public static final String  ENCRYPTION_DSA = X9ObjectIdentifiers.id_dsa_with_sha1.getId();
     public static final String  ENCRYPTION_ECDSA = X9ObjectIdentifiers.ecdsa_with_SHA1.getId();
     public static final String  ENCRYPTION_RSA_PSS = PKCSObjectIdentifiers.id_RSASSA_PSS.getId();
-    public static final String  ENCRYPTION_GOST3410 = CryptoProObjectIdentifiers.gostR3410_94.getId();
-    public static final String  ENCRYPTION_ECGOST3410 = CryptoProObjectIdentifiers.gostR3410_2001.getId();
-    public static final String  ENCRYPTION_ECGOST3410_2012_256 = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256.getId();
-    public static final String  ENCRYPTION_ECGOST3410_2012_512 = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512.getId();
+    // BEGIN Android-removed: Unsupported algorithms
+    // public static final String  ENCRYPTION_GOST3410 = CryptoProObjectIdentifiers.gostR3410_94.getId();
+    // public static final String  ENCRYPTION_ECGOST3410 = CryptoProObjectIdentifiers.gostR3410_2001.getId();
+    // public static final String  ENCRYPTION_ECGOST3410_2012_256 = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256.getId();
+    // public static final String  ENCRYPTION_ECGOST3410_2012_512 = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512.getId();
+    // END Android-removed: Unsupported algorithms
 
     private static final String  ENCRYPTION_ECDSA_WITH_SHA1 = X9ObjectIdentifiers.ecdsa_with_SHA1.getId();
     private static final String  ENCRYPTION_ECDSA_WITH_SHA224 = X9ObjectIdentifiers.ecdsa_with_SHA224.getId();
@@ -177,12 +183,14 @@
         certs.addAll(CMSUtils.getAttributeCertificatesFromStore(attrStore));
     }
 
+    // BEGIN Android-removed: OtherRevocationInfoFormat isn't supported
+    /*
     /**
      * Add a single instance of otherRevocationData to the CRL set to be included with the generated SignedData message.
      *
      * @param otherRevocationInfoFormat the OID specifying the format of the otherRevocationInfo data.
      * @param otherRevocationInfo the otherRevocationInfo ASN.1 structure.
-     */
+     *
     public void addOtherRevocationInfo(
         ASN1ObjectIdentifier   otherRevocationInfoFormat,
         ASN1Encodable          otherRevocationInfo)
@@ -195,13 +203,15 @@
      *
      * @param otherRevocationInfoFormat the OID specifying the format of the otherRevocationInfo data.
      * @param otherRevocationInfos a Store of otherRevocationInfo data to add.
-     */
+     *
     public void addOtherRevocationInfo(
         ASN1ObjectIdentifier   otherRevocationInfoFormat,
         Store                  otherRevocationInfos)
     {
         crls.addAll(CMSUtils.getOthersFromStore(otherRevocationInfoFormat, otherRevocationInfos));
     }
+    */
+    // END Android-removed: OtherRevocationInfoFormat isn't supported
 
     /**
      * Add a store of pre-calculated signers to the generator.

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedHelper.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedHelper.java
index 1933fd4..e71d796 100644
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedHelper.java
+++ b/bcpkix/src/main/java/org/bouncycastle/cms/CMSSignedHelper.java

@@ -13,13 +13,14 @@
 import org.bouncycastle.asn1.ASN1Set;
 import org.bouncycastle.asn1.ASN1TaggedObject;
 import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.cms.OtherRevocationInfoFormat;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cms.OtherRevocationInfoFormat;
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
 import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
+// import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
 import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
 import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
 import org.bouncycastle.asn1.x509.AttributeCertificate;
@@ -50,36 +51,56 @@
         addEntries(NISTObjectIdentifiers.dsa_with_sha256, "DSA");
         addEntries(NISTObjectIdentifiers.dsa_with_sha384, "DSA");
         addEntries(NISTObjectIdentifiers.dsa_with_sha512,  "DSA");
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         addEntries(NISTObjectIdentifiers.id_dsa_with_sha3_224, "DSA");
         addEntries(NISTObjectIdentifiers.id_dsa_with_sha3_256, "DSA");
         addEntries(NISTObjectIdentifiers.id_dsa_with_sha3_384,  "DSA");
         addEntries(NISTObjectIdentifiers.id_dsa_with_sha3_512,  "DSA");
+        */
+        // END Android-removed: Unsupported algorithms
         addEntries(OIWObjectIdentifiers.dsaWithSHA1,  "DSA");
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         addEntries(OIWObjectIdentifiers.md4WithRSA, "RSA");
         addEntries(OIWObjectIdentifiers.md4WithRSAEncryption, "RSA");
+        */
+        // END Android-removed: Unsupported algorithms
         addEntries(OIWObjectIdentifiers.md5WithRSA,  "RSA");
         addEntries(OIWObjectIdentifiers.sha1WithRSA,  "RSA");
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         addEntries(PKCSObjectIdentifiers.md2WithRSAEncryption,  "RSA");
         addEntries(PKCSObjectIdentifiers.md4WithRSAEncryption,  "RSA");
+        */
+        // END Android-removed: Unsupported algorithms
         addEntries(PKCSObjectIdentifiers.md5WithRSAEncryption,  "RSA");
         addEntries(PKCSObjectIdentifiers.sha1WithRSAEncryption,  "RSA");
         addEntries(PKCSObjectIdentifiers.sha224WithRSAEncryption,  "RSA");
         addEntries(PKCSObjectIdentifiers.sha256WithRSAEncryption, "RSA");
         addEntries(PKCSObjectIdentifiers.sha384WithRSAEncryption,  "RSA");
         addEntries(PKCSObjectIdentifiers.sha512WithRSAEncryption,  "RSA");
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         addEntries(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224,  "RSA");
         addEntries(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256,  "RSA");
         addEntries(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384,  "RSA");
         addEntries(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512,  "RSA");
+        */
+        // END Android-removed: Unsupported algorithms
         addEntries(X9ObjectIdentifiers.ecdsa_with_SHA1,  "ECDSA");
         addEntries(X9ObjectIdentifiers.ecdsa_with_SHA224,  "ECDSA");
         addEntries(X9ObjectIdentifiers.ecdsa_with_SHA256,  "ECDSA");
         addEntries(X9ObjectIdentifiers.ecdsa_with_SHA384,  "ECDSA");
         addEntries(X9ObjectIdentifiers.ecdsa_with_SHA512, "ECDSA");
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         addEntries(NISTObjectIdentifiers.id_ecdsa_with_sha3_224,  "ECDSA");
         addEntries(NISTObjectIdentifiers.id_ecdsa_with_sha3_256,  "ECDSA");
         addEntries(NISTObjectIdentifiers.id_ecdsa_with_sha3_384, "ECDSA");
         addEntries(NISTObjectIdentifiers.id_ecdsa_with_sha3_512,  "ECDSA");
+        */
+        // END Android-removed: Unsupported algorithms
         addEntries(X9ObjectIdentifiers.id_dsa_with_sha1,  "DSA");
         addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_1,  "ECDSA");
         addEntries(EACObjectIdentifiers.id_TA_ECDSA_SHA_224,  "ECDSA");
@@ -95,6 +116,8 @@
         addEntries(PKCSObjectIdentifiers.rsaEncryption, "RSA");
         addEntries(TeleTrusTObjectIdentifiers.teleTrusTRSAsignatureAlgorithm, "RSA");
         addEntries(X509ObjectIdentifiers.id_ea_rsa, "RSA");
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         addEntries(PKCSObjectIdentifiers.id_RSASSA_PSS, "RSAandMGF1");
         addEntries(CryptoProObjectIdentifiers.gostR3410_94, "GOST3410");
         addEntries(CryptoProObjectIdentifiers.gostR3410_2001, "ECGOST3410");
@@ -106,6 +129,8 @@
         addEntries(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3410");
         addEntries(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256, "ECGOST3410-2012-256");
         addEntries(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512, "ECGOST3410-2012-512");
+        */
+        // END Android-removed: Unsupported algorithms
     }
 
 
@@ -208,6 +233,8 @@
         return new CollectionStore(new ArrayList());
     }
 
+    // BEGIN Android-removed: OtherRevocationInfoFormat isn't supported
+    /*
     Store getOtherRevocationInfo(ASN1ObjectIdentifier otherRevocationInfoFormat, ASN1Set crlSet)
     {
         if (crlSet != null)
@@ -239,4 +266,6 @@
 
         return new CollectionStore(new ArrayList());
     }
+    */
+    // END Android-removed: OtherRevocationInfoFormat isn't supported
 }

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSStreamException.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSStreamException.java
deleted file mode 100644
index fff0048..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSStreamException.java
+++ /dev/null

@@ -1,26 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.IOException;
-
-public class CMSStreamException
-    extends IOException
-{
-    private final Throwable underlying;
-
-    CMSStreamException(String msg)
-    {
-        super(msg);
-        this.underlying = null;
-    }
-
-    CMSStreamException(String msg, Throwable underlying)
-    {
-        super(msg);
-        this.underlying = underlying;
-    }
-
-    public Throwable getCause()
-    {
-        return underlying;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSTypedStream.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSTypedStream.java
deleted file mode 100644
index 78379a5..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSTypedStream.java
+++ /dev/null

@@ -1,93 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.BufferedInputStream;
-import java.io.FilterInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.util.io.Streams;
-
-public class CMSTypedStream
-{
-    private static final int BUF_SIZ = 32 * 1024;
-    
-    private final ASN1ObjectIdentifier      _oid;
-
-    protected InputStream _in;
-
-    public CMSTypedStream(
-        InputStream in)
-    {
-        this(PKCSObjectIdentifiers.data.getId(), in, BUF_SIZ);
-    }
-    
-    public CMSTypedStream(
-         String oid,
-         InputStream in)
-    {
-        this(new ASN1ObjectIdentifier(oid), in, BUF_SIZ);
-    }
-    
-    public CMSTypedStream(
-        String      oid,
-        InputStream in,
-        int         bufSize)
-    {
-        this(new ASN1ObjectIdentifier(oid), in, bufSize);
-    }
-
-    public CMSTypedStream(
-         ASN1ObjectIdentifier oid,
-         InputStream in)
-    {
-        this(oid, in, BUF_SIZ);
-    }
-
-    public CMSTypedStream(
-        ASN1ObjectIdentifier      oid,
-        InputStream in,
-        int         bufSize)
-    {
-        _oid = oid;
-        _in = new FullReaderStream(new BufferedInputStream(in, bufSize));
-    }
-
-    protected CMSTypedStream(
-         ASN1ObjectIdentifier oid)
-    {
-        _oid = oid;
-    }
-
-    public ASN1ObjectIdentifier getContentType()
-    {
-        return _oid;
-    }
-    
-    public InputStream getContentStream()
-    {
-        return _in;
-    }
-
-    public void drain() 
-        throws IOException
-    {
-        Streams.drain(_in);
-        _in.close();
-    }
-
-    private static class FullReaderStream extends FilterInputStream
-    {
-        FullReaderStream(InputStream in)
-        {
-            super(in);
-        }
-
-        public int read(byte[] buf, int off, int len) throws IOException
-        {
-            int totalRead = Streams.readFully(super.in, buf, off, len);
-            return totalRead > 0 ? totalRead : -1;
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/CMSUtils.java b/bcpkix/src/main/java/org/bouncycastle/cms/CMSUtils.java
index 9204b5b..959a7ba 100644
--- a/bcpkix/src/main/java/org/bouncycastle/cms/CMSUtils.java
+++ b/bcpkix/src/main/java/org/bouncycastle/cms/CMSUtils.java

@@ -23,16 +23,17 @@
 import org.bouncycastle.asn1.DERTaggedObject;
 import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
 import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.cms.OtherRevocationInfoFormat;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.ocsp.OCSPResponse;
-import org.bouncycastle.asn1.ocsp.OCSPResponseStatus;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.asn1.sec.SECObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cms.OtherRevocationInfoFormat;
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// import org.bouncycastle.asn1.ocsp.OCSPResponse;
+// import org.bouncycastle.asn1.ocsp.OCSPResponseStatus;
+// import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
+// import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+// import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
+// import org.bouncycastle.asn1.sec.SECObjectIdentifiers;
 import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
+// import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
 import org.bouncycastle.cert.X509AttributeCertificateHolder;
 import org.bouncycastle.cert.X509CRLHolder;
 import org.bouncycastle.cert.X509CertificateHolder;
@@ -54,6 +55,8 @@
     {
         des.add("DES");
         des.add("DESEDE");
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         des.add(OIWObjectIdentifiers.desCBC.getId());
         des.add(PKCSObjectIdentifiers.des_EDE3_CBC.getId());
         des.add(PKCSObjectIdentifiers.des_EDE3_CBC.getId());
@@ -79,6 +82,8 @@
         gostAlgs.add(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_ESDH);
         gostAlgs.add(RosstandartObjectIdentifiers.id_tc26_agreement_gost_3410_12_256);
         gostAlgs.add(RosstandartObjectIdentifiers.id_tc26_agreement_gost_3410_12_512);
+        */
+        // END Android-removed: Unsupported algorithms
     }
 
     static boolean isMQV(ASN1ObjectIdentifier algorithm)
@@ -96,10 +101,14 @@
         return gostAlgs.contains(algorithm);
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     static boolean isRFC2631(ASN1ObjectIdentifier algorithm)
     {
         return algorithm.equals(PKCSObjectIdentifiers.id_alg_ESDH) || algorithm.equals(PKCSObjectIdentifiers.id_alg_SSDH);
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     static boolean isDES(String algorithmID)
     {
@@ -208,14 +217,16 @@
 
                     crls.add(c.toASN1Structure());
                 }
-                else if (rev instanceof OtherRevocationInfoFormat)
-                {
-                    OtherRevocationInfoFormat infoFormat = OtherRevocationInfoFormat.getInstance(rev);
-
-                    validateInfoFormat(infoFormat);
-
-                    crls.add(new DERTaggedObject(false, 1, infoFormat));
-                }
+                // BEGIN Android-removed: OtherRevocationInfoFormat isn't supported
+                // else if (rev instanceof OtherRevocationInfoFormat)
+                // {
+                //     OtherRevocationInfoFormat infoFormat = OtherRevocationInfoFormat.getInstance(rev);
+                //
+                //     validateInfoFormat(infoFormat);
+                //
+                //     crls.add(new DERTaggedObject(false, 1, infoFormat));
+                // }
+                // END Android-removed: OtherRevocationInfoFormat isn't supported
                 else if (rev instanceof ASN1TaggedObject)
                 {
                     crls.add(rev);
@@ -230,6 +241,8 @@
         }
     }
 
+    // BEGIN Android-removed: OtherRevocationInfoFormat isn't supported
+    /*
     private static void validateInfoFormat(OtherRevocationInfoFormat infoFormat)
     {
         if (CMSObjectIdentifiers.id_ri_ocsp_response.equals(infoFormat.getInfoFormat()))
@@ -259,6 +272,8 @@
 
         return others;
     }
+    */
+    // END Android-removed: OtherRevocationInfoFormat isn't supported
 
     static ASN1Set createBerSetFromList(List derObjects)
     {

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/DefaultAuthenticatedAttributeTableGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/DefaultAuthenticatedAttributeTableGenerator.java
deleted file mode 100644
index 6cfb7e3..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/DefaultAuthenticatedAttributeTableGenerator.java
+++ /dev/null

@@ -1,109 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.util.Enumeration;
-import java.util.Hashtable;
-import java.util.Map;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.cms.Attribute;
-import org.bouncycastle.asn1.cms.AttributeTable;
-import org.bouncycastle.asn1.cms.CMSAlgorithmProtection;
-import org.bouncycastle.asn1.cms.CMSAttributes;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * Default authenticated attributes generator.
- */
-public class DefaultAuthenticatedAttributeTableGenerator
-    implements CMSAttributeTableGenerator
-{
-    private final Hashtable table;
-
-    /**
-     * Initialise to use all defaults
-     */
-    public DefaultAuthenticatedAttributeTableGenerator()
-    {
-        table = new Hashtable();
-    }
-
-    /**
-     * Initialise with some extra attributes or overrides.
-     *
-     * @param attributeTable initial attribute table to use.
-     */
-    public DefaultAuthenticatedAttributeTableGenerator(
-        AttributeTable attributeTable)
-    {
-        if (attributeTable != null)
-        {
-            table = attributeTable.toHashtable();
-        }
-        else
-        {
-            table = new Hashtable();
-        }
-    }
-
-    /**
-     * Create a standard attribute table from the passed in parameters - this will
-     * normally include contentType and messageDigest. If the constructor
-     * using an AttributeTable was used, entries in it for contentType and
-     * messageDigest will override the generated ones.
-     *
-     * @param parameters source parameters for table generation.
-     *
-     * @return a filled in Hashtable of attributes.
-     */
-    protected Hashtable createStandardAttributeTable(
-        Map parameters)
-    {
-        Hashtable std = new Hashtable();
-
-        for (Enumeration en = table.keys(); en.hasMoreElements();)
-        {
-            Object key = en.nextElement();
-
-            std.put(key, table.get(key));
-        }
-
-        if (!std.containsKey(CMSAttributes.contentType))
-        {
-            ASN1ObjectIdentifier contentType = ASN1ObjectIdentifier.getInstance(
-                parameters.get(CMSAttributeTableGenerator.CONTENT_TYPE));
-            Attribute attr = new Attribute(CMSAttributes.contentType,
-                new DERSet(contentType));
-            std.put(attr.getAttrType(), attr);
-        }
-
-        if (!std.containsKey(CMSAttributes.messageDigest))
-        {
-            byte[] messageDigest = (byte[])parameters.get(
-                CMSAttributeTableGenerator.DIGEST);
-            Attribute attr = new Attribute(CMSAttributes.messageDigest,
-                new DERSet(new DEROctetString(messageDigest)));
-            std.put(attr.getAttrType(), attr);
-        }
-
-        if (!std.contains(CMSAttributes.cmsAlgorithmProtect))
-        {
-            Attribute attr = new Attribute(CMSAttributes.cmsAlgorithmProtect, new DERSet(new CMSAlgorithmProtection(
-                (AlgorithmIdentifier)parameters.get(CMSAttributeTableGenerator.DIGEST_ALGORITHM_IDENTIFIER),
-                CMSAlgorithmProtection.MAC, (AlgorithmIdentifier)parameters.get(CMSAttributeTableGenerator.MAC_ALGORITHM_IDENTIFIER))));
-            std.put(attr.getAttrType(), attr);
-        }
-
-        return std;
-    }
-
-    /**
-     * @param parameters source parameters
-     * @return the populated attribute table
-     */
-    public AttributeTable getAttributes(Map parameters)
-    {
-        return new AttributeTable(createStandardAttributeTable(parameters));
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/DefaultCMSSignatureAlgorithmNameGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/DefaultCMSSignatureAlgorithmNameGenerator.java
index db45ec4..459b7df 100644
--- a/bcpkix/src/main/java/org/bouncycastle/cms/DefaultCMSSignatureAlgorithmNameGenerator.java
+++ b/bcpkix/src/main/java/org/bouncycastle/cms/DefaultCMSSignatureAlgorithmNameGenerator.java

@@ -4,14 +4,15 @@
 import java.util.Map;
 
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
 import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
-import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
+// import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
+// import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
 import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
 import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
 import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
@@ -35,6 +36,8 @@
         addEntries(NISTObjectIdentifiers.dsa_with_sha256, "SHA256", "DSA");
         addEntries(NISTObjectIdentifiers.dsa_with_sha384, "SHA384", "DSA");
         addEntries(NISTObjectIdentifiers.dsa_with_sha512, "SHA512", "DSA");
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         addEntries(NISTObjectIdentifiers.id_dsa_with_sha3_224, "SHA3-224", "DSA");
         addEntries(NISTObjectIdentifiers.id_dsa_with_sha3_256, "SHA3-256", "DSA");
         addEntries(NISTObjectIdentifiers.id_dsa_with_sha3_384, "SHA3-384", "DSA");
@@ -47,13 +50,19 @@
         addEntries(NISTObjectIdentifiers.id_ecdsa_with_sha3_256, "SHA3-256", "ECDSA");
         addEntries(NISTObjectIdentifiers.id_ecdsa_with_sha3_384, "SHA3-384", "ECDSA");
         addEntries(NISTObjectIdentifiers.id_ecdsa_with_sha3_512, "SHA3-512", "ECDSA");
+        */
+        // END Android-removed: Unsupported algorithms
         addEntries(OIWObjectIdentifiers.dsaWithSHA1, "SHA1", "DSA");
-        addEntries(OIWObjectIdentifiers.md4WithRSA, "MD4", "RSA");
-        addEntries(OIWObjectIdentifiers.md4WithRSAEncryption, "MD4", "RSA");
+        // BEGIN Android-removed: Unsupported algorithms
+        // addEntries(OIWObjectIdentifiers.md4WithRSA, "MD4", "RSA");
+        // addEntries(OIWObjectIdentifiers.md4WithRSAEncryption, "MD4", "RSA");
+        // END Android-removed: Unsupported algorithms
         addEntries(OIWObjectIdentifiers.md5WithRSA, "MD5", "RSA");
         addEntries(OIWObjectIdentifiers.sha1WithRSA, "SHA1", "RSA");
-        addEntries(PKCSObjectIdentifiers.md2WithRSAEncryption, "MD2", "RSA");
-        addEntries(PKCSObjectIdentifiers.md4WithRSAEncryption, "MD4", "RSA");
+        // BEGIN Android-removed: Unsupported algorithms
+        // addEntries(PKCSObjectIdentifiers.md2WithRSAEncryption, "MD2", "RSA");
+        // addEntries(PKCSObjectIdentifiers.md4WithRSAEncryption, "MD4", "RSA");
+        // END Android-removed: Unsupported algorithms
         addEntries(PKCSObjectIdentifiers.md5WithRSAEncryption, "MD5", "RSA");
         addEntries(PKCSObjectIdentifiers.sha1WithRSAEncryption, "SHA1", "RSA");
         addEntries(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224", "RSA");
@@ -61,9 +70,13 @@
         addEntries(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384", "RSA");
         addEntries(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512", "RSA");
 
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         addEntries(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128, "RIPEMD128", "RSA");
         addEntries(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160, "RIPEMD160", "RSA");
         addEntries(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256, "RIPEMD256", "RSA");
+        */
+        // END Android-removed: Unsupported algorithms
 
         addEntries(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1", "ECDSA");
         addEntries(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224", "ECDSA");
@@ -80,18 +93,22 @@
         addEntries(EACObjectIdentifiers.id_TA_RSA_v1_5_SHA_256, "SHA256", "RSA");
         addEntries(EACObjectIdentifiers.id_TA_RSA_PSS_SHA_1, "SHA1", "RSAandMGF1");
         addEntries(EACObjectIdentifiers.id_TA_RSA_PSS_SHA_256, "SHA256", "RSAandMGF1");
-        addEntries(BSIObjectIdentifiers.ecdsa_plain_SHA1, "SHA1", "PLAIN-ECDSA");
-        addEntries(BSIObjectIdentifiers.ecdsa_plain_SHA224, "SHA224", "PLAIN-ECDSA");
-        addEntries(BSIObjectIdentifiers.ecdsa_plain_SHA256, "SHA256", "PLAIN-ECDSA");
-        addEntries(BSIObjectIdentifiers.ecdsa_plain_SHA384, "SHA384", "PLAIN-ECDSA");
-        addEntries(BSIObjectIdentifiers.ecdsa_plain_SHA512, "SHA512", "PLAIN-ECDSA");
-        addEntries(BSIObjectIdentifiers.ecdsa_plain_RIPEMD160, "RIPEMD160", "PLAIN-ECDSA");
+        // BEGIN Android-removed: Unsupported algorithms
+        // addEntries(BSIObjectIdentifiers.ecdsa_plain_SHA1, "SHA1", "PLAIN-ECDSA");
+        // addEntries(BSIObjectIdentifiers.ecdsa_plain_SHA224, "SHA224", "PLAIN-ECDSA");
+        // addEntries(BSIObjectIdentifiers.ecdsa_plain_SHA256, "SHA256", "PLAIN-ECDSA");
+        // addEntries(BSIObjectIdentifiers.ecdsa_plain_SHA384, "SHA384", "PLAIN-ECDSA");
+        // addEntries(BSIObjectIdentifiers.ecdsa_plain_SHA512, "SHA512", "PLAIN-ECDSA");
+        // addEntries(BSIObjectIdentifiers.ecdsa_plain_RIPEMD160, "RIPEMD160", "PLAIN-ECDSA");
+        // END Android-removed: Unsupported algorithms
 
         encryptionAlgs.put(X9ObjectIdentifiers.id_dsa, "DSA");
         encryptionAlgs.put(PKCSObjectIdentifiers.rsaEncryption, "RSA");
         encryptionAlgs.put(TeleTrusTObjectIdentifiers.teleTrusTRSAsignatureAlgorithm, "RSA");
         encryptionAlgs.put(X509ObjectIdentifiers.id_ea_rsa, "RSA");
         encryptionAlgs.put(PKCSObjectIdentifiers.id_RSASSA_PSS, "RSAandMGF1");
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3410_94, "GOST3410");
         encryptionAlgs.put(CryptoProObjectIdentifiers.gostR3410_2001, "ECGOST3410");
         encryptionAlgs.put(new ASN1ObjectIdentifier("1.3.6.1.4.1.5849.1.6.2"), "ECGOST3410");
@@ -106,12 +123,16 @@
 
         digestAlgs.put(PKCSObjectIdentifiers.md2, "MD2");
         digestAlgs.put(PKCSObjectIdentifiers.md4, "MD4");
+        */
+        // END Android-removed: Unsupported algorithms
         digestAlgs.put(PKCSObjectIdentifiers.md5, "MD5");
         digestAlgs.put(OIWObjectIdentifiers.idSHA1, "SHA1");
         digestAlgs.put(NISTObjectIdentifiers.id_sha224, "SHA224");
         digestAlgs.put(NISTObjectIdentifiers.id_sha256, "SHA256");
         digestAlgs.put(NISTObjectIdentifiers.id_sha384, "SHA384");
         digestAlgs.put(NISTObjectIdentifiers.id_sha512, "SHA512");
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         digestAlgs.put(NISTObjectIdentifiers.id_sha3_224, "SHA3-224");
         digestAlgs.put(NISTObjectIdentifiers.id_sha3_256, "SHA3-256");
         digestAlgs.put(NISTObjectIdentifiers.id_sha3_384, "SHA3-384");
@@ -124,6 +145,8 @@
         digestAlgs.put(RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256,  "GOST3411-2012-256");
         digestAlgs.put(RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512,  "GOST3411-2012-512");
         digestAlgs.put(GMObjectIdentifiers.sm3,  "SM3");
+        */
+        // END Android-removed: Unsupported algorithms
     }
 
     /**

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/DefaultCMSSignatureEncryptionAlgorithmFinder.java b/bcpkix/src/main/java/org/bouncycastle/cms/DefaultCMSSignatureEncryptionAlgorithmFinder.java
index f38d5c5..fb53743 100644
--- a/bcpkix/src/main/java/org/bouncycastle/cms/DefaultCMSSignatureEncryptionAlgorithmFinder.java
+++ b/bcpkix/src/main/java/org/bouncycastle/cms/DefaultCMSSignatureEncryptionAlgorithmFinder.java

@@ -16,17 +16,29 @@
 
     static
     {
-        RSA_PKCS1d5.add(PKCSObjectIdentifiers.md2WithRSAEncryption);
-        RSA_PKCS1d5.add(PKCSObjectIdentifiers.md4WithRSAEncryption);
+        // BEGIN Android-removed: Unsupported algorithms
+        // RSA_PKCS1d5.add(PKCSObjectIdentifiers.md2WithRSAEncryption);
+        // RSA_PKCS1d5.add(PKCSObjectIdentifiers.md4WithRSAEncryption);
+        // END Android-removed: Unsupported algorithms
         RSA_PKCS1d5.add(PKCSObjectIdentifiers.md5WithRSAEncryption);
         RSA_PKCS1d5.add(PKCSObjectIdentifiers.sha1WithRSAEncryption);
-        RSA_PKCS1d5.add(OIWObjectIdentifiers.md4WithRSAEncryption);
-        RSA_PKCS1d5.add(OIWObjectIdentifiers.md4WithRSA);
+        // BEGIN Android-added: Add support for SHA-2 family signatures
+        RSA_PKCS1d5.add(PKCSObjectIdentifiers.sha224WithRSAEncryption);
+        RSA_PKCS1d5.add(PKCSObjectIdentifiers.sha256WithRSAEncryption);
+        RSA_PKCS1d5.add(PKCSObjectIdentifiers.sha384WithRSAEncryption);
+        RSA_PKCS1d5.add(PKCSObjectIdentifiers.sha512WithRSAEncryption);
+        // END Android-added: Add support for SHA-2 family signatures
+        // BEGIN Android-removed: Unsupported algorithms
+        // RSA_PKCS1d5.add(OIWObjectIdentifiers.md4WithRSAEncryption);
+        // RSA_PKCS1d5.add(OIWObjectIdentifiers.md4WithRSA);
+        // END Android-removed: Unsupported algorithms
         RSA_PKCS1d5.add(OIWObjectIdentifiers.md5WithRSA);
         RSA_PKCS1d5.add(OIWObjectIdentifiers.sha1WithRSA);
-        RSA_PKCS1d5.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
-        RSA_PKCS1d5.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
-        RSA_PKCS1d5.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
+        // BEGIN Android-removed: Unsupported algorithms
+        // RSA_PKCS1d5.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
+        // RSA_PKCS1d5.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
+        // RSA_PKCS1d5.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
+        // END Android-removed: Unsupported algorithms
     }
 
     public AlgorithmIdentifier findEncryptionAlgorithm(AlgorithmIdentifier signatureAlgorithm)

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/KEKRecipient.java b/bcpkix/src/main/java/org/bouncycastle/cms/KEKRecipient.java
deleted file mode 100644
index b9679b3..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/KEKRecipient.java
+++ /dev/null

@@ -1,10 +0,0 @@
-package org.bouncycastle.cms;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-public interface KEKRecipient
-    extends Recipient
-{
-    RecipientOperator getRecipientOperator(AlgorithmIdentifier keyEncAlg, AlgorithmIdentifier contentEncryptionAlgorithm, byte[] encryptedContentKey)
-        throws CMSException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/KEKRecipientId.java b/bcpkix/src/main/java/org/bouncycastle/cms/KEKRecipientId.java
deleted file mode 100644
index daa6c7f..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/KEKRecipientId.java
+++ /dev/null

@@ -1,63 +0,0 @@
-package org.bouncycastle.cms;
-
-import org.bouncycastle.util.Arrays;
-
-public class KEKRecipientId
-    extends RecipientId
-{
-    private byte[] keyIdentifier;
-
-    /**
-     * Construct a recipient ID with the key identifier of a KEK recipient.
-     *
-     * @param keyIdentifier a subjectKeyId
-     */
-    public KEKRecipientId(byte[] keyIdentifier)
-    {
-        super(kek);
-
-        this.keyIdentifier = keyIdentifier;
-    }
-
-    public int hashCode()
-    {
-        return Arrays.hashCode(keyIdentifier);
-    }
-
-    public boolean equals(
-        Object o)
-    {
-        if (!(o instanceof KEKRecipientId))
-        {
-            return false;
-        }
-
-        KEKRecipientId id = (KEKRecipientId)o;
-
-        return Arrays.areEqual(keyIdentifier, id.keyIdentifier);
-    }
-
-    public byte[] getKeyIdentifier()
-    {
-        return Arrays.clone(keyIdentifier);
-    }
-
-    public Object clone()
-    {
-        return new KEKRecipientId(keyIdentifier);
-    }
-
-    public boolean match(Object obj)
-    {
-        if (obj instanceof byte[])
-        {
-            return Arrays.areEqual(keyIdentifier, (byte[])obj);
-        }
-        else if (obj instanceof KEKRecipientInformation)
-        {
-            return ((KEKRecipientInformation)obj).getRID().equals(this);
-        }
-
-        return false;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/KEKRecipientInfoGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/KEKRecipientInfoGenerator.java
deleted file mode 100644
index e3bff3c..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/KEKRecipientInfoGenerator.java
+++ /dev/null

@@ -1,39 +0,0 @@
-package org.bouncycastle.cms;
-
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.cms.KEKIdentifier;
-import org.bouncycastle.asn1.cms.KEKRecipientInfo;
-import org.bouncycastle.asn1.cms.RecipientInfo;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.OperatorException;
-import org.bouncycastle.operator.SymmetricKeyWrapper;
-
-public abstract class KEKRecipientInfoGenerator
-    implements RecipientInfoGenerator
-{
-    private final KEKIdentifier kekIdentifier;
-
-    protected final SymmetricKeyWrapper wrapper;
-
-    protected KEKRecipientInfoGenerator(KEKIdentifier kekIdentifier, SymmetricKeyWrapper wrapper)
-    {
-        this.kekIdentifier = kekIdentifier;
-        this.wrapper = wrapper;
-    }
-
-    public final RecipientInfo generate(GenericKey contentEncryptionKey)
-        throws CMSException
-    {
-        try
-        {
-            ASN1OctetString encryptedKey = new DEROctetString(wrapper.generateWrappedKey(contentEncryptionKey));
-
-            return new RecipientInfo(new KEKRecipientInfo(kekIdentifier, wrapper.getAlgorithmIdentifier(), encryptedKey));
-        }
-        catch (OperatorException e)
-        {
-            throw new CMSException("exception wrapping content key: " + e.getMessage(), e);
-        }
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/KEKRecipientInformation.java b/bcpkix/src/main/java/org/bouncycastle/cms/KEKRecipientInformation.java
deleted file mode 100644
index 62c6529..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/KEKRecipientInformation.java
+++ /dev/null

@@ -1,38 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.cms.KEKIdentifier;
-import org.bouncycastle.asn1.cms.KEKRecipientInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * the RecipientInfo class for a recipient who has been sent a message
- * encrypted using a secret key known to the other side.
- */
-public class KEKRecipientInformation
-    extends RecipientInformation
-{
-    private KEKRecipientInfo      info;
-
-    KEKRecipientInformation(
-        KEKRecipientInfo        info,
-        AlgorithmIdentifier     messageAlgorithm,
-        CMSSecureReadable       secureReadable,
-        AuthAttributesProvider  additionalData)
-    {
-        super(info.getKeyEncryptionAlgorithm(), messageAlgorithm, secureReadable, additionalData);
-
-        this.info = info;
-
-        KEKIdentifier kekId = info.getKekid();
-
-        this.rid = new KEKRecipientId(kekId.getKeyIdentifier().getOctets());
-    }
-
-    protected RecipientOperator getRecipientOperator(Recipient recipient)
-        throws CMSException, IOException
-    {
-        return ((KEKRecipient)recipient).getRecipientOperator(keyEncAlg, messageAlgorithm, info.getEncryptedKey().getOctets());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/KeyAgreeRecipient.java b/bcpkix/src/main/java/org/bouncycastle/cms/KeyAgreeRecipient.java
deleted file mode 100644
index 08d8380..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/KeyAgreeRecipient.java
+++ /dev/null

@@ -1,14 +0,0 @@
-package org.bouncycastle.cms;
-
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-
-public interface KeyAgreeRecipient
-    extends Recipient
-{
-    RecipientOperator getRecipientOperator(AlgorithmIdentifier keyEncAlg, AlgorithmIdentifier contentEncryptionAlgorithm, SubjectPublicKeyInfo senderPublicKey, ASN1OctetString userKeyingMaterial, byte[] encryptedContentKey)
-        throws CMSException;
-
-    AlgorithmIdentifier getPrivateKeyAlgorithmIdentifier();
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/KeyAgreeRecipientId.java b/bcpkix/src/main/java/org/bouncycastle/cms/KeyAgreeRecipientId.java
deleted file mode 100644
index c64c6ea..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/KeyAgreeRecipientId.java
+++ /dev/null

@@ -1,89 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.cert.selector.X509CertificateHolderSelector;
-
-public class KeyAgreeRecipientId
-    extends RecipientId
-{
-    private X509CertificateHolderSelector baseSelector;
-
-    private KeyAgreeRecipientId(X509CertificateHolderSelector baseSelector)
-    {
-        super(keyAgree);
-
-        this.baseSelector = baseSelector;
-    }
-
-    /**
-     * Construct a key agree recipient ID with the value of a public key's subjectKeyId.
-     *
-     * @param subjectKeyId a subjectKeyId
-     */
-    public KeyAgreeRecipientId(byte[] subjectKeyId)
-    {
-        this(null, null, subjectKeyId);
-    }
-
-    /**
-     * Construct a key agree recipient ID based on the issuer and serial number of the recipient's associated
-     * certificate.
-     *
-     * @param issuer the issuer of the recipient's associated certificate.
-     * @param serialNumber the serial number of the recipient's associated certificate.
-     */
-    public KeyAgreeRecipientId(X500Name issuer, BigInteger serialNumber)
-    {
-        this(issuer, serialNumber, null);
-    }
-
-    public KeyAgreeRecipientId(X500Name issuer, BigInteger serialNumber, byte[] subjectKeyId)
-    {
-        this(new X509CertificateHolderSelector(issuer, serialNumber, subjectKeyId));
-    }
-
-    public BigInteger getSerialNumber()
-    {
-        return baseSelector.getSerialNumber();
-    }
-
-    public byte[] getSubjectKeyIdentifier()
-    {
-        return baseSelector.getSubjectKeyIdentifier();
-    }
-
-    public int hashCode()
-    {
-        return baseSelector.hashCode();
-    }
-
-    public boolean equals(
-        Object  o)
-    {
-        if (!(o instanceof KeyAgreeRecipientId))
-        {
-            return false;
-        }
-
-        KeyAgreeRecipientId id = (KeyAgreeRecipientId)o;
-
-        return this.baseSelector.equals(id.baseSelector);
-    }
-
-    public Object clone()
-    {
-        return new KeyAgreeRecipientId(baseSelector);
-    }
-
-    public boolean match(Object obj)
-    {
-        if (obj instanceof KeyAgreeRecipientInformation)
-        {
-            return ((KeyAgreeRecipientInformation)obj).getRID().equals(this);
-        }
-
-        return baseSelector.match(obj);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/KeyAgreeRecipientInfoGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/KeyAgreeRecipientInfoGenerator.java
deleted file mode 100644
index 8ea8089..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/KeyAgreeRecipientInfoGenerator.java
+++ /dev/null

@@ -1,81 +0,0 @@
-package org.bouncycastle.cms;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.cms.KeyAgreeRecipientInfo;
-import org.bouncycastle.asn1.cms.OriginatorIdentifierOrKey;
-import org.bouncycastle.asn1.cms.OriginatorPublicKey;
-import org.bouncycastle.asn1.cms.RecipientInfo;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.Gost2814789KeyWrapParameters;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.operator.GenericKey;
-
-public abstract class KeyAgreeRecipientInfoGenerator
-    implements RecipientInfoGenerator
-{
-    private ASN1ObjectIdentifier keyAgreementOID;
-    private ASN1ObjectIdentifier keyEncryptionOID;
-    private SubjectPublicKeyInfo originatorKeyInfo;
-
-    protected KeyAgreeRecipientInfoGenerator(ASN1ObjectIdentifier keyAgreementOID, SubjectPublicKeyInfo originatorKeyInfo, ASN1ObjectIdentifier keyEncryptionOID)
-    {
-        this.originatorKeyInfo = originatorKeyInfo;
-        this.keyAgreementOID = keyAgreementOID;
-        this.keyEncryptionOID = keyEncryptionOID;
-    }
-
-    public RecipientInfo generate(GenericKey contentEncryptionKey)
-        throws CMSException
-    {
-        OriginatorIdentifierOrKey originator = new OriginatorIdentifierOrKey(
-            createOriginatorPublicKey(originatorKeyInfo));
-
-        AlgorithmIdentifier keyEncAlg;
-        if (CMSUtils.isDES(keyEncryptionOID.getId()) || keyEncryptionOID.equals(PKCSObjectIdentifiers.id_alg_CMSRC2wrap))
-        {
-            keyEncAlg = new AlgorithmIdentifier(keyEncryptionOID, DERNull.INSTANCE);
-        }
-        else if (CMSUtils.isGOST(keyAgreementOID))
-        {
-            keyEncAlg = new AlgorithmIdentifier(keyEncryptionOID, new Gost2814789KeyWrapParameters(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_A_ParamSet));
-        }
-        else
-        {
-            keyEncAlg = new AlgorithmIdentifier(keyEncryptionOID);
-        }
-
-        AlgorithmIdentifier keyAgreeAlg = new AlgorithmIdentifier(keyAgreementOID, keyEncAlg);
-
-        ASN1Sequence recipients = generateRecipientEncryptedKeys(keyAgreeAlg, keyEncAlg, contentEncryptionKey);
-        byte[] userKeyingMaterial = getUserKeyingMaterial(keyAgreeAlg);
-
-        if (userKeyingMaterial != null)
-        {
-            return new RecipientInfo(new KeyAgreeRecipientInfo(originator, new DEROctetString(userKeyingMaterial),
-                keyAgreeAlg, recipients));
-        }
-        else
-        {
-            return new RecipientInfo(new KeyAgreeRecipientInfo(originator, null, keyAgreeAlg, recipients));
-        }
-    }
-
-    protected OriginatorPublicKey createOriginatorPublicKey(SubjectPublicKeyInfo originatorKeyInfo)
-    {
-        return new OriginatorPublicKey(
-            new AlgorithmIdentifier(originatorKeyInfo.getAlgorithm().getAlgorithm(), DERNull.INSTANCE),
-            originatorKeyInfo.getPublicKeyData().getBytes());
-    }
-
-    protected abstract ASN1Sequence generateRecipientEncryptedKeys(AlgorithmIdentifier keyAgreeAlgorithm, AlgorithmIdentifier keyEncAlgorithm, GenericKey contentEncryptionKey)
-        throws CMSException;
-
-    protected abstract byte[] getUserKeyingMaterial(AlgorithmIdentifier keyAgreeAlgorithm)
-        throws CMSException;
-
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/KeyAgreeRecipientInformation.java b/bcpkix/src/main/java/org/bouncycastle/cms/KeyAgreeRecipientInformation.java
deleted file mode 100644
index 16c26bd..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/KeyAgreeRecipientInformation.java
+++ /dev/null

@@ -1,131 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.IOException;
-import java.util.List;
-
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
-import org.bouncycastle.asn1.cms.KeyAgreeRecipientIdentifier;
-import org.bouncycastle.asn1.cms.KeyAgreeRecipientInfo;
-import org.bouncycastle.asn1.cms.OriginatorIdentifierOrKey;
-import org.bouncycastle.asn1.cms.OriginatorPublicKey;
-import org.bouncycastle.asn1.cms.RecipientEncryptedKey;
-import org.bouncycastle.asn1.cms.RecipientKeyIdentifier;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-
-/**
- * the RecipientInfo class for a recipient who has been sent a message
- * encrypted using key agreement.
- */
-public class KeyAgreeRecipientInformation
-    extends RecipientInformation
-{
-    private KeyAgreeRecipientInfo info;
-    private ASN1OctetString       encryptedKey;
-
-    static void readRecipientInfo(List infos, KeyAgreeRecipientInfo info,
-        AlgorithmIdentifier messageAlgorithm, CMSSecureReadable secureReadable, AuthAttributesProvider additionalData)
-    {
-        ASN1Sequence s = info.getRecipientEncryptedKeys();
-
-        for (int i = 0; i < s.size(); ++i)
-        {
-            RecipientEncryptedKey id = RecipientEncryptedKey.getInstance(
-                s.getObjectAt(i));
-
-            RecipientId rid;
-
-            KeyAgreeRecipientIdentifier karid = id.getIdentifier();
-            IssuerAndSerialNumber iAndSN = karid.getIssuerAndSerialNumber();
-
-            if (iAndSN != null)
-            {
-                rid = new KeyAgreeRecipientId(iAndSN.getName(), iAndSN.getSerialNumber().getValue());
-            }
-            else
-            {
-                RecipientKeyIdentifier rKeyID = karid.getRKeyID();
-
-                // Note: 'date' and 'other' fields of RecipientKeyIdentifier appear to be only informational
-
-                rid = new KeyAgreeRecipientId(rKeyID.getSubjectKeyIdentifier().getOctets());
-            }
-
-            infos.add(new KeyAgreeRecipientInformation(info, rid, id.getEncryptedKey(), messageAlgorithm,
-                secureReadable, additionalData));
-        }
-    }
-
-    KeyAgreeRecipientInformation(
-        KeyAgreeRecipientInfo   info,
-        RecipientId             rid,
-        ASN1OctetString         encryptedKey,
-        AlgorithmIdentifier     messageAlgorithm,
-        CMSSecureReadable       secureReadable,
-        AuthAttributesProvider  additionalData)
-    {
-        super(info.getKeyEncryptionAlgorithm(), messageAlgorithm, secureReadable, additionalData);
-
-        this.info = info;
-        this.rid = rid;
-        this.encryptedKey = encryptedKey;
-    }
-
-    private SubjectPublicKeyInfo getSenderPublicKeyInfo(AlgorithmIdentifier recKeyAlgId,
-        OriginatorIdentifierOrKey originator)
-        throws CMSException, IOException
-    {
-        OriginatorPublicKey opk = originator.getOriginatorKey();
-        if (opk != null)
-        {
-            return getPublicKeyInfoFromOriginatorPublicKey(recKeyAlgId, opk);
-        }
-
-        OriginatorId origID;
-
-        IssuerAndSerialNumber iAndSN = originator.getIssuerAndSerialNumber();
-        if (iAndSN != null)
-        {
-            origID = new OriginatorId(iAndSN.getName(), iAndSN.getSerialNumber().getValue());
-        }
-        else
-        {
-            SubjectKeyIdentifier ski = originator.getSubjectKeyIdentifier();
-
-            origID = new OriginatorId(ski.getKeyIdentifier());
-        }
-
-        return getPublicKeyInfoFromOriginatorId(origID);
-    }
-
-    private SubjectPublicKeyInfo getPublicKeyInfoFromOriginatorPublicKey(AlgorithmIdentifier recKeyAlgId,
-            OriginatorPublicKey originatorPublicKey)
-    {
-        SubjectPublicKeyInfo pubInfo = new SubjectPublicKeyInfo(
-            recKeyAlgId,
-            originatorPublicKey.getPublicKey().getBytes());
-
-        return pubInfo;
-    }
-
-    private SubjectPublicKeyInfo getPublicKeyInfoFromOriginatorId(OriginatorId origID)
-            throws CMSException
-    {
-        // TODO Support all alternatives for OriginatorIdentifierOrKey
-        // see RFC 3852 6.2.2
-        throw new CMSException("No support for 'originator' as IssuerAndSerialNumber or SubjectKeyIdentifier");
-    }
-
-    protected RecipientOperator getRecipientOperator(Recipient recipient)
-        throws CMSException, IOException
-    {
-        KeyAgreeRecipient agreeRecipient = (KeyAgreeRecipient)recipient;
-                AlgorithmIdentifier    recKeyAlgId = agreeRecipient.getPrivateKeyAlgorithmIdentifier();
-
-        return ((KeyAgreeRecipient)recipient).getRecipientOperator(keyEncAlg, messageAlgorithm, getSenderPublicKeyInfo(recKeyAlgId,
-                        info.getOriginator()), info.getUserKeyingMaterial(), encryptedKey.getOctets());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/KeyTransRecipient.java b/bcpkix/src/main/java/org/bouncycastle/cms/KeyTransRecipient.java
deleted file mode 100644
index b61fbbe..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/KeyTransRecipient.java
+++ /dev/null

@@ -1,10 +0,0 @@
-package org.bouncycastle.cms;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-public interface KeyTransRecipient
-    extends Recipient
-{
-    RecipientOperator getRecipientOperator(AlgorithmIdentifier keyEncAlg, AlgorithmIdentifier contentEncryptionAlgorithm, byte[] encryptedContentKey)
-        throws CMSException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/KeyTransRecipientId.java b/bcpkix/src/main/java/org/bouncycastle/cms/KeyTransRecipientId.java
deleted file mode 100644
index f850dcf..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/KeyTransRecipientId.java
+++ /dev/null

@@ -1,102 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.cert.selector.X509CertificateHolderSelector;
-
-public class KeyTransRecipientId
-    extends RecipientId
-{
-    private X509CertificateHolderSelector baseSelector;
-
-    private KeyTransRecipientId(X509CertificateHolderSelector baseSelector)
-    {
-        super(keyTrans);
-
-        this.baseSelector = baseSelector;
-    }
-
-    /**
-     * Construct a key trans recipient ID with the value of a public key's subjectKeyId.
-     *
-     * @param subjectKeyId a subjectKeyId
-     */
-    public KeyTransRecipientId(byte[] subjectKeyId)
-    {
-        this(null, null, subjectKeyId);
-    }
-
-    /**
-     * Construct a key trans recipient ID based on the issuer and serial number of the recipient's associated
-     * certificate.
-     *
-     * @param issuer the issuer of the recipient's associated certificate.
-     * @param serialNumber the serial number of the recipient's associated certificate.
-     */
-    public KeyTransRecipientId(X500Name issuer, BigInteger serialNumber)
-    {
-        this(issuer, serialNumber, null);
-    }
-
-    /**
-     * Construct a key trans recipient ID based on the issuer and serial number of the recipient's associated
-     * certificate.
-     *
-     * @param issuer the issuer of the recipient's associated certificate.
-     * @param serialNumber the serial number of the recipient's associated certificate.
-     * @param subjectKeyId the subject key identifier to use to match the recipients associated certificate.
-     */
-    public KeyTransRecipientId(X500Name issuer, BigInteger serialNumber, byte[] subjectKeyId)
-    {
-        this(new X509CertificateHolderSelector(issuer, serialNumber, subjectKeyId));
-    }
-
-    public X500Name getIssuer()
-    {
-        return baseSelector.getIssuer();
-    }
-
-    public BigInteger getSerialNumber()
-    {
-        return baseSelector.getSerialNumber();
-    }
-
-    public byte[] getSubjectKeyIdentifier()
-    {
-        return baseSelector.getSubjectKeyIdentifier();
-    }
-
-    public int hashCode()
-    {
-        return baseSelector.hashCode();
-    }
-
-    public boolean equals(
-        Object  o)
-    {
-        if (!(o instanceof KeyTransRecipientId))
-        {
-            return false;
-        }
-
-        KeyTransRecipientId id = (KeyTransRecipientId)o;
-
-        return this.baseSelector.equals(id.baseSelector);
-    }
-
-    public Object clone()
-    {
-        return new KeyTransRecipientId(this.baseSelector);
-    }
-
-    public boolean match(Object obj)
-    {
-        if (obj instanceof KeyTransRecipientInformation)
-        {
-            return ((KeyTransRecipientInformation)obj).getRID().equals(this);
-        }
-
-        return baseSelector.match(obj);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/KeyTransRecipientInfoGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/KeyTransRecipientInfoGenerator.java
deleted file mode 100644
index e576f03..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/KeyTransRecipientInfoGenerator.java
+++ /dev/null

@@ -1,58 +0,0 @@
-package org.bouncycastle.cms;
-
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
-import org.bouncycastle.asn1.cms.KeyTransRecipientInfo;
-import org.bouncycastle.asn1.cms.RecipientIdentifier;
-import org.bouncycastle.asn1.cms.RecipientInfo;
-import org.bouncycastle.operator.AsymmetricKeyWrapper;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.OperatorException;
-
-public abstract class KeyTransRecipientInfoGenerator
-    implements RecipientInfoGenerator
-{
-    protected final AsymmetricKeyWrapper wrapper;
-
-    private IssuerAndSerialNumber issuerAndSerial;
-    private byte[] subjectKeyIdentifier;
-
-    protected KeyTransRecipientInfoGenerator(IssuerAndSerialNumber issuerAndSerial, AsymmetricKeyWrapper wrapper)
-    {
-        this.issuerAndSerial = issuerAndSerial;
-        this.wrapper = wrapper;
-    }
-
-    protected KeyTransRecipientInfoGenerator(byte[] subjectKeyIdentifier, AsymmetricKeyWrapper wrapper)
-    {
-        this.subjectKeyIdentifier = subjectKeyIdentifier;
-        this.wrapper = wrapper;
-    }
-
-    public final RecipientInfo generate(GenericKey contentEncryptionKey)
-        throws CMSException
-    {
-        byte[] encryptedKeyBytes;
-        try
-        {
-            encryptedKeyBytes = wrapper.generateWrappedKey(contentEncryptionKey);
-        }
-        catch (OperatorException e)
-        {
-            throw new CMSException("exception wrapping content key: " + e.getMessage(), e);
-        }
-
-        RecipientIdentifier recipId;
-        if (issuerAndSerial != null)
-        {
-            recipId = new RecipientIdentifier(issuerAndSerial);
-        }
-        else
-        {
-            recipId = new RecipientIdentifier(new DEROctetString(subjectKeyIdentifier));
-        }
-
-        return new RecipientInfo(new KeyTransRecipientInfo(recipId, wrapper.getAlgorithmIdentifier(),
-            new DEROctetString(encryptedKeyBytes)));
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/KeyTransRecipientInformation.java b/bcpkix/src/main/java/org/bouncycastle/cms/KeyTransRecipientInformation.java
deleted file mode 100644
index d59f4b3..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/KeyTransRecipientInformation.java
+++ /dev/null

@@ -1,50 +0,0 @@
-package org.bouncycastle.cms;
-
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
-import org.bouncycastle.asn1.cms.KeyTransRecipientInfo;
-import org.bouncycastle.asn1.cms.RecipientIdentifier;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * the KeyTransRecipientInformation class for a recipient who has been sent a secret
- * key encrypted using their public key that needs to be used to
- * extract the message.
- */
-public class KeyTransRecipientInformation
-    extends RecipientInformation
-{
-    private KeyTransRecipientInfo info;
-
-    KeyTransRecipientInformation(
-        KeyTransRecipientInfo   info,
-        AlgorithmIdentifier     messageAlgorithm,
-        CMSSecureReadable       secureReadable,
-        AuthAttributesProvider  additionalData)
-    {
-        super(info.getKeyEncryptionAlgorithm(), messageAlgorithm, secureReadable, additionalData);
-
-        this.info = info;
-
-        RecipientIdentifier r = info.getRecipientIdentifier();
-
-        if (r.isTagged())
-        {
-            ASN1OctetString octs = ASN1OctetString.getInstance(r.getId());
-
-            rid = new KeyTransRecipientId(octs.getOctets());
-        }
-        else
-        {
-            IssuerAndSerialNumber   iAnds = IssuerAndSerialNumber.getInstance(r.getId());
-
-            rid = new KeyTransRecipientId(iAnds.getName(), iAnds.getSerialNumber().getValue());
-        }
-    }
-
-    protected RecipientOperator getRecipientOperator(Recipient recipient)
-        throws CMSException
-    {
-        return ((KeyTransRecipient)recipient).getRecipientOperator(keyEncAlg, messageAlgorithm, info.getEncryptedKey().getOctets());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/OriginatorId.java b/bcpkix/src/main/java/org/bouncycastle/cms/OriginatorId.java
deleted file mode 100644
index ab38105..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/OriginatorId.java
+++ /dev/null

@@ -1,118 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Selector;
-
-/**
- * a basic index for an originator.
- */
-class OriginatorId
-    implements Selector
-{
-    private byte[] subjectKeyId;
-
-    private X500Name issuer;
-    private BigInteger serialNumber;
-
-    /**
-     * Construct a signer ID with the value of a public key's subjectKeyId.
-     *
-     * @param subjectKeyId a subjectKeyId
-     */
-    public OriginatorId(byte[] subjectKeyId)
-    {
-        setSubjectKeyID(subjectKeyId);
-    }
-
-    private void setSubjectKeyID(byte[] subjectKeyId)
-    {
-        this.subjectKeyId = subjectKeyId;
-    }
-
-    /**
-     * Construct a signer ID based on the issuer and serial number of the signer's associated
-     * certificate.
-     *
-     * @param issuer the issuer of the signer's associated certificate.
-     * @param serialNumber the serial number of the signer's associated certificate.
-     */
-    public OriginatorId(X500Name issuer, BigInteger serialNumber)
-    {
-        setIssuerAndSerial(issuer, serialNumber);
-    }
-
-    private void setIssuerAndSerial(X500Name issuer, BigInteger serialNumber)
-    {
-        this.issuer = issuer;
-        this.serialNumber = serialNumber;
-    }
-
-    /**
-     * Construct a signer ID based on the issuer and serial number of the signer's associated
-     * certificate.
-     *
-     * @param issuer the issuer of the signer's associated certificate.
-     * @param serialNumber the serial number of the signer's associated certificate.
-     * @param subjectKeyId the subject key identifier to use to match the signers associated certificate.
-     */
-    public OriginatorId(X500Name issuer, BigInteger serialNumber, byte[] subjectKeyId)
-    {
-        setIssuerAndSerial(issuer, serialNumber);
-        setSubjectKeyID(subjectKeyId);
-    }
-
-    public X500Name getIssuer()
-    {
-        return issuer;
-    }
-
-    public Object clone()
-    {
-        return new OriginatorId(this.issuer, this.serialNumber, this.subjectKeyId);
-    }
-
-    public int hashCode()
-    {
-        int code = Arrays.hashCode(subjectKeyId);
-
-        if (this.serialNumber != null)
-        {
-            code ^= this.serialNumber.hashCode();
-        }
-
-        if (this.issuer != null)
-        {
-            code ^= this.issuer.hashCode();
-        }
-
-        return code;
-    }
-
-    public boolean equals(
-        Object  o)
-    {
-        if (!(o instanceof OriginatorId))
-        {
-            return false;
-        }
-
-        OriginatorId id = (OriginatorId)o;
-
-        return Arrays.areEqual(subjectKeyId, id.subjectKeyId)
-            && equalsObj(this.serialNumber, id.serialNumber)
-            && equalsObj(this.issuer, id.issuer);
-    }
-
-    private boolean equalsObj(Object a, Object b)
-    {
-        return (a != null) ? a.equals(b) : b == null;
-    }
-
-    public boolean match(Object obj)
-    {
-        return false;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/OriginatorInfoGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/OriginatorInfoGenerator.java
deleted file mode 100644
index 8ea5a92..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/OriginatorInfoGenerator.java
+++ /dev/null

@@ -1,54 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import org.bouncycastle.asn1.cms.OriginatorInfo;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.util.Store;
-
-public class OriginatorInfoGenerator
-{
-    private final List origCerts;
-    private final List origCRLs;
-
-    public OriginatorInfoGenerator(X509CertificateHolder origCert)
-    {
-        this.origCerts = new ArrayList(1);
-        this.origCRLs = null;
-        origCerts.add(origCert.toASN1Structure());
-    }
-
-    public OriginatorInfoGenerator(Store origCerts)
-        throws CMSException
-    {
-        this(origCerts, null);
-    }
-
-    public OriginatorInfoGenerator(Store origCerts, Store origCRLs)
-        throws CMSException
-    {
-        this.origCerts = CMSUtils.getCertificatesFromStore(origCerts);
-
-        if (origCRLs != null)
-        {
-            this.origCRLs = CMSUtils.getCRLsFromStore(origCRLs);
-        }
-        else
-        {
-            this.origCRLs = null;
-        }
-    }
-
-    public OriginatorInformation generate()
-    {
-        if (origCRLs != null)
-        {
-            return new OriginatorInformation(new OriginatorInfo(CMSUtils.createDerSetFromList(origCerts), CMSUtils.createDerSetFromList(origCRLs)));
-        }
-        else
-        {
-            return new OriginatorInformation(new OriginatorInfo(CMSUtils.createDerSetFromList(origCerts), null));
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/OriginatorInformation.java b/bcpkix/src/main/java/org/bouncycastle/cms/OriginatorInformation.java
deleted file mode 100644
index 7e9379d..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/OriginatorInformation.java
+++ /dev/null

@@ -1,95 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.util.ArrayList;
-import java.util.Enumeration;
-import java.util.List;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.cms.OriginatorInfo;
-import org.bouncycastle.asn1.x509.Certificate;
-import org.bouncycastle.asn1.x509.CertificateList;
-import org.bouncycastle.cert.X509CRLHolder;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.util.CollectionStore;
-import org.bouncycastle.util.Store;
-
-public class OriginatorInformation
-{
-    private OriginatorInfo originatorInfo;
-
-    OriginatorInformation(OriginatorInfo originatorInfo)
-    {
-        this.originatorInfo = originatorInfo;
-    }
-
-    /**
-     * Return the certificates stored in the underlying OriginatorInfo object.
-     *
-     * @return a Store of X509CertificateHolder objects.
-     */
-    public Store getCertificates()
-    {
-        ASN1Set certSet = originatorInfo.getCertificates();
-
-        if (certSet != null)
-        {
-            List certList = new ArrayList(certSet.size());
-
-            for (Enumeration en = certSet.getObjects(); en.hasMoreElements();)
-            {
-                ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive();
-
-                if (obj instanceof ASN1Sequence)
-                {
-                    certList.add(new X509CertificateHolder(Certificate.getInstance(obj)));
-                }
-            }
-
-            return new CollectionStore(certList);
-        }
-
-        return new CollectionStore(new ArrayList());
-    }
-
-    /**
-     * Return the CRLs stored in the underlying OriginatorInfo object.
-     *
-     * @return a Store of X509CRLHolder objects.
-     */
-    public Store getCRLs()
-    {
-        ASN1Set crlSet = originatorInfo.getCRLs();
-
-        if (crlSet != null)
-        {
-            List    crlList = new ArrayList(crlSet.size());
-
-            for (Enumeration en = crlSet.getObjects(); en.hasMoreElements();)
-            {
-                ASN1Primitive obj = ((ASN1Encodable)en.nextElement()).toASN1Primitive();
-
-                if (obj instanceof ASN1Sequence)
-                {
-                    crlList.add(new X509CRLHolder(CertificateList.getInstance(obj)));
-                }
-            }
-
-            return new CollectionStore(crlList);
-        }
-
-        return new CollectionStore(new ArrayList());
-    }
-
-    /**
-     * Return the underlying ASN.1 object defining this SignerInformation object.
-     *
-     * @return a OriginatorInfo.
-     */
-    public OriginatorInfo toASN1Structure()
-    {
-        return originatorInfo;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/PKCS7TypedStream.java b/bcpkix/src/main/java/org/bouncycastle/cms/PKCS7TypedStream.java
deleted file mode 100644
index 4128e54..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/PKCS7TypedStream.java
+++ /dev/null

@@ -1,62 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-
-public class PKCS7TypedStream
-    extends CMSTypedStream
-{
-    private final ASN1Encodable content;
-
-    public PKCS7TypedStream(ASN1ObjectIdentifier oid, ASN1Encodable encodable)
-        throws IOException
-    {
-        super(oid);
-
-        content = encodable;
-    }
-
-    public ASN1Encodable getContent()
-    {
-        return content;
-    }
-
-    public InputStream getContentStream()
-    {
-        try
-        {
-            return getContentStream(content);
-        }
-        catch (IOException e)
-        {
-            throw new CMSRuntimeException("unable to convert content to stream: " + e.getMessage(), e);
-        }
-    }
-
-    public void drain()
-        throws IOException
-    {
-        getContentStream(content); // this will parse in the data
-    }
-
-    private InputStream getContentStream(ASN1Encodable encodable)
-        throws IOException
-    {
-        byte[] encoded = encodable.toASN1Primitive().getEncoded(ASN1Encoding.DER);
-        int index = 1;
-
-        while ((encoded[index] & 0xff) > 127)
-        {
-            index++;
-        }
-
-        index++;
-
-        return new ByteArrayInputStream(encoded, index, encoded.length - index);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/PasswordRecipientId.java b/bcpkix/src/main/java/org/bouncycastle/cms/PasswordRecipientId.java
deleted file mode 100644
index 95688d7..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/PasswordRecipientId.java
+++ /dev/null

@@ -1,44 +0,0 @@
-package org.bouncycastle.cms;
-
-public class PasswordRecipientId
-    extends RecipientId
-{
-    /**
-     * Construct a recipient ID of the password type.
-     */
-    public PasswordRecipientId()
-    {
-        super(password);
-    }
-
-    public int hashCode()
-    {
-        return password;
-    }
-
-    public boolean equals(
-        Object o)
-    {
-        if (!(o instanceof PasswordRecipientId))
-        {
-            return false;
-        }
-
-        return true;
-    }
-
-    public Object clone()
-    {
-        return new PasswordRecipientId();
-    }
-
-    public boolean match(Object obj)
-    {
-        if (obj instanceof PasswordRecipientInformation)
-        {
-            return true;
-        }
-        
-        return false;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/PasswordRecipientInfoGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/PasswordRecipientInfoGenerator.java
deleted file mode 100644
index f9d996a..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/PasswordRecipientInfoGenerator.java
+++ /dev/null

@@ -1,135 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cms.PasswordRecipientInfo;
-import org.bouncycastle.asn1.cms.RecipientInfo;
-import org.bouncycastle.asn1.pkcs.PBKDF2Params;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.util.Arrays;
-
-public abstract class PasswordRecipientInfoGenerator
-    implements RecipientInfoGenerator
-{
-    protected char[] password;
-
-    private AlgorithmIdentifier keyDerivationAlgorithm;
-    private ASN1ObjectIdentifier kekAlgorithm;
-    private SecureRandom random;
-    private int schemeID;
-    private int keySize;
-    private int blockSize;
-    private PasswordRecipient.PRF prf;
-    private byte[] salt;
-    private int iterationCount;
-
-    protected PasswordRecipientInfoGenerator(ASN1ObjectIdentifier kekAlgorithm, char[] password)
-    {
-        this(kekAlgorithm, password, getKeySize(kekAlgorithm), ((Integer)PasswordRecipientInformation.BLOCKSIZES.get(kekAlgorithm)).intValue());
-    }
-
-    protected PasswordRecipientInfoGenerator(ASN1ObjectIdentifier kekAlgorithm, char[] password, int keySize, int blockSize)
-    {
-        this.password = password;
-        this.schemeID = PasswordRecipient.PKCS5_SCHEME2_UTF8;
-        this.kekAlgorithm = kekAlgorithm;
-        this.keySize = keySize;
-        this.blockSize = blockSize;
-        this.prf = PasswordRecipient.PRF.HMacSHA1;
-        this.iterationCount = 1024;
-    }
-
-    private static int getKeySize(ASN1ObjectIdentifier kekAlgorithm)
-    {
-        Integer size = (Integer)PasswordRecipientInformation.KEYSIZES.get(kekAlgorithm);
-
-        if (size == null)
-        {
-            throw new IllegalArgumentException("cannot find key size for algorithm: " +  kekAlgorithm);
-        }
-
-        return size.intValue();
-    }
-
-    public PasswordRecipientInfoGenerator setPasswordConversionScheme(int schemeID)
-    {
-        this.schemeID = schemeID;
-
-        return this;
-    }
-
-    public PasswordRecipientInfoGenerator setPRF(PasswordRecipient.PRF prf)
-    {
-        this.prf = prf;
-
-        return this;
-    }
-
-    public PasswordRecipientInfoGenerator setSaltAndIterationCount(byte[] salt, int iterationCount)
-    {
-        this.salt = Arrays.clone(salt);
-        this.iterationCount = iterationCount;
-
-        return this;
-    }
-
-    public PasswordRecipientInfoGenerator setSecureRandom(SecureRandom random)
-    {
-        this.random = random;
-
-        return this;
-    }
-
-    public RecipientInfo generate(GenericKey contentEncryptionKey)
-        throws CMSException
-    {
-        byte[] iv = new byte[blockSize];     /// TODO: set IV size properly!
-
-        if (random == null)
-        {
-            random = new SecureRandom();
-        }
-        
-        random.nextBytes(iv);
-
-        if (salt == null)
-        {
-            salt = new byte[20];
-
-            random.nextBytes(salt);
-        }
-
-        keyDerivationAlgorithm = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_PBKDF2, new PBKDF2Params(salt, iterationCount, prf.prfAlgID));
-
-        byte[] derivedKey = calculateDerivedKey(schemeID, keyDerivationAlgorithm, keySize);
-
-        AlgorithmIdentifier kekAlgorithmId = new AlgorithmIdentifier(kekAlgorithm, new DEROctetString(iv));
-
-        byte[] encryptedKeyBytes = generateEncryptedBytes(kekAlgorithmId, derivedKey, contentEncryptionKey);
-
-        ASN1OctetString encryptedKey = new DEROctetString(encryptedKeyBytes);
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        v.add(kekAlgorithm);
-        v.add(new DEROctetString(iv));
-
-        AlgorithmIdentifier keyEncryptionAlgorithm = new AlgorithmIdentifier(
-            PKCSObjectIdentifiers.id_alg_PWRI_KEK, new DERSequence(v));
-
-        return new RecipientInfo(new PasswordRecipientInfo(keyDerivationAlgorithm,
-            keyEncryptionAlgorithm, encryptedKey));
-    }
-
-    protected abstract byte[] calculateDerivedKey(int schemeID, AlgorithmIdentifier derivationAlgorithm, int keySize)
-        throws CMSException;
-
-    protected abstract byte[] generateEncryptedBytes(AlgorithmIdentifier algorithm, byte[] derivedKey, GenericKey contentEncryptionKey)
-        throws CMSException;
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/PasswordRecipientInformation.java b/bcpkix/src/main/java/org/bouncycastle/cms/PasswordRecipientInformation.java
deleted file mode 100644
index a12d8a7..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/PasswordRecipientInformation.java
+++ /dev/null

@@ -1,114 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.IOException;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.cms.PasswordRecipientInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.Integers;
-
-/**
- * the RecipientInfo class for a recipient who has been sent a message
- * encrypted using a password.
- */
-public class PasswordRecipientInformation
-    extends RecipientInformation
-{
-    static Map KEYSIZES = new HashMap();
-    static Map BLOCKSIZES = new HashMap();
-
-    static
-    {
-        BLOCKSIZES.put(CMSAlgorithm.DES_EDE3_CBC, Integers.valueOf(8));
-        BLOCKSIZES.put(CMSAlgorithm.AES128_CBC, Integers.valueOf(16));
-        BLOCKSIZES.put(CMSAlgorithm.AES192_CBC, Integers.valueOf(16));
-        BLOCKSIZES.put(CMSAlgorithm.AES256_CBC, Integers.valueOf(16));
-
-        KEYSIZES.put(CMSAlgorithm.DES_EDE3_CBC, Integers.valueOf(192));
-        KEYSIZES.put(CMSAlgorithm.AES128_CBC, Integers.valueOf(128));
-        KEYSIZES.put(CMSAlgorithm.AES192_CBC, Integers.valueOf(192));
-        KEYSIZES.put(CMSAlgorithm.AES256_CBC, Integers.valueOf(256));
-    }
-
-    private PasswordRecipientInfo info;
-
-    PasswordRecipientInformation(
-        PasswordRecipientInfo   info,
-        AlgorithmIdentifier     messageAlgorithm,
-        CMSSecureReadable       secureReadable,
-        AuthAttributesProvider  additionalData)
-    {
-        super(info.getKeyEncryptionAlgorithm(), messageAlgorithm, secureReadable, additionalData);
-
-        this.info = info;
-        this.rid = new PasswordRecipientId();
-    }
-
-    /**
-     * return the object identifier for the key derivation algorithm, or null
-     * if there is none present.
-     *
-     * @return OID for key derivation algorithm, if present.
-     */
-    public String getKeyDerivationAlgOID()
-    {
-        if (info.getKeyDerivationAlgorithm() != null)
-        {
-            return info.getKeyDerivationAlgorithm().getAlgorithm().getId();
-        }
-
-        return null;
-    }
-
-    /**
-     * return the ASN.1 encoded key derivation algorithm parameters, or null if
-     * there aren't any.
-     * @return ASN.1 encoding of key derivation algorithm parameters.
-     */
-    public byte[] getKeyDerivationAlgParams()
-    {
-        try
-        {
-            if (info.getKeyDerivationAlgorithm() != null)
-            {
-                ASN1Encodable params = info.getKeyDerivationAlgorithm().getParameters();
-                if (params != null)
-                {
-                    return params.toASN1Primitive().getEncoded();
-                }
-            }
-
-            return null;
-        }
-        catch (Exception e)
-        {
-            throw new RuntimeException("exception getting encryption parameters " + e);
-        }
-    }
-
-    /**
-     * Return the key derivation algorithm details for the key in this recipient.
-     *
-     * @return AlgorithmIdentifier representing the key derivation algorithm.
-     */
-    public AlgorithmIdentifier getKeyDerivationAlgorithm()
-    {
-        return info.getKeyDerivationAlgorithm();
-    }
-
-    protected RecipientOperator getRecipientOperator(Recipient recipient)
-        throws CMSException, IOException
-    {
-        PasswordRecipient pbeRecipient = (PasswordRecipient)recipient;
-        AlgorithmIdentifier kekAlg = AlgorithmIdentifier.getInstance(info.getKeyEncryptionAlgorithm());
-        AlgorithmIdentifier kekAlgParams = AlgorithmIdentifier.getInstance(kekAlg.getParameters());
-
-        int keySize = ((Integer)KEYSIZES.get(kekAlgParams.getAlgorithm())).intValue();
-
-        byte[] derivedKey = pbeRecipient.calculateDerivedKey(pbeRecipient.getPasswordConversionScheme(), this.getKeyDerivationAlgorithm(), keySize);
-
-        return pbeRecipient.getRecipientOperator(kekAlgParams, messageAlgorithm, derivedKey, info.getEncryptedKey().getOctets());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/RecipientId.java b/bcpkix/src/main/java/org/bouncycastle/cms/RecipientId.java
deleted file mode 100644
index fae5a10..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/RecipientId.java
+++ /dev/null

@@ -1,31 +0,0 @@
-package org.bouncycastle.cms;
-
-import org.bouncycastle.util.Selector;
-
-public abstract class RecipientId
-    implements Selector
-{
-    public static final int keyTrans = 0;
-    public static final int kek = 1;
-    public static final int keyAgree = 2;
-    public static final int password = 3;
-
-    private final int type;
-
-    protected RecipientId(int type)
-    {
-        this.type = type;
-    }
-
-    /**
-     * Return the type code for this recipient ID.
-     *
-     * @return one of keyTrans, kek, keyAgree, password
-     */
-    public int getType()
-    {
-        return type;
-    }
-
-    public abstract Object clone();
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/RecipientInfoGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/RecipientInfoGenerator.java
deleted file mode 100644
index 6ab41d3..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/RecipientInfoGenerator.java
+++ /dev/null

@@ -1,10 +0,0 @@
-package org.bouncycastle.cms;
-
-import org.bouncycastle.asn1.cms.RecipientInfo;
-import org.bouncycastle.operator.GenericKey;
-
-public interface RecipientInfoGenerator
-{
-    RecipientInfo generate(GenericKey contentEncryptionKey)
-        throws CMSException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/RecipientInformation.java b/bcpkix/src/main/java/org/bouncycastle/cms/RecipientInformation.java
deleted file mode 100644
index 86f9fa3..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/RecipientInformation.java
+++ /dev/null

@@ -1,181 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.io.Streams;
-
-public abstract class RecipientInformation
-{
-    protected RecipientId rid;
-    protected AlgorithmIdentifier   keyEncAlg;
-    protected AlgorithmIdentifier messageAlgorithm;
-    protected CMSSecureReadable     secureReadable;
-
-    private AuthAttributesProvider additionalData;
-
-    private byte[] resultMac;
-    private RecipientOperator     operator;
-
-    RecipientInformation(
-        AlgorithmIdentifier     keyEncAlg,
-        AlgorithmIdentifier     messageAlgorithm,
-        CMSSecureReadable       secureReadable,
-        AuthAttributesProvider  additionalData)
-    {
-        this.keyEncAlg = keyEncAlg;
-        this.messageAlgorithm = messageAlgorithm;
-        this.secureReadable = secureReadable;
-        this.additionalData = additionalData;
-    }
-
-    public RecipientId getRID()
-    {
-        return rid;
-    }
-
-    private byte[] encodeObj(
-        ASN1Encodable obj)
-        throws IOException
-    {
-        if (obj != null)
-        {
-            return obj.toASN1Primitive().getEncoded();
-        }
-
-        return null;
-    }
-
-    /**
-     * Return the key encryption algorithm details for the key in this recipient.
-     *
-     * @return AlgorithmIdentifier representing the key encryption algorithm.
-     */
-    public AlgorithmIdentifier getKeyEncryptionAlgorithm()
-    {
-        return keyEncAlg;
-    }
-
-    /**
-     * return the object identifier for the key encryption algorithm.
-     *
-     * @return OID for key encryption algorithm.
-     */
-    public String getKeyEncryptionAlgOID()
-    {
-        return keyEncAlg.getAlgorithm().getId();
-    }
-
-    /**
-     * return the ASN.1 encoded key encryption algorithm parameters, or null if
-     * there aren't any.
-     *
-     * @return ASN.1 encoding of key encryption algorithm parameters.
-     */
-    public byte[] getKeyEncryptionAlgParams()
-    {
-        try
-        {
-            return encodeObj(keyEncAlg.getParameters());
-        }
-        catch (Exception e)
-        {
-            throw new RuntimeException("exception getting encryption parameters " + e);
-        }
-    }
-
-    /**
-     * Return the content digest calculated during the read of the content if one has been generated. This will
-     * only happen if we are dealing with authenticated data and authenticated attributes are present.
-     *
-     * @return byte array containing the digest.
-     */
-    public byte[] getContentDigest()
-    {
-        if (secureReadable instanceof CMSEnvelopedHelper.CMSDigestAuthenticatedSecureReadable)
-        {
-            return ((CMSEnvelopedHelper.CMSDigestAuthenticatedSecureReadable)secureReadable).getDigest();
-        }
-
-        return null;
-    }
-
-    /**
-     * Return the MAC calculated for the recipient. Note: this call is only meaningful once all
-     * the content has been read.
-     *
-     * @return  byte array containing the mac.
-     */
-    public byte[] getMac()
-    {
-        if (resultMac == null)
-        {
-            if (operator.isMacBased())
-            {
-                if (additionalData != null)
-                {
-                    try
-                    {
-                        Streams.drain(operator.getInputStream(new ByteArrayInputStream(additionalData.getAuthAttributes().getEncoded(ASN1Encoding.DER))));
-                    }
-                    catch (IOException e)
-                    {
-                        throw new IllegalStateException("unable to drain input: " + e.getMessage());
-                    }
-                }
-                resultMac = operator.getMac();
-            }
-        }
-
-        return resultMac;
-    }
-
-    /**
-     * Return the decrypted/encapsulated content in the EnvelopedData after recovering the content
-     * encryption/MAC key using the passed in Recipient.
-     *
-     * @param recipient recipient object to use to recover content encryption key
-     * @return  the content inside the EnvelopedData this RecipientInformation is associated with.
-     * @throws CMSException if the content-encryption/MAC key cannot be recovered.
-     */
-    public byte[] getContent(
-        Recipient recipient)
-        throws CMSException
-    {
-        try
-        {
-            return CMSUtils.streamToByteArray(getContentStream(recipient).getContentStream());
-        }
-        catch (IOException e)
-        {
-            throw new CMSException("unable to parse internal stream: " + e.getMessage(), e);
-        }
-    }
-
-    /**
-     * Return a CMSTypedStream representing the content in the EnvelopedData after recovering the content
-     * encryption/MAC key using the passed in Recipient.
-     *
-     * @param recipient recipient object to use to recover content encryption key
-     * @return  the content inside the EnvelopedData this RecipientInformation is associated with.
-     * @throws CMSException if the content-encryption/MAC key cannot be recovered.
-     */
-    public CMSTypedStream getContentStream(Recipient recipient)
-        throws CMSException, IOException
-    {
-        operator = getRecipientOperator(recipient);
-
-        if (additionalData != null)
-        {
-            return new CMSTypedStream(secureReadable.getInputStream());
-        }
-
-        return new CMSTypedStream(operator.getInputStream(secureReadable.getInputStream()));
-    }
-
-    protected abstract RecipientOperator getRecipientOperator(Recipient recipient)
-        throws CMSException, IOException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/RecipientInformationStore.java b/bcpkix/src/main/java/org/bouncycastle/cms/RecipientInformationStore.java
deleted file mode 100644
index fdcd930..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/RecipientInformationStore.java
+++ /dev/null

@@ -1,143 +0,0 @@
-package org.bouncycastle.cms;
-
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.util.*;
-import org.bouncycastle.util.Iterable;
-
-public class RecipientInformationStore
-    implements Iterable<RecipientInformation>
-{
-    private final List all; //ArrayList[RecipientInformation]
-    private final Map table = new HashMap(); // HashMap[RecipientID, ArrayList[RecipientInformation]]
-
-    /**
-     * Create a store containing a single RecipientInformation object.
-     *
-     * @param recipientInformation the signer information to contain.
-     */
-    public RecipientInformationStore(
-        RecipientInformation  recipientInformation)
-    {
-        this.all = new ArrayList(1);
-        this.all.add(recipientInformation);
-
-        RecipientId sid = recipientInformation.getRID();
-
-        table.put(sid, all);
-    }
-
-    public RecipientInformationStore(
-        Collection<RecipientInformation> recipientInfos)
-    {
-        Iterator it = recipientInfos.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipientInformation = (RecipientInformation)it.next();
-            RecipientId rid = recipientInformation.getRID();
-
-            List list = (ArrayList)table.get(rid);
-            if (list == null)
-            {
-                list = new ArrayList(1);
-                table.put(rid, list);
-            }
-
-            list.add(recipientInformation);
-        }
-
-        this.all = new ArrayList(recipientInfos);
-    }
-
-    /**
-     * Return the first RecipientInformation object that matches the
-     * passed in selector. Null if there are no matches.
-     *
-     * @param selector to identify a recipient
-     * @return a single RecipientInformation object. Null if none matches.
-     */
-    public RecipientInformation get(
-        RecipientId selector)
-    {
-        Collection list = getRecipients(selector);
-
-        return list.size() == 0 ? null : (RecipientInformation)list.iterator().next();
-    }
-
-    /**
-     * Return the number of recipients in the collection.
-     *
-     * @return number of recipients identified.
-     */
-    public int size()
-    {
-        return all.size();
-    }
-
-    /**
-     * Return all recipients in the collection
-     *
-     * @return a collection of recipients.
-     */
-    public Collection<RecipientInformation> getRecipients()
-    {
-        return new ArrayList(all);
-    }
-
-    /**
-     * Return possible empty collection with recipients matching the passed in RecipientId
-     *
-     * @param selector a recipient id to select against.
-     * @return a collection of RecipientInformation objects.
-     */
-    public Collection<Recipient> getRecipients(
-        RecipientId selector)
-    {
-        if (selector instanceof KeyTransRecipientId)
-        {
-            KeyTransRecipientId keyTrans = (KeyTransRecipientId)selector;
-
-            X500Name issuer = keyTrans.getIssuer();
-            byte[] subjectKeyId = keyTrans.getSubjectKeyIdentifier();
-
-            if (issuer != null && subjectKeyId != null)
-            {
-                List results = new ArrayList();
-
-                Collection match1 = getRecipients(new KeyTransRecipientId(issuer, keyTrans.getSerialNumber()));
-                if (match1 != null)
-                {
-                    results.addAll(match1);
-                }
-
-                Collection match2 = getRecipients(new KeyTransRecipientId(subjectKeyId));
-                if (match2 != null)
-                {
-                    results.addAll(match2);
-                }
-
-                return results;
-            }
-        }
-
-        List list = (ArrayList)table.get(selector);
-
-        return list == null ? new ArrayList() : new ArrayList(list);
-    }
-
-
-    /**
-     * Support method for Iterable where available.
-     */
-    public Iterator<RecipientInformation> iterator()
-    {
-        return getRecipients().iterator();
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/SignerInformationVerifierProvider.java b/bcpkix/src/main/java/org/bouncycastle/cms/SignerInformationVerifierProvider.java
deleted file mode 100644
index 5568b0e..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/SignerInformationVerifierProvider.java
+++ /dev/null

@@ -1,16 +0,0 @@
-package org.bouncycastle.cms;
-
-import org.bouncycastle.operator.OperatorCreationException;
-
-public interface SignerInformationVerifierProvider
-{
-    /**
-     * Return a SignerInformationVerifierProvider suitable for the passed in SID.
-     *
-     * @param sid the SignerId we are trying to match for.
-     * @return  a verifier if one is available, null otherwise.
-     * @throws OperatorCreationException if creation of the verifier fails when it should suceed.
-     */
-    public SignerInformationVerifier get(SignerId sid)
-          throws OperatorCreationException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcCMSContentEncryptorBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcCMSContentEncryptorBuilder.java
deleted file mode 100644
index 6395ac0..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcCMSContentEncryptorBuilder.java
+++ /dev/null

@@ -1,115 +0,0 @@
-package org.bouncycastle.cms.bc;
-
-import java.io.OutputStream;
-import java.security.SecureRandom;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cms.CMSAlgorithm;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.util.CipherFactory;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.OutputEncryptor;
-import org.bouncycastle.util.Integers;
-
-public class BcCMSContentEncryptorBuilder
-{
-    private static Map keySizes = new HashMap();
-
-    static
-    {
-        keySizes.put(CMSAlgorithm.AES128_CBC, Integers.valueOf(128));
-        keySizes.put(CMSAlgorithm.AES192_CBC, Integers.valueOf(192));
-        keySizes.put(CMSAlgorithm.AES256_CBC, Integers.valueOf(256));
-
-        keySizes.put(CMSAlgorithm.CAMELLIA128_CBC, Integers.valueOf(128));
-        keySizes.put(CMSAlgorithm.CAMELLIA192_CBC, Integers.valueOf(192));
-        keySizes.put(CMSAlgorithm.CAMELLIA256_CBC, Integers.valueOf(256));
-    }
-
-    private static int getKeySize(ASN1ObjectIdentifier oid)
-    {
-        Integer size = (Integer)keySizes.get(oid);
-
-        if (size != null)
-        {
-            return size.intValue();
-        }
-
-        return -1;
-    }
-
-    private final ASN1ObjectIdentifier encryptionOID;
-    private final int                  keySize;
-
-    private EnvelopedDataHelper helper = new EnvelopedDataHelper();
-    private SecureRandom random;
-
-    public BcCMSContentEncryptorBuilder(ASN1ObjectIdentifier encryptionOID)
-    {
-        this(encryptionOID, getKeySize(encryptionOID));
-    }
-
-    public BcCMSContentEncryptorBuilder(ASN1ObjectIdentifier encryptionOID, int keySize)
-    {
-        this.encryptionOID = encryptionOID;
-        this.keySize = keySize;
-    }
-
-    public BcCMSContentEncryptorBuilder setSecureRandom(SecureRandom random)
-    {
-        this.random = random;
-
-        return this;
-    }
-
-    public OutputEncryptor build()
-        throws CMSException
-    {
-        return new CMSOutputEncryptor(encryptionOID, keySize, random);
-    }
-
-    private class CMSOutputEncryptor
-        implements OutputEncryptor
-    {
-        private KeyParameter encKey;
-        private AlgorithmIdentifier algorithmIdentifier;
-        private Object             cipher;
-
-        CMSOutputEncryptor(ASN1ObjectIdentifier encryptionOID, int keySize, SecureRandom random)
-            throws CMSException
-        {
-            if (random == null)
-            {
-                random = new SecureRandom();
-            }
-
-            CipherKeyGenerator keyGen = helper.createKeyGenerator(encryptionOID, random);
-
-            encKey = new KeyParameter(keyGen.generateKey());
-
-            algorithmIdentifier = helper.generateEncryptionAlgID(encryptionOID, encKey, random);
-
-            cipher = EnvelopedDataHelper.createContentCipher(true, encKey, algorithmIdentifier);
-        }
-
-        public AlgorithmIdentifier getAlgorithmIdentifier()
-        {
-            return algorithmIdentifier;
-        }
-
-        public OutputStream getOutputStream(OutputStream dOut)
-        {
-            return CipherFactory.createOutputStream(dOut, cipher);
-        }
-
-        public GenericKey getKey()
-        {
-            return new GenericKey(algorithmIdentifier, encKey.getKey());
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcKEKEnvelopedRecipient.java b/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcKEKEnvelopedRecipient.java
deleted file mode 100644
index 5641d82..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcKEKEnvelopedRecipient.java
+++ /dev/null

@@ -1,49 +0,0 @@
-package org.bouncycastle.cms.bc;
-
-import java.io.InputStream;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.RecipientOperator;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.StreamCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.operator.InputDecryptor;
-import org.bouncycastle.operator.bc.BcSymmetricKeyUnwrapper;
-
-public class BcKEKEnvelopedRecipient
-    extends BcKEKRecipient
-{
-    public BcKEKEnvelopedRecipient(BcSymmetricKeyUnwrapper unwrapper)
-    {
-        super(unwrapper);
-    }
-
-    public RecipientOperator getRecipientOperator(AlgorithmIdentifier keyEncryptionAlgorithm, final AlgorithmIdentifier contentEncryptionAlgorithm, byte[] encryptedContentEncryptionKey)
-        throws CMSException
-    {
-        KeyParameter secretKey = (KeyParameter)extractSecretKey(keyEncryptionAlgorithm, contentEncryptionAlgorithm, encryptedContentEncryptionKey);
-
-        final Object dataCipher = EnvelopedDataHelper.createContentCipher(false, secretKey, contentEncryptionAlgorithm);
-
-        return new RecipientOperator(new InputDecryptor()
-        {
-            public AlgorithmIdentifier getAlgorithmIdentifier()
-            {
-                return contentEncryptionAlgorithm;
-            }
-
-            public InputStream getInputStream(InputStream dataOut)
-            {
-                if (dataCipher instanceof BufferedBlockCipher)
-                {
-                    return new org.bouncycastle.crypto.io.CipherInputStream(dataOut, (BufferedBlockCipher)dataCipher);
-                }
-                else
-                {
-                    return new org.bouncycastle.crypto.io.CipherInputStream(dataOut, (StreamCipher)dataCipher);
-                }
-            }
-        });
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcKEKRecipient.java b/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcKEKRecipient.java
deleted file mode 100644
index a7d5eb7..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcKEKRecipient.java
+++ /dev/null

@@ -1,33 +0,0 @@
-package org.bouncycastle.cms.bc;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.KEKRecipient;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.operator.OperatorException;
-import org.bouncycastle.operator.SymmetricKeyUnwrapper;
-import org.bouncycastle.operator.bc.BcSymmetricKeyUnwrapper;
-
-public abstract class BcKEKRecipient
-    implements KEKRecipient
-{
-    private SymmetricKeyUnwrapper unwrapper;
-
-    public BcKEKRecipient(BcSymmetricKeyUnwrapper unwrapper)
-    {
-        this.unwrapper = unwrapper;
-    }
-
-    protected CipherParameters extractSecretKey(AlgorithmIdentifier keyEncryptionAlgorithm, AlgorithmIdentifier contentEncryptionAlgorithm, byte[] encryptedContentEncryptionKey)
-        throws CMSException
-    {
-        try
-        {
-            return CMSUtils.getBcKey(unwrapper.generateUnwrappedKey(contentEncryptionAlgorithm, encryptedContentEncryptionKey));
-        }
-        catch (OperatorException e)
-        {
-            throw new CMSException("exception unwrapping key: " + e.getMessage(), e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcKEKRecipientInfoGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcKEKRecipientInfoGenerator.java
deleted file mode 100644
index 309ad64..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcKEKRecipientInfoGenerator.java
+++ /dev/null

@@ -1,19 +0,0 @@
-package org.bouncycastle.cms.bc;
-
-import org.bouncycastle.asn1.cms.KEKIdentifier;
-import org.bouncycastle.cms.KEKRecipientInfoGenerator;
-import org.bouncycastle.operator.bc.BcSymmetricKeyWrapper;
-
-public class BcKEKRecipientInfoGenerator
-    extends KEKRecipientInfoGenerator
-{
-    public BcKEKRecipientInfoGenerator(KEKIdentifier kekIdentifier, BcSymmetricKeyWrapper kekWrapper)
-    {
-        super(kekIdentifier, kekWrapper);
-    }
-
-    public BcKEKRecipientInfoGenerator(byte[] keyIdentifier, BcSymmetricKeyWrapper kekWrapper)
-    {
-        this(new KEKIdentifier(keyIdentifier, null, null), kekWrapper);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcKeyTransRecipient.java b/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcKeyTransRecipient.java
deleted file mode 100644
index 8c69885..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcKeyTransRecipient.java
+++ /dev/null

@@ -1,36 +0,0 @@
-package org.bouncycastle.cms.bc;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.KeyTransRecipient;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.operator.AsymmetricKeyUnwrapper;
-import org.bouncycastle.operator.OperatorException;
-import org.bouncycastle.operator.bc.BcRSAAsymmetricKeyUnwrapper;
-
-public abstract class BcKeyTransRecipient
-    implements KeyTransRecipient
-{
-    private AsymmetricKeyParameter recipientKey;
-
-    public BcKeyTransRecipient(AsymmetricKeyParameter recipientKey)
-    {
-        this.recipientKey = recipientKey;
-    }
-
-    protected CipherParameters extractSecretKey(AlgorithmIdentifier keyEncryptionAlgorithm, AlgorithmIdentifier encryptedKeyAlgorithm, byte[] encryptedEncryptionKey)
-        throws CMSException
-    {
-        AsymmetricKeyUnwrapper unwrapper = new BcRSAAsymmetricKeyUnwrapper(keyEncryptionAlgorithm, recipientKey);
-
-        try
-        {
-            return CMSUtils.getBcKey(unwrapper.generateUnwrappedKey(encryptedKeyAlgorithm, encryptedEncryptionKey));
-        }
-        catch (OperatorException e)
-        {
-            throw new CMSException("exception unwrapping key: " + e.getMessage(), e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcKeyTransRecipientInfoGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcKeyTransRecipientInfoGenerator.java
deleted file mode 100644
index eebbbda..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcKeyTransRecipientInfoGenerator.java
+++ /dev/null

@@ -1,20 +0,0 @@
-package org.bouncycastle.cms.bc;
-
-import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cms.KeyTransRecipientInfoGenerator;
-import org.bouncycastle.operator.bc.BcAsymmetricKeyWrapper;
-
-public abstract class BcKeyTransRecipientInfoGenerator
-    extends KeyTransRecipientInfoGenerator
-{
-    public BcKeyTransRecipientInfoGenerator(X509CertificateHolder recipientCert, BcAsymmetricKeyWrapper wrapper)
-    {
-        super(new IssuerAndSerialNumber(recipientCert.toASN1Structure()), wrapper);
-    }
-
-    public BcKeyTransRecipientInfoGenerator(byte[] subjectKeyIdentifier, BcAsymmetricKeyWrapper wrapper)
-    {
-        super(subjectKeyIdentifier, wrapper);
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcPasswordEnvelopedRecipient.java b/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcPasswordEnvelopedRecipient.java
deleted file mode 100644
index d3d38cf..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcPasswordEnvelopedRecipient.java
+++ /dev/null

@@ -1,49 +0,0 @@
-package org.bouncycastle.cms.bc;
-
-import java.io.InputStream;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.RecipientOperator;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.StreamCipher;
-import org.bouncycastle.crypto.io.CipherInputStream;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.operator.InputDecryptor;
-
-public class BcPasswordEnvelopedRecipient
-    extends BcPasswordRecipient
-{
-    public BcPasswordEnvelopedRecipient(char[] password)
-    {
-        super(password);
-    }
-
-    public RecipientOperator getRecipientOperator(AlgorithmIdentifier keyEncryptionAlgorithm, final AlgorithmIdentifier contentEncryptionAlgorithm, byte[] derivedKey, byte[] encryptedContentEncryptionKey)
-        throws CMSException
-    {
-        KeyParameter secretKey = extractSecretKey(keyEncryptionAlgorithm, contentEncryptionAlgorithm, derivedKey, encryptedContentEncryptionKey);
-
-        final Object dataCipher = EnvelopedDataHelper.createContentCipher(false, secretKey, contentEncryptionAlgorithm);
-
-        return new RecipientOperator(new InputDecryptor()
-        {
-            public AlgorithmIdentifier getAlgorithmIdentifier()
-            {
-                return contentEncryptionAlgorithm;
-            }
-
-            public InputStream getInputStream(InputStream dataOut)
-            {
-                if (dataCipher instanceof BufferedBlockCipher)
-                {
-                    return new CipherInputStream(dataOut, (BufferedBlockCipher)dataCipher);
-                }
-                else
-                {
-                    return new CipherInputStream(dataOut, (StreamCipher)dataCipher);
-                }
-            }
-        });
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcPasswordRecipient.java b/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcPasswordRecipient.java
deleted file mode 100644
index 5aca526..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcPasswordRecipient.java
+++ /dev/null

@@ -1,85 +0,0 @@
-package org.bouncycastle.cms.bc;
-
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.pkcs.PBKDF2Params;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.PasswordRecipient;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.PBEParametersGenerator;
-import org.bouncycastle.crypto.Wrapper;
-import org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-
-/**
- * the RecipientInfo class for a recipient who has been sent a message
- * encrypted using a password.
- */
-public abstract class BcPasswordRecipient
-    implements PasswordRecipient
-{
-    private final char[] password;
-
-    private int schemeID = PasswordRecipient.PKCS5_SCHEME2_UTF8;
-
-    BcPasswordRecipient(
-        char[] password)
-    {
-        this.password = password;
-    }
-
-    public BcPasswordRecipient setPasswordConversionScheme(int schemeID)
-    {
-        this.schemeID = schemeID;
-
-        return this;
-    }
-
-    protected KeyParameter extractSecretKey(AlgorithmIdentifier keyEncryptionAlgorithm, AlgorithmIdentifier contentEncryptionAlgorithm, byte[] derivedKey, byte[] encryptedContentEncryptionKey)
-        throws CMSException
-    {
-        Wrapper keyEncryptionCipher = EnvelopedDataHelper.createRFC3211Wrapper(keyEncryptionAlgorithm.getAlgorithm());
-
-        keyEncryptionCipher.init(false, new ParametersWithIV(new KeyParameter(derivedKey), ASN1OctetString.getInstance(keyEncryptionAlgorithm.getParameters()).getOctets()));
-
-        try
-        {
-            return new KeyParameter(keyEncryptionCipher.unwrap(encryptedContentEncryptionKey, 0, encryptedContentEncryptionKey.length));
-        }
-        catch (InvalidCipherTextException e)
-        {
-            throw new CMSException("unable to unwrap key: " + e.getMessage(), e);
-        }
-    }
-
-    public byte[] calculateDerivedKey(int schemeID, AlgorithmIdentifier derivationAlgorithm, int keySize)
-        throws CMSException
-    {
-        PBKDF2Params params = PBKDF2Params.getInstance(derivationAlgorithm.getParameters());
-        byte[] encodedPassword = (schemeID == PasswordRecipient.PKCS5_SCHEME2) ? PBEParametersGenerator.PKCS5PasswordToBytes(password) : PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(password);
-
-        try
-        {
-            PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator(EnvelopedDataHelper.getPRF(params.getPrf()));
-
-            gen.init(encodedPassword, params.getSalt(), params.getIterationCount().intValue());
-
-            return ((KeyParameter)gen.generateDerivedParameters(keySize)).getKey();
-        }
-        catch (Exception e)
-        {
-            throw new CMSException("exception creating derived key: " + e.getMessage(), e);
-        }
-    }
-
-    public int getPasswordConversionScheme()
-    {
-        return schemeID;
-    }
-
-    public char[] getPassword()
-    {
-        return password;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcPasswordRecipientInfoGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcPasswordRecipientInfoGenerator.java
deleted file mode 100644
index 48cdcbf..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcPasswordRecipientInfoGenerator.java
+++ /dev/null

@@ -1,55 +0,0 @@
-package org.bouncycastle.cms.bc;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.pkcs.PBKDF2Params;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.PasswordRecipient;
-import org.bouncycastle.cms.PasswordRecipientInfoGenerator;
-import org.bouncycastle.crypto.PBEParametersGenerator;
-import org.bouncycastle.crypto.Wrapper;
-import org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.operator.GenericKey;
-
-public class BcPasswordRecipientInfoGenerator
-    extends PasswordRecipientInfoGenerator
-{
-    public BcPasswordRecipientInfoGenerator(ASN1ObjectIdentifier kekAlgorithm, char[] password)
-    {
-        super(kekAlgorithm, password);
-    }
-
-    protected byte[] calculateDerivedKey(int schemeID, AlgorithmIdentifier derivationAlgorithm, int keySize)
-        throws CMSException
-    {
-        PBKDF2Params params = PBKDF2Params.getInstance(derivationAlgorithm.getParameters());
-        byte[] encodedPassword = (schemeID == PasswordRecipient.PKCS5_SCHEME2) ? PBEParametersGenerator.PKCS5PasswordToBytes(password) : PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(password);
-
-        try
-        {
-            PKCS5S2ParametersGenerator gen = new PKCS5S2ParametersGenerator(EnvelopedDataHelper.getPRF(params.getPrf()));
-
-            gen.init(encodedPassword, params.getSalt(), params.getIterationCount().intValue());
-
-            return ((KeyParameter)gen.generateDerivedParameters(keySize)).getKey();
-        }
-        catch (Exception e)
-        {
-            throw new CMSException("exception creating derived key: " + e.getMessage(), e);
-        }
-    }
-
-    public byte[] generateEncryptedBytes(AlgorithmIdentifier keyEncryptionAlgorithm, byte[] derivedKey, GenericKey contentEncryptionKey)
-        throws CMSException
-    {
-        byte[] contentEncryptionKeySpec = ((KeyParameter)CMSUtils.getBcKey(contentEncryptionKey)).getKey();
-        Wrapper keyEncryptionCipher = EnvelopedDataHelper.createRFC3211Wrapper(keyEncryptionAlgorithm.getAlgorithm());
-
-        keyEncryptionCipher.init(true, new ParametersWithIV(new KeyParameter(derivedKey), ASN1OctetString.getInstance(keyEncryptionAlgorithm.getParameters()).getOctets()));
-
-        return keyEncryptionCipher.wrap(contentEncryptionKeySpec, 0, contentEncryptionKeySpec.length);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcRSAKeyTransEnvelopedRecipient.java b/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcRSAKeyTransEnvelopedRecipient.java
deleted file mode 100644
index ed933fe..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcRSAKeyTransEnvelopedRecipient.java
+++ /dev/null

@@ -1,50 +0,0 @@
-package org.bouncycastle.cms.bc;
-
-import java.io.InputStream;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.RecipientOperator;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.StreamCipher;
-import org.bouncycastle.crypto.io.CipherInputStream;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.operator.InputDecryptor;
-
-public class BcRSAKeyTransEnvelopedRecipient
-    extends BcKeyTransRecipient
-{
-    public BcRSAKeyTransEnvelopedRecipient(AsymmetricKeyParameter key)
-    {
-        super(key);
-    }
-
-    public RecipientOperator getRecipientOperator(AlgorithmIdentifier keyEncryptionAlgorithm, final AlgorithmIdentifier contentEncryptionAlgorithm, byte[] encryptedContentEncryptionKey)
-        throws CMSException
-    {
-        CipherParameters secretKey = extractSecretKey(keyEncryptionAlgorithm, contentEncryptionAlgorithm, encryptedContentEncryptionKey);
-
-        final Object dataCipher = EnvelopedDataHelper.createContentCipher(false, secretKey, contentEncryptionAlgorithm);
-
-        return new RecipientOperator(new InputDecryptor()
-        {
-            public AlgorithmIdentifier getAlgorithmIdentifier()
-            {
-                return contentEncryptionAlgorithm;
-            }
-
-            public InputStream getInputStream(InputStream dataIn)
-            {
-                if (dataCipher instanceof BufferedBlockCipher)
-                {
-                    return new CipherInputStream(dataIn, (BufferedBlockCipher)dataCipher);
-                }
-                else
-                {
-                    return new CipherInputStream(dataIn, (StreamCipher)dataCipher);
-                }
-            }
-        });
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcRSAKeyTransRecipientInfoGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcRSAKeyTransRecipientInfoGenerator.java
deleted file mode 100644
index 92cfd16..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcRSAKeyTransRecipientInfoGenerator.java
+++ /dev/null

@@ -1,23 +0,0 @@
-package org.bouncycastle.cms.bc;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.operator.bc.BcRSAAsymmetricKeyWrapper;
-
-public class BcRSAKeyTransRecipientInfoGenerator
-    extends BcKeyTransRecipientInfoGenerator
-{
-    public BcRSAKeyTransRecipientInfoGenerator(byte[] subjectKeyIdentifier, AlgorithmIdentifier encAlgId, AsymmetricKeyParameter publicKey)
-    {
-        super(subjectKeyIdentifier, new BcRSAAsymmetricKeyWrapper(encAlgId, publicKey));
-    }
-
-    public BcRSAKeyTransRecipientInfoGenerator(X509CertificateHolder recipientCert)
-        throws IOException
-    {
-        super(recipientCert, new BcRSAAsymmetricKeyWrapper(recipientCert.getSubjectPublicKeyInfo().getAlgorithm(), recipientCert.getSubjectPublicKeyInfo()));
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcRSASignerInfoVerifierBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcRSASignerInfoVerifierBuilder.java
deleted file mode 100644
index 93abd65..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/bc/BcRSASignerInfoVerifierBuilder.java
+++ /dev/null

@@ -1,39 +0,0 @@
-package org.bouncycastle.cms.bc;
-
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cms.CMSSignatureAlgorithmNameGenerator;
-import org.bouncycastle.cms.SignerInformationVerifier;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.operator.DigestAlgorithmIdentifierFinder;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.SignatureAlgorithmIdentifierFinder;
-import org.bouncycastle.operator.bc.BcRSAContentVerifierProviderBuilder;
-
-public class BcRSASignerInfoVerifierBuilder
-{
-    private BcRSAContentVerifierProviderBuilder contentVerifierProviderBuilder;
-    private DigestCalculatorProvider digestCalculatorProvider;
-    private CMSSignatureAlgorithmNameGenerator sigAlgNameGen;
-    private SignatureAlgorithmIdentifierFinder sigAlgIdFinder;
-
-    public BcRSASignerInfoVerifierBuilder(CMSSignatureAlgorithmNameGenerator sigAlgNameGen, SignatureAlgorithmIdentifierFinder sigAlgIdFinder, DigestAlgorithmIdentifierFinder digestAlgorithmFinder, DigestCalculatorProvider digestCalculatorProvider)
-    {
-        this.sigAlgNameGen = sigAlgNameGen;
-        this.sigAlgIdFinder = sigAlgIdFinder;
-        this.contentVerifierProviderBuilder = new BcRSAContentVerifierProviderBuilder(digestAlgorithmFinder);
-        this.digestCalculatorProvider = digestCalculatorProvider;
-    }
-
-    public SignerInformationVerifier build(X509CertificateHolder certHolder)
-        throws OperatorCreationException
-    {
-        return new SignerInformationVerifier(sigAlgNameGen, sigAlgIdFinder, contentVerifierProviderBuilder.build(certHolder), digestCalculatorProvider);
-    }
-
-    public SignerInformationVerifier build(AsymmetricKeyParameter pubKey)
-        throws OperatorCreationException
-    {
-        return new SignerInformationVerifier(sigAlgNameGen, sigAlgIdFinder, contentVerifierProviderBuilder.build(pubKey), digestCalculatorProvider);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/bc/CMSUtils.java b/bcpkix/src/main/java/org/bouncycastle/cms/bc/CMSUtils.java
deleted file mode 100644
index 8beb36a..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/bc/CMSUtils.java
+++ /dev/null

@@ -1,23 +0,0 @@
-package org.bouncycastle.cms.bc;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.operator.GenericKey;
-
-class CMSUtils
-{
-    static CipherParameters getBcKey(GenericKey key)
-    {
-        if (key.getRepresentation() instanceof CipherParameters)
-        {
-            return (CipherParameters)key.getRepresentation();
-        }
-
-        if (key.getRepresentation() instanceof byte[])
-        {
-            return new KeyParameter((byte[])key.getRepresentation());
-        }
-
-        throw new IllegalArgumentException("unknown generic key type");
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/bc/EnvelopedDataHelper.java b/bcpkix/src/main/java/org/bouncycastle/cms/bc/EnvelopedDataHelper.java
deleted file mode 100644
index 3eebc95..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/bc/EnvelopedDataHelper.java
+++ /dev/null

@@ -1,175 +0,0 @@
-package org.bouncycastle.cms.bc;
-
-import java.security.SecureRandom;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cms.CMSAlgorithm;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.ExtendedDigest;
-import org.bouncycastle.crypto.Wrapper;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA224Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA384Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.engines.AESEngine;
-import org.bouncycastle.crypto.engines.DESEngine;
-import org.bouncycastle.crypto.engines.DESedeEngine;
-import org.bouncycastle.crypto.engines.RC2Engine;
-import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.util.AlgorithmIdentifierFactory;
-import org.bouncycastle.crypto.util.CipherFactory;
-import org.bouncycastle.crypto.util.CipherKeyGeneratorFactory;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.bc.BcDigestProvider;
-
-class EnvelopedDataHelper
-{
-    protected static final Map BASE_CIPHER_NAMES = new HashMap();
-    protected static final Map MAC_ALG_NAMES = new HashMap();
-
-    private static final Map prfs = createTable();
-
-    private static Map createTable()
-    {
-        Map table = new HashMap();
-
-        table.put(PKCSObjectIdentifiers.id_hmacWithSHA1, new BcDigestProvider()
-        {
-            public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
-            {
-                return new SHA1Digest();
-            }
-        });
-        table.put(PKCSObjectIdentifiers.id_hmacWithSHA224, new BcDigestProvider()
-        {
-            public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
-            {
-                return new SHA224Digest();
-            }
-        });
-        table.put(PKCSObjectIdentifiers.id_hmacWithSHA256, new BcDigestProvider()
-        {
-            public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
-            {
-                return new SHA256Digest();
-            }
-        });
-        table.put(PKCSObjectIdentifiers.id_hmacWithSHA384, new BcDigestProvider()
-        {
-            public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
-            {
-                return new SHA384Digest();
-            }
-        });
-        table.put(PKCSObjectIdentifiers.id_hmacWithSHA512, new BcDigestProvider()
-        {
-            public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
-            {
-                return new SHA512Digest();
-            }
-        });
-
-        return Collections.unmodifiableMap(table);
-    }
-
-    static
-    {
-        BASE_CIPHER_NAMES.put(CMSAlgorithm.DES_EDE3_CBC, "DESEDE");
-        BASE_CIPHER_NAMES.put(CMSAlgorithm.AES128_CBC, "AES");
-        BASE_CIPHER_NAMES.put(CMSAlgorithm.AES192_CBC, "AES");
-        BASE_CIPHER_NAMES.put(CMSAlgorithm.AES256_CBC, "AES");
-
-        MAC_ALG_NAMES.put(CMSAlgorithm.DES_EDE3_CBC, "DESEDEMac");
-        MAC_ALG_NAMES.put(CMSAlgorithm.AES128_CBC, "AESMac");
-        MAC_ALG_NAMES.put(CMSAlgorithm.AES192_CBC, "AESMac");
-        MAC_ALG_NAMES.put(CMSAlgorithm.AES256_CBC, "AESMac");
-        MAC_ALG_NAMES.put(CMSAlgorithm.RC2_CBC, "RC2Mac");
-    }
-
-    EnvelopedDataHelper()
-    {
-    }
-
-    static ExtendedDigest getPRF(AlgorithmIdentifier algID)
-        throws OperatorCreationException
-    {
-        return ((BcDigestProvider)prfs.get(algID.getAlgorithm())).get(null);
-    }
-
-    static Wrapper createRFC3211Wrapper(ASN1ObjectIdentifier algorithm)
-        throws CMSException
-    {
-        if (NISTObjectIdentifiers.id_aes128_CBC.equals(algorithm)
-            || NISTObjectIdentifiers.id_aes192_CBC.equals(algorithm)
-            || NISTObjectIdentifiers.id_aes256_CBC.equals(algorithm))
-        {
-            return new RFC3211WrapEngine(new AESEngine());
-        }
-        else if (PKCSObjectIdentifiers.des_EDE3_CBC.equals(algorithm))
-        {
-            return new RFC3211WrapEngine(new DESedeEngine());
-        }
-        else if (OIWObjectIdentifiers.desCBC.equals(algorithm))
-        {
-            return new RFC3211WrapEngine(new DESEngine());
-        }
-        else if (PKCSObjectIdentifiers.RC2_CBC.equals(algorithm))
-        {
-            return new RFC3211WrapEngine(new RC2Engine());
-        }
-        else
-        {
-            throw new CMSException("cannot recognise wrapper: " + algorithm);
-        }
-    }
-
-    static Object createContentCipher(boolean forEncryption, CipherParameters encKey, AlgorithmIdentifier encryptionAlgID)
-        throws CMSException
-    {
-        try
-        {
-            return CipherFactory.createContentCipher(forEncryption, encKey, encryptionAlgID);
-        }
-        catch (IllegalArgumentException e)
-        {
-            throw new CMSException(e.getMessage(), e);
-        }
-    }
-
-    AlgorithmIdentifier generateEncryptionAlgID(ASN1ObjectIdentifier encryptionOID, KeyParameter encKey, SecureRandom random)
-        throws CMSException
-    {
-        try
-        {
-            return AlgorithmIdentifierFactory.generateEncryptionAlgID(encryptionOID, encKey.getKey().length * 8, random);
-        }
-        catch (IllegalArgumentException e)
-        {
-            throw new CMSException(e.getMessage(), e);
-        }
-    }
-
-    CipherKeyGenerator createKeyGenerator(ASN1ObjectIdentifier algorithm, SecureRandom random)
-        throws CMSException
-    {
-        try
-        {
-            return CipherKeyGeneratorFactory.createKeyGenerator(algorithm, random);
-        }
-        catch (IllegalArgumentException e)
-        {
-            throw new CMSException(e.getMessage(), e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/CMSUtils.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/CMSUtils.java
deleted file mode 100644
index df62fd6..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/CMSUtils.java
+++ /dev/null

@@ -1,149 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.io.IOException;
-import java.security.AlgorithmParameters;
-import java.security.Provider;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.X509Certificate;
-import java.util.HashSet;
-import java.util.Set;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.asn1.sec.SECObjectIdentifiers;
-import org.bouncycastle.asn1.x509.Certificate;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.jcajce.util.AlgorithmParametersUtils;
-
-class CMSUtils
-{
-    private static final Set mqvAlgs = new HashSet();
-    private static final Set ecAlgs = new HashSet();
-    private static final Set gostAlgs = new HashSet();
-
-    static
-    {
-        mqvAlgs.add(X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme);
-        mqvAlgs.add(SECObjectIdentifiers.mqvSinglePass_sha224kdf_scheme);
-        mqvAlgs.add(SECObjectIdentifiers.mqvSinglePass_sha256kdf_scheme);
-        mqvAlgs.add(SECObjectIdentifiers.mqvSinglePass_sha384kdf_scheme);
-        mqvAlgs.add(SECObjectIdentifiers.mqvSinglePass_sha512kdf_scheme);
-
-        ecAlgs.add(X9ObjectIdentifiers.dhSinglePass_cofactorDH_sha1kdf_scheme);
-        ecAlgs.add(X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme);
-        ecAlgs.add(SECObjectIdentifiers.dhSinglePass_cofactorDH_sha224kdf_scheme);
-        ecAlgs.add(SECObjectIdentifiers.dhSinglePass_stdDH_sha224kdf_scheme);
-        ecAlgs.add(SECObjectIdentifiers.dhSinglePass_cofactorDH_sha256kdf_scheme);
-        ecAlgs.add(SECObjectIdentifiers.dhSinglePass_stdDH_sha256kdf_scheme);
-        ecAlgs.add(SECObjectIdentifiers.dhSinglePass_cofactorDH_sha384kdf_scheme);
-        ecAlgs.add(SECObjectIdentifiers.dhSinglePass_stdDH_sha384kdf_scheme);
-        ecAlgs.add(SECObjectIdentifiers.dhSinglePass_cofactorDH_sha512kdf_scheme);
-        ecAlgs.add(SECObjectIdentifiers.dhSinglePass_stdDH_sha512kdf_scheme);
-
-        gostAlgs.add(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_ESDH);
-        gostAlgs.add(CryptoProObjectIdentifiers.gostR3410_2001);
-        gostAlgs.add(RosstandartObjectIdentifiers.id_tc26_agreement_gost_3410_12_256);
-        gostAlgs.add(RosstandartObjectIdentifiers.id_tc26_agreement_gost_3410_12_512);
-        gostAlgs.add(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256);
-        gostAlgs.add(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512);
-    }
-
-    static boolean isMQV(ASN1ObjectIdentifier algorithm)
-    {
-        return mqvAlgs.contains(algorithm);
-    }
-
-    static boolean isEC(ASN1ObjectIdentifier algorithm)
-    {
-        return ecAlgs.contains(algorithm);
-    }
-
-    static boolean isGOST(ASN1ObjectIdentifier algorithm)
-    {
-        return gostAlgs.contains(algorithm);
-    }
-
-    static boolean isRFC2631(ASN1ObjectIdentifier algorithm)
-    {
-        return algorithm.equals(PKCSObjectIdentifiers.id_alg_ESDH) || algorithm.equals(PKCSObjectIdentifiers.id_alg_SSDH);
-    }
-
-    static IssuerAndSerialNumber getIssuerAndSerialNumber(X509Certificate cert)
-        throws CertificateEncodingException
-    {
-        Certificate certStruct = Certificate.getInstance(cert.getEncoded());
-
-        return new IssuerAndSerialNumber(certStruct.getIssuer(), cert.getSerialNumber());
-    }
-
-    static byte[] getSubjectKeyId(X509Certificate cert)
-    {
-        byte[] ext = cert.getExtensionValue(Extension.subjectKeyIdentifier.getId());
-
-        if (ext != null)
-        {
-            return ASN1OctetString.getInstance(ASN1OctetString.getInstance(ext).getOctets()).getOctets();
-        }
-        else
-        {
-            return null;
-        }
-    }
-
-    static EnvelopedDataHelper createContentHelper(Provider provider)
-    {
-        if (provider != null)
-        {
-            return new EnvelopedDataHelper(new ProviderJcaJceExtHelper(provider));
-        }
-        else
-        {
-            return new EnvelopedDataHelper(new DefaultJcaJceExtHelper());
-        }
-    }
-
-    static EnvelopedDataHelper createContentHelper(String providerName)
-    {
-        if (providerName != null)
-        {
-            return new EnvelopedDataHelper(new NamedJcaJceExtHelper(providerName));
-        }
-        else
-        {
-            return new EnvelopedDataHelper(new DefaultJcaJceExtHelper());
-        }
-    }
-
-    static ASN1Encodable extractParameters(AlgorithmParameters params)
-        throws CMSException
-    {
-        try
-        {
-            return AlgorithmParametersUtils.extractParameters(params);
-        }
-        catch (IOException e)
-        {
-            throw new CMSException("cannot extract parameters: " + e.getMessage(), e);
-        }
-    }
-
-    static void loadParameters(AlgorithmParameters params, ASN1Encodable sParams)
-        throws CMSException
-    {
-        try
-        {
-            AlgorithmParametersUtils.loadParameters(params, sParams);
-        }
-        catch (IOException e)
-        {
-            throw new CMSException("error encoding algorithm parameters.", e);
-        }
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/DefaultJcaJceExtHelper.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/DefaultJcaJceExtHelper.java
deleted file mode 100644
index c2a753c..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/DefaultJcaJceExtHelper.java
+++ /dev/null

@@ -1,32 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.security.PrivateKey;
-
-import javax.crypto.SecretKey;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
-import org.bouncycastle.operator.SymmetricKeyUnwrapper;
-import org.bouncycastle.operator.jcajce.JceAsymmetricKeyUnwrapper;
-import org.bouncycastle.operator.jcajce.JceKTSKeyUnwrapper;
-import org.bouncycastle.operator.jcajce.JceSymmetricKeyUnwrapper;
-
-class DefaultJcaJceExtHelper
-    extends DefaultJcaJceHelper
-    implements JcaJceExtHelper
-{
-    public JceAsymmetricKeyUnwrapper createAsymmetricUnwrapper(AlgorithmIdentifier keyEncryptionAlgorithm, PrivateKey keyEncryptionKey)
-    {
-        return new JceAsymmetricKeyUnwrapper(keyEncryptionAlgorithm, keyEncryptionKey);
-    }
-
-    public JceKTSKeyUnwrapper createAsymmetricUnwrapper(AlgorithmIdentifier keyEncryptionAlgorithm, PrivateKey keyEncryptionKey, byte[] partyUInfo, byte[] partyVInfo)
-    {
-        return new JceKTSKeyUnwrapper(keyEncryptionAlgorithm, keyEncryptionKey, partyUInfo, partyVInfo);
-    }
-
-    public SymmetricKeyUnwrapper createSymmetricUnwrapper(AlgorithmIdentifier keyEncryptionAlgorithm, SecretKey keyEncryptionKey)
-    {
-        return new JceSymmetricKeyUnwrapper(keyEncryptionAlgorithm, keyEncryptionKey);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/EnvelopedDataHelper.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/EnvelopedDataHelper.java
deleted file mode 100644
index b2ddf01..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/EnvelopedDataHelper.java
+++ /dev/null

@@ -1,722 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.security.AlgorithmParameterGenerator;
-import java.security.AlgorithmParameters;
-import java.security.GeneralSecurityException;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.KeyFactory;
-import java.security.KeyPairGenerator;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PrivateKey;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.InvalidParameterSpecException;
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.crypto.Cipher;
-import javax.crypto.KeyAgreement;
-import javax.crypto.KeyGenerator;
-import javax.crypto.Mac;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.PBEKeySpec;
-import javax.crypto.spec.RC2ParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Null;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PBKDF2Params;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.RC2CBCParameter;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cms.CMSAlgorithm;
-import org.bouncycastle.cms.CMSEnvelopedDataGenerator;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.PasswordRecipient;
-import org.bouncycastle.operator.DefaultSecretKeySizeProvider;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.SecretKeySizeProvider;
-import org.bouncycastle.operator.SymmetricKeyUnwrapper;
-import org.bouncycastle.operator.jcajce.JceAsymmetricKeyUnwrapper;
-import org.bouncycastle.operator.jcajce.JceKTSKeyUnwrapper;
-
-public class EnvelopedDataHelper
-{
-    protected static final SecretKeySizeProvider KEY_SIZE_PROVIDER = DefaultSecretKeySizeProvider.INSTANCE;
-
-    protected static final Map BASE_CIPHER_NAMES = new HashMap();
-    protected static final Map CIPHER_ALG_NAMES = new HashMap();
-    protected static final Map MAC_ALG_NAMES = new HashMap();
-
-    private static final Map PBKDF2_ALG_NAMES = new HashMap();
-
-    static
-    {
-        BASE_CIPHER_NAMES.put(CMSAlgorithm.DES_CBC,  "DES");
-        BASE_CIPHER_NAMES.put(CMSAlgorithm.DES_EDE3_CBC,  "DESEDE");
-        BASE_CIPHER_NAMES.put(CMSAlgorithm.AES128_CBC,  "AES");
-        BASE_CIPHER_NAMES.put(CMSAlgorithm.AES192_CBC,  "AES");
-        BASE_CIPHER_NAMES.put(CMSAlgorithm.AES256_CBC,  "AES");
-        BASE_CIPHER_NAMES.put(CMSAlgorithm.RC2_CBC,  "RC2");
-        BASE_CIPHER_NAMES.put(CMSAlgorithm.CAST5_CBC, "CAST5");
-        BASE_CIPHER_NAMES.put(CMSAlgorithm.CAMELLIA128_CBC, "Camellia");
-        BASE_CIPHER_NAMES.put(CMSAlgorithm.CAMELLIA192_CBC, "Camellia");
-        BASE_CIPHER_NAMES.put(CMSAlgorithm.CAMELLIA256_CBC, "Camellia");
-        BASE_CIPHER_NAMES.put(CMSAlgorithm.SEED_CBC, "SEED");
-        BASE_CIPHER_NAMES.put(PKCSObjectIdentifiers.rc4, "RC4");
-        BASE_CIPHER_NAMES.put(CryptoProObjectIdentifiers.gostR28147_gcfb, "GOST28147");
-
-        CIPHER_ALG_NAMES.put(CMSAlgorithm.DES_CBC,  "DES/CBC/PKCS5Padding");
-        CIPHER_ALG_NAMES.put(CMSAlgorithm.RC2_CBC,  "RC2/CBC/PKCS5Padding");
-        CIPHER_ALG_NAMES.put(CMSAlgorithm.DES_EDE3_CBC,  "DESEDE/CBC/PKCS5Padding");
-        CIPHER_ALG_NAMES.put(CMSAlgorithm.AES128_CBC,  "AES/CBC/PKCS5Padding");
-        CIPHER_ALG_NAMES.put(CMSAlgorithm.AES192_CBC,  "AES/CBC/PKCS5Padding");
-        CIPHER_ALG_NAMES.put(CMSAlgorithm.AES256_CBC,  "AES/CBC/PKCS5Padding");
-        CIPHER_ALG_NAMES.put(PKCSObjectIdentifiers.rsaEncryption, "RSA/ECB/PKCS1Padding");
-        CIPHER_ALG_NAMES.put(CMSAlgorithm.CAST5_CBC, "CAST5/CBC/PKCS5Padding");
-        CIPHER_ALG_NAMES.put(CMSAlgorithm.CAMELLIA128_CBC, "Camellia/CBC/PKCS5Padding");
-        CIPHER_ALG_NAMES.put(CMSAlgorithm.CAMELLIA192_CBC, "Camellia/CBC/PKCS5Padding");
-        CIPHER_ALG_NAMES.put(CMSAlgorithm.CAMELLIA256_CBC, "Camellia/CBC/PKCS5Padding");
-        CIPHER_ALG_NAMES.put(CMSAlgorithm.SEED_CBC, "SEED/CBC/PKCS5Padding");
-        CIPHER_ALG_NAMES.put(PKCSObjectIdentifiers.rc4, "RC4");
-
-        MAC_ALG_NAMES.put(CMSAlgorithm.DES_EDE3_CBC,  "DESEDEMac");
-        MAC_ALG_NAMES.put(CMSAlgorithm.AES128_CBC,  "AESMac");
-        MAC_ALG_NAMES.put(CMSAlgorithm.AES192_CBC,  "AESMac");
-        MAC_ALG_NAMES.put(CMSAlgorithm.AES256_CBC,  "AESMac");
-        MAC_ALG_NAMES.put(CMSAlgorithm.RC2_CBC,  "RC2Mac");
-
-        PBKDF2_ALG_NAMES.put(PasswordRecipient.PRF.HMacSHA1.getAlgorithmID(), "PBKDF2WITHHMACSHA1");
-        PBKDF2_ALG_NAMES.put(PasswordRecipient.PRF.HMacSHA224.getAlgorithmID(), "PBKDF2WITHHMACSHA224");
-        PBKDF2_ALG_NAMES.put(PasswordRecipient.PRF.HMacSHA256.getAlgorithmID(), "PBKDF2WITHHMACSHA256");
-        PBKDF2_ALG_NAMES.put(PasswordRecipient.PRF.HMacSHA384.getAlgorithmID(), "PBKDF2WITHHMACSHA384");
-        PBKDF2_ALG_NAMES.put(PasswordRecipient.PRF.HMacSHA512.getAlgorithmID(), "PBKDF2WITHHMACSHA512");
-    }
-
-    private static final short[] rc2Table = {
-        0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0,
-        0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a,
-        0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36,
-        0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c,
-        0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60,
-        0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa,
-        0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e,
-        0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf,
-        0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6,
-        0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3,
-        0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c,
-        0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2,
-        0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5,
-        0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5,
-        0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f,
-        0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab
-    };
-
-    private static final short[] rc2Ekb = {
-        0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5,
-        0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5,
-        0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef,
-        0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d,
-        0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb,
-        0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d,
-        0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3,
-        0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61,
-        0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1,
-        0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21,
-        0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42,
-        0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f,
-        0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7,
-        0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15,
-        0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7,
-        0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd
-    };
-
-    private JcaJceExtHelper helper;
-
-    EnvelopedDataHelper(JcaJceExtHelper helper)
-    {
-        this.helper = helper;
-    }
-
-    String getBaseCipherName(ASN1ObjectIdentifier algorithm)
-    {
-        String name = (String)BASE_CIPHER_NAMES.get(algorithm);
-
-        if (name == null)
-        {
-            return algorithm.getId();
-        }
-
-        return name;
-    }
-
-    Key getJceKey(GenericKey key)
-    {
-        if (key.getRepresentation() instanceof Key)
-        {
-            return (Key)key.getRepresentation();
-        }
-
-        if (key.getRepresentation() instanceof byte[])
-        {
-            return new SecretKeySpec((byte[])key.getRepresentation(), "ENC");
-        }
-
-        throw new IllegalArgumentException("unknown generic key type");
-    }
-
-    public Key getJceKey(ASN1ObjectIdentifier algorithm, GenericKey key)
-    {
-        if (key.getRepresentation() instanceof Key)
-        {
-            return (Key)key.getRepresentation();
-        }
-
-        if (key.getRepresentation() instanceof byte[])
-        {
-            return new SecretKeySpec((byte[])key.getRepresentation(), getBaseCipherName(algorithm));
-        }
-
-        throw new IllegalArgumentException("unknown generic key type");
-    }
-
-    public void keySizeCheck(AlgorithmIdentifier keyAlgorithm, Key key)
-        throws CMSException
-    {
-        int expectedKeySize = EnvelopedDataHelper.KEY_SIZE_PROVIDER.getKeySize(keyAlgorithm);
-        if (expectedKeySize > 0)
-        {
-            byte[] keyEnc = null;
-
-            try
-            {
-                keyEnc = key.getEncoded();
-            }
-            catch (Exception e)
-            {
-                // ignore - we're using a HSM...
-            }
-
-            if (keyEnc != null)
-            {
-                if (keyEnc.length * 8 != expectedKeySize)
-                {
-                    throw new CMSException("Expected key size for algorithm OID not found in recipient.");
-                }
-            }
-        }
-    }
-
-    Cipher createCipher(ASN1ObjectIdentifier algorithm)
-        throws CMSException
-    {
-        try
-        {
-            String cipherName = (String)CIPHER_ALG_NAMES.get(algorithm);
-
-            if (cipherName != null)
-            {
-                try
-                {
-                    // this is reversed as the Sun policy files now allow unlimited strength RSA
-                    return helper.createCipher(cipherName);
-                }
-                catch (NoSuchAlgorithmException e)
-                {
-                    // Ignore
-                }
-            }
-            return helper.createCipher(algorithm.getId());
-        }
-        catch (GeneralSecurityException e)
-        {
-            throw new CMSException("cannot create cipher: " + e.getMessage(), e);
-        }
-    }
-
-    Mac createMac(ASN1ObjectIdentifier algorithm)
-        throws CMSException
-    {
-        try
-        {
-            String macName = (String)MAC_ALG_NAMES.get(algorithm);
-
-            if (macName != null)
-            {
-                try
-                {
-                    // this is reversed as the Sun policy files now allow unlimited strength RSA
-                    return helper.createMac(macName);
-                }
-                catch (NoSuchAlgorithmException e)
-                {
-                    // Ignore
-                }
-            }
-            return helper.createMac(algorithm.getId());
-        }
-        catch (GeneralSecurityException e)
-        {
-            throw new CMSException("cannot create mac: " + e.getMessage(), e);
-        }
-    }
-
-    Cipher createRFC3211Wrapper(ASN1ObjectIdentifier algorithm)
-        throws CMSException
-    {
-        String cipherName = (String)BASE_CIPHER_NAMES.get(algorithm);
-
-        if (cipherName == null)
-        {
-            throw new CMSException("no name for " + algorithm);
-        }
-
-        cipherName += "RFC3211Wrap";
-
-        try
-        {
-             return helper.createCipher(cipherName);
-        }
-        catch (GeneralSecurityException e)
-        {
-            throw new CMSException("cannot create cipher: " + e.getMessage(), e);
-        }
-    }
-
-    KeyAgreement createKeyAgreement(ASN1ObjectIdentifier algorithm)
-        throws CMSException
-    {
-        try
-        {
-            String agreementName = (String)BASE_CIPHER_NAMES.get(algorithm);
-
-            if (agreementName != null)
-            {
-                try
-                {
-                    // this is reversed as the Sun policy files now allow unlimited strength RSA
-                    return helper.createKeyAgreement(agreementName);
-                }
-                catch (NoSuchAlgorithmException e)
-                {
-                    // Ignore
-                }
-            }
-            return helper.createKeyAgreement(algorithm.getId());
-        }
-        catch (GeneralSecurityException e)
-        {
-            throw new CMSException("cannot create key agreement: " + e.getMessage(), e);
-        }
-    }
-
-    AlgorithmParameterGenerator createAlgorithmParameterGenerator(ASN1ObjectIdentifier algorithm)
-        throws GeneralSecurityException
-    {
-        String algorithmName = (String)BASE_CIPHER_NAMES.get(algorithm);
-
-        if (algorithmName != null)
-        {
-            try
-            {
-                // this is reversed as the Sun policy files now allow unlimited strength RSA
-                return helper.createAlgorithmParameterGenerator(algorithmName);
-            }
-            catch (NoSuchAlgorithmException e)
-            {
-                // Ignore
-            }
-        }
-        return helper.createAlgorithmParameterGenerator(algorithm.getId());
-    }
-
-    public Cipher createContentCipher(final Key sKey, final AlgorithmIdentifier encryptionAlgID)
-        throws CMSException
-    {
-        return (Cipher)execute(new JCECallback()
-        {
-            public Object doInJCE()
-                throws CMSException, InvalidAlgorithmParameterException,
-                InvalidKeyException, InvalidParameterSpecException, NoSuchAlgorithmException,
-                NoSuchPaddingException, NoSuchProviderException
-            {
-                Cipher cipher = createCipher(encryptionAlgID.getAlgorithm());
-                ASN1Encodable sParams = encryptionAlgID.getParameters();
-                String encAlg = encryptionAlgID.getAlgorithm().getId();
-
-                if (sParams != null && !(sParams instanceof ASN1Null))
-                {
-                    try
-                    {
-                        AlgorithmParameters params = createAlgorithmParameters(encryptionAlgID.getAlgorithm());
-
-                        CMSUtils.loadParameters(params, sParams);
-
-                        cipher.init(Cipher.DECRYPT_MODE, sKey, params);
-                    }
-                    catch (NoSuchAlgorithmException e)
-                    {
-                        if (encAlg.equals(CMSAlgorithm.DES_CBC.getId())
-                            || encAlg.equals(CMSEnvelopedDataGenerator.DES_EDE3_CBC)
-                            || encAlg.equals(CMSEnvelopedDataGenerator.IDEA_CBC)
-                            || encAlg.equals(CMSEnvelopedDataGenerator.AES128_CBC)
-                            || encAlg.equals(CMSEnvelopedDataGenerator.AES192_CBC)
-                            || encAlg.equals(CMSEnvelopedDataGenerator.AES256_CBC))
-                        {
-                            cipher.init(Cipher.DECRYPT_MODE, sKey, new IvParameterSpec(
-                                ASN1OctetString.getInstance(sParams).getOctets()));
-                        }
-                        else
-                        {
-                            throw e;
-                        }
-                    }
-                }
-                else
-                {
-                    if (encAlg.equals(CMSAlgorithm.DES_CBC.getId())
-                        || encAlg.equals(CMSEnvelopedDataGenerator.DES_EDE3_CBC)
-                        || encAlg.equals(CMSEnvelopedDataGenerator.IDEA_CBC)
-                        || encAlg.equals(CMSEnvelopedDataGenerator.CAST5_CBC))
-                    {
-                        cipher.init(Cipher.DECRYPT_MODE, sKey, new IvParameterSpec(new byte[8]));
-                    }
-                    else
-                    {
-                        cipher.init(Cipher.DECRYPT_MODE, sKey);
-                    }
-                }
-
-                return cipher;
-            }
-        });
-    }
-
-    Mac createContentMac(final Key sKey, final AlgorithmIdentifier macAlgId)
-        throws CMSException
-    {
-        return (Mac)execute(new JCECallback()
-        {
-            public Object doInJCE()
-                throws CMSException, InvalidAlgorithmParameterException,
-                InvalidKeyException, InvalidParameterSpecException, NoSuchAlgorithmException,
-                NoSuchPaddingException, NoSuchProviderException
-            {
-                Mac mac = createMac(macAlgId.getAlgorithm());
-                ASN1Encodable sParams = macAlgId.getParameters();
-                String macAlg = macAlgId.getAlgorithm().getId();
-
-                if (sParams != null && !(sParams instanceof ASN1Null))
-                {
-                    try
-                    {
-                        AlgorithmParameters params = createAlgorithmParameters(macAlgId.getAlgorithm());
-
-                        CMSUtils.loadParameters(params, sParams);
-
-                        mac.init(sKey, params.getParameterSpec(AlgorithmParameterSpec.class));
-                    }
-                    catch (NoSuchAlgorithmException e)
-                    {
-                        throw e;
-                    }
-                }
-                else
-                {
-                    mac.init(sKey);
-                }
-
-                return mac;
-            }
-        });
-    }
-
-    AlgorithmParameters createAlgorithmParameters(ASN1ObjectIdentifier algorithm)
-        throws NoSuchAlgorithmException, NoSuchProviderException
-    {
-        String algorithmName = (String)BASE_CIPHER_NAMES.get(algorithm);
-
-        if (algorithmName != null)
-        {
-            try
-            {
-                // this is reversed as the Sun policy files now allow unlimited strength RSA
-                return helper.createAlgorithmParameters(algorithmName);
-            }
-            catch (NoSuchAlgorithmException e)
-            {
-                // Ignore
-            }
-        }
-        return helper.createAlgorithmParameters(algorithm.getId());
-    }
-
-
-    KeyPairGenerator createKeyPairGenerator(ASN1ObjectIdentifier algorithm)
-        throws CMSException
-    {
-        try
-        {
-            String cipherName = (String)BASE_CIPHER_NAMES.get(algorithm);
-
-            if (cipherName != null)
-            {
-                try
-                {
-                    // this is reversed as the Sun policy files now allow unlimited strength RSA
-                    return helper.createKeyPairGenerator(cipherName);
-                }
-                catch (NoSuchAlgorithmException e)
-                {
-                    // Ignore
-                }
-            }
-            return helper.createKeyPairGenerator(algorithm.getId());
-        }
-        catch (GeneralSecurityException e)
-        {
-            throw new CMSException("cannot create key pair generator: " + e.getMessage(), e);
-        }
-    }
-
-    public KeyGenerator createKeyGenerator(ASN1ObjectIdentifier algorithm)
-        throws CMSException
-    {
-        try
-        {
-            String cipherName = (String)BASE_CIPHER_NAMES.get(algorithm);
-
-            if (cipherName != null)
-            {
-                try
-                {
-                    // this is reversed as the Sun policy files now allow unlimited strength RSA
-                    return helper.createKeyGenerator(cipherName);
-                }
-                catch (NoSuchAlgorithmException e)
-                {
-                    // Ignore
-                }
-            }
-            return helper.createKeyGenerator(algorithm.getId());
-        }
-        catch (GeneralSecurityException e)
-        {
-            throw new CMSException("cannot create key generator: " + e.getMessage(), e);
-        }
-    }
-
-    AlgorithmParameters generateParameters(ASN1ObjectIdentifier encryptionOID, SecretKey encKey, SecureRandom rand)
-        throws CMSException
-    {
-        try
-        {
-            AlgorithmParameterGenerator pGen = createAlgorithmParameterGenerator(encryptionOID);
-
-            if (encryptionOID.equals(CMSAlgorithm.RC2_CBC))
-            {
-                byte[]  iv = new byte[8];
-
-                rand.nextBytes(iv);
-
-                try
-                {
-                    pGen.init(new RC2ParameterSpec(encKey.getEncoded().length * 8, iv), rand);
-                }
-                catch (InvalidAlgorithmParameterException e)
-                {
-                    throw new CMSException("parameters generation error: " + e, e);
-                }
-            }
-
-            return pGen.generateParameters();
-        }
-        catch (NoSuchAlgorithmException e)
-        {
-            return null;
-        }
-        catch (GeneralSecurityException e)
-        {
-            throw new CMSException("exception creating algorithm parameter generator: " + e, e);
-        }
-    }
-
-    AlgorithmIdentifier getAlgorithmIdentifier(ASN1ObjectIdentifier encryptionOID, AlgorithmParameters params)
-        throws CMSException
-    {
-        ASN1Encodable asn1Params;
-        if (params != null)
-        {
-            asn1Params = CMSUtils.extractParameters(params);
-        }
-        else
-        {
-            asn1Params = DERNull.INSTANCE;
-        }
-
-        return new AlgorithmIdentifier(
-            encryptionOID,
-            asn1Params);
-    }
-
-    static Object execute(JCECallback callback) throws CMSException
-    {
-        try
-        {
-            return callback.doInJCE();
-        }
-        catch (NoSuchAlgorithmException e)
-        {
-            throw new CMSException("can't find algorithm.", e);
-        }
-        catch (InvalidKeyException e)
-        {
-            throw new CMSException("key invalid in message.", e);
-        }
-        catch (NoSuchProviderException e)
-        {
-            throw new CMSException("can't find provider.", e);
-        }
-        catch (NoSuchPaddingException e)
-        {
-            throw new CMSException("required padding not supported.", e);
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            throw new CMSException("algorithm parameters invalid.", e);
-        }
-        catch (InvalidParameterSpecException e)
-        {
-            throw new CMSException("MAC algorithm parameter spec invalid.", e);
-        }
-    }
-
-    public KeyFactory createKeyFactory(ASN1ObjectIdentifier algorithm)
-        throws CMSException
-    {
-        try
-        {
-            String cipherName = (String)BASE_CIPHER_NAMES.get(algorithm);
-
-            if (cipherName != null)
-            {
-                try
-                {
-                    // this is reversed as the Sun policy files now allow unlimited strength RSA
-                    return helper.createKeyFactory(cipherName);
-                }
-                catch (NoSuchAlgorithmException e)
-                {
-                    // Ignore
-                }
-            }
-            return helper.createKeyFactory(algorithm.getId());
-        }
-        catch (GeneralSecurityException e)
-        {
-            throw new CMSException("cannot create key factory: " + e.getMessage(), e);
-        }
-    }
-
-    public JceAsymmetricKeyUnwrapper createAsymmetricUnwrapper(AlgorithmIdentifier keyEncryptionAlgorithm, PrivateKey keyEncryptionKey)
-    {
-        return helper.createAsymmetricUnwrapper(keyEncryptionAlgorithm, keyEncryptionKey);
-    }
-
-    public JceKTSKeyUnwrapper createAsymmetricUnwrapper(AlgorithmIdentifier keyEncryptionAlgorithm, PrivateKey keyEncryptionKey, byte[] partyUInfo, byte[] partyVInfo)
-    {
-        return helper.createAsymmetricUnwrapper(keyEncryptionAlgorithm, keyEncryptionKey, partyUInfo, partyVInfo);
-    }
-
-    public SymmetricKeyUnwrapper createSymmetricUnwrapper(AlgorithmIdentifier keyEncryptionAlgorithm, SecretKey keyEncryptionKey)
-    {
-        return helper.createSymmetricUnwrapper(keyEncryptionAlgorithm, keyEncryptionKey);
-    }
-
-    public AlgorithmIdentifier getAlgorithmIdentifier(ASN1ObjectIdentifier macOID, AlgorithmParameterSpec paramSpec)
-    {
-        if (paramSpec instanceof IvParameterSpec)
-        {
-            return new AlgorithmIdentifier(macOID, new DEROctetString(((IvParameterSpec)paramSpec).getIV()));
-        }
-
-        if (paramSpec instanceof RC2ParameterSpec)
-        {
-            RC2ParameterSpec rc2Spec = (RC2ParameterSpec)paramSpec;
-
-            int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits();
-
-            if (effKeyBits != -1)
-            {
-                int parameterVersion;
-                            
-                if (effKeyBits < 256)
-                {
-                    parameterVersion = rc2Table[effKeyBits];
-                }
-                else
-                {
-                    parameterVersion = effKeyBits;
-                }
-
-                return new AlgorithmIdentifier(macOID, new RC2CBCParameter(parameterVersion, rc2Spec.getIV()));
-            }
-
-            return new AlgorithmIdentifier(macOID, new RC2CBCParameter(rc2Spec.getIV()));
-        }
-
-        throw new IllegalStateException("unknown parameter spec: " + paramSpec);
-    }
-
-    SecretKeyFactory createSecretKeyFactory(String keyFactoryAlgorithm)
-        throws NoSuchProviderException, NoSuchAlgorithmException
-    {
-        return helper.createSecretKeyFactory(keyFactoryAlgorithm);
-    }
-
-    byte[] calculateDerivedKey(int schemeID, char[] password, AlgorithmIdentifier derivationAlgorithm, int keySize)
-        throws CMSException
-    {
-        PBKDF2Params params = PBKDF2Params.getInstance(derivationAlgorithm.getParameters());
-
-        try
-        {
-            SecretKeyFactory keyFact;
-
-            if (schemeID == PasswordRecipient.PKCS5_SCHEME2)
-            {
-                keyFact = helper.createSecretKeyFactory("PBKDF2with8BIT");
-            }
-            else
-            {
-                keyFact = helper.createSecretKeyFactory((String)PBKDF2_ALG_NAMES.get(params.getPrf()));
-            }
-
-            SecretKey key = keyFact.generateSecret(new PBEKeySpec(password, params.getSalt(), params.getIterationCount().intValue(), keySize));
-
-            return key.getEncoded();
-        }
-        catch (GeneralSecurityException e)
-        {
-             throw new CMSException("Unable to calculate derived key from password: " + e.getMessage(), e);
-        }
-    }
-
-    static interface JCECallback
-    {
-        Object doInJCE()
-            throws CMSException, InvalidAlgorithmParameterException, InvalidKeyException, InvalidParameterSpecException,
-            NoSuchAlgorithmException, NoSuchPaddingException, NoSuchProviderException;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcaJceExtHelper.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcaJceExtHelper.java
deleted file mode 100644
index 47db1ca..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcaJceExtHelper.java
+++ /dev/null

@@ -1,21 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.security.PrivateKey;
-
-import javax.crypto.SecretKey;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.jcajce.util.JcaJceHelper;
-import org.bouncycastle.operator.SymmetricKeyUnwrapper;
-import org.bouncycastle.operator.jcajce.JceAsymmetricKeyUnwrapper;
-import org.bouncycastle.operator.jcajce.JceKTSKeyUnwrapper;
-
-interface JcaJceExtHelper
-    extends JcaJceHelper
-{
-    JceAsymmetricKeyUnwrapper createAsymmetricUnwrapper(AlgorithmIdentifier keyEncryptionAlgorithm, PrivateKey keyEncryptionKey);
-
-    JceKTSKeyUnwrapper createAsymmetricUnwrapper(AlgorithmIdentifier keyEncryptionAlgorithm, PrivateKey keyEncryptionKey, byte[] partyUInfo, byte[] partyVInfo);
-
-    SymmetricKeyUnwrapper createSymmetricUnwrapper(AlgorithmIdentifier keyEncryptionAlgorithm, SecretKey keyEncryptionKey);
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcaSelectorConverter.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcaSelectorConverter.java
deleted file mode 100644
index a26cbe7..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcaSelectorConverter.java
+++ /dev/null

@@ -1,55 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.io.IOException;
-import java.security.cert.X509CertSelector;
-
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.cms.KeyTransRecipientId;
-import org.bouncycastle.cms.SignerId;
-
-public class JcaSelectorConverter
-{
-    public JcaSelectorConverter()
-    {
-
-    }
-
-    public SignerId getSignerId(X509CertSelector certSelector)
-    {
-        try
-        {
-            if (certSelector.getSubjectKeyIdentifier() != null)
-            {
-                return new SignerId(X500Name.getInstance(certSelector.getIssuerAsBytes()), certSelector.getSerialNumber(), ASN1OctetString.getInstance(certSelector.getSubjectKeyIdentifier()).getOctets());
-            }
-            else
-            {
-                return new SignerId(X500Name.getInstance(certSelector.getIssuerAsBytes()), certSelector.getSerialNumber());
-            }
-        }
-        catch (IOException e)
-        {
-            throw new IllegalArgumentException("unable to convert issuer: " + e.getMessage());
-        }
-    }
-
-    public KeyTransRecipientId getKeyTransRecipientId(X509CertSelector certSelector)
-    {
-        try
-        {
-            if (certSelector.getSubjectKeyIdentifier() != null)
-            {
-                return new KeyTransRecipientId(X500Name.getInstance(certSelector.getIssuerAsBytes()), certSelector.getSerialNumber(), ASN1OctetString.getInstance(certSelector.getSubjectKeyIdentifier()).getOctets());
-            }
-            else
-            {
-                return new KeyTransRecipientId(X500Name.getInstance(certSelector.getIssuerAsBytes()), certSelector.getSerialNumber());
-            }
-        }
-        catch (IOException e)
-        {
-            throw new IllegalArgumentException("unable to convert issuer: " + e.getMessage());
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcaSignerId.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcaSignerId.java
deleted file mode 100644
index 056f7c0..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcaSignerId.java
+++ /dev/null

@@ -1,56 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.math.BigInteger;
-import java.security.cert.X509Certificate;
-
-import javax.security.auth.x500.X500Principal;
-
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.cms.SignerId;
-
-public class JcaSignerId
-    extends SignerId
-{
-    /**
-     * Construct a signer identifier based on the issuer, serial number and subject key identifier (if present) of the passed in
-     * certificate.
-     *
-     * @param certificate certificate providing the issue and serial number and subject key identifier.
-     */
-    public JcaSignerId(X509Certificate certificate)
-    {
-        super(convertPrincipal(certificate.getIssuerX500Principal()), certificate.getSerialNumber(), CMSUtils.getSubjectKeyId(certificate));
-    }
-
-    /**
-     * Construct a signer identifier based on the provided issuer and serial number..
-     *
-     * @param issuer the issuer to use.
-     * @param serialNumber  the serial number to use.
-     */
-    public JcaSignerId(X500Principal issuer, BigInteger serialNumber)
-    {
-        super(convertPrincipal(issuer), serialNumber);
-    }
-
-    /**
-     * Construct a signer identifier based on the provided issuer, serial number, and subjectKeyId..
-     *
-     * @param issuer the issuer to use.
-     * @param serialNumber  the serial number to use.
-     * @param subjectKeyId the subject key ID to use.
-     */
-    public JcaSignerId(X500Principal issuer, BigInteger serialNumber, byte[] subjectKeyId)
-    {
-        super(convertPrincipal(issuer), serialNumber, subjectKeyId);
-    }
-
-    private static X500Name convertPrincipal(X500Principal issuer)
-    {
-        if (issuer == null)
-        {
-            return null;
-        }
-        return X500Name.getInstance(issuer.getEncoded());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcaSimpleSignerInfoGeneratorBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcaSimpleSignerInfoGeneratorBuilder.java
deleted file mode 100644
index 7cb6254..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcaSimpleSignerInfoGeneratorBuilder.java
+++ /dev/null

@@ -1,211 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.security.PrivateKey;
-import java.security.Provider;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.X509Certificate;
-
-import org.bouncycastle.asn1.cms.AttributeTable;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
-import org.bouncycastle.cms.CMSAttributeTableGenerator;
-import org.bouncycastle.cms.DefaultSignedAttributeTableGenerator;
-import org.bouncycastle.cms.SignerInfoGenerator;
-import org.bouncycastle.cms.SignerInfoGeneratorBuilder;
-import org.bouncycastle.operator.ContentSigner;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
-import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
-
-/**
- * Use this class if you are using a provider that has all the facilities you
- * need.
- * <p>
- * For example:
- * <pre>
- *      CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
- *      ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(signKP.getPrivate());
- *
- *      gen.addSignerInfoGenerator(
- *                new JcaSignerInfoGeneratorBuilder(
- *                     new JcaDigestCalculatorProviderBuilder().setProvider("BC").build())
- *                     .build(sha1Signer, signCert));
- * </pre>
- * becomes:
- * <pre>
- *      CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
- *
- *      gen.addSignerInfoGenerator(
- *                new JcaSimpleSignerInfoGeneratorBuilder()
- *                     .setProvider("BC")
- *                     .build("SHA1withRSA", signKP.getPrivate(), signCert));
- * </pre>
- */
-public class JcaSimpleSignerInfoGeneratorBuilder
-{
-    private Helper helper;
-
-    private boolean hasNoSignedAttributes;
-    private CMSAttributeTableGenerator signedGen;
-    private CMSAttributeTableGenerator unsignedGen;
-
-    public JcaSimpleSignerInfoGeneratorBuilder()
-        throws OperatorCreationException
-    {
-        this.helper = new Helper();
-    }
-
-    public JcaSimpleSignerInfoGeneratorBuilder setProvider(String providerName)
-        throws OperatorCreationException
-    {
-        this.helper = new NamedHelper(providerName);
-
-        return this;
-    }
-
-    public JcaSimpleSignerInfoGeneratorBuilder setProvider(Provider provider)
-        throws OperatorCreationException
-    {
-        this.helper = new ProviderHelper(provider);
-
-        return this;
-    }
-
-    /**
-     * If the passed in flag is true, the signer signature will be based on the data, not
-     * a collection of signed attributes, and no signed attributes will be included.
-     *
-     * @return the builder object
-     */
-    public JcaSimpleSignerInfoGeneratorBuilder setDirectSignature(boolean hasNoSignedAttributes)
-    {
-        this.hasNoSignedAttributes = hasNoSignedAttributes;
-
-        return this;
-    }
-
-    public JcaSimpleSignerInfoGeneratorBuilder setSignedAttributeGenerator(CMSAttributeTableGenerator signedGen)
-    {
-        this.signedGen = signedGen;
-
-        return this;
-    }
-
-    /**
-     * set up a DefaultSignedAttributeTableGenerator primed with the passed in AttributeTable.
-     *
-     * @param attrTable table of attributes for priming generator
-     * @return this.
-     */
-    public JcaSimpleSignerInfoGeneratorBuilder setSignedAttributeGenerator(AttributeTable attrTable)
-    {
-        this.signedGen = new DefaultSignedAttributeTableGenerator(attrTable);
-
-        return this;
-    }
-
-    public JcaSimpleSignerInfoGeneratorBuilder setUnsignedAttributeGenerator(CMSAttributeTableGenerator unsignedGen)
-    {
-        this.unsignedGen = unsignedGen;
-
-        return this;
-    }
-
-    public SignerInfoGenerator build(String algorithmName, PrivateKey privateKey, X509CertificateHolder certificate)
-        throws OperatorCreationException
-    {
-        ContentSigner contentSigner = helper.createContentSigner(algorithmName, privateKey);
-
-        return configureAndBuild().build(contentSigner, certificate);
-    }
-
-    public SignerInfoGenerator build(String algorithmName, PrivateKey privateKey, X509Certificate certificate)
-        throws OperatorCreationException, CertificateEncodingException
-    {
-        ContentSigner contentSigner = helper.createContentSigner(algorithmName, privateKey);
-
-        return configureAndBuild().build(contentSigner, new JcaX509CertificateHolder(certificate));
-    }
-
-    public SignerInfoGenerator build(String algorithmName, PrivateKey privateKey, byte[] keyIdentifier)
-        throws OperatorCreationException
-    {
-        ContentSigner contentSigner = helper.createContentSigner(algorithmName, privateKey);
-
-        return configureAndBuild().build(contentSigner, keyIdentifier);
-    }
-
-    private SignerInfoGeneratorBuilder configureAndBuild()
-        throws OperatorCreationException
-    {
-        SignerInfoGeneratorBuilder infoGeneratorBuilder = new SignerInfoGeneratorBuilder(helper.createDigestCalculatorProvider());
-
-        infoGeneratorBuilder.setDirectSignature(hasNoSignedAttributes);
-        infoGeneratorBuilder.setSignedAttributeGenerator(signedGen);
-        infoGeneratorBuilder.setUnsignedAttributeGenerator(unsignedGen);
-
-        return infoGeneratorBuilder;
-    }
-
-    private class Helper
-    {
-        ContentSigner createContentSigner(String algorithm, PrivateKey privateKey)
-            throws OperatorCreationException
-        {
-            return new JcaContentSignerBuilder(algorithm).build(privateKey);
-        }
-
-        DigestCalculatorProvider createDigestCalculatorProvider()
-            throws OperatorCreationException
-        {
-            return new JcaDigestCalculatorProviderBuilder().build();
-        }
-    }
-
-    private class NamedHelper
-        extends Helper
-    {
-        private final String providerName;
-
-        public NamedHelper(String providerName)
-        {
-            this.providerName = providerName;
-        }
-
-        ContentSigner createContentSigner(String algorithm, PrivateKey privateKey)
-            throws OperatorCreationException
-        {
-            return new JcaContentSignerBuilder(algorithm).setProvider(providerName).build(privateKey);
-        }
-
-        DigestCalculatorProvider createDigestCalculatorProvider()
-            throws OperatorCreationException
-        {
-            return new JcaDigestCalculatorProviderBuilder().setProvider(providerName).build();
-        }
-    }
-
-    private class ProviderHelper
-        extends Helper
-    {
-        private final Provider provider;
-
-        public ProviderHelper(Provider provider)
-        {
-            this.provider = provider;
-        }
-
-        ContentSigner createContentSigner(String algorithm, PrivateKey privateKey)
-            throws OperatorCreationException
-        {
-            return new JcaContentSignerBuilder(algorithm).setProvider(provider).build(privateKey);
-        }
-
-        DigestCalculatorProvider createDigestCalculatorProvider()
-            throws OperatorCreationException
-        {
-            return new JcaDigestCalculatorProviderBuilder().setProvider(provider).build();
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcaX509CertSelectorConverter.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcaX509CertSelectorConverter.java
deleted file mode 100644
index 86f59f6..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcaX509CertSelectorConverter.java
+++ /dev/null

@@ -1,24 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.security.cert.X509CertSelector;
-
-import org.bouncycastle.cms.KeyTransRecipientId;
-import org.bouncycastle.cms.SignerId;
-
-public class JcaX509CertSelectorConverter
-    extends org.bouncycastle.cert.selector.jcajce.JcaX509CertSelectorConverter
-{
-    public JcaX509CertSelectorConverter()
-    {
-    }
-
-    public X509CertSelector getCertSelector(KeyTransRecipientId recipientId)
-    {
-        return doConversion(recipientId.getIssuer(), recipientId.getSerialNumber(), recipientId.getSubjectKeyIdentifier());
-    }
-
-    public X509CertSelector getCertSelector(SignerId signerId)
-    {
-        return doConversion(signerId.getIssuer(), signerId.getSerialNumber(), signerId.getSubjectKeyIdentifier());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceAlgorithmIdentifierConverter.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceAlgorithmIdentifierConverter.java
deleted file mode 100644
index 59928f4..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceAlgorithmIdentifierConverter.java
+++ /dev/null

@@ -1,64 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-
-import java.security.AlgorithmParameters;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.Provider;
-import java.security.SecureRandom;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cms.CMSException;
-
-public class JceAlgorithmIdentifierConverter
-{
-    private EnvelopedDataHelper helper = new EnvelopedDataHelper(new DefaultJcaJceExtHelper());
-    private SecureRandom random;
-
-    public JceAlgorithmIdentifierConverter()
-    {
-    }
-
-    public JceAlgorithmIdentifierConverter setProvider(Provider provider)
-    {
-        this.helper = new EnvelopedDataHelper(new ProviderJcaJceExtHelper(provider));
-
-        return this;
-    }
-
-    public JceAlgorithmIdentifierConverter setProvider(String providerName)
-    {
-        this.helper = new EnvelopedDataHelper(new NamedJcaJceExtHelper(providerName));
-
-        return this;
-    }
-
-    public AlgorithmParameters getAlgorithmParameters(AlgorithmIdentifier algorithmIdentifier)
-        throws CMSException
-    {
-        ASN1Encodable parameters = algorithmIdentifier.getParameters();
-
-        if (parameters == null)
-        {
-            return null;
-        }
-
-        try
-        {
-            AlgorithmParameters params = helper.createAlgorithmParameters(algorithmIdentifier.getAlgorithm());
-
-            CMSUtils.loadParameters(params, algorithmIdentifier.getParameters());
-
-            return params;
-        }
-        catch (NoSuchAlgorithmException e)
-        {
-            throw new CMSException("can't find parameters for algorithm", e);
-        }
-        catch (NoSuchProviderException e)
-        {
-            throw new CMSException("can't find provider for algorithm", e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceCMSContentEncryptorBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceCMSContentEncryptorBuilder.java
deleted file mode 100644
index 93c216a..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceCMSContentEncryptorBuilder.java
+++ /dev/null

@@ -1,205 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.io.OutputStream;
-import java.security.AlgorithmParameters;
-import java.security.GeneralSecurityException;
-import java.security.Provider;
-import java.security.SecureRandom;
-
-import javax.crypto.Cipher;
-import javax.crypto.CipherOutputStream;
-import javax.crypto.KeyGenerator;
-import javax.crypto.SecretKey;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.operator.DefaultSecretKeySizeProvider;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.OutputEncryptor;
-import org.bouncycastle.operator.SecretKeySizeProvider;
-import org.bouncycastle.operator.jcajce.JceGenericKey;
-
-/**
- * Builder for the content encryptor in EnvelopedData - used to encrypt the actual transmitted content.
- */
-public class JceCMSContentEncryptorBuilder
-{
-    private static final SecretKeySizeProvider KEY_SIZE_PROVIDER = DefaultSecretKeySizeProvider.INSTANCE;
-
-
-    private final ASN1ObjectIdentifier encryptionOID;
-    private final int                  keySize;
-
-    private EnvelopedDataHelper helper = new EnvelopedDataHelper(new DefaultJcaJceExtHelper());
-    private SecureRandom random;
-    private AlgorithmParameters algorithmParameters;
-
-    public JceCMSContentEncryptorBuilder(ASN1ObjectIdentifier encryptionOID)
-    {
-        this(encryptionOID, KEY_SIZE_PROVIDER.getKeySize(encryptionOID));
-    }
-
-    public JceCMSContentEncryptorBuilder(ASN1ObjectIdentifier encryptionOID, int keySize)
-    {
-        this.encryptionOID = encryptionOID;
-
-        int fixedSize = KEY_SIZE_PROVIDER.getKeySize(encryptionOID);
-
-        if (encryptionOID.equals(PKCSObjectIdentifiers.des_EDE3_CBC))
-        {
-            if (keySize != 168 && keySize != fixedSize)
-            {
-                throw new IllegalArgumentException("incorrect keySize for encryptionOID passed to builder.");
-            }
-            this.keySize = 168;
-        }
-        else if (encryptionOID.equals(OIWObjectIdentifiers.desCBC))
-        {
-            if (keySize != 56 && keySize != fixedSize)
-            {
-                throw new IllegalArgumentException("incorrect keySize for encryptionOID passed to builder.");
-            }
-            this.keySize = 56;
-        }
-        else
-        {
-            if (fixedSize > 0 && fixedSize != keySize)
-            {
-                throw new IllegalArgumentException("incorrect keySize for encryptionOID passed to builder.");
-            }
-            this.keySize = keySize;
-        }
-    }
-
-    /**
-     * Set the provider to use for content encryption.
-     *
-     * @param provider the provider object to use for cipher and default parameters creation.
-     * @return the current builder instance.
-     */
-    public JceCMSContentEncryptorBuilder setProvider(Provider provider)
-    {
-        this.helper = new EnvelopedDataHelper(new ProviderJcaJceExtHelper(provider));
-
-        return this;
-    }
-
-    /**
-     * Set the provider to use for content encryption (by name)
-     *
-     * @param providerName the name of the provider to use for cipher and default parameters creation.
-     * @return the current builder instance.
-     */
-    public JceCMSContentEncryptorBuilder setProvider(String providerName)
-    {
-        this.helper = new EnvelopedDataHelper(new NamedJcaJceExtHelper(providerName));
-
-        return this;
-    }
-
-    /**
-     * Provide a specified source of randomness to be used for session key and IV/nonce generation.
-     *
-     * @param random the secure random to use.
-     * @return the current builder instance.
-     */
-    public JceCMSContentEncryptorBuilder setSecureRandom(SecureRandom random)
-    {
-        this.random = random;
-
-        return this;
-    }
-
-    /**
-     * Provide a set of algorithm parameters for the content encryption cipher to use.
-     *
-     * @param algorithmParameters algorithmParameters for content encryption.
-     * @return the current builder instance.
-     */
-    public JceCMSContentEncryptorBuilder setAlgorithmParameters(AlgorithmParameters algorithmParameters)
-    {
-        this.algorithmParameters = algorithmParameters;
-
-        return this;
-    }
-
-    public OutputEncryptor build()
-        throws CMSException
-    {
-        return new CMSOutputEncryptor(encryptionOID, keySize, algorithmParameters, random);
-    }
-
-    private class CMSOutputEncryptor
-        implements OutputEncryptor
-    {
-        private SecretKey encKey;
-        private AlgorithmIdentifier algorithmIdentifier;
-        private Cipher              cipher;
-
-        CMSOutputEncryptor(ASN1ObjectIdentifier encryptionOID, int keySize, AlgorithmParameters params, SecureRandom random)
-            throws CMSException
-        {
-            KeyGenerator keyGen = helper.createKeyGenerator(encryptionOID);
-
-            if (random == null)
-            {
-                random = new SecureRandom();
-            }
-
-            if (keySize < 0)
-            {
-                keyGen.init(random);
-            }
-            else
-            {
-                keyGen.init(keySize, random);
-            }
-
-            cipher = helper.createCipher(encryptionOID);
-            encKey = keyGen.generateKey();
-
-            if (params == null)
-            {
-                params = helper.generateParameters(encryptionOID, encKey, random);
-            }
-
-            try
-            {
-                cipher.init(Cipher.ENCRYPT_MODE, encKey, params, random);
-            }
-            catch (GeneralSecurityException e)
-            {
-                throw new CMSException("unable to initialize cipher: " + e.getMessage(), e);
-            }
-
-            //
-            // If params are null we try and second guess on them as some providers don't provide
-            // algorithm parameter generation explicity but instead generate them under the hood.
-            //
-            if (params == null)
-            {
-                params = cipher.getParameters();
-            }
-
-            algorithmIdentifier = helper.getAlgorithmIdentifier(encryptionOID, params);
-        }
-
-        public AlgorithmIdentifier getAlgorithmIdentifier()
-        {
-            return algorithmIdentifier;
-        }
-
-        public OutputStream getOutputStream(OutputStream dOut)
-        {
-            return new CipherOutputStream(dOut, cipher);
-        }
-
-        public GenericKey getKey()
-        {
-            return new JceGenericKey(algorithmIdentifier, encKey);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceCMSMacCalculatorBuilder.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceCMSMacCalculatorBuilder.java
deleted file mode 100644
index 4a334cc..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceCMSMacCalculatorBuilder.java
+++ /dev/null

@@ -1,155 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.io.OutputStream;
-import java.security.AlgorithmParameters;
-import java.security.Provider;
-import java.security.SecureRandom;
-
-import javax.crypto.KeyGenerator;
-import javax.crypto.Mac;
-import javax.crypto.SecretKey;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.jcajce.io.MacOutputStream;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.MacCalculator;
-import org.bouncycastle.operator.jcajce.JceGenericKey;
-
-public class JceCMSMacCalculatorBuilder
-{
-    private final ASN1ObjectIdentifier macOID;
-    private final int                  keySize;
-
-    private EnvelopedDataHelper helper = new EnvelopedDataHelper(new DefaultJcaJceExtHelper());
-    private AlgorithmParameters algorithmParameters;
-    private SecureRandom random;
-
-    public JceCMSMacCalculatorBuilder(ASN1ObjectIdentifier macOID)
-    {
-        this(macOID, -1);
-    }
-
-    public JceCMSMacCalculatorBuilder(ASN1ObjectIdentifier macOID, int keySize)
-    {
-        this.macOID = macOID;
-        this.keySize = keySize;
-    }
-
-    /**
-     * Set the provider to use for content encryption.
-     *
-     * @param provider the provider object to use for MAC and default parameters creation.
-     * @return the current builder instance.
-     */
-    public JceCMSMacCalculatorBuilder setProvider(Provider provider)
-    {
-        this.helper = new EnvelopedDataHelper(new ProviderJcaJceExtHelper(provider));
-
-        return this;
-    }
-
-    /**
-     * Set the provider to use for content encryption (by name)
-     *
-     * @param providerName the name of the provider to use for MAC and default parameters creation.
-     * @return the current builder instance.
-     */
-    public JceCMSMacCalculatorBuilder setProvider(String providerName)
-    {
-        this.helper = new EnvelopedDataHelper(new NamedJcaJceExtHelper(providerName));
-
-        return this;
-    }
-
-    /**
-     * Provide a specified source of randomness to be used for session key and IV/nonce generation.
-     *
-     * @param random the secure random to use.
-     * @return the current builder instance.
-     */
-    public JceCMSMacCalculatorBuilder setSecureRandom(SecureRandom random)
-    {
-        this.random = random;
-
-        return this;
-    }
-
-    /**
-     * Provide a set of algorithm parameters for the content MAC calculator to use.
-     *
-     * @param algorithmParameters algorithmParameters for MAC initialisation.
-     * @return the current builder instance.
-     */
-    public JceCMSMacCalculatorBuilder setAlgorithmParameters(AlgorithmParameters algorithmParameters)
-    {
-        this.algorithmParameters = algorithmParameters;
-
-        return this;
-    }
-
-    public MacCalculator build()
-        throws CMSException
-    {
-        return new CMSMacCalculator(macOID, keySize, algorithmParameters, random);
-    }
-
-    private class CMSMacCalculator
-        implements MacCalculator
-    {
-        private SecretKey encKey;
-        private AlgorithmIdentifier algorithmIdentifier;
-        private Mac mac;
-
-        CMSMacCalculator(ASN1ObjectIdentifier macOID, int keySize, AlgorithmParameters params, SecureRandom random)
-            throws CMSException
-        {
-            KeyGenerator keyGen = helper.createKeyGenerator(macOID);
-
-            if (random == null)
-            {
-                random = new SecureRandom();
-            }
-
-            if (keySize < 0)
-            {
-                keyGen.init(random);
-            }
-            else
-            {
-                keyGen.init(keySize, random);
-            }
-
-            encKey = keyGen.generateKey();
-
-            if (params == null)
-            {
-                params = helper.generateParameters(macOID, encKey, random);
-            }
-
-            algorithmIdentifier = helper.getAlgorithmIdentifier(macOID, params);
-            mac = helper.createContentMac(encKey, algorithmIdentifier);
-        }
-
-        public AlgorithmIdentifier getAlgorithmIdentifier()
-        {
-            return algorithmIdentifier;
-        }
-
-        public OutputStream getOutputStream()
-        {
-            return new MacOutputStream(mac);
-        }
-
-        public byte[] getMac()
-        {
-            return mac.doFinal();
-        }
-
-        public GenericKey getKey()
-        {
-            return new JceGenericKey(algorithmIdentifier, encKey);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKEKAuthenticatedRecipient.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKEKAuthenticatedRecipient.java
deleted file mode 100644
index eb73555..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKEKAuthenticatedRecipient.java
+++ /dev/null

@@ -1,61 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.io.OutputStream;
-import java.security.Key;
-
-import javax.crypto.Mac;
-import javax.crypto.SecretKey;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.RecipientOperator;
-import org.bouncycastle.jcajce.io.MacOutputStream;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.MacCalculator;
-import org.bouncycastle.operator.jcajce.JceGenericKey;
-
-
-/**
- * the KeyTransRecipientInformation class for a recipient who has been sent a secret
- * key encrypted using their public key that needs to be used to
- * extract the message.
- */
-public class JceKEKAuthenticatedRecipient
-    extends JceKEKRecipient
-{
-    public JceKEKAuthenticatedRecipient(SecretKey recipientKey)
-    {
-        super(recipientKey);
-    }
-
-    public RecipientOperator getRecipientOperator(AlgorithmIdentifier keyEncryptionAlgorithm, final AlgorithmIdentifier contentMacAlgorithm, byte[] encryptedContentEncryptionKey)
-        throws CMSException
-    {
-        final Key secretKey = extractSecretKey(keyEncryptionAlgorithm, contentMacAlgorithm, encryptedContentEncryptionKey);
-
-        final Mac dataMac = contentHelper.createContentMac(secretKey, contentMacAlgorithm);
-
-        return new RecipientOperator(new MacCalculator()
-        {
-            public AlgorithmIdentifier getAlgorithmIdentifier()
-            {
-                return contentMacAlgorithm;
-            }
-
-            public GenericKey getKey()
-            {
-                return new JceGenericKey(contentMacAlgorithm, secretKey);
-            }
-
-            public OutputStream getOutputStream()
-            {
-                return new MacOutputStream(dataMac);
-            }
-
-            public byte[] getMac()
-            {
-                return dataMac.doFinal();
-            }
-        });
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKEKEnvelopedRecipient.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKEKEnvelopedRecipient.java
deleted file mode 100644
index c9d2fc2..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKEKEnvelopedRecipient.java
+++ /dev/null

@@ -1,43 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.io.InputStream;
-import java.security.Key;
-
-import javax.crypto.Cipher;
-import javax.crypto.SecretKey;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.RecipientOperator;
-import org.bouncycastle.jcajce.io.CipherInputStream;
-import org.bouncycastle.operator.InputDecryptor;
-
-public class JceKEKEnvelopedRecipient
-    extends JceKEKRecipient
-{
-    public JceKEKEnvelopedRecipient(SecretKey recipientKey)
-    {
-        super(recipientKey);
-    }
-
-    public RecipientOperator getRecipientOperator(AlgorithmIdentifier keyEncryptionAlgorithm, final AlgorithmIdentifier contentEncryptionAlgorithm, byte[] encryptedContentEncryptionKey)
-        throws CMSException
-    {
-        Key secretKey = extractSecretKey(keyEncryptionAlgorithm, contentEncryptionAlgorithm, encryptedContentEncryptionKey);
-
-        final Cipher dataCipher = contentHelper.createContentCipher(secretKey, contentEncryptionAlgorithm);
-
-        return new RecipientOperator(new InputDecryptor()
-        {
-            public AlgorithmIdentifier getAlgorithmIdentifier()
-            {
-                return contentEncryptionAlgorithm;
-            }
-
-            public InputStream getInputStream(InputStream dataOut)
-            {
-                return new CipherInputStream(dataOut, dataCipher);
-            }
-        });
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKEKRecipient.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKEKRecipient.java
deleted file mode 100644
index d0e4164..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKEKRecipient.java
+++ /dev/null

@@ -1,119 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.security.Key;
-import java.security.Provider;
-
-import javax.crypto.SecretKey;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.KEKRecipient;
-import org.bouncycastle.operator.OperatorException;
-import org.bouncycastle.operator.SymmetricKeyUnwrapper;
-
-public abstract class JceKEKRecipient
-    implements KEKRecipient
-{
-    private SecretKey recipientKey;
-
-    protected EnvelopedDataHelper helper = new EnvelopedDataHelper(new DefaultJcaJceExtHelper());
-    protected EnvelopedDataHelper contentHelper = helper;
-    protected boolean validateKeySize = false;
-
-    public JceKEKRecipient(SecretKey recipientKey)
-    {
-        this.recipientKey = recipientKey;
-    }
-
-    /**
-     * Set the provider to use for key recovery and content processing.
-     *
-     * @param provider provider to use.
-     * @return this recipient.
-     */
-    public JceKEKRecipient setProvider(Provider provider)
-    {
-        this.helper = new EnvelopedDataHelper(new ProviderJcaJceExtHelper(provider));
-        this.contentHelper = helper;
-
-        return this;
-    }
-
-    /**
-     * Set the provider to use for key recovery and content processing.
-     *
-     * @param providerName the name of the provider to use.
-     * @return this recipient.
-     */
-    public JceKEKRecipient setProvider(String providerName)
-    {
-        this.helper = new EnvelopedDataHelper(new NamedJcaJceExtHelper(providerName));
-        this.contentHelper = helper;
-
-        return this;
-    }
-
-    /**
-     * Set the provider to use for content processing.
-     *
-     * @param provider the provider to use.
-     * @return this recipient.
-     */
-    public JceKEKRecipient setContentProvider(Provider provider)
-    {
-        this.contentHelper = new EnvelopedDataHelper(new ProviderJcaJceExtHelper(provider));
-
-        return this;
-    }
-
-    /**
-     * Set the provider to use for content processing.
-     *
-     * @param providerName the name of the provider to use.
-     * @return this recipient.
-     */
-    public JceKEKRecipient setContentProvider(String providerName)
-    {
-        this.contentHelper = new EnvelopedDataHelper(new NamedJcaJceExtHelper(providerName));
-
-        return this;
-    }
-
-    /**
-     * Set validation of retrieved key sizes against the algorithm parameters for the encrypted key where possible - default is off.
-     * <p>
-     * This setting will not have any affect if the encryption algorithm in the recipient does not specify a particular key size, or
-     * if the unwrapper is a HSM and the byte encoding of the unwrapped secret key is not available.
-     * </p>
-     * @param doValidate true if unwrapped key's should be validated against the content encryption algorithm, false otherwise.
-     * @return this recipient.
-     */
-    public JceKEKRecipient setKeySizeValidation(boolean doValidate)
-    {
-        this.validateKeySize = doValidate;
-
-        return this;
-    }
-
-    protected Key extractSecretKey(AlgorithmIdentifier keyEncryptionAlgorithm, AlgorithmIdentifier encryptedKeyAlgorithm, byte[] encryptedContentEncryptionKey)
-        throws CMSException
-    {
-        SymmetricKeyUnwrapper unwrapper = helper.createSymmetricUnwrapper(keyEncryptionAlgorithm, recipientKey);
-
-        try
-        {
-            Key key =  helper.getJceKey(encryptedKeyAlgorithm.getAlgorithm(), unwrapper.generateUnwrappedKey(encryptedKeyAlgorithm, encryptedContentEncryptionKey));
-
-            if (validateKeySize)
-            {
-                helper.keySizeCheck(encryptedKeyAlgorithm, key);
-            }
-
-            return key;
-        }
-        catch (OperatorException e)
-        {
-            throw new CMSException("exception unwrapping key: " + e.getMessage(), e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKEKRecipientInfoGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKEKRecipientInfoGenerator.java
deleted file mode 100644
index 15ec8ff..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKEKRecipientInfoGenerator.java
+++ /dev/null

@@ -1,45 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.security.Provider;
-import java.security.SecureRandom;
-
-import javax.crypto.SecretKey;
-
-import org.bouncycastle.asn1.cms.KEKIdentifier;
-import org.bouncycastle.cms.KEKRecipientInfoGenerator;
-import org.bouncycastle.operator.jcajce.JceSymmetricKeyWrapper;
-
-public class JceKEKRecipientInfoGenerator
-    extends KEKRecipientInfoGenerator
-{
-    public JceKEKRecipientInfoGenerator(KEKIdentifier kekIdentifier, SecretKey keyEncryptionKey)
-    {
-        super(kekIdentifier, new JceSymmetricKeyWrapper(keyEncryptionKey));
-    }
-
-    public JceKEKRecipientInfoGenerator(byte[] keyIdentifier, SecretKey keyEncryptionKey)
-    {
-        this(new KEKIdentifier(keyIdentifier, null, null), keyEncryptionKey);
-    }
-
-    public JceKEKRecipientInfoGenerator setProvider(Provider provider)
-    {
-        ((JceSymmetricKeyWrapper)this.wrapper).setProvider(provider);
-
-        return this;
-    }
-
-    public JceKEKRecipientInfoGenerator setProvider(String providerName)
-    {
-        ((JceSymmetricKeyWrapper)this.wrapper).setProvider(providerName);
-
-        return this;
-    }
-
-    public JceKEKRecipientInfoGenerator setSecureRandom(SecureRandom random)
-    {
-        ((JceSymmetricKeyWrapper)this.wrapper).setSecureRandom(random);
-
-        return this;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKTSKeyTransAuthenticatedRecipient.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKTSKeyTransAuthenticatedRecipient.java
deleted file mode 100644
index 1d1d2a9..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKTSKeyTransAuthenticatedRecipient.java
+++ /dev/null

@@ -1,64 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.security.Key;
-import java.security.PrivateKey;
-
-import javax.crypto.Mac;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.KeyTransRecipientId;
-import org.bouncycastle.cms.RecipientOperator;
-import org.bouncycastle.jcajce.io.MacOutputStream;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.MacCalculator;
-import org.bouncycastle.operator.jcajce.JceGenericKey;
-
-
-/**
- * the KeyTransRecipient class for a recipient who has been sent secret
- * key material encrypted using their public key that needs to be used to
- * derive a key and authenticate a message.
- */
-public class JceKTSKeyTransAuthenticatedRecipient
-    extends JceKTSKeyTransRecipient
-{
-    public JceKTSKeyTransAuthenticatedRecipient(PrivateKey recipientKey, KeyTransRecipientId recipientId)
-        throws IOException
-    {
-        super(recipientKey, getPartyVInfoFromRID(recipientId));
-    }
-
-    public RecipientOperator getRecipientOperator(AlgorithmIdentifier keyEncryptionAlgorithm, final AlgorithmIdentifier contentMacAlgorithm, byte[] encryptedContentEncryptionKey)
-        throws CMSException
-    {
-        final Key secretKey = extractSecretKey(keyEncryptionAlgorithm, contentMacAlgorithm, encryptedContentEncryptionKey);
-
-        final Mac dataMac = contentHelper.createContentMac(secretKey, contentMacAlgorithm);
-
-        return new RecipientOperator(new MacCalculator()
-        {
-            public AlgorithmIdentifier getAlgorithmIdentifier()
-            {
-                return contentMacAlgorithm;
-            }
-
-            public GenericKey getKey()
-            {
-                return new JceGenericKey(contentMacAlgorithm, secretKey);
-            }
-
-            public OutputStream getOutputStream()
-            {
-                return new MacOutputStream(dataMac);
-            }
-
-            public byte[] getMac()
-            {
-                return dataMac.doFinal();
-            }
-        });
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKTSKeyTransEnvelopedRecipient.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKTSKeyTransEnvelopedRecipient.java
deleted file mode 100644
index 8568f82..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKTSKeyTransEnvelopedRecipient.java
+++ /dev/null

@@ -1,51 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.Key;
-import java.security.PrivateKey;
-
-import javax.crypto.Cipher;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.KeyTransRecipientId;
-import org.bouncycastle.cms.RecipientOperator;
-import org.bouncycastle.jcajce.io.CipherInputStream;
-import org.bouncycastle.operator.InputDecryptor;
-
-/**
- * the KeyTransRecipient class for a recipient who has been sent secret
- * key material encrypted using their public key that needs to be used to
- * derive a key and extract a message.
- */
-public class JceKTSKeyTransEnvelopedRecipient
-    extends JceKTSKeyTransRecipient
-{
-    public JceKTSKeyTransEnvelopedRecipient(PrivateKey recipientKey, KeyTransRecipientId recipientId)
-        throws IOException
-    {
-        super(recipientKey, getPartyVInfoFromRID(recipientId));
-    }
-
-    public RecipientOperator getRecipientOperator(AlgorithmIdentifier keyEncryptionAlgorithm, final AlgorithmIdentifier contentEncryptionAlgorithm, byte[] encryptedContentEncryptionKey)
-        throws CMSException
-    {
-        Key secretKey = extractSecretKey(keyEncryptionAlgorithm, contentEncryptionAlgorithm, encryptedContentEncryptionKey);
-
-        final Cipher dataCipher = contentHelper.createContentCipher(secretKey, contentEncryptionAlgorithm);
-
-        return new RecipientOperator(new InputDecryptor()
-        {
-            public AlgorithmIdentifier getAlgorithmIdentifier()
-            {
-                return contentEncryptionAlgorithm;
-            }
-
-            public InputStream getInputStream(InputStream dataIn)
-            {
-                return new CipherInputStream(dataIn, dataCipher);
-            }
-        });
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKTSKeyTransRecipient.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKTSKeyTransRecipient.java
deleted file mode 100644
index 147c6a1..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKTSKeyTransRecipient.java
+++ /dev/null

@@ -1,168 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.io.IOException;
-import java.security.Key;
-import java.security.PrivateKey;
-import java.security.Provider;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.KeyTransRecipient;
-import org.bouncycastle.cms.KeyTransRecipientId;
-import org.bouncycastle.operator.OperatorException;
-import org.bouncycastle.operator.jcajce.JceKTSKeyUnwrapper;
-import org.bouncycastle.util.encoders.Hex;
-
-public abstract class JceKTSKeyTransRecipient
-    implements KeyTransRecipient
-{
-    private static final byte[] ANONYMOUS_SENDER = Hex.decode("0c14416e6f6e796d6f75732053656e64657220202020");   // "Anonymous Sender    "
-    private final byte[] partyVInfo;
-
-    private PrivateKey recipientKey;
-
-    protected EnvelopedDataHelper helper = new EnvelopedDataHelper(new DefaultJcaJceExtHelper());
-    protected EnvelopedDataHelper contentHelper = helper;
-    protected Map extraMappings = new HashMap();
-    protected boolean validateKeySize = false;
-    protected boolean unwrappedKeyMustBeEncodable;
-
-    public JceKTSKeyTransRecipient(PrivateKey recipientKey, byte[] partyVInfo)
-    {
-        this.recipientKey = recipientKey;
-        this.partyVInfo = partyVInfo;
-    }
-
-    /**
-     * Set the provider to use for key recovery and content processing.
-     *
-     * @param provider provider to use.
-     * @return this recipient.
-     */
-    public JceKTSKeyTransRecipient setProvider(Provider provider)
-    {
-        this.helper = new EnvelopedDataHelper(new ProviderJcaJceExtHelper(provider));
-        this.contentHelper = helper;
-
-        return this;
-    }
-
-    /**
-     * Set the provider to use for key recovery and content processing.
-     *
-     * @param providerName the name of the provider to use.
-     * @return this recipient.
-     */
-    public JceKTSKeyTransRecipient setProvider(String providerName)
-    {
-        this.helper = new EnvelopedDataHelper(new NamedJcaJceExtHelper(providerName));
-        this.contentHelper = helper;
-
-        return this;
-    }
-
-    /**
-     * Internally algorithm ids are converted into cipher names using a lookup table. For some providers
-     * the standard lookup table won't work. Use this method to establish a specific mapping from an
-     * algorithm identifier to a specific algorithm.
-     * <p>
-     *     For example:
-     * <pre>
-     *     unwrapper.setAlgorithmMapping(PKCSObjectIdentifiers.rsaEncryption, "RSA");
-     * </pre>
-     * @param algorithm  OID of algorithm in recipient.
-     * @param algorithmName JCE algorithm name to use.
-     * @return the current Recipient.
-     */
-    public JceKTSKeyTransRecipient setAlgorithmMapping(ASN1ObjectIdentifier algorithm, String algorithmName)
-    {
-        extraMappings.put(algorithm, algorithmName);
-
-        return this;
-    }
-
-    /**
-     * Set the provider to use for content processing.  If providerName is null a "no provider" search will be
-     * used to satisfy getInstance calls.
-     *
-     * @param provider the provider to use.
-     * @return this recipient.
-     */
-    public JceKTSKeyTransRecipient setContentProvider(Provider provider)
-    {
-        this.contentHelper = CMSUtils.createContentHelper(provider);
-
-        return this;
-    }
-
-    /**
-     * Set the provider to use for content processing.  If providerName is null a "no provider" search will be
-     *  used to satisfy getInstance calls.
-     *
-     * @param providerName the name of the provider to use.
-     * @return this recipient.
-     */
-    public JceKTSKeyTransRecipient setContentProvider(String providerName)
-    {
-        this.contentHelper = CMSUtils.createContentHelper(providerName);
-
-        return this;
-    }
-
-    /**
-     * Set validation of retrieved key sizes against the algorithm parameters for the encrypted key where possible - default is off.
-     * <p>
-     * This setting will not have any affect if the encryption algorithm in the recipient does not specify a particular key size, or
-     * if the unwrapper is a HSM and the byte encoding of the unwrapped secret key is not available.
-     * </p>
-     * @param doValidate true if unwrapped key's should be validated against the content encryption algorithm, false otherwise.
-     * @return this recipient.
-     */
-    public JceKTSKeyTransRecipient setKeySizeValidation(boolean doValidate)
-    {
-        this.validateKeySize = doValidate;
-
-        return this;
-    }
-
-    protected Key extractSecretKey(AlgorithmIdentifier keyEncryptionAlgorithm, AlgorithmIdentifier encryptedKeyAlgorithm, byte[] encryptedEncryptionKey)
-        throws CMSException
-    {
-        JceKTSKeyUnwrapper unwrapper = helper.createAsymmetricUnwrapper(keyEncryptionAlgorithm, recipientKey, ANONYMOUS_SENDER, partyVInfo);
-
-        try
-        {
-            Key key = helper.getJceKey(encryptedKeyAlgorithm.getAlgorithm(), unwrapper.generateUnwrappedKey(encryptedKeyAlgorithm, encryptedEncryptionKey));
-
-            if (validateKeySize)
-            {
-                helper.keySizeCheck(encryptedKeyAlgorithm, key);
-            }
-
-            return key;
-        }
-        catch (OperatorException e)
-        {
-            throw new CMSException("exception unwrapping key: " + e.getMessage(), e);
-        }
-    }
-
-    protected static byte[] getPartyVInfoFromRID(KeyTransRecipientId recipientId)
-        throws IOException
-    {
-        if (recipientId.getSerialNumber() != null)
-        {
-            return new IssuerAndSerialNumber(recipientId.getIssuer(), recipientId.getSerialNumber()).getEncoded(ASN1Encoding.DER);
-        }
-        else
-        {
-            return new DEROctetString(recipientId.getSubjectKeyIdentifier()).getEncoded();
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKTSKeyTransRecipientInfoGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKTSKeyTransRecipientInfoGenerator.java
deleted file mode 100644
index 7a440b4..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKTSKeyTransRecipientInfoGenerator.java
+++ /dev/null

@@ -1,115 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.io.IOException;
-import java.security.Provider;
-import java.security.PublicKey;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.X509Certificate;
-
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
-import org.bouncycastle.cms.KeyTransRecipientInfoGenerator;
-import org.bouncycastle.operator.jcajce.JceAsymmetricKeyWrapper;
-import org.bouncycastle.operator.jcajce.JceKTSKeyWrapper;
-import org.bouncycastle.util.encoders.Hex;
-
-public class JceKTSKeyTransRecipientInfoGenerator
-    extends KeyTransRecipientInfoGenerator
-{
-    private static final byte[] ANONYMOUS_SENDER = Hex.decode("0c14416e6f6e796d6f75732053656e64657220202020");   // "Anonymous Sender    "
-
-    private JceKTSKeyTransRecipientInfoGenerator(X509Certificate recipientCert, IssuerAndSerialNumber recipientID, String symmetricWrappingAlg, int keySizeInBits)
-        throws CertificateEncodingException
-    {
-        super(recipientID, new JceKTSKeyWrapper(recipientCert, symmetricWrappingAlg, keySizeInBits, ANONYMOUS_SENDER, getEncodedRecipID(recipientID)));
-    }
-
-    public JceKTSKeyTransRecipientInfoGenerator(X509Certificate recipientCert, String symmetricWrappingAlg, int keySizeInBits)
-        throws CertificateEncodingException
-    {
-        this(recipientCert, new IssuerAndSerialNumber(new JcaX509CertificateHolder(recipientCert).toASN1Structure()), symmetricWrappingAlg, keySizeInBits);
-    }
-
-    public JceKTSKeyTransRecipientInfoGenerator(byte[] subjectKeyIdentifier, PublicKey publicKey, String symmetricWrappingAlg, int keySizeInBits)
-    {
-        super(subjectKeyIdentifier, new JceKTSKeyWrapper(publicKey, symmetricWrappingAlg, keySizeInBits, ANONYMOUS_SENDER, getEncodedSubKeyId(subjectKeyIdentifier)));
-    }
-
-    private static byte[] getEncodedRecipID(IssuerAndSerialNumber recipientID)
-        throws CertificateEncodingException
-    {
-        try
-        {
-            return recipientID.getEncoded(ASN1Encoding.DER);
-        }
-        catch (final IOException e)
-        {
-            throw new CertificateEncodingException("Cannot process extracted IssuerAndSerialNumber: " + e.getMessage())
-            {
-                public Throwable getCause()
-                {
-                    return e;
-                }
-            };
-        }
-    }
-
-    private static byte[] getEncodedSubKeyId(byte[] subjectKeyIdentifier)
-    {
-        try
-        {
-            return new DEROctetString(subjectKeyIdentifier).getEncoded();
-        }
-        catch (final IOException e)
-        {
-            throw new IllegalArgumentException("Cannot process subject key identifier: " + e.getMessage())
-            {
-                public Throwable getCause()
-                {
-                    return e;
-                }
-            };
-        }
-    }
-
-    /**
-     * Create a generator overriding the algorithm type implied by the public key in the certificate passed in.
-     *
-     * @param recipientCert       certificate carrying the public key.
-     * @param algorithmIdentifier the identifier and parameters for the encryption algorithm to be used.
-     */
-    public JceKTSKeyTransRecipientInfoGenerator(X509Certificate recipientCert, AlgorithmIdentifier algorithmIdentifier)
-        throws CertificateEncodingException
-    {
-        super(new IssuerAndSerialNumber(new JcaX509CertificateHolder(recipientCert).toASN1Structure()), new JceAsymmetricKeyWrapper(algorithmIdentifier, recipientCert.getPublicKey()));
-    }
-
-    /**
-     * Create a generator overriding the algorithm type implied by the public key passed in.
-     *
-     * @param subjectKeyIdentifier the subject key identifier value to associate with the public key.
-     * @param algorithmIdentifier  the identifier and parameters for the encryption algorithm to be used.
-     * @param publicKey            the public key to use.
-     */
-    public JceKTSKeyTransRecipientInfoGenerator(byte[] subjectKeyIdentifier, AlgorithmIdentifier algorithmIdentifier, PublicKey publicKey)
-    {
-        super(subjectKeyIdentifier, new JceAsymmetricKeyWrapper(algorithmIdentifier, publicKey));
-    }
-
-    public JceKTSKeyTransRecipientInfoGenerator setProvider(String providerName)
-    {
-        ((JceKTSKeyWrapper)this.wrapper).setProvider(providerName);
-
-        return this;
-    }
-
-    public JceKTSKeyTransRecipientInfoGenerator setProvider(Provider provider)
-    {
-        ((JceKTSKeyWrapper)this.wrapper).setProvider(provider);
-
-        return this;
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyAgreeAuthenticatedRecipient.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyAgreeAuthenticatedRecipient.java
deleted file mode 100644
index d231f56..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyAgreeAuthenticatedRecipient.java
+++ /dev/null

@@ -1,57 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.io.OutputStream;
-import java.security.Key;
-import java.security.PrivateKey;
-
-import javax.crypto.Mac;
-
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.RecipientOperator;
-import org.bouncycastle.jcajce.io.MacOutputStream;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.MacCalculator;
-import org.bouncycastle.operator.jcajce.JceGenericKey;
-
-public class JceKeyAgreeAuthenticatedRecipient
-    extends JceKeyAgreeRecipient
-{
-    public JceKeyAgreeAuthenticatedRecipient(PrivateKey recipientKey)
-    {
-        super(recipientKey);
-    }
-
-    public RecipientOperator getRecipientOperator(AlgorithmIdentifier keyEncryptionAlgorithm, final AlgorithmIdentifier contentMacAlgorithm, SubjectPublicKeyInfo senderPublicKey, ASN1OctetString userKeyingMaterial, byte[] encryptedContentKey)
-        throws CMSException
-    {
-        final Key secretKey = extractSecretKey(keyEncryptionAlgorithm, contentMacAlgorithm, senderPublicKey, userKeyingMaterial, encryptedContentKey);
-
-        final Mac dataMac = contentHelper.createContentMac(secretKey, contentMacAlgorithm);
-
-        return new RecipientOperator(new MacCalculator()
-        {
-            public AlgorithmIdentifier getAlgorithmIdentifier()
-            {
-                return contentMacAlgorithm;
-            }
-
-            public GenericKey getKey()
-            {
-                return new JceGenericKey(contentMacAlgorithm, secretKey);
-            }
-
-            public OutputStream getOutputStream()
-            {
-                return new MacOutputStream(dataMac);
-            }
-
-            public byte[] getMac()
-            {
-                return dataMac.doFinal();
-            }
-        });
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyAgreeEnvelopedRecipient.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyAgreeEnvelopedRecipient.java
deleted file mode 100644
index e0b9927..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyAgreeEnvelopedRecipient.java
+++ /dev/null

@@ -1,45 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.io.InputStream;
-import java.security.Key;
-import java.security.PrivateKey;
-
-import javax.crypto.Cipher;
-
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.RecipientOperator;
-import org.bouncycastle.jcajce.io.CipherInputStream;
-import org.bouncycastle.operator.InputDecryptor;
-
-public class JceKeyAgreeEnvelopedRecipient
-    extends JceKeyAgreeRecipient
-{
-    public JceKeyAgreeEnvelopedRecipient(PrivateKey recipientKey)
-    {
-        super(recipientKey);
-    }
-
-    public RecipientOperator getRecipientOperator(AlgorithmIdentifier keyEncryptionAlgorithm, final AlgorithmIdentifier contentEncryptionAlgorithm, SubjectPublicKeyInfo senderPublicKey, ASN1OctetString userKeyingMaterial, byte[] encryptedContentKey)
-        throws CMSException
-    {
-        Key secretKey = extractSecretKey(keyEncryptionAlgorithm, contentEncryptionAlgorithm, senderPublicKey, userKeyingMaterial, encryptedContentKey);
-
-        final Cipher dataCipher = contentHelper.createContentCipher(secretKey, contentEncryptionAlgorithm);
-
-        return new RecipientOperator(new InputDecryptor()
-        {
-            public AlgorithmIdentifier getAlgorithmIdentifier()
-            {
-                return contentEncryptionAlgorithm;
-            }
-
-            public InputStream getInputStream(InputStream dataOut)
-            {
-                return new CipherInputStream(dataOut, dataCipher);
-            }
-        });
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyAgreeRecipient.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyAgreeRecipient.java
deleted file mode 100644
index f46f05d..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyAgreeRecipient.java
+++ /dev/null

@@ -1,301 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.io.IOException;
-import java.security.GeneralSecurityException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.KeyFactory;
-import java.security.NoSuchAlgorithmException;
-import java.security.PrivateKey;
-import java.security.Provider;
-import java.security.PublicKey;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.X509EncodedKeySpec;
-import java.util.HashSet;
-import java.util.Set;
-
-import javax.crypto.Cipher;
-import javax.crypto.KeyAgreement;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.SecretKey;
-
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.cms.ecc.ECCCMSSharedInfo;
-import org.bouncycastle.asn1.cms.ecc.MQVuserKeyingMaterial;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.Gost2814789EncryptedKey;
-import org.bouncycastle.asn1.cryptopro.Gost2814789KeyWrapParameters;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.KeyAgreeRecipient;
-import org.bouncycastle.jcajce.spec.GOST28147WrapParameterSpec;
-import org.bouncycastle.jcajce.spec.MQVParameterSpec;
-import org.bouncycastle.jcajce.spec.UserKeyingMaterialSpec;
-import org.bouncycastle.operator.DefaultSecretKeySizeProvider;
-import org.bouncycastle.operator.SecretKeySizeProvider;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Pack;
-
-public abstract class JceKeyAgreeRecipient
-    implements KeyAgreeRecipient
-{
-    private static final Set possibleOldMessages = new HashSet();
-
-    static
-    {
-        possibleOldMessages.add(X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme);
-        possibleOldMessages.add(X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme);
-    }
-
-    private PrivateKey recipientKey;
-    protected EnvelopedDataHelper helper = new EnvelopedDataHelper(new DefaultJcaJceExtHelper());
-    protected EnvelopedDataHelper contentHelper = helper;
-    private SecretKeySizeProvider keySizeProvider = new DefaultSecretKeySizeProvider();
-
-
-    public JceKeyAgreeRecipient(PrivateKey recipientKey)
-    {
-        this.recipientKey = recipientKey;
-    }
-
-    /**
-     * Set the provider to use for key recovery and content processing.
-     *
-     * @param provider provider to use.
-     * @return this recipient.
-     */
-    public JceKeyAgreeRecipient setProvider(Provider provider)
-    {
-        this.helper = new EnvelopedDataHelper(new ProviderJcaJceExtHelper(provider));
-        this.contentHelper = helper;
-
-        return this;
-    }
-
-    /**
-     * Set the provider to use for key recovery and content processing.
-     *
-     * @param providerName the name of the provider to use.
-     * @return this recipient.
-     */
-    public JceKeyAgreeRecipient setProvider(String providerName)
-    {
-        this.helper = new EnvelopedDataHelper(new NamedJcaJceExtHelper(providerName));
-        this.contentHelper = helper;
-
-        return this;
-    }
-
-    /**
-     * Set the provider to use for content processing.  If providerName is null a "no provider" search will be
-     *  used to satisfy getInstance calls.
-     *
-     * @param provider the provider to use.
-     * @return this recipient.
-     */
-    public JceKeyAgreeRecipient setContentProvider(Provider provider)
-    {
-        this.contentHelper = CMSUtils.createContentHelper(provider);
-
-        return this;
-    }
-
-    /**
-     * Set the provider to use for content processing. If providerName is null a "no provider" search will be
-     * used to satisfy getInstance calls.
-     *
-     * @param providerName the name of the provider to use.
-     * @return this recipient.
-     */
-    public JceKeyAgreeRecipient setContentProvider(String providerName)
-    {
-        this.contentHelper = CMSUtils.createContentHelper(providerName);
-
-        return this;
-    }
-
-    private SecretKey calculateAgreedWrapKey(AlgorithmIdentifier keyEncAlg, AlgorithmIdentifier wrapAlg,
-        PublicKey senderPublicKey, ASN1OctetString userKeyingMaterial, PrivateKey receiverPrivateKey, KeyMaterialGenerator kmGen)
-        throws CMSException, GeneralSecurityException, IOException
-    {
-        if (CMSUtils.isMQV(keyEncAlg.getAlgorithm()))
-        {
-            MQVuserKeyingMaterial ukm = MQVuserKeyingMaterial.getInstance(userKeyingMaterial.getOctets());
-
-            SubjectPublicKeyInfo pubInfo = new SubjectPublicKeyInfo(
-                                                getPrivateKeyAlgorithmIdentifier(),
-                                                ukm.getEphemeralPublicKey().getPublicKey().getBytes());
-
-            X509EncodedKeySpec pubSpec = new X509EncodedKeySpec(pubInfo.getEncoded());
-            KeyFactory fact = helper.createKeyFactory(keyEncAlg.getAlgorithm());
-            PublicKey ephemeralKey = fact.generatePublic(pubSpec);
-
-            KeyAgreement agreement = helper.createKeyAgreement(keyEncAlg.getAlgorithm());
-
-            byte[] ukmKeyingMaterial = (ukm.getAddedukm() != null) ? ukm.getAddedukm().getOctets() : null;
-            if (kmGen == old_ecc_cms_Generator)
-            {
-                ukmKeyingMaterial = old_ecc_cms_Generator.generateKDFMaterial(wrapAlg, keySizeProvider.getKeySize(wrapAlg), ukmKeyingMaterial);
-            }
-
-            agreement.init(receiverPrivateKey, new MQVParameterSpec(receiverPrivateKey, ephemeralKey, ukmKeyingMaterial));
-            agreement.doPhase(senderPublicKey, true);
-
-            return agreement.generateSecret(wrapAlg.getAlgorithm().getId());
-        }
-        else
-        {
-            KeyAgreement agreement = helper.createKeyAgreement(keyEncAlg.getAlgorithm());
-
-            UserKeyingMaterialSpec userKeyingMaterialSpec = null;
-
-            if (CMSUtils.isEC(keyEncAlg.getAlgorithm()))
-            {
-                if (userKeyingMaterial != null)
-                {
-                    byte[] ukmKeyingMaterial = kmGen.generateKDFMaterial(wrapAlg, keySizeProvider.getKeySize(wrapAlg), userKeyingMaterial.getOctets());
-
-                    userKeyingMaterialSpec = new UserKeyingMaterialSpec(ukmKeyingMaterial);
-                }
-                else
-                {
-                    byte[] ukmKeyingMaterial = kmGen.generateKDFMaterial(wrapAlg, keySizeProvider.getKeySize(wrapAlg), null);
-
-                    userKeyingMaterialSpec = new UserKeyingMaterialSpec(ukmKeyingMaterial);
-                }
-            }
-            else if (CMSUtils.isRFC2631(keyEncAlg.getAlgorithm()))
-            {
-                if (userKeyingMaterial != null)
-                {
-                    userKeyingMaterialSpec = new UserKeyingMaterialSpec(userKeyingMaterial.getOctets());
-                }
-            }
-            else if (CMSUtils.isGOST(keyEncAlg.getAlgorithm()))
-            {
-                if (userKeyingMaterial != null)
-                {
-                    userKeyingMaterialSpec = new UserKeyingMaterialSpec(userKeyingMaterial.getOctets());
-                }
-            }
-            else
-            {
-                throw new CMSException("Unknown key agreement algorithm: " + keyEncAlg.getAlgorithm());
-            }
-
-            agreement.init(receiverPrivateKey, userKeyingMaterialSpec);
-
-            agreement.doPhase(senderPublicKey, true);
-
-            return agreement.generateSecret(wrapAlg.getAlgorithm().getId());
-        }
-    }
-
-    private Key unwrapSessionKey(ASN1ObjectIdentifier wrapAlg, SecretKey agreedKey, ASN1ObjectIdentifier contentEncryptionAlgorithm, byte[] encryptedContentEncryptionKey)
-        throws CMSException, InvalidKeyException, NoSuchAlgorithmException
-    {
-        Cipher keyCipher = helper.createCipher(wrapAlg);
-        keyCipher.init(Cipher.UNWRAP_MODE, agreedKey);
-        return keyCipher.unwrap(encryptedContentEncryptionKey, helper.getBaseCipherName(contentEncryptionAlgorithm), Cipher.SECRET_KEY);
-    }
-
-    protected Key extractSecretKey(AlgorithmIdentifier keyEncryptionAlgorithm, AlgorithmIdentifier contentEncryptionAlgorithm, SubjectPublicKeyInfo senderKey, ASN1OctetString userKeyingMaterial, byte[] encryptedContentEncryptionKey)
-        throws CMSException
-    {
-        try
-        {
-            AlgorithmIdentifier wrapAlg =
-                AlgorithmIdentifier.getInstance(keyEncryptionAlgorithm.getParameters());
-
-            X509EncodedKeySpec pubSpec = new X509EncodedKeySpec(senderKey.getEncoded());
-            KeyFactory fact = helper.createKeyFactory(senderKey.getAlgorithm().getAlgorithm());
-            PublicKey senderPublicKey = fact.generatePublic(pubSpec);
-
-            try
-            {
-                SecretKey agreedWrapKey = calculateAgreedWrapKey(keyEncryptionAlgorithm, wrapAlg,
-                    senderPublicKey, userKeyingMaterial, recipientKey, ecc_cms_Generator);
-
-                if (wrapAlg.getAlgorithm().equals(CryptoProObjectIdentifiers.id_Gost28147_89_None_KeyWrap)
-                    || wrapAlg.getAlgorithm().equals(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_KeyWrap))
-                {
-                    Gost2814789EncryptedKey encKey = Gost2814789EncryptedKey.getInstance(encryptedContentEncryptionKey);
-                    Gost2814789KeyWrapParameters wrapParams = Gost2814789KeyWrapParameters.getInstance(wrapAlg.getParameters());
-             
-                    Cipher keyCipher = helper.createCipher(wrapAlg.getAlgorithm());
-
-                    keyCipher.init(Cipher.UNWRAP_MODE, agreedWrapKey, new GOST28147WrapParameterSpec(wrapParams.getEncryptionParamSet(), userKeyingMaterial.getOctets()));
-
-                    return keyCipher.unwrap(Arrays.concatenate(encKey.getEncryptedKey(), encKey.getMacKey()), helper.getBaseCipherName(contentEncryptionAlgorithm.getAlgorithm()), Cipher.SECRET_KEY);
-                }
-
-                return unwrapSessionKey(wrapAlg.getAlgorithm(), agreedWrapKey, contentEncryptionAlgorithm.getAlgorithm(), encryptedContentEncryptionKey);
-            }
-            catch (InvalidKeyException e)
-            {
-                // might be a pre-RFC 5753 message
-                if (possibleOldMessages.contains(keyEncryptionAlgorithm.getAlgorithm()))
-                {
-                    SecretKey agreedWrapKey = calculateAgreedWrapKey(keyEncryptionAlgorithm, wrapAlg,
-                        senderPublicKey, userKeyingMaterial, recipientKey, old_ecc_cms_Generator);
-
-                    return unwrapSessionKey(wrapAlg.getAlgorithm(), agreedWrapKey, contentEncryptionAlgorithm.getAlgorithm(), encryptedContentEncryptionKey);
-                }
-                throw e;
-            }
-        }
-        catch (NoSuchAlgorithmException e)
-        {
-            throw new CMSException("can't find algorithm.", e);
-        }
-        catch (InvalidKeyException e)
-        {
-            throw new CMSException("key invalid in message.", e);
-        }
-        catch (InvalidKeySpecException e)
-        {
-            throw new CMSException("originator key spec invalid.", e);
-        }
-        catch (NoSuchPaddingException e)
-        {
-            throw new CMSException("required padding not supported.", e);
-        }
-        catch (Exception e)
-        {
-            throw new CMSException("originator key invalid.", e);
-        }
-    }
-
-    public AlgorithmIdentifier getPrivateKeyAlgorithmIdentifier()
-    {
-        return PrivateKeyInfo.getInstance(recipientKey.getEncoded()).getPrivateKeyAlgorithm();
-    }
-
-    private static KeyMaterialGenerator old_ecc_cms_Generator = new KeyMaterialGenerator()
-    {
-        public byte[] generateKDFMaterial(AlgorithmIdentifier keyAlgorithm, int keySize, byte[] userKeyMaterialParameters)
-        {
-            ECCCMSSharedInfo eccInfo;
-
-            // this isn't correct with AES and RFC 5753, but we have messages predating it...
-            eccInfo = new ECCCMSSharedInfo(new AlgorithmIdentifier(keyAlgorithm.getAlgorithm(), DERNull.INSTANCE), userKeyMaterialParameters, Pack.intToBigEndian(keySize));
-
-            try
-            {
-                return eccInfo.getEncoded(ASN1Encoding.DER);
-            }
-            catch (IOException e)
-            {
-                throw new IllegalStateException("Unable to create KDF material: " + e);
-            }
-        }
-    };
-
-    private static KeyMaterialGenerator ecc_cms_Generator = new RFC5753KeyMaterialGenerator();
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyAgreeRecipientId.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyAgreeRecipientId.java
deleted file mode 100644
index 56911be..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyAgreeRecipientId.java
+++ /dev/null

@@ -1,23 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.math.BigInteger;
-import java.security.cert.X509Certificate;
-
-import javax.security.auth.x500.X500Principal;
-
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.cms.KeyAgreeRecipientId;
-
-public class JceKeyAgreeRecipientId
-    extends KeyAgreeRecipientId
-{
-    public JceKeyAgreeRecipientId(X509Certificate certificate)
-    {
-        this(certificate.getIssuerX500Principal(), certificate.getSerialNumber());
-    }
-
-    public JceKeyAgreeRecipientId(X500Principal issuer, BigInteger serialNumber)
-    {
-        super(X500Name.getInstance(issuer.getEncoded()), serialNumber);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyAgreeRecipientInfoGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyAgreeRecipientInfoGenerator.java
deleted file mode 100644
index 5e14f1b..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyAgreeRecipientInfoGenerator.java
+++ /dev/null

@@ -1,312 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.io.IOException;
-import java.security.AlgorithmParameters;
-import java.security.GeneralSecurityException;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.PrivateKey;
-import java.security.Provider;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.X509Certificate;
-import java.security.spec.AlgorithmParameterSpec;
-import java.util.ArrayList;
-import java.util.List;
-
-import javax.crypto.Cipher;
-import javax.crypto.KeyAgreement;
-import javax.crypto.SecretKey;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cms.KeyAgreeRecipientIdentifier;
-import org.bouncycastle.asn1.cms.OriginatorPublicKey;
-import org.bouncycastle.asn1.cms.RecipientEncryptedKey;
-import org.bouncycastle.asn1.cms.RecipientKeyIdentifier;
-import org.bouncycastle.asn1.cms.ecc.MQVuserKeyingMaterial;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.Gost2814789EncryptedKey;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.KeyAgreeRecipientInfoGenerator;
-import org.bouncycastle.jcajce.spec.GOST28147WrapParameterSpec;
-import org.bouncycastle.jcajce.spec.MQVParameterSpec;
-import org.bouncycastle.jcajce.spec.UserKeyingMaterialSpec;
-import org.bouncycastle.operator.DefaultSecretKeySizeProvider;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.SecretKeySizeProvider;
-import org.bouncycastle.util.Arrays;
-
-public class JceKeyAgreeRecipientInfoGenerator
-    extends KeyAgreeRecipientInfoGenerator
-{
-    private SecretKeySizeProvider keySizeProvider = new DefaultSecretKeySizeProvider();
-
-    private List recipientIDs = new ArrayList();
-    private List recipientKeys = new ArrayList();
-    private PublicKey senderPublicKey;
-    private PrivateKey senderPrivateKey;
-
-    private EnvelopedDataHelper helper = new EnvelopedDataHelper(new DefaultJcaJceExtHelper());
-    private SecureRandom random;
-    private KeyPair ephemeralKP;
-    private byte[] userKeyingMaterial;
-
-    public JceKeyAgreeRecipientInfoGenerator(ASN1ObjectIdentifier keyAgreementOID, PrivateKey senderPrivateKey, PublicKey senderPublicKey, ASN1ObjectIdentifier keyEncryptionOID)
-    {
-        super(keyAgreementOID, SubjectPublicKeyInfo.getInstance(senderPublicKey.getEncoded()), keyEncryptionOID);
-
-        this.senderPublicKey = senderPublicKey;
-        this.senderPrivateKey = senderPrivateKey;
-    }
-
-    public JceKeyAgreeRecipientInfoGenerator setUserKeyingMaterial(byte[] userKeyingMaterial)
-    {
-        this.userKeyingMaterial = Arrays.clone(userKeyingMaterial);
-
-        return this;
-    }
-
-    public JceKeyAgreeRecipientInfoGenerator setProvider(Provider provider)
-    {
-        this.helper = new EnvelopedDataHelper(new ProviderJcaJceExtHelper(provider));
-
-        return this;
-    }
-
-    public JceKeyAgreeRecipientInfoGenerator setProvider(String providerName)
-    {
-        this.helper = new EnvelopedDataHelper(new NamedJcaJceExtHelper(providerName));
-
-        return this;
-    }
-
-    public JceKeyAgreeRecipientInfoGenerator setSecureRandom(SecureRandom random)
-    {
-        this.random = random;
-
-        return this;
-    }
-
-    /**
-     * Add a recipient based on the passed in certificate's public key and its issuer and serial number.
-     * 
-     * @param recipientCert recipient's certificate
-     * @return the current instance.
-     * @throws CertificateEncodingException  if the necessary data cannot be extracted from the certificate.
-     */
-    public JceKeyAgreeRecipientInfoGenerator addRecipient(X509Certificate recipientCert)
-        throws CertificateEncodingException
-    {
-        recipientIDs.add(new KeyAgreeRecipientIdentifier(CMSUtils.getIssuerAndSerialNumber(recipientCert)));
-        recipientKeys.add(recipientCert.getPublicKey());
-
-        return this;
-    }
-
-    /**
-     * Add a recipient identified by the passed in subjectKeyID and the for the passed in public key.
-     *
-     * @param subjectKeyID identifier actual recipient will use to match the private key.
-     * @param publicKey the public key for encrypting the secret key.
-     * @return the current instance.
-     * @throws CertificateEncodingException
-     */
-    public JceKeyAgreeRecipientInfoGenerator addRecipient(byte[] subjectKeyID, PublicKey publicKey)
-        throws CertificateEncodingException
-    {
-        recipientIDs.add(new KeyAgreeRecipientIdentifier(new RecipientKeyIdentifier(subjectKeyID)));
-        recipientKeys.add(publicKey);
-
-        return this;
-    }
-
-    public ASN1Sequence generateRecipientEncryptedKeys(AlgorithmIdentifier keyAgreeAlgorithm, AlgorithmIdentifier keyEncryptionAlgorithm, GenericKey contentEncryptionKey)
-        throws CMSException
-    {
-        if (recipientIDs.isEmpty())
-        {
-            throw new CMSException("No recipients associated with generator - use addRecipient()");
-        }
-
-        init(keyAgreeAlgorithm.getAlgorithm());
-
-        PrivateKey senderPrivateKey = this.senderPrivateKey;
-
-        ASN1ObjectIdentifier keyAgreementOID = keyAgreeAlgorithm.getAlgorithm();
-
-        ASN1EncodableVector recipientEncryptedKeys = new ASN1EncodableVector();
-        for (int i = 0; i != recipientIDs.size(); i++)
-        {
-            PublicKey recipientPublicKey = (PublicKey)recipientKeys.get(i);
-            KeyAgreeRecipientIdentifier karId = (KeyAgreeRecipientIdentifier)recipientIDs.get(i);
-
-            try
-            {
-                AlgorithmParameterSpec agreementParamSpec;
-                ASN1ObjectIdentifier keyEncAlg = keyEncryptionAlgorithm.getAlgorithm();
-
-                if (CMSUtils.isMQV(keyAgreementOID))
-                {
-                    agreementParamSpec = new MQVParameterSpec(ephemeralKP, recipientPublicKey, userKeyingMaterial);
-                }
-                else if (CMSUtils.isEC(keyAgreementOID))
-                {
-                    byte[] ukmKeyingMaterial = ecc_cms_Generator.generateKDFMaterial(keyEncryptionAlgorithm, keySizeProvider.getKeySize(keyEncAlg), userKeyingMaterial);
-
-                    agreementParamSpec = new UserKeyingMaterialSpec(ukmKeyingMaterial);
-                }
-                else if (CMSUtils.isRFC2631(keyAgreementOID))
-                {
-                    if (userKeyingMaterial != null)
-                    {
-                        agreementParamSpec = new UserKeyingMaterialSpec(userKeyingMaterial);
-                    }
-                    else
-                    {
-                        if (keyAgreementOID.equals(PKCSObjectIdentifiers.id_alg_SSDH))
-                        {
-                            throw new CMSException("User keying material must be set for static keys.");
-                        }
-                        agreementParamSpec = null;
-                    }
-                }
-                else if (CMSUtils.isGOST(keyAgreementOID))
-                {
-                    if (userKeyingMaterial != null)
-                    {
-                        agreementParamSpec = new UserKeyingMaterialSpec(userKeyingMaterial);
-                    }
-                    else
-                    {
-                        throw new CMSException("User keying material must be set for static keys.");
-                    }
-                }
-                else
-                {
-                    throw new CMSException("Unknown key agreement algorithm: " + keyAgreementOID);
-                }
-
-                // Use key agreement to choose a wrap key for this recipient
-                KeyAgreement keyAgreement = helper.createKeyAgreement(keyAgreementOID);
-                keyAgreement.init(senderPrivateKey, agreementParamSpec, random);
-                keyAgreement.doPhase(recipientPublicKey, true);
-
-                SecretKey keyEncryptionKey = keyAgreement.generateSecret(keyEncAlg.getId());
-
-                // Wrap the content encryption key with the agreement key
-                Cipher keyEncryptionCipher = helper.createCipher(keyEncAlg);
-                ASN1OctetString encryptedKey;
-
-                if (keyEncAlg.equals(CryptoProObjectIdentifiers.id_Gost28147_89_None_KeyWrap)
-                    || keyEncAlg.equals(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_KeyWrap))
-                {
-                    keyEncryptionCipher.init(Cipher.WRAP_MODE, keyEncryptionKey, new GOST28147WrapParameterSpec(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_A_ParamSet, userKeyingMaterial));
-
-                    byte[] encKeyBytes = keyEncryptionCipher.wrap(helper.getJceKey(contentEncryptionKey));
-
-                    Gost2814789EncryptedKey encKey = new Gost2814789EncryptedKey(
-                        Arrays.copyOfRange(encKeyBytes, 0, encKeyBytes.length - 4),
-                        Arrays.copyOfRange(encKeyBytes, encKeyBytes.length - 4, encKeyBytes.length));
-
-                    encryptedKey = new DEROctetString(encKey.getEncoded(ASN1Encoding.DER));
-                }
-                else
-                {
-                    keyEncryptionCipher.init(Cipher.WRAP_MODE, keyEncryptionKey, random);
-
-                    byte[] encryptedKeyBytes = keyEncryptionCipher.wrap(helper.getJceKey(contentEncryptionKey));
-
-                    encryptedKey = new DEROctetString(encryptedKeyBytes);
-                }
-
-                recipientEncryptedKeys.add(new RecipientEncryptedKey(karId, encryptedKey));
-            }
-            catch (GeneralSecurityException e)
-            {
-                throw new CMSException("cannot perform agreement step: " + e.getMessage(), e);
-            }
-            catch (IOException e)
-            {
-                throw new CMSException("unable to encode wrapped key: " + e.getMessage(), e);
-            }
-        }
-
-        return new DERSequence(recipientEncryptedKeys);
-    }
-
-    protected byte[] getUserKeyingMaterial(AlgorithmIdentifier keyAgreeAlg)
-        throws CMSException
-    {
-        init(keyAgreeAlg.getAlgorithm());
-
-        if (ephemeralKP != null)
-        {
-            OriginatorPublicKey originatorPublicKey = createOriginatorPublicKey(SubjectPublicKeyInfo.getInstance(ephemeralKP.getPublic().getEncoded()));
-
-            try
-            {
-                if (userKeyingMaterial != null)
-                {
-                    return new MQVuserKeyingMaterial(originatorPublicKey, new DEROctetString(userKeyingMaterial)).getEncoded();
-                }
-                else
-                {
-                    return new MQVuserKeyingMaterial(originatorPublicKey, null).getEncoded();
-                }
-            }
-            catch (IOException e)
-            {
-                throw new CMSException("unable to encode user keying material: " + e.getMessage(), e);
-            }
-        }
-
-        return userKeyingMaterial;
-    }
-
-    private void init(ASN1ObjectIdentifier keyAgreementOID)
-        throws CMSException
-    {
-        if (random == null)
-        {
-            random = new SecureRandom();
-        }
-
-        if (CMSUtils.isMQV(keyAgreementOID))
-        {
-            if (ephemeralKP == null)
-            {
-                try
-                {
-                    SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfo.getInstance(senderPublicKey.getEncoded());
-
-                    AlgorithmParameters ecAlgParams = helper.createAlgorithmParameters(keyAgreementOID);
-
-                    ecAlgParams.init(pubInfo.getAlgorithm().getParameters().toASN1Primitive().getEncoded());
-
-                    KeyPairGenerator ephemKPG = helper.createKeyPairGenerator(keyAgreementOID);
-
-                    ephemKPG.initialize(ecAlgParams.getParameterSpec(AlgorithmParameterSpec.class), random);
-
-                    ephemeralKP = ephemKPG.generateKeyPair();
-                }
-                catch (Exception e)
-                {
-                    throw new CMSException(
-                        "cannot determine MQV ephemeral key pair parameters from public key: " + e, e);
-                }
-            }
-        }
-    }
-
-    private static KeyMaterialGenerator ecc_cms_Generator = new RFC5753KeyMaterialGenerator();
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyTransAuthenticatedRecipient.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyTransAuthenticatedRecipient.java
deleted file mode 100644
index b91ee9b..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyTransAuthenticatedRecipient.java
+++ /dev/null

@@ -1,61 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.io.OutputStream;
-import java.security.Key;
-import java.security.PrivateKey;
-
-import javax.crypto.Mac;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.RecipientOperator;
-import org.bouncycastle.jcajce.io.MacOutputStream;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.MacCalculator;
-import org.bouncycastle.operator.jcajce.JceGenericKey;
-
-
-/**
- * the KeyTransRecipientInformation class for a recipient who has been sent a secret
- * key encrypted using their public key that needs to be used to
- * extract the message.
- */
-public class JceKeyTransAuthenticatedRecipient
-    extends JceKeyTransRecipient
-{
-    public JceKeyTransAuthenticatedRecipient(PrivateKey recipientKey)
-    {
-        super(recipientKey);
-    }
-
-    public RecipientOperator getRecipientOperator(AlgorithmIdentifier keyEncryptionAlgorithm, final AlgorithmIdentifier contentMacAlgorithm, byte[] encryptedContentEncryptionKey)
-        throws CMSException
-    {
-        final Key secretKey = extractSecretKey(keyEncryptionAlgorithm, contentMacAlgorithm, encryptedContentEncryptionKey);
-
-        final Mac dataMac = contentHelper.createContentMac(secretKey, contentMacAlgorithm);
-
-        return new RecipientOperator(new MacCalculator()
-        {
-            public AlgorithmIdentifier getAlgorithmIdentifier()
-            {
-                return contentMacAlgorithm;
-            }
-
-            public GenericKey getKey()
-            {
-                return new JceGenericKey(contentMacAlgorithm, secretKey);
-            }
-
-            public OutputStream getOutputStream()
-            {
-                return new MacOutputStream(dataMac);
-            }
-
-            public byte[] getMac()
-            {
-                return dataMac.doFinal();
-            }
-        });
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyTransEnvelopedRecipient.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyTransEnvelopedRecipient.java
deleted file mode 100644
index 79e9c02..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyTransEnvelopedRecipient.java
+++ /dev/null

@@ -1,43 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.io.InputStream;
-import java.security.Key;
-import java.security.PrivateKey;
-
-import javax.crypto.Cipher;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.RecipientOperator;
-import org.bouncycastle.jcajce.io.CipherInputStream;
-import org.bouncycastle.operator.InputDecryptor;
-
-public class JceKeyTransEnvelopedRecipient
-    extends JceKeyTransRecipient
-{
-    public JceKeyTransEnvelopedRecipient(PrivateKey recipientKey)
-    {
-        super(recipientKey);
-    }
-
-    public RecipientOperator getRecipientOperator(AlgorithmIdentifier keyEncryptionAlgorithm, final AlgorithmIdentifier contentEncryptionAlgorithm, byte[] encryptedContentEncryptionKey)
-        throws CMSException
-    {
-        Key secretKey = extractSecretKey(keyEncryptionAlgorithm, contentEncryptionAlgorithm, encryptedContentEncryptionKey);
-
-        final Cipher dataCipher = contentHelper.createContentCipher(secretKey, contentEncryptionAlgorithm);
-
-        return new RecipientOperator(new InputDecryptor()
-        {
-            public AlgorithmIdentifier getAlgorithmIdentifier()
-            {
-                return contentEncryptionAlgorithm;
-            }
-
-            public InputStream getInputStream(InputStream dataIn)
-            {
-                return new CipherInputStream(dataIn, dataCipher);
-            }
-        });
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyTransRecipient.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyTransRecipient.java
deleted file mode 100644
index a152b95..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyTransRecipient.java
+++ /dev/null

@@ -1,223 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.security.Key;
-import java.security.KeyFactory;
-import java.security.PrivateKey;
-import java.security.Provider;
-import java.security.PublicKey;
-import java.security.spec.X509EncodedKeySpec;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.Map;
-
-import javax.crypto.Cipher;
-import javax.crypto.KeyAgreement;
-import javax.crypto.SecretKey;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.Gost2814789EncryptedKey;
-import org.bouncycastle.asn1.cryptopro.GostR3410KeyTransport;
-import org.bouncycastle.asn1.cryptopro.GostR3410TransportParameters;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.KeyTransRecipient;
-import org.bouncycastle.jcajce.spec.GOST28147WrapParameterSpec;
-import org.bouncycastle.jcajce.spec.UserKeyingMaterialSpec;
-import org.bouncycastle.operator.OperatorException;
-import org.bouncycastle.operator.jcajce.JceAsymmetricKeyUnwrapper;
-import org.bouncycastle.util.Arrays;
-
-public abstract class JceKeyTransRecipient
-    implements KeyTransRecipient
-{
-    private PrivateKey recipientKey;
-
-    protected EnvelopedDataHelper helper = new EnvelopedDataHelper(new DefaultJcaJceExtHelper());
-    protected EnvelopedDataHelper contentHelper = helper;
-    protected Map extraMappings = new HashMap();
-    protected boolean validateKeySize = false;
-    protected boolean unwrappedKeyMustBeEncodable;
-
-    public JceKeyTransRecipient(PrivateKey recipientKey)
-    {
-        this.recipientKey = recipientKey;
-    }
-
-    /**
-     * Set the provider to use for key recovery and content processing.
-     *
-     * @param provider provider to use.
-     * @return this recipient.
-     */
-    public JceKeyTransRecipient setProvider(Provider provider)
-    {
-        this.helper = new EnvelopedDataHelper(new ProviderJcaJceExtHelper(provider));
-        this.contentHelper = helper;
-
-        return this;
-    }
-
-    /**
-     * Set the provider to use for key recovery and content processing.
-     *
-     * @param providerName the name of the provider to use.
-     * @return this recipient.
-     */
-    public JceKeyTransRecipient setProvider(String providerName)
-    {
-        this.helper = new EnvelopedDataHelper(new NamedJcaJceExtHelper(providerName));
-        this.contentHelper = helper;
-
-        return this;
-    }
-
-    /**
-     * Internally algorithm ids are converted into cipher names using a lookup table. For some providers
-     * the standard lookup table won't work. Use this method to establish a specific mapping from an
-     * algorithm identifier to a specific algorithm.
-     * <p>
-     * For example:
-     * <pre>
-     *     unwrapper.setAlgorithmMapping(PKCSObjectIdentifiers.rsaEncryption, "RSA");
-     * </pre>
-     *
-     * @param algorithm     OID of algorithm in recipient.
-     * @param algorithmName JCE algorithm name to use.
-     * @return the current Recipient.
-     */
-    public JceKeyTransRecipient setAlgorithmMapping(ASN1ObjectIdentifier algorithm, String algorithmName)
-    {
-        extraMappings.put(algorithm, algorithmName);
-
-        return this;
-    }
-
-    /**
-     * Set the provider to use for content processing.  If providerName is null a "no provider" search will be
-     * used to satisfy getInstance calls.
-     *
-     * @param provider the provider to use.
-     * @return this recipient.
-     */
-    public JceKeyTransRecipient setContentProvider(Provider provider)
-    {
-        this.contentHelper = CMSUtils.createContentHelper(provider);
-
-        return this;
-    }
-
-    /**
-     * Flag that unwrapping must produce a key that will return a meaningful value from a call to Key.getEncoded().
-     * This is important if you are using a HSM for unwrapping and using a software based provider for
-     * decrypting the content. Default value: false.
-     *
-     * @param unwrappedKeyMustBeEncodable true if getEncoded() should return key bytes, false if not necessary.
-     * @return this recipient.
-     */
-    public JceKeyTransRecipient setMustProduceEncodableUnwrappedKey(boolean unwrappedKeyMustBeEncodable)
-    {
-        this.unwrappedKeyMustBeEncodable = unwrappedKeyMustBeEncodable;
-
-        return this;
-    }
-
-    /**
-     * Set the provider to use for content processing.  If providerName is null a "no provider" search will be
-     * used to satisfy getInstance calls.
-     *
-     * @param providerName the name of the provider to use.
-     * @return this recipient.
-     */
-    public JceKeyTransRecipient setContentProvider(String providerName)
-    {
-        this.contentHelper = CMSUtils.createContentHelper(providerName);
-
-        return this;
-    }
-
-    /**
-     * Set validation of retrieved key sizes against the algorithm parameters for the encrypted key where possible - default is off.
-     * <p>
-     * This setting will not have any affect if the encryption algorithm in the recipient does not specify a particular key size, or
-     * if the unwrapper is a HSM and the byte encoding of the unwrapped secret key is not available.
-     * </p>
-     *
-     * @param doValidate true if unwrapped key's should be validated against the content encryption algorithm, false otherwise.
-     * @return this recipient.
-     */
-    public JceKeyTransRecipient setKeySizeValidation(boolean doValidate)
-    {
-        this.validateKeySize = doValidate;
-
-        return this;
-    }
-
-    protected Key extractSecretKey(AlgorithmIdentifier keyEncryptionAlgorithm, AlgorithmIdentifier encryptedKeyAlgorithm, byte[] encryptedEncryptionKey)
-        throws CMSException
-    {
-        if (CMSUtils.isGOST(keyEncryptionAlgorithm.getAlgorithm()))
-        {
-            try
-            {
-                GostR3410KeyTransport transport = GostR3410KeyTransport.getInstance(encryptedEncryptionKey);
-
-                GostR3410TransportParameters transParams = transport.getTransportParameters();
-
-                KeyFactory keyFactory = helper.createKeyFactory(keyEncryptionAlgorithm.getAlgorithm());
-
-                PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(transParams.getEphemeralPublicKey().getEncoded()));
-
-                KeyAgreement agreement = helper.createKeyAgreement(keyEncryptionAlgorithm.getAlgorithm());
-
-                agreement.init(recipientKey, new UserKeyingMaterialSpec(transParams.getUkm()));
-
-                agreement.doPhase(pubKey, true);
-
-                SecretKey key = agreement.generateSecret(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_KeyWrap.getId());
-
-                Cipher keyCipher = helper.createCipher(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_KeyWrap);
-
-                keyCipher.init(Cipher.UNWRAP_MODE, key, new GOST28147WrapParameterSpec(transParams.getEncryptionParamSet(), transParams.getUkm()));
-
-                Gost2814789EncryptedKey encKey = transport.getSessionEncryptedKey();
-
-                return keyCipher.unwrap(Arrays.concatenate(encKey.getEncryptedKey(), encKey.getMacKey()), helper.getBaseCipherName(encryptedKeyAlgorithm.getAlgorithm()), Cipher.SECRET_KEY);
-            }
-            catch (Exception e)
-            {
-                throw new CMSException("exception unwrapping key: " + e.getMessage(), e);
-            }
-        }
-        else
-        {
-            JceAsymmetricKeyUnwrapper unwrapper = helper.createAsymmetricUnwrapper(keyEncryptionAlgorithm, recipientKey).setMustProduceEncodableUnwrappedKey(unwrappedKeyMustBeEncodable);
-
-            if (!extraMappings.isEmpty())
-            {
-                for (Iterator it = extraMappings.keySet().iterator(); it.hasNext(); )
-                {
-                    ASN1ObjectIdentifier algorithm = (ASN1ObjectIdentifier)it.next();
-
-                    unwrapper.setAlgorithmMapping(algorithm, (String)extraMappings.get(algorithm));
-                }
-            }
-
-            try
-            {
-                Key key = helper.getJceKey(encryptedKeyAlgorithm.getAlgorithm(), unwrapper.generateUnwrappedKey(encryptedKeyAlgorithm, encryptedEncryptionKey));
-
-                if (validateKeySize)
-                {
-                    helper.keySizeCheck(encryptedKeyAlgorithm, key);
-                }
-
-                return key;
-            }
-            catch (OperatorException e)
-            {
-                throw new CMSException("exception unwrapping key: " + e.getMessage(), e);
-            }
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyTransRecipientId.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyTransRecipientId.java
deleted file mode 100644
index 8b44817..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyTransRecipientId.java
+++ /dev/null

@@ -1,57 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.math.BigInteger;
-import java.security.cert.X509Certificate;
-
-import javax.security.auth.x500.X500Principal;
-
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.cms.KeyTransRecipientId;
-
-public class JceKeyTransRecipientId
-    extends KeyTransRecipientId
-{
-    /**
-     * Construct a recipient id based on the issuer, serial number and subject key identifier (if present) of the passed in
-     * certificate.
-     *
-     * @param certificate certificate providing the issue and serial number and subject key identifier.
-     */
-    public JceKeyTransRecipientId(X509Certificate certificate)
-    {
-        super(convertPrincipal(certificate.getIssuerX500Principal()), certificate.getSerialNumber(), CMSUtils.getSubjectKeyId(certificate));
-    }
-
-    /**
-     * Construct a recipient id based on the provided issuer and serial number..
-     *
-     * @param issuer the issuer to use.
-     * @param serialNumber  the serial number to use.
-     */
-    public JceKeyTransRecipientId(X500Principal issuer, BigInteger serialNumber)
-    {
-        super(convertPrincipal(issuer), serialNumber);
-    }
-
-    /**
-     * Construct a recipient id based on the provided issuer, serial number, and subjectKeyId..
-     *
-     * @param issuer the issuer to use.
-     * @param serialNumber  the serial number to use.
-     * @param subjectKeyId the subject key ID to use.
-     */
-    public JceKeyTransRecipientId(X500Principal issuer, BigInteger serialNumber, byte[] subjectKeyId)
-    {
-        super(convertPrincipal(issuer), serialNumber, subjectKeyId);
-    }
-
-    private static X500Name convertPrincipal(X500Principal issuer)
-    {
-        if (issuer == null)
-        {
-            return null;
-        }
-
-        return X500Name.getInstance(issuer.getEncoded());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyTransRecipientInfoGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyTransRecipientInfoGenerator.java
deleted file mode 100644
index f624c8c..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JceKeyTransRecipientInfoGenerator.java
+++ /dev/null

@@ -1,86 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.security.Provider;
-import java.security.PublicKey;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.X509Certificate;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
-import org.bouncycastle.cms.KeyTransRecipientInfoGenerator;
-import org.bouncycastle.operator.jcajce.JceAsymmetricKeyWrapper;
-
-public class JceKeyTransRecipientInfoGenerator
-    extends KeyTransRecipientInfoGenerator
-{
-    public JceKeyTransRecipientInfoGenerator(X509Certificate recipientCert)
-        throws CertificateEncodingException
-    {
-        super(new IssuerAndSerialNumber(new JcaX509CertificateHolder(recipientCert).toASN1Structure()), new JceAsymmetricKeyWrapper(recipientCert));
-    }
-
-    public JceKeyTransRecipientInfoGenerator(byte[] subjectKeyIdentifier, PublicKey publicKey)
-    {
-        super(subjectKeyIdentifier, new JceAsymmetricKeyWrapper(publicKey));
-    }
-
-    /**
-     * Create a generator overriding the algorithm type implied by the public key in the certificate passed in.
-     *
-     * @param recipientCert certificate carrying the public key.
-     * @param algorithmIdentifier the identifier and parameters for the encryption algorithm to be used.
-     */
-    public JceKeyTransRecipientInfoGenerator(X509Certificate recipientCert, AlgorithmIdentifier algorithmIdentifier)
-        throws CertificateEncodingException
-    {
-        super(new IssuerAndSerialNumber(new JcaX509CertificateHolder(recipientCert).toASN1Structure()), new JceAsymmetricKeyWrapper(algorithmIdentifier, recipientCert.getPublicKey()));
-    }
-
-    /**
-     * Create a generator overriding the algorithm type implied by the public key passed in.
-     *
-     * @param subjectKeyIdentifier  the subject key identifier value to associate with the public key.
-     * @param algorithmIdentifier  the identifier and parameters for the encryption algorithm to be used.
-     * @param publicKey the public key to use.
-     */
-    public JceKeyTransRecipientInfoGenerator(byte[] subjectKeyIdentifier, AlgorithmIdentifier algorithmIdentifier, PublicKey publicKey)
-    {
-        super(subjectKeyIdentifier, new JceAsymmetricKeyWrapper(algorithmIdentifier, publicKey));
-    }
-
-    public JceKeyTransRecipientInfoGenerator setProvider(String providerName)
-    {
-        ((JceAsymmetricKeyWrapper)this.wrapper).setProvider(providerName);
-
-        return this;
-    }
-
-    public JceKeyTransRecipientInfoGenerator setProvider(Provider provider)
-    {
-        ((JceAsymmetricKeyWrapper)this.wrapper).setProvider(provider);
-
-        return this;
-    }
-
-    /**
-     * Internally algorithm ids are converted into cipher names using a lookup table. For some providers
-     * the standard lookup table won't work. Use this method to establish a specific mapping from an
-     * algorithm identifier to a specific algorithm.
-     * <p>
-     *     For example:
-     * <pre>
-     *     unwrapper.setAlgorithmMapping(PKCSObjectIdentifiers.rsaEncryption, "RSA");
-     * </pre>
-     * @param algorithm  OID of algorithm in recipient.
-     * @param algorithmName JCE algorithm name to use.
-     * @return the current RecipientInfoGenerator.
-     */
-    public JceKeyTransRecipientInfoGenerator setAlgorithmMapping(ASN1ObjectIdentifier algorithm, String algorithmName)
-    {
-        ((JceAsymmetricKeyWrapper)this.wrapper).setAlgorithmMapping(algorithm, algorithmName);
-
-        return this;
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcePasswordAuthenticatedRecipient.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcePasswordAuthenticatedRecipient.java
deleted file mode 100644
index ba873d2..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcePasswordAuthenticatedRecipient.java
+++ /dev/null

@@ -1,54 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.io.OutputStream;
-import java.security.Key;
-
-import javax.crypto.Mac;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.RecipientOperator;
-import org.bouncycastle.jcajce.io.MacOutputStream;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.MacCalculator;
-import org.bouncycastle.operator.jcajce.JceGenericKey;
-
-public class JcePasswordAuthenticatedRecipient
-    extends JcePasswordRecipient
-{
-    public JcePasswordAuthenticatedRecipient(char[] password)
-    {
-        super(password);
-    }
-
-    public RecipientOperator getRecipientOperator(AlgorithmIdentifier keyEncryptionAlgorithm, final AlgorithmIdentifier contentMacAlgorithm, byte[] derivedKey, byte[] encryptedContentEncryptionKey)
-        throws CMSException
-    {
-        final Key secretKey = extractSecretKey(keyEncryptionAlgorithm, contentMacAlgorithm, derivedKey, encryptedContentEncryptionKey);
-
-        final Mac dataMac = helper.createContentMac(secretKey, contentMacAlgorithm);
-
-        return new RecipientOperator(new MacCalculator()
-        {
-            public AlgorithmIdentifier getAlgorithmIdentifier()
-            {
-                return contentMacAlgorithm;
-            }
-
-            public GenericKey getKey()
-            {
-                return new JceGenericKey(contentMacAlgorithm, secretKey);
-            }
-
-            public OutputStream getOutputStream()
-            {
-                return new MacOutputStream(dataMac);
-            }
-
-            public byte[] getMac()
-            {
-                return dataMac.doFinal();
-            }
-        });
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcePasswordEnvelopedRecipient.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcePasswordEnvelopedRecipient.java
deleted file mode 100644
index 5d478ef..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcePasswordEnvelopedRecipient.java
+++ /dev/null

@@ -1,42 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.io.InputStream;
-import java.security.Key;
-
-import javax.crypto.Cipher;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.RecipientOperator;
-import org.bouncycastle.jcajce.io.CipherInputStream;
-import org.bouncycastle.operator.InputDecryptor;
-
-public class JcePasswordEnvelopedRecipient
-    extends JcePasswordRecipient
-{
-    public JcePasswordEnvelopedRecipient(char[] password)
-    {
-        super(password);
-    }
-
-    public RecipientOperator getRecipientOperator(AlgorithmIdentifier keyEncryptionAlgorithm, final AlgorithmIdentifier contentEncryptionAlgorithm, byte[] derivedKey, byte[] encryptedContentEncryptionKey)
-        throws CMSException
-    {
-        Key secretKey = extractSecretKey(keyEncryptionAlgorithm, contentEncryptionAlgorithm, derivedKey, encryptedContentEncryptionKey);
-
-        final Cipher dataCipher = helper.createContentCipher(secretKey, contentEncryptionAlgorithm);
-
-        return new RecipientOperator(new InputDecryptor()
-        {
-            public AlgorithmIdentifier getAlgorithmIdentifier()
-            {
-                return contentEncryptionAlgorithm;
-            }
-
-            public InputStream getInputStream(InputStream dataOut)
-            {
-                return new CipherInputStream(dataOut, dataCipher);
-            }
-        });
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcePasswordRecipient.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcePasswordRecipient.java
deleted file mode 100644
index 4875800..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcePasswordRecipient.java
+++ /dev/null

@@ -1,88 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.security.GeneralSecurityException;
-import java.security.Key;
-import java.security.Provider;
-
-import javax.crypto.Cipher;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.PasswordRecipient;
-
-/**
- * the RecipientInfo class for a recipient who has been sent a message
- * encrypted using a password.
- */
-public abstract class JcePasswordRecipient
-    implements PasswordRecipient
-{
-    private int schemeID = PasswordRecipient.PKCS5_SCHEME2_UTF8;
-    protected EnvelopedDataHelper helper = new EnvelopedDataHelper(new DefaultJcaJceExtHelper());
-    private char[] password;
-
-    JcePasswordRecipient(
-        char[] password)
-    {
-        this.password = password;
-    }
-
-    public JcePasswordRecipient setPasswordConversionScheme(int schemeID)
-    {
-        this.schemeID = schemeID;
-
-        return this;
-    }
-
-    public JcePasswordRecipient setProvider(Provider provider)
-    {
-        this.helper = new EnvelopedDataHelper(new ProviderJcaJceExtHelper(provider));
-
-        return this;
-    }
-
-    public JcePasswordRecipient setProvider(String providerName)
-    {
-        this.helper = new EnvelopedDataHelper(new NamedJcaJceExtHelper(providerName));
-
-        return this;
-    }
-
-    protected Key extractSecretKey(AlgorithmIdentifier keyEncryptionAlgorithm, AlgorithmIdentifier contentEncryptionAlgorithm, byte[] derivedKey, byte[] encryptedContentEncryptionKey)
-        throws CMSException
-    {
-        Cipher keyEncryptionCipher = helper.createRFC3211Wrapper(keyEncryptionAlgorithm.getAlgorithm());
-
-        try
-        {
-            IvParameterSpec ivSpec = new IvParameterSpec(ASN1OctetString.getInstance(keyEncryptionAlgorithm.getParameters()).getOctets());
-
-            keyEncryptionCipher.init(Cipher.UNWRAP_MODE, new SecretKeySpec(derivedKey, keyEncryptionCipher.getAlgorithm()), ivSpec);
-
-            return keyEncryptionCipher.unwrap(encryptedContentEncryptionKey, contentEncryptionAlgorithm.getAlgorithm().getId(), Cipher.SECRET_KEY);
-        }
-        catch (GeneralSecurityException e)
-        {
-            throw new CMSException("cannot process content encryption key: " + e.getMessage(), e);
-        }
-    }
-
-    public byte[] calculateDerivedKey(int schemeID, AlgorithmIdentifier derivationAlgorithm, int keySize)
-        throws CMSException
-    {
-        return helper.calculateDerivedKey(schemeID, password, derivationAlgorithm, keySize);
-    }
-
-    public int getPasswordConversionScheme()
-    {
-        return schemeID;
-    }
-
-    public char[] getPassword()
-    {
-        return password;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcePasswordRecipientInfoGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcePasswordRecipientInfoGenerator.java
deleted file mode 100644
index 94d8bbe..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/JcePasswordRecipientInfoGenerator.java
+++ /dev/null

@@ -1,67 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.security.GeneralSecurityException;
-import java.security.Key;
-import java.security.Provider;
-
-import javax.crypto.Cipher;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.PasswordRecipientInfoGenerator;
-import org.bouncycastle.operator.GenericKey;
-
-public class JcePasswordRecipientInfoGenerator
-    extends PasswordRecipientInfoGenerator
-{
-    private EnvelopedDataHelper helper = new EnvelopedDataHelper(new DefaultJcaJceExtHelper());
-
-    public JcePasswordRecipientInfoGenerator(ASN1ObjectIdentifier kekAlgorithm, char[] password)
-    {
-        super(kekAlgorithm, password);
-    }
-
-    public JcePasswordRecipientInfoGenerator setProvider(Provider provider)
-    {
-        this.helper = new EnvelopedDataHelper(new ProviderJcaJceExtHelper(provider));
-
-        return this;
-    }
-
-    public JcePasswordRecipientInfoGenerator setProvider(String providerName)
-    {
-        this.helper = new EnvelopedDataHelper(new NamedJcaJceExtHelper(providerName));
-
-        return this;
-    }
-
-    protected byte[] calculateDerivedKey(int schemeID, AlgorithmIdentifier derivationAlgorithm, int keySize)
-        throws CMSException
-    {
-        return helper.calculateDerivedKey(schemeID, password, derivationAlgorithm, keySize);
-    }
-
-    public byte[] generateEncryptedBytes(AlgorithmIdentifier keyEncryptionAlgorithm, byte[] derivedKey, GenericKey contentEncryptionKey)
-        throws CMSException
-    {
-        Key contentEncryptionKeySpec = helper.getJceKey(contentEncryptionKey);
-        Cipher keyEncryptionCipher = helper.createRFC3211Wrapper(keyEncryptionAlgorithm.getAlgorithm());
-
-        try
-        {
-            IvParameterSpec ivSpec = new IvParameterSpec(ASN1OctetString.getInstance(keyEncryptionAlgorithm.getParameters()).getOctets());
-
-            keyEncryptionCipher.init(Cipher.WRAP_MODE, new SecretKeySpec(derivedKey, keyEncryptionCipher.getAlgorithm()), ivSpec);
-
-            return keyEncryptionCipher.wrap(contentEncryptionKeySpec);
-        }
-        catch (GeneralSecurityException e)
-        {
-            throw new CMSException("cannot process content encryption key: " + e.getMessage(), e);
-        }
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/KeyMaterialGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/KeyMaterialGenerator.java
deleted file mode 100644
index b5170f2..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/KeyMaterialGenerator.java
+++ /dev/null

@@ -1,8 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-interface KeyMaterialGenerator
-{
-    byte[] generateKDFMaterial(AlgorithmIdentifier keyAlgorithm, int keySize, byte[] userKeyMaterialParameters);
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/NamedJcaJceExtHelper.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/NamedJcaJceExtHelper.java
deleted file mode 100644
index c665430..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/NamedJcaJceExtHelper.java
+++ /dev/null

@@ -1,37 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.security.PrivateKey;
-
-import javax.crypto.SecretKey;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
-import org.bouncycastle.operator.SymmetricKeyUnwrapper;
-import org.bouncycastle.operator.jcajce.JceAsymmetricKeyUnwrapper;
-import org.bouncycastle.operator.jcajce.JceKTSKeyUnwrapper;
-import org.bouncycastle.operator.jcajce.JceSymmetricKeyUnwrapper;
-
-class NamedJcaJceExtHelper
-    extends NamedJcaJceHelper
-    implements JcaJceExtHelper
-{
-    public NamedJcaJceExtHelper(String providerName)
-    {
-        super(providerName);
-    }
-
-    public JceAsymmetricKeyUnwrapper createAsymmetricUnwrapper(AlgorithmIdentifier keyEncryptionAlgorithm, PrivateKey keyEncryptionKey)
-    {
-        return new JceAsymmetricKeyUnwrapper(keyEncryptionAlgorithm, keyEncryptionKey).setProvider(providerName);
-    }
-
-    public JceKTSKeyUnwrapper createAsymmetricUnwrapper(AlgorithmIdentifier keyEncryptionAlgorithm, PrivateKey keyEncryptionKey, byte[] partyUInfo, byte[] partyVInfo)
-    {
-        return new JceKTSKeyUnwrapper(keyEncryptionAlgorithm, keyEncryptionKey, partyUInfo, partyVInfo).setProvider(providerName);
-    }
-
-    public SymmetricKeyUnwrapper createSymmetricUnwrapper(AlgorithmIdentifier keyEncryptionAlgorithm, SecretKey keyEncryptionKey)
-    {
-        return new JceSymmetricKeyUnwrapper(keyEncryptionAlgorithm, keyEncryptionKey).setProvider(providerName);
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/ProviderJcaJceExtHelper.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/ProviderJcaJceExtHelper.java
deleted file mode 100644
index f0e1022..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/ProviderJcaJceExtHelper.java
+++ /dev/null

@@ -1,38 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.security.PrivateKey;
-import java.security.Provider;
-
-import javax.crypto.SecretKey;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
-import org.bouncycastle.operator.SymmetricKeyUnwrapper;
-import org.bouncycastle.operator.jcajce.JceAsymmetricKeyUnwrapper;
-import org.bouncycastle.operator.jcajce.JceKTSKeyUnwrapper;
-import org.bouncycastle.operator.jcajce.JceSymmetricKeyUnwrapper;
-
-class ProviderJcaJceExtHelper
-    extends ProviderJcaJceHelper
-    implements JcaJceExtHelper
-{
-    public ProviderJcaJceExtHelper(Provider provider)
-    {
-        super(provider);
-    }
-
-    public JceAsymmetricKeyUnwrapper createAsymmetricUnwrapper(AlgorithmIdentifier keyEncryptionAlgorithm, PrivateKey keyEncryptionKey)
-    {
-        return new JceAsymmetricKeyUnwrapper(keyEncryptionAlgorithm, keyEncryptionKey).setProvider(provider);
-    }
-
-    public JceKTSKeyUnwrapper createAsymmetricUnwrapper(AlgorithmIdentifier keyEncryptionAlgorithm, PrivateKey keyEncryptionKey, byte[] partyUInfo, byte[] partyVInfo)
-    {
-        return new JceKTSKeyUnwrapper(keyEncryptionAlgorithm, keyEncryptionKey, partyUInfo, partyVInfo).setProvider(provider);
-    }
-
-    public SymmetricKeyUnwrapper createSymmetricUnwrapper(AlgorithmIdentifier keyEncryptionAlgorithm, SecretKey keyEncryptionKey)
-    {
-        return new JceSymmetricKeyUnwrapper(keyEncryptionAlgorithm, keyEncryptionKey).setProvider(provider);
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/RFC5753KeyMaterialGenerator.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/RFC5753KeyMaterialGenerator.java
deleted file mode 100644
index a07eedb..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/RFC5753KeyMaterialGenerator.java
+++ /dev/null

@@ -1,26 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.cms.ecc.ECCCMSSharedInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.Pack;
-
-class RFC5753KeyMaterialGenerator
-    implements KeyMaterialGenerator
-{
-    public byte[] generateKDFMaterial(AlgorithmIdentifier keyAlgorithm, int keySize, byte[] userKeyMaterialParameters)
-    {
-        ECCCMSSharedInfo eccInfo = new ECCCMSSharedInfo(keyAlgorithm, userKeyMaterialParameters, Pack.intToBigEndian(keySize));
-
-        try
-        {
-            return eccInfo.getEncoded(ASN1Encoding.DER);
-        }
-        catch (IOException e)
-        {
-            throw new IllegalStateException("Unable to create KDF material: " + e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/ZlibCompressor.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/ZlibCompressor.java
deleted file mode 100644
index 53da722..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/ZlibCompressor.java
+++ /dev/null

@@ -1,24 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.io.OutputStream;
-import java.util.zip.DeflaterOutputStream;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.operator.OutputCompressor;
-
-public class ZlibCompressor
-    implements OutputCompressor
-{
-    private static final String  ZLIB    = "1.2.840.113549.1.9.16.3.8";
-
-    public AlgorithmIdentifier getAlgorithmIdentifier()
-    {
-        return new AlgorithmIdentifier(new ASN1ObjectIdentifier(ZLIB));
-    }
-
-    public OutputStream getOutputStream(OutputStream comOut)
-    {
-        return new DeflaterOutputStream(comOut);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/ZlibExpanderProvider.java b/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/ZlibExpanderProvider.java
deleted file mode 100644
index 15729a7..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/jcajce/ZlibExpanderProvider.java
+++ /dev/null

@@ -1,116 +0,0 @@
-package org.bouncycastle.cms.jcajce;
-
-import java.io.FilterInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.zip.InflaterInputStream;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.operator.InputExpander;
-import org.bouncycastle.operator.InputExpanderProvider;
-import org.bouncycastle.util.io.StreamOverflowException;
-
-public class ZlibExpanderProvider
-    implements InputExpanderProvider
-{
-    private final long limit;
-
-    /**
-     * Base constructor. Create an expander which will not limit the size of any objects expanded in the stream.
-     */
-    public ZlibExpanderProvider()
-    {
-        this.limit = -1;
-    }
-
-    /**
-     * Create a provider which caps the number of expanded bytes that can be produced when the
-     * compressed stream is parsed.
-     *
-     * @param limit max number of bytes allowed in an expanded stream.
-     */
-    public ZlibExpanderProvider(long limit)
-    {
-        this.limit = limit;
-    }
-
-    public InputExpander get(final AlgorithmIdentifier algorithm)
-    {
-        return new InputExpander()
-        {
-            public AlgorithmIdentifier getAlgorithmIdentifier()
-            {
-                return algorithm;
-            }
-
-            public InputStream getInputStream(InputStream comIn)
-            {
-                InputStream s = new InflaterInputStream(comIn);                
-                if (limit >= 0)
-                {
-                    s = new LimitedInputStream(s, limit);
-                }
-                return s;
-            }
-        };
-    }
-
-    private static class LimitedInputStream
-        extends FilterInputStream
-    {
-        private long remaining;
-
-        public LimitedInputStream(InputStream input, long limit)
-        {
-            super(input);
-
-            this.remaining = limit;
-        }
-
-        public int read()
-            throws IOException
-        {
-            // Only a single 'extra' byte will ever be read
-            if (remaining >= 0)
-            {
-                int b = super.in.read();
-                if (b < 0 || --remaining >= 0)
-                {
-                    return b;
-                }
-            }
-
-            throw new StreamOverflowException("expanded byte limit exceeded");
-        }
-
-        public int read(byte[] buf, int off, int len)
-            throws IOException
-        {
-            if (len < 1)
-            {
-                // This will give correct exceptions/returns for strange lengths
-                return super.read(buf, off, len);
-            }
-
-            if (remaining < 1)
-            {
-                // Will either return EOF or throw exception
-                read();
-                return -1;
-            }
-
-            /*
-             * Limit the underlying request to 'remaining' bytes. This ensures the
-             * caller will see the full 'limit' bytes before getting an exception.
-             * Also, only one extra byte will ever be read.
-             */
-            int actualLen = (remaining > len ? len : (int)remaining);
-            int numRead = super.in.read(buf, off, actualLen);
-            if (numRead > 0)
-            {
-                remaining -= numRead;
-            }
-            return numRead;
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/package.html b/bcpkix/src/main/java/org/bouncycastle/cms/package.html
deleted file mode 100644
index 644e862..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-A package for processing RFC 3852 Cryptographic Message Syntax (CMS) objects - also referred to as PKCS#7 (formerly RFC 2630, 3369). 
-</body>
-</html>

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/test/AllTests.java b/bcpkix/src/main/java/org/bouncycastle/cms/test/AllTests.java
deleted file mode 100644
index 4841d29..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/test/AllTests.java
+++ /dev/null

@@ -1,53 +0,0 @@
-package org.bouncycastle.cms.test;
-
-import javax.crypto.Cipher;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-
-public class AllTests
-    extends TestCase
-{
-    public static void main (String[] args) 
-        throws Exception
-    {
-        junit.textui.TestRunner.run(suite());
-    }
-    
-    public static Test suite() 
-        throws Exception
-    {   
-        TestSuite suite = new TestSuite("CMS tests");
-
-        suite.addTest(NewCompressedDataTest.suite());
-        suite.addTest(NewSignedDataTest.suite());
-        suite.addTest(NewEnvelopedDataTest.suite());
-        suite.addTest(NewAuthenticatedDataTest.suite());
-        suite.addTest(NewAuthenticatedDataStreamTest.suite());
-        suite.addTest(NewCompressedDataStreamTest.suite());
-        suite.addTest(NewSignedDataStreamTest.suite());
-        suite.addTest(NewEnvelopedDataStreamTest.suite());
-
-        suite.addTest(MiscDataStreamTest.suite());
-        suite.addTest(Rfc4134Test.suite());
-        suite.addTest(ConverterTest.suite());
-
-        suite.addTest(BcEnvelopedDataTest.suite());
-        suite.addTest(BcSignedDataTest.suite());
-
-        try
-        {
-            Cipher.getInstance("RSA", "SunJCE");
-
-            suite.addTest(SunProviderTest.suite());
-            suite.addTest(NullProviderTest.suite());
-        }
-        catch (Exception e)
-        {
-            // ignore
-        }
-
-        return suite;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/test/BcEnvelopedDataTest.java b/bcpkix/src/main/java/org/bouncycastle/cms/test/BcEnvelopedDataTest.java
deleted file mode 100644
index 0495f4b..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/test/BcEnvelopedDataTest.java
+++ /dev/null

@@ -1,983 +0,0 @@
-package org.bouncycastle.cms.test;
-
-import java.io.IOException;
-import java.security.GeneralSecurityException;
-import java.security.Key;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PrivateKey;
-import java.security.Security;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.X509Certificate;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Hashtable;
-import java.util.Iterator;
-
-import javax.crypto.SecretKey;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.asn1.cms.Attribute;
-import org.bouncycastle.asn1.cms.AttributeTable;
-import org.bouncycastle.asn1.misc.MiscObjectIdentifiers;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
-import org.bouncycastle.cms.CMSAlgorithm;
-import org.bouncycastle.cms.CMSEnvelopedData;
-import org.bouncycastle.cms.CMSEnvelopedDataGenerator;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.CMSProcessableByteArray;
-import org.bouncycastle.cms.KeyTransRecipientInformation;
-import org.bouncycastle.cms.PasswordRecipient;
-import org.bouncycastle.cms.PasswordRecipientInformation;
-import org.bouncycastle.cms.RecipientId;
-import org.bouncycastle.cms.RecipientInformation;
-import org.bouncycastle.cms.RecipientInformationStore;
-import org.bouncycastle.cms.SimpleAttributeTableGenerator;
-import org.bouncycastle.cms.bc.BcCMSContentEncryptorBuilder;
-import org.bouncycastle.cms.bc.BcKEKEnvelopedRecipient;
-import org.bouncycastle.cms.bc.BcKEKRecipientInfoGenerator;
-import org.bouncycastle.cms.bc.BcPasswordEnvelopedRecipient;
-import org.bouncycastle.cms.bc.BcPasswordRecipientInfoGenerator;
-import org.bouncycastle.cms.bc.BcRSAKeyTransEnvelopedRecipient;
-import org.bouncycastle.cms.bc.BcRSAKeyTransRecipientInfoGenerator;
-import org.bouncycastle.cms.jcajce.JceKeyAgreeEnvelopedRecipient;
-import org.bouncycastle.cms.jcajce.JceKeyAgreeRecipientId;
-import org.bouncycastle.cms.jcajce.JceKeyAgreeRecipientInfoGenerator;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.util.PrivateKeyFactory;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.operator.OutputEncryptor;
-import org.bouncycastle.operator.bc.BcAESSymmetricKeyUnwrapper;
-import org.bouncycastle.operator.bc.BcAESSymmetricKeyWrapper;
-import org.bouncycastle.operator.bc.BcSymmetricKeyUnwrapper;
-import org.bouncycastle.operator.bc.BcSymmetricKeyWrapper;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-
-public class BcEnvelopedDataTest
-    extends TestCase
-{
-    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
-
-    private static String _signDN;
-    private static KeyPair _signKP;
-    private static X509Certificate _signCert;
-
-    private static String _origDN;
-    private static KeyPair _origKP;
-    private static X509Certificate _origCert;
-
-    private static String _reciDN;
-    private static String _reciDN2;
-    private static KeyPair _reciKP;
-    private static X509Certificate _reciCert;
-
-    private static KeyPair _origEcKP;
-    private static KeyPair _reciEcKP;
-    private static X509Certificate _reciEcCert;
-    private static KeyPair _reciEcKP2;
-    private static X509Certificate _reciEcCert2;
-
-    private static boolean         _initialised = false;
-
-    private byte[] oldKEK = Base64.decode(
-                          "MIAGCSqGSIb3DQEHA6CAMIACAQIxQaI/MD0CAQQwBwQFAQIDBAUwDQYJYIZIAWUDBAEFBQAEI"
-                        + "Fi2eHTPM4bQSjP4DUeDzJZLpfemW2gF1SPq7ZPHJi1mMIAGCSqGSIb3DQEHATAUBggqhkiG9w"
-                        + "0DBwQImtdGyUdGGt6ggAQYk9X9z01YFBkU7IlS3wmsKpm/zpZClTceAAAAAAAAAAAAAA==");
-
-    private byte[] ecKeyAgreeMsgAES256 = Base64.decode(
-           "MIAGCSqGSIb3DQEHA6CAMIACAQIxgcShgcECAQOgQ6FBMAsGByqGSM49AgEF"
-         + "AAMyAAPdXlSTpub+qqno9hUGkUDl+S3/ABhPziIB5yGU4678tgOgU5CiKG9Z"
-         + "kfnabIJ3nZYwGgYJK4EFEIZIPwACMA0GCWCGSAFlAwQBLQUAMFswWTAtMCgx"
-         + "EzARBgNVBAMTCkFkbWluLU1EU0UxETAPBgNVBAoTCDRCQ1QtMklEAgEBBCi/"
-         + "rJRLbFwEVW6PcLLmojjW9lI/xGD7CfZzXrqXFw8iHaf3hTRau1gYMIAGCSqG"
-         + "SIb3DQEHATAdBglghkgBZQMEASoEEMtCnKKPwccmyrbgeSIlA3qggAQQDLw8"
-         + "pNJR97bPpj6baG99bQQQwhEDsoj5Xg1oOxojHVcYzAAAAAAAAAAAAAA=");
-
-    private byte[] ecKeyAgreeMsgAES128 = Base64.decode(
-           "MIAGCSqGSIb3DQEHA6CAMIACAQIxgbShgbECAQOgQ6FBMAsGByqGSM49AgEF"
-         + "AAMyAAL01JLEgKvKh5rbxI/hOxs/9WEezMIsAbUaZM4l5tn3CzXAN505nr5d"
-         + "LhrcurMK+tAwGgYJK4EFEIZIPwACMA0GCWCGSAFlAwQBBQUAMEswSTAtMCgx"
-         + "EzARBgNVBAMTCkFkbWluLU1EU0UxETAPBgNVBAoTCDRCQ1QtMklEAgEBBBhi"
-         + "FLjc5g6aqDT3f8LomljOwl1WTrplUT8wgAYJKoZIhvcNAQcBMB0GCWCGSAFl"
-         + "AwQBAgQQzXjms16Y69S/rB0EbHqRMaCABBAFmc/QdVW6LTKdEy97kaZzBBBa"
-         + "fQuviUS03NycpojELx0bAAAAAAAAAAAAAA==");
-
-    private byte[] ecKeyAgreeMsgDESEDE = Base64.decode(
-           "MIAGCSqGSIb3DQEHA6CAMIACAQIxgcahgcMCAQOgQ6FBMAsGByqGSM49AgEF"
-         + "AAMyAALIici6Nx1WN5f0ThH2A8ht9ovm0thpC5JK54t73E1RDzCifePaoQo0"
-         + "xd6sUqoyGaYwHAYJK4EFEIZIPwACMA8GCyqGSIb3DQEJEAMGBQAwWzBZMC0w"
-         + "KDETMBEGA1UEAxMKQWRtaW4tTURTRTERMA8GA1UEChMINEJDVC0ySUQCAQEE"
-         + "KJuqZQ1NB1vXrKPOnb4TCpYOsdm6GscWdwAAZlm2EHMp444j0s55J9wwgAYJ"
-         + "KoZIhvcNAQcBMBQGCCqGSIb3DQMHBAjwnsDMsafCrKCABBjyPvqFOVMKxxut"
-         + "VfTx4fQlNGJN8S2ATRgECMcTQ/dsmeViAAAAAAAAAAAAAA==");
-
-   private byte[] ecMQVKeyAgreeMsgAES128 = Base64.decode(
-          "MIAGCSqGSIb3DQEHA6CAMIACAQIxgf2hgfoCAQOgQ6FBMAsGByqGSM49AgEF"
-        + "AAMyAAPDKU+0H58tsjpoYmYCInMr/FayvCCkupebgsnpaGEB7qS9vzcNVUj6"
-        + "mrnmiC2grpmhRwRFMEMwQTALBgcqhkjOPQIBBQADMgACZpD13z9c7DzRWx6S"
-        + "0xdbq3S+EJ7vWO+YcHVjTD8NcQDcZcWASW899l1PkL936zsuMBoGCSuBBRCG"
-        + "SD8AEDANBglghkgBZQMEAQUFADBLMEkwLTAoMRMwEQYDVQQDEwpBZG1pbi1N"
-        + "RFNFMREwDwYDVQQKEwg0QkNULTJJRAIBAQQYFq58L71nyMK/70w3nc6zkkRy"
-        + "RL7DHmpZMIAGCSqGSIb3DQEHATAdBglghkgBZQMEAQIEEDzRUpreBsZXWHBe"
-        + "onxOtSmggAQQ7csAZXwT1lHUqoazoy8bhAQQq+9Zjj8iGdOWgyebbfj67QAA"
-        + "AAAAAAAAAAA=");
-
-
-    private byte[] ecKeyAgreeKey = Base64.decode(
-        "MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDC8vp7xVTbKSgYVU5Wc"
-      + "hGkWbzaj+yUFETIWP1Dt7+WSpq3ikSPdl7PpHPqnPVZfoIWhZANiAgSYHTgxf+Dd"
-      + "Tt84dUvuSKkFy3RhjxJmjwIscK6zbEUzKhcPQG2GHzXhWK5x1kov0I74XpGhVkya"
-      + "ElH5K6SaOXiXAzcyNGggTOk4+ZFnz5Xl0pBje3zKxPhYu0SnCw7Pcqw=");
-
-    private byte[] bobPrivRsaEncrypt = Base64.decode(
-       "MIIChQIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKnhZ5g/OdVf"
-     + "8qCTQV6meYmFyDVdmpFb+x0B2hlwJhcPvaUi0DWFbXqYZhRBXM+3twg7CcmR"
-     + "uBlpN235ZR572akzJKN/O7uvRgGGNjQyywcDWVL8hYsxBLjMGAgUSOZPHPtd"
-     + "YMTgXB9T039T2GkB8QX4enDRvoPGXzjPHCyqaqfrAgMBAAECgYBnzUhMmg2P"
-     + "mMIbZf8ig5xt8KYGHbztpwOIlPIcaw+LNd4Ogngwy+e6alatd8brUXlweQqg"
-     + "9P5F4Kmy9Bnah5jWMIR05PxZbMHGd9ypkdB8MKCixQheIXFD/A0HPfD6bRSe"
-     + "TmPwF1h5HEuYHD09sBvf+iU7o8AsmAX2EAnYh9sDGQJBANDDIsbeopkYdo+N"
-     + "vKZ11mY/1I1FUox29XLE6/BGmvE+XKpVC5va3Wtt+Pw7PAhDk7Vb/s7q/WiE"
-     + "I2Kv8zHCueUCQQDQUfweIrdb7bWOAcjXq/JY1PeClPNTqBlFy2bKKBlf4hAr"
-     + "84/sajB0+E0R9KfEILVHIdxJAfkKICnwJAiEYH2PAkA0umTJSChXdNdVUN5q"
-     + "SO8bKlocSHseIVnDYDubl6nA7xhmqU5iUjiEzuUJiEiUacUgFJlaV/4jbOSn"
-     + "I3vQgLeFAkEAni+zN5r7CwZdV+EJBqRd2ZCWBgVfJAZAcpw6iIWchw+dYhKI"
-     + "FmioNRobQ+g4wJhprwMKSDIETukPj3d9NDAlBwJAVxhn1grStavCunrnVNqc"
-     + "BU+B1O8BiR4yPWnLMcRSyFRVJQA7HCp8JlDV6abXd8vPFfXuC9WN7rOvTKF8"
-     + "Y0ZB9qANMAsGA1UdDzEEAwIAEA==");
-
-    private byte[] rfc4134ex5_1 = Base64.decode(
-          "MIIBHgYJKoZIhvcNAQcDoIIBDzCCAQsCAQAxgcAwgb0CAQAwJjASMRAwDgYD"
-        + "VQQDEwdDYXJsUlNBAhBGNGvHgABWvBHTbi7NXXHQMA0GCSqGSIb3DQEBAQUA"
-        + "BIGAC3EN5nGIiJi2lsGPcP2iJ97a4e8kbKQz36zg6Z2i0yx6zYC4mZ7mX7FB"
-        + "s3IWg+f6KgCLx3M1eCbWx8+MDFbbpXadCDgO8/nUkUNYeNxJtuzubGgzoyEd"
-        + "8Ch4H/dd9gdzTd+taTEgS0ipdSJuNnkVY4/M652jKKHRLFf02hosdR8wQwYJ"
-        + "KoZIhvcNAQcBMBQGCCqGSIb3DQMHBAgtaMXpRwZRNYAgDsiSf8Z9P43LrY4O"
-        + "xUk660cu1lXeCSFOSOpOJ7FuVyU=");
-
-    private byte[] rfc4134ex5_2 = Base64.decode(
-            "MIIBZQYJKoZIhvcNAQcDoIIBVjCCAVICAQIxggEAMIG9AgEAMCYwEjEQMA4G"
-         + "A1UEAxMHQ2FybFJTQQIQRjRrx4AAVrwR024uzV1x0DANBgkqhkiG9w0BAQEF"
-         + "AASBgJQmQojGi7Z4IP+CVypBmNFoCDoEp87khtgyff2N4SmqD3RxPx+8hbLQ"
-         + "t9i3YcMwcap+aiOkyqjMalT03VUC0XBOGv+HYI3HBZm/aFzxoq+YOXAWs5xl"
-         + "GerZwTOc9j6AYlK4qXvnztR5SQ8TBjlzytm4V7zg+TGrnGVNQBNw47Ewoj4C"
-         + "AQQwDQQLTWFpbExpc3RSQzIwEAYLKoZIhvcNAQkQAwcCAToEGHcUr5MSJ/g9"
-         + "HnJVHsQ6X56VcwYb+OfojTBJBgkqhkiG9w0BBwEwGgYIKoZIhvcNAwIwDgIC"
-         + "AKAECJwE0hkuKlWhgCBeKNXhojuej3org9Lt7n+wWxOhnky5V50vSpoYRfRR"
-         + "yw==");
-
-    public BcEnvelopedDataTest()
-    {
-    }
-
-    private static void init()
-        throws Exception
-    {
-        if (!_initialised)
-        {
-            _initialised = true;
-
-            if (Security.getProvider(BC) == null)
-            {
-                Security.addProvider(new BouncyCastleProvider());
-            }
-
-            _signDN   = "O=Bouncy Castle, C=AU";
-            _signKP   = CMSTestUtil.makeKeyPair();
-            _signCert = CMSTestUtil.makeCertificate(_signKP, _signDN, _signKP, _signDN);
-
-            _origDN   = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU";
-            _origKP   = CMSTestUtil.makeKeyPair();
-            _origCert = CMSTestUtil.makeCertificate(_origKP, _origDN, _signKP, _signDN);
-
-            _reciDN   = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU";
-            _reciDN2  = "CN=Fred, OU=Sales, O=Bouncy Castle, C=AU";
-            _reciKP   = CMSTestUtil.makeKeyPair();
-            _reciCert = CMSTestUtil.makeCertificate(_reciKP, _reciDN, _signKP, _signDN);
-
-            _origEcKP = CMSTestUtil.makeEcDsaKeyPair();
-            _reciEcKP = CMSTestUtil.makeEcDsaKeyPair();
-            _reciEcCert = CMSTestUtil.makeCertificate(_reciEcKP, _reciDN, _signKP, _signDN);
-            _reciEcKP2 = CMSTestUtil.makeEcDsaKeyPair();
-            _reciEcCert2 = CMSTestUtil.makeCertificate(_reciEcKP2, _reciDN2, _signKP, _signDN);
-        }
-    }
-
-    public static void main(
-        String args[])
-        throws Exception
-    {
-        junit.textui.TestRunner.run(BcEnvelopedDataTest.suite());
-    }
-
-    public static Test suite()
-        throws Exception
-    {
-        init();
-
-        return new CMSTestSetup(new TestSuite(BcEnvelopedDataTest.class));
-    }
-
-    public void testUnprotectedAttributes()
-        throws Exception
-    {
-        byte[]          data     = "WallaWallaWashington".getBytes();
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new BcRSAKeyTransRecipientInfoGenerator(new JcaX509CertificateHolder(_reciCert)));
-
-        Hashtable attrs = new Hashtable();
-
-        attrs.put(PKCSObjectIdentifiers.id_aa_contentHint, new Attribute(PKCSObjectIdentifiers.id_aa_contentHint, new DERSet(new DERUTF8String("Hint"))));
-        attrs.put(PKCSObjectIdentifiers.id_aa_receiptRequest, new Attribute(PKCSObjectIdentifiers.id_aa_receiptRequest, new DERSet(new DERUTF8String("Request"))));
-
-        AttributeTable attrTable = new AttributeTable(attrs);
-
-        edGen.setUnprotectedAttributeGenerator(new SimpleAttributeTableGenerator(attrTable));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new BcCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).build());
-
-        RecipientInformationStore  recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(), CMSAlgorithm.DES_EDE3_CBC.getId());
-
-        attrTable = ed.getUnprotectedAttributes();
-
-        assertEquals(attrs.size(), 2);
-
-        assertEquals(new DERUTF8String("Hint"), attrTable.get(PKCSObjectIdentifiers.id_aa_contentHint).getAttrValues().getObjectAt(0));
-        assertEquals(new DERUTF8String("Request"), attrTable.get(PKCSObjectIdentifiers.id_aa_receiptRequest).getAttrValues().getObjectAt(0));
-                
-        Collection c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation   recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
-
-            byte[] recData = recipient.getContent(new BcRSAKeyTransEnvelopedRecipient(PrivateKeyFactory.createKey(_reciKP.getPrivate().getEncoded())));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-    }
-
-    public void testKeyTrans()
-        throws Exception
-    {
-        byte[]          data     = "WallaWallaWashington".getBytes();
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new BcRSAKeyTransRecipientInfoGenerator(new JcaX509CertificateHolder(_reciCert)));
-
-        CMSEnvelopedData ed = edGen.generate(
-                                new CMSProcessableByteArray(data),
-                                new BcCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).build());
-
-        RecipientInformationStore  recipients = ed.getRecipientInfos();
-
-
-        assertEquals(ed.getEncryptionAlgOID(), CMSAlgorithm.DES_EDE3_CBC.getId());
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation   recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
-
-            byte[] recData = recipient.getContent(new BcRSAKeyTransEnvelopedRecipient(PrivateKeyFactory.createKey(PrivateKeyInfo.getInstance(_reciKP.getPrivate().getEncoded()))));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-    }
-
-    public void testKeyTransRC4()
-        throws Exception
-    {
-        byte[]          data     = "WallaWallaBouncyCastle".getBytes();
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new BcRSAKeyTransRecipientInfoGenerator(new JcaX509CertificateHolder(_reciCert)));
-
-        CMSEnvelopedData ed = edGen.generate(
-                                new CMSProcessableByteArray(data),
-                                new BcCMSContentEncryptorBuilder(new ASN1ObjectIdentifier("1.2.840.113549.3.4")).build());
-
-        RecipientInformationStore  recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(), new ASN1ObjectIdentifier("1.2.840.113549.3.4").getId());
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation   recipient = (RecipientInformation)it.next();
-
-            byte[] recData = recipient.getContent(new BcRSAKeyTransEnvelopedRecipient(PrivateKeyFactory.createKey(PrivateKeyInfo.getInstance(_reciKP.getPrivate().getEncoded()))));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-    }
-
-    public void testKeyTrans128RC4()
-        throws Exception
-    {
-        byte[]          data     = "WallaWallaBouncyCastle".getBytes();
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new BcRSAKeyTransRecipientInfoGenerator(new JcaX509CertificateHolder(_reciCert)));
-
-        CMSEnvelopedData ed = edGen.generate(
-                                new CMSProcessableByteArray(data),
-                                new BcCMSContentEncryptorBuilder(new ASN1ObjectIdentifier("1.2.840.113549.3.4"), 128).build());
-
-        RecipientInformationStore  recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(), "1.2.840.113549.3.4");
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        if (it.hasNext())
-        {
-            RecipientInformation   recipient = (RecipientInformation)it.next();
-
-            byte[] recData = recipient.getContent(new BcRSAKeyTransEnvelopedRecipient(PrivateKeyFactory.createKey(PrivateKeyInfo.getInstance(_reciKP.getPrivate().getEncoded()))));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-
-    public void testKeyTransLight128RC4()
-        throws Exception
-    {
-        byte[]          data     = "WallaWallaBouncyCastle".getBytes();
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new BcRSAKeyTransRecipientInfoGenerator(new JcaX509CertificateHolder(_reciCert)));
-
-        CMSEnvelopedData ed = edGen.generate(
-                                new CMSProcessableByteArray(data),
-                                new BcCMSContentEncryptorBuilder(new ASN1ObjectIdentifier("1.2.840.113549.3.4"), 128).build());
-
-        RecipientInformationStore  recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(), "1.2.840.113549.3.4");
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        if (it.hasNext())
-        {
-            RecipientInformation   recipient = (RecipientInformation)it.next();
-
-            byte[] recData = recipient.getContent(new BcRSAKeyTransEnvelopedRecipient(PrivateKeyFactory.createKey(PrivateKeyInfo.getInstance(_reciKP.getPrivate().getEncoded()))));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-
-    public void testKeyTransODES()
-        throws Exception
-    {
-        byte[]          data     = "WallaWallaBouncyCastle".getBytes();
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new BcRSAKeyTransRecipientInfoGenerator(new JcaX509CertificateHolder(_reciCert)));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new BcCMSContentEncryptorBuilder(new ASN1ObjectIdentifier("1.3.14.3.2.7")).build());
-
-        RecipientInformationStore  recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(), "1.3.14.3.2.7");
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        if (it.hasNext())
-        {
-            RecipientInformation   recipient = (RecipientInformation)it.next();
-
-            byte[] recData = recipient.getContent(new BcRSAKeyTransEnvelopedRecipient(PrivateKeyFactory.createKey(PrivateKeyInfo.getInstance(_reciKP.getPrivate().getEncoded()))));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-
-    public void testKeyTransSmallAES()
-        throws Exception
-    {
-        byte[]          data     = new byte[] { 0, 1, 2, 3 };
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new BcRSAKeyTransRecipientInfoGenerator(new JcaX509CertificateHolder(_reciCert)));
-
-        CMSEnvelopedData ed = edGen.generate(
-                              new CMSProcessableByteArray(data),
-                              new BcCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).build());
-
-        RecipientInformationStore  recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(),
-                                   CMSAlgorithm.AES128_CBC.getId());
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        if (it.hasNext())
-        {
-            RecipientInformation   recipient = (RecipientInformation)it.next();
-
-            byte[] recData = recipient.getContent(new BcRSAKeyTransEnvelopedRecipient(PrivateKeyFactory.createKey(PrivateKeyInfo.getInstance(_reciKP.getPrivate().getEncoded()))));
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-
-    public void testKeyTransCAST5()
-        throws Exception
-    {
-        tryKeyTrans(CMSAlgorithm.CAST5_CBC, MiscObjectIdentifiers.cast5CBC, 16, ASN1Sequence.class);
-    }
-
-    public void testKeyTransRC2()
-        throws Exception
-    {
-        tryKeyTrans(CMSAlgorithm.RC2_CBC, PKCSObjectIdentifiers.RC2_CBC, 16, ASN1Sequence.class);
-    }
-
-    public void testKeyTransAES128()
-        throws Exception
-    {
-        tryKeyTrans(CMSAlgorithm.AES128_CBC, NISTObjectIdentifiers.id_aes128_CBC, 16, DEROctetString.class);
-    }
-
-    public void testKeyTransAES192()
-        throws Exception
-    {
-        tryKeyTrans(CMSAlgorithm.AES192_CBC, NISTObjectIdentifiers.id_aes192_CBC, 24, DEROctetString.class);
-    }
-
-    public void testKeyTransAES256()
-        throws Exception
-    {
-        tryKeyTrans(CMSAlgorithm.AES256_CBC, NISTObjectIdentifiers.id_aes256_CBC, 32, DEROctetString.class);
-    }
-
-    private void tryKeyTrans(ASN1ObjectIdentifier generatorOID, ASN1ObjectIdentifier checkOID, int keySize, Class asn1Params)
-        throws Exception
-    {
-        byte[]          data     = "WallaWallaWashington".getBytes();
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new BcRSAKeyTransRecipientInfoGenerator(new JcaX509CertificateHolder(_reciCert)));
-
-        OutputEncryptor encryptor = new BcCMSContentEncryptorBuilder(generatorOID).build();
-        CMSEnvelopedData ed = edGen.generate(
-                                new CMSProcessableByteArray(data), encryptor);
-
-        RecipientInformationStore  recipients = ed.getRecipientInfos();
-
-        assertEquals(checkOID.getId(), ed.getEncryptionAlgOID());
-        assertEquals(keySize, ((byte[])encryptor.getKey().getRepresentation()).length);
-
-        if (asn1Params != null)
-        {
-            assertTrue(asn1Params.isAssignableFrom(ed.getContentEncryptionAlgorithm().getParameters().toASN1Primitive().getClass()));
-        }
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator it = c.iterator();
-
-        if (!it.hasNext())
-        {
-            fail("no recipients found");
-        }
-
-        while (it.hasNext())
-        {
-            RecipientInformation   recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
-
-            byte[] recData = recipient.getContent(new BcRSAKeyTransEnvelopedRecipient(PrivateKeyFactory.createKey(PrivateKeyInfo.getInstance(_reciKP.getPrivate().getEncoded()))));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-    }
-
-    public void testAES128KEK()
-        throws Exception
-    {
-        SecretKey key = CMSTestUtil.makeAESKey(128);
-
-        tryKekAlgorithm(new BcAESSymmetricKeyWrapper(new KeyParameter(key.getEncoded())), new BcAESSymmetricKeyUnwrapper(new KeyParameter(key.getEncoded())), NISTObjectIdentifiers.id_aes128_wrap);
-    }
-
-    public void testAES192KEK()
-        throws Exception
-    {
-        SecretKey key = CMSTestUtil.makeAESKey(192);
-
-        tryKekAlgorithm(new BcAESSymmetricKeyWrapper(new KeyParameter(key.getEncoded())), new BcAESSymmetricKeyUnwrapper(new KeyParameter(key.getEncoded())), NISTObjectIdentifiers.id_aes192_wrap);
-    }
-
-    public void testAES256KEK()
-        throws Exception
-    {
-        SecretKey key = CMSTestUtil.makeAESKey(256);
-
-        tryKekAlgorithm(new BcAESSymmetricKeyWrapper(new KeyParameter(key.getEncoded())), new BcAESSymmetricKeyUnwrapper(new KeyParameter(key.getEncoded())), NISTObjectIdentifiers.id_aes256_wrap);
-    }
-
-    private void tryKekAlgorithm(BcSymmetricKeyWrapper kekWrapper, BcSymmetricKeyUnwrapper kekUnwrapper, ASN1ObjectIdentifier algOid)
-        throws NoSuchAlgorithmException, NoSuchProviderException, CMSException
-    {
-        byte[]    data = "WallaWallaWashington".getBytes();
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        byte[]  kekId = new byte[] { 1, 2, 3, 4, 5 };
-
-        edGen.addRecipientInfoGenerator(new BcKEKRecipientInfoGenerator(kekId, kekWrapper));
-
-        CMSEnvelopedData ed = edGen.generate(
-                                new CMSProcessableByteArray(data),
-                                new BcCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).build());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        assertEquals(ed.getEncryptionAlgOID(), CMSAlgorithm.DES_EDE3_CBC.getId());
-
-        if (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(algOid.getId(), recipient.getKeyEncryptionAlgOID());
-
-            byte[] recData = recipient.getContent(new BcKEKEnvelopedRecipient(kekUnwrapper));
-
-            assertTrue(Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-
-    public void testECKeyAgree()
-        throws Exception
-    {
-        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new JceKeyAgreeRecipientInfoGenerator(CMSAlgorithm.ECDH_SHA1KDF,
-            _origEcKP.getPrivate(), _origEcKP.getPublic(),
-             CMSAlgorithm.AES128_WRAP).addRecipient(_reciEcCert).setProvider(BC));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new BcCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).build());
-
-        assertEquals(ed.getEncryptionAlgOID(), CMSAlgorithm.AES128_CBC.getId());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        confirmDataReceived(recipients, data, _reciEcCert, _reciEcKP.getPrivate(), BC);
-        confirmNumberRecipients(recipients, 1);
-    }
-
-    public void testECMQVKeyAgree()
-        throws Exception
-    {
-        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new JceKeyAgreeRecipientInfoGenerator(CMSAlgorithm.ECMQV_SHA1KDF,
-            _origEcKP.getPrivate(), _origEcKP.getPublic(),
-            CMSAlgorithm.AES128_WRAP).addRecipient(_reciEcCert).setProvider(BC));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new BcCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).build());
-
-        assertEquals(ed.getEncryptionAlgOID(), CMSAlgorithm.AES128_CBC.getId());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        confirmDataReceived(recipients, data, _reciEcCert, _reciEcKP.getPrivate(), BC);
-        confirmNumberRecipients(recipients, 1);
-    }
-
-    public void testECMQVKeyAgreeMultiple()
-        throws Exception
-    {
-        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        JceKeyAgreeRecipientInfoGenerator recipientGenerator = new JceKeyAgreeRecipientInfoGenerator(CMSAlgorithm.ECMQV_SHA1KDF,
-            _origEcKP.getPrivate(), _origEcKP.getPublic(), CMSAlgorithm.AES128_WRAP).setProvider(BC);
-
-        recipientGenerator.addRecipient(_reciEcCert);
-        recipientGenerator.addRecipient(_reciEcCert2);
-
-        edGen.addRecipientInfoGenerator(recipientGenerator);
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new BcCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).build());
-
-        assertEquals(ed.getEncryptionAlgOID(), CMSAlgorithm.AES128_CBC.getId());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        confirmDataReceived(recipients, data, _reciEcCert, _reciEcKP.getPrivate(), BC);
-        confirmDataReceived(recipients, data, _reciEcCert2, _reciEcKP2.getPrivate(), BC);
-        confirmNumberRecipients(recipients, 2);
-    }
-
-    private static void confirmDataReceived(RecipientInformationStore recipients,
-        byte[] expectedData, X509Certificate reciCert, PrivateKey reciPrivKey, String provider)
-        throws CMSException, NoSuchProviderException, CertificateEncodingException, IOException
-    {
-        RecipientId rid = new JceKeyAgreeRecipientId(reciCert);
-
-        RecipientInformation recipient = recipients.get(rid);
-        assertNotNull(recipient);
-
-        byte[] actualData = recipient.getContent(new JceKeyAgreeEnvelopedRecipient(reciPrivKey).setProvider(provider));
-        assertEquals(true, Arrays.equals(expectedData, actualData));
-    }
-
-    private static void confirmNumberRecipients(RecipientInformationStore recipients, int count)
-    {
-        assertEquals(count, recipients.getRecipients().size());
-    }
-
-    public void testECKeyAgreeVectors()
-        throws Exception
-    {
-        PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(ecKeyAgreeKey);
-        KeyFactory fact = KeyFactory.getInstance("ECDH", BC);
-        PrivateKey privKey = fact.generatePrivate(privSpec);
-
-        verifyECKeyAgreeVectors(privKey, "2.16.840.1.101.3.4.1.42", ecKeyAgreeMsgAES256);
-        verifyECKeyAgreeVectors(privKey, "2.16.840.1.101.3.4.1.2", ecKeyAgreeMsgAES128);
-        verifyECKeyAgreeVectors(privKey, "1.2.840.113549.3.7", ecKeyAgreeMsgDESEDE);
-    }
-
-    public void testECMQVKeyAgreeVectors()
-        throws Exception
-    {
-        PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(ecKeyAgreeKey);
-        KeyFactory fact = KeyFactory.getInstance("ECDH", BC);
-        PrivateKey privKey = fact.generatePrivate(privSpec);
-
-        verifyECMQVKeyAgreeVectors(privKey, "2.16.840.1.101.3.4.1.2", ecMQVKeyAgreeMsgAES128);
-    }
-
-    public void testPasswordAES256()
-        throws Exception
-    {
-        passwordTest(CMSAlgorithm.AES256_CBC);
-        passwordUTF8Test(CMSAlgorithm.AES256_CBC);
-    }
-
-    public void testPasswordDESEDE()
-        throws Exception
-    {
-        passwordTest(CMSAlgorithm.DES_EDE3_CBC);
-        passwordUTF8Test(CMSAlgorithm.DES_EDE3_CBC);
-    }
-
-    public void testRFC4134ex5_1()
-        throws Exception
-    {
-        byte[] data = Hex.decode("5468697320697320736f6d652073616d706c6520636f6e74656e742e");
-
-        KeyFactory kFact = KeyFactory.getInstance("RSA", BC);
-        Key key = kFact.generatePrivate(new PKCS8EncodedKeySpec(bobPrivRsaEncrypt));
-
-        CMSEnvelopedData ed = new CMSEnvelopedData(rfc4134ex5_1);
-
-        RecipientInformationStore  recipients = ed.getRecipientInfos();
-
-        assertEquals("1.2.840.113549.3.7", ed.getEncryptionAlgOID());
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        if (it.hasNext())
-        {
-            RecipientInformation   recipient = (RecipientInformation)it.next();
-
-            byte[] recData = recipient.getContent(new BcRSAKeyTransEnvelopedRecipient(PrivateKeyFactory.createKey(PrivateKeyInfo.getInstance(key.getEncoded()))));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-
-    public void testRFC4134ex5_2()
-        throws Exception
-    {
-        byte[] data = Hex.decode("5468697320697320736f6d652073616d706c6520636f6e74656e742e");
-
-        KeyFactory kFact = KeyFactory.getInstance("RSA", BC);
-        PrivateKey key = kFact.generatePrivate(new PKCS8EncodedKeySpec(bobPrivRsaEncrypt));
-
-        CMSEnvelopedData ed = new CMSEnvelopedData(rfc4134ex5_2);
-
-        RecipientInformationStore  recipients = ed.getRecipientInfos();
-
-        assertEquals("1.2.840.113549.3.2", ed.getEncryptionAlgOID());
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        if (it.hasNext())
-        {
-            while (it.hasNext())
-            {
-                RecipientInformation   recipient = (RecipientInformation)it.next();
-                byte[] recData;
-
-                if (recipient instanceof KeyTransRecipientInformation)
-                {
-                    recData = recipient.getContent(new BcRSAKeyTransEnvelopedRecipient(PrivateKeyFactory.createKey(PrivateKeyInfo.getInstance(key.getEncoded()))));
-
-                    assertEquals(true, Arrays.equals(data, recData));
-                }
-            }
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-
-    public void testOriginatorInfo()
-        throws Exception
-    {
-        CMSEnvelopedData env = new CMSEnvelopedData(CMSSampleMessages.originatorMessage);
-
-        RecipientInformationStore  recipients = env.getRecipientInfos();
-
-        assertEquals(CMSAlgorithm.DES_EDE3_CBC.getId(), env.getEncryptionAlgOID());
-    }
-
-    private void passwordTest(ASN1ObjectIdentifier algorithm)
-        throws Exception
-    {
-        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new BcPasswordRecipientInfoGenerator(algorithm, "password".toCharArray()).setPasswordConversionScheme(PasswordRecipient.PKCS5_SCHEME2).setSaltAndIterationCount(new byte[20], 5));
-
-        CMSEnvelopedData ed = edGen.generate(
-                              new CMSProcessableByteArray(data),
-                              new BcCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).build());
-
-        RecipientInformationStore  recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(),
-                                   CMSAlgorithm.AES128_CBC.getId());
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        if (it.hasNext())
-        {
-            PasswordRecipientInformation recipient = (PasswordRecipientInformation)it.next();
-
-            byte[] recData = recipient.getContent(new BcPasswordEnvelopedRecipient("password".toCharArray()).setPasswordConversionScheme(PasswordRecipient.PKCS5_SCHEME2));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-
-        //
-        // try algorithm parameters constructor
-        //
-        it = c.iterator();
-
-        RecipientInformation   recipient = (RecipientInformation)it.next();
-
-        byte[] recData = recipient.getContent(new BcPasswordEnvelopedRecipient("password".toCharArray()).setPasswordConversionScheme(PasswordRecipient.PKCS5_SCHEME2));
-        assertEquals(true, Arrays.equals(data, recData));
-    }
-
-    private void passwordUTF8Test(ASN1ObjectIdentifier algorithm)
-        throws Exception
-    {
-        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new BcPasswordRecipientInfoGenerator(algorithm, "abc\u5639\u563b".toCharArray()).setSaltAndIterationCount(new byte[20], 5));
-
-        CMSEnvelopedData ed = edGen.generate(
-                              new CMSProcessableByteArray(data),
-                              new BcCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).build());
-
-        RecipientInformationStore  recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(),
-                                   CMSAlgorithm.AES128_CBC.getId());
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        if (it.hasNext())
-        {
-            RecipientInformation   recipient = (RecipientInformation)it.next();
-
-            byte[] recData = recipient.getContent(new BcPasswordEnvelopedRecipient("abc\u5639\u563b".toCharArray()));
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-
-        //
-        // try algorithm parameters constructor
-        //
-        it = c.iterator();
-
-        RecipientInformation   recipient = (RecipientInformation)it.next();
-
-        byte[] recData = recipient.getContent(new BcPasswordEnvelopedRecipient("abc\u5639\u563b".toCharArray()));
-        assertEquals(true, Arrays.equals(data, recData));
-    }
-
-    private void verifyECKeyAgreeVectors(PrivateKey privKey, String wrapAlg, byte[] message)
-        throws CMSException, GeneralSecurityException
-    {
-        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
-
-        CMSEnvelopedData ed = new CMSEnvelopedData(message);
-
-        RecipientInformationStore  recipients = ed.getRecipientInfos();
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        assertEquals(wrapAlg, ed.getEncryptionAlgOID());
-
-        if (it.hasNext())
-        {
-            RecipientInformation   recipient = (RecipientInformation)it.next();
-
-            assertEquals("1.3.133.16.840.63.0.2", recipient.getKeyEncryptionAlgOID());
-
-            byte[] recData = recipient.getContent(new JceKeyAgreeEnvelopedRecipient(privKey).setProvider(BC));
-
-            assertTrue(Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-
-    private void verifyECMQVKeyAgreeVectors(PrivateKey privKey, String wrapAlg, byte[] message)
-        throws CMSException, GeneralSecurityException
-    {
-        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
-
-        CMSEnvelopedData ed = new CMSEnvelopedData(message);
-
-        RecipientInformationStore  recipients = ed.getRecipientInfos();
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        assertEquals(wrapAlg, ed.getEncryptionAlgOID());
-
-        if (it.hasNext())
-        {
-            RecipientInformation   recipient = (RecipientInformation)it.next();
-
-            assertEquals("1.3.133.16.840.63.0.16", recipient.getKeyEncryptionAlgOID());
-
-            byte[] recData = recipient.getContent(new JceKeyAgreeEnvelopedRecipient(privKey).setProvider(BC));
-
-            assertTrue(Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/test/BcSignedDataTest.java b/bcpkix/src/main/java/org/bouncycastle/cms/test/BcSignedDataTest.java
deleted file mode 100644
index 493e41d..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/test/BcSignedDataTest.java
+++ /dev/null

@@ -1,1848 +0,0 @@
-package org.bouncycastle.cms.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.MessageDigest;
-import java.security.Security;
-import java.security.cert.X509CRL;
-import java.security.cert.X509Certificate;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.cms.Attribute;
-import org.bouncycastle.asn1.cms.AttributeTable;
-import org.bouncycastle.asn1.cms.CMSAttributes;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cert.X509AttributeCertificateHolder;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.jcajce.JcaCRLStore;
-import org.bouncycastle.cert.jcajce.JcaCertStore;
-import org.bouncycastle.cert.jcajce.JcaX509CRLHolder;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
-import org.bouncycastle.cms.CMSAbsentContent;
-import org.bouncycastle.cms.CMSAlgorithm;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.CMSProcessableByteArray;
-import org.bouncycastle.cms.CMSSignedData;
-import org.bouncycastle.cms.CMSSignedDataGenerator;
-import org.bouncycastle.cms.CMSSignedDataParser;
-import org.bouncycastle.cms.CMSTypedData;
-import org.bouncycastle.cms.DefaultCMSSignatureAlgorithmNameGenerator;
-import org.bouncycastle.cms.DefaultSignedAttributeTableGenerator;
-import org.bouncycastle.cms.SignerId;
-import org.bouncycastle.cms.SignerInfoGeneratorBuilder;
-import org.bouncycastle.cms.SignerInformation;
-import org.bouncycastle.cms.SignerInformationStore;
-import org.bouncycastle.cms.bc.BcRSASignerInfoVerifierBuilder;
-import org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
-import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoGeneratorBuilder;
-import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.signers.RSADigestSigner;
-import org.bouncycastle.crypto.util.PrivateKeyFactory;
-import org.bouncycastle.crypto.util.PublicKeyFactory;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.operator.BufferingContentSigner;
-import org.bouncycastle.operator.ContentSigner;
-import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
-import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-import org.bouncycastle.operator.bc.BcContentSignerBuilder;
-import org.bouncycastle.operator.bc.BcDigestCalculatorProvider;
-import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder;
-import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
-import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
-import org.bouncycastle.util.CollectionStore;
-import org.bouncycastle.util.Store;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.io.Streams;
-
-public class BcSignedDataTest
-    extends TestCase
-{
-    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
-
-    boolean DEBUG = true;
-
-    private static String _origDN;
-    private static KeyPair _origKP;
-    private static X509Certificate _origCert;
-
-    private static String _signDN;
-    private static KeyPair _signKP;
-    private static X509Certificate _signCert;
-
-    private static KeyPair _signEcDsaKP;
-    private static X509Certificate _signEcDsaCert;
-
-    private static KeyPair _signEcGostKP;
-    private static X509Certificate _signEcGostCert;
-
-    private static KeyPair _signDsaKP;
-    private static X509Certificate _signDsaCert;
-
-    private static String _reciDN;
-    private static KeyPair _reciKP;
-    private static X509Certificate _reciCert;
-
-    private static X509CRL _signCrl;
-
-    private static boolean _initialised = false;
-
-    private byte[] disorderedMessage = Base64.decode(
-            "SU9fc3RkaW5fdXNlZABfX2xpYmNfc3RhcnRfbWFpbgBnZXRob3N0aWQAX19n"
-          + "bW9uX3M=");
-
-    private byte[] disorderedSet = Base64.decode(
-            "MIIYXQYJKoZIhvcNAQcCoIIYTjCCGEoCAQExCzAJBgUrDgMCGgUAMAsGCSqG"
-          + "SIb3DQEHAaCCFqswggJUMIIBwKADAgECAgMMg6wwCgYGKyQDAwECBQAwbzEL"
-          + "MAkGA1UEBhMCREUxPTA7BgNVBAoUNFJlZ3VsaWVydW5nc2JlaMhvcmRlIGbI"
-          + "dXIgVGVsZWtvbW11bmlrYXRpb24gdW5kIFBvc3QxITAMBgcCggYBCgcUEwEx"
-          + "MBEGA1UEAxQKNFItQ0EgMTpQTjAiGA8yMDAwMDMyMjA5NDM1MFoYDzIwMDQw"
-          + "MTIxMTYwNDUzWjBvMQswCQYDVQQGEwJERTE9MDsGA1UEChQ0UmVndWxpZXJ1"
-          + "bmdzYmVoyG9yZGUgZsh1ciBUZWxla29tbXVuaWthdGlvbiB1bmQgUG9zdDEh"
-          + "MAwGBwKCBgEKBxQTATEwEQYDVQQDFAo1Ui1DQSAxOlBOMIGhMA0GCSqGSIb3"
-          + "DQEBAQUAA4GPADCBiwKBgQCKHkFTJx8GmoqFTxEOxpK9XkC3NZ5dBEKiUv0I"
-          + "fe3QMqeGMoCUnyJxwW0k2/53duHxtv2yHSZpFKjrjvE/uGwdOMqBMTjMzkFg"
-          + "19e9JPv061wyADOucOIaNAgha/zFt9XUyrHF21knKCvDNExv2MYIAagkTKaj"
-          + "LMAw0bu1J0FadQIFAMAAAAEwCgYGKyQDAwECBQADgYEAgFauXpoTLh3Z3pT/"
-          + "3bhgrxO/2gKGZopWGSWSJPNwq/U3x2EuctOJurj+y2inTcJjespThflpN+7Q"
-          + "nvsUhXU+jL2MtPlObU0GmLvWbi47cBShJ7KElcZAaxgWMBzdRGqTOdtMv+ev"
-          + "2t4igGF/q71xf6J2c3pTLWr6P8s6tzLfOCMwggJDMIIBr6ADAgECAgQAuzyu"
-          + "MAoGBiskAwMBAgUAMG8xCzAJBgNVBAYTAkRFMT0wOwYDVQQKFDRSZWd1bGll"
-          + "cnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21tdW5pa2F0aW9uIHVuZCBQb3N0"
-          + "MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjVSLUNBIDE6UE4wIhgPMjAwMTA4"
-          + "MjAwODA4MjBaGA8yMDA1MDgyMDA4MDgyMFowSzELMAkGA1UEBhMCREUxEjAQ"
-          + "BgNVBAoUCVNpZ250cnVzdDEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFDQSBT"
-          + "SUdOVFJVU1QgMTpQTjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAhV12"
-          + "N2WhlR6f+3CXP57GrBM9la5Vnsu2b92zv5MZqQOPeEsYbZqDCFkYg1bSwsDE"
-          + "XsGVQqXdQNAGUaapr/EUVVN+hNZ07GcmC1sPeQECgUkxDYjGi4ihbvzxlahj"
-          + "L4nX+UTzJVBfJwXoIvJ+lMHOSpnOLIuEL3SRhBItvRECxN0CAwEAAaMSMBAw"
-          + "DgYDVR0PAQH/BAQDAgEGMAoGBiskAwMBAgUAA4GBACDc9Pc6X8sK1cerphiV"
-          + "LfFv4kpZb9ev4WPy/C6987Qw1SOTElhZAmxaJQBqmDHWlQ63wj1DEqswk7hG"
-          + "LrvQk/iX6KXIn8e64uit7kx6DHGRKNvNGofPjr1WelGeGW/T2ZJKgmPDjCkf"
-          + "sIKt2c3gwa2pDn4mmCz/DStUIqcPDbqLMIICVTCCAcGgAwIBAgIEAJ16STAK"
-          + "BgYrJAMDAQIFADBvMQswCQYDVQQGEwJERTE9MDsGA1UEChQ0UmVndWxpZXJ1"
-          + "bmdzYmVoyG9yZGUgZsh1ciBUZWxla29tbXVuaWthdGlvbiB1bmQgUG9zdDEh"
-          + "MAwGBwKCBgEKBxQTATEwEQYDVQQDFAo1Ui1DQSAxOlBOMCIYDzIwMDEwMjAx"
-          + "MTM0NDI1WhgPMjAwNTAzMjIwODU1NTFaMG8xCzAJBgNVBAYTAkRFMT0wOwYD"
-          + "VQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21tdW5pa2F0"
-          + "aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjZSLUNhIDE6"
-          + "UE4wgaEwDQYJKoZIhvcNAQEBBQADgY8AMIGLAoGBAIOiqxUkzVyqnvthihnl"
-          + "tsE5m1Xn5TZKeR/2MQPStc5hJ+V4yptEtIx+Fn5rOoqT5VEVWhcE35wdbPvg"
-          + "JyQFn5msmhPQT/6XSGOlrWRoFummXN9lQzAjCj1sgTcmoLCVQ5s5WpCAOXFw"
-          + "VWu16qndz3sPItn3jJ0F3Kh3w79NglvPAgUAwAAAATAKBgYrJAMDAQIFAAOB"
-          + "gQBpSRdnDb6AcNVaXSmGo6+kVPIBhot1LzJOGaPyDNpGXxd7LV4tMBF1U7gr"
-          + "4k1g9BO6YiMWvw9uiTZmn0CfV8+k4fWEuG/nmafRoGIuay2f+ILuT+C0rnp1"
-          + "4FgMsEhuVNJJAmb12QV0PZII+UneyhAneZuQQzVUkTcVgYxogxdSOzCCAlUw"
-          + "ggHBoAMCAQICBACdekowCgYGKyQDAwECBQAwbzELMAkGA1UEBhMCREUxPTA7"
-          + "BgNVBAoUNFJlZ3VsaWVydW5nc2JlaMhvcmRlIGbIdXIgVGVsZWtvbW11bmlr"
-          + "YXRpb24gdW5kIFBvc3QxITAMBgcCggYBCgcUEwExMBEGA1UEAxQKNlItQ2Eg"
-          + "MTpQTjAiGA8yMDAxMDIwMTEzNDcwN1oYDzIwMDUwMzIyMDg1NTUxWjBvMQsw"
-          + "CQYDVQQGEwJERTE9MDsGA1UEChQ0UmVndWxpZXJ1bmdzYmVoyG9yZGUgZsh1"
-          + "ciBUZWxla29tbXVuaWthdGlvbiB1bmQgUG9zdDEhMAwGBwKCBgEKBxQTATEw"
-          + "EQYDVQQDFAo1Ui1DQSAxOlBOMIGhMA0GCSqGSIb3DQEBAQUAA4GPADCBiwKB"
-          + "gQCKHkFTJx8GmoqFTxEOxpK9XkC3NZ5dBEKiUv0Ife3QMqeGMoCUnyJxwW0k"
-          + "2/53duHxtv2yHSZpFKjrjvE/uGwdOMqBMTjMzkFg19e9JPv061wyADOucOIa"
-          + "NAgha/zFt9XUyrHF21knKCvDNExv2MYIAagkTKajLMAw0bu1J0FadQIFAMAA"
-          + "AAEwCgYGKyQDAwECBQADgYEAV1yTi+2gyB7sUhn4PXmi/tmBxAfe5oBjDW8m"
-          + "gxtfudxKGZ6l/FUPNcrSc5oqBYxKWtLmf3XX87LcblYsch617jtNTkMzhx9e"
-          + "qxiD02ufcrxz2EVt0Akdqiz8mdVeqp3oLcNU/IttpSrcA91CAnoUXtDZYwb/"
-          + "gdQ4FI9l3+qo/0UwggJVMIIBwaADAgECAgQAxIymMAoGBiskAwMBAgUAMG8x"
-          + "CzAJBgNVBAYTAkRFMT0wOwYDVQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBm"
-          + "yHVyIFRlbGVrb21tdW5pa2F0aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMB"
-          + "MTARBgNVBAMUCjZSLUNhIDE6UE4wIhgPMjAwMTEwMTUxMzMxNThaGA8yMDA1"
-          + "MDYwMTA5NTIxN1owbzELMAkGA1UEBhMCREUxPTA7BgNVBAoUNFJlZ3VsaWVy"
-          + "dW5nc2JlaMhvcmRlIGbIdXIgVGVsZWtvbW11bmlrYXRpb24gdW5kIFBvc3Qx"
-          + "ITAMBgcCggYBCgcUEwExMBEGA1UEAxQKN1ItQ0EgMTpQTjCBoTANBgkqhkiG"
-          + "9w0BAQEFAAOBjwAwgYsCgYEAiokD/j6lEP4FexF356OpU5teUpGGfUKjIrFX"
-          + "BHc79G0TUzgVxqMoN1PWnWktQvKo8ETaugxLkP9/zfX3aAQzDW4Zki6x6GDq"
-          + "fy09Agk+RJvhfbbIzRkV4sBBco0n73x7TfG/9NTgVr/96U+I+z/1j30aboM6"
-          + "9OkLEhjxAr0/GbsCBQDAAAABMAoGBiskAwMBAgUAA4GBAHWRqRixt+EuqHhR"
-          + "K1kIxKGZL2vZuakYV0R24Gv/0ZR52FE4ECr+I49o8FP1qiGSwnXB0SwjuH2S"
-          + "iGiSJi+iH/MeY85IHwW1P5e+bOMvEOFhZhQXQixOD7totIoFtdyaj1XGYRef"
-          + "0f2cPOjNJorXHGV8wuBk+/j++sxbd/Net3FtMIICVTCCAcGgAwIBAgIEAMSM"
-          + "pzAKBgYrJAMDAQIFADBvMQswCQYDVQQGEwJERTE9MDsGA1UEChQ0UmVndWxp"
-          + "ZXJ1bmdzYmVoyG9yZGUgZsh1ciBUZWxla29tbXVuaWthdGlvbiB1bmQgUG9z"
-          + "dDEhMAwGBwKCBgEKBxQTATEwEQYDVQQDFAo3Ui1DQSAxOlBOMCIYDzIwMDEx"
-          + "MDE1MTMzNDE0WhgPMjAwNTA2MDEwOTUyMTdaMG8xCzAJBgNVBAYTAkRFMT0w"
-          + "OwYDVQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21tdW5p"
-          + "a2F0aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjZSLUNh"
-          + "IDE6UE4wgaEwDQYJKoZIhvcNAQEBBQADgY8AMIGLAoGBAIOiqxUkzVyqnvth"
-          + "ihnltsE5m1Xn5TZKeR/2MQPStc5hJ+V4yptEtIx+Fn5rOoqT5VEVWhcE35wd"
-          + "bPvgJyQFn5msmhPQT/6XSGOlrWRoFummXN9lQzAjCj1sgTcmoLCVQ5s5WpCA"
-          + "OXFwVWu16qndz3sPItn3jJ0F3Kh3w79NglvPAgUAwAAAATAKBgYrJAMDAQIF"
-          + "AAOBgQBi5W96UVDoNIRkCncqr1LLG9vF9SGBIkvFpLDIIbcvp+CXhlvsdCJl"
-          + "0pt2QEPSDl4cmpOet+CxJTdTuMeBNXxhb7Dvualog69w/+K2JbPhZYxuVFZs"
-          + "Zh5BkPn2FnbNu3YbJhE60aIkikr72J4XZsI5DxpZCGh6xyV/YPRdKSljFjCC"
-          + "AlQwggHAoAMCAQICAwyDqzAKBgYrJAMDAQIFADBvMQswCQYDVQQGEwJERTE9"
-          + "MDsGA1UEChQ0UmVndWxpZXJ1bmdzYmVoyG9yZGUgZsh1ciBUZWxla29tbXVu"
-          + "aWthdGlvbiB1bmQgUG9zdDEhMAwGBwKCBgEKBxQTATEwEQYDVQQDFAo1Ui1D"
-          + "QSAxOlBOMCIYDzIwMDAwMzIyMDk0MTI3WhgPMjAwNDAxMjExNjA0NTNaMG8x"
-          + "CzAJBgNVBAYTAkRFMT0wOwYDVQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBm"
-          + "yHVyIFRlbGVrb21tdW5pa2F0aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMB"
-          + "MTARBgNVBAMUCjRSLUNBIDE6UE4wgaEwDQYJKoZIhvcNAQEBBQADgY8AMIGL"
-          + "AoGBAI8x26tmrFJanlm100B7KGlRemCD1R93PwdnG7svRyf5ZxOsdGrDszNg"
-          + "xg6ouO8ZHQMT3NC2dH8TvO65Js+8bIyTm51azF6clEg0qeWNMKiiXbBXa+ph"
-          + "hTkGbXiLYvACZ6/MTJMJ1lcrjpRF7BXtYeYMcEF6znD4pxOqrtbf9z5hAgUA"
-          + "wAAAATAKBgYrJAMDAQIFAAOBgQB99BjSKlGPbMLQAgXlvA9jUsDNhpnVm3a1"
-          + "YkfxSqS/dbQlYkbOKvCxkPGA9NBxisBM8l1zFynVjJoy++aysRmcnLY/sHaz"
-          + "23BF2iU7WERy18H3lMBfYB6sXkfYiZtvQZcWaO48m73ZBySuiV3iXpb2wgs/"
-          + "Cs20iqroAWxwq/W/9jCCAlMwggG/oAMCAQICBDsFZ9UwCgYGKyQDAwECBQAw"
-          + "bzELMAkGA1UEBhMCREUxITAMBgcCggYBCgcUEwExMBEGA1UEAxQKNFItQ0Eg"
-          + "MTpQTjE9MDsGA1UEChQ0UmVndWxpZXJ1bmdzYmVoyG9yZGUgZsh1ciBUZWxl"
-          + "a29tbXVuaWthdGlvbiB1bmQgUG9zdDAiGA8xOTk5MDEyMTE3MzUzNFoYDzIw"
-          + "MDQwMTIxMTYwMDAyWjBvMQswCQYDVQQGEwJERTE9MDsGA1UEChQ0UmVndWxp"
-          + "ZXJ1bmdzYmVoyG9yZGUgZsh1ciBUZWxla29tbXVuaWthdGlvbiB1bmQgUG9z"
-          + "dDEhMAwGBwKCBgEKBxQTATEwEQYDVQQDFAozUi1DQSAxOlBOMIGfMA0GCSqG"
-          + "SIb3DQEBAQUAA4GNADCBiQKBgI4B557mbKQg/AqWBXNJhaT/6lwV93HUl4U8"
-          + "u35udLq2+u9phns1WZkdM3gDfEpL002PeLfHr1ID/96dDYf04lAXQfombils"
-          + "of1C1k32xOvxjlcrDOuPEMxz9/HDAQZA5MjmmYHAIulGI8Qg4Tc7ERRtg/hd"
-          + "0QX0/zoOeXoDSEOBAgTAAAABMAoGBiskAwMBAgUAA4GBAIyzwfT3keHI/n2P"
-          + "LrarRJv96mCohmDZNpUQdZTVjGu5VQjVJwk3hpagU0o/t/FkdzAjOdfEw8Ql"
-          + "3WXhfIbNLv1YafMm2eWSdeYbLcbB5yJ1od+SYyf9+tm7cwfDAcr22jNRBqx8"
-          + "wkWKtKDjWKkevaSdy99sAI8jebHtWz7jzydKMIID9TCCA16gAwIBAgICbMcw"
-          + "DQYJKoZIhvcNAQEFBQAwSzELMAkGA1UEBhMCREUxEjAQBgNVBAoUCVNpZ250"
-          + "cnVzdDEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFDQSBTSUdOVFJVU1QgMTpQ"
-          + "TjAeFw0wNDA3MzAxMzAyNDZaFw0wNzA3MzAxMzAyNDZaMDwxETAPBgNVBAMM"
-          + "CFlhY29tOlBOMQ4wDAYDVQRBDAVZYWNvbTELMAkGA1UEBhMCREUxCjAIBgNV"
-          + "BAUTATEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAIWzLlYLQApocXIp"
-          + "pgCCpkkOUVLgcLYKeOd6/bXAnI2dTHQqT2bv7qzfUnYvOqiNgYdF13pOYtKg"
-          + "XwXMTNFL4ZOI6GoBdNs9TQiZ7KEWnqnr2945HYx7UpgTBclbOK/wGHuCdcwO"
-          + "x7juZs1ZQPFG0Lv8RoiV9s6HP7POqh1sO0P/AgMBAAGjggH1MIIB8TCBnAYD"
-          + "VR0jBIGUMIGRgBQcZzNghfnXoXRm8h1+VITC5caNRqFzpHEwbzELMAkGA1UE"
-          + "BhMCREUxPTA7BgNVBAoUNFJlZ3VsaWVydW5nc2JlaMhvcmRlIGbIdXIgVGVs"
-          + "ZWtvbW11bmlrYXRpb24gdW5kIFBvc3QxITAMBgcCggYBCgcUEwExMBEGA1UE"
-          + "AxQKNVItQ0EgMTpQToIEALs8rjAdBgNVHQ4EFgQU2e5KAzkVuKaM9I5heXkz"
-          + "bcAIuR8wDgYDVR0PAQH/BAQDAgZAMBIGA1UdIAQLMAkwBwYFKyQIAQEwfwYD"
-          + "VR0fBHgwdjB0oCygKoYobGRhcDovL2Rpci5zaWdudHJ1c3QuZGUvbz1TaWdu"
-          + "dHJ1c3QsYz1kZaJEpEIwQDEdMBsGA1UEAxMUQ1JMU2lnblNpZ250cnVzdDE6"
-          + "UE4xEjAQBgNVBAoTCVNpZ250cnVzdDELMAkGA1UEBhMCREUwYgYIKwYBBQUH"
-          + "AQEEVjBUMFIGCCsGAQUFBzABhkZodHRwOi8vZGlyLnNpZ250cnVzdC5kZS9T"
-          + "aWdudHJ1c3QvT0NTUC9zZXJ2bGV0L2h0dHBHYXRld2F5LlBvc3RIYW5kbGVy"
-          + "MBgGCCsGAQUFBwEDBAwwCjAIBgYEAI5GAQEwDgYHAoIGAQoMAAQDAQH/MA0G"
-          + "CSqGSIb3DQEBBQUAA4GBAHn1m3GcoyD5GBkKUY/OdtD6Sj38LYqYCF+qDbJR"
-          + "6pqUBjY2wsvXepUppEler+stH8mwpDDSJXrJyuzf7xroDs4dkLl+Rs2x+2tg"
-          + "BjU+ABkBDMsym2WpwgA8LCdymmXmjdv9tULxY+ec2pjSEzql6nEZNEfrU8nt"
-          + "ZCSCavgqW4TtMYIBejCCAXYCAQEwUTBLMQswCQYDVQQGEwJERTESMBAGA1UE"
-          + "ChQJU2lnbnRydXN0MSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEUNBIFNJR05U"
-          + "UlVTVCAxOlBOAgJsxzAJBgUrDgMCGgUAoIGAMBgGCSqGSIb3DQEJAzELBgkq"
-          + "hkiG9w0BBwEwIwYJKoZIhvcNAQkEMRYEFIYfhPoyfGzkLWWSSLjaHb4HQmaK"
-          + "MBwGCSqGSIb3DQEJBTEPFw0wNTAzMjQwNzM4MzVaMCEGBSskCAYFMRgWFi92"
-          + "YXIvZmlsZXMvdG1wXzEvdGVzdDEwDQYJKoZIhvcNAQEFBQAEgYA2IvA8lhVz"
-          + "VD5e/itUxbFboKxeKnqJ5n/KuO/uBCl1N14+7Z2vtw1sfkIG+bJdp3OY2Cmn"
-          + "mrQcwsN99Vjal4cXVj8t+DJzFG9tK9dSLvD3q9zT/GQ0kJXfimLVwCa4NaSf"
-          + "Qsu4xtG0Rav6bCcnzabAkKuNNvKtH8amSRzk870DBg==");
-
-    public static byte[] xtraCounterSig = Base64.decode(
-                 "MIIR/AYJKoZIhvcNAQcCoIIR7TCCEekCAQExCzAJBgUrDgMCGgUAMBoGCSqG"
-               + "SIb3DQEHAaANBAtIZWxsbyB3b3JsZKCCDnkwggTPMIIDt6ADAgECAgRDnYD3"
-               + "MA0GCSqGSIb3DQEBBQUAMFgxCzAJBgNVBAYTAklUMRowGAYDVQQKExFJbi5U"
-               + "ZS5TLkEuIFMucC5BLjEtMCsGA1UEAxMkSW4uVGUuUy5BLiAtIENlcnRpZmlj"
-               + "YXRpb24gQXV0aG9yaXR5MB4XDTA4MDkxMjExNDMxMloXDTEwMDkxMjExNDMx"
-               + "MlowgdgxCzAJBgNVBAYTAklUMSIwIAYDVQQKDBlJbnRlc2EgUy5wLkEuLzA1"
-               + "MjYyODkwMDE0MSowKAYDVQQLDCFCdXNpbmVzcyBDb2xsYWJvcmF0aW9uICYg"
-               + "U2VjdXJpdHkxHjAcBgNVBAMMFU1BU1NJTUlMSUFOTyBaSUNDQVJESTERMA8G"
-               + "A1UEBAwIWklDQ0FSREkxFTATBgNVBCoMDE1BU1NJTUlMSUFOTzEcMBoGA1UE"
-               + "BRMTSVQ6WkNDTVNNNzZIMTRMMjE5WTERMA8GA1UELhMIMDAwMDI1ODUwgaAw"
-               + "DQYJKoZIhvcNAQEBBQADgY4AMIGKAoGBALeJTjmyFgx1SIP6c2AuB/kuyHo5"
-               + "j/prKELTALsFDimre/Hxr3wOSet1TdQfFzU8Lu+EJqgfV9cV+cI1yeH1rZs7"
-               + "lei7L3tX/VR565IywnguX5xwvteASgWZr537Fkws50bvTEMyYOj1Tf3FZvZU"
-               + "z4n4OD39KI4mfR9i1eEVIxR3AgQAizpNo4IBoTCCAZ0wHQYDVR0RBBYwFIES"
-               + "emljY2FyZGlAaW50ZXNhLml0MC8GCCsGAQUFBwEDBCMwITAIBgYEAI5GAQEw"
-               + "CwYGBACORgEDAgEUMAgGBgQAjkYBBDBZBgNVHSAEUjBQME4GBgQAizABATBE"
-               + "MEIGCCsGAQUFBwIBFjZodHRwOi8vZS10cnVzdGNvbS5pbnRlc2EuaXQvY2Ff"
-               + "cHViYmxpY2EvQ1BTX0lOVEVTQS5odG0wDgYDVR0PAQH/BAQDAgZAMIGDBgNV"
-               + "HSMEfDB6gBQZCQOW0bjFWBt+EORuxPagEgkQqKFcpFowWDELMAkGA1UEBhMC"
-               + "SVQxGjAYBgNVBAoTEUluLlRlLlMuQS4gUy5wLkEuMS0wKwYDVQQDEyRJbi5U"
-               + "ZS5TLkEuIC0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCBDzRARMwOwYDVR0f"
-               + "BDQwMjAwoC6gLIYqaHR0cDovL2UtdHJ1c3Rjb20uaW50ZXNhLml0L0NSTC9J"
-               + "TlRFU0EuY3JsMB0GA1UdDgQWBBTf5ItL8KmQh541Dxt7YxcWI1254TANBgkq"
-               + "hkiG9w0BAQUFAAOCAQEAgW+uL1CVWQepbC/wfCmR6PN37Sueb4xiKQj2mTD5"
-               + "UZ5KQjpivy/Hbuf0NrfKNiDEhAvoHSPC31ebGiKuTMFNyZPHfPEUnyYGSxea"
-               + "2w837aXJFr6utPNQGBRi89kH90sZDlXtOSrZI+AzJJn5QK3F9gjcayU2NZXQ"
-               + "MJgRwYmFyn2w4jtox+CwXPQ9E5XgxiMZ4WDL03cWVXDLX00EOJwnDDMUNTRI"
-               + "m9Zv+4SKTNlfFbi9UTBqWBySkDzAelsfB2U61oqc2h1xKmCtkGMmN9iZT+Qz"
-               + "ZC/vaaT+hLEBFGAH2gwFrYc4/jTBKyBYeU1vsAxsibIoTs1Apgl6MH75qPDL"
-               + "BzCCBM8wggO3oAMCAQICBEOdgPcwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UE"
-               + "BhMCSVQxGjAYBgNVBAoTEUluLlRlLlMuQS4gUy5wLkEuMS0wKwYDVQQDEyRJ"
-               + "bi5UZS5TLkEuIC0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwOTEy"
-               + "MTE0MzEyWhcNMTAwOTEyMTE0MzEyWjCB2DELMAkGA1UEBhMCSVQxIjAgBgNV"
-               + "BAoMGUludGVzYSBTLnAuQS4vMDUyNjI4OTAwMTQxKjAoBgNVBAsMIUJ1c2lu"
-               + "ZXNzIENvbGxhYm9yYXRpb24gJiBTZWN1cml0eTEeMBwGA1UEAwwVTUFTU0lN"
-               + "SUxJQU5PIFpJQ0NBUkRJMREwDwYDVQQEDAhaSUNDQVJESTEVMBMGA1UEKgwM"
-               + "TUFTU0lNSUxJQU5PMRwwGgYDVQQFExNJVDpaQ0NNU003NkgxNEwyMTlZMREw"
-               + "DwYDVQQuEwgwMDAwMjU4NTCBoDANBgkqhkiG9w0BAQEFAAOBjgAwgYoCgYEA"
-               + "t4lOObIWDHVIg/pzYC4H+S7IejmP+msoQtMAuwUOKat78fGvfA5J63VN1B8X"
-               + "NTwu74QmqB9X1xX5wjXJ4fWtmzuV6Lsve1f9VHnrkjLCeC5fnHC+14BKBZmv"
-               + "nfsWTCznRu9MQzJg6PVN/cVm9lTPifg4Pf0ojiZ9H2LV4RUjFHcCBACLOk2j"
-               + "ggGhMIIBnTAdBgNVHREEFjAUgRJ6aWNjYXJkaUBpbnRlc2EuaXQwLwYIKwYB"
-               + "BQUHAQMEIzAhMAgGBgQAjkYBATALBgYEAI5GAQMCARQwCAYGBACORgEEMFkG"
-               + "A1UdIARSMFAwTgYGBACLMAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9lLXRy"
-               + "dXN0Y29tLmludGVzYS5pdC9jYV9wdWJibGljYS9DUFNfSU5URVNBLmh0bTAO"
-               + "BgNVHQ8BAf8EBAMCBkAwgYMGA1UdIwR8MHqAFBkJA5bRuMVYG34Q5G7E9qAS"
-               + "CRCooVykWjBYMQswCQYDVQQGEwJJVDEaMBgGA1UEChMRSW4uVGUuUy5BLiBT"
-               + "LnAuQS4xLTArBgNVBAMTJEluLlRlLlMuQS4gLSBDZXJ0aWZpY2F0aW9uIEF1"
-               + "dGhvcml0eYIEPNEBEzA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vZS10cnVz"
-               + "dGNvbS5pbnRlc2EuaXQvQ1JML0lOVEVTQS5jcmwwHQYDVR0OBBYEFN/ki0vw"
-               + "qZCHnjUPG3tjFxYjXbnhMA0GCSqGSIb3DQEBBQUAA4IBAQCBb64vUJVZB6ls"
-               + "L/B8KZHo83ftK55vjGIpCPaZMPlRnkpCOmK/L8du5/Q2t8o2IMSEC+gdI8Lf"
-               + "V5saIq5MwU3Jk8d88RSfJgZLF5rbDzftpckWvq6081AYFGLz2Qf3SxkOVe05"
-               + "Ktkj4DMkmflArcX2CNxrJTY1ldAwmBHBiYXKfbDiO2jH4LBc9D0TleDGIxnh"
-               + "YMvTdxZVcMtfTQQ4nCcMMxQ1NEib1m/7hIpM2V8VuL1RMGpYHJKQPMB6Wx8H"
-               + "ZTrWipzaHXEqYK2QYyY32JlP5DNkL+9ppP6EsQEUYAfaDAWthzj+NMErIFh5"
-               + "TW+wDGyJsihOzUCmCXowfvmo8MsHMIIEzzCCA7egAwIBAgIEQ52A9zANBgkq"
-               + "hkiG9w0BAQUFADBYMQswCQYDVQQGEwJJVDEaMBgGA1UEChMRSW4uVGUuUy5B"
-               + "LiBTLnAuQS4xLTArBgNVBAMTJEluLlRlLlMuQS4gLSBDZXJ0aWZpY2F0aW9u"
-               + "IEF1dGhvcml0eTAeFw0wODA5MTIxMTQzMTJaFw0xMDA5MTIxMTQzMTJaMIHY"
-               + "MQswCQYDVQQGEwJJVDEiMCAGA1UECgwZSW50ZXNhIFMucC5BLi8wNTI2Mjg5"
-               + "MDAxNDEqMCgGA1UECwwhQnVzaW5lc3MgQ29sbGFib3JhdGlvbiAmIFNlY3Vy"
-               + "aXR5MR4wHAYDVQQDDBVNQVNTSU1JTElBTk8gWklDQ0FSREkxETAPBgNVBAQM"
-               + "CFpJQ0NBUkRJMRUwEwYDVQQqDAxNQVNTSU1JTElBTk8xHDAaBgNVBAUTE0lU"
-               + "OlpDQ01TTTc2SDE0TDIxOVkxETAPBgNVBC4TCDAwMDAyNTg1MIGgMA0GCSqG"
-               + "SIb3DQEBAQUAA4GOADCBigKBgQC3iU45shYMdUiD+nNgLgf5Lsh6OY/6ayhC"
-               + "0wC7BQ4pq3vx8a98DknrdU3UHxc1PC7vhCaoH1fXFfnCNcnh9a2bO5Xouy97"
-               + "V/1UeeuSMsJ4Ll+ccL7XgEoFma+d+xZMLOdG70xDMmDo9U39xWb2VM+J+Dg9"
-               + "/SiOJn0fYtXhFSMUdwIEAIs6TaOCAaEwggGdMB0GA1UdEQQWMBSBEnppY2Nh"
-               + "cmRpQGludGVzYS5pdDAvBggrBgEFBQcBAwQjMCEwCAYGBACORgEBMAsGBgQA"
-               + "jkYBAwIBFDAIBgYEAI5GAQQwWQYDVR0gBFIwUDBOBgYEAIswAQEwRDBCBggr"
-               + "BgEFBQcCARY2aHR0cDovL2UtdHJ1c3Rjb20uaW50ZXNhLml0L2NhX3B1YmJs"
-               + "aWNhL0NQU19JTlRFU0EuaHRtMA4GA1UdDwEB/wQEAwIGQDCBgwYDVR0jBHww"
-               + "eoAUGQkDltG4xVgbfhDkbsT2oBIJEKihXKRaMFgxCzAJBgNVBAYTAklUMRow"
-               + "GAYDVQQKExFJbi5UZS5TLkEuIFMucC5BLjEtMCsGA1UEAxMkSW4uVGUuUy5B"
-               + "LiAtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggQ80QETMDsGA1UdHwQ0MDIw"
-               + "MKAuoCyGKmh0dHA6Ly9lLXRydXN0Y29tLmludGVzYS5pdC9DUkwvSU5URVNB"
-               + "LmNybDAdBgNVHQ4EFgQU3+SLS/CpkIeeNQ8be2MXFiNdueEwDQYJKoZIhvcN"
-               + "AQEFBQADggEBAIFvri9QlVkHqWwv8Hwpkejzd+0rnm+MYikI9pkw+VGeSkI6"
-               + "Yr8vx27n9Da3yjYgxIQL6B0jwt9XmxoirkzBTcmTx3zxFJ8mBksXmtsPN+2l"
-               + "yRa+rrTzUBgUYvPZB/dLGQ5V7Tkq2SPgMySZ+UCtxfYI3GslNjWV0DCYEcGJ"
-               + "hcp9sOI7aMfgsFz0PROV4MYjGeFgy9N3FlVwy19NBDicJwwzFDU0SJvWb/uE"
-               + "ikzZXxW4vVEwalgckpA8wHpbHwdlOtaKnNodcSpgrZBjJjfYmU/kM2Qv72mk"
-               + "/oSxARRgB9oMBa2HOP40wSsgWHlNb7AMbImyKE7NQKYJejB++ajwywcxggM8"
-               + "MIIDOAIBATBgMFgxCzAJBgNVBAYTAklUMRowGAYDVQQKExFJbi5UZS5TLkEu"
-               + "IFMucC5BLjEtMCsGA1UEAxMkSW4uVGUuUy5BLiAtIENlcnRpZmljYXRpb24g"
-               + "QXV0aG9yaXR5AgRDnYD3MAkGBSsOAwIaBQAwDQYJKoZIhvcNAQEBBQAEgYB+"
-               + "lH2cwLqc91mP8prvgSV+RRzk13dJdZvdoVjgQoFrPhBiZCNIEoHvIhMMA/sM"
-               + "X6euSRZk7EjD24FasCEGYyd0mJVLEy6TSPmuW+wWz/28w3a6IWXBGrbb/ild"
-               + "/CJMkPgLPGgOVD1WDwiNKwfasiQSFtySf5DPn3jFevdLeMmEY6GCAjIwggEV"
-               + "BgkqhkiG9w0BCQYxggEGMIIBAgIBATBgMFgxCzAJBgNVBAYTAklUMRowGAYD"
-               + "VQQKExFJbi5UZS5TLkEuIFMucC5BLjEtMCsGA1UEAxMkSW4uVGUuUy5BLiAt"
-               + "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5AgRDnYD3MAkGBSsOAwIaBQAwDQYJ"
-               + "KoZIhvcNAQEBBQAEgYBHlOULfT5GDigIvxP0qZOy8VbpntmzaPF55VV4buKV"
-               + "35J+uHp98gXKp0LrHM69V5IRKuyuQzHHFBqsXxsRI9o6KoOfgliD9Xc+BeMg"
-               + "dKzQhBhBYoFREq8hQM0nSbqDNHYAQyNHMzUA/ZQUO5dlFuH8Dw3iDYAhNtfd"
-               + "PrlchKJthDCCARUGCSqGSIb3DQEJBjGCAQYwggECAgEBMGAwWDELMAkGA1UE"
-               + "BhMCSVQxGjAYBgNVBAoTEUluLlRlLlMuQS4gUy5wLkEuMS0wKwYDVQQDEyRJ"
-               + "bi5UZS5TLkEuIC0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkCBEOdgPcwCQYF"
-               + "Kw4DAhoFADANBgkqhkiG9w0BAQEFAASBgEeU5Qt9PkYOKAi/E/Spk7LxVume"
-               + "2bNo8XnlVXhu4pXfkn64en3yBcqnQusczr1XkhEq7K5DMccUGqxfGxEj2joq"
-               + "g5+CWIP1dz4F4yB0rNCEGEFigVESryFAzSdJuoM0dgBDI0czNQD9lBQ7l2UW"
-               + "4fwPDeINgCE2190+uVyEom2E");
-
-    byte[] noSignedAttrSample2 = Base64.decode(
-          "MIIIlAYJKoZIhvcNAQcCoIIIhTCCCIECAQExCzAJBgUrDgMCGgUAMAsGCSqG"
-        + "SIb3DQEHAaCCB3UwggOtMIIDa6ADAgECAgEzMAsGByqGSM44BAMFADCBkDEL"
-        + "MAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRIwEAYDVQQHEwlQYWxvIEFsdG8x"
-        + "HTAbBgNVBAoTFFN1biBNaWNyb3N5c3RlbXMgSW5jMSMwIQYDVQQLExpKYXZh"
-        + "IFNvZnR3YXJlIENvZGUgU2lnbmluZzEcMBoGA1UEAxMTSkNFIENvZGUgU2ln"
-        + "bmluZyBDQTAeFw0wMTA1MjkxNjQ3MTFaFw0wNjA1MjgxNjQ3MTFaMG4xHTAb"
-        + "BgNVBAoTFFN1biBNaWNyb3N5c3RlbXMgSW5jMSMwIQYDVQQLExpKYXZhIFNv"
-        + "ZnR3YXJlIENvZGUgU2lnbmluZzEoMCYGA1UEAxMfVGhlIExlZ2lvbiBvZiB0"
-        + "aGUgQm91bmN5IENhc3RsZTCCAbcwggEsBgcqhkjOOAQBMIIBHwKBgQD9f1OB"
-        + "HXUSKVLfSpwu7OTn9hG3UjzvRADDHj+AtlEmaUVdQCJR+1k9jVj6v8X1ujD2"
-        + "y5tVbNeBO4AdNG/yZmC3a5lQpaSfn+gEexAiwk+7qdf+t8Yb+DtX58aophUP"
-        + "BPuD9tPFHsMCNVQTWhaRMvZ1864rYdcq7/IiAxmd0UgBxwIVAJdgUI8VIwvM"
-        + "spK5gqLrhAvwWBz1AoGBAPfhoIXWmz3ey7yrXDa4V7l5lK+7+jrqgvlXTAs9"
-        + "B4JnUVlXjrrUWU/mcQcQgYC0SRZxI+hMKBYTt88JMozIpuE8FnqLVHyNKOCj"
-        + "rh4rs6Z1kW6jfwv6ITVi8ftiegEkO8yk8b6oUZCJqIPf4VrlnwaSi2ZegHtV"
-        + "JWQBTDv+z0kqA4GEAAKBgBWry/FCAZ6miyy39+ftsa+h9lxoL+JtV0MJcUyQ"
-        + "E4VAhpAwWb8vyjba9AwOylYQTktHX5sAkFvjBiU0LOYDbFSTVZSHMRJgfjxB"
-        + "SHtICjOEvr1BJrrOrdzqdxcOUge5n7El124BCrv91x5Ol8UTwtiO9LrRXF/d"
-        + "SyK+RT5n1klRo3YwdDARBglghkgBhvhCAQEEBAMCAIcwDgYDVR0PAQH/BAQD"
-        + "AgHGMB0GA1UdDgQWBBQwMY4NRcco1AO3w1YsokfDLVseEjAPBgNVHRMBAf8E"
-        + "BTADAQH/MB8GA1UdIwQYMBaAFGXi9IbJ007wkU5Yomr12HhamsGmMAsGByqG"
-        + "SM44BAMFAAMvADAsAhRmigTu6QV0sTfEkVljgij/hhdVfAIUQZvMxAnIHc30"
-        + "y/u0C1T5UEG9glUwggPAMIIDfqADAgECAgEQMAsGByqGSM44BAMFADCBkDEL"
-        + "MAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRIwEAYDVQQHEwlQYWxvIEFsdG8x"
-        + "HTAbBgNVBAoTFFN1biBNaWNyb3N5c3RlbXMgSW5jMSMwIQYDVQQLExpKYXZh"
-        + "IFNvZnR3YXJlIENvZGUgU2lnbmluZzEcMBoGA1UEAxMTSkNFIENvZGUgU2ln"
-        + "bmluZyBDQTAeFw0wMTA0MjUwNzAwMDBaFw0yMDA0MjUwNzAwMDBaMIGQMQsw"
-        + "CQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExEjAQBgNVBAcTCVBhbG8gQWx0bzEd"
-        + "MBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxIzAhBgNVBAsTGkphdmEg"
-        + "U29mdHdhcmUgQ29kZSBTaWduaW5nMRwwGgYDVQQDExNKQ0UgQ29kZSBTaWdu"
-        + "aW5nIENBMIIBtzCCASwGByqGSM44BAEwggEfAoGBAOuvNwQeylEeaV2w8o/2"
-        + "tUkfxqSZBdcpv3S3avUZ2B7kG/gKAZqY/3Cr4kpWhmxTs/zhyIGMMfDE87CL"
-        + "5nAG7PdpaNuDTHIpiSk2F1w7SgegIAIqRpdRHXDICBgLzgxum3b3BePn+9Nh"
-        + "eeFgmiSNBpWDPFEg4TDPOFeCphpyDc7TAhUAhCVF4bq5qWKreehbMLiJaxv/"
-        + "e3UCgYEAq8l0e3Tv7kK1alNNO92QBnJokQ8LpCl2LlU71a5NZVx+KjoEpmem"
-        + "0HGqpde34sFyDaTRqh6SVEwgAAmisAlBGTMAssNcrkL4sYvKfJbYEH83RFuq"
-        + "zHjI13J2N2tAmahVZvqoAx6LShECactMuCUGHKB30sms0j3pChD6dnC3+9wD"
-        + "gYQAAoGALQmYXKy4nMeZfu4gGSo0kPnXq6uu3WtylQ1m+O8nj0Sy7ShEx/6v"
-        + "sKYnbwBnRYJbB6hWVjvSKVFhXmk51y50dxLPGUr1LcjLcmHETm/6R0M/FLv6"
-        + "vBhmKMLZZot6LS/CYJJLFP5YPiF/aGK+bEhJ+aBLXoWdGRD5FUVRG3HU9wuj"
-        + "ZjBkMBEGCWCGSAGG+EIBAQQEAwIABzAPBgNVHRMBAf8EBTADAQH/MB8GA1Ud"
-        + "IwQYMBaAFGXi9IbJ007wkU5Yomr12HhamsGmMB0GA1UdDgQWBBRl4vSGydNO"
-        + "8JFOWKJq9dh4WprBpjALBgcqhkjOOAQDBQADLwAwLAIUKvfPPJdd+Xi2CNdB"
-        + "tNkNRUzktJwCFEXNdWkOIfod1rMpsun3Mx0z/fxJMYHoMIHlAgEBMIGWMIGQ"
-        + "MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExEjAQBgNVBAcTCVBhbG8gQWx0"
-        + "bzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxIzAhBgNVBAsTGkph"
-        + "dmEgU29mdHdhcmUgQ29kZSBTaWduaW5nMRwwGgYDVQQDExNKQ0UgQ29kZSBT"
-        + "aWduaW5nIENBAgEzMAkGBSsOAwIaBQAwCwYHKoZIzjgEAQUABC8wLQIVAIGV"
-        + "khm+kbV4a/+EP45PHcq0hIViAhR4M9os6IrJnoEDS3Y3l7O6zrSosA==");
-
-    /*
-     *
-     *  INFRASTRUCTURE
-     *
-     */
-
-    public BcSignedDataTest(String name)
-    {
-        super(name);
-    }
-
-    public static void main(String args[])
-    {
-
-        junit.textui.TestRunner.run(BcSignedDataTest.class);
-    }
-
-    public static Test suite()
-        throws Exception
-    {
-        init();
-        
-        return new CMSTestSetup(new TestSuite(BcSignedDataTest.class));
-    }
-
-    private static void init()
-        throws Exception
-    {
-        if (!_initialised)
-        {
-            _initialised = true;
-
-            if (Security.getProvider(BC) == null)
-            {
-                Security.addProvider(new BouncyCastleProvider());
-            }
-
-            _origDN   = "O=Bouncy Castle, C=AU";
-            _origKP   = CMSTestUtil.makeKeyPair();  
-            _origCert = CMSTestUtil.makeCertificate(_origKP, _origDN, _origKP, _origDN);
-
-            _signDN   = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU";
-            _signKP   = CMSTestUtil.makeKeyPair();
-            _signCert = CMSTestUtil.makeCertificate(_signKP, _signDN, _origKP, _origDN);
-    
-            _signDsaKP   = CMSTestUtil.makeDsaKeyPair();
-            _signDsaCert = CMSTestUtil.makeCertificate(_signDsaKP, _signDN, _origKP, _origDN);
-
-            _signEcDsaKP   = CMSTestUtil.makeEcDsaKeyPair();
-            _signEcDsaCert = CMSTestUtil.makeCertificate(_signEcDsaKP, _signDN, _origKP, _origDN);
-
-            _reciDN   = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU";
-            _reciKP   = CMSTestUtil.makeKeyPair();
-            _reciCert = CMSTestUtil.makeCertificate(_reciKP, _reciDN, _signKP, _signDN);
-
-            _signCrl  = CMSTestUtil.makeCrl(_signKP);
-        }
-    }
-
-    private void verifyRSASignatures(CMSSignedData s, byte[] contentDigest)
-        throws Exception
-    {
-        Store                   certStore = s.getCertificates();
-        SignerInformationStore  signers = s.getSignerInfos();
-
-        Collection c = signers.getSigners();
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection certCollection = certStore.getMatches(signer.getSID());
-
-            Iterator certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            assertEquals(true, signer.verify(new BcRSASignerInfoVerifierBuilder(new DefaultCMSSignatureAlgorithmNameGenerator(), new DefaultSignatureAlgorithmIdentifierFinder(), new DefaultDigestAlgorithmIdentifierFinder(), new BcDigestCalculatorProvider()).build(cert)));
-
-            if (contentDigest != null)
-            {
-                assertTrue(MessageDigest.isEqual(contentDigest, signer.getContentDigest()));
-            }
-        }
-    }
-
-    private void verifySignatures(CMSSignedData s, byte[] contentDigest) 
-        throws Exception
-    {
-        Store                   certStore = s.getCertificates();
-        Store                   crlStore = s.getCRLs();
-        SignerInformationStore  signers = s.getSignerInfos();
-        
-        Collection c = signers.getSigners();
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection certCollection = certStore.getMatches(signer.getSID());
-    
-            Iterator certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-            
-            if (contentDigest != null)
-            {
-                assertTrue(MessageDigest.isEqual(contentDigest, signer.getContentDigest()));
-            }
-        }
-
-        Collection certColl = certStore.getMatches(null);
-        Collection crlColl = crlStore.getMatches(null);
-
-        assertEquals(certColl.size(), s.getCertificates().getMatches(null).size());
-        assertEquals(crlColl.size(), s.getCRLs().getMatches(null).size());
-    }
-
-    private void verifySignatures(CMSSignedData s) 
-        throws Exception
-    {
-        verifySignatures(s, null);
-    }
-
-    public void testDetachedVerification()
-        throws Exception
-    {
-        byte[]              data = "Hello World!".getBytes();
-        List certList = new ArrayList();
-        CMSTypedData        msg = new CMSProcessableByteArray(data);
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        DigestCalculatorProvider digProvider = new JcaDigestCalculatorProviderBuilder().setProvider(BC).build();
-        JcaSignerInfoGeneratorBuilder signerInfoGeneratorBuilder = new JcaSignerInfoGeneratorBuilder(digProvider);
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-        ContentSigner md5Signer = new JcaContentSignerBuilder("MD5withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(signerInfoGeneratorBuilder.build(sha1Signer, _origCert));
-        gen.addSignerInfoGenerator(signerInfoGeneratorBuilder.build(md5Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData s = gen.generate(msg);
-
-        MessageDigest sha1 = MessageDigest.getInstance("SHA1", BC);
-        MessageDigest md5 = MessageDigest.getInstance("MD5", BC);
-        Map hashes = new HashMap();
-        byte[] sha1Hash = sha1.digest(data);
-        byte[] md5Hash = md5.digest(data);
-
-        hashes.put(CMSAlgorithm.SHA1, sha1Hash);
-        hashes.put(CMSAlgorithm.MD5, md5Hash);
-
-        s = new CMSSignedData(hashes, s.getEncoded());
-
-        verifySignatures(s, null);
-    }
-
-    public void testDetachedVerificationWithBufferingContentSigner()
-        throws Exception
-    {
-        byte[]              data = "Hello World!".getBytes();
-        List certList = new ArrayList();
-        CMSTypedData        msg = new CMSProcessableByteArray(data);
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        DigestCalculatorProvider digProvider = new JcaDigestCalculatorProviderBuilder().setProvider(BC).build();
-        JcaSignerInfoGeneratorBuilder signerInfoGeneratorBuilder = new JcaSignerInfoGeneratorBuilder(digProvider);
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-        ContentSigner md5Signer = new JcaContentSignerBuilder("MD5withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(signerInfoGeneratorBuilder.build(new BufferingContentSigner(sha1Signer), _origCert));
-        gen.addSignerInfoGenerator(signerInfoGeneratorBuilder.build(new BufferingContentSigner(md5Signer), _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData s = gen.generate(msg);
-
-        MessageDigest sha1 = MessageDigest.getInstance("SHA1", BC);
-        MessageDigest md5 = MessageDigest.getInstance("MD5", BC);
-        Map hashes = new HashMap();
-        byte[] sha1Hash = sha1.digest(data);
-        byte[] md5Hash = md5.digest(data);
-
-        hashes.put(CMSAlgorithm.SHA1, sha1Hash);
-        hashes.put(CMSAlgorithm.MD5, md5Hash);
-
-        s = new CMSSignedData(hashes, s.getEncoded());
-
-        verifySignatures(s, null);
-    }
-
-    public void testSHA1AndMD5WithRSAEncapsulatedRepeated()
-        throws Exception
-    {
-        List certList = new ArrayList();
-        CMSTypedData      msg = new CMSProcessableByteArray("Hello World!".getBytes());
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        DigestCalculatorProvider digCalcProv = new JcaDigestCalculatorProviderBuilder().setProvider(BC).build();
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(digCalcProv).build(new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate()), _origCert));
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(digCalcProv).build(new JcaContentSignerBuilder("MD5withRSA").setProvider(BC).build(_origKP.getPrivate()), _origCert));
-        
-        gen.addCertificates(certs);
-
-        CMSSignedData s = gen.generate(msg, true);
-
-        ByteArrayInputStream bIn = new ByteArrayInputStream(s.getEncoded());
-        ASN1InputStream      aIn = new ASN1InputStream(bIn);
-        
-        s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
-
-        certs = s.getCertificates();
-
-        SignerInformationStore  signers = s.getSignerInfos();
-        
-        assertEquals(2, signers.size());
-        
-        Collection c = signers.getSigners();
-        Iterator it = c.iterator();
-        SignerId                sid = null;
-
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection certCollection = certs.getMatches(signer.getSID());
-
-            Iterator certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            sid = signer.getSID();
-            
-            assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-
-            //
-            // check content digest
-            //
-
-            byte[] contentDigest = (byte[])gen.getGeneratedDigests().get(signer.getDigestAlgOID());
-
-            AttributeTable table = signer.getSignedAttributes();
-            Attribute hash = table.get(CMSAttributes.messageDigest);
-
-            assertTrue(MessageDigest.isEqual(contentDigest, ((ASN1OctetString)hash.getAttrValues().getObjectAt(0)).getOctets()));
-        }
-        
-        c = signers.getSigners(sid);
-        
-        assertEquals(2, c.size());
-
-
-        //
-        // try using existing signer
-        //
-        
-        gen = new CMSSignedDataGenerator();
-           
-        gen.addSigners(s.getSignerInfos());
-        
-        gen.addCertificates(s.getCertificates());
-           
-        s = gen.generate(msg, true);
-
-        bIn = new ByteArrayInputStream(s.getEncoded());
-        aIn = new ASN1InputStream(bIn);
-
-        s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
-
-        certs = s.getCertificates();
-
-        signers = s.getSignerInfos();
-        c = signers.getSigners();
-        it = c.iterator();
-
-        assertEquals(2, c.size());
-        
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection certCollection = certs.getMatches(signer.getSID());
-
-            Iterator certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-        }
-        
-        checkSignerStoreReplacement(s, signers);
-    }
-    
-    public void testSHA1WithRSANoAttributes()
-        throws Exception
-    {
-        List certList = new ArrayList();
-        CMSTypedData      msg = new CMSProcessableByteArray("Hello world!".getBytes());
-    
-        certList.add(_origCert);
-        certList.add(_signCert);
-    
-        Store           certs = new JcaCertStore(certList);
-    
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        JcaSignerInfoGeneratorBuilder builder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build());
-
-        builder.setDirectSignature(true);
-
-        gen.addSignerInfoGenerator(builder.build(sha1Signer, _origCert));
-    
-        gen.addCertificates(certs);
-    
-        CMSSignedData s = gen.generate(msg, false);
-    
-        //
-        // compute expected content digest
-        //
-        MessageDigest md = MessageDigest.getInstance("SHA1", BC);
-        
-        verifySignatures(s, md.digest("Hello world!".getBytes()));
-    }
-
-    public void testSHA1WithRSANoAttributesSimple()
-        throws Exception
-    {
-        List certList = new ArrayList();
-        CMSTypedData      msg = new CMSProcessableByteArray("Hello world!".getBytes());
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-        
-        JcaSimpleSignerInfoGeneratorBuilder builder = new JcaSimpleSignerInfoGeneratorBuilder().setProvider(BC).setDirectSignature(true);
-
-        gen.addSignerInfoGenerator(builder.build("SHA1withRSA", _origKP.getPrivate(), _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData s = gen.generate(msg, false);
-
-        //
-        // compute expected content digest
-        //
-        MessageDigest md = MessageDigest.getInstance("SHA1", BC);
-
-        verifySignatures(s, md.digest("Hello world!".getBytes()));
-    }
-
-    public void testSHA1WithRSAViaConfig()
-        throws Exception
-    {
-        List certList = new ArrayList();
-        CMSTypedData      msg = new CMSProcessableByteArray("Hello world!".getBytes());
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        // set some bogus mappings.
-        TestCMSSignatureAlgorithmNameGenerator sigAlgNameGen = new TestCMSSignatureAlgorithmNameGenerator();
-
-        sigAlgNameGen.setEncryptionAlgorithmMapping(PKCSObjectIdentifiers.rsaEncryption, "XXXX");
-        sigAlgNameGen.setDigestAlgorithmMapping(OIWObjectIdentifiers.idSHA1, "YYYY");
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData s;
-
-        try
-        {
-            // try the bogus mappings
-            s = gen.generate(msg, false);
-        }
-        catch (CMSException e)
-        {
-            if (!e.getMessage().startsWith("no such algorithm: YYYYwithXXXX"))
-            {
-                throw e;
-            }
-        }
-        finally
-        {
-            // reset to the real ones
-            sigAlgNameGen.setEncryptionAlgorithmMapping(PKCSObjectIdentifiers.rsaEncryption, "RSA");
-            sigAlgNameGen.setDigestAlgorithmMapping(OIWObjectIdentifiers.idSHA1, "SHA1");
-        }
-
-        s = gen.generate(msg, false);
-
-        //
-        // compute expected content digest
-        //
-        MessageDigest md = MessageDigest.getInstance("SHA1", BC);
-
-        verifySignatures(s, md.digest("Hello world!".getBytes()));
-    }
-
-    public void testSHA1WithRSAAndAttributeTableSimple()
-        throws Exception
-    {
-        MessageDigest md = MessageDigest.getInstance("SHA1", BC);
-        List certList = new ArrayList();
-        CMSTypedData        msg = new CMSProcessableByteArray("Hello world!".getBytes());
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        Attribute attr = new Attribute(CMSAttributes.messageDigest,
-                                       new DERSet(
-                                            new DEROctetString(
-                                                md.digest("Hello world!".getBytes()))));
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(attr);
-
-        SignerInfoGeneratorBuilder builder = new SignerInfoGeneratorBuilder(new BcDigestCalculatorProvider()).setSignedAttributeGenerator(new DefaultSignedAttributeTableGenerator(new AttributeTable(v)));
-
-        AlgorithmIdentifier sha1withRSA = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA1withRSA");
-        gen.addSignerInfoGenerator(builder.build(new BcRSAContentSignerBuilder(sha1withRSA, new DefaultDigestAlgorithmIdentifierFinder().find(sha1withRSA)).build(PrivateKeyFactory.createKey(_origKP.getPrivate().getEncoded())), new JcaX509CertificateHolder(_origCert)));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData s = gen.generate(new CMSAbsentContent(), false);
-
-        //
-        // the signature is detached, so need to add msg before passing on
-        //
-        s = new CMSSignedData(msg, s.getEncoded());
-        //
-        // compute expected content digest
-        //
-
-        verifySignatures(s, md.digest("Hello world!".getBytes()));
-        verifyRSASignatures(s, md.digest("Hello world!".getBytes()));
-    }
-
-    public void testSHA1WithRSAAndAttributeTable()
-        throws Exception
-    {
-        MessageDigest md = MessageDigest.getInstance("SHA1", BC);
-        List certList = new ArrayList();
-        CMSTypedData        msg = new CMSProcessableByteArray("Hello world!".getBytes());
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        Attribute attr = new Attribute(CMSAttributes.messageDigest,
-                                       new DERSet(
-                                            new DEROctetString(
-                                                md.digest("Hello world!".getBytes()))));
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(attr);
-
-        JcaSignerInfoGeneratorBuilder builder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build());
-
-        builder.setSignedAttributeGenerator(new DefaultSignedAttributeTableGenerator(new AttributeTable(v)));
-        
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(builder.build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData s = gen.generate(new CMSAbsentContent(), false);
-
-        //
-        // the signature is detached, so need to add msg before passing on
-        //
-        s = new CMSSignedData(msg, s.getEncoded());
-        //
-        // compute expected content digest
-        //
-
-        verifySignatures(s, md.digest("Hello world!".getBytes()));
-        verifyRSASignatures(s, md.digest("Hello world!".getBytes()));
-    }
-
-    public void testLwSHA1WithRSAAndAttributeTable()
-        throws Exception
-    {
-        MessageDigest md = MessageDigest.getInstance("SHA1", BC);
-        List certList = new ArrayList();
-        CMSTypedData        msg = new CMSProcessableByteArray("Hello world!".getBytes());
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        Attribute attr = new Attribute(CMSAttributes.messageDigest,
-                                       new DERSet(
-                                            new DEROctetString(
-                                                md.digest("Hello world!".getBytes()))));
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(attr);
-
-        AsymmetricKeyParameter privKey = PrivateKeyFactory.createKey(_origKP.getPrivate().getEncoded());
-        
-        AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA1withRSA");
-        AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
-
-        BcContentSignerBuilder contentSignerBuilder = new BcRSAContentSignerBuilder(sigAlgId, digAlgId);
-
-        gen.addSignerInfoGenerator(
-            new SignerInfoGeneratorBuilder(new BcDigestCalculatorProvider())
-                .setSignedAttributeGenerator(new DefaultSignedAttributeTableGenerator(new AttributeTable(v)))
-                .build(contentSignerBuilder.build(privKey), new JcaX509CertificateHolder(_origCert)));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData s = gen.generate(new CMSAbsentContent(), false);
-
-        //
-        // the signature is detached, so need to add msg before passing on
-        //
-        s = new CMSSignedData(msg, s.getEncoded());
-        //
-        // compute expected content digest
-        //
-
-        verifySignatures(s, md.digest("Hello world!".getBytes()));
-        verifyRSASignatures(s, md.digest("Hello world!".getBytes()));
-    }
-
-    public void testSHA1WithRSAEncapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signKP, _signCert, "SHA1withRSA");
-    }
-
-    public void testSHA1WithRSAEncapsulatedSubjectKeyID()
-        throws Exception
-    {
-        subjectKeyIDTest(_signKP, _signCert, "SHA1withRSA");
-    }
-
-    public void testSHA1WithRSAPSS()
-        throws Exception
-    {
-        rsaPSSTest("SHA1withRSAandMGF1");
-    }
-
-    public void testSHA224WithRSAPSS()
-        throws Exception
-    {
-        rsaPSSTest("SHA224withRSAandMGF1");
-    }
-
-    public void testSHA256WithRSAPSS()
-        throws Exception
-    {
-        rsaPSSTest("SHA256withRSAandMGF1");
-    }
-
-    public void testSHA384WithRSAPSS()
-        throws Exception
-    {
-        rsaPSSTest("SHA384withRSAandMGF1");
-    }
-
-    public void testSHA224WithRSAEncapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signKP, _signCert, "SHA224withRSA");
-    }
-    
-    public void testSHA256WithRSAEncapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signKP, _signCert, "SHA256withRSA");
-    }
-
-    public void testRIPEMD128WithRSAEncapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signKP, _signCert, "RIPEMD128withRSA");
-    }
-
-    public void testRIPEMD160WithRSAEncapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signKP, _signCert, "RIPEMD160withRSA");
-    }
-
-    public void testRIPEMD256WithRSAEncapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signKP, _signCert, "RIPEMD256withRSA");
-    }
-
-    public void testECDSAEncapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signEcDsaKP, _signEcDsaCert, "SHA1withECDSA");
-    }
-
-    public void testECDSAEncapsulatedSubjectKeyID()
-        throws Exception
-    {
-        subjectKeyIDTest(_signEcDsaKP, _signEcDsaCert, "SHA1withECDSA");
-    }
-
-    public void testECDSASHA224Encapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signEcDsaKP, _signEcDsaCert, "SHA224withECDSA");
-    }
-
-    public void testECDSASHA256Encapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signEcDsaKP, _signEcDsaCert, "SHA256withECDSA");
-    }
-
-    public void testECDSASHA384Encapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signEcDsaKP, _signEcDsaCert, "SHA384withECDSA");
-    }
-
-    public void testECDSASHA512Encapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signEcDsaKP, _signEcDsaCert, "SHA512withECDSA");
-    }
-
-    public void testECDSASHA512EncapsulatedWithKeyFactoryAsEC()
-        throws Exception
-    {
-        X509EncodedKeySpec pubSpec = new X509EncodedKeySpec(_signEcDsaKP.getPublic().getEncoded());
-        PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(_signEcDsaKP.getPrivate().getEncoded());
-        KeyFactory keyFact = KeyFactory.getInstance("EC", BC);
-        KeyPair kp = new KeyPair(keyFact.generatePublic(pubSpec), keyFact.generatePrivate(privSpec));
-        
-        encapsulatedTest(kp, _signEcDsaCert, "SHA512withECDSA");
-    }
-
-    public void testDSAEncapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signDsaKP, _signDsaCert, "SHA1withDSA");
-    }
-
-    public void testDSAEncapsulatedSubjectKeyID()
-        throws Exception
-    {
-        subjectKeyIDTest(_signDsaKP, _signDsaCert, "SHA1withDSA");
-    }
-
-    public void testSHA1WithRSACounterSignature()
-        throws Exception
-    {
-        List certList = new ArrayList();
-        List crlList = new ArrayList();
-        CMSTypedData        msg = new CMSProcessableByteArray("Hello World!".getBytes());
-
-        certList.add(_signCert);
-        certList.add(_origCert);
-
-        crlList.add(_signCrl);
-
-        Store           certStore = new JcaCertStore(certList);
-        Store           crlStore = new JcaCRLStore(crlList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_signKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _signCert));
-
-        gen.addCertificates(certStore);
-        gen.addCRLs(crlStore);
-        
-        CMSSignedData s = gen.generate(msg, true);
-        SignerInformation origSigner = (SignerInformation)s.getSignerInfos().getSigners().toArray()[0];
-        SignerInformationStore counterSigners1 = gen.generateCounterSigners(origSigner);
-        SignerInformationStore counterSigners2 = gen.generateCounterSigners(origSigner);
-
-        SignerInformation signer1 = SignerInformation.addCounterSigners(origSigner, counterSigners1);
-        SignerInformation signer2 = SignerInformation.addCounterSigners(signer1, counterSigners2);
-
-        SignerInformationStore cs = signer2.getCounterSignatures();
-        Collection csSigners = cs.getSigners();
-        assertEquals(2, csSigners.size());
-
-        Iterator it = csSigners.iterator();
-        while (it.hasNext())
-        {
-            SignerInformation   cSigner = (SignerInformation)it.next();
-            Collection certCollection = certStore.getMatches(cSigner.getSID());
-
-            Iterator certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            assertTrue(cSigner.isCounterSignature());
-            assertNull(cSigner.getSignedAttributes().get(PKCSObjectIdentifiers.pkcs_9_at_contentType));
-            assertEquals(true, cSigner.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-        }
-    }
-
-    private void rsaPSSTest(String signatureAlgorithmName)
-        throws Exception
-    {
-        List certList = new ArrayList();
-        CMSTypedData      msg = new CMSProcessableByteArray("Hello world!".getBytes());
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        ContentSigner contentSigner = new JcaContentSignerBuilder(signatureAlgorithmName).setProvider(BC).build(_origKP.getPrivate());
-
-        JcaSignerInfoGeneratorBuilder siBuilder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build());
-
-        siBuilder.setDirectSignature(true);
-
-        gen.addSignerInfoGenerator(siBuilder.build(contentSigner, _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData s = gen.generate(msg, false);
-
-        //
-        // compute expected content digest
-        //
-        String digestName = signatureAlgorithmName.substring(0, signatureAlgorithmName.indexOf('w'));
-        MessageDigest md = MessageDigest.getInstance(digestName, BC);
-
-        verifySignatures(s, md.digest("Hello world!".getBytes()));
-    }
-
-    private void subjectKeyIDTest(
-        KeyPair signaturePair,
-        X509Certificate signatureCert,
-        String signatureAlgorithm)
-        throws Exception
-    {
-        List certList = new ArrayList();
-        List crlList = new ArrayList();
-        CMSTypedData      msg = new CMSProcessableByteArray("Hello World!".getBytes());
-
-        certList.add(signatureCert);
-        certList.add(_origCert);
-
-        crlList.add(_signCrl);
-
-        Store           certStore = new JcaCertStore(certList);
-        Store           crlStore = new JcaCRLStore(crlList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        ContentSigner contentSigner = new JcaContentSignerBuilder(signatureAlgorithm).setProvider(BC).build(signaturePair.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(contentSigner, CMSTestUtil.createSubjectKeyId(signatureCert.getPublicKey()).getKeyIdentifier()));
-
-        gen.addCertificates(certStore);
-        gen.addCRLs(crlStore);
-
-        CMSSignedData s = gen.generate(msg, true);
-
-        assertEquals(3, s.getVersion());
-        
-        ByteArrayInputStream bIn = new ByteArrayInputStream(s.getEncoded());
-        ASN1InputStream      aIn = new ASN1InputStream(bIn);
-
-        s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
-
-        certStore = s.getCertificates();
-
-        SignerInformationStore  signers = s.getSignerInfos();
-        Collection c = signers.getSigners();
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection certCollection = certStore.getMatches(signer.getSID());
-
-            Iterator certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-        }
-
-        //
-        // check for CRLs
-        //
-        Collection crls = crlStore.getMatches(null);
-
-        assertEquals(1, crls.size());
-
-        assertTrue(crls.contains(new JcaX509CRLHolder(_signCrl)));
-
-        //
-        // try using existing signer
-        //
-
-        gen = new CMSSignedDataGenerator();
-
-        gen.addSigners(s.getSignerInfos());
-
-        gen.addCertificates(s.getCertificates());
-
-        s = gen.generate(msg, true);
-
-        bIn = new ByteArrayInputStream(s.getEncoded());
-        aIn = new ASN1InputStream(bIn);
-
-        s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
-
-        certStore = s.getCertificates();
-
-        signers = s.getSignerInfos();
-        c = signers.getSigners();
-        it = c.iterator();
-
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection certCollection = certStore.getMatches(signer.getSID());
-
-            Iterator certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-        }
-
-        checkSignerStoreReplacement(s, signers);
-    }
-
-    private void encapsulatedTest(
-        KeyPair signaturePair,
-        X509Certificate signatureCert,
-        String signatureAlgorithm)
-        throws Exception
-    {
-        ConfigurableProvider provider = (ConfigurableProvider)Security.getProvider(BC);
-
-        if (!provider.hasAlgorithm("Signature", signatureAlgorithm))
-        {
-             return;
-        }
-
-        List certList = new ArrayList();
-        List crlList = new ArrayList();
-        CMSTypedData        msg = new CMSProcessableByteArray("Hello World!".getBytes());
-    
-        certList.add(signatureCert);
-        certList.add(_origCert);
-
-        crlList.add(_signCrl);
-
-        Store           certs = new JcaCertStore(certList);
-        Store           crlStore = new JcaCRLStore(crlList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        ContentSigner contentSigner = new JcaContentSignerBuilder(signatureAlgorithm).setProvider(BC).build(signaturePair.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(contentSigner, signatureCert));
-
-        gen.addCertificates(certs);
-    
-        CMSSignedData s = gen.generate(msg, true);
-    
-        ByteArrayInputStream bIn = new ByteArrayInputStream(s.getEncoded());
-        ASN1InputStream      aIn = new ASN1InputStream(bIn);
-        
-        s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
-    
-        certs = s.getCertificates();
-    
-        SignerInformationStore  signers = s.getSignerInfos();
-        Collection c = signers.getSigners();
-        Iterator it = c.iterator();
-    
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection certCollection = certs.getMatches(signer.getSID());
-    
-            Iterator certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-    
-            assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-        }
-
-        //
-        // check for CRLs
-        //
-        Collection crls = crlStore.getMatches(null);
-
-        assertEquals(1, crls.size());
-
-        assertTrue(crls.contains(new JcaX509CRLHolder(_signCrl)));
-        
-        //
-        // try using existing signer
-        //
-        
-        gen = new CMSSignedDataGenerator();
-           
-        gen.addSigners(s.getSignerInfos());
-        
-        gen.addCertificates(s.getCertificates());
-           
-        s = gen.generate(msg, true);
-    
-        bIn = new ByteArrayInputStream(s.getEncoded());
-        aIn = new ASN1InputStream(bIn);
-    
-        s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
-    
-        certs = s.getCertificates();
-    
-        signers = s.getSignerInfos();
-        c = signers.getSigners();
-        it = c.iterator();
-    
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection certCollection = certs.getMatches(signer.getSID());
-    
-            Iterator certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-    
-            assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-        }
-        
-        checkSignerStoreReplacement(s, signers);
-    }
-
-    //
-    // signerInformation store replacement test.
-    //
-    private void checkSignerStoreReplacement(
-        CMSSignedData orig, 
-        SignerInformationStore signers) 
-        throws Exception
-    {
-        CMSSignedData s = CMSSignedData.replaceSigners(orig, signers);
-        
-        Store certs = s.getCertificates();
-        
-        signers = s.getSignerInfos();
-        Collection c = signers.getSigners();
-        Iterator it = c.iterator();
-    
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection certCollection = certs.getMatches(signer.getSID());
-    
-            Iterator certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-    
-            assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-        }
-    }
-    
-    public void testUnsortedAttributes()
-        throws Exception
-    {
-        CMSSignedData s = new CMSSignedData(new CMSProcessableByteArray(disorderedMessage), disorderedSet);
-
-        Store certs = s.getCertificates();
-
-        SignerInformationStore  signers = s.getSignerInfos();
-        Collection c = signers.getSigners();
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection certCollection = certs.getMatches(signer.getSID());
-            Iterator certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            assertEquals(false, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-
-            RSADigestSigner sig = new RSADigestSigner(new SHA1Digest());
-
-            sig.init(false, PublicKeyFactory.createKey(cert.getSubjectPublicKeyInfo()));
-
-            byte[] encoded = signer.toASN1Structure().getAuthenticatedAttributes().getEncoded();
-            sig.update(encoded, 0, encoded.length);
-
-            assertEquals(true, sig.verifySignature(signer.getSignature()));
-        }
-    }
-    
-    public void testNullContentWithSigner()
-        throws Exception
-    {
-        List certList = new ArrayList();
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData s = gen.generate(new CMSAbsentContent(), false);
-
-        ByteArrayInputStream bIn = new ByteArrayInputStream(s.getEncoded());
-        ASN1InputStream      aIn = new ASN1InputStream(bIn);
-        
-        s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
-
-        verifySignatures(s);
-    }
-
-    public void testWithAttributeCertificate()
-        throws Exception
-    {
-        List certList = new ArrayList();
-        CMSTypedData        msg = new CMSProcessableByteArray("Hello World!".getBytes());
-
-
-        certList.add(_signDsaCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        JcaSignerInfoGeneratorBuilder builder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build());
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(builder.build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        X509AttributeCertificateHolder attrCert = new X509AttributeCertificateHolder(CMSTestUtil.getAttributeCertificate().getEncoded());
-        List attrList = new ArrayList();
-
-        attrList.add(new X509AttributeCertificateHolder(attrCert.getEncoded()));
-
-        Store store = new CollectionStore(attrList);
-
-        gen.addAttributeCertificates(store);
-
-        CMSSignedData sd = gen.generate(msg);
-
-        assertEquals(4, sd.getVersion());
-
-        store = sd.getAttributeCertificates();
-
-        Collection coll = store.getMatches(null);
-
-        assertEquals(1, coll.size());
-
-        assertTrue(coll.contains(new X509AttributeCertificateHolder(attrCert.getEncoded())));
-        
-        //
-        // create new certstore
-        //
-        certList = new ArrayList();
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        certs = new JcaCertStore(certList);
-
-
-        //
-        // replace certs
-        //
-        sd = CMSSignedData.replaceCertificatesAndCRLs(sd, certs, null, null);
-
-        verifySignatures(sd);
-    }
-
-    public void testCertStoreReplacement()
-        throws Exception
-    {
-        List certList = new ArrayList();
-        CMSTypedData msg = new CMSProcessableByteArray("Hello World!".getBytes());
-
-
-        certList.add(_signDsaCert);
-
-        Store certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData sd = gen.generate(msg);
-
-        //
-        // create new certstore
-        //
-        certList = new ArrayList();
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        certs = new JcaCertStore(certList);
-
-        //
-        // replace certs
-        //
-        sd = CMSSignedData.replaceCertificatesAndCRLs(sd, certs, null, null);
-
-        verifySignatures(sd);
-    }
-
-    public void testEncapsulatedCertStoreReplacement()
-        throws Exception
-    {
-        List certList = new ArrayList();
-        CMSTypedData        msg = new CMSProcessableByteArray("Hello World!".getBytes());
-
-
-        certList.add(_signDsaCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData sd = gen.generate(msg, true);
-
-        //
-        // create new certstore
-        //
-        certList = new ArrayList();
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        certs = new JcaCertStore(certList);
-
-
-        //
-        // replace certs
-        //
-        sd = CMSSignedData.replaceCertificatesAndCRLs(sd, certs, null, null);
-
-        verifySignatures(sd);
-    }
-
-    public void testCertOrdering1()
-        throws Exception
-    {
-        List certList = new ArrayList();
-        CMSTypedData    msg = new CMSProcessableByteArray("Hello World!".getBytes());
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-        certList.add(_signDsaCert);
-
-        Store      certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData sd = gen.generate(msg, true);
-
-        certs = sd.getCertificates();
-        Iterator it = certs.getMatches(null).iterator();
-
-        assertEquals(new JcaX509CertificateHolder(_origCert), it.next());
-        assertEquals(new JcaX509CertificateHolder(_signCert), it.next());
-        assertEquals(new JcaX509CertificateHolder(_signDsaCert), it.next());
-    }
-
-    public void testCertOrdering2()
-        throws Exception
-    {
-        List certList = new ArrayList();
-        CMSTypedData       msg = new CMSProcessableByteArray("Hello World!".getBytes());
-
-        certList.add(_signCert);
-        certList.add(_signDsaCert);
-        certList.add(_origCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData sd = gen.generate(msg, true);
-
-        certs = sd.getCertificates();
-        Iterator it = certs.getMatches(null).iterator();
-
-        assertEquals(new JcaX509CertificateHolder(_signCert), it.next());
-        assertEquals(new JcaX509CertificateHolder(_signDsaCert), it.next());
-        assertEquals(new JcaX509CertificateHolder(_origCert), it.next());
-    }
-
-    public void testSignerStoreReplacement()
-        throws Exception
-    {
-        List certList = new ArrayList();
-        CMSTypedData        msg = new CMSProcessableByteArray("Hello World!".getBytes());
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData original = gen.generate(msg, true);
-
-        //
-        // create new Signer
-        //
-        gen = new CMSSignedDataGenerator();
-
-        ContentSigner sha224Signer = new JcaContentSignerBuilder("SHA224withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha224Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData newSD = gen.generate(msg, true);
-
-        //
-        // replace signer
-        //
-        CMSSignedData sd = CMSSignedData.replaceSigners(original, newSD.getSignerInfos());
-
-        SignerInformation signer = (SignerInformation)sd.getSignerInfos().getSigners().iterator().next();
-
-        assertEquals(CMSAlgorithm.SHA224.getId(), signer.getDigestAlgOID());
-
-        // we use a parser here as it requires the digests to be correct in the digest set, if it
-        // isn't we'll get a NullPointerException
-        CMSSignedDataParser sp = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(), sd.getEncoded());
-
-        sp.getSignedContent().drain();
-
-        verifySignatures(sp);
-    }
-
-    public void testEncapsulatedSamples()
-        throws Exception
-    {
-        testSample("PSSSignDataSHA1Enc.sig");
-        testSample("PSSSignDataSHA256Enc.sig");
-        testSample("PSSSignDataSHA512Enc.sig");
-    }
-    
-    public void testSamples()
-        throws Exception
-    {
-        testSample("PSSSignData.data", "PSSSignDataSHA1.sig");
-        testSample("PSSSignData.data", "PSSSignDataSHA256.sig");
-        testSample("PSSSignData.data", "PSSSignDataSHA512.sig");
-    }
-
-    public void testCounterSig()
-        throws Exception
-    {
-        CMSSignedData sig = new CMSSignedData(getInput("counterSig.p7m"));
-
-        SignerInformationStore ss = sig.getSignerInfos();
-        Collection signers = ss.getSigners();
-
-        SignerInformationStore cs = ((SignerInformation)signers.iterator().next()).getCounterSignatures();
-        Collection csSigners = cs.getSigners();
-        assertEquals(1, csSigners.size());
-
-        Iterator it = csSigners.iterator();
-        while (it.hasNext())
-        {
-            SignerInformation   cSigner = (SignerInformation)it.next();
-            Collection certCollection = sig.getCertificates().getMatches(cSigner.getSID());
-
-            Iterator certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            assertTrue(cSigner.isCounterSignature());
-            assertNull(cSigner.getSignedAttributes().get(PKCSObjectIdentifiers.pkcs_9_at_contentType));
-            assertEquals(true, cSigner.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-        }
-        
-        verifySignatures(sig);
-    }
-
-    private void testSample(String sigName)
-        throws Exception
-    {
-        CMSSignedData sig = new CMSSignedData(getInput(sigName));
-
-        verifySignatures(sig);
-    }
-
-    private void testSample(String messageName, String sigName)
-        throws Exception
-    {
-        CMSSignedData sig = new CMSSignedData(new CMSProcessableByteArray(getInput(messageName)), getInput(sigName));
-
-        verifySignatures(sig);
-    }
-
-    private byte[] getInput(String name)
-        throws IOException
-    {
-        return Streams.readAll(getClass().getResourceAsStream(name));
-    }
-
-    public void testForMultipleCounterSignatures()
-        throws Exception
-    {
-        CMSSignedData sd = new CMSSignedData(xtraCounterSig);
-
-        for (Iterator sI = sd.getSignerInfos().getSigners().iterator(); sI.hasNext();)
-        {
-            SignerInformation sigI = (SignerInformation)sI.next();
-
-            SignerInformationStore counter = sigI.getCounterSignatures();
-            List sigs = new ArrayList(counter.getSigners());
-
-            assertEquals(2, sigs.size());
-        }
-    }
-
-    private void verifySignatures(CMSSignedDataParser sp)
-        throws Exception
-    {
-        Store               certs = sp.getCertificates();
-        SignerInformationStore  signers = sp.getSignerInfos();
-
-        Collection c = signers.getSigners();
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection certCollection = certs.getMatches(signer.getSID());
-
-            Iterator certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-        }
-    }
-
-    private class TestCMSSignatureAlgorithmNameGenerator
-        extends DefaultCMSSignatureAlgorithmNameGenerator
-    {
-        void setDigestAlgorithmMapping(ASN1ObjectIdentifier oid, String algName)
-        {
-            super.setSigningDigestAlgorithmMapping(oid, algName);
-        }
-
-        void setEncryptionAlgorithmMapping(ASN1ObjectIdentifier oid, String algName)
-        {
-            super.setSigningEncryptionAlgorithmMapping(oid, algName);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/test/CMSSampleMessages.java b/bcpkix/src/main/java/org/bouncycastle/cms/test/CMSSampleMessages.java
deleted file mode 100644
index 20ae6ca..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/test/CMSSampleMessages.java
+++ /dev/null

@@ -1,147 +0,0 @@
-package org.bouncycastle.cms.test;
-
-import org.bouncycastle.util.encoders.Base64;
-
-public class CMSSampleMessages
-{
-  static byte[] originatorMessage = Base64.decode(
-            "MIIYGgYJKoZIhvcNAQcDoIIYCzCCGAcCAQKgggRJoIIERTCCBEEwggIpAgkA"
-          + "xS/+IvjTL8YwDQYJKoZIhvcNAQEFBQAwaTELMAkGA1UEBhMCVVMxGDAWBgNV"
-          + "BAoTD1UuUy4gR292ZXJubWVudDESMBAGA1UECxMJSFNQRDEyTGFiMQ8wDQYD"
-          + "VQQLEwZBZ2VudHMxGzAZBgNVBAMTEkhTUEQxMiBMYWIgQ0EgUm9vdDAeFw0w"
-          + "NzA1MTQxNzEzMzRaFw0wODA1MTMxNzEzMzRaMFwxCzAJBgNVBAYTAlVTMRgw"
-          + "FgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxEjAQBgNVBAsTCUhTUEQxMkxhYjEP"
-          + "MA0GA1UECxMGQWdlbnRzMQ4wDAYDVQQDEwV1c2VyMTCCASIwDQYJKoZIhvcN"
-          + "AQEBBQADggEPADCCAQoCggEBALC54HvfpSE3yq/EkpNCkUEV6a6Df3q4k8EM"
-          + "dlg0nQSf2FgYh1GMiztw8SVjrF80l4+Hg5/FW2XN2kpVQBap/H5ziPYXenbi"
-          + "VLJHCF9LVyYDOS7xGfRtQ+ZhFUcECtaCLJsR7HIiFyKZWGg0c3bFZvFkdZqT"
-          + "8MMwjhcIVE1BptMqcGriqqMQAUKYmOguAOzMCTGAOxqBXYFmR68WtggVNMMc"
-          + "5qU6S/4OxeCmaNSPG5p7pA1o4Cnv4aJF1mAPedVPQpAS4Lu2K9nNhRkug0yd"
-          + "6nPaxgQudk5YxlreNOPKiAHApk9RhGVepGchJCFP2aIPu9tkIiSe3omezSZu"
-          + "Sy/3F5UCAwEAATANBgkqhkiG9w0BAQUFAAOCAgEAGDxqVI4aR4XNfbk2MtXF"
-          + "agNYZOswn85X84um9gG323qjYhroW0QDuy3CwtUwhH866mpnJyhJvKx3b8UE"
-          + "7pZInoNEz1UVn+wgJVXMmaG5mfp3X6z0xDAEaKmDMJXl66wlFGG1iveGgcEi"
-          + "oMkrxFJKvu/FXywzPvz2pXD9LQapogOQpVsvg/hed//wijDG94UBkhbHTZ53"
-          + "6ODKuHGmooO6bgqJxKcVyLwQAq/lXGtLqODK9BDicfUzuhLWA0si7Y1daehj"
-          + "fjgAqFGirqRtPDdk1jywoMJdDCQqocNqNGuu/+9ZoRNtY7XFbiN7h4s4KTkw"
-          + "YqCph8g+RZYJVZJDw/+qc5ymYZiufbImA08D7x7IzqX9eeuAqKCebkxcK0Dz"
-          + "eh/wT7Ff8csw0xqkkEbi5sTORogPexKGo9T1P4j/UbOyCHaIwFQVE67kYJqZ"
-          + "U3BB7mGNE/dKru7jC7Aadorpj7P/EQ8sfoq5wC9r3wfFB1f5znN9ZfXd3zSU"
-          + "Gxne2PGl3Ry4DhrhWGy/HqB+StPSkLPJL1RNtKkywtaJG1QBnrMnLNsV7T0R"
-          + "mIDn69NkDkc59LAuB7yxwBmhYA7c7cHckdX3bE7zgN6yYdiyLyXr+ZQl+3J8"
-          + "bBPN/IVSs5Wr1kK9RDrFX8MdP95LZxHlgMATwAqoEPe5r2tvvGBoajoIA2Tw"
-          + "71QxggGSMIIBjgIBADB2MGkxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMu"
-          + "IEdvdmVybm1lbnQxEjAQBgNVBAsTCUhTUEQxMkxhYjEPMA0GA1UECxMGQWdl"
-          + "bnRzMRswGQYDVQQDExJIU1BEMTIgTGFiIENBIFJvb3QCCQDFL/4i+NMvyTAN"
-          + "BgkqhkiG9w0BAQEFAASCAQCGpoi8DBLf6I2fwqVp9MPA5M0QNRnC34AMoc7N"
-          + "/JGKM5dWcGNpN83yL9QmOfjgyxzwJ3L3e3hYdoXp9MNelzG5ssyyKw4NxRgM"
-          + "C1aRPWx1R1aKee/NAgvBjN3FyDN3Pl4ACz2EMrDMmilR0zmSJkDBVbGjxNzs"
-          + "ZPxtsBlHeLRky/K/ZrTy5jIheFcKt/0dNJiMsFh+677OlRhDihdLzYeV4RK1"
-          + "5Iy1j18ls5rJMYh1fmZOx9T6wvlpw84IjFHzUcIxIBg8t1cUkncXbg1r+rxm"
-          + "zIaalAKdYp58oMpjy9wV6E1mxgAM/lvE/jwiYP4/a6TsXTLDPNIxe9RZVdhA"
-          + "GCPvMIISHQYJKoZIhvcNAQcBMBQGCCqGSIb3DQMHBAgQBLQIaeQQMYCCEfgv"
-          + "FBzVKLnlRNCjs2JE/G8jBI8aduv6YQTYTt0ePh9JEHTmSi7ISbCDdAf5baKN"
-          + "mzVGQJj87Srz3YyEmUcozxscWnWgVWpUbx0GJkjz6LqyGLQ3VnqUDG80xnXo"
-          + "nQY5q4ko6avyMIDZ+zzI2fs9ChAlBjZ41Qb0FnwDPZBH3N43q+puVWesE4wj"
-          + "LGftt63T4k2D/qMdg7fVfHkAsXPJIxkvR4vUrGEvxTl9e24146wYgCXe+66T"
-          + "UcAMViNCMr8UiFQFQYSmuPcSTHgQHqEaBwYys6X+fe61yE16mUazs32yVH2v"
-          + "Cyf1mG4/GAaSmqR/BIU7y7trGd+g/KaT1Kp76e+Rys9G/oakoeIH3Hkgdhmc"
-          + "pFBPklIlgA57EocK5n84tFRv9n9cmsbOfy0EjEa6vU4ImMPZQS4iyhLCWD1u"
-          + "tQziu5FyHSb9COveUPuGY2iTrOWG34rHIagNndXi1OuAIGQrLjbntHmogqxb"
-          + "zkB+yojr+WBwY1efb8X+WQ2L+us9v31qNGA0wyfg4AC5FZur90rBxBq59UPz"
-          + "JAVRD6NP5FRPdxuvHclDoGBoiMr9NXO3Uv0tJuYADHlWMQnUGoPEL7UxzuPJ"
-          + "VAWuHpGiywzOcWMiFEiDSIZrv4RViIVIRhEtm2bO7Ta/AGTfvJcyb6ySexc1"
-          + "aR5TWYOjqv1NaGAVQ1vPyqazH+g17y5wnBRj2c3nSMwksn/nC60e4ax+/yaE"
-          + "Ls9Qou9a0L2IyQgDlvhBA4CcRGcHklhlzAovGBX2gWG31CK05doZhH7bRIrj"
-          + "8h1XOF2izffrfWb6LcDcZptw5BQWT5XeyoKD4eNZfJ4ww+dMw4+0MkXPZEn6"
-          + "Fqg+jam9ZioqXiw5Y6bdzxawefe6gvxeca3f53KDXEm4qFaVuDgyjNZhEmyB"
-          + "gmsWRKokQ5DDlj1PfVlO4g2Uee4zbvmr7Yx6tGnnxm6o5i/COwvvRSXp8Oj7"
-          + "Zej0ZA+1zenNRAGXwuTKrbQ9ZZYRi4LCXluuVmy8vocGm8bnuqulMyz5hsUi"
-          + "QMAl1knunhaT+/kQOLRwEdJUgfq8ME14XsTNiVq26W8n+9AsYHoFzJhFoCfe"
-          + "i2wngAs1MMnw1erfnhWibkFZDlG9/5OPBZ3ZzJfgMEdT5Fs+hJxrw7UqNMkb"
-          + "EoH+3HpzEXfcGqCL6RfdbS0hu85v1CrZv0veK8qI+rQnoqXp+xmBRiSCyWNR"
-          + "ITepXcJsi6vWYX0nvNNbBjTsFqi78BSVRpg/zOFRvw1gX1TtTXQLcEdalKgf"
-          + "tEo+An3f3GugB3CFw38IM4JwCB06vXTRQAoK4PM4uNYVXEgSPq4vg9UuHZ3n"
-          + "V5l96emGLK55N5FO6FvlHFft/7elEFglbnSzSQnzVyj36Z6P7x/Q3td5SY4J"
-          + "VAJWvR/X4Fe2G6ebIZdNSJef9UyuNPee0Fi1iJUL8L4qO61ijkjYdE3bBcGm"
-          + "61eWj8NgxtELVgRyXq1vNgMOFlVAwkf2ZNDgNRUM49UnIFTNKnTaeAVB9pW2"
-          + "DGrZER8LA8ABctAdElECceoMVRUG1uFdAicrEbBHcWJkTdjBPjumE4bE6HUm"
-          + "vbpNBC4wyoPS6CSvNut/re7I4wgZwho6C6GRUuwraxJZlS+jwEvC+F4Bzlf5"
-          + "aPygECgVaNmSGP1E/vyN2aF8CLo4NL/5o9GG8DWg9O5GdNSislr4r6ciEjCr"
-          + "0a6rk47QDn4rDQy8iu/YkZz9u8/GJCAinWQzAvV8byhZxc81CfKj9xYTclDX"
-          + "AB75blJvUQIP4U7gpWxLB/1sdN2V5f9jw+xTLSpoJ7r/tIeBygF6rFe402Sd"
-          + "840SLi8ZSufAVeHUoNNDYkA/c1b6k5FaxDtN22tYQi4y3Hs7k03mGhvvLC0l"
-          + "05fMmvtasFaW5Bupqw8E2a7wHSLmRAXrPvnrblSL/wajptKPJWDJ+oH/9d9k"
-          + "NkC4EFBpcMEfIDky4PoCtfKQBFa5LT1WDQGfcCnrC9SDfUfhfRLBOpoFmUaT"
-          + "O0xc0vI/jmDRsoBy9d42ebyGMg5uD6tTOIvszEirpMy5SYPPa64zhHcN+Pzs"
-          + "db+J6fthc3aVIoob9jdv/aRUH3gDwltSnaLUIc7CWcuHSCGyM/zQPiAzkw0z"
-          + "x6ii5fdKXsmnQn88E+YqiJTPH0fG+kkhokAGU76bQMn7fJyBeVHhF2hqSr/0"
-          + "4zCIjgq1Zb+d9sEuRZWF+/XsGl2gwk4vgHTwM+XfU7edQssUR6kyD6wkw7EU"
-          + "6HaRrflymAHTEvdAB+PaREQbyej7/2lY41qmA9df2I5Izb60NxmMFj9F4M4V"
-          + "bLJOVNX5fuc8vaIhPG82hIiqe05cnBfRhtmcUUb1WDHVH3klRkti+fHrnbAW"
-          + "TpWd5m6Wi3VssopaUozWgYVgW9M+Zr5ZUAN9H0Kb4CatxG5YFkD0MCZShGl/"
-          + "lSc1SUxho6YakBB+5HxCI853/sQ3RMgSrMk+8ftalM2+BrT+V9wMK2O+wM5W"
-          + "ujrAcM85sQ4OqSZfJ7MmKT8+pcIsRRocmlM/cxUf5hKXfXrmCR5mkf9jxF8B"
-          + "J1JOwhkD8zQP7sPUcOWEcT8ctOKPygtz6tWWQDW8ciiYULYyJA6ydGrrn6T+"
-          + "fQj8M2VsM1y4YK9dMfJUeaiP+m4BeoOjs0vqz6pBI6J3lrNz31DaNO6SApUL"
-          + "4cOx8EZMg498TG0zmQ87yVw4mGmL3JpWBZH89HiNEY5eJ0zEIS3lMaOADRMf"
-          + "kX8B5YHadeTuAEjXsGtFIlSf1xo45kwCxIfUcikdfu2rb+Bh251Im0oq/XTj"
-          + "XPeviXasfas6VsMHsmTrqynFdP8THnrmHLCoeAMvgpjirXfIdR7tULJcFJtr"
-          + "0lZLZfdZgbTsbn9GMQKwMkAAjJLfJq42usvzf4ShC7IRtvOEVAMrebaaK1YF"
-          + "rtV5z1WNo3VRFonakKj85nXLOAdCNe6T3zESebexJKFn8e/6+shp9IDIRmWr"
-          + "hiWut6KPFiSgAgfqpeIt9fuHiYeIK8DqISA7QUdAZrgPe8GlctvKkQLvjNW0"
-          + "srglx9CQuDqZC6C1BLaIs3sE//yLvEd06vDFjDa0WGKWjM/Uo29af/tlL1kC"
-          + "vDQtDPi8OPIebK8OwI2uNDZ+cnHhv3gZXCdbKkRZc1W+mrU7rUk1Fa0ViVmc"
-          + "zhVGX22fDXbIrs9zJ+sA+3Towrx2XmMZ+PDkVBxHFE2bk+GABM62BW9YZoX4"
-          + "R4U+n7E8Ec0sI8srcxEZYX8LWHh1XSU0yEHYjkIWDQUUSGpsbgqnjXJcnTdk"
-          + "KK5PLk4sthLYwT4o1Gg4lRpc4dn26bIQcpGdY5PEknItDt6IBSc6bYYYoQrl"
-          + "PIufY67haoc//d5y1LpCi5vc0wTcvbdoVepLrxVAn4MPsejbfIFJ01N0qKgv"
-          + "fGWVxmRGtGXHe3iNLsMrvSE2FkORSc4sgjC42hfxHTEVmhTnzOplxTsN/MzE"
-          + "S7ESv/c0rIen+zwXgtiFnTg1VPHcaT4z0DtLBMNjqYNoyDrIHUrWguFeV7/i"
-          + "RSP7SiztMmlfKhrxlQpaNNm/XvKa1OpKbVStHMgOdpMaaCp8WaX++wb9lG6V"
-          + "3PqBeVSCuFm1xq6KAERLUdF4XsdXNM/uUhYZX7cGIqRS3vSDJB1EfrZTpUY5"
-          + "xGllybE/P2gufnG5EMpC2FHx4iW4pWMkYhIpzKv1Tkxe3K6ISs4wEs4n/AtL"
-          + "hupMGZE9hDJ0LV0nRvRbY8YCRXoBaj6/qF1QED7CG4hx16yrkLAR7Th5rbH7"
-          + "GFEzNSq1HI0IssDIimD2ZN9Cf++uH6ZpP2JZeJ/gEqGi17ovtnuklx6dtu0l"
-          + "KL0pQjCyAoQFEFSaVJ1m4oOQJyb58lsG4gOPaPvOw1ruiJ2obt4228VR1pA8"
-          + "Vm9A41E4pk/vA+VFJ/tSmkB5s2gmBBVcA8mU8iIyzMmliTNHeg53EYAytF5M"
-          + "X2rA7Ct8ApqbrYSSBTUPC+MEBV7UajamWB6UaSUj575MhEnzm0xl/lFqU6ZF"
-          + "6w0rdey/KvTiotErOS1q8RcY2dcs9Mz8Dm/8IMBcGfny0i/KLtz0OUOLFg3P"
-          + "/VrPBt7f+YfDqLVc8AujhrxAH/hwYauJ+Q6HSVTSJI7aXB9xtdsijzMZCmnE"
-          + "1oKRBkACSWD9BGvS3hpv/VqaHWU4B2dnv2oyrIkdkgQu2OtlFxpcOkqwexIj"
-          + "ssxxOCmT6dpB8JNehjLDU8WXhtFJVFuR84V7KlyeG/s8TaZgCW6uLLVmpteE"
-          + "J15bnM9jRTW/FZiHwsjy9kVbvaAT+bbIjn5u7qdGsgAQHdeKy191ONvHIttZ"
-          + "l/qnvrygLImaTOcuMMzU/0ECNlk0QiU0YbfS/RGH2LtRzk8x3FLFVXRiNtrD"
-          + "uJuwzlP4RufuoZfJsi0rFOuxNFQ/cZEq1q7TCzqP+saRoSLFK1iRE/Ei06pS"
-          + "JH+cwHMxk3u7k4+HxF72uK9XHIgY6G6WfZTklH2w2VrsLLZLmJ9SO6Zpyt48"
-          + "KcwvEcxYoZxp1gfPYDCMHeb7oi/gRj9FjnBaNf2dW3a1RqVo5y0QeSfSH4k8"
-          + "YWX6k+Yh803ZmoIb//TEbfkbXe8XOIffbMSUuIozCQY/Rt9wAHesMWfgTuB5"
-          + "LSoa8R+mR5lIS/P1ANHdgNrh+XRFrNFeD0dCw6bdYWUXMVaZbCE8Z8pXQ0LO"
-          + "ItiPuI+w/izD/lXdKXWJJmN/bq2RJRo4WFEDe6sJH9G2Poe/T4xwTm4kX2uA"
-          + "IZkYy7bZcez8a0bFJzcsJxUbBPRq93J0fXzpvQsszbVZh94VSc9nkH4FnAxT"
-          + "Kk2bLcsXANJlw3cFO9jOygrXh6R2fyHX0E8WExb2Q7lG68wU1BJVupT8rZ0Y"
-          + "oRY6WBYG0LuZb+4VAQuI0/Are3BznsgkqudCjf+JUhu1Yefh2hblWuMPNEWb"
-          + "mOorerNiIzkrt5tjXyBj0g8w/pL//BIlkW5JerMtKTPMfZSroHw9wuAuqHqF"
-          + "2sMjsW/Lbr5b8SIdIgo3vrS6EM9MGkATfSZz4z+ZWG3EB6QqcMXCZ4N2/WWl"
-          + "EPKsIqY/509NZRzqOavcMXkOryRJ7GQpmotNbbalI6r6swRoEQ2IzK5XPCC1"
-          + "iv52YpcRaV9BDpNNByk4l3ddOiEc4dsOkHjaLNvj6Vo1pG/C1Z8VXRRY909D"
-          + "nH2+PfUL684WZ6kIPeLfqr7N3ZbNxZAVozVG+WXwBlLFT7L+axeGHOhHdH/g"
-          + "SVMSmWdRX4eNuofmpsU8f3A9aCnPGDxPnB4WKnAGw34TYZrtZ9mHcjYPsq1q"
-          + "zY6brfZD4T7tktjAlRL2PYZ15MfWVXVH1xoyjeWImTi0o4nyuy/M0HukDfwY"
-          + "l6nW77TMRiH54wdQqIZUxa32dNNhjcNslRlpOf6td3FbELqhTiaptRSuKjs9"
-          + "8evbDFK7rb7n6RSSzAwb3oU8pwr4dM8ArTVc0EqnvdSCs1tx46ckIK3AFgcd"
-          + "opmNq+Qa7qhN5Zgds3cLPIQiyDThhYGPaIgyn4j/dZb1Qwa2U7urijJrBqeS"
-          + "/kJ2rEXV9v+OX9yTYKypM05A2gOK/ESPbx24C/HmmGm/yBXBx3pABvKt41Dh"
-          + "b0syB4hYrsq0RriovGemBrNgy4tiJB5BDI9VpWFC/7LR0quFFOrxxm7YvH2h"
-          + "GkR0oUc/socA80WZx9TegdiBg9TVPbe0gZmoeQc6XLfscBol0QdZWSmLqFxf"
-          + "TFN7ksaVAUPXA9phBg/k51YmrwNvx4D/A1bBQRtQmq2N4R0j3uMkynubBEfb"
-          + "9qvQNXpdygouzKUyrN/w+7clilaq2P+R9i7rriZ1waHyjfvAdeBzQQ/pVmgh"
-          + "o8EiL/TZpIZ71sTYv28scY+V7yYgBA5S/Y4bdmvzSSoMoK8yH/LcBFJOZLQd"
-          + "YPt7uKWSwQN8iVDA6ZcsYoKuAUw3ziiRaf+GN58ihLB/y/sGmAmX2XwLsPSZ"
-          + "uQIF/gT8yXjxoyWDLXl3MUgfx+pGg5vBwAtk9a2elEQR9C3a8PPsOy3N9Jh3"
-          + "xY/A1gJ/rjuubwrb0Sd2LinzPg5uVuKR1jeMSCEebgoyBj8/t8HvknBqJkpl"
-          + "tjZ6AxGiQ8+v5jRBzYSyiTQfPMxWzdBKqUePdJcLPITf/XitegQnikgAN6bh"
-          + "kYMS2G9kXJH2CgDm9z3svmu/0Oz2XWEpVHlOjknghPlTaLRqgWoQbK5dkuiV"
-          + "k9HhGwwsgiR+");
-    
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/test/CMSTestSetup.java b/bcpkix/src/main/java/org/bouncycastle/cms/test/CMSTestSetup.java
deleted file mode 100644
index 5fca618..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/test/CMSTestSetup.java
+++ /dev/null

@@ -1,24 +0,0 @@
-package org.bouncycastle.cms.test;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-
-import java.security.Security;
-
-class CMSTestSetup extends TestSetup
-{
-    public CMSTestSetup(Test test)
-    {
-        super(test);
-    }
-
-    protected void setUp()
-    {
-        Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
-    }
-
-    protected void tearDown()
-    {
-        Security.removeProvider("BC");
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/test/CMSTestUtil.java b/bcpkix/src/main/java/org/bouncycastle/cms/test/CMSTestUtil.java
deleted file mode 100644
index 01cccf3..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/test/CMSTestUtil.java
+++ /dev/null

@@ -1,553 +0,0 @@
-package org.bouncycastle.cms.test;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.math.BigInteger;
-import java.security.GeneralSecurityException;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.cert.X509CRL;
-import java.security.cert.X509Certificate;
-import java.security.interfaces.RSAPublicKey;
-import java.security.spec.DSAParameterSpec;
-import java.util.Date;
-
-import javax.crypto.KeyGenerator;
-import javax.crypto.SecretKey;
-import javax.crypto.spec.DHParameterSpec;
-
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.RSAESOAEPparams;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
-import org.bouncycastle.asn1.x509.BasicConstraints;
-import org.bouncycastle.asn1.x509.CRLReason;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.cert.X509AttributeCertificateHolder;
-import org.bouncycastle.cert.X509ExtensionUtils;
-import org.bouncycastle.cert.X509v1CertificateBuilder;
-import org.bouncycastle.cert.X509v2CRLBuilder;
-import org.bouncycastle.cert.X509v3CertificateBuilder;
-import org.bouncycastle.cert.jcajce.JcaX509CRLConverter;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
-import org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils;
-import org.bouncycastle.cert.jcajce.JcaX509v1CertificateBuilder;
-import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
-import org.bouncycastle.jce.ECGOST3410NamedCurveTable;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.GOST3410ParameterSpec;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
-import org.bouncycastle.util.encoders.Base64;
-
-public class CMSTestUtil
-{
-    public static SecureRandom     rand;
-    public static KeyPairGenerator kpg;
-
-    public static KeyPairGenerator gostKpg;
-    public static KeyPairGenerator dsaKpg;
-    public static KeyPairGenerator dhKpg;
-    public static KeyPairGenerator ecGostKpg;
-    public static KeyPairGenerator ecDsaKpg;
-    public static KeyGenerator     aes192kg;
-    public static KeyGenerator     desede128kg;
-    public static KeyGenerator     desede192kg;
-    public static KeyGenerator     rc240kg;
-    public static KeyGenerator     rc264kg;
-    public static KeyGenerator     rc2128kg;
-    public static KeyGenerator     aesKg;
-    public static KeyGenerator     seedKg;
-    public static KeyGenerator     camelliaKg;
-    public static BigInteger       serialNumber;
-    
-    public static final boolean DEBUG = true;
-
-    private static byte[]  attrCert = Base64.decode(
-                "MIIHQDCCBqkCAQEwgZChgY2kgYowgYcxHDAaBgkqhkiG9w0BCQEWDW1sb3JjaEB2"
-              + "dC5lZHUxHjAcBgNVBAMTFU1hcmt1cyBMb3JjaCAobWxvcmNoKTEbMBkGA1UECxMS"
-              + "VmlyZ2luaWEgVGVjaCBVc2VyMRAwDgYDVQQLEwdDbGFzcyAyMQswCQYDVQQKEwJ2"
-              + "dDELMAkGA1UEBhMCVVMwgYmkgYYwgYMxGzAZBgkqhkiG9w0BCQEWDHNzaGFoQHZ0"
-              + "LmVkdTEbMBkGA1UEAxMSU3VtaXQgU2hhaCAoc3NoYWgpMRswGQYDVQQLExJWaXJn"
-              + "aW5pYSBUZWNoIFVzZXIxEDAOBgNVBAsTB0NsYXNzIDExCzAJBgNVBAoTAnZ0MQsw"
-              + "CQYDVQQGEwJVUzANBgkqhkiG9w0BAQQFAAIBBTAiGA8yMDAzMDcxODE2MDgwMloY"
-              + "DzIwMDMwNzI1MTYwODAyWjCCBU0wggVJBgorBgEEAbRoCAEBMYIFORaCBTU8UnVs"
-              + "ZSBSdWxlSWQ9IkZpbGUtUHJpdmlsZWdlLVJ1bGUiIEVmZmVjdD0iUGVybWl0Ij4K"
-              + "IDxUYXJnZXQ+CiAgPFN1YmplY3RzPgogICA8U3ViamVjdD4KICAgIDxTdWJqZWN0"
-              + "TWF0Y2ggTWF0Y2hJZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjEuMDpmdW5j"
-              + "dGlvbjpzdHJpbmctZXF1YWwiPgogICAgIDxBdHRyaWJ1dGVWYWx1ZSBEYXRhVHlw"
-              + "ZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjc3RyaW5nIj4KICAg"
-              + "ICAgIENOPU1hcmt1cyBMb3JjaDwvQXR0cmlidXRlVmFsdWU+CiAgICAgPFN1Ympl"
-              + "Y3RBdHRyaWJ1dGVEZXNpZ25hdG9yIEF0dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFt"
-              + "ZXM6dGM6eGFjbWw6MS4wOnN1YmplY3Q6c3ViamVjdC1pZCIgRGF0YVR5cGU9Imh0"
-              + "dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hI3N0cmluZyIgLz4gCiAgICA8"
-              + "L1N1YmplY3RNYXRjaD4KICAgPC9TdWJqZWN0PgogIDwvU3ViamVjdHM+CiAgPFJl"
-              + "c291cmNlcz4KICAgPFJlc291cmNlPgogICAgPFJlc291cmNlTWF0Y2ggTWF0Y2hJ"
-              + "ZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjEuMDpmdW5jdGlvbjpzdHJpbmct"
-              + "ZXF1YWwiPgogICAgIDxBdHRyaWJ1dGVWYWx1ZSBEYXRhVHlwZT0iaHR0cDovL3d3"
-              + "dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjYW55VVJJIj4KICAgICAgaHR0cDovL3p1"
-              + "bmkuY3MudnQuZWR1PC9BdHRyaWJ1dGVWYWx1ZT4KICAgICA8UmVzb3VyY2VBdHRy"
-              + "aWJ1dGVEZXNpZ25hdG9yIEF0dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFtZXM6dGM6"
-              + "eGFjbWw6MS4wOnJlc291cmNlOnJlc291cmNlLWlkIiBEYXRhVHlwZT0iaHR0cDov"
-              + "L3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjYW55VVJJIiAvPiAKICAgIDwvUmVz"
-              + "b3VyY2VNYXRjaD4KICAgPC9SZXNvdXJjZT4KICA8L1Jlc291cmNlcz4KICA8QWN0"
-              + "aW9ucz4KICAgPEFjdGlvbj4KICAgIDxBY3Rpb25NYXRjaCBNYXRjaElkPSJ1cm46"
-              + "b2FzaXM6bmFtZXM6dGM6eGFjbWw6MS4wOmZ1bmN0aW9uOnN0cmluZy1lcXVhbCI+"
-              + "CiAgICAgPEF0dHJpYnV0ZVZhbHVlIERhdGFUeXBlPSJodHRwOi8vd3d3LnczLm9y"
-              + "Zy8yMDAxL1hNTFNjaGVtYSNzdHJpbmciPgpEZWxlZ2F0ZSBBY2Nlc3MgICAgIDwv"
-              + "QXR0cmlidXRlVmFsdWU+CgkgIDxBY3Rpb25BdHRyaWJ1dGVEZXNpZ25hdG9yIEF0"
-              + "dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFtZXM6dGM6eGFjbWw6MS4wOmFjdGlvbjph"
-              + "Y3Rpb24taWQiIERhdGFUeXBlPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNj"
-              + "aGVtYSNzdHJpbmciIC8+IAogICAgPC9BY3Rpb25NYXRjaD4KICAgPC9BY3Rpb24+"
-              + "CiAgPC9BY3Rpb25zPgogPC9UYXJnZXQ+CjwvUnVsZT4KMA0GCSqGSIb3DQEBBAUA"
-              + "A4GBAGiJSM48XsY90HlYxGmGVSmNR6ZW2As+bot3KAfiCIkUIOAqhcphBS23egTr"
-              + "6asYwy151HshbPNYz+Cgeqs45KkVzh7bL/0e1r8sDVIaaGIkjHK3CqBABnfSayr3"
-              + "Rd1yBoDdEv8Qb+3eEPH6ab9021AsLEnJ6LWTmybbOpMNZ3tv");
-    
-    static
-    {
-        try
-        {
-            java.security.Security.addProvider(new BouncyCastleProvider());
-
-            rand = new SecureRandom();
-
-            kpg  = KeyPairGenerator.getInstance("RSA", "BC");
-            kpg.initialize(1024, rand);
-
-            kpg  = KeyPairGenerator.getInstance("RSA", "BC");
-            kpg.initialize(1024, rand);
-
-            gostKpg  = KeyPairGenerator.getInstance("GOST3410", "BC");
-            GOST3410ParameterSpec gost3410P = new GOST3410ParameterSpec(CryptoProObjectIdentifiers.gostR3410_94_CryptoPro_A.getId());
-            
-            gostKpg.initialize(gost3410P, new SecureRandom());
-            
-            dsaKpg = KeyPairGenerator.getInstance("DSA", "BC");
-            DSAParameterSpec dsaSpec = new DSAParameterSpec(
-                        new BigInteger("7434410770759874867539421675728577177024889699586189000788950934679315164676852047058354758883833299702695428196962057871264685291775577130504050839126673"),
-                        new BigInteger("1138656671590261728308283492178581223478058193247"),
-                        new BigInteger("4182906737723181805517018315469082619513954319976782448649747742951189003482834321192692620856488639629011570381138542789803819092529658402611668375788410"));
-
-            dsaKpg.initialize(dsaSpec, new SecureRandom());
-
-            dhKpg = KeyPairGenerator.getInstance("DH", "BC");
-            dhKpg.initialize(new DHParameterSpec(dsaSpec.getP(), dsaSpec.getG()), new SecureRandom());
-
-            ecGostKpg = KeyPairGenerator.getInstance("ECGOST3410", "BC");
-            ecGostKpg.initialize(ECGOST3410NamedCurveTable.getParameterSpec("GostR3410-2001-CryptoPro-A"), new SecureRandom());
-
-            ecDsaKpg = KeyPairGenerator.getInstance("ECDSA", "BC");
-            ecDsaKpg.initialize(239, new SecureRandom());
-
-            aes192kg = KeyGenerator.getInstance("AES", "BC");
-            aes192kg.init(192, rand);
-
-            desede128kg = KeyGenerator.getInstance("DESEDE", "BC");
-            desede128kg.init(112, rand);
-
-            desede192kg = KeyGenerator.getInstance("DESEDE", "BC");
-            desede192kg.init(168, rand);
-
-            rc240kg = KeyGenerator.getInstance("RC2", "BC");
-            rc240kg.init(40, rand);
-            
-            rc264kg = KeyGenerator.getInstance("RC2", "BC");
-            rc264kg.init(64, rand);
-            
-            rc2128kg = KeyGenerator.getInstance("RC2", "BC");
-            rc2128kg.init(128, rand);
-
-            aesKg = KeyGenerator.getInstance("AES", "BC");
-
-            seedKg = KeyGenerator.getInstance("SEED", "BC");
-
-            camelliaKg = KeyGenerator.getInstance("Camellia", "BC");
-            
-            serialNumber = new BigInteger("1");
-        }
-        catch (Exception ex)
-        {
-            throw new RuntimeException(ex.toString());
-        }
-    }
-    
-    public static String dumpBase64(
-        byte[]  data)
-    {
-        StringBuffer    buf = new StringBuffer();
-        
-        data = Base64.encode(data);
-        
-        for (int i = 0; i < data.length; i += 64)
-        {
-            if (i + 64 < data.length)
-            {
-                buf.append(new String(data, i, 64));
-            }
-            else
-            {
-                buf.append(new String(data, i, data.length - i));
-            }
-            buf.append('\n');
-        }
-        
-        return buf.toString();
-    }
-
-    public static X509AttributeCertificateHolder getAttributeCertificate()
-        throws Exception
-    {
-        return  new X509AttributeCertificateHolder(CMSTestUtil.attrCert);
-    }
-
-    public static KeyPair makeKeyPair()
-    {
-        return kpg.generateKeyPair();
-    }
-
-    public static KeyPair makeGostKeyPair()
-    {
-        return gostKpg.generateKeyPair();
-    }
-
-    public static KeyPair makeDsaKeyPair()
-    {
-        return dsaKpg.generateKeyPair();
-    }
-    
-    public static KeyPair makeEcDsaKeyPair()
-    {
-        return ecDsaKpg.generateKeyPair();
-    }
-
-    public static KeyPair makeDhKeyPair()
-    {
-        return dhKpg.generateKeyPair();
-    }
-
-    public static KeyPair makeEcGostKeyPair()
-    {
-        return ecGostKpg.generateKeyPair();
-    }
-
-    public static SecretKey makeDesede128Key()
-    {
-        return desede128kg.generateKey();
-    }
-
-    public static SecretKey makeAES192Key()
-    {
-        return aes192kg.generateKey();
-    }
-
-    public static SecretKey makeDesede192Key()
-    {
-        return desede192kg.generateKey();
-    }
-
-    public static SecretKey makeRC240Key()
-    {
-        return rc240kg.generateKey();
-    }
-
-    public static SecretKey makeRC264Key()
-    {
-        return rc264kg.generateKey();
-    }
-
-    public static SecretKey makeRC2128Key()
-    {
-        return rc2128kg.generateKey();
-    }
-
-    public static SecretKey makeSEEDKey()
-    {
-        return seedKg.generateKey();
-    }
-
-    public static SecretKey makeAESKey(int keySize)
-    {
-        aesKg.init(keySize);
-        return aesKg.generateKey();
-    }
-
-    public static SecretKey makeCamelliaKey(int keySize)
-    {
-        camelliaKg.init(keySize);
-        return camelliaKg.generateKey();
-    }
-
-    public static X509Certificate makeCertificate(KeyPair _subKP,
-            String _subDN, KeyPair _issKP, String _issDN)
-        throws GeneralSecurityException, IOException, OperatorCreationException
-    {
-        return makeCertificate(_subKP, _subDN, _issKP, _issDN, false);
-    }
-
-    public static X509Certificate makeOaepCertificate(KeyPair _subKP,
-            String _subDN, KeyPair _issKP, String _issDN)
-        throws GeneralSecurityException, IOException, OperatorCreationException
-    {
-        return makeOaepCertificate(_subKP, _subDN, _issKP, _issDN, false);
-    }
-
-    public static X509Certificate makeCACertificate(KeyPair _subKP,
-            String _subDN, KeyPair _issKP, String _issDN)
-        throws GeneralSecurityException, IOException, OperatorCreationException
-    {
-        return makeCertificate(_subKP, _subDN, _issKP, _issDN, true);
-    }
-
-    public static X509Certificate makeV1Certificate(KeyPair subKP, String _subDN, KeyPair issKP, String _issDN)
-        throws GeneralSecurityException, IOException, OperatorCreationException
-    {
-
-        PublicKey  subPub  = subKP.getPublic();
-        PrivateKey issPriv = issKP.getPrivate();
-        PublicKey  issPub  = issKP.getPublic();
-
-        X509v1CertificateBuilder v1CertGen = new JcaX509v1CertificateBuilder(
-            new X500Name(_issDN),
-            allocateSerialNumber(),
-            new Date(System.currentTimeMillis()),
-            new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 100)),
-            new X500Name(_subDN),
-            subPub);
-
-        JcaContentSignerBuilder contentSignerBuilder = makeContentSignerBuilder(issPub);
-
-        X509Certificate _cert = new JcaX509CertificateConverter().setProvider("BC").getCertificate(v1CertGen.build(contentSignerBuilder.build(issPriv)));
-
-        _cert.checkValidity(new Date());
-        _cert.verify(issPub);
-
-        return _cert;
-    }
-
-    public static X509Certificate makeCertificate(KeyPair subKP, String _subDN, KeyPair issKP, String _issDN, boolean _ca)
-        throws GeneralSecurityException, IOException, OperatorCreationException
-    {
-
-        PublicKey  subPub  = subKP.getPublic();
-        PrivateKey issPriv = issKP.getPrivate();
-        PublicKey  issPub  = issKP.getPublic();
-        
-        X509v3CertificateBuilder v3CertGen = new JcaX509v3CertificateBuilder(
-            new X500Name(_issDN),
-            allocateSerialNumber(),
-            new Date(System.currentTimeMillis()),
-            new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 100)),
-            new X500Name(_subDN),
-            subPub);
-
-        JcaContentSignerBuilder contentSignerBuilder = makeContentSignerBuilder(issPub);
-
-        v3CertGen.addExtension(
-            Extension.subjectKeyIdentifier,
-            false,
-            createSubjectKeyId(subPub));
-
-        v3CertGen.addExtension(
-            Extension.authorityKeyIdentifier,
-            false,
-            createAuthorityKeyId(issPub));
-
-        v3CertGen.addExtension(
-            Extension.basicConstraints,
-            false,
-            new BasicConstraints(_ca));
-
-        X509Certificate _cert = new JcaX509CertificateConverter().setProvider("BC").getCertificate(v3CertGen.build(contentSignerBuilder.build(issPriv)));
-
-        _cert.checkValidity(new Date());
-        _cert.verify(issPub);
-
-        return _cert;
-    }
-
-    public static X509Certificate makeCertificate(KeyPair subKP, String _subDN, KeyPair issKP, String _issDN, AlgorithmIdentifier keyAlgID)
-        throws GeneralSecurityException, IOException, OperatorCreationException
-    {
-        PrivateKey issPriv = issKP.getPrivate();
-        PublicKey  issPub  = issKP.getPublic();
-        SubjectPublicKeyInfo subPub = SubjectPublicKeyInfo.getInstance(subKP.getPublic().getEncoded());
-
-        X509v3CertificateBuilder v3CertGen = new X509v3CertificateBuilder(
-            new X500Name(_issDN),
-            allocateSerialNumber(),
-            new Date(System.currentTimeMillis()),
-            new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 100)),
-            new X500Name(_subDN),
-            new SubjectPublicKeyInfo(keyAlgID, subPub.parsePublicKey()));
-
-        JcaContentSignerBuilder contentSignerBuilder = makeContentSignerBuilder(issPub);
-
-        v3CertGen.addExtension(
-            Extension.subjectKeyIdentifier,
-            false,
-            createSubjectKeyId(subPub));
-
-        v3CertGen.addExtension(
-            Extension.authorityKeyIdentifier,
-            false,
-            createAuthorityKeyId(issPub));
-
-        v3CertGen.addExtension(
-            Extension.basicConstraints,
-            false,
-            new BasicConstraints(false));
-
-        X509Certificate _cert = new JcaX509CertificateConverter().setProvider("BC").getCertificate(v3CertGen.build(contentSignerBuilder.build(issPriv)));
-
-        _cert.checkValidity(new Date());
-        _cert.verify(issPub);
-
-        return _cert;
-    }
-
-    public static X509Certificate makeOaepCertificate(KeyPair subKP, String _subDN, KeyPair issKP, String _issDN, boolean _ca)
-        throws GeneralSecurityException, IOException, OperatorCreationException
-    {
-
-        SubjectPublicKeyInfo  subPub  = SubjectPublicKeyInfo.getInstance(subKP.getPublic().getEncoded());
-        PrivateKey issPriv = issKP.getPrivate();
-        PublicKey  issPub  = issKP.getPublic();
-
-        X509v3CertificateBuilder v3CertGen = new X509v3CertificateBuilder(
-            new X500Name(_issDN),
-            allocateSerialNumber(),
-            new Date(System.currentTimeMillis()),
-            new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 100)),
-            new X500Name(_subDN),
-            new SubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.id_RSAES_OAEP, new RSAESOAEPparams()), subPub.parsePublicKey()));
-
-        JcaContentSignerBuilder contentSignerBuilder = makeContentSignerBuilder(issPub);
-
-        v3CertGen.addExtension(
-            Extension.subjectKeyIdentifier,
-            false,
-            createSubjectKeyId(subPub));
-
-        v3CertGen.addExtension(
-            Extension.authorityKeyIdentifier,
-            false,
-            createAuthorityKeyId(issPub));
-
-        v3CertGen.addExtension(
-            Extension.basicConstraints,
-            false,
-            new BasicConstraints(_ca));
-
-        X509Certificate _cert = new JcaX509CertificateConverter().setProvider("BC").getCertificate(v3CertGen.build(contentSignerBuilder.build(issPriv)));
-
-        _cert.checkValidity(new Date());
-        _cert.verify(issPub);
-
-        return _cert;
-    }
-
-    private static JcaContentSignerBuilder makeContentSignerBuilder(PublicKey issPub)
-    {
-        JcaContentSignerBuilder contentSignerBuilder;
-        if (issPub instanceof RSAPublicKey)
-        {
-            contentSignerBuilder = new JcaContentSignerBuilder("SHA1WithRSA");
-        }
-        else if (issPub.getAlgorithm().equals("DSA"))
-        {
-            contentSignerBuilder = new JcaContentSignerBuilder("SHA1withDSA");
-        }
-        else if (issPub.getAlgorithm().equals("ECDSA"))
-        {
-            contentSignerBuilder = new JcaContentSignerBuilder("SHA1withECDSA");
-        }
-        else if (issPub.getAlgorithm().equals("ECGOST3410"))
-        {
-            contentSignerBuilder = new JcaContentSignerBuilder("GOST3411withECGOST3410");
-        }
-        else
-        {
-            contentSignerBuilder = new JcaContentSignerBuilder("GOST3411WithGOST3410");
-        }
-
-        contentSignerBuilder.setProvider(BouncyCastleProvider.PROVIDER_NAME);
-
-        return contentSignerBuilder;
-    }
-
-    public static X509CRL makeCrl(KeyPair pair)
-        throws Exception
-    {
-        Date                 now = new Date();
-        X509v2CRLBuilder crlGen = new X509v2CRLBuilder(new X500Name("CN=Test CA"), now);
-        JcaX509ExtensionUtils extensionUtils = new JcaX509ExtensionUtils();
-
-        crlGen.setNextUpdate(new Date(now.getTime() + 100000));
-
-        crlGen.addCRLEntry(BigInteger.ONE, now, CRLReason.privilegeWithdrawn);
-
-        crlGen.addExtension(Extension.authorityKeyIdentifier, false, extensionUtils.createAuthorityKeyIdentifier(pair.getPublic()));
-
-        return new JcaX509CRLConverter().setProvider("BC").getCRL(crlGen.build(new JcaContentSignerBuilder("SHA256WithRSAEncryption").setProvider("BC").build(pair.getPrivate())));
-    }
-
-    /*  
-     *  
-     *  INTERNAL METHODS
-     *  
-     */ 
-
-    private static final X509ExtensionUtils extUtils = new X509ExtensionUtils(new SHA1DigestCalculator());
-
-    private static AuthorityKeyIdentifier createAuthorityKeyId(
-        PublicKey _pubKey)
-        throws IOException
-    {
-        return extUtils.createAuthorityKeyIdentifier(SubjectPublicKeyInfo.getInstance(_pubKey.getEncoded()));
-    }
-
-    static SubjectKeyIdentifier createSubjectKeyId(
-        SubjectPublicKeyInfo _pubKey)
-        throws IOException
-    {
-        return extUtils.createSubjectKeyIdentifier(_pubKey);
-    }
-
-    static SubjectKeyIdentifier createSubjectKeyId(
-        PublicKey _pubKey)
-        throws IOException
-    {
-        return extUtils.createSubjectKeyIdentifier(SubjectPublicKeyInfo.getInstance(_pubKey.getEncoded()));
-    }
-
-    private static BigInteger allocateSerialNumber()
-    {
-        BigInteger _tmp = serialNumber;
-        serialNumber = serialNumber.add(BigInteger.ONE);
-        return _tmp;
-    }
-    
-    public static byte[] streamToByteArray(
-        InputStream in) 
-        throws IOException
-    {
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        int ch;
-        
-        while ((ch = in.read()) >= 0)
-        {
-            bOut.write(ch);
-        }
-        
-        return bOut.toByteArray();
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/test/ConverterTest.java b/bcpkix/src/main/java/org/bouncycastle/cms/test/ConverterTest.java
deleted file mode 100644
index 534d0dd..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/test/ConverterTest.java
+++ /dev/null

@@ -1,111 +0,0 @@
-package org.bouncycastle.cms.test;
-
-import java.math.BigInteger;
-import java.security.cert.X509CertSelector;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.cms.KeyTransRecipientId;
-import org.bouncycastle.cms.SignerId;
-import org.bouncycastle.cms.jcajce.JcaSelectorConverter;
-import org.bouncycastle.cms.jcajce.JcaX509CertSelectorConverter;
-import org.bouncycastle.util.Arrays;
-
-public class ConverterTest
-    extends TestCase
-{
-    public void testSignerIdConversion()
-        throws Exception
-    {
-        JcaX509CertSelectorConverter converter = new JcaX509CertSelectorConverter();
-        JcaSelectorConverter toSelector = new JcaSelectorConverter();
-
-        SignerId sid1 = new SignerId(new X500Name("CN=Test"), BigInteger.valueOf(1), new byte[20]);
-
-        X509CertSelector conv = converter.getCertSelector(sid1);
-
-        assertTrue(conv.getIssuerAsString().equals("CN=Test"));
-        assertTrue(Arrays.areEqual(conv.getSubjectKeyIdentifier(), new DEROctetString(new byte[20]).getEncoded()));
-        assertEquals(conv.getSerialNumber(), sid1.getSerialNumber());
-
-        SignerId sid2 = toSelector.getSignerId(conv);
-
-        assertEquals(sid1, sid2);
-
-        sid1 = new SignerId(new X500Name("CN=Test"), BigInteger.valueOf(1));
-
-        conv = converter.getCertSelector(sid1);
-
-        assertTrue(conv.getIssuerAsString().equals("CN=Test"));
-        assertNull(conv.getSubjectKeyIdentifier());
-        assertEquals(conv.getSerialNumber(), sid1.getSerialNumber());
-
-        sid2 = toSelector.getSignerId(conv);
-
-        assertEquals(sid1, sid2);
-
-        sid1 = new SignerId(new byte[20]);
-
-        conv = converter.getCertSelector(sid1);
-
-        assertNull(conv.getIssuerAsString());
-        assertTrue(Arrays.areEqual(conv.getSubjectKeyIdentifier(), new DEROctetString(new byte[20]).getEncoded()));
-        assertNull(conv.getSerialNumber());
-
-        sid2 = toSelector.getSignerId(conv);
-
-        assertEquals(sid1, sid2);
-    }
-
-    public void testRecipientIdConversion()
-        throws Exception
-    {
-        JcaX509CertSelectorConverter converter = new JcaX509CertSelectorConverter();
-        JcaSelectorConverter toSelector = new JcaSelectorConverter();
-
-        KeyTransRecipientId ktid1 = new KeyTransRecipientId(new X500Name("CN=Test"), BigInteger.valueOf(1), new byte[20]);
-
-        X509CertSelector conv = converter.getCertSelector(ktid1);
-
-        assertTrue(conv.getIssuerAsString().equals("CN=Test"));
-        assertTrue(Arrays.areEqual(conv.getSubjectKeyIdentifier(), new DEROctetString(new byte[20]).getEncoded()));
-        assertEquals(conv.getSerialNumber(), ktid1.getSerialNumber());
-
-        KeyTransRecipientId ktid2 = toSelector.getKeyTransRecipientId(conv);
-
-        assertEquals(ktid1, ktid2);
-
-        ktid1 = new KeyTransRecipientId(new X500Name("CN=Test"), BigInteger.valueOf(1));
-
-        conv = converter.getCertSelector(ktid1);
-
-        assertTrue(conv.getIssuerAsString().equals("CN=Test"));
-        assertNull(conv.getSubjectKeyIdentifier());
-        assertEquals(conv.getSerialNumber(), ktid1.getSerialNumber());
-
-        ktid2 = toSelector.getKeyTransRecipientId(conv);
-
-        assertEquals(ktid1, ktid2);
-
-        ktid1 = new KeyTransRecipientId(new byte[20]);
-
-        conv = converter.getCertSelector(ktid1);
-
-        assertNull(conv.getIssuerAsString());
-        assertTrue(Arrays.areEqual(conv.getSubjectKeyIdentifier(), new DEROctetString(new byte[20]).getEncoded()));
-        assertNull(conv.getSerialNumber());
-
-        ktid2 = toSelector.getKeyTransRecipientId(conv);
-
-        assertEquals(ktid1, ktid2);
-    }
-
-    public static Test suite()
-        throws Exception
-    {
-        return new TestSuite(ConverterTest.class);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/test/MiscDataStreamTest.java b/bcpkix/src/main/java/org/bouncycastle/cms/test/MiscDataStreamTest.java
deleted file mode 100644
index bc633dd..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/test/MiscDataStreamTest.java
+++ /dev/null

@@ -1,265 +0,0 @@
-package org.bouncycastle.cms.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.OutputStream;
-import java.security.KeyPair;
-import java.security.MessageDigest;
-import java.security.Security;
-import java.security.cert.X509CRL;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Iterator;
-import java.util.List;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.jcajce.JcaCRLStore;
-import org.bouncycastle.cert.jcajce.JcaCertStore;
-import org.bouncycastle.cms.CMSCompressedDataStreamGenerator;
-import org.bouncycastle.cms.CMSDigestedData;
-import org.bouncycastle.cms.CMSSignedDataParser;
-import org.bouncycastle.cms.CMSSignedDataStreamGenerator;
-import org.bouncycastle.cms.CMSTypedStream;
-import org.bouncycastle.cms.SignerInformation;
-import org.bouncycastle.cms.SignerInformationStore;
-import org.bouncycastle.cms.jcajce.JcaSignerInfoVerifierBuilder;
-import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoGeneratorBuilder;
-import org.bouncycastle.cms.jcajce.JcaX509CertSelectorConverter;
-import org.bouncycastle.cms.jcajce.ZlibCompressor;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Store;
-import org.bouncycastle.util.encoders.Base64;
-
-public class MiscDataStreamTest
-    extends TestCase
-{
-    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
-
-    private static byte[] data = Base64.decode(
-        "TUlNRS1WZXJzaW9uOiAxLjAKQ29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9v" +
-        "Y3RldC1zdHJlYW0KQ29udGVudC1UcmFuc2Zlci1FbmNvZGluZzogYmluYXJ5" +
-        "CkNvbnRlbnQtRGlzcG9zaXRpb246IGF0dGFjaG1lbnQ7IGZpbGVuYW1lPWRv" +
-        "Yy5iaW4KClRoaXMgaXMgYSB2ZXJ5IGh1Z2Ugc2VjcmV0LCBtYWRlIHdpdGgg" +
-        "b3BlbnNzbAoKCgo=");
-
-    private static byte[] digestedData = Base64.decode(
-        "MIIBGAYJKoZIhvcNAQcFoIIBCTCCAQUCAQAwCwYJYIZIAWUDBAIBMIHQBgkq"
-      + "hkiG9w0BBwGggcIEgb9NSU1FLVZlcnNpb246IDEuMApDb250ZW50LVR5cGU6"
-      + "IGFwcGxpY2F0aW9uL29jdGV0LXN0cmVhbQpDb250ZW50LVRyYW5zZmVyLUVu"
-      + "Y29kaW5nOiBiaW5hcnkKQ29udGVudC1EaXNwb3NpdGlvbjogYXR0YWNobWVu"
-      + "dDsgZmlsZW5hbWU9ZG9jLmJpbgoKVGhpcyBpcyBhIHZlcnkgaHVnZSBzZWNy"
-      + "ZXQsIG1hZGUgd2l0aCBvcGVuc3NsCgoKCgQgHLG72tSYW0LgcxOA474iwdCv"
-      + "KyhnaV4RloWTAvkq+do=");
-
-    private static final String TEST_MESSAGE = "Hello World!";
-    private static String          _signDN;
-    private static KeyPair         _signKP;
-    private static X509Certificate _signCert;
-
-    private static String          _origDN;
-    private static KeyPair         _origKP;
-    private static X509Certificate _origCert;
-
-    private static String          _reciDN;
-    private static KeyPair         _reciKP;
-    private static X509Certificate _reciCert;
-
-    private static KeyPair         _origDsaKP;
-    private static X509Certificate _origDsaCert;
-
-    private static X509CRL         _signCrl;
-    private static X509CRL         _origCrl;
-
-    private static boolean         _initialised = false;
-
-    private static final JcaX509CertSelectorConverter selectorConverter = new JcaX509CertSelectorConverter();
-
-    private static final DigestCalculatorProvider digCalcProv;
-
-    static
-    {
-        try
-        {
-            digCalcProv =  new JcaDigestCalculatorProviderBuilder().build();
-        }
-        catch (OperatorCreationException e)
-        {
-            throw new IllegalStateException("can't create default provider!!!");
-        }
-    }
-
-    public MiscDataStreamTest(String name)
-    {
-        super(name);
-    }
-
-    private static void init()
-        throws Exception
-    {
-        if (!_initialised)
-        {
-            _initialised = true;
-            Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
-
-            _signDN   = "O=Bouncy Castle, C=AU";
-            _signKP   = CMSTestUtil.makeKeyPair();
-            _signCert = CMSTestUtil.makeCertificate(_signKP, _signDN, _signKP, _signDN);
-
-            _origDN   = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU";
-            _origKP   = CMSTestUtil.makeKeyPair();
-            _origCert = CMSTestUtil.makeCertificate(_origKP, _origDN, _signKP, _signDN);
-
-            _origDsaKP   = CMSTestUtil.makeDsaKeyPair();
-            _origDsaCert = CMSTestUtil.makeCertificate(_origDsaKP, _origDN, _signKP, _signDN);
-
-            _reciDN   = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU";
-            _reciKP   = CMSTestUtil.makeKeyPair();
-            _reciCert = CMSTestUtil.makeCertificate(_reciKP, _reciDN, _signKP, _signDN);
-
-            _signCrl  = CMSTestUtil.makeCrl(_signKP);
-            _origCrl  = CMSTestUtil.makeCrl(_origKP);
-        }
-    }
-
-    private void verifySignatures(CMSSignedDataParser sp, byte[] contentDigest)
-        throws Exception
-    {
-        Store                   certStore = sp.getCertificates();
-        SignerInformationStore  signers = sp.getSignerInfos();
-
-        Collection              c = signers.getSigners();
-        Iterator                it = c.iterator();
-
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection          certCollection = certStore.getMatches(signer.getSID());
-
-            Iterator        certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            assertEquals(true, signer.verify(new JcaSignerInfoVerifierBuilder(digCalcProv).setProvider(BC).build(cert)));
-
-            if (contentDigest != null)
-            {
-                assertTrue(MessageDigest.isEqual(contentDigest, signer.getContentDigest()));
-            }
-        }
-    }
-
-    private void verifySignatures(CMSSignedDataParser sp)
-        throws Exception
-    {
-        verifySignatures(sp, null);
-    }
-
-    private void verifyEncodedData(ByteArrayOutputStream bOut)
-        throws Exception
-    {
-        CMSSignedDataParser sp;
-        sp = new CMSSignedDataParser(digCalcProv, bOut.toByteArray());
-
-        sp.getSignedContent().drain();
-
-        verifySignatures(sp);
-
-        sp.close();
-    }
-
-    private void checkSigParseable(byte[] sig)
-        throws Exception
-    {
-        CMSSignedDataParser sp = new CMSSignedDataParser(digCalcProv, sig);
-        sp.getVersion();
-        CMSTypedStream sc = sp.getSignedContent();
-        if (sc != null)
-        {
-            sc.drain();
-        }
-        sp.getCertificates();
-        sp.getSignerInfos();
-        sp.close();
-    }
-
-    public void testSHA1WithRSA()
-        throws Exception
-    {
-        List                  certList = new ArrayList();
-        List                  crlList = new ArrayList();
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        crlList.add(_signCrl);
-        crlList.add(_origCrl);
-
-        CMSSignedDataStreamGenerator gen = new CMSSignedDataStreamGenerator();
-
-        gen.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider(BC).build("SHA1withRSA", _origKP.getPrivate(), _origCert));
-
-        gen.addCertificates(new JcaCertStore(certList));
-        gen.addCRLs(new JcaCRLStore(crlList));
-
-        OutputStream sigOut = gen.open(bOut);
-
-        CMSCompressedDataStreamGenerator cGen = new CMSCompressedDataStreamGenerator();
-
-        OutputStream cOut = cGen.open(sigOut, new ZlibCompressor());
-
-        cOut.write(TEST_MESSAGE.getBytes());
-
-        cOut.close();
-
-        sigOut.close();
-
-        checkSigParseable(bOut.toByteArray());
-
-        // generate compressed stream
-        ByteArrayOutputStream cDataOut = new ByteArrayOutputStream();
-        
-        cOut = cGen.open(cDataOut, new ZlibCompressor());
-
-        cOut.write(TEST_MESSAGE.getBytes());
-
-        cOut.close();
-
-        CMSSignedDataParser     sp = new CMSSignedDataParser(digCalcProv,
-                new CMSTypedStream(new ByteArrayInputStream(cDataOut.toByteArray())), bOut.toByteArray());
-
-        sp.getSignedContent().drain();
-
-        //
-        // compute expected content digest
-        //
-        MessageDigest md = MessageDigest.getInstance("SHA1", BC);
-
-        verifySignatures(sp, md.digest(cDataOut.toByteArray()));
-    }
-
-    public void testDigestedData()
-        throws Exception
-    {
-        CMSDigestedData digData = new CMSDigestedData(digestedData);
-
-        assertTrue(Arrays.areEqual(data, (byte[])digData.getDigestedContent().getContent()));
-
-        assertTrue(digData.verify(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()));
-    }
-
-    public static Test suite()
-        throws Exception
-    {
-        init();
-
-        return new CMSTestSetup(new TestSuite(MiscDataStreamTest.class));
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/test/NewAuthenticatedDataStreamTest.java b/bcpkix/src/main/java/org/bouncycastle/cms/test/NewAuthenticatedDataStreamTest.java
deleted file mode 100644
index b260bcb..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/test/NewAuthenticatedDataStreamTest.java
+++ /dev/null

@@ -1,251 +0,0 @@
-package org.bouncycastle.cms.test;
-
-import java.io.ByteArrayOutputStream;
-import java.io.OutputStream;
-import java.security.KeyPair;
-import java.security.Security;
-import java.security.cert.X509Certificate;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Iterator;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cms.CMSAlgorithm;
-import org.bouncycastle.cms.CMSAuthenticatedDataParser;
-import org.bouncycastle.cms.CMSAuthenticatedDataStreamGenerator;
-import org.bouncycastle.cms.OriginatorInfoGenerator;
-import org.bouncycastle.cms.RecipientInformation;
-import org.bouncycastle.cms.RecipientInformationStore;
-import org.bouncycastle.cms.jcajce.JceCMSMacCalculatorBuilder;
-import org.bouncycastle.cms.jcajce.JceKeyTransAuthenticatedRecipient;
-import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
-
-public class NewAuthenticatedDataStreamTest
-    extends TestCase
-{
-    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
-
-    private static String          _signDN;
-    private static KeyPair _signKP;
-    private static X509Certificate _signCert;
-
-    private static String          _origDN;
-    private static KeyPair         _origKP;
-    private static X509Certificate _origCert;
-
-    private static String          _reciDN;
-    private static KeyPair         _reciKP;
-    private static X509Certificate _reciCert;
-
-    private static KeyPair         _origEcKP;
-    private static KeyPair         _reciEcKP;
-    private static X509Certificate _reciEcCert;
-
-    private static boolean         _initialised = false;
-
-    public boolean DEBUG = true;
-
-    private static void init()
-        throws Exception
-    {
-        if (!_initialised)
-        {
-            _initialised = true;
-            Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
-
-            _signDN   = "O=Bouncy Castle, C=AU";
-            _signKP   = CMSTestUtil.makeKeyPair();
-            _signCert = CMSTestUtil.makeCertificate(_signKP, _signDN, _signKP, _signDN);
-
-            _origDN   = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU";
-            _origKP   = CMSTestUtil.makeKeyPair();
-            _origCert = CMSTestUtil.makeCertificate(_origKP, _origDN, _signKP, _signDN);
-
-            _reciDN   = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU";
-            _reciKP   = CMSTestUtil.makeKeyPair();
-            _reciCert = CMSTestUtil.makeCertificate(_reciKP, _reciDN, _signKP, _signDN);
-
-            _origEcKP = CMSTestUtil.makeEcDsaKeyPair();
-            _reciEcKP = CMSTestUtil.makeEcDsaKeyPair();
-            _reciEcCert = CMSTestUtil.makeCertificate(_reciEcKP, _reciDN, _signKP, _signDN);
-        }
-    }
-
-    public void setUp()
-        throws Exception
-    {
-        init();
-    }
-
-    public NewAuthenticatedDataStreamTest(String name)
-    {
-        super(name);
-    }
-
-    public static void main(String args[])
-    {
-        junit.textui.TestRunner.run(NewAuthenticatedDataStreamTest.class);
-    }
-
-    public static Test suite()
-        throws Exception
-    {
-        init();
-
-        return new CMSTestSetup(new TestSuite(NewAuthenticatedDataStreamTest.class));
-    }
-
-    public void testKeyTransDESede()
-        throws Exception
-    {
-        tryKeyTrans(CMSAlgorithm.DES_EDE3_CBC);
-    }
-
-    public void testKeyTransDESedeWithDigest()
-        throws Exception
-    {
-        tryKeyTransWithDigest(CMSAlgorithm.DES_EDE3_CBC);
-    }
-
-    public void testOriginatorInfo()
-        throws Exception
-    {
-        ASN1ObjectIdentifier macAlg = CMSAlgorithm.DES_EDE3_CBC;
-        byte[]          data     = "Eric H. Echidna".getBytes();
-
-        CMSAuthenticatedDataStreamGenerator adGen = new CMSAuthenticatedDataStreamGenerator();
-        ByteArrayOutputStream               bOut = new ByteArrayOutputStream();
-
-        X509CertificateHolder origCert = new X509CertificateHolder(_origCert.getEncoded());
-
-        adGen.setOriginatorInfo(new OriginatorInfoGenerator(origCert).generate());
-
-        adGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-
-        OutputStream aOut = adGen.open(bOut, new JceCMSMacCalculatorBuilder(macAlg).setProvider(BC).build());
-
-        aOut.write(data);
-
-        aOut.close();
-
-        CMSAuthenticatedDataParser ad = new CMSAuthenticatedDataParser(bOut.toByteArray());
-
-        assertTrue(ad.getOriginatorInfo().getCertificates().getMatches(null).contains(origCert));
-
-        RecipientInformationStore recipients = ad.getRecipientInfos();
-
-        assertEquals(ad.getMacAlgOID(), macAlg.getId());
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
-
-            byte[] recData = recipient.getContent(new JceKeyTransAuthenticatedRecipient(_reciKP.getPrivate()).setProvider(BC));
-
-            assertTrue(Arrays.equals(data, recData));
-            assertTrue(Arrays.equals(ad.getMac(), recipient.getMac()));
-        }
-    }
-
-    private void tryKeyTrans(ASN1ObjectIdentifier macAlg)
-        throws Exception
-    {
-        byte[]          data     = "Eric H. Echidna".getBytes();
-
-        CMSAuthenticatedDataStreamGenerator adGen = new CMSAuthenticatedDataStreamGenerator();
-        ByteArrayOutputStream               bOut = new ByteArrayOutputStream();
-
-        adGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-        
-        OutputStream aOut = adGen.open(bOut, new JceCMSMacCalculatorBuilder(macAlg).setProvider(BC).build());
-
-        aOut.write(data);
-
-        aOut.close();
-
-        CMSAuthenticatedDataParser ad = new CMSAuthenticatedDataParser(bOut.toByteArray());
-
-        RecipientInformationStore recipients = ad.getRecipientInfos();
-
-        assertEquals(ad.getMacAlgOID(), macAlg.getId());
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
-
-            byte[] recData = recipient.getContent(new JceKeyTransAuthenticatedRecipient(_reciKP.getPrivate()).setProvider(BC));
-
-            assertTrue(Arrays.equals(data, recData));
-            assertTrue(Arrays.equals(ad.getMac(), recipient.getMac()));
-        }
-    }
-
-    private void tryKeyTransWithDigest(ASN1ObjectIdentifier macAlg)
-        throws Exception
-    {
-        byte[]          data     = "Eric H. Echidna".getBytes();
-
-        CMSAuthenticatedDataStreamGenerator adGen = new CMSAuthenticatedDataStreamGenerator();
-        ByteArrayOutputStream               bOut = new ByteArrayOutputStream();
-        DigestCalculatorProvider            calcProvider = new JcaDigestCalculatorProviderBuilder().setProvider(BC).build();
-
-        adGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-
-        OutputStream aOut = adGen.open(bOut, new JceCMSMacCalculatorBuilder(macAlg).setProvider(BC).build(), calcProvider.get(new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1)));
-
-        aOut.write(data);
-
-        aOut.close();
-
-        CMSAuthenticatedDataParser ad = new CMSAuthenticatedDataParser(bOut.toByteArray(), calcProvider);
-
-        RecipientInformationStore recipients = ad.getRecipientInfos();
-
-        assertEquals(ad.getMacAlgOID(), macAlg.getId());
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
-
-            byte[] recData = recipient.getContent(new JceKeyTransAuthenticatedRecipient(_reciKP.getPrivate()).setProvider(BC));
-
-            assertTrue(Arrays.equals(data, recData));
-            assertTrue(Arrays.equals(ad.getMac(), recipient.getMac()));
-            assertTrue(Arrays.equals(ad.getContentDigest(), recipient.getContentDigest()));
-        }
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/test/NewAuthenticatedDataTest.java b/bcpkix/src/main/java/org/bouncycastle/cms/test/NewAuthenticatedDataTest.java
deleted file mode 100644
index 9f4f591..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/test/NewAuthenticatedDataTest.java
+++ /dev/null

@@ -1,663 +0,0 @@
-package org.bouncycastle.cms.test;
-
-import java.io.IOException;
-import java.security.AlgorithmParameters;
-import java.security.KeyPair;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.Security;
-import java.security.cert.X509Certificate;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Iterator;
-
-import javax.crypto.SecretKey;
-
-import junit.framework.Assert;
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.cms.AuthenticatedData;
-import org.bouncycastle.asn1.cms.CCMParameters;
-import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-import org.bouncycastle.asn1.util.ASN1Dump;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cms.CMSAlgorithm;
-import org.bouncycastle.cms.CMSAuthenticatedData;
-import org.bouncycastle.cms.CMSAuthenticatedDataGenerator;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.CMSProcessableByteArray;
-import org.bouncycastle.cms.OriginatorInfoGenerator;
-import org.bouncycastle.cms.PasswordRecipient;
-import org.bouncycastle.cms.PasswordRecipientInformation;
-import org.bouncycastle.cms.RecipientInformation;
-import org.bouncycastle.cms.RecipientInformationStore;
-import org.bouncycastle.cms.jcajce.JceCMSMacCalculatorBuilder;
-import org.bouncycastle.cms.jcajce.JceKEKAuthenticatedRecipient;
-import org.bouncycastle.cms.jcajce.JceKEKRecipientInfoGenerator;
-import org.bouncycastle.cms.jcajce.JceKeyAgreeAuthenticatedRecipient;
-import org.bouncycastle.cms.jcajce.JceKeyAgreeRecipientInfoGenerator;
-import org.bouncycastle.cms.jcajce.JceKeyTransAuthenticatedRecipient;
-import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;
-import org.bouncycastle.cms.jcajce.JcePasswordAuthenticatedRecipient;
-import org.bouncycastle.cms.jcajce.JcePasswordRecipientInfoGenerator;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
-import org.bouncycastle.util.encoders.Hex;
-
-public class NewAuthenticatedDataTest
-    extends TestCase
-{
-    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
-
-    private static String _signDN;
-    private static KeyPair _signKP;
-    private static X509Certificate _signCert;
-
-    private static String _origDN;
-    private static KeyPair _origKP;
-    private static X509Certificate _origCert;
-
-    private static String _reciDN;
-    private static KeyPair _reciKP;
-    private static X509Certificate _reciCert;
-
-    private static KeyPair _origEcKP;
-    private static KeyPair _reciEcKP;
-    private static X509Certificate _reciEcCert;
-
-    private static boolean _initialised = false;
-
-    public boolean DEBUG = true;
-
-    private static void init()
-        throws Exception
-    {
-        if (!_initialised)
-        {
-            _initialised = true;
-            Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
-
-            _signDN = "O=Bouncy Castle, C=AU";
-            _signKP = CMSTestUtil.makeKeyPair();
-            _signCert = CMSTestUtil.makeCertificate(_signKP, _signDN, _signKP, _signDN);
-
-            _origDN = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU";
-            _origKP = CMSTestUtil.makeKeyPair();
-            _origCert = CMSTestUtil.makeCertificate(_origKP, _origDN, _signKP, _signDN);
-
-            _reciDN = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU";
-            _reciKP = CMSTestUtil.makeKeyPair();
-            _reciCert = CMSTestUtil.makeCertificate(_reciKP, _reciDN, _signKP, _signDN);
-
-            _origEcKP = CMSTestUtil.makeEcDsaKeyPair();
-            _reciEcKP = CMSTestUtil.makeEcDsaKeyPair();
-            _reciEcCert = CMSTestUtil.makeCertificate(_reciEcKP, _reciDN, _signKP, _signDN);
-        }
-    }
-
-    public void setUp()
-        throws Exception
-    {
-        init();
-    }
-
-    public NewAuthenticatedDataTest(String name)
-    {
-        super(name);
-    }
-
-    public static void main(String args[])
-    {
-        junit.textui.TestRunner.run(NewAuthenticatedDataTest.class);
-    }
-
-    public static Test suite()
-        throws Exception
-    {
-        init();
-
-        return new CMSTestSetup(new TestSuite(NewAuthenticatedDataTest.class));
-    }
-
-    public void testKeyTransDESede()
-        throws Exception
-    {
-        tryKeyTrans(CMSAlgorithm.DES_EDE3_CBC);
-    }
-
-    public void testKeyTransDESedeWithDigest()
-        throws Exception
-    {
-        tryKeyTransWithDigest(CMSAlgorithm.DES_EDE3_CBC);
-    }
-
-    public void testKeyTransRC2()
-        throws Exception
-    {
-        tryKeyTrans(CMSAlgorithm.RC2_CBC);
-    }
-
-    public void testKEKDESede()
-        throws Exception
-    {
-        tryKekAlgorithm(CMSTestUtil.makeDesede192Key(), new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.3.6"));
-
-        DEROctetString iv = new DEROctetString(Hex.decode("0001020304050607"));
-        tryKekAlgorithm(CMSTestUtil.makeDesede192Key(), new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.3.6"), iv.getEncoded());
-    }
-
-    public void testKEKDESedeWithDigest()
-        throws Exception
-    {
-        tryKekAlgorithmWithDigest(CMSTestUtil.makeDesede192Key(), new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.3.6"));
-    }
-
-    public void testPasswordAES256()
-        throws Exception
-    {
-        passwordTest(CMSAuthenticatedDataGenerator.AES256_CBC);
-    }
-
-    public void testECKeyAgree()
-        throws Exception
-    {
-        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
-
-        CMSAuthenticatedDataGenerator adGen = new CMSAuthenticatedDataGenerator();
-
-        JceKeyAgreeRecipientInfoGenerator recipientGenerator = new JceKeyAgreeRecipientInfoGenerator(CMSAlgorithm.ECDH_SHA1KDF, _origEcKP.getPrivate(), _origEcKP.getPublic(), CMSAlgorithm.AES128_WRAP).setProvider(BC);
-
-        recipientGenerator.addRecipient(_reciEcCert);
-
-        adGen.addRecipientInfoGenerator(recipientGenerator);
-
-        CMSAuthenticatedData ad = adGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSMacCalculatorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(BC).build());
-
-        RecipientInformationStore recipients = ad.getRecipientInfos();
-
-        assertEquals(ad.getMacAlgOID(),
-            CMSAuthenticatedDataGenerator.DES_EDE3_CBC);
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        if (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            byte[] recData = recipient.getContent(new JceKeyAgreeAuthenticatedRecipient(_reciEcKP.getPrivate()).setProvider(BC));
-            assertTrue(Arrays.equals(data, recData));
-            assertTrue(Arrays.equals(ad.getMac(), recipient.getMac()));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-
-    public void testEncoding()
-        throws Exception
-    {
-        byte[] data = "Eric H. Echidna".getBytes();
-
-        CMSAuthenticatedDataGenerator adGen = new CMSAuthenticatedDataGenerator();
-
-        adGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-
-        CMSAuthenticatedData ad = adGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSMacCalculatorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(BC).build());
-
-        ad = new CMSAuthenticatedData(ad.getEncoded());
-
-        RecipientInformationStore recipients = ad.getRecipientInfos();
-
-        assertEquals(CMSAuthenticatedDataGenerator.DES_EDE3_CBC, ad.getMacAlgOID());
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
-
-            byte[] recData = recipient.getContent(new JceKeyTransAuthenticatedRecipient(_reciKP.getPrivate()).setProvider(BC));
-
-            assertTrue(Arrays.equals(data, recData));
-            assertTrue(Arrays.equals(ad.getMac(), recipient.getMac()));
-        }
-    }
-
-    public void testOriginatorInfo()
-        throws Exception
-    {
-        byte[] data = "Eric H. Echidna".getBytes();
-        ASN1ObjectIdentifier macAlg = CMSAlgorithm.DES_EDE3_CBC;
-
-        CMSAuthenticatedDataGenerator adGen = new CMSAuthenticatedDataGenerator();
-
-        X509CertificateHolder origCert = new X509CertificateHolder(_origCert.getEncoded());
-
-        adGen.setOriginatorInfo(new OriginatorInfoGenerator(origCert).generate());
-
-        adGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-
-        CMSAuthenticatedData ad = adGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSMacCalculatorBuilder(macAlg).setProvider(BC).build());
-
-        assertTrue(ad.getOriginatorInfo().getCertificates().getMatches(null).contains(origCert));
-
-        RecipientInformationStore recipients = ad.getRecipientInfos();
-
-        assertEquals(ad.getMacAlgOID(), macAlg.getId());
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
-
-            byte[] recData = recipient.getContent(new JceKeyTransAuthenticatedRecipient(_reciKP.getPrivate()).setProvider(BC));
-
-            assertTrue(Arrays.equals(data, recData));
-            assertTrue(Arrays.equals(ad.getMac(), recipient.getMac()));
-        }
-    }
-
-    public void testAES256CCM()
-        throws Exception
-    {
-        byte[] data = "Eric H. Echidna".getBytes();
-        ASN1ObjectIdentifier macAlg = CMSAlgorithm.AES256_CCM;
-        AlgorithmParameters algParams = AlgorithmParameters.getInstance("CCM", BC);
-
-        algParams.init(new CCMParameters(Hex.decode("000102030405060708090a0b"), 16).getEncoded());
-
-        CMSAuthenticatedDataGenerator adGen = new CMSAuthenticatedDataGenerator();
-
-        X509CertificateHolder origCert = new X509CertificateHolder(_origCert.getEncoded());
-
-        adGen.setOriginatorInfo(new OriginatorInfoGenerator(origCert).generate());
-
-        adGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-
-        CMSAuthenticatedData ad = adGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSMacCalculatorBuilder(macAlg).setAlgorithmParameters(algParams).setProvider(BC).build());
-
-        assertTrue(ad.getOriginatorInfo().getCertificates().getMatches(null).contains(origCert));
-
-        RecipientInformationStore recipients = ad.getRecipientInfos();
-
-        assertEquals(ad.getMacAlgOID(), macAlg.getId());
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
-
-            byte[] recData = recipient.getContent(new JceKeyTransAuthenticatedRecipient(_reciKP.getPrivate()).setProvider(BC));
-
-            assertTrue(Arrays.equals(data, recData));
-            assertEquals(16, ad.getMac().length);
-            assertTrue(Arrays.equals(ad.getMac(), recipient.getMac()));
-        }
-    }
-
-    public void testCMSAlgorithmProtection()
-        throws Exception
-    {
-        byte[] data = "Eric H. Echidna".getBytes();
-
-        CMSAuthenticatedDataGenerator adGen = new CMSAuthenticatedDataGenerator();
-        DigestCalculatorProvider calcProvider = new JcaDigestCalculatorProviderBuilder().setProvider(BC).build();
-
-        byte[] kekId = new byte[]{1, 2, 3, 4, 5};
-        SecretKey kek = CMSTestUtil.makeDesede192Key();
-
-        adGen.addRecipientInfoGenerator(new JceKEKRecipientInfoGenerator(kekId, kek).setProvider(BC));
-
-        CMSAuthenticatedData ad = adGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSMacCalculatorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(BC).build(),
-            calcProvider.get(new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1)));
-
-        checkData(data, kek, ad);
-
-        ContentInfo adInfo = ad.toASN1Structure();
-        AuthenticatedData iAd = AuthenticatedData.getInstance(adInfo.getContent().toASN1Primitive().getEncoded());
-
-        try
-        {
-            new CMSAuthenticatedData(new ContentInfo(CMSObjectIdentifiers.authenticatedData,
-                        new AuthenticatedData(iAd.getOriginatorInfo(), iAd.getRecipientInfos(), iAd.getMacAlgorithm(), new AlgorithmIdentifier(TeleTrusTObjectIdentifiers.ripemd160, DERNull.INSTANCE), iAd.getEncapsulatedContentInfo(), iAd.getAuthAttrs(), iAd.getMac(), iAd.getUnauthAttrs())), calcProvider);
-        }
-        catch (CMSException e)
-        {
-            Assert.assertEquals(e.getMessage(), "CMS Algorithm Identifier Protection check failed for digestAlgorithm");
-        }
-
-        AlgorithmIdentifier newDigAlgId = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE);
-        Assert.assertFalse(iAd.getDigestAlgorithm().equals(newDigAlgId));
-        checkData(data, kek, new CMSAuthenticatedData(new ContentInfo(CMSObjectIdentifiers.authenticatedData,
-            new AuthenticatedData(iAd.getOriginatorInfo(), iAd.getRecipientInfos(), iAd.getMacAlgorithm(), newDigAlgId, iAd.getEncapsulatedContentInfo(), iAd.getAuthAttrs(), iAd.getMac(), iAd.getUnauthAttrs())), calcProvider));
-
-        try
-        {
-            new CMSAuthenticatedData(new ContentInfo(CMSObjectIdentifiers.authenticatedData,
-                        new AuthenticatedData(iAd.getOriginatorInfo(), iAd.getRecipientInfos(), new AlgorithmIdentifier(CMSAlgorithm.AES192_CBC), iAd.getDigestAlgorithm(), iAd.getEncapsulatedContentInfo(), iAd.getAuthAttrs(), iAd.getMac(), iAd.getUnauthAttrs())), calcProvider);
-        }
-        catch (CMSException e)
-        {
-            Assert.assertEquals(e.getMessage(), "CMS Algorithm Identifier Protection check failed for macAlgorithm");
-        }
-
-        try
-        {
-            AlgorithmIdentifier newMacAlgId = new AlgorithmIdentifier(CMSAlgorithm.DES_EDE3_CBC);
-            Assert.assertFalse(iAd.getMacAlgorithm().equals(newMacAlgId));
-            new CMSAuthenticatedData(new ContentInfo(CMSObjectIdentifiers.authenticatedData,
-                new AuthenticatedData(iAd.getOriginatorInfo(), iAd.getRecipientInfos(), newMacAlgId, iAd.getDigestAlgorithm(), iAd.getEncapsulatedContentInfo(), iAd.getAuthAttrs(), iAd.getMac(), iAd.getUnauthAttrs())), calcProvider);
-        }
-        catch (CMSException e)
-        {
-            Assert.assertEquals(e.getMessage(), "CMS Algorithm Identifier Protection check failed for macAlgorithm");
-        }
-    }
-
-    private void checkData(byte[] data, SecretKey kek, CMSAuthenticatedData ad)
-        throws CMSException
-    {
-        RecipientInformationStore recipients = ad.getRecipientInfos();
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        if (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            byte[] recData = recipient.getContent(new JceKEKAuthenticatedRecipient(kek).setProvider(BC));
-
-            assertTrue(Arrays.equals(data, recData));
-            assertTrue(Arrays.equals(ad.getMac(), recipient.getMac()));
-            assertTrue(Arrays.equals(ad.getContentDigest(), recipient.getContentDigest()));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-
-    private void tryKeyTrans(ASN1ObjectIdentifier macAlg)
-        throws Exception
-    {
-        byte[] data = "Eric H. Echidna".getBytes();
-
-        CMSAuthenticatedDataGenerator adGen = new CMSAuthenticatedDataGenerator();
-
-        adGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-
-        CMSAuthenticatedData ad = adGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSMacCalculatorBuilder(macAlg).setProvider(BC).build());
-
-        RecipientInformationStore recipients = ad.getRecipientInfos();
-
-        assertEquals(ad.getMacAlgOID(), macAlg.getId());
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
-
-            byte[] recData = recipient.getContent(new JceKeyTransAuthenticatedRecipient(_reciKP.getPrivate()).setProvider(BC));
-
-            assertTrue(Arrays.equals(data, recData));
-            assertTrue(Arrays.equals(ad.getMac(), recipient.getMac()));
-        }
-    }
-
-    private void tryKeyTransWithDigest(ASN1ObjectIdentifier macAlg)
-        throws Exception
-    {
-        byte[] data = "Eric H. Echidna".getBytes();
-
-        CMSAuthenticatedDataGenerator adGen = new CMSAuthenticatedDataGenerator();
-        DigestCalculatorProvider calcProvider = new JcaDigestCalculatorProviderBuilder().setProvider(BC).build();
-
-        adGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-
-        CMSAuthenticatedData ad = adGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSMacCalculatorBuilder(macAlg).setProvider(BC).build(),
-            calcProvider.get(new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1)));
-
-        RecipientInformationStore recipients = ad.getRecipientInfos();
-
-        assertEquals(ad.getMacAlgOID(), macAlg.getId());
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
-
-            byte[] recData = recipient.getContent(new JceKeyTransAuthenticatedRecipient(_reciKP.getPrivate()).setProvider(BC));
-
-            assertTrue(Arrays.equals(data, recData));
-            assertTrue(Arrays.equals(ad.getMac(), recipient.getMac()));
-            assertTrue(Arrays.equals(ad.getContentDigest(), recipient.getContentDigest()));
-        }
-    }
-
-    private void tryKekAlgorithm(SecretKey kek, ASN1ObjectIdentifier algOid)
-        throws NoSuchAlgorithmException, NoSuchProviderException, CMSException, OperatorCreationException
-    {
-        byte[] data = "Eric H. Echidna".getBytes();
-
-        CMSAuthenticatedDataGenerator adGen = new CMSAuthenticatedDataGenerator();
-
-        byte[] kekId = new byte[]{1, 2, 3, 4, 5};
-
-        adGen.addRecipientInfoGenerator(new JceKEKRecipientInfoGenerator(kekId, kek).setProvider(BC));
-
-        CMSAuthenticatedData ad = adGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSMacCalculatorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(BC).build());
-
-        RecipientInformationStore recipients = ad.getRecipientInfos();
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        assertEquals(ad.getMacAlgOID(), CMSAuthenticatedDataGenerator.DES_EDE3_CBC);
-
-        if (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), algOid.getId());
-
-            byte[] recData = recipient.getContent(new JceKEKAuthenticatedRecipient(kek).setProvider(BC));
-
-            assertTrue(Arrays.equals(data, recData));
-            assertTrue(Arrays.equals(ad.getMac(), recipient.getMac()));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-
-    private void tryKekAlgorithm(SecretKey kek, ASN1ObjectIdentifier algOid, byte[] encodedParameters)
-        throws NoSuchAlgorithmException, NoSuchProviderException, CMSException, OperatorCreationException, IOException
-    {
-        byte[] data = "Eric H. Echidna".getBytes();
-
-        CMSAuthenticatedDataGenerator adGen = new CMSAuthenticatedDataGenerator();
-
-        byte[] kekId = new byte[]{1, 2, 3, 4, 5};
-
-        adGen.addRecipientInfoGenerator(new JceKEKRecipientInfoGenerator(kekId, kek).setProvider(BC));
-
-        AlgorithmParameters algParams = AlgorithmParameters.getInstance(CMSAlgorithm.DES_EDE3_CBC.getId(), "BC");
-
-        algParams.init(encodedParameters);
-
-        CMSAuthenticatedData ad = adGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSMacCalculatorBuilder(CMSAlgorithm.DES_EDE3_CBC).setAlgorithmParameters(algParams).setProvider(BC).build());
-
-        RecipientInformationStore recipients = ad.getRecipientInfos();
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        assertEquals(ad.getMacAlgOID(), CMSAuthenticatedDataGenerator.DES_EDE3_CBC);
-        assertEquals(ad.getMacAlgorithm().getParameters(), ASN1Primitive.fromByteArray(encodedParameters));
-
-        if (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), algOid.getId());
-
-            byte[] recData = recipient.getContent(new JceKEKAuthenticatedRecipient(kek).setProvider(BC));
-
-            assertTrue(Arrays.equals(data, recData));
-            assertTrue(Arrays.equals(ad.getMac(), recipient.getMac()));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-
-    private void tryKekAlgorithmWithDigest(SecretKey kek, ASN1ObjectIdentifier algOid)
-        throws NoSuchAlgorithmException, NoSuchProviderException, CMSException, OperatorCreationException
-    {
-        byte[] data = "Eric H. Echidna".getBytes();
-
-        CMSAuthenticatedDataGenerator adGen = new CMSAuthenticatedDataGenerator();
-        DigestCalculatorProvider calcProvider = new JcaDigestCalculatorProviderBuilder().setProvider(BC).build();
-
-        byte[] kekId = new byte[]{1, 2, 3, 4, 5};
-
-        adGen.addRecipientInfoGenerator(new JceKEKRecipientInfoGenerator(kekId, kek).setProvider(BC));
-
-        CMSAuthenticatedData ad = adGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSMacCalculatorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(BC).build(),
-            calcProvider.get(new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1)));
-
-        RecipientInformationStore recipients = ad.getRecipientInfos();
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        assertEquals(ad.getMacAlgOID(), CMSAuthenticatedDataGenerator.DES_EDE3_CBC);
-
-        if (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), algOid.getId());
-
-            byte[] recData = recipient.getContent(new JceKEKAuthenticatedRecipient(kek).setProvider(BC));
-
-            assertTrue(Arrays.equals(data, recData));
-            assertTrue(Arrays.equals(ad.getMac(), recipient.getMac()));
-            assertTrue(Arrays.equals(ad.getContentDigest(), recipient.getContentDigest()));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-
-    private void passwordTest(String algorithm)
-        throws Exception
-    {
-        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
-
-        CMSAuthenticatedDataGenerator adGen = new CMSAuthenticatedDataGenerator();
-
-        adGen.addRecipientInfoGenerator(new JcePasswordRecipientInfoGenerator(new ASN1ObjectIdentifier(algorithm), "password".toCharArray()).setProvider(BC).setSaltAndIterationCount(new byte[20], 5));
-
-        CMSAuthenticatedData ad = adGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSMacCalculatorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(BC).build());
-
-        RecipientInformationStore recipients = ad.getRecipientInfos();
-
-        assertEquals(ad.getMacAlgOID(),
-            CMSAuthenticatedDataGenerator.DES_EDE3_CBC);
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        if (it.hasNext())
-        {
-            PasswordRecipientInformation recipient = (PasswordRecipientInformation)it.next();
-
-            PasswordRecipient pbeRep = new JcePasswordAuthenticatedRecipient("password".toCharArray()).setProvider(BC);
-
-            byte[] recData = recipient.getContent(pbeRep);
-
-            assertTrue(Arrays.equals(data, recData));
-            assertTrue(Arrays.equals(ad.getMac(), recipient.getMac()));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/test/NewCompressedDataStreamTest.java b/bcpkix/src/main/java/org/bouncycastle/cms/test/NewCompressedDataStreamTest.java
deleted file mode 100644
index 3acc15d..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/test/NewCompressedDataStreamTest.java
+++ /dev/null

@@ -1,127 +0,0 @@
-package org.bouncycastle.cms.test;
-
-import java.io.ByteArrayOutputStream;
-import java.io.OutputStream;
-import java.util.Arrays;
-import java.util.Random;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.cms.CMSCompressedDataParser;
-import org.bouncycastle.cms.CMSCompressedDataStreamGenerator;
-import org.bouncycastle.cms.jcajce.ZlibCompressor;
-import org.bouncycastle.cms.jcajce.ZlibExpanderProvider;
-import org.bouncycastle.util.encoders.Base64;
-
-public class NewCompressedDataStreamTest
-    extends TestCase
-{
-    public NewCompressedDataStreamTest(String name)
-    {
-        super(name);
-    }
-
-    public void testWorkingData()
-        throws Exception
-    {
-        byte[]  compData = Base64.decode(
-                  "MIAGCyqGSIb3DQEJEAEJoIAwgAIBADANBgsqhkiG9w0BCRADCDCABgkqhkiG9w0BBwGggCSABIIC"
-                + "Hnic7ZRdb9owFIbvK/k/5PqVYPFXGK12YYyboVFASSp1vQtZGiLRACZE49/XHoUW7S/0tXP8Efux"
-                + "fU5ivWnasml72XFb3gb5druui7ytN803M570nii7C5r8tfwR281hy/p/KSM3+jzH5s3+pbQ90xSb"
-                + "P3VT3QbLusnt8WPIuN5vN/vaA2+DulnXTXkXvNTr8j8ouZmkCmGI/UW+ZS/C8zP0bz2dz0zwLt+1"
-                + "UEk2M8mlaxjRMByAhZTj0RGYg4TvogiRASROsZgjpVcJCb1KV6QzQeDJ1XkoQ5Jm+C5PbOHZZGRi"
-                + "v+ORAcshOGeCcdFJyfgFxdtCdEcmOrbinc/+BBMzRThEYpwl+jEBpciSGWQkI0TSlREmD/eOHb2D"
-                + "SGLuESm/iKUFt1y4XHBO2a5oq0IKJKWLS9kUZTA7vC5LSxYmgVL46SIWxIfWBQd6AdrnjLmH94UT"
-                + "vGxVibLqRCtIpp4g2qpdtqK1LiOeolpVK5wVQ5P7+QjZAlrh0cePYTx/gNZuB9Vhndtgujl9T/tg"
-                + "W9ogK+3rnmg3YWygnTuF5GDS+Q/jIVLnCcYZFc6Kk/+c80wKwZjwdZIqDYWRH68MuBQSXLgXYXj2"
-                + "3CAaYOBNJMliTl0X7eV5DnoKIFSKYdj3cRpD/cK/JWTHJRe76MUXnfBW8m7Hd5zhQ4ri2NrVF/WL"
-                + "+kV1/3AGSlJ32bFPd2BsQD8uSzIx6lObkjdz95c0AAAAAAAAAAAAAAAA");
-
-        byte[]  uncompData = Base64.decode(
-                  "Q29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9FREktWDEyOyBuYW1lPUdyb3VwMi54MTINCkNvbnRl"
-                + "bnQtVHJhbnNmZXItRW5jb2Rpbmc6IGJpbmFyeQ0KQ29udGVudC1EaXNwb3NpdGlvbjogaW5saW5l"
-                + "OyBmaWxlbmFtZT1Hcm91cDIueDEyDQoNCklTQSowMCpzc3Nzc3Nzc3NzKjAwKnJycnJycnJycnIqW"
-                + "loqQ1lDTE9ORSAgICAgICAgKlpaKlBBUlRORVIgICAgICAgICo5NjEwMDcqMjAxMypVKjAwMjAwKj"
-                + "AwMDAwMDAwMSowKlQqKg1HUypQTypTMVMxUzFTMVMxUzFTMVMqUjFSMVIxUjFSMVIxUjFSKjk2MTA"
-                + "wNyoyMDEzKjAwMDAwMDAwNCpYKjAwMzA1MA1TVCo4NTAqMDAwMDQwMDAxDUJFRyowMCpCRSoyYSo0"
-                + "MzMyNDIzNHY1NTIzKjk2MTAwNyoyM3RjNHZ5MjR2MmgzdmgzdmgqWloqSUVMKjA5KlJFKjA5DUNVU"
-                + "ioxMSpUUk4qNTY1Nio2NSo1NjYqSU1GKjAwNio5NjEwMDcNUkVGKjZBKjQzM3IxYzNyMzRyMzRjMz"
-                + "MxMnFjdGdjNTQqUmVmZXJlbmNlIE51bWJlcg1QRVIqQUEqSGFucyBHdXR0ZW4qQ1AqMS4zMjIuMzI"
-                + "zLjQ0NDQqKioqKnJnZzRlZ3Y0dDQNVEFYKjR0Z3RidDR0cjR0cipHTCpnaGdoKioqKioqKioqRypD"
-                + "DUZPQipUUCpDQSpVU0EqMDIqRE9NKkNDKlJlZ3VsYXIgTG9jYXRpb25zIHBlciBUZXJtcw1DVFAqR"
-                + "EUqQzA0KjQ1MyoyNTAwMCpEOSpTRUwqMjMyMTQqMjM0MzI0MjM0MjMqRVMqNDIyNDM0MjMNU0FDKk"
-                + "EqQjAwMCpBRSozNTQ1KjM0NDIzMDANQ1VSKjExKjc2Nyo3NzY3KjY1DVBPMSoxMTEtYWFhKjEwMDA"
-                + "wMDAqQVMqOTAuMDAqQkQqQUsqMjM0MjM1djM1MzRxNmYzNTM0djQzNTM0NTN2cTNxMzIqKioqKioq"
-                + "KioqKkExKnl0cmgNUE8xKjExMS1hYWEqMTAwMDAwMCpBUyo5MC4wMCpCRCpBSyoyMzQyMzV2MzUzN"
-                + "HE2ZjM1MzR2NDM1MzQ1M3ZxM3EzMioqKioqKioqKioqQTEqeXRyaA1QTzEqMTExLWFhYSoxMDAwMD"
-                + "AwKkFTKjkwLjAwKkJEKkFLKjIzNDIzNXYzNTM0cTZmMzUzNHY0MzUzNDUzdnEzcTMyKioqKioqKio"
-                + "qKipBMSp5dHJoDVBPMSoxMTEtYWFhKjEwMDAwMDAqQVMqOTAuMDAqQkQqQUsqMjM0MjM1djM1MzRx"
-                + "NmYzNTM0djQzNTM0NTN2cTNxMzIqKioqKioqKioqKkExKnl0cmgNUE8xKjExMS1hYWEqMTAwMDAwM"
-                + "CpBUyo5MC4wMCpCRCpBSyoyMzQyMzV2MzUzNHE2ZjM1MzR2NDM1MzQ1M3ZxM3EzMioqKioqKioqKi"
-                + "oqQTEqeXRyaA1QTzEqMTExLWFhYSoxMDAwMDAwKkFTKjkwLjAwKkJEKkFLKjIzNDIzNXYzNTM0cTZ"
-                + "mMzUzNHY0MzUzNDUzdnEzcTMyKioqKioqKioqKipBMSp5dHJoDVBPMSoxMTEtYWFhKjEwMDAwMDAq"
-                + "QVMqOTAuMDAqQkQqQUsqMjM0MjM1djM1MzRxNmYzNTM0djQzNTM0NTN2cTNxMzIqKioqKioqKioqK"
-                + "kExKnl0cmgNUE8xKjExMS1hYWEqMTAwMDAwMCpBUyo5MC4wMCpCRCpBSyoyMzQyMzV2MzUzNHE2Zj"
-                + "M1MzR2NDM1MzQ1M3ZxM3EzMioqKioqKioqKioqQTEqeXRyaA1QTzEqMTExLWFhYSoxMDAwMDAwKkF"
-                + "TKjkwLjAwKkJEKkFLKjIzNDIzNXYzNTM0cTZmMzUzNHY0MzUzNDUzdnEzcTMyKioqKioqKioqKipB"
-                + "MSp5dHJoDVBPMSoxMTEtYWFhKjEwMDAwMDAqQVMqOTAuMDAqQkQqQUsqMjM0MjM1djM1MzRxNmYzN"
-                + "TM0djQzNTM0NTN2cTNxMzIqKioqKioqKioqKkExKnl0cmgNQ1RUKjENU0UqMjIqMDAwMDQwMDAxDU"
-                + "dFKjEqMDAwMDAwMDA0DUlFQSoxKjAwMDAwMDAwMQ0=");
-
-        CMSCompressedDataParser ed = new CMSCompressedDataParser(compData);
-
-        assertEquals(true, Arrays.equals(uncompData, CMSTestUtil.streamToByteArray(ed.getContent(new ZlibExpanderProvider()).getContentStream())));
-    }
-
-    public void testEach()
-        throws Exception
-    {
-        byte[]  testData = "Hello world!".getBytes();
-
-        CMSCompressedDataStreamGenerator gen = new CMSCompressedDataStreamGenerator();
-        ByteArrayOutputStream            bOut = new ByteArrayOutputStream();
-        
-        OutputStream cOut = gen.open(bOut, new ZlibCompressor());
-
-        cOut.write(testData);
-        
-        cOut.close();
-
-        CMSCompressedDataParser ed = new CMSCompressedDataParser(bOut.toByteArray());
-        
-        assertEquals(true, Arrays.equals(testData, CMSTestUtil.streamToByteArray(ed.getContent(new ZlibExpanderProvider()).getContentStream())));
-    }
-    
-    public void test1000()
-        throws Exception
-    {
-        byte[]  testData = new byte[10000];
-        Random  rand = new Random();
-        
-        rand.setSeed(0);
-
-        for (int i = 0; i != 10; i++)
-        {   
-            CMSCompressedDataStreamGenerator gen = new CMSCompressedDataStreamGenerator();
-            ByteArrayOutputStream            bOut = new ByteArrayOutputStream();
-            
-            OutputStream cOut = gen.open(bOut, new ZlibCompressor());
-
-            rand.nextBytes(testData);
-            
-            cOut.write(testData);
-            
-            cOut.close();
-
-            CMSCompressedDataParser ed = new CMSCompressedDataParser(bOut.toByteArray());
-            
-            assertEquals(true, Arrays.equals(testData, CMSTestUtil.streamToByteArray(ed.getContent(new ZlibExpanderProvider()).getContentStream())));
-        }
-    }
-    
-    public static Test suite()
-    {
-        return new TestSuite(NewCompressedDataStreamTest.class);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/test/NewCompressedDataTest.java b/bcpkix/src/main/java/org/bouncycastle/cms/test/NewCompressedDataTest.java
deleted file mode 100644
index 9c888ce..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/test/NewCompressedDataTest.java
+++ /dev/null

@@ -1,151 +0,0 @@
-package org.bouncycastle.cms.test;
-
-import java.util.Arrays;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.cms.CMSCompressedData;
-import org.bouncycastle.cms.CMSCompressedDataGenerator;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.CMSProcessableByteArray;
-import org.bouncycastle.cms.jcajce.ZlibCompressor;
-import org.bouncycastle.cms.jcajce.ZlibExpanderProvider;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.io.StreamOverflowException;
-
-public class NewCompressedDataTest
-    extends TestCase
-{
-    private static final byte[] TEST_DATA = "Hello world!".getBytes();
-
-    /*
-     *
-     *  INFRASTRUCTURE
-     *
-     */
-
-    public NewCompressedDataTest(String name)
-    {
-        super(name);
-    }
-
-    public static void main(String args[])
-    {
-        junit.textui.TestRunner.run(NewCompressedDataTest.class);
-    }
-
-    public static Test suite()
-    {
-        return new CMSTestSetup(new TestSuite(NewCompressedDataTest.class));
-    }
-
-    public void setUp()
-    {
-
-    }
-
-    public void tearDown()
-    {
-
-    }
-
-    public void testWorkingData()
-        throws Exception
-    {
-        byte[] compData = Base64
-                .decode("MIAGCyqGSIb3DQEJEAEJoIAwgAIBADANBgsqhkiG9w0BCRADCDCABgkqhkiG9w0BBwGggCSABIIC"
-                        + "Hnic7ZRdb9owFIbvK/k/5PqVYPFXGK12YYyboVFASSp1vQtZGiLRACZE49/XHoUW7S/0tXP8Efux"
-                        + "fU5ivWnasml72XFb3gb5druui7ytN803M570nii7C5r8tfwR281hy/p/KSM3+jzH5s3+pbQ90xSb"
-                        + "P3VT3QbLusnt8WPIuN5vN/vaA2+DulnXTXkXvNTr8j8ouZmkCmGI/UW+ZS/C8zP0bz2dz0zwLt+1"
-                        + "UEk2M8mlaxjRMByAhZTj0RGYg4TvogiRASROsZgjpVcJCb1KV6QzQeDJ1XkoQ5Jm+C5PbOHZZGRi"
-                        + "v+ORAcshOGeCcdFJyfgFxdtCdEcmOrbinc/+BBMzRThEYpwl+jEBpciSGWQkI0TSlREmD/eOHb2D"
-                        + "SGLuESm/iKUFt1y4XHBO2a5oq0IKJKWLS9kUZTA7vC5LSxYmgVL46SIWxIfWBQd6AdrnjLmH94UT"
-                        + "vGxVibLqRCtIpp4g2qpdtqK1LiOeolpVK5wVQ5P7+QjZAlrh0cePYTx/gNZuB9Vhndtgujl9T/tg"
-                        + "W9ogK+3rnmg3YWygnTuF5GDS+Q/jIVLnCcYZFc6Kk/+c80wKwZjwdZIqDYWRH68MuBQSXLgXYXj2"
-                        + "3CAaYOBNJMliTl0X7eV5DnoKIFSKYdj3cRpD/cK/JWTHJRe76MUXnfBW8m7Hd5zhQ4ri2NrVF/WL"
-                        + "+kV1/3AGSlJ32bFPd2BsQD8uSzIx6lObkjdz95c0AAAAAAAAAAAAAAAA");
-
-        byte[] uncompData = Base64
-                .decode("Q29udGVudC1UeXBlOiBhcHBsaWNhdGlvbi9FREktWDEyOyBuYW1lPUdyb3VwMi54MTINCkNvbnRl"
-                        + "bnQtVHJhbnNmZXItRW5jb2Rpbmc6IGJpbmFyeQ0KQ29udGVudC1EaXNwb3NpdGlvbjogaW5saW5l"
-                        + "OyBmaWxlbmFtZT1Hcm91cDIueDEyDQoNCklTQSowMCpzc3Nzc3Nzc3NzKjAwKnJycnJycnJycnIqW"
-                        + "loqQ1lDTE9ORSAgICAgICAgKlpaKlBBUlRORVIgICAgICAgICo5NjEwMDcqMjAxMypVKjAwMjAwKj"
-                        + "AwMDAwMDAwMSowKlQqKg1HUypQTypTMVMxUzFTMVMxUzFTMVMqUjFSMVIxUjFSMVIxUjFSKjk2MTA"
-                        + "wNyoyMDEzKjAwMDAwMDAwNCpYKjAwMzA1MA1TVCo4NTAqMDAwMDQwMDAxDUJFRyowMCpCRSoyYSo0"
-                        + "MzMyNDIzNHY1NTIzKjk2MTAwNyoyM3RjNHZ5MjR2MmgzdmgzdmgqWloqSUVMKjA5KlJFKjA5DUNVU"
-                        + "ioxMSpUUk4qNTY1Nio2NSo1NjYqSU1GKjAwNio5NjEwMDcNUkVGKjZBKjQzM3IxYzNyMzRyMzRjMz"
-                        + "MxMnFjdGdjNTQqUmVmZXJlbmNlIE51bWJlcg1QRVIqQUEqSGFucyBHdXR0ZW4qQ1AqMS4zMjIuMzI"
-                        + "zLjQ0NDQqKioqKnJnZzRlZ3Y0dDQNVEFYKjR0Z3RidDR0cjR0cipHTCpnaGdoKioqKioqKioqRypD"
-                        + "DUZPQipUUCpDQSpVU0EqMDIqRE9NKkNDKlJlZ3VsYXIgTG9jYXRpb25zIHBlciBUZXJtcw1DVFAqR"
-                        + "EUqQzA0KjQ1MyoyNTAwMCpEOSpTRUwqMjMyMTQqMjM0MzI0MjM0MjMqRVMqNDIyNDM0MjMNU0FDKk"
-                        + "EqQjAwMCpBRSozNTQ1KjM0NDIzMDANQ1VSKjExKjc2Nyo3NzY3KjY1DVBPMSoxMTEtYWFhKjEwMDA"
-                        + "wMDAqQVMqOTAuMDAqQkQqQUsqMjM0MjM1djM1MzRxNmYzNTM0djQzNTM0NTN2cTNxMzIqKioqKioq"
-                        + "KioqKkExKnl0cmgNUE8xKjExMS1hYWEqMTAwMDAwMCpBUyo5MC4wMCpCRCpBSyoyMzQyMzV2MzUzN"
-                        + "HE2ZjM1MzR2NDM1MzQ1M3ZxM3EzMioqKioqKioqKioqQTEqeXRyaA1QTzEqMTExLWFhYSoxMDAwMD"
-                        + "AwKkFTKjkwLjAwKkJEKkFLKjIzNDIzNXYzNTM0cTZmMzUzNHY0MzUzNDUzdnEzcTMyKioqKioqKio"
-                        + "qKipBMSp5dHJoDVBPMSoxMTEtYWFhKjEwMDAwMDAqQVMqOTAuMDAqQkQqQUsqMjM0MjM1djM1MzRx"
-                        + "NmYzNTM0djQzNTM0NTN2cTNxMzIqKioqKioqKioqKkExKnl0cmgNUE8xKjExMS1hYWEqMTAwMDAwM"
-                        + "CpBUyo5MC4wMCpCRCpBSyoyMzQyMzV2MzUzNHE2ZjM1MzR2NDM1MzQ1M3ZxM3EzMioqKioqKioqKi"
-                        + "oqQTEqeXRyaA1QTzEqMTExLWFhYSoxMDAwMDAwKkFTKjkwLjAwKkJEKkFLKjIzNDIzNXYzNTM0cTZ"
-                        + "mMzUzNHY0MzUzNDUzdnEzcTMyKioqKioqKioqKipBMSp5dHJoDVBPMSoxMTEtYWFhKjEwMDAwMDAq"
-                        + "QVMqOTAuMDAqQkQqQUsqMjM0MjM1djM1MzRxNmYzNTM0djQzNTM0NTN2cTNxMzIqKioqKioqKioqK"
-                        + "kExKnl0cmgNUE8xKjExMS1hYWEqMTAwMDAwMCpBUyo5MC4wMCpCRCpBSyoyMzQyMzV2MzUzNHE2Zj"
-                        + "M1MzR2NDM1MzQ1M3ZxM3EzMioqKioqKioqKioqQTEqeXRyaA1QTzEqMTExLWFhYSoxMDAwMDAwKkF"
-                        + "TKjkwLjAwKkJEKkFLKjIzNDIzNXYzNTM0cTZmMzUzNHY0MzUzNDUzdnEzcTMyKioqKioqKioqKipB"
-                        + "MSp5dHJoDVBPMSoxMTEtYWFhKjEwMDAwMDAqQVMqOTAuMDAqQkQqQUsqMjM0MjM1djM1MzRxNmYzN"
-                        + "TM0djQzNTM0NTN2cTNxMzIqKioqKioqKioqKkExKnl0cmgNQ1RUKjENU0UqMjIqMDAwMDQwMDAxDUdFKjEqMDAwMDAwMDA0DUlFQSoxKjAwMDAwMDAwMQ0=");
-
-        CMSCompressedData ed = new CMSCompressedData(compData);
-
-        assertEquals(true, Arrays.equals(uncompData, ed.getContent(new ZlibExpanderProvider())));
-    }
-
-    public void testEach()
-        throws Exception
-    {
-        CMSCompressedData cd = getStdData();
-
-        assertEquals(true, Arrays.equals(TEST_DATA, cd.getContent(new ZlibExpanderProvider())));
-    }
-
-    public void testLimitUnder()
-        throws Exception
-    {
-        CMSCompressedData cd = getStdData();
-
-        try
-        {
-            cd.getContent(new ZlibExpanderProvider(TEST_DATA.length / 2));
-        }
-        catch (CMSException e)
-        {
-            assertEquals(true, e.getCause() instanceof StreamOverflowException);
-        }
-    }
-
-    public void testLimitOver()
-        throws Exception
-    {
-        CMSCompressedData cd = getStdData();
-
-        assertEquals(true, Arrays.equals(TEST_DATA, cd.getContent(new ZlibExpanderProvider(TEST_DATA.length * 2))));
-    }
-
-    public void testLimitEqual()
-        throws Exception
-    {
-        CMSCompressedData cd = getStdData();
-
-        assertEquals(true, Arrays.equals(TEST_DATA, cd.getContent(new ZlibExpanderProvider(TEST_DATA.length))));
-    }
-
-    private CMSCompressedData getStdData()
-        throws CMSException
-    {
-        CMSProcessableByteArray testData = new CMSProcessableByteArray(TEST_DATA);
-        CMSCompressedDataGenerator gen = new CMSCompressedDataGenerator();
-
-        return gen.generate(testData, new ZlibCompressor());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/test/NewEnvelopedDataStreamTest.java b/bcpkix/src/main/java/org/bouncycastle/cms/test/NewEnvelopedDataStreamTest.java
deleted file mode 100644
index 7759677..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/test/NewEnvelopedDataStreamTest.java
+++ /dev/null

@@ -1,760 +0,0 @@
-package org.bouncycastle.cms.test;
-
-import java.io.BufferedOutputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.PrivateKey;
-import java.security.Security;
-import java.security.cert.X509Certificate;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Hashtable;
-import java.util.Iterator;
-
-import javax.crypto.SecretKey;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.DEROutputStream;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.asn1.cms.Attribute;
-import org.bouncycastle.asn1.cms.AttributeTable;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cms.CMSAlgorithm;
-import org.bouncycastle.cms.CMSEnvelopedDataGenerator;
-import org.bouncycastle.cms.CMSEnvelopedDataParser;
-import org.bouncycastle.cms.CMSEnvelopedDataStreamGenerator;
-import org.bouncycastle.cms.CMSTypedStream;
-import org.bouncycastle.cms.KEKRecipientId;
-import org.bouncycastle.cms.OriginatorInfoGenerator;
-import org.bouncycastle.cms.OriginatorInformation;
-import org.bouncycastle.cms.RecipientId;
-import org.bouncycastle.cms.RecipientInformation;
-import org.bouncycastle.cms.RecipientInformationStore;
-import org.bouncycastle.cms.SimpleAttributeTableGenerator;
-import org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder;
-import org.bouncycastle.cms.jcajce.JceKEKEnvelopedRecipient;
-import org.bouncycastle.cms.jcajce.JceKEKRecipientInfoGenerator;
-import org.bouncycastle.cms.jcajce.JceKeyAgreeEnvelopedRecipient;
-import org.bouncycastle.cms.jcajce.JceKeyAgreeRecipientId;
-import org.bouncycastle.cms.jcajce.JceKeyAgreeRecipientInfoGenerator;
-import org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient;
-import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-
-public class NewEnvelopedDataStreamTest
-    extends TestCase
-{
-    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
-
-    private static final int BUFFER_SIZE = 4000;
-    private static String          _signDN;
-    private static KeyPair         _signKP;
-    private static X509Certificate _signCert;
-
-    private static String          _origDN;
-    private static KeyPair         _origKP;
-    private static X509Certificate _origCert;
-
-    private static String          _reciDN;
-    private static KeyPair         _reciKP;
-    private static X509Certificate _reciCert;
-
-    private static KeyPair         _origEcKP;
-    private static KeyPair         _reciEcKP;
-    private static X509Certificate _reciEcCert;
-
-    private static boolean         _initialised = false;
-    
-    public NewEnvelopedDataStreamTest()
-    {
-    }
-
-    private static void init()
-        throws Exception
-    {
-        if (!_initialised)
-        {
-            _initialised = true;
-
-            _signDN   = "O=Bouncy Castle, C=AU";
-            _signKP   = CMSTestUtil.makeKeyPair();
-            _signCert = CMSTestUtil.makeCertificate(_signKP, _signDN, _signKP, _signDN);
-
-            _origDN   = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU";
-            _origKP   = CMSTestUtil.makeKeyPair();
-            _origCert = CMSTestUtil.makeCertificate(_origKP, _origDN, _signKP, _signDN);
-
-            _reciDN   = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU";
-            _reciKP   = CMSTestUtil.makeKeyPair();
-            _reciCert = CMSTestUtil.makeCertificate(_reciKP, _reciDN, _signKP, _signDN);
-
-            _origEcKP = CMSTestUtil.makeEcDsaKeyPair();
-            _reciEcKP = CMSTestUtil.makeEcDsaKeyPair();
-            _reciEcCert = CMSTestUtil.makeCertificate(_reciEcKP, _reciDN, _signKP, _signDN);
-        }
-    }
-
-    public void setUp()
-        throws Exception
-    {
-        init();
-    }
-
-    public void testWorkingData()
-        throws Exception
-    {
-        byte[]  keyData = Base64.decode(
-                  "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKrAz/SQKrcQ" +
-                  "nj9IxHIfKDbuXsMqUpI06s2gps6fp7RDNvtUDDMOciWGFhD45YSy8GO0mPx3" +
-                  "Nkc7vKBqX4TLcqLUz7kXGOHGOwiPZoNF+9jBMPNROe/B0My0PkWg9tuq+nxN" +
-                  "64oD47+JvDwrpNOS5wsYavXeAW8Anv9ZzHLU7KwZAgMBAAECgYA/fqdVt+5K" +
-                  "WKGfwr1Z+oAHvSf7xtchiw/tGtosZ24DOCNP3fcTXUHQ9kVqVkNyzt9ZFCT3" +
-                  "bJUAdBQ2SpfuV4DusVeQZVzcROKeA09nPkxBpTefWbSDQGhb+eZq9L8JDRSW" +
-                  "HyYqs+MBoUpLw7GKtZiJkZyY6CsYkAnQ+uYVWq/TIQJBAP5zafO4HUV/w4KD" +
-                  "VJi+ua+GYF1Sg1t/dYL1kXO9GP1p75YAmtm6LdnOCas7wj70/G1YlPGkOP0V" +
-                  "GFzeG5KAmAUCQQCryvKU9nwWA+kypcQT9Yr1P4vGS0APYoBThnZq7jEPc5Cm" +
-                  "ZI82yseSxSeea0+8KQbZ5mvh1p3qImDLEH/iNSQFAkAghS+tboKPN10NeSt+" +
-                  "uiGRRWNbiggv0YJ7Uldcq3ZeLQPp7/naiekCRUsHD4Qr97OrZf7jQ1HlRqTu" +
-                  "eZScjMLhAkBNUMZCQnhwFAyEzdPkQ7LpU1MdyEopYmRssuxijZao5JLqQAGw" +
-                  "YCzXokGFa7hz72b09F4DQurJL/WuDlvvu4jdAkEAxwT9lylvfSfEQw4/qQgZ" +
-                  "MFB26gqB6Gqs1pHIZCzdliKx5BO3VDeUGfXMI8yOkbXoWbYx5xPid/+N8R//" +
-                  "+sxLBw==");
-
-        byte[] envData = Base64.decode(
-                  "MIAGCSqGSIb3DQEHA6CAMIACAQAxgcQwgcECAQAwKjAlMRYwFAYDVQQKEw1C" +
-                  "b3VuY3kgQ2FzdGxlMQswCQYDVQQGEwJBVQIBHjANBgkqhkiG9w0BAQEFAASB" +
-                  "gDmnaDZ0vDJNlaUSYyEXsgbaUH+itNTjCOgv77QTX2ImXj+kTctM19PQF2I1" +
-                  "0/NL0fjakvCgBTHKmk13a7jqB6cX3bysenHNrglHsgNGgeXQ7ggAq5fV/JQQ" +
-                  "T7rSxEtuwpbuHQnoVUZahOHVKy/a0uLr9iIh1A3y+yZTZaG505ZJMIAGCSqG" +
-                  "SIb3DQEHATAdBglghkgBZQMEAQIEENmkYNbDXiZxJWtq82qIRZKggAQgkOGr" +
-                  "1JcTsADStez1eY4+rO4DtyBIyUYQ3pilnbirfPkAAAAAAAAAAAAA");
-
-
-        CMSEnvelopedDataParser     ep = new CMSEnvelopedDataParser(envData);
-
-        RecipientInformationStore  recipients = ep.getRecipientInfos();
-
-        assertEquals(ep.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.AES128_CBC);
-
-        Collection  c = recipients.getRecipients();
-        Iterator    it = c.iterator();
-
-        PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(keyData);
-        KeyFactory          keyFact = KeyFactory.getInstance("RSA", BC);
-        PrivateKey          priKey = keyFact.generatePrivate(keySpec);
-        byte[]              data = Hex.decode("57616c6c6157616c6c6157617368696e67746f6e");
-
-        while (it.hasNext())
-        {
-            RecipientInformation   recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
-
-            CMSTypedStream recData = recipient.getContentStream(new JceKeyTransEnvelopedRecipient(priKey).setProvider(BC));
-
-            assertEquals(true, Arrays.equals(data, CMSTestUtil.streamToByteArray(recData.getContentStream())));
-        }
-    }
-
-    private void verifyData(
-        ByteArrayOutputStream encodedStream,
-        String                expectedOid,
-        byte[]                expectedData)
-        throws Exception
-    {
-        CMSEnvelopedDataParser     ep = new CMSEnvelopedDataParser(encodedStream.toByteArray());
-        RecipientInformationStore  recipients = ep.getRecipientInfos();
-
-        assertEquals(ep.getEncryptionAlgOID(), expectedOid);
-
-        Collection  c = recipients.getRecipients();
-        Iterator    it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation   recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
-
-            CMSTypedStream recData = recipient.getContentStream(new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()).setProvider(BC));
-
-            assertEquals(true, Arrays.equals(expectedData, CMSTestUtil.streamToByteArray(recData.getContentStream())));
-        }
-    }
-
-    public void testUnprotectedAttributes()
-        throws Exception
-    {
-        byte[]          data     = "WallaWallaWashington".getBytes();
-
-        CMSEnvelopedDataStreamGenerator edGen = new CMSEnvelopedDataStreamGenerator();
-
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-
-        Hashtable attrs = new Hashtable();
-
-        attrs.put(PKCSObjectIdentifiers.id_aa_contentHint, new Attribute(PKCSObjectIdentifiers.id_aa_contentHint, new DERSet(new DERUTF8String("Hint"))));
-        attrs.put(PKCSObjectIdentifiers.id_aa_receiptRequest, new Attribute(PKCSObjectIdentifiers.id_aa_receiptRequest, new DERSet(new DERUTF8String("Request"))));
-
-        AttributeTable attrTable = new AttributeTable(attrs);
-
-        edGen.setUnprotectedAttributeGenerator(new SimpleAttributeTableGenerator(attrTable));
-
-        ByteArrayOutputStream  bOut = new ByteArrayOutputStream();
-
-        OutputStream out = edGen.open(
-                                bOut, new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-
-        out.write(data);
-
-        out.close();
-
-        CMSEnvelopedDataParser ed = new CMSEnvelopedDataParser(bOut.toByteArray());
-
-        RecipientInformationStore  recipients = ed.getRecipientInfos();
-
-        Collection  c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator    it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation   recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
-
-            byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()).setProvider(BC));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-
-        attrTable = ed.getUnprotectedAttributes();
-
-        assertEquals(attrs.size(), 2);
-
-        assertEquals(new DERUTF8String("Hint"), attrTable.get(PKCSObjectIdentifiers.id_aa_contentHint).getAttrValues().getObjectAt(0));
-        assertEquals(new DERUTF8String("Request"), attrTable.get(PKCSObjectIdentifiers.id_aa_receiptRequest).getAttrValues().getObjectAt(0));
-
-    }
-
-    public void testKeyTransAES128BufferedStream()
-        throws Exception
-    {
-        byte[] data = new byte[2000];
-
-        for (int i = 0; i != 2000; i++)
-        {
-            data[i] = (byte)(i & 0xff);
-        }
-
-        //
-        // unbuffered
-        //
-        CMSEnvelopedDataStreamGenerator edGen = new CMSEnvelopedDataStreamGenerator();
-
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-
-        ByteArrayOutputStream  bOut = new ByteArrayOutputStream();
-
-        OutputStream out = edGen.open(
-                                bOut, new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-
-        for (int i = 0; i != 2000; i++)
-        {
-            out.write(data[i]);
-        }
-
-        out.close();
-
-        verifyData(bOut, CMSEnvelopedDataGenerator.AES128_CBC, data);
-
-        int unbufferedLength = bOut.toByteArray().length;
-
-        //
-        // Using buffered output - should be == to unbuffered
-        //
-        edGen = new CMSEnvelopedDataStreamGenerator();
-
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-
-        bOut = new ByteArrayOutputStream();
-
-        out = edGen.open(bOut, new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-
-        BufferedOutputStream bfOut = new BufferedOutputStream(out, 300);
-
-        for (int i = 0; i != 2000; i++)
-        {
-            bfOut.write(data[i]);
-        }
-
-        bfOut.close();
-
-        verifyData(bOut, CMSEnvelopedDataGenerator.AES128_CBC, data);
-
-        assertTrue(bOut.toByteArray().length == unbufferedLength);
-    }
-
-    public void testKeyTransAES128Buffered()
-        throws Exception
-    {
-        byte[] data = new byte[2000];
-
-        for (int i = 0; i != 2000; i++)
-        {
-            data[i] = (byte)(i & 0xff);
-        }
-
-        //
-        // unbuffered
-        //
-        CMSEnvelopedDataStreamGenerator edGen = new CMSEnvelopedDataStreamGenerator();
-
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-
-        ByteArrayOutputStream  bOut = new ByteArrayOutputStream();
-
-        OutputStream out = edGen.open(
-                                bOut, new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-
-        for (int i = 0; i != 2000; i++)
-        {
-            out.write(data[i]);
-        }
-
-        out.close();
-
-        verifyData(bOut, CMSEnvelopedDataGenerator.AES128_CBC, data);
-
-        int unbufferedLength = bOut.toByteArray().length;
-
-        //
-        // buffered - less than default of 1000
-        //
-        edGen = new CMSEnvelopedDataStreamGenerator();
-
-        edGen.setBufferSize(300);
-
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-
-        bOut = new ByteArrayOutputStream();
-
-        out = edGen.open(bOut, new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-
-        for (int i = 0; i != 2000; i++)
-        {
-            out.write(data[i]);
-        }
-
-        out.close();
-
-        verifyData(bOut, CMSEnvelopedDataGenerator.AES128_CBC, data);
-
-        assertTrue(bOut.toByteArray().length > unbufferedLength);
-    }
-
-    public void testKeyTransAES128Der()
-        throws Exception
-    {
-        byte[] data = new byte[2000];
-
-        for (int i = 0; i != 2000; i++)
-        {
-            data[i] = (byte)(i & 0xff);
-        }
-
-        CMSEnvelopedDataStreamGenerator edGen = new CMSEnvelopedDataStreamGenerator();
-
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-
-        ByteArrayOutputStream  bOut = new ByteArrayOutputStream();
-
-        OutputStream out = edGen.open(
-                                bOut, new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-
-        for (int i = 0; i != 2000; i++)
-        {
-            out.write(data[i]);
-        }
-
-        out.close();
-
-        // convert to DER
-        ASN1InputStream aIn = new ASN1InputStream(bOut.toByteArray());
-
-        bOut.reset();
-
-        DEROutputStream dOut = new DEROutputStream(bOut);
-
-        dOut.writeObject(aIn.readObject());
-
-        verifyData(bOut, CMSEnvelopedDataGenerator.AES128_CBC, data);
-    }
-
-    public void testKeyTransAES128Throughput()
-        throws Exception
-    {
-        byte[] data = new byte[40001];
-
-        for (int i = 0; i != data.length; i++)
-        {
-            data[i] = (byte)(i & 0xff);
-        }
-
-        //
-        // buffered
-        //
-        CMSEnvelopedDataStreamGenerator edGen = new CMSEnvelopedDataStreamGenerator();
-
-        edGen.setBufferSize(BUFFER_SIZE);
-
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        OutputStream out = edGen.open(bOut, new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-
-        for (int i = 0; i != data.length; i++)
-        {
-            out.write(data[i]);
-        }
-
-        out.close();
-
-        CMSEnvelopedDataParser     ep = new CMSEnvelopedDataParser(bOut.toByteArray());
-        RecipientInformationStore  recipients = ep.getRecipientInfos();
-        Collection                 c = recipients.getRecipients();
-        Iterator                   it = c.iterator();
-
-        if (it.hasNext())
-        {
-            RecipientInformation   recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
-
-            CMSTypedStream recData = recipient.getContentStream(new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()).setProvider(BC));
-
-            InputStream           dataStream = recData.getContentStream();
-            ByteArrayOutputStream dataOut = new ByteArrayOutputStream();
-            int                   len;
-            byte[]                buf = new byte[BUFFER_SIZE];
-            int                   count = 0;
-
-            while (count != 10 && (len = dataStream.read(buf)) > 0)
-            {
-                assertEquals(buf.length, len);
-
-                dataOut.write(buf);
-                count++;
-            }
-
-            len = dataStream.read(buf);
-            dataOut.write(buf, 0, len);
-
-            assertEquals(true, Arrays.equals(data, dataOut.toByteArray()));
-        }
-        else
-        {
-            fail("recipient not found.");
-        }
-    }
-
-    public void testKeyTransAES128AndOriginatorInfo()
-        throws Exception
-    {
-        byte[]          data     = "WallaWallaWashington".getBytes();
-
-        CMSEnvelopedDataStreamGenerator edGen = new CMSEnvelopedDataStreamGenerator();
-
-        X509CertificateHolder origCert = new X509CertificateHolder(_origCert.getEncoded());
-
-        edGen.setOriginatorInfo(new OriginatorInfoGenerator(origCert).generate());
-
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-
-        ByteArrayOutputStream  bOut = new ByteArrayOutputStream();
-
-        OutputStream out = edGen.open(
-                                bOut, new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-
-        out.write(data);
-
-        out.close();
-
-        CMSEnvelopedDataParser     ep = new CMSEnvelopedDataParser(bOut.toByteArray());
-
-        assertTrue(ep.getOriginatorInfo().getCertificates().getMatches(null).contains(origCert));
-
-        RecipientInformationStore  recipients = ep.getRecipientInfos();
-
-        assertEquals(ep.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.AES128_CBC);
-
-        Collection  c = recipients.getRecipients();
-        Iterator    it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation   recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
-
-            CMSTypedStream recData = recipient.getContentStream(new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()).setProvider(BC));
-
-            assertEquals(true, Arrays.equals(data, CMSTestUtil.streamToByteArray(recData.getContentStream())));
-        }
-
-        ep.close();
-    }
-
-    public void testKeyTransAES128()
-        throws Exception
-    {
-        byte[]          data     = "WallaWallaWashington".getBytes();
-
-        CMSEnvelopedDataStreamGenerator edGen = new CMSEnvelopedDataStreamGenerator();
-
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-
-        ByteArrayOutputStream  bOut = new ByteArrayOutputStream();
-
-        OutputStream out = edGen.open(
-                                bOut, new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-
-        out.write(data);
-
-        out.close();
-
-        CMSEnvelopedDataParser     ep = new CMSEnvelopedDataParser(bOut.toByteArray());
-
-        RecipientInformationStore  recipients = ep.getRecipientInfos();
-
-        assertEquals(ep.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.AES128_CBC);
-
-        Collection  c = recipients.getRecipients();
-        Iterator    it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation   recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
-
-            CMSTypedStream recData = recipient.getContentStream(new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()).setProvider(BC));
-
-            assertEquals(true, Arrays.equals(data, CMSTestUtil.streamToByteArray(recData.getContentStream())));
-        }
-
-        ep.close();
-    }
-
-    public void testKeyTransCAST5SunJCE()
-        throws Exception
-    {
-        if (Security.getProvider("SunJCE") == null)
-        {
-            return;
-        }
-
-        String version = System.getProperty("java.version");
-        if (version.startsWith("1.4") || version.startsWith("1.3"))
-        {
-            return;
-        }
-
-        byte[]          data     = "WallaWallaWashington".getBytes();
-
-        CMSEnvelopedDataStreamGenerator edGen = new CMSEnvelopedDataStreamGenerator();
-
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider("SunJCE"));
-
-        ByteArrayOutputStream  bOut = new ByteArrayOutputStream();
-
-        OutputStream out = edGen.open(
-                                bOut, new JceCMSContentEncryptorBuilder(CMSAlgorithm.CAST5_CBC).setProvider(BC).build());
-
-        out.write(data);
-
-        out.close();
-
-        CMSEnvelopedDataParser     ep = new CMSEnvelopedDataParser(bOut.toByteArray());
-
-        RecipientInformationStore  recipients = ep.getRecipientInfos();
-
-        assertEquals(ep.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.CAST5_CBC);
-
-        Collection  c = recipients.getRecipients();
-        Iterator    it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation   recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
-
-            CMSTypedStream recData = recipient.getContentStream(new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()).setProvider("SunJCE").setContentProvider(BC));
-
-            assertEquals(true, Arrays.equals(data, CMSTestUtil.streamToByteArray(recData.getContentStream())));
-        }
-
-        ep.close();
-    }
-
-    public void testAESKEK()
-        throws Exception
-    {
-        byte[]    data = "WallaWallaWashington".getBytes();
-        SecretKey kek  = CMSTestUtil.makeAES192Key();
-
-        CMSEnvelopedDataStreamGenerator edGen = new CMSEnvelopedDataStreamGenerator();
-
-        byte[]  kekId = new byte[] { 1, 2, 3, 4, 5 };
-
-        edGen.addRecipientInfoGenerator(new JceKEKRecipientInfoGenerator(kekId, kek).setProvider(BC));
-
-        ByteArrayOutputStream  bOut = new ByteArrayOutputStream();
-
-        OutputStream out = edGen.open(
-                                bOut,
-                                new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(BC).build());
-        out.write(data);
-
-        out.close();
-
-        CMSEnvelopedDataParser     ep = new CMSEnvelopedDataParser(bOut.toByteArray());
-
-        RecipientInformationStore  recipients = ep.getRecipientInfos();
-
-        assertEquals(ep.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.DES_EDE3_CBC);
-
-        Collection  c = recipients.getRecipients();
-        Iterator    it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation   recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), "2.16.840.1.101.3.4.1.25");
-
-            CMSTypedStream recData = recipient.getContentStream(new JceKEKEnvelopedRecipient(kek).setProvider(BC));
-
-            assertEquals(true, Arrays.equals(data, CMSTestUtil.streamToByteArray(recData.getContentStream())));
-        }
-
-        ep.close();
-    }
-
-    public void testTwoAESKEK()
-        throws Exception
-    {
-        byte[]    data = "WallaWallaWashington".getBytes();
-        SecretKey kek1  = CMSTestUtil.makeAES192Key();
-        SecretKey kek2  = CMSTestUtil.makeAES192Key();
-
-        CMSEnvelopedDataStreamGenerator edGen = new CMSEnvelopedDataStreamGenerator();
-
-        byte[]  kekId1 = new byte[] { 1, 2, 3, 4, 5 };
-        byte[]  kekId2 = new byte[] { 5, 4, 3, 2, 1 };
-
-        edGen.addRecipientInfoGenerator(new JceKEKRecipientInfoGenerator(kekId1, kek1).setProvider(BC));
-        edGen.addRecipientInfoGenerator(new JceKEKRecipientInfoGenerator(kekId2, kek2).setProvider(BC));
-
-        ByteArrayOutputStream  bOut = new ByteArrayOutputStream();
-
-        OutputStream out = edGen.open(
-                                bOut,
-                                new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(BC).build());
-        out.write(data);
-
-        out.close();
-
-        CMSEnvelopedDataParser     ep = new CMSEnvelopedDataParser(bOut.toByteArray());
-
-        RecipientInformationStore  recipients = ep.getRecipientInfos();
-
-        assertEquals(ep.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.DES_EDE3_CBC);
-
-        RecipientId                recSel = new KEKRecipientId(kekId2);
-
-        RecipientInformation       recipient = recipients.get(recSel);
-
-        assertEquals(recipient.getKeyEncryptionAlgOID(), "2.16.840.1.101.3.4.1.25");
-
-        CMSTypedStream recData = recipient.getContentStream(new JceKEKEnvelopedRecipient(kek2).setProvider(BC));
-
-        assertEquals(true, Arrays.equals(data, CMSTestUtil.streamToByteArray(recData.getContentStream())));
-
-        ep.close();
-    }
-
-    public void testECKeyAgree()
-        throws Exception
-    {
-        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
-
-        CMSEnvelopedDataStreamGenerator edGen = new CMSEnvelopedDataStreamGenerator();
-
-        JceKeyAgreeRecipientInfoGenerator recipientGenerator = new JceKeyAgreeRecipientInfoGenerator(CMSAlgorithm.ECDH_SHA1KDF, _origEcKP.getPrivate(), _origEcKP.getPublic(), CMSAlgorithm.AES128_WRAP).setProvider(BC);
-
-        recipientGenerator.addRecipient(_reciEcCert);
-
-        edGen.addRecipientInfoGenerator(recipientGenerator);
-        
-        ByteArrayOutputStream  bOut = new ByteArrayOutputStream();
-
-        OutputStream out = edGen.open(
-                                bOut,
-                                new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-        out.write(data);
-
-        out.close();
-
-        CMSEnvelopedDataParser     ep = new CMSEnvelopedDataParser(bOut.toByteArray());
-
-        RecipientInformationStore  recipients = ep.getRecipientInfos();
-
-        assertEquals(ep.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.AES128_CBC);
-
-        RecipientId                recSel = new JceKeyAgreeRecipientId(_reciEcCert);
-
-        RecipientInformation       recipient = recipients.get(recSel);
-
-        CMSTypedStream recData = recipient.getContentStream(new JceKeyAgreeEnvelopedRecipient(_reciEcKP.getPrivate()).setProvider(BC));
-
-        assertEquals(true, Arrays.equals(data, CMSTestUtil.streamToByteArray(recData.getContentStream())));
-
-        ep.close();
-    }
-
-    public void testOriginatorInfo()
-        throws Exception
-    {
-        CMSEnvelopedDataParser env = new CMSEnvelopedDataParser(CMSSampleMessages.originatorMessage);
-
-        OriginatorInformation origInfo = env.getOriginatorInfo();
-
-        RecipientInformationStore  recipients = env.getRecipientInfos();
-
-        assertEquals(new X500Name("C=US,O=U.S. Government,OU=HSPD12Lab,OU=Agents,CN=user1"), ((X509CertificateHolder)origInfo.getCertificates().getMatches(null).iterator().next()).getSubject());
-        assertEquals(CMSEnvelopedDataGenerator.DES_EDE3_CBC, env.getEncryptionAlgOID());
-    }
-
-    public static Test suite()
-        throws Exception
-    {
-        return new CMSTestSetup(new TestSuite(NewEnvelopedDataStreamTest.class));
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/test/NewEnvelopedDataTest.java b/bcpkix/src/main/java/org/bouncycastle/cms/test/NewEnvelopedDataTest.java
deleted file mode 100644
index eb76983..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/test/NewEnvelopedDataTest.java
+++ /dev/null

@@ -1,2897 +0,0 @@
-package org.bouncycastle.cms.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStreamReader;
-import java.math.BigInteger;
-import java.security.AlgorithmParameters;
-import java.security.GeneralSecurityException;
-import java.security.Key;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PrivateKey;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-import java.security.interfaces.ECPrivateKey;
-import java.security.spec.MGF1ParameterSpec;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Hashtable;
-import java.util.Iterator;
-
-import javax.crypto.SecretKey;
-import javax.crypto.spec.OAEPParameterSpec;
-import javax.crypto.spec.PSource;
-import javax.crypto.spec.SecretKeySpec;
-
-import junit.framework.Assert;
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.asn1.cms.Attribute;
-import org.bouncycastle.asn1.cms.AttributeTable;
-import org.bouncycastle.asn1.cms.CCMParameters;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.cms.EncryptedContentInfo;
-import org.bouncycastle.asn1.cms.EnvelopedData;
-import org.bouncycastle.asn1.cms.GCMParameters;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.kisa.KISAObjectIdentifiers;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PBKDF2Params;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.RC2CBCParameter;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
-import org.bouncycastle.cms.CMSAlgorithm;
-import org.bouncycastle.cms.CMSEnvelopedData;
-import org.bouncycastle.cms.CMSEnvelopedDataGenerator;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.CMSProcessableByteArray;
-import org.bouncycastle.cms.CMSTypedData;
-import org.bouncycastle.cms.KeyAgreeRecipientInformation;
-import org.bouncycastle.cms.KeyTransRecipientInformation;
-import org.bouncycastle.cms.OriginatorInfoGenerator;
-import org.bouncycastle.cms.OriginatorInformation;
-import org.bouncycastle.cms.PasswordRecipient;
-import org.bouncycastle.cms.PasswordRecipientInformation;
-import org.bouncycastle.cms.RecipientId;
-import org.bouncycastle.cms.RecipientInformation;
-import org.bouncycastle.cms.RecipientInformationStore;
-import org.bouncycastle.cms.SimpleAttributeTableGenerator;
-import org.bouncycastle.cms.bc.BcCMSContentEncryptorBuilder;
-import org.bouncycastle.cms.bc.BcPasswordEnvelopedRecipient;
-import org.bouncycastle.cms.bc.BcPasswordRecipientInfoGenerator;
-import org.bouncycastle.cms.bc.BcRSAKeyTransRecipientInfoGenerator;
-import org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder;
-import org.bouncycastle.cms.jcajce.JceKEKEnvelopedRecipient;
-import org.bouncycastle.cms.jcajce.JceKEKRecipientInfoGenerator;
-import org.bouncycastle.cms.jcajce.JceKeyAgreeEnvelopedRecipient;
-import org.bouncycastle.cms.jcajce.JceKeyAgreeRecipientId;
-import org.bouncycastle.cms.jcajce.JceKeyAgreeRecipientInfoGenerator;
-import org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient;
-import org.bouncycastle.cms.jcajce.JceKeyTransRecipientId;
-import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;
-import org.bouncycastle.cms.jcajce.JcePasswordEnvelopedRecipient;
-import org.bouncycastle.cms.jcajce.JcePasswordRecipientInfoGenerator;
-import org.bouncycastle.jce.ECGOST3410NamedCurveTable;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.openssl.PEMKeyPair;
-import org.bouncycastle.openssl.PEMParser;
-import org.bouncycastle.operator.OutputEncryptor;
-import org.bouncycastle.operator.jcajce.JcaAlgorithmParametersConverter;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-
-public class NewEnvelopedDataTest
-    extends TestCase
-{
-    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
-
-    private static String _signDN;
-    private static KeyPair _signKP;
-    private static X509Certificate _signCert;
-
-    private static String _origDN;
-    private static KeyPair _origKP;
-    private static X509Certificate _origCert;
-
-    private static String _reciDN;
-    private static String _reciDN2;
-    private static KeyPair _reciKP;
-    private static KeyPair _reciOaepKP;
-    private static X509Certificate _reciCert;
-    private static X509Certificate _reciCertOaep;
-
-    private static KeyPair _origEcKP;
-    private static KeyPair _reciEcKP;
-    private static X509Certificate _reciEcCert;
-    private static KeyPair _reciEcKP2;
-    private static X509Certificate _reciEcCert2;
-    private static KeyPair _reciKemsKP;
-    private static X509Certificate _reciKemsCert;
-
-    private static KeyPair _origDhKP;
-    private static KeyPair _reciDhKP;
-    private static X509Certificate _reciDhCert;
-
-    private static boolean _initialised = false;
-
-    private byte[] oldKEK = Base64.decode(
-        "MIAGCSqGSIb3DQEHA6CAMIACAQIxQaI/MD0CAQQwBwQFAQIDBAUwDQYJYIZIAWUDBAEFBQAEI"
-            + "Fi2eHTPM4bQSjP4DUeDzJZLpfemW2gF1SPq7ZPHJi1mMIAGCSqGSIb3DQEHATAUBggqhkiG9w"
-            + "0DBwQImtdGyUdGGt6ggAQYk9X9z01YFBkU7IlS3wmsKpm/zpZClTceAAAAAAAAAAAAAA==");
-
-    private byte[] ecKeyAgreeMsgAES256 = Base64.decode(
-        "MIAGCSqGSIb3DQEHA6CAMIACAQIxgcShgcECAQOgQ6FBMAsGByqGSM49AgEF"
-            + "AAMyAAPdXlSTpub+qqno9hUGkUDl+S3/ABhPziIB5yGU4678tgOgU5CiKG9Z"
-            + "kfnabIJ3nZYwGgYJK4EFEIZIPwACMA0GCWCGSAFlAwQBLQUAMFswWTAtMCgx"
-            + "EzARBgNVBAMTCkFkbWluLU1EU0UxETAPBgNVBAoTCDRCQ1QtMklEAgEBBCi/"
-            + "rJRLbFwEVW6PcLLmojjW9lI/xGD7CfZzXrqXFw8iHaf3hTRau1gYMIAGCSqG"
-            + "SIb3DQEHATAdBglghkgBZQMEASoEEMtCnKKPwccmyrbgeSIlA3qggAQQDLw8"
-            + "pNJR97bPpj6baG99bQQQwhEDsoj5Xg1oOxojHVcYzAAAAAAAAAAAAAA=");
-
-    private byte[] ecKeyAgreeMsgAES128 = Base64.decode(
-        "MIAGCSqGSIb3DQEHA6CAMIACAQIxgbShgbECAQOgQ6FBMAsGByqGSM49AgEF"
-            + "AAMyAAL01JLEgKvKh5rbxI/hOxs/9WEezMIsAbUaZM4l5tn3CzXAN505nr5d"
-            + "LhrcurMK+tAwGgYJK4EFEIZIPwACMA0GCWCGSAFlAwQBBQUAMEswSTAtMCgx"
-            + "EzARBgNVBAMTCkFkbWluLU1EU0UxETAPBgNVBAoTCDRCQ1QtMklEAgEBBBhi"
-            + "FLjc5g6aqDT3f8LomljOwl1WTrplUT8wgAYJKoZIhvcNAQcBMB0GCWCGSAFl"
-            + "AwQBAgQQzXjms16Y69S/rB0EbHqRMaCABBAFmc/QdVW6LTKdEy97kaZzBBBa"
-            + "fQuviUS03NycpojELx0bAAAAAAAAAAAAAA==");
-
-    private byte[] ecKeyAgreeMsgDESEDE = Base64.decode(
-        "MIAGCSqGSIb3DQEHA6CAMIACAQIxgcahgcMCAQOgQ6FBMAsGByqGSM49AgEF"
-            + "AAMyAALIici6Nx1WN5f0ThH2A8ht9ovm0thpC5JK54t73E1RDzCifePaoQo0"
-            + "xd6sUqoyGaYwHAYJK4EFEIZIPwACMA8GCyqGSIb3DQEJEAMGBQAwWzBZMC0w"
-            + "KDETMBEGA1UEAxMKQWRtaW4tTURTRTERMA8GA1UEChMINEJDVC0ySUQCAQEE"
-            + "KJuqZQ1NB1vXrKPOnb4TCpYOsdm6GscWdwAAZlm2EHMp444j0s55J9wwgAYJ"
-            + "KoZIhvcNAQcBMBQGCCqGSIb3DQMHBAjwnsDMsafCrKCABBjyPvqFOVMKxxut"
-            + "VfTx4fQlNGJN8S2ATRgECMcTQ/dsmeViAAAAAAAAAAAAAA==");
-
-    private byte[] ecMQVKeyAgreeMsgAES128 = Base64.decode(
-        "MIAGCSqGSIb3DQEHA6CAMIACAQIxgf2hgfoCAQOgQ6FBMAsGByqGSM49AgEF"
-            + "AAMyAAPDKU+0H58tsjpoYmYCInMr/FayvCCkupebgsnpaGEB7qS9vzcNVUj6"
-            + "mrnmiC2grpmhRwRFMEMwQTALBgcqhkjOPQIBBQADMgACZpD13z9c7DzRWx6S"
-            + "0xdbq3S+EJ7vWO+YcHVjTD8NcQDcZcWASW899l1PkL936zsuMBoGCSuBBRCG"
-            + "SD8AEDANBglghkgBZQMEAQUFADBLMEkwLTAoMRMwEQYDVQQDEwpBZG1pbi1N"
-            + "RFNFMREwDwYDVQQKEwg0QkNULTJJRAIBAQQYFq58L71nyMK/70w3nc6zkkRy"
-            + "RL7DHmpZMIAGCSqGSIb3DQEHATAdBglghkgBZQMEAQIEEDzRUpreBsZXWHBe"
-            + "onxOtSmggAQQ7csAZXwT1lHUqoazoy8bhAQQq+9Zjj8iGdOWgyebbfj67QAA"
-            + "AAAAAAAAAAA=");
-
-
-    private byte[] ecKeyAgreeKey = Base64.decode(
-        "MIG2AgEAMBAGByqGSM49AgEGBSuBBAAiBIGeMIGbAgEBBDC8vp7xVTbKSgYVU5Wc"
-            + "hGkWbzaj+yUFETIWP1Dt7+WSpq3ikSPdl7PpHPqnPVZfoIWhZANiAgSYHTgxf+Dd"
-            + "Tt84dUvuSKkFy3RhjxJmjwIscK6zbEUzKhcPQG2GHzXhWK5x1kov0I74XpGhVkya"
-            + "ElH5K6SaOXiXAzcyNGggTOk4+ZFnz5Xl0pBje3zKxPhYu0SnCw7Pcqw=");
-
-    private byte[] bobPrivRsaEncrypt = Base64.decode(
-        "MIIChQIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBAKnhZ5g/OdVf"
-            + "8qCTQV6meYmFyDVdmpFb+x0B2hlwJhcPvaUi0DWFbXqYZhRBXM+3twg7CcmR"
-            + "uBlpN235ZR572akzJKN/O7uvRgGGNjQyywcDWVL8hYsxBLjMGAgUSOZPHPtd"
-            + "YMTgXB9T039T2GkB8QX4enDRvoPGXzjPHCyqaqfrAgMBAAECgYBnzUhMmg2P"
-            + "mMIbZf8ig5xt8KYGHbztpwOIlPIcaw+LNd4Ogngwy+e6alatd8brUXlweQqg"
-            + "9P5F4Kmy9Bnah5jWMIR05PxZbMHGd9ypkdB8MKCixQheIXFD/A0HPfD6bRSe"
-            + "TmPwF1h5HEuYHD09sBvf+iU7o8AsmAX2EAnYh9sDGQJBANDDIsbeopkYdo+N"
-            + "vKZ11mY/1I1FUox29XLE6/BGmvE+XKpVC5va3Wtt+Pw7PAhDk7Vb/s7q/WiE"
-            + "I2Kv8zHCueUCQQDQUfweIrdb7bWOAcjXq/JY1PeClPNTqBlFy2bKKBlf4hAr"
-            + "84/sajB0+E0R9KfEILVHIdxJAfkKICnwJAiEYH2PAkA0umTJSChXdNdVUN5q"
-            + "SO8bKlocSHseIVnDYDubl6nA7xhmqU5iUjiEzuUJiEiUacUgFJlaV/4jbOSn"
-            + "I3vQgLeFAkEAni+zN5r7CwZdV+EJBqRd2ZCWBgVfJAZAcpw6iIWchw+dYhKI"
-            + "FmioNRobQ+g4wJhprwMKSDIETukPj3d9NDAlBwJAVxhn1grStavCunrnVNqc"
-            + "BU+B1O8BiR4yPWnLMcRSyFRVJQA7HCp8JlDV6abXd8vPFfXuC9WN7rOvTKF8"
-            + "Y0ZB9qANMAsGA1UdDzEEAwIAEA==");
-
-    private byte[] rfc4134ex5_1 = Base64.decode(
-        "MIIBHgYJKoZIhvcNAQcDoIIBDzCCAQsCAQAxgcAwgb0CAQAwJjASMRAwDgYD"
-            + "VQQDEwdDYXJsUlNBAhBGNGvHgABWvBHTbi7NXXHQMA0GCSqGSIb3DQEBAQUA"
-            + "BIGAC3EN5nGIiJi2lsGPcP2iJ97a4e8kbKQz36zg6Z2i0yx6zYC4mZ7mX7FB"
-            + "s3IWg+f6KgCLx3M1eCbWx8+MDFbbpXadCDgO8/nUkUNYeNxJtuzubGgzoyEd"
-            + "8Ch4H/dd9gdzTd+taTEgS0ipdSJuNnkVY4/M652jKKHRLFf02hosdR8wQwYJ"
-            + "KoZIhvcNAQcBMBQGCCqGSIb3DQMHBAgtaMXpRwZRNYAgDsiSf8Z9P43LrY4O"
-            + "xUk660cu1lXeCSFOSOpOJ7FuVyU=");
-
-    private byte[] rfc4134ex5_2 = Base64.decode(
-        "MIIBZQYJKoZIhvcNAQcDoIIBVjCCAVICAQIxggEAMIG9AgEAMCYwEjEQMA4G"
-            + "A1UEAxMHQ2FybFJTQQIQRjRrx4AAVrwR024uzV1x0DANBgkqhkiG9w0BAQEF"
-            + "AASBgJQmQojGi7Z4IP+CVypBmNFoCDoEp87khtgyff2N4SmqD3RxPx+8hbLQ"
-            + "t9i3YcMwcap+aiOkyqjMalT03VUC0XBOGv+HYI3HBZm/aFzxoq+YOXAWs5xl"
-            + "GerZwTOc9j6AYlK4qXvnztR5SQ8TBjlzytm4V7zg+TGrnGVNQBNw47Ewoj4C"
-            + "AQQwDQQLTWFpbExpc3RSQzIwEAYLKoZIhvcNAQkQAwcCAToEGHcUr5MSJ/g9"
-            + "HnJVHsQ6X56VcwYb+OfojTBJBgkqhkiG9w0BBwEwGgYIKoZIhvcNAwIwDgIC"
-            + "AKAECJwE0hkuKlWhgCBeKNXhojuej3org9Lt7n+wWxOhnky5V50vSpoYRfRR"
-            + "yw==");
-
-    private byte[] tooShort3DES = Base64.decode(
-        "MIAGCSqGSIb3DQEHA6CAMIACAQAxgcQwgcECAQAwKjAlMRYwFAYDVQQKDA1C" +
-            "b3VuY3kgQ2FzdGxlMQswCQYDVQQGEwJBVQIBCjANBgkqhkiG9w0BAQEFAASB" +
-            "gJIM2QN0o6iv8Ux018pVCJ8js+ROV4t6+KoMwLJ4DzRKLU8XCAb9BS+crP+F" +
-            "ghNTxTpTX8TaxPrO4wV0USgVHu2SvFnxNaWZjBDVIyZI2HR4QkSTqFMhsUB2" +
-            "6CuZIWBZkhqQ6ruDfvn9UuBWVnfsBD4iryZ1idr713sDeVo5TyvTMIAGCSqG" +
-            "SIb3DQEHATAUBggqhkiG9w0DBwQIQq9e4+WB3CqggAQIwU4cOlmkWUcAAAAA" +
-            "AAAAAAAA");
-
-    private byte[] tooShort3DESKey = Base64.decode(
-        "MIICdwIBADANBgkqhkiG9w0BAQEFAASCAmEwggJdAgEAAoGBAODZDCj0nQdV" +
-            "f0GGeFsPjjvPx1Vem0V6IkJ4SzazGKfddk0pX58ZDCnG+S+OPiXmPDqValiu" +
-            "9FtNy2/r9rrf/6qtcVQJkfSJv9E5Y7HgI98L/Y9lKxZWsfRqu/SlYO5zx0Dc" +
-            "2rzDvvZRtrtaq0uuHXWJlbWda2L9S65sv/Le/zvjAgMBAAECgYEAnn+iGMTG" +
-            "ZMMaH6Cg+t/uTa9cPougPMuplt2hd3+sY7izihUeONK5RkHiqmlE2gaAcnOd" +
-            "McKysiIWxGC73mPEnsOObPkaFlneVb5CtjTaTMdptuLNEQkwvtKhuW2HnMra" +
-            "4afEgFZdll3FyRpvW/CDooe4Bppjd4aGn/Sr/o9nOzECQQD4QKLwZssuclji" +
-            "nD/8gU1CqGMMnGNogTMpHm1269HUOE7r1y3MuapUqSWsVhpuEQ8P/Tko0haJ" +
-            "jeZn2eWTbZu/AkEA591snui8FMeGvkRgvyMFNvXZWDEjsh+N74XEL1lykTgZ" +
-            "FQJ+cmThnrdM/8yj1dKkdASYrk5kFJ4PVE6CzDI43QJAFS22eNncJZc9u/9m" +
-            "eg0x4SjqYk4JMQYsripZXlbZ7Mfs+7O8xYVlYZmYjC5ATPmJlmyc7r2VjKCd" +
-            "cmilbEFikwJBAMh7yf8BaBdjitubzjeW9VxXaa37F01eQWD5PfBfHFP6uJ1V" +
-            "AbayCfAtuHN6I7OwJih3DPmyqJC3NrQECs67IjUCQAb4TfVE/2G1s66SGnb4" +
-            "no34BspoV/i4f0uLhJap84bTHcF/ZRSXCmQOCRGdSvQkXHeNPI5Lus6lOHuU" +
-            "vUDbQC8=");
-
-    // from RFC 4490
-
-    private byte[] gost3410_RecipCert = Base64.decode(
-        "MIIB0DCCAX8CECv1xh7CEb0Xx9zUYma0LiEwCAYGKoUDAgIDMG0xHzAdBgNVBAMM" +
-            "Fkdvc3RSMzQxMC0yMDAxIGV4YW1wbGUxEjAQBgNVBAoMCUNyeXB0b1BybzELMAkG" +
-            "A1UEBhMCUlUxKTAnBgkqhkiG9w0BCQEWGkdvc3RSMzQxMC0yMDAxQGV4YW1wbGUu" +
-            "Y29tMB4XDTA1MDgxNjE0MTgyMFoXDTE1MDgxNjE0MTgyMFowbTEfMB0GA1UEAwwW" +
-            "R29zdFIzNDEwLTIwMDEgZXhhbXBsZTESMBAGA1UECgwJQ3J5cHRvUHJvMQswCQYD" +
-            "VQQGEwJSVTEpMCcGCSqGSIb3DQEJARYaR29zdFIzNDEwLTIwMDFAZXhhbXBsZS5j" +
-            "b20wYzAcBgYqhQMCAhMwEgYHKoUDAgIkAAYHKoUDAgIeAQNDAARAhJVodWACGkB1" +
-            "CM0TjDGJLP3lBQN6Q1z0bSsP508yfleP68wWuZWIA9CafIWuD+SN6qa7flbHy7Df" +
-            "D2a8yuoaYDAIBgYqhQMCAgMDQQA8L8kJRLcnqeyn1en7U23Sw6pkfEQu3u0xFkVP" +
-            "vFQ/3cHeF26NG+xxtZPz3TaTVXdoiYkXYiD02rEx1bUcM97i");
-
-    private byte[] gost3410_2001_KeyTrans = Base64.decode(
-        "MIIBpwYJKoZIhvcNAQcDoIIBmDCCAZQCAQAxggFTMIIBTwIBADCBgTBtMR8wHQYD" +
-            "VQQDDBZHb3N0UjM0MTAtMjAwMSBleGFtcGxlMRIwEAYDVQQKDAlDcnlwdG9Qcm8x" +
-            "CzAJBgNVBAYTAlJVMSkwJwYJKoZIhvcNAQkBFhpHb3N0UjM0MTAtMjAwMUBleGFt" +
-            "cGxlLmNvbQIQK/XGHsIRvRfH3NRiZrQuITAcBgYqhQMCAhMwEgYHKoUDAgIkAAYH" +
-            "KoUDAgIeAQSBpzCBpDAoBCBqL6ghBpVon5/kR6qey2EVK35BYLxdjfv1PSgbGJr5" +
-            "dQQENm2Yt6B4BgcqhQMCAh8BoGMwHAYGKoUDAgITMBIGByqFAwICJAAGByqFAwIC" +
-            "HgEDQwAEQE0rLzOQ5tyj3VUqzd/g7/sx93N+Tv+/eImKK8PNMZQESw5gSJYf28dd" +
-            "Em/askCKd7W96vLsNMsjn5uL3Z4SwPYECJeV4ywrrSsMMDgGCSqGSIb3DQEHATAd" +
-            "BgYqhQMCAhUwEwQIvBCLHwv/NCkGByqFAwICHwGADKqOch3uT7Mu4w+hNw==");
-
-    private byte[] gost3410_2001_KeyAgree = Base64.decode(
-        "MIIBpAYJKoZIhvcNAQcDoIIBlTCCAZECAQIxggFQoYIBTAIBA6BloWMwHAYGKoUD" +
-            "AgITMBIGByqFAwICJAAGByqFAwICHgEDQwAEQLNVOfRngZcrpcTZhB8n+4HtCDLm" +
-            "mtTyAHi4/4Nk6tIdsHg8ff4DwfQG5DvMFrnF9vYZNxwXuKCqx9GhlLOlNiChCgQI" +
-            "L/D20YZLMoowHgYGKoUDAgJgMBQGByqFAwICDQAwCQYHKoUDAgIfATCBszCBsDCB" +
-            "gTBtMR8wHQYDVQQDDBZHb3N0UjM0MTAtMjAwMSBleGFtcGxlMRIwEAYDVQQKDAlD" +
-            "cnlwdG9Qcm8xCzAJBgNVBAYTAlJVMSkwJwYJKoZIhvcNAQkBFhpHb3N0UjM0MTAt" +
-            "MjAwMUBleGFtcGxlLmNvbQIQK/XGHsIRvRfH3NRiZrQuIQQqMCgEIBajHOfOTukN" +
-            "8ex0aQRoHsefOu24Ox8dSn75pdnLGdXoBAST/YZ+MDgGCSqGSIb3DQEHATAdBgYq" +
-            "hQMCAhUwEwQItzXhegc1oh0GByqFAwICHwGADDmxivS/qeJlJbZVyQ==");
-
-    public byte[] gost2001_Rand_Cert = Base64.decode(
-        "MIIELDCCA9ugAwIBAgIENqPHFzAIBgYqhQMCAgMwgckxCzAJBgNVBAYTAlJVMSAwHgYDVQQIDBfQoS7Qn9C40YLQtdGA0LHR" +
-            "g9GA0LPRijEfMB0GA1UECgwW0KHQvtCy0YDQtdC80LXQvdC90LjQujEfMB0GA1UECwwW0KDRg9C60L7QstC+0LTRgdGC0LLQ" +
-            "vjEZMBcGA1UEDAwQ0KDQtdC00LDQutGC0L7RgDE7MDkGA1UEAwwy0J/Rg9GI0LrQuNC9INCQ0LvQtdC60YHQsNC90LTRgCDQ" +
-            "odC10YDQs9C10LXQstC40YcwHhcNMTcwNzE1MTQwMDAwWhcNMzcwNzE1MTQwMDAwWjCByTELMAkGA1UEBhMCUlUxIDAeBgNV" +
-            "BAgMF9ChLtCf0LjRgtC10YDQsdGD0YDQs9GKMR8wHQYDVQQKDBbQodC+0LLRgNC10LzQtdC90L3QuNC6MR8wHQYDVQQLDBbQ" +
-            "oNGD0LrQvtCy0L7QtNGB0YLQstC+MRkwFwYDVQQMDBDQoNC10LTQsNC60YLQvtGAMTswOQYDVQQDDDLQn9GD0YjQutC40L0g" +
-            "0JDQu9C10LrRgdCw0L3QtNGAINCh0LXRgNCz0LXQtdCy0LjRhzBjMBwGBiqFAwICEzASBgcqhQMCAiQABgcqhQMCAh4BA0MA" +
-            "BEC0WD4VzaInvp+WfjF+XIdZeWMrNSJVxUM6d/acwVMPwetEBtr1U82Cgf2U5eoz6eHxaLsAVG+qbiiMwV/4GKsao4IBpTCC" +
-            "AaEwDgYDVR0PAQH/BAQDAgH+MGMGA1UdJQRcMFoGCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggr" +
-            "BgEFBQcDBQYIKwYBBQUHAwYGCCsGAQUFBwMHBggrBgEFBQcDCAYIKwYBBQUHAwkwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E" +
-            "FgQUqcUQmyYjxhQ9t5JX327oLxMjtkcwgfkGA1UdIwSB8TCB7oAUqcUQmyYjxhQ9t5JX327oLxMjtkehgc+kgcwwgckxCzAJ" +
-            "BgNVBAYTAlJVMSAwHgYDVQQIDBfQoS7Qn9C40YLQtdGA0LHRg9GA0LPRijEfMB0GA1UECgwW0KHQvtCy0YDQtdC80LXQvdC9" +
-            "0LjQujEfMB0GA1UECwwW0KDRg9C60L7QstC+0LTRgdGC0LLQvjEZMBcGA1UEDAwQ0KDQtdC00LDQutGC0L7RgDE7MDkGA1UE" +
-            "Awwy0J/Rg9GI0LrQuNC9INCQ0LvQtdC60YHQsNC90LTRgCDQodC10YDQs9C10LXQstC40YeCBDajxxcwCAYGKoUDAgIDA0EA" +
-            "2rrXsssEqxuRPtVRa+vlrgoXUa9WV+24uZ1LzsiMehSOv/pUo7kJZwoA5VCedJw0C8dce6Uc6lDJkNzpHN40hA=="
-    );
-
-    public byte[] gost2001_Rand_Key = Base64.decode(
-        "MEUCAQAwHAYGKoUDAgJiMBIGByqFAwICJAAGByqFAwICHgEEIgQgDWFcH/5KjwIwXrMdyO5CBnJdoOVtKp7WMb4EIljc+K4="
-    );
-
-    public byte[] gost2001_Rand_Msg = Base64.decode(
-        "MIIB+AYJKoZIhvcNAQcDoIIB6TCCAeUCAQAxggGkMIIBoAIBADCB0jCByTELMAkGA1UEBhMCUlUxIDAeBgNVBAgMF9ChLtCf" +
-            "0LjRgtC10YDQsdGD0YDQs9GKMR8wHQYDVQQKDBbQodC+0LLRgNC10LzQtdC90L3QuNC6MR8wHQYDVQQLDBbQoNGD0LrQvtCy" +
-            "0L7QtNGB0YLQstC+MRkwFwYDVQQMDBDQoNC10LTQsNC60YLQvtGAMTswOQYDVQQDDDLQn9GD0YjQutC40L0g0JDQu9C10LrR" +
-            "gdCw0L3QtNGAINCh0LXRgNCz0LXQtdCy0LjRhwIENqPHFzAcBgYqhQMCAhMwEgYHKoUDAgIkAAYHKoUDAgIeAQSBpzCBpDAo" +
-            "BCCbkNQAmR9ny2u5W8MvFHs8iO91uA2iCy+2nccpwOQ0agQE9BJtXaB4BgcqhQMCAh8BoGMwHAYGKoUDAgITMBIGByqFAwIC" +
-            "JAAGByqFAwICHgEDQwAEQOeSFV7jo7EvygKSgHH79eel7sgWu0yW4swAK81Pw8jHMazuL6SpTUqUWNPW1jf4aFFHQAQmrxWV" +
-            "maCQn7gSJl8ECFgM3TO2P26NMDgGCSqGSIb3DQEHATAdBgYqhQMCAhUwEwQIC4ytWGecO5AGByqFAwICHwGADIzrpurLkuk0" +
-            "xGGidg=="
-    );
-
-    public byte[] gost2001_Rand_Sender_Cert = Base64.decode(
-        "MIIERTCCA/SgAwIBAgIEUu7tIDAIBgYqhQMCAgMwgdExCzAJBgNVBAYTAlJVMSAwHgYDVQQIDBfQoS7Qn9C40YLQtdGA0LHR" +
-            "g9GA0LPRijEfMB0GA1UECgwW0KHQvtCy0YDQtdC80LXQvdC90LjQujEoMCYGA1UECwwf0JTQtdC50YHRgtCy0YPRjtGJ0LjQ" +
-            "tSDQu9C40YbQsDEtMCsGA1UEDAwk0KTQuNC70L7RgdC+0LIg0Lgg0L/Rg9Cx0LvQuNGG0LjRgdGCMSYwJAYDVQQDDB3QldCy" +
-            "0LPQtdC90ZbQuSDQntC90aPQs9C40L3RijAeFw0xNzA3MTYxNDAwMDBaFw0zNzA3MTYxNDAwMDBaMIHRMQswCQYDVQQGEwJS" +
-            "VTEgMB4GA1UECAwX0KEu0J/QuNGC0LXRgNCx0YPRgNCz0YoxHzAdBgNVBAoMFtCh0L7QstGA0LXQvNC10L3QvdC40LoxKDAm" +
-            "BgNVBAsMH9CU0LXQudGB0YLQstGD0Y7RidC40LUg0LvQuNGG0LAxLTArBgNVBAwMJNCk0LjQu9C+0YHQvtCyINC4INC/0YPQ" +
-            "sdC70LjRhtC40YHRgjEmMCQGA1UEAwwd0JXQstCz0LXQvdGW0Lkg0J7QvdGj0LPQuNC90YowYzAcBgYqhQMCAhMwEgYHKoUD" +
-            "AgIkAAYHKoUDAgIeAQNDAARAM++vMY04j9Bvcn71wM9atNkRo4lCixrOR82HncQbwnyBS6R0BqRmL+Q32TzEYpslzRkQnj/z" +
-            "yORa31QVSRghQaOCAa4wggGqMA4GA1UdDwEB/wQEAwIB/jBjBgNVHSUEXDBaBggrBgEFBQcDAQYIKwYBBQUHAwIGCCsGAQUF" +
-            "BwMDBggrBgEFBQcDBAYIKwYBBQUHAwUGCCsGAQUFBwMGBggrBgEFBQcDBwYIKwYBBQUHAwgGCCsGAQUFBwMJMA8GA1UdEwEB" +
-            "/wQFMAMBAf8wHQYDVR0OBBYEFCLkv9o8dmaV1StuS8QFO64FJXXXMIIBAQYDVR0jBIH5MIH2gBQi5L/aPHZmldUrbkvEBTuu" +
-            "BSV116GB16SB1DCB0TELMAkGA1UEBhMCUlUxIDAeBgNVBAgMF9ChLtCf0LjRgtC10YDQsdGD0YDQs9GKMR8wHQYDVQQKDBbQ" +
-            "odC+0LLRgNC10LzQtdC90L3QuNC6MSgwJgYDVQQLDB/QlNC10LnRgdGC0LLRg9GO0YnQuNC1INC70LjRhtCwMS0wKwYDVQQM" +
-            "DCTQpNC40LvQvtGB0L7QsiDQuCDQv9GD0LHQu9C40YbQuNGB0YIxJjAkBgNVBAMMHdCV0LLQs9C10L3RltC5INCe0L3Ro9Cz" +
-            "0LjQvdGKggRS7u0gMAgGBiqFAwICAwNBAIMLOOeDFPnrGkC/QG/pvLRZhEeiVkGVgy/h5WJancJDouHzedhI+mJqBFEYRoIy" +
-            "4KP5Q93Bf1NClXwIfnTOxWo="
-    );
-
-    public byte[] gost2001_Rand_Sender_Key = Base64.decode(
-        "MEUCAQAwHAYGKoUDAgJiMBIGByqFAwICJAAGByqFAwICHgEEIgQgGmpna37puqaRGBZjUAX5UfWaL67C9rvxCpOIexI0KUM="
-    );
-
-    public byte[] gost2001_Rand_Reci_Cert = Base64.decode(
-        "MIIELDCCA9ugAwIBAgIERMAcpzAIBgYqhQMCAgMwgckxCzAJBgNVBAYTAlJVMSAwHgYDVQQIDBfQoS7Qn9C40YLQtdGA0LHR" +
-            "g9GA0LPRijEfMB0GA1UECgwW0KHQvtCy0YDQtdC80LXQvdC90LjQujEfMB0GA1UECwwW0KDRg9C60L7QstC+0LTRgdGC0LLQ" +
-            "vjEZMBcGA1UEDAwQ0KDQtdC00LDQutGC0L7RgDE7MDkGA1UEAwwy0J/Rg9GI0LrQuNC9INCQ0LvQtdC60YHQsNC90LTRgCDQ" +
-            "odC10YDQs9C10LXQstC40YcwHhcNMTcwNzE2MTQwMDAwWhcNMzcwNzE2MTQwMDAwWjCByTELMAkGA1UEBhMCUlUxIDAeBgNV" +
-            "BAgMF9ChLtCf0LjRgtC10YDQsdGD0YDQs9GKMR8wHQYDVQQKDBbQodC+0LLRgNC10LzQtdC90L3QuNC6MR8wHQYDVQQLDBbQ" +
-            "oNGD0LrQvtCy0L7QtNGB0YLQstC+MRkwFwYDVQQMDBDQoNC10LTQsNC60YLQvtGAMTswOQYDVQQDDDLQn9GD0YjQutC40L0g" +
-            "0JDQu9C10LrRgdCw0L3QtNGAINCh0LXRgNCz0LXQtdCy0LjRhzBjMBwGBiqFAwICEzASBgcqhQMCAiQABgcqhQMCAh4BA0MA" +
-            "BEA6Dzd7VQJA7712CfHiH4L0TVcaH+iLJ6vHkfdgAvS+8mGt/L2H9qQP7O41SgDKQqtfrr+tHDig7/ft5Bl1TFNoo4IBpTCC" +
-            "AaEwDgYDVR0PAQH/BAQDAgH+MGMGA1UdJQRcMFoGCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwMGCCsGAQUFBwMEBggr" +
-            "BgEFBQcDBQYIKwYBBQUHAwYGCCsGAQUFBwMHBggrBgEFBQcDCAYIKwYBBQUHAwkwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4E" +
-            "FgQU8ZLn4r4PajaqWCwLYW6XauO3XsgwgfkGA1UdIwSB8TCB7oAU8ZLn4r4PajaqWCwLYW6XauO3Xsihgc+kgcwwgckxCzAJ" +
-            "BgNVBAYTAlJVMSAwHgYDVQQIDBfQoS7Qn9C40YLQtdGA0LHRg9GA0LPRijEfMB0GA1UECgwW0KHQvtCy0YDQtdC80LXQvdC9" +
-            "0LjQujEfMB0GA1UECwwW0KDRg9C60L7QstC+0LTRgdGC0LLQvjEZMBcGA1UEDAwQ0KDQtdC00LDQutGC0L7RgDE7MDkGA1UE" +
-            "Awwy0J/Rg9GI0LrQuNC9INCQ0LvQtdC60YHQsNC90LTRgCDQodC10YDQs9C10LXQstC40YeCBETAHKcwCAYGKoUDAgIDA0EA" +
-            "Ul4Y7XAhFUEoTUwdue+wbyxk86SpIFwC6NuVjTSIF3F9ACxfz2N6iwHaRv6GTVRIAEjj5G/rhdxRivvC8hU4QQ=="
-    );
-
-    public byte[] gost2001_Rand_Reci_Key = Base64.decode(
-        "MEUCAQAwHAYGKoUDAgJiMBIGByqFAwICJAAGByqFAwICHgEEIgQg5oDAn/BdWX4RSfHeqZyHAo/CNAy+2a0Jq3Z922cYeSQ="
-    );
-
-    public byte[] gost2001_Rand_Gen_Msg = Base64.decode(
-        "MIICAQYJKoZIhvcNAQcDoIIB8jCCAe4CAQAxggGtoYIBqQIBA6BloWMwHAYGKoUDAgITMBIGByqFAwICJAAGByqFAwICHgED" +
-            "QwAEQDPvrzGNOI/Qb3J+9cDPWrTZEaOJQosazkfNh53EG8J8gUukdAakZi/kN9k8xGKbJc0ZEJ4/88jkWt9UFUkYIUGhCgQI" +
-            "SQHkq1IzGZ8wKAYGKoUDAgJgMB4GByqFAwICDQEwEwYHKoUDAgIfAQQISQHkq1IzGZ8wggEFMIIBATCB0jCByTELMAkGA1UE" +
-            "BhMCUlUxIDAeBgNVBAgMF9ChLtCf0LjRgtC10YDQsdGD0YDQs9GKMR8wHQYDVQQKDBbQodC+0LLRgNC10LzQtdC90L3QuNC6" +
-            "MR8wHQYDVQQLDBbQoNGD0LrQvtCy0L7QtNGB0YLQstC+MRkwFwYDVQQMDBDQoNC10LTQsNC60YLQvtGAMTswOQYDVQQDDDLQ" +
-            "n9GD0YjQutC40L0g0JDQu9C10LrRgdCw0L3QtNGAINCh0LXRgNCz0LXQtdCy0LjRhwIERMAcpwQqMCgEIA4jC8qro8xNnn+R" +
-            "JTNYpV8dSdw82e/pnqnyo21o+qZkBAT9DaUDMDgGCSqGSIb3DQEHATAdBgYqhQMCAhUwEwQIziBZysW+ewMGByqFAwICHwGA" +
-            "DFKaSCs2xd4ef/khFQ=="
-    );
-
-    public byte[] gost2012_Sender_Cert = Base64.decode(
-        "MIIETDCCA/mgAwIBAgIEB/tRdzAKBggqhQMHAQEDAjCB0TELMAkGA1UEBhMCUlUxIDAeBgNVBAgMF9ChLtCf0LjRgtC10YDQ" +
-            "sdGD0YDQs9GKMR8wHQYDVQQKDBbQodC+0LLRgNC10LzQtdC90L3QuNC6MSgwJgYDVQQLDB/QlNC10LnRgdGC0LLRg9GO0YnQ" +
-            "uNC1INC70LjRhtCwMS0wKwYDVQQMDCTQpNC40LvQvtGB0L7QsiDQuCDQv9GD0LHQu9C40YbQuNGB0YIxJjAkBgNVBAMMHdCV" +
-            "0LLQs9C10L3RltC5INCe0L3Ro9Cz0LjQvdGKMB4XDTE3MDcxNTE0MDAwMFoXDTM3MDcxNTE0MDAwMFowgdExCzAJBgNVBAYT" +
-            "AlJVMSAwHgYDVQQIDBfQoS7Qn9C40YLQtdGA0LHRg9GA0LPRijEfMB0GA1UECgwW0KHQvtCy0YDQtdC80LXQvdC90LjQujEo" +
-            "MCYGA1UECwwf0JTQtdC50YHRgtCy0YPRjtGJ0LjQtSDQu9C40YbQsDEtMCsGA1UEDAwk0KTQuNC70L7RgdC+0LIg0Lgg0L/R" +
-            "g9Cx0LvQuNGG0LjRgdGCMSYwJAYDVQQDDB3QldCy0LPQtdC90ZbQuSDQntC90aPQs9C40L3RijBmMB8GCCqFAwcBAQEBMBMG" +
-            "ByqFAwICJAAGCCqFAwcBAQICA0MABEAl9XE868NRYm3CQXCPO+BJlVi7kxORfoyRaHyWyKBFf4TYV4eEUF/WjAf3fAqsndp6" +
-            "v1DNqa3KS1R1yqn1Ug4do4IBrjCCAaowDgYDVR0PAQH/BAQDAgH+MGMGA1UdJQRcMFoGCCsGAQUFBwMBBggrBgEFBQcDAgYI" +
-            "KwYBBQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDBQYIKwYBBQUHAwYGCCsGAQUFBwMHBggrBgEFBQcDCAYIKwYBBQUHAwkwDwYD" +
-            "VR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUzhoR/a0hWGOpy6GPEm7LBCJ3dLYwggEBBgNVHSMEgfkwgfaAFM4aEf2tIVhjqcuh" +
-            "jxJuywQid3S2oYHXpIHUMIHRMQswCQYDVQQGEwJSVTEgMB4GA1UECAwX0KEu0J/QuNGC0LXRgNCx0YPRgNCz0YoxHzAdBgNV" +
-            "BAoMFtCh0L7QstGA0LXQvNC10L3QvdC40LoxKDAmBgNVBAsMH9CU0LXQudGB0YLQstGD0Y7RidC40LUg0LvQuNGG0LAxLTAr" +
-            "BgNVBAwMJNCk0LjQu9C+0YHQvtCyINC4INC/0YPQsdC70LjRhtC40YHRgjEmMCQGA1UEAwwd0JXQstCz0LXQvdGW0Lkg0J7Q" +
-            "vdGj0LPQuNC90YqCBAf7UXcwCgYIKoUDBwEBAwIDQQDcFDvbdfUu1087tslF70OeZgLW5QHRtPLUaldE9x1Geu2veJos9fZ7" +
-            "nqISVcd1wrf6FfADt3Tw2pQuG8mVCNUi"
-    );
-
-    public byte[] gost2012_Sender_Key = Base64.decode(
-        "MEgCAQAwHwYIKoUDBwEBBgEwEwYHKoUDAgIkAAYIKoUDBwEBAgIEIgQgYARzlWBWAJLs64jQbYW4UEXqFN/ChtWCSHqRgivT" +
-            "8Ds="
-    );
-
-    public byte[] gost2012_Reci_Cert = Base64.decode(
-        "MIIEMzCCA+CgAwIBAgIEe7X7RjAKBggqhQMHAQEDAjCByTELMAkGA1UEBhMCUlUxIDAeBgNVBAgMF9ChLtCf0LjRgtC10YDQ" +
-            "sdGD0YDQs9GKMR8wHQYDVQQKDBbQodC+0LLRgNC10LzQtdC90L3QuNC6MR8wHQYDVQQLDBbQoNGD0LrQvtCy0L7QtNGB0YLQ" +
-            "stC+MRkwFwYDVQQMDBDQoNC10LTQsNC60YLQvtGAMTswOQYDVQQDDDLQn9GD0YjQutC40L0g0JDQu9C10LrRgdCw0L3QtNGA" +
-            "INCh0LXRgNCz0LXQtdCy0LjRhzAeFw0xNzA3MTUxNDAwMDBaFw0zNzA3MTUxNDAwMDBaMIHJMQswCQYDVQQGEwJSVTEgMB4G" +
-            "A1UECAwX0KEu0J/QuNGC0LXRgNCx0YPRgNCz0YoxHzAdBgNVBAoMFtCh0L7QstGA0LXQvNC10L3QvdC40LoxHzAdBgNVBAsM" +
-            "FtCg0YPQutC+0LLQvtC00YHRgtCy0L4xGTAXBgNVBAwMENCg0LXQtNCw0LrRgtC+0YAxOzA5BgNVBAMMMtCf0YPRiNC60LjQ" +
-            "vSDQkNC70LXQutGB0LDQvdC00YAg0KHQtdGA0LPQtdC10LLQuNGHMGYwHwYIKoUDBwEBAQEwEwYHKoUDAgIkAAYIKoUDBwEB" +
-            "AgIDQwAEQGQ4aJ3On0XqEt62PUfquYCAx0690AzlyE9IO8r5zkNKldvK4THC1IgBHkRzKiewquMm0YuYh76NI01uNjThOjyj" +
-            "ggGlMIIBoTAOBgNVHQ8BAf8EBAMCAf4wYwYDVR0lBFwwWgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDAwYIKwYBBQUH" +
-            "AwQGCCsGAQUFBwMFBggrBgEFBQcDBgYIKwYBBQUHAwcGCCsGAQUFBwMIBggrBgEFBQcDCTAPBgNVHRMBAf8EBTADAQH/MB0G" +
-            "A1UdDgQWBBROPw+FggywJjV9aLLSKz2Cr0BD9zCB+QYDVR0jBIHxMIHugBROPw+FggywJjV9aLLSKz2Cr0BD96GBz6SBzDCB" +
-            "yTELMAkGA1UEBhMCUlUxIDAeBgNVBAgMF9ChLtCf0LjRgtC10YDQsdGD0YDQs9GKMR8wHQYDVQQKDBbQodC+0LLRgNC10LzQ" +
-            "tdC90L3QuNC6MR8wHQYDVQQLDBbQoNGD0LrQvtCy0L7QtNGB0YLQstC+MRkwFwYDVQQMDBDQoNC10LTQsNC60YLQvtGAMTsw" +
-            "OQYDVQQDDDLQn9GD0YjQutC40L0g0JDQu9C10LrRgdCw0L3QtNGAINCh0LXRgNCz0LXQtdCy0LjRh4IEe7X7RjAKBggqhQMH" +
-            "AQEDAgNBAJR6UhzmUlRzlbiCU8IjhrR15c2uFtcHqHaUfiO8XJ2bnOiwxADZbnqlN3Foul6QrTXa5Vu1UbA2hFobJeuDniQ="
-    );
-
-    public byte[] gost2012_Reci_Key = Base64.decode(
-        "MEgCAQAwHwYIKoUDBwEBBgEwEwYHKoUDAgIkAAYIKoUDBwEBAgIEIgQgbtgmrFxhZLQm9H1Gx0+BAVTP6ZVLu20KcmKNzdIh" +
-            "rKc="
-    );
-
-    public byte[] gost2012_Reci_Msg = Base64.decode(
-        "MIICBgYJKoZIhvcNAQcDoIIB9zCCAfMCAQAxggGyoYIBrgIBA6BooWYwHwYIKoUDBwEBAQEwEwYHKoUDAgIkAAYIKoUDBwEB" +
-            "AgIDQwAEQCX1cTzrw1FibcJBcI874EmVWLuTE5F+jJFofJbIoEV/hNhXh4RQX9aMB/d8Cqyd2nq/UM2prcpLVHXKqfVSDh2h" +
-            "CgQIDIhh5975RYMwKgYIKoUDBwEBBgEwHgYHKoUDAgINATATBgcqhQMCAh8BBAgMiGHn3vlFgzCCAQUwggEBMIHSMIHJMQsw" +
-            "CQYDVQQGEwJSVTEgMB4GA1UECAwX0KEu0J/QuNGC0LXRgNCx0YPRgNCz0YoxHzAdBgNVBAoMFtCh0L7QstGA0LXQvNC10L3Q" +
-            "vdC40LoxHzAdBgNVBAsMFtCg0YPQutC+0LLQvtC00YHRgtCy0L4xGTAXBgNVBAwMENCg0LXQtNCw0LrRgtC+0YAxOzA5BgNV" +
-            "BAMMMtCf0YPRiNC60LjQvSDQkNC70LXQutGB0LDQvdC00YAg0KHQtdGA0LPQtdC10LLQuNGHAgR7tftGBCowKAQgLMyx3zUe" +
-            "56F7eAKUAezilo3fxp6M/E+YkVVUDgFadfcEBHMmXJMwOAYJKoZIhvcNAQcBMB0GBiqFAwICFTATBAhJHfyezbxrUQYHKoUD" +
-            "AgIfAYAMLLM89stnSyrWGWSW"
-    );
-
-    public byte[] gost2012_512_Sender_Cert = Base64.decode(
-        "MIIE0jCCBD6gAwIBAgIEMBwU/jAKBggqhQMHAQEDAzCB0TELMAkGA1UEBhMCUlUxIDAeBgNVBAgMF9ChLtCf0LjRgtC10YDQ" +
-            "sdGD0YDQs9GKMR8wHQYDVQQKDBbQodC+0LLRgNC10LzQtdC90L3QuNC6MSgwJgYDVQQLDB/QlNC10LnRgdGC0LLRg9GO0YnQ" +
-            "uNC1INC70LjRhtCwMS0wKwYDVQQMDCTQpNC40LvQvtGB0L7QsiDQuCDQv9GD0LHQu9C40YbQuNGB0YIxJjAkBgNVBAMMHdCV" +
-            "0LLQs9C10L3RltC5INCe0L3Ro9Cz0LjQvdGKMB4XDTE3MDcxNTE0MDAwMFoXDTM3MDcxNTE0MDAwMFowgdExCzAJBgNVBAYT" +
-            "AlJVMSAwHgYDVQQIDBfQoS7Qn9C40YLQtdGA0LHRg9GA0LPRijEfMB0GA1UECgwW0KHQvtCy0YDQtdC80LXQvdC90LjQujEo" +
-            "MCYGA1UECwwf0JTQtdC50YHRgtCy0YPRjtGJ0LjQtSDQu9C40YbQsDEtMCsGA1UEDAwk0KTQuNC70L7RgdC+0LIg0Lgg0L/R" +
-            "g9Cx0LvQuNGG0LjRgdGCMSYwJAYDVQQDDB3QldCy0LPQtdC90ZbQuSDQntC90aPQs9C40L3RijCBqjAhBggqhQMHAQEBAjAV" +
-            "BgkqhQMHAQIBAgEGCCqFAwcBAQIDA4GEAASBgLnNMC1uA9NjhZMyIotCn+4H+iqcTv5paCYmRIuIvWZO7OvUv3u9aWK5Lb0w" +
-            "CH2Imbg/ffZV84xSwbNST83w4IFh8u1mAnf302+uuqt62pBU3VtPOPt3RYRwEABSDuTlBP2VocXa2iP53HM09fxhS/AJ14eR" +
-            "K2oJ4cNpASXDH1mSo4IBrjCCAaowDgYDVR0PAQH/BAQDAgH+MGMGA1UdJQRcMFoGCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYB" +
-            "BQUHAwMGCCsGAQUFBwMEBggrBgEFBQcDBQYIKwYBBQUHAwYGCCsGAQUFBwMHBggrBgEFBQcDCAYIKwYBBQUHAwkwDwYDVR0T" +
-            "AQH/BAUwAwEB/zAdBgNVHQ4EFgQUEImfPZM/dIJULOrK4d/vMchap9kwggEBBgNVHSMEgfkwgfaAFBCJnz2TP3SCVCzqyuHf" +
-            "7zHIWqfZoYHXpIHUMIHRMQswCQYDVQQGEwJSVTEgMB4GA1UECAwX0KEu0J/QuNGC0LXRgNCx0YPRgNCz0YoxHzAdBgNVBAoM" +
-            "FtCh0L7QstGA0LXQvNC10L3QvdC40LoxKDAmBgNVBAsMH9CU0LXQudGB0YLQstGD0Y7RidC40LUg0LvQuNGG0LAxLTArBgNV" +
-            "BAwMJNCk0LjQu9C+0YHQvtCyINC4INC/0YPQsdC70LjRhtC40YHRgjEmMCQGA1UEAwwd0JXQstCz0LXQvdGW0Lkg0J7QvdGj" +
-            "0LPQuNC90YqCBDAcFP4wCgYIKoUDBwEBAwMDgYEAKZRx05mBwO7VIzj1FFJcHlfbHuLF+XZbFZaVfWc32R+KLxBJ0t1RuQ34" +
-            "KtjQhu8/oU2rR/pKcmyHRw3nxJy+DExdj7sWJ01uWH6vBa+nsXS8OzSIg+wb9hlrFy0wZSkQjyNMtSiNg+On1yzFeI2fxuAY" +
-            "OtIKHdqht+V+6M0g8BA="
-    );
-
-    public byte[] gost2012_512_Sender_Key = Base64.decode(
-        "MGoCAQAwIQYIKoUDBwEBBgIwFQYJKoUDBwECAQIBBggqhQMHAQECAwRCBEDYpenYz4GDc/sIGl34Cv1T4xtWDlt7FB28ghXT" +
-            "n4MXm43IvLwW3YclZbRz7V9W5lR0XoftGJ9q3ICv/IN2F+Dr"
-    );
-
-    public byte[] gost2012_512_Reci_Cert = Base64.decode(
-        "MIIEuTCCBCWgAwIBAgIECpLweDAKBggqhQMHAQEDAzCByTELMAkGA1UEBhMCUlUxIDAeBgNVBAgMF9ChLtCf0LjRgtC10YDQ" +
-            "sdGD0YDQs9GKMR8wHQYDVQQKDBbQodC+0LLRgNC10LzQtdC90L3QuNC6MR8wHQYDVQQLDBbQoNGD0LrQvtCy0L7QtNGB0YLQ" +
-            "stC+MRkwFwYDVQQMDBDQoNC10LTQsNC60YLQvtGAMTswOQYDVQQDDDLQn9GD0YjQutC40L0g0JDQu9C10LrRgdCw0L3QtNGA" +
-            "INCh0LXRgNCz0LXQtdCy0LjRhzAeFw0xNzA3MTUxNDAwMDBaFw0zNzA3MTUxNDAwMDBaMIHJMQswCQYDVQQGEwJSVTEgMB4G" +
-            "A1UECAwX0KEu0J/QuNGC0LXRgNCx0YPRgNCz0YoxHzAdBgNVBAoMFtCh0L7QstGA0LXQvNC10L3QvdC40LoxHzAdBgNVBAsM" +
-            "FtCg0YPQutC+0LLQvtC00YHRgtCy0L4xGTAXBgNVBAwMENCg0LXQtNCw0LrRgtC+0YAxOzA5BgNVBAMMMtCf0YPRiNC60LjQ" +
-            "vSDQkNC70LXQutGB0LDQvdC00YAg0KHQtdGA0LPQtdC10LLQuNGHMIGqMCEGCCqFAwcBAQECMBUGCSqFAwcBAgECAQYIKoUD" +
-            "BwEBAgMDgYQABIGAnZAIQhH/2nmSIZWfn+K3ftHGWbx1vrh/IeA43Q/z7h9jVPcVV3Csju92lgL5cnXyBAV90CVGw0/bCu1N" +
-            "CYUpC0EVx5OmTd54fqicmFgZLqEnX6sbCXvpgCdvXhyYl+h7PTGHcuwGsMXZlIKVQLq6quVKh/UI/IfGK5CcPkX0PVCjggGl" +
-            "MIIBoTAOBgNVHQ8BAf8EBAMCAf4wYwYDVR0lBFwwWgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDAwYIKwYBBQUHAwQG" +
-            "CCsGAQUFBwMFBggrBgEFBQcDBgYIKwYBBQUHAwcGCCsGAQUFBwMIBggrBgEFBQcDCTAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud" +
-            "DgQWBBRvBhSgd/YSnT1ldXAE2V92ksV6WzCB+QYDVR0jBIHxMIHugBRvBhSgd/YSnT1ldXAE2V92ksV6W6GBz6SBzDCByTEL" +
-            "MAkGA1UEBhMCUlUxIDAeBgNVBAgMF9ChLtCf0LjRgtC10YDQsdGD0YDQs9GKMR8wHQYDVQQKDBbQodC+0LLRgNC10LzQtdC9" +
-            "0L3QuNC6MR8wHQYDVQQLDBbQoNGD0LrQvtCy0L7QtNGB0YLQstC+MRkwFwYDVQQMDBDQoNC10LTQsNC60YLQvtGAMTswOQYD" +
-            "VQQDDDLQn9GD0YjQutC40L0g0JDQu9C10LrRgdCw0L3QtNGAINCh0LXRgNCz0LXQtdCy0LjRh4IECpLweDAKBggqhQMHAQED" +
-            "AwOBgQDilJAjXm+OK+mkfOk2ij3qKj00+gyFzJbxtk8wKEG7QmvlOPQvywke1pmCh8b1Z48OFOdmfKnTLE/D4AI/MQECUb1h" +
-            "ChUfgfrSw0LY205tqxp6aqDtc2iPI7XHQAKE+jD819zubjCBzVDOiyRXatiRsEtfXPTBvqQdisM4rSw+OQ=="
-
-    );
-
-    public byte[] gost2012_512_Reci_Key = Base64.decode(
-        "MGoCAQAwIQYIKoUDBwEBBgIwFQYJKoUDBwECAQIBBggqhQMHAQECAwRCBEDbd6/MUJS1QjpkwGUCg8OtxzuxiU2qm2VDBDDN" +
-            "ZQ8/GtO12OiysmJHAXS9fpO1TRuyySw0r5r4x2g0NCWtVdQf"
-    );
-
-    public byte[] gost2012_512_Reci_Msg = Base64.decode(
-        "MIICTAYJKoZIhvcNAQcDoIICPTCCAjkCAQAxggH4oYIB9AIBA6CBraGBqjAhBggqhQMHAQEBAjAVBgkqhQMHAQIBAgEGCCqF" +
-            "AwcBAQIDA4GEAASBgLnNMC1uA9NjhZMyIotCn+4H+iqcTv5paCYmRIuIvWZO7OvUv3u9aWK5Lb0wCH2Imbg/ffZV84xSwbNS" +
-            "T83w4IFh8u1mAnf302+uuqt62pBU3VtPOPt3RYRwEABSDuTlBP2VocXa2iP53HM09fxhS/AJ14eRK2oJ4cNpASXDH1mSoQoE" +
-            "CGGh2agBkurNMCoGCCqFAwcBAQYCMB4GByqFAwICDQEwEwYHKoUDAgIfAQQIYaHZqAGS6s0wggEFMIIBATCB0jCByTELMAkG" +
-            "A1UEBhMCUlUxIDAeBgNVBAgMF9ChLtCf0LjRgtC10YDQsdGD0YDQs9GKMR8wHQYDVQQKDBbQodC+0LLRgNC10LzQtdC90L3Q" +
-            "uNC6MR8wHQYDVQQLDBbQoNGD0LrQvtCy0L7QtNGB0YLQstC+MRkwFwYDVQQMDBDQoNC10LTQsNC60YLQvtGAMTswOQYDVQQD" +
-            "DDLQn9GD0YjQutC40L0g0JDQu9C10LrRgdCw0L3QtNGAINCh0LXRgNCz0LXQtdCy0LjRhwIECpLweAQqMCgEIBEN53tKgcd9" +
-            "VW9uczUiwSM0pS/a7/vKIvTIqnIR0E5pBAQ+WRdXMDgGCSqGSIb3DQEHATAdBgYqhQMCAhUwEwQIbDvPAW4Wm0UGByqFAwIC" +
-            "HwGADFMeOJyH3t7YSNgxsA=="
-    );
-
-    public byte[] gost2012_KeyTrans_Reci_Cert = Base64.decode(
-        "MIIEMzCCA+CgAwIBAgIEBSqgszAKBggqhQMHAQEDAjCByTELMAkGA1UEBhMCUlUxIDAeBgNVBAgMF9ChLtCf0LjRgtC10YDQ" +
-            "sdGD0YDQs9GKMR8wHQYDVQQKDBbQodC+0LLRgNC10LzQtdC90L3QuNC6MR8wHQYDVQQLDBbQoNGD0LrQvtCy0L7QtNGB0YLQ" +
-            "stC+MRkwFwYDVQQMDBDQoNC10LTQsNC60YLQvtGAMTswOQYDVQQDDDLQn9GD0YjQutC40L0g0JDQu9C10LrRgdCw0L3QtNGA" +
-            "INCh0LXRgNCz0LXQtdCy0LjRhzAeFw0xNzA3MTYxNDAwMDBaFw0zNzA3MTYxNDAwMDBaMIHJMQswCQYDVQQGEwJSVTEgMB4G" +
-            "A1UECAwX0KEu0J/QuNGC0LXRgNCx0YPRgNCz0YoxHzAdBgNVBAoMFtCh0L7QstGA0LXQvNC10L3QvdC40LoxHzAdBgNVBAsM" +
-            "FtCg0YPQutC+0LLQvtC00YHRgtCy0L4xGTAXBgNVBAwMENCg0LXQtNCw0LrRgtC+0YAxOzA5BgNVBAMMMtCf0YPRiNC60LjQ" +
-            "vSDQkNC70LXQutGB0LDQvdC00YAg0KHQtdGA0LPQtdC10LLQuNGHMGYwHwYIKoUDBwEBAQEwEwYHKoUDAgIkAAYIKoUDBwEB" +
-            "AgIDQwAEQEG5/wUY0LkiqETYAZY6o5mrjwWQNBYbSIKghYgKzLgSv1RCuTEFXRIJQcMG0V80auKVZNty9kcvn9P0IcJpGfGj" +
-            "ggGlMIIBoTAOBgNVHQ8BAf8EBAMCAf4wYwYDVR0lBFwwWgYIKwYBBQUHAwEGCCsGAQUFBwMCBggrBgEFBQcDAwYIKwYBBQUH" +
-            "AwQGCCsGAQUFBwMFBggrBgEFBQcDBgYIKwYBBQUHAwcGCCsGAQUFBwMIBggrBgEFBQcDCTAPBgNVHRMBAf8EBTADAQH/MB0G" +
-            "A1UdDgQWBBQJwiUIQOJNbB0Fzh6ucd3uRE9QzDCB+QYDVR0jBIHxMIHugBQJwiUIQOJNbB0Fzh6ucd3uRE9QzKGBz6SBzDCB" +
-            "yTELMAkGA1UEBhMCUlUxIDAeBgNVBAgMF9ChLtCf0LjRgtC10YDQsdGD0YDQs9GKMR8wHQYDVQQKDBbQodC+0LLRgNC10LzQ" +
-            "tdC90L3QuNC6MR8wHQYDVQQLDBbQoNGD0LrQvtCy0L7QtNGB0YLQstC+MRkwFwYDVQQMDBDQoNC10LTQsNC60YLQvtGAMTsw" +
-            "OQYDVQQDDDLQn9GD0YjQutC40L0g0JDQu9C10LrRgdCw0L3QtNGAINCh0LXRgNCz0LXQtdCy0LjRh4IEBSqgszAKBggqhQMH" +
-            "AQEDAgNBAKLmdCiVR9MWeoC+MNudXGny3l2uDBBttvhTli0gDEaQLnBFyvD+cfSLgsheoz8vwhyqD/6W3ATBMRiGjqNJjQE=");
-
-    public byte[] gost2012_KeyTrans_Reci_Key = Base64.decode(
-        "MEgCAQAwHwYIKoUDBwEBBgEwEwYHKoUDAgIkAAYIKoUDBwEBAgIEIgQgy+dPu0sLqJ/Fokomiu69lRA48HaPNkP7kmzDHOxP" +
-            "QFc="
-    );
-
-    public byte[] gost2012_KeyTrans_Msg = Base64.decode(
-        "MIIB/gYJKoZIhvcNAQcDoIIB7zCCAesCAQAxggGqMIIBpgIBADCB0jCByTELMAkGA1UEBhMCUlUxIDAeBgNVBAgMF9ChLtCf" +
-            "0LjRgtC10YDQsdGD0YDQs9GKMR8wHQYDVQQKDBbQodC+0LLRgNC10LzQtdC90L3QuNC6MR8wHQYDVQQLDBbQoNGD0LrQvtCy" +
-            "0L7QtNGB0YLQstC+MRkwFwYDVQQMDBDQoNC10LTQsNC60YLQvtGAMTswOQYDVQQDDDLQn9GD0YjQutC40L0g0JDQu9C10LrR" +
-            "gdCw0L3QtNGAINCh0LXRgNCz0LXQtdCy0LjRhwIEBSqgszAfBggqhQMHAQEBATATBgcqhQMCAiQABggqhQMHAQECAgSBqjCB" +
-            "pzAoBCBnHA+9wEUh7KIkYlboGbtxRfrTL1oPGU3Tzaw8/khaWgQE+N56jaB7BgcqhQMCAh8BoGYwHwYIKoUDBwEBAQEwEwYH" +
-            "KoUDAgIkAAYIKoUDBwEBAgIDQwAEQMbb4wVWm1EWIIXKDseCNE6JHmS+4fNh2uB+10Isg7g8/1Wvdh66IFir6fyp8NRwwMkU" +
-            "QM0dmAfcpN6M2RSj83wECMCTi+FRlTafMDgGCSqGSIb3DQEHATAdBgYqhQMCAhUwEwQIzZlyAleTrCEGByqFAwICHwGADIO7" +
-            "l43OVnBpGM+FjQ=="
-    );
-
-    public NewEnvelopedDataTest()
-    {
-    }
-
-    public void setUp()
-        throws Exception
-    {
-        init();
-    }
-
-    private static void init()
-        throws Exception
-    {
-        if (!_initialised)
-        {
-            _initialised = true;
-            Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
-
-            _signDN = "O=Bouncy Castle, C=AU";
-            _signKP = CMSTestUtil.makeKeyPair();
-            _signCert = CMSTestUtil.makeCertificate(_signKP, _signDN, _signKP, _signDN);
-
-            _origDN = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU";
-            _origKP = CMSTestUtil.makeKeyPair();
-            _origCert = CMSTestUtil.makeCertificate(_origKP, _origDN, _signKP, _signDN);
-
-            _reciDN = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU";
-            _reciDN2 = "CN=Fred, OU=Sales, O=Bouncy Castle, C=AU";
-            _reciKP = CMSTestUtil.makeKeyPair();
-            _reciCert = CMSTestUtil.makeCertificate(_reciKP, _reciDN, _signKP, _signDN);
-            _reciCertOaep = CMSTestUtil.makeOaepCertificate(_reciKP, _reciDN, _signKP, _signDN);
-
-            _origEcKP = CMSTestUtil.makeEcDsaKeyPair();
-            _reciEcKP = CMSTestUtil.makeEcDsaKeyPair();
-            _reciEcCert = CMSTestUtil.makeCertificate(_reciEcKP, _reciDN, _signKP, _signDN);
-            _reciEcKP2 = CMSTestUtil.makeEcDsaKeyPair();
-            _reciEcCert2 = CMSTestUtil.makeCertificate(_reciEcKP2, _reciDN2, _signKP, _signDN);
-
-            _origDhKP = CMSTestUtil.makeDhKeyPair();
-            _reciDhKP = CMSTestUtil.makeDhKeyPair();
-            _reciDhCert = CMSTestUtil.makeCertificate(_reciDhKP, _reciDN, _signKP, _signDN);
-
-            _reciKemsKP = CMSTestUtil.makeKeyPair();
-            _reciKemsCert = CMSTestUtil.makeCertificate(_reciKemsKP, _reciDN, _signKP, _signDN, new AlgorithmIdentifier(PKCSObjectIdentifiers.id_rsa_KEM));
-        }
-    }
-
-    public static void main(
-        String args[])
-        throws Exception
-    {
-        junit.textui.TestRunner.run(NewEnvelopedDataTest.suite());
-    }
-
-    public static Test suite()
-        throws Exception
-    {
-        init();
-
-        return new CMSTestSetup(new TestSuite(NewEnvelopedDataTest.class));
-    }
-
-    public void testUnprotectedAttributes()
-        throws Exception
-    {
-        byte[] data = "WallaWallaWashington".getBytes();
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-
-        Hashtable attrs = new Hashtable();
-
-        attrs.put(PKCSObjectIdentifiers.id_aa_contentHint, new Attribute(PKCSObjectIdentifiers.id_aa_contentHint, new DERSet(new DERUTF8String("Hint"))));
-        attrs.put(PKCSObjectIdentifiers.id_aa_receiptRequest, new Attribute(PKCSObjectIdentifiers.id_aa_receiptRequest, new DERSet(new DERUTF8String("Request"))));
-
-        AttributeTable attrTable = new AttributeTable(attrs);
-
-        edGen.setUnprotectedAttributeGenerator(new SimpleAttributeTableGenerator(attrTable));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(BC).build());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.DES_EDE3_CBC);
-
-        attrTable = ed.getUnprotectedAttributes();
-
-        assertEquals(attrs.size(), 2);
-
-        assertEquals(new DERUTF8String("Hint"), attrTable.get(PKCSObjectIdentifiers.id_aa_contentHint).getAttrValues().getObjectAt(0));
-        assertEquals(new DERUTF8String("Request"), attrTable.get(PKCSObjectIdentifiers.id_aa_receiptRequest).getAttrValues().getObjectAt(0));
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
-
-            byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()).setProvider(BC));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-    }
-
-    // TODO: add KEMS to provider.
-//    public void testRsaKEMS()
-//        throws Exception
-//    {
-//        byte[]          data     = "WallaWallaWashington".getBytes();
-//
-//        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-//
-//        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciKemsCert).setProvider(BC));
-//
-//        CMSEnvelopedData ed = edGen.generate(
-//                                new CMSProcessableByteArray(data),
-//                                new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(BC).build());
-//
-//        RecipientInformationStore  recipients = ed.getRecipientInfos();
-//
-//
-//        assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.DES_EDE3_CBC);
-//
-//        Collection  c = recipients.getRecipients();
-//
-//        assertEquals(2, c.size());
-//
-//        Iterator    it = c.iterator();
-//
-//        while (it.hasNext())
-//        {
-//            RecipientInformation   recipient = (RecipientInformation)it.next();
-//
-//            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
-//
-//            byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()).setProvider(BC));
-//
-//            assertEquals(true, Arrays.equals(data, recData));
-//        }
-//
-//        RecipientId id = new JceKeyTransRecipientId(_reciCert);
-//
-//        Collection collection = recipients.getRecipients(id);
-//        if (collection.size() != 2)
-//        {
-//            fail("recipients not matched using general recipient ID.");
-//        }
-//        assertTrue(collection.iterator().next() instanceof RecipientInformation);
-//    }
-
-    public void testKeyTrans()
-        throws Exception
-    {
-        byte[] data = "WallaWallaWashington".getBytes();
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(ASN1OctetString.getInstance(ASN1OctetString.getInstance(_reciCert.getExtensionValue(Extension.subjectKeyIdentifier.getId())).getOctets()).getOctets(), _reciCert.getPublicKey()).setProvider(BC));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(BC).build());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-
-        assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.DES_EDE3_CBC);
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(2, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
-
-            byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()).setProvider(BC));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-
-        RecipientId id = new JceKeyTransRecipientId(_reciCert);
-
-        Collection collection = recipients.getRecipients(id);
-        if (collection.size() != 2)
-        {
-            fail("recipients not matched using general recipient ID.");
-        }
-        assertTrue(collection.iterator().next() instanceof RecipientInformation);
-    }
-
-    public void testKeyTransOAEPDefault()
-        throws Exception
-    {
-        byte[] data = "WallaWallaWashington".getBytes();
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-        JcaAlgorithmParametersConverter paramsConverter = new JcaAlgorithmParametersConverter();
-
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert, paramsConverter.getAlgorithmIdentifier(PKCSObjectIdentifiers.id_RSAES_OAEP, OAEPParameterSpec.DEFAULT)).setProvider(BC));
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(ASN1OctetString.getInstance(ASN1OctetString.getInstance(_reciCert.getExtensionValue(Extension.subjectKeyIdentifier.getId())).getOctets()).getOctets(), paramsConverter.getAlgorithmIdentifier(PKCSObjectIdentifiers.id_RSAES_OAEP, OAEPParameterSpec.DEFAULT), _reciCert.getPublicKey()).setProvider(BC));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(BC).build());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-
-        assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.DES_EDE3_CBC);
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(2, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(PKCSObjectIdentifiers.id_RSAES_OAEP, recipient.getKeyEncryptionAlgorithm().getAlgorithm());
-
-            byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()).setProvider(BC));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-
-        RecipientId id = new JceKeyTransRecipientId(_reciCert);
-
-        Collection collection = recipients.getRecipients(id);
-        if (collection.size() != 2)
-        {
-            fail("recipients not matched using general recipient ID.");
-        }
-        assertTrue(collection.iterator().next() instanceof RecipientInformation);
-    }
-
-    public void testKeyTransOAEPSHA1()
-        throws Exception
-    {
-        doTestKeyTransOAEPDefaultNamed("SHA-1");
-    }
-
-    public void testKeyTransOAEPSHA224()
-        throws Exception
-    {
-        doTestKeyTransOAEPDefaultNamed("SHA-224");
-    }
-
-    public void testKeyTransOAEPSHA256()
-        throws Exception
-    {
-        doTestKeyTransOAEPDefaultNamed("SHA-256");
-    }
-
-    public void testKeyTransOAEPSHA1AndSHA256()
-        throws Exception
-    {
-        doTestKeyTransOAEPDefaultNamed("SHA-1", "SHA-256");
-    }
-
-    private void doTestKeyTransOAEPDefaultNamed(String digest)
-        throws Exception
-    {
-        doTestKeyTransOAEPDefaultNamed(digest, digest);
-    }
-
-    private void doTestKeyTransOAEPDefaultNamed(String digest, String mgfDigest)
-        throws Exception
-    {
-        byte[] data = "WallaWallaWashington".getBytes();
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-        JcaAlgorithmParametersConverter paramsConverter = new JcaAlgorithmParametersConverter();
-
-        OAEPParameterSpec oaepSpec = new OAEPParameterSpec(digest, "MGF1", new MGF1ParameterSpec(mgfDigest), new PSource.PSpecified(new byte[]{1, 2, 3, 4, 5}));
-        AlgorithmIdentifier oaepAlgId = paramsConverter.getAlgorithmIdentifier(PKCSObjectIdentifiers.id_RSAES_OAEP, oaepSpec);
-
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert, oaepAlgId).setProvider(BC));
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(ASN1OctetString.getInstance(ASN1OctetString.getInstance(_reciCert.getExtensionValue(Extension.subjectKeyIdentifier.getId())).getOctets()).getOctets(), oaepAlgId, _reciCert.getPublicKey()).setProvider(BC));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(BC).build());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-
-        assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.DES_EDE3_CBC);
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(2, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(PKCSObjectIdentifiers.id_RSAES_OAEP, recipient.getKeyEncryptionAlgorithm().getAlgorithm());
-
-            byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()).setProvider(BC));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-
-        RecipientId id = new JceKeyTransRecipientId(_reciCert);
-
-        Collection collection = recipients.getRecipients(id);
-        if (collection.size() != 2)
-        {
-            fail("recipients not matched using general recipient ID.");
-        }
-        assertTrue(collection.iterator().next() instanceof RecipientInformation);
-    }
-
-    public void testKeyTransOAEPInCert()
-        throws Exception
-    {
-        byte[] data = "WallaWallaWashington".getBytes();
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCertOaep).setProvider(BC));
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(ASN1OctetString.getInstance(ASN1OctetString.getInstance(_reciCertOaep.getExtensionValue(Extension.subjectKeyIdentifier.getId())).getOctets()).getOctets(), _reciCertOaep.getPublicKey()).setProvider(BC));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(BC).build());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-
-        assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.DES_EDE3_CBC);
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(2, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(PKCSObjectIdentifiers.id_RSAES_OAEP, recipient.getKeyEncryptionAlgorithm().getAlgorithm());
-
-            byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()).setProvider(BC));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-
-        RecipientId id = new JceKeyTransRecipientId(_reciCertOaep);
-
-        Collection collection = recipients.getRecipients(id);
-        if (collection.size() != 2)
-        {
-            fail("recipients not matched using general recipient ID.");
-        }
-        assertTrue(collection.iterator().next() instanceof RecipientInformation);
-    }
-
-    public void testKeyTransWithAlgMapping()
-        throws Exception
-    {
-        byte[] data = "WallaWallaWashington".getBytes();
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setAlgorithmMapping(PKCSObjectIdentifiers.rsaEncryption, "RSA/2/PKCS1Padding").setProvider(BC));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(BC).build());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.DES_EDE3_CBC);
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
-
-            byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()).setAlgorithmMapping(PKCSObjectIdentifiers.rsaEncryption, "RSA/2/PKCS1Padding").setProvider(BC));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-
-        RecipientId id = new JceKeyTransRecipientId(_reciCert);
-
-        Collection collection = recipients.getRecipients(id);
-        if (collection.size() != 1)
-        {
-            fail("recipients not matched using general recipient ID.");
-        }
-        assertTrue(collection.iterator().next() instanceof RecipientInformation);
-    }
-
-    public void testOriginatorInfoGeneration()
-        throws Exception
-    {
-        byte[] data = "WallaWallaWashington".getBytes();
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        X509CertificateHolder origCert = new X509CertificateHolder(_origCert.getEncoded());
-
-        edGen.setOriginatorInfo(new OriginatorInfoGenerator(origCert).generate());
-
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(ASN1OctetString.getInstance(ASN1OctetString.getInstance(_reciCert.getExtensionValue(Extension.subjectKeyIdentifier.getId())).getOctets()).getOctets(), _reciCert.getPublicKey()).setProvider(BC));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(BC).build());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-
-        assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.DES_EDE3_CBC);
-
-        assertTrue(ed.getOriginatorInfo().getCertificates().getMatches(null).contains(origCert));
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(2, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
-
-            byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()).setProvider(BC));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-
-        RecipientId id = new JceKeyTransRecipientId(_reciCert);
-
-        Collection collection = recipients.getRecipients(id);
-        if (collection.size() != 2)
-        {
-            fail("recipients not matched using general recipient ID.");
-        }
-        assertTrue(collection.iterator().next() instanceof RecipientInformation);
-    }
-
-    public void testKeyTransRC2bit40()
-        throws Exception
-    {
-        byte[] data = "WallaWallaBouncyCastle".getBytes();
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(CMSAlgorithm.RC2_CBC, 40).setProvider(BC).build());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getContentEncryptionAlgorithm().getAlgorithm(), CMSAlgorithm.RC2_CBC);
-
-        RC2CBCParameter rc2P = RC2CBCParameter.getInstance(ed.getContentEncryptionAlgorithm().getParameters());
-        assertEquals(160, rc2P.getRC2ParameterVersion().intValue());
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()).setProvider(BC));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-    }
-
-    public void testKeyTransRC4()
-        throws Exception
-    {
-        byte[] data = "WallaWallaBouncyCastle".getBytes();
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(new ASN1ObjectIdentifier("1.2.840.113549.3.4")).setProvider(BC).build());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(), "1.2.840.113549.3.4");
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()).setProvider(BC));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-    }
-
-    public void testKeyTrans128RC4()
-        throws Exception
-    {
-        byte[] data = "WallaWallaBouncyCastle".getBytes();
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(new ASN1ObjectIdentifier("1.2.840.113549.3.4"), 128).setProvider(BC).build());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(), "1.2.840.113549.3.4");
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        if (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()).setProvider(BC));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-
-    public void testKeyTransLight128RC4()
-        throws Exception
-    {
-        byte[] data = "WallaWallaBouncyCastle".getBytes();
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new BcRSAKeyTransRecipientInfoGenerator(new JcaX509CertificateHolder(_reciCert)));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(new ASN1ObjectIdentifier("1.2.840.113549.3.4"), 128).setProvider(BC).build());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(), "1.2.840.113549.3.4");
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        if (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()).setProvider(BC));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-
-    public void testKeyTransODES()
-        throws Exception
-    {
-        byte[] data = "WallaWallaBouncyCastle".getBytes();
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(new ASN1ObjectIdentifier("1.3.14.3.2.7")).setProvider(BC).build());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(), "1.3.14.3.2.7");
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        if (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()).setProvider(BC));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-
-    public void testKeyTransSmallAES()
-        throws Exception
-    {
-        byte[] data = new byte[]{0, 1, 2, 3};
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(),
-            CMSEnvelopedDataGenerator.AES128_CBC);
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        if (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()).setProvider(BC));
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-
-    public void testKeyTransDESEDE3Short()
-        throws Exception
-    {
-        byte[] data = new byte[]{0, 1, 2, 3};
-        KeyFactory kf = KeyFactory.getInstance("RSA", BC);
-        PrivateKey kPriv = kf.generatePrivate(new PKCS8EncodedKeySpec(tooShort3DESKey));
-
-        CMSEnvelopedData ed = new CMSEnvelopedData(tooShort3DES);
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.DES_EDE3_CBC);
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        if (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-            try
-            {
-                byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(kPriv).setKeySizeValidation(true).setProvider(BC));
-                fail("invalid 3DES-EDE key not picked up");
-            }
-            catch (CMSException e)
-            {
-                assertEquals("Expected key size for algorithm OID not found in recipient.", e.getMessage());
-            }
-
-            byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(kPriv).setKeySizeValidation(false).setProvider(BC));
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-
-    public void testKeyTransDESEDE3Light()
-        throws Exception
-    {
-        byte[] data = new byte[]{0, 1, 2, 3};
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new BcRSAKeyTransRecipientInfoGenerator(new JcaX509CertificateHolder(_reciCert)));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new BcCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC, 192).build());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.DES_EDE3_CBC);
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        if (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()).setKeySizeValidation(true).setProvider(BC));
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-
-    public void testKeyTransDES()
-        throws Exception
-    {
-        tryKeyTrans(CMSAlgorithm.DES_CBC, CMSAlgorithm.DES_CBC, 8, DEROctetString.class);
-    }
-
-    public void testKeyTransCAST5()
-        throws Exception
-    {
-        tryKeyTrans(CMSAlgorithm.CAST5_CBC, CMSAlgorithm.CAST5_CBC, 16, ASN1Sequence.class);
-    }
-
-    public void testKeyTransAES128()
-        throws Exception
-    {
-        tryKeyTrans(CMSAlgorithm.AES128_CBC, NISTObjectIdentifiers.id_aes128_CBC, 16, DEROctetString.class);
-    }
-
-    public void testKeyTransAES192()
-        throws Exception
-    {
-        tryKeyTrans(CMSAlgorithm.AES192_CBC, NISTObjectIdentifiers.id_aes192_CBC, 24, DEROctetString.class);
-    }
-
-    public void testKeyTransAES256()
-        throws Exception
-    {
-        tryKeyTrans(CMSAlgorithm.AES256_CBC, NISTObjectIdentifiers.id_aes256_CBC, 32, DEROctetString.class);
-    }
-
-    public void testKeyTransSEED()
-        throws Exception
-    {
-        tryKeyTrans(CMSAlgorithm.SEED_CBC, KISAObjectIdentifiers.id_seedCBC, 16, DEROctetString.class);
-    }
-
-    public void testKeyTransCamellia128()
-        throws Exception
-    {
-        tryKeyTrans(CMSAlgorithm.CAMELLIA128_CBC, NTTObjectIdentifiers.id_camellia128_cbc, 16, DEROctetString.class);
-    }
-
-    public void testKeyTransCamellia192()
-        throws Exception
-    {
-        tryKeyTrans(CMSAlgorithm.CAMELLIA192_CBC, NTTObjectIdentifiers.id_camellia192_cbc, 24, DEROctetString.class);
-    }
-
-    public void testKeyTransCamellia256()
-        throws Exception
-    {
-        tryKeyTrans(CMSAlgorithm.CAMELLIA256_CBC, NTTObjectIdentifiers.id_camellia256_cbc, 32, DEROctetString.class);
-    }
-
-    private void tryKeyTrans(ASN1ObjectIdentifier generatorOID, ASN1ObjectIdentifier checkOID, int keySize, Class asn1Params)
-        throws Exception
-    {
-        byte[] data = "WallaWallaWashington".getBytes();
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-
-        OutputEncryptor encryptor = new JceCMSContentEncryptorBuilder(generatorOID).setProvider(BC).build();
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            encryptor);
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(checkOID.getId(), ed.getEncryptionAlgOID());
-        assertEquals(keySize, ((byte[])encryptor.getKey().getRepresentation()).length);
-
-        if (asn1Params != null)
-        {
-            ASN1InputStream aIn = new ASN1InputStream(ed.getEncryptionAlgParams());
-
-            assertTrue(asn1Params.isAssignableFrom(aIn.readObject().getClass()));
-        }
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator it = c.iterator();
-
-        if (!it.hasNext())
-        {
-            fail("no recipients found");
-        }
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
-
-            byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()).setKeySizeValidation(true).setProvider(BC));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-    }
-
-    public void testErroneousKEK()
-        throws Exception
-    {
-        byte[] data = "WallaWallaWashington".getBytes();
-        SecretKey kek = new SecretKeySpec(new byte[]{1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16}, "AES");
-
-        CMSEnvelopedData ed = new CMSEnvelopedData(oldKEK);
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.DES_EDE3_CBC);
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        if (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), NISTObjectIdentifiers.id_aes128_wrap.getId());
-
-            byte[] recData = recipient.getContent(new JceKEKEnvelopedRecipient(kek).setProvider(BC));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-
-    public void testDESKEK()
-        throws Exception
-    {
-        tryKekAlgorithm(CMSTestUtil.makeDesede192Key(), new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.3.6"));
-    }
-
-    public void testRC2128KEK()
-        throws Exception
-    {
-        tryKekAlgorithm(CMSTestUtil.makeRC2128Key(), new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.3.7"));
-    }
-
-    public void testAES128KEK()
-        throws Exception
-    {
-        tryKekAlgorithm(CMSTestUtil.makeAESKey(128), NISTObjectIdentifiers.id_aes128_wrap);
-
-        tryKekAlgorithmAEAD(CMSTestUtil.makeAESKey(128), NISTObjectIdentifiers.id_aes128_wrap, CMSAlgorithm.AES128_GCM, NISTObjectIdentifiers.id_aes128_GCM);
-        tryKekAlgorithmAEAD(CMSTestUtil.makeAESKey(128), NISTObjectIdentifiers.id_aes128_wrap, CMSAlgorithm.AES192_GCM, NISTObjectIdentifiers.id_aes192_GCM);
-        tryKekAlgorithmAEAD(CMSTestUtil.makeAESKey(128), NISTObjectIdentifiers.id_aes128_wrap, CMSAlgorithm.AES256_GCM, NISTObjectIdentifiers.id_aes256_GCM);
-
-        byte[] nonce = Hex.decode("0102030405060708090a0b0c");
-        tryKekAlgorithmAEAD(CMSTestUtil.makeAESKey(128), NISTObjectIdentifiers.id_aes128_wrap, CMSAlgorithm.AES128_GCM, NISTObjectIdentifiers.id_aes128_GCM, new GCMParameters(nonce, 11).getEncoded());
-
-        tryKekAlgorithmAEAD(CMSTestUtil.makeAESKey(128), NISTObjectIdentifiers.id_aes128_wrap, CMSAlgorithm.AES128_CCM, NISTObjectIdentifiers.id_aes128_CCM);
-        tryKekAlgorithmAEAD(CMSTestUtil.makeAESKey(128), NISTObjectIdentifiers.id_aes128_wrap, CMSAlgorithm.AES192_CCM, NISTObjectIdentifiers.id_aes192_CCM);
-        tryKekAlgorithmAEAD(CMSTestUtil.makeAESKey(128), NISTObjectIdentifiers.id_aes128_wrap, CMSAlgorithm.AES256_CCM, NISTObjectIdentifiers.id_aes256_CCM);
-
-        tryKekAlgorithmAEAD(CMSTestUtil.makeAESKey(128), NISTObjectIdentifiers.id_aes128_wrap, CMSAlgorithm.AES128_CCM, NISTObjectIdentifiers.id_aes128_CCM, new CCMParameters(nonce, 13).getEncoded());
-    }
-
-    public void testAES192KEK()
-        throws Exception
-    {
-        tryKekAlgorithm(CMSTestUtil.makeAESKey(192), NISTObjectIdentifiers.id_aes192_wrap);
-    }
-
-    public void testAES256KEK()
-        throws Exception
-    {
-        tryKekAlgorithm(CMSTestUtil.makeAESKey(256), NISTObjectIdentifiers.id_aes256_wrap);
-    }
-
-    public void testSEED128KEK()
-        throws Exception
-    {
-        tryKekAlgorithm(CMSTestUtil.makeSEEDKey(), KISAObjectIdentifiers.id_npki_app_cmsSeed_wrap);
-    }
-
-    public void testCamellia128KEK()
-        throws Exception
-    {
-        tryKekAlgorithm(CMSTestUtil.makeCamelliaKey(128), NTTObjectIdentifiers.id_camellia128_wrap);
-    }
-
-    public void testCamellia192KEK()
-        throws Exception
-    {
-        tryKekAlgorithm(CMSTestUtil.makeCamelliaKey(192), NTTObjectIdentifiers.id_camellia192_wrap);
-    }
-
-    public void testCamellia256KEK()
-        throws Exception
-    {
-        tryKekAlgorithm(CMSTestUtil.makeCamelliaKey(256), NTTObjectIdentifiers.id_camellia256_wrap);
-    }
-
-    private void tryKekAlgorithm(SecretKey kek, ASN1ObjectIdentifier algOid)
-        throws NoSuchAlgorithmException, NoSuchProviderException, CMSException
-    {
-        byte[] data = "WallaWallaWashington".getBytes();
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        byte[] kekId = new byte[]{1, 2, 3, 4, 5};
-
-        edGen.addRecipientInfoGenerator(new JceKEKRecipientInfoGenerator(kekId, kek).setProvider(BC));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(CMSAlgorithm.DES_EDE3_CBC).setProvider(BC).build());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.DES_EDE3_CBC);
-
-        if (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(algOid.getId(), recipient.getKeyEncryptionAlgOID());
-
-            byte[] recData = recipient.getContent(new JceKEKEnvelopedRecipient(kek).setKeySizeValidation(true).setProvider(BC));
-
-            assertTrue(Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-
-    private void tryKekAlgorithmAEAD(SecretKey kek, ASN1ObjectIdentifier algOid, ASN1ObjectIdentifier aeadAlgorithm, ASN1ObjectIdentifier baseOID)
-        throws NoSuchAlgorithmException, NoSuchProviderException, CMSException, IOException
-    {
-        byte[] data = "WallaWallaWashington".getBytes();
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        byte[] kekId = new byte[]{1, 2, 3, 4, 5};
-
-        edGen.addRecipientInfoGenerator(new JceKEKRecipientInfoGenerator(kekId, kek).setProvider(BC));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(aeadAlgorithm).setProvider(BC).build());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        assertEquals(ed.getContentEncryptionAlgorithm().getAlgorithm(), baseOID);
-
-        if (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(algOid.getId(), recipient.getKeyEncryptionAlgOID());
-
-            byte[] recData = recipient.getContent(new JceKEKEnvelopedRecipient(kek).setKeySizeValidation(true).setProvider(BC));
-
-            assertTrue(Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-
-        checkAlteredMAC(kek, algOid, ed.getEncoded());
-    }
-
-    private void tryKekAlgorithmAEAD(SecretKey kek, ASN1ObjectIdentifier algOid, ASN1ObjectIdentifier aeadAlgorithm, ASN1ObjectIdentifier baseOID, byte[] encodedParameters)
-        throws NoSuchAlgorithmException, NoSuchProviderException, CMSException, IOException
-    {
-        byte[] data = "WallaWallaWashington".getBytes();
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        byte[] kekId = new byte[]{1, 2, 3, 4, 5};
-
-        edGen.addRecipientInfoGenerator(new JceKEKRecipientInfoGenerator(kekId, kek).setProvider(BC));
-
-        AlgorithmParameters algParams = AlgorithmParameters.getInstance(aeadAlgorithm.getId(), BC);
-
-        algParams.init(encodedParameters);
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(aeadAlgorithm).setProvider(BC).setAlgorithmParameters(algParams).build());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        assertEquals(ed.getContentEncryptionAlgorithm().getAlgorithm(), baseOID);
-        assertEquals(ed.getContentEncryptionAlgorithm().getParameters(), ASN1Sequence.getInstance(encodedParameters));
-
-        if (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(algOid.getId(), recipient.getKeyEncryptionAlgOID());
-
-            byte[] recData = recipient.getContent(new JceKEKEnvelopedRecipient(kek).setKeySizeValidation(true).setProvider(BC));
-
-            assertTrue(Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-
-        checkAlteredMAC(kek, algOid, ed.getEncoded());
-    }
-
-    private void checkAlteredMAC(SecretKey kek, ASN1ObjectIdentifier algOid, byte[] edData)
-        throws CMSException, IOException
-    {
-        CMSEnvelopedData ed;
-        RecipientInformationStore recipients;
-        Collection c;
-        Iterator it;
-        ContentInfo eContentInfo = ContentInfo.getInstance(edData);
-
-        EnvelopedData envD = EnvelopedData.getInstance(eContentInfo.getContent());
-
-        EncryptedContentInfo eInfo = envD.getEncryptedContentInfo();
-
-        eInfo.getEncryptedContent().getOctets()[10] ^= 0xff;
-
-        ed = new CMSEnvelopedData(new ContentInfo(eContentInfo.getContentType(), new EnvelopedData(envD.getOriginatorInfo(), envD.getRecipientInfos(), eInfo, envD.getUnprotectedAttrs())).getEncoded());
-
-        recipients = ed.getRecipientInfos();
-
-        c = recipients.getRecipients();
-        it = c.iterator();
-
-        if (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(algOid.getId(), recipient.getKeyEncryptionAlgOID());
-
-            try
-            {
-                byte[] recData = recipient.getContent(new JceKEKEnvelopedRecipient(kek).setKeySizeValidation(true).setProvider(BC));
-
-                fail("MAC error not detected");
-            }
-            catch (CMSException e)
-            {
-                // expected
-            }
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-
-    public void testECKeyAgree()
-        throws Exception
-    {
-        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new JceKeyAgreeRecipientInfoGenerator(CMSAlgorithm.ECDH_SHA1KDF,
-            _origEcKP.getPrivate(), _origEcKP.getPublic(),
-            CMSAlgorithm.AES128_WRAP).addRecipient(_reciEcCert).setProvider(BC));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-
-        assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.AES128_CBC);
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        confirmDataReceived(recipients, data, _reciEcCert, _reciEcKP.getPrivate(), BC);
-        confirmNumberRecipients(recipients, 1);
-    }
-
-    public void testFaultyAgreementRecipient()
-        throws Exception
-    {
-        ASN1ObjectIdentifier algorithm = CMSAlgorithm.ECDH_SHA1KDF;
-        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new JceKeyAgreeRecipientInfoGenerator(algorithm,
-            _origEcKP.getPrivate(), _origEcKP.getPublic(),
-            CMSAlgorithm.AES128_WRAP).setProvider(BC));
-
-        try
-        {
-            edGen.generate(
-                new CMSProcessableByteArray(data),
-                new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-        }
-        catch (CMSException e)
-        {
-            assertEquals(e.getMessage(), "No recipients associated with generator - use addRecipient()");
-        }
-    }
-
-    public void testKeyWrapAlgorithmIdentifiers()
-        throws Exception
-    {
-        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
-
-        doVerifyKeyWrap(data, CMSAlgorithm.DES_EDE3_WRAP, false);
-        doVerifyKeyWrap(data, CMSAlgorithm.AES128_WRAP, true);
-        doVerifyKeyWrap(data, CMSAlgorithm.AES192_WRAP, true);
-        doVerifyKeyWrap(data, CMSAlgorithm.AES256_WRAP, true);
-        doVerifyKeyWrap(data, CMSAlgorithm.CAMELLIA128_WRAP, true);
-        doVerifyKeyWrap(data, CMSAlgorithm.CAMELLIA192_WRAP, true);
-        doVerifyKeyWrap(data, CMSAlgorithm.CAMELLIA256_WRAP, true);
-        doVerifyKeyWrap(data, CMSAlgorithm.SEED_WRAP, true);
-    }
-
-    private void doVerifyKeyWrap(byte[] data, ASN1ObjectIdentifier wrapAlgorithm, boolean paramsAbsent)
-        throws CertificateEncodingException, CMSException, NoSuchProviderException, IOException
-    {
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new JceKeyAgreeRecipientInfoGenerator(CMSAlgorithm.ECDH_SHA256KDF,
-            _origEcKP.getPrivate(), _origEcKP.getPublic(),
-            wrapAlgorithm).addRecipient(_reciEcCert).setProvider(BC));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-
-        assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.AES128_CBC);
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        KeyAgreeRecipientInformation recipientInformation = (KeyAgreeRecipientInformation)recipients.get(new JceKeyAgreeRecipientId(_reciEcCert));
-        AlgorithmIdentifier keyWrapAlg = AlgorithmIdentifier.getInstance(recipientInformation.getKeyEncryptionAlgorithm().getParameters());
-
-        assertEquals(wrapAlgorithm, keyWrapAlg.getAlgorithm());
-        if (paramsAbsent)
-        {
-            assertNull(keyWrapAlg.getParameters());
-        }
-        else
-        {
-            assertNotNull(keyWrapAlg.getParameters());
-        }
-
-        assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.AES128_CBC);
-
-        confirmDataReceived(recipients, data, _reciEcCert, _reciEcKP.getPrivate(), BC);
-        confirmNumberRecipients(recipients, 1);
-    }
-
-    public void testEphemeralStaticDHAgreement()
-        throws Exception
-    {
-        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new JceKeyAgreeRecipientInfoGenerator(PKCSObjectIdentifiers.id_alg_ESDH,
-            _origDhKP.getPrivate(), _origDhKP.getPublic(),
-            CMSAlgorithm.AES128_WRAP).addRecipient(_reciDhCert).setProvider(BC));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-
-        assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.AES128_CBC);
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        confirmDataReceived(recipients, data, _reciDhCert, _reciDhKP.getPrivate(), BC);
-        confirmNumberRecipients(recipients, 1);
-    }
-
-    public void testStaticStaticDHAgreement()
-        throws Exception
-    {
-        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new JceKeyAgreeRecipientInfoGenerator(PKCSObjectIdentifiers.id_alg_SSDH,
-            _origDhKP.getPrivate(), _origDhKP.getPublic(),
-            CMSAlgorithm.AES128_WRAP)
-            .setUserKeyingMaterial(data)
-            .addRecipient(_reciDhCert)
-            .setProvider(BC));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-
-        assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.AES128_CBC);
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        confirmDataReceived(recipients, data, _reciDhCert, _reciDhKP.getPrivate(), BC);
-        confirmNumberRecipients(recipients, 1);
-
-        try
-        {
-            edGen = new CMSEnvelopedDataGenerator();
-
-            edGen.addRecipientInfoGenerator(new JceKeyAgreeRecipientInfoGenerator(PKCSObjectIdentifiers.id_alg_SSDH,
-                _origDhKP.getPrivate(), _origDhKP.getPublic(),
-                CMSAlgorithm.AES128_WRAP).addRecipient(_reciDhCert).setProvider(BC));
-
-            edGen.generate(
-                new CMSProcessableByteArray(data),
-                new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-            fail("no UKM uncaught");
-        }
-        catch (CMSException e)
-        {
-            Assert.assertEquals("User keying material must be set for static keys.", e.getMessage());
-        }
-    }
-
-    public void testKDFAgreements()
-        throws Exception
-    {
-        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
-
-        doTryAgreement(data, CMSAlgorithm.ECDH_SHA1KDF);
-        doTryAgreement(data, CMSAlgorithm.ECDH_SHA224KDF);
-        doTryAgreement(data, CMSAlgorithm.ECDH_SHA256KDF);
-        doTryAgreement(data, CMSAlgorithm.ECDH_SHA384KDF);
-        doTryAgreement(data, CMSAlgorithm.ECDH_SHA512KDF);
-
-        doTryAgreement(data, CMSAlgorithm.ECCDH_SHA1KDF);
-        doTryAgreement(data, CMSAlgorithm.ECCDH_SHA224KDF);
-        doTryAgreement(data, CMSAlgorithm.ECCDH_SHA256KDF);
-        doTryAgreement(data, CMSAlgorithm.ECCDH_SHA384KDF);
-        doTryAgreement(data, CMSAlgorithm.ECCDH_SHA512KDF);
-
-        doTryAgreement(data, CMSAlgorithm.ECMQV_SHA1KDF);
-        doTryAgreement(data, CMSAlgorithm.ECMQV_SHA224KDF);
-        doTryAgreement(data, CMSAlgorithm.ECMQV_SHA256KDF);
-        doTryAgreement(data, CMSAlgorithm.ECMQV_SHA384KDF);
-        doTryAgreement(data, CMSAlgorithm.ECMQV_SHA512KDF);
-    }
-
-    private void doTryAgreement(byte[] data, ASN1ObjectIdentifier algorithm)
-        throws CertificateEncodingException, CMSException, NoSuchProviderException, IOException
-    {
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new JceKeyAgreeRecipientInfoGenerator(algorithm,
-            _origEcKP.getPrivate(), _origEcKP.getPublic(),
-            CMSAlgorithm.AES128_WRAP).addRecipient(_reciEcCert).setProvider(BC));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-
-        assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.AES128_CBC);
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        confirmDataReceived(recipients, data, _reciEcCert, _reciEcKP.getPrivate(), BC);
-        confirmNumberRecipients(recipients, 1);
-    }
-
-    public void testECMQVKeyAgreeMultiple()
-        throws Exception
-    {
-        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        JceKeyAgreeRecipientInfoGenerator recipientGenerator = new JceKeyAgreeRecipientInfoGenerator(CMSAlgorithm.ECMQV_SHA1KDF,
-            _origEcKP.getPrivate(), _origEcKP.getPublic(), CMSAlgorithm.AES128_WRAP).setProvider(BC);
-
-        recipientGenerator.addRecipient(_reciEcCert);
-        recipientGenerator.addRecipient(_reciEcCert2);
-
-        edGen.addRecipientInfoGenerator(recipientGenerator);
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-
-        assertEquals(ed.getEncryptionAlgOID(), CMSEnvelopedDataGenerator.AES128_CBC);
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        confirmDataReceived(recipients, data, _reciEcCert, _reciEcKP.getPrivate(), BC);
-        confirmDataReceived(recipients, data, _reciEcCert2, _reciEcKP2.getPrivate(), BC);
-        confirmNumberRecipients(recipients, 2);
-    }
-
-    private static void confirmDataReceived(RecipientInformationStore recipients,
-                                            byte[] expectedData, X509Certificate reciCert, PrivateKey reciPrivKey, String provider)
-        throws CMSException, NoSuchProviderException, CertificateEncodingException, IOException
-    {
-        RecipientId rid = new JceKeyAgreeRecipientId(reciCert);
-
-        RecipientInformation recipient = recipients.get(rid);
-        assertNotNull(recipient);
-
-        byte[] actualData = recipient.getContent(new JceKeyAgreeEnvelopedRecipient(reciPrivKey).setProvider(provider));
-        assertEquals(true, Arrays.equals(expectedData, actualData));
-    }
-
-    private static void confirmNumberRecipients(RecipientInformationStore recipients, int count)
-    {
-        assertEquals(count, recipients.getRecipients().size());
-    }
-
-    public void testECKeyAgreeVectors()
-        throws Exception
-    {
-        PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(ecKeyAgreeKey);
-        KeyFactory fact = KeyFactory.getInstance("ECDH", BC);
-        PrivateKey privKey = fact.generatePrivate(privSpec);
-
-        verifyECKeyAgreeVectors(privKey, "2.16.840.1.101.3.4.1.42", ecKeyAgreeMsgAES256);
-        verifyECKeyAgreeVectors(privKey, "2.16.840.1.101.3.4.1.2", ecKeyAgreeMsgAES128);
-        verifyECKeyAgreeVectors(privKey, "1.2.840.113549.3.7", ecKeyAgreeMsgDESEDE);
-    }
-
-    public void testECMQVKeyAgreeVectors()
-        throws Exception
-    {
-        PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(ecKeyAgreeKey);
-        KeyFactory fact = KeyFactory.getInstance("ECDH", BC);
-        PrivateKey privKey = fact.generatePrivate(privSpec);
-
-        verifyECMQVKeyAgreeVectors(privKey, "2.16.840.1.101.3.4.1.2", ecMQVKeyAgreeMsgAES128);
-    }
-
-    public void testPasswordAES256()
-        throws Exception
-    {
-        passwordTest(CMSEnvelopedDataGenerator.AES256_CBC);
-        passwordUTF8Test(CMSEnvelopedDataGenerator.AES256_CBC);
-    }
-
-    public void testPasswordDESEDE()
-        throws Exception
-    {
-        passwordTest(CMSEnvelopedDataGenerator.DES_EDE3_CBC);
-        passwordUTF8Test(CMSEnvelopedDataGenerator.DES_EDE3_CBC);
-    }
-
-    public void testPasswordAES256WithPRF()
-        throws Exception
-    {
-        passwordUTF8Test(CMSEnvelopedDataGenerator.AES256_CBC, PasswordRecipient.PRF.HMacSHA1);
-        passwordUTF8Test(CMSEnvelopedDataGenerator.AES256_CBC, PasswordRecipient.PRF.HMacSHA224);
-        passwordUTF8Test(CMSEnvelopedDataGenerator.AES256_CBC, PasswordRecipient.PRF.HMacSHA256);
-        passwordUTF8Test(CMSEnvelopedDataGenerator.AES256_CBC, PasswordRecipient.PRF.HMacSHA384);
-        passwordUTF8Test(CMSEnvelopedDataGenerator.AES256_CBC, PasswordRecipient.PRF.HMacSHA512);
-    }
-
-    public void testNoSaltOrIterationCount()
-        throws Exception
-    {
-        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new JcePasswordRecipientInfoGenerator(CMSAlgorithm.AES256_CBC, "abc\u5639\u563b".toCharArray()).setProvider(BC).setPRF(PasswordRecipient.PRF.HMacSHA1));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(),
-            CMSEnvelopedDataGenerator.AES128_CBC);
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        if (it.hasNext())
-        {
-            PasswordRecipientInformation recipient = (PasswordRecipientInformation)it.next();
-
-            assertEquals(AlgorithmIdentifier.getInstance(recipient.getKeyEncryptionAlgorithm().getParameters()).getAlgorithm(), CMSAlgorithm.AES256_CBC);
-            assertEquals(PBKDF2Params.getInstance(recipient.getKeyDerivationAlgorithm().getParameters()).getPrf(), PasswordRecipient.PRF.HMacSHA1.getAlgorithmID());
-
-            byte[] recData = recipient.getContent(new JcePasswordEnvelopedRecipient("abc\u5639\u563b".toCharArray()).setProvider(BC));
-            assertEquals(true, Arrays.equals(data, recData));
-
-            // try lightweight recipient
-            recData = recipient.getContent(new BcPasswordEnvelopedRecipient("abc\u5639\u563b".toCharArray()));
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-
-    public void testRFC4134ex5_1()
-        throws Exception
-    {
-        byte[] data = Hex.decode("5468697320697320736f6d652073616d706c6520636f6e74656e742e");
-
-        KeyFactory kFact = KeyFactory.getInstance("RSA", BC);
-        Key key = kFact.generatePrivate(new PKCS8EncodedKeySpec(bobPrivRsaEncrypt));
-
-        CMSEnvelopedData ed = new CMSEnvelopedData(rfc4134ex5_1);
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals("1.2.840.113549.3.7", ed.getEncryptionAlgOID());
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        if (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient((PrivateKey)key).setProvider(BC));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-
-    public void testRFC4134ex5_2()
-        throws Exception
-    {
-        byte[] data = Hex.decode("5468697320697320736f6d652073616d706c6520636f6e74656e742e");
-
-        KeyFactory kFact = KeyFactory.getInstance("RSA", BC);
-        PrivateKey key = kFact.generatePrivate(new PKCS8EncodedKeySpec(bobPrivRsaEncrypt));
-
-        CMSEnvelopedData ed = new CMSEnvelopedData(rfc4134ex5_2);
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals("1.2.840.113549.3.2", ed.getEncryptionAlgOID());
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        if (it.hasNext())
-        {
-            while (it.hasNext())
-            {
-                RecipientInformation recipient = (RecipientInformation)it.next();
-                byte[] recData;
-
-                if (recipient instanceof KeyTransRecipientInformation)
-                {
-                    recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(key).setProvider(BC));
-
-                    assertEquals(true, Arrays.equals(data, recData));
-                }
-            }
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-
-    public void testOriginatorInfo()
-        throws Exception
-    {
-        CMSEnvelopedData env = new CMSEnvelopedData(CMSSampleMessages.originatorMessage);
-
-        RecipientInformationStore recipients = env.getRecipientInfos();
-
-        OriginatorInformation origInfo = env.getOriginatorInfo();
-
-        assertEquals(new X500Name("C=US,O=U.S. Government,OU=HSPD12Lab,OU=Agents,CN=user1"), ((X509CertificateHolder)origInfo.getCertificates().getMatches(null).iterator().next()).getSubject());
-        assertEquals(CMSEnvelopedDataGenerator.DES_EDE3_CBC, env.getEncryptionAlgOID());
-    }
-
-    public void testOpenSSLVectors()
-        throws Exception
-    {
-        byte[] expected = Strings.toByteArray("abcdefghijklmnopqrstuvwxyz0123456789\r\n");
-
-        PEMParser pemParser = new PEMParser(new InputStreamReader(getClass().getResourceAsStream("ecdh/ecc.key")));
-
-        pemParser.readObject();  // skip the curve definition
-
-        PEMKeyPair kp = (PEMKeyPair)pemParser.readObject();
-
-        KeyFactory keyFactory = KeyFactory.getInstance("EC", "BC");
-
-        ECPrivateKey ecKey = (ECPrivateKey)keyFactory.generatePrivate(new PKCS8EncodedKeySpec(kp.getPrivateKeyInfo().getEncoded()));
-
-        pemParser = new PEMParser(new InputStreamReader(getClass().getResourceAsStream("ecdh/ecc.crt")));
-
-        X509Certificate x509Certificate = new JcaX509CertificateConverter().setProvider("BC").getCertificate((X509CertificateHolder)pemParser.readObject());
-
-        processInput(ecKey, expected, "ecdh/encSess1.asc", new AlgorithmIdentifier(PKCSObjectIdentifiers.id_alg_CMS3DESwrap, DERNull.INSTANCE));
-        processInput(ecKey, expected, "ecdh/encSess2.asc", new AlgorithmIdentifier(PKCSObjectIdentifiers.id_alg_CMS3DESwrap, DERNull.INSTANCE));
-        processInput(ecKey, expected, "ecdh/encSess3.asc", new AlgorithmIdentifier(CMSAlgorithm.AES128_WRAP, DERNull.INSTANCE));
-        processInput(ecKey, expected, "ecdh/encSess4.asc", new AlgorithmIdentifier(CMSAlgorithm.AES128_WRAP, DERNull.INSTANCE));
-        processInput(ecKey, expected, "ecdh/encSess5.asc", new AlgorithmIdentifier(CMSAlgorithm.AES192_WRAP, DERNull.INSTANCE));
-        processInput(ecKey, expected, "ecdh/encSess6.asc", new AlgorithmIdentifier(CMSAlgorithm.AES192_WRAP, DERNull.INSTANCE));
-        processInput(ecKey, expected, "ecdh/encSess7.asc", new AlgorithmIdentifier(CMSAlgorithm.AES256_WRAP, DERNull.INSTANCE));
-        processInput(ecKey, expected, "ecdh/encSess8.asc", new AlgorithmIdentifier(CMSAlgorithm.AES256_WRAP, DERNull.INSTANCE));
-
-        processInput(ecKey, expected, "ecdh/encSessA.asc", new AlgorithmIdentifier(PKCSObjectIdentifiers.id_alg_CMS3DESwrap, DERNull.INSTANCE));
-        processInput(ecKey, expected, "ecdh/encSessB.asc", new AlgorithmIdentifier(PKCSObjectIdentifiers.id_alg_CMS3DESwrap, DERNull.INSTANCE));
-        processInput(ecKey, expected, "ecdh/encSessC.asc", new AlgorithmIdentifier(CMSAlgorithm.AES128_WRAP));
-        processInput(ecKey, expected, "ecdh/encSessD.asc", new AlgorithmIdentifier(CMSAlgorithm.AES128_WRAP));
-        processInput(ecKey, expected, "ecdh/encSessE.asc", new AlgorithmIdentifier(CMSAlgorithm.AES192_WRAP));
-        processInput(ecKey, expected, "ecdh/encSessF.asc", new AlgorithmIdentifier(CMSAlgorithm.AES192_WRAP));
-        processInput(ecKey, expected, "ecdh/encSessG.asc", new AlgorithmIdentifier(CMSAlgorithm.AES256_WRAP));
-        processInput(ecKey, expected, "ecdh/encSessH.asc", new AlgorithmIdentifier(CMSAlgorithm.AES256_WRAP));
-    }
-
-    public void testGost3410_2012_KeyTransGen()
-        throws Exception
-    {
-        byte[] data = Strings.toByteArray("hello world!");
-
-
-        CMSEnvelopedDataGenerator cmsEnvelopedDataGenerator = new CMSEnvelopedDataGenerator();
-
-
-        X509Certificate cert = (X509Certificate)CertificateFactory
-                                                    .getInstance("X.509", "BC")
-                                                    .generateCertificate(new ByteArrayInputStream(gost2012_512_Reci_Cert));
-        JceKeyTransRecipientInfoGenerator jceKey = new JceKeyTransRecipientInfoGenerator(cert).setProvider("BC");
-        cmsEnvelopedDataGenerator.addRecipientInfoGenerator(jceKey);
-        CMSTypedData msg = new CMSProcessableByteArray(data);
-        OutputEncryptor encryptor = new JceCMSContentEncryptorBuilder(CMSAlgorithm.GOST28147_GCFB).setProvider("BC").build();
-        CMSEnvelopedData cmsEnvelopedData = cmsEnvelopedDataGenerator.generate(msg, encryptor);
-
-        byte[] encryptedData = cmsEnvelopedData.getEncoded();
-
-        CMSEnvelopedData ed = new CMSEnvelopedData(encryptedData);
-        KeyFactory keyFact = KeyFactory.getInstance("ECGOST3410-2012", "BC");
-        PrivateKey privKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(gost2012_512_Reci_Key));
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(), CryptoProObjectIdentifiers.gostR28147_gcfb.getId());
-
-        Collection c = recipients.getRecipients();
-
-        Iterator it = c.iterator();
-
-         while (it.hasNext())
-         {
-             RecipientInformation recipient = (RecipientInformation)it.next();
-
-             assertEquals(recipient.getKeyEncryptionAlgOID(), RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512.getId());
-
-             byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(privKey).setProvider(BC));
-
-             assertTrue(Arrays.equals(data, recData));
-         }
-
-    }
-
-    public void testGost3410_2001_KeyTrans()
-        throws Exception
-    {
-        KeyFactory keyFact = KeyFactory.getInstance("ECGOST3410", BC);
-
-        PrivateKey privKey = keyFact.generatePrivate(new org.bouncycastle.jce.spec.ECPrivateKeySpec(
-            new BigInteger("0B293BE050D0082BDAE785631A6BAB68F35B42786D6DDA56AFAF169891040F77", 16),
-            ECGOST3410NamedCurveTable.getParameterSpec("GostR3410-2001-CryptoPro-XchA")));
-
-        CMSEnvelopedData ed = new CMSEnvelopedData(gost3410_2001_KeyTrans);
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(), CryptoProObjectIdentifiers.gostR28147_gcfb.getId());
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), CryptoProObjectIdentifiers.gostR3410_2001.getId());
-
-            byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(privKey).setProvider(BC));
-
-            assertEquals("sample text\n", Strings.fromByteArray(recData));
-        }
-
-        CertificateFactory certFact = CertificateFactory.getInstance("X.509", BC);
-
-        RecipientId id = new JceKeyTransRecipientId((X509Certificate)certFact.generateCertificate(new ByteArrayInputStream(gost3410_RecipCert)));
-
-        Collection collection = recipients.getRecipients(id);
-        if (collection.size() != 1)
-        {
-            fail("recipients not matched using general recipient ID.");
-        }
-        assertTrue(collection.iterator().next() instanceof RecipientInformation);
-    }
-
-    public void testGost3410_2012_KeyTrans()
-        throws Exception
-    {
-        KeyFactory keyFact = KeyFactory.getInstance("ECGOST3410-2012", BC);
-
-        PrivateKey privKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(gost2012_KeyTrans_Reci_Key));
-
-        CMSEnvelopedData ed = new CMSEnvelopedData(gost2012_KeyTrans_Msg);
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(), CryptoProObjectIdentifiers.gostR28147_gcfb.getId());
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256.getId());
-
-            byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(privKey).setProvider(BC));
-
-            assertEquals("Hello World!", Strings.fromByteArray(recData));
-        }
-
-        CertificateFactory certFact = CertificateFactory.getInstance("X.509", BC);
-
-        RecipientId id = new JceKeyTransRecipientId((X509Certificate)certFact.generateCertificate(new ByteArrayInputStream(gost2012_KeyTrans_Reci_Cert)));
-
-        Collection collection = recipients.getRecipients(id);
-        if (collection.size() != 1)
-        {
-            fail("recipients not matched using general recipient ID.");
-        }
-        assertTrue(collection.iterator().next() instanceof RecipientInformation);
-    }
-
-    public void testGost3410_2001_KeyAgree()
-        throws Exception
-    {
-        KeyFactory keyFact = KeyFactory.getInstance("ECGOST3410", BC);
-
-        PrivateKey privKey = keyFact.generatePrivate(new org.bouncycastle.jce.spec.ECPrivateKeySpec(
-            new BigInteger("0B293BE050D0082BDAE785631A6BAB68F35B42786D6DDA56AFAF169891040F77", 16),
-            ECGOST3410NamedCurveTable.getParameterSpec("GostR3410-2001-CryptoPro-XchA")));
-
-        CMSEnvelopedData ed = new CMSEnvelopedData(gost3410_2001_KeyAgree);
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(), CryptoProObjectIdentifiers.gostR28147_gcfb.getId());
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_ESDH.getId());
-
-            byte[] recData = recipient.getContent(new JceKeyAgreeEnvelopedRecipient(privKey).setProvider(BC));
-
-            assertEquals("sample text\n", Strings.fromByteArray(recData));
-        }
-
-        CertificateFactory certFact = CertificateFactory.getInstance("X.509", BC);
-
-        RecipientId id = new JceKeyAgreeRecipientId((X509Certificate)certFact.generateCertificate(new ByteArrayInputStream(gost3410_RecipCert)));
-
-        Collection collection = recipients.getRecipients(id);
-        if (collection.size() != 1)
-        {
-            fail("recipients not matched using general recipient ID.");
-        }
-        assertTrue(collection.iterator().next() instanceof RecipientInformation);
-    }
-
-    public void testGost3410_2001_KeyTransRand()
-        throws Exception
-    {
-        KeyFactory keyFact = KeyFactory.getInstance("ECGOST3410", BC);
-
-        PrivateKey privKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(gost2001_Rand_Key));
-
-        CMSEnvelopedData ed = new CMSEnvelopedData(gost2001_Rand_Msg);
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(), CryptoProObjectIdentifiers.gostR28147_gcfb.getId());
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), CryptoProObjectIdentifiers.gostR3410_2001.getId());
-
-            byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(privKey).setProvider(BC));
-
-            assertEquals("Hello world!", Strings.fromByteArray(recData));
-        }
-
-        CertificateFactory certFact = CertificateFactory.getInstance("X.509", BC);
-
-        RecipientId id = new JceKeyTransRecipientId((X509Certificate)certFact.generateCertificate(new ByteArrayInputStream(gost2001_Rand_Cert)));
-
-        Collection collection = recipients.getRecipients(id);
-        if (collection.size() != 1)
-        {
-            fail("recipients not matched using general recipient ID.");
-        }
-        assertTrue(collection.iterator().next() instanceof RecipientInformation);
-    }
-
-    public void testGost3410_2001_KeyAgreeRand()
-        throws Exception
-    {
-        KeyFactory keyFact = KeyFactory.getInstance("ECGOST3410", BC);
-
-        PrivateKey privKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(gost2001_Rand_Reci_Key));
-
-        CMSEnvelopedData ed = new CMSEnvelopedData(gost2001_Rand_Gen_Msg);
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(), CryptoProObjectIdentifiers.gostR28147_gcfb.getId());
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_ESDH.getId());
-
-            byte[] recData = recipient.getContent(new JceKeyAgreeEnvelopedRecipient(privKey).setProvider(BC));
-
-            assertEquals("Hello World!", Strings.fromByteArray(recData));
-        }
-
-        CertificateFactory certFact = CertificateFactory.getInstance("X.509", BC);
-
-        RecipientId id = new JceKeyAgreeRecipientId((X509Certificate)certFact.generateCertificate(new ByteArrayInputStream(gost2001_Rand_Reci_Cert)));
-
-        Collection collection = recipients.getRecipients(id);
-        if (collection.size() != 1)
-        {
-            fail("recipients not matched using general recipient ID.");
-        }
-        assertTrue(collection.iterator().next() instanceof RecipientInformation);
-    }
-
-    public void testGost3410_2012_KeyAgree()
-        throws Exception
-    {
-        KeyFactory keyFact = KeyFactory.getInstance("ECGOST3410-2012", BC);
-
-        PrivateKey privKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(gost2012_Reci_Key));
-
-        CMSEnvelopedData ed = new CMSEnvelopedData(gost2012_Reci_Msg);
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(), CryptoProObjectIdentifiers.gostR28147_gcfb.getId());
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), RosstandartObjectIdentifiers.id_tc26_agreement_gost_3410_12_256.getId());
-
-            byte[] recData = recipient.getContent(new JceKeyAgreeEnvelopedRecipient(privKey).setProvider(BC));
-
-            assertEquals("Hello World!", Strings.fromByteArray(recData));
-        }
-
-        CertificateFactory certFact = CertificateFactory.getInstance("X.509", BC);
-
-        RecipientId id = new JceKeyAgreeRecipientId((X509Certificate)certFact.generateCertificate(new ByteArrayInputStream(gost2012_Reci_Cert)));
-
-        Collection collection = recipients.getRecipients(id);
-        if (collection.size() != 1)
-        {
-            fail("recipients not matched using general recipient ID.");
-        }
-        assertTrue(collection.iterator().next() instanceof RecipientInformation);
-    }
-
-    public void testGost3410_2012_512_KeyAgree()
-        throws Exception
-    {
-        KeyFactory keyFact = KeyFactory.getInstance("ECGOST3410-2012", BC);
-
-        PrivateKey privKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(gost2012_512_Reci_Key));
-
-        CMSEnvelopedData ed = new CMSEnvelopedData(gost2012_512_Reci_Msg);
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(), CryptoProObjectIdentifiers.gostR28147_gcfb.getId());
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), RosstandartObjectIdentifiers.id_tc26_agreement_gost_3410_12_512.getId());
-
-            byte[] recData = recipient.getContent(new JceKeyAgreeEnvelopedRecipient(privKey).setProvider(BC));
-
-            assertEquals("Hello World!", Strings.fromByteArray(recData));
-        }
-
-        CertificateFactory certFact = CertificateFactory.getInstance("X.509", BC);
-
-        RecipientId id = new JceKeyAgreeRecipientId((X509Certificate)certFact.generateCertificate(new ByteArrayInputStream(gost2012_512_Reci_Cert)));
-
-        Collection collection = recipients.getRecipients(id);
-        if (collection.size() != 1)
-        {
-            fail("recipients not matched using general recipient ID.");
-        }
-        assertTrue(collection.iterator().next() instanceof RecipientInformation);
-    }
-
-    public void testGost3410_2001_KeyAgree_Creation()
-        throws Exception
-    {
-        SecureRandom random = new SecureRandom();
-        CertificateFactory certFact = CertificateFactory.getInstance("X.509", BC);
-
-        X509Certificate senderCert = (X509Certificate)certFact.generateCertificate(new ByteArrayInputStream(gost2001_Rand_Sender_Cert));
-        X509Certificate reciCert = (X509Certificate)certFact.generateCertificate(new ByteArrayInputStream(gost2001_Rand_Reci_Cert));
-
-        byte[] data = Strings.toByteArray("Hello World! Hello World!");
-        KeyFactory keyFact = KeyFactory.getInstance("ECGOST3410", BC);
-
-        PrivateKey senderKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(gost2001_Rand_Sender_Key));
-        PrivateKey reciKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(gost2001_Rand_Reci_Key));
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        JceKeyAgreeRecipientInfoGenerator recipientGenerator = new JceKeyAgreeRecipientInfoGenerator(CMSAlgorithm.ECDHGOST3410_2012_256,
-            senderKey, senderCert.getPublicKey(), CMSAlgorithm.GOST28147_CRYPTOPRO_WRAP).setProvider(BC);
-
-        byte[] ukm = new byte[8];
-        random.nextBytes(ukm);
-
-        recipientGenerator.addRecipient(reciCert);
-        recipientGenerator.setUserKeyingMaterial(ukm);
-
-        edGen.addRecipientInfoGenerator(recipientGenerator);
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(CMSAlgorithm.GOST28147_GCFB).setProvider(BC).build());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(), CryptoProObjectIdentifiers.gostR28147_gcfb.getId());
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), RosstandartObjectIdentifiers.id_tc26_agreement_gost_3410_12_256.getId());
-
-            byte[] recData = recipient.getContent(new JceKeyAgreeEnvelopedRecipient(reciKey).setProvider(BC));
-
-            assertEquals("Hello World! Hello World!", Strings.fromByteArray(recData));
-        }
-
-        RecipientId id = new JceKeyAgreeRecipientId(reciCert);
-
-        Collection collection = recipients.getRecipients(id);
-        if (collection.size() != 1)
-        {
-            fail("recipients not matched using general recipient ID.");
-        }
-        assertTrue(collection.iterator().next() instanceof RecipientInformation);
-    }
-
-    public void testGost3410_2012_256_KeyAgree_Creation()
-        throws Exception
-    {
-        SecureRandom random = new SecureRandom();
-        CertificateFactory certFact = CertificateFactory.getInstance("X.509", BC);
-
-        X509Certificate senderCert = (X509Certificate)certFact.generateCertificate(new ByteArrayInputStream(gost2012_Sender_Cert));
-        X509Certificate reciCert = (X509Certificate)certFact.generateCertificate(new ByteArrayInputStream(gost2012_Reci_Cert));
-
-        byte[] data = Strings.toByteArray("Hello World!");
-        KeyFactory keyFact = KeyFactory.getInstance("ECGOST3410-2012", BC);
-
-        PrivateKey senderKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(gost2012_Sender_Key));
-        PrivateKey reciKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(gost2012_Reci_Key));
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        JceKeyAgreeRecipientInfoGenerator recipientGenerator = new JceKeyAgreeRecipientInfoGenerator(CMSAlgorithm.ECDHGOST3410_2012_256,
-            senderKey, senderCert.getPublicKey(), CMSAlgorithm.GOST28147_CRYPTOPRO_WRAP).setProvider(BC);
-
-        byte[] ukm = new byte[8];
-        random.nextBytes(ukm);
-
-        recipientGenerator.addRecipient(reciCert);
-        recipientGenerator.setUserKeyingMaterial(ukm);
-
-        edGen.addRecipientInfoGenerator(recipientGenerator);
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(CMSAlgorithm.GOST28147_GCFB).setProvider(BC).build());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(), CryptoProObjectIdentifiers.gostR28147_gcfb.getId());
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), RosstandartObjectIdentifiers.id_tc26_agreement_gost_3410_12_256.getId());
-
-            byte[] recData = recipient.getContent(new JceKeyAgreeEnvelopedRecipient(reciKey).setProvider(BC));
-
-            assertEquals("Hello World!", Strings.fromByteArray(recData));
-        }
-
-        RecipientId id = new JceKeyAgreeRecipientId(reciCert);
-
-        Collection collection = recipients.getRecipients(id);
-        if (collection.size() != 1)
-        {
-            fail("recipients not matched using general recipient ID.");
-        }
-        assertTrue(collection.iterator().next() instanceof RecipientInformation);
-    }
-
-    public void testGost3410_2012_512_KeyAgree_Creation()
-        throws Exception
-    {
-        SecureRandom random = new SecureRandom();
-        CertificateFactory certFact = CertificateFactory.getInstance("X.509", BC);
-
-        X509Certificate senderCert = (X509Certificate)certFact.generateCertificate(new ByteArrayInputStream(gost2012_512_Sender_Cert));
-        X509Certificate reciCert = (X509Certificate)certFact.generateCertificate(new ByteArrayInputStream(gost2012_512_Reci_Cert));
-
-        byte[] data = Strings.toByteArray("Hello World!");
-        KeyFactory keyFact = KeyFactory.getInstance("ECGOST3410-2012", BC);
-
-        PrivateKey senderKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(gost2012_512_Sender_Key));
-        PrivateKey reciKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(gost2012_512_Reci_Key));
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        JceKeyAgreeRecipientInfoGenerator recipientGenerator = new JceKeyAgreeRecipientInfoGenerator(CMSAlgorithm.ECDHGOST3410_2012_512,
-            senderKey, senderCert.getPublicKey(), CMSAlgorithm.GOST28147_CRYPTOPRO_WRAP).setProvider(BC);
-
-        byte[] ukm = new byte[8];
-        random.nextBytes(ukm);
-
-        recipientGenerator.addRecipient(reciCert);
-        recipientGenerator.setUserKeyingMaterial(ukm);
-
-        edGen.addRecipientInfoGenerator(recipientGenerator);
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(CMSAlgorithm.GOST28147_GCFB).setProvider(BC).build());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(), CryptoProObjectIdentifiers.gostR28147_gcfb.getId());
-
-        Collection c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), RosstandartObjectIdentifiers.id_tc26_agreement_gost_3410_12_512.getId());
-
-            byte[] recData = recipient.getContent(new JceKeyAgreeEnvelopedRecipient(reciKey).setProvider(BC));
-
-            assertEquals("Hello World!", Strings.fromByteArray(recData));
-        }
-
-        RecipientId id = new JceKeyAgreeRecipientId(reciCert);
-
-        Collection collection = recipients.getRecipients(id);
-        if (collection.size() != 1)
-        {
-            fail("recipients not matched using general recipient ID.");
-        }
-        assertTrue(collection.iterator().next() instanceof RecipientInformation);
-    }
-
-    private void processInput(ECPrivateKey ecKey, byte[] expected, String input, AlgorithmIdentifier wrapAlg)
-        throws CMSException, IOException
-    {
-        PEMParser pemParser;
-        pemParser = new PEMParser(new InputStreamReader(getClass().getResourceAsStream(input)));
-
-        CMSEnvelopedData envData = new CMSEnvelopedData((ContentInfo)pemParser.readObject());
-
-        KeyAgreeRecipientInformation recip = (KeyAgreeRecipientInformation)envData.getRecipientInfos().getRecipients().iterator().next();
-
-        TestCase.assertEquals(wrapAlg, AlgorithmIdentifier.getInstance(recip.getKeyEncryptionAlgorithm().getParameters()));
-
-        byte[] decrypted = recip.getContent(new JceKeyAgreeEnvelopedRecipient(ecKey).setProvider("BC"));
-
-        TestCase.assertTrue(Arrays.equals(expected, decrypted));
-    }
-
-    private void passwordTest(String algorithm)
-        throws Exception
-    {
-        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new JcePasswordRecipientInfoGenerator(new ASN1ObjectIdentifier(algorithm), "password".toCharArray()).setProvider(BC).setPasswordConversionScheme(PasswordRecipient.PKCS5_SCHEME2).setSaltAndIterationCount(new byte[20], 5));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(),
-            CMSEnvelopedDataGenerator.AES128_CBC);
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        if (it.hasNext())
-        {
-            PasswordRecipientInformation recipient = (PasswordRecipientInformation)it.next();
-
-            byte[] recData = recipient.getContent(new JcePasswordEnvelopedRecipient("password".toCharArray()).setPasswordConversionScheme(PasswordRecipient.PKCS5_SCHEME2).setProvider(BC));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-
-        //
-        // try algorithm parameters constructor
-        //
-        it = c.iterator();
-
-        RecipientInformation recipient = (RecipientInformation)it.next();
-
-        byte[] recData = recipient.getContent(new JcePasswordEnvelopedRecipient("password".toCharArray()).setPasswordConversionScheme(PasswordRecipient.PKCS5_SCHEME2).setProvider(BC));
-        assertEquals(true, Arrays.equals(data, recData));
-    }
-
-    private void passwordUTF8Test(String algorithm)
-        throws Exception
-    {
-        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new JcePasswordRecipientInfoGenerator(new ASN1ObjectIdentifier(algorithm), "abc\u5639\u563b".toCharArray()).setProvider(BC).setSaltAndIterationCount(new byte[20], 5));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(),
-            CMSEnvelopedDataGenerator.AES128_CBC);
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        if (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            byte[] recData = recipient.getContent(new JcePasswordEnvelopedRecipient("abc\u5639\u563b".toCharArray()).setProvider(BC));
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-
-        //
-        // try algorithm parameters constructor
-        //
-        it = c.iterator();
-
-        RecipientInformation recipient = (RecipientInformation)it.next();
-
-        byte[] recData = recipient.getContent(new JcePasswordEnvelopedRecipient("abc\u5639\u563b".toCharArray()).setProvider(BC));
-        assertEquals(true, Arrays.equals(data, recData));
-    }
-
-    private void passwordUTF8Test(String algorithm, PasswordRecipient.PRF prf)
-        throws Exception
-    {
-        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new JcePasswordRecipientInfoGenerator(new ASN1ObjectIdentifier(algorithm), "abc\u5639\u563b".toCharArray()).setProvider(BC).setPRF(prf).setSaltAndIterationCount(new byte[20], 5));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(),
-            CMSEnvelopedDataGenerator.AES128_CBC);
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        if (it.hasNext())
-        {
-            PasswordRecipientInformation recipient = (PasswordRecipientInformation)it.next();
-
-            assertEquals(AlgorithmIdentifier.getInstance(recipient.getKeyEncryptionAlgorithm().getParameters()).getAlgorithm().getId(), algorithm);
-            assertEquals(PBKDF2Params.getInstance(recipient.getKeyDerivationAlgorithm().getParameters()).getPrf(), prf.getAlgorithmID());
-
-            byte[] recData = recipient.getContent(new JcePasswordEnvelopedRecipient("abc\u5639\u563b".toCharArray()).setProvider(BC));
-            assertEquals(true, Arrays.equals(data, recData));
-
-            // try lightweight recipient
-            recData = recipient.getContent(new BcPasswordEnvelopedRecipient("abc\u5639\u563b".toCharArray()));
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-
-        //
-        // try algorithm parameters constructor
-        //
-        it = c.iterator();
-
-        RecipientInformation recipient = (RecipientInformation)it.next();
-
-        byte[] recData = recipient.getContent(new JcePasswordEnvelopedRecipient("abc\u5639\u563b".toCharArray()).setProvider(BC));
-        assertEquals(true, Arrays.equals(data, recData));
-
-        // try lightweight generator.
-        edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new BcPasswordRecipientInfoGenerator(new ASN1ObjectIdentifier(algorithm), "abc\u5639\u563b".toCharArray()).setPRF(prf).setSaltAndIterationCount(new byte[20], 5));
-
-        ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-
-        recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(),
-            CMSEnvelopedDataGenerator.AES128_CBC);
-
-        c = recipients.getRecipients();
-        it = c.iterator();
-
-        if (it.hasNext())
-        {
-            PasswordRecipientInformation recipient1 = (PasswordRecipientInformation)it.next();
-
-            assertEquals(AlgorithmIdentifier.getInstance(recipient1.getKeyEncryptionAlgorithm().getParameters()).getAlgorithm().getId(), algorithm);
-            assertEquals(PBKDF2Params.getInstance(recipient1.getKeyDerivationAlgorithm().getParameters()).getPrf(), prf.getAlgorithmID());
-
-            recData = recipient1.getContent(new JcePasswordEnvelopedRecipient("abc\u5639\u563b".toCharArray()).setProvider(BC));
-            assertEquals(true, Arrays.equals(data, recData));
-
-            // try lightweight recipient
-            recData = recipient1.getContent(new BcPasswordEnvelopedRecipient("abc\u5639\u563b".toCharArray()));
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-
-    private void verifyECKeyAgreeVectors(PrivateKey privKey, String wrapAlg, byte[] message)
-        throws CMSException, GeneralSecurityException
-    {
-        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
-
-        CMSEnvelopedData ed = new CMSEnvelopedData(message);
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        assertEquals(wrapAlg, ed.getEncryptionAlgOID());
-
-        if (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals("1.3.133.16.840.63.0.2", recipient.getKeyEncryptionAlgOID());
-
-            byte[] recData = recipient.getContent(new JceKeyAgreeEnvelopedRecipient(privKey).setProvider(BC));
-
-            assertTrue(Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-
-    private void verifyECMQVKeyAgreeVectors(PrivateKey privKey, String wrapAlg, byte[] message)
-        throws CMSException, GeneralSecurityException
-    {
-        byte[] data = Hex.decode("504b492d4320434d5320456e76656c6f706564446174612053616d706c65");
-
-        CMSEnvelopedData ed = new CMSEnvelopedData(message);
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        Collection c = recipients.getRecipients();
-        Iterator it = c.iterator();
-
-        assertEquals(wrapAlg, ed.getEncryptionAlgOID());
-
-        if (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals("1.3.133.16.840.63.0.16", recipient.getKeyEncryptionAlgOID());
-
-            byte[] recData = recipient.getContent(new JceKeyAgreeEnvelopedRecipient(privKey).setProvider(BC));
-
-            assertTrue(Arrays.equals(data, recData));
-        }
-        else
-        {
-            fail("no recipient found");
-        }
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/test/NewSignedDataStreamTest.java b/bcpkix/src/main/java/org/bouncycastle/cms/test/NewSignedDataStreamTest.java
deleted file mode 100644
index fcd1266..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/test/NewSignedDataStreamTest.java
+++ /dev/null

@@ -1,1327 +0,0 @@
-package org.bouncycastle.cms.test;
-
-import java.io.BufferedOutputStream;
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-import java.security.KeyPair;
-import java.security.MessageDigest;
-import java.security.Security;
-import java.security.cert.X509CRL;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.HashSet;
-import java.util.Hashtable;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.cms.Attribute;
-import org.bouncycastle.asn1.cms.AttributeTable;
-import org.bouncycastle.asn1.cms.CMSAttributes;
-import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
-import org.bouncycastle.asn1.ocsp.OCSPResponse;
-import org.bouncycastle.cert.X509AttributeCertificateHolder;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.jcajce.JcaCRLStore;
-import org.bouncycastle.cert.jcajce.JcaCertStore;
-import org.bouncycastle.cert.jcajce.JcaX509CRLHolder;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
-import org.bouncycastle.cert.ocsp.OCSPResp;
-import org.bouncycastle.cms.CMSAlgorithm;
-import org.bouncycastle.cms.CMSAttributeTableGenerator;
-import org.bouncycastle.cms.CMSProcessableByteArray;
-import org.bouncycastle.cms.CMSSignedData;
-import org.bouncycastle.cms.CMSSignedDataGenerator;
-import org.bouncycastle.cms.CMSSignedDataParser;
-import org.bouncycastle.cms.CMSSignedDataStreamGenerator;
-import org.bouncycastle.cms.CMSTypedData;
-import org.bouncycastle.cms.CMSTypedStream;
-import org.bouncycastle.cms.DefaultSignedAttributeTableGenerator;
-import org.bouncycastle.cms.SignerInformation;
-import org.bouncycastle.cms.SignerInformationStore;
-import org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
-import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoGeneratorBuilder;
-import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.operator.ContentSigner;
-import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
-import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
-import org.bouncycastle.util.CollectionStore;
-import org.bouncycastle.util.Store;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.io.Streams;
-
-public class NewSignedDataStreamTest
-    extends TestCase
-{
-
-    byte[] successResp = Base64.decode(
-          "MIIFnAoBAKCCBZUwggWRBgkrBgEFBQcwAQEEggWCMIIFfjCCARehgZ8wgZwx"
-        + "CzAJBgNVBAYTAklOMRcwFQYDVQQIEw5BbmRocmEgcHJhZGVzaDESMBAGA1UE"
-        + "BxMJSHlkZXJhYmFkMQwwCgYDVQQKEwNUQ1MxDDAKBgNVBAsTA0FUQzEeMBwG"
-        + "A1UEAxMVVENTLUNBIE9DU1AgUmVzcG9uZGVyMSQwIgYJKoZIhvcNAQkBFhVv"
-        + "Y3NwQHRjcy1jYS50Y3MuY28uaW4YDzIwMDMwNDAyMTIzNDU4WjBiMGAwOjAJ"
-        + "BgUrDgMCGgUABBRs07IuoCWNmcEl1oHwIak1BPnX8QQUtGyl/iL9WJ1VxjxF"
-        + "j0hAwJ/s1AcCAQKhERgPMjAwMjA4MjkwNzA5MjZaGA8yMDAzMDQwMjEyMzQ1"
-        + "OFowDQYJKoZIhvcNAQEFBQADgYEAfbN0TCRFKdhsmvOdUoiJ+qvygGBzDxD/"
-        + "VWhXYA+16AphHLIWNABR3CgHB3zWtdy2j7DJmQ/R7qKj7dUhWLSqclAiPgFt"
-        + "QQ1YvSJAYfEIdyHkxv4NP0LSogxrumANcDyC9yt/W9yHjD2ICPBIqCsZLuLk"
-        + "OHYi5DlwWe9Zm9VFwCGgggPMMIIDyDCCA8QwggKsoAMCAQICAQYwDQYJKoZI"
-        + "hvcNAQEFBQAwgZQxFDASBgNVBAMTC1RDUy1DQSBPQ1NQMSYwJAYJKoZIhvcN"
-        + "AQkBFhd0Y3MtY2FAdGNzLWNhLnRjcy5jby5pbjEMMAoGA1UEChMDVENTMQww"
-        + "CgYDVQQLEwNBVEMxEjAQBgNVBAcTCUh5ZGVyYWJhZDEXMBUGA1UECBMOQW5k"
-        + "aHJhIHByYWRlc2gxCzAJBgNVBAYTAklOMB4XDTAyMDgyOTA3MTE0M1oXDTAz"
-        + "MDgyOTA3MTE0M1owgZwxCzAJBgNVBAYTAklOMRcwFQYDVQQIEw5BbmRocmEg"
-        + "cHJhZGVzaDESMBAGA1UEBxMJSHlkZXJhYmFkMQwwCgYDVQQKEwNUQ1MxDDAK"
-        + "BgNVBAsTA0FUQzEeMBwGA1UEAxMVVENTLUNBIE9DU1AgUmVzcG9uZGVyMSQw"
-        + "IgYJKoZIhvcNAQkBFhVvY3NwQHRjcy1jYS50Y3MuY28uaW4wgZ8wDQYJKoZI"
-        + "hvcNAQEBBQADgY0AMIGJAoGBAM+XWW4caMRv46D7L6Bv8iwtKgmQu0SAybmF"
-        + "RJiz12qXzdvTLt8C75OdgmUomxp0+gW/4XlTPUqOMQWv463aZRv9Ust4f8MH"
-        + "EJh4ekP/NS9+d8vEO3P40ntQkmSMcFmtA9E1koUtQ3MSJlcs441JjbgUaVnm"
-        + "jDmmniQnZY4bU3tVAgMBAAGjgZowgZcwDAYDVR0TAQH/BAIwADALBgNVHQ8E"
-        + "BAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwkwNgYIKwYBBQUHAQEEKjAoMCYG"
-        + "CCsGAQUFBzABhhpodHRwOi8vMTcyLjE5LjQwLjExMDo3NzAwLzAtBgNVHR8E"
-        + "JjAkMCKgIKAehhxodHRwOi8vMTcyLjE5LjQwLjExMC9jcmwuY3JsMA0GCSqG"
-        + "SIb3DQEBBQUAA4IBAQB6FovM3B4VDDZ15o12gnADZsIk9fTAczLlcrmXLNN4"
-        + "PgmqgnwF0Ymj3bD5SavDOXxbA65AZJ7rBNAguLUo+xVkgxmoBH7R2sBxjTCc"
-        + "r07NEadxM3HQkt0aX5XYEl8eRoifwqYAI9h0ziZfTNes8elNfb3DoPPjqq6V"
-        + "mMg0f0iMS4W8LjNPorjRB+kIosa1deAGPhq0eJ8yr0/s2QR2/WFD5P4aXc8I"
-        + "KWleklnIImS3zqiPrq6tl2Bm8DZj7vXlTOwmraSQxUwzCKwYob1yGvNOUQTq"
-        + "pG6jxn7jgDawHU1+WjWQe4Q34/pWeGLysxTraMa+Ug9kPe+jy/qRX2xwvKBZ");
-
-    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
-
-    private static final String TEST_MESSAGE = "Hello World!";
-    private static String          _signDN;
-    private static KeyPair         _signKP;
-    private static X509Certificate _signCert;
-
-    private static String          _origDN;
-    private static KeyPair         _origKP;
-    private static X509Certificate _origCert;
-
-    private static String          _reciDN;
-    private static KeyPair         _reciKP;
-    private static X509Certificate _reciCert;
-
-    private static KeyPair         _origDsaKP;
-    private static X509Certificate _origDsaCert;
-
-    private static X509CRL         _signCrl;
-    private static X509CRL         _origCrl;
-
-    private static boolean         _initialised = false;
-
-    public NewSignedDataStreamTest(String name)
-    {
-        super(name);
-    }
-
-    public void setUp()
-        throws Exception
-    {
-        init();
-    }
-
-    private static void init()
-        throws Exception
-    {
-        if (!_initialised)
-        {
-            _initialised = true;
-
-            if (Security.getProvider(BC) == null)
-            {
-                Security.addProvider(new BouncyCastleProvider());
-            }
-
-            _signDN   = "O=Bouncy Castle, C=AU";
-            _signKP   = CMSTestUtil.makeKeyPair();  
-            _signCert = CMSTestUtil.makeCertificate(_signKP, _signDN, _signKP, _signDN);
-    
-            _origDN   = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU";
-            _origKP   = CMSTestUtil.makeKeyPair();
-            _origCert = CMSTestUtil.makeCertificate(_origKP, _origDN, _signKP, _signDN);
-    
-            _origDsaKP   = CMSTestUtil.makeDsaKeyPair();
-            _origDsaCert = CMSTestUtil.makeCertificate(_origDsaKP, _origDN, _signKP, _signDN);
-            
-            _reciDN   = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU";
-            _reciKP   = CMSTestUtil.makeKeyPair();
-            _reciCert = CMSTestUtil.makeCertificate(_reciKP, _reciDN, _signKP, _signDN);
-
-            _signCrl  = CMSTestUtil.makeCrl(_signKP);
-            _origCrl  = CMSTestUtil.makeCrl(_origKP);
-        }
-    }
-    
-    private void verifySignatures(CMSSignedDataParser sp, byte[] contentDigest) 
-        throws Exception
-    {
-        Store               certStore = sp.getCertificates();
-        Store               crlStore = sp.getCRLs();
-        SignerInformationStore  signers = sp.getSignerInfos();
-
-        Set digestIDs = new HashSet(sp.getDigestAlgorithmIDs());
-
-        assertTrue(digestIDs.size() > 0);
-
-        Collection              c = signers.getSigners();
-        Iterator                it = c.iterator();
-    
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection          certCollection = certStore.getMatches(signer.getSID());
-    
-            Iterator        certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-    
-            assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-
-            digestIDs.remove(signer.getDigestAlgorithmID());
-
-            if (contentDigest != null)
-            {
-                assertTrue(MessageDigest.isEqual(contentDigest, signer.getContentDigest()));
-            }
-        }
-
-        assertTrue(digestIDs.size() == 0);
-        assertEquals(certStore.getMatches(null).size(), sp.getCertificates().getMatches(null).size());
-        assertEquals(crlStore.getMatches(null).size(), sp.getCRLs().getMatches(null).size());
-    }
-    
-    private void verifySignatures(CMSSignedDataParser sp) 
-        throws Exception
-    {
-        verifySignatures(sp, null);
-    }
-
-    private void verifyEncodedData(ByteArrayOutputStream bOut)
-        throws Exception
-    {
-        CMSSignedDataParser sp;
-        sp = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(), bOut.toByteArray());
-    
-        sp.getSignedContent().drain();
-        
-        verifySignatures(sp);
-        
-        sp.close();
-    }
-
-    private void checkSigParseable(byte[] sig)
-        throws Exception
-    {
-        CMSSignedDataParser sp = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(), sig);
-        sp.getVersion();
-        CMSTypedStream sc = sp.getSignedContent();
-        if (sc != null)
-        {
-            sc.drain();
-        }
-        sp.getCertificates();
-        sp.getCRLs();
-        sp.getSignerInfos();
-        sp.close();
-    }
-
-    public void testSha1EncapsulatedSignature()
-        throws Exception
-    {
-        byte[]  encapSigData = Base64.decode(
-                  "MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEH"
-                + "AaCAJIAEDEhlbGxvIFdvcmxkIQAAAAAAAKCCBGIwggINMIIBdqADAgECAgEF"
-                + "MA0GCSqGSIb3DQEBBAUAMCUxFjAUBgNVBAoTDUJvdW5jeSBDYXN0bGUxCzAJ"
-                + "BgNVBAYTAkFVMB4XDTA1MDgwNzA2MjU1OVoXDTA1MTExNTA2MjU1OVowJTEW"
-                + "MBQGA1UEChMNQm91bmN5IENhc3RsZTELMAkGA1UEBhMCQVUwgZ8wDQYJKoZI"
-                + "hvcNAQEBBQADgY0AMIGJAoGBAI1fZGgH9wgC3QiK6yluH6DlLDkXkxYYL+Qf"
-                + "nVRszJVYl0LIxZdpb7WEbVpO8fwtEgFtoDsOdxyqh3dTBv+L7NVD/v46kdPt"
-                + "xVkSNHRbutJVY8Xn4/TC/CDngqtbpbniMO8n0GiB6vs94gBT20M34j96O2IF"
-                + "73feNHP+x8PkJ+dNAgMBAAGjTTBLMB0GA1UdDgQWBBQ3XUfEE6+D+t+LIJgK"
-                + "ESSUE58eyzAfBgNVHSMEGDAWgBQ3XUfEE6+D+t+LIJgKESSUE58eyzAJBgNV"
-                + "HRMEAjAAMA0GCSqGSIb3DQEBBAUAA4GBAFK3r1stYOeXYJOlOyNGDTWEhZ+a"
-                + "OYdFeFaS6c+InjotHuFLAy+QsS8PslE48zYNFEqYygGfLhZDLlSnJ/LAUTqF"
-                + "01vlp+Bgn/JYiJazwi5WiiOTf7Th6eNjHFKXS3hfSGPNPIOjvicAp3ce3ehs"
-                + "uK0MxgLAaxievzhFfJcGSUMDMIICTTCCAbagAwIBAgIBBzANBgkqhkiG9w0B"
-                + "AQQFADAlMRYwFAYDVQQKEw1Cb3VuY3kgQ2FzdGxlMQswCQYDVQQGEwJBVTAe"
-                + "Fw0wNTA4MDcwNjI1NTlaFw0wNTExMTUwNjI1NTlaMGUxGDAWBgNVBAMTD0Vy"
-                + "aWMgSC4gRWNoaWRuYTEkMCIGCSqGSIb3DQEJARYVZXJpY0Bib3VuY3ljYXN0"
-                + "bGUub3JnMRYwFAYDVQQKEw1Cb3VuY3kgQ2FzdGxlMQswCQYDVQQGEwJBVTCB"
-                + "nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAgHCJyfwV6/V3kqSu2SOU2E/K"
-                + "I+N0XohCMUaxPLLNtNBZ3ijxwaV6JGFz7siTgZD/OGfzir/eZimkt+L1iXQn"
-                + "OAB+ZChivKvHtX+dFFC7Vq+E4Uy0Ftqc/wrGxE6DHb5BR0hprKH8wlDS8wSP"
-                + "zxovgk4nH0ffUZOoDSuUgjh3gG8CAwEAAaNNMEswHQYDVR0OBBYEFLfY/4EG"
-                + "mYrvJa7Cky+K9BJ7YmERMB8GA1UdIwQYMBaAFDddR8QTr4P634sgmAoRJJQT"
-                + "nx7LMAkGA1UdEwQCMAAwDQYJKoZIhvcNAQEEBQADgYEADIOmpMd6UHdMjkyc"
-                + "mIE1yiwfClCsGhCK9FigTg6U1G2FmkBwJIMWBlkeH15uvepsAncsgK+Cn3Zr"
-                + "dZMb022mwtTJDtcaOM+SNeuCnjdowZ4i71Hf68siPm6sMlZkhz49rA0Yidoo"
-                + "WuzYOO+dggzwDsMldSsvsDo/ARyCGOulDOAxggEvMIIBKwIBATAqMCUxFjAU"
-                + "BgNVBAoTDUJvdW5jeSBDYXN0bGUxCzAJBgNVBAYTAkFVAgEHMAkGBSsOAwIa"
-                + "BQCgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEP"
-                + "Fw0wNTA4MDcwNjI1NTlaMCMGCSqGSIb3DQEJBDEWBBQu973mCM5UBOl9XwQv"
-                + "lfifHCMocTANBgkqhkiG9w0BAQEFAASBgGxnBl2qozYKLgZ0ygqSFgWcRGl1"
-                + "LgNuE587LtO+EKkgoc3aFqEdjXlAyP8K7naRsvWnFrsB6pUpnrgI9Z8ZSKv8"
-                + "98IlpsSSJ0jBlEb4gzzavwcBpYbr2ryOtDcF+kYmKIpScglyyoLzm+KPXOoT"
-                + "n7MsJMoKN3Kd2Vzh6s10PFgeAAAAAAAA");
-
-        CMSSignedDataParser     sp = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(), encapSigData);
-
-        sp.getSignedContent().drain();
-
-        verifySignatures(sp);
-    }
-    
-    public void testSHA1WithRSANoAttributes()
-        throws Exception
-    {
-        List         certList = new ArrayList();
-        CMSTypedData msg = new CMSProcessableByteArray(TEST_MESSAGE.getBytes());
-    
-        certList.add(_origCert);
-        certList.add(_signCert);
-    
-        Store certs = new JcaCertStore(certList);
-    
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        JcaSignerInfoGeneratorBuilder siBuilder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build());
-
-        siBuilder.setDirectSignature(true);
-
-        gen.addSignerInfoGenerator(siBuilder.build(sha1Signer, _origCert));
-    
-        gen.addCertificates(certs);
-    
-        CMSSignedData s = gen.generate(msg, false);
-
-        CMSSignedDataParser     sp = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(),
-                new CMSTypedStream(new ByteArrayInputStream(TEST_MESSAGE.getBytes())), s.getEncoded());
-        
-        sp.getSignedContent().drain();
-        
-        //
-        // compute expected content digest
-        //
-        MessageDigest md = MessageDigest.getInstance("SHA1", BC);
-        
-        verifySignatures(sp, md.digest(TEST_MESSAGE.getBytes()));
-    }
-    
-    public void testDSANoAttributes()
-        throws Exception
-    {
-        List                certList = new ArrayList();
-        CMSTypedData        msg = new CMSProcessableByteArray(TEST_MESSAGE.getBytes());
-    
-        certList.add(_origDsaCert);
-        certList.add(_signCert);
-    
-        JcaCertStore          certs = new JcaCertStore(certList);
-    
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        JcaSignerInfoGeneratorBuilder builder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build());
-
-        builder.setDirectSignature(true);
-
-        gen.addSignerInfoGenerator(builder.build(new JcaContentSignerBuilder("SHA1withDSA").setProvider(BC).build(_origDsaKP.getPrivate()), _origDsaCert));
-    
-        gen.addCertificates(certs);
-    
-        CMSSignedData s = gen.generate(msg);
-    
-        CMSSignedDataParser     sp = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(),
-                new CMSTypedStream(new ByteArrayInputStream(TEST_MESSAGE.getBytes())), s.getEncoded());
-        
-        sp.getSignedContent().drain();
-        
-        //
-        // compute expected content digest
-        //
-        MessageDigest md = MessageDigest.getInstance("SHA1", BC);
-        
-        verifySignatures(sp, md.digest(TEST_MESSAGE.getBytes()));
-    }
-    
-    public void testSHA1WithRSA()
-        throws Exception
-    {
-        List                  certList = new ArrayList();
-        List                  crlList = new ArrayList();
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        crlList.add(_signCrl);
-        crlList.add(_origCrl);
-
-        Store           certs = new JcaCertStore(certList);
-        Store           crls = new JcaCRLStore(crlList);
-
-        CMSSignedDataStreamGenerator gen = new CMSSignedDataStreamGenerator();
-
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _origCert));
-    
-        gen.addCertificates(certs);
-
-        gen.addCRLs(crls);
-
-        OutputStream sigOut = gen.open(bOut);
-    
-        sigOut.write(TEST_MESSAGE.getBytes());
-        
-        sigOut.close();
-
-        checkSigParseable(bOut.toByteArray());
-
-        CMSSignedDataParser     sp = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(),
-                new CMSTypedStream(new ByteArrayInputStream(TEST_MESSAGE.getBytes())), bOut.toByteArray());
-    
-        sp.getSignedContent().drain();
-        
-        //
-        // compute expected content digest
-        //
-        MessageDigest md = MessageDigest.getInstance("SHA1", BC);
-        
-        verifySignatures(sp, md.digest(TEST_MESSAGE.getBytes()));
-        
-        //
-        // try using existing signer
-        //
-        gen = new CMSSignedDataStreamGenerator();
-    
-        gen.addSigners(sp.getSignerInfos());
-        
-        gen.addCertificates(sp.getCertificates());
-        gen.addCRLs(sp.getCRLs());
-
-        bOut.reset();
-        
-        sigOut = gen.open(bOut, true);
-    
-        sigOut.write(TEST_MESSAGE.getBytes());
-        
-        sigOut.close();
-    
-        verifyEncodedData(bOut);
-
-        //
-        // look for the CRLs
-        //
-        Collection col = sp.getCRLs().getMatches(null);
-
-        assertEquals(2, col.size());
-        assertTrue(col.contains(new JcaX509CRLHolder(_signCrl)));
-        assertTrue(col.contains(new JcaX509CRLHolder(_origCrl)));
-    }
-
-    public void testSHA1WithRSAAndOtherRevocation()
-        throws Exception
-    {
-        List                  certList = new ArrayList();
-        CMSTypedData          msg = new CMSProcessableByteArray("Hello world!".getBytes());
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataStreamGenerator gen = new CMSSignedDataStreamGenerator();
-
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        List otherInfo = new ArrayList();
-        OCSPResp response = new OCSPResp(successResp);
-
-        otherInfo.add(response.toASN1Structure());
-
-        gen.addOtherRevocationInfo(CMSObjectIdentifiers.id_ri_ocsp_response, new CollectionStore(otherInfo));
-
-        OutputStream sigOut = gen.open(bOut, true);
-
-        sigOut.write(TEST_MESSAGE.getBytes());
-
-        sigOut.close();
-
-        CMSSignedDataParser     sp = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(), bOut.toByteArray());
-
-        CMSTypedStream stream = sp.getSignedContent();
-
-        assertEquals(CMSObjectIdentifiers.data, stream.getContentType());
-
-        stream.drain();
-
-        //
-        // check version
-        //
-        assertEquals(5, sp.getVersion());
-
-        //
-        // compute expected content digest
-        //
-        MessageDigest md = MessageDigest.getInstance("SHA1", BC);
-
-        verifySignatures(sp, md.digest(TEST_MESSAGE.getBytes()));
-
-        Store dataOtherInfo = sp.getOtherRevocationInfo(CMSObjectIdentifiers.id_ri_ocsp_response);
-
-        assertEquals(1, dataOtherInfo.getMatches(null).size());
-
-        OCSPResp dataResponse = new OCSPResp(OCSPResponse.getInstance(dataOtherInfo.getMatches(null).iterator().next()));
-
-        assertEquals(response, dataResponse);
-    }
-
-    public void testSHA1WithRSANonData()
-        throws Exception
-    {
-        List                  certList = new ArrayList();
-        List                  crlList = new ArrayList();
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        certList.add(new JcaX509CertificateHolder(_origCert));
-        certList.add(new JcaX509CertificateHolder(_signCert));
-
-        crlList.add(new JcaX509CRLHolder(_signCrl));
-        crlList.add(new JcaX509CRLHolder(_origCrl));
-
-        Store           certs = new JcaCertStore(certList);
-        Store           crls = new JcaCRLStore(crlList);
-
-        CMSSignedDataStreamGenerator gen = new CMSSignedDataStreamGenerator();
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-        gen.addCRLs(crls);
-
-        OutputStream sigOut = gen.open(new ASN1ObjectIdentifier("1.2.3.4"), bOut, true);
-
-        sigOut.write(TEST_MESSAGE.getBytes());
-
-        sigOut.close();
-
-        CMSSignedDataParser     sp = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(), bOut.toByteArray());
-
-        CMSTypedStream stream = sp.getSignedContent();
-
-        assertEquals(new ASN1ObjectIdentifier("1.2.3.4"), stream.getContentType());
-
-        stream.drain();
-
-        //
-        // compute expected content digest
-        //
-        MessageDigest md = MessageDigest.getInstance("SHA1", BC);
-
-        verifySignatures(sp, md.digest(TEST_MESSAGE.getBytes()));
-    }
-
-    public void testSHA1AndMD5WithRSA()
-        throws Exception
-    {
-        List                  certList = new ArrayList();
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        
-        certList.add(_origCert);
-        certList.add(_signCert);
-    
-        Store           certs = new JcaCertStore(certList);
-    
-        CMSSignedDataStreamGenerator gen = new CMSSignedDataStreamGenerator();
-        JcaSignerInfoGeneratorBuilder signerInfoGeneratorBuilder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build());
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-        ContentSigner md5Signer = new JcaContentSignerBuilder("MD5withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(signerInfoGeneratorBuilder.build(sha1Signer, _origCert));
-
-        gen.addSignerInfoGenerator(signerInfoGeneratorBuilder.build(md5Signer, _origCert));
-        
-        gen.addCertificates(certs);
-    
-        OutputStream sigOut = gen.open(bOut);
-    
-        sigOut.write(TEST_MESSAGE.getBytes());
-        
-        sigOut.close();
-
-        checkSigParseable(bOut.toByteArray());
-
-        CMSSignedDataParser     sp = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(),
-                new CMSTypedStream(new ByteArrayInputStream(TEST_MESSAGE.getBytes())), bOut.toByteArray());
-    
-        sp.getSignedContent().drain();
-        
-        verifySignatures(sp);
-    }
-    
-    public void testSHA1WithRSAEncapsulatedBufferedStream()
-        throws Exception
-    {
-        List                  certList = new ArrayList();
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        //
-        // find unbuffered length
-        //
-        CMSSignedDataStreamGenerator gen = new CMSSignedDataStreamGenerator();
-
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        OutputStream sigOut = gen.open(bOut, true);
-        
-        for (int i = 0; i != 2000; i++)
-        {
-            sigOut.write(i & 0xff);
-        }
-        
-        sigOut.close();
-        
-        CMSSignedDataParser     sp = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(), bOut.toByteArray());
-
-        sp.getSignedContent().drain();
-        
-        verifySignatures(sp);
-        
-        int unbufferedLength = bOut.toByteArray().length;
-        
-        //
-        // find buffered length with buffered stream - should be equal
-        //
-        bOut = new ByteArrayOutputStream();
-
-        gen = new CMSSignedDataStreamGenerator();
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        sigOut = gen.open(bOut, true);
-
-        BufferedOutputStream bfOut = new BufferedOutputStream(sigOut, 300);
-        
-        for (int i = 0; i != 2000; i++)
-        {
-            bfOut.write(i & 0xff);
-        }
-        
-        bfOut.close();
-        
-        verifyEncodedData(bOut);
-        
-        assertTrue(bOut.toByteArray().length == unbufferedLength);
-    }
-
-    public void testSHA1WithRSAEncapsulatedBuffered()
-        throws Exception
-    {
-        List                  certList = new ArrayList();
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        
-        certList.add(_origCert);
-        certList.add(_signCert);
-    
-        Store           certs = new JcaCertStore(certList);
-    
-        //
-        // find unbuffered length
-        //
-        CMSSignedDataStreamGenerator gen = new CMSSignedDataStreamGenerator();
-
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-    
-        OutputStream sigOut = gen.open(bOut, true);
-        
-        for (int i = 0; i != 2000; i++)
-        {
-            sigOut.write(i & 0xff);
-        }
-        
-        sigOut.close();
-        
-        CMSSignedDataParser     sp = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(), bOut.toByteArray());
-    
-        sp.getSignedContent().drain();
-        
-        verifySignatures(sp);
-        
-        int unbufferedLength = bOut.toByteArray().length;
-        
-        //
-        // find buffered length - buffer size less than default
-        //
-        bOut = new ByteArrayOutputStream();
-    
-        gen = new CMSSignedDataStreamGenerator();
-        
-        gen.setBufferSize(300);
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-    
-        sigOut = gen.open(bOut, true);
-    
-        for (int i = 0; i != 2000; i++)
-        {
-            sigOut.write(i & 0xff);
-        }
-        
-        sigOut.close();
-        
-        verifyEncodedData(bOut);
-
-        assertTrue(bOut.toByteArray().length > unbufferedLength);
-    }
-    
-    public void testSHA1WithRSAEncapsulated()
-        throws Exception
-    {
-        List                  certList = new ArrayList();
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataStreamGenerator gen = new CMSSignedDataStreamGenerator();
-
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        OutputStream sigOut = gen.open(bOut, true);
-
-        sigOut.write(TEST_MESSAGE.getBytes());
-        
-        sigOut.close();
-        
-        CMSSignedDataParser     sp = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(), bOut.toByteArray());
-
-        sp.getSignedContent().drain();
-        
-        verifySignatures(sp);
-        
-        byte[] contentDigest = (byte[])gen.getGeneratedDigests().get(CMSAlgorithm.SHA1.getId());
-
-        AttributeTable table = ((SignerInformation)sp.getSignerInfos().getSigners().iterator().next()).getSignedAttributes();
-        Attribute hash = table.get(CMSAttributes.messageDigest);
-
-        assertTrue(MessageDigest.isEqual(contentDigest, ((ASN1OctetString)hash.getAttrValues().getObjectAt(0)).getOctets()));
-
-        //
-        // try using existing signer
-        //
-        gen = new CMSSignedDataStreamGenerator();
-
-        gen.addSigners(sp.getSignerInfos());
-        
-        gen.addCertificates(sp.getCertificates());
-        
-        bOut.reset();
-        
-        sigOut = gen.open(bOut, true);
-
-        sigOut.write(TEST_MESSAGE.getBytes());
-        
-        sigOut.close();
-
-        CMSSignedData sd = new CMSSignedData(new CMSProcessableByteArray(TEST_MESSAGE.getBytes()), bOut.toByteArray());
-
-        assertEquals(1, sd.getSignerInfos().getSigners().size());
-
-        verifyEncodedData(bOut);
-    }
-
-    public void testSHA1WithRSAEncapsulatedSubjectKeyID()
-        throws Exception
-    {
-        List                  certList = new ArrayList();
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataStreamGenerator gen = new CMSSignedDataStreamGenerator();
-
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, CMSTestUtil.createSubjectKeyId(_origCert.getPublicKey()).getKeyIdentifier()));
-        
-        gen.addCertificates(certs);
-
-        OutputStream sigOut = gen.open(bOut, true);
-
-        sigOut.write(TEST_MESSAGE.getBytes());
-
-        sigOut.close();
-
-        CMSSignedDataParser     sp = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(), bOut.toByteArray());
-
-        sp.getSignedContent().drain();
-
-        verifySignatures(sp);
-
-        byte[] contentDigest = (byte[])gen.getGeneratedDigests().get(CMSAlgorithm.SHA1.getId());
-
-        AttributeTable table = ((SignerInformation)sp.getSignerInfos().getSigners().iterator().next()).getSignedAttributes();
-        Attribute hash = table.get(CMSAttributes.messageDigest);
-
-        assertTrue(MessageDigest.isEqual(contentDigest, ((ASN1OctetString)hash.getAttrValues().getObjectAt(0)).getOctets()));
-
-        //
-        // try using existing signer
-        //
-        gen = new CMSSignedDataStreamGenerator();
-
-        gen.addSigners(sp.getSignerInfos());
-
-        gen.addCertificates(sp.getCertificates());
-
-        bOut.reset();
-
-        sigOut = gen.open(bOut, true);
-
-        sigOut.write(TEST_MESSAGE.getBytes());
-
-        sigOut.close();
-
-        CMSSignedData sd = new CMSSignedData(new CMSProcessableByteArray(TEST_MESSAGE.getBytes()), bOut.toByteArray());
-
-        assertEquals(1, sd.getSignerInfos().getSigners().size());
-
-        verifyEncodedData(bOut);
-    }
-
-    public void testAttributeGenerators()
-        throws Exception
-    {
-        final ASN1ObjectIdentifier dummyOid1 = new ASN1ObjectIdentifier("1.2.3");
-        final ASN1ObjectIdentifier dummyOid2 = new ASN1ObjectIdentifier("1.2.3.4");
-        List                      certList = new ArrayList();
-        ByteArrayOutputStream     bOut = new ByteArrayOutputStream();
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        JcaCertStore           certs = new JcaCertStore(certList);
-
-        CMSSignedDataStreamGenerator gen = new CMSSignedDataStreamGenerator();
-
-        CMSAttributeTableGenerator signedGen = new DefaultSignedAttributeTableGenerator()
-        {
-            public AttributeTable getAttributes(Map parameters)
-            {
-                Hashtable table = createStandardAttributeTable(parameters);
-
-                DEROctetString val = new DEROctetString((byte[])parameters.get(CMSAttributeTableGenerator.DIGEST));
-                Attribute attr = new Attribute(dummyOid1, new DERSet(val));
-
-                table.put(attr.getAttrType(), attr);
-
-                return new AttributeTable(table);
-            }
-        };
-
-        CMSAttributeTableGenerator unsignedGen = new CMSAttributeTableGenerator()
-        {
-            public AttributeTable getAttributes(Map parameters)
-            {
-                DEROctetString val = new DEROctetString((byte[])parameters.get(CMSAttributeTableGenerator.SIGNATURE));
-                Attribute attr = new Attribute(dummyOid2, new DERSet(val));
-
-                return new AttributeTable(new DERSet(attr));
-            }
-        };
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        JcaSignerInfoGeneratorBuilder siBuilder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build());
-
-        siBuilder.setSignedAttributeGenerator(signedGen).setUnsignedAttributeGenerator(unsignedGen);
-
-        gen.addSignerInfoGenerator(siBuilder.build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        OutputStream sigOut = gen.open(bOut, true);
-
-        sigOut.write(TEST_MESSAGE.getBytes());
-
-        sigOut.close();
-
-        CMSSignedDataParser     sp = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(), bOut.toByteArray());
-
-        sp.getSignedContent().drain();
-
-        verifySignatures(sp);
-
-        //
-        // check attributes
-        //
-        SignerInformationStore  signers = sp.getSignerInfos();
-
-        Collection              c = signers.getSigners();
-        Iterator                it = c.iterator();
-
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            checkAttribute(signer.getContentDigest(), signer.getSignedAttributes().get(dummyOid1));
-            checkAttribute(signer.getSignature(), signer.getUnsignedAttributes().get(dummyOid2));
-        }
-    }
-
-    private void checkAttribute(byte[] expected, Attribute attr)
-    {
-        DEROctetString      value = (DEROctetString)attr.getAttrValues().getObjectAt(0);
-
-        assertEquals(new DEROctetString(expected), value);
-    }
-
-    public void testWithAttributeCertificate()
-        throws Exception
-    {
-        List                  certList = new ArrayList();
-
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataStreamGenerator gen = new CMSSignedDataStreamGenerator();
-
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        X509AttributeCertificateHolder attrCert = CMSTestUtil.getAttributeCertificate();
-
-        Store store = new CollectionStore(Collections.singleton(attrCert));
-
-        gen.addAttributeCertificates(store);
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        OutputStream sigOut = gen.open(bOut, true);
-
-        sigOut.write(TEST_MESSAGE.getBytes());
-
-        sigOut.close();
-
-        CMSSignedDataParser     sp = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(), bOut.toByteArray());
-
-        sp.getSignedContent().drain();
-
-        assertEquals(4, sp.getVersion());
-
-        store = sp.getAttributeCertificates();
-
-        Collection coll = store.getMatches(null);
-
-        assertEquals(1, coll.size());
-
-        assertTrue(coll.contains(attrCert));
-    }
-
-    public void testSignerStoreReplacement()
-        throws Exception
-    {
-        List                  certList = new ArrayList();
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        byte[]                data = TEST_MESSAGE.getBytes();
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataStreamGenerator gen = new CMSSignedDataStreamGenerator();
-
-        gen.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider(BC).build("SHA1withRSA", _origKP.getPrivate(), _origCert));
-
-        gen.addCertificates(certs);
-
-        OutputStream sigOut = gen.open(bOut, false);
-
-        sigOut.write(data);
-
-        sigOut.close();
-
-        checkSigParseable(bOut.toByteArray());
-
-        //
-        // create new Signer
-        //
-        ByteArrayInputStream  original = new ByteArrayInputStream(bOut.toByteArray());
-
-        bOut.reset();
-
-        gen = new CMSSignedDataStreamGenerator();
-
-        gen.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider(BC).build("SHA224withRSA", _origKP.getPrivate(), _origCert));
-
-        gen.addCertificates(certs);
-
-        sigOut = gen.open(bOut);
-
-        sigOut.write(data);
-
-        sigOut.close();
-
-        checkSigParseable(bOut.toByteArray());
-
-        CMSSignedData sd = new CMSSignedData(bOut.toByteArray());
-
-        //
-        // replace signer
-        //
-        ByteArrayOutputStream newOut = new ByteArrayOutputStream();
-
-        CMSSignedDataParser.replaceSigners(original, sd.getSignerInfos(), newOut);
-
-        sd = new CMSSignedData(new CMSProcessableByteArray(data), newOut.toByteArray());
-        SignerInformation signer = (SignerInformation)sd.getSignerInfos().getSigners().iterator().next();
-
-        assertEquals(signer.getDigestAlgOID(), CMSAlgorithm.SHA224.getId());
-
-        CMSSignedDataParser sp = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(), new CMSTypedStream(new ByteArrayInputStream(data)), newOut.toByteArray());
-
-        sp.getSignedContent().drain();
-
-        verifySignatures(sp);
-    }
-
-    public void testEncapsulatedSignerStoreReplacement()
-        throws Exception
-    {
-        List                  certList = new ArrayList();
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataStreamGenerator gen = new CMSSignedDataStreamGenerator();
-
-        gen.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider(BC).build("SHA1withRSA", _origKP.getPrivate(), _origCert));
-
-        gen.addCertificates(certs);
-
-        OutputStream sigOut = gen.open(bOut, true);
-
-        sigOut.write(TEST_MESSAGE.getBytes());
-
-        sigOut.close();
-
-        //
-        // create new Signer
-        //
-        ByteArrayInputStream  original = new ByteArrayInputStream(bOut.toByteArray());
-
-        bOut.reset();
-
-        gen = new CMSSignedDataStreamGenerator();
-
-        gen.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider(BC).build("SHA224withRSA", _origKP.getPrivate(), _origCert));
-
-        gen.addCertificates(certs);
-
-        sigOut = gen.open(bOut, true);
-
-        sigOut.write(TEST_MESSAGE.getBytes());
-
-        sigOut.close();
-
-        CMSSignedData sd = new CMSSignedData(bOut.toByteArray());
-
-        //
-        // replace signer
-        //
-        ByteArrayOutputStream newOut = new ByteArrayOutputStream();
-
-        CMSSignedDataParser.replaceSigners(original, sd.getSignerInfos(), newOut);
-
-        sd = new CMSSignedData(newOut.toByteArray());
-        SignerInformation signer = (SignerInformation)sd.getSignerInfos().getSigners().iterator().next();
-
-        assertEquals(signer.getDigestAlgOID(), CMSAlgorithm.SHA224.getId());
-
-        CMSSignedDataParser sp = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(), newOut.toByteArray());
-
-        sp.getSignedContent().drain();
-
-        verifySignatures(sp);
-    }
-
-    public void testCertStoreReplacement()
-        throws Exception
-    {
-        List                  certList = new ArrayList();
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        byte[]                data = TEST_MESSAGE.getBytes();
-
-        certList.add(_origDsaCert);
-
-        JcaCertStore           certs = new JcaCertStore(certList);
-
-        CMSSignedDataStreamGenerator gen = new CMSSignedDataStreamGenerator();
-
-        JcaSignerInfoGeneratorBuilder builder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build());
-
-        gen.addSignerInfoGenerator(builder.build(new JcaContentSignerBuilder("SHA1withRSA").build(_origKP.getPrivate()), _origCert));
-
-        gen.addCertificates(certs);
-
-        OutputStream sigOut = gen.open(bOut);
-
-        sigOut.write(data);
-
-        sigOut.close();
-
-        checkSigParseable(bOut.toByteArray());
-
-        //
-        // create new certstore with the right certificates
-        //
-        certList = new ArrayList();
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        certs = new JcaCertStore(certList);
-
-
-        //
-        // replace certs
-        //
-        ByteArrayInputStream original = new ByteArrayInputStream(bOut.toByteArray());
-        ByteArrayOutputStream newOut = new ByteArrayOutputStream();
-
-        CMSSignedDataParser.replaceCertificatesAndCRLs(original, certs, null, null, newOut);
-
-        CMSSignedDataParser sp = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(), new CMSTypedStream(new ByteArrayInputStream(data)), newOut.toByteArray());
-
-        sp.getSignedContent().drain();
-
-        verifySignatures(sp);
-    }
-
-    public void testEncapsulatedCertStoreReplacement()
-        throws Exception
-    {
-        List                  certList = new ArrayList();
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        certList.add(_origDsaCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataStreamGenerator gen = new CMSSignedDataStreamGenerator();
-
-        JcaSignerInfoGeneratorBuilder builder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build());
-
-        gen.addSignerInfoGenerator(builder.build(new JcaContentSignerBuilder("SHA1withRSA").build(_origKP.getPrivate()), _origCert));
-
-        gen.addCertificates(certs);
-
-        OutputStream sigOut = gen.open(bOut, true);
-
-        sigOut.write(TEST_MESSAGE.getBytes());
-
-        sigOut.close();
-
-        //
-        // create new certstore with the right certificates
-        //
-        certList = new ArrayList();
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        certs = new JcaCertStore(certList);
-
-        //
-        // replace certs
-        //
-        ByteArrayInputStream original = new ByteArrayInputStream(bOut.toByteArray());
-        ByteArrayOutputStream newOut = new ByteArrayOutputStream();
-
-        CMSSignedDataParser.replaceCertificatesAndCRLs(original, certs, null, null, newOut);
-
-        CMSSignedDataParser sp = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(), newOut.toByteArray());
-
-        sp.getSignedContent().drain();
-
-        verifySignatures(sp);
-    }
-
-    public void testCertOrdering1()
-        throws Exception
-    {
-        List                  certList = new ArrayList();
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataStreamGenerator gen = new CMSSignedDataStreamGenerator();
-
-        gen.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider(BC).build("SHA1withRSA", _origKP.getPrivate(), _origCert));
-
-        gen.addCertificates(certs);
-
-        OutputStream sigOut = gen.open(bOut, true);
-
-        sigOut.write(TEST_MESSAGE.getBytes());
-
-        sigOut.close();
-
-        CMSSignedDataParser sp = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(), bOut.toByteArray());
-
-        sp.getSignedContent().drain();
-        certs = sp.getCertificates();
-        Iterator it = certs.getMatches(null).iterator();
-
-        assertEquals(new JcaX509CertificateHolder(_origCert), it.next());
-        assertEquals(new JcaX509CertificateHolder(_signCert), it.next());
-    }
-
-    public void testCertOrdering2()
-        throws Exception
-    {
-        List                  certList = new ArrayList();
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        certList.add(_signCert);
-        certList.add(_origCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataStreamGenerator gen = new CMSSignedDataStreamGenerator();
-
-        gen.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider(BC).build("SHA1withRSA", _origKP.getPrivate(), _origCert));
-
-        gen.addCertificates(certs);
-
-        OutputStream sigOut = gen.open(bOut, true);
-
-        sigOut.write(TEST_MESSAGE.getBytes());
-
-        sigOut.close();
-
-        CMSSignedDataParser sp = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(), bOut.toByteArray());
-
-        sp.getSignedContent().drain();
-        certs = sp.getCertificates();
-        Iterator it = certs.getMatches(null).iterator();
-
-        assertEquals(new JcaX509CertificateHolder(_signCert), it.next());
-        assertEquals(new JcaX509CertificateHolder(_origCert), it.next());
-    }
-
-    public void testCertsOnly()
-        throws Exception
-    {
-        List certList = new ArrayList();
-        certList.add(_origCert);
-        certList.add(_signCert);
-    
-        Store certs = new JcaCertStore(certList);
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        CMSSignedDataStreamGenerator gen = new CMSSignedDataStreamGenerator();
-        gen.addCertificates(certs);
-
-        gen.open(bOut).close();
-
-        checkSigParseable(bOut.toByteArray());
-    }
-
-    public void testMSPKCS7()
-        throws Exception
-    {
-        byte[] data = getInput("SignedMSPkcs7.sig");
-
-        CMSSignedDataParser sp = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider("BC").build(), data);
-
-        sp.getSignedContent().drain();
-
-        Store certStore = sp.getCertificates();
-        SignerInformationStore signers = sp.getSignerInfos();
-
-        Collection c = signers.getSigners();
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            SignerInformation signer = (SignerInformation)it.next();
-            Collection certCollection = certStore.getMatches(signer.getSID());
-
-            Iterator certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert)));
-        }
-    }
-
-    private byte[] getInput(String name)
-        throws IOException
-    {
-        return Streams.readAll(getClass().getResourceAsStream(name));
-    }
-
-    public static Test suite()
-        throws Exception
-    {
-        init();
-        
-        return new CMSTestSetup(new TestSuite(NewSignedDataStreamTest.class));
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/test/NewSignedDataTest.java b/bcpkix/src/main/java/org/bouncycastle/cms/test/NewSignedDataTest.java
deleted file mode 100644
index b354c52..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/test/NewSignedDataTest.java
+++ /dev/null

@@ -1,2725 +0,0 @@
-package org.bouncycastle.cms.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.MessageDigest;
-import java.security.Security;
-import java.security.Signature;
-import java.security.cert.X509CRL;
-import java.security.cert.X509Certificate;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import junit.framework.Assert;
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.asn1.ASN1ApplicationSpecific;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.cms.Attribute;
-import org.bouncycastle.asn1.cms.AttributeTable;
-import org.bouncycastle.asn1.cms.CMSAttributes;
-import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.cms.SignedData;
-import org.bouncycastle.asn1.cms.SignerInfo;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.ocsp.OCSPResponse;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-import org.bouncycastle.cert.X509AttributeCertificateHolder;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.jcajce.JcaCRLStore;
-import org.bouncycastle.cert.jcajce.JcaCertStore;
-import org.bouncycastle.cert.jcajce.JcaX509CRLHolder;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
-import org.bouncycastle.cert.ocsp.OCSPResp;
-import org.bouncycastle.cms.CMSAbsentContent;
-import org.bouncycastle.cms.CMSAlgorithm;
-import org.bouncycastle.cms.CMSAttributeTableGenerationException;
-import org.bouncycastle.cms.CMSAttributeTableGenerator;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.CMSProcessableByteArray;
-import org.bouncycastle.cms.CMSSignedData;
-import org.bouncycastle.cms.CMSSignedDataGenerator;
-import org.bouncycastle.cms.CMSSignedDataParser;
-import org.bouncycastle.cms.CMSTypedData;
-import org.bouncycastle.cms.DefaultCMSSignatureAlgorithmNameGenerator;
-import org.bouncycastle.cms.DefaultSignedAttributeTableGenerator;
-import org.bouncycastle.cms.SignerId;
-import org.bouncycastle.cms.SignerInfoGeneratorBuilder;
-import org.bouncycastle.cms.SignerInformation;
-import org.bouncycastle.cms.SignerInformationStore;
-import org.bouncycastle.cms.SignerInformationVerifier;
-import org.bouncycastle.cms.SignerInformationVerifierProvider;
-import org.bouncycastle.cms.bc.BcRSASignerInfoVerifierBuilder;
-import org.bouncycastle.cms.jcajce.JcaSignerId;
-import org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
-import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoGeneratorBuilder;
-import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.util.PrivateKeyFactory;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.operator.ContentSigner;
-import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
-import org.bouncycastle.operator.DefaultSignatureAlgorithmIdentifierFinder;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.bc.BcContentSignerBuilder;
-import org.bouncycastle.operator.bc.BcDigestCalculatorProvider;
-import org.bouncycastle.operator.bc.BcRSAContentSignerBuilder;
-import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
-import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
-import org.bouncycastle.util.CollectionStore;
-import org.bouncycastle.util.Store;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.io.Streams;
-
-public class NewSignedDataTest
-    extends TestCase
-{
-    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
-
-    boolean DEBUG = true;
-
-    private static String          _origDN;
-    private static KeyPair         _origKP;
-    private static X509Certificate _origCert;
-
-    private static String          _signDN;
-    private static KeyPair         _signKP;
-    private static X509Certificate _signCert;
-
-    private static KeyPair         _signGostKP;
-    private static X509Certificate _signGostCert;
-
-    private static KeyPair         _signEcDsaKP;
-    private static X509Certificate _signEcDsaCert;
-
-    private static KeyPair         _signEcGostKP;
-    private static X509Certificate _signEcGostCert;
-
-    private static KeyPair         _signDsaKP;
-    private static X509Certificate _signDsaCert;
-
-    private static String          _reciDN;
-    private static KeyPair         _reciKP;
-    private static X509Certificate _reciCert;
-
-    private static X509CRL         _signCrl;
-
-    private static boolean _initialised = false;
-
-    private byte[] disorderedMessage = Base64.decode(
-            "SU9fc3RkaW5fdXNlZABfX2xpYmNfc3RhcnRfbWFpbgBnZXRob3N0aWQAX19n"
-          + "bW9uX3M=");
-
-    private byte[] disorderedSet = Base64.decode(
-            "MIIYXQYJKoZIhvcNAQcCoIIYTjCCGEoCAQExCzAJBgUrDgMCGgUAMAsGCSqG"
-          + "SIb3DQEHAaCCFqswggJUMIIBwKADAgECAgMMg6wwCgYGKyQDAwECBQAwbzEL"
-          + "MAkGA1UEBhMCREUxPTA7BgNVBAoUNFJlZ3VsaWVydW5nc2JlaMhvcmRlIGbI"
-          + "dXIgVGVsZWtvbW11bmlrYXRpb24gdW5kIFBvc3QxITAMBgcCggYBCgcUEwEx"
-          + "MBEGA1UEAxQKNFItQ0EgMTpQTjAiGA8yMDAwMDMyMjA5NDM1MFoYDzIwMDQw"
-          + "MTIxMTYwNDUzWjBvMQswCQYDVQQGEwJERTE9MDsGA1UEChQ0UmVndWxpZXJ1"
-          + "bmdzYmVoyG9yZGUgZsh1ciBUZWxla29tbXVuaWthdGlvbiB1bmQgUG9zdDEh"
-          + "MAwGBwKCBgEKBxQTATEwEQYDVQQDFAo1Ui1DQSAxOlBOMIGhMA0GCSqGSIb3"
-          + "DQEBAQUAA4GPADCBiwKBgQCKHkFTJx8GmoqFTxEOxpK9XkC3NZ5dBEKiUv0I"
-          + "fe3QMqeGMoCUnyJxwW0k2/53duHxtv2yHSZpFKjrjvE/uGwdOMqBMTjMzkFg"
-          + "19e9JPv061wyADOucOIaNAgha/zFt9XUyrHF21knKCvDNExv2MYIAagkTKaj"
-          + "LMAw0bu1J0FadQIFAMAAAAEwCgYGKyQDAwECBQADgYEAgFauXpoTLh3Z3pT/"
-          + "3bhgrxO/2gKGZopWGSWSJPNwq/U3x2EuctOJurj+y2inTcJjespThflpN+7Q"
-          + "nvsUhXU+jL2MtPlObU0GmLvWbi47cBShJ7KElcZAaxgWMBzdRGqTOdtMv+ev"
-          + "2t4igGF/q71xf6J2c3pTLWr6P8s6tzLfOCMwggJDMIIBr6ADAgECAgQAuzyu"
-          + "MAoGBiskAwMBAgUAMG8xCzAJBgNVBAYTAkRFMT0wOwYDVQQKFDRSZWd1bGll"
-          + "cnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21tdW5pa2F0aW9uIHVuZCBQb3N0"
-          + "MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjVSLUNBIDE6UE4wIhgPMjAwMTA4"
-          + "MjAwODA4MjBaGA8yMDA1MDgyMDA4MDgyMFowSzELMAkGA1UEBhMCREUxEjAQ"
-          + "BgNVBAoUCVNpZ250cnVzdDEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFDQSBT"
-          + "SUdOVFJVU1QgMTpQTjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAhV12"
-          + "N2WhlR6f+3CXP57GrBM9la5Vnsu2b92zv5MZqQOPeEsYbZqDCFkYg1bSwsDE"
-          + "XsGVQqXdQNAGUaapr/EUVVN+hNZ07GcmC1sPeQECgUkxDYjGi4ihbvzxlahj"
-          + "L4nX+UTzJVBfJwXoIvJ+lMHOSpnOLIuEL3SRhBItvRECxN0CAwEAAaMSMBAw"
-          + "DgYDVR0PAQH/BAQDAgEGMAoGBiskAwMBAgUAA4GBACDc9Pc6X8sK1cerphiV"
-          + "LfFv4kpZb9ev4WPy/C6987Qw1SOTElhZAmxaJQBqmDHWlQ63wj1DEqswk7hG"
-          + "LrvQk/iX6KXIn8e64uit7kx6DHGRKNvNGofPjr1WelGeGW/T2ZJKgmPDjCkf"
-          + "sIKt2c3gwa2pDn4mmCz/DStUIqcPDbqLMIICVTCCAcGgAwIBAgIEAJ16STAK"
-          + "BgYrJAMDAQIFADBvMQswCQYDVQQGEwJERTE9MDsGA1UEChQ0UmVndWxpZXJ1"
-          + "bmdzYmVoyG9yZGUgZsh1ciBUZWxla29tbXVuaWthdGlvbiB1bmQgUG9zdDEh"
-          + "MAwGBwKCBgEKBxQTATEwEQYDVQQDFAo1Ui1DQSAxOlBOMCIYDzIwMDEwMjAx"
-          + "MTM0NDI1WhgPMjAwNTAzMjIwODU1NTFaMG8xCzAJBgNVBAYTAkRFMT0wOwYD"
-          + "VQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21tdW5pa2F0"
-          + "aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjZSLUNhIDE6"
-          + "UE4wgaEwDQYJKoZIhvcNAQEBBQADgY8AMIGLAoGBAIOiqxUkzVyqnvthihnl"
-          + "tsE5m1Xn5TZKeR/2MQPStc5hJ+V4yptEtIx+Fn5rOoqT5VEVWhcE35wdbPvg"
-          + "JyQFn5msmhPQT/6XSGOlrWRoFummXN9lQzAjCj1sgTcmoLCVQ5s5WpCAOXFw"
-          + "VWu16qndz3sPItn3jJ0F3Kh3w79NglvPAgUAwAAAATAKBgYrJAMDAQIFAAOB"
-          + "gQBpSRdnDb6AcNVaXSmGo6+kVPIBhot1LzJOGaPyDNpGXxd7LV4tMBF1U7gr"
-          + "4k1g9BO6YiMWvw9uiTZmn0CfV8+k4fWEuG/nmafRoGIuay2f+ILuT+C0rnp1"
-          + "4FgMsEhuVNJJAmb12QV0PZII+UneyhAneZuQQzVUkTcVgYxogxdSOzCCAlUw"
-          + "ggHBoAMCAQICBACdekowCgYGKyQDAwECBQAwbzELMAkGA1UEBhMCREUxPTA7"
-          + "BgNVBAoUNFJlZ3VsaWVydW5nc2JlaMhvcmRlIGbIdXIgVGVsZWtvbW11bmlr"
-          + "YXRpb24gdW5kIFBvc3QxITAMBgcCggYBCgcUEwExMBEGA1UEAxQKNlItQ2Eg"
-          + "MTpQTjAiGA8yMDAxMDIwMTEzNDcwN1oYDzIwMDUwMzIyMDg1NTUxWjBvMQsw"
-          + "CQYDVQQGEwJERTE9MDsGA1UEChQ0UmVndWxpZXJ1bmdzYmVoyG9yZGUgZsh1"
-          + "ciBUZWxla29tbXVuaWthdGlvbiB1bmQgUG9zdDEhMAwGBwKCBgEKBxQTATEw"
-          + "EQYDVQQDFAo1Ui1DQSAxOlBOMIGhMA0GCSqGSIb3DQEBAQUAA4GPADCBiwKB"
-          + "gQCKHkFTJx8GmoqFTxEOxpK9XkC3NZ5dBEKiUv0Ife3QMqeGMoCUnyJxwW0k"
-          + "2/53duHxtv2yHSZpFKjrjvE/uGwdOMqBMTjMzkFg19e9JPv061wyADOucOIa"
-          + "NAgha/zFt9XUyrHF21knKCvDNExv2MYIAagkTKajLMAw0bu1J0FadQIFAMAA"
-          + "AAEwCgYGKyQDAwECBQADgYEAV1yTi+2gyB7sUhn4PXmi/tmBxAfe5oBjDW8m"
-          + "gxtfudxKGZ6l/FUPNcrSc5oqBYxKWtLmf3XX87LcblYsch617jtNTkMzhx9e"
-          + "qxiD02ufcrxz2EVt0Akdqiz8mdVeqp3oLcNU/IttpSrcA91CAnoUXtDZYwb/"
-          + "gdQ4FI9l3+qo/0UwggJVMIIBwaADAgECAgQAxIymMAoGBiskAwMBAgUAMG8x"
-          + "CzAJBgNVBAYTAkRFMT0wOwYDVQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBm"
-          + "yHVyIFRlbGVrb21tdW5pa2F0aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMB"
-          + "MTARBgNVBAMUCjZSLUNhIDE6UE4wIhgPMjAwMTEwMTUxMzMxNThaGA8yMDA1"
-          + "MDYwMTA5NTIxN1owbzELMAkGA1UEBhMCREUxPTA7BgNVBAoUNFJlZ3VsaWVy"
-          + "dW5nc2JlaMhvcmRlIGbIdXIgVGVsZWtvbW11bmlrYXRpb24gdW5kIFBvc3Qx"
-          + "ITAMBgcCggYBCgcUEwExMBEGA1UEAxQKN1ItQ0EgMTpQTjCBoTANBgkqhkiG"
-          + "9w0BAQEFAAOBjwAwgYsCgYEAiokD/j6lEP4FexF356OpU5teUpGGfUKjIrFX"
-          + "BHc79G0TUzgVxqMoN1PWnWktQvKo8ETaugxLkP9/zfX3aAQzDW4Zki6x6GDq"
-          + "fy09Agk+RJvhfbbIzRkV4sBBco0n73x7TfG/9NTgVr/96U+I+z/1j30aboM6"
-          + "9OkLEhjxAr0/GbsCBQDAAAABMAoGBiskAwMBAgUAA4GBAHWRqRixt+EuqHhR"
-          + "K1kIxKGZL2vZuakYV0R24Gv/0ZR52FE4ECr+I49o8FP1qiGSwnXB0SwjuH2S"
-          + "iGiSJi+iH/MeY85IHwW1P5e+bOMvEOFhZhQXQixOD7totIoFtdyaj1XGYRef"
-          + "0f2cPOjNJorXHGV8wuBk+/j++sxbd/Net3FtMIICVTCCAcGgAwIBAgIEAMSM"
-          + "pzAKBgYrJAMDAQIFADBvMQswCQYDVQQGEwJERTE9MDsGA1UEChQ0UmVndWxp"
-          + "ZXJ1bmdzYmVoyG9yZGUgZsh1ciBUZWxla29tbXVuaWthdGlvbiB1bmQgUG9z"
-          + "dDEhMAwGBwKCBgEKBxQTATEwEQYDVQQDFAo3Ui1DQSAxOlBOMCIYDzIwMDEx"
-          + "MDE1MTMzNDE0WhgPMjAwNTA2MDEwOTUyMTdaMG8xCzAJBgNVBAYTAkRFMT0w"
-          + "OwYDVQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21tdW5p"
-          + "a2F0aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjZSLUNh"
-          + "IDE6UE4wgaEwDQYJKoZIhvcNAQEBBQADgY8AMIGLAoGBAIOiqxUkzVyqnvth"
-          + "ihnltsE5m1Xn5TZKeR/2MQPStc5hJ+V4yptEtIx+Fn5rOoqT5VEVWhcE35wd"
-          + "bPvgJyQFn5msmhPQT/6XSGOlrWRoFummXN9lQzAjCj1sgTcmoLCVQ5s5WpCA"
-          + "OXFwVWu16qndz3sPItn3jJ0F3Kh3w79NglvPAgUAwAAAATAKBgYrJAMDAQIF"
-          + "AAOBgQBi5W96UVDoNIRkCncqr1LLG9vF9SGBIkvFpLDIIbcvp+CXhlvsdCJl"
-          + "0pt2QEPSDl4cmpOet+CxJTdTuMeBNXxhb7Dvualog69w/+K2JbPhZYxuVFZs"
-          + "Zh5BkPn2FnbNu3YbJhE60aIkikr72J4XZsI5DxpZCGh6xyV/YPRdKSljFjCC"
-          + "AlQwggHAoAMCAQICAwyDqzAKBgYrJAMDAQIFADBvMQswCQYDVQQGEwJERTE9"
-          + "MDsGA1UEChQ0UmVndWxpZXJ1bmdzYmVoyG9yZGUgZsh1ciBUZWxla29tbXVu"
-          + "aWthdGlvbiB1bmQgUG9zdDEhMAwGBwKCBgEKBxQTATEwEQYDVQQDFAo1Ui1D"
-          + "QSAxOlBOMCIYDzIwMDAwMzIyMDk0MTI3WhgPMjAwNDAxMjExNjA0NTNaMG8x"
-          + "CzAJBgNVBAYTAkRFMT0wOwYDVQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBm"
-          + "yHVyIFRlbGVrb21tdW5pa2F0aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMB"
-          + "MTARBgNVBAMUCjRSLUNBIDE6UE4wgaEwDQYJKoZIhvcNAQEBBQADgY8AMIGL"
-          + "AoGBAI8x26tmrFJanlm100B7KGlRemCD1R93PwdnG7svRyf5ZxOsdGrDszNg"
-          + "xg6ouO8ZHQMT3NC2dH8TvO65Js+8bIyTm51azF6clEg0qeWNMKiiXbBXa+ph"
-          + "hTkGbXiLYvACZ6/MTJMJ1lcrjpRF7BXtYeYMcEF6znD4pxOqrtbf9z5hAgUA"
-          + "wAAAATAKBgYrJAMDAQIFAAOBgQB99BjSKlGPbMLQAgXlvA9jUsDNhpnVm3a1"
-          + "YkfxSqS/dbQlYkbOKvCxkPGA9NBxisBM8l1zFynVjJoy++aysRmcnLY/sHaz"
-          + "23BF2iU7WERy18H3lMBfYB6sXkfYiZtvQZcWaO48m73ZBySuiV3iXpb2wgs/"
-          + "Cs20iqroAWxwq/W/9jCCAlMwggG/oAMCAQICBDsFZ9UwCgYGKyQDAwECBQAw"
-          + "bzELMAkGA1UEBhMCREUxITAMBgcCggYBCgcUEwExMBEGA1UEAxQKNFItQ0Eg"
-          + "MTpQTjE9MDsGA1UEChQ0UmVndWxpZXJ1bmdzYmVoyG9yZGUgZsh1ciBUZWxl"
-          + "a29tbXVuaWthdGlvbiB1bmQgUG9zdDAiGA8xOTk5MDEyMTE3MzUzNFoYDzIw"
-          + "MDQwMTIxMTYwMDAyWjBvMQswCQYDVQQGEwJERTE9MDsGA1UEChQ0UmVndWxp"
-          + "ZXJ1bmdzYmVoyG9yZGUgZsh1ciBUZWxla29tbXVuaWthdGlvbiB1bmQgUG9z"
-          + "dDEhMAwGBwKCBgEKBxQTATEwEQYDVQQDFAozUi1DQSAxOlBOMIGfMA0GCSqG"
-          + "SIb3DQEBAQUAA4GNADCBiQKBgI4B557mbKQg/AqWBXNJhaT/6lwV93HUl4U8"
-          + "u35udLq2+u9phns1WZkdM3gDfEpL002PeLfHr1ID/96dDYf04lAXQfombils"
-          + "of1C1k32xOvxjlcrDOuPEMxz9/HDAQZA5MjmmYHAIulGI8Qg4Tc7ERRtg/hd"
-          + "0QX0/zoOeXoDSEOBAgTAAAABMAoGBiskAwMBAgUAA4GBAIyzwfT3keHI/n2P"
-          + "LrarRJv96mCohmDZNpUQdZTVjGu5VQjVJwk3hpagU0o/t/FkdzAjOdfEw8Ql"
-          + "3WXhfIbNLv1YafMm2eWSdeYbLcbB5yJ1od+SYyf9+tm7cwfDAcr22jNRBqx8"
-          + "wkWKtKDjWKkevaSdy99sAI8jebHtWz7jzydKMIID9TCCA16gAwIBAgICbMcw"
-          + "DQYJKoZIhvcNAQEFBQAwSzELMAkGA1UEBhMCREUxEjAQBgNVBAoUCVNpZ250"
-          + "cnVzdDEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFDQSBTSUdOVFJVU1QgMTpQ"
-          + "TjAeFw0wNDA3MzAxMzAyNDZaFw0wNzA3MzAxMzAyNDZaMDwxETAPBgNVBAMM"
-          + "CFlhY29tOlBOMQ4wDAYDVQRBDAVZYWNvbTELMAkGA1UEBhMCREUxCjAIBgNV"
-          + "BAUTATEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAIWzLlYLQApocXIp"
-          + "pgCCpkkOUVLgcLYKeOd6/bXAnI2dTHQqT2bv7qzfUnYvOqiNgYdF13pOYtKg"
-          + "XwXMTNFL4ZOI6GoBdNs9TQiZ7KEWnqnr2945HYx7UpgTBclbOK/wGHuCdcwO"
-          + "x7juZs1ZQPFG0Lv8RoiV9s6HP7POqh1sO0P/AgMBAAGjggH1MIIB8TCBnAYD"
-          + "VR0jBIGUMIGRgBQcZzNghfnXoXRm8h1+VITC5caNRqFzpHEwbzELMAkGA1UE"
-          + "BhMCREUxPTA7BgNVBAoUNFJlZ3VsaWVydW5nc2JlaMhvcmRlIGbIdXIgVGVs"
-          + "ZWtvbW11bmlrYXRpb24gdW5kIFBvc3QxITAMBgcCggYBCgcUEwExMBEGA1UE"
-          + "AxQKNVItQ0EgMTpQToIEALs8rjAdBgNVHQ4EFgQU2e5KAzkVuKaM9I5heXkz"
-          + "bcAIuR8wDgYDVR0PAQH/BAQDAgZAMBIGA1UdIAQLMAkwBwYFKyQIAQEwfwYD"
-          + "VR0fBHgwdjB0oCygKoYobGRhcDovL2Rpci5zaWdudHJ1c3QuZGUvbz1TaWdu"
-          + "dHJ1c3QsYz1kZaJEpEIwQDEdMBsGA1UEAxMUQ1JMU2lnblNpZ250cnVzdDE6"
-          + "UE4xEjAQBgNVBAoTCVNpZ250cnVzdDELMAkGA1UEBhMCREUwYgYIKwYBBQUH"
-          + "AQEEVjBUMFIGCCsGAQUFBzABhkZodHRwOi8vZGlyLnNpZ250cnVzdC5kZS9T"
-          + "aWdudHJ1c3QvT0NTUC9zZXJ2bGV0L2h0dHBHYXRld2F5LlBvc3RIYW5kbGVy"
-          + "MBgGCCsGAQUFBwEDBAwwCjAIBgYEAI5GAQEwDgYHAoIGAQoMAAQDAQH/MA0G"
-          + "CSqGSIb3DQEBBQUAA4GBAHn1m3GcoyD5GBkKUY/OdtD6Sj38LYqYCF+qDbJR"
-          + "6pqUBjY2wsvXepUppEler+stH8mwpDDSJXrJyuzf7xroDs4dkLl+Rs2x+2tg"
-          + "BjU+ABkBDMsym2WpwgA8LCdymmXmjdv9tULxY+ec2pjSEzql6nEZNEfrU8nt"
-          + "ZCSCavgqW4TtMYIBejCCAXYCAQEwUTBLMQswCQYDVQQGEwJERTESMBAGA1UE"
-          + "ChQJU2lnbnRydXN0MSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEUNBIFNJR05U"
-          + "UlVTVCAxOlBOAgJsxzAJBgUrDgMCGgUAoIGAMBgGCSqGSIb3DQEJAzELBgkq"
-          + "hkiG9w0BBwEwIwYJKoZIhvcNAQkEMRYEFIYfhPoyfGzkLWWSSLjaHb4HQmaK"
-          + "MBwGCSqGSIb3DQEJBTEPFw0wNTAzMjQwNzM4MzVaMCEGBSskCAYFMRgWFi92"
-          + "YXIvZmlsZXMvdG1wXzEvdGVzdDEwDQYJKoZIhvcNAQEFBQAEgYA2IvA8lhVz"
-          + "VD5e/itUxbFboKxeKnqJ5n/KuO/uBCl1N14+7Z2vtw1sfkIG+bJdp3OY2Cmn"
-          + "mrQcwsN99Vjal4cXVj8t+DJzFG9tK9dSLvD3q9zT/GQ0kJXfimLVwCa4NaSf"
-          + "Qsu4xtG0Rav6bCcnzabAkKuNNvKtH8amSRzk870DBg==");
-
-    public static byte[] xtraCounterSig = Base64.decode(
-                 "MIIR/AYJKoZIhvcNAQcCoIIR7TCCEekCAQExCzAJBgUrDgMCGgUAMBoGCSqG"
-               + "SIb3DQEHAaANBAtIZWxsbyB3b3JsZKCCDnkwggTPMIIDt6ADAgECAgRDnYD3"
-               + "MA0GCSqGSIb3DQEBBQUAMFgxCzAJBgNVBAYTAklUMRowGAYDVQQKExFJbi5U"
-               + "ZS5TLkEuIFMucC5BLjEtMCsGA1UEAxMkSW4uVGUuUy5BLiAtIENlcnRpZmlj"
-               + "YXRpb24gQXV0aG9yaXR5MB4XDTA4MDkxMjExNDMxMloXDTEwMDkxMjExNDMx"
-               + "MlowgdgxCzAJBgNVBAYTAklUMSIwIAYDVQQKDBlJbnRlc2EgUy5wLkEuLzA1"
-               + "MjYyODkwMDE0MSowKAYDVQQLDCFCdXNpbmVzcyBDb2xsYWJvcmF0aW9uICYg"
-               + "U2VjdXJpdHkxHjAcBgNVBAMMFU1BU1NJTUlMSUFOTyBaSUNDQVJESTERMA8G"
-               + "A1UEBAwIWklDQ0FSREkxFTATBgNVBCoMDE1BU1NJTUlMSUFOTzEcMBoGA1UE"
-               + "BRMTSVQ6WkNDTVNNNzZIMTRMMjE5WTERMA8GA1UELhMIMDAwMDI1ODUwgaAw"
-               + "DQYJKoZIhvcNAQEBBQADgY4AMIGKAoGBALeJTjmyFgx1SIP6c2AuB/kuyHo5"
-               + "j/prKELTALsFDimre/Hxr3wOSet1TdQfFzU8Lu+EJqgfV9cV+cI1yeH1rZs7"
-               + "lei7L3tX/VR565IywnguX5xwvteASgWZr537Fkws50bvTEMyYOj1Tf3FZvZU"
-               + "z4n4OD39KI4mfR9i1eEVIxR3AgQAizpNo4IBoTCCAZ0wHQYDVR0RBBYwFIES"
-               + "emljY2FyZGlAaW50ZXNhLml0MC8GCCsGAQUFBwEDBCMwITAIBgYEAI5GAQEw"
-               + "CwYGBACORgEDAgEUMAgGBgQAjkYBBDBZBgNVHSAEUjBQME4GBgQAizABATBE"
-               + "MEIGCCsGAQUFBwIBFjZodHRwOi8vZS10cnVzdGNvbS5pbnRlc2EuaXQvY2Ff"
-               + "cHViYmxpY2EvQ1BTX0lOVEVTQS5odG0wDgYDVR0PAQH/BAQDAgZAMIGDBgNV"
-               + "HSMEfDB6gBQZCQOW0bjFWBt+EORuxPagEgkQqKFcpFowWDELMAkGA1UEBhMC"
-               + "SVQxGjAYBgNVBAoTEUluLlRlLlMuQS4gUy5wLkEuMS0wKwYDVQQDEyRJbi5U"
-               + "ZS5TLkEuIC0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHmCBDzRARMwOwYDVR0f"
-               + "BDQwMjAwoC6gLIYqaHR0cDovL2UtdHJ1c3Rjb20uaW50ZXNhLml0L0NSTC9J"
-               + "TlRFU0EuY3JsMB0GA1UdDgQWBBTf5ItL8KmQh541Dxt7YxcWI1254TANBgkq"
-               + "hkiG9w0BAQUFAAOCAQEAgW+uL1CVWQepbC/wfCmR6PN37Sueb4xiKQj2mTD5"
-               + "UZ5KQjpivy/Hbuf0NrfKNiDEhAvoHSPC31ebGiKuTMFNyZPHfPEUnyYGSxea"
-               + "2w837aXJFr6utPNQGBRi89kH90sZDlXtOSrZI+AzJJn5QK3F9gjcayU2NZXQ"
-               + "MJgRwYmFyn2w4jtox+CwXPQ9E5XgxiMZ4WDL03cWVXDLX00EOJwnDDMUNTRI"
-               + "m9Zv+4SKTNlfFbi9UTBqWBySkDzAelsfB2U61oqc2h1xKmCtkGMmN9iZT+Qz"
-               + "ZC/vaaT+hLEBFGAH2gwFrYc4/jTBKyBYeU1vsAxsibIoTs1Apgl6MH75qPDL"
-               + "BzCCBM8wggO3oAMCAQICBEOdgPcwDQYJKoZIhvcNAQEFBQAwWDELMAkGA1UE"
-               + "BhMCSVQxGjAYBgNVBAoTEUluLlRlLlMuQS4gUy5wLkEuMS0wKwYDVQQDEyRJ"
-               + "bi5UZS5TLkEuIC0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNMDgwOTEy"
-               + "MTE0MzEyWhcNMTAwOTEyMTE0MzEyWjCB2DELMAkGA1UEBhMCSVQxIjAgBgNV"
-               + "BAoMGUludGVzYSBTLnAuQS4vMDUyNjI4OTAwMTQxKjAoBgNVBAsMIUJ1c2lu"
-               + "ZXNzIENvbGxhYm9yYXRpb24gJiBTZWN1cml0eTEeMBwGA1UEAwwVTUFTU0lN"
-               + "SUxJQU5PIFpJQ0NBUkRJMREwDwYDVQQEDAhaSUNDQVJESTEVMBMGA1UEKgwM"
-               + "TUFTU0lNSUxJQU5PMRwwGgYDVQQFExNJVDpaQ0NNU003NkgxNEwyMTlZMREw"
-               + "DwYDVQQuEwgwMDAwMjU4NTCBoDANBgkqhkiG9w0BAQEFAAOBjgAwgYoCgYEA"
-               + "t4lOObIWDHVIg/pzYC4H+S7IejmP+msoQtMAuwUOKat78fGvfA5J63VN1B8X"
-               + "NTwu74QmqB9X1xX5wjXJ4fWtmzuV6Lsve1f9VHnrkjLCeC5fnHC+14BKBZmv"
-               + "nfsWTCznRu9MQzJg6PVN/cVm9lTPifg4Pf0ojiZ9H2LV4RUjFHcCBACLOk2j"
-               + "ggGhMIIBnTAdBgNVHREEFjAUgRJ6aWNjYXJkaUBpbnRlc2EuaXQwLwYIKwYB"
-               + "BQUHAQMEIzAhMAgGBgQAjkYBATALBgYEAI5GAQMCARQwCAYGBACORgEEMFkG"
-               + "A1UdIARSMFAwTgYGBACLMAEBMEQwQgYIKwYBBQUHAgEWNmh0dHA6Ly9lLXRy"
-               + "dXN0Y29tLmludGVzYS5pdC9jYV9wdWJibGljYS9DUFNfSU5URVNBLmh0bTAO"
-               + "BgNVHQ8BAf8EBAMCBkAwgYMGA1UdIwR8MHqAFBkJA5bRuMVYG34Q5G7E9qAS"
-               + "CRCooVykWjBYMQswCQYDVQQGEwJJVDEaMBgGA1UEChMRSW4uVGUuUy5BLiBT"
-               + "LnAuQS4xLTArBgNVBAMTJEluLlRlLlMuQS4gLSBDZXJ0aWZpY2F0aW9uIEF1"
-               + "dGhvcml0eYIEPNEBEzA7BgNVHR8ENDAyMDCgLqAshipodHRwOi8vZS10cnVz"
-               + "dGNvbS5pbnRlc2EuaXQvQ1JML0lOVEVTQS5jcmwwHQYDVR0OBBYEFN/ki0vw"
-               + "qZCHnjUPG3tjFxYjXbnhMA0GCSqGSIb3DQEBBQUAA4IBAQCBb64vUJVZB6ls"
-               + "L/B8KZHo83ftK55vjGIpCPaZMPlRnkpCOmK/L8du5/Q2t8o2IMSEC+gdI8Lf"
-               + "V5saIq5MwU3Jk8d88RSfJgZLF5rbDzftpckWvq6081AYFGLz2Qf3SxkOVe05"
-               + "Ktkj4DMkmflArcX2CNxrJTY1ldAwmBHBiYXKfbDiO2jH4LBc9D0TleDGIxnh"
-               + "YMvTdxZVcMtfTQQ4nCcMMxQ1NEib1m/7hIpM2V8VuL1RMGpYHJKQPMB6Wx8H"
-               + "ZTrWipzaHXEqYK2QYyY32JlP5DNkL+9ppP6EsQEUYAfaDAWthzj+NMErIFh5"
-               + "TW+wDGyJsihOzUCmCXowfvmo8MsHMIIEzzCCA7egAwIBAgIEQ52A9zANBgkq"
-               + "hkiG9w0BAQUFADBYMQswCQYDVQQGEwJJVDEaMBgGA1UEChMRSW4uVGUuUy5B"
-               + "LiBTLnAuQS4xLTArBgNVBAMTJEluLlRlLlMuQS4gLSBDZXJ0aWZpY2F0aW9u"
-               + "IEF1dGhvcml0eTAeFw0wODA5MTIxMTQzMTJaFw0xMDA5MTIxMTQzMTJaMIHY"
-               + "MQswCQYDVQQGEwJJVDEiMCAGA1UECgwZSW50ZXNhIFMucC5BLi8wNTI2Mjg5"
-               + "MDAxNDEqMCgGA1UECwwhQnVzaW5lc3MgQ29sbGFib3JhdGlvbiAmIFNlY3Vy"
-               + "aXR5MR4wHAYDVQQDDBVNQVNTSU1JTElBTk8gWklDQ0FSREkxETAPBgNVBAQM"
-               + "CFpJQ0NBUkRJMRUwEwYDVQQqDAxNQVNTSU1JTElBTk8xHDAaBgNVBAUTE0lU"
-               + "OlpDQ01TTTc2SDE0TDIxOVkxETAPBgNVBC4TCDAwMDAyNTg1MIGgMA0GCSqG"
-               + "SIb3DQEBAQUAA4GOADCBigKBgQC3iU45shYMdUiD+nNgLgf5Lsh6OY/6ayhC"
-               + "0wC7BQ4pq3vx8a98DknrdU3UHxc1PC7vhCaoH1fXFfnCNcnh9a2bO5Xouy97"
-               + "V/1UeeuSMsJ4Ll+ccL7XgEoFma+d+xZMLOdG70xDMmDo9U39xWb2VM+J+Dg9"
-               + "/SiOJn0fYtXhFSMUdwIEAIs6TaOCAaEwggGdMB0GA1UdEQQWMBSBEnppY2Nh"
-               + "cmRpQGludGVzYS5pdDAvBggrBgEFBQcBAwQjMCEwCAYGBACORgEBMAsGBgQA"
-               + "jkYBAwIBFDAIBgYEAI5GAQQwWQYDVR0gBFIwUDBOBgYEAIswAQEwRDBCBggr"
-               + "BgEFBQcCARY2aHR0cDovL2UtdHJ1c3Rjb20uaW50ZXNhLml0L2NhX3B1YmJs"
-               + "aWNhL0NQU19JTlRFU0EuaHRtMA4GA1UdDwEB/wQEAwIGQDCBgwYDVR0jBHww"
-               + "eoAUGQkDltG4xVgbfhDkbsT2oBIJEKihXKRaMFgxCzAJBgNVBAYTAklUMRow"
-               + "GAYDVQQKExFJbi5UZS5TLkEuIFMucC5BLjEtMCsGA1UEAxMkSW4uVGUuUy5B"
-               + "LiAtIENlcnRpZmljYXRpb24gQXV0aG9yaXR5ggQ80QETMDsGA1UdHwQ0MDIw"
-               + "MKAuoCyGKmh0dHA6Ly9lLXRydXN0Y29tLmludGVzYS5pdC9DUkwvSU5URVNB"
-               + "LmNybDAdBgNVHQ4EFgQU3+SLS/CpkIeeNQ8be2MXFiNdueEwDQYJKoZIhvcN"
-               + "AQEFBQADggEBAIFvri9QlVkHqWwv8Hwpkejzd+0rnm+MYikI9pkw+VGeSkI6"
-               + "Yr8vx27n9Da3yjYgxIQL6B0jwt9XmxoirkzBTcmTx3zxFJ8mBksXmtsPN+2l"
-               + "yRa+rrTzUBgUYvPZB/dLGQ5V7Tkq2SPgMySZ+UCtxfYI3GslNjWV0DCYEcGJ"
-               + "hcp9sOI7aMfgsFz0PROV4MYjGeFgy9N3FlVwy19NBDicJwwzFDU0SJvWb/uE"
-               + "ikzZXxW4vVEwalgckpA8wHpbHwdlOtaKnNodcSpgrZBjJjfYmU/kM2Qv72mk"
-               + "/oSxARRgB9oMBa2HOP40wSsgWHlNb7AMbImyKE7NQKYJejB++ajwywcxggM8"
-               + "MIIDOAIBATBgMFgxCzAJBgNVBAYTAklUMRowGAYDVQQKExFJbi5UZS5TLkEu"
-               + "IFMucC5BLjEtMCsGA1UEAxMkSW4uVGUuUy5BLiAtIENlcnRpZmljYXRpb24g"
-               + "QXV0aG9yaXR5AgRDnYD3MAkGBSsOAwIaBQAwDQYJKoZIhvcNAQEBBQAEgYB+"
-               + "lH2cwLqc91mP8prvgSV+RRzk13dJdZvdoVjgQoFrPhBiZCNIEoHvIhMMA/sM"
-               + "X6euSRZk7EjD24FasCEGYyd0mJVLEy6TSPmuW+wWz/28w3a6IWXBGrbb/ild"
-               + "/CJMkPgLPGgOVD1WDwiNKwfasiQSFtySf5DPn3jFevdLeMmEY6GCAjIwggEV"
-               + "BgkqhkiG9w0BCQYxggEGMIIBAgIBATBgMFgxCzAJBgNVBAYTAklUMRowGAYD"
-               + "VQQKExFJbi5UZS5TLkEuIFMucC5BLjEtMCsGA1UEAxMkSW4uVGUuUy5BLiAt"
-               + "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5AgRDnYD3MAkGBSsOAwIaBQAwDQYJ"
-               + "KoZIhvcNAQEBBQAEgYBHlOULfT5GDigIvxP0qZOy8VbpntmzaPF55VV4buKV"
-               + "35J+uHp98gXKp0LrHM69V5IRKuyuQzHHFBqsXxsRI9o6KoOfgliD9Xc+BeMg"
-               + "dKzQhBhBYoFREq8hQM0nSbqDNHYAQyNHMzUA/ZQUO5dlFuH8Dw3iDYAhNtfd"
-               + "PrlchKJthDCCARUGCSqGSIb3DQEJBjGCAQYwggECAgEBMGAwWDELMAkGA1UE"
-               + "BhMCSVQxGjAYBgNVBAoTEUluLlRlLlMuQS4gUy5wLkEuMS0wKwYDVQQDEyRJ"
-               + "bi5UZS5TLkEuIC0gQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkCBEOdgPcwCQYF"
-               + "Kw4DAhoFADANBgkqhkiG9w0BAQEFAASBgEeU5Qt9PkYOKAi/E/Spk7LxVume"
-               + "2bNo8XnlVXhu4pXfkn64en3yBcqnQusczr1XkhEq7K5DMccUGqxfGxEj2joq"
-               + "g5+CWIP1dz4F4yB0rNCEGEFigVESryFAzSdJuoM0dgBDI0czNQD9lBQ7l2UW"
-               + "4fwPDeINgCE2190+uVyEom2E");
-
-    byte[] noSignedAttrSample2 = Base64.decode(
-          "MIIIlAYJKoZIhvcNAQcCoIIIhTCCCIECAQExCzAJBgUrDgMCGgUAMAsGCSqG"
-        + "SIb3DQEHAaCCB3UwggOtMIIDa6ADAgECAgEzMAsGByqGSM44BAMFADCBkDEL"
-        + "MAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRIwEAYDVQQHEwlQYWxvIEFsdG8x"
-        + "HTAbBgNVBAoTFFN1biBNaWNyb3N5c3RlbXMgSW5jMSMwIQYDVQQLExpKYXZh"
-        + "IFNvZnR3YXJlIENvZGUgU2lnbmluZzEcMBoGA1UEAxMTSkNFIENvZGUgU2ln"
-        + "bmluZyBDQTAeFw0wMTA1MjkxNjQ3MTFaFw0wNjA1MjgxNjQ3MTFaMG4xHTAb"
-        + "BgNVBAoTFFN1biBNaWNyb3N5c3RlbXMgSW5jMSMwIQYDVQQLExpKYXZhIFNv"
-        + "ZnR3YXJlIENvZGUgU2lnbmluZzEoMCYGA1UEAxMfVGhlIExlZ2lvbiBvZiB0"
-        + "aGUgQm91bmN5IENhc3RsZTCCAbcwggEsBgcqhkjOOAQBMIIBHwKBgQD9f1OB"
-        + "HXUSKVLfSpwu7OTn9hG3UjzvRADDHj+AtlEmaUVdQCJR+1k9jVj6v8X1ujD2"
-        + "y5tVbNeBO4AdNG/yZmC3a5lQpaSfn+gEexAiwk+7qdf+t8Yb+DtX58aophUP"
-        + "BPuD9tPFHsMCNVQTWhaRMvZ1864rYdcq7/IiAxmd0UgBxwIVAJdgUI8VIwvM"
-        + "spK5gqLrhAvwWBz1AoGBAPfhoIXWmz3ey7yrXDa4V7l5lK+7+jrqgvlXTAs9"
-        + "B4JnUVlXjrrUWU/mcQcQgYC0SRZxI+hMKBYTt88JMozIpuE8FnqLVHyNKOCj"
-        + "rh4rs6Z1kW6jfwv6ITVi8ftiegEkO8yk8b6oUZCJqIPf4VrlnwaSi2ZegHtV"
-        + "JWQBTDv+z0kqA4GEAAKBgBWry/FCAZ6miyy39+ftsa+h9lxoL+JtV0MJcUyQ"
-        + "E4VAhpAwWb8vyjba9AwOylYQTktHX5sAkFvjBiU0LOYDbFSTVZSHMRJgfjxB"
-        + "SHtICjOEvr1BJrrOrdzqdxcOUge5n7El124BCrv91x5Ol8UTwtiO9LrRXF/d"
-        + "SyK+RT5n1klRo3YwdDARBglghkgBhvhCAQEEBAMCAIcwDgYDVR0PAQH/BAQD"
-        + "AgHGMB0GA1UdDgQWBBQwMY4NRcco1AO3w1YsokfDLVseEjAPBgNVHRMBAf8E"
-        + "BTADAQH/MB8GA1UdIwQYMBaAFGXi9IbJ007wkU5Yomr12HhamsGmMAsGByqG"
-        + "SM44BAMFAAMvADAsAhRmigTu6QV0sTfEkVljgij/hhdVfAIUQZvMxAnIHc30"
-        + "y/u0C1T5UEG9glUwggPAMIIDfqADAgECAgEQMAsGByqGSM44BAMFADCBkDEL"
-        + "MAkGA1UEBhMCVVMxCzAJBgNVBAgTAkNBMRIwEAYDVQQHEwlQYWxvIEFsdG8x"
-        + "HTAbBgNVBAoTFFN1biBNaWNyb3N5c3RlbXMgSW5jMSMwIQYDVQQLExpKYXZh"
-        + "IFNvZnR3YXJlIENvZGUgU2lnbmluZzEcMBoGA1UEAxMTSkNFIENvZGUgU2ln"
-        + "bmluZyBDQTAeFw0wMTA0MjUwNzAwMDBaFw0yMDA0MjUwNzAwMDBaMIGQMQsw"
-        + "CQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExEjAQBgNVBAcTCVBhbG8gQWx0bzEd"
-        + "MBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxIzAhBgNVBAsTGkphdmEg"
-        + "U29mdHdhcmUgQ29kZSBTaWduaW5nMRwwGgYDVQQDExNKQ0UgQ29kZSBTaWdu"
-        + "aW5nIENBMIIBtzCCASwGByqGSM44BAEwggEfAoGBAOuvNwQeylEeaV2w8o/2"
-        + "tUkfxqSZBdcpv3S3avUZ2B7kG/gKAZqY/3Cr4kpWhmxTs/zhyIGMMfDE87CL"
-        + "5nAG7PdpaNuDTHIpiSk2F1w7SgegIAIqRpdRHXDICBgLzgxum3b3BePn+9Nh"
-        + "eeFgmiSNBpWDPFEg4TDPOFeCphpyDc7TAhUAhCVF4bq5qWKreehbMLiJaxv/"
-        + "e3UCgYEAq8l0e3Tv7kK1alNNO92QBnJokQ8LpCl2LlU71a5NZVx+KjoEpmem"
-        + "0HGqpde34sFyDaTRqh6SVEwgAAmisAlBGTMAssNcrkL4sYvKfJbYEH83RFuq"
-        + "zHjI13J2N2tAmahVZvqoAx6LShECactMuCUGHKB30sms0j3pChD6dnC3+9wD"
-        + "gYQAAoGALQmYXKy4nMeZfu4gGSo0kPnXq6uu3WtylQ1m+O8nj0Sy7ShEx/6v"
-        + "sKYnbwBnRYJbB6hWVjvSKVFhXmk51y50dxLPGUr1LcjLcmHETm/6R0M/FLv6"
-        + "vBhmKMLZZot6LS/CYJJLFP5YPiF/aGK+bEhJ+aBLXoWdGRD5FUVRG3HU9wuj"
-        + "ZjBkMBEGCWCGSAGG+EIBAQQEAwIABzAPBgNVHRMBAf8EBTADAQH/MB8GA1Ud"
-        + "IwQYMBaAFGXi9IbJ007wkU5Yomr12HhamsGmMB0GA1UdDgQWBBRl4vSGydNO"
-        + "8JFOWKJq9dh4WprBpjALBgcqhkjOOAQDBQADLwAwLAIUKvfPPJdd+Xi2CNdB"
-        + "tNkNRUzktJwCFEXNdWkOIfod1rMpsun3Mx0z/fxJMYHoMIHlAgEBMIGWMIGQ"
-        + "MQswCQYDVQQGEwJVUzELMAkGA1UECBMCQ0ExEjAQBgNVBAcTCVBhbG8gQWx0"
-        + "bzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxIzAhBgNVBAsTGkph"
-        + "dmEgU29mdHdhcmUgQ29kZSBTaWduaW5nMRwwGgYDVQQDExNKQ0UgQ29kZSBT"
-        + "aWduaW5nIENBAgEzMAkGBSsOAwIaBQAwCwYHKoZIzjgEAQUABC8wLQIVAIGV"
-        + "khm+kbV4a/+EP45PHcq0hIViAhR4M9os6IrJnoEDS3Y3l7O6zrSosA==");
-
-    private static final byte[] rawGost = Base64.decode(
-        "MIIEBwYJKoZIhvcNAQcCoIID+DCCA/QCAQExDDAKBgYqhQMCAgkFADAfBgkq"
-      + "hkiG9w0BBwGgEgQQU29tZSBEYXRhIEhFUkUhIaCCAuYwggLiMIICkaADAgEC"
-      + "AgopoLG9AAIAArWeMAgGBiqFAwICAzBlMSAwHgYJKoZIhvcNAQkBFhFpbmZv"
-      + "QGNyeXB0b3Byby5ydTELMAkGA1UEBhMCUlUxEzARBgNVBAoTCkNSWVBUTy1Q"
-      + "Uk8xHzAdBgNVBAMTFlRlc3QgQ2VudGVyIENSWVBUTy1QUk8wHhcNMTIxMDE1"
-      + "MTEwNDIzWhcNMTQxMDA0MDcwOTQxWjAhMRIwEAYDVQQDDAl0ZXN0IGdvc3Qx"
-      + "CzAJBgNVBAYTAlJVMGMwHAYGKoUDAgITMBIGByqFAwICJAAGByqFAwICHgED"
-      + "QwAEQPz/F99AG8wyMQz5uK3vJ3MdHk7ZyFzM4Ofnq8nAmDgI5/Nuzcu791/0"
-      + "hRd+1i+fArRsiPMdQXOF0E7bEMHwWfWjggFjMIIBXzAOBgNVHQ8BAf8EBAMC"
-      + "BPAwEwYDVR0lBAwwCgYIKwYBBQUHAwIwHQYDVR0OBBYEFO353ZD7sLCx6rVR"
-      + "2o/IsSxuE1gAMB8GA1UdIwQYMBaAFG2PXgXZX6yRF5QelZoFMDg3ehAqMFUG"
-      + "A1UdHwROMEwwSqBIoEaGRGh0dHA6Ly93d3cuY3J5cHRvcHJvLnJ1L0NlcnRF"
-      + "bnJvbGwvVGVzdCUyMENlbnRlciUyMENSWVBUTy1QUk8oMikuY3JsMIGgBggr"
-      + "BgEFBQcBAQSBkzCBkDAzBggrBgEFBQcwAYYnaHR0cDovL3d3dy5jcnlwdG9w"
-      + "cm8ucnUvb2NzcG5jL29jc3Auc3JmMFkGCCsGAQUFBzAChk1odHRwOi8vd3d3"
-      + "LmNyeXB0b3Byby5ydS9DZXJ0RW5yb2xsL3BraS1zaXRlX1Rlc3QlMjBDZW50"
-      + "ZXIlMjBDUllQVE8tUFJPKDIpLmNydDAIBgYqhQMCAgMDQQBAR4mr69a62d3l"
-      + "yK/UZ4Yz/Yi3jqURtbnJR2gugdzkG5pYHRwC41BbDaa1ItP+1gDp4s78+EiK"
-      + "AJc17CHGZTz3MYHVMIHSAgEBMHMwZTEgMB4GCSqGSIb3DQEJARYRaW5mb0Bj"
-      + "cnlwdG9wcm8ucnUxCzAJBgNVBAYTAlJVMRMwEQYDVQQKEwpDUllQVE8tUFJP"
-      + "MR8wHQYDVQQDExZUZXN0IENlbnRlciBDUllQVE8tUFJPAgopoLG9AAIAArWe"
-      + "MAoGBiqFAwICCQUAMAoGBiqFAwICEwUABED0Gs9zP9lSz/2/e3BUSpzCI3dx"
-      + "39gfl/pFVkx4p5N/GW5o4gHIST9OhDSmdxwpMSK+39YSRD4R0Ue0faOqWEsj"
-      + "AAAAAAAAAAAAAAAAAAAAAA==");
-
-    private static final byte[] noAttrEncData = Base64.decode(
-       "MIIFjwYJKoZIhvcNAQcCoIIFgDCCBXwCAQExDTALBglghkgBZQMEAgEwgdAG"
-     + "CSqGSIb3DQEHAaCBwgSBv01JTUUtVmVyc2lvbjogMS4wCkNvbnRlbnQtVHlw"
-     + "ZTogYXBwbGljYXRpb24vb2N0ZXQtc3RyZWFtCkNvbnRlbnQtVHJhbnNmZXIt"
-     + "RW5jb2Rpbmc6IGJpbmFyeQpDb250ZW50LURpc3Bvc2l0aW9uOiBhdHRhY2ht"
-     + "ZW50OyBmaWxlbmFtZT1kb2MuYmluCgpUaGlzIGlzIGEgdmVyeSBodWdlIHNl"
-     + "Y3JldCwgbWFkZSB3aXRoIG9wZW5zc2wKCgoKoIIDNDCCAzAwggKZoAMCAQIC"
-     + "AQEwDQYJKoZIhvcNAQEFBQAwgawxCzAJBgNVBAYTAkFUMRAwDgYDVQQIEwdB"
-     + "dXN0cmlhMQ8wDQYDVQQHEwZWaWVubmExFTATBgNVBAoTDFRpYW5pIFNwaXJp"
-     + "dDEUMBIGA1UECxMLSlVuaXQgdGVzdHMxGjAYBgNVBAMTEU1hc3NpbWlsaWFu"
-     + "byBNYXNpMTEwLwYJKoZIhvcNAQkBFiJtYXNzaW1pbGlhbm8ubWFzaUB0aWFu"
-     + "aS1zcGlyaXQuY29tMCAXDTEyMDEwMjA5MDAzNVoYDzIxOTEwNjA4MDkwMDM1"
-     + "WjCBjzELMAkGA1UEBhMCQVQxEDAOBgNVBAgTB0F1c3RyaWExFTATBgNVBAoT"
-     + "DFRpYW5pIFNwaXJpdDEUMBIGA1UECxMLSlVuaXQgVGVzdHMxDjAMBgNVBAMT"
-     + "BWNlcnQxMTEwLwYJKoZIhvcNAQkBFiJtYXNzaW1pbGlhbm8ubWFzaUB0aWFu"
-     + "aS1zcGlyaXQuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDYHz8n"
-     + "soeWpILn+5tK8XgJc3k5n0h0MOlRXLbZZVB7yuxKMBIZwl8kqqnehfqxX+hr"
-     + "b2MXSCgKEstnVunJVPUGuNxnQ8Z0R9p1o/9gR0KTXmoJ+Epx5wdEofk4Phsi"
-     + "MxjC8FVvt3sSnzal1/m0/9KntrPWksefumGm5XD3W43e5wIDAQABo3sweTAJ"
-     + "BgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBD"
-     + "ZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU8mTZGl0EFv6aHo3bup144d6wYW8wHwYD"
-     + "VR0jBBgwFoAUdHG2RdrchT0PFcUBiIiYcy5hAA4wDQYJKoZIhvcNAQEFBQAD"
-     + "gYEATcc52eo73zEA4wmbyPv0lRrmyAxrHvZGIHiKpM8bP38WUB39lgmS8J0S"
-     + "1ioj21bosiakGj/gXnxlk8M8O+mm4zzpYjy8gqGXiUt20+j3bm7MJYM8ePcq"
-     + "dG/kReNuLUbRgIA6b0T4o+0WCELhrd9IlTk5IBKjHIjsP/GR1h0t//kxggFb"
-     + "MIIBVwIBATCBsjCBrDELMAkGA1UEBhMCQVQxEDAOBgNVBAgTB0F1c3RyaWEx"
-     + "DzANBgNVBAcTBlZpZW5uYTEVMBMGA1UEChMMVGlhbmkgU3Bpcml0MRQwEgYD"
-     + "VQQLEwtKVW5pdCB0ZXN0czEaMBgGA1UEAxMRTWFzc2ltaWxpYW5vIE1hc2kx"
-     + "MTAvBgkqhkiG9w0BCQEWIm1hc3NpbWlsaWFuby5tYXNpQHRpYW5pLXNwaXJp"
-     + "dC5jb20CAQEwCwYJYIZIAWUDBAIBMA0GCSqGSIb3DQEBAQUABIGAEthqA7FK"
-     + "V1i+MzzS4zz4DxT4lwUYkWfHaDtZADUyTD5lnP3Pf+t/ScpBEGkEtI7hDqOO"
-     + "zE0WfkBshTx5B/uxDibc/jqjQpSYSz5cvBTgpocIalbqsErOkDYF1QP6UgaV"
-     + "ZoVGwvGYIuIrFgWqgk08NsPHVVjYseTEhUDwkI1KSxU=");
-
-    byte[] successResp = Base64.decode(
-          "MIIFnAoBAKCCBZUwggWRBgkrBgEFBQcwAQEEggWCMIIFfjCCARehgZ8wgZwx"
-        + "CzAJBgNVBAYTAklOMRcwFQYDVQQIEw5BbmRocmEgcHJhZGVzaDESMBAGA1UE"
-        + "BxMJSHlkZXJhYmFkMQwwCgYDVQQKEwNUQ1MxDDAKBgNVBAsTA0FUQzEeMBwG"
-        + "A1UEAxMVVENTLUNBIE9DU1AgUmVzcG9uZGVyMSQwIgYJKoZIhvcNAQkBFhVv"
-        + "Y3NwQHRjcy1jYS50Y3MuY28uaW4YDzIwMDMwNDAyMTIzNDU4WjBiMGAwOjAJ"
-        + "BgUrDgMCGgUABBRs07IuoCWNmcEl1oHwIak1BPnX8QQUtGyl/iL9WJ1VxjxF"
-        + "j0hAwJ/s1AcCAQKhERgPMjAwMjA4MjkwNzA5MjZaGA8yMDAzMDQwMjEyMzQ1"
-        + "OFowDQYJKoZIhvcNAQEFBQADgYEAfbN0TCRFKdhsmvOdUoiJ+qvygGBzDxD/"
-        + "VWhXYA+16AphHLIWNABR3CgHB3zWtdy2j7DJmQ/R7qKj7dUhWLSqclAiPgFt"
-        + "QQ1YvSJAYfEIdyHkxv4NP0LSogxrumANcDyC9yt/W9yHjD2ICPBIqCsZLuLk"
-        + "OHYi5DlwWe9Zm9VFwCGgggPMMIIDyDCCA8QwggKsoAMCAQICAQYwDQYJKoZI"
-        + "hvcNAQEFBQAwgZQxFDASBgNVBAMTC1RDUy1DQSBPQ1NQMSYwJAYJKoZIhvcN"
-        + "AQkBFhd0Y3MtY2FAdGNzLWNhLnRjcy5jby5pbjEMMAoGA1UEChMDVENTMQww"
-        + "CgYDVQQLEwNBVEMxEjAQBgNVBAcTCUh5ZGVyYWJhZDEXMBUGA1UECBMOQW5k"
-        + "aHJhIHByYWRlc2gxCzAJBgNVBAYTAklOMB4XDTAyMDgyOTA3MTE0M1oXDTAz"
-        + "MDgyOTA3MTE0M1owgZwxCzAJBgNVBAYTAklOMRcwFQYDVQQIEw5BbmRocmEg"
-        + "cHJhZGVzaDESMBAGA1UEBxMJSHlkZXJhYmFkMQwwCgYDVQQKEwNUQ1MxDDAK"
-        + "BgNVBAsTA0FUQzEeMBwGA1UEAxMVVENTLUNBIE9DU1AgUmVzcG9uZGVyMSQw"
-        + "IgYJKoZIhvcNAQkBFhVvY3NwQHRjcy1jYS50Y3MuY28uaW4wgZ8wDQYJKoZI"
-        + "hvcNAQEBBQADgY0AMIGJAoGBAM+XWW4caMRv46D7L6Bv8iwtKgmQu0SAybmF"
-        + "RJiz12qXzdvTLt8C75OdgmUomxp0+gW/4XlTPUqOMQWv463aZRv9Ust4f8MH"
-        + "EJh4ekP/NS9+d8vEO3P40ntQkmSMcFmtA9E1koUtQ3MSJlcs441JjbgUaVnm"
-        + "jDmmniQnZY4bU3tVAgMBAAGjgZowgZcwDAYDVR0TAQH/BAIwADALBgNVHQ8E"
-        + "BAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwkwNgYIKwYBBQUHAQEEKjAoMCYG"
-        + "CCsGAQUFBzABhhpodHRwOi8vMTcyLjE5LjQwLjExMDo3NzAwLzAtBgNVHR8E"
-        + "JjAkMCKgIKAehhxodHRwOi8vMTcyLjE5LjQwLjExMC9jcmwuY3JsMA0GCSqG"
-        + "SIb3DQEBBQUAA4IBAQB6FovM3B4VDDZ15o12gnADZsIk9fTAczLlcrmXLNN4"
-        + "PgmqgnwF0Ymj3bD5SavDOXxbA65AZJ7rBNAguLUo+xVkgxmoBH7R2sBxjTCc"
-        + "r07NEadxM3HQkt0aX5XYEl8eRoifwqYAI9h0ziZfTNes8elNfb3DoPPjqq6V"
-        + "mMg0f0iMS4W8LjNPorjRB+kIosa1deAGPhq0eJ8yr0/s2QR2/WFD5P4aXc8I"
-        + "KWleklnIImS3zqiPrq6tl2Bm8DZj7vXlTOwmraSQxUwzCKwYob1yGvNOUQTq"
-        + "pG6jxn7jgDawHU1+WjWQe4Q34/pWeGLysxTraMa+Ug9kPe+jy/qRX2xwvKBZ");
-
-    private static byte[] mixedSignedData = Base64.decode(
-              "d4IHBDCCBwAGCSqGSIb3DQEHAqCCBvEwggbtAgEDMQ8wDQYJYIZIAWUDBAID"
-            + "BQAwgbcGCSqEEAGHbgEUAaCBqQSBpjCBowIBADANBglghkgBZQMEAgMFADCB"
-            + "jjBFAgEBBEBIqiDnc0uJgjc1nZX/CyEaB3/j3fbR5Pjxs2/jSQhBy71N0Oh9"
-            + "i5+ZbfvoeUjHeMz0Q4m71H6XuoCIlsQJOor0MEUCAQIEQHhPBcHkCK5QugOE"
-            + "1GPQN/oRNpKlAp1l6Lr/LvSewiKbnWRKT2o3GmIZwuFflzblyiKZwxV+c8kj"
-            + "i4oQmOEhQvSgggQKMIIEBjCCAm6gAwIBAgIBPTANBgkqhkiG9w0BAQsFADBw"
-            + "MQswCQYDVQQGEwJQTDESMBAGA1UECgwJSUNBTyBDU0NBMQ4wDAYDVQQLDAVN"
-            + "U1dpQTE9MDsGA1UEAww0U3lzdGVtIFd5ZGF3YW5pYSBQYXN6cG9ydMOzdyB6"
-            + "IERhbnltaSBCaW9tZXRyeWN6bnltaTAeFw0wNzAzMjcwOTA4MDlaFw0xODAz"
-            + "MjYyMzU5NTlaMFoxCzAJBgNVBAYTAlBMMRIwEAYDVQQKDAlJQ0FPIENTQ0Ex"
-            + "ITAfBgNVBAsMGFBhc3Nwb3J0IERvY3VtZW50IFNpZ25lcjEUMBIGA1UEAwwL"
-            + "Q1BEIE1TV0lBXzgwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCP"
-            + "IvVr66gZQUpLVLxwMedLZMkYqUFhR+qxrDjGYJgy0fVYvds8u6QF+WyLRvGQ"
-            + "BJGjZ+hqXiDVtM2+ljmZm4C4wpDfZVE1e5w6lv8pKctnr1ZTorI0GsbdWIgi"
-            + "oi21WIRdpY9Rwc6gxjVLVlhwqNGhp9NRS2RDnoqy5iCLWXQ7BzlvuALqK0E1"
-            + "e/k96j3kCQ4SOES1fOreR6chFxOfhSrlo5ed6+z+YiM+rErtKAHZtYTUS6qk"
-            + "uC5SMEMDchbPd6eoYJtN5g0IEyyREm9EdLSK38L2Ln29hnVPqlMJ3ewfIRG9"
-            + "+LZ0mv3Bno9yle56tT9Vt2OBZs2MAOsFZQ66Q7+3AgMBAAGjQTA/MA4GA1Ud"
-            + "DwEB/wQEAwIHgDAMBgNVHRMBAf8EAjAAMB8GA1UdIwQYMBaAFEdS9KeSt+Ls"
-            + "eDNSRSjve8QVpj2WMA0GCSqGSIb3DQEBCwUAA4IBgQA7NXSJWoYIuRJANJVR"
-            + "+DhsvA/NOIE0c4W++xUZVY+2/abKXU7AJHdzI4pS6AOtYav2JxOnISITi3D6"
-            + "s453T/Z0gwRY6p1kUjXtHiVj6iCIal8DCYB0voAZrKl1rZWyINiMKjugNGyy"
-            + "vD6RHMuoKer07uKkgmusV23FIZaCQTPsP6sb2N5QDmfIp5lywJ+rMpJKXKoY"
-            + "Dtu7Aouhveg7DgOpUvIKFdc4eY1MYAzPTD8w2vTGTDuNjaL5cZD2HHvYl9i+"
-            + "vhD99nQWTbKStVI6Q0C2Dw3oFONKkH5O7L5bD38C6x9EBW5nGOWrSs+yP9Q1"
-            + "FNEE49snnayvctrRga2qRBK9av8c406GyFOGfnJcl82cl9KWkLGf8aIfnSzq"
-            + "FnhkDHKd9KocRX+dRFdBB5uxC0zm/XtIqB1TbTx3J88O5Ool55zFw0ECz/NX"
-            + "ecpKwk42uKOEOUcN4Etx09OuSn2+WU2ngW/CHc/T5kS3U61U5vsoTVJT3uTS"
-            + "1uRRYzcMcDc8+kwxggINMIICCQIBATB1MHAxCzAJBgNVBAYTAlBMMRIwEAYD"
-            + "VQQKDAlJQ0FPIENTQ0ExDjAMBgNVBAsMBU1TV2lBMT0wOwYDVQQDDDRTeXN0"
-            + "ZW0gV3lkYXdhbmlhIFBhc3pwb3J0w7N3IHogRGFueW1pIEJpb21ldHJ5Y3pu"
-            + "eW1pAgE9MA0GCWCGSAFlAwQCAwUAoGswGAYJKoZIhvcNAQkDMQsGCSqEEAGH"
-            + "bgEUATBPBgkqhkiG9w0BCQQxQgRAc6WCN4gqBWPSabO9SgkLfD2hTZeYU+cQ"
-            + "vbMeZW/em0v4/r0ggaustPjLW1Qmx8QWnfMHgEuojCVpyPLOYEBpZzANBgkq"
-            + "hkiG9w0BAQUFAASCAQAQBbSJOZFDx7uU2sQE1zkB5Vvds329kO+NY7ueWnGN"
-            + "a5GaIs2ri1g1xZSDsz+QWRoT4sIIV5CmiWx6lPHxWv3be1xtfVux9KqRZgEy"
-            + "xPQdANyDHaqqJr01ROQuKUJfqVSqiGe4/Udd0nFcBT9DyQWLn3HinOriEZga"
-            + "HxxN0ZjpoIEiPa+NIth1W+W3Z7yt4JUM/zX0iyhza/bPHbPOLrsXZAhGy/qn"
-            + "/JNmKBiVxuxZYYHI20CZHrgjb+ARczWuOJuBVEGEgbW/t7hMVX8X+MPAzZek"
-            + "Ndi9ZfkurEeYdDpGluYBH910/P95ibG8nrJyTaoxhmOJhJ/o/SO54m8oDlI0");
-
-    private static final Set noParams = new HashSet();
-
-    static
-    {
-        noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA1);
-        noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA224);
-        noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA256);
-        noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA384);
-        noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA512);
-        noParams.add(X9ObjectIdentifiers.id_dsa_with_sha1);
-        noParams.add(NISTObjectIdentifiers.dsa_with_sha224);
-        noParams.add(NISTObjectIdentifiers.dsa_with_sha256);
-        noParams.add(NISTObjectIdentifiers.dsa_with_sha384);
-        noParams.add(NISTObjectIdentifiers.dsa_with_sha512);
-        noParams.add(NISTObjectIdentifiers.id_dsa_with_sha3_224);
-        noParams.add(NISTObjectIdentifiers.id_dsa_with_sha3_256);
-        noParams.add(NISTObjectIdentifiers.id_dsa_with_sha3_384);
-        noParams.add(NISTObjectIdentifiers.id_dsa_with_sha3_512);
-        noParams.add(NISTObjectIdentifiers.id_ecdsa_with_sha3_224);
-        noParams.add(NISTObjectIdentifiers.id_ecdsa_with_sha3_256);
-        noParams.add(NISTObjectIdentifiers.id_ecdsa_with_sha3_384);
-        noParams.add(NISTObjectIdentifiers.id_ecdsa_with_sha3_512);
-    }
-    
-    public NewSignedDataTest(String name)
-    {
-        super(name);
-    }
-
-    public static void main(String args[])
-        throws Exception
-    {
-        if (Security.getProvider("BC") == null)
-        {
-            Security.addProvider(new BouncyCastleProvider());
-        }
-
-        init();
-
-        junit.textui.TestRunner.run(NewSignedDataTest.class);
-    }
-
-    public static Test suite() 
-        throws Exception
-    {
-        init();
-        
-        return new CMSTestSetup(new TestSuite(NewSignedDataTest.class));
-    }
-
-    public void setUp()
-        throws Exception
-    {
-        init();
-    }
-
-    private static void init()
-        throws Exception
-    {
-        if (!_initialised)
-        {
-            _initialised = true;
-
-            if (Security.getProvider(BC) == null)
-            {
-                Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
-            }
-
-            _origDN   = "O=Bouncy Castle, C=AU";
-            _origKP   = CMSTestUtil.makeKeyPair();  
-            _origCert = CMSTestUtil.makeCertificate(_origKP, _origDN, _origKP, _origDN);
-
-            _signDN   = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU";
-            _signKP   = CMSTestUtil.makeKeyPair();
-            _signCert = CMSTestUtil.makeCertificate(_signKP, _signDN, _origKP, _origDN);
-
-            _signGostKP   = CMSTestUtil.makeGostKeyPair();
-            _signGostCert = CMSTestUtil.makeCertificate(_signGostKP, _signDN, _origKP, _origDN);
-    
-            _signDsaKP   = CMSTestUtil.makeDsaKeyPair();
-            _signDsaCert = CMSTestUtil.makeCertificate(_signDsaKP, _signDN, _origKP, _origDN);
-
-            _signEcDsaKP   = CMSTestUtil.makeEcDsaKeyPair();
-            _signEcDsaCert = CMSTestUtil.makeCertificate(_signEcDsaKP, _signDN, _origKP, _origDN);
-
-            _signEcGostKP = CMSTestUtil.makeEcGostKeyPair();
-            _signEcGostCert = CMSTestUtil.makeCertificate(_signEcGostKP, _signDN, _origKP, _origDN);
-
-            _reciDN   = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU";
-            _reciKP   = CMSTestUtil.makeKeyPair();
-            _reciCert = CMSTestUtil.makeCertificate(_reciKP, _reciDN, _signKP, _signDN);
-
-            _signCrl  = CMSTestUtil.makeCrl(_signKP);
-        }
-    }
-
-    private void verifyRSASignatures(CMSSignedData s, byte[] contentDigest)
-        throws Exception
-    {
-        Store                   certStore = s.getCertificates();
-        SignerInformationStore  signers = s.getSignerInfos();
-
-        Collection              c = signers.getSigners();
-        Iterator                it = c.iterator();
-
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection          certCollection = certStore.getMatches(signer.getSID());
-
-            Iterator        certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            assertEquals(true, signer.verify(new BcRSASignerInfoVerifierBuilder(new DefaultCMSSignatureAlgorithmNameGenerator(), new DefaultSignatureAlgorithmIdentifierFinder(), new DefaultDigestAlgorithmIdentifierFinder(), new BcDigestCalculatorProvider()).build(cert)));
-
-            if (contentDigest != null)
-            {
-                assertTrue(MessageDigest.isEqual(contentDigest, signer.getContentDigest()));
-            }
-        }
-    }
-
-    private void verifySignatures(CMSSignedData s, byte[] contentDigest) 
-        throws Exception
-    {
-        Store                   certStore = s.getCertificates();
-        Store                   crlStore = s.getCRLs();
-        SignerInformationStore  signers = s.getSignerInfos();
-        
-        Collection              c = signers.getSigners();
-        Iterator                it = c.iterator();
-
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection          certCollection = certStore.getMatches(signer.getSID());
-    
-            Iterator        certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-            
-            if (contentDigest != null)
-            {
-                assertTrue(MessageDigest.isEqual(contentDigest, signer.getContentDigest()));
-            }
-        }
-
-        Collection certColl = certStore.getMatches(null);
-        Collection crlColl = crlStore.getMatches(null);
-
-        assertEquals(certColl.size(), s.getCertificates().getMatches(null).size());
-        assertEquals(crlColl.size(), s.getCRLs().getMatches(null).size());
-    }
-
-    private void verifySignatures(CMSSignedData s) 
-        throws Exception
-    {
-        verifySignatures(s, null);
-    }
-
-    public void testDetachedVerification()
-        throws Exception
-    {
-        byte[]              data = "Hello World!".getBytes();
-        List                certList = new ArrayList();
-        CMSTypedData        msg = new CMSProcessableByteArray(data);
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        DigestCalculatorProvider digProvider = new JcaDigestCalculatorProviderBuilder().setProvider(BC).build();
-        JcaSignerInfoGeneratorBuilder signerInfoGeneratorBuilder = new JcaSignerInfoGeneratorBuilder(digProvider);
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-        ContentSigner md5Signer = new JcaContentSignerBuilder("MD5withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(signerInfoGeneratorBuilder.build(sha1Signer, _origCert));
-        gen.addSignerInfoGenerator(signerInfoGeneratorBuilder.build(md5Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData s = gen.generate(msg);
-
-        MessageDigest sha1 = MessageDigest.getInstance("SHA1", BC);
-        MessageDigest md5 = MessageDigest.getInstance("MD5", BC);
-        Map hashes = new HashMap();
-        byte[] sha1Hash = sha1.digest(data);
-        byte[] md5Hash = md5.digest(data);
-
-        hashes.put(CMSAlgorithm.SHA1, sha1Hash);
-        hashes.put(CMSAlgorithm.MD5, md5Hash);
-
-        s = new CMSSignedData(hashes, s.getEncoded());
-
-        verifySignatures(s, null);
-    }
-
-    public void testEmptyContent()
-        throws Exception
-    {
-        
-        try
-        {
-            new CMSSignedData(new byte[0]);
-        }
-        catch (CMSException e)
-        {
-            assertEquals("No content found.", e.getMessage());
-        }
-
-        try
-        {
-            new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().build(), new byte[0]);
-        }
-        catch (CMSException e)
-        {
-            assertEquals("No content found.", e.getMessage());
-        }
-    }
-
-    public void testSHA1AndMD5WithRSAEncapsulatedRepeated()
-        throws Exception
-    {
-        List              certList = new ArrayList();
-        CMSTypedData      msg = new CMSProcessableByteArray("Hello World!".getBytes());
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        DigestCalculatorProvider digCalcProv = new JcaDigestCalculatorProviderBuilder().setProvider(BC).build();
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(digCalcProv).build(new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate()), _origCert));
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(digCalcProv).build(new JcaContentSignerBuilder("MD5withRSA").setProvider(BC).build(_origKP.getPrivate()), _origCert));
-        
-        gen.addCertificates(certs);
-
-        CMSSignedData s = gen.generate(msg, true);
-
-        ByteArrayInputStream bIn = new ByteArrayInputStream(s.getEncoded());
-        ASN1InputStream      aIn = new ASN1InputStream(bIn);
-        
-        s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
-
-        certs = s.getCertificates();
-
-        SignerInformationStore  signers = s.getSignerInfos();
-        
-        assertEquals(2, signers.size());
-        
-        Collection              c = signers.getSigners();
-        Iterator                it = c.iterator();
-        SignerId                sid = null;
-
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection          certCollection = certs.getMatches(signer.getSID());
-
-            Iterator        certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            sid = signer.getSID();
-            
-            assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-
-            //
-            // check content digest
-            //
-
-            byte[] contentDigest = (byte[])gen.getGeneratedDigests().get(signer.getDigestAlgOID());
-
-            AttributeTable table = signer.getSignedAttributes();
-            Attribute hash = table.get(CMSAttributes.messageDigest);
-
-            assertTrue(MessageDigest.isEqual(contentDigest, ((ASN1OctetString)hash.getAttrValues().getObjectAt(0)).getOctets()));
-        }
-        
-        c = signers.getSigners(sid);
-        
-        assertEquals(2, c.size());
-
-
-        //
-        // try using existing signer
-        //
-        
-        gen = new CMSSignedDataGenerator();
-           
-        gen.addSigners(s.getSignerInfos());
-        
-        gen.addCertificates(s.getCertificates());
-           
-        s = gen.generate(msg, true);
-
-        bIn = new ByteArrayInputStream(s.getEncoded());
-        aIn = new ASN1InputStream(bIn);
-
-        s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
-
-        certs = s.getCertificates();
-
-        signers = s.getSignerInfos();
-        c = signers.getSigners();
-        it = c.iterator();
-
-        assertEquals(2, c.size());
-        
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection          certCollection = certs.getMatches(signer.getSID());
-
-            Iterator        certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-        }
-        
-        checkSignerStoreReplacement(s, signers);
-    }
-    
-    public void testSHA1WithRSANoAttributes()
-        throws Exception
-    {
-        List              certList = new ArrayList();
-        CMSTypedData      msg = new CMSProcessableByteArray("Hello world!".getBytes());
-    
-        certList.add(_origCert);
-        certList.add(_signCert);
-    
-        Store           certs = new JcaCertStore(certList);
-    
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        JcaSignerInfoGeneratorBuilder builder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build());
-
-        builder.setDirectSignature(true);
-
-        gen.addSignerInfoGenerator(builder.build(sha1Signer, _origCert));
-    
-        gen.addCertificates(certs);
-    
-        CMSSignedData s = gen.generate(msg, false);
-    
-        //
-        // compute expected content digest
-        //
-        MessageDigest md = MessageDigest.getInstance("SHA1", BC);
-        
-        verifySignatures(s, md.digest("Hello world!".getBytes()));
-    }
-
-    public void testSHA1WithRSANoAttributesSimple()
-        throws Exception
-    {
-        List              certList = new ArrayList();
-        CMSTypedData      msg = new CMSProcessableByteArray("Hello world!".getBytes());
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-        
-        JcaSimpleSignerInfoGeneratorBuilder builder = new JcaSimpleSignerInfoGeneratorBuilder().setProvider(BC).setDirectSignature(true);
-
-        gen.addSignerInfoGenerator(builder.build("SHA1withRSA", _origKP.getPrivate(), _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData s = gen.generate(msg, false);
-
-        //
-        // compute expected content digest
-        //
-        MessageDigest md = MessageDigest.getInstance("SHA1", BC);
-
-        verifySignatures(s, md.digest("Hello world!".getBytes()));
-    }
-
-    public void testSHA1WithRSAAndOtherRevocation()
-        throws Exception
-    {
-        List              certList = new ArrayList();
-        CMSTypedData      msg = new CMSProcessableByteArray("Hello world!".getBytes());
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        List otherInfo = new ArrayList();
-        OCSPResp response = new OCSPResp(successResp);
-
-        otherInfo.add(response.toASN1Structure());
-
-        gen.addOtherRevocationInfo(CMSObjectIdentifiers.id_ri_ocsp_response, new CollectionStore(otherInfo));
-
-        CMSSignedData s;
-
-        s = gen.generate(msg, false);
-
-        //
-        // check version
-        //
-        assertEquals(5, s.getVersion());
-
-        //
-        // compute expected content digest
-        //
-        MessageDigest md = MessageDigest.getInstance("SHA1", BC);
-
-        verifySignatures(s, md.digest("Hello world!".getBytes()));
-
-        Store dataOtherInfo = s.getOtherRevocationInfo(CMSObjectIdentifiers.id_ri_ocsp_response);
-
-        assertEquals(1, dataOtherInfo.getMatches(null).size());
-
-        OCSPResp dataResponse = new OCSPResp(OCSPResponse.getInstance(dataOtherInfo.getMatches(null).iterator().next()));
-
-        assertEquals(response, dataResponse);
-    }
-
-    public void testSHA1WithRSAAndAttributeTableSimple()
-        throws Exception
-    {
-        MessageDigest       md = MessageDigest.getInstance("SHA1", BC);
-        List                certList = new ArrayList();
-        CMSTypedData        msg = new CMSProcessableByteArray("Hello world!".getBytes());
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        Attribute attr = new Attribute(CMSAttributes.messageDigest,
-                                       new DERSet(
-                                            new DEROctetString(
-                                                md.digest("Hello world!".getBytes()))));
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(attr);
-
-        JcaSimpleSignerInfoGeneratorBuilder builder = new JcaSimpleSignerInfoGeneratorBuilder().setProvider(BC).setSignedAttributeGenerator(new DefaultSignedAttributeTableGenerator(new AttributeTable(v)));
-
-        gen.addSignerInfoGenerator(builder.build("SHA1withRSA", _origKP.getPrivate(), _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData s = gen.generate(new CMSAbsentContent(), false);
-
-        //
-        // the signature is detached, so need to add msg before passing on
-        //
-        s = new CMSSignedData(msg, s.getEncoded());
-        //
-        // compute expected content digest
-        //
-
-        assertTrue(s.isDetachedSignature());
-        assertFalse(s.isCertificateManagementMessage());
-
-        verifySignatures(s, md.digest("Hello world!".getBytes()));
-        verifyRSASignatures(s, md.digest("Hello world!".getBytes()));
-    }
-
-    public void testCMSAlgorithmProtection()
-        throws Exception
-    {
-        List                certList = new ArrayList();
-        CMSTypedData        msg = new CMSProcessableByteArray("Hello world!".getBytes());
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        JcaSimpleSignerInfoGeneratorBuilder builder = new JcaSimpleSignerInfoGeneratorBuilder().setProvider(BC);
-
-        gen.addSignerInfoGenerator(builder.build("SHA1withRSA", _origKP.getPrivate(), _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData s = gen.generate(msg, true);
-
-        s = new CMSSignedData(s.getEncoded());
-
-        assertFalse(s.isDetachedSignature());
-        assertFalse(s.isCertificateManagementMessage());
-
-        verifySignatures(s, true, null);
-
-        // tamper, change signerInfo message digest
-        ContentInfo cI = s.toASN1Structure();
-        SignedData  sd = SignedData.getInstance(cI.getContent());
-        SignerInfo  sI = SignerInfo.getInstance(sd.getSignerInfos().getObjectAt(0));
-
-        SignerInfo sInew = new SignerInfo(sI.getSID(), new AlgorithmIdentifier(TeleTrusTObjectIdentifiers.ripemd128, DERNull.INSTANCE), sI.getAuthenticatedAttributes(), sI.getDigestEncryptionAlgorithm(), sI.getEncryptedDigest(), sI.getUnauthenticatedAttributes());
-
-        verifySignatures(getCorruptedSignedData(sd, sInew), false, "CMS Algorithm Identifier Protection check failed for digestAlgorithm");
-
-        sInew = new SignerInfo(sI.getSID(), sI.getDigestAlgorithm(), sI.getAuthenticatedAttributes(), new AlgorithmIdentifier(PKCSObjectIdentifiers.id_RSASSA_PSS), sI.getEncryptedDigest(), sI.getUnauthenticatedAttributes());
-
-        verifySignatures(getCorruptedSignedData(sd, sInew), false, "CMS Algorithm Identifier Protection check failed for signatureAlgorithm");
-
-        // check equivalence
-        AlgorithmIdentifier newAlgId = new AlgorithmIdentifier(sI.getDigestAlgorithm().getAlgorithm());
-        assertFalse(newAlgId.equals(sI.getDigestAlgorithm()));
-
-        sInew = new SignerInfo(sI.getSID(), newAlgId, sI.getAuthenticatedAttributes(), sI.getDigestEncryptionAlgorithm(), sI.getEncryptedDigest(), sI.getUnauthenticatedAttributes());
-
-        verifySignatures(getCorruptedSignedData(sd, sInew), true, null);
-
-        newAlgId = new AlgorithmIdentifier(sI.getDigestEncryptionAlgorithm().getAlgorithm());
-        assertFalse(newAlgId.equals(sI.getDigestEncryptionAlgorithm()));
-
-        sInew = new SignerInfo(sI.getSID(), sI.getDigestAlgorithm(), sI.getAuthenticatedAttributes(), newAlgId, sI.getEncryptedDigest(), sI.getUnauthenticatedAttributes());
-
-        verifySignatures(getCorruptedSignedData(sd, sInew), true, null);
-    }
-
-    private CMSSignedData getCorruptedSignedData(SignedData sd, SignerInfo sI)
-        throws CMSException
-    {
-        return new CMSSignedData(new ContentInfo(CMSObjectIdentifiers.signedData, new SignedData(sd.getDigestAlgorithms(), sd.getEncapContentInfo(), sd.getCertificates(), sd.getCRLs(), new DERSet(sI))));
-    }
-
-    private void verifySignatures(CMSSignedData s, boolean shouldPass, String message)
-        throws Exception
-    {
-        Store                   certStore = s.getCertificates();
-        SignerInformationStore  signers = s.getSignerInfos();
-
-        Collection              c = signers.getSigners();
-        Iterator                it = c.iterator();
-
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection          certCollection = certStore.getMatches(signer.getSID());
-
-            Iterator        certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            if (shouldPass)
-            {
-                assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-            }
-            else
-            {
-                try
-                {
-                    assertEquals(false, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-                    if (message != null)
-                    {
-                        fail("No exception thrown");
-                    }
-                }
-                catch (CMSException e)
-                {
-                    assertEquals(message, e.getMessage());
-                }
-            }
-        }
-    }
-
-    public void testSHA1WithRSAAndAttributeTable()
-        throws Exception
-    {
-        MessageDigest       md = MessageDigest.getInstance("SHA1", BC);
-        List                certList = new ArrayList();
-        CMSTypedData        msg = new CMSProcessableByteArray("Hello world!".getBytes());
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        Attribute attr = new Attribute(CMSAttributes.messageDigest,
-                                       new DERSet(
-                                            new DEROctetString(
-                                                md.digest("Hello world!".getBytes()))));
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(attr);
-
-        JcaSignerInfoGeneratorBuilder builder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build());
-
-        builder.setSignedAttributeGenerator(new DefaultSignedAttributeTableGenerator(new AttributeTable(v)));
-        
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(builder.build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData s = gen.generate(new CMSAbsentContent(), false);
-
-        //
-        // the signature is detached, so need to add msg before passing on
-        //
-        s = new CMSSignedData(msg, s.getEncoded());
-        //
-        // compute expected content digest
-        //
-
-        verifySignatures(s, md.digest("Hello world!".getBytes()));
-        verifyRSASignatures(s, md.digest("Hello world!".getBytes()));
-    }
-
-    public void testRemoveAttribute()
-        throws Exception
-    {
-        MessageDigest       md = MessageDigest.getInstance("SHA1", BC);
-        List                certList = new ArrayList();
-        CMSTypedData        msg = new CMSProcessableByteArray("Hello world!".getBytes());
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        JcaSignerInfoGeneratorBuilder builder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build());
-
-        builder.setSignedAttributeGenerator(new CMSAttributeTableGenerator()
-        {
-            public AttributeTable getAttributes(Map parameters)
-                throws CMSAttributeTableGenerationException
-            {
-                AttributeTable table = new DefaultSignedAttributeTableGenerator().getAttributes(parameters);
-
-                return table.remove(CMSAttributes.cmsAlgorithmProtect);
-            }
-        });
-
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(builder.build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData s = gen.generate(msg, false);
-
-        //
-        // the signature is detached, so need to add msg before passing on
-        //
-        s = new CMSSignedData(msg, s.getEncoded());
-
-        // for JDK1.4 build
-        Assert.assertNull(((SignerInformation)s.getSignerInfos().iterator().next()).getSignedAttributes().get(CMSAttributes.cmsAlgorithmProtect));
-
-        //
-        // compute expected content digest
-        //
-        verifySignatures(s, md.digest("Hello world!".getBytes()));
-        verifyRSASignatures(s, md.digest("Hello world!".getBytes()));
-    }
-
-    public void testSignerInformationExtension()
-        throws Exception
-    {
-        List                certList = new ArrayList();
-        CMSTypedData        msg = new CMSProcessableByteArray("Hello world!".getBytes());
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        JcaSignerInfoGeneratorBuilder builder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build());
-
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(builder.build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData s = gen.generate(msg, true);
-
-        //
-        // the signature is detached, so need to add msg before passing on
-        //
-        s = new CMSSignedData(msg, s.getEncoded());
-
-        Store                   certStore = s.getCertificates();
-        SignerInformationStore  signers = s.getSignerInfos();
-
-        Collection              c = signers.getSigners();
-        Iterator                it = c.iterator();
-
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection          certCollection = certStore.getMatches(signer.getSID());
-
-            Iterator        certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            SignerInformationVerifier verifier = new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert);
-
-            assertEquals(false, new MyWrongSignerInformation(signer).verify(verifier));
-
-            MyRightSignerInformation rSigner = new MyRightSignerInformation(signer);
-
-            assertTrue(rSigner.verify(verifier));
-            assertTrue(rSigner.isUsed());
-        }
-    }
-
-    private class MyWrongSignerInformation
-        extends SignerInformation
-    {
-        protected MyWrongSignerInformation(SignerInformation baseInfo)
-        {
-            super(baseInfo);
-        }
-
-        public byte[] getEncodedSignedAttributes()
-            throws IOException
-        {
-            return new byte[signedAttributeSet.getEncoded(ASN1Encoding.DL).length];
-        }
-    }
-
-    private class MyRightSignerInformation
-        extends SignerInformation
-    {
-        private boolean used;
-
-        protected MyRightSignerInformation(SignerInformation baseInfo)
-        {
-            super(baseInfo);
-        }
-
-        boolean isUsed()
-        {
-            return used;
-        }
-
-        public byte[] getEncodedSignedAttributes()
-            throws IOException
-        {
-            used = true;
-            return signedAttributeSet.getEncoded(ASN1Encoding.DL);
-        }
-    }
-
-    public void testRawSHA256MissingNull()
-        throws Exception
-    {
-        final byte[] document = getInput("rawsha256nonull.p7m");
-
-        final CMSSignedData s = new CMSSignedData(document);
-
-        final Store certStore = s.getCertificates();
-        final SignerInformation signerInformation = (SignerInformation)s.getSignerInfos().getSigners().iterator().next();
-
-        Collection          certCollection = certStore.getMatches(signerInformation.getSID());
-
-        Iterator        certIt = certCollection.iterator();
-        X509Certificate cert = new JcaX509CertificateConverter().setProvider("BC").getCertificate((X509CertificateHolder)certIt.next());
-
-        final SignerInformationVerifier signerInformationVerifier =
-            new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert.getPublicKey());
-
-        if (!signerInformation.verify(signerInformationVerifier))
-        {
-            fail("raw sig failed");
-        }
-    }
-
-    public void testLwSHA1WithRSAAndAttributeTable()
-        throws Exception
-    {
-        MessageDigest       md = MessageDigest.getInstance("SHA1", BC);
-        List                certList = new ArrayList();
-        CMSTypedData        msg = new CMSProcessableByteArray("Hello world!".getBytes());
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        Attribute attr = new Attribute(CMSAttributes.messageDigest,
-                                       new DERSet(
-                                            new DEROctetString(
-                                                md.digest("Hello world!".getBytes()))));
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(attr);
-
-        AsymmetricKeyParameter privKey = PrivateKeyFactory.createKey(_origKP.getPrivate().getEncoded());
-        
-        AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA1withRSA");
-        AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
-
-        BcContentSignerBuilder contentSignerBuilder = new BcRSAContentSignerBuilder(sigAlgId, digAlgId);
-
-        gen.addSignerInfoGenerator(
-            new SignerInfoGeneratorBuilder(new BcDigestCalculatorProvider())
-                .setSignedAttributeGenerator(new DefaultSignedAttributeTableGenerator(new AttributeTable(v)))
-                .build(contentSignerBuilder.build(privKey), new JcaX509CertificateHolder(_origCert)));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData s = gen.generate(new CMSAbsentContent(), false);
-
-        //
-        // the signature is detached, so need to add msg before passing on
-        //
-        s = new CMSSignedData(msg, s.getEncoded());
-        //
-        // compute expected content digest
-        //
-
-        verifySignatures(s, md.digest("Hello world!".getBytes()));
-        verifyRSASignatures(s, md.digest("Hello world!".getBytes()));
-    }
-
-    public void testLwSHA3_256WithRSAAndAttributeTable()
-        throws Exception
-    {
-        MessageDigest       md = MessageDigest.getInstance("SHA3-256", BC);
-        List                certList = new ArrayList();
-        CMSTypedData        msg = new CMSProcessableByteArray("Hello world!".getBytes());
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        Attribute attr = new Attribute(CMSAttributes.messageDigest,
-                                       new DERSet(
-                                            new DEROctetString(
-                                                md.digest("Hello world!".getBytes()))));
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(attr);
-
-        AsymmetricKeyParameter privKey = PrivateKeyFactory.createKey(_origKP.getPrivate().getEncoded());
-
-        AlgorithmIdentifier sigAlgId = new DefaultSignatureAlgorithmIdentifierFinder().find("SHA3-256withRSA");
-        AlgorithmIdentifier digAlgId = new DefaultDigestAlgorithmIdentifierFinder().find(sigAlgId);
-
-        BcContentSignerBuilder contentSignerBuilder = new BcRSAContentSignerBuilder(sigAlgId, digAlgId);
-
-        gen.addSignerInfoGenerator(
-            new SignerInfoGeneratorBuilder(new BcDigestCalculatorProvider())
-                .setSignedAttributeGenerator(new DefaultSignedAttributeTableGenerator(new AttributeTable(v)))
-                .build(contentSignerBuilder.build(privKey), new JcaX509CertificateHolder(_origCert)));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData s = gen.generate(new CMSAbsentContent(), false);
-
-        //
-        // the signature is detached, so need to add msg before passing on
-        //
-        s = new CMSSignedData(msg, s.getEncoded());
-        //
-        // compute expected content digest
-        //
-
-        verifySignatures(s, md.digest("Hello world!".getBytes()));
-        verifyRSASignatures(s, md.digest("Hello world!".getBytes()));
-    }
-
-    public void testSHA1WithRSAEncapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signKP, _signCert, "SHA1withRSA");
-    }
-
-    public void testSHA1WithRSAEncapsulatedSubjectKeyID()
-        throws Exception
-    {
-        subjectKeyIDTest(_signKP, _signCert, "SHA1withRSA");
-    }
-
-    public void testSHA1WithRSAPSS()
-        throws Exception
-    {
-        rsaPSSTest("SHA1withRSAandMGF1");
-    }
-
-    public void testSHA224WithRSAPSS()
-        throws Exception
-    {
-        rsaPSSTest("SHA224withRSAandMGF1");
-    }
-
-    public void testSHA256WithRSAPSS()
-        throws Exception
-    {
-        rsaPSSTest("SHA256withRSAandMGF1");
-    }
-
-    public void testSHA384WithRSAPSS()
-        throws Exception
-    {
-        rsaPSSTest("SHA384withRSAandMGF1");
-    }
-
-    public void testSHA3_224WithRSAPSS()
-        throws Exception
-    {
-        rsaPSSTest("SHA3-224withRSAandMGF1");
-    }
-
-    public void testSHA3_256WithRSAPSS()
-        throws Exception
-    {
-        rsaPSSTest("SHA3-256withRSAandMGF1");
-    }
-
-    public void testSHA3_384WithRSAPSS()
-        throws Exception
-    {
-        rsaPSSTest("SHA3-384withRSAandMGF1");
-    }
-
-    public void testSHA3_224WithDSAEncapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signDsaKP, _signDsaCert, "SHA3-224withDSA", NISTObjectIdentifiers.id_dsa_with_sha3_224);
-    }
-
-    public void testSHA3_256WithDSAEncapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signDsaKP, _signDsaCert, "SHA3-256withDSA", NISTObjectIdentifiers.id_dsa_with_sha3_256);
-    }
-
-    public void testSHA3_384WithDSAEncapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signDsaKP, _signDsaCert, "SHA3-384withDSA", NISTObjectIdentifiers.id_dsa_with_sha3_384);
-    }
-
-    public void testSHA3_512WithDSAEncapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signDsaKP, _signDsaCert, "SHA3-512withDSA", NISTObjectIdentifiers.id_dsa_with_sha3_512);
-    }
-
-    // RFC 5754 update
-    public void testSHA224WithRSAEncapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signKP, _signCert, "SHA224withRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption);
-    }
-
-    // RFC 5754 update
-    public void testSHA256WithRSAEncapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signKP, _signCert, "SHA256withRSA", PKCSObjectIdentifiers.sha256WithRSAEncryption);
-    }
-
-    public void testSHA3_224WithRSAEncapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signKP, _signCert, "SHA3-224withRSA", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224);
-    }
-
-    public void testSHA3_256WithRSAEncapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signKP, _signCert, "SHA3-256withRSA", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256);
-    }
-
-    public void testSHA3_384WithRSAEncapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signKP, _signCert, "SHA3-384withRSA", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384);
-    }
-
-    public void testSHA3_512WithRSAEncapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signKP, _signCert, "SHA3-512withRSA", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512);
-    }
-
-    public void testRIPEMD128WithRSAEncapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signKP, _signCert, "RIPEMD128withRSA");
-    }
-
-    public void testRIPEMD160WithRSAEncapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signKP, _signCert, "RIPEMD160withRSA");
-    }
-
-    public void testRIPEMD256WithRSAEncapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signKP, _signCert, "RIPEMD256withRSA");
-    }
-
-    public void testECDSAEncapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signEcDsaKP, _signEcDsaCert, "SHA1withECDSA");
-    }
-
-    public void testECDSAEncapsulatedSubjectKeyID()
-        throws Exception
-    {
-        subjectKeyIDTest(_signEcDsaKP, _signEcDsaCert, "SHA1withECDSA");
-    }
-
-    public void testECDSASHA224Encapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signEcDsaKP, _signEcDsaCert, "SHA224withECDSA");
-    }
-
-    public void testECDSASHA256Encapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signEcDsaKP, _signEcDsaCert, "SHA256withECDSA");
-    }
-
-    public void testECDSASHA384Encapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signEcDsaKP, _signEcDsaCert, "SHA384withECDSA");
-    }
-
-    public void testECDSASHA512Encapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signEcDsaKP, _signEcDsaCert, "SHA512withECDSA");
-    }
-
-    public void testECDSASHA3_224Encapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signEcDsaKP, _signEcDsaCert, "SHA3-224withECDSA");
-    }
-
-    public void testECDSASHA3_256Encapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signEcDsaKP, _signEcDsaCert, "SHA3-256withECDSA");
-    }
-
-    public void testECDSASHA3_384Encapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signEcDsaKP, _signEcDsaCert, "SHA3-384withECDSA");
-    }
-
-    public void testECDSASHA3_512Encapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signEcDsaKP, _signEcDsaCert, "SHA3-512withECDSA");
-    }
-
-    public void testECDSASHA512EncapsulatedWithKeyFactoryAsEC()
-        throws Exception
-    {
-        X509EncodedKeySpec  pubSpec = new X509EncodedKeySpec(_signEcDsaKP.getPublic().getEncoded());
-        PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(_signEcDsaKP.getPrivate().getEncoded());
-        KeyFactory          keyFact = KeyFactory.getInstance("EC", BC);
-        KeyPair             kp = new KeyPair(keyFact.generatePublic(pubSpec), keyFact.generatePrivate(privSpec));
-        
-        encapsulatedTest(kp, _signEcDsaCert, "SHA512withECDSA");
-    }
-
-    public void testDSAEncapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signDsaKP, _signDsaCert, "SHA1withDSA");
-    }
-
-    public void testDSAEncapsulatedSubjectKeyID()
-        throws Exception
-    {
-        subjectKeyIDTest(_signDsaKP, _signDsaCert, "SHA1withDSA");
-    }
-        
-    public void testGOST3411WithGOST3410Encapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signGostKP, _signGostCert, "GOST3411withGOST3410");
-    }
-
-    public void testGOST3411WithECGOST3410Encapsulated()
-        throws Exception
-    {
-        encapsulatedTest(_signEcGostKP, _signEcGostCert, "GOST3411withECGOST3410");
-    }
-
-    public void testGostNoAttributesEncapsulated()
-        throws Exception
-    {
-        CMSSignedData data = new CMSSignedData(rawGost);
-
-        Store                   certStore = data.getCertificates();
-        SignerInformationStore  signers = data.getSignerInfos();
-
-        Collection              c = signers.getSigners();
-        Iterator                it = c.iterator();
-
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection          certCollection = certStore.getMatches(signer.getSID());
-
-            Iterator        certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert)));
-        }
-    }
-
-    public void testSHA1WithRSACounterSignature()
-        throws Exception
-    {
-        List                certList = new ArrayList();
-        List                crlList = new ArrayList();
-        CMSTypedData        msg = new CMSProcessableByteArray("Hello World!".getBytes());
-
-        certList.add(_signCert);
-        certList.add(_origCert);
-
-        crlList.add(_signCrl);
-
-        Store           certStore = new JcaCertStore(certList);
-        Store           crlStore = new JcaCRLStore(crlList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_signKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _signCert));
-
-        gen.addCertificates(certStore);
-        gen.addCRLs(crlStore);
-        
-        CMSSignedData s = gen.generate(msg, true);
-        SignerInformation origSigner = (SignerInformation)s.getSignerInfos().getSigners().toArray()[0];
-        SignerInformationStore counterSigners1 = gen.generateCounterSigners(origSigner);
-        SignerInformationStore counterSigners2 = gen.generateCounterSigners(origSigner);
-
-        SignerInformation signer1 = SignerInformation.addCounterSigners(origSigner, counterSigners1);
-        SignerInformation signer2 = SignerInformation.addCounterSigners(signer1, counterSigners2);
-
-        SignerInformationStore cs = signer2.getCounterSignatures();
-        Collection csSigners = cs.getSigners();
-        assertEquals(2, csSigners.size());
-
-        Iterator it = csSigners.iterator();
-        while (it.hasNext())
-        {
-            SignerInformation   cSigner = (SignerInformation)it.next();
-            Collection          certCollection = certStore.getMatches(cSigner.getSID());
-
-            Iterator        certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            assertTrue(cSigner.isCounterSignature());
-            assertNull(cSigner.getSignedAttributes().get(PKCSObjectIdentifiers.pkcs_9_at_contentType));
-            assertEquals(true, cSigner.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-        }
-    }
-
-    public void testSHA1WithRSACounterSignatureAndVerifierProvider()
-        throws Exception
-    {
-        List                certList = new ArrayList();
-        List                crlList = new ArrayList();
-        CMSTypedData        msg = new CMSProcessableByteArray("Hello World!".getBytes());
-
-        certList.add(_signCert);
-        certList.add(_origCert);
-
-        crlList.add(_signCrl);
-
-        Store           certStore = new JcaCertStore(certList);
-        Store           crlStore = new JcaCRLStore(crlList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_signKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _signCert));
-
-        gen.addCertificates(certStore);
-        gen.addCRLs(crlStore);
-
-        CMSSignedData s = gen.generate(msg, true);
-
-        SignerInformationVerifierProvider vProv = new SignerInformationVerifierProvider()
-        {
-            public SignerInformationVerifier get(SignerId signerId)
-                throws OperatorCreationException
-            {
-                return new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(_signCert);
-            }
-        };
-
-        assertTrue(s.verifySignatures(vProv));
-
-        SignerInformation origSigner = (SignerInformation)s.getSignerInfos().getSigners().toArray()[0];
-
-        gen = new CMSSignedDataGenerator();
-
-        sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _origCert));
-
-        SignerInformationStore counterSigners = gen.generateCounterSigners(origSigner);
-
-        final SignerInformation signer1 = SignerInformation.addCounterSigners(origSigner, counterSigners);
-
-        List signers = new ArrayList();
-
-        signers.add(signer1);
-
-        s = CMSSignedData.replaceSigners(s, new SignerInformationStore(signers));
-
-        assertTrue(s.verifySignatures(vProv, true));
-
-        // provider can't handle counter sig
-        assertFalse(s.verifySignatures(vProv, false));
-
-        vProv = new SignerInformationVerifierProvider()
-        {
-            public SignerInformationVerifier get(SignerId signerId)
-                throws OperatorCreationException
-            {
-                if (_signCert.getSerialNumber().equals(signerId.getSerialNumber()))
-                {
-                    return new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(_signCert);
-                }
-                else if (_origCert.getSerialNumber().equals(signerId.getSerialNumber()))
-                {
-                    return new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(_origCert);
-                }
-                else
-                {
-                    throw new IllegalStateException("no signerID matched");
-                }
-            }
-        };
-
-        // verify sig and counter sig.
-        assertTrue(s.verifySignatures(vProv, false));
-    }
-
-    private void rsaPSSTest(String signatureAlgorithmName)
-        throws Exception
-    {
-        List              certList = new ArrayList();
-        CMSTypedData      msg = new CMSProcessableByteArray("Hello world!".getBytes());
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        ContentSigner contentSigner = new JcaContentSignerBuilder(signatureAlgorithmName).setProvider(BC).build(_origKP.getPrivate());
-
-        JcaSignerInfoGeneratorBuilder siBuilder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build());
-
-        siBuilder.setDirectSignature(true);
-
-        gen.addSignerInfoGenerator(siBuilder.build(contentSigner, _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData s = gen.generate(msg, false);
-
-        //
-        // compute expected content digest
-        //
-        String digestName = signatureAlgorithmName.substring(0, signatureAlgorithmName.indexOf('w'));
-        MessageDigest md = MessageDigest.getInstance(digestName, BC);
-
-        verifySignatures(s, md.digest("Hello world!".getBytes()));
-    }
-
-    private void subjectKeyIDTest(
-        KeyPair         signaturePair,
-        X509Certificate signatureCert,
-        String          signatureAlgorithm)
-        throws Exception
-    {
-        List              certList = new ArrayList();
-        List              crlList = new ArrayList();
-        CMSTypedData      msg = new CMSProcessableByteArray("Hello World!".getBytes());
-
-        certList.add(signatureCert);
-        certList.add(_origCert);
-
-        crlList.add(_signCrl);
-
-        Store           certStore = new JcaCertStore(certList);
-        Store           crlStore = new JcaCRLStore(crlList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        ContentSigner contentSigner = new JcaContentSignerBuilder(signatureAlgorithm).setProvider(BC).build(signaturePair.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(contentSigner, CMSTestUtil.createSubjectKeyId(signatureCert.getPublicKey()).getKeyIdentifier()));
-
-        gen.addCertificates(certStore);
-        gen.addCRLs(crlStore);
-
-        CMSSignedData s = gen.generate(msg, true);
-
-        assertEquals(3, s.getVersion());
-        
-        ByteArrayInputStream bIn = new ByteArrayInputStream(s.getEncoded());
-        ASN1InputStream      aIn = new ASN1InputStream(bIn);
-
-        s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
-
-        certStore = s.getCertificates();
-
-        SignerInformationStore  signers = s.getSignerInfos();
-        Collection              c = signers.getSigners();
-        Iterator                it = c.iterator();
-
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection          certCollection = certStore.getMatches(signer.getSID());
-
-            Iterator        certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-        }
-
-        //
-        // check for CRLs
-        //
-        Collection crls = crlStore.getMatches(null);
-
-        assertEquals(1, crls.size());
-
-        assertTrue(crls.contains(new JcaX509CRLHolder(_signCrl)));
-
-        //
-        // try using existing signer
-        //
-
-        gen = new CMSSignedDataGenerator();
-
-        gen.addSigners(s.getSignerInfos());
-
-        gen.addCertificates(s.getCertificates());
-
-        s = gen.generate(msg, true);
-
-        bIn = new ByteArrayInputStream(s.getEncoded());
-        aIn = new ASN1InputStream(bIn);
-
-        s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
-
-        certStore = s.getCertificates();
-
-        signers = s.getSignerInfos();
-        c = signers.getSigners();
-        it = c.iterator();
-
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection          certCollection = certStore.getMatches(signer.getSID());
-
-            Iterator        certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-        }
-
-        checkSignerStoreReplacement(s, signers);
-    }
-
-    private void encapsulatedTest(
-        KeyPair         signaturePair, 
-        X509Certificate signatureCert,
-        String          signatureAlgorithm)
-        throws Exception
-    {
-        encapsulatedTest(signaturePair, signatureCert, signatureAlgorithm, null);
-    }
-
-    private void encapsulatedTest(
-        KeyPair         signaturePair,
-        X509Certificate signatureCert,
-        String          signatureAlgorithm,
-        ASN1ObjectIdentifier sigAlgOid)
-        throws Exception
-    {
-        List                certList = new ArrayList();
-        List                crlList = new ArrayList();
-        CMSTypedData        msg = new CMSProcessableByteArray("Hello World!".getBytes());
-    
-        certList.add(signatureCert);
-        certList.add(_origCert);
-
-        crlList.add(_signCrl);
-
-        Store           certs = new JcaCertStore(certList);
-        Store           crlStore = new JcaCRLStore(crlList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        ContentSigner contentSigner = new JcaContentSignerBuilder(signatureAlgorithm).setProvider(BC).build(signaturePair.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(contentSigner, signatureCert));
-
-
-        gen.addCertificates(certs);
-    
-        CMSSignedData s = gen.generate(msg, true);
-    
-        ByteArrayInputStream bIn = new ByteArrayInputStream(s.getEncoded());
-        ASN1InputStream      aIn = new ASN1InputStream(bIn);
-        
-        s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
-
-        Set digestAlgorithms = new HashSet(s.getDigestAlgorithmIDs());
-
-        assertTrue(digestAlgorithms.size() > 0);
-
-        certs = s.getCertificates();
-    
-        SignerInformationStore  signers = s.getSignerInfos();
-        Collection              c = signers.getSigners();
-        Iterator                it = c.iterator();
-    
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection          certCollection = certs.getMatches(signer.getSID());
-    
-            Iterator        certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            if (sigAlgOid != null)
-            {
-                assertEquals(sigAlgOid.getId(), signer.getEncryptionAlgOID());
-                if (noParams.contains(sigAlgOid))
-                {
-                    assertNull(signer.getEncryptionAlgParams());
-                }
-                else
-                {
-                    assertEquals(DERNull.INSTANCE, ASN1Primitive.fromByteArray(signer.getEncryptionAlgParams()));
-                }
-            }
-
-            digestAlgorithms.remove(signer.getDigestAlgorithmID());
-
-            assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-        }
-
-        assertTrue(digestAlgorithms.size() == 0);
-
-        //
-        // check signer information lookup
-        //
-
-        SignerId sid = new JcaSignerId(signatureCert);
-
-        Collection collection = signers.getSigners(sid);
-
-        assertEquals(1, collection.size());
-        assertTrue(collection.iterator().next() instanceof SignerInformation);
-
-        //
-        // check for CRLs
-        //
-        Collection crls = crlStore.getMatches(null);
-
-        assertEquals(1, crls.size());
-
-        assertTrue(crls.contains(new JcaX509CRLHolder(_signCrl)));
-        
-        //
-        // try using existing signer
-        //
-        
-        gen = new CMSSignedDataGenerator();
-           
-        gen.addSigners(s.getSignerInfos());
-        
-        gen.addCertificates(s.getCertificates());
-           
-        s = gen.generate(msg, true);
-    
-        bIn = new ByteArrayInputStream(s.getEncoded());
-        aIn = new ASN1InputStream(bIn);
-    
-        s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
-    
-        certs = s.getCertificates();
-    
-        signers = s.getSignerInfos();
-        c = signers.getSigners();
-        it = c.iterator();
-    
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection          certCollection = certs.getMatches(signer.getSID());
-    
-            Iterator        certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-    
-            assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-        }
-        
-        checkSignerStoreReplacement(s, signers);
-    }
-
-    //
-    // signerInformation store replacement test.
-    //
-    private void checkSignerStoreReplacement(
-        CMSSignedData orig, 
-        SignerInformationStore signers) 
-        throws Exception
-    {
-        CMSSignedData s = CMSSignedData.replaceSigners(orig, signers);
-        
-        Store certs = s.getCertificates();
-        
-        signers = s.getSignerInfos();
-        Collection c = signers.getSigners();
-        Iterator   it = c.iterator();
-    
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection          certCollection = certs.getMatches(signer.getSID());
-    
-            Iterator        certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-    
-            assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-        }
-    }
-    
-    public void testUnsortedAttributes()
-        throws Exception
-    {
-        CMSSignedData s = new CMSSignedData(new CMSProcessableByteArray(disorderedMessage), disorderedSet);
-
-        Store certs = s.getCertificates();
-
-        SignerInformationStore  signers = s.getSignerInfos();
-        Collection              c = signers.getSigners();
-        Iterator                it = c.iterator();
-
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection          certCollection = certs.getMatches(signer.getSID());
-            Iterator              certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            assertEquals(false, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-
-            Signature sig = Signature.getInstance("SHA1withRSA", BC);
-
-            sig.initVerify(new JcaX509CertificateConverter().getCertificate(cert).getPublicKey());
-
-            sig.update(signer.toASN1Structure().getAuthenticatedAttributes().getEncoded());
-
-            assertEquals(true, sig.verify(signer.getSignature()));
-        }
-    }
-    
-    public void testNullContentWithSigner()
-        throws Exception
-    {
-        List                certList = new ArrayList();
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData s = gen.generate(new CMSAbsentContent(), false);
-
-        ByteArrayInputStream bIn = new ByteArrayInputStream(s.getEncoded());
-        ASN1InputStream      aIn = new ASN1InputStream(bIn);
-        
-        s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
-
-        verifySignatures(s);
-    }
-
-    public void testWithAttributeCertificate()
-        throws Exception
-    {
-        List                certList = new ArrayList();
-        CMSTypedData        msg = new CMSProcessableByteArray("Hello World!".getBytes());
-
-
-        certList.add(_signDsaCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        JcaSignerInfoGeneratorBuilder builder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build());
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(builder.build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        X509AttributeCertificateHolder attrCert = CMSTestUtil.getAttributeCertificate();
-        List attrList = new ArrayList();
-
-        attrList.add(new X509AttributeCertificateHolder(attrCert.getEncoded()));
-
-        Store store = new CollectionStore(attrList);
-
-        gen.addAttributeCertificates(store);
-
-        CMSSignedData sd = gen.generate(msg);
-
-        assertEquals(4, sd.getVersion());
-
-        store = sd.getAttributeCertificates();
-
-        Collection coll = store.getMatches(null);
-
-        assertEquals(1, coll.size());
-
-        assertTrue(coll.contains(new X509AttributeCertificateHolder(attrCert.getEncoded())));
-        
-        //
-        // create new certstore
-        //
-        certList = new ArrayList();
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        certs = new JcaCertStore(certList);
-
-
-        //
-        // replace certs
-        //
-        sd = CMSSignedData.replaceCertificatesAndCRLs(sd, certs, null, null);
-
-        verifySignatures(sd);
-    }
-
-    public void testCertStoreReplacement()
-        throws Exception
-    {
-        List         certList = new ArrayList();
-        CMSTypedData msg = new CMSProcessableByteArray("Hello World!".getBytes());
-
-
-        certList.add(_signDsaCert);
-
-        Store certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData sd = gen.generate(msg);
-
-        //
-        // create new certstore
-        //
-        certList = new ArrayList();
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        certs = new JcaCertStore(certList);
-
-        //
-        // replace certs
-        //
-        sd = CMSSignedData.replaceCertificatesAndCRLs(sd, certs, null, null);
-
-        verifySignatures(sd);
-    }
-
-    public void testEncapsulatedCertStoreReplacement()
-        throws Exception
-    {
-        List                certList = new ArrayList();
-        CMSTypedData        msg = new CMSProcessableByteArray("Hello World!".getBytes());
-
-
-        certList.add(_signDsaCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData sd = gen.generate(msg, true);
-
-        //
-        // create new certstore
-        //
-        certList = new ArrayList();
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        certs = new JcaCertStore(certList);
-
-
-        //
-        // replace certs
-        //
-        sd = CMSSignedData.replaceCertificatesAndCRLs(sd, certs, null, null);
-
-        verifySignatures(sd);
-    }
-
-    public void testCertOrdering1()
-        throws Exception
-    {
-        List            certList = new ArrayList();
-        CMSTypedData    msg = new CMSProcessableByteArray("Hello World!".getBytes());
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-        certList.add(_signDsaCert);
-
-        Store      certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData sd = gen.generate(msg, true);
-
-        certs = sd.getCertificates();
-        Iterator it = certs.getMatches(null).iterator();
-
-        assertEquals(new JcaX509CertificateHolder(_origCert), it.next());
-        assertEquals(new JcaX509CertificateHolder(_signCert), it.next());
-        assertEquals(new JcaX509CertificateHolder(_signDsaCert), it.next());
-    }
-
-    public void testCertOrdering2()
-        throws Exception
-    {
-        List               certList = new ArrayList();
-        CMSTypedData       msg = new CMSProcessableByteArray("Hello World!".getBytes());
-
-        certList.add(_signCert);
-        certList.add(_signDsaCert);
-        certList.add(_origCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData sd = gen.generate(msg, true);
-
-        certs = sd.getCertificates();
-        Iterator it = certs.getMatches(null).iterator();
-
-        assertEquals(new JcaX509CertificateHolder(_signCert), it.next());
-        assertEquals(new JcaX509CertificateHolder(_signDsaCert), it.next());
-        assertEquals(new JcaX509CertificateHolder(_origCert), it.next());
-    }
-
-    public void testSignerStoreReplacement()
-        throws Exception
-    {
-        List                  certList = new ArrayList();
-        CMSTypedData        msg = new CMSProcessableByteArray("Hello World!".getBytes());
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData original = gen.generate(msg, true);
-
-        //
-        // create new Signer
-        //
-        gen = new CMSSignedDataGenerator();
-
-        ContentSigner sha224Signer = new JcaContentSignerBuilder("SHA224withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha224Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData newSD = gen.generate(msg, true);
-
-        //
-        // replace signer
-        //
-        CMSSignedData sd = CMSSignedData.replaceSigners(original, newSD.getSignerInfos());
-
-        SignerInformation signer = (SignerInformation)sd.getSignerInfos().getSigners().iterator().next();
-
-        assertEquals(CMSAlgorithm.SHA224.getId(), signer.getDigestAlgOID());
-
-        // we use a parser here as it requires the digests to be correct in the digest set, if it
-        // isn't we'll get a NullPointerException
-        CMSSignedDataParser sp = new CMSSignedDataParser(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build(), sd.getEncoded());
-
-        sp.getSignedContent().drain();
-
-        verifySignatures(sp);
-    }
-
-    public void testEncapsulatedSamples()
-        throws Exception
-    {
-        testSample("PSSSignDataSHA1Enc.sig");
-        testSample("PSSSignDataSHA256Enc.sig");
-        testSample("PSSSignDataSHA512Enc.sig");
-    }
-    
-    public void testSamples()
-        throws Exception
-    {
-        testSample("PSSSignData.data", "PSSSignDataSHA1.sig");
-        testSample("PSSSignData.data", "PSSSignDataSHA256.sig");
-        testSample("PSSSignData.data", "PSSSignDataSHA512.sig");
-    }
-
-    public void testNoAttrEncapsulatedSample()
-        throws Exception
-    {
-        CMSSignedData s = new CMSSignedData(noAttrEncData);
-
-        Store certStore = s.getCertificates();
-
-        assertNotNull(certStore);
-
-        SignerInformationStore signers = s.getSignerInfos();
-
-        assertNotNull(signers);
-
-        Collection c = signers.getSigners();
-
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            SignerInformation signer = (SignerInformation)it.next();
-            Collection certCollection = certStore.getMatches(signer.getSID());
-            Iterator certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            if (!signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)))
-            {
-                fail("Verification FAILED! ");
-            }
-        }
-    }
-
-    public void testCounterSig()
-        throws Exception
-    {
-        CMSSignedData sig = new CMSSignedData(getInput("counterSig.p7m"));
-
-        SignerInformationStore ss = sig.getSignerInfos();
-        Collection signers = ss.getSigners();
-
-        SignerInformationStore cs = ((SignerInformation)signers.iterator().next()).getCounterSignatures();
-        Collection csSigners = cs.getSigners();
-        assertEquals(1, csSigners.size());
-
-        Iterator it = csSigners.iterator();
-        while (it.hasNext())
-        {
-            SignerInformation   cSigner = (SignerInformation)it.next();
-            Collection          certCollection = sig.getCertificates().getMatches(cSigner.getSID());
-
-            Iterator        certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            assertTrue(cSigner.isCounterSignature());
-            assertNull(cSigner.getSignedAttributes().get(PKCSObjectIdentifiers.pkcs_9_at_contentType));
-            assertEquals(true, cSigner.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-        }
-        
-        verifySignatures(sig);
-    }
-
-    public void testCertificateManagement()
-        throws Exception
-    {
-        CMSSignedDataGenerator sGen = new CMSSignedDataGenerator();
-
-        List                  certList = new ArrayList();
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        sGen.addCertificates(certs);
-
-        CMSSignedData sData = sGen.generate(new CMSAbsentContent(), true);
-
-        CMSSignedData rsData = new CMSSignedData(sData.getEncoded());
-
-        assertTrue(sData.isCertificateManagementMessage());
-        assertFalse(sData.isDetachedSignature());
-
-        assertEquals(2, rsData.getCertificates().getMatches(null).size());
-    }
-
-    public void testMixed()
-        throws Exception
-    {
-        ASN1ApplicationSpecific derApplicationSpecific = (ASN1ApplicationSpecific)ASN1Primitive.fromByteArray(mixedSignedData);
-
-        CMSSignedData s = new CMSSignedData(new ByteArrayInputStream(derApplicationSpecific.getContents()));
-
-        Store certs = s.getCertificates();
-
-        SignerInformationStore  signers = s.getSignerInfos();
-        Collection              c = signers.getSigners();
-        Iterator                it = c.iterator();
-
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection          certCollection = certs.getMatches(signer.getSID());
-
-            Iterator        certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-        }
-    }
-
-    public void testMSPKCS7()
-        throws Exception
-    {
-        byte[] data = getInput("SignedMSPkcs7.sig");
-
-        CMSSignedData sData = new CMSSignedData(data);
-
-        Store                   certStore = sData.getCertificates();
-        SignerInformationStore  signers = sData.getSignerInfos();
-
-        Collection              c = signers.getSigners();
-        Iterator                it = c.iterator();
-
-        while (it.hasNext())
-        {
-          SignerInformation   signer = (SignerInformation)it.next();
-          Collection          certCollection = certStore.getMatches(signer.getSID());
-
-          Iterator        certIt = certCollection.iterator();
-          X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert)));
-        }
-
-        // try generation from it.
-        List                  certList = new ArrayList();
-        CMSTypedData        msg = new CMSProcessableByteArray("Hello World!".getBytes());
-
-        certList.add(_origCert);
-        certList.add(_signCert);
-
-        Store           certs = new JcaCertStore(certList);
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        ContentSigner sha1Signer = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(_origKP.getPrivate());
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build()).build(sha1Signer, _origCert));
-
-        gen.addCertificates(certs);
-
-        CMSSignedData local = gen.generate(sData.getSignedContent(), true);
-
-        certStore = local.getCertificates();
-        signers = local.getSignerInfos();
-
-        c = signers.getSigners();
-        it = c.iterator();
-
-        while (it.hasNext())
-        {
-            SignerInformation signer = (SignerInformation)it.next();
-            Collection certCollection = certStore.getMatches(signer.getSID());
-
-            Iterator certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert)));
-        }
-    }
-
-    private void testSample(String sigName)
-        throws Exception
-    {
-        CMSSignedData sig = new CMSSignedData(getInput(sigName));
-
-        verifySignatures(sig);
-    }
-
-    private void testSample(String messageName, String sigName)
-        throws Exception
-    {
-        CMSSignedData sig = new CMSSignedData(new CMSProcessableByteArray(getInput(messageName)), getInput(sigName));
-
-        verifySignatures(sig);
-    }
-
-    private byte[] getInput(String name)
-        throws IOException
-    {
-        return Streams.readAll(getClass().getResourceAsStream(name));
-    }
-
-    public void testForMultipleCounterSignatures()
-        throws Exception
-    {
-        CMSSignedData sd = new CMSSignedData(xtraCounterSig);
-
-        for (Iterator sI = sd.getSignerInfos().getSigners().iterator(); sI.hasNext();)
-        {
-            SignerInformation sigI = (SignerInformation)sI.next();
-
-            SignerInformationStore counter = sigI.getCounterSignatures();
-            List                   sigs = new ArrayList(counter.getSigners());
-
-            assertEquals(2, sigs.size());
-        }
-    }
-
-    private void verifySignatures(CMSSignedDataParser sp)
-        throws Exception
-    {
-        Store               certs = sp.getCertificates();
-        SignerInformationStore  signers = sp.getSignerInfos();
-
-        Collection              c = signers.getSigners();
-        Iterator                it = c.iterator();
-
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection          certCollection = certs.getMatches(signer.getSID());
-
-            Iterator        certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert)));
-        }
-    }
-
-    private class TestCMSSignatureAlgorithmNameGenerator
-        extends DefaultCMSSignatureAlgorithmNameGenerator
-    {
-        void setDigestAlgorithmMapping(ASN1ObjectIdentifier oid, String algName)
-        {
-            super.setSigningDigestAlgorithmMapping(oid, algName);
-        }
-
-        void setEncryptionAlgorithmMapping(ASN1ObjectIdentifier oid, String algName)
-        {
-            super.setSigningEncryptionAlgorithmMapping(oid, algName);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/test/NullProviderTest.java b/bcpkix/src/main/java/org/bouncycastle/cms/test/NullProviderTest.java
deleted file mode 100644
index a97b21c..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/test/NullProviderTest.java
+++ /dev/null

@@ -1,281 +0,0 @@
-package org.bouncycastle.cms.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-import java.math.BigInteger;
-import java.security.GeneralSecurityException;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Date;
-import java.util.Iterator;
-import java.util.List;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.X509Name;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cms.CMSEnvelopedData;
-import org.bouncycastle.cms.CMSEnvelopedDataGenerator;
-import org.bouncycastle.cms.CMSProcessableByteArray;
-import org.bouncycastle.cms.CMSSignedData;
-import org.bouncycastle.cms.CMSSignedDataGenerator;
-import org.bouncycastle.cms.CMSSignedDataParser;
-import org.bouncycastle.cms.CMSSignedDataStreamGenerator;
-import org.bouncycastle.cms.CMSTypedData;
-import org.bouncycastle.cms.CMSTypedStream;
-import org.bouncycastle.cms.RecipientInformation;
-import org.bouncycastle.cms.RecipientInformationStore;
-import org.bouncycastle.cms.SignerInformation;
-import org.bouncycastle.cms.SignerInformationStore;
-import org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
-import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
-import org.bouncycastle.cms.jcajce.JcaX509CertSelectorConverter;
-import org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder;
-import org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient;
-import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
-import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
-import org.bouncycastle.util.CollectionStore;
-import org.bouncycastle.util.Store;
-import org.bouncycastle.x509.X509V3CertificateGenerator;
-
-public class NullProviderTest
-    extends TestCase
-{
-    static KeyPair keyPair;
-    static X509Certificate keyCert;
-    private static final String TEST_MESSAGE = "Hello World!";
-
-    private JcaX509CertSelectorConverter selectorConverter = new JcaX509CertSelectorConverter();
-
-    static
-    {
-        try
-        {
-            keyPair = generateKeyPair();
-            String origDN = "O=Bouncy Castle, C=AU";
-            keyCert = makeCertificate(keyPair, origDN, keyPair, origDN);
-        }
-        catch (Exception e)
-        {
-            throw new RuntimeException(e);
-        }
-    }
-
-    public void testSHA1WithRSAEncapsulated()
-        throws Exception
-    {
-        List certList = new ArrayList();
-        CMSTypedData msg = new CMSProcessableByteArray(TEST_MESSAGE.getBytes());
-
-        certList.add(new X509CertificateHolder(keyCert.getEncoded()));
-
-        DigestCalculatorProvider digCalcProv = new JcaDigestCalculatorProviderBuilder().build();
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(digCalcProv).build(new JcaContentSignerBuilder("SHA1withRSA").build(keyPair.getPrivate()), keyCert));
-
-        gen.addCertificates(new CollectionStore(certList));
-
-        CMSSignedData s = gen.generate(msg, true);
-
-        ByteArrayInputStream bIn = new ByteArrayInputStream(s.getEncoded());
-        ASN1InputStream aIn = new ASN1InputStream(bIn);
-
-        s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
-
-        Store certsAndCrls = s.getCertificates();
-
-        SignerInformationStore signers = s.getSignerInfos();
-        Collection c = signers.getSigners();
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            SignerInformation     signer = (SignerInformation)it.next();
-            Collection            certCollection = certsAndCrls.getMatches(signer.getSID());
-            Iterator              certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().build(cert)));
-        }
-    }
-
-    public void testSHA1WithRSAStream()
-        throws Exception
-    {
-        List                  certList = new ArrayList();
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        certList.add(new X509CertificateHolder(keyCert.getEncoded()));
-
-        DigestCalculatorProvider digCalcProv = new JcaDigestCalculatorProviderBuilder().build();
-
-        CMSSignedDataStreamGenerator gen = new CMSSignedDataStreamGenerator();
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(digCalcProv).build(new JcaContentSignerBuilder("SHA1withRSA").build(keyPair.getPrivate()), keyCert));
-
-        gen.addCertificates(new CollectionStore(certList));
-
-        OutputStream sigOut = gen.open(bOut);
-
-        sigOut.write(TEST_MESSAGE.getBytes());
-
-        sigOut.close();
-
-        CMSSignedDataParser sp = new CMSSignedDataParser(digCalcProv,
-                new CMSTypedStream(new ByteArrayInputStream(TEST_MESSAGE.getBytes())), bOut.toByteArray());
-
-        sp.getSignedContent().drain();
-
-        //
-        // compute expected content digest
-        //
-        MessageDigest md = MessageDigest.getInstance("SHA1");
-
-        byte[]                  contentDigest = md.digest(TEST_MESSAGE.getBytes());
-        Store                   certStore = sp.getCertificates();
-        SignerInformationStore  signers = sp.getSignerInfos();
-
-        Collection              c = signers.getSigners();
-        Iterator                it = c.iterator();
-
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection          certCollection = certStore.getMatches(signer.getSID());
-
-            Iterator        certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().build(cert)));
-
-            if (contentDigest != null)
-            {
-                assertTrue(MessageDigest.isEqual(contentDigest, signer.getContentDigest()));
-            }
-        }
-    }
-
-    public void testKeyTransDES()
-        throws Exception
-    {
-        testKeyTrans(CMSEnvelopedDataGenerator.DES_EDE3_CBC);
-    }
-
-    public void testKeyTransAES128()
-        throws Exception
-    {
-        testKeyTrans(CMSEnvelopedDataGenerator.AES128_CBC);
-    }
-
-    public void testKeyTransAES192()
-        throws Exception
-    {
-        testKeyTrans(CMSEnvelopedDataGenerator.AES192_CBC);
-    }
-
-    public void testKeyTransAES256()
-        throws Exception
-    {
-        testKeyTrans(CMSEnvelopedDataGenerator.AES256_CBC);
-    }
-
-    private void testKeyTrans(String algorithm)
-        throws Exception
-    {
-        byte[]          data     = "WallaWallaWashington".getBytes();
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(keyCert));
-
-        CMSEnvelopedData ed = edGen.generate(
-            new CMSProcessableByteArray(data),
-            new JceCMSContentEncryptorBuilder(new ASN1ObjectIdentifier(algorithm)).build());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-        assertEquals(ed.getEncryptionAlgOID(), algorithm);
-
-        Collection  c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator    it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
-
-            byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(keyPair.getPrivate()));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-    }
-
-    private static KeyPair generateKeyPair()
-        throws NoSuchProviderException, NoSuchAlgorithmException
-    {
-        KeyPairGenerator kpg  = KeyPairGenerator.getInstance("RSA", "SunRsaSign");
-
-        kpg.initialize(512, new SecureRandom());
-
-        return kpg.generateKeyPair();
-    }
-
-    private static X509Certificate makeCertificate(KeyPair subKP, String _subDN, KeyPair issKP, String _issDN)
-        throws GeneralSecurityException, IOException
-    {
-
-        PublicKey subPub  = subKP.getPublic();
-        PrivateKey issPriv = issKP.getPrivate();
-        PublicKey  issPub  = issKP.getPublic();
-
-        X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator();
-
-        v3CertGen.reset();
-        v3CertGen.setSerialNumber(BigInteger.valueOf(1));
-        v3CertGen.setIssuerDN(new X509Name(_issDN));
-        v3CertGen.setNotBefore(new Date(System.currentTimeMillis()));
-        v3CertGen.setNotAfter(new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 100)));
-        v3CertGen.setSubjectDN(new X509Name(_subDN));
-        v3CertGen.setPublicKey(subPub);
-
-        v3CertGen.setSignatureAlgorithm("SHA1WithRSA");
-
-        X509Certificate _cert = v3CertGen.generate(issPriv, "SunRsaSign");
-
-        _cert.checkValidity(new Date());
-        _cert.verify(issPub);
-
-        return _cert;
-    }
-
-    public static Test suite()
-        throws Exception
-    {
-        return new TestSuite(NullProviderTest.class);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/test/Rfc4134Test.java b/bcpkix/src/main/java/org/bouncycastle/cms/test/Rfc4134Test.java
deleted file mode 100644
index 2f59702..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/test/Rfc4134Test.java
+++ /dev/null

@@ -1,445 +0,0 @@
-package org.bouncycastle.cms.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.security.KeyFactory;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.Security;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-import java.security.interfaces.DSAParams;
-import java.security.interfaces.DSAPublicKey;
-import java.security.spec.DSAPublicKeySpec;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Iterator;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.asn1.cms.Attribute;
-import org.bouncycastle.asn1.cms.AttributeTable;
-import org.bouncycastle.asn1.cms.CMSAttributes;
-import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
-import org.bouncycastle.cms.CMSEnvelopedData;
-import org.bouncycastle.cms.CMSEnvelopedDataGenerator;
-import org.bouncycastle.cms.CMSEnvelopedDataParser;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.CMSProcessableByteArray;
-import org.bouncycastle.cms.CMSSignedData;
-import org.bouncycastle.cms.CMSSignedDataParser;
-import org.bouncycastle.cms.CMSTypedStream;
-import org.bouncycastle.cms.RecipientInformation;
-import org.bouncycastle.cms.RecipientInformationStore;
-import org.bouncycastle.cms.SignerInformation;
-import org.bouncycastle.cms.SignerInformationStore;
-import org.bouncycastle.cms.jcajce.JcaSignerInfoVerifierBuilder;
-import org.bouncycastle.cms.jcajce.JcaX509CertSelectorConverter;
-import org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
-import org.bouncycastle.util.Store;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.io.Streams;
-
-public class Rfc4134Test
-    extends TestCase
-{
-    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;    
-    private static final String TEST_DATA_HOME = "bc.test.data.home";
-    
-    private static byte[] exContent = getRfc4134Data("ExContent.bin");
-    private static byte[] sha1 = Hex.decode("406aec085279ba6e16022d9e0629c0229687dd48");
-
-    private static final JcaX509CertSelectorConverter selectorConverter = new JcaX509CertSelectorConverter();
-    private static final DigestCalculatorProvider digCalcProv;
-
-    static
-    {
-        try
-        {
-            digCalcProv =  new JcaDigestCalculatorProviderBuilder().build();
-        }
-        catch (OperatorCreationException e)
-        {
-            throw new IllegalStateException("can't create default provider!!!");
-        }
-    }
-
-    public Rfc4134Test(String name)
-    {
-        super(name);
-    }
-
-    public static void main(String args[])
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        junit.textui.TestRunner.run(Rfc4134Test.class);
-    }
-
-    public static Test suite() 
-        throws Exception
-    {
-        return new CMSTestSetup(new TestSuite(Rfc4134Test.class));
-    }
-
-    public void test4_1()
-        throws Exception
-    {
-        byte[] data = getRfc4134Data("4.1.bin");
-        CMSSignedData signedData = new CMSSignedData(data);
-
-        verifySignatures(signedData);
-
-        CMSSignedDataParser parser = new CMSSignedDataParser(digCalcProv, data);
-
-        verifySignatures(parser);
-    }
-
-    public void test4_2()
-        throws Exception
-    {
-        byte[] data = getRfc4134Data("4.2.bin");
-        CMSSignedData signedData = new CMSSignedData(data);
-
-        verifySignatures(signedData);
-
-        CMSSignedDataParser parser = new CMSSignedDataParser(digCalcProv, data);
-
-        verifySignatures(parser);
-    }
-
-    public void testRfc4_3()
-        throws Exception
-    {
-        byte[] data = getRfc4134Data("4.3.bin");
-        CMSSignedData signedData = new CMSSignedData(new CMSProcessableByteArray(exContent), data);
-
-        verifySignatures(signedData, sha1);
-
-        CMSSignedDataParser parser = new CMSSignedDataParser(digCalcProv,
-                new CMSTypedStream(new ByteArrayInputStream(exContent)),
-                data);
-
-        verifySignatures(parser);
-    }
-
-    public void test4_4()
-        throws Exception
-    {
-        byte[] data = getRfc4134Data("4.4.bin");
-        byte[] counterSigCert = getRfc4134Data("AliceRSASignByCarl.cer");
-        CMSSignedData signedData = new CMSSignedData(data);
-
-        verifySignatures(signedData, sha1);
-
-        verifySignerInfo4_4(getFirstSignerInfo(signedData.getSignerInfos()), counterSigCert);
-
-        CMSSignedDataParser parser = new CMSSignedDataParser(digCalcProv, data);
-
-        verifySignatures(parser);
-
-        verifySignerInfo4_4(getFirstSignerInfo(parser.getSignerInfos()), counterSigCert);
-    }
-
-    public void test4_5()
-        throws Exception
-    {
-        byte[] data = getRfc4134Data("4.5.bin");
-        CMSSignedData signedData = new CMSSignedData(data);
-
-        verifySignatures(signedData);
-
-        CMSSignedDataParser parser = new CMSSignedDataParser(digCalcProv, data);
-
-        verifySignatures(parser);
-    }
-
-    public void test4_6()
-        throws Exception
-    {
-        byte[] data = getRfc4134Data("4.6.bin");
-        CMSSignedData signedData = new CMSSignedData(data);
-
-        verifySignatures(signedData);
-
-        CMSSignedDataParser parser = new CMSSignedDataParser(digCalcProv, data);
-
-        verifySignatures(parser);
-    }
-
-    public void test4_7()
-        throws Exception
-    {
-        byte[] data = getRfc4134Data("4.7.bin");
-        CMSSignedData signedData = new CMSSignedData(data);
-
-        verifySignatures(signedData);
-
-        CMSSignedDataParser parser = new CMSSignedDataParser(digCalcProv, data);
-
-        verifySignatures(parser);
-    }
-
-    public void test5_1()
-        throws Exception
-    {
-        byte[] data = getRfc4134Data("5.1.bin");
-        CMSEnvelopedData envelopedData = new CMSEnvelopedData(data);
-
-        verifyEnvelopedData(envelopedData, CMSEnvelopedDataGenerator.DES_EDE3_CBC);
-
-        CMSEnvelopedDataParser envelopedParser = new CMSEnvelopedDataParser(data);
-
-        verifyEnvelopedData(envelopedParser, CMSEnvelopedDataGenerator.DES_EDE3_CBC);
-    }
-
-    public void test5_2()
-        throws Exception
-    {
-        byte[] data = getRfc4134Data("5.2.bin");
-        CMSEnvelopedData envelopedData = new CMSEnvelopedData(data);
-
-        verifyEnvelopedData(envelopedData, CMSEnvelopedDataGenerator.RC2_CBC);
-
-        CMSEnvelopedDataParser envelopedParser = new CMSEnvelopedDataParser(data);
-
-        verifyEnvelopedData(envelopedParser, CMSEnvelopedDataGenerator.RC2_CBC);
-    }
-
-    private void verifyEnvelopedData(CMSEnvelopedData envelopedData, String symAlgorithmOID)
-        throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeySpecException, CMSException
-    {
-        byte[]              privKeyData = getRfc4134Data("BobPrivRSAEncrypt.pri");
-        PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(privKeyData);
-        KeyFactory keyFact = KeyFactory.getInstance("RSA", BC);
-        PrivateKey privKey = keyFact.generatePrivate(keySpec);
-
-        RecipientInformationStore recipients = envelopedData.getRecipientInfos();
-
-        assertEquals(envelopedData.getEncryptionAlgOID(), symAlgorithmOID);
-
-        Collection c = recipients.getRecipients();
-        assertTrue(c.size() >= 1 && c.size() <= 2);
-
-        Iterator it = c.iterator();
-        verifyRecipient((RecipientInformation)it.next(), privKey);
-
-        if (c.size() == 2)
-        {
-            RecipientInformation recInfo = (RecipientInformation)it.next();
-
-            assertEquals(PKCSObjectIdentifiers.id_alg_CMSRC2wrap.getId(), recInfo.getKeyEncryptionAlgOID());
-        }
-    }
-
-    private void verifyEnvelopedData(CMSEnvelopedDataParser envelopedParser, String symAlgorithmOID)
-        throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeySpecException, CMSException
-    {
-        byte[]              privKeyData = getRfc4134Data("BobPrivRSAEncrypt.pri");
-        PKCS8EncodedKeySpec keySpec = new PKCS8EncodedKeySpec(privKeyData);
-        KeyFactory keyFact = KeyFactory.getInstance("RSA", BC);
-        PrivateKey privKey = keyFact.generatePrivate(keySpec);
-
-        RecipientInformationStore recipients = envelopedParser.getRecipientInfos();
-
-        assertEquals(envelopedParser.getEncryptionAlgOID(), symAlgorithmOID);
-
-        Collection c = recipients.getRecipients();
-        assertTrue(c.size() >= 1 && c.size() <= 2);
-
-        Iterator it = c.iterator();
-        verifyRecipient((RecipientInformation)it.next(), privKey);
-
-        if (c.size() == 2)
-        {
-            RecipientInformation recInfo = (RecipientInformation)it.next();
-
-            assertEquals(PKCSObjectIdentifiers.id_alg_CMSRC2wrap.getId(), recInfo.getKeyEncryptionAlgOID());
-        }
-    }
-
-    private void verifyRecipient(RecipientInformation recipient, PrivateKey privKey)
-        throws CMSException, NoSuchProviderException
-    {
-        assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
-
-        byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(privKey).setProvider(BC));
-
-        assertEquals(true, Arrays.equals(exContent, recData));
-    }
-
-    private void verifySignerInfo4_4(SignerInformation signerInfo, byte[] counterSigCert)
-        throws Exception
-    {
-        verifyCounterSignature(signerInfo, counterSigCert);
-
-        verifyContentHint(signerInfo);
-    }
-
-    private SignerInformation getFirstSignerInfo(SignerInformationStore store)
-    {
-        return (SignerInformation)store.getSigners().iterator().next();
-    }
-
-    private void verifyCounterSignature(SignerInformation signInfo, byte[] certificate)
-        throws Exception
-    {
-        SignerInformation csi = (SignerInformation)signInfo.getCounterSignatures().getSigners().iterator().next();
-
-        CertificateFactory certFact = CertificateFactory.getInstance("X.509", BC);
-        X509Certificate    cert = (X509Certificate)certFact.generateCertificate(new ByteArrayInputStream(certificate));
-
-        assertTrue(csi.verify(new JcaSignerInfoVerifierBuilder(digCalcProv).setProvider(BC).build(cert)));
-    }
-
-    private void verifyContentHint(SignerInformation signInfo)
-    {
-        AttributeTable attrTable = signInfo.getUnsignedAttributes();
-
-        Attribute attr = attrTable.get(CMSAttributes.contentHint);
-
-        assertEquals(1, attr.getAttrValues().size());
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(new DERUTF8String("Content Hints Description Buffer"));
-        v.add(CMSObjectIdentifiers.data);
-        
-        assertTrue(attr.getAttrValues().getObjectAt(0).equals(new DERSequence(v)));
-    }
-
-    private void verifySignatures(CMSSignedData s, byte[] contentDigest)
-        throws Exception
-    {
-        Store               certStore = s.getCertificates();
-        SignerInformationStore  signers = s.getSignerInfos();
-
-        Collection              c = signers.getSigners();
-        Iterator                it = c.iterator();
-
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection          certCollection = certStore.getMatches(signer.getSID());
-
-            Iterator        certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            verifySigner(signer, cert);
-
-            if (contentDigest != null)
-            {
-                assertTrue(MessageDigest.isEqual(contentDigest, signer.getContentDigest()));
-            }
-        }
-    }
-
-    private void verifySignatures(CMSSignedData s)
-        throws Exception
-    {
-        verifySignatures(s, null);
-    }
-
-    private void verifySignatures(CMSSignedDataParser sp)
-        throws Exception
-    {
-        CMSTypedStream sc = sp.getSignedContent();
-        if (sc != null)
-        {
-            sc.drain();
-        }
-        
-        Store certs = sp.getCertificates();
-        SignerInformationStore  signers = sp.getSignerInfos();
-
-        Collection              c = signers.getSigners();
-        Iterator                it = c.iterator();
-
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection          certCollection = certs.getMatches(signer.getSID());
-
-            Iterator        certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            verifySigner(signer, cert);
-        }
-    }
-
-    private void verifySigner(SignerInformation signer, X509CertificateHolder certHolder)
-        throws Exception
-    {
-        X509Certificate cert = new JcaX509CertificateConverter().setProvider("BC").getCertificate(certHolder);
-        if (cert.getPublicKey() instanceof DSAPublicKey)
-        {
-            DSAPublicKey key = (DSAPublicKey)cert.getPublicKey();
-
-            if (key.getParams() == null)
-            {
-                assertEquals(true, signer.verify(new JcaSignerInfoVerifierBuilder(digCalcProv).setProvider(BC).build(getInheritedKey(key))));
-            }
-            else
-            {
-                assertEquals(true, signer.verify(new JcaSignerInfoVerifierBuilder(digCalcProv).setProvider(BC).build(cert)));
-            }
-        }
-        else
-        {
-            assertEquals(true, signer.verify(new JcaSignerInfoVerifierBuilder(digCalcProv).setProvider(BC).build(cert)));
-        }
-    }
-
-    private PublicKey getInheritedKey(DSAPublicKey key)
-        throws Exception
-    {
-        CertificateFactory certFact = CertificateFactory.getInstance("X.509", BC);
-
-        X509Certificate cert = (X509Certificate)certFact.generateCertificate(new ByteArrayInputStream(getRfc4134Data("CarlDSSSelf.cer")));
-
-        DSAParams dsaParams = ((DSAPublicKey)cert.getPublicKey()).getParams();
-
-        DSAPublicKeySpec dsaPubKeySpec = new DSAPublicKeySpec(
-                        key.getY(), dsaParams.getP(), dsaParams.getQ(), dsaParams.getG());
-
-        KeyFactory keyFactory = KeyFactory.getInstance("DSA", BC);
-
-        return keyFactory.generatePublic(dsaPubKeySpec);
-    }
-
-    private static byte[] getRfc4134Data(String name)
-    {
-        String dataHome = System.getProperty(TEST_DATA_HOME);
-
-        if (dataHome == null)
-        {
-            throw new IllegalStateException(TEST_DATA_HOME + " property not set");
-        }
-
-        try
-        {
-            return Streams.readAll(new FileInputStream(dataHome + "/rfc4134/" + name));
-        }
-        catch (IOException e)
-        {
-            throw new RuntimeException(e.toString());
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/test/SHA1DigestCalculator.java b/bcpkix/src/main/java/org/bouncycastle/cms/test/SHA1DigestCalculator.java
deleted file mode 100644
index 934bfcf..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/test/SHA1DigestCalculator.java
+++ /dev/null

@@ -1,44 +0,0 @@
-package org.bouncycastle.cms.test;
-
-import java.io.ByteArrayOutputStream;
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.operator.DigestCalculator;
-
-
-class SHA1DigestCalculator
-    implements DigestCalculator
-{
-    private ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-    public AlgorithmIdentifier getAlgorithmIdentifier()
-    {
-        return new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1);
-    }
-
-    public OutputStream getOutputStream()
-    {
-        return bOut;
-    }
-
-    public byte[] getDigest()
-    {
-        byte[] bytes = bOut.toByteArray();
-
-        bOut.reset();
-
-        Digest sha1 = new SHA1Digest();
-
-        sha1.update(bytes, 0, bytes.length);
-
-        byte[] digest = new byte[sha1.getDigestSize()];
-
-        sha1.doFinal(digest, 0);
-
-        return digest;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/test/SunProviderTest.java b/bcpkix/src/main/java/org/bouncycastle/cms/test/SunProviderTest.java
deleted file mode 100644
index 3ec8c5a..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/test/SunProviderTest.java
+++ /dev/null

@@ -1,284 +0,0 @@
-package org.bouncycastle.cms.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-import java.math.BigInteger;
-import java.security.GeneralSecurityException;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collection;
-import java.util.Date;
-import java.util.Iterator;
-import java.util.List;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.X509Name;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
-import org.bouncycastle.cms.CMSEnvelopedData;
-import org.bouncycastle.cms.CMSEnvelopedDataGenerator;
-import org.bouncycastle.cms.CMSProcessableByteArray;
-import org.bouncycastle.cms.CMSSignedData;
-import org.bouncycastle.cms.CMSSignedDataGenerator;
-import org.bouncycastle.cms.CMSSignedDataParser;
-import org.bouncycastle.cms.CMSSignedDataStreamGenerator;
-import org.bouncycastle.cms.CMSTypedData;
-import org.bouncycastle.cms.CMSTypedStream;
-import org.bouncycastle.cms.RecipientInformation;
-import org.bouncycastle.cms.RecipientInformationStore;
-import org.bouncycastle.cms.SignerInformation;
-import org.bouncycastle.cms.SignerInformationStore;
-import org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
-import org.bouncycastle.cms.jcajce.JcaSignerInfoVerifierBuilder;
-import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
-import org.bouncycastle.cms.jcajce.JcaX509CertSelectorConverter;
-import org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder;
-import org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient;
-import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
-import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
-import org.bouncycastle.util.CollectionStore;
-import org.bouncycastle.util.Store;
-import org.bouncycastle.x509.X509V3CertificateGenerator;
-
-public class SunProviderTest
-    extends TestCase
-{
-    static KeyPair keyPair;
-    static X509Certificate keyCert;
-    private static final String TEST_MESSAGE = "Hello World!";
-    private static final JcaX509CertSelectorConverter selectorConverter = new JcaX509CertSelectorConverter();
-
-    static
-    {
-        try
-        {
-        keyPair = generateKeyPair();
-        String origDN = "O=Bouncy Castle, C=AU";
-        keyCert = makeCertificate(keyPair, origDN, keyPair, origDN);
-        }
-        catch (Exception e)
-        {
-            throw new RuntimeException(e);
-        }
-    }
-
-    public void testSHA1WithRSAEncapsulated()
-        throws Exception
-    {
-        List certList = new ArrayList();
-        CMSTypedData msg = new CMSProcessableByteArray(TEST_MESSAGE.getBytes());
-
-        certList.add(new X509CertificateHolder(keyCert.getEncoded()));
-
-        DigestCalculatorProvider digCalcProv = new JcaDigestCalculatorProviderBuilder().build();
-
-        CMSSignedDataGenerator gen = new CMSSignedDataGenerator();
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(digCalcProv).build(new JcaContentSignerBuilder("SHA1withRSA").setProvider("SunRsaSign").build(keyPair.getPrivate()), keyCert));
-
-        gen.addCertificates(new CollectionStore(certList));
-
-        CMSSignedData s = gen.generate(msg, true);
-
-        ByteArrayInputStream bIn = new ByteArrayInputStream(s.getEncoded());
-        ASN1InputStream aIn = new ASN1InputStream(bIn);
-
-        s = new CMSSignedData(ContentInfo.getInstance(aIn.readObject()));
-
-        Store certsAndCrls = s.getCertificates();
-
-        SignerInformationStore signers = s.getSignerInfos();
-        Collection c = signers.getSigners();
-        Iterator it = c.iterator();
-
-        while (it.hasNext())
-        {
-            SignerInformation signer = (SignerInformation)it.next();
-            Collection          certCollection = certsAndCrls.getMatches(signer.getSID());
-
-            Iterator        certIt = certCollection.iterator();
-            X509Certificate cert = new JcaX509CertificateConverter().getCertificate((X509CertificateHolder)certIt.next());
-
-            assertEquals(true, signer.verify(new JcaSignerInfoVerifierBuilder(new JcaDigestCalculatorProviderBuilder().build()).setProvider("SunRsaSign").build(cert)));
-        }
-    }
-
-    public void testSHA1WithRSAStream()
-        throws Exception
-    {
-        List                  certList = new ArrayList();
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        certList.add(new X509CertificateHolder(keyCert.getEncoded()));
-
-        DigestCalculatorProvider digCalcProv = new JcaDigestCalculatorProviderBuilder().build();
-
-        CMSSignedDataStreamGenerator gen = new CMSSignedDataStreamGenerator();
-
-        gen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(digCalcProv).build(new JcaContentSignerBuilder("SHA1withRSA").setProvider("SunRsaSign").build(keyPair.getPrivate()), keyCert));
-
-        gen.addCertificates(new CollectionStore(certList));
-
-        OutputStream sigOut = gen.open(bOut);
-
-        sigOut.write(TEST_MESSAGE.getBytes());
-
-        sigOut.close();
-
-        CMSSignedDataParser sp = new CMSSignedDataParser(digCalcProv,
-                new CMSTypedStream(new ByteArrayInputStream(TEST_MESSAGE.getBytes())), bOut.toByteArray());
-
-        sp.getSignedContent().drain();
-
-        //
-        // compute expected content digest
-        //
-        MessageDigest md = MessageDigest.getInstance("SHA1", "SUN");
-
-        byte[]                  contentDigest = md.digest(TEST_MESSAGE.getBytes());
-        Store                   certStore = sp.getCertificates();
-        SignerInformationStore  signers = sp.getSignerInfos();
-
-        Collection              c = signers.getSigners();
-        Iterator                it = c.iterator();
-
-        while (it.hasNext())
-        {
-            SignerInformation   signer = (SignerInformation)it.next();
-            Collection          certCollection = certStore.getMatches(signer.getSID());
-
-            Iterator        certIt = certCollection.iterator();
-            X509CertificateHolder cert = (X509CertificateHolder)certIt.next();
-
-            assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("SunRsaSign").build(new JcaX509CertificateConverter().getCertificate(cert))));
-
-            if (contentDigest != null)
-            {
-                assertTrue(MessageDigest.isEqual(contentDigest, signer.getContentDigest()));
-            }
-        }
-    }
-
-    public void testKeyTransDES()
-        throws Exception
-    {
-        testKeyTrans(CMSEnvelopedDataGenerator.DES_EDE3_CBC);
-    }
-
-    public void testKeyTransAES128()
-        throws Exception
-    {
-        testKeyTrans(CMSEnvelopedDataGenerator.AES128_CBC);
-    }
-
-    public void testKeyTransAES192()
-        throws Exception
-    {
-        testKeyTrans(CMSEnvelopedDataGenerator.AES192_CBC);
-    }
-
-    public void testKeyTransAES256()
-        throws Exception
-    {
-        testKeyTrans(CMSEnvelopedDataGenerator.AES256_CBC);
-    }
-
-    private void testKeyTrans(String algorithm)
-        throws Exception
-    {
-        byte[]          data     = "WallaWallaWashington".getBytes();
-
-        CMSEnvelopedDataGenerator edGen = new CMSEnvelopedDataGenerator();
-
-        edGen.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(keyCert).setProvider("SunJCE"));
-
-        CMSEnvelopedData ed = edGen.generate(
-                                new CMSProcessableByteArray(data),
-                                new JceCMSContentEncryptorBuilder(new ASN1ObjectIdentifier(algorithm)).setProvider("SunJCE").build());
-
-        RecipientInformationStore recipients = ed.getRecipientInfos();
-
-
-        assertEquals(ed.getEncryptionAlgOID(), algorithm);
-
-        Collection  c = recipients.getRecipients();
-
-        assertEquals(1, c.size());
-
-        Iterator    it = c.iterator();
-
-        while (it.hasNext())
-        {
-            RecipientInformation recipient = (RecipientInformation)it.next();
-
-            assertEquals(recipient.getKeyEncryptionAlgOID(), PKCSObjectIdentifiers.rsaEncryption.getId());
-
-            byte[] recData = recipient.getContent(new JceKeyTransEnvelopedRecipient(keyPair.getPrivate()).setProvider("SunJCE"));
-
-            assertEquals(true, Arrays.equals(data, recData));
-        }
-    }
-
-    private static KeyPair generateKeyPair()
-        throws NoSuchProviderException, NoSuchAlgorithmException
-    {
-        KeyPairGenerator    kpg  = KeyPairGenerator.getInstance("RSA", "SunRsaSign");
-
-        kpg.initialize(512, new SecureRandom());
-
-        return kpg.generateKeyPair();
-    }
-
-    private static X509Certificate makeCertificate(KeyPair subKP, String _subDN, KeyPair issKP, String _issDN)
-        throws GeneralSecurityException, IOException
-    {
-
-        PublicKey subPub  = subKP.getPublic();
-        PrivateKey issPriv = issKP.getPrivate();
-        PublicKey  issPub  = issKP.getPublic();
-
-        X509V3CertificateGenerator v3CertGen = new X509V3CertificateGenerator();
-
-        v3CertGen.reset();
-        v3CertGen.setSerialNumber(BigInteger.valueOf(1));
-        v3CertGen.setIssuerDN(new X509Name(_issDN));
-        v3CertGen.setNotBefore(new Date(System.currentTimeMillis()));
-        v3CertGen.setNotAfter(new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 100)));
-        v3CertGen.setSubjectDN(new X509Name(_subDN));
-        v3CertGen.setPublicKey(subPub);
-
-        v3CertGen.setSignatureAlgorithm("SHA1WithRSA");
-
-        X509Certificate _cert = v3CertGen.generate(issPriv, "SunRsaSign");
-
-        _cert.checkValidity(new Date());
-        _cert.verify(issPub);
-
-        return _cert;
-    }
-
-    public static Test suite()
-        throws Exception
-    {
-        return new TestSuite(SunProviderTest.class);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/cms/test/package.html b/bcpkix/src/main/java/org/bouncycastle/cms/test/package.html
deleted file mode 100644
index 70b39d7..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/cms/test/package.html
+++ /dev/null

@@ -1,7 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Regression tests for the Cryptographic Message Syntax (CMS) packages. 
-<p>
-<b>Note</b>: The classes in this package are also a useful source of example code.
-</body>
-</html>

diff --git a/bcpkix/src/main/java/org/bouncycastle/dvcs/CCPDRequestBuilder.java b/bcpkix/src/main/java/org/bouncycastle/dvcs/CCPDRequestBuilder.java
deleted file mode 100644
index 2f59a9e..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/dvcs/CCPDRequestBuilder.java
+++ /dev/null

@@ -1,32 +0,0 @@
-package org.bouncycastle.dvcs;
-
-import org.bouncycastle.asn1.dvcs.DVCSRequestInformationBuilder;
-import org.bouncycastle.asn1.dvcs.Data;
-import org.bouncycastle.asn1.dvcs.ServiceType;
-
-/**
- * Builder of CCPD requests (Certify Claim of Possession of Data).
- */
-public class CCPDRequestBuilder
-    extends DVCSRequestBuilder
-{
-    public CCPDRequestBuilder()
-    {
-        super(new DVCSRequestInformationBuilder(ServiceType.CCPD));
-    }
-
-    /**
-     * Builds CCPD request.
-     *
-     * @param messageImprint - the message imprint to include.
-     * @return a new DVCSRequest based on the state of this builder.
-     * @throws DVCSException if an issue occurs during construction.
-     */
-    public DVCSRequest build(MessageImprint messageImprint)
-        throws DVCSException
-    {
-        Data data = new Data(messageImprint.toASN1Structure());
-
-        return createDVCRequest(data);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/dvcs/CCPDRequestData.java b/bcpkix/src/main/java/org/bouncycastle/dvcs/CCPDRequestData.java
deleted file mode 100644
index dcf5b10..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/dvcs/CCPDRequestData.java
+++ /dev/null

@@ -1,49 +0,0 @@
-package org.bouncycastle.dvcs;
-
-import org.bouncycastle.asn1.dvcs.Data;
-
-/**
- * Data piece of DVCRequest for CCPD service (Certify Claim of Possession of Data).
- * It contains CCPD-specific selector interface.
- * <p>
- * This objects are constructed internally,
- * to build DVCS request to CCPD service use CCPDRequestBuilder.
- * </p>
- */
-public class CCPDRequestData
-    extends DVCSRequestData
-{
-    /**
-     * Construct from corresponding ASN.1 Data structure.
-     * Note, that data should have messageImprint choice,
-     * otherwise DVCSConstructionException is thrown.
-     *
-     * @param data
-     * @throws DVCSConstructionException
-     */
-    CCPDRequestData(Data data)
-        throws DVCSConstructionException
-    {
-        super(data);
-        initDigest();
-    }
-
-    private void initDigest()
-        throws DVCSConstructionException
-    {
-        if (data.getMessageImprint() == null)
-        {
-            throw new DVCSConstructionException("DVCSRequest.data.messageImprint should be specified for CCPD service");
-        }
-    }
-
-    /**
-     * Get MessageImprint value
-     *
-     * @return the message imprint data as a MessageImprint object.
-     */
-    public MessageImprint getMessageImprint()
-    {
-        return new MessageImprint(data.getMessageImprint());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/dvcs/CPDRequestBuilder.java b/bcpkix/src/main/java/org/bouncycastle/dvcs/CPDRequestBuilder.java
deleted file mode 100644
index b8e8fff..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/dvcs/CPDRequestBuilder.java
+++ /dev/null

@@ -1,32 +0,0 @@
-package org.bouncycastle.dvcs;
-
-import org.bouncycastle.asn1.dvcs.DVCSRequestInformationBuilder;
-import org.bouncycastle.asn1.dvcs.Data;
-import org.bouncycastle.asn1.dvcs.ServiceType;
-
-/**
- * Builder of DVCSRequests to CPD service (Certify Possession of Data).
- */
-public class CPDRequestBuilder
-    extends DVCSRequestBuilder
-{
-    public CPDRequestBuilder()
-    {
-        super(new DVCSRequestInformationBuilder(ServiceType.CPD));
-    }
-
-    /**
-     * Build CPD request.
-     *
-     * @param messageBytes  - data to be certified
-     * @return a DVSCRequest based on the builder's current state and messageBytes.
-     * @throws DVCSException on a build issue.
-     */
-    public DVCSRequest build(byte[] messageBytes)
-        throws DVCSException
-    {
-        Data data = new Data(messageBytes);
-
-        return createDVCRequest(data);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/dvcs/CPDRequestData.java b/bcpkix/src/main/java/org/bouncycastle/dvcs/CPDRequestData.java
deleted file mode 100644
index c171730..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/dvcs/CPDRequestData.java
+++ /dev/null

@@ -1,41 +0,0 @@
-package org.bouncycastle.dvcs;
-
-import org.bouncycastle.asn1.dvcs.Data;
-
-/**
- * Data piece of DVCRequest for CPD service (Certify Possession of Data).
- * It contains CPD-specific selector interface.
- * <p>
- * This objects are constructed internally,
- * to build DVCS request to CPD service use CPDRequestBuilder.
- * </p>
- */
-public class CPDRequestData
-    extends DVCSRequestData
-{
-    CPDRequestData(Data data)
-        throws DVCSConstructionException
-    {
-        super(data);
-        initMessage();
-    }
-
-    private void initMessage()
-        throws DVCSConstructionException
-    {
-        if (data.getMessage() == null)
-        {
-            throw new DVCSConstructionException("DVCSRequest.data.message should be specified for CPD service");
-        }
-    }
-
-    /**
-     * Get contained message (data to be certified).
-     *
-     * @return the contained message.
-     */
-    public byte[] getMessage()
-    {
-        return data.getMessage().getOctets();
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/dvcs/DVCSConstructionException.java b/bcpkix/src/main/java/org/bouncycastle/dvcs/DVCSConstructionException.java
deleted file mode 100644
index ec865c8..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/dvcs/DVCSConstructionException.java
+++ /dev/null

@@ -1,20 +0,0 @@
-package org.bouncycastle.dvcs;
-
-/**
- * Exception thrown when failed to initialize some DVCS-related staff.
- */
-public class DVCSConstructionException
-    extends DVCSException
-{
-    private static final long serialVersionUID = 660035299653583980L;
-
-    public DVCSConstructionException(String message)
-    {
-        super(message);
-    }
-
-    public DVCSConstructionException(String message, Throwable cause)
-    {
-        super(message, cause);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/dvcs/DVCSException.java b/bcpkix/src/main/java/org/bouncycastle/dvcs/DVCSException.java
deleted file mode 100644
index c5e3897..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/dvcs/DVCSException.java
+++ /dev/null

@@ -1,28 +0,0 @@
-package org.bouncycastle.dvcs;
-
-/**
- * General DVCSException.
- */
-public class DVCSException
-    extends Exception
-{
-    private static final long serialVersionUID = 389345256020131488L;
-
-    private Throwable cause;
-
-    public DVCSException(String message)
-    {
-        super(message);
-    }
-
-    public DVCSException(String message, Throwable cause)
-    {
-        super(message);
-        this.cause = cause;
-    }
-
-    public Throwable getCause()
-    {
-        return cause;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/dvcs/DVCSMessage.java b/bcpkix/src/main/java/org/bouncycastle/dvcs/DVCSMessage.java
deleted file mode 100644
index f6db5fa..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/dvcs/DVCSMessage.java
+++ /dev/null

@@ -1,22 +0,0 @@
-package org.bouncycastle.dvcs;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cms.ContentInfo;
-
-public abstract class DVCSMessage
-{
-    private final ContentInfo contentInfo;
-
-    protected DVCSMessage(ContentInfo contentInfo)
-    {
-        this.contentInfo = contentInfo;
-    }
-
-    public ASN1ObjectIdentifier getContentType()
-    {
-        return contentInfo.getContentType();
-    }
-
-    public abstract ASN1Encodable getContent();
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/dvcs/DVCSParsingException.java b/bcpkix/src/main/java/org/bouncycastle/dvcs/DVCSParsingException.java
deleted file mode 100644
index a034e38..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/dvcs/DVCSParsingException.java
+++ /dev/null

@@ -1,20 +0,0 @@
-package org.bouncycastle.dvcs;
-
-/**
- * DVCS parsing exception - thrown when failed to parse DVCS message.
- */
-public class DVCSParsingException
-    extends DVCSException
-{
-    private static final long serialVersionUID = -7895880961377691266L;
-
-    public DVCSParsingException(String message)
-    {
-        super(message);
-    }
-
-    public DVCSParsingException(String message, Throwable cause)
-    {
-        super(message, cause);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/dvcs/DVCSRequest.java b/bcpkix/src/main/java/org/bouncycastle/dvcs/DVCSRequest.java
deleted file mode 100644
index b82f1f1..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/dvcs/DVCSRequest.java
+++ /dev/null

@@ -1,134 +0,0 @@
-package org.bouncycastle.dvcs;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.cms.SignedData;
-import org.bouncycastle.asn1.dvcs.DVCSObjectIdentifiers;
-import org.bouncycastle.asn1.dvcs.ServiceType;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.cms.CMSSignedData;
-
-/**
- * DVCRequest is general request to DVCS (RFC 3029).
- * It represents requests for all types of services.
- * Requests for different services differ in DVCData structure.
- */
-public class DVCSRequest
-    extends DVCSMessage
-{
-    private org.bouncycastle.asn1.dvcs.DVCSRequest asn1;
-    private DVCSRequestInfo reqInfo;
-    private DVCSRequestData data;
-
-    /**
-     * Constructs DVCRequest from CMS SignedData object.
-     *
-     * @param signedData the CMS SignedData object containing the request
-     * @throws DVCSConstructionException
-     */
-    public DVCSRequest(CMSSignedData signedData)
-        throws DVCSConstructionException
-    {
-        this(SignedData.getInstance(signedData.toASN1Structure().getContent()).getEncapContentInfo());
-    }
-
-    /**
-     * Construct a DVCS Request from a ContentInfo
-     *
-     * @param contentInfo the contentInfo representing the DVCSRequest
-     * @throws DVCSConstructionException
-     */
-    public DVCSRequest(ContentInfo contentInfo)
-        throws DVCSConstructionException
-    {
-        super(contentInfo);
-
-        if (!DVCSObjectIdentifiers.id_ct_DVCSRequestData.equals(contentInfo.getContentType()))
-        {
-            throw new DVCSConstructionException("ContentInfo not a DVCS Request");
-        }
-
-        try
-        {
-            if (contentInfo.getContent().toASN1Primitive() instanceof ASN1Sequence)
-            {
-                this.asn1 = org.bouncycastle.asn1.dvcs.DVCSRequest.getInstance(contentInfo.getContent());
-            }
-            else
-            {
-                this.asn1 = org.bouncycastle.asn1.dvcs.DVCSRequest.getInstance(ASN1OctetString.getInstance(contentInfo.getContent()).getOctets());
-            }
-        }
-        catch (Exception e)
-        {
-            throw new DVCSConstructionException("Unable to parse content: " + e.getMessage(), e);
-        }
-
-        this.reqInfo = new DVCSRequestInfo(asn1.getRequestInformation());
-
-        int service = reqInfo.getServiceType();
-        if (service == ServiceType.CPD.getValue().intValue())
-        {
-            this.data = new CPDRequestData(asn1.getData());
-        }
-        else if (service == ServiceType.VSD.getValue().intValue())
-        {
-            this.data = new VSDRequestData(asn1.getData());
-        }
-        else if (service == ServiceType.VPKC.getValue().intValue())
-        {
-            this.data = new VPKCRequestData(asn1.getData());
-        }
-        else if (service == ServiceType.CCPD.getValue().intValue())
-        {
-            this.data = new CCPDRequestData(asn1.getData());
-        }
-        else
-        {
-            throw new DVCSConstructionException("Unknown service type: " + service);
-        }
-    }
-
-    /**
-     * Return the ASN.1 DVCSRequest structure making up the body of this request.
-     *
-     * @return an org.bouncycastle.asn1.dvcs.DVCSRequest object.
-     */
-    public ASN1Encodable getContent()
-    {
-        return asn1;
-    }
-
-    /**
-     * Get RequestInformation envelope.
-     *
-     * @return the request info object.
-     */
-    public DVCSRequestInfo getRequestInfo()
-    {
-        return reqInfo;
-    }
-
-    /**
-     * Get data of DVCRequest.
-     * Depending on type of the request it could be different subclasses of DVCRequestData.
-     *
-     * @return the request Data object.
-     */
-    public DVCSRequestData getData()
-    {
-        return data;
-    }
-
-    /**
-     * Get the transaction identifier of request.
-     *
-     * @return the GeneralName representing the Transaction Identifier.
-     */
-    public GeneralName getTransactionIdentifier()
-    {
-        return asn1.getTransactionIdentifier();
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/dvcs/DVCSRequestBuilder.java b/bcpkix/src/main/java/org/bouncycastle/dvcs/DVCSRequestBuilder.java
deleted file mode 100644
index a914ac7..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/dvcs/DVCSRequestBuilder.java
+++ /dev/null

@@ -1,130 +0,0 @@
-package org.bouncycastle.dvcs;
-
-import java.io.IOException;
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.dvcs.DVCSObjectIdentifiers;
-import org.bouncycastle.asn1.dvcs.DVCSRequestInformationBuilder;
-import org.bouncycastle.asn1.dvcs.Data;
-import org.bouncycastle.asn1.x509.ExtensionsGenerator;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.GeneralNames;
-import org.bouncycastle.cms.CMSSignedDataGenerator;
-
-/**
- * Common base class for client DVCRequest builders.
- * This class aims at DVCSRequestInformation and TransactionIdentifier construction,
- * and its subclasses - for Data field construction (as it is specific for the requested service).
- */
-public abstract class DVCSRequestBuilder
-{
-    private final ExtensionsGenerator extGenerator = new ExtensionsGenerator();
-    private final CMSSignedDataGenerator signedDataGen = new CMSSignedDataGenerator();
-
-    protected final DVCSRequestInformationBuilder requestInformationBuilder;
-
-    protected DVCSRequestBuilder(DVCSRequestInformationBuilder requestInformationBuilder)
-    {
-        this.requestInformationBuilder = requestInformationBuilder;
-    }
-
-    /**
-     * Set a nonce for this request,
-     *
-     * @param nonce
-     */
-    public void setNonce(BigInteger nonce)
-    {
-        requestInformationBuilder.setNonce(nonce);
-    }
-
-    /**
-     * Set requester name.
-     *
-     * @param requester
-     */
-    public void setRequester(GeneralName requester)
-    {
-        requestInformationBuilder.setRequester(requester);
-    }
-
-    /**
-     * Set DVCS name to generated requests.
-     *
-     * @param dvcs
-     */
-    public void setDVCS(GeneralName dvcs)
-    {
-        requestInformationBuilder.setDVCS(dvcs);
-    }
-
-    /**
-     * Set DVCS name to generated requests.
-     *
-     * @param dvcs
-     */
-    public void setDVCS(GeneralNames dvcs)
-    {
-        requestInformationBuilder.setDVCS(dvcs);
-    }
-
-    /**
-     * Set data location to generated requests.
-     *
-     * @param dataLocation
-     */
-    public void setDataLocations(GeneralName dataLocation)
-    {
-        requestInformationBuilder.setDataLocations(dataLocation);
-    }
-
-    /**
-     * Set data location to generated requests.
-     *
-     * @param dataLocations
-     */
-    public void setDataLocations(GeneralNames dataLocations)
-    {
-        requestInformationBuilder.setDataLocations(dataLocations);
-    }
-
-    /**
-     * Add a given extension field.
-     *
-     * @param oid the OID defining the extension type.
-     * @param isCritical true if the extension is critical, false otherwise.
-     * @param value the ASN.1 structure that forms the extension's value.
-     * @throws DVCSException if there is an issue encoding the extension for adding.
-     */
-    public void addExtension(
-        ASN1ObjectIdentifier oid,
-        boolean isCritical,
-        ASN1Encodable value)
-        throws DVCSException
-    {
-        try
-        {
-            extGenerator.addExtension(oid, isCritical, value);
-        }
-        catch (IOException e)
-        {
-            throw new DVCSException("cannot encode extension: " + e.getMessage(), e);
-        }
-    }
-
-    protected DVCSRequest createDVCRequest(Data data)
-        throws DVCSException
-    {
-        if (!extGenerator.isEmpty())
-        {
-            requestInformationBuilder.setExtensions(extGenerator.generate());
-        }
-
-        org.bouncycastle.asn1.dvcs.DVCSRequest request = new org.bouncycastle.asn1.dvcs.DVCSRequest(requestInformationBuilder.build(), data);
-
-        return new DVCSRequest(new ContentInfo(DVCSObjectIdentifiers.id_ct_DVCSRequestData, request));
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/dvcs/DVCSRequestData.java b/bcpkix/src/main/java/org/bouncycastle/dvcs/DVCSRequestData.java
deleted file mode 100644
index 8f6fbc7..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/dvcs/DVCSRequestData.java
+++ /dev/null

@@ -1,39 +0,0 @@
-package org.bouncycastle.dvcs;
-
-import org.bouncycastle.asn1.dvcs.Data;
-
-/**
- * Data piece of DVCRequest object (DVCS Data structure).
- * Its contents depend on the service type.
- * Its subclasses define the service-specific interface.
- * <p>
- * The concrete objects of DVCRequestData are created by buildDVCRequestData static method.
- * </p>
- */
-public abstract class DVCSRequestData
-{
-    /**
-     * The underlying data object is accessible by subclasses.
-     */
-    protected Data data;
-
-    /**
-     * The constructor is accessible by subclasses.
-     *
-     * @param data the data piece for this request.
-     */
-    protected DVCSRequestData(Data data)
-    {
-        this.data = data;
-    }
-
-    /**
-     * Convert to ASN.1 structure (Data).
-     *
-     * @return a Data object.
-     */
-    public Data toASN1Structure()
-    {
-        return data;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/dvcs/DVCSRequestInfo.java b/bcpkix/src/main/java/org/bouncycastle/dvcs/DVCSRequestInfo.java
deleted file mode 100644
index da65a7d..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/dvcs/DVCSRequestInfo.java
+++ /dev/null

@@ -1,237 +0,0 @@
-package org.bouncycastle.dvcs;
-
-import java.math.BigInteger;
-import java.util.Date;
-
-import org.bouncycastle.asn1.dvcs.DVCSRequestInformation;
-import org.bouncycastle.asn1.dvcs.DVCSTime;
-import org.bouncycastle.asn1.x509.GeneralNames;
-import org.bouncycastle.asn1.x509.PolicyInformation;
-import org.bouncycastle.tsp.TimeStampToken;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Information piece of DVCS requests.
- * It is common for all types of DVCS requests.
- */
-public class DVCSRequestInfo
-{
-    private DVCSRequestInformation data;
-
-    /**
-     * Constructs DVCRequestInfo from byte array (DER encoded DVCSRequestInformation).
-     *
-     * @param in a byte array holding the encoding of a DVCSRequestInformation structure.
-     */
-    public DVCSRequestInfo(byte[] in)
-    {
-        this(DVCSRequestInformation.getInstance(in));
-    }
-
-    /**
-     * Constructs DVCRequestInfo from DVCSRequestInformation ASN.1 structure.
-     *
-     * @param data a DVCSRequestInformation to populate this object with.
-     */
-    public DVCSRequestInfo(DVCSRequestInformation data)
-    {
-        this.data = data;
-    }
-
-    /**
-     * Converts to corresponding ASN.1 structure (DVCSRequestInformation).
-     *
-     * @return a DVCSRequestInformation object.
-     */
-    public DVCSRequestInformation toASN1Structure()
-    {
-        return data;
-    }
-
-    //
-    // DVCRequestInfo selector interface
-    //
-
-    /**
-     * Get DVCS version of request.
-     *
-     * @return the version number of the request.
-     */
-    public int getVersion()
-    {
-        return data.getVersion();
-    }
-
-    /**
-     * Get requested service type.
-     *
-     * @return one of CPD, VSD, VPKC, CCPD (see constants).
-     */
-    public int getServiceType()
-    {
-        return data.getService().getValue().intValue();
-    }
-
-    /**
-     * Get nonce if it is set.
-     * Note: this field can be set (if not present) or extended (if present) by DVCS.
-     *
-     * @return nonce value, or null if it is not set.
-     */
-    public BigInteger getNonce()
-    {
-        return data.getNonce();
-    }
-
-    /**
-     * Get request generation time if it is set.
-     *
-     * @return time of request, or null if it is not set.
-     * @throws DVCSParsingException if a request time is present but cannot be extracted.
-     */
-    public Date getRequestTime()
-        throws DVCSParsingException
-    {
-        DVCSTime time = data.getRequestTime();
-
-        if (time == null)
-        {
-            return null;
-        }
-
-        try
-        {
-            if (time.getGenTime() != null)
-            {
-                return time.getGenTime().getDate();
-            }
-            else
-            {
-                TimeStampToken token = new TimeStampToken(time.getTimeStampToken());
-
-                return token.getTimeStampInfo().getGenTime();
-            }
-        }
-        catch (Exception e)
-        {
-            throw new DVCSParsingException("unable to extract time: " + e.getMessage(), e);
-        }
-    }
-
-    /**
-     * Get names of requesting entity, if set.
-     *
-     * @return the requesting entity, or null.
-     */
-    public GeneralNames getRequester()
-    {
-        return data.getRequester();
-    }
-
-    /**
-     * Get policy, under which the validation is requested.
-     *
-     * @return policy identifier or null, if any policy is acceptable.
-     */
-    public PolicyInformation getRequestPolicy()
-    {
-        if (data.getRequestPolicy() != null)
-        {
-            return data.getRequestPolicy();
-        }
-        return null;
-    }
-
-    /**
-     * Get names of DVCS servers.
-     * Note: this field can be set by DVCS.
-     *
-     * @return the DVCS names object, or null if not set.
-     */
-    public GeneralNames getDVCSNames()
-    {
-        return data.getDVCS();
-    }
-
-    /**
-     * Get data locations, where the copy of request Data can be obtained.
-     * Note: the exact meaning of field is up to applications.
-     * Note: this field can be set by DVCS.
-     *
-     * @return the DVCS dataLocations object, or null if not set.
-     */
-    public GeneralNames getDataLocations()
-    {
-        return data.getDataLocations();
-    }
-
-    /**
-     * Compares two DVCRequestInfo structures: one from DVCRequest, and one from DVCResponse.
-     * This function implements RFC 3029, 9.1 checks of reqInfo.
-     *
-     * @param requestInfo  - DVCRequestInfo of DVCRequest
-     * @param responseInfo - DVCRequestInfo of DVCResponse
-     * @return true if server's requestInfo matches client's requestInfo
-     */
-    public static boolean validate(DVCSRequestInfo requestInfo, DVCSRequestInfo responseInfo)
-    {
-        // RFC 3029, 9.1
-        // The DVCS MAY modify the fields:
-        // 'dvcs', 'requester', 'dataLocations', and 'nonce' of the ReqInfo structure.
-
-        DVCSRequestInformation clientInfo = requestInfo.data;
-        DVCSRequestInformation serverInfo = responseInfo.data;
-
-        if (clientInfo.getVersion() != serverInfo.getVersion())
-        {
-            return false;
-        }
-        if (!clientEqualsServer(clientInfo.getService(), serverInfo.getService()))
-        {
-            return false;
-        }
-        if (!clientEqualsServer(clientInfo.getRequestTime(), serverInfo.getRequestTime()))
-        {
-            return false;
-        }
-        if (!clientEqualsServer(clientInfo.getRequestPolicy(), serverInfo.getRequestPolicy()))
-        {
-            return false;
-        }
-        if (!clientEqualsServer(clientInfo.getExtensions(), serverInfo.getExtensions()))
-        {
-            return false;
-        }
-
-        // RFC 3029, 9.1. The only modification allowed to a 'nonce'
-        // is the inclusion of a new field if it was not present,
-        // or to concatenate other data to the end (right) of an existing value.
-
-        if (clientInfo.getNonce() != null)
-        {
-            if (serverInfo.getNonce() == null)
-            {
-                return false;
-            }
-            byte[] clientNonce = clientInfo.getNonce().toByteArray();
-            byte[] serverNonce = serverInfo.getNonce().toByteArray();
-            if (serverNonce.length < clientNonce.length)
-            {
-                return false;
-            }
-            if (!Arrays.areEqual(clientNonce, Arrays.copyOfRange(serverNonce, 0, clientNonce.length)))
-            {
-                return false;
-            }
-        }
-
-        return true;
-    }
-
-    // null-protected compare of any two objects
-    private static boolean clientEqualsServer(Object client, Object server)
-    {
-        return (client == null && server == null) || (client != null && client.equals(server));
-    }
-}
-

diff --git a/bcpkix/src/main/java/org/bouncycastle/dvcs/DVCSResponse.java b/bcpkix/src/main/java/org/bouncycastle/dvcs/DVCSResponse.java
deleted file mode 100644
index 82593a8..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/dvcs/DVCSResponse.java
+++ /dev/null

@@ -1,74 +0,0 @@
-package org.bouncycastle.dvcs;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.cms.SignedData;
-import org.bouncycastle.asn1.dvcs.DVCSObjectIdentifiers;
-import org.bouncycastle.cms.CMSSignedData;
-
-/**
- * DVCResponse is general response to DVCS (RFC 3029).
- * It represents responses for all types of services.
- */
-public class DVCSResponse
-    extends DVCSMessage
-{
-    private org.bouncycastle.asn1.dvcs.DVCSResponse asn1;
-
-    /**
-     * Constructs DVCResponse from CMS SignedData object.
-     *
-     * @param signedData the CMS SignedData object containing the request
-     * @throws org.bouncycastle.dvcs.DVCSConstructionException
-     */
-    public DVCSResponse(CMSSignedData signedData)
-        throws DVCSConstructionException
-    {
-        this(SignedData.getInstance(signedData.toASN1Structure().getContent()).getEncapContentInfo());
-    }
-
-    /**
-     * Construct a DVCS Response from a ContentInfo
-     *
-     * @param contentInfo the contentInfo representing the DVCSRequest
-     * @throws org.bouncycastle.dvcs.DVCSConstructionException
-     */
-    public DVCSResponse(ContentInfo contentInfo)
-        throws DVCSConstructionException
-    {
-        super(contentInfo);
-
-        if (!DVCSObjectIdentifiers.id_ct_DVCSResponseData.equals(contentInfo.getContentType()))
-        {
-            throw new DVCSConstructionException("ContentInfo not a DVCS Response");
-        }
-
-        try
-        {
-            if (contentInfo.getContent().toASN1Primitive() instanceof ASN1Sequence)
-            {
-                this.asn1 = org.bouncycastle.asn1.dvcs.DVCSResponse.getInstance(contentInfo.getContent());
-            }
-            else
-            {
-                this.asn1 = org.bouncycastle.asn1.dvcs.DVCSResponse.getInstance(ASN1OctetString.getInstance(contentInfo.getContent()).getOctets());
-            }
-        }
-        catch (Exception e)
-        {
-            throw new DVCSConstructionException("Unable to parse content: " + e.getMessage(), e);
-        }
-    }
-
-    /**
-     * Return the ASN.1 DVCSResponse structure making up the body of this response.
-     *
-     * @return an org.bouncycastle.asn1.dvcs.DVCSResponse object.
-     */
-    public ASN1Encodable getContent()
-    {
-        return asn1;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/dvcs/MessageImprint.java b/bcpkix/src/main/java/org/bouncycastle/dvcs/MessageImprint.java
deleted file mode 100644
index 5f4fbc1..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/dvcs/MessageImprint.java
+++ /dev/null

@@ -1,38 +0,0 @@
-package org.bouncycastle.dvcs;
-
-import org.bouncycastle.asn1.x509.DigestInfo;
-
-public class MessageImprint
-{
-    private final DigestInfo messageImprint;
-
-    public MessageImprint(DigestInfo messageImprint)
-    {
-        this.messageImprint = messageImprint;
-    }
-
-    public DigestInfo toASN1Structure()
-    {
-        return messageImprint;
-    }
-
-    public boolean equals(Object o)
-    {
-        if (o == this)
-        {
-            return true;
-        }
-
-        if (o instanceof MessageImprint)
-        {
-            return messageImprint.equals(((MessageImprint)o).messageImprint);
-        }
-
-        return false;
-    }
-
-    public int hashCode()
-    {
-        return messageImprint.hashCode();
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/dvcs/MessageImprintBuilder.java b/bcpkix/src/main/java/org/bouncycastle/dvcs/MessageImprintBuilder.java
deleted file mode 100644
index 052d4fe..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/dvcs/MessageImprintBuilder.java
+++ /dev/null

@@ -1,35 +0,0 @@
-package org.bouncycastle.dvcs;
-
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.x509.DigestInfo;
-import org.bouncycastle.operator.DigestCalculator;
-
-public class MessageImprintBuilder
-{
-    private final DigestCalculator digestCalculator;
-
-    public MessageImprintBuilder(DigestCalculator digestCalculator)
-    {
-        this.digestCalculator = digestCalculator;
-    }
-
-    public MessageImprint build(byte[] message)
-        throws DVCSException
-    {
-        try
-        {
-            OutputStream dOut = digestCalculator.getOutputStream();
-
-            dOut.write(message);
-
-            dOut.close();
-
-            return new MessageImprint(new DigestInfo(digestCalculator.getAlgorithmIdentifier(), digestCalculator.getDigest()));
-        }
-        catch (Exception e)
-        {
-            throw new DVCSException("unable to build MessageImprint: " + e.getMessage(), e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/dvcs/SignedDVCSMessageGenerator.java b/bcpkix/src/main/java/org/bouncycastle/dvcs/SignedDVCSMessageGenerator.java
deleted file mode 100644
index 68be777..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/dvcs/SignedDVCSMessageGenerator.java
+++ /dev/null

@@ -1,45 +0,0 @@
-package org.bouncycastle.dvcs;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.CMSProcessableByteArray;
-import org.bouncycastle.cms.CMSSignedData;
-import org.bouncycastle.cms.CMSSignedDataGenerator;
-
-public class SignedDVCSMessageGenerator
-{
-    private final CMSSignedDataGenerator signedDataGen;
-
-    public SignedDVCSMessageGenerator(CMSSignedDataGenerator signedDataGen)
-    {
-        this.signedDataGen = signedDataGen;
-    }
-
-    /**
-     * Creates a CMSSignedData object containing the passed in DVCSMessage
-     *
-     * @param message the request to be signed.
-     * @return an encapsulating SignedData object.
-     * @throws DVCSException in the event of failure to encode the request or sign it.
-     */
-    public CMSSignedData build(DVCSMessage message)
-        throws DVCSException
-    {
-        try
-        {
-            byte[] encapsulatedData = message.getContent().toASN1Primitive().getEncoded(ASN1Encoding.DER);
-
-            return signedDataGen.generate(new CMSProcessableByteArray(message.getContentType(), encapsulatedData), true);
-        }
-        catch (CMSException e)
-        {
-            throw new DVCSException("Could not sign DVCS request", e);
-        }
-        catch (IOException e)
-        {
-            throw new DVCSException("Could not encode DVCS request", e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/dvcs/TargetChain.java b/bcpkix/src/main/java/org/bouncycastle/dvcs/TargetChain.java
deleted file mode 100644
index 7dca8f8..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/dvcs/TargetChain.java
+++ /dev/null

@@ -1,18 +0,0 @@
-package org.bouncycastle.dvcs;
-
-import org.bouncycastle.asn1.dvcs.TargetEtcChain;
-
-public class TargetChain
-{
-    private final TargetEtcChain certs;
-
-    public TargetChain(TargetEtcChain certs)
-    {
-        this.certs = certs;
-    }
-
-    public TargetEtcChain toASN1Structure()
-    {
-        return certs;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/dvcs/VPKCRequestBuilder.java b/bcpkix/src/main/java/org/bouncycastle/dvcs/VPKCRequestBuilder.java
deleted file mode 100644
index 1bc2219..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/dvcs/VPKCRequestBuilder.java
+++ /dev/null

@@ -1,77 +0,0 @@
-package org.bouncycastle.dvcs;
-
-import java.util.ArrayList;
-import java.util.Date;
-import java.util.List;
-
-import org.bouncycastle.asn1.dvcs.CertEtcToken;
-import org.bouncycastle.asn1.dvcs.DVCSRequestInformationBuilder;
-import org.bouncycastle.asn1.dvcs.DVCSTime;
-import org.bouncycastle.asn1.dvcs.Data;
-import org.bouncycastle.asn1.dvcs.ServiceType;
-import org.bouncycastle.asn1.dvcs.TargetEtcChain;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.cert.X509CertificateHolder;
-
-/**
- * Builder of DVC requests to VPKC service (Verify Public Key Certificates).
- */
-public class VPKCRequestBuilder
-    extends DVCSRequestBuilder
-{
-    private List chains = new ArrayList();
-
-    public VPKCRequestBuilder()
-    {
-        super(new DVCSRequestInformationBuilder(ServiceType.VPKC));
-    }
-
-    /**
-     * Adds a TargetChain representing a X.509 certificate to the request.
-     *
-     * @param cert the certificate to be added
-     */
-    public void addTargetChain(X509CertificateHolder cert)
-    {
-        chains.add(new TargetEtcChain(new CertEtcToken(CertEtcToken.TAG_CERTIFICATE, cert.toASN1Structure())));
-    }
-
-    /**
-     * Adds a TargetChain representing a single X.509 Extension to the request
-     *
-     * @param extension the extension to be added.
-     */
-    public void addTargetChain(Extension extension)
-    {
-        chains.add(new TargetEtcChain(new CertEtcToken(extension)));
-    }
-
-    /**
-     * Adds a X.509 certificate to the request.
-     *
-     * @param targetChain the CertChain object to be added.
-     */
-    public void addTargetChain(TargetChain targetChain)
-    {
-        chains.add(targetChain.toASN1Structure());
-    }
-
-    public void setRequestTime(Date requestTime)
-    {
-        requestInformationBuilder.setRequestTime(new DVCSTime(requestTime));
-    }
-
-    /**
-     * Build DVCS request to VPKC service.
-     *
-     * @return a new DVCSRequest based on the state of this builder.
-     * @throws DVCSException if an issue occurs during construction.
-     */
-    public DVCSRequest build()
-        throws DVCSException
-    {
-        Data data = new Data((TargetEtcChain[])chains.toArray(new TargetEtcChain[chains.size()]));
-
-        return createDVCRequest(data);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/dvcs/VPKCRequestData.java b/bcpkix/src/main/java/org/bouncycastle/dvcs/VPKCRequestData.java
deleted file mode 100644
index 8ddca12..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/dvcs/VPKCRequestData.java
+++ /dev/null

@@ -1,52 +0,0 @@
-package org.bouncycastle.dvcs;
-
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-
-import org.bouncycastle.asn1.dvcs.Data;
-import org.bouncycastle.asn1.dvcs.TargetEtcChain;
-
-/**
- * Data piece of DVCS request to VPKC service (Verify Public Key Certificates).
- * It contains VPKC-specific interface.
- * <p>
- * This objects are constructed internally,
- * to build DVCS request to VPKC service use VPKCRequestBuilder.
- * </p>
- */
-public class VPKCRequestData
-    extends DVCSRequestData
-{
-    private List chains;
-
-    VPKCRequestData(Data data)
-        throws DVCSConstructionException
-    {
-        super(data);
-
-        TargetEtcChain[] certs = data.getCerts();
-
-        if (certs == null)
-        {
-            throw new DVCSConstructionException("DVCSRequest.data.certs should be specified for VPKC service");
-        }
-
-        chains = new ArrayList(certs.length);
-
-        for (int i = 0; i != certs.length; i++)
-        {
-            chains.add(new TargetChain(certs[i]));
-        }
-    }
-
-    /**
-     * Get contained certs choice data..
-     *
-     * @return a list of CertChain objects.
-     */
-    public List getCerts()
-    {
-        return Collections.unmodifiableList(chains);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/dvcs/VSDRequestBuilder.java b/bcpkix/src/main/java/org/bouncycastle/dvcs/VSDRequestBuilder.java
deleted file mode 100644
index a244427..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/dvcs/VSDRequestBuilder.java
+++ /dev/null

@@ -1,49 +0,0 @@
-package org.bouncycastle.dvcs;
-
-import java.io.IOException;
-import java.util.Date;
-
-import org.bouncycastle.asn1.dvcs.DVCSRequestInformationBuilder;
-import org.bouncycastle.asn1.dvcs.DVCSTime;
-import org.bouncycastle.asn1.dvcs.Data;
-import org.bouncycastle.asn1.dvcs.ServiceType;
-import org.bouncycastle.cms.CMSSignedData;
-
-/**
- * Builder of DVCS requests to VSD service (Verify Signed Document).
- */
-public class VSDRequestBuilder
-    extends DVCSRequestBuilder
-{
-    public VSDRequestBuilder()
-    {
-        super(new DVCSRequestInformationBuilder(ServiceType.VSD));
-    }
-
-    public void setRequestTime(Date requestTime)
-    {
-        requestInformationBuilder.setRequestTime(new DVCSTime(requestTime));
-    }
-
-    /**
-     * Build VSD request from CMS SignedData object.
-     *
-     * @param document the CMS SignedData to include in the request.
-     * @return a new DVCSRequest based on the state of this builder.
-     * @throws DVCSException if an issue occurs during construction.
-     */
-    public DVCSRequest build(CMSSignedData document)
-        throws DVCSException
-    {
-        try
-        {
-            Data data = new Data(document.getEncoded());
-
-            return createDVCRequest(data);
-        }
-        catch (IOException e)
-        {
-            throw new DVCSException("Failed to encode CMS signed data", e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/dvcs/VSDRequestData.java b/bcpkix/src/main/java/org/bouncycastle/dvcs/VSDRequestData.java
deleted file mode 100644
index fb12046..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/dvcs/VSDRequestData.java
+++ /dev/null

@@ -1,67 +0,0 @@
-package org.bouncycastle.dvcs;
-
-import org.bouncycastle.asn1.dvcs.Data;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.CMSSignedData;
-
-/**
- * Data piece of DVCS request to VSD service (Verify Signed Document).
- * It contains VSD-specific selector interface.
- * Note: the request should contain CMS SignedData object as message.
- * <p>
- * This objects are constructed internally,
- * to build DVCS request to VSD service use VSDRequestBuilder.
- * </p>
- */
-public class VSDRequestData
-    extends DVCSRequestData
-{
-    private CMSSignedData doc;
-
-    VSDRequestData(Data data)
-        throws DVCSConstructionException
-    {
-        super(data);
-        initDocument();
-    }
-
-    private void initDocument()
-        throws DVCSConstructionException
-    {
-        if (doc == null)
-        {
-            if (data.getMessage() == null)
-            {
-                throw new DVCSConstructionException("DVCSRequest.data.message should be specified for VSD service");
-            }
-            try
-            {
-                doc = new CMSSignedData(data.getMessage().getOctets());
-            }
-            catch (CMSException e)
-            {
-                throw new DVCSConstructionException("Can't read CMS SignedData from input", e);
-            }
-        }
-    }
-
-    /**
-     * Get contained message (data to be certified).
-     *
-     * @return the contained message.
-     */
-    public byte[] getMessage()
-    {
-        return data.getMessage().getOctets();
-    }
-
-    /**
-     * Get the CMS SignedData object represented by the encoded message.
-     *
-     * @return the parsed contents of the contained message as a CMS SignedData object.
-     */
-    public CMSSignedData getParsedMessage()
-    {
-        return doc;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/dvcs/package.html b/bcpkix/src/main/java/org/bouncycastle/dvcs/package.html
deleted file mode 100644
index aecbd70..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/dvcs/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Classes for dealing "Internet X.509 Public Key Infrastructure Data Validation and Certification Server Protocols" - RFC 3029.
-</body>
-</html>

diff --git a/bcpkix/src/main/java/org/bouncycastle/dvcs/test/AllTests.java b/bcpkix/src/main/java/org/bouncycastle/dvcs/test/AllTests.java
deleted file mode 100644
index 3cfeefe..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/dvcs/test/AllTests.java
+++ /dev/null

@@ -1,239 +0,0 @@
-package org.bouncycastle.dvcs.test;
-
-import java.io.IOException;
-import java.security.KeyPair;
-import java.security.Security;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.X509Certificate;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.asn1.dvcs.CertEtcToken;
-import org.bouncycastle.asn1.dvcs.TargetEtcChain;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
-import org.bouncycastle.cms.CMSSignedData;
-import org.bouncycastle.cms.CMSSignedDataGenerator;
-import org.bouncycastle.cms.SignerId;
-import org.bouncycastle.cms.SignerInformationVerifier;
-import org.bouncycastle.cms.SignerInformationVerifierProvider;
-import org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
-import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
-import org.bouncycastle.cms.test.CMSTestUtil;
-import org.bouncycastle.dvcs.CCPDRequestBuilder;
-import org.bouncycastle.dvcs.CCPDRequestData;
-import org.bouncycastle.dvcs.CPDRequestBuilder;
-import org.bouncycastle.dvcs.CPDRequestData;
-import org.bouncycastle.dvcs.DVCSException;
-import org.bouncycastle.dvcs.DVCSRequest;
-import org.bouncycastle.dvcs.MessageImprint;
-import org.bouncycastle.dvcs.MessageImprintBuilder;
-import org.bouncycastle.dvcs.SignedDVCSMessageGenerator;
-import org.bouncycastle.dvcs.TargetChain;
-import org.bouncycastle.dvcs.VPKCRequestBuilder;
-import org.bouncycastle.dvcs.VPKCRequestData;
-import org.bouncycastle.dvcs.VSDRequestBuilder;
-import org.bouncycastle.dvcs.VSDRequestData;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.operator.ContentSigner;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
-import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.io.Streams;
-
-public class AllTests
-    extends TestCase
-{
-    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
-
-    private static boolean initialised = false;
-
-    private static String origDN;
-    private static KeyPair origKP;
-    private static X509Certificate origCert;
-
-    private static String signDN;
-    private static KeyPair signKP;
-    private static X509Certificate signCert;
-
-    private static void init()
-        throws Exception
-    {
-        if (!initialised)
-        {
-            initialised = true;
-
-            if (Security.getProvider(BC) == null)
-            {
-                Security.addProvider(new BouncyCastleProvider());
-            }
-            origDN = "O=Bouncy Castle, C=AU";
-            origKP = CMSTestUtil.makeKeyPair();
-            origCert = CMSTestUtil.makeCertificate(origKP, origDN, origKP, origDN);
-
-            signDN = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU";
-            signKP = CMSTestUtil.makeKeyPair();
-            signCert = CMSTestUtil.makeCertificate(signKP, signDN, origKP, origDN);
-        }
-    }
-
-    public void setUp()
-        throws Exception
-    {
-        init();
-    }
-
-    private byte[] getInput(String name)
-        throws IOException
-    {
-        return Streams.readAll(getClass().getResourceAsStream(name));
-    }
-
-    public void testCCPDRequest()
-        throws Exception
-    {
-        SignedDVCSMessageGenerator gen = getSignedDVCSMessageGenerator();
-
-        CCPDRequestBuilder reqBuilder = new CCPDRequestBuilder();
-
-        MessageImprintBuilder imprintBuilder = new MessageImprintBuilder(new SHA1DigestCalculator());
-
-        MessageImprint messageImprint = imprintBuilder.build(new byte[100]);
-
-        CMSSignedData reqMsg = gen.build(reqBuilder.build(messageImprint));
-
-        assertTrue(reqMsg.verifySignatures(new SignerInformationVerifierProvider()
-        {
-            public SignerInformationVerifier get(SignerId sid)
-                throws OperatorCreationException
-            {
-                return new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(signCert);
-            }
-        }));
-
-        DVCSRequest request = new DVCSRequest(reqMsg);
-
-        CCPDRequestData reqData = (CCPDRequestData)request.getData();
-
-        assertEquals(messageImprint, reqData.getMessageImprint());
-    }
-
-    private CMSSignedData getWrappedCPDRequest()
-        throws OperatorCreationException, CertificateEncodingException, DVCSException, IOException
-    {
-        SignedDVCSMessageGenerator gen = getSignedDVCSMessageGenerator();
-
-        CPDRequestBuilder reqBuilder = new CPDRequestBuilder();
-
-        return gen.build(reqBuilder.build(new byte[100]));
-    }
-
-    public void testCPDRequest()
-        throws Exception
-    {
-        CMSSignedData reqMsg = getWrappedCPDRequest();
-
-        assertTrue(reqMsg.verifySignatures(new SignerInformationVerifierProvider()
-        {
-            public SignerInformationVerifier get(SignerId sid)
-                throws OperatorCreationException
-            {
-                return new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(signCert);
-            }
-        }));
-
-        DVCSRequest request = new DVCSRequest(reqMsg);
-
-        CPDRequestData reqData = (CPDRequestData)request.getData();
-
-        assertTrue(Arrays.areEqual(new byte[100], reqData.getMessage()));
-    }
-
-    public void testVPKCRequest()
-        throws Exception
-    {
-        SignedDVCSMessageGenerator gen = getSignedDVCSMessageGenerator();
-
-        VPKCRequestBuilder reqBuilder = new VPKCRequestBuilder();
-
-        reqBuilder.addTargetChain(new JcaX509CertificateHolder(signCert));
-
-        CMSSignedData reqMsg = gen.build(reqBuilder.build());
-
-        assertTrue(reqMsg.verifySignatures(new SignerInformationVerifierProvider()
-        {
-            public SignerInformationVerifier get(SignerId sid)
-                throws OperatorCreationException
-            {
-                return new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(signCert);
-            }
-        }));
-
-        DVCSRequest request = new DVCSRequest(reqMsg);
-
-        VPKCRequestData reqData = (VPKCRequestData)request.getData();
-
-        assertEquals(new TargetEtcChain(new CertEtcToken(CertEtcToken.TAG_CERTIFICATE, new JcaX509CertificateHolder(signCert).toASN1Structure())), ((TargetChain)reqData.getCerts().get(0)).toASN1Structure());
-    }
-
-    public void testVSDRequest()
-        throws Exception
-    {
-        CMSSignedData message = getWrappedCPDRequest();
-
-        SignedDVCSMessageGenerator gen = getSignedDVCSMessageGenerator();
-
-        VSDRequestBuilder reqBuilder = new VSDRequestBuilder();
-
-        CMSSignedData reqMsg = gen.build(reqBuilder.build(message));
-
-        assertTrue(reqMsg.verifySignatures(new SignerInformationVerifierProvider()
-        {
-            public SignerInformationVerifier get(SignerId sid)
-                throws OperatorCreationException
-            {
-                return new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(signCert);
-            }
-        }));
-
-        DVCSRequest request = new DVCSRequest(reqMsg);
-
-        VSDRequestData reqData = (VSDRequestData)request.getData();
-
-        assertEquals(message.toASN1Structure().getContentType(), reqData.getParsedMessage().toASN1Structure().getContentType());
-    }
-
-    private SignedDVCSMessageGenerator getSignedDVCSMessageGenerator()
-        throws OperatorCreationException, CertificateEncodingException
-    {
-        CMSSignedDataGenerator sigDataGen = new CMSSignedDataGenerator();
-
-        JcaDigestCalculatorProviderBuilder calculatorProviderBuilder = new JcaDigestCalculatorProviderBuilder().setProvider(BC);
-
-        ContentSigner contentSigner = new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(signKP.getPrivate());
-
-        sigDataGen.addSignerInfoGenerator(new JcaSignerInfoGeneratorBuilder(calculatorProviderBuilder.build()).build(contentSigner, signCert));
-
-        return new SignedDVCSMessageGenerator(sigDataGen);
-    }
-
-    public static void main(String[] args)
-        throws Exception
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        junit.textui.TestRunner.run(suite());
-    }
-
-    public static Test suite()
-        throws Exception
-    {
-        TestSuite suite= new TestSuite("EAC tests");
-
-        suite.addTestSuite(AllTests.class);
-        suite.addTestSuite(DVCSParseTest.class);
-
-        return new DVCSTestSetup(suite);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/dvcs/test/DVCSParseTest.java b/bcpkix/src/main/java/org/bouncycastle/dvcs/test/DVCSParseTest.java
deleted file mode 100644
index 856d39d..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/dvcs/test/DVCSParseTest.java
+++ /dev/null

@@ -1,392 +0,0 @@
-package org.bouncycastle.dvcs.test;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.util.ArrayList;
-import java.util.Iterator;
-import java.util.List;
-
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cmp.PKIStatus;
-import org.bouncycastle.asn1.cmp.PKIStatusInfo;
-import org.bouncycastle.asn1.dvcs.CertEtcToken;
-import org.bouncycastle.asn1.dvcs.DVCSCertInfo;
-import org.bouncycastle.asn1.dvcs.DVCSCertInfoBuilder;
-import org.bouncycastle.asn1.dvcs.DVCSErrorNotice;
-import org.bouncycastle.asn1.dvcs.DVCSRequest;
-import org.bouncycastle.asn1.dvcs.DVCSRequestInformation;
-import org.bouncycastle.asn1.dvcs.DVCSRequestInformationBuilder;
-import org.bouncycastle.asn1.dvcs.DVCSResponse;
-import org.bouncycastle.asn1.dvcs.DVCSTime;
-import org.bouncycastle.asn1.dvcs.Data;
-import org.bouncycastle.asn1.dvcs.ServiceType;
-import org.bouncycastle.asn1.dvcs.TargetEtcChain;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.Certificate;
-import org.bouncycastle.asn1.x509.DigestInfo;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.PolicyInformation;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.CMSSignedData;
-import org.bouncycastle.dvcs.DVCSException;
-import org.bouncycastle.util.Integers;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-
-import junit.framework.TestCase;
-
-public class DVCSParseTest
-    extends TestCase
-{
-
-    // Clepsydre requests and responses
-    private static final String REQUEST_CCPD_CLEPSYDRE = "MIICRgYJKoZIhvcNAQcCoIICNzCCAjMCAQMxCzAJBgUrDgMCGgUAMIGZBgsqhkiG9w0BCRABB6CBiQSBhjCBgzBgCgEEoE2kSzBJMQswCQYDVQQGEwJGUjEOMAwGA1UEBxMFUGFyaXMxEDAOBgNVBAoTB0VkZWxXZWIxGDAWBgNVBAMTD1BldGVyIFN5bHZlc3RlcqEMBgorBgEEAak9AQIBMB8wBwYFKw4DAhoEFHW2ha9viUZ96AcVJR5Fl4/NH6VmMYIBgzCCAX8CAQEwfDBwMQswCQYDVQQGEwJGUjEVMBMGA1UEChMMRWRlbFdlYiBTLkEuMSgwJgYDVQQLEx9DbGVwc3lkcmUgRGVtb25zdHJhdGlvbiBTZXJ2aWNlMSAwHgYDVQQDExdUaW1lIFN0YW1waW5nIEF1dGhvcml0eQIIAJSIFyE0N3YwCQYFKw4DAhoFAKBfMBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABBzAcBgkqhkiG9w0BCQUxDxcNMDAwNDE3MTcxNDU3WjAjBgkqhkiG9w0BCQQxFgQUTajC0s58DQRBL0QTM3XbL1st+dwwDQYJKoZIhvcNAQEBBQAEgYBuew429QhfFjwxeyi7C8LGF2emtVTxmOJviZYODJnmy0DBm43Y147TK0H3FiZbtwi/5pWy2QFs/rEsUsFa0jHzjsrdEaFyBSlBat0oQKpcd8adHYBT22+cTKWjj5KLGD/VOq0Bh2nD/dPYw9DKa+YNTlNuUCCZfJTCRCUbBsCZlg==";
-    private static final String RESPONSE_CCPD_CLEPSYDRE = "MIIH9wYJKoZIhvcNAQcCoIIH6DCCB+QCAQMxCzAJBgUrDgMCGgUAMIIBLQYLKoZIhvcNAQkQAQigggEcBIIBGDCCARQwgdYKAQSgTaRLMEkxCzAJBgNVBAYTAkZSMQ4wDAYDVQQHEwVQYXJpczEQMA4GA1UEChMHRWRlbFdlYjEYMBYGA1UEAxMPUGV0ZXIgU3lsdmVzdGVyoQwGCisGAQQBqT0BAgGidKRyMHAxCzAJBgNVBAYTAkZSMRUwEwYDVQQKEwxFZGVsV2ViIFMuQS4xKDAmBgNVBAsTH0NsZXBzeWRyZSBEZW1vbnN0cmF0aW9uIFNlcnZpY2UxIDAeBgNVBAMTF1RpbWUgU3RhbXBpbmcgQXV0aG9yaXR5MB8wBwYFKw4DAhoEFHW2ha9viUZ96AcVJR5Fl4/NH6VmAgcBeAoeyogjGA8yMDAwMDQxNzE3MTYxN1qgggPgMIID3DCCAsSgAwIBAgIIAJSIFxdkNzIwDQYJKoZIhvcNAQEEBQAwcDELMAkGA1UEBhMCRlIxFTATBgNVBAoTDEVkZWxXZWIgUy5BLjEoMCYGA1UECxMfQ2xlcHN5ZHJlIERlbW9uc3RyYXRpb24gU2VydmljZTEgMB4GA1UEAxMXVGltZSBTdGFtcGluZyBBdXRob3JpdHkwHhcNMDAwMTI1MTYxOTM4WhcNMjAwMTIwMTYxOTM4WjBwMQswCQYDVQQGEwJGUjEVMBMGA1UEChMMRWRlbFdlYiBTLkEuMSgwJgYDVQQLEx9DbGVwc3lkcmUgRGVtb25zdHJhdGlvbiBTZXJ2aWNlMSAwHgYDVQQDExdUaW1lIFN0YW1waW5nIEF1dGhvcml0eTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAPrDF67rt53rq70FfjlDbQRFWHQFpczzbC+Mjnd+wp8SEVx9274jKJqQ0qvGorq9o36ZppkhpdiQuc+nI06gVqDBCkaJjjyRZzf9m6tJF/xKpfLkTG7jahySlwRvfwxc+3TLlX5Mw1gS6KnW8N0SRBXniy6vUcAMX6hl/EehyZgf1OHqvBwaJ7uLVvESVRD0jtifGZwegffbY92INz9xeVuW4l+C1RIZBQ3hPaVtZuQsHu3HTLjfqjjIFWquJX1GKgf5g3fEUe6Q3AXQw/DxX+jU7V00cJGdnwhVfVvljV81WYNOchm7nIjRevwjpYSZtBeKTWyd0KY1gF/K+ySLVB0CAwEAAaN6MHgwDwYDVR0TBAgwBgEB/wIBADAWBgNVHSUBAf8EDDAKBggrBgEFBQcDCjBNBggrBgEFBQcBAQEB/wQ+MDwwOgYIKwYBBQUHMASGLmh0dHBzOi8vY2xlcHN5ZHJlLmVkZWx3ZWIuZnIvZHZjcy9zZXJ2aWNlLWNjcGQwDQYJKoZIhvcNAQEEBQADggEBAAjar1sJOWbTvoAd13K1LKME+0b4BfW/g/NtbTIoHEbuD+owYYoeigNOmIFgH5cXU9FUcz9ymEXTEJrTd7h0DpqQKY6spOvSJG32IR0/Uoss5pLnUsZUk5G8V3QhODl1zTBJVBOUbP7xZDgfX3274D6o8Sgc8dko+jIeO0i/XHAhKe++ciTaDflRev7X9f/owurGTEUUUVP9ANVbzGcqI5QxnsKQOJuw3/neZwxXXNew/PJylsTRep2g5lEkmZ6Jxjn5cnpE/S0/vN/HJSeUobV9ugZ1ZxyVbL0sdEE+zc05XC6cw8MJ43nV64Xo8XIpgPbGbmEbWPyHPtnhUxDgsQUxggK7MIICtwIBATB8MHAxCzAJBgNVBAYTAkZSMRUwEwYDVQQKEwxFZGVsV2ViIFMuQS4xKDAmBgNVBAsTH0NsZXBzeWRyZSBEZW1vbnN0cmF0aW9uIFNlcnZpY2UxIDAeBgNVBAMTF1RpbWUgU3RhbXBpbmcgQXV0aG9yaXR5AggAlIglcjUnUDAJBgUrDgMCGgUAoIIBFDAaBgkqhkiG9w0BCQMxDQYLKoZIhvcNAQkQAQgwHAYJKoZIhvcNAQkFMQ8XDTAwMDQxNzE3MTYxOVowIwYJKoZIhvcNAQkEMRYEFGhQ3JAgLsLwVRV/d6mmDDTMEwb6MIGyBgsqhkiG9w0BCRACDDGBojCBnzCBnDCBmQQUXPEY80rKtGfW2Of4O0rZejKlQ6UwgYAwdKRyMHAxCzAJBgNVBAYTAkZSMRUwEwYDVQQKEwxFZGVsV2ViIFMuQS4xKDAmBgNVBAsTH0NsZXBzeWRyZSBEZW1vbnN0cmF0aW9uIFNlcnZpY2UxIDAeBgNVBAMTF1RpbWUgU3RhbXBpbmcgQXV0aG9yaXR5AggAlIglcjUnUDANBgkqhkiG9w0BAQEFAASCAQAucJ9WXgFWqeFHgRI1ISkJFnrtRflaou3k/p0s5NoSZmIUWWGLUHsBgj29fuY40KigN5h5EyY5KcZyIKmVcedTf3l3mO8jAk65vZCbrAWicI86QjacLLCUsSsLNpQOeA6w0QkgY7z/zTLxWtOrn5OcWqNYmaAoEeCATU0edwT0UAfVi1SgIzL/ppziurjbVUfJyLoH75AUSKi2xXzVqSB0HFbvjxuz/IdtgfHUbxqHMJJHaeB54LwQmc9NNkw2A1Fy0VumHi2G8R8K6L/rOPnOGuywj1GuKjtGhL9NjJ/uH+/FNaNjvjjAA3w6XrjPOxgQiNu7T3j2++QcjdT4++tQ";
-    // Top-Cross requests and responses
-    private static final String REQUEST_CPD_TOMSK = "MIIJWgYJKoZIhvcNAQcCoIIJSzCCCUcCAQMxDDAKBgYqhQMCAgkFADCCBFwGCyqGSIb3DQEJEAEHoIIESwSCBEcwggRDMAkKAQECBA33L7cEggQcMIIEGDCCA8WgAwIBAgIKTOD69wAAAAA80DAKBgYqhQMCAgMFADCB5zEbMBkGCSqGSIb3DQEJARYMdWRjc0B1ZGNzLnJ1MQswCQYDVQQGEwJSVTEXMBUGA1UECB4OBCIEPgQ8BEEEOgQwBE8xEzARBgNVBAceCgQiBD4EPARBBDoxRzBFBgNVBAoTPlRvbXNrIFN0YXRlIFVuaXZlcnNpdHkgb2YgQ29udHJvbCBTeXN0ZW1zIGFuZCBSYWRpb2VsZWN0cm9uaWNzMScwJQYDVQQLHh4EJgQiBBEAIAAtACAEIwQmACAEIQQ4BDEEOARABDgxGzAZBgNVBAMTElVEQyBTaWJpcmlhIFRTVUNTUjAeFw0xMjExMTIwMzI4MDBaFw0xMzAzMDMwNjE5MDBaMIHRMSgwJgYJKoZIhvcNAQkBFhl0ZXN0X3VkY3NAY3RiLnJrLnR1c3VyLnJ1MQswCQYDVQQGEwJSVTETMBEGA1UEBwwK0KLQvtC80YHQujE9MDsGA1UECgw00KPQtNC+0YHRgtC+0LLQtdGA0Y/RjtGJ0LjQuSDQptC10L3RgtGAINCh0LjQsdC40YDQuDFEMEIGA1UEAww70KLQtdGB0YLQvtCy0YvQuSDQn9C+0LvRjNC30L7QstCw0YLQtdC70Ywg0KPQpiDQodC40LHQuNGA0LgwYzAcBgYqhQMCAhMwEgYHKoUDAgIkAAYHKoUDAgIeAQNDAARAR01H5PIXecUsIknQwHuiDRSy5k4uNezKe7zETWfhPb9Bm0+djzJkEc13t2IeMwLHXVOla91gFoSbhfWRYp07WKOCAWEwggFdMA4GA1UdDwEB/wQEAwIE8DAmBgNVHSUEHzAdBggrBgEFBQcDBAYHKoUDAgIiBgYIKwYBBQUHAwIwHQYDVR0OBBYEFOJVTSiR/zqkOU0HtBcR1AtX2CU9MB8GA1UdIwQYMBaAFLkeioDYZtqO5B8ojEBYjFzq1uciMFoGA1UdHwRTMFEwT6BNoEuGI2h0dHA6Ly93d3cudWRjcy5ydS9jZXJ0c3J2L3VkY3MuY3JshiRodHRwOi8vd3d3Mi51ZGNzLnJ1L2NlcnRzcnYvdWRjcy5jcmwwcQYIKwYBBQUHAQEEZTBjMC8GCCsGAQUFBzAChiNodHRwOi8vd3d3LnVkY3MucnUvY2VydHNydi91ZGNzLmNlcjAwBggrBgEFBQcwAoYkaHR0cDovL3d3dzIudWRjcy5ydS9jZXJ0c3J2L3VkY3MuY2VyMBQGA1UdIAQNMAswCQYHKoUDAxMCBDAKBgYqhQMCAgMFAANBABGJw/oHPHm0aRdmKW8LHcITCO7sA0BrAxzZQlV0USmZGS5VKPCgnpdoPQbsW4ynnxTivDfh8ZAJGcKVZ9kiD/SgFgYLKoUDAhUBAQIBAwKgBwIFAIW6DUGgggN0MIIDcDCCAx2gAwIBAgIKJjs9ewAAAAA3FDAKBgYqhQMCAgMFADCB5zEbMBkGCSqGSIb3DQEJARYMdWRjc0B1ZGNzLnJ1MQswCQYDVQQGEwJSVTEXMBUGA1UECB4OBCIEPgQ8BEEEOgQwBE8xEzARBgNVBAceCgQiBD4EPARBBDoxRzBFBgNVBAoTPlRvbXNrIFN0YXRlIFVuaXZlcnNpdHkgb2YgQ29udHJvbCBTeXN0ZW1zIGFuZCBSYWRpb2VsZWN0cm9uaWNzMScwJQYDVQQLHh4EJgQiBBEAIAAtACAEIwQmACAEIQQ4BDEEOARABDgxGzAZBgNVBAMTElVEQyBTaWJpcmlhIFRTVUNTUjAeFw0xMTEyMDcwNDI0MDBaFw0xMjEyMDcwNDMzMDBaMB8xHTAbBgNVBAMeFABSAEMAQQBJAFIAXwB0AGUAYwBoMGMwHAYGKoUDAgITMBIGByqFAwICJAAGByqFAwICHgEDQwAEQLgMQUEkI9li1pn4dHHEWv5SSCjI77W6wfG3mSzEKw0vd3qQUTd86xZGAEwVC2dxJIdiQlSuMtyog6vSau3FriKjggFsMIIBaDAOBgNVHQ8BAf8EBAMCBPAwMAYDVR0lBCkwJwYIKwYBBQUHAwQGCCqFAwMTAgUCBgcqhQMCAiIGBggrBgEFBQcDAjAdBgNVHQ4EFgQU/hZ+9/9Tt/94ckUhTWabJMCegqQwHwYDVR0jBBgwFoAUuR6KgNhm2o7kHyiMQFiMXOrW5yIwWgYDVR0fBFMwUTBPoE2gS4YjaHR0cDovL3d3dy51ZGNzLnJ1L2NlcnRzcnYvdWRjcy5jcmyGJGh0dHA6Ly93d3cyLnVkY3MucnUvY2VydHNydi91ZGNzLmNybDBxBggrBgEFBQcBAQRlMGMwLwYIKwYBBQUHMAKGI2h0dHA6Ly93d3cudWRjcy5ydS9jZXJ0c3J2L3VkY3MuY2VyMDAGCCsGAQUFBzAChiRodHRwOi8vd3d3Mi51ZGNzLnJ1L2NlcnRzcnYvdWRjcy5jZXIwFQYDVR0gBA4wDDAKBggqhQMDEwIFATAKBgYqhQMCAgMFAANBALCWVdYVTPSLtijWd6utGC/rtl0mGvU3UjyaHC2jbFovDwyRpx13BseqbcsxBA+aNabeH2WuEQMirhVt7lpV4jMxggFaMIIBVgIBATCB9jCB5zEbMBkGCSqGSIb3DQEJARYMdWRjc0B1ZGNzLnJ1MQswCQYDVQQGEwJSVTEXMBUGA1UECB4OBCIEPgQ8BEEEOgQwBE8xEzARBgNVBAceCgQiBD4EPARBBDoxRzBFBgNVBAoTPlRvbXNrIFN0YXRlIFVuaXZlcnNpdHkgb2YgQ29udHJvbCBTeXN0ZW1zIGFuZCBSYWRpb2VsZWN0cm9uaWNzMScwJQYDVQQLHh4EJgQiBBEAIAAtACAEIwQmACAEIQQ4BDEEOARABDgxGzAZBgNVBAMTElVEQyBTaWJpcmlhIFRTVUNTUgIKJjs9ewAAAAA3FDAKBgYqhQMCAgkFADAKBgYqhQMCAhMFAARAMdcEVUhDQ9XZl5Pu2N9At4a2y34fQY0uCQvIq47gOk0MBAXmTfT+7sJsTk1RMTMoeopDd+W7r3qO7isleghpgQ==";
-    private static final String RESPONSE_CPD_TOMSK = "MIIGuQYJKoZIhvcNAQcCoIIGqjCCBqYCAQMxDDAKBgYqhQMCAgkFADBvBgsqhkiG9w0BCRABCKBgBF4wXDAJCgEBAgR0q0Q5MDUwEQYGKoUDAgIJBgcqhQMCAh4BBCC+uAKu1Kom7NbBYTtd6VC/RwHvV6FxeSH86KR7Oq+XVgICGLkYDzIwMTIxMjA1MDY1NzIwWqADAgEAoIIEczCCBG8wggQcoAMCAQICCjBVmIkAAAAANVowCgYGKoUDAgIDBQAwgecxGzAZBgkqhkiG9w0BCQEWDHVkY3NAdWRjcy5ydTELMAkGA1UEBhMCUlUxFzAVBgNVBAgeDgQiBD4EPARBBDoEMARPMRMwEQYDVQQHHgoEIgQ+BDwEQQQ6MUcwRQYDVQQKEz5Ub21zayBTdGF0ZSBVbml2ZXJzaXR5IG9mIENvbnRyb2wgU3lzdGVtcyBhbmQgUmFkaW9lbGVjdHJvbmljczEnMCUGA1UECx4eBCYEIgQRACAALQAgBCMEJgAgBCEEOAQxBDgEQAQ4MRswGQYDVQQDExJVREMgU2liaXJpYSBUU1VDU1IwHhcNMTExMDIwMTAyNzAwWhcNMTMwMTIwMTAzNjAwWjCCATgxCzAJBgNVBAYTAlJVMRMwEQYDVQQHHgoEIgQeBBwEIQQaMUMwQQYDVQQKHjoEEAQ0BDwEOAQ9BDgEQQRCBEAEMARGBDgETwAgBCIEPgQ8BEEEOgQ+BDkAIAQ+BDEEOwQwBEEEQgQ4MYGBMH8GA1UECx54BBoEPgQ8BDgEQgQ1BEIAIAQ4BD0ERAQ+BEAEPAQwBEIEOAQ3BDAERgQ4BDgAIAQ4ACAEQQQyBE8ENwQ4ACAEEAQ0BDwEOAQ9BDgEQQRCBEAEMARGBDgEOAAgBCIEPgQ8BEEEOgQ+BDkAIAQ+BDEEOwQwBEEEQgQ4MUswSQYDVQQDHkIELQQbBBUEGgQiBCAEHgQdBB0EKwQZACAEHQQeBCIEEAQgBBgEEAQiACAAKABEAFYAQwBTACwAIABPAEMAUwBQACkwYzAcBgYqhQMCAhMwEgYHKoUDAgIkAAYHKoUDAgIeAQNDAARAijmkemSx9EYvcgxb7/O1AHd5r4mH6V6L97UyX/GGg9geywTqm/sPuq/wuVicW82f/f7huHHlIlUf5ejTwpH53aOCAVAwggFMMB0GA1UdJQQWMBQGCCsGAQUFBwMJBggrBgEFBQcDCjALBgNVHQ8EBAMCBsAwDwYJKwYBBQUHMAEFBAIFADAdBgNVHQ4EFgQUX5qI5TV4fjSwaGkElbHRedmg2NgwHwYDVR0jBBgwFoAUuR6KgNhm2o7kHyiMQFiMXOrW5yIwWgYDVR0fBFMwUTBPoE2gS4YjaHR0cDovL3d3dy51ZGNzLnJ1L2NlcnRzcnYvdWRjcy5jcmyGJGh0dHA6Ly93d3cyLnVkY3MucnUvY2VydHNydi91ZGNzLmNybDBxBggrBgEFBQcBAQRlMGMwLwYIKwYBBQUHMAKGI2h0dHA6Ly93d3cudWRjcy5ydS9jZXJ0c3J2L3VkY3MuY2VyMDAGCCsGAQUFBzAChiRodHRwOi8vd3d3Mi51ZGNzLnJ1L2NlcnRzcnYvdWRjcy5jZXIwCgYGKoUDAgIDBQADQQAw+l6X2T9zF2FtGiTvssRq0RGNaJ9d9P07qSt+gJ9gnveOnD4o8pVqCM+IgXfUrmh9IHRJ+u2LnhkDo8bUbOpIMYIBqTCCAaUCAQEwgfYwgecxGzAZBgkqhkiG9w0BCQEWDHVkY3NAdWRjcy5ydTELMAkGA1UEBhMCUlUxFzAVBgNVBAgeDgQiBD4EPARBBDoEMARPMRMwEQYDVQQHHgoEIgQ+BDwEQQQ6MUcwRQYDVQQKEz5Ub21zayBTdGF0ZSBVbml2ZXJzaXR5IG9mIENvbnRyb2wgU3lzdGVtcyBhbmQgUmFkaW9lbGVjdHJvbmljczEnMCUGA1UECx4eBCYEIgQRACAALQAgBCMEJgAgBCEEOAQxBDgEQAQ4MRswGQYDVQQDExJVREMgU2liaXJpYSBUU1VDU1ICCjBVmIkAAAAANVowCgYGKoUDAgIJBQCgTTAvBgkqhkiG9w0BCQQxIgQgm+Q/Zv0Y8bLGF6nUo1K6Tvdwda2tAOQIoJPeCOR4IfIwGgYJKoZIhvcNAQkDMQ0GCyqGSIb3DQEJEAEIMAoGBiqFAwICEwUABECBRv1CPSBsCsV1eczuPz3w3+Px1xfbZCWVUyJJ+mcfo4B9UxeBEuQxMXSS2B+r1162ZDcnn3ZHAJ8M1rwH4mms";
-    //    private static final String REQUEST_VSD_TOMSK   = "";
-//    private static final String RESPONSE_VSD_TOMSK  = "";
-    private static final String REQUEST_VPKC_TOMSK = "MIIJXwYJKoZIhvcNAQcCoIIJUDCCCUwCAQMxDDAKBgYqhQMCAgkFADCCBGEGCyqGSIb3DQEJEAEHoIIEUASCBEwwggRIMAoKAQMCBQDT+FBRoIIEIDCCBBygggQYMIIDxaADAgECAgpM4Pr3AAAAADzQMAoGBiqFAwICAwUAMIHnMRswGQYJKoZIhvcNAQkBFgx1ZGNzQHVkY3MucnUxCzAJBgNVBAYTAlJVMRcwFQYDVQQIHg4EIgQ+BDwEQQQ6BDAETzETMBEGA1UEBx4KBCIEPgQ8BEEEOjFHMEUGA1UEChM+VG9tc2sgU3RhdGUgVW5pdmVyc2l0eSBvZiBDb250cm9sIFN5c3RlbXMgYW5kIFJhZGlvZWxlY3Ryb25pY3MxJzAlBgNVBAseHgQmBCIEEQAgAC0AIAQjBCYAIAQhBDgEMQQ4BEAEODEbMBkGA1UEAxMSVURDIFNpYmlyaWEgVFNVQ1NSMB4XDTEyMTExMjAzMjgwMFoXDTEzMDMwMzA2MTkwMFowgdExKDAmBgkqhkiG9w0BCQEWGXRlc3RfdWRjc0BjdGIucmsudHVzdXIucnUxCzAJBgNVBAYTAlJVMRMwEQYDVQQHDArQotC+0LzRgdC6MT0wOwYDVQQKDDTQo9C00L7RgdGC0L7QstC10YDRj9GO0YnQuNC5INCm0LXQvdGC0YAg0KHQuNCx0LjRgNC4MUQwQgYDVQQDDDvQotC10YHRgtC+0LLRi9C5INCf0L7Qu9GM0LfQvtCy0LDRgtC10LvRjCDQo9CmINCh0LjQsdC40YDQuDBjMBwGBiqFAwICEzASBgcqhQMCAiQABgcqhQMCAh4BA0MABEBHTUfk8hd5xSwiSdDAe6INFLLmTi417Mp7vMRNZ+E9v0GbT52PMmQRzXe3Yh4zAsddU6Vr3WAWhJuF9ZFinTtYo4IBYTCCAV0wDgYDVR0PAQH/BAQDAgTwMCYGA1UdJQQfMB0GCCsGAQUFBwMEBgcqhQMCAiIGBggrBgEFBQcDAjAdBgNVHQ4EFgQU4lVNKJH/OqQ5TQe0FxHUC1fYJT0wHwYDVR0jBBgwFoAUuR6KgNhm2o7kHyiMQFiMXOrW5yIwWgYDVR0fBFMwUTBPoE2gS4YjaHR0cDovL3d3dy51ZGNzLnJ1L2NlcnRzcnYvdWRjcy5jcmyGJGh0dHA6Ly93d3cyLnVkY3MucnUvY2VydHNydi91ZGNzLmNybDBxBggrBgEFBQcBAQRlMGMwLwYIKwYBBQUHMAKGI2h0dHA6Ly93d3cudWRjcy5ydS9jZXJ0c3J2L3VkY3MuY2VyMDAGCCsGAQUFBzAChiRodHRwOi8vd3d3Mi51ZGNzLnJ1L2NlcnRzcnYvdWRjcy5jZXIwFAYDVR0gBA0wCzAJBgcqhQMDEwIEMAoGBiqFAwICAwUAA0EAEYnD+gc8ebRpF2YpbwsdwhMI7uwDQGsDHNlCVXRRKZkZLlUo8KCel2g9BuxbjKefFOK8N+HxkAkZwpVn2SIP9KAWBgsqhQMCFQEBAgEDAqAHAgUArjROZKCCA3QwggNwMIIDHaADAgECAgomOz17AAAAADcUMAoGBiqFAwICAwUAMIHnMRswGQYJKoZIhvcNAQkBFgx1ZGNzQHVkY3MucnUxCzAJBgNVBAYTAlJVMRcwFQYDVQQIHg4EIgQ+BDwEQQQ6BDAETzETMBEGA1UEBx4KBCIEPgQ8BEEEOjFHMEUGA1UEChM+VG9tc2sgU3RhdGUgVW5pdmVyc2l0eSBvZiBDb250cm9sIFN5c3RlbXMgYW5kIFJhZGlvZWxlY3Ryb25pY3MxJzAlBgNVBAseHgQmBCIEEQAgAC0AIAQjBCYAIAQhBDgEMQQ4BEAEODEbMBkGA1UEAxMSVURDIFNpYmlyaWEgVFNVQ1NSMB4XDTExMTIwNzA0MjQwMFoXDTEyMTIwNzA0MzMwMFowHzEdMBsGA1UEAx4UAFIAQwBBAEkAUgBfAHQAZQBjAGgwYzAcBgYqhQMCAhMwEgYHKoUDAgIkAAYHKoUDAgIeAQNDAARAuAxBQSQj2WLWmfh0ccRa/lJIKMjvtbrB8beZLMQrDS93epBRN3zrFkYATBULZ3Ekh2JCVK4y3KiDq9Jq7cWuIqOCAWwwggFoMA4GA1UdDwEB/wQEAwIE8DAwBgNVHSUEKTAnBggrBgEFBQcDBAYIKoUDAxMCBQIGByqFAwICIgYGCCsGAQUFBwMCMB0GA1UdDgQWBBT+Fn73/1O3/3hyRSFNZpskwJ6CpDAfBgNVHSMEGDAWgBS5HoqA2GbajuQfKIxAWIxc6tbnIjBaBgNVHR8EUzBRME+gTaBLhiNodHRwOi8vd3d3LnVkY3MucnUvY2VydHNydi91ZGNzLmNybIYkaHR0cDovL3d3dzIudWRjcy5ydS9jZXJ0c3J2L3VkY3MuY3JsMHEGCCsGAQUFBwEBBGUwYzAvBggrBgEFBQcwAoYjaHR0cDovL3d3dy51ZGNzLnJ1L2NlcnRzcnYvdWRjcy5jZXIwMAYIKwYBBQUHMAKGJGh0dHA6Ly93d3cyLnVkY3MucnUvY2VydHNydi91ZGNzLmNlcjAVBgNVHSAEDjAMMAoGCCqFAwMTAgUBMAoGBiqFAwICAwUAA0EAsJZV1hVM9Iu2KNZ3q60YL+u2XSYa9TdSPJocLaNsWi8PDJGnHXcGx6ptyzEED5o1pt4fZa4RAyKuFW3uWlXiMzGCAVowggFWAgEBMIH2MIHnMRswGQYJKoZIhvcNAQkBFgx1ZGNzQHVkY3MucnUxCzAJBgNVBAYTAlJVMRcwFQYDVQQIHg4EIgQ+BDwEQQQ6BDAETzETMBEGA1UEBx4KBCIEPgQ8BEEEOjFHMEUGA1UEChM+VG9tc2sgU3RhdGUgVW5pdmVyc2l0eSBvZiBDb250cm9sIFN5c3RlbXMgYW5kIFJhZGlvZWxlY3Ryb25pY3MxJzAlBgNVBAseHgQmBCIEEQAgAC0AIAQjBCYAIAQhBDgEMQQ4BEAEODEbMBkGA1UEAxMSVURDIFNpYmlyaWEgVFNVQ1NSAgomOz17AAAAADcUMAoGBiqFAwICCQUAMAoGBiqFAwICEwUABEAk1zo3ySf6aEM4r58ECqQckUfZIdKXX6+eZusE2pNLcpL9u+x4igzroaZ29u3Tan1t//ehxYk4TFGJ9GCyWkG9";
-    private static final String RESPONSE_VPKC_TOMSK = "MIIhoQYJKoZIhvcNAQcCoIIhkjCCIY4CAQMxDDAKBgYqhQMCAgkFADCCFzkGCyqGSIb3DQEJEAEIoIIXKASCFyQwghcgMAoKAQMCBQDT+FBRMDUwEQYGKoUDAgIJBgcqhQMCAh4BBCD9l6MZHJXSrXM8Eavg5q6wga+HNRd/UPawjCnTqv6N5wICGHEYDzIwMTIxMjA0MDQwNzUzWqADAgEAo4IWvzCCFrugggQYMIIDxaADAgECAgpM4Pr3AAAAADzQMAoGBiqFAwICAwUAMIHnMRswGQYJKoZIhvcNAQkBFgx1ZGNzQHVkY3MucnUxCzAJBgNVBAYTAlJVMRcwFQYDVQQIHg4EIgQ+BDwEQQQ6BDAETzETMBEGA1UEBx4KBCIEPgQ8BEEEOjFHMEUGA1UEChM+VG9tc2sgU3RhdGUgVW5pdmVyc2l0eSBvZiBDb250cm9sIFN5c3RlbXMgYW5kIFJhZGlvZWxlY3Ryb25pY3MxJzAlBgNVBAseHgQmBCIEEQAgAC0AIAQjBCYAIAQhBDgEMQQ4BEAEODEbMBkGA1UEAxMSVURDIFNpYmlyaWEgVFNVQ1NSMB4XDTEyMTExMjAzMjgwMFoXDTEzMDMwMzA2MTkwMFowgdExKDAmBgkqhkiG9w0BCQEWGXRlc3RfdWRjc0BjdGIucmsudHVzdXIucnUxCzAJBgNVBAYTAlJVMRMwEQYDVQQHDArQotC+0LzRgdC6MT0wOwYDVQQKDDTQo9C00L7RgdGC0L7QstC10YDRj9GO0YnQuNC5INCm0LXQvdGC0YAg0KHQuNCx0LjRgNC4MUQwQgYDVQQDDDvQotC10YHRgtC+0LLRi9C5INCf0L7Qu9GM0LfQvtCy0LDRgtC10LvRjCDQo9CmINCh0LjQsdC40YDQuDBjMBwGBiqFAwICEzASBgcqhQMCAiQABgcqhQMCAh4BA0MABEBHTUfk8hd5xSwiSdDAe6INFLLmTi417Mp7vMRNZ+E9v0GbT52PMmQRzXe3Yh4zAsddU6Vr3WAWhJuF9ZFinTtYo4IBYTCCAV0wDgYDVR0PAQH/BAQDAgTwMCYGA1UdJQQfMB0GCCsGAQUFBwMEBgcqhQMCAiIGBggrBgEFBQcDAjAdBgNVHQ4EFgQU4lVNKJH/OqQ5TQe0FxHUC1fYJT0wHwYDVR0jBBgwFoAUuR6KgNhm2o7kHyiMQFiMXOrW5yIwWgYDVR0fBFMwUTBPoE2gS4YjaHR0cDovL3d3dy51ZGNzLnJ1L2NlcnRzcnYvdWRjcy5jcmyGJGh0dHA6Ly93d3cyLnVkY3MucnUvY2VydHNydi91ZGNzLmNybDBxBggrBgEFBQcBAQRlMGMwLwYIKwYBBQUHMAKGI2h0dHA6Ly93d3cudWRjcy5ydS9jZXJ0c3J2L3VkY3MuY2VyMDAGCCsGAQUFBzAChiRodHRwOi8vd3d3Mi51ZGNzLnJ1L2NlcnRzcnYvdWRjcy5jZXIwFAYDVR0gBA0wCzAJBgcqhQMDEwIEMAoGBiqFAwICAwUAA0EAEYnD+gc8ebRpF2YpbwsdwhMI7uwDQGsDHNlCVXRRKZkZLlUo8KCel2g9BuxbjKefFOK8N+HxkAkZwpVn2SIP9DCCEpukghKSMIISPwIBATAKBgYqhQMCAgMFADCB5zEbMBkGCSqGSIb3DQEJARYMdWRjc0B1ZGNzLnJ1MQswCQYDVQQGEwJSVTEXMBUGA1UECB4OBCIEPgQ8BEEEOgQwBE8xEzARBgNVBAceCgQiBD4EPARBBDoxRzBFBgNVBAoTPlRvbXNrIFN0YXRlIFVuaXZlcnNpdHkgb2YgQ29udHJvbCBTeXN0ZW1zIGFuZCBSYWRpb2VsZWN0cm9uaWNzMScwJQYDVQQLHh4EJgQiBBEAIAAtACAEIwQmACAEIQQ4BDEEOARABDgxGzAZBgNVBAMTElVEQyBTaWJpcmlhIFRTVUNTUhcNMTIxMjAzMjMxNDQyWhcNMTIxMjA0MTEzNDQyWjCCEMIwKQIKY9ERPQAAAAA39BcNMTIwNTI5MDU0MTQyWjAMMAoGA1UdFQQDCgEFMCkCClMQVqAAAAAAPJ0XDTEyMDUwNDA2NDAwN1owDDAKBgNVHRUEAwoBBTApAgpzVc4NAAAAADhZFw0xMjA1MDIwNTM4MDdaMAwwCgYDVR0VBAMKAQUwKQIKSug0MAAAAAA3rBcNMTIwNDA1MTAwMTA4WjAMMAoGA1UdFQQDCgEFMCkCClm0GYoAAAAAPLAXDTEyMDMwMjA4MTY1OVowDDAKBgNVHRUEAwoBBjApAgoYJJymAAAAADiyFw0xMjAzMDEwODQ4MzdaMAwwCgYDVR0VBAMKAQUwKQIKber2EgAAAAA4JBcNMTIwMjI3MTEwNDMzWjAMMAoGA1UdFQQDCgEFMBsCCjnR3koAAAAAPIcXDTEyMDIyNDA1MzQzMlowKQIKRET0xAAAAAA7oRcNMTIwMjIyMDczNjUxWjAMMAoGA1UdFQQDCgEGMCkCCkNiUHEAAAAAO44XDTEyMDIxNzAzNDMzOVowDDAKBgNVHRUEAwoBBjApAgpDGzBQAAAAADuCFw0xMjAyMTcwMzM5NTNaMAwwCgYDVR0VBAMKAQYwKQIKZDO2iQAAAAA3/BcNMTIwMjE3MDI1OTU5WjAMMAoGA1UdFQQDCgEGMBsCChxb9AQAAAAAPEsXDTEyMDIxNjA5NDkxMFowKQIKHPY0WgAAAAA29RcNMTIwMjE2MDg1NzI2WjAMMAoGA1UdFQQDCgEGMCkCCm2GTwEAAAAAPAQXDTEyMDIxNDA5MDk1N1owDDAKBgNVHRUEAwoBBjAbAgoWLVhPAAAAADwsFw0xMjAyMTQwNzQ3MjNaMBsCChbo/oUAAAAAPDEXDTEyMDIxNDA3NDcwOVowKQIKcsSY7AAAAAA8GRcNMTIwMjEwMTAwMTU5WjAMMAoGA1UdFQQDCgEGMCkCChT6NkoAAAAAOt4XDTEyMDIwNjEwMTM0NFowDDAKBgNVHRUEAwoBBjApAgpDGCUzAAAAADuBFw0xMjAyMDYwNDI5MTdaMAwwCgYDVR0VBAMKAQYwKQIKQxUI/wAAAAA7gBcNMTIwMjA2MDI1MjA1WjAMMAoGA1UdFQQDCgEGMCkCCkMSDtkAAAAAO38XDTEyMDIwNjAyNDYwMVowDDAKBgNVHRUEAwoBBjApAgpDDnP/AAAAADt+Fw0xMjAyMDYwMjQyMjZaMAwwCgYDVR0VBAMKAQYwKQIKQwYdSwAAAAA7fBcNMTIwMjAzMDUxMDI2WjAMMAoGA1UdFQQDCgEGMCkCCkL++I8AAAAAO3oXDTEyMDIwMjEwMjQ1NlowDDAKBgNVHRUEAwoBBjApAgpDCsDbAAAAADt9Fw0xMjAyMDEwNzIxMjZaMAwwCgYDVR0VBAMKAQYwKQIKQwK02wAAAAA7excNMTIwMjAxMDMyNjU0WjAMMAoGA1UdFQQDCgEGMCkCCj3Mu7oAAAAAO2MXDTEyMDEzMTAzMTAwMVowDDAKBgNVHRUEAwoBBjApAgoqQD8LAAAAADsyFw0xMjAxMzAwODQ5MjJaMAwwCgYDVR0VBAMKAQYwKQIKOWQy4QAAAAA7QxcNMTIwMTMwMDYzNzA1WjAMMAoGA1UdFQQDCgEGMCkCCknsIyMAAAAAN6IXDTEyMDEzMDA1NTIzOVowDDAKBgNVHRUEAwoBBjApAgpgtCuYAAAAADmsFw0xMjAxMjcwNzU5NTRaMAwwCgYDVR0VBAMKAQYwGwIKJVQHUgAAAAA7HBcNMTIwMTI2MTA1ODEwWjApAgphN+VDAAAAADq3Fw0xMjAxMjYwNDQwNDNaMAwwCgYDVR0VBAMKAQYwKQIKYS3NlgAAAAA6thcNMTIwMTI2MDQzNTE5WjAMMAoGA1UdFQQDCgEGMCkCCmDDA5UAAAAAOa4XDTEyMDEyNjA0MjYyNlowDDAKBgNVHRUEAwoBBjAbAgokOfuWAAAAADsCFw0xMjAxMjYwNDEwNTVaMCkCCjCuCiMAAAAAN20XDTEyMDEyNTEwMTkzMFowDDAKBgNVHRUEAwoBBjApAgor/6fDAAAAADdWFw0xMjAxMjUxMDA0MjdaMAwwCgYDVR0VBAMKAQYwKQIKG7cchQAAAAA6JhcNMTIwMTI1MTAwMTUxWjAMMAoGA1UdFQQDCgEGMCkCCivPIFwAAAAANzsXDTEyMDEyNTEwMDEwMlowDDAKBgNVHRUEAwoBBjApAgor8Dn+AAAAADdLFw0xMjAxMjUxMDAwMTlaMAwwCgYDVR0VBAMKAQYwKQIKHwmcLgAAAAA6dxcNMTIwMTI1MDk1OTQwWjAMMAoGA1UdFQQDCgEGMCkCCivHoyAAAAAANzYXDTEyMDEyNTA5NTkwMFowDDAKBgNVHRUEAwoBBjApAgor+9gdAAAAADdTFw0xMjAxMjUwOTU4MzhaMAwwCgYDVR0VBAMKAQYwKQIKK9SEuwAAAAA3PRcNMTIwMTI1MDk1ODE1WjAMMAoGA1UdFQQDCgEGMCkCCiv0m4QAAAAAN04XDTEyMDEyNTA5NTc1M1owDDAKBgNVHRUEAwoBBjApAgosANWVAAAAADdXFw0xMjAxMjUwOTU3MDNaMAwwCgYDVR0VBAMKAQYwKQIKK7wKAgAAAAA3MBcNMTIwMTI1MDk1NjAxWjAMMAoGA1UdFQQDCgEGMCkCCivrl5gAAAAAN0gXDTEyMDEyNTA5NTUzNVowDDAKBgNVHRUEAwoBBjApAgor2rWiAAAAADdBFw0xMjAxMjUwOTU0MTVaMAwwCgYDVR0VBAMKAQYwKQIKLAkPigAAAAA3WRcNMTIwMTI1MDk1MzMwWjAMMAoGA1UdFQQDCgEGMCkCCiv3lhYAAAAAN1AXDTEyMDEyNTA5NTIxMlowDDAKBgNVHRUEAwoBBjApAgor7rNPAAAAADdKFw0xMjAxMjUwOTUxMDhaMAwwCgYDVR0VBAMKAQYwKQIKK/Z1sgAAAAA3TxcNMTIwMTI1MDk1MDQyWjAMMAoGA1UdFQQDCgEGMCkCCivWDJQAAAAANz4XDTEyMDEyNTA5NDkyNFowDDAKBgNVHRUEAwoBBjApAgor15vfAAAAADc/Fw0xMjAxMjUwOTAxMDhaMAwwCgYDVR0VBAMKAQYwKQIKK/1MTwAAAAA3VBcNMTIwMTI1MDkwMDQzWjAMMAoGA1UdFQQDCgEGMCkCCm8dIG0AAAAAOEkXDTEyMDEyNTA4NTcwNFowDDAKBgNVHRUEAwoBBjApAgor+TrOAAAAADdRFw0xMjAxMjUwODU0NDhaMAwwCgYDVR0VBAMKAQYwKQIKK91HCwAAAAA3QxcNMTIwMTI1MDg1NDE2WjAMMAoGA1UdFQQDCgEGMCkCCivhXOEAAAAAN0YXDTEyMDEyNTA4NTEyNFowDDAKBgNVHRUEAwoBBjApAgor3oavAAAAADdEFw0xMjAxMjUwODUwNTFaMAwwCgYDVR0VBAMKAQYwKQIKK/qgKgAAAAA3UhcNMTIwMTI1MDg1MDIzWjAMMAoGA1UdFQQDCgEGMCkCCivInW4AAAAANzcXDTEyMDEyNTA4NDk1NVowDDAKBgNVHRUEAwoBBjApAgor2NfKAAAAADdAFw0xMjAxMjUwODQ5MjlaMAwwCgYDVR0VBAMKAQYwKQIKK9FDTAAAAAA3PBcNMTIwMTI1MDg0OTA1WjAMMAoGA1UdFQQDCgEGMCkCCivKj7gAAAAANzgXDTEyMDEyNTA4NDg0MlowDDAKBgNVHRUEAwoBBjApAgob10E4AAAAADorFw0xMjAxMjUwODQ3MzBaMAwwCgYDVR0VBAMKAQYwKQIKG8RtwwAAAAA6JxcNMTIwMTI1MDg0NDUyWjAMMAoGA1UdFQQDCgEGMCkCCjGytWcAAAAAN3AXDTEyMDEyNTA4NDMxMFowDDAKBgNVHRUEAwoBBjApAgoeuuXKAAAAADpqFw0xMjAxMjMwODQ0MTVaMAwwCgYDVR0VBAMKAQYwKQIKFlB0AwAAAAA6zRcNMTIwMTIwMDgzNjEyWjAMMAoGA1UdFQQDCgEGMBsCChEz1ZoAAAAAOsAXDTEyMDExOTA4NTg1M1owGwIKVOxrrAAAAAA5HxcNMTIwMTE5MDg0NzI0WjApAgpWLsAnAAAAADk9Fw0xMjAxMTkwODA4NDFaMAwwCgYDVR0VBAMKAQYwKQIKE+YW2gAAAAA6jRcNMTIwMTE3MDgzNDEzWjAMMAoGA1UdFQQDCgEGMCkCCivgIWMAAAAAN0UXDTEyMDExNjA5NTIzNFowDDAKBgNVHRUEAwoBBjApAgorvndoAAAAADcxFw0xMjAxMTYwNzU4MzhaMAwwCgYDVR0VBAMKAQYwKQIKK/GkqgAAAAA3TBcNMTIwMTE2MDc1NDAzWjAMMAoGA1UdFQQDCgEGMBsCCh3sMrEAAAAAOksXDTEyMDExNjA0NDgxNFowKQIKG/ZSaAAAAAA6MhcNMTIwMTE1MTkzMjUzWjAMMAoGA1UdFQQDCgEGMCkCCivD4PcAAAAANzMXDTEyMDExNTE4MTQzMVowDDAKBgNVHRUEAwoBBjApAgphBr7eAAAAADnkFw0xMjAxMTMwOTE4MjlaMAwwCgYDVR0VBAMKAQYwKQIKVcRrawAAAAA36BcNMTIwMTEzMDIyNDAwWjAMMAoGA1UdFQQDCgEGMCkCClr+ASQAAAAAOWcXDTEyMDExMTA2NTgxMVowDDAKBgNVHRUEAwoBBjApAgohQuc4AAAAADcFFw0xMjAxMTEwNTUwMDFaMAwwCgYDVR0VBAMKAQYwGwIKVovg+QAAAAA5RBcNMTIwMTEwMTAyMDI0WjAbAgoSlRTAAAAAADjlFw0xMTEyMzAwNjIwMzRaMBsCChKowuUAAAAAOOYXDTExMTIzMDA2MTkzMFowGwIKF1KCJAAAAAA5ChcNMTExMjI5MDMzNzM3WjApAgoTN65cAAAAADjtFw0xMTEyMjkwMzE1MjJaMAwwCgYDVR0VBAMKAQYwKQIKHku/ZAAAAAA40xcNMTExMjI3MDk0MzAxWjAMMAoGA1UdFQQDCgEEMCkCCh5IkncAAAAAONIXDTExMTIyNzA5NDIwM1owDDAKBgNVHRUEAwoBBDApAgp5B70xAAAAADiPFw0xMTEyMjMwNjI2MDFaMAwwCgYDVR0VBAMKAQYwKQIKKxMM5gAAAAA3IRcNMTExMjIxMDgyOTU0WjAMMAoGA1UdFQQDCgEGMCkCCivB5A4AAAAANzIXDTExMTIyMTA0NTcwN1owDDAKBgNVHRUEAwoBBjApAgpp1jH9AAAAADgaFw0xMTEyMjAwNzQzMDRaMAwwCgYDVR0VBAMKAQYwKQIKQGK3qAAAAAA3excNMTExMjEyMDYyNzM4WjAMMAoGA1UdFQQDCgEEMCkCCjHUWwwAAAAAN3EXDTExMTIxMjA0MzczM1owDDAKBgNVHRUEAwoBBjApAgowaQhuAAAAADdqFw0xMTEyMDkwNDAzMzhaMAwwCgYDVR0VBAMKAQQwKQIKLAIhfQAAAAA3WBcNMTExMjA4MDcyOTA1WjAMMAoGA1UdFQQDCgEEMCkCCitrXO8AAAAANysXDTExMTIwODA1MzIyMVowDDAKBgNVHRUEAwoBBDApAgoh0ZweAAAAADcJFw0xMTEyMDYwNzU5NTdaMAwwCgYDVR0VBAMKAQagYDBeMB8GA1UdIwQYMBaAFLkeioDYZtqO5B8ojEBYjFzq1uciMBAGCSsGAQQBgjcVAQQDAgEAMAsGA1UdFAQEAgIJ4DAcBgkrBgEEAYI3FQQEDxcNMTIxMjA0MDUyNDQyWjAKBgYqhQMCAgMFAANBAG2cPM2e+xfFuw+OpA+vYvnHpXZdFj4nCvyZivcB1/mE9a9JS5Y9p2R2ONLD4lLVwuAOp13otcGkBfaS0gaWGzqiAwIBAKCCCI8wggQYMIIDxaADAgECAgpM4Pr3AAAAADzQMAoGBiqFAwICAwUAMIHnMRswGQYJKoZIhvcNAQkBFgx1ZGNzQHVkY3MucnUxCzAJBgNVBAYTAlJVMRcwFQYDVQQIHg4EIgQ+BDwEQQQ6BDAETzETMBEGA1UEBx4KBCIEPgQ8BEEEOjFHMEUGA1UEChM+VG9tc2sgU3RhdGUgVW5pdmVyc2l0eSBvZiBDb250cm9sIFN5c3RlbXMgYW5kIFJhZGlvZWxlY3Ryb25pY3MxJzAlBgNVBAseHgQmBCIEEQAgAC0AIAQjBCYAIAQhBDgEMQQ4BEAEODEbMBkGA1UEAxMSVURDIFNpYmlyaWEgVFNVQ1NSMB4XDTEyMTExMjAzMjgwMFoXDTEzMDMwMzA2MTkwMFowgdExKDAmBgkqhkiG9w0BCQEWGXRlc3RfdWRjc0BjdGIucmsudHVzdXIucnUxCzAJBgNVBAYTAlJVMRMwEQYDVQQHDArQotC+0LzRgdC6MT0wOwYDVQQKDDTQo9C00L7RgdGC0L7QstC10YDRj9GO0YnQuNC5INCm0LXQvdGC0YAg0KHQuNCx0LjRgNC4MUQwQgYDVQQDDDvQotC10YHRgtC+0LLRi9C5INCf0L7Qu9GM0LfQvtCy0LDRgtC10LvRjCDQo9CmINCh0LjQsdC40YDQuDBjMBwGBiqFAwICEzASBgcqhQMCAiQABgcqhQMCAh4BA0MABEBHTUfk8hd5xSwiSdDAe6INFLLmTi417Mp7vMRNZ+E9v0GbT52PMmQRzXe3Yh4zAsddU6Vr3WAWhJuF9ZFinTtYo4IBYTCCAV0wDgYDVR0PAQH/BAQDAgTwMCYGA1UdJQQfMB0GCCsGAQUFBwMEBgcqhQMCAiIGBggrBgEFBQcDAjAdBgNVHQ4EFgQU4lVNKJH/OqQ5TQe0FxHUC1fYJT0wHwYDVR0jBBgwFoAUuR6KgNhm2o7kHyiMQFiMXOrW5yIwWgYDVR0fBFMwUTBPoE2gS4YjaHR0cDovL3d3dy51ZGNzLnJ1L2NlcnRzcnYvdWRjcy5jcmyGJGh0dHA6Ly93d3cyLnVkY3MucnUvY2VydHNydi91ZGNzLmNybDBxBggrBgEFBQcBAQRlMGMwLwYIKwYBBQUHMAKGI2h0dHA6Ly93d3cudWRjcy5ydS9jZXJ0c3J2L3VkY3MuY2VyMDAGCCsGAQUFBzAChiRodHRwOi8vd3d3Mi51ZGNzLnJ1L2NlcnRzcnYvdWRjcy5jZXIwFAYDVR0gBA0wCzAJBgcqhQMDEwIEMAoGBiqFAwICAwUAA0EAEYnD+gc8ebRpF2YpbwsdwhMI7uwDQGsDHNlCVXRRKZkZLlUo8KCel2g9BuxbjKefFOK8N+HxkAkZwpVn2SIP9DCCBG8wggQcoAMCAQICCjBVmIkAAAAANVowCgYGKoUDAgIDBQAwgecxGzAZBgkqhkiG9w0BCQEWDHVkY3NAdWRjcy5ydTELMAkGA1UEBhMCUlUxFzAVBgNVBAgeDgQiBD4EPARBBDoEMARPMRMwEQYDVQQHHgoEIgQ+BDwEQQQ6MUcwRQYDVQQKEz5Ub21zayBTdGF0ZSBVbml2ZXJzaXR5IG9mIENvbnRyb2wgU3lzdGVtcyBhbmQgUmFkaW9lbGVjdHJvbmljczEnMCUGA1UECx4eBCYEIgQRACAALQAgBCMEJgAgBCEEOAQxBDgEQAQ4MRswGQYDVQQDExJVREMgU2liaXJpYSBUU1VDU1IwHhcNMTExMDIwMTAyNzAwWhcNMTMwMTIwMTAzNjAwWjCCATgxCzAJBgNVBAYTAlJVMRMwEQYDVQQHHgoEIgQeBBwEIQQaMUMwQQYDVQQKHjoEEAQ0BDwEOAQ9BDgEQQRCBEAEMARGBDgETwAgBCIEPgQ8BEEEOgQ+BDkAIAQ+BDEEOwQwBEEEQgQ4MYGBMH8GA1UECx54BBoEPgQ8BDgEQgQ1BEIAIAQ4BD0ERAQ+BEAEPAQwBEIEOAQ3BDAERgQ4BDgAIAQ4ACAEQQQyBE8ENwQ4ACAEEAQ0BDwEOAQ9BDgEQQRCBEAEMARGBDgEOAAgBCIEPgQ8BEEEOgQ+BDkAIAQ+BDEEOwQwBEEEQgQ4MUswSQYDVQQDHkIELQQbBBUEGgQiBCAEHgQdBB0EKwQZACAEHQQeBCIEEAQgBBgEEAQiACAAKABEAFYAQwBTACwAIABPAEMAUwBQACkwYzAcBgYqhQMCAhMwEgYHKoUDAgIkAAYHKoUDAgIeAQNDAARAijmkemSx9EYvcgxb7/O1AHd5r4mH6V6L97UyX/GGg9geywTqm/sPuq/wuVicW82f/f7huHHlIlUf5ejTwpH53aOCAVAwggFMMB0GA1UdJQQWMBQGCCsGAQUFBwMJBggrBgEFBQcDCjALBgNVHQ8EBAMCBsAwDwYJKwYBBQUHMAEFBAIFADAdBgNVHQ4EFgQUX5qI5TV4fjSwaGkElbHRedmg2NgwHwYDVR0jBBgwFoAUuR6KgNhm2o7kHyiMQFiMXOrW5yIwWgYDVR0fBFMwUTBPoE2gS4YjaHR0cDovL3d3dy51ZGNzLnJ1L2NlcnRzcnYvdWRjcy5jcmyGJGh0dHA6Ly93d3cyLnVkY3MucnUvY2VydHNydi91ZGNzLmNybDBxBggrBgEFBQcBAQRlMGMwLwYIKwYBBQUHMAKGI2h0dHA6Ly93d3cudWRjcy5ydS9jZXJ0c3J2L3VkY3MuY2VyMDAGCCsGAQUFBzAChiRodHRwOi8vd3d3Mi51ZGNzLnJ1L2NlcnRzcnYvdWRjcy5jZXIwCgYGKoUDAgIDBQADQQAw+l6X2T9zF2FtGiTvssRq0RGNaJ9d9P07qSt+gJ9gnveOnD4o8pVqCM+IgXfUrmh9IHRJ+u2LnhkDo8bUbOpIMYIBqTCCAaUCAQEwgfYwgecxGzAZBgkqhkiG9w0BCQEWDHVkY3NAdWRjcy5ydTELMAkGA1UEBhMCUlUxFzAVBgNVBAgeDgQiBD4EPARBBDoEMARPMRMwEQYDVQQHHgoEIgQ+BDwEQQQ6MUcwRQYDVQQKEz5Ub21zayBTdGF0ZSBVbml2ZXJzaXR5IG9mIENvbnRyb2wgU3lzdGVtcyBhbmQgUmFkaW9lbGVjdHJvbmljczEnMCUGA1UECx4eBCYEIgQRACAALQAgBCMEJgAgBCEEOAQxBDgEQAQ4MRswGQYDVQQDExJVREMgU2liaXJpYSBUU1VDU1ICCjBVmIkAAAAANVowCgYGKoUDAgIJBQCgTTAvBgkqhkiG9w0BCQQxIgQg4BFH+uPjI3T5F7Tr2QodH7RYWZYVWLtqaJMvXB44iy0wGgYJKoZIhvcNAQkDMQ0GCyqGSIb3DQEJEAEIMAoGBiqFAwICEwUABEB+KdP1VDfB3CM6cVHW2KodvfW8NilYhJ8aq6mMKSHRoZ94KCNBI3OfZvBVFCnIPeGSGmnTwHPVXbih/PFnUcp8";
-    private static final String REQUEST_CCPD_TOMSK = "MIIFagYJKoZIhvcNAQcCoIIFWzCCBVcCAQMxDDAKBgYqhQMCAgkFADBuBgsqhkiG9w0BCRABB6BfBF0wWzAKCgEEAgUAwDELHDA1MBEGBiqFAwICCQYHKoUDAgIeAQQgvrgCrtSqJuzWwWE7XelQv0cB71ehcXkh/Oikezqvl1agFgYLKoUDAhUBAQIBAwKgBwIFAJ7ldeKgggN0MIIDcDCCAx2gAwIBAgIKJjs9ewAAAAA3FDAKBgYqhQMCAgMFADCB5zEbMBkGCSqGSIb3DQEJARYMdWRjc0B1ZGNzLnJ1MQswCQYDVQQGEwJSVTEXMBUGA1UECB4OBCIEPgQ8BEEEOgQwBE8xEzARBgNVBAceCgQiBD4EPARBBDoxRzBFBgNVBAoTPlRvbXNrIFN0YXRlIFVuaXZlcnNpdHkgb2YgQ29udHJvbCBTeXN0ZW1zIGFuZCBSYWRpb2VsZWN0cm9uaWNzMScwJQYDVQQLHh4EJgQiBBEAIAAtACAEIwQmACAEIQQ4BDEEOARABDgxGzAZBgNVBAMTElVEQyBTaWJpcmlhIFRTVUNTUjAeFw0xMTEyMDcwNDI0MDBaFw0xMjEyMDcwNDMzMDBaMB8xHTAbBgNVBAMeFABSAEMAQQBJAFIAXwB0AGUAYwBoMGMwHAYGKoUDAgITMBIGByqFAwICJAAGByqFAwICHgEDQwAEQLgMQUEkI9li1pn4dHHEWv5SSCjI77W6wfG3mSzEKw0vd3qQUTd86xZGAEwVC2dxJIdiQlSuMtyog6vSau3FriKjggFsMIIBaDAOBgNVHQ8BAf8EBAMCBPAwMAYDVR0lBCkwJwYIKwYBBQUHAwQGCCqFAwMTAgUCBgcqhQMCAiIGBggrBgEFBQcDAjAdBgNVHQ4EFgQU/hZ+9/9Tt/94ckUhTWabJMCegqQwHwYDVR0jBBgwFoAUuR6KgNhm2o7kHyiMQFiMXOrW5yIwWgYDVR0fBFMwUTBPoE2gS4YjaHR0cDovL3d3dy51ZGNzLnJ1L2NlcnRzcnYvdWRjcy5jcmyGJGh0dHA6Ly93d3cyLnVkY3MucnUvY2VydHNydi91ZGNzLmNybDBxBggrBgEFBQcBAQRlMGMwLwYIKwYBBQUHMAKGI2h0dHA6Ly93d3cudWRjcy5ydS9jZXJ0c3J2L3VkY3MuY2VyMDAGCCsGAQUFBzAChiRodHRwOi8vd3d3Mi51ZGNzLnJ1L2NlcnRzcnYvdWRjcy5jZXIwFQYDVR0gBA4wDDAKBggqhQMDEwIFATAKBgYqhQMCAgMFAANBALCWVdYVTPSLtijWd6utGC/rtl0mGvU3UjyaHC2jbFovDwyRpx13BseqbcsxBA+aNabeH2WuEQMirhVt7lpV4jMxggFaMIIBVgIBATCB9jCB5zEbMBkGCSqGSIb3DQEJARYMdWRjc0B1ZGNzLnJ1MQswCQYDVQQGEwJSVTEXMBUGA1UECB4OBCIEPgQ8BEEEOgQwBE8xEzARBgNVBAceCgQiBD4EPARBBDoxRzBFBgNVBAoTPlRvbXNrIFN0YXRlIFVuaXZlcnNpdHkgb2YgQ29udHJvbCBTeXN0ZW1zIGFuZCBSYWRpb2VsZWN0cm9uaWNzMScwJQYDVQQLHh4EJgQiBBEAIAAtACAEIwQmACAEIQQ4BDEEOARABDgxGzAZBgNVBAMTElVEQyBTaWJpcmlhIFRTVUNTUgIKJjs9ewAAAAA3FDAKBgYqhQMCAgkFADAKBgYqhQMCAhMFAARAl0/LMiXMPCJIkAgCI6x3/8wPBDTR8P5GGs40Xzbz1rdvxcBTPEsyp8kNYMzxmQNegTOFemy15KKnQq8e4Fja6w==";
-    private static final String RESPONSE_CCPD_TOMSK = "MIIGugYJKoZIhvcNAQcCoIIGqzCCBqcCAQMxDDAKBgYqhQMCAgkFADBwBgsqhkiG9w0BCRABCKBhBF8wXTAKCgEEAgUAwDELHDA1MBEGBiqFAwICCQYHKoUDAgIeAQQgvrgCrtSqJuzWwWE7XelQv0cB71ehcXkh/Oikezqvl1YCAhhwGA8yMDEyMTIwNDA0MDY0M1qgAwIBAKCCBHMwggRvMIIEHKADAgECAgowVZiJAAAAADVaMAoGBiqFAwICAwUAMIHnMRswGQYJKoZIhvcNAQkBFgx1ZGNzQHVkY3MucnUxCzAJBgNVBAYTAlJVMRcwFQYDVQQIHg4EIgQ+BDwEQQQ6BDAETzETMBEGA1UEBx4KBCIEPgQ8BEEEOjFHMEUGA1UEChM+VG9tc2sgU3RhdGUgVW5pdmVyc2l0eSBvZiBDb250cm9sIFN5c3RlbXMgYW5kIFJhZGlvZWxlY3Ryb25pY3MxJzAlBgNVBAseHgQmBCIEEQAgAC0AIAQjBCYAIAQhBDgEMQQ4BEAEODEbMBkGA1UEAxMSVURDIFNpYmlyaWEgVFNVQ1NSMB4XDTExMTAyMDEwMjcwMFoXDTEzMDEyMDEwMzYwMFowggE4MQswCQYDVQQGEwJSVTETMBEGA1UEBx4KBCIEHgQcBCEEGjFDMEEGA1UECh46BBAENAQ8BDgEPQQ4BEEEQgRABDAERgQ4BE8AIAQiBD4EPARBBDoEPgQ5ACAEPgQxBDsEMARBBEIEODGBgTB/BgNVBAseeAQaBD4EPAQ4BEIENQRCACAEOAQ9BEQEPgRABDwEMARCBDgENwQwBEYEOAQ4ACAEOAAgBEEEMgRPBDcEOAAgBBAENAQ8BDgEPQQ4BEEEQgRABDAERgQ4BDgAIAQiBD4EPARBBDoEPgQ5ACAEPgQxBDsEMARBBEIEODFLMEkGA1UEAx5CBC0EGwQVBBoEIgQgBB4EHQQdBCsEGQAgBB0EHgQiBBAEIAQYBBAEIgAgACgARABWAEMAUwAsACAATwBDAFMAUAApMGMwHAYGKoUDAgITMBIGByqFAwICJAAGByqFAwICHgEDQwAEQIo5pHpksfRGL3IMW+/ztQB3ea+Jh+lei/e1Ml/xhoPYHssE6pv7D7qv8LlYnFvNn/3+4bhx5SJVH+Xo08KR+d2jggFQMIIBTDAdBgNVHSUEFjAUBggrBgEFBQcDCQYIKwYBBQUHAwowCwYDVR0PBAQDAgbAMA8GCSsGAQUFBzABBQQCBQAwHQYDVR0OBBYEFF+aiOU1eH40sGhpBJWx0XnZoNjYMB8GA1UdIwQYMBaAFLkeioDYZtqO5B8ojEBYjFzq1uciMFoGA1UdHwRTMFEwT6BNoEuGI2h0dHA6Ly93d3cudWRjcy5ydS9jZXJ0c3J2L3VkY3MuY3JshiRodHRwOi8vd3d3Mi51ZGNzLnJ1L2NlcnRzcnYvdWRjcy5jcmwwcQYIKwYBBQUHAQEEZTBjMC8GCCsGAQUFBzAChiNodHRwOi8vd3d3LnVkY3MucnUvY2VydHNydi91ZGNzLmNlcjAwBggrBgEFBQcwAoYkaHR0cDovL3d3dzIudWRjcy5ydS9jZXJ0c3J2L3VkY3MuY2VyMAoGBiqFAwICAwUAA0EAMPpel9k/cxdhbRok77LEatERjWifXfT9O6krfoCfYJ73jpw+KPKVagjPiIF31K5ofSB0Sfrti54ZA6PG1GzqSDGCAakwggGlAgEBMIH2MIHnMRswGQYJKoZIhvcNAQkBFgx1ZGNzQHVkY3MucnUxCzAJBgNVBAYTAlJVMRcwFQYDVQQIHg4EIgQ+BDwEQQQ6BDAETzETMBEGA1UEBx4KBCIEPgQ8BEEEOjFHMEUGA1UEChM+VG9tc2sgU3RhdGUgVW5pdmVyc2l0eSBvZiBDb250cm9sIFN5c3RlbXMgYW5kIFJhZGlvZWxlY3Ryb25pY3MxJzAlBgNVBAseHgQmBCIEEQAgAC0AIAQjBCYAIAQhBDgEMQQ4BEAEODEbMBkGA1UEAxMSVURDIFNpYmlyaWEgVFNVQ1NSAgowVZiJAAAAADVaMAoGBiqFAwICCQUAoE0wLwYJKoZIhvcNAQkEMSIEINO9R6CnEfi/gJi+AWp3FDKG0HZ5Fq94JvwCoRpXze93MBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRABCDAKBgYqhQMCAhMFAARAIVnBio5IT1m+Dkzxktb9BRoElW5au5SO8T/+wGXnWD86CsBF25F5jvN6a2l83XzD0YDrC0wuMsY/dyThotWwvw==";
-    // expected info initialization:
-    private static final DVCSRequest REQ_CCPD_CLEPSYDRE, REQ_CCPD_TOMSK, REQ_CPD_TOMSK, REQ_VPKC_TOMSK;
-    private static final DVCSResponse RES_CCPD_CLEPSYDRE, RES_CCPD_TOMSK, RES_CPD_TOMSK, RES_VPKC_TOMSK;
-    private static List requests = new ArrayList();
-    private static List responses = new ArrayList();
-
-    static
-    {
-        GeneralName CLEPSYDRE_REQUESTER = GeneralName.getInstance(Hex.decode("A44B3049310B3009060355040613024652310E300C0603550407130550617269733110300E060355040A13074564656C576562311830160603550403130F50657465722053796C766573746572"));
-        GeneralName CLEPSYDRE_RESPONDER = GeneralName.getInstance(Hex.decode("A4723070310B300906035504061302465231153013060355040A130C4564656C57656220532E412E31283026060355040B131F436C657073796472652044656D6F6E7374726174696F6E20536572766963653120301E0603550403131754696D65205374616D70696E6720417574686F72697479"));
-        PolicyInformation CLEPSYDRE_POLICY = new PolicyInformation(new ASN1ObjectIdentifier("1.3.6.1.4.1.5309.1.2.1"));
-
-        DVCSRequestInformationBuilder INFO_CCPD_CLEPSYDRE = new DVCSRequestInformationBuilder(ServiceType.CCPD);
-        INFO_CCPD_CLEPSYDRE.setRequester(CLEPSYDRE_REQUESTER);
-        INFO_CCPD_CLEPSYDRE.setRequestPolicy(CLEPSYDRE_POLICY);
-
-        DigestInfo DIGEST_CCPD_CLEPSYDRE = new DigestInfo(new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.3.14.3.2.26")), Hex.decode("75B685AF6F89467DE80715251E45978FCD1FA566"));
-
-        DVCSRequestInformationBuilder INFO_CCPD_CLEPSYDRE2 = new DVCSRequestInformationBuilder(ServiceType.CCPD);
-        INFO_CCPD_CLEPSYDRE2.setRequester(CLEPSYDRE_REQUESTER);
-        INFO_CCPD_CLEPSYDRE2.setRequestPolicy(CLEPSYDRE_POLICY);
-        INFO_CCPD_CLEPSYDRE2.setDVCS(CLEPSYDRE_RESPONDER);
-
-        REQ_CCPD_CLEPSYDRE = new DVCSRequest(INFO_CCPD_CLEPSYDRE.build(), new Data(DIGEST_CCPD_CLEPSYDRE));
-        RES_CCPD_CLEPSYDRE = new DVCSResponse(new DVCSCertInfo(INFO_CCPD_CLEPSYDRE2.build(), DIGEST_CCPD_CLEPSYDRE, new ASN1Integer(new BigInteger(Hex.decode("01780A1ECA8823"))), new DVCSTime(new ASN1GeneralizedTime("20000417171617Z"))));
-
-        DVCSRequestInformationBuilder INFO_CCPD_TOMSK = new DVCSRequestInformationBuilder(ServiceType.CCPD);
-        INFO_CCPD_TOMSK.setNonce(new BigInteger(Hex.decode("00C0310B1C")));
-
-        DigestInfo DIGEST_CCPD_TOMSK = new DigestInfo(new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.2.643.2.2.9"), new ASN1ObjectIdentifier("1.2.643.2.2.30.1")), Hex.decode("BEB802AED4AA26ECD6C1613B5DE950BF4701EF57A1717921FCE8A47B3AAF9756"));
-        GeneralName ID_CCPD_TOMSK = GeneralName.getInstance(Hex.decode("A016060B2A85030215010102010302A0070205009EE575E2"));
-
-        REQ_CCPD_TOMSK = new DVCSRequest(INFO_CCPD_TOMSK.build(), new Data(DIGEST_CCPD_TOMSK), ID_CCPD_TOMSK);
-
-        DVCSCertInfoBuilder certInfoBldr = new DVCSCertInfoBuilder(INFO_CCPD_TOMSK.build(), DIGEST_CCPD_TOMSK, new ASN1Integer(6256), new DVCSTime(new ASN1GeneralizedTime("20121204040643Z")));
-        certInfoBldr.setDvStatus(new PKIStatusInfo(PKIStatus.granted));
-        RES_CCPD_TOMSK = new DVCSResponse(certInfoBldr.build());
-
-
-        DVCSRequestInformationBuilder INFO_CPD_TOMSK = new DVCSRequestInformationBuilder(ServiceType.CPD);
-        INFO_CPD_TOMSK.setNonce(new BigInteger("234303415"));
-
-        DVCSRequestInformationBuilder INFO_CPD_TOMSK2 = new DVCSRequestInformationBuilder(ServiceType.CPD);
-        INFO_CPD_TOMSK2.setNonce(new BigInteger("1957381177"));
-
-        String CPD_DATA_TOMSK = "30820418308203C5A003020102020A4CE0FAF7000000003CD0300A06062A850302020305003081E7311B301906092A864886F70D010901160C7564637340756463732E7275310B30090603550406130252553117301506035504081E0E0422043E043C0441043A0430044F3113301106035504071E0A0422043E043C0441043A31473045060355040A133E546F6D736B20537461746520556E6976657273697479206F6620436F6E74726F6C2053797374656D7320616E6420526164696F656C656374726F6E69637331273025060355040B1E1E0426042204110020002D0020042304260020042104380431043804400438311B301906035504031312554443205369626972696120545355435352301E170D3132313131323033323830305A170D3133303330333036313930305A3081D13128302606092A864886F70D0109011619746573745F75646373406374622E726B2E74757375722E7275310B30090603550406130252553113301106035504070C0AD0A2D0BED0BCD181D0BA313D303B060355040A0C34D0A3D0B4D0BED181D182D0BED0B2D0B5D180D18FD18ED189D0B8D0B920D0A6D0B5D0BDD182D18020D0A1D0B8D0B1D0B8D180D0B83144304206035504030C3BD0A2D0B5D181D182D0BED0B2D18BD0B920D09FD0BED0BBD18CD0B7D0BED0B2D0B0D182D0B5D0BBD18C20D0A3D0A620D0A1D0B8D0B1D0B8D180D0B83063301C06062A8503020213301206072A85030202240006072A850302021E010343000440474D47E4F21779C52C2249D0C07BA20D14B2E64E2E35ECCA7BBCC44D67E13DBF419B4F9D8F326411CD77B7621E3302C75D53A56BDD6016849B85F591629D3B58A38201613082015D300E0603551D0F0101FF0404030204F030260603551D25041F301D06082B0601050507030406072A85030202220606082B06010505070302301D0603551D0E04160414E2554D2891FF3AA4394D07B41711D40B57D8253D301F0603551D23041830168014B91E8A80D866DA8EE41F288C40588C5CEAD6E722305A0603551D1F04533051304FA04DA04B8623687474703A2F2F7777772E756463732E72752F636572747372762F756463732E63726C8624687474703A2F2F777777322E756463732E72752F636572747372762F756463732E63726C307106082B0601050507010104653063302F06082B060105050730028623687474703A2F2F7777772E756463732E72752F636572747372762F756463732E636572303006082B060105050730028624687474703A2F2F777777322E756463732E72752F636572747372762F756463732E63657230140603551D20040D300B300906072A850303130204300A06062A850302020305000341001189C3FA073C79B4691766296F0B1DC21308EEEC03406B031CD9425574512999192E5528F0A09E97683D06EC5B8CA79F14E2BC37E1F1900919C29567D9220FF4";
-        DigestInfo DIGEST_CPD_TOMSK = DIGEST_CCPD_TOMSK;
-        GeneralName ID_CPD_TOMSK = GeneralName.getInstance(Hex.decode("A016060B2A85030215010102010302A00702050085BA0D41"));
-
-        REQ_CPD_TOMSK = new DVCSRequest(INFO_CPD_TOMSK.build(), new Data(Hex.decode(CPD_DATA_TOMSK)), ID_CPD_TOMSK);
-
-        certInfoBldr = new DVCSCertInfoBuilder(INFO_CPD_TOMSK2.build(), DIGEST_CPD_TOMSK, new ASN1Integer(6329), new DVCSTime(new ASN1GeneralizedTime("20121205065720Z")));
-        certInfoBldr.setDvStatus(new PKIStatusInfo(PKIStatus.granted));
-        RES_CPD_TOMSK = new DVCSResponse(certInfoBldr.build());
-
-
-        DVCSRequestInformationBuilder INFO_VPKC_TOMSK = new DVCSRequestInformationBuilder(ServiceType.VPKC);
-        INFO_VPKC_TOMSK.setNonce(new BigInteger(Hex.decode("00D3F85051")));
-
-        String VPKC_DATA_TOMSK = CPD_DATA_TOMSK;
-        DigestInfo DIGEST_VPKC_TOMSK = new DigestInfo(new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.2.643.2.2.9"), new ASN1ObjectIdentifier("1.2.643.2.2.30.1")), Hex.decode("FD97A3191C95D2AD733C11ABE0E6AEB081AF8735177F50F6B08C29D3AAFE8DE7"));
-        GeneralName ID_VPKC_TOMSK = GeneralName.getInstance(Hex.decode("A016060B2A85030215010102010302A007020500AE344E64"));
-
-        CertEtcToken target = new CertEtcToken(CertEtcToken.TAG_CERTIFICATE, Certificate.getInstance(Hex.decode(VPKC_DATA_TOMSK)));
-        TargetEtcChain REQ_CERTS = new TargetEtcChain(target);
-
-        TargetEtcChain[] RES_CERTS = TargetEtcChain.arrayFromSequence(new DERSequence(ASN1Sequence.getInstance(Hex.decode("308216BBA0820418308203C5A003020102020A4CE0FAF7000000003CD0300A06062A850302020305003081E7311B301906092A864886F70D010901160C7564637340756463732E7275310B30090603550406130252553117301506035504081E0E0422043E043C0441043A0430044F3113301106035504071E0A0422043E043C0441043A31473045060355040A133E546F6D736B20537461746520556E6976657273697479206F6620436F6E74726F6C2053797374656D7320616E6420526164696F656C656374726F6E69637331273025060355040B1E1E0426042204110020002D0020042304260020042104380431043804400438311B301906035504031312554443205369626972696120545355435352301E170D3132313131323033323830305A170D3133303330333036313930305A3081D13128302606092A864886F70D0109011619746573745F75646373406374622E726B2E74757375722E7275310B30090603550406130252553113301106035504070C0AD0A2D0BED0BCD181D0BA313D303B060355040A0C34D0A3D0B4D0BED181D182D0BED0B2D0B5D180D18FD18ED189D0B8D0B920D0A6D0B5D0BDD182D18020D0A1D0B8D0B1D0B8D180D0B83144304206035504030C3BD0A2D0B5D181D182D0BED0B2D18BD0B920D09FD0BED0BBD18CD0B7D0BED0B2D0B0D182D0B5D0BBD18C20D0A3D0A620D0A1D0B8D0B1D0B8D180D0B83063301C06062A8503020213301206072A85030202240006072A850302021E010343000440474D47E4F21779C52C2249D0C07BA20D14B2E64E2E35ECCA7BBCC44D67E13DBF419B4F9D8F326411CD77B7621E3302C75D53A56BDD6016849B85F591629D3B58A38201613082015D300E0603551D0F0101FF0404030204F030260603551D25041F301D06082B0601050507030406072A85030202220606082B06010505070302301D0603551D0E04160414E2554D2891FF3AA4394D07B41711D40B57D8253D301F0603551D23041830168014B91E8A80D866DA8EE41F288C40588C5CEAD6E722305A0603551D1F04533051304FA04DA04B8623687474703A2F2F7777772E756463732E72752F636572747372762F756463732E63726C8624687474703A2F2F777777322E756463732E72752F636572747372762F756463732E63726C307106082B0601050507010104653063302F06082B060105050730028623687474703A2F2F7777772E756463732E72752F636572747372762F756463732E636572303006082B060105050730028624687474703A2F2F777777322E756463732E72752F636572747372762F756463732E63657230140603551D20040D300B300906072A850303130204300A06062A850302020305000341001189C3FA073C79B4691766296F0B1DC21308EEEC03406B031CD9425574512999192E5528F0A09E97683D06EC5B8CA79F14E2BC37E1F1900919C29567D9220FF43082129BA48212923082123F020101300A06062A850302020305003081E7311B301906092A864886F70D010901160C7564637340756463732E7275310B30090603550406130252553117301506035504081E0E0422043E043C0441043A0430044F3113301106035504071E0A0422043E043C0441043A31473045060355040A133E546F6D736B20537461746520556E6976657273697479206F6620436F6E74726F6C2053797374656D7320616E6420526164696F656C656374726F6E69637331273025060355040B1E1E0426042204110020002D0020042304260020042104380431043804400438311B301906035504031312554443205369626972696120545355435352170D3132313230333233313434325A170D3132313230343131333434325A308210C23029020A63D1113D0000000037F4170D3132303532393035343134325A300C300A0603551D1504030A01053029020A531056A0000000003C9D170D3132303530343036343030375A300C300A0603551D1504030A01053029020A7355CE0D000000003859170D3132303530323035333830375A300C300A0603551D1504030A01053029020A4AE834300000000037AC170D3132303430353130303130385A300C300A0603551D1504030A01053029020A59B4198A000000003CB0170D3132303330323038313635395A300C300A0603551D1504030A01063029020A18249CA60000000038B2170D3132303330313038343833375A300C300A0603551D1504030A01053029020A6DEAF612000000003824170D3132303232373131303433335A300C300A0603551D1504030A0105301B020A39D1DE4A000000003C87170D3132303232343035333433325A3029020A4444F4C4000000003BA1170D3132303232323037333635315A300C300A0603551D1504030A01063029020A43625071000000003B8E170D3132303231373033343333395A300C300A0603551D1504030A01063029020A431B3050000000003B82170D3132303231373033333935335A300C300A0603551D1504030A01063029020A6433B6890000000037FC170D3132303231373032353935395A300C300A0603551D1504030A0106301B020A1C5BF404000000003C4B170D3132303231363039343931305A3029020A1CF6345A0000000036F5170D3132303231363038353732365A300C300A0603551D1504030A01063029020A6D864F01000000003C04170D3132303231343039303935375A300C300A0603551D1504030A0106301B020A162D584F000000003C2C170D3132303231343037343732335A301B020A16E8FE85000000003C31170D3132303231343037343730395A3029020A72C498EC000000003C19170D3132303231303130303135395A300C300A0603551D1504030A01063029020A14FA364A000000003ADE170D3132303230363130313334345A300C300A0603551D1504030A01063029020A43182533000000003B81170D3132303230363034323931375A300C300A0603551D1504030A01063029020A431508FF000000003B80170D3132303230363032353230355A300C300A0603551D1504030A01063029020A43120ED9000000003B7F170D3132303230363032343630315A300C300A0603551D1504030A01063029020A430E73FF000000003B7E170D3132303230363032343232365A300C300A0603551D1504030A01063029020A43061D4B000000003B7C170D3132303230333035313032365A300C300A0603551D1504030A01063029020A42FEF88F000000003B7A170D3132303230323130323435365A300C300A0603551D1504030A01063029020A430AC0DB000000003B7D170D3132303230313037323132365A300C300A0603551D1504030A01063029020A4302B4DB000000003B7B170D3132303230313033323635345A300C300A0603551D1504030A01063029020A3DCCBBBA000000003B63170D3132303133313033313030315A300C300A0603551D1504030A01063029020A2A403F0B000000003B32170D3132303133303038343932325A300C300A0603551D1504030A01063029020A396432E1000000003B43170D3132303133303036333730355A300C300A0603551D1504030A01063029020A49EC23230000000037A2170D3132303133303035353233395A300C300A0603551D1504030A01063029020A60B42B980000000039AC170D3132303132373037353935345A300C300A0603551D1504030A0106301B020A25540752000000003B1C170D3132303132363130353831305A3029020A6137E543000000003AB7170D3132303132363034343034335A300C300A0603551D1504030A01063029020A612DCD96000000003AB6170D3132303132363034333531395A300C300A0603551D1504030A01063029020A60C303950000000039AE170D3132303132363034323632365A300C300A0603551D1504030A0106301B020A2439FB96000000003B02170D3132303132363034313035355A3029020A30AE0A2300000000376D170D3132303132353130313933305A300C300A0603551D1504030A01063029020A2BFFA7C3000000003756170D3132303132353130303432375A300C300A0603551D1504030A01063029020A1BB71C85000000003A26170D3132303132353130303135315A300C300A0603551D1504030A01063029020A2BCF205C00000000373B170D3132303132353130303130325A300C300A0603551D1504030A01063029020A2BF039FE00000000374B170D3132303132353130303031395A300C300A0603551D1504030A01063029020A1F099C2E000000003A77170D3132303132353039353934305A300C300A0603551D1504030A01063029020A2BC7A320000000003736170D3132303132353039353930305A300C300A0603551D1504030A01063029020A2BFBD81D000000003753170D3132303132353039353833385A300C300A0603551D1504030A01063029020A2BD484BB00000000373D170D3132303132353039353831355A300C300A0603551D1504030A01063029020A2BF49B8400000000374E170D3132303132353039353735335A300C300A0603551D1504030A01063029020A2C00D595000000003757170D3132303132353039353730335A300C300A0603551D1504030A01063029020A2BBC0A02000000003730170D3132303132353039353630315A300C300A0603551D1504030A01063029020A2BEB9798000000003748170D3132303132353039353533355A300C300A0603551D1504030A01063029020A2BDAB5A2000000003741170D3132303132353039353431355A300C300A0603551D1504030A01063029020A2C090F8A000000003759170D3132303132353039353333305A300C300A0603551D1504030A01063029020A2BF79616000000003750170D3132303132353039353231325A300C300A0603551D1504030A01063029020A2BEEB34F00000000374A170D3132303132353039353130385A300C300A0603551D1504030A01063029020A2BF675B200000000374F170D3132303132353039353034325A300C300A0603551D1504030A01063029020A2BD60C9400000000373E170D3132303132353039343932345A300C300A0603551D1504030A01063029020A2BD79BDF00000000373F170D3132303132353039303130385A300C300A0603551D1504030A01063029020A2BFD4C4F000000003754170D3132303132353039303034335A300C300A0603551D1504030A01063029020A6F1D206D000000003849170D3132303132353038353730345A300C300A0603551D1504030A01063029020A2BF93ACE000000003751170D3132303132353038353434385A300C300A0603551D1504030A01063029020A2BDD470B000000003743170D3132303132353038353431365A300C300A0603551D1504030A01063029020A2BE15CE1000000003746170D3132303132353038353132345A300C300A0603551D1504030A01063029020A2BDE86AF000000003744170D3132303132353038353035315A300C300A0603551D1504030A01063029020A2BFAA02A000000003752170D3132303132353038353032335A300C300A0603551D1504030A01063029020A2BC89D6E000000003737170D3132303132353038343935355A300C300A0603551D1504030A01063029020A2BD8D7CA000000003740170D3132303132353038343932395A300C300A0603551D1504030A01063029020A2BD1434C00000000373C170D3132303132353038343930355A300C300A0603551D1504030A01063029020A2BCA8FB8000000003738170D3132303132353038343834325A300C300A0603551D1504030A01063029020A1BD74138000000003A2B170D3132303132353038343733305A300C300A0603551D1504030A01063029020A1BC46DC3000000003A27170D3132303132353038343435325A300C300A0603551D1504030A01063029020A31B2B567000000003770170D3132303132353038343331305A300C300A0603551D1504030A01063029020A1EBAE5CA000000003A6A170D3132303132333038343431355A300C300A0603551D1504030A01063029020A16507403000000003ACD170D3132303132303038333631325A300C300A0603551D1504030A0106301B020A1133D59A000000003AC0170D3132303131393038353835335A301B020A54EC6BAC00000000391F170D3132303131393038343732345A3029020A562EC02700000000393D170D3132303131393038303834315A300C300A0603551D1504030A01063029020A13E616DA000000003A8D170D3132303131373038333431335A300C300A0603551D1504030A01063029020A2BE02163000000003745170D3132303131363039353233345A300C300A0603551D1504030A01063029020A2BBE7768000000003731170D3132303131363037353833385A300C300A0603551D1504030A01063029020A2BF1A4AA00000000374C170D3132303131363037353430335A300C300A0603551D1504030A0106301B020A1DEC32B1000000003A4B170D3132303131363034343831345A3029020A1BF65268000000003A32170D3132303131353139333235335A300C300A0603551D1504030A01063029020A2BC3E0F7000000003733170D3132303131353138313433315A300C300A0603551D1504030A01063029020A6106BEDE0000000039E4170D3132303131333039313832395A300C300A0603551D1504030A01063029020A55C46B6B0000000037E8170D3132303131333032323430305A300C300A0603551D1504030A01063029020A5AFE0124000000003967170D3132303131313036353831315A300C300A0603551D1504030A01063029020A2142E738000000003705170D3132303131313035353030315A300C300A0603551D1504030A0106301B020A568BE0F9000000003944170D3132303131303130323032345A301B020A129514C00000000038E5170D3131313233303036323033345A301B020A12A8C2E50000000038E6170D3131313233303036313933305A301B020A1752822400000000390A170D3131313232393033333733375A3029020A1337AE5C0000000038ED170D3131313232393033313532325A300C300A0603551D1504030A01063029020A1E4BBF640000000038D3170D3131313232373039343330315A300C300A0603551D1504030A01043029020A1E4892770000000038D2170D3131313232373039343230335A300C300A0603551D1504030A01043029020A7907BD3100000000388F170D3131313232333036323630315A300C300A0603551D1504030A01063029020A2B130CE6000000003721170D3131313232313038323935345A300C300A0603551D1504030A01063029020A2BC1E40E000000003732170D3131313232313034353730375A300C300A0603551D1504030A01063029020A69D631FD00000000381A170D3131313232303037343330345A300C300A0603551D1504030A01063029020A4062B7A800000000377B170D3131313231323036323733385A300C300A0603551D1504030A01043029020A31D45B0C000000003771170D3131313231323034333733335A300C300A0603551D1504030A01063029020A3069086E00000000376A170D3131313230393034303333385A300C300A0603551D1504030A01043029020A2C02217D000000003758170D3131313230383037323930355A300C300A0603551D1504030A01043029020A2B6B5CEF00000000372B170D3131313230383035333232315A300C300A0603551D1504030A01043029020A21D19C1E000000003709170D3131313230363037353935375A300C300A0603551D1504030A0106A060305E301F0603551D23041830168014B91E8A80D866DA8EE41F288C40588C5CEAD6E722301006092B06010401823715010403020100300B0603551D140404020209E0301C06092B0601040182371504040F170D3132313230343035323434325A300A06062A850302020305000341006D9C3CCD9EFB17C5BB0F8EA40FAF62F9C7A5765D163E270AFC998AF701D7F984F5AF494B963DA7647638D2C3E252D5C2E00EA75DE8B5C1A405F692D206961B3AA203020100"))));
-
-        REQ_VPKC_TOMSK = new DVCSRequest(INFO_VPKC_TOMSK.build(), new Data(REQ_CERTS), ID_VPKC_TOMSK);
-
-        certInfoBldr = new DVCSCertInfoBuilder(INFO_VPKC_TOMSK.build(), DIGEST_VPKC_TOMSK, new ASN1Integer(6257), new DVCSTime(new ASN1GeneralizedTime("20121204040753Z")));
-
-        certInfoBldr.setDvStatus(new PKIStatusInfo(PKIStatus.granted));
-        certInfoBldr.setCerts(RES_CERTS);
-
-        RES_VPKC_TOMSK = new DVCSResponse(certInfoBldr.build());
-
-        requests.add(new Info("req_ccpd_clepsydre", REQUEST_CCPD_CLEPSYDRE, REQ_CCPD_CLEPSYDRE));
-        requests.add(new Info("req_ccpd_tomsk", REQUEST_CCPD_TOMSK, REQ_CCPD_TOMSK));
-        requests.add(new Info("req_cpd_tomsk", REQUEST_CPD_TOMSK, REQ_CPD_TOMSK));
-        requests.add(new Info("req_vpkc_tomsk", REQUEST_VPKC_TOMSK, REQ_VPKC_TOMSK));
-
-        responses.add(new Info("res_ccpd_clepsydre", RESPONSE_CCPD_CLEPSYDRE, RES_CCPD_CLEPSYDRE));
-        responses.add(new Info("res_ccpd_tomsk", RESPONSE_CCPD_TOMSK, RES_CCPD_TOMSK));
-        responses.add(new Info("res_cpd_tomsk", RESPONSE_CPD_TOMSK, RES_CPD_TOMSK));
-        responses.add(new Info("res_vpkc_tomsk", RESPONSE_VPKC_TOMSK, RES_VPKC_TOMSK));
-
-    }
-
-    private static boolean areNull(String type, Object result, Object expected)
-    {
-        if (result == null && expected == null)
-        {
-            return true;
-        }
-        if (result == null && expected != null)
-        {
-            fail("Result '" + type + "' is null, whereas expected '" + type + "' is not null");
-        }
-        if (result != null && expected == null)
-        {
-            fail("Result '" + type + "' is not null, whereas expected '" + type + "' is null");
-        }
-        return false;
-    }
-
-    ////////////////////////////////////////////////////
-    //                  PARSE TESTS                   //
-    ////////////////////////////////////////////////////
-
-    private static void validate(String type, Object result, Object expected)
-    {
-        if (areNull(type, result, expected))
-        {
-            return;
-        }
-
-        if (!result.equals(expected))
-        {
-            fail("Different " + type + ": " + result + " while expected: " + expected);
-        }
-    }
-
-    private static void validateArray(String type, Object[] result, Object[] expected)
-    {
-        if (areNull(type, result, expected))
-        {
-            return;
-        }
-
-        if (result.length != expected.length)
-        {
-            fail("Different " + type + ": " + result + " while expected: " + expected);
-        }
-        for (int i = 0; i != result.length; i++)
-        {
-            if (!result[i].equals(expected[i]))
-            {
-                fail("Different " + type + ": " + result[i] + " while expected: " + expected[i]);
-            }
-        }
-    }
-
-    public void testParseRequests()
-        throws IOException, DVCSException, CMSException
-    {
-        for (Iterator it = requests.iterator(); it.hasNext();)
-        {
-            Info info = (Info)it.next();
-            testParseRequest(info.name, info.base64, (DVCSRequest)info.expected);
-        }
-    }
-
-    private void testParseRequest(String name, String base64request, DVCSRequest expected)
-        throws DVCSException, IOException, CMSException
-    {
-        byte[] requestBytes = Base64.decode(base64request);
-
-        org.bouncycastle.dvcs.DVCSRequest request = new org.bouncycastle.dvcs.DVCSRequest(new CMSSignedData(requestBytes));
-
-        validate(name, request.getContent(), expected);
-    }
-
-    public void testParseResponses()
-        throws IOException, DVCSException, CMSException
-    {
-        for (Iterator it = responses.iterator(); it.hasNext();)
-        {
-            Info info = (Info)it.next();
-            testParseResponse(info.name, info.base64, (DVCSResponse)info.expected);
-        }
-    }
-
-    ////////////////////////////////////////////////////
-    //                  VALIDATIONS                   //
-    ////////////////////////////////////////////////////
-
-    private void testParseResponse(String name, String base64response, DVCSResponse expected)
-        throws DVCSException, IOException, CMSException
-    {
-        byte[] responseBytes = Base64.decode(base64response);
-        org.bouncycastle.dvcs.DVCSResponse response = new org.bouncycastle.dvcs.DVCSResponse(new CMSSignedData(responseBytes));
-
-        validate(name, response.getContent(), expected);
-    }
-
-    /*
-        DVCSRequest ::= SEQUENCE  {
-            requestInformation         DVCSRequestInformation,
-            data                       Data,
-            transactionIdentifier      GeneralName OPTIONAL
-        }
-     */
-    private void validate(String name, DVCSRequest result, DVCSRequest expected)
-    {
-        validate(name + ".requestInformation", result.getRequestInformation(), expected.getRequestInformation());
-        validate(name + ".data", result.getData(), expected.getData());
-        validate(name + ".transactionIdentifier", result.getTransactionIdentifier(), expected.getTransactionIdentifier());
-    }
-
-    /*
-        DVCSRequestInformation ::= SEQUENCE  {
-                version                      INTEGER DEFAULT 1 ,
-                service                      ServiceType,
-                nonce                        Nonce OPTIONAL,
-                requestTime                  DVCSTime OPTIONAL,
-                requester                    [0] GeneralNames OPTIONAL,
-                requestPolicy                [1] PolicyInformation OPTIONAL,
-                dvcs                         [2] GeneralNames OPTIONAL,
-                dataLocations                [3] GeneralNames OPTIONAL,
-                extensions                   [4] IMPLICIT Extensions OPTIONAL
-        }
-     */
-    private void validate(String name, DVCSRequestInformation info, DVCSRequestInformation expected)
-    {
-        validate(name + ".version", Integers.valueOf(info.getVersion()), Integers.valueOf(expected.getVersion()));
-        validate(name + ".service", info.getService().getValue(), expected.getService().getValue());
-        validate(name + ".nonce", info.getNonce(), expected.getNonce());
-        validate(name + ".requestTime", info.getRequestTime(), expected.getRequestTime());
-        validate(name + ".requester", info.getRequester(), expected.getRequester());
-        validate(name + ".requestPolicy", info.getRequestPolicy(), expected.getRequestPolicy());
-        validate(name + ".dvcs", info.getDVCS(), expected.getDVCS());
-        validate(name + ".dataLocations", info.getDataLocations(), expected.getDataLocations());
-        validate(name + ".extensions", info.getExtensions(), expected.getExtensions());
-    }
-
-    /*
-        DVCSTime ::= CHOICE  {
-             genTime                      GeneralizedTime,
-             timeStampToken               ContentInfo
-        }
-     */
-    private void validate(String name, DVCSTime result, DVCSTime expected)
-    {
-        if (areNull(name, result, expected))
-        {
-            return;
-        }
-        validate(name + ".genTime", result.getGenTime(), expected.getGenTime());
-        validate(name + ".timeStampToken", result.getTimeStampToken(), expected.getTimeStampToken());
-    }
-
-    /*
-        Data ::= CHOICE {
-              message           OCTET STRING ,
-              messageImprint    DigestInfo,
-              certs             SEQUENCE SIZE (1..MAX) OF
-                                    TargetEtcChain
-        }
-     */
-    private void validate(String name, Data result, Data expected)
-    {
-        validate(name + ".message", result.getMessage(), expected.getMessage());
-        validate(name + ".messageImprint", result.getMessageImprint(), expected.getMessageImprint());
-        validateArray(name + ".certs", result.getCerts(), expected.getCerts());
-    }
-
-    /*
-        DVCSResponse ::= CHOICE
-        {
-            dvCertInfo         DVCSCertInfo ,
-            dvErrorNote        [0] DVCSErrorNotice
-        }
-     */
-    private void validate(String name, DVCSResponse result, DVCSResponse expected)
-    {
-        validate(name + ".dvCertInfo", result.getCertInfo(), expected.getCertInfo());
-        validate(name + ".dvErrorNote", result.getErrorNotice(), expected.getErrorNotice());
-    }
-
-    /*
-        DVCSCertInfo::= SEQUENCE  {
-                 version             Integer DEFAULT 1 ,
-                 dvReqInfo           DVCSRequestInformation,
-                 messageImprint      DigestInfo,
-                 serialNumber        Integer,
-                 responseTime        DVCSTime,
-                 dvStatus            [0] PKIStatusInfo OPTIONAL,
-                 policy              [1] PolicyInformation OPTIONAL,
-                 reqSignature        [2] SignerInfos  OPTIONAL,
-                 certs               [3] SEQUENCE SIZE (1..MAX) OF
-                                         TargetEtcChain OPTIONAL,
-                 extensions          Extensions OPTIONAL
-        }
-     */
-    private void validate(String name, DVCSCertInfo result, DVCSCertInfo expected)
-    {
-        if (areNull(name, result, expected))
-        {
-            return;
-        }
-        validate(name + ".version", Integers.valueOf(result.getVersion()), Integers.valueOf(expected.getVersion()));
-        validate(name + ".dvReqInfo", result.getDvReqInfo(), expected.getDvReqInfo());
-        validate(name + ".messageImprint", result.getMessageImprint(), expected.getMessageImprint());
-        validate(name + ".serialNumber", result.getSerialNumber(), expected.getSerialNumber());
-        validate(name + ".responseTime", result.getResponseTime(), expected.getResponseTime());
-        validate(name + ".dvStatus", result.getDvStatus(), expected.getDvStatus());
-        validate(name + ".policy", result.getPolicy(), expected.getPolicy());
-        validate(name + ".reqSignature", result.getReqSignature(), expected.getReqSignature());
-        validateArray(name + ".certs", result.getCerts(), expected.getCerts());
-        validateArray(name + ".certs", result.getCerts(), expected.getCerts());
-        validate(name + ".extensions", result.getExtensions(), expected.getExtensions());
-    }
-
-    /*
-        DVCSErrorNotice ::= SEQUENCE {
-            transactionStatus           PKIStatusInfo ,
-            transactionIdentifier       GeneralName OPTIONAL
-        }
-     */
-    private void validate(String name, DVCSErrorNotice result, DVCSErrorNotice expected)
-    {
-        if (areNull(name, result, expected))
-        {
-            return;
-        }
-        validate(name + ".transactionStatus", result.getTransactionStatus(), expected.getTransactionStatus());
-        validate(name + ".transactionIdentifier", result.getTransactionIdentifier(), expected.getTransactionIdentifier());
-    }
-
-    private static class Info
-    {
-        public String name;
-        public String base64;
-        public Object expected;
-
-        public Info(String name, String base64, Object expected)
-        {
-            this.name = name;
-            this.base64 = base64;
-            this.expected = expected;
-        }
-    }
-
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/dvcs/test/DVCSTestSetup.java b/bcpkix/src/main/java/org/bouncycastle/dvcs/test/DVCSTestSetup.java
deleted file mode 100644
index 3d86191..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/dvcs/test/DVCSTestSetup.java
+++ /dev/null

@@ -1,28 +0,0 @@
-
-package org.bouncycastle.dvcs.test;
-
-import java.security.Security;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-
-class DVCSTestSetup
-    extends TestSetup
-{
-    public DVCSTestSetup(Test test)
-    {
-        super(test);
-    }
-
-    protected void setUp()
-    {
-        Security.addProvider(new BouncyCastleProvider());
-    }
-
-    protected void tearDown()
-    {
-        Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME);
-    }
-
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/dvcs/test/SHA1DigestCalculator.java b/bcpkix/src/main/java/org/bouncycastle/dvcs/test/SHA1DigestCalculator.java
deleted file mode 100644
index 82f3016..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/dvcs/test/SHA1DigestCalculator.java
+++ /dev/null

@@ -1,44 +0,0 @@
-package org.bouncycastle.dvcs.test;
-
-import java.io.ByteArrayOutputStream;
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.operator.DigestCalculator;
-
-
-class SHA1DigestCalculator
-    implements DigestCalculator
-{
-    private ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-    public AlgorithmIdentifier getAlgorithmIdentifier()
-    {
-        return new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1);
-    }
-
-    public OutputStream getOutputStream()
-    {
-        return bOut;
-    }
-
-    public byte[] getDigest()
-    {
-        byte[] bytes = bOut.toByteArray();
-
-        bOut.reset();
-
-        Digest sha1 = new SHA1Digest();
-
-        sha1.update(bytes, 0, bytes.length);
-
-        byte[] digest = new byte[sha1.getDigestSize()];
-
-        sha1.doFinal(digest, 0);
-
-        return digest;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/eac/EACCertificateBuilder.java b/bcpkix/src/main/java/org/bouncycastle/eac/EACCertificateBuilder.java
deleted file mode 100644
index a5b3373..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/eac/EACCertificateBuilder.java
+++ /dev/null

@@ -1,83 +0,0 @@
-package org.bouncycastle.eac;
-
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.DERApplicationSpecific;
-import org.bouncycastle.asn1.eac.CVCertificate;
-import org.bouncycastle.asn1.eac.CertificateBody;
-import org.bouncycastle.asn1.eac.CertificateHolderAuthorization;
-import org.bouncycastle.asn1.eac.CertificateHolderReference;
-import org.bouncycastle.asn1.eac.CertificationAuthorityReference;
-import org.bouncycastle.asn1.eac.EACTags;
-import org.bouncycastle.asn1.eac.PackedDate;
-import org.bouncycastle.asn1.eac.PublicKeyDataObject;
-import org.bouncycastle.eac.operator.EACSigner;
-
-public class EACCertificateBuilder
-{
-    private static final byte [] ZeroArray = new byte [] {0};
-
-    private PublicKeyDataObject publicKey;
-    private CertificateHolderAuthorization certificateHolderAuthorization;
-    private PackedDate certificateEffectiveDate;
-    private PackedDate certificateExpirationDate;
-    private CertificateHolderReference certificateHolderReference;
-    private CertificationAuthorityReference certificationAuthorityReference;
-
-    public EACCertificateBuilder(
-        CertificationAuthorityReference certificationAuthorityReference,
-        PublicKeyDataObject publicKey,
-        CertificateHolderReference certificateHolderReference,
-        CertificateHolderAuthorization certificateHolderAuthorization,
-        PackedDate certificateEffectiveDate,
-        PackedDate certificateExpirationDate)
-    {
-        this.certificationAuthorityReference = certificationAuthorityReference;
-        this.publicKey = publicKey;
-        this.certificateHolderReference = certificateHolderReference;
-        this.certificateHolderAuthorization = certificateHolderAuthorization;
-        this.certificateEffectiveDate = certificateEffectiveDate;
-        this.certificateExpirationDate = certificateExpirationDate;
-    }
-
-    private CertificateBody buildBody()
-    {
-        DERApplicationSpecific  certificateProfileIdentifier;
-
-        certificateProfileIdentifier = new DERApplicationSpecific(
-                EACTags.INTERCHANGE_PROFILE, ZeroArray);
-
-        CertificateBody body = new CertificateBody(
-                certificateProfileIdentifier,
-                certificationAuthorityReference,
-                publicKey,
-                certificateHolderReference,
-                certificateHolderAuthorization,
-                certificateEffectiveDate,
-                certificateExpirationDate);
-
-        return body;
-    }
-
-    public EACCertificateHolder build(EACSigner signer)
-        throws EACException
-    {
-        try
-        {
-            CertificateBody body = buildBody();
-
-            OutputStream vOut = signer.getOutputStream();
-
-            vOut.write(body.getEncoded(ASN1Encoding.DER));
-
-            vOut.close();
-
-            return new EACCertificateHolder(new CVCertificate(body, signer.getSignature()));
-        }
-        catch (Exception e)
-        {
-            throw new EACException("unable to process signature: " + e.getMessage(), e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/eac/EACCertificateHolder.java b/bcpkix/src/main/java/org/bouncycastle/eac/EACCertificateHolder.java
deleted file mode 100644
index c5e2033..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/eac/EACCertificateHolder.java
+++ /dev/null

@@ -1,88 +0,0 @@
-package org.bouncycastle.eac;
-
-import java.io.IOException;
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1ParsingException;
-import org.bouncycastle.asn1.eac.CVCertificate;
-import org.bouncycastle.asn1.eac.PublicKeyDataObject;
-import org.bouncycastle.eac.operator.EACSignatureVerifier;
-
-public class EACCertificateHolder
-{
-    private CVCertificate cvCertificate;
-
-    private static CVCertificate parseBytes(byte[] certEncoding)
-        throws IOException
-    {
-        try
-        {
-            return CVCertificate.getInstance(certEncoding);
-        }
-        catch (ClassCastException e)
-        {
-            throw new EACIOException("malformed data: " + e.getMessage(), e);
-        }
-        catch (IllegalArgumentException e)
-        {
-            throw new EACIOException("malformed data: " + e.getMessage(), e);
-        }
-        catch (ASN1ParsingException e)
-        {
-            if (e.getCause() instanceof IOException)
-            {
-                throw (IOException)e.getCause();
-            }
-            else
-            {
-                throw new EACIOException("malformed data: " + e.getMessage(), e);
-            }
-        }
-    }
-
-    public EACCertificateHolder(byte[] certEncoding)
-        throws IOException
-    {
-        this(parseBytes(certEncoding));
-    }
-
-    public EACCertificateHolder(CVCertificate cvCertificate)
-    {
-        this.cvCertificate = cvCertificate;
-    }
-
-    /**
-     * Return the underlying ASN.1 structure for the certificate in this holder.
-     *
-     * @return a X509CertificateStructure object.
-     */
-    public CVCertificate toASN1Structure()
-    {
-        return cvCertificate;
-    }
-
-    public PublicKeyDataObject getPublicKeyDataObject()
-    {
-        return cvCertificate.getBody().getPublicKey();
-    }
-
-    public boolean isSignatureValid(EACSignatureVerifier verifier)
-        throws EACException
-    {
-        try
-        {
-            OutputStream vOut = verifier.getOutputStream();
-
-            vOut.write(cvCertificate.getBody().getEncoded(ASN1Encoding.DER));
-
-            vOut.close();
-
-            return verifier.verify(cvCertificate.getSignature());
-        }
-        catch (Exception e)
-        {
-            throw new EACException("unable to process signature: " + e.getMessage(), e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/eac/EACCertificateRequestHolder.java b/bcpkix/src/main/java/org/bouncycastle/eac/EACCertificateRequestHolder.java
deleted file mode 100644
index 560b730..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/eac/EACCertificateRequestHolder.java
+++ /dev/null

@@ -1,88 +0,0 @@
-package org.bouncycastle.eac;
-
-import java.io.IOException;
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1ParsingException;
-import org.bouncycastle.asn1.eac.CVCertificateRequest;
-import org.bouncycastle.asn1.eac.PublicKeyDataObject;
-import org.bouncycastle.eac.operator.EACSignatureVerifier;
-
-public class EACCertificateRequestHolder
-{
-    private CVCertificateRequest request;
-
-    private static CVCertificateRequest parseBytes(byte[] requestEncoding)
-        throws IOException
-    {
-        try
-        {
-            return CVCertificateRequest.getInstance(requestEncoding);
-        }
-        catch (ClassCastException e)
-        {
-            throw new EACIOException("malformed data: " + e.getMessage(), e);
-        }
-        catch (IllegalArgumentException e)
-        {
-            throw new EACIOException("malformed data: " + e.getMessage(), e);
-        }
-        catch (ASN1ParsingException e)
-        {
-            if (e.getCause() instanceof IOException)
-            {
-                throw (IOException)e.getCause();
-            }
-            else
-            {
-                throw new EACIOException("malformed data: " + e.getMessage(), e);
-            }
-        }
-    }
-
-    public EACCertificateRequestHolder(byte[] certEncoding)
-        throws IOException
-    {
-        this(parseBytes(certEncoding));
-    }
-
-    public EACCertificateRequestHolder(CVCertificateRequest request)
-    {
-        this.request = request;
-    }
-
-    /**
-     * Return the underlying ASN.1 structure for the certificate in this holder.
-     *
-     * @return a X509CertificateStructure object.
-     */
-    public CVCertificateRequest toASN1Structure()
-    {
-        return request;
-    }
-
-    public PublicKeyDataObject getPublicKeyDataObject()
-    {
-        return request.getPublicKey();
-    }
-
-    public boolean isInnerSignatureValid(EACSignatureVerifier verifier)
-        throws EACException
-    {
-        try
-        {
-            OutputStream vOut = verifier.getOutputStream();
-
-            vOut.write(request.getCertificateBody().getEncoded(ASN1Encoding.DER));
-
-            vOut.close();
-
-            return verifier.verify(request.getInnerSignature());
-        }
-        catch (Exception e)
-        {
-            throw new EACException("unable to process signature: " + e.getMessage(), e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/eac/EACException.java b/bcpkix/src/main/java/org/bouncycastle/eac/EACException.java
deleted file mode 100644
index b6e02cf..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/eac/EACException.java
+++ /dev/null

@@ -1,27 +0,0 @@
-package org.bouncycastle.eac;
-
-/**
- * General checked Exception thrown in the cert package and its sub-packages.
- */
-public class EACException
-    extends Exception
-{
-    private Throwable cause;
-
-    public EACException(String msg, Throwable cause)
-    {
-        super(msg);
-
-        this.cause = cause;
-    }
-
-    public EACException(String msg)
-    {
-        super(msg);
-    }
-
-    public Throwable getCause()
-    {
-        return cause;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/eac/EACIOException.java b/bcpkix/src/main/java/org/bouncycastle/eac/EACIOException.java
deleted file mode 100644
index 8aa480b..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/eac/EACIOException.java
+++ /dev/null

@@ -1,29 +0,0 @@
-package org.bouncycastle.eac;
-
-import java.io.IOException;
-
-/**
- * General IOException thrown in the cert package and its sub-packages.
- */
-public class EACIOException
-    extends IOException
-{
-    private Throwable cause;
-
-    public EACIOException(String msg, Throwable cause)
-    {
-        super(msg);
-
-        this.cause = cause;
-    }
-
-    public EACIOException(String msg)
-    {
-        super(msg);
-    }
-
-    public Throwable getCause()
-    {
-        return cause;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/eac/jcajce/DefaultEACHelper.java b/bcpkix/src/main/java/org/bouncycastle/eac/jcajce/DefaultEACHelper.java
deleted file mode 100644
index d281fb3..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/eac/jcajce/DefaultEACHelper.java
+++ /dev/null

@@ -1,14 +0,0 @@
-package org.bouncycastle.eac.jcajce;
-
-import java.security.KeyFactory;
-import java.security.NoSuchAlgorithmException;
-
-class DefaultEACHelper
-    implements EACHelper
-{
-    public KeyFactory createKeyFactory(String type)
-        throws NoSuchAlgorithmException
-    {
-        return KeyFactory.getInstance(type);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/eac/jcajce/EACHelper.java b/bcpkix/src/main/java/org/bouncycastle/eac/jcajce/EACHelper.java
deleted file mode 100644
index 8c42a63..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/eac/jcajce/EACHelper.java
+++ /dev/null

@@ -1,11 +0,0 @@
-package org.bouncycastle.eac.jcajce;
-
-import java.security.KeyFactory;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-
-interface EACHelper
-{
-    KeyFactory createKeyFactory(String type)
-        throws NoSuchProviderException, NoSuchAlgorithmException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/eac/jcajce/JcaPublicKeyConverter.java b/bcpkix/src/main/java/org/bouncycastle/eac/jcajce/JcaPublicKeyConverter.java
deleted file mode 100644
index 79e312f..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/eac/jcajce/JcaPublicKeyConverter.java
+++ /dev/null

@@ -1,212 +0,0 @@
-package org.bouncycastle.eac.jcajce;
-
-import java.math.BigInteger;
-import java.security.KeyFactory;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.Provider;
-import java.security.PublicKey;
-import java.security.interfaces.ECPublicKey;
-import java.security.spec.ECField;
-import java.security.spec.ECFieldF2m;
-import java.security.spec.ECFieldFp;
-import java.security.spec.ECParameterSpec;
-import java.security.spec.ECPublicKeySpec;
-import java.security.spec.EllipticCurve;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.RSAPublicKeySpec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
-import org.bouncycastle.asn1.eac.ECDSAPublicKey;
-import org.bouncycastle.asn1.eac.PublicKeyDataObject;
-import org.bouncycastle.asn1.eac.RSAPublicKey;
-import org.bouncycastle.eac.EACException;
-import org.bouncycastle.math.ec.ECAlgorithms;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.field.FiniteField;
-import org.bouncycastle.math.field.Polynomial;
-import org.bouncycastle.math.field.PolynomialExtensionField;
-import org.bouncycastle.util.Arrays;
-
-public class JcaPublicKeyConverter
-{
-    private EACHelper helper = new DefaultEACHelper();
-
-    public JcaPublicKeyConverter setProvider(String providerName)
-    {
-        this.helper = new NamedEACHelper(providerName);
-
-        return this;
-    }
-
-    public JcaPublicKeyConverter setProvider(Provider provider)
-    {
-        this.helper = new ProviderEACHelper(provider);
-
-        return this;
-    }
-
-    public PublicKey getKey(PublicKeyDataObject publicKeyDataObject)
-        throws EACException, InvalidKeySpecException
-    {
-        if (publicKeyDataObject.getUsage().on(EACObjectIdentifiers.id_TA_ECDSA))
-        {
-            return getECPublicKeyPublicKey((ECDSAPublicKey)publicKeyDataObject);
-        }
-        else
-        {
-            RSAPublicKey pubKey = (RSAPublicKey)publicKeyDataObject;
-            RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(pubKey.getModulus(), pubKey.getPublicExponent());
-
-            try
-            {
-                KeyFactory factk = helper.createKeyFactory("RSA");
-
-                return factk.generatePublic(pubKeySpec);
-            }
-            catch (NoSuchProviderException e)
-            {
-                throw new EACException("cannot find provider: " + e.getMessage(), e);
-            }
-            catch (NoSuchAlgorithmException e)
-            {
-                throw new EACException("cannot find algorithm ECDSA: " + e.getMessage(), e);
-            }
-        }
-    }
-
-    private PublicKey getECPublicKeyPublicKey(ECDSAPublicKey key)
-        throws EACException, InvalidKeySpecException
-    {
-        ECParameterSpec spec = getParams(key);
-        java.security.spec.ECPoint publicPoint = getPublicPoint(key);
-        ECPublicKeySpec pubKeySpec = new ECPublicKeySpec(publicPoint, spec);
-
-        KeyFactory factk;
-        try
-        {
-            factk = helper.createKeyFactory("ECDSA");
-        }
-        catch (NoSuchProviderException e)
-        {
-            throw new EACException("cannot find provider: " + e.getMessage(), e);
-        }
-        catch (NoSuchAlgorithmException e)
-        {
-            throw new EACException("cannot find algorithm ECDSA: " + e.getMessage(), e);
-        }
-
-        return factk.generatePublic(pubKeySpec);
-    }
-
-    private java.security.spec.ECPoint getPublicPoint(ECDSAPublicKey key)
-    {
-        if (!key.hasParameters())
-        {
-            throw new IllegalArgumentException("Public key does not contains EC Params");
-        }
-
-        BigInteger p = key.getPrimeModulusP();
-        ECCurve.Fp curve = new ECCurve.Fp(p, key.getFirstCoefA(), key.getSecondCoefB(), key.getOrderOfBasePointR(), key.getCofactorF());
-
-        ECPoint.Fp pubY = (ECPoint.Fp)curve.decodePoint(key.getPublicPointY());
-
-        return new java.security.spec.ECPoint(pubY.getAffineXCoord().toBigInteger(), pubY.getAffineYCoord().toBigInteger());
-    }
-
-    private ECParameterSpec getParams(ECDSAPublicKey key)
-    {
-        if (!key.hasParameters())
-        {
-            throw new IllegalArgumentException("Public key does not contains EC Params");
-        }
-
-        BigInteger p = key.getPrimeModulusP();
-        ECCurve.Fp curve = new ECCurve.Fp(p, key.getFirstCoefA(), key.getSecondCoefB(), key.getOrderOfBasePointR(), key.getCofactorF());
-
-        ECPoint G = curve.decodePoint(key.getBasePointG());
-
-        BigInteger order = key.getOrderOfBasePointR();
-        BigInteger coFactor = key.getCofactorF();
-
-        EllipticCurve jcaCurve = convertCurve(curve);
-
-        return new ECParameterSpec(jcaCurve, new java.security.spec.ECPoint(G.getAffineXCoord().toBigInteger(), G.getAffineYCoord().toBigInteger()), order, coFactor.intValue());
-    }
-
-    public PublicKeyDataObject getPublicKeyDataObject(ASN1ObjectIdentifier usage, PublicKey publicKey)
-    {
-        if (publicKey instanceof java.security.interfaces.RSAPublicKey)
-        {
-            java.security.interfaces.RSAPublicKey pubKey = (java.security.interfaces.RSAPublicKey)publicKey;
-
-            return new RSAPublicKey(usage, pubKey.getModulus(), pubKey.getPublicExponent());
-        }
-        else
-        {
-            ECPublicKey pubKey = (ECPublicKey)publicKey;
-            java.security.spec.ECParameterSpec params = pubKey.getParams();
-
-            return new ECDSAPublicKey(
-                usage,
-                ((ECFieldFp)params.getCurve().getField()).getP(),
-                params.getCurve().getA(), params.getCurve().getB(),
-                convertPoint(convertCurve(params.getCurve(), params.getOrder(), params.getCofactor()), params.getGenerator()).getEncoded(),
-                params.getOrder(),
-                convertPoint(convertCurve(params.getCurve(), params.getOrder(), params.getCofactor()), pubKey.getW()).getEncoded(),
-                params.getCofactor());
-        }
-    }
-
-    private static org.bouncycastle.math.ec.ECPoint convertPoint(
-        ECCurve curve,
-        java.security.spec.ECPoint point)
-    {
-        return curve.createPoint(point.getAffineX(), point.getAffineY());
-    }
-
-    private static ECCurve convertCurve(
-        EllipticCurve ec, BigInteger order, int coFactor)
-    {
-        ECField field = ec.getField();
-        BigInteger a = ec.getA();
-        BigInteger b = ec.getB();
-
-        if (field instanceof ECFieldFp)
-        {
-            return new ECCurve.Fp(((ECFieldFp)field).getP(), a, b, order, BigInteger.valueOf(coFactor));
-        }
-        else
-        {
-            throw new IllegalStateException("not implemented yet!!!");
-        }
-    }
-
-    private static EllipticCurve convertCurve(
-        ECCurve curve)
-    {
-        ECField field = convertField(curve.getField());
-        BigInteger a = curve.getA().toBigInteger(), b = curve.getB().toBigInteger();
-
-        // TODO: the Sun EC implementation doesn't currently handle the seed properly
-        // so at the moment it's set to null. Should probably look at making this configurable
-        return new EllipticCurve(field, a, b, null);
-    }
-
-    private static ECField convertField(FiniteField field)
-    {
-        if (ECAlgorithms.isFpField(field))
-        {
-            return new ECFieldFp(field.getCharacteristic());
-        }
-        else //if (ECAlgorithms.isF2mField(curveField))
-        {
-            Polynomial poly = ((PolynomialExtensionField)field).getMinimalPolynomial();
-            int[] exponents = poly.getExponentsPresent();
-            int[] ks = Arrays.reverse(Arrays.copyOfRange(exponents, 1, exponents.length - 1));
-            return new ECFieldF2m(poly.getDegree(), ks);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/eac/jcajce/NamedEACHelper.java b/bcpkix/src/main/java/org/bouncycastle/eac/jcajce/NamedEACHelper.java
deleted file mode 100644
index e1af5be..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/eac/jcajce/NamedEACHelper.java
+++ /dev/null

@@ -1,22 +0,0 @@
-package org.bouncycastle.eac.jcajce;
-
-import java.security.KeyFactory;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-
-class NamedEACHelper
-    implements EACHelper
-{
-    private final String providerName;
-
-    NamedEACHelper(String providerName)
-    {
-        this.providerName = providerName;
-    }
-
-    public KeyFactory createKeyFactory(String type)
-        throws NoSuchProviderException, NoSuchAlgorithmException
-    {
-        return KeyFactory.getInstance(type, providerName);
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/eac/jcajce/ProviderEACHelper.java b/bcpkix/src/main/java/org/bouncycastle/eac/jcajce/ProviderEACHelper.java
deleted file mode 100644
index 5ecfee9..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/eac/jcajce/ProviderEACHelper.java
+++ /dev/null

@@ -1,22 +0,0 @@
-package org.bouncycastle.eac.jcajce;
-
-import java.security.KeyFactory;
-import java.security.NoSuchAlgorithmException;
-import java.security.Provider;
-
-class ProviderEACHelper
-    implements EACHelper
-{
-    private final Provider provider;
-
-    ProviderEACHelper(Provider provider)
-    {
-        this.provider = provider;
-    }
-
-    public KeyFactory createKeyFactory(String type)
-        throws NoSuchAlgorithmException
-    {
-        return KeyFactory.getInstance(type, provider);
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/eac/operator/EACSignatureVerifier.java b/bcpkix/src/main/java/org/bouncycastle/eac/operator/EACSignatureVerifier.java
deleted file mode 100644
index 2cd4b50..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/eac/operator/EACSignatureVerifier.java
+++ /dev/null

@@ -1,30 +0,0 @@
-package org.bouncycastle.eac.operator;
-
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-
-public interface EACSignatureVerifier
-{
-    /**
-     * Return the usage OID specifying the signature type.
-     *
-     * @return algorithm oid.
-     */
-    ASN1ObjectIdentifier getUsageIdentifier();
-
-    /**
-     * Returns a stream that will accept data for the purpose of calculating
-     * a signature for later verification. Use org.bouncycastle.util.io.TeeOutputStream if you want to accumulate
-     * the data on the fly as well.
-     *
-     * @return an OutputStream
-     */
-    OutputStream getOutputStream();
-
-    /**
-     * @param expected expected value of the signature on the data.
-     * @return true if the signature verifies, false otherwise
-     */
-    boolean verify(byte[] expected);
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/eac/operator/EACSigner.java b/bcpkix/src/main/java/org/bouncycastle/eac/operator/EACSigner.java
deleted file mode 100644
index 999d812..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/eac/operator/EACSigner.java
+++ /dev/null

@@ -1,27 +0,0 @@
-package org.bouncycastle.eac.operator;
-
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-
-public interface EACSigner
-{
-    ASN1ObjectIdentifier getUsageIdentifier();
-
-    /**
-     * Returns a stream that will accept data for the purpose of calculating
-     * a signature. Use org.bouncycastle.util.io.TeeOutputStream if you want to accumulate
-     * the data on the fly as well.
-     *
-     * @return an OutputStream
-     */
-    OutputStream getOutputStream();
-
-    /**
-     * Returns a signature based on the current data written to the stream, since the
-     * start or the last call to getSignature().
-     *
-     * @return bytes representing the signature.
-     */
-    byte[] getSignature();
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/eac/operator/jcajce/DefaultEACHelper.java b/bcpkix/src/main/java/org/bouncycastle/eac/operator/jcajce/DefaultEACHelper.java
deleted file mode 100644
index a84fda7..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/eac/operator/jcajce/DefaultEACHelper.java
+++ /dev/null

@@ -1,14 +0,0 @@
-package org.bouncycastle.eac.operator.jcajce;
-
-import java.security.NoSuchAlgorithmException;
-import java.security.Signature;
-
-class DefaultEACHelper
-    extends EACHelper
-{
-    protected Signature createSignature(String type)
-        throws NoSuchAlgorithmException
-    {
-        return Signature.getInstance(type);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/eac/operator/jcajce/EACHelper.java b/bcpkix/src/main/java/org/bouncycastle/eac/operator/jcajce/EACHelper.java
deleted file mode 100644
index da756ff..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/eac/operator/jcajce/EACHelper.java
+++ /dev/null

@@ -1,39 +0,0 @@
-package org.bouncycastle.eac.operator.jcajce;
-
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.Signature;
-import java.util.Hashtable;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
-
-abstract class EACHelper
-{
-    private static final Hashtable sigNames = new Hashtable();
-
-    static
-    {
-        sigNames.put(EACObjectIdentifiers.id_TA_RSA_v1_5_SHA_1, "SHA1withRSA");
-        sigNames.put(EACObjectIdentifiers.id_TA_RSA_v1_5_SHA_256, "SHA256withRSA");
-        sigNames.put(EACObjectIdentifiers.id_TA_RSA_PSS_SHA_1, "SHA1withRSAandMGF1");
-        sigNames.put(EACObjectIdentifiers.id_TA_RSA_PSS_SHA_256, "SHA256withRSAandMGF1");
-        sigNames.put(EACObjectIdentifiers.id_TA_RSA_v1_5_SHA_512, "SHA512withRSA");
-        sigNames.put(EACObjectIdentifiers.id_TA_RSA_PSS_SHA_512, "SHA512withRSAandMGF1");
-
-        sigNames.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_1, "SHA1withECDSA");
-        sigNames.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_224, "SHA224withECDSA");
-        sigNames.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_256, "SHA256withECDSA");
-        sigNames.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_384, "SHA384withECDSA");
-        sigNames.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_512, "SHA512withECDSA");
-    }
-
-    public Signature getSignature(ASN1ObjectIdentifier oid)
-        throws NoSuchProviderException, NoSuchAlgorithmException
-    {
-        return createSignature((String)sigNames.get(oid));
-    }
-
-    protected abstract Signature createSignature(String type)
-        throws NoSuchProviderException, NoSuchAlgorithmException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/eac/operator/jcajce/EACUtil.java b/bcpkix/src/main/java/org/bouncycastle/eac/operator/jcajce/EACUtil.java
deleted file mode 100644
index 5e5942a..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/eac/operator/jcajce/EACUtil.java
+++ /dev/null

@@ -1,5 +0,0 @@
-package org.bouncycastle.eac.operator.jcajce;
-
-class EACUtil
-{
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/eac/operator/jcajce/JcaEACSignatureVerifierBuilder.java b/bcpkix/src/main/java/org/bouncycastle/eac/operator/jcajce/JcaEACSignatureVerifierBuilder.java
deleted file mode 100644
index 5115642..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/eac/operator/jcajce/JcaEACSignatureVerifierBuilder.java
+++ /dev/null

@@ -1,181 +0,0 @@
-package org.bouncycastle.eac.operator.jcajce;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.math.BigInteger;
-import java.security.InvalidKeyException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.Provider;
-import java.security.PublicKey;
-import java.security.Signature;
-import java.security.SignatureException;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
-import org.bouncycastle.eac.operator.EACSignatureVerifier;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.OperatorStreamException;
-import org.bouncycastle.operator.RuntimeOperatorException;
-
-public class JcaEACSignatureVerifierBuilder
-{
-    private EACHelper helper = new DefaultEACHelper();
-
-    public JcaEACSignatureVerifierBuilder setProvider(String providerName)
-    {
-        this.helper = new NamedEACHelper(providerName);
-
-        return this;
-    }
-
-    public JcaEACSignatureVerifierBuilder setProvider(Provider provider)
-    {
-        this.helper = new ProviderEACHelper(provider);
-
-        return this;
-    }
-
-    public EACSignatureVerifier build(final ASN1ObjectIdentifier usageOid, PublicKey pubKey)
-        throws OperatorCreationException
-    {
-        Signature sig;
-        try
-        {
-            sig = helper.getSignature(usageOid);
-
-            sig.initVerify(pubKey);
-        }
-        catch (NoSuchAlgorithmException e)
-        {
-            throw new OperatorCreationException("unable to find algorithm: " + e.getMessage(), e);
-        }
-        catch (NoSuchProviderException e)
-        {
-            throw new OperatorCreationException("unable to find provider: " + e.getMessage(), e);
-        }
-        catch (InvalidKeyException e)
-        {
-            throw new OperatorCreationException("invalid key: " + e.getMessage(), e);
-        }
-
-        final SignatureOutputStream sigStream = new SignatureOutputStream(sig);
-
-        return new EACSignatureVerifier()
-        {
-            public ASN1ObjectIdentifier getUsageIdentifier()
-            {
-                return usageOid;
-            }
-
-            public OutputStream getOutputStream()
-            {
-                return sigStream;
-            }
-
-            public boolean verify(byte[] expected)
-            {
-                try
-                {
-                    if (usageOid.on(EACObjectIdentifiers.id_TA_ECDSA))
-                    {
-                        try
-                        {
-                            byte[] reencoded = derEncode(expected);
-
-                            return sigStream.verify(reencoded);
-                        }
-                        catch (Exception e)
-                        {
-                            return false;
-                        }
-                    }
-                    else
-                    {
-                        return sigStream.verify(expected);
-                    }
-                }
-                catch (SignatureException e)
-                {
-                    throw new RuntimeOperatorException("exception obtaining signature: " + e.getMessage(), e);
-                }
-            }
-        };
-    }
-
-    private static byte[] derEncode(byte[] rawSign) throws IOException
-    {
-        int len = rawSign.length / 2;
-
-        byte[] r = new byte[len];
-        byte[] s = new byte[len];
-        System.arraycopy(rawSign, 0, r, 0, len);
-        System.arraycopy(rawSign, len, s, 0, len);
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        v.add(new ASN1Integer(new BigInteger(1, r)));
-        v.add(new ASN1Integer(new BigInteger(1, s)));
-
-        DERSequence seq = new DERSequence(v);
-        return seq.getEncoded();
-    }
-
-    private class SignatureOutputStream
-        extends OutputStream
-    {
-        private Signature sig;
-
-        SignatureOutputStream(Signature sig)
-        {
-            this.sig = sig;
-        }
-
-        public void write(byte[] bytes, int off, int len)
-            throws IOException
-        {
-            try
-            {
-                sig.update(bytes, off, len);
-            }
-            catch (SignatureException e)
-            {
-                throw new OperatorStreamException("exception in content signer: " + e.getMessage(), e);
-            }
-        }
-
-        public void write(byte[] bytes)
-            throws IOException
-        {
-            try
-            {
-                sig.update(bytes);
-            }
-            catch (SignatureException e)
-            {
-                throw new OperatorStreamException("exception in content signer: " + e.getMessage(), e);
-            }
-        }
-
-        public void write(int b)
-            throws IOException
-        {
-            try
-            {
-                sig.update((byte)b);
-            }
-            catch (SignatureException e)
-            {
-                throw new OperatorStreamException("exception in content signer: " + e.getMessage(), e);
-            }
-        }
-
-        boolean verify(byte[] expected)
-            throws SignatureException
-        {
-            return sig.verify(expected);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/eac/operator/jcajce/JcaEACSignerBuilder.java b/bcpkix/src/main/java/org/bouncycastle/eac/operator/jcajce/JcaEACSignerBuilder.java
deleted file mode 100644
index 380ec14..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/eac/operator/jcajce/JcaEACSignerBuilder.java
+++ /dev/null

@@ -1,234 +0,0 @@
-package org.bouncycastle.eac.operator.jcajce;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.math.BigInteger;
-import java.security.InvalidKeyException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PrivateKey;
-import java.security.Provider;
-import java.security.Signature;
-import java.security.SignatureException;
-import java.util.Arrays;
-import java.util.Hashtable;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
-import org.bouncycastle.eac.operator.EACSigner;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.OperatorStreamException;
-import org.bouncycastle.operator.RuntimeOperatorException;
-
-public class JcaEACSignerBuilder
-{
-    private static final Hashtable sigNames = new Hashtable();
-
-    static
-    {
-        sigNames.put("SHA1withRSA", EACObjectIdentifiers.id_TA_RSA_v1_5_SHA_1);
-        sigNames.put("SHA256withRSA", EACObjectIdentifiers.id_TA_RSA_v1_5_SHA_256);
-        sigNames.put("SHA1withRSAandMGF1", EACObjectIdentifiers.id_TA_RSA_PSS_SHA_1);
-        sigNames.put("SHA256withRSAandMGF1", EACObjectIdentifiers.id_TA_RSA_PSS_SHA_256);
-        sigNames.put("SHA512withRSA", EACObjectIdentifiers.id_TA_RSA_v1_5_SHA_512);
-        sigNames.put("SHA512withRSAandMGF1", EACObjectIdentifiers.id_TA_RSA_PSS_SHA_512);
-
-        sigNames.put("SHA1withECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1);
-        sigNames.put("SHA224withECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_224);
-        sigNames.put("SHA256withECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_256);
-        sigNames.put("SHA384withECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_384);
-        sigNames.put("SHA512withECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_512);
-    }
-
-    private EACHelper helper = new DefaultEACHelper();
-
-    public JcaEACSignerBuilder setProvider(String providerName)
-    {
-        this.helper = new NamedEACHelper(providerName);
-
-        return this;
-    }
-
-    public JcaEACSignerBuilder setProvider(Provider provider)
-    {
-        this.helper = new ProviderEACHelper(provider);
-
-        return this;
-    }
-
-    public EACSigner build(String algorithm, PrivateKey privKey)
-        throws OperatorCreationException
-    {
-        return build((ASN1ObjectIdentifier)sigNames.get(algorithm), privKey);
-    }
-
-    public EACSigner build(final ASN1ObjectIdentifier usageOid, PrivateKey privKey)
-        throws OperatorCreationException
-    {
-        Signature sig;
-        try
-        {
-            sig = helper.getSignature(usageOid);
-
-            sig.initSign(privKey);
-        }
-        catch (NoSuchAlgorithmException e)
-        {
-            throw new OperatorCreationException("unable to find algorithm: " + e.getMessage(), e);
-        }
-        catch (NoSuchProviderException e)
-        {
-            throw new OperatorCreationException("unable to find provider: " + e.getMessage(), e);
-        }
-        catch (InvalidKeyException e)
-        {
-            throw new OperatorCreationException("invalid key: " + e.getMessage(), e);
-        }
-
-        final SignatureOutputStream sigStream = new SignatureOutputStream(sig);
-
-        return new EACSigner()
-        {
-            public ASN1ObjectIdentifier getUsageIdentifier()
-            {
-                return usageOid;
-            }
-
-            public OutputStream getOutputStream()
-            {
-                return sigStream;
-            }
-
-            public byte[] getSignature()
-            {
-                try
-                {
-                    byte[] signature = sigStream.getSignature();
-
-                    if (usageOid.on(EACObjectIdentifiers.id_TA_ECDSA))
-                    {
-                        return reencode(signature);
-                    }
-
-                    return signature;
-                }
-                catch (SignatureException e)
-                {
-                    throw new RuntimeOperatorException("exception obtaining signature: " + e.getMessage(), e);
-                }
-            }
-        };
-    }
-
-    public static int max(int el1, int el2)
-    {
-        return el1 > el2 ? el1 : el2;
-    }
-
-    private static byte[] reencode(byte[] rawSign)
-    {
-        ASN1Sequence sData = ASN1Sequence.getInstance(rawSign);
-
-        BigInteger r = ASN1Integer.getInstance(sData.getObjectAt(0)).getValue();
-        BigInteger s = ASN1Integer.getInstance(sData.getObjectAt(1)).getValue();
-
-        byte[] rB = r.toByteArray();
-        byte[] sB = s.toByteArray();
-
-        int rLen = unsignedIntLength(rB);
-        int sLen = unsignedIntLength(sB);
-
-        byte[] ret;
-        int len = max(rLen, sLen);
-
-        ret = new byte[len * 2];
-        Arrays.fill(ret, (byte)0);
-
-        copyUnsignedInt(rB, ret, len - rLen);
-        copyUnsignedInt(sB, ret, 2 * len - sLen);
-
-        return ret;
-    }
-
-    private static int unsignedIntLength(byte[] i)
-    {
-        int len = i.length;
-        if (i[0] == 0)
-        {
-            len--;
-        }
-
-        return len;
-    }
-
-    private static void copyUnsignedInt(byte[] src, byte[] dst, int offset)
-    {
-        int len = src.length;
-        int readoffset = 0;
-        if (src[0] == 0)
-        {
-            len--;
-            readoffset = 1;
-        }
-
-        System.arraycopy(src, readoffset, dst, offset, len);
-    }
-
-    private class SignatureOutputStream
-        extends OutputStream
-    {
-        private Signature sig;
-
-        SignatureOutputStream(Signature sig)
-        {
-            this.sig = sig;
-        }
-
-        public void write(byte[] bytes, int off, int len)
-            throws IOException
-        {
-            try
-            {
-                sig.update(bytes, off, len);
-            }
-            catch (SignatureException e)
-            {
-                throw new OperatorStreamException("exception in content signer: " + e.getMessage(), e);
-            }
-        }
-
-        public void write(byte[] bytes)
-            throws IOException
-        {
-            try
-            {
-                sig.update(bytes);
-            }
-            catch (SignatureException e)
-            {
-                throw new OperatorStreamException("exception in content signer: " + e.getMessage(), e);
-            }
-        }
-
-        public void write(int b)
-            throws IOException
-        {
-            try
-            {
-                sig.update((byte)b);
-            }
-            catch (SignatureException e)
-            {
-                throw new OperatorStreamException("exception in content signer: " + e.getMessage(), e);
-            }
-        }
-
-        byte[] getSignature()
-            throws SignatureException
-        {
-            return sig.sign();
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/eac/operator/jcajce/NamedEACHelper.java b/bcpkix/src/main/java/org/bouncycastle/eac/operator/jcajce/NamedEACHelper.java
deleted file mode 100644
index 511cfcf..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/eac/operator/jcajce/NamedEACHelper.java
+++ /dev/null

@@ -1,22 +0,0 @@
-package org.bouncycastle.eac.operator.jcajce;
-
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.Signature;
-
-class NamedEACHelper
-    extends EACHelper
-{
-    private final String providerName;
-
-    NamedEACHelper(String providerName)
-    {
-        this.providerName = providerName;
-    }
-
-    protected Signature createSignature(String type)
-        throws NoSuchProviderException, NoSuchAlgorithmException
-    {
-        return Signature.getInstance(type, providerName);
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/eac/operator/jcajce/ProviderEACHelper.java b/bcpkix/src/main/java/org/bouncycastle/eac/operator/jcajce/ProviderEACHelper.java
deleted file mode 100644
index 148a41e..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/eac/operator/jcajce/ProviderEACHelper.java
+++ /dev/null

@@ -1,22 +0,0 @@
-package org.bouncycastle.eac.operator.jcajce;
-
-import java.security.NoSuchAlgorithmException;
-import java.security.Provider;
-import java.security.Signature;
-
-class ProviderEACHelper
-    extends EACHelper
-{
-    private final Provider provider;
-
-    ProviderEACHelper(Provider provider)
-    {
-        this.provider = provider;
-    }
-
-    protected Signature createSignature(String type)
-        throws NoSuchAlgorithmException
-    {
-        return Signature.getInstance(type, provider);
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/eac/package.html b/bcpkix/src/main/java/org/bouncycastle/eac/package.html
deleted file mode 100644
index 97c41fa..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/eac/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Base classes Extended Access Control (EAC) Certificates as described in "Technical Guideline, Advanced Security Mechanisms for Machine Readable Travel Documents, Extended Access Control (EAC), Version 1.0.1, BSI 2006".
-</body>
-</html>

diff --git a/bcpkix/src/main/java/org/bouncycastle/eac/test/AllTests.java b/bcpkix/src/main/java/org/bouncycastle/eac/test/AllTests.java
deleted file mode 100644
index 4cfdf28..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/eac/test/AllTests.java
+++ /dev/null

@@ -1,216 +0,0 @@
-package org.bouncycastle.eac.test;
-
-import java.io.IOException;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.asn1.eac.CertificateHolderAuthorization;
-import org.bouncycastle.asn1.eac.CertificateHolderReference;
-import org.bouncycastle.asn1.eac.CertificationAuthorityReference;
-import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
-import org.bouncycastle.asn1.eac.PackedDate;
-import org.bouncycastle.eac.EACCertificateBuilder;
-import org.bouncycastle.eac.EACCertificateHolder;
-import org.bouncycastle.eac.EACCertificateRequestHolder;
-import org.bouncycastle.eac.jcajce.JcaPublicKeyConverter;
-import org.bouncycastle.eac.operator.EACSignatureVerifier;
-import org.bouncycastle.eac.operator.EACSigner;
-import org.bouncycastle.eac.operator.jcajce.JcaEACSignatureVerifierBuilder;
-import org.bouncycastle.eac.operator.jcajce.JcaEACSignerBuilder;
-import org.bouncycastle.jce.ECNamedCurveTable;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECParameterSpec;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.io.Streams;
-
-public class AllTests
-    extends TestCase
-{
-    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
-
-    public void setUp()
-    {
-        if (Security.getProvider(BC) != null)
-        {
-            Security.addProvider(new BouncyCastleProvider());
-        }
-    }
-
-    public void testLoadCertificate() throws Exception
-    {
-        EACCertificateHolder certHolder = new EACCertificateHolder(getInput("Belgique CVCA-02032010.7816.cvcert"));
-
-        PublicKey pubKey = new JcaPublicKeyConverter().setProvider(BC).getKey(certHolder.getPublicKeyDataObject());
-        EACSignatureVerifier verifier = new JcaEACSignatureVerifierBuilder().build(certHolder.getPublicKeyDataObject().getUsage(), pubKey);
-
-        if (!certHolder.isSignatureValid(verifier))
-        {
-            fail("signature test failed");
-        }
-    }
-
-    private byte[] getInput(String name)
-        throws IOException
-    {
-        return Streams.readAll(getClass().getResourceAsStream(name));
-    }
-
-    public void testLoadInvalidRequest() throws Exception
-    {
-        // this request contains invalid unsigned integers (see D 2.1.1)
-        EACCertificateRequestHolder requestHolder = new EACCertificateRequestHolder(getInput("REQ_18102010.csr"));
-
-        PublicKey pubKey = new JcaPublicKeyConverter().setProvider(BC).getKey(requestHolder.getPublicKeyDataObject());
-        EACSignatureVerifier verifier = new JcaEACSignatureVerifierBuilder().build(requestHolder.getPublicKeyDataObject().getUsage(), pubKey);
-
-        if (requestHolder.isInnerSignatureValid(verifier))
-        {
-            fail("signature test failed");
-        }
-    }
-
-    public void testLoadCSR() throws Exception
-    {
-        // this request contains invalid unsigned integers (see D 2.1.1)
-        byte[] input = getInput("UTIS00100072.csr");
-   
-        EACCertificateRequestHolder requestHolder = new EACCertificateRequestHolder(input);
-
-        PublicKey pubKey = new JcaPublicKeyConverter().setProvider(BC).getKey(requestHolder.getPublicKeyDataObject());
-        EACSignatureVerifier verifier = new JcaEACSignatureVerifierBuilder().build(requestHolder.getPublicKeyDataObject().getUsage(), pubKey);
-
-        TestCase.assertTrue("signature test failed", requestHolder.isInnerSignatureValid(verifier));
-        TestCase.assertTrue("comparison failed", Arrays.areEqual(input, requestHolder.toASN1Structure().getEncoded()));
-    }
-
-    public void testLoadRefCert() throws Exception
-    {
-        EACCertificateHolder certHolder = new EACCertificateHolder(getInput("at_cert_19a.cvcert"));
-
-
-    }
-
-    public void testGenerateEC()
-        throws Exception
-    {
-        ECParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec("prime256v1");
-        KeyPair kp = generateECKeyPair(ecSpec);
-
-        JcaEACSignerBuilder signerBuilder = new JcaEACSignerBuilder().setProvider(BC);
-
-        EACSigner signer = signerBuilder.build("SHA256withECDSA", kp.getPrivate());
-
-        int role = CertificateHolderAuthorization.CVCA;
-        int rights = CertificateHolderAuthorization.RADG3 | CertificateHolderAuthorization.RADG4;
-
-        EACCertificateBuilder certBuilder = new EACCertificateBuilder(
-            new CertificationAuthorityReference("AU", "BC TEST", "12345"),
-            new JcaPublicKeyConverter().getPublicKeyDataObject(signer.getUsageIdentifier(), kp.getPublic()),
-            new CertificateHolderReference("AU", "BC TEST", "12345"),
-            new CertificateHolderAuthorization(EACObjectIdentifiers.id_EAC_ePassport, role | rights),
-            new PackedDate("110101"),
-            new PackedDate("120101"));
-
-        EACCertificateHolder certHolder = certBuilder.build(signer);
-
-        EACSignatureVerifier verifier = new JcaEACSignatureVerifierBuilder().build(certHolder.getPublicKeyDataObject().getUsage(), kp.getPublic());
-
-        if (!certHolder.isSignatureValid(verifier))
-        {
-            fail("first signature test failed");
-        }
-
-        PublicKey pubKey = new JcaPublicKeyConverter().setProvider(BC).getKey(certHolder.getPublicKeyDataObject());
-        verifier = new JcaEACSignatureVerifierBuilder().build(certHolder.getPublicKeyDataObject().getUsage(), pubKey);
-
-        if (!certHolder.isSignatureValid(verifier))
-        {
-            fail("second signature test failed");
-        }
-    }
-
-    public void testGenerateRSA()
-        throws Exception
-    {
-        KeyPair kp = generateRSAKeyPair();
-
-        JcaEACSignerBuilder signerBuilder = new JcaEACSignerBuilder().setProvider(BC);
-
-        EACSigner signer = signerBuilder.build("SHA256withRSA", kp.getPrivate());
-
-        int role = CertificateHolderAuthorization.CVCA;
-        int rights = CertificateHolderAuthorization.RADG3 | CertificateHolderAuthorization.RADG4;
-
-        EACCertificateBuilder certBuilder = new EACCertificateBuilder(
-            new CertificationAuthorityReference("AU", "BC TEST", "12345"),
-            new JcaPublicKeyConverter().getPublicKeyDataObject(signer.getUsageIdentifier(), kp.getPublic()),
-            new CertificateHolderReference("AU", "BC TEST", "12345"),
-            new CertificateHolderAuthorization(EACObjectIdentifiers.id_EAC_ePassport, role | rights),
-            new PackedDate("110101"),
-            new PackedDate("120101"));
-
-        EACCertificateHolder certHolder = certBuilder.build(signer);
-
-        EACSignatureVerifier verifier = new JcaEACSignatureVerifierBuilder().build(certHolder.getPublicKeyDataObject().getUsage(), kp.getPublic());
-
-        if (!certHolder.isSignatureValid(verifier))
-        {
-            fail("first signature test failed");
-        }
-
-        PublicKey pubKey = new JcaPublicKeyConverter().setProvider(BC).getKey(certHolder.getPublicKeyDataObject());
-        verifier = new JcaEACSignatureVerifierBuilder().build(certHolder.getPublicKeyDataObject().getUsage(), pubKey);
-
-        if (!certHolder.isSignatureValid(verifier))
-        {
-            fail("second signature test failed");
-        }
-    }
-
-    private KeyPair generateECKeyPair(ECParameterSpec spec) throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException
-    {
-        KeyPairGenerator gen = KeyPairGenerator.getInstance("ECDSA",BC);
-
-        gen.initialize(spec, new SecureRandom());
-
-        KeyPair generatedKeyPair = gen.generateKeyPair();
-        return generatedKeyPair;
-    }
-
-    private KeyPair generateRSAKeyPair() throws NoSuchAlgorithmException, NoSuchProviderException, InvalidAlgorithmParameterException
-    {
-        KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA",BC);
-
-        gen.initialize(1024, new SecureRandom());
-
-        KeyPair generatedKeyPair = gen.generateKeyPair();
-        return generatedKeyPair;
-    }
-
-    public static void main(String[] args)
-        throws Exception
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        junit.textui.TestRunner.run(suite());
-    }
-
-    public static Test suite()
-        throws Exception
-    {
-        TestSuite suite = new TestSuite("EAC tests");
-
-        suite.addTestSuite(AllTests.class);
-
-        return new EACTestSetup(suite);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/eac/test/EACTestSetup.java b/bcpkix/src/main/java/org/bouncycastle/eac/test/EACTestSetup.java
deleted file mode 100644
index 92f884c..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/eac/test/EACTestSetup.java
+++ /dev/null

@@ -1,28 +0,0 @@
-
-package org.bouncycastle.eac.test;
-
-import java.security.Security;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-
-class EACTestSetup
-    extends TestSetup
-{
-    public EACTestSetup(Test test)
-    {
-        super(test);
-    }
-
-    protected void setUp()
-    {
-        Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
-    }
-
-    protected void tearDown()
-    {
-        Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME);
-    }
-
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/CACertsResponse.java b/bcpkix/src/main/java/org/bouncycastle/est/CACertsResponse.java
deleted file mode 100644
index 1992687..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/CACertsResponse.java
+++ /dev/null

@@ -1,75 +0,0 @@
-package org.bouncycastle.est;
-
-import org.bouncycastle.cert.X509CRLHolder;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.util.Store;
-
-/**
- * Holder class for a SimplePKIResponse containing the details making up /cacerts response.
- */
-public class CACertsResponse
-{
-    private final Store<X509CertificateHolder> store;
-    private Store<X509CRLHolder> crlHolderStore;
-    private final ESTRequest requestToRetry;
-    private final Source session;
-    private final boolean trusted;
-
-    public CACertsResponse(
-        Store<X509CertificateHolder> store,
-        Store<X509CRLHolder> crlHolderStore,
-        ESTRequest requestToRetry,
-        Source session, boolean trusted)
-    {
-        this.store = store;
-        this.requestToRetry = requestToRetry;
-        this.session = session;
-        this.trusted = trusted;
-        this.crlHolderStore = crlHolderStore;
-    }
-
-    public boolean hasCertificates()
-    {
-        return store != null;
-    }
-
-    public Store<X509CertificateHolder> getCertificateStore()
-    {
-        if (store == null)
-        {
-            throw new IllegalStateException("Response has no certificates.");
-        }
-        return store;
-    }
-
-
-    public boolean hasCRLs()
-    {
-        return crlHolderStore != null;
-    }
-
-    public Store<X509CRLHolder> getCrlStore()
-    {
-        if (crlHolderStore == null)
-        {
-            throw new IllegalStateException("Response has no CRLs.");
-        }
-        return crlHolderStore;
-    }
-
-
-    public ESTRequest getRequestToRetry()
-    {
-        return requestToRetry;
-    }
-
-    public Object getSession()
-    {
-        return session.getSession();
-    }
-
-    public boolean isTrusted()
-    {
-        return trusted;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/CSRAttributesResponse.java b/bcpkix/src/main/java/org/bouncycastle/est/CSRAttributesResponse.java
deleted file mode 100644
index dfa60d6..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/CSRAttributesResponse.java
+++ /dev/null

@@ -1,104 +0,0 @@
-package org.bouncycastle.est;
-
-import java.io.IOException;
-import java.util.Collection;
-import java.util.HashMap;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.est.AttrOrOID;
-import org.bouncycastle.asn1.est.CsrAttrs;
-import org.bouncycastle.util.Encodable;
-
-/**
- * Wrapper class around a CsrAttrs structure.
- */
-public class CSRAttributesResponse
-    implements Encodable
-{
-    private final CsrAttrs csrAttrs;
-    private final HashMap<ASN1ObjectIdentifier, AttrOrOID> index;
-
-    /**
-     * Create a CSRAttributesResponse from the passed in bytes.
-     *
-     * @param responseEncoding BER/DER encoding of the certificate.
-     * @throws ESTException in the event of corrupted data, or an incorrect structure.
-     */
-    public CSRAttributesResponse(byte[] responseEncoding)
-        throws ESTException
-    {
-        this(parseBytes(responseEncoding));
-    }
-
-    /**
-     * Create a CSRAttributesResponse from the passed in ASN.1 structure.
-     *
-     * @param csrAttrs an RFC 7030 CsrAttrs structure.
-     */
-    public CSRAttributesResponse(CsrAttrs csrAttrs)
-        throws ESTException
-    {
-        this.csrAttrs = csrAttrs;
-        this.index = new HashMap<ASN1ObjectIdentifier, AttrOrOID>(csrAttrs.size());
-
-        AttrOrOID[] attrOrOIDs = csrAttrs.getAttrOrOIDs();
-        for (int i = 0; i != attrOrOIDs.length; i++)
-        {
-            AttrOrOID attrOrOID = attrOrOIDs[i];
-
-            if (attrOrOID.isOid())
-            {
-                index.put(attrOrOID.getOid(), attrOrOID);
-            }
-            else
-            {
-                index.put(attrOrOID.getAttribute().getAttrType(), attrOrOID);
-            }
-        }
-    }
-
-    private static CsrAttrs parseBytes(byte[] responseEncoding)
-        throws ESTException
-    {
-        try
-        {
-            return CsrAttrs.getInstance(ASN1Primitive.fromByteArray(responseEncoding));
-        }
-        catch (Exception e)
-        {
-            throw new ESTException("malformed data: " + e.getMessage(), e);
-        }
-    }
-
-    public boolean hasRequirement(ASN1ObjectIdentifier requirementOid)
-    {
-        return index.containsKey(requirementOid);
-    }
-
-    public boolean isAttribute(ASN1ObjectIdentifier requirementOid)
-    {
-        if (index.containsKey(requirementOid))
-        {
-            return !(((AttrOrOID)index.get(requirementOid)).isOid());
-        }
-
-        return false;
-    }
-
-    public boolean isEmpty()
-    {
-        return csrAttrs.size() == 0;
-    }
-
-    public Collection<ASN1ObjectIdentifier> getRequirements()
-    {
-        return index.keySet();
-    }
-
-    public byte[] getEncoded()
-        throws IOException
-    {
-        return csrAttrs.getEncoded();
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/CSRRequestResponse.java b/bcpkix/src/main/java/org/bouncycastle/est/CSRRequestResponse.java
deleted file mode 100644
index e95b22f..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/CSRRequestResponse.java
+++ /dev/null

@@ -1,40 +0,0 @@
-package org.bouncycastle.est;
-
-/**
- * Holder class for a response containing the details making up /csrattrs response.
- */
-public class CSRRequestResponse
-{
-    private final CSRAttributesResponse attributesResponse;
-    private final Source source;
-
-    public CSRRequestResponse(CSRAttributesResponse attributesResponse, Source session)
-    {
-        this.attributesResponse = attributesResponse;
-        this.source = session;
-    }
-
-    public boolean hasAttributesResponse()
-    {
-        return attributesResponse != null;
-    }
-
-    public CSRAttributesResponse getAttributesResponse()
-    {
-        if (attributesResponse == null)
-        {
-            throw new IllegalStateException("Response has no CSRAttributesResponse.");
-        }
-        return attributesResponse;
-    }
-
-    public Object getSession()
-    {
-        return source.getSession();
-    }
-
-    public Source getSource()
-    {
-        return source;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/CTEBase64InputStream.java b/bcpkix/src/main/java/org/bouncycastle/est/CTEBase64InputStream.java
deleted file mode 100644
index 2b1c427..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/CTEBase64InputStream.java
+++ /dev/null

@@ -1,118 +0,0 @@
-package org.bouncycastle.est;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-
-import org.bouncycastle.util.encoders.Base64;
-
-
-class CTEBase64InputStream
-    extends InputStream
-{
-    protected final InputStream src;
-    protected final byte[] rawBuf = new byte[1024];
-    protected final byte[] data = new byte[768];
-    protected final OutputStream dataOutputStream;
-    protected final Long max;
-    protected int rp;
-    protected int wp;
-    protected boolean end;
-    protected long read;
-
-    public CTEBase64InputStream(InputStream src, Long limit)
-    {
-        this.src = src;
-        this.dataOutputStream = new OutputStream()
-        {
-            public void write(int b)
-                throws IOException
-            {
-                data[wp++] = (byte)b;
-            }
-        };
-        this.max = limit;
-    }
-
-    // Pulls a line from the source, decodes it and returns the decoded length.
-    // Or returns -1 if there is nothing more to read and nothing was read in this pass.
-    protected int pullFromSrc()
-        throws IOException
-    {
-
-        if (this.read >= this.max)
-        {
-            return -1;
-        }
-
-        int j = 0;
-        int c = 0;
-        do
-        {
-            j = src.read();
-            /*
-             * RFC2045 All line breaks or other characters not
-             * found in Table 1 must be ignored by decoding software.
-             * https://tools.ietf.org/html/rfc2045#section-6.8
-             * This uses the line brakes to to stop reading data and to decode a chunk.
-             */
-            if (j >= 33 || (j == '\r' || j == '\n'))
-            {
-                if (c >= rawBuf.length)
-                {
-                    throw new IOException("Content Transfer Encoding, base64 line length > 1024");
-                }
-                rawBuf[c++] = (byte)j;
-                read += 1;
-            }
-            else if (j >= 0)
-            {
-                read += 1;
-            }
-        }
-        while (j > -1 && c < rawBuf.length && j != 10 && this.read < this.max);
-
-        if (c > 0)
-        {
-            try
-            {
-                Base64.decode(rawBuf, 0, c, dataOutputStream);
-            }
-            catch (Exception ex)
-            {
-                throw new IOException("Decode Base64 Content-Transfer-Encoding: " + ex);
-            }
-        }
-        else
-        {
-            if (j == -1)
-            {
-                return -1;
-            }
-        }
-        return wp;
-    }
-
-    public int read()
-        throws IOException
-    {
-        // When we have read up to the write pointer (wp) pull some more.
-        if (rp == wp)
-        {
-            rp = 0;
-            wp = 0;
-            int i = pullFromSrc();
-            if (i == -1)
-            {
-                return i;
-            }
-        }
-        return data[rp++] & 0xFF;
-    }
-
-    public void close()
-        throws IOException
-    {
-        src.close();
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/ESTAuth.java b/bcpkix/src/main/java/org/bouncycastle/est/ESTAuth.java
deleted file mode 100644
index e7cdd9e..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/ESTAuth.java
+++ /dev/null

@@ -1,15 +0,0 @@
-package org.bouncycastle.est;
-
-
-/**
- * Base interface for an object with adds HTTP Auth attributes to an ESTRequest
- */
-public interface ESTAuth
-{
-    /**
-     * Add the Auth attributes to the passed in request builder.
-     *
-     * @param reqBldr the builder for the request needing the Auth attributes.
-     */
-    void applyAuth(ESTRequestBuilder reqBldr);
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/ESTClient.java b/bcpkix/src/main/java/org/bouncycastle/est/ESTClient.java
deleted file mode 100644
index c315d23..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/ESTClient.java
+++ /dev/null

@@ -1,16 +0,0 @@
-package org.bouncycastle.est;
-
-import java.io.IOException;
-
-/**
- * ESTClient implement connection to the server.
- * <p>
- * Implementations should be aware that they are responsible for
- * satisfying <a href="https://tools.ietf.org/html/rfc7030#section-3.3">RFC7030 3.3 - TLS Layer</a>
- * including SRP modes.
- */
-public interface ESTClient
-{
-    public ESTResponse doRequest(ESTRequest c)
-        throws IOException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/ESTClientProvider.java b/bcpkix/src/main/java/org/bouncycastle/est/ESTClientProvider.java
deleted file mode 100644
index 61a24b7..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/ESTClientProvider.java
+++ /dev/null

@@ -1,18 +0,0 @@
-package org.bouncycastle.est;
-
-
-/**
- * A client provider is responsible for creating an ESTClient instance.
- */
-public interface ESTClientProvider
-{
-    ESTClient makeClient()
-        throws ESTException;
-
-    /**
-     * Return true if the client is presently configured to verify the server.
-     *
-     * @return true = verifying server.
-     */
-    boolean isTrusted();
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/ESTClientSourceProvider.java b/bcpkix/src/main/java/org/bouncycastle/est/ESTClientSourceProvider.java
deleted file mode 100644
index 3aefa39..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/ESTClientSourceProvider.java
+++ /dev/null

@@ -1,12 +0,0 @@
-package org.bouncycastle.est;
-
-import java.io.IOException;
-
-/**
- * ESTClientSourceProvider, implementations of this are expected to return a source.
- */
-public interface ESTClientSourceProvider
-{
-    Source makeSource(String host, int port)
-        throws IOException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/ESTException.java b/bcpkix/src/main/java/org/bouncycastle/est/ESTException.java
deleted file mode 100644
index b9b8e18..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/ESTException.java
+++ /dev/null

@@ -1,93 +0,0 @@
-package org.bouncycastle.est;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-
-/**
- * Exception emitted by EST classes.
- */
-public class ESTException
-    extends IOException
-{
-    private Throwable cause;
-
-    private InputStream body;
-    private int statusCode;
-
-    private static final long MAX_ERROR_BODY = 8192;
-
-    public ESTException(String msg)
-    {
-        this(msg, null);
-    }
-
-    public ESTException(String msg, Throwable cause)
-    {
-        super(msg);
-        this.cause = cause;
-        body = null;
-        statusCode = 0;
-    }
-
-    public ESTException(String message, Throwable cause, int statusCode, InputStream body)
-    {
-        super(message);
-        this.cause = cause;
-        this.statusCode = statusCode;
-        if (body != null)
-        {
-            byte[] b = new byte[8192];
-            ByteArrayOutputStream bos = new ByteArrayOutputStream();
-            try
-            {
-                int i = body.read(b);
-                while (i >= 0)
-                {
-                    if (bos.size() + i > MAX_ERROR_BODY)
-                    {
-                        i = (int)MAX_ERROR_BODY - bos.size();
-                        bos.write(b, 0, i);
-                        break;
-                    }
-                    bos.write(b, 0, i);
-                    i = body.read(b);
-                }
-                bos.flush();
-                bos.close();
-                this.body = new ByteArrayInputStream(bos.toByteArray());
-                body.close();
-            }
-            catch (Exception ex)
-            {
-                // This is a best effort read, input stream could be dead by this point.
-            }
-        }
-        else
-        {
-            this.body = null;
-        }
-    }
-
-    public Throwable getCause()
-    {
-        return cause;
-    }
-    
-    public String getMessage()
-    {
-        return super.getMessage() + " HTTP Status Code: " + statusCode;
-    }
-
-    public InputStream getBody()
-    {
-        return body;
-    }
-
-    public int getStatusCode()
-    {
-        return statusCode;
-    }
-
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/ESTHijacker.java b/bcpkix/src/main/java/org/bouncycastle/est/ESTHijacker.java
deleted file mode 100644
index 28fda58..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/ESTHijacker.java
+++ /dev/null

@@ -1,18 +0,0 @@
-package org.bouncycastle.est;
-
-
-import java.io.IOException;
-
-/**
- * ESTHijacker can take control of the source after the initial http request
- * has been sent and a response received.
- * A hijacker is then able to send more request or be able to modify the response before returning a response
- * to the original caller.
- * <p>
- * See DigestAuth and BasicAuth.
- */
-public interface ESTHijacker
-{
-    ESTResponse hijack(ESTRequest req, Source sock)
-        throws IOException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/ESTRequest.java b/bcpkix/src/main/java/org/bouncycastle/est/ESTRequest.java
deleted file mode 100644
index 4b8af1d..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/ESTRequest.java
+++ /dev/null

@@ -1,77 +0,0 @@
-package org.bouncycastle.est;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.net.URL;
-import java.util.Map;
-
-/**
- * Implements a basic http request.
- */
-public class ESTRequest
-{
-    final String method;
-    final URL url;
-    HttpUtil.Headers headers = new HttpUtil.Headers();
-    final byte[] data;
-    final ESTHijacker hijacker;
-    final ESTClient estClient;
-    final ESTSourceConnectionListener listener;
-
-    ESTRequest(
-        String method,
-        URL url,
-        byte[] data,
-        ESTHijacker hijacker,
-        ESTSourceConnectionListener listener,
-        HttpUtil.Headers headers,
-        ESTClient estClient)
-    {
-        this.method = method;
-        this.url = url;
-        this.data = data;
-        this.hijacker = hijacker;
-        this.listener = listener;
-        this.headers = headers;
-        this.estClient = estClient;
-    }
-
-    public String getMethod()
-    {
-        return method;
-    }
-
-    public URL getURL()
-    {
-        return url;
-    }
-
-    public Map<String, String[]> getHeaders()
-    {
-        return (Map<String, String[]>)headers.clone();
-    }
-
-    public ESTHijacker getHijacker()
-    {
-        return hijacker;
-    }
-
-    public ESTClient getClient()
-    {
-        return estClient;
-    }
-
-    public ESTSourceConnectionListener getListener()
-    {
-        return listener;
-    }
-
-    public void writeData(OutputStream os)
-        throws IOException
-    {
-        if (data != null)
-        {
-            os.write(data);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/ESTRequestBuilder.java b/bcpkix/src/main/java/org/bouncycastle/est/ESTRequestBuilder.java
deleted file mode 100644
index d7e52ac..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/ESTRequestBuilder.java
+++ /dev/null

@@ -1,90 +0,0 @@
-package org.bouncycastle.est;
-
-import java.net.URL;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * Builder for basic EST requests
- */
-public class ESTRequestBuilder
-{
-    private final String method;
-    private URL url;
-
-    private HttpUtil.Headers headers;
-    ESTHijacker hijacker;
-    ESTSourceConnectionListener listener;
-    ESTClient client;
-    private byte[] data;
-
-    public ESTRequestBuilder(ESTRequest request)
-    {
-
-        this.method = request.method;
-        this.url = request.url;
-        this.listener = request.listener;
-        this.data = request.data;
-        this.hijacker = request.hijacker;
-        this.headers = (HttpUtil.Headers)request.headers.clone();
-        this.client = request.getClient();
-    }
-
-    public ESTRequestBuilder(String method, URL url)
-    {
-        this.method = method;
-        this.url = url;
-        this.headers = new HttpUtil.Headers();
-    }
-
-    public ESTRequestBuilder withConnectionListener(ESTSourceConnectionListener listener)
-    {
-        this.listener = listener;
-
-        return this;
-    }
-
-    public ESTRequestBuilder withHijacker(ESTHijacker hijacker)
-    {
-        this.hijacker = hijacker;
-
-        return this;
-    }
-
-    public ESTRequestBuilder withURL(URL url)
-    {
-        this.url = url;
-
-        return this;
-    }
-
-    public ESTRequestBuilder withData(byte[] data)
-    {
-        this.data = Arrays.clone(data);
-
-        return this;
-    }
-
-    public ESTRequestBuilder addHeader(String key, String value)
-    {
-        headers.add(key, value);
-        return this;
-    }
-
-    public ESTRequestBuilder setHeader(String key, String value)
-    {
-        headers.set(key, value);
-        return this;
-    }
-
-    public ESTRequestBuilder withClient(ESTClient client)
-    {
-        this.client = client;
-        return this;
-    }
-
-    public ESTRequest build()
-    {
-        return new ESTRequest(method, url, data, hijacker, listener, headers, client);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/ESTResponse.java b/bcpkix/src/main/java/org/bouncycastle/est/ESTResponse.java
deleted file mode 100644
index efcc272..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/ESTResponse.java
+++ /dev/null

@@ -1,317 +0,0 @@
-package org.bouncycastle.est;
-
-import java.io.EOFException;
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.Set;
-
-import org.bouncycastle.util.Properties;
-import org.bouncycastle.util.Strings;
-
-/**
- * A basic http response.
- */
-public class ESTResponse
-{
-    private final ESTRequest originalRequest;
-    private final HttpUtil.Headers headers;
-    private final byte[] lineBuffer;
-    private final Source source;
-    private String HttpVersion;
-    private int statusCode;
-    private String statusMessage;
-    private InputStream inputStream;
-    private Long contentLength;
-    private long read = 0;
-    private Long absoluteReadLimit;
-
-    private static final Long ZERO = 0L;
-
-    public ESTResponse(ESTRequest originalRequest, Source source)
-        throws IOException
-    {
-        this.originalRequest = originalRequest;
-        this.source = source;
-
-        if (source instanceof LimitedSource)
-        {
-            this.absoluteReadLimit = ((LimitedSource)source).getAbsoluteReadLimit();
-        }
-
-        Set<String> opts = Properties.asKeySet("org.bouncycastle.debug.est");
-        if (opts.contains("input") ||
-            opts.contains("all"))
-        {
-            this.inputStream = new PrintingInputStream(source.getInputStream());
-        }
-        else
-        {
-            this.inputStream = source.getInputStream();
-        }
-
-        this.headers = new HttpUtil.Headers();
-        this.lineBuffer = new byte[1024];
-
-        process();
-    }
-
-    private void process()
-        throws IOException
-    {
-        //
-        // Status line.
-        //
-        HttpVersion = readStringIncluding(' ');
-        this.statusCode = Integer.parseInt(readStringIncluding(' '));
-        this.statusMessage = readStringIncluding('\n');
-
-
-        //
-        // Headers.
-        //
-        String line = readStringIncluding('\n');
-        int i;
-        while (line.length() > 0)
-        {
-            i = line.indexOf(':');
-            if (i > -1)
-            {
-                String k = Strings.toLowerCase(line.substring(0, i).trim()); // Header keys are case insensitive
-                headers.add(k, line.substring(i + 1).trim());
-            }
-            line = readStringIncluding('\n');
-        }
-
-
-        contentLength = getContentLength();
-
-        //
-        // Concerned that different servers may or may not set a Content-length
-        // for these success types. In this case we will arbitrarily set content length
-        // to zero.
-        //
-        if (statusCode == 204 || statusCode == 202)
-        {
-            if (contentLength == null)
-            {
-                contentLength = 0L;
-            }
-            else
-            {
-                if (statusCode == 204 && contentLength > 0)
-                {
-                    throw new IOException("Got HTTP status 204 but Content-length > 0.");
-                }
-            }
-        }
-
-        if (contentLength == null)
-        {
-            throw new IOException("No Content-length header.");
-        }
-
-        if (contentLength.equals(ZERO))
-        {
-
-            //
-            // The server is likely to hang up the socket and any attempt to read can
-            // result in a broken pipe rather than an eof.
-            // So we will return a dummy input stream that will return eof to anything that reads from it.
-            //
-
-            inputStream = new InputStream()
-            {
-                public int read()
-                    throws IOException
-                {
-                    return -1;
-                }
-            };
-        }
-
-        if (contentLength != null)
-        {
-            if (contentLength < 0)
-            {
-                throw new IOException("Server returned negative content length: " + absoluteReadLimit);
-            }
-
-            if (absoluteReadLimit != null && contentLength >= absoluteReadLimit)
-            {
-                throw new IOException("Content length longer than absolute read limit: " + absoluteReadLimit + " Content-Length: " + contentLength);
-            }
-        }
-
-
-        inputStream = wrapWithCounter(inputStream, absoluteReadLimit);
-        //
-        // Observed that some
-        //
-        if ("base64".equalsIgnoreCase(getHeader("content-transfer-encoding")))
-        {
-            inputStream = new CTEBase64InputStream(inputStream, getContentLength());
-        }
-    }
-
-    public String getHeader(String key)
-    {
-        return headers.getFirstValue(key);
-    }
-
-
-    protected InputStream wrapWithCounter(final InputStream in, final Long absoluteReadLimit)
-    {
-        return new InputStream()
-        {
-            public int read()
-                throws IOException
-            {
-                int i = in.read();
-                if (i > -1)
-                {
-                    read++;
-                    if (absoluteReadLimit != null && read >= absoluteReadLimit)
-                    {
-                        throw new IOException("Absolute Read Limit exceeded: " + absoluteReadLimit);
-                    }
-                }
-                return i;
-            }
-
-            public void close()
-                throws IOException
-            {
-                if (contentLength != null && contentLength - 1 > read)
-                {
-                    throw new IOException("Stream closed before limit fully read, Read: " + read + " ContentLength: " + contentLength);
-                }
-
-                if (in.available() > 0)
-                {
-                    throw new IOException("Stream closed with extra content in pipe that exceeds content length.");
-                }
-
-                in.close();
-            }
-        };
-    }
-
-
-    protected String readStringIncluding(char until)
-        throws IOException
-    {
-        int c = 0;
-        int j;
-        do
-        {
-            j = inputStream.read();
-            lineBuffer[c++] = (byte)j;
-            if (c >= lineBuffer.length)
-            {
-                throw new IOException("Server sent line > " + lineBuffer.length);
-            }
-        }
-        while (j != until && j > -1);
-        if (j == -1)
-        {
-            throw new EOFException();
-        }
-
-        return new String(lineBuffer, 0, c).trim();
-    }
-
-    public ESTRequest getOriginalRequest()
-    {
-        return originalRequest;
-    }
-
-    public HttpUtil.Headers getHeaders()
-    {
-        return headers;
-    }
-
-    public String getHttpVersion()
-    {
-        return HttpVersion;
-    }
-
-    public int getStatusCode()
-    {
-        return statusCode;
-    }
-
-    public String getStatusMessage()
-    {
-        return statusMessage;
-    }
-
-    public InputStream getInputStream()
-    {
-        return inputStream;
-    }
-
-
-    public Source getSource()
-    {
-        return source;
-    }
-
-    public Long getContentLength()
-    {
-        String v = headers.getFirstValue("Content-Length");
-        if (v == null)
-        {
-            return null;
-        }
-        try
-        {
-            return Long.parseLong(v);
-        }
-        catch (RuntimeException nfe)
-        {
-            throw new RuntimeException("Content Length: '" + v + "' invalid. " + nfe.getMessage());
-        }
-    }
-
-    public void close()
-        throws IOException
-    {
-        if (inputStream != null)
-        {
-            inputStream.close();
-        }
-        this.source.close();
-    }
-
-
-    private class PrintingInputStream
-        extends InputStream
-    {
-        private final InputStream src;
-
-        private PrintingInputStream(InputStream src)
-        {
-            this.src = src;
-        }
-
-        public int read()
-            throws IOException
-        {
-            int i = src.read();
-            System.out.print(String.valueOf((char)i));
-            return i;
-        }
-
-        public int available()
-            throws IOException
-        {
-            return src.available();
-        }
-
-        public void close()
-            throws IOException
-        {
-            src.close();
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/ESTService.java b/bcpkix/src/main/java/org/bouncycastle/est/ESTService.java
deleted file mode 100644
index 0dca634..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/ESTService.java
+++ /dev/null

@@ -1,682 +0,0 @@
-package org.bouncycastle.est;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.PrintWriter;
-import java.io.StringWriter;
-import java.net.URL;
-import java.text.SimpleDateFormat;
-import java.util.Collection;
-import java.util.HashSet;
-import java.util.Locale;
-import java.util.Set;
-import java.util.TimeZone;
-import java.util.regex.Pattern;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERPrintableString;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.est.CsrAttrs;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.cert.X509CRLHolder;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cmc.CMCException;
-import org.bouncycastle.cmc.SimplePKIResponse;
-import org.bouncycastle.operator.ContentSigner;
-import org.bouncycastle.pkcs.PKCS10CertificationRequest;
-import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder;
-import org.bouncycastle.util.Selector;
-import org.bouncycastle.util.Store;
-import org.bouncycastle.util.encoders.Base64;
-
-/**
- * ESTService provides unified access to an EST server which is defined as implementing
- * RFC7030.
- */
-public class ESTService
-{
-    protected static final String CACERTS = "/cacerts";
-    protected static final String SIMPLE_ENROLL = "/simpleenroll";
-    protected static final String SIMPLE_REENROLL = "/simplereenroll";
-    protected static final String FULLCMC = "/fullcmc";
-    protected static final String SERVERGEN = "/serverkeygen";
-    protected static final String CSRATTRS = "/csrattrs";
-
-    protected static final Set<String> illegalParts = new HashSet<String>();
-
-    static
-    {
-        illegalParts.add(CACERTS.substring(1));
-        illegalParts.add(SIMPLE_ENROLL.substring(1));
-        illegalParts.add(SIMPLE_REENROLL.substring(1));
-        illegalParts.add(FULLCMC.substring(1));
-        illegalParts.add(SERVERGEN.substring(1));
-        illegalParts.add(CSRATTRS.substring(1));
-    }
-
-
-    private final String server;
-    private final ESTClientProvider clientProvider;
-
-    private static final Pattern pathInvalid = Pattern.compile("^[0-9a-zA-Z_\\-.~!$&'()*+,;=]+");
-
-    ESTService(
-        String serverAuthority, String label,
-        ESTClientProvider clientProvider)
-    {
-
-        serverAuthority = verifyServer(serverAuthority);
-
-        if (label != null)
-        {
-            label = verifyLabel(label);
-            server = "https://" + serverAuthority + "/.well-known/est/" + label;
-        }
-        else
-        {
-            server = "https://" + serverAuthority + "/.well-known/est";
-        }
-
-        this.clientProvider = clientProvider;
-    }
-
-    /**
-     * Utility method to extract all the X509Certificates from a store and return them in an array.
-     *
-     * @param store The store.
-     * @return An arrar of certificates/
-     */
-    public static X509CertificateHolder[] storeToArray(Store<X509CertificateHolder> store)
-    {
-        return storeToArray(store, null);
-    }
-
-    /**
-     * Utility method to extract all the X509Certificates from a store using a filter and to return them
-     * as an array.
-     *
-     * @param store    The store.
-     * @param selector The selector.
-     * @return An array of X509Certificates.
-     */
-    public static X509CertificateHolder[] storeToArray(Store<X509CertificateHolder> store, Selector<X509CertificateHolder> selector)
-    {
-        Collection<X509CertificateHolder> c = store.getMatches(selector);
-        return c.toArray(new X509CertificateHolder[c.size()]);
-    }
-
-    /**
-     * Query the EST server for ca certificates.
-     * <p>
-     * RFC7030 leans heavily on the verification phases of TLS for both client and server verification.
-     * <p>
-     * It does however define a bootstrapping mode where if the client does not have the necessary ca certificates to
-     * validate the server it can defer to an external source, such as a human, to formally accept the ca certs.
-     * <p>
-     * If callers are using bootstrapping they must examine the CACertsResponse and validate it externally.
-     *
-     * @return A store of X509Certificates.
-     */
-    public CACertsResponse getCACerts()
-        throws Exception
-    {
-        ESTResponse resp = null;
-        Exception finalThrowable = null;
-        CACertsResponse caCertsResponse = null;
-        URL url = null;
-        boolean failedBeforeClose = false;
-        try
-        {
-            url = new URL(server + CACERTS);
-
-            ESTClient client = clientProvider.makeClient();
-            ESTRequest req = new ESTRequestBuilder("GET", url).withClient(client).build();
-            resp = client.doRequest(req);
-
-            Store<X509CertificateHolder> caCerts = null;
-            Store<X509CRLHolder> crlHolderStore = null;
-
-
-            if (resp.getStatusCode() == 200)
-            {
-                if (!"application/pkcs7-mime".equals(resp.getHeaders().getFirstValue("Content-Type")))
-                {
-                    String j = resp.getHeaders().getFirstValue("Content-Type") != null ? " got " + resp.getHeaders().getFirstValue("Content-Type") : " but was not present.";
-                    throw new ESTException(("Response : " + url.toString() + "Expecting application/pkcs7-mime ") + j, null, resp.getStatusCode(), resp.getInputStream());
-                }
-
-                try
-                {
-                    if (resp.getContentLength() != null && resp.getContentLength() > 0)
-                    {
-                        ASN1InputStream ain = new ASN1InputStream(resp.getInputStream());
-                        SimplePKIResponse spkr = new SimplePKIResponse(ContentInfo.getInstance((ASN1Sequence)ain.readObject()));
-                        caCerts = spkr.getCertificates();
-                        crlHolderStore = spkr.getCRLs();
-                    }
-                }
-                catch (Throwable ex)
-                {
-                    throw new ESTException("Decoding CACerts: " + url.toString() + " " + ex.getMessage(), ex, resp.getStatusCode(), resp.getInputStream());
-                }
-
-            }
-            else if (resp.getStatusCode() != 204) // 204 are No Content
-            {
-                throw new ESTException("Get CACerts: " + url.toString(), null, resp.getStatusCode(), resp.getInputStream());
-            }
-
-            caCertsResponse = new CACertsResponse(caCerts, crlHolderStore, req, resp.getSource(), clientProvider.isTrusted());
-
-        }
-        catch (Throwable t)
-        {
-            failedBeforeClose = true;
-            if (t instanceof ESTException)
-            {
-                throw (ESTException)t;
-            }
-            else
-            {
-                throw new ESTException(t.getMessage(), t);
-            }
-        }
-        finally
-        {
-            if (resp != null)
-            {
-                try
-                {
-                    resp.close();
-                }
-                catch (Exception t)
-                {
-                    finalThrowable = t;
-                }
-            }
-        }
-
-        if (finalThrowable != null)
-        {
-            if (finalThrowable instanceof ESTException)
-            {
-                throw finalThrowable;
-            }
-            throw new ESTException("Get CACerts: " + url.toString(), finalThrowable, resp.getStatusCode(), null);
-        }
-
-        return caCertsResponse;
-
-
-    }
-
-    /**
-     * Reissue an existing request where the server had previously returned a 202.
-     *
-     * @param priorResponse The prior response.
-     * @return A new ESTEnrollmentResponse
-     * @throws Exception
-     */
-    public EnrollmentResponse simpleEnroll(EnrollmentResponse priorResponse)
-        throws Exception
-    {
-        if (!clientProvider.isTrusted())
-        {
-            throw new IllegalStateException("No trust anchors.");
-        }
-
-        ESTResponse resp = null;
-
-        try
-        {
-            ESTClient client = clientProvider.makeClient();
-            resp = client.doRequest(new ESTRequestBuilder(priorResponse.getRequestToRetry()).withClient(client).build());
-            return handleEnrollResponse(resp);
-        }
-        catch (Throwable t)
-        {
-            if (t instanceof ESTException)
-            {
-                throw (ESTException)t;
-            }
-            else
-            {
-                throw new ESTException(t.getMessage(), t);
-            }
-        }
-        finally
-        {
-            if (resp != null)
-            {
-                resp.close();
-            }
-        }
-    }
-
-    /**
-     * Perform a simple enrollment operation.
-     * <p>
-     * This method accepts an ESPHttpAuth instance to provide basic or digest authentication.
-     * <p>
-     * If authentication is to be performed as part of TLS then this instances client keystore and their keystore
-     * password need to be specified.
-     *
-     * @param certificationRequest The certification request.
-     * @param auth                 The http auth provider, basic auth or digest auth, can be null.
-     * @return The enrolled certificate.
-     */
-    public EnrollmentResponse simpleEnroll(boolean reenroll, PKCS10CertificationRequest certificationRequest, ESTAuth auth)
-        throws IOException
-    {
-        if (!clientProvider.isTrusted())
-        {
-            throw new IllegalStateException("No trust anchors.");
-        }
-
-        ESTResponse resp = null;
-        try
-        {
-            final byte[] data = annotateRequest(certificationRequest.getEncoded()).getBytes();
-
-            URL url = new URL(server + (reenroll ? SIMPLE_REENROLL : SIMPLE_ENROLL));
-
-
-            ESTClient client = clientProvider.makeClient();
-            ESTRequestBuilder req = new ESTRequestBuilder("POST", url).withData(data).withClient(client);
-
-            req.addHeader("Content-Type", "application/pkcs10");
-            req.addHeader("Content-Length", "" + data.length);
-            req.addHeader("Content-Transfer-Encoding", "base64");
-
-            if (auth != null)
-            {
-                auth.applyAuth(req);
-            }
-
-            resp = client.doRequest(req.build());
-
-            return handleEnrollResponse(resp);
-
-        }
-        catch (Throwable t)
-        {
-            if (t instanceof ESTException)
-            {
-                throw (ESTException)t;
-            }
-            else
-            {
-                throw new ESTException(t.getMessage(), t);
-            }
-        }
-        finally
-        {
-            if (resp != null)
-            {
-                resp.close();
-            }
-        }
-
-    }
-
-
-    /**
-     * Implements Enroll with PoP.
-     * Request will have the tls-unique attribute added to it before it is signed and completed.
-     *
-     * @param reEnroll      True = re enroll.
-     * @param builder       The request builder.
-     * @param contentSigner The content signer.
-     * @param auth          Auth modes.
-     * @return Enrollment response.
-     * @throws IOException
-     */
-    public EnrollmentResponse simpleEnrollPoP(boolean reEnroll, final PKCS10CertificationRequestBuilder builder, final ContentSigner contentSigner, ESTAuth auth)
-        throws IOException
-    {
-        if (!clientProvider.isTrusted())
-        {
-            throw new IllegalStateException("No trust anchors.");
-        }
-
-        ESTResponse resp = null;
-        try
-        {
-            URL url = new URL(server + (reEnroll ? SIMPLE_REENROLL : SIMPLE_ENROLL));
-            ESTClient client = clientProvider.makeClient();
-
-            //
-            // Connect supplying a source listener.
-            // The source listener is responsible for completing the PCS10 Cert request and encoding it.
-            //
-            ESTRequestBuilder reqBldr = new ESTRequestBuilder("POST", url).withClient(client).withConnectionListener(new ESTSourceConnectionListener()
-            {
-                public ESTRequest onConnection(Source source, ESTRequest request)
-                    throws IOException
-                {
-                    //
-                    // Add challenge password from tls unique
-                    //
-
-                    if (source instanceof TLSUniqueProvider && ((TLSUniqueProvider)source).isTLSUniqueAvailable())
-                    {
-                        PKCS10CertificationRequestBuilder localBuilder = new PKCS10CertificationRequestBuilder(builder);
-
-                        ByteArrayOutputStream bos = new ByteArrayOutputStream();
-                        byte[] tlsUnique = ((TLSUniqueProvider)source).getTLSUnique();
-
-                        localBuilder.setAttribute(PKCSObjectIdentifiers.pkcs_9_at_challengePassword, new DERPrintableString(Base64.toBase64String(tlsUnique)));
-                        bos.write(annotateRequest(localBuilder.build(contentSigner).getEncoded()).getBytes());
-                        bos.flush();
-
-                        ESTRequestBuilder reqBuilder = new ESTRequestBuilder(request).withData(bos.toByteArray());
-
-                        reqBuilder.setHeader("Content-Type", "application/pkcs10");
-                        reqBuilder.setHeader("Content-Transfer-Encoding", "base64");
-                        reqBuilder.setHeader("Content-Length", Long.toString(bos.size()));
-
-                        return reqBuilder.build();
-                    }
-                    else
-                    {
-                        throw new IOException("Source does not supply TLS unique.");
-                    }
-                }
-            });
-
-            if (auth != null)
-            {
-                auth.applyAuth(reqBldr);
-            }
-
-            resp = client.doRequest(reqBldr.build());
-
-            return handleEnrollResponse(resp);
-
-        }
-        catch (Throwable t)
-        {
-            if (t instanceof ESTException)
-            {
-                throw (ESTException)t;
-            }
-            else
-            {
-                throw new ESTException(t.getMessage(), t);
-            }
-        }
-        finally
-        {
-            if (resp != null)
-            {
-                resp.close();
-            }
-        }
-
-    }
-
-
-    /**
-     * Handles the enroll response, deals with status codes and setting of delays.
-     *
-     * @param resp The response.
-     * @return An EnrollmentResponse.
-     * @throws IOException
-     */
-    protected EnrollmentResponse handleEnrollResponse(ESTResponse resp)
-        throws IOException
-    {
-
-        ESTRequest req = resp.getOriginalRequest();
-        Store<X509CertificateHolder> enrolled = null;
-        if (resp.getStatusCode() == 202)
-        {
-            // Received but not ready.
-            String rt = resp.getHeader("Retry-After");
-
-            if (rt == null)
-            {
-                throw new ESTException("Got Status 202 but not Retry-After header from: " + req.getURL().toString());
-            }
-
-            long notBefore = -1;
-
-
-            try
-            {
-                notBefore = System.currentTimeMillis() + (Long.parseLong(rt) * 1000);
-            }
-            catch (NumberFormatException nfe)
-            {
-                try
-                {
-                    SimpleDateFormat dateFormat = new SimpleDateFormat(
-                        "EEE, dd MMM yyyy HH:mm:ss z", Locale.US);
-                    dateFormat.setTimeZone(TimeZone.getTimeZone("GMT"));
-                    notBefore = dateFormat.parse(rt).getTime();
-                }
-                catch (Exception ex)
-                {
-                    throw new ESTException(
-                        "Unable to parse Retry-After header:" + req.getURL().toString() + " " + ex.getMessage(), null,
-                        resp.getStatusCode(), resp.getInputStream());
-                }
-            }
-
-            return new EnrollmentResponse(null, notBefore, req, resp.getSource());
-
-        }
-        else if (resp.getStatusCode() == 200)
-        {
-            ASN1InputStream ain = new ASN1InputStream(resp.getInputStream());
-            SimplePKIResponse spkr = null;
-            try
-            {
-                spkr = new SimplePKIResponse(ContentInfo.getInstance(ain.readObject()));
-            }
-            catch (CMCException e)
-            {
-                throw new ESTException(e.getMessage(), e.getCause());
-            }
-            enrolled = spkr.getCertificates();
-            return new EnrollmentResponse(enrolled, -1, null, resp.getSource());
-        }
-
-        throw new ESTException(
-            "Simple Enroll: " + req.getURL().toString(), null,
-            resp.getStatusCode(), resp.getInputStream());
-
-    }
-
-    /**
-     * Fetch he CSR Attributes from the server.
-     *
-     * @return A CSRRequestResponse with the attributes.
-     * @throws ESTException
-     */
-    public CSRRequestResponse getCSRAttributes()
-        throws ESTException
-    {
-
-        if (!clientProvider.isTrusted())
-        {
-            throw new IllegalStateException("No trust anchors.");
-        }
-
-        ESTResponse resp = null;
-        CSRAttributesResponse response = null;
-        Exception finalThrowable = null;
-        URL url = null;
-        try
-        {
-            url = new URL(server + CSRATTRS);
-
-            ESTClient client = clientProvider.makeClient();
-            ESTRequest req = new ESTRequestBuilder("GET", url).withClient(client).build(); //    new ESTRequest("GET", url, null);
-            resp = client.doRequest(req);
-
-
-            switch (resp.getStatusCode())
-            {
-            case 200:
-                try
-                {
-                    if (resp.getContentLength() != null && resp.getContentLength() > 0)
-                    {
-                        ASN1InputStream ain = new ASN1InputStream(resp.getInputStream());
-                        ASN1Sequence seq = (ASN1Sequence)ain.readObject();
-                        response = new CSRAttributesResponse(CsrAttrs.getInstance(seq));
-                    }
-                }
-                catch (Throwable ex)
-                {
-                    throw new ESTException("Decoding CACerts: " + url.toString() + " " + ex.getMessage(), ex, resp.getStatusCode(), resp.getInputStream());
-                }
-
-                break;
-            case 204:
-                response = null;
-                break;
-            case 404:
-                response = null;
-                break;
-            default:
-                throw new ESTException(
-                    "CSR Attribute request: " + req.getURL().toString(), null,
-                    resp.getStatusCode(), resp.getInputStream());
-            }
-        }
-        catch (Throwable t)
-        {
-
-            if (t instanceof ESTException)
-            {
-                throw (ESTException)t;
-            }
-            else
-            {
-                throw new ESTException(t.getMessage(), t);
-            }
-        }
-        finally
-        {
-            if (resp != null)
-            {
-                try
-                {
-                    resp.close();
-                }
-                catch (Exception ex)
-                {
-                    finalThrowable = ex;
-                }
-            }
-        }
-
-        if (finalThrowable != null)
-        {
-            if (finalThrowable instanceof ESTException)
-            {
-                throw (ESTException)finalThrowable;
-            }
-            throw new ESTException(finalThrowable.getMessage(), finalThrowable, resp.getStatusCode(), null);
-        }
-
-        return new CSRRequestResponse(response, resp.getSource());
-    }
-
-    private String annotateRequest(byte[] data)
-    {
-        int i = 0;
-        StringWriter sw = new StringWriter();
-        PrintWriter pw = new PrintWriter(sw);
-        // pw.print("-----BEGIN CERTIFICATE REQUEST-----\n");
-        do
-        {
-            if (i + 48 < data.length)
-            {
-                pw.print(Base64.toBase64String(data, i, 48));
-                i += 48;
-            }
-            else
-            {
-                pw.print(Base64.toBase64String(data, i, data.length - i));
-                i = data.length;
-            }
-            pw.print('\n');
-        }
-        while (i < data.length);
-        //  pw.print("-----END CERTIFICATE REQUEST-----\n");
-        pw.flush();
-        return sw.toString();
-    }
-
-
-    private String verifyLabel(String label)
-    {
-        while (label.endsWith("/") && label.length() > 0)
-        {
-            label = label.substring(0, label.length() - 1);
-        }
-
-        while (label.startsWith("/") && label.length() > 0)
-        {
-            label = label.substring(1);
-        }
-
-        if (label.length() == 0)
-        {
-            throw new IllegalArgumentException("Label set but after trimming '/' is not zero length string.");
-        }
-
-        if (!pathInvalid.matcher(label).matches())
-        {
-            throw new IllegalArgumentException("Server path " + label + " contains invalid characters");
-        }
-
-        if (illegalParts.contains(label))
-        {
-            throw new IllegalArgumentException("Label " + label + " is a reserved path segment.");
-        }
-
-        return label;
-
-    }
-
-
-    private String verifyServer(String server)
-    {
-        try
-        {
-
-            while (server.endsWith("/") && server.length() > 0)
-            {
-                server = server.substring(0, server.length() - 1);
-            }
-
-            if (server.contains("://"))
-            {
-                throw new IllegalArgumentException("Server contains scheme, must only be <dnsname/ipaddress>:port, https:// will be added arbitrarily.");
-            }
-
-            URL u = new URL("https://" + server);
-            if (u.getPath().length() == 0 || u.getPath().equals("/"))
-            {
-                return server;
-            }
-
-            throw new IllegalArgumentException("Server contains path, must only be <dnsname/ipaddress>:port, a path of '/.well-known/est/<label>' will be added arbitrarily.");
-
-        }
-        catch (Exception ex)
-        {
-            if (ex instanceof IllegalArgumentException)
-            {
-                throw (IllegalArgumentException)ex;
-            }
-            throw new IllegalArgumentException("Scheme and host is invalid: " + ex.getMessage(), ex);
-        }
-
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/ESTServiceBuilder.java b/bcpkix/src/main/java/org/bouncycastle/est/ESTServiceBuilder.java
deleted file mode 100644
index ed2a861..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/ESTServiceBuilder.java
+++ /dev/null

@@ -1,63 +0,0 @@
-package org.bouncycastle.est;
-
-
-/**
- * Build an RFC7030 (EST) service.
- */
-public class ESTServiceBuilder
-{
-    protected final String server;
-    protected ESTClientProvider clientProvider;
-    protected String label;
-
-    /**
-     * With scheme and host..
-     *
-     * @param server The authority name, eg estserver.co.au
-     */
-    public ESTServiceBuilder(String server)
-    {
-        this.server = server;
-    }
-
-    /**
-     * Set the label as per https://tools.ietf.org/html/rfc7030#section-3.2.2
-     *
-     * @param label The label.
-     * @return this builder.
-     */
-    public ESTServiceBuilder withLabel(String label)
-    {
-        this.label = label;
-        return this;
-    }
-
-    /**
-     * Set the client provider.
-     *
-     * @param clientProvider The client provider.
-     * @return
-     */
-    public ESTServiceBuilder withClientProvider(ESTClientProvider clientProvider)
-    {
-        this.clientProvider = clientProvider;
-        return this;
-    }
-
-    /**
-     * Build the service.
-     *
-     * @return an ESTService.
-     */
-    public ESTService build()
-    {
-        return new ESTService(
-            server,
-            label,
-            clientProvider);
-    }
-
-}
-
-
-

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/ESTSourceConnectionListener.java b/bcpkix/src/main/java/org/bouncycastle/est/ESTSourceConnectionListener.java
deleted file mode 100644
index 7c2c813..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/ESTSourceConnectionListener.java
+++ /dev/null

@@ -1,14 +0,0 @@
-package org.bouncycastle.est;
-
-import java.io.IOException;
-
-/**
- * ESTSourceConnectionListener is called when the source is
- * is connected to the remote end point but no application
- * data has been sent.
- */
-public interface ESTSourceConnectionListener<T, I>
-{
-    ESTRequest onConnection(Source<T> source, ESTRequest request)
-        throws IOException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/EnrollmentResponse.java b/bcpkix/src/main/java/org/bouncycastle/est/EnrollmentResponse.java
deleted file mode 100644
index d2785ee..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/EnrollmentResponse.java
+++ /dev/null

@@ -1,59 +0,0 @@
-package org.bouncycastle.est;
-
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.util.Store;
-
-
-/**
- * Holder class for a response containing the details making up a /simpleenroll response.
- */
-public class EnrollmentResponse
-{
-    private final Store<X509CertificateHolder> store;
-    private final long notBefore;
-    private final ESTRequest requestToRetry;
-    private final Source source;
-
-    public EnrollmentResponse(Store<X509CertificateHolder> store, long notBefore, ESTRequest requestToRetry, Source session)
-    {
-        this.store = store;
-        this.notBefore = notBefore;
-        this.requestToRetry = requestToRetry;
-        this.source = session;
-    }
-
-    public boolean canRetry()
-    {
-        return notBefore < System.currentTimeMillis();
-    }
-
-    public Store<X509CertificateHolder> getStore()
-    {
-        return store;
-    }
-
-    public long getNotBefore()
-    {
-        return notBefore;
-    }
-
-    public ESTRequest getRequestToRetry()
-    {
-        return requestToRetry;
-    }
-
-    public Object getSession()
-    {
-        return source.getSession();
-    }
-
-    public Source getSource()
-    {
-        return source;
-    }
-
-    public boolean isCompleted()
-    {
-        return requestToRetry == null;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/HttpAuth.java b/bcpkix/src/main/java/org/bouncycastle/est/HttpAuth.java
deleted file mode 100644
index 854c448..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/HttpAuth.java
+++ /dev/null

@@ -1,486 +0,0 @@
-package org.bouncycastle.est;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-import java.security.SecureRandom;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
-import org.bouncycastle.operator.DigestAlgorithmIdentifierFinder;
-import org.bouncycastle.operator.DigestCalculator;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-
-/**
- * Provides stock implementations for basic auth and digest auth.
- */
-public class HttpAuth
-    implements ESTAuth
-{
-    private static final DigestAlgorithmIdentifierFinder digestAlgorithmIdentifierFinder = new DefaultDigestAlgorithmIdentifierFinder();
-
-    private final String realm;
-    private final String username;
-    private final char[] password;
-    private final SecureRandom nonceGenerator;
-    private final DigestCalculatorProvider digestCalculatorProvider;
-
-    private static final Set<String> validParts;
-
-    static
-    {
-        HashSet<String> s = new HashSet<String>();
-        s.add("realm");
-        s.add("nonce");
-        s.add("opaque");
-        s.add("algorithm");
-        s.add("qop");
-        validParts = Collections.unmodifiableSet(s);
-    }
-
-    /**
-     * Base constructor for basic auth.
-     *
-     * @param username user id.
-     * @param password user's password.
-     */
-    public HttpAuth(String username, char[] password)
-    {
-        this(null, username, password, null, null);
-    }
-
-    /**
-     * Constructor for basic auth with a specified realm.
-     *
-     * @param realm    expected server realm.
-     * @param username user id.
-     * @param password user's password.
-     */
-    public HttpAuth(String realm, String username, char[] password)
-    {
-        this(realm, username, password, null, null);
-    }
-
-    /**
-     * Base constructor for digest auth. The realm will be set by
-     *
-     * @param username                 user id.
-     * @param password                 user's password.
-     * @param nonceGenerator           random source for generating nonces.
-     * @param digestCalculatorProvider provider for digest calculators needed for calculating hashes.
-     */
-    public HttpAuth(String username, char[] password, SecureRandom nonceGenerator, DigestCalculatorProvider digestCalculatorProvider)
-    {
-        this(null, username, password, nonceGenerator, digestCalculatorProvider);
-    }
-
-    /**
-     * Constructor for digest auth with a specified realm.
-     *
-     * @param realm                    expected server realm.
-     * @param username                 user id.
-     * @param password                 user's password.
-     * @param nonceGenerator           random source for generating nonces.
-     * @param digestCalculatorProvider provider for digest calculators needed for calculating hashes.
-     */
-    public HttpAuth(String realm, String username, char[] password, SecureRandom nonceGenerator, DigestCalculatorProvider digestCalculatorProvider)
-    {
-        this.realm = realm;
-        this.username = username;
-        this.password = password;
-        this.nonceGenerator = nonceGenerator;
-        this.digestCalculatorProvider = digestCalculatorProvider;
-    }
-
-    public void applyAuth(final ESTRequestBuilder reqBldr)
-    {
-        reqBldr.withHijacker(new ESTHijacker()
-        {
-            public ESTResponse hijack(ESTRequest req, Source sock)
-                throws IOException
-            {
-                ESTResponse res = new ESTResponse(req, sock);
-
-                if (res.getStatusCode() == 401)
-                {
-                    String authHeader = res.getHeader("WWW-Authenticate");
-                    if (authHeader == null)
-                    {
-                        throw new ESTException("Status of 401 but no WWW-Authenticate header");
-                    }
-
-                    authHeader = Strings.toLowerCase(authHeader);
-
-                    if (authHeader.startsWith("digest"))
-                    {
-                        res = doDigestFunction(res);
-                    }
-                    else if (authHeader.startsWith("basic"))
-                    {
-                        res.close(); // Close off the last reqBldr.
-
-                        //
-                        // Check realm field from header.
-                        //
-                        Map<String, String> s = HttpUtil.splitCSL("Basic", res.getHeader("WWW-Authenticate"));
-
-                        //
-                        // If no realm supplied it will not check the server realm. TODO elaborate in documentation.
-                        //
-                        if (realm != null)
-                        {
-                            if (!realm.equals(s.get("realm")))
-                            {
-                                // Not equal then fail.
-                                throw new ESTException("Supplied realm '" + realm + "' does not match server realm '" + s.get("realm") + "'", null, 401, null);
-                            }
-                        }
-
-                        //
-                        // Prepare basic auth answer.
-                        //
-                        ESTRequestBuilder answer = new ESTRequestBuilder(req).withHijacker(null);
-
-                        if (realm != null && realm.length() > 0)
-                        {
-                            answer.setHeader("WWW-Authenticate", "Basic realm=\"" + realm + "\"");
-                        }
-                        if (username.contains(":"))
-                        {
-                            throw new IllegalArgumentException("User must not contain a ':'");
-                        }
-                        //userPass = username + ":" + password;
-                        char[]  userPass = new char[username.length() + 1 + password.length];
-                        System.arraycopy(username.toCharArray(), 0, userPass, 0, username.length());
-                        userPass[username.length()] = ':';
-                        System.arraycopy(password, 0, userPass, username.length() + 1, password.length);
-
-                        answer.setHeader("Authorization", "Basic " + Base64.toBase64String(Strings.toByteArray(userPass)));
-
-                        res = req.getClient().doRequest(answer.build());
-
-                        Arrays.fill(userPass, (char)0);
-                    }
-                    else
-                    {
-                        throw new ESTException("Unknown auth mode: " + authHeader);
-                    }
-
-
-                    return res;
-                }
-                return res;
-            }
-        });
-    }
-
-    private ESTResponse doDigestFunction(ESTResponse res)
-        throws IOException
-    {
-        res.close(); // Close off the last request.
-        ESTRequest req = res.getOriginalRequest();
-
-
-        Map<String, String> parts = null;
-        try
-        {
-            parts = HttpUtil.splitCSL("Digest", res.getHeader("WWW-Authenticate"));
-        }
-        catch (Throwable t)
-        {
-            throw new ESTException(
-                "Parsing WWW-Authentication header: " + t.getMessage(),
-                t,
-                res.getStatusCode(),
-                new ByteArrayInputStream(res.getHeader("WWW-Authenticate").getBytes()));
-        }
-
-
-        String uri = null;
-        try
-        {
-            uri = req.getURL().toURI().getPath();
-        }
-        catch (Exception e)
-        {
-            throw new IOException("unable to process URL in request: " + e.getMessage());
-        }
-
-        for (Iterator it = parts.keySet().iterator(); it.hasNext();)
-        {
-            Object k = it.next();
-            if (!validParts.contains(k))
-            {
-                throw new ESTException("Unrecognised entry in WWW-Authenticate header: '" + k + "'");
-            }
-        }
-
-        String method = req.getMethod();
-        String realm = parts.get("realm");
-        String nonce = parts.get("nonce");
-        String opaque = parts.get("opaque");
-        String algorithm = parts.get("algorithm");
-        String qop = parts.get("qop");
-
-
-        List<String> qopMods = new ArrayList<String>(); // Preserve ordering.
-
-        if (this.realm != null)
-        {
-            if (!this.realm.equals(realm))
-            {
-                // Not equal then fail.
-                throw new ESTException("Supplied realm '" + this.realm + "' does not match server realm '" + realm + "'", null, 401, null);
-            }
-        }
-
-        // If an algorithm is not specified, default to MD5.
-        if (algorithm == null)
-        {
-            algorithm = "MD5";
-        }
-
-        if (algorithm.length() == 0)
-        {
-            throw new ESTException("WWW-Authenticate no algorithm defined.");
-        }
-
-        algorithm = Strings.toUpperCase(algorithm);
-
-        if (qop != null)
-        {
-            if (qop.length() == 0)
-            {
-                throw new ESTException("QoP value is empty.");
-            }
-
-            qop = Strings.toLowerCase(qop);
-            String[] s = qop.split(",");
-            for (int j = 0; j != s.length; j++)
-            {
-                if (!s[j].equals("auth") && !s[j].equals("auth-int"))
-                {
-                    throw new ESTException("QoP value unknown: '" + j + "'");
-                }
-
-                String jt = s[j].trim();
-                if (qopMods.contains(jt))
-                {
-                    continue;
-                }
-                qopMods.add(jt);
-            }
-        }
-        else
-        {
-            throw new ESTException("Qop is not defined in WWW-Authenticate header.");
-        }
-
-
-        AlgorithmIdentifier digestAlg = lookupDigest(algorithm);
-        if (digestAlg == null || digestAlg.getAlgorithm() == null)
-        {
-            throw new IOException("auth digest algorithm unknown: " + algorithm);
-        }
-
-        DigestCalculator dCalc = getDigestCalculator(algorithm, digestAlg);
-        OutputStream dOut = dCalc.getOutputStream();
-
-        String crnonce = makeNonce(10); // TODO arbitrary?
-
-        update(dOut, username);
-        update(dOut, ":");
-        update(dOut, realm);
-        update(dOut, ":");
-        update(dOut, password);
-
-        dOut.close();
-
-        byte[] ha1 = dCalc.getDigest();
-
-        if (algorithm.endsWith("-SESS"))
-        {
-            DigestCalculator sessCalc = getDigestCalculator(algorithm, digestAlg);
-            OutputStream sessOut = sessCalc.getOutputStream();
-
-            String cs = Hex.toHexString(ha1);
-
-            update(sessOut, cs);
-            update(sessOut, ":");
-            update(sessOut, nonce);
-            update(sessOut, ":");
-            update(sessOut, crnonce);
-
-            sessOut.close();
-
-            ha1 = sessCalc.getDigest();
-        }
-
-        String hashHa1 = Hex.toHexString(ha1);
-
-        DigestCalculator authCalc = getDigestCalculator(algorithm, digestAlg);
-        OutputStream authOut = authCalc.getOutputStream();
-
-        if (qopMods.get(0).equals("auth-int"))
-        {
-            DigestCalculator reqCalc = getDigestCalculator(algorithm, digestAlg);
-            OutputStream reqOut = reqCalc.getOutputStream();
-
-            req.writeData(reqOut);
-
-            reqOut.close();
-
-            byte[] b = reqCalc.getDigest();
-
-            update(authOut, method);
-            update(authOut, ":");
-            update(authOut, uri);
-            update(authOut, ":");
-            update(authOut, Hex.toHexString(b));
-        }
-        else if (qopMods.get(0).equals("auth"))
-        {
-            update(authOut, method);
-            update(authOut, ":");
-            update(authOut, uri);
-        }
-
-        authOut.close();
-
-        String hashHa2 = Hex.toHexString(authCalc.getDigest());
-
-        DigestCalculator responseCalc = getDigestCalculator(algorithm, digestAlg);
-        OutputStream responseOut = responseCalc.getOutputStream();
-
-        if (qopMods.contains("missing"))
-        {
-            update(responseOut, hashHa1);
-            update(responseOut, ":");
-            update(responseOut, nonce);
-            update(responseOut, ":");
-            update(responseOut, hashHa2);
-        }
-        else
-        {
-            update(responseOut, hashHa1);
-            update(responseOut, ":");
-            update(responseOut, nonce);
-            update(responseOut, ":");
-            update(responseOut, "00000001");
-            update(responseOut, ":");
-            update(responseOut, crnonce);
-            update(responseOut, ":");
-
-            if (qopMods.get(0).equals("auth-int"))
-            {
-                update(responseOut, "auth-int");
-            }
-            else
-            {
-                update(responseOut, "auth");
-            }
-
-            update(responseOut, ":");
-            update(responseOut, hashHa2);
-        }
-
-        responseOut.close();
-
-        String digest = Hex.toHexString(responseCalc.getDigest());
-
-        Map<String, String> hdr = new HashMap<String, String>();
-        hdr.put("username", username);
-        hdr.put("realm", realm);
-        hdr.put("nonce", nonce);
-        hdr.put("uri", uri);
-        hdr.put("response", digest);
-        if (qopMods.get(0).equals("auth-int"))
-        {
-            hdr.put("qop", "auth-int");
-            hdr.put("nc", "00000001");
-            hdr.put("cnonce", crnonce);
-        }
-        else if (qopMods.get(0).equals("auth"))
-        {
-            hdr.put("qop", "auth");
-            hdr.put("nc", "00000001");
-            hdr.put("cnonce", crnonce);
-        }
-        hdr.put("algorithm", algorithm);
-
-        if (opaque == null || opaque.length() == 0)
-        {
-            hdr.put("opaque", makeNonce(20));
-        }
-
-        ESTRequestBuilder answer = new ESTRequestBuilder(req).withHijacker(null);
-
-        answer.setHeader("Authorization", HttpUtil.mergeCSL("Digest", hdr));
-
-        return req.getClient().doRequest(answer.build());
-    }
-
-    private DigestCalculator getDigestCalculator(String algorithm, AlgorithmIdentifier digestAlg)
-        throws IOException
-    {
-        DigestCalculator dCalc;
-        try
-        {
-            dCalc = digestCalculatorProvider.get(digestAlg);
-        }
-        catch (OperatorCreationException e)
-        {
-            throw new IOException("cannot create digest calculator for " + algorithm + ": " + e.getMessage());
-        }
-        return dCalc;
-    }
-
-    private AlgorithmIdentifier lookupDigest(String algorithm)
-    {
-        if (algorithm.endsWith("-SESS"))
-        {
-            algorithm = algorithm.substring(0, algorithm.length() - "-SESS".length());
-        }
-
-        if (algorithm.equals("SHA-512-256"))
-        {
-            return new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512_256, DERNull.INSTANCE);
-        }
-
-        return digestAlgorithmIdentifierFinder.find(algorithm);
-    }
-
-    private void update(OutputStream dOut, char[] value)
-        throws IOException
-    {
-        dOut.write(Strings.toUTF8ByteArray(value));
-    }
-
-    private void update(OutputStream dOut, String value)
-        throws IOException
-    {
-        dOut.write(Strings.toUTF8ByteArray(value));
-    }
-
-    private String makeNonce(int len)
-    {
-        byte[] b = new byte[len];
-        nonceGenerator.nextBytes(b);
-        return Hex.toHexString(b);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/HttpUtil.java b/bcpkix/src/main/java/org/bouncycastle/est/HttpUtil.java
deleted file mode 100644
index ecd09e3..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/HttpUtil.java
+++ /dev/null

@@ -1,281 +0,0 @@
-package org.bouncycastle.est;
-
-
-import java.io.StringWriter;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.Map;
-
-class HttpUtil
-{
-
-    /**
-     * Merge kv into comma separated set of key="value" pairs.
-     *
-     * @param prefix Optional prefix to apply, eg:  prefix key="value" (,key="value")
-     * @param kv
-     * @return
-     */
-    static String mergeCSL(String prefix, Map<String, String> kv)
-    {
-        StringWriter sw = new StringWriter();
-        sw.write(prefix);
-        sw.write(' ');
-        boolean comma = false;
-        for (Iterator it = kv.entrySet().iterator(); it.hasNext();)
-        {
-            Map.Entry<String, String> ent = (Map.Entry<String, String>)it.next();
-
-            if (!comma)
-            {
-                comma = true;
-            }
-            else
-            {
-                sw.write(',');
-            }
-
-            sw.write(ent.getKey());
-            sw.write("=\"");
-            sw.write(ent.getValue());
-            sw.write('"');
-        }
-
-        return sw.toString();
-    }
-
-
-    static Map<String, String> splitCSL(String skip, String src)
-    {
-        src = src.trim();
-        if (src.startsWith(skip))
-        {
-            src = src.substring(skip.length());
-        }
-
-        return new PartLexer(src).Parse();
-    }
-
-
-    static class PartLexer
-    {
-        private final String src;
-        int last = 0;
-        int p = 0;
-
-        PartLexer(String src)
-        {
-            this.src = src;
-        }
-
-
-        Map<String, String> Parse()
-        {
-            Map<String, String> out = new HashMap<String, String>();
-            String key = null;
-            String value = null;
-            while (p < src.length())
-            {
-                skipWhiteSpace();
-
-                key = consumeAlpha();
-                if (key.length() == 0)
-                {
-                    throw new IllegalArgumentException("Expecting alpha label.");
-                }
-                skipWhiteSpace();
-                if (!consumeIf('='))
-                {
-                    throw new IllegalArgumentException("Expecting assign: '='");
-                }
-
-
-                skipWhiteSpace();
-                if (!consumeIf('"'))
-                {
-                    throw new IllegalArgumentException("Expecting start quote: '\"'");
-                }
-                discard();
-
-                value = consumeUntil('"');
-                discard(1);
-                out.put(key, value);
-
-                skipWhiteSpace();
-                if (!consumeIf(','))
-                {
-                    break;
-                }
-                discard();
-            }
-
-            return out;
-        }
-
-
-        private String consumeAlpha()
-        {
-            char c = src.charAt(p);
-            while (p < src.length() && ((c >= 'a' && c <= 'z') || (c >= 'A' && c <= 'Z')))
-            {
-                p++;
-                c = src.charAt(p);
-            }
-            String s = src.substring(last, p);
-            last = p;
-            return s;
-        }
-
-        private void skipWhiteSpace()
-        {
-            while (p < src.length() && (src.charAt(p) < 33))
-            {
-                p++;
-            }
-            last = p;
-        }
-
-        private boolean consumeIf(char c)
-        {
-
-            if (p < src.length() && src.charAt(p) == c)
-            {
-                p++;
-                return true;
-            }
-            return false;
-        }
-
-        private String consumeUntil(char c)
-        {
-            while (p < src.length() && (src.charAt(p) != c))
-            {
-                p++;
-            }
-            String s = src.substring(last, p);
-            last = p;
-            return s;
-        }
-
-        private void discard()
-        {
-            last = p;
-        }
-
-        private void discard(int i)
-        {
-            p += i;
-            last = p;
-        }
-
-    }
-
-    static class Headers
-        extends HashMap<String, String[]>
-    {
-        public Headers()
-        {
-            super();
-        }
-
-        public String getFirstValue(String key)
-        {
-            String[] j = getValues(key);
-            if (j != null && j.length > 0)
-            {
-                return j[0];
-            }
-            return null;
-        }
-
-        public String[] getValues(String key)
-        {
-            key = actualKey(key);
-            if (key == null)
-            {
-                return null;
-            }
-            return get(key);
-        }
-
-        private String actualKey(String header)
-        {
-            if (containsKey(header))
-            {
-                return header;
-            }
-
-            for (Iterator it = keySet().iterator(); it.hasNext();)
-            {
-                String k = (String)it.next();
-                if (header.equalsIgnoreCase(k))
-                {
-                    return k;
-                }
-            }
-
-            return null;
-        }
-
-        private boolean hasHeader(String header)
-        {
-            return actualKey(header) != null;
-        }
-
-
-        public void set(String key, String value)
-        {
-            put(key, new String[]{value});
-        }
-
-        public void add(String key, String value)
-        {
-            put(key, append(get(key), value));
-        }
-
-        public void ensureHeader(String key, String value)
-        {
-            if (!containsKey(key))
-            {
-                set(key, value);
-            }
-        }
-        
-        public Object clone()
-        {
-            Headers n = new Headers();
-            for (Iterator it = entrySet().iterator(); it.hasNext();)
-            {
-                Map.Entry v = (Map.Entry)it.next();
-
-                n.put((String)v.getKey(), copy((String[])v.getValue()));
-            }
-            return n;
-        }
-
-        private String[] copy(String[] vs)
-        {
-            String[] rv = new String[vs.length];
-
-            System.arraycopy(vs, 0, rv, 0, rv.length);
-            
-            return rv;
-        }
-    }
-
-
-    public static String[] append(String[] a, String b)
-    {
-        if (a == null)
-        {
-            return new String[]{b};
-        }
-
-        int length = a.length;
-        String[] result = new String[length + 1];
-        System.arraycopy(a, 0, result, 0, length);
-        result[length] = b;
-        return result;
-    }
-
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/LimitedSource.java b/bcpkix/src/main/java/org/bouncycastle/est/LimitedSource.java
deleted file mode 100644
index 5309a3e..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/LimitedSource.java
+++ /dev/null

@@ -1,15 +0,0 @@
-package org.bouncycastle.est;
-
-
-/**
- * Interface for a Source which can only produce up to a certain number of bytes.
- */
-public interface LimitedSource
-{
-    /**
-     * Return the maximum number of bytes available from this source.
-     *
-     * @return the max bytes this source can produce.
-     */
-    Long getAbsoluteReadLimit();
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/Source.java b/bcpkix/src/main/java/org/bouncycastle/est/Source.java
deleted file mode 100644
index ecb8eb4..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/Source.java
+++ /dev/null

@@ -1,26 +0,0 @@
-package org.bouncycastle.est;
-
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-
-/**
- * Used to Wrap a socket and to provide access to the underlying session.
- *
- * @param <T> Is the type of session that is returned. Eg For JSSE would be SSLSession.
- */
-public interface Source<T>
-{
-    InputStream getInputStream()
-        throws IOException;
-
-    OutputStream getOutputStream()
-        throws IOException;
-
-    T getSession();
-
-    void close()
-        throws IOException;
-
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/TLSUniqueProvider.java b/bcpkix/src/main/java/org/bouncycastle/est/TLSUniqueProvider.java
deleted file mode 100644
index 7e0973f..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/TLSUniqueProvider.java
+++ /dev/null

@@ -1,21 +0,0 @@
-package org.bouncycastle.est;
-
-/**
- * TLSUniqueProvider implementation of this can provide the TLS unique value.
- */
-public interface TLSUniqueProvider
-{
-    /**
-     * Return true if a TLS unique value should be available.
-     *
-     * @return true if a TLS unique should be available, false otherwise.
-     */
-    boolean isTLSUniqueAvailable();
-
-    /**
-     * Return the TLS unique value.
-     *
-     * @return a TLS unique value.
-     */
-    byte[] getTLSUnique();
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/jcajce/ChannelBindingProvider.java b/bcpkix/src/main/java/org/bouncycastle/est/jcajce/ChannelBindingProvider.java
deleted file mode 100644
index a3e8362..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/jcajce/ChannelBindingProvider.java
+++ /dev/null

@@ -1,18 +0,0 @@
-package org.bouncycastle.est.jcajce;
-
-
-import java.net.Socket;
-
-/**
- * Channel Binding Provider provides a method of extracting the
- * ChannelBinding that can be customised specifically for the provider.
- * Presently JSSE does not support RFC 5920.
- * <p>
- * See https://bugs.openjdk.java.net/browse/JDK-6491070
- */
-public interface ChannelBindingProvider
-{
-    boolean canAccessChannelBinding(Socket sock);
-
-    byte[] getChannelBinding(Socket sock, String binding);
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/jcajce/DefaultESTClient.java b/bcpkix/src/main/java/org/bouncycastle/est/jcajce/DefaultESTClient.java
deleted file mode 100644
index a3a5fb4..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/jcajce/DefaultESTClient.java
+++ /dev/null

@@ -1,223 +0,0 @@
-package org.bouncycastle.est.jcajce;
-
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.net.URL;
-import java.nio.charset.Charset;
-import java.util.Iterator;
-import java.util.Map;
-import java.util.Set;
-
-import org.bouncycastle.est.ESTClient;
-import org.bouncycastle.est.ESTClientSourceProvider;
-import org.bouncycastle.est.ESTException;
-import org.bouncycastle.est.ESTRequest;
-import org.bouncycastle.est.ESTRequestBuilder;
-import org.bouncycastle.est.ESTResponse;
-import org.bouncycastle.est.Source;
-import org.bouncycastle.util.Properties;
-
-class DefaultESTClient
-    implements ESTClient
-{
-    private static final Charset utf8 = Charset.forName("UTF-8");
-    private static byte[] CRLF = new byte[]{'\r', '\n'};
-    private final ESTClientSourceProvider sslSocketProvider;
-
-    public DefaultESTClient(ESTClientSourceProvider sslSocketProvider)
-    {
-        this.sslSocketProvider = sslSocketProvider;
-    }
-
-    private static void writeLine(OutputStream os, String s)
-        throws IOException
-    {
-        os.write(s.getBytes());
-        os.write(CRLF);
-    }
-
-    public ESTResponse doRequest(ESTRequest req)
-        throws IOException
-    {
-        ESTResponse resp = null;
-        ESTRequest r = req;
-        int rcCount = 15;
-        do
-        {
-            resp = performRequest(r);
-            r = redirectURL(resp);
-        }
-        while (r != null && --rcCount > 0); // Follow redirects.
-
-        if (rcCount == 0)
-        {
-            throw new ESTException("Too many redirects..");
-        }
-
-        return resp;
-    }
-
-    protected ESTRequest redirectURL(ESTResponse response)
-        throws IOException
-    {
-        ESTRequest redirectingRequest = null;
-
-        if (response.getStatusCode() >= 300 && response.getStatusCode() <= 399)
-        {
-
-            switch (response.getStatusCode())
-            {
-            case 301:
-            case 302:
-            case 303:
-            case 306:
-            case 307:
-                String loc = response.getHeader("Location");
-                if ("".equals(loc))
-                {
-                    throw new ESTException("Redirect status type: " + response.getStatusCode() + " but no location header");
-                }
-
-                ESTRequestBuilder requestBuilder = new ESTRequestBuilder(response.getOriginalRequest());
-                if (loc.startsWith("http"))
-                {
-                    redirectingRequest = requestBuilder.withURL(new URL(loc)).build();
-                }
-                else
-                {
-                    URL u = response.getOriginalRequest().getURL();
-                    redirectingRequest = requestBuilder.withURL(new URL(u.getProtocol(), u.getHost(), u.getPort(), loc)).build();
-                }
-                break;
-            default:
-                throw new ESTException("Client does not handle http status code: " + response.getStatusCode());
-            }
-        }
-
-        if (redirectingRequest != null)
-        {
-            response.close(); // Close original request.
-        }
-
-        return redirectingRequest;
-    }
-
-    public ESTResponse performRequest(ESTRequest c)
-        throws IOException
-    {
-
-
-        ESTResponse res = null;
-        Source socketSource = null;
-        try
-        {
-            socketSource = sslSocketProvider.makeSource(c.getURL().getHost(), c.getURL().getPort());
-            if (c.getListener() != null)
-            {
-                c = c.getListener().onConnection(socketSource, c);
-            }
-
-            //  socketSource = new SSLSocketSource((SSLSocket)sock);
-
-            OutputStream os = null;
-
-            Set<String> opts = Properties.asKeySet("org.bouncycastle.debug.est");
-            if (opts.contains("output") ||
-                opts.contains("all"))
-            {
-                os = new PrintingOutputStream(socketSource.getOutputStream());
-            }
-            else
-            {
-                os = socketSource.getOutputStream();
-            }
-
-            String req = c.getURL().getPath() + ((c.getURL().getQuery() != null) ? c.getURL().getQuery() : "");
-
-            ESTRequestBuilder rb = new ESTRequestBuilder(c);
-
-            Map<String, String[]> headers = c.getHeaders();
-
-            if (!headers.containsKey("Connection"))
-            {
-                rb.addHeader("Connection",  "close" );
-            }
-
-            // Replace host header.
-            URL u = c.getURL();
-            if (u.getPort() > -1)
-            {
-                rb.setHeader("Host", String.format("%s:%d", u.getHost(), u.getPort()));
-            }
-            else
-            {
-                rb.setHeader("Host", u.getHost());
-            }
-
-
-            ESTRequest rc = rb.build();
-
-            writeLine(os, rc.getMethod() + " " + req + " HTTP/1.1");
-
-
-            for (Iterator it = rc.getHeaders().entrySet().iterator(); it.hasNext();)
-            {
-                Map.Entry<String, String[]> ent = (Map.Entry<String, String[]>)it.next();
-                String[] vs = (String[])ent.getValue();
-
-                for (int i = 0; i != vs.length; i++)
-                {
-                    writeLine(os, ent.getKey() + ": " + vs[i]);
-                }
-            }
-
-            os.write(CRLF);
-            os.flush();
-
-            rc.writeData(os);
-
-            os.flush();
-
-            if (rc.getHijacker() != null)
-            {
-                res = rc.getHijacker().hijack(rc, socketSource);
-                return res;
-            }
-            else
-            {
-                res = new ESTResponse(rc, socketSource);
-            }
-
-            return res;
-
-        }
-        finally
-        {
-            // Close only if response not generated.
-            if (socketSource != null && res == null)
-            {
-                socketSource.close();
-            }
-        }
-
-    }
-
-    private class PrintingOutputStream
-        extends OutputStream
-    {
-        private final OutputStream tgt;
-
-        public PrintingOutputStream(OutputStream tgt)
-        {
-            this.tgt = tgt;
-        }
-
-        public void write(int b)
-            throws IOException
-        {
-            System.out.print(String.valueOf((char)b));
-            tgt.write(b);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/jcajce/DefaultESTClientSourceProvider.java b/bcpkix/src/main/java/org/bouncycastle/est/jcajce/DefaultESTClientSourceProvider.java
deleted file mode 100644
index 3154145..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/jcajce/DefaultESTClientSourceProvider.java
+++ /dev/null

@@ -1,148 +0,0 @@
-package org.bouncycastle.est.jcajce;
-
-
-import java.io.IOException;
-import java.security.GeneralSecurityException;
-import java.util.ArrayList;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Set;
-
-import javax.net.ssl.SSLSocket;
-import javax.net.ssl.SSLSocketFactory;
-
-import org.bouncycastle.est.ESTClientSourceProvider;
-import org.bouncycastle.est.Source;
-import org.bouncycastle.util.Strings;
-
-class DefaultESTClientSourceProvider
-    implements ESTClientSourceProvider
-{
-
-    private final SSLSocketFactory sslSocketFactory;
-    private final JsseHostnameAuthorizer hostNameAuthorizer;
-    private final int timeout;
-    private final ChannelBindingProvider bindingProvider;
-    private final Set<String> cipherSuites;
-    private final Long absoluteLimit;
-    private final boolean filterSupportedSuites;
-
-
-    public DefaultESTClientSourceProvider(
-        SSLSocketFactory socketFactory,
-        JsseHostnameAuthorizer hostNameAuthorizer,
-        int timeout, ChannelBindingProvider bindingProvider,
-        Set<String> cipherSuites, Long absoluteLimit,
-        boolean filterSupportedSuites)
-        throws GeneralSecurityException
-    {
-        this.sslSocketFactory = socketFactory;
-        this.hostNameAuthorizer = hostNameAuthorizer;
-        this.timeout = timeout;
-        this.bindingProvider = bindingProvider;
-        this.cipherSuites = cipherSuites;
-        this.absoluteLimit = absoluteLimit;
-        this.filterSupportedSuites = filterSupportedSuites;
-    }
-
-
-    public Source makeSource(String host, int port)
-        throws IOException
-    {
-        SSLSocket sock = (SSLSocket)sslSocketFactory.createSocket(host, port);
-        sock.setSoTimeout(timeout);
-
-        if (cipherSuites != null && !cipherSuites.isEmpty())
-        {
-            // Filter supplied list with what is actually supported.
-            if (filterSupportedSuites)
-            {
-                HashSet<String> fs = new HashSet<String>();
-                String[] supportedCipherSuites = sock.getSupportedCipherSuites();
-                for (int i = 0; i != supportedCipherSuites.length; i++)
-                {
-                    fs.add(supportedCipherSuites[i]);
-                }
-
-                List<String> j = new ArrayList<String>();
-                for (Iterator it = cipherSuites.iterator(); it.hasNext();)
-                {
-                    String s = (String)it.next();
-                    if (fs.contains(s))
-                    {
-                        j.add(s);
-                    }
-                }
-
-                if (j.isEmpty())
-                {
-                    throw new IllegalStateException("No supplied cipher suite is supported by the provider.");
-                }
-
-                sock.setEnabledCipherSuites(j.toArray(new String[j.size()]));
-            }
-            else
-            {
-                sock.setEnabledCipherSuites(cipherSuites.toArray(new String[cipherSuites.size()]));
-            }
-        }
-
-
-        sock.startHandshake();
-
-        if (hostNameAuthorizer != null)
-        {
-            if (!hostNameAuthorizer.verified(host, sock.getSession()))
-            {
-                throw new IOException("Host name could not be verified.");
-            }
-        }
-
-        {
-            String t = Strings.toLowerCase(sock.getSession().getCipherSuite());
-            if (t.contains("_des_") || t.contains("_des40_") || t.contains("_3des_"))
-            {
-                throw new IOException("EST clients must not use DES ciphers");
-            }
-        }
-
-        // check for use of null cipher and fail.
-        if (Strings.toLowerCase(sock.getSession().getCipherSuite()).contains("null"))
-        {
-            throw new IOException("EST clients must not use NULL ciphers");
-        }
-
-        // check for use of anon cipher and fail.
-        if (Strings.toLowerCase(sock.getSession().getCipherSuite()).contains("anon"))
-        {
-            throw new IOException("EST clients must not use anon ciphers");
-        }
-
-        // check for use of export cipher.
-        if (Strings.toLowerCase(sock.getSession().getCipherSuite()).contains("export"))
-        {
-            throw new IOException("EST clients must not use export ciphers");
-        }
-
-        if (sock.getSession().getProtocol().equalsIgnoreCase("tlsv1"))
-        {
-            try
-            {
-                sock.close();
-            }
-            catch (Exception ex)
-            {
-                // Deliberately ignored.
-            }
-            throw new IOException("EST clients must not use TLSv1");
-        }
-
-
-        if (hostNameAuthorizer != null && !hostNameAuthorizer.verified(host, sock.getSession()))
-        {
-            throw new IOException("Hostname was not verified: " + host);
-        }
-        return new LimitedSSLSocketSource(sock, bindingProvider, absoluteLimit);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/jcajce/DefaultESTHttpClientProvider.java b/bcpkix/src/main/java/org/bouncycastle/est/jcajce/DefaultESTHttpClientProvider.java
deleted file mode 100644
index 15a5330..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/jcajce/DefaultESTHttpClientProvider.java
+++ /dev/null

@@ -1,61 +0,0 @@
-package org.bouncycastle.est.jcajce;
-
-import java.util.Set;
-
-import javax.net.ssl.SSLSocketFactory;
-
-import org.bouncycastle.est.ESTClient;
-import org.bouncycastle.est.ESTClientProvider;
-import org.bouncycastle.est.ESTException;
-
-class DefaultESTHttpClientProvider
-    implements ESTClientProvider
-{
-
-    private final JsseHostnameAuthorizer hostNameAuthorizer;
-    private final SSLSocketFactoryCreator socketFactoryCreator;
-
-    private final int timeout;
-    private final ChannelBindingProvider bindingProvider;
-    private final Set<String> cipherSuites;
-    private final Long absoluteLimit;
-    private final boolean filterCipherSuites;
-
-
-    public DefaultESTHttpClientProvider(
-        JsseHostnameAuthorizer hostNameAuthorizer,
-        SSLSocketFactoryCreator socketFactoryCreator, int timeout,
-        ChannelBindingProvider bindingProvider,
-        Set<String> cipherSuites, Long absoluteLimit, boolean filterCipherSuites)
-    {
-
-        this.hostNameAuthorizer = hostNameAuthorizer;
-        this.socketFactoryCreator = socketFactoryCreator;
-        this.timeout = timeout;
-        this.bindingProvider = bindingProvider;
-        this.cipherSuites = cipherSuites;
-        this.absoluteLimit = absoluteLimit;
-        this.filterCipherSuites = filterCipherSuites;
-    }
-
-    public ESTClient makeClient()
-        throws ESTException
-    {
-        try
-        {
-            SSLSocketFactory socketFactory = socketFactoryCreator.createFactory();
-            return new DefaultESTClient(
-                new DefaultESTClientSourceProvider(socketFactory, hostNameAuthorizer, timeout, bindingProvider, cipherSuites, absoluteLimit, filterCipherSuites));
-        }
-        catch (Exception e)
-        {
-            throw new ESTException(e.getMessage(), e.getCause());
-        }
-    }
-
-
-    public boolean isTrusted()
-    {
-        return socketFactoryCreator.isTrusted();
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/jcajce/JcaHttpAuthBuilder.java b/bcpkix/src/main/java/org/bouncycastle/est/jcajce/JcaHttpAuthBuilder.java
deleted file mode 100644
index 84e527c..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/jcajce/JcaHttpAuthBuilder.java
+++ /dev/null

@@ -1,97 +0,0 @@
-package org.bouncycastle.est.jcajce;
-
-import java.security.Provider;
-import java.security.SecureRandom;
-
-import org.bouncycastle.est.HttpAuth;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
-
-/**
- * Builder for HttpAuth operator that handles digest auth using a JCA provider.
- */
-public class JcaHttpAuthBuilder
-{
-    private JcaDigestCalculatorProviderBuilder providerBuilder = new JcaDigestCalculatorProviderBuilder();
-
-    private final String realm;
-    private final String username;
-    private final char[] password;
-    private SecureRandom random = new SecureRandom();
-
-    /**
-     * Base constructor for digest auth.
-     *
-     * @param username user id.
-     * @param password user's password.
-     */
-    public JcaHttpAuthBuilder(String username, char[] password)
-    {
-        this(null, username, password);
-    }
-
-    /**
-     * Base constructor for digest auth with an expected realm.
-     *
-     * @param realm    expected server realm.
-     * @param username user id.
-     * @param password user's password.
-     */
-    public JcaHttpAuthBuilder(String realm, String username, char[] password)
-    {
-        this.realm = realm;
-        this.username = username;
-        this.password = password;
-    }
-
-    /**
-     * Set the provider to use to provide the needed message digests.
-     *
-     * @param provider provider to use.
-     * @return this builder instance.
-     */
-    public JcaHttpAuthBuilder setProvider(Provider provider)
-    {
-        this.providerBuilder.setProvider(provider);
-
-        return this;
-    }
-
-    /**
-     * Set the provider to use to provide the needed message digests.
-     *
-     * @param providerName the name provider to use.
-     * @return this builder instance.
-     */
-    public JcaHttpAuthBuilder setProvider(String providerName)
-    {
-        this.providerBuilder.setProvider(providerName);
-
-        return this;
-    }
-
-    /**
-     * Set the SecureRandom to be used as a source of nonces.
-     *
-     * @param random the secure random to use as a nonce generator.
-     * @return this builder instance.
-     */
-    public JcaHttpAuthBuilder setNonceGenerator(SecureRandom random)
-    {
-        this.random = random;
-
-        return this;
-    }
-
-    /**
-     * Return a HttpAuth implementing digest auth for the user, password, and realm combination.
-     *
-     * @return a HttpAuth object.
-     * @throws OperatorCreationException if there is an issue setting up access to digest operators.
-     */
-    public HttpAuth build()
-        throws OperatorCreationException
-    {
-        return new HttpAuth(realm, username, password, random, providerBuilder.build());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/jcajce/JcaJceUtils.java b/bcpkix/src/main/java/org/bouncycastle/est/jcajce/JcaJceUtils.java
deleted file mode 100644
index cadcd92..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/jcajce/JcaJceUtils.java
+++ /dev/null

@@ -1,217 +0,0 @@
-package org.bouncycastle.est.jcajce;
-
-import java.security.GeneralSecurityException;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.UnrecoverableKeyException;
-import java.security.cert.CRL;
-import java.security.cert.CertPathBuilder;
-import java.security.cert.CertStore;
-import java.security.cert.CertificateException;
-import java.security.cert.CollectionCertStoreParameters;
-import java.security.cert.PKIXBuilderParameters;
-import java.security.cert.PKIXCertPathValidatorResult;
-import java.security.cert.TrustAnchor;
-import java.security.cert.X509CertSelector;
-import java.security.cert.X509Certificate;
-import java.util.Arrays;
-import java.util.Iterator;
-import java.util.Set;
-
-import javax.net.ssl.KeyManagerFactory;
-import javax.net.ssl.X509TrustManager;
-
-import org.bouncycastle.asn1.x509.ExtendedKeyUsage;
-import org.bouncycastle.asn1.x509.KeyPurposeId;
-import org.bouncycastle.asn1.x509.KeyUsage;
-import org.bouncycastle.cert.X509CertificateHolder;
-
-
-/**
- * General utility methods for building common objects for supporting the JCA/JCE/JSSE.
- */
-public class JcaJceUtils
-{
-
-    public static X509TrustManager getTrustAllTrustManager()
-    {
-
-        //
-        // Trust manager signal distrust by throwing exceptions.
-        // This one trust all by doing nothing.
-        //
-
-        return new X509TrustManager()
-        {
-            public void checkClientTrusted(java.security.cert.X509Certificate[] x509Certificates, String s)
-                throws java.security.cert.CertificateException
-            {
-
-            }
-
-            public void checkServerTrusted(java.security.cert.X509Certificate[] x509Certificates, String s)
-                throws java.security.cert.CertificateException
-            {
-
-            }
-
-            public java.security.cert.X509Certificate[] getAcceptedIssuers()
-            {
-                return new java.security.cert.X509Certificate[0];
-            }
-        };
-
-    }
-
-    public static X509TrustManager[] getCertPathTrustManager(final Set<TrustAnchor> anchors, final CRL[] revocationLists)
-    {
-        final X509Certificate[] x509CertificateTrustAnchors = new X509Certificate[anchors.size()];
-        int c = 0;
-        for (Iterator it = anchors.iterator(); it.hasNext();)
-        {
-            TrustAnchor ta = (TrustAnchor)it.next();
-
-            x509CertificateTrustAnchors[c++] = ta.getTrustedCert();
-        }
-
-        return new X509TrustManager[]{new X509TrustManager()
-        {
-            public void checkClientTrusted(X509Certificate[] x509Certificates, String s)
-                throws CertificateException
-            {
-
-            }
-
-            public void checkServerTrusted(X509Certificate[] x509Certificates, String s)
-                throws CertificateException
-            {
-                try
-                {
-                    CertStore certStore = CertStore.getInstance("Collection",
-                        new CollectionCertStoreParameters(Arrays.asList(x509Certificates)), "BC");
-
-                    CertPathBuilder pathBuilder = CertPathBuilder.getInstance("PKIX", "BC");
-
-                    X509CertSelector constraints = new X509CertSelector();
-
-                    constraints.setCertificate(x509Certificates[0]);
-
-
-                    PKIXBuilderParameters param = new PKIXBuilderParameters(anchors, constraints);
-                    param.addCertStore(certStore);
-                    if (revocationLists != null)
-                    {
-                        param.setRevocationEnabled(true);
-                        param.addCertStore(
-                            CertStore.getInstance(
-                                "Collection",
-                                new CollectionCertStoreParameters(Arrays.asList(revocationLists)
-                                )));
-                    }
-                    else
-                    {
-                        param.setRevocationEnabled(false);
-                    }
-
-                    PKIXCertPathValidatorResult result = (PKIXCertPathValidatorResult)pathBuilder.build(param);
-
-                    validateServerCertUsage(x509Certificates[0]);
-
-                }
-                catch (CertificateException e)
-                {
-                    throw e;
-                }
-                catch (GeneralSecurityException e)
-                {
-                    throw new CertificateException("unable to process certificates: " + e.getMessage(), e);
-                }
-            }
-
-            public X509Certificate[] getAcceptedIssuers()
-            {
-                X509Certificate[] rv = new X509Certificate[x509CertificateTrustAnchors.length];
-
-                System.arraycopy(x509CertificateTrustAnchors, 0, rv, 0, rv.length);
-
-                return rv;
-            }
-        }
-        };
-    }
-
-    public static void validateServerCertUsage(X509Certificate x509Certificate)
-        throws CertificateException
-    {
-        try
-        {
-            X509CertificateHolder cert = new X509CertificateHolder(x509Certificate.getEncoded());
-
-            KeyUsage keyUsage = KeyUsage.fromExtensions(cert.getExtensions());
-
-            if (keyUsage != null)
-            {
-                if (keyUsage.hasUsages(KeyUsage.keyCertSign))
-                {
-                    throw new CertificateException("Key usage must not contain keyCertSign");
-                }
-
-                if (!(keyUsage.hasUsages(KeyUsage.digitalSignature) || keyUsage.hasUsages(KeyUsage.keyEncipherment)))
-                {
-                    throw new CertificateException("Key usage must be none, digitalSignature or keyEncipherment");
-                }
-            }
-
-            //
-            // Check extended key usage.
-            //
-            ExtendedKeyUsage extendedKeyUsage = ExtendedKeyUsage.fromExtensions(cert.getExtensions());
-
-            if (extendedKeyUsage != null)
-            {
-                if (!(extendedKeyUsage.hasKeyPurposeId(KeyPurposeId.id_kp_serverAuth) ||
-                    extendedKeyUsage.hasKeyPurposeId(KeyPurposeId.id_kp_msSGC) ||
-                    extendedKeyUsage.hasKeyPurposeId(KeyPurposeId.id_kp_nsSGC)))
-                {
-                    throw new CertificateException("Certificate extended key usage must include serverAuth, msSGC or nsSGC");
-                }
-            }
-
-        }
-        catch (CertificateException c)
-        {
-            throw c;
-        }
-        catch (Exception e)
-        {
-            throw new CertificateException(e.getMessage(), e);
-        }
-    }
-
-
-    public static KeyManagerFactory createKeyManagerFactory(
-        String type,
-        String provider,
-        KeyStore clientKeyStore,
-        char[] clientKeyStorePass)
-        throws UnrecoverableKeyException, NoSuchAlgorithmException, KeyStoreException, NoSuchProviderException
-    {
-        KeyManagerFactory keyManagerFactory = null;
-        if (type == null && provider == null)
-        {
-            keyManagerFactory = KeyManagerFactory.getInstance(KeyManagerFactory.getDefaultAlgorithm());
-        }
-        else if (provider == null)
-        {
-            keyManagerFactory = KeyManagerFactory.getInstance(type);
-        }
-        else
-        {
-            keyManagerFactory = KeyManagerFactory.getInstance(type, provider);
-        }
-        keyManagerFactory.init(clientKeyStore, clientKeyStorePass);
-        return keyManagerFactory;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/jcajce/JsseDefaultHostnameAuthorizer.java b/bcpkix/src/main/java/org/bouncycastle/est/jcajce/JsseDefaultHostnameAuthorizer.java
deleted file mode 100644
index 05b6a36..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/jcajce/JsseDefaultHostnameAuthorizer.java
+++ /dev/null

@@ -1,230 +0,0 @@
-package org.bouncycastle.est.jcajce;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.net.InetAddress;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-import java.util.Collection;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Set;
-import java.util.logging.Level;
-import java.util.logging.Logger;
-
-import javax.net.ssl.SSLSession;
-
-import org.bouncycastle.asn1.x500.AttributeTypeAndValue;
-import org.bouncycastle.asn1.x500.RDN;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x500.style.BCStyle;
-import org.bouncycastle.est.ESTException;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-
-
-/**
- * A typical hostname authorizer for verifying a hostname against the available certificates.
- */
-public class JsseDefaultHostnameAuthorizer
-    implements JsseHostnameAuthorizer
-{
-    private static Logger LOG = Logger.getLogger(JsseDefaultHostnameAuthorizer.class.getName());
-
-    private final Set<String> knownSuffixes;
-
-    /**
-     * Base constructor.
-     * <p>
-     * The authorizer attempts to perform matching (including the use of the wildcard) in accordance with RFC 6125.
-     * </p>
-     * <p>
-     * Known suffixes is a list of public domain suffixes that can't be used as wild cards for
-     * example *.com, or c*c.com, as a dns wildcard could match every/most .com domains if a registrar were issue it.
-     * If *.com is in the known suffixes list will not be allowed to match.
-     * </p>
-     *
-     * @param knownSuffixes a set of suffixes that cannot be wild-carded, e.g. { ".com", ".net", ".org" }
-     */
-    public JsseDefaultHostnameAuthorizer(Set<String> knownSuffixes)
-    {
-        this.knownSuffixes = knownSuffixes;
-    }
-
-    public boolean verified(String name, SSLSession context)
-        throws IOException
-    {
-
-        try
-        {
-            CertificateFactory fac = CertificateFactory.getInstance("X509");
-            X509Certificate cert = (
-                java.security.cert.X509Certificate)fac.generateCertificate(
-                new ByteArrayInputStream((context.getPeerCertificates()[0]).getEncoded()));
-
-            return verify(name, cert);
-        }
-        catch (Exception ex)
-        {
-            if (ex instanceof ESTException)
-            {
-                throw (ESTException)ex;
-            }
-            throw new ESTException(ex.getMessage(), ex);
-        }
-    }
-
-    public boolean verify(String name, X509Certificate cert)
-        throws IOException
-    {
-        //
-        // Test against san.
-        //
-        try
-        {
-            Collection n = cert.getSubjectAlternativeNames();
-            if (n != null)
-            {
-                for (Iterator it = n.iterator(); it.hasNext();)
-                {
-                    List l = (List)it.next();
-                    int type = ((Number)l.get(0)).intValue();
-                    switch (type)
-                    {
-                    case 2:
-                        if (isValidNameMatch(name, l.get(1).toString(), knownSuffixes))
-                        {
-                            return true;
-                        }
-                        break;
-                    case 7:
-                        if (InetAddress.getByName(name).equals(InetAddress.getByName(l.get(1).toString())))
-                        {
-                            return true;
-                        }
-                        break;
-                    default:
-                        // ignore, maybe log
-                        if (LOG.isLoggable(Level.INFO))
-                        {
-                            String value;
-                            if (l.get(1) instanceof byte[])
-                            {
-                                value = Hex.toHexString((byte[])l.get(1));
-                            }
-                            else
-                            {
-                                value = l.get(1).toString();
-                            }
-
-                            LOG.log(Level.INFO, "ignoring type " + type + " value = " + value);
-                        }
-                    }
-                }
-
-                //
-                // As we had subject alternative names, we must not attempt to match against the CN.
-                //
-
-                return false;
-            }
-        }
-        catch (Exception ex)
-        {
-            throw new ESTException(ex.getMessage(), ex);
-        }
-
-        // can't match - would need to check subjectAltName
-        if (cert.getSubjectX500Principal() == null)
-        {
-            return false;
-        }
-
-        // Common Name match only.
-        RDN[] rdNs = X500Name.getInstance(cert.getSubjectX500Principal().getEncoded()).getRDNs();
-        for (int i = rdNs.length - 1; i >= 0; --i)
-        {
-            RDN rdn = rdNs[i];
-            AttributeTypeAndValue[] typesAndValues = rdn.getTypesAndValues();
-            for (int j = 0; j != typesAndValues.length; j++)
-            {
-                AttributeTypeAndValue atv = typesAndValues[j];
-                if (atv.getType().equals(BCStyle.CN))
-                {
-                    return isValidNameMatch(name, atv.getValue().toString(), knownSuffixes);
-                }
-            }
-        }
-        return false;
-    }
-
-
-    public static boolean isValidNameMatch(String name, String dnsName, Set<String> suffixes)
-        throws IOException
-    {
-
-        //
-        // Wild card matching.
-        //
-        if (dnsName.contains("*"))
-        {
-            // Only one astrix 
-            int wildIndex = dnsName.indexOf('*');
-            if (wildIndex == dnsName.lastIndexOf("*"))
-            {
-                if (dnsName.contains("..") || dnsName.charAt(dnsName.length() - 1) == '*')
-                {
-                    return false;
-                }
-
-                int dnsDotIndex = dnsName.indexOf('.', wildIndex);
-
-                if (suffixes != null && suffixes.contains(Strings.toLowerCase(dnsName.substring(dnsDotIndex))))
-                {
-                    throw new IOException("Wildcard `" + dnsName + "` matches known public suffix.");
-                }
-
-                String end = Strings.toLowerCase(dnsName.substring(wildIndex + 1));
-                String loweredName = Strings.toLowerCase(name);
-
-                if (loweredName.equals(end))
-                {
-                    return false; // Must not match wild card exactly there must content to the left of the wildcard.
-                }
-
-                if (end.length() > loweredName.length())
-                {
-                    return false;
-                }
-
-                if (wildIndex > 0)
-                {
-                    if (loweredName.startsWith(dnsName.substring(0, wildIndex)) && loweredName.endsWith(end))
-                    {
-                        return loweredName.substring(wildIndex, loweredName.length() - end.length()).indexOf('.') < 0;
-                    }
-                    else
-                    {
-                        return false;
-                    }
-                }
-
-                // Must be only one '*' and it must be at position 0.
-                String prefix = loweredName.substring(0, loweredName.length() - end.length());
-                if (prefix.indexOf('.') > 0)
-                {
-                    return false;
-                }
-
-                return loweredName.endsWith(end);
-            }
-
-            return false;
-        }
-
-        //
-        // No wild card full equality but ignore case.
-        //
-        return name.equalsIgnoreCase(dnsName);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/jcajce/JsseESTServiceBuilder.java b/bcpkix/src/main/java/org/bouncycastle/est/jcajce/JsseESTServiceBuilder.java
deleted file mode 100644
index cdb5564..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/jcajce/JsseESTServiceBuilder.java
+++ /dev/null

@@ -1,267 +0,0 @@
-package org.bouncycastle.est.jcajce;
-
-
-import java.net.Socket;
-import java.security.NoSuchProviderException;
-import java.security.Provider;
-import java.security.SecureRandom;
-import java.util.Arrays;
-import java.util.HashSet;
-import java.util.Set;
-
-import javax.net.ssl.KeyManager;
-import javax.net.ssl.X509TrustManager;
-
-import org.bouncycastle.est.ESTClientProvider;
-import org.bouncycastle.est.ESTService;
-import org.bouncycastle.est.ESTServiceBuilder;
-
-
-/**
- * Build an RFC7030 (EST) service based on the JSSE.
- */
-public class JsseESTServiceBuilder
-    extends ESTServiceBuilder
-{
-    protected SSLSocketFactoryCreator socketFactoryCreator;
-    protected JsseHostnameAuthorizer hostNameAuthorizer = new JsseDefaultHostnameAuthorizer(null);
-    protected int timeoutMillis = 0;
-    protected ChannelBindingProvider bindingProvider;
-    protected Set<String> supportedSuites = new HashSet<String>();
-    protected Long absoluteLimit;
-    protected SSLSocketFactoryCreatorBuilder sslSocketFactoryCreatorBuilder;
-    protected boolean filterCipherSuites = true;
-
-    /**
-     * Create a builder for a client using a custom SSLSocketFactoryCreator.
-     *
-     * @param server               name of the server to talk to (URL format).
-     * @param socketFactoryCreator a custom creator of socket factories.
-     */
-    public JsseESTServiceBuilder(String server, SSLSocketFactoryCreator socketFactoryCreator)
-    {
-        super(server);
-        if (socketFactoryCreator == null)
-        {
-            throw new NullPointerException("No socket factory creator.");
-        }
-        this.socketFactoryCreator = socketFactoryCreator;
-
-    }
-
-    /**
-     * Create a builder for a client talking to a server that is not yet trusted.
-     *
-     * @param server name of the server to talk to (URL format).
-     */
-    public JsseESTServiceBuilder(String server)
-    {
-        super(server);
-        sslSocketFactoryCreatorBuilder = new SSLSocketFactoryCreatorBuilder(JcaJceUtils.getTrustAllTrustManager());
-    }
-
-    /**
-     * Create a builder for a client talking to a trusted server.
-     *
-     * @param server       name of the server to talk to (URL format).
-     * @param trustManager
-     */
-    public JsseESTServiceBuilder(String server, X509TrustManager trustManager)
-    {
-        super(server);
-        sslSocketFactoryCreatorBuilder = new SSLSocketFactoryCreatorBuilder(trustManager);
-    }
-
-    /**
-     * Create a builder for a client talking to a trusted server.
-     *
-     * @param server       name of the server to talk to (URL format).
-     * @param trustManager
-     */
-    public JsseESTServiceBuilder(String server, X509TrustManager[] trustManager)
-    {
-        super(server);
-        sslSocketFactoryCreatorBuilder = new SSLSocketFactoryCreatorBuilder(trustManager);
-    }
-
-    public JsseESTServiceBuilder withHostNameAuthorizer(JsseHostnameAuthorizer hostNameAuthorizer)
-    {
-        this.hostNameAuthorizer = hostNameAuthorizer;
-        return this;
-    }
-
-    public JsseESTServiceBuilder withClientProvider(ESTClientProvider clientProvider)
-    {
-        this.clientProvider = clientProvider;
-        return this;
-    }
-
-    public JsseESTServiceBuilder withTimeout(int timeoutMillis)
-    {
-        this.timeoutMillis = timeoutMillis;
-        return this;
-    }
-
-    public JsseESTServiceBuilder withReadLimit(long absoluteLimit)
-    {
-        this.absoluteLimit = absoluteLimit;
-        return this;
-    }
-
-
-    public JsseESTServiceBuilder withChannelBindingProvider(ChannelBindingProvider channelBindingProvider)
-    {
-        this.bindingProvider = channelBindingProvider;
-        return this;
-    }
-
-    public JsseESTServiceBuilder addCipherSuites(String name)
-    {
-        this.supportedSuites.add(name);
-        return this;
-    }
-
-    public JsseESTServiceBuilder addCipherSuites(String[] names)
-    {
-        this.supportedSuites.addAll(Arrays.asList(names));
-        return this;
-    }
-
-    public JsseESTServiceBuilder withTLSVersion(String tlsVersion)
-    {
-        if (this.socketFactoryCreator != null)
-        {
-            throw new IllegalStateException("Socket Factory Creator was defined in the constructor.");
-        }
-
-        this.sslSocketFactoryCreatorBuilder.withTLSVersion(tlsVersion);
-
-
-        return this;
-    }
-
-    public JsseESTServiceBuilder withSecureRandom(SecureRandom secureRandom)
-    {
-        if (this.socketFactoryCreator != null)
-        {
-            throw new IllegalStateException("Socket Factory Creator was defined in the constructor.");
-        }
-
-        this.sslSocketFactoryCreatorBuilder.withSecureRandom(secureRandom);
-
-
-        return this;
-    }
-
-    /**
-     * Configure this builder to use the provider with the passed in name.
-     *
-     * @param tlsProviderName the name JSSE Provider to use.
-     * @return the current builder instance.
-     * @throws NoSuchProviderException if the specified provider does not exist.
-     */
-    public JsseESTServiceBuilder withProvider(String tlsProviderName)
-        throws NoSuchProviderException
-    {
-        if (this.socketFactoryCreator != null)
-        {
-            throw new IllegalStateException("Socket Factory Creator was defined in the constructor.");
-        }
-
-        this.sslSocketFactoryCreatorBuilder.withProvider(tlsProviderName);
-
-        return this;
-    }
-
-    /**
-     * Configure this builder to use the passed in provider.
-     *
-     * @param tlsProvider the JSSE Provider to use.
-     * @return the current builder instance.
-     */
-    public JsseESTServiceBuilder withProvider(Provider tlsProvider)
-    {
-        if (this.socketFactoryCreator != null)
-        {
-            throw new IllegalStateException("Socket Factory Creator was defined in the constructor.");
-        }
-
-        this.sslSocketFactoryCreatorBuilder.withProvider(tlsProvider);
-        return this;
-    }
-
-    public JsseESTServiceBuilder withKeyManager(KeyManager keyManager)
-    {
-        if (this.socketFactoryCreator != null)
-        {
-            throw new IllegalStateException("Socket Factory Creator was defined in the constructor.");
-        }
-
-        this.sslSocketFactoryCreatorBuilder.withKeyManager(keyManager);
-        return this;
-    }
-
-    public JsseESTServiceBuilder withKeyManagers(KeyManager[] keyManagers)
-    {
-        if (this.socketFactoryCreator != null)
-        {
-            throw new IllegalStateException("Socket Factory Creator was defined in the constructor.");
-        }
-        this.sslSocketFactoryCreatorBuilder.withKeyManagers(keyManagers);
-        return this;
-    }
-
-    /**
-     * Filter cipher suites with supported before passing to JSSE provider.
-     *
-     * @param filter true, supplied cipher suites will be filtered with supported before passing to the JSSE provider.
-     * @return this;
-     */
-    public JsseESTServiceBuilder withFilterCipherSuites(boolean filter)
-    {
-        this.filterCipherSuites = filter;
-        return this;
-    }
-
-    public ESTService build()
-    {
-        if (bindingProvider == null)
-        {
-            bindingProvider = new ChannelBindingProvider()
-            {
-                public boolean canAccessChannelBinding(Socket sock)
-                {
-                    return false;
-                }
-
-                public byte[] getChannelBinding(Socket sock, String binding)
-                {
-                    return null;
-                }
-            };
-        }
-
-        if (socketFactoryCreator == null)
-        {
-            socketFactoryCreator = sslSocketFactoryCreatorBuilder.build();
-        }
-
-
-        if (clientProvider == null)
-        {
-            clientProvider = new DefaultESTHttpClientProvider(
-                hostNameAuthorizer,
-                socketFactoryCreator,
-                timeoutMillis,
-                bindingProvider,
-                supportedSuites,
-                absoluteLimit, filterCipherSuites);
-        }
-
-        return super.build();
-    }
-
-}
-
-
-

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/jcajce/JsseHostnameAuthorizer.java b/bcpkix/src/main/java/org/bouncycastle/est/jcajce/JsseHostnameAuthorizer.java
deleted file mode 100644
index 0584568..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/jcajce/JsseHostnameAuthorizer.java
+++ /dev/null

@@ -1,21 +0,0 @@
-package org.bouncycastle.est.jcajce;
-
-import java.io.IOException;
-
-import javax.net.ssl.SSLSession;
-
-/**
- * Verify the host name is as expected after the SSL Handshake has been completed.
- */
-public interface JsseHostnameAuthorizer
-{
-    /**
-     * Verify the passed in host name according to the context object.
-     *
-     * @param name    name of the host to be verified.
-     * @param context context object to do the verification under.
-     * @return true if name verified, false otherwise.
-     */
-    boolean verified(String name, SSLSession context)
-        throws IOException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/jcajce/LimitedSSLSocketSource.java b/bcpkix/src/main/java/org/bouncycastle/est/jcajce/LimitedSSLSocketSource.java
deleted file mode 100644
index 53f699a..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/jcajce/LimitedSSLSocketSource.java
+++ /dev/null

@@ -1,70 +0,0 @@
-package org.bouncycastle.est.jcajce;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-
-import javax.net.ssl.SSLSession;
-import javax.net.ssl.SSLSocket;
-
-import org.bouncycastle.est.LimitedSource;
-import org.bouncycastle.est.Source;
-import org.bouncycastle.est.TLSUniqueProvider;
-
-
-class LimitedSSLSocketSource
-    implements Source<SSLSession>, TLSUniqueProvider, LimitedSource
-{
-    protected final SSLSocket socket;
-    private final ChannelBindingProvider bindingProvider;
-    private final Long absoluteReadLimit;
-
-    public LimitedSSLSocketSource(SSLSocket sock, ChannelBindingProvider bindingProvider, Long absoluteReadLimit)
-    {
-        this.socket = sock;
-        this.bindingProvider = bindingProvider;
-        this.absoluteReadLimit = absoluteReadLimit;
-    }
-
-    public InputStream getInputStream()
-        throws IOException
-    {
-        return socket.getInputStream();
-    }
-
-    public OutputStream getOutputStream()
-        throws IOException
-    {
-        return socket.getOutputStream();
-    }
-
-    public SSLSession getSession()
-    {
-        return socket.getSession();
-    }
-
-    public byte[] getTLSUnique()
-    {
-        if (isTLSUniqueAvailable())
-        {
-            return bindingProvider.getChannelBinding(socket, "tls-unique");
-        }
-        throw new IllegalStateException("No binding provider.");
-    }
-
-    public boolean isTLSUniqueAvailable()
-    {
-        return bindingProvider.canAccessChannelBinding(socket);
-    }
-
-    public void close()
-        throws IOException
-    {
-        socket.close();
-    }
-
-    public Long getAbsoluteReadLimit()
-    {
-        return absoluteReadLimit;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/jcajce/SSLSocketFactoryCreator.java b/bcpkix/src/main/java/org/bouncycastle/est/jcajce/SSLSocketFactoryCreator.java
deleted file mode 100644
index 277a2b5..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/jcajce/SSLSocketFactoryCreator.java
+++ /dev/null

@@ -1,15 +0,0 @@
-package org.bouncycastle.est.jcajce;
-
-
-import javax.net.ssl.SSLSocketFactory;
-
-/**
- * Implementations provide SSL socket factories.
- */
-public interface SSLSocketFactoryCreator
-{
-    SSLSocketFactory createFactory()
-        throws Exception;
-
-    boolean isTrusted();
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/jcajce/SSLSocketFactoryCreatorBuilder.java b/bcpkix/src/main/java/org/bouncycastle/est/jcajce/SSLSocketFactoryCreatorBuilder.java
deleted file mode 100644
index 81e65a2..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/jcajce/SSLSocketFactoryCreatorBuilder.java
+++ /dev/null

@@ -1,145 +0,0 @@
-package org.bouncycastle.est.jcajce;
-
-
-import java.security.KeyManagementException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.Provider;
-import java.security.SecureRandom;
-import java.security.Security;
-
-import javax.net.ssl.KeyManager;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLSocketFactory;
-import javax.net.ssl.X509TrustManager;
-
-/**
- * A basic builder to allow configuration of an SSLContext used to create an SSLSocketFactory.
- */
-class SSLSocketFactoryCreatorBuilder
-{
-    protected String tlsVersion = "TLS";
-    protected Provider tlsProvider;
-    protected KeyManager[] keyManagers;
-    protected X509TrustManager[] trustManagers;
-    protected SecureRandom secureRandom = new SecureRandom();
-
-    public SSLSocketFactoryCreatorBuilder(X509TrustManager trustManager)
-    {
-        if (trustManager == null)
-        {
-            throw new NullPointerException("Trust managers can not be null");
-        }
-        this.trustManagers = new X509TrustManager[]{trustManager};
-    }
-
-    public SSLSocketFactoryCreatorBuilder(X509TrustManager[] trustManagers)
-    {
-        if (trustManagers == null)
-        {
-            throw new NullPointerException("Trust managers can not be null");
-        }
-        this.trustManagers = trustManagers;
-    }
-
-    public SSLSocketFactoryCreatorBuilder withTLSVersion(String tlsVersion)
-    {
-        this.tlsVersion = tlsVersion;
-        return this;
-    }
-
-    public SSLSocketFactoryCreatorBuilder withSecureRandom(SecureRandom secureRandom)
-    {
-        this.secureRandom = secureRandom;
-        return this;
-    }
-
-    /**
-     * Configure this builder to use the provider with the passed in name.
-     *
-     * @param tlsProviderName the name JSSE Provider to use.
-     * @return the current builder instance.
-     * @throws NoSuchProviderException if the specified provider does not exist.
-     */
-    public SSLSocketFactoryCreatorBuilder withProvider(String tlsProviderName)
-        throws NoSuchProviderException
-    {
-        this.tlsProvider = Security.getProvider(tlsProviderName);
-        if (this.tlsProvider == null)
-        {
-            throw new NoSuchProviderException("JSSE provider not found: " + tlsProviderName);
-        }
-        return this;
-    }
-
-    /**
-     * Configure this builder to use the passed in provider.
-     *
-     * @param tlsProvider the JSSE Provider to use.
-     * @return the current builder instance.
-     */
-    public SSLSocketFactoryCreatorBuilder withProvider(Provider tlsProvider)
-    {
-        this.tlsProvider = tlsProvider;
-        return this;
-    }
-
-    public SSLSocketFactoryCreatorBuilder withKeyManager(KeyManager keyManager)
-    {
-        if (keyManager == null)
-        {
-            this.keyManagers = null;
-        }
-        else
-        {
-            this.keyManagers = new KeyManager[]{keyManager};
-        }
-        return this;
-    }
-
-    public SSLSocketFactoryCreatorBuilder withKeyManagers(KeyManager[] keyManagers)
-    {
-        this.keyManagers = keyManagers;
-
-        return this;
-    }
-
-    public SSLSocketFactoryCreator build()
-    {
-        return new SSLSocketFactoryCreator()
-        {
-            public boolean isTrusted()
-            {
-                for (int i = 0; i != trustManagers.length; i++)
-                {
-                    X509TrustManager tm = trustManagers[i];
-                    if (tm.getAcceptedIssuers().length > 0)
-                    {
-                        return true;
-                    }
-                }
-
-                return false;
-            }
-
-            public SSLSocketFactory createFactory()
-                throws NoSuchAlgorithmException, NoSuchProviderException, KeyManagementException
-            {
-                SSLContext ctx;
-
-                if (tlsProvider != null)
-                {
-                    ctx = SSLContext.getInstance(tlsVersion, tlsProvider);
-                }
-                else
-                {
-                    ctx = SSLContext.getInstance(tlsVersion);
-                }
-
-                ctx.init(keyManagers, trustManagers, secureRandom);
-
-                return ctx.getSocketFactory();
-            }
-        };
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/jcajce/package.html b/bcpkix/src/main/java/org/bouncycastle/est/jcajce/package.html
deleted file mode 100644
index 5b4f5b4..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/jcajce/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-JCA/JCE/JSSE support Enrollment over Secure Transport.
-</body>
-</html>

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/package.html b/bcpkix/src/main/java/org/bouncycastle/est/package.html
deleted file mode 100644
index de12c55..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-A package for processing messages for RFC 7030 "Enrollment over Secure Transport".
-</body>
-</html>

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/test/AllTests.java b/bcpkix/src/main/java/org/bouncycastle/est/test/AllTests.java
deleted file mode 100644
index 34080fe..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/test/AllTests.java
+++ /dev/null

@@ -1,42 +0,0 @@
-package org.bouncycastle.est.test;
-
-import java.security.Security;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-
-public class AllTests
-    extends TestCase
-{
-    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
-
-    public void setUp()
-    {
-        if (Security.getProvider(BC) != null)
-        {
-            Security.addProvider(new BouncyCastleProvider());
-        }
-    }
-
-    public static void main(String[] args)
-        throws Exception
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        junit.textui.TestRunner.run(suite());
-    }
-
-    public static Test suite()
-        throws Exception
-    {
-        TestSuite suite = new TestSuite("EST tests");
-
-        suite.addTestSuite(ESTParsingTest.class);
-        suite.addTestSuite(HostNameAuthorizerMatchTest.class);
-        suite.addTestSuite(TestHostNameAuthorizer.class);
-
-        return new ESTTestSetup(suite);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/test/ESTParsingTest.java b/bcpkix/src/main/java/org/bouncycastle/est/test/ESTParsingTest.java
deleted file mode 100644
index a690eb4..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/test/ESTParsingTest.java
+++ /dev/null

@@ -1,217 +0,0 @@
-package org.bouncycastle.est.test;
-
-import java.math.BigInteger;
-import java.util.Collection;
-
-import junit.framework.TestCase;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1String;
-import org.bouncycastle.asn1.pkcs.Attribute;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.selector.X509CertificateHolderSelector;
-import org.bouncycastle.cmc.SimplePKIResponse;
-import org.bouncycastle.est.CSRAttributesResponse;
-import org.bouncycastle.pkcs.PKCS10CertificationRequest;
-import org.bouncycastle.util.Store;
-import org.bouncycastle.util.encoders.Base64;
-
-public class ESTParsingTest
-    extends TestCase
-{
-    private static byte[] cacertsResponse = Base64.decode(
-        "MIIMOQYJKoZIhvcNAQcCoIIMKjCCDCYCAQExADALBgkqhkiG9w0BBwGgggwMMIIC" +
-            "+zCCAeOgAwIBAgIJAJpY3nUZO3qcMA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNVBAMT" +
-            "EGVzdEV4YW1wbGVDQSBPd08wHhcNMTMwNTA5MDM1MzMxWhcNMTQwNTA5MDM1MzMx" +
-            "WjAbMRkwFwYDVQQDExBlc3RFeGFtcGxlQ0EgT3dPMIIBIjANBgkqhkiG9w0BAQEF" +
-            "AAOCAQ8AMIIBCgKCAQEAwDqpiHopaICubpRqbpEN7LqTIqWELFIA9qDDheHIKuyO" +
-            "HW/ZAP7Rl4S5ZU6gaLW/ksseBUxdmox3KNyvtyjehIofTu28eZWhgy6/LCEGWR3P" +
-            "K+fgPBA0l0JfJR/8oeXZa70oLVQc3hI4kCeqjFMs+biYH0vp/RluhftyZ5kzQyH1" +
-            "EGsRkw1/qUKkTZ8PCF8VFlYfqmUoqsaRTyZbjII4J+Y6/jEG+p7QreW9zcz4sPe8" +
-            "3c/uhwMLOWQkZtKsQtgo5CpfYMjuAmk4Q2joQq2vcxlc+WNKHf+wbrDb11ORZril" +
-            "9ISlI94oumcRz3uBG1Yg7z83hdDfasmdfbp8gOSNFQIDAQABo0IwQDAPBgNVHRMB" +
-            "Af8EBTADAQH/MB0GA1UdDgQWBBQITTKxMqATXrfc4ffpCIbt6Gsz0jAOBgNVHQ8B" +
-            "Af8EBAMCAQYwDQYJKoZIhvcNAQEFBQADggEBACPnQPu5WReUGuCMS0nBOGa2tXh6" +
-            "uZP4mS3J1qEfDePam/IiU9ssyYdcDwhVvKMoP4gI/yu4XFqhdpIoy/PyD4T15MT7" +
-            "KADCxXkh5rM1IqMui7FvBKLWYGdy9sjEf90wAkBjHBe/TMO1NNw3uELyONSkHIvo" +
-            "X0pu6aPmm/moIMyGi46niFse1iWlXXldGLkOQsh0e7U+wpBX07QpOr2KB2+Yf+uA" +
-            "KY1SWzEG23bUxXlvcbUMgANDGj5r6z+niKL0VlApip/iCuVEEOcZ91UlmJjVLQWA" +
-            "x6ie+v84oM+pIojiGM0C4XWcVlKKEgcMOsN3S4lvm8Ptpq0GLoIJY8NTD20wggMD" +
-            "MIIB66ADAgECAgEBMA0GCSqGSIb3DQEBBQUAMBsxGTAXBgNVBAMTEGVzdEV4YW1w" +
-            "bGVDQSBPd08wHhcNMTMwNTA5MDM1MzMyWhcNMTQwNTA5MDM1MzMyWjAbMRkwFwYD" +
-            "VQQDExBlc3RFeGFtcGxlQ0EgTndPMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIB" +
-            "CgKCAQEAnn3rZ3rMJHwf7MD9K4mubxHAvtdnrsQf5OfgtMhRIL4aePNhAdgPyj8C" +
-            "loxOgD3UTV+dQ1ViOzVxPN7acikoOnkIdRpjpOpkyMo+KkvHMQXGnQTbsMAv1qWt" +
-            "9S12DMpo0GOA1e4Ge3ud5YPOTR/q6PvjN51IEwYKksG7CglwZwB+5JbwhYr2D/0u" +
-            "btGltriRVixPWrvt+wz/ITp5rcjh/8RS3LE8tQy3kTNhJF3Y/esR2sSgOiPNgIto" +
-            "CATysbaINEPr4MemqML4tDpR/aG9y+8Qe7s1LyMFvDletp2mmBykAC/7nOat/pwU" +
-            "lB0sN524D1XAgz8ZKvWrkh+ZaOr3hwIDAQABo1IwUDAOBgNVHQ8BAf8EBAMCBLAw" +
-            "HQYDVR0OBBYEFLHEaeZbowSn2Jejizu/uWqyMkI8MB8GA1UdIwQYMBaAFAhNMrEy" +
-            "oBNet9zh9+kIhu3oazPSMA0GCSqGSIb3DQEBBQUAA4IBAQCLDkL7aLNV6hSOkIqH" +
-            "q+shV9YLO56/tj00vY/jV5skgDHk5d0B+OGortKVuGa57+v0avTrlJns3bNW8Ntv" +
-            "zkDEhmd00Ak02aPsi4wRHLFgttUf9HdEHAuTkAESPTU43DiptjkfHhtBMfsFrCkd" +
-            "sxWzCz+prDOMHYfUEkhRVV++1zyGEX6ov1Ap2IU2p3E+ASihL/amxTEQAsbwjUTI" +
-            "R52zoL6nMPzpbKeZi2M0eEBVF8sDueA9Hjo6woLjgJqV0/yc5vC2HAxUOhx0cWTY" +
-            "GcRBgL/yOyQLKiY5TKBH951OjQ4vhF2HmcoO7DkcNLYJOge16ssx4ogBHul20VgF" +
-            "XJJjMIIDAzCCAeugAwIBAgIBAjANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBl" +
-            "c3RFeGFtcGxlQ0EgTndOMB4XDTEzMDUwOTAzNTMzMloXDTE0MDUwOTAzNTMzMlow" +
-            "GzEZMBcGA1UEAxMQZXN0RXhhbXBsZUNBIE93TjCCASIwDQYJKoZIhvcNAQEBBQAD" +
-            "ggEPADCCAQoCggEBAMA6qYh6KWiArm6Uam6RDey6kyKlhCxSAPagw4XhyCrsjh1v" +
-            "2QD+0ZeEuWVOoGi1v5LLHgVMXZqMdyjcr7co3oSKH07tvHmVoYMuvywhBlkdzyvn" +
-            "4DwQNJdCXyUf/KHl2Wu9KC1UHN4SOJAnqoxTLPm4mB9L6f0ZboX7cmeZM0Mh9RBr" +
-            "EZMNf6lCpE2fDwhfFRZWH6plKKrGkU8mW4yCOCfmOv4xBvqe0K3lvc3M+LD3vN3P" +
-            "7ocDCzlkJGbSrELYKOQqX2DI7gJpOENo6EKtr3MZXPljSh3/sG6w29dTkWa4pfSE" +
-            "pSPeKLpnEc97gRtWIO8/N4XQ32rJnX26fIDkjRUCAwEAAaNSMFAwDgYDVR0PAQH/" +
-            "BAQDAgSwMB0GA1UdDgQWBBQITTKxMqATXrfc4ffpCIbt6Gsz0jAfBgNVHSMEGDAW" +
-            "gBSxxGnmW6MEp9iXo4s7v7lqsjJCPDANBgkqhkiG9w0BAQUFAAOCAQEALhDaE6Mp" +
-            "BINBsJozdbXlijrWxL1CSv8f4GwpUFk3CgZjibt/qW9UoaNR4E58yRopuEhjwFZK" +
-            "2w8YtRqx8IZoFhcoLkpBDfgLLwhoztzbYvOVKQMidjBlkBEVNR5MWdrs7F/AxWuy" +
-            "iZ2+8AnR8GwqEIbCD0A7xIghmWEMh/BVI9C7GLqd6PxKrTAjuDfEpfdWhU/uYKmK" +
-            "cL3XDbSwr30j2EQyaTV/3W0Tn2UfuxdwDQ4ZJs9G+Mw50s7AG6CpISyOIFmX6/bU" +
-            "DpJXGLiLwfJ9C/aum9nylYuGCJ68BuTrCs9567KGfXEXI0mdFFCL7TaVR43kjsg3" +
-            "c43kZ7369MeEZzCCAvswggHjoAMCAQICCQDprp3DmjOyETANBgkqhkiG9w0BAQUF" +
-            "ADAbMRkwFwYDVQQDExBlc3RFeGFtcGxlQ0EgTndOMB4XDTEzMDUwOTAzNTMzMloX" +
-            "DTE0MDUwOTAzNTMzMlowGzEZMBcGA1UEAxMQZXN0RXhhbXBsZUNBIE53TjCCASIw" +
-            "DQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJ5962d6zCR8H+zA/SuJrm8RwL7X" +
-            "Z67EH+Tn4LTIUSC+GnjzYQHYD8o/ApaMToA91E1fnUNVYjs1cTze2nIpKDp5CHUa" +
-            "Y6TqZMjKPipLxzEFxp0E27DAL9alrfUtdgzKaNBjgNXuBnt7neWDzk0f6uj74zed" +
-            "SBMGCpLBuwoJcGcAfuSW8IWK9g/9Lm7Rpba4kVYsT1q77fsM/yE6ea3I4f/EUtyx" +
-            "PLUMt5EzYSRd2P3rEdrEoDojzYCLaAgE8rG2iDRD6+DHpqjC+LQ6Uf2hvcvvEHu7" +
-            "NS8jBbw5XradppgcpAAv+5zmrf6cFJQdLDeduA9VwIM/GSr1q5IfmWjq94cCAwEA" +
-            "AaNCMEAwDwYDVR0TAQH/BAUwAwEB/zAdBgNVHQ4EFgQUscRp5lujBKfYl6OLO7+5" +
-            "arIyQjwwDgYDVR0PAQH/BAQDAgEGMA0GCSqGSIb3DQEBBQUAA4IBAQBCz/CWdYvn" +
-            "GM/SdCdEiom5A1VxaW8nKgCWg/EyWtAIiaHQuViB+jTUAE9lona2MbJoFHW8U5e8" +
-            "9dCP0rJpA9UYXXhWvFQzd5ZWpms4wUYt1j3gqqd36KorJIAuPigVng13yKytxM7c" +
-            "VmxQnh0aux3aEnEyRGAhGalHp0RaKdgPRzUaGtipJTNBkSV5S4kD4yDCPHMNbBu+" +
-            "OcluerwEpbz6GvE7CpXl2jrTBZSqBsFelq0iz4kk9++9CnwZwrVgdzklhRfJ1Z4j" +
-            "NkLruwbQ+o4NvBZsXiKxNfn3K2o3SK8AuaEyDWkq18+5rjcfprRO8x4YTW+6mXPq" +
-            "jM0MAGNDEW+1oQAxAA=="
-    );
-
-    private static byte[] csrattrs1 = Base64.decode(
-        "MEEGCSqGSIb3DQEJBzASBgcqhkjOPQIBMQcGBSuBBAAiMBYGCSqGSIb3DQEJDjEJ" +
-            "BgcrBgEBAQEWBggqhkjOPQQDAw=="
-    );
-
-    private static byte[] csrattrs2 = Base64.decode(
-        "MHwGBysGAQEBARYwIgYDiDcBMRsTGVBhcnNlIFNFVCBhcyAyLjk5OS4xIGRhdGEG" +
-            "CSqGSIb3DQEJBzAsBgOINwIxJQYDiDcDBgOINwQTGVBhcnNlIFNFVCBhcyAyLjk5" +
-            "OS4yIGRhdGEGCSskAwMCCAEBCwYJYIZIAWUDBAIC"
-    );
-
-    private static byte[] clientSimpleEnrol = Base64.decode(
-            "MIIChTCCAW0CAQAwHzEdMBsGA1UEAxMUZGVtb3N0ZXA0IDEzNjgxNDEzNTIwggEi" +
-            "MA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQClNp+kdz+Nj8XpEp9kaumWxDZ3" +
-            "eFYJpQKz9ddD5e5OzUeCm103ZIXQIxc0eVtMCatnRr3dnZRCAxGjwbqoB3eKt29/" +
-            "XSQffVv+odbyw0WdkQOIbntCQry8YdcBZ+8LjI/N7M2krmjmoSLmLwU2V4aNKf0Y" +
-            "MLR5Krmah3Ik31jmYCSvwTnv6mx6pr2pTJ82JavhTEIIt/fAYq1RYhkM1CXoBL+y" +
-            "hEoDanN7TzC94skfS3VV+f53J9SkUxTYcy1Rw0k3VXfxWwy+cSKEPREl7I6k0YeK" +
-            "tDEVAgBIEYM/L1S69RXTLujirwnqSRjOquzkAkD31BE961KZCxeYGrhxaR4PAgMB" +
-            "AAGgITAfBgkqhkiG9w0BCQcxEhMQK3JyQ2lyLzcrRVl1NTBUNDANBgkqhkiG9w0B" +
-            "AQUFAAOCAQEARBv0AJeXaHpl1MFIdzWqoi1dOCf6U+qaYWcBzpLADvJrPK1qx5pq" +
-            "wXM830A1O+7RvrFv+nyd6VF2rl/MrNp+IsKuA9LYWIBjVe/LXoBO8dB/KxrYl16c" +
-            "VUS+Yydi1m/a+DaftYSRGolMLtWeiqbc2SDBr2kHXW1TR130hIcpwmr29kC2Kzur" +
-            "5thsuj276FGL1vPu0dRfGQfx4WWa9uAHBgz6tW37CepZsrUKe/0pfVhr2oHxApYh" +
-            "cHGBQDQHVTFVjHccdUjAXicrtbsVhU5o1lPv7f4lEApv3SBQmJcaq5O832BzHw7n" +
-            "PyMFcM15E9gtUVee5C62bVwuk/tbnGsbwQ=="
-    );
-
-    private static byte[] serverSimpleEnrolResponse = Base64.decode(
-        "MIIDOAYJKoZIhvcNAQcCoIIDKTCCAyUCAQExADALBgkqhkiG9w0BBwGgggMLMIID" +
-            "BzCCAe+gAwIBAgIBFTANBgkqhkiG9w0BAQUFADAbMRkwFwYDVQQDExBlc3RFeGFt" +
-            "cGxlQ0EgTndOMB4XDTEzMDUwOTIzMTU1M1oXDTE0MDUwOTIzMTU1M1owHzEdMBsG" +
-            "A1UEAxMUZGVtb3N0ZXA0IDEzNjgxNDEzNTIwggEiMA0GCSqGSIb3DQEBAQUAA4IB" +
-            "DwAwggEKAoIBAQClNp+kdz+Nj8XpEp9kaumWxDZ3eFYJpQKz9ddD5e5OzUeCm103" +
-            "ZIXQIxc0eVtMCatnRr3dnZRCAxGjwbqoB3eKt29/XSQffVv+odbyw0WdkQOIbntC" +
-            "Qry8YdcBZ+8LjI/N7M2krmjmoSLmLwU2V4aNKf0YMLR5Krmah3Ik31jmYCSvwTnv" +
-            "6mx6pr2pTJ82JavhTEIIt/fAYq1RYhkM1CXoBL+yhEoDanN7TzC94skfS3VV+f53" +
-            "J9SkUxTYcy1Rw0k3VXfxWwy+cSKEPREl7I6k0YeKtDEVAgBIEYM/L1S69RXTLuji" +
-            "rwnqSRjOquzkAkD31BE961KZCxeYGrhxaR4PAgMBAAGjUjBQMA4GA1UdDwEB/wQE" +
-            "AwIEsDAdBgNVHQ4EFgQU/qDdB6ii6icQ8wGMXvy1jfE4xtUwHwYDVR0jBBgwFoAU" +
-            "scRp5lujBKfYl6OLO7+5arIyQjwwDQYJKoZIhvcNAQEFBQADggEBACmxg1hvL6+7" +
-            "a+lFTARoxainBx5gxdZ9omSb0L+qL+4PDvg/+KHzKsDnMCrcU6M4YP5n0EDKmGa6" +
-            "4lY8fbET4tt7juJg6ixb95/760Th0vuctwkGr6+D6ETTfqyHnrbhX3lAhnB+0Ja7" +
-            "o1gv4CWxh1I8aRaTXdpOHORvN0SMXdcrlCys2vrtOl+LjR2a3kajJO6eQ5leOdzF" +
-            "QlZfOPhaLWen0e2BLNJI0vsC2Fa+2LMCnfC38XfGALa5A8e7fNHXWZBjXZLBCza3" +
-            "rEs9Mlh2CjA/ocSC/WxmMvd+Eqnt/FpggRy+F8IZSRvBaRUCtGE1lgDmu6AFUxce" +
-            "R4POrT2xz8ChADEA"
-    );
-
-    public void testParsingCacertsResponse()
-        throws Exception
-    {
-        SimplePKIResponse response = new SimplePKIResponse(cacertsResponse);
-
-        Store<X509CertificateHolder> certs = response.getCertificates();
-
-        assertEquals(4, certs.getMatches(null).size());
-
-        assertEquals(1, certs.getMatches(new X509CertificateHolderSelector(new X500Name("CN=estExampleCA OwO"), new BigInteger("11121883874307308188"))).size());
-        assertEquals(1, certs.getMatches(new X509CertificateHolderSelector(new X500Name("CN=estExampleCA OwO"), new BigInteger("1"))).size());
-        assertEquals(1, certs.getMatches(new X509CertificateHolderSelector(new X500Name("CN=estExampleCA NwN"), new BigInteger("2"))).size());
-        assertEquals(1, certs.getMatches(new X509CertificateHolderSelector(new X500Name("CN=estExampleCA NwN"), new BigInteger("16838569520216125969"))).size());
-    }
-
-    public void testParsingCsrattrs1()
-        throws Exception
-    {
-        CSRAttributesResponse response = new CSRAttributesResponse(csrattrs1);
-
-        assertTrue(response.hasRequirement(PKCSObjectIdentifiers.pkcs_9_at_challengePassword));
-        assertTrue(response.hasRequirement(X9ObjectIdentifiers.ecdsa_with_SHA384));
-        assertFalse(response.isAttribute(X9ObjectIdentifiers.ecdsa_with_SHA384));
-        assertTrue(response.isAttribute(X9ObjectIdentifiers.id_ecPublicKey));
-        assertTrue(response.isAttribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest));
-
-        Collection<ASN1ObjectIdentifier> requirements = response.getRequirements();
-
-        assertEquals(4, requirements.size());
-    }
-
-    public void testParsingCsrattrs2()
-        throws Exception
-    {
-        CSRAttributesResponse response = new CSRAttributesResponse(csrattrs2);
-
-        Collection<ASN1ObjectIdentifier> requirements = response.getRequirements();
-
-        assertEquals(6, requirements.size());
-
-        assertTrue(response.hasRequirement(new ASN1ObjectIdentifier("1.3.36.3.3.2.8.1.1.11")));
-        assertFalse(response.isAttribute(new ASN1ObjectIdentifier("1.3.36.3.3.2.8.1.1.11")));
-        assertTrue(response.hasRequirement(new ASN1ObjectIdentifier("2.16.840.1.101.3.4.2.2")));
-        assertFalse(response.isAttribute(new ASN1ObjectIdentifier("2.16.840.1.101.3.4.2.2")));
-        assertTrue(response.hasRequirement(new ASN1ObjectIdentifier("1.2.840.113549.1.9.7")));
-        assertFalse(response.isAttribute(new ASN1ObjectIdentifier("1.2.840.113549.1.9.7")));
-        assertTrue(response.hasRequirement(new ASN1ObjectIdentifier("1.3.6.1.1.1.1.22")));
-        assertFalse(response.isAttribute(new ASN1ObjectIdentifier("1.3.6.1.1.1.1.22")));
-        assertTrue(response.isAttribute(new ASN1ObjectIdentifier("2.999.1")));
-        assertTrue(response.isAttribute(new ASN1ObjectIdentifier("2.999.2")));
-    }
-
-    public void testParsingSimpleEnrolRequest()
-        throws Exception
-    {
-        PKCS10CertificationRequest request = new PKCS10CertificationRequest(clientSimpleEnrol);
-
-        Attribute challenge = request.getAttributes(PKCSObjectIdentifiers.pkcs_9_at_challengePassword)[0];
-
-        ASN1String passwd = (ASN1String)challenge.getAttributeValues()[0];
-
-        assertEquals("+rrCir/7+EYu50T4", passwd.getString());
-    }
-
-    public void testParsingSimpleEnrolResponse()
-        throws Exception
-    {
-        SimplePKIResponse response = new SimplePKIResponse(serverSimpleEnrolResponse);
-
-        Store<X509CertificateHolder> certs = response.getCertificates();
-
-        assertEquals(1, certs.getMatches(null).size());
-
-        assertEquals(1, certs.getMatches(new X509CertificateHolderSelector(new X500Name("CN=estExampleCA NwN"), new BigInteger("21"))).size());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/test/ESTTestSetup.java b/bcpkix/src/main/java/org/bouncycastle/est/test/ESTTestSetup.java
deleted file mode 100644
index 92fd837..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/test/ESTTestSetup.java
+++ /dev/null

@@ -1,28 +0,0 @@
-
-package org.bouncycastle.est.test;
-
-import java.security.Security;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-
-class ESTTestSetup
-    extends TestSetup
-{
-    public ESTTestSetup(Test test)
-    {
-        super(test);
-    }
-
-    protected void setUp()
-    {
-        Security.addProvider(new BouncyCastleProvider());
-    }
-
-    protected void tearDown()
-    {
-        Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME);
-    }
-
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/test/HostNameAuthorizerMatchTest.java b/bcpkix/src/main/java/org/bouncycastle/est/test/HostNameAuthorizerMatchTest.java
deleted file mode 100644
index 5614072..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/test/HostNameAuthorizerMatchTest.java
+++ /dev/null

@@ -1,74 +0,0 @@
-package org.bouncycastle.est.test;
-
-import java.io.IOException;
-import java.util.HashSet;
-
-import junit.framework.TestCase;
-import org.bouncycastle.est.jcajce.JsseDefaultHostnameAuthorizer;
-
-public class HostNameAuthorizerMatchTest
-    extends TestCase
-{
-    public void testWildcardMatcher()
-        throws Exception
-    {
-
-        Object[][] v = new Object[][]{
-            //   {"Too wide a match", "foo.com","*.com",false}, // too wide a match
-            {"Exact", "a.foo.com", "a.foo.com", true},
-            {"Left most", "abacus.foo.com", "*s.foo.com", true}, // Match the left most.
-            {"Invalid 1","localhost.cisco.com","localhost.*.com",true},
-            {"Invalid 2", "localhost.cisco.com", "localhost.cisco.*", false},
-            {"Invalid 3 - subdomain","localhost.cisco.com","*.com",false},
-            {"Invalid 4", "localhost.cisco.com", "*.localhost.cisco.com", false},
-            {"Invalid 5", "localhost.cisco.com", "*", false},
-            {"Invalid 6", "localhost.cisco.com", "localhost*.cisco.com", true},
-            {"Invalid 7", "localhost.cisco.com", "*localhost.cisco.com", false},
-            {"Invalid 8", "localhost.cisco.com", "local*host.cisco.com", true},
-            {"Invalid 9", "localhost.cisco.com", "localhost.c*.com", true},
-            {"Invalid 10", "localhost.cisco.com", "localhost.*o.com", true},
-            {"Invalid 11", "localhost.cisco.com", "localhost.c*o.com", true},
-            {"Invalid 12", "localhost.cisco.com", "*..com", false},
-            {"Invalid 13", "foo.example.com","*.example.com",true},
-            {"Invalid 14", "bar.foo.example.com", "*.example.com", false},
-            {"Invalid 15", "example.com", "*.example.com", false},
-            {"Invalid 16", "foobaz.example.com","b*z.example.com",false},
-            {"Invalid 17", "foobaz.example.com","ob*z.example.com",false},
-            { "Valid", "foobaz.example.com","foob*z.example.com",true}
-        };
-
-        for (Object[] j : v)
-        {
-            assertEquals(j[0].toString(), j[3], JsseDefaultHostnameAuthorizer.isValidNameMatch((String)j[1], (String)j[2], null));
-        }
-    }
-
-    public void testWildcardPublicSuffix()
-        throws Exception
-    {
-
-        Object[][] v = new Object[][]{
-
-            {"Invalid 3", "localhost.cisco.com", "*.com", false},
-            {"Invalid 9", "localhost.cisco.com", "localhost.c*.com", false},
-            {"Invalid 10", "localhost.cisco.com", "localhost.*o.com", false},
-            {"Invalid 11", "localhost.cisco.com", "localhost.c*o.com", false},
-        };
-
-        HashSet<String> suf = new HashSet<String>();
-        suf.add(".com");
-
-        for (Object[] j : v)
-        {
-            try
-            {
-                assertEquals(j[0].toString(), j[3], JsseDefaultHostnameAuthorizer.isValidNameMatch((String)j[1], (String)j[2], suf));
-                fail("known suffix not caught");
-            }
-            catch (IOException e)
-            {
-                // expected
-            }
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/test/TestHostNameAuthorizer.java b/bcpkix/src/main/java/org/bouncycastle/est/test/TestHostNameAuthorizer.java
deleted file mode 100644
index 3a2792a..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/test/TestHostNameAuthorizer.java
+++ /dev/null

@@ -1,107 +0,0 @@
-package org.bouncycastle.est.test;
-
-
-import java.io.InputStreamReader;
-import java.security.cert.X509Certificate;
-
-import junit.framework.TestCase;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
-import org.bouncycastle.est.jcajce.JsseDefaultHostnameAuthorizer;
-import org.bouncycastle.util.io.pem.PemReader;
-
-/**
- * TestHostNameAuthorizer tests the hostname authorizer only. EST related functions
- * are not tested here.
- */
-public class TestHostNameAuthorizer
-    extends TestCase
-{
-    private static X509Certificate readPemCertificate(String path)
-        throws Exception
-    {
-        InputStreamReader fr = new InputStreamReader(TestHostNameAuthorizer.class.getResourceAsStream(path));
-        PemReader reader = new PemReader(fr);
-        X509CertificateHolder fromFile = new X509CertificateHolder(reader.readPemObject().getContent());
-        reader.close();
-        fr.close();
-        return new JcaX509CertificateConverter().setProvider("BC").getCertificate(fromFile);
-    }
-
-    /*
-        The following tests do not attempt to validate the certificates.
-        They only test hostname verification behavior.
-     */
-    public void testCNMatch()
-        throws Exception
-    {
-        X509Certificate cert = readPemCertificate("san/cert_cn_match_wc.pem");
-
-        assertTrue("Common Name match", new JsseDefaultHostnameAuthorizer(null).verify("aardvark.cisco.com", cert));
-        assertFalse("Not match", new JsseDefaultHostnameAuthorizer(null).verify("cisco.com", cert));
-    }
-
-    public void testCNMismatch_1()
-        throws Exception
-    {
-        X509Certificate cert = readPemCertificate("san/cert_cn_mismatch_wc.pem");
-
-        assertFalse("Not match", new JsseDefaultHostnameAuthorizer(null).verify("aardvark", cert));
-    }
-
-
-    // 192.168.1.50
-    public void testCNIPMismatch()
-        throws Exception
-    {
-        X509Certificate cert = readPemCertificate("san/cert_cn_mismatch_ip.pem");
-
-        assertFalse("Not match", new JsseDefaultHostnameAuthorizer(null).verify("127.0.0.1", cert));
-    }
-
-    public void testWCMismatch()
-        throws Exception
-    {
-        X509Certificate cert = readPemCertificate("san/cert_cn_mismatch_ip.pem");
-
-        assertFalse("Not match", new JsseDefaultHostnameAuthorizer(null).verify("aardvark.cisco.com", cert));
-    }
-
-    public void testSANMatch()
-        throws Exception
-    {
-        X509Certificate cert = readPemCertificate("san/cert_san_match.pem");
-        assertTrue("Match", new JsseDefaultHostnameAuthorizer(null).verify("localhost.cisco.com", cert));
-    }
-
-    public void testSANMatchIP()
-        throws Exception
-    {
-        X509Certificate cert = readPemCertificate("san/cert_san_match_ip.pem");
-        assertTrue("Match", new JsseDefaultHostnameAuthorizer(null).verify("192.168.51.140", cert));
-        assertTrue("Match", new JsseDefaultHostnameAuthorizer(null).verify("127.0.0.1", cert));
-        assertFalse("Not Match", new JsseDefaultHostnameAuthorizer(null).verify("10.0.0.1", cert));
-    }
-
-    public void testSANMatchWC()
-        throws Exception
-    {
-        X509Certificate cert = readPemCertificate("san/cert_san_mismatch_wc.pem");
-        assertTrue("Match", new JsseDefaultHostnameAuthorizer(null).verify("roundhouse.yahoo.com", cert));
-        assertFalse("Not Match", new JsseDefaultHostnameAuthorizer(null).verify("aardvark.cisco.com", cert));
-    }
-
-    public void testSANMismatchIP()
-        throws Exception
-    {
-        X509Certificate cert = readPemCertificate("san/cert_san_mismatch_ip.pem");
-        assertFalse("Not Match", new JsseDefaultHostnameAuthorizer(null).verify("localhost.me", cert));
-    }
-
-    public void testSANMismatchWC()
-        throws Exception
-    {
-        X509Certificate cert = readPemCertificate("san/cert_san_mismatch_wc.pem");
-        assertFalse("Not Match", new JsseDefaultHostnameAuthorizer(null).verify("localhost.me", cert));
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/test/package.html b/bcpkix/src/main/java/org/bouncycastle/est/test/package.html
deleted file mode 100644
index c249c45..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/test/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Test classes for RFC 7030 "Enrollment over Secure Transport".
-</body>
-</html>

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_cn_match_wc.pem b/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_cn_match_wc.pem
deleted file mode 100644
index 0860f79..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_cn_match_wc.pem
+++ /dev/null

@@ -1,44 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 865 (0x361)
-    Signature Algorithm: ecdsa-with-SHA1
-        Issuer: CN=estExampleCA
-        Validity
-            Not Before: Sep 29 12:41:31 2014 GMT
-            Not After : Dec 16 12:41:31 2022 GMT
-        Subject: CN=*.cisco.com
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (1024 bit)
-                Modulus:
-                    00:b7:08:e6:18:f2:32:d7:07:44:4b:f3:b1:83:01:
-                    59:f8:bc:ec:26:71:92:9a:53:70:f2:c0:be:2a:d6:
-                    26:6f:45:11:86:d7:ee:37:9d:d3:2f:22:b2:8b:9b:
-                    c5:96:00:36:73:97:c3:4c:f2:7a:0b:2c:e0:cc:d9:
-                    f0:ec:ba:1b:75:8c:66:b1:86:10:fd:be:df:6b:67:
-                    9c:0e:6b:2a:0e:d0:80:a8:dc:7a:d4:df:6e:79:28:
-                    a7:60:1a:11:b7:ae:40:94:bb:b4:11:ed:1b:6f:a7:
-                    91:ae:33:ec:bf:9c:30:f3:dc:91:2c:b4:3e:8c:c9:
-                    bd:f1:d1:aa:f6:c2:1d:6a:cd
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Key Usage: 
-                Digital Signature, Non Repudiation, Key Encipherment
-    Signature Algorithm: ecdsa-with-SHA1
-         30:44:02:20:76:4f:3a:6c:b4:99:cb:1e:37:f4:0d:6e:e1:74:
-         4b:99:bb:f5:c4:b6:3d:c1:61:df:8c:d7:1f:9f:e7:d3:64:d6:
-         02:20:64:38:8f:6f:32:37:2b:7d:cf:28:93:e5:e6:e7:70:c5:
-         a9:12:04:b0:4b:a5:29:7b:23:df:85:f2:18:44:8b:d2
------BEGIN CERTIFICATE-----
-MIIBezCCASOgAwIBAgICA2EwCQYHKoZIzj0EATAXMRUwEwYDVQQDEwxlc3RFeGFt
-cGxlQ0EwHhcNMTQwOTI5MTI0MTMxWhcNMjIxMjE2MTI0MTMxWjAWMRQwEgYDVQQD
-DAsqLmNpc2NvLmNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtwjmGPIy
-1wdES/OxgwFZ+LzsJnGSmlNw8sC+KtYmb0URhtfuN53TLyKyi5vFlgA2c5fDTPJ6
-CyzgzNnw7LobdYxmsYYQ/b7fa2ecDmsqDtCAqNx61N9ueSinYBoRt65AlLu0Ee0b
-b6eRrjPsv5ww89yRLLQ+jMm98dGq9sIdas0CAwEAAaMaMBgwCQYDVR0TBAIwADAL
-BgNVHQ8EBAMCBeAwCQYHKoZIzj0EAQNHADBEAiB2TzpstJnLHjf0DW7hdEuZu/XE
-tj3BYd+M1x+f59Nk1gIgZDiPbzI3K33PKJPl5udwxakSBLBLpSl7I9+F8hhEi9I=
------END CERTIFICATE-----

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_cn_mismatch.pem b/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_cn_mismatch.pem
deleted file mode 100644
index 5a0b3d3..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_cn_mismatch.pem
+++ /dev/null

@@ -1,44 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 863 (0x35f)
-    Signature Algorithm: ecdsa-with-SHA1
-        Issuer: CN=estExampleCA
-        Validity
-            Not Before: Sep 29 12:36:22 2014 GMT
-            Not After : Dec 16 12:36:22 2022 GMT
-        Subject: CN=hostname
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (1024 bit)
-                Modulus:
-                    00:c2:4e:9f:27:15:91:6b:2b:e7:85:a8:50:d9:5b:
-                    1a:a9:23:0a:84:1c:fd:e7:24:dc:29:18:f2:52:55:
-                    43:25:e4:3e:ce:02:51:9c:93:19:67:89:c9:93:6d:
-                    dc:5d:56:ad:cb:b0:7e:2c:7a:ad:98:17:7f:bb:19:
-                    62:7d:2e:f0:0b:cf:c1:18:6f:6f:3a:fc:3d:3c:03:
-                    9b:18:66:5f:dc:2a:fa:72:54:bf:5f:b0:75:dd:bf:
-                    84:40:b1:3a:c5:65:2d:84:ee:48:76:1d:45:fa:1d:
-                    e2:b2:25:5e:aa:06:8c:11:66:ef:40:f0:68:14:08:
-                    a8:7e:62:4a:d2:e9:88:bd:3d
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Key Usage: 
-                Digital Signature, Non Repudiation, Key Encipherment
-    Signature Algorithm: ecdsa-with-SHA1
-         30:45:02:21:00:a8:bd:82:16:2c:9c:bf:77:1a:4d:fc:0f:a5:
-         a6:da:6e:e7:2f:45:fc:58:be:e3:0c:d2:a7:36:41:1f:45:c0:
-         80:02:20:6f:82:eb:4b:05:63:c9:e3:c7:f8:42:c0:ff:f1:0f:
-         5f:95:db:95:6e:71:fb:05:f0:52:e0:a6:82:53:45:f6:e3
------BEGIN CERTIFICATE-----
-MIIBeTCCASCgAwIBAgICA18wCQYHKoZIzj0EATAXMRUwEwYDVQQDEwxlc3RFeGFt
-cGxlQ0EwHhcNMTQwOTI5MTIzNjIyWhcNMjIxMjE2MTIzNjIyWjATMREwDwYDVQQD
-DAhob3N0bmFtZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwk6fJxWRayvn
-hahQ2VsaqSMKhBz95yTcKRjyUlVDJeQ+zgJRnJMZZ4nJk23cXVaty7B+LHqtmBd/
-uxlifS7wC8/BGG9vOvw9PAObGGZf3Cr6clS/X7B13b+EQLE6xWUthO5Idh1F+h3i
-siVeqgaMEWbvQPBoFAiofmJK0umIvT0CAwEAAaMaMBgwCQYDVR0TBAIwADALBgNV
-HQ8EBAMCBeAwCQYHKoZIzj0EAQNIADBFAiEAqL2CFiycv3caTfwPpababucvRfxY
-vuMM0qc2QR9FwIACIG+C60sFY8njx/hCwP/xD1+V25VucfsF8FLgpoJTRfbj
------END CERTIFICATE-----

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_cn_mismatch_ip.pem b/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_cn_mismatch_ip.pem
deleted file mode 100644
index 65b7a24..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_cn_mismatch_ip.pem
+++ /dev/null

@@ -1,45 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 864 (0x360)
-    Signature Algorithm: ecdsa-with-SHA1
-        Issuer: CN=estExampleCA
-        Validity
-            Not Before: Sep 29 12:39:24 2014 GMT
-            Not After : Dec 16 12:39:24 2022 GMT
-        Subject: CN=192.168.1.50
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (1024 bit)
-                Modulus:
-                    00:d8:fe:96:35:15:34:48:a5:6c:21:65:8e:0b:9f:
-                    85:59:2e:24:f6:9b:23:2a:d9:d3:71:92:b3:24:2d:
-                    1f:ae:f5:bb:1b:84:e9:ed:42:8a:b9:47:bc:92:70:
-                    69:93:a7:c8:50:4b:05:89:36:67:34:b4:2a:97:fb:
-                    64:9e:49:19:68:0d:21:36:36:63:6f:df:d9:39:f7:
-                    e9:da:ff:fe:9a:a8:e6:d5:75:bb:3f:e5:38:f5:c2:
-                    26:f4:f1:f4:b6:5c:9b:a7:4b:2c:7d:34:ff:c0:87:
-                    ad:dc:2c:6a:bd:22:cc:13:78:ff:f5:93:c7:63:10:
-                    44:e0:3f:2c:04:91:26:9b:eb
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Key Usage: 
-                Digital Signature, Non Repudiation, Key Encipherment
-    Signature Algorithm: ecdsa-with-SHA1
-         30:45:02:21:00:b9:1f:ee:63:e9:0a:79:a6:76:72:e8:d8:93:
-         b8:26:aa:ff:15:04:2b:f0:37:bb:45:96:5b:0b:ce:15:67:b7:
-         75:02:20:21:62:07:24:76:f4:98:90:f4:6d:7e:d7:57:62:a6:
-         6a:b1:40:b7:d2:73:1c:58:24:eb:a9:3a:19:90:34:0e:ba
------BEGIN CERTIFICATE-----
-MIIBfTCCASSgAwIBAgICA2AwCQYHKoZIzj0EATAXMRUwEwYDVQQDEwxlc3RFeGFt
-cGxlQ0EwHhcNMTQwOTI5MTIzOTI0WhcNMjIxMjE2MTIzOTI0WjAXMRUwEwYDVQQD
-DAwxOTIuMTY4LjEuNTAwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANj+ljUV
-NEilbCFljgufhVkuJPabIyrZ03GSsyQtH671uxuE6e1CirlHvJJwaZOnyFBLBYk2
-ZzS0Kpf7ZJ5JGWgNITY2Y2/f2Tn36dr//pqo5tV1uz/lOPXCJvTx9LZcm6dLLH00
-/8CHrdwsar0izBN4//WTx2MQROA/LASRJpvrAgMBAAGjGjAYMAkGA1UdEwQCMAAw
-CwYDVR0PBAQDAgXgMAkGByqGSM49BAEDSAAwRQIhALkf7mPpCnmmdnLo2JO4Jqr/
-FQQr8De7RZZbC84VZ7d1AiAhYgckdvSYkPRtftdXYqZqsUC30nMcWCTrqToZkDQO
-ug==
------END CERTIFICATE-----

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_cn_mismatch_wc.pem b/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_cn_mismatch_wc.pem
deleted file mode 100644
index 827c71c..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_cn_mismatch_wc.pem
+++ /dev/null

@@ -1,44 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 867 (0x363)
-    Signature Algorithm: ecdsa-with-SHA1
-        Issuer: CN=estExampleCA
-        Validity
-            Not Before: Sep 29 12:43:07 2014 GMT
-            Not After : Dec 16 12:43:07 2022 GMT
-        Subject: CN=*.google.com
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (1024 bit)
-                Modulus:
-                    00:c0:4a:fd:4b:ac:bc:cd:ca:d2:7d:ba:03:d4:49:
-                    5e:68:fb:47:dd:f5:01:9c:ec:65:82:7f:50:9f:24:
-                    3f:9f:44:96:14:d5:9c:64:a9:19:51:83:2f:5e:62:
-                    11:a0:46:14:1f:e8:d9:c4:61:23:6b:fe:96:59:a3:
-                    cd:e5:c3:82:08:c4:3f:55:a4:5c:7a:63:9d:bb:58:
-                    ec:79:62:31:c2:4d:c4:1d:43:05:bc:09:78:a1:c1:
-                    27:21:41:b7:03:82:11:96:5d:b5:97:92:a1:93:f8:
-                    1c:e2:5f:33:e6:03:0e:03:9e:84:6a:72:d6:00:9f:
-                    77:75:2d:be:e6:84:fb:22:b3
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Key Usage: 
-                Digital Signature, Non Repudiation, Key Encipherment
-    Signature Algorithm: ecdsa-with-SHA1
-         30:44:02:20:09:d4:15:d9:f2:48:dd:be:68:6f:1a:dd:48:fb:
-         85:e3:f3:e4:f8:67:a6:36:fc:0f:b2:bb:23:f7:ba:92:77:bc:
-         02:20:4f:aa:2f:29:1f:df:4f:0e:fa:fe:57:6e:85:5e:30:bd:
-         21:56:c0:ef:30:be:7b:48:6a:f1:71:46:f2:17:fe:b6
------BEGIN CERTIFICATE-----
-MIIBfDCCASSgAwIBAgICA2MwCQYHKoZIzj0EATAXMRUwEwYDVQQDEwxlc3RFeGFt
-cGxlQ0EwHhcNMTQwOTI5MTI0MzA3WhcNMjIxMjE2MTI0MzA3WjAXMRUwEwYDVQQD
-DAwqLmdvb2dsZS5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMBK/Uus
-vM3K0n26A9RJXmj7R931AZzsZYJ/UJ8kP59ElhTVnGSpGVGDL15iEaBGFB/o2cRh
-I2v+llmjzeXDggjEP1WkXHpjnbtY7HliMcJNxB1DBbwJeKHBJyFBtwOCEZZdtZeS
-oZP4HOJfM+YDDgOehGpy1gCfd3UtvuaE+yKzAgMBAAGjGjAYMAkGA1UdEwQCMAAw
-CwYDVR0PBAQDAgXgMAkGByqGSM49BAEDRwAwRAIgCdQV2fJI3b5obxrdSPuF4/Pk
-+GemNvwPsrsj97qSd7wCIE+qLykf308O+v5XboVeML0hVsDvML57SGrxcUbyF/62
------END CERTIFICATE-----

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_san_match.pem b/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_san_match.pem
deleted file mode 100644
index 8c3ce2f..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_san_match.pem
+++ /dev/null

@@ -1,47 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 687 (0x2af)
-    Signature Algorithm: ecdsa-with-SHA1
-        Issuer: CN=estExampleCA
-        Validity
-            Not Before: Sep 27 13:55:10 2013 GMT
-            Not After : Nov  5 13:55:10 2017 GMT
-        Subject: CN=tester
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (1024 bit)
-                Modulus:
-                    00:ee:44:f3:93:2c:a6:3f:9c:ba:2a:83:b0:bd:a5:
-                    74:a5:c8:d3:a8:a0:44:4d:eb:ab:f5:4d:72:5a:d8:
-                    6f:ce:74:bb:4a:d1:8a:a8:9a:e5:e2:a7:0c:95:c7:
-                    a0:7d:c8:84:6f:63:b2:c3:09:f4:ea:0c:06:f7:99:
-                    e2:0e:c3:f0:cf:44:30:33:08:f8:69:79:7a:63:34:
-                    6d:ed:a9:cf:f7:9b:ca:dd:24:25:cd:bc:0e:cc:17:
-                    cc:1f:8c:1c:15:7b:5f:ca:7e:26:15:dc:a5:54:7e:
-                    9c:47:46:59:1e:80:f0:37:e4:c3:d7:96:df:48:d2:
-                    a7:14:d8:8f:7a:78:ee:f3:5d
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Key Usage: 
-                Digital Signature, Non Repudiation, Key Encipherment
-            X509v3 Subject Alternative Name: 
-                DNS:localhost.cisco.com
-    Signature Algorithm: ecdsa-with-SHA1
-         30:46:02:21:00:97:1b:17:9e:9e:df:8f:fb:d2:18:5f:89:d8:
-         30:31:87:9c:f8:56:9b:6d:e1:b6:87:bf:c7:d6:c3:a9:ab:f3:
-         6c:02:21:00:fb:40:3e:6a:9a:72:d8:ac:95:b5:62:39:22:69:
-         34:61:ad:55:0f:e8:5f:51:08:48:24:53:b7:5c:72:cc:5d:ae
------BEGIN CERTIFICATE-----
-MIIBmDCCAT6gAwIBAgICAq8wCQYHKoZIzj0EATAXMRUwEwYDVQQDEwxlc3RFeGFt
-cGxlQ0EwHhcNMTMwOTI3MTM1NTEwWhcNMTcxMTA1MTM1NTEwWjARMQ8wDQYDVQQD
-DAZ0ZXN0ZXIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAO5E85Mspj+cuiqD
-sL2ldKXI06igRE3rq/VNclrYb850u0rRiqia5eKnDJXHoH3IhG9jssMJ9OoMBveZ
-4g7D8M9EMDMI+Gl5emM0be2pz/ebyt0kJc28DswXzB+MHBV7X8p+JhXcpVR+nEdG
-WR6A8Dfkw9eW30jSpxTYj3p47vNdAgMBAAGjOjA4MAkGA1UdEwQCMAAwCwYDVR0P
-BAQDAgXgMB4GA1UdEQQXMBWCE2xvY2FsaG9zdC5jaXNjby5jb20wCQYHKoZIzj0E
-AQNJADBGAiEAlxsXnp7fj/vSGF+J2DAxh5z4Vptt4baHv8fWw6mr82wCIQD7QD5q
-mnLYrJW1YjkiaTRhrVUP6F9RCEgkU7dccsxdrg==
------END CERTIFICATE-----

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_san_match_ip.pem b/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_san_match_ip.pem
deleted file mode 100644
index dd676b7..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_san_match_ip.pem
+++ /dev/null

@@ -1,47 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 717 (0x2cd)
-    Signature Algorithm: ecdsa-with-SHA1
-        Issuer: CN=estExampleCA
-        Validity
-            Not Before: Sep 27 15:00:41 2013 GMT
-            Not After : Nov  5 15:00:41 2017 GMT
-        Subject: CN=tester13
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (1024 bit)
-                Modulus:
-                    00:c2:04:ef:f9:51:a9:a6:72:ad:23:e7:af:7d:51:
-                    8b:dc:7e:d0:71:33:5d:93:65:52:6e:79:df:30:58:
-                    cf:08:4e:47:8d:4a:1f:6a:ea:48:67:68:27:10:0d:
-                    a8:c2:80:e8:0d:10:12:34:32:e9:d8:77:e5:15:ec:
-                    9c:95:ba:f4:16:57:e5:aa:6f:18:9e:ee:4e:6c:ef:
-                    4c:f3:bf:91:f0:4b:b0:8d:c0:ff:8f:6e:f1:f3:b9:
-                    31:8e:73:d9:5c:c5:5f:fd:30:ae:36:ba:80:aa:75:
-                    ae:4d:50:3b:ba:b3:9a:a6:d2:3a:45:20:c3:7e:86:
-                    79:af:74:d7:c2:d4:c1:d4:fb
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Key Usage: 
-                Digital Signature, Non Repudiation, Key Encipherment
-            X509v3 Subject Alternative Name: 
-                IP Address:192.168.51.140, IP Address:127.0.0.1
-    Signature Algorithm: ecdsa-with-SHA1
-         30:44:02:20:6e:64:22:3a:61:01:a6:bb:5a:3d:52:12:4e:b0:
-         14:50:34:6d:0d:44:ba:28:24:88:50:a8:3a:45:01:76:1e:3a:
-         02:20:5e:8f:cf:9b:74:e8:a3:29:7c:bb:15:2b:34:14:7a:ad:
-         1e:98:07:2a:cf:75:88:88:45:51:d7:2c:98:a0:4c:01
------BEGIN CERTIFICATE-----
-MIIBjzCCATegAwIBAgICAs0wCQYHKoZIzj0EATAXMRUwEwYDVQQDEwxlc3RFeGFt
-cGxlQ0EwHhcNMTMwOTI3MTUwMDQxWhcNMTcxMTA1MTUwMDQxWjATMREwDwYDVQQD
-DAh0ZXN0ZXIxMzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwgTv+VGppnKt
-I+evfVGL3H7QcTNdk2VSbnnfMFjPCE5HjUofaupIZ2gnEA2owoDoDRASNDLp2Hfl
-Feyclbr0Flflqm8Ynu5ObO9M87+R8EuwjcD/j27x87kxjnPZXMVf/TCuNrqAqnWu
-TVA7urOaptI6RSDDfoZ5r3TXwtTB1PsCAwEAAaMxMC8wCQYDVR0TBAIwADALBgNV
-HQ8EBAMCBeAwFQYDVR0RBA4wDIcEwKgzjIcEfwAAATAJBgcqhkjOPQQBA0cAMEQC
-IG5kIjphAaa7Wj1SEk6wFFA0bQ1EuigkiFCoOkUBdh46AiBej8+bdOijKXy7FSs0
-FHqtHpgHKs91iIhFUdcsmKBMAQ==
------END CERTIFICATE-----

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_san_match_wc.pem b/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_san_match_wc.pem
deleted file mode 100644
index 1a267de..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_san_match_wc.pem
+++ /dev/null

@@ -1,47 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 719 (0x2cf)
-    Signature Algorithm: ecdsa-with-SHA1
-        Issuer: CN=estExampleCA
-        Validity
-            Not Before: Sep 27 15:10:16 2013 GMT
-            Not After : Nov  5 15:10:16 2017 GMT
-        Subject: CN=tester14
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (1024 bit)
-                Modulus:
-                    00:ae:3a:26:93:ee:cb:de:f6:5b:b5:fb:a3:2e:b6:
-                    2b:cc:eb:49:1a:76:38:60:30:eb:7f:9a:99:f5:d2:
-                    7f:fd:c8:da:bd:f3:38:4b:7d:27:fb:15:81:23:59:
-                    22:92:1f:ad:77:f7:5f:50:e7:69:e2:64:2a:68:33:
-                    63:62:02:10:fa:2c:e1:06:ae:cc:04:79:e5:8c:1f:
-                    ea:9a:26:9e:03:b0:4f:b4:f8:1c:2b:21:6b:b0:6d:
-                    68:24:ae:0c:2e:a7:36:7b:27:d4:f1:13:ef:75:5e:
-                    e2:11:49:fc:d4:f8:4d:2d:63:3e:c8:08:44:a3:c8:
-                    79:42:4e:85:a5:5e:ab:91:53
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Key Usage: 
-                Digital Signature, Non Repudiation, Key Encipherment
-            X509v3 Subject Alternative Name: 
-                DNS:*.cisco.com
-    Signature Algorithm: ecdsa-with-SHA1
-         30:44:02:20:47:98:0f:e8:c3:0f:b1:8e:80:bc:ec:66:30:da:
-         68:0d:2e:c3:de:aa:20:66:e8:8a:dd:d0:12:97:dd:67:af:0d:
-         02:20:6f:8a:1a:37:f4:19:ce:5d:8c:5e:af:b2:e7:7d:72:5b:
-         7e:dc:a9:7e:49:ec:bf:c4:d5:5b:38:5b:9e:b2:1e:27
------BEGIN CERTIFICATE-----
-MIIBkDCCATigAwIBAgICAs8wCQYHKoZIzj0EATAXMRUwEwYDVQQDEwxlc3RFeGFt
-cGxlQ0EwHhcNMTMwOTI3MTUxMDE2WhcNMTcxMTA1MTUxMDE2WjATMREwDwYDVQQD
-DAh0ZXN0ZXIxNDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArjomk+7L3vZb
-tfujLrYrzOtJGnY4YDDrf5qZ9dJ//cjavfM4S30n+xWBI1kikh+td/dfUOdp4mQq
-aDNjYgIQ+izhBq7MBHnljB/qmiaeA7BPtPgcKyFrsG1oJK4MLqc2eyfU8RPvdV7i
-EUn81PhNLWM+yAhEo8h5Qk6FpV6rkVMCAwEAAaMyMDAwCQYDVR0TBAIwADALBgNV
-HQ8EBAMCBeAwFgYDVR0RBA8wDYILKi5jaXNjby5jb20wCQYHKoZIzj0EAQNHADBE
-AiBHmA/oww+xjoC87GYw2mgNLsPeqiBm6Ird0BKX3WevDQIgb4oaN/QZzl2MXq+y
-531yW37cqX5J7L/E1Vs4W56yHic=
------END CERTIFICATE-----

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_san_mismatch.pem b/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_san_mismatch.pem
deleted file mode 100644
index 2c9f5d2..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_san_mismatch.pem
+++ /dev/null

@@ -1,47 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 715 (0x2cb)
-    Signature Algorithm: ecdsa-with-SHA1
-        Issuer: CN=estExampleCA
-        Validity
-            Not Before: Sep 27 14:35:46 2013 GMT
-            Not After : Nov  5 14:35:46 2017 GMT
-        Subject: CN=tester11
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (1024 bit)
-                Modulus:
-                    00:bd:98:4d:6e:91:3f:05:65:cf:ee:aa:24:16:b3:
-                    44:ba:d8:89:b1:c9:bd:10:0a:70:92:99:de:ea:63:
-                    04:ec:d5:e3:d5:3d:41:20:f7:ab:00:cc:21:a3:b9:
-                    bf:88:83:3d:14:f4:a9:84:95:23:6c:98:d5:d3:90:
-                    1f:cb:c0:6c:90:71:57:fd:39:e6:e4:99:29:83:d6:
-                    28:58:d3:ca:3f:70:06:a4:f0:25:82:b1:73:4e:03:
-                    a6:d9:51:cd:6b:70:c6:a9:4c:75:36:4e:eb:37:46:
-                    7c:1c:2e:cf:9b:be:e5:a2:0e:1b:21:74:e8:72:a2:
-                    ad:ed:b1:3c:a0:4a:d4:c3:17
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Key Usage: 
-                Digital Signature, Non Repudiation, Key Encipherment
-            X509v3 Subject Alternative Name: 
-                DNS:roundhouse.cisco.com
-    Signature Algorithm: ecdsa-with-SHA1
-         30:44:02:20:28:51:20:46:6e:43:bc:37:f4:83:17:30:bd:04:
-         e1:6f:3c:e8:91:63:6e:d9:d2:24:79:c5:2d:3c:0c:c0:92:ed:
-         02:20:5e:e3:2c:6c:16:66:d1:dd:1d:f5:14:a1:bb:e7:54:55:
-         fa:e9:fd:76:a5:6a:f0:56:2d:13:27:c0:c6:4e:3b:0f
------BEGIN CERTIFICATE-----
-MIIBmTCCAUGgAwIBAgICAsswCQYHKoZIzj0EATAXMRUwEwYDVQQDEwxlc3RFeGFt
-cGxlQ0EwHhcNMTMwOTI3MTQzNTQ2WhcNMTcxMTA1MTQzNTQ2WjATMREwDwYDVQQD
-DAh0ZXN0ZXIxMTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvZhNbpE/BWXP
-7qokFrNEutiJscm9EApwkpne6mME7NXj1T1BIPerAMwho7m/iIM9FPSphJUjbJjV
-05Afy8BskHFX/Tnm5Jkpg9YoWNPKP3AGpPAlgrFzTgOm2VHNa3DGqUx1Nk7rN0Z8
-HC7Pm77log4bIXTocqKt7bE8oErUwxcCAwEAAaM7MDkwCQYDVR0TBAIwADALBgNV
-HQ8EBAMCBeAwHwYDVR0RBBgwFoIUcm91bmRob3VzZS5jaXNjby5jb20wCQYHKoZI
-zj0EAQNHADBEAiAoUSBGbkO8N/SDFzC9BOFvPOiRY27Z0iR5xS08DMCS7QIgXuMs
-bBZm0d0d9RShu+dUVfrp/XalavBWLRMnwMZOOw8=
------END CERTIFICATE-----

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_san_mismatch_ip.pem b/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_san_mismatch_ip.pem
deleted file mode 100644
index a804944..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_san_mismatch_ip.pem
+++ /dev/null

@@ -1,47 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 716 (0x2cc)
-    Signature Algorithm: ecdsa-with-SHA1
-        Issuer: CN=estExampleCA
-        Validity
-            Not Before: Sep 27 14:56:29 2013 GMT
-            Not After : Nov  5 14:56:29 2017 GMT
-        Subject: CN=tester12
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (1024 bit)
-                Modulus:
-                    00:c6:65:bf:f2:9f:fd:67:96:f9:f8:69:6b:83:c8:
-                    c6:d9:a8:53:03:0e:b5:7c:79:f9:83:05:6f:60:d8:
-                    0c:ec:33:b7:2a:95:48:d2:eb:d0:ba:cd:de:0c:71:
-                    ec:c6:ef:ab:ea:4e:d0:4d:46:e1:d0:4d:9d:4c:31:
-                    40:69:09:02:d1:66:0c:c2:be:6b:e5:ea:f5:15:38:
-                    16:b2:34:20:8d:19:ee:61:b0:4c:d3:59:ec:c3:64:
-                    fd:36:54:e3:49:2f:ee:8b:e3:06:42:ee:d7:af:5d:
-                    31:6c:43:c6:b4:41:40:dc:e2:b3:ed:f6:95:f1:9c:
-                    ec:72:d9:9c:07:af:32:cc:41
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Key Usage: 
-                Digital Signature, Non Repudiation, Key Encipherment
-            X509v3 Subject Alternative Name: 
-                IP Address:192.168.50.65
-    Signature Algorithm: ecdsa-with-SHA1
-         30:46:02:21:00:ef:13:e8:c2:e0:30:5a:5f:93:41:7d:14:f1:
-         d0:c1:a9:44:d3:11:72:52:c1:6c:b1:22:12:09:d8:96:0b:fa:
-         1f:02:21:00:d3:74:15:65:fc:dc:d9:0f:e8:1c:4d:1d:b3:2e:
-         37:78:47:d0:69:95:9b:bc:a2:b5:c7:4f:32:0d:50:84:45:34
------BEGIN CERTIFICATE-----
-MIIBizCCATGgAwIBAgICAswwCQYHKoZIzj0EATAXMRUwEwYDVQQDEwxlc3RFeGFt
-cGxlQ0EwHhcNMTMwOTI3MTQ1NjI5WhcNMTcxMTA1MTQ1NjI5WjATMREwDwYDVQQD
-DAh0ZXN0ZXIxMjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxmW/8p/9Z5b5
-+Glrg8jG2ahTAw61fHn5gwVvYNgM7DO3KpVI0uvQus3eDHHsxu+r6k7QTUbh0E2d
-TDFAaQkC0WYMwr5r5er1FTgWsjQgjRnuYbBM01nsw2T9NlTjSS/ui+MGQu7Xr10x
-bEPGtEFA3OKz7faV8ZzsctmcB68yzEECAwEAAaMrMCkwCQYDVR0TBAIwADALBgNV
-HQ8EBAMCBeAwDwYDVR0RBAgwBocEwKgyQTAJBgcqhkjOPQQBA0kAMEYCIQDvE+jC
-4DBaX5NBfRTx0MGpRNMRclLBbLEiEgnYlgv6HwIhANN0FWX83NkP6BxNHbMuN3hH
-0GmVm7yitcdPMg1QhEU0
------END CERTIFICATE-----

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_san_mismatch_wc.pem b/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_san_mismatch_wc.pem
deleted file mode 100644
index 774c5d5..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/test/san/cert_san_mismatch_wc.pem
+++ /dev/null

@@ -1,47 +0,0 @@
-Certificate:
-    Data:
-        Version: 3 (0x2)
-        Serial Number: 721 (0x2d1)
-    Signature Algorithm: ecdsa-with-SHA1
-        Issuer: CN=estExampleCA
-        Validity
-            Not Before: Sep 27 15:15:18 2013 GMT
-            Not After : Nov  5 15:15:18 2017 GMT
-        Subject: CN=tester15
-        Subject Public Key Info:
-            Public Key Algorithm: rsaEncryption
-                Public-Key: (1024 bit)
-                Modulus:
-                    00:a0:42:6b:73:58:0c:f2:85:6e:af:50:b3:19:44:
-                    a1:44:03:15:2b:e2:f5:0b:34:20:a3:c8:f2:d5:03:
-                    9c:5f:80:f7:ed:29:f5:9e:d4:0e:5f:64:99:a2:f1:
-                    dd:8e:d1:5b:99:85:48:1a:6f:7d:1d:50:d3:13:7b:
-                    48:df:2c:60:62:4b:5a:8b:19:2f:00:c3:b3:09:1c:
-                    09:51:27:eb:ab:ed:fb:06:62:31:69:fb:1e:f9:11:
-                    12:75:dd:a4:f9:8a:99:e9:f4:48:96:db:89:b8:64:
-                    fc:55:7f:5f:4f:1b:89:07:0c:05:b8:aa:4d:c6:e6:
-                    41:ee:7a:c3:f4:25:93:65:53
-                Exponent: 65537 (0x10001)
-        X509v3 extensions:
-            X509v3 Basic Constraints: 
-                CA:FALSE
-            X509v3 Key Usage: 
-                Digital Signature, Non Repudiation, Key Encipherment
-            X509v3 Subject Alternative Name: 
-                DNS:*.yahoo.com
-    Signature Algorithm: ecdsa-with-SHA1
-         30:44:02:20:20:9c:0e:e3:29:89:f4:2d:07:c5:66:52:9a:9a:
-         56:10:30:03:b1:9c:a3:aa:fd:2a:d2:d9:c7:67:1e:4b:f8:6a:
-         02:20:12:01:05:2b:73:8d:2b:aa:d3:5d:9e:f5:e5:4e:c8:a8:
-         eb:86:6e:02:95:f4:7d:57:d7:69:39:d8:67:7b:8b:1f
------BEGIN CERTIFICATE-----
-MIIBkDCCATigAwIBAgICAtEwCQYHKoZIzj0EATAXMRUwEwYDVQQDEwxlc3RFeGFt
-cGxlQ0EwHhcNMTMwOTI3MTUxNTE4WhcNMTcxMTA1MTUxNTE4WjATMREwDwYDVQQD
-DAh0ZXN0ZXIxNTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAoEJrc1gM8oVu
-r1CzGUShRAMVK+L1CzQgo8jy1QOcX4D37Sn1ntQOX2SZovHdjtFbmYVIGm99HVDT
-E3tI3yxgYktaixkvAMOzCRwJUSfrq+37BmIxafse+RESdd2k+YqZ6fRIltuJuGT8
-VX9fTxuJBwwFuKpNxuZB7nrD9CWTZVMCAwEAAaMyMDAwCQYDVR0TBAIwADALBgNV
-HQ8EBAMCBeAwFgYDVR0RBA8wDYILKi55YWhvby5jb20wCQYHKoZIzj0EAQNHADBE
-AiAgnA7jKYn0LQfFZlKamlYQMAOxnKOq/SrS2cdnHkv4agIgEgEFK3ONK6rTXZ71
-5U7IqOuGbgKV9H1X12k52Gd7ix8=
------END CERTIFICATE-----

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_cn_match_wc.pem b/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_cn_match_wc.pem
deleted file mode 100644
index 52cdb17..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_cn_match_wc.pem
+++ /dev/null

@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQC3COYY8jLXB0RL87GDAVn4vOwmcZKaU3DywL4q1iZvRRGG1+43
-ndMvIrKLm8WWADZzl8NM8noLLODM2fDsuht1jGaxhhD9vt9rZ5wOayoO0ICo3HrU
-3255KKdgGhG3rkCUu7QR7Rtvp5GuM+y/nDDz3JEstD6Myb3x0ar2wh1qzQIDAQAB
-AoGBAKMOA2Wvxci3SYlb9AQf3RXwv3NT8+UVdmZbfE3O7vhrED0O+cGEENFJ2ML0
-JyYE1H1PcoWG8WApP65ebPmGpdQkSK+/AOp+FV2mM4/PYPoyLDTtt2qQuQj78jdv
-jE1ePtB5hQPgL8ab8sfLRJDubfruPXaqEvbJd/6aMfBE5oThAkEA6ckLfTsnOn3G
-JEAv8Ym4DG6q+VJFNLEFKDZuaxCnQP+hYdfhRNTRnIK/2GtWlP4/NSE6d/S9Vyzl
-E5B8nHEICQJBAMhtUZn3VgB8cmWBzn4c6f60+ukN9ic1toYw5t8jPo2IuivX7j+B
-jOvu22xqj1xCisliCtYi6b3TFKtnc3BmlaUCQQCFUk+pBRjj9GIQvkIZHo7FGD+M
-m2w4FlN4kUH68K5RFPb1k2U2GZ/H/5BkXSItKajmJaLwUbPAiSvCMn29wX/xAkBu
-5C0V5sbqlfAlQWCiXhUJG9EHSPY8U3edX0kdhD6DyHZY86uZ72+sygcVQQ/4l8h6
-C4i7Wa3BnRv+icpREjERAkA0nZPIl+AvS+dHMYSa2Khysy/ikYpQZPqx85f/phD9
-cJVSBV6U8kR9FzEqHI4GmUMSwFex1JVxe8u29+piocA/
------END RSA PRIVATE KEY-----

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_cn_mismatch.pem b/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_cn_mismatch.pem
deleted file mode 100644
index 4a76c85..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_cn_mismatch.pem
+++ /dev/null

@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXwIBAAKBgQDCTp8nFZFrK+eFqFDZWxqpIwqEHP3nJNwpGPJSVUMl5D7OAlGc
-kxlnicmTbdxdVq3LsH4seq2YF3+7GWJ9LvALz8EYb286/D08A5sYZl/cKvpyVL9f
-sHXdv4RAsTrFZS2E7kh2HUX6HeKyJV6qBowRZu9A8GgUCKh+YkrS6Yi9PQIDAQAB
-AoGBAJ8chpMYxEXAZAw88keqpMBP43Kf0wKOWoKE3RmynBPRPeSwXWgbxLfWSuyh
-D8yXCCY91nRR2QksZPovJUlhQErdac3DtD991ucZUoVuY9hJXnKJ2PKbyc5sWtwj
-8u9Uj4XHukk+NPgAAyGfg3qREVFU+Cs8TBTqbQOofAjFvcM5AkEA8R31DCCsuan6
-66/tJbbgwGmnhh7NmUSfGM/ayb0fPAhhvy+MdGXlV4BjBOswc++3FsUsdPdOhaDH
-Hvk9Vv/HqwJBAM5M/dRQXNl0yXlDFyzPTZK8sq/3b0YZ2bZHNt2j0ID69RGd6+//
-qMC4msUudWahMBrJpz3ImHMd724jTB8JBrcCQQDA5DNesWEc4wQuur4gNs5Uf/Ga
-FVhrbf9NLTOdwqOTNi1kcpiNodq4hqgwjipkBXjWSYUISbRSqM3DVKciy1sjAkEA
-kAU/ztCrgUP+wyELNMUkKqSBOkdK721sh8v/iYurK+AG5l2RMOMSNDisE6vzWcp9
-grX0gzVe+D6VwBX0NlZe0QJBAJbLKGVhThv0XxkocM8g2wnbE+z3VZrcY93WuLuD
-WxOe2/JDbI9KeXbUMdeTAq89nVicv3JiQaYD/ZzhPnQJvb4=
------END RSA PRIVATE KEY-----

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_cn_mismatch_ip.pem b/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_cn_mismatch_ip.pem
deleted file mode 100644
index 0433f9e..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_cn_mismatch_ip.pem
+++ /dev/null

@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQDY/pY1FTRIpWwhZY4Ln4VZLiT2myMq2dNxkrMkLR+u9bsbhOnt
-Qoq5R7yScGmTp8hQSwWJNmc0tCqX+2SeSRloDSE2NmNv39k59+na//6aqObVdbs/
-5Tj1wib08fS2XJunSyx9NP/Ah63cLGq9IswTeP/1k8djEETgPywEkSab6wIDAQAB
-AoGAdbXNB6ij/xB1UryDTHzRWmo0tO29Kv6Uu9RHh0VPHZrBUBFO0Fy7YfyvJ4UB
-UI7AlAXOT/uKCsX9IQrHLzIaLB5SWb0tpCsCjB8++SQeIfKdpcNAyAhR3w9qQu2w
-c+d3AepsFeHwcSrqoeLAdg3/qfY5MMD6AFyI3+Xfjr27tUECQQD7GiRwUCJMd5dW
-P/kiU95MNuKg5N756QUSX3xRAjInQSJrZdILmQWITeUtdDROdtnmtOAHWK0YSVb9
-b0+N4DXhAkEA3Tohd8qbcvF63pcFMWW1D+gid1njEWQ1QktGQFvN1qP3OMAp+hxJ
-W3KCNWgdtIdJNnHGX4suStAlwZnDhxszSwJAZjkmTHLTA75L5dj1W3w5K13MtSN3
-gtXSMsCco335XPGvSXmSIRaSogLUIcUE5kyMONe5vEPlc9WnjFUcVe3JAQJAX7Vj
-f1DfObYxIxWRAJLw52XVa28u5npE9F5ekT9maQLc1OeGAZe1QOPkYzidCVoyGWTV
-nsY3C9TLUNu2FMB2ywJBAIEbxQzQ0C/FnZ6mt1IZOBvatdxbqhQQx8H2Lued1Jh5
-zkxLQBunmCxZkZgA4oGZnX3s2CjKJWHhib7zXnd0Ygc=
------END RSA PRIVATE KEY-----

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_cn_mismatch_wc.pem b/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_cn_mismatch_wc.pem
deleted file mode 100644
index c98eed2..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_cn_mismatch_wc.pem
+++ /dev/null

@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXgIBAAKBgQDASv1LrLzNytJ9ugPUSV5o+0fd9QGc7GWCf1CfJD+fRJYU1Zxk
-qRlRgy9eYhGgRhQf6NnEYSNr/pZZo83lw4IIxD9VpFx6Y527WOx5YjHCTcQdQwW8
-CXihwSchQbcDghGWXbWXkqGT+BziXzPmAw4DnoRqctYAn3d1Lb7mhPsiswIDAQAB
-AoGBAIdbQflm2nAx+QEvU0q3apGTb/85W61OahX18JZVOcOuz8ZSpwfkUEIkic9y
-UN309m2PxtqJVhnK16K5v1Gg0YKJ4fbffodwQstLhinQwjNEb+rfXusmzKyjV6nu
-zZ1C6+b5wijQenybIxRIm4sWFGxm5k5IFQiPQXN2bzkAHVfBAkEA4Bm1ohumDcRd
-2G/KuUdaiNdM6/GkviyXPDKa4Jvkh3pLcVzd2xa9Eb5Hc7tiwWdL8LPEbqssxHpu
-Eeics5NMCwJBANuqNF3aaufOKHtwsDg4c1G/mh3MweoNXAFNVCfW+a9E/0nKVqiV
-194XfRaq24w8iN5vG4l8wPbKUHiVitZSBPkCQQDZ4IUT/7eZKPJorH+3VSUzZ8e0
-mXInJyk+cKDdgRNVmFPi+nwENv5JUusbHPMtv+U4Nz7ire/PcoyzQqmfebTzAkAi
-XMHMXLqUgH98r+ghI1OG2j41oy5CesyFt58OjGaKsHRvCqP7w1T9fRcoUJn/mgif
-Iypfm5BkCsoD0wDg/fuhAkEA3APsWcyaOdTIRdmjnJVZ5wlWKRgMnPT6kTwkRlY8
-Fl1c5uNZnxtpgmOd+10O5a/16aNoumsFfDP4z/anAeo0NA==
------END RSA PRIVATE KEY-----

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_san_match.pem b/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_san_match.pem
deleted file mode 100644
index 894542a..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_san_match.pem
+++ /dev/null

@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQDuRPOTLKY/nLoqg7C9pXSlyNOooERN66v1TXJa2G/OdLtK0Yqo
-muXipwyVx6B9yIRvY7LDCfTqDAb3meIOw/DPRDAzCPhpeXpjNG3tqc/3m8rdJCXN
-vA7MF8wfjBwVe1/KfiYV3KVUfpxHRlkegPA35MPXlt9I0qcU2I96eO7zXQIDAQAB
-AoGAOl3dpPHND8wetodn5iz/tBTL9IS99rCCgSalmqdmTBbAQoWuB7taEPmG1bH/
-GJDkED1F7w0jV6n2kvS5MZDCDirPulZgQEhDSIIt8H7epLgZ9duv2axi3C4F3SOZ
-BJihh7EQVwXA1BMoyV6a3mhkOpJWoAt9O3F+pU7tgUymSakCQQD3o9wLjeBPmZST
-4kszwcASBlvXqLUGvdD6eg9n/gfVx0wkQPeKMVzMB78W2hDysGvK7e5IYiLXOUvl
-d50NRzL/AkEA9lAb0/Ja2QGMXQWtCVkjf3Sdh3ZYdROcaXqUaETU0fzitPqk+FwE
-5rXiCTi+/BOMFXqpQ9ECqmu7JaEwl+WFowJBANXHny5aTEprSthfgowrtqPY2XBT
-M/Od6cpRlPsxUZI7en/RleC2vGVmSpBvsDHSGzwUKqBSF8G0tNBjcjEERgECQQDH
-LdiS97RHL11WC7T1jkOKWb7ZP/YgFo+xLBK+joqalCivuM+WlrLP7dyvIFgwd44c
-AGjIEkhZj2xy7XniGxSJAkBfZ6/FU6TzTtXEppqN5Y19FswaLpG4JExZddxfmN57
-dhN1j5jjXlldpZXpkKXM/DwxPfNI6vVq+p771sTdFY9l
------END RSA PRIVATE KEY-----

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_san_match_ip.pem b/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_san_match_ip.pem
deleted file mode 100644
index 1aab227..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_san_match_ip.pem
+++ /dev/null

@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXgIBAAKBgQDCBO/5Uammcq0j5699UYvcftBxM12TZVJued8wWM8ITkeNSh9q
-6khnaCcQDajCgOgNEBI0MunYd+UV7JyVuvQWV+Wqbxie7k5s70zzv5HwS7CNwP+P
-bvHzuTGOc9lcxV/9MK42uoCqda5NUDu6s5qm0jpFIMN+hnmvdNfC1MHU+wIDAQAB
-AoGBAKhLwB10SMSpFKbggckiwz8wgX6wH6uLaEWMUZ2Oa4e43zgf48DKGKQaJEg4
-kPqm9qLeHexJfa7X0U+DPxBiavazw/oEoHKf3pLOm/HQfr0gKik4hYxeBk1tqLhR
-7xUbzcxAWw9cBKr3qzrvKp86S1LzUD0nkLvH4pouCSgTcf6BAkEA5wVKh6Iaf8zs
-+hyIvPVldOQPMyfW6XRUFkJj4wueGIlyAgzqKYGjVmgQ4ZI7JnooY9zT9U03vecL
-LocRQeAc9wJBANb/cF2COqYyTYjBvps29cTTOZajdhLYJB8yJcMici3epjW682gN
-epDM0SwiHsN6f7vzTsQTxEJGi7O/MY2Tmx0CQBkNbtakkqEXVP+OhpmPNxBlBuzy
-PhEVB2Vej7x4bw2UIiPsyJv1rgPZxzLfC8ERcD3cHbQ1Sn0yh/jkts9hAWMCQQCz
-LxkbFdqDgREVlUOiYN/cNp6caYeSlQkl5smKJD88839a8IDEi9dGryz1t0okaQfk
-QRe4WzEKe3kbSZGnCQoRAkEAmQBdntXZgFCrdMQbYvGGmjnPHGYK/OeKZN2ZVIKI
-VKMTz74yAiA6l/W0D7KY+aR+bm3lxUPCqIdryA7K1JhGJA==
------END RSA PRIVATE KEY-----

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_san_match_wc.pem b/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_san_match_wc.pem
deleted file mode 100644
index e296fac..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_san_match_wc.pem
+++ /dev/null

@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQCuOiaT7sve9lu1+6MutivM60kadjhgMOt/mpn10n/9yNq98zhL
-fSf7FYEjWSKSH613919Q52niZCpoM2NiAhD6LOEGrswEeeWMH+qaJp4DsE+0+Bwr
-IWuwbWgkrgwupzZ7J9TxE+91XuIRSfzU+E0tYz7ICESjyHlCToWlXquRUwIDAQAB
-AoGAJWbcY0OPRpUSiRW1KVD4RCx6bBDW92dpFuKkjI4c5elZdA+jlSkQDSnHqEP5
-VO8x+SAEuUSEiZJBPE9T1XVmGUQczf87ZQHZRSwrIohih/MrvyrNakszD1VPlGIs
-fLwKAMFfM2/aXignZx9UJaMcTvzDNZ/FhlxgzYnrukfzPUECQQDVe/BijfLQs711
-KZyYWMchW84LcXYa3mtt2EVwfmZlvAlKIe0WyJ9KskYvssWKLIHcZvRIHiQgs+T/
-pPBUmgkhAkEA0OzF3uU2oX4aVhmu8H3R9AmH7mKFjySdTAFPyZMdh/AonsKO+B1t
-wGI+9jOgDC3qOp3GVygUTO7xpa+qSpUH8wJARrxZSx6DjRlxNigChgwsduYnYG1I
-1+BIsk3NvFd1cFIctd6F4124QhTN4rIWeBEFOlU2rcqm59sTjo1FQJMFYQJBAJYb
-uGNYjrLjNqrsExwpWmMbQfYOBWX+aaHFQ31R3SLhc1317eDozAUw0Yn1N6Xoi2UI
-HQxb+JH6D9b6asDhaO8CQCqNag8fEhmXzWiZDM+ngreFJsFFYiwwbcSOA0p3JBG/
-o39PeTTW4VC8+Y7KIO5rM8ZzuT3cArfsZLC8erAc2oI=
------END RSA PRIVATE KEY-----

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_san_mismatch.pem b/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_san_mismatch.pem
deleted file mode 100644
index c057fa6..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_san_mismatch.pem
+++ /dev/null

@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQC9mE1ukT8FZc/uqiQWs0S62Imxyb0QCnCSmd7qYwTs1ePVPUEg
-96sAzCGjub+Igz0U9KmElSNsmNXTkB/LwGyQcVf9OebkmSmD1ihY08o/cAak8CWC
-sXNOA6bZUc1rcMapTHU2Tus3RnwcLs+bvuWiDhshdOhyoq3tsTygStTDFwIDAQAB
-AoGAVhUcsyMHdi/v5PEjSZtDjYJbonlyeiIDUszCRbGHvvCubVdOhuVsowQMEgZ4
-TEcqKKWdgjEk0F3kWBaMGTrZD0OlvjkhRDvR53P6mvDuN1+rDo4NxYe3GPX+Rylw
-YmkqJNkbspwPeu2tjD7gCRio/PiaQVAHmnZEi7JY0pjPH8ECQQDrh+3paJyZ3USt
-d+znBZwvXOH5tdEd7TMeSRlaETJIR+H+9043v4jbk2myH6fq/Ga2qKNEHJwj3A/q
-yYWHbdvPAkEAzhJkdmL61V03/Bs3EfV3q1K+7T7C+gBEJeXGgjfNbnPaKubej2R4
-yrYX3WLVKNwAyn9QBdc1C/3Li7On1+6OOQJAJnf9E7JSYY8SOILt3o28BMBW6EIZ
-9ZlYUAoAagWFAOk8sDgUPma6I6LgEIe7FVZEMHE6uVUy62h18RMZDBWVYQJBAMOD
-WcOkxz1WEz7jB03HqgFnIXRwPob5Z67ZIYz8qrDnxA8+OdysQ5p4R44pLfp1OV7m
-iaLw+whkhBEIo+9QC6kCQQDqJiutzJMhsp4hIDhB/hhmWlkbe5LZOFqLLejvSvhF
-+vQb9bJ7OjcOD+xl6Zq0QZWg6PVtw+mV8rBqnvhn6Rgi
------END RSA PRIVATE KEY-----

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_san_mismatch_ip.pem b/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_san_mismatch_ip.pem
deleted file mode 100644
index 1e1cf9f..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_san_mismatch_ip.pem
+++ /dev/null

@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXAIBAAKBgQDGZb/yn/1nlvn4aWuDyMbZqFMDDrV8efmDBW9g2AzsM7cqlUjS
-69C6zd4McezG76vqTtBNRuHQTZ1MMUBpCQLRZgzCvmvl6vUVOBayNCCNGe5hsEzT
-WezDZP02VONJL+6L4wZC7tevXTFsQ8a0QUDc4rPt9pXxnOxy2ZwHrzLMQQIDAQAB
-AoGAYlsLH9NlIzfb0OUiYgDlY/5ouPlPy9gEdIn7P32cWnUA92Fu6vHxVsq8rFrG
-UZF8HvrXlZfwVv5DXwSDtA69kAXKWgcStRK6idBLZZjpQqg/a05ajTuSaxeBh/PV
-63Ddff5W+GDnaFIsDxjSEscafYNFoYD6uaq9EuzbOjpSsOECQQD1kmH9s4Io9QFB
-wQ9WEpzc1GdoOq6RVTyWkGoA1Vvzb+3DphjlLK1OpFLzIEXFdOuqWdCul+MTsqEu
-U/k+V651AkEAztKIlF6YcY4jajrtEppaD+uyqPjiwO+YwY+dBpXuELmwtBEtDHV/
-Y5kMu5BLNNND5GFzqmNNIkCxRQ25lXTFHQJAKDPLuQXvNBdQGlypzxSC+6AGQckB
-lSdYIOoJgJNtV0Ams5X4k2QqByrdrZHF+lp2zk+f20VgVnQy8OusbSlblQJAeJFZ
-F41RtxkSYjI51BdxG0je3QxCPBEw7t3Gv3kV0GA/t6kvpsy0V554QrtqbEAgmvmI
-kTLUW3x1GvlWT99DrQJBAJH+dTB8xvxHxTC/KxErx48imZGZ/lqlpAeADY7ZMv2i
-Aidlu36/giQLmVPPpGdHbXmrXsR7PRn/woak5PZG8TI=
------END RSA PRIVATE KEY-----

diff --git a/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_san_mismatch_wc.pem b/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_san_mismatch_wc.pem
deleted file mode 100644
index 6a969e6..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/est/test/san/key_san_mismatch_wc.pem
+++ /dev/null

@@ -1,15 +0,0 @@
------BEGIN RSA PRIVATE KEY-----
-MIICXQIBAAKBgQCgQmtzWAzyhW6vULMZRKFEAxUr4vULNCCjyPLVA5xfgPftKfWe
-1A5fZJmi8d2O0VuZhUgab30dUNMTe0jfLGBiS1qLGS8Aw7MJHAlRJ+ur7fsGYjFp
-+x75ERJ13aT5ipnp9EiW24m4ZPxVf19PG4kHDAW4qk3G5kHuesP0JZNlUwIDAQAB
-AoGACOzqExh6UB+CVJ1H/EZIPQN28GTJhQA4OSb970MuOFt0c2780QW6bzGpJNwX
-nNaoJVq480/2ReW0e8dH/bX5ACnf/sZnLdhhOQ450ltB7KD+/B8U0nHwL5t0m8yj
-cq3CbYDa+xHc9DJOBc0bGzCPwHcMVPrutwk/uSbxwdKSk4ECQQDUTRIrWX+SlRyL
-84ImjwH8eS3Ak/WxyTy0kA88tzDrS6zjUKtYnVbdRhKP793p1qCAbRqG3mO8npGw
-2kVSfs+zAkEAwT8VcmVoiNp97OKRWW8wHvuqef3bDdCB5Gtyvrg/NZoJxrrECQYM
-A9bMLzJDETpBCTnKYFXcFNMHCNUCQ7FD4QJBAMsghr7lXfNxKiQZtDCSafMYOpdk
-uhMGGUgmAf40xOCMwnmoaJlbyY3jisUfWzNugJkASv458DG7gmg1H1jELpMCQEW9
-4puahZN+Zxvq2NISEqfb47aLK1dc/MPXE15JWGab5RNXrBAloohwKNiPpyy8fWQ6
-+xKxafAKCOvjFCIiA4ECQQC0zNtjb+4T/zG25PzfRB8qTppRWi0gH+8TXExXuW92
-8icrxcynK0GXTZehoC5LnTeijixA/3Z2FPhYQmnq/GJi
------END RSA PRIVATE KEY-----

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/BasicMimeParser.java b/bcpkix/src/main/java/org/bouncycastle/mime/BasicMimeParser.java
deleted file mode 100644
index 992acb2..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/BasicMimeParser.java
+++ /dev/null

@@ -1,137 +0,0 @@
-package org.bouncycastle.mime;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.bouncycastle.mime.encoding.Base64InputStream;
-import org.bouncycastle.mime.encoding.QuotedPrintableInputStream;
-
-public class BasicMimeParser
-    implements MimeParser
-{
-    private final InputStream src;
-    private final MimeParserContext parserContext;
-    private final String defaultContentTransferEncoding;
-    private Headers headers;
-
-    private boolean isMultipart = false;
-    private final String boundary;
-
-    public BasicMimeParser(
-        InputStream src)
-        throws IOException
-    {
-        this(null, new Headers(src, "7bit"), src);
-    }
-
-    public BasicMimeParser(
-        MimeParserContext parserContext, InputStream src)
-        throws IOException
-    {
-        this(parserContext, new Headers(src, parserContext.getDefaultContentTransferEncoding()), src);
-    }
-
-    public BasicMimeParser(
-        Headers headers, InputStream content)
-    {
-        this(null, headers, content);
-    }
-
-    public BasicMimeParser(
-        MimeParserContext parserContext, Headers headers, InputStream src)
-    {
-        if (headers.isMultipart())
-        {
-            isMultipart = true;
-            boundary = headers.getBoundary();
-        }
-        else
-        {
-            boundary = null;
-        }
-
-        this.headers = headers;
-        this.parserContext = parserContext;
-        this.src = src;
-        this.defaultContentTransferEncoding = (parserContext != null) ? parserContext.getDefaultContentTransferEncoding() : "7bit";
-    }
-
-
-
-    public void parse(MimeParserListener listener)
-        throws IOException
-    {
-        MimeContext context = listener.createContext(parserContext, headers);
-
-        String s;
-        if (isMultipart)    // Signed
-        {
-            MimeMultipartContext mContext = (MimeMultipartContext)context;
-            String startBoundary = "--" + boundary;
-            boolean startFound = false;
-            int partNo = 0;
-            LineReader rd = new LineReader(src);
-            while ((s = rd.readLine()) != null && !"--".equals(s))
-            {
-                if (startFound)
-                {
-                    InputStream inputStream = new BoundaryLimitedInputStream(src, boundary);
-                    Headers headers = new Headers(inputStream, defaultContentTransferEncoding);
-
-                    MimeContext partContext = mContext.createContext(partNo++);
-                    inputStream = partContext.applyContext(headers, inputStream);
-
-                    listener.object(parserContext, headers, processStream(headers, inputStream));
-
-                    if (inputStream.read() >= 0)
-                    {
-                        throw new IOException("MIME object not fully processed");
-                    }
-                }
-                else if (startBoundary.equals(s))
-                {
-                    startFound = true;
-                    InputStream inputStream = new BoundaryLimitedInputStream(src, boundary);
-                    Headers headers = new Headers(inputStream, defaultContentTransferEncoding);
-
-                    MimeContext partContext = mContext.createContext(partNo++);
-                    inputStream = partContext.applyContext(headers, inputStream);
-
-                    listener.object(parserContext, headers, processStream(headers, inputStream));
-
-                    if (inputStream.read() >= 0)
-                    {
-                        throw new IOException("MIME object not fully processed");
-                    }
-                }
-            }
-        }
-        else
-        {
-            InputStream inputStream = context.applyContext(headers, src);
-
-            listener.object(parserContext, headers, processStream(headers, inputStream));
-        }
-    }
-
-    public boolean isMultipart()
-    {
-        return isMultipart;
-    }
-
-    private InputStream processStream(Headers headers, InputStream inputStream)
-    {
-        if (headers.getContentTransferEncoding().equals("base64"))
-        {
-            return new Base64InputStream(inputStream);
-        }
-        else if (headers.getContentTransferEncoding().equals("quoted-printable"))
-        {
-            return new QuotedPrintableInputStream(inputStream);
-        }
-        else
-        {
-            return inputStream;
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/BoundaryLimitedInputStream.java b/bcpkix/src/main/java/org/bouncycastle/mime/BoundaryLimitedInputStream.java
deleted file mode 100644
index 585e696..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/BoundaryLimitedInputStream.java
+++ /dev/null

@@ -1,121 +0,0 @@
-package org.bouncycastle.mime;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.bouncycastle.util.Strings;
-
-public class BoundaryLimitedInputStream
-    extends InputStream
-{
-    final private InputStream src;
-    final private byte[] boundary;
-    final private byte[] buf;
-
-    private int bufOff = 0;
-    private int index = 0;
-    private boolean ended = false;
-
-    private int lastI;
-
-    public BoundaryLimitedInputStream(InputStream src, String startBoundary)
-    {
-        this.src = src;
-        boundary = Strings.toByteArray(startBoundary);
-        this.buf = new byte[startBoundary.length() + 3];
-        this.bufOff = 0;
-    }
-
-
-    public int read()
-        throws IOException
-    {
-        if (ended)
-        {
-            return -1;
-        }
-
-        int i;
-        if (index < bufOff)
-        {
-            i = buf[index++] & 0xff;
-            // if this happens we know we've already failed on a "\r\n"
-            if (index < bufOff)
-            {
-                return i;
-            }
-            index = bufOff = 0;
-        }
-        else
-        {
-            i = src.read();
-        }
-
-        lastI = i;
-
-        if (i < 0)
-        {
-            return -1;
-        }
-
-        if (i == '\r' || i == '\n') // check for start of boundary
-        {
-            int ch;
-            index = 0;
-            if (i == '\r')
-            {
-                ch = src.read();
-                if (ch == '\n')
-                {
-                    buf[bufOff++] = '\n';
-                    ch = src.read();
-                }
-            }
-            else
-            {
-                ch = src.read();
-            }
-
-            if (ch == '-')
-            {
-                buf[bufOff++] = '-';
-                ch = src.read();
-            }
-
-            if (ch == '-')
-            {
-                buf[bufOff++] = '-';
-
-                int base = bufOff;
-                int c;
-
-                while ((bufOff - base) != boundary.length && (c = src.read()) >= 0)
-                {
-                    buf[bufOff] = (byte)c;
-                    if (buf[bufOff] != boundary[bufOff - base])
-                    {
-                        bufOff++;
-                        break;
-                    }
-                    bufOff++;
-                }
-                
-                // we have a match
-                if (bufOff - base == boundary.length)
-                {
-                    ended = true;
-                    return -1;
-                }
-            }
-            else
-            {
-                if (ch >= 0)
-                {
-                    buf[bufOff++] = (byte)ch;
-                }
-            }
-        }
-
-        return i;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/CanonicalOutputStream.java b/bcpkix/src/main/java/org/bouncycastle/mime/CanonicalOutputStream.java
deleted file mode 100644
index 41d7d54..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/CanonicalOutputStream.java
+++ /dev/null

@@ -1,87 +0,0 @@
-package org.bouncycastle.mime;
-
-import java.io.FilterOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-
-import org.bouncycastle.mime.smime.SMimeParserContext;
-
-public class CanonicalOutputStream
-    extends FilterOutputStream
-{
-    protected int lastb;
-    protected static byte newline[];
-    private final boolean is7Bit;
-
-    public CanonicalOutputStream(SMimeParserContext parserContext, Headers headers, OutputStream outputstream)
-    {
-        super(outputstream);
-        lastb = -1;
-        // TODO: eventually may need to handle multiparts with binary...
-        if (headers.getContentType() != null)
-        {
-            is7Bit = headers.getContentType() != null && !headers.getContentType().equals("binary");
-        }
-        else
-        {
-            is7Bit = parserContext.getDefaultContentTransferEncoding().equals("7bit");
-        }
-    }
-
-    public void write(int i)
-        throws IOException
-    {
-        if (is7Bit)
-        {
-            if (i == '\r')
-            {
-                out.write(newline);
-            }
-            else if (i == '\n')
-            {
-                if (lastb != '\r')
-                {
-                    out.write(newline);
-                }
-            }
-            else
-            {
-                out.write(i);
-            }
-        }
-        else
-        {
-            out.write(i);
-        }
-        
-        lastb = i;
-    }
-
-    public void write(byte[] buf)
-        throws IOException
-    {
-        this.write(buf, 0, buf.length);
-    }
-
-    public void write(byte buf[], int off, int len)
-        throws IOException
-    {
-        for (int i = off; i != off + len; i++)
-        {
-            this.write(buf[i]);
-        }
-    }
-
-    public void writeln()
-        throws IOException
-    {
-        super.out.write(newline);
-    }
-
-    static 
-    {
-        newline = new byte[2];
-        newline[0] = '\r';
-        newline[1] = '\n';
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/ConstantMimeContext.java b/bcpkix/src/main/java/org/bouncycastle/mime/ConstantMimeContext.java
deleted file mode 100644
index 5afd06c..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/ConstantMimeContext.java
+++ /dev/null

@@ -1,20 +0,0 @@
-package org.bouncycastle.mime;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-public class ConstantMimeContext
-    implements MimeContext, MimeMultipartContext
-{
-    public InputStream applyContext(Headers headers, InputStream contentStream)
-        throws IOException
-    {
-        return contentStream;
-    }
-
-    public MimeContext createContext(int partNo)
-        throws IOException
-    {
-        return this;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/Headers.java b/bcpkix/src/main/java/org/bouncycastle/mime/Headers.java
deleted file mode 100644
index 3b67089..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/Headers.java
+++ /dev/null

@@ -1,254 +0,0 @@
-package org.bouncycastle.mime;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.Iterator;
-import java.util.LinkedHashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.TreeMap;
-
-import org.bouncycastle.util.Iterable;
-import org.bouncycastle.util.Strings;
-
-public class Headers
-    implements Iterable<String>
-{
-    private final Map<String, List> headers = new TreeMap<String, List>(String.CASE_INSENSITIVE_ORDER);
-    private final List<String> headersAsPresented;
-    private final String contentTransferEncoding;
-
-    private String boundary;
-    private boolean multipart;
-    private String contentType;
-    private Map<String, String> contentTypeParameters;
-
-    private static List<String> parseHeaders(InputStream src)
-        throws IOException
-    {
-        String s;
-        List<String> headerLines = new ArrayList<String>();
-        LineReader   rd = new LineReader(src);
-
-        while ((s = rd.readLine()) != null)
-        {
-            if (s.length() == 0)
-            {
-                break;
-            }
-            headerLines.add(s);
-        }
-
-        return headerLines;
-    }
-
-    public Headers(InputStream source, String defaultContentTransferEncoding)
-        throws IOException
-    {
-        this(parseHeaders(source), defaultContentTransferEncoding);
-    }
-
-    public Headers(List<String> headerLines, String defaultContentTransferEncoding)
-    {
-        this.headersAsPresented = headerLines;
-
-        String header = "";
-        for (Iterator it = headerLines.iterator(); it.hasNext();)
-        {
-            String line = (String)it.next();
-            if (line.startsWith(" ") || line.startsWith("\t"))
-            {
-                header = header + line.trim();
-            }
-            else
-            {
-                if (header.length() != 0)
-                {
-                    this.put(header.substring(0, header.indexOf(':')).trim(), header.substring(header.indexOf(':') + 1).trim());
-                }
-                header = line;
-            }
-        }
-
-        // pick up last header line
-        if (header.trim().length() != 0)
-        {
-            this.put(header.substring(0, header.indexOf(':')).trim(), header.substring(header.indexOf(':') + 1).trim());
-        }
-
-        String contentTypeHeader = (this.getValues("Content-Type") == null) ? "text/plain" : this.getValues("Content-Type")[0];
-
-        int parameterIndex = contentTypeHeader.indexOf(';');
-        if (parameterIndex < 0)
-        {
-            contentType = contentTypeHeader;
-            contentTypeParameters = Collections.EMPTY_MAP;
-        }
-        else
-        {
-            contentType = contentTypeHeader.substring(0, parameterIndex);
-            contentTypeParameters = createContentTypeParameters(contentTypeHeader.substring(parameterIndex + 1).trim());
-        }
-
-        contentTransferEncoding = this.getValues("Content-Transfer-Encoding") == null ? defaultContentTransferEncoding : this.getValues("Content-Transfer-Encoding")[0];
-
-        if (contentType.indexOf("multipart") >= 0)
-        {
-            multipart = true;
-            String bound = (String)contentTypeParameters.get("boundary");
-            boundary = bound.substring(1, bound.length() - 1); // quoted-string
-        }
-        else
-        {
-            boundary = null;
-            multipart = false;
-        }
-    }
-
-    /**
-     * Return the a Map of the ContentType attributes and their values.
-     *
-     * @return a Map of ContentType parameters - empty if none present.
-     */
-    public Map<String, String> getContentTypeAttributes()
-    {
-        return contentTypeParameters;
-    }
-
-    /**
-     * Return the a list of the ContentType parameters.
-     *
-     * @return a list of ContentType parameters - empty if none present.
-     */
-    private Map<String, String> createContentTypeParameters(String contentTypeParameters)
-    {
-        String[] parameterSplit = contentTypeParameters.split(";");
-        Map<String, String> rv = new LinkedHashMap<String, String>();
-
-        for (int i = 0; i != parameterSplit.length; i++)
-        {
-            String parameter = parameterSplit[i];
-
-            int eqIndex = parameter.indexOf('=');
-            if (eqIndex < 0)
-            {
-                throw new IllegalArgumentException("malformed Content-Type header");
-            }
-
-            rv.put(parameter.substring(0, eqIndex).trim(), parameter.substring(eqIndex + 1).trim());
-        }
-
-        return Collections.unmodifiableMap(rv);
-    }
-
-    public boolean isMultipart()
-    {
-        return multipart;
-    }
-
-    public String getBoundary()
-    {
-        return boundary;
-    }
-
-    public String getContentType()
-    {
-        return contentType;
-    }
-
-    public String getContentTransferEncoding()
-    {
-        return contentTransferEncoding;
-    }
-
-    private void put(String field, String value)
-    {
-        synchronized (this)
-        {
-            KV kv = new KV(field, value);
-            List<KV> list = (List<KV>)headers.get(field);
-            if (list == null)
-            {
-                list = new ArrayList<KV>();
-                headers.put(field, list);
-            }
-            list.add(kv);
-        }
-    }
-
-    public Iterator<String> getNames()
-    {
-        return headers.keySet().iterator();
-    }
-
-    public String[] getValues(String header)
-    {
-
-        synchronized (this)
-        {
-            List<KV> kvList = (List<KV>)headers.get(header);
-            if (kvList == null)
-            {
-                return null;
-            }
-            String[] out = new String[kvList.size()];
-
-            for (int t = 0; t < kvList.size(); t++)
-            {
-                out[t] = ((KV)kvList.get(t)).value;
-            }
-
-            return out;
-        }
-    }
-
-    public boolean isEmpty()
-    {
-        synchronized (this)
-        {
-            return headers.isEmpty();
-        }
-    }
-
-    public boolean containsKey(String s)
-    {
-        return headers.containsKey(s);
-    }
-
-    public Iterator<String> iterator()
-    {
-        return headers.keySet().iterator();
-    }
-
-    public void dumpHeaders(OutputStream outputStream)
-        throws IOException
-    {
-        for (Iterator it = headersAsPresented.iterator(); it.hasNext();)
-        {
-            outputStream.write(Strings.toUTF8ByteArray(it.next().toString()));
-            outputStream.write('\r');
-            outputStream.write('\n');
-        }
-    }
-
-    private class KV
-    {
-        public final String key;
-        public final String value;
-
-        public KV(String key, String value)
-        {
-            this.key = key;
-            this.value = value;
-        }
-
-        public KV(KV kv)
-        {
-            this.key = kv.key;
-            this.value = kv.value;
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/LineReader.java b/bcpkix/src/main/java/org/bouncycastle/mime/LineReader.java
deleted file mode 100644
index f0e4aea..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/LineReader.java
+++ /dev/null

@@ -1,66 +0,0 @@
-package org.bouncycastle.mime;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.bouncycastle.util.Strings;
-
-/**
- * Read regular text lines, allowing for a single character look ahead.
- */
-class LineReader
-{
-    private final InputStream src;
-
-    private int lastC = -1;
-
-    LineReader(InputStream src)
-    {
-        this.src = src;
-    }
-
-    String readLine()
-        throws IOException
-    {
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        int ch;
-
-        if (lastC != -1)
-        {
-            if (lastC == '\r')   // to get this we must have '\r\r' so blank line
-            {
-                return "";
-            }
-            ch = lastC;
-            lastC = -1;
-        }
-        else
-        {
-            ch = src.read();
-        }
-
-        while (ch >= 0 && ch != '\r' && ch != '\n')
-        {
-            bOut.write(ch);
-            ch = src.read();
-        }
-
-        if (ch == '\r')
-        {
-            int c = src.read();
-            if (c != '\n' && c >= 0)
-            {
-                lastC = c;
-            }
-        }
-
-        if (ch < 0)
-        {
-            return null;
-        }
-
-        return Strings.fromUTF8ByteArray(bOut.toByteArray());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/MimeContext.java b/bcpkix/src/main/java/org/bouncycastle/mime/MimeContext.java
deleted file mode 100644
index 5b7b31e..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/MimeContext.java
+++ /dev/null

@@ -1,10 +0,0 @@
-package org.bouncycastle.mime;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-public interface MimeContext
-{
-    InputStream applyContext(Headers headers, InputStream contentStream)
-        throws IOException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/MimeIOException.java b/bcpkix/src/main/java/org/bouncycastle/mime/MimeIOException.java
deleted file mode 100644
index 67e6c3e..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/MimeIOException.java
+++ /dev/null

@@ -1,29 +0,0 @@
-package org.bouncycastle.mime;
-
-import java.io.IOException;
-
-/**
- * General IOException thrown in the mime package and its sub-packages.
- */
-public class MimeIOException
-    extends IOException
-{
-    private Throwable cause;
-
-    public MimeIOException(String msg, Throwable cause)
-    {
-        super(msg);
-
-        this.cause = cause;
-    }
-
-    public MimeIOException(String msg)
-    {
-        super(msg);
-    }
-
-    public Throwable getCause()
-    {
-        return cause;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/MimeMultipartContext.java b/bcpkix/src/main/java/org/bouncycastle/mime/MimeMultipartContext.java
deleted file mode 100644
index 223ab06..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/MimeMultipartContext.java
+++ /dev/null

@@ -1,10 +0,0 @@
-package org.bouncycastle.mime;
-
-import java.io.IOException;
-
-public interface MimeMultipartContext
-    extends MimeContext
-{
-    public MimeContext createContext(int partNo)
-        throws IOException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/MimeParser.java b/bcpkix/src/main/java/org/bouncycastle/mime/MimeParser.java
deleted file mode 100644
index edd9cc3..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/MimeParser.java
+++ /dev/null

@@ -1,18 +0,0 @@
-package org.bouncycastle.mime;
-
-import java.io.IOException;
-
-/**
- * Base interface for a MIME parser.
- */
-public interface MimeParser
-{
-    /**
-     * Trigger the start of parsing.
-     *
-     * @param listener callback to be signalled as each MIME object is identified.
-     * @throws IOException on a parsing/IO exception.
-     */
-    void parse(MimeParserListener listener)
-        throws IOException;
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/MimeParserContext.java b/bcpkix/src/main/java/org/bouncycastle/mime/MimeParserContext.java
deleted file mode 100644
index f00476f..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/MimeParserContext.java
+++ /dev/null

@@ -1,14 +0,0 @@
-package org.bouncycastle.mime;
-
-/**
- * Base interface for a MIME parser context.
- */
-public interface MimeParserContext
-{
-    /**
-     * Return the default value for Content-Transfer-Encoding for data we are parsing.
-     *
-     * @return the default Content-Transfer-Encoding.
-     */
-    String getDefaultContentTransferEncoding();
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/MimeParserListener.java b/bcpkix/src/main/java/org/bouncycastle/mime/MimeParserListener.java
deleted file mode 100644
index d22e870..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/MimeParserListener.java
+++ /dev/null

@@ -1,30 +0,0 @@
-package org.bouncycastle.mime;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-/**
- * Base interface for a MIME parser listener.
- */
-public interface MimeParserListener
-{
-    /**
-     * Create an appropriate context object for the MIME object represented by headers.
-     *
-     * @param parserContext context object for the current parser.
-     * @param headers MIME headers for the object that has been discovered.
-     * @return a MimeContext
-     */
-    MimeContext createContext(MimeParserContext parserContext, Headers headers);
-
-    /**
-     * Signal that a MIME object has been discovered.
-     *
-     * @param parserContext context object for the current parser.
-     * @param headers headers for the MIME object.
-     * @param inputStream input stream representing its content.
-     * @throws IOException in case of a parsing/processing error.
-     */
-    void object(MimeParserContext parserContext, Headers headers, InputStream inputStream)
-        throws IOException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/MimeParserProvider.java b/bcpkix/src/main/java/org/bouncycastle/mime/MimeParserProvider.java
deleted file mode 100644
index d81e1f7..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/MimeParserProvider.java
+++ /dev/null

@@ -1,13 +0,0 @@
-package org.bouncycastle.mime;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-public interface MimeParserProvider
-{
-    MimeParser createParser(InputStream source)
-        throws IOException;
-
-    MimeParser createParser(Headers headers, InputStream source)
-        throws IOException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/MimeWriter.java b/bcpkix/src/main/java/org/bouncycastle/mime/MimeWriter.java
deleted file mode 100644
index cf08d63..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/MimeWriter.java
+++ /dev/null

@@ -1,41 +0,0 @@
-package org.bouncycastle.mime;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.util.ArrayList;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-
-public abstract class MimeWriter
-{
-    protected final Headers headers;
-
-    protected MimeWriter(Headers headers)
-    {
-        this.headers = headers;
-    }
-
-    public Headers getHeaders()
-    {
-        return headers;
-    }
-
-    public abstract OutputStream getContentStream()
-        throws IOException;
-
-
-    protected static List<String> mapToLines(Map<String, String> headers)
-    {
-        List hdrs = new ArrayList(headers.size());
-
-        for (Iterator<String> it = headers.keySet().iterator(); it.hasNext();)
-        {
-            String key = (String)it.next();
-
-            hdrs.add(key + ": " + headers.get(key));
-        }
-
-        return hdrs;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/encoding/Base64InputStream.java b/bcpkix/src/main/java/org/bouncycastle/mime/encoding/Base64InputStream.java
deleted file mode 100644
index 75334ac..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/encoding/Base64InputStream.java
+++ /dev/null

@@ -1,182 +0,0 @@
-package org.bouncycastle.mime.encoding;
-
-import java.io.EOFException;
-import java.io.IOException;
-import java.io.InputStream;
-
-/**
- * Reader for Base64 armored objects which converts them into binary data.
- */
-public class Base64InputStream
-    extends InputStream
-{
-    /*
-     * set up the decoding table.
-     */
-    private static final byte[] decodingTable;
-
-    static
-    {
-        decodingTable = new byte[128];
-
-        for (int i = 'A'; i <= 'Z'; i++)
-        {
-            decodingTable[i] = (byte)(i - 'A');
-        }
-
-        for (int i = 'a'; i <= 'z'; i++)
-        {
-            decodingTable[i] = (byte)(i - 'a' + 26);
-        }
-
-        for (int i = '0'; i <= '9'; i++)
-        {
-            decodingTable[i] = (byte)(i - '0' + 52);
-        }
-
-        decodingTable['+'] = 62;
-        decodingTable['/'] = 63;
-    }
-
-    /**
-     * decode the base 64 encoded input data.
-     *
-     * @return the offset the data starts in out.
-     */
-    private int decode(
-        int      in0,
-        int      in1,
-        int      in2,
-        int      in3,
-        int[]    out)
-        throws EOFException
-    {
-        int    b1, b2, b3, b4;
-
-        if (in3 < 0)
-        {
-            throw new EOFException("unexpected end of file in armored stream.");
-        }
-
-        if (in2 == '=')
-        {
-            b1 = decodingTable[in0] &0xff;
-            b2 = decodingTable[in1] & 0xff;
-
-            out[2] = ((b1 << 2) | (b2 >> 4)) & 0xff;
-
-            return 2;
-        }
-        else if (in3 == '=')
-        {
-            b1 = decodingTable[in0];
-            b2 = decodingTable[in1];
-            b3 = decodingTable[in2];
-
-            out[1] = ((b1 << 2) | (b2 >> 4)) & 0xff;
-            out[2] = ((b2 << 4) | (b3 >> 2)) & 0xff;
-
-            return 1;
-        }
-        else
-        {
-            b1 = decodingTable[in0];
-            b2 = decodingTable[in1];
-            b3 = decodingTable[in2];
-            b4 = decodingTable[in3];
-
-            out[0] = ((b1 << 2) | (b2 >> 4)) & 0xff;
-            out[1] = ((b2 << 4) | (b3 >> 2)) & 0xff;
-            out[2] = ((b3 << 6) | b4) & 0xff;
-
-            return 0;
-        }
-    }
-
-    InputStream    in;
-    int[]          outBuf = new int[3];
-    int            bufPtr = 3;
-    boolean        isEndOfStream;
-
-    /**
-     * Create a stream for reading a PGP armoured message, parsing up to a header
-     * and then reading the data that follows.
-     *
-     * @param in
-     */
-    public Base64InputStream(
-        InputStream    in)
-    {
-        this.in = in;
-    }
-    
-    public int available()
-        throws IOException
-    {
-        return in.available();
-    }
-    
-    private int readIgnoreSpace() 
-        throws IOException
-    {
-        int    c = in.read();
-        
-        while (c == ' ' || c == '\t')
-        {
-            c = in.read();
-        }
-        
-        return c;
-    }
-    
-    public int read()
-        throws IOException
-    {
-        int    c;
-
-        if (bufPtr > 2)
-        {
-            c = readIgnoreSpace();
-            
-            if (c == '\r' || c == '\n')
-            {
-                c = readIgnoreSpace();
-                
-                while (c == '\n' || c == '\r')
-                {
-                    c = readIgnoreSpace();
-                }
-
-                if (c < 0)                // EOF
-                {
-                    isEndOfStream = true;
-                    return -1;
-                }
-
-                bufPtr = decode(c, readIgnoreSpace(), readIgnoreSpace(), readIgnoreSpace(), outBuf);
-            }
-            else
-            {
-                if (c >= 0)
-                {
-                    bufPtr = decode(c, readIgnoreSpace(), readIgnoreSpace(), readIgnoreSpace(), outBuf);
-                }
-                else
-                {
-                    isEndOfStream = true;
-                    return -1;
-                }
-            }
-        }
-
-        c = outBuf[bufPtr++];
-
-        return c;
-    }
-    
-    public void close()
-        throws IOException
-    {
-        in.close();
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/encoding/Base64OutputStream.java b/bcpkix/src/main/java/org/bouncycastle/mime/encoding/Base64OutputStream.java
deleted file mode 100644
index 51e7b1f..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/encoding/Base64OutputStream.java
+++ /dev/null

@@ -1,63 +0,0 @@
-package org.bouncycastle.mime.encoding;
-
-import java.io.FilterOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-
-import org.bouncycastle.util.encoders.Base64;
-
-public class Base64OutputStream
-    extends FilterOutputStream
-{
-    byte[] buffer = new byte[54];
-    int    bufOff;
-
-    public Base64OutputStream(OutputStream stream)
-    {
-        super(stream);
-    }
-
-    public void write(int b)
-        throws IOException
-    {
-        doWrite((byte)b);
-    }
-
-    public void write(byte[] buf, int bufOff, int len)
-        throws IOException
-    {
-        for (int i = 0; i != len; i++)
-        {
-            doWrite(buf[bufOff + i]);
-        }
-    }
-
-    public void write(byte[] buf)
-        throws IOException
-    {
-        write(buf, 0, buf.length);
-    }
-
-    public void close()
-        throws IOException
-    {
-        if (bufOff > 0)
-        {
-            Base64.encode(buffer, 0, bufOff, out);
-        }
-        out.close();
-    }
-    
-    private void doWrite(byte b)
-        throws IOException
-    {
-        buffer[bufOff++] = b;
-        if (bufOff == buffer.length)
-        {
-            Base64.encode(buffer, 0, buffer.length, out);
-            out.write('\r');
-            out.write('\n');
-            bufOff = 0;
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/encoding/QuotedPrintableInputStream.java b/bcpkix/src/main/java/org/bouncycastle/mime/encoding/QuotedPrintableInputStream.java
deleted file mode 100644
index 4f82309..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/encoding/QuotedPrintableInputStream.java
+++ /dev/null

@@ -1,124 +0,0 @@
-package org.bouncycastle.mime.encoding;
-
-import java.io.FilterInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-
-/**
- * Input stream that processes quoted-printable data, converting it into what was originally intended.
- */
-public class QuotedPrintableInputStream
-    extends FilterInputStream
-{
-
-    public QuotedPrintableInputStream(InputStream input)
-    {
-        super(input);
-    }
-
-    public int read(byte[] buf, int bufOff, int len) throws IOException
-    {
-        int i = 0;
-        while (i != len)
-        {
-            int ch = this.read();
-            if (ch < 0)
-            {
-                break;
-            }
-            buf[i + bufOff] = (byte)ch;
-            i++;
-        }
-
-        if (i == 0)
-        {
-            return -1;
-        }
-        
-        return i;
-    }
-
-    public int read()
-        throws IOException
-    {
-        int v = in.read();
-        if (v == -1)
-        {
-            return -1;
-        }
- 
-        // V was the quote '=' character/
-        while (v == '=')
-        {
-            //
-            // Get the next character.
-            //
-            int j = in.read();
-            if (j == -1)
-            {
-                throw new IllegalStateException("Quoted '=' at end of stream");
-            }
-
-            // For systems generating CRLF line endings.
-            if (j == '\r')
-            {
-                j = in.read();
-                if (j == '\n')
-                {
-                    //
-                    // This was a line break that was not actually a line break in the original information.
-                    // So return the next data.
-                    //
-                    j = in.read();
-                }
-                v = j;
-                continue;
-            }
-            else if (j == '\n')
-            {
-                // As above but without preceding CR.
-                v = in.read();
-                continue;
-            }
-            else
-            {
-
-                int chr = 0;
-
-                if (j >= '0' && j <= '9')
-                {
-                    chr = j - '0';
-                }
-                else if (j >= 'A' && j <= 'F')
-                {
-                    chr = 10 + (j - 'A');
-                }
-                else
-                {
-                    throw new IllegalStateException("Expecting '0123456789ABCDEF after quote that was not immediately followed by LF or CRLF");
-                }
-
-                chr <<= 4;
-
-                j = in.read();
-
-                if (j >= '0' && j <= '9')
-                {
-                    chr |= j - '0';
-                }
-                else if (j >= 'A' && j <= 'F')
-                {
-                    chr |= 10 + (j - 'A');
-                }
-                else
-                {
-                    throw new IllegalStateException("Expecting second '0123456789ABCDEF after quote that was not immediately followed by LF or CRLF");
-                }
-
-                return chr;
-            }
-        }
-
-        return v;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/smime/SMIMEEnvelopedWriter.java b/bcpkix/src/main/java/org/bouncycastle/mime/smime/SMIMEEnvelopedWriter.java
deleted file mode 100644
index 998c3bc..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/smime/SMIMEEnvelopedWriter.java
+++ /dev/null

@@ -1,185 +0,0 @@
-package org.bouncycastle.mime.smime;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.util.LinkedHashMap;
-import java.util.Map;
-
-import org.bouncycastle.cms.CMSAttributeTableGenerator;
-import org.bouncycastle.cms.CMSEnvelopedDataStreamGenerator;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.OriginatorInformation;
-import org.bouncycastle.cms.RecipientInfoGenerator;
-import org.bouncycastle.mime.Headers;
-import org.bouncycastle.mime.MimeIOException;
-import org.bouncycastle.mime.MimeWriter;
-import org.bouncycastle.mime.encoding.Base64OutputStream;
-import org.bouncycastle.operator.OutputEncryptor;
-import org.bouncycastle.util.Strings;
-
-/**
- * Writer for SMIME Enveloped objects.
- */
-public class SMIMEEnvelopedWriter
-    extends MimeWriter
-{
-    public static class Builder
-    {
-        private static final String[] stdHeaders;
-        private static final String[] stdValues;
-
-        static
-        {
-            stdHeaders = new String[]
-                {
-                    "Content-Type",
-                    "Content-Disposition",
-                    "Content-Transfer-Encoding",
-                    "Content-Description"
-                };
-
-            stdValues = new String[]
-                {
-                    "application/pkcs7-mime; name=\"smime.p7m\"; smime-type=enveloped-data",
-                    "attachment; filename=\"smime.p7m\"",
-                    "base64",
-                    "S/MIME Encrypted Message"
-                };
-        }
-
-        private final CMSEnvelopedDataStreamGenerator envGen = new CMSEnvelopedDataStreamGenerator();
-        private final Map<String, String> headers = new LinkedHashMap<String, String>();
-
-        String contentTransferEncoding = "base64";
-
-        public Builder()
-        {
-            for (int i = 0; i != stdHeaders.length; i++)
-            {
-                headers.put(stdHeaders[i], stdValues[i]);
-            }
-        }
-
-        public Builder setUnprotectedAttributeGenerator(CMSAttributeTableGenerator unprotectedAttributeGenerator)
-        {
-            this.envGen.setUnprotectedAttributeGenerator(unprotectedAttributeGenerator);
-
-            return this;
-        }
-
-        public Builder setOriginatorInfo(OriginatorInformation originatorInfo)
-        {
-            this.envGen.setOriginatorInfo(originatorInfo);
-
-            return this;
-        }
-
-        /**
-         * Specify a MIME header (name, value) pair for this builder. If the headerName already exists it will
-         * be overridden.
-         *
-         * @param headerName name of the MIME header.
-         * @param headerValue value of the MIME header.
-         *
-         * @return the current Builder instance.
-         */
-        public Builder withHeader(String headerName, String headerValue)
-        {
-            this.headers.put(headerName, headerValue);
-
-            return this;
-        }
-        
-        /**
-         * Add a generator to produce the recipient info required.
-         *
-         * @param recipientGenerator a generator of a recipient info object.
-         *
-         * @return the current Builder instance.
-         */
-        public Builder addRecipientInfoGenerator(RecipientInfoGenerator recipientGenerator)
-        {
-            this.envGen.addRecipientInfoGenerator(recipientGenerator);
-
-            return this;
-        }
-
-        public SMIMEEnvelopedWriter build(OutputStream mimeOut, OutputEncryptor outEnc)
-        {
-            return new SMIMEEnvelopedWriter(this, outEnc, mimeOut);
-        }
-    }
-
-    private final CMSEnvelopedDataStreamGenerator envGen;
-
-    private final OutputEncryptor outEnc;
-    private final OutputStream mimeOut;
-    private final String contentTransferEncoding;
-
-    private SMIMEEnvelopedWriter(Builder builder, OutputEncryptor outEnc, OutputStream mimeOut)
-    {
-        super(new Headers(mapToLines(builder.headers), builder.contentTransferEncoding));
-
-        this.envGen = builder.envGen;
-        this.contentTransferEncoding = builder.contentTransferEncoding;
-        this.outEnc = outEnc;
-        this.mimeOut = mimeOut;
-    }
-    
-    public OutputStream getContentStream()
-        throws IOException
-    {
-        headers.dumpHeaders(mimeOut);
-
-        mimeOut.write(Strings.toByteArray("\r\n"));
-
-        try
-        {
-            OutputStream outStream;
-
-            if ("base64".equals(contentTransferEncoding))
-            {
-                outStream = new Base64OutputStream(mimeOut);
-                
-                return new ContentOutputStream(envGen.open(SMimeUtils.createUnclosable(outStream), outEnc), outStream);
-            }
-            else
-            {
-                return new ContentOutputStream(envGen.open(SMimeUtils.createUnclosable(mimeOut), outEnc), null);
-            }
-        }
-        catch (CMSException e)
-        {
-            throw new MimeIOException(e.getMessage(), e);
-        }
-    }
-
-    private class ContentOutputStream
-        extends OutputStream
-    {
-        private final OutputStream main;
-        private final OutputStream backing;
-
-        ContentOutputStream(OutputStream main, OutputStream backing)
-        {
-            this.main = main;
-            this.backing = backing;
-        }
-
-        public void write(int i)
-            throws IOException
-        {
-            main.write(i);
-        }
-
-        public void close()
-            throws IOException
-        {
-            main.close();
-            if (backing != null)
-            {
-                backing.close();
-            }
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/smime/SMIMESignedWriter.java b/bcpkix/src/main/java/org/bouncycastle/mime/smime/SMIMESignedWriter.java
deleted file mode 100644
index 86e8361..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/smime/SMIMESignedWriter.java
+++ /dev/null

@@ -1,396 +0,0 @@
-package org.bouncycastle.mime.smime;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-import java.math.BigInteger;
-import java.security.SecureRandom;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.LinkedHashMap;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import java.util.TreeSet;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cms.CMSAlgorithm;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.CMSSignedDataStreamGenerator;
-import org.bouncycastle.cms.SignerInfoGenerator;
-import org.bouncycastle.mime.Headers;
-import org.bouncycastle.mime.MimeWriter;
-import org.bouncycastle.mime.encoding.Base64OutputStream;
-import org.bouncycastle.util.Store;
-import org.bouncycastle.util.Strings;
-
-/**
- * Writer for SMIME Signed objects.
- */
-public class SMIMESignedWriter
-    extends MimeWriter
-{
-    public static final Map RFC3851_MICALGS;
-    public static final Map RFC5751_MICALGS;
-    public static final Map STANDARD_MICALGS;
-
-    static
-    {
-        Map stdMicAlgs = new HashMap();
-
-        stdMicAlgs.put(CMSAlgorithm.MD5, "md5");
-        stdMicAlgs.put(CMSAlgorithm.SHA1, "sha-1");
-        stdMicAlgs.put(CMSAlgorithm.SHA224, "sha-224");
-        stdMicAlgs.put(CMSAlgorithm.SHA256, "sha-256");
-        stdMicAlgs.put(CMSAlgorithm.SHA384, "sha-384");
-        stdMicAlgs.put(CMSAlgorithm.SHA512, "sha-512");
-        stdMicAlgs.put(CMSAlgorithm.GOST3411, "gostr3411-94");
-        stdMicAlgs.put(CMSAlgorithm.GOST3411_2012_256, "gostr3411-2012-256");
-        stdMicAlgs.put(CMSAlgorithm.GOST3411_2012_512, "gostr3411-2012-512");
-
-        RFC5751_MICALGS = Collections.unmodifiableMap(stdMicAlgs);
-
-        Map oldMicAlgs = new HashMap();
-
-        oldMicAlgs.put(CMSAlgorithm.MD5, "md5");
-        oldMicAlgs.put(CMSAlgorithm.SHA1, "sha1");
-        oldMicAlgs.put(CMSAlgorithm.SHA224, "sha224");
-        oldMicAlgs.put(CMSAlgorithm.SHA256, "sha256");
-        oldMicAlgs.put(CMSAlgorithm.SHA384, "sha384");
-        oldMicAlgs.put(CMSAlgorithm.SHA512, "sha512");
-        oldMicAlgs.put(CMSAlgorithm.GOST3411, "gostr3411-94");
-        oldMicAlgs.put(CMSAlgorithm.GOST3411_2012_256, "gostr3411-2012-256");
-        oldMicAlgs.put(CMSAlgorithm.GOST3411_2012_512, "gostr3411-2012-512");
-
-        RFC3851_MICALGS = Collections.unmodifiableMap(oldMicAlgs);
-
-        STANDARD_MICALGS = RFC5751_MICALGS;
-    }
-
-    public static class Builder
-    {
-        private static final String[] detHeaders;
-        private static final String[] detValues;
-        private static final String[] encHeaders;
-        private static final String[] encValues;
-
-        static
-        {
-            detHeaders = new String[]
-                {
-                    "Content-Type"
-                };
-
-            detValues = new String[]
-                {
-                    "multipart/signed; protocol=\"application/pkcs7-signature\"",
-                };
-
-            encHeaders = new String[]
-                {
-                    "Content-Type",
-                    "Content-Disposition",
-                    "Content-Transfer-Encoding",
-                    "Content-Description"
-                };
-
-            encValues = new String[]
-                {
-                    "application/pkcs7-mime; name=\"smime.p7m\"; smime-type=enveloped-data",
-                    "attachment; filename=\"smime.p7m\"",
-                    "base64",
-                    "S/MIME Signed Message"
-                };
-        }
-
-        private final CMSSignedDataStreamGenerator sigGen = new CMSSignedDataStreamGenerator();
-        private final Map<String, String> extraHeaders = new LinkedHashMap<String, String>();
-        private final boolean encapsulated;
-        private final Map micAlgs = STANDARD_MICALGS;
-        
-        String contentTransferEncoding = "base64";
-
-        public Builder()
-        {
-            this(false);
-        }
-
-        public Builder(
-            boolean encapsulated)
-        {
-            this.encapsulated = encapsulated;
-        }
-
-        /**
-         * Specify a MIME header (name, value) pair for this builder. If the headerName already exists it will
-         * be overridden.
-         *
-         * @param headerName  name of the MIME header.
-         * @param headerValue value of the MIME header.
-         * @return the current Builder instance.
-         */
-        public Builder withHeader(String headerName, String headerValue)
-        {
-            this.extraHeaders.put(headerName, headerValue);
-
-            return this;
-        }
-
-        public Builder addCertificate(X509CertificateHolder certificate)
-            throws CMSException
-        {
-            this.sigGen.addCertificate(certificate);
-
-            return this;
-        }
-
-        public Builder addCertificates(Store certificates)
-            throws CMSException
-        {
-            this.sigGen.addCertificates(certificates);
-
-            return this;
-        }
-
-        /**
-         * Add a generator to produce the signer info required.
-         *
-         * @param signerGenerator a generator for a signer info object.
-         * @return the current Builder instance.
-         */
-        public Builder addSignerInfoGenerator(SignerInfoGenerator signerGenerator)
-        {
-            this.sigGen.addSignerInfoGenerator(signerGenerator);
-
-            return this;
-        }
-
-        public SMIMESignedWriter build(OutputStream mimeOut)
-        {
-            Map<String, String> headers = new LinkedHashMap<String, String>();
-
-            String boundary;
-            if (encapsulated)
-            {
-                boundary = null;
-                for (int i = 0; i != encHeaders.length; i++)
-                {
-                    headers.put(encHeaders[i], encValues[i]);
-                }
-            }
-            else
-            {
-                boundary = generateBoundary();
-
-                // handle Content-Type specially
-                StringBuffer contValue = new StringBuffer(detValues[0]);
-
-                addHashHeader(contValue, sigGen.getDigestAlgorithms());
-
-                addBoundary(contValue, boundary);
-                headers.put(detHeaders[0], contValue.toString());
-
-                for (int i = 1; i < detHeaders.length; i++)
-                {
-                    headers.put(detHeaders[i], detValues[i]);
-                }
-            }
-
-            for (Iterator it = extraHeaders.entrySet().iterator(); it.hasNext();)
-            {
-                Map.Entry ent = (Map.Entry)it.next();
-                headers.put((String)ent.getKey(), (String)ent.getValue());
-            }
-
-            return new SMIMESignedWriter(this, headers, boundary, mimeOut);
-        }
-
-        private void addHashHeader(
-            StringBuffer header,
-            List signers)
-        {
-            int count = 0;
-
-            //
-            // build the hash header
-            //
-            Iterator it = signers.iterator();
-            Set micAlgSet = new TreeSet();
-
-            while (it.hasNext())
-            {
-                AlgorithmIdentifier digest = (AlgorithmIdentifier)it.next();
-
-                String micAlg = (String)micAlgs.get(digest.getAlgorithm());
-
-                if (micAlg == null)
-                {
-                    micAlgSet.add("unknown");
-                }
-                else
-                {
-                    micAlgSet.add(micAlg);
-                }
-            }
-
-            it = micAlgSet.iterator();
-
-            while (it.hasNext())
-            {
-                String alg = (String)it.next();
-
-                if (count == 0)
-                {
-                    if (micAlgSet.size() != 1)
-                    {
-                        header.append("; micalg=\"");
-                    }
-                    else
-                    {
-                        header.append("; micalg=");
-                    }
-                }
-                else
-                {
-                    header.append(',');
-                }
-
-                header.append(alg);
-
-                count++;
-            }
-
-            if (count != 0)
-            {
-                if (micAlgSet.size() != 1)
-                {
-                    header.append('\"');
-                }
-            }
-        }
-
-        private void addBoundary(
-             StringBuffer header,
-             String boundary)
-        {
-             header.append(";\r\n\tboundary=\"");
-             header.append(boundary);
-             header.append("\"");
-        }
-
-        private String generateBoundary()
-        {
-            SecureRandom random = new SecureRandom();
-
-            return "==" + new BigInteger(180, random).setBit(179).toString(16) + "=";
-        }
-    }
-
-    private final CMSSignedDataStreamGenerator sigGen;
-
-    private final String boundary;
-    private final OutputStream mimeOut;
-    private final String contentTransferEncoding;
-
-    private SMIMESignedWriter(Builder builder, Map<String, String> headers, String boundary, OutputStream mimeOut)
-    {
-        super(new Headers(mapToLines(headers), builder.contentTransferEncoding));
-
-        this.sigGen = builder.sigGen;
-        this.contentTransferEncoding = builder.contentTransferEncoding;
-        this.boundary = boundary;
-        this.mimeOut = mimeOut;
-    }
-
-    /**
-     * Return a content stream for the signer - note data written to this stream needs to properly
-     * canonicalised if necessary.
-     *
-     * @return an output stream for data to be signed to be written to.
-     * @throws IOException on a stream error.
-     */
-    public OutputStream getContentStream()
-        throws IOException
-    {
-        headers.dumpHeaders(mimeOut);
-
-        mimeOut.write(Strings.toByteArray("\r\n"));
-
-        if (boundary == null)
-        {
-            return null; // TODO: new ContentOutputStream(sigGen.open(mimeOut, true), mimeOut);
-        }
-        else
-        {
-            mimeOut.write(Strings.toByteArray("This is an S/MIME signed message\r\n"));
-            mimeOut.write(Strings.toByteArray("\r\n--"));
-            mimeOut.write(Strings.toByteArray(boundary));
-            mimeOut.write(Strings.toByteArray("\r\n"));
-
-            ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-            Base64OutputStream stream = new Base64OutputStream(bOut);
-
-            return new ContentOutputStream(sigGen.open(stream,false, SMimeUtils.createUnclosable(mimeOut)), mimeOut, bOut, stream);
-        }
-    }
-
-    private class ContentOutputStream
-        extends OutputStream
-    {
-        private final OutputStream main;
-        private final OutputStream backing;
-        private final ByteArrayOutputStream sigStream;
-        private final OutputStream sigBase;
-
-        ContentOutputStream(OutputStream main, OutputStream backing, ByteArrayOutputStream sigStream, OutputStream sigBase)
-        {
-            this.main = main;
-            this.backing = backing;
-            this.sigStream = sigStream;
-            this.sigBase = sigBase;
-        }
-
-        public void write(int i)
-            throws IOException
-        {
-            main.write(i);
-        }
-
-        public void close()
-            throws IOException
-        {
-            if (boundary != null)
-            {
-                main.close();
-
-                backing.write(Strings.toByteArray("\r\n--"));
-                backing.write(Strings.toByteArray(boundary));
-                backing.write(Strings.toByteArray("\r\n"));
-
-                backing.write(Strings.toByteArray("Content-Type: application/pkcs7-signature; name=\"smime.p7s\"\r\n"));
-                backing.write(Strings.toByteArray("Content-Transfer-Encoding: base64\r\n"));
-                backing.write(Strings.toByteArray("Content-Disposition: attachment; filename=\"smime.p7s\"\r\n"));
-                backing.write(Strings.toByteArray("\r\n"));
-
-                if (sigBase != null)
-                {
-                    sigBase.close();
-                }
-                
-                backing.write(sigStream.toByteArray());
-
-                backing.write(Strings.toByteArray("\r\n--"));
-                backing.write(Strings.toByteArray(boundary));
-                backing.write(Strings.toByteArray("--\r\n"));
-            }
-
-            if (backing != null)
-            {
-                backing.close();
-            }
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/smime/SMimeMultipartContext.java b/bcpkix/src/main/java/org/bouncycastle/mime/smime/SMimeMultipartContext.java
deleted file mode 100644
index 3395ab1..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/smime/SMimeMultipartContext.java
+++ /dev/null

@@ -1,118 +0,0 @@
-package org.bouncycastle.mime.smime;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.util.Map;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.mime.CanonicalOutputStream;
-import org.bouncycastle.mime.Headers;
-import org.bouncycastle.mime.MimeContext;
-import org.bouncycastle.mime.MimeMultipartContext;
-import org.bouncycastle.mime.MimeParserContext;
-import org.bouncycastle.operator.DigestCalculator;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.util.io.TeeInputStream;
-import org.bouncycastle.util.io.TeeOutputStream;
-
-public class SMimeMultipartContext
-    implements MimeMultipartContext
-{
-    private final SMimeParserContext parserContext;
-
-    private DigestCalculator[] calculators;
-
-
-    public SMimeMultipartContext(MimeParserContext parserContext, Headers headers)
-    {
-        this.parserContext = (SMimeParserContext)parserContext;
-        this.calculators = createDigestCalculators(headers);
-    }
-
-    DigestCalculator[] getDigestCalculators()
-    {
-        return calculators;
-    }
-
-    OutputStream getDigestOutputStream()
-    {
-        if (calculators.length == 1)
-        {
-            return calculators[0].getOutputStream();
-        }
-        else
-        {
-            OutputStream compoundStream = calculators[0].getOutputStream();
-
-            for (int i = 1; i < calculators.length; i++)
-            {
-                compoundStream = new TeeOutputStream(calculators[i].getOutputStream(), compoundStream);
-            }
-
-            return compoundStream;
-        }
-    }
-
-    private DigestCalculator[] createDigestCalculators(Headers headers)
-    {
-        try
-        {
-            Map<String, String> contentTypeFields = headers.getContentTypeAttributes();
-
-            String micalgs = (String)contentTypeFields.get("micalg");
-            if (micalgs == null)
-            {
-                throw new IllegalStateException("No micalg field on content-type header");
-            }
-
-            String[] algs = micalgs.substring(micalgs.indexOf('=') + 1).split(",");
-            DigestCalculator[] dcOut = new DigestCalculator[algs.length];
-
-            for (int t = 0; t < algs.length; t++)
-            {
-                // Deal with possibility of quoted parts, eg  "SHA1","SHA256" etc
-                String alg = SMimeUtils.lessQuotes(algs[t]).trim();
-                dcOut[t] = parserContext.getDigestCalculatorProvider().get(
-                    new AlgorithmIdentifier(SMimeUtils.getDigestOID(alg)));
-            }
-
-            return dcOut;
-        }
-        catch (OperatorCreationException e)
-        {
-            return null;
-        }
-    }
-
-    public MimeContext createContext(final int partNo)
-        throws IOException
-    {
-        return new MimeContext()
-        {
-            public InputStream applyContext(Headers headers, InputStream contentStream)
-                throws IOException
-            {
-                if (partNo == 0)
-                {
-                    OutputStream digestOut = getDigestOutputStream();
-
-                    headers.dumpHeaders(digestOut);
-
-                    digestOut.write('\r');
-                    digestOut.write('\n');
-
-                    return new TeeInputStream(contentStream, new CanonicalOutputStream(parserContext, headers, digestOut));
-                }
-
-                return contentStream;
-            }
-        };
-    }
-
-    public InputStream applyContext(Headers headers, InputStream contentStream)
-        throws IOException
-    {
-        return contentStream;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/smime/SMimeParserContext.java b/bcpkix/src/main/java/org/bouncycastle/mime/smime/SMimeParserContext.java
deleted file mode 100644
index f494414..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/smime/SMimeParserContext.java
+++ /dev/null

@@ -1,27 +0,0 @@
-package org.bouncycastle.mime.smime;
-
-import org.bouncycastle.mime.MimeParserContext;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-
-public class SMimeParserContext
-    implements MimeParserContext
-{
-    private final String defaultContentTransferEncoding;
-    private final DigestCalculatorProvider digestCalculatorProvider;
-
-    public SMimeParserContext(String defaultContentTransferEncoding, DigestCalculatorProvider digestCalculatorProvider)
-    {
-        this.defaultContentTransferEncoding = defaultContentTransferEncoding;
-        this.digestCalculatorProvider = digestCalculatorProvider;
-    }
-
-    public String getDefaultContentTransferEncoding()
-    {
-        return defaultContentTransferEncoding;
-    }
-
-    public DigestCalculatorProvider getDigestCalculatorProvider()
-    {
-        return digestCalculatorProvider;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/smime/SMimeParserListener.java b/bcpkix/src/main/java/org/bouncycastle/mime/smime/SMimeParserListener.java
deleted file mode 100644
index d6e1ee8..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/smime/SMimeParserListener.java
+++ /dev/null

@@ -1,105 +0,0 @@
-package org.bouncycastle.mime.smime;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.cms.CMSEnvelopedDataParser;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.CMSSignedData;
-import org.bouncycastle.cms.OriginatorInformation;
-import org.bouncycastle.cms.RecipientInformationStore;
-import org.bouncycastle.cms.SignerInformationStore;
-import org.bouncycastle.mime.ConstantMimeContext;
-import org.bouncycastle.mime.Headers;
-import org.bouncycastle.mime.MimeContext;
-import org.bouncycastle.mime.MimeIOException;
-import org.bouncycastle.mime.MimeParserContext;
-import org.bouncycastle.mime.MimeParserListener;
-import org.bouncycastle.operator.DigestCalculator;
-import org.bouncycastle.util.Store;
-import org.bouncycastle.util.io.Streams;
-
-public abstract class SMimeParserListener
-    implements MimeParserListener
-{
-    private DigestCalculator[] digestCalculators;
-    private SMimeMultipartContext parent;
-
-    public MimeContext createContext(MimeParserContext parserContext, Headers headers)
-    {
-        if (headers.isMultipart())
-        {
-            parent = new SMimeMultipartContext(parserContext, headers);
-            this.digestCalculators = parent.getDigestCalculators();
-            return parent;
-        }
-        else
-        {
-            return new ConstantMimeContext();
-        }
-    }
-
-    public void object(MimeParserContext parserContext, Headers headers, InputStream inputStream)
-        throws IOException
-    {
-        try
-        {
-            if (headers.getContentType().equals("application/pkcs7-signature")
-                || headers.getContentType().equals("application/x-pkcs7-signature"))
-            {
-                Map<ASN1ObjectIdentifier, byte[]> hashes = new HashMap<ASN1ObjectIdentifier, byte[]>();
-
-                for (int i = 0; i != digestCalculators.length; i++)
-                {
-                    digestCalculators[i].getOutputStream().close();
-
-                    hashes.put(digestCalculators[i].getAlgorithmIdentifier().getAlgorithm(), digestCalculators[i].getDigest());
-                }
-
-                byte[] sigBlock = Streams.readAll(inputStream);
-
-                CMSSignedData signedData = new CMSSignedData(hashes, sigBlock);
-
-                signedData(parserContext, headers, signedData.getCertificates(), signedData.getCRLs(), signedData.getAttributeCertificates(), signedData.getSignerInfos());
-            }
-            else if (headers.getContentType().equals("application/pkcs7-mime")
-                  || headers.getContentType().equals("application/x-pkcs7-mime"))
-            {
-                CMSEnvelopedDataParser envelopedDataParser = new CMSEnvelopedDataParser(inputStream);
-
-                envelopedData(parserContext, headers, envelopedDataParser.getOriginatorInfo(), envelopedDataParser.getRecipientInfos());
-
-                envelopedDataParser.close();
-            }
-            else
-            {
-                content(parserContext, headers, inputStream);
-            }
-        }
-        catch (CMSException e)
-        {
-            throw new MimeIOException("CMS failure: " + e.getMessage(), e);
-        }
-    }
-
-    public void content(MimeParserContext parserContext, Headers headers, InputStream inputStream)
-        throws IOException
-    {
-        throw new IllegalStateException("content handling not implemented");
-    }
-
-    public void signedData(MimeParserContext parserContext, Headers headers, Store certificates, Store CRLs, Store attributeCertificates, SignerInformationStore signers)
-        throws IOException, CMSException
-    {
-        throw new IllegalStateException("signedData handling not implemented");
-    }
-
-    public void envelopedData(MimeParserContext parserContext, Headers headers, OriginatorInformation originatorInformation, RecipientInformationStore recipients)
-        throws IOException, CMSException
-    {
-        throw new IllegalStateException("envelopedData handling not implemented");
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/smime/SMimeParserProvider.java b/bcpkix/src/main/java/org/bouncycastle/mime/smime/SMimeParserProvider.java
deleted file mode 100644
index 5c5bba6..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/smime/SMimeParserProvider.java
+++ /dev/null

@@ -1,35 +0,0 @@
-package org.bouncycastle.mime.smime;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.bouncycastle.mime.BasicMimeParser;
-import org.bouncycastle.mime.Headers;
-import org.bouncycastle.mime.MimeParser;
-import org.bouncycastle.mime.MimeParserProvider;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-
-public class SMimeParserProvider
-    implements MimeParserProvider
-{
-    private final String defaultContentTransferEncoding;
-    private final DigestCalculatorProvider digestCalculatorProvider;
-
-    public SMimeParserProvider(String defaultContentTransferEncoding, DigestCalculatorProvider digestCalculatorProvider)
-    {
-        this.defaultContentTransferEncoding = defaultContentTransferEncoding;
-        this.digestCalculatorProvider = digestCalculatorProvider;
-    }
-
-    public MimeParser createParser(InputStream source)
-        throws IOException
-    {
-        return new BasicMimeParser(new SMimeParserContext(defaultContentTransferEncoding, digestCalculatorProvider), source);
-    }
-
-    public MimeParser createParser(Headers headers, InputStream source)
-        throws IOException
-    {
-        return new BasicMimeParser(new SMimeParserContext(defaultContentTransferEncoding, digestCalculatorProvider), headers, source);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/smime/SMimeUtils.java b/bcpkix/src/main/java/org/bouncycastle/mime/smime/SMimeUtils.java
deleted file mode 100644
index 6f9daeb..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/smime/SMimeUtils.java
+++ /dev/null

@@ -1,135 +0,0 @@
-package org.bouncycastle.mime.smime;
-
-import java.io.FilterOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.TreeMap;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.cms.CMSAlgorithm;
-import org.bouncycastle.util.Strings;
-
-class SMimeUtils
-{
-    private static final Map RFC5751_MICALGS;
-    private static final Map RFC3851_MICALGS;
-    private static final Map STANDARD_MICALGS;
-    private static final Map forMic;
-
-    private static final byte[] nl = new byte[2];
-
-
-    static
-    {
-        nl[0] = '\r';
-        nl[1] = '\n';
-
-
-        Map stdMicAlgs = new HashMap();
-
-        stdMicAlgs.put(CMSAlgorithm.MD5, "md5");
-        stdMicAlgs.put(CMSAlgorithm.SHA1, "sha-1");
-        stdMicAlgs.put(CMSAlgorithm.SHA224, "sha-224");
-        stdMicAlgs.put(CMSAlgorithm.SHA256, "sha-256");
-        stdMicAlgs.put(CMSAlgorithm.SHA384, "sha-384");
-        stdMicAlgs.put(CMSAlgorithm.SHA512, "sha-512");
-        stdMicAlgs.put(CMSAlgorithm.GOST3411, "gostr3411-94");
-        stdMicAlgs.put(CMSAlgorithm.GOST3411_2012_256, "gostr3411-2012-256");
-        stdMicAlgs.put(CMSAlgorithm.GOST3411_2012_512, "gostr3411-2012-512");
-
-        RFC5751_MICALGS = Collections.unmodifiableMap(stdMicAlgs);
-
-        Map oldMicAlgs = new HashMap();
-
-        oldMicAlgs.put(CMSAlgorithm.MD5, "md5");
-        oldMicAlgs.put(CMSAlgorithm.SHA1, "sha1");
-        oldMicAlgs.put(CMSAlgorithm.SHA224, "sha224");
-        oldMicAlgs.put(CMSAlgorithm.SHA256, "sha256");
-        oldMicAlgs.put(CMSAlgorithm.SHA384, "sha384");
-        oldMicAlgs.put(CMSAlgorithm.SHA512, "sha512");
-        oldMicAlgs.put(CMSAlgorithm.GOST3411, "gostr3411-94");
-        oldMicAlgs.put(CMSAlgorithm.GOST3411_2012_256, "gostr3411-2012-256");
-        oldMicAlgs.put(CMSAlgorithm.GOST3411_2012_512, "gostr3411-2012-512");
-
-
-        RFC3851_MICALGS = Collections.unmodifiableMap(oldMicAlgs);
-
-        STANDARD_MICALGS = RFC5751_MICALGS;
-
-
-        Map<String, ASN1ObjectIdentifier> mic = new TreeMap<String, ASN1ObjectIdentifier>(String.CASE_INSENSITIVE_ORDER);
-
-        for (Iterator it = STANDARD_MICALGS.keySet().iterator(); it.hasNext();)
-        {
-            Object key = it.next();
-            mic.put(STANDARD_MICALGS.get(key).toString(), (ASN1ObjectIdentifier)key);
-        }
-
-        for (Iterator it = RFC3851_MICALGS.keySet().iterator(); it.hasNext();)
-        {
-            Object key = it.next();
-            mic.put(RFC3851_MICALGS.get(key).toString(), (ASN1ObjectIdentifier)key);
-        }
-
-        forMic = Collections.unmodifiableMap(mic);
-
-    }
-
-    static String lessQuotes(String in)
-    {
-        if (in == null || in.length() <= 1)  // make sure we have at least 2 characters
-        {
-            return in;
-        }
-
-        if (in.charAt(0) == '"' && in.charAt(in.length() - 1) == '"')
-        {
-            return in.substring(1, in.length() - 1);
-        }
-
-        return in;
-    }
-
-    static String getParameter(String startsWith, List<String> parameters)
-    {
-        for (Iterator<String> paramIt = parameters.iterator(); paramIt.hasNext(); )
-        {
-            String param = (String)paramIt.next();
-            if (param.startsWith(startsWith))
-            {
-                return param;
-            }
-        }
-
-        return null;
-    }
-
-    static ASN1ObjectIdentifier getDigestOID(String alg)
-    {
-        ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)forMic.get(Strings.toLowerCase(alg));
-
-        if (oid == null)
-        {
-            throw new IllegalArgumentException("unknown micalg passed: " + alg);
-        }
-
-        return oid;
-    }
-
-    static OutputStream createUnclosable(OutputStream destination)
-    {
-        return new FilterOutputStream(destination)
-        {
-            public void close()
-                throws IOException
-            {
-
-            }
-        };
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/test/AllTests.java b/bcpkix/src/main/java/org/bouncycastle/mime/test/AllTests.java
deleted file mode 100644
index 5c17aa6..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/test/AllTests.java
+++ /dev/null

@@ -1,47 +0,0 @@
-package org.bouncycastle.mime.test;
-
-import java.security.Security;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-
-public class AllTests
-    extends TestCase
-{
-    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
-
-    public void setUp()
-    {
-        if (Security.getProvider(BC) != null)
-        {
-            Security.addProvider(new BouncyCastleProvider());
-        }
-    }
-
-    public static void main(String[] args)
-        throws Exception
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        junit.textui.TestRunner.run(suite());
-    }
-
-    public static Test suite()
-        throws Exception
-    {
-        TestSuite suite = new TestSuite("MIME tests");
-
-        suite.addTestSuite(Base64TransferEncodingTest.class);
-        suite.addTestSuite(MimeParserTest.class);
-        suite.addTestSuite(MultipartParserTest.class);
-        suite.addTestSuite(QuotedPrintableTest.class);
-        suite.addTestSuite(TestBoundaryLimitedInputStream.class);
-        suite.addTestSuite(TestSMIMEEnveloped.class);
-        suite.addTestSuite(TestSMIMESigned.class);
-        suite.addTestSuite(TestSMIMESignEncrypt.class);
-
-        return new MIMETestSetup(suite);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/test/Base64TransferEncodingTest.java b/bcpkix/src/main/java/org/bouncycastle/mime/test/Base64TransferEncodingTest.java
deleted file mode 100644
index cf765e2..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/test/Base64TransferEncodingTest.java
+++ /dev/null

@@ -1,266 +0,0 @@
-package org.bouncycastle.mime.test;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.security.SecureRandom;
-
-import junit.framework.TestCase;
-import org.bouncycastle.util.encoders.Base64;
-
-public class Base64TransferEncodingTest
-    extends TestCase
-{
-    private SecureRandom random = new SecureRandom();
-
-    /**
-     * Test the decoding of some base64 arranged in lines of
-     * 64 byte base 64 encoded rows terminated CRLF.
-     *
-     * @throws Exception
-     */
-    public void testDecodeWellFormed()
-        throws Exception
-    {
-        byte[][] original = new byte[4][48];
-
-        ByteArrayOutputStream bos = new ByteArrayOutputStream();
-
-        //
-        // Create 4 lines of 64bytes of base64 encoded data.
-        //
-        for (int i = 0; i != original.length; i++)
-        {
-            byte[] row = original[i];
-            
-            random.nextBytes(row);
-            bos.write(Base64.encode(row));
-            bos.write('\r');
-            bos.write('\n');
-        }
-
-        verifyDecode(original, bos);
-    }
-
-
-    /**
-     * Test decode without CR only LF.
-     *
-     * @throws Exception
-     */
-    public void testDecodeWithoutCR()
-        throws Exception
-    {
-        byte[][] original = new byte[4][48];
-
-        ByteArrayOutputStream bos = new ByteArrayOutputStream();
-
-        //
-        // Create 4 lines of 64bytes of base64 encoded data.
-        //
-        for (int i = 0; i != original.length; i++)
-        {
-            byte[] row = original[i];
-
-            random.nextBytes(row);
-            bos.write(Base64.encode(row));
-            bos.write('\n');
-        }
-
-        verifyDecode(original, bos);
-    }
-
-
-    /**
-     * Test decode with long lines past the length in the spec.
-     *
-     * @throws Exception
-     */
-    public void testDecodeLongLines()
-        throws Exception
-    {
-        byte[][] original = new byte[4][765];
-
-        ByteArrayOutputStream bos = new ByteArrayOutputStream();
-
-        //
-        // Create 4 lines of 1023 bytes of base64 encoded data.
-        //
-        for (int i = 0; i != original.length; i++)
-        {
-            byte[] row = original[i];
-            random.nextBytes(row);
-            bos.write(Base64.encode(row));
-            bos.write('\n');
-        }
-
-        verifyDecode(original, bos);
-    }
-
-
-    /**
-     * Test decode with long lines past the length in the spec.
-     *
-     * @throws Exception
-     */
-    public void testExcessiveLongLine()
-        throws Exception
-    {
-        byte[][] original = new byte[4][766];
-
-        ByteArrayOutputStream bos = new ByteArrayOutputStream();
-
-        //
-        // Create 4 lines of 1023 bytes of base64 encoded data.
-        //
-        for (int i = 0; i != original.length; i++)
-        {
-            byte[] row = original[i];
-
-            random.nextBytes(row);
-            bos.write(Base64.encode(row));
-            bos.write('\n');
-        }
-
-        try
-        {
-            verifyDecode(original, bos);
-        }
-        catch (Exception ex)
-        {
-            TestCase.assertEquals("End of line of base64 not reached before line buffer overflow.", ex.getMessage());
-        }
-    }
-
-
-    /**
-     * Test decode of empty data.
-     *
-     * @throws Exception
-     */
-    public void testEmpty()
-        throws Exception
-    {
-        // Assertions in verifyDecode()
-        verifyDecode(new byte[0][0], new ByteArrayOutputStream());
-    }
-
-
-    private void verifyDecode(byte[][] original, ByteArrayOutputStream bos)
-        throws IOException
-    {
-//        MimeParserInputStream source = new MimeParserInputStream(new ByteArrayInputStream(bos.toByteArray()), 1024);
-//        Base64TransferDecoder bte = new Base64TransferDecoder(source, 1024);
-//
-//        for (byte[] row : original)
-//        {
-//            for (byte expected : row)
-//            {
-//                TestCase.assertEquals(expected & 0xFF, bte.read());
-//            }
-//        }
-//
-//        TestCase.assertEquals(-1, bte.read());
-
-    }
-
-
-    /**
-     * This test causes the final line of base64 to not be a multiple of 64.
-     *
-     * @throws Exception
-     */
-    public void testDecodeLengths()
-        throws Exception
-    {
-        byte[][] original = new byte[4][48];
-        original[original.length - 1] = new byte[22];
-
-        ByteArrayOutputStream bos = new ByteArrayOutputStream();
-
-        //
-        // Create 4 lines of 64bytes of base64 encoded data.
-        //
-        for (int i = 0; i != original.length; i++)
-        {
-            byte[] row = original[i];
-
-            random.nextBytes(row);
-            bos.write(Base64.encode(row));
-            bos.write('\r');
-            bos.write('\n');
-        }
-
-        verifyDecode(original, bos);
-    }
-
-
-    /**
-     * This test causes the final line of base64 to not be a multiple of 64.
-     *
-     * @throws Exception
-     */
-    public void testPartialLineEnding()
-        throws Exception
-    {
-        byte[][] original = new byte[4][48];
-        original[original.length - 1] = new byte[22];
-
-        ByteArrayOutputStream bos = new ByteArrayOutputStream();
-
-        //
-        // Create 4 lines of 64bytes of base64 encoded data.
-        //
-        for (int i = 0; i != original.length; i++)
-        {
-            byte[] row = original[i];
-
-            random.nextBytes(row);
-            bos.write(Base64.encode(row));
-            bos.write('\r');
-            bos.write('\n');
-        }
-
-        verifyDecode(original, bos);
-    }
-
-
-    public void testMultilined()
-        throws Exception
-    {
-        String b64 = "MIAGCSqGSIb3DQEHA6CAMIACAQAxggFOMIIBSgIBADCBsjCBrDELMAkGA1UEBhMCQVQxEDAOBgNV\n" +
-            "BAgTB0F1c3RyaWExDzANBgNVBAcTBlZpZW5uYTEaMBgGA1UEChMRVGlhbmkgU3Bpcml0IEdtYkgx\n" +
-            "GTAXBgNVBAsTEERlbW8gRW52aXJvbm1lbnQxEDAOBgNVBAMTB1Rlc3QgQ0ExMTAvBgkqhkiG9w0B\n" +
-            "CQEWIm1hc3NpbWlsaWFuby5tYXNpQHRpYW5pLXNwaXJpdC5jb20CAQkwDQYJKoZIhvcNAQEBBQAE\n" +
-            "gYALxKaiVW43jHjDiJ4kC6N90lpyG0jxeJ7nynWaR4YkDiUQ/jE8cJwRX0jBQeWKRvf3Y+XhRuB3\n" +
-            "B76cKxBGTgMh6pCuLoIvgBJq54kqql/xz3hO7QRvvuHnEljlw2uhd0PQqQYe8oLdu1Yqyo9+9Jsx\n" +
-            "I7QX43E2H5b3nNGND24djDCABgkqhkiG9w0BBwEwHQYJYIZIAWUDBAEqBBD+UNge0S52HEPuFBEq\n" +
-            "IEvYoIAEggHAcOET1XS7H/OZALZ0cyns3p6kxgAlblE4BvMQnAen8VlhDehp130WdDF4jC+zRjza\n" +
-            "ZftPatKq/Hlhu0wuj+FZESjy2d2hR7FT8qCqGda70IyyOhloG7Ym+17E0MyYQsH38i+uC8NjcSeo\n" +
-            "egggsQoidePpg/9BNFMA4j6vORFcNBvnwj71mV2icx7mUud97cXobJnrfm3hmEmYkm7wL413cibH\n" +
-            "b8K3yNu/hMqJViT0GvlhQdR9hDgu5i2WhiE2UTaFu3xL2xNhzXBvhOwj/gikzFIWva4S/2JfK3M8\n" +
-            "A0lYu6f1vYUF2jazi81wQFEF7qKyp7zx7X2iZjn8DDSCY73izHafF1JJijDFaHrD5245kaSJ7MKP\n" +
-            "jJ/HWk9lbed0ay8f96QuvWEEKSy4xejy6w7DKxKr4icN7KDE5Nyc2ZAJxmCm50B7yHpNZfKQ38E+\n" +
-            "e/bCgvAESFcnw9pRJz9mXmwazxEvCpoO/ezgmgro+59CCRKqdUeOyyLQg6d7xqUcgeY1SoDxzEre\n" +
-            "i4IBlig6+HWLs+9OPMa2fuYYIVZvg7mpeM4lEfdhRssWBWwTTmrtwRbAaT7BTCtlvfqzpHrycp5O\n" +
-            "zgAAAAAAAAAAAAA=";
-
-
-        byte[] data = Base64.decode(b64);
-
-//
-//        MimeParserInputStream mpin = new MimeParserInputStream(new ByteArrayInputStream(b64.getBytes()), 1024);
-//        Base64TransferDecoder btd = new Base64TransferDecoder(mpin, 1024);
-//
-//
-//        for (int t = 0; t < data.length; t++)
-//        {
-//            TestCase.assertEquals("Position: " + t, data[t] & 0xFF, btd.read());
-//        }
-//
-//        TestCase.assertEquals(-1, btd.read());
-
-    }
-
-}
-
-

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/test/MIMETestSetup.java b/bcpkix/src/main/java/org/bouncycastle/mime/test/MIMETestSetup.java
deleted file mode 100644
index 17e8484..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/test/MIMETestSetup.java
+++ /dev/null

@@ -1,28 +0,0 @@
-
-package org.bouncycastle.mime.test;
-
-import java.security.Security;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-
-class MIMETestSetup
-    extends TestSetup
-{
-    public MIMETestSetup(Test test)
-    {
-        super(test);
-    }
-
-    protected void setUp()
-    {
-        Security.addProvider(new BouncyCastleProvider());
-    }
-
-    protected void tearDown()
-    {
-        Security.removeProvider(BouncyCastleProvider.PROVIDER_NAME);
-    }
-
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/test/MimeParserTest.java b/bcpkix/src/main/java/org/bouncycastle/mime/test/MimeParserTest.java
deleted file mode 100644
index 9519569..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/test/MimeParserTest.java
+++ /dev/null

@@ -1,45 +0,0 @@
-package org.bouncycastle.mime.test;
-
-import java.io.ByteArrayInputStream;
-
-import junit.framework.TestCase;
-import org.bouncycastle.mime.Headers;
-import org.bouncycastle.util.Strings;
-
-public class MimeParserTest
-    extends TestCase
-{
-    public void testMixtureOfHeaders()
-        throws Exception
-    {
-
-        String parts[] = new String[]{
-            "Received", "from mr11p26im-asmtp003.me.com (mr11p26im-asmtp003.me.com [17.110.86.110]) " +
-            "by tauceti.org.au (Our Mail Server) with ESMTP (TLS) id 23294071-1879654 " +
-            "for <megan@cryptoworkshop.com>; Fri, 29 Jun 2018 14:52:26 +1000\n",
-            "Return-Path", " <pogobot@icloud.com>\n",
-            "X-Verify-SMTP", " Host 17.110.86.110 sending to us was not listening\r\n"
-        };
-
-
-        String values = parts[0] + ":" + parts[1] + parts[2] + ":" + parts[3] + parts[4] + ":" + parts[5] + "\r\n";
-
-        Headers headers = new Headers(new ByteArrayInputStream(Strings.toByteArray(values)), "7bit");
-
-        for (int t = 0; t < parts.length; t += 2)
-        {
-            TestCase.assertEquals("Part " + t, parts[t + 1].trim(), headers.getValues(parts[t])[0]);
-        }
-
-    }
-
-    public void testEndOfHeaders()
-        throws Exception
-    {
-        String values = "Foo: bar\r\n\r\n";
-
-        Headers headers = new Headers(new ByteArrayInputStream(Strings.toByteArray(values)), "7bit");
-
-        assertEquals("bar", headers.getValues("Foo")[0]);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/test/MultipartParserTest.java b/bcpkix/src/main/java/org/bouncycastle/mime/test/MultipartParserTest.java
deleted file mode 100644
index ec8ea48..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/test/MultipartParserTest.java
+++ /dev/null

@@ -1,447 +0,0 @@
-package org.bouncycastle.mime.test;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.Security;
-import java.security.cert.CertificateException;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Iterator;
-import java.util.Map;
-
-import junit.framework.TestCase;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.SignerInformation;
-import org.bouncycastle.cms.SignerInformationStore;
-import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.mime.BasicMimeParser;
-import org.bouncycastle.mime.ConstantMimeContext;
-import org.bouncycastle.mime.Headers;
-import org.bouncycastle.mime.MimeContext;
-import org.bouncycastle.mime.MimeMultipartContext;
-import org.bouncycastle.mime.MimeParser;
-import org.bouncycastle.mime.MimeParserContext;
-import org.bouncycastle.mime.MimeParserListener;
-import org.bouncycastle.mime.MimeParserProvider;
-import org.bouncycastle.mime.smime.SMimeParserListener;
-import org.bouncycastle.mime.smime.SMimeParserProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.bc.BcDigestCalculatorProvider;
-import org.bouncycastle.util.Store;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.io.Streams;
-
-public class MultipartParserTest
-    extends TestCase
-{
-
-    protected void setUp()
-        throws Exception
-    {
-        if (Security.getProvider("BC") == null)
-        {
-            Security.addProvider(new BouncyCastleProvider());
-        }
-    }
-
-
-    /**
-     * Parse content header good.
-     *
-     * @throws Exception
-     */
-    public void testParseContentTypeHeader_wellformed()
-        throws Exception
-    {
-        String value = "multipart/alternative;\n" +
-            " boundary=\"Apple-Mail=_8B1F6ECB-9629-424B-B871-1357CCDBCC84\"";
-
-        ArrayList<String> values = new ArrayList<String>();
-        values.add("Content-type: " + value);
-
-        Headers headers = new Headers(values, value);
-        TestCase.assertEquals("multipart/alternative", headers.getContentType());
-        Map<String, String> fieldValues = headers.getContentTypeAttributes();
-        TestCase.assertEquals(1, fieldValues.size());
-        TestCase.assertEquals("{boundary=\"Apple-Mail=_8B1F6ECB-9629-424B-B871-1357CCDBCC84\"}", fieldValues.toString());
-    }
-
-
-    /**
-     * Parse content header good.
-     *
-     * @throws Exception
-     */
-    public void testParseContentTypeHeader_wellformed_multi()
-        throws Exception
-    {
-        String value = "multipart/signed;\n" +
-            " boundary=\"Apple-Mail=_8B1F6ECB-9629-424B-B871-1357CCDBCC84\"; micalg=\"SHA1\"";
-
-        ArrayList<String> values = new ArrayList<String>();
-        values.add("Content-type: " + value);
-
-        Headers headers = new Headers(values, value);
-        TestCase.assertEquals("multipart/signed", headers.getContentType());
-        Map<String, String> fieldValues = headers.getContentTypeAttributes();
-        TestCase.assertEquals(2, fieldValues.size());
-        TestCase.assertEquals("{boundary=\"Apple-Mail=_8B1F6ECB-9629-424B-B871-1357CCDBCC84\", micalg=\"SHA1\"}", fieldValues.toString());
-    }
-
-
-    /**
-     * Parse content header good.
-     *
-     * @throws Exception
-     */
-    public void testParseContentTypeHeader_broken()
-        throws Exception
-    {
-
-        // Verify limit checking
-
-        String value = "multipart/alternative;\n" +
-            " boundary=\"cats\"; micalg=";
-
-        ArrayList<String> values = new ArrayList<String>();
-        values.add("Content-type: " + value);
-
-        Headers headers = new Headers(values, value);
-        TestCase.assertEquals("multipart/alternative", headers.getContentType());
-        Map<String, String> fieldValues = headers.getContentTypeAttributes();
-        TestCase.assertEquals(2, fieldValues.size());
-        TestCase.assertEquals("{boundary=\"cats\", micalg=}", fieldValues.toString());
-    }
-
-    /**
-     * Parse content header good.
-     *
-     * @throws Exception
-     */
-    public void testParseContentTypeHeader_empty_micalg()
-        throws Exception
-    {
-
-        // Verify limit checking
-
-        String value = "multipart/alternative;\n" +
-            " boundary=\"cats\"; micalg=\"\"";
-
-        ArrayList<String> values = new ArrayList<String>();
-        values.add("Content-type: " + value);
-
-        Headers headers = new Headers(values, value);
-        TestCase.assertEquals("multipart/alternative", headers.getContentType());
-        Map<String, String> fieldValues = headers.getContentTypeAttributes();
-        TestCase.assertEquals(2, fieldValues.size());
-        TestCase.assertEquals("{boundary=\"cats\", micalg=\"\"}", headers.getContentTypeAttributes().toString());
-    }
-
-    public void testSignedMultipart()
-        throws Exception
-    {
-        final ArrayList<Object> results = new ArrayList<Object>();
-
-        final TestDoneFlag dataParsed = new TestDoneFlag();
-
-        MimeParserProvider provider = new SMimeParserProvider("7bit", new BcDigestCalculatorProvider());
-
-        MimeParser p = provider.createParser(this.getClass().getResourceAsStream("quotable.message"));
-
-        p.parse(new SMimeParserListener()
-        {
-            public void content(MimeParserContext parserContext, Headers headers, InputStream inputStream)
-                throws IOException
-            {
-                ByteArrayOutputStream bos = new ByteArrayOutputStream();
-                Streams.pipeAll((InputStream)inputStream, bos);
-                results.add(bos.toString());
-                System.out.println("#######################################################################");
-                System.out.println(bos.toString());
-                System.out.println("#######################################################################");
-            }
-
-            public void signedData(MimeParserContext parserContext, Headers headers, Store certificates, Store CRLs, Store attributeCertificates, SignerInformationStore signers)
-                throws CMSException
-            {
-                Collection c = signers.getSigners();
-                Iterator it = c.iterator();
-
-                while (it.hasNext())
-                {
-                    SignerInformation signer = (SignerInformation)it.next();
-                    Collection certCollection = certificates.getMatches(signer.getSID());
-
-                    Iterator certIt = certCollection.iterator();
-                    X509CertificateHolder certHolder = (X509CertificateHolder)certIt.next();
-
-                    try
-                    {
-                        assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(certHolder)));
-                    }
-                    catch (OperatorCreationException e)
-                    {
-                        e.printStackTrace();
-                    }
-                    catch (CertificateException e)
-                    {
-                        e.printStackTrace();
-                    }
-                }
-
-                dataParsed.markDone();
-            }
-
-        });
-
-        assertTrue(dataParsed.isDone());
-    }
-
-    public void testInvalidSha256SignedMultipart()
-        throws Exception
-    {
-        final ArrayList<Object> results = new ArrayList<Object>();
-
-        MimeParserProvider provider = new SMimeParserProvider("7bit", new BcDigestCalculatorProvider());
-
-        MimeParser p = provider.createParser(this.getClass().getResourceAsStream("3nnn_smime.eml"));
-
-        p.parse(new SMimeParserListener()
-        {
-            public void content(MimeParserContext parserContext, Headers headers, InputStream inputStream)
-                throws IOException
-            {
-                ByteArrayOutputStream bos = new ByteArrayOutputStream();
-                Streams.pipeAll((InputStream)inputStream, bos);
-                results.add(bos.toString());
-                System.out.println("#######################################################################");
-                System.out.println(bos.toString());
-                System.out.println("#######################################################################");
-            }
-
-            public void signedData(MimeParserContext parserContext, Headers headers, Store certificates, Store CRLs, Store attributeCertificates, SignerInformationStore signers)
-                throws CMSException
-            {
-                Collection c = signers.getSigners();
-                Iterator it = c.iterator();
-
-                while (it.hasNext())
-                {
-                    SignerInformation signer = (SignerInformation)it.next();
-                    Collection certCollection = certificates.getMatches(signer.getSID());
-
-                    Iterator certIt = certCollection.iterator();
-                    X509CertificateHolder certHolder = (X509CertificateHolder)certIt.next();
-
-                    try
-                    {
-                        // in this case the signature is invalid
-                        assertEquals(false, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(certHolder)));
-                    }
-                    catch (OperatorCreationException e)
-                    {
-                        e.printStackTrace();
-                    }
-                    catch (CertificateException e)
-                    {
-                        e.printStackTrace();
-                    }
-                }
-            }
-
-        });
-    }
-
-    public void testEmbeddedMultipart()
-        throws Exception
-    {
-        final ArrayList<Object> results = new ArrayList<Object>();
-
-        MimeParserProvider provider = new SMimeParserProvider("7bit", new BcDigestCalculatorProvider());
-
-        MimeParser p = provider.createParser(this.getClass().getResourceAsStream("embeddedmulti.message"));
-
-        p.parse(new SMimeParserListener()
-        {
-            public void content(MimeParserContext parserContext, Headers headers, InputStream inputStream)
-                throws IOException
-            {
-                ByteArrayOutputStream bos = new ByteArrayOutputStream();
-                Streams.pipeAll((InputStream)inputStream, bos);
-                results.add(bos.toString());
-                System.out.println("#######################################################################");
-                System.out.println(bos.toString());
-                System.out.println("#######################################################################");
-            }
-
-            public void signedData(MimeParserContext parserContext, Headers headers, Store certificates, Store CRLs, Store attributeCertificates, SignerInformationStore signers)
-                throws CMSException
-            {
-                Collection c = signers.getSigners();
-                Iterator it = c.iterator();
-
-                while (it.hasNext())
-                {
-                    SignerInformation signer = (SignerInformation)it.next();
-                    Collection certCollection = certificates.getMatches(signer.getSID());
-
-                    Iterator certIt = certCollection.iterator();
-                    X509CertificateHolder certHolder = (X509CertificateHolder)certIt.next();
-
-                    try
-                    {
-                        assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(certHolder)));
-                    }
-                    catch (OperatorCreationException e)
-                    {
-                        e.printStackTrace();
-                    }
-                    catch (CertificateException e)
-                    {
-                        e.printStackTrace();
-                    }
-                }
-            }
-
-        });
-    }
-
-    public void testMultipartAlternative()
-        throws Exception
-    {
-        final ArrayList<Object> results = new ArrayList<Object>();
-
-        MimeParserProvider provider = new SMimeParserProvider("7bit", new BcDigestCalculatorProvider());
-
-        MimeParser p = provider.createParser(this.getClass().getResourceAsStream("multi-alternative.eml"));
-
-        p.parse(new SMimeParserListener()
-        {
-            public void content(MimeParserContext parserContext, Headers headers, InputStream inputStream)
-                throws IOException
-            {
-
-                MimeParser basicMimeParser = new BasicMimeParser(parserContext, headers, inputStream);
-
-                basicMimeParser.parse(new MimeParserListener()
-                {
-                    public MimeContext createContext(MimeParserContext parserContext, Headers headers)
-                    {
-                        return new ConstantMimeContext();
-                    }
-
-                    public void object(MimeParserContext parserContext, Headers headers, InputStream inputStream)
-                        throws IOException
-                    {
-                        ByteArrayOutputStream bos = new ByteArrayOutputStream();
-                        Streams.pipeAll((InputStream)inputStream, bos);
-                        results.add(bos.toString());
-                        System.out.println("#######################################################################");
-                        System.out.println(bos.toString());
-                        System.out.println("#######################################################################");
-                    }
-                });
-            }
-
-            public void signedData(MimeParserContext parserContext, Headers headers, Store certificates, Store CRLs, Store attributeCertificates, SignerInformationStore signers)
-                throws CMSException
-            {
-                Collection c = signers.getSigners();
-                Iterator it = c.iterator();
-
-                while (it.hasNext())
-                {
-                    SignerInformation signer = (SignerInformation)it.next();
-                    Collection certCollection = certificates.getMatches(signer.getSID());
-
-                    Iterator certIt = certCollection.iterator();
-                    X509CertificateHolder certHolder = (X509CertificateHolder)certIt.next();
-
-                    try
-                    {
-                        assertEquals(true, signer.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(certHolder)));
-                    }
-                    catch (OperatorCreationException e)
-                    {
-                        e.printStackTrace();
-                    }
-                    catch (CertificateException e)
-                    {
-                        e.printStackTrace();
-                    }
-                }
-            }
-
-        });
-    }
-
-    /**
-     * Happy path mime multipart test.
-     *
-     * @throws IOException
-     */
-    public void testMimeMultipart()
-        throws Exception
-    {
-        final ArrayList<Object> results = new ArrayList<Object>();
-
-        BasicMimeParser p = new BasicMimeParser(this.getClass().getResourceAsStream("simplemultipart.eml"));
-
-        p.parse(new MimeParserListener()
-        {
-            public MimeContext createContext(MimeParserContext parserContext, Headers headers)
-            {
-                return new MimeMultipartContext()
-                {
-                    public InputStream applyContext(Headers headers, InputStream contentStream)
-                        throws IOException
-                    {
-                        return contentStream;
-                    }
-
-                    public MimeContext createContext(int partNo)
-                        throws IOException
-                    {
-                        return new MimeContext()
-                        {
-                            public InputStream applyContext(Headers headers, InputStream contentStream)
-                                throws IOException
-                            {
-                                return contentStream;
-                            }
-                        };
-                    }
-                };
-            }
-
-            public void object(MimeParserContext parserContext, Headers headers, InputStream inputStream)
-                throws IOException
-            {
-                results.add(Strings.fromByteArray(Streams.readAll(inputStream)));
-            }
-        });
-
-
-        String[] expected = new String[]{
-            "The cat sat on the mat\n" +
-                "\n" +
-                "Boo!\n" +
-                "\n",
-            "<html><head><meta http-equiv=\"Content-Type\" object=\"text/html; charset=us-ascii\"></head><object style=\"word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;\" class=\"\"><meta http-equiv=\"Content-Type\" object=\"text/html; charset=us-ascii\" class=\"\"><div style=\"word-wrap: break-word; -webkit-nbsp-mode: space; line-break: after-white-space;\" class=\"\">The cat sat on the mat<div class=\"\"><br class=\"\"></div><div class=\"\"><font size=\"7\" class=\"\">Boo!</font></div><div class=\"\"><font size=\"7\" class=\"\"><br class=\"\"></font></div><div class=\"\"><img src=\"http://img2.thejournal.ie/inline/1162441/original/?width=630&amp;version=1162441\" alt=\"Image result for cows\" class=\"\"></div></div></object></html>"
-        };
-
-        TestCase.assertEquals("Size same:", expected.length, results.size());
-
-        for (int t = 0; t < results.size(); t++)
-        {
-            TestCase.assertEquals("Part: " + t, expected[t], results.get(t));
-        }
-
-    }
-
-
-
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/test/QuotedPrintableTest.java b/bcpkix/src/main/java/org/bouncycastle/mime/test/QuotedPrintableTest.java
deleted file mode 100644
index 22fae1a..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/test/QuotedPrintableTest.java
+++ /dev/null

@@ -1,150 +0,0 @@
-package org.bouncycastle.mime.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-
-import junit.framework.TestCase;
-import org.bouncycastle.mime.encoding.QuotedPrintableInputStream;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.io.Streams;
-
-public class QuotedPrintableTest
-    extends TestCase
-{
-    public void testQuotedPrintable()
-        throws IOException
-    {
-        String qp = "J'interdis aux marchands de vanter trop leur marchandises. Car ils se font =\n" +
-            "vite p=C3=A9dagogues et t'enseignent comme but ce qui n'est par essence qu'=\n" +
-            "un moyen, et te trompant ainsi sur la route =C3=A0 suivre les voil=C3=A0 bi=\n" +
-            "ent=C3=B4t qui te d=C3=A9gradent, car si leur musique est vulgaire ils te f=\n" +
-            "abriquent pour te la vendre une =C3=A2me vulgaire."; // From wikipedia.
-
-        QuotedPrintableInputStream qpd = new QuotedPrintableInputStream(new ByteArrayInputStream(Strings.toByteArray(qp)));
-
-        ByteArrayOutputStream bos = new ByteArrayOutputStream();
-        Streams.pipeAll(qpd, bos);
-
-        TestCase.assertEquals("J'interdis aux marchands de vanter trop leur marchandises. Car ils se font vite pédagogues et t'enseignent comme but ce qui n'est par essence qu'un moyen, et te trompant ainsi sur la route à suivre les voilà bientôt qui te dégradent, car si leur musique est vulgaire ils te fabriquent pour te la vendre une âme vulgaire.", bos.toString());
-    }
-
-    public void testCRLFHandling()
-        throws Exception
-    {
-        // Some client use CR others use CRLF.
-
-        String qp = "The cat sat =\r\non the mat";
-        String expected = "The cat sat on the mat";
-
-        QuotedPrintableInputStream qpd = new QuotedPrintableInputStream(new ByteArrayInputStream(Strings.toByteArray(qp)));
-
-        ByteArrayOutputStream bos = new ByteArrayOutputStream();
-        Streams.pipeAll(qpd, bos);
-
-
-        TestCase.assertEquals(expected, bos.toString());
-
-    }
-
-    public void testLFHandling()
-        throws Exception
-    {
-
-        // Some client use CRLF others just use LF.
-
-        String qp = "The cat sat =\non the mat";
-        String expected = "The cat sat on the mat";
-
-        QuotedPrintableInputStream qpd = new QuotedPrintableInputStream(new ByteArrayInputStream(Strings.toByteArray(qp)));
-
-        ByteArrayOutputStream bos = new ByteArrayOutputStream();
-        Streams.pipeAll(qpd, bos);
-
-        TestCase.assertEquals(expected, bos.toString());
-    }
-
-    /**
-     * No character after '='.
-     *
-     * @throws Exception
-     */
-    public void testInvalid_1()
-        throws Exception
-    {
-
-        // Some client use CRLF others just use LF.
-
-        String qp = "The cat sat =";
-
-
-        QuotedPrintableInputStream qpd = new QuotedPrintableInputStream(new ByteArrayInputStream(Strings.toByteArray(qp)));
-
-        ByteArrayOutputStream bos = new ByteArrayOutputStream();
-
-        try
-        {
-            Streams.pipeAll(qpd, bos);
-            TestCase.fail("Must fail!");
-        }
-        catch (Throwable ioex)
-        {
-            TestCase.assertEquals("Quoted '=' at end of stream", ioex.getMessage());
-        }
-    }
-
-    /**
-     * Not hex digit on first character.
-     *
-     * @throws Exception
-     */
-    public void testInvalid_2()
-        throws Exception
-    {
-
-        // Some client use CRLF others just use LF.
-
-        String qp = "The cat sat =Z";
-
-        QuotedPrintableInputStream qpd = new QuotedPrintableInputStream(new ByteArrayInputStream(Strings.toByteArray(qp)));
-        ByteArrayOutputStream bos = new ByteArrayOutputStream();
-
-        try
-        {
-            Streams.pipeAll(qpd, bos);
-            TestCase.fail("Must fail!");
-        }
-        catch (Throwable ioex)
-        {
-            TestCase.assertEquals("Expecting '0123456789ABCDEF after quote that was not immediately followed by LF or CRLF", ioex.getMessage());
-        }
-    }
-
-    /**
-     * Not hex digit on second character.
-     *
-     * @throws Exception
-     */
-    public void testInvalid_3()
-        throws Exception
-    {
-
-        // Some client use CRLF others just use LF.
-
-        String qp = "The cat sat =AZ";
-
-        QuotedPrintableInputStream qpd = new QuotedPrintableInputStream(new ByteArrayInputStream(Strings.toByteArray(qp)));
-
-        ByteArrayOutputStream bos = new ByteArrayOutputStream();
-
-        try
-        {
-            Streams.pipeAll(qpd, bos);
-            TestCase.fail("Must fail!");
-        }
-        catch (Throwable ioex)
-        {
-            TestCase.assertEquals("Expecting second '0123456789ABCDEF after quote that was not immediately followed by LF or CRLF", ioex.getMessage());
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/test/ReadOnceInputStream.java b/bcpkix/src/main/java/org/bouncycastle/mime/test/ReadOnceInputStream.java
deleted file mode 100644
index d5f59b9..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/test/ReadOnceInputStream.java
+++ /dev/null

@@ -1,58 +0,0 @@
-package org.bouncycastle.mime.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-
-/**
- * File to guarantee no back tracking...
- */
-public class ReadOnceInputStream
-    extends ByteArrayInputStream
-{
-    public ReadOnceInputStream(byte[] buf)
-    {
-        super(buf);
-    }
-
-    public boolean markSupported()
-    {
-        return false;
-    }
-
-    int currPos = -22;
-
-    public int read()
-    {
-        if (0 > currPos)
-        {
-            currPos = 0;
-        }
-        currPos++;
-
-        return super.read();
-    }
-
-    public int read(byte b[], int off, int len)
-    {
-        if (off < currPos)
-        {
-            throw new RuntimeException("off " + off + " > currPos " + currPos);
-        }
-        currPos = off;
-        int res = super.read(b, off, len);
-        if (res < 0)
-        {
-            throw new RuntimeException("off " + off + " > currPos " + currPos + " res " + res);
-        }
-        currPos += res;
-        return res;
-    }
-
-    public int read(byte b[])
-        throws IOException
-    {
-        int res = super.read(b);
-        currPos += res;
-        return res;
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/test/TestBoundaryLimitedInputStream.java b/bcpkix/src/main/java/org/bouncycastle/mime/test/TestBoundaryLimitedInputStream.java
deleted file mode 100644
index fd0b637..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/test/TestBoundaryLimitedInputStream.java
+++ /dev/null

@@ -1,80 +0,0 @@
-package org.bouncycastle.mime.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-
-import junit.framework.TestCase;
-import org.bouncycastle.mime.BoundaryLimitedInputStream;
-import org.bouncycastle.util.io.Streams;
-
-public class TestBoundaryLimitedInputStream
-    extends TestCase
-{
-    public void testBoundaryAfterCRLF()
-        throws Exception
-    {
-        String data = "The cat sat on the mat\r\n" +
-            "then it went to sleep";
-
-
-        ByteArrayInputStream bin = new ByteArrayInputStream((data + "\r\n--banana").getBytes());
-
-        BoundaryLimitedInputStream blin = new BoundaryLimitedInputStream(bin, "banana");
-
-        ByteArrayOutputStream bos = new ByteArrayOutputStream();
-        Streams.pipeAll(blin, bos);
-
-        TestCase.assertEquals(data, bos.toString());
-    }
-
-    public void testBoundaryAfterCRLFTrailingLineInContent()
-        throws Exception
-    {
-        String data = "The cat sat on the mat\r\n" +
-            "then it went to sleep\r\n";
-
-
-        ByteArrayInputStream bin = new ByteArrayInputStream((data + "\r\n--banana").getBytes());
-
-        BoundaryLimitedInputStream blin = new BoundaryLimitedInputStream(bin, "banana");
-
-        ByteArrayOutputStream bos = new ByteArrayOutputStream();
-        Streams.pipeAll(blin, bos);
-
-        TestCase.assertEquals(data, bos.toString());
-    }
-
-    public void testBoundaryAfterLF()
-        throws Exception
-    {
-        String data = "The cat sat on the mat\r\n" +
-            "then it went to sleep";
-
-
-        ByteArrayInputStream bin = new ByteArrayInputStream((data + "\n--banana").getBytes());
-
-        BoundaryLimitedInputStream blin = new BoundaryLimitedInputStream(bin, "banana");
-
-        ByteArrayOutputStream bos = new ByteArrayOutputStream();
-        Streams.pipeAll(blin, bos);
-
-        TestCase.assertEquals(data, bos.toString());
-    }
-
-    public void testBoundaryAfterLFTrailingLine()
-        throws Exception
-    {
-        String data = "The cat sat on the mat\r\n" +
-            "then it went to sleep\n";
-
-
-        ByteArrayInputStream bin = new ByteArrayInputStream((data + "\n--banana").getBytes());
-
-        BoundaryLimitedInputStream blin = new BoundaryLimitedInputStream(bin,"banana");
-
-        ByteArrayOutputStream bos = new ByteArrayOutputStream();
-        Streams.pipeAll(blin, bos);
-
-        TestCase.assertEquals(data, bos.toString());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/test/TestDoneFlag.java b/bcpkix/src/main/java/org/bouncycastle/mime/test/TestDoneFlag.java
deleted file mode 100644
index 504ee9e..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/test/TestDoneFlag.java
+++ /dev/null

@@ -1,16 +0,0 @@
-package org.bouncycastle.mime.test;
-
-class TestDoneFlag
-{
-    private boolean done = false;
-
-    void markDone()
-    {
-        done = true;
-    }
-
-    boolean isDone()
-    {
-        return done;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/test/TestSMIMEEnveloped.java b/bcpkix/src/main/java/org/bouncycastle/mime/test/TestSMIMEEnveloped.java
deleted file mode 100644
index 0001cd8..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/test/TestSMIMEEnveloped.java
+++ /dev/null

@@ -1,187 +0,0 @@
-package org.bouncycastle.mime.test;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.io.OutputStream;
-import java.security.KeyPair;
-import java.security.PrivateKey;
-import java.security.Security;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-
-import junit.framework.TestCase;
-import org.bouncycastle.cms.CMSAlgorithm;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.OriginatorInformation;
-import org.bouncycastle.cms.RecipientInformation;
-import org.bouncycastle.cms.RecipientInformationStore;
-import org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder;
-import org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient;
-import org.bouncycastle.cms.jcajce.JceKeyTransRecipientId;
-import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;
-import org.bouncycastle.cms.test.CMSTestUtil;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.mime.Headers;
-import org.bouncycastle.mime.MimeParser;
-import org.bouncycastle.mime.MimeParserContext;
-import org.bouncycastle.mime.MimeParserProvider;
-import org.bouncycastle.mime.smime.SMIMEEnvelopedWriter;
-import org.bouncycastle.mime.smime.SMimeParserListener;
-import org.bouncycastle.mime.smime.SMimeParserProvider;
-import org.bouncycastle.openssl.PEMKeyPair;
-import org.bouncycastle.openssl.PEMParser;
-import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
-import org.bouncycastle.operator.bc.BcDigestCalculatorProvider;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.io.Streams;
-
-public class TestSMIMEEnveloped
-    extends TestCase
-{
-    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
-
-    private static String          _signDN;
-    private static KeyPair          _signKP;
-
-    private static String          _reciDN;
-    private static KeyPair          _reciKP;
-
-    private static X509Certificate _reciCert;
-
-    private static boolean         _initialised = false;
-
-    private static final byte[] testMessage = Base64.decode(
-        "TUlNRS1WZXJzaW9uOiAxLjANCkNvbnRlbnQtVHlwZTogbXVsdGlwYXJ0L21peGVkOyANCglib3VuZGFye" +
-        "T0iLS0tLT1fUGFydF8wXzI2MDM5NjM4Ni4xMzUyOTA0NzUwMTMyIg0KQ29udGVudC1MYW5ndWFnZTogZW" +
-        "4NCkNvbnRlbnQtRGVzY3JpcHRpb246IEEgbWFpbCBmb2xsb3dpbmcgdGhlIERJUkVDVCBwcm9qZWN0IHN" +
-        "wZWNpZmljYXRpb25zDQoNCi0tLS0tLT1fUGFydF8wXzI2MDM5NjM4Ni4xMzUyOTA0NzUwMTMyDQpDb250" +
-        "ZW50LVR5cGU6IHRleHQvcGxhaW47IG5hbWU9bnVsbDsgY2hhcnNldD11cy1hc2NpaQ0KQ29udGVudC1Uc" +
-        "mFuc2Zlci1FbmNvZGluZzogN2JpdA0KQ29udGVudC1EaXNwb3NpdGlvbjogaW5saW5lOyBmaWxlbmFtZT" +
-        "1udWxsDQoNCkNpYW8gZnJvbSB2aWVubmENCi0tLS0tLT1fUGFydF8wXzI2MDM5NjM4Ni4xMzUyOTA0NzU" +
-        "wMTMyLS0NCg==");
-
-    private static void init()
-        throws Exception
-    {
-        if (!_initialised)
-        {
-            if (Security.getProvider("BC") == null)
-            {
-                Security.addProvider(new BouncyCastleProvider());
-            }
-
-            _initialised = true;
-
-            _signDN   = "O=Bouncy Castle, C=AU";
-            _signKP   = CMSTestUtil.makeKeyPair();
-
-            _reciDN   = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU";
-            _reciKP   = CMSTestUtil.makeKeyPair();
-            _reciCert = CMSTestUtil.makeCertificate(_reciKP, _reciDN, _signKP, _signDN);
-        }
-    }
-
-    public void setUp()
-        throws Exception
-    {
-        init();
-    }
-    
-    public void testSMIMEEnveloped()
-        throws Exception
-    {
-        InputStream inputStream = this.getClass().getResourceAsStream("test256.message");
-
-        MimeParserProvider provider = new SMimeParserProvider("7bit", new BcDigestCalculatorProvider());
-
-        MimeParser p = provider.createParser(new ReadOnceInputStream(Streams.readAll(inputStream)));
-
-        final TestDoneFlag dataParsed = new TestDoneFlag();
-
-        p.parse(new SMimeParserListener()
-        {
-            public void envelopedData(MimeParserContext parserContext, Headers headers, OriginatorInformation originator, RecipientInformationStore recipients)
-                throws IOException, CMSException
-            {
-                RecipientInformation recipInfo = recipients.get(new JceKeyTransRecipientId(loadCert("cert.pem")));
-
-                assertNotNull(recipInfo);
-
-                byte[] content = recipInfo.getContent(new JceKeyTransEnvelopedRecipient(loadKey("key.pem")));
-                assertTrue(org.bouncycastle.util.Arrays.areEqual(testMessage, content));
-
-                dataParsed.markDone();
-            }
-        });
-
-        assertTrue(dataParsed.isDone());
-    }
-
-    public void testKeyTransAES128()
-        throws Exception
-    {
-        //
-        // output
-        //
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        SMIMEEnvelopedWriter.Builder envBldr = new SMIMEEnvelopedWriter.Builder();
-
-        envBldr.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-
-        SMIMEEnvelopedWriter envWrt = envBldr.build(bOut, new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-
-        OutputStream out = envWrt.getContentStream();
-
-        out.write(testMessage);
-
-        out.close();
-        
-        //
-        // parse
-        //
-        final TestDoneFlag dataParsed = new TestDoneFlag();
-
-        MimeParserProvider provider = new SMimeParserProvider("7bit", new BcDigestCalculatorProvider());
-
-        MimeParser p = provider.createParser(new ReadOnceInputStream(bOut.toByteArray()));
-
-        p.parse(new SMimeParserListener()
-        {
-            public void envelopedData(MimeParserContext parserContext, Headers headers, OriginatorInformation originator, RecipientInformationStore recipients)
-                throws IOException, CMSException
-            {
-                RecipientInformation recipInfo = recipients.get(new JceKeyTransRecipientId(_reciCert));
-
-                assertNotNull(recipInfo);
-
-                byte[] content = recipInfo.getContent(new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()));
-                assertTrue(org.bouncycastle.util.Arrays.areEqual(testMessage, content));
-
-                dataParsed.markDone();
-            }
-        });
-
-        assertTrue(dataParsed.isDone());
-    }
-
-    private X509Certificate loadCert(String name)
-        throws IOException
-    {
-        try
-        {
-            return (X509Certificate)CertificateFactory.getInstance("X.509", "BC").generateCertificate(getClass().getResourceAsStream(name));
-        }
-        catch (Exception e)
-        {
-            throw new IOException(e.getMessage());
-        }
-    }
-
-    private PrivateKey loadKey(String name)
-        throws IOException
-    {
-        return new JcaPEMKeyConverter().setProvider("BC").getKeyPair((PEMKeyPair)(new PEMParser(new InputStreamReader(getClass().getResourceAsStream(name)))).readObject()).getPrivate();
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/test/TestSMIMESignEncrypt.java b/bcpkix/src/main/java/org/bouncycastle/mime/test/TestSMIMESignEncrypt.java
deleted file mode 100644
index 8018cf8..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/test/TestSMIMESignEncrypt.java
+++ /dev/null

@@ -1,227 +0,0 @@
-package org.bouncycastle.mime.test;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.security.KeyPair;
-import java.security.Security;
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
-import java.util.Collection;
-import java.util.Iterator;
-
-import junit.framework.TestCase;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
-import org.bouncycastle.cms.CMSAlgorithm;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.CMSTypedStream;
-import org.bouncycastle.cms.OriginatorInformation;
-import org.bouncycastle.cms.RecipientInformation;
-import org.bouncycastle.cms.RecipientInformationStore;
-import org.bouncycastle.cms.SignerInformation;
-import org.bouncycastle.cms.SignerInformationStore;
-import org.bouncycastle.cms.jcajce.JcaSignerId;
-import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoGeneratorBuilder;
-import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
-import org.bouncycastle.cms.jcajce.JceCMSContentEncryptorBuilder;
-import org.bouncycastle.cms.jcajce.JceKeyTransEnvelopedRecipient;
-import org.bouncycastle.cms.jcajce.JceKeyTransRecipientId;
-import org.bouncycastle.cms.jcajce.JceKeyTransRecipientInfoGenerator;
-import org.bouncycastle.cms.test.CMSTestUtil;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.mime.Headers;
-import org.bouncycastle.mime.MimeParser;
-import org.bouncycastle.mime.MimeParserContext;
-import org.bouncycastle.mime.MimeParserProvider;
-import org.bouncycastle.mime.smime.SMIMEEnvelopedWriter;
-import org.bouncycastle.mime.smime.SMIMESignedWriter;
-import org.bouncycastle.mime.smime.SMimeParserListener;
-import org.bouncycastle.mime.smime.SMimeParserProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.bc.BcDigestCalculatorProvider;
-import org.bouncycastle.util.Store;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.io.Streams;
-
-public class TestSMIMESignEncrypt
-    extends TestCase
-{
-    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
-
-    private static String _signDN;
-    private static KeyPair _signKP;
-
-    private static String _reciDN;
-    private static KeyPair _reciKP;
-
-    private static X509Certificate _signCert;
-    private static X509Certificate _reciCert;
-
-    private static boolean _initialised = false;
-
-    private static final byte[] simpleMessage = Strings.toByteArray(
-        "Content-Type: text/plain; name=null; charset=us-ascii\r\n" +
-            "Content-Transfer-Encoding: 7bit\r\n" +
-            "Content-Disposition: inline; filename=null\r\n" +
-            "\r\n" +
-            "Hello, world!\r\n");
-
-    private static final byte[] simpleMessageContent = Strings.toByteArray(
-        "Hello, world!\r\n");
-
-    private static final byte[] testMultipartMessage = Base64.decode(
-        "TUlNRS1WZXJzaW9uOiAxLjANCkNvbnRlbnQtVHlwZTogbXVsdGlwYXJ0L21peGVkOyANCglib3VuZGFye" +
-            "T0iLS0tLT1fUGFydF8wXzI2MDM5NjM4Ni4xMzUyOTA0NzUwMTMyIg0KQ29udGVudC1MYW5ndWFnZTogZW" +
-            "4NCkNvbnRlbnQtRGVzY3JpcHRpb246IEEgbWFpbCBmb2xsb3dpbmcgdGhlIERJUkVDVCBwcm9qZWN0IHN" +
-            "wZWNpZmljYXRpb25zDQoNCi0tLS0tLT1fUGFydF8wXzI2MDM5NjM4Ni4xMzUyOTA0NzUwMTMyDQpDb250" +
-            "ZW50LVR5cGU6IHRleHQvcGxhaW47IG5hbWU9bnVsbDsgY2hhcnNldD11cy1hc2NpaQ0KQ29udGVudC1Uc" +
-            "mFuc2Zlci1FbmNvZGluZzogN2JpdA0KQ29udGVudC1EaXNwb3NpdGlvbjogaW5saW5lOyBmaWxlbmFtZT" +
-            "1udWxsDQoNCkNpYW8gZnJvbSB2aWVubmENCi0tLS0tLT1fUGFydF8wXzI2MDM5NjM4Ni4xMzUyOTA0NzU" +
-            "wMTMyLS0NCg==");
-
-    private static final byte[] testMultipartMessageContent = Base64.decode(
-        "LS0tLS0tPV9QYXJ0XzBfMjYwMzk2Mzg2LjEzNTI5MDQ3NTAxMzINCkNvbnRlbnQtVHlwZTogdGV4dC9w" +
-            "bGFpbjsgbmFtZT1udWxsOyBjaGFyc2V0PXVzLWFzY2lpDQpDb250ZW50LVRyYW5zZmVyLUVuY29kaW5n" +
-            "OiA3Yml0DQpDb250ZW50LURpc3Bvc2l0aW9uOiBpbmxpbmU7IGZpbGVuYW1lPW51bGwNCg0KQ2lhbyBm" +
-            "cm9tIHZpZW5uYQ0KLS0tLS0tPV9QYXJ0XzBfMjYwMzk2Mzg2LjEzNTI5MDQ3NTAxMzItLQ0K");
-
-    private static void init()
-        throws Exception
-    {
-        if (!_initialised)
-        {
-            if (Security.getProvider("BC") == null)
-            {
-                Security.addProvider(new BouncyCastleProvider());
-            }
-
-            _initialised = true;
-
-            //create certificate of the sender(signature certificate)
-            _signDN = "O=Bouncy Castle, C=AU";
-            _signKP = CMSTestUtil.makeKeyPair();
-            _signCert = CMSTestUtil.makeCertificate(_signKP, _signDN, _signKP, _signDN);
-
-            //create certificate of the receiver (encryption certificate)
-            _reciDN = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU";
-            _reciKP = CMSTestUtil.makeKeyPair();
-            _reciCert = CMSTestUtil.makeCertificate(_reciKP, _reciDN, _signKP, _signDN);
-        }
-    }
-
-    public void setUp()
-        throws Exception
-    {
-        init();
-    }
-
-    public void testSignThenEncrypt()
-        throws Exception
-    { 
-  	
-    	//output that will contain signed and encrypted content
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        SMIMEEnvelopedWriter.Builder envBldr = new SMIMEEnvelopedWriter.Builder();
-
-        //specify encryption certificate
-        envBldr.addRecipientInfoGenerator(new JceKeyTransRecipientInfoGenerator(_reciCert).setProvider(BC));
-
-        SMIMEEnvelopedWriter envWrt = envBldr.build(bOut, new JceCMSContentEncryptorBuilder(CMSAlgorithm.AES128_CBC).setProvider(BC).build());
-
-        OutputStream envOut = envWrt.getContentStream();
-
-        SMIMESignedWriter.Builder sigBldr = new SMIMESignedWriter.Builder();
-
-        //specify signature certificate
-        sigBldr.addCertificate(new JcaX509CertificateHolder(_signCert));
-
-        sigBldr.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider(BC).build("SHA256withRSA", _signKP.getPrivate(), _signCert));
-
-        //add the encryption stream to the signature stream
-        SMIMESignedWriter sigWrt = sigBldr.build(envOut);
-
-        OutputStream sigOut = sigWrt.getContentStream();
-
-        sigOut.write(simpleMessage);
-        
-        //sign file using sender private key
-        sigOut.close();
-        
-        //write full message to the byte array output stream before actually closing the SMIME Enveloped Writer (before this, bOut contains only the headers?)
-        envOut.close();
-
-        bOut.close();
-        
-        //
-        // parse / decrypt and compare to original file 
-        //
-        final TestDoneFlag dataParsed = new TestDoneFlag();
-
-        MimeParserProvider provider = new SMimeParserProvider("7bit", new BcDigestCalculatorProvider());
-
-        MimeParser p = provider.createParser(new ReadOnceInputStream(bOut.toByteArray()));
-
-        p.parse(new SMimeParserListener()
-        {
-            public void envelopedData(MimeParserContext parserContext, Headers headers, OriginatorInformation originator, RecipientInformationStore recipients)
-                throws IOException, CMSException
-            {
-                RecipientInformation recipInfo = recipients.get(new JceKeyTransRecipientId(_reciCert));
-
-                assertNotNull(recipInfo);
-                
-                //decrypt the file using the receiver's private key before verifying signature
-                CMSTypedStream content = recipInfo.getContentStream(new JceKeyTransEnvelopedRecipient(_reciKP.getPrivate()));
-
-                MimeParserProvider provider = new SMimeParserProvider("7bit", new BcDigestCalculatorProvider());
-                
-                MimeParser p = provider.createParser(content.getContentStream());
-
-                p.parse(new SMimeParserListener()
-                {
-                    public void content(MimeParserContext parserContext, Headers headers, InputStream inputStream)
-                        throws IOException
-                    {
-                        byte[] content = Streams.readAll(inputStream);
-
-                        assertTrue(org.bouncycastle.util.Arrays.areEqual(simpleMessageContent, content));
-                    }
-
-                    public void signedData(MimeParserContext parserContext, Headers headers, Store certificates, Store CRLs, Store attributeCertificates, SignerInformationStore signers)
-                        throws IOException, CMSException
-                    {
-                        SignerInformation signerInfo = signers.get(new JcaSignerId(_signCert));
-
-                        assertNotNull(signerInfo);
-
-                        Collection certCollection = certificates.getMatches(signerInfo.getSID());
-
-                        Iterator certIt = certCollection.iterator();
-                        X509CertificateHolder certHolder = (X509CertificateHolder)certIt.next();
-
-                        try
-                        {
-                            assertEquals(true, signerInfo.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(certHolder)));
-                        }
-                        catch (OperatorCreationException e)
-                        {
-                            throw new CMSException(e.getMessage(), e);
-                        }
-                        catch (CertificateException e)
-                        {
-                            throw new CMSException(e.getMessage(), e);
-                        }
-
-                        dataParsed.markDone();
-                    }
-                });
-            }
-        });
-
-        assertTrue(dataParsed.isDone());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mime/test/TestSMIMESigned.java b/bcpkix/src/main/java/org/bouncycastle/mime/test/TestSMIMESigned.java
deleted file mode 100644
index 4851945..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mime/test/TestSMIMESigned.java
+++ /dev/null

@@ -1,192 +0,0 @@
-package org.bouncycastle.mime.test;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.security.KeyPair;
-import java.security.Security;
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
-import java.util.Collection;
-import java.util.Iterator;
-
-import junit.framework.TestCase;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.SignerInformation;
-import org.bouncycastle.cms.SignerInformationStore;
-import org.bouncycastle.cms.jcajce.JcaSignerId;
-import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoGeneratorBuilder;
-import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
-import org.bouncycastle.cms.test.CMSTestUtil;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.mime.Headers;
-import org.bouncycastle.mime.MimeParser;
-import org.bouncycastle.mime.MimeParserContext;
-import org.bouncycastle.mime.MimeParserProvider;
-import org.bouncycastle.mime.smime.SMIMESignedWriter;
-import org.bouncycastle.mime.smime.SMimeParserListener;
-import org.bouncycastle.mime.smime.SMimeParserProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.bc.BcDigestCalculatorProvider;
-import org.bouncycastle.util.Store;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.io.Streams;
-
-public class TestSMIMESigned
-    extends TestCase
-{
-    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
-
-    private static String _signDN;
-    private static KeyPair _signKP;
-
-    private static String _reciDN;
-    private static KeyPair _reciKP;
-
-    private static X509Certificate _signCert;
-    private static X509Certificate _reciCert;
-
-    private static boolean _initialised = false;
-
-    private static final byte[] simpleMessage = Strings.toByteArray(
-        "Content-Type: text/plain; name=null; charset=us-ascii\r\n" +
-            "Content-Transfer-Encoding: 7bit\r\n" +
-            "Content-Disposition: inline; filename=null\r\n" +
-            "\r\n" +
-            "Hello, world!\r\n");
-
-    private static final byte[] simpleMessageContent = Strings.toByteArray(
-            "Hello, world!\r\n");
-
-    private static final byte[] testMultipartMessage = Base64.decode(
-        "TUlNRS1WZXJzaW9uOiAxLjANCkNvbnRlbnQtVHlwZTogbXVsdGlwYXJ0L21peGVkOyANCglib3VuZGFye" +
-            "T0iLS0tLT1fUGFydF8wXzI2MDM5NjM4Ni4xMzUyOTA0NzUwMTMyIg0KQ29udGVudC1MYW5ndWFnZTogZW" +
-            "4NCkNvbnRlbnQtRGVzY3JpcHRpb246IEEgbWFpbCBmb2xsb3dpbmcgdGhlIERJUkVDVCBwcm9qZWN0IHN" +
-            "wZWNpZmljYXRpb25zDQoNCi0tLS0tLT1fUGFydF8wXzI2MDM5NjM4Ni4xMzUyOTA0NzUwMTMyDQpDb250" +
-            "ZW50LVR5cGU6IHRleHQvcGxhaW47IG5hbWU9bnVsbDsgY2hhcnNldD11cy1hc2NpaQ0KQ29udGVudC1Uc" +
-            "mFuc2Zlci1FbmNvZGluZzogN2JpdA0KQ29udGVudC1EaXNwb3NpdGlvbjogaW5saW5lOyBmaWxlbmFtZT" +
-            "1udWxsDQoNCkNpYW8gZnJvbSB2aWVubmENCi0tLS0tLT1fUGFydF8wXzI2MDM5NjM4Ni4xMzUyOTA0NzU" +
-            "wMTMyLS0NCg==");
-
-    private static final byte[] testMultipartMessageContent = Base64.decode(
-        "LS0tLS0tPV9QYXJ0XzBfMjYwMzk2Mzg2LjEzNTI5MDQ3NTAxMzINCkNvbnRlbnQtVHlwZTogdGV4dC9w" +
-            "bGFpbjsgbmFtZT1udWxsOyBjaGFyc2V0PXVzLWFzY2lpDQpDb250ZW50LVRyYW5zZmVyLUVuY29kaW5n" +
-            "OiA3Yml0DQpDb250ZW50LURpc3Bvc2l0aW9uOiBpbmxpbmU7IGZpbGVuYW1lPW51bGwNCg0KQ2lhbyBm" +
-            "cm9tIHZpZW5uYQ0KLS0tLS0tPV9QYXJ0XzBfMjYwMzk2Mzg2LjEzNTI5MDQ3NTAxMzItLQ0K");
-
-    private static void init()
-        throws Exception
-    {
-        if (!_initialised)
-        {
-            if (Security.getProvider("BC") == null)
-            {
-                Security.addProvider(new BouncyCastleProvider());
-            }
-
-            _initialised = true;
-
-            _signDN = "O=Bouncy Castle, C=AU";
-            _signKP = CMSTestUtil.makeKeyPair();
-            _signCert = CMSTestUtil.makeCertificate(_signKP, _signDN, _signKP, _signDN);
-
-            _reciDN = "CN=Doug, OU=Sales, O=Bouncy Castle, C=AU";
-            _reciKP = CMSTestUtil.makeKeyPair();
-            _reciCert = CMSTestUtil.makeCertificate(_reciKP, _reciDN, _signKP, _signDN);
-        }
-    }
-
-    public void setUp()
-        throws Exception
-    {
-        init();
-    }
-
-    public void testSimpleGeneration()
-        throws Exception
-    {
-        generationTest(simpleMessage, simpleMessageContent);
-    }
-
-    public void testEmbeddedMultipartGeneration()
-        throws Exception
-    {
-        generationTest(testMultipartMessage, testMultipartMessageContent);
-    }
-
-    private void generationTest(byte[] message, final byte[] messageContent)
-        throws Exception
-    {
-        //
-        // output
-        //
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        SMIMESignedWriter.Builder sigBldr = new SMIMESignedWriter.Builder();
-
-        sigBldr.addCertificate(new JcaX509CertificateHolder(_signCert));
-        
-        sigBldr.addSignerInfoGenerator(new JcaSimpleSignerInfoGeneratorBuilder().setProvider(BC).build("SHA256withRSA", _signKP.getPrivate(), _signCert));
-
-        SMIMESignedWriter sigWrt = sigBldr.build(bOut);
-
-        OutputStream out = sigWrt.getContentStream();
-
-        out.write(message);
-
-        out.close();
-        
-        //
-        // parse
-        //
-        final TestDoneFlag dataParsed = new TestDoneFlag();
-
-        MimeParserProvider provider = new SMimeParserProvider("7bit", new BcDigestCalculatorProvider());
-
-        MimeParser p = provider.createParser(new ReadOnceInputStream(bOut.toByteArray()));
-
-        p.parse(new SMimeParserListener()
-        {
-            public void content(MimeParserContext parserContext, Headers headers, InputStream inputStream)
-                throws IOException
-            {
-                byte[] content = Streams.readAll(inputStream);
-
-                assertTrue(org.bouncycastle.util.Arrays.areEqual(messageContent, content));
-            }
-
-            public void signedData(MimeParserContext parserContext, Headers headers, Store certificates, Store CRLs, Store attributeCertificates, SignerInformationStore signers)
-                throws IOException, CMSException
-            {
-                SignerInformation signerInfo = signers.get(new JcaSignerId(_signCert));
-
-                assertNotNull(signerInfo);
-
-                Collection certCollection = certificates.getMatches(signerInfo.getSID());
-
-                Iterator certIt = certCollection.iterator();
-                X509CertificateHolder certHolder = (X509CertificateHolder)certIt.next();
-
-                try
-                {
-                    assertEquals(true, signerInfo.verify(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(certHolder)));
-                }
-                catch (OperatorCreationException e)
-                {
-                    throw new CMSException(e.getMessage(), e);
-                }
-                catch (CertificateException e)
-                {
-                    throw new CMSException(e.getMessage(), e);
-                }
-
-                dataParsed.markDone();
-            }
-        });
-
-        assertTrue(dataParsed.isDone());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mozilla/SignedPublicKeyAndChallenge.java b/bcpkix/src/main/java/org/bouncycastle/mozilla/SignedPublicKeyAndChallenge.java
deleted file mode 100644
index bedd2da..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mozilla/SignedPublicKeyAndChallenge.java
+++ /dev/null

@@ -1,177 +0,0 @@
-package org.bouncycastle.mozilla;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.security.InvalidKeyException;
-import java.security.KeyFactory;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PublicKey;
-import java.security.Signature;
-import java.security.SignatureException;
-import java.security.spec.X509EncodedKeySpec;
-
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DEROutputStream;
-import org.bouncycastle.asn1.mozilla.PublicKeyAndChallenge;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.operator.ContentVerifier;
-import org.bouncycastle.operator.ContentVerifierProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.util.Encodable;
-
-/**
- * This is designed to parse the SignedPublicKeyAndChallenge created by the
- * KEYGEN tag included by Mozilla based browsers.
- *  <pre>
- *  PublicKeyAndChallenge ::= SEQUENCE {
- *    spki SubjectPublicKeyInfo,
- *    challenge IA5STRING
- *  }
- *
- *  SignedPublicKeyAndChallenge ::= SEQUENCE {
- *    publicKeyAndChallenge PublicKeyAndChallenge,
- *    signatureAlgorithm AlgorithmIdentifier,
- *    signature BIT STRING
- *  }
- *  </pre>
- */
-public class SignedPublicKeyAndChallenge
-    implements Encodable
-{
-    protected final org.bouncycastle.asn1.mozilla.SignedPublicKeyAndChallenge          spkacSeq;
-
-    public SignedPublicKeyAndChallenge(byte[] bytes)
-    {
-        spkacSeq = org.bouncycastle.asn1.mozilla.SignedPublicKeyAndChallenge.getInstance(bytes);
-    }
-
-    protected SignedPublicKeyAndChallenge(org.bouncycastle.asn1.mozilla.SignedPublicKeyAndChallenge struct)
-    {
-        this.spkacSeq = struct;
-    }
-
-    /**
-     * Return the underlying ASN.1 structure for this challenge.
-     *
-     * @return a SignedPublicKeyAndChallenge object.
-     */
-    public org.bouncycastle.asn1.mozilla.SignedPublicKeyAndChallenge toASN1Structure()
-    {
-         return spkacSeq;
-    }
-
-    /**
-     * @deprecated use toASN1Structure
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return spkacSeq.toASN1Primitive();
-    }
-
-    public PublicKeyAndChallenge getPublicKeyAndChallenge()
-    {
-        return spkacSeq.getPublicKeyAndChallenge();
-    }
-
-    public boolean isSignatureValid(ContentVerifierProvider verifierProvider)
-        throws OperatorCreationException, IOException
-    {
-        ContentVerifier verifier = verifierProvider.get(spkacSeq.getSignatureAlgorithm());
-
-        OutputStream sOut = verifier.getOutputStream();
-        DEROutputStream dOut = new DEROutputStream(sOut);
-
-        dOut.writeObject(spkacSeq.getPublicKeyAndChallenge());
-
-        sOut.close();
-
-        return verifier.verify(spkacSeq.getSignature().getOctets());
-    }
-
-    /**
-     * @deprecated use ContentVerifierProvider method
-     */
-    public boolean verify()
-        throws NoSuchAlgorithmException, SignatureException, 
-               NoSuchProviderException, InvalidKeyException
-    {
-        return verify((String)null);
-    }
-
-    /**
-     * @deprecated use ContentVerifierProvider method
-     */
-    public boolean verify(String provider)
-        throws NoSuchAlgorithmException, SignatureException, 
-               NoSuchProviderException, InvalidKeyException
-    {
-        Signature sig = null;
-        if (provider == null)
-        {
-            sig = Signature.getInstance(spkacSeq.getSignatureAlgorithm().getAlgorithm().getId());
-        }
-        else
-        {
-            sig = Signature.getInstance(spkacSeq.getSignatureAlgorithm().getAlgorithm().getId(), provider);
-        }
-        PublicKey pubKey = this.getPublicKey(provider);
-        sig.initVerify(pubKey);
-        try
-        {
-            sig.update(spkacSeq.getPublicKeyAndChallenge().getEncoded());
-
-            return sig.verify(spkacSeq.getSignature().getBytes());
-        }
-        catch (Exception e)
-        {
-            throw new InvalidKeyException("error encoding public key");
-        }
-    }
-
-    public SubjectPublicKeyInfo getSubjectPublicKeyInfo()
-    {
-        return spkacSeq.getPublicKeyAndChallenge().getSubjectPublicKeyInfo();
-    }
-
-    public String getChallenge()
-    {
-        return spkacSeq.getPublicKeyAndChallenge().getChallenge().getString();
-    }
-
-    /**
-     * @deprecated use JcaSignedPublicKeyAndChallenge.getPublicKey()
-     */
-    public PublicKey getPublicKey(String provider)
-        throws NoSuchAlgorithmException, NoSuchProviderException, 
-               InvalidKeyException
-    {
-        SubjectPublicKeyInfo subjectPKInfo = spkacSeq.getPublicKeyAndChallenge().getSubjectPublicKeyInfo();
-        try
-        {
-            DERBitString bStr = new DERBitString(subjectPKInfo);
-            X509EncodedKeySpec xspec = new X509EncodedKeySpec(bStr.getOctets());
-            
-
-            AlgorithmIdentifier keyAlg = subjectPKInfo.getAlgorithm();
-
-            KeyFactory factory =
-                KeyFactory.getInstance(keyAlg.getAlgorithm().getId(),provider);
-
-            return factory.generatePublic(xspec);
-                           
-        }
-        catch (Exception e)
-        {
-            throw new InvalidKeyException("error encoding public key");
-        }
-    }
-
-    public byte[] getEncoded()
-        throws IOException
-    {
-        return toASN1Structure().getEncoded();
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mozilla/jcajce/JcaSignedPublicKeyAndChallenge.java b/bcpkix/src/main/java/org/bouncycastle/mozilla/jcajce/JcaSignedPublicKeyAndChallenge.java
deleted file mode 100644
index 83440ff..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mozilla/jcajce/JcaSignedPublicKeyAndChallenge.java
+++ /dev/null

@@ -1,81 +0,0 @@
-package org.bouncycastle.mozilla.jcajce;
-
-import java.security.InvalidKeyException;
-import java.security.KeyFactory;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.Provider;
-import java.security.PublicKey;
-import java.security.spec.X509EncodedKeySpec;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
-import org.bouncycastle.jcajce.util.JcaJceHelper;
-import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
-import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
-import org.bouncycastle.mozilla.SignedPublicKeyAndChallenge;
-
-/**
- * This is designed to parse the SignedPublicKeyAndChallenge created by the
- * KEYGEN tag included by Mozilla based browsers.
- *  <pre>
- *  PublicKeyAndChallenge ::= SEQUENCE {
- *    spki SubjectPublicKeyInfo,
- *    challenge IA5STRING
- *  }
- *
- *  SignedPublicKeyAndChallenge ::= SEQUENCE {
- *    publicKeyAndChallenge PublicKeyAndChallenge,
- *    signatureAlgorithm AlgorithmIdentifier,
- *    signature BIT STRING
- *  }
- *  </pre>
- */
-public class JcaSignedPublicKeyAndChallenge
-    extends SignedPublicKeyAndChallenge
-{
-    JcaJceHelper helper = new DefaultJcaJceHelper();
-
-    private JcaSignedPublicKeyAndChallenge(org.bouncycastle.asn1.mozilla.SignedPublicKeyAndChallenge struct, JcaJceHelper helper)
-    {
-        super(struct);
-        this.helper = helper;
-    }
-
-    public JcaSignedPublicKeyAndChallenge(byte[] bytes)
-    {
-        super(bytes);
-    }
-
-    public JcaSignedPublicKeyAndChallenge setProvider(String providerName)
-    {
-        return new JcaSignedPublicKeyAndChallenge(this.spkacSeq, new NamedJcaJceHelper(providerName));
-    }
-
-    public JcaSignedPublicKeyAndChallenge setProvider(Provider provider)
-    {
-        return new JcaSignedPublicKeyAndChallenge(this.spkacSeq, new ProviderJcaJceHelper(provider));
-    }
-
-    public PublicKey getPublicKey()
-        throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException
-    {
-        try
-        {
-            SubjectPublicKeyInfo subjectPublicKeyInfo = spkacSeq.getPublicKeyAndChallenge().getSubjectPublicKeyInfo();
-            X509EncodedKeySpec xspec = new X509EncodedKeySpec(subjectPublicKeyInfo.getEncoded());
-            
-
-            AlgorithmIdentifier keyAlg = subjectPublicKeyInfo.getAlgorithm();
-
-            KeyFactory factory = helper.createKeyFactory(keyAlg.getAlgorithm().getId());
-
-            return factory.generatePublic(xspec);
-        }
-        catch (Exception e)
-        {
-            throw new InvalidKeyException("error encoding public key");
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mozilla/package.html b/bcpkix/src/main/java/org/bouncycastle/mozilla/package.html
deleted file mode 100644
index dd2203e..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mozilla/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support class for mozilla signed public key and challenge.
-</body>
-</html>

diff --git a/bcpkix/src/main/java/org/bouncycastle/mozilla/test/AllTests.java b/bcpkix/src/main/java/org/bouncycastle/mozilla/test/AllTests.java
deleted file mode 100644
index fb5dd3c..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mozilla/test/AllTests.java
+++ /dev/null

@@ -1,65 +0,0 @@
-package org.bouncycastle.mozilla.test;
-
-import java.security.Security;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.test.SimpleTestResult;
-
-public class AllTests
-    extends TestCase
-{
-    public void testMozilla()
-    {   
-        Security.addProvider(new BouncyCastleProvider());
-        
-        org.bouncycastle.util.test.Test[] tests = new org.bouncycastle.util.test.Test[] { new SPKACTest() };
-        
-        for (int i = 0; i != tests.length; i++)
-        {
-            SimpleTestResult  result = (SimpleTestResult)tests[i].perform();
-            
-            if (!result.isSuccessful())
-            {
-                fail(result.toString());
-            }
-        }
-    }
-    
-    public static void main (String[] args)
-    {
-        junit.textui.TestRunner.run(suite());
-    }
-    
-    public static Test suite()
-    {
-        TestSuite suite = new TestSuite("Mozilla Tests");
-        
-        suite.addTestSuite(AllTests.class);
-        
-        return new BCTestSetup(suite);
-    }
-
-    static class BCTestSetup
-        extends TestSetup
-    {
-        public BCTestSetup(Test test)
-        {
-            super(test);
-        }
-
-        protected void setUp()
-        {
-
-        }
-
-        protected void tearDown()
-        {
-
-        }
-    }
-
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mozilla/test/SPKACTest.java b/bcpkix/src/main/java/org/bouncycastle/mozilla/test/SPKACTest.java
deleted file mode 100644
index d9440bb..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mozilla/test/SPKACTest.java
+++ /dev/null

@@ -1,187 +0,0 @@
-package org.bouncycastle.mozilla.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.security.PublicKey;
-import java.security.Security;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DERIA5String;
-import org.bouncycastle.asn1.DEROutputStream;
-import org.bouncycastle.asn1.mozilla.PublicKeyAndChallenge;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.mozilla.SignedPublicKeyAndChallenge;
-import org.bouncycastle.mozilla.jcajce.JcaSignedPublicKeyAndChallenge;
-import org.bouncycastle.operator.jcajce.JcaContentVerifierProviderBuilder;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class SPKACTest
-    extends SimpleTest
-{
-    byte[] spkac = Base64.decode(
-        "MIIBOjCBpDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEApne7ti0ibPhV8Iht" +
-            "7Pws5iRckM7x4mtZYxEpeX5/IO8tDsBFdY86ewuY2f2KCca0oMWr43kdkZbPyzf4" +
-            "CSV+0fZm9MJyNMywygZjoOCC+rS8kr0Ef31iHChhYsyejJnjw116Jnn96syhdHY6" +
-            "lVD1rK0nn5ZkHjxU74gjoZu6BJMCAwEAARYAMA0GCSqGSIb3DQEBBAUAA4GBAKFL" +
-            "g/luv0C7gMTI8ZKfFoSyi7Q7kiSQcmSj1WJgT56ouIRJO5NdvB/1n4GNik8VOAU0" +
-            "NRztvGy3ZGqgbSav7lrxcNEvXH+dLbtS97s7yiaozpsOcEHqsBribpLOTRzYa8ci" +
-            "CwkPmIiYqcby11diKLpd+W9RFYNme2v0rrbM2CyV");
-
-
-    public String getName()
-    {
-        return "SignedPubicKeyAndChallenge";
-    }
-
-    public void spkacTest(String testName, byte[] req)
-        throws Exception
-    {
-        SignedPublicKeyAndChallenge spkac;
-
-        spkac = new SignedPublicKeyAndChallenge(req);
-
-        PublicKeyAndChallenge pkac = spkac.getPublicKeyAndChallenge();
-        PublicKey pubKey = spkac.getPublicKey("BC");
-        ASN1Primitive obj = pkac.toASN1Primitive();
-        if (obj == null)
-        {
-            fail("Error - " + testName + " PKAC ASN1Primitive was null.");
-        }
-
-        obj = spkac.toASN1Primitive();
-        if (obj == null)
-        {
-            fail("Error - " + testName + " SPKAC ASN1Primitive was null.");
-        }
-
-        SubjectPublicKeyInfo spki = pkac.getSubjectPublicKeyInfo();
-        if (spki == null)
-        {
-            fail("Error - " + testName + " SubjectPublicKeyInfo was null.");
-        }
-
-        DERIA5String challenge = pkac.getChallenge();
-        // Most cases this will be a string of length zero.
-        if (challenge == null)
-        {
-            fail(":Error - " + testName + " challenge was null.");
-        }
-
-        ByteArrayInputStream bIn = new ByteArrayInputStream(req);
-        ASN1InputStream dIn = new ASN1InputStream(bIn);
-
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        DEROutputStream dOut = new DEROutputStream(bOut);
-
-        dOut.writeObject(spkac.toASN1Primitive());
-
-        byte[] bytes = bOut.toByteArray();
-
-        if (bytes.length != req.length)
-        {
-            fail(testName + " failed length test");
-        }
-
-        for (int i = 0; i != req.length; i++)
-        {
-            if (bytes[i] != req[i])
-            {
-                fail(testName + " failed comparison test");
-            }
-        }
-
-        if (!spkac.verify("BC"))
-        {
-            fail(testName + " verification failed");
-        }
-    }
-
-    public void spkacNewTest(String testName, byte[] req)
-        throws Exception
-    {
-        SignedPublicKeyAndChallenge spkac;
-
-        spkac = new SignedPublicKeyAndChallenge(req);
-
-        PublicKeyAndChallenge pkac = spkac.getPublicKeyAndChallenge();
-        PublicKey pubKey = spkac.getPublicKey("BC");
-        ASN1Primitive obj = pkac.toASN1Primitive();
-        if (obj == null)
-        {
-            fail("Error - " + testName + " PKAC ASN1Primitive was null.");
-        }
-
-        obj = spkac.toASN1Structure().toASN1Primitive();
-        if (obj == null)
-        {
-            fail("Error - " + testName + " SPKAC ASN1Primitive was null.");
-        }
-
-        SubjectPublicKeyInfo spki = pkac.getSubjectPublicKeyInfo();
-        if (spki == null)
-        {
-            fail("Error - " + testName + " SubjectPublicKeyInfo was null.");
-        }
-
-        DERIA5String challenge = pkac.getChallenge();
-        // Most cases this will be a string of length zero.
-        if (challenge == null)
-        {
-            fail(":Error - " + testName + " challenge was null.");
-        }
-
-        ByteArrayInputStream bIn = new ByteArrayInputStream(req);
-        ASN1InputStream dIn = new ASN1InputStream(bIn);
-
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        DEROutputStream dOut = new DEROutputStream(bOut);
-
-        dOut.writeObject(spkac.toASN1Structure());
-
-        byte[] bytes = bOut.toByteArray();
-
-        if (bytes.length != req.length)
-        {
-            fail(testName + " failed length test");
-        }
-
-        for (int i = 0; i != req.length; i++)
-        {
-            if (bytes[i] != req[i])
-            {
-                fail(testName + " failed comparison test");
-            }
-        }
-
-        if (!spkac.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider("BC").build(spkac.getSubjectPublicKeyInfo())))
-        {
-            fail(testName + " verification failed");
-        }
-
-        JcaSignedPublicKeyAndChallenge jcaSignedPublicKeyAndChallenge = new JcaSignedPublicKeyAndChallenge(req);
-
-        if (!spkac.isSignatureValid(new JcaContentVerifierProviderBuilder().setProvider("BC").build(jcaSignedPublicKeyAndChallenge.getPublicKey())))
-        {
-            fail(testName + " verification failed");
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        spkacTest("spkac", spkac);
-        spkacNewTest("spkac", spkac);
-    }
-
-    public static void main(String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new SPKACTest());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/mozilla/test/package.html b/bcpkix/src/main/java/org/bouncycastle/mozilla/test/package.html
deleted file mode 100644
index 9a17109..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/mozilla/test/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Test classes for Mozilla signed public key and challenge.
-</body>
-</html>

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/EncryptionException.java b/bcpkix/src/main/java/org/bouncycastle/openssl/EncryptionException.java
deleted file mode 100644
index 67db207..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/EncryptionException.java
+++ /dev/null

@@ -1,23 +0,0 @@
-package org.bouncycastle.openssl;
-
-public class EncryptionException
-    extends PEMException
-{
-    private Throwable cause;
-
-    public EncryptionException(String msg)
-    {
-        super(msg);
-    }
-
-    public EncryptionException(String msg, Throwable ex)
-    {
-        super(msg);
-        this.cause = ex;
-    }
-
-    public Throwable getCause()
-    {
-        return cause;
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/MiscPEMGenerator.java b/bcpkix/src/main/java/org/bouncycastle/openssl/MiscPEMGenerator.java
deleted file mode 100644
index ed73228..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/MiscPEMGenerator.java
+++ /dev/null

@@ -1,221 +0,0 @@
-package org.bouncycastle.openssl;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.util.ArrayList;
-import java.util.List;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.DSAParameter;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-import org.bouncycastle.cert.X509AttributeCertificateHolder;
-import org.bouncycastle.cert.X509CRLHolder;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.pkcs.PKCS10CertificationRequest;
-import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.io.pem.PemGenerationException;
-import org.bouncycastle.util.io.pem.PemHeader;
-import org.bouncycastle.util.io.pem.PemObject;
-import org.bouncycastle.util.io.pem.PemObjectGenerator;
-
-/**
- * PEM generator for the original set of PEM objects used in Open SSL.
- */
-public class MiscPEMGenerator
-    implements PemObjectGenerator
-{
-    private static final ASN1ObjectIdentifier[] dsaOids =
-    {
-        X9ObjectIdentifiers.id_dsa,
-        OIWObjectIdentifiers.dsaWithSHA1
-    };
-
-    private static final byte[] hexEncodingTable =
-    {
-        (byte)'0', (byte)'1', (byte)'2', (byte)'3', (byte)'4', (byte)'5', (byte)'6', (byte)'7',
-        (byte)'8', (byte)'9', (byte)'A', (byte)'B', (byte)'C', (byte)'D', (byte)'E', (byte)'F'
-    };
-
-    private final Object obj;
-    private final PEMEncryptor encryptor;
-
-    public MiscPEMGenerator(Object o)
-    {
-        this.obj = o;              // use of this confuses some earlier JDKs.
-        this.encryptor = null;
-    }
-
-    public MiscPEMGenerator(Object o, PEMEncryptor encryptor)
-    {
-        this.obj = o;
-        this.encryptor = encryptor;
-    }
-
-    private PemObject createPemObject(Object o)
-        throws IOException
-    {
-        String  type;
-        byte[]  encoding;
-
-        if (o instanceof PemObject)
-        {
-            return (PemObject)o;
-        }
-        if (o instanceof PemObjectGenerator)
-        {
-            return ((PemObjectGenerator)o).generate();
-        }
-        if (o instanceof X509CertificateHolder)
-        {
-            type = "CERTIFICATE";
-
-            encoding = ((X509CertificateHolder)o).getEncoded();
-        }
-        else if (o instanceof X509CRLHolder)
-        {
-            type = "X509 CRL";
-
-            encoding = ((X509CRLHolder)o).getEncoded();
-        }
-        else if (o instanceof X509TrustedCertificateBlock)
-        {
-            type = "TRUSTED CERTIFICATE";
-
-            encoding = ((X509TrustedCertificateBlock)o).getEncoded();
-        }
-        else if (o instanceof PrivateKeyInfo)
-        {
-            PrivateKeyInfo info = (PrivateKeyInfo)o;
-            ASN1ObjectIdentifier algOID = info.getPrivateKeyAlgorithm().getAlgorithm();
-
-            if (algOID.equals(PKCSObjectIdentifiers.rsaEncryption))
-            {
-                type = "RSA PRIVATE KEY";
-
-                encoding = info.parsePrivateKey().toASN1Primitive().getEncoded();
-            }
-            else if (algOID.equals(dsaOids[0]) || algOID.equals(dsaOids[1]))
-            {
-                type = "DSA PRIVATE KEY";
-
-                DSAParameter p = DSAParameter.getInstance(info.getPrivateKeyAlgorithm().getParameters());
-                ASN1EncodableVector v = new ASN1EncodableVector();
-
-                v.add(new ASN1Integer(0));
-                v.add(new ASN1Integer(p.getP()));
-                v.add(new ASN1Integer(p.getQ()));
-                v.add(new ASN1Integer(p.getG()));
-
-                BigInteger x = ASN1Integer.getInstance(info.parsePrivateKey()).getValue();
-                BigInteger y = p.getG().modPow(x, p.getP());
-
-                v.add(new ASN1Integer(y));
-                v.add(new ASN1Integer(x));
-
-                encoding = new DERSequence(v).getEncoded();
-            }
-            else if (algOID.equals(X9ObjectIdentifiers.id_ecPublicKey))
-            {
-                type = "EC PRIVATE KEY";
-
-                encoding = info.parsePrivateKey().toASN1Primitive().getEncoded();
-            }
-            else
-            {
-                throw new IOException("Cannot identify private key");
-            }
-        }
-        else if (o instanceof SubjectPublicKeyInfo)
-        {
-            type = "PUBLIC KEY";
-
-            encoding = ((SubjectPublicKeyInfo)o).getEncoded();
-        }
-        else if (o instanceof X509AttributeCertificateHolder)
-        {
-            type = "ATTRIBUTE CERTIFICATE";
-            encoding = ((X509AttributeCertificateHolder)o).getEncoded();
-        }
-        else if (o instanceof org.bouncycastle.pkcs.PKCS10CertificationRequest)
-        {
-            type = "CERTIFICATE REQUEST";
-            encoding = ((PKCS10CertificationRequest)o).getEncoded();
-        }
-        else if (o instanceof PKCS8EncryptedPrivateKeyInfo)
-        {
-            type = "ENCRYPTED PRIVATE KEY";
-            encoding = ((PKCS8EncryptedPrivateKeyInfo)o).getEncoded();
-        }
-        else if (o instanceof ContentInfo)
-        {
-            type = "PKCS7";
-            encoding = ((ContentInfo)o).getEncoded();
-        }
-        else
-        {
-            throw new PemGenerationException("unknown object passed - can't encode.");
-        }
-
-        if (encryptor != null)
-        {
-            String dekAlgName = Strings.toUpperCase(encryptor.getAlgorithm());
-
-            // Note: For backward compatibility
-            if (dekAlgName.equals("DESEDE"))
-            {
-                dekAlgName = "DES-EDE3-CBC";
-            }
-
-
-            byte[] iv = encryptor.getIV();
-
-            byte[] encData = encryptor.encrypt(encoding);
-
-            List headers = new ArrayList(2);
-
-            headers.add(new PemHeader("Proc-Type", "4,ENCRYPTED"));
-            headers.add(new PemHeader("DEK-Info", dekAlgName + "," + getHexEncoded(iv)));
-
-            return new PemObject(type, headers, encData);
-        }
-        return new PemObject(type, encoding);
-    }
-
-    private String getHexEncoded(byte[] bytes)
-        throws IOException
-    {
-        char[] chars = new char[bytes.length * 2];
-
-        for (int i = 0; i != bytes.length; i++)
-        {
-            int    v = bytes[i] & 0xff;
-
-            chars[2 * i] = (char)(hexEncodingTable[(v >>> 4)]);
-            chars[2 * i + 1]  = (char)(hexEncodingTable[v & 0xf]);
-        }
-
-        return new String(chars);
-    }
-
-    public PemObject generate()
-        throws PemGenerationException
-    {
-        try
-        {
-            return createPemObject(obj);
-        }
-        catch (IOException e)
-        {
-            throw new PemGenerationException("encoding exception: " + e.getMessage(), e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/PEMDecryptor.java b/bcpkix/src/main/java/org/bouncycastle/openssl/PEMDecryptor.java
deleted file mode 100644
index 0f12cd1..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/PEMDecryptor.java
+++ /dev/null

@@ -1,18 +0,0 @@
-package org.bouncycastle.openssl;
-
-/**
- * Base interface for decryption operations.
- */
-public interface PEMDecryptor
-{
-    /**
-     * Decrypt the passed in data using the associated IV and the decryptor's key state.
-     *
-     * @param data the encrypted data
-     * @param iv the initialisation vector associated with the decryption.
-     * @return the decrypted data.
-     * @throws PEMException in the event of an issue.
-     */
-    byte[] decrypt(byte[] data, byte[] iv)
-        throws PEMException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/PEMDecryptorProvider.java b/bcpkix/src/main/java/org/bouncycastle/openssl/PEMDecryptorProvider.java
deleted file mode 100644
index b1827cd..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/PEMDecryptorProvider.java
+++ /dev/null

@@ -1,9 +0,0 @@
-package org.bouncycastle.openssl;
-
-import org.bouncycastle.operator.OperatorCreationException;
-
-public interface PEMDecryptorProvider
-{
-    PEMDecryptor get(String dekAlgName)
-        throws OperatorCreationException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/PEMEncryptedKeyPair.java b/bcpkix/src/main/java/org/bouncycastle/openssl/PEMEncryptedKeyPair.java
deleted file mode 100644
index 4c28f8d..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/PEMEncryptedKeyPair.java
+++ /dev/null

@@ -1,44 +0,0 @@
-package org.bouncycastle.openssl;
-
-import java.io.IOException;
-
-import org.bouncycastle.operator.OperatorCreationException;
-
-public class PEMEncryptedKeyPair
-{
-    private final String dekAlgName;
-    private final byte[] iv;
-    private final byte[] keyBytes;
-    private final PEMKeyPairParser parser;
-
-    PEMEncryptedKeyPair(String dekAlgName, byte[] iv, byte[] keyBytes, PEMKeyPairParser parser)
-    {
-        this.dekAlgName = dekAlgName;
-        this.iv = iv;
-        this.keyBytes = keyBytes;
-        this.parser = parser;
-    }
-
-    public PEMKeyPair decryptKeyPair(PEMDecryptorProvider keyDecryptorProvider)
-        throws IOException
-    {
-        try
-        {
-            PEMDecryptor keyDecryptor = keyDecryptorProvider.get(dekAlgName);
-
-            return parser.parse(keyDecryptor.decrypt(keyBytes, iv));
-        }
-        catch (IOException e)
-        {
-            throw e;
-        }
-        catch (OperatorCreationException e)
-        {
-            throw new PEMException("cannot create extraction operator: " + e.getMessage(), e);
-        }
-        catch (Exception e)
-        {
-            throw new PEMException("exception processing key pair: " + e.getMessage(), e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/PEMEncryptor.java b/bcpkix/src/main/java/org/bouncycastle/openssl/PEMEncryptor.java
deleted file mode 100644
index 5fb6647..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/PEMEncryptor.java
+++ /dev/null

@@ -1,11 +0,0 @@
-package org.bouncycastle.openssl;
-
-public interface PEMEncryptor
-{
-    String getAlgorithm();
-
-    byte[] getIV();
-
-    byte[] encrypt(byte[] encoding)
-        throws PEMException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/PEMException.java b/bcpkix/src/main/java/org/bouncycastle/openssl/PEMException.java
deleted file mode 100644
index 3753aec..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/PEMException.java
+++ /dev/null

@@ -1,34 +0,0 @@
-package org.bouncycastle.openssl;
-
-import java.io.IOException;
-
-public class PEMException
-    extends IOException
-{
-    Exception    underlying;
-
-    public PEMException(
-        String    message)
-    {
-        super(message);
-    }
-
-    public PEMException(
-        String        message,
-        Exception    underlying)
-    {
-        super(message);
-        this.underlying = underlying;
-    }
-
-    public Exception getUnderlyingException()
-    {
-        return underlying;
-    }
-
-
-    public Throwable getCause()
-    {
-        return underlying;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/PEMKeyPair.java b/bcpkix/src/main/java/org/bouncycastle/openssl/PEMKeyPair.java
deleted file mode 100644
index 077934e..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/PEMKeyPair.java
+++ /dev/null

@@ -1,26 +0,0 @@
-package org.bouncycastle.openssl;
-
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-
-public class PEMKeyPair
-{
-    private final SubjectPublicKeyInfo publicKeyInfo;
-    private final PrivateKeyInfo privateKeyInfo;
-
-    public PEMKeyPair(SubjectPublicKeyInfo publicKeyInfo, PrivateKeyInfo privateKeyInfo)
-    {
-        this.publicKeyInfo = publicKeyInfo;
-        this.privateKeyInfo = privateKeyInfo;
-    }
-
-    public PrivateKeyInfo getPrivateKeyInfo()
-    {
-        return privateKeyInfo;
-    }
-
-    public SubjectPublicKeyInfo getPublicKeyInfo()
-    {
-        return publicKeyInfo;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/PEMKeyPairParser.java b/bcpkix/src/main/java/org/bouncycastle/openssl/PEMKeyPairParser.java
deleted file mode 100644
index fc0cb04..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/PEMKeyPairParser.java
+++ /dev/null

@@ -1,9 +0,0 @@
-package org.bouncycastle.openssl;
-
-import java.io.IOException;
-
-interface PEMKeyPairParser
-{
-    PEMKeyPair parse(byte[] encoding)
-        throws IOException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/PEMParser.java b/bcpkix/src/main/java/org/bouncycastle/openssl/PEMParser.java
deleted file mode 100644
index c0c867d..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/PEMParser.java
+++ /dev/null

@@ -1,549 +0,0 @@
-package org.bouncycastle.openssl;
-
-import java.io.IOException;
-import java.io.Reader;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.StringTokenizer;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.pkcs.RSAPublicKey;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.DSAParameter;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-import org.bouncycastle.cert.X509AttributeCertificateHolder;
-import org.bouncycastle.cert.X509CRLHolder;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.pkcs.PKCS10CertificationRequest;
-import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.io.pem.PemHeader;
-import org.bouncycastle.util.io.pem.PemObject;
-import org.bouncycastle.util.io.pem.PemObjectParser;
-import org.bouncycastle.util.io.pem.PemReader;
-
-/**
- * Class for parsing OpenSSL PEM encoded streams containing
- * X509 certificates, PKCS8 encoded keys and PKCS7 objects.
- * <p>
- * In the case of PKCS7 objects the reader will return a CMS ContentInfo object. Public keys will be returned as
- * well formed SubjectPublicKeyInfo objects, private keys will be returned as well formed PrivateKeyInfo objects. In the
- * case of a private key a PEMKeyPair will normally be returned if the encoding contains both the private and public
- * key definition. CRLs, Certificates, PKCS#10 requests, and Attribute Certificates will generate the appropriate BC holder class.
- * </p>
- */
-public class PEMParser
-    extends PemReader
-{
-    private final Map parsers = new HashMap();
-
-    /**
-     * Create a new PEMReader
-     *
-     * @param reader the Reader
-     */
-    public PEMParser(
-        Reader reader)
-    {
-        super(reader);
-
-        parsers.put("CERTIFICATE REQUEST", new PKCS10CertificationRequestParser());
-        parsers.put("NEW CERTIFICATE REQUEST", new PKCS10CertificationRequestParser());
-        parsers.put("CERTIFICATE", new X509CertificateParser());
-        parsers.put("TRUSTED CERTIFICATE", new X509TrustedCertificateParser());
-        parsers.put("X509 CERTIFICATE", new X509CertificateParser());
-        parsers.put("X509 CRL", new X509CRLParser());
-        parsers.put("PKCS7", new PKCS7Parser());
-        parsers.put("CMS", new PKCS7Parser());
-        parsers.put("ATTRIBUTE CERTIFICATE", new X509AttributeCertificateParser());
-        parsers.put("EC PARAMETERS", new ECCurveParamsParser());
-        parsers.put("PUBLIC KEY", new PublicKeyParser());
-        parsers.put("RSA PUBLIC KEY", new RSAPublicKeyParser());
-        parsers.put("RSA PRIVATE KEY", new KeyPairParser(new RSAKeyPairParser()));
-        parsers.put("DSA PRIVATE KEY", new KeyPairParser(new DSAKeyPairParser()));
-        parsers.put("EC PRIVATE KEY", new KeyPairParser(new ECDSAKeyPairParser()));
-        parsers.put("ENCRYPTED PRIVATE KEY", new EncryptedPrivateKeyParser());
-        parsers.put("PRIVATE KEY", new PrivateKeyParser());
-    }
-
-    /**
-     * Read the next PEM object attempting to interpret the header and
-     * create a higher level object from the content.
-     *
-     * @return the next object in the stream, null if no objects left.
-     * @throws IOException in case of a parse error.
-     */
-    public Object readObject()
-        throws IOException
-    {
-        PemObject obj = readPemObject();
-
-        if (obj != null)
-        {
-            String type = obj.getType();
-            if (parsers.containsKey(type))
-            {
-                return ((PemObjectParser)parsers.get(type)).parseObject(obj);
-            }
-            else
-            {
-                throw new IOException("unrecognised object: " + type);
-            }
-        }
-
-        return null;
-    }
-
-    private class KeyPairParser
-        implements PemObjectParser
-    {
-        private final PEMKeyPairParser pemKeyPairParser;
-
-        public KeyPairParser(PEMKeyPairParser pemKeyPairParser)
-        {
-            this.pemKeyPairParser = pemKeyPairParser;
-        }
-
-        /**
-         * Read a Key Pair
-         */
-        public Object parseObject(
-            PemObject obj)
-            throws IOException
-        {
-            boolean isEncrypted = false;
-            String dekInfo = null;
-            List headers = obj.getHeaders();
-
-            for (Iterator it = headers.iterator(); it.hasNext();)
-            {
-                PemHeader hdr = (PemHeader)it.next();
-
-                if (hdr.getName().equals("Proc-Type") && hdr.getValue().equals("4,ENCRYPTED"))
-                {
-                    isEncrypted = true;
-                }
-                else if (hdr.getName().equals("DEK-Info"))
-                {
-                    dekInfo = hdr.getValue();
-                }
-            }
-
-            //
-            // extract the key
-            //
-            byte[] keyBytes = obj.getContent();
-
-            try
-            {
-                if (isEncrypted)
-                {
-                    StringTokenizer tknz = new StringTokenizer(dekInfo, ",");
-                    String dekAlgName = tknz.nextToken();
-                    byte[] iv = Hex.decode(tknz.nextToken());
-
-                    return new PEMEncryptedKeyPair(dekAlgName, iv, keyBytes, pemKeyPairParser);
-                }
-
-                return pemKeyPairParser.parse(keyBytes);
-            }
-            catch (IOException e)
-            {
-                if (isEncrypted)
-                {
-                    throw new PEMException("exception decoding - please check password and data.", e);
-                }
-                else
-                {
-                    throw new PEMException(e.getMessage(), e);
-                }
-            }
-            catch (IllegalArgumentException e)
-            {
-                if (isEncrypted)
-                {
-                    throw new PEMException("exception decoding - please check password and data.", e);
-                }
-                else
-                {
-                    throw new PEMException(e.getMessage(), e);
-                }
-            }
-        }
-    }
-
-    private class DSAKeyPairParser
-        implements PEMKeyPairParser
-    {
-        public PEMKeyPair parse(byte[] encoding)
-            throws IOException
-        {
-            try
-            {
-                ASN1Sequence seq = ASN1Sequence.getInstance(encoding);
-
-                if (seq.size() != 6)
-                {
-                    throw new PEMException("malformed sequence in DSA private key");
-                }
-
-                //            ASN1Integer              v = (ASN1Integer)seq.getObjectAt(0);
-                ASN1Integer p = ASN1Integer.getInstance(seq.getObjectAt(1));
-                ASN1Integer q = ASN1Integer.getInstance(seq.getObjectAt(2));
-                ASN1Integer g = ASN1Integer.getInstance(seq.getObjectAt(3));
-                ASN1Integer y = ASN1Integer.getInstance(seq.getObjectAt(4));
-                ASN1Integer x = ASN1Integer.getInstance(seq.getObjectAt(5));
-
-                return new PEMKeyPair(
-                    new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa, new DSAParameter(p.getValue(), q.getValue(), g.getValue())), y),
-                    new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa, new DSAParameter(p.getValue(), q.getValue(), g.getValue())), x));
-            }
-            catch (IOException e)
-            {
-                throw e;
-            }
-            catch (Exception e)
-            {
-                throw new PEMException(
-                    "problem creating DSA private key: " + e.toString(), e);
-            }
-        }
-    }
-
-    private class ECDSAKeyPairParser
-        implements PEMKeyPairParser
-    {
-        public PEMKeyPair parse(byte[] encoding)
-            throws IOException
-        {
-            try
-            {
-                ASN1Sequence seq = ASN1Sequence.getInstance(encoding);
-
-                org.bouncycastle.asn1.sec.ECPrivateKey pKey = org.bouncycastle.asn1.sec.ECPrivateKey.getInstance(seq);
-                AlgorithmIdentifier algId = new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, pKey.getParameters());
-                PrivateKeyInfo privInfo = new PrivateKeyInfo(algId, pKey);
-
-                if (pKey.getPublicKey() != null)
-                {
-                    SubjectPublicKeyInfo pubInfo = new SubjectPublicKeyInfo(algId, pKey.getPublicKey().getBytes());
-
-                    return new PEMKeyPair(pubInfo, privInfo);
-                }
-                else
-                {
-                    return new PEMKeyPair(null, privInfo);
-                }
-            }
-            catch (IOException e)
-            {
-                throw e;
-            }
-            catch (Exception e)
-            {
-                throw new PEMException(
-                    "problem creating EC private key: " + e.toString(), e);
-            }
-        }
-    }
-
-    private class RSAKeyPairParser
-        implements PEMKeyPairParser
-    {
-        public PEMKeyPair parse(byte[] encoding)
-            throws IOException
-        {
-            try
-            {
-                ASN1Sequence seq = ASN1Sequence.getInstance(encoding);
-
-                if (seq.size() != 9)
-                {
-                    throw new PEMException("malformed sequence in RSA private key");
-                }
-
-                org.bouncycastle.asn1.pkcs.RSAPrivateKey keyStruct = org.bouncycastle.asn1.pkcs.RSAPrivateKey.getInstance(seq);
-
-                RSAPublicKey pubSpec = new RSAPublicKey(
-                    keyStruct.getModulus(), keyStruct.getPublicExponent());
-
-                AlgorithmIdentifier algId = new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE);
-
-                return new PEMKeyPair(new SubjectPublicKeyInfo(algId, pubSpec), new PrivateKeyInfo(algId, keyStruct));
-            }
-            catch (IOException e)
-            {
-                throw e;
-            }
-            catch (Exception e)
-            {
-                throw new PEMException(
-                    "problem creating RSA private key: " + e.toString(), e);
-            }
-        }
-    }
-
-    private class PublicKeyParser
-        implements PemObjectParser
-    {
-        public PublicKeyParser()
-        {
-        }
-
-        public Object parseObject(PemObject obj)
-            throws IOException
-        {
-            return SubjectPublicKeyInfo.getInstance(obj.getContent());
-        }
-    }
-
-    private class RSAPublicKeyParser
-        implements PemObjectParser
-    {
-        public RSAPublicKeyParser()
-        {
-        }
-
-        public Object parseObject(PemObject obj)
-            throws IOException
-        {
-            try
-            {
-                RSAPublicKey rsaPubStructure = RSAPublicKey.getInstance(obj.getContent());
-
-                return new SubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), rsaPubStructure);
-            }
-            catch (IOException e)
-            {
-                throw e;
-            }
-            catch (Exception e)
-            {
-                throw new PEMException("problem extracting key: " + e.toString(), e);
-            }
-        }
-    }
-
-    private class X509CertificateParser
-        implements PemObjectParser
-    {
-        /**
-         * Reads in a X509Certificate.
-         *
-         * @return the X509Certificate
-         * @throws java.io.IOException if an I/O error occured
-         */
-        public Object parseObject(PemObject obj)
-            throws IOException
-        {
-            try
-            {
-                return new X509CertificateHolder(obj.getContent());
-            }
-            catch (Exception e)
-            {
-                throw new PEMException("problem parsing cert: " + e.toString(), e);
-            }
-        }
-    }
-
-    private class X509TrustedCertificateParser
-        implements PemObjectParser
-    {
-        /**
-         * Reads in a X509Certificate.
-         *
-         * @return the X509Certificate
-         * @throws java.io.IOException if an I/O error occured
-         */
-        public Object parseObject(PemObject obj)
-            throws IOException
-        {
-            try
-            {
-                return new X509TrustedCertificateBlock(obj.getContent());
-            }
-            catch (Exception e)
-            {
-                throw new PEMException("problem parsing cert: " + e.toString(), e);
-            }
-        }
-    }
-
-    private class X509CRLParser
-        implements PemObjectParser
-    {
-        /**
-         * Reads in a X509CRL.
-         *
-         * @return the X509Certificate
-         * @throws java.io.IOException if an I/O error occured
-         */
-        public Object parseObject(PemObject obj)
-            throws IOException
-        {
-            try
-            {
-                return new X509CRLHolder(obj.getContent());
-            }
-            catch (Exception e)
-            {
-                throw new PEMException("problem parsing cert: " + e.toString(), e);
-            }
-        }
-    }
-
-    private class PKCS10CertificationRequestParser
-        implements PemObjectParser
-    {
-        /**
-         * Reads in a PKCS10 certification request.
-         *
-         * @return the certificate request.
-         * @throws java.io.IOException if an I/O error occured
-         */
-        public Object parseObject(PemObject obj)
-            throws IOException
-        {
-            try
-            {
-                return new PKCS10CertificationRequest(obj.getContent());
-            }
-            catch (Exception e)
-            {
-                throw new PEMException("problem parsing certrequest: " + e.toString(), e);
-            }
-        }
-    }
-
-    private class PKCS7Parser
-        implements PemObjectParser
-    {
-        /**
-         * Reads in a PKCS7 object. This returns a ContentInfo object suitable for use with the CMS
-         * API.
-         *
-         * @return the X509Certificate
-         * @throws java.io.IOException if an I/O error occured
-         */
-        public Object parseObject(PemObject obj)
-            throws IOException
-        {
-            try
-            {
-                ASN1InputStream aIn = new ASN1InputStream(obj.getContent());
-
-                return ContentInfo.getInstance(aIn.readObject());
-            }
-            catch (Exception e)
-            {
-                throw new PEMException("problem parsing PKCS7 object: " + e.toString(), e);
-            }
-        }
-    }
-
-    private class X509AttributeCertificateParser
-        implements PemObjectParser
-    {
-        public Object parseObject(PemObject obj)
-            throws IOException
-        {
-            return new X509AttributeCertificateHolder(obj.getContent());
-        }
-    }
-
-    private class ECCurveParamsParser
-        implements PemObjectParser
-    {
-        public Object parseObject(PemObject obj)
-            throws IOException
-        {
-            try
-            {
-                Object param = ASN1Primitive.fromByteArray(obj.getContent());
-
-                if (param instanceof ASN1ObjectIdentifier)
-                {
-                    return ASN1Primitive.fromByteArray(obj.getContent());
-                }
-                else if (param instanceof ASN1Sequence)
-                {
-                    return X9ECParameters.getInstance(param);
-                }
-                else
-                {
-                    return null;  // implicitly CA
-                }
-            }
-            catch (IOException e)
-            {
-                throw e;
-            }
-            catch (Exception e)
-            {
-                throw new PEMException("exception extracting EC named curve: " + e.toString());
-            }
-        }
-    }
-
-    private class EncryptedPrivateKeyParser
-        implements PemObjectParser
-    {
-        public EncryptedPrivateKeyParser()
-        {
-        }
-
-        /**
-         * Reads in an EncryptedPrivateKeyInfo
-         *
-         * @return the X509Certificate
-         * @throws java.io.IOException if an I/O error occured
-         */
-        public Object parseObject(PemObject obj)
-            throws IOException
-        {
-            try
-            {
-                return new PKCS8EncryptedPrivateKeyInfo(EncryptedPrivateKeyInfo.getInstance(obj.getContent()));
-            }
-            catch (Exception e)
-            {
-                throw new PEMException("problem parsing ENCRYPTED PRIVATE KEY: " + e.toString(), e);
-            }
-        }
-    }
-
-    private class PrivateKeyParser
-        implements PemObjectParser
-    {
-        public PrivateKeyParser()
-        {
-        }
-
-        public Object parseObject(PemObject obj)
-            throws IOException
-        {
-            try
-            {
-                return PrivateKeyInfo.getInstance(obj.getContent());
-            }
-            catch (Exception e)
-            {
-                throw new PEMException("problem parsing PRIVATE KEY: " + e.toString(), e);
-            }
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/PEMUtilities.java b/bcpkix/src/main/java/org/bouncycastle/openssl/PEMUtilities.java
deleted file mode 100644
index a2f96de..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/PEMUtilities.java
+++ /dev/null

@@ -1,64 +0,0 @@
-package org.bouncycastle.openssl;
-
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Set;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.util.Integers;
-
-final class PEMUtilities
-{
-    private static final Map KEYSIZES = new HashMap();
-    private static final Set PKCS5_SCHEME_1 = new HashSet();
-    private static final Set PKCS5_SCHEME_2 = new HashSet();
-
-    static
-    {
-        PKCS5_SCHEME_1.add(PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC);
-        PKCS5_SCHEME_1.add(PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC);
-        PKCS5_SCHEME_1.add(PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC);
-        PKCS5_SCHEME_1.add(PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC);
-        PKCS5_SCHEME_1.add(PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC);
-        PKCS5_SCHEME_1.add(PKCSObjectIdentifiers.pbeWithSHA1AndRC2_CBC);
-
-        PKCS5_SCHEME_2.add(PKCSObjectIdentifiers.id_PBES2);
-        PKCS5_SCHEME_2.add(PKCSObjectIdentifiers.des_EDE3_CBC);
-        PKCS5_SCHEME_2.add(NISTObjectIdentifiers.id_aes128_CBC);
-        PKCS5_SCHEME_2.add(NISTObjectIdentifiers.id_aes192_CBC);
-        PKCS5_SCHEME_2.add(NISTObjectIdentifiers.id_aes256_CBC);
-
-        KEYSIZES.put(PKCSObjectIdentifiers.des_EDE3_CBC.getId(), Integers.valueOf(192));
-        KEYSIZES.put(NISTObjectIdentifiers.id_aes128_CBC.getId(), Integers.valueOf(128));
-        KEYSIZES.put(NISTObjectIdentifiers.id_aes192_CBC.getId(), Integers.valueOf(192));
-        KEYSIZES.put(NISTObjectIdentifiers.id_aes256_CBC.getId(), Integers.valueOf(256));
-    }
-
-    static int getKeySize(String algorithm)
-    {
-        if (!KEYSIZES.containsKey(algorithm))
-        {
-            throw new IllegalStateException("no key size for algorithm: " + algorithm);
-        }
-        
-        return ((Integer)KEYSIZES.get(algorithm)).intValue();
-    }
-
-    static boolean isPKCS5Scheme1(ASN1ObjectIdentifier algOid)
-    {
-        return PKCS5_SCHEME_1.contains(algOid);
-    }
-
-    public static boolean isPKCS5Scheme2(ASN1ObjectIdentifier algOid)
-    {
-        return PKCS5_SCHEME_2.contains(algOid);
-    }
-
-    public static boolean isPKCS12(ASN1ObjectIdentifier algOid)
-    {
-        return algOid.getId().startsWith(PKCSObjectIdentifiers.pkcs_12PbeIds.getId());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/PEMWriter.java b/bcpkix/src/main/java/org/bouncycastle/openssl/PEMWriter.java
deleted file mode 100644
index 131d02c..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/PEMWriter.java
+++ /dev/null

@@ -1,69 +0,0 @@
-package org.bouncycastle.openssl;
-
-import java.io.IOException;
-import java.io.Writer;
-
-import org.bouncycastle.openssl.jcajce.JcaMiscPEMGenerator;
-import org.bouncycastle.util.io.pem.PemGenerationException;
-import org.bouncycastle.util.io.pem.PemObjectGenerator;
-import org.bouncycastle.util.io.pem.PemWriter;
-
-/**
- * General purpose writer for OpenSSL PEM objects.
- * @deprecated use JcaPEMWriter
- */
-public class PEMWriter
-    extends PemWriter
-{
-    /**
-     * Base constructor.
-     * 
-     * @param out output stream to use.
-     */
-    public PEMWriter(Writer out)
-    {
-        super(out);
-    }
-
-    /**
-     * @throws IOException
-     */
-    public void writeObject(
-        Object  obj)
-        throws IOException
-    {
-        writeObject(obj, null);
-    }
-
-    /**
-     * @param obj
-     * @param encryptor
-     * @throws IOException
-     */
-    public void writeObject(
-        Object  obj,
-        PEMEncryptor encryptor)
-        throws IOException
-    {
-        try
-        {
-            super.writeObject(new JcaMiscPEMGenerator(obj, encryptor));
-        }
-        catch (PemGenerationException e)
-        {
-            if (e.getCause() instanceof IOException)
-            {
-                throw (IOException)e.getCause();
-            }
-
-            throw e;
-        }
-    }
-
-    public void writeObject(
-        PemObjectGenerator obj)
-        throws IOException
-    {
-        super.writeObject(obj);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/PKCS8Generator.java b/bcpkix/src/main/java/org/bouncycastle/openssl/PKCS8Generator.java
deleted file mode 100644
index cbabdf6..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/PKCS8Generator.java
+++ /dev/null

@@ -1,102 +0,0 @@
-package org.bouncycastle.openssl;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.operator.OutputEncryptor;
-import org.bouncycastle.util.io.pem.PemGenerationException;
-import org.bouncycastle.util.io.pem.PemObject;
-import org.bouncycastle.util.io.pem.PemObjectGenerator;
-
-public class PKCS8Generator
-    implements PemObjectGenerator
-{
-    public static final ASN1ObjectIdentifier AES_128_CBC = NISTObjectIdentifiers.id_aes128_CBC;
-    public static final ASN1ObjectIdentifier AES_192_CBC = NISTObjectIdentifiers.id_aes192_CBC;
-    public static final ASN1ObjectIdentifier AES_256_CBC = NISTObjectIdentifiers.id_aes256_CBC;
-
-    public static final ASN1ObjectIdentifier DES3_CBC = PKCSObjectIdentifiers.des_EDE3_CBC;
-
-    public static final ASN1ObjectIdentifier PBE_SHA1_RC4_128 = PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC4;
-    public static final ASN1ObjectIdentifier PBE_SHA1_RC4_40 = PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC4;
-    public static final ASN1ObjectIdentifier PBE_SHA1_3DES = PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC;
-    public static final ASN1ObjectIdentifier PBE_SHA1_2DES = PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC;
-    public static final ASN1ObjectIdentifier PBE_SHA1_RC2_128 = PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC2_CBC;
-    public static final ASN1ObjectIdentifier PBE_SHA1_RC2_40 = PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC2_CBC;
-
-    public static final AlgorithmIdentifier PRF_HMACSHA1 = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_hmacWithSHA1, DERNull.INSTANCE);
-    public static final AlgorithmIdentifier PRF_HMACSHA224 = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_hmacWithSHA224, DERNull.INSTANCE);
-    public static final AlgorithmIdentifier PRF_HMACSHA256 = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_hmacWithSHA256, DERNull.INSTANCE);
-    public static final AlgorithmIdentifier PRF_HMACSHA384 = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_hmacWithSHA384, DERNull.INSTANCE);
-    public static final AlgorithmIdentifier PRF_HMACSHA512 = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_hmacWithSHA512, DERNull.INSTANCE);
-    public static final AlgorithmIdentifier PRF_HMACGOST3411 = new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3411Hmac, DERNull.INSTANCE);
-
-    public static final AlgorithmIdentifier PRF_HMACSHA3_224 = new AlgorithmIdentifier(NISTObjectIdentifiers.id_hmacWithSHA3_224, DERNull.INSTANCE);
-    public static final AlgorithmIdentifier PRF_HMACSHA3_256 = new AlgorithmIdentifier(NISTObjectIdentifiers.id_hmacWithSHA3_256, DERNull.INSTANCE);
-    public static final AlgorithmIdentifier PRF_HMACSHA3_384 = new AlgorithmIdentifier(NISTObjectIdentifiers.id_hmacWithSHA3_384, DERNull.INSTANCE);
-    public static final AlgorithmIdentifier PRF_HMACSHA3_512 = new AlgorithmIdentifier(NISTObjectIdentifiers.id_hmacWithSHA3_512, DERNull.INSTANCE);
-
-    private PrivateKeyInfo key;
-    private OutputEncryptor outputEncryptor;
-
-    /**
-     * Base constructor.
-     */
-    public PKCS8Generator(PrivateKeyInfo key, OutputEncryptor outputEncryptor)
-    {
-        this.key = key;
-        this.outputEncryptor = outputEncryptor;
-    }
-
-    public PemObject generate()
-        throws PemGenerationException
-    {
-        if (outputEncryptor != null)
-        {
-            return generate(key, outputEncryptor);
-        }
-        else
-        {
-            return generate(key, null);
-        }
-    }
-
-    private PemObject generate(PrivateKeyInfo key, OutputEncryptor encryptor)
-        throws PemGenerationException
-    {
-        try
-        {
-            byte[] keyData = key.getEncoded();
-
-            if (encryptor == null)
-            {
-                return new PemObject("PRIVATE KEY", keyData);
-            }
-
-            ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-            OutputStream cOut = encryptor.getOutputStream(bOut);
-
-            cOut.write(key.getEncoded());
-
-            cOut.close();
-
-            EncryptedPrivateKeyInfo info = new EncryptedPrivateKeyInfo(encryptor.getAlgorithmIdentifier(), bOut.toByteArray());
-
-            return new PemObject("ENCRYPTED PRIVATE KEY", info.getEncoded());
-        }
-        catch (IOException e)
-        {
-            throw new PemGenerationException("unable to process encoded key data: " + e.getMessage(), e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/PasswordException.java b/bcpkix/src/main/java/org/bouncycastle/openssl/PasswordException.java
deleted file mode 100644
index 89625e7..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/PasswordException.java
+++ /dev/null

@@ -1,10 +0,0 @@
-package org.bouncycastle.openssl;
-
-public class PasswordException
-    extends PEMException
-{
-    public PasswordException(String msg)
-    {
-        super(msg);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/PasswordFinder.java b/bcpkix/src/main/java/org/bouncycastle/openssl/PasswordFinder.java
deleted file mode 100644
index 99f9872..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/PasswordFinder.java
+++ /dev/null

@@ -1,10 +0,0 @@
-package org.bouncycastle.openssl;
-
-/**
- * call back to allow a password to be fetched when one is requested.
- * @deprecated no longer used.
- */
-public interface PasswordFinder
-{
-    public char[] getPassword();
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/X509TrustedCertificateBlock.java b/bcpkix/src/main/java/org/bouncycastle/openssl/X509TrustedCertificateBlock.java
deleted file mode 100644
index 386e74c..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/X509TrustedCertificateBlock.java
+++ /dev/null

@@ -1,68 +0,0 @@
-package org.bouncycastle.openssl;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Holder for an OpenSSL trusted certificate block.
- */
-public class X509TrustedCertificateBlock
-{
-    private final X509CertificateHolder certificateHolder;
-    private final CertificateTrustBlock trustBlock;
-
-    public X509TrustedCertificateBlock(X509CertificateHolder certificateHolder, CertificateTrustBlock trustBlock)
-    {
-        this.certificateHolder = certificateHolder;
-        this.trustBlock = trustBlock;
-    }
-
-    public X509TrustedCertificateBlock(byte[] encoding)
-        throws IOException
-    {
-        ASN1InputStream aIn = new ASN1InputStream(encoding);
-
-        this.certificateHolder = new X509CertificateHolder(aIn.readObject().getEncoded());
-
-        ASN1Object tBlock = aIn.readObject();
-
-        if (tBlock != null)
-        {
-            this.trustBlock = new CertificateTrustBlock(tBlock.getEncoded());
-        }
-        else
-        {
-            this.trustBlock = null;
-        }
-    }
-
-    public byte[] getEncoded()
-        throws IOException
-    {
-        return Arrays.concatenate(certificateHolder.getEncoded(), trustBlock.toASN1Sequence().getEncoded());
-    }
-
-    /**
-     * Return the certificate associated with this Trusted Certificate
-     *
-     * @return the certificate holder.
-     */
-    public X509CertificateHolder getCertificateHolder()
-    {
-        return certificateHolder;
-    }
-
-    /**
-     * Return the trust block associated with this Trusted Certificate
-     *
-     * @return the trust block.
-     */
-    public CertificateTrustBlock getTrustBlock()
-    {
-        return trustBlock;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/bc/BcPEMDecryptorProvider.java b/bcpkix/src/main/java/org/bouncycastle/openssl/bc/BcPEMDecryptorProvider.java
deleted file mode 100644
index d387da8..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/bc/BcPEMDecryptorProvider.java
+++ /dev/null

@@ -1,34 +0,0 @@
-package org.bouncycastle.openssl.bc;
-
-import org.bouncycastle.openssl.PEMDecryptor;
-import org.bouncycastle.openssl.PEMDecryptorProvider;
-import org.bouncycastle.openssl.PEMException;
-import org.bouncycastle.openssl.PasswordException;
-
-public class BcPEMDecryptorProvider
-    implements PEMDecryptorProvider
-{
-    private final char[] password;
-
-    public BcPEMDecryptorProvider(char[] password)
-    {
-        this.password = password;
-    }
-
-    public PEMDecryptor get(final String dekAlgName)
-    {
-        return new PEMDecryptor()
-        {
-            public byte[] decrypt(byte[] keyBytes, byte[] iv)
-                throws PEMException
-            {
-                if (password == null)
-                {
-                    throw new PasswordException("Password is null, but a password is required");
-                }
-
-                return PEMUtilities.crypt(false, keyBytes, password, dekAlgName, iv);
-            }
-        };
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/bc/PEMUtilities.java b/bcpkix/src/main/java/org/bouncycastle/openssl/bc/PEMUtilities.java
deleted file mode 100644
index 57a1228..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/bc/PEMUtilities.java
+++ /dev/null

@@ -1,297 +0,0 @@
-package org.bouncycastle.openssl.bc;
-
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Set;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.PBEParametersGenerator;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.engines.AESEngine;
-import org.bouncycastle.crypto.engines.BlowfishEngine;
-import org.bouncycastle.crypto.engines.DESEngine;
-import org.bouncycastle.crypto.engines.DESedeEngine;
-import org.bouncycastle.crypto.engines.RC2Engine;
-import org.bouncycastle.crypto.generators.OpenSSLPBEParametersGenerator;
-import org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.modes.CFBBlockCipher;
-import org.bouncycastle.crypto.modes.OFBBlockCipher;
-import org.bouncycastle.crypto.paddings.BlockCipherPadding;
-import org.bouncycastle.crypto.paddings.PKCS7Padding;
-import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.crypto.params.RC2Parameters;
-import org.bouncycastle.openssl.EncryptionException;
-import org.bouncycastle.openssl.PEMException;
-import org.bouncycastle.util.Integers;
-
-class PEMUtilities
-{
-    private static final Map KEYSIZES = new HashMap();
-    private static final Set PKCS5_SCHEME_1 = new HashSet();
-    private static final Set PKCS5_SCHEME_2 = new HashSet();
-
-    static
-    {
-        PKCS5_SCHEME_1.add(PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC);
-        PKCS5_SCHEME_1.add(PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC);
-        PKCS5_SCHEME_1.add(PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC);
-        PKCS5_SCHEME_1.add(PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC);
-        PKCS5_SCHEME_1.add(PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC);
-        PKCS5_SCHEME_1.add(PKCSObjectIdentifiers.pbeWithSHA1AndRC2_CBC);
-
-        PKCS5_SCHEME_2.add(PKCSObjectIdentifiers.id_PBES2);
-        PKCS5_SCHEME_2.add(PKCSObjectIdentifiers.des_EDE3_CBC);
-        PKCS5_SCHEME_2.add(NISTObjectIdentifiers.id_aes128_CBC);
-        PKCS5_SCHEME_2.add(NISTObjectIdentifiers.id_aes192_CBC);
-        PKCS5_SCHEME_2.add(NISTObjectIdentifiers.id_aes256_CBC);
-
-        KEYSIZES.put(PKCSObjectIdentifiers.des_EDE3_CBC.getId(), Integers.valueOf(192));
-        KEYSIZES.put(NISTObjectIdentifiers.id_aes128_CBC.getId(), Integers.valueOf(128));
-        KEYSIZES.put(NISTObjectIdentifiers.id_aes192_CBC.getId(), Integers.valueOf(192));
-        KEYSIZES.put(NISTObjectIdentifiers.id_aes256_CBC.getId(), Integers.valueOf(256));
-        KEYSIZES.put(PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC4.getId(), Integers.valueOf(128));
-        KEYSIZES.put(PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC4, Integers.valueOf(40));
-        KEYSIZES.put(PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC, Integers.valueOf(128));
-        KEYSIZES.put(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, Integers.valueOf(192));
-        KEYSIZES.put(PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC2_CBC, Integers.valueOf(128));
-        KEYSIZES.put(PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC2_CBC, Integers.valueOf(40));
-    }
-
-    static int getKeySize(String algorithm)
-    {
-        if (!KEYSIZES.containsKey(algorithm))
-        {
-            throw new IllegalStateException("no key size for algorithm: " + algorithm);
-        }
-        
-        return ((Integer)KEYSIZES.get(algorithm)).intValue();
-    }
-
-    static boolean isPKCS5Scheme1(ASN1ObjectIdentifier algOid)
-    {
-        return PKCS5_SCHEME_1.contains(algOid);
-    }
-
-    static boolean isPKCS5Scheme2(ASN1ObjectIdentifier algOid)
-    {
-        return PKCS5_SCHEME_2.contains(algOid);
-    }
-
-    public static boolean isPKCS12(ASN1ObjectIdentifier algOid)
-    {
-        return algOid.getId().startsWith(PKCSObjectIdentifiers.pkcs_12PbeIds.getId());
-    }
-
-    public static KeyParameter generateSecretKeyForPKCS5Scheme2(String algorithm, char[] password, byte[] salt, int iterationCount)
-    {
-        PBEParametersGenerator paramsGen = new PKCS5S2ParametersGenerator(new SHA1Digest());
-
-        paramsGen.init(PBEParametersGenerator.PKCS5PasswordToBytes(password), salt, iterationCount);
-
-        return (KeyParameter)paramsGen.generateDerivedParameters(PEMUtilities.getKeySize(algorithm));
-    }
-
-    static byte[] crypt(
-        boolean encrypt,
-        byte[]  bytes,
-        char[]  password,
-        String  dekAlgName,
-        byte[]  iv)
-        throws PEMException
-    {
-        byte[]             ivValue = iv;
-        String             blockMode = "CBC";
-        BlockCipher        engine;
-        BlockCipherPadding padding = new PKCS7Padding();
-        KeyParameter       sKey;
-
-        // Figure out block mode and padding.
-        if (dekAlgName.endsWith("-CFB"))
-        {
-            blockMode = "CFB";
-            padding = null;
-        }
-        if (dekAlgName.endsWith("-ECB") ||
-            "DES-EDE".equals(dekAlgName) ||
-            "DES-EDE3".equals(dekAlgName))
-        {
-            // ECB is actually the default (though seldom used) when OpenSSL
-            // uses DES-EDE (des2) or DES-EDE3 (des3).
-            blockMode = "ECB";
-            ivValue = null;
-        }
-        if (dekAlgName.endsWith("-OFB"))
-        {
-            blockMode = "OFB";
-            padding = null;
-        }
-
-        // Figure out algorithm and key size.
-        if (dekAlgName.startsWith("DES-EDE"))
-        {
-            // "DES-EDE" is actually des2 in OpenSSL-speak!
-            // "DES-EDE3" is des3.
-            boolean des2 = !dekAlgName.startsWith("DES-EDE3");
-            sKey = getKey(password, 24, iv, des2);
-            engine = new DESedeEngine();
-        }
-        else if (dekAlgName.startsWith("DES-"))
-        {
-            sKey = getKey(password, 8, iv);
-            engine = new DESEngine();
-        }
-        else if (dekAlgName.startsWith("BF-"))
-        {
-            sKey = getKey(password, 16, iv);
-            engine = new BlowfishEngine();
-        }
-        else if (dekAlgName.startsWith("RC2-"))
-        {
-            int keyBits = 128;
-            if (dekAlgName.startsWith("RC2-40-"))
-            {
-                keyBits = 40;
-            }
-            else if (dekAlgName.startsWith("RC2-64-"))
-            {
-                keyBits = 64;
-            }
-            sKey = new RC2Parameters(getKey(password, keyBits / 8, iv).getKey(), keyBits);;
-            engine = new RC2Engine();
-        }
-        else if (dekAlgName.startsWith("AES-"))
-        {
-            byte[] salt = iv;
-            if (salt.length > 8)
-            {
-                salt = new byte[8];
-                System.arraycopy(iv, 0, salt, 0, 8);
-            }
-
-            int keyBits;
-            if (dekAlgName.startsWith("AES-128-"))
-            {
-                keyBits = 128;
-            }
-            else if (dekAlgName.startsWith("AES-192-"))
-            {
-                keyBits = 192;
-            }
-            else if (dekAlgName.startsWith("AES-256-"))
-            {
-                keyBits = 256;
-            }
-            else
-            {
-                throw new EncryptionException("unknown AES encryption with private key: " + dekAlgName);
-            }
-            sKey = getKey(password, keyBits / 8, salt);
-            engine = new AESEngine();
-        }
-        else
-        {
-            throw new EncryptionException("unknown encryption with private key: " + dekAlgName);
-        }
-
-        if (blockMode.equals("CBC"))
-        {
-            engine = new CBCBlockCipher(engine);
-        }
-        else if (blockMode.equals("CFB"))
-        {
-            engine = new CFBBlockCipher(engine, engine.getBlockSize() * 8);
-        }
-        else if (blockMode.equals("OFB"))
-        {
-            engine = new OFBBlockCipher(engine, engine.getBlockSize() * 8);
-        }
-
-        try
-        {
-            BufferedBlockCipher c;
-            if (padding == null)
-            {
-                c = new BufferedBlockCipher(engine);
-            }
-            else
-            {
-                c = new PaddedBufferedBlockCipher(engine, padding);
-            }
-
-            if (ivValue == null) // ECB block mode
-            {
-                c.init(encrypt, sKey);
-            }
-            else
-            {
-                c.init(encrypt, new ParametersWithIV(sKey, ivValue));
-            }
-
-            byte[] out = new byte[c.getOutputSize(bytes.length)];
-
-            int procLen = c.processBytes(bytes, 0, bytes.length, out, 0);
-
-            procLen += c.doFinal(out, procLen);
-
-            if (procLen == out.length)
-            {
-                return out;
-            }
-            else
-            {
-                byte[] rv = new byte[procLen];
-
-                System.arraycopy(out, 0, rv, 0, procLen);
-
-                return rv;
-            }
-        }
-        catch (Exception e)
-        {
-            throw new EncryptionException("exception using cipher - please check password and data.", e);
-        }
-    }
-
-    private static KeyParameter getKey(
-        char[]  password,
-        int     keyLength,
-        byte[]  salt)
-        throws PEMException
-    {
-        return getKey(password, keyLength, salt, false);
-    }
-
-    private static KeyParameter getKey(
-        char[]  password,
-        int     keyLength,
-        byte[]  salt,
-        boolean des2)
-        throws PEMException
-    {
-        PBEParametersGenerator paramsGen = new OpenSSLPBEParametersGenerator();
-
-        paramsGen.init(PBEParametersGenerator.PKCS5PasswordToBytes(password), salt, 1);
-
-        KeyParameter kp = (KeyParameter)paramsGen.generateDerivedParameters(keyLength * 8);
-
-        if (des2 && kp.getKey().length == 24)
-        {
-            // For DES2, we must copy first 8 bytes into the last 8 bytes.
-            byte[] key = kp.getKey();
-
-            System.arraycopy(key, 0, key, 16, 8);
-
-            return new KeyParameter(key);
-        }
-
-        return kp;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/JcaMiscPEMGenerator.java b/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/JcaMiscPEMGenerator.java
deleted file mode 100644
index 247c53b..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/JcaMiscPEMGenerator.java
+++ /dev/null

@@ -1,86 +0,0 @@
-package org.bouncycastle.openssl.jcajce;
-
-import java.io.IOException;
-import java.security.Key;
-import java.security.KeyPair;
-import java.security.PrivateKey;
-import java.security.Provider;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.cert.CRLException;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.X509CRL;
-import java.security.cert.X509Certificate;
-
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.cert.jcajce.JcaX509CRLHolder;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
-import org.bouncycastle.openssl.MiscPEMGenerator;
-import org.bouncycastle.openssl.PEMEncryptor;
-
-/**
- * PEM generator for the original set of PEM objects used in Open SSL.
- */
-public class JcaMiscPEMGenerator
-    extends MiscPEMGenerator
-{
-    private Object obj;
-    private String algorithm;
-    private char[] password;
-    private SecureRandom random;
-    private Provider provider;
-
-    public JcaMiscPEMGenerator(Object o)
-        throws IOException
-    {
-        super(convertObject(o));
-    }
-
-    public JcaMiscPEMGenerator(Object o, PEMEncryptor encryptor)
-        throws IOException
-    {
-        super(convertObject(o), encryptor);
-    }
-
-    private static Object convertObject(Object o)
-        throws IOException
-    {
-        if (o instanceof X509Certificate)
-        {
-            try
-            {
-                return new JcaX509CertificateHolder((X509Certificate)o);
-            }
-            catch (CertificateEncodingException e)
-            {
-                throw new IllegalArgumentException("Cannot encode object: " + e.toString());
-            }
-        }
-        else if (o instanceof X509CRL)
-        {
-            try
-            {
-                return new JcaX509CRLHolder((X509CRL)o);
-            }
-            catch (CRLException e)
-            {
-                throw new IllegalArgumentException("Cannot encode object: " + e.toString());
-            }
-        }
-        else if (o instanceof KeyPair)
-        {
-            return convertObject(((KeyPair)o).getPrivate());
-        }
-        else if (o instanceof PrivateKey)
-        {
-            return PrivateKeyInfo.getInstance(((Key)o).getEncoded());
-        }
-        else if (o instanceof PublicKey)
-        {
-            return SubjectPublicKeyInfo.getInstance(((PublicKey)o).getEncoded());
-        }
-
-        return o;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/JcaPEMKeyConverter.java b/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/JcaPEMKeyConverter.java
deleted file mode 100644
index 38ffe69..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/JcaPEMKeyConverter.java
+++ /dev/null

@@ -1,127 +0,0 @@
-package org.bouncycastle.openssl.jcajce;
-
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PrivateKey;
-import java.security.Provider;
-import java.security.PublicKey;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
-import org.bouncycastle.jcajce.util.JcaJceHelper;
-import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
-import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
-import org.bouncycastle.openssl.PEMException;
-import org.bouncycastle.openssl.PEMKeyPair;
-
-public class JcaPEMKeyConverter
-{
-    private JcaJceHelper helper = new DefaultJcaJceHelper();
-
-    private static final Map algorithms = new HashMap();
-
-    static
-    {
-        algorithms.put(X9ObjectIdentifiers.id_ecPublicKey, "ECDSA");
-        algorithms.put(PKCSObjectIdentifiers.rsaEncryption, "RSA");
-        algorithms.put(X9ObjectIdentifiers.id_dsa, "DSA");
-    }
-
-    public JcaPEMKeyConverter setProvider(Provider provider)
-    {
-        this.helper = new ProviderJcaJceHelper(provider);
-
-        return this;
-    }
-
-    public JcaPEMKeyConverter setProvider(String providerName)
-    {
-        this.helper = new NamedJcaJceHelper(providerName);
-
-        return this;
-    }
-
-    public KeyPair getKeyPair(PEMKeyPair keyPair)
-        throws PEMException
-    {
-        try
-        {
-            KeyFactory keyFactory = getKeyFactory(keyPair.getPrivateKeyInfo().getPrivateKeyAlgorithm());
-
-            return new KeyPair(keyFactory.generatePublic(new X509EncodedKeySpec(keyPair.getPublicKeyInfo().getEncoded())),
-                                keyFactory.generatePrivate(new PKCS8EncodedKeySpec(keyPair.getPrivateKeyInfo().getEncoded())));
-        }
-        catch (Exception e)
-        {
-            throw new PEMException("unable to convert key pair: " + e.getMessage(), e);
-        }
-    }
-
-    public PublicKey getPublicKey(SubjectPublicKeyInfo publicKeyInfo)
-        throws PEMException
-    {
-        try
-        {
-            KeyFactory keyFactory = getKeyFactory(publicKeyInfo.getAlgorithm());
-
-            return keyFactory.generatePublic(new X509EncodedKeySpec(publicKeyInfo.getEncoded()));
-        }
-        catch (Exception e)
-        {
-            throw new PEMException("unable to convert key pair: " + e.getMessage(), e);
-        }
-    }
-
-    public PrivateKey getPrivateKey(PrivateKeyInfo privateKeyInfo)
-        throws PEMException
-    {
-        try
-        {
-            KeyFactory keyFactory = getKeyFactory(privateKeyInfo.getPrivateKeyAlgorithm());
-
-            return keyFactory.generatePrivate(new PKCS8EncodedKeySpec(privateKeyInfo.getEncoded()));
-        }
-        catch (Exception e)
-        {
-            throw new PEMException("unable to convert key pair: " + e.getMessage(), e);
-        }
-    }
-
-    private KeyFactory getKeyFactory(AlgorithmIdentifier algId)
-        throws NoSuchAlgorithmException, NoSuchProviderException
-    {
-        ASN1ObjectIdentifier algorithm =  algId.getAlgorithm();
-
-        String algName = (String)algorithms.get(algorithm);
-
-        if (algName == null)
-        {
-            algName = algorithm.getId();
-        }
-
-        try
-        {
-            return helper.createKeyFactory(algName);
-        }
-        catch (NoSuchAlgorithmException e)
-        {
-            if (algName.equals("ECDSA"))
-            {
-                return helper.createKeyFactory("EC"); // try a fall back
-            }
-
-            throw e;
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/JcaPEMWriter.java b/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/JcaPEMWriter.java
deleted file mode 100644
index 423f950..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/JcaPEMWriter.java
+++ /dev/null

@@ -1,68 +0,0 @@
-package org.bouncycastle.openssl.jcajce;
-
-import java.io.IOException;
-import java.io.Writer;
-
-import org.bouncycastle.openssl.PEMEncryptor;
-import org.bouncycastle.util.io.pem.PemGenerationException;
-import org.bouncycastle.util.io.pem.PemObjectGenerator;
-import org.bouncycastle.util.io.pem.PemWriter;
-
-/**
- * General purpose writer for OpenSSL PEM objects based on JCA/JCE classes.
- */
-public class JcaPEMWriter
-    extends PemWriter
-{
-    /**
-     * Base constructor.
-     *
-     * @param out output stream to use.
-     */
-    public JcaPEMWriter(Writer out)
-    {
-        super(out);
-    }
-
-    /**
-     * @throws java.io.IOException
-     */
-    public void writeObject(
-        Object  obj)
-        throws IOException
-    {
-        writeObject(obj, null);
-    }
-
-    /**
-     * @param obj
-     * @param encryptor
-     * @throws java.io.IOException
-     */
-    public void writeObject(
-        Object  obj,
-        PEMEncryptor encryptor)
-        throws IOException
-    {
-        try
-        {
-            super.writeObject(new JcaMiscPEMGenerator(obj, encryptor));
-        }
-        catch (PemGenerationException e)
-        {
-            if (e.getCause() instanceof IOException)
-            {
-                throw (IOException)e.getCause();
-            }
-
-            throw e;
-        }
-    }
-
-    public void writeObject(
-        PemObjectGenerator obj)
-        throws IOException
-    {
-        super.writeObject(obj);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/JcaPKCS8Generator.java b/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/JcaPKCS8Generator.java
deleted file mode 100644
index 261dcec..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/JcaPKCS8Generator.java
+++ /dev/null

@@ -1,18 +0,0 @@
-package org.bouncycastle.openssl.jcajce;
-
-import java.security.PrivateKey;
-
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.openssl.PKCS8Generator;
-import org.bouncycastle.operator.OutputEncryptor;
-import org.bouncycastle.util.io.pem.PemGenerationException;
-
-public class JcaPKCS8Generator
-    extends PKCS8Generator
-{
-    public JcaPKCS8Generator(PrivateKey key, OutputEncryptor encryptor)
-         throws PemGenerationException
-    {
-         super(PrivateKeyInfo.getInstance(key.getEncoded()), encryptor);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/JcaPKIXIdentityBuilder.java b/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/JcaPKIXIdentityBuilder.java
deleted file mode 100644
index 4573354..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/JcaPKIXIdentityBuilder.java
+++ /dev/null

@@ -1,134 +0,0 @@
-package org.bouncycastle.openssl.jcajce;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.security.PrivateKey;
-import java.security.Provider;
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.List;
-
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
-import org.bouncycastle.openssl.PEMKeyPair;
-import org.bouncycastle.openssl.PEMParser;
-import org.bouncycastle.pkix.jcajce.JcaPKIXIdentity;
-
-/**
- * Builder for a private/public identity object representing a "user"
- */
-public class JcaPKIXIdentityBuilder
-{
-    private JcaPEMKeyConverter keyConverter = new JcaPEMKeyConverter();
-    private JcaX509CertificateConverter certConverter = new JcaX509CertificateConverter();
-
-    public JcaPKIXIdentityBuilder()
-    {
-
-    }
-
-    public JcaPKIXIdentityBuilder setProvider(Provider provider)
-    {
-        this.keyConverter = keyConverter.setProvider(provider);
-        this.certConverter = certConverter.setProvider(provider);
-
-        return this;
-    }
-
-    public JcaPKIXIdentityBuilder setProvider(String providerName)
-    {
-        this.keyConverter = keyConverter.setProvider(providerName);
-        this.certConverter = certConverter.setProvider(providerName);
-
-        return this;
-    }
-
-    /**
-     * Build an identity from the passed in key and certificate file in PEM format.
-     *
-     * @param keyFile  the PEM file containing the key
-     * @param certificateFile the PEM file containing the certificate
-     * @return an identity object.
-     * @throws IOException on a general parsing error.
-     * @throws CertificateException on a certificate parsing error.
-     */
-    public JcaPKIXIdentity build(File keyFile, File certificateFile)
-        throws IOException, CertificateException
-    {
-        checkFile(keyFile);
-        checkFile(certificateFile);
-
-        FileInputStream keyStream = new FileInputStream(keyFile);
-        FileInputStream certificateStream = new FileInputStream(certificateFile);
-
-        JcaPKIXIdentity rv =  build(keyStream, certificateStream);
-
-        keyStream.close();
-        certificateStream.close();
-
-        return rv;
-    }
-
-    /**
-     * Build an identity from the passed in key and certificate stream in PEM format.
-     *
-     * @param keyStream  the PEM stream containing the key
-     * @param certificateStream the PEM stream containing the certificate
-     * @return an identity object.
-     * @throws IOException on a general parsing error.
-     * @throws CertificateException on a certificate parsing error.
-     */
-    public JcaPKIXIdentity build(InputStream keyStream, InputStream certificateStream)
-        throws IOException, CertificateException
-    {
-        PEMParser keyParser = new PEMParser(new InputStreamReader(keyStream));
-
-        PrivateKey privKey;
-
-        Object keyObj = keyParser.readObject();
-        if (keyObj instanceof PEMKeyPair)
-        {
-            PEMKeyPair kp = (PEMKeyPair)keyObj;
-
-            privKey = keyConverter.getPrivateKey(kp.getPrivateKeyInfo());
-        }
-        else if (keyObj instanceof PrivateKeyInfo)
-        {
-            privKey = keyConverter.getPrivateKey((PrivateKeyInfo)keyObj);
-        }
-        else
-        {
-            throw new IOException("unrecognised private key file"); // TODO: handle encrypted private keys
-        }
-
-        PEMParser certParser = new PEMParser(new InputStreamReader(certificateStream));
-
-        List certs = new ArrayList();
-        Object certObj;
-        while ((certObj = certParser.readObject()) != null)
-        {
-            certs.add(certConverter.getCertificate((X509CertificateHolder)certObj));
-        }
-
-        return new JcaPKIXIdentity(privKey, (X509Certificate[])certs.toArray(new X509Certificate[certs.size()]));
-    }
-
-    private void checkFile(File file)
-        throws IOException
-    {
-        if (file.canRead())
-        {
-            if (file.exists())
-            {
-                throw new IOException("Unable to open file " + file.getPath() + " for reading.");
-            }
-            throw new FileNotFoundException("Unable to open " + file.getPath() + ": it does not exist.");
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/JceOpenSSLPKCS8DecryptorProviderBuilder.java b/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/JceOpenSSLPKCS8DecryptorProviderBuilder.java
deleted file mode 100644
index 762719d..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/JceOpenSSLPKCS8DecryptorProviderBuilder.java
+++ /dev/null

@@ -1,157 +0,0 @@
-package org.bouncycastle.openssl.jcajce;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.AlgorithmParameters;
-import java.security.GeneralSecurityException;
-import java.security.Provider;
-
-import javax.crypto.Cipher;
-import javax.crypto.CipherInputStream;
-import javax.crypto.SecretKey;
-
-import org.bouncycastle.asn1.pkcs.EncryptionScheme;
-import org.bouncycastle.asn1.pkcs.KeyDerivationFunc;
-import org.bouncycastle.asn1.pkcs.PBEParameter;
-import org.bouncycastle.asn1.pkcs.PBES2Parameters;
-import org.bouncycastle.asn1.pkcs.PBKDF2Params;
-import org.bouncycastle.asn1.pkcs.PKCS12PBEParams;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.CharToByteConverter;
-import org.bouncycastle.jcajce.PBKDF1KeyWithParameters;
-import org.bouncycastle.jcajce.PKCS12KeyWithParameters;
-import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
-import org.bouncycastle.jcajce.util.JcaJceHelper;
-import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
-import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
-import org.bouncycastle.openssl.PEMException;
-import org.bouncycastle.operator.InputDecryptor;
-import org.bouncycastle.operator.InputDecryptorProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.util.Strings;
-
-/**
- * DecryptorProviderBuilder for producing DecryptorProvider for use with PKCS8EncryptedPrivateKeyInfo.
- */
-public class JceOpenSSLPKCS8DecryptorProviderBuilder
-{
-    private JcaJceHelper helper;
-
-    public JceOpenSSLPKCS8DecryptorProviderBuilder()
-    {
-        helper = new DefaultJcaJceHelper();
-    }
-
-    public JceOpenSSLPKCS8DecryptorProviderBuilder setProvider(String providerName)
-    {
-        helper = new NamedJcaJceHelper(providerName);
-
-        return this;
-    }
-
-    public JceOpenSSLPKCS8DecryptorProviderBuilder setProvider(Provider provider)
-    {
-        helper = new ProviderJcaJceHelper(provider);
-
-        return this;
-    }
-
-    public InputDecryptorProvider build(final char[] password)
-        throws OperatorCreationException
-    {
-        return new InputDecryptorProvider()
-        {
-            public InputDecryptor get(final AlgorithmIdentifier algorithm)
-                throws OperatorCreationException
-            {
-                final Cipher cipher;
-
-                try
-                {
-                    if (PEMUtilities.isPKCS5Scheme2(algorithm.getAlgorithm()))
-                    {
-                        PBES2Parameters params = PBES2Parameters.getInstance(algorithm.getParameters());
-                        KeyDerivationFunc func = params.getKeyDerivationFunc();
-                        EncryptionScheme scheme = params.getEncryptionScheme();
-                        PBKDF2Params defParams = (PBKDF2Params)func.getParameters();
-
-                        int iterationCount = defParams.getIterationCount().intValue();
-                        byte[] salt = defParams.getSalt();
-
-                        String oid = scheme.getAlgorithm().getId();
-
-                        SecretKey key;
-
-                        if (PEMUtilities.isHmacSHA1(defParams.getPrf()))
-                        {
-                            key = PEMUtilities.generateSecretKeyForPKCS5Scheme2(helper, oid, password, salt, iterationCount);
-                        }
-                        else
-                        {
-                            key = PEMUtilities.generateSecretKeyForPKCS5Scheme2(helper, oid, password, salt, iterationCount, defParams.getPrf());
-                        }
-                        
-                        cipher = helper.createCipher(oid);
-                        AlgorithmParameters algParams = helper.createAlgorithmParameters(oid);
-
-                        algParams.init(scheme.getParameters().toASN1Primitive().getEncoded());
-
-                        cipher.init(Cipher.DECRYPT_MODE, key, algParams);
-                    }
-                    else if (PEMUtilities.isPKCS12(algorithm.getAlgorithm()))
-                    {
-                        PKCS12PBEParams params = PKCS12PBEParams.getInstance(algorithm.getParameters());
-
-                        cipher = helper.createCipher(algorithm.getAlgorithm().getId());
-
-                        cipher.init(Cipher.DECRYPT_MODE, new PKCS12KeyWithParameters(password, params.getIV(), params.getIterations().intValue()));
-                    }
-                    else if (PEMUtilities.isPKCS5Scheme1(algorithm.getAlgorithm()))
-                    {
-                        PBEParameter params = PBEParameter.getInstance(algorithm.getParameters());
-
-                        cipher = helper.createCipher(algorithm.getAlgorithm().getId());
-
-                        cipher.init(Cipher.DECRYPT_MODE, new PBKDF1KeyWithParameters(password, new CharToByteConverter()
-                        {
-                            public String getType()
-                            {
-                                return "ASCII";
-                            }
-
-                            public byte[] convert(char[] password)
-                            {
-                                return Strings.toByteArray(password);     // just drop hi-order byte.
-                            }
-                        }, params.getSalt(), params.getIterationCount().intValue()));
-                    }
-                    else
-                    {
-                        throw new PEMException("Unknown algorithm: " + algorithm.getAlgorithm());
-                    }
-
-                    return new InputDecryptor()
-                    {
-                        public AlgorithmIdentifier getAlgorithmIdentifier()
-                        {
-                            return algorithm;
-                        }
-
-                        public InputStream getInputStream(InputStream encIn)
-                        {
-                            return new CipherInputStream(encIn, cipher);
-                        }
-                    };
-                }
-                catch (IOException e)
-                {
-                    throw new OperatorCreationException(algorithm.getAlgorithm() + " not available: " + e.getMessage(), e);
-                }
-                catch (GeneralSecurityException e)
-                {
-                    throw new OperatorCreationException(algorithm.getAlgorithm() + " not available: " + e.getMessage(), e);
-                }
-            };
-        };
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/JceOpenSSLPKCS8EncryptorBuilder.java b/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/JceOpenSSLPKCS8EncryptorBuilder.java
deleted file mode 100644
index 612b531..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/JceOpenSSLPKCS8EncryptorBuilder.java
+++ /dev/null

@@ -1,237 +0,0 @@
-package org.bouncycastle.openssl.jcajce;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.security.AlgorithmParameterGenerator;
-import java.security.AlgorithmParameters;
-import java.security.GeneralSecurityException;
-import java.security.Provider;
-import java.security.SecureRandom;
-
-import javax.crypto.Cipher;
-import javax.crypto.CipherOutputStream;
-import javax.crypto.SecretKey;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.EncryptionScheme;
-import org.bouncycastle.asn1.pkcs.KeyDerivationFunc;
-import org.bouncycastle.asn1.pkcs.PBES2Parameters;
-import org.bouncycastle.asn1.pkcs.PBKDF2Params;
-import org.bouncycastle.asn1.pkcs.PKCS12PBEParams;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.jcajce.PKCS12KeyWithParameters;
-import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
-import org.bouncycastle.jcajce.util.JcaJceHelper;
-import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
-import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.OutputEncryptor;
-import org.bouncycastle.operator.jcajce.JceGenericKey;
-
-public class JceOpenSSLPKCS8EncryptorBuilder
-{
-    public static final String AES_128_CBC = NISTObjectIdentifiers.id_aes128_CBC.getId();
-    public static final String AES_192_CBC = NISTObjectIdentifiers.id_aes192_CBC.getId();
-    public static final String AES_256_CBC = NISTObjectIdentifiers.id_aes256_CBC.getId();
-
-    public static final String DES3_CBC = PKCSObjectIdentifiers.des_EDE3_CBC.getId();
-
-    public static final String PBE_SHA1_RC4_128 = PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC4.getId();
-    public static final String PBE_SHA1_RC4_40 = PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC4.getId();
-    public static final String PBE_SHA1_3DES = PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC.getId();
-    public static final String PBE_SHA1_2DES = PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC.getId();
-    public static final String PBE_SHA1_RC2_128 = PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC2_CBC.getId();
-    public static final String PBE_SHA1_RC2_40 = PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC2_CBC.getId();
-
-    private JcaJceHelper helper = new DefaultJcaJceHelper();
-
-    private AlgorithmParameters params;
-    private ASN1ObjectIdentifier algOID;
-    byte[] salt;
-    int iterationCount;
-    private Cipher cipher;
-    private SecureRandom random;
-    private AlgorithmParameterGenerator paramGen;
-    private char[] password;
-
-    private SecretKey key;
-    private AlgorithmIdentifier prf = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_hmacWithSHA1, DERNull.INSTANCE);
-
-    public JceOpenSSLPKCS8EncryptorBuilder(ASN1ObjectIdentifier algorithm)
-    {
-        algOID = algorithm;
-
-        this.iterationCount = 2048;
-    }
-
-    public JceOpenSSLPKCS8EncryptorBuilder setRandom(SecureRandom random)
-    {
-        this.random = random;
-
-        return this;
-    }
-
-    public JceOpenSSLPKCS8EncryptorBuilder setPasssword(char[] password)
-    {
-        this.password = password;
-
-        return this;
-    }
-
-    /**
-     * Set the PRF to use for key generation. By default this is HmacSHA1.
-     *
-     * @param prf algorithm id for PRF.
-     *
-     * @return the current builder.
-     */
-    public JceOpenSSLPKCS8EncryptorBuilder setPRF(AlgorithmIdentifier prf)
-    {
-        this.prf = prf;
-
-        return this;
-    }
-
-    public JceOpenSSLPKCS8EncryptorBuilder setIterationCount(int iterationCount)
-    {
-        this.iterationCount = iterationCount;
-
-        return this;
-    }
-
-    public JceOpenSSLPKCS8EncryptorBuilder setProvider(String providerName)
-    {
-        helper = new NamedJcaJceHelper(providerName);
-
-        return this;
-    }
-
-    public JceOpenSSLPKCS8EncryptorBuilder setProvider(Provider provider)
-    {
-        helper = new ProviderJcaJceHelper(provider);
-
-        return this;
-    }
-
-    public OutputEncryptor build()
-        throws OperatorCreationException
-    {
-        final AlgorithmIdentifier algID;
-
-        if (random == null)
-        {
-            random = new SecureRandom();
-        }
-
-        try
-        {
-            this.cipher = helper.createCipher(algOID.getId());
-
-            if (PEMUtilities.isPKCS5Scheme2(algOID))
-            {
-                this.paramGen = helper.createAlgorithmParameterGenerator(algOID.getId());
-            }
-        }
-        catch (GeneralSecurityException e)
-        {
-            throw new OperatorCreationException(algOID + " not available: " + e.getMessage(), e);
-        }
-
-        if (PEMUtilities.isPKCS5Scheme2(algOID))
-        {
-            salt = new byte[PEMUtilities.getSaltSize(prf.getAlgorithm())];
-
-            random.nextBytes(salt);
-
-            params = paramGen.generateParameters();
-
-            try
-            {
-                EncryptionScheme scheme = new EncryptionScheme(algOID, ASN1Primitive.fromByteArray(params.getEncoded()));
-                KeyDerivationFunc func = new KeyDerivationFunc(PKCSObjectIdentifiers.id_PBKDF2, new PBKDF2Params(salt, iterationCount, prf));
-
-                ASN1EncodableVector v = new ASN1EncodableVector();
-
-                v.add(func);
-                v.add(scheme);
-
-                algID = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_PBES2, PBES2Parameters.getInstance(new DERSequence(v)));
-            }
-            catch (IOException e)
-            {
-                throw new OperatorCreationException(e.getMessage(), e);
-            }
-
-            try
-            {
-                if (PEMUtilities.isHmacSHA1(prf))
-                {
-                    key = PEMUtilities.generateSecretKeyForPKCS5Scheme2(helper, algOID.getId(), password, salt, iterationCount);
-                }
-                else
-                {
-                    key = PEMUtilities.generateSecretKeyForPKCS5Scheme2(helper, algOID.getId(), password, salt, iterationCount, prf);
-                }
-
-                cipher.init(Cipher.ENCRYPT_MODE, key, params);
-            }
-            catch (GeneralSecurityException e)
-            {
-                throw new OperatorCreationException(e.getMessage(), e);
-            }
-        }
-        else if (PEMUtilities.isPKCS12(algOID))
-        {
-            ASN1EncodableVector v = new ASN1EncodableVector();
-
-            salt = new byte[20];
-
-            random.nextBytes(salt);
-
-            v.add(new DEROctetString(salt));
-            v.add(new ASN1Integer(iterationCount));
-
-            algID = new AlgorithmIdentifier(algOID, PKCS12PBEParams.getInstance(new DERSequence(v)));
-
-            try
-            {
-                cipher.init(Cipher.ENCRYPT_MODE, new PKCS12KeyWithParameters(password, salt, iterationCount));
-            }
-            catch (GeneralSecurityException e)
-            {
-                throw new OperatorCreationException(e.getMessage(), e);
-            }
-        }
-        else
-        {
-            throw new OperatorCreationException("unknown algorithm: " + algOID, null);
-        }
-
-        return new OutputEncryptor()
-        {
-            public AlgorithmIdentifier getAlgorithmIdentifier()
-            {
-                return algID;
-            }
-
-            public OutputStream getOutputStream(OutputStream encOut)
-            {
-                return new CipherOutputStream(encOut, cipher);
-            }
-
-            public GenericKey getKey()
-            {
-                return new JceGenericKey(algID, key);
-            }
-        };
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/JcePEMDecryptorProviderBuilder.java b/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/JcePEMDecryptorProviderBuilder.java
deleted file mode 100644
index a9d5c5c..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/JcePEMDecryptorProviderBuilder.java
+++ /dev/null

@@ -1,54 +0,0 @@
-package org.bouncycastle.openssl.jcajce;
-
-import java.security.Provider;
-
-import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
-import org.bouncycastle.jcajce.util.JcaJceHelper;
-import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
-import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
-import org.bouncycastle.openssl.PEMDecryptor;
-import org.bouncycastle.openssl.PEMDecryptorProvider;
-import org.bouncycastle.openssl.PEMException;
-import org.bouncycastle.openssl.PasswordException;
-
-public class JcePEMDecryptorProviderBuilder
-{
-    private JcaJceHelper helper = new DefaultJcaJceHelper();
-
-    public JcePEMDecryptorProviderBuilder setProvider(Provider provider)
-    {
-        this.helper = new ProviderJcaJceHelper(provider);
-
-        return this;
-    }
-
-    public JcePEMDecryptorProviderBuilder setProvider(String providerName)
-    {
-        this.helper = new NamedJcaJceHelper(providerName);
-
-        return this;
-    }
-
-    public PEMDecryptorProvider build(final char[] password)
-    {
-        return new PEMDecryptorProvider()
-        {
-            public PEMDecryptor get(final String dekAlgName)
-            {
-                return new PEMDecryptor()
-                {
-                    public byte[] decrypt(byte[] keyBytes, byte[] iv)
-                        throws PEMException
-                    {
-                        if (password == null)
-                        {
-                            throw new PasswordException("Password is null, but a password is required");
-                        }
-
-                        return PEMUtilities.crypt(false, helper, keyBytes, password, dekAlgName, iv);
-                    }
-                };
-            }
-        };
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/JcePEMEncryptorBuilder.java b/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/JcePEMEncryptorBuilder.java
deleted file mode 100644
index de1de13..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/JcePEMEncryptorBuilder.java
+++ /dev/null

@@ -1,78 +0,0 @@
-package org.bouncycastle.openssl.jcajce;
-
-import java.security.Provider;
-import java.security.SecureRandom;
-
-import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
-import org.bouncycastle.jcajce.util.JcaJceHelper;
-import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
-import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
-import org.bouncycastle.openssl.PEMEncryptor;
-import org.bouncycastle.openssl.PEMException;
-
-public class JcePEMEncryptorBuilder
-{
-    private final String algorithm;
-
-    private JcaJceHelper helper = new DefaultJcaJceHelper();
-    private SecureRandom random;
-
-    public JcePEMEncryptorBuilder(String algorithm)
-    {
-        this.algorithm = algorithm;
-    }
-
-    public JcePEMEncryptorBuilder setProvider(Provider provider)
-    {
-        this.helper = new ProviderJcaJceHelper(provider);
-
-        return this;
-    }
-
-    public JcePEMEncryptorBuilder setProvider(String providerName)
-    {
-        this.helper = new NamedJcaJceHelper(providerName);
-
-        return this;
-    }
-
-    public JcePEMEncryptorBuilder setSecureRandom(SecureRandom random)
-    {
-        this.random = random;
-
-        return this;
-    }
-
-    public PEMEncryptor build(final char[] password)
-    {
-        if (random == null)
-        {
-            random = new SecureRandom();
-        }
-
-        int ivLength = algorithm.startsWith("AES-") ? 16 : 8;
-
-        final byte[] iv = new byte[ivLength];
-
-        random.nextBytes(iv);
-
-        return new PEMEncryptor()
-        {
-            public String getAlgorithm()
-            {
-                return algorithm;
-            }
-
-            public byte[] getIV()
-            {
-                return iv;
-            }
-
-            public byte[] encrypt(byte[] encoding)
-                throws PEMException
-            {
-                return PEMUtilities.crypt(true, helper, encoding, password, algorithm, iv);
-            }
-        };
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/PEMUtilities.java b/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/PEMUtilities.java
deleted file mode 100644
index 7a97804..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/jcajce/PEMUtilities.java
+++ /dev/null

@@ -1,329 +0,0 @@
-package org.bouncycastle.openssl.jcajce;
-
-import java.security.GeneralSecurityException;
-import java.security.Key;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.InvalidKeySpecException;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Set;
-
-import javax.crypto.Cipher;
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.PBEKeySpec;
-import javax.crypto.spec.RC2ParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.jcajce.util.JcaJceHelper;
-import org.bouncycastle.openssl.EncryptionException;
-import org.bouncycastle.openssl.PEMException;
-import org.bouncycastle.util.Integers;
-
-class PEMUtilities
-{
-    private static final Map KEYSIZES = new HashMap();
-    private static final Set PKCS5_SCHEME_1 = new HashSet();
-    private static final Set PKCS5_SCHEME_2 = new HashSet();
-    private static final Map PRFS = new HashMap();
-    private static final Map PRFS_SALT = new HashMap();
-
-    static
-    {
-        PKCS5_SCHEME_1.add(PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC);
-        PKCS5_SCHEME_1.add(PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC);
-        PKCS5_SCHEME_1.add(PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC);
-        PKCS5_SCHEME_1.add(PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC);
-        PKCS5_SCHEME_1.add(PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC);
-        PKCS5_SCHEME_1.add(PKCSObjectIdentifiers.pbeWithSHA1AndRC2_CBC);
-
-        PKCS5_SCHEME_2.add(PKCSObjectIdentifiers.id_PBES2);
-        PKCS5_SCHEME_2.add(PKCSObjectIdentifiers.des_EDE3_CBC);
-        PKCS5_SCHEME_2.add(NISTObjectIdentifiers.id_aes128_CBC);
-        PKCS5_SCHEME_2.add(NISTObjectIdentifiers.id_aes192_CBC);
-        PKCS5_SCHEME_2.add(NISTObjectIdentifiers.id_aes256_CBC);
-
-        KEYSIZES.put(PKCSObjectIdentifiers.des_EDE3_CBC.getId(), Integers.valueOf(192));
-        KEYSIZES.put(NISTObjectIdentifiers.id_aes128_CBC.getId(), Integers.valueOf(128));
-        KEYSIZES.put(NISTObjectIdentifiers.id_aes192_CBC.getId(), Integers.valueOf(192));
-        KEYSIZES.put(NISTObjectIdentifiers.id_aes256_CBC.getId(), Integers.valueOf(256));
-        KEYSIZES.put(PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC4.getId(), Integers.valueOf(128));
-        KEYSIZES.put(PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC4, Integers.valueOf(40));
-        KEYSIZES.put(PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC, Integers.valueOf(128));
-        KEYSIZES.put(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, Integers.valueOf(192));
-        KEYSIZES.put(PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC2_CBC, Integers.valueOf(128));
-        KEYSIZES.put(PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC2_CBC, Integers.valueOf(40));
-
-        PRFS.put(PKCSObjectIdentifiers.id_hmacWithSHA1, "PBKDF2withHMACSHA1");
-        PRFS.put(PKCSObjectIdentifiers.id_hmacWithSHA256, "PBKDF2withHMACSHA256");
-        PRFS.put(PKCSObjectIdentifiers.id_hmacWithSHA512, "PBKDF2withHMACSHA512");
-        PRFS.put(PKCSObjectIdentifiers.id_hmacWithSHA224, "PBKDF2withHMACSHA224");
-        PRFS.put(PKCSObjectIdentifiers.id_hmacWithSHA384, "PBKDF2withHMACSHA384");
-        PRFS.put(NISTObjectIdentifiers.id_hmacWithSHA3_224, "PBKDF2withHMACSHA3-224");
-        PRFS.put(NISTObjectIdentifiers.id_hmacWithSHA3_256, "PBKDF2withHMACSHA3-256");
-        PRFS.put(NISTObjectIdentifiers.id_hmacWithSHA3_384, "PBKDF2withHMACSHA3-384");
-        PRFS.put(NISTObjectIdentifiers.id_hmacWithSHA3_512, "PBKDF2withHMACSHA3-512");
-        PRFS.put(CryptoProObjectIdentifiers.gostR3411Hmac, "PBKDF2withHMACGOST3411");
-
-        PRFS_SALT.put(PKCSObjectIdentifiers.id_hmacWithSHA1, Integers.valueOf(20));
-        PRFS_SALT.put(PKCSObjectIdentifiers.id_hmacWithSHA256, Integers.valueOf(32));
-        PRFS_SALT.put(PKCSObjectIdentifiers.id_hmacWithSHA512, Integers.valueOf(64));
-        PRFS_SALT.put(PKCSObjectIdentifiers.id_hmacWithSHA224, Integers.valueOf(28));
-        PRFS_SALT.put(PKCSObjectIdentifiers.id_hmacWithSHA384, Integers.valueOf(48));
-        PRFS_SALT.put(NISTObjectIdentifiers.id_hmacWithSHA3_224, Integers.valueOf(28));
-        PRFS_SALT.put(NISTObjectIdentifiers.id_hmacWithSHA3_256, Integers.valueOf(32));
-        PRFS_SALT.put(NISTObjectIdentifiers.id_hmacWithSHA3_384, Integers.valueOf(48));
-        PRFS_SALT.put(NISTObjectIdentifiers.id_hmacWithSHA3_512, Integers.valueOf(64));
-        PRFS_SALT.put(CryptoProObjectIdentifiers.gostR3411Hmac, Integers.valueOf(32));
-    }
-
-    static int getKeySize(String algorithm)
-    {
-        if (!KEYSIZES.containsKey(algorithm))
-        {
-            throw new IllegalStateException("no key size for algorithm: " + algorithm);
-        }
-        
-        return ((Integer)KEYSIZES.get(algorithm)).intValue();
-    }
-
-    static int getSaltSize(ASN1ObjectIdentifier algorithm)
-    {
-        if (!PRFS_SALT.containsKey(algorithm))
-        {
-            throw new IllegalStateException("no salt size for algorithm: " + algorithm);
-        }
-
-        return ((Integer)PRFS_SALT.get(algorithm)).intValue();
-    }
-
-    static boolean isHmacSHA1(AlgorithmIdentifier prf)
-    {
-        return prf == null || prf.getAlgorithm().equals(PKCSObjectIdentifiers.id_hmacWithSHA1);
-    }
-
-    static boolean isPKCS5Scheme1(ASN1ObjectIdentifier algOid)
-    {
-        return PKCS5_SCHEME_1.contains(algOid);
-    }
-
-    static boolean isPKCS5Scheme2(ASN1ObjectIdentifier algOid)
-    {
-        return PKCS5_SCHEME_2.contains(algOid);
-    }
-
-    public static boolean isPKCS12(ASN1ObjectIdentifier algOid)
-    {
-        return algOid.getId().startsWith(PKCSObjectIdentifiers.pkcs_12PbeIds.getId());
-    }
-
-    public static SecretKey generateSecretKeyForPKCS5Scheme2(JcaJceHelper helper, String algorithm, char[] password, byte[] salt, int iterationCount)
-        throws NoSuchProviderException, NoSuchAlgorithmException, InvalidKeySpecException
-    {
-        SecretKeyFactory keyGen = helper.createSecretKeyFactory("PBKDF2with8BIT");
-                            
-        SecretKey sKey = keyGen.generateSecret(new PBEKeySpec(password, salt, iterationCount, PEMUtilities.getKeySize(algorithm)));
-
-        return new SecretKeySpec(sKey.getEncoded(), algorithm);
-    }
-
-    public static SecretKey generateSecretKeyForPKCS5Scheme2(JcaJceHelper helper, String algorithm, char[] password, byte[] salt, int iterationCount, AlgorithmIdentifier prf)
-        throws NoSuchProviderException, NoSuchAlgorithmException, InvalidKeySpecException
-    {
-        String prfName = (String)PRFS.get(prf.getAlgorithm());
-        if (prfName == null)
-        {
-            throw new NoSuchAlgorithmException("unknown PRF in PKCS#2: " + prf.getAlgorithm());
-        }
-
-        SecretKeyFactory keyGen = helper.createSecretKeyFactory(prfName);
-
-        SecretKey sKey = keyGen.generateSecret(new PBEKeySpec(password, salt, iterationCount, PEMUtilities.getKeySize(algorithm)));
-
-        return new SecretKeySpec(sKey.getEncoded(), algorithm);
-    }
-
-    static byte[] crypt(
-        boolean encrypt,
-        JcaJceHelper helper,
-        byte[]  bytes,
-        char[]  password,
-        String  dekAlgName,
-        byte[]  iv)
-        throws PEMException
-    {
-        AlgorithmParameterSpec paramSpec = new IvParameterSpec(iv);
-        String                 alg;
-        String                 blockMode = "CBC";
-        String                 padding = "PKCS5Padding";
-        Key                    sKey;
-
-        // Figure out block mode and padding.
-        if (dekAlgName.endsWith("-CFB"))
-        {
-            blockMode = "CFB";
-            padding = "NoPadding";
-        }
-        if (dekAlgName.endsWith("-ECB") ||
-            "DES-EDE".equals(dekAlgName) ||
-            "DES-EDE3".equals(dekAlgName))
-        {
-            // ECB is actually the default (though seldom used) when OpenSSL
-            // uses DES-EDE (des2) or DES-EDE3 (des3).
-            blockMode = "ECB";
-            paramSpec = null;
-        }
-        if (dekAlgName.endsWith("-OFB"))
-        {
-            blockMode = "OFB";
-            padding = "NoPadding";
-        }
-
-        // Figure out algorithm and key size.
-        if (dekAlgName.startsWith("DES-EDE"))
-        {
-            alg = "DESede";
-            // "DES-EDE" is actually des2 in OpenSSL-speak!
-            // "DES-EDE3" is des3.
-            boolean des2 = !dekAlgName.startsWith("DES-EDE3");
-            sKey = getKey(helper, password, alg, 24, iv, des2);
-        }
-        else if (dekAlgName.startsWith("DES-"))
-        {
-            alg = "DES";
-            sKey = getKey(helper, password, alg, 8, iv);
-        }
-        else if (dekAlgName.startsWith("BF-"))
-        {
-            alg = "Blowfish";
-            sKey = getKey(helper, password, alg, 16, iv);
-        }
-        else if (dekAlgName.startsWith("RC2-"))
-        {
-            alg = "RC2";
-            int keyBits = 128;
-            if (dekAlgName.startsWith("RC2-40-"))
-            {
-                keyBits = 40;
-            }
-            else if (dekAlgName.startsWith("RC2-64-"))
-            {
-                keyBits = 64;
-            }
-            sKey = getKey(helper, password, alg, keyBits / 8, iv);
-            if (paramSpec == null) // ECB block mode
-            {
-                paramSpec = new RC2ParameterSpec(keyBits);
-            }
-            else
-            {
-                paramSpec = new RC2ParameterSpec(keyBits, iv);
-            }
-        }
-        else if (dekAlgName.startsWith("AES-"))
-        {
-            alg = "AES";
-            byte[] salt = iv;
-            if (salt.length > 8)
-            {
-                salt = new byte[8];
-                System.arraycopy(iv, 0, salt, 0, 8);
-            }
-
-            int keyBits;
-            if (dekAlgName.startsWith("AES-128-"))
-            {
-                keyBits = 128;
-            }
-            else if (dekAlgName.startsWith("AES-192-"))
-            {
-                keyBits = 192;
-            }
-            else if (dekAlgName.startsWith("AES-256-"))
-            {
-                keyBits = 256;
-            }
-            else
-            {
-                throw new EncryptionException("unknown AES encryption with private key");
-            }
-            sKey = getKey(helper, password, "AES", keyBits / 8, salt);
-        }
-        else
-        {
-            throw new EncryptionException("unknown encryption with private key");
-        }
-
-        String transformation = alg + "/" + blockMode + "/" + padding;
-
-        try
-        {
-            Cipher c = helper.createCipher(transformation);
-            int    mode = encrypt ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE;
-
-            if (paramSpec == null) // ECB block mode
-            {
-                c.init(mode, sKey);
-            }
-            else
-            {
-                c.init(mode, sKey, paramSpec);
-            }
-            return c.doFinal(bytes);
-        }
-        catch (Exception e)
-        {
-            throw new EncryptionException("exception using cipher - please check password and data.", e);
-        }
-    }
-
-    private static SecretKey getKey(
-        JcaJceHelper helper,
-        char[]  password,
-        String  algorithm,
-        int     keyLength,
-        byte[]  salt)
-        throws PEMException
-    {
-        return getKey(helper, password, algorithm, keyLength, salt, false);
-    }
-
-    private static SecretKey getKey(
-        JcaJceHelper helper,
-        char[]  password,
-        String  algorithm,
-        int     keyLength,
-        byte[]  salt,
-        boolean des2)
-        throws PEMException
-    {
-        try
-        {
-            PBEKeySpec spec = new PBEKeySpec(password, salt, 1, keyLength * 8);
-            SecretKeyFactory keyFactory = helper.createSecretKeyFactory("PBKDF-OpenSSL");
-
-            byte[] key = keyFactory.generateSecret(spec).getEncoded();
-
-            if (des2 && key.length >= 24)
-            {
-                // For DES2, we must copy first 8 bytes into the last 8 bytes.
-                System.arraycopy(key, 0, key, 16, 8);
-            }
-
-            return new SecretKeySpec(key, algorithm);
-        }
-        catch (GeneralSecurityException e)
-        {
-            throw new PEMException("Unable to create OpenSSL PBDKF: " + e.getMessage(), e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/package.html b/bcpkix/src/main/java/org/bouncycastle/openssl/package.html
deleted file mode 100644
index 7e60a79..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Classes for dealing with OpenSSL PEM files.
-</body>
-</html>

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/test/AllTests.java b/bcpkix/src/main/java/org/bouncycastle/openssl/test/AllTests.java
deleted file mode 100644
index 1534827..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/test/AllTests.java
+++ /dev/null

@@ -1,246 +0,0 @@
-package org.bouncycastle.openssl.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStreamReader;
-import java.io.OutputStreamWriter;
-import java.security.KeyPairGenerator;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PrivateKey;
-import java.security.Security;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.openssl.PEMParser;
-import org.bouncycastle.openssl.PKCS8Generator;
-import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
-import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
-import org.bouncycastle.openssl.jcajce.JcaPKCS8Generator;
-import org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder;
-import org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8EncryptorBuilder;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;
-import org.bouncycastle.pkcs.PKCSException;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTestResult;
-
-public class
-    AllTests
-    extends TestCase
-{
-    private static final byte[] aesVec = Base64.decode(
-        "MIIC2zBVBgkqhkiG9w0BBQ0wSDAnBgkqhkiG9w0BBQwwGgQUJCXGcAtNlIKnbOigO9dFiEax0VACAggAMB0GCWCGSAFlAwQBKgQQHc1vpUS4cErEZut/nwhkSQSCAoACXZhhr0lx1Ww3d6t+ALjEbX8KopM/odVnYn8QWIvwDwKm+1eYL9e72XAu7pDM8yiYctnnFR9n+RfRj19b3GXIJkhxtLcIb0LqmRgy/Gna07PhrNXcWZ8i5kzt/wpxbgKI06k2bqCovYmfMkrLOnRIUNx8hRMvzQosjp32enKoeYRVPRii0VrKgzwPv1Qqyaq6uW4NErkMqoYJU3asFhB/OH6vSwOEVW69U13Ort8g0mmZJGDDHhctRbu29HMNROxGlGwt4t/EBOXTM2PHFS34zQK128Z2Zc6X7q7tSo1ENcNQqL9fnyoK4iXMu7bHKe0fslGw+s55b5KysSu6fcQfxIHA/GYpn5AKutdLTCzIiaPCdd5f5kWoijrTfcNKn9r8eWpgpSEFU5n96RNevGr7sYO3P0xL2wQQKb/V9AIIdFwyMfL0e5gR85ToG66AqK2pXSSfX7hqQYMyndeP9CRmhefG6/8cSUzrXXpx1WZ1U/U3E/asNlXwJ9AfFESLnT32s6es+1qLbHMZ7vkCxFyXZb2oK7+eduUB+5QbddEDlHhbpUpxbBkjpRq7rHO+T1m+ZWbjgD6EhVhmS5BXrlPHdWIfTUBdB0mwcvM4qVgEnEHqE+JGq71Xl12XhDH8sQHcd1NDLtVPY8GMIxFghvL7cPdfs8HccCdDv3dDcJw54Dn5xqWYPYitn/eMeJB5pnfekR/ko+zZd7dJlfU9JqjGyfpy3KnsShERSJd2LZDAvdb1Xp54ZsujblMc1kPyyzJfxBWDvoygCag0/42eHDp6vTIpYI3v+Wm/nWuVpq6JMAip0XFHEMhdMKW0SNp8gZxKTuDfCpVWvuF2WBVG1rKu");
-
-    private static final byte[] desEDEVec = Base64.decode(
-        "MIIC0jBMBgkqhkiG9w0BBQ0wPzAnBgkqhkiG9w0BBQwwGgQUaFB4TMBDEqCMfFRIb2G8Hc72p7wCAggAMBQGCCqGSIb3DQMHBAiMXRDFMwbnhwSCAoBLCzHx112fm3JTTOrYy9eiNrbb6dcAqYGBM+3uJm9D6/QOJ1dQOJKmZXFKebs057X6Uy7dpntpBC23golF53Mx7I+cM50xb3VzAXRWfLBZ7DmxgVojF4YgPFSFoOsdpaw1wTkCqU16O5q4zIk6uVjbPYcK9WhGxSYBmnw7ih38a3nBpehTWrWjbjP9QjK2TV79RRlLkU//QVrTJdDuOUhyFthfigWrNvPuC1nM62JbgsVrIFfNqmn63Du2356NVk4ZbI+0rnVxRG4LhFZix1xqj5BvYpUpMSjU4JwzcBFWhImoIq0RqXcFIKpaVqxLU/fNG8qq0v5ydb5Bfa/Ln2vUk/+yc7Y6eS/aD0kQXoaq+06h81FRBkkmeFFTMxMCrMCuycq6Rgufq9X2h4e+6dmWfc/d+CwpMY5BrVEc04jeVF0gOKevrfIHa7bhJJUNtGKO5hpHmIBvcqcC6NhaX+CvFS/RWNknxqb+aobyr/N/+bvA5h5UDRPKbUlyUWOIpkl9TGKNGrNwe7UnhmB6XYe5h2Dc/X2VFeRn43QqCTHbjSMX+o3yjS51Uqd8ufBFplV7o4dvw+46097G113Pbn/Bbqpl5w90r+G6+w0jpK9pB51ZfY9oAgKKhtFJVh1UFm6sXG+TTK1g7Yq4/BFjDRSMlnaIgGI8WaSWYSluxHes/Ek6Tmybsin+YXajmdfCg4LLxQJ/1UXksmQ19gtytXjXFtNtnFHiTqI5cWSfWkYoY7LLJw8qKzc2eRX3rLPmAnlOgyHRZ732V05CmYayHN/n440BU0GmuEqmTeINqrLpnUeq7Y6UrXV8wusgWaEhqSMn4fW7a0HvjTKdrWHhq8gP");
-
-    private static final byte[] desEDEpkcs12Vec = Base64.decode(
-        "MIICrjAoBgoqhkiG9w0BDAEDMBoEFA0yd6BYRViRmzBKN/MHaXcKT4hkAgIIAASCAoD5Z3YR8tVD4d+fyGVvvx3f+ePw/FRuB91fjJNukDAPpGbhVXm33b81GrrzucjTBHv5YciVQdyrhkRoqVNN77rOPJkMGENKkggJt+DuFcjqoMFB6Tkug7QhtwRn0n3jMjw7LraCOSuHg1bZm0vKmrRvzlvk+fcFWoa0+GKunbzM/b8/mg3nViOkxrrGEx5fcaXB97hwxniTz7tKmlj+BnV72XMt/RUh/IsXlDNX9iUfmm0cMKjKPz4Kll31GGbt4vG/iWsYJ0rF6XP8Dd5ZlUy+1q9GMM9M2/w6kffH8QxkWELbitUAaba3QV8+dzQrkAgW8yzThY3fEeg3dYGS1oKHdP8r+OiRQEkh196xAs8aFidAbkpWS76UoI/R7yMrphRa2u2P+0AySkOKLbbF9sCEUXEDupif2uSMxW39rIX1E8Nn4MW/onL0UxRNQ4ufiQdQX1UmNSVs5GyPm7iGH5FfouFGkH3oZeIcXHJEAGt1BkKFDwQyH0CbS6ynvOBGku7P5SlmNogqy2IgLl3o4emyJc8Xi1S7Ygt+LdWNrSVmOIMAOJlrjVlVezOCAEGbsZyU/HgskZPVSbDTZydCvY9rY3htbnq+sm+4Ug8lrDsxkP+5NOu2YEcegPItj/EV0AWH6r96gzYuNPtkp+ij1MJn5He1Ms5Th6yhSL5Opuq20TNSS61Cml3Put7H402x+R+W+eLkf/7V10uKOZxT9RNKe6pd5HbO17nuY1/yMdq6WL5+B2YTOkBUl96Pn4frlOnu3Ll0h+27t/1rgeWWgXTU4YTxOrolI/ZIvIfaDAl34NeqmZQbRFy0wnLTH6fgOaBa+rgiOfHTc/PXMkALMHiu");
-
-    public void testOpenSSL()
-    {
-        if (Security.getProvider("BC") == null)
-        {
-            Security.addProvider(new BouncyCastleProvider());
-        }
-        
-        org.bouncycastle.util.test.Test[] tests = new org.bouncycastle.util.test.Test[]
-        {
-            new WriterTest(),
-            new ParserTest()
-        };
-
-        for (int i = 0; i != tests.length; i++)
-        {
-            SimpleTestResult  result = (SimpleTestResult)tests[i].perform();
-            
-            if (!result.isSuccessful())
-            {
-                fail(result.toString());
-            }
-        }
-    }
-
-    public void testPKCS8Encrypted()
-        throws Exception
-    {
-        if (Security.getProvider("BC") == null)
-        {
-            Security.addProvider(new BouncyCastleProvider());
-        }
-
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", "BC");
-
-        kpGen.initialize(1024);
-
-        PrivateKey key = kpGen.generateKeyPair().getPrivate();
-
-        encryptedTestNew(key, PKCS8Generator.AES_256_CBC);
-        encryptedTestNew(key, PKCS8Generator.DES3_CBC);
-        encryptedTestNew(key, PKCS8Generator.PBE_SHA1_3DES);
-
-        encryptedTestNew(key, PKCS8Generator.AES_256_CBC, PKCS8Generator.PRF_HMACSHA1);
-        encryptedTestNew(key, PKCS8Generator.AES_256_CBC, PKCS8Generator.PRF_HMACSHA224);
-        encryptedTestNew(key, PKCS8Generator.AES_256_CBC, PKCS8Generator.PRF_HMACSHA256);
-        encryptedTestNew(key, PKCS8Generator.AES_256_CBC, PKCS8Generator.PRF_HMACSHA384);
-        encryptedTestNew(key, PKCS8Generator.AES_256_CBC, PKCS8Generator.PRF_HMACSHA512);
-        encryptedTestNew(key, PKCS8Generator.AES_256_CBC, PKCS8Generator.PRF_HMACSHA3_224);
-        encryptedTestNew(key, PKCS8Generator.AES_256_CBC, PKCS8Generator.PRF_HMACSHA3_256);
-        encryptedTestNew(key, PKCS8Generator.AES_256_CBC, PKCS8Generator.PRF_HMACSHA3_384);
-        encryptedTestNew(key, PKCS8Generator.AES_256_CBC, PKCS8Generator.PRF_HMACSHA3_512);
-        encryptedTestNew(key, PKCS8Generator.AES_256_CBC, PKCS8Generator.PRF_HMACGOST3411);
-    }
-
-    private void encryptedTestNew(PrivateKey key, ASN1ObjectIdentifier algorithm)
-        throws NoSuchProviderException, NoSuchAlgorithmException, IOException, OperatorCreationException, PKCSException
-    {
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        JcaPEMWriter pWrt = new JcaPEMWriter(new OutputStreamWriter(bOut));
-
-        JceOpenSSLPKCS8EncryptorBuilder encryptorBuilder = new JceOpenSSLPKCS8EncryptorBuilder(algorithm);
-
-        encryptorBuilder.setProvider("BC");
-        encryptorBuilder.setPasssword("hello".toCharArray());
-
-        PKCS8Generator pkcs8 = new JcaPKCS8Generator(key, encryptorBuilder.build());
-
-        pWrt.writeObject(pkcs8);
-
-        pWrt.close();
-
-        PEMParser pRd = new PEMParser(new InputStreamReader(new ByteArrayInputStream(bOut.toByteArray())));
-
-        PKCS8EncryptedPrivateKeyInfo pInfo = (PKCS8EncryptedPrivateKeyInfo)pRd.readObject();
-
-        PrivateKey rdKey = new JcaPEMKeyConverter().setProvider("BC").getPrivateKey(pInfo.decryptPrivateKeyInfo(new JceOpenSSLPKCS8DecryptorProviderBuilder().setProvider("BC").build("hello".toCharArray())));
-
-
-        assertEquals(key, rdKey);
-    }
-
-    private void encryptedTestNew(PrivateKey key, ASN1ObjectIdentifier algorithm, AlgorithmIdentifier prf)
-        throws NoSuchProviderException, NoSuchAlgorithmException, IOException, OperatorCreationException, PKCSException
-    {
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        JcaPEMWriter pWrt = new JcaPEMWriter(new OutputStreamWriter(bOut));
-
-        JceOpenSSLPKCS8EncryptorBuilder encryptorBuilder = new JceOpenSSLPKCS8EncryptorBuilder(algorithm);
-
-        encryptorBuilder.setProvider("BC");
-        encryptorBuilder.setPasssword("hello".toCharArray());
-        encryptorBuilder.setPRF(prf);
-
-        PKCS8Generator pkcs8 = new JcaPKCS8Generator(key, encryptorBuilder.build());
-
-        pWrt.writeObject(pkcs8);
-
-        pWrt.close();
-
-        PEMParser pRd = new PEMParser(new InputStreamReader(new ByteArrayInputStream(bOut.toByteArray())));
-
-        PKCS8EncryptedPrivateKeyInfo pInfo = (PKCS8EncryptedPrivateKeyInfo)pRd.readObject();
-
-        PrivateKey rdKey = new JcaPEMKeyConverter().setProvider("BC").getPrivateKey(pInfo.decryptPrivateKeyInfo(new JceOpenSSLPKCS8DecryptorProviderBuilder().setProvider("BC").build("hello".toCharArray())));
-
-
-        assertEquals(key, rdKey);
-    }
-
-    public void testVectors()
-        throws Exception
-    {
-        if (Security.getProvider("BC") == null)
-        {
-            Security.addProvider(new BouncyCastleProvider());
-        }
-
-        PKCS8EncryptedPrivateKeyInfo encInfo = new PKCS8EncryptedPrivateKeyInfo(aesVec);
-
-        PrivateKey key = new JcaPEMKeyConverter().setProvider("BC").getPrivateKey(encInfo.decryptPrivateKeyInfo(new JceOpenSSLPKCS8DecryptorProviderBuilder().setProvider("BC").build("hello".toCharArray())));
-
-        encInfo = new PKCS8EncryptedPrivateKeyInfo(desEDEVec);
-
-        PrivateKey rdKey = new JcaPEMKeyConverter().setProvider("BC").getPrivateKey(encInfo.decryptPrivateKeyInfo(new JceOpenSSLPKCS8DecryptorProviderBuilder().setProvider("BC").build("hello".toCharArray())));
-
-        TestCase.assertEquals(key, rdKey);
-
-        encInfo = new PKCS8EncryptedPrivateKeyInfo(desEDEpkcs12Vec);
-
-        rdKey = new JcaPEMKeyConverter().setProvider("BC").getPrivateKey(encInfo.decryptPrivateKeyInfo(new JceOpenSSLPKCS8DecryptorProviderBuilder().setProvider("BC").build("hello".toCharArray())));
-
-        TestCase.assertEquals(key, rdKey);
-    }
-
-    public void testPKCS8PlainNew()
-        throws Exception
-    {
-        if (Security.getProvider("BC") == null)
-        {
-            Security.addProvider(new BouncyCastleProvider());
-        }
-
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", "BC");
-
-        kpGen.initialize(1024);
-
-        PrivateKey key = kpGen.generateKeyPair().getPrivate();
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        JcaPEMWriter pWrt = new JcaPEMWriter(new OutputStreamWriter(bOut));
-        PKCS8Generator pkcs8 = new JcaPKCS8Generator(key, null);
-
-        pWrt.writeObject(pkcs8);
-
-        pWrt.close();
-
-        PEMParser pRd = new PEMParser(new InputStreamReader(new ByteArrayInputStream(bOut.toByteArray())));
-
-        PrivateKeyInfo kp = (PrivateKeyInfo)pRd.readObject();
-
-        PrivateKey rdKey = new JcaPEMKeyConverter().setProvider("BC").getPrivateKey(kp);
-
-        assertEquals(key, rdKey);
-    }
-
-    public static void main (String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-        
-        junit.textui.TestRunner.run(suite());
-    }
-    
-    public static Test suite()
-    {
-        TestSuite suite = new TestSuite("OpenSSL Tests");
-        
-        suite.addTestSuite(AllTests.class);
-        
-        return new BCTestSetup(suite);
-    }
-
-    static class BCTestSetup
-        extends TestSetup
-    {
-        public BCTestSetup(Test test)
-        {
-            super(test);
-        }
-
-        protected void setUp()
-        {
-
-        }
-
-        protected void tearDown()
-        {
-
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/test/ParserTest.java b/bcpkix/src/main/java/org/bouncycastle/openssl/test/ParserTest.java
deleted file mode 100644
index 0b816ae..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/test/ParserTest.java
+++ /dev/null

@@ -1,565 +0,0 @@
-package org.bouncycastle.openssl.test;
-
-import java.io.BufferedReader;
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.io.OutputStreamWriter;
-import java.io.Reader;
-import java.io.StringReader;
-import java.io.StringWriter;
-import java.math.BigInteger;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.Signature;
-import java.security.interfaces.DSAPrivateKey;
-import java.security.interfaces.RSAPrivateCrtKey;
-import java.security.interfaces.RSAPrivateKey;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.KeyPurposeId;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x9.ECNamedCurveTable;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.openssl.CertificateTrustBlock;
-import org.bouncycastle.openssl.PEMDecryptorProvider;
-import org.bouncycastle.openssl.PEMEncryptedKeyPair;
-import org.bouncycastle.openssl.PEMKeyPair;
-import org.bouncycastle.openssl.PEMParser;
-import org.bouncycastle.openssl.X509TrustedCertificateBlock;
-import org.bouncycastle.openssl.bc.BcPEMDecryptorProvider;
-import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
-import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
-import org.bouncycastle.openssl.jcajce.JceOpenSSLPKCS8DecryptorProviderBuilder;
-import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder;
-import org.bouncycastle.operator.InputDecryptorProvider;
-import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * basic class for reading test.pem - the password is "secret"
- */
-public class ParserTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "PEMParserTest";
-    }
-
-
-    private PEMParser openPEMResource(
-        String          fileName)
-    {
-        InputStream res = this.getClass().getResourceAsStream(fileName);
-        Reader fRd = new BufferedReader(new InputStreamReader(res));
-        return new PEMParser(fRd);
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        PEMParser       pemRd = openPEMResource("test.pem");
-        Object          o;
-        PEMKeyPair      pemPair;
-        KeyPair         pair;
-
-        while ((o = pemRd.readObject()) != null)
-        {
-            if (o instanceof KeyPair)
-            {
-                //pair = (KeyPair)o;
-
-                //System.out.println(pair.getPublic());
-                //System.out.println(pair.getPrivate());
-            }
-            else
-            {
-                //System.out.println(o.toString());
-            }
-        }
-
-        // test bogus lines before begin are ignored.
-        pemRd = openPEMResource("extratest.pem");
-
-        while ((o = pemRd.readObject()) != null)
-        {
-            if (!(o instanceof X509CertificateHolder))
-            {
-                fail("wrong object found");
-            }
-        }
-
-        //
-        // pkcs 7 data
-        //
-        pemRd = openPEMResource("pkcs7.pem");
-        ContentInfo d = (ContentInfo)pemRd.readObject();
-
-        if (!d.getContentType().equals(CMSObjectIdentifiers.envelopedData))
-        {
-            fail("failed envelopedData check");
-        }
-
-        //
-        // ECKey
-        //
-        pemRd = openPEMResource("eckey.pem");
-        ASN1ObjectIdentifier ecOID = (ASN1ObjectIdentifier)pemRd.readObject();
-        X9ECParameters ecSpec = ECNamedCurveTable.getByOID(ecOID);
-
-        if (ecSpec == null)
-        {
-            fail("ecSpec not found for named curve");
-        }
-
-        pemPair = (PEMKeyPair)pemRd.readObject();
-
-        pair = new JcaPEMKeyConverter().setProvider("BC").getKeyPair(pemPair);
-
-        Signature sgr = Signature.getInstance("ECDSA", "BC");
-
-        sgr.initSign(pair.getPrivate());
-
-        byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' };
-
-        sgr.update(message);
-
-        byte[]  sigBytes = sgr.sign();
-
-        sgr.initVerify(pair.getPublic());
-
-        sgr.update(message);
-
-        if (!sgr.verify(sigBytes))
-        {
-            fail("EC verification failed");
-        }
-
-        if (!pair.getPublic().getAlgorithm().equals("ECDSA"))
-        {
-            fail("wrong algorithm name on public got: " + pair.getPublic().getAlgorithm());
-        }
-
-        if (!pair.getPrivate().getAlgorithm().equals("ECDSA"))
-        {
-            fail("wrong algorithm name on private");
-        }
-
-        //
-        // ECKey -- explicit parameters
-        //
-        pemRd = openPEMResource("ecexpparam.pem");
-        ecSpec = (X9ECParameters)pemRd.readObject();
-
-        pemPair = (PEMKeyPair)pemRd.readObject();
-
-        pair = new JcaPEMKeyConverter().setProvider("BC").getKeyPair(pemPair);
-
-        sgr = Signature.getInstance("ECDSA", "BC");
-
-        sgr.initSign(pair.getPrivate());
-
-        message = new byte[] { (byte)'a', (byte)'b', (byte)'c' };
-
-        sgr.update(message);
-
-        sigBytes = sgr.sign();
-
-        sgr.initVerify(pair.getPublic());
-
-        sgr.update(message);
-
-        if (!sgr.verify(sigBytes))
-        {
-            fail("EC verification failed");
-        }
-
-        if (!pair.getPublic().getAlgorithm().equals("ECDSA"))
-        {
-            fail("wrong algorithm name on public got: " + pair.getPublic().getAlgorithm());
-        }
-
-        if (!pair.getPrivate().getAlgorithm().equals("ECDSA"))
-        {
-            fail("wrong algorithm name on private");
-        }
-
-        //
-        // writer/parser test
-        //
-        KeyPairGenerator      kpGen = KeyPairGenerator.getInstance("RSA", "BC");
-
-        pair = kpGen.generateKeyPair();
-
-        keyPairTest("RSA", pair);
-
-        kpGen = KeyPairGenerator.getInstance("DSA", "BC");
-        kpGen.initialize(512, new SecureRandom());
-        pair = kpGen.generateKeyPair();
-
-        keyPairTest("DSA", pair);
-
-        //
-        // PKCS7
-        //
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        JcaPEMWriter pWrt = new JcaPEMWriter(new OutputStreamWriter(bOut));
-
-        pWrt.writeObject(d);
-
-        pWrt.close();
-
-        pemRd = new PEMParser(new InputStreamReader(new ByteArrayInputStream(bOut.toByteArray())));
-        d = (ContentInfo)pemRd.readObject();
-
-        if (!d.getContentType().equals(CMSObjectIdentifiers.envelopedData))
-        {
-            fail("failed envelopedData recode check");
-        }
-
-
-        // OpenSSL test cases (as embedded resources)
-        doOpenSslDsaTest("unencrypted");
-        doOpenSslRsaTest("unencrypted");
-
-        doOpenSslTests("aes128");
-        doOpenSslTests("aes192");
-        doOpenSslTests("aes256");
-        doOpenSslTests("blowfish");
-        doOpenSslTests("des1");
-        doOpenSslTests("des2");
-        doOpenSslTests("des3");
-        doOpenSslTests("rc2_128");
-
-        doOpenSslDsaTest("rc2_40_cbc");
-        doOpenSslRsaTest("rc2_40_cbc");
-        doOpenSslDsaTest("rc2_64_cbc");
-        doOpenSslRsaTest("rc2_64_cbc");
-
-        doDudPasswordTest("7fd98", 0, "corrupted stream - out of bounds length found");
-        doDudPasswordTest("ef677", 1, "corrupted stream - out of bounds length found");
-        doDudPasswordTest("800ce", 2, "unknown tag 26 encountered");
-        doDudPasswordTest("b6cd8", 3, "DEF length 81 object truncated by 56");
-        doDudPasswordTest("28ce09", 4, "DEF length 110 object truncated by 28");
-        doDudPasswordTest("2ac3b9", 5, "DER length more than 4 bytes: 11");
-        doDudPasswordTest("2cba96", 6, "DEF length 100 object truncated by 35");
-        doDudPasswordTest("2e3354", 7, "DEF length 42 object truncated by 9");
-        doDudPasswordTest("2f4142", 8, "DER length more than 4 bytes: 14");
-        doDudPasswordTest("2fe9bb", 9, "DER length more than 4 bytes: 65");
-        doDudPasswordTest("3ee7a8", 10, "DER length more than 4 bytes: 57");
-        doDudPasswordTest("41af75", 11, "unknown tag 16 encountered");
-        doDudPasswordTest("1704a5", 12, "corrupted stream detected");
-        doDudPasswordTest("1c5822", 13, "Extra data detected in stream");
-        doDudPasswordTest("5a3d16", 14, "corrupted stream detected");
-        doDudPasswordTest("8d0c97", 15, "corrupted stream detected");
-        doDudPasswordTest("bc0daf", 16, "corrupted stream detected");
-        doDudPasswordTest("aaf9c4d",17, "corrupted stream - out of bounds length found");
-
-        doNoPasswordTest();
-        doNoECPublicKeyTest();
-
-        // encrypted private key test
-        InputDecryptorProvider pkcs8Prov = new JceOpenSSLPKCS8DecryptorProviderBuilder().setProvider("BC").build("password".toCharArray());
-        pemRd = openPEMResource("enckey.pem");
-
-        PKCS8EncryptedPrivateKeyInfo encPrivKeyInfo = (PKCS8EncryptedPrivateKeyInfo)pemRd.readObject();
-        JcaPEMKeyConverter   converter = new JcaPEMKeyConverter().setProvider("BC");
-
-        RSAPrivateCrtKey privKey = (RSAPrivateCrtKey)converter.getPrivateKey(encPrivKeyInfo.decryptPrivateKeyInfo(pkcs8Prov));
-
-        if (!privKey.getPublicExponent().equals(new BigInteger("10001", 16)))
-        {
-            fail("decryption of private key data check failed");
-        }
-
-        // general PKCS8 test
-
-        pemRd = openPEMResource("pkcs8test.pem");
-
-        Object privInfo;
-
-        while ((privInfo = pemRd.readObject()) != null)
-        {
-            if (privInfo instanceof PrivateKeyInfo)
-            {
-                privKey = (RSAPrivateCrtKey)converter.getPrivateKey(PrivateKeyInfo.getInstance(privInfo));
-            }
-            else
-            {
-                privKey = (RSAPrivateCrtKey)converter.getPrivateKey(((PKCS8EncryptedPrivateKeyInfo)privInfo).decryptPrivateKeyInfo(pkcs8Prov));
-            }
-            if (!privKey.getPublicExponent().equals(new BigInteger("10001", 16)))
-            {
-                fail("decryption of private key data check failed");
-            }
-        }
-
-        pemRd = openPEMResource("trusted_cert.pem");
-
-        X509TrustedCertificateBlock trusted = (X509TrustedCertificateBlock)pemRd.readObject();
-
-        checkTrustedCert(trusted);
-
-        StringWriter stringWriter = new StringWriter();
-
-        pWrt = new JcaPEMWriter(stringWriter);
-
-        pWrt.writeObject(trusted);
-
-        pWrt.close();
-
-        pemRd = new PEMParser(new StringReader(stringWriter.toString()));
-
-        trusted = (X509TrustedCertificateBlock)pemRd.readObject();
-
-        checkTrustedCert(trusted);
-
-
-    }
-
-    private void checkTrustedCert(X509TrustedCertificateBlock trusted)
-    {
-        CertificateTrustBlock trustBlock = trusted.getTrustBlock();
-
-        if (!"Fred".equals(trustBlock.getAlias()))
-        {
-            fail("alias not found");
-        }
-
-        if (trustBlock.getUses().size() != 3)
-        {
-            fail("key purpose usages wrong size");
-        }
-        if (!trustBlock.getUses().contains(KeyPurposeId.id_kp_OCSPSigning))
-        {
-            fail("key purpose use not found");
-        }
-
-        if (trustBlock.getProhibitions().size() != 1)
-        {
-            fail("key purpose prohibitions wrong size");
-        }
-        if (!trustBlock.getProhibitions().contains(KeyPurposeId.id_kp_clientAuth))
-        {
-            fail("key purpose prohibition not found");
-        }
-    }
-
-    private void keyPairTest(
-        String   name,
-        KeyPair pair)
-        throws IOException
-    {
-        PEMParser pemRd;
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        JcaPEMWriter             pWrt = new JcaPEMWriter(new OutputStreamWriter(bOut));
-
-        pWrt.writeObject(pair.getPublic());
-
-        pWrt.close();
-
-        pemRd = new PEMParser(new InputStreamReader(new ByteArrayInputStream(bOut.toByteArray())));
-
-        SubjectPublicKeyInfo pub = SubjectPublicKeyInfo.getInstance(pemRd.readObject());
-        JcaPEMKeyConverter   converter = new JcaPEMKeyConverter().setProvider("BC");
-
-        PublicKey k = converter.getPublicKey(pub);
-
-        if (!k.equals(pair.getPublic()))
-        {
-            fail("Failed public key read: " + name);
-        }
-
-        bOut = new ByteArrayOutputStream();
-        pWrt = new JcaPEMWriter(new OutputStreamWriter(bOut));
-
-        pWrt.writeObject(pair.getPrivate());
-
-        pWrt.close();
-
-        pemRd = new PEMParser(new InputStreamReader(new ByteArrayInputStream(bOut.toByteArray())));
-
-        KeyPair kPair = converter.getKeyPair((PEMKeyPair)pemRd.readObject());
-        if (!kPair.getPrivate().equals(pair.getPrivate()))
-        {
-            fail("Failed private key read: " + name);
-        }
-
-        if (!kPair.getPublic().equals(pair.getPublic()))
-        {
-            fail("Failed private key public read: " + name);
-        }
-    }
-
-    private void doOpenSslTests(
-        String baseName)
-        throws IOException
-    {
-        doOpenSslDsaModesTest(baseName);
-        doOpenSslRsaModesTest(baseName);
-    }
-
-    private void doOpenSslDsaModesTest(
-        String baseName)
-        throws IOException
-    {
-        doOpenSslDsaTest(baseName + "_cbc");
-        doOpenSslDsaTest(baseName + "_cfb");
-        doOpenSslDsaTest(baseName + "_ecb");
-        doOpenSslDsaTest(baseName + "_ofb");
-    }
-
-    private void doOpenSslRsaModesTest(
-        String baseName)
-        throws IOException
-    {
-        doOpenSslRsaTest(baseName + "_cbc");
-        doOpenSslRsaTest(baseName + "_cfb");
-        doOpenSslRsaTest(baseName + "_ecb");
-        doOpenSslRsaTest(baseName + "_ofb");
-    }
-
-    private void doOpenSslDsaTest(
-        String name)
-        throws IOException
-    {
-        String fileName = "dsa/openssl_dsa_" + name + ".pem";
-
-        doOpenSslTestFile(fileName, DSAPrivateKey.class);
-    }
-
-    private void doOpenSslRsaTest(
-        String name)
-        throws IOException
-    {
-        String fileName = "rsa/openssl_rsa_" + name + ".pem";
-
-        doOpenSslTestFile(fileName, RSAPrivateKey.class);
-    }
-
-    private void doOpenSslTestFile(
-        String  fileName,
-        Class   expectedPrivKeyClass)
-        throws IOException
-    {
-        keyDecryptTest(fileName, expectedPrivKeyClass, new JcePEMDecryptorProviderBuilder().setProvider("BC").build("changeit".toCharArray()));
-        keyDecryptTest(fileName, expectedPrivKeyClass, new BcPEMDecryptorProvider("changeit".toCharArray()));
-    }
-
-    private void keyDecryptTest(String fileName, Class expectedPrivKeyClass, PEMDecryptorProvider decProv)
-        throws IOException
-    {
-        PEMParser pr = openPEMResource("data/" + fileName);
-        Object o = pr.readObject();
-
-        if (o == null || !((o instanceof PEMKeyPair) || (o instanceof PEMEncryptedKeyPair)))
-        {
-            fail("Didn't find OpenSSL key");
-        }
-
-        JcaPEMKeyConverter converter = new JcaPEMKeyConverter().setProvider("BC");
-        KeyPair kp = (o instanceof PEMEncryptedKeyPair) ?
-            converter.getKeyPair(((PEMEncryptedKeyPair)o).decryptKeyPair(decProv)) : converter.getKeyPair((PEMKeyPair)o);
-
-        PrivateKey privKey = kp.getPrivate();
-
-        if (!expectedPrivKeyClass.isInstance(privKey))
-        {
-            fail("Returned key not of correct type");
-        }
-    }
-
-    private void doDudPasswordTest(String password, int index, String message)
-    {
-        // illegal state exception check - in this case the wrong password will
-        // cause an underlying class cast exception.
-        try
-        {
-            PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().setProvider("BC").build(password.toCharArray());
-
-            PEMParser pemRd = openPEMResource("test.pem");
-            Object o;
-
-            while ((o = pemRd.readObject()) != null)
-            {
-                if (o instanceof PEMEncryptedKeyPair)
-                {
-                    ((PEMEncryptedKeyPair)o).decryptKeyPair(decProv);
-                }
-            }
-
-            fail("issue not detected: " + index);
-        }
-        catch (IOException e)
-        {
-            if (e.getCause() != null && !e.getCause().getMessage().endsWith(message))
-            {
-               fail("issue " + index + " exception thrown, but wrong message");
-            }
-            else if (e.getCause() == null && !e.getMessage().equals(message))
-            {
-                               e.printStackTrace();
-               fail("issue " + index + " exception thrown, but wrong message");
-            }
-        }
-    }
-
-    private void doNoPasswordTest()
-        throws IOException
-    {
-        PEMDecryptorProvider decProv = new JcePEMDecryptorProviderBuilder().setProvider("BC").build("".toCharArray());
-
-        PEMParser pemRd = openPEMResource("smimenopw.pem");
-        Object o;
-        PrivateKeyInfo key = null;
-
-        while ((o = pemRd.readObject()) != null)
-        {
-             key = (PrivateKeyInfo)o;
-        }
-
-        if (key == null)
-        {
-            fail("private key not detected");
-        }
-    }
-
-    private void doNoECPublicKeyTest()
-        throws Exception
-    {
-        // EC private key without the public key defined. Note: this encoding is actually invalid.
-        String ecSample =
-                    "-----BEGIN EC PRIVATE KEY-----\n" +
-                    "MIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQgvYiiubZYNO1WXXi3\n" +
-                    "jmGT9DLeFemvlmR1zTA0FdcSAG2gCgYIKoZIzj0DAQehRANCAATNXYa06ykwhxuy\n" +
-                    "Dg+q6zsVqOLk9LtXz/1fzf9AkAVm9lBMTZAh+FRfregBgl08LATztGlTh/z0dPnp\n" +
-                    "dW2jFrDn\n" +
-                    "-----END EC PRIVATE KEY-----";
-
-        PEMParser pemRd = new PEMParser(new StringReader(ecSample));
-
-        PEMKeyPair kp = (PEMKeyPair)pemRd.readObject();
-
-        isTrue(kp.getPublicKeyInfo() == null);
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new ParserTest());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/test/WriterTest.java b/bcpkix/src/main/java/org/bouncycastle/openssl/test/WriterTest.java
deleted file mode 100644
index 19ba64f..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/test/WriterTest.java
+++ /dev/null

@@ -1,239 +0,0 @@
-package org.bouncycastle.openssl.test;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.OutputStreamWriter;
-import java.io.StringReader;
-import java.io.StringWriter;
-import java.math.BigInteger;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.PrivateKey;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.spec.DSAParameterSpec;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.RSAPrivateCrtKeySpec;
-import java.util.List;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.openssl.PEMEncryptedKeyPair;
-import org.bouncycastle.openssl.PEMKeyPair;
-import org.bouncycastle.openssl.PEMParser;
-import org.bouncycastle.openssl.bc.BcPEMDecryptorProvider;
-import org.bouncycastle.openssl.jcajce.JcaMiscPEMGenerator;
-import org.bouncycastle.openssl.jcajce.JcaPEMKeyConverter;
-import org.bouncycastle.openssl.jcajce.JcaPEMWriter;
-import org.bouncycastle.openssl.jcajce.JcePEMDecryptorProviderBuilder;
-import org.bouncycastle.openssl.jcajce.JcePEMEncryptorBuilder;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.io.pem.PemHeader;
-import org.bouncycastle.util.io.pem.PemObject;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class WriterTest
-    extends SimpleTest
-{
-    private static final SecureRandom random = new SecureRandom();
-
-    // TODO Replace with a randomly generated key each test run?
-    private static final RSAPrivateCrtKeySpec testRsaKeySpec = new RSAPrivateCrtKeySpec(
-        new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-        new BigInteger("11", 16),
-        new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
-        new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
-        new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
-        new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
-        new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
-        new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));
-
-    private static final DSAParameterSpec testDsaParams = new DSAParameterSpec(
-        new BigInteger("7434410770759874867539421675728577177024889699586189000788950934679315164676852047058354758883833299702695428196962057871264685291775577130504050839126673"),
-        new BigInteger("1138656671590261728308283492178581223478058193247"),
-        new BigInteger("4182906737723181805517018315469082619513954319976782448649747742951189003482834321192692620856488639629011570381138542789803819092529658402611668375788410"));
-
-    private static final PKCS8EncodedKeySpec testEcDsaKeySpec = new PKCS8EncodedKeySpec(
-        Base64.decode("MIG/AgEAMBAGByqGSM49AgEGBSuBBAAiBIGnMIGkAgEBBDCSBU3vo7ieeKs0ABQamy/ynxlde7Ylr8HmyfLaNnMr" +
-            "jAwPp9R+KMUEhB7zxSAXv9KgBwYFK4EEACKhZANiAQQyyolMpg+TyB4o9kPWqafHIOe8o9K1glus+w2sY8OIPQQWGb5i5LdAyi" +
-            "/SscwU24rZM0yiL3BHodp9ccwyhLrFYgXJUOQcCN2dno1GMols5497in5gL5+zn0yMsRtyv5o=")
-    );
-
-    private static final char[] testPassword = "bouncy".toCharArray();
-
-    private static final String[] algorithms = new String[]
-    {
-        "AES-128-CBC", "AES-128-CFB", "AES-128-ECB", "AES-128-OFB",
-        "AES-192-CBC", "AES-192-CFB", "AES-192-ECB", "AES-192-OFB",
-        "AES-256-CBC", "AES-256-CFB", "AES-256-ECB", "AES-256-OFB",
-        "BF-CBC", "BF-CFB", "BF-ECB", "BF-OFB",
-        "DES-CBC", "DES-CFB", "DES-ECB", "DES-OFB",
-        "DES-EDE", "DES-EDE-CBC", "DES-EDE-CFB", "DES-EDE-ECB", "DES-EDE-OFB",
-        "DES-EDE3", "DES-EDE3-CBC", "DES-EDE3-CFB", "DES-EDE3-ECB", "DES-EDE3-OFB",
-        "RC2-CBC", "RC2-CFB", "RC2-ECB", "RC2-OFB",
-        "RC2-40-CBC",
-        "RC2-64-CBC",
-    };
-
-    public String getName()
-    {
-        return "PEMWriterTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        final String provider = "BC";
-
-        KeyPairGenerator dsaKpg = KeyPairGenerator.getInstance("DSA", provider);
-        dsaKpg.initialize(testDsaParams, random);
-
-        KeyPair dsaKp = dsaKpg.generateKeyPair();
-        PrivateKey testDsaKey = dsaKp.getPrivate();
-
-        doWriteReadTest(testDsaKey, provider);
-        doWriteReadTests(testDsaKey, provider, algorithms);
-
-        KeyFactory fact = KeyFactory.getInstance("RSA", provider);
-        PrivateKey testRsaKey = fact.generatePrivate(testRsaKeySpec);
-
-        doWriteReadTest(testRsaKey, provider);
-        doWriteReadTests(testRsaKey, provider, algorithms);
-
-        fact = KeyFactory.getInstance("ECDSA", provider);
-        PrivateKey testEcDsaKey = fact.generatePrivate(testEcDsaKeySpec);
-
-        doWriteReadTest(testEcDsaKey, provider);
-        doWriteReadTests(testEcDsaKey, provider, algorithms);
-
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("ECDSA", "BC");
-
-        kpGen.initialize(239);
-
-        PrivateKey privKey = kpGen.generateKeyPair().getPrivate();
-
-        doWriteReadTest(privKey, provider);
-        doWriteReadTests(privKey, "BC", algorithms);
-
-        // override test
-        JcaPEMWriter pWrt = new JcaPEMWriter(new OutputStreamWriter(new ByteArrayOutputStream()));
-
-        Object o = new PemObject("FRED", new byte[100]);
-        pWrt.writeObject(o);
-
-        pWrt.close();
-    }
-
-    private void doWriteReadTests(
-        PrivateKey  akp,
-        String      provider,
-        String[]    algorithms)
-        throws IOException
-    {
-        for (int i = 0; i < algorithms.length; ++i)
-        {
-            doWriteReadTest(akp, provider, algorithms[i]);
-        }
-    }
-
-    private void doWriteReadTest(
-        PrivateKey  akp,
-        String      provider)
-        throws IOException
-    {
-        StringWriter sw = new StringWriter();
-        JcaPEMWriter pw = new JcaPEMWriter(sw);
-
-        pw.writeObject(akp);
-        pw.close();
-
-        String data = sw.toString();
-
-        PEMParser pr = new PEMParser(new StringReader(data));
-
-        Object o = pr.readObject();
-
-        if (o == null || !(o instanceof PEMKeyPair))
-        {
-            fail("Didn't find OpenSSL key");
-        }
-
-        KeyPair kp = new JcaPEMKeyConverter().setProvider("BC").getKeyPair((PEMKeyPair)o);
-        PrivateKey privKey = kp.getPrivate();
-
-        if (!akp.equals(privKey))
-        {
-            fail("Failed to read back test");
-        }
-    }
-
-    private void doWriteReadTest(
-        PrivateKey  akp,
-        String      provider,
-        String      algorithm)
-        throws IOException
-    {
-        StringWriter sw = new StringWriter();
-        JcaPEMWriter pw = new JcaPEMWriter(sw);
-
-        pw.writeObject(new JcaMiscPEMGenerator(akp, new JcePEMEncryptorBuilder(algorithm).setSecureRandom(random).build(testPassword)));
-        pw.close();
-
-        String data = sw.toString();
-
-        PEMParser pRaw = new PEMParser(new StringReader(data));
-        PemObject pemObject = pRaw.readPemObject();
-
-        List headers = pemObject.getHeaders();
-
-        for (int i = 0; i != headers.size(); i++)
-        {
-            PemHeader pemH = (PemHeader)headers.get(i);
-
-            if (pemH.getName().equals("DEK-Info"))
-            {
-                String v = pemH.getValue();
-                for (int j = 0; j != v.length(); j++)
-                {
-                    if (v.charAt(j) >= 'a' && v.charAt(j) <= 'f')
-                    {
-                        fail("lower case detected in DEK-Info: " + v);
-                    }
-                }
-            }
-        }
-
-        PEMParser pr = new PEMParser(new StringReader(data));
-
-        Object o = pr.readObject();
-
-        if (o == null || !(o instanceof PEMEncryptedKeyPair))
-        {
-            fail("Didn't find OpenSSL key");
-        }
-
-        KeyPair kp = new JcaPEMKeyConverter().setProvider("BC").getKeyPair(((PEMEncryptedKeyPair)o).decryptKeyPair(new JcePEMDecryptorProviderBuilder().setProvider("BC").build(testPassword)));
-        PrivateKey privKey = kp.getPrivate();
-
-        if (!akp.equals(privKey))
-        {
-            fail("Failed to read back test key encoded with: " + algorithm);
-        }
-
-        kp = new JcaPEMKeyConverter().setProvider("BC").getKeyPair(((PEMEncryptedKeyPair)o).decryptKeyPair(new BcPEMDecryptorProvider(testPassword)));
-        privKey = kp.getPrivate();
-
-        if (!akp.equals(privKey))
-        {
-            fail("BC failed to read back test key encoded with: " + algorithm);
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new WriterTest());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/openssl/test/package.html b/bcpkix/src/main/java/org/bouncycastle/openssl/test/package.html
deleted file mode 100644
index cdc329a..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/openssl/test/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Test classes for the OpenSSL PEMReader.
-</body>
-</html>

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/AlgorithmNameFinder.java b/bcpkix/src/main/java/org/bouncycastle/operator/AlgorithmNameFinder.java
deleted file mode 100644
index bacb359..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/AlgorithmNameFinder.java
+++ /dev/null

@@ -1,35 +0,0 @@
-package org.bouncycastle.operator;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * General finder for converting OIDs and AlgorithmIdentifiers into strings.
- */
-public interface AlgorithmNameFinder
-{
-    /**
-     * Return true if the passed in objectIdentifier has a "human friendly" name associated with it.
-     *
-     * @param objectIdentifier the OID of interest.
-     * @return true if a name lookup exists for the OID, false otherwise.
-     */
-    boolean hasAlgorithmName(ASN1ObjectIdentifier objectIdentifier);
-
-    /**
-     * Return a string representation of the passed in objectIdentifier.
-     *
-     * @param objectIdentifier the OID of interest.
-     * @return a "human friendly" representation of the OID, the OID as a string if none available.
-     */
-    String getAlgorithmName(ASN1ObjectIdentifier objectIdentifier);
-
-    /**
-     * Return a string representation of the passed in AlgorithmIdentifier, based on the OID in the AlgorithmField, with the parameters
-     * included where appropriate.
-     *
-     * @param algorithmIdentifier the AlgorithmIdentifier of interest.
-     * @return a "human friendly" representation of the algorithmIdentifier, the identifiers OID as a string if none available.
-     */
-    String getAlgorithmName(AlgorithmIdentifier algorithmIdentifier);
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/AsymmetricKeyUnwrapper.java b/bcpkix/src/main/java/org/bouncycastle/operator/AsymmetricKeyUnwrapper.java
deleted file mode 100644
index 3c3aa2f..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/AsymmetricKeyUnwrapper.java
+++ /dev/null

@@ -1,19 +0,0 @@
-package org.bouncycastle.operator;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-public abstract class AsymmetricKeyUnwrapper
-    implements KeyUnwrapper
-{
-    private AlgorithmIdentifier algorithmId;
-
-    protected AsymmetricKeyUnwrapper(AlgorithmIdentifier algorithmId)
-    {
-        this.algorithmId = algorithmId;
-    }
-
-    public AlgorithmIdentifier getAlgorithmIdentifier()
-    {
-        return algorithmId;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/AsymmetricKeyWrapper.java b/bcpkix/src/main/java/org/bouncycastle/operator/AsymmetricKeyWrapper.java
deleted file mode 100644
index 27af719..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/AsymmetricKeyWrapper.java
+++ /dev/null

@@ -1,19 +0,0 @@
-package org.bouncycastle.operator;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-public abstract class AsymmetricKeyWrapper
-    implements KeyWrapper
-{
-    private AlgorithmIdentifier algorithmId;
-
-    protected AsymmetricKeyWrapper(AlgorithmIdentifier algorithmId)
-    {
-        this.algorithmId = algorithmId;
-    }
-
-    public AlgorithmIdentifier getAlgorithmIdentifier()
-    {
-        return algorithmId;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/BufferingContentSigner.java b/bcpkix/src/main/java/org/bouncycastle/operator/BufferingContentSigner.java
deleted file mode 100644
index d174367..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/BufferingContentSigner.java
+++ /dev/null

@@ -1,70 +0,0 @@
-package org.bouncycastle.operator;
-
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.io.BufferingOutputStream;
-
-/**
- * A class that explicitly buffers the data to be signed, sending it in one
- * block when ready for signing.
- */
-public class BufferingContentSigner
-    implements ContentSigner
-{
-    private final ContentSigner contentSigner;
-    private final OutputStream  output;
-
-    /**
-     * Base constructor.
-     *
-     * @param contentSigner the content signer to be wrapped.
-     */
-    public BufferingContentSigner(ContentSigner contentSigner)
-    {
-        this.contentSigner = contentSigner;
-        this.output = new BufferingOutputStream(contentSigner.getOutputStream());
-    }
-
-    /**
-     * Base constructor.
-     *
-     * @param contentSigner the content signer to be wrapped.
-     * @param bufferSize the size of the internal buffer to use.
-     */
-    public BufferingContentSigner(ContentSigner contentSigner, int bufferSize)
-    {
-        this.contentSigner = contentSigner;
-        this.output = new BufferingOutputStream(contentSigner.getOutputStream(), bufferSize);
-    }
-
-    /**
-     * Return the algorithm identifier supported by this signer.
-     *
-     * @return algorithm identifier for the signature generated.
-     */
-    public AlgorithmIdentifier getAlgorithmIdentifier()
-    {
-        return contentSigner.getAlgorithmIdentifier();
-    }
-
-    /**
-     * Return the buffering stream.
-     *
-     * @return the output stream used to accumulate the data.
-     */
-    public OutputStream getOutputStream()
-    {
-        return output;
-    }
-
-    /**
-     * Generate signature from internally buffered data.
-     *
-     * @return the signature calculated from the bytes written to the buffering stream.
-     */
-    public byte[] getSignature()
-    {
-        return contentSigner.getSignature();
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/DefaultAlgorithmNameFinder.java b/bcpkix/src/main/java/org/bouncycastle/operator/DefaultAlgorithmNameFinder.java
deleted file mode 100644
index ad9f5b6..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/DefaultAlgorithmNameFinder.java
+++ /dev/null

@@ -1,164 +0,0 @@
-package org.bouncycastle.operator;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
-import org.bouncycastle.asn1.gnu.GNUObjectIdentifiers;
-import org.bouncycastle.asn1.kisa.KISAObjectIdentifiers;
-import org.bouncycastle.asn1.misc.MiscObjectIdentifiers;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-
-public class DefaultAlgorithmNameFinder
-    implements AlgorithmNameFinder
-{
-    private final static Map algorithms = new HashMap();
-
-    static
-    {
-        algorithms.put(BSIObjectIdentifiers.ecdsa_plain_RIPEMD160, "RIPEMD160WITHPLAIN-ECDSA");
-        algorithms.put(BSIObjectIdentifiers.ecdsa_plain_SHA1, "SHA1WITHPLAIN-ECDSA");
-        algorithms.put(BSIObjectIdentifiers.ecdsa_plain_SHA224, "SHA224WITHPLAIN-ECDSA");
-        algorithms.put(BSIObjectIdentifiers.ecdsa_plain_SHA256, "SHA256WITHPLAIN-ECDSA");
-        algorithms.put(BSIObjectIdentifiers.ecdsa_plain_SHA384, "SHA384WITHPLAIN-ECDSA");
-        algorithms.put(BSIObjectIdentifiers.ecdsa_plain_SHA512, "SHA512WITHPLAIN-ECDSA");
-        algorithms.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410");
-        algorithms.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410-2001");
-        algorithms.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHGOST3410-2001");
-        algorithms.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410");
-        algorithms.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410-94");
-        algorithms.put(CryptoProObjectIdentifiers.gostR3411, "GOST3411");
-        algorithms.put(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256, "GOST3411WITHGOST3410-2012-256");
-        algorithms.put(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512, "GOST3411WITHGOST3410-2012-512");
-        algorithms.put(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256, "GOST3411WITHECGOST3410-2012-256");
-        algorithms.put(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512, "GOST3411WITHECGOST3410-2012-512");
-        algorithms.put(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256, "GOST3411-2012-256WITHGOST3410-2012-256");
-        algorithms.put(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512, "GOST3411-2012-512WITHGOST3410-2012-512");
-        algorithms.put(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256, "GOST3411-2012-256WITHECGOST3410-2012-256");
-        algorithms.put(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512, "GOST3411-2012-512WITHECGOST3410-2012-512");
-        algorithms.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_1, "SHA1WITHCVC-ECDSA");
-        algorithms.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_224, "SHA224WITHCVC-ECDSA");
-        algorithms.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_256, "SHA256WITHCVC-ECDSA");
-        algorithms.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_384, "SHA384WITHCVC-ECDSA");
-        algorithms.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_512, "SHA512WITHCVC-ECDSA");
-
-        algorithms.put(NISTObjectIdentifiers.id_sha224, "SHA224");
-        algorithms.put(NISTObjectIdentifiers.id_sha256, "SHA256");
-        algorithms.put(NISTObjectIdentifiers.id_sha384, "SHA384");
-        algorithms.put(NISTObjectIdentifiers.id_sha512, "SHA512");
-        algorithms.put(NISTObjectIdentifiers.id_sha3_224, "SHA3-224");
-        algorithms.put(NISTObjectIdentifiers.id_sha3_256, "SHA3-256");
-        algorithms.put(NISTObjectIdentifiers.id_sha3_384, "SHA3-384");
-        algorithms.put(NISTObjectIdentifiers.id_sha3_512, "SHA3-512");
-        algorithms.put(OIWObjectIdentifiers.elGamalAlgorithm, "ELGAMAL");
-        algorithms.put(OIWObjectIdentifiers.idSHA1, "SHA1");
-        algorithms.put(OIWObjectIdentifiers.md5WithRSA, "MD5WITHRSA");
-        algorithms.put(OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA");
-        algorithms.put(PKCSObjectIdentifiers.id_RSAES_OAEP, "RSAOAEP");
-        algorithms.put(PKCSObjectIdentifiers.id_RSASSA_PSS, "RSAPSS");
-        algorithms.put(PKCSObjectIdentifiers.md2WithRSAEncryption, "MD2WITHRSA");
-        algorithms.put(PKCSObjectIdentifiers.md5, "MD5");
-        algorithms.put(PKCSObjectIdentifiers.md5WithRSAEncryption, "MD5WITHRSA");
-        algorithms.put(PKCSObjectIdentifiers.rsaEncryption, "RSA");
-        algorithms.put(PKCSObjectIdentifiers.sha1WithRSAEncryption, "SHA1WITHRSA");
-        algorithms.put(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224WITHRSA");
-        algorithms.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256WITHRSA");
-        algorithms.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384WITHRSA");
-        algorithms.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512WITHRSA");
-        algorithms.put(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224, "SHA3-224WITHRSA");
-        algorithms.put(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256, "SHA3-256WITHRSA");
-        algorithms.put(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384, "SHA3-384WITHRSA");
-        algorithms.put(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512, "SHA3-512WITHRSA");
-        algorithms.put(TeleTrusTObjectIdentifiers.ripemd128, "RIPEMD128");
-        algorithms.put(TeleTrusTObjectIdentifiers.ripemd160, "RIPEMD160");
-        algorithms.put(TeleTrusTObjectIdentifiers.ripemd256, "RIPEMD256");
-        algorithms.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128, "RIPEMD128WITHRSA");
-        algorithms.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160, "RIPEMD160WITHRSA");
-        algorithms.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256, "RIPEMD256WITHRSA");
-        algorithms.put(X9ObjectIdentifiers.ecdsa_with_SHA1, "ECDSAWITHSHA1");
-        algorithms.put(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1WITHECDSA");
-        algorithms.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA");
-        algorithms.put(X9ObjectIdentifiers.ecdsa_with_SHA256, "SHA256WITHECDSA");
-        algorithms.put(X9ObjectIdentifiers.ecdsa_with_SHA384, "SHA384WITHECDSA");
-        algorithms.put(X9ObjectIdentifiers.ecdsa_with_SHA512, "SHA512WITHECDSA");
-        algorithms.put(NISTObjectIdentifiers.id_ecdsa_with_sha3_224, "SHA3-224WITHECDSA");
-        algorithms.put(NISTObjectIdentifiers.id_ecdsa_with_sha3_256, "SHA3-256WITHECDSA");
-        algorithms.put(NISTObjectIdentifiers.id_ecdsa_with_sha3_384, "SHA3-384WITHECDSA");
-        algorithms.put(NISTObjectIdentifiers.id_ecdsa_with_sha3_512, "SHA3-512WITHECDSA");
-        algorithms.put(X9ObjectIdentifiers.id_dsa_with_sha1, "SHA1WITHDSA");
-        algorithms.put(NISTObjectIdentifiers.dsa_with_sha224, "SHA224WITHDSA");
-        algorithms.put(NISTObjectIdentifiers.dsa_with_sha256, "SHA256WITHDSA");
-        algorithms.put(NISTObjectIdentifiers.dsa_with_sha384, "SHA384WITHDSA");
-        algorithms.put(NISTObjectIdentifiers.dsa_with_sha512, "SHA512WITHDSA");
-        algorithms.put(NISTObjectIdentifiers.id_dsa_with_sha3_224, "SHA3-224WITHDSA");
-        algorithms.put(NISTObjectIdentifiers.id_dsa_with_sha3_256, "SHA3-256WITHDSA");
-        algorithms.put(NISTObjectIdentifiers.id_dsa_with_sha3_384, "SHA3-384WITHDSA");
-        algorithms.put(NISTObjectIdentifiers.id_dsa_with_sha3_512, "SHA3-512WITHDSA");
-        algorithms.put(GNUObjectIdentifiers.Tiger_192, "Tiger");
-
-        algorithms.put(PKCSObjectIdentifiers.RC2_CBC, "RC2/CBC");
-        algorithms.put(PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE-3KEY/CBC");
-        algorithms.put(NISTObjectIdentifiers.id_aes128_ECB, "AES-128/ECB");
-        algorithms.put(NISTObjectIdentifiers.id_aes192_ECB, "AES-192/ECB");
-        algorithms.put(NISTObjectIdentifiers.id_aes256_ECB, "AES-256/ECB");
-        algorithms.put(NISTObjectIdentifiers.id_aes128_CBC, "AES-128/CBC");
-        algorithms.put(NISTObjectIdentifiers.id_aes192_CBC, "AES-192/CBC");
-        algorithms.put(NISTObjectIdentifiers.id_aes256_CBC, "AES-256/CBC");
-        algorithms.put(NISTObjectIdentifiers.id_aes128_CFB, "AES-128/CFB");
-        algorithms.put(NISTObjectIdentifiers.id_aes192_CFB, "AES-192/CFB");
-        algorithms.put(NISTObjectIdentifiers.id_aes256_CFB, "AES-256/CFB");
-        algorithms.put(NISTObjectIdentifiers.id_aes128_OFB, "AES-128/OFB");
-        algorithms.put(NISTObjectIdentifiers.id_aes192_OFB, "AES-192/OFB");
-        algorithms.put(NISTObjectIdentifiers.id_aes256_OFB, "AES-256/OFB");
-        algorithms.put(NTTObjectIdentifiers.id_camellia128_cbc, "CAMELLIA-128/CBC");
-        algorithms.put(NTTObjectIdentifiers.id_camellia192_cbc, "CAMELLIA-192/CBC");
-        algorithms.put(NTTObjectIdentifiers.id_camellia256_cbc, "CAMELLIA-256/CBC");
-        algorithms.put(KISAObjectIdentifiers.id_seedCBC, "SEED/CBC");
-        algorithms.put(MiscObjectIdentifiers.as_sys_sec_alg_ideaCBC, "IDEA/CBC");
-        algorithms.put(MiscObjectIdentifiers.cast5CBC, "CAST5/CBC");
-        algorithms.put(MiscObjectIdentifiers.cryptlib_algorithm_blowfish_ECB, "Blowfish/ECB");
-        algorithms.put(MiscObjectIdentifiers.cryptlib_algorithm_blowfish_CBC, "Blowfish/CBC");
-        algorithms.put(MiscObjectIdentifiers.cryptlib_algorithm_blowfish_CFB, "Blowfish/CFB");
-        algorithms.put(MiscObjectIdentifiers.cryptlib_algorithm_blowfish_OFB, "Blowfish/OFB");
-        algorithms.put(GNUObjectIdentifiers.Serpent_128_ECB, "Serpent-128/ECB");
-        algorithms.put(GNUObjectIdentifiers.Serpent_128_CBC, "Serpent-128/CBC");
-        algorithms.put(GNUObjectIdentifiers.Serpent_128_CFB, "Serpent-128/CFB");
-        algorithms.put(GNUObjectIdentifiers.Serpent_128_OFB, "Serpent-128/OFB");
-        algorithms.put(GNUObjectIdentifiers.Serpent_192_ECB, "Serpent-192/ECB");
-        algorithms.put(GNUObjectIdentifiers.Serpent_192_CBC, "Serpent-192/CBC");
-        algorithms.put(GNUObjectIdentifiers.Serpent_192_CFB, "Serpent-192/CFB");
-        algorithms.put(GNUObjectIdentifiers.Serpent_192_OFB, "Serpent-192/OFB");
-        algorithms.put(GNUObjectIdentifiers.Serpent_256_ECB, "Serpent-256/ECB");
-        algorithms.put(GNUObjectIdentifiers.Serpent_256_CBC, "Serpent-256/CBC");
-        algorithms.put(GNUObjectIdentifiers.Serpent_256_CFB, "Serpent-256/CFB");
-        algorithms.put(GNUObjectIdentifiers.Serpent_256_OFB, "Serpent-256/OFB");
-    }
-
-    public boolean hasAlgorithmName(ASN1ObjectIdentifier objectIdentifier)
-    {
-        return algorithms.containsKey(objectIdentifier);
-    }
-
-    public String getAlgorithmName(ASN1ObjectIdentifier objectIdentifier)
-    {
-        String name = (String)algorithms.get(objectIdentifier);
-
-        return (name != null) ? name : objectIdentifier.getId();
-    }
-
-    public String getAlgorithmName(AlgorithmIdentifier algorithmIdentifier)
-    {
-        // TODO: take into account PSS/OAEP params
-        return getAlgorithmName(algorithmIdentifier.getAlgorithm());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/DefaultDigestAlgorithmIdentifierFinder.java b/bcpkix/src/main/java/org/bouncycastle/operator/DefaultDigestAlgorithmIdentifierFinder.java
index 98fdbad..b7c4768 100644
--- a/bcpkix/src/main/java/org/bouncycastle/operator/DefaultDigestAlgorithmIdentifierFinder.java
+++ b/bcpkix/src/main/java/org/bouncycastle/operator/DefaultDigestAlgorithmIdentifierFinder.java

@@ -5,17 +5,18 @@
 
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
 import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.bc.BCObjectIdentifiers;
-import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
-import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.bc.BCObjectIdentifiers;
+// import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
+// import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.RSASSAPSSparams;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+// import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
 import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
 
@@ -30,16 +31,20 @@
         //
         // digests
         //
-        digestOids.put(OIWObjectIdentifiers.md4WithRSAEncryption, PKCSObjectIdentifiers.md4);
-        digestOids.put(OIWObjectIdentifiers.md4WithRSA, PKCSObjectIdentifiers.md4);
+        // BEGIN Android-removed: Unsupported algorithms
+        // digestOids.put(OIWObjectIdentifiers.md4WithRSAEncryption, PKCSObjectIdentifiers.md4);
+        // digestOids.put(OIWObjectIdentifiers.md4WithRSA, PKCSObjectIdentifiers.md4);
+        // END Android-removed: Unsupported algorithms
         digestOids.put(OIWObjectIdentifiers.sha1WithRSA, OIWObjectIdentifiers.idSHA1);
 
         digestOids.put(PKCSObjectIdentifiers.sha224WithRSAEncryption, NISTObjectIdentifiers.id_sha224);
         digestOids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, NISTObjectIdentifiers.id_sha256);
         digestOids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, NISTObjectIdentifiers.id_sha384);
         digestOids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, NISTObjectIdentifiers.id_sha512);
-        digestOids.put(PKCSObjectIdentifiers.md2WithRSAEncryption, PKCSObjectIdentifiers.md2);
-        digestOids.put(PKCSObjectIdentifiers.md4WithRSAEncryption, PKCSObjectIdentifiers.md4);
+        // BEGIN Android-removed: Unsupported algorithms
+        // digestOids.put(PKCSObjectIdentifiers.md2WithRSAEncryption, PKCSObjectIdentifiers.md2);
+        // digestOids.put(PKCSObjectIdentifiers.md4WithRSAEncryption, PKCSObjectIdentifiers.md4);
+        // END Android-removed: Unsupported algorithms
         digestOids.put(PKCSObjectIdentifiers.md5WithRSAEncryption, PKCSObjectIdentifiers.md5);
         digestOids.put(PKCSObjectIdentifiers.sha1WithRSAEncryption, OIWObjectIdentifiers.idSHA1);
 
@@ -50,6 +55,8 @@
         digestOids.put(X9ObjectIdentifiers.ecdsa_with_SHA512, NISTObjectIdentifiers.id_sha512);
         digestOids.put(X9ObjectIdentifiers.id_dsa_with_sha1, OIWObjectIdentifiers.idSHA1);
 
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         digestOids.put(BSIObjectIdentifiers.ecdsa_plain_SHA1, OIWObjectIdentifiers.idSHA1);
         digestOids.put(BSIObjectIdentifiers.ecdsa_plain_SHA224, NISTObjectIdentifiers.id_sha224);
         digestOids.put(BSIObjectIdentifiers.ecdsa_plain_SHA256, NISTObjectIdentifiers.id_sha256);
@@ -62,12 +69,16 @@
         digestOids.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_256, NISTObjectIdentifiers.id_sha256);
         digestOids.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_384, NISTObjectIdentifiers.id_sha384);
         digestOids.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_512, NISTObjectIdentifiers.id_sha512);
+        */
+        // END Android-removed: Unsupported algorithms
 
         digestOids.put(NISTObjectIdentifiers.dsa_with_sha224, NISTObjectIdentifiers.id_sha224);
         digestOids.put(NISTObjectIdentifiers.dsa_with_sha256, NISTObjectIdentifiers.id_sha256);
         digestOids.put(NISTObjectIdentifiers.dsa_with_sha384, NISTObjectIdentifiers.id_sha384);
         digestOids.put(NISTObjectIdentifiers.dsa_with_sha512, NISTObjectIdentifiers.id_sha512);
 
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         digestOids.put(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224, NISTObjectIdentifiers.id_sha3_224);
         digestOids.put(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256, NISTObjectIdentifiers.id_sha3_256);
         digestOids.put(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384, NISTObjectIdentifiers.id_sha3_384);
@@ -94,12 +105,16 @@
         digestOids.put(BCObjectIdentifiers.sphincs256_with_SHA512, NISTObjectIdentifiers.id_sha512);
 
         digestOids.put(GMObjectIdentifiers.sm2sign_with_sm3, GMObjectIdentifiers.sm3);
-        
+        */
+        // END Android-removed: Unsupported algorithms
+
         digestNameToOids.put("SHA-1", OIWObjectIdentifiers.idSHA1);
         digestNameToOids.put("SHA-224", NISTObjectIdentifiers.id_sha224);
         digestNameToOids.put("SHA-256", NISTObjectIdentifiers.id_sha256);
         digestNameToOids.put("SHA-384", NISTObjectIdentifiers.id_sha384);
         digestNameToOids.put("SHA-512", NISTObjectIdentifiers.id_sha512);
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         digestNameToOids.put("SHA-512-224", NISTObjectIdentifiers.id_sha512_224);
         digestNameToOids.put("SHA-512-256", NISTObjectIdentifiers.id_sha512_256);
 
@@ -125,13 +140,19 @@
 
         digestNameToOids.put("MD2", PKCSObjectIdentifiers.md2);
         digestNameToOids.put("MD4", PKCSObjectIdentifiers.md4);
+        */
+        // END Android-removed: Unsupported algorithms
         digestNameToOids.put("MD5", PKCSObjectIdentifiers.md5);
 
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         digestNameToOids.put("RIPEMD128", TeleTrusTObjectIdentifiers.ripemd128);
         digestNameToOids.put("RIPEMD160", TeleTrusTObjectIdentifiers.ripemd160);
         digestNameToOids.put("RIPEMD256", TeleTrusTObjectIdentifiers.ripemd256);
 
         digestNameToOids.put("SM3", GMObjectIdentifiers.sm3);
+        */
+        // END Android-removed: Unsupported algorithms
     }
 
     public AlgorithmIdentifier find(AlgorithmIdentifier sigAlgId)

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/DefaultSecretKeySizeProvider.java b/bcpkix/src/main/java/org/bouncycastle/operator/DefaultSecretKeySizeProvider.java
deleted file mode 100644
index 9366086..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/DefaultSecretKeySizeProvider.java
+++ /dev/null

@@ -1,92 +0,0 @@
-package org.bouncycastle.operator;
-
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.kisa.KISAObjectIdentifiers;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.Integers;
-
-public class DefaultSecretKeySizeProvider
-    implements SecretKeySizeProvider
-{
-    public static final SecretKeySizeProvider INSTANCE = new DefaultSecretKeySizeProvider();
-
-    private static final Map KEY_SIZES;
-
-    static
-    {
-        Map keySizes = new HashMap();
-
-        keySizes.put(new ASN1ObjectIdentifier("1.2.840.113533.7.66.10"), Integers.valueOf(128));
-
-        keySizes.put(PKCSObjectIdentifiers.des_EDE3_CBC, Integers.valueOf(192));
-        keySizes.put(PKCSObjectIdentifiers.id_alg_CMS3DESwrap, Integers.valueOf(192));
-        keySizes.put(PKCSObjectIdentifiers.des_EDE3_CBC, Integers.valueOf(192));
-
-        keySizes.put(PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, Integers.valueOf(64));
-        keySizes.put(PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, Integers.valueOf(64));
-
-        keySizes.put(NISTObjectIdentifiers.id_aes128_CBC, Integers.valueOf(128));
-        keySizes.put(NISTObjectIdentifiers.id_aes192_CBC, Integers.valueOf(192));
-        keySizes.put(NISTObjectIdentifiers.id_aes256_CBC, Integers.valueOf(256));
-        keySizes.put(NISTObjectIdentifiers.id_aes128_GCM, Integers.valueOf(128));
-        keySizes.put(NISTObjectIdentifiers.id_aes192_GCM, Integers.valueOf(192));
-        keySizes.put(NISTObjectIdentifiers.id_aes256_GCM, Integers.valueOf(256));
-        keySizes.put(NISTObjectIdentifiers.id_aes128_CCM, Integers.valueOf(128));
-        keySizes.put(NISTObjectIdentifiers.id_aes192_CCM, Integers.valueOf(192));
-        keySizes.put(NISTObjectIdentifiers.id_aes256_CCM, Integers.valueOf(256));
-        keySizes.put(NISTObjectIdentifiers.id_aes128_wrap, Integers.valueOf(128));
-        keySizes.put(NISTObjectIdentifiers.id_aes192_wrap, Integers.valueOf(192));
-        keySizes.put(NISTObjectIdentifiers.id_aes256_wrap, Integers.valueOf(256));
-
-        keySizes.put(NTTObjectIdentifiers.id_camellia128_cbc, Integers.valueOf(128));
-        keySizes.put(NTTObjectIdentifiers.id_camellia192_cbc, Integers.valueOf(192));
-        keySizes.put(NTTObjectIdentifiers.id_camellia256_cbc, Integers.valueOf(256));
-        keySizes.put(NTTObjectIdentifiers.id_camellia128_wrap, Integers.valueOf(128));
-        keySizes.put(NTTObjectIdentifiers.id_camellia192_wrap, Integers.valueOf(192));
-        keySizes.put(NTTObjectIdentifiers.id_camellia256_wrap, Integers.valueOf(256));
-
-        keySizes.put(KISAObjectIdentifiers.id_seedCBC, Integers.valueOf(128));
-
-        keySizes.put(OIWObjectIdentifiers.desCBC, Integers.valueOf(64));
-
-        keySizes.put(CryptoProObjectIdentifiers.gostR28147_gcfb, Integers.valueOf(256));
-
-        KEY_SIZES = Collections.unmodifiableMap(keySizes);
-    }
-
-    public int getKeySize(AlgorithmIdentifier algorithmIdentifier)
-    {
-        int keySize = getKeySize(algorithmIdentifier.getAlgorithm());
-
-        // just need the OID
-        if (keySize > 0)
-        {
-            return keySize;
-        }
-
-        // TODO: support OID/Parameter key sizes (e.g. RC2).
-
-        return -1;
-    }
-
-    public int getKeySize(ASN1ObjectIdentifier algorithm)
-    {
-        Integer keySize = (Integer)KEY_SIZES.get(algorithm);
-
-        if (keySize != null)
-        {
-            return keySize.intValue();
-        }
-
-        return -1;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/DefaultSignatureAlgorithmIdentifierFinder.java b/bcpkix/src/main/java/org/bouncycastle/operator/DefaultSignatureAlgorithmIdentifierFinder.java
index d81ecca..cf23be3 100644
--- a/bcpkix/src/main/java/org/bouncycastle/operator/DefaultSignatureAlgorithmIdentifierFinder.java
+++ b/bcpkix/src/main/java/org/bouncycastle/operator/DefaultSignatureAlgorithmIdentifierFinder.java

@@ -9,17 +9,18 @@
 import org.bouncycastle.asn1.ASN1Integer;
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
 import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.bc.BCObjectIdentifiers;
-import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
-import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.bc.BCObjectIdentifiers;
+// import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
+// import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.RSASSAPSSparams;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+// import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
 import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
 import org.bouncycastle.util.Strings;
@@ -37,15 +38,19 @@
     private static final ASN1ObjectIdentifier ENCRYPTION_DSA = X9ObjectIdentifiers.id_dsa_with_sha1;
     private static final ASN1ObjectIdentifier ENCRYPTION_ECDSA = X9ObjectIdentifiers.ecdsa_with_SHA1;
     private static final ASN1ObjectIdentifier ENCRYPTION_RSA_PSS = PKCSObjectIdentifiers.id_RSASSA_PSS;
-    private static final ASN1ObjectIdentifier ENCRYPTION_GOST3410 = CryptoProObjectIdentifiers.gostR3410_94;
-    private static final ASN1ObjectIdentifier ENCRYPTION_ECGOST3410 = CryptoProObjectIdentifiers.gostR3410_2001;
-    private static final ASN1ObjectIdentifier ENCRYPTION_ECGOST3410_2012_256 = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256;
-    private static final ASN1ObjectIdentifier ENCRYPTION_ECGOST3410_2012_512 = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512;
+    // BEGIN Android-removed: Unsupported algorithms
+    // private static final ASN1ObjectIdentifier ENCRYPTION_GOST3410 = CryptoProObjectIdentifiers.gostR3410_94;
+    // private static final ASN1ObjectIdentifier ENCRYPTION_ECGOST3410 = CryptoProObjectIdentifiers.gostR3410_2001;
+    // private static final ASN1ObjectIdentifier ENCRYPTION_ECGOST3410_2012_256 = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256;
+    // private static final ASN1ObjectIdentifier ENCRYPTION_ECGOST3410_2012_512 = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512;
+    // END Android-removed: Unsupported algorithms
 
     static
     {
-        algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption);
-        algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption);
+        // BEGIN Android-removed: Unsupported algorithms
+        // algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption);
+        // algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption);
+        // END Android-removed: Unsupported algorithms
         algorithms.put("MD5WITHRSAENCRYPTION", PKCSObjectIdentifiers.md5WithRSAEncryption);
         algorithms.put("MD5WITHRSA", PKCSObjectIdentifiers.md5WithRSAEncryption);
         algorithms.put("SHA1WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha1WithRSAEncryption);
@@ -63,6 +68,8 @@
         algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
         algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
         algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         algorithms.put("SHA3-224WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
         algorithms.put("SHA3-256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
         algorithms.put("SHA3-384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
@@ -73,12 +80,16 @@
         algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
         algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
         algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
+        */
+        // END Android-removed: Unsupported algorithms
         algorithms.put("SHA1WITHDSA", X9ObjectIdentifiers.id_dsa_with_sha1);
         algorithms.put("DSAWITHSHA1", X9ObjectIdentifiers.id_dsa_with_sha1);
         algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224);
         algorithms.put("SHA256WITHDSA", NISTObjectIdentifiers.dsa_with_sha256);
         algorithms.put("SHA384WITHDSA", NISTObjectIdentifiers.dsa_with_sha384);
         algorithms.put("SHA512WITHDSA", NISTObjectIdentifiers.dsa_with_sha512);
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         algorithms.put("SHA3-224WITHDSA", NISTObjectIdentifiers.id_dsa_with_sha3_224);
         algorithms.put("SHA3-256WITHDSA", NISTObjectIdentifiers.id_dsa_with_sha3_256);
         algorithms.put("SHA3-384WITHDSA", NISTObjectIdentifiers.id_dsa_with_sha3_384);
@@ -95,12 +106,17 @@
         algorithms.put("SHA3-256WITHRSAENCRYPTION", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256);
         algorithms.put("SHA3-384WITHRSAENCRYPTION", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384);
         algorithms.put("SHA3-512WITHRSAENCRYPTION", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512);
+        */
+        // END Android-removed: Unsupported algorithms
         algorithms.put("SHA1WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA1);
         algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1);
         algorithms.put("SHA224WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224);
         algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256);
         algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384);
         algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512);
+
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
         algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
         algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
@@ -164,6 +180,8 @@
         algorithms.put("QTESLA-III-SPEED", BCObjectIdentifiers.qTESLA_III_speed);
         algorithms.put("QTESLA-P-I", BCObjectIdentifiers.qTESLA_p_I);
         algorithms.put("QTESLA-P-III", BCObjectIdentifiers.qTESLA_p_III);
+        */
+        // END Android-removed: Unsupported algorithms
 
         //
         // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field.
@@ -179,6 +197,8 @@
         noParams.add(NISTObjectIdentifiers.dsa_with_sha256);
         noParams.add(NISTObjectIdentifiers.dsa_with_sha384);
         noParams.add(NISTObjectIdentifiers.dsa_with_sha512);
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         noParams.add(NISTObjectIdentifiers.id_dsa_with_sha3_224);
         noParams.add(NISTObjectIdentifiers.id_dsa_with_sha3_256);
         noParams.add(NISTObjectIdentifiers.id_dsa_with_sha3_384);
@@ -236,6 +256,8 @@
         // SM2
         //
         noParams.add(GMObjectIdentifiers.sm2sign_with_sm3);
+        */
+        // END Android-removed: Unsupported algorithms
 
         //
         // PKCS 1.5 encrypted  algorithms
@@ -245,6 +267,8 @@
         pkcs15RsaEncryption.add(PKCSObjectIdentifiers.sha256WithRSAEncryption);
         pkcs15RsaEncryption.add(PKCSObjectIdentifiers.sha384WithRSAEncryption);
         pkcs15RsaEncryption.add(PKCSObjectIdentifiers.sha512WithRSAEncryption);
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         pkcs15RsaEncryption.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
         pkcs15RsaEncryption.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
         pkcs15RsaEncryption.add(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
@@ -252,6 +276,8 @@
         pkcs15RsaEncryption.add(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256);
         pkcs15RsaEncryption.add(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384);
         pkcs15RsaEncryption.add(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512);
+        */
+        // END Android-removed: Unsupported algorithms
 
         //
         // explicit params
@@ -271,6 +297,8 @@
         AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512, DERNull.INSTANCE);
         params.put("SHA512WITHRSAANDMGF1", createPSSParams(sha512AlgId, 64));
 
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         AlgorithmIdentifier sha3_224AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha3_224, DERNull.INSTANCE);
         params.put("SHA3-224WITHRSAANDMGF1", createPSSParams(sha3_224AlgId, 28));
 
@@ -282,6 +310,8 @@
 
         AlgorithmIdentifier sha3_512AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha3_512, DERNull.INSTANCE);
         params.put("SHA3-512WITHRSAANDMGF1", createPSSParams(sha3_512AlgId, 64));
+        */
+        // END Android-removed: Unsupported algorithms
 
         //
         // digests
@@ -290,10 +320,25 @@
         digestOids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, NISTObjectIdentifiers.id_sha256);
         digestOids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, NISTObjectIdentifiers.id_sha384);
         digestOids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, NISTObjectIdentifiers.id_sha512);
+        // BEGIN Android-removed: Unsupported algorithms
+        // digestOids.put(PKCSObjectIdentifiers.md2WithRSAEncryption, PKCSObjectIdentifiers.md2);
+        // digestOids.put(PKCSObjectIdentifiers.md4WithRSAEncryption, PKCSObjectIdentifiers.md4);
+        // END Android-removed: Unsupported algorithms
+        digestOids.put(PKCSObjectIdentifiers.md5WithRSAEncryption, PKCSObjectIdentifiers.md5);
+        digestOids.put(PKCSObjectIdentifiers.sha1WithRSAEncryption, OIWObjectIdentifiers.idSHA1);
+        // BEGIN Android-removed: Unsupported algorithms
+        // digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128, TeleTrusTObjectIdentifiers.ripemd128);
+        // digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160, TeleTrusTObjectIdentifiers.ripemd160);
+        // digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256, TeleTrusTObjectIdentifiers.ripemd256);
+        // digestOids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, CryptoProObjectIdentifiers.gostR3411);
+        // digestOids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, CryptoProObjectIdentifiers.gostR3411);
+        // END Android-removed: Unsupported algorithms
         digestOids.put(NISTObjectIdentifiers.dsa_with_sha224, NISTObjectIdentifiers.id_sha224);
         digestOids.put(NISTObjectIdentifiers.dsa_with_sha256, NISTObjectIdentifiers.id_sha256);
         digestOids.put(NISTObjectIdentifiers.dsa_with_sha384, NISTObjectIdentifiers.id_sha384);
         digestOids.put(NISTObjectIdentifiers.dsa_with_sha512, NISTObjectIdentifiers.id_sha512);
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         digestOids.put(NISTObjectIdentifiers.id_dsa_with_sha3_224, NISTObjectIdentifiers.id_sha3_224);
         digestOids.put(NISTObjectIdentifiers.id_dsa_with_sha3_256, NISTObjectIdentifiers.id_sha3_256);
         digestOids.put(NISTObjectIdentifiers.id_dsa_with_sha3_384, NISTObjectIdentifiers.id_sha3_384);
@@ -309,8 +354,12 @@
 
         digestOids.put(PKCSObjectIdentifiers.md2WithRSAEncryption, PKCSObjectIdentifiers.md2);
         digestOids.put(PKCSObjectIdentifiers.md4WithRSAEncryption, PKCSObjectIdentifiers.md4);
+        */
+        // END Android-removed: Unsupported algorithms
         digestOids.put(PKCSObjectIdentifiers.md5WithRSAEncryption, PKCSObjectIdentifiers.md5);
         digestOids.put(PKCSObjectIdentifiers.sha1WithRSAEncryption, OIWObjectIdentifiers.idSHA1);
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128, TeleTrusTObjectIdentifiers.ripemd128);
         digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160, TeleTrusTObjectIdentifiers.ripemd160);
         digestOids.put(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256, TeleTrusTObjectIdentifiers.ripemd256);
@@ -319,6 +368,8 @@
         digestOids.put(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256, RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256);
         digestOids.put(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512, RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512);
         digestOids.put(GMObjectIdentifiers.sm2sign_with_sm3, GMObjectIdentifiers.sm3);
+        */
+        // END Android-removed: Unsupported algorithms
     }
 
     private static AlgorithmIdentifier generate(String signatureAlgorithm)

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/InputDecryptorProvider.java b/bcpkix/src/main/java/org/bouncycastle/operator/InputDecryptorProvider.java
deleted file mode 100644
index d50e6a7..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/InputDecryptorProvider.java
+++ /dev/null

@@ -1,9 +0,0 @@
-package org.bouncycastle.operator;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-public interface InputDecryptorProvider
-{
-    public InputDecryptor get(AlgorithmIdentifier algorithm)
-        throws OperatorCreationException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/InputExpander.java b/bcpkix/src/main/java/org/bouncycastle/operator/InputExpander.java
deleted file mode 100644
index 4767aed..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/InputExpander.java
+++ /dev/null

@@ -1,29 +0,0 @@
-package org.bouncycastle.operator;
-
-import java.io.InputStream;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * General interface for an operator that is able to produce
- * an InputStream that will produce uncompressed data.
- */
-public interface InputExpander
-{
-    /**
-     * Return the algorithm identifier describing the compression
-     * algorithm and parameters this expander supports.
-     *
-     * @return algorithm oid and parameters.
-     */
-    AlgorithmIdentifier getAlgorithmIdentifier();
-
-    /**
-     * Wrap the passed in input stream comIn, returning an input stream
-     * that expands anything read in from comIn.
-     *
-     * @param comIn the compressed input data stream..
-     * @return an expanding InputStream.
-     */
-    InputStream getInputStream(InputStream comIn);
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/InputExpanderProvider.java b/bcpkix/src/main/java/org/bouncycastle/operator/InputExpanderProvider.java
deleted file mode 100644
index f560e04..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/InputExpanderProvider.java
+++ /dev/null

@@ -1,8 +0,0 @@
-package org.bouncycastle.operator;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-public interface InputExpanderProvider
-{
-    InputExpander get(AlgorithmIdentifier algorithm);
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/KeyUnwrapper.java b/bcpkix/src/main/java/org/bouncycastle/operator/KeyUnwrapper.java
deleted file mode 100644
index e34f670..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/KeyUnwrapper.java
+++ /dev/null

@@ -1,11 +0,0 @@
-package org.bouncycastle.operator;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-public interface KeyUnwrapper
-{
-    AlgorithmIdentifier getAlgorithmIdentifier();
-
-    GenericKey generateUnwrappedKey(AlgorithmIdentifier encryptionKeyAlgorithm, byte[] encryptedKey)
-        throws OperatorException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/KeyWrapper.java b/bcpkix/src/main/java/org/bouncycastle/operator/KeyWrapper.java
deleted file mode 100644
index 29b76a8..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/KeyWrapper.java
+++ /dev/null

@@ -1,11 +0,0 @@
-package org.bouncycastle.operator;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-public interface KeyWrapper
-{
-    AlgorithmIdentifier getAlgorithmIdentifier();
-
-    byte[] generateWrappedKey(GenericKey encryptionKey)
-        throws OperatorException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/MacCalculatorProvider.java b/bcpkix/src/main/java/org/bouncycastle/operator/MacCalculatorProvider.java
deleted file mode 100644
index 5f50744..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/MacCalculatorProvider.java
+++ /dev/null

@@ -1,8 +0,0 @@
-package org.bouncycastle.operator;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-public interface MacCalculatorProvider
-{
-    public MacCalculator get(AlgorithmIdentifier algorithm);
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/OutputCompressor.java b/bcpkix/src/main/java/org/bouncycastle/operator/OutputCompressor.java
deleted file mode 100644
index 054966e..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/OutputCompressor.java
+++ /dev/null

@@ -1,29 +0,0 @@
-package org.bouncycastle.operator;
-
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * General interface for an operator that is able to produce
- * an OutputStream that will output compressed data.
- */
-public interface OutputCompressor
-{
-    /**
-     * Return the algorithm identifier describing the compression
-     * algorithm and parameters this compressor uses.
-     *
-     * @return algorithm oid and parameters.
-     */
-    AlgorithmIdentifier getAlgorithmIdentifier();
-
-    /**
-     * Wrap the passed in output stream comOut, returning an output stream
-     * that compresses anything passed in before sending on to comOut.
-     *
-     * @param comOut output stream for compressed output.
-     * @return a compressing OutputStream
-     */
-    OutputStream getOutputStream(OutputStream comOut);
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/OutputEncryptor.java b/bcpkix/src/main/java/org/bouncycastle/operator/OutputEncryptor.java
deleted file mode 100644
index 383e1fd..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/OutputEncryptor.java
+++ /dev/null

@@ -1,36 +0,0 @@
-package org.bouncycastle.operator;
-
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * General interface for an operator that is able to produce
- * an OutputStream that will output encrypted data.
- */
-public interface OutputEncryptor
-{
-    /**
-     * Return the algorithm identifier describing the encryption
-     * algorithm and parameters this encryptor uses.
-     *
-     * @return algorithm oid and parameters.
-     */
-    AlgorithmIdentifier getAlgorithmIdentifier();
-
-    /**
-     * Wrap the passed in output stream encOut, returning an output stream
-     * that encrypts anything passed in before sending on to encOut.
-     *
-     * @param encOut output stream for encrypted output.
-     * @return an encrypting OutputStream
-     */
-    OutputStream getOutputStream(OutputStream encOut);
-
-    /**
-     * Return the key used for encrypting the output.
-     *
-     * @return the encryption key.
-     */
-    GenericKey getKey();
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/SecretKeySizeProvider.java b/bcpkix/src/main/java/org/bouncycastle/operator/SecretKeySizeProvider.java
deleted file mode 100644
index 5f92ef0..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/SecretKeySizeProvider.java
+++ /dev/null

@@ -1,17 +0,0 @@
-package org.bouncycastle.operator;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-public interface SecretKeySizeProvider
-{
-    int getKeySize(AlgorithmIdentifier algorithmIdentifier);
-
-    /**
-     * Return the key size implied by the OID, if one exists.
-     *
-     * @param algorithm the OID of the algorithm of interest.
-     * @return -1 if there is no fixed key size associated with the OID, or more information is required.
-     */
-    int getKeySize(ASN1ObjectIdentifier algorithm);
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/SymmetricKeyUnwrapper.java b/bcpkix/src/main/java/org/bouncycastle/operator/SymmetricKeyUnwrapper.java
deleted file mode 100644
index 7c72455..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/SymmetricKeyUnwrapper.java
+++ /dev/null

@@ -1,19 +0,0 @@
-package org.bouncycastle.operator;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-public abstract class SymmetricKeyUnwrapper
-    implements KeyUnwrapper
-{
-    private AlgorithmIdentifier algorithmId;
-
-    protected SymmetricKeyUnwrapper(AlgorithmIdentifier algorithmId)
-    {
-        this.algorithmId = algorithmId;
-    }
-
-    public AlgorithmIdentifier getAlgorithmIdentifier()
-    {
-        return algorithmId;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/SymmetricKeyWrapper.java b/bcpkix/src/main/java/org/bouncycastle/operator/SymmetricKeyWrapper.java
deleted file mode 100644
index b1864d2..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/SymmetricKeyWrapper.java
+++ /dev/null

@@ -1,19 +0,0 @@
-package org.bouncycastle.operator;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-public abstract class SymmetricKeyWrapper
-    implements KeyWrapper
-{
-    private AlgorithmIdentifier algorithmId;
-
-    protected SymmetricKeyWrapper(AlgorithmIdentifier algorithmId)
-    {
-        this.algorithmId = algorithmId;
-    }
-
-    public AlgorithmIdentifier getAlgorithmIdentifier()
-    {
-        return algorithmId;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/bc/AESUtil.java b/bcpkix/src/main/java/org/bouncycastle/operator/bc/AESUtil.java
deleted file mode 100644
index 83fab44..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/bc/AESUtil.java
+++ /dev/null

@@ -1,34 +0,0 @@
-package org.bouncycastle.operator.bc;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.params.KeyParameter;
-
-class AESUtil
-{
-    static AlgorithmIdentifier determineKeyEncAlg(KeyParameter key)
-    {
-        int length = key.getKey().length * 8;
-        ASN1ObjectIdentifier wrapOid;
-
-        if (length == 128)
-        {
-            wrapOid = NISTObjectIdentifiers.id_aes128_wrap;
-        }
-        else if (length == 192)
-        {
-            wrapOid = NISTObjectIdentifiers.id_aes192_wrap;
-        }
-        else if (length == 256)
-        {
-            wrapOid = NISTObjectIdentifiers.id_aes256_wrap;
-        }
-        else
-        {
-            throw new IllegalArgumentException("illegal keysize in AES");
-        }
-
-        return new AlgorithmIdentifier(wrapOid); // parameters absent
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcAESSymmetricKeyUnwrapper.java b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcAESSymmetricKeyUnwrapper.java
deleted file mode 100644
index 024bbd6..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcAESSymmetricKeyUnwrapper.java
+++ /dev/null

@@ -1,13 +0,0 @@
-package org.bouncycastle.operator.bc;
-
-import org.bouncycastle.crypto.engines.AESWrapEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-
-public class BcAESSymmetricKeyUnwrapper
-    extends BcSymmetricKeyUnwrapper
-{
-    public BcAESSymmetricKeyUnwrapper(KeyParameter wrappingKey)
-    {
-        super(AESUtil.determineKeyEncAlg(wrappingKey), new AESWrapEngine(), wrappingKey);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcAESSymmetricKeyWrapper.java b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcAESSymmetricKeyWrapper.java
deleted file mode 100644
index 0da561b..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcAESSymmetricKeyWrapper.java
+++ /dev/null

@@ -1,13 +0,0 @@
-package org.bouncycastle.operator.bc;
-
-import org.bouncycastle.crypto.engines.AESWrapEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-
-public class BcAESSymmetricKeyWrapper
-    extends BcSymmetricKeyWrapper
-{
-    public BcAESSymmetricKeyWrapper(KeyParameter wrappingKey)
-    {
-        super(AESUtil.determineKeyEncAlg(wrappingKey), new AESWrapEngine(), wrappingKey);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcAsymmetricKeyUnwrapper.java b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcAsymmetricKeyUnwrapper.java
deleted file mode 100644
index 2bf5c2d..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcAsymmetricKeyUnwrapper.java
+++ /dev/null

@@ -1,51 +0,0 @@
-package org.bouncycastle.operator.bc;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.AsymmetricBlockCipher;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.operator.AsymmetricKeyUnwrapper;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.OperatorException;
-
-public abstract class BcAsymmetricKeyUnwrapper
-    extends AsymmetricKeyUnwrapper
-{
-    private AsymmetricKeyParameter privateKey;
-
-    public BcAsymmetricKeyUnwrapper(AlgorithmIdentifier encAlgId, AsymmetricKeyParameter privateKey)
-    {
-        super(encAlgId);
-
-        this.privateKey = privateKey;
-    }
-
-    public GenericKey generateUnwrappedKey(AlgorithmIdentifier encryptedKeyAlgorithm, byte[] encryptedKey)
-        throws OperatorException
-    {
-        AsymmetricBlockCipher keyCipher = createAsymmetricUnwrapper(this.getAlgorithmIdentifier().getAlgorithm());
-
-        keyCipher.init(false, privateKey);
-        try
-        {
-            byte[] key = keyCipher.processBlock(encryptedKey, 0, encryptedKey.length);
-
-            if (encryptedKeyAlgorithm.getAlgorithm().equals(PKCSObjectIdentifiers.des_EDE3_CBC))
-            {
-                return new GenericKey(encryptedKeyAlgorithm, key);
-            }
-            else
-            {
-                return new GenericKey(encryptedKeyAlgorithm, key);
-            }
-        }
-        catch (InvalidCipherTextException e)
-        {
-            throw new OperatorException("unable to recover secret key: " + e.getMessage(), e);
-        }
-    }
-
-    protected abstract AsymmetricBlockCipher createAsymmetricUnwrapper(ASN1ObjectIdentifier algorithm);
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcAsymmetricKeyWrapper.java b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcAsymmetricKeyWrapper.java
deleted file mode 100644
index 2cac227..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcAsymmetricKeyWrapper.java
+++ /dev/null

@@ -1,60 +0,0 @@
-package org.bouncycastle.operator.bc;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.AsymmetricBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.operator.AsymmetricKeyWrapper;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.OperatorException;
-
-public abstract class BcAsymmetricKeyWrapper
-    extends AsymmetricKeyWrapper
-{
-    private AsymmetricKeyParameter publicKey;
-    private SecureRandom random;
-
-    public BcAsymmetricKeyWrapper(AlgorithmIdentifier encAlgId, AsymmetricKeyParameter publicKey)
-    {
-        super(encAlgId);
-
-        this.publicKey = publicKey;
-    }
-
-    public BcAsymmetricKeyWrapper setSecureRandom(SecureRandom random)
-    {
-        this.random = random;
-
-        return this;
-    }
-
-    public byte[] generateWrappedKey(GenericKey encryptionKey)
-        throws OperatorException
-    {
-        AsymmetricBlockCipher keyEncryptionCipher = createAsymmetricWrapper(getAlgorithmIdentifier().getAlgorithm());
-        
-        CipherParameters params = publicKey;
-        if (random != null)
-        {
-            params = new ParametersWithRandom(params, random);
-        }
-
-        try
-        {
-            byte[] keyEnc = OperatorUtils.getKeyBytes(encryptionKey);
-            keyEncryptionCipher.init(true, params);
-            return keyEncryptionCipher.processBlock(keyEnc, 0, keyEnc.length);
-        }
-        catch (InvalidCipherTextException e)
-        {
-            throw new OperatorException("unable to encrypt contents key", e);
-        }
-    }
-
-    protected abstract AsymmetricBlockCipher createAsymmetricWrapper(ASN1ObjectIdentifier algorithm);
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcContentSignerBuilder.java b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcContentSignerBuilder.java
deleted file mode 100644
index a7b45fc..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcContentSignerBuilder.java
+++ /dev/null

@@ -1,82 +0,0 @@
-package org.bouncycastle.operator.bc;
-
-import java.io.OutputStream;
-import java.security.SecureRandom;
-import java.util.Map;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.operator.ContentSigner;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.RuntimeOperatorException;
-
-public abstract class BcContentSignerBuilder
-{
-    private SecureRandom random;
-    private AlgorithmIdentifier sigAlgId;
-    private AlgorithmIdentifier digAlgId;
-
-    protected BcDigestProvider                digestProvider;
-
-    public BcContentSignerBuilder(AlgorithmIdentifier sigAlgId, AlgorithmIdentifier digAlgId)
-    {
-        this.sigAlgId = sigAlgId;
-        this.digAlgId = digAlgId;
-        this.digestProvider = BcDefaultDigestProvider.INSTANCE;
-    }
-
-    public BcContentSignerBuilder setSecureRandom(SecureRandom random)
-    {
-        this.random = random;
-
-        return this;
-    }
-
-    public ContentSigner build(AsymmetricKeyParameter privateKey)
-        throws OperatorCreationException
-    {
-        final Signer sig = createSigner(sigAlgId, digAlgId);
-
-        if (random != null)
-        {
-            sig.init(true, new ParametersWithRandom(privateKey, random));
-        }
-        else
-        {
-            sig.init(true, privateKey);
-        }
-
-        return new ContentSigner()
-        {
-            private BcSignerOutputStream stream = new BcSignerOutputStream(sig);
-
-            public AlgorithmIdentifier getAlgorithmIdentifier()
-            {
-                return sigAlgId;
-            }
-
-            public OutputStream getOutputStream()
-            {
-                return stream;
-            }
-
-            public byte[] getSignature()
-            {
-                try
-                {
-                    return stream.getSignature();
-                }
-                catch (CryptoException e)
-                {
-                    throw new RuntimeOperatorException("exception obtaining signature: " + e.getMessage(), e);
-                }
-            }
-        };
-    }
-
-    protected abstract Signer createSigner(AlgorithmIdentifier sigAlgId, AlgorithmIdentifier algorithmIdentifier)
-        throws OperatorCreationException;
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcContentVerifierProviderBuilder.java b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcContentVerifierProviderBuilder.java
deleted file mode 100644
index ff57e60..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcContentVerifierProviderBuilder.java
+++ /dev/null

@@ -1,144 +0,0 @@
-package org.bouncycastle.operator.bc;
-
-import java.io.IOException;
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.operator.ContentVerifier;
-import org.bouncycastle.operator.ContentVerifierProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-
-public abstract class BcContentVerifierProviderBuilder
-{
-    protected BcDigestProvider digestProvider;
-
-    public BcContentVerifierProviderBuilder()
-    {
-        this.digestProvider = BcDefaultDigestProvider.INSTANCE;
-    }
-
-    public ContentVerifierProvider build(final X509CertificateHolder certHolder)
-        throws OperatorCreationException
-    {
-        return new ContentVerifierProvider()
-        {
-            public boolean hasAssociatedCertificate()
-            {
-                return true;
-            }
-
-            public X509CertificateHolder getAssociatedCertificate()
-            {
-                return certHolder;
-            }
-
-            public ContentVerifier get(AlgorithmIdentifier algorithm)
-                throws OperatorCreationException
-            {
-                try
-                {
-                    AsymmetricKeyParameter publicKey = extractKeyParameters(certHolder.getSubjectPublicKeyInfo());
-                    BcSignerOutputStream stream = createSignatureStream(algorithm, publicKey);
-
-                    return new SigVerifier(algorithm, stream);
-                }
-                catch (IOException e)
-                {
-                    throw new OperatorCreationException("exception on setup: " + e, e);
-                }
-            }
-        };
-    }
-
-    public ContentVerifierProvider build(final AsymmetricKeyParameter publicKey)
-        throws OperatorCreationException
-    {
-        return new ContentVerifierProvider()
-        {
-            public boolean hasAssociatedCertificate()
-            {
-                return false;
-            }
-
-            public X509CertificateHolder getAssociatedCertificate()
-            {
-                return null;
-            }
-
-            public ContentVerifier get(AlgorithmIdentifier algorithm)
-                throws OperatorCreationException
-            {
-                BcSignerOutputStream stream = createSignatureStream(algorithm, publicKey);
-
-                return new SigVerifier(algorithm, stream);
-            }
-        };
-    }
-
-    private BcSignerOutputStream createSignatureStream(AlgorithmIdentifier algorithm, AsymmetricKeyParameter publicKey)
-        throws OperatorCreationException
-    {
-        Signer sig = createSigner(algorithm);
-
-        sig.init(false, publicKey);
-
-        return new BcSignerOutputStream(sig);
-    }
-
-    /**
-     * Extract an AsymmetricKeyParameter from the passed in SubjectPublicKeyInfo structure.
-     *
-     * @param publicKeyInfo a publicKeyInfo structure describing the public key required.
-     * @return an AsymmetricKeyParameter object containing the appropriate public key.
-     * @throws IOException if the publicKeyInfo data cannot be parsed,
-     */
-    protected abstract AsymmetricKeyParameter extractKeyParameters(SubjectPublicKeyInfo publicKeyInfo)
-        throws IOException;
-
-    /**
-     * Create the correct signer for the algorithm identifier sigAlgId.
-     *
-     * @param sigAlgId the algorithm details for the signature we want to verify.
-     * @return a Signer object.
-     * @throws OperatorCreationException if the Signer cannot be constructed.
-     */
-    protected abstract Signer createSigner(AlgorithmIdentifier sigAlgId)
-        throws OperatorCreationException;
-
-    private class SigVerifier
-        implements ContentVerifier
-    {
-        private BcSignerOutputStream stream;
-        private AlgorithmIdentifier algorithm;
-
-        SigVerifier(AlgorithmIdentifier algorithm, BcSignerOutputStream stream)
-        {
-            this.algorithm = algorithm;
-            this.stream = stream;
-        }
-
-        public AlgorithmIdentifier getAlgorithmIdentifier()
-        {
-            return algorithm;
-        }
-
-        public OutputStream getOutputStream()
-        {
-            if (stream == null)
-            {
-                throw new IllegalStateException("verifier not initialised");
-            }
-
-            return stream;
-        }
-
-        public boolean verify(byte[] expected)
-        {
-            return stream.verify(expected);
-        }
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcDSAContentSignerBuilder.java b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcDSAContentSignerBuilder.java
deleted file mode 100644
index 893f9fd..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcDSAContentSignerBuilder.java
+++ /dev/null

@@ -1,25 +0,0 @@
-package org.bouncycastle.operator.bc;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.signers.DSADigestSigner;
-import org.bouncycastle.crypto.signers.DSASigner;
-import org.bouncycastle.operator.OperatorCreationException;
-
-public class BcDSAContentSignerBuilder
-    extends BcContentSignerBuilder
-{
-    public BcDSAContentSignerBuilder(AlgorithmIdentifier sigAlgId, AlgorithmIdentifier digAlgId)
-    {
-        super(sigAlgId, digAlgId);
-    }
-
-    protected Signer createSigner(AlgorithmIdentifier sigAlgId, AlgorithmIdentifier digAlgId)
-        throws OperatorCreationException
-    {
-        Digest dig = digestProvider.get(digAlgId);
-
-        return new DSADigestSigner(new DSASigner(), dig);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcDSAContentVerifierProviderBuilder.java b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcDSAContentVerifierProviderBuilder.java
deleted file mode 100644
index 15bb301..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcDSAContentVerifierProviderBuilder.java
+++ /dev/null

@@ -1,40 +0,0 @@
-package org.bouncycastle.operator.bc;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.signers.DSADigestSigner;
-import org.bouncycastle.crypto.signers.DSASigner;
-import org.bouncycastle.crypto.util.PublicKeyFactory;
-import org.bouncycastle.operator.DigestAlgorithmIdentifierFinder;
-import org.bouncycastle.operator.OperatorCreationException;
-
-public class BcDSAContentVerifierProviderBuilder
-    extends BcContentVerifierProviderBuilder
-{
-    private DigestAlgorithmIdentifierFinder digestAlgorithmFinder;
-
-    public BcDSAContentVerifierProviderBuilder(DigestAlgorithmIdentifierFinder digestAlgorithmFinder)
-    {
-        this.digestAlgorithmFinder = digestAlgorithmFinder;
-    }
-
-    protected Signer createSigner(AlgorithmIdentifier sigAlgId)
-        throws OperatorCreationException
-    {
-        AlgorithmIdentifier digAlg = digestAlgorithmFinder.find(sigAlgId);
-        Digest dig = digestProvider.get(digAlg);
-
-        return new DSADigestSigner(new DSASigner(), dig);
-    }
-
-    protected AsymmetricKeyParameter extractKeyParameters(SubjectPublicKeyInfo publicKeyInfo)
-        throws IOException
-    {
-        return PublicKeyFactory.createKey(publicKeyInfo);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcDefaultDigestProvider.java b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcDefaultDigestProvider.java
index 3634f99..a5f0a7b 100644
--- a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcDefaultDigestProvider.java
+++ b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcDefaultDigestProvider.java

@@ -4,12 +4,13 @@
 import java.util.HashMap;
 import java.util.Map;
 
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+// import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+// import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
 import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
 import org.bouncycastle.crypto.ExtendedDigest;
 import org.bouncycastle.crypto.digests.*;
@@ -59,6 +60,8 @@
                 return new SHA512Digest();
             }
         });
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         table.put(NISTObjectIdentifiers.id_sha3_224, new BcDigestProvider()
         {
             public ExtendedDigest get(AlgorithmIdentifier digestAlgorithmIdentifier)
@@ -150,6 +153,8 @@
                 return new RIPEMD256Digest();
             }
         });
+        */
+        // END Android-removed: Unsupported algorithms
 
         return Collections.unmodifiableMap(table);
     }

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcECContentSignerBuilder.java b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcECContentSignerBuilder.java
deleted file mode 100644
index baf866b..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcECContentSignerBuilder.java
+++ /dev/null

@@ -1,25 +0,0 @@
-package org.bouncycastle.operator.bc;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.signers.DSADigestSigner;
-import org.bouncycastle.crypto.signers.ECDSASigner;
-import org.bouncycastle.operator.OperatorCreationException;
-
-public class BcECContentSignerBuilder
-    extends BcContentSignerBuilder
-{
-    public BcECContentSignerBuilder(AlgorithmIdentifier sigAlgId, AlgorithmIdentifier digAlgId)
-    {
-        super(sigAlgId, digAlgId);
-    }
-
-    protected Signer createSigner(AlgorithmIdentifier sigAlgId, AlgorithmIdentifier digAlgId)
-        throws OperatorCreationException
-    {
-        Digest dig = digestProvider.get(digAlgId);
-
-        return new DSADigestSigner(new ECDSASigner(), dig);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcECContentVerifierProviderBuilder.java b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcECContentVerifierProviderBuilder.java
deleted file mode 100644
index 0d0d562..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcECContentVerifierProviderBuilder.java
+++ /dev/null

@@ -1,40 +0,0 @@
-package org.bouncycastle.operator.bc;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.signers.DSADigestSigner;
-import org.bouncycastle.crypto.signers.ECDSASigner;
-import org.bouncycastle.crypto.util.PublicKeyFactory;
-import org.bouncycastle.operator.DigestAlgorithmIdentifierFinder;
-import org.bouncycastle.operator.OperatorCreationException;
-
-public class BcECContentVerifierProviderBuilder
-    extends BcContentVerifierProviderBuilder
-{
-    private DigestAlgorithmIdentifierFinder digestAlgorithmFinder;
-
-    public BcECContentVerifierProviderBuilder(DigestAlgorithmIdentifierFinder digestAlgorithmFinder)
-    {
-        this.digestAlgorithmFinder = digestAlgorithmFinder;
-    }
-
-    protected Signer createSigner(AlgorithmIdentifier sigAlgId)
-        throws OperatorCreationException
-    {
-        AlgorithmIdentifier digAlg = digestAlgorithmFinder.find(sigAlgId);
-        Digest dig = digestProvider.get(digAlg);
-
-        return new DSADigestSigner(new ECDSASigner(), dig);
-    }
-
-    protected AsymmetricKeyParameter extractKeyParameters(SubjectPublicKeyInfo publicKeyInfo)
-        throws IOException
-    {
-        return PublicKeyFactory.createKey(publicKeyInfo);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcRSAAsymmetricKeyUnwrapper.java b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcRSAAsymmetricKeyUnwrapper.java
deleted file mode 100644
index 84eb29d..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcRSAAsymmetricKeyUnwrapper.java
+++ /dev/null

@@ -1,22 +0,0 @@
-package org.bouncycastle.operator.bc;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.AsymmetricBlockCipher;
-import org.bouncycastle.crypto.encodings.PKCS1Encoding;
-import org.bouncycastle.crypto.engines.RSAEngine;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-
-public class BcRSAAsymmetricKeyUnwrapper
-    extends BcAsymmetricKeyUnwrapper
-{
-    public BcRSAAsymmetricKeyUnwrapper(AlgorithmIdentifier encAlgId, AsymmetricKeyParameter privateKey)
-    {
-        super(encAlgId, privateKey);
-    }
-
-    protected AsymmetricBlockCipher createAsymmetricUnwrapper(ASN1ObjectIdentifier algorithm)
-    {
-        return new PKCS1Encoding(new RSAEngine());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcRSAAsymmetricKeyWrapper.java b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcRSAAsymmetricKeyWrapper.java
deleted file mode 100644
index 9375bd1..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcRSAAsymmetricKeyWrapper.java
+++ /dev/null

@@ -1,32 +0,0 @@
-package org.bouncycastle.operator.bc;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.AsymmetricBlockCipher;
-import org.bouncycastle.crypto.encodings.PKCS1Encoding;
-import org.bouncycastle.crypto.engines.RSAEngine;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.util.PublicKeyFactory;
-
-public class BcRSAAsymmetricKeyWrapper
-    extends BcAsymmetricKeyWrapper
-{
-    public BcRSAAsymmetricKeyWrapper(AlgorithmIdentifier encAlgId, AsymmetricKeyParameter publicKey)
-    {
-        super(encAlgId, publicKey);
-    }
-
-    public BcRSAAsymmetricKeyWrapper(AlgorithmIdentifier encAlgId, SubjectPublicKeyInfo publicKeyInfo)
-        throws IOException
-    {
-        super(encAlgId, PublicKeyFactory.createKey(publicKeyInfo));
-    }
-
-    protected AsymmetricBlockCipher createAsymmetricWrapper(ASN1ObjectIdentifier algorithm)
-    {
-        return new PKCS1Encoding(new RSAEngine());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcRSAContentSignerBuilder.java b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcRSAContentSignerBuilder.java
deleted file mode 100644
index db317de..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcRSAContentSignerBuilder.java
+++ /dev/null

@@ -1,24 +0,0 @@
-package org.bouncycastle.operator.bc;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.signers.RSADigestSigner;
-import org.bouncycastle.operator.OperatorCreationException;
-
-public class BcRSAContentSignerBuilder
-    extends BcContentSignerBuilder
-{
-    public BcRSAContentSignerBuilder(AlgorithmIdentifier sigAlgId, AlgorithmIdentifier digAlgId)
-    {
-        super(sigAlgId, digAlgId);
-    }
-
-    protected Signer createSigner(AlgorithmIdentifier sigAlgId, AlgorithmIdentifier digAlgId)
-        throws OperatorCreationException
-    {
-        Digest dig = digestProvider.get(digAlgId);
-
-        return new RSADigestSigner(dig);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcRSAContentVerifierProviderBuilder.java b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcRSAContentVerifierProviderBuilder.java
deleted file mode 100644
index 7b2249c..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcRSAContentVerifierProviderBuilder.java
+++ /dev/null

@@ -1,39 +0,0 @@
-package org.bouncycastle.operator.bc;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.signers.RSADigestSigner;
-import org.bouncycastle.crypto.util.PublicKeyFactory;
-import org.bouncycastle.operator.DigestAlgorithmIdentifierFinder;
-import org.bouncycastle.operator.OperatorCreationException;
-
-public class BcRSAContentVerifierProviderBuilder
-    extends BcContentVerifierProviderBuilder
-{
-    private DigestAlgorithmIdentifierFinder digestAlgorithmFinder;
-
-    public BcRSAContentVerifierProviderBuilder(DigestAlgorithmIdentifierFinder digestAlgorithmFinder)
-    {
-        this.digestAlgorithmFinder = digestAlgorithmFinder;
-    }
-
-    protected Signer createSigner(AlgorithmIdentifier sigAlgId)
-        throws OperatorCreationException
-    {
-        AlgorithmIdentifier digAlg = digestAlgorithmFinder.find(sigAlgId);
-        Digest dig = digestProvider.get(digAlg);
-
-        return new RSADigestSigner(dig);
-    }
-
-    protected AsymmetricKeyParameter extractKeyParameters(SubjectPublicKeyInfo publicKeyInfo)
-        throws IOException
-    {
-        return PublicKeyFactory.createKey(publicKeyInfo);
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcSignerOutputStream.java b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcSignerOutputStream.java
deleted file mode 100644
index 0ef1656..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcSignerOutputStream.java
+++ /dev/null

@@ -1,47 +0,0 @@
-package org.bouncycastle.operator.bc;
-
-import java.io.IOException;
-import java.io.OutputStream;
-
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.Signer;
-
-public class BcSignerOutputStream
-    extends OutputStream
-{
-    private Signer sig;
-
-    BcSignerOutputStream(Signer sig)
-    {
-        this.sig = sig;
-    }
-
-    public void write(byte[] bytes, int off, int len)
-        throws IOException
-    {
-        sig.update(bytes, off, len);
-    }
-
-    public void write(byte[] bytes)
-        throws IOException
-    {
-        sig.update(bytes, 0, bytes.length);
-    }
-
-    public void write(int b)
-        throws IOException
-    {
-        sig.update((byte)b);
-    }
-
-    byte[] getSignature()
-        throws CryptoException
-    {
-        return sig.generateSignature();
-    }
-
-    boolean verify(byte[] expected)
-    {
-        return sig.verifySignature(expected);
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcSymmetricKeyUnwrapper.java b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcSymmetricKeyUnwrapper.java
deleted file mode 100644
index f8df3b6..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcSymmetricKeyUnwrapper.java
+++ /dev/null

@@ -1,49 +0,0 @@
-package org.bouncycastle.operator.bc;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.Wrapper;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.OperatorException;
-import org.bouncycastle.operator.SymmetricKeyUnwrapper;
-
-public class BcSymmetricKeyUnwrapper
-    extends SymmetricKeyUnwrapper
-{
-    private SecureRandom random;
-    private Wrapper wrapper;
-    private KeyParameter wrappingKey;
-
-    public BcSymmetricKeyUnwrapper(AlgorithmIdentifier wrappingAlgorithm, Wrapper wrapper, KeyParameter wrappingKey)
-    {
-        super(wrappingAlgorithm);
-
-        this.wrapper = wrapper;
-        this.wrappingKey = wrappingKey;
-    }
-
-    public BcSymmetricKeyUnwrapper setSecureRandom(SecureRandom random)
-    {
-        this.random = random;
-
-        return this;
-    }
-
-    public GenericKey generateUnwrappedKey(AlgorithmIdentifier encryptedKeyAlgorithm, byte[] encryptedKey)
-        throws OperatorException
-    {
-        wrapper.init(false, wrappingKey);
-
-        try
-        {
-            return new GenericKey(encryptedKeyAlgorithm, wrapper.unwrap(encryptedKey, 0, encryptedKey.length));
-        }
-        catch (InvalidCipherTextException e)
-        {
-            throw new OperatorException("unable to unwrap key: " + e.getMessage(), e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcSymmetricKeyWrapper.java b/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcSymmetricKeyWrapper.java
deleted file mode 100644
index b7f8950..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/bc/BcSymmetricKeyWrapper.java
+++ /dev/null

@@ -1,51 +0,0 @@
-package org.bouncycastle.operator.bc;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.Wrapper;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.OperatorException;
-import org.bouncycastle.operator.SymmetricKeyWrapper;
-
-public class BcSymmetricKeyWrapper
-    extends SymmetricKeyWrapper
-{
-    private SecureRandom random;
-    private Wrapper wrapper;
-    private KeyParameter wrappingKey;
-
-    public BcSymmetricKeyWrapper(AlgorithmIdentifier wrappingAlgorithm, Wrapper wrapper, KeyParameter wrappingKey)
-    {
-        super(wrappingAlgorithm);
-
-        this.wrapper = wrapper;
-        this.wrappingKey = wrappingKey;
-    }
-
-    public BcSymmetricKeyWrapper setSecureRandom(SecureRandom random)
-    {
-        this.random = random;
-
-        return this;
-    }
-
-    public byte[] generateWrappedKey(GenericKey encryptionKey)
-        throws OperatorException
-    {
-        byte[] contentEncryptionKeySpec = OperatorUtils.getKeyBytes(encryptionKey);
-
-        if (random == null)
-        {
-            wrapper.init(true, wrappingKey);
-        }
-        else
-        {
-            wrapper.init(true, new ParametersWithRandom(wrappingKey, random));
-        }
-
-        return wrapper.wrap(contentEncryptionKeySpec, 0, contentEncryptionKeySpec.length);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/bc/CamelliaUtil.java b/bcpkix/src/main/java/org/bouncycastle/operator/bc/CamelliaUtil.java
deleted file mode 100644
index 819637d..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/bc/CamelliaUtil.java
+++ /dev/null

@@ -1,36 +0,0 @@
-package org.bouncycastle.operator.bc;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.params.KeyParameter;
-
-class CamelliaUtil
-{
-    static AlgorithmIdentifier determineKeyEncAlg(KeyParameter key)
-    {
-        int length = key.getKey().length * 8;
-        ASN1ObjectIdentifier wrapOid;
-
-        if (length == 128)
-        {
-            wrapOid = NTTObjectIdentifiers.id_camellia128_wrap;
-        }
-        else if (length == 192)
-        {
-            wrapOid = NTTObjectIdentifiers.id_camellia192_wrap;
-        }
-        else if (length == 256)
-        {
-            wrapOid = NTTObjectIdentifiers.id_camellia256_wrap;
-        }
-        else
-        {
-            throw new IllegalArgumentException(
-                "illegal keysize in Camellia");
-        }
-
-        return new AlgorithmIdentifier(wrapOid); // parameters must be
-        // absent
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/bc/OperatorUtils.java b/bcpkix/src/main/java/org/bouncycastle/operator/bc/OperatorUtils.java
deleted file mode 100644
index bc8e7f6..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/bc/OperatorUtils.java
+++ /dev/null

@@ -1,23 +0,0 @@
-package org.bouncycastle.operator.bc;
-
-import java.security.Key;
-
-import org.bouncycastle.operator.GenericKey;
-
-class OperatorUtils
-{
-    static byte[] getKeyBytes(GenericKey key)
-    {
-        if (key.getRepresentation() instanceof Key)
-        {
-            return ((Key)key.getRepresentation()).getEncoded();
-        }
-
-        if (key.getRepresentation() instanceof byte[])
-        {
-            return (byte[])key.getRepresentation();
-        }
-
-        throw new IllegalArgumentException("unknown generic key type");
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/bc/SEEDUtil.java b/bcpkix/src/main/java/org/bouncycastle/operator/bc/SEEDUtil.java
deleted file mode 100644
index 3b1971c..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/bc/SEEDUtil.java
+++ /dev/null

@@ -1,14 +0,0 @@
-package org.bouncycastle.operator.bc;
-
-import org.bouncycastle.asn1.kisa.KISAObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-class SEEDUtil
-{
-    static AlgorithmIdentifier determineKeyEncAlg()
-    {
-        // parameters absent
-        return new AlgorithmIdentifier(
-            KISAObjectIdentifiers.id_npki_app_cmsSeed_wrap);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JcaAlgorithmParametersConverter.java b/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JcaAlgorithmParametersConverter.java
deleted file mode 100644
index d4e2162..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JcaAlgorithmParametersConverter.java
+++ /dev/null

@@ -1,73 +0,0 @@
-package org.bouncycastle.operator.jcajce;
-
-
-import java.io.IOException;
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.MGF1ParameterSpec;
-
-import javax.crypto.spec.OAEPParameterSpec;
-import javax.crypto.spec.PSource;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.RSAESOAEPparams;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.operator.DefaultDigestAlgorithmIdentifierFinder;
-
-public class JcaAlgorithmParametersConverter
-{
-    public JcaAlgorithmParametersConverter()
-    {
-    }
-
-    public AlgorithmIdentifier getAlgorithmIdentifier(ASN1ObjectIdentifier algId, AlgorithmParameters parameters)
-        throws InvalidAlgorithmParameterException
-    {
-        try
-        {
-            ASN1Encodable params = ASN1Primitive.fromByteArray(parameters.getEncoded());
-
-            return new AlgorithmIdentifier(algId, params);
-        }
-        catch (IOException e)
-        {
-            throw new InvalidAlgorithmParameterException("unable to encode parameters object: " + e.getMessage());
-        }
-    }
-
-    public AlgorithmIdentifier getAlgorithmIdentifier(ASN1ObjectIdentifier algorithm, AlgorithmParameterSpec algorithmSpec)
-        throws InvalidAlgorithmParameterException
-    {
-        if (algorithmSpec instanceof OAEPParameterSpec)
-        {
-            if (algorithmSpec.equals(OAEPParameterSpec.DEFAULT))
-            {
-                return new AlgorithmIdentifier(algorithm,
-                    new RSAESOAEPparams(RSAESOAEPparams.DEFAULT_HASH_ALGORITHM, RSAESOAEPparams.DEFAULT_MASK_GEN_FUNCTION, RSAESOAEPparams.DEFAULT_P_SOURCE_ALGORITHM));
-            }
-            else
-            {
-                OAEPParameterSpec oaepSpec = (OAEPParameterSpec)algorithmSpec;
-                PSource pSource = oaepSpec.getPSource();
-
-                if (!oaepSpec.getMGFAlgorithm().equals(OAEPParameterSpec.DEFAULT.getMGFAlgorithm()))
-                {
-                    throw new InvalidAlgorithmParameterException("only " + OAEPParameterSpec.DEFAULT.getMGFAlgorithm() + " mask generator supported.");
-                }
-
-                AlgorithmIdentifier hashAlgorithm = new DefaultDigestAlgorithmIdentifierFinder().find(oaepSpec.getDigestAlgorithm());
-                AlgorithmIdentifier mgf1HashAlgorithm = new DefaultDigestAlgorithmIdentifierFinder().find((((MGF1ParameterSpec)oaepSpec.getMGFParameters()).getDigestAlgorithm()));
-                return new AlgorithmIdentifier(algorithm,
-                                    new RSAESOAEPparams(hashAlgorithm, new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, mgf1HashAlgorithm),
-                                                        new AlgorithmIdentifier(PKCSObjectIdentifiers.id_pSpecified, new DEROctetString(((PSource.PSpecified)pSource).getValue()))));
-            }
-        }
-
-        throw new InvalidAlgorithmParameterException("unknown parameter spec passed.");
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JceAsymmetricKeyUnwrapper.java b/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JceAsymmetricKeyUnwrapper.java
deleted file mode 100644
index bbde317..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JceAsymmetricKeyUnwrapper.java
+++ /dev/null

@@ -1,167 +0,0 @@
-package org.bouncycastle.operator.jcajce;
-
-import java.security.AlgorithmParameters;
-import java.security.GeneralSecurityException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.PrivateKey;
-import java.security.Provider;
-import java.security.ProviderException;
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.crypto.BadPaddingException;
-import javax.crypto.Cipher;
-import javax.crypto.IllegalBlockSizeException;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
-import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
-import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
-import org.bouncycastle.operator.AsymmetricKeyUnwrapper;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.OperatorException;
-
-public class JceAsymmetricKeyUnwrapper
-    extends AsymmetricKeyUnwrapper
-{
-    private OperatorHelper helper = new OperatorHelper(new DefaultJcaJceHelper());
-    private Map extraMappings = new HashMap();
-    private PrivateKey privKey;
-    private boolean unwrappedKeyMustBeEncodable;
-
-    public JceAsymmetricKeyUnwrapper(AlgorithmIdentifier algorithmIdentifier, PrivateKey privKey)
-    {
-        super(algorithmIdentifier);
-
-        this.privKey = privKey;
-    }
-
-    public JceAsymmetricKeyUnwrapper setProvider(Provider provider)
-    {
-        this.helper = new OperatorHelper(new ProviderJcaJceHelper(provider));
-
-        return this;
-    }
-
-    public JceAsymmetricKeyUnwrapper setProvider(String providerName)
-    {
-        this.helper = new OperatorHelper(new NamedJcaJceHelper(providerName));
-
-        return this;
-    }
-
-    /**
-     * Flag that unwrapping must produce a key that will return a meaningful value from a call to Key.getEncoded().
-     * This is important if you are using a HSM for unwrapping and using a software based provider for
-     * with the unwrapped key. Default value: false.
-     *
-     * @param unwrappedKeyMustBeEncodable true if getEncoded() should return key bytes, false if not necessary.
-     * @return this recipient.
-     */
-    public JceAsymmetricKeyUnwrapper setMustProduceEncodableUnwrappedKey(boolean unwrappedKeyMustBeEncodable)
-    {
-        this.unwrappedKeyMustBeEncodable = unwrappedKeyMustBeEncodable;
-
-        return this;
-    }
-
-    /**
-     * Internally algorithm ids are converted into cipher names using a lookup table. For some providers
-     * the standard lookup table won't work. Use this method to establish a specific mapping from an
-     * algorithm identifier to a specific algorithm.
-     * <p>
-     *     For example:
-     * <pre>
-     *     unwrapper.setAlgorithmMapping(PKCSObjectIdentifiers.rsaEncryption, "RSA");
-     * </pre>
-     * @param algorithm  OID of algorithm in recipient.
-     * @param algorithmName JCE algorithm name to use.
-     * @return  the current Unwrapper.
-     */
-    public JceAsymmetricKeyUnwrapper setAlgorithmMapping(ASN1ObjectIdentifier algorithm, String algorithmName)
-    {
-        extraMappings.put(algorithm, algorithmName);
-
-        return this;
-    }
-
-    public GenericKey generateUnwrappedKey(AlgorithmIdentifier encryptedKeyAlgorithm, byte[] encryptedKey)
-        throws OperatorException
-    {
-        try
-        {
-            Key sKey = null;
-
-            Cipher keyCipher = helper.createAsymmetricWrapper(this.getAlgorithmIdentifier().getAlgorithm(), extraMappings);
-            AlgorithmParameters algParams = helper.createAlgorithmParameters(this.getAlgorithmIdentifier());
-
-            try
-            {
-                if (algParams != null)
-                {
-                    keyCipher.init(Cipher.UNWRAP_MODE, privKey, algParams);
-                }
-                else
-                {
-                    keyCipher.init(Cipher.UNWRAP_MODE, privKey);
-                }
-
-                sKey = keyCipher.unwrap(encryptedKey, helper.getKeyAlgorithmName(encryptedKeyAlgorithm.getAlgorithm()), Cipher.SECRET_KEY);
-
-                // check key will work with a software provider.
-                if (unwrappedKeyMustBeEncodable)
-                {
-                    try
-                    {
-                        byte[] keyBytes = sKey.getEncoded();
-
-                        if (keyBytes == null || keyBytes.length == 0)
-                        {
-                            sKey = null;
-                        }
-                    }
-                    catch (Exception e)
-                    {
-                        sKey = null; // try doing a decrypt
-                    }
-                }
-            }
-            catch (GeneralSecurityException e)
-            {   // try decrypt
-            }
-            catch (IllegalStateException e)
-            {   // try decrypt
-            }
-            catch (UnsupportedOperationException e)
-            {   // try decrypt
-            }
-            catch (ProviderException e)
-            {    // try decrypt
-            }
-
-            // some providers do not support UNWRAP (this appears to be only for asymmetric algorithms)
-            if (sKey == null)
-            {
-                keyCipher.init(Cipher.DECRYPT_MODE, privKey);
-                sKey = new SecretKeySpec(keyCipher.doFinal(encryptedKey), encryptedKeyAlgorithm.getAlgorithm().getId());
-            }
-
-            return new JceGenericKey(encryptedKeyAlgorithm, sKey);
-        }
-        catch (InvalidKeyException e)
-        {
-            throw new OperatorException("key invalid: " + e.getMessage(), e);
-        }
-        catch (IllegalBlockSizeException e)
-        {
-            throw new OperatorException("illegal blocksize: " + e.getMessage(), e);
-        }
-        catch (BadPaddingException e)
-        {
-            throw new OperatorException("bad padding: " + e.getMessage(), e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JceAsymmetricKeyWrapper.java b/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JceAsymmetricKeyWrapper.java
deleted file mode 100644
index 2f14c1f..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JceAsymmetricKeyWrapper.java
+++ /dev/null

@@ -1,339 +0,0 @@
-package org.bouncycastle.operator.jcajce;
-
-import java.security.AlgorithmParameters;
-import java.security.GeneralSecurityException;
-import java.security.InvalidKeyException;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.Provider;
-import java.security.ProviderException;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.cert.X509Certificate;
-import java.security.interfaces.ECPublicKey;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.MGF1ParameterSpec;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Set;
-
-import javax.crypto.Cipher;
-import javax.crypto.KeyAgreement;
-import javax.crypto.SecretKey;
-import javax.crypto.spec.OAEPParameterSpec;
-import javax.crypto.spec.PSource;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.Gost2814789EncryptedKey;
-import org.bouncycastle.asn1.cryptopro.GostR3410KeyTransport;
-import org.bouncycastle.asn1.cryptopro.GostR3410TransportParameters;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.RSAESOAEPparams;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.jcajce.spec.GOST28147WrapParameterSpec;
-import org.bouncycastle.jcajce.spec.UserKeyingMaterialSpec;
-import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
-import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
-import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
-import org.bouncycastle.operator.AsymmetricKeyWrapper;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.OperatorException;
-import org.bouncycastle.util.Arrays;
-
-public class JceAsymmetricKeyWrapper
-    extends AsymmetricKeyWrapper
-{
-    private static final Set gostAlgs = new HashSet();
-
-    static
-    {
-        gostAlgs.add(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_ESDH);
-        gostAlgs.add(CryptoProObjectIdentifiers.gostR3410_2001);
-        gostAlgs.add(RosstandartObjectIdentifiers.id_tc26_agreement_gost_3410_12_256);
-        gostAlgs.add(RosstandartObjectIdentifiers.id_tc26_agreement_gost_3410_12_512);
-        gostAlgs.add(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256);
-        gostAlgs.add(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512);
-    }
-
-    static boolean isGOST(ASN1ObjectIdentifier algorithm)
-    {
-        return gostAlgs.contains(algorithm);
-    }
-
-    private OperatorHelper helper = new OperatorHelper(new DefaultJcaJceHelper());
-    private Map extraMappings = new HashMap();
-    private PublicKey publicKey;
-    private SecureRandom random;
-
-    public JceAsymmetricKeyWrapper(PublicKey publicKey)
-    {
-        super(SubjectPublicKeyInfo.getInstance(publicKey.getEncoded()).getAlgorithm());
-
-        this.publicKey = publicKey;
-    }
-
-    public JceAsymmetricKeyWrapper(X509Certificate certificate)
-    {
-        this(certificate.getPublicKey());
-    }
-
-    /**
-     * Create a wrapper, overriding the algorithm type that is stored in the public key.
-     *
-     * @param algorithmIdentifier identifier for encryption algorithm to be used.
-     * @param publicKey the public key to be used.
-     */
-    public JceAsymmetricKeyWrapper(AlgorithmIdentifier algorithmIdentifier, PublicKey publicKey)
-    {
-        super(algorithmIdentifier);
-
-        this.publicKey = publicKey;
-    }
-
-    /**
-     * Create a wrapper, overriding the algorithm type that is stored in the public key.
-     *
-     * @param algorithmParameterSpec the parameterSpec for encryption algorithm to be used.
-     * @param publicKey the public key to be used.
-     */
-    public JceAsymmetricKeyWrapper(AlgorithmParameterSpec algorithmParameterSpec, PublicKey publicKey)
-    {
-        super(extractFromSpec(algorithmParameterSpec));
-
-        this.publicKey = publicKey;
-    }
-
-
-    public JceAsymmetricKeyWrapper setProvider(Provider provider)
-    {
-        this.helper = new OperatorHelper(new ProviderJcaJceHelper(provider));
-
-        return this;
-    }
-
-    public JceAsymmetricKeyWrapper setProvider(String providerName)
-    {
-        this.helper = new OperatorHelper(new NamedJcaJceHelper(providerName));
-
-        return this;
-    }
-
-    public JceAsymmetricKeyWrapper setSecureRandom(SecureRandom random)
-    {
-        this.random = random;
-
-        return this;
-    }
-
-    /**
-     * Internally algorithm ids are converted into cipher names using a lookup table. For some providers
-     * the standard lookup table won't work. Use this method to establish a specific mapping from an
-     * algorithm identifier to a specific algorithm.
-     * <p>
-     *     For example:
-     * <pre>
-     *     unwrapper.setAlgorithmMapping(PKCSObjectIdentifiers.rsaEncryption, "RSA");
-     * </pre>
-     * @param algorithm  OID of algorithm in recipient.
-     * @param algorithmName JCE algorithm name to use.
-     * @return the current Wrapper.
-     */
-    public JceAsymmetricKeyWrapper setAlgorithmMapping(ASN1ObjectIdentifier algorithm, String algorithmName)
-    {
-        extraMappings.put(algorithm, algorithmName);
-
-        return this;
-    }
-
-    public byte[] generateWrappedKey(GenericKey encryptionKey)
-        throws OperatorException
-    {
-        byte[] encryptedKeyBytes = null;
-
-        if (isGOST(getAlgorithmIdentifier().getAlgorithm()))
-        {
-            try
-            {
-                if (random == null)
-                {
-                    random = new SecureRandom();
-                }
-                KeyPairGenerator kpGen = helper.createKeyPairGenerator(getAlgorithmIdentifier().getAlgorithm());
-
-                kpGen.initialize(((ECPublicKey)publicKey).getParams(), random);
-
-                KeyPair ephKp = kpGen.generateKeyPair();
-
-                byte[] ukm = new byte[8];
-
-                random.nextBytes(ukm);
-
-                SubjectPublicKeyInfo ephKeyInfo = SubjectPublicKeyInfo.getInstance(ephKp.getPublic().getEncoded());
-
-                GostR3410TransportParameters transParams;
-
-                if (ephKeyInfo.getAlgorithm().getAlgorithm().on(RosstandartObjectIdentifiers.id_tc26))
-                {
-                    transParams = new GostR3410TransportParameters(
-                        RosstandartObjectIdentifiers.id_tc26_gost_28147_param_Z, ephKeyInfo, ukm);
-                }
-                else
-                {
-                    transParams = new GostR3410TransportParameters(
-                                CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_A_ParamSet, ephKeyInfo, ukm);
-                }
-
-                KeyAgreement agreement = helper.createKeyAgreement(getAlgorithmIdentifier().getAlgorithm());
-
-                agreement.init(ephKp.getPrivate(), new UserKeyingMaterialSpec(transParams.getUkm()));
-
-                agreement.doPhase(publicKey, true);
-
-                SecretKey key = agreement.generateSecret(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_KeyWrap.getId());
-      
-                byte[] encKey = OperatorUtils.getJceKey(encryptionKey).getEncoded();
-
-                Cipher keyCipher = helper.createCipher(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_KeyWrap);
-
-                keyCipher.init(Cipher.WRAP_MODE, key, new GOST28147WrapParameterSpec(transParams.getEncryptionParamSet(), transParams.getUkm()));
-
-                byte[] keyData = keyCipher.wrap(new SecretKeySpec(encKey, "GOST"));
-
-                GostR3410KeyTransport transport = new GostR3410KeyTransport(
-                                new Gost2814789EncryptedKey(
-                                    Arrays.copyOfRange(keyData, 0, 32), Arrays.copyOfRange(keyData, 32, 36)), transParams);
-
-                return transport.getEncoded();
-            }
-            catch (Exception e)
-            {
-                throw new OperatorException("exception wrapping key: " + e.getMessage(), e);
-            }
-        }
-        else
-        {
-            Cipher keyEncryptionCipher = helper.createAsymmetricWrapper(getAlgorithmIdentifier().getAlgorithm(), extraMappings);
-            AlgorithmParameters algParams = helper.createAlgorithmParameters(this.getAlgorithmIdentifier());
-
-            try
-            {
-                if (algParams != null)
-                {
-                    keyEncryptionCipher.init(Cipher.WRAP_MODE, publicKey, algParams, random);
-                }
-                else
-                {
-                    keyEncryptionCipher.init(Cipher.WRAP_MODE, publicKey, random);
-                }
-                encryptedKeyBytes = keyEncryptionCipher.wrap(OperatorUtils.getJceKey(encryptionKey));
-            }
-            catch (InvalidKeyException e)
-            {
-            }
-            catch (GeneralSecurityException e)
-            {
-            }
-            catch (IllegalStateException e)
-            {
-            }
-            catch (UnsupportedOperationException e)
-            {
-            }
-            catch (ProviderException e)
-            {
-            }
-
-            // some providers do not support WRAP (this appears to be only for asymmetric algorithms)
-            if (encryptedKeyBytes == null)
-            {
-                try
-                {
-                    keyEncryptionCipher.init(Cipher.ENCRYPT_MODE, publicKey, random);
-                    encryptedKeyBytes = keyEncryptionCipher.doFinal(OperatorUtils.getJceKey(encryptionKey).getEncoded());
-                }
-                catch (InvalidKeyException e)
-                {
-                    throw new OperatorException("unable to encrypt contents key", e);
-                }
-                catch (GeneralSecurityException e)
-                {
-                    throw new OperatorException("unable to encrypt contents key", e);
-                }
-            }
-        }
-
-        return encryptedKeyBytes;
-    }
-
-    private static AlgorithmIdentifier extractFromSpec(AlgorithmParameterSpec algorithmParameterSpec)
-    {
-        if (algorithmParameterSpec instanceof OAEPParameterSpec)
-        {
-            OAEPParameterSpec oaepSpec = (OAEPParameterSpec)algorithmParameterSpec;
-
-            if (oaepSpec.getMGFAlgorithm().equals(OAEPParameterSpec.DEFAULT.getMGFAlgorithm()))
-            {
-                if (oaepSpec.getPSource() instanceof PSource.PSpecified)
-                {
-                    return new AlgorithmIdentifier(PKCSObjectIdentifiers.id_RSAES_OAEP,
-                        new RSAESOAEPparams(getDigest(oaepSpec.getDigestAlgorithm()),
-                            new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, getDigest(((MGF1ParameterSpec)oaepSpec.getMGFParameters()).getDigestAlgorithm())),
-                            new AlgorithmIdentifier(PKCSObjectIdentifiers.id_pSpecified, new DEROctetString(((PSource.PSpecified)oaepSpec.getPSource()).getValue()))));
-                }
-                else
-                {
-                    throw new IllegalArgumentException("unknown PSource: " + oaepSpec.getPSource().getAlgorithm());
-                }
-            }
-            else
-            {
-                throw new IllegalArgumentException("unknown MGF: " + oaepSpec.getMGFAlgorithm());
-            }
-        }
-
-        throw new IllegalArgumentException("unknown spec: " + algorithmParameterSpec.getClass().getName());
-    }
-
-    private static final Map digests = new HashMap();
-
-    static
-    {
-        digests.put("SHA-1", new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE));
-        digests.put("SHA-1", new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE));
-        digests.put("SHA224", new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, DERNull.INSTANCE));
-        digests.put("SHA-224", new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, DERNull.INSTANCE));
-        digests.put("SHA256", new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, DERNull.INSTANCE));
-        digests.put("SHA-256", new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, DERNull.INSTANCE));
-        digests.put("SHA384", new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha384, DERNull.INSTANCE));
-        digests.put("SHA-384", new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha384, DERNull.INSTANCE));
-        digests.put("SHA512", new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512, DERNull.INSTANCE));
-        digests.put("SHA-512", new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512, DERNull.INSTANCE));
-        digests.put("SHA512/224", new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512_224, DERNull.INSTANCE));
-        digests.put("SHA-512/224", new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512_224, DERNull.INSTANCE));
-        digests.put("SHA-512(224)", new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512_224, DERNull.INSTANCE));
-        digests.put("SHA512/256", new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512_256, DERNull.INSTANCE));
-        digests.put("SHA-512/256", new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512_256, DERNull.INSTANCE));
-        digests.put("SHA-512(256)", new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512_256, DERNull.INSTANCE));
-    }
-
-    private static AlgorithmIdentifier getDigest(String digest)
-    {
-        AlgorithmIdentifier algId = (AlgorithmIdentifier)digests.get(digest);
-
-        if (algId != null)
-        {
-            return algId;
-        }
-
-        throw new IllegalArgumentException("unknown digest name: " + digest);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JceGenericKey.java b/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JceGenericKey.java
deleted file mode 100644
index efcbc3d..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JceGenericKey.java
+++ /dev/null

@@ -1,33 +0,0 @@
-package org.bouncycastle.operator.jcajce;
-
-import java.security.Key;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.operator.GenericKey;
-
-public class JceGenericKey
-    extends GenericKey
-{
-    /**
-     * Attempt to simplify the key representation if possible.
-     *
-     * @param key a provider based key
-     * @return the byte encoding if one exists, key object otherwise.
-     */
-    private static Object getRepresentation(Key key)
-    {
-        byte[] keyBytes = key.getEncoded();
-
-        if (keyBytes != null)
-        {
-            return keyBytes;
-        }
-
-        return key;
-    }
-
-    public JceGenericKey(AlgorithmIdentifier algorithmIdentifier, Key representation)
-    {
-        super(algorithmIdentifier, getRepresentation(representation));
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JceInputDecryptorProviderBuilder.java b/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JceInputDecryptorProviderBuilder.java
deleted file mode 100644
index e615b88..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JceInputDecryptorProviderBuilder.java
+++ /dev/null

@@ -1,113 +0,0 @@
-package org.bouncycastle.operator.jcajce;
-
-import java.io.InputStream;
-import java.security.Provider;
-
-import javax.crypto.Cipher;
-import javax.crypto.CipherInputStream;
-import javax.crypto.SecretKey;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.cryptopro.GOST28147Parameters;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec;
-import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
-import org.bouncycastle.jcajce.util.JcaJceHelper;
-import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
-import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
-import org.bouncycastle.operator.InputDecryptor;
-import org.bouncycastle.operator.InputDecryptorProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.util.Arrays;
-
-/**
- * A generic decryptor provider for IETF style algorithms.
- */
-public class JceInputDecryptorProviderBuilder
-{
-    private JcaJceHelper helper = new DefaultJcaJceHelper();
-
-    public JceInputDecryptorProviderBuilder()
-    {
-    }
-
-    public JceInputDecryptorProviderBuilder setProvider(Provider provider)
-    {
-        this.helper = new ProviderJcaJceHelper(provider);
-
-        return this;
-    }
-
-    public JceInputDecryptorProviderBuilder setProvider(String providerName)
-    {
-        this.helper = new NamedJcaJceHelper(providerName);
-
-        return this;
-    }
-
-    /**
-     * Build a decryptor provider which will use the passed in bytes for the symmetric key.
-     *
-     * @param keyBytes bytes representing the key to use.
-     * @return an decryptor provider.
-     */
-    public InputDecryptorProvider build(byte[] keyBytes)
-    {
-        final byte[] encKeyBytes = Arrays.clone(keyBytes);
-
-        return new InputDecryptorProvider()
-        {
-            private Cipher cipher;
-            private AlgorithmIdentifier encryptionAlg;
-
-            public InputDecryptor get(final AlgorithmIdentifier algorithmIdentifier)
-                throws OperatorCreationException
-            {
-                encryptionAlg = algorithmIdentifier;
-
-                ASN1ObjectIdentifier algorithm = algorithmIdentifier.getAlgorithm();
-
-                try
-                {
-                    cipher = helper.createCipher(algorithm.getId());
-                    SecretKey key = new SecretKeySpec(encKeyBytes, algorithm.getId());
-                    
-                    ASN1Encodable encParams = algorithmIdentifier.getParameters();
-
-                    if (encParams instanceof ASN1OctetString)
-                    {
-                        cipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(ASN1OctetString.getInstance(encParams).getOctets()));
-                    }
-                    else
-                    {
-                        // TODO: at the moment it's just GOST, but...
-                        GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams);
-
-                        cipher.init(Cipher.DECRYPT_MODE, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV()));
-                    }
-                }
-                catch (Exception e)
-                {
-                    throw new OperatorCreationException("unable to create InputDecryptor: " + e.getMessage(), e);
-                }
-
-                return new InputDecryptor()
-                {
-                    public AlgorithmIdentifier getAlgorithmIdentifier()
-                    {
-                        return encryptionAlg;
-                    }
-
-                    public InputStream getInputStream(InputStream input)
-                    {
-                        return new CipherInputStream(input, cipher);
-                    }
-                };
-            }
-        };
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JceKTSKeyUnwrapper.java b/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JceKTSKeyUnwrapper.java
deleted file mode 100644
index 3e19083..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JceKTSKeyUnwrapper.java
+++ /dev/null

@@ -1,82 +0,0 @@
-package org.bouncycastle.operator.jcajce;
-
-import java.security.Key;
-import java.security.PrivateKey;
-import java.security.Provider;
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.crypto.Cipher;
-
-import org.bouncycastle.asn1.cms.GenericHybridParameters;
-import org.bouncycastle.asn1.cms.RsaKemParameters;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.util.DEROtherInfo;
-import org.bouncycastle.jcajce.spec.KTSParameterSpec;
-import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
-import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
-import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
-import org.bouncycastle.operator.AsymmetricKeyUnwrapper;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.OperatorException;
-import org.bouncycastle.util.Arrays;
-
-public class JceKTSKeyUnwrapper
-    extends AsymmetricKeyUnwrapper
-{
-    private OperatorHelper helper = new OperatorHelper(new DefaultJcaJceHelper());
-    private Map extraMappings = new HashMap();
-    private PrivateKey privKey;
-    private byte[] partyUInfo;
-    private byte[] partyVInfo;
-
-    public JceKTSKeyUnwrapper(AlgorithmIdentifier algorithmIdentifier, PrivateKey privKey, byte[] partyUInfo, byte[] partyVInfo)
-    {
-        super(algorithmIdentifier);
-
-        this.privKey = privKey;
-        this.partyUInfo = Arrays.clone(partyUInfo);
-        this.partyVInfo = Arrays.clone(partyVInfo);
-    }
-
-    public JceKTSKeyUnwrapper setProvider(Provider provider)
-    {
-        this.helper = new OperatorHelper(new ProviderJcaJceHelper(provider));
-
-        return this;
-    }
-
-    public JceKTSKeyUnwrapper setProvider(String providerName)
-    {
-        this.helper = new OperatorHelper(new NamedJcaJceHelper(providerName));
-
-        return this;
-    }
-
-    public GenericKey generateUnwrappedKey(AlgorithmIdentifier encryptedKeyAlgorithm, byte[] encryptedKey)
-        throws OperatorException
-    {
-        GenericHybridParameters params = GenericHybridParameters.getInstance(this.getAlgorithmIdentifier().getParameters());
-        Cipher keyCipher = helper.createAsymmetricWrapper(this.getAlgorithmIdentifier().getAlgorithm(), extraMappings);
-        String symmetricWrappingAlg = helper.getWrappingAlgorithmName(params.getDem().getAlgorithm());
-        RsaKemParameters kemParameters = RsaKemParameters.getInstance(params.getKem().getParameters());
-        int keySizeInBits = kemParameters.getKeyLength().intValue() * 8;
-        Key sKey;
-
-        try
-        {
-            DEROtherInfo otherInfo = new DEROtherInfo.Builder(params.getDem(), partyUInfo, partyVInfo).build();
-            KTSParameterSpec ktsSpec = new KTSParameterSpec.Builder(symmetricWrappingAlg, keySizeInBits, otherInfo.getEncoded()).withKdfAlgorithm(kemParameters.getKeyDerivationFunction()).build();
-
-            keyCipher.init(Cipher.UNWRAP_MODE, privKey, ktsSpec);
-
-            sKey = keyCipher.unwrap(encryptedKey, helper.getKeyAlgorithmName(encryptedKeyAlgorithm.getAlgorithm()), Cipher.SECRET_KEY);
-        }
-        catch (Exception e)
-        {
-            throw new OperatorException("Unable to unwrap contents key: " + e.getMessage(), e);
-        }
-
-        return new JceGenericKey(encryptedKeyAlgorithm, sKey);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JceKTSKeyWrapper.java b/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JceKTSKeyWrapper.java
deleted file mode 100644
index 6319440..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JceKTSKeyWrapper.java
+++ /dev/null

@@ -1,96 +0,0 @@
-package org.bouncycastle.operator.jcajce;
-
-import java.security.Provider;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.cert.X509Certificate;
-import java.util.HashMap;
-
-import javax.crypto.Cipher;
-
-import org.bouncycastle.asn1.cms.GenericHybridParameters;
-import org.bouncycastle.asn1.cms.RsaKemParameters;
-import org.bouncycastle.asn1.iso.ISOIECObjectIdentifiers;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-import org.bouncycastle.crypto.util.DEROtherInfo;
-import org.bouncycastle.jcajce.spec.KTSParameterSpec;
-import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
-import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
-import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
-import org.bouncycastle.operator.AsymmetricKeyWrapper;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.OperatorException;
-import org.bouncycastle.util.Arrays;
-
-public class JceKTSKeyWrapper
-    extends AsymmetricKeyWrapper
-{
-    private final String symmetricWrappingAlg;
-    private final int keySizeInBits;
-    private final byte[] partyUInfo;
-    private final byte[] partyVInfo;
-
-    private OperatorHelper helper = new OperatorHelper(new DefaultJcaJceHelper());
-    private PublicKey publicKey;
-    private SecureRandom random;
-
-    public JceKTSKeyWrapper(PublicKey publicKey, String symmetricWrappingAlg, int keySizeInBits, byte[] partyUInfo, byte[] partyVInfo)
-    {
-        super(new AlgorithmIdentifier(PKCSObjectIdentifiers.id_rsa_KEM, new GenericHybridParameters(new AlgorithmIdentifier(ISOIECObjectIdentifiers.id_kem_rsa, new RsaKemParameters(new AlgorithmIdentifier(X9ObjectIdentifiers.id_kdf_kdf3, new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256)), (keySizeInBits + 7) / 8)), JceSymmetricKeyWrapper.determineKeyEncAlg(symmetricWrappingAlg, keySizeInBits))));
-
-        this.publicKey = publicKey;
-        this.symmetricWrappingAlg = symmetricWrappingAlg;
-        this.keySizeInBits = keySizeInBits;
-        this.partyUInfo = Arrays.clone(partyUInfo);
-        this.partyVInfo = Arrays.clone(partyVInfo);
-    }
-
-    public JceKTSKeyWrapper(X509Certificate certificate, String symmetricWrappingAlg, int keySizeInBits, byte[] partyUInfo, byte[] partyVInfo)
-    {
-        this(certificate.getPublicKey(), symmetricWrappingAlg, keySizeInBits, partyUInfo, partyVInfo);
-    }
-
-    public JceKTSKeyWrapper setProvider(Provider provider)
-    {
-        this.helper = new OperatorHelper(new ProviderJcaJceHelper(provider));
-
-        return this;
-    }
-
-    public JceKTSKeyWrapper setProvider(String providerName)
-    {
-        this.helper = new OperatorHelper(new NamedJcaJceHelper(providerName));
-
-        return this;
-    }
-
-    public JceKTSKeyWrapper setSecureRandom(SecureRandom random)
-    {
-        this.random = random;
-
-        return this;
-    }
-
-    public byte[] generateWrappedKey(GenericKey encryptionKey)
-        throws OperatorException
-    {
-        Cipher keyEncryptionCipher = helper.createAsymmetricWrapper(getAlgorithmIdentifier().getAlgorithm(), new HashMap());
-
-        try
-        {
-            DEROtherInfo otherInfo = new DEROtherInfo.Builder(JceSymmetricKeyWrapper.determineKeyEncAlg(symmetricWrappingAlg, keySizeInBits), partyUInfo, partyVInfo).build();
-            KTSParameterSpec ktsSpec = new KTSParameterSpec.Builder(symmetricWrappingAlg, keySizeInBits, otherInfo.getEncoded()).build();
-
-            keyEncryptionCipher.init(Cipher.WRAP_MODE, publicKey, ktsSpec, random);
-
-            return keyEncryptionCipher.wrap(OperatorUtils.getJceKey(encryptionKey));
-        }
-        catch (Exception e)
-        {
-            throw new OperatorException("Unable to wrap contents key: " + e.getMessage(), e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JceSymmetricKeyUnwrapper.java b/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JceSymmetricKeyUnwrapper.java
deleted file mode 100644
index b2c9cd3..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JceSymmetricKeyUnwrapper.java
+++ /dev/null

@@ -1,65 +0,0 @@
-package org.bouncycastle.operator.jcajce;
-
-import java.security.InvalidKeyException;
-import java.security.NoSuchAlgorithmException;
-import java.security.Provider;
-
-import javax.crypto.Cipher;
-import javax.crypto.SecretKey;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
-import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
-import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.OperatorException;
-import org.bouncycastle.operator.SymmetricKeyUnwrapper;
-
-public class JceSymmetricKeyUnwrapper
-    extends SymmetricKeyUnwrapper
-{
-    private OperatorHelper helper = new OperatorHelper(new DefaultJcaJceHelper());
-    private SecretKey secretKey;
-
-    public JceSymmetricKeyUnwrapper(AlgorithmIdentifier algorithmIdentifier, SecretKey secretKey)
-    {
-        super(algorithmIdentifier);
-
-        this.secretKey = secretKey;
-    }
-
-    public JceSymmetricKeyUnwrapper setProvider(Provider provider)
-    {
-        this.helper = new OperatorHelper(new ProviderJcaJceHelper(provider));
-
-        return this;
-    }
-
-    public JceSymmetricKeyUnwrapper setProvider(String providerName)
-    {
-        this.helper = new OperatorHelper(new NamedJcaJceHelper(providerName));
-
-        return this;
-    }
-
-    public GenericKey generateUnwrappedKey(AlgorithmIdentifier encryptedKeyAlgorithm, byte[] encryptedKey)
-        throws OperatorException
-    {
-        try
-        {
-            Cipher keyCipher = helper.createSymmetricWrapper(this.getAlgorithmIdentifier().getAlgorithm());
-
-            keyCipher.init(Cipher.UNWRAP_MODE, secretKey);
-
-            return new JceGenericKey(encryptedKeyAlgorithm, keyCipher.unwrap(encryptedKey, helper.getKeyAlgorithmName(encryptedKeyAlgorithm.getAlgorithm()), Cipher.SECRET_KEY));
-        }
-        catch (InvalidKeyException e)
-        {
-            throw new OperatorException("key invalid in message.", e);
-        }
-        catch (NoSuchAlgorithmException e)
-        {
-            throw new OperatorException("can't find algorithm.", e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JceSymmetricKeyWrapper.java b/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JceSymmetricKeyWrapper.java
deleted file mode 100644
index 18dabce..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/JceSymmetricKeyWrapper.java
+++ /dev/null

@@ -1,155 +0,0 @@
-package org.bouncycastle.operator.jcajce;
-
-import java.security.GeneralSecurityException;
-import java.security.Key;
-import java.security.Provider;
-import java.security.SecureRandom;
-
-import javax.crypto.Cipher;
-import javax.crypto.SecretKey;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.kisa.KISAObjectIdentifiers;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
-import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
-import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.OperatorException;
-import org.bouncycastle.operator.SymmetricKeyWrapper;
-
-public class JceSymmetricKeyWrapper
-    extends SymmetricKeyWrapper
-{
-    private OperatorHelper helper = new OperatorHelper(new DefaultJcaJceHelper());
-    private SecureRandom random;
-    private SecretKey wrappingKey;
-
-    public JceSymmetricKeyWrapper(SecretKey wrappingKey)
-    {
-        super(determineKeyEncAlg(wrappingKey));
-
-        this.wrappingKey = wrappingKey;
-    }
-
-    public JceSymmetricKeyWrapper setProvider(Provider provider)
-    {
-        this.helper = new OperatorHelper(new ProviderJcaJceHelper(provider));
-
-        return this;
-    }
-
-    public JceSymmetricKeyWrapper setProvider(String providerName)
-    {
-        this.helper = new OperatorHelper(new NamedJcaJceHelper(providerName));
-
-        return this;
-    }
-
-    public JceSymmetricKeyWrapper setSecureRandom(SecureRandom random)
-    {
-        this.random = random;
-
-        return this;
-    }
-
-    public byte[] generateWrappedKey(GenericKey encryptionKey)
-        throws OperatorException
-    {
-        Key contentEncryptionKeySpec = OperatorUtils.getJceKey(encryptionKey);
-
-        Cipher keyEncryptionCipher = helper.createSymmetricWrapper(this.getAlgorithmIdentifier().getAlgorithm());
-
-        try
-        {
-            keyEncryptionCipher.init(Cipher.WRAP_MODE, wrappingKey, random);
-
-            return keyEncryptionCipher.wrap(contentEncryptionKeySpec);
-        }
-        catch (GeneralSecurityException e)
-        {
-            throw new OperatorException("cannot wrap key: " + e.getMessage(), e);
-        }
-    }
-
-    private static AlgorithmIdentifier determineKeyEncAlg(SecretKey key)
-    {
-        return determineKeyEncAlg(key.getAlgorithm(), key.getEncoded().length * 8);
-    }
-
-    static AlgorithmIdentifier determineKeyEncAlg(String algorithm, int keySizeInBits)
-    {
-        if (algorithm.startsWith("DES") || algorithm.startsWith("TripleDES"))
-        {
-            return new AlgorithmIdentifier(PKCSObjectIdentifiers.id_alg_CMS3DESwrap, DERNull.INSTANCE);
-        }
-        else if (algorithm.startsWith("RC2"))
-        {
-            return new AlgorithmIdentifier(new ASN1ObjectIdentifier(
-                    "1.2.840.113549.1.9.16.3.7"), new ASN1Integer(58));
-        }
-        else if (algorithm.startsWith("AES"))
-        {
-            ASN1ObjectIdentifier wrapOid;
-
-            if (keySizeInBits == 128)
-            {
-                wrapOid = NISTObjectIdentifiers.id_aes128_wrap;
-            }
-            else if (keySizeInBits == 192)
-            {
-                wrapOid = NISTObjectIdentifiers.id_aes192_wrap;
-            }
-            else if (keySizeInBits == 256)
-            {
-                wrapOid = NISTObjectIdentifiers.id_aes256_wrap;
-            }
-            else
-            {
-                throw new IllegalArgumentException("illegal keysize in AES");
-            }
-
-            return new AlgorithmIdentifier(wrapOid); // parameters absent
-        }
-        else if (algorithm.startsWith("SEED"))
-        {
-            // parameters absent
-            return new AlgorithmIdentifier(
-                    KISAObjectIdentifiers.id_npki_app_cmsSeed_wrap);
-        }
-        else if (algorithm.startsWith("Camellia"))
-        {
-            ASN1ObjectIdentifier wrapOid;
-
-            if (keySizeInBits == 128)
-            {
-                wrapOid = NTTObjectIdentifiers.id_camellia128_wrap;
-            }
-            else if (keySizeInBits == 192)
-            {
-                wrapOid = NTTObjectIdentifiers.id_camellia192_wrap;
-            }
-            else if (keySizeInBits == 256)
-            {
-                wrapOid = NTTObjectIdentifiers.id_camellia256_wrap;
-            }
-            else
-            {
-                throw new IllegalArgumentException(
-                        "illegal keysize in Camellia");
-            }
-
-            return new AlgorithmIdentifier(wrapOid); // parameters must be
-                                                     // absent
-        }
-        else
-        {
-            throw new IllegalArgumentException("unknown algorithm");
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/OperatorHelper.java b/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/OperatorHelper.java
index 23e4d3b..6e6f0a6 100644
--- a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/OperatorHelper.java
+++ b/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/OperatorHelper.java

@@ -27,17 +27,18 @@
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
 import org.bouncycastle.asn1.ASN1Sequence;
 import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
 import org.bouncycastle.asn1.kisa.KISAObjectIdentifiers;
 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
 import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.RSASSAPSSparams;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+// import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
 import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
@@ -67,6 +68,8 @@
         oids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256WITHRSA");
         oids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384WITHRSA");
         oids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512WITHRSA");
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410");
         oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410");
         oids.put(RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256, "GOST3411-2012-256WITHECGOST3410-2012-256");
@@ -82,9 +85,13 @@
         oids.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_256, "SHA256WITHCVC-ECDSA");
         oids.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_384, "SHA384WITHCVC-ECDSA");
         oids.put(EACObjectIdentifiers.id_TA_ECDSA_SHA_512, "SHA512WITHCVC-ECDSA");
+        */
+        // END Android-removed: Unsupported algorithms
 
         oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"), "MD5WITHRSA");
-        oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA");
+        // BEGIN Android-removed: Unsupported algorithms
+        // oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA");
+        // END Android-removed: Unsupported algorithms
         oids.put(new ASN1ObjectIdentifier("1.2.840.10040.4.3"), "SHA1WITHDSA");
         oids.put(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1WITHECDSA");
         oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA");
@@ -101,13 +108,18 @@
         oids.put(NISTObjectIdentifiers.id_sha256, "SHA256");
         oids.put(NISTObjectIdentifiers.id_sha384, "SHA384");
         oids.put(NISTObjectIdentifiers.id_sha512, "SHA512");
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         oids.put(TeleTrusTObjectIdentifiers.ripemd128, "RIPEMD128");
         oids.put(TeleTrusTObjectIdentifiers.ripemd160, "RIPEMD160");
         oids.put(TeleTrusTObjectIdentifiers.ripemd256, "RIPEMD256");
+        */
+        // END Android-removed: Unsupported algorithms
 
         asymmetricWrapperAlgNames.put(PKCSObjectIdentifiers.rsaEncryption, "RSA/ECB/PKCS1Padding");
 
-        asymmetricWrapperAlgNames.put(CryptoProObjectIdentifiers.gostR3410_2001, "ECGOST3410");
+        // Android-removed: Unsupported algorithms
+        // asymmetricWrapperAlgNames.put(CryptoProObjectIdentifiers.gostR3410_2001, "ECGOST3410");
 
         symmetricWrapperAlgNames.put(PKCSObjectIdentifiers.id_alg_CMS3DESwrap, "DESEDEWrap");
         symmetricWrapperAlgNames.put(PKCSObjectIdentifiers.id_alg_CMSRC2wrap, "RC2Wrap");

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/OperatorUtils.java b/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/OperatorUtils.java
deleted file mode 100644
index 6c41d96..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/jcajce/OperatorUtils.java
+++ /dev/null

@@ -1,25 +0,0 @@
-package org.bouncycastle.operator.jcajce;
-
-import java.security.Key;
-
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.operator.GenericKey;
-
-class OperatorUtils
-{
-    static Key getJceKey(GenericKey key)
-    {
-        if (key.getRepresentation() instanceof Key)
-        {
-            return (Key)key.getRepresentation();
-        }
-
-        if (key.getRepresentation() instanceof byte[])
-        {
-            return new SecretKeySpec((byte[])key.getRepresentation(), "ENC");
-        }
-
-        throw new IllegalArgumentException("unknown generic key type");
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/package.html b/bcpkix/src/main/java/org/bouncycastle/operator/package.html
deleted file mode 100644
index 241c05b..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Basic operator definitions for doing encryption, signing, and digest operations.
-</body>
-</html>

diff --git a/bcpkix/src/main/java/org/bouncycastle/operator/test/AllTests.java b/bcpkix/src/main/java/org/bouncycastle/operator/test/AllTests.java
deleted file mode 100644
index d341015..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/operator/test/AllTests.java
+++ /dev/null

@@ -1,104 +0,0 @@
-package org.bouncycastle.operator.test;
-
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.Security;
-import java.security.spec.MGF1ParameterSpec;
-
-import javax.crypto.spec.OAEPParameterSpec;
-import javax.crypto.spec.PSource;
-
-import junit.framework.Assert;
-import junit.framework.TestCase;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.RSAESOAEPparams;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.operator.AlgorithmNameFinder;
-import org.bouncycastle.operator.DefaultAlgorithmNameFinder;
-import org.bouncycastle.operator.jcajce.JceAsymmetricKeyWrapper;
-import org.bouncycastle.util.encoders.Hex;
-
-public class AllTests
-    extends TestCase
-{
-    private static final byte[] TEST_DATA = "Hello world!".getBytes();
-    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
-    private static final String TEST_DATA_HOME = "bc.test.data.home";
-
-    public void setUp()
-    {
-        if (Security.getProvider(BC) == null)
-        {
-            Security.addProvider(new BouncyCastleProvider());
-        }
-    }
-
-    public void testAlgorithmNameFinder()
-        throws Exception
-    {
-        AlgorithmNameFinder nameFinder = new DefaultAlgorithmNameFinder();
-
-        assertTrue(nameFinder.hasAlgorithmName(OIWObjectIdentifiers.elGamalAlgorithm));
-        assertFalse(nameFinder.hasAlgorithmName(Extension.authorityKeyIdentifier));
-
-        assertEquals(nameFinder.getAlgorithmName(OIWObjectIdentifiers.elGamalAlgorithm), "ELGAMAL");
-        assertEquals(nameFinder.getAlgorithmName(PKCSObjectIdentifiers.rsaEncryption), "RSA");
-        assertEquals(nameFinder.getAlgorithmName(PKCSObjectIdentifiers.id_RSAES_OAEP), "RSAOAEP");
-        assertEquals(nameFinder.getAlgorithmName(PKCSObjectIdentifiers.md5), "MD5");
-        assertEquals(nameFinder.getAlgorithmName(OIWObjectIdentifiers.idSHA1), "SHA1");
-        assertEquals(nameFinder.getAlgorithmName(NISTObjectIdentifiers.id_sha224), "SHA224");
-        assertEquals(nameFinder.getAlgorithmName(NISTObjectIdentifiers.id_sha256), "SHA256");
-        assertEquals(nameFinder.getAlgorithmName(NISTObjectIdentifiers.id_sha384), "SHA384");
-        assertEquals(nameFinder.getAlgorithmName(NISTObjectIdentifiers.id_sha512), "SHA512");
-        assertEquals(nameFinder.getAlgorithmName(PKCSObjectIdentifiers.sha512WithRSAEncryption), "SHA512WITHRSA");
-        assertEquals(nameFinder.getAlgorithmName(PKCSObjectIdentifiers.id_RSASSA_PSS), "RSAPSS");
-        assertEquals(nameFinder.getAlgorithmName(TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160), "RIPEMD160WITHRSA");
-        assertEquals(nameFinder.getAlgorithmName(new AlgorithmIdentifier(OIWObjectIdentifiers.elGamalAlgorithm, DERNull.INSTANCE)), "ELGAMAL");
-        assertEquals(nameFinder.getAlgorithmName(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE)), "RSA");
-
-        assertEquals(nameFinder.getAlgorithmName(Extension.authorityKeyIdentifier), Extension.authorityKeyIdentifier.getId());
-    }
-
-    public void testOaepWrap()
-        throws Exception
-    {
-        KeyPairGenerator kGen = KeyPairGenerator.getInstance("RSA", BC);
-
-        kGen.initialize(2048);
-
-        KeyPair kp = kGen.generateKeyPair();
-
-        checkAlgorithmId(kp, "SHA-1", OIWObjectIdentifiers.idSHA1);
-        checkAlgorithmId(kp, "SHA-224", NISTObjectIdentifiers.id_sha224);
-        checkAlgorithmId(kp, "SHA-256", NISTObjectIdentifiers.id_sha256);
-        checkAlgorithmId(kp, "SHA-384", NISTObjectIdentifiers.id_sha384);
-        checkAlgorithmId(kp, "SHA-512", NISTObjectIdentifiers.id_sha512);
-        checkAlgorithmId(kp, "SHA-512/224", NISTObjectIdentifiers.id_sha512_224);
-        checkAlgorithmId(kp, "SHA-512/256", NISTObjectIdentifiers.id_sha512_256);
-        checkAlgorithmId(kp, "SHA-512(224)", NISTObjectIdentifiers.id_sha512_224);
-        checkAlgorithmId(kp, "SHA-512(256)", NISTObjectIdentifiers.id_sha512_256);
-    }
-
-    private void checkAlgorithmId(KeyPair kp, String digest, ASN1ObjectIdentifier digestOid)
-    {
-        JceAsymmetricKeyWrapper wrapper = new JceAsymmetricKeyWrapper(
-            new OAEPParameterSpec(digest, "MGF1", new MGF1ParameterSpec(digest), new PSource.PSpecified(Hex.decode("beef"))),
-            kp.getPublic()).setProvider(BC);
-
-        Assert.assertEquals(PKCSObjectIdentifiers.id_RSAES_OAEP, wrapper.getAlgorithmIdentifier().getAlgorithm());
-        RSAESOAEPparams oaepParams = RSAESOAEPparams.getInstance(wrapper.getAlgorithmIdentifier().getParameters());
-        Assert.assertEquals(digestOid, oaepParams.getHashAlgorithm().getAlgorithm());
-        Assert.assertEquals(PKCSObjectIdentifiers.id_mgf1, oaepParams.getMaskGenAlgorithm().getAlgorithm());
-        Assert.assertEquals(new AlgorithmIdentifier(digestOid, DERNull.INSTANCE), oaepParams.getMaskGenAlgorithm().getParameters());
-        Assert.assertEquals(PKCSObjectIdentifiers.id_pSpecified, oaepParams.getPSourceAlgorithm().getAlgorithm());
-        Assert.assertEquals(new DEROctetString(Hex.decode("beef")), oaepParams.getPSourceAlgorithm().getParameters());
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/MacDataGenerator.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/MacDataGenerator.java
deleted file mode 100644
index 7b9daa8..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/MacDataGenerator.java
+++ /dev/null

@@ -1,49 +0,0 @@
-package org.bouncycastle.pkcs;
-
-
-import java.io.IOException;
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.pkcs.MacData;
-import org.bouncycastle.asn1.pkcs.PKCS12PBEParams;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.DigestInfo;
-import org.bouncycastle.operator.MacCalculator;
-
-class MacDataGenerator
-{
-    private PKCS12MacCalculatorBuilder builder;
-
-    MacDataGenerator(PKCS12MacCalculatorBuilder builder)
-    {
-        this.builder = builder;
-    }
-
-    public MacData build(char[] password, byte[] data)
-        throws PKCSException
-    {
-        MacCalculator     macCalculator;
-
-        try
-        {
-            macCalculator = builder.build(password);
-
-            OutputStream out = macCalculator.getOutputStream();
-
-            out.write(data);
-
-            out.close();
-        }
-        catch (Exception e)
-        {
-            throw new PKCSException("unable to process data: " + e.getMessage(), e);
-        }
-
-        AlgorithmIdentifier algId = macCalculator.getAlgorithmIdentifier();
-
-        DigestInfo dInfo = new DigestInfo(builder.getDigestAlgorithmIdentifier(), macCalculator.getMac());
-        PKCS12PBEParams params = PKCS12PBEParams.getInstance(algId.getParameters());
-
-        return new MacData(dInfo, params.getIV(), params.getIterations().intValue());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS10CertificationRequest.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS10CertificationRequest.java
deleted file mode 100644
index d32e206..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS10CertificationRequest.java
+++ /dev/null

@@ -1,236 +0,0 @@
-package org.bouncycastle.pkcs;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.util.ArrayList;
-import java.util.List;
-
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.pkcs.Attribute;
-import org.bouncycastle.asn1.pkcs.CertificationRequest;
-import org.bouncycastle.asn1.pkcs.CertificationRequestInfo;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.operator.ContentVerifier;
-import org.bouncycastle.operator.ContentVerifierProvider;
-
-/**
- * Holding class for a PKCS#10 certification request.
- */
-public class PKCS10CertificationRequest
-{
-    private static Attribute[] EMPTY_ARRAY = new Attribute[0];
-
-    private CertificationRequest certificationRequest;
-
-    private static CertificationRequest parseBytes(byte[] encoding)
-        throws IOException
-    {
-        try
-        {
-            return CertificationRequest.getInstance(ASN1Primitive.fromByteArray(encoding));
-        }
-        catch (ClassCastException e)
-        {
-            throw new PKCSIOException("malformed data: " + e.getMessage(), e);
-        }
-        catch (IllegalArgumentException e)
-        {
-            throw new PKCSIOException("malformed data: " + e.getMessage(), e);
-        }
-    }
-
-    /**
-     * Create a PKCS10CertificationRequestHolder from an underlying ASN.1 structure.
-     *
-     * @param certificationRequest the underlying ASN.1 structure representing a request.
-     */
-    public PKCS10CertificationRequest(CertificationRequest certificationRequest)
-    {
-         this.certificationRequest = certificationRequest;
-    }
-
-    /**
-     * Create a PKCS10CertificationRequestHolder from the passed in bytes.
-     *
-     * @param encoded BER/DER encoding of the CertificationRequest structure.
-     * @throws IOException in the event of corrupted data, or an incorrect structure.
-     */
-    public PKCS10CertificationRequest(byte[] encoded)
-        throws IOException
-    {
-        this(parseBytes(encoded));
-    }
-
-    /**
-     * Return the underlying ASN.1 structure for this request.
-     *
-     * @return a CertificateRequest object.
-     */
-    public CertificationRequest toASN1Structure()
-    {
-         return certificationRequest;
-    }
-
-    /**
-     * Return the subject on this request.
-     *
-     * @return the X500Name representing the request's subject.
-     */
-    public X500Name getSubject()
-    {
-        return X500Name.getInstance(certificationRequest.getCertificationRequestInfo().getSubject());
-    }
-
-    /**
-     * Return the details of the signature algorithm used to create this request.
-     *
-     * @return the AlgorithmIdentifier describing the signature algorithm used to create this request.
-     */
-    public AlgorithmIdentifier getSignatureAlgorithm()
-    {
-        return certificationRequest.getSignatureAlgorithm();
-    }
-
-    /**
-     * Return the bytes making up the signature associated with this request.
-     *
-     * @return the request signature bytes.
-     */
-    public byte[] getSignature()
-    {
-        return certificationRequest.getSignature().getOctets();
-    }
-
-    /**
-     * Return the SubjectPublicKeyInfo describing the public key this request is carrying.
-     *
-     * @return the public key ASN.1 structure contained in the request.
-     */
-    public SubjectPublicKeyInfo getSubjectPublicKeyInfo()
-    {
-        return certificationRequest.getCertificationRequestInfo().getSubjectPublicKeyInfo();
-    }
-
-    /**
-     * Return the attributes, if any associated with this request.
-     *
-     * @return an array of Attribute, zero length if none present.
-     */
-    public Attribute[] getAttributes()
-    {
-        ASN1Set attrSet = certificationRequest.getCertificationRequestInfo().getAttributes();
-
-        if (attrSet == null)
-        {
-            return EMPTY_ARRAY;
-        }
-
-        Attribute[] attrs = new Attribute[attrSet.size()];
-
-        for (int i = 0; i != attrSet.size(); i++)
-        {
-            attrs[i] = Attribute.getInstance(attrSet.getObjectAt(i));
-        }
-
-        return attrs;
-    }
-
-    /**
-     * Return an  array of attributes matching the passed in type OID.
-     *
-     * @param type the type of the attribute being looked for.
-     * @return an array of Attribute of the requested type, zero length if none present.
-     */
-    public Attribute[] getAttributes(ASN1ObjectIdentifier type)
-    {
-        ASN1Set    attrSet = certificationRequest.getCertificationRequestInfo().getAttributes();
-
-        if (attrSet == null)
-        {
-            return EMPTY_ARRAY;
-        }
-        
-        List list = new ArrayList();
-
-        for (int i = 0; i != attrSet.size(); i++)
-        {
-            Attribute attr = Attribute.getInstance(attrSet.getObjectAt(i));
-            if (attr.getAttrType().equals(type))
-            {
-                list.add(attr);
-            }
-        }
-
-        if (list.size() == 0)
-        {
-            return EMPTY_ARRAY;
-        }
-
-        return (Attribute[])list.toArray(new Attribute[list.size()]);
-    }
-
-    public byte[] getEncoded()
-        throws IOException
-    {
-        return certificationRequest.getEncoded();
-    }
-
-    /**
-     * Validate the signature on the PKCS10 certification request in this holder.
-     *
-     * @param verifierProvider a ContentVerifierProvider that can generate a verifier for the signature.
-     * @return true if the signature is valid, false otherwise.
-     * @throws PKCSException if the signature cannot be processed or is inappropriate.
-     */
-    public boolean isSignatureValid(ContentVerifierProvider verifierProvider)
-        throws PKCSException
-    {
-        CertificationRequestInfo requestInfo = certificationRequest.getCertificationRequestInfo();
-
-        ContentVerifier verifier;
-
-        try
-        {
-            verifier = verifierProvider.get(certificationRequest.getSignatureAlgorithm());
-
-            OutputStream sOut = verifier.getOutputStream();
-
-            sOut.write(requestInfo.getEncoded(ASN1Encoding.DER));
-
-            sOut.close();
-        }
-        catch (Exception e)
-        {
-            throw new PKCSException("unable to process signature: " + e.getMessage(), e);
-        }
-
-        return verifier.verify(this.getSignature());
-    }
-
-    public boolean equals(Object o)
-    {
-        if (o == this)
-        {
-            return true;
-        }
-
-        if (!(o instanceof PKCS10CertificationRequest))
-        {
-            return false;
-        }
-
-        PKCS10CertificationRequest other = (PKCS10CertificationRequest)o;
-
-        return this.toASN1Structure().equals(other.toASN1Structure());
-    }
-
-    public int hashCode()
-    {
-        return this.toASN1Structure().hashCode();
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS10CertificationRequestBuilder.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS10CertificationRequestBuilder.java
deleted file mode 100644
index dd48195..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS10CertificationRequestBuilder.java
+++ /dev/null

@@ -1,209 +0,0 @@
-package org.bouncycastle.pkcs;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.util.ArrayList;
-import java.util.Iterator;
-import java.util.List;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.pkcs.Attribute;
-import org.bouncycastle.asn1.pkcs.CertificationRequest;
-import org.bouncycastle.asn1.pkcs.CertificationRequestInfo;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.operator.ContentSigner;
-
-/**
- * A class for creating PKCS#10 Certification requests.
- * <pre>
- * CertificationRequest ::= SEQUENCE {
- *   certificationRequestInfo  CertificationRequestInfo,
- *   signatureAlgorithm        AlgorithmIdentifier{{ SignatureAlgorithms }},
- *   signature                 BIT STRING
- * }
- *
- * CertificationRequestInfo ::= SEQUENCE {
- *   version             INTEGER { v1(0) } (v1,...),
- *   subject             Name,
- *   subjectPKInfo   SubjectPublicKeyInfo{{ PKInfoAlgorithms }},
- *   attributes          [0] Attributes{{ CRIAttributes }}
- *  }
- *
- *  Attributes { ATTRIBUTE:IOSet } ::= SET OF Attribute{{ IOSet }}
- *
- *  Attribute { ATTRIBUTE:IOSet } ::= SEQUENCE {
- *    type    ATTRIBUTE.&amp;id({IOSet}),
- *    values  SET SIZE(1..MAX) OF ATTRIBUTE.&amp;Type({IOSet}{\@type})
- *  }
- * </pre>
- */
-public class PKCS10CertificationRequestBuilder
-{
-    private SubjectPublicKeyInfo publicKeyInfo;
-    private X500Name subject;
-    private List attributes = new ArrayList();
-    private boolean leaveOffEmpty = false;
-
-
-    public PKCS10CertificationRequestBuilder(PKCS10CertificationRequestBuilder original)
-    {
-        this.publicKeyInfo = original.publicKeyInfo;
-        this.subject = original.subject;
-        this.leaveOffEmpty = original.leaveOffEmpty;
-        this.attributes = new ArrayList(original.attributes);
-    }
-
-
-    /**
-     * Basic constructor.
-     *
-     * @param subject       the X.500 Name defining the certificate subject this request is for.
-     * @param publicKeyInfo the info structure for the public key to be associated with this subject.
-     */
-    public PKCS10CertificationRequestBuilder(X500Name subject, SubjectPublicKeyInfo publicKeyInfo)
-    {
-        this.subject = subject;
-        this.publicKeyInfo = publicKeyInfo;
-    }
-
-    /**
-     * Set an attribute to the certification request we are building.
-     * Removed existing attributes with the same attrType.
-     *
-     * @param attrType  the OID giving the type of the attribute.
-     * @param attrValue the ASN.1 structure that forms the value of the attribute.
-     * @return this builder object.
-     */
-    public PKCS10CertificationRequestBuilder setAttribute(ASN1ObjectIdentifier attrType, ASN1Encodable attrValue)
-    {
-        // Remove existing copies of the attribute.
-        for (Iterator it = attributes.iterator(); it.hasNext(); )
-        {
-            if (((Attribute)it.next()).getAttrType().equals(attrType))
-            {
-                throw new IllegalStateException("Attribute " + attrType.toString() + " is already set");
-            }
-        }
-        addAttribute(attrType, attrValue);
-        return this;
-    }
-
-    /**
-     * Add an attribute with multiple values to the certification request we are building.
-     * Removed existing attributes with the same attrType.
-     *
-     * @param attrType  the OID giving the type of the attribute.
-     * @param attrValue the ASN.1 structure that forms the value of the attribute.
-     * @return this builder object.
-     */
-    public PKCS10CertificationRequestBuilder setAttribute(ASN1ObjectIdentifier attrType, ASN1Encodable[] attrValue)
-    {
-        // Remove existing copies of the attribute.
-        for (Iterator it = attributes.iterator(); it.hasNext(); )
-        {
-            if (((Attribute)it.next()).getAttrType().equals(attrType))
-            {
-                throw new IllegalStateException("Attribute " + attrType.toString() + " is already set");
-            }
-        }
-        addAttribute(attrType, attrValue);
-        return this;
-    }
-
-
-    /**
-     * Add an attribute to the certification request we are building.
-     *
-     * @param attrType  the OID giving the type of the attribute.
-     * @param attrValue the ASN.1 structure that forms the value of the attribute.
-     * @return this builder object.
-     */
-    public PKCS10CertificationRequestBuilder addAttribute(ASN1ObjectIdentifier attrType, ASN1Encodable attrValue)
-    {
-        attributes.add(new Attribute(attrType, new DERSet(attrValue)));
-        return this;
-    }
-
-    /**
-     * Add an attribute with multiple values to the certification request we are building.
-     *
-     * @param attrType   the OID giving the type of the attribute.
-     * @param attrValues an array of ASN.1 structures that form the value of the attribute.
-     * @return this builder object.
-     */
-    public PKCS10CertificationRequestBuilder addAttribute(ASN1ObjectIdentifier attrType, ASN1Encodable[] attrValues)
-    {
-        attributes.add(new Attribute(attrType, new DERSet(attrValues)));
-        return this;
-    }
-
-    /**
-     * The attributes field in PKCS10 should encoded to an empty tagged set if there are
-     * no attributes. Some CAs will reject requests with the attribute field present.
-     *
-     * @param leaveOffEmpty true if empty attributes should be left out of the encoding false otherwise.
-     * @return this builder object.
-     */
-    public PKCS10CertificationRequestBuilder setLeaveOffEmptyAttributes(boolean leaveOffEmpty)
-    {
-        this.leaveOffEmpty = leaveOffEmpty;
-
-        return this;
-    }
-
-    /**
-     * Generate an PKCS#10 request based on the past in signer.
-     *
-     * @param signer the content signer to be used to generate the signature validating the certificate.
-     * @return a holder containing the resulting PKCS#10 certification request.
-     */
-    public PKCS10CertificationRequest build(
-        ContentSigner signer)
-    {
-        CertificationRequestInfo info;
-
-        if (attributes.isEmpty())
-        {
-            if (leaveOffEmpty)
-            {
-                info = new CertificationRequestInfo(subject, publicKeyInfo, null);
-            }
-            else
-            {
-                info = new CertificationRequestInfo(subject, publicKeyInfo, new DERSet());
-            }
-        }
-        else
-        {
-            ASN1EncodableVector v = new ASN1EncodableVector();
-
-            for (Iterator it = attributes.iterator(); it.hasNext(); )
-            {
-                v.add(Attribute.getInstance(it.next()));
-            }
-
-            info = new CertificationRequestInfo(subject, publicKeyInfo, new DERSet(v));
-        }
-
-        try
-        {
-            OutputStream sOut = signer.getOutputStream();
-
-            sOut.write(info.getEncoded(ASN1Encoding.DER));
-
-            sOut.close();
-
-            return new PKCS10CertificationRequest(new CertificationRequest(info, signer.getAlgorithmIdentifier(), new DERBitString(signer.getSignature())));
-        }
-        catch (IOException e)
-        {
-            throw new IllegalStateException("cannot produce certification request signature");
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS12MacCalculatorBuilder.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS12MacCalculatorBuilder.java
deleted file mode 100644
index 7f159c6..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS12MacCalculatorBuilder.java
+++ /dev/null

@@ -1,13 +0,0 @@
-package org.bouncycastle.pkcs;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.operator.MacCalculator;
-import org.bouncycastle.operator.OperatorCreationException;
-
-public interface PKCS12MacCalculatorBuilder
-{
-    MacCalculator build(char[] password)
-        throws OperatorCreationException;
-
-    AlgorithmIdentifier getDigestAlgorithmIdentifier();
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS12MacCalculatorBuilderProvider.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS12MacCalculatorBuilderProvider.java
deleted file mode 100644
index c262ac1..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS12MacCalculatorBuilderProvider.java
+++ /dev/null

@@ -1,8 +0,0 @@
-package org.bouncycastle.pkcs;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-public interface PKCS12MacCalculatorBuilderProvider
-{
-    PKCS12MacCalculatorBuilder get(AlgorithmIdentifier algorithmIdentifier);
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS12PfxPdu.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS12PfxPdu.java
deleted file mode 100644
index 1e70963..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS12PfxPdu.java
+++ /dev/null

@@ -1,160 +0,0 @@
-package org.bouncycastle.pkcs;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.pkcs.ContentInfo;
-import org.bouncycastle.asn1.pkcs.MacData;
-import org.bouncycastle.asn1.pkcs.PKCS12PBEParams;
-import org.bouncycastle.asn1.pkcs.Pfx;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.Arrays;
-
-/**
- * A holding class for the PKCS12 Pfx structure.
- */
-public class PKCS12PfxPdu
-{
-    private Pfx pfx;
-
-    private static Pfx parseBytes(byte[] pfxEncoding)
-        throws IOException
-    {
-        try
-        {
-            return Pfx.getInstance(ASN1Primitive.fromByteArray(pfxEncoding));
-        }
-        catch (ClassCastException e)
-        {
-            throw new PKCSIOException("malformed data: " + e.getMessage(), e);
-        }
-        catch (IllegalArgumentException e)
-        {
-            throw new PKCSIOException("malformed data: " + e.getMessage(), e);
-        }
-    }
-
-    public PKCS12PfxPdu(Pfx pfx)
-    {
-        this.pfx = pfx;
-    }
-
-    public PKCS12PfxPdu(byte[] pfx)
-        throws IOException
-    {
-        this(parseBytes(pfx));
-    }
-
-    /**
-     * Return the content infos in the AuthenticatedSafe contained in this Pfx.
-     *
-     * @return an array of ContentInfo.
-     */
-    public ContentInfo[] getContentInfos()
-    {
-        ASN1Sequence seq = ASN1Sequence.getInstance(ASN1OctetString.getInstance(this.pfx.getAuthSafe().getContent()).getOctets());
-        ContentInfo[] content = new ContentInfo[seq.size()];
-
-        for (int i = 0; i != seq.size(); i++)
-        {
-            content[i] = ContentInfo.getInstance(seq.getObjectAt(i));
-        }
-
-        return content;
-    }
-
-    /**
-     * Return whether or not there is MAC attached to this file.
-     *
-     * @return true if there is, false otherwise.
-     */
-    public boolean hasMac()
-    {
-        return pfx.getMacData() != null;
-    }
-
-    /**
-     * Return the algorithm identifier describing the MAC algorithm
-     *
-     * @return the AlgorithmIdentifier representing the MAC algorithm, null if none present.
-     */
-    public AlgorithmIdentifier getMacAlgorithmID()
-    {
-        MacData md = pfx.getMacData();
-
-        if (md != null)
-        {
-            return md.getMac().getAlgorithmId();
-        }
-
-        return null;
-    }
-
-    /**
-     * Verify the MacData attached to the PFX is consistent with what is expected.
-     *
-     * @param macCalcProviderBuilder provider builder for the calculator for the MAC
-     * @param password password to use
-     * @return true if mac data is valid, false otherwise.
-     * @throws PKCSException if there is a problem evaluating the MAC.
-     * @throws IllegalStateException if no MAC is actually present
-     */
-    public boolean isMacValid(PKCS12MacCalculatorBuilderProvider macCalcProviderBuilder, char[] password)
-        throws PKCSException
-    {
-        if (hasMac())
-        {
-            MacData pfxmData = pfx.getMacData();
-            MacDataGenerator mdGen = new MacDataGenerator(macCalcProviderBuilder.get(new AlgorithmIdentifier(pfxmData.getMac().getAlgorithmId().getAlgorithm(), new PKCS12PBEParams(pfxmData.getSalt(), pfxmData.getIterationCount().intValue()))));
-
-            try
-            {
-                MacData mData = mdGen.build(
-                    password,
-                    ASN1OctetString.getInstance(pfx.getAuthSafe().getContent()).getOctets());
-
-                return Arrays.constantTimeAreEqual(mData.getEncoded(), pfx.getMacData().getEncoded());
-            }
-            catch (IOException e)
-            {
-                throw new PKCSException("unable to process AuthSafe: " + e.getMessage());
-            }
-        }
-
-        throw new IllegalStateException("no MAC present on PFX");
-    }
-
-    /**
-     * Return the underlying ASN.1 object.
-     *
-     * @return a Pfx object.
-     */
-    public Pfx toASN1Structure()
-    {
-        return pfx;
-    }
-
-    public byte[] getEncoded()
-        throws IOException
-    {
-        return toASN1Structure().getEncoded();
-    }
-
-    /**
-     * Return a Pfx with the outer wrapper encoded as asked for. For example, Pfx is a usually
-     * a BER encoded object, to get one with DefiniteLength encoding use:
-     * <pre>
-     * getEncoded(ASN1Encoding.DL)
-     * </pre>
-     * @param encoding encoding style (ASN1Encoding.DER, ASN1Encoding.DL, ASN1Encoding.BER)
-     * @return a byte array containing the encoded object.
-     * @throws IOException
-     */
-    public byte[] getEncoded(String encoding)
-        throws IOException
-    {
-        return toASN1Structure().getEncoded(encoding);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS12PfxPduBuilder.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS12PfxPduBuilder.java
deleted file mode 100644
index 563ca04..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS12PfxPduBuilder.java
+++ /dev/null

@@ -1,179 +0,0 @@
-package org.bouncycastle.pkcs;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DLSequence;
-import org.bouncycastle.asn1.pkcs.AuthenticatedSafe;
-import org.bouncycastle.asn1.pkcs.ContentInfo;
-import org.bouncycastle.asn1.pkcs.MacData;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.Pfx;
-import org.bouncycastle.cms.CMSEncryptedDataGenerator;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.CMSProcessableByteArray;
-import org.bouncycastle.operator.OutputEncryptor;
-
-/**
- * A builder for the PKCS#12 Pfx key and certificate store.
- * <p>
- * For example: you can build a basic key store for the user owning privKey as follows:
- * </p>
- * <pre>
- *      X509Certificate[] chain = ....
- *      PublicKey         pubKey = ....
- *      PrivateKey        privKey = ....
- *      JcaX509ExtensionUtils extUtils = new JcaX509ExtensionUtils();
- *
- *      PKCS12SafeBagBuilder taCertBagBuilder = new JcaPKCS12SafeBagBuilder(chain[2]);
- *
- *      taCertBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString("Bouncy Primary Certificate"));
- *
- *      PKCS12SafeBagBuilder caCertBagBuilder = new JcaPKCS12SafeBagBuilder(chain[1]);
- *
- *      caCertBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString("Bouncy Intermediate Certificate"));
- *
- *      PKCS12SafeBagBuilder eeCertBagBuilder = new JcaPKCS12SafeBagBuilder(chain[0]);
- *
- *      eeCertBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString("Eric's Key"));
- *      eeCertBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId, extUtils.createSubjectKeyIdentifier(pubKey));
- *
- *      PKCS12SafeBagBuilder keyBagBuilder = new JcaPKCS12SafeBagBuilder(privKey, new BcPKCS12PBEOutputEncryptorBuilder(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, new CBCBlockCipher(new DESedeEngine())).build(passwd));
- *
- *      keyBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString("Eric's Key"));
- *      keyBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId, extUtils.createSubjectKeyIdentifier(pubKey));
- *
- *      //
- *      // construct the actual key store
- *      //
- *      PKCS12PfxPduBuilder pfxPduBuilder = new PKCS12PfxPduBuilder();
- *
- *      PKCS12SafeBag[] certs = new PKCS12SafeBag[3];
- *
- *      certs[0] = eeCertBagBuilder.build();
- *      certs[1] = caCertBagBuilder.build();
- *      certs[2] = taCertBagBuilder.build();
- *
- *      pfxPduBuilder.addEncryptedData(new BcPKCS12PBEOutputEncryptorBuilder(PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC2_CBC, new CBCBlockCipher(new RC2Engine())).build(passwd), certs);
- *
- *      pfxPduBuilder.addData(keyBagBuilder.build());
- *
- *      PKCS12PfxPdu pfx = pfxPduBuilder.build(new BcPKCS12MacCalculatorBuilder(), passwd);
- * </pre>
- *
- */
-public class PKCS12PfxPduBuilder
-{
-    private ASN1EncodableVector dataVector = new ASN1EncodableVector();
-
-    /**
-     * Add a SafeBag that is to be included as is.
-     *
-     * @param data the SafeBag to add.
-     * @return this builder.
-     * @throws IOException
-     */
-    public PKCS12PfxPduBuilder addData(PKCS12SafeBag data)
-        throws IOException
-    {
-        dataVector.add(new ContentInfo(PKCSObjectIdentifiers.data, new DEROctetString(new DLSequence(data.toASN1Structure()).getEncoded())));
-
-        return this;
-    }
-
-    /**
-     * Add a SafeBag that is to be wrapped in a EncryptedData object.
-     *
-     * @param dataEncryptor the encryptor to use for encoding the data.
-     * @param data the SafeBag to include.
-     * @return this builder.
-     * @throws IOException if a issue occurs processing the data.
-     */
-    public PKCS12PfxPduBuilder addEncryptedData(OutputEncryptor dataEncryptor, PKCS12SafeBag data)
-        throws IOException
-    {
-        return addEncryptedData(dataEncryptor, new DERSequence(data.toASN1Structure()));
-    }
-
-    /**
-     * Add a set of SafeBags that are to be wrapped in a EncryptedData object.
-     *
-     * @param dataEncryptor the encryptor to use for encoding the data.
-     * @param data the SafeBags to include.
-     * @return this builder.
-     * @throws IOException if a issue occurs processing the data.
-     */
-    public PKCS12PfxPduBuilder addEncryptedData(OutputEncryptor dataEncryptor, PKCS12SafeBag[] data)
-        throws IOException
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        for (int i = 0; i != data.length; i++)
-        {
-            v.add(data[i].toASN1Structure());
-        }
-
-        return addEncryptedData(dataEncryptor, new DLSequence(v));
-    }
-
-    private PKCS12PfxPduBuilder addEncryptedData(OutputEncryptor dataEncryptor, ASN1Sequence data)
-        throws IOException
-    {
-        CMSEncryptedDataGenerator envGen = new CMSEncryptedDataGenerator();
-
-        try
-        {
-            dataVector.add(envGen.generate(new CMSProcessableByteArray(data.getEncoded()), dataEncryptor).toASN1Structure());
-        }
-        catch (CMSException e)
-        {
-            throw new PKCSIOException(e.getMessage(), e.getCause());
-        }
-
-        return this;
-    }
-
-    /**
-     * Build the Pfx structure, protecting it with a MAC calculated against the passed in password.
-     *
-     * @param macCalcBuilder a builder for a PKCS12 mac calculator.
-     * @param password the password to use.
-     * @return a Pfx object.
-     * @throws PKCSException on a encoding or processing error.
-     */
-    public PKCS12PfxPdu build(PKCS12MacCalculatorBuilder macCalcBuilder, char[] password)
-        throws PKCSException
-    {
-        AuthenticatedSafe auth = AuthenticatedSafe.getInstance(new DLSequence(dataVector));
-        byte[]            encAuth;
-
-        try
-        {
-            encAuth = auth.getEncoded();
-        }
-        catch (IOException e)
-        {
-            throw new PKCSException("unable to encode AuthenticatedSafe: " + e.getMessage(), e);
-        }
-
-        ContentInfo       mainInfo = new ContentInfo(PKCSObjectIdentifiers.data, new DEROctetString(encAuth));
-        MacData           mData = null;
-
-        if (macCalcBuilder != null)
-        {
-            MacDataGenerator mdGen = new MacDataGenerator(macCalcBuilder);
-
-            mData = mdGen.build(password, encAuth);
-        }
-
-        //
-        // output the Pfx
-        //
-        Pfx pfx = new Pfx(mainInfo, mData);
-
-        return new PKCS12PfxPdu(pfx);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS12SafeBag.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS12SafeBag.java
deleted file mode 100644
index ce652a4..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS12SafeBag.java
+++ /dev/null

@@ -1,93 +0,0 @@
-package org.bouncycastle.pkcs;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.pkcs.Attribute;
-import org.bouncycastle.asn1.pkcs.CRLBag;
-import org.bouncycastle.asn1.pkcs.CertBag;
-import org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.pkcs.SafeBag;
-import org.bouncycastle.asn1.x509.Certificate;
-import org.bouncycastle.asn1.x509.CertificateList;
-import org.bouncycastle.cert.X509CRLHolder;
-import org.bouncycastle.cert.X509CertificateHolder;
-
-public class PKCS12SafeBag
-{
-    public static final ASN1ObjectIdentifier friendlyNameAttribute = PKCSObjectIdentifiers.pkcs_9_at_friendlyName;
-    public static final ASN1ObjectIdentifier localKeyIdAttribute = PKCSObjectIdentifiers.pkcs_9_at_localKeyId;
-
-    private SafeBag safeBag;
-
-    public PKCS12SafeBag(SafeBag safeBag)
-    {
-        this.safeBag = safeBag;
-    }
-
-    /**
-     * Return the underlying ASN.1 structure for this safe bag.
-     *
-     * @return a SafeBag
-     */
-    public SafeBag toASN1Structure()
-    {
-        return safeBag;
-    }
-
-    /**
-     * Return the BagId giving the type of content in the bag.
-     *
-     * @return the bagId
-     */
-    public ASN1ObjectIdentifier getType()
-    {
-        return safeBag.getBagId();
-    }
-
-    public Attribute[] getAttributes()
-    {
-        ASN1Set attrs = safeBag.getBagAttributes();
-
-        if (attrs == null)
-        {
-            return null;
-        }
-
-        Attribute[] attributes = new Attribute[attrs.size()];
-        for (int i = 0; i != attrs.size(); i++)
-        {
-            attributes[i] = Attribute.getInstance(attrs.getObjectAt(i));
-        }
-
-        return attributes;
-    }
-
-    public Object getBagValue()
-    {
-        if (getType().equals(PKCSObjectIdentifiers.pkcs8ShroudedKeyBag))
-        {
-            return new PKCS8EncryptedPrivateKeyInfo(EncryptedPrivateKeyInfo.getInstance(safeBag.getBagValue()));
-        }
-        if (getType().equals(PKCSObjectIdentifiers.certBag))
-        {
-            CertBag certBag = CertBag.getInstance(safeBag.getBagValue());
-
-            return new X509CertificateHolder(Certificate.getInstance(ASN1OctetString.getInstance(certBag.getCertValue()).getOctets()));
-        }
-        if (getType().equals(PKCSObjectIdentifiers.keyBag))
-        {
-            return PrivateKeyInfo.getInstance(safeBag.getBagValue());
-        }
-        if (getType().equals(PKCSObjectIdentifiers.crlBag))
-        {
-            CRLBag crlBag = CRLBag.getInstance(safeBag.getBagValue());
-
-            return new X509CRLHolder(CertificateList.getInstance(ASN1OctetString.getInstance(crlBag.getCrlValue()).getOctets()));
-        }
-
-        return safeBag.getBagValue();
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS12SafeBagBuilder.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS12SafeBagBuilder.java
deleted file mode 100644
index 1e3a262..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS12SafeBagBuilder.java
+++ /dev/null

@@ -1,76 +0,0 @@
-package org.bouncycastle.pkcs;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.pkcs.Attribute;
-import org.bouncycastle.asn1.pkcs.CertBag;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.pkcs.SafeBag;
-import org.bouncycastle.asn1.x509.Certificate;
-import org.bouncycastle.asn1.x509.CertificateList;
-import org.bouncycastle.cert.X509CRLHolder;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.operator.OutputEncryptor;
-
-public class PKCS12SafeBagBuilder
-{
-    private ASN1ObjectIdentifier bagType;
-    private ASN1Encodable        bagValue;
-    private ASN1EncodableVector  bagAttrs = new ASN1EncodableVector();
-
-    public PKCS12SafeBagBuilder(PrivateKeyInfo privateKeyInfo, OutputEncryptor encryptor)
-    {
-        this.bagType = PKCSObjectIdentifiers.pkcs8ShroudedKeyBag;
-        this.bagValue = new PKCS8EncryptedPrivateKeyInfoBuilder(privateKeyInfo).build(encryptor).toASN1Structure();
-    }
-
-    public PKCS12SafeBagBuilder(PrivateKeyInfo privateKeyInfo)
-    {
-        this.bagType = PKCSObjectIdentifiers.keyBag;
-        this.bagValue = privateKeyInfo;
-    }
-
-    public PKCS12SafeBagBuilder(X509CertificateHolder certificate)
-        throws IOException
-    {
-        this(certificate.toASN1Structure());
-    }
-
-    public PKCS12SafeBagBuilder(X509CRLHolder crl)
-        throws IOException
-    {
-        this(crl.toASN1Structure());
-    }
-
-    public PKCS12SafeBagBuilder(Certificate certificate)
-        throws IOException
-    {
-        this.bagType = PKCSObjectIdentifiers.certBag;
-        this.bagValue = new CertBag(PKCSObjectIdentifiers.x509Certificate, new DEROctetString(certificate.getEncoded()));
-    }
-
-    public PKCS12SafeBagBuilder(CertificateList crl)
-        throws IOException
-    {
-        this.bagType = PKCSObjectIdentifiers.crlBag;
-        this.bagValue = new CertBag(PKCSObjectIdentifiers.x509Crl, new DEROctetString(crl.getEncoded()));
-    }
-
-    public PKCS12SafeBagBuilder addBagAttribute(ASN1ObjectIdentifier attrType, ASN1Encodable attrValue)
-    {
-        bagAttrs.add(new Attribute(attrType, new DERSet(attrValue)));
-
-        return this;
-    }
-
-    public PKCS12SafeBag build()
-    {
-        return new PKCS12SafeBag(new SafeBag(bagType, bagValue, new DERSet(bagAttrs)));
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS12SafeBagFactory.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS12SafeBagFactory.java
deleted file mode 100644
index 2773855..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS12SafeBagFactory.java
+++ /dev/null

@@ -1,58 +0,0 @@
-package org.bouncycastle.pkcs;
-
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.pkcs.ContentInfo;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.SafeBag;
-import org.bouncycastle.cms.CMSEncryptedData;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.operator.InputDecryptorProvider;
-
-public class PKCS12SafeBagFactory
-{
-    private ASN1Sequence safeBagSeq;
-
-    public PKCS12SafeBagFactory(ContentInfo info)
-    {
-        if (info.getContentType().equals(PKCSObjectIdentifiers.encryptedData))
-        {
-            throw new IllegalArgumentException("encryptedData requires constructor with decryptor.");
-        }
-
-        this.safeBagSeq = ASN1Sequence.getInstance(ASN1OctetString.getInstance(info.getContent()).getOctets());
-    }
-
-    public PKCS12SafeBagFactory(ContentInfo info, InputDecryptorProvider inputDecryptorProvider)
-        throws PKCSException
-    {
-        if (info.getContentType().equals(PKCSObjectIdentifiers.encryptedData))
-        {
-            CMSEncryptedData encData = new CMSEncryptedData(org.bouncycastle.asn1.cms.ContentInfo.getInstance(info));
-
-            try
-            {
-                this.safeBagSeq = ASN1Sequence.getInstance(encData.getContent(inputDecryptorProvider));
-            }
-            catch (CMSException e)
-            {
-                throw new PKCSException("unable to extract data: " + e.getMessage(), e);
-            }
-            return;
-        }
-
-        throw new IllegalArgumentException("encryptedData requires constructor with decryptor.");
-    }
-
-    public PKCS12SafeBag[] getSafeBags()
-    {
-        PKCS12SafeBag[] safeBags = new PKCS12SafeBag[safeBagSeq.size()];
-
-        for (int i = 0; i != safeBagSeq.size(); i++)
-        {
-            safeBags[i] = new PKCS12SafeBag(SafeBag.getInstance(safeBagSeq.getObjectAt(i)));
-        }
-
-        return safeBags;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS8EncryptedPrivateKeyInfo.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS8EncryptedPrivateKeyInfo.java
deleted file mode 100644
index 324e528..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS8EncryptedPrivateKeyInfo.java
+++ /dev/null

@@ -1,86 +0,0 @@
-package org.bouncycastle.pkcs;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.operator.InputDecryptor;
-import org.bouncycastle.operator.InputDecryptorProvider;
-import org.bouncycastle.util.io.Streams;
-
-/**
- * Holding class for a PKCS#8 EncryptedPrivateKeyInfo structure.
- */
-public class PKCS8EncryptedPrivateKeyInfo
-{
-    private EncryptedPrivateKeyInfo encryptedPrivateKeyInfo;
-
-    private static EncryptedPrivateKeyInfo parseBytes(byte[] pkcs8Encoding)
-        throws IOException
-    {
-        try
-        {
-            return EncryptedPrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(pkcs8Encoding));
-        }
-        catch (ClassCastException e)
-        {
-            throw new PKCSIOException("malformed data: " + e.getMessage(), e);
-        }
-        catch (IllegalArgumentException e)
-        {
-            throw new PKCSIOException("malformed data: " + e.getMessage(), e);
-        }
-    }
-
-    public PKCS8EncryptedPrivateKeyInfo(EncryptedPrivateKeyInfo encryptedPrivateKeyInfo)
-    {
-        this.encryptedPrivateKeyInfo = encryptedPrivateKeyInfo;
-    }
-
-    public PKCS8EncryptedPrivateKeyInfo(byte[] encryptedPrivateKeyInfo)
-        throws IOException
-    {
-        this(parseBytes(encryptedPrivateKeyInfo));
-    }
-
-    public AlgorithmIdentifier getEncryptionAlgorithm()
-    {
-        return encryptedPrivateKeyInfo.getEncryptionAlgorithm();
-    }
-
-    public byte[] getEncryptedData()
-    {
-        return encryptedPrivateKeyInfo.getEncryptedData();
-    }
-
-    public EncryptedPrivateKeyInfo toASN1Structure()
-    {
-         return encryptedPrivateKeyInfo;
-    }
-
-    public byte[] getEncoded()
-        throws IOException
-    {
-        return encryptedPrivateKeyInfo.getEncoded();
-    }
-
-    public PrivateKeyInfo decryptPrivateKeyInfo(InputDecryptorProvider inputDecryptorProvider)
-        throws PKCSException
-    {
-        try
-        {
-            InputDecryptor decrytor = inputDecryptorProvider.get(encryptedPrivateKeyInfo.getEncryptionAlgorithm());
-
-            ByteArrayInputStream encIn = new ByteArrayInputStream(encryptedPrivateKeyInfo.getEncryptedData());
-
-            return PrivateKeyInfo.getInstance(Streams.readAll(decrytor.getInputStream(encIn)));
-        }
-        catch (Exception e)
-        {
-            throw new PKCSException("unable to read encrypted data: " + e.getMessage(), e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS8EncryptedPrivateKeyInfoBuilder.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS8EncryptedPrivateKeyInfoBuilder.java
deleted file mode 100644
index 9bafaf6..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCS8EncryptedPrivateKeyInfoBuilder.java
+++ /dev/null

@@ -1,59 +0,0 @@
-package org.bouncycastle.pkcs;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.operator.OutputEncryptor;
-
-/**
- * A class for creating EncryptedPrivateKeyInfo structures.
- * <pre>
- * EncryptedPrivateKeyInfo ::= SEQUENCE {
- *      encryptionAlgorithm AlgorithmIdentifier {{KeyEncryptionAlgorithms}},
- *      encryptedData EncryptedData
- * }
- *
- * EncryptedData ::= OCTET STRING
- *
- * KeyEncryptionAlgorithms ALGORITHM-IDENTIFIER ::= {
- *          ... -- For local profiles
- * }
- * </pre>
- */
-public class PKCS8EncryptedPrivateKeyInfoBuilder
-{
-    private PrivateKeyInfo privateKeyInfo;
-
-    public PKCS8EncryptedPrivateKeyInfoBuilder(byte[] privateKeyInfo)
-    {
-        this(PrivateKeyInfo.getInstance(privateKeyInfo));
-    }
-
-    public PKCS8EncryptedPrivateKeyInfoBuilder(PrivateKeyInfo privateKeyInfo)
-    {
-        this.privateKeyInfo = privateKeyInfo;
-    }
-
-    public PKCS8EncryptedPrivateKeyInfo build(
-        OutputEncryptor encryptor)
-    {
-        try
-        {
-            ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-            OutputStream cOut = encryptor.getOutputStream(bOut);
-
-            cOut.write(privateKeyInfo.getEncoded());
-
-            cOut.close();
-
-            return new PKCS8EncryptedPrivateKeyInfo(new EncryptedPrivateKeyInfo(encryptor.getAlgorithmIdentifier(), bOut.toByteArray()));
-        }
-        catch (IOException e)
-        {
-            throw new IllegalStateException("cannot encode privateKeyInfo");
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCSException.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCSException.java
deleted file mode 100644
index 8ee6f6f..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCSException.java
+++ /dev/null

@@ -1,27 +0,0 @@
-package org.bouncycastle.pkcs;
-
-/**
- * General checked Exception thrown in the cert package and its sub-packages.
- */
-public class PKCSException
-    extends Exception
-{
-    private Throwable cause;
-
-    public PKCSException(String msg, Throwable cause)
-    {
-        super(msg);
-
-        this.cause = cause;
-    }
-
-    public PKCSException(String msg)
-    {
-        super(msg);
-    }
-
-    public Throwable getCause()
-    {
-        return cause;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCSIOException.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCSIOException.java
deleted file mode 100644
index c34f739..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCSIOException.java
+++ /dev/null

@@ -1,29 +0,0 @@
-package org.bouncycastle.pkcs;
-
-import java.io.IOException;
-
-/**
- * General IOException thrown in the cert package and its sub-packages.
- */
-public class PKCSIOException
-    extends IOException
-{
-    private Throwable cause;
-
-    public PKCSIOException(String msg, Throwable cause)
-    {
-        super(msg);
-
-        this.cause = cause;
-    }
-
-    public PKCSIOException(String msg)
-    {
-        super(msg);
-    }
-
-    public Throwable getCause()
-    {
-        return cause;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCSUtils.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCSUtils.java
deleted file mode 100644
index 61e6f94..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/PKCSUtils.java
+++ /dev/null

@@ -1,39 +0,0 @@
-package org.bouncycastle.pkcs;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.util.Integers;
-
-class PKCSUtils
-{
-    private static final Map PRFS_SALT = new HashMap();
-
-    static
-    {
-        PRFS_SALT.put(PKCSObjectIdentifiers.id_hmacWithSHA1, Integers.valueOf(20));
-        PRFS_SALT.put(PKCSObjectIdentifiers.id_hmacWithSHA256, Integers.valueOf(32));
-        PRFS_SALT.put(PKCSObjectIdentifiers.id_hmacWithSHA512, Integers.valueOf(64));
-        PRFS_SALT.put(PKCSObjectIdentifiers.id_hmacWithSHA224, Integers.valueOf(28));
-        PRFS_SALT.put(PKCSObjectIdentifiers.id_hmacWithSHA384, Integers.valueOf(48));
-        PRFS_SALT.put(NISTObjectIdentifiers.id_hmacWithSHA3_224, Integers.valueOf(28));
-        PRFS_SALT.put(NISTObjectIdentifiers.id_hmacWithSHA3_256, Integers.valueOf(32));
-        PRFS_SALT.put(NISTObjectIdentifiers.id_hmacWithSHA3_384, Integers.valueOf(48));
-        PRFS_SALT.put(NISTObjectIdentifiers.id_hmacWithSHA3_512, Integers.valueOf(64));
-        PRFS_SALT.put(CryptoProObjectIdentifiers.gostR3411Hmac, Integers.valueOf(32));
-    }
-
-    static int getSaltSize(ASN1ObjectIdentifier algorithm)
-    {
-        if (!PRFS_SALT.containsKey(algorithm))
-        {
-            throw new IllegalStateException("no salt size for algorithm: " + algorithm);
-        }
-
-        return ((Integer)PRFS_SALT.get(algorithm)).intValue();
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/bc/BcPKCS10CertificationRequest.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/bc/BcPKCS10CertificationRequest.java
deleted file mode 100644
index 99c337c..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/bc/BcPKCS10CertificationRequest.java
+++ /dev/null

@@ -1,42 +0,0 @@
-package org.bouncycastle.pkcs.bc;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.pkcs.CertificationRequest;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.util.PublicKeyFactory;
-import org.bouncycastle.pkcs.PKCS10CertificationRequest;
-import org.bouncycastle.pkcs.PKCSException;
-
-public class BcPKCS10CertificationRequest
-    extends PKCS10CertificationRequest
-{
-    public BcPKCS10CertificationRequest(CertificationRequest certificationRequest)
-    {
-        super(certificationRequest);
-    }
-
-    public BcPKCS10CertificationRequest(byte[] encoding)
-        throws IOException
-    {
-        super(encoding);
-    }
-
-    public BcPKCS10CertificationRequest(PKCS10CertificationRequest requestHolder)
-    {
-        super(requestHolder.toASN1Structure());
-    }
-
-    public AsymmetricKeyParameter getPublicKey()
-        throws PKCSException
-    {
-        try
-        {
-            return PublicKeyFactory.createKey(this.getSubjectPublicKeyInfo());
-        }
-        catch (IOException e)
-        {
-            throw new PKCSException("error extracting key encoding: " + e.getMessage(), e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/bc/BcPKCS10CertificationRequestBuilder.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/bc/BcPKCS10CertificationRequestBuilder.java
deleted file mode 100644
index 04b0fc6..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/bc/BcPKCS10CertificationRequestBuilder.java
+++ /dev/null

@@ -1,28 +0,0 @@
-package org.bouncycastle.pkcs.bc;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.util.SubjectPublicKeyInfoFactory;
-import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder;
-
-/**
- * Extension of the PKCS#10 builder to support AsymmetricKey objects.
- */
-public class BcPKCS10CertificationRequestBuilder
-    extends PKCS10CertificationRequestBuilder
-{
-    /**
-     * Create a PKCS#10 builder for the passed in subject and JCA public key.
-     *
-     * @param subject an X500Name containing the subject associated with the request we are building.
-     * @param publicKey a JCA public key that is to be associated with the request we are building.
-     * @throws IOException if there is a problem encoding the public key.
-     */
-    public BcPKCS10CertificationRequestBuilder(X500Name subject, AsymmetricKeyParameter publicKey)
-        throws IOException
-    {
-        super(subject, SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(publicKey));
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/bc/BcPKCS12MacCalculatorBuilder.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/bc/BcPKCS12MacCalculatorBuilder.java
deleted file mode 100644
index b942079..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/bc/BcPKCS12MacCalculatorBuilder.java
+++ /dev/null

@@ -1,61 +0,0 @@
-package org.bouncycastle.pkcs.bc;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCS12PBEParams;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.ExtendedDigest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.operator.MacCalculator;
-import org.bouncycastle.pkcs.PKCS12MacCalculatorBuilder;
-
-public class BcPKCS12MacCalculatorBuilder
-    implements PKCS12MacCalculatorBuilder
-{
-    private ExtendedDigest digest;
-    private AlgorithmIdentifier algorithmIdentifier;
-
-    private SecureRandom  random;
-    private int    saltLength;
-    private int    iterationCount = 1024;
-
-    public BcPKCS12MacCalculatorBuilder()
-    {
-        this(new SHA1Digest(), new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE));
-    }
-
-    public BcPKCS12MacCalculatorBuilder(ExtendedDigest digest, AlgorithmIdentifier algorithmIdentifier)
-    {
-        this.digest = digest;
-        this.algorithmIdentifier = algorithmIdentifier;
-        this.saltLength = digest.getDigestSize();
-    }
-
-    public BcPKCS12MacCalculatorBuilder setIterationCount(int iterationCount)
-    {
-        this.iterationCount = iterationCount;
-
-        return this;
-    }
-
-    public AlgorithmIdentifier getDigestAlgorithmIdentifier()
-    {
-        return algorithmIdentifier;
-    }
-
-    public MacCalculator build(final char[] password)
-    {
-        if (random == null)
-        {
-            random = new SecureRandom();
-        }
-
-        byte[] salt = new byte[saltLength];
-
-        random.nextBytes(salt);
-
-        return PKCS12PBEUtils.createMacCalculator(algorithmIdentifier.getAlgorithm(), digest, new PKCS12PBEParams(salt, iterationCount), password);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/bc/BcPKCS12MacCalculatorBuilderProvider.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/bc/BcPKCS12MacCalculatorBuilderProvider.java
deleted file mode 100644
index d6f9230..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/bc/BcPKCS12MacCalculatorBuilderProvider.java
+++ /dev/null

@@ -1,40 +0,0 @@
-package org.bouncycastle.pkcs.bc;
-
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.pkcs.PKCS12PBEParams;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.operator.MacCalculator;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.bc.BcDigestProvider;
-import org.bouncycastle.pkcs.PKCS12MacCalculatorBuilder;
-import org.bouncycastle.pkcs.PKCS12MacCalculatorBuilderProvider;
-
-public class BcPKCS12MacCalculatorBuilderProvider
-    implements PKCS12MacCalculatorBuilderProvider
-{
-    private BcDigestProvider digestProvider;
-
-    public BcPKCS12MacCalculatorBuilderProvider(BcDigestProvider digestProvider)
-    {
-        this.digestProvider = digestProvider;
-    }
-
-    public PKCS12MacCalculatorBuilder get(final AlgorithmIdentifier algorithmIdentifier)
-    {
-        return new PKCS12MacCalculatorBuilder()
-        {
-            public MacCalculator build(final char[] password)
-                throws OperatorCreationException
-            {
-                PKCS12PBEParams pbeParams = PKCS12PBEParams.getInstance(algorithmIdentifier.getParameters());
-
-                return PKCS12PBEUtils.createMacCalculator(algorithmIdentifier.getAlgorithm(), digestProvider.get(algorithmIdentifier), pbeParams, password);
-            }
-
-            public AlgorithmIdentifier getDigestAlgorithmIdentifier()
-            {
-                return new AlgorithmIdentifier(algorithmIdentifier.getAlgorithm(), DERNull.INSTANCE);
-            }
-        };
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/bc/BcPKCS12PBEInputDecryptorProviderBuilder.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/bc/BcPKCS12PBEInputDecryptorProviderBuilder.java
deleted file mode 100644
index e578fd5..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/bc/BcPKCS12PBEInputDecryptorProviderBuilder.java
+++ /dev/null

@@ -1,66 +0,0 @@
-package org.bouncycastle.pkcs.bc;
-
-import java.io.InputStream;
-
-import org.bouncycastle.asn1.pkcs.PKCS12PBEParams;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.ExtendedDigest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator;
-import org.bouncycastle.crypto.io.CipherInputStream;
-import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.InputDecryptor;
-import org.bouncycastle.operator.InputDecryptorProvider;
-
-public class BcPKCS12PBEInputDecryptorProviderBuilder
-{
-    private ExtendedDigest digest;
-
-    public BcPKCS12PBEInputDecryptorProviderBuilder()
-    {
-         this(new SHA1Digest());
-    }
-
-    public BcPKCS12PBEInputDecryptorProviderBuilder(ExtendedDigest digest)
-    {
-         this.digest = digest;
-    }
-
-    public InputDecryptorProvider build(final char[] password)
-    {
-        return new InputDecryptorProvider()
-        {
-            public InputDecryptor get(final AlgorithmIdentifier algorithmIdentifier)
-            {
-                final PaddedBufferedBlockCipher engine = PKCS12PBEUtils.getEngine(algorithmIdentifier.getAlgorithm());
-
-                PKCS12PBEParams           pbeParams = PKCS12PBEParams.getInstance(algorithmIdentifier.getParameters());
-
-                CipherParameters params = PKCS12PBEUtils.createCipherParameters(algorithmIdentifier.getAlgorithm(), digest, engine.getBlockSize(), pbeParams, password);
-
-                engine.init(false, params);
-
-                return new InputDecryptor()
-                {
-                    public AlgorithmIdentifier getAlgorithmIdentifier()
-                    {
-                        return algorithmIdentifier;
-                    }
-
-                    public InputStream getInputStream(InputStream input)
-                    {
-                        return new CipherInputStream(input, engine);
-                    }
-
-                    public GenericKey getKey()
-                    {
-                        return new GenericKey(PKCS12ParametersGenerator.PKCS12PasswordToBytes(password));
-                    }
-                };
-            }
-        };
-
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/bc/BcPKCS12PBEOutputEncryptorBuilder.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/bc/BcPKCS12PBEOutputEncryptorBuilder.java
deleted file mode 100644
index f7f4a7e..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/bc/BcPKCS12PBEOutputEncryptorBuilder.java
+++ /dev/null

@@ -1,83 +0,0 @@
-package org.bouncycastle.pkcs.bc;
-
-import java.io.OutputStream;
-import java.security.SecureRandom;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.pkcs.PKCS12PBEParams;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.ExtendedDigest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator;
-import org.bouncycastle.crypto.io.CipherOutputStream;
-import org.bouncycastle.crypto.paddings.PKCS7Padding;
-import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.OutputEncryptor;
-
-public class BcPKCS12PBEOutputEncryptorBuilder
-{
-    private ExtendedDigest digest;
-
-    private BufferedBlockCipher engine;
-    private ASN1ObjectIdentifier algorithm;
-    private SecureRandom random;
-    private int iterationCount = 1024;
-
-    public BcPKCS12PBEOutputEncryptorBuilder(ASN1ObjectIdentifier algorithm, BlockCipher engine)
-    {
-        this(algorithm, engine, new SHA1Digest());
-    }
-
-    public BcPKCS12PBEOutputEncryptorBuilder(ASN1ObjectIdentifier algorithm, BlockCipher engine, ExtendedDigest pbeDigest)
-    {
-        this.algorithm = algorithm;
-        this.engine = new PaddedBufferedBlockCipher(engine, new PKCS7Padding());
-        this.digest = pbeDigest;
-    }
-
-    public BcPKCS12PBEOutputEncryptorBuilder setIterationCount(int iterationCount)
-    {
-        this.iterationCount = iterationCount;
-        return this;
-    }
-
-    public OutputEncryptor build(final char[] password)
-    {
-        if (random == null)
-        {
-            random = new SecureRandom();
-        }
-
-        final byte[] salt = new byte[20];
-
-        random.nextBytes(salt);
-
-        final PKCS12PBEParams pbeParams = new PKCS12PBEParams(salt, iterationCount);
-
-        CipherParameters params = PKCS12PBEUtils.createCipherParameters(algorithm, digest, engine.getBlockSize(), pbeParams, password);
-
-        engine.init(true, params);
-
-        return new OutputEncryptor()
-        {
-            public AlgorithmIdentifier getAlgorithmIdentifier()
-            {
-                return new AlgorithmIdentifier(algorithm, pbeParams);
-            }
-
-            public OutputStream getOutputStream(OutputStream out)
-            {
-                return new CipherOutputStream(out, engine);
-            }
-
-            public GenericKey getKey()
-            {
-                return new GenericKey(new AlgorithmIdentifier(algorithm, pbeParams), PKCS12ParametersGenerator.PKCS12PasswordToBytes(password));
-            }
-        };
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/bc/PKCS12PBEUtils.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/bc/PKCS12PBEUtils.java
deleted file mode 100644
index 2edce23..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/bc/PKCS12PBEUtils.java
+++ /dev/null

@@ -1,153 +0,0 @@
-package org.bouncycastle.pkcs.bc;
-
-import java.io.OutputStream;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Map;
-import java.util.Set;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.pkcs.PKCS12PBEParams;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.ExtendedDigest;
-import org.bouncycastle.crypto.engines.DESedeEngine;
-import org.bouncycastle.crypto.engines.RC2Engine;
-import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator;
-import org.bouncycastle.crypto.io.MacOutputStream;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.paddings.PKCS7Padding;
-import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
-import org.bouncycastle.crypto.params.DESedeParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.MacCalculator;
-import org.bouncycastle.util.Integers;
-
-class PKCS12PBEUtils
-{
-    private static Map keySizes = new HashMap();
-    private static Set noIvAlgs = new HashSet();
-    private static Set desAlgs = new HashSet();
-
-    static
-    {
-        keySizes.put(PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC4, Integers.valueOf(128));
-        keySizes.put(PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC4, Integers.valueOf(40));
-        keySizes.put(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, Integers.valueOf(192));
-        keySizes.put(PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC, Integers.valueOf(128));
-        keySizes.put(PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC2_CBC, Integers.valueOf(128));
-        keySizes.put(PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC2_CBC, Integers.valueOf(40));
-
-        noIvAlgs.add(PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC4);
-        noIvAlgs.add(PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC4);
-
-        desAlgs.add(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC);
-        desAlgs.add(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC);
-    }
-
-    static int getKeySize(ASN1ObjectIdentifier algorithm)
-    {
-        return ((Integer)keySizes.get(algorithm)).intValue();
-    }
-
-    static boolean hasNoIv(ASN1ObjectIdentifier algorithm)
-    {
-        return noIvAlgs.contains(algorithm);
-    }
-
-    static boolean isDesAlg(ASN1ObjectIdentifier algorithm)
-    {
-        return desAlgs.contains(algorithm);
-    }
-
-    static PaddedBufferedBlockCipher getEngine(ASN1ObjectIdentifier algorithm)
-    {
-        BlockCipher engine;
-
-        if (algorithm.equals(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC)
-            || algorithm.equals(PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC))
-        {
-            engine = new DESedeEngine();
-        }
-        else if (algorithm.equals(PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC2_CBC)
-            || algorithm.equals(PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC2_CBC))
-        {
-            engine = new RC2Engine();
-        }
-        else
-        {
-            throw new IllegalStateException("unknown algorithm");
-        }
-
-        return new PaddedBufferedBlockCipher(new CBCBlockCipher(engine), new PKCS7Padding());
-    }
-
-    static MacCalculator createMacCalculator(final ASN1ObjectIdentifier digestAlgorithm, ExtendedDigest digest, final PKCS12PBEParams pbeParams, final char[] password)
-    {
-        PKCS12ParametersGenerator pGen = new PKCS12ParametersGenerator(digest);
-
-        pGen.init(PKCS12ParametersGenerator.PKCS12PasswordToBytes(password), pbeParams.getIV(), pbeParams.getIterations().intValue());
-
-        final KeyParameter keyParam = (KeyParameter)pGen.generateDerivedMacParameters(digest.getDigestSize() * 8);
-
-        final HMac hMac = new HMac(digest);
-
-        hMac.init(keyParam);
-
-        return new MacCalculator()
-        {
-            public AlgorithmIdentifier getAlgorithmIdentifier()
-            {
-                return new AlgorithmIdentifier(digestAlgorithm, pbeParams);
-            }
-
-            public OutputStream getOutputStream()
-            {
-                return new MacOutputStream(hMac);
-            }
-
-            public byte[] getMac()
-            {
-                byte[] res = new byte[hMac.getMacSize()];
-
-                hMac.doFinal(res, 0);
-
-                return res;
-            }
-
-            public GenericKey getKey()
-            {
-                return new GenericKey(getAlgorithmIdentifier(), PKCS12ParametersGenerator.PKCS12PasswordToBytes(password));
-            }
-        };
-    }
-
-    static CipherParameters createCipherParameters(ASN1ObjectIdentifier algorithm, ExtendedDigest digest, int blockSize, PKCS12PBEParams pbeParams, char[] password)
-    {
-        PKCS12ParametersGenerator pGen = new PKCS12ParametersGenerator(digest);
-
-        pGen.init(PKCS12ParametersGenerator.PKCS12PasswordToBytes(password), pbeParams.getIV(), pbeParams.getIterations().intValue());
-
-        CipherParameters params;
-
-        if (PKCS12PBEUtils.hasNoIv(algorithm))
-        {
-            params = pGen.generateDerivedParameters(PKCS12PBEUtils.getKeySize(algorithm));
-        }
-        else
-        {
-            params = pGen.generateDerivedParameters(PKCS12PBEUtils.getKeySize(algorithm), blockSize * 8);
-
-            if (PKCS12PBEUtils.isDesAlg(algorithm))
-            {
-                DESedeParameters.setOddParity(((KeyParameter)((ParametersWithIV)params).getParameters()).getKey());
-            }
-        }
-        return params;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/JcaPKCS10CertificationRequest.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/JcaPKCS10CertificationRequest.java
deleted file mode 100644
index db57d0f..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/JcaPKCS10CertificationRequest.java
+++ /dev/null

@@ -1,115 +0,0 @@
-package org.bouncycastle.pkcs.jcajce;
-
-import java.io.IOException;
-import java.security.InvalidKeyException;
-import java.security.KeyFactory;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.Provider;
-import java.security.PublicKey;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.X509EncodedKeySpec;
-import java.util.Hashtable;
-
-import org.bouncycastle.asn1.pkcs.CertificationRequest;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
-import org.bouncycastle.jcajce.util.JcaJceHelper;
-import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
-import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
-import org.bouncycastle.pkcs.PKCS10CertificationRequest;
-
-public class JcaPKCS10CertificationRequest
-    extends PKCS10CertificationRequest
-{
-    private static Hashtable keyAlgorithms = new Hashtable();
-
-    static
-    {
-        //
-        // key types
-        //
-        keyAlgorithms.put(PKCSObjectIdentifiers.rsaEncryption, "RSA");
-        keyAlgorithms.put(X9ObjectIdentifiers.id_dsa, "DSA");
-    }
-
-    private JcaJceHelper helper = new DefaultJcaJceHelper();
-
-    public JcaPKCS10CertificationRequest(CertificationRequest certificationRequest)
-    {
-        super(certificationRequest);
-    }
-
-    public JcaPKCS10CertificationRequest(byte[] encoding)
-        throws IOException
-    {
-        super(encoding);
-    }
-
-    public JcaPKCS10CertificationRequest(PKCS10CertificationRequest requestHolder)
-    {
-        super(requestHolder.toASN1Structure());
-    }
-
-    public JcaPKCS10CertificationRequest setProvider(String providerName)
-    {
-        helper = new NamedJcaJceHelper(providerName);
-
-        return this;
-    }
-
-    public JcaPKCS10CertificationRequest setProvider(Provider provider)
-    {
-        helper = new ProviderJcaJceHelper(provider);
-
-        return this;
-    }
-
-    public PublicKey getPublicKey()
-        throws InvalidKeyException, NoSuchAlgorithmException
-    {
-        try
-        {
-            SubjectPublicKeyInfo keyInfo = this.getSubjectPublicKeyInfo();
-            X509EncodedKeySpec xspec = new X509EncodedKeySpec(keyInfo.getEncoded());
-            KeyFactory kFact;
-
-            try
-            {
-                kFact = helper.createKeyFactory(keyInfo.getAlgorithm().getAlgorithm().getId());
-            }
-            catch (NoSuchAlgorithmException e)
-            {
-                //
-                // try an alternate
-                //
-                if (keyAlgorithms.get(keyInfo.getAlgorithm().getAlgorithm()) != null)
-                {
-                    String  keyAlgorithm = (String)keyAlgorithms.get(keyInfo.getAlgorithm().getAlgorithm());
-
-                    kFact = helper.createKeyFactory(keyAlgorithm);
-                }
-                else
-                {
-                    throw e;
-                }
-            }
-
-            return kFact.generatePublic(xspec);
-        }
-        catch (InvalidKeySpecException e)
-        {
-            throw new InvalidKeyException("error decoding public key");
-        }
-        catch (IOException e)
-        {
-            throw new InvalidKeyException("error extracting key encoding");
-        }
-        catch (NoSuchProviderException e)
-        {
-            throw new NoSuchAlgorithmException("cannot find provider: " + e.getMessage());
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/JcaPKCS10CertificationRequestBuilder.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/JcaPKCS10CertificationRequestBuilder.java
deleted file mode 100644
index 5466e5f..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/JcaPKCS10CertificationRequestBuilder.java
+++ /dev/null

@@ -1,38 +0,0 @@
-package org.bouncycastle.pkcs.jcajce;
-
-import java.security.PublicKey;
-
-import javax.security.auth.x500.X500Principal;
-
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder;
-
-/**
- * Extension of the PKCS#10 builder to support PublicKey and X500Principal objects.
- */
-public class JcaPKCS10CertificationRequestBuilder
-    extends PKCS10CertificationRequestBuilder
-{
-    /**
-     * Create a PKCS#10 builder for the passed in subject and JCA public key.
-     *
-     * @param subject an X500Name containing the subject associated with the request we are building.
-     * @param publicKey a JCA public key that is to be associated with the request we are building.
-     */
-    public JcaPKCS10CertificationRequestBuilder(X500Name subject, PublicKey publicKey)
-    {
-        super(subject, SubjectPublicKeyInfo.getInstance(publicKey.getEncoded()));
-    }
-
-    /**
-     * Create a PKCS#10 builder for the passed in subject and JCA public key.
-     *
-     * @param subject an X500Principal containing the subject associated with the request we are building.
-     * @param publicKey a JCA public key that is to be associated with the request we are building.
-     */
-    public JcaPKCS10CertificationRequestBuilder(X500Principal subject, PublicKey publicKey)
-    {
-        super(X500Name.getInstance(subject.getEncoded()), SubjectPublicKeyInfo.getInstance(publicKey.getEncoded()));
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/JcaPKCS12SafeBagBuilder.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/JcaPKCS12SafeBagBuilder.java
deleted file mode 100644
index 0af510c..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/JcaPKCS12SafeBagBuilder.java
+++ /dev/null

@@ -1,45 +0,0 @@
-package org.bouncycastle.pkcs.jcajce;
-
-import java.io.IOException;
-import java.security.PrivateKey;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.X509Certificate;
-
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.Certificate;
-import org.bouncycastle.operator.OutputEncryptor;
-import org.bouncycastle.pkcs.PKCS12SafeBagBuilder;
-import org.bouncycastle.pkcs.PKCSIOException;
-
-public class JcaPKCS12SafeBagBuilder
-    extends PKCS12SafeBagBuilder
-{
-    public JcaPKCS12SafeBagBuilder(X509Certificate certificate)
-        throws IOException
-    {
-        super(convertCert(certificate));
-    }
-
-    private static Certificate convertCert(X509Certificate certificate)
-        throws IOException
-    {
-        try
-        {
-            return Certificate.getInstance(certificate.getEncoded());
-        }
-        catch (CertificateEncodingException e)
-        {
-            throw new PKCSIOException("cannot encode certificate: " + e.getMessage(), e);
-        }
-    }
-
-    public JcaPKCS12SafeBagBuilder(PrivateKey privateKey, OutputEncryptor encryptor)
-    {
-        super(PrivateKeyInfo.getInstance(privateKey.getEncoded()), encryptor);
-    }
-
-    public JcaPKCS12SafeBagBuilder(PrivateKey privateKey)
-    {
-        super(PrivateKeyInfo.getInstance(privateKey.getEncoded()));
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/JcaPKCS8EncryptedPrivateKeyInfoBuilder.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/JcaPKCS8EncryptedPrivateKeyInfoBuilder.java
deleted file mode 100644
index 691288d..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/JcaPKCS8EncryptedPrivateKeyInfoBuilder.java
+++ /dev/null

@@ -1,15 +0,0 @@
-package org.bouncycastle.pkcs.jcajce;
-
-import java.security.PrivateKey;
-
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfoBuilder;
-
-public class JcaPKCS8EncryptedPrivateKeyInfoBuilder
-    extends PKCS8EncryptedPrivateKeyInfoBuilder
-{
-    public JcaPKCS8EncryptedPrivateKeyInfoBuilder(PrivateKey privateKey)
-    {
-         super(PrivateKeyInfo.getInstance(privateKey.getEncoded()));
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/JcePKCS12MacCalculatorBuilder.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/JcePKCS12MacCalculatorBuilder.java
deleted file mode 100644
index 0b93709..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/JcePKCS12MacCalculatorBuilder.java
+++ /dev/null

@@ -1,123 +0,0 @@
-package org.bouncycastle.pkcs.jcajce;
-
-import java.io.OutputStream;
-import java.security.Provider;
-import java.security.SecureRandom;
-
-import javax.crypto.Mac;
-import javax.crypto.SecretKey;
-import javax.crypto.spec.PBEParameterSpec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCS12PBEParams;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.jcajce.PKCS12Key;
-import org.bouncycastle.jcajce.io.MacOutputStream;
-import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
-import org.bouncycastle.jcajce.util.JcaJceHelper;
-import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
-import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.MacCalculator;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.pkcs.PKCS12MacCalculatorBuilder;
-
-public class JcePKCS12MacCalculatorBuilder
-    implements PKCS12MacCalculatorBuilder
-{
-    private JcaJceHelper helper = new DefaultJcaJceHelper();
-    private ASN1ObjectIdentifier algorithm;
-
-    private SecureRandom random;
-    private int saltLength;
-    private int iterationCount = 1024;
-
-    public JcePKCS12MacCalculatorBuilder()
-    {
-        this(OIWObjectIdentifiers.idSHA1);
-    }
-
-    public JcePKCS12MacCalculatorBuilder(ASN1ObjectIdentifier hashAlgorithm)
-    {
-        this.algorithm = hashAlgorithm;
-    }
-
-    public JcePKCS12MacCalculatorBuilder setProvider(Provider provider)
-    {
-        this.helper = new ProviderJcaJceHelper(provider);
-
-        return this;
-    }
-
-    public JcePKCS12MacCalculatorBuilder setProvider(String providerName)
-    {
-        this.helper = new NamedJcaJceHelper(providerName);
-
-        return this;
-    }
-
-    public JcePKCS12MacCalculatorBuilder setIterationCount(int iterationCount)
-    {
-        this.iterationCount = iterationCount;
-
-        return this;
-    }
-
-    public AlgorithmIdentifier getDigestAlgorithmIdentifier()
-    {
-        return new AlgorithmIdentifier(algorithm, DERNull.INSTANCE);
-    }
-
-    public MacCalculator build(final char[] password)
-        throws OperatorCreationException
-    {
-        if (random == null)
-        {
-            random = new SecureRandom();
-        }
-
-        try
-        {
-            final Mac mac = helper.createMac(algorithm.getId());
-
-            saltLength = mac.getMacLength();
-            final byte[] salt = new byte[saltLength];
-
-            random.nextBytes(salt);
-
-            PBEParameterSpec defParams = new PBEParameterSpec(salt, iterationCount);
-            final SecretKey key = new PKCS12Key(password);
-
-            mac.init(key, defParams);
-
-            return new MacCalculator()
-            {
-                public AlgorithmIdentifier getAlgorithmIdentifier()
-                {
-                    return new AlgorithmIdentifier(algorithm, new PKCS12PBEParams(salt, iterationCount));
-                }
-
-                public OutputStream getOutputStream()
-                {
-                    return new MacOutputStream(mac);
-                }
-
-                public byte[] getMac()
-                {
-                    return mac.doFinal();
-                }
-
-                public GenericKey getKey()
-                {
-                    return new GenericKey(getAlgorithmIdentifier(), key.getEncoded());
-                }
-            };
-        }
-        catch (Exception e)
-        {
-            throw new OperatorCreationException("unable to create MAC calculator: " + e.getMessage(), e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/JcePKCS12MacCalculatorBuilderProvider.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/JcePKCS12MacCalculatorBuilderProvider.java
deleted file mode 100644
index 8b453f2..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/JcePKCS12MacCalculatorBuilderProvider.java
+++ /dev/null

@@ -1,105 +0,0 @@
-package org.bouncycastle.pkcs.jcajce;
-
-import java.io.OutputStream;
-import java.security.Provider;
-
-import javax.crypto.Mac;
-import javax.crypto.SecretKey;
-import javax.crypto.spec.PBEParameterSpec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.pkcs.PKCS12PBEParams;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.jcajce.PKCS12Key;
-import org.bouncycastle.jcajce.io.MacOutputStream;
-import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
-import org.bouncycastle.jcajce.util.JcaJceHelper;
-import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
-import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.MacCalculator;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.pkcs.PKCS12MacCalculatorBuilder;
-import org.bouncycastle.pkcs.PKCS12MacCalculatorBuilderProvider;
-
-public class JcePKCS12MacCalculatorBuilderProvider
-    implements PKCS12MacCalculatorBuilderProvider
-{
-    private JcaJceHelper helper = new DefaultJcaJceHelper();
-
-    public JcePKCS12MacCalculatorBuilderProvider()
-    {
-    }
-
-    public JcePKCS12MacCalculatorBuilderProvider setProvider(Provider provider)
-    {
-        this.helper = new ProviderJcaJceHelper(provider);
-
-        return this;
-    }
-
-    public JcePKCS12MacCalculatorBuilderProvider setProvider(String providerName)
-    {
-        this.helper = new NamedJcaJceHelper(providerName);
-
-        return this;
-    }
-
-    public PKCS12MacCalculatorBuilder get(final AlgorithmIdentifier algorithmIdentifier)
-    {
-        return new PKCS12MacCalculatorBuilder()
-        {
-            public MacCalculator build(final char[] password)
-                throws OperatorCreationException
-            {
-                final PKCS12PBEParams pbeParams = PKCS12PBEParams.getInstance(algorithmIdentifier.getParameters());
-
-                try
-                {
-                    final ASN1ObjectIdentifier algorithm = algorithmIdentifier.getAlgorithm();
-
-                    final Mac mac = helper.createMac(algorithm.getId());
-
-                    PBEParameterSpec defParams = new PBEParameterSpec(pbeParams.getIV(), pbeParams.getIterations().intValue());
-
-                    final SecretKey key = new PKCS12Key(password);
-
-                    mac.init(key, defParams);
-
-                    return new MacCalculator()
-                    {
-                        public AlgorithmIdentifier getAlgorithmIdentifier()
-                        {
-                            return new AlgorithmIdentifier(algorithm, pbeParams);
-                        }
-
-                        public OutputStream getOutputStream()
-                        {
-                            return new MacOutputStream(mac);
-                        }
-
-                        public byte[] getMac()
-                        {
-                            return mac.doFinal();
-                        }
-
-                        public GenericKey getKey()
-                        {
-                            return new GenericKey(getAlgorithmIdentifier(), key.getEncoded());
-                        }
-                    };
-                }
-                catch (Exception e)
-                {
-                    throw new OperatorCreationException("unable to create MAC calculator: " + e.getMessage(), e);
-                }
-            }
-
-            public AlgorithmIdentifier getDigestAlgorithmIdentifier()
-            {
-                return new AlgorithmIdentifier(algorithmIdentifier.getAlgorithm(), DERNull.INSTANCE);
-            }
-        };
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/JcePKCSPBEInputDecryptorProviderBuilder.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/JcePKCSPBEInputDecryptorProviderBuilder.java
deleted file mode 100644
index 330332d..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/JcePKCSPBEInputDecryptorProviderBuilder.java
+++ /dev/null

@@ -1,196 +0,0 @@
-package org.bouncycastle.pkcs.jcajce;
-
-import java.io.InputStream;
-import java.security.Provider;
-
-import javax.crypto.Cipher;
-import javax.crypto.CipherInputStream;
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.PBEKeySpec;
-import javax.crypto.spec.PBEParameterSpec;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.cryptopro.GOST28147Parameters;
-import org.bouncycastle.asn1.misc.MiscObjectIdentifiers;
-import org.bouncycastle.asn1.misc.ScryptParams;
-import org.bouncycastle.asn1.pkcs.PBEParameter;
-import org.bouncycastle.asn1.pkcs.PBES2Parameters;
-import org.bouncycastle.asn1.pkcs.PBKDF2Params;
-import org.bouncycastle.asn1.pkcs.PKCS12PBEParams;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.PasswordConverter;
-import org.bouncycastle.jcajce.PBKDF1Key;
-import org.bouncycastle.jcajce.PKCS12KeyWithParameters;
-import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec;
-import org.bouncycastle.jcajce.spec.PBKDF2KeySpec;
-import org.bouncycastle.jcajce.spec.ScryptKeySpec;
-import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
-import org.bouncycastle.jcajce.util.JcaJceHelper;
-import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
-import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
-import org.bouncycastle.operator.DefaultSecretKeySizeProvider;
-import org.bouncycastle.operator.InputDecryptor;
-import org.bouncycastle.operator.InputDecryptorProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.SecretKeySizeProvider;
-
-public class JcePKCSPBEInputDecryptorProviderBuilder
-{
-    private JcaJceHelper helper = new DefaultJcaJceHelper();
-    private boolean      wrongPKCS12Zero = false;
-    private SecretKeySizeProvider keySizeProvider = DefaultSecretKeySizeProvider.INSTANCE;
-
-    public JcePKCSPBEInputDecryptorProviderBuilder()
-    {
-    }
-
-    public JcePKCSPBEInputDecryptorProviderBuilder setProvider(Provider provider)
-    {
-        this.helper = new ProviderJcaJceHelper(provider);
-
-        return this;
-    }
-
-    public JcePKCSPBEInputDecryptorProviderBuilder setProvider(String providerName)
-    {
-        this.helper = new NamedJcaJceHelper(providerName);
-
-        return this;
-    }
-
-    public JcePKCSPBEInputDecryptorProviderBuilder setTryWrongPKCS12Zero(boolean tryWrong)
-    {
-        this.wrongPKCS12Zero = tryWrong;
-
-        return this;
-    }
-
-    /**
-     * Set the lookup provider of AlgorithmIdentifier returning key_size_in_bits used to
-     * handle PKCS5 decryption.
-     *
-     * @param keySizeProvider  a provider of integer secret key sizes.
-     *
-     * @return the current builder.
-     */
-    public JcePKCSPBEInputDecryptorProviderBuilder setKeySizeProvider(SecretKeySizeProvider keySizeProvider)
-    {
-        this.keySizeProvider = keySizeProvider;
-
-        return this;
-    }
-
-    public InputDecryptorProvider build(final char[] password)
-    {
-        return new InputDecryptorProvider()
-        {
-            private Cipher cipher;
-            private AlgorithmIdentifier encryptionAlg;
-
-            public InputDecryptor get(final AlgorithmIdentifier algorithmIdentifier)
-                throws OperatorCreationException
-            {
-                SecretKey key;
-                ASN1ObjectIdentifier algorithm = algorithmIdentifier.getAlgorithm();
-
-                try
-                {
-                    if (algorithm.on(PKCSObjectIdentifiers.pkcs_12PbeIds))
-                    {
-                        PKCS12PBEParams pbeParams = PKCS12PBEParams.getInstance(algorithmIdentifier.getParameters());
-
-                        cipher = helper.createCipher(algorithm.getId());
-
-                        cipher.init(Cipher.DECRYPT_MODE, new PKCS12KeyWithParameters(password, wrongPKCS12Zero, pbeParams.getIV(), pbeParams.getIterations().intValue()));
-
-                        encryptionAlg = algorithmIdentifier;
-                    }
-                    else if (algorithm.equals(PKCSObjectIdentifiers.id_PBES2))
-                    {
-                        PBES2Parameters alg = PBES2Parameters.getInstance(algorithmIdentifier.getParameters());
-
-                        if (MiscObjectIdentifiers.id_scrypt.equals(alg.getKeyDerivationFunc().getAlgorithm()))
-                        {
-                            ScryptParams params = ScryptParams.getInstance(alg.getKeyDerivationFunc().getParameters());
-                            AlgorithmIdentifier encScheme = AlgorithmIdentifier.getInstance(alg.getEncryptionScheme());
-
-                            SecretKeyFactory keyFact = helper.createSecretKeyFactory("SCRYPT");
-
-                            key = keyFact.generateSecret(new ScryptKeySpec(password,
-                                       params.getSalt(), params.getCostParameter().intValue(), params.getBlockSize().intValue(),
-                                       params.getParallelizationParameter().intValue(), keySizeProvider.getKeySize(encScheme)));
-                        }
-                        else
-                        {
-                            SecretKeyFactory keyFact = helper.createSecretKeyFactory(alg.getKeyDerivationFunc().getAlgorithm().getId());
-                            PBKDF2Params func = PBKDF2Params.getInstance(alg.getKeyDerivationFunc().getParameters());
-                            AlgorithmIdentifier encScheme = AlgorithmIdentifier.getInstance(alg.getEncryptionScheme());
-
-                            if (func.isDefaultPrf())
-                            {
-                                key = keyFact.generateSecret(new PBEKeySpec(password, func.getSalt(), func.getIterationCount().intValue(), keySizeProvider.getKeySize(encScheme)));
-                            }
-                            else
-                            {
-                                key = keyFact.generateSecret(new PBKDF2KeySpec(password, func.getSalt(), func.getIterationCount().intValue(), keySizeProvider.getKeySize(encScheme), func.getPrf()));
-                            }
-                        }
-
-                        cipher = helper.createCipher(alg.getEncryptionScheme().getAlgorithm().getId());
-
-                        encryptionAlg = AlgorithmIdentifier.getInstance(alg.getEncryptionScheme());
-
-                        ASN1Encodable encParams = alg.getEncryptionScheme().getParameters();
-                        if (encParams instanceof ASN1OctetString)
-                        {
-                            cipher.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(ASN1OctetString.getInstance(encParams).getOctets()));
-                        }
-                        else
-                        {
-                            // TODO: at the moment it's just GOST, but...
-                            GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams);
-
-                            cipher.init(Cipher.DECRYPT_MODE, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV()));
-                        }
-                    }
-                    else if (algorithm.equals(PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC)
-                        || algorithm.equals(PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC))
-                    {
-                        PBEParameter pbeParams = PBEParameter.getInstance(algorithmIdentifier.getParameters());
-
-                        cipher = helper.createCipher(algorithm.getId());
-
-                        cipher.init(Cipher.DECRYPT_MODE, new PBKDF1Key(password, PasswordConverter.ASCII),
-                                new PBEParameterSpec(pbeParams.getSalt(), pbeParams.getIterationCount().intValue()));
-                    }
-                    else
-                    {
-                        throw new OperatorCreationException("unable to create InputDecryptor: algorithm " + algorithm + " unknown.");
-                    }
-                }
-                catch (Exception e)
-                {
-                    throw new OperatorCreationException("unable to create InputDecryptor: " + e.getMessage(), e);
-                }
-
-                return new InputDecryptor()
-                {
-                    public AlgorithmIdentifier getAlgorithmIdentifier()
-                    {
-                        return encryptionAlg;
-                    }
-
-                    public InputStream getInputStream(InputStream input)
-                    {
-                        return new CipherInputStream(input, cipher);
-                    }
-                };
-            }
-        };
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/JcePKCSPBEOutputEncryptorBuilder.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/JcePKCSPBEOutputEncryptorBuilder.java
deleted file mode 100644
index 8763b3f..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/JcePKCSPBEOutputEncryptorBuilder.java
+++ /dev/null

@@ -1,335 +0,0 @@
-package org.bouncycastle.pkcs.jcajce;
-
-import java.io.OutputStream;
-import java.security.Provider;
-import java.security.SecureRandom;
-
-import javax.crypto.Cipher;
-import javax.crypto.CipherOutputStream;
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.spec.PBEKeySpec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.bc.BCObjectIdentifiers;
-import org.bouncycastle.asn1.misc.MiscObjectIdentifiers;
-import org.bouncycastle.asn1.misc.ScryptParams;
-import org.bouncycastle.asn1.pkcs.EncryptionScheme;
-import org.bouncycastle.asn1.pkcs.KeyDerivationFunc;
-import org.bouncycastle.asn1.pkcs.PBES2Parameters;
-import org.bouncycastle.asn1.pkcs.PBKDF2Params;
-import org.bouncycastle.asn1.pkcs.PKCS12PBEParams;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.util.PBKDF2Config;
-import org.bouncycastle.crypto.util.PBKDFConfig;
-import org.bouncycastle.crypto.util.ScryptConfig;
-import org.bouncycastle.jcajce.PKCS12KeyWithParameters;
-import org.bouncycastle.jcajce.spec.ScryptKeySpec;
-import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
-import org.bouncycastle.jcajce.util.JcaJceHelper;
-import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
-import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
-import org.bouncycastle.operator.DefaultSecretKeySizeProvider;
-import org.bouncycastle.operator.GenericKey;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.OutputEncryptor;
-import org.bouncycastle.operator.SecretKeySizeProvider;
-
-public class JcePKCSPBEOutputEncryptorBuilder
-{
-    private final PBKDFConfig pbkdf;
-
-    private JcaJceHelper helper = new DefaultJcaJceHelper();
-    private ASN1ObjectIdentifier algorithm;
-    private ASN1ObjectIdentifier keyEncAlgorithm;
-    private SecureRandom random;
-    private SecretKeySizeProvider keySizeProvider = DefaultSecretKeySizeProvider.INSTANCE;
-    private int iterationCount = 1024;
-    private PBKDF2Config.Builder pbkdfBuilder = new PBKDF2Config.Builder();
-
-    public JcePKCSPBEOutputEncryptorBuilder(ASN1ObjectIdentifier keyEncryptionAlg)
-    {
-        this.pbkdf = null;
-        if (isPKCS12(keyEncryptionAlg))
-        {
-            this.algorithm = keyEncryptionAlg;
-            this.keyEncAlgorithm = keyEncryptionAlg;
-        }
-        else
-        {
-            this.algorithm = PKCSObjectIdentifiers.id_PBES2;
-            this.keyEncAlgorithm = keyEncryptionAlg;
-        }
-    }
-
-    /**
-     * Constructor allowing different derivation functions such as PBKDF2 and scrypt.
-     *
-     * @param pbkdfAlgorithm key derivation algorithm definition to use.
-     * @param keyEncryptionAlg encryption algorithm to apply the derived key with.
-     */
-    public JcePKCSPBEOutputEncryptorBuilder(PBKDFConfig pbkdfAlgorithm, ASN1ObjectIdentifier keyEncryptionAlg)
-    {
-        this.algorithm = PKCSObjectIdentifiers.id_PBES2;
-        this.pbkdf = pbkdfAlgorithm;
-        this.keyEncAlgorithm = keyEncryptionAlg;
-    }
-
-    public JcePKCSPBEOutputEncryptorBuilder setProvider(Provider provider)
-    {
-        this.helper = new ProviderJcaJceHelper(provider);
-
-        return this;
-    }
-
-    public JcePKCSPBEOutputEncryptorBuilder setProvider(String providerName)
-    {
-        this.helper = new NamedJcaJceHelper(providerName);
-
-        return this;
-    }
-
-    public JcePKCSPBEOutputEncryptorBuilder setRandom(SecureRandom random)
-    {
-        this.random = random;
-
-        return this;
-    }
-
-    /**
-     * Set the lookup provider of AlgorithmIdentifier returning key_size_in_bits used to
-     * handle PKCS5 decryption.
-     *
-     * @param keySizeProvider a provider of integer secret key sizes.
-     * @return the current builder.
-     */
-    public JcePKCSPBEOutputEncryptorBuilder setKeySizeProvider(SecretKeySizeProvider keySizeProvider)
-    {
-        this.keySizeProvider = keySizeProvider;
-
-        return this;
-    }
-
-    /**
-     * Set the PRF to use for key generation. By default this is HmacSHA1.
-     *
-     * @param prf algorithm id for PRF.
-     * @return the current builder.
-     * @throws IllegalStateException if this builder was intialised with a PBKDFDef
-     */
-    public JcePKCSPBEOutputEncryptorBuilder setPRF(AlgorithmIdentifier prf)
-    {
-        if (pbkdf != null)
-        {
-            throw new IllegalStateException("set PRF count using PBKDFDef");
-        }
-        this.pbkdfBuilder.withPRF(prf);
-
-        return this;
-    }
-
-    /**
-     * Set the iteration count for the PBE calculation.
-     *
-     * @param iterationCount the iteration count to apply to the key creation.
-     * @return the current builder.
-     * @throws IllegalStateException if this builder was intialised with a PBKDFDef
-     */
-    public JcePKCSPBEOutputEncryptorBuilder setIterationCount(int iterationCount)
-    {
-        if (pbkdf != null)
-        {
-            throw new IllegalStateException("set iteration count using PBKDFDef");
-        }
-        this.iterationCount = iterationCount;
-        this.pbkdfBuilder.withIterationCount(iterationCount);
-
-        return this;
-    }
-
-    public OutputEncryptor build(final char[] password)
-        throws OperatorCreationException
-    {
-        final Cipher cipher;
-        SecretKey key;
-
-        if (random == null)
-        {
-            random = new SecureRandom();
-        }
-
-        final AlgorithmIdentifier encryptionAlg;
-
-        try
-        {
-            if (isPKCS12(algorithm))
-            {
-                byte[] salt = new byte[20];
-
-                random.nextBytes(salt);
-
-                cipher = helper.createCipher(algorithm.getId());
-
-                cipher.init(Cipher.ENCRYPT_MODE, new PKCS12KeyWithParameters(password, salt, iterationCount));
-
-                encryptionAlg = new AlgorithmIdentifier(algorithm, new PKCS12PBEParams(salt, iterationCount));
-            }
-            else if (algorithm.equals(PKCSObjectIdentifiers.id_PBES2))
-            {
-                PBKDFConfig pbkDef = (pbkdf == null) ? pbkdfBuilder.build() : pbkdf;
-
-                if (MiscObjectIdentifiers.id_scrypt.equals(pbkDef.getAlgorithm()))
-                {
-                    ScryptConfig skdf = (ScryptConfig)pbkDef;
-
-                    byte[] salt = new byte[skdf.getSaltLength()];
-
-                    random.nextBytes(salt);
-
-                    ScryptParams params = new ScryptParams(
-                                                salt,
-                                                skdf.getCostParameter(),
-                                                skdf.getBlockSize(),
-                                                skdf.getParallelizationParameter());
-                    
-                    SecretKeyFactory keyFact = helper.createSecretKeyFactory("SCRYPT");
-
-                    key = keyFact.generateSecret(new ScryptKeySpec(password,
-                        salt, skdf.getCostParameter(), skdf.getBlockSize(), skdf.getParallelizationParameter(),
-                                                 keySizeProvider.getKeySize(new AlgorithmIdentifier(keyEncAlgorithm))));
-
-                    cipher = helper.createCipher(keyEncAlgorithm.getId());
-
-                    cipher.init(Cipher.ENCRYPT_MODE, key, random);
-
-                    PBES2Parameters algParams = new PBES2Parameters(
-                        new KeyDerivationFunc(MiscObjectIdentifiers.id_scrypt, params),
-                        new EncryptionScheme(keyEncAlgorithm, ASN1Primitive.fromByteArray(cipher.getParameters().getEncoded())));
-
-                    encryptionAlg = new AlgorithmIdentifier(algorithm, algParams);
-                }
-                else
-                {
-                    PBKDF2Config pkdf = (PBKDF2Config)pbkDef;
-
-                    byte[] salt = new byte[pkdf.getSaltLength()];
-
-                    random.nextBytes(salt);
-
-                    SecretKeyFactory keyFact = helper.createSecretKeyFactory(JceUtils.getAlgorithm(pkdf.getPRF().getAlgorithm()));
-
-                    key = keyFact.generateSecret(new PBEKeySpec(password, salt, pkdf.getIterationCount(),
-                                            keySizeProvider.getKeySize(new AlgorithmIdentifier(keyEncAlgorithm))));
-
-                    cipher = helper.createCipher(keyEncAlgorithm.getId());
-
-                    cipher.init(Cipher.ENCRYPT_MODE, key, random);
-
-                    PBES2Parameters algParams = new PBES2Parameters(
-                        new KeyDerivationFunc(PKCSObjectIdentifiers.id_PBKDF2, new PBKDF2Params(salt, pkdf.getIterationCount(), pkdf.getPRF())),
-                        new EncryptionScheme(keyEncAlgorithm, ASN1Primitive.fromByteArray(cipher.getParameters().getEncoded())));
-
-                    encryptionAlg = new AlgorithmIdentifier(algorithm, algParams);
-                }
-            }
-            else
-            {
-                throw new OperatorCreationException("unrecognised algorithm");
-            }
-
-            return new OutputEncryptor()
-            {
-                public AlgorithmIdentifier getAlgorithmIdentifier()
-                {
-                    return encryptionAlg;
-                }
-
-                public OutputStream getOutputStream(OutputStream out)
-                {
-                    return new CipherOutputStream(out, cipher);
-                }
-
-                public GenericKey getKey()
-                {
-                    if (isPKCS12(encryptionAlg.getAlgorithm()))
-                    {
-                        return new GenericKey(encryptionAlg, PKCS12PasswordToBytes(password));
-                    }
-                    else
-                    {
-                        return new GenericKey(encryptionAlg, PKCS5PasswordToBytes(password));
-                    }
-                }
-            };
-        }
-        catch (Exception e)
-        {
-            throw new OperatorCreationException("unable to create OutputEncryptor: " + e.getMessage(), e);
-        }
-    }
-
-    private boolean isPKCS12(ASN1ObjectIdentifier algorithm)
-    {
-        return algorithm.on(PKCSObjectIdentifiers.pkcs_12PbeIds)
-            || algorithm.on(BCObjectIdentifiers.bc_pbe_sha1_pkcs12)
-            || algorithm.on(BCObjectIdentifiers.bc_pbe_sha256_pkcs12);
-    }
-
-    /**
-     * converts a password to a byte array according to the scheme in
-     * PKCS5 (ascii, no padding)
-     *
-     * @param password a character array representing the password.
-     * @return a byte array representing the password.
-     */
-    private static byte[] PKCS5PasswordToBytes(
-        char[] password)
-    {
-        if (password != null)
-        {
-            byte[] bytes = new byte[password.length];
-
-            for (int i = 0; i != bytes.length; i++)
-            {
-                bytes[i] = (byte)password[i];
-            }
-
-            return bytes;
-        }
-        else
-        {
-            return new byte[0];
-        }
-    }
-
-    /**
-     * converts a password to a byte array according to the scheme in
-     * PKCS12 (unicode, big endian, 2 zero pad bytes at the end).
-     *
-     * @param password a character array representing the password.
-     * @return a byte array representing the password.
-     */
-    private static byte[] PKCS12PasswordToBytes(
-        char[] password)
-    {
-        if (password != null && password.length > 0)
-        {
-            // +1 for extra 2 pad bytes.
-            byte[] bytes = new byte[(password.length + 1) * 2];
-
-            for (int i = 0; i != password.length; i++)
-            {
-                bytes[i * 2] = (byte)(password[i] >>> 8);
-                bytes[i * 2 + 1] = (byte)password[i];
-            }
-
-            return bytes;
-        }
-        else
-        {
-            return new byte[0];
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/JceUtils.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/JceUtils.java
deleted file mode 100644
index b7533f6..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/JceUtils.java
+++ /dev/null

@@ -1,38 +0,0 @@
-package org.bouncycastle.pkcs.jcajce;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-
-class JceUtils
-{
-    private static final Map PRFS = new HashMap();
-
-    static
-    {
-        PRFS.put(PKCSObjectIdentifiers.id_hmacWithSHA1, "PBKDF2withHMACSHA1");
-        PRFS.put(PKCSObjectIdentifiers.id_hmacWithSHA256, "PBKDF2withHMACSHA256");
-        PRFS.put(PKCSObjectIdentifiers.id_hmacWithSHA512, "PBKDF2withHMACSHA512");
-        PRFS.put(PKCSObjectIdentifiers.id_hmacWithSHA224, "PBKDF2withHMACSHA224");
-        PRFS.put(PKCSObjectIdentifiers.id_hmacWithSHA384, "PBKDF2withHMACSHA384");
-        PRFS.put(NISTObjectIdentifiers.id_hmacWithSHA3_224, "PBKDF2withHMACSHA3-224");
-        PRFS.put(NISTObjectIdentifiers.id_hmacWithSHA3_256, "PBKDF2withHMACSHA3-256");
-        PRFS.put(NISTObjectIdentifiers.id_hmacWithSHA3_384, "PBKDF2withHMACSHA3-384");
-        PRFS.put(NISTObjectIdentifiers.id_hmacWithSHA3_512, "PBKDF2withHMACSHA3-512");
-        PRFS.put(CryptoProObjectIdentifiers.gostR3411Hmac, "PBKDF2withHMACGOST3411");
-    }
-
-    static String getAlgorithm(ASN1ObjectIdentifier algorithm)
-    {
-        if (!PRFS.containsKey(algorithm))
-        {
-            throw new IllegalStateException("no prf for algorithm: " + algorithm);
-        }
-
-        return ((String)PRFS.get(algorithm));
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/package.html b/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/package.html
deleted file mode 100644
index 5305be4..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/jcajce/package.html
+++ /dev/null

@@ -1,7 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
-        "http://www.w3.org/TR/html4/loose.dtd">
-<html>
-<body bgcolor="#ffffff">
-JCA extensions and operators for the PKCS#10 certification request package.
-</body>
-</html>

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/package.html b/bcpkix/src/main/java/org/bouncycastle/pkcs/package.html
deleted file mode 100644
index c83de7c..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/package.html
+++ /dev/null

@@ -1,7 +0,0 @@
-<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN"
-        "http://www.w3.org/TR/html4/loose.dtd">
-<html>
-<body bgcolor="#ffffff">
-Basic support package for handling and creating PKCS#10 certification requests, PKCS#8 encrypted keys and PKCS#12 keys stores.
-</body>
-</html>
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/test/AllTests.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/test/AllTests.java
deleted file mode 100644
index bbf75bf..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/test/AllTests.java
+++ /dev/null

@@ -1,25 +0,0 @@
-package org.bouncycastle.pkcs.test;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-
-public class AllTests
-    extends TestCase
-{
-    public static void main (String[] args)
-    {
-        junit.textui.TestRunner.run(suite());
-    }
-    
-    public static Test suite()
-    {
-        TestSuite suite = new TestSuite("PKCS Tests");
-        
-        suite.addTestSuite(PfxPduTest.class);
-        suite.addTestSuite(PKCS10Test.class);
-        suite.addTestSuite(PKCS8Test.class);
-
-        return new BCTestSetup(suite);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/test/BCTestSetup.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/test/BCTestSetup.java
deleted file mode 100644
index 7a13561..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/test/BCTestSetup.java
+++ /dev/null

@@ -1,26 +0,0 @@
-// Copyright (c) 2005 The Legion Of The Bouncy Castle (http://www.bouncycastle.org)
-package org.bouncycastle.pkcs.test;
-
-import java.security.Security;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-
-class BCTestSetup
-    extends TestSetup
-{
-    public BCTestSetup(Test test)
-    {
-        super(test);
-    }
-
-    protected void setUp()
-    {
-        Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
-    }
-
-    protected void tearDown()
-    {
-        Security.removeProvider("BC");
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/test/PKCS10Test.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/test/PKCS10Test.java
deleted file mode 100644
index 302a16b..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/test/PKCS10Test.java
+++ /dev/null

@@ -1,102 +0,0 @@
-package org.bouncycastle.pkcs.test;
-
-import java.math.BigInteger;
-import java.security.KeyFactory;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.Security;
-import java.security.spec.RSAPrivateCrtKeySpec;
-import java.security.spec.RSAPublicKeySpec;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.asn1.pkcs.CertificationRequest;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
-import org.bouncycastle.pkcs.PKCS10CertificationRequest;
-import org.bouncycastle.pkcs.PKCS10CertificationRequestBuilder;
-import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequest;
-import org.bouncycastle.pkcs.jcajce.JcaPKCS10CertificationRequestBuilder;
-import org.bouncycastle.util.encoders.Base64;
-
-public class PKCS10Test
-    extends TestCase
-{
-    private static final byte[] anssiPkcs10 = Base64.decode(
-        "MIHLMHMCAQAwDzENMAsGA1UEAwwEYmx1YjBbMBUGByqGSM49AgEGCiqBegGB"
-          + "X2WCAAEDQgAEB9POXLIasfF55GSxY9vshIIEnvv47B9jGZgZFN6VFHPvqe8G"
-          + "j+6UpLjP0vvoInC8uu/X3JJJTsrgGrxbfOOG1KAAMAoGCCqGSM49BAMCA0gA"
-          + "MEUCIQCgTdLV3IS5NuL9CHMDPOj6BumAQPdjzbgkGZghoY/wJAIgcEgF/2f4"
-          + "5wYlIELOq18Uxksc0sOkbZm/nRXs1VX4rsM=");
-
-     //
-    // personal keys
-    //
-    private static final RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(
-        new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-        new BigInteger("11", 16));
-
-    private static final RSAPrivateCrtKeySpec privKeySpec = new RSAPrivateCrtKeySpec(
-        new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-        new BigInteger("11", 16),
-        new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
-        new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
-        new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
-        new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
-        new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
-        new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));
-
-    public void setUp()
-    {
-        Security.addProvider(new BouncyCastleProvider());
-    }
-
-    public void testLeaveOffEmpty()
-        throws Exception
-    {
-        KeyFactory keyFact = KeyFactory.getInstance("RSA", "BC");
-        PublicKey  pubKey = keyFact.generatePublic(pubKeySpec);
-        PrivateKey privKey = keyFact.generatePrivate(privKeySpec);
-
-        PKCS10CertificationRequestBuilder pkcs10Builder = new JcaPKCS10CertificationRequestBuilder(new X500Name("CN=Test"), pubKey);
-
-        PKCS10CertificationRequest request = pkcs10Builder.build(new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(privKey));
-
-        assertEquals(0, request.getAttributes().length);
-        assertNotNull(CertificationRequest.getInstance(request.getEncoded()).getCertificationRequestInfo().getAttributes());
-
-        pkcs10Builder.setLeaveOffEmptyAttributes(true);
-
-        request = pkcs10Builder.build(new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(privKey));
-
-        assertEquals(0, request.getAttributes().length);
-        assertNull(CertificationRequest.getInstance(request.getEncoded()).getCertificationRequestInfo().getAttributes());
-
-        pkcs10Builder.setLeaveOffEmptyAttributes(false);
-
-        request = pkcs10Builder.build(new JcaContentSignerBuilder("SHA1withRSA").setProvider("BC").build(privKey));
-
-        assertEquals(0, request.getAttributes().length);
-        assertNotNull(CertificationRequest.getInstance(request.getEncoded()).getCertificationRequestInfo().getAttributes());
-    }
-
-    public void testRequest()
-        throws Exception
-    {
-        JcaPKCS10CertificationRequest req = new JcaPKCS10CertificationRequest(anssiPkcs10);
-
-        assertTrue(req.getPublicKey().toString().startsWith("EC Public Key [9a:f5:f3:36:55:81:27:66:dd:d8:76:5a:96:6b:26:7b:0c:61:a2:94]"));
-    }
-
-    public static void main(String args[])
-    {
-        junit.textui.TestRunner.run(suite());
-    }
-
-    public static Test suite()
-    {
-        return new BCTestSetup(new TestSuite(PKCS10Test.class));
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/test/PKCS8Test.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/test/PKCS8Test.java
deleted file mode 100644
index af1fc11..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/test/PKCS8Test.java
+++ /dev/null

@@ -1,246 +0,0 @@
-package org.bouncycastle.pkcs.test;
-
-import java.math.BigInteger;
-import java.security.Security;
-
-import junit.framework.TestCase;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo;
-import org.bouncycastle.asn1.pkcs.PBES2Parameters;
-import org.bouncycastle.asn1.pkcs.PBKDF2Params;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.pkcs.RSAPrivateKey;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.util.PBKDFConfig;
-import org.bouncycastle.crypto.util.ScryptConfig;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;
-import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfoBuilder;
-import org.bouncycastle.pkcs.jcajce.JcePKCSPBEInputDecryptorProviderBuilder;
-import org.bouncycastle.pkcs.jcajce.JcePKCSPBEOutputEncryptorBuilder;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Base64;
-
-public class PKCS8Test
-    extends TestCase
-{
-    private static BigInteger modulus = new BigInteger(
-        "b6ce33ccbf839457b0d32487b6c807bca584f85c627466b787fc09d0b1f73d97c9a381eca20e0ba851d317a8964327fa0010de76c" +
-            "6c0facb83f13612752d166b49d9ba272c38c9a4ed71a94ea69f7bbdc63d7a5c5d3f3c039223e4ac1bb5d433c6bf01e68364a7ef4f" +
-            "061f7cdfba82fa471bb1444b2034e53cc9c3e402a8fa89", 16);
-
-    private static byte[] pkInfo = Base64.decode(
-        "MIICdgIBADANBgkqhkiG9w0BAQEFAASCAmAwggJcAgEAAoGBALbOM8y/g5RXsNMkh7bIB7ylhPhcYnRmt4f8CdCx9z2XyaOB7KIOC6hR" +
-            "0xeolkMn+gAQ3nbGwPrLg/E2EnUtFmtJ2bonLDjJpO1xqU6mn3u9xj16XF0/PAOSI+SsG7XUM8a/AeaDZKfvTwYffN+6gvpHG7FESyA0" +
-            "5TzJw+QCqPqJAgMBAAECgYAMQxCeb0o4LRmjUBP6YriCIugkcK35+NneuT0/TnCzJPdVjGV/CUom5DYwpBJQNuJCFt+VQAe5yuTyzRm3" +
-            "2mpicusxKsMHqJRJFWIQ5ztuRehGF1KB+NPze7GxWVB2vRWJQQhlgq/nRsAjWoUfxbFkKBlNPhUnLm1klwBptpqpcQJBAOBiAnrrraBu" +
-            "3Lc9B8QtCdEAIr5LYyWYd3jSvyTt04OI8Q3l7zG9omKpdIskGNu7n5RRYixsNXAVCaiHsyHHCO8CQQDQkGdtlH5fQZ2PJVSNZ6RlDhUq" +
-            "6RGqajnkXw/sK1GR388FGqc9xTB9Eu1vg7ywlsuWSWpiCe/q+1nGVJufLAQHAkEAyTba5oQGNYJ1J1Txa/i/fs7SWTedd49cQ9spUeJ7" +
-            "9M6O7FmvwDlAL52qR0Rdjl6YYhcBJLj8yr/y41CdUML9vQJAYGDqurOtNj2vHrAkg3fKezxnwb2UgUi3WfYn+H4IIr3m/7fSYvQVtSai" +
-            "/C5Hat80U0230HhBGzhtwv3kMEj5zwJAViD4ceQRYyC+G2z5fyFz8Ca6sjDB9LwY0YEOFxR+3nqtteJI2vgITl4HrrnTRGuiVSY6pqkX" +
-            "hX2DZcWDZMieLA==");
-
-    private static byte[] pkcs8Sha256 = Base64.decode(
-    "MIIC9TBvBgkqhkiG9w0BBQ0wYjBBBgkqhkiG9w0BBQwwNAQgsa99yy9MqsJQ+4l5" +
-        "SehvabVidNKBoJeqPJDZAPmbKCgCAggAMAwGCCqGSIb3DQIJBQAwHQYJYIZIAWUD" +
-        "BAEqBBBAncGTD5Yp0oqVklTgmzt4BIICgDJLy5EF12+l9cjYIRVLcHFc7QE7prBy" +
-        "yj+nENvxqPJaVAVo+VVguOPUSGKQAeZnUhpU1kwKa4EyUhA5CvVtTcQ3hd7v769E" +
-        "n59EJ2NKFNOmplxbE3QU/Z7g63ECDvu4jsUVjZmWGrzDXwDEkraG5VdtVhIfdFOj" +
-        "yR1CEnxLqq5l3qlkCjKFap/UBh6wbsItJJYw4HJ/7fCJtY8xKG9b1hxHiyH2Yhrh" +
-        "Pak2P4ukFClg8Kzv92ZbUKSv92C/zrlkUWx7+u7b97YZVd/nL4VLVnQW79YI7ApL" +
-        "QHFNZ9Jp3cm3XtddzlJJVWwghF+slvULsGzQ05yMICyCRHEwPAPSXvf6VpNezQ+v" +
-        "8mD+lS7IavJRx7S4y2NFzZCLDaZfX32/S4vRv7Q4Ax87YKHqHwLnZRLWn3QimtX5" +
-        "oJPsf8Sj0/w31W49c7I3a4rWLAWO3fTVSvH+vQdPUCq9geqatOjiwSnUy6oSP4f3" +
-        "vvdMlvNFafWyLwqONM8nKijNSSk8fjJtncvIDBCRYmwuQFmkFBRtCpHNeY43vrCV" +
-        "O04x5N6PPTnnp/Ru7xYbrEyO2SQX/JJQV2l/pZgyF4w/2Y3i0hW+dItkoFVPGuY0" +
-        "XfBgPlVx5w/72Et8GKh8a5E03IPJOa3J+/vhx9hYc7Hc4AJHsQQwiXco5ybBNZBV" +
-        "wteKQwP6XRL5GMWJr4v4fJk0ksZ7sDAIlLWOeZu0jxWSx3VLC6QR9Ij+uMGkkY3t" +
-        "nVxJii5qFSnWSH5e2Qk9HJ64a0ossKBFaln8wT/2tryBxa1+YZDYwGrasG4EvKHC" +
-        "N0PVvCZ6nreGoWpaBlTolOl7HpbjcsryQ2SMkWNIurrivWKAoqRQ53Q=");
-
-
-    private static byte[] pkcs8Gost3411 = Base64.decode(
-        "MIIC8zBtBgkqhkiG9w0BBQ0wYDA/BgkqhkiG9w0BBQwwMgQgo40hf88LUYklfxUE" +
-            "HO0KjJFo52p9lEqfYDDmJJosDpYCAggAMAoGBiqFAwICCgUAMB0GCWCGSAFlAwQB" +
-            "KgQQJXNzoxem4QvtoToJbJVt1ASCAoBtcnpMvp/Skip+m8e0A+Hh8BnzoRDkKoeD" +
-            "QFuyR1HRfXa6iZ+CT5Bt38kM7shDA1se1uEo5WnDCydmzQ5WdHinMaokryd+3l65" +
-            "AszZLrbK56E78820RMTwFevDAXcwhneomCkEg059r+GfO0OLe6YJ1JR88uiPWxJy" +
-            "gthltJoefOnK87cG53oOPAmgKkMS0lbd13FeYduo9r2473O80CtTpA0p5GHFHdI8" +
-            "9ebu8PWoGez+HR3FU5+m4Qj63spW2F1qblgocywABFqVCWVp/8h4dptQ7754jNmK" +
-            "HN4MWgXYb5SdScz8IkE9Cv+Xn0tAW5eqhgYDot4GfbYRqCjup0jnCmgNxFo/TMOS" +
-            "H1EMXeFnEEEft/fx8K1jZ1jtfJQRBY1N0jOBBzsMKVgj8GYkFAlOYXziCK+YzYjY" +
-            "gmD2/IQ1+VfPnCkT14BqM9KzJidOjMDE9jlMiBhaBzee0qpdCLZ9bPQ0L6s6Urwm" +
-            "mR7l1nCvLY5GYRBUC/ZOZf+MiPEpD/Lu+DUv5RgPEDStSXoKqtxvgpsT4upDVpEw" +
-            "i4z7TWGpkcOGZJEe8JHEw5rDC15FHm44WoeFhlgLaFhjUD9Ou4CYM3LYT6VwUbmF" +
-            "XBBVuKssFbbvOcU1ez4vfx7i8r09R/olVmopsiUBapyLwfck3hlQEYrAJKHQ9HFV" +
-            "qYM9tU0OoaZB1qYYmLQPIe99cr66xTmfUkRQaJ2RAhbZQDPTX3Bm4SseEfmrkfuY" +
-            "/RzOT5l2cgEOuTmkzhfgxVqyhOBeWfGPWYWtDD2QmQBcAHZbf9XVaoRe7YDRXTG/" +
-            "WhEN3fKJaM/Qfif5wwWvHjQb5TWrTyeNNuh4YtXsyQ3PkwOxHrmm"
-    );
-
-    // from RFC 7914
-    private static byte[] pkcs8Scrypt = Base64.decode(
-        "MIHiME0GCSqGSIb3DQEFDTBAMB8GCSsGAQQB2kcECzASBAVNb3VzZQIDEAAAAgEI" +
-            "AgEBMB0GCWCGSAFlAwQBKgQQyYmguHMsOwzGMPoyObk/JgSBkJb47EWd5iAqJlyy" +
-            "+ni5ftd6gZgOPaLQClL7mEZc2KQay0VhjZm/7MbBUNbqOAXNM6OGebXxVp6sHUAL" +
-            "iBGY/Dls7B1TsWeGObE0sS1MXEpuREuloZjcsNVcNXWPlLdZtkSH6uwWzR0PyG/Z" +
-            "+ZXfNodZtd/voKlvLOw5B3opGIFaLkbtLZQwMiGtl42AS89lZg=="
-    );
-
-    private static byte[] scryptKey = Base64.decode(
-        "MIGHAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBG0wawIBAQQg4RaNK5CuHY3CXr9f" +
-            "/CdVgOhEurMohrQmWbbLZK4ZInyhRANCAARs2WMV6UMlLjLaoc0Dsdnj4Vlffc9T" +
-            "t48lJU0RiCzXc280Vg/H5fm1xAP1B7UnIVcBqgDHDcfqWm1h/xSeCHXS"
-    );
-
-    public void setUp()
-    {
-        Security.addProvider(new BouncyCastleProvider());
-    }
-
-    public void testSHA256()
-        throws Exception
-    {
-        PKCS8EncryptedPrivateKeyInfo info = new PKCS8EncryptedPrivateKeyInfo(pkcs8Sha256);
-        
-        PrivateKeyInfo pkInfo = info.decryptPrivateKeyInfo(new JcePKCSPBEInputDecryptorProviderBuilder().setProvider("BC").build("hello".toCharArray()));
-
-        RSAPrivateKey k = RSAPrivateKey.getInstance(pkInfo.parsePrivateKey());
-
-        assertEquals(modulus, k.getModulus());
-    }
-
-    public void testGOST3411()
-        throws Exception
-    {
-        PKCS8EncryptedPrivateKeyInfo info = new PKCS8EncryptedPrivateKeyInfo(pkcs8Gost3411);
-
-        PrivateKeyInfo pkInfo = info.decryptPrivateKeyInfo(new JcePKCSPBEInputDecryptorProviderBuilder().setProvider("BC").build("hello".toCharArray()));
-
-        RSAPrivateKey k = RSAPrivateKey.getInstance(pkInfo.parsePrivateKey());
-
-        assertEquals(modulus, k.getModulus());
-    }
-
-    public void testScrypt()
-        throws Exception
-    {
-        if (getJvmVersion() < 7)  // runs out of memory
-        {
-            return;
-        }
-        
-        PKCS8EncryptedPrivateKeyInfo info = new PKCS8EncryptedPrivateKeyInfo(pkcs8Scrypt);
-
-        PrivateKeyInfo pkInfo = info.decryptPrivateKeyInfo(new JcePKCSPBEInputDecryptorProviderBuilder().setProvider("BC").build("Rabbit".toCharArray()));
-        
-        assertTrue(Arrays.areEqual(scryptKey, pkInfo.getEncoded()));
-    }
-
-    public void testSHA256Encryption()
-        throws Exception
-    {
-        PKCS8EncryptedPrivateKeyInfoBuilder bldr = new PKCS8EncryptedPrivateKeyInfoBuilder(pkInfo);
-
-        PKCS8EncryptedPrivateKeyInfo encInfo = bldr.build(
-            new JcePKCSPBEOutputEncryptorBuilder(NISTObjectIdentifiers.id_aes256_CBC)
-                .setPRF(new AlgorithmIdentifier(PKCSObjectIdentifiers.id_hmacWithSHA256, DERNull.INSTANCE))
-                .setProvider("BC")
-                .build("hello".toCharArray()));
-
-        EncryptedPrivateKeyInfo encPkInfo = EncryptedPrivateKeyInfo.getInstance(encInfo.getEncoded());
-
-        assertEquals(
-            new AlgorithmIdentifier(PKCSObjectIdentifiers.id_hmacWithSHA256, DERNull.INSTANCE),
-            PBKDF2Params.getInstance(
-                PBES2Parameters.getInstance(encPkInfo.getEncryptionAlgorithm().getParameters())
-                    .getKeyDerivationFunc().getParameters())
-                .getPrf());
-
-        PrivateKeyInfo pkInfo = encInfo.decryptPrivateKeyInfo(new JcePKCSPBEInputDecryptorProviderBuilder().setProvider("BC").build("hello".toCharArray()));
-
-        RSAPrivateKey k = RSAPrivateKey.getInstance(pkInfo.parsePrivateKey());
-
-        assertEquals(modulus, k.getModulus());
-    }
-
-    public void testSHA3_256Encryption()
-         throws Exception
-     {
-         PKCS8EncryptedPrivateKeyInfoBuilder bldr = new PKCS8EncryptedPrivateKeyInfoBuilder(pkInfo);
-
-         PKCS8EncryptedPrivateKeyInfo encInfo = bldr.build(
-             new JcePKCSPBEOutputEncryptorBuilder(NISTObjectIdentifiers.id_aes256_CBC)
-                 .setPRF(new AlgorithmIdentifier(NISTObjectIdentifiers.id_hmacWithSHA3_256, DERNull.INSTANCE))
-                 .setProvider("BC")
-                 .build("hello".toCharArray()));
-
-         EncryptedPrivateKeyInfo encPkInfo = EncryptedPrivateKeyInfo.getInstance(encInfo.getEncoded());
-
-         assertEquals(
-             new AlgorithmIdentifier(NISTObjectIdentifiers.id_hmacWithSHA3_256, DERNull.INSTANCE),
-             PBKDF2Params.getInstance(
-                 PBES2Parameters.getInstance(encPkInfo.getEncryptionAlgorithm().getParameters())
-                     .getKeyDerivationFunc().getParameters())
-                 .getPrf());
-
-         PrivateKeyInfo pkInfo = encInfo.decryptPrivateKeyInfo(new JcePKCSPBEInputDecryptorProviderBuilder().setProvider("BC").build("hello".toCharArray()));
-
-         RSAPrivateKey k = RSAPrivateKey.getInstance(pkInfo.parsePrivateKey());
-
-         assertEquals(modulus, k.getModulus());
-     }
-
-    public void testScryptEncryption()
-        throws Exception
-    {
-        if (getJvmVersion() < 7)      // runs out of memory
-        {
-            return;
-        }
-
-        PKCS8EncryptedPrivateKeyInfoBuilder bldr = new PKCS8EncryptedPrivateKeyInfoBuilder(scryptKey);
-
-        PBKDFConfig scrypt = new ScryptConfig.Builder(1048576, 8, 1)
-                                        .withSaltLength(20).build();
-
-        PKCS8EncryptedPrivateKeyInfo encInfo = bldr.build(
-            new JcePKCSPBEOutputEncryptorBuilder(scrypt, NISTObjectIdentifiers.id_aes256_CBC)
-                .setProvider("BC")
-                .build("Rabbit".toCharArray()));
-
-        EncryptedPrivateKeyInfo encPkInfo = EncryptedPrivateKeyInfo.getInstance(encInfo.getEncoded());
-
-        PKCS8EncryptedPrivateKeyInfo info = new PKCS8EncryptedPrivateKeyInfo(encPkInfo);
-
-        PrivateKeyInfo pkInfo = info.decryptPrivateKeyInfo(new JcePKCSPBEInputDecryptorProviderBuilder().setProvider("BC").build("Rabbit".toCharArray()));
-
-        assertTrue(Arrays.areEqual(scryptKey, pkInfo.getEncoded()));
-    }
-
-    private static int getJvmVersion()
-    {
-        String version = System.getProperty("java.version");
-
-        if (version.startsWith("1.7"))
-        {
-            return 7;
-        }
-        if (version.startsWith("1.8"))
-        {
-            return 8;
-        }
-        if (version.startsWith("1.9"))
-        {
-            return 9;
-        }
-        if (version.startsWith("1.1"))
-        {
-            return 10;
-        }
-
-        return -1;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkcs/test/PfxPduTest.java b/bcpkix/src/main/java/org/bouncycastle/pkcs/test/PfxPduTest.java
deleted file mode 100644
index be1f769..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkcs/test/PfxPduTest.java
+++ /dev/null

@@ -1,1350 +0,0 @@
-package org.bouncycastle.pkcs.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.math.BigInteger;
-import java.security.AlgorithmParameters;
-import java.security.Key;
-import java.security.KeyFactory;
-import java.security.KeyStore;
-import java.security.NoSuchAlgorithmException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.Security;
-import java.security.cert.Certificate;
-import java.security.cert.X509Certificate;
-import java.security.interfaces.RSAPrivateCrtKey;
-import java.security.spec.KeySpec;
-import java.security.spec.RSAPrivateCrtKeySpec;
-import java.security.spec.RSAPublicKeySpec;
-import java.util.Date;
-
-import javax.crypto.Cipher;
-import javax.crypto.EncryptedPrivateKeyInfo;
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.spec.PBEKeySpec;
-
-import junit.framework.TestCase;
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERBMPString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.Attribute;
-import org.bouncycastle.asn1.pkcs.ContentInfo;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x500.X500NameBuilder;
-import org.bouncycastle.asn1.x500.style.BCStyle;
-import org.bouncycastle.asn1.x509.BasicConstraints;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.X509v1CertificateBuilder;
-import org.bouncycastle.cert.X509v3CertificateBuilder;
-import org.bouncycastle.cert.jcajce.JcaX500NameUtil;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
-import org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils;
-import org.bouncycastle.cert.jcajce.JcaX509v1CertificateBuilder;
-import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
-import org.bouncycastle.crypto.engines.DESedeEngine;
-import org.bouncycastle.crypto.engines.RC2Engine;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.operator.InputDecryptorProvider;
-import org.bouncycastle.operator.OutputEncryptor;
-import org.bouncycastle.operator.bc.BcDefaultDigestProvider;
-import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
-import org.bouncycastle.pkcs.PKCS12PfxPdu;
-import org.bouncycastle.pkcs.PKCS12PfxPduBuilder;
-import org.bouncycastle.pkcs.PKCS12SafeBag;
-import org.bouncycastle.pkcs.PKCS12SafeBagBuilder;
-import org.bouncycastle.pkcs.PKCS12SafeBagFactory;
-import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfo;
-import org.bouncycastle.pkcs.PKCS8EncryptedPrivateKeyInfoBuilder;
-import org.bouncycastle.pkcs.PKCSException;
-import org.bouncycastle.pkcs.bc.BcPKCS12MacCalculatorBuilder;
-import org.bouncycastle.pkcs.bc.BcPKCS12MacCalculatorBuilderProvider;
-import org.bouncycastle.pkcs.bc.BcPKCS12PBEInputDecryptorProviderBuilder;
-import org.bouncycastle.pkcs.bc.BcPKCS12PBEOutputEncryptorBuilder;
-import org.bouncycastle.pkcs.jcajce.JcaPKCS12SafeBagBuilder;
-import org.bouncycastle.pkcs.jcajce.JcaPKCS8EncryptedPrivateKeyInfoBuilder;
-import org.bouncycastle.pkcs.jcajce.JcePKCS12MacCalculatorBuilder;
-import org.bouncycastle.pkcs.jcajce.JcePKCS12MacCalculatorBuilderProvider;
-import org.bouncycastle.pkcs.jcajce.JcePKCSPBEInputDecryptorProviderBuilder;
-import org.bouncycastle.pkcs.jcajce.JcePKCSPBEOutputEncryptorBuilder;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Base64;
-
-public class PfxPduTest
-    extends TestCase
-{
-    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
-    private static final char[] passwd = {'h', 'e', 'l', 'l', 'o', ' ', 'w', 'o', 'r', 'l', 'd'};
-
-    //
-    // personal keys
-    //
-    private static final RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(
-        new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-        new BigInteger("11", 16));
-
-    private static final RSAPrivateCrtKeySpec privKeySpec = new RSAPrivateCrtKeySpec(
-        new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-        new BigInteger("11", 16),
-        new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
-        new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
-        new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
-        new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
-        new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
-        new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));
-
-    //
-    // intermediate keys.
-    //
-    private static final RSAPublicKeySpec intPubKeySpec = new RSAPublicKeySpec(
-        new BigInteger("8de0d113c5e736969c8d2b047a243f8fe18edad64cde9e842d3669230ca486f7cfdde1f8eec54d1905fff04acc85e61093e180cadc6cea407f193d44bb0e9449b8dbb49784cd9e36260c39e06a947299978c6ed8300724e887198cfede20f3fbde658fa2bd078be946a392bd349f2b49c486e20c405588e306706c9017308e69", 16),
-        new BigInteger("ffff", 16));
-
-
-    private static final RSAPrivateCrtKeySpec intPrivKeySpec = new RSAPrivateCrtKeySpec(
-        new BigInteger("8de0d113c5e736969c8d2b047a243f8fe18edad64cde9e842d3669230ca486f7cfdde1f8eec54d1905fff04acc85e61093e180cadc6cea407f193d44bb0e9449b8dbb49784cd9e36260c39e06a947299978c6ed8300724e887198cfede20f3fbde658fa2bd078be946a392bd349f2b49c486e20c405588e306706c9017308e69", 16),
-        new BigInteger("ffff", 16),
-        new BigInteger("7deb1b194a85bcfd29cf871411468adbc987650903e3bacc8338c449ca7b32efd39ffc33bc84412fcd7df18d23ce9d7c25ea910b1ae9985373e0273b4dca7f2e0db3b7314056ac67fd277f8f89cf2fd73c34c6ca69f9ba477143d2b0e2445548aa0b4a8473095182631da46844c356f5e5c7522eb54b5a33f11d730ead9c0cff", 16),
-        new BigInteger("ef4cede573cea47f83699b814de4302edb60eefe426c52e17bd7870ec7c6b7a24fe55282ebb73775f369157726fcfb988def2b40350bdca9e5b418340288f649", 16),
-        new BigInteger("97c7737d1b9a0088c3c7b528539247fd2a1593e7e01cef18848755be82f4a45aa093276cb0cbf118cb41117540a78f3fc471ba5d69f0042274defc9161265721", 16),
-        new BigInteger("6c641094e24d172728b8da3c2777e69adfd0839085be7e38c7c4a2dd00b1ae969f2ec9d23e7e37090fcd449a40af0ed463fe1c612d6810d6b4f58b7bfa31eb5f", 16),
-        new BigInteger("70b7123e8e69dfa76feb1236d0a686144b00e9232ed52b73847e74ef3af71fb45ccb24261f40d27f98101e230cf27b977a5d5f1f15f6cf48d5cb1da2a3a3b87f", 16),
-        new BigInteger("e38f5750d97e270996a286df2e653fd26c242106436f5bab0f4c7a9e654ce02665d5a281f2c412456f2d1fa26586ef04a9adac9004ca7f913162cb28e13bf40d", 16));
-
-    //
-    // ca keys
-    //
-    private static final RSAPublicKeySpec caPubKeySpec = new RSAPublicKeySpec(
-        new BigInteger("b259d2d6e627a768c94be36164c2d9fc79d97aab9253140e5bf17751197731d6f7540d2509e7b9ffee0a70a6e26d56e92d2edd7f85aba85600b69089f35f6bdbf3c298e05842535d9f064e6b0391cb7d306e0a2d20c4dfb4e7b49a9640bdea26c10ad69c3f05007ce2513cee44cfe01998e62b6c3637d3fc0391079b26ee36d5", 16),
-        new BigInteger("11", 16));
-
-    private static final RSAPrivateCrtKeySpec caPrivKeySpec = new RSAPrivateCrtKeySpec(
-        new BigInteger("b259d2d6e627a768c94be36164c2d9fc79d97aab9253140e5bf17751197731d6f7540d2509e7b9ffee0a70a6e26d56e92d2edd7f85aba85600b69089f35f6bdbf3c298e05842535d9f064e6b0391cb7d306e0a2d20c4dfb4e7b49a9640bdea26c10ad69c3f05007ce2513cee44cfe01998e62b6c3637d3fc0391079b26ee36d5", 16),
-        new BigInteger("11", 16),
-        new BigInteger("92e08f83cc9920746989ca5034dcb384a094fb9c5a6288fcc4304424ab8f56388f72652d8fafc65a4b9020896f2cde297080f2a540e7b7ce5af0b3446e1258d1dd7f245cf54124b4c6e17da21b90a0ebd22605e6f45c9f136d7a13eaac1c0f7487de8bd6d924972408ebb58af71e76fd7b012a8d0e165f3ae2e5077a8648e619", 16),
-        new BigInteger("f75e80839b9b9379f1cf1128f321639757dba514642c206bbbd99f9a4846208b3e93fbbe5e0527cc59b1d4b929d9555853004c7c8b30ee6a213c3d1bb7415d03", 16),
-        new BigInteger("b892d9ebdbfc37e397256dd8a5d3123534d1f03726284743ddc6be3a709edb696fc40c7d902ed804c6eee730eee3d5b20bf6bd8d87a296813c87d3b3cc9d7947", 16),
-        new BigInteger("1d1a2d3ca8e52068b3094d501c9a842fec37f54db16e9a67070a8b3f53cc03d4257ad252a1a640eadd603724d7bf3737914b544ae332eedf4f34436cac25ceb5", 16),
-        new BigInteger("6c929e4e81672fef49d9c825163fec97c4b7ba7acb26c0824638ac22605d7201c94625770984f78a56e6e25904fe7db407099cad9b14588841b94f5ab498dded", 16),
-        new BigInteger("dae7651ee69ad1d081ec5e7188ae126f6004ff39556bde90e0b870962fa7b926d070686d8244fe5a9aa709a95686a104614834b0ada4b10f53197a5cb4c97339", 16));
-
-    //
-    // pkcs-12 pfx-pdu
-    //
-    private String pkcs12Pass = "hello world";
-
-    private byte[]  pkcs12 = Base64.decode(
-          "MIACAQMwgAYJKoZIhvcNAQcBoIAkgAQBMAQBgAQBMAQBgAQBBgQBCQQJKoZI"
-        + "hvcNAQcBBAGgBAGABAEkBAGABAEEBAEBBAEwBAEEBAEDBAOCAzQEAQQEAQEE"
-        + "ATAEAQQEAQMEA4IDMAQBBAQBAQQBBgQBBAQBAQQBCwQBBAQBCwQLKoZIhvcN"
-        + "AQwKAQIEAQQEAQEEAaAEAQQEAQMEA4ICpQQBBAQBAQQBMAQBBAQBAwQDggKh"
-        + "BAEEBAEBBAEwBAEEBAEBBAEbBAEEBAEBBAEGBAEEBAEBBAEKBAEEBAEKBAoq"
-        + "hkiG9w0BDAEDBAEEBAEPBA8wDQQIoagiwNZPJR4CAQEEAQQEAQEEAQQEAQQE"
-        + "AQMEA4ICgAQBBAQDggKABIICgEPG0XlhMFyrs4ZWDrvEzl51ICfXd6K2ql2l"
-        + "nnxhszUbigtSj6x49VEx4PfOB9fQFeidc5L5An+nKp646NBMIY0UwXGs8BLQ"
-        + "au59jtOs987+l7QYIvl6fdGUIuLPhVSnZZDyqD+HQjU/0/ccKFHRif4tlEQq"
-        + "aErvZbFeH0pg4ijf1HfgX6gBJGRKdO+msa4qKGnZdHCSLZehyyxvxAmURetg"
-        + "yhtEl7RmedTB+4TDs7atekqxkNlD9tfwDUX6sb0IH6qbEA6P/DlVMdaD54Cl"
-        + "QDxRzOfIIjklZhv5OMFWtPK0aYPcqyxzLpw1qRAyoTVXpidkj/hpIpgCVBP/"
-        + "k5s2+WdGbLgA/4/zSrF6feRCE5llzM2IGxiHVq4oPzzngl3R+Fi5VCPDMcuW"
-        + "NRuIOzJA+RNV2NPOE/P3knThDnwiImq+rfxmvZ1u6T06s20RmWK6cxp7fTEw"
-        + "lQ9BOsv+mmyV8dr6cYJq4IlRzHdFOyEUBDwfHThyribNKKobO50xh2f93xYj"
-        + "Rn5UMOQBJIe3b7OKZt5HOIMrJSZO02IZgvImi9yQWi96PnWa419D1cAsLWvM"
-        + "xiN0HqZMbDFfxVM2BZmsxiexLhkHWKwLqfQDzRjJfmVww8fnXpWZhFXKyut9"
-        + "gMGEyCNoba4RU3QI/wHKWYaK74qtJpsucuLWBH6UcsHsCry6VZkwRxWwC0lb"
-        + "/F3Bm5UKHax5n9JHJ2amQm9zW3WJ0S5stpPObfmg5ArhbPY+pVOsTqBRlop1"
-        + "bYJLD/X8Qbs468Bwzej0FhoEU59ZxFrbjLSBsMUYrVrwD83JE9kEazMLVchc"
-        + "uCB9WT1g0hxYb7VA0BhOrWhL8F5ZH72RMCYLPI0EAQQEAQEEATEEAQQEAQEE"
-        + "AXgEAQQEAQEEATAEAQQEAQEEAVEEAQQEAQEEAQYEAQQEAQEEAQkEAQQEAQkE"
-        + "CSqGSIb3DQEJFAQBBAQBAQQBMQQBBAQBAQQBRAQBBAQBAQQBHgQBBAQBAQQB"
-        + "QgQBBAQBQgRCAEQAYQB2AGkAZAAgAEcALgAgAEgAbwBvAGsAJwBzACAAVgBl"
-        + "AHIAaQBTAGkAZwBuACwAIABJAG4AYwAuACAASQBEBAEEBAEBBAEwBAEEBAEB"
-        + "BAEjBAEEBAEBBAEGBAEEBAEBBAEJBAEEBAEJBAkqhkiG9w0BCRUEAQQEAQEE"
-        + "ATEEAQQEAQEEARYEAQQEAQEEAQQEAQQEAQEEARQEAQQEARQEFKEcMJ798oZL"
-        + "FkH0OnpbUBnrTLgWBAIAAAQCAAAEAgAABAEwBAGABAEGBAEJBAkqhkiG9w0B"
-        + "BwYEAaAEAYAEATAEAYAEAQIEAQEEAQAEATAEAYAEAQYEAQkECSqGSIb3DQEH"
-        + "AQQBMAQBGwQBBgQBCgQKKoZIhvcNAQwBBgQPMA0ECEE7euvmxxwYAgEBBAGg"
-        + "BAGABAEEBAEIBAgQIWDGlBWxnwQBBAQBCAQI2WsMhavhSCcEAQQEAQgECPol"
-        + "uHJy9bm/BAEEBAEQBBCiRxtllKXkJS2anKD2q3FHBAEEBAEIBAjKy6BRFysf"
-        + "7gQBBAQDggMwBIIDMJWRGu2ZLZild3oz7UBdpBDUVMOA6eSoWiRIfVTo4++l"
-        + "RUBm8TpmmGrVkV32PEoLkoV+reqlyWCvqqSjRzi3epQiVwPQ6PV+ccLqxDhV"
-        + "pGWDRQ5UttDBC2+u4fUQVZi2Z1i1g2tsk6SzB3MKUCrjoWKvaDUUwXo5k9Vz"
-        + "qSLWCLTZCjs3RaY+jg3NbLZYtfMDdYovhCU2jMYV9adJ8MxxmJRz+zPWAJph"
-        + "LH8hhfkKG+wJOSszqk9BqGZUa/mnZyzeQSMTEFga1ZB/kt2e8SZFWrTZEBgJ"
-        + "oszsL5MObbwMDowNurnZsnS+Mf7xi01LeG0VT1fjd6rn9BzVwuMwhoqyoCNo"
-        + "ziUqSUyLEwnGTYYpvXLxzhNiYzW8546KdoEKDkEjhfYsc4XqSjm9NYy/BW/M"
-        + "qR+aL92j8hqnkrWkrWyvocUe3mWaiqt7/oOzNZiMTcV2dgjjh9HfnjSHjFGe"
-        + "CVhnEWzV7dQIVyc/qvNzOuND8X5IyJ28xb6a/i1vScwGuo/UDgPAaMjGw28f"
-        + "siOZBShzde0Kj82y8NilfYLHHeIGRW+N/grUFWhW25mAcBReXDd5JwOqM/eF"
-        + "y+4+zBzlO84ws88T1pkSifwtMldglN0APwr4hvUH0swfiqQOWtwyeM4t+bHd"
-        + "5buAlXOkSeF5rrLzZ2/Lx+JJmI2pJ/CQx3ej3bxPlx/BmarUGAxaI4le5go4"
-        + "KNfs4GV8U+dbEHQz+yDYL+ksYNs1eb+DjI2khbl28jhoeAFKBtu2gGOL5M9M"
-        + "CIP/JDOCHimu1YZRuOTAf6WISnG/0Ri3pYZsgQ0i4cXj+WfYwYVjhKX5AcDj"
-        + "UKnc4/Cxp+TbbgZqEKRcYVb2q0kOAxkeaNo3WCm+qvUYrwAmKp4nVB+/24rK"
-        + "khHiyYJQsETxtOEyvJkVxAS01djY4amuJ4jL0sYnXIhW3Ag93eavbzksGT7W"
-        + "Fg1ywpr1x1xpXWIIuVt1k4e+g9fy7Yx7rx0IK1qCSjNwU3QPWbaef1rp0Q/X"
-        + "P9IVXYkqo1g/T3SyXqrbZLO+sDjiG4IT3z3fJJqt81sRSVT0QN1ND8l93BG4"
-        + "QKzghYw8sZ4FwKPtLky1dDcVTgQBBAQBCAQIK/85VMKWDWYEAQQEAQgECGsO"
-        + "Q85CcFwPBAEEBAEIBAhaup6ot9XnQAQBBAQCgaAEgaCeCMadSm5fkLfhErYQ"
-        + "DgePZl/rrjP9FQ3VJZ13XrjTSjTRknAbXi0DEu2tvAbmCf0sdoVNuZIZ92W0"
-        + "iyaa2/A3RHA2RLPNQz5meTi1RE2N361yR0q181dC3ztkkJ8PLyd74nCtgPUX"
-        + "0JlsvLRrdSjPBpBQ14GiM8VjqeIY7EVFy3vte6IbPzodxaviuSc70iXM4Yko"
-        + "fQq6oaSjNBFRqkHrBAEEBAEIBAjlIvOf8SnfugQBBAQBCAQIutCF3Jovvl0E"
-        + "AQQEAQgECO7jxbucdp/3BAEEBAEIBAidxK3XDLj+BwQBBAQBCAQI3m/HMbd3"
-        + "TwwEAQQEA4ICOASCAjgtoCiMfTkjpCRuMhF5gNLRBiNv+xjg6GvZftR12qiJ"
-        + "dLeCERI5bvXbh9GD6U+DjTUfhEab/37TbiI7VOFzsI/R137sYy9Tbnu7qkSx"
-        + "u0bTvyXSSmio6sMRiWIcakmDbv+TDWR/xgtj7+7C6p+1jfUGXn/RjB3vlyjL"
-        + "Q9lFe5F84qkZjnADo66p9gor2a48fgGm/nkABIUeyzFWCiTp9v6FEzuBfeuP"
-        + "T9qoKSnCitaXRCru5qekF6L5LJHLNXLtIMSrbO0bS3hZK58FZAUVMaqawesJ"
-        + "e/sVfQip9x/aFQ6U3KlSpJkmZK4TAqp9jIfxBC8CclbuwmoXPMomiCH57ykr"
-        + "vkFHOGcxRcCxax5HySCwSyPDr8I4+6Kocty61i/1Xr4xJjb+3oyFStIpB24x"
-        + "+ALb0Mz6mUa1ls76o+iQv0VM2YFwnx+TC8KC1+O4cNOE/gKeh0ircenVX83h"
-        + "GNez8C5Ltg81g6p9HqZPc2pkwsneX2sJ4jMsjDhewV7TyyS3x3Uy3vTpZPek"
-        + "VdjYeVIcgAz8VLJOpsIjyHMB57AyT7Yj87hVVy//VODnE1T88tRXZb+D+fCg"
-        + "lj2weQ/bZtFzDX0ReiEQP6+yklGah59omeklIy9wctGV1o9GNZnGBSLvQ5NI"
-        + "61e9zmQTJD2iDjihvQA/6+edKswCjGRX6rMjRWXT5Jv436l75DVoUj09tgR9"
-        + "ytXSathCjQUL9MNXzUMtr7mgEUPETjM/kYBR7CNrsc+gWTWHYaSWuqKVBAEE"
-        + "BAEIBAh6slfZ6iqkqwQBBAQBCAQI9McJKl5a+UwEAQQEATgEOBelrmiYMay3"
-        + "q0OW2x2a8QQodYqdUs1TCUU4JhfFGFRy+g3yU1cP/9ZSI8gcI4skdPc31cFG"
-        + "grP7BAEEBAEIBAhzv/wSV+RBJQQBBAQBCAQI837ImVqqlr4EAQQEAQgECGeU"
-        + "gjULLnylBAEEBAEIBAjD3P4hlSBCvQQBBAQBCAQISP/qivIzf50EAQQEAQgE"
-        + "CKIDMX9PKxICBAEEBAOCBOgEggTocP5VVT1vWvpAV6koZupKN1btJ3C01dR6"
-        + "16g1zJ5FK5xL1PTdA0r6iAwVtgYdxQYnU8tht3bkNXdPJC1BdsC9oTkBg9Nr"
-        + "dqlF5cCzXWIezcR3ObjGLpXu49SAHvChH4emT5rytv81MYxZ7bGmlQfp8BNa"
-        + "0cMZz05A56LXw//WWDEzZcbKSk4tCsfMXBdGk/ngs7aILZ4FGM620PBPtD92"
-        + "pz2Ui/tUZqtQ0WKdLzwga1E/rl02a/x78/OdlVRNeaIYWJWLmLavX98w0PhY"
-        + "ha3Tbj/fqq+H3ua6Vv2Ff4VeXazkXpp4tTiqUxhc6aAGiRYckwZaP7OPSbos"
-        + "RKFlRLVofSGu1IVSKO+7faxV4IrVaAAzqRwLGkpJZLV7NkzkU1BwgvsAZAI4"
-        + "WClPDF228ygbhLwrSN2NK0s+5bKhTCNAR/LCUf3k7uip3ZSe18IwEkUMWiaZ"
-        + "ayktcTYn2ZjmfIfV7wIxHgWPkP1DeB+RMS7VZe9zEgJKOA16L+9SNBwJSSs9"
-        + "5Sb1+nmhquZmnAltsXMgwOrR12JLIgdfyyqGcNq997U0/KuHybqBVDVu0Fyr"
-        + "6O+q5oRmQZq6rju7h+Hb/ZUqRxRoTTSPjGD4Cu9vUqkoNVgwYOT+88FIMYun"
-        + "g9eChhio2kwPYwU/9BNGGzh+hAvAKcUpO016mGLImYin+FpQxodJXfpNCFpG"
-        + "4v4HhIwKh71OOfL6ocM/518dYwuU4Ds2/JrDhYYFsn+KprLftjrnTBnSsfYS"
-        + "t68b+Xr16qv9r6sseEkXbsaNbrGiZAhfHEVBOxQ4lchHrMp4zpduxG4crmpc"
-        + "+Jy4SadvS0uaJvADgI03DpsDYffUdriECUqAfOg/Hr7HHyr6Q9XMo1GfIarz"
-        + "eUHBgi1Ny0nDTWkdb7I3bIajG+Unr3KfK6dZz5Lb3g5NeclU5zintB1045Jr"
-        + "j9fvGGk0/2lG0n17QViBiOzGs2poTlhn7YxmiskwlkRKVafxPZNPxKILpN9s"
-        + "YaWGz93qER/pGMJarGJxu8sFi3+yt6FZ4pVPkvKE8JZMEPBBrmH41batS3sw"
-        + "sfnJ5CicAkwd8bluQpoc6qQd81HdNpS6u7djaRSDwPtYnZWu/8Hhj4DXisje"
-        + "FJBAjQdn2nK4MV7WKVwr+mNcVgOdc5IuOZbRLOfc3Sff6kYVuQFfcCGgAFpd"
-        + "nbprF/FnYXR/rghWE7fT1gfzSMNv+z5UjZ5Rtg1S/IQfUM/P7t0UqQ01/w58"
-        + "bTlMGihTxHiJ4Qf3o5GUzNmAyryLvID+nOFqxpr5es6kqSN4GPRHsmUIpB9t"
-        + "f9Nw952vhsXI9uVkhQap3JvmdAKJaIyDz6Qi7JBZvhxpghVIDh73BQTaAFP9"
-        + "5GUcPbYOYJzKaU5MeYEsorGoanSqPDeKDeZxjxJD4xFsqJCoutyssqIxnXUN"
-        + "Y3Uojbz26IJOhqIBLaUn6QVFX79buWYjJ5ZkDS7D8kq6DZeqZclt5711AO5U"
-        + "uz/eDSrx3d4iVHR+kSeopxFKsrK+KCH3CbBUMIFGX/GE9WPhDWCtjjNKEe8W"
-        + "PinQtxvv8MlqGXtv3v7ObJ2BmfIfLD0rh3EB5WuRNKL7Ssxaq14KZGEBvc7G"
-        + "Fx7jXLOW6ZV3SH+C3deJGlKM2kVhDdIVjjODvQzD8qw8a/ZKqDO5hGGKUTGD"
-        + "Psdd7O/k/Wfn+XdE+YuKIhcEAQQEAQgECJJCZNJdIshRBAEEBAEIBAiGGrlG"
-        + "HlKwrAQBBAQBCAQIkdvKinJYjJcEAQQEAUAEQBGiIgN/s1bvPQr+p1aQNh/X"
-        + "UQFmay6Vm5HIvPhoNrX86gmMjr6/sg28/WCRtSfyuYjwQkK91n7MwFLOBaU3"
-        + "RrsEAQQEAQgECLRqESFR50+zBAEEBAEIBAguqbAEWMTiPwQBBAQBGAQYKzUv"
-        + "EetQEAe3cXEGlSsY4a/MNTbzu1WbBAEEBAEIBAiVpOv1dOWZ1AQCAAAEAgAA"
-        + "BAIAAAQCAAAEAgAABAIAAAAAAAAAADA1MCEwCQYFKw4DAhoFAAQUvMkeVqe6"
-        + "D4UmMHGEQwcb8O7ZwhgEEGiX9DeqtRwQnVi+iY/6Re8AAA==");
-
-    private String sha256Pass = "D317F8D5191F2602C527F8E6E0E8855C4517EC9512F7A06A7A588ACF0B3A6325";
-
-    private byte[] sha256Pfx = Base64.decode(
-              "MIIFvwIBAzCCBXEGCSqGSIb3DQEHAaCCBWIEggVeMIIFWjCCBVYGCSqGSIb3"
-            + "DQEHAaCCBUcEggVDMIIFPzCCBTsGCyqGSIb3DQEMCgECoIIFKjCCBSYwUAYJ"
-            + "KoZIhvcNAQUNMEMwIgYJKoZIhvcNAQUMMBUEEFEZik5RaSrwXtrWCnaLzAQC"
-            + "AQEwHQYJYIZIAWUDBAEqBBBTqY5oFOjZxnBBtWchzf0TBIIE0Pcvwtwthm8d"
-            + "yR16f5yqtofxGzJ0aAbCF7JJ+XsL9QhNuqndTtnXits+E2WgNwwm24XyRhPA"
-            + "obAwqz+DvH+gdUbKoN/gCEp+/6xhlwMQZyjyqi5ePznwLQ/bJueqmXZDT+pO"
-            + "zTIeMXMF0YaSjcZZ4FJnZtBX7XQDEAPmialrknhcSZI5RoLjOzFv51FgYd9+"
-            + "nWdtWlRINS9LrGCVL+y8wwHp55tWEoCR2/o9YWFMYNrUkVUUzImHCN1fkbIH"
-            + "XQxPp5fUqP00kwYY4288JZrzHGWGmSVYm54ok5YRLpCs0yhB0ve//iH/fNNO"
-            + "esShfBTUcRCc086skxgoCVWBZERyVJHWkKl/Q4RVzYt70k2/Qfq/xBNwVCrw"
-            + "YiOB0TwSQJKpvRbtufPx2vODfAmhIKes08ZLJHsMJ+O3p99O2rWZslNY7nfx"
-            + "1vWXYLVkHg0q79ThgbP4p0qQQziIVZoF9ViisJTJWzZbfJLdaKPeHcduvXsR"
-            + "lRvfEpR6/lifcxvkloxjpYtM6JEjtvT1x442VRKJWZofkjCohpLSmEDt77FM"
-            + "ENvra7B9ojlY+0DkwNV34FlSRrwi/nVl2XhebI11DfQFEUN+krNoZ3U4n5Sb"
-            + "g0Heibg5mILPwVS5Zh2vEybXzFY6b1XPA7TlGQATm6xBaU+BNFiACp+7+6CZ"
-            + "PxofFKKlWq0+Apx43JDATerwlPBKxLqxxgo0xTJUtL8OKnt6oSFX4P6O6AgX"
-            + "D9Pz3dzdWW9ga65N2qEmqpeIsd6SB4eGRJ1Vf1ePDgdVBUD9DG/eWfpn8l1T"
-            + "neg7wsQOGDrX00uDfio/WrjRBOw37IfToqJ/j6y/Ybggg5tldvCNoxq/42rC"
-            + "RvP0GJH+LJAHgB9sOWbksR7tKizWeFEyHwrAQfYc8aIZocApObtsZp8O5nuI"
-            + "MNcSCc77WZfVacrJzssKki1YHPoZeTYb9q4DRm0F6Rk+bqyvd7vs2DyLN7jT"
-            + "bkWoSoyCw8PAOuc8Q/+X3jhs18RQGzsEpeTOHoYJWeTUxgPrPqDFNKNLhD+L"
-            + "7mvDM7EvB08tVfLTSMeVBY+RUW6eFCbdlHfqszvp9pFZPNxQHtgbAYplwK6J"
-            + "i24gCH2UMF+BNzdcN2Fw9vP3nao+mzjtY1HuYebDDNNxgBAEoUFS4jr1YLoa"
-            + "+li3A9T/NqSf+J5OwASsSsp0YttAJQ+VU19amwJ141U+04kVc2bUIvSxEyxu"
-            + "UzWfFs26J1FhKzacirtpNv21iH78NHWOgS3jlEZMirpCHtHDbwF0z3V0upJ7"
-            + "cZzMwHJPQIGP4Nk8ei20dEogc/D2ijXHGRKdRjstzi89YXs4iLWjy2lEqhlK"
-            + "IvmlbF/snra1He2En/TFYv7m1zMuEPtS/+DTcwzqoe10Lko+2bNlOikW58u/"
-            + "OdAlteo1IissecMjL6743ttt8SAwx9gpAn6XHaIfFL1jiGKUQPJ5Mx9RUzfB"
-            + "lsKzHLNWmrDCZtR4BC4A21aRUueDGgRbtiOCYLbVtoiTc2XWM5juahaWCNKm"
-            + "4+ENQNOPrB4rJUeWJquNOj9+Brhe6pWWfi4EYVBuWlbTQB7u3uP9lnYvQHSo"
-            + "nOjkhjwEhPZneaKctEqXx2LoYc8arY1LSSpaXORcOJc/LkgVCq3bBEDNCJrZ"
-            + "DBOUpcPXDj43MEUwMTANBglghkgBZQMEAgEFAAQgdWQUVEirOjgax8qJhjqC"
-            + "bArDHuZQQvCmtrjqyhWbI4MEENBoJ4T1+xY5fmdiwmoXPPM=");
-
-    private String pkcs5Pass = "hello";
-
-    private byte[] pkcs5Aes128Pfx = Base64.decode(
-        "MIIFsQIBAzCCBXcGCSqGSIb3DQEHAaCCBWgEggVkMIIFYDCCAxcGCSqGSIb3"
-      + "DQEHBqCCAwgwggMEAgEAMIIC/QYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYw"
-      + "DgQIBumPBl/jV0kCAggAgIIC0Dd2zn5WPPxgqdZg0a4zB10ErQnNlRUd1EOw"
-      + "kodoXH7Vt3/zVgssPDmuUJo6OlneBaYXjjjrqaDbmuc+1JTpB3GPsCAdDvAd"
-      + "m3IQR9oJJOqX0RYFKw4rFQ2xmzkybHiXWvt24lKr1A7MSfSWc+xO3xupNzQt"
-      + "z8dLGx0VJejJe8KSM+ST6JTXaHWcijPo/pADjyTWp2xwZaEfBDUOLgCPTlHY"
-      + "95cfqB0FlwfT+jGqrQjVXex9hL1MmANFwZ0bqxx+9yfdcDY8K/87NYZ4LJdA"
-      + "L7qAJg5Ziduhe+NMugzOMQijUGHX9g21kMmU96CUbUNyc0JWXyDJqwh0aAvV"
-      + "QVbLW9F+qzWPCMlV/5u30WNZ0gdVulCdQ9wIO1vt3oa3wUUdO1LCaEGyqO+h"
-      + "x5iPGH3f5WTeJK2BoOKtUXhZtfp7GvYYFcI8BeoTo5poT/uqLdZmaPgBXc5O"
-      + "kyRQCpvQJipNcwD+R8FPbTExUxTWnbxbx3f7n0v8vMFPqb26BrFzCN+JTFRw"
-      + "bN0dRaysOGgzMeBjk0TGpHHj5/g5DUvIxVjN6wY7HO+849g64a+Z/wHWB1vp"
-      + "fALen3hGVdYIgWXGWn3bBMXT5peWc1omPXJdoltpiFRGku3JFCBJEQ6LzqZD"
-      + "ApVqVgE6WbfTQXgsEE9+J5zJJx/yTGvFjxXNNUMSdo2zQtHJVj0karXHVLxu"
-      + "phGb8Eg23obEOZj6Y6cZviWeiEeBjinGh4M1RD4HuYnczDF3FWZbi9aRku9r"
-      + "a1VgUbftiXeqmRpIWtZhfB40IELadTbEMTOi4pQ2cPcjZRAKAZwnijTfXEA5"
-      + "XwBQYdPvORlP6PJJv2Ai6Zc2XrevvOYLnSXSU+2ZpVuTTaX7xcQFi4APexyc"
-      + "Csfhpcpmb2K8jek3XN0jnOti9rU6Rlab9U5bPMLuOqoISsQ/x2ho3M0uYZIh"
-      + "9nGPixL1lxKgNDXfh0sZ7u7/AzCCAkEGCSqGSIb3DQEHAaCCAjIEggIuMIIC"
-      + "KjCCAiYGCyqGSIb3DQEMCgECoIIBszCCAa8wSQYJKoZIhvcNAQUNMDwwGwYJ"
-      + "KoZIhvcNAQUMMA4ECDD2zGfoVExtAgIIADAdBglghkgBZQMEAQIEEFER8VTx"
-      + "Owq7+dXKJn8zEMwEggFgpsQbBZJ1/NCAv5G05MsoujT6jNmhUI5RyHlKVqBD"
-      + "odvw/wS13qmWqUA3gL0/sJz/uf9/DJ7ur5XbkW56Y5qlqXBc8xvZ22Mabfy4"
-      + "hBzBuL+A6gfEQZNuZPiev0w02fEuVAtceDgsnJfMaawK06PUjxTUP3n/Bczc"
-      + "rhYYaGHwTtX+N6C3Q0Zn/W3zoIsoSruN6jc9x2DCAc3cdv5zaXxvZv6GhQou"
-      + "kcibQhRnTqQVRRWsF2zX3ZgPLJrQcB4NPGoEecHceD8jB6JnKqgGUpWybrjK"
-      + "7Mwwl2wB8Ffd2XpTTw2beiNSZXhCp+IxqgggwK3L1RGWhRoQE3esAVlCDhkz"
-      + "sk/ngnpqaauE9NVcrZEY0x6++/MOJssQZZ8X+Ci/zJuyH1dpUQii3kuw4F/O"
-      + "8nHiHClR0IA/xrVM+h0NC1/o2jCjeKXPf67j2Wp95o40apldtqlHyTm3TM2O"
-      + "uXrT5ExzcjFgMCMGCSqGSIb3DQEJFTEWBBSpuRoBZ82LWCyE2mXmT5Gmk1xv"
-      + "+DA5BgkqhkiG9w0BCRQxLB4qAHQAZQBzAHQAQABiAG8AdQBuAGMAeQBjAGEA"
-      + "cwB0AGwAZQAuAG8AcgBnMDEwITAJBgUrDgMCGgUABBQRvdgo1LVPm68qJcVT"
-      + "gw8dRrSS4gQISYYYgNAwxl0CAggA");
-
-    private byte[] pkcs5Aes192Pfx = Base64.decode(
-        "MIIFsQIBAzCCBXcGCSqGSIb3DQEHAaCCBWgEggVkMIIFYDCCAxcGCSqGSIb3"
-      + "DQEHBqCCAwgwggMEAgEAMIIC/QYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYw"
-      + "DgQImAP7SD16WkACAggAgIIC0MCS81oGaIY1yHwP6faAhe3eseR6gGMlezbx"
-      + "r/7jmVQ8xe2jsZwqRVp/WCx716/9RHab17UFy+e3efbCrCGUJGUU5OrADf0l"
-      + "6/S7v/C5hR5XeE12zukSe/c5mkGhPuM+for0daQpLP6zDQMNLENyp+mPVBsI"
-      + "7IqFihwWUow7lvZEwaUOmsu+m978BOqhMRykZ7MbEjq4lMumZNvp37WqPRrh"
-      + "eQ4tz7q47C+k5NkTjMz2s/2a9SZViW+FZWOvV0DXJj/BCpAARR0bQDpjqlQ8"
-      + "HoSjoVgP+p5Y1pnLBvI/pFecS4ZwM1TyAdFZbjFpkNe8DREO/Py+89kOJpZa"
-      + "aZoFKjxY5m7Z9ftJx615vih5d8D4t685tBJNAEiah9RFppNA41GpJc1winx1"
-      + "CuqQQqStOmmMD/uk1BEgaQ4R4lR88Bms69shK8Nk2U4egVYKdbrruulKY5M0"
-      + "dj5j2JChqYjE5dPxPyd1s0qYW9ABMeDT8l7gtiDTOfS4qZjVPWRW2vGbj80g"
-      + "HnBnd6SAC2DdWkY1QuDRVRABQO5NJPPqGhL2LclX1dE1FS0puXpl/oyxbAMU"
-      + "pCt+pnZZLPrMSZgZ6I3VWt+Dbg6jHtM4a+y3gsswL+uzdb4AnHqCcuFbnZDh"
-      + "2hz6IFsyw4LgUeIBJNBAqgag3VeJLL7bpKm58XSd/6hC369HXn91F1NAkBOO"
-      + "IZFZQPVgEufdryZck1/u0+zmyelAWG7Jq4SQF07C4v/dpgVH8U1OwR34+D0f"
-      + "0fPA3qdBLGL5cKNBxnKCx5+Gu/+dDR33aY176qaDZu7OmZkCJ3qkhOif7/Qi"
-      + "0s4NpG6ATLGD6TzSnmje3GwJze5KwOvMgAewWGScdqOE9KOh7iPC1kIDgwhE"
-      + "eBM+yciGGfinStyeSik6fLRi2JPnVNIALIh74DIfK3QJVVRNi9vuQ0j0Dm8C"
-      + "JSD/heWsebKIFrQSoeEAZCYPhzCCAkEGCSqGSIb3DQEHAaCCAjIEggIuMIIC"
-      + "KjCCAiYGCyqGSIb3DQEMCgECoIIBszCCAa8wSQYJKoZIhvcNAQUNMDwwGwYJ"
-      + "KoZIhvcNAQUMMA4ECBGQFSR+KZ2AAgIIADAdBglghkgBZQMEARYEEABRcxC7"
-      + "xWHsYaX2UsUZ5JoEggFgyrYAZowHdclsxaAeoY/Ch1F+NBb64bXdDOp56OWh"
-      + "HHu79vhLsjAOmbTYoMsmRZw8REen7ztBUv9h/f7WbfKs84FDI6LbM9EIaeun"
-      + "jrqaUdmSADQhakd7hJQhWAw4h/Df5KNhwsVJ1+i9RCtMzY1nFk1Pjg6yL/5E"
-      + "rWVvNRkconjrDbUwLPA+TfDlhOMapttER4k8kOY0WMc7iWHmowkh1JHUNbvC"
-      + "gEQvGwysXiFqoEcy/UbY7Wgke3h7HwoColAYorHhkV4/NBENmQbsiUdkxD/Z"
-      + "6KrgOuAvvluGUY79M6SusH11PfVBwyJX7Wt1HmllrykrsmJuF6UuN1BavUrR"
-      + "rr0Utm9T28iiqO6ky74V4XesmFdr7oObT2kLcGiFbWzXyVrWL3GM9N03CWXx"
-      + "b1M5hXACRlwKVp79qxeyw5k+ccixnjCumsSX8MMttKYwRJ1ML2YL0v8XdE0i"
-      + "LSkXsEoG5zFgMCMGCSqGSIb3DQEJFTEWBBSpuRoBZ82LWCyE2mXmT5Gmk1xv"
-      + "+DA5BgkqhkiG9w0BCRQxLB4qAHQAZQBzAHQAQABiAG8AdQBuAGMAeQBjAGEA"
-      + "cwB0AGwAZQAuAG8AcgBnMDEwITAJBgUrDgMCGgUABBQz1gLRjMDYVLIPGdsd"
-      + "4EPgRMGPtQQItR+KgKM/oRMCAggA");
-
-    private byte[] pkcs5Camellia128Pfx = Base64.decode(
-        "MIIFswIBAzCCBXkGCSqGSIb3DQEHAaCCBWoEggVmMIIFYjCCAxcGCSqGSIb3"
-      + "DQEHBqCCAwgwggMEAgEAMIIC/QYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYw"
-      + "DgQIq+wFOOOtSokCAggAgIIC0IWDRpk4L/tSSMfwWx0mN3ecbaL+m2XZWvN9"
-      + "hK1K5PghAYquCs36l603cYSV9pypOkGC5rn1d2fyZCFhUMOObSC7V/mpkitr"
-      + "OfOYpaW7tU1JJecpONgIHlbd8N4fbBtH73E7vdmi6X/tg4Tl7yJf40fruYVq"
-      + "yzqfJCO2aGJIFv6JWsFivjCwehBa+6ppCHBnNcj4SsVlozj1y2B0Wl2TVi3r"
-      + "joBIsK2RQ+RMjM55k3pS57mV+jXtd29wb2q9utDKogvpBCboTk8dPMFcFGWz"
-      + "2D41onJoEJKizAEIgXiS7UvqHddhIL9O/rSZ68j2d2GcFi1Oxer1PyZoCI61"
-      + "CpZdk2QeNeVaVFTPJ26We6J34w2ivZwHOhn+iUZ7q0Sm9gcYa1QRG79LA/AC"
-      + "nE3Xxzl4nEjRRi5AKb6IOnMKBbr0povesS8tL323x91uPZc0jMctC6Q+vegX"
-      + "tIZ7dZPuNxhqRHqb62LSm11cpYQWibj16rRQ0ulOFSQGIr514PvfbIig6oo8"
-      + "niwHuefp/ey/Zvl/dAl+um2UkVdR9Mwn8vTM8oMF+ptJfpWyZEIrP785Rpu3"
-      + "oyBMyEYA2djX7JsFvoCxKxGCC5VK3C/9EFv9xUGmiV0zrTPcHb1P4sK1AJyI"
-      + "vhSY+Tgv+Fjq5KoPCa4ZXP+Y+vSzkttcP8u7x0wt9cblvgzdBy9Ee1xqCdJd"
-      + "F67U6vbQ6ErDrdVAwtRqc0TsPKG1XH5NFtxTwILyCeh8XzdYMIaHkEnTuITQ"
-      + "eeICaUJ2YPZrADLxXTNHI9e6dVcDvhjf/JfBXZfiiqFH8XmbCIMqyGSGTmQr"
-      + "8uwb8cquLMS78RbXSHLNcv+f/DmPOClNjmWgVAYxaDuw5lZBaU+YDyZaKEy2"
-      + "Mdjd+lR/g2LZhvAEfcM3V4bzr17s0GOSwJ5/5yzczPKZZ8auMwML+Bcmoggt"
-      + "EJgubVFHg/3l11xVe2djfg78CTCCAkMGCSqGSIb3DQEHAaCCAjQEggIwMIIC"
-      + "LDCCAigGCyqGSIb3DQEMCgECoIIBtTCCAbEwSwYJKoZIhvcNAQUNMD4wGwYJ"
-      + "KoZIhvcNAQUMMA4ECInc03N3q5vSAgIIADAfBgsqgwiMmks9AQEBAgQQR+Uo"
-      + "WVvmSL5AcwwRq6vtOQSCAWD0Ms1i2wHGaFi6qUWLqA5EnmYFwqwQQlfz5To+"
-      + "FwVEpHQHrqd0pehOt1J9vyDVYwfjU8DUOJDovCiBIzRsopyf0Qp5hcZnaTDw"
-      + "YJSNd3pIAYiEUAzfdtC7tQw2v0aLt5X/7zthEcoRtTe061dK8DhbV4fALWa9"
-      + "VF2E91L35+wq52DblvpJHBw28PHTbuhfJZsNshXKO7qU7uk+UR6V/Pwc7rsp"
-      + "x/TQ35fVfm7v53rapdHlMVyY4Bx/4fdEWV9aK1cV3qOfiBMByxt8WD0xBLoc"
-      + "Yy3qo3+k/N7q6t4hqjus3LPVrmCbpgAe5S5EkDgnjy7Mpz19tf7hhzL957p2"
-      + "ecWregvR9rQHoWZNOaxS2e2hdOiZUPSxIJ46nOJyCnoZQHG0CFVEwwJkGcWf"
-      + "Thjz38U203IRzuCPgsO1f8wjSXXMp4xJQtJW2TqMm+5/aaDtuXAsUGqQzGiH"
-      + "DQfUs4z/PCKyMWAwIwYJKoZIhvcNAQkVMRYEFKm5GgFnzYtYLITaZeZPkaaT"
-      + "XG/4MDkGCSqGSIb3DQEJFDEsHioAdABlAHMAdABAAGIAbwB1AG4AYwB5AGMA"
-      + "YQBzAHQAbABlAC4AbwByAGcwMTAhMAkGBSsOAwIaBQAEFHIzAiyzoVOmPvLE"
-      + "XCD2HHG5MC23BAhhHlFnklHZYgICCAA=");
-
-    private byte[] pkcs5Camellia256Pfx = Base64.decode(
-        "MIIFswIBAzCCBXkGCSqGSIb3DQEHAaCCBWoEggVmMIIFYjCCAxcGCSqGSIb3"
-      + "DQEHBqCCAwgwggMEAgEAMIIC/QYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYw"
-      + "DgQIq+wFOOOtSokCAggAgIIC0IWDRpk4L/tSSMfwWx0mN3ecbaL+m2XZWvN9"
-      + "hK1K5PghAYquCs36l603cYSV9pypOkGC5rn1d2fyZCFhUMOObSC7V/mpkitr"
-      + "OfOYpaW7tU1JJecpONgIHlbd8N4fbBtH73E7vdmi6X/tg4Tl7yJf40fruYVq"
-      + "yzqfJCO2aGJIFv6JWsFivjCwehBa+6ppCHBnNcj4SsVlozj1y2B0Wl2TVi3r"
-      + "joBIsK2RQ+RMjM55k3pS57mV+jXtd29wb2q9utDKogvpBCboTk8dPMFcFGWz"
-      + "2D41onJoEJKizAEIgXiS7UvqHddhIL9O/rSZ68j2d2GcFi1Oxer1PyZoCI61"
-      + "CpZdk2QeNeVaVFTPJ26We6J34w2ivZwHOhn+iUZ7q0Sm9gcYa1QRG79LA/AC"
-      + "nE3Xxzl4nEjRRi5AKb6IOnMKBbr0povesS8tL323x91uPZc0jMctC6Q+vegX"
-      + "tIZ7dZPuNxhqRHqb62LSm11cpYQWibj16rRQ0ulOFSQGIr514PvfbIig6oo8"
-      + "niwHuefp/ey/Zvl/dAl+um2UkVdR9Mwn8vTM8oMF+ptJfpWyZEIrP785Rpu3"
-      + "oyBMyEYA2djX7JsFvoCxKxGCC5VK3C/9EFv9xUGmiV0zrTPcHb1P4sK1AJyI"
-      + "vhSY+Tgv+Fjq5KoPCa4ZXP+Y+vSzkttcP8u7x0wt9cblvgzdBy9Ee1xqCdJd"
-      + "F67U6vbQ6ErDrdVAwtRqc0TsPKG1XH5NFtxTwILyCeh8XzdYMIaHkEnTuITQ"
-      + "eeICaUJ2YPZrADLxXTNHI9e6dVcDvhjf/JfBXZfiiqFH8XmbCIMqyGSGTmQr"
-      + "8uwb8cquLMS78RbXSHLNcv+f/DmPOClNjmWgVAYxaDuw5lZBaU+YDyZaKEy2"
-      + "Mdjd+lR/g2LZhvAEfcM3V4bzr17s0GOSwJ5/5yzczPKZZ8auMwML+Bcmoggt"
-      + "EJgubVFHg/3l11xVe2djfg78CTCCAkMGCSqGSIb3DQEHAaCCAjQEggIwMIIC"
-      + "LDCCAigGCyqGSIb3DQEMCgECoIIBtTCCAbEwSwYJKoZIhvcNAQUNMD4wGwYJ"
-      + "KoZIhvcNAQUMMA4ECInc03N3q5vSAgIIADAfBgsqgwiMmks9AQEBAgQQR+Uo"
-      + "WVvmSL5AcwwRq6vtOQSCAWD0Ms1i2wHGaFi6qUWLqA5EnmYFwqwQQlfz5To+"
-      + "FwVEpHQHrqd0pehOt1J9vyDVYwfjU8DUOJDovCiBIzRsopyf0Qp5hcZnaTDw"
-      + "YJSNd3pIAYiEUAzfdtC7tQw2v0aLt5X/7zthEcoRtTe061dK8DhbV4fALWa9"
-      + "VF2E91L35+wq52DblvpJHBw28PHTbuhfJZsNshXKO7qU7uk+UR6V/Pwc7rsp"
-      + "x/TQ35fVfm7v53rapdHlMVyY4Bx/4fdEWV9aK1cV3qOfiBMByxt8WD0xBLoc"
-      + "Yy3qo3+k/N7q6t4hqjus3LPVrmCbpgAe5S5EkDgnjy7Mpz19tf7hhzL957p2"
-      + "ecWregvR9rQHoWZNOaxS2e2hdOiZUPSxIJ46nOJyCnoZQHG0CFVEwwJkGcWf"
-      + "Thjz38U203IRzuCPgsO1f8wjSXXMp4xJQtJW2TqMm+5/aaDtuXAsUGqQzGiH"
-      + "DQfUs4z/PCKyMWAwIwYJKoZIhvcNAQkVMRYEFKm5GgFnzYtYLITaZeZPkaaT"
-      + "XG/4MDkGCSqGSIb3DQEJFDEsHioAdABlAHMAdABAAGIAbwB1AG4AYwB5AGMA"
-      + "YQBzAHQAbABlAC4AbwByAGcwMTAhMAkGBSsOAwIaBQAEFHIzAiyzoVOmPvLE"
-      + "XCD2HHG5MC23BAhhHlFnklHZYgICCAA=");
-
-    private byte[] pkcs5Cast5Pfx = Base64.decode(
-        "MIIFqQIBAzCCBW8GCSqGSIb3DQEHAaCCBWAEggVcMIIFWDCCAxcGCSqGSIb3"
-      + "DQEHBqCCAwgwggMEAgEAMIIC/QYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYw"
-      + "DgQIkiiANhrORysCAggAgIIC0GDKlVmlIcRXqb1XoCIhnHcKRm1Sa/bCJc7j"
-      + "ylp5Y8l2/ugimFeeM1yjZRke+KxTPXL0TO859j45NGUArL6hZipx8v6RzvH7"
-      + "WqyJx5wuDwufItgoJT2DE4UFGZEi/pP/RWALxNEZysVB5zod56vw3dZu/+rR"
-      + "gPIO7mOnWgqC2P1Pw4YLXOk4qNxaCCwIIp9aJlAdvCRfLBqPr8QjJFMGw5NQ"
-      + "gcHLG3QRW846wUtOxZj2+/Qy9GNAvo+PV6qIR/IS/A+QUwQ3+7SRojUWMUhV"
-      + "6N/L/+l2UyU551pA5oX8anPbKCU5bRa/MRIpfPvm+XJpEpbwhS164X7wBFIR"
-      + "RSdoj83wEWcR0WFTCXijCRdJcniO+h13kiaR3ltBD0dETjM7xu1XvkbAb3EV"
-      + "71PeRQC8kY6DPsJCI9DWDBCnJpVzO4q2atzYej4IAZNgF9PBAwA5isAzurVz"
-      + "xxxS4SF930CnrFLb/CxF/IBuz6RBh0lreRMfCP5g5sZUp686kShMSeAKNb7s"
-      + "xU2YshusTTShhK+2tK8Lf7z9O/P59P0yZOiFDStrDRUPo7IAfUD29+1EdWVQ"
-      + "3LGBtN/t/YOedKGVxd+YXZ4YKFRoNBR9GHsL31wrOm14mmWNib6nbd5+6Zcj"
-      + "j3xXLLXG7MT40KlmsmKDYCVeGhc7AfGU3b/HceX5u30RUWbgaC0ATiM/vJKX"
-      + "djvCpEiB5pPy2YtpSNAc0bV9GsHorL85WjJDWnMlm3yoy+Bfiu/doNzMEytL"
-      + "ycXq4LtaRl6EV8G4ak59lNJ7HdsABcsSa2fxEa595hbWYeYB1xgt0mHl+btx"
-      + "E5hrfyZmjN74YDbkPSIWsAFktcCHF2eGrwK/2NTewKHdsE6FSzc1pAYDgnxT"
-      + "aNnhxw/Nfb1XmwH0C3soolJuoTRKyMJxvMDVuCSB2WyoyEjq+BNQzUTkYYR6"
-      + "Hijzd9ljvX84XUlicSucbTHHVDCCAjkGCSqGSIb3DQEHAaCCAioEggImMIIC"
-      + "IjCCAh4GCyqGSIb3DQEMCgECoIIBqzCCAacwQQYJKoZIhvcNAQUNMDQwGwYJ"
-      + "KoZIhvcNAQUMMA4ECCDJh37hrS+SAgIIADAVBgkqhkiG9n0HQgoECOXn7rhs"
-      + "5ectBIIBYLiRI2Yb955K6WAeTBXOnb58hJxgsir3zsGCoIRWlGNhr5Ur0ebX"
-      + "AnXyD5ER8HTaArSO2EtZlVI8Ff6OIcYg5sKliYJEgbI7TPKcaImD92Um4Qim"
-      + "/8h4xkM3K4VQmT0H8zFM3Mm/86mnON+2UjVcFBrCxek9m06gMlkIrxbiSh8X"
-      + "YAYfHGTKTTX4HtvkZsQTKkcxSVzavyfVZFw1QtRXShvvJDY6TUGplyycWvu/"
-      + "+braWfuH1u2AGh30g1+SOx7vnJM78a0rZIwd3TP9rKczzqexDF/GwuGuZF+1"
-      + "bMe8xxC1ZdMZ1Mnh27TNoGMuU5VVsqhs5NP0XehuuV8rHdzDDxdx/2buiA4+"
-      + "8SrzW5LQAs6Z+U3pna3UsuH24tIPMm3OfDH7WSBU6+nvXub7d5XxA31OYHEk"
-      + "nAsuo6p6iuosnedTObA9bX+mTU4nR3oaa87ZDIPxbQVTHKberFlYhDzmmwAx"
-      + "YDAjBgkqhkiG9w0BCRUxFgQUqbkaAWfNi1gshNpl5k+RppNcb/gwOQYJKoZI"
-      + "hvcNAQkUMSweKgB0AGUAcwB0AEAAYgBvAHUAbgBjAHkAYwBhAHMAdABsAGUA"
-      + "LgBvAHIAZzAxMCEwCQYFKw4DAhoFAAQUc8hyg5aq/58lH3whwo66zJkWY28E"
-      + "CKHZUIQsQX9hAgIIAA==");
-
-    private byte[] pkcs5TripleDesPfx = Base64.decode(
-        "MIACAQMwgAYJKoZIhvcNAQcBoIAEggvtMIIL6TCCAi4GCSqGSIb3DQEHAaCCAh8EggIbMIICFzCCAhMGCyqGSIb3DQEMCgECoIIBtjCCAbIwTAYJKoZIhvcNAQUNMD8wJwYJKoZIhvcNAQUMMBoEFBUELlgR1kddObFK69drbrg+019yAgIEADAUBggqhkiG9w0DBwQIz2EcPBbGnIYEggFgtgCSaH8l0ab1y708ziQ6joMPh0+1Byh32lIx4NSPPrRTfdtuViyaneW9nrurvPgFgwVPD46aDdqJpdnvoijNTsrJJEII7HZNGY1EaSulG0fIKl/brwOhKbvFaivBn1ya7UlQJ0dMoWBtuso/bxQbtxCI0TCVR8u4X0v8LbY0wt60NfFAenjbLwKBBIM6XPFfxUiI/6SqZ1mvizQItX8PRdRQac6TXjzZMjpG0lOEf9X5sC5mhadXPEjnHl1Avz7Z8rh4eHfjgJ9tRQjQrZPsBJfkUSyChZT5SX6ygaFS8qyRXN2p1H3PybOs2WyTe8wnR6cNiwTQeNhCIHkrq53t+3ohCpbrUBDR6dk8j7N7JB99QFGw6MUxb4gPxVPUsKdnWEBk6SJHqILxiyA0OQ1DzG/WDMf3NJnIhTltgdSOXf5b0N2YF0nkVyJ/+M1ly8ZdPjNSeC51UpbJ71+oe3ZGSDFKMCMGCSqGSIb3DQEJFDEWHhQARQByAGkAYwAnAHMAIABLAGUAeTAjBgkqhkiG9w0BCRUxFgQU0GzsbTWDvFUSGwzLPv7XJqYWZGgwggmzBgkqhkiG9w0BBwagggmkMIIJoAIBADCCCZkGCSqGSIb3DQEHATAoBgoqhkiG9w0BDAEFMBoEFIA4figx3imGUQhb2JYHfaHeZyiIAgIEAICCCWACyck70bFrveGYPZKFEjlqO5avWuitzpA/cv+L4IX5W3LOKQPSpuwy62rKnIUkT8wj//yiP7vHab15KYUqoHPz1IKxy/5zOGNzUGCkBDlxRpcDwvqxtEZwQ1XNaaFPLT0uu+KgEJ1vIU7rSOgav6Sa6lOOPKoZrTJLZtrHZzzCUZxFaiHwRb4BkfEJ1UltFEMqlqyexwGLso2wqYElneGMq1aVSEnEaIhwpatulQRzls3IYpZYftotPPjxp/+i506+06GrWZQoAcNhuSS6SKVwtGntV6T9PgfIoehmGkhJzq2R/xBMBk62T5nph+CVrmrBafSGRVoWkDdC/3zhdivxX0oSX/J7NM2cW2Ub9+eMSMaT7NUTWbDD2MvPemLewzgfA0ON7GAajorarZiu/KvBRGHqLKFZGERsBmDWOnrJKt8FPNzpqfGwTxH5pTPeT/2XeleqigujInvuh0xpkRG+5JOp2lnXbq9BqpozoJr92QzWx4aCagBCS1BJUWl8FUAhSwMgYdGreD6q6QU16hJ/VHDyM8iCu2BpLDSyvDs//0pI8wNMq8pan6qUYDxfpgtg5qHzLfnl2if0opnqvJQTKMPeGKYuqiCscf0Bnhap3Gs1vFo9P9tx5RMDtopKfzvbyi03TQ8XNcVxi1l0jho5dHMZEFvI24RU+hUJJWXng/EtkgGfEPXdDfjFFu/Fn1E2G8Ni1QQrkGnPDpKcasl225RjmNz6L7LdF2MnZ/MqRq+Unvy46tKkIhRVTh2tlSEcQKulytHWpJJ2ZUKSDsMRILHsa/HOlCQAYIv4mzH9TqEmelbFP89XYQsC7ukw6wd2fnDyrT4c8p3Qwh35DJuvoKpVEre4ETbVNHSOY9R0GsiPReDZidTsHDOZIeIIxICSTZ9PC0CInn2qunLiZSHw4L+0F51ALLqg196rTHnbo8JrsfLDHLkcZk/Xg7QMxLTT1wPlSIFnDBKqjzRBNmGJ1+tNErcek9n8G2DkLIkO1s8Y0Wyn9g6v62EkNgH+LVcXe2sWahBOUMr++hvoN2w0NjEZ8ZS9ndJHWurV7Z2cI1RvHYw85iLVXeJIl3+tdZKB1hXfGoLWaOzDBLp0nHTEAeHpLjJxNTHIsBV2OHFlOYGwRTPY6aPvPAEMnXHw+ZFKggphQzNWBTEI4bLZCKFoFtR1iBMlg4dyN2Tx+21rY4msySsMdFZK/a0N8QBRs9ZYMmK8hnPNEY+lFzyJM6Obz9Lp2JwQW5aQ/FW1B+ol7ZabVRQUcmWvqUNM0YaMQmTsHq9jBnzTckq6fKZXGGZfo2IZ4tIVGNXaf3rXk6eJuml281b80SUbIXmGjqXiWvSjuUk8omdzUU0sU8nY9EfQFxA4+AfUiWF4UbYWASOAnsaVuciLgQy0bATiPL1XNFdJsrJGpdSyZ0ElMKgegHHxO2Tv17A/a35Aa6kdt8HGTcuR49UD3CLt54QYY+QKdWZolos5dYL1pg+KiNripXjlrBjWrEiOhB2HRtxfR+5R3XYvcJ/tlJfh3CmhSoIP/R4NDqhv9RXR60rTnoc4VRvGxjRasU4XvWFgpHGB6FrGf9RcPOOf4QWQOIebSZdTh0K+gy8Lo7/P/WyME9ja4/O3BaeHv9U3o3KppyF2C3SDic/sbiSxUY7njUvIZ6huP5h+EymqAZwthBXYo/hQOsrGADc8f+aufykFdy/K+cRPuzPcjwwo5fyYFUrWkihRfk4sg42Fo90pzGka8quBrM5bvaZ7Nnh7ulGIxnlGQclprldi0iGx1w2qOuV5YJGkmcPz2ibHaosBlvq3uV1msHNNTWkHvbeLGCBcYnmdTQ7xTAWsG37/5XwO7rhGyrIFMCPpKEYDyJl+iq4iSmyPvWpReH3aIfJ95+sd86KrGQfnkYJgGw/8JL1brQSlD7cez0GAty2EksG8GCDC5nj/p1wc6mYG6LUNMAKGlZOq3xQ0reZ1f1J5FVjWye9Szn3arAiZBjFMiZcftcSwwH5XNcqsdlVGfAeczrT4A6PyXqYTwDd67aIIYiPB/f8ECG+u374sIGzsjJBzRLL/5pQCj7GcE5AySH+TAV2wRD5UdN7Vf3zxqE+/wW8yl3/i7zFJsMZJAuAKWlNYAk2J9A6LfX2qFOiCMQpoTkCszG2zL5rph0u99bHtQYt6pplc4YcVJmeY8FyiBLhO3FQBbKURSupet2jhitky3hWlG1OS3YBMnuzRcL1YJZi7N/fMLowQYe5w9NODaDbHMHOc6x9/62F2pr1NoiDqRLhj29hOyxFCOXDpS1IaWHaHHs8h4/BdUimDr1cF7oqLawwmS3Y1aH+grE+48OwywvbJ/OxLhjDVA0fQPeqiMxuHcQDsSZYgZENdbKzfUeUTdOtY/FW7t7c6QTEpRI4at40m/hoT4B/oy98Us+ASnxfz0+Bdindt7vdnOJFe8TbvmRCCvAepCaa5WGG4fmPm6O0PNesAiZjysttoXlb/3cQM7mCnAEF2GmbGSnvkvwlVR6oUM5gR/LdspayNRYshLQC+nc1mIjp7wm3NbMb30OlGTCHYuq4+F0rSOIBx0ByLlq0WCcR9Eo0NW41irh8FM5Eiv0S2WdOsaQoEEn2YYPIGAcrBn2HURxfgV3cX7SQEg6GdMh269c7qmDLCggCMb9M2V8yuef9PQngUbHp0ZmMGHd6YahKXrT2vmtUpxNd+PJjYNXHs/riCPxcGnxfKg+qU7Lr+mp37DXD+O64AKWecc31Ij+hdYiO+cW233nvcpGiLDZWngLTxI4RWS84xqFSOqUH09lu0d5Y7GGM6tfOzQWTo5B0wEcXMqd2LWy0ajy1je+6q9Leshc5M1sck3+skcxejiV4kQSrtPCtns8ReKi4NZ7GPzS5RK+wMxf64VzmLIWBGeTpltPeSQJVbnN6Rs62idqm+SYYiCxFwwg/bhUXR7PJhftd13jy6FdtJN7NXcVd/m7dLp12yrm73wpGCVXJ0EHNlOp7rAf++BGWKb8UfXGv7v6WX0rzlt0Pq1NU/mBJ0Bwu7PYyhbxZTUIbqxP8Z4vZmj4tAqJiFJo6PFUpCLGR5l/mabZ3xLOk/dIp23Ulk4OlzbUy2bv69cBf7JZTij/y7D8enhzcLmgJYzqP/dmzt4ddXeTTFh0Q3F/siTakCqwHlhgf9xUobq4UbeVYS4DNg4p+TpVtGaeNzZfJghkWr12UAAAAAMD0wITAJBgUrDgMCGgUABBSWOQXmLtuxsApEZah7LamMw962GgQUGHv9dKsB8Rivt0MPrLszcABHJ+4CAgQAAAA=");
-    private byte[] gostPfx = Base64.decode(
-        "MIIHEgIBAzCCBssGCSqGSIb3DQEHAaCCBrwEgga4MIIGtDCCBYEGCSqGSIb3"
-      + "DQEHBqCCBXIwggVuAgEAMIIFZwYJKoZIhvcNAQcBMFUGCSqGSIb3DQEFDTBI"
-      + "MCcGCSqGSIb3DQEFDDAaBAi114+lRrpkXAICCAAwCgYGKoUDAgIKBQAwHQYG"
-      + "KoUDAgIVMBMECLEIQPMsz/ZZBgcqhQMCAh8BgIIFAbu13yJiW/BnSKYKbtv9"
-      + "tDJoTv6l9BVpCCI4tvpzJnMeLBJyVZU4JevcJNii+R1LilVuuB+xc8e7/P4G"
-      + "6TILWmnnispr9KPRAbYRfoCJOa59+TYJMur58wwDuYgMapQAFzsvpzyUWi62"
-      + "o3uQbbLKO9hQCeJW2L+K9cbg8k33MjXMLpnblKpqmZbHTmBJDFR3xGw7IEjD"
-      + "UNqruu7DlHY6jctiVJSii9UNEVetSo9AAzfROxRjROg38VsWxLyO9wEMBv/8"
-      + "H8ur+zOtmQPGqirNXmN+pa08OvZin9kh7CgswW03xIbfsdGGGLRAWtvCnEwJ"
-      + "mS2tEfH1SZcuVLpMomhq3FU/jsc12k+vq/jw4I2cmfDL41ieK72bwNj8xUXu"
-      + "JHeoFSPGX4z+nsJUrFbFG4VBuDs2Y0SCWLyYZvdjvJwYjfqtyi/RoFSZjGHF"
-      + "crstf9YNQ0vW0efCJ7pUBH44OrbnCx5ng2U5jFm1b3HBIKA2RX+Tlhv14MgT"
-      + "KSftPZ67eSmgdsyPuQAdMu6fEdBMpVKMNZNRV565690sqi+1jOmH94TUX8XU"
-      + "2pRQj6eGGLq6lgGnnDabcePUEPXW8zW2KYrDKYJ/1QZmVGldvlqnjZMNhIO+"
-      + "Afsqax/P8RBjMduGqdilGdRzbN8PdhVaN0Ys+WzFxiS9gtaA2yPzcQuedWDN"
-      + "T7sIrfIapgFYmmHRQ7ht4AKj+lmOyNadONYw+ww+8RzHB1d2Kk+iXeZCtvH0"
-      + "XFWJZtuoGKSt/gkI0E2vpDfMbLaczaRC7ityO0iJs25ozP4JhZRBVvOmpxc9"
-      + "YuIetbTnTf1TLJKXDgt1IwPZeugbofSeiNv117lx8VgtvMYFD4W+WQlB8HnO"
-      + "C8NOYjkMPElc6PCMB9gGm0cIu1fKLvY8ycLav93JJjdDuC0kgKLb2+8mC5+2"
-      + "DdMkcfgW6hy4c98xnJs8enCww3A4xkRbMU13zMq70liqmKHV2SSurg5hwUHM"
-      + "ZthT8p988ZBrnqW24lXfMBqTK4YtIBMeMnvKocYBXr96ig3GfahI1Aj2Bw2e"
-      + "bpZTVeayYUd+2xX8JJMdqna6Q61AL8/eUhJUETz5+fgQJtPjcKmdJfVHO6nB"
-      + "vOk1t/rjK17eiXLxHCyvfP+Tw8lSFOhcvr4eIeG8WfsWNRu2eKKosOU7uash"
-      + "QpnvQieqDeijuRxf+tbbJ5D86inwbJqdxra7wNuZXmiaB9gFDzNbNjhtL+6i"
-      + "gUyX/iQHKi9bNK+PH6pdH/gkwnG/juhdgqoNY6GRty/LUOPgXD+r5e/ST16R"
-      + "vnlwrlKp5FzRWBEkem+dhelj3rb+cxKEyvPe3TvIUFcmIlV1VCRQ1fBHtX18"
-      + "eC3a3GprH8c40z3S/kdyk7GlFQ27DRLka+iDN05b+MP5jlgvfqYBKxwLfeNu"
-      + "MpxWoCUvYWiQdMih86/l0H+0o5UB8SqRbpuvr6fY910JCk0hDaO1pgB3HlRz"
-      + "k1vb46pg25heXQm3JmO+ghxjOGliYBWjl8p7AfRS9cjS8ca+X02Mv9Viv7Ce"
-      + "3+Gz0MVwfK98viJ3CFxkaEBlM2LM0IeUQbkHG+YwYaTSfl4GYyrug4F0ZdrA"
-      + "KeY9/kIxa/OJxjcIMs2H+2mSpxmrb7ylmHZ2RB8ITiduRVtO091hn/J7N+eT"
-      + "h6BvLBKIFU+UFUdgjxoDNDk7ao++Mu9T3dQfceFBOYzW9vMQgX30yaPLSdan"
-      + "ZMAP0VtiNjCCASsGCSqGSIb3DQEHAaCCARwEggEYMIIBFDCCARAGCyqGSIb3"
-      + "DQEMCgECoIGyMIGvMFUGCSqGSIb3DQEFDTBIMCcGCSqGSIb3DQEFDDAaBAiQ"
-      + "Owewo16xzQICCAAwCgYGKoUDAgIKBQAwHQYGKoUDAgIVMBMECHSCNJJcQ2VI"
-      + "BgcqhQMCAh8BBFYCyRRpFtZgnsxeK7ZHT+aOyoVmzhtnLrqoBHgV4nJJW2/e"
-      + "UcJjc2Rlbzfd+3L/GWcRGF8Bgn+MjiaAqE64Rzaao9t2hc3myw1WrCfPnoEx"
-      + "VI7OPBM5FzFMMCMGCSqGSIb3DQEJFTEWBBTV7LvI27QWRmHD45X2WKXYs3ct"
-      + "AzAlBgkqhkiG9w0BCRQxGB4WAGMAcABfAGUAeABwAG8AcgB0AGUAZDA+MC4w"
-      + "CgYGKoUDAgIJBQAEIJbGZorQsNM63+xozwEI561cTFVCbyHAEEpkvF3eijT8"
-      + "BAgY5sDtkrVeBQICCAA=");
-
-    private byte[] gostPfxFoo123 = Base64.decode(
-        "MIID6gIBAzCCA6MGCSqGSIb3DQEHAaCCA5QEggOQMIIDjDCCApQGCSqGSIb3"
-      + "DQEHBqCCAoUwggKBAgEAMIICegYJKoZIhvcNAQcBMFUGCSqGSIb3DQEFDTBI"
-      + "MCcGCSqGSIb3DQEFDDAaBAhIVrbUVNoQ2wICCAAwCgYGKoUDAgIKBQAwHQYG"
-      + "KoUDAgIVMBMECBLmAh+XCCYhBgcqhQMCAh8BgIICFP9hQLgDq5SORy2npOdo"
-      + "1bvoGl9Qdga1kV9s2c1/Y1kTGpuiYKfm5Il+PurzYdE5t/Wi2+SxoePm/AKA"
-      + "x1Ep5btK/002wnyRbUKdjgF1r7fMXRrd5Ioy8lYxB1v6qhHmzE5fz7FxY+iV"
-      + "Z70dSRS0JkTasI8MRsFLkJJfDb9twgoch8lYGFfYirHLcVy4xxA3JO9VSHm2"
-      + "8nuSWSnsmGN0ufPX14UpV2RFe3Rt0gZ0Jc8u2h2Mo0sIoVU6HVwdXzoe6LN7"
-      + "1NPZdRuhVtjxEvjDAvNJ8WHXQnBQMai2nVAj87uNr6OHLRs+foEccEY9WpPQ"
-      + "GPt4XbPt4MtmVctT2+Gsvf6Ws2UCx6hD4k8i28a6xS8lhTVam2g/2Z5cxtUV"
-      + "HxYt7j13HjuQVsuSNdgtrUnw3l43LnBxRZhlFz0r2zrvTB04ynenS+lGdVuG"
-      + "0TauIH+rdP1ubujw6lFdG9RNgUxWvS5IdwbFGX73a+ZrWiYJeERX11N/6r3g"
-      + "0EqVFNH9t/ROsdAtCCe2FycQoOSb+VxPU6I+SHjwe7Oa7R8Xxazh/eWTsV59"
-      + "QzPuLriUMbyYdQIf4xdclgcJoxFElopgl4orRfzH3XQsVbtTxN33lwjkE0j/"
-      + "686VtcO+b+dU7+BEB7O5yDcx1tupgre0ha/0KOlYfPvmbogGdDf0r6MOwrS7"
-      + "QFXxKlHfp8vn4mNwoy7pjrzjmjclkbkwgfEGCSqGSIb3DQEHAaCB4wSB4DCB"
-      + "3TCB2gYLKoZIhvcNAQwKAQKggaMwgaAwVQYJKoZIhvcNAQUNMEgwJwYJKoZI"
-      + "hvcNAQUMMBoECLD6Ld7TqurqAgIIADAKBgYqhQMCAgoFADAdBgYqhQMCAhUw"
-      + "EwQIoYXV7LETOEAGByqFAwICHwEERyBQK9LuYnOO0ELrge+a6JFeAVwPL85V"
-      + "ip2Kj/GfD3nzZR4tPzCwAt79RriKQklNqa3uCc9o0C9Zk5Qcj36SqiXxD1tz"
-      + "Ea63MSUwIwYJKoZIhvcNAQkVMRYEFKjg5gKM+i+vFhSwaga8YGaZ5thVMD4w"
-      + "LjAKBgYqhQMCAgkFAAQgIwD0CRCwva2Bjdlv5g970H2bCB1aafBNr/hxJLZE"
-      + "Ey4ECAW3VYXJzJpYAgIIAA==");
-
-    private byte[] desWithSha1 = Base64.decode(
-        "MIIBgTAbBgkqhkiG9w0BBQowDgQId6NZWs1Be5wCAgQABIIBYLineU3" +
-            "SS0NCA6Olpt9VciMD4gUHsaqqKZ7tZK83ig66ic4U/CwFEcc6sozkkk" +
-            "3tGp1PJ9XOofcRZhrAegUshROPtexMYlsarIlYvL+1dUzY2BZXVV34Z" +
-            "SBdko8+QI0G84neTh7lL0x/MoE+MV2LHNxjMSj1oDIp5DJ43LQ6oTxa" +
-            "IjMEH8UZSK9Lr/oWtBO4Gfm2OBIDfVLfdVGTX5D7a/dXgzunraVkHMm" +
-            "zHUqPoqw0HZewSYTCdU0qf0H695K81S1OcMEpV53oyCxw/chzIinzDC" +
-            "L+OjxUmFEKh7exfUKPeV4J6R5Wa1Ec0Xff+TWQ9yiwGnByGkd8eWCyf" +
-            "WsduibO7akY1/XiPziEUPTvs8guTdBm3l625AJOaHMn5PtDMuMSj2dM" +
-            "KpDnyOgNj5xADOJyetmZMcoC6dzNWs1zBZAQAmJ2soC114k03xhLaID" +
-            "NfNqx9WueoGaZ3qXbSUawlR8=");
-
-    private byte[] desWithMD5 = Base64.decode(
-        "MIIBgTAbBgkqhkiG9w0BBQMwDgQIdKRvcJb9DdgCAgQABIIBYEZ0Bpqy" +
-            "l/LNlzo/EhcPnGcgwvLdkh3mTwFxb5wOhDS+/cz82XrtFNosyvGUPo7V" +
-            "CyJjg0C05prNOOug4n5EEIcr0B/6p7ZKw9JLEq/gkfTUhVXS7tFsIzjD" +
-            "giVGc9T59fcqr4NWFtFAHxKb24ZESYL4BponDxWql465+s4oFLjEWob1" +
-            "AOA268q5PpWP1Og2BS0mBPuh6x/QOXzyfxaNRcJewT0uh0fCgCS05A+2" +
-            "wI7mJgQk1kEWdHPBMv/LAHiXgULa1gS+aLto8fISoHObY0H/KTTJ7rhY" +
-            "Epkjjw1khc0wrMBlpbcVJvqvxeMeelp26vPjqRL+08gUhHdzsJ3SokCD" +
-            "j5Z0Mmh1haduOXAALcdO5st6ZBqkA8o886bTqBYYRIFGzZIhJzOhe8iD" +
-            "GhHLM2yiA0RxlCtlnNMXruHKEvFYgzI3lVQov4jU5MIL1XjH0zPGyu9t" +
-            "/q8tpS4nbkRgGj8=");
-
-    /*
-     * we generate the CA's certificate
-     */
-    public static X509Certificate createMasterCert(
-        PublicKey pubKey,
-        PrivateKey privKey)
-        throws Exception
-    {
-        //
-        // signers name
-        //
-        String issuer = "C=AU, O=The Legion of the Bouncy Castle, OU=Bouncy Primary Certificate";
-
-        //
-        // subjects name - the same as we are self signed.
-        //
-        String subject = "C=AU, O=The Legion of the Bouncy Castle, OU=Bouncy Primary Certificate";
-
-        //
-        // create the certificate - version 1
-        //
-        X509v1CertificateBuilder v1CertBuilder = new JcaX509v1CertificateBuilder(
-            new X500Name(issuer),
-            BigInteger.valueOf(1),
-            new Date(System.currentTimeMillis() - 1000L * 60 * 60 * 24 * 30),
-            new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 30)),
-            new X500Name(subject),
-            pubKey);
-
-        X509CertificateHolder cert = v1CertBuilder.build(new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(privKey));
-
-        return new JcaX509CertificateConverter().setProvider(BC).getCertificate(cert);
-    }
-
-    /*
-     * we generate an intermediate certificate signed by our CA
-     */
-    public static X509Certificate createIntermediateCert(
-        PublicKey pubKey,
-        PrivateKey caPrivKey,
-        X509Certificate caCert)
-        throws Exception
-    {
-        //
-        // subject name builder.
-        //
-        X500NameBuilder subjectBuilder = new X500NameBuilder(BCStyle.INSTANCE);
-
-        subjectBuilder.addRDN(BCStyle.C, "AU");
-        subjectBuilder.addRDN(BCStyle.O, "The Legion of the Bouncy Castle");
-        subjectBuilder.addRDN(BCStyle.OU, "Bouncy Intermediate Certificate");
-        subjectBuilder.addRDN(BCStyle.EmailAddress, "feedback-crypto@bouncycastle.org");
-
-        //
-        // create the certificate - version 3
-        //
-        X509v3CertificateBuilder v3CertBuilder = new JcaX509v3CertificateBuilder(
-            JcaX500NameUtil.getIssuer(caCert),
-            BigInteger.valueOf(2),
-            new Date(System.currentTimeMillis() - 1000L * 60 * 60 * 24 * 30),
-            new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 30)),
-            subjectBuilder.build(),
-            pubKey);
-
-
-        //
-        // extensions
-        //
-        JcaX509ExtensionUtils utils = new JcaX509ExtensionUtils();
-
-        v3CertBuilder.addExtension(
-            Extension.subjectKeyIdentifier,
-            false,
-            utils.createSubjectKeyIdentifier(pubKey));
-
-        v3CertBuilder.addExtension(
-            Extension.authorityKeyIdentifier,
-            false,
-            utils.createAuthorityKeyIdentifier(caCert));
-
-        v3CertBuilder.addExtension(
-            Extension.basicConstraints,
-            true,
-            new BasicConstraints(0));
-
-        X509CertificateHolder cert = v3CertBuilder.build(new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(caPrivKey));
-
-        return new JcaX509CertificateConverter().setProvider(BC).getCertificate(cert);
-    }
-
-    /*
-     * we generate a certificate signed by our CA's intermediate certificate
-     */
-    public static X509Certificate createCert(
-        PublicKey pubKey,
-        PrivateKey caPrivKey,
-        PublicKey caPubKey)
-        throws Exception
-    {
-        //
-        // signer name builder.
-        //
-        X500NameBuilder issuerBuilder = new X500NameBuilder(BCStyle.INSTANCE);
-
-        issuerBuilder.addRDN(BCStyle.C, "AU");
-        issuerBuilder.addRDN(BCStyle.O, "The Legion of the Bouncy Castle");
-        issuerBuilder.addRDN(BCStyle.OU, "Bouncy Intermediate Certificate");
-        issuerBuilder.addRDN(BCStyle.EmailAddress, "feedback-crypto@bouncycastle.org");
-
-        //
-        // subject name builder
-        //
-        X500NameBuilder subjectBuilder = new X500NameBuilder(BCStyle.INSTANCE);
-
-        subjectBuilder.addRDN(BCStyle.C, "AU");
-        subjectBuilder.addRDN(BCStyle.O, "The Legion of the Bouncy Castle");
-        subjectBuilder.addRDN(BCStyle.L, "Melbourne");
-        subjectBuilder.addRDN(BCStyle.CN, "Eric H. Echidna");
-        subjectBuilder.addRDN(BCStyle.EmailAddress, "feedback-crypto@bouncycastle.org");
-
-        //
-        // create the certificate - version 3
-        //
-        X509v3CertificateBuilder v3CertBuilder = new JcaX509v3CertificateBuilder(
-            issuerBuilder.build(),
-            BigInteger.valueOf(3),
-            new Date(System.currentTimeMillis() - 1000L * 60 * 60 * 24 * 30),
-            new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 30)),
-            subjectBuilder.build(),
-            pubKey);
-
-
-        //
-        // add the extensions
-        //
-        JcaX509ExtensionUtils utils = new JcaX509ExtensionUtils();
-
-        v3CertBuilder.addExtension(
-            Extension.subjectKeyIdentifier,
-            false,
-            utils.createSubjectKeyIdentifier(pubKey));
-
-        v3CertBuilder.addExtension(
-            Extension.authorityKeyIdentifier,
-            false,
-            utils.createAuthorityKeyIdentifier(caPubKey));
-
-        X509CertificateHolder cert = v3CertBuilder.build(new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(caPrivKey));
-
-        return new JcaX509CertificateConverter().setProvider(BC).getCertificate(cert);
-    }
-
-    public void setUp()
-    {
-        Security.addProvider(new BouncyCastleProvider());
-    }
-
-    public void testPfxPdu()
-        throws Exception
-    {
-        //
-        // set up the keys
-        //
-        KeyFactory fact = KeyFactory.getInstance("RSA", BC);
-        PrivateKey privKey = fact.generatePrivate(privKeySpec);
-        PublicKey pubKey = fact.generatePublic(pubKeySpec);
-
-        X509Certificate[] chain = createCertChain(fact, pubKey);
-
-        PKCS12PfxPdu pfx = createPfx(privKey, pubKey, chain);
-
-        //
-        // now try reading our object
-        //
-        KeyStore store = KeyStore.getInstance("PKCS12", "BC");
-
-        store.load(new ByteArrayInputStream(pfx.toASN1Structure().getEncoded()), passwd);
-
-        PrivateKey recPrivKey = (PrivateKey)store.getKey("Eric's Key", passwd);
-
-        if (!privKey.equals(recPrivKey))
-        {
-            fail("private key extraction failed");
-        }
-
-        Certificate[] certChain = store.getCertificateChain("Eric's Key");
-
-        for (int i = 0; i != certChain.length; i++)
-        {
-            if (!certChain[i].equals(chain[i]))
-            {
-                fail("certificate recovery failed");
-            }
-        }
-    }
-
-    public void testPfxPduMac()
-        throws Exception
-    {
-        //
-        // set up the keys
-        //
-        KeyFactory fact = KeyFactory.getInstance("RSA", BC);
-        PrivateKey privKey = fact.generatePrivate(privKeySpec);
-        PublicKey pubKey = fact.generatePublic(pubKeySpec);
-
-        X509Certificate[] chain = createCertChain(fact, pubKey);
-
-        PKCS12PfxPdu pfx = createPfx(privKey, pubKey, chain);
-
-        assertTrue(pfx.hasMac());
-        assertTrue(pfx.isMacValid(new BcPKCS12MacCalculatorBuilderProvider(BcDefaultDigestProvider.INSTANCE), passwd));
-        assertFalse(pfx.isMacValid(new BcPKCS12MacCalculatorBuilderProvider(BcDefaultDigestProvider.INSTANCE), "not right".toCharArray()));
-    }
-
-    public void testBcEncryptedPrivateKeyInfo()
-        throws Exception
-    {
-        KeyFactory fact = KeyFactory.getInstance("RSA", BC);
-        PrivateKey privKey = fact.generatePrivate(privKeySpec);
-
-        PKCS8EncryptedPrivateKeyInfoBuilder builder = new JcaPKCS8EncryptedPrivateKeyInfoBuilder(privKey);
-
-        PKCS8EncryptedPrivateKeyInfo priv = builder.build(new BcPKCS12PBEOutputEncryptorBuilder(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, new CBCBlockCipher(new DESedeEngine())).build(passwd));
-
-        PrivateKeyInfo info = priv.decryptPrivateKeyInfo(new BcPKCS12PBEInputDecryptorProviderBuilder().build(passwd));
-
-        assertTrue(Arrays.areEqual(info.getEncoded(), privKey.getEncoded()));
-    }
-
-    public void testEncryptedPrivateKeyInfo()
-        throws Exception
-    {
-        KeyFactory fact = KeyFactory.getInstance("RSA", BC);
-        PrivateKey privKey = fact.generatePrivate(privKeySpec);
-
-        PKCS8EncryptedPrivateKeyInfoBuilder builder = new JcaPKCS8EncryptedPrivateKeyInfoBuilder(privKey);
-
-        PKCS8EncryptedPrivateKeyInfo priv = builder.build(new JcePKCSPBEOutputEncryptorBuilder(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC).build(passwd));
-
-        PrivateKeyInfo info = priv.decryptPrivateKeyInfo(new JcePKCSPBEInputDecryptorProviderBuilder().build(passwd));
-
-        assertTrue(Arrays.areEqual(info.getEncoded(), privKey.getEncoded()));
-    }
-
-    public void testEncryptedPrivateKeyInfoPKCS5()
-        throws Exception
-    {
-        KeyFactory fact = KeyFactory.getInstance("RSA", BC);
-        PrivateKey privKey = fact.generatePrivate(privKeySpec);
-
-        PKCS8EncryptedPrivateKeyInfoBuilder builder = new JcaPKCS8EncryptedPrivateKeyInfoBuilder(privKey);
-
-        PKCS8EncryptedPrivateKeyInfo priv = builder.build(new JcePKCSPBEOutputEncryptorBuilder(NISTObjectIdentifiers.id_aes256_CBC).setProvider("BC").build(passwd));
-
-        PrivateKeyInfo info = priv.decryptPrivateKeyInfo(new JcePKCSPBEInputDecryptorProviderBuilder().setProvider("BC").build(passwd));
-
-        assertTrue(Arrays.areEqual(info.getEncoded(), privKey.getEncoded()));
-    }
-
-    public void testEncryptedPrivateKeyInfoDESWithSHA1()
-        throws Exception
-    {
-        checkEncryptedPrivateKeyInfo("PKCS#5 Scheme 1".toCharArray(), desWithSha1);
-    }
-
-    public void testEncryptedPrivateKeyInfoDESWithMD5()
-        throws Exception
-    {
-        checkEncryptedPrivateKeyInfo("PKCS#5 Scheme 1".toCharArray(), desWithMD5);
-    }
-
-    private void checkEncryptedPrivateKeyInfo(char[] password, byte[] encodedEncPKInfo)
-        throws Exception
-    {
-        KeyFactory fact = KeyFactory.getInstance("RSA", BC);
-        PrivateKey privKey = fact.generatePrivate(privKeySpec);
-        EncryptedPrivateKeyInfo encPKInfo = new EncryptedPrivateKeyInfo(encodedEncPKInfo);
-
-        Cipher cipher = Cipher.getInstance(encPKInfo.getAlgName(), "BC");
-
-        PBEKeySpec pbeKeySpec = new PBEKeySpec(password);
-
-        SecretKeyFactory skFac = SecretKeyFactory.getInstance(encPKInfo.getAlgName(), "BC");
-
-        Key pbeKey = skFac.generateSecret(pbeKeySpec);
-
-        AlgorithmParameters algParams = encPKInfo.getAlgParameters();
-
-        cipher.init(Cipher.DECRYPT_MODE, pbeKey, algParams);
-
-        KeySpec pkcs8KeySpec = encPKInfo.getKeySpec(cipher);
-
-        RSAPrivateCrtKey rsaPriv = (RSAPrivateCrtKey)fact.generatePrivate(pkcs8KeySpec);
-
-        assertEquals(privKey, rsaPriv);
-    }
-
-    public void testKeyBag()
-        throws Exception
-    {
-        OutputEncryptor encOut = new BcPKCS12PBEOutputEncryptorBuilder(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, new CBCBlockCipher(new DESedeEngine())).build(passwd);
-        InputDecryptorProvider inputDecryptorProvider = new BcPKCS12PBEInputDecryptorProviderBuilder().build(passwd);
-        KeyFactory fact = KeyFactory.getInstance("RSA", BC);
-        PrivateKey privKey = fact.generatePrivate(privKeySpec);
-        PKCS12SafeBagBuilder keyBagBuilder = new JcaPKCS12SafeBagBuilder(privKey);
-
-        keyBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString("Eric's Key"));
-
-        PKCS12PfxPduBuilder builder = new PKCS12PfxPduBuilder();
-
-        builder.addEncryptedData(encOut, keyBagBuilder.build());
-
-        PKCS12PfxPdu pfx = builder.build(new BcPKCS12MacCalculatorBuilder(), passwd);
-        assertTrue(pfx.hasMac());
-        assertTrue(pfx.isMacValid(new BcPKCS12MacCalculatorBuilderProvider(BcDefaultDigestProvider.INSTANCE), passwd));
-
-        ContentInfo[] infos = pfx.getContentInfos();
-
-        for (int i = 0; i != infos.length; i++)
-        {
-            if (infos[i].getContentType().equals(PKCSObjectIdentifiers.encryptedData))
-            {
-                PKCS12SafeBagFactory dataFact = new PKCS12SafeBagFactory(infos[i], inputDecryptorProvider);
-
-                PKCS12SafeBag[] bags = dataFact.getSafeBags();
-
-                assertEquals(1, bags.length);
-                assertEquals(PKCSObjectIdentifiers.keyBag, bags[0].getType());
-
-                assertTrue(Arrays.areEqual(privKey.getEncoded(), ((PrivateKeyInfo)bags[0].getBagValue()).getEncoded()));
-
-                Attribute[] attributes = bags[0].getAttributes();
-
-                assertEquals(1, attributes.length);
-
-                assertEquals(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, attributes[0].getAttrType());
-
-                ASN1Encodable[] attrValues = attributes[0].getAttributeValues();
-
-                assertEquals(1, attrValues.length);
-                assertEquals(new DERBMPString("Eric's Key"), attrValues[0]);
-            }
-            else
-            {
-                fail("unknown bag encountered");
-            }
-        }
-    }
-
-    public void testSafeBagRecovery()
-        throws Exception
-    {
-        InputDecryptorProvider inputDecryptorProvider = new BcPKCS12PBEInputDecryptorProviderBuilder().build(passwd);
-        KeyFactory fact = KeyFactory.getInstance("RSA", BC);
-        PrivateKey privKey = fact.generatePrivate(privKeySpec);
-        PublicKey pubKey = fact.generatePublic(pubKeySpec);
-
-        X509Certificate[] chain = createCertChain(fact, pubKey);
-
-        PKCS12PfxPdu pfx = createPfx(privKey, pubKey, chain);
-
-        ContentInfo[] infos = pfx.getContentInfos();
-
-        for (int i = 0; i != infos.length; i++)
-        {
-            if (infos[i].getContentType().equals(PKCSObjectIdentifiers.encryptedData))
-            {
-                PKCS12SafeBagFactory dataFact = new PKCS12SafeBagFactory(infos[i], inputDecryptorProvider);
-
-                PKCS12SafeBag[] bags = dataFact.getSafeBags();
-
-                assertEquals(3, bags.length);
-                assertEquals(PKCSObjectIdentifiers.certBag, bags[0].getType());
-
-                for (int j = 0; j != bags.length; j++)
-                {
-                    assertTrue(Arrays.areEqual(chain[j].getEncoded(), ((X509CertificateHolder)bags[j].getBagValue()).getEncoded()));
-                }
-            }
-            else
-            {
-                PKCS12SafeBagFactory dataFact = new PKCS12SafeBagFactory(infos[i]);
-
-                PKCS12SafeBag[] bags = dataFact.getSafeBags();
-
-                assertEquals(1, bags.length);
-                assertEquals(PKCSObjectIdentifiers.pkcs8ShroudedKeyBag, bags[0].getType());
-
-                PKCS8EncryptedPrivateKeyInfo encInfo = (PKCS8EncryptedPrivateKeyInfo)bags[0].getBagValue();
-                PrivateKeyInfo info = encInfo.decryptPrivateKeyInfo(inputDecryptorProvider);
-
-                assertTrue(Arrays.areEqual(info.getEncoded(), privKey.getEncoded()));
-            }
-        }
-    }
-
-    public void testExceptions()
-        throws Exception
-    {
-        PKCS12SafeBagFactory dataFact;
-
-        try
-        {
-            dataFact = new PKCS12SafeBagFactory(new ContentInfo(PKCSObjectIdentifiers.data, new DERSequence()), null);
-        }
-        catch (IllegalArgumentException e)
-        {
-
-        }
-
-        try
-        {
-            dataFact = new PKCS12SafeBagFactory(new ContentInfo(PKCSObjectIdentifiers.encryptedData, new DERSequence()));
-        }
-        catch (IllegalArgumentException e)
-        {
-
-        }
-    }
-
-    public void testBasicPKCS12()
-        throws Exception
-    {
-        InputDecryptorProvider inputDecryptorProvider = new JcePKCSPBEInputDecryptorProviderBuilder()
-                                                              .setProvider("BC").build(pkcs12Pass.toCharArray());
-        PKCS12PfxPdu pfx = new PKCS12PfxPdu(pkcs12);
-
-        ContentInfo[] infos = pfx.getContentInfos();
-
-        for (int i = 0; i != infos.length; i++)
-        {
-            if (infos[i].getContentType().equals(PKCSObjectIdentifiers.encryptedData))
-            {
-                PKCS12SafeBagFactory dataFact = new PKCS12SafeBagFactory(infos[i], inputDecryptorProvider);
-
-                PKCS12SafeBag[] bags = dataFact.getSafeBags();
-
-                // TODO: finish!
-//                assertEquals(3, bags.length);
-//                assertEquals(PKCSObjectIdentifiers.certBag, bags[0].getType());
-            }
-            else
-            {
-                PKCS12SafeBagFactory dataFact = new PKCS12SafeBagFactory(infos[i]);
-
-                PKCS12SafeBag[] bags = dataFact.getSafeBags();
-
-                assertEquals(1, bags.length);
-                assertEquals(PKCSObjectIdentifiers.pkcs8ShroudedKeyBag, bags[0].getType());
-
-                PKCS8EncryptedPrivateKeyInfo encInfo = (PKCS8EncryptedPrivateKeyInfo)bags[0].getBagValue();
-                PrivateKeyInfo info = encInfo.decryptPrivateKeyInfo(inputDecryptorProvider);
-            }
-        }
-    }
-
-    public void testSHA256withPKCS5()
-        throws Exception
-    {
-        InputDecryptorProvider inputDecryptorProvider = new JcePKCSPBEInputDecryptorProviderBuilder()
-                                                              .setProvider("BC").build(sha256Pass.toCharArray());
-        PKCS12PfxPdu pfx = new PKCS12PfxPdu(sha256Pfx);
-
-        ContentInfo[] infos = pfx.getContentInfos();
-
-        for (int i = 0; i != infos.length; i++)
-        {
-            if (infos[i].getContentType().equals(PKCSObjectIdentifiers.encryptedData))
-            {
-                PKCS12SafeBagFactory dataFact = new PKCS12SafeBagFactory(infos[i], inputDecryptorProvider);
-
-                PKCS12SafeBag[] bags = dataFact.getSafeBags();
-
-                // TODO: finish!
-//                assertEquals(3, bags.length);
-//                assertEquals(PKCSObjectIdentifiers.certBag, bags[0].getType());
-            }
-            else
-            {
-                PKCS12SafeBagFactory dataFact = new PKCS12SafeBagFactory(infos[i]);
-
-                PKCS12SafeBag[] bags = dataFact.getSafeBags();
-
-                assertEquals(1, bags.length);
-                assertEquals(PKCSObjectIdentifiers.pkcs8ShroudedKeyBag, bags[0].getType());
-
-                PKCS8EncryptedPrivateKeyInfo encInfo = (PKCS8EncryptedPrivateKeyInfo)bags[0].getBagValue();
-                PrivateKeyInfo info = encInfo.decryptPrivateKeyInfo(inputDecryptorProvider);
-            }
-        }
-    }
-
-    public void testCreateTripleDESAndSHA1()
-        throws Exception
-    {
-        testCipherAndDigest(PKCSObjectIdentifiers.des_EDE3_CBC, OIWObjectIdentifiers.idSHA1);
-    }
-
-    public void testCreateAES256andSHA256()
-        throws Exception
-    {
-        testCipherAndDigest(NISTObjectIdentifiers.id_aes256_CBC, NISTObjectIdentifiers.id_sha256);
-    }
-
-    private void testCipherAndDigest(ASN1ObjectIdentifier cipherOid, ASN1ObjectIdentifier digestOid)
-        throws Exception
-    {
-        OutputEncryptor encOut = new JcePKCSPBEOutputEncryptorBuilder(cipherOid).setProvider("BC").build(passwd);
-
-        KeyFactory fact = KeyFactory.getInstance("RSA", BC);
-        PrivateKey privKey = fact.generatePrivate(privKeySpec);
-        PublicKey pubKey = fact.generatePublic(pubKeySpec);
-
-        X509Certificate[] chain = createCertChain(fact, pubKey);
-
-        PKCS12SafeBagBuilder taCertBagBuilder = new JcaPKCS12SafeBagBuilder(chain[2]);
-
-        taCertBagBuilder.addBagAttribute(PKCS12SafeBag.friendlyNameAttribute, new DERBMPString("Bouncy Primary Certificate"));
-
-        PKCS12SafeBagBuilder caCertBagBuilder = new JcaPKCS12SafeBagBuilder(chain[1]);
-
-        caCertBagBuilder.addBagAttribute(PKCS12SafeBag.friendlyNameAttribute, new DERBMPString("Bouncy Intermediate Certificate"));
-
-        JcaX509ExtensionUtils extUtils = new JcaX509ExtensionUtils();
-        PKCS12SafeBagBuilder eeCertBagBuilder = new JcaPKCS12SafeBagBuilder(chain[0]);
-
-        eeCertBagBuilder.addBagAttribute(PKCS12SafeBag.friendlyNameAttribute, new DERBMPString("Eric's Key"));
-        SubjectKeyIdentifier pubKeyId = extUtils.createSubjectKeyIdentifier(chain[0].getPublicKey());
-        eeCertBagBuilder.addBagAttribute(PKCS12SafeBag.localKeyIdAttribute, pubKeyId);
-
-        PKCS12SafeBagBuilder keyBagBuilder = new JcaPKCS12SafeBagBuilder(privKey, encOut);
-
-        keyBagBuilder.addBagAttribute(PKCS12SafeBag.friendlyNameAttribute, new DERBMPString("Eric's Key"));
-        keyBagBuilder.addBagAttribute(PKCS12SafeBag.localKeyIdAttribute, pubKeyId);
-
-        PKCS12PfxPduBuilder builder = new PKCS12PfxPduBuilder();
-
-        builder.addData(keyBagBuilder.build());
-
-        builder.addEncryptedData(new JcePKCSPBEOutputEncryptorBuilder(PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC2_CBC).setProvider("BC").build(passwd), new PKCS12SafeBag[] { eeCertBagBuilder.build(), caCertBagBuilder.build(), taCertBagBuilder.build() });
-
-        PKCS12PfxPdu pfx = builder.build(new JcePKCS12MacCalculatorBuilder(digestOid), passwd);
-
-        assertTrue(pfx.hasMac());
-        assertTrue(pfx.isMacValid(new JcePKCS12MacCalculatorBuilderProvider().setProvider("BC"), passwd));
-
-        InputDecryptorProvider inputDecryptorProvider = new JcePKCSPBEInputDecryptorProviderBuilder()
-                                                              .setProvider("BC").build(passwd);
-
-        pfx = new PKCS12PfxPdu(pfx.toASN1Structure().getEncoded());
-
-        ContentInfo[] infos = pfx.getContentInfos();
-        boolean encDataFound = false;
-        boolean pkcs8Found = false;
-
-        for (int i = 0; i != infos.length; i++)
-        {
-            if (infos[i].getContentType().equals(PKCSObjectIdentifiers.encryptedData))
-            {
-                encDataFound = true;
-                PKCS12SafeBagFactory dataFact = new PKCS12SafeBagFactory(infos[i], inputDecryptorProvider);
-
-                PKCS12SafeBag[] bags = dataFact.getSafeBags();
-
-                assertEquals(3, bags.length);
-                assertEquals(PKCSObjectIdentifiers.certBag, bags[0].getType());
-            }
-            else
-            {
-                pkcs8Found = true;
-                PKCS12SafeBagFactory dataFact = new PKCS12SafeBagFactory(infos[i]);
-
-                PKCS12SafeBag[] bags = dataFact.getSafeBags();
-
-                assertEquals(1, bags.length);
-                assertEquals(PKCSObjectIdentifiers.pkcs8ShroudedKeyBag, bags[0].getType());
-
-                PKCS8EncryptedPrivateKeyInfo encInfo = (PKCS8EncryptedPrivateKeyInfo)bags[0].getBagValue();
-                PrivateKeyInfo info = encInfo.decryptPrivateKeyInfo(inputDecryptorProvider);
-            }
-        }
-
-        assertTrue(encDataFound);
-        assertTrue(pkcs8Found);
-
-        KeyStore ks = KeyStore.getInstance("PKCS12", "BC");
-
-        ks.load(new ByteArrayInputStream(pfx.getEncoded(ASN1Encoding.DL)), passwd);
-
-        assertTrue(ks.containsAlias("Eric's Key"));
-    }
-
-    public void testPKCS5()
-        throws Exception
-    {
-        doPKCS5Test(pkcs5Aes128Pfx);
-        doPKCS5Test(pkcs5Aes192Pfx);
-        doPKCS5Test(pkcs5Camellia128Pfx);
-        doPKCS5Test(pkcs5Camellia256Pfx);
-        doPKCS5Test(pkcs5Cast5Pfx);
-        doPKCS5Test(pkcs5TripleDesPfx);
-    }
-
-    private void doPKCS5Test(byte[] keyStore)
-        throws Exception
-    {
-        InputDecryptorProvider inputDecryptorProvider = new JcePKCSPBEInputDecryptorProviderBuilder()
-                                                                      .setProvider("BC").build(pkcs5Pass.toCharArray());
-        PKCS12PfxPdu pfx = new PKCS12PfxPdu(keyStore);
-
-        ContentInfo[] infos = pfx.getContentInfos();
-
-        for (int i = 0; i != infos.length; i++)
-        {
-            if (infos[i].getContentType().equals(PKCSObjectIdentifiers.encryptedData))
-            {
-                PKCS12SafeBagFactory dataFact = new PKCS12SafeBagFactory(infos[i], inputDecryptorProvider);
-
-                PKCS12SafeBag[] bags = dataFact.getSafeBags();
-
-                // TODO: finish!
-//                assertEquals(3, bags.length);
-//                assertEquals(PKCSObjectIdentifiers.certBag, bags[0].getType());
-            }
-            else
-            {
-                PKCS12SafeBagFactory dataFact = new PKCS12SafeBagFactory(infos[i]);
-
-                PKCS12SafeBag[] bags = dataFact.getSafeBags();
-
-                assertEquals(1, bags.length);
-                assertEquals(PKCSObjectIdentifiers.pkcs8ShroudedKeyBag, bags[0].getType());
-
-                PKCS8EncryptedPrivateKeyInfo encInfo = (PKCS8EncryptedPrivateKeyInfo)bags[0].getBagValue();
-                PrivateKeyInfo info = encInfo.decryptPrivateKeyInfo(inputDecryptorProvider);
-            }
-        }
-
-        // BC key store check
-        KeyStore ks = KeyStore.getInstance("PKCS12", "BC");
-
-        ks.load(new ByteArrayInputStream(pfx.getEncoded(ASN1Encoding.DL)), pkcs5Pass.toCharArray());
-    }
-
-    public void testGOST1()
-        throws Exception
-    {
-        char[] password = "1".toCharArray();
-
-        InputDecryptorProvider inputDecryptorProvider = new JcePKCSPBEInputDecryptorProviderBuilder()
-                                                                      .setProvider("BC").build(password);
-        PKCS12PfxPdu pfx = new PKCS12PfxPdu(gostPfx);
-
-        assertTrue(pfx.hasMac());
-        assertTrue(pfx.isMacValid(new JcePKCS12MacCalculatorBuilderProvider().setProvider("BC"), password));
-
-        ContentInfo[] infos = pfx.getContentInfos();
-
-        for (int i = 0; i != infos.length; i++)
-        {
-            if (infos[i].getContentType().equals(PKCSObjectIdentifiers.encryptedData))
-            {
-               PKCS12SafeBagFactory dataFact = new PKCS12SafeBagFactory(infos[i], inputDecryptorProvider);
-
-              PKCS12SafeBag[] bags = dataFact.getSafeBags();
-
-                // TODO: finish!
-//                assertEquals(3, bags.length);
-//                assertEquals(PKCSObjectIdentifiers.certBag, bags[0].getType());
-            }
-            else
-            {
-                PKCS12SafeBagFactory dataFact = new PKCS12SafeBagFactory(infos[i]);
-
-                PKCS12SafeBag[] bags = dataFact.getSafeBags();
-
-                assertEquals(1, bags.length);
-                assertEquals(PKCSObjectIdentifiers.pkcs8ShroudedKeyBag, bags[0].getType());
-
-                PKCS8EncryptedPrivateKeyInfo encInfo = (PKCS8EncryptedPrivateKeyInfo)bags[0].getBagValue();
-                PrivateKeyInfo info = encInfo.decryptPrivateKeyInfo(inputDecryptorProvider);
-                assertEquals(CryptoProObjectIdentifiers.gostR3410_2001, info.getPrivateKeyAlgorithm().getAlgorithm());
-            }
-        }
-    }
-
-    public void testGOST2()
-        throws Exception
-    {
-        char[] password = "foo123".toCharArray();
-
-        InputDecryptorProvider inputDecryptorProvider = new JcePKCSPBEInputDecryptorProviderBuilder()
-                                                                      .setProvider("BC").build(password);
-        PKCS12PfxPdu pfx = new PKCS12PfxPdu(gostPfxFoo123);
-
-        assertTrue(pfx.hasMac());
-        assertTrue(pfx.isMacValid(new JcePKCS12MacCalculatorBuilderProvider().setProvider("BC"), password));
-
-        ContentInfo[] infos = pfx.getContentInfos();
-
-        for (int i = 0; i != infos.length; i++)
-        {
-            if (infos[i].getContentType().equals(PKCSObjectIdentifiers.encryptedData))
-            {
-                PKCS12SafeBagFactory dataFact = new PKCS12SafeBagFactory(infos[i], inputDecryptorProvider);
-
-                PKCS12SafeBag[] bags = dataFact.getSafeBags();
-
-                // TODO: finish!
-//                assertEquals(3, bags.length);
-//                assertEquals(PKCSObjectIdentifiers.certBag, bags[0].getType());
-            }
-            else
-            {
-                PKCS12SafeBagFactory dataFact = new PKCS12SafeBagFactory(infos[i]);
-
-                PKCS12SafeBag[] bags = dataFact.getSafeBags();
-
-                assertEquals(1, bags.length);
-                assertEquals(PKCSObjectIdentifiers.pkcs8ShroudedKeyBag, bags[0].getType());
-
-                PKCS8EncryptedPrivateKeyInfo encInfo = (PKCS8EncryptedPrivateKeyInfo)bags[0].getBagValue();
-                PrivateKeyInfo info = encInfo.decryptPrivateKeyInfo(inputDecryptorProvider);
-                assertEquals(CryptoProObjectIdentifiers.gostR3410_2001, info.getPrivateKeyAlgorithm().getAlgorithm());
-            }
-        }
-    }
-
-    private X509Certificate[] createCertChain(KeyFactory fact, PublicKey pubKey)
-        throws Exception
-    {
-        PrivateKey caPrivKey = fact.generatePrivate(caPrivKeySpec);
-        PublicKey caPubKey = fact.generatePublic(caPubKeySpec);
-        PrivateKey intPrivKey = fact.generatePrivate(intPrivKeySpec);
-        PublicKey intPubKey = fact.generatePublic(intPubKeySpec);
-
-        X509Certificate[] chain = new X509Certificate[3];
-
-        chain[2] = createMasterCert(caPubKey, caPrivKey);
-        chain[1] = createIntermediateCert(intPubKey, caPrivKey, chain[2]);
-        chain[0] = createCert(pubKey, intPrivKey, intPubKey);
-        return chain;
-    }
-
-    private PKCS12PfxPdu createPfx(PrivateKey privKey, PublicKey pubKey, X509Certificate[] chain)
-        throws NoSuchAlgorithmException, IOException, PKCSException
-    {
-        JcaX509ExtensionUtils extUtils = new JcaX509ExtensionUtils();
-
-        PKCS12SafeBagBuilder taCertBagBuilder = new JcaPKCS12SafeBagBuilder(chain[2]);
-
-        taCertBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString("Bouncy Primary Certificate"));
-
-        PKCS12SafeBagBuilder caCertBagBuilder = new JcaPKCS12SafeBagBuilder(chain[1]);
-
-        caCertBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString("Bouncy Intermediate Certificate"));
-
-        PKCS12SafeBagBuilder eeCertBagBuilder = new JcaPKCS12SafeBagBuilder(chain[0]);
-
-        eeCertBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString("Eric's Key"));
-        eeCertBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId, extUtils.createSubjectKeyIdentifier(pubKey));
-
-        PKCS12SafeBagBuilder keyBagBuilder = new JcaPKCS12SafeBagBuilder(privKey, new BcPKCS12PBEOutputEncryptorBuilder(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, new CBCBlockCipher(new DESedeEngine())).build(passwd));
-
-        keyBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName, new DERBMPString("Eric's Key"));
-        keyBagBuilder.addBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId, extUtils.createSubjectKeyIdentifier(pubKey));
-
-        //
-        // construct the actual key store
-        //
-        PKCS12PfxPduBuilder pfxPduBuilder = new PKCS12PfxPduBuilder();
-
-        PKCS12SafeBag[] certs = new PKCS12SafeBag[3];
-
-        certs[0] = eeCertBagBuilder.build();
-        certs[1] = caCertBagBuilder.build();
-        certs[2] = taCertBagBuilder.build();
-
-        pfxPduBuilder.addEncryptedData(new BcPKCS12PBEOutputEncryptorBuilder(PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC2_CBC, new CBCBlockCipher(new RC2Engine())).build(passwd), certs);
-
-        pfxPduBuilder.addData(keyBagBuilder.build());
-
-        return pfxPduBuilder.build(new BcPKCS12MacCalculatorBuilder(), passwd);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkix/PKIXIdentity.java b/bcpkix/src/main/java/org/bouncycastle/pkix/PKIXIdentity.java
deleted file mode 100644
index 84ac046..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkix/PKIXIdentity.java
+++ /dev/null

@@ -1,64 +0,0 @@
-package org.bouncycastle.pkix;
-
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cms.KeyTransRecipientId;
-import org.bouncycastle.cms.RecipientId;
-
-/**
- * Holder class for public/private key based identity information.
- */
-public class PKIXIdentity
-{
-    private final PrivateKeyInfo privateKeyInfo;
-    private final X509CertificateHolder[] certificateHolders;
-
-    public PKIXIdentity(PrivateKeyInfo privateKeyInfo, X509CertificateHolder[] certificateHolders)
-    {
-        this.privateKeyInfo = privateKeyInfo;
-        this.certificateHolders = new X509CertificateHolder[certificateHolders.length];
-        System.arraycopy(certificateHolders, 0, this.certificateHolders, 0, certificateHolders.length);
-    }
-
-    /**
-     * Return the private key info for this identity.
-     *
-     * @return the identity's private key (if available, null otherwise).
-     */
-    public PrivateKeyInfo getPrivateKeyInfo()
-    {
-        return privateKeyInfo;
-    }
-
-    /**
-     * Return the certificate associated with the private key info.
-     *
-     * @return a X509CertificateHolder
-     */
-    public X509CertificateHolder getCertificate()
-    {
-        return certificateHolders[0];
-    }
-
-    /**
-     * Return a RecipientId for the identity's (private key, certificate) pair.
-     */
-    public RecipientId getRecipientId()
-    {
-        // TODO: handle key agreement
-        return new KeyTransRecipientId(certificateHolders[0].getIssuer(), certificateHolders[0].getSerialNumber(), getSubjectKeyIdentifier());
-    }
-
-    private byte[] getSubjectKeyIdentifier()
-    {
-        SubjectKeyIdentifier subId = SubjectKeyIdentifier.fromExtensions(certificateHolders[0].getExtensions());
-
-        if (subId == null)
-        {
-            return null;
-        }
-
-        return subId.getKeyIdentifier();
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkix/jcajce/JcaPKIXIdentity.java b/bcpkix/src/main/java/org/bouncycastle/pkix/jcajce/JcaPKIXIdentity.java
deleted file mode 100644
index 4872c1b..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkix/jcajce/JcaPKIXIdentity.java
+++ /dev/null

@@ -1,81 +0,0 @@
-package org.bouncycastle.pkix.jcajce;
-
-import java.security.PrivateKey;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.X509Certificate;
-
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
-import org.bouncycastle.pkix.PKIXIdentity;
-
-/**
- * Holder class for public/private key based identity information.
- */
-public class JcaPKIXIdentity
-    extends PKIXIdentity
-{
-    private final PrivateKey privKey;
-    private final X509Certificate[] certs;
-
-    private static PrivateKeyInfo getPrivateKeyInfo(PrivateKey privateKey)
-    {
-         try
-         {
-             return PrivateKeyInfo.getInstance(privateKey.getEncoded());
-         }
-         catch (Exception e)             // for a HSM getEncoded() may do anything...
-         {
-             return null;
-         }
-    }
-
-    private static X509CertificateHolder[] getCertificates(X509Certificate[] certs)
-    {
-        X509CertificateHolder[] certHldrs = new X509CertificateHolder[certs.length];
-
-        try
-        {
-            for (int i = 0; i != certHldrs.length; i++)
-            {
-                certHldrs[i] = new JcaX509CertificateHolder(certs[i]);
-            }
-
-            return certHldrs;
-        }
-        catch (CertificateEncodingException e)
-        {
-            throw new IllegalArgumentException("Unable to process certificates: " + e.getMessage());
-        }
-    }
-
-    public JcaPKIXIdentity(PrivateKey privKey, X509Certificate[] certs)
-    {
-        super(getPrivateKeyInfo(privKey), getCertificates(certs));
-
-        this.privKey = privKey;
-        this.certs = new X509Certificate[certs.length];
-
-        System.arraycopy(certs, 0, this.certs, 0, certs.length);
-    }
-
-    /**
-     * Return the private key for this identity.
-     *
-     * @return the identity's private key.
-     */
-    public PrivateKey getPrivateKey()
-    {
-        return privKey;
-    }
-
-    /**
-     * Return the certificate associated with the private key.
-     *
-     * @return the primary certificate.
-     */
-    public X509Certificate getX509Certificate()
-    {
-        return certs[0];
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXDefaultJcaJceHelper.java b/bcpkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXDefaultJcaJceHelper.java
deleted file mode 100644
index bd9f3da..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXDefaultJcaJceHelper.java
+++ /dev/null

@@ -1,22 +0,0 @@
-package org.bouncycastle.pkix.jcajce;
-
-import java.security.NoSuchAlgorithmException;
-import java.security.cert.CertPathBuilder;
-
-import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
-
-class PKIXDefaultJcaJceHelper
-    extends DefaultJcaJceHelper
-    implements PKIXJcaJceHelper
-{
-    public PKIXDefaultJcaJceHelper()
-    {
-        super();
-    }
-
-    public CertPathBuilder createCertPathBuilder(String type)
-        throws NoSuchAlgorithmException
-    {
-        return CertPathBuilder.getInstance(type);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXNamedJcaJceHelper.java b/bcpkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXNamedJcaJceHelper.java
deleted file mode 100644
index 20875f4..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXNamedJcaJceHelper.java
+++ /dev/null

@@ -1,23 +0,0 @@
-package org.bouncycastle.pkix.jcajce;
-
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.cert.CertPathBuilder;
-
-import org.bouncycastle.jcajce.util.NamedJcaJceHelper;
-
-class PKIXNamedJcaJceHelper
-    extends NamedJcaJceHelper
-    implements PKIXJcaJceHelper
-{
-    public PKIXNamedJcaJceHelper(String providerName)
-    {
-        super(providerName);
-    }
-
-    public CertPathBuilder createCertPathBuilder(String type)
-        throws NoSuchAlgorithmException, NoSuchProviderException
-    {
-        return CertPathBuilder.getInstance(type, providerName);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXProviderJcaJceHelper.java b/bcpkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXProviderJcaJceHelper.java
deleted file mode 100644
index 988a68b..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkix/jcajce/PKIXProviderJcaJceHelper.java
+++ /dev/null

@@ -1,23 +0,0 @@
-package org.bouncycastle.pkix.jcajce;
-
-import java.security.NoSuchAlgorithmException;
-import java.security.Provider;
-import java.security.cert.CertPathBuilder;
-
-import org.bouncycastle.jcajce.util.ProviderJcaJceHelper;
-
-class PKIXProviderJcaJceHelper
-    extends ProviderJcaJceHelper
-    implements PKIXJcaJceHelper
-{
-    public PKIXProviderJcaJceHelper(Provider provider)
-    {
-        super(provider);
-    }
-
-    public CertPathBuilder createCertPathBuilder(String type)
-        throws NoSuchAlgorithmException
-    {
-        return CertPathBuilder.getInstance(type, provider);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkix/jcajce/X509RevocationChecker.java b/bcpkix/src/main/java/org/bouncycastle/pkix/jcajce/X509RevocationChecker.java
deleted file mode 100644
index 13aae31..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkix/jcajce/X509RevocationChecker.java
+++ /dev/null

@@ -1,869 +0,0 @@
-package org.bouncycastle.pkix.jcajce;
-
-import java.io.BufferedInputStream;
-import java.io.InputStream;
-import java.lang.ref.WeakReference;
-import java.net.URL;
-import java.security.GeneralSecurityException;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.Provider;
-import java.security.PublicKey;
-import java.security.cert.CRL;
-import java.security.cert.CertPathValidatorException;
-import java.security.cert.CertStore;
-import java.security.cert.CertStoreException;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateFactory;
-import java.security.cert.PKIXCertPathChecker;
-import java.security.cert.PKIXParameters;
-import java.security.cert.TrustAnchor;
-import java.security.cert.X509CRL;
-import java.security.cert.X509CRLSelector;
-import java.security.cert.X509Certificate;
-import java.text.SimpleDateFormat;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.Date;
-import java.util.Enumeration;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import java.util.TimeZone;
-import java.util.WeakHashMap;
-import java.util.logging.Level;
-import java.util.logging.Logger;
-
-import javax.security.auth.x500.X500Principal;
-
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.CRLDistPoint;
-import org.bouncycastle.asn1.x509.DistributionPoint;
-import org.bouncycastle.asn1.x509.DistributionPointName;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.GeneralNames;
-import org.bouncycastle.jcajce.PKIXCRLStore;
-import org.bouncycastle.jcajce.PKIXExtendedParameters;
-import org.bouncycastle.jcajce.util.JcaJceHelper;
-import org.bouncycastle.util.CollectionStore;
-import org.bouncycastle.util.Iterable;
-import org.bouncycastle.util.Selector;
-import org.bouncycastle.util.Store;
-
-/**
- * X.509 Certificate Revocation Checker - still lacks OCSP support and support for delta CRLs.
- */
-public class X509RevocationChecker
-    extends PKIXCertPathChecker
-{
-    /**
-     * This is the default PKIX validity model. Actually there are two variants
-     * of this: The PKIX model and the modified PKIX model. The PKIX model
-     * verifies that all involved certificates must have been valid at the
-     * current time. The modified PKIX model verifies that all involved
-     * certificates were valid at the signing time. Both are indirectly choosen
-     * with the {@link PKIXParameters#setDate(Date)} method, so this
-     * methods sets the Date when <em>all</em> certificates must have been
-     * valid.
-     */
-    public static final int PKIX_VALIDITY_MODEL = 0;
-
-    /**
-     * This model uses the following validity model. Each certificate must have
-     * been valid at the moment where is was used. That means the end
-     * certificate must have been valid at the time the signature was done. The
-     * CA certificate which signed the end certificate must have been valid,
-     * when the end certificate was signed. The CA (or Root CA) certificate must
-     * have been valid, when the CA certificate was signed and so on. So the
-     * {@link PKIXParameters#setDate(Date)} method sets the time, when
-     * the <em>end certificate</em> must have been valid. It is used e.g.
-     * in the German signature law.
-     */
-    public static final int CHAIN_VALIDITY_MODEL = 1;
-
-    public static class Builder
-    {
-        private Set<TrustAnchor> trustAnchors;
-        private List<CertStore> crlCertStores = new ArrayList<CertStore>();
-        private List<Store<CRL>> crls = new ArrayList<Store<CRL>>();
-        private boolean isCheckEEOnly;
-        private int validityModel = PKIX_VALIDITY_MODEL;
-        private Provider provider;
-        private String providerName;
-        private boolean canSoftFail;
-        private long failLogMaxTime;
-        private long failHardMaxTime;
-
-        /**
-         * Base constructor.
-         *
-         * @param trustAnchor the trust anchor our chain should start with.
-         */
-        public Builder(TrustAnchor trustAnchor)
-        {
-            this.trustAnchors = Collections.singleton(trustAnchor);
-        }
-
-        /**
-         * Base constructor.
-         *
-         * @param trustAnchors a set of potential trust anchors
-         */
-        public Builder(Set<TrustAnchor> trustAnchors)
-        {
-            this.trustAnchors = new HashSet<TrustAnchor>(trustAnchors);
-        }
-
-        /**
-         * Base constructor.
-         *
-         * @param trustStore a keystore of potential trust anchors
-         */
-        public Builder(KeyStore trustStore)
-            throws KeyStoreException
-        {
-            this.trustAnchors = new HashSet<TrustAnchor>();
-
-            for (Enumeration en = trustStore.aliases(); en.hasMoreElements(); )
-            {
-                String alias = (String)en.nextElement();
-
-                if (trustStore.isCertificateEntry(alias))
-                {
-                    trustAnchors.add(new TrustAnchor((X509Certificate)trustStore.getCertificate(alias), null));
-                }
-            }
-        }
-
-        /**
-         * Add a collection of CRLs to the checker.
-         *
-         * @param crls CRLs to be examined.
-         * @return the current builder instance.
-         */
-        public Builder addCrls(CertStore crls)
-        {
-            this.crlCertStores.add(crls);
-
-            return this;
-        }
-
-        /**
-         * Add a collection of CRLs to the checker.
-         *
-         * @param crls CRLs to be examined.
-         * @return the current builder instance.
-         */
-        public Builder addCrls(Store<CRL> crls)
-        {
-            this.crls.add(crls);
-
-            return this;
-        }
-
-        /**
-         * @param isTrue true if only end-entities should be checked, false otherwise.
-         * @return the current builder instance.
-         */
-        public Builder setCheckEndEntityOnly(boolean isTrue)
-        {
-            this.isCheckEEOnly = isTrue;
-
-            return this;
-        }
-
-        /**
-         * Configure soft failure if CRLs/OCSP not available. If maxTime is greater than zero
-         * it represents the acceptable downtime for any responders or distribution points we
-         * are trying to connect to, with downtime measured from the first failure. Initially
-         * failures will log at Level.WARNING, once maxTime is exceeded any failures will be
-         * logged as Level.SEVERE. Setting maxTime to zero will mean 1 failure will be allowed
-         * before failures are logged as severe.
-         *
-         * @param isTrue true soft failure should be enabled, false otherwise.
-         * @param maxTime the time that can pass between the first failure and the most recent.
-         * @return the current builder instance.
-         */
-        public Builder setSoftFail(boolean isTrue, long maxTime)
-        {
-            this.canSoftFail = isTrue;
-            this.failLogMaxTime = maxTime;
-            this.failHardMaxTime = -1;
-
-            return this;
-        }
-
-        /**
-         * Configure soft failure with a hard limit if CRLs/OCSP not available. If maxTime is
-         * greater than zero it represents the acceptable downtime for any responders or
-         * distribution points we are trying to connect to, with downtime measured from the
-         * first failure. Initially failures will log at Level.WARNING, once 75% of maxTime is exceeded
-         * any failures will be logged as Level.SEVERE. At maxTime any failures will be treated as hard,
-         * setting maxTime to zero will mean 1 failure will be allowed.
-         *
-         * @param isTrue true soft failure should be enabled, false otherwise.
-         * @param maxTime the time that can pass between the first failure and the most recent.
-         * @return the current builder instance.
-         */
-        public Builder setSoftFailHardLimit(boolean isTrue, long maxTime)
-        {
-            this.canSoftFail = isTrue;
-            this.failLogMaxTime = (maxTime * 3) / 4;
-            this.failHardMaxTime = maxTime;
-
-            return this;
-        }
-
-        /**
-         * Configure to use the installed provider with name ProviderName.
-         *
-         * @param provider provider to use.
-         * @return the current builder instance.
-         */
-        public Builder usingProvider(Provider provider)
-        {
-            this.provider = provider;
-
-            return this;
-        }
-
-        /**
-         * Configure to use the installed provider with name ProviderName.
-         *
-         * @param providerName name of the installed provider to use.
-         * @return the current builder instance.
-         */
-        public Builder usingProvider(String providerName)
-        {
-            this.providerName = providerName;
-
-            return this;
-        }
-
-        /**
-         * Build a revocation checker conforming to the current builder.
-         *
-         * @return a new X509RevocationChecker.
-         */
-        public X509RevocationChecker build()
-        {
-            return new X509RevocationChecker(this);
-        }
-    }
-
-    private static Logger LOG = Logger.getLogger(X509RevocationChecker.class.getName());
-    private static final Map<GeneralName, WeakReference<X509CRL>> crlCache = Collections.synchronizedMap(
-                                                        new WeakHashMap<GeneralName, WeakReference<X509CRL>>());
-
-    private final Map<X500Principal, Long> failures = new HashMap<X500Principal, Long>();
-    private final Set<TrustAnchor> trustAnchors;
-    private final boolean isCheckEEOnly;
-    private final List<Store<CRL>> crls;
-    private final List<CertStore> crlCertStores;
-    private final PKIXJcaJceHelper helper;
-    private final boolean canSoftFail;
-    private final long failLogMaxTime;
-    private final long failHardMaxTime;
-
-    private X500Principal workingIssuerName;
-    private PublicKey workingPublicKey;
-    private X509Certificate signingCert;
-
-    private X509RevocationChecker(Builder bldr)
-    {
-        this.crls = new ArrayList<Store<CRL>>(bldr.crls);
-        this.crlCertStores = new ArrayList<CertStore>(bldr.crlCertStores);
-        this.isCheckEEOnly = bldr.isCheckEEOnly;
-        this.trustAnchors = bldr.trustAnchors;
-        this.canSoftFail = bldr.canSoftFail;
-        this.failLogMaxTime = bldr.failLogMaxTime;
-        this.failHardMaxTime = bldr.failHardMaxTime;
-
-        if (bldr.provider != null)
-        {
-            this.helper = new PKIXProviderJcaJceHelper(bldr.provider);
-        }
-        else if (bldr.providerName != null)
-        {
-            helper = new PKIXNamedJcaJceHelper(bldr.providerName);
-        }
-        else
-        {
-            helper = new PKIXDefaultJcaJceHelper();
-        }
-    }
-
-    public void init(boolean forward)
-        throws CertPathValidatorException
-    {
-        if (forward)
-        {
-            throw new IllegalArgumentException("forward processing not supported");
-        }
-        this.workingIssuerName = null;
-    }
-
-    public boolean isForwardCheckingSupported()
-    {
-        return false;
-    }
-
-    public Set<String> getSupportedExtensions()
-    {
-        return null;
-    }
-
-    public void check(Certificate certificate, Collection<String> collection)
-        throws CertPathValidatorException
-    {
-        X509Certificate cert = (X509Certificate)certificate;
-
-        if (isCheckEEOnly && cert.getBasicConstraints() != -1)
-        {
-            this.workingIssuerName = cert.getSubjectX500Principal();
-            this.workingPublicKey = cert.getPublicKey();
-            this.signingCert = cert;
-            
-            return;
-        }
-
-        TrustAnchor trustAnchor = null;
-
-        if (workingIssuerName == null)
-        {
-            this.workingIssuerName = cert.getIssuerX500Principal();
-
-            for (Iterator it = trustAnchors.iterator(); it.hasNext(); )
-            {
-                TrustAnchor anchor = (TrustAnchor)it.next();
-
-                if (workingIssuerName.equals(anchor.getCA())
-                    || workingIssuerName.equals(anchor.getTrustedCert().getSubjectX500Principal()))
-                {
-                    trustAnchor = anchor;
-                }
-            }
-
-            if (trustAnchor == null)
-            {
-                throw new CertPathValidatorException("no trust anchor found for " + workingIssuerName);
-            }
-            
-            this.signingCert = trustAnchor.getTrustedCert();
-            this.workingPublicKey = signingCert.getPublicKey();
-        }
-
-        PKIXParameters baseParams;
-        List<X500Principal> issuerList = new ArrayList<X500Principal>();
-
-        try
-        {
-            baseParams = new PKIXParameters(trustAnchors);
-
-            baseParams.setRevocationEnabled(false);
-            baseParams.setDate(new Date());
-            
-            for (int i = 0; i != crlCertStores.size(); i++)
-            {
-                if (LOG.isLoggable(Level.INFO))
-                {
-                    addIssuers(issuerList, crlCertStores.get(i));
-                }
-                baseParams.addCertStore(crlCertStores.get(i));
-            }
-        }
-        catch (GeneralSecurityException e)
-        {
-            throw new RuntimeException("error setting up baseParams: " + e.getMessage());
-        }
-
-        PKIXExtendedParameters.Builder pkixParamsBldr = new PKIXExtendedParameters.Builder(baseParams);
-
-        for (int i = 0; i != crls.size(); i++)
-        {
-            if (LOG.isLoggable(Level.INFO))
-            {
-                addIssuers(issuerList, crls.get(i));
-            }
-            pkixParamsBldr.addCRLStore(new LocalCRLStore(crls.get(i)));
-        }
-
-        if (issuerList.isEmpty())
-        {
-            LOG.log(Level.INFO, "configured with 0 pre-loaded CRLs");
-        }
-        else
-        {
-            if (LOG.isLoggable(Level.FINE))
-            {
-                for (int i = 0; i != issuerList.size(); i++)
-                {
-                    LOG.log(Level.FINE, "configuring with CRL for issuer \"" + issuerList.get(i) + "\"");
-                }
-            }
-            else
-            {
-                LOG.log(Level.INFO, "configured with " + issuerList.size() + " pre-loaded CRLs");
-            }
-        }
-        
-        try
-        {
-            checkCRLs(pkixParamsBldr.build(), cert, baseParams.getDate(), signingCert, workingPublicKey, new ArrayList(), helper);
-        }
-        catch (AnnotatedException e)
-        {
-            throw new CertPathValidatorException(e.getMessage(), e.getCause());
-        }
-        catch (CRLNotFoundException e)
-        {
-            if (cert.getExtensionValue(Extension.cRLDistributionPoints.getId()) != null)
-            {
-                CRL crl = null;
-                try
-                {
-                    crl = downloadCRLs(cert.getIssuerX500Principal(), baseParams.getDate(), RevocationUtilities.getExtensionValue(cert, Extension.cRLDistributionPoints), helper);
-                }
-                catch(AnnotatedException e1)
-                {
-                    throw new CertPathValidatorException(e.getMessage(), e.getCause());
-                }
-
-                if (crl != null)
-                {
-                    try
-                    {
-                        pkixParamsBldr.addCRLStore(new LocalCRLStore(
-                            new CollectionStore<CRL>(Collections.singleton(crl))));
-                        checkCRLs(pkixParamsBldr.build(), cert, new Date(), signingCert, workingPublicKey, new ArrayList(), helper);
-                    }
-                    catch(AnnotatedException e1)
-                    {
-                        throw new CertPathValidatorException(e.getMessage(), e.getCause());
-                    }
-                }
-                else
-                {
-                    if (canSoftFail)
-                    {
-                        X500Principal issuer = cert.getIssuerX500Principal();
-
-                        Long initial = failures.get(issuer);
-                        if (initial != null)
-                        {
-                             long period = System.currentTimeMillis() - initial.longValue();
-                             if (failHardMaxTime != -1 && failHardMaxTime < period)
-                             {
-                                 throw e;
-                             }
-                             if (period < failLogMaxTime)
-                             {
-                                 LOG.log(Level.WARNING, "soft failing for issuer: \"" + issuer + "\"");
-                             }
-                             else
-                             {
-                                 LOG.log(Level.SEVERE, "soft failing for issuer: \"" + issuer + "\"");
-                             }
-                        }
-                        else
-                        {
-                            failures.put(issuer, System.currentTimeMillis());
-                        }
-                    }
-                    else
-                    {
-                        throw e;
-                    }
-                }
-            }
-            else
-            {
-                throw e;
-            }
-        }
-
-        this.signingCert = cert;
-        this.workingPublicKey = cert.getPublicKey();
-        this.workingIssuerName = cert.getSubjectX500Principal();
-    }
-
-    private void addIssuers(final List<X500Principal> issuerList, CertStore certStore)
-        throws CertStoreException
-    {
-        certStore.getCRLs(new X509CRLSelector()
-        {
-            public boolean match(CRL crl)
-            {
-                if (!(crl instanceof X509CRL))
-                {
-                    return false;
-                }
-
-                issuerList.add(((X509CRL)crl).getIssuerX500Principal());
-
-                return false;
-            }
-        });
-    }
-
-    private void addIssuers(final List<X500Principal> issuerList, Store<CRL> certStore)
-    {
-        certStore.getMatches(new Selector<CRL>()
-        {
-            public boolean match(CRL crl)
-            {
-                if (!(crl instanceof X509CRL))
-                {
-                    return false;
-                }
-
-                issuerList.add(((X509CRL)crl).getIssuerX500Principal());
-
-                return false;
-            }
-
-            public Object clone()
-            {
-                return this;
-            }
-        });
-    }
-
-    private CRL downloadCRLs(X500Principal issuer, Date currentDate, ASN1Primitive crlDpPrimitive, JcaJceHelper helper)
-    {
-        CRLDistPoint crlDp = CRLDistPoint.getInstance(crlDpPrimitive);
-        DistributionPoint[] points = crlDp.getDistributionPoints();
-
-        for (int i = 0; i != points.length; i++)
-        {
-            DistributionPoint dp = points[i];
-
-            DistributionPointName dpn = dp.getDistributionPoint();
-            if (dpn.getType() == DistributionPointName.FULL_NAME)
-            {
-                GeneralName[] names = GeneralNames.getInstance(dpn.getName()).getNames();
-
-                for (int n = 0; n != names.length; n++)
-                {
-                    GeneralName name = names[n];
-                    if (name.getTagNo() == GeneralName.uniformResourceIdentifier)
-                    {
-                        X509CRL crl;
-
-                        WeakReference<X509CRL> crlRef = crlCache.get(name);
-                        if (crlRef != null)
-                        {
-                            crl = crlRef.get();
-                            if (crl != null
-                                && !currentDate.before(crl.getThisUpdate())
-                                && !currentDate.after(crl.getNextUpdate()))
-                            {
-                                return crl;
-                            }
-                            crlCache.remove(name); // delete expired/out-of-range entry
-                        }
-
-                        URL url = null;
-                        try
-                        {
-                            url = new URL(name.getName().toString());
-            
-                            CertificateFactory certFact = helper.createCertificateFactory("X.509");
-
-                            InputStream urlStream = url.openStream();
-
-                            crl = (X509CRL)certFact.generateCRL(new BufferedInputStream(urlStream));
-
-                            urlStream.close();
-
-                            LOG.log(Level.INFO, "downloaded CRL from CrlDP " + url + " for issuer \"" + issuer + "\"");
-
-                            crlCache.put(name, new WeakReference<X509CRL>(crl));
-
-                            return crl;
-                        }
-                        catch (Exception e)
-                        {
-                            if (LOG.isLoggable(Level.FINE))
-                            {
-                                LOG.log(Level.FINE, "CrlDP " + url + " ignored: " + e.getMessage(), e);
-                            }
-                            else
-                            {
-                                LOG.log(Level.INFO, "CrlDP " + url + " ignored: " + e.getMessage());
-                            }
-                        }
-                    }
-                }
-            }
-        }
-
-        return null;
-    }
-    
-    protected static final String[] crlReasons = new String[]{
-        "unspecified",
-        "keyCompromise",
-        "cACompromise",
-        "affiliationChanged",
-        "superseded",
-        "cessationOfOperation",
-        "certificateHold",
-        "unknown",
-        "removeFromCRL",
-        "privilegeWithdrawn",
-        "aACompromise"};
-
-    static List<PKIXCRLStore> getAdditionalStoresFromCRLDistributionPoint(CRLDistPoint crldp, Map<GeneralName, PKIXCRLStore> namedCRLStoreMap)
-        throws AnnotatedException
-    {
-        if (crldp != null)
-        {
-            DistributionPoint dps[] = null;
-            try
-            {
-                dps = crldp.getDistributionPoints();
-            }
-            catch (Exception e)
-            {
-                throw new AnnotatedException(
-                    "could not read distribution points could not be read", e);
-            }
-            List<PKIXCRLStore> stores = new ArrayList<PKIXCRLStore>();
-
-            for (int i = 0; i < dps.length; i++)
-            {
-                DistributionPointName dpn = dps[i].getDistributionPoint();
-                // look for URIs in fullName
-                if (dpn != null)
-                {
-                    if (dpn.getType() == DistributionPointName.FULL_NAME)
-                    {
-                        GeneralName[] genNames = GeneralNames.getInstance(
-                            dpn.getName()).getNames();
-
-                        for (int j = 0; j < genNames.length; j++)
-                        {
-                            PKIXCRLStore store = namedCRLStoreMap.get(genNames[j]);
-                            if (store != null)
-                            {
-                                stores.add(store);
-                            }
-                        }
-                    }
-                }
-            }
-
-            return stores;
-        }
-        else
-        {
-            return Collections.EMPTY_LIST;
-        }
-    }
-
-
-    /**
-     * Checks a certificate if it is revoked.
-     *
-     * @param paramsPKIX       PKIX parameters.
-     * @param cert             Certificate to check if it is revoked.
-     * @param validDate        The date when the certificate revocation status should be
-     *                         checked.
-     * @param sign             The issuer certificate of the certificate <code>cert</code>.
-     * @param workingPublicKey The public key of the issuer certificate <code>sign</code>.
-     * @param certPathCerts    The certificates of the certification path.
-     * @throws AnnotatedException if the certificate is revoked or the status cannot be checked
-     * or some error occurs.
-     */
-    protected void checkCRLs(
-        PKIXExtendedParameters paramsPKIX,
-        X509Certificate cert,
-        Date validDate,
-        X509Certificate sign,
-        PublicKey workingPublicKey,
-        List certPathCerts,
-        PKIXJcaJceHelper helper)
-        throws AnnotatedException, CertPathValidatorException
-    {
-        AnnotatedException lastException = null;
-        CRLDistPoint crldp = null;
-        try
-        {
-            crldp = CRLDistPoint.getInstance(RevocationUtilities.getExtensionValue(cert, Extension.cRLDistributionPoints));
-        }
-        catch (Exception e)
-        {
-            throw new AnnotatedException("cannot read CRL distribution point extension", e);
-        }
-
-        PKIXExtendedParameters.Builder paramsBldr = new PKIXExtendedParameters.Builder(paramsPKIX);
-        try
-        {
-            List extras = getAdditionalStoresFromCRLDistributionPoint(crldp, paramsPKIX.getNamedCRLStoreMap());
-            for (Iterator it = extras.iterator(); it.hasNext(); )
-            {
-                paramsBldr.addCRLStore((PKIXCRLStore)it.next());
-            }
-        }
-        catch (AnnotatedException e)
-        {
-            throw new AnnotatedException(
-                "no additional CRL locations could be decoded from CRL distribution point extension", e);
-        }
-        CertStatus certStatus = new CertStatus();
-        ReasonsMask reasonsMask = new ReasonsMask();
-        PKIXExtendedParameters finalParams = paramsBldr.build();
-
-        boolean validCrlFound = false;
-        // for each distribution point
-        if (crldp != null)
-        {
-            DistributionPoint dps[] = null;
-            try
-            {
-                dps = crldp.getDistributionPoints();
-            }
-            catch (Exception e)
-            {
-                throw new AnnotatedException("cannot read distribution points", e);
-            }
-            if (dps != null)
-            {
-                for (int i = 0; i < dps.length && certStatus.getCertStatus() == CertStatus.UNREVOKED && !reasonsMask.isAllReasons(); i++)
-                {
-                    try
-                    {
-                        RFC3280CertPathUtilities.checkCRL(dps[i], finalParams, cert, validDate, sign, workingPublicKey, certStatus, reasonsMask, certPathCerts, helper);
-                        validCrlFound = true;
-                    }
-                    catch (AnnotatedException e)
-                    {
-                        lastException = e;
-                    }
-                }
-            }
-        }
-
-        /*
-         * If the revocation status has not been determined, repeat the process
-         * above with any available CRLs not specified in a distribution point
-         * but issued by the certificate issuer.
-         */
-
-        if (certStatus.getCertStatus() == CertStatus.UNREVOKED && !reasonsMask.isAllReasons())
-        {
-            try
-            {
-                /*
-                 * assume a DP with both the reasons and the cRLIssuer fields
-                 * omitted and a distribution point name of the certificate
-                 * issuer.
-                 */
-                X500Principal issuer = cert.getIssuerX500Principal();
-
-                DistributionPoint dp = new DistributionPoint(new DistributionPointName(0, new GeneralNames(
-                    new GeneralName(GeneralName.directoryName, X500Name.getInstance(issuer.getEncoded())))), null, null);
-                PKIXExtendedParameters paramsPKIXClone = (PKIXExtendedParameters)paramsPKIX.clone();
-                RFC3280CertPathUtilities.checkCRL(dp, paramsPKIXClone, cert, validDate, sign, workingPublicKey, certStatus, reasonsMask,
-                    certPathCerts, helper);
-                validCrlFound = true;
-            }
-            catch (AnnotatedException e)
-            {
-                lastException = e;
-            }
-        }
-
-        if (!validCrlFound)
-        {
-            if (lastException instanceof AnnotatedException)
-            { 
-                throw new CRLNotFoundException("no valid CRL found", lastException);
-            }
-
-            throw new CRLNotFoundException("no valid CRL found");
-        }
-        if (certStatus.getCertStatus() != CertStatus.UNREVOKED)
-        {
-            SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss Z");
-            df.setTimeZone(TimeZone.getTimeZone("UTC"));
-            String message = "certificate [issuer=\"" + cert.getIssuerX500Principal() + "\",serialNumber="
-                                           + cert.getSerialNumber() + ",subject=\"" + cert.getSubjectX500Principal() + "\"] revoked after " + df.format(certStatus.getRevocationDate());
-            message += ", reason: " + crlReasons[certStatus.getCertStatus()];
-            throw new AnnotatedException(message);
-        }
-        if (!reasonsMask.isAllReasons() && certStatus.getCertStatus() == CertStatus.UNREVOKED)
-        {
-            certStatus.setCertStatus(CertStatus.UNDETERMINED);
-        }
-        if (certStatus.getCertStatus() == CertStatus.UNDETERMINED)
-        {
-            throw new AnnotatedException("certificate status could not be determined");
-        }
-    }
-
-    public Object clone()
-    {
-        return this;
-    }
-
-    private class LocalCRLStore<T extends CRL>
-        implements PKIXCRLStore, Iterable<CRL>
-    {
-        private Collection<CRL> _local;
-
-        /**
-         * Basic constructor.
-         *
-         * @param collection - initial contents for the store, this is copied.
-         */
-        public LocalCRLStore(
-            Store<CRL> collection)
-        {
-            _local = new ArrayList<CRL>(collection.getMatches(null));
-        }
-
-        /**
-         * Return the matches in the collection for the passed in selector.
-         *
-         * @param selector the selector to match against.
-         * @return a possibly empty collection of matching objects.
-         */
-        public Collection getMatches(Selector selector)
-        {
-            if (selector == null)
-            {
-                return new ArrayList<CRL>(_local);
-            }
-            else
-            {
-                List<CRL> col = new ArrayList<CRL>();
-                Iterator<CRL> iter = _local.iterator();
-
-                while (iter.hasNext())
-                {
-                    CRL obj = iter.next();
-
-                    if (selector.match(obj))
-                    {
-                        col.add(obj);
-                    }
-                }
-
-                return col;
-            }
-        }
-
-        public Iterator<CRL> iterator()
-        {
-            return getMatches(null).iterator();
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkix/test/RevocationTest.java b/bcpkix/src/main/java/org/bouncycastle/pkix/test/RevocationTest.java
deleted file mode 100644
index 077ebdf..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkix/test/RevocationTest.java
+++ /dev/null

@@ -1,535 +0,0 @@
-package org.bouncycastle.pkix.test;
-
-import java.io.ByteArrayInputStream;
-import java.math.BigInteger;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.PublicKey;
-import java.security.Security;
-import java.security.cert.CRL;
-import java.security.cert.CertPath;
-import java.security.cert.CertPathValidator;
-import java.security.cert.CertPathValidatorException;
-import java.security.cert.CertStore;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateFactory;
-import java.security.cert.CollectionCertStoreParameters;
-import java.security.cert.PKIXCertPathValidatorResult;
-import java.security.cert.PKIXParameters;
-import java.security.cert.PolicyNode;
-import java.security.cert.TrustAnchor;
-import java.security.cert.X509CRL;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Date;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Set;
-
-import junit.framework.TestCase;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.pkix.jcajce.X509RevocationChecker;
-import org.bouncycastle.util.CollectionStore;
-import org.bouncycastle.util.encoders.Base64;
-
-public class RevocationTest
-    extends TestCase
-{
-    public static byte[] rootCertBin = Base64.decode(
-        "MIIBqzCCARQCAQEwDQYJKoZIhvcNAQEFBQAwHjEcMBoGA1UEAxMTVGVzdCBDQSBDZXJ0aWZpY2F0ZTAeFw0wODA5MDQwNDQ1MDhaFw0wODA5MTEwNDQ1MDhaMB4xHDAaBgNVBAMTE1Rlc3QgQ0EgQ2VydGlmaWNhdGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMRLUjhPe4YUdLo6EcjKcWUOG7CydFTH53Pr1lWjOkbmszYDpkhCTT9LOsI+disk18nkBxSl8DAHTqV+VxtuTPt64iyi10YxyDeep+DwZG/f8cVQv97U3hA9cLurZ2CofkMLGr6JpSGCMZ9FcstcTdHB4lbErIJ54YqfF4pNOs4/AgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAgyrTEFY7ALpeY59jL6xFOLpuPqoBOWrUWv6O+zy5BCU0qiX71r3BpigtxRj+DYcfLIM9FNERDoHu3TthD3nwYWUBtFX8N0QUJIdJabxqAMhLjSC744koiFpCYse5Ye3ZvEdFwDzgAQsJTp5eFGgTZPkPzcdhkFJ2p9+OWs+cb24=");
-
-
-    static byte[] interCertBin = Base64.decode(
-        "MIICSzCCAbSgAwIBAgIBATANBgkqhkiG9w0BAQUFADAeMRwwGgYDVQQDExNUZXN0IENBIENlcnRpZmljYXRlMB4XDTA4MDkwNDA0NDUwOFoXDTA4MDkxMTA0NDUwOFowKDEmMCQGA1UEAxMdVGVzdCBJbnRlcm1lZGlhdGUgQ2VydGlmaWNhdGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAISS9OOZ2wxzdWny9aVvk4Joq+dwSJ+oqvHUxX3PflZyuiLiCBUOUE4q59dGKdtNX5fIfwyK3cpV0e73Y/0fwfM3m9rOWFrCKOhfeswNTes0w/2PqPVVDDsF/nj7NApuqXwioeQlgTL251RDF4sVoxXqAU7lRkcqwZt3mwqS4KTJAgMBAAGjgY4wgYswRgYDVR0jBD8wPYAUhv8BOT27EB9JaCccJD4YASPP5XWhIqQgMB4xHDAaBgNVBAMTE1Rlc3QgQ0EgQ2VydGlmaWNhdGWCAQEwHQYDVR0OBBYEFL/IwAGOkHzaQyPZegy79CwM5oTFMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBBQUAA4GBAE4TRgUz4sUvZyVdZxqV+XyNRnqXAeLOOqFGYv2D96tQrS+zjd0elVlT6lFrtchZdOmmX7R6/H/tjMWMcTBICZyRYrvK8cCAmDOI+EIdq5p6lj2Oq6Pbw/wruojAqNrpaR6IkwNpWtdOSSupv4IJL+YU9q2YFTh4R1j3tOkPoFGr");
-
-    static byte[] finalCertBin = Base64.decode(
-        "MIICRjCCAa+gAwIBAgIBATANBgkqhkiG9w0BAQUFADAoMSYwJAYDVQQDEx1UZXN0IEludGVybWVkaWF0ZSBDZXJ0aWZpY2F0ZTAeFw0wODA5MDQwNDQ1MDhaFw0wODA5MTEwNDQ1MDhaMB8xHTAbBgNVBAMTFFRlc3QgRW5kIENlcnRpZmljYXRlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQChpUeo0tPYywWKiLlbWKNJBcCpSaLSlaZ+4+yer1AxI5yJIVHP6SAlBghlbD5Qne5ImnN/15cz1xwYAiul6vGKJkVPlFEe2Mr+g/J/WJPQQPsjbZ1G+vxbAwXEDA4KaQrnpjRZFq+CdKHwOjuPLYS/MYQNgdIvDVEQcTbPQ8GaiQIDAQABo4GIMIGFMEYGA1UdIwQ/MD2AFL/IwAGOkHzaQyPZegy79CwM5oTFoSKkIDAeMRwwGgYDVQQDExNUZXN0IENBIENlcnRpZmljYXRlggEBMB0GA1UdDgQWBBSVkw+VpqBf3zsLc/9GdkK9TzHPwDAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIFoDANBgkqhkiG9w0BAQUFAAOBgQBLv/0bVDjzTs/y1vN3FUiZNknEbzupIZduTuXJjqv/vBX+LDPjUfu/+iOCXOSKoRn6nlOWhwB1z6taG2usQkFG8InMkRcPREi2uVgFdhJ/1C3dAWhsdlubjdL926bftXvxnx/koDzyrePW5U96RlOQM2qLvbaky2Giz6hrc3Wl+w==");
-    public static byte[] rootCrlBin = Base64.decode(
-        "MIIBYjCBzAIBATANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDExNUZXN0IENBIENlcnRpZmljYXRlFw0wODA5MDQwNDQ1MDhaFw0wODA5MDQwNzMxNDhaMCIwIAIBAhcNMDgwOTA0MDQ0NTA4WjAMMAoGA1UdFQQDCgEJoFYwVDBGBgNVHSMEPzA9gBSG/wE5PbsQH0loJxwkPhgBI8/ldaEipCAwHjEcMBoGA1UEAxMTVGVzdCBDQSBDZXJ0aWZpY2F0ZYIBATAKBgNVHRQEAwIBATANBgkqhkiG9w0BAQsFAAOBgQCAbaFCo0BNG4AktVf6jjBLeawP1u0ELYkOCEGvYZE0mBpQ+OvFg7subZ6r3lRIj030nUli28sPFtu5ZQMBNcpE4nS1ziF44RfT3Lp5UgHx9x17Krz781iEyV+7zU8YxYMY9wULD+DCuK294kGKIssVNbmTYXZatBNoXQN5CLIocA==");
-    static byte[] interCrlBin = Base64.decode(
-        "MIIBbDCB1gIBATANBgkqhkiG9w0BAQsFADAoMSYwJAYDVQQDEx1UZXN0IEludGVybWVkaWF0ZSBDZXJ0aWZpY2F0ZRcNMDgwOTA0MDQ0NTA4WhcNMDgwOTA0MDczMTQ4WjAiMCACAQIXDTA4MDkwNDA0NDUwOFowDDAKBgNVHRUEAwoBCaBWMFQwRgYDVR0jBD8wPYAUv8jAAY6QfNpDI9l6DLv0LAzmhMWhIqQgMB4xHDAaBgNVBAMTE1Rlc3QgQ0EgQ2VydGlmaWNhdGWCAQEwCgYDVR0UBAMCAQEwDQYJKoZIhvcNAQELBQADgYEAEVCr5TKs5yguGgLH+dBzmSPoeSIWJFLsgWwJEit/iUDJH3dgYmaczOcGxIDtbYYHLWIHM+P2YRyQz3MEkCXEgm/cx4y7leAmux5l+xQWgmxFPz+197vaphPeCZo+B7V1CWtm518gcq4mrs9ovfgNqgyFj7KGjcBpWdJE32KMt50=");
-
-    private byte[] AC_PR = Base64.decode(
-        "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlFU1RDQ0F6R2dBd0lC"
-            + "QWdJQkJUQU5CZ2txaGtpRzl3MEJBUVVGQURDQnRERUxNQWtHQTFVRUJoTUNR"
-            + "bEl4DQpFekFSQmdOVkJBb1RDa2xEVUMxQ2NtRnphV3d4UFRBN0JnTlZCQXNU"
-            + "TkVsdWMzUnBkSFYwYnlCT1lXTnBiMjVoDQpiQ0JrWlNCVVpXTnViMnh2WjJs"
-            + "aElHUmhJRWx1Wm05eWJXRmpZVzhnTFNCSlZFa3hFVEFQQmdOVkJBY1RDRUp5"
-            + "DQpZWE5wYkdsaE1Rc3dDUVlEVlFRSUV3SkVSakV4TUM4R0ExVUVBeE1vUVhW"
-            + "MGIzSnBaR0ZrWlNCRFpYSjBhV1pwDQpZMkZrYjNKaElGSmhhWG9nUW5KaGMy"
-            + "bHNaV2x5WVRBZUZ3MHdNakEwTURReE9UTTVNREJhRncwd05UQTBNRFF5DQpN"
-            + "elU1TURCYU1HRXhDekFKQmdOVkJBWVRBa0pTTVJNd0VRWURWUVFLRXdwSlEx"
-            + "QXRRbkpoYzJsc01UMHdPd1lEDQpWUVFERXpSQmRYUnZjbWxrWVdSbElFTmxj"
-            + "blJwWm1sallXUnZjbUVnWkdFZ1VISmxjMmxrWlc1amFXRWdaR0VnDQpVbVZ3"
-            + "ZFdKc2FXTmhNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJD"
-            + "Z0tDQVFFQXMwc0t5NGsrDQp6b016aldyMTQxeTVYQ045UGJMZERFQXN2cjZ4"
-            + "Z0NCN1l5bEhIQ1NBYmpGR3dOQ0R5NlVxN1h0VjZ6UHdIMXpGDQpFWENlS3Jm"
-            + "UUl5YXBXSEZ4V1VKajBMblFrY1RZM1FOR1huK0JuVk9EVTZDV3M1c3NoZktH"
-            + "RXZyVlQ1Z214V1NmDQp4OFlsdDgzY1dwUE1QZzg3VDlCaHVIbHQzazh2M2Ev"
-            + "NmRPbmF2dytOYTAyZExBaDBlNzZqcCtQUS9LK0pHZlBuDQphQjVVWURrZkd0"
-            + "em5uTTNBV01tY3VJK0o0ek5OMDZaa3ZnbDFsdEo2UU1qcnZEUFlSak9ndDlT"
-            + "cklpY1NmbEo4DQptVDdHWGRRaXJnQUNXc3g1QURBSklRK253TU1vNHlyTUtx"
-            + "SlFhNFFDMHhhT0QvdkdVcG9SaDQzT0FTZFp3c3YvDQpPWFlybmVJeVAwVCs4"
-            + "UUlEQVFBQm80RzNNSUcwTUQwR0ExVWRId1EyTURRd01xQXdvQzZHTEdoMGRI"
-            + "QTZMeTloDQpZM0poYVhvdWFXTndZbkpoYzJsc0xtZHZkaTVpY2k5TVExSmhZ"
-            + "M0poYVhvdVkzSnNNQklHQTFVZElBUUxNQWt3DQpCd1lGWUV3QkFRRXdIUVlE"
-            + "VlIwT0JCWUVGREpUVFlKNE9TWVB5T09KZkVMZXhDaHppK2hiTUI4R0ExVWRJ"
-            + "d1FZDQpNQmFBRklyNjhWZUVFUk0xa0VMNlYwbFVhUTJreFBBM01BNEdBMVVk"
-            + "RHdFQi93UUVBd0lCQmpBUEJnTlZIUk1CDQpBZjhFQlRBREFRSC9NQTBHQ1Nx"
-            + "R1NJYjNEUUVCQlFVQUE0SUJBUUJRUFNoZ1lidnFjaWV2SDVVb3ZMeXhkbkYr"
-            + "DQpFcjlOeXF1SWNkMnZ3Y0N1SnpKMkQ3WDBUcWhHQ0JmUEpVVkdBVWorS0NP"
-            + "SDFCVkgva1l1OUhsVHB1MGtKWFBwDQpBQlZkb2hJUERqRHhkbjhXcFFSL0Yr"
-            + "ejFDaWtVcldIMDR4eTd1N1p6UUpLSlBuR0loY1FpOElyRm1PYkllMEc3DQpY"
-            + "WTZPTjdPRUZxY21KTFFHWWdtRzFXMklXcytQd1JwWTdENGhLVEFoVjFSNkVv"
-            + "amE1L3BPcmVDL09kZXlQWmVxDQo1SUZTOUZZZk02U0Npd2hrK3l2Q1FHbVo0"
-            + "YzE5SjM0ZjVFYkRrK1NQR2tEK25EQ0E3L3VMUWNUMlJURE14SzBaDQpuZlo2"
-            + "Nm1Sc0ZjcXRGaWdScjVFcmtKZDdoUVV6eHNOV0VrNzJEVUFIcVgvNlNjeWtt"
-            + "SkR2V0plSUpqZlcNCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0NCg==");
-
-    private byte[] AC_RAIZ_ICPBRASIL = Base64.decode(
-        "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlFdURDQ0E2Q2dBd0lC"
-            + "QWdJQkJEQU5CZ2txaGtpRzl3MEJBUVVGQURDQnRERUxNQWtHQTFVRUJoTUNR"
-            + "bEl4DQpFekFSQmdOVkJBb1RDa2xEVUMxQ2NtRnphV3d4UFRBN0JnTlZCQXNU"
-            + "TkVsdWMzUnBkSFYwYnlCT1lXTnBiMjVoDQpiQ0JrWlNCVVpXTnViMnh2WjJs"
-            + "aElHUmhJRWx1Wm05eWJXRmpZVzhnTFNCSlZFa3hFVEFQQmdOVkJBY1RDRUp5"
-            + "DQpZWE5wYkdsaE1Rc3dDUVlEVlFRSUV3SkVSakV4TUM4R0ExVUVBeE1vUVhW"
-            + "MGIzSnBaR0ZrWlNCRFpYSjBhV1pwDQpZMkZrYjNKaElGSmhhWG9nUW5KaGMy"
-            + "bHNaV2x5WVRBZUZ3MHdNVEV4TXpBeE1qVTRNREJhRncweE1URXhNekF5DQpN"
-            + "elU1TURCYU1JRzBNUXN3Q1FZRFZRUUdFd0pDVWpFVE1CRUdBMVVFQ2hNS1NV"
-            + "TlFMVUp5WVhOcGJERTlNRHNHDQpBMVVFQ3hNMFNXNXpkR2wwZFhSdklFNWhZ"
-            + "Mmx2Ym1Gc0lHUmxJRlJsWTI1dmJHOW5hV0VnWkdFZ1NXNW1iM0p0DQpZV05o"
-            + "YnlBdElFbFVTVEVSTUE4R0ExVUVCeE1JUW5KaGMybHNhV0V4Q3pBSkJnTlZC"
-            + "QWdUQWtSR01URXdMd1lEDQpWUVFERXloQmRYUnZjbWxrWVdSbElFTmxjblJw"
-            + "Wm1sallXUnZjbUVnVW1GcGVpQkNjbUZ6YVd4bGFYSmhNSUlCDQpJakFOQmdr"
-            + "cWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBd1BNdWR3WC9odm0r"
-            + "VWgyYi9sUUFjSFZBDQppc2FtYUxrV2Rrd1A5L1MvdE9LSWdSckw2T3krWklH"
-            + "bE9VZGQ2dVl0azlNYS8zcFVwZ2NmTkFqMHZZbTVnc3lqDQpRbzllbXNjK3g2"
-            + "bTRWV3drOWlxTVpTQ0s1RVFrQXEvVXQ0bjdLdUxFMStnZGZ0d2RJZ3hmVXNQ"
-            + "dDRDeU5yWTUwDQpRVjU3S00yVVQ4eDVycm16RWpyN1RJQ0dwU1VBbDJnVnFl"
-            + "NnhhaWkrYm1ZUjFRcm1XYUJTQUc1OUxya3Jqcll0DQpiUmhGYm9VRGUxREsr"
-            + "NlQ4czVMNms4Yzhva3BiSHBhOXZlTXp0RFZDOXNQSjYwTVdYaDZhblZLbzFV"
-            + "Y0xjYlVSDQp5RWVOdlpuZVZSS0FBVTZvdXdkakR2d2xzYUt5ZEZLd2VkMFRv"
-            + "UTQ3Ym1VS2djbSt3VjNlVFJrMzZVT25Ud0lEDQpBUUFCbzRIU01JSFBNRTRH"
-            + "QTFVZElBUkhNRVV3UXdZRllFd0JBUUF3T2pBNEJnZ3JCZ0VGQlFjQ0FSWXNh"
-            + "SFIwDQpjRG92TDJGamNtRnBlaTVwWTNCaWNtRnphV3d1WjI5MkxtSnlMMFJR"
-            + "UTJGamNtRnBlaTV3WkdZd1BRWURWUjBmDQpCRFl3TkRBeW9EQ2dMb1lzYUhS"
-            + "MGNEb3ZMMkZqY21GcGVpNXBZM0JpY21GemFXd3VaMjkyTG1KeUwweERVbUZq"
-            + "DQpjbUZwZWk1amNtd3dIUVlEVlIwT0JCWUVGSXI2OFZlRUVSTTFrRUw2VjBs"
-            + "VWFRMmt4UEEzTUE4R0ExVWRFd0VCDQovd1FGTUFNQkFmOHdEZ1lEVlIwUEFR"
-            + "SC9CQVFEQWdFR01BMEdDU3FHU0liM0RRRUJCUVVBQTRJQkFRQVpBNWMxDQpV"
-            + "L2hnSWg2T2NnTEFmaUpnRldwdm1EWldxbFYzMC9iSEZwajhpQm9iSlNtNXVE"
-            + "cHQ3VGlyWWgxVXhlM2ZRYUdsDQpZakplKzl6ZCtpelBSYkJxWFBWUUEzNEVY"
-            + "Y3drNHFwV3VmMWhIcmlXZmRyeDhBY3FTcXI2Q3VRRndTcjc1Rm9zDQpTemx3"
-            + "REFEYTcwbVQ3d1pqQW1RaG5aeDJ4SjZ3ZldsVDlWUWZTLy9KWWVJYzdGdWUy"
-            + "Sk5MZDAwVU9TTU1haUsvDQp0NzllbktOSEVBMmZ1cEgzdkVpZ2Y1RWg0YlZB"
-            + "TjVWb2hyVG02TVk1M3g3WFFaWnIxTUU3YTU1bEZFblNlVDB1DQptbE9BalIy"
-            + "bUFidlNNNVg1b1NaTnJtZXRkenlUajJmbENNOENDN01MYWIwa2tkbmdSSWxV"
-            + "QkdIRjEvUzVubVBiDQpLKzlBNDZzZDMzb3FLOG44DQotLS0tLUVORCBDRVJU"
-            + "SUZJQ0FURS0tLS0tDQo=");
-
-    private byte[] schefer = Base64.decode(
-        "MIIEnDCCBAWgAwIBAgICIPAwDQYJKoZIhvcNAQEEBQAwgcAxCzAJBgNVBAYT"
-            + "AkRFMQ8wDQYDVQQIEwZIRVNTRU4xGDAWBgNVBAcTDzY1MDA4IFdpZXNiYWRl"
-            + "bjEaMBgGA1UEChMRU0NIVUZBIEhPTERJTkcgQUcxGjAYBgNVBAsTEVNDSFVG"
-            + "QSBIT0xESU5HIEFHMSIwIAYDVQQDExlJbnRlcm5ldCBCZW51dHplciBTZXJ2"
-            + "aWNlMSowKAYJKoZIhvcNAQkBFht6ZXJ0aWZpa2F0QHNjaHVmYS1vbmxpbmUu"
-            + "ZGUwHhcNMDQwMzMwMTEwODAzWhcNMDUwMzMwMTEwODAzWjCBnTELMAkGA1UE"
-            + "BhMCREUxCjAIBgNVBAcTASAxIzAhBgNVBAoTGlNIUyBJbmZvcm1hdGlvbnNz"
-            + "eXN0ZW1lIEFHMRwwGgYDVQQLExM2MDAvMDU5NDktNjAwLzA1OTQ5MRgwFgYD"
-            + "VQQDEw9TY2hldHRlciBTdGVmYW4xJTAjBgkqhkiG9w0BCQEWFlN0ZWZhbi5T"
-            + "Y2hldHRlckBzaHMuZGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJD0"
-            + "95Bi76fkAMjJNTGPDiLPHmZXNsmakngDeS0juzKMeJA+TjXFouhYh6QyE4Bl"
-            + "Nf18fT4mInlgLefwf4t6meIWbiseeTo7VQdM+YrbXERMx2uHsRcgZMsiMYHM"
-            + "kVfYMK3SMJ4nhCmZxrBkoTRed4gXzVA1AA8YjjTqMyyjvt4TAgMBAAGjggHE"
-            + "MIIBwDAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIEsDALBgNVHQ8EBAMC"
-            + "BNAwOQYJYIZIAYb4QgENBCwWKlplcnRpZmlrYXQgbnVyIGZ1ZXIgU0NIVUZB"
-            + "LU9ubGluZSBndWVsdGlnLjAdBgNVHQ4EFgQUXReirhBfg0Yhf6MsBWoo/nPa"
-            + "hGwwge0GA1UdIwSB5TCB4oAUf2UyCaBV9JUeG9lS1Yo6OFBUdEKhgcakgcMw"
-            + "gcAxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZIRVNTRU4xGDAWBgNVBAcTDzY1"
-            + "MDA4IFdpZXNiYWRlbjEaMBgGA1UEChMRU0NIVUZBIEhPTERJTkcgQUcxGjAY"
-            + "BgNVBAsTEVNDSFVGQSBIT0xESU5HIEFHMSIwIAYDVQQDExlJbnRlcm5ldCBC"
-            + "ZW51dHplciBTZXJ2aWNlMSowKAYJKoZIhvcNAQkBFht6ZXJ0aWZpa2F0QHNj"
-            + "aHVmYS1vbmxpbmUuZGWCAQAwIQYDVR0RBBowGIEWU3RlZmFuLlNjaGV0dGVy"
-            + "QHNocy5kZTAmBgNVHRIEHzAdgRt6ZXJ0aWZpa2F0QHNjaHVmYS1vbmxpbmUu"
-            + "ZGUwDQYJKoZIhvcNAQEEBQADgYEAWzZtN9XQ9uyrFXqSy3hViYwV751+XZr0"
-            + "YH5IFhIS+9ixNAu8orP3bxqTaMhpwoU7T/oSsyGGSkb3fhzclgUADbA2lrOI"
-            + "GkeB/m+FArTwRbwpqhCNTwZywOp0eDosgPjCX1t53BB/m/2EYkRiYdDGsot0"
-            + "kQPOVGSjQSQ4+/D+TM8=");
-
-    // circular dependency certificates
-    private static final byte[] sampleTrust = Base64.decode(
-        "MIIDVDCCAjygAwIBAgIDAjRWMA0GCSqGSIb3DQEBBQUAMEIxCzAJBgNVBAYTAlVT" +
-            "MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i" +
-            "YWwgQ0EwHhcNMDIwNTIxMDQwMDAwWhcNMjIwNTIxMDQwMDAwWjBCMQswCQYDVQQG" +
-            "EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSR2VvVHJ1c3Qg" +
-            "R2xvYmFsIENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2swYYzD9" +
-            "9BcjGlZ+W988bDjkcbd4kdS8odhM+KhDtgPpTSEHCIjaWC9mOSm9BXiLnTjoBbdq" +
-            "fnGk5sRgprDvgOSJKA+eJdbtg/OtppHHmMlCGDUUna2YRpIuT8rxh0PBFpVXLVDv" +
-            "iS2Aelet8u5fa9IAjbkU+BQVNdnARqN7csiRv8lVK83Qlz6cJmTM386DGXHKTubU" +
-            "1XupGc1V3sjs0l44U+VcT4wt/lAjNvxm5suOpDkZALeVAjmRCw7+OC7RHQWa9k0+" +
-            "bw8HHa8sHo9gOeL6NlMTOdReJivbPagUvTLrGAMoUgRx5aszPeE4uwc2hGKceeoW" +
-            "MPRfwCvocWvk+QIDAQABo1MwUTAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBTA" +
-            "ephojYn7qwVkDBF9qn1luMrMTjAfBgNVHSMEGDAWgBTAephojYn7qwVkDBF9qn1l" +
-            "uMrMTjANBgkqhkiG9w0BAQUFAAOCAQEANeMpauUvXVSOKVCUn5kaFOSPeCpilKIn" +
-            "Z57QzxpeR+nBsqTP3UEaBU6bS+5Kb1VSsyShNwrrZHYqLizz/Tt1kL/6cdjHPTfS" +
-            "tQWVYrmm3ok9Nns4d0iXrKYgjy6myQzCsplFAMfOEVEiIuCl6rYVSAlk6l5PdPcF" +
-            "PseKUgzbFbS9bZvlxrFUaKnjaZC2mqUPuLk/IH2uSrW4nOQdtqvmlKXBx4Ot2/Un" +
-            "hw4EbNX/3aBd7YdStysVAq45pmp06drE57xNNB6pXE0zX5IJL4hmXXeXxx12E6nV" +
-            "5fEWCRE11azbJHFwLJhWC9kXtNHjUStedejV0NxPNO3CBWaAocvmMw==");
-
-    private static final byte[] sampleCA = Base64.decode(
-        "MIIETTCCAzWgAwIBAgIDAjpxMA0GCSqGSIb3DQEBCwUAMEIxCzAJBgNVBAYTAlVT" +
-            "MRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMRswGQYDVQQDExJHZW9UcnVzdCBHbG9i" +
-            "YWwgQ0EwHhcNMTMxMjExMjM0NTUxWhcNMjIwNTIwMjM0NTUxWjBCMQswCQYDVQQG" +
-            "EwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMSUmFwaWRTU0wg" +
-            "U0hBMjU2IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1jBEgEu" +
-            "l9h9GKrIwuWF4hdsYC7JjTEFORoGmFbdVNcRjFlbPbFUrkshhTIWX1SG5tmx2GCJ" +
-            "a1i+ctqgAEJ2sSdZTM3jutRc2aZ/uyt11UZEvexAXFm33Vmf8Wr3BvzWLxmKlRK6" +
-            "msrVMNI4/Bk7WxU7NtBDTdFlodSLwWBBs9ZwF8w5wJwMoD23ESJOztmpetIqYpyg" +
-            "C04q18NhWoXdXBC5VD0tA/hJ8LySt7ecMcfpuKqCCwW5Mc0IW7siC/acjopVHHZD" +
-            "dvDibvDfqCl158ikh4tq8bsIyTYYZe5QQ7hdctUoOeFTPiUs2itP3YqeUFDgb5rE" +
-            "1RkmiQF1cwmbOwIDAQABo4IBSjCCAUYwHwYDVR0jBBgwFoAUwHqYaI2J+6sFZAwR" +
-            "fap9ZbjKzE4wHQYDVR0OBBYEFJfCJ1CewsnsDIgyyHyt4qYBT9pvMBIGA1UdEwEB" +
-            "/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgEGMDYGA1UdHwQvMC0wK6ApoCeGJWh0" +
-            "dHA6Ly9nMS5zeW1jYi5jb20vY3Jscy9ndGdsb2JhbC5jcmwwLwYIKwYBBQUHAQEE" +
-            "IzAhMB8GCCsGAQUFBzABhhNodHRwOi8vZzIuc3ltY2IuY29tMEwGA1UdIARFMEMw" +
-            "QQYKYIZIAYb4RQEHNjAzMDEGCCsGAQUFBwIBFiVodHRwOi8vd3d3Lmdlb3RydXN0" +
-            "LmNvbS9yZXNvdXJjZXMvY3BzMCkGA1UdEQQiMCCkHjAcMRowGAYDVQQDExFTeW1h" +
-            "bnRlY1BLSS0xLTU2OTANBgkqhkiG9w0BAQsFAAOCAQEANevhiyBWlLp6vXmp9uP+" +
-            "bji0MsGj21hWID59xzqxZ2nVeRQb9vrsYPJ5zQoMYIp0TKOTKqDwUX/N6fmS/Zar" +
-            "RfViPT9gRlATPSATGC6URq7VIf5Dockj/lPEvxrYrDrK3maXI67T30pNcx9vMaJR" +
-            "BBZqAOv5jUOB8FChH6bKOvMoPF9RrNcKRXdLDlJiG9g4UaCSLT+Qbsh+QJ8gRhVd" +
-            "4FB84XavXu0R0y8TubglpK9YCa81tGJUheNI3rzSkHp6pIQNo0LyUcDUrVNlXWz4" +
-            "Px8G8k/Ll6BKWcZ40egDuYVtLLrhX7atKz4lecWLVtXjCYDqwSfC2Q7sRwrp0Mr8" +
-            "2A==");
-
-    // Tau Ceti Email Cert.
-    private static final byte[] sampleEE = Base64.decode(
-            "MIIF5DCCBMygAwIBAgIQXWymKNy5PxuC4PCrhdImEDANBgkqhkiG9w0BAQsFADBC" +
-            "MQswCQYDVQQGEwJVUzEWMBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEbMBkGA1UEAxMS" +
-            "UmFwaWRTU0wgU0hBMjU2IENBMB4XDTE2MTEyODAwMDAwMFoXDTE5MDEyNzIzNTk1" +
-            "OVowHjEcMBoGA1UEAwwTbWFpbC50YXVjZXRpLm9yZy5hdTCCASIwDQYJKoZIhvcN" +
-            "AQEBBQADggEPADCCAQoCggEBAPK3JUkZfsxNIuZmLLgZuJCDmWbi3KVEi4YTjpSm" +
-            "X3S+aZzO/QenA+den98fUFDIgch0X+S5mlvKRhdQuaJrtb5Y+W4QGieur9uQrind" +
-            "8CP7/eu+lMD1UUbwcYosHX13eQ+zM6Z6TcjPXBgK79QWuKLIvOm1Xxqy4+c9EtFk" +
-            "72555AOEjPS7PGZsOUBkoIWqp5p0Ryl+ZZ+DumZxNsggWgKBXL8eYL4uQVCAUvTY" +
-            "I1sfNQvSYm/ACk4LvQHNIYPxD2eOycu9xttxfG6VBOLLwHrZUqmIgwu+XY0NcO+W" +
-            "gowFtVD01R+jyVNMpnFxGovVbncym+0z71jP3cI93laO8TECAwEAAaOCAvgwggL0" +
-            "MB4GA1UdEQQXMBWCE21haWwudGF1Y2V0aS5vcmcuYXUwCQYDVR0TBAIwADArBgNV" +
-            "HR8EJDAiMCCgHqAchhpodHRwOi8vZ3Auc3ltY2IuY29tL2dwLmNybDBvBgNVHSAE" +
-            "aDBmMGQGBmeBDAECATBaMCoGCCsGAQUFBwIBFh5odHRwczovL3d3dy5yYXBpZHNz" +
-            "bC5jb20vbGVnYWwwLAYIKwYBBQUHAgIwIAweaHR0cHM6Ly93d3cucmFwaWRzc2wu" +
-            "Y29tL2xlZ2FsMB8GA1UdIwQYMBaAFJfCJ1CewsnsDIgyyHyt4qYBT9pvMA4GA1Ud" +
-            "DwEB/wQEAwIFoDAdBgNVHSUEFjAUBggrBgEFBQcDAQYIKwYBBQUHAwIwVwYIKwYB" +
-            "BQUHAQEESzBJMB8GCCsGAQUFBzABhhNodHRwOi8vZ3Auc3ltY2QuY29tMCYGCCsG" +
-            "AQUFBzAChhpodHRwOi8vZ3Auc3ltY2IuY29tL2dwLmNydDCCAX4GCisGAQQB1nkC" +
-            "BAIEggFuBIIBagFoAHYA3esdK3oNT6Ygi4GtgWhwfi6OnQHVXIiNPRHEzbbsvswA" +
-            "AAFYqH/T8QAABAMARzBFAiEA06gAEejY34PZqiYmMsVR4UmD6cJg4j7l6NcbIfVi" +
-            "aN0CICR9s94moCy9qgE63TZfsW+dHB3bcJL0Smxjo2+h4LCEAHYA7ku9t3XOYLrh" +
-            "Qmkfq+GeZqMPfl+wctiDAMR7iXqo/csAAAFYqH/UOgAABAMARzBFAiEAu42gWW4w" +
-            "9t+CSry8h8xXuveO/f0fdqo/fswaHa/L9ecCIGPueAD/ydOIkjskpnFkeNcHdXVa" +
-            "a18AR8pzjW/IdMI+AHYAvHjh38X2PGhGSTNNoQ+hXwl5aSAJwIG08/aRfz7ZuKUA" +
-            "AAFYqH/U7wAABAMARzBFAiEAiQrwaLoNvmFlNLapDYN18gA09iIAvtfAM0noB35a" +
-            "wK8CIEjk9DPQthhMTtqDUA0LthHiLLeRIjlw9G7o3+4/a/A9MA0GCSqGSIb3DQEB" +
-            "CwUAA4IBAQB1/JjAkaEFcQFeihxJvGc4DpbucdB0OfmQrkjH5HvSYi/5xlp+BOxM" +
-            "es32KSI6CBiLhZviz3JVW05Zgz8tCEoV1D6kfmNQNQPXW958vO4QU88EPmbPo7fg" +
-            "Hb38Xv1BesjNN7R7S/nS80hFFU1UsspsrfRJnEMshkD4Xrt8644g+5VqQGxeN0WZ" +
-            "LkG40sYhBmVHwYBKIfefk8Erzxk58Fzfx4cIZZuIEqmVZVjuXGCmFzsW8StanBPP" +
-            "8Vyr5e9TEEGbsEyjpibgzLqrphtSpBsN4OphPYWtFzQpgq09wqLkLkhEHp+EvwPN" +
-            "gUt3Qm/EwLuDb+X5uVOqKWyP4PAlxmAr");
-
-    static boolean initialized = false;
-
-    static KeyPair trustKp;
-    static KeyPair caKp;
-    static KeyPair eeKp;
-
-    // initialise CertStore
-    static X509Certificate trustCert;
-    static X509Certificate caCert;
-    static X509Certificate eeCert;
-    static X509Certificate eeCertWithDistPoint;
-
-    static X509CRL trustCrl;
-    static X509CRL caCrl;
-    
-    public void setUp()
-        throws Exception
-    {
-        if(!initialized)
-        {
-            Security.addProvider(new BouncyCastleProvider());
-            KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", "BC");
-
-            kpGen.initialize(2048);
-
-            trustKp = kpGen.generateKeyPair();
-            caKp = kpGen.generateKeyPair();
-            eeKp = kpGen.generateKeyPair();
-
-            // initialise CertStore
-            trustCert = TestUtil.makeTrustAnchor(trustKp, "CN=Trust Anchor");
-            caCert = TestUtil.makeCaCertificate(trustCert, trustKp.getPrivate(), caKp.getPublic(), "CN=CA Cert");
-            eeCert = TestUtil.makeEeCertificate(false, caCert, caKp.getPrivate(), eeKp.getPublic(), "CN=End Entity");
-            eeCertWithDistPoint = TestUtil.makeEeCertificate(true, caCert, caKp.getPrivate(), eeKp.getPublic(), "CN=End Entity");
-            trustCrl = TestUtil.makeCrl(trustCert, trustKp.getPrivate(), BigInteger.valueOf(100));
-            caCrl = TestUtil.makeCrl(caCert, caKp.getPrivate(), BigInteger.valueOf(100));
-
-            initialized = true;
-        }
-    }
-
-    public void testValidPath()
-        throws Exception
-    {
-        List list = new ArrayList();
-        list.add(trustCert);
-        list.add(caCert);
-        list.add(eeCert);
-
-        CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
-        CertStore store = CertStore.getInstance("Collection", ccsp, "BC");
-        Date validDate = new Date(trustCrl.getThisUpdate().getTime() + 60 * 60 * 1000);
-        //validating path
-        List certchain = new ArrayList();
-        certchain.add(eeCert);
-        certchain.add(caCert);
-
-        CertPath cp = CertificateFactory.getInstance("X.509", "BC").generateCertPath(certchain);
-        Set trust = new HashSet();
-        trust.add(new TrustAnchor(trustCert, null));
-
-        List<CRL> crls = new ArrayList<CRL>();
-        crls.add(trustCrl);
-        crls.add(caCrl);
-
-        X509RevocationChecker revocationChecker = new X509RevocationChecker
-            .Builder(new TrustAnchor(trustCert, null))
-            .addCrls(new CollectionStore<CRL>(crls))
-            .build();
-
-        CertPathValidator cpv = CertPathValidator.getInstance("PKIX", "BC");
-        PKIXParameters param = new PKIXParameters(trust);
-        param.addCertStore(store);
-        param.setDate(validDate);
-        param.setRevocationEnabled(false);
-
-        param.addCertPathChecker(revocationChecker);
-
-        PKIXCertPathValidatorResult result =
-            (PKIXCertPathValidatorResult)cpv.validate(cp, param);
-        PolicyNode policyTree = result.getPolicyTree();
-        PublicKey subjectPublicKey = result.getPublicKey();
-
-        if (!subjectPublicKey.equals(eeCert.getPublicKey()))
-        {
-            fail("wrong public key returned");
-        }
-    }
-
-    public void testEndEntityOnly()
-        throws Exception
-    {
-        List list = new ArrayList();
-    
-        list.add(caCert);
-        list.add(eeCert);
-
-        CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
-        CertStore store = CertStore.getInstance("Collection", ccsp, "BC");
-        Date validDate = new Date(trustCrl.getThisUpdate().getTime() + 60 * 60 * 1000);
-        //validating path
-        List certchain = new ArrayList();
-        certchain.add(eeCert);
-        certchain.add(caCert);
-
-        CertPath cp = CertificateFactory.getInstance("X.509", "BC").generateCertPath(certchain);
-        Set trust = new HashSet();
-        trust.add(new TrustAnchor(trustCert, null));
-
-        List<CRL> crls = new ArrayList<CRL>();
-        crls.add(caCrl);
-
-        X509RevocationChecker revocationChecker = new X509RevocationChecker
-            .Builder(new TrustAnchor(trustCert, null))
-            .setCheckEndEntityOnly(true)
-            .addCrls(new CollectionStore<CRL>(crls))
-            .build();
-
-        CertPathValidator cpv = CertPathValidator.getInstance("PKIX", "BC");
-        PKIXParameters param = new PKIXParameters(trust);
-        param.addCertStore(store);
-        param.setDate(validDate);
-        param.setRevocationEnabled(false);
-
-        param.addCertPathChecker(revocationChecker);
-
-        PKIXCertPathValidatorResult result =
-            (PKIXCertPathValidatorResult)cpv.validate(cp, param);
-        PolicyNode policyTree = result.getPolicyTree();
-        PublicKey subjectPublicKey = result.getPublicKey();
-
-        if (!subjectPublicKey.equals(eeCert.getPublicKey()))
-        {
-            fail("wrong public key returned");
-        }
-    }
-
-    public void testRevokedEndEntityOnly()
-        throws Exception
-    {
-        List list = new ArrayList();
-
-        list.add(caCert);
-        list.add(eeCert);
-
-        CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
-        CertStore store = CertStore.getInstance("Collection", ccsp, "BC");
-        Date validDate = new Date(trustCrl.getThisUpdate().getTime() + 60 * 60 * 1000);
-        //validating path
-        List certchain = new ArrayList();
-        certchain.add(eeCert);
-        certchain.add(caCert);
-
-        CertPath cp = CertificateFactory.getInstance("X.509", "BC").generateCertPath(certchain);
-        Set trust = new HashSet();
-        trust.add(new TrustAnchor(trustCert, null));
-
-        List<CRL> crls = new ArrayList<CRL>();
-        crls.add(TestUtil.makeCrl(caCert, caKp.getPrivate(), eeCert.getSerialNumber()));
-
-        X509RevocationChecker revocationChecker = new X509RevocationChecker
-            .Builder(new TrustAnchor(trustCert, null))
-            .setCheckEndEntityOnly(true)
-            .addCrls(new CollectionStore<CRL>(crls))
-            .build();
-
-        CertPathValidator cpv = CertPathValidator.getInstance("PKIX", "BC");
-        PKIXParameters param = new PKIXParameters(trust);
-        param.addCertStore(store);
-        param.setDate(validDate);
-        param.setRevocationEnabled(false);
-
-        param.addCertPathChecker(revocationChecker);
-
-        try
-        {
-            PKIXCertPathValidatorResult result =
-                (PKIXCertPathValidatorResult)cpv.validate(cp, param);
-            fail("no exception");
-        }
-        catch (CertPathValidatorException e)
-        {
-            assertTrue(e.getMessage().startsWith("certificate [issuer=\"CN=CA Cert\",serialNumber=3,subject=\"CN=End Entity\"] revoked"));
-            assertTrue(e.getMessage().endsWith(", reason: privilegeWithdrawn"));
-        }
-    }
-
-    public void testRevokedEndEntityWithSoftFailure()
-        throws Exception
-    {
-        List list = new ArrayList();
-
-        list.add(caCert);
-        list.add(eeCert);
-
-        CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
-        CertStore store = CertStore.getInstance("Collection", ccsp, "BC");
-        Date validDate = new Date(trustCrl.getThisUpdate().getTime() + 60 * 60 * 1000);
-        //validating path
-        List certchain = new ArrayList();
-        certchain.add(eeCertWithDistPoint);
-        certchain.add(caCert);
-
-        CertPath cp = CertificateFactory.getInstance("X.509", "BC").generateCertPath(certchain);
-        Set trust = new HashSet();
-        trust.add(new TrustAnchor(trustCert, null));
-
-        List<CRL> crls = new ArrayList<CRL>();
-        crls.add(TestUtil.makeCrl(caCert, caKp.getPrivate(), eeCert.getSerialNumber()));
-
-        X509RevocationChecker revocationChecker = new X509RevocationChecker
-            .Builder(new TrustAnchor(trustCert, null))
-            .setCheckEndEntityOnly(true)
-            .setSoftFailHardLimit(true, 0)
-            .build();
-
-        CertPathValidator cpv = CertPathValidator.getInstance("PKIX", "BC");
-        PKIXParameters param = new PKIXParameters(trust);
-        param.addCertStore(store);
-        param.setDate(validDate);
-        param.setRevocationEnabled(false);
-
-        param.addCertPathChecker(revocationChecker);
-
-        PKIXCertPathValidatorResult result =
-                (PKIXCertPathValidatorResult)cpv.validate(cp, param);
-
-        // should fail on the second attempt.
-        try
-        {
-            result =
-                (PKIXCertPathValidatorResult)cpv.validate(cp, param);
-            fail("no exception");
-        }
-        catch (CertPathValidatorException e)
-        {
-            assertTrue(e.getMessage().equals("No CRLs found for issuer \"cn=CA Cert\""));
-        }
-    }
-
-    public void testRevokedWithCRLDistPointEndEntityOnly()
-        throws Exception
-    {
-        CertificateFactory certFact = CertificateFactory.getInstance("X.509", "BC");
-        List list = new ArrayList();
-
-        X509Certificate trustCert = (X509Certificate)certFact.generateCertificate(new ByteArrayInputStream(sampleTrust));
-        Certificate caCert = certFact.generateCertificate(new ByteArrayInputStream(sampleCA));
-        Certificate eeCert = certFact.generateCertificate(new ByteArrayInputStream(sampleEE));
-
-        list.add(caCert);
-        list.add(eeCert);
-
-        CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
-        CertStore store = CertStore.getInstance("Collection", ccsp, "BC");
-        Date validDate = new Date(trustCrl.getThisUpdate().getTime() + 60 * 60 * 1000);
-        //validating path
-        List certchain = new ArrayList();
-        certchain.add(eeCert);
-        certchain.add(caCert);
-
-        CertPath cp = CertificateFactory.getInstance("X.509", "BC").generateCertPath(certchain);
-        Set trust = new HashSet();
-        trust.add(new TrustAnchor(trustCert, null));
-
-        List<CRL> crls = new ArrayList<CRL>();
-       // crls.add(TestUtil.makeCrl(caCert, caKp.getPrivate(), eeCert.getSerialNumber()));
-
-        X509RevocationChecker revocationChecker = new X509RevocationChecker
-            .Builder(new TrustAnchor(trustCert, null))
-            .setCheckEndEntityOnly(true)
-            .addCrls(new CollectionStore<CRL>(crls))
-            .usingProvider("BC")
-            .build();
-
-        CertPathValidator cpv = CertPathValidator.getInstance("PKIX", "BC");
-        PKIXParameters param = new PKIXParameters(trust);
-        param.addCertStore(store);
-        param.setDate(validDate);
-        param.setRevocationEnabled(false);
-
-        param.addCertPathChecker(revocationChecker);
-
-        try
-        {
-            PKIXCertPathValidatorResult result =
-                (PKIXCertPathValidatorResult)cpv.validate(cp, param);
-
-        }
-        catch (CertPathValidatorException e)
-        {
-            fail(e.getMessage());
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/pkix/test/TestUtil.java b/bcpkix/src/main/java/org/bouncycastle/pkix/test/TestUtil.java
deleted file mode 100644
index d4886eb..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/pkix/test/TestUtil.java
+++ /dev/null

@@ -1,166 +0,0 @@
-package org.bouncycastle.pkix.test;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.security.GeneralSecurityException;
-import java.security.KeyPair;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.cert.X509CRL;
-import java.security.cert.X509Certificate;
-import java.util.Date;
-
-import javax.security.auth.x500.X500Principal;
-
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.BasicConstraints;
-import org.bouncycastle.asn1.x509.CRLReason;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.cert.X509v1CertificateBuilder;
-import org.bouncycastle.cert.X509v2CRLBuilder;
-import org.bouncycastle.cert.X509v3CertificateBuilder;
-import org.bouncycastle.cert.jcajce.JcaX509CRLConverter;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
-import org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils;
-import org.bouncycastle.cert.jcajce.JcaX509v1CertificateBuilder;
-import org.bouncycastle.cert.jcajce.JcaX509v2CRLBuilder;
-import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
-
-public class TestUtil
-{
-    public static BigInteger       serialNumber = BigInteger.ONE;
-
-    private static BigInteger allocateSerialNumber()
-    {
-        BigInteger _tmp = serialNumber;
-        serialNumber = serialNumber.add(BigInteger.ONE);
-        return _tmp;
-    }
-
-    public static X509Certificate makeTrustAnchor(KeyPair kp, String name)
-        throws GeneralSecurityException, IOException, OperatorCreationException
-    {
-        X509v1CertificateBuilder v1CertGen = new JcaX509v1CertificateBuilder(
-            new X500Name(name),
-            allocateSerialNumber(),
-            new Date(System.currentTimeMillis()),
-            new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 100)),
-            new X500Name(name),
-            kp.getPublic());
-
-        JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder("SHA256WithRSA").setProvider("BC");
-
-        X509Certificate cert = new JcaX509CertificateConverter().setProvider("BC")
-            .getCertificate(v1CertGen.build(contentSignerBuilder.build(kp.getPrivate())));
-
-        cert.checkValidity(new Date());
-        cert.verify(kp.getPublic());
-
-        return cert;
-    }
-
-    public static X509Certificate makeCaCertificate(X509Certificate issuer, PrivateKey issuerKey, PublicKey subjectKey, String subject)
-        throws GeneralSecurityException, IOException, OperatorCreationException
-    {
-        X509v3CertificateBuilder v3CertGen = new JcaX509v3CertificateBuilder(
-            issuer.getSubjectX500Principal(),
-            allocateSerialNumber(),
-            new Date(System.currentTimeMillis()),
-            new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 100)),
-            new X500Principal(subject),
-            subjectKey);
-
-        JcaX509ExtensionUtils extUtils = new JcaX509ExtensionUtils();
-
-        v3CertGen.addExtension(
-            Extension.subjectKeyIdentifier,
-            false,
-            extUtils.createSubjectKeyIdentifier(subjectKey));
-
-        v3CertGen.addExtension(
-            Extension.authorityKeyIdentifier,
-            false,
-            extUtils.createAuthorityKeyIdentifier(issuer));
-
-        v3CertGen.addExtension(
-            Extension.basicConstraints,
-            false,
-            new BasicConstraints(0));
-
-        JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder("SHA256WithRSA").setProvider("BC");
-
-        X509Certificate cert = new JcaX509CertificateConverter().setProvider("BC")
-            .getCertificate(v3CertGen.build(contentSignerBuilder.build(issuerKey)));
-
-        cert.checkValidity(new Date());
-        cert.verify(issuer.getPublicKey());
-
-        return cert;
-    }
-
-    public static X509Certificate makeEeCertificate(boolean withDistPoint, X509Certificate issuer, PrivateKey issuerKey, PublicKey subjectKey, String subject)
-        throws GeneralSecurityException, IOException, OperatorCreationException
-    {
-        X509v3CertificateBuilder v3CertGen = new JcaX509v3CertificateBuilder(
-            issuer.getSubjectX500Principal(),
-            allocateSerialNumber(),
-            new Date(System.currentTimeMillis()),
-            new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 100)),
-            new X500Principal(subject),
-            subjectKey);
-
-        JcaX509ExtensionUtils extUtils = new JcaX509ExtensionUtils();
-
-        v3CertGen.addExtension(
-            Extension.subjectKeyIdentifier,
-            false,
-            extUtils.createSubjectKeyIdentifier(subjectKey));
-
-        v3CertGen.addExtension(
-            Extension.authorityKeyIdentifier,
-            false,
-            extUtils.createAuthorityKeyIdentifier(issuer));
-
-        v3CertGen.addExtension(
-            Extension.basicConstraints,
-            false,
-            new BasicConstraints(false));
-
-        if (withDistPoint)
-        {
-            v3CertGen.addExtension(
-                Extension.cRLDistributionPoints,
-                false,
-                new DERSequence());
-        }
-
-        JcaContentSignerBuilder contentSignerBuilder = new JcaContentSignerBuilder("SHA256WithRSA").setProvider("BC");
-
-        X509Certificate cert = new JcaX509CertificateConverter().setProvider("BC")
-            .getCertificate(v3CertGen.build(contentSignerBuilder.build(issuerKey)));
-
-        cert.checkValidity(new Date());
-        cert.verify(issuer.getPublicKey());
-
-        return cert;
-    }
-
-    public static X509CRL makeCrl(X509Certificate issuer, PrivateKey sigKey, BigInteger revoked)
-        throws Exception
-    {
-        Date now = new Date();
-        X509v2CRLBuilder crlGen = new JcaX509v2CRLBuilder(issuer.getSubjectX500Principal(), now);
-        JcaX509ExtensionUtils extensionUtils = new JcaX509ExtensionUtils();
-
-        crlGen.setNextUpdate(new Date(now.getTime() + 100000));
-
-        crlGen.addCRLEntry(revoked, now, CRLReason.privilegeWithdrawn);
-
-        crlGen.addExtension(Extension.authorityKeyIdentifier, false, extensionUtils.createAuthorityKeyIdentifier(issuer));
-
-        return new JcaX509CRLConverter().setProvider("BC").getCRL(crlGen.build(new JcaContentSignerBuilder("SHA256WithRSA").setProvider("BC").build(sigKey)));
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/ArchiveTimeStampValidationException.java b/bcpkix/src/main/java/org/bouncycastle/tsp/ArchiveTimeStampValidationException.java
deleted file mode 100644
index 12be0e1..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/ArchiveTimeStampValidationException.java
+++ /dev/null

@@ -1,18 +0,0 @@
-package org.bouncycastle.tsp;
-
-/**
- * Exception thrown if an Archive TimeStamp according to RFC4998 fails to containsHashValue.
- * <p>
- * {@see <a href="https://tools.ietf.org/html/rfc4998">RFC4998</a>}
- */
-
-public class ArchiveTimeStampValidationException
-    extends Exception
-{
-
-    public ArchiveTimeStampValidationException(final String message)
-    {
-        super(message);
-    }
-}
-

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/DataGroup.java b/bcpkix/src/main/java/org/bouncycastle/tsp/DataGroup.java
deleted file mode 100644
index 5f022e0..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/DataGroup.java
+++ /dev/null

@@ -1,158 +0,0 @@
-package org.bouncycastle.tsp;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.util.ArrayList;
-import java.util.Comparator;
-import java.util.Iterator;
-import java.util.List;
-import java.util.TreeSet;
-
-import org.bouncycastle.operator.DigestCalculator;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Representation of data groups according to the description provided in RFC4998.
- * <p>
- * Such data groups represent a set of one or more data objects (e.g. electronic documents) for
- * which an Evidence Record should be generated.
- */
-public class DataGroup
-{
-    private List<byte[]> dataObjects;
-    private byte[] groupHash;
-    private TreeSet<byte[]> hashes;
-
-    public DataGroup(final List<byte[]> dataObjects)
-    {
-        this.dataObjects = dataObjects;
-    }
-
-    public DataGroup(final byte[] dataObject)
-    {
-        this.dataObjects = new ArrayList();
-        dataObjects.add(dataObject);
-    }
-
-    /**
-     * Generates hashes for all the data objects included in the data group.
-     *
-     * @param digestCalculator the {@link DigestCalculator} to use for computing the hashes
-     * @return the set of hashes, in ascending order
-     */
-    public TreeSet<byte[]> getHashes(DigestCalculator digestCalculator)
-    {
-        return getHashes(digestCalculator, null);
-    }
-
-    /**
-     * Generates hashes for all the data objects included in the data group.
-     *
-     * @param digestCalculator the {@link DigestCalculator} to use for computing the hashes
-     * @param ha a preceding hash, can be null.
-     * @return the set of hashes, in ascending order
-     */
-    private TreeSet<byte[]> getHashes(
-        final DigestCalculator digestCalculator,
-        final byte[] ha)
-    {
-        if (hashes == null)
-        {
-            hashes = new TreeSet(new ByteArrayComparator());
-
-            for (int i = 0; i != dataObjects.size(); i++)
-            {
-                byte[] dataObject = (byte[])dataObjects.get(i);
-                if (ha != null)
-                {
-                    hashes.add(calcDigest(digestCalculator, Arrays.concatenate(calcDigest(digestCalculator, dataObject), ha)));
-                }
-                else
-                {
-                    hashes.add(calcDigest(digestCalculator, dataObject));
-                }
-            }
-        }
-
-        return hashes;
-    }
-
-    /**
-     * Generates a hash for the whole DataGroup.
-     *
-     * @param digestCalculator the {@link DigestCalculator} to use for computing the hash
-     * @return a hash that is representative of the whole DataGroup
-     */
-    public byte[] getHash(DigestCalculator digestCalculator)
-    {
-        if (groupHash == null)
-        {
-            TreeSet<byte[]> hashes = getHashes(digestCalculator);
-
-            if (hashes.size() > 1)
-            {
-                byte[] concat = new byte[0];
-                Iterator<byte[]> iterator = hashes.iterator();
-
-                while (iterator.hasNext())
-                {
-                    concat = Arrays.concatenate(concat, (byte[])iterator.next());
-                }
-
-                groupHash = calcDigest(digestCalculator, concat);
-            }
-            else
-            {
-                groupHash = (byte[])hashes.first();
-            }
-        }
-
-        return groupHash;
-    }
-
-    /**
-     * Comparator for byte arrays
-     */
-    private class ByteArrayComparator
-        implements Comparator
-    {
-        public int compare(Object l, Object r)
-        {
-            byte[] left = (byte[])l;
-            byte[] right = (byte[])r;
-
-            int len = left.length < right.length ? left.length : right.length;
-
-            for (int i = 0; i != len; i++)
-            {
-                int a = (left[i] & 0xff);
-                int b = (right[i] & 0xff);
-
-                if (a != b)
-                {
-                    return a - b;
-                }
-            }
-
-            return left.length - right.length;
-        }
-    }
-
-    static byte[] calcDigest(DigestCalculator digCalc, byte[] data)
-    {
-        try
-        {
-            OutputStream dOut = digCalc.getOutputStream();
-
-            dOut.write(data);
-
-            dOut.close();
-
-            return digCalc.getDigest();
-        }
-        catch (IOException e)
-        {
-            throw new IllegalStateException("digest calculator failure: " + e.getMessage());
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/GenTimeAccuracy.java b/bcpkix/src/main/java/org/bouncycastle/tsp/GenTimeAccuracy.java
deleted file mode 100644
index 3cabb86..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/GenTimeAccuracy.java
+++ /dev/null

@@ -1,60 +0,0 @@
-package org.bouncycastle.tsp;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.tsp.Accuracy;
-
-public class GenTimeAccuracy
-{
-    private Accuracy accuracy;
-
-    public GenTimeAccuracy(Accuracy accuracy)
-    {
-        this.accuracy = accuracy;
-    }
-    
-    public int getSeconds()
-    {
-        return getTimeComponent(accuracy.getSeconds());
-    }
-
-    public int getMillis()
-    {
-        return getTimeComponent(accuracy.getMillis());
-    }
-
-    public int getMicros()
-    {
-        return getTimeComponent(accuracy.getMicros());
-    }
-
-    private int getTimeComponent(
-        ASN1Integer time)
-    {
-        if (time != null)
-        {
-            return time.getValue().intValue();
-        }
-
-        return 0;
-    }
-    
-    public String toString()
-    {                               // digits
-        return getSeconds() + "." + format(getMillis()) + format(getMicros());
-    }
-
-    private String format(int v)
-    {
-        if (v < 10)
-        {
-            return "00" + v;
-        }
-
-        if (v < 100)
-        {
-            return "0" + v;
-        }
-
-        return Integer.toString(v);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/PartialHashTreeProcessor.java b/bcpkix/src/main/java/org/bouncycastle/tsp/PartialHashTreeProcessor.java
deleted file mode 100644
index 96b9924..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/PartialHashTreeProcessor.java
+++ /dev/null

@@ -1,86 +0,0 @@
-package org.bouncycastle.tsp;
-
-import java.io.IOException;
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.tsp.PartialHashtree;
-import org.bouncycastle.operator.DigestCalculator;
-import org.bouncycastle.util.Arrays;
-
-public class PartialHashTreeProcessor
-{
-    private final byte[][] values;
-
-    public PartialHashTreeProcessor(PartialHashtree tree)
-    {
-        this.values = tree.getValues();
-    }
-
-    /**
-     * Compute a hash over the whole partialHashTree:
-     * - Concatenate all the hashes contained in the partial hash tree;
-     * - Generate a hash over the concatenated hashes, using a provided {@link DigestCalculator}.
-     *
-     * @param digestCalculator the {@link DigestCalculator} to use in order to generate the hash
-     * @return a hash value that is representative of the whole partial hash tree.
-     */
-    public byte[] getHash(DigestCalculator digestCalculator)
-    {
-        if (values.length == 1)
-        {
-            return values[0];
-        }
-
-        try
-        {
-            OutputStream dOut = digestCalculator.getOutputStream();
-
-            for (int i = 1; i != values.length; i++)
-            {
-                dOut.write(values[i]);
-            }
-
-            return digestCalculator.getDigest();
-        }
-        catch (IOException e)
-        {
-            throw new IllegalStateException("calculator failed: " + e.getMessage());
-        }
-    }
-
-    /**
-     * Checks whether a PartialHashtree (RFC4998) contains a given hash.
-     *
-     * @param hash            the hash to check
-     * @throws PartialHashTreeVerificationException if the hash is not present in the
-     * PartialHashtree
-     */
-    public void verifyContainsHash(final byte[] hash)
-        throws PartialHashTreeVerificationException
-    {
-        if (!containsHash(hash))
-        {
-            throw new PartialHashTreeVerificationException("calculated hash is not present in " + "partial hash tree");
-        }
-    }
-
-    /**
-     * Checks whether a PartialHashtree (RFC4998) contains a given hash.
-     *
-     * @param hash            the hash to check
-     * @return true if the hash is present within the PartialHashtree's set of values, false
-     * otherwise.
-     */
-    public boolean containsHash(final byte[] hash)
-    {
-        for (int i = 1; i != values.length; i++)
-        {
-            if (Arrays.areEqual(hash, values[i]))
-            {
-                return true;
-            }
-        }
-
-        return false;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/PartialHashTreeVerificationException.java b/bcpkix/src/main/java/org/bouncycastle/tsp/PartialHashTreeVerificationException.java
deleted file mode 100644
index 4b74174..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/PartialHashTreeVerificationException.java
+++ /dev/null

@@ -1,9 +0,0 @@
-package org.bouncycastle.tsp;
-
-public class PartialHashTreeVerificationException extends Exception {
-
-    public PartialHashTreeVerificationException(final String message)
-    {
-        super(message);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/TSPAlgorithms.java b/bcpkix/src/main/java/org/bouncycastle/tsp/TSPAlgorithms.java
deleted file mode 100644
index 780b79d..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/TSPAlgorithms.java
+++ /dev/null

@@ -1,43 +0,0 @@
-package org.bouncycastle.tsp;
-
-import java.util.Arrays;
-import java.util.HashSet;
-import java.util.Set;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-
-/**
- * Recognised hash algorithms for the time stamp protocol.
- */
-public interface TSPAlgorithms
-{
-    public static final ASN1ObjectIdentifier MD5 = PKCSObjectIdentifiers.md5;
-
-    public static final ASN1ObjectIdentifier SHA1 = OIWObjectIdentifiers.idSHA1;
-    
-    public static final ASN1ObjectIdentifier SHA224 = NISTObjectIdentifiers.id_sha224;
-    public static final ASN1ObjectIdentifier SHA256 = NISTObjectIdentifiers.id_sha256;
-    public static final ASN1ObjectIdentifier SHA384 = NISTObjectIdentifiers.id_sha384;
-    public static final ASN1ObjectIdentifier SHA512 = NISTObjectIdentifiers.id_sha512;
-
-    public static final ASN1ObjectIdentifier RIPEMD128 = TeleTrusTObjectIdentifiers.ripemd128;
-    public static final ASN1ObjectIdentifier RIPEMD160 = TeleTrusTObjectIdentifiers.ripemd160;
-    public static final ASN1ObjectIdentifier RIPEMD256 = TeleTrusTObjectIdentifiers.ripemd256;
-    
-    public static final ASN1ObjectIdentifier GOST3411 = CryptoProObjectIdentifiers.gostR3411;
-
-    public static final ASN1ObjectIdentifier GOST3411_2012_256 = RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256;
-
-    public static final ASN1ObjectIdentifier GOST3411_2012_512 = RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512;
-
-    public static final ASN1ObjectIdentifier SM3 = GMObjectIdentifiers.sm3;
-
-    public static final Set    ALLOWED = new HashSet(Arrays.asList(new ASN1ObjectIdentifier[] { SM3, GOST3411, GOST3411_2012_256, GOST3411_2012_512, MD5, SHA1, SHA224, SHA256, SHA384, SHA512, RIPEMD128, RIPEMD160, RIPEMD256 }));
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/TSPException.java b/bcpkix/src/main/java/org/bouncycastle/tsp/TSPException.java
deleted file mode 100644
index a04e5c5..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/TSPException.java
+++ /dev/null

@@ -1,28 +0,0 @@
-package org.bouncycastle.tsp;
-
-public class TSPException
-    extends Exception
-{
-    Throwable underlyingException;
-
-    public TSPException(String message)
-    {
-        super(message);
-    }
-
-    public TSPException(String message, Throwable e)
-    {
-        super(message);
-        underlyingException = e;
-    }
-
-    public Exception getUnderlyingException()
-    {
-        return (Exception)underlyingException;
-    }
-
-    public Throwable getCause()
-    {
-        return underlyingException;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/TSPIOException.java b/bcpkix/src/main/java/org/bouncycastle/tsp/TSPIOException.java
deleted file mode 100644
index 0be66db..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/TSPIOException.java
+++ /dev/null

@@ -1,30 +0,0 @@
-package org.bouncycastle.tsp;
-
-import java.io.IOException;
-
-public class TSPIOException
-    extends IOException
-{
-    Throwable underlyingException;
-
-    public TSPIOException(String message)
-    {
-        super(message);
-    }
-
-    public TSPIOException(String message, Throwable e)
-    {
-        super(message);
-        underlyingException = e;
-    }
-
-    public Exception getUnderlyingException()
-    {
-        return (Exception)underlyingException;
-    }
-
-    public Throwable getCause()
-    {
-        return underlyingException;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/TSPUtil.java b/bcpkix/src/main/java/org/bouncycastle/tsp/TSPUtil.java
deleted file mode 100644
index 3e179ae..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/TSPUtil.java
+++ /dev/null

@@ -1,217 +0,0 @@
-package org.bouncycastle.tsp;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.List;
-import java.util.Map;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.cms.Attribute;
-import org.bouncycastle.asn1.cms.AttributeTable;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-import org.bouncycastle.asn1.x509.ExtendedKeyUsage;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.Extensions;
-import org.bouncycastle.asn1.x509.ExtensionsGenerator;
-import org.bouncycastle.asn1.x509.KeyPurposeId;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cms.SignerInformation;
-import org.bouncycastle.operator.DigestCalculator;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Integers;
-
-public class TSPUtil
-{
-    private static List EMPTY_LIST = Collections.unmodifiableList(new ArrayList());
-
-    private static final Map digestLengths = new HashMap();
-    private static final Map digestNames = new HashMap();
-
-    static
-    {
-        digestLengths.put(PKCSObjectIdentifiers.md5.getId(), Integers.valueOf(16));
-        digestLengths.put(OIWObjectIdentifiers.idSHA1.getId(), Integers.valueOf(20));
-        digestLengths.put(NISTObjectIdentifiers.id_sha224.getId(), Integers.valueOf(28));
-        digestLengths.put(NISTObjectIdentifiers.id_sha256.getId(), Integers.valueOf(32));
-        digestLengths.put(NISTObjectIdentifiers.id_sha384.getId(), Integers.valueOf(48));
-        digestLengths.put(NISTObjectIdentifiers.id_sha512.getId(), Integers.valueOf(64));
-        digestLengths.put(TeleTrusTObjectIdentifiers.ripemd128.getId(), Integers.valueOf(16));
-        digestLengths.put(TeleTrusTObjectIdentifiers.ripemd160.getId(), Integers.valueOf(20));
-        digestLengths.put(TeleTrusTObjectIdentifiers.ripemd256.getId(), Integers.valueOf(32));
-        digestLengths.put(CryptoProObjectIdentifiers.gostR3411.getId(), Integers.valueOf(32));
-        digestLengths.put(RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256.getId(), Integers.valueOf(32));
-        digestLengths.put(RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512.getId(), Integers.valueOf(64));
-        digestLengths.put(GMObjectIdentifiers.sm3.getId(), Integers.valueOf(32));
-
-        digestNames.put(PKCSObjectIdentifiers.md5.getId(), "MD5");
-        digestNames.put(OIWObjectIdentifiers.idSHA1.getId(), "SHA1");
-        digestNames.put(NISTObjectIdentifiers.id_sha224.getId(), "SHA224");
-        digestNames.put(NISTObjectIdentifiers.id_sha256.getId(), "SHA256");
-        digestNames.put(NISTObjectIdentifiers.id_sha384.getId(), "SHA384");
-        digestNames.put(NISTObjectIdentifiers.id_sha512.getId(), "SHA512");
-        digestNames.put(PKCSObjectIdentifiers.sha1WithRSAEncryption.getId(), "SHA1");
-        digestNames.put(PKCSObjectIdentifiers.sha224WithRSAEncryption.getId(), "SHA224");
-        digestNames.put(PKCSObjectIdentifiers.sha256WithRSAEncryption.getId(), "SHA256");
-        digestNames.put(PKCSObjectIdentifiers.sha384WithRSAEncryption.getId(), "SHA384");
-        digestNames.put(PKCSObjectIdentifiers.sha512WithRSAEncryption.getId(), "SHA512");
-        digestNames.put(TeleTrusTObjectIdentifiers.ripemd128.getId(), "RIPEMD128");
-        digestNames.put(TeleTrusTObjectIdentifiers.ripemd160.getId(), "RIPEMD160");
-        digestNames.put(TeleTrusTObjectIdentifiers.ripemd256.getId(), "RIPEMD256");
-        digestNames.put(CryptoProObjectIdentifiers.gostR3411.getId(), "GOST3411");
-        digestNames.put(RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256.getId(), "GOST3411-2012-256");
-        digestNames.put(RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512.getId(), "GOST3411-2012-512");
-        digestNames.put(GMObjectIdentifiers.sm3.getId(), "SM3");
-    }
-
-     /**
-     * Fetches the signature time-stamp attributes from a SignerInformation object.
-     * Checks that the MessageImprint for each time-stamp matches the signature field.
-     * (see RFC 3161 Appendix A).
-     *
-     * @param signerInfo a SignerInformation to search for time-stamps
-     * @param digCalcProvider provider for digest calculators
-     * @return a collection of TimeStampToken objects
-     * @throws TSPValidationException
-     */
-    public static Collection getSignatureTimestamps(SignerInformation signerInfo, DigestCalculatorProvider digCalcProvider)
-        throws TSPValidationException
-    {
-        List timestamps = new ArrayList();
-
-        AttributeTable unsignedAttrs = signerInfo.getUnsignedAttributes();
-        if (unsignedAttrs != null)
-        {
-            ASN1EncodableVector allTSAttrs = unsignedAttrs.getAll(
-                PKCSObjectIdentifiers.id_aa_signatureTimeStampToken);
-            for (int i = 0; i < allTSAttrs.size(); ++i)
-            {
-                Attribute tsAttr = (Attribute)allTSAttrs.get(i);
-                ASN1Set tsAttrValues = tsAttr.getAttrValues();
-                for (int j = 0; j < tsAttrValues.size(); ++j)
-                {
-                    try
-                    {
-                        ContentInfo contentInfo = ContentInfo.getInstance(tsAttrValues.getObjectAt(j));
-                        TimeStampToken timeStampToken = new TimeStampToken(contentInfo);
-                        TimeStampTokenInfo tstInfo = timeStampToken.getTimeStampInfo();
-
-                        DigestCalculator digCalc = digCalcProvider.get(tstInfo.getHashAlgorithm());
-
-                        OutputStream dOut = digCalc.getOutputStream();
-
-                        dOut.write(signerInfo.getSignature());
-                        dOut.close();
-
-                        byte[] expectedDigest = digCalc.getDigest();
-
-                        if (!Arrays.constantTimeAreEqual(expectedDigest, tstInfo.getMessageImprintDigest()))
-                        {
-                            throw new TSPValidationException("Incorrect digest in message imprint");
-                        }
-
-                        timestamps.add(timeStampToken);
-                    }
-                    catch (OperatorCreationException e)
-                    {
-                        throw new TSPValidationException("Unknown hash algorithm specified in timestamp");
-                    }
-                    catch (Exception e)
-                    {
-                        throw new TSPValidationException("Timestamp could not be parsed");
-                    }
-                }
-            }
-        }
-
-        return timestamps;
-    }
-
-    /**
-     * Validate the passed in certificate as being of the correct type to be used
-     * for time stamping. To be valid it must have an ExtendedKeyUsage extension
-     * which has a key purpose identifier of id-kp-timeStamping.
-     *
-     * @param cert the certificate of interest.
-     * @throws TSPValidationException if the certificate fails on one of the check points.
-     */
-    public static void validateCertificate(
-        X509CertificateHolder cert)
-        throws TSPValidationException
-    {
-        if (cert.toASN1Structure().getVersionNumber() != 3)
-        {
-            throw new IllegalArgumentException("Certificate must have an ExtendedKeyUsage extension.");
-        }
-
-        Extension ext = cert.getExtension(Extension.extendedKeyUsage);
-        if (ext == null)
-        {
-            throw new TSPValidationException("Certificate must have an ExtendedKeyUsage extension.");
-        }
-
-        if (!ext.isCritical())
-        {
-            throw new TSPValidationException("Certificate must have an ExtendedKeyUsage extension marked as critical.");
-        }
-
-        ExtendedKeyUsage    extKey = ExtendedKeyUsage.getInstance(ext.getParsedValue());
-
-        if (!extKey.hasKeyPurposeId(KeyPurposeId.id_kp_timeStamping) || extKey.size() != 1)
-        {
-            throw new TSPValidationException("ExtendedKeyUsage not solely time stamping.");
-        }
-    }
-
-    static int getDigestLength(
-        String digestAlgOID)
-        throws TSPException
-    {
-        Integer length = (Integer)digestLengths.get(digestAlgOID);
-
-        if (length != null)
-        {
-            return length.intValue();
-        }
-
-        throw new TSPException("digest algorithm cannot be found.");
-    }
-
-    static List getExtensionOIDs(Extensions extensions)
-    {
-        if (extensions == null)
-        {
-            return EMPTY_LIST;
-        }
-
-        return Collections.unmodifiableList(java.util.Arrays.asList(extensions.getExtensionOIDs()));
-    }
-
-    static void addExtension(ExtensionsGenerator extGenerator, ASN1ObjectIdentifier oid, boolean isCritical, ASN1Encodable value)
-        throws TSPIOException
-    {
-        try
-        {
-            extGenerator.addExtension(oid, isCritical, value);
-        }
-        catch (IOException e)
-        {
-            throw new TSPIOException("cannot encode extension: " + e.getMessage(), e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/TSPValidationException.java b/bcpkix/src/main/java/org/bouncycastle/tsp/TSPValidationException.java
deleted file mode 100644
index 552b302..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/TSPValidationException.java
+++ /dev/null

@@ -1,34 +0,0 @@
-package org.bouncycastle.tsp;
-
-/**
- * Exception thrown if a TSP request or response fails to validate.
- * <p>
- * If a failure code is associated with the exception it can be retrieved using
- * the getFailureCode() method.
- */
-public class TSPValidationException
-    extends TSPException
-{
-    private int failureCode = -1;
-    
-    public TSPValidationException(String message)
-    {
-        super(message);
-    }
-
-    public TSPValidationException(String message, int failureCode)
-    {
-        super(message);
-        this.failureCode = failureCode;
-    }
-    
-    /**
-     * Return the failure code associated with this exception - if one is set.
-     * 
-     * @return the failure code if set, -1 otherwise.
-     */
-    public int getFailureCode()
-    {
-        return failureCode;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/TimeStampRequest.java b/bcpkix/src/main/java/org/bouncycastle/tsp/TimeStampRequest.java
deleted file mode 100644
index 0572fd5..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/TimeStampRequest.java
+++ /dev/null

@@ -1,267 +0,0 @@
-package org.bouncycastle.tsp;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.math.BigInteger;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.Enumeration;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Set;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cmp.PKIFailureInfo;
-import org.bouncycastle.asn1.tsp.TimeStampReq;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.Extensions;
-
-/**
- * Base class for an RFC 3161 Time Stamp Request.
- */
-public class TimeStampRequest
-{
-    private static Set EMPTY_SET = Collections.unmodifiableSet(new HashSet());
-
-    private TimeStampReq req;
-    private Extensions extensions;
-
-    public TimeStampRequest(TimeStampReq req)
-    {
-        this.req = req;
-        this.extensions = req.getExtensions();
-    }
-
-    /**
-     * Create a TimeStampRequest from the past in byte array.
-     * 
-     * @param req byte array containing the request.
-     * @throws IOException if the request is malformed.
-     */
-    public TimeStampRequest(byte[] req) 
-        throws IOException
-    {
-        this(new ByteArrayInputStream(req));
-    }
-
-    /**
-     * Create a TimeStampRequest from the past in input stream.
-     * 
-     * @param in input stream containing the request.
-     * @throws IOException if the request is malformed.
-     */
-    public TimeStampRequest(InputStream in) 
-        throws IOException
-    {
-        this(loadRequest(in));
-    }
-
-    private static TimeStampReq loadRequest(InputStream in)
-        throws IOException
-    {
-        try
-        {
-            return TimeStampReq.getInstance(new ASN1InputStream(in).readObject());
-        }
-        catch (ClassCastException e)
-        {
-            throw new IOException("malformed request: " + e);
-        }
-        catch (IllegalArgumentException e)
-        {
-            throw new IOException("malformed request: " + e);
-        }
-    }
-
-    public int getVersion()
-    {
-        return req.getVersion().getValue().intValue();
-    }
-
-    public ASN1ObjectIdentifier getMessageImprintAlgOID()
-    {
-        return req.getMessageImprint().getHashAlgorithm().getAlgorithm();
-    }
-
-    public byte[] getMessageImprintDigest()
-    {
-        return req.getMessageImprint().getHashedMessage();
-    }
-
-    public ASN1ObjectIdentifier getReqPolicy()
-    {
-        if (req.getReqPolicy() != null)
-        {
-            return req.getReqPolicy();
-        }
-        else
-        {
-            return null;
-        }
-    }
-
-    public BigInteger getNonce()
-    {
-        if (req.getNonce() != null)
-        {
-            return req.getNonce().getValue();
-        }
-        else
-        {
-            return null;
-        }
-    }
-
-    public boolean getCertReq()
-    {
-        if (req.getCertReq() != null)
-        {
-            return req.getCertReq().isTrue();
-        }
-        else
-        {
-            return false;
-        }
-    }
-
-    /**
-     * Validate the timestamp request, checking the digest to see if it is of an
-     * accepted type and whether it is of the correct length for the algorithm specified.
-     *
-     * @param algorithms a set of OIDs giving accepted algorithms.
-     * @param policies if non-null a set of policies OIDs we are willing to sign under.
-     * @param extensions if non-null a set of extensions OIDs we are willing to accept.
-     * @throws TSPException if the request is invalid, or processing fails.
-     */
-    public void validate(
-        Set    algorithms,
-        Set    policies,
-        Set    extensions)
-        throws TSPException
-    {
-        algorithms = convert(algorithms);
-        policies = convert(policies);
-        extensions = convert(extensions);
-
-        if (!algorithms.contains(this.getMessageImprintAlgOID()))
-        {
-            throw new TSPValidationException("request contains unknown algorithm", PKIFailureInfo.badAlg);
-        }
-
-        if (policies != null && this.getReqPolicy() != null && !policies.contains(this.getReqPolicy()))
-        {
-            throw new TSPValidationException("request contains unknown policy", PKIFailureInfo.unacceptedPolicy);
-        }
-
-        if (this.getExtensions() != null && extensions != null)
-        {
-            Enumeration en = this.getExtensions().oids();
-            while(en.hasMoreElements())
-            {
-                ASN1ObjectIdentifier  oid = (ASN1ObjectIdentifier)en.nextElement();
-                if (!extensions.contains(oid))
-                {
-                    throw new TSPValidationException("request contains unknown extension", PKIFailureInfo.unacceptedExtension);
-                }
-            }
-        }
-
-        int digestLength = TSPUtil.getDigestLength(this.getMessageImprintAlgOID().getId());
-
-        if (digestLength != this.getMessageImprintDigest().length)
-        {
-            throw new TSPValidationException("imprint digest the wrong length", PKIFailureInfo.badDataFormat);
-        }
-    }
-
-   /**
-    * return the ASN.1 encoded representation of this object.
-    * @return the default ASN,1 byte encoding for the object.
-    */
-    public byte[] getEncoded() throws IOException
-    {
-        return req.getEncoded();
-    }
-
-    Extensions getExtensions()
-    {
-        return extensions;
-    }
-
-    public boolean hasExtensions()
-    {
-        return extensions != null;
-    }
-
-    public Extension getExtension(ASN1ObjectIdentifier oid)
-    {
-        if (extensions != null)
-        {
-            return extensions.getExtension(oid);
-        }
-
-        return null;
-    }
-
-    public List getExtensionOIDs()
-    {
-        return TSPUtil.getExtensionOIDs(extensions);
-    }
-
-    /**
-     * Returns a set of ASN1ObjectIdentifiers giving the non-critical extensions.
-     * @return a set of ASN1ObjectIdentifiers.
-     */
-    public Set getNonCriticalExtensionOIDs()
-    {
-        if (extensions == null)
-        {
-            return EMPTY_SET;
-        }
-
-        return Collections.unmodifiableSet(new HashSet(Arrays.asList(extensions.getNonCriticalExtensionOIDs())));
-    }
-
-    /**
-     * Returns a set of ASN1ObjectIdentifiers giving the critical extensions.
-     * @return a set of ASN1ObjectIdentifiers.
-     */
-    public Set getCriticalExtensionOIDs()
-    {
-        if (extensions == null)
-        {
-            return EMPTY_SET;
-        }
-
-        return Collections.unmodifiableSet(new HashSet(Arrays.asList(extensions.getCriticalExtensionOIDs())));
-    }
-
-    private Set convert(Set orig)
-    {
-        if (orig == null)
-        {
-            return orig;
-        }
-
-        Set con = new HashSet(orig.size());
-
-        for (Iterator it = orig.iterator(); it.hasNext();)
-        {
-            Object o = it.next();
-
-            if (o instanceof String)
-            {
-                con.add(new ASN1ObjectIdentifier((String)o));
-            }
-            else
-            {
-                con.add(o);
-            }
-        }
-
-        return con;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/TimeStampRequestGenerator.java b/bcpkix/src/main/java/org/bouncycastle/tsp/TimeStampRequestGenerator.java
deleted file mode 100644
index 0f9900d..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/TimeStampRequestGenerator.java
+++ /dev/null

@@ -1,163 +0,0 @@
-package org.bouncycastle.tsp;
-
-import java.io.IOException;
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1Boolean;
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.tsp.MessageImprint;
-import org.bouncycastle.asn1.tsp.TimeStampReq;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.Extensions;
-import org.bouncycastle.asn1.x509.ExtensionsGenerator;
-
-/**
- * Generator for RFC 3161 Time Stamp Request objects.
- */
-public class TimeStampRequestGenerator
-{
-    private ASN1ObjectIdentifier reqPolicy;
-
-    private ASN1Boolean certReq;
-    private ExtensionsGenerator extGenerator = new ExtensionsGenerator();
-
-    public TimeStampRequestGenerator()
-    {
-    }
-
-    /**
-     * @deprecated use method taking ASN1ObjectIdentifier
-     * @param reqPolicy
-     */
-    public void setReqPolicy(
-        String reqPolicy)
-    {
-        this.reqPolicy= new ASN1ObjectIdentifier(reqPolicy);
-    }
-
-    public void setReqPolicy(
-        ASN1ObjectIdentifier reqPolicy)
-    {
-        this.reqPolicy= reqPolicy;
-    }
-
-    public void setCertReq(
-        boolean certReq)
-    {
-        this.certReq = ASN1Boolean.getInstance(certReq);
-    }
-
-    /**
-     * add a given extension field for the standard extensions tag (tag 3)
-     * @throws IOException
-     * @deprecated use method taking ASN1ObjectIdentifier
-     */
-    public void addExtension(
-        String          OID,
-        boolean         critical,
-        ASN1Encodable   value)
-        throws IOException
-    {
-        this.addExtension(OID, critical, value.toASN1Primitive().getEncoded());
-    }
-
-    /**
-     * add a given extension field for the standard extensions tag
-     * The value parameter becomes the contents of the octet string associated
-     * with the extension.
-     * @deprecated use method taking ASN1ObjectIdentifier
-     */
-    public void addExtension(
-        String          OID,
-        boolean         critical,
-        byte[]          value)
-    {
-        extGenerator.addExtension(new ASN1ObjectIdentifier(OID), critical, value);
-    }
-
-    /**
-     * add a given extension field for the standard extensions tag (tag 3)
-     * @throws TSPIOException
-     */
-    public void addExtension(
-        ASN1ObjectIdentifier oid,
-        boolean              isCritical,
-        ASN1Encodable        value)
-        throws TSPIOException
-    {
-        TSPUtil.addExtension(extGenerator, oid, isCritical, value);
-    }
-
-    /**
-     * add a given extension field for the standard extensions tag
-     * The value parameter becomes the contents of the octet string associated
-     * with the extension.
-     */
-    public void addExtension(
-        ASN1ObjectIdentifier oid,
-        boolean              isCritical,
-        byte[]               value)
-    {
-        extGenerator.addExtension(oid, isCritical, value);
-    }
-
-    /**
-     * @deprecated use method taking ANS1ObjectIdentifier
-     */
-    public TimeStampRequest generate(
-        String digestAlgorithm,
-        byte[] digest)
-    {
-        return this.generate(digestAlgorithm, digest, null);
-    }
-
-    /**
-     * @deprecated use method taking ANS1ObjectIdentifier
-     */
-    public TimeStampRequest generate(
-        String      digestAlgorithmOID,
-        byte[]      digest,
-        BigInteger  nonce)
-    {
-        if (digestAlgorithmOID == null)
-        {
-            throw new IllegalArgumentException("No digest algorithm specified");
-        }
-
-        ASN1ObjectIdentifier digestAlgOID = new ASN1ObjectIdentifier(digestAlgorithmOID);
-
-        AlgorithmIdentifier algID = new AlgorithmIdentifier(digestAlgOID, DERNull.INSTANCE);
-        MessageImprint messageImprint = new MessageImprint(algID, digest);
-
-        Extensions  ext = null;
-        
-        if (!extGenerator.isEmpty())
-        {
-            ext = extGenerator.generate();
-        }
-        
-        if (nonce != null)
-        {
-            return new TimeStampRequest(new TimeStampReq(messageImprint,
-                    reqPolicy, new ASN1Integer(nonce), certReq, ext));
-        }
-        else
-        {
-            return new TimeStampRequest(new TimeStampReq(messageImprint,
-                    reqPolicy, null, certReq, ext));
-        }
-    }
-
-    public TimeStampRequest generate(ASN1ObjectIdentifier digestAlgorithm, byte[] digest)
-    {
-        return generate(digestAlgorithm.getId(), digest);
-    }
-
-    public TimeStampRequest generate(ASN1ObjectIdentifier digestAlgorithm, byte[] digest, BigInteger nonce)
-    {
-        return generate(digestAlgorithm.getId(), digest, nonce);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/TimeStampResponse.java b/bcpkix/src/main/java/org/bouncycastle/tsp/TimeStampResponse.java
deleted file mode 100644
index 255cbc2..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/TimeStampResponse.java
+++ /dev/null

@@ -1,223 +0,0 @@
-package org.bouncycastle.tsp;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.DLSequence;
-import org.bouncycastle.asn1.cmp.PKIFailureInfo;
-import org.bouncycastle.asn1.cmp.PKIFreeText;
-import org.bouncycastle.asn1.cmp.PKIStatus;
-import org.bouncycastle.asn1.cms.Attribute;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.tsp.TimeStampResp;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Base class for an RFC 3161 Time Stamp Response object.
- */
-public class TimeStampResponse
-{
-    TimeStampResp   resp;
-    TimeStampToken  timeStampToken;
-
-    public TimeStampResponse(TimeStampResp resp)
-        throws TSPException, IOException
-    {
-        this.resp = resp;
-        
-        if (resp.getTimeStampToken() != null)
-        {
-            timeStampToken = new TimeStampToken(resp.getTimeStampToken());
-        }
-    }
-
-    /**
-     * Create a TimeStampResponse from a byte array containing an ASN.1 encoding.
-     * 
-     * @param resp the byte array containing the encoded response.
-     * @throws TSPException if the response is malformed.
-     * @throws IOException if the byte array doesn't represent an ASN.1 encoding.
-     */
-    public TimeStampResponse(byte[] resp)
-        throws TSPException, IOException
-    {
-        this(new ByteArrayInputStream(resp));
-    }
-
-    /**
-     * Create a TimeStampResponse from an input stream containing an ASN.1 encoding.
-     * 
-     * @param in the input stream containing the encoded response.
-     * @throws TSPException if the response is malformed.
-     * @throws IOException if the stream doesn't represent an ASN.1 encoding.
-     */
-    public TimeStampResponse(InputStream in)
-        throws TSPException, IOException
-    {
-        this(readTimeStampResp(in));
-    }
-
-    TimeStampResponse(DLSequence dlSequence)
-        throws TSPException, IOException
-    {
-        try
-        {
-            resp = TimeStampResp.getInstance(dlSequence);
-            timeStampToken = new TimeStampToken(ContentInfo.getInstance(dlSequence.getObjectAt(1)));
-        }
-        catch (IllegalArgumentException e)
-        {
-            throw new TSPException("malformed timestamp response: " + e, e);
-        }
-        catch (ClassCastException e)
-        {
-            throw new TSPException("malformed timestamp response: " + e, e);
-        }
-    }
-
-    private static TimeStampResp readTimeStampResp(
-        InputStream in) 
-        throws IOException, TSPException
-    {
-        try
-        {
-            return TimeStampResp.getInstance(new ASN1InputStream(in).readObject());
-        }
-        catch (IllegalArgumentException e)
-        {
-            throw new TSPException("malformed timestamp response: " + e, e);
-        }
-        catch (ClassCastException e)
-        {
-            throw new TSPException("malformed timestamp response: " + e, e);
-        }
-    }
-    
-    public int getStatus()
-    {
-        return resp.getStatus().getStatus().intValue();
-    }
-
-    public String getStatusString()
-    {
-        if (resp.getStatus().getStatusString() != null)
-        {
-            StringBuffer statusStringBuf = new StringBuffer();
-            PKIFreeText text = resp.getStatus().getStatusString();
-            for (int i = 0; i != text.size(); i++)
-            {
-                statusStringBuf.append(text.getStringAt(i).getString());
-            }
-            return statusStringBuf.toString();
-        }
-        else
-        {
-            return null;
-        }
-    }
-
-    public PKIFailureInfo getFailInfo()
-    {
-        if (resp.getStatus().getFailInfo() != null)
-        {
-            return new PKIFailureInfo(resp.getStatus().getFailInfo());
-        }
-        
-        return null;
-    }
-
-    public TimeStampToken getTimeStampToken()
-    {
-        return timeStampToken;
-    }
-
-    /**
-     * Check this response against to see if it a well formed response for 
-     * the passed in request. Validation will include checking the time stamp
-     * token if the response status is GRANTED or GRANTED_WITH_MODS.
-     * 
-     * @param request the request to be checked against
-     * @throws TSPException if the request can not match this response.
-     */
-    public void validate(
-        TimeStampRequest    request)
-        throws TSPException
-    {
-        TimeStampToken tok = this.getTimeStampToken();
-        
-        if (tok != null)
-        {
-            TimeStampTokenInfo  tstInfo = tok.getTimeStampInfo();
-            
-            if (request.getNonce() != null && !request.getNonce().equals(tstInfo.getNonce()))
-            {
-                throw new TSPValidationException("response contains wrong nonce value.");
-            }
-            
-            if (this.getStatus() != PKIStatus.GRANTED && this.getStatus() != PKIStatus.GRANTED_WITH_MODS)
-            {
-                throw new TSPValidationException("time stamp token found in failed request.");
-            }
-            
-            if (!Arrays.constantTimeAreEqual(request.getMessageImprintDigest(), tstInfo.getMessageImprintDigest()))
-            {
-                throw new TSPValidationException("response for different message imprint digest.");
-            }
-            
-            if (!tstInfo.getMessageImprintAlgOID().equals(request.getMessageImprintAlgOID()))
-            {
-                throw new TSPValidationException("response for different message imprint algorithm.");
-            }
-
-            Attribute scV1 = tok.getSignedAttributes().get(PKCSObjectIdentifiers.id_aa_signingCertificate);
-            Attribute scV2 = tok.getSignedAttributes().get(PKCSObjectIdentifiers.id_aa_signingCertificateV2);
-
-            if (scV1 == null && scV2 == null)
-            {
-                throw new TSPValidationException("no signing certificate attribute present.");
-            }
-
-            if (scV1 != null && scV2 != null)
-            {
-                /*
-                 * RFC 5035 5.4. If both attributes exist in a single message,
-                 * they are independently evaluated. 
-                 */
-            }
-
-            if (request.getReqPolicy() != null && !request.getReqPolicy().equals(tstInfo.getPolicy()))
-            {
-                throw new TSPValidationException("TSA policy wrong for request.");
-            }
-        }
-        else if (this.getStatus() == PKIStatus.GRANTED || this.getStatus() == PKIStatus.GRANTED_WITH_MODS)
-        {
-            throw new TSPValidationException("no time stamp token found and one expected.");
-        }
-    }
-    
-    /**
-     * return the ASN.1 encoded representation of this object.
-     */
-    public byte[] getEncoded() throws IOException
-    {
-        return resp.getEncoded();
-    }
-
-    /**
-     * return the ASN.1 encoded representation of this object.
-     */
-    public byte[] getEncoded(String encoding) throws IOException
-    {
-        if (ASN1Encoding.DL.equals(encoding))
-        {
-            return new DLSequence(new ASN1Encodable[] { resp.getStatus(), timeStampToken.toCMSSignedData().toASN1Structure() }).getEncoded(encoding);
-        }
-        return resp.getEncoded(encoding);
-    }
-}
\ No newline at end of file

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/TimeStampResponseGenerator.java b/bcpkix/src/main/java/org/bouncycastle/tsp/TimeStampResponseGenerator.java
deleted file mode 100644
index 163b924..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/TimeStampResponseGenerator.java
+++ /dev/null

@@ -1,378 +0,0 @@
-package org.bouncycastle.tsp;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.util.Date;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.Set;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.asn1.DLSequence;
-import org.bouncycastle.asn1.cmp.PKIFailureInfo;
-import org.bouncycastle.asn1.cmp.PKIFreeText;
-import org.bouncycastle.asn1.cmp.PKIStatus;
-import org.bouncycastle.asn1.cmp.PKIStatusInfo;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.tsp.TimeStampResp;
-import org.bouncycastle.asn1.x509.Extensions;
-
-/**
- * Generator for RFC 3161 Time Stamp Responses.
- * <p>
- * New generate methods have been introduced to give people more control over what ends up in the message.
- * Unfortunately it turns out that in some cases fields like statusString must be left out otherwise a an
- * otherwise valid timestamp will be rejected.
- * </p>
- * If you're after the most control with generating a response use:
- * <pre>
- *    TimeStampResponse tsResp;
- *
- *    try
- *    {
- *       tsResp = tsRespGen.generateGrantedResponse(request, new BigInteger("23"), new Date());
- *    }
- *    catch (Exception e)
- *    {
- *        tsResp = tsRespGen.generateRejectedResponse(e);
- *    }
- * </pre>
- * The generate method does this, but provides a status string of "Operation Okay".
- * <p>
- * It should be pointed out that generateRejectedResponse() may also, on very rare occasions throw a TSPException.
- * In the event that happens, there's a serious internal problem with your responder.
- * </p>
- */
-public class TimeStampResponseGenerator
-{
-    int status;
-
-    ASN1EncodableVector statusStrings;
-
-    int failInfo;
-    private TimeStampTokenGenerator tokenGenerator;
-    private Set                     acceptedAlgorithms;
-    private Set                     acceptedPolicies;
-    private Set                     acceptedExtensions;
-
-    /**
-     *
-     * @param tokenGenerator
-     * @param acceptedAlgorithms a set of OIDs giving accepted algorithms.
-     */
-    public TimeStampResponseGenerator(
-        TimeStampTokenGenerator tokenGenerator,
-        Set                     acceptedAlgorithms)
-    {
-        this(tokenGenerator, acceptedAlgorithms, null, null);
-    }
-
-    /**
-     *
-     * @param tokenGenerator
-     * @param acceptedAlgorithms a set of OIDs giving accepted algorithms.
-     * @param acceptedPolicies if non-null a set of policies OIDs we are willing to sign under.
-     */
-    public TimeStampResponseGenerator(
-        TimeStampTokenGenerator tokenGenerator,
-        Set                     acceptedAlgorithms,
-        Set                     acceptedPolicies)
-    {
-        this(tokenGenerator, acceptedAlgorithms, acceptedPolicies, null);
-    }
-
-    /**
-     *
-     * @param tokenGenerator
-     * @param acceptedAlgorithms a set of OIDs giving accepted algorithms.
-     * @param acceptedPolicies if non-null a set of policies OIDs we are willing to sign under.
-     * @param acceptedExtensions if non-null a set of extensions OIDs we are willing to accept.
-     */
-    public TimeStampResponseGenerator(
-        TimeStampTokenGenerator tokenGenerator,
-        Set                     acceptedAlgorithms,
-        Set                     acceptedPolicies,
-        Set                     acceptedExtensions)
-    {
-        this.tokenGenerator = tokenGenerator;
-        this.acceptedAlgorithms = convert(acceptedAlgorithms);
-        this.acceptedPolicies = convert(acceptedPolicies);
-        this.acceptedExtensions = convert(acceptedExtensions);
-
-        statusStrings = new ASN1EncodableVector();
-    }
-
-    private void addStatusString(String statusString)
-    {
-        statusStrings.add(new DERUTF8String(statusString));
-    }
-
-    private void setFailInfoField(int field)
-    {
-        failInfo = failInfo | field;
-    }
-
-    private PKIStatusInfo getPKIStatusInfo()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        
-        v.add(new ASN1Integer(status));
-        
-        if (statusStrings.size() > 0)
-        {
-            v.add(PKIFreeText.getInstance(new DERSequence(statusStrings)));
-        }
-
-        if (failInfo != 0)
-        {
-            DERBitString failInfoBitString = new FailInfo(failInfo);
-            v.add(failInfoBitString);
-        }
-
-        return PKIStatusInfo.getInstance(new DERSequence(v));
-    }
-
-    /**
-     * Return an appropriate TimeStampResponse.
-     * <p>
-     * If genTime is null a timeNotAvailable error response will be returned. Calling generate() is the
-     * equivalent of:
-     * <pre>
-     *    TimeStampResponse tsResp;
-     *
-     *    try
-     *    {
-     *       tsResp = tsRespGen.generateGrantedResponse(request, serialNumber, genTime, "Operation Okay");
-     *    }
-     *    catch (Exception e)
-     *    {
-     *        tsResp = tsRespGen.generateRejectedResponse(e);
-     *    }
-     * </pre>
-     * @param request the request this response is for.
-     * @param serialNumber serial number for the response token.
-     * @param genTime generation time for the response token.
-     * @return a TimeStampResponse.
-     * @throws TSPException
-     */
-    public TimeStampResponse generate(
-        TimeStampRequest    request,
-        BigInteger          serialNumber,
-        Date                genTime)
-        throws TSPException
-    {
-        try
-        {
-            return this.generateGrantedResponse(request, serialNumber, genTime, "Operation Okay");
-        }
-        catch (Exception e)
-        {
-            return this.generateRejectedResponse(e);
-        }
-    }
-
-    /**
-     * Return a granted response, if the passed in request passes validation.
-     * <p>
-     * If genTime is null a timeNotAvailable or a validation exception occurs a TSPValidationException will
-     * be thrown. The parent TSPException will only occur on some sort of system failure.
-     * </p>
-     * @param request the request this response is for.
-     * @param serialNumber serial number for the response token.
-     * @param genTime generation time for the response token.
-     * @return  the TimeStampResponse with a status of  PKIStatus.GRANTED
-     * @throws TSPException on validation exception or internal error.
-     */
-    public TimeStampResponse generateGrantedResponse(
-        TimeStampRequest    request,
-        BigInteger          serialNumber,
-        Date                genTime)
-        throws TSPException
-    {
-        return generateGrantedResponse(request, serialNumber, genTime, null);
-    }
-
-    /**
-     * Return a granted response, if the passed in request passes validation with the passed in status string.
-     * <p>
-     * If genTime is null a timeNotAvailable or a validation exception occurs a TSPValidationException will
-     * be thrown. The parent TSPException will only occur on some sort of system failure.
-     * </p>
-     * @param request the request this response is for.
-     * @param serialNumber serial number for the response token.
-     * @param genTime generation time for the response token.
-     * @return  the TimeStampResponse with a status of  PKIStatus.GRANTED
-     * @throws TSPException on validation exception or internal error.
-     */
-    public TimeStampResponse generateGrantedResponse(
-        TimeStampRequest    request,
-        BigInteger          serialNumber,
-        Date                genTime,
-        String              statusString)
-        throws TSPException
-    {
-        return generateGrantedResponse(request, serialNumber, genTime, statusString, null);
-    }
-
-    /**
-     * Return a granted response, if the passed in request passes validation with the passed in status string and extra extensions.
-     * <p>
-     * If genTime is null a timeNotAvailable or a validation exception occurs a TSPValidationException will
-     * be thrown. The parent TSPException will only occur on some sort of system failure.
-     * </p>
-     * @param request the request this response is for.
-     * @param serialNumber serial number for the response token.
-     * @param genTime generation time for the response token.
-     * @param additionalExtensions extra extensions to be added to the response token.
-     * @return  the TimeStampResponse with a status of  PKIStatus.GRANTED
-     * @throws TSPException on validation exception or internal error.
-     */
-    public TimeStampResponse generateGrantedResponse(
-        TimeStampRequest    request,
-        BigInteger          serialNumber,
-        Date                genTime,
-        String              statusString,
-        Extensions          additionalExtensions)
-        throws TSPException
-    {
-        if (genTime == null)
-        {
-            throw new TSPValidationException("The time source is not available.", PKIFailureInfo.timeNotAvailable);
-        }
-
-        request.validate(acceptedAlgorithms, acceptedPolicies, acceptedExtensions);
-
-        status = PKIStatus.GRANTED;
-        statusStrings = new ASN1EncodableVector();
-
-        if (statusString != null)
-        {
-            this.addStatusString(statusString);
-        }
-
-        PKIStatusInfo pkiStatusInfo = getPKIStatusInfo();
-
-        ContentInfo tstTokenContentInfo;
-        try
-        {
-            tstTokenContentInfo = tokenGenerator.generate(request, serialNumber, genTime, additionalExtensions).toCMSSignedData().toASN1Structure();
-        }
-        catch (TSPException e)
-        {
-            throw e;
-        }
-        catch (Exception e)
-        {
-            throw new TSPException(
-                    "Timestamp token received cannot be converted to ContentInfo", e);
-        }
-
-        try
-        {
-            return new TimeStampResponse(new DLSequence(new ASN1Encodable[] { pkiStatusInfo.toASN1Primitive(), tstTokenContentInfo.toASN1Primitive() }));
-        }
-        catch (IOException e)
-        {
-            throw new TSPException("created badly formatted response!");
-        }
-    }
-
-    /**
-     * Generate a generic rejection response based on a TSPValidationException or
-     * an Exception. Exceptions which are not an instance of TSPValidationException
-     * will be treated as systemFailure. The return value of exception.getMessage() will
-     * be used as the status string for the response.
-     *
-     * @param exception the exception thrown on validating the request.
-     * @return a TimeStampResponse.
-     * @throws TSPException if a failure response cannot be generated.
-     */
-    public TimeStampResponse generateRejectedResponse(Exception exception)
-        throws TSPException
-    {
-        if (exception instanceof TSPValidationException)
-        {
-            return generateFailResponse(PKIStatus.REJECTION, ((TSPValidationException)exception).getFailureCode(), exception.getMessage());
-        }
-        else
-        {
-            return generateFailResponse(PKIStatus.REJECTION, PKIFailureInfo.systemFailure, exception.getMessage());
-        }
-    }
-
-    /**
-     * Generate a non-granted TimeStampResponse with chosen status and FailInfoField.
-     * 
-     * @param status the PKIStatus to set.
-     * @param failInfoField the FailInfoField to set.
-     * @param statusString an optional string describing the failure.
-     * @return a TimeStampResponse with a failInfoField and optional statusString
-     * @throws TSPException in case the response could not be created
-     */
-    public TimeStampResponse generateFailResponse(int status, int failInfoField, String statusString)
-        throws TSPException
-    {
-        this.status = status;
-        this.statusStrings = new ASN1EncodableVector();
-
-        this.setFailInfoField(failInfoField);
-
-        if (statusString != null)
-        {
-            this.addStatusString(statusString);
-        }
-
-        PKIStatusInfo pkiStatusInfo = getPKIStatusInfo();
-
-        TimeStampResp resp = new TimeStampResp(pkiStatusInfo, null);
-
-        try
-        {
-            return new TimeStampResponse(resp);
-        }
-        catch (IOException e)
-        {
-            throw new TSPException("created badly formatted response!");
-        }
-    }
-
-    private Set convert(Set orig)
-    {
-        if (orig == null)
-        {
-            return orig;
-        }
-
-        Set con = new HashSet(orig.size());
-
-        for (Iterator it = orig.iterator(); it.hasNext();)
-        {
-            Object o = it.next();
-
-            if (o instanceof String)
-            {
-                con.add(new ASN1ObjectIdentifier((String)o));
-            }
-            else
-            {
-                con.add(o);
-            }
-        }
-
-        return con;
-    }
-
-    class FailInfo extends DERBitString
-    {
-        FailInfo(int failInfoValue)
-        {
-            super(getBytes(failInfoValue), getPadBits(failInfoValue));
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/TimeStampToken.java b/bcpkix/src/main/java/org/bouncycastle/tsp/TimeStampToken.java
deleted file mode 100644
index 0422998..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/TimeStampToken.java
+++ /dev/null

@@ -1,393 +0,0 @@
-package org.bouncycastle.tsp;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-import java.util.Collection;
-import java.util.Date;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.cms.Attribute;
-import org.bouncycastle.asn1.cms.AttributeTable;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
-import org.bouncycastle.asn1.ess.ESSCertID;
-import org.bouncycastle.asn1.ess.ESSCertIDv2;
-import org.bouncycastle.asn1.ess.SigningCertificate;
-import org.bouncycastle.asn1.ess.SigningCertificateV2;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.tsp.TSTInfo;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.IssuerSerial;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.CMSProcessable;
-import org.bouncycastle.cms.CMSSignedData;
-import org.bouncycastle.cms.SignerId;
-import org.bouncycastle.cms.SignerInformation;
-import org.bouncycastle.cms.SignerInformationVerifier;
-import org.bouncycastle.operator.DigestCalculator;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Store;
-
-/**
- * Carrier class for a TimeStampToken.
- */
-public class TimeStampToken
-{
-    CMSSignedData tsToken;
-
-    SignerInformation tsaSignerInfo;
-
-    Date genTime;
-
-    TimeStampTokenInfo tstInfo;
-    
-    CertID   certID;
-
-    public TimeStampToken(ContentInfo contentInfo)
-        throws TSPException, IOException
-    {
-        this(getSignedData(contentInfo));
-    }
-
-    private static CMSSignedData getSignedData(ContentInfo contentInfo)
-        throws TSPException
-    {
-        try
-        {
-            return new CMSSignedData(contentInfo);
-        }
-        catch (CMSException e)
-        {
-            throw new TSPException("TSP parsing error: " + e.getMessage(), e.getCause());
-        }
-    }
-
-    public TimeStampToken(CMSSignedData signedData)
-        throws TSPException, IOException
-    {
-        this.tsToken = signedData;
-
-        if (!this.tsToken.getSignedContentTypeOID().equals(PKCSObjectIdentifiers.id_ct_TSTInfo.getId()))
-        {
-            throw new TSPValidationException("ContentInfo object not for a time stamp.");
-        }
-        
-        Collection signers = tsToken.getSignerInfos().getSigners();
-
-        if (signers.size() != 1)
-        {
-            throw new IllegalArgumentException("Time-stamp token signed by "
-                    + signers.size()
-                    + " signers, but it must contain just the TSA signature.");
-        }
-
-        tsaSignerInfo = (SignerInformation)signers.iterator().next();
-
-        try
-        {
-            CMSProcessable content = tsToken.getSignedContent();
-            ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-            content.write(bOut);
-
-            ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(bOut.toByteArray()));
-
-            this.tstInfo = new TimeStampTokenInfo(TSTInfo.getInstance(aIn.readObject()));
-            
-            Attribute   attr = tsaSignerInfo.getSignedAttributes().get(PKCSObjectIdentifiers.id_aa_signingCertificate);
-
-            if (attr != null)
-            {
-                SigningCertificate    signCert = SigningCertificate.getInstance(attr.getAttrValues().getObjectAt(0));
-
-                this.certID = new CertID(ESSCertID.getInstance(signCert.getCerts()[0]));
-            }
-            else
-            {
-                attr = tsaSignerInfo.getSignedAttributes().get(PKCSObjectIdentifiers.id_aa_signingCertificateV2);
-
-                if (attr == null)
-                {
-                    throw new TSPValidationException("no signing certificate attribute found, time stamp invalid.");
-                }
-
-                SigningCertificateV2 signCertV2 = SigningCertificateV2.getInstance(attr.getAttrValues().getObjectAt(0));
-
-                this.certID = new CertID(ESSCertIDv2.getInstance(signCertV2.getCerts()[0]));
-            }
-        }
-        catch (CMSException e)
-        {
-            throw new TSPException(e.getMessage(), e.getUnderlyingException());
-        }
-    }
-
-    public TimeStampTokenInfo getTimeStampInfo()
-    {
-        return tstInfo;
-    }
-
-    public SignerId getSID()
-    {
-        return tsaSignerInfo.getSID();
-    }
-    
-    public AttributeTable getSignedAttributes()
-    {
-        return tsaSignerInfo.getSignedAttributes();
-    }
-
-    public AttributeTable getUnsignedAttributes()
-    {
-        return tsaSignerInfo.getUnsignedAttributes();
-    }
-
-    public Store getCertificates()
-    {
-        return tsToken.getCertificates();
-    }
-
-    public Store getCRLs()
-    {
-        return tsToken.getCRLs();
-    }
-
-    public Store getAttributeCertificates()
-    {
-        return tsToken.getAttributeCertificates();
-    }
-
-    /**
-     * Validate the time stamp token.
-     * <p>
-     * To be valid the token must be signed by the passed in certificate and
-     * the certificate must be the one referred to by the SigningCertificate
-     * attribute included in the hashed attributes of the token. The
-     * certificate must also have the ExtendedKeyUsageExtension with only
-     * KeyPurposeId.id_kp_timeStamping and have been valid at the time the
-     * timestamp was created.
-     * </p>
-     * <p>
-     * A successful call to validate means all the above are true.
-     * </p>
-     *
-     * @param sigVerifier the content verifier create the objects required to verify the CMS object in the timestamp.
-     * @throws TSPException if an exception occurs in processing the token.
-     * @throws TSPValidationException if the certificate or signature fail to be valid.
-     * @throws IllegalArgumentException if the sigVerifierProvider has no associated certificate.
-     */
-    public void validate(
-        SignerInformationVerifier sigVerifier)
-        throws TSPException, TSPValidationException
-    {
-        if (!sigVerifier.hasAssociatedCertificate())
-        {
-            throw new IllegalArgumentException("verifier provider needs an associated certificate");
-        }
-
-        try
-        {
-            X509CertificateHolder certHolder = sigVerifier.getAssociatedCertificate();
-            DigestCalculator calc = sigVerifier.getDigestCalculator(certID.getHashAlgorithm());
-
-            OutputStream cOut = calc.getOutputStream();
-
-            cOut.write(certHolder.getEncoded());
-            cOut.close();
-
-            if (!Arrays.constantTimeAreEqual(certID.getCertHash(), calc.getDigest()))
-            {
-                throw new TSPValidationException("certificate hash does not match certID hash.");
-            }
-
-            if (certID.getIssuerSerial() != null)
-            {
-                IssuerAndSerialNumber issuerSerial = new IssuerAndSerialNumber(certHolder.toASN1Structure());
-
-                if (!certID.getIssuerSerial().getSerial().equals(issuerSerial.getSerialNumber()))
-                {
-                    throw new TSPValidationException("certificate serial number does not match certID for signature.");
-                }
-
-                GeneralName[]   names = certID.getIssuerSerial().getIssuer().getNames();
-                boolean         found = false;
-
-                for (int i = 0; i != names.length; i++)
-                {
-                    if (names[i].getTagNo() == 4 && X500Name.getInstance(names[i].getName()).equals(X500Name.getInstance(issuerSerial.getName())))
-                    {
-                        found = true;
-                        break;
-                    }
-                }
-
-                if (!found)
-                {
-                    throw new TSPValidationException("certificate name does not match certID for signature. ");
-                }
-            }
-
-            TSPUtil.validateCertificate(certHolder);
-
-            if (!certHolder.isValidOn(tstInfo.getGenTime()))
-            {
-                throw new TSPValidationException("certificate not valid when time stamp created.");
-            }
-
-            if (!tsaSignerInfo.verify(sigVerifier))
-            {
-                throw new TSPValidationException("signature not created by certificate.");
-            }
-        }
-        catch (CMSException e)
-        {
-            if (e.getUnderlyingException() != null)
-            {
-                throw new TSPException(e.getMessage(), e.getUnderlyingException());
-            }
-            else
-            {
-                throw new TSPException("CMS exception: " + e, e);
-            }
-        }
-        catch (IOException e)
-        {
-            throw new TSPException("problem processing certificate: " + e, e);
-        }
-        catch (OperatorCreationException e)
-        {
-            throw new TSPException("unable to create digest: " + e.getMessage(), e);
-        }
-    }
-
-    /**
-     * Return true if the signature on time stamp token is valid.
-     * <p>
-     * Note: this is a much weaker proof of correctness than calling validate().
-     * </p>
-     *
-     * @param sigVerifier the content verifier create the objects required to verify the CMS object in the timestamp.
-     * @return true if the signature matches, false otherwise.
-     * @throws TSPException if the signature cannot be processed or the provider cannot match the algorithm.
-     */
-    public boolean isSignatureValid(
-        SignerInformationVerifier sigVerifier)
-        throws TSPException
-    {
-        try
-        {
-            return tsaSignerInfo.verify(sigVerifier);
-        }
-        catch (CMSException e)
-        {
-            if (e.getUnderlyingException() != null)
-            {
-                throw new TSPException(e.getMessage(), e.getUnderlyingException());
-            }
-            else
-            {
-                throw new TSPException("CMS exception: " + e, e);
-            }
-        }
-    }
-
-    /**
-     * Return the underlying CMSSignedData object.
-     * 
-     * @return the underlying CMS structure.
-     */
-    public CMSSignedData toCMSSignedData()
-    {
-        return tsToken;
-    }
-    
-    /**
-     * Return a ASN.1 encoded byte stream representing the encoded object.
-     * 
-     * @throws IOException if encoding fails.
-     */
-    public byte[] getEncoded() 
-        throws IOException
-    {
-        return tsToken.getEncoded();
-    }
-
-    // perhaps this should be done using an interface on the ASN.1 classes...
-    private class CertID
-    {
-        private ESSCertID certID;
-        private ESSCertIDv2 certIDv2;
-
-        CertID(ESSCertID certID)
-        {
-            this.certID = certID;
-            this.certIDv2 = null;
-        }
-
-        CertID(ESSCertIDv2 certID)
-        {
-            this.certIDv2 = certID;
-            this.certID = null;
-        }
-
-        public String getHashAlgorithmName()
-        {
-            if (certID != null)
-            {
-                return "SHA-1";
-            }
-            else
-            {
-                if (NISTObjectIdentifiers.id_sha256.equals(certIDv2.getHashAlgorithm().getAlgorithm()))
-                {
-                    return "SHA-256";
-                }
-                return certIDv2.getHashAlgorithm().getAlgorithm().getId();
-            }
-        }
-
-        public AlgorithmIdentifier getHashAlgorithm()
-        {
-            if (certID != null)
-            {
-                return new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1);
-            }
-            else
-            {
-                return certIDv2.getHashAlgorithm();
-            }
-        }
-
-        public byte[] getCertHash()
-        {
-            if (certID != null)
-            {
-                return certID.getCertHash();
-            }
-            else
-            {
-                return certIDv2.getCertHash();
-            }
-        }
-
-        public IssuerSerial getIssuerSerial()
-        {
-            if (certID != null)
-            {
-                return certID.getIssuerSerial();
-            }
-            else
-            {
-                return certIDv2.getIssuerSerial();
-            }
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/TimeStampTokenGenerator.java b/bcpkix/src/main/java/org/bouncycastle/tsp/TimeStampTokenGenerator.java
deleted file mode 100644
index 6577d19..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/TimeStampTokenGenerator.java
+++ /dev/null

@@ -1,535 +0,0 @@
-package org.bouncycastle.tsp;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.math.BigInteger;
-import java.text.SimpleDateFormat;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Date;
-import java.util.Enumeration;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Locale;
-import java.util.Map;
-import java.util.SimpleTimeZone;
-
-import org.bouncycastle.asn1.ASN1Boolean;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.cms.AttributeTable;
-import org.bouncycastle.asn1.ess.ESSCertID;
-import org.bouncycastle.asn1.ess.ESSCertIDv2;
-import org.bouncycastle.asn1.ess.SigningCertificate;
-import org.bouncycastle.asn1.ess.SigningCertificateV2;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.tsp.Accuracy;
-import org.bouncycastle.asn1.tsp.MessageImprint;
-import org.bouncycastle.asn1.tsp.TSTInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.Extensions;
-import org.bouncycastle.asn1.x509.ExtensionsGenerator;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.GeneralNames;
-import org.bouncycastle.asn1.x509.IssuerSerial;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cms.CMSAttributeTableGenerationException;
-import org.bouncycastle.cms.CMSAttributeTableGenerator;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.cms.CMSProcessableByteArray;
-import org.bouncycastle.cms.CMSSignedData;
-import org.bouncycastle.cms.CMSSignedDataGenerator;
-import org.bouncycastle.cms.SignerInfoGenerator;
-import org.bouncycastle.operator.DigestCalculator;
-import org.bouncycastle.util.CollectionStore;
-import org.bouncycastle.util.Store;
-
-/**
- * Currently the class supports ESSCertID by if a digest calculator based on SHA1 is passed in, otherwise it uses
- * ESSCertIDv2. In the event you need to pass both types, you will need to override the SignedAttributeGenerator
- * for the SignerInfoGeneratorBuilder you are using. For the default for ESSCertIDv2 the code will look something
- * like the following:
- * <pre>
- * final ESSCertID essCertid = new ESSCertID(certHashSha1, issuerSerial);
- * final ESSCertIDv2 essCertidV2 = new ESSCertIDv2(certHashSha256, issuerSerial);
- *
- * signerInfoGenBuilder.setSignedAttributeGenerator(new CMSAttributeTableGenerator()
- * {
- *     public AttributeTable getAttributes(Map parameters)
- *         throws CMSAttributeTableGenerationException
- *     {
- *         CMSAttributeTableGenerator attrGen = new DefaultSignedAttributeTableGenerator();
- *
- *         AttributeTable table = attrGen.getAttributes(parameters);
- *
- *         table = table.add(PKCSObjectIdentifiers.id_aa_signingCertificate, new SigningCertificate(essCertid));
- *         table = table.add(PKCSObjectIdentifiers.id_aa_signingCertificateV2, new SigningCertificateV2(essCertidV2));
- *
- *         return table;
- *     }
- * });
- * </pre>
- */
-public class TimeStampTokenGenerator
-{
-    /**
-     * Create time-stamps with a resolution of 1 second (the default).
-     */
-    public static final int R_SECONDS = 0;
-
-    /**
-     * Create time-stamps with a resolution of 1 tenth of a second.
-     */
-    public static final int R_TENTHS_OF_SECONDS = 1;
-
-    /**
-     * Create time-stamps with a resolution of 1 microsecond.
-     */
-    public static final int R_MICROSECONDS = 2;
-
-    /**
-     * Create time-stamps with a resolution of 1 millisecond.
-     */
-    public static final int R_MILLISECONDS = 3;
-
-    private int resolution = R_SECONDS;
-    private Locale locale = null; // default locale
-
-    private int accuracySeconds = -1;
-
-    private int accuracyMillis = -1;
-
-    private int accuracyMicros = -1;
-
-    boolean ordering = false;
-
-    GeneralName tsa = null;
-    
-    private ASN1ObjectIdentifier  tsaPolicyOID;
-
-    private List certs = new ArrayList();
-    private List crls = new ArrayList();
-    private List attrCerts = new ArrayList();
-    private Map otherRevoc = new HashMap();
-    private SignerInfoGenerator signerInfoGen;
-
-    /**
-     * Basic Constructor - set up a calculator based on signerInfoGen with a ESSCertID calculated from
-     * the signer's associated certificate using the sha1DigestCalculator. If alternate values are required
-     * for id-aa-signingCertificate they should be added to the signerInfoGen object before it is passed in,
-     * otherwise a standard digest based value will be added.
-     *
-     * @param signerInfoGen the generator for the signer we are using.
-     * @param digestCalculator calculator for to use for digest of certificate.
-     * @param tsaPolicy tasPolicy to send.
-     * @throws IllegalArgumentException if calculator is not SHA-1 or there is no associated certificate for the signer,
-     * @throws TSPException if the signer certificate cannot be processed.
-     */
-    public TimeStampTokenGenerator(
-        final SignerInfoGenerator       signerInfoGen,
-        DigestCalculator                digestCalculator,
-        ASN1ObjectIdentifier            tsaPolicy)
-        throws IllegalArgumentException, TSPException
-    {
-        this(signerInfoGen, digestCalculator, tsaPolicy, false);
-    }
-
-    /**
-     * Basic Constructor - set up a calculator based on signerInfoGen with a ESSCertID calculated from
-     * the signer's associated certificate using the sha1DigestCalculator. If alternate values are required
-     * for id-aa-signingCertificate they should be added to the signerInfoGen object before it is passed in,
-     * otherwise a standard digest based value will be added.
-     *
-     * @param signerInfoGen the generator for the signer we are using.
-     * @param digestCalculator calculator for to use for digest of certificate.
-     * @param tsaPolicy tasPolicy to send.
-     * @param isIssuerSerialIncluded should issuerSerial be included in the ESSCertIDs, true if yes, by default false.
-     * @throws IllegalArgumentException if calculator is not SHA-1 or there is no associated certificate for the signer,
-     * @throws TSPException if the signer certificate cannot be processed.
-     */
-    public TimeStampTokenGenerator(
-        final SignerInfoGenerator       signerInfoGen,
-        DigestCalculator                digestCalculator,
-        ASN1ObjectIdentifier            tsaPolicy,
-        boolean                         isIssuerSerialIncluded)
-        throws IllegalArgumentException, TSPException
-    {
-        this.signerInfoGen = signerInfoGen;
-        this.tsaPolicyOID = tsaPolicy;
-
-        if (!signerInfoGen.hasAssociatedCertificate())
-        {
-            throw new IllegalArgumentException("SignerInfoGenerator must have an associated certificate");
-        }
-
-        X509CertificateHolder assocCert = signerInfoGen.getAssociatedCertificate();
-        TSPUtil.validateCertificate(assocCert);
-
-        try
-        {
-            OutputStream dOut = digestCalculator.getOutputStream();
-
-            dOut.write(assocCert.getEncoded());
-
-            dOut.close();
-
-            if (digestCalculator.getAlgorithmIdentifier().getAlgorithm().equals(OIWObjectIdentifiers.idSHA1))
-            {
-                final ESSCertID essCertid = new ESSCertID(digestCalculator.getDigest(),
-                                            isIssuerSerialIncluded ? new IssuerSerial(new GeneralNames(new GeneralName(assocCert.getIssuer())), assocCert.getSerialNumber())
-                                                                   : null);
-
-                this.signerInfoGen = new SignerInfoGenerator(signerInfoGen, new CMSAttributeTableGenerator()
-                {
-                    public AttributeTable getAttributes(Map parameters)
-                        throws CMSAttributeTableGenerationException
-                    {
-                        AttributeTable table = signerInfoGen.getSignedAttributeTableGenerator().getAttributes(parameters);
-
-                        if (table.get(PKCSObjectIdentifiers.id_aa_signingCertificate) == null)
-                        {
-                            return table.add(PKCSObjectIdentifiers.id_aa_signingCertificate, new SigningCertificate(essCertid));
-                        }
-
-                        return table;
-                    }
-                }, signerInfoGen.getUnsignedAttributeTableGenerator());
-            }
-            else
-            {
-                AlgorithmIdentifier digAlgID = new AlgorithmIdentifier(digestCalculator.getAlgorithmIdentifier().getAlgorithm());
-                final ESSCertIDv2   essCertid = new ESSCertIDv2(digAlgID, digestCalculator.getDigest(),
-                                                    isIssuerSerialIncluded ? new IssuerSerial(new GeneralNames(new GeneralName(assocCert.getIssuer())), new ASN1Integer(assocCert.getSerialNumber()))
-                                                                           : null);
-
-                this.signerInfoGen = new SignerInfoGenerator(signerInfoGen, new CMSAttributeTableGenerator()
-                {
-                    public AttributeTable getAttributes(Map parameters)
-                        throws CMSAttributeTableGenerationException
-                    {
-                        AttributeTable table = signerInfoGen.getSignedAttributeTableGenerator().getAttributes(parameters);
-
-                        if (table.get(PKCSObjectIdentifiers.id_aa_signingCertificateV2) == null)
-                        {
-                            return table.add(PKCSObjectIdentifiers.id_aa_signingCertificateV2, new SigningCertificateV2(essCertid));
-                        }
-
-                        return table;
-                    }
-                }, signerInfoGen.getUnsignedAttributeTableGenerator());
-            }
-        }
-        catch (IOException e)
-        {
-            throw new TSPException("Exception processing certificate.", e);
-        }
-    }
-
-    /**
-     * Add the store of X509 Certificates to the generator.
-     *
-     * @param certStore  a Store containing X509CertificateHolder objects
-     */
-    public void addCertificates(
-        Store certStore)
-    {
-        certs.addAll(certStore.getMatches(null));
-    }
-
-    /**
-     *
-     * @param crlStore a Store containing X509CRLHolder objects.
-     */
-    public void addCRLs(
-        Store crlStore)
-    {
-        crls.addAll(crlStore.getMatches(null));
-    }
-
-    /**
-     *
-     * @param attrStore a Store containing X509AttributeCertificate objects.
-     */
-    public void addAttributeCertificates(
-        Store attrStore)
-    {
-        attrCerts.addAll(attrStore.getMatches(null));
-    }
-
-    /**
-     * Add a Store of otherRevocationData to the CRL set to be included with the generated TimeStampToken.
-     *
-     * @param otherRevocationInfoFormat the OID specifying the format of the otherRevocationInfo data.
-     * @param otherRevocationInfos a Store of otherRevocationInfo data to add.
-     */
-    public void addOtherRevocationInfo(
-        ASN1ObjectIdentifier   otherRevocationInfoFormat,
-        Store                  otherRevocationInfos)
-    {
-        otherRevoc.put(otherRevocationInfoFormat, otherRevocationInfos.getMatches(null));
-    }
-
-    /**
-     * Set the resolution of the time stamp - R_SECONDS (the default), R_TENTH_OF_SECONDS, R_MICROSECONDS, R_MILLISECONDS
-     *
-     * @param resolution resolution of timestamps to be produced.
-     */
-    public void setResolution(int resolution)
-    {
-        this.resolution = resolution;
-    }
-
-    /**
-     * Set a Locale for time creation - you may need to use this if the default locale
-     * doesn't use a Gregorian calender so that the GeneralizedTime produced is compatible with other ASN.1 implementations.
-     *
-     * @param locale a locale to use for converting system time into a GeneralizedTime.
-     */
-    public void setLocale(Locale locale)
-    {
-        this.locale = locale;
-    }
-
-    public void setAccuracySeconds(int accuracySeconds)
-    {
-        this.accuracySeconds = accuracySeconds;
-    }
-
-    public void setAccuracyMillis(int accuracyMillis)
-    {
-        this.accuracyMillis = accuracyMillis;
-    }
-
-    public void setAccuracyMicros(int accuracyMicros)
-    {
-        this.accuracyMicros = accuracyMicros;
-    }
-
-    public void setOrdering(boolean ordering)
-    {
-        this.ordering = ordering;
-    }
-
-    public void setTSA(GeneralName tsa)
-    {
-        this.tsa = tsa;
-    }
-
-    /**
-     * Generate a TimeStampToken for the passed in request and serialNumber marking it with the passed in genTime.
-     *
-     * @param request the originating request.
-     * @param serialNumber serial number for the TimeStampToken
-     * @param genTime token generation time.
-     * @return a TimeStampToken
-     * @throws TSPException
-     */
-    public TimeStampToken generate(
-        TimeStampRequest    request,
-        BigInteger          serialNumber,
-        Date                genTime)
-        throws TSPException
-    {
-        return generate(request, serialNumber, genTime, null);
-    }
-
-    /**
-     * Generate a TimeStampToken for the passed in request and serialNumber marking it with the passed in genTime.
-     *
-     * @param request the originating request.
-     * @param serialNumber serial number for the TimeStampToken
-     * @param genTime token generation time.
-     * @param additionalExtensions extra extensions to be added to the response token.
-     * @return a TimeStampToken
-     * @throws TSPException
-     */
-    public TimeStampToken generate(
-        TimeStampRequest    request,
-        BigInteger          serialNumber,
-        Date                genTime,
-        Extensions          additionalExtensions)
-        throws TSPException
-    {
-        ASN1ObjectIdentifier digestAlgOID = request.getMessageImprintAlgOID();
-
-        AlgorithmIdentifier algID = new AlgorithmIdentifier(digestAlgOID, DERNull.INSTANCE);
-        MessageImprint messageImprint = new MessageImprint(algID, request.getMessageImprintDigest());
-
-        Accuracy accuracy = null;
-        if (accuracySeconds > 0 || accuracyMillis > 0 || accuracyMicros > 0)
-        {
-            ASN1Integer seconds = null;
-            if (accuracySeconds > 0)
-            {
-                seconds = new ASN1Integer(accuracySeconds);
-            }
-
-            ASN1Integer millis = null;
-            if (accuracyMillis > 0)
-            {
-                millis = new ASN1Integer(accuracyMillis);
-            }
-
-            ASN1Integer micros = null;
-            if (accuracyMicros > 0)
-            {
-                micros = new ASN1Integer(accuracyMicros);
-            }
-
-            accuracy = new Accuracy(seconds, millis, micros);
-        }
-
-        ASN1Boolean derOrdering = null;
-        if (ordering)
-        {
-            derOrdering = ASN1Boolean.getInstance(ordering);
-        }
-
-        ASN1Integer nonce = null;
-        if (request.getNonce() != null)
-        {
-            nonce = new ASN1Integer(request.getNonce());
-        }
-
-        ASN1ObjectIdentifier tsaPolicy = tsaPolicyOID;
-        if (request.getReqPolicy() != null)
-        {
-            tsaPolicy = request.getReqPolicy();
-        }
-
-        Extensions respExtensions = request.getExtensions();
-        if (additionalExtensions != null)
-        {
-            ExtensionsGenerator extGen = new ExtensionsGenerator();
-
-            if (respExtensions != null)
-            {
-                for (Enumeration en = respExtensions.oids(); en.hasMoreElements(); )
-                {
-                    extGen.addExtension(respExtensions.getExtension(ASN1ObjectIdentifier.getInstance(en.nextElement())));
-                }
-            }
-            for (Enumeration en = additionalExtensions.oids(); en.hasMoreElements(); )
-            {
-                extGen.addExtension(additionalExtensions.getExtension(ASN1ObjectIdentifier.getInstance(en.nextElement())));
-            }
-
-            respExtensions = extGen.generate();
-        }
-
-        ASN1GeneralizedTime timeStampTime;
-        if (resolution == R_SECONDS)
-        {
-            timeStampTime = (locale == null) ? new ASN1GeneralizedTime(genTime) : new ASN1GeneralizedTime(genTime, locale);
-        }
-        else
-        {
-            timeStampTime = createGeneralizedTime(genTime);
-        }
-
-        TSTInfo tstInfo = new TSTInfo(tsaPolicy,
-                messageImprint, new ASN1Integer(serialNumber),
-                timeStampTime, accuracy, derOrdering,
-                nonce, tsa, respExtensions);
-
-        try
-        {
-            CMSSignedDataGenerator  signedDataGenerator = new CMSSignedDataGenerator();
-
-            if (request.getCertReq())
-            {
-                // TODO: do we need to check certs non-empty?
-                signedDataGenerator.addCertificates(new CollectionStore(certs));
-                signedDataGenerator.addAttributeCertificates(new CollectionStore(attrCerts));
-            }
-
-            signedDataGenerator.addCRLs(new CollectionStore(crls));
-
-            if (!otherRevoc.isEmpty())
-            {
-                for (Iterator it = otherRevoc.keySet().iterator(); it.hasNext();)
-                {
-                    ASN1ObjectIdentifier format = (ASN1ObjectIdentifier)it.next();
-
-                    signedDataGenerator.addOtherRevocationInfo(format, new CollectionStore((Collection)otherRevoc.get(format)));
-                }
-            }
-
-            signedDataGenerator.addSignerInfoGenerator(signerInfoGen);
-
-            byte[] derEncodedTSTInfo = tstInfo.getEncoded(ASN1Encoding.DER);
-
-            CMSSignedData signedData = signedDataGenerator.generate(new CMSProcessableByteArray(PKCSObjectIdentifiers.id_ct_TSTInfo, derEncodedTSTInfo), true);
-
-            return new TimeStampToken(signedData);
-        }
-        catch (CMSException cmsEx)
-        {
-            throw new TSPException("Error generating time-stamp token", cmsEx);
-        }
-        catch (IOException e)
-        {
-            throw new TSPException("Exception encoding info", e);
-        }
-    }
-
-    // we need to produce a correct DER encoding GeneralizedTime here as the BC ASN.1 library doesn't handle this properly yet.
-    private ASN1GeneralizedTime createGeneralizedTime(Date time)
-        throws TSPException
-    {
-        String format = "yyyyMMddHHmmss.SSS";
-        SimpleDateFormat dateF = (locale == null) ? new SimpleDateFormat(format) : new SimpleDateFormat(format, locale);
-        dateF.setTimeZone(new SimpleTimeZone(0, "Z"));
-        StringBuilder sBuild = new StringBuilder(dateF.format(time));
-        int dotIndex = sBuild.indexOf(".");
-
-        if (dotIndex < 0)
-        {
-            // came back in seconds only, just return
-            sBuild.append("Z");
-            return new ASN1GeneralizedTime(sBuild.toString());
-        }
-
-        // trim to resolution
-        switch (resolution)
-        {
-        case R_TENTHS_OF_SECONDS:
-            if (sBuild.length() > dotIndex + 2)
-            {
-                sBuild.delete(dotIndex + 2, sBuild.length());
-            }
-            break;
-        case R_MICROSECONDS:
-            if (sBuild.length() > dotIndex + 3)
-            {
-                sBuild.delete(dotIndex + 3, sBuild.length());
-            }
-            break;
-        case R_MILLISECONDS:
-            // do nothing
-            break;
-        default:
-            throw new TSPException("unknown time-stamp resolution: " + resolution);
-        }
-
-        // remove trailing zeros
-        while (sBuild.charAt(sBuild.length() - 1) == '0')
-        {
-            sBuild.deleteCharAt(sBuild.length() - 1);
-        }
-
-        if (sBuild.length() - 1 == dotIndex)
-        {
-            sBuild.deleteCharAt(sBuild.length() - 1);
-        }
-
-        sBuild.append("Z");
-
-        return new ASN1GeneralizedTime(sBuild.toString());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/TimeStampTokenInfo.java b/bcpkix/src/main/java/org/bouncycastle/tsp/TimeStampTokenInfo.java
deleted file mode 100644
index cb39c7a..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/TimeStampTokenInfo.java
+++ /dev/null

@@ -1,126 +0,0 @@
-package org.bouncycastle.tsp;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.text.ParseException;
-import java.util.Date;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.tsp.Accuracy;
-import org.bouncycastle.asn1.tsp.TSTInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.Extensions;
-import org.bouncycastle.asn1.x509.GeneralName;
-
-public class TimeStampTokenInfo
-{
-    TSTInfo tstInfo;
-    Date    genTime;
-    
-    TimeStampTokenInfo(TSTInfo tstInfo)
-        throws TSPException, IOException
-    {
-        this.tstInfo = tstInfo;
-
-        try
-        {
-            this.genTime = tstInfo.getGenTime().getDate();
-        }
-        catch (ParseException e)
-        {
-            throw new TSPException("unable to parse genTime field");
-        }
-    }
-
-    public boolean isOrdered()
-    {
-        return tstInfo.getOrdering().isTrue();
-    }
-
-    public Accuracy getAccuracy()
-    {
-        return tstInfo.getAccuracy();
-    }
-
-    public Date getGenTime()
-    {
-        return genTime;
-    }
-
-    public GenTimeAccuracy getGenTimeAccuracy()
-    {
-        if (this.getAccuracy() != null)
-        {
-            return new GenTimeAccuracy(this.getAccuracy());
-        }
-        
-        return null;
-    }
-    
-    public ASN1ObjectIdentifier getPolicy()
-    {
-        return tstInfo.getPolicy();
-    }
-    
-    public BigInteger getSerialNumber()
-    {
-        return tstInfo.getSerialNumber().getValue();
-    }
-
-    public GeneralName getTsa()
-    {
-        return tstInfo.getTsa();
-    }
-
-    public Extensions getExtensions()
-    {
-        return tstInfo.getExtensions();
-    }
-
-    /**
-     * @return the nonce value, null if there isn't one.
-     */
-    public BigInteger getNonce()
-    {
-        if (tstInfo.getNonce() != null)
-        {
-            return tstInfo.getNonce().getValue();
-        }
-
-        return null;
-    }
-
-    public AlgorithmIdentifier getHashAlgorithm()
-    {
-        return tstInfo.getMessageImprint().getHashAlgorithm();
-    }
-
-    public ASN1ObjectIdentifier getMessageImprintAlgOID()
-    {
-        return tstInfo.getMessageImprint().getHashAlgorithm().getAlgorithm();
-    }
-
-    public byte[] getMessageImprintDigest()
-    {
-        return tstInfo.getMessageImprint().getHashedMessage();
-    }
-
-    public byte[] getEncoded() 
-        throws IOException
-    {
-        return tstInfo.getEncoded();
-    }
-
-    /**
-     * @deprecated use toASN1Structure
-     */
-    public TSTInfo toTSTInfo()
-    {
-        return tstInfo;
-    }
-
-    public TSTInfo toASN1Structure()
-    {
-        return tstInfo;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/cms/CMSTimeStampedData.java b/bcpkix/src/main/java/org/bouncycastle/tsp/cms/CMSTimeStampedData.java
deleted file mode 100644
index 3093a6d..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/cms/CMSTimeStampedData.java
+++ /dev/null

@@ -1,204 +0,0 @@
-package org.bouncycastle.tsp.cms;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.net.URI;
-import java.net.URISyntaxException;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.DERIA5String;
-import org.bouncycastle.asn1.cms.AttributeTable;
-import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.cms.Evidence;
-import org.bouncycastle.asn1.cms.TimeStampAndCRL;
-import org.bouncycastle.asn1.cms.TimeStampTokenEvidence;
-import org.bouncycastle.asn1.cms.TimeStampedData;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.operator.DigestCalculator;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.tsp.TimeStampToken;
-
-public class CMSTimeStampedData
-{
-    private TimeStampedData timeStampedData;
-    private ContentInfo contentInfo;
-    private TimeStampDataUtil util;
-
-    public CMSTimeStampedData(ContentInfo contentInfo)
-    {
-        this.initialize(contentInfo);
-    }
-
-    public CMSTimeStampedData(InputStream in)
-        throws IOException
-    {
-        try
-        {
-            initialize(ContentInfo.getInstance(new ASN1InputStream(in).readObject()));
-        }
-        catch (ClassCastException e)
-        {
-            throw new IOException("Malformed content: " + e);
-        }
-        catch (IllegalArgumentException e)
-        {
-            throw new IOException("Malformed content: " + e);
-        }
-    }
-
-    public CMSTimeStampedData(byte[] baseData)
-        throws IOException
-    {
-        this(new ByteArrayInputStream(baseData));
-    }
-
-    private void initialize(ContentInfo contentInfo)
-    {
-        this.contentInfo = contentInfo;
-
-        if (CMSObjectIdentifiers.timestampedData.equals(contentInfo.getContentType()))
-        {
-            this.timeStampedData = TimeStampedData.getInstance(contentInfo.getContent());
-        }
-        else
-        {
-            throw new IllegalArgumentException("Malformed content - type must be " + CMSObjectIdentifiers.timestampedData.getId());
-        }
-
-        util = new TimeStampDataUtil(this.timeStampedData);
-    }
-
-    public byte[] calculateNextHash(DigestCalculator calculator)
-        throws CMSException
-    {
-        return util.calculateNextHash(calculator);
-    }
-
-    /**
-     * Return a new timeStampedData object with the additional token attached.
-     *
-     * @throws CMSException
-     */
-    public CMSTimeStampedData addTimeStamp(TimeStampToken token)
-        throws CMSException
-    {
-        TimeStampAndCRL[] timeStamps = util.getTimeStamps();
-        TimeStampAndCRL[] newTimeStamps = new TimeStampAndCRL[timeStamps.length + 1];
-
-        System.arraycopy(timeStamps, 0, newTimeStamps, 0, timeStamps.length);
-
-        newTimeStamps[timeStamps.length] = new TimeStampAndCRL(token.toCMSSignedData().toASN1Structure());
-
-        return new CMSTimeStampedData(new ContentInfo(CMSObjectIdentifiers.timestampedData, new TimeStampedData(timeStampedData.getDataUri(), timeStampedData.getMetaData(), timeStampedData.getContent(), new Evidence(new TimeStampTokenEvidence(newTimeStamps)))));
-    }
-
-    public byte[] getContent()
-    {
-        if (timeStampedData.getContent() != null)
-        {
-            return timeStampedData.getContent().getOctets();
-        }
-
-        return null;
-    }
-
-    public URI getDataUri()
-        throws URISyntaxException
-    {
-        DERIA5String dataURI = this.timeStampedData.getDataUri();
-
-        if (dataURI != null)
-        {
-            return new URI(dataURI.getString());
-        }
-
-        return null;
-    }
-
-    public String getFileName()
-    {
-        return util.getFileName();
-    }
-
-    public String getMediaType()
-    {
-        return util.getMediaType();
-    }
-
-    public AttributeTable getOtherMetaData()
-    {
-        return util.getOtherMetaData();
-    }
-
-    public TimeStampToken[] getTimeStampTokens()
-        throws CMSException
-    {
-        return util.getTimeStampTokens();
-    }
-
-    /**
-     * Initialise the passed in calculator with the MetaData for this message, if it is
-     * required as part of the initial message imprint calculation.
-     *
-     * @param calculator the digest calculator to be initialised.
-     * @throws CMSException if the MetaData is required and cannot be processed
-     */
-    public void initialiseMessageImprintDigestCalculator(DigestCalculator calculator)
-        throws CMSException
-    {
-        util.initialiseMessageImprintDigestCalculator(calculator);
-    }
-
-    /**
-     * Returns an appropriately initialised digest calculator based on the message imprint algorithm
-     * described in the first time stamp in the TemporalData for this message. If the metadata is required
-     * to be included in the digest calculation, the returned calculator will be pre-initialised.
-     *
-     * @param calculatorProvider  a provider of DigestCalculator objects.
-     * @return an initialised digest calculator.
-     * @throws OperatorCreationException if the provider is unable to create the calculator.
-     */
-    public DigestCalculator getMessageImprintDigestCalculator(DigestCalculatorProvider calculatorProvider)
-        throws OperatorCreationException
-    {
-        return util.getMessageImprintDigestCalculator(calculatorProvider);
-    }
-
-    /**
-     * Validate the digests present in the TimeStampTokens contained in the CMSTimeStampedData.
-     *
-     * @param calculatorProvider provider for digest calculators
-     * @param dataDigest the calculated data digest for the message
-     * @throws ImprintDigestInvalidException if an imprint digest fails to compare
-     * @throws CMSException  if an exception occurs processing the message.
-     */
-    public void validate(DigestCalculatorProvider calculatorProvider, byte[] dataDigest)
-        throws ImprintDigestInvalidException, CMSException
-    {
-        util.validate(calculatorProvider, dataDigest);
-    }
-
-    /**
-     * Validate the passed in timestamp token against the tokens and data present in the message.
-     *
-     * @param calculatorProvider provider for digest calculators
-     * @param dataDigest the calculated data digest for the message.
-     * @param timeStampToken  the timestamp token of interest.
-     * @throws ImprintDigestInvalidException if the token is not present in the message, or an imprint digest fails to compare.
-     * @throws CMSException if an exception occurs processing the message.
-     */
-    public void validate(DigestCalculatorProvider calculatorProvider, byte[] dataDigest, TimeStampToken timeStampToken)
-        throws ImprintDigestInvalidException, CMSException
-    {
-        util.validate(calculatorProvider, dataDigest, timeStampToken);
-    }
-
-    public byte[] getEncoded()
-        throws IOException
-    {
-        return contentInfo.getEncoded();
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/cms/CMSTimeStampedDataGenerator.java b/bcpkix/src/main/java/org/bouncycastle/tsp/cms/CMSTimeStampedDataGenerator.java
deleted file mode 100644
index e6f2830..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/cms/CMSTimeStampedDataGenerator.java
+++ /dev/null

@@ -1,70 +0,0 @@
-package org.bouncycastle.tsp.cms;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.BEROctetString;
-import org.bouncycastle.asn1.DERIA5String;
-import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.cms.Evidence;
-import org.bouncycastle.asn1.cms.TimeStampAndCRL;
-import org.bouncycastle.asn1.cms.TimeStampTokenEvidence;
-import org.bouncycastle.asn1.cms.TimeStampedData;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.tsp.TimeStampToken;
-import org.bouncycastle.util.io.Streams;
-
-public class CMSTimeStampedDataGenerator
-    extends CMSTimeStampedGenerator
-{
-    public CMSTimeStampedData generate(TimeStampToken timeStamp) throws CMSException
-    {
-        return generate(timeStamp, (InputStream)null);
-    }
-
-    public CMSTimeStampedData generate(TimeStampToken timeStamp, byte[] content) throws CMSException
-    {
-        return generate(timeStamp, new ByteArrayInputStream(content));
-    }
-
-    public CMSTimeStampedData generate(TimeStampToken timeStamp, InputStream content)
-        throws CMSException
-    {
-        ByteArrayOutputStream contentOut = new ByteArrayOutputStream();
-
-        if (content != null)
-        {
-            try
-            {
-                Streams.pipeAll(content, contentOut);
-            }
-            catch (IOException e)
-            {
-                throw new CMSException("exception encapsulating content: " + e.getMessage(), e);
-            }
-        }
-
-        ASN1OctetString encContent = null;
-
-        if (contentOut.size() != 0)
-        {
-            encContent = new BEROctetString(contentOut.toByteArray());
-        }
-
-        TimeStampAndCRL stamp = new TimeStampAndCRL(timeStamp.toCMSSignedData().toASN1Structure());
-
-        DERIA5String asn1DataUri = null;
-
-        if (dataUri != null)
-        {
-            asn1DataUri = new DERIA5String(dataUri.toString());
-        }
-        
-        return new CMSTimeStampedData(new ContentInfo(CMSObjectIdentifiers.timestampedData, new TimeStampedData(asn1DataUri, metaData, encContent, new Evidence(new TimeStampTokenEvidence(stamp)))));
-    }
-}
-

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/cms/CMSTimeStampedDataParser.java b/bcpkix/src/main/java/org/bouncycastle/tsp/cms/CMSTimeStampedDataParser.java
deleted file mode 100644
index 28c7e87..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/cms/CMSTimeStampedDataParser.java
+++ /dev/null

@@ -1,207 +0,0 @@
-package org.bouncycastle.tsp.cms;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.net.URI;
-import java.net.URISyntaxException;
-
-import org.bouncycastle.asn1.BERTags;
-import org.bouncycastle.asn1.DERIA5String;
-import org.bouncycastle.asn1.cms.AttributeTable;
-import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
-import org.bouncycastle.asn1.cms.ContentInfoParser;
-import org.bouncycastle.asn1.cms.TimeStampedDataParser;
-import org.bouncycastle.cms.CMSContentInfoParser;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.operator.DigestCalculator;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.tsp.TimeStampToken;
-import org.bouncycastle.util.io.Streams;
-
-public class CMSTimeStampedDataParser
-    extends CMSContentInfoParser
-{
-    private TimeStampedDataParser timeStampedData;
-    private TimeStampDataUtil util;
-
-    public CMSTimeStampedDataParser(InputStream in)
-        throws CMSException
-    {
-        super(in);
-
-        initialize(_contentInfo);
-    }
-
-    public CMSTimeStampedDataParser(byte[] baseData)
-        throws CMSException
-    {
-        this(new ByteArrayInputStream(baseData));
-    }
-
-    private void initialize(ContentInfoParser contentInfo)
-        throws CMSException
-    {
-        try
-        {
-            if (CMSObjectIdentifiers.timestampedData.equals(contentInfo.getContentType()))
-            {
-                this.timeStampedData = TimeStampedDataParser.getInstance(contentInfo.getContent(BERTags.SEQUENCE));
-            }
-            else
-            {
-                throw new IllegalArgumentException("Malformed content - type must be " + CMSObjectIdentifiers.timestampedData.getId());
-            }
-        }
-        catch (IOException e)
-        {
-            throw new CMSException("parsing exception: " + e.getMessage(), e);
-        }
-    }
-
-    public byte[] calculateNextHash(DigestCalculator calculator)
-        throws CMSException
-    {
-        return util.calculateNextHash(calculator);
-    }
-
-    public InputStream getContent()
-    {
-        if (timeStampedData.getContent() != null)
-        {
-            return timeStampedData.getContent().getOctetStream();
-        }
-
-        return null;
-    }
-
-    public URI getDataUri()
-        throws URISyntaxException
-    {
-        DERIA5String dataURI = this.timeStampedData.getDataUri();
-
-        if (dataURI != null)
-        {
-           return new URI(dataURI.getString());
-        }
-
-        return null;
-    }
-
-    public String getFileName()
-    {
-        return util.getFileName();
-    }
-
-    public String getMediaType()
-    {
-        return util.getMediaType();
-    }
-
-    public AttributeTable getOtherMetaData()
-    {
-        return util.getOtherMetaData();
-    }
-
-    /**
-     * Initialise the passed in calculator with the MetaData for this message, if it is
-     * required as part of the initial message imprint calculation.
-     *
-     * @param calculator the digest calculator to be initialised.
-     * @throws CMSException if the MetaData is required and cannot be processed
-     */
-    public void initialiseMessageImprintDigestCalculator(DigestCalculator calculator)
-        throws CMSException
-    {
-        util.initialiseMessageImprintDigestCalculator(calculator);
-    }
-
-    /**
-     * Returns an appropriately initialised digest calculator based on the message imprint algorithm
-     * described in the first time stamp in the TemporalData for this message. If the metadata is required
-     * to be included in the digest calculation, the returned calculator will be pre-initialised.
-     *
-     * @param calculatorProvider  a provider of DigestCalculator objects.
-     * @return an initialised digest calculator.
-     * @throws OperatorCreationException if the provider is unable to create the calculator.
-     */
-    public DigestCalculator getMessageImprintDigestCalculator(DigestCalculatorProvider calculatorProvider)
-        throws OperatorCreationException
-    {
-        try
-        {
-            parseTimeStamps();
-        }
-        catch (CMSException e)
-        {
-            throw new OperatorCreationException("unable to extract algorithm ID: " + e.getMessage(), e);
-        }
-
-        return util.getMessageImprintDigestCalculator(calculatorProvider);
-    }
-
-    public TimeStampToken[] getTimeStampTokens()
-        throws CMSException
-    {
-        parseTimeStamps();
-
-        return util.getTimeStampTokens();
-    }
-
-    /**
-     * Validate the digests present in the TimeStampTokens contained in the CMSTimeStampedData.
-     *
-     * @param calculatorProvider provider for digest calculators
-     * @param dataDigest the calculated data digest for the message
-     * @throws ImprintDigestInvalidException if an imprint digest fails to compare
-     * @throws CMSException  if an exception occurs processing the message.
-     */
-    public void validate(DigestCalculatorProvider calculatorProvider, byte[] dataDigest)
-        throws ImprintDigestInvalidException, CMSException
-    {
-        parseTimeStamps();
-
-        util.validate(calculatorProvider, dataDigest);
-    }
-
-    /**
-     * Validate the passed in timestamp token against the tokens and data present in the message.
-     *
-     * @param calculatorProvider provider for digest calculators
-     * @param dataDigest the calculated data digest for the message.
-     * @param timeStampToken  the timestamp token of interest.
-     * @throws ImprintDigestInvalidException if the token is not present in the message, or an imprint digest fails to compare.
-     * @throws CMSException if an exception occurs processing the message.
-     */
-    public void validate(DigestCalculatorProvider calculatorProvider, byte[] dataDigest, TimeStampToken timeStampToken)
-        throws ImprintDigestInvalidException, CMSException
-    {
-        parseTimeStamps();
-
-        util.validate(calculatorProvider, dataDigest, timeStampToken);
-    }
-
-    private void parseTimeStamps()
-        throws CMSException
-    {
-        try
-        {
-            if (util == null)
-            {
-                InputStream cont = this.getContent();
-
-                if (cont != null)
-                {
-                    Streams.drain(cont);
-                }
-
-                util = new TimeStampDataUtil(timeStampedData);
-            }
-        }
-        catch (IOException e)
-        {
-            throw new CMSException("unable to parse evidence block: " + e.getMessage(), e);
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/cms/CMSTimeStampedGenerator.java b/bcpkix/src/main/java/org/bouncycastle/tsp/cms/CMSTimeStampedGenerator.java
deleted file mode 100644
index 5cc8866..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/cms/CMSTimeStampedGenerator.java
+++ /dev/null

@@ -1,88 +0,0 @@
-package org.bouncycastle.tsp.cms;
-
-import java.net.URI;
-
-import org.bouncycastle.asn1.ASN1Boolean;
-import org.bouncycastle.asn1.DERIA5String;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.asn1.cms.Attributes;
-import org.bouncycastle.asn1.cms.MetaData;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.operator.DigestCalculator;
-
-public class CMSTimeStampedGenerator
-{
-    protected MetaData metaData;
-    protected URI dataUri;
-
-    /**
-     * Set the dataURI to be included in message.
-     *
-     * @param dataUri URI for the data the initial message imprint digest is based on.
-     */
-    public void setDataUri(URI dataUri)
-    {
-        this.dataUri = dataUri;
-    }
-
-    /**
-     * Set the MetaData for the generated message.
-     *
-     * @param hashProtected true if the MetaData should be included in first imprint calculation, false otherwise.
-     * @param fileName optional file name, may be null.
-     * @param mediaType optional media type, may be null.
-     */
-    public void setMetaData(boolean hashProtected, String fileName, String mediaType)
-    {
-        setMetaData(hashProtected, fileName, mediaType, null);
-    }
-
-    /**
-     * Set the MetaData for the generated message.
-     *
-     * @param hashProtected true if the MetaData should be included in first imprint calculation, false otherwise.
-     * @param fileName optional file name, may be null.
-     * @param mediaType optional media type, may be null.
-     * @param attributes optional attributes, may be null.
-     */
-    public void setMetaData(boolean hashProtected, String fileName, String mediaType, Attributes attributes)
-    {
-        DERUTF8String asn1FileName = null;
-
-        if (fileName != null)
-        {
-            asn1FileName = new DERUTF8String(fileName);
-        }
-
-        DERIA5String asn1MediaType = null;
-
-        if (mediaType != null)
-        {
-            asn1MediaType = new DERIA5String(mediaType);
-        }
-
-        setMetaData(hashProtected, asn1FileName, asn1MediaType, attributes);
-    }
-
-    private void setMetaData(boolean hashProtected, DERUTF8String fileName, DERIA5String mediaType, Attributes attributes)
-    {
-        this.metaData = new MetaData(ASN1Boolean.getInstance(hashProtected), fileName, mediaType, attributes);
-    }
-
-    /**
-     * Initialise the passed in calculator with the MetaData for this message, if it is
-     * required as part of the initial message imprint calculation. After initialisation the
-     * calculator can then be used to calculate the initial message imprint digest for the first
-     * timestamp.
-     *
-     * @param calculator the digest calculator to be initialised.
-     * @throws CMSException if the MetaData is required and cannot be processed
-     */
-    public void initialiseMessageImprintDigestCalculator(DigestCalculator calculator)
-        throws CMSException
-    {
-        MetaDataUtil util = new MetaDataUtil(metaData);
-
-        util.initialiseMessageImprintDigestCalculator(calculator);
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/cms/ImprintDigestInvalidException.java b/bcpkix/src/main/java/org/bouncycastle/tsp/cms/ImprintDigestInvalidException.java
deleted file mode 100644
index 3699997..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/cms/ImprintDigestInvalidException.java
+++ /dev/null

@@ -1,21 +0,0 @@
-package org.bouncycastle.tsp.cms;
-
-import org.bouncycastle.tsp.TimeStampToken;
-
-public class ImprintDigestInvalidException
-    extends Exception
-{
-    private TimeStampToken token;
-
-    public ImprintDigestInvalidException(String message, TimeStampToken token)
-    {
-        super(message);
-
-        this.token = token;
-    }
-
-    public TimeStampToken getTimeStampToken()
-    {
-        return token;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/cms/MetaDataUtil.java b/bcpkix/src/main/java/org/bouncycastle/tsp/cms/MetaDataUtil.java
deleted file mode 100644
index b52f669..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/cms/MetaDataUtil.java
+++ /dev/null

@@ -1,76 +0,0 @@
-package org.bouncycastle.tsp.cms;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1String;
-import org.bouncycastle.asn1.cms.Attributes;
-import org.bouncycastle.asn1.cms.MetaData;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.operator.DigestCalculator;
-
-class MetaDataUtil
-{
-    private final MetaData          metaData;
-
-    MetaDataUtil(MetaData metaData)
-    {
-        this.metaData = metaData;
-    }
-
-    void initialiseMessageImprintDigestCalculator(DigestCalculator calculator)
-        throws CMSException
-    {
-        if (metaData != null && metaData.isHashProtected())
-        {
-            try
-            {
-                calculator.getOutputStream().write(metaData.getEncoded(ASN1Encoding.DER));
-            }
-            catch (IOException e)
-            {
-                throw new CMSException("unable to initialise calculator from metaData: " + e.getMessage(), e);
-            }
-        }
-    }
-
-    String getFileName()
-    {
-        if (metaData != null)
-        {
-            return convertString(metaData.getFileName());
-        }
-
-        return null;
-    }
-
-    String getMediaType()
-    {
-        if (metaData != null)
-        {
-            return convertString(metaData.getMediaType());
-        }
-
-        return null;
-    }
-
-    Attributes getOtherMetaData()
-    {
-        if (metaData != null)
-        {
-            return metaData.getOtherMetaData();
-        }
-
-        return null;
-    }
-
-    private String convertString(ASN1String s)
-    {
-        if (s != null)
-        {
-            return s.toString();
-        }
-
-        return null;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/cms/TimeStampDataUtil.java b/bcpkix/src/main/java/org/bouncycastle/tsp/cms/TimeStampDataUtil.java
deleted file mode 100644
index ce115f4..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/cms/TimeStampDataUtil.java
+++ /dev/null

@@ -1,256 +0,0 @@
-package org.bouncycastle.tsp.cms;
-
-import java.io.IOException;
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cms.AttributeTable;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.cms.Evidence;
-import org.bouncycastle.asn1.cms.TimeStampAndCRL;
-import org.bouncycastle.asn1.cms.TimeStampedData;
-import org.bouncycastle.asn1.cms.TimeStampedDataParser;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cms.CMSException;
-import org.bouncycastle.operator.DigestCalculator;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-import org.bouncycastle.operator.OperatorCreationException;
-import org.bouncycastle.tsp.TSPException;
-import org.bouncycastle.tsp.TimeStampToken;
-import org.bouncycastle.tsp.TimeStampTokenInfo;
-import org.bouncycastle.util.Arrays;
-
-class TimeStampDataUtil
-{
-    private final TimeStampAndCRL[] timeStamps;
-
-    private final MetaDataUtil      metaDataUtil;
-
-    TimeStampDataUtil(TimeStampedData timeStampedData)
-    {
-        this.metaDataUtil = new MetaDataUtil(timeStampedData.getMetaData());
-
-        Evidence evidence = timeStampedData.getTemporalEvidence();
-        this.timeStamps = evidence.getTstEvidence().toTimeStampAndCRLArray();
-    }
-
-    TimeStampDataUtil(TimeStampedDataParser timeStampedData)
-        throws IOException
-    {       
-        this.metaDataUtil = new MetaDataUtil(timeStampedData.getMetaData());
-
-        Evidence evidence = timeStampedData.getTemporalEvidence();
-        this.timeStamps = evidence.getTstEvidence().toTimeStampAndCRLArray();
-    }
-
-    TimeStampToken getTimeStampToken(TimeStampAndCRL timeStampAndCRL)
-        throws CMSException
-    {
-        ContentInfo timeStampToken = timeStampAndCRL.getTimeStampToken();
-
-        try
-        {
-            TimeStampToken token = new TimeStampToken(timeStampToken);
-            return token;
-        }
-        catch (IOException e)
-        {
-            throw new CMSException("unable to parse token data: " + e.getMessage(), e);
-        }
-        catch (TSPException e)
-        {
-            if (e.getCause() instanceof CMSException)
-            {
-                throw (CMSException)e.getCause();
-            }
-
-            throw new CMSException("token data invalid: " + e.getMessage(), e);
-        }
-        catch (IllegalArgumentException e)
-        {
-            throw new CMSException("token data invalid: " + e.getMessage(), e);
-        }
-    }
-
-    void initialiseMessageImprintDigestCalculator(DigestCalculator calculator)
-        throws CMSException
-    {
-        metaDataUtil.initialiseMessageImprintDigestCalculator(calculator);
-    }
-
-    DigestCalculator getMessageImprintDigestCalculator(DigestCalculatorProvider calculatorProvider)
-        throws OperatorCreationException
-    {
-        TimeStampToken token;
-
-        try
-        {
-            token = this.getTimeStampToken(timeStamps[0]);
-
-            TimeStampTokenInfo info = token.getTimeStampInfo();
-            ASN1ObjectIdentifier algOID = info.getMessageImprintAlgOID();
-
-            DigestCalculator calc = calculatorProvider.get(new AlgorithmIdentifier(algOID));
-
-            initialiseMessageImprintDigestCalculator(calc);
-
-            return calc;
-        }
-        catch (CMSException e)
-        {
-            throw new OperatorCreationException("unable to extract algorithm ID: " + e.getMessage(), e);
-        }
-    }
-
-    TimeStampToken[] getTimeStampTokens()
-        throws CMSException
-    {
-        TimeStampToken[] tokens = new TimeStampToken[timeStamps.length];
-        for (int i = 0; i < timeStamps.length; i++)
-        {
-            tokens[i] = this.getTimeStampToken(timeStamps[i]);
-        }
-
-        return tokens;
-    }
-
-    TimeStampAndCRL[] getTimeStamps()
-    {
-        return timeStamps;
-    }
-
-    byte[] calculateNextHash(DigestCalculator calculator)
-        throws CMSException
-    {
-        TimeStampAndCRL tspToken = timeStamps[timeStamps.length - 1];
-
-        OutputStream out = calculator.getOutputStream();
-
-        try
-        {
-            out.write(tspToken.getEncoded(ASN1Encoding.DER));
-
-            out.close();
-
-            return calculator.getDigest();
-        }
-        catch (IOException e)
-        {
-            throw new CMSException("exception calculating hash: " + e.getMessage(), e);
-        }
-    }
-
-    /**
-     * Validate the digests present in the TimeStampTokens contained in the CMSTimeStampedData.
-     */
-    void validate(DigestCalculatorProvider calculatorProvider, byte[] dataDigest)
-        throws ImprintDigestInvalidException, CMSException
-    {
-        byte[] currentDigest = dataDigest;
-
-        for (int i = 0; i < timeStamps.length; i++)
-        {
-            try
-            {
-                TimeStampToken token = this.getTimeStampToken(timeStamps[i]);
-                if (i > 0)
-                {
-                    TimeStampTokenInfo info = token.getTimeStampInfo();
-                    DigestCalculator calculator = calculatorProvider.get(info.getHashAlgorithm());
-
-                    calculator.getOutputStream().write(timeStamps[i - 1].getEncoded(ASN1Encoding.DER));
-
-                    currentDigest = calculator.getDigest();
-                }
-
-                this.compareDigest(token, currentDigest);
-            }
-            catch (IOException e)
-            {
-                throw new CMSException("exception calculating hash: " + e.getMessage(), e);
-            }
-            catch (OperatorCreationException e)
-            {
-                throw new CMSException("cannot create digest: " + e.getMessage(), e);
-            }
-        }
-    }
-
-    void validate(DigestCalculatorProvider calculatorProvider, byte[] dataDigest, TimeStampToken timeStampToken)
-        throws ImprintDigestInvalidException, CMSException
-    {
-        byte[] currentDigest = dataDigest;
-        byte[] encToken;
-
-        try
-        {
-            encToken = timeStampToken.getEncoded();
-        }
-        catch (IOException e)
-        {
-            throw new CMSException("exception encoding timeStampToken: " + e.getMessage(), e);
-        }
-
-        for (int i = 0; i < timeStamps.length; i++)
-        {
-            try
-            {
-                TimeStampToken token = this.getTimeStampToken(timeStamps[i]);
-                if (i > 0)
-                {
-                    TimeStampTokenInfo info = token.getTimeStampInfo();
-                    DigestCalculator calculator = calculatorProvider.get(info.getHashAlgorithm());
-
-                    calculator.getOutputStream().write(timeStamps[i - 1].getEncoded(ASN1Encoding.DER));
-
-                    currentDigest = calculator.getDigest();
-                }
-
-                this.compareDigest(token, currentDigest);
-
-                if (Arrays.areEqual(token.getEncoded(), encToken))
-                {
-                    return;
-                }
-            }
-            catch (IOException e)
-            {
-                throw new CMSException("exception calculating hash: " + e.getMessage(), e);
-            }
-            catch (OperatorCreationException e)
-            {
-                throw new CMSException("cannot create digest: " + e.getMessage(), e);
-            }
-        }
-
-        throw new ImprintDigestInvalidException("passed in token not associated with timestamps present", timeStampToken);
-    }
-
-    private void compareDigest(TimeStampToken timeStampToken, byte[] digest)
-        throws ImprintDigestInvalidException
-    {
-        TimeStampTokenInfo info = timeStampToken.getTimeStampInfo();
-        byte[] tsrMessageDigest = info.getMessageImprintDigest();
-
-        if (!Arrays.areEqual(digest, tsrMessageDigest))
-        {
-            throw new ImprintDigestInvalidException("hash calculated is different from MessageImprintDigest found in TimeStampToken", timeStampToken);
-        }
-    }
-
-    String getFileName()
-    {
-        return metaDataUtil.getFileName();
-    }
-
-    String getMediaType()
-    {
-        return metaDataUtil.getMediaType();
-    }
-
-    AttributeTable getOtherMetaData()
-    {
-        return new AttributeTable(metaDataUtil.getOtherMetaData());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/cms/package.html b/bcpkix/src/main/java/org/bouncycastle/tsp/cms/package.html
deleted file mode 100644
index 2cf1bac..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/cms/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Classes for dealing Syntax for Binding Documents with Time-Stamps - RFC 5544.
-</body>
-</html>

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/package.html b/bcpkix/src/main/java/org/bouncycastle/tsp/package.html
deleted file mode 100644
index 45d0c3c..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Classes for dealing Time Stamp Protocol (TSP) - RFC 3161.
-</body>
-</html>

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/test/AllTests.java b/bcpkix/src/main/java/org/bouncycastle/tsp/test/AllTests.java
deleted file mode 100644
index 7446490..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/test/AllTests.java
+++ /dev/null

@@ -1,51 +0,0 @@
-package org.bouncycastle.tsp.test;
-
-import java.security.Security;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-
-public class AllTests
-    extends TestCase
-{
-    public static void main (String[] args)
-    {
-        junit.textui.TestRunner.run(suite());
-    }
-    
-    public static Test suite()
-    {
-        TestSuite suite = new TestSuite("TSP Tests");
-        
-        suite.addTestSuite(ParseTest.class);
-        suite.addTestSuite(NewTSPTest.class);
-        suite.addTestSuite(CMSTimeStampedDataTest.class);
-        suite.addTestSuite(CMSTimeStampedDataParserTest.class);
-        suite.addTestSuite(CMSTimeStampedDataGeneratorTest.class);
-        suite.addTestSuite(GenTimeAccuracyUnitTest.class);
-        suite.addTestSuite(TimeStampTokenInfoUnitTest.class);
-
-        return new BCTestSetup(suite);
-    }
-
-    static class BCTestSetup
-        extends TestSetup
-    {
-        public BCTestSetup(Test test)
-        {
-            super(test);
-        }
-
-        protected void setUp()
-        {
-            Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
-        }
-
-        protected void tearDown()
-        {
-            Security.removeProvider("BC");
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/test/CMSTimeStampedDataGeneratorTest.java b/bcpkix/src/main/java/org/bouncycastle/tsp/test/CMSTimeStampedDataGeneratorTest.java
deleted file mode 100644
index 45f502a..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/test/CMSTimeStampedDataGeneratorTest.java
+++ /dev/null

@@ -1,309 +0,0 @@
-package org.bouncycastle.tsp.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.InputStream;
-import java.math.BigInteger;
-import java.security.KeyPair;
-import java.security.PrivateKey;
-import java.security.Security;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Date;
-import java.util.List;
-
-import junit.framework.TestCase;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.cert.jcajce.JcaCertStore;
-import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoGeneratorBuilder;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.operator.DigestCalculator;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-import org.bouncycastle.operator.bc.BcDigestCalculatorProvider;
-import org.bouncycastle.tsp.TSPAlgorithms;
-import org.bouncycastle.tsp.TimeStampRequest;
-import org.bouncycastle.tsp.TimeStampRequestGenerator;
-import org.bouncycastle.tsp.TimeStampResponse;
-import org.bouncycastle.tsp.TimeStampResponseGenerator;
-import org.bouncycastle.tsp.TimeStampToken;
-import org.bouncycastle.tsp.TimeStampTokenGenerator;
-import org.bouncycastle.tsp.cms.CMSTimeStampedData;
-import org.bouncycastle.tsp.cms.CMSTimeStampedDataGenerator;
-import org.bouncycastle.tsp.cms.CMSTimeStampedDataParser;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Store;
-import org.bouncycastle.util.io.Streams;
-
-public class CMSTimeStampedDataGeneratorTest
-    extends TestCase
-{
-
-    BouncyCastleProvider bouncyCastleProvider;
-    CMSTimeStampedDataGenerator cmsTimeStampedDataGenerator = null;
-    String fileInput = "FileDaFirmare.data";
-    byte[] baseData;
-
-    protected void setUp()
-        throws Exception
-    {
-        bouncyCastleProvider = new BouncyCastleProvider();
-        if (Security.getProvider(bouncyCastleProvider.getName()) == null)
-        {
-            Security.addProvider(bouncyCastleProvider);
-        }
-
-        cmsTimeStampedDataGenerator = new CMSTimeStampedDataGenerator();
-        ByteArrayOutputStream origStream = new ByteArrayOutputStream();
-        InputStream in = this.getClass().getResourceAsStream(fileInput);
-        int ch;
-
-        while ((ch = in.read()) >= 0)
-        {
-            origStream.write(ch);
-        }
-
-        origStream.close();
-
-        this.baseData = origStream.toByteArray();
-
-    }
-
-    protected void tearDown()
-        throws Exception
-    {
-        cmsTimeStampedDataGenerator = null;
-        Security.removeProvider(bouncyCastleProvider.getName());
-    }
-
-    public void testGenerate()
-        throws Exception
-    {
-        BcDigestCalculatorProvider calculatorProvider = new BcDigestCalculatorProvider();
-        ASN1ObjectIdentifier algOID = new ASN1ObjectIdentifier("2.16.840.1.101.3.4.2.1"); // SHA-256
-        DigestCalculator hashCalculator = calculatorProvider.get(new AlgorithmIdentifier(algOID));
-
-        cmsTimeStampedDataGenerator.initialiseMessageImprintDigestCalculator(hashCalculator);
-
-        hashCalculator.getOutputStream().write(baseData);
-        hashCalculator.getOutputStream().close();
-
-        TimeStampToken timeStampToken = createTimeStampToken(hashCalculator.getDigest(), NISTObjectIdentifiers.id_sha256);
-        CMSTimeStampedData cmsTimeStampedData = cmsTimeStampedDataGenerator.generate(timeStampToken, baseData);
-
-        for (int i = 0; i < 3; i++)
-        {
-            byte[] newRequestData = cmsTimeStampedData.calculateNextHash(hashCalculator);
-            TimeStampToken newTimeStampToken = createTimeStampToken(newRequestData, NISTObjectIdentifiers.id_sha256);
-            cmsTimeStampedData = cmsTimeStampedData.addTimeStamp(newTimeStampToken);
-        }
-        byte[] timeStampedData = cmsTimeStampedData.getEncoded();
-
-        // verify
-        DigestCalculatorProvider newCalculatorProvider = new BcDigestCalculatorProvider();
-        DigestCalculator imprintCalculator = cmsTimeStampedData.getMessageImprintDigestCalculator(newCalculatorProvider);
-        CMSTimeStampedData newCMSTimeStampedData = new CMSTimeStampedData(timeStampedData);
-        byte[] newContent = newCMSTimeStampedData.getContent();
-        assertEquals("Content expected and verified are different", true, Arrays.areEqual(newContent, baseData));
-
-        imprintCalculator.getOutputStream().write(newContent);
-
-        byte[] digest = imprintCalculator.getDigest();
-
-        TimeStampToken[] tokens = cmsTimeStampedData.getTimeStampTokens();
-        assertEquals("TimeStampToken expected and verified are different", 4, tokens.length);
-        for (int i = 0; i < tokens.length; i++)
-        {
-            cmsTimeStampedData.validate(newCalculatorProvider, digest, tokens[i]);
-        }
-    }
-
-    public void testGenerateWithMetadata()
-        throws Exception
-    {
-        cmsTimeStampedDataGenerator.setMetaData(true, fileInput, "TXT");
-
-        BcDigestCalculatorProvider calculatorProvider = new BcDigestCalculatorProvider();
-        ASN1ObjectIdentifier algOID = new ASN1ObjectIdentifier("2.16.840.1.101.3.4.2.1"); // SHA-256
-        DigestCalculator hashCalculator = calculatorProvider.get(new AlgorithmIdentifier(algOID));
-
-        cmsTimeStampedDataGenerator.initialiseMessageImprintDigestCalculator(hashCalculator);
-
-        hashCalculator.getOutputStream().write(baseData);
-        hashCalculator.getOutputStream().close();
-
-        TimeStampToken timeStampToken = createTimeStampToken(hashCalculator.getDigest(), NISTObjectIdentifiers.id_sha256);
-        CMSTimeStampedData cmsTimeStampedData = cmsTimeStampedDataGenerator.generate(timeStampToken, baseData);
-
-        for (int i = 0; i <= 3; i++)
-        {
-            byte[] newRequestData = cmsTimeStampedData.calculateNextHash(hashCalculator);
-            TimeStampToken newTimeStampToken = createTimeStampToken(newRequestData, NISTObjectIdentifiers.id_sha256);
-            cmsTimeStampedData = cmsTimeStampedData.addTimeStamp(newTimeStampToken);
-        }
-        byte[] timeStampedData = cmsTimeStampedData.getEncoded();
-
-        metadataCheck(timeStampedData);
-        metadataParserCheck(timeStampedData);
-    }
-
-    public void testGenerateWithMetadataAndDifferentAlgorithmIdentifier()
-        throws Exception
-    {
-        cmsTimeStampedDataGenerator.setMetaData(true, fileInput, "TXT");
-
-        BcDigestCalculatorProvider calculatorProvider = new BcDigestCalculatorProvider();
-
-        ASN1ObjectIdentifier algIdentifier = NISTObjectIdentifiers.id_sha224;
-
-        DigestCalculator hashCalculator = calculatorProvider.get(new AlgorithmIdentifier(algIdentifier));
-        cmsTimeStampedDataGenerator.initialiseMessageImprintDigestCalculator(hashCalculator);
-        hashCalculator.getOutputStream().write(baseData);
-        hashCalculator.getOutputStream().close();
-
-        byte[] requestData = hashCalculator.getDigest();
-        TimeStampToken timeStampToken = createTimeStampToken(requestData, algIdentifier);
-
-        CMSTimeStampedData cmsTimeStampedData = cmsTimeStampedDataGenerator.generate(timeStampToken, baseData);
-
-        for (int i = 0; i <= 3; i++) {
-            switch (i) {
-            case 0:
-                algIdentifier =    NISTObjectIdentifiers.id_sha224;
-                break;
-            case 1:
-                algIdentifier =    NISTObjectIdentifiers.id_sha256;
-                break;
-            case 2:
-                algIdentifier =    NISTObjectIdentifiers.id_sha384;
-                break;
-            case 3:
-                algIdentifier =    NISTObjectIdentifiers.id_sha512;
-                break;
-            }
-            hashCalculator = calculatorProvider.get(new AlgorithmIdentifier(algIdentifier));
-            byte[] newRequestData = cmsTimeStampedData.calculateNextHash(hashCalculator);
-            TimeStampToken newTimeStampToken = createTimeStampToken(newRequestData, algIdentifier);
-            cmsTimeStampedData = cmsTimeStampedData.addTimeStamp(newTimeStampToken);
-        }
-        byte[] timeStampedData = cmsTimeStampedData.getEncoded();
-
-        metadataCheck(timeStampedData);
-        metadataParserCheck(timeStampedData);
-
-    }
-
-
-    private void metadataCheck(byte[] timeStampedData)
-        throws Exception
-    {
-        CMSTimeStampedData cmsTspData = new CMSTimeStampedData(timeStampedData);
-        DigestCalculatorProvider newCalculatorProvider = new BcDigestCalculatorProvider();
-        DigestCalculator imprintCalculator = cmsTspData.getMessageImprintDigestCalculator(newCalculatorProvider);
-
-        byte[] newContent = cmsTspData.getContent();
-        assertEquals("Content expected and verified are different", true, Arrays.areEqual(newContent, baseData));
-
-        imprintCalculator.getOutputStream().write(newContent);
-
-        assertEquals(fileInput, cmsTspData.getFileName());
-        assertEquals("TXT", cmsTspData.getMediaType());
-
-        byte[] digest = imprintCalculator.getDigest();
-
-        TimeStampToken[] tokens = cmsTspData.getTimeStampTokens();
-        assertEquals("TimeStampToken expected and verified are different", 5, tokens.length);
-        for (int i = 0; i < tokens.length; i++)
-        {
-            cmsTspData.validate(newCalculatorProvider, digest, tokens[i]);
-        }
-    }
-
-    private void metadataParserCheck(byte[] timeStampedData)
-        throws Exception
-    {
-        CMSTimeStampedDataParser cmsTspData = new CMSTimeStampedDataParser(timeStampedData);
-        DigestCalculatorProvider newCalculatorProvider = new BcDigestCalculatorProvider();
-
-        InputStream input = cmsTspData.getContent();
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        Streams.pipeAll(input, bOut);
-
-        assertEquals("Content expected and verified are different", true, Arrays.areEqual(bOut.toByteArray(), baseData));
-
-        DigestCalculator imprintCalculator = cmsTspData.getMessageImprintDigestCalculator(newCalculatorProvider);
-
-        Streams.pipeAll(new ByteArrayInputStream(bOut.toByteArray()), imprintCalculator.getOutputStream());
-
-        assertEquals(fileInput, cmsTspData.getFileName());
-        assertEquals("TXT", cmsTspData.getMediaType());
-
-        byte[] digest = imprintCalculator.getDigest();
-
-        TimeStampToken[] tokens = cmsTspData.getTimeStampTokens();
-        assertEquals("TimeStampToken expected and verified are different", 5, tokens.length);
-        for (int i = 0; i < tokens.length; i++)
-        {
-            cmsTspData.validate(newCalculatorProvider, digest, tokens[i]);
-        }
-    }
-
-    private TimeStampToken createTimeStampToken(byte[] hash, ASN1ObjectIdentifier hashAlg)
-        throws Exception
-    {
-        String algorithmName = null;
-        if (hashAlg.equals(NISTObjectIdentifiers.id_sha224))
-        {
-            algorithmName = "SHA224withRSA";
-        }
-        else if (hashAlg.equals(NISTObjectIdentifiers.id_sha256))
-        {
-            algorithmName = "SHA256withRSA";
-        }
-        else if (hashAlg.equals(NISTObjectIdentifiers.id_sha384))
-        {
-            algorithmName = "SHA384withRSA";
-        }
-        else if (hashAlg.equals(NISTObjectIdentifiers.id_sha512))
-        {
-            algorithmName = "SHA512withRSA";
-        }
-
-        String signDN = "O=Bouncy Castle, C=AU";
-        KeyPair signKP = TSPTestUtil.makeKeyPair();
-        X509Certificate signCert = TSPTestUtil.makeCACertificate(signKP,
-            signDN, signKP, signDN);
-
-        String origDN = "CN=Eric H. Echidna, E=eric@bouncycastle.org, O=Bouncy Castle, C=AU";
-        KeyPair origKP = TSPTestUtil.makeKeyPair();
-        X509Certificate cert = TSPTestUtil.makeCertificate(origKP,
-            origDN, signKP, signDN);
-
-        PrivateKey privateKey = origKP.getPrivate();
-
-        List certList = new ArrayList();
-        certList.add(cert);
-        certList.add(signCert);
-
-        Store certs = new JcaCertStore(certList);
-
-
-        TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
-            new JcaSimpleSignerInfoGeneratorBuilder().setProvider("BC").build(algorithmName, privateKey, cert), new SHA1DigestCalculator(), new ASN1ObjectIdentifier("1.2"));
-
-        tsTokenGen.addCertificates(certs);
-
-        TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
-        TimeStampRequest request = reqGen.generate(hashAlg, hash);
-
-        TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TSPAlgorithms.ALLOWED);
-
-        TimeStampResponse tsResp = tsRespGen.generate(request, new BigInteger("23"), new Date());
-
-        tsResp = new TimeStampResponse(tsResp.getEncoded());
-
-        return tsResp.getTimeStampToken();
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/test/CMSTimeStampedDataParserTest.java b/bcpkix/src/main/java/org/bouncycastle/tsp/test/CMSTimeStampedDataParserTest.java
deleted file mode 100644
index 138e892..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/test/CMSTimeStampedDataParserTest.java
+++ /dev/null

@@ -1,91 +0,0 @@
-package org.bouncycastle.tsp.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.InputStream;
-
-import junit.framework.TestCase;
-import org.bouncycastle.operator.DigestCalculator;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-import org.bouncycastle.operator.bc.BcDigestCalculatorProvider;
-import org.bouncycastle.tsp.TimeStampToken;
-import org.bouncycastle.tsp.cms.CMSTimeStampedDataParser;
-import org.bouncycastle.util.io.Streams;
-
-public class CMSTimeStampedDataParserTest
-    extends TestCase
-{
-
-    CMSTimeStampedDataParser cmsTimeStampedData = null;
-    String fileInput = "FileDaFirmare.txt.tsd.der";
-    private byte[] baseData;
-
-    protected void setUp()
-        throws Exception
-    {
-        ByteArrayOutputStream origStream = new ByteArrayOutputStream();
-        InputStream in = this.getClass().getResourceAsStream(fileInput);
-        int ch;
-
-        while ((ch = in.read()) >= 0)
-        {
-            origStream.write(ch);
-        }
-
-        origStream.close();
-
-        this.baseData = origStream.toByteArray();
-
-        cmsTimeStampedData = new CMSTimeStampedDataParser(baseData);
-    }
-
-    protected void tearDown()
-        throws Exception
-    {
-        cmsTimeStampedData = null;
-    }
-
-    public void testGetTimeStampTokens()
-        throws Exception
-    {
-        TimeStampToken[] tokens = cmsTimeStampedData.getTimeStampTokens();
-        assertEquals(3, tokens.length);
-    }
-
-    public void testValidateAllTokens()
-        throws Exception
-    {
-        DigestCalculatorProvider digestCalculatorProvider = new BcDigestCalculatorProvider();
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        Streams.pipeAll(cmsTimeStampedData.getContent(), bOut);
-
-        DigestCalculator imprintCalculator = cmsTimeStampedData.getMessageImprintDigestCalculator(digestCalculatorProvider);
-
-        Streams.pipeAll(new ByteArrayInputStream(bOut.toByteArray()), imprintCalculator.getOutputStream());
-
-        byte[] digest = imprintCalculator.getDigest();
-
-        TimeStampToken[] tokens = cmsTimeStampedData.getTimeStampTokens();
-        for (int i = 0; i < tokens.length; i++)
-        {
-            cmsTimeStampedData.validate(digestCalculatorProvider, digest, tokens[i]);
-        }
-    }
-
-    public void testValidate()
-        throws Exception
-    {
-        DigestCalculatorProvider digestCalculatorProvider = new BcDigestCalculatorProvider();
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        Streams.pipeAll(cmsTimeStampedData.getContent(), bOut);
-
-        DigestCalculator imprintCalculator = cmsTimeStampedData.getMessageImprintDigestCalculator(digestCalculatorProvider);
-
-        Streams.pipeAll(new ByteArrayInputStream(bOut.toByteArray()), imprintCalculator.getOutputStream());
-
-        cmsTimeStampedData.validate(digestCalculatorProvider, imprintCalculator.getDigest());
-    }
-
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/test/CMSTimeStampedDataTest.java b/bcpkix/src/main/java/org/bouncycastle/tsp/test/CMSTimeStampedDataTest.java
deleted file mode 100644
index 0bfefaa..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/test/CMSTimeStampedDataTest.java
+++ /dev/null

@@ -1,84 +0,0 @@
-package org.bouncycastle.tsp.test;
-
-import java.io.ByteArrayOutputStream;
-import java.io.InputStream;
-
-import junit.framework.TestCase;
-import org.bouncycastle.operator.DigestCalculator;
-import org.bouncycastle.operator.DigestCalculatorProvider;
-import org.bouncycastle.operator.bc.BcDigestCalculatorProvider;
-import org.bouncycastle.tsp.TimeStampToken;
-import org.bouncycastle.tsp.cms.CMSTimeStampedData;
-
-public class CMSTimeStampedDataTest
-    extends TestCase
-{
-
-    CMSTimeStampedData cmsTimeStampedData = null;
-    String fileInput = "FileDaFirmare.txt.tsd.der";
-    String fileOutput = fileInput.substring(0, fileInput.indexOf(".tsd"));
-    private byte[] baseData;
-
-    protected void setUp()
-        throws Exception
-    {
-        ByteArrayOutputStream origStream = new ByteArrayOutputStream();
-        InputStream in = this.getClass().getResourceAsStream(fileInput);
-        int ch;
-
-        while ((ch = in.read()) >= 0)
-        {
-            origStream.write(ch);
-        }
-
-        origStream.close();
-
-        this.baseData = origStream.toByteArray();
-
-        cmsTimeStampedData = new CMSTimeStampedData(baseData);
-    }
-
-    protected void tearDown()
-        throws Exception
-    {
-        cmsTimeStampedData = null;
-    }
-
-    public void testGetTimeStampTokens()
-        throws Exception
-    {
-        TimeStampToken[] tokens = cmsTimeStampedData.getTimeStampTokens();
-        assertEquals(3, tokens.length);
-    }
-
-    public void testValidateAllTokens()
-        throws Exception
-    {
-        DigestCalculatorProvider digestCalculatorProvider = new BcDigestCalculatorProvider();
-
-        DigestCalculator imprintCalculator = cmsTimeStampedData.getMessageImprintDigestCalculator(digestCalculatorProvider);
-
-        imprintCalculator.getOutputStream().write(cmsTimeStampedData.getContent());
-
-        byte[] digest = imprintCalculator.getDigest();
-
-        TimeStampToken[] tokens = cmsTimeStampedData.getTimeStampTokens();
-        for (int i = 0; i < tokens.length; i++)
-        {
-            cmsTimeStampedData.validate(digestCalculatorProvider, digest, tokens[i]);
-        }
-    }
-
-    public void testValidate()
-        throws Exception
-    {
-        DigestCalculatorProvider digestCalculatorProvider = new BcDigestCalculatorProvider();
-
-        DigestCalculator imprintCalculator = cmsTimeStampedData.getMessageImprintDigestCalculator(digestCalculatorProvider);
-
-        imprintCalculator.getOutputStream().write(cmsTimeStampedData.getContent());
-
-        cmsTimeStampedData.validate(digestCalculatorProvider, imprintCalculator.getDigest());
-    }
-
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/test/GenTimeAccuracyUnitTest.java b/bcpkix/src/main/java/org/bouncycastle/tsp/test/GenTimeAccuracyUnitTest.java
deleted file mode 100644
index a809f07..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/test/GenTimeAccuracyUnitTest.java
+++ /dev/null

@@ -1,106 +0,0 @@
-package org.bouncycastle.tsp.test;
-
-import junit.framework.TestCase;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.tsp.Accuracy;
-import org.bouncycastle.tsp.GenTimeAccuracy;
-
-public class GenTimeAccuracyUnitTest
-    extends TestCase
-{
-    private static final ASN1Integer ZERO_VALUE = new ASN1Integer(0);
-    private static final ASN1Integer ONE_VALUE = new ASN1Integer(1);
-    private static final ASN1Integer TWO_VALUE = new ASN1Integer(2);
-    private static final ASN1Integer THREE_VALUE = new ASN1Integer(3);
-
-    public void testOneTwoThree()
-    {   
-        GenTimeAccuracy accuracy = new GenTimeAccuracy(new Accuracy(ONE_VALUE, TWO_VALUE, THREE_VALUE));
-        
-        checkValues(accuracy, ONE_VALUE, TWO_VALUE, THREE_VALUE);
-        
-        checkToString(accuracy, "1.002003");
-    }
-
-    public void testThreeTwoOne()
-    {   
-        GenTimeAccuracy accuracy = new GenTimeAccuracy(new Accuracy(THREE_VALUE, TWO_VALUE, ONE_VALUE));
-        
-        checkValues(accuracy, THREE_VALUE, TWO_VALUE, ONE_VALUE);
-        
-        checkToString(accuracy, "3.002001");
-    }
-    
-    public void testTwoThreeTwo()
-    {   
-        GenTimeAccuracy accuracy = new GenTimeAccuracy(new Accuracy(TWO_VALUE, THREE_VALUE, TWO_VALUE));
-        
-        checkValues(accuracy, TWO_VALUE, THREE_VALUE, TWO_VALUE);
-        
-        checkToString(accuracy, "2.003002");
-    }
-    
-
-    public void testZeroTwoThree()
-    {   
-        GenTimeAccuracy accuracy = new GenTimeAccuracy(new Accuracy(ZERO_VALUE, TWO_VALUE, THREE_VALUE));
-        
-        checkValues(accuracy, ZERO_VALUE, TWO_VALUE, THREE_VALUE);
-        
-        checkToString(accuracy, "0.002003");
-    }
-
-    public void testThreeTwoNull()
-    {   
-        GenTimeAccuracy accuracy = new GenTimeAccuracy(new Accuracy(THREE_VALUE, TWO_VALUE, null));
-        
-        checkValues(accuracy, THREE_VALUE, TWO_VALUE, ZERO_VALUE);
-        
-        checkToString(accuracy, "3.002000");
-    }
-    
-    public void testOneNullOne()
-    {   
-        GenTimeAccuracy accuracy = new GenTimeAccuracy(new Accuracy(ONE_VALUE, null, ONE_VALUE));
-        
-        checkValues(accuracy, ONE_VALUE, ZERO_VALUE, ONE_VALUE);
-        
-        checkToString(accuracy, "1.000001");
-    }
-    
-    public void testZeroNullNull()
-    {   
-        GenTimeAccuracy accuracy = new GenTimeAccuracy(new Accuracy(ZERO_VALUE, null, null));
-        
-        checkValues(accuracy, ZERO_VALUE, ZERO_VALUE, ZERO_VALUE);
-        
-        checkToString(accuracy, "0.000000");
-    }
-    
-    public void testNullNullNull()
-    {   
-        GenTimeAccuracy accuracy = new GenTimeAccuracy(new Accuracy(null, null, null));
-        
-        checkValues(accuracy, ZERO_VALUE, ZERO_VALUE, ZERO_VALUE);
-        
-        checkToString(accuracy, "0.000000");
-    }
-    
-    private void checkValues(
-        GenTimeAccuracy accuracy,
-        ASN1Integer      secs,
-        ASN1Integer      millis,
-        ASN1Integer      micros)
-    {
-        assertEquals(secs.getValue().intValue(), accuracy.getSeconds());
-        assertEquals(millis.getValue().intValue(), accuracy.getMillis());
-        assertEquals(micros.getValue().intValue(), accuracy.getMicros());
-    }
-    
-    private void checkToString(
-        GenTimeAccuracy accuracy,
-        String          expected)
-    {
-        assertEquals(expected, accuracy.toString());
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/test/NewTSPTest.java b/bcpkix/src/main/java/org/bouncycastle/tsp/test/NewTSPTest.java
deleted file mode 100644
index c7fef3f..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/test/NewTSPTest.java
+++ /dev/null

@@ -1,1183 +0,0 @@
-package org.bouncycastle.tsp.test;
-
-import java.io.OutputStream;
-import java.math.BigInteger;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.Security;
-import java.security.cert.X509Certificate;
-import java.text.SimpleDateFormat;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Date;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import java.util.SimpleTimeZone;
-
-import junit.framework.TestCase;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.asn1.cmp.PKIFailureInfo;
-import org.bouncycastle.asn1.cmp.PKIStatus;
-import org.bouncycastle.asn1.cms.AttributeTable;
-import org.bouncycastle.asn1.ess.ESSCertID;
-import org.bouncycastle.asn1.ess.ESSCertIDv2;
-import org.bouncycastle.asn1.ess.SigningCertificate;
-import org.bouncycastle.asn1.ess.SigningCertificateV2;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.ExtendedKeyUsage;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.Extensions;
-import org.bouncycastle.asn1.x509.ExtensionsGenerator;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.GeneralNames;
-import org.bouncycastle.asn1.x509.IssuerSerial;
-import org.bouncycastle.asn1.x509.KeyPurposeId;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cert.jcajce.JcaCertStore;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateConverter;
-import org.bouncycastle.cert.jcajce.JcaX509CertificateHolder;
-import org.bouncycastle.cert.jcajce.JcaX509v3CertificateBuilder;
-import org.bouncycastle.cms.CMSAttributeTableGenerationException;
-import org.bouncycastle.cms.CMSAttributeTableGenerator;
-import org.bouncycastle.cms.CMSSignedData;
-import org.bouncycastle.cms.DefaultSignedAttributeTableGenerator;
-import org.bouncycastle.cms.jcajce.JcaSignerInfoGeneratorBuilder;
-import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoGeneratorBuilder;
-import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
-import org.bouncycastle.cms.test.CMSTestUtil;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECNamedCurveGenParameterSpec;
-import org.bouncycastle.operator.ContentSigner;
-import org.bouncycastle.operator.DigestCalculator;
-import org.bouncycastle.operator.jcajce.JcaContentSignerBuilder;
-import org.bouncycastle.operator.jcajce.JcaDigestCalculatorProviderBuilder;
-import org.bouncycastle.tsp.GenTimeAccuracy;
-import org.bouncycastle.tsp.TSPAlgorithms;
-import org.bouncycastle.tsp.TSPException;
-import org.bouncycastle.tsp.TSPValidationException;
-import org.bouncycastle.tsp.TimeStampRequest;
-import org.bouncycastle.tsp.TimeStampRequestGenerator;
-import org.bouncycastle.tsp.TimeStampResponse;
-import org.bouncycastle.tsp.TimeStampResponseGenerator;
-import org.bouncycastle.tsp.TimeStampToken;
-import org.bouncycastle.tsp.TimeStampTokenGenerator;
-import org.bouncycastle.tsp.TimeStampTokenInfo;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Store;
-
-public class NewTSPTest
-    extends TestCase
-{
-    private static final String BC = BouncyCastleProvider.PROVIDER_NAME;
-
-    public void setUp()
-    {
-        Security.addProvider(new BouncyCastleProvider());
-    }
-
-    public void testGeneral()
-        throws Exception
-    {
-        String signDN = "O=Bouncy Castle, C=AU";
-        KeyPair signKP = TSPTestUtil.makeKeyPair();
-        X509Certificate signCert = TSPTestUtil.makeCACertificate(signKP,
-            signDN, signKP, signDN);
-
-        String origDN = "CN=Eric H. Echidna, E=eric@bouncycastle.org, O=Bouncy Castle, C=AU";
-        KeyPair origKP = TSPTestUtil.makeKeyPair();
-        X509Certificate origCert = TSPTestUtil.makeCertificate(origKP,
-            origDN, signKP, signDN);
-
-
-        List certList = new ArrayList();
-        certList.add(origCert);
-        certList.add(signCert);
-
-        Store certs = new JcaCertStore(certList);
-
-        basicTest(origKP.getPrivate(), origCert, certs);
-        resolutionTest(origKP.getPrivate(), origCert, certs, TimeStampTokenGenerator.R_SECONDS, "19700101000009Z");
-        resolutionTest(origKP.getPrivate(), origCert, certs, TimeStampTokenGenerator.R_TENTHS_OF_SECONDS, "19700101000009.9Z");
-        resolutionTest(origKP.getPrivate(), origCert, certs, TimeStampTokenGenerator.R_MICROSECONDS, "19700101000009.99Z");
-        resolutionTest(origKP.getPrivate(), origCert, certs, TimeStampTokenGenerator.R_MILLISECONDS, "19700101000009.999Z");
-        basicSha256Test(origKP.getPrivate(), origCert, certs);
-        basicTestWithTSA(origKP.getPrivate(), origCert, certs);
-        overrideAttrsTest(origKP.getPrivate(), origCert, certs);
-        responseValidationTest(origKP.getPrivate(), origCert, certs);
-        incorrectHashTest(origKP.getPrivate(), origCert, certs);
-        badAlgorithmTest(origKP.getPrivate(), origCert, certs);
-        timeNotAvailableTest(origKP.getPrivate(), origCert, certs);
-        badPolicyTest(origKP.getPrivate(), origCert, certs);
-        tokenEncodingTest(origKP.getPrivate(), origCert, certs);
-        certReqTest(origKP.getPrivate(), origCert, certs);
-        testAccuracyZeroCerts(origKP.getPrivate(), origCert, certs);
-        testAccuracyWithCertsAndOrdering(origKP.getPrivate(), origCert, certs);
-        testNoNonse(origKP.getPrivate(), origCert, certs);
-        extensionTest(origKP.getPrivate(), origCert, certs);
-        additionalExtensionTest(origKP.getPrivate(), origCert, certs);
-    }
-
-    public void testCertOrdering()
-        throws Exception
-    {
-        List            certList = new ArrayList();
-
-        String _origDN   = "O=Bouncy Castle, C=AU";
-        KeyPair _origKP   = CMSTestUtil.makeKeyPair();
-        X509Certificate _origCert = CMSTestUtil.makeCertificate(_origKP, _origDN, _origKP, _origDN);
-
-        String _signDN   = "CN=Bob, OU=Sales, O=Bouncy Castle, C=AU";
-        KeyPair _signKP   = CMSTestUtil.makeKeyPair();
-        X509Certificate _signCert = TSPTestUtil.makeCertificate(_signKP, _signDN, _origKP, _origDN);
-
-        KeyPair _signDsaKP   = CMSTestUtil.makeDsaKeyPair();
-        X509Certificate _signDsaCert = CMSTestUtil.makeCertificate(_signDsaKP, _signDN, _origKP, _origDN);
-
-        certList.add(_origCert);
-        certList.add(_signDsaCert);
-        certList.add(_signCert);
-
-        Store      certs = new JcaCertStore(certList);
-
-        TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
-            new JcaSimpleSignerInfoGeneratorBuilder().build("SHA1withRSA", _signKP.getPrivate(), _signCert), new SHA1DigestCalculator(), new ASN1ObjectIdentifier("1.2"));
-
-        tsTokenGen.addCertificates(certs);
-
-        TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
-        
-        reqGen.setCertReq(true);
-
-        TimeStampRequest request = reqGen.generate(TSPAlgorithms.SHA1, new byte[20], BigInteger.valueOf(100));
-
-        TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TSPAlgorithms.ALLOWED);
-
-        TimeStampResponse initResp = tsRespGen.generateGrantedResponse(request, new BigInteger("23"), new Date());
-
-        // original CMS SignedData object
-        CMSSignedData sd = initResp.getTimeStampToken().toCMSSignedData();
-
-        certs = sd.getCertificates();
-        Iterator it = certs.getMatches(null).iterator();
-
-        assertEquals(new JcaX509CertificateHolder(_origCert), it.next());
-        assertEquals(new JcaX509CertificateHolder(_signDsaCert), it.next());
-        assertEquals(new JcaX509CertificateHolder(_signCert), it.next());
-
-        // definite-length
-        TimeStampResponse dlResp = new TimeStampResponse(initResp.getEncoded(ASN1Encoding.DL));
-
-        sd = dlResp.getTimeStampToken().toCMSSignedData();
-
-        certs = sd.getCertificates();
-        it = certs.getMatches(null).iterator();
-
-        assertEquals(new JcaX509CertificateHolder(_origCert), it.next());
-        assertEquals(new JcaX509CertificateHolder(_signDsaCert), it.next());
-        assertEquals(new JcaX509CertificateHolder(_signCert), it.next());
-
-        // convert to DER - the default encoding
-        TimeStampResponse derResp = new TimeStampResponse(initResp.getEncoded());
-
-        sd = derResp.getTimeStampToken().toCMSSignedData();
-
-        certs = sd.getCertificates();
-        it = certs.getMatches(null).iterator();
-
-        assertEquals(new JcaX509CertificateHolder(_origCert), it.next());
-        assertEquals(new JcaX509CertificateHolder(_signCert), it.next());
-        assertEquals(new JcaX509CertificateHolder(_signDsaCert), it.next());
-    }
-
-    private void basicTest(
-        PrivateKey privateKey,
-        X509Certificate cert,
-        Store certs)
-        throws Exception
-    {
-        TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
-            new JcaSimpleSignerInfoGeneratorBuilder().build("SHA1withRSA", privateKey, cert), new SHA1DigestCalculator(), new ASN1ObjectIdentifier("1.2"));
-
-        tsTokenGen.addCertificates(certs);
-
-        TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
-        TimeStampRequest request = reqGen.generate(TSPAlgorithms.SHA1, new byte[20], BigInteger.valueOf(100));
-
-        TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TSPAlgorithms.ALLOWED);
-
-        TimeStampResponse tsResp = tsRespGen.generate(request, new BigInteger("23"), new Date());
-
-        tsResp = new TimeStampResponse(tsResp.getEncoded());
-
-        TimeStampToken tsToken = tsResp.getTimeStampToken();
-
-        tsToken.validate(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert));
-
-        AttributeTable table = tsToken.getSignedAttributes();
-
-        assertNotNull("no signingCertificate attribute found", table.get(PKCSObjectIdentifiers.id_aa_signingCertificate));
-    }
-
-    public void testSM2withSM3()
-        throws Exception
-    {
-        //
-         // set up the keys
-         //
-         PrivateKey privKey;
-         PublicKey pubKey;
-
-         try
-         {
-             KeyPairGenerator g = KeyPairGenerator.getInstance("EC", "BC");
-
-             g.initialize(new ECNamedCurveGenParameterSpec("sm2p256v1"));
-
-             KeyPair p = g.generateKeyPair();
-
-             privKey = p.getPrivate();
-             pubKey = p.getPublic();
-         }
-         catch (Exception e)
-         {
-             fail("error setting up keys - " + e.toString());
-             return;
-         }
-
-        //
-        // extensions
-        //
-
-        //
-        // create the certificate - version 1
-        //
-
-        ContentSigner sigGen = new JcaContentSignerBuilder("SM3withSM2").setProvider(BC).build(privKey);
-        JcaX509v3CertificateBuilder certGen = new JcaX509v3CertificateBuilder(
-            new X500Name("CN=Test"),
-            BigInteger.valueOf(1),
-            new Date(System.currentTimeMillis() - 50000),
-            new Date(System.currentTimeMillis() + 50000),
-            new X500Name("CN=Test"),
-            pubKey);
-
-        certGen.addExtension(Extension.extendedKeyUsage, true, new ExtendedKeyUsage(KeyPurposeId.id_kp_timeStamping));
-
-        X509Certificate cert = new JcaX509CertificateConverter().setProvider(BC).getCertificate(certGen.build(sigGen));
-
-        TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
-            new JcaSimpleSignerInfoGeneratorBuilder().build("SM3withSM2", privKey, cert), new SHA1DigestCalculator(), new ASN1ObjectIdentifier("1.2"));
-
-       // tsTokenGen.addCertificates(certs);
-
-        TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
-        TimeStampRequest request = reqGen.generate(TSPAlgorithms.SM3, new byte[32], BigInteger.valueOf(100));
-
-        TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TSPAlgorithms.ALLOWED);
-
-        TimeStampResponse tsResp = tsRespGen.generate(request, new BigInteger("23"), new Date());
-
-        tsResp = new TimeStampResponse(tsResp.getEncoded());
-
-        TimeStampToken tsToken = tsResp.getTimeStampToken();
-
-        tsToken.validate(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert));
-
-        AttributeTable table = tsToken.getSignedAttributes();
-
-        assertNotNull("no signingCertificate attribute found", table.get(PKCSObjectIdentifiers.id_aa_signingCertificate));
-    }
-
-    private void resolutionTest(
-        PrivateKey privateKey,
-        X509Certificate cert,
-        Store certs,
-        int   resolution,
-        String timeString)
-        throws Exception
-    {
-        TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
-            new JcaSimpleSignerInfoGeneratorBuilder().build("SHA1withRSA", privateKey, cert), new SHA1DigestCalculator(), new ASN1ObjectIdentifier("1.2"));
-
-        tsTokenGen.addCertificates(certs);
-
-        tsTokenGen.setResolution(resolution);
-
-        TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
-        TimeStampRequest request = reqGen.generate(TSPAlgorithms.SHA1, new byte[20], BigInteger.valueOf(100));
-
-        TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TSPAlgorithms.ALLOWED);
-
-        TimeStampResponse tsResp = tsRespGen.generate(request, new BigInteger("23"), new Date(9999L));
-
-        tsResp = new TimeStampResponse(tsResp.getEncoded());
-
-        TimeStampToken tsToken = tsResp.getTimeStampToken();
-
-        SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS'Z'");
-
-        dateF.setTimeZone(new SimpleTimeZone(0, "Z"));
-
-        assertEquals(timeString, tsToken.getTimeStampInfo().toASN1Structure().getGenTime().getTimeString());
-
-        // test zero truncation
-        tsResp = tsRespGen.generate(request, new BigInteger("23"), new Date(9000L));
-        tsToken = tsResp.getTimeStampToken();
-
-        assertEquals("19700101000009Z", tsToken.getTimeStampInfo().toASN1Structure().getGenTime().getTimeString());
-
-        if (resolution > TimeStampTokenGenerator.R_MICROSECONDS)
-        {
-            tsResp = tsRespGen.generate(request, new BigInteger("23"), new Date(9990L));
-            tsToken = tsResp.getTimeStampToken();
-
-            assertEquals("19700101000009.99Z", tsToken.getTimeStampInfo().toASN1Structure().getGenTime().getTimeString());
-        }
-        if (resolution > TimeStampTokenGenerator.R_TENTHS_OF_SECONDS)
-        {
-            tsResp = tsRespGen.generate(request, new BigInteger("23"), new Date(9900L));
-            tsToken = tsResp.getTimeStampToken();
-
-            assertEquals("19700101000009.9Z", tsToken.getTimeStampInfo().toASN1Structure().getGenTime().getTimeString());
-        }
-    }
-
-    private void basicSha256Test(
-        PrivateKey privateKey,
-        X509Certificate cert,
-        Store certs)
-        throws Exception
-    {
-        TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
-            new JcaSimpleSignerInfoGeneratorBuilder().build("SHA256withRSA", privateKey, cert), new SHA256DigestCalculator(), new ASN1ObjectIdentifier("1.2"));
-
-        tsTokenGen.addCertificates(certs);
-
-        TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
-        TimeStampRequest request = reqGen.generate(TSPAlgorithms.SHA256, new byte[32], BigInteger.valueOf(100));
-
-        TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TSPAlgorithms.ALLOWED);
-
-        TimeStampResponse tsResp = tsRespGen.generate(request, new BigInteger("23"), new Date());
-
-        assertEquals(PKIStatus.GRANTED, tsResp.getStatus());
-
-        tsResp = new TimeStampResponse(tsResp.getEncoded());
-
-        TimeStampToken tsToken = tsResp.getTimeStampToken();
-
-        tsToken.validate(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert));
-
-        AttributeTable table = tsToken.getSignedAttributes();
-
-        assertNotNull("no signingCertificate attribute found", table.get(PKCSObjectIdentifiers.id_aa_signingCertificateV2));
-
-        DigestCalculator digCalc = new SHA256DigestCalculator();
-
-        OutputStream dOut = digCalc.getOutputStream();
-
-        dOut.write(cert.getEncoded());
-
-        dOut.close();
-
-        byte[] certHash = digCalc.getDigest();
-
-        SigningCertificateV2 sigCertV2 = SigningCertificateV2.getInstance(table.get(PKCSObjectIdentifiers.id_aa_signingCertificateV2).getAttributeValues()[0]);
-
-        assertTrue(Arrays.areEqual(certHash, sigCertV2.getCerts()[0].getCertHash()));
-    }
-
-    private void overrideAttrsTest(
-        PrivateKey privateKey,
-        X509Certificate cert,
-        Store certs)
-        throws Exception
-    {
-        JcaSimpleSignerInfoGeneratorBuilder signerInfoGenBuilder = new JcaSimpleSignerInfoGeneratorBuilder().setProvider("BC");
-
-        IssuerSerial issuerSerial = new IssuerSerial(new GeneralNames(new GeneralName(new X509CertificateHolder(cert.getEncoded()).getIssuer())), cert.getSerialNumber());
-
-        DigestCalculator digCalc = new SHA1DigestCalculator();
-
-        OutputStream dOut = digCalc.getOutputStream();
-
-        dOut.write(cert.getEncoded());
-
-        dOut.close();
-
-        byte[] certHash = digCalc.getDigest();
-
-        digCalc = new SHA256DigestCalculator();
-
-        dOut = digCalc.getOutputStream();
-
-        dOut.write(cert.getEncoded());
-
-        dOut.close();
-
-        byte[] certHash256 = digCalc.getDigest();
-
-        final ESSCertID essCertid = new ESSCertID(certHash, issuerSerial);
-        final ESSCertIDv2 essCertidV2 = new ESSCertIDv2(certHash256, issuerSerial);
-
-        signerInfoGenBuilder.setSignedAttributeGenerator(new CMSAttributeTableGenerator()
-        {
-            public AttributeTable getAttributes(Map parameters)
-                throws CMSAttributeTableGenerationException
-            {
-                CMSAttributeTableGenerator attrGen = new DefaultSignedAttributeTableGenerator();
-
-                AttributeTable table = attrGen.getAttributes(parameters);
-                table = table.add(PKCSObjectIdentifiers.id_aa_signingCertificate, new SigningCertificate(essCertid));
-                table = table.add(PKCSObjectIdentifiers.id_aa_signingCertificateV2, new SigningCertificateV2(new ESSCertIDv2[]{essCertidV2}));
-
-                return table;
-            }
-        });
-
-        TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(signerInfoGenBuilder.build("SHA1withRSA", privateKey, cert), new SHA1DigestCalculator(), new ASN1ObjectIdentifier("1.2"));
-
-        tsTokenGen.addCertificates(certs);
-
-        TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
-        TimeStampRequest request = reqGen.generate(TSPAlgorithms.SHA1, new byte[20], BigInteger.valueOf(100));
-
-        TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TSPAlgorithms.ALLOWED);
-
-        TimeStampResponse tsResp = tsRespGen.generate(request, new BigInteger("23"), new Date());
-
-        tsResp = new TimeStampResponse(tsResp.getEncoded());
-
-        TimeStampToken tsToken = tsResp.getTimeStampToken();
-
-        tsToken.validate(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert));
-
-        AttributeTable table = tsToken.getSignedAttributes();
-
-        assertNotNull("no signingCertificate attribute found", table.get(PKCSObjectIdentifiers.id_aa_signingCertificate));
-        assertNotNull("no signingCertificateV2 attribute found", table.get(PKCSObjectIdentifiers.id_aa_signingCertificateV2));
-
-        SigningCertificate sigCert = SigningCertificate.getInstance(table.get(PKCSObjectIdentifiers.id_aa_signingCertificate).getAttributeValues()[0]);
-
-        assertEquals(new X509CertificateHolder(cert.getEncoded()).getIssuer(), sigCert.getCerts()[0].getIssuerSerial().getIssuer().getNames()[0].getName());
-        assertEquals(cert.getSerialNumber(), sigCert.getCerts()[0].getIssuerSerial().getSerial().getValue());
-        assertTrue(Arrays.areEqual(certHash, sigCert.getCerts()[0].getCertHash()));
-
-        SigningCertificateV2 sigCertV2 = SigningCertificateV2.getInstance(table.get(PKCSObjectIdentifiers.id_aa_signingCertificateV2).getAttributeValues()[0]);
-
-        assertEquals(new X509CertificateHolder(cert.getEncoded()).getIssuer(), sigCertV2.getCerts()[0].getIssuerSerial().getIssuer().getNames()[0].getName());
-        assertEquals(cert.getSerialNumber(), sigCertV2.getCerts()[0].getIssuerSerial().getSerial().getValue());
-        assertTrue(Arrays.areEqual(certHash256, sigCertV2.getCerts()[0].getCertHash()));
-    }
-
-    private void basicTestWithTSA(
-        PrivateKey privateKey,
-        X509Certificate cert,
-        Store certs)
-        throws Exception
-    {
-        TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
-            new JcaSimpleSignerInfoGeneratorBuilder().build("SHA1withRSA", privateKey, cert), new SHA1DigestCalculator(), new ASN1ObjectIdentifier("1.2"));
-
-        tsTokenGen.addCertificates(certs);
-        tsTokenGen.setTSA(new GeneralName(new X500Name("CN=Test")));
-
-        TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
-        TimeStampRequest request = reqGen.generate(TSPAlgorithms.SHA1, new byte[20], BigInteger.valueOf(100));
-
-        TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TSPAlgorithms.ALLOWED);
-
-        TimeStampResponse tsResp = tsRespGen.generate(request, new BigInteger("23"), new Date());
-
-        tsResp = new TimeStampResponse(tsResp.getEncoded());
-
-        TimeStampToken tsToken = tsResp.getTimeStampToken();
-
-        tsToken.validate(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert));
-
-        AttributeTable table = tsToken.getSignedAttributes();
-
-        assertNotNull("no signingCertificate attribute found", table.get(PKCSObjectIdentifiers.id_aa_signingCertificate));
-    }
-
-    private void additionalExtensionTest(
-        PrivateKey privateKey,
-        X509Certificate cert,
-        Store certs)
-        throws Exception
-    {
-        TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
-            new JcaSimpleSignerInfoGeneratorBuilder().build("SHA1withRSA", privateKey, cert), new SHA1DigestCalculator(), new ASN1ObjectIdentifier("1.2"));
-
-        tsTokenGen.addCertificates(certs);
-        tsTokenGen.setTSA(new GeneralName(new X500Name("CN=Test")));
-
-        TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
-        TimeStampRequest request = reqGen.generate(TSPAlgorithms.SHA1, new byte[20], BigInteger.valueOf(100));
-
-        TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TSPAlgorithms.ALLOWED);
-
-        ExtensionsGenerator extGen = new ExtensionsGenerator();
-
-        extGen.addExtension(Extension.auditIdentity, false, new DERUTF8String("Test"));
-
-        TimeStampResponse tsResp = tsRespGen.generateGrantedResponse(request, new BigInteger("23"), new Date(), "Okay", extGen.generate());
-
-        tsResp = new TimeStampResponse(tsResp.getEncoded());
-
-        TimeStampToken tsToken = tsResp.getTimeStampToken();
-
-        tsToken.validate(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert));
-
-        AttributeTable table = tsToken.getSignedAttributes();
-
-        assertNotNull("no signingCertificate attribute found", table.get(PKCSObjectIdentifiers.id_aa_signingCertificate));
-
-        Extensions ext = tsToken.getTimeStampInfo().getExtensions();
-
-        assertEquals(1, ext.getExtensionOIDs().length);
-        assertEquals(new Extension(Extension.auditIdentity, false, new DERUTF8String("Test").getEncoded()), ext.getExtension(Extension.auditIdentity));
-    }
-
-    private void responseValidationTest(
-        PrivateKey privateKey,
-        X509Certificate cert,
-        Store certs)
-        throws Exception
-    {
-        JcaSignerInfoGeneratorBuilder infoGeneratorBuilder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build());
-
-        TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
-            infoGeneratorBuilder.build(new JcaContentSignerBuilder("MD5withRSA").setProvider(BC).build(privateKey), cert), new SHA1DigestCalculator(), new ASN1ObjectIdentifier("1.2"));
-
-        tsTokenGen.addCertificates(certs);
-
-        TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
-        TimeStampRequest request = reqGen.generate(TSPAlgorithms.SHA1, new byte[20], BigInteger.valueOf(100));
-
-        TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TSPAlgorithms.ALLOWED);
-
-        TimeStampResponse tsResp = tsRespGen.generate(request, new BigInteger("23"), new Date());
-
-        tsResp = new TimeStampResponse(tsResp.getEncoded());
-
-        TimeStampToken tsToken = tsResp.getTimeStampToken();
-
-        tsToken.validate(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert));
-
-        //
-        // check validation
-        //
-        tsResp.validate(request);
-
-        try
-        {
-            request = reqGen.generate(TSPAlgorithms.SHA1, new byte[20], BigInteger.valueOf(101));
-
-            tsResp.validate(request);
-
-            fail("response validation failed on invalid nonce.");
-        }
-        catch (TSPValidationException e)
-        {
-            // ignore
-        }
-
-        try
-        {
-            request = reqGen.generate(TSPAlgorithms.SHA1, new byte[22], BigInteger.valueOf(100));
-
-            tsResp.validate(request);
-
-            fail("response validation failed on wrong digest.");
-        }
-        catch (TSPValidationException e)
-        {
-            // ignore
-        }
-
-        try
-        {
-            request = reqGen.generate(TSPAlgorithms.MD5, new byte[20], BigInteger.valueOf(100));
-
-            tsResp.validate(request);
-
-            fail("response validation failed on wrong digest.");
-        }
-        catch (TSPValidationException e)
-        {
-            // ignore
-        }
-    }
-
-    private void incorrectHashTest(
-        PrivateKey privateKey,
-        X509Certificate cert,
-        Store certs)
-        throws Exception
-    {
-        JcaSignerInfoGeneratorBuilder infoGeneratorBuilder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build());
-
-        TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(infoGeneratorBuilder.build(new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(privateKey), cert), new SHA1DigestCalculator(), new ASN1ObjectIdentifier("1.2"));
-
-        tsTokenGen.addCertificates(certs);
-
-        TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
-        TimeStampRequest request = reqGen.generate(TSPAlgorithms.SHA1, new byte[16]);
-
-        TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TSPAlgorithms.ALLOWED);
-
-        TimeStampResponse tsResp = tsRespGen.generate(request, new BigInteger("23"), new Date());
-
-        tsResp = new TimeStampResponse(tsResp.getEncoded());
-
-        TimeStampToken tsToken = tsResp.getTimeStampToken();
-
-        if (tsToken != null)
-        {
-            fail("incorrectHash - token not null.");
-        }
-
-        PKIFailureInfo failInfo = tsResp.getFailInfo();
-
-        if (failInfo == null)
-        {
-            fail("incorrectHash - failInfo set to null.");
-        }
-
-        if (failInfo.intValue() != PKIFailureInfo.badDataFormat)
-        {
-            fail("incorrectHash - wrong failure info returned.");
-        }
-    }
-
-    private void badAlgorithmTest(
-        PrivateKey privateKey,
-        X509Certificate cert,
-        Store certs)
-        throws Exception
-    {
-        JcaSimpleSignerInfoGeneratorBuilder infoGeneratorBuilder = new JcaSimpleSignerInfoGeneratorBuilder().setProvider(BC);
-
-        TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(infoGeneratorBuilder.build("SHA1withRSA", privateKey, cert), new SHA1DigestCalculator(), new ASN1ObjectIdentifier("1.2"));
-
-        tsTokenGen.addCertificates(certs);
-
-        TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
-        TimeStampRequest request = reqGen.generate(new ASN1ObjectIdentifier("1.2.3.4.5"), new byte[20]);
-
-        TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TSPAlgorithms.ALLOWED);
-
-        TimeStampResponse tsResp = tsRespGen.generate(request, new BigInteger("23"), new Date());
-
-        tsResp = new TimeStampResponse(tsResp.getEncoded());
-
-        TimeStampToken tsToken = tsResp.getTimeStampToken();
-
-        if (tsToken != null)
-        {
-            fail("badAlgorithm - token not null.");
-        }
-
-        PKIFailureInfo failInfo = tsResp.getFailInfo();
-
-        if (failInfo == null)
-        {
-            fail("badAlgorithm - failInfo set to null.");
-        }
-
-        if (failInfo.intValue() != PKIFailureInfo.badAlg)
-        {
-            fail("badAlgorithm - wrong failure info returned.");
-        }
-    }
-
-    private void timeNotAvailableTest(
-        PrivateKey privateKey,
-        X509Certificate cert,
-        Store certs)
-        throws Exception
-    {
-        JcaSignerInfoGeneratorBuilder infoGeneratorBuilder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build());
-
-        TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(infoGeneratorBuilder.build(new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(privateKey), cert), new SHA1DigestCalculator(), new ASN1ObjectIdentifier("1.2"));
-
-        tsTokenGen.addCertificates(certs);
-
-        TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
-        TimeStampRequest request = reqGen.generate(new ASN1ObjectIdentifier("1.2.3.4.5"), new byte[20]);
-
-        TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TSPAlgorithms.ALLOWED);
-
-        TimeStampResponse tsResp;
-
-        try
-        {
-            tsResp = tsRespGen.generateGrantedResponse(request, new BigInteger("23"), null);
-        }
-        catch (TSPException e)
-        {
-            tsResp = tsRespGen.generateRejectedResponse(e);
-        }
-
-        tsResp = new TimeStampResponse(tsResp.getEncoded());
-
-        TimeStampToken tsToken = tsResp.getTimeStampToken();
-
-        if (tsToken != null)
-        {
-            fail("timeNotAvailable - token not null.");
-        }
-
-        PKIFailureInfo failInfo = tsResp.getFailInfo();
-
-        if (failInfo == null)
-        {
-            fail("timeNotAvailable - failInfo set to null.");
-        }
-
-        if (failInfo.intValue() != PKIFailureInfo.timeNotAvailable)
-        {
-            fail("timeNotAvailable - wrong failure info returned.");
-        }
-    }
-
-    private void badPolicyTest(
-        PrivateKey privateKey,
-        X509Certificate cert,
-        Store certs)
-        throws Exception
-    {
-        JcaSignerInfoGeneratorBuilder infoGeneratorBuilder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build());
-
-        TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(infoGeneratorBuilder.build(new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(privateKey), cert), new SHA1DigestCalculator(), new ASN1ObjectIdentifier("1.2"));
-
-        tsTokenGen.addCertificates(certs);
-
-        TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
-
-        reqGen.setReqPolicy(new ASN1ObjectIdentifier("1.1"));
-
-        TimeStampRequest request = reqGen.generate(TSPAlgorithms.SHA1, new byte[20]);
-
-        TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TSPAlgorithms.ALLOWED, new HashSet());
-
-        TimeStampResponse tsResp;
-
-        try
-        {
-            tsResp = tsRespGen.generateGrantedResponse(request, new BigInteger("23"), new Date());
-        }
-        catch (TSPException e)
-        {
-            tsResp = tsRespGen.generateRejectedResponse(e);
-        }
-
-        tsResp = new TimeStampResponse(tsResp.getEncoded());
-
-        TimeStampToken tsToken = tsResp.getTimeStampToken();
-
-        if (tsToken != null)
-        {
-            fail("badPolicy - token not null.");
-        }
-
-        PKIFailureInfo failInfo = tsResp.getFailInfo();
-
-        if (failInfo == null)
-        {
-            fail("badPolicy - failInfo set to null.");
-        }
-
-        if (failInfo.intValue() != PKIFailureInfo.unacceptedPolicy)
-        {
-            fail("badPolicy - wrong failure info returned.");
-        }
-    }
-
-    private void certReqTest(
-        PrivateKey privateKey,
-        X509Certificate cert,
-        Store certs)
-        throws Exception
-    {
-        JcaSignerInfoGeneratorBuilder infoGeneratorBuilder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build());
-
-        TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(infoGeneratorBuilder.build(new JcaContentSignerBuilder("MD5withRSA").setProvider(BC).build(privateKey), cert), new SHA1DigestCalculator(), new ASN1ObjectIdentifier("1.2"));
-
-        tsTokenGen.addCertificates(certs);
-
-        TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
-
-        //
-        // request with certReq false
-        //
-        reqGen.setCertReq(false);
-
-        TimeStampRequest request = reqGen.generate(TSPAlgorithms.SHA1, new byte[20], BigInteger.valueOf(100));
-
-        TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TSPAlgorithms.ALLOWED);
-
-        TimeStampResponse tsResp = tsRespGen.generateGrantedResponse(request, new BigInteger("23"), new Date());
-
-        tsResp = new TimeStampResponse(tsResp.getEncoded());
-
-        TimeStampToken tsToken = tsResp.getTimeStampToken();
-
-        assertNull(tsToken.getTimeStampInfo().getGenTimeAccuracy());  // check for abscence of accuracy
-
-        assertEquals("1.2", tsToken.getTimeStampInfo().getPolicy().getId());
-
-        try
-        {
-            tsToken.validate(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert));
-        }
-        catch (TSPValidationException e)
-        {
-            fail("certReq(false) verification of token failed.");
-        }
-
-        Store respCerts = tsToken.getCertificates();
-
-        Collection certsColl = respCerts.getMatches(null);
-
-        if (!certsColl.isEmpty())
-        {
-            fail("certReq(false) found certificates in response.");
-        }
-    }
-
-
-    private void tokenEncodingTest(
-        PrivateKey privateKey,
-        X509Certificate cert,
-        Store certs)
-        throws Exception
-    {
-        JcaSignerInfoGeneratorBuilder infoGeneratorBuilder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build());
-
-        TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(infoGeneratorBuilder.build(new JcaContentSignerBuilder("SHA1withRSA").setProvider(BC).build(privateKey), cert), new SHA1DigestCalculator(), new ASN1ObjectIdentifier("1.2.3.4.5.6"));
-
-        tsTokenGen.addCertificates(certs);
-
-        TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
-        TimeStampRequest request = reqGen.generate(TSPAlgorithms.SHA1, new byte[20], BigInteger.valueOf(100));
-        TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TSPAlgorithms.ALLOWED);
-        TimeStampResponse tsResp = tsRespGen.generate(request, new BigInteger("23"), new Date());
-
-        tsResp = new TimeStampResponse(tsResp.getEncoded());
-
-        TimeStampResponse tsResponse = new TimeStampResponse(tsResp.getEncoded());
-
-        if (!Arrays.areEqual(tsResponse.getEncoded(), tsResp.getEncoded())
-            || !Arrays.areEqual(tsResponse.getTimeStampToken().getEncoded(),
-            tsResp.getTimeStampToken().getEncoded()))
-        {
-            fail();
-        }
-    }
-
-    private void testAccuracyZeroCerts(
-        PrivateKey privateKey,
-        X509Certificate cert,
-        Store certs)
-        throws Exception
-    {
-        JcaSignerInfoGeneratorBuilder infoGeneratorBuilder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build());
-
-        TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(infoGeneratorBuilder.build(new JcaContentSignerBuilder("MD5withRSA").setProvider(BC).build(privateKey), cert), new SHA1DigestCalculator(), new ASN1ObjectIdentifier("1.2"));
-
-        tsTokenGen.addCertificates(certs);
-
-        tsTokenGen.setAccuracySeconds(1);
-        tsTokenGen.setAccuracyMillis(2);
-        tsTokenGen.setAccuracyMicros(3);
-
-        TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
-        TimeStampRequest request = reqGen.generate(TSPAlgorithms.SHA1, new byte[20], BigInteger.valueOf(100));
-
-        TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TSPAlgorithms.ALLOWED);
-
-        TimeStampResponse tsResp = tsRespGen.generate(request, new BigInteger("23"), new Date());
-
-        tsResp = new TimeStampResponse(tsResp.getEncoded());
-
-        TimeStampToken tsToken = tsResp.getTimeStampToken();
-
-        tsToken.validate(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert));
-
-        //
-        // check validation
-        //
-        tsResp.validate(request);
-
-        //
-        // check tstInfo
-        //
-        TimeStampTokenInfo tstInfo = tsToken.getTimeStampInfo();
-
-        //
-        // check accuracy
-        //
-        GenTimeAccuracy accuracy = tstInfo.getGenTimeAccuracy();
-
-        assertEquals(1, accuracy.getSeconds());
-        assertEquals(2, accuracy.getMillis());
-        assertEquals(3, accuracy.getMicros());
-
-        assertEquals(new BigInteger("23"), tstInfo.getSerialNumber());
-
-        assertEquals("1.2", tstInfo.getPolicy().getId());
-
-        //
-        // test certReq
-        //
-        Store store = tsToken.getCertificates();
-
-        Collection certificates = store.getMatches(null);
-
-        assertEquals(0, certificates.size());
-    }
-
-    private void testAccuracyWithCertsAndOrdering(
-        PrivateKey privateKey,
-        X509Certificate cert,
-        Store certs)
-        throws Exception
-    {
-        JcaSignerInfoGeneratorBuilder infoGeneratorBuilder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build());
-
-        TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(infoGeneratorBuilder.build(new JcaContentSignerBuilder("MD5withRSA").setProvider(BC).build(privateKey), cert), new SHA1DigestCalculator(), new ASN1ObjectIdentifier("1.2.3"));
-
-        tsTokenGen.addCertificates(certs);
-
-        tsTokenGen.setAccuracySeconds(3);
-        tsTokenGen.setAccuracyMillis(1);
-        tsTokenGen.setAccuracyMicros(2);
-
-        tsTokenGen.setOrdering(true);
-
-        TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
-
-        reqGen.setCertReq(true);
-
-        TimeStampRequest request = reqGen.generate(TSPAlgorithms.SHA1, new byte[20], BigInteger.valueOf(100));
-
-        assertTrue(request.getCertReq());
-
-        TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TSPAlgorithms.ALLOWED);
-
-        TimeStampResponse tsResp;
-
-        try
-        {
-            tsResp = tsRespGen.generateGrantedResponse(request, new BigInteger("23"), new Date());
-        }
-        catch (TSPException e)
-        {
-            tsResp = tsRespGen.generateRejectedResponse(e);
-        }
-
-        tsResp = new TimeStampResponse(tsResp.getEncoded());
-
-        TimeStampToken tsToken = tsResp.getTimeStampToken();
-
-        tsToken.validate(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert));
-
-        //
-        // check validation
-        //
-        tsResp.validate(request);
-
-        //
-        // check tstInfo
-        //
-        TimeStampTokenInfo tstInfo = tsToken.getTimeStampInfo();
-
-        //
-        // check accuracy
-        //
-        GenTimeAccuracy accuracy = tstInfo.getGenTimeAccuracy();
-
-        assertEquals(3, accuracy.getSeconds());
-        assertEquals(1, accuracy.getMillis());
-        assertEquals(2, accuracy.getMicros());
-
-        assertEquals(new BigInteger("23"), tstInfo.getSerialNumber());
-
-        assertEquals("1.2.3", tstInfo.getPolicy().getId());
-
-        assertEquals(true, tstInfo.isOrdered());
-
-        assertEquals(tstInfo.getNonce(), BigInteger.valueOf(100));
-
-        //
-        // test certReq
-        //
-        Store store = tsToken.getCertificates();
-
-        Collection certificates = store.getMatches(null);
-
-        assertEquals(2, certificates.size());
-    }
-
-    private void testNoNonse(
-        PrivateKey privateKey,
-        X509Certificate cert,
-        Store certs)
-        throws Exception
-    {
-        JcaSignerInfoGeneratorBuilder infoGeneratorBuilder = new JcaSignerInfoGeneratorBuilder(new JcaDigestCalculatorProviderBuilder().setProvider(BC).build());
-
-        TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(infoGeneratorBuilder.build(new JcaContentSignerBuilder("MD5withRSA").setProvider(BC).build(privateKey), cert), new SHA1DigestCalculator(), new ASN1ObjectIdentifier("1.2.3"));
-
-        tsTokenGen.addCertificates(certs);
-
-        TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
-        TimeStampRequest request = reqGen.generate(TSPAlgorithms.SHA1, new byte[20]);
-
-        Set algorithms = new HashSet();
-
-        algorithms.add(TSPAlgorithms.SHA1);
-
-        request.validate(algorithms, new HashSet(), new HashSet());
-
-        assertFalse(request.getCertReq());
-
-        TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TSPAlgorithms.ALLOWED);
-
-        TimeStampResponse tsResp = tsRespGen.generate(request, new BigInteger("24"), new Date());
-
-        tsResp = new TimeStampResponse(tsResp.getEncoded());
-
-        TimeStampToken tsToken = tsResp.getTimeStampToken();
-
-        tsToken.validate(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert));
-
-        //
-        // check validation
-        //
-        tsResp.validate(request);
-
-        //
-        // check tstInfo
-        //
-        TimeStampTokenInfo tstInfo = tsToken.getTimeStampInfo();
-
-        //
-        // check accuracy
-        //
-        GenTimeAccuracy accuracy = tstInfo.getGenTimeAccuracy();
-
-        assertNull(accuracy);
-
-        assertEquals(new BigInteger("24"), tstInfo.getSerialNumber());
-
-        assertEquals("1.2.3", tstInfo.getPolicy().getId());
-
-        assertEquals(false, tstInfo.isOrdered());
-
-        assertNull(tstInfo.getNonce());
-
-        //
-        // test certReq
-        //
-        Store store = tsToken.getCertificates();
-
-        Collection certificates = store.getMatches(null);
-
-        assertEquals(0, certificates.size());
-    }
-
-    private void extensionTest(
-        PrivateKey privateKey,
-        X509Certificate cert,
-        Store certs)
-        throws Exception
-    {
-        TimeStampTokenGenerator tsTokenGen = new TimeStampTokenGenerator(
-            new JcaSimpleSignerInfoGeneratorBuilder().build("SHA1withRSA", privateKey, cert), new SHA1DigestCalculator(), new ASN1ObjectIdentifier("1.2"));
-
-        tsTokenGen.addCertificates(certs);
-
-        TimeStampRequestGenerator reqGen = new TimeStampRequestGenerator();
-
-        // test case only!!!
-        reqGen.setReqPolicy(Extension.noRevAvail);
-        // test case only!!!
-        reqGen.addExtension(Extension.biometricInfo, true, new DEROctetString(new byte[20]));
-
-        TimeStampRequest request = reqGen.generate(TSPAlgorithms.SHA1, new byte[20], BigInteger.valueOf(100));
-
-        try
-        {
-            request.validate(new HashSet(), new HashSet(), new HashSet());
-            fail("no exception");
-        }
-        catch (Exception e)
-        {
-            assertEquals(e.getMessage(), "request contains unknown algorithm");
-        }
-
-        Set algorithms = new HashSet();
-
-        algorithms.add(TSPAlgorithms.SHA1);
-
-        try
-        {
-            request.validate(algorithms, new HashSet(), new HashSet());
-            fail("no exception");
-        }
-        catch (Exception e)
-        {
-            assertEquals(e.getMessage(), "request contains unknown policy");
-        }
-
-        Set policies = new HashSet();
-
-        policies.add(Extension.noRevAvail);
-
-        try
-        {
-            request.validate(algorithms, policies, new HashSet());
-            fail("no exception");
-        }
-        catch (Exception e)
-        {
-            assertEquals(e.getMessage(), "request contains unknown extension");
-        }
-
-        Set extensions = new HashSet();
-
-        extensions.add(Extension.biometricInfo);
-
-        // should validate with full set
-        request.validate(algorithms, policies, extensions);
-
-        // should validate with null policy
-        request.validate(algorithms, null, extensions);
-
-        TimeStampResponseGenerator tsRespGen = new TimeStampResponseGenerator(tsTokenGen, TSPAlgorithms.ALLOWED);
-
-        TimeStampResponse tsResp = tsRespGen.generate(request, new BigInteger("23"), new Date());
-
-        tsResp = new TimeStampResponse(tsResp.getEncoded());
-
-        TimeStampToken tsToken = tsResp.getTimeStampToken();
-
-        tsToken.validate(new JcaSimpleSignerInfoVerifierBuilder().setProvider(BC).build(cert));
-
-        AttributeTable table = tsToken.getSignedAttributes();
-
-        assertNotNull("no signingCertificate attribute found", table.get(PKCSObjectIdentifiers.id_aa_signingCertificate));
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/test/ParseTest.java b/bcpkix/src/main/java/org/bouncycastle/tsp/test/ParseTest.java
deleted file mode 100644
index 7a77a98..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/test/ParseTest.java
+++ /dev/null

@@ -1,418 +0,0 @@
-package org.bouncycastle.tsp.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.security.Security;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-
-import junit.framework.TestCase;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cmp.PKIFailureInfo;
-import org.bouncycastle.asn1.cmp.PKIStatus;
-import org.bouncycastle.cert.X509CertificateHolder;
-import org.bouncycastle.cms.jcajce.JcaSimpleSignerInfoVerifierBuilder;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.tsp.TSPAlgorithms;
-import org.bouncycastle.tsp.TimeStampRequest;
-import org.bouncycastle.tsp.TimeStampResponse;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Store;
-import org.bouncycastle.util.encoders.Base64;
-
-/**
- * Test Cases
- */
-public class ParseTest
-    extends TestCase
-{
-    private byte[] sha1Request = Base64.decode(
-          "MDACAQEwITAJBgUrDgMCGgUABBT5UbEBmJssO3RxcQtOePxNvfoMpgIIC+Gv"
-        + "YW2mtZQ=");
-
-
-    private byte[] sha1noNonse = Base64.decode(
-        "MCYCAQEwITAJBgUrDgMCGgUABBT5UbEBmJssO3RxcQtOePxNvfoMpg==");
-
-    private byte[] md5Request = Base64.decode(
-          "MDoCAQEwIDAMBggqhkiG9w0CBQUABBDIl9FBCvjyx0+6EbHbUR6eBgkrBgEE"
-        + "AakHBQECCDQluayIxIzn");
-
-    private byte[] ripemd160Request = Base64.decode(
-        "MD8CAQEwITAJBgUrJAMCAQUABBSq03a/mk50Yd9lMF+BSqOp/RHGQQYJKwYB"
-      + "BAGpBwUBAgkA4SZs9NfqISMBAf8=");
-
-    private byte[] sha1Response = Base64.decode(
-          "MIICbDADAgEAMIICYwYJKoZIhvcNAQcCoIICVDCCAlACAQMxCzAJBgUrDgMC"
-        + "GgUAMIHaBgsqhkiG9w0BCRABBKCBygSBxzCBxAIBAQYEKgMEATAhMAkGBSsO"
-        + "AwIaBQAEFPlRsQGYmyw7dHFxC054/E29+gymAgEEGA8yMDA0MTIwOTA3NTIw"
-        + "NVowCgIBAYACAfSBAWQBAf8CCAvhr2FtprWUoGmkZzBlMRgwFgYDVQQDEw9F"
-        + "cmljIEguIEVjaGlkbmExJDAiBgkqhkiG9w0BCQEWFWVyaWNAYm91bmN5Y2Fz"
-        + "dGxlLm9yZzEWMBQGA1UEChMNQm91bmN5IENhc3RsZTELMAkGA1UEBhMCQVUx"
-        + "ggFfMIIBWwIBATAqMCUxFjAUBgNVBAoTDUJvdW5jeSBDYXN0bGUxCzAJBgNV"
-        + "BAYTAkFVAgECMAkGBSsOAwIaBQCggYwwGgYJKoZIhvcNAQkDMQ0GCyqGSIb3"
-        + "DQEJEAEEMBwGCSqGSIb3DQEJBTEPFw0wNDEyMDkwNzUyMDVaMCMGCSqGSIb3"
-        + "DQEJBDEWBBTGR1cbm94tWbcpDWrH+bD8UYePsTArBgsqhkiG9w0BCRACDDEc"
-        + "MBowGDAWBBS37aLzFcheqeJ5cla0gjNWHGKbRzANBgkqhkiG9w0BAQEFAASB"
-        + "gBrc9CJ3xlcTQuWQXJUqPEn6f6vfJAINKsn22z8LIfS/2p/CTFU6+W/bz8j8"
-        + "j+8uWEJe8okTsI0FflljIsspqOPTB/RrnXteajbkuk/rLmz1B2g/qWBGAzPI"
-        + "D214raBc1a7Bpd76PkvSSdjqrEaaskd+7JJiPr9l9yeSoh1AIt0N");
-
-    private byte[] sha1noNonseResponse = Base64.decode(
-          "MIICYjADAgEAMIICWQYJKoZIhvcNAQcCoIICSjCCAkYCAQMxCzAJBgUrDgMC"
-        + "GgUAMIHQBgsqhkiG9w0BCRABBKCBwASBvTCBugIBAQYEKgMEATAhMAkGBSsO"
-        + "AwIaBQAEFPlRsQGYmyw7dHFxC054/E29+gymAgECGA8yMDA0MTIwOTA3MzQx"
-        + "MlowCgIBAYACAfSBAWQBAf+gaaRnMGUxGDAWBgNVBAMTD0VyaWMgSC4gRWNo"
-        + "aWRuYTEkMCIGCSqGSIb3DQEJARYVZXJpY0Bib3VuY3ljYXN0bGUub3JnMRYw"
-        + "FAYDVQQKEw1Cb3VuY3kgQ2FzdGxlMQswCQYDVQQGEwJBVTGCAV8wggFbAgEB"
-        + "MCowJTEWMBQGA1UEChMNQm91bmN5IENhc3RsZTELMAkGA1UEBhMCQVUCAQIw"
-        + "CQYFKw4DAhoFAKCBjDAaBgkqhkiG9w0BCQMxDQYLKoZIhvcNAQkQAQQwHAYJ"
-        + "KoZIhvcNAQkFMQ8XDTA0MTIwOTA3MzQxMlowIwYJKoZIhvcNAQkEMRYEFMNA"
-        + "xlscHYiByHL9DIEh3FewIhgSMCsGCyqGSIb3DQEJEAIMMRwwGjAYMBYEFLft"
-        + "ovMVyF6p4nlyVrSCM1YcYptHMA0GCSqGSIb3DQEBAQUABIGAaj46Tarrg7V7"
-        + "z13bbetrGv+xy159eE8kmIW9nPegru3DuK/GmbMx9W3l0ydx0zdXRwYi6NZc"
-        + "nNqbEZQZ2L1biJVTflgWq4Nxu4gPGjH/BGHKdH/LyW4eDcXZR39AkNBMnDAK"
-        + "EmhhJo1/Tc+S/WkV9lnHJCPIn+TAijBUO6EiTik=");
-    
-    private byte[] md5Response = Base64.decode(
-          "MIICcDADAgEAMIICZwYJKoZIhvcNAQcCoIICWDCCAlQCAQMxCzAJBgUrDgMC"
-        + "GgUAMIHeBgsqhkiG9w0BCRABBKCBzgSByzCByAIBAQYJKwYBBAGpBwUBMCAw"
-        + "DAYIKoZIhvcNAgUFAAQQyJfRQQr48sdPuhGx21EengIBAxgPMjAwNDEyMDkw"
-        + "NzQ2MTZaMAoCAQGAAgH0gQFkAQH/Agg0JbmsiMSM56BppGcwZTEYMBYGA1UE"
-        + "AxMPRXJpYyBILiBFY2hpZG5hMSQwIgYJKoZIhvcNAQkBFhVlcmljQGJvdW5j"
-        + "eWNhc3RsZS5vcmcxFjAUBgNVBAoTDUJvdW5jeSBDYXN0bGUxCzAJBgNVBAYT"
-        + "AkFVMYIBXzCCAVsCAQEwKjAlMRYwFAYDVQQKEw1Cb3VuY3kgQ2FzdGxlMQsw"
-        + "CQYDVQQGEwJBVQIBAjAJBgUrDgMCGgUAoIGMMBoGCSqGSIb3DQEJAzENBgsq"
-        + "hkiG9w0BCRABBDAcBgkqhkiG9w0BCQUxDxcNMDQxMjA5MDc0NjE2WjAjBgkq"
-        + "hkiG9w0BCQQxFgQUFpRpaiRUUjiY7EbefbWLKDIY0XMwKwYLKoZIhvcNAQkQ"
-        + "AgwxHDAaMBgwFgQUt+2i8xXIXqnieXJWtIIzVhxim0cwDQYJKoZIhvcNAQEB"
-        + "BQAEgYBTwKsLLrQm+bvKV7Jwto/cMQh0KsVB5RoEeGn5CI9XyF2Bm+JRcvQL"
-        + "Nm7SgSOBVt4A90TqujxirNeyQnXRiSnFvXd09Wet9WIQNpwpiGlE7lCrAhuq"
-        + "/TAUe79VIpoQZDtyhbh0Vzxl24yRoechabC0zuPpOWOzrA4YC3Hv1J2tAA==");
-
-    private byte[] signingCert = Base64.decode(
-        "MIICWjCCAcOgAwIBAgIBAjANBgkqhkiG9w0BAQQFADAlMRYwFAYDVQQKEw1Cb3Vu"
-      + "Y3kgQ2FzdGxlMQswCQYDVQQGEwJBVTAeFw0wNDEyMDkwNzEzMTRaFw0wNTAzMTkw"
-      + "NzEzMTRaMGUxGDAWBgNVBAMTD0VyaWMgSC4gRWNoaWRuYTEkMCIGCSqGSIb3DQEJ"
-      + "ARYVZXJpY0Bib3VuY3ljYXN0bGUub3JnMRYwFAYDVQQKEw1Cb3VuY3kgQ2FzdGxl"
-      + "MQswCQYDVQQGEwJBVTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqGAFO3dK"
-      + "jB7Ca7u5Z3CabsbGr2Exg+3sztSPiRCIba03es4295EhtDF5bXQvrW2R1Bg72vED"
-      + "5tWaQjVDetvDfCzVC3ErHLTVk3OgpLIP1gf2T0LcOH2pTh2LP9c5Ceta+uggK8zK"
-      + "9sYUUnzGPSAZxrqHIIAlPIgqk0BMV+KApyECAwEAAaNaMFgwHQYDVR0OBBYEFO4F"
-      + "YoqogtB9MjD0NB5x5HN3TrGUMB8GA1UdIwQYMBaAFPXAecuwLqNkCxYVLE/ngFQR"
-      + "7RLIMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMIMA0GCSqGSIb3DQEBBAUAA4GBADGi"
-      + "D5/qmGvcBgswEM/z2dF4lOxbTNKUW31ZHiU8CXlN0IkFtNbBLBTbJOQIAUnNEabL"
-      + "T7aYgj813OZKUbJTx4MuGChhot/TEP7hKo/xz9OnXLsqYDKbqbo8iLOode+SI7II"
-      + "+yYghOtqvx32cL2Qmffi1LaMbhJP+8NbsIxowdRC");
-
-    private byte[] unacceptablePolicy = Base64.decode(
-          "MDAwLgIBAjAkDCJSZXF1ZXN0ZWQgcG9saWN5IGlzIG5vdCBzdXBwb3J0ZWQu"
-        + "AwMAAAE=");
-
-    private byte[] generalizedTime = Base64.decode(
-        "MIIKPTADAgEAMIIKNAYJKoZIhvcNAQcCoIIKJTCCCiECAQMxCzAJBgUrDgMC"
-      + "GgUAMIIBGwYLKoZIhvcNAQkQAQSgggEKBIIBBjCCAQICAQEGCisGAQQBhFkK"
-      + "AwEwITAJBgUrDgMCGgUABBQAAAAAAAAAAAAAAAAAAAAAAAAAAAICUC8YEzIw"
-      + "MDUwMzEwMTA1ODQzLjkzM1owBIACAfQBAf8CAWSggaikgaUwgaIxCzAJBgNV"
-      + "BAYTAkdCMRcwFQYDVQQIEw5DYW1icmlkZ2VzaGlyZTESMBAGA1UEBxMJQ2Ft"
-      + "YnJpZGdlMSQwIgYDVQQKExtuQ2lwaGVyIENvcnBvcmF0aW9uIExpbWl0ZWQx"
-      + "JzAlBgNVBAsTHm5DaXBoZXIgRFNFIEVTTjozMjJBLUI1REQtNzI1QjEXMBUG"
-      + "A1UEAxMOZGVtby1kc2UyMDAtMDGgggaFMIID2TCCA0KgAwIBAgICAIswDQYJ"
-      + "KoZIhvcNAQEFBQAwgYwxCzAJBgNVBAYTAkdCMRcwFQYDVQQIEw5DYW1icmlk"
-      + "Z2VzaGlyZTESMBAGA1UEBxMJQ2FtYnJpZGdlMSQwIgYDVQQKExtuQ2lwaGVy"
-      + "IENvcnBvcmF0aW9uIExpbWl0ZWQxGDAWBgNVBAsTD1Byb2R1Y3Rpb24gVEVT"
-      + "VDEQMA4GA1UEAxMHVEVTVCBDQTAeFw0wNDA2MTQxNDIzNTlaFw0wNTA2MTQx"
-      + "NDIzNTlaMIGiMQswCQYDVQQGEwJHQjEXMBUGA1UECBMOQ2FtYnJpZGdlc2hp"
-      + "cmUxEjAQBgNVBAcTCUNhbWJyaWRnZTEkMCIGA1UEChMbbkNpcGhlciBDb3Jw"
-      + "b3JhdGlvbiBMaW1pdGVkMScwJQYDVQQLEx5uQ2lwaGVyIERTRSBFU046MzIy"
-      + "QS1CNURELTcyNUIxFzAVBgNVBAMTDmRlbW8tZHNlMjAwLTAxMIGfMA0GCSqG"
-      + "SIb3DQEBAQUAA4GNADCBiQKBgQC7zUamCeLIApddx1etW5YEFrL1WXnlCd7j"
-      + "mMFI6RpSq056LBkF1z5LgucLY+e/c3u2Nw+XJuS3a2fKuBD7I1s/6IkVtIb/"
-      + "KLDjjafOnottKhprH8K41siJUeuK3PRzfZ5kF0vwB3rNvWPCBJmp7kHtUQw3"
-      + "RhIsJTYs7Wy8oVFHVwIDAQABo4IBMDCCASwwCQYDVR0TBAIwADAWBgNVHSUB"
-      + "Af8EDDAKBggrBgEFBQcDCDAsBglghkgBhvhCAQ0EHxYdT3BlblNTTCBHZW5l"
-      + "cmF0ZWQgQ2VydGlmaWNhdGUwHQYDVR0OBBYEFDlEe9Pd0WwQrtnEmFRI2Vmt"
-      + "b+lCMIG5BgNVHSMEgbEwga6AFNy1VPweOQLC65bs6/0RcUYB19vJoYGSpIGP"
-      + "MIGMMQswCQYDVQQGEwJHQjEXMBUGA1UECBMOQ2FtYnJpZGdlc2hpcmUxEjAQ"
-      + "BgNVBAcTCUNhbWJyaWRnZTEkMCIGA1UEChMbbkNpcGhlciBDb3Jwb3JhdGlv"
-      + "biBMaW1pdGVkMRgwFgYDVQQLEw9Qcm9kdWN0aW9uIFRFU1QxEDAOBgNVBAMT"
-      + "B1RFU1QgQ0GCAQAwDQYJKoZIhvcNAQEFBQADgYEASEMlrpRE1RYZPxP3530e"
-      + "hOYUDjgQbw0dwpPjQtLWkeJrePMzDBAbuWwpRI8dOzKP3Rnrm5rxJ7oLY2S0"
-      + "A9ZfV+iwFKagEHFytfnPm2Y9AeNR7a3ladKd7NFMw+5Tbk7Asbetbb+NJfCl"
-      + "9YzHwxLGiQbpKxgc+zYOjq74eGLKtcKhggKkMIICDQIBATCB0qGBqKSBpTCB"
-      + "ojELMAkGA1UEBhMCR0IxFzAVBgNVBAgTDkNhbWJyaWRnZXNoaXJlMRIwEAYD"
-      + "VQQHEwlDYW1icmlkZ2UxJDAiBgNVBAoTG25DaXBoZXIgQ29ycG9yYXRpb24g"
-      + "TGltaXRlZDEnMCUGA1UECxMebkNpcGhlciBEU0UgRVNOOjMyMkEtQjVERC03"
-      + "MjVCMRcwFQYDVQQDEw5kZW1vLWRzZTIwMC0wMaIlCgEBMAkGBSsOAwIaBQAD"
-      + "FQDaLe88TQvM+iMKmIXMmDSyPCZ/+KBmMGSkYjBgMQswCQYDVQQGEwJVUzEk"
-      + "MCIGA1UEChMbbkNpcGhlciBDb3Jwb3JhdGlvbiBMaW1pdGVkMRgwFgYDVQQL"
-      + "Ew9Qcm9kdWN0aW9uIFRlc3QxETAPBgNVBAMTCFRlc3QgVE1DMA0GCSqGSIb3"
-      + "DQEBBQUAAgjF2jVbAAAAADAiGA8yMDA1MDMxMDAyNTQxOVoYDzIwMDUwMzEz"
-      + "MDI1NDE5WjCBjTBLBgorBgEEAYRZCgQBMT0wOzAMAgTF2jVbAgQAAAAAMA8C"
-      + "BAAAAAACBAAAaLkCAf8wDAIEAAAAAAIEAAKV/DAMAgTF3inbAgQAAAAAMD4G"
-      + "CisGAQQBhFkKBAIxMDAuMAwGCisGAQQBhFkKAwGgDjAMAgQAAAAAAgQAB6Eg"
-      + "oQ4wDAIEAAAAAAIEAAPQkDANBgkqhkiG9w0BAQUFAAOBgQB1q4d3GNWk7oAT"
-      + "WkpYmZaTFvapMhTwAmAtSGgFmNOZhs21iHWl/X990/HEBsduwxohfrd8Pz64"
-      + "hV/a76rpeJCVUfUNmbRIrsurFx6uKwe2HUHKW8grZWeCD1L8Y1pKQdrD41gu"
-      + "v0msfOXzLWW+xe5BcJguKclN8HmT7s2odtgiMTGCAmUwggJhAgEBMIGTMIGM"
-      + "MQswCQYDVQQGEwJHQjEXMBUGA1UECBMOQ2FtYnJpZGdlc2hpcmUxEjAQBgNV"
-      + "BAcTCUNhbWJyaWRnZTEkMCIGA1UEChMbbkNpcGhlciBDb3Jwb3JhdGlvbiBM"
-      + "aW1pdGVkMRgwFgYDVQQLEw9Qcm9kdWN0aW9uIFRFU1QxEDAOBgNVBAMTB1RF"
-      + "U1QgQ0ECAgCLMAkGBSsOAwIaBQCgggEnMBoGCSqGSIb3DQEJAzENBgsqhkiG"
-      + "9w0BCRABBDAjBgkqhkiG9w0BCQQxFgQUi1iYx5H3ACnvngWZTPfdxGswkSkw"
-      + "geMGCyqGSIb3DQEJEAIMMYHTMIHQMIHNMIGyBBTaLe88TQvM+iMKmIXMmDSy"
-      + "PCZ/+DCBmTCBkqSBjzCBjDELMAkGA1UEBhMCR0IxFzAVBgNVBAgTDkNhbWJy"
-      + "aWRnZXNoaXJlMRIwEAYDVQQHEwlDYW1icmlkZ2UxJDAiBgNVBAoTG25DaXBo"
-      + "ZXIgQ29ycG9yYXRpb24gTGltaXRlZDEYMBYGA1UECxMPUHJvZHVjdGlvbiBU"
-      + "RVNUMRAwDgYDVQQDEwdURVNUIENBAgIAizAWBBSpS/lH6bN/wf3E2z2X29vF"
-      + "2U7YHTANBgkqhkiG9w0BAQUFAASBgGvDVsgsG5I5WKjEDVHvdRwUx+8Cp10l"
-      + "zGF8o1h7aK5O3zQ4jLayYHea54E5+df35gG7Z3eoOy8E350J7BvHiwDLTqe8"
-      + "SoRlGs9VhL6LMmCcERfGSlSn61Aa15iXZ8eHMSc5JTeJl+kqy4I3FPP4m2ai"
-      + "8wy2fQhn7hUM8Ntg7Y2s");
-
-    private byte[] v2SigningCertResponse = Base64.decode(
-        "MIIPPTADAgEAMIIPNAYJKoZIhvcNAQcCoIIPJTCCDyECAQMxDzANBglghkgBZQMEAgEFADCB6QYL"
-      + "KoZIhvcNAQkQAQSggdkEgdYwgdMCAQEGBgQAj2cBATAxMA0GCWCGSAFlAwQCAQUABCBcU0GN08TA"
-      + "LUFi7AAwQwVkSXqGu9tAzvJ7EXW7SMXHHQIRAM7Fa7g6tMvZI3dgllwMfpcYDzIwMDcxMjExMTAy"
-      + "MTU5WjADAgEBAgYBFsi5OlmgYqRgMF4xCzAJBgNVBAYTAkRFMSQwIgYDVQQKDBtEZXV0c2NoZSBS"
-      + "ZW50ZW52ZXJzaWNoZXJ1bmcxEzARBgNVBAsMClFDIFJvb3QgQ0ExFDASBgNVBAMMC1FDIFJvb3Qg"
-      + "VFNQoIILQjCCBwkwggXxoAMCAQICAwN1pjANBgkqhkiG9w0BAQsFADBIMQswCQYDVQQGEwJERTEk"
-      + "MCIGA1UECgwbRGV1dHNjaGUgUmVudGVudmVyc2ljaGVydW5nMRMwEQYDVQQLDApRQyBSb290IENB"
-      + "MB4XDTA3MTEyMDE2MDcyMFoXDTEyMDcyNzIwMjExMVowXjELMAkGA1UEBhMCREUxJDAiBgNVBAoM"
-      + "G0RldXRzY2hlIFJlbnRlbnZlcnNpY2hlcnVuZzETMBEGA1UECwwKUUMgUm9vdCBDQTEUMBIGA1UE"
-      + "AwwLUUMgUm9vdCBUU1AwggEkMA0GCSqGSIb3DQEBAQUAA4IBEQAwggEMAoIBAQCv1vO+EtGnJNs0"
-      + "atv76BAJXs4bmO8yzVwe3RUtgeu5z9iefh8P46i1g3EL2CD15NcTfoHksr5KudNY30olfjHG7lIu"
-      + "MO3R5sAcrGDPP7riZJnaI6VD/e6kVR569VBid5z105fJAB7mID7+Bn7pdRwDW3Fy2CzfofXGuvrO"
-      + "GPNEWq8x8kqqf75DB5nAs5QP8H41obkdkap2ttHkkPZCiMghTs8iHfpJ0STn47MKq+QrUmuATMZi"
-      + "XrdEfb7f3TBMjO0UVJF64Mh+kC9GtUEHlcm0Tq2Pk5XIUxWEyL94rZ4UWcVdSVE7IjggV2MifMNx"
-      + "geZO3SwsDZk71AhDBy30CSzBAgUAx3HB5aOCA+IwggPeMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMI"
-      + "MBMGA1UdIwQMMAqACECefuBmflfeMBgGCCsGAQUFBwEDBAwwCjAIBgYEAI5GAQEwUAYIKwYBBQUH"
-      + "AQEERDBCMEAGCCsGAQUFBzABhjRodHRwOi8vb2NzcC1yb290cWMudGMuZGV1dHNjaGUtcmVudGVu"
-      + "dmVyc2ljaGVydW5nLmRlMHcGA1UdIARwMG4wbAYNKwYBBAGBrTwBCAEBAzBbMFkGCCsGAQUFBwIB"
-      + "Fk1odHRwOi8vd3d3LmRldXRzY2hlLXJlbnRlbnZlcnNpY2hlcnVuZy1idW5kLmRlL3N0YXRpYy90"
-      + "cnVzdGNlbnRlci9wb2xpY3kuaHRtbDCCATwGA1UdHwSCATMwggEvMHygeqB4hnZsZGFwOi8vZGly"
-      + "LnRjLmRldXRzY2hlLXJlbnRlbnZlcnNpY2hlcnVuZy5kZS9vdT1RQyUyMFJvb3QlMjBDQSxjbj1Q"
-      + "dWJsaWMsbz1EUlYsYz1ERT9hdHRybmFtZT1jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0MIGuoIGr"
-      + "oIGohoGlaHR0cDovL2Rpci50Yy5kZXV0c2NoZS1yZW50ZW52ZXJzaWNoZXJ1bmcuZGU6ODA4OS9z"
-      + "ZXJ2bGV0L0Rpclh3ZWIvQ2EveC5jcmw/ZG49b3UlM0RRQyUyMFJvb3QlMjBDQSUyQ2NuJTNEUHVi"
-      + "bGljJTJDbyUzRERSViUyQ2MlM0RERSZhdHRybmFtZT1jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0"
-      + "MIIBLQYDVR0SBIIBJDCCASCGdGxkYXA6Ly9kaXIudGMuZGV1dHNjaGUtcmVudGVudmVyc2ljaGVy"
-      + "dW5nLmRlL2NuPTE0NTUxOCxvdT1RQyUyMFJvb3QlMjBDQSxjbj1QdWJsaWMsbz1EUlYsYz1ERT9h"
-      + "dHRybmFtZT1jQUNlcnRpZmljYXRlhoGnaHR0cDovL2Rpci50Yy5kZXV0c2NoZS1yZW50ZW52ZXJz"
-      + "aWNoZXJ1bmcuZGU6ODA4OS9zZXJ2bGV0L0Rpclh3ZWIvQ2EveC5jZXI/ZG49Y24lM0QxNDU1MTgl"
-      + "MkNvdSUzRFFDJTIwUm9vdCUyMENBJTJDY24lM0RQdWJsaWMlMkNvJTNERFJWJTJDYyUzRERFJmF0"
-      + "dHJuYW1lPWNBQ2VydGlmaWNhdGUwDgYDVR0PAQH/BAQDAgZAMDsGA1UdCQQ0MDIwMAYDVQQDMSkT"
-      + "J1FDIFRTUCBEZXV0c2NoZSBSZW50ZW52ZXJzaWNoZXJ1bmcgMTpQTjAMBgNVHRMBAf8EAjAAMA0G"
-      + "CSqGSIb3DQEBCwUAA4IBAQCCrWe3Pd3ioX7d8phXvVAa859Rvgf0k3pZ6R4GMj8h/k6MNjNIrdAs"
-      + "wgUVkBbXMLLBk0smsvTdFIVtTBdp1urb9l7vXjDA4MckXBOXPcz4fN8Oswk92d+fM9XU1jKVPsFG"
-      + "PV6j8lAqfq5jwaRxOnS96UBGLKG+NdcrEyiMp/ZkpqnEQZZfu2mkeq6CPahnbBTZqsE0jgY351gU"
-      + "9T6SFVvLIFH7cOxJqsoxPqv5YEcgiXPpOyyu2rpQqKYBYcnerF6/zx5hmWHxTd7MWaTHm0gJI/Im"
-      + "d8esbW+xyaJuAVUcBA+sDmSe8AAoRVxwBRY+xi9ApaJHpmwT+0n2K2GsL3wIMIIEMTCCAxmgAwIB"
-      + "AgIDAjhuMA0GCSqGSIb3DQEBCwUAMEgxCzAJBgNVBAYTAkRFMSQwIgYDVQQKDBtEZXV0c2NoZSBS"
-      + "ZW50ZW52ZXJzaWNoZXJ1bmcxEzARBgNVBAsMClFDIFJvb3QgQ0EwHhcNMDcwNzI3MjAyMTExWhcN"
-      + "MTIwNzI3MjAyMTExWjBIMQswCQYDVQQGEwJERTEkMCIGA1UECgwbRGV1dHNjaGUgUmVudGVudmVy"
-      + "c2ljaGVydW5nMRMwEQYDVQQLDApRQyBSb290IENBMIIBJDANBgkqhkiG9w0BAQEFAAOCAREAMIIB"
-      + "DAKCAQEAzuhBdo9c84DdzsggjWOgfC4jJ2jYqpsOpBo3DVyem+5R26QK4feZdyFnaGvyG+TLcdLO"
-      + "iCecGmrRGD+ey4IhjCONb7hsQQhJWTyDEtBblzYB0yjY8+9fnNeR61W+M/KlMgC6Rw/w+zwzklTM"
-      + "MWwIbxLHm8l9jTSKFjAWTwjE8bCzpUCwN8+4JbFTwjwOJ5lsVA5Xa34wpgr6lgL3WrVTV1NSprqR"
-      + "ZYDWg477tht0KkyOJt3guF3RONKBBuTO2qCbpUeI8m4v3tznoopYbV5Gp5wu5gqd6lTfgju3ldql"
-      + "bxtuCLZd0nAI5rLEOPItDKl4vPXllmmtGIrtDZlwr86cbwIFAJvMJpGjggEgMIIBHDAPBgNVHRMB"
-      + "Af8EBTADAQH/MBEGA1UdDgQKBAhAnn7gZn5X3jB3BgNVHSAEcDBuMGwGDSsGAQQBga08AQgBAQEw"
-      + "WzBZBggrBgEFBQcCARZNaHR0cDovL3d3dy5kZXV0c2NoZS1yZW50ZW52ZXJzaWNoZXJ1bmctYnVu"
-      + "ZC5kZS9zdGF0aWMvdHJ1c3RjZW50ZXIvcG9saWN5Lmh0bWwwUwYDVR0JBEwwSjBIBgNVBAMxQRM/"
-      + "UUMgV3VyemVsemVydGlmaXppZXJ1bmdzc3RlbGxlIERldXRzY2hlIFJlbnRlbnZlcnNpY2hlcnVu"
-      + "ZyAxOlBOMBgGCCsGAQUFBwEDBAwwCjAIBgYEAI5GAQEwDgYDVR0PAQH/BAQDAgIEMA0GCSqGSIb3"
-      + "DQEBCwUAA4IBAQBNGs7Dnc1yzzpZrkuC+oLv+NhbORTEYNgpaOetB1JQ1EbUBoPuNN4ih0ngy/uJ"
-      + "D2O+h4JsNkmELgaehLWyFwATqCYZY4cTAGVoEwgn93x3aW8JbMDQf+YEJDSDsXcm4oIDFPqv5M6o"
-      + "HZUWfsPka3mxKivfKtWhooTz1/+BEGReVQ2oOAvlwXlkEab9e3GOqXQUcLPYDTl8BQxiYhtQtf3d"
-      + "kORiUkuGiGX1YJ5JnZnG3ElMjPgOl8rOiYU7oj9uv1HVb5sdAwuVw0BR/eiMVDBT8DNyfoJmPeQQ"
-      + "A9pXtoAYO0Ya7wNNmCY2Y63YfBlRCF+9VQv2RZ4TdO1KGWwxR98OMYIC1zCCAtMCAQEwTzBIMQsw"
-      + "CQYDVQQGEwJERTEkMCIGA1UECgwbRGV1dHNjaGUgUmVudGVudmVyc2ljaGVydW5nMRMwEQYDVQQL"
-      + "DApRQyBSb290IENBAgMDdaYwDQYJYIZIAWUDBAIBBQCgggFZMBoGCSqGSIb3DQEJAzENBgsqhkiG"
-      + "9w0BCRABBDAvBgkqhkiG9w0BCQQxIgQgO7FFODWWwF5RUjo6wjIkgkD5u7dH+NICiCpSgRRqd/Aw"
-      + "ggEIBgsqhkiG9w0BCRACLzGB+DCB9TCB8jB3BCAMMZqK/5pZxOb3ruCbcgxStaTDwDHaf2glEo6P"
-      + "+89t8TBTMEykSjBIMQswCQYDVQQGEwJERTEkMCIGA1UECgwbRGV1dHNjaGUgUmVudGVudmVyc2lj"
-      + "aGVydW5nMRMwEQYDVQQLDApRQyBSb290IENBAgMDdaYwdwQgl7vwI+P47kpxhWLoIdEco7UfGwZ2"
-      + "X4el3jaZ67q5/9IwUzBMpEowSDELMAkGA1UEBhMCREUxJDAiBgNVBAoMG0RldXRzY2hlIFJlbnRl"
-      + "bnZlcnNpY2hlcnVuZzETMBEGA1UECwwKUUMgUm9vdCBDQQIDAjhuMA0GCSqGSIb3DQEBCwUABIIB"
-      + "AIOYgpDI0BaeG4RF/EB5QzkUqAZ9nX6w895+m2hHyRKrAKdj3913j5QI+aEVIG3DVbFaAfdKeKfn"
-      + "xsTW48aWs6aARtPAc+1OXwoGUSYElOFqqVpSeTaXe+kjY5bsLSQeETB+EPvXl8EcKTaxTRCNOqJU"
-      + "XbnyYRgWTI55A2jH6IsQQVHc5DaIcmbdI8iATaRTHY5eUeVuI+Q/3RMVBFAb5qRhM61Ddcrjq058"
-      + "C0uiH9G2IB5QRyu6RsCUgrkeMTMBqlIBlnDBy+EgLouDU4Dehxy5uzEl5DBKZEewZpQZOTO/kAgL"
-      + "WruAAg/Lj4r0f9vN12wRlHoS2UKDjrE1DnUBbrM=");
-
-    /* (non-Javadoc)
-     * @see org.bouncycastle.util.test.Test#getName()
-     */
-    public String getName()
-    {
-        return "ParseTest";
-    }
-
-    private void requestParse(
-        byte[]  request,
-        ASN1ObjectIdentifier algorithm)
-        throws IOException
-    {
-        TimeStampRequest    req = new TimeStampRequest(request);
-        
-        if (!req.getMessageImprintAlgOID().equals(algorithm))
-        {
-            fail("failed to get expected algorithm - got " 
-                    + req.getMessageImprintAlgOID() + " not " + algorithm);
-        }
-        
-        if (request != sha1Request && request != sha1noNonse)
-        {
-            if (!req.getReqPolicy().equals(TSPTestUtil.EuroPKI_TSA_Test_Policy))
-            {
-                fail("" + algorithm + " failed policy check.");
-            }
-            
-            if (request == ripemd160Request)
-            {
-                if (!req.getCertReq())
-                {
-                    fail("" + algorithm + " failed certReq check.");
-                }
-            }
-        }
-        
-        assertEquals("version not 1", 1, req.getVersion());
-        
-        assertEquals("critical extensions found when none expected", 0, req.getCriticalExtensionOIDs().size());
-        
-        assertEquals("non-critical extensions found when none expected", 0, req.getNonCriticalExtensionOIDs().size());
-        
-        if (request != sha1noNonse)
-        {
-            if (req.getNonce() == null)
-            {
-                fail("" + algorithm + " nonse not found when one expected.");
-            }
-        }
-        else
-        {
-            if (req.getNonce() != null)
-            {
-                fail("" + algorithm + " nonse not found when one not expected.");
-            } 
-        }
-        
-        try
-        {
-            req.validate(TSPAlgorithms.ALLOWED, null, null);
-        }
-        catch (Exception e)
-        {
-            fail("validation exception.");
-        }
-        
-        if (!Arrays.areEqual(req.getEncoded(), request))
-        {
-            fail("" + algorithm + " failed encode check."); 
-        }
-    }
-    
-    private void responseParse(
-        byte[]  request,
-        byte[]  response,
-        ASN1ObjectIdentifier algorithm)
-        throws Exception
-    {
-        TimeStampRequest  req = new TimeStampRequest(request);
-        TimeStampResponse resp = new TimeStampResponse(response);
-
-        CertificateFactory  fact = CertificateFactory.getInstance("X.509", "BC");
-                
-        X509Certificate cert = (X509Certificate)fact.generateCertificate(new ByteArrayInputStream(signingCert));
-
-        resp.validate(req);
-
-        resp.getTimeStampToken().validate(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert));
-    }
-    
-    private void unacceptableResponseParse(
-        byte[]  response) 
-        throws Exception
-    {
-        TimeStampResponse resp = new TimeStampResponse(response);
-
-        if (resp.getStatus() != PKIStatus.REJECTION)
-        {
-            fail("request not rejected.");
-        }
-        
-        if (resp.getFailInfo().intValue() != PKIFailureInfo.unacceptedPolicy)
-        {
-            fail("request not rejected.");
-        }
-    }
-    
-    private void generalizedTimeParse(
-        byte[]  response) 
-        throws Exception
-    {
-        TimeStampResponse resp = new TimeStampResponse(response);
-
-        if (resp.getStatus() != PKIStatus.GRANTED)
-        {
-            fail("request not rejected.");
-        }
-    }
-
-    public void setUp()
-    {
-        Security.addProvider(new BouncyCastleProvider());
-    }
-    
-    public void testParsing()
-        throws Exception
-    { 
-        requestParse(sha1Request, TSPAlgorithms.SHA1);
-
-        requestParse(sha1noNonse, TSPAlgorithms.SHA1);
-
-        requestParse(md5Request, TSPAlgorithms.MD5);
-
-        requestParse(ripemd160Request, TSPAlgorithms.RIPEMD160);
-
-        responseParse(sha1Request, sha1Response, TSPAlgorithms.SHA1);
-
-        responseParse(sha1noNonse, sha1noNonseResponse, TSPAlgorithms.SHA1);
-
-        responseParse(md5Request, md5Response, TSPAlgorithms.MD5);
-
-        unacceptableResponseParse(unacceptablePolicy);
-
-        // TODO: believe it or not but this contains invalid integers
-        //generalizedTimeParse(generalizedTime);
-
-        v2SigningResponseParse(v2SigningCertResponse);
-    }
-
-    private void v2SigningResponseParse(
-        byte[] encoded)
-        throws Exception
-    {
-        TimeStampResponse response = new TimeStampResponse(encoded);
-
-        Store store = response.getTimeStampToken().getCertificates();
-        X509CertificateHolder cert = (X509CertificateHolder)store.getMatches(response.getTimeStampToken().getSID()).iterator().next();
-
-        response.getTimeStampToken().validate(new JcaSimpleSignerInfoVerifierBuilder().setProvider("BC").build(cert));
-    }
-
-    public void parse(
-        byte[]  encoded,
-        boolean tokenPresent)
-        throws Exception
-    {
-        TimeStampResponse   response = new TimeStampResponse(encoded);
-
-        if (tokenPresent && response.getTimeStampToken() == null)
-        {
-            fail("token not found when expected.");
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/test/SHA1DigestCalculator.java b/bcpkix/src/main/java/org/bouncycastle/tsp/test/SHA1DigestCalculator.java
deleted file mode 100644
index 8bbd4ad..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/test/SHA1DigestCalculator.java
+++ /dev/null

@@ -1,44 +0,0 @@
-package org.bouncycastle.tsp.test;
-
-import java.io.ByteArrayOutputStream;
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.operator.DigestCalculator;
-
-
-class SHA1DigestCalculator
-    implements DigestCalculator
-{
-    private ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-    public AlgorithmIdentifier getAlgorithmIdentifier()
-    {
-        return new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1);
-    }
-
-    public OutputStream getOutputStream()
-    {
-        return bOut;
-    }
-
-    public byte[] getDigest()
-    {
-        byte[] bytes = bOut.toByteArray();
-
-        bOut.reset();
-
-        Digest sha1 = new SHA1Digest();
-
-        sha1.update(bytes, 0, bytes.length);
-
-        byte[] digest = new byte[sha1.getDigestSize()];
-
-        sha1.doFinal(digest, 0);
-
-        return digest;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/test/SHA256DigestCalculator.java b/bcpkix/src/main/java/org/bouncycastle/tsp/test/SHA256DigestCalculator.java
deleted file mode 100644
index 89b0a1f..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/test/SHA256DigestCalculator.java
+++ /dev/null

@@ -1,44 +0,0 @@
-package org.bouncycastle.tsp.test;
-
-import java.io.ByteArrayOutputStream;
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.operator.DigestCalculator;
-
-
-class SHA256DigestCalculator
-    implements DigestCalculator
-{
-    private ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-    public AlgorithmIdentifier getAlgorithmIdentifier()
-    {
-        return new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256);
-    }
-
-    public OutputStream getOutputStream()
-    {
-        return bOut;
-    }
-
-    public byte[] getDigest()
-    {
-        byte[] bytes = bOut.toByteArray();
-
-        bOut.reset();
-
-        Digest sha256 = new SHA256Digest();
-
-        sha256.update(bytes, 0, bytes.length);
-
-        byte[] digest = new byte[sha256.getDigestSize()];
-
-        sha256.doFinal(digest, 0);
-
-        return digest;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/test/TSPTestUtil.java b/bcpkix/src/main/java/org/bouncycastle/tsp/test/TSPTestUtil.java
deleted file mode 100644
index e9d9426..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/test/TSPTestUtil.java
+++ /dev/null

@@ -1,229 +0,0 @@
-package org.bouncycastle.tsp.test;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.security.GeneralSecurityException;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.cert.X509Certificate;
-import java.util.Date;
-
-import javax.crypto.KeyGenerator;
-import javax.crypto.SecretKey;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
-import org.bouncycastle.asn1.x509.BasicConstraints;
-import org.bouncycastle.asn1.x509.ExtendedKeyUsage;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.KeyPurposeId;
-import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
-import org.bouncycastle.asn1.x509.X509Name;
-import org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.x509.X509V3CertificateGenerator;
-
-public class TSPTestUtil
-{
-
-    public static SecureRandom rand = new SecureRandom();
-
-    public static KeyPairGenerator kpg;
-
-    public static KeyGenerator desede128kg;
-
-    public static KeyGenerator desede192kg;
-
-    public static KeyGenerator rc240kg;
-
-    public static KeyGenerator rc264kg;
-
-    public static KeyGenerator rc2128kg;
-
-    public static BigInteger serialNumber = BigInteger.ONE;
-
-    public static final boolean DEBUG = true;
-
-    public static ASN1ObjectIdentifier EuroPKI_TSA_Test_Policy = new ASN1ObjectIdentifier(
-            "1.3.6.1.4.1.5255.5.1");
-
-    public static JcaX509ExtensionUtils extUtils;
-
-    static
-    {
-        try
-        {
-            rand = new SecureRandom();
-
-            kpg = KeyPairGenerator.getInstance("RSA", "BC");
-            kpg.initialize(1024, rand);
-
-            desede128kg = KeyGenerator.getInstance("DESEDE", "BC");
-            desede128kg.init(112, rand);
-
-            desede192kg = KeyGenerator.getInstance("DESEDE", "BC");
-            desede192kg.init(168, rand);
-
-            rc240kg = KeyGenerator.getInstance("RC2", "BC");
-            rc240kg.init(40, rand);
-
-            rc264kg = KeyGenerator.getInstance("RC2", "BC");
-            rc264kg.init(64, rand);
-
-            rc2128kg = KeyGenerator.getInstance("RC2", "BC");
-            rc2128kg.init(128, rand);
-
-            serialNumber = new BigInteger("1");
-
-            extUtils = new JcaX509ExtensionUtils();
-
-        }
-        catch (Exception ex)
-        {
-            throw new RuntimeException(ex.toString());
-        }
-    }
-
-    public static String dumpBase64(byte[] data)
-    {
-        StringBuffer buf = new StringBuffer();
-
-        data = Base64.encode(data);
-
-        for (int i = 0; i < data.length; i += 64)
-        {
-            if (i + 64 < data.length)
-            {
-                buf.append(new String(data, i, 64));
-            }
-            else
-            {
-                buf.append(new String(data, i, data.length - i));
-            }
-            buf.append('\n');
-        }
-
-        return buf.toString();
-    }
-
-    public static KeyPair makeKeyPair()
-    {
-        return kpg.generateKeyPair();
-    }
-
-    public static SecretKey makeDesede128Key()
-    {
-        return desede128kg.generateKey();
-    }
-
-    public static SecretKey makeDesede192Key()
-    {
-        return desede192kg.generateKey();
-    }
-
-    public static SecretKey makeRC240Key()
-    {
-        return rc240kg.generateKey();
-    }
-
-    public static SecretKey makeRC264Key()
-    {
-        return rc264kg.generateKey();
-    }
-
-    public static SecretKey makeRC2128Key()
-    {
-        return rc2128kg.generateKey();
-    }
-
-    public static X509Certificate makeCertificate(KeyPair _subKP,
-            String _subDN, KeyPair _issKP, String _issDN)
-            throws GeneralSecurityException, IOException
-    {
-
-        return makeCertificate(_subKP, _subDN, _issKP, _issDN, false);
-    }
-
-    public static X509Certificate makeCACertificate(KeyPair _subKP,
-            String _subDN, KeyPair _issKP, String _issDN)
-            throws GeneralSecurityException, IOException
-    {
-
-        return makeCertificate(_subKP, _subDN, _issKP, _issDN, true);
-    }
-
-    public static X509Certificate makeCertificate(KeyPair _subKP,
-            String _subDN, KeyPair _issKP, String _issDN, boolean _ca)
-            throws GeneralSecurityException, IOException
-    {
-
-        PublicKey _subPub = _subKP.getPublic();
-        PrivateKey _issPriv = _issKP.getPrivate();
-        PublicKey _issPub = _issKP.getPublic();
-
-        X509V3CertificateGenerator _v3CertGen = new X509V3CertificateGenerator();
-
-        _v3CertGen.reset();
-        _v3CertGen.setSerialNumber(allocateSerialNumber());
-        _v3CertGen.setIssuerDN(new X509Name(_issDN));
-        _v3CertGen.setNotBefore(new Date(System.currentTimeMillis()));
-        _v3CertGen.setNotAfter(new Date(System.currentTimeMillis()
-                + (1000L * 60 * 60 * 24 * 100)));
-        _v3CertGen.setSubjectDN(new X509Name(_subDN));
-        _v3CertGen.setPublicKey(_subPub);
-        _v3CertGen.setSignatureAlgorithm("MD5WithRSAEncryption");
-
-        _v3CertGen.addExtension(Extension.subjectKeyIdentifier, false,
-                createSubjectKeyId(_subPub));
-
-        _v3CertGen.addExtension(Extension.authorityKeyIdentifier, false,
-                createAuthorityKeyId(_issPub));
-
-        if (_ca)
-        {
-            _v3CertGen.addExtension(Extension.basicConstraints, false,
-                    new BasicConstraints(_ca));
-        }
-        else
-        {
-            _v3CertGen.addExtension(Extension.extendedKeyUsage, true,
-                    new ExtendedKeyUsage(KeyPurposeId.id_kp_timeStamping));
-        }
-
-        X509Certificate _cert = _v3CertGen.generate(_issPriv);
-
-        _cert.checkValidity(new Date());
-        _cert.verify(_issPub);
-
-        return _cert;
-    }
-
-    /*  
-     *  
-     *  INTERNAL METHODS
-     *  
-     */
-
-
-    private static AuthorityKeyIdentifier createAuthorityKeyId(PublicKey _pubKey)
-            throws IOException
-    {
-        return extUtils.createAuthorityKeyIdentifier(_pubKey);
-    }
-
-    private static SubjectKeyIdentifier createSubjectKeyId(PublicKey _pubKey)
-            throws IOException
-    {
-        return extUtils.createSubjectKeyIdentifier(_pubKey);
-    }
-
-    private static BigInteger allocateSerialNumber()
-    {
-        BigInteger _tmp = serialNumber;
-        serialNumber = serialNumber.add(BigInteger.ONE);
-        return _tmp;
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/tsp/test/TimeStampTokenInfoUnitTest.java b/bcpkix/src/main/java/org/bouncycastle/tsp/test/TimeStampTokenInfoUnitTest.java
deleted file mode 100644
index 6110283..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/tsp/test/TimeStampTokenInfoUnitTest.java
+++ /dev/null

@@ -1,161 +0,0 @@
-package org.bouncycastle.tsp.test;
-
-import java.lang.reflect.Constructor;
-import java.lang.reflect.InvocationTargetException;
-import java.math.BigInteger;
-
-import junit.framework.Assert;
-import junit.framework.TestCase;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.tsp.TSTInfo;
-import org.bouncycastle.tsp.GenTimeAccuracy;
-import org.bouncycastle.tsp.TSPAlgorithms;
-import org.bouncycastle.tsp.TSPException;
-import org.bouncycastle.tsp.TimeStampTokenInfo;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-
-public class TimeStampTokenInfoUnitTest
-    extends TestCase
-{
-    private static final byte[] tstInfo1 = Hex.decode(
-        "303e02010106022a033021300906052b0e03021a050004140000000000000000000000000000000000000000"
-            + "020118180f32303035313130313038313732315a");
-
-    private static final byte[] tstInfo2 = Hex.decode(
-        "304c02010106022a033021300906052b0e03021a05000414ffffffffffffffffffffffffffffffffffffffff"
-            + "020117180f32303035313130313038323934355a3009020103800101810102020164");
-
-    private static final byte[] tstInfo3 = Hex.decode(
-        "304f02010106022a033021300906052b0e03021a050004140000000000000000000000000000000000000000"
-            + "020117180f32303035313130313038343733355a30090201038001018101020101ff020164");
-
-    private static final byte[] tstInfoDudDate = Hex.decode(
-        "303e02010106022a033021300906052b0e03021a050004140000000000000000000000000000000000000000"
-            + "020118180f32303056313130313038313732315a");
-
-    public void testTstInfo1()
-        throws Exception
-    {
-        TimeStampTokenInfo tstInfo = getTimeStampTokenInfo(tstInfo1);
-
-        //
-        // verify
-        //
-        GenTimeAccuracy accuracy = tstInfo.getGenTimeAccuracy();
-
-        assertNull(accuracy);
-
-        assertEquals(new BigInteger("24"), tstInfo.getSerialNumber());
-
-        assertEquals(1130833041000L, tstInfo.getGenTime().getTime());
-
-        assertEquals("1.2.3", tstInfo.getPolicy().getId());
-
-        assertEquals(false, tstInfo.isOrdered());
-
-        assertNull(tstInfo.getNonce());
-
-        Assert.assertEquals(TSPAlgorithms.SHA1, tstInfo.getMessageImprintAlgOID());
-
-        assertTrue(Arrays.areEqual(new byte[20], tstInfo.getMessageImprintDigest()));
-
-        assertTrue(Arrays.areEqual(tstInfo1, tstInfo.getEncoded()));
-    }
-
-    public void testTstInfo2()
-        throws Exception
-    {
-        TimeStampTokenInfo tstInfo = getTimeStampTokenInfo(tstInfo2);
-
-        //
-        // verify
-        //
-        GenTimeAccuracy accuracy = tstInfo.getGenTimeAccuracy();
-
-        assertEquals(3, accuracy.getSeconds());
-        assertEquals(1, accuracy.getMillis());
-        assertEquals(2, accuracy.getMicros());
-
-        assertEquals(new BigInteger("23"), tstInfo.getSerialNumber());
-
-        assertEquals(1130833785000L, tstInfo.getGenTime().getTime());
-
-        assertEquals("1.2.3", tstInfo.getPolicy().getId());
-
-        assertEquals(false, tstInfo.isOrdered());
-
-        assertEquals(tstInfo.getNonce(), BigInteger.valueOf(100));
-
-        assertTrue(Arrays.areEqual(Hex.decode("ffffffffffffffffffffffffffffffffffffffff"), tstInfo.getMessageImprintDigest()));
-
-        assertTrue(Arrays.areEqual(tstInfo2, tstInfo.getEncoded()));
-    }
-
-    public void testTstInfo3()
-        throws Exception
-    {
-        TimeStampTokenInfo tstInfo = getTimeStampTokenInfo(tstInfo3);
-
-        //
-        // verify
-        //
-        GenTimeAccuracy accuracy = tstInfo.getGenTimeAccuracy();
-
-        assertEquals(3, accuracy.getSeconds());
-        assertEquals(1, accuracy.getMillis());
-        assertEquals(2, accuracy.getMicros());
-
-        assertEquals(new BigInteger("23"), tstInfo.getSerialNumber());
-
-        assertEquals(1130834855000L, tstInfo.getGenTime().getTime());
-
-        assertEquals("1.2.3", tstInfo.getPolicy().getId());
-
-        assertEquals(true, tstInfo.isOrdered());
-
-        assertEquals(tstInfo.getNonce(), BigInteger.valueOf(100));
-
-        assertEquals(TSPAlgorithms.SHA1, tstInfo.getMessageImprintAlgOID());
-
-        assertTrue(Arrays.areEqual(new byte[20], tstInfo.getMessageImprintDigest()));
-
-        assertTrue(Arrays.areEqual(tstInfo3, tstInfo.getEncoded()));
-    }
-
-    public void testTstInfoDudDate()
-        throws Exception
-    {
-        try
-        {
-            getTimeStampTokenInfo(tstInfoDudDate);
-
-            fail("dud date not detected.");
-        }
-        catch (TSPException e)
-        {
-            // expected
-        }
-    }
-
-    private TimeStampTokenInfo getTimeStampTokenInfo(
-        byte[] tstInfo)
-        throws Exception
-    {
-        ASN1InputStream aIn = new ASN1InputStream(tstInfo);
-        TSTInfo info = TSTInfo.getInstance(aIn.readObject());
-
-        final Constructor constructor = TimeStampTokenInfo.class.getDeclaredConstructor(TSTInfo.class);
-
-        constructor.setAccessible(true);
-
-        try
-        {
-            return (TimeStampTokenInfo)constructor.newInstance(new Object[]{info});
-        }
-        catch (InvocationTargetException e)
-        {
-            throw (Exception)e.getTargetException();
-        }
-    }
-}

diff --git a/bcpkix/src/main/java/org/bouncycastle/voms/VOMSAttribute.java b/bcpkix/src/main/java/org/bouncycastle/voms/VOMSAttribute.java
deleted file mode 100644
index 390f826..0000000
--- a/bcpkix/src/main/java/org/bouncycastle/voms/VOMSAttribute.java
+++ /dev/null

@@ -1,242 +0,0 @@
-package org.bouncycastle.voms;
-
-import java.util.List;
-import java.util.ArrayList;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.DERIA5String;
-import org.bouncycastle.asn1.x509.Attribute;
-import org.bouncycastle.asn1.x509.IetfAttrSyntax;
-import org.bouncycastle.cert.X509AttributeCertificateHolder;
-
-/**
- * Representation of the authorization information (VO, server address
- * and list of Fully Qualified Attribute Names, or FQANs) contained in
- * a VOMS attribute certificate.
- */
-public class VOMSAttribute
-{
-
-    /**
-     * The ASN.1 object identifier for VOMS attributes
-     */
-    public static final String VOMS_ATTR_OID = "1.3.6.1.4.1.8005.100.100.4";
-    private X509AttributeCertificateHolder myAC;
-    private String myHostPort;
-    private String myVo;
-    private List myStringList = new ArrayList();
-    private List myFQANs = new ArrayList();
-
-    /**
-     * Parses the contents of an attribute certificate.<br>
-     * <b>NOTE:</b> Cryptographic signatures, time stamps etc. will <b>not</b> be checked.
-     *
-     * @param ac the attribute certificate to parse for VOMS attributes
-     */
-    public VOMSAttribute(X509AttributeCertificateHolder ac)
-    {
-        if (ac == null) 
-        {
-            throw new IllegalArgumentException("VOMSAttribute: AttributeCertificate is NULL");
-        }
-
-        myAC = ac;
-
-        Attribute[] l = ac.getAttributes(new ASN1ObjectIdentifier(VOMS_ATTR_OID));
-
-        if (l == null) 
-        {
-            return;
-        }
-
-        try 
-        {
-            for (int i = 0; i != l.length; i++) 
-            {
-                IetfAttrSyntax attr = IetfAttrSyntax.getInstance(l[i].getAttributeValues()[0]);
-
-                // policyAuthority is on the format <vo>/<host>:<port>
-                String url = ((DERIA5String)attr.getPolicyAuthority().getNames()[0].getName()).getString();
-                int idx = url.indexOf("://");
-
-                if ((idx < 0) || (idx == (url.length() - 1)))
-                {
-                    throw new IllegalArgumentException("Bad encoding of VOMS policyAuthority : [" + url + "]");
-                }
-
-                myVo = url.substring(0, idx);
-                myHostPort = url.substring(idx + 3);
-
-                if (attr.getValueType() != IetfAttrSyntax.VALUE_OCTETS)
-                {
-                    throw new IllegalArgumentException(
-                        "VOMS attribute values are not encoded as octet strings, policyAuthority = " + url);
-                }
-
-                ASN1OctetString[]   values = (ASN1OctetString[])attr.getValues();
-                for (int j = 0; j != values.length; j++)        
-                {
-                    String fqan = new String(values[j].getOctets());
-                    FQAN f = new FQAN(fqan);
-
-                    if (!myStringList.contains(fqan) && fqan.startsWith("/" + myVo + "/"))
-               {
-                        myStringList.add(fqan);
-                        myFQANs.add(f);
-                    }
-                }
-            }
-        }
-        catch (IllegalArgumentException ie) 
-        {
-            throw ie;
-        }
-        catch (Exception e) 
-        {
-            throw new IllegalArgumentException("Badly encoded VOMS extension in AC issued by " +
-                ac.getIssuer());
-        }
-    }
-
-    /**
-     * @return The AttributeCertificate containing the VOMS information
-     */
-    public X509AttributeCertificateHolder getAC()
-    {
-        return myAC;
-    }
-
-    /**
-     * @return List of String of the VOMS fully qualified
-     * attributes names (FQANs):<br>
-     * <code>/vo[/group[/group2...]][/Role=[role]][/Capability=capability]</code>
-     */
-    public List getFullyQualifiedAttributes()
-    {
-        return myStringList;
-    }
-
-    /**
-     * @return List of FQAN of the VOMS fully qualified
-     * attributes names (FQANs)
-     */
-    public List getListOfFQAN()
-    {
-        return myFQANs;
-    }
-
-    /**
-     * Returns the address of the issuing VOMS server, on the form <code>&lt;host&gt;:&lt;port&gt;</code>
-     * @return String
-     */
-    public String getHostPort()
-    {
-        return myHostPort;
-    }
-
-    /**
-     * Returns the VO name
-     * @return
-     */
-    public String getVO()
-    {
-        return myVo;
-    }
-
-    public String toString()
-    {
-        return "VO      :" + myVo + "\n" + "HostPort:" + myHostPort + "\n" + "FQANs   :" + myFQANs;
-    }
-
-    /**
-     * Inner class providing a container of the group,role,capability
-     * information triplet in an FQAN.
-     */
-    public class FQAN
-    {
-        String fqan;
-        String group;
-        String role;
-        String capability;
-
-        public FQAN(String fqan)
-        {
-            this.fqan = fqan;
-        }
-
-        public FQAN(String group, String role, String capability)
-        {
-            this.group = group;
-            this.role = role;
-            this.capability = capability;
-        }
-
-        public String getFQAN()
-        {
-            if (fqan != null)
-            {
-                return fqan;
-            }
-
-            fqan = group + "/Role=" + ((role != null) ? role : "") +
-                ((capability != null) ? ("/Capability=" + capability) : "");
-
-            return fqan;
-        }
-
-        protected void split()
-        {
-            int len = fqan.length();
-            int i = fqan.indexOf("/Role=");
-
-            if (i < 0)
-            {
-                return;
-            }
-
-            group = fqan.substring(0, i);
-
-            int j = fqan.indexOf("/Capability=", i + 6);
-            String s = (j < 0) ? fqan.substring(i + 6) : fqan.substring(i + 6, j);
-            role = (s.length() == 0) ? null : s;
-            s = (j < 0) ? null : fqan.substring(j + 12);
-            capability = ((s == null) || (s.length() == 0)) ? null : s;
-        }
-
-        public String getGroup()
-        {
-            if ((group == null) && (fqan != null))
-            {
-                split();
-            }
-
-            return group;
-        }
-
-        public String getRole()
-        {
-            if ((group == null) && (fqan != null))
-            {
-                split();
-            }
-
-            return role;
-        }
-
-        public String getCapability()   
-        {
-            if ((group == null) && (fqan != null))
-            {
-                split();
-            }
-
-            return capability;
-        }
-
-        public String toString()
-        {
-            return getFQAN();
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/LICENSE.java b/bcprov/src/main/java/org/bouncycastle/LICENSE.java
deleted file mode 100644
index db8c6f1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/LICENSE.java
+++ /dev/null

@@ -1,65 +0,0 @@
-package org.bouncycastle;
-
-import org.bouncycastle.util.Strings;
-
-/**
- * The Bouncy Castle License
- *
- * Copyright (c) 2000-2019 The Legion Of The Bouncy Castle Inc. (http://www.bouncycastle.org)
- * <p>
- * Permission is hereby granted, free of charge, to any person obtaining a copy of this software 
- * and associated documentation files (the "Software"), to deal in the Software without restriction, 
- * including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, 
- * and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so,
- * subject to the following conditions:
- * <p>
- * The above copyright notice and this permission notice shall be included in all copies or substantial
- * portions of the Software.
- * <p>
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,
- * INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR
- * PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE
- * LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR
- * OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- */
-public class LICENSE
-{
-    public static final String licenseText =
-      "Copyright (c) 2000-2019 The Legion of the Bouncy Castle Inc. (http://www.bouncycastle.org) "
-      + Strings.lineSeparator()
-      + Strings.lineSeparator()
-      + "Permission is hereby granted, free of charge, to any person obtaining a copy of this software "
-      + Strings.lineSeparator()
-      + "and associated documentation files (the \"Software\"), to deal in the Software without restriction, "
-      + Strings.lineSeparator()
-      + "including without limitation the rights to use, copy, modify, merge, publish, distribute, sublicense, "
-      + Strings.lineSeparator()
-      + "and/or sell copies of the Software, and to permit persons to whom the Software is furnished to do so,"
-      + Strings.lineSeparator()
-      + "subject to the following conditions:"
-      + Strings.lineSeparator()
-      + Strings.lineSeparator()
-      + "The above copyright notice and this permission notice shall be included in all copies or substantial"
-      + Strings.lineSeparator()
-      + "portions of the Software."
-      + Strings.lineSeparator()
-      + Strings.lineSeparator()
-      + "THE SOFTWARE IS PROVIDED \"AS IS\", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED,"
-      + Strings.lineSeparator()
-      + "INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR"
-      + Strings.lineSeparator()
-      + "PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE"
-      + Strings.lineSeparator()
-      + "LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR"
-      + Strings.lineSeparator()
-      + "OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER"
-      + Strings.lineSeparator()
-      + "DEALINGS IN THE SOFTWARE.";
-
-    public static void main(
-        String[]    args)
-    {
-        System.out.println(licenseText);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Boolean.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Boolean.java
index 6f5d1fa..e968660 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Boolean.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1Boolean.java

@@ -79,6 +79,17 @@
         return (value != 0 ? TRUE : FALSE);
     }
 
+    // BEGIN Android-added: Unknown reason
+    /**
+     * return a ASN1Boolean from the passed in array.
+     */
+    public static ASN1Boolean getInstance(
+        byte[] octets)
+    {
+        return (octets[0] != 0) ? TRUE : FALSE;
+    }
+
+    // END Android-added: Unknown reason
     /**
      * Return a Boolean from a tagged object.
      *
@@ -131,7 +142,8 @@
      * @deprecated use getInstance(boolean) method.
      * @param value true or false.
      */
-    public ASN1Boolean(
+    // Android-changed: Reduce visibility to protected
+    protected ASN1Boolean(
         boolean     value)
     {
         this.value = (value) ? TRUE_VALUE : FALSE_VALUE;

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1GeneralizedTime.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1GeneralizedTime.java
index d250c0b..ba8de8d 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1GeneralizedTime.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1GeneralizedTime.java

@@ -3,6 +3,8 @@
 import java.io.IOException;
 import java.text.ParseException;
 import java.text.SimpleDateFormat;
+// Android-added: Localization support
+import java.util.Calendar;
 import java.util.Date;
 import java.util.Locale;
 import java.util.SimpleTimeZone;
@@ -133,7 +135,9 @@
     public ASN1GeneralizedTime(
         Date time)
     {
-        SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", DateUtil.EN_Locale);
+        // Android-changed: Use localized version
+        // SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", DateUtil.EN_Locale);
+        SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", Locale.US);
 
         dateF.setTimeZone(new SimpleTimeZone(0, "Z"));
 
@@ -151,7 +155,11 @@
         Date time,
         Locale locale)
     {
-        SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", locale);
+        // BEGIN Android-changed: Use localized version
+        // SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", locale);
+        SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", Locale.US);
+        dateF.setCalendar(Calendar.getInstance(Locale.US));
+        // END Android-changed: Use localized version
 
         dateF.setTimeZone(new SimpleTimeZone(0, "Z"));
 
@@ -275,19 +283,27 @@
         {
             if (hasFractionalSeconds())
             {
-                dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS'Z'");
+                // Android-changed: Use localized version
+                // dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS'Z'");
+                dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS'Z'", Locale.US);
             }
             else if (hasSeconds())
             {
-                dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'");
+                // Android-changed: Use localized version
+                // dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'");
+                dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", Locale.US);
             }
             else if (hasMinutes())
             {
-                dateF = new SimpleDateFormat("yyyyMMddHHmm'Z'");
+                // Android-changed: Use localized version
+                // dateF = new SimpleDateFormat("yyyyMMddHHmm'Z'");
+                dateF = new SimpleDateFormat("yyyyMMddHHmm'Z'", Locale.US);
             }
             else
             {
-                dateF = new SimpleDateFormat("yyyyMMddHH'Z'");
+                // Android-changed: Use localized version
+                // dateF = new SimpleDateFormat("yyyyMMddHH'Z'");
+                dateF = new SimpleDateFormat("yyyyMMddHH'Z'", Locale.US);
             }
 
             dateF.setTimeZone(new SimpleTimeZone(0, "Z"));
@@ -297,19 +313,27 @@
             d = this.getTime();
             if (hasFractionalSeconds())
             {
-                dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSSz");
+                // Android-changed: Use localized version
+                // dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSSz");
+                dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSSz", Locale.US);
             }
             else if (hasSeconds())
             {
-                dateF = new SimpleDateFormat("yyyyMMddHHmmssz");
+                // Android-changed: Use localized version
+                // dateF = new SimpleDateFormat("yyyyMMddHHmmssz");
+                dateF = new SimpleDateFormat("yyyyMMddHHmmssz", Locale.US);
             }
             else if (hasMinutes())
             {
-                dateF = new SimpleDateFormat("yyyyMMddHHmmz");
+                // Android-changed: Use localized version
+                // dateF = new SimpleDateFormat("yyyyMMddHHmmz");
+                dateF = new SimpleDateFormat("yyyyMMddHHmmz", Locale.US);
             }
             else
             {
-                dateF = new SimpleDateFormat("yyyyMMddHHz");
+                // Android-changed: Use localized version
+                // dateF = new SimpleDateFormat("yyyyMMddHHz");
+                dateF = new SimpleDateFormat("yyyyMMddHHz", Locale.US);
             }
 
             dateF.setTimeZone(new SimpleTimeZone(0, "Z"));
@@ -318,19 +342,27 @@
         {
             if (hasFractionalSeconds())
             {
-                dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS");
+                // Android-changed: Use localized version
+                // dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS");
+                dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS", Locale.US);
             }
             else if (hasSeconds())
             {
-                dateF = new SimpleDateFormat("yyyyMMddHHmmss");
+                // Android-changed: Use localized version
+                // dateF = new SimpleDateFormat("yyyyMMddHHmmss");
+                dateF = new SimpleDateFormat("yyyyMMddHHmmss", Locale.US);
             }
             else if (hasMinutes())
             {
-                dateF = new SimpleDateFormat("yyyyMMddHHmm");
+                // Android-changed: Use localized version
+                // dateF = new SimpleDateFormat("yyyyMMddHHmm");
+                dateF = new SimpleDateFormat("yyyyMMddHHmm", Locale.US);
             }
             else
             {
-                dateF = new SimpleDateFormat("yyyyMMddHH");
+                // Android-changed: Use localized version
+                // dateF = new SimpleDateFormat("yyyyMMddHH");
+                dateF = new SimpleDateFormat("yyyyMMddHH", Locale.US);
             }
 
             dateF.setTimeZone(new SimpleTimeZone(0, TimeZone.getDefault().getID()));

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java
index 809457b..b5288a2 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1ObjectIdentifier.java

@@ -160,7 +160,8 @@
             }
         }
 
-        this.identifier = objId.toString();
+        // Android-changed: Intern the identifier so there aren't hundreds of duplicates in practice.
+        this.identifier = objId.toString().intern();
         this.body = Arrays.clone(bytes);
     }
 
@@ -181,7 +182,8 @@
             throw new IllegalArgumentException("string " + identifier + " not an OID");
         }
 
-        this.identifier = identifier;
+        // Android-changed: Intern the identifier so there aren't hundreds of duplicates in practice.
+        this.identifier = identifier.intern();
     }
 
     /**

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1UTCTime.java b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1UTCTime.java
index 0d6034a..d290937 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ASN1UTCTime.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/ASN1UTCTime.java

@@ -3,6 +3,8 @@
 import java.io.IOException;
 import java.text.ParseException;
 import java.text.SimpleDateFormat;
+// Android-added: Localization support
+import java.util.Calendar;
 import java.util.Date;
 import java.util.Locale;
 import java.util.SimpleTimeZone;
@@ -123,7 +125,9 @@
     public ASN1UTCTime(
         Date time)
     {
-        SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'", DateUtil.EN_Locale);
+        // Android-changed: Use localized version
+        // SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'", DateUtil.EN_Locale);
+        SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'", Locale.US);
 
         dateF.setTimeZone(new SimpleTimeZone(0,"Z"));
 
@@ -141,7 +145,11 @@
         Date time,
         Locale locale)
     {
-        SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'", locale);
+        // BEGIN Android-changed: Use localized version
+        // SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'", locale);
+        SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'", Locale.US);
+        dateF.setCalendar(Calendar.getInstance(locale));
+        // END Android-changed: Use localized version
 
         dateF.setTimeZone(new SimpleTimeZone(0,"Z"));
 
@@ -164,7 +172,9 @@
     public Date getDate()
         throws ParseException
     {
-        SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmssz");
+        // Android-changed: Use localized version
+        // SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmssz");
+        SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmssz", Locale.US);
 
         return DateUtil.epochAdjust(dateF.parse(getTime()));
     }
@@ -179,7 +189,9 @@
     public Date getAdjustedDate()
         throws ParseException
     {
-        SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmssz");
+        // Android-changed: Use localized version
+        // SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmssz");
+        SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmssz", Locale.US);
 
         dateF.setTimeZone(new SimpleTimeZone(0,"Z"));
         

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/BERSequenceGenerator.java b/bcprov/src/main/java/org/bouncycastle/asn1/BERSequenceGenerator.java
deleted file mode 100644
index 9c1f10d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/BERSequenceGenerator.java
+++ /dev/null

@@ -1,71 +0,0 @@
-package org.bouncycastle.asn1;
-
-import java.io.IOException;
-import java.io.OutputStream;
-
-/**
- * A stream generator for DER SEQUENCEs
- */
-public class BERSequenceGenerator
-    extends BERGenerator
-{
-    /**
-     * Use the passed in stream as the target for the generator, writing out the header tag
-     * for a constructed SEQUENCE.
-     *
-     * @param out target stream
-     * @throws IOException if the target stream cannot be written to.
-     */
-    public BERSequenceGenerator(
-        OutputStream out)
-        throws IOException
-    {
-        super(out);
-
-        writeBERHeader(BERTags.CONSTRUCTED | BERTags.SEQUENCE);
-    }
-
-    /**
-     * Use the passed in stream as the target for the generator, writing out the header tag
-     * for a tagged constructed SEQUENCE (possibly implicit).
-     *
-     * @param out target stream
-     * @param tagNo the tag number to introduce
-     * @param isExplicit true if this is an explicitly tagged object, false otherwise.
-     * @throws IOException if the target stream cannot be written to.
-     */
-    public BERSequenceGenerator(
-        OutputStream out,
-        int tagNo,
-        boolean isExplicit)
-        throws IOException
-    {
-        super(out, tagNo, isExplicit);
-
-        writeBERHeader(BERTags.CONSTRUCTED | BERTags.SEQUENCE);
-    }
-
-    /**
-     * Add an object to the SEQUENCE being generated.
-     *
-     * @param object an ASN.1 encodable object to add.
-     * @throws IOException if the target stream cannot be written to or the object cannot be encoded.
-     */
-    public void addObject(
-        ASN1Encodable object)
-        throws IOException
-    {
-        object.toASN1Primitive().encode(new BEROutputStream(_out));
-    }
-
-    /**
-     * Close of the generator, writing out the BER end tag.
-     *
-     * @throws IOException if the target stream cannot be written.
-     */
-    public void close()
-        throws IOException
-    {
-        writeBEREnd();
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DERGenerator.java b/bcprov/src/main/java/org/bouncycastle/asn1/DERGenerator.java
deleted file mode 100644
index dbf4a3f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/DERGenerator.java
+++ /dev/null

@@ -1,117 +0,0 @@
-package org.bouncycastle.asn1;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-
-/**
- * Basic class for streaming DER encoding generators.
- */
-public abstract class DERGenerator
-    extends ASN1Generator
-{
-    private boolean      _tagged = false;
-    private boolean      _isExplicit;
-    private int          _tagNo;
-
-    protected DERGenerator(
-        OutputStream out)
-    {
-        super(out);
-    }
-
-    /**
-     * Create a DER encoding generator for a tagged object.
-     *
-     * @param out the output stream to encode objects to.
-     * @param tagNo the tag number to head the output stream with.
-     * @param isExplicit true if the tagging should be explicit, false otherwise.
-     */
-    public DERGenerator(
-        OutputStream out,
-        int          tagNo,
-        boolean      isExplicit)
-    {
-        super(out);
-
-        _tagged = true;
-        _isExplicit = isExplicit;
-        _tagNo = tagNo;
-    }
-
-    private void writeLength(
-        OutputStream out,
-        int          length)
-        throws IOException
-    {
-        if (length > 127)
-        {
-            int size = 1;
-            int val = length;
-
-            while ((val >>>= 8) != 0)
-            {
-                size++;
-            }
-
-            out.write((byte)(size | 0x80));
-
-            for (int i = (size - 1) * 8; i >= 0; i -= 8)
-            {
-                out.write((byte)(length >> i));
-            }
-        }
-        else
-        {
-            out.write((byte)length);
-        }
-    }
-
-    void writeDEREncoded(
-        OutputStream out,
-        int          tag,
-        byte[]       bytes)
-        throws IOException
-    {
-        out.write(tag);
-        writeLength(out, bytes.length);
-        out.write(bytes);
-    }
-
-    void writeDEREncoded(
-        int       tag,
-        byte[]    bytes)
-        throws IOException
-    {
-        if (_tagged)
-        {
-            int tagNum = _tagNo | BERTags.TAGGED;
-
-            if (_isExplicit)
-            {
-                int newTag = _tagNo | BERTags.CONSTRUCTED | BERTags.TAGGED;
-
-                ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-                writeDEREncoded(bOut, tag, bytes);
-
-                writeDEREncoded(_out, newTag, bOut.toByteArray());
-            }
-            else
-            {
-                if ((tag & BERTags.CONSTRUCTED) != 0)
-                {
-                    writeDEREncoded(_out, tagNum | BERTags.CONSTRUCTED, bytes);
-                }
-                else
-                {
-                    writeDEREncoded(_out, tagNum, bytes);
-                }
-            }
-        }
-        else
-        {
-            writeDEREncoded(_out, tag, bytes);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DERNull.java b/bcprov/src/main/java/org/bouncycastle/asn1/DERNull.java
index fc2ca86..1981fef 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/DERNull.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/DERNull.java

@@ -17,7 +17,8 @@
     /**
      * @deprecated use DERNull.INSTANCE
      */
-    public DERNull()
+    // Android-changed: Reduce visibility to protected.
+    protected DERNull()
     {
     }
 

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DERSequenceGenerator.java b/bcprov/src/main/java/org/bouncycastle/asn1/DERSequenceGenerator.java
deleted file mode 100644
index 5338418..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/DERSequenceGenerator.java
+++ /dev/null

@@ -1,79 +0,0 @@
-package org.bouncycastle.asn1;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-
-/**
- * A stream generator for DER SEQUENCEs
- */
-public class DERSequenceGenerator
-    extends DERGenerator
-{
-    private final ByteArrayOutputStream _bOut = new ByteArrayOutputStream();
-
-    /**
-     * Use the passed in stream as the target for the generator.
-     *
-     * @param out target stream
-     * @throws IOException if the target stream cannot be written to.
-     */
-    public DERSequenceGenerator(
-        OutputStream out)
-        throws IOException
-    {
-        super(out);
-    }
-
-    /**
-     * Use the passed in stream as the target for the generator, writing out the header tag
-     * for a tagged constructed SEQUENCE (possibly implicit).
-     *
-     * @param out target stream
-     * @param tagNo the tag number to introduce
-     * @param isExplicit true if this is an explicitly tagged object, false otherwise.
-     * @throws IOException if the target stream cannot be written to.
-     */
-    public DERSequenceGenerator(
-        OutputStream out,
-        int          tagNo,
-        boolean      isExplicit)
-        throws IOException
-    {
-        super(out, tagNo, isExplicit);
-    }
-
-    /**
-     * Add an object to the SEQUENCE being generated.
-     *
-     * @param object an ASN.1 encodable object to add.
-     * @throws IOException if the target stream cannot be written to or the object cannot be encoded.
-     */
-    public void addObject(
-        ASN1Encodable object)
-        throws IOException
-    {
-        object.toASN1Primitive().encode(new DEROutputStream(_bOut));
-    }
-
-    /**
-     * Return the target stream for the SEQUENCE.
-     *
-     * @return  the OutputStream the SEQUENCE is being written to.
-     */
-    public OutputStream getRawOutputStream()
-    {
-        return _bOut;
-    }
-
-    /**
-     * Close of the generator, writing out the SEQUENCE.
-     *
-     * @throws IOException if the target stream cannot be written.
-     */
-    public void close() 
-        throws IOException
-    {
-        writeDEREncoded(BERTags.CONSTRUCTED | BERTags.SEQUENCE, _bOut.toByteArray());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/DERT61UTF8String.java b/bcprov/src/main/java/org/bouncycastle/asn1/DERT61UTF8String.java
deleted file mode 100644
index cad5bd7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/DERT61UTF8String.java
+++ /dev/null

@@ -1,155 +0,0 @@
-package org.bouncycastle.asn1;
-
-import java.io.IOException;
-
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-
-/**
- * DER T61String (also the teletex string) - a "modern" encapsulation that uses UTF-8. If at all possible, avoid this one! It's only for emergencies.
- * Use UTF8String instead.
- * @deprecated don't use this class, introduced in error, it will be removed.
- */
-public class DERT61UTF8String
-    extends ASN1Primitive
-    implements ASN1String
-{
-    private byte[] string;
-
-    /**
-     * return a T61 string from the passed in object. UTF-8 Encoding is assumed in this case.
-     *
-     * @param obj a DERT61UTF8String or an object that can be converted into one.
-     * @throws IllegalArgumentException if the object cannot be converted.
-     * @return a DERT61UTF8String instance, or null
-     */
-    public static DERT61UTF8String getInstance(
-        Object obj)
-    {
-        if (obj instanceof DERT61String)
-        {
-            return new DERT61UTF8String(((DERT61String)obj).getOctets());
-        }
-
-        if (obj == null || obj instanceof DERT61UTF8String)
-        {
-            return (DERT61UTF8String)obj;
-        }
-
-        if (obj instanceof byte[])
-        {
-            try
-            {
-                return new DERT61UTF8String(((DERT61String)fromByteArray((byte[])obj)).getOctets());
-            }
-            catch (Exception e)
-            {
-                throw new IllegalArgumentException("encoding error in getInstance: " + e.toString());
-            }
-        }
-
-        throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName());
-    }
-
-    /**
-     * return an T61 String from a tagged object. UTF-8 encoding is assumed in this case.
-     *
-     * @param obj      the tagged object holding the object we want
-     * @param explicit true if the object is meant to be explicitly
-     *                 tagged false otherwise.
-     * @throws IllegalArgumentException if the tagged object cannot
-     * be converted.
-     * @return a DERT61UTF8String instance, or null
-     */
-    public static DERT61UTF8String getInstance(
-        ASN1TaggedObject obj,
-        boolean explicit)
-    {
-        ASN1Primitive o = obj.getObject();
-
-        if (explicit || o instanceof DERT61String || o instanceof DERT61UTF8String)
-        {
-            return getInstance(o);
-        }
-        else
-        {
-            return new DERT61UTF8String(ASN1OctetString.getInstance(o).getOctets());
-        }
-    }
-
-    /**
-     * basic constructor - string encoded as a sequence of bytes.
-     */
-    public DERT61UTF8String(
-        byte[] string)
-    {
-        this.string = string;
-    }
-
-    /**
-     * basic constructor - with string UTF8 conversion assumed.
-     */
-    public DERT61UTF8String(
-        String string)
-    {
-        this(Strings.toUTF8ByteArray(string));
-    }
-
-    /**
-     * Decode the encoded string and return it, UTF8 assumed.
-     *
-     * @return the decoded String
-     */
-    public String getString()
-    {
-        return Strings.fromUTF8ByteArray(string);
-    }
-
-    public String toString()
-    {
-        return getString();
-    }
-
-    boolean isConstructed()
-    {
-        return false;
-    }
-
-    int encodedLength()
-    {
-        return 1 + StreamUtil.calculateBodyLength(string.length) + string.length;
-    }
-
-    void encode(
-        ASN1OutputStream out)
-        throws IOException
-    {
-        out.writeEncoded(BERTags.T61_STRING, string);
-    }
-
-    /**
-     * Return the encoded string as a byte array.
-     *
-     * @return the actual bytes making up the encoded body of the T61 string.
-     */
-    public byte[] getOctets()
-    {
-        return Arrays.clone(string);
-    }
-
-    boolean asn1Equals(
-        ASN1Primitive o)
-    {
-        if (!(o instanceof DERT61UTF8String))
-        {
-            return false;
-        }
-
-        return Arrays.areEqual(string, ((DERT61UTF8String)o).string);
-    }
-
-    public int hashCode()
-    {
-        return Arrays.hashCode(string);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/StreamUtil.java b/bcprov/src/main/java/org/bouncycastle/asn1/StreamUtil.java
index b6cb070..1fc8ab0 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/StreamUtil.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/StreamUtil.java

@@ -8,7 +8,8 @@
 
 class StreamUtil
 {
-    private static final long  MAX_MEMORY = Runtime.getRuntime().maxMemory();
+    // Android-removed: Check max memory at runtime
+    // private static final long  MAX_MEMORY = Runtime.getRuntime().maxMemory();
 
     /**
      * Find out possible longest length...
@@ -48,12 +49,15 @@
             }
         }
 
-        if (MAX_MEMORY > Integer.MAX_VALUE)
+        // BEGIN Android-changed: Check max memory at runtime
+        long maxMemory = Runtime.getRuntime().maxMemory();
+        if (maxMemory > Integer.MAX_VALUE)
         {
             return Integer.MAX_VALUE;
         }
 
-        return (int)MAX_MEMORY;
+        return (int) maxMemory;
+        // END Android-changed: Check max memory at runtime
     }
 
     static int calculateBodyLength(

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/anssi/ANSSINamedCurves.java b/bcprov/src/main/java/org/bouncycastle/asn1/anssi/ANSSINamedCurves.java
deleted file mode 100644
index 52ad55a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/anssi/ANSSINamedCurves.java
+++ /dev/null

@@ -1,120 +0,0 @@
-package org.bouncycastle.asn1.anssi;
-
-import java.math.BigInteger;
-import java.util.Enumeration;
-import java.util.Hashtable;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.asn1.x9.X9ECParametersHolder;
-import org.bouncycastle.asn1.x9.X9ECPoint;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-
-/**
- * ANSSI Elliptic curve table.
- */
-public class ANSSINamedCurves
-{
-    private static ECCurve configureCurve(ECCurve curve)
-    {
-        return curve;
-    }
-
-    private static BigInteger fromHex(
-        String hex)
-    {
-        return new BigInteger(1, Hex.decode(hex));
-    }
-
-    /*
-     * FRP256v1
-     */
-    static X9ECParametersHolder FRP256v1 = new X9ECParametersHolder()
-    {
-        protected X9ECParameters createParameters()
-        {
-            BigInteger p = fromHex("F1FD178C0B3AD58F10126DE8CE42435B3961ADBCABC8CA6DE8FCF353D86E9C03");
-            BigInteger a = fromHex("F1FD178C0B3AD58F10126DE8CE42435B3961ADBCABC8CA6DE8FCF353D86E9C00");
-            BigInteger b = fromHex("EE353FCA5428A9300D4ABA754A44C00FDFEC0C9AE4B1A1803075ED967B7BB73F");
-            byte[] S = null;
-            BigInteger n = fromHex("F1FD178C0B3AD58F10126DE8CE42435B53DC67E140D2BF941FFDD459C6D655E1");
-            BigInteger h = BigInteger.valueOf(1);
-
-            ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b, n, h));
-            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
-                + "B6B3D4C356C139EB31183D4749D423958C27D2DCAF98B70164C97A2DD98F5CFF"
-                + "6142E0F7C8B204911F9271F0F3ECEF8C2701C307E8E4C9E183115A1554062CFB"));
-
-            return new X9ECParameters(curve, G, n, h, S);
-        }
-    };
-
-
-    static final Hashtable objIds = new Hashtable();
-    static final Hashtable curves = new Hashtable();
-    static final Hashtable names = new Hashtable();
-
-    static void defineCurve(String name, ASN1ObjectIdentifier oid, X9ECParametersHolder holder)
-    {
-        objIds.put(Strings.toLowerCase(name), oid);
-        names.put(oid, name);
-        curves.put(oid, holder);
-    }
-
-    static
-    {
-        defineCurve("FRP256v1", ANSSIObjectIdentifiers.FRP256v1, FRP256v1);
-    }
-
-    public static X9ECParameters getByName(
-        String name)
-    {
-        ASN1ObjectIdentifier oid = getOID(name);
-        return oid == null ? null : getByOID(oid);
-    }
-
-    /**
-     * return the X9ECParameters object for the named curve represented by
-     * the passed in object identifier. Null if the curve isn't present.
-     *
-     * @param oid an object identifier representing a named curve, if present.
-     */
-    public static X9ECParameters getByOID(
-        ASN1ObjectIdentifier oid)
-    {
-        X9ECParametersHolder holder = (X9ECParametersHolder)curves.get(oid);
-        return holder == null ? null : holder.getParameters();
-    }
-
-    /**
-     * return the object identifier signified by the passed in name. Null
-     * if there is no object identifier associated with name.
-     *
-     * @return the object identifier associated with name, if present.
-     */
-    public static ASN1ObjectIdentifier getOID(
-        String name)
-    {
-        return (ASN1ObjectIdentifier)objIds.get(Strings.toLowerCase(name));
-    }
-
-    /**
-     * return the named curve name represented by the given object identifier.
-     */
-    public static String getName(
-        ASN1ObjectIdentifier oid)
-    {
-        return (String)names.get(oid);
-    }
-
-    /**
-     * returns an enumeration containing the name strings for curves
-     * contained in this structure.
-     */
-    public static Enumeration getNames()
-    {
-        return names.elements();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/anssi/ANSSIObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/anssi/ANSSIObjectIdentifiers.java
deleted file mode 100644
index a8d4259..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/anssi/ANSSIObjectIdentifiers.java
+++ /dev/null

@@ -1,11 +0,0 @@
-package org.bouncycastle.asn1.anssi;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-
-/**
- * Object Identifiers belong to the French Agency, ANSSI.
- */
-public interface ANSSIObjectIdentifiers
-{
-    ASN1ObjectIdentifier FRP256v1 = new ASN1ObjectIdentifier("1.2.250.1.223.101.256.1");
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/anssi/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/anssi/package.html
deleted file mode 100644
index f0ee6dc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/anssi/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes for the French ANSSI EC curves.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/bc/BCObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/bc/BCObjectIdentifiers.java
index 62df018..dae0dac 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/bc/BCObjectIdentifiers.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/bc/BCObjectIdentifiers.java

@@ -72,9 +72,11 @@
      */
     public static final ASN1ObjectIdentifier bc_sig        = bc.branch("2");
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     /**
      * Sphincs-256
-     */
+     *
     public static final ASN1ObjectIdentifier sphincs256                      = bc_sig.branch("1");
     public static final ASN1ObjectIdentifier sphincs256_with_BLAKE512        = sphincs256.branch("1");
     public static final ASN1ObjectIdentifier sphincs256_with_SHA512          = sphincs256.branch("2");
@@ -153,11 +155,13 @@
 
     /**
      * key_exchange(3) algorithms
-     */
+     *
     public static final ASN1ObjectIdentifier bc_exch = bc.branch("3");
 
     /**
      * NewHope
-     */
+     *
     public static final ASN1ObjectIdentifier newHope = bc_exch.branch("1");
+    */
+    // END Android-removed: Unsupported algorithms
 }

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/bc/EncryptedObjectStoreData.java b/bcprov/src/main/java/org/bouncycastle/asn1/bc/EncryptedObjectStoreData.java
deleted file mode 100644
index 380964b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/bc/EncryptedObjectStoreData.java
+++ /dev/null

@@ -1,71 +0,0 @@
-package org.bouncycastle.asn1.bc;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * <pre>
- * EncryptedObjectStoreData ::= SEQUENCE {
- *     encryptionAlgorithm AlgorithmIdentifier
- *     encryptedContent OCTET STRING
- * }
- * </pre>
- */
-public class EncryptedObjectStoreData
-    extends ASN1Object
-{
-    private final AlgorithmIdentifier encryptionAlgorithm;
-    private final ASN1OctetString encryptedContent;
-
-    public EncryptedObjectStoreData(AlgorithmIdentifier encryptionAlgorithm, byte[] encryptedContent)
-    {
-        this.encryptionAlgorithm = encryptionAlgorithm;
-        this.encryptedContent = new DEROctetString(encryptedContent);
-    }
-
-    private EncryptedObjectStoreData(ASN1Sequence seq)
-    {
-        this.encryptionAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(0));
-        this.encryptedContent = ASN1OctetString.getInstance(seq.getObjectAt(1));
-    }
-
-    public static EncryptedObjectStoreData getInstance(Object o)
-    {
-        if (o instanceof EncryptedObjectStoreData)
-        {
-            return (EncryptedObjectStoreData)o;
-        }
-        else if (o != null)
-        {
-            return new EncryptedObjectStoreData(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public ASN1OctetString getEncryptedContent()
-    {
-        return encryptedContent;
-    }
-
-    public AlgorithmIdentifier getEncryptionAlgorithm()
-    {
-        return encryptionAlgorithm;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(encryptionAlgorithm);
-        v.add(encryptedContent);
-
-        return new DERSequence(v);
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/bc/EncryptedPrivateKeyData.java b/bcprov/src/main/java/org/bouncycastle/asn1/bc/EncryptedPrivateKeyData.java
deleted file mode 100644
index ec66c08..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/bc/EncryptedPrivateKeyData.java
+++ /dev/null

@@ -1,80 +0,0 @@
-package org.bouncycastle.asn1.bc;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo;
-import org.bouncycastle.asn1.x509.Certificate;
-
-/**
- * <pre>
- *     EncryptedPrivateKeyObjectData ::= SEQUENCE {
- *         encryptedPrivateKeyInfo EncryptedPrivateKeyInfo,
- *         certificates SEQUENCE OF Certificate
- *     }
- * </pre>
- */
-public class EncryptedPrivateKeyData
-    extends ASN1Object
-{
-    private final EncryptedPrivateKeyInfo encryptedPrivateKeyInfo;
-    private final Certificate[] certificateChain;
-
-    public EncryptedPrivateKeyData(EncryptedPrivateKeyInfo encryptedPrivateKeyInfo, Certificate[] certificateChain)
-    {
-        this.encryptedPrivateKeyInfo = encryptedPrivateKeyInfo;
-        this.certificateChain = new Certificate[certificateChain.length];
-        System.arraycopy(certificateChain, 0, this.certificateChain, 0, certificateChain.length);
-    }
-
-    private EncryptedPrivateKeyData(ASN1Sequence seq)
-    {
-        encryptedPrivateKeyInfo = EncryptedPrivateKeyInfo.getInstance(seq.getObjectAt(0));
-        ASN1Sequence certSeq = ASN1Sequence.getInstance(seq.getObjectAt(1));
-        certificateChain = new Certificate[certSeq.size()];
-        for (int i = 0; i != certificateChain.length; i++)
-        {
-            certificateChain[i] = Certificate.getInstance(certSeq.getObjectAt(i));
-        }
-    }
-
-    public static EncryptedPrivateKeyData getInstance(Object o)
-    {
-        if (o instanceof EncryptedPrivateKeyData)
-        {
-            return (EncryptedPrivateKeyData)o;
-        }
-        else if (o != null)
-        {
-            return new EncryptedPrivateKeyData(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public Certificate[] getCertificateChain()
-    {
-        Certificate[] tmp = new Certificate[certificateChain.length];
-
-        System.arraycopy(certificateChain, 0, tmp, 0, certificateChain.length);
-
-        return tmp;
-    }
-
-    public EncryptedPrivateKeyInfo getEncryptedPrivateKeyInfo()
-    {
-        return encryptedPrivateKeyInfo;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(encryptedPrivateKeyInfo);
-        v.add(new DERSequence(certificateChain));
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/bc/EncryptedSecretKeyData.java b/bcprov/src/main/java/org/bouncycastle/asn1/bc/EncryptedSecretKeyData.java
deleted file mode 100644
index 5b66f68..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/bc/EncryptedSecretKeyData.java
+++ /dev/null

@@ -1,73 +0,0 @@
-package org.bouncycastle.asn1.bc;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.Arrays;
-
-/**
- * <pre>
- *     EncryptedSecretKeyData ::= SEQUENCE {
- *         keyEncryptionAlgorithm AlgorithmIdentifier,
- *         encryptedKeyData OCTET STRING
- *     }
- * </pre>
- */
-public class EncryptedSecretKeyData
-    extends ASN1Object
-{
-    private final AlgorithmIdentifier keyEncryptionAlgorithm;
-    private final ASN1OctetString encryptedKeyData;
-
-    public EncryptedSecretKeyData(AlgorithmIdentifier keyEncryptionAlgorithm, byte[] encryptedKeyData)
-    {
-        this.keyEncryptionAlgorithm = keyEncryptionAlgorithm;
-        this.encryptedKeyData = new DEROctetString(Arrays.clone(encryptedKeyData));
-    }
-
-    private EncryptedSecretKeyData(ASN1Sequence seq)
-    {
-        this.keyEncryptionAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(0));
-        this.encryptedKeyData = ASN1OctetString.getInstance(seq.getObjectAt(1));
-    }
-
-    public static EncryptedSecretKeyData getInstance(Object o)
-    {
-        if (o instanceof EncryptedSecretKeyData)
-        {
-            return (EncryptedSecretKeyData)o;
-        }
-        else if (o != null)
-        {
-            return new EncryptedSecretKeyData(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-
-    public AlgorithmIdentifier getKeyEncryptionAlgorithm()
-    {
-        return keyEncryptionAlgorithm;
-    }
-
-    public byte[] getEncryptedKeyData()
-    {
-        return Arrays.clone(encryptedKeyData.getOctets());
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(keyEncryptionAlgorithm);
-        v.add(encryptedKeyData);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/bc/ObjectData.java b/bcprov/src/main/java/org/bouncycastle/asn1/bc/ObjectData.java
deleted file mode 100644
index afe3c92..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/bc/ObjectData.java
+++ /dev/null

@@ -1,123 +0,0 @@
-package org.bouncycastle.asn1.bc;
-
-import java.math.BigInteger;
-import java.util.Date;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERGeneralizedTime;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.util.Arrays;
-
-/**
- * <pre>
- * ObjectData ::= SEQUENCE {
- *     type             INTEGER,
- *     identifier       UTF8String,
- *     creationDate     GeneralizedTime,
- *     lastModifiedDate GeneralizedTime,
- *     data             OCTET STRING,
- *     comment          UTF8String OPTIONAL
- * }
- * </pre>
- */
-public class ObjectData
-    extends ASN1Object
-{
-    private final BigInteger          type;
-    private final String              identifier;
-    private final ASN1GeneralizedTime creationDate;
-    private final ASN1GeneralizedTime lastModifiedDate;
-    private final ASN1OctetString data;
-    private final String              comment;
-
-    private ObjectData(ASN1Sequence seq)
-    {
-        this.type = ASN1Integer.getInstance(seq.getObjectAt(0)).getValue();
-        this.identifier = DERUTF8String.getInstance(seq.getObjectAt(1)).getString();
-        this.creationDate = ASN1GeneralizedTime.getInstance(seq.getObjectAt(2));
-        this.lastModifiedDate = ASN1GeneralizedTime.getInstance(seq.getObjectAt(3));
-        this.data = ASN1OctetString.getInstance(seq.getObjectAt(4));
-        this.comment = (seq.size() == 6) ? DERUTF8String.getInstance(seq.getObjectAt(5)).getString() : null;
-    }
-
-    public ObjectData(BigInteger type, String identifier, Date creationDate, Date lastModifiedDate, byte[] data, String comment)
-    {
-        this.type = type;
-        this.identifier = identifier;
-        this.creationDate = new DERGeneralizedTime(creationDate);
-        this.lastModifiedDate = new DERGeneralizedTime(lastModifiedDate);
-        this.data = new DEROctetString(Arrays.clone(data));
-        this.comment = comment;
-    }
-
-    public static ObjectData getInstance(
-        Object obj)
-    {
-        if (obj instanceof ObjectData)
-        {
-            return (ObjectData)obj;
-        }
-        else if (obj != null)
-        {
-            return new ObjectData(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public String getComment()
-    {
-        return comment;
-    }
-
-    public ASN1GeneralizedTime getCreationDate()
-    {
-        return creationDate;
-    }
-
-    public byte[] getData()
-    {
-        return Arrays.clone(data.getOctets());
-    }
-
-    public String getIdentifier()
-    {
-        return identifier;
-    }
-
-    public ASN1GeneralizedTime getLastModifiedDate()
-    {
-        return lastModifiedDate;
-    }
-
-    public BigInteger getType()
-    {
-        return type;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(new ASN1Integer(type));
-        v.add(new DERUTF8String(identifier));
-        v.add(creationDate);
-        v.add(lastModifiedDate);
-        v.add(data);
-
-        if (comment != null)
-        {
-            v.add(new DERUTF8String(comment));
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/bc/ObjectDataSequence.java b/bcprov/src/main/java/org/bouncycastle/asn1/bc/ObjectDataSequence.java
deleted file mode 100644
index f45ca15..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/bc/ObjectDataSequence.java
+++ /dev/null

@@ -1,64 +0,0 @@
-package org.bouncycastle.asn1.bc;
-
-import java.util.Iterator;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.util.Arrays;
-
-/**
- * <pre>
- * ObjectDataSequence ::= SEQUENCE OF ObjectData
- * </pre>
- */
-public class ObjectDataSequence
-    extends ASN1Object
-    implements org.bouncycastle.util.Iterable<ASN1Encodable>
-{
-    private final ASN1Encodable[] dataSequence;
-
-    public ObjectDataSequence(ObjectData[] dataSequence)
-    {
-        this.dataSequence = new ASN1Encodable[dataSequence.length];
-
-        System.arraycopy(dataSequence, 0, this.dataSequence, 0, dataSequence.length);
-    }
-
-    private ObjectDataSequence(ASN1Sequence seq)
-    {
-        dataSequence = new ASN1Encodable[seq.size()];
-
-        for (int i = 0; i != dataSequence.length; i++)
-        {
-            dataSequence[i] = ObjectData.getInstance(seq.getObjectAt(i));
-        }
-    }
-
-    public static ObjectDataSequence getInstance(
-        Object obj)
-    {
-        if (obj instanceof ObjectDataSequence)
-        {
-            return (ObjectDataSequence)obj;
-        }
-        else if (obj != null)
-        {
-            return new ObjectDataSequence(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return new DERSequence(dataSequence);
-    }
-
-    public Iterator<ASN1Encodable> iterator()
-    {
-        return new Arrays.Iterator<ASN1Encodable>(dataSequence);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/bc/ObjectStore.java b/bcprov/src/main/java/org/bouncycastle/asn1/bc/ObjectStore.java
deleted file mode 100644
index 0d84cb4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/bc/ObjectStore.java
+++ /dev/null

@@ -1,106 +0,0 @@
-package org.bouncycastle.asn1.bc;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <pre>
- * ObjectStore ::= SEQUENCE {
- *     CHOICE {
- *          encryptedObjectStoreData EncryptedObjectStoreData,
- *          objectStoreData ObjectStoreData
- *     }
- *     integrityCheck ObjectStoreIntegrityCheck
- * }
- * </pre>
- */
-public class ObjectStore
-    extends ASN1Object
-{
-    private final ASN1Encodable storeData;
-    private final ObjectStoreIntegrityCheck integrityCheck;
-
-    public ObjectStore(ObjectStoreData objectStoreData, ObjectStoreIntegrityCheck integrityCheck)
-    {
-        this.storeData = objectStoreData;
-        this.integrityCheck = integrityCheck;
-    }
-
-
-    public ObjectStore(EncryptedObjectStoreData encryptedObjectStoreData, ObjectStoreIntegrityCheck integrityCheck)
-    {
-        this.storeData = encryptedObjectStoreData;
-        this.integrityCheck = integrityCheck;
-    }
-
-    private ObjectStore(ASN1Sequence seq)
-    {
-        if (seq.size() != 2)
-        {
-            throw new IllegalArgumentException("malformed sequence");
-        }
-        
-        ASN1Encodable sData = seq.getObjectAt(0);
-        if (sData instanceof EncryptedObjectStoreData)
-        {
-            this.storeData = sData;
-        }
-        else if (sData instanceof ObjectStoreData)
-        {
-            this.storeData = sData;
-        }
-        else
-        {
-            ASN1Sequence seqData = ASN1Sequence.getInstance(sData);
-
-            if (seqData.size() == 2)
-            {
-                this.storeData = EncryptedObjectStoreData.getInstance(seqData);
-            }
-            else
-            {
-                this.storeData = ObjectStoreData.getInstance(seqData);
-            }
-        }
-
-        this.integrityCheck = ObjectStoreIntegrityCheck.getInstance(seq.getObjectAt(1));
-    }
-
-    public static ObjectStore getInstance(Object o)
-    {
-        if (o instanceof ObjectStore)
-        {
-            return (ObjectStore)o;
-        }
-        else if (o != null)
-        {
-            return new ObjectStore(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public ObjectStoreIntegrityCheck getIntegrityCheck()
-    {
-        return integrityCheck;
-    }
-
-    public ASN1Encodable getStoreData()
-    {
-        return storeData;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(storeData);
-        v.add(integrityCheck);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/bc/ObjectStoreData.java b/bcprov/src/main/java/org/bouncycastle/asn1/bc/ObjectStoreData.java
deleted file mode 100644
index e9cc0a8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/bc/ObjectStoreData.java
+++ /dev/null

@@ -1,121 +0,0 @@
-package org.bouncycastle.asn1.bc;
-
-import java.math.BigInteger;
-import java.util.Date;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERGeneralizedTime;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * <pre>
- * ObjectStoreData ::= SEQUENCE {
- *     version INTEGER.
- *     dataSalt OCTET STRING,
- *     integrityAlgorithm AlgorithmIdentifier,
- *     creationDate GeneralizedTime,
- *     lastModifiedDate GeneralizedTime,
- *     objectDataSequence ObjectDataSequence,
- *     comment UTF8String OPTIONAL
- * }
- * </pre>
- */
-public class ObjectStoreData
-    extends ASN1Object
-{
-    private final BigInteger version;
-    private final AlgorithmIdentifier integrityAlgorithm;
-    private final ASN1GeneralizedTime creationDate;
-    private final ASN1GeneralizedTime lastModifiedDate;
-    private final ObjectDataSequence objectDataSequence;
-    private final String comment;
-
-    public ObjectStoreData(AlgorithmIdentifier integrityAlgorithm, Date creationDate, Date lastModifiedDate, ObjectDataSequence objectDataSequence, String comment)
-    {
-        this.version = BigInteger.valueOf(1);
-        this.integrityAlgorithm = integrityAlgorithm;
-        this.creationDate = new DERGeneralizedTime(creationDate);
-        this.lastModifiedDate = new DERGeneralizedTime(lastModifiedDate);
-        this.objectDataSequence = objectDataSequence;
-        this.comment = comment;
-    }
-
-    private ObjectStoreData(ASN1Sequence seq)
-    {
-        this.version = ASN1Integer.getInstance(seq.getObjectAt(0)).getValue();
-        this.integrityAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(1));
-        this.creationDate = ASN1GeneralizedTime.getInstance(seq.getObjectAt(2));
-        this.lastModifiedDate = ASN1GeneralizedTime.getInstance(seq.getObjectAt(3));
-        this.objectDataSequence = ObjectDataSequence.getInstance(seq.getObjectAt(4));
-        this.comment = (seq.size() == 6) ? DERUTF8String.getInstance(seq.getObjectAt(5)).getString() : null;
-    }
-
-    public static ObjectStoreData getInstance(Object o)
-    {
-        if (o instanceof ObjectStoreData)
-        {
-            return (ObjectStoreData)o;
-        }
-        else if (o != null)
-        {
-            return new ObjectStoreData(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public String getComment()
-    {
-        return comment;
-    }
-
-    public ASN1GeneralizedTime getCreationDate()
-    {
-        return creationDate;
-    }
-
-    public AlgorithmIdentifier getIntegrityAlgorithm()
-    {
-        return integrityAlgorithm;
-    }
-
-    public ASN1GeneralizedTime getLastModifiedDate()
-    {
-        return lastModifiedDate;
-    }
-
-    public ObjectDataSequence getObjectDataSequence()
-    {
-        return objectDataSequence;
-    }
-
-    public BigInteger getVersion()
-    {
-        return version;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(new ASN1Integer(version));
-        v.add(integrityAlgorithm);
-        v.add(creationDate);
-        v.add(lastModifiedDate);
-        v.add(objectDataSequence);
-
-        if (comment != null)
-        {
-            v.add(new DERUTF8String(comment));
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/bc/ObjectStoreIntegrityCheck.java b/bcprov/src/main/java/org/bouncycastle/asn1/bc/ObjectStoreIntegrityCheck.java
deleted file mode 100644
index 29385cf..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/bc/ObjectStoreIntegrityCheck.java
+++ /dev/null

@@ -1,103 +0,0 @@
-package org.bouncycastle.asn1.bc;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERTaggedObject;
-
-/**
- * <pre>
- * ObjectStoreIntegrityCheck ::= CHOICE {
- *     PbkdMacIntegrityCheck
- *     [0] EXPLICIT SignatureCheck
- * }
- * </pre>
- */
-public class ObjectStoreIntegrityCheck
-    extends ASN1Object
-    implements ASN1Choice
-{
-    public static final int PBKD_MAC_CHECK = 0;
-    public static final int SIG_CHECK = 1;
-
-    private final int type;
-    private final ASN1Object integrityCheck;
-
-    public ObjectStoreIntegrityCheck(PbkdMacIntegrityCheck macIntegrityCheck)
-    {
-        this((ASN1Encodable)macIntegrityCheck);
-    }
-
-    public ObjectStoreIntegrityCheck(SignatureCheck signatureCheck)
-    {
-        this(new DERTaggedObject(0, signatureCheck));
-    }
-
-    private ObjectStoreIntegrityCheck(ASN1Encodable obj)
-    {
-        if (obj instanceof ASN1Sequence || obj instanceof  PbkdMacIntegrityCheck)
-        {
-            this.type = PBKD_MAC_CHECK;
-            this.integrityCheck = PbkdMacIntegrityCheck.getInstance(obj);
-        }
-        else if (obj instanceof ASN1TaggedObject)
-        {
-            this.type = SIG_CHECK;
-            this.integrityCheck = SignatureCheck.getInstance(((ASN1TaggedObject)obj).getObject());
-        }
-        else
-        {
-            throw new IllegalArgumentException("Unknown check object in integrity check.");
-        }
-    }
-
-    public static ObjectStoreIntegrityCheck getInstance(Object o)
-    {
-        if (o instanceof ObjectStoreIntegrityCheck)
-        {
-            return (ObjectStoreIntegrityCheck)o;
-        }
-        else if (o instanceof byte[])
-        {
-            try
-            {
-                return new ObjectStoreIntegrityCheck(ASN1Primitive.fromByteArray((byte[])o));
-            }
-            catch (IOException e)
-            {
-                throw new IllegalArgumentException("Unable to parse integrity check details.");
-            }
-        }
-        else if (o != null)
-        {
-            return new ObjectStoreIntegrityCheck((ASN1Encodable)(o));
-        }
-
-        return null;
-    }
-
-
-    public int getType()
-    {
-        return type;
-    }
-
-    public ASN1Object getIntegrityCheck()
-    {
-        return integrityCheck;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        if (integrityCheck instanceof SignatureCheck)
-        {
-            return new DERTaggedObject(0, integrityCheck);
-        }
-        return integrityCheck.toASN1Primitive();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/bc/PbkdMacIntegrityCheck.java b/bcprov/src/main/java/org/bouncycastle/asn1/bc/PbkdMacIntegrityCheck.java
deleted file mode 100644
index f62e86e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/bc/PbkdMacIntegrityCheck.java
+++ /dev/null

@@ -1,83 +0,0 @@
-package org.bouncycastle.asn1.bc;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.pkcs.KeyDerivationFunc;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.Arrays;
-
-/**
- * <pre>
- * PbkdMacIntegrityCheck ::= SEQUENCE {
- *     macAlgorithm AlgorithmIdentifier,
- *     pbkdAlgorithm KeyDerivationFunc,
- *     mac OCTET STRING
- * }
- * </pre>
- */
-public class PbkdMacIntegrityCheck
-    extends ASN1Object
-{
-    private final AlgorithmIdentifier macAlgorithm;
-    private final KeyDerivationFunc pbkdAlgorithm;
-    private final ASN1OctetString mac;
-
-    public PbkdMacIntegrityCheck(AlgorithmIdentifier macAlgorithm, KeyDerivationFunc pbkdAlgorithm, byte[] mac)
-    {
-        this.macAlgorithm = macAlgorithm;
-        this.pbkdAlgorithm = pbkdAlgorithm;
-        this.mac = new DEROctetString(Arrays.clone(mac));
-    }
-
-    private PbkdMacIntegrityCheck(ASN1Sequence seq)
-    {
-        this.macAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(0));
-        this.pbkdAlgorithm = KeyDerivationFunc.getInstance(seq.getObjectAt(1));
-        this.mac = ASN1OctetString.getInstance(seq.getObjectAt(2));
-    }
-
-    public static PbkdMacIntegrityCheck getInstance(Object o)
-    {
-        if (o instanceof PbkdMacIntegrityCheck)
-        {
-            return (PbkdMacIntegrityCheck)o;
-        }
-        else if (o != null)
-        {
-            return new PbkdMacIntegrityCheck(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public AlgorithmIdentifier getMacAlgorithm()
-    {
-        return macAlgorithm;
-    }
-
-    public KeyDerivationFunc getPbkdAlgorithm()
-    {
-        return pbkdAlgorithm;
-    }
-
-    public byte[] getMac()
-    {
-        return Arrays.clone(mac.getOctets());
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(macAlgorithm);
-        v.add(pbkdAlgorithm);
-        v.add(mac);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/bc/SecretKeyData.java b/bcprov/src/main/java/org/bouncycastle/asn1/bc/SecretKeyData.java
deleted file mode 100644
index 2e27d01..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/bc/SecretKeyData.java
+++ /dev/null

@@ -1,72 +0,0 @@
-package org.bouncycastle.asn1.bc;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.util.Arrays;
-
-/**
- * <pre>
- *     SecretKeyData ::= SEQUENCE {
- *         keyAlgorithm OBJECT IDENTIFIER,
- *         keyBytes OCTET STRING
- *     }
- * </pre>
- */
-public class SecretKeyData
-    extends ASN1Object
-{
-    private final ASN1ObjectIdentifier keyAlgorithm;
-    private final ASN1OctetString keyBytes;
-
-    public SecretKeyData(ASN1ObjectIdentifier keyAlgorithm, byte[] keyBytes)
-    {
-        this.keyAlgorithm = keyAlgorithm;
-        this.keyBytes = new DEROctetString(Arrays.clone(keyBytes));
-    }
-
-    private SecretKeyData(ASN1Sequence seq)
-    {
-        this.keyAlgorithm = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
-        this.keyBytes = ASN1OctetString.getInstance(seq.getObjectAt(1));
-    }
-
-    public static SecretKeyData getInstance(Object o)
-    {
-        if (o instanceof SecretKeyData)
-        {
-            return (SecretKeyData)o;
-        }
-        else if (o != null)
-        {
-            return new SecretKeyData(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public byte[] getKeyBytes()
-    {
-        return Arrays.clone(keyBytes.getOctets());
-    }
-
-    public ASN1ObjectIdentifier getKeyAlgorithm()
-    {
-        return keyAlgorithm;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(keyAlgorithm);
-        v.add(keyBytes);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/bc/SignatureCheck.java b/bcprov/src/main/java/org/bouncycastle/asn1/bc/SignatureCheck.java
deleted file mode 100644
index 1ac70b8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/bc/SignatureCheck.java
+++ /dev/null

@@ -1,117 +0,0 @@
-package org.bouncycastle.asn1.bc;
-
-import org.bouncycastle.asn1.ASN1BitString;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.Certificate;
-import org.bouncycastle.util.Arrays;
-
-/**
- * <pre>
- * SignatureCheck ::= SEQUENCE {
- *        signatureAlgorithm   AlgorithmIdentifier,
- *        certificates         [0] EXPLICIT Certificates OPTIONAL,
- *        signatureValue       BIT STRING
- * }
- *
- * Certificates ::= SEQUENCE OF Certificate
- * </pre>
- */
-public class SignatureCheck
-    extends ASN1Object
-{
-    private final AlgorithmIdentifier signatureAlgorithm;
-    private final ASN1Sequence certificates;
-    private final ASN1BitString signatureValue;
-
-    public SignatureCheck(AlgorithmIdentifier signatureAlgorithm, byte[] signature)
-    {
-        this.signatureAlgorithm = signatureAlgorithm;
-        this.certificates = null;
-        this.signatureValue = new DERBitString(Arrays.clone(signature));
-    }
-
-    public SignatureCheck(AlgorithmIdentifier signatureAlgorithm, Certificate[] certificates, byte[] signature)
-    {
-        this.signatureAlgorithm = signatureAlgorithm;
-        this.certificates = new DERSequence(certificates);
-        this.signatureValue = new DERBitString(Arrays.clone(signature));
-    }
-
-    private SignatureCheck(ASN1Sequence seq)
-    {
-        this.signatureAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(0));
-        int index = 1;
-        if (seq.getObjectAt(1) instanceof ASN1TaggedObject)
-        {
-            this.certificates = ASN1Sequence.getInstance(ASN1TaggedObject.getInstance(seq.getObjectAt(index++)).getObject());
-        }
-        else
-        {
-            this.certificates = null;
-        }
-        this.signatureValue = DERBitString.getInstance(seq.getObjectAt(index));
-    }
-
-    public static SignatureCheck getInstance(Object o)
-    {
-        if (o instanceof SignatureCheck)
-        {
-            return (SignatureCheck)o;
-        }
-        else if (o != null)
-        {
-            return new SignatureCheck(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public ASN1BitString getSignature()
-    {
-        return new DERBitString(Arrays.clone(signatureValue.getBytes()), signatureValue.getPadBits());
-    }
-
-    public AlgorithmIdentifier getSignatureAlgorithm()
-    {
-        return signatureAlgorithm;
-    }
-
-    public Certificate[] getCertificates()
-    {
-        if (certificates == null)
-        {
-            return null;
-        }
-        
-        Certificate[] certs = new Certificate[certificates.size()];
-
-        for (int i = 0; i != certs.length; i++)
-        {
-            certs[i] = Certificate.getInstance(certificates.getObjectAt(i));
-        }
-
-        return certs;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(signatureAlgorithm);
-        if (certificates != null)
-        {
-            v.add(new DERTaggedObject(0, certificates));
-        }
-        v.add(signatureValue);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/bc/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/bc/package.html
deleted file mode 100644
index a8beb00..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/bc/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-ASN.1 classes specific to the Bouncy Castle APIs.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/bsi/BSIObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/bsi/BSIObjectIdentifiers.java
deleted file mode 100644
index 0fe173e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/bsi/BSIObjectIdentifiers.java
+++ /dev/null

@@ -1,104 +0,0 @@
-package org.bouncycastle.asn1.bsi;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-
-/**
- * See https://www.bsi.bund.de/cae/servlet/contentblob/471398/publicationFile/30615/BSI-TR-03111_pdf.pdf
- */
-public interface BSIObjectIdentifiers
-{
-    static final ASN1ObjectIdentifier bsi_de = new ASN1ObjectIdentifier("0.4.0.127.0.7");
-
-    /* 0.4.0.127.0.7.1.1 */
-    static final ASN1ObjectIdentifier id_ecc = bsi_de.branch("1.1");
-    
-    /* 0.4.0.127.0.7.1.1.4.1 */
-    static final ASN1ObjectIdentifier ecdsa_plain_signatures = id_ecc.branch("4.1");
-    
-    /* 0.4.0.127.0.7.1.1.4.1.1 */
-    static final ASN1ObjectIdentifier ecdsa_plain_SHA1 = ecdsa_plain_signatures.branch("1");
-
-    /* 0.4.0.127.0.7.1.1.4.1.2 */
-    static final ASN1ObjectIdentifier ecdsa_plain_SHA224 = ecdsa_plain_signatures.branch("2");
-
-    /* 0.4.0.127.0.7.1.1.4.1.3 */
-    static final ASN1ObjectIdentifier ecdsa_plain_SHA256 = ecdsa_plain_signatures.branch("3");
-
-    /* 0.4.0.127.0.7.1.1.4.1.4 */
-    static final ASN1ObjectIdentifier ecdsa_plain_SHA384 = ecdsa_plain_signatures.branch("4");
-
-    /* 0.4.0.127.0.7.1.1.4.1.5 */
-    static final ASN1ObjectIdentifier ecdsa_plain_SHA512 = ecdsa_plain_signatures.branch("5");
-
-    /* 0.4.0.127.0.7.1.1.4.1.6 */
-    static final ASN1ObjectIdentifier ecdsa_plain_RIPEMD160 = ecdsa_plain_signatures.branch("6");
-
-	/** 0.4.0.127.0.7.1 */
-	static final ASN1ObjectIdentifier algorithm = bsi_de.branch("1");
-
-	static final ASN1ObjectIdentifier ecka_eg = id_ecc.branch("5.1");
-
-	/** ElGamal Elliptic Curve Key Agreement and Key Derivation according to X963 OID: 0.4.0.127.0.7.1.1.5.1.1 */
-	static final ASN1ObjectIdentifier ecka_eg_X963kdf = ecka_eg.branch("1");
-
-	/** ElGamal Elliptic Curve Key Agreement and Key Derivation according to X963
-	 * with hash function SHA-1
-	 * OID: 0.4.0.127.0.7.1.1.5.1.1.1 */
-	static final ASN1ObjectIdentifier ecka_eg_X963kdf_SHA1 = ecka_eg_X963kdf.branch("1");
-
-	/** ElGamal Elliptic Curve Key Agreement and Key Derivation according to X963
-	 * with hash function SHA224
-	 * OID: 0.4.0.127.0.7.1.1.5.1.1.2 */
-	static final ASN1ObjectIdentifier ecka_eg_X963kdf_SHA224 = ecka_eg_X963kdf.branch("2");
-
-	/** ElGamal Elliptic Curve Key Agreement and Key Derivation according to X963
-	 * with hash function SHA256
-	 * OID: 0.4.0.127.0.7.1.1.5.1.1.3 */
-	static final ASN1ObjectIdentifier ecka_eg_X963kdf_SHA256 = ecka_eg_X963kdf.branch("3");
-
-	/** ElGamal Elliptic Curve Key Agreement and Key Derivation according to X963
-	 * with hash function SHA384
-	 * OID: 0.4.0.127.0.7.1.1.5.1.1.4 */
-	static final ASN1ObjectIdentifier ecka_eg_X963kdf_SHA384 = ecka_eg_X963kdf.branch("4");
-
-	/** ElGamal Elliptic Curve Key Agreement and Key Derivation according to X963
-	 * with hash function SHA512
-	 * OID: 0.4.0.127.0.7.1.1.5.1.1.5 */
-	static final ASN1ObjectIdentifier ecka_eg_X963kdf_SHA512 = ecka_eg_X963kdf.branch("5");
-
-	/** ElGamal Elliptic Curve Key Agreement and Key Derivation according to X963
-	 * with hash function RIPEMD160
-	 * OID: 0.4.0.127.0.7.1.1.5.1.1.6 */
-	static final ASN1ObjectIdentifier ecka_eg_X963kdf_RIPEMD160 = ecka_eg_X963kdf.branch("6");
-
-	/**
-	 * 	Key Derivation Function for Session Keys
-	 */
-	static final ASN1ObjectIdentifier ecka_eg_SessionKDF = ecka_eg.branch("2");
-
-	static final ASN1ObjectIdentifier ecka_eg_SessionKDF_3DES    = ecka_eg_SessionKDF.branch("1");
-	static final ASN1ObjectIdentifier ecka_eg_SessionKDF_AES128  = ecka_eg_SessionKDF.branch("2");
-	static final ASN1ObjectIdentifier ecka_eg_SessionKDF_AES192  = ecka_eg_SessionKDF.branch("3");
-	static final ASN1ObjectIdentifier ecka_eg_SessionKDF_AES256  = ecka_eg_SessionKDF.branch("4");
-
-	/** AES encryption (CBC) and authentication (CMAC)
-	 * OID: 0.4.0.127.0.7.1.x */
-	//TODO: replace "1" with correct OID
-	//static final ASN1ObjectIdentifier aes_cbc_cmac = algorithm.branch("1");
-
-	/** AES encryption (CBC) and authentication (CMAC) with 128 bit
-	 * OID: 0.4.0.127.0.7.1.x.y1 */
-	//TODO:  replace "1" with correct OID
-	//static final ASN1ObjectIdentifier id_aes128_CBC_CMAC = aes_cbc_cmac.branch("1");
-
-
-	/** AES encryption (CBC) and authentication (CMAC) with 192 bit
-	 * OID: 0.4.0.127.0.7.1.x.y2 */
-	//TODO:  replace "1" with correct OID
-	//static final ASN1ObjectIdentifier id_aes192_CBC_CMAC = aes_cbc_cmac.branch("1");
-
-	/** AES encryption (CBC) and authentication (CMAC) with 256 bit
-	 * OID: 0.4.0.127.0.7.1.x.y3 */
-	//TODO:  replace "1" with correct OID
-	//static final ASN1ObjectIdentifier id_aes256_CBC_CMAC = aes_cbc_cmac.branch("1");
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/bsi/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/bsi/package.html
deleted file mode 100644
index be9bd80..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/bsi/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-ASN.1 classes specific to the Bundesamt f&uuml;r Sicherheit in der Informationstechnik (BSI) standards.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/BodyPartID.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/BodyPartID.java
deleted file mode 100644
index 5d09025..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/BodyPartID.java
+++ /dev/null

@@ -1,71 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-
-/**
- * <pre>
- *       bodyIdMax INTEGER ::= 4294967295
- *
- *       BodyPartID ::= INTEGER(0..bodyIdMax)
- * </pre>
- */
-public class BodyPartID
-    extends ASN1Object
-{
-    public static final long bodyIdMax = 4294967295L;
-
-    private final long id;
-
-    public BodyPartID(long id)
-    {
-        if (id < 0 || id > bodyIdMax)
-        {
-            throw new IllegalArgumentException("id out of range");
-        }
-
-        this.id = id;
-    }
-
-    private static long convert(BigInteger value)
-    {
-        if (value.bitLength() > 32)
-        {
-            throw new IllegalArgumentException("id out of range");
-        }
-        return value.longValue();
-    }
-
-    private BodyPartID(ASN1Integer id)
-    {
-        this(convert(id.getValue()));
-    }
-
-    public static BodyPartID getInstance(Object o)
-    {
-        if (o instanceof BodyPartID)
-        {
-            return (BodyPartID)o;
-        }
-
-        if (o != null)
-        {
-            return new BodyPartID(ASN1Integer.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public long getID()
-    {
-        return id;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return new ASN1Integer(id);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/BodyPartList.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/BodyPartList.java
deleted file mode 100644
index beda49b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/BodyPartList.java
+++ /dev/null

@@ -1,75 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <pre>
- *   BodyPartList ::= SEQUENCE SIZE (1..MAX) OF BodyPartID
- * </pre>
- */
-public class BodyPartList
-    extends ASN1Object
-{
-    private final BodyPartID[] bodyPartIDs;
-
-    public static BodyPartList getInstance(
-        Object  obj)
-    {
-        if (obj instanceof BodyPartList)
-        {
-            return (BodyPartList)obj;
-        }
-
-        if (obj != null)
-        {
-            return new BodyPartList(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public static BodyPartList getInstance(
-        ASN1TaggedObject obj,
-        boolean          explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    /**
-     * Construct a BodyPartList object containing one BodyPartID.
-     *
-     * @param bodyPartID the BodyPartID to be contained.
-     */
-    public BodyPartList(
-        BodyPartID  bodyPartID)
-    {
-        this.bodyPartIDs = new BodyPartID[] { bodyPartID };
-    }
-
-
-    public BodyPartList(
-        BodyPartID[] bodyPartIDs)
-    {
-        this.bodyPartIDs = Utils.clone(bodyPartIDs);
-    }
-
-    private BodyPartList(
-        ASN1Sequence  seq)
-    {
-        this.bodyPartIDs = Utils.toBodyPartIDArray(seq);
-    }
-
-    public BodyPartID[] getBodyPartIDs()
-    {
-        return Utils.clone(bodyPartIDs);
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return new DERSequence(bodyPartIDs);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/BodyPartPath.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/BodyPartPath.java
deleted file mode 100644
index aac9ec0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/BodyPartPath.java
+++ /dev/null

@@ -1,75 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <pre>
- *    BodyPartPath ::= SEQUENCE SIZE (1..MAX) OF BodyPartID
- * </pre>
- */
-public class BodyPartPath
-    extends ASN1Object
-{
-    private final BodyPartID[] bodyPartIDs;
-
-    public static BodyPartPath getInstance(
-        Object  obj)
-    {
-        if (obj instanceof BodyPartPath)
-        {
-            return (BodyPartPath)obj;
-        }
-
-        if (obj != null)
-        {
-            return new BodyPartPath(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public static BodyPartPath getInstance(
-        ASN1TaggedObject obj,
-        boolean          explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    /**
-     * Construct a BodyPartPath object containing one BodyPartID.
-     *
-     * @param bodyPartID the BodyPartID to be contained.
-     */
-    public BodyPartPath(
-        BodyPartID  bodyPartID)
-    {
-        this.bodyPartIDs = new BodyPartID[] { bodyPartID };
-    }
-
-
-    public BodyPartPath(
-        BodyPartID[] bodyPartIDs)
-    {
-        this.bodyPartIDs = Utils.clone(bodyPartIDs);
-    }
-
-    private BodyPartPath(
-        ASN1Sequence  seq)
-    {
-        this.bodyPartIDs = Utils.toBodyPartIDArray(seq);
-    }
-
-    public BodyPartID[] getBodyPartIDs()
-    {
-        return Utils.clone(bodyPartIDs);
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return new DERSequence(bodyPartIDs);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/BodyPartReference.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/BodyPartReference.java
deleted file mode 100644
index de2ff47..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/BodyPartReference.java
+++ /dev/null

@@ -1,105 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-
-/**
- * <pre>
- * BodyPartReference ::= CHOICE {
- *    bodyPartID           BodyPartID,
- *    bodyPartPath         BodyPartPath
- * }
- * </pre>
- */
-public class BodyPartReference
-    extends ASN1Object
-    implements ASN1Choice
-{
-    private final BodyPartID bodyPartID;
-    private final BodyPartPath bodyPartPath;
-
-    public BodyPartReference(BodyPartID bodyPartID)
-    {
-        this.bodyPartID = bodyPartID;
-        this.bodyPartPath = null;
-    }
-
-    public BodyPartReference(BodyPartPath bodyPartPath)
-    {
-        this.bodyPartID = null;
-        this.bodyPartPath = bodyPartPath;
-    }
-
-    public static BodyPartReference getInstance(
-        Object  obj)
-    {
-        if (obj instanceof BodyPartReference)
-        {
-            return (BodyPartReference)obj;
-        }
-
-        if (obj != null)
-        {
-            if (obj instanceof ASN1Encodable)
-            {
-                ASN1Encodable asn1Prim = ((ASN1Encodable)obj).toASN1Primitive();
-
-                if (asn1Prim instanceof ASN1Integer)
-                {
-                    return new BodyPartReference(BodyPartID.getInstance(asn1Prim));
-                }
-                if (asn1Prim instanceof ASN1Sequence)
-                {
-                    return new BodyPartReference(BodyPartPath.getInstance(asn1Prim));
-                }
-            }
-            if (obj instanceof byte[])
-            {
-                try
-                {
-                    return getInstance(ASN1Primitive.fromByteArray((byte[])obj));
-                }
-                catch (IOException e)
-                {
-                    throw new IllegalArgumentException("unknown encoding in getInstance()");
-                }
-            }
-            throw new IllegalArgumentException("unknown object in getInstance(): " + obj.getClass().getName());
-        }
-
-        return null;
-    }
-
-    public boolean isBodyPartID()
-    {
-        return bodyPartID != null;
-    }
-
-    public BodyPartID getBodyPartID()
-    {
-        return bodyPartID;
-    }
-
-    public BodyPartPath getBodyPartPath()
-    {
-        return bodyPartPath;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        if (bodyPartID != null)
-        {
-            return bodyPartID.toASN1Primitive();
-        }
-        else
-        {
-            return bodyPartPath.toASN1Primitive();
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CMCFailInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CMCFailInfo.java
deleted file mode 100644
index b71dd14..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CMCFailInfo.java
+++ /dev/null

@@ -1,104 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-
-/**
- * <pre>
- * CMCFailInfo ::= INTEGER {
- *     badAlg          (0),
- *     badMessageCheck (1),
- *     badRequest      (2),
- *     badTime         (3),
- *     badCertId       (4),
- *     unsupportedExt  (5),
- *     mustArchiveKeys (6),
- *     badIdentity     (7),
- *     popRequired     (8),
- *     popFailed       (9),
- *     noKeyReuse      (10),
- *     internalCAError (11),
- *     tryLater        (12),
- *     authDataFail    (13)
- * }
- * </pre>
- */
-public class CMCFailInfo
-    extends ASN1Object
-{
-    public static final CMCFailInfo badAlg = new CMCFailInfo(new ASN1Integer(0));
-    public static final CMCFailInfo badMessageCheck = new CMCFailInfo(new ASN1Integer(1));
-    public static final CMCFailInfo badRequest = new CMCFailInfo(new ASN1Integer(2));
-    public static final CMCFailInfo badTime = new CMCFailInfo(new ASN1Integer(3));
-    public static final CMCFailInfo badCertId = new CMCFailInfo(new ASN1Integer(4));
-    public static final CMCFailInfo unsupportedExt = new CMCFailInfo(new ASN1Integer(5));
-    public static final CMCFailInfo mustArchiveKeys = new CMCFailInfo(new ASN1Integer(6));
-    public static final CMCFailInfo badIdentity = new CMCFailInfo(new ASN1Integer(7));
-    public static final CMCFailInfo popRequired = new CMCFailInfo(new ASN1Integer(8));
-    public static final CMCFailInfo popFailed = new CMCFailInfo(new ASN1Integer(9));
-    public static final CMCFailInfo noKeyReuse = new CMCFailInfo(new ASN1Integer(10));
-    public static final CMCFailInfo internalCAError = new CMCFailInfo(new ASN1Integer(11));
-    public static final CMCFailInfo tryLater = new CMCFailInfo(new ASN1Integer(12));
-    public static final CMCFailInfo authDataFail = new CMCFailInfo(new ASN1Integer(13));
-
-    private static Map range = new HashMap();
-
-    static
-    {
-        range.put(badAlg.value, badAlg);
-        range.put(badMessageCheck.value, badMessageCheck);
-        range.put(badRequest.value, badRequest);
-        range.put(badTime.value, badTime);
-        range.put(badCertId.value, badCertId);
-        range.put(popRequired.value, popRequired);
-        range.put(unsupportedExt.value, unsupportedExt);
-        range.put(mustArchiveKeys.value, mustArchiveKeys);
-        range.put(badIdentity.value, badIdentity);
-        range.put(popRequired.value, popRequired);
-        range.put(popFailed.value, popFailed);
-        range.put(badCertId.value, badCertId);
-        range.put(popRequired.value, popRequired);
-        range.put(noKeyReuse.value, noKeyReuse);
-        range.put(internalCAError.value, internalCAError);
-        range.put(tryLater.value, tryLater);
-        range.put(authDataFail.value, authDataFail);
-    }
-
-    private final ASN1Integer value;
-
-    private CMCFailInfo(ASN1Integer value)
-    {
-         this.value = value;
-    }
-
-    public static CMCFailInfo getInstance(Object o)
-    {
-        if (o instanceof CMCFailInfo)
-        {
-            return (CMCFailInfo)o;
-        }
-
-        if (o != null)
-        {
-            CMCFailInfo status = (CMCFailInfo)range.get(ASN1Integer.getInstance(o));
-
-            if (status != null)
-            {
-                return status;
-            }
-
-            throw new IllegalArgumentException("unknown object in getInstance(): " + o.getClass().getName());
-        }
-
-        return null;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return value;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CMCObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CMCObjectIdentifiers.java
deleted file mode 100644
index c1c5a03..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CMCObjectIdentifiers.java
+++ /dev/null

@@ -1,101 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-
-/**
- * Object Identifiers from RFC 5272
- */
-public interface CMCObjectIdentifiers
-{
-    //   id_pkix OBJECT IDENTIFIER  ::= { iso(1) identified_organization(3)
-    //       dod(6) internet(1) security(5) mechanisms(5) pkix(7) }
-   ASN1ObjectIdentifier id_pkix = new ASN1ObjectIdentifier("1.3.6.1.5.5.7");
-        
-   ASN1ObjectIdentifier id_cmc =  id_pkix.branch("7");   // CMC controls
-   ASN1ObjectIdentifier id_cct =  id_pkix.branch("12");  // CMC content types
-  
-   // The following controls have the type OCTET STRING
-  
-   ASN1ObjectIdentifier id_cmc_identityProof =  id_cmc.branch("3");
-   ASN1ObjectIdentifier id_cmc_dataReturn =  id_cmc.branch("4");
-   ASN1ObjectIdentifier id_cmc_regInfo =  id_cmc.branch("18");
-   ASN1ObjectIdentifier id_cmc_responseInfo =  id_cmc.branch("19");
-   ASN1ObjectIdentifier id_cmc_queryPending =  id_cmc.branch("21");
-   ASN1ObjectIdentifier id_cmc_popLinkRandom =  id_cmc.branch("22");
-   ASN1ObjectIdentifier id_cmc_popLinkWitness =  id_cmc.branch("23");
-  
-   // The following controls have the type UTF8String
-  
-   ASN1ObjectIdentifier id_cmc_identification =  id_cmc.branch("2");
-  
-   // The following controls have the type INTEGER
-  
-   ASN1ObjectIdentifier id_cmc_transactionId =  id_cmc.branch("5");
-  
-   // The following controls have the type OCTET STRING
-  
-   ASN1ObjectIdentifier id_cmc_senderNonce =  id_cmc.branch("6");
-   ASN1ObjectIdentifier id_cmc_recipientNonce =  id_cmc.branch("7");
-  
-    // This is the content type used for a request message in the protocol
-  
-   ASN1ObjectIdentifier id_cct_PKIData =  id_cct.branch("2");
-
-    //  This defines the response message in the protocol
-    ASN1ObjectIdentifier id_cct_PKIResponse = id_cct.branch("3");
-
-    // Used to return status state in a response
-
-    ASN1ObjectIdentifier id_cmc_statusInfo = id_cmc.branch("1");
-
-
-    // Used for RAs to add extensions to certification requests
-    ASN1ObjectIdentifier id_cmc_addExtensions = id_cmc.branch("8");
-
-    ASN1ObjectIdentifier id_cmc_encryptedPOP = id_cmc.branch("9");
-    ASN1ObjectIdentifier id_cmc_decryptedPOP = id_cmc.branch("10");
-
-
-    ASN1ObjectIdentifier id_cmc_lraPOPWitness = id_cmc.branch("11");
-
-    ASN1ObjectIdentifier id_cmc_getCert = id_cmc.branch("15");
-
-    ASN1ObjectIdentifier id_cmc_getCRL = id_cmc.branch("16");
-
-    ASN1ObjectIdentifier id_cmc_revokeRequest = id_cmc.branch("17");
-
-
-    ASN1ObjectIdentifier id_cmc_confirmCertAcceptance = id_cmc.branch("24");
-
-    //  Replaces CMC Status Info
-    //
-
-    ASN1ObjectIdentifier id_cmc_statusInfoV2 = id_cmc.branch("25");
-
-
-    //  Allow for distribution of trust anchors
-    //
-
-    ASN1ObjectIdentifier id_cmc_trustedAnchors = id_cmc.branch("26");
-
-    ASN1ObjectIdentifier id_cmc_authData = id_cmc.branch("27");
-
-    //   These two items use BodyPartList
-    ASN1ObjectIdentifier id_cmc_batchRequests = id_cmc.branch("28");
-    ASN1ObjectIdentifier id_cmc_batchResponses = id_cmc.branch("29");
-
-    ASN1ObjectIdentifier id_cmc_publishCert = id_cmc.branch("30");
-
-    ASN1ObjectIdentifier id_cmc_modCertTemplate = id_cmc.branch("31");
-
-    // Inform follow on servers that one or more controls have already been
-    // processed
-
-    ASN1ObjectIdentifier id_cmc_controlProcessed = id_cmc.branch("32");
-
-    //  Identity Proof control w/ algorithm agility
-
-    ASN1ObjectIdentifier id_cmc_identityProofV2 = id_cmc.branch("34");
-    
-    ASN1ObjectIdentifier id_cmc_popLinkWitnessV2 = id_cmc.branch("33");
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CMCPublicationInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CMCPublicationInfo.java
deleted file mode 100644
index c8c08c2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CMCPublicationInfo.java
+++ /dev/null

@@ -1,103 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.crmf.PKIPublicationInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.Arrays;
-
-/**
- *<pre>
- *      CMCPublicationInfo ::= SEQUENCE {
- *           hashAlg                      AlgorithmIdentifier,
- *           certHashes                   SEQUENCE OF OCTET STRING,
- *           pubInfo                      PKIPublicationInfo
- * }
- *
- *</pre>
- */
-public class CMCPublicationInfo
-    extends ASN1Object
-{
-    private final AlgorithmIdentifier hashAlg;
-    private final ASN1Sequence certHashes;
-    private final PKIPublicationInfo pubInfo;
-
-    public CMCPublicationInfo(AlgorithmIdentifier hashAlg, byte[][] anchorHashes, PKIPublicationInfo pubInfo)
-    {
-        this.hashAlg = hashAlg;
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        for (int i = 0; i != anchorHashes.length; i++)
-        {
-             v.add(new DEROctetString(Arrays.clone(anchorHashes[i])));
-        }
-        this.certHashes = new DERSequence(v);
-
-        this.pubInfo = pubInfo;
-    }
-
-    private CMCPublicationInfo(ASN1Sequence seq)
-    {
-        if (seq.size() != 3)
-        {
-            throw new IllegalArgumentException("incorrect sequence size");
-        }
-        this.hashAlg = AlgorithmIdentifier.getInstance(seq.getObjectAt(0));
-        this.certHashes = ASN1Sequence.getInstance(seq.getObjectAt(1));
-        this.pubInfo = PKIPublicationInfo.getInstance(seq.getObjectAt(2));
-    }
-
-    public static CMCPublicationInfo getInstance(Object o)
-    {
-        if (o instanceof CMCPublicationInfo)
-        {
-            return (CMCPublicationInfo)o;
-        }
-
-        if (o != null)
-        {
-            return new CMCPublicationInfo(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public AlgorithmIdentifier getHashAlg()
-    {
-        return hashAlg;
-    }
-
-    public byte[][] getCertHashes()
-    {
-        byte[][] hashes = new byte[certHashes.size()][];
-
-        for (int i = 0; i != hashes.length; i++)
-        {
-            hashes[i] = Arrays.clone(ASN1OctetString.getInstance(certHashes.getObjectAt(i)).getOctets());
-        }
-
-        return hashes;
-    }
-
-    public PKIPublicationInfo getPubInfo()
-    {
-        return pubInfo;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(hashAlg);
-        v.add(certHashes);
-        v.add(pubInfo);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CMCStatus.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CMCStatus.java
deleted file mode 100644
index 8aa8c85..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CMCStatus.java
+++ /dev/null

@@ -1,81 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-
-/**
- * <pre>
- *
- * CMCStatus ::= INTEGER {
- *    success         (0),
- *    failed          (2),
- *    pending         (3),
- *    noSupport       (4),
- *    confirmRequired (5),
- *    popRequired     (6),
- *    partial         (7)
- * }
- * </pre>
- */
-public class CMCStatus
-    extends ASN1Object
-{
-    public static final CMCStatus success = new CMCStatus(new ASN1Integer(0));
-    public static final CMCStatus failed = new CMCStatus(new ASN1Integer(2));
-    public static final CMCStatus pending = new CMCStatus(new ASN1Integer(3));
-    public static final CMCStatus noSupport = new CMCStatus(new ASN1Integer(4));
-    public static final CMCStatus confirmRequired = new CMCStatus(new ASN1Integer(5));
-    public static final CMCStatus popRequired = new CMCStatus(new ASN1Integer(6));
-    public static final CMCStatus partial = new CMCStatus(new ASN1Integer(7));
-
-    private static Map range = new HashMap();
-
-    static
-    {
-        range.put(success.value, success);
-        range.put(failed.value, failed);
-        range.put(pending.value, pending);
-        range.put(noSupport.value, noSupport);
-        range.put(confirmRequired.value, confirmRequired);
-        range.put(popRequired.value, popRequired);
-        range.put(partial.value, partial);
-    }
-
-    private final ASN1Integer value;
-
-    private CMCStatus(ASN1Integer value)
-    {
-         this.value = value;
-    }
-
-    public static CMCStatus getInstance(Object o)
-    {
-        if (o instanceof CMCStatus)
-        {
-            return (CMCStatus)o;
-        }
-
-        if (o != null)
-        {
-            CMCStatus status = (CMCStatus)range.get(ASN1Integer.getInstance(o));
-
-            if (status != null)
-            {
-                return status;
-            }
-
-            throw new IllegalArgumentException("unknown object in getInstance(): " + o.getClass().getName());
-        }
-
-        return null;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return value;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CMCStatusInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CMCStatusInfo.java
deleted file mode 100644
index e26e611..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CMCStatusInfo.java
+++ /dev/null

@@ -1,198 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERUTF8String;
-
-/**
- * <pre>
- * -- Used to return status state in a response
- *
- * id-cmc-statusInfo OBJECT IDENTIFIER ::= {id-cmc 1}
- *
- * CMCStatusInfo ::= SEQUENCE {
- *     cMCStatus       CMCStatus,
- *     bodyList        SEQUENCE SIZE (1..MAX) OF BodyPartID,
- *     statusString    UTF8String OPTIONAL,
- *     otherInfo        CHOICE {
- *       failInfo         CMCFailInfo,
- *       pendInfo         PendInfo } OPTIONAL
- * }
- * </pre>
- */
-public class CMCStatusInfo
-    extends ASN1Object
-{
-    private final CMCStatus cMCStatus;
-    private final ASN1Sequence bodyList;
-    private final DERUTF8String statusString;
-    private final OtherInfo otherInfo;
-
-    CMCStatusInfo(CMCStatus cMCStatus, ASN1Sequence bodyList, DERUTF8String statusString, OtherInfo otherInfo)
-    {
-        this.cMCStatus = cMCStatus;
-        this.bodyList = bodyList;
-        this.statusString = statusString;
-        this.otherInfo = otherInfo;
-    }
-
-    private CMCStatusInfo(ASN1Sequence seq)
-    {
-        if (seq.size() < 2 || seq.size() > 4)
-        {
-            throw new IllegalArgumentException("incorrect sequence size");
-        }
-        this.cMCStatus = CMCStatus.getInstance(seq.getObjectAt(0));
-        this.bodyList = ASN1Sequence.getInstance(seq.getObjectAt(1));
-
-        if (seq.size() > 3)
-        {
-            this.statusString = DERUTF8String.getInstance(seq.getObjectAt(2));
-            this.otherInfo = OtherInfo.getInstance(seq.getObjectAt(3));
-        }
-        else if (seq.size() > 2)
-        {
-            if (seq.getObjectAt(2) instanceof  DERUTF8String)
-            {
-                this.statusString = DERUTF8String.getInstance(seq.getObjectAt(2));
-                this.otherInfo = null;
-            }
-            else
-            {
-                this.statusString = null;
-                this.otherInfo = OtherInfo.getInstance(seq.getObjectAt(2));
-            }
-        }
-        else
-        {
-            this.statusString = null;
-            this.otherInfo = null;
-        }
-    }
-
-    public static CMCStatusInfo getInstance(Object o)
-    {
-        if (o instanceof CMCStatusInfo)
-        {
-            return (CMCStatusInfo)o;
-        }
-
-        if (o != null)
-        {
-            return new CMCStatusInfo(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        v.add(cMCStatus);
-        v.add(bodyList);
-        if (statusString != null)
-        {
-            v.add(statusString);
-        }
-        if (otherInfo != null)
-        {
-            v.add(otherInfo);
-        }
-        return new DERSequence(v);
-    }
-
-    public CMCStatus getCMCStatus()
-    {
-        return cMCStatus;
-    }
-
-    public BodyPartID[] getBodyList()
-    {
-        return Utils.toBodyPartIDArray(bodyList);
-    }
-
-    public DERUTF8String getStatusString()
-    {
-        return statusString;
-    }
-
-    public boolean hasOtherInfo()
-    {
-        return otherInfo != null;
-    }
-
-    public OtherInfo getOtherInfo()
-    {
-        return otherInfo;
-    }
-
-    /**
-     * Other info implements the choice component of CMCStatusInfo.
-     */
-    public static class OtherInfo
-        extends ASN1Object
-        implements ASN1Choice
-    {
-        private final CMCFailInfo failInfo;
-        private final PendInfo pendInfo;
-
-        private static OtherInfo getInstance(Object obj)
-        {
-            if (obj instanceof OtherInfo)
-            {
-                return (OtherInfo)obj;
-            }
-
-            if (obj instanceof ASN1Encodable)
-            {
-                ASN1Encodable asn1Value = ((ASN1Encodable)obj).toASN1Primitive();
-
-                if (asn1Value instanceof ASN1Integer) // CMCFail info is an asn1 integer.
-                {
-                    return new OtherInfo(CMCFailInfo.getInstance(asn1Value));
-                }
-                else if (asn1Value instanceof ASN1Sequence) // PendInfo is a sequence.
-                {
-                    return new OtherInfo(PendInfo.getInstance(asn1Value));
-                }
-            }
-            throw new IllegalArgumentException("unknown object in getInstance(): " + obj.getClass().getName());
-        }
-
-        OtherInfo(CMCFailInfo failInfo)
-        {
-            this(failInfo, null);
-        }
-
-        OtherInfo(PendInfo pendInfo)
-        {
-            this(null, pendInfo);
-        }
-
-        private OtherInfo(CMCFailInfo failInfo, PendInfo pendInfo)
-        {
-            this.failInfo = failInfo;
-            this.pendInfo = pendInfo;
-        }
-
-        public boolean isFailInfo()
-        {
-            return failInfo != null;
-        }
-
-        public ASN1Primitive toASN1Primitive()
-        {
-            if (pendInfo != null)
-            {
-                return pendInfo.toASN1Primitive();
-            }
-            return failInfo.toASN1Primitive();
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CMCStatusInfoBuilder.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CMCStatusInfoBuilder.java
deleted file mode 100644
index e7c9205..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CMCStatusInfoBuilder.java
+++ /dev/null

@@ -1,52 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERUTF8String;
-
-public class CMCStatusInfoBuilder
-{
-    private final CMCStatus cMCStatus;
-    private final ASN1Sequence bodyList;
-
-    private DERUTF8String statusString;
-    private CMCStatusInfo.OtherInfo otherInfo;
-
-    public CMCStatusInfoBuilder(CMCStatus cMCStatus, BodyPartID bodyPartID)
-    {
-        this.cMCStatus = cMCStatus;
-        this.bodyList = new DERSequence(bodyPartID);
-    }
-
-    public CMCStatusInfoBuilder(CMCStatus cMCStatus, BodyPartID[] bodyList)
-    {
-        this.cMCStatus = cMCStatus;
-        this.bodyList = new DERSequence(bodyList);
-    }
-
-    public CMCStatusInfoBuilder setStatusString(String statusString)
-    {
-        this.statusString = new DERUTF8String(statusString);
-
-        return this;
-    }
-
-    public CMCStatusInfoBuilder setOtherInfo(CMCFailInfo failInfo)
-    {
-        this.otherInfo = new CMCStatusInfo.OtherInfo(failInfo);
-
-        return this;
-    }
-
-    public CMCStatusInfoBuilder setOtherInfo(PendInfo pendInfo)
-    {
-        this.otherInfo = new CMCStatusInfo.OtherInfo(pendInfo);
-
-        return this;
-    }
-
-    public CMCStatusInfo build()
-    {
-        return new CMCStatusInfo(cMCStatus, bodyList, statusString, otherInfo);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CMCStatusInfoV2.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CMCStatusInfoV2.java
deleted file mode 100644
index b3ce962..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CMCStatusInfoV2.java
+++ /dev/null

@@ -1,151 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERUTF8String;
-
-/**
- * <pre>
- * --  Replaces CMC Status Info
- * --
- *
- * id-cmc-statusInfoV2 OBJECT IDENTIFIER ::= {id-cmc 25}
- *
- * CMCStatusInfoV2 ::= SEQUENCE {
- *  cMCStatus             CMCStatus,
- *  bodyList              SEQUENCE SIZE (1..MAX) OF BodyPartReference,
- *  statusString          UTF8String OPTIONAL,
- *  otherStatusInfo             OtherStatusInfo OPTIONAL
- * }
- *
- * OtherStatusInfo ::= CHOICE {
- *  failInfo              CMCFailInfo,
- *  pendInfo              PendInfo,
- *  extendedFailInfo      ExtendedFailInfo
- * }
- *
- * PendInfo ::= SEQUENCE {
- * pendToken           OCTET STRING,
- * pendTime            GeneralizedTime
- * }
- *
- * ExtendedFailInfo ::= SEQUENCE {
- * failInfoOID            OBJECT IDENTIFIER,
- * failInfoValue          ANY DEFINED BY failInfoOID
- * }
- * </pre>
- */
-public class CMCStatusInfoV2
-    extends ASN1Object
-{
-    private final CMCStatus cMCStatus;
-    private final ASN1Sequence bodyList;
-    private final DERUTF8String statusString;
-    private final OtherStatusInfo otherStatusInfo;
-
-    CMCStatusInfoV2(CMCStatus cMCStatus, ASN1Sequence bodyList, DERUTF8String statusString, OtherStatusInfo otherStatusInfo)
-    {
-        this.cMCStatus = cMCStatus;
-        this.bodyList = bodyList;
-        this.statusString = statusString;
-        this.otherStatusInfo = otherStatusInfo;
-    }
-
-    private CMCStatusInfoV2(ASN1Sequence seq)
-    {
-        if (seq.size() < 2 || seq.size() > 4)
-        {
-            throw new IllegalArgumentException("incorrect sequence size");
-        }
-        this.cMCStatus = CMCStatus.getInstance(seq.getObjectAt(0));
-        this.bodyList = ASN1Sequence.getInstance(seq.getObjectAt(1));
-
-        if (seq.size() > 2)
-        {
-            if (seq.size() == 4)
-            {
-                this.statusString = DERUTF8String.getInstance(seq.getObjectAt(2));
-                this.otherStatusInfo = OtherStatusInfo.getInstance(seq.getObjectAt(3));
-            }
-            else if (seq.getObjectAt(2) instanceof DERUTF8String)
-            {
-                this.statusString = DERUTF8String.getInstance(seq.getObjectAt(2));
-                this.otherStatusInfo = null;
-            }
-            else
-            {
-                this.statusString = null;
-                this.otherStatusInfo = OtherStatusInfo.getInstance(seq.getObjectAt(2));
-            }
-        }
-        else
-        {
-            this.statusString = null;
-            this.otherStatusInfo = null;
-        }
-    }
-
-
-    public CMCStatus getcMCStatus()
-    {
-        return cMCStatus;
-    }
-
-    public BodyPartID[] getBodyList()
-    {
-        return Utils.toBodyPartIDArray(bodyList);
-    }
-
-    public DERUTF8String getStatusString()
-    {
-        return statusString;
-    }
-
-    public OtherStatusInfo getOtherStatusInfo()
-    {
-        return otherStatusInfo;
-    }
-
-    public boolean hasOtherInfo()
-    {
-        return otherStatusInfo != null;
-    }
-
-    public static CMCStatusInfoV2 getInstance(Object o)
-    {
-        if (o instanceof CMCStatusInfoV2)
-        {
-            return (CMCStatusInfoV2)o;
-        }
-
-        if (o != null)
-        {
-            return new CMCStatusInfoV2(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(cMCStatus);
-        v.add(bodyList);
-
-        if (statusString != null)
-        {
-            v.add(statusString);
-        }
-
-        if (otherStatusInfo != null)
-        {
-            v.add(otherStatusInfo);
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CMCStatusInfoV2Builder.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CMCStatusInfoV2Builder.java
deleted file mode 100644
index b36912a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CMCStatusInfoV2Builder.java
+++ /dev/null

@@ -1,59 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERUTF8String;
-
-public class CMCStatusInfoV2Builder
-{
-    private final CMCStatus cMCStatus;
-    private final ASN1Sequence bodyList;
-
-    private DERUTF8String statusString;
-    private OtherStatusInfo otherInfo;
-
-    public CMCStatusInfoV2Builder(CMCStatus cMCStatus, BodyPartID bodyPartID)
-    {
-        this.cMCStatus = cMCStatus;
-        this.bodyList = new DERSequence(bodyPartID);
-    }
-
-    public CMCStatusInfoV2Builder(CMCStatus cMCStatus, BodyPartID[] bodyList)
-    {
-        this.cMCStatus = cMCStatus;
-        this.bodyList = new DERSequence(bodyList);
-    }
-
-    public CMCStatusInfoV2Builder setStatusString(String statusString)
-    {
-        this.statusString = new DERUTF8String(statusString);
-
-        return this;
-    }
-
-    public CMCStatusInfoV2Builder setOtherInfo(CMCFailInfo failInfo)
-    {
-        this.otherInfo = new OtherStatusInfo(failInfo);
-
-        return this;
-    }
-
-    public CMCStatusInfoV2Builder setOtherInfo(ExtendedFailInfo extendedFailInfo)
-    {
-        this.otherInfo = new OtherStatusInfo(extendedFailInfo);
-
-        return this;
-    }
-
-    public CMCStatusInfoV2Builder setOtherInfo(PendInfo pendInfo)
-    {
-        this.otherInfo = new OtherStatusInfo(pendInfo);
-
-        return this;
-    }
-
-    public CMCStatusInfoV2 build()
-    {
-        return new CMCStatusInfoV2(cMCStatus, bodyList, statusString, otherInfo);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CMCUnsignedData.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CMCUnsignedData.java
deleted file mode 100644
index 2ea2a2a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CMCUnsignedData.java
+++ /dev/null

@@ -1,87 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <pre>
- *      id-aa-cmc-unsignedData OBJECT IDENTIFIER ::= {id-aa 34}
- *
- *      CMCUnsignedData ::= SEQUENCE {
- *             bodyPartPath        BodyPartPath,
- *             identifier          OBJECT IDENTIFIER,
- *             content             ANY DEFINED BY identifier
- *      }
- * </pre>
- */
-public class CMCUnsignedData
-    extends ASN1Object
-{
-    private final BodyPartPath bodyPartPath;
-    private final ASN1ObjectIdentifier identifier;
-    private final ASN1Encodable content;
-
-    public CMCUnsignedData(BodyPartPath bodyPartPath, ASN1ObjectIdentifier identifier, ASN1Encodable content)
-    {
-        this.bodyPartPath = bodyPartPath;
-        this.identifier = identifier;
-        this.content = content;
-    }
-
-    private CMCUnsignedData(ASN1Sequence seq)
-    {
-        if (seq.size() != 3)
-        {
-            throw new IllegalArgumentException("incorrect sequence size");
-        }
-        this.bodyPartPath = BodyPartPath.getInstance(seq.getObjectAt(0));
-        this.identifier = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(1));
-        this.content = seq.getObjectAt(2);
-    }
-
-    public static CMCUnsignedData getInstance(Object o)
-    {
-        if (o instanceof CMCUnsignedData)
-        {
-            return (CMCUnsignedData)o;
-        }
-
-        if (o != null)
-        {
-            return new CMCUnsignedData(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(bodyPartPath);
-        v.add(identifier);
-        v.add(content);
-
-        return new DERSequence(v);
-    }
-
-    public BodyPartPath getBodyPartPath()
-    {
-        return bodyPartPath;
-    }
-
-    public ASN1ObjectIdentifier getIdentifier()
-    {
-        return identifier;
-    }
-
-    public ASN1Encodable getContent()
-    {
-        return content;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CertificationRequest.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CertificationRequest.java
deleted file mode 100644
index fc9aa29..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/CertificationRequest.java
+++ /dev/null

@@ -1,214 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import java.io.IOException;
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * <pre>
- *   CertificationRequest ::= SEQUENCE {
- *     certificationRequestInfo  SEQUENCE {
- *       version                   INTEGER,
- *       subject                   Name,
- *       subjectPublicKeyInfo      SEQUENCE {
- *          algorithm                 AlgorithmIdentifier,
- *          subjectPublicKey          BIT STRING },
- *       attributes                [0] IMPLICIT SET OF Attribute },
- *    signatureAlgorithm        AlgorithmIdentifier,
- *    signature                 BIT STRING
- *  }
- * </pre>
- */
-public class CertificationRequest
-    extends ASN1Object
-{
-    private static final ASN1Integer ZERO = new ASN1Integer(0);
-
-    private final CertificationRequestInfo certificationRequestInfo;
-    private final AlgorithmIdentifier signatureAlgorithm;
-    private final DERBitString signature;
-
-    public CertificationRequest(
-        X500Name                subject,
-        AlgorithmIdentifier     subjectPublicAlgorithm,
-        DERBitString            subjectPublicKey,
-        ASN1Set                 attributes,
-        AlgorithmIdentifier     signatureAlgorithm,
-        DERBitString            signature)
-    {
-        this.certificationRequestInfo = new CertificationRequestInfo(subject, subjectPublicAlgorithm, subjectPublicKey, attributes);
-        this.signatureAlgorithm = signatureAlgorithm;
-        this.signature = signature;
-    }
-
-    private CertificationRequest(ASN1Sequence seq)
-    {
-        if (seq.size() != 3)
-        {
-            throw new IllegalArgumentException("incorrect sequence size");
-        }
-        this.certificationRequestInfo = new CertificationRequestInfo(ASN1Sequence.getInstance(seq.getObjectAt(0)));
-        this.signatureAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(1));
-        this.signature = DERBitString.getInstance(seq.getObjectAt(2));
-    }
-
-    public static CertificationRequest getInstance(Object o)
-    {
-        if (o instanceof CertificationRequest)
-        {
-            return (CertificationRequest)o;
-        }
-
-        if (o != null)
-        {
-            return new CertificationRequest(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public BigInteger getVersion()
-    {
-        return certificationRequestInfo.getVersion().getValue();
-    }
-
-    public X500Name getSubject()
-    {
-        return certificationRequestInfo.getSubject();
-    }
-
-    public ASN1Set getAttributes()
-    {
-        return certificationRequestInfo.getAttributes();
-    }
-
-    public AlgorithmIdentifier getSubjectPublicKeyAlgorithm()
-    {
-        return AlgorithmIdentifier.getInstance(certificationRequestInfo.getSubjectPublicKeyInfo().getObjectAt(0));
-    }
-
-    public DERBitString getSubjectPublicKey()
-    {
-        return DERBitString.getInstance(certificationRequestInfo.getSubjectPublicKeyInfo().getObjectAt(1));
-    }
-
-    /**
-     * If the public key is an encoded object this will return the ASN.1 primitives encoded - if the bitstring
-     * can't be decoded this routine throws an IOException.
-     *
-     * @exception IOException - if the bit string doesn't represent a DER encoded object.
-     * @return the public key as an ASN.1 primitive.
-     */
-    public ASN1Primitive parsePublicKey()
-        throws IOException
-    {
-        return ASN1Primitive.fromByteArray(getSubjectPublicKey().getOctets());
-    }
-
-    public AlgorithmIdentifier getSignatureAlgorithm()
-    {
-        return signatureAlgorithm;
-    }
-
-    public DERBitString getSignature()
-    {
-        return signature;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(certificationRequestInfo);
-        v.add(signatureAlgorithm);
-        v.add(signature);
-
-        return new DERSequence(v);
-    }
-
-    private class CertificationRequestInfo
-        extends ASN1Object
-    {
-        private final ASN1Integer version;
-        private final X500Name subject;
-        private final ASN1Sequence subjectPublicKeyInfo;
-        private final ASN1Set attributes;
-
-        private CertificationRequestInfo(
-            ASN1Sequence  seq)
-        {
-            if (seq.size() != 4)
-            {
-                throw new IllegalArgumentException("incorrect sequence size for CertificationRequestInfo");
-            }
-            version = ASN1Integer.getInstance(seq.getObjectAt(0));
-
-            subject = X500Name.getInstance(seq.getObjectAt(1));
-            subjectPublicKeyInfo = ASN1Sequence.getInstance(seq.getObjectAt(2));
-            if (subjectPublicKeyInfo.size() != 2)
-            {
-                throw new IllegalArgumentException("incorrect subjectPublicKeyInfo size for CertificationRequestInfo");
-            }
-
-            ASN1TaggedObject tagobj = (ASN1TaggedObject)seq.getObjectAt(3);
-            if (tagobj.getTagNo() != 0)
-            {
-                throw new IllegalArgumentException("incorrect tag number on attributes for CertificationRequestInfo");
-            }
-            attributes = ASN1Set.getInstance(tagobj, false);
-        }
-
-        private CertificationRequestInfo(X500Name subject, AlgorithmIdentifier algorithm, DERBitString subjectPublicKey, ASN1Set attributes)
-        {
-            this.version = ZERO;
-            this.subject = subject;
-            this.subjectPublicKeyInfo = new DERSequence(new ASN1Encodable[] { algorithm, subjectPublicKey });
-            this.attributes = attributes;
-        }
-
-        private ASN1Integer getVersion()
-        {
-            return version;
-        }
-
-        private X500Name getSubject()
-        {
-            return subject;
-        }
-
-        private ASN1Sequence getSubjectPublicKeyInfo()
-        {
-            return subjectPublicKeyInfo;
-        }
-
-        private ASN1Set getAttributes()
-        {
-            return attributes;
-        }
-
-        public ASN1Primitive toASN1Primitive()
-        {
-            ASN1EncodableVector v = new ASN1EncodableVector();
-
-            v.add(version);
-            v.add(subject);
-            v.add(subjectPublicKeyInfo);
-            v.add(new DERTaggedObject(false, 0, attributes));
-
-            return new DERSequence(v);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/ControlsProcessed.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/ControlsProcessed.java
deleted file mode 100644
index 4c82545..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/ControlsProcessed.java
+++ /dev/null

@@ -1,84 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <pre>
- * -- Inform follow on servers that one or more controls have already been
- * -- processed
- *
- * id-cmc-controlProcessed OBJECT IDENTIFIER ::= {id-cmc 32}
- *
- * ControlsProcessed ::= SEQUENCE {
- *     bodyList              SEQUENCE SIZE(1..MAX) OF BodyPartReference
- * }
- * </pre>
- */
-public class ControlsProcessed
-    extends ASN1Object
-{
-    private final ASN1Sequence bodyPartReferences;
-
-    /**
-     * Construct a ControlsProcessed object containing one BodyPartReference.
-     *
-     * @param bodyPartRef the BodyPartReference to be contained.
-     */
-    public ControlsProcessed(
-        BodyPartReference bodyPartRef)
-    {
-        this.bodyPartReferences = new DERSequence(bodyPartRef);
-    }
-
-
-    public ControlsProcessed(
-        BodyPartReference[] bodyList)
-    {
-        this.bodyPartReferences = new DERSequence(bodyList);
-    }
-
-
-    public static ControlsProcessed getInstance(Object src)
-    {
-        if (src instanceof ControlsProcessed)
-        {
-            return (ControlsProcessed)src;
-        }
-        else if (src != null)
-        {
-            return new ControlsProcessed(ASN1Sequence.getInstance(src));
-        }
-
-        return null;
-    }
-
-    private ControlsProcessed(
-        ASN1Sequence seq)
-    {
-        if (seq.size() != 1)
-        {
-            throw new IllegalArgumentException("incorrect sequence size");
-        }
-        this.bodyPartReferences = ASN1Sequence.getInstance(seq.getObjectAt(0));
-    }
-
-    public BodyPartReference[] getBodyList()
-    {
-        BodyPartReference[] tmp = new BodyPartReference[bodyPartReferences.size()];
-
-        for (int i = 0; i != bodyPartReferences.size(); i++)
-        {
-            tmp[i] = BodyPartReference.getInstance(bodyPartReferences.getObjectAt(i));
-        }
-
-        return tmp;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return new DERSequence(bodyPartReferences);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/DecryptedPOP.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/DecryptedPOP.java
deleted file mode 100644
index e5de83b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/DecryptedPOP.java
+++ /dev/null

@@ -1,90 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.Arrays;
-
-/**
- * <pre>
- *      id-cmc-decryptedPOP OBJECT IDENTIFIER ::= {id-cmc 10}
- *
- *       DecryptedPOP ::= SEQUENCE {
- *            bodyPartID      BodyPartID,
- *            thePOPAlgID     AlgorithmIdentifier,
- *            thePOP          OCTET STRING
- *       }
- * </pre>
- */
-public class DecryptedPOP
-    extends ASN1Object
-{
-    private final BodyPartID bodyPartID;
-    private final AlgorithmIdentifier thePOPAlgID;
-    private final byte[] thePOP;
-
-    public DecryptedPOP(BodyPartID bodyPartID, AlgorithmIdentifier thePOPAlgID, byte[] thePOP)
-    {
-        this.bodyPartID = bodyPartID;
-        this.thePOPAlgID = thePOPAlgID;
-        this.thePOP = Arrays.clone(thePOP);
-    }
-
-    private DecryptedPOP(ASN1Sequence seq)
-    {
-        if (seq.size() != 3)
-        {
-            throw new IllegalArgumentException("incorrect sequence size");
-        }
-        this.bodyPartID = BodyPartID.getInstance(seq.getObjectAt(0));
-        this.thePOPAlgID = AlgorithmIdentifier.getInstance(seq.getObjectAt(1));
-        this.thePOP = Arrays.clone(ASN1OctetString.getInstance(seq.getObjectAt(2)).getOctets());
-    }
-
-
-    public static DecryptedPOP getInstance(Object o)
-    {
-        if (o instanceof DecryptedPOP)
-        {
-            return (DecryptedPOP)o;
-        }
-
-        if (o != null)
-        {
-            return new DecryptedPOP(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public BodyPartID getBodyPartID()
-    {
-        return bodyPartID;
-    }
-
-    public AlgorithmIdentifier getThePOPAlgID()
-    {
-        return thePOPAlgID;
-    }
-
-    public byte[] getThePOP()
-    {
-        return Arrays.clone(thePOP);
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(bodyPartID);
-        v.add(thePOPAlgID);
-        v.add(new DEROctetString(thePOP));
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/EncryptedPOP.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/EncryptedPOP.java
deleted file mode 100644
index cd297f6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/EncryptedPOP.java
+++ /dev/null

@@ -1,116 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.Arrays;
-
-/**
- * <pre>
- *      id-cmc-encryptedPOP OBJECT IDENTIFIER ::= {id-cmc 9}
- *
- *      EncryptedPOP ::= SEQUENCE {
- *              request       TaggedRequest,
- *              cms             ContentInfo,
- *              thePOPAlgID     AlgorithmIdentifier,
- *              witnessAlgID    AlgorithmIdentifier,
- *              witness         OCTET STRING
- *      }
- * </pre>
- */
-public class EncryptedPOP
-    extends ASN1Object
-{
-    private final TaggedRequest request;
-    private final ContentInfo cms;
-    private final AlgorithmIdentifier thePOPAlgID;
-    private final AlgorithmIdentifier witnessAlgID;
-    private final byte[] witness;
-
-    private EncryptedPOP(ASN1Sequence seq)
-    {
-        if (seq.size() != 5)
-        {
-            throw new IllegalArgumentException("incorrect sequence size");
-        }
-        this.request = TaggedRequest.getInstance(seq.getObjectAt(0));
-        this.cms = ContentInfo.getInstance(seq.getObjectAt(1));
-        this.thePOPAlgID = AlgorithmIdentifier.getInstance(seq.getObjectAt(2));
-        this.witnessAlgID = AlgorithmIdentifier.getInstance(seq.getObjectAt(3));
-        this.witness = Arrays.clone(ASN1OctetString.getInstance(seq.getObjectAt(4)).getOctets());
-    }
-
-    public EncryptedPOP(
-        TaggedRequest request,
-        ContentInfo cms,
-        AlgorithmIdentifier thePOPAlgID,
-        AlgorithmIdentifier witnessAlgID,
-        byte[] witness)
-    {
-        this.request = request;
-        this.cms = cms;
-        this.thePOPAlgID = thePOPAlgID;
-        this.witnessAlgID = witnessAlgID;
-        this.witness = Arrays.clone(witness);
-    }
-
-    public static EncryptedPOP getInstance(Object o)
-    {
-        if (o instanceof EncryptedPOP)
-        {
-            return (EncryptedPOP)o;
-        }
-
-        if (o != null)
-        {
-            return new EncryptedPOP(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-
-    public TaggedRequest getRequest()
-    {
-        return request;
-    }
-
-    public ContentInfo getCms()
-    {
-        return cms;
-    }
-
-    public AlgorithmIdentifier getThePOPAlgID()
-    {
-        return thePOPAlgID;
-    }
-
-    public AlgorithmIdentifier getWitnessAlgID()
-    {
-        return witnessAlgID;
-    }
-
-    public byte[] getWitness()
-    {
-        return Arrays.clone(witness);
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(request);
-        v.add(cms);
-        v.add(thePOPAlgID);
-        v.add(witnessAlgID);
-        v.add(new DEROctetString(witness));
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/ExtendedFailInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/ExtendedFailInfo.java
deleted file mode 100644
index 2ec15fe..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/ExtendedFailInfo.java
+++ /dev/null

@@ -1,79 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * ExtendedFailInfo ::= SEQUENCE {
- * failInfoOID            OBJECT IDENTIFIER,
- * failInfoValue          ANY DEFINED BY failInfoOID
- * }
- */
-public class ExtendedFailInfo
-    extends ASN1Object
-{
-
-    private final ASN1ObjectIdentifier failInfoOID;
-    private final ASN1Encodable failInfoValue;
-
-    public ExtendedFailInfo(ASN1ObjectIdentifier failInfoOID, ASN1Encodable failInfoValue)
-    {
-        this.failInfoOID = failInfoOID;
-        this.failInfoValue = failInfoValue;
-    }
-
-    private ExtendedFailInfo(ASN1Sequence s)
-    {
-        if (s.size() != 2)
-        {
-            throw new IllegalArgumentException("Sequence must be 2 elements.");
-        }
-
-        failInfoOID = ASN1ObjectIdentifier.getInstance(s.getObjectAt(0));
-        failInfoValue = s.getObjectAt(1);
-    }
-
-    public static ExtendedFailInfo getInstance(Object obj)
-    {
-        if (obj instanceof ExtendedFailInfo)
-        {
-            return (ExtendedFailInfo)obj;
-        }
-
-        if (obj instanceof ASN1Encodable)
-        {
-            ASN1Encodable asn1Value = ((ASN1Encodable)obj).toASN1Primitive();
-            if (asn1Value instanceof ASN1Sequence)
-            {
-                return new ExtendedFailInfo(
-                    (ASN1Sequence)asn1Value
-                );
-            }
-        }
-        else if (obj instanceof byte[])
-        {
-            return getInstance(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return new DERSequence(new ASN1Encodable[]{failInfoOID, failInfoValue});
-    }
-
-    public ASN1ObjectIdentifier getFailInfoOID()
-    {
-        return failInfoOID;
-    }
-
-    public ASN1Encodable getFailInfoValue()
-    {
-        return failInfoValue;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/ExtensionReq.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/ExtensionReq.java
deleted file mode 100644
index 9623ce7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/ExtensionReq.java
+++ /dev/null

@@ -1,83 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.Extension;
-
-/**
- * <pre>
- *   ExtensionReq ::= SEQUENCE SIZE (1..MAX) OF Extension
- * </pre>
- */
-public class ExtensionReq
-    extends ASN1Object
-{
-    private final Extension[] extensions;
-
-    public static ExtensionReq getInstance(
-        Object obj)
-    {
-        if (obj instanceof ExtensionReq)
-        {
-            return (ExtensionReq)obj;
-        }
-
-        if (obj != null)
-        {
-            return new ExtensionReq(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public static ExtensionReq getInstance(
-        ASN1TaggedObject obj,
-        boolean explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    /**
-     * Construct a ExtensionReq object containing one Extension.
-     *
-     * @param Extension the Extension to be contained.
-     */
-    public ExtensionReq(
-        Extension Extension)
-    {
-        this.extensions = new Extension[]{Extension};
-    }
-
-
-    public ExtensionReq(
-        Extension[] extensions)
-    {
-        this.extensions = Utils.clone(extensions);
-    }
-
-    private ExtensionReq(
-        ASN1Sequence seq)
-    {
-        this.extensions = new Extension[seq.size()];
-
-        for (int i = 0; i != seq.size(); i++)
-        {
-            extensions[i] = Extension.getInstance(seq.getObjectAt(i));
-        }
-    }
-
-    public Extension[] getExtensions()
-    {
-        return Utils.clone(extensions);
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return new DERSequence(extensions);
-    }
-
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/GetCRL.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/GetCRL.java
deleted file mode 100644
index 5087af8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/GetCRL.java
+++ /dev/null

@@ -1,121 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.ReasonFlags;
-
-/**
- * <pre>
- * id-cmc-getCRL OBJECT IDENTIFIER ::= {id-cmc 16}
- *
- * GetCRL ::= SEQUENCE {
- *    issuerName    Name,
- *    cRLName       GeneralName OPTIONAL,
- *    time          GeneralizedTime OPTIONAL,
- *    reasons       ReasonFlags OPTIONAL }
- * </pre>
- */
-public class GetCRL
-    extends ASN1Object
-{
-    private final X500Name issuerName;
-    private GeneralName cRLName;
-    private ASN1GeneralizedTime time;
-    private ReasonFlags reasons;
-
-    public GetCRL(X500Name issuerName, GeneralName cRLName, ASN1GeneralizedTime time, ReasonFlags reasons)
-    {
-        this.issuerName = issuerName;
-        this.cRLName = cRLName;
-        this.time = time;
-        this.reasons = reasons;
-    }
-
-
-    private GetCRL(ASN1Sequence seq)
-    {
-        if (seq.size() < 1 || seq.size() > 4)
-        {
-            throw new IllegalArgumentException("incorrect sequence size");
-        }
-        this.issuerName = X500Name.getInstance(seq.getObjectAt(0));
-
-        int index = 1;
-        if (seq.size() > index && seq.getObjectAt(index).toASN1Primitive() instanceof ASN1TaggedObject)
-        {
-            this.cRLName = GeneralName.getInstance(seq.getObjectAt(index++));
-        }
-        if (seq.size() > index && seq.getObjectAt(index).toASN1Primitive() instanceof ASN1GeneralizedTime)
-        {
-            this.time = ASN1GeneralizedTime.getInstance(seq.getObjectAt(index++));
-        }
-        if (seq.size() > index && seq.getObjectAt(index).toASN1Primitive() instanceof DERBitString)
-        {
-            this.reasons = new ReasonFlags(DERBitString.getInstance(seq.getObjectAt(index)));
-        }
-    }
-
-    public static GetCRL getInstance(Object o)
-    {
-        if (o instanceof GetCRL)
-        {
-            return (GetCRL)o;
-        }
-
-        if (o != null)
-        {
-            return new GetCRL(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public X500Name getIssuerName()
-    {
-        return issuerName;
-    }
-
-    public GeneralName getcRLName()
-    {
-        return cRLName;
-    }
-
-    public ASN1GeneralizedTime getTime()
-    {
-        return time;
-    }
-
-    public ReasonFlags getReasons()
-    {
-        return reasons;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(issuerName);
-        if (cRLName != null)
-        {
-            v.add(cRLName);
-        }
-        if (time != null)
-        {
-            v.add(time);
-        }
-        if (reasons != null)
-        {
-            v.add(reasons);
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/GetCert.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/GetCert.java
deleted file mode 100644
index 8522616..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/GetCert.java
+++ /dev/null

@@ -1,77 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.GeneralName;
-
-/**
- * <pre>
- *      id-cmc-getCert OBJECT IDENTIFIER ::= {id-cmc 15}
- *
- *      GetCert ::= SEQUENCE {
- *           issuerName      GeneralName,
- *           serialNumber    INTEGER }
- * </pre>
- */
-public class GetCert extends ASN1Object
-{
-    private final GeneralName issuerName;
-    private final BigInteger serialNumber;
-
-    private GetCert(ASN1Sequence seq)
-    {
-        if (seq.size() != 2)
-        {
-            throw new IllegalArgumentException("incorrect sequence size");
-        }
-        this.issuerName = GeneralName.getInstance(seq.getObjectAt(0));
-        this.serialNumber = ASN1Integer.getInstance(seq.getObjectAt(1)).getValue();
-    }
-
-    public GetCert(GeneralName issuerName, BigInteger serialNumber)
-    {
-        this.issuerName = issuerName;
-        this.serialNumber = serialNumber;
-    }
-
-    public static GetCert getInstance(Object o)
-    {
-        if (o instanceof GetCert)
-        {
-            return (GetCert)o;
-        }
-
-        if (o != null)
-        {
-            return new GetCert(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public GeneralName getIssuerName()
-    {
-        return issuerName;
-    }
-
-    public BigInteger getSerialNumber()
-    {
-        return serialNumber;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(issuerName);
-        v.add(new ASN1Integer(serialNumber));
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/IdentityProofV2.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/IdentityProofV2.java
deleted file mode 100644
index 3451629..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/IdentityProofV2.java
+++ /dev/null

@@ -1,88 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.Arrays;
-
-/**
- * <pre>
- *      id-cmc-identityProofV2 OBJECT IDENTIFIER ::= { id-cmc 34 }
- *      identityProofV2 ::= SEQUENCE {
- *          proofAlgID       AlgorithmIdentifier,
- *          macAlgId         AlgorithmIdentifier,
- *          witness          OCTET STRING
- *      }
- * </pre>
- */
-public class IdentityProofV2
-    extends ASN1Object
-{
-    private final AlgorithmIdentifier proofAlgID;
-    private final AlgorithmIdentifier macAlgId;
-    private final byte[] witness;
-    
-    public IdentityProofV2(AlgorithmIdentifier proofAlgID, AlgorithmIdentifier macAlgId, byte[] witness)
-    {
-        this.proofAlgID = proofAlgID;
-        this.macAlgId = macAlgId;
-        this.witness = Arrays.clone(witness);
-    }
-        
-    private IdentityProofV2(ASN1Sequence seq)
-    {
-        if (seq.size() != 3)
-        {
-            throw new IllegalArgumentException("incorrect sequence size");
-        }
-        this.proofAlgID = AlgorithmIdentifier.getInstance(seq.getObjectAt(0));
-        this.macAlgId = AlgorithmIdentifier.getInstance(seq.getObjectAt(1));
-        this.witness = Arrays.clone(ASN1OctetString.getInstance(seq.getObjectAt(2)).getOctets());
-    }
-
-    public static IdentityProofV2 getInstance(Object o)
-    {
-        if (o instanceof IdentityProofV2)
-        {
-            return (IdentityProofV2)o;
-        }
-
-        if (o != null)
-        {
-            return new IdentityProofV2(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-    
-    public AlgorithmIdentifier getProofAlgID()
-    {
-        return proofAlgID;
-    }
-
-    public AlgorithmIdentifier getMacAlgId()
-    {
-        return macAlgId;
-    }
-
-    public byte[] getWitness()
-    {
-        return Arrays.clone(witness);
-    }
-    
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        
-        v.add(proofAlgID);
-        v.add(macAlgId);
-        v.add(new DEROctetString(getWitness()));
-        
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/LraPopWitness.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/LraPopWitness.java
deleted file mode 100644
index 8119ba7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/LraPopWitness.java
+++ /dev/null

@@ -1,83 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <pre>
- * id-cmc-lraPOPWitness OBJECT IDENTIFIER ::= {id-cmc 11}
- *
- * LraPopWitness ::= SEQUENCE {
- *     pkiDataBodyid   BodyPartID,
- *     bodyIds         SEQUENCE OF BodyPartID
- * }
- * </pre>
- */
-public class LraPopWitness
-    extends ASN1Object
-{
-    private final BodyPartID pkiDataBodyid;
-    private final ASN1Sequence bodyIds;
-
-    public LraPopWitness(BodyPartID pkiDataBodyid, ASN1Sequence bodyIds)
-    {
-        this.pkiDataBodyid = pkiDataBodyid;
-        this.bodyIds = bodyIds;
-    }
-
-    private LraPopWitness(ASN1Sequence seq)
-    {
-        if (seq.size() != 2)
-        {
-            throw new IllegalArgumentException("incorrect sequence size");
-        }
-        this.pkiDataBodyid = BodyPartID.getInstance(seq.getObjectAt(0));
-        this.bodyIds = ASN1Sequence.getInstance(seq.getObjectAt(1));
-    }
-
-    public static LraPopWitness getInstance(Object o)
-    {
-        if (o instanceof LraPopWitness)
-        {
-            return (LraPopWitness)o;
-        }
-
-        if (o != null)
-        {
-            return new LraPopWitness(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public BodyPartID getPkiDataBodyid()
-    {
-        return pkiDataBodyid;
-    }
-
-
-    public BodyPartID[] getBodyIds()
-    {
-        BodyPartID[] rv = new BodyPartID[bodyIds.size()];
-
-        for (int i = 0; i != bodyIds.size(); i++)
-        {
-            rv[i] = BodyPartID.getInstance(bodyIds.getObjectAt(i));
-        }
-
-        return rv;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(pkiDataBodyid);
-        v.add(bodyIds);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/ModCertTemplate.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/ModCertTemplate.java
deleted file mode 100644
index a3e4de2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/ModCertTemplate.java
+++ /dev/null

@@ -1,109 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import org.bouncycastle.asn1.ASN1Boolean;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.crmf.CertTemplate;
-
-/**
- * <pre>
- * id-cmc-modCertTemplate OBJECT IDENTIFIER ::= {id-cmc 31}
- *
- * ModCertTemplate ::= SEQUENCE {
- *    pkiDataReference             BodyPartPath,
- *    certReferences               BodyPartList,
- *    replace                      BOOLEAN DEFAULT TRUE,
- *    certTemplate                 CertTemplate
- * }
- * </pre>
- */
-public class ModCertTemplate
-    extends ASN1Object
-{
-    private final BodyPartPath pkiDataReference;
-    private final BodyPartList certReferences;
-    private final boolean replace;
-    private final CertTemplate certTemplate;
-
-    public ModCertTemplate(BodyPartPath pkiDataReference, BodyPartList certReferences, boolean replace, CertTemplate certTemplate)
-    {
-        this.pkiDataReference = pkiDataReference;
-        this.certReferences = certReferences;
-        this.replace = replace;
-        this.certTemplate = certTemplate;
-    }
-
-    private ModCertTemplate(ASN1Sequence seq)
-    {
-        if (seq.size() != 4 && seq.size() != 3)
-        {
-            throw new IllegalArgumentException("incorrect sequence size");
-        }
-        this.pkiDataReference = BodyPartPath.getInstance(seq.getObjectAt(0));
-        this.certReferences = BodyPartList.getInstance(seq.getObjectAt(1));
-
-        if (seq.size() == 4)
-        {
-            this.replace = ASN1Boolean.getInstance(seq.getObjectAt(2)).isTrue();
-            this.certTemplate = CertTemplate.getInstance(seq.getObjectAt(3));
-        }
-        else
-        {
-            this.replace = true;
-            this.certTemplate = CertTemplate.getInstance(seq.getObjectAt(2));
-        }
-    }
-
-    public static ModCertTemplate getInstance(Object o)
-    {
-        if (o instanceof ModCertTemplate)
-        {
-            return (ModCertTemplate)o;
-        }
-
-        if (o != null)
-        {
-            return new ModCertTemplate(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public BodyPartPath getPkiDataReference()
-    {
-        return pkiDataReference;
-    }
-
-    public BodyPartList getCertReferences()
-    {
-        return certReferences;
-    }
-
-    public boolean isReplacingFields()
-    {
-        return replace;
-    }
-
-    public CertTemplate getCertTemplate()
-    {
-        return certTemplate;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(pkiDataReference);
-        v.add(certReferences);
-        if (!replace)
-        {
-            v.add(ASN1Boolean.getInstance(replace));
-        }
-        v.add(certTemplate);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/OtherMsg.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/OtherMsg.java
deleted file mode 100644
index 8402f57..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/OtherMsg.java
+++ /dev/null

@@ -1,92 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <pre>
- * OtherMsg ::= SEQUENCE {
- *     bodyPartID        BodyPartID,
- *     otherMsgType      OBJECT IDENTIFIER,
- *     otherMsgValue     ANY DEFINED BY otherMsgType }
- * </pre>
- */
-public class OtherMsg
-    extends ASN1Object
-{
-    private final BodyPartID bodyPartID;
-    private final ASN1ObjectIdentifier otherMsgType;
-    private final ASN1Encodable otherMsgValue;
-
-    public OtherMsg(BodyPartID bodyPartID, ASN1ObjectIdentifier otherMsgType, ASN1Encodable otherMsgValue)
-    {
-        this.bodyPartID = bodyPartID;
-        this.otherMsgType = otherMsgType;
-        this.otherMsgValue = otherMsgValue;
-    }
-
-    private OtherMsg(ASN1Sequence seq)
-    {
-        if (seq.size() != 3)
-        {
-            throw new IllegalArgumentException("incorrect sequence size");
-        }
-        this.bodyPartID = BodyPartID.getInstance(seq.getObjectAt(0));
-        this.otherMsgType = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(1));
-        this.otherMsgValue = seq.getObjectAt(2);
-    }
-
-    public static OtherMsg getInstance(Object o)
-    {
-        if (o instanceof OtherMsg)
-        {
-            return (OtherMsg)o;
-        }
-
-        if (o != null)
-        {
-            return new OtherMsg(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public static OtherMsg getInstance(
-        ASN1TaggedObject obj,
-        boolean explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(bodyPartID);
-        v.add(otherMsgType);
-        v.add(otherMsgValue);
-
-        return new DERSequence(v);
-    }
-
-    public BodyPartID getBodyPartID()
-    {
-        return bodyPartID;
-    }
-
-    public ASN1ObjectIdentifier getOtherMsgType()
-    {
-        return otherMsgType;
-    }
-
-    public ASN1Encodable getOtherMsgValue()
-    {
-        return otherMsgValue;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/OtherStatusInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/OtherStatusInfo.java
deleted file mode 100644
index 46ef16a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/OtherStatusInfo.java
+++ /dev/null

@@ -1,119 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-
-/**
- * Other info implements the choice component of CMCStatusInfoV2.
- * <p>
- * OtherStatusInfo ::= CHOICE {
- * failInfo              CMCFailInfo,
- * pendInfo              PendInfo,
- * extendedFailInfo      ExtendedFailInfo
- * }
- */
-public class OtherStatusInfo
-    extends ASN1Object
-    implements ASN1Choice
-{
-    private final CMCFailInfo failInfo;
-    private final PendInfo pendInfo;
-    private final ExtendedFailInfo extendedFailInfo;
-
-    public static OtherStatusInfo getInstance(Object obj)
-    {
-        if (obj instanceof OtherStatusInfo)
-        {
-            return (OtherStatusInfo)obj;
-        }
-
-        if (obj instanceof ASN1Encodable)
-        {
-            ASN1Encodable asn1Value = ((ASN1Encodable)obj).toASN1Primitive();
-
-            if (asn1Value instanceof ASN1Integer) // CMCFail info is an asn1 integer.
-            {
-                return new OtherStatusInfo(CMCFailInfo.getInstance(asn1Value));
-            }
-            else if (asn1Value instanceof ASN1Sequence) // PendInfo is a sequence.
-            {
-                if (((ASN1Sequence)asn1Value).getObjectAt(0) instanceof ASN1ObjectIdentifier)
-                {
-                    return new OtherStatusInfo(ExtendedFailInfo.getInstance(asn1Value));
-                }
-                return new OtherStatusInfo(PendInfo.getInstance(asn1Value));
-            }
-        }
-        else if (obj instanceof byte[])
-        {
-            try
-            {
-                return getInstance(ASN1Primitive.fromByteArray((byte[])obj));
-            }
-            catch (IOException e)
-            {
-                throw new IllegalArgumentException("parsing error: " + e.getMessage());
-            }
-        }                          
-        throw new IllegalArgumentException("unknown object in getInstance(): " + obj.getClass().getName());
-    }
-
-    OtherStatusInfo(CMCFailInfo failInfo)
-    {
-        this(failInfo, null, null);
-    }
-
-    OtherStatusInfo(PendInfo pendInfo)
-    {
-        this(null, pendInfo, null);
-    }
-
-    OtherStatusInfo(ExtendedFailInfo extendedFailInfo)
-    {
-        this(null, null, extendedFailInfo);
-    }
-
-    private OtherStatusInfo(CMCFailInfo failInfo, PendInfo pendInfo, ExtendedFailInfo extendedFailInfo)
-    {
-        this.failInfo = failInfo;
-        this.pendInfo = pendInfo;
-        this.extendedFailInfo = extendedFailInfo;
-    }
-
-    public boolean isPendingInfo()
-    {
-        return pendInfo != null;
-    }
-
-    public boolean isFailInfo()
-    {
-        return failInfo != null;
-    }
-
-
-    public boolean isExtendedFailInfo()
-    {
-        return extendedFailInfo != null;
-    }
-
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        if (pendInfo != null)
-        {
-            return pendInfo.toASN1Primitive();
-        }
-        else if (failInfo != null)
-        {
-            return failInfo.toASN1Primitive();
-        }
-        return extendedFailInfo.toASN1Primitive();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/PKIData.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/PKIData.java
deleted file mode 100644
index 35180b1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/PKIData.java
+++ /dev/null

@@ -1,155 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <pre>
- * PKIData ::= SEQUENCE {
- * controlSequence    SEQUENCE SIZE(0..MAX) OF TaggedAttribute,
- * reqSequence        SEQUENCE SIZE(0..MAX) OF TaggedRequest,
- * cmsSequence        SEQUENCE SIZE(0..MAX) OF TaggedContentInfo,
- * otherMsgSequence   SEQUENCE SIZE(0..MAX) OF OtherMsg
- * }
- * </pre>
- */
-public class PKIData
-    extends ASN1Object
-{
-    private final TaggedAttribute[] controlSequence;
-    private final TaggedRequest[] reqSequence;
-    private final TaggedContentInfo[] cmsSequence;
-    private final OtherMsg[] otherMsgSequence;
-
-
-    public PKIData(
-        TaggedAttribute[] controlSequence,
-        TaggedRequest[] reqSequence,
-        TaggedContentInfo[] cmsSequence,
-        OtherMsg[] otherMsgSequence)
-    {
-        this.controlSequence = copy(controlSequence);
-        this.reqSequence = copy(reqSequence);
-        this.cmsSequence = copy(cmsSequence);
-        this.otherMsgSequence = copy(otherMsgSequence);
-    }
-
-    private PKIData(ASN1Sequence seq)
-    {
-        if (seq.size() != 4)
-        {
-            throw new IllegalArgumentException("Sequence not 4 elements.");
-        }
-
-        ASN1Sequence s = ((ASN1Sequence)seq.getObjectAt(0));
-        controlSequence = new TaggedAttribute[s.size()];
-        for (int t = 0; t < controlSequence.length; t++)
-        {
-            controlSequence[t] = TaggedAttribute.getInstance(s.getObjectAt(t));
-        }
-
-        s = ((ASN1Sequence)seq.getObjectAt(1));
-        reqSequence = new TaggedRequest[s.size()];
-        for (int t = 0; t < reqSequence.length; t++)
-        {
-            reqSequence[t] = TaggedRequest.getInstance(s.getObjectAt(t));
-        }
-
-        s = ((ASN1Sequence)seq.getObjectAt(2));
-        cmsSequence = new TaggedContentInfo[s.size()];
-        for (int t = 0; t < cmsSequence.length; t++)
-        {
-            cmsSequence[t] = TaggedContentInfo.getInstance(s.getObjectAt(t));
-        }
-
-        s = ((ASN1Sequence)seq.getObjectAt(3));
-        otherMsgSequence = new OtherMsg[s.size()];
-        for (int t = 0; t < otherMsgSequence.length; t++)
-        {
-            otherMsgSequence[t] = OtherMsg.getInstance(s.getObjectAt(t));
-        }
-    }
-
-    public static PKIData getInstance(Object src)
-    {
-        if (src instanceof PKIData)
-        {
-            return (PKIData)src;
-        }
-        if (src != null)
-        {
-            return new PKIData(ASN1Sequence.getInstance(src));
-        }
-        return null;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return new DERSequence(new ASN1Encodable[]{
-            new DERSequence(controlSequence),
-            new DERSequence(reqSequence),
-            new DERSequence(cmsSequence),
-            new DERSequence(otherMsgSequence)
-        });
-
-    }
-
-    public TaggedAttribute[] getControlSequence()
-    {
-        return copy(controlSequence);
-    }
-
-    private TaggedAttribute[] copy(TaggedAttribute[] taggedAtts)
-    {
-        TaggedAttribute[] tmp = new TaggedAttribute[taggedAtts.length];
-
-        System.arraycopy(taggedAtts, 0, tmp, 0, tmp.length);
-
-        return tmp;
-    }
-
-    public TaggedRequest[] getReqSequence()
-    {
-        return copy(reqSequence);
-    }
-
-    private TaggedRequest[] copy(TaggedRequest[] taggedReqs)
-    {
-        TaggedRequest[] tmp = new TaggedRequest[taggedReqs.length];
-
-        System.arraycopy(taggedReqs, 0, tmp, 0, tmp.length);
-
-        return tmp;
-    }
-
-    public TaggedContentInfo[] getCmsSequence()
-    {
-        return copy(cmsSequence);
-    }
-
-    private TaggedContentInfo[] copy(TaggedContentInfo[] taggedConts)
-    {
-        TaggedContentInfo[] tmp = new TaggedContentInfo[taggedConts.length];
-
-        System.arraycopy(taggedConts, 0, tmp, 0, tmp.length);
-
-        return tmp;
-    }
-
-    public OtherMsg[] getOtherMsgSequence()
-    {
-        return copy(otherMsgSequence);
-    }
-
-    private OtherMsg[] copy(OtherMsg[] otherMsgs)
-    {
-        OtherMsg[] tmp = new OtherMsg[otherMsgs.length];
-
-        System.arraycopy(otherMsgs, 0, tmp, 0, tmp.length);
-
-        return tmp;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/PKIResponse.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/PKIResponse.java
deleted file mode 100644
index c975d3e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/PKIResponse.java
+++ /dev/null

@@ -1,90 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <pre>
- *    --  This defines the response message in the protocol
- *  id-cct-PKIResponse OBJECT IDENTIFIER ::= { id-cct 3 }
- *
- * ResponseBody ::= PKIResponse
- *
- * PKIResponse ::= SEQUENCE {
- *     controlSequence   SEQUENCE SIZE(0..MAX) OF TaggedAttribute,
- *     cmsSequence       SEQUENCE SIZE(0..MAX) OF TaggedContentInfo,
- *     otherMsgSequence  SEQUENCE SIZE(0..MAX) OF OtherMsg
- * }
- * </pre>
- */
-public class PKIResponse
-    extends ASN1Object
-{
-    private final ASN1Sequence controlSequence;
-    private final ASN1Sequence cmsSequence;
-    private final ASN1Sequence otherMsgSequence;
-
-    private PKIResponse(ASN1Sequence seq)
-    {
-        if (seq.size() != 3)
-        {
-            throw new IllegalArgumentException("incorrect sequence size");
-        }
-        this.controlSequence = ASN1Sequence.getInstance(seq.getObjectAt(0));
-        this.cmsSequence = ASN1Sequence.getInstance(seq.getObjectAt(1));
-        this.otherMsgSequence = ASN1Sequence.getInstance(seq.getObjectAt(2));
-    }
-
-
-    public static PKIResponse getInstance(Object o)
-    {
-        if (o instanceof PKIResponse)
-        {
-            return (PKIResponse)o;
-        }
-
-        if (o != null)
-        {
-            return new PKIResponse(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public static PKIResponse getInstance(
-        ASN1TaggedObject obj,
-        boolean explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(controlSequence);
-        v.add(cmsSequence);
-        v.add(otherMsgSequence);
-
-        return new DERSequence(v);
-    }
-
-    public ASN1Sequence getControlSequence()
-    {
-        return controlSequence;
-    }
-
-    public ASN1Sequence getCmsSequence()
-    {
-        return cmsSequence;
-    }
-
-    public ASN1Sequence getOtherMsgSequence()
-    {
-        return otherMsgSequence;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/PendInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/PendInfo.java
deleted file mode 100644
index a0178ec..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/PendInfo.java
+++ /dev/null

@@ -1,77 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.util.Arrays;
-
-/**
- * <pre>
- * PendInfo ::= SEQUENCE {
- *    pendToken        OCTET STRING,
- *    pendTime         GeneralizedTime
- * }
- * </pre>
- */
-public class PendInfo
-    extends ASN1Object
-{
-    private final byte[] pendToken;
-    private final ASN1GeneralizedTime pendTime;
-
-    public PendInfo(byte[] pendToken, ASN1GeneralizedTime pendTime)
-    {
-        this.pendToken = Arrays.clone(pendToken);
-        this.pendTime = pendTime;
-    }
-
-    private PendInfo(ASN1Sequence seq)
-    {
-        if (seq.size() != 2)
-        {
-            throw new IllegalArgumentException("incorrect sequence size");
-        }
-        this.pendToken = Arrays.clone(ASN1OctetString.getInstance(seq.getObjectAt(0)).getOctets());
-        this.pendTime = ASN1GeneralizedTime.getInstance(seq.getObjectAt(1));
-    }
-
-    public static PendInfo getInstance(Object o)
-    {
-        if (o instanceof PendInfo)
-        {
-            return (PendInfo)o;
-        }
-
-        if (o != null)
-        {
-            return new PendInfo(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(new DEROctetString(pendToken));
-        v.add(pendTime);
-
-        return new DERSequence(v);
-    }
-
-    public byte[] getPendToken()
-    {
-        return Arrays.clone(pendToken);
-    }
-
-    public ASN1GeneralizedTime getPendTime()
-    {
-        return pendTime;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/PopLinkWitnessV2.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/PopLinkWitnessV2.java
deleted file mode 100644
index 4ec2cd1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/PopLinkWitnessV2.java
+++ /dev/null

@@ -1,88 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.Arrays;
-
-/**
- * <pre>
- *      id-cmc-popLinkWitnessV2 OBJECT IDENTIFIER ::= { id-cmc 33 }
- *      PopLinkWitnessV2 ::= SEQUENCE {
- *           keyGenAlgorithm   AlgorithmIdentifier,
- *           macAlgorithm      AlgorithmIdentifier,
- *           witness           OCTET STRING
- *      }
- * </pre>
- */
-public class PopLinkWitnessV2
-    extends ASN1Object
-{
-    private final AlgorithmIdentifier keyGenAlgorithm;
-    private final AlgorithmIdentifier macAlgorithm;
-    private final byte[] witness;
-
-    public PopLinkWitnessV2(AlgorithmIdentifier keyGenAlgorithm, AlgorithmIdentifier macAlgorithm, byte[] witness)
-    {
-        this.keyGenAlgorithm = keyGenAlgorithm;
-        this.macAlgorithm = macAlgorithm;
-        this.witness = Arrays.clone(witness);
-    }
-
-    private PopLinkWitnessV2(ASN1Sequence seq)
-    {
-        if (seq.size() != 3)
-        {
-            throw new IllegalArgumentException("incorrect sequence size");
-        }
-        this.keyGenAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(0));
-        this.macAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(1));
-        this.witness = Arrays.clone(ASN1OctetString.getInstance(seq.getObjectAt(2)).getOctets());
-    }
-
-    public static PopLinkWitnessV2 getInstance(Object o)
-    {
-        if (o instanceof PopLinkWitnessV2)
-        {
-            return (PopLinkWitnessV2)o;
-        }
-
-        if (o != null)
-        {
-            return new PopLinkWitnessV2(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public AlgorithmIdentifier getKeyGenAlgorithm()
-    {
-        return keyGenAlgorithm;
-    }
-
-    public AlgorithmIdentifier getMacAlgorithm()
-    {
-        return macAlgorithm;
-    }
-
-    public byte[] getWitness()
-    {
-        return Arrays.clone(witness);
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(keyGenAlgorithm);
-        v.add(macAlgorithm);
-        v.add(new DEROctetString(getWitness()));
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/PublishTrustAnchors.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/PublishTrustAnchors.java
deleted file mode 100644
index 1c91110..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/PublishTrustAnchors.java
+++ /dev/null

@@ -1,104 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.Arrays;
-
-/**
- * <pre>
- *
- * PublishTrustAnchors ::= SEQUENCE {
- *     seqNumber      INTEGER,
- *     hashAlgorithm  AlgorithmIdentifier,
- *     anchorHashes     SEQUENCE OF OCTET STRING
- * }
- * </pre>
- */
-public class PublishTrustAnchors
-    extends ASN1Object
-{
-    private final ASN1Integer seqNumber;
-    private final AlgorithmIdentifier hashAlgorithm;
-    private final ASN1Sequence anchorHashes;
-
-    public PublishTrustAnchors(BigInteger seqNumber, AlgorithmIdentifier hashAlgorithm, byte[][] anchorHashes)
-    {
-        this.seqNumber = new ASN1Integer(seqNumber);
-        this.hashAlgorithm = hashAlgorithm;
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        for (int i = 0; i != anchorHashes.length; i++)
-        {
-             v.add(new DEROctetString(Arrays.clone(anchorHashes[i])));
-        }
-        this.anchorHashes = new DERSequence(v);
-    }
-
-    private PublishTrustAnchors(ASN1Sequence seq)
-    {
-        if (seq.size() != 3)
-        {
-            throw new IllegalArgumentException("incorrect sequence size");
-        }
-        this.seqNumber = ASN1Integer.getInstance(seq.getObjectAt(0));
-        this.hashAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(1));
-        this.anchorHashes = ASN1Sequence.getInstance(seq.getObjectAt(2));
-    }
-
-    public static PublishTrustAnchors getInstance(Object o)
-    {
-        if (o instanceof PublishTrustAnchors)
-        {
-            return (PublishTrustAnchors)o;
-        }
-
-        if (o != null)
-        {
-            return new PublishTrustAnchors(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public BigInteger getSeqNumber()
-    {
-        return seqNumber.getValue();
-    }
-
-    public AlgorithmIdentifier getHashAlgorithm()
-    {
-        return hashAlgorithm;
-    }
-
-    public byte[][] getAnchorHashes()
-    {
-        byte[][] hashes = new byte[anchorHashes.size()][];
-
-        for (int i = 0; i != hashes.length; i++)
-        {
-            hashes[i] = Arrays.clone(ASN1OctetString.getInstance(anchorHashes.getObjectAt(i)).getOctets());
-        }
-
-        return hashes;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(seqNumber);
-        v.add(hashAlgorithm);
-        v.add(anchorHashes);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/RevokeRequest.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/RevokeRequest.java
deleted file mode 100644
index 231be26..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/RevokeRequest.java
+++ /dev/null

@@ -1,172 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.CRLReason;
-import org.bouncycastle.util.Arrays;
-
-/**
- * <pre>
- * RevokeRequest ::= SEQUENCE {
- *     issuerName            Name,
- *     serialNumber          INTEGER,
- *     reason                CRLReason,
- *     invalidityDate         GeneralizedTime OPTIONAL,
- *     passphrase            OCTET STRING OPTIONAL,
- *     comment               UTF8String OPTIONAL }
- * </pre>
- */
-public class RevokeRequest
-    extends ASN1Object
-{
-    private final X500Name name;
-    private final ASN1Integer serialNumber;
-    private final CRLReason reason;
-
-    private ASN1GeneralizedTime invalidityDate;
-    private ASN1OctetString passphrase;
-    private DERUTF8String comment;
-
-    public RevokeRequest(X500Name name,
-                         ASN1Integer serialNumber,
-                         CRLReason reason,
-                         ASN1GeneralizedTime invalidityDate,
-                         ASN1OctetString passphrase,
-                         DERUTF8String comment)
-    {
-        this.name = name;
-        this.serialNumber = serialNumber;
-        this.reason = reason;
-        this.invalidityDate = invalidityDate;
-        this.passphrase = passphrase;
-        this.comment = comment;
-    }
-
-    private RevokeRequest(ASN1Sequence seq)
-    {
-        if (seq.size() < 3 || seq.size() > 6)
-        {
-            throw new IllegalArgumentException("incorrect sequence size");
-        }
-        this.name = X500Name.getInstance(seq.getObjectAt(0));
-        this.serialNumber = ASN1Integer.getInstance(seq.getObjectAt(1));
-        this.reason = CRLReason.getInstance(seq.getObjectAt(2));
-
-        int index = 3;
-        if (seq.size() > index && seq.getObjectAt(index).toASN1Primitive() instanceof ASN1GeneralizedTime)
-        {
-            this.invalidityDate = ASN1GeneralizedTime.getInstance(seq.getObjectAt(index++));
-        }
-        if (seq.size() > index && seq.getObjectAt(index).toASN1Primitive() instanceof ASN1OctetString)
-        {
-            this.passphrase = ASN1OctetString.getInstance(seq.getObjectAt(index++));
-        }
-        if (seq.size() > index && seq.getObjectAt(index).toASN1Primitive() instanceof DERUTF8String)
-        {
-            this.comment = DERUTF8String.getInstance(seq.getObjectAt(index));
-        }
-    }
-
-    public static RevokeRequest getInstance(Object o)
-    {
-        if (o instanceof RevokeRequest)
-        {
-            return (RevokeRequest)o;
-        }
-
-        if (o != null)
-        {
-            return new RevokeRequest(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public X500Name getName()
-    {
-        return name;
-    }
-
-    public BigInteger getSerialNumber()
-    {
-        return serialNumber.getValue();
-    }
-
-    public CRLReason getReason()
-    {
-        return reason;
-    }
-
-    public ASN1GeneralizedTime getInvalidityDate()
-    {
-        return invalidityDate;
-    }
-
-    public void setInvalidityDate(ASN1GeneralizedTime invalidityDate)
-    {
-        this.invalidityDate = invalidityDate;
-    }
-
-    public ASN1OctetString getPassphrase()
-    {
-        return passphrase;
-    }
-
-    public void setPassphrase(ASN1OctetString passphrase)
-    {
-        this.passphrase = passphrase;
-    }
-
-    public DERUTF8String getComment()
-    {
-        return comment;
-    }
-
-    public void setComment(DERUTF8String comment)
-    {
-        this.comment = comment;
-    }
-
-    public byte[] getPassPhrase()
-    {
-        if (passphrase != null)
-        {
-            return Arrays.clone(passphrase.getOctets());
-        }
-        return null;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(name);
-        v.add(serialNumber);
-        v.add(reason);
-
-        if (invalidityDate != null)
-        {
-            v.add(invalidityDate);
-        }
-        if (passphrase != null)
-        {
-            v.add(passphrase);
-        }
-        if (comment != null)
-        {
-            v.add(comment);
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/TaggedAttribute.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/TaggedAttribute.java
deleted file mode 100644
index 468f06e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/TaggedAttribute.java
+++ /dev/null

@@ -1,81 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * TaggedAttribute from RFC5272
- * <pre>
- * TaggedAttribute ::= SEQUENCE {
- * bodyPartID         BodyPartID,
- * attrType           OBJECT IDENTIFIER,
- * attrValues         SET OF AttributeValue
- * }
- * </pre>
- */
-public class TaggedAttribute
-    extends ASN1Object
-{
-    private final BodyPartID bodyPartID;
-    private final ASN1ObjectIdentifier attrType;
-    private final ASN1Set attrValues;
-
-    public static TaggedAttribute getInstance(Object o)
-    {
-        if (o instanceof TaggedAttribute)
-        {
-            return (TaggedAttribute)o;
-        }
-
-        if (o != null)
-        {
-            return new TaggedAttribute(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    private TaggedAttribute(ASN1Sequence seq)
-    {
-        if (seq.size() != 3)
-        {
-            throw new IllegalArgumentException("incorrect sequence size");
-        }
-        this.bodyPartID = BodyPartID.getInstance(seq.getObjectAt(0));
-        this.attrType = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(1));
-        this.attrValues = ASN1Set.getInstance(seq.getObjectAt(2));
-    }
-
-    public TaggedAttribute(BodyPartID bodyPartID, ASN1ObjectIdentifier attrType, ASN1Set attrValues)
-    {
-        this.bodyPartID = bodyPartID;
-        this.attrType = attrType;
-        this.attrValues = attrValues;
-    }
-
-    public BodyPartID getBodyPartID()
-    {
-        return bodyPartID;
-    }
-
-    public ASN1ObjectIdentifier getAttrType()
-    {
-        return attrType;
-    }
-
-    public ASN1Set getAttrValues()
-    {
-        return attrValues;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return new DERSequence(new ASN1Encodable[]{bodyPartID, attrType, attrValues});
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/TaggedCertificationRequest.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/TaggedCertificationRequest.java
deleted file mode 100644
index 902b323..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/TaggedCertificationRequest.java
+++ /dev/null

@@ -1,71 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <pre>
- *       TaggedCertificationRequest ::= SEQUENCE {
- *                  bodyPartID            BodyPartID,
- *                  certificationRequest  CertificationRequest
- *       }
- * </pre>
- */
-public class TaggedCertificationRequest
-    extends ASN1Object
-{
-    private final BodyPartID bodyPartID;
-    private final CertificationRequest certificationRequest;
-
-    public TaggedCertificationRequest(BodyPartID bodyPartID, CertificationRequest certificationRequest)
-    {
-        this.bodyPartID = bodyPartID;
-        this.certificationRequest = certificationRequest;
-    }
-
-    private TaggedCertificationRequest(ASN1Sequence seq)
-    {
-        if (seq.size() != 2)
-        {
-            throw new IllegalArgumentException("incorrect sequence size");
-        }
-        this.bodyPartID = BodyPartID.getInstance(seq.getObjectAt(0));
-        this.certificationRequest = CertificationRequest.getInstance(seq.getObjectAt(1));
-    }
-
-    public static TaggedCertificationRequest getInstance(Object o)
-    {
-        if (o instanceof TaggedCertificationRequest)
-        {
-            return (TaggedCertificationRequest)o;
-        }
-
-        if (o != null)
-        {
-            return new TaggedCertificationRequest(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public static TaggedCertificationRequest getInstance(
-        ASN1TaggedObject obj,
-        boolean explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(bodyPartID);
-        v.add(certificationRequest);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/TaggedContentInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/TaggedContentInfo.java
deleted file mode 100644
index ffe39b6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/TaggedContentInfo.java
+++ /dev/null

@@ -1,82 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cms.ContentInfo;
-
-/**
- * <pre>
- * TaggedContentInfo ::= SEQUENCE {
- *       bodyPartID              BodyPartID,
- *       contentInfo             ContentInfo
- * }
- * </pre>
- */
-public class TaggedContentInfo
-    extends ASN1Object
-{
-    private final BodyPartID bodyPartID;
-    private final ContentInfo contentInfo;
-
-    public TaggedContentInfo(BodyPartID bodyPartID, ContentInfo contentInfo)
-    {
-        this.bodyPartID = bodyPartID;
-        this.contentInfo = contentInfo;
-    }
-
-    private TaggedContentInfo(ASN1Sequence seq)
-    {
-        if (seq.size() != 2)
-        {
-            throw new IllegalArgumentException("incorrect sequence size");
-        }
-        this.bodyPartID = BodyPartID.getInstance(seq.getObjectAt(0));
-        this.contentInfo = ContentInfo.getInstance(seq.getObjectAt(1));
-    }
-
-    public static TaggedContentInfo getInstance(Object o)
-    {
-        if (o instanceof TaggedContentInfo)
-        {
-            return (TaggedContentInfo)o;
-        }
-
-        if (o != null)
-        {
-            return new TaggedContentInfo(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public static TaggedContentInfo getInstance(
-        ASN1TaggedObject obj,
-        boolean explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(bodyPartID);
-        v.add(contentInfo);
-
-        return new DERSequence(v);
-    }
-
-    public BodyPartID getBodyPartID()
-    {
-        return bodyPartID;
-    }
-
-    public ContentInfo getContentInfo()
-    {
-        return contentInfo;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/TaggedRequest.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/TaggedRequest.java
deleted file mode 100644
index 4762a42..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/TaggedRequest.java
+++ /dev/null

@@ -1,112 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.crmf.CertReqMsg;
-
-/**
- * <pre>
- *       TaggedRequest ::= CHOICE {
- *             tcr               [0] TaggedCertificationRequest,
- *             crm               [1] CertReqMsg,
- *             orm               [2] SEQUENCE {
- *             bodyPartID            BodyPartID,
- *             requestMessageType    OBJECT IDENTIFIER,
- *             requestMessageValue   ANY DEFINED BY requestMessageType
- *      }
- *  }
- * </pre>
- */
-public class TaggedRequest
-    extends ASN1Object
-    implements ASN1Choice
-{
-    public static final int TCR = 0;
-    public static final int CRM = 1;
-    public static final int ORM = 2;
-
-    private final int tagNo;
-    private final ASN1Encodable value;
-
-    public TaggedRequest(TaggedCertificationRequest tcr)
-    {
-        this.tagNo = TCR;
-        this.value = tcr;
-    }
-
-    public TaggedRequest(CertReqMsg crm)
-    {
-        this.tagNo = CRM;
-        this.value = crm;
-    }
-
-    private TaggedRequest(ASN1Sequence orm)
-    {
-        this.tagNo = ORM;
-        this.value = orm;
-    }
-
-    public static TaggedRequest getInstance(Object obj)
-    {
-        if (obj instanceof TaggedRequest)
-        {
-            return (TaggedRequest)obj;
-        }
-
-        if (obj != null)
-        {
-            if (obj instanceof ASN1Encodable)
-            {
-                ASN1TaggedObject asn1Prim = ASN1TaggedObject.getInstance(((ASN1Encodable)obj).toASN1Primitive());
-
-                switch (asn1Prim.getTagNo())
-                {
-                case 0:
-                    return new TaggedRequest(TaggedCertificationRequest.getInstance(asn1Prim, false));
-                case 1:
-                    return new TaggedRequest(CertReqMsg.getInstance(asn1Prim, false));
-                case 2:
-                    return new TaggedRequest(ASN1Sequence.getInstance(asn1Prim, false));
-                default:
-                    throw new IllegalArgumentException("unknown tag in getInstance(): " + asn1Prim.getTagNo());
-                }
-            }
-            if (obj instanceof byte[])
-            {
-                try
-                {
-                    return getInstance(ASN1Primitive.fromByteArray((byte[])obj));
-                }
-                catch (IOException e)
-                {
-                    throw new IllegalArgumentException("unknown encoding in getInstance()");
-                }
-            }
-            throw new IllegalArgumentException("unknown object in getInstance(): " + obj.getClass().getName());
-        }
-
-        return null;
-    }
-
-    public int getTagNo()
-    {
-        return tagNo;
-    }
-
-    public ASN1Encodable getValue()
-    {
-        return value;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return new DERTaggedObject(false, tagNo, value);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/Utils.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/Utils.java
deleted file mode 100644
index 3b00d29..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/Utils.java
+++ /dev/null

@@ -1,37 +0,0 @@
-package org.bouncycastle.asn1.cmc;
-
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.x509.Extension;
-
-class Utils
-{
-    static BodyPartID[] toBodyPartIDArray(ASN1Sequence bodyPartIDs)
-    {
-        BodyPartID[] ids = new BodyPartID[bodyPartIDs.size()];
-
-        for (int i = 0; i != bodyPartIDs.size(); i++)
-        {
-            ids[i] = BodyPartID.getInstance(bodyPartIDs.getObjectAt(i));
-        }
-
-        return ids;
-    }
-
-    static BodyPartID[] clone(BodyPartID[] ids)
-    {
-        BodyPartID[] tmp = new BodyPartID[ids.length];
-
-        System.arraycopy(ids, 0, tmp, 0, ids.length);
-
-        return tmp;
-    }
-
-    static Extension[] clone(Extension[] ids)
-    {
-        Extension[] tmp = new Extension[ids.length];
-
-        System.arraycopy(ids, 0, tmp, 0, ids.length);
-
-        return tmp;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/cmc/package.html
deleted file mode 100644
index 62fe6ce..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmc/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes for Certificate Management over CMS (CMC) - RFC 5272 and RFC 6402.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CAKeyUpdAnnContent.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CAKeyUpdAnnContent.java
deleted file mode 100644
index 41ebd51..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CAKeyUpdAnnContent.java
+++ /dev/null

@@ -1,80 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-public class CAKeyUpdAnnContent
-    extends ASN1Object
-{
-    private CMPCertificate oldWithNew;
-    private CMPCertificate newWithOld;
-    private CMPCertificate newWithNew;
-
-    private CAKeyUpdAnnContent(ASN1Sequence seq)
-    {
-        oldWithNew = CMPCertificate.getInstance(seq.getObjectAt(0));
-        newWithOld = CMPCertificate.getInstance(seq.getObjectAt(1));
-        newWithNew = CMPCertificate.getInstance(seq.getObjectAt(2));
-    }
-
-    public static CAKeyUpdAnnContent getInstance(Object o)
-    {
-        if (o instanceof CAKeyUpdAnnContent)
-        {
-            return (CAKeyUpdAnnContent)o;
-        }
-
-        if (o != null)
-        {
-            return new CAKeyUpdAnnContent(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public CAKeyUpdAnnContent(CMPCertificate oldWithNew, CMPCertificate newWithOld, CMPCertificate newWithNew)
-    {
-        this.oldWithNew = oldWithNew;
-        this.newWithOld = newWithOld;
-        this.newWithNew = newWithNew;
-    }
-
-    public CMPCertificate getOldWithNew()
-    {
-        return oldWithNew;
-    }
-
-    public CMPCertificate getNewWithOld()
-    {
-        return newWithOld;
-    }
-
-    public CMPCertificate getNewWithNew()
-    {
-        return newWithNew;
-    }
-
-    /**
-     * <pre>
-     * CAKeyUpdAnnContent ::= SEQUENCE {
-     *                             oldWithNew   CMPCertificate, -- old pub signed with new priv
-     *                             newWithOld   CMPCertificate, -- new pub signed with old priv
-     *                             newWithNew   CMPCertificate  -- new pub signed with new priv
-     *  }
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(oldWithNew);
-        v.add(newWithOld);
-        v.add(newWithNew);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CMPCertificate.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CMPCertificate.java
deleted file mode 100644
index 782c8c2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CMPCertificate.java
+++ /dev/null

@@ -1,141 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x509.AttributeCertificate;
-import org.bouncycastle.asn1.x509.Certificate;
-
-public class CMPCertificate
-    extends ASN1Object
-    implements ASN1Choice
-{
-    private Certificate x509v3PKCert;
-
-    private int        otherTagValue;
-    private ASN1Object otherCert;
-
-    /**
-     * Note: the addition of attribute certificates is a BC extension. If you use this constructor they
-     * will be added with a tag value of 1.
-     * @deprecated use (type. otherCert) constructor
-     */
-    public CMPCertificate(AttributeCertificate x509v2AttrCert)
-    {
-        this(1, x509v2AttrCert);
-    }
-
-    /**
-     * Note: the addition of other certificates is a BC extension. If you use this constructor they
-     * will be added with an explicit tag value of type.
-     *
-     * @param type the type of the certificate (used as a tag value).
-     * @param otherCert the object representing the certificate
-     */
-    public CMPCertificate(int type, ASN1Object otherCert)
-    {
-        this.otherTagValue = type;
-        this.otherCert = otherCert;
-    }
-
-    public CMPCertificate(Certificate x509v3PKCert)
-    {
-        if (x509v3PKCert.getVersionNumber() != 3)
-        {
-            throw new IllegalArgumentException("only version 3 certificates allowed");
-        }
-
-        this.x509v3PKCert = x509v3PKCert;
-    }
-
-    public static CMPCertificate getInstance(Object o)
-    {
-        if (o == null || o instanceof CMPCertificate)
-        {
-            return (CMPCertificate)o;
-        }
-
-        if (o instanceof byte[])
-        {
-            try
-            {
-                o = ASN1Primitive.fromByteArray((byte[])o);
-            }
-            catch (IOException e)
-            {
-                throw new IllegalArgumentException("Invalid encoding in CMPCertificate");
-            }
-        }
-
-        if (o instanceof ASN1Sequence)
-        {
-            return new CMPCertificate(Certificate.getInstance(o));
-        }
-
-        if (o instanceof ASN1TaggedObject)
-        {
-            ASN1TaggedObject taggedObject = (ASN1TaggedObject)o;
-
-            return new CMPCertificate(taggedObject.getTagNo(), taggedObject.getObject());
-        }
-
-        throw new IllegalArgumentException("Invalid object: " + o.getClass().getName());
-    }
-
-    public boolean isX509v3PKCert()
-    {
-         return x509v3PKCert != null;
-    }
-
-    public Certificate getX509v3PKCert()
-    {
-        return x509v3PKCert;
-    }
-
-    /**
-     * Return an AttributeCertificate interpretation of otherCert.
-     * @deprecated use getOtherCert and getOtherTag to make sure message is really what it should be.
-     *
-     * @return  an AttributeCertificate
-     */
-    public AttributeCertificate getX509v2AttrCert()
-    {
-        return AttributeCertificate.getInstance(otherCert);
-    }
-
-    public int getOtherCertTag()
-    {
-        return otherTagValue;
-    }
-
-    public ASN1Object getOtherCert()
-    {
-        return otherCert;
-    }
-
-    /**
-     * <pre>
-     * CMPCertificate ::= CHOICE {
-     *            x509v3PKCert    Certificate
-     *            otherCert      [tag] EXPLICIT ANY DEFINED BY tag
-     *  }
-     * </pre>
-     * Note: the addition of the explicit tagging is a BC extension. We apologise for the warped syntax, but hopefully you get the idea.
-     *
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        if (otherCert != null)
-        {        // explicit following CMP conventions
-            return new DERTaggedObject(true, otherTagValue, otherCert);
-        }
-
-        return x509v3PKCert.toASN1Primitive();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CMPObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CMPObjectIdentifiers.java
deleted file mode 100644
index 51aba65..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CMPObjectIdentifiers.java
+++ /dev/null

@@ -1,141 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-
-public interface CMPObjectIdentifiers
-{
-    // RFC 4210
-
-    /** id-PasswordBasedMac OBJECT IDENTIFIER ::= {1 2 840 113533 7 66 13} */
-    static final ASN1ObjectIdentifier    passwordBasedMac        = new ASN1ObjectIdentifier("1.2.840.113533.7.66.13");
-
-    /** id-DHBasedMac OBJECT IDENTIFIER ::= {1 2 840 113533 7 66 30} */
-    static final ASN1ObjectIdentifier    dhBasedMac              = new ASN1ObjectIdentifier("1.2.840.113533.7.66.30");
-
-    // Example InfoTypeAndValue contents include, but are not limited
-    // to, the following (un-comment in this ASN.1 module and use as
-    // appropriate for a given environment):
-    //
-    //   id-it-caProtEncCert    OBJECT IDENTIFIER ::= {id-it 1}
-    //      CAProtEncCertValue      ::= CMPCertificate
-    //   id-it-signKeyPairTypes OBJECT IDENTIFIER ::= {id-it 2}
-    //      SignKeyPairTypesValue   ::= SEQUENCE OF AlgorithmIdentifier
-    //   id-it-encKeyPairTypes  OBJECT IDENTIFIER ::= {id-it 3}
-    //      EncKeyPairTypesValue    ::= SEQUENCE OF AlgorithmIdentifier
-    //   id-it-preferredSymmAlg OBJECT IDENTIFIER ::= {id-it 4}
-    //      PreferredSymmAlgValue   ::= AlgorithmIdentifier
-    //   id-it-caKeyUpdateInfo  OBJECT IDENTIFIER ::= {id-it 5}
-    //      CAKeyUpdateInfoValue    ::= CAKeyUpdAnnContent
-    //   id-it-currentCRL       OBJECT IDENTIFIER ::= {id-it 6}
-    //      CurrentCRLValue         ::= CertificateList
-    //   id-it-unsupportedOIDs  OBJECT IDENTIFIER ::= {id-it 7}
-    //      UnsupportedOIDsValue    ::= SEQUENCE OF OBJECT IDENTIFIER
-    //   id-it-keyPairParamReq  OBJECT IDENTIFIER ::= {id-it 10}
-    //      KeyPairParamReqValue    ::= OBJECT IDENTIFIER
-    //   id-it-keyPairParamRep  OBJECT IDENTIFIER ::= {id-it 11}
-    //      KeyPairParamRepValue    ::= AlgorithmIdentifer
-    //   id-it-revPassphrase    OBJECT IDENTIFIER ::= {id-it 12}
-    //      RevPassphraseValue      ::= EncryptedValue
-    //   id-it-implicitConfirm  OBJECT IDENTIFIER ::= {id-it 13}
-    //      ImplicitConfirmValue    ::= NULL
-    //   id-it-confirmWaitTime  OBJECT IDENTIFIER ::= {id-it 14}
-    //      ConfirmWaitTimeValue    ::= GeneralizedTime
-    //   id-it-origPKIMessage   OBJECT IDENTIFIER ::= {id-it 15}
-    //      OrigPKIMessageValue     ::= PKIMessages
-    //   id-it-suppLangTags     OBJECT IDENTIFIER ::= {id-it 16}
-    //      SuppLangTagsValue       ::= SEQUENCE OF UTF8String
-    //
-    // where
-    //
-    //   id-pkix OBJECT IDENTIFIER ::= {
-    //      iso(1) identified-organization(3)
-    //      dod(6) internet(1) security(5) mechanisms(5) pkix(7)}
-    // and
-    //   id-it   OBJECT IDENTIFIER ::= {id-pkix 4}
-
-    /** RFC 4120: it-id: PKIX.4 = 1.3.6.1.5.5.7.4 */
-
-    /** RFC 4120: 1.3.6.1.5.5.7.4.1 */
-    static final ASN1ObjectIdentifier    it_caProtEncCert        = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.1");
-    /** RFC 4120: 1.3.6.1.5.5.7.4.2 */
-    static final ASN1ObjectIdentifier    it_signKeyPairTypes     = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.2");
-    /** RFC 4120: 1.3.6.1.5.5.7.4.3 */
-    static final ASN1ObjectIdentifier    it_encKeyPairTypes      = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.3");
-    /** RFC 4120: 1.3.6.1.5.5.7.4.4 */
-    static final ASN1ObjectIdentifier    it_preferredSymAlg      = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.4");
-    /** RFC 4120: 1.3.6.1.5.5.7.4.5 */
-    static final ASN1ObjectIdentifier    it_caKeyUpdateInfo      = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.5");
-    /** RFC 4120: 1.3.6.1.5.5.7.4.6 */
-    static final ASN1ObjectIdentifier    it_currentCRL           = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.6");
-    /** RFC 4120: 1.3.6.1.5.5.7.4.7 */
-    static final ASN1ObjectIdentifier    it_unsupportedOIDs      = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.7");
-    /** RFC 4120: 1.3.6.1.5.5.7.4.10 */
-    static final ASN1ObjectIdentifier    it_keyPairParamReq      = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.10");
-    /** RFC 4120: 1.3.6.1.5.5.7.4.11 */
-    static final ASN1ObjectIdentifier    it_keyPairParamRep      = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.11");
-    /** RFC 4120: 1.3.6.1.5.5.7.4.12 */
-    static final ASN1ObjectIdentifier    it_revPassphrase        = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.12");
-    /** RFC 4120: 1.3.6.1.5.5.7.4.13 */
-    static final ASN1ObjectIdentifier    it_implicitConfirm      = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.13");
-    /** RFC 4120: 1.3.6.1.5.5.7.4.14 */
-    static final ASN1ObjectIdentifier    it_confirmWaitTime      = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.14");
-    /** RFC 4120: 1.3.6.1.5.5.7.4.15 */
-    static final ASN1ObjectIdentifier    it_origPKIMessage       = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.15");
-    /** RFC 4120: 1.3.6.1.5.5.7.4.16 */
-    static final ASN1ObjectIdentifier    it_suppLangTags         = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.4.16");
-
-    // RFC 4211
-
-    // id-pkix  OBJECT IDENTIFIER  ::= { iso(1) identified-organization(3)
-    //     dod(6) internet(1) security(5) mechanisms(5) pkix(7) }
-    //
-    // arc for Internet X.509 PKI protocols and their components
-    // id-pkip  OBJECT IDENTIFIER :: { id-pkix pkip(5) }
-    //
-    // arc for Registration Controls in CRMF
-    // id-regCtrl  OBJECT IDENTIFIER ::= { id-pkip regCtrl(1) }
-    //
-    // arc for Registration Info in CRMF
-    // id-regInfo       OBJECT IDENTIFIER ::= { id-pkip id-regInfo(2) }
-
-    /** RFC 4211: it-pkip: PKIX.5 = 1.3.6.1.5.5.7.5 */
-    static final ASN1ObjectIdentifier    id_pkip                 = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.5");
-
-    /** RFC 4211: it-regCtrl: 1.3.6.1.5.5.7.5.1 */
-    static final ASN1ObjectIdentifier    id_regCtrl              = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.5.1");
-    /** RFC 4211: it-regInfo: 1.3.6.1.5.5.7.5.2 */
-    static final ASN1ObjectIdentifier    id_regInfo              = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.5.2");
-
-
-    /** 1.3.6.1.5.5.7.5.1.1 */
-    static final ASN1ObjectIdentifier    regCtrl_regToken        = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.5.1.1");
-    /** 1.3.6.1.5.5.7.5.1.2 */
-    static final ASN1ObjectIdentifier    regCtrl_authenticator   = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.5.1.2");
-    /** 1.3.6.1.5.5.7.5.1.3 */
-    static final ASN1ObjectIdentifier    regCtrl_pkiPublicationInfo = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.5.1.3");
-    /** 1.3.6.1.5.5.7.5.1.4 */
-    static final ASN1ObjectIdentifier    regCtrl_pkiArchiveOptions  = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.5.1.4");
-    /** 1.3.6.1.5.5.7.5.1.5 */
-    static final ASN1ObjectIdentifier    regCtrl_oldCertID       = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.5.1.5");
-    /** 1.3.6.1.5.5.7.5.1.6 */
-    static final ASN1ObjectIdentifier    regCtrl_protocolEncrKey = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.5.1.6");
-
-    /** From RFC4210:
-     * id-regCtrl-altCertTemplate OBJECT IDENTIFIER ::= {id-regCtrl 7}; 1.3.6.1.5.5.7.1.7 */
-    static final ASN1ObjectIdentifier    regCtrl_altCertTemplate = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.5.1.7");
-
-    /** RFC 4211: it-regInfo-utf8Pairs: 1.3.6.1.5.5.7.5.2.1 */
-    static final ASN1ObjectIdentifier    regInfo_utf8Pairs       = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.5.2.1");
-    /** RFC 4211: it-regInfo-certReq: 1.3.6.1.5.5.7.5.2.1 */
-    static final ASN1ObjectIdentifier    regInfo_certReq         = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.5.2.2");
-
-    /**
-     * 1.2.840.113549.1.9.16.1.21
-     * <p>
-     * id-ct   OBJECT IDENTIFIER ::= { id-smime  1 }  -- content types
-     * <p>
-     * id-ct-encKeyWithID OBJECT IDENTIFIER ::= {id-ct 21}
-     */
-    static final ASN1ObjectIdentifier    ct_encKeyWithID         = new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.1.21");
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CRLAnnContent.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CRLAnnContent.java
deleted file mode 100644
index 10948ae..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CRLAnnContent.java
+++ /dev/null

@@ -1,61 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.CertificateList;
-
-public class CRLAnnContent
-    extends ASN1Object
-{
-    private ASN1Sequence content;
-
-    private CRLAnnContent(ASN1Sequence seq)
-    {
-        content = seq;
-    }
-
-    public static CRLAnnContent getInstance(Object o)
-    {
-        if (o instanceof CRLAnnContent)
-        {
-            return (CRLAnnContent)o;
-        }
-
-        if (o != null)
-        {
-            return new CRLAnnContent(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public CRLAnnContent(CertificateList crl)
-    {
-        this.content = new DERSequence(crl);
-    }
-
-    public CertificateList[] getCertificateLists()
-    {
-        CertificateList[] result = new CertificateList[content.size()];
-
-        for (int i = 0; i != result.length; i++)
-        {
-            result[i] = CertificateList.getInstance(content.getObjectAt(i));
-        }
-
-        return result;
-    }
-
-    /**
-     * <pre>
-     * CRLAnnContent ::= SEQUENCE OF CertificateList
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return content;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CertConfirmContent.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CertConfirmContent.java
deleted file mode 100644
index e4d786f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CertConfirmContent.java
+++ /dev/null

@@ -1,54 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-
-public class CertConfirmContent
-    extends ASN1Object
-{
-    private ASN1Sequence content;
-
-    private CertConfirmContent(ASN1Sequence seq)
-    {
-        content = seq;
-    }
-
-    public static CertConfirmContent getInstance(Object o)
-    {
-        if (o instanceof CertConfirmContent)
-        {
-            return (CertConfirmContent)o;
-        }
-
-        if (o != null)
-        {
-            return new CertConfirmContent(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public CertStatus[] toCertStatusArray()
-    {
-        CertStatus[] result = new CertStatus[content.size()];
-
-        for (int i = 0; i != result.length; i++)
-        {
-            result[i] = CertStatus.getInstance(content.getObjectAt(i));
-        }
-
-        return result;
-    }
-    
-    /**
-     * <pre>
-     * CertConfirmContent ::= SEQUENCE OF CertStatus
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return content;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CertOrEncCert.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CertOrEncCert.java
deleted file mode 100644
index b94a79c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CertOrEncCert.java
+++ /dev/null

@@ -1,96 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.crmf.EncryptedValue;
-
-public class CertOrEncCert
-    extends ASN1Object
-    implements ASN1Choice
-{
-    private CMPCertificate certificate;
-    private EncryptedValue encryptedCert;
-
-    private CertOrEncCert(ASN1TaggedObject tagged)
-    {
-        if (tagged.getTagNo() == 0)
-        {
-            certificate = CMPCertificate.getInstance(tagged.getObject());
-        }
-        else if (tagged.getTagNo() == 1)
-        {
-            encryptedCert = EncryptedValue.getInstance(tagged.getObject());
-        }
-        else
-        {
-            throw new IllegalArgumentException("unknown tag: " + tagged.getTagNo());
-        }
-    }
-
-    public static CertOrEncCert getInstance(Object o)
-    {
-        if (o instanceof CertOrEncCert)
-        {
-            return (CertOrEncCert)o;
-        }
-
-        if (o instanceof ASN1TaggedObject)
-        {
-            return new CertOrEncCert((ASN1TaggedObject)o);
-        }
-
-        return null;
-    }
-
-    public CertOrEncCert(CMPCertificate certificate)
-    {
-        if (certificate == null)
-        {
-            throw new IllegalArgumentException("'certificate' cannot be null");
-        }
-
-        this.certificate = certificate;
-    }
-
-    public CertOrEncCert(EncryptedValue encryptedCert)
-    {
-        if (encryptedCert == null)
-        {
-            throw new IllegalArgumentException("'encryptedCert' cannot be null");
-        }
-
-        this.encryptedCert = encryptedCert;
-    }
-
-    public CMPCertificate getCertificate()
-    {
-        return certificate;
-    }
-
-    public EncryptedValue getEncryptedCert()
-    {
-        return encryptedCert;
-    }
-
-    /**
-     * <pre>
-     * CertOrEncCert ::= CHOICE {
-     *                      certificate     [0] CMPCertificate,
-     *                      encryptedCert   [1] EncryptedValue
-     *           }
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        if (certificate != null)
-        {
-            return new DERTaggedObject(true, 0, certificate);
-        }
-
-        return new DERTaggedObject(true, 1, encryptedCert);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CertRepMessage.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CertRepMessage.java
deleted file mode 100644
index 6180796..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CertRepMessage.java
+++ /dev/null

@@ -1,123 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-
-public class CertRepMessage
-    extends ASN1Object
-{
-    private ASN1Sequence caPubs;
-    private ASN1Sequence response;
-
-    private CertRepMessage(ASN1Sequence seq)
-    {
-        int index = 0;
-
-        if (seq.size() > 1)
-        {
-            caPubs = ASN1Sequence.getInstance((ASN1TaggedObject)seq.getObjectAt(index++), true);
-        }
-
-        response = ASN1Sequence.getInstance(seq.getObjectAt(index));
-    }
-
-    public static CertRepMessage getInstance(Object o)
-    {
-        if (o instanceof CertRepMessage)
-        {
-            return (CertRepMessage)o;
-        }
-
-        if (o != null)
-        {
-            return new CertRepMessage(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public CertRepMessage(CMPCertificate[] caPubs, CertResponse[] response)
-    {
-        if (response == null)
-        {
-            throw new IllegalArgumentException("'response' cannot be null");
-        }
-
-        if (caPubs != null)
-        {
-            ASN1EncodableVector v = new ASN1EncodableVector();
-            for (int i = 0; i < caPubs.length; i++)
-            {
-                v.add(caPubs[i]);
-            }
-            this.caPubs = new DERSequence(v);
-        }
-
-        {
-            ASN1EncodableVector v = new ASN1EncodableVector();
-            for (int i = 0; i < response.length; i++)
-            {
-                v.add(response[i]);
-            }
-            this.response = new DERSequence(v);
-        }
-    }
-
-    public CMPCertificate[] getCaPubs()
-    {
-        if (caPubs == null)
-        {
-            return null;
-        }
-
-        CMPCertificate[] results = new CMPCertificate[caPubs.size()];
-
-        for (int i = 0; i != results.length; i++)
-        {
-            results[i] = CMPCertificate.getInstance(caPubs.getObjectAt(i));
-        }
-
-        return results;
-    }
-
-    public CertResponse[] getResponse()
-    {
-        CertResponse[] results = new CertResponse[response.size()];
-
-        for (int i = 0; i != results.length; i++)
-        {
-            results[i] = CertResponse.getInstance(response.getObjectAt(i));
-        }
-
-        return results;
-    }
-
-    /**
-     * <pre>
-     * CertRepMessage ::= SEQUENCE {
-     *                          caPubs       [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate
-     *                                                                             OPTIONAL,
-     *                          response         SEQUENCE OF CertResponse
-     * }
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        if (caPubs != null)
-        {
-            v.add(new DERTaggedObject(true, 1, caPubs));
-        }
-
-        v.add(response);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CertResponse.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CertResponse.java
deleted file mode 100644
index 794e7bd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CertResponse.java
+++ /dev/null

@@ -1,139 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-public class CertResponse
-    extends ASN1Object
-{
-    private ASN1Integer certReqId;
-    private PKIStatusInfo status;
-    private CertifiedKeyPair certifiedKeyPair;
-    private ASN1OctetString rspInfo;
-
-    private CertResponse(ASN1Sequence seq)
-    {
-        certReqId = ASN1Integer.getInstance(seq.getObjectAt(0));
-        status = PKIStatusInfo.getInstance(seq.getObjectAt(1));
-
-        if (seq.size() >= 3)
-        {
-            if (seq.size() == 3)
-            {
-                ASN1Encodable o = seq.getObjectAt(2);
-                if (o instanceof ASN1OctetString)
-                {
-                    rspInfo = ASN1OctetString.getInstance(o);
-                }
-                else
-                {
-                    certifiedKeyPair = CertifiedKeyPair.getInstance(o);
-                }
-            }
-            else
-            {
-                certifiedKeyPair = CertifiedKeyPair.getInstance(seq.getObjectAt(2));
-                rspInfo = ASN1OctetString.getInstance(seq.getObjectAt(3));
-            }
-        }
-    }
-
-    public static CertResponse getInstance(Object o)
-    {
-        if (o instanceof CertResponse)
-        {
-            return (CertResponse)o;
-        }
-
-        if (o != null)
-        {
-            return new CertResponse(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public CertResponse(
-        ASN1Integer certReqId,
-        PKIStatusInfo status)
-    {
-        this(certReqId, status, null, null);
-    }
-
-    public CertResponse(
-        ASN1Integer certReqId,
-        PKIStatusInfo status,
-        CertifiedKeyPair certifiedKeyPair,
-        ASN1OctetString rspInfo)
-    {
-        if (certReqId == null)
-        {
-            throw new IllegalArgumentException("'certReqId' cannot be null");
-        }
-        if (status == null)
-        {
-            throw new IllegalArgumentException("'status' cannot be null");
-        }
-        this.certReqId = certReqId;
-        this.status = status;
-        this.certifiedKeyPair = certifiedKeyPair;
-        this.rspInfo = rspInfo;
-    }
-
-    public ASN1Integer getCertReqId()
-    {
-        return certReqId;
-    }
-
-    public PKIStatusInfo getStatus()
-    {
-        return status;
-    }
-
-    public CertifiedKeyPair getCertifiedKeyPair()
-    {
-        return certifiedKeyPair;
-    }
-
-    /**
-     * <pre>
-     * CertResponse ::= SEQUENCE {
-     *                            certReqId           INTEGER,
-     *                            -- to match this response with corresponding request (a value
-     *                            -- of -1 is to be used if certReqId is not specified in the
-     *                            -- corresponding request)
-     *                            status              PKIStatusInfo,
-     *                            certifiedKeyPair    CertifiedKeyPair    OPTIONAL,
-     *                            rspInfo             OCTET STRING        OPTIONAL
-     *                            -- analogous to the id-regInfo-utf8Pairs string defined
-     *                            -- for regInfo in CertReqMsg [CRMF]
-     *             }
-     * </pre> 
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(certReqId);
-        v.add(status);
-
-        if (certifiedKeyPair != null)
-        {
-            v.add(certifiedKeyPair);
-        }
-
-        if (rspInfo != null)
-        {
-            v.add(rspInfo);
-        }
-        
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CertStatus.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CertStatus.java
deleted file mode 100644
index c92b2a2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CertStatus.java
+++ /dev/null

@@ -1,102 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-
-public class CertStatus
-    extends ASN1Object
-{
-    private ASN1OctetString certHash;
-    private ASN1Integer certReqId;
-    private PKIStatusInfo statusInfo;
-
-    private CertStatus(ASN1Sequence seq)
-    {
-        certHash = ASN1OctetString.getInstance(seq.getObjectAt(0));
-        certReqId = ASN1Integer.getInstance(seq.getObjectAt(1));
-
-        if (seq.size() > 2)
-        {
-            statusInfo = PKIStatusInfo.getInstance(seq.getObjectAt(2));
-        }
-    }
-
-    public CertStatus(byte[] certHash, BigInteger certReqId)
-    {
-        this.certHash = new DEROctetString(certHash);
-        this.certReqId = new ASN1Integer(certReqId);
-    }
-
-    public CertStatus(byte[] certHash, BigInteger certReqId, PKIStatusInfo statusInfo)
-    {
-        this.certHash = new DEROctetString(certHash);
-        this.certReqId = new ASN1Integer(certReqId);
-        this.statusInfo = statusInfo;
-    }
-
-    public static CertStatus getInstance(Object o)
-    {
-        if (o instanceof CertStatus)
-        {
-            return (CertStatus)o;
-        }
-
-        if (o != null)
-        {
-            return new CertStatus(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public ASN1OctetString getCertHash()
-    {
-        return certHash;
-    }
-
-    public ASN1Integer getCertReqId()
-    {
-        return certReqId;
-    }
-
-    public PKIStatusInfo getStatusInfo()
-    {
-        return statusInfo;
-    }
-
-    /**
-     * <pre>
-     * CertStatus ::= SEQUENCE {
-     *                   certHash    OCTET STRING,
-     *                   -- the hash of the certificate, using the same hash algorithm
-     *                   -- as is used to create and verify the certificate signature
-     *                   certReqId   INTEGER,
-     *                   -- to match this confirmation with the corresponding req/rep
-     *                   statusInfo  PKIStatusInfo OPTIONAL
-     * }
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(certHash);
-        v.add(certReqId);
-
-        if (statusInfo != null)
-        {
-            v.add(statusInfo);
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CertifiedKeyPair.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CertifiedKeyPair.java
deleted file mode 100644
index e80d573..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/CertifiedKeyPair.java
+++ /dev/null

@@ -1,130 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.crmf.EncryptedValue;
-import org.bouncycastle.asn1.crmf.PKIPublicationInfo;
-
-/**
- * <pre>
- * CertifiedKeyPair ::= SEQUENCE {
- *                                  certOrEncCert       CertOrEncCert,
- *                                  privateKey      [0] EncryptedValue      OPTIONAL,
- *                                  -- see [CRMF] for comment on encoding
- *                                  publicationInfo [1] PKIPublicationInfo  OPTIONAL
- *       }
- * </pre>
- */
-public class CertifiedKeyPair
-    extends ASN1Object
-{
-    private CertOrEncCert certOrEncCert;
-    private EncryptedValue privateKey;
-    private PKIPublicationInfo  publicationInfo;
-
-    private CertifiedKeyPair(ASN1Sequence seq)
-    {
-        certOrEncCert = CertOrEncCert.getInstance(seq.getObjectAt(0));
-
-        if (seq.size() >= 2)
-        {
-            if (seq.size() == 2)
-            {
-                ASN1TaggedObject tagged = ASN1TaggedObject.getInstance(seq.getObjectAt(1));
-                if (tagged.getTagNo() == 0)
-                {
-                    privateKey = EncryptedValue.getInstance(tagged.getObject());
-                }
-                else
-                {
-                    publicationInfo = PKIPublicationInfo.getInstance(tagged.getObject());
-                }
-            }
-            else
-            {
-                privateKey = EncryptedValue.getInstance(ASN1TaggedObject.getInstance(seq.getObjectAt(1)).getObject());
-                publicationInfo = PKIPublicationInfo.getInstance(ASN1TaggedObject.getInstance(seq.getObjectAt(2)).getObject());
-            }
-        }
-    }
-
-    public static CertifiedKeyPair getInstance(Object o)
-    {
-        if (o instanceof CertifiedKeyPair)
-        {
-            return (CertifiedKeyPair)o;
-        }
-
-        if (o != null)
-        {
-            return new CertifiedKeyPair(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public CertifiedKeyPair(
-        CertOrEncCert certOrEncCert)
-    {
-        this(certOrEncCert, null, null);
-    }
-
-    public CertifiedKeyPair(
-        CertOrEncCert certOrEncCert,
-        EncryptedValue privateKey,
-        PKIPublicationInfo  publicationInfo)
-    {
-        if (certOrEncCert == null)
-        {
-            throw new IllegalArgumentException("'certOrEncCert' cannot be null");
-        }
-
-        this.certOrEncCert = certOrEncCert;
-        this.privateKey = privateKey;
-        this.publicationInfo = publicationInfo;
-    }
-
-    public CertOrEncCert getCertOrEncCert()
-    {
-        return certOrEncCert;
-    }
-
-    public EncryptedValue getPrivateKey()
-    {
-        return privateKey;
-    }
-
-    public PKIPublicationInfo getPublicationInfo()
-    {
-        return publicationInfo;
-    }
-
-    /**
-     * Return the primitive representation of PKIPublicationInfo.
-     *
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(certOrEncCert);
-
-        if (privateKey != null)
-        {
-            v.add(new DERTaggedObject(true, 0, privateKey));
-        }
-
-        if (publicationInfo != null)
-        {
-            v.add(new DERTaggedObject(true, 1, publicationInfo));
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/Challenge.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/Challenge.java
deleted file mode 100644
index 60eb1ba..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/Challenge.java
+++ /dev/null

@@ -1,120 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-public class Challenge
-    extends ASN1Object
-{
-    private AlgorithmIdentifier owf;
-    private ASN1OctetString witness;
-    private ASN1OctetString challenge;
-
-    private Challenge(ASN1Sequence seq)
-    {
-        int index = 0;
-
-        if (seq.size() == 3)
-        {
-            owf = AlgorithmIdentifier.getInstance(seq.getObjectAt(index++));
-        }
-
-        witness = ASN1OctetString.getInstance(seq.getObjectAt(index++));
-        challenge = ASN1OctetString.getInstance(seq.getObjectAt(index));
-    }
-
-    public static Challenge getInstance(Object o)
-    {
-        if (o instanceof Challenge)
-        {
-            return (Challenge)o;
-        }
-
-        if (o != null)
-        {
-            return new Challenge(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public Challenge(byte[] witness, byte[] challenge)
-    {
-        this(null, witness, challenge);
-    }
-
-    public Challenge(AlgorithmIdentifier owf, byte[] witness, byte[] challenge)
-    {
-        this.owf = owf;
-        this.witness = new DEROctetString(witness);
-        this.challenge = new DEROctetString(challenge);
-    }
-
-    public AlgorithmIdentifier getOwf()
-    {
-        return owf;
-    }
-
-    public byte[] getWitness()
-    {
-        return witness.getOctets();
-    }
-
-    public byte[] getChallenge()
-    {
-        return challenge.getOctets();
-    }
-
-    /**
-     * <pre>
-     * Challenge ::= SEQUENCE {
-     *                 owf                 AlgorithmIdentifier  OPTIONAL,
-     *
-     *                 -- MUST be present in the first Challenge; MAY be omitted in
-     *                 -- any subsequent Challenge in POPODecKeyChallContent (if
-     *                 -- omitted, then the owf used in the immediately preceding
-     *                 -- Challenge is to be used).
-     *
-     *                 witness             OCTET STRING,
-     *                 -- the result of applying the one-way function (owf) to a
-     *                 -- randomly-generated INTEGER, A.  [Note that a different
-     *                 -- INTEGER MUST be used for each Challenge.]
-     *                 challenge           OCTET STRING
-     *                 -- the encryption (under the public key for which the cert.
-     *                 -- request is being made) of Rand, where Rand is specified as
-     *                 --   Rand ::= SEQUENCE {
-     *                 --      int      INTEGER,
-     *                 --       - the randomly-generated INTEGER A (above)
-     *                 --      sender   GeneralName
-     *                 --       - the sender's name (as included in PKIHeader)
-     *                 --   }
-     *      }
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        addOptional(v, owf);
-        v.add(witness);
-        v.add(challenge);
-
-        return new DERSequence(v);
-    }
-
-    private void addOptional(ASN1EncodableVector v, ASN1Encodable obj)
-    {
-        if (obj != null)
-        {
-            v.add(obj);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/ErrorMsgContent.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/ErrorMsgContent.java
deleted file mode 100644
index 5dc1ac3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/ErrorMsgContent.java
+++ /dev/null

@@ -1,121 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-public class ErrorMsgContent
-    extends ASN1Object
-{
-    private PKIStatusInfo pkiStatusInfo;
-    private ASN1Integer errorCode;
-    private PKIFreeText errorDetails;
-
-    private ErrorMsgContent(ASN1Sequence seq)
-    {
-        Enumeration en = seq.getObjects();
-
-        pkiStatusInfo = PKIStatusInfo.getInstance(en.nextElement());
-
-        while (en.hasMoreElements())
-        {
-            Object o = en.nextElement();
-
-            if (o instanceof ASN1Integer)
-            {
-                errorCode = ASN1Integer.getInstance(o);
-            }
-            else
-            {
-                errorDetails = PKIFreeText.getInstance(o);
-            }
-        }
-    }
-
-    public static ErrorMsgContent getInstance(Object o)
-    {
-        if (o instanceof ErrorMsgContent)
-        {
-            return (ErrorMsgContent)o;
-        }
-
-        if (o != null)
-        {
-            return new ErrorMsgContent(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public ErrorMsgContent(PKIStatusInfo pkiStatusInfo)
-    {
-        this(pkiStatusInfo, null, null);
-    }
-
-    public ErrorMsgContent(
-        PKIStatusInfo pkiStatusInfo,
-        ASN1Integer errorCode,
-        PKIFreeText errorDetails)
-    {
-        if (pkiStatusInfo == null)
-        {
-            throw new IllegalArgumentException("'pkiStatusInfo' cannot be null");
-        }
-
-        this.pkiStatusInfo = pkiStatusInfo;
-        this.errorCode = errorCode;
-        this.errorDetails = errorDetails;
-    }
-
-    public PKIStatusInfo getPKIStatusInfo()
-    {
-        return pkiStatusInfo;
-    }
-
-    public ASN1Integer getErrorCode()
-    {
-        return errorCode;
-    }
-
-    public PKIFreeText getErrorDetails()
-    {
-        return errorDetails;
-    }
-
-    /**
-     * <pre>
-     * ErrorMsgContent ::= SEQUENCE {
-     *                        pKIStatusInfo          PKIStatusInfo,
-     *                        errorCode              INTEGER           OPTIONAL,
-     *                        -- implementation-specific error codes
-     *                        errorDetails           PKIFreeText       OPTIONAL
-     *                        -- implementation-specific error details
-     * }
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(pkiStatusInfo);
-        addOptional(v, errorCode);
-        addOptional(v, errorDetails);
-
-        return new DERSequence(v);
-    }
-
-    private void addOptional(ASN1EncodableVector v, ASN1Encodable obj)
-    {
-        if (obj != null)
-        {
-            v.add(obj);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/GenMsgContent.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/GenMsgContent.java
deleted file mode 100644
index 109d180..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/GenMsgContent.java
+++ /dev/null

@@ -1,71 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-public class GenMsgContent
-    extends ASN1Object
-{
-    private ASN1Sequence content;
-
-    private GenMsgContent(ASN1Sequence seq)
-    {
-        content = seq;
-    }
-
-    public static GenMsgContent getInstance(Object o)
-    {
-        if (o instanceof GenMsgContent)
-        {
-            return (GenMsgContent)o;
-        }
-
-        if (o != null)
-        {
-            return new GenMsgContent(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public GenMsgContent(InfoTypeAndValue itv)
-    {
-        content = new DERSequence(itv);
-    }
-
-    public GenMsgContent(InfoTypeAndValue[] itv)
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        for (int i = 0; i < itv.length; i++)
-        {
-            v.add(itv[i]);
-        }
-        content = new DERSequence(v);
-    }
-
-    public InfoTypeAndValue[] toInfoTypeAndValueArray()
-    {
-        InfoTypeAndValue[] result = new InfoTypeAndValue[content.size()];
-
-        for (int i = 0; i != result.length; i++)
-        {
-            result[i] = InfoTypeAndValue.getInstance(content.getObjectAt(i));
-        }
-
-        return result;
-    }
-
-    /**
-     * <pre>
-     * GenMsgContent ::= SEQUENCE OF InfoTypeAndValue
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return content;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/GenRepContent.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/GenRepContent.java
deleted file mode 100644
index aca4d30..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/GenRepContent.java
+++ /dev/null

@@ -1,71 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-public class GenRepContent
-    extends ASN1Object
-{
-    private ASN1Sequence content;
-
-    private GenRepContent(ASN1Sequence seq)
-    {
-        content = seq;
-    }
-
-    public static GenRepContent getInstance(Object o)
-    {
-        if (o instanceof GenRepContent)
-        {
-            return (GenRepContent)o;
-        }
-
-        if (o != null)
-        {
-            return new GenRepContent(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public GenRepContent(InfoTypeAndValue itv)
-    {
-        content = new DERSequence(itv);
-    }
-
-    public GenRepContent(InfoTypeAndValue[] itv)
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        for (int i = 0; i < itv.length; i++)
-        {
-            v.add(itv[i]);
-        }
-        content = new DERSequence(v);
-    }
-
-    public InfoTypeAndValue[] toInfoTypeAndValueArray()
-    {
-        InfoTypeAndValue[] result = new InfoTypeAndValue[content.size()];
-
-        for (int i = 0; i != result.length; i++)
-        {
-            result[i] = InfoTypeAndValue.getInstance(content.getObjectAt(i));
-        }
-
-        return result;
-    }
-
-    /**
-     * <pre>
-     * GenRepContent ::= SEQUENCE OF InfoTypeAndValue
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return content;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/InfoTypeAndValue.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/InfoTypeAndValue.java
deleted file mode 100644
index 9405462..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/InfoTypeAndValue.java
+++ /dev/null

@@ -1,132 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * Example InfoTypeAndValue contents include, but are not limited
- * to, the following (un-comment in this ASN.1 module and use as
- * appropriate for a given environment):
- * <pre>
- *   id-it-caProtEncCert    OBJECT IDENTIFIER ::= {id-it 1}
- *      CAProtEncCertValue      ::= CMPCertificate
- *   id-it-signKeyPairTypes OBJECT IDENTIFIER ::= {id-it 2}
- *     SignKeyPairTypesValue   ::= SEQUENCE OF AlgorithmIdentifier
- *   id-it-encKeyPairTypes  OBJECT IDENTIFIER ::= {id-it 3}
- *     EncKeyPairTypesValue    ::= SEQUENCE OF AlgorithmIdentifier
- *   id-it-preferredSymmAlg OBJECT IDENTIFIER ::= {id-it 4}
- *      PreferredSymmAlgValue   ::= AlgorithmIdentifier
- *   id-it-caKeyUpdateInfo  OBJECT IDENTIFIER ::= {id-it 5}
- *      CAKeyUpdateInfoValue    ::= CAKeyUpdAnnContent
- *   id-it-currentCRL       OBJECT IDENTIFIER ::= {id-it 6}
- *      CurrentCRLValue         ::= CertificateList
- *   id-it-unsupportedOIDs  OBJECT IDENTIFIER ::= {id-it 7}
- *      UnsupportedOIDsValue    ::= SEQUENCE OF OBJECT IDENTIFIER
- *   id-it-keyPairParamReq  OBJECT IDENTIFIER ::= {id-it 10}
- *      KeyPairParamReqValue    ::= OBJECT IDENTIFIER
- *   id-it-keyPairParamRep  OBJECT IDENTIFIER ::= {id-it 11}
- *      KeyPairParamRepValue    ::= AlgorithmIdentifer
- *   id-it-revPassphrase    OBJECT IDENTIFIER ::= {id-it 12}
- *      RevPassphraseValue      ::= EncryptedValue
- *   id-it-implicitConfirm  OBJECT IDENTIFIER ::= {id-it 13}
- *      ImplicitConfirmValue    ::= NULL
- *   id-it-confirmWaitTime  OBJECT IDENTIFIER ::= {id-it 14}
- *      ConfirmWaitTimeValue    ::= GeneralizedTime
- *   id-it-origPKIMessage   OBJECT IDENTIFIER ::= {id-it 15}
- *      OrigPKIMessageValue     ::= PKIMessages
- *   id-it-suppLangTags     OBJECT IDENTIFIER ::= {id-it 16}
- *      SuppLangTagsValue       ::= SEQUENCE OF UTF8String
- *
- * where
- *
- *   id-pkix OBJECT IDENTIFIER ::= {
- *      iso(1) identified-organization(3)
- *      dod(6) internet(1) security(5) mechanisms(5) pkix(7)}
- * and
- *      id-it   OBJECT IDENTIFIER ::= {id-pkix 4}
- * </pre>
- */
-public class InfoTypeAndValue
-    extends ASN1Object
-{
-    private ASN1ObjectIdentifier infoType;
-    private ASN1Encodable       infoValue;
-
-    private InfoTypeAndValue(ASN1Sequence seq)
-    {
-        infoType = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
-
-        if (seq.size() > 1)
-        {
-            infoValue = (ASN1Encodable)seq.getObjectAt(1);
-        }
-    }
-
-    public static InfoTypeAndValue getInstance(Object o)
-    {
-        if (o instanceof InfoTypeAndValue)
-        {
-            return (InfoTypeAndValue)o;
-        }
-
-        if (o != null)
-        {
-            return new InfoTypeAndValue(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public InfoTypeAndValue(
-        ASN1ObjectIdentifier infoType)
-    {
-        this.infoType = infoType;
-        this.infoValue = null;
-    }
-
-    public InfoTypeAndValue(
-        ASN1ObjectIdentifier infoType,
-        ASN1Encodable optionalValue)
-    {
-        this.infoType = infoType;
-        this.infoValue = optionalValue;
-    }
-
-    public ASN1ObjectIdentifier getInfoType()
-    {
-        return infoType;
-    }
-
-    public ASN1Encodable getInfoValue()
-    {
-        return infoValue;
-    }
-
-    /**
-     * <pre>
-     * InfoTypeAndValue ::= SEQUENCE {
-     *                         infoType               OBJECT IDENTIFIER,
-     *                         infoValue              ANY DEFINED BY infoType  OPTIONAL
-     * }
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(infoType);
-
-        if (infoValue != null)
-        {
-            v.add(infoValue);
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/KeyRecRepContent.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/KeyRecRepContent.java
deleted file mode 100644
index 3bc5032..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/KeyRecRepContent.java
+++ /dev/null

@@ -1,142 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-
-public class KeyRecRepContent
-    extends ASN1Object
-{
-    private PKIStatusInfo status;
-    private CMPCertificate newSigCert;
-    private ASN1Sequence caCerts;
-    private ASN1Sequence keyPairHist;
-
-    private KeyRecRepContent(ASN1Sequence seq)
-    {
-        Enumeration en = seq.getObjects();
-
-        status = PKIStatusInfo.getInstance(en.nextElement());
-
-        while (en.hasMoreElements())
-        {
-            ASN1TaggedObject tObj = ASN1TaggedObject.getInstance(en.nextElement());
-
-            switch (tObj.getTagNo())
-            {
-            case 0:
-                newSigCert = CMPCertificate.getInstance(tObj.getObject());
-                break;
-            case 1:
-                caCerts = ASN1Sequence.getInstance(tObj.getObject());
-                break;
-            case 2:
-                keyPairHist = ASN1Sequence.getInstance(tObj.getObject());
-                break;
-            default:
-                throw new IllegalArgumentException("unknown tag number: " + tObj.getTagNo());
-            }
-        }
-    }
-
-    public static KeyRecRepContent getInstance(Object o)
-    {
-        if (o instanceof KeyRecRepContent)
-        {
-            return (KeyRecRepContent)o;
-        }
-
-        if (o != null)
-        {
-            return new KeyRecRepContent(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-
-    public PKIStatusInfo getStatus()
-    {
-        return status;
-    }
-
-    public CMPCertificate getNewSigCert()
-    {
-        return newSigCert;
-    }
-
-    public CMPCertificate[] getCaCerts()
-    {
-        if (caCerts == null)
-        {
-            return null;
-        }
-
-        CMPCertificate[] results = new CMPCertificate[caCerts.size()];
-
-        for (int i = 0; i != results.length; i++)
-        {
-            results[i] = CMPCertificate.getInstance(caCerts.getObjectAt(i));
-        }
-
-        return results;
-    }
-
-    public CertifiedKeyPair[] getKeyPairHist()
-    {
-        if (keyPairHist == null)
-        {
-            return null;
-        }
-
-        CertifiedKeyPair[] results = new CertifiedKeyPair[keyPairHist.size()];
-
-        for (int i = 0; i != results.length; i++)
-        {
-            results[i] = CertifiedKeyPair.getInstance(keyPairHist.getObjectAt(i));
-        }
-
-        return results;
-    }
-
-    /**
-     * <pre>
-     * KeyRecRepContent ::= SEQUENCE {
-     *                         status                  PKIStatusInfo,
-     *                         newSigCert          [0] CMPCertificate OPTIONAL,
-     *                         caCerts             [1] SEQUENCE SIZE (1..MAX) OF
-     *                                                           CMPCertificate OPTIONAL,
-     *                         keyPairHist         [2] SEQUENCE SIZE (1..MAX) OF
-     *                                                           CertifiedKeyPair OPTIONAL
-     *              }
-     * </pre> 
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(status);
-
-        addOptional(v, 0, newSigCert);
-        addOptional(v, 1, caCerts);
-        addOptional(v, 2, keyPairHist);
-
-        return new DERSequence(v);
-    }
-
-    private void addOptional(ASN1EncodableVector v, int tagNo, ASN1Encodable obj)
-    {
-        if (obj != null)
-        {
-            v.add(new DERTaggedObject(true, tagNo, obj));
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/OOBCertHash.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/OOBCertHash.java
deleted file mode 100644
index fd833c4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/OOBCertHash.java
+++ /dev/null

@@ -1,117 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.crmf.CertId;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-public class OOBCertHash
-    extends ASN1Object
-{
-    private AlgorithmIdentifier hashAlg;
-    private CertId certId;
-    private DERBitString  hashVal;
-
-    private OOBCertHash(ASN1Sequence seq)
-    {
-        int index = seq.size() - 1;
-
-        hashVal = DERBitString.getInstance(seq.getObjectAt(index--));
-
-        for (int i = index; i >= 0; i--)
-        {
-            ASN1TaggedObject tObj = (ASN1TaggedObject)seq.getObjectAt(i);
-
-            if (tObj.getTagNo() == 0)
-            {
-                hashAlg = AlgorithmIdentifier.getInstance(tObj, true);
-            }
-            else
-            {
-                certId = CertId.getInstance(tObj, true);
-            }
-        }
-
-    }
-
-    public static OOBCertHash getInstance(Object o)
-    {
-        if (o instanceof OOBCertHash)
-        {
-            return (OOBCertHash)o;
-        }
-
-        if (o != null)
-        {
-            return new OOBCertHash(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public OOBCertHash(AlgorithmIdentifier hashAlg, CertId certId, byte[] hashVal)
-    {
-        this(hashAlg, certId, new DERBitString(hashVal));
-    }
-
-    public OOBCertHash(AlgorithmIdentifier hashAlg, CertId certId, DERBitString hashVal)
-    {
-        this.hashAlg = hashAlg;
-        this.certId = certId;
-        this.hashVal = hashVal;
-    }
-
-    public AlgorithmIdentifier getHashAlg()
-    {
-        return hashAlg;
-    }
-
-    public CertId getCertId()
-    {
-        return certId;
-    }
-
-    public DERBitString getHashVal()
-    {
-        return hashVal;
-    }
-
-    /**
-     * <pre>
-     * OOBCertHash ::= SEQUENCE {
-     *                      hashAlg     [0] AlgorithmIdentifier     OPTIONAL,
-     *                      certId      [1] CertId                  OPTIONAL,
-     *                      hashVal         BIT STRING
-     *                      -- hashVal is calculated over the DER encoding of the
-     *                      -- self-signed certificate with the identifier certID.
-     *       }
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        addOptional(v, 0, hashAlg);
-        addOptional(v, 1, certId);
-
-        v.add(hashVal);
-
-        return new DERSequence(v);
-    }
-
-    private void addOptional(ASN1EncodableVector v, int tagNo, ASN1Encodable obj)
-    {
-        if (obj != null)
-        {
-            v.add(new DERTaggedObject(true, tagNo, obj));
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PBMParameter.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PBMParameter.java
deleted file mode 100644
index fdf2c25..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PBMParameter.java
+++ /dev/null

@@ -1,117 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-public class PBMParameter
-    extends ASN1Object
-{
-    private ASN1OctetString salt;
-    private AlgorithmIdentifier owf;
-    private ASN1Integer iterationCount;
-    private AlgorithmIdentifier mac;
-
-    private PBMParameter(ASN1Sequence seq)
-    {
-        salt = ASN1OctetString.getInstance(seq.getObjectAt(0));
-        owf = AlgorithmIdentifier.getInstance(seq.getObjectAt(1));
-        iterationCount = ASN1Integer.getInstance(seq.getObjectAt(2));
-        mac = AlgorithmIdentifier.getInstance(seq.getObjectAt(3));
-    }
-
-    public static PBMParameter getInstance(Object o)
-    {
-        if (o instanceof PBMParameter)
-        {
-            return (PBMParameter)o;
-        }
-
-        if (o != null)
-        {
-            return new PBMParameter(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public PBMParameter(
-        byte[] salt,
-        AlgorithmIdentifier owf,
-        int iterationCount,
-        AlgorithmIdentifier mac)
-    {
-        this(new DEROctetString(salt), owf,
-             new ASN1Integer(iterationCount), mac);
-    }
-
-    public PBMParameter(
-        ASN1OctetString salt,
-        AlgorithmIdentifier owf,
-        ASN1Integer iterationCount,
-        AlgorithmIdentifier mac)
-    {
-        this.salt = salt;
-        this.owf = owf;
-        this.iterationCount = iterationCount;
-        this.mac = mac;
-    }
-
-    public ASN1OctetString getSalt()
-    {
-        return salt;
-    }
-
-    public AlgorithmIdentifier getOwf()
-    {
-        return owf;
-    }
-
-    public ASN1Integer getIterationCount()
-    {
-        return iterationCount;
-    }
-
-    public AlgorithmIdentifier getMac()
-    {
-        return mac;
-    }
-
-    /**
-     * <pre>
-     *  PBMParameter ::= SEQUENCE {
-     *                        salt                OCTET STRING,
-     *                        -- note:  implementations MAY wish to limit acceptable sizes
-     *                        -- of this string to values appropriate for their environment
-     *                        -- in order to reduce the risk of denial-of-service attacks
-     *                        owf                 AlgorithmIdentifier,
-     *                        -- AlgId for a One-Way Function (SHA-1 recommended)
-     *                        iterationCount      INTEGER,
-     *                        -- number of times the OWF is applied
-     *                        -- note:  implementations MAY wish to limit acceptable sizes
-     *                        -- of this integer to values appropriate for their environment
-     *                        -- in order to reduce the risk of denial-of-service attacks
-     *                        mac                 AlgorithmIdentifier
-     *                        -- the MAC AlgId (e.g., DES-MAC, Triple-DES-MAC [PKCS11],
-     *    }   -- or HMAC [RFC2104, RFC2202])
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(salt);
-        v.add(owf);
-        v.add(iterationCount);
-        v.add(mac);
-        
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIBody.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIBody.java
deleted file mode 100644
index 269c369..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIBody.java
+++ /dev/null

@@ -1,194 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.crmf.CertReqMessages;
-import org.bouncycastle.asn1.pkcs.CertificationRequest;
-
-public class PKIBody
-    extends ASN1Object
-    implements ASN1Choice
-{
-    public static final int TYPE_INIT_REQ = 0;
-    public static final int TYPE_INIT_REP = 1;
-    public static final int TYPE_CERT_REQ = 2;
-    public static final int TYPE_CERT_REP = 3;
-    public static final int TYPE_P10_CERT_REQ = 4;
-    public static final int TYPE_POPO_CHALL = 5;
-    public static final int TYPE_POPO_REP = 6;
-    public static final int TYPE_KEY_UPDATE_REQ = 7;
-    public static final int TYPE_KEY_UPDATE_REP = 8;
-    public static final int TYPE_KEY_RECOVERY_REQ = 9;
-    public static final int TYPE_KEY_RECOVERY_REP = 10;
-    public static final int TYPE_REVOCATION_REQ = 11;
-    public static final int TYPE_REVOCATION_REP = 12;
-    public static final int TYPE_CROSS_CERT_REQ = 13;
-    public static final int TYPE_CROSS_CERT_REP = 14;
-    public static final int TYPE_CA_KEY_UPDATE_ANN = 15;
-    public static final int TYPE_CERT_ANN = 16;
-    public static final int TYPE_REVOCATION_ANN = 17;
-    public static final int TYPE_CRL_ANN = 18;
-    public static final int TYPE_CONFIRM = 19;
-    public static final int TYPE_NESTED = 20;
-    public static final int TYPE_GEN_MSG = 21;
-    public static final int TYPE_GEN_REP = 22;
-    public static final int TYPE_ERROR = 23;
-    public static final int TYPE_CERT_CONFIRM = 24;
-    public static final int TYPE_POLL_REQ = 25;
-    public static final int TYPE_POLL_REP = 26;
-
-    private int tagNo;
-    private ASN1Encodable body;
-
-    public static PKIBody getInstance(Object o)
-    {
-        if (o == null || o instanceof PKIBody)
-        {
-            return (PKIBody)o;
-        }
-
-        if (o instanceof ASN1TaggedObject)
-        {
-            return new PKIBody((ASN1TaggedObject)o);
-        }
-
-        throw new IllegalArgumentException("Invalid object: " + o.getClass().getName());
-    }
-
-    private PKIBody(ASN1TaggedObject tagged)
-    {
-        tagNo = tagged.getTagNo();
-        body = getBodyForType(tagNo, tagged.getObject());
-    }
-
-    /**
-     * Creates a new PKIBody.
-     * @param type one of the TYPE_* constants
-     * @param content message content
-     */
-    public PKIBody(
-        int type,
-        ASN1Encodable content)
-    {
-        tagNo = type;
-        body = getBodyForType(type, content);
-    }
-
-    private static ASN1Encodable getBodyForType(
-        int type,
-        ASN1Encodable o)
-    {
-        switch (type)
-        {
-        case TYPE_INIT_REQ:
-            return CertReqMessages.getInstance(o);
-        case TYPE_INIT_REP:
-            return CertRepMessage.getInstance(o);
-        case TYPE_CERT_REQ:
-            return CertReqMessages.getInstance(o);
-        case TYPE_CERT_REP:
-            return CertRepMessage.getInstance(o);
-        case TYPE_P10_CERT_REQ:
-            return CertificationRequest.getInstance(o);
-        case TYPE_POPO_CHALL:
-            return POPODecKeyChallContent.getInstance(o);
-        case TYPE_POPO_REP:
-            return POPODecKeyRespContent.getInstance(o);
-        case TYPE_KEY_UPDATE_REQ:
-            return CertReqMessages.getInstance(o);
-        case TYPE_KEY_UPDATE_REP:
-            return CertRepMessage.getInstance(o);
-        case TYPE_KEY_RECOVERY_REQ:
-            return CertReqMessages.getInstance(o);
-        case TYPE_KEY_RECOVERY_REP:
-            return KeyRecRepContent.getInstance(o);
-        case TYPE_REVOCATION_REQ:
-            return RevReqContent.getInstance(o);
-        case TYPE_REVOCATION_REP:
-            return RevRepContent.getInstance(o);
-        case TYPE_CROSS_CERT_REQ:
-            return CertReqMessages.getInstance(o);
-        case TYPE_CROSS_CERT_REP:
-            return CertRepMessage.getInstance(o);
-        case TYPE_CA_KEY_UPDATE_ANN:
-            return CAKeyUpdAnnContent.getInstance(o);
-        case TYPE_CERT_ANN:
-            return CMPCertificate.getInstance(o);
-        case TYPE_REVOCATION_ANN:
-            return RevAnnContent.getInstance(o);
-        case TYPE_CRL_ANN:
-            return CRLAnnContent.getInstance(o);
-        case TYPE_CONFIRM:
-            return PKIConfirmContent.getInstance(o);
-        case TYPE_NESTED:
-            return PKIMessages.getInstance(o);
-        case TYPE_GEN_MSG:
-            return GenMsgContent.getInstance(o);
-        case TYPE_GEN_REP:
-            return GenRepContent.getInstance(o);
-        case TYPE_ERROR:
-            return ErrorMsgContent.getInstance(o);
-        case TYPE_CERT_CONFIRM:
-            return CertConfirmContent.getInstance(o);
-        case TYPE_POLL_REQ:
-            return PollReqContent.getInstance(o);
-        case TYPE_POLL_REP:
-            return PollRepContent.getInstance(o);
-        default:
-            throw new IllegalArgumentException("unknown tag number: " + type);
-        }
-    }
-
-    public int getType()
-    {
-        return tagNo;
-    }
-
-    public ASN1Encodable getContent()
-    {
-        return body;
-    }
-
-    /**
-     * <pre>
-     * PKIBody ::= CHOICE {       -- message-specific body elements
-     *        ir       [0]  CertReqMessages,        --Initialization Request
-     *        ip       [1]  CertRepMessage,         --Initialization Response
-     *        cr       [2]  CertReqMessages,        --Certification Request
-     *        cp       [3]  CertRepMessage,         --Certification Response
-     *        p10cr    [4]  CertificationRequest,   --imported from [PKCS10]
-     *        popdecc  [5]  POPODecKeyChallContent, --pop Challenge
-     *        popdecr  [6]  POPODecKeyRespContent,  --pop Response
-     *        kur      [7]  CertReqMessages,        --Key Update Request
-     *        kup      [8]  CertRepMessage,         --Key Update Response
-     *        krr      [9]  CertReqMessages,        --Key Recovery Request
-     *        krp      [10] KeyRecRepContent,       --Key Recovery Response
-     *        rr       [11] RevReqContent,          --Revocation Request
-     *        rp       [12] RevRepContent,          --Revocation Response
-     *        ccr      [13] CertReqMessages,        --Cross-Cert. Request
-     *        ccp      [14] CertRepMessage,         --Cross-Cert. Response
-     *        ckuann   [15] CAKeyUpdAnnContent,     --CA Key Update Ann.
-     *        cann     [16] CertAnnContent,         --Certificate Ann.
-     *        rann     [17] RevAnnContent,          --Revocation Ann.
-     *        crlann   [18] CRLAnnContent,          --CRL Announcement
-     *        pkiconf  [19] PKIConfirmContent,      --Confirmation
-     *        nested   [20] NestedMessageContent,   --Nested Message
-     *        genm     [21] GenMsgContent,          --General Message
-     *        genp     [22] GenRepContent,          --General Response
-     *        error    [23] ErrorMsgContent,        --Error Message
-     *        certConf [24] CertConfirmContent,     --Certificate confirm
-     *        pollReq  [25] PollReqContent,         --Polling request
-     *        pollRep  [26] PollRepContent          --Polling response
-     * }
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return new DERTaggedObject(true, tagNo, body);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIConfirmContent.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIConfirmContent.java
deleted file mode 100644
index 5af3f7d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIConfirmContent.java
+++ /dev/null

@@ -1,48 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import org.bouncycastle.asn1.ASN1Null;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DERNull;
-
-public class PKIConfirmContent
-    extends ASN1Object
-{
-    private ASN1Null val;
-
-    private PKIConfirmContent(ASN1Null val)
-    {
-        this.val = val;
-    }
-
-    public static PKIConfirmContent getInstance(Object o)
-    {
-        if (o == null || o instanceof PKIConfirmContent)
-        {
-            return (PKIConfirmContent)o;
-        }
-
-        if (o instanceof ASN1Null)
-        {
-            return new PKIConfirmContent((ASN1Null)o);
-        }
-
-        throw new IllegalArgumentException("Invalid object: " + o.getClass().getName());
-    }
-
-    public PKIConfirmContent()
-    {
-        val = DERNull.INSTANCE;
-    }
-
-    /**
-     * <pre>
-     * PKIConfirmContent ::= NULL
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return val;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIFailureInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIFailureInfo.java
deleted file mode 100644
index 10acbb4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIFailureInfo.java
+++ /dev/null

@@ -1,126 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import org.bouncycastle.asn1.DERBitString;
-
-/**
- * <pre>
- * PKIFailureInfo ::= BIT STRING {
- * badAlg               (0),
- *   -- unrecognized or unsupported Algorithm Identifier
- * badMessageCheck      (1), -- integrity check failed (e.g., signature did not verify)
- * badRequest           (2),
- *   -- transaction not permitted or supported
- * badTime              (3), -- messageTime was not sufficiently close to the system time, as defined by local policy
- * badCertId            (4), -- no certificate could be found matching the provided criteria
- * badDataFormat        (5),
- *   -- the data submitted has the wrong format
- * wrongAuthority       (6), -- the authority indicated in the request is different from the one creating the response token
- * incorrectData        (7), -- the requester's data is incorrect (for notary services)
- * missingTimeStamp     (8), -- when the timestamp is missing but should be there (by policy)
- * badPOP               (9)  -- the proof-of-possession failed
- * certRevoked         (10),
- * certConfirmed       (11),
- * wrongIntegrity      (12),
- * badRecipientNonce   (13), 
- * timeNotAvailable    (14),
- *   -- the TSA's time source is not available
- * unacceptedPolicy    (15),
- *   -- the requested TSA policy is not supported by the TSA
- * unacceptedExtension (16),
- *   -- the requested extension is not supported by the TSA
- * addInfoNotAvailable (17)
- *   -- the additional information requested could not be understood
- *   -- or is not available
- * badSenderNonce      (18),
- * badCertTemplate     (19),
- * signerNotTrusted    (20),
- * transactionIdInUse  (21),
- * unsupportedVersion  (22),
- * notAuthorized       (23),
- * systemUnavail       (24),    
- * systemFailure       (25),
- *   -- the request cannot be handled due to system failure
- * duplicateCertReq    (26) 
- * </pre>
- */
-public class PKIFailureInfo
-    extends DERBitString
-{
-    public static final int badAlg               = (1 << 7); // unrecognized or unsupported Algorithm Identifier
-    public static final int badMessageCheck      = (1 << 6); // integrity check failed (e.g., signature did not verify)
-    public static final int badRequest           = (1 << 5);
-    public static final int badTime              = (1 << 4); // -- messageTime was not sufficiently close to the system time, as defined by local policy
-    public static final int badCertId            = (1 << 3); // no certificate could be found matching the provided criteria
-    public static final int badDataFormat        = (1 << 2);
-    public static final int wrongAuthority       = (1 << 1); // the authority indicated in the request is different from the one creating the response token
-    public static final int incorrectData        = 1;        // the requester's data is incorrect (for notary services)
-    public static final int missingTimeStamp     = (1 << 15); // when the timestamp is missing but should be there (by policy)
-    public static final int badPOP               = (1 << 14); // the proof-of-possession failed
-    public static final int certRevoked          = (1 << 13);
-    public static final int certConfirmed        = (1 << 12);
-    public static final int wrongIntegrity       = (1 << 11);
-    public static final int badRecipientNonce    = (1 << 10);
-    public static final int timeNotAvailable     = (1 << 9); // the TSA's time source is not available
-    public static final int unacceptedPolicy     = (1 << 8); // the requested TSA policy is not supported by the TSA
-    public static final int unacceptedExtension  = (1 << 23); //the requested extension is not supported by the TSA
-    public static final int addInfoNotAvailable  = (1 << 22); //the additional information requested could not be understood or is not available
-    public static final int badSenderNonce       = (1 << 21);
-    public static final int badCertTemplate      = (1 << 20);
-    public static final int signerNotTrusted     = (1 << 19);
-    public static final int transactionIdInUse   = (1 << 18);
-    public static final int unsupportedVersion   = (1 << 17);
-    public static final int notAuthorized        = (1 << 16);
-    public static final int systemUnavail        = (1 << 31);
-    public static final int systemFailure        = (1 << 30); //the request cannot be handled due to system failure
-    public static final int duplicateCertReq     = (1 << 29);
-
-    /** @deprecated use lower case version */
-    public static final int BAD_ALG                   = badAlg; // unrecognized or unsupported Algorithm Identifier
-    /** @deprecated use lower case version */
-    public static final int BAD_MESSAGE_CHECK         = badMessageCheck;
-    /** @deprecated use lower case version */
-    public static final int BAD_REQUEST               = badRequest; // transaction not permitted or supported
-    /** @deprecated use lower case version */
-    public static final int BAD_TIME                  = badTime;
-    /** @deprecated use lower case version */
-    public static final int BAD_CERT_ID               = badCertId;
-    /** @deprecated use lower case version */
-    public static final int BAD_DATA_FORMAT           = badDataFormat; // the data submitted has the wrong format
-    /** @deprecated use lower case version */
-    public static final int WRONG_AUTHORITY           = wrongAuthority;
-    /** @deprecated use lower case version */
-    public static final int INCORRECT_DATA            = incorrectData;
-    /** @deprecated use lower case version */
-    public static final int MISSING_TIME_STAMP        = missingTimeStamp;
-    /** @deprecated use lower case version */
-    public static final int BAD_POP                   = badPOP;
-    /** @deprecated use lower case version */
-    public static final int TIME_NOT_AVAILABLE        = timeNotAvailable;
-    /** @deprecated use lower case version */
-    public static final int UNACCEPTED_POLICY         = unacceptedPolicy;
-    /** @deprecated use lower case version */
-    public static final int UNACCEPTED_EXTENSION      = unacceptedExtension;
-    /** @deprecated use lower case version */
-    public static final int ADD_INFO_NOT_AVAILABLE    = addInfoNotAvailable; 
-    /** @deprecated use lower case version */
-    public static final int SYSTEM_FAILURE            = systemFailure; 
-    /**
-     * Basic constructor.
-     */
-    public PKIFailureInfo(
-        int info)
-    {
-        super(getBytes(info), getPadBits(info));
-    }
-
-    public PKIFailureInfo(
-        DERBitString info)
-    {
-        super(info.getBytes(), info.getPadBits());
-    }
-    
-    public String toString()
-    {
-        return "PKIFailureInfo: 0x" + Integer.toHexString(this.intValue());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIFreeText.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIFreeText.java
deleted file mode 100644
index 5b63c19..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIFreeText.java
+++ /dev/null

@@ -1,115 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERUTF8String;
-
-public class PKIFreeText
-    extends ASN1Object
-{
-    ASN1Sequence strings;
-
-    public static PKIFreeText getInstance(
-        ASN1TaggedObject    obj,
-        boolean             explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    public static PKIFreeText getInstance(
-        Object obj)
-    {
-        if (obj instanceof PKIFreeText)
-        {
-            return (PKIFreeText)obj;
-        }
-        else if (obj != null)
-        {
-            return new PKIFreeText(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private PKIFreeText(
-        ASN1Sequence seq)
-    {
-        Enumeration e = seq.getObjects();
-        while (e.hasMoreElements())
-        {
-            if (!(e.nextElement() instanceof DERUTF8String))
-            {
-                throw new IllegalArgumentException("attempt to insert non UTF8 STRING into PKIFreeText");
-            }
-        }
-        
-        strings = seq;
-    }
-
-    public PKIFreeText(
-        DERUTF8String p)
-    {
-        strings = new DERSequence(p);
-    }
-
-    public PKIFreeText(
-        String p)
-    {
-        this(new DERUTF8String(p));
-    }
-
-    public PKIFreeText(
-        DERUTF8String[] strs)
-    {
-        strings = new DERSequence(strs);
-    }
-
-    public PKIFreeText(
-        String[] strs)
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        for (int i = 0; i < strs.length; i++)
-        {
-            v.add(new DERUTF8String(strs[i]));
-        }
-        strings = new DERSequence(v);
-    }
-
-    /**
-     * Return the number of string elements present.
-     * 
-     * @return number of elements present.
-     */
-    public int size()
-    {
-        return strings.size();
-    }
-    
-    /**
-     * Return the UTF8STRING at index i.
-     * 
-     * @param i index of the string of interest
-     * @return the string at index i.
-     */
-    public DERUTF8String getStringAt(
-        int i)
-    {
-        return (DERUTF8String)strings.getObjectAt(i);
-    }
-    
-    /**
-     * <pre>
-     * PKIFreeText ::= SEQUENCE SIZE (1..MAX) OF UTF8String
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return strings;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIHeader.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIHeader.java
deleted file mode 100644
index 82f1b08..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIHeader.java
+++ /dev/null

@@ -1,260 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.GeneralName;
-
-public class PKIHeader
-    extends ASN1Object
-{
-    /**
-     * Value for a "null" recipient or sender.
-     */
-    public static final GeneralName NULL_NAME = new GeneralName(X500Name.getInstance(new DERSequence()));
-
-    public static final int CMP_1999 = 1;
-    public static final int CMP_2000 = 2;
-
-    private ASN1Integer pvno;
-    private GeneralName sender;
-    private GeneralName recipient;
-    private ASN1GeneralizedTime messageTime;
-    private AlgorithmIdentifier protectionAlg;
-    private ASN1OctetString senderKID;       // KeyIdentifier
-    private ASN1OctetString recipKID;        // KeyIdentifier
-    private ASN1OctetString transactionID;
-    private ASN1OctetString senderNonce;
-    private ASN1OctetString recipNonce;
-    private PKIFreeText freeText;
-    private ASN1Sequence generalInfo;
-
-    private PKIHeader(ASN1Sequence seq)
-    {
-        Enumeration en = seq.getObjects();
-
-        pvno = ASN1Integer.getInstance(en.nextElement());
-        sender = GeneralName.getInstance(en.nextElement());
-        recipient = GeneralName.getInstance(en.nextElement());
-
-        while (en.hasMoreElements())
-        {
-            ASN1TaggedObject tObj = (ASN1TaggedObject)en.nextElement();
-
-            switch (tObj.getTagNo())
-            {
-            case 0:
-                messageTime = ASN1GeneralizedTime.getInstance(tObj, true);
-                break;
-            case 1:
-                protectionAlg = AlgorithmIdentifier.getInstance(tObj, true);
-                break;
-            case 2:
-                senderKID = ASN1OctetString.getInstance(tObj, true);
-                break;
-            case 3:
-                recipKID = ASN1OctetString.getInstance(tObj, true);
-                break;
-            case 4:
-                transactionID = ASN1OctetString.getInstance(tObj, true);
-                break;
-            case 5:
-                senderNonce = ASN1OctetString.getInstance(tObj, true);
-                break;
-            case 6:
-                recipNonce = ASN1OctetString.getInstance(tObj, true);
-                break;
-            case 7:
-                freeText = PKIFreeText.getInstance(tObj, true);
-                break;
-            case 8:
-                generalInfo = ASN1Sequence.getInstance(tObj, true);
-                break;
-            default:
-                throw new IllegalArgumentException("unknown tag number: " + tObj.getTagNo());
-            }
-        }
-    }
-
-    public static PKIHeader getInstance(Object o)
-    {
-        if (o instanceof PKIHeader)
-        {
-            return (PKIHeader)o;
-        }
-
-        if (o != null)
-        {
-            return new PKIHeader(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public PKIHeader(
-        int pvno,
-        GeneralName sender,
-        GeneralName recipient)
-    {
-        this(new ASN1Integer(pvno), sender, recipient);
-    }
-
-    private PKIHeader(
-        ASN1Integer pvno,
-        GeneralName sender,
-        GeneralName recipient)
-    {
-        this.pvno = pvno;
-        this.sender = sender;
-        this.recipient = recipient;
-    }
-
-    public ASN1Integer getPvno()
-    {
-        return pvno;
-    }
-
-    public GeneralName getSender()
-    {
-        return sender;
-    }
-
-    public GeneralName getRecipient()
-    {
-        return recipient;
-    }
-
-    public ASN1GeneralizedTime getMessageTime()
-    {
-        return messageTime;
-    }
-
-    public AlgorithmIdentifier getProtectionAlg()
-    {
-        return protectionAlg;
-    }
-
-    public ASN1OctetString getSenderKID()
-    {
-        return senderKID;
-    }
-
-    public ASN1OctetString getRecipKID()
-    {
-        return recipKID;
-    }
-
-    public ASN1OctetString getTransactionID()
-    {
-        return transactionID;
-    }
-
-    public ASN1OctetString getSenderNonce()
-    {
-        return senderNonce;
-    }
-
-    public ASN1OctetString getRecipNonce()
-    {
-        return recipNonce;
-    }
-
-    public PKIFreeText getFreeText()
-    {
-        return freeText;
-    }
-
-    public InfoTypeAndValue[] getGeneralInfo()
-    {
-        if (generalInfo == null)
-        {
-            return null;
-        }
-        InfoTypeAndValue[] results = new InfoTypeAndValue[generalInfo.size()];
-        for (int i = 0; i < results.length; i++)
-        {
-            results[i]
-                = InfoTypeAndValue.getInstance(generalInfo.getObjectAt(i));
-        }
-        return results;
-    }
-
-    /**
-     * <pre>
-     *  PKIHeader ::= SEQUENCE {
-     *            pvno                INTEGER     { cmp1999(1), cmp2000(2) },
-     *            sender              GeneralName,
-     *            -- identifies the sender
-     *            recipient           GeneralName,
-     *            -- identifies the intended recipient
-     *            messageTime     [0] GeneralizedTime         OPTIONAL,
-     *            -- time of production of this message (used when sender
-     *            -- believes that the transport will be "suitable"; i.e.,
-     *            -- that the time will still be meaningful upon receipt)
-     *            protectionAlg   [1] AlgorithmIdentifier     OPTIONAL,
-     *            -- algorithm used for calculation of protection bits
-     *            senderKID       [2] KeyIdentifier           OPTIONAL,
-     *            recipKID        [3] KeyIdentifier           OPTIONAL,
-     *            -- to identify specific keys used for protection
-     *            transactionID   [4] OCTET STRING            OPTIONAL,
-     *            -- identifies the transaction; i.e., this will be the same in
-     *            -- corresponding request, response, certConf, and PKIConf
-     *            -- messages
-     *            senderNonce     [5] OCTET STRING            OPTIONAL,
-     *            recipNonce      [6] OCTET STRING            OPTIONAL,
-     *            -- nonces used to provide replay protection, senderNonce
-     *            -- is inserted by the creator of this message; recipNonce
-     *            -- is a nonce previously inserted in a related message by
-     *            -- the intended recipient of this message
-     *            freeText        [7] PKIFreeText             OPTIONAL,
-     *            -- this may be used to indicate context-specific instructions
-     *            -- (this field is intended for human consumption)
-     *            generalInfo     [8] SEQUENCE SIZE (1..MAX) OF
-     *                                 InfoTypeAndValue     OPTIONAL
-     *            -- this may be used to convey context-specific information
-     *            -- (this field not primarily intended for human consumption)
-     * }
-     * </pre>
-     *
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(pvno);
-        v.add(sender);
-        v.add(recipient);
-        addOptional(v, 0, messageTime);
-        addOptional(v, 1, protectionAlg);
-        addOptional(v, 2, senderKID);
-        addOptional(v, 3, recipKID);
-        addOptional(v, 4, transactionID);
-        addOptional(v, 5, senderNonce);
-        addOptional(v, 6, recipNonce);
-        addOptional(v, 7, freeText);
-        addOptional(v, 8, generalInfo);
-
-        return new DERSequence(v);
-    }
-
-    private void addOptional(ASN1EncodableVector v, int tagNo, ASN1Encodable obj)
-    {
-        if (obj != null)
-        {
-            v.add(new DERTaggedObject(true, tagNo, obj));
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIHeaderBuilder.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIHeaderBuilder.java
deleted file mode 100644
index c5465a9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIHeaderBuilder.java
+++ /dev/null

@@ -1,243 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.GeneralName;
-
-public class PKIHeaderBuilder
-{
-    private ASN1Integer pvno;
-    private GeneralName sender;
-    private GeneralName recipient;
-    private ASN1GeneralizedTime messageTime;
-    private AlgorithmIdentifier protectionAlg;
-    private ASN1OctetString senderKID;       // KeyIdentifier
-    private ASN1OctetString recipKID;        // KeyIdentifier
-    private ASN1OctetString transactionID;
-    private ASN1OctetString senderNonce;
-    private ASN1OctetString recipNonce;
-    private PKIFreeText     freeText;
-    private ASN1Sequence    generalInfo;
-
-    public PKIHeaderBuilder(
-        int pvno,
-        GeneralName sender,
-        GeneralName recipient)
-    {
-        this(new ASN1Integer(pvno), sender, recipient);
-    }
-
-    private PKIHeaderBuilder(
-        ASN1Integer pvno,
-        GeneralName sender,
-        GeneralName recipient)
-    {
-        this.pvno = pvno;
-        this.sender = sender;
-        this.recipient = recipient;
-    }
-
-    public PKIHeaderBuilder setMessageTime(ASN1GeneralizedTime time)
-    {
-        messageTime = time;
-
-        return this;
-    }
-
-    public PKIHeaderBuilder setProtectionAlg(AlgorithmIdentifier aid)
-    {
-        protectionAlg = aid;
-
-        return this;
-    }
-
-    public PKIHeaderBuilder setSenderKID(byte[] kid)
-    {
-        return setSenderKID(kid == null ? null : new DEROctetString(kid));
-    }
-
-    public PKIHeaderBuilder setSenderKID(ASN1OctetString kid)
-    {
-        senderKID = kid;
-
-        return this;
-    }
-
-    public PKIHeaderBuilder setRecipKID(byte[] kid)
-    {
-        return setRecipKID(kid == null ? null : new DEROctetString(kid));
-    }
-
-    public PKIHeaderBuilder setRecipKID(DEROctetString kid)
-    {
-        recipKID = kid;
-
-        return this;
-    }
-
-    public PKIHeaderBuilder setTransactionID(byte[] tid)
-    {
-        return setTransactionID(tid == null ? null : new DEROctetString(tid));
-    }
-
-    public PKIHeaderBuilder setTransactionID(ASN1OctetString tid)
-    {
-        transactionID = tid;
-
-        return this;
-    }
-
-    public PKIHeaderBuilder setSenderNonce(byte[] nonce)
-    {
-        return setSenderNonce(nonce == null ? null : new DEROctetString(nonce));
-    }
-
-    public PKIHeaderBuilder setSenderNonce(ASN1OctetString nonce)
-    {
-        senderNonce = nonce;
-
-        return this;
-    }
-
-    public PKIHeaderBuilder setRecipNonce(byte[] nonce)
-    {
-        return setRecipNonce(nonce == null ? null : new DEROctetString(nonce));
-    }
-
-    public PKIHeaderBuilder setRecipNonce(ASN1OctetString nonce)
-    {
-        recipNonce = nonce;
-
-        return this;
-    }
-
-    public PKIHeaderBuilder setFreeText(PKIFreeText text)
-    {
-        freeText = text;
-
-        return this;
-    }
-
-    public PKIHeaderBuilder setGeneralInfo(InfoTypeAndValue genInfo)
-    {
-        return setGeneralInfo(makeGeneralInfoSeq(genInfo));
-    }
-
-    public PKIHeaderBuilder setGeneralInfo(InfoTypeAndValue[] genInfos)
-    {
-        return setGeneralInfo(makeGeneralInfoSeq(genInfos));
-    }
-
-    public PKIHeaderBuilder setGeneralInfo(ASN1Sequence seqOfInfoTypeAndValue)
-    {
-        generalInfo = seqOfInfoTypeAndValue;
-
-        return this;
-    }
-
-    private static ASN1Sequence makeGeneralInfoSeq(
-        InfoTypeAndValue generalInfo)
-    {
-        return new DERSequence(generalInfo);
-    }
-
-    private static ASN1Sequence makeGeneralInfoSeq(
-        InfoTypeAndValue[] generalInfos)
-    {
-        ASN1Sequence genInfoSeq = null;
-        if (generalInfos != null)
-        {
-            ASN1EncodableVector v = new ASN1EncodableVector();
-            for (int i = 0; i < generalInfos.length; i++)
-            {
-                v.add(generalInfos[i]);
-            }
-            genInfoSeq = new DERSequence(v);
-        }
-        return genInfoSeq;
-    }
-
-    /**
-     * <pre>
-     *  PKIHeader ::= SEQUENCE {
-     *            pvno                INTEGER     { cmp1999(1), cmp2000(2) },
-     *            sender              GeneralName,
-     *            -- identifies the sender
-     *            recipient           GeneralName,
-     *            -- identifies the intended recipient
-     *            messageTime     [0] GeneralizedTime         OPTIONAL,
-     *            -- time of production of this message (used when sender
-     *            -- believes that the transport will be "suitable"; i.e.,
-     *            -- that the time will still be meaningful upon receipt)
-     *            protectionAlg   [1] AlgorithmIdentifier     OPTIONAL,
-     *            -- algorithm used for calculation of protection bits
-     *            senderKID       [2] KeyIdentifier           OPTIONAL,
-     *            recipKID        [3] KeyIdentifier           OPTIONAL,
-     *            -- to identify specific keys used for protection
-     *            transactionID   [4] OCTET STRING            OPTIONAL,
-     *            -- identifies the transaction; i.e., this will be the same in
-     *            -- corresponding request, response, certConf, and PKIConf
-     *            -- messages
-     *            senderNonce     [5] OCTET STRING            OPTIONAL,
-     *            recipNonce      [6] OCTET STRING            OPTIONAL,
-     *            -- nonces used to provide replay protection, senderNonce
-     *            -- is inserted by the creator of this message; recipNonce
-     *            -- is a nonce previously inserted in a related message by
-     *            -- the intended recipient of this message
-     *            freeText        [7] PKIFreeText             OPTIONAL,
-     *            -- this may be used to indicate context-specific instructions
-     *            -- (this field is intended for human consumption)
-     *            generalInfo     [8] SEQUENCE SIZE (1..MAX) OF
-     *                                 InfoTypeAndValue     OPTIONAL
-     *            -- this may be used to convey context-specific information
-     *            -- (this field not primarily intended for human consumption)
-     * }
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public PKIHeader build()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(pvno);
-        v.add(sender);
-        v.add(recipient);
-        addOptional(v, 0, messageTime);
-        addOptional(v, 1, protectionAlg);
-        addOptional(v, 2, senderKID);
-        addOptional(v, 3, recipKID);
-        addOptional(v, 4, transactionID);
-        addOptional(v, 5, senderNonce);
-        addOptional(v, 6, recipNonce);
-        addOptional(v, 7, freeText);
-        addOptional(v, 8, generalInfo);
-
-        messageTime = null;
-        protectionAlg = null;
-        senderKID = null;
-        recipKID = null;
-        transactionID = null;
-        senderNonce = null;
-        recipNonce = null;
-        freeText = null;
-        generalInfo = null;
-        
-        return PKIHeader.getInstance(new DERSequence(v));
-    }
-
-    private void addOptional(ASN1EncodableVector v, int tagNo, ASN1Encodable obj)
-    {
-        if (obj != null)
-        {
-            v.add(new DERTaggedObject(true, tagNo, obj));
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIMessage.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIMessage.java
deleted file mode 100644
index bfc2113..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIMessage.java
+++ /dev/null

@@ -1,166 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-
-public class PKIMessage
-    extends ASN1Object
-{
-    private PKIHeader header;
-    private PKIBody body;
-    private DERBitString protection;
-    private ASN1Sequence extraCerts;
-
-    private PKIMessage(ASN1Sequence seq)
-    {
-        Enumeration en = seq.getObjects();
-
-        header = PKIHeader.getInstance(en.nextElement());
-        body = PKIBody.getInstance(en.nextElement());
-
-        while (en.hasMoreElements())
-        {
-            ASN1TaggedObject tObj = (ASN1TaggedObject)en.nextElement();
-
-            if (tObj.getTagNo() == 0)
-            {
-                protection = DERBitString.getInstance(tObj, true);
-            }
-            else
-            {
-                extraCerts = ASN1Sequence.getInstance(tObj, true);
-            }
-        }
-    }
-
-    public static PKIMessage getInstance(Object o)
-    {
-        if (o instanceof PKIMessage)
-        {
-            return (PKIMessage)o;
-        }
-        else if (o != null)
-        {
-            return new PKIMessage(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    /**
-     * Creates a new PKIMessage.
-     *
-     * @param header     message header
-     * @param body       message body
-     * @param protection message protection (may be null)
-     * @param extraCerts extra certificates (may be null)
-     */
-    public PKIMessage(
-        PKIHeader header,
-        PKIBody body,
-        DERBitString protection,
-        CMPCertificate[] extraCerts)
-    {
-        this.header = header;
-        this.body = body;
-        this.protection = protection;
-        if (extraCerts != null)
-        {
-            ASN1EncodableVector v = new ASN1EncodableVector();
-            for (int i = 0; i < extraCerts.length; i++)
-            {
-                v.add(extraCerts[i]);
-            }
-            this.extraCerts = new DERSequence(v);
-        }
-    }
-
-    public PKIMessage(
-        PKIHeader header,
-        PKIBody body,
-        DERBitString protection)
-    {
-        this(header, body, protection, null);
-    }
-
-    public PKIMessage(
-        PKIHeader header,
-        PKIBody body)
-    {
-        this(header, body, null, null);
-    }
-
-    public PKIHeader getHeader()
-    {
-        return header;
-    }
-
-    public PKIBody getBody()
-    {
-        return body;
-    }
-
-    public DERBitString getProtection()
-    {
-        return protection;
-    }
-
-    public CMPCertificate[] getExtraCerts()
-    {
-        if (extraCerts == null)
-        {
-            return null;
-        }
-
-        CMPCertificate[] results = new CMPCertificate[extraCerts.size()];
-
-        for (int i = 0; i < results.length; i++)
-        {
-            results[i] = CMPCertificate.getInstance(extraCerts.getObjectAt(i));
-        }
-        return results;
-    }
-
-    /**
-     * <pre>
-     * PKIMessage ::= SEQUENCE {
-     *                  header           PKIHeader,
-     *                  body             PKIBody,
-     *                  protection   [0] PKIProtection OPTIONAL,
-     *                  extraCerts   [1] SEQUENCE SIZE (1..MAX) OF CMPCertificate
-     *                                                                     OPTIONAL
-     * }
-     * </pre>
-     *
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(header);
-        v.add(body);
-
-        addOptional(v, 0, protection);
-        addOptional(v, 1, extraCerts);
-
-        return new DERSequence(v);
-    }
-
-    private void addOptional(ASN1EncodableVector v, int tagNo, ASN1Encodable obj)
-    {
-        if (obj != null)
-        {
-            v.add(new DERTaggedObject(true, tagNo, obj));
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIMessages.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIMessages.java
deleted file mode 100644
index 5a80a0f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIMessages.java
+++ /dev/null

@@ -1,71 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-public class PKIMessages
-    extends ASN1Object
-{
-    private ASN1Sequence content;
-
-    private PKIMessages(ASN1Sequence seq)
-    {
-        content = seq;
-    }
-
-    public static PKIMessages getInstance(Object o)
-    {
-        if (o instanceof PKIMessages)
-        {
-            return (PKIMessages)o;
-        }
-
-        if (o != null)
-        {
-            return new PKIMessages(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public PKIMessages(PKIMessage msg)
-    {
-        content = new DERSequence(msg);
-    }
-
-    public PKIMessages(PKIMessage[] msgs)
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        for (int i = 0; i < msgs.length; i++)
-        {
-            v.add(msgs[i]);
-        }
-        content = new DERSequence(v);
-    }
-
-    public PKIMessage[] toPKIMessageArray()
-    {
-        PKIMessage[] result = new PKIMessage[content.size()];
-
-        for (int i = 0; i != result.length; i++)
-        {
-            result[i] = PKIMessage.getInstance(content.getObjectAt(i));
-        }
-
-        return result;
-    }
-
-    /**
-     * <pre>
-     * PKIMessages ::= SEQUENCE SIZE (1..MAX) OF PKIMessage
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return content;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIStatus.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIStatus.java
deleted file mode 100644
index 58f7ec0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIStatus.java
+++ /dev/null

@@ -1,64 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-
-public class PKIStatus
-    extends ASN1Object
-{
-    public static final int GRANTED                 = 0;
-    public static final int GRANTED_WITH_MODS       = 1;
-    public static final int REJECTION               = 2;
-    public static final int WAITING                 = 3;
-    public static final int REVOCATION_WARNING      = 4;
-    public static final int REVOCATION_NOTIFICATION = 5;
-    public static final int KEY_UPDATE_WARNING      = 6;
-
-    public static final PKIStatus granted = new PKIStatus(GRANTED);
-    public static final PKIStatus grantedWithMods = new PKIStatus(GRANTED_WITH_MODS);
-    public static final PKIStatus rejection = new PKIStatus(REJECTION);
-    public static final PKIStatus waiting = new PKIStatus(WAITING);
-    public static final PKIStatus revocationWarning = new PKIStatus(REVOCATION_WARNING);
-    public static final PKIStatus revocationNotification = new PKIStatus(REVOCATION_NOTIFICATION);
-    public static final PKIStatus keyUpdateWaiting = new PKIStatus(KEY_UPDATE_WARNING);
-
-    private ASN1Integer value;
-
-    private PKIStatus(int value)
-    {
-        this(new ASN1Integer(value));
-    }
-
-    private PKIStatus(ASN1Integer value)
-    {
-        this.value = value;
-    }
-
-    public static PKIStatus getInstance(Object o)
-    {
-        if (o instanceof PKIStatus)
-        {
-            return (PKIStatus)o;
-        }
-
-        if (o != null)
-        {
-            return new PKIStatus(ASN1Integer.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public BigInteger getValue()
-    {
-        return value.getValue();
-    }
-    
-    public ASN1Primitive toASN1Primitive()
-    {
-        return value;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIStatusInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIStatusInfo.java
deleted file mode 100644
index bac1ba5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PKIStatusInfo.java
+++ /dev/null

@@ -1,165 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERSequence;
-
-public class PKIStatusInfo
-    extends ASN1Object
-{
-    ASN1Integer      status;
-    PKIFreeText     statusString;
-    DERBitString    failInfo;
-
-    public static PKIStatusInfo getInstance(
-        ASN1TaggedObject obj,
-        boolean explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    public static PKIStatusInfo getInstance(
-        Object obj)
-    {
-        if (obj instanceof PKIStatusInfo)
-        {
-            return (PKIStatusInfo)obj;
-        }
-        else if (obj != null)
-        {
-            return new PKIStatusInfo(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private PKIStatusInfo(
-        ASN1Sequence seq)
-    {
-        this.status = ASN1Integer.getInstance(seq.getObjectAt(0));
-
-        this.statusString = null;
-        this.failInfo = null;
-
-        if (seq.size() > 2)
-        {
-            this.statusString = PKIFreeText.getInstance(seq.getObjectAt(1));
-            this.failInfo = DERBitString.getInstance(seq.getObjectAt(2));
-        }
-        else if (seq.size() > 1)
-        {
-            Object obj = seq.getObjectAt(1); 
-            if (obj instanceof DERBitString)
-            {
-                this.failInfo = DERBitString.getInstance(obj);
-            }
-            else
-            {
-                this.statusString = PKIFreeText.getInstance(obj);
-            }
-        }
-    }
-
-    /**
-     * @param status
-     */
-    public PKIStatusInfo(PKIStatus status)
-    {
-        this.status = ASN1Integer.getInstance(status.toASN1Primitive());
-    }
-
-    /**
-     *
-     * @param status
-     * @param statusString
-     */
-    public PKIStatusInfo(
-        PKIStatus   status,
-        PKIFreeText statusString)
-    {
-        this.status = ASN1Integer.getInstance(status.toASN1Primitive());
-        this.statusString = statusString;
-    }
-
-    public PKIStatusInfo(
-        PKIStatus      status,
-        PKIFreeText    statusString,
-        PKIFailureInfo failInfo)
-    {
-        this.status = ASN1Integer.getInstance(status.toASN1Primitive());
-        this.statusString = statusString;
-        this.failInfo = failInfo;
-    }
-    
-    public BigInteger getStatus()
-    {
-        return status.getValue();
-    }
-
-    public PKIFreeText getStatusString()
-    {
-        return statusString;
-    }
-
-    public DERBitString getFailInfo()
-    {
-        return failInfo;
-    }
-
-    /**
-     * <pre>
-     * PKIStatusInfo ::= SEQUENCE {
-     *     status        PKIStatus,                (INTEGER)
-     *     statusString  PKIFreeText     OPTIONAL,
-     *     failInfo      PKIFailureInfo  OPTIONAL  (BIT STRING)
-     * }
-     *
-     * PKIStatus:
-     *   granted                (0), -- you got exactly what you asked for
-     *   grantedWithMods        (1), -- you got something like what you asked for
-     *   rejection              (2), -- you don't get it, more information elsewhere in the message
-     *   waiting                (3), -- the request body part has not yet been processed, expect to hear more later
-     *   revocationWarning      (4), -- this message contains a warning that a revocation is imminent
-     *   revocationNotification (5), -- notification that a revocation has occurred
-     *   keyUpdateWarning       (6)  -- update already done for the oldCertId specified in CertReqMsg
-     *
-     * PKIFailureInfo:
-     *   badAlg           (0), -- unrecognized or unsupported Algorithm Identifier
-     *   badMessageCheck  (1), -- integrity check failed (e.g., signature did not verify)
-     *   badRequest       (2), -- transaction not permitted or supported
-     *   badTime          (3), -- messageTime was not sufficiently close to the system time, as defined by local policy
-     *   badCertId        (4), -- no certificate could be found matching the provided criteria
-     *   badDataFormat    (5), -- the data submitted has the wrong format
-     *   wrongAuthority   (6), -- the authority indicated in the request is different from the one creating the response token
-     *   incorrectData    (7), -- the requester's data is incorrect (for notary services)
-     *   missingTimeStamp (8), -- when the timestamp is missing but should be there (by policy)
-     *   badPOP           (9)  -- the proof-of-possession failed
-     *
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        v.add(status);
-
-        if (statusString != null)
-        {
-            v.add(statusString);
-        }
-
-        if (failInfo!= null)
-        {
-            v.add(failInfo);
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/POPODecKeyChallContent.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/POPODecKeyChallContent.java
deleted file mode 100644
index 2234068..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/POPODecKeyChallContent.java
+++ /dev/null

@@ -1,54 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-
-public class POPODecKeyChallContent
-    extends ASN1Object
-{
-    private ASN1Sequence content;
-
-    private POPODecKeyChallContent(ASN1Sequence seq)
-    {
-        content = seq;
-    }
-
-    public static POPODecKeyChallContent getInstance(Object o)
-    {
-        if (o instanceof POPODecKeyChallContent)
-        {
-            return (POPODecKeyChallContent)o;
-        }
-
-        if (o != null)
-        {
-            return new POPODecKeyChallContent(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public Challenge[] toChallengeArray()
-    {
-        Challenge[] result = new Challenge[content.size()];
-
-        for (int i = 0; i != result.length; i++)
-        {
-            result[i] = Challenge.getInstance(content.getObjectAt(i));
-        }
-
-        return result;
-    }
-
-    /**
-     * <pre>
-     * POPODecKeyChallContent ::= SEQUENCE OF Challenge
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return content;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/POPODecKeyRespContent.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/POPODecKeyRespContent.java
deleted file mode 100644
index 9c64db0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/POPODecKeyRespContent.java
+++ /dev/null

@@ -1,55 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-
-public class POPODecKeyRespContent
-    extends ASN1Object
-{
-    private ASN1Sequence content;
-
-    private POPODecKeyRespContent(ASN1Sequence seq)
-    {
-        content = seq;
-    }
-
-    public static POPODecKeyRespContent getInstance(Object o)
-    {
-        if (o instanceof POPODecKeyRespContent)
-        {
-            return (POPODecKeyRespContent)o;
-        }
-
-        if (o != null)
-        {
-            return new POPODecKeyRespContent(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public ASN1Integer[] toASN1IntegerArray()
-    {
-        ASN1Integer[] result = new ASN1Integer[content.size()];
-
-        for (int i = 0; i != result.length; i++)
-        {
-            result[i] = ASN1Integer.getInstance(content.getObjectAt(i));
-        }
-
-        return result;
-    }
-
-    /**
-     * <pre>
-     * POPODecKeyRespContent ::= SEQUENCE OF INTEGER
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return content;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PollRepContent.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PollRepContent.java
deleted file mode 100644
index 95d5f82..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PollRepContent.java
+++ /dev/null

@@ -1,119 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-public class PollRepContent
-    extends ASN1Object
-{
-    private ASN1Integer[] certReqId;
-    private ASN1Integer[] checkAfter;
-    private PKIFreeText[] reason;
-
-    private PollRepContent(ASN1Sequence seq)
-    {
-        certReqId = new ASN1Integer[seq.size()];
-        checkAfter = new ASN1Integer[seq.size()];
-        reason = new PKIFreeText[seq.size()];
-
-        for (int i = 0; i != seq.size(); i++)
-        {
-            ASN1Sequence s = ASN1Sequence.getInstance(seq.getObjectAt(i));
-
-            certReqId[i] = ASN1Integer.getInstance(s.getObjectAt(0));
-            checkAfter[i] = ASN1Integer.getInstance(s.getObjectAt(1));
-
-            if (s.size() > 2)
-            {
-                reason[i] = PKIFreeText.getInstance(s.getObjectAt(2));
-            }
-        }
-    }
-
-    public static PollRepContent getInstance(Object o)
-    {
-        if (o instanceof PollRepContent)
-        {
-            return (PollRepContent)o;
-        }
-
-        if (o != null)
-        {
-            return new PollRepContent(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public PollRepContent(ASN1Integer certReqId, ASN1Integer checkAfter)
-    {
-        this(certReqId, checkAfter, null);
-    }
-
-    public PollRepContent(ASN1Integer certReqId, ASN1Integer checkAfter, PKIFreeText reason)
-    {
-        this.certReqId = new ASN1Integer[1];
-        this.checkAfter = new ASN1Integer[1];
-        this.reason = new PKIFreeText[1];
-
-        this.certReqId[0] = certReqId;
-        this.checkAfter[0] = checkAfter;
-        this.reason[0] = reason;
-    }
-
-    public int size()
-    {
-        return certReqId.length;
-    }
-
-    public ASN1Integer getCertReqId(int index)
-    {
-        return certReqId[index];
-    }
-
-    public ASN1Integer getCheckAfter(int index)
-    {
-        return checkAfter[index];
-    }
-
-    public PKIFreeText getReason(int index)
-    {
-        return reason[index];
-    }
-
-    /**
-     * <pre>
-     * PollRepContent ::= SEQUENCE OF SEQUENCE {
-     *         certReqId              INTEGER,
-     *         checkAfter             INTEGER,  -- time in seconds
-     *         reason                 PKIFreeText OPTIONAL
-     *     }
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector outer = new ASN1EncodableVector();
-
-        for (int i = 0; i != certReqId.length; i++)
-        {
-            ASN1EncodableVector v = new ASN1EncodableVector();
-
-            v.add(certReqId[i]);
-            v.add(checkAfter[i]);
-
-            if (reason[i] != null)
-            {
-                v.add(reason[i]);
-            }
-
-            outer.add(new DERSequence(v));
-        }
-        
-        return new DERSequence(outer);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PollReqContent.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PollReqContent.java
deleted file mode 100644
index a7d439e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/PollReqContent.java
+++ /dev/null

@@ -1,149 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-public class PollReqContent
-    extends ASN1Object
-{
-    private ASN1Sequence content;
-
-    private PollReqContent(ASN1Sequence seq)
-    {
-        content = seq;
-    }
-
-    public static PollReqContent getInstance(Object o)
-    {
-        if (o instanceof PollReqContent)
-        {
-            return (PollReqContent)o;
-        }
-
-        if (o != null)
-        {
-            return new PollReqContent(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    /**
-     * Create a pollReqContent for a single certReqId.
-     *
-     * @param certReqId the certificate request ID.
-     */
-    public PollReqContent(ASN1Integer certReqId)
-    {
-        this(new DERSequence(new DERSequence(certReqId)));
-    }
-
-    /**
-     * Create a pollReqContent for a multiple certReqIds.
-     *
-     * @param certReqIds the certificate request IDs.
-     */
-    public PollReqContent(ASN1Integer[] certReqIds)
-    {
-        this(new DERSequence(intsToSequence(certReqIds)));
-    }
-
-    /**
-     * Create a pollReqContent for a single certReqId.
-     *
-     * @param certReqId the certificate request ID.
-     */
-    public PollReqContent(BigInteger certReqId)
-    {
-        this(new ASN1Integer(certReqId));
-    }
-
-    /**
-     * Create a pollReqContent for a multiple certReqIds.
-     *
-     * @param certReqIds the certificate request IDs.
-     */
-    public PollReqContent(BigInteger[] certReqIds)
-    {
-        this(intsToASN1(certReqIds));
-    }
-
-    public ASN1Integer[][] getCertReqIds()
-    {
-        ASN1Integer[][] result = new ASN1Integer[content.size()][];
-
-        for (int i = 0; i != result.length; i++)
-        {
-            result[i] = sequenceToASN1IntegerArray((ASN1Sequence)content.getObjectAt(i));
-        }
-
-        return result;
-    }
-
-    public BigInteger[] getCertReqIdValues()
-    {
-        BigInteger[] result = new BigInteger[content.size()];
-
-        for (int i = 0; i != result.length; i++)
-        {
-            result[i] = ASN1Integer.getInstance(
-                ASN1Sequence.getInstance(content.getObjectAt(i)).getObjectAt(0)).getValue();
-        }
-
-        return result;
-    }
-
-    private static ASN1Integer[] sequenceToASN1IntegerArray(ASN1Sequence seq)
-    {
-        ASN1Integer[] result = new ASN1Integer[seq.size()];
-
-        for (int i = 0; i != result.length; i++)
-        {
-            result[i] = ASN1Integer.getInstance(seq.getObjectAt(i));
-        }
-
-        return result;
-    }
-
-    private static DERSequence[] intsToSequence(ASN1Integer[] ids)
-    {
-        DERSequence[] result = new DERSequence[ids.length];
-
-        for (int i = 0; i != result.length; i++)
-        {
-            result[i] = new DERSequence(ids[i]);
-        }
-
-        return result;
-    }
-
-    private static ASN1Integer[] intsToASN1(BigInteger[] ids)
-    {
-        ASN1Integer[] result = new ASN1Integer[ids.length];
-
-        for (int i = 0; i != result.length; i++)
-        {
-            result[i] = new ASN1Integer(ids[i]);
-        }
-
-        return result;
-    }
-
-    /**
-     * <pre>
-     * PollReqContent ::= SEQUENCE OF SEQUENCE {
-     *                        certReqId              INTEGER
-     * }
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return content;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/ProtectedPart.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/ProtectedPart.java
deleted file mode 100644
index 38e4fb8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/ProtectedPart.java
+++ /dev/null

@@ -1,70 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-public class ProtectedPart
-    extends ASN1Object
-{
-    private PKIHeader header;
-    private PKIBody body;
-
-    private ProtectedPart(ASN1Sequence seq)
-    {
-        header = PKIHeader.getInstance(seq.getObjectAt(0));
-        body = PKIBody.getInstance(seq.getObjectAt(1));
-    }
-
-    public static ProtectedPart getInstance(Object o)
-    {
-        if (o instanceof ProtectedPart)
-        {
-            return (ProtectedPart)o;
-        }
-
-        if (o != null)
-        {
-            return new ProtectedPart(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public ProtectedPart(PKIHeader header, PKIBody body)
-    {
-        this.header = header;
-        this.body = body;
-    }
-
-    public PKIHeader getHeader()
-    {
-        return header;
-    }
-
-    public PKIBody getBody()
-    {
-        return body;
-    }
-
-    /**
-     * <pre>
-     * ProtectedPart ::= SEQUENCE {
-     *                    header    PKIHeader,
-     *                    body      PKIBody
-     * }
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(header);
-        v.add(body);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/RevAnnContent.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/RevAnnContent.java
deleted file mode 100644
index 36b4621..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/RevAnnContent.java
+++ /dev/null

@@ -1,103 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.crmf.CertId;
-import org.bouncycastle.asn1.x509.Extensions;
-
-public class RevAnnContent
-    extends ASN1Object
-{
-    private PKIStatus status;
-    private CertId certId;
-    private ASN1GeneralizedTime willBeRevokedAt;
-    private ASN1GeneralizedTime badSinceDate;
-    private Extensions crlDetails;
-    
-    private RevAnnContent(ASN1Sequence seq)
-    {
-        status = PKIStatus.getInstance(seq.getObjectAt(0));
-        certId = CertId.getInstance(seq.getObjectAt(1));
-        willBeRevokedAt = ASN1GeneralizedTime.getInstance(seq.getObjectAt(2));
-        badSinceDate = ASN1GeneralizedTime.getInstance(seq.getObjectAt(3));
-
-        if (seq.size() > 4)
-        {
-            crlDetails = Extensions.getInstance(seq.getObjectAt(4));
-        }
-    }
-
-    public static RevAnnContent getInstance(Object o)
-    {
-        if (o instanceof RevAnnContent)
-        {
-            return (RevAnnContent)o;
-        }
-
-        if (o != null)
-        {
-            return new RevAnnContent(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public PKIStatus getStatus()
-    {
-        return status;
-    }
-
-    public CertId getCertId()
-    {
-        return certId;
-    }
-
-    public ASN1GeneralizedTime getWillBeRevokedAt()
-    {
-        return willBeRevokedAt;
-    }
-
-    public ASN1GeneralizedTime getBadSinceDate()
-    {
-        return badSinceDate;
-    }
-
-    public Extensions getCrlDetails()
-    {
-        return crlDetails;
-    }
-
-    /**
-     * <pre>
-     * RevAnnContent ::= SEQUENCE {
-     *       status              PKIStatus,
-     *       certId              CertId,
-     *       willBeRevokedAt     GeneralizedTime,
-     *       badSinceDate        GeneralizedTime,
-     *       crlDetails          Extensions  OPTIONAL
-     *        -- extra CRL details (e.g., crl number, reason, location, etc.)
-     * }
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(status);
-        v.add(certId);
-        v.add(willBeRevokedAt);
-        v.add(badSinceDate);
-
-        if (crlDetails != null)
-        {
-            v.add(crlDetails);
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/RevDetails.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/RevDetails.java
deleted file mode 100644
index 3d9eb71..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/RevDetails.java
+++ /dev/null

@@ -1,100 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.crmf.CertTemplate;
-import org.bouncycastle.asn1.x509.Extensions;
-import org.bouncycastle.asn1.x509.X509Extensions;
-
-public class RevDetails
-    extends ASN1Object
-{
-    private CertTemplate certDetails;
-    private Extensions crlEntryDetails;
-
-    private RevDetails(ASN1Sequence seq)
-    {
-        certDetails = CertTemplate.getInstance(seq.getObjectAt(0));
-        if  (seq.size() > 1)
-        {
-            crlEntryDetails = Extensions.getInstance(seq.getObjectAt(1));
-        }
-    }
-
-    public static RevDetails getInstance(Object o)
-    {
-        if (o instanceof RevDetails)
-        {
-            return (RevDetails)o;
-        }
-
-        if (o != null)
-        {
-            return new RevDetails(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public RevDetails(CertTemplate certDetails)
-    {
-        this.certDetails = certDetails;
-    }
-
-    /**
-     * @deprecated use method taking Extensions
-     * @param certDetails
-     * @param crlEntryDetails
-     */
-    public RevDetails(CertTemplate certDetails, X509Extensions crlEntryDetails)
-    {
-        this.certDetails = certDetails;
-        this.crlEntryDetails = Extensions.getInstance(crlEntryDetails.toASN1Primitive());
-    }
-
-    public RevDetails(CertTemplate certDetails, Extensions crlEntryDetails)
-    {
-        this.certDetails = certDetails;
-        this.crlEntryDetails = crlEntryDetails;
-    }
-
-    public CertTemplate getCertDetails()
-    {
-        return certDetails;
-    }
-
-    public Extensions getCrlEntryDetails()
-    {
-        return crlEntryDetails;
-    }
-
-    /**
-     * <pre>
-     * RevDetails ::= SEQUENCE {
-     *                  certDetails         CertTemplate,
-     *                   -- allows requester to specify as much as they can about
-     *                   -- the cert. for which revocation is requested
-     *                   -- (e.g., for cases in which serialNumber is not available)
-     *                   crlEntryDetails     Extensions       OPTIONAL
-     *                   -- requested crlEntryExtensions
-     *             }
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(certDetails);
-
-        if (crlEntryDetails != null)
-        {
-            v.add(crlEntryDetails);
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/RevRepContent.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/RevRepContent.java
deleted file mode 100644
index 5cbb8e6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/RevRepContent.java
+++ /dev/null

@@ -1,137 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.crmf.CertId;
-import org.bouncycastle.asn1.x509.CertificateList;
-
-public class RevRepContent
-    extends ASN1Object
-{
-    private ASN1Sequence status;
-    private ASN1Sequence revCerts;
-    private ASN1Sequence crls;
-
-    private RevRepContent(ASN1Sequence seq)
-    {
-        Enumeration en = seq.getObjects();
-
-        status = ASN1Sequence.getInstance(en.nextElement());
-        while (en.hasMoreElements())
-        {
-            ASN1TaggedObject tObj = ASN1TaggedObject.getInstance(en.nextElement());
-
-            if (tObj.getTagNo() == 0)
-            {
-                revCerts = ASN1Sequence.getInstance(tObj, true);
-            }
-            else
-            {
-                crls = ASN1Sequence.getInstance(tObj, true);
-            }
-        }
-    }
-
-    public static RevRepContent getInstance(Object o)
-    {
-        if (o instanceof RevRepContent)
-        {
-            return (RevRepContent)o;
-        }
-
-        if (o != null)
-        {
-            return new RevRepContent(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public PKIStatusInfo[] getStatus()
-    {
-        PKIStatusInfo[] results = new PKIStatusInfo[status.size()];
-
-        for (int i = 0; i != results.length; i++)
-        {
-            results[i] = PKIStatusInfo.getInstance(status.getObjectAt(i));
-        }
-
-        return results;
-    }
-
-    public CertId[] getRevCerts()
-    {
-        if (revCerts == null)
-        {
-            return null;
-        }
-
-        CertId[] results = new CertId[revCerts.size()];
-
-        for (int i = 0; i != results.length; i++)
-        {
-            results[i] = CertId.getInstance(revCerts.getObjectAt(i));
-        }
-
-        return results;
-    }
-
-    public CertificateList[] getCrls()
-    {
-        if (crls == null)
-        {
-            return null;
-        }
-
-        CertificateList[] results = new CertificateList[crls.size()];
-
-        for (int i = 0; i != results.length; i++)
-        {
-            results[i] = CertificateList.getInstance(crls.getObjectAt(i));
-        }
-
-        return results;
-    }
-
-    /**
-     * <pre>
-     * RevRepContent ::= SEQUENCE {
-     *        status       SEQUENCE SIZE (1..MAX) OF PKIStatusInfo,
-     *        -- in same order as was sent in RevReqContent
-     *        revCerts [0] SEQUENCE SIZE (1..MAX) OF CertId OPTIONAL,
-     *        -- IDs for which revocation was requested
-     *        -- (same order as status)
-     *        crls     [1] SEQUENCE SIZE (1..MAX) OF CertificateList OPTIONAL
-     *        -- the resulting CRLs (there may be more than one)
-     *   }
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(status);
-
-        addOptional(v, 0, revCerts);
-        addOptional(v, 1, crls);
-
-        return new DERSequence(v);
-    }
-
-    private void addOptional(ASN1EncodableVector v, int tagNo, ASN1Encodable obj)
-    {
-        if (obj != null)
-        {
-            v.add(new DERTaggedObject(true, tagNo, obj));
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/RevRepContentBuilder.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/RevRepContentBuilder.java
deleted file mode 100644
index 10522c2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/RevRepContentBuilder.java
+++ /dev/null

@@ -1,59 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.crmf.CertId;
-import org.bouncycastle.asn1.x509.CertificateList;
-
-public class RevRepContentBuilder
-{
-    private ASN1EncodableVector status = new ASN1EncodableVector();
-    private ASN1EncodableVector revCerts = new ASN1EncodableVector();
-    private ASN1EncodableVector crls = new ASN1EncodableVector();
-
-    public RevRepContentBuilder add(PKIStatusInfo status)
-    {
-        this.status.add(status);
-
-        return this;
-    }
-
-    public RevRepContentBuilder add(PKIStatusInfo status, CertId certId)
-    {
-        if (this.status.size() != this.revCerts.size())
-        {
-            throw new IllegalStateException("status and revCerts sequence must be in common order");
-        }
-        this.status.add(status);
-        this.revCerts.add(certId);
-
-        return this;
-    }
-
-    public RevRepContentBuilder addCrl(CertificateList crl)
-    {
-        this.crls.add(crl);
-
-        return this;
-    }
-
-    public RevRepContent build()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(new DERSequence(status));
-
-        if (revCerts.size() != 0)
-        {
-            v.add(new DERTaggedObject(true, 0, new DERSequence(revCerts)));
-        }
-
-        if (crls.size() != 0)
-        {
-            v.add(new DERTaggedObject(true, 1, new DERSequence(crls)));
-        }
-
-        return RevRepContent.getInstance(new DERSequence(v));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/RevReqContent.java b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/RevReqContent.java
deleted file mode 100644
index 468be4e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/RevReqContent.java
+++ /dev/null

@@ -1,73 +0,0 @@
-package org.bouncycastle.asn1.cmp;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-public class RevReqContent
-    extends ASN1Object
-{
-    private ASN1Sequence content;
-
-    private RevReqContent(ASN1Sequence seq)
-    {
-        content = seq;
-    }
-
-    public static RevReqContent getInstance(Object o)
-    {
-        if (o instanceof RevReqContent)
-        {
-            return (RevReqContent)o;
-        }
-
-        if (o != null)
-        {
-            return new RevReqContent(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public RevReqContent(RevDetails revDetails)
-    {
-        this.content = new DERSequence(revDetails);
-    }
-
-    public RevReqContent(RevDetails[] revDetailsArray)
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        for (int i = 0; i != revDetailsArray.length; i++)
-        {
-            v.add(revDetailsArray[i]);
-        }
-
-        this.content = new DERSequence(v);
-    }
-
-    public RevDetails[] toRevDetailsArray()
-    {
-        RevDetails[] result = new RevDetails[content.size()];
-
-        for (int i = 0; i != result.length; i++)
-        {
-            result[i] = RevDetails.getInstance(content.getObjectAt(i));
-        }
-
-        return result;
-    }
-
-    /**
-     * <pre>
-     * RevReqContent ::= SEQUENCE OF RevDetails
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return content;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/cmp/package.html
deleted file mode 100644
index d5ce6b9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cmp/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes useful for encoding and supporting PKIX-CMP as described RFC 4210.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthEnvelopedData.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthEnvelopedData.java
deleted file mode 100644
index 2206af6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthEnvelopedData.java
+++ /dev/null

@@ -1,270 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.BERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5083">RFC 5083</a>:
- *
- * CMS AuthEnveloped Data object.
- * <p>
- * ASN.1:
- * <pre>
- * id-ct-authEnvelopedData OBJECT IDENTIFIER ::= { iso(1)
- *       member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs-9(9)
- *       smime(16) ct(1) 23 }
- *
- * AuthEnvelopedData ::= SEQUENCE {
- *       version CMSVersion,
- *       originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
- *       recipientInfos RecipientInfos,
- *       authEncryptedContentInfo EncryptedContentInfo,
- *       authAttrs [1] IMPLICIT AuthAttributes OPTIONAL,
- *       mac MessageAuthenticationCode,
- *       unauthAttrs [2] IMPLICIT UnauthAttributes OPTIONAL }
- * </pre>
- */
-public class AuthEnvelopedData
-    extends ASN1Object
-{
-    private ASN1Integer version;
-    private OriginatorInfo originatorInfo;
-    private ASN1Set recipientInfos;
-    private EncryptedContentInfo authEncryptedContentInfo;
-    private ASN1Set authAttrs;
-    private ASN1OctetString mac;
-    private ASN1Set unauthAttrs;
-
-    public AuthEnvelopedData(
-        OriginatorInfo originatorInfo,
-        ASN1Set recipientInfos,
-        EncryptedContentInfo authEncryptedContentInfo,
-        ASN1Set authAttrs,
-        ASN1OctetString mac,
-        ASN1Set unauthAttrs)
-    {
-        // "It MUST be set to 0."
-        this.version = new ASN1Integer(0);
-
-        this.originatorInfo = originatorInfo;
-
-        // "There MUST be at least one element in the collection."
-        this.recipientInfos = recipientInfos;
-        if (this.recipientInfos.size() == 0)
-        {
-            throw new IllegalArgumentException("AuthEnvelopedData requires at least 1 RecipientInfo");
-        }
-
-        this.authEncryptedContentInfo = authEncryptedContentInfo;
-
-        // "The authAttrs MUST be present if the content type carried in
-        // EncryptedContentInfo is not id-data."
-        this.authAttrs = authAttrs;
-        if (!authEncryptedContentInfo.getContentType().equals(CMSObjectIdentifiers.data))
-        {
-            if (authAttrs == null || authAttrs.size() == 0)
-            {
-                throw new IllegalArgumentException("authAttrs must be present with non-data content");
-            }
-        }
-
-        this.mac = mac;
-
-        this.unauthAttrs = unauthAttrs;
-    }
-
-    /**
-     * Constructs AuthEnvelopedData by parsing supplied ASN1Sequence
-     * <p>
-     * @param seq An ASN1Sequence with AuthEnvelopedData
-     */
-    private AuthEnvelopedData(
-        ASN1Sequence seq)
-    {
-        int index = 0;
-
-        // "It MUST be set to 0."
-        ASN1Primitive tmp = seq.getObjectAt(index++).toASN1Primitive();
-        version = (ASN1Integer)tmp;
-        if (this.version.getValue().intValue() != 0)
-        {
-            throw new IllegalArgumentException("AuthEnvelopedData version number must be 0");
-        }
-
-        tmp = seq.getObjectAt(index++).toASN1Primitive();
-        if (tmp instanceof ASN1TaggedObject)
-        {
-            originatorInfo = OriginatorInfo.getInstance((ASN1TaggedObject)tmp, false);
-            tmp = seq.getObjectAt(index++).toASN1Primitive();
-        }
-
-        // "There MUST be at least one element in the collection."
-        recipientInfos = ASN1Set.getInstance(tmp);
-        if (this.recipientInfos.size() == 0)
-        {
-            throw new IllegalArgumentException("AuthEnvelopedData requires at least 1 RecipientInfo");
-        }
-
-        tmp = seq.getObjectAt(index++).toASN1Primitive();
-        authEncryptedContentInfo = EncryptedContentInfo.getInstance(tmp);
-
-        tmp = seq.getObjectAt(index++).toASN1Primitive();
-        if (tmp instanceof ASN1TaggedObject)
-        {
-            authAttrs = ASN1Set.getInstance((ASN1TaggedObject)tmp, false);
-            tmp = seq.getObjectAt(index++).toASN1Primitive();
-        }
-        else
-        {
-            // "The authAttrs MUST be present if the content type carried in
-            // EncryptedContentInfo is not id-data."
-            if (!authEncryptedContentInfo.getContentType().equals(CMSObjectIdentifiers.data))
-            {
-                if (authAttrs == null || authAttrs.size() == 0)
-                {
-                    throw new IllegalArgumentException("authAttrs must be present with non-data content");
-                }
-            }
-        }
-
-        mac = ASN1OctetString.getInstance(tmp);
-
-        if (seq.size() > index)
-        {
-            tmp = seq.getObjectAt(index).toASN1Primitive();
-            unauthAttrs = ASN1Set.getInstance((ASN1TaggedObject)tmp, false);
-        }
-    }
-
-    /**
-     * Return an AuthEnvelopedData object from a tagged object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats
-     * </ul>
-     *
-
-     * @param obj      the tagged object holding the object we want.
-     * @param explicit true if the object is meant to be explicitly
-     *                 tagged false otherwise.
-     * @return a reference that can be assigned to AuthEnvelopedData (may be null)
-     * @throws IllegalArgumentException if the object held by the
-     *                                  tagged object cannot be converted.
-     */
-    public static AuthEnvelopedData getInstance(
-        ASN1TaggedObject obj,
-        boolean explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    /**
-     * Return an AuthEnvelopedData object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link AuthEnvelopedData} object
-     * <li> {@link ASN1Sequence org.bouncycastle.asn1.ASN1Sequence} input formats with AuthEnvelopedData structure inside
-     * </ul>
-     *
-     * @param obj The object we want converted.
-     * @return a reference that can be assigned to AuthEnvelopedData (may be null)
-     * @throws IllegalArgumentException if the object cannot be converted, or was null.
-     */
-    public static AuthEnvelopedData getInstance(
-        Object obj)
-    {
-        if (obj == null || obj instanceof AuthEnvelopedData)
-        {
-            return (AuthEnvelopedData)obj;
-        }
-
-        if (obj instanceof ASN1Sequence)
-        {
-            return new AuthEnvelopedData((ASN1Sequence)obj);
-        }
-
-        throw new IllegalArgumentException("Invalid AuthEnvelopedData: " + obj.getClass().getName());
-    }
-
-    public ASN1Integer getVersion()
-    {
-        return version;
-    }
-
-    public OriginatorInfo getOriginatorInfo()
-    {
-        return originatorInfo;
-    }
-
-    public ASN1Set getRecipientInfos()
-    {
-        return recipientInfos;
-    }
-
-    public EncryptedContentInfo getAuthEncryptedContentInfo()
-    {
-        return authEncryptedContentInfo;
-    }
-
-    public ASN1Set getAuthAttrs()
-    {
-        return authAttrs;
-    }
-
-    public ASN1OctetString getMac()
-    {
-        return mac;
-    }
-
-    public ASN1Set getUnauthAttrs()
-    {
-        return unauthAttrs;
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(version);
-
-        if (originatorInfo != null)
-        {
-            v.add(new DERTaggedObject(false, 0, originatorInfo));
-        }
-
-        v.add(recipientInfos);
-        v.add(authEncryptedContentInfo);
-
-        // "authAttrs optionally contains the authenticated attributes."
-        if (authAttrs != null)
-        {
-            // "AuthAttributes MUST be DER encoded, even if the rest of the
-            // AuthEnvelopedData structure is BER encoded."
-            v.add(new DERTaggedObject(false, 1, authAttrs));
-        }
-
-        v.add(mac);
-
-        // "unauthAttrs optionally contains the unauthenticated attributes."
-        if (unauthAttrs != null)
-        {
-            v.add(new DERTaggedObject(false, 2, unauthAttrs));
-        }
-
-        return new BERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthEnvelopedDataParser.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthEnvelopedDataParser.java
deleted file mode 100644
index 8840610..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthEnvelopedDataParser.java
+++ /dev/null

@@ -1,166 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1ParsingException;
-import org.bouncycastle.asn1.ASN1SequenceParser;
-import org.bouncycastle.asn1.ASN1SetParser;
-import org.bouncycastle.asn1.ASN1TaggedObjectParser;
-import org.bouncycastle.asn1.BERTags;
-
-/**
- * Parse {@link AuthEnvelopedData} input stream.
- * 
- * <pre>
- * AuthEnvelopedData ::= SEQUENCE {
- *   version CMSVersion,
- *   originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
- *   recipientInfos RecipientInfos,
- *   authEncryptedContentInfo EncryptedContentInfo,
- *   authAttrs [1] IMPLICIT AuthAttributes OPTIONAL,
- *   mac MessageAuthenticationCode,
- *   unauthAttrs [2] IMPLICIT UnauthAttributes OPTIONAL }
- * </pre>
- */
-public class AuthEnvelopedDataParser
-{
-    private ASN1SequenceParser seq;
-    private ASN1Integer version;
-    private ASN1Encodable nextObject;
-    private boolean originatorInfoCalled;
-    private EncryptedContentInfoParser authEncryptedContentInfoParser;
-
-    public AuthEnvelopedDataParser(ASN1SequenceParser seq) throws IOException
-    {
-        this.seq = seq;
-
-        // "It MUST be set to 0."
-        this.version = ASN1Integer.getInstance(seq.readObject());
-        if (this.version.getValue().intValue() != 0)
-        {
-            throw new ASN1ParsingException("AuthEnvelopedData version number must be 0");
-        }
-    }
-
-    public ASN1Integer getVersion()
-    {
-        return version;
-    }
-
-    public OriginatorInfo getOriginatorInfo()
-        throws IOException
-    {
-        originatorInfoCalled = true;
-
-        if (nextObject == null)
-        {
-            nextObject = seq.readObject();
-        }
-
-        if (nextObject instanceof ASN1TaggedObjectParser && ((ASN1TaggedObjectParser)nextObject).getTagNo() == 0)
-        {
-            ASN1SequenceParser originatorInfo = (ASN1SequenceParser) ((ASN1TaggedObjectParser)nextObject).getObjectParser(BERTags.SEQUENCE, false);
-            nextObject = null;
-            return OriginatorInfo.getInstance(originatorInfo.toASN1Primitive());
-        }
-
-        return null;
-    }
-
-    public ASN1SetParser getRecipientInfos()
-        throws IOException
-    {
-        if (!originatorInfoCalled)
-        {
-            getOriginatorInfo();
-        }
-
-        if (nextObject == null)
-        {
-            nextObject = seq.readObject();
-        }
-
-        ASN1SetParser recipientInfos = (ASN1SetParser)nextObject;
-        nextObject = null;
-        return recipientInfos;
-    }
-
-    public EncryptedContentInfoParser getAuthEncryptedContentInfo()
-        throws IOException
-    {
-        if (nextObject == null)
-        {
-            nextObject = seq.readObject();
-        }
-
-        if (nextObject != null)
-        {
-            ASN1SequenceParser o = (ASN1SequenceParser) nextObject;
-            nextObject = null;
-            authEncryptedContentInfoParser = new EncryptedContentInfoParser(o);
-            return authEncryptedContentInfoParser;
-        }
-
-        return null;
-    }
-
-    public ASN1SetParser getAuthAttrs()
-        throws IOException
-    {
-        if (nextObject == null)
-        {
-            nextObject = seq.readObject();
-        }
-
-        if (nextObject instanceof ASN1TaggedObjectParser)
-        {
-            ASN1Encodable o = nextObject;
-            nextObject = null;
-            return (ASN1SetParser)((ASN1TaggedObjectParser)o).getObjectParser(BERTags.SET, false);
-        }
-
-        // "The authAttrs MUST be present if the content type carried in
-        // EncryptedContentInfo is not id-data."
-        if (!authEncryptedContentInfoParser.getContentType().equals(CMSObjectIdentifiers.data))
-        {
-            throw new ASN1ParsingException("authAttrs must be present with non-data content");
-        }
-
-        return null;
-    }
-
-    public ASN1OctetString getMac()
-        throws IOException
-    {
-        if (nextObject == null)
-        {
-            nextObject = seq.readObject();
-        }
-
-        ASN1Encodable o = nextObject;
-        nextObject = null;
-
-        return ASN1OctetString.getInstance(o.toASN1Primitive());
-    }
-
-    public ASN1SetParser getUnauthAttrs()
-        throws IOException
-    {
-        if (nextObject == null)
-        {
-            nextObject = seq.readObject();
-        }
-
-        if (nextObject != null)
-        {
-            ASN1Encodable o = nextObject;
-            nextObject = null;
-            return (ASN1SetParser)((ASN1TaggedObjectParser)o).getObjectParser(BERTags.SET, false);
-        }
-
-        return null;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthenticatedData.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthenticatedData.java
deleted file mode 100644
index d0a8cca..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthenticatedData.java
+++ /dev/null

@@ -1,309 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.BERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5652#section-9.1">RFC 5652</a> section 9.1:
- * The AuthenticatedData carries AuthAttributes and other data
- * which define what really is being signed.
- * <pre>
- * AuthenticatedData ::= SEQUENCE {
- *       version CMSVersion,
- *       originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
- *       recipientInfos RecipientInfos,
- *       macAlgorithm MessageAuthenticationCodeAlgorithm,
- *       digestAlgorithm [1] DigestAlgorithmIdentifier OPTIONAL,
- *       encapContentInfo EncapsulatedContentInfo,
- *       authAttrs [2] IMPLICIT AuthAttributes OPTIONAL,
- *       mac MessageAuthenticationCode,
- *       unauthAttrs [3] IMPLICIT UnauthAttributes OPTIONAL }
- *
- * AuthAttributes ::= SET SIZE (1..MAX) OF Attribute
- *
- * UnauthAttributes ::= SET SIZE (1..MAX) OF Attribute
- *
- * MessageAuthenticationCode ::= OCTET STRING
- * </pre>
- */
-public class AuthenticatedData
-    extends ASN1Object
-{
-    private ASN1Integer version;
-    private OriginatorInfo originatorInfo;
-    private ASN1Set recipientInfos;
-    private AlgorithmIdentifier macAlgorithm;
-    private AlgorithmIdentifier digestAlgorithm;
-    private ContentInfo encapsulatedContentInfo;
-    private ASN1Set authAttrs;
-    private ASN1OctetString mac;
-    private ASN1Set unauthAttrs;
-
-    public AuthenticatedData(
-        OriginatorInfo originatorInfo,
-        ASN1Set recipientInfos,
-        AlgorithmIdentifier macAlgorithm,
-        AlgorithmIdentifier digestAlgorithm,
-        ContentInfo encapsulatedContent,
-        ASN1Set authAttrs,
-        ASN1OctetString mac,
-        ASN1Set unauthAttrs)
-    {
-        if (digestAlgorithm != null || authAttrs != null)
-        {
-            if (digestAlgorithm == null || authAttrs == null)
-            {
-                throw new IllegalArgumentException("digestAlgorithm and authAttrs must be set together");
-            }
-        }
-
-        version = new ASN1Integer(calculateVersion(originatorInfo));
-        
-        this.originatorInfo = originatorInfo;
-        this.macAlgorithm = macAlgorithm;
-        this.digestAlgorithm = digestAlgorithm;
-        this.recipientInfos = recipientInfos;
-        this.encapsulatedContentInfo = encapsulatedContent;
-        this.authAttrs = authAttrs;
-        this.mac = mac;
-        this.unauthAttrs = unauthAttrs;
-    }
-
-    private AuthenticatedData(
-        ASN1Sequence seq)
-    {
-        int index = 0;
-
-        version = (ASN1Integer)seq.getObjectAt(index++);
-
-        Object tmp = seq.getObjectAt(index++);
-
-        if (tmp instanceof ASN1TaggedObject)
-        {
-            originatorInfo = OriginatorInfo.getInstance((ASN1TaggedObject)tmp, false);
-            tmp = seq.getObjectAt(index++);
-        }
-
-        recipientInfos = ASN1Set.getInstance(tmp);
-        macAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(index++));
-
-        tmp = seq.getObjectAt(index++);
-
-        if (tmp instanceof ASN1TaggedObject)
-        {
-            digestAlgorithm = AlgorithmIdentifier.getInstance((ASN1TaggedObject)tmp, false);
-            tmp = seq.getObjectAt(index++);
-        }
-
-        encapsulatedContentInfo = ContentInfo.getInstance(tmp);
-
-        tmp = seq.getObjectAt(index++);
-
-        if (tmp instanceof ASN1TaggedObject)
-        {
-            authAttrs = ASN1Set.getInstance((ASN1TaggedObject)tmp, false);
-            tmp = seq.getObjectAt(index++);
-        }
-
-        mac = ASN1OctetString.getInstance(tmp);
-        
-        if (seq.size() > index)
-        {
-            unauthAttrs = ASN1Set.getInstance((ASN1TaggedObject)seq.getObjectAt(index), false);
-        }
-    }
-
-    /**
-     * Return an AuthenticatedData object from a tagged object.
-     *
-     * @param obj      the tagged object holding the object we want.
-     * @param explicit true if the object is meant to be explicitly
-     *                 tagged false otherwise.
-     * @return a reference that can be assigned to AuthenticatedData (may be null)
-     * @throws IllegalArgumentException if the object held by the
-     *                                  tagged object cannot be converted.
-     */
-    public static AuthenticatedData getInstance(
-        ASN1TaggedObject obj,
-        boolean explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    /**
-     * Return an AuthenticatedData object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link AuthenticatedData} object
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with AuthenticatedData structure inside
-     * </ul>
-     *
-     * @param obj the object we want converted.
-     * @return a reference that can be assigned to AuthenticatedData (may be null)
-     * @throws IllegalArgumentException if the object cannot be converted.
-     */
-    public static AuthenticatedData getInstance(
-        Object obj)
-    {
-        if (obj instanceof AuthenticatedData)
-        {
-            return (AuthenticatedData)obj;
-        }
-        else if (obj != null)
-        {
-            return new AuthenticatedData(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public ASN1Integer getVersion()
-    {
-        return version;
-    }
-
-    public OriginatorInfo getOriginatorInfo()
-    {
-        return originatorInfo;
-    }
-
-    public ASN1Set getRecipientInfos()
-    {
-        return recipientInfos;
-    }
-
-    public AlgorithmIdentifier getMacAlgorithm()
-    {
-        return macAlgorithm;
-    }
-
-    public AlgorithmIdentifier getDigestAlgorithm()
-    {
-        return digestAlgorithm;
-    }
-
-    public ContentInfo getEncapsulatedContentInfo()
-    {
-        return encapsulatedContentInfo;
-    }
-
-    public ASN1Set getAuthAttrs()
-    {
-        return authAttrs;
-    }
-
-    public ASN1OctetString getMac()
-    {
-        return mac;
-    }
-
-    public ASN1Set getUnauthAttrs()
-    {
-        return unauthAttrs;
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(version);
-
-        if (originatorInfo != null)
-        {
-            v.add(new DERTaggedObject(false, 0, originatorInfo));
-        }
-
-        v.add(recipientInfos);
-        v.add(macAlgorithm);
-
-        if (digestAlgorithm != null)
-        {
-            v.add(new DERTaggedObject(false, 1, digestAlgorithm));
-        }
-
-        v.add(encapsulatedContentInfo);
-
-        if (authAttrs != null)
-        {
-            v.add(new DERTaggedObject(false, 2, authAttrs));
-        }
-
-        v.add(mac);
-
-        if (unauthAttrs != null)
-        {
-            v.add(new DERTaggedObject(false, 3, unauthAttrs));
-        }
-
-        return new BERSequence(v);
-    }
-
-    public static int calculateVersion(OriginatorInfo origInfo)
-    {
-        if (origInfo == null)
-        {
-            return 0;
-        }
-        else
-        {
-            int ver = 0;
-
-            for (Enumeration e = origInfo.getCertificates().getObjects(); e.hasMoreElements();)
-            {
-                Object obj = e.nextElement();
-
-                if (obj instanceof ASN1TaggedObject)
-                {
-                    ASN1TaggedObject tag = (ASN1TaggedObject)obj;
-
-                    if (tag.getTagNo() == 2)
-                    {
-                        ver = 1;
-                    }
-                    else if (tag.getTagNo() == 3)
-                    {
-                        ver = 3;
-                        break;
-                    }
-                }
-            }
-
-            if (origInfo.getCRLs() != null)
-            {
-                for (Enumeration e = origInfo.getCRLs().getObjects(); e.hasMoreElements();)
-                {
-                    Object obj = e.nextElement();
-
-                    if (obj instanceof ASN1TaggedObject)
-                    {
-                        ASN1TaggedObject tag = (ASN1TaggedObject)obj;
-
-                        if (tag.getTagNo() == 1)
-                        {
-                            ver = 3;
-                            break;
-                        }
-                    }
-                }
-            }
-
-            return ver;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthenticatedDataParser.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthenticatedDataParser.java
deleted file mode 100644
index d8ed520..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/AuthenticatedDataParser.java
+++ /dev/null

@@ -1,197 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1SequenceParser;
-import org.bouncycastle.asn1.ASN1SetParser;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.ASN1TaggedObjectParser;
-import org.bouncycastle.asn1.BERTags;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * Parse {@link AuthenticatedData} stream.
- * <pre>
- * AuthenticatedData ::= SEQUENCE {
- *       version CMSVersion,
- *       originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
- *       recipientInfos RecipientInfos,
- *       macAlgorithm MessageAuthenticationCodeAlgorithm,
- *       digestAlgorithm [1] DigestAlgorithmIdentifier OPTIONAL,
- *       encapContentInfo EncapsulatedContentInfo,
- *       authAttrs [2] IMPLICIT AuthAttributes OPTIONAL,
- *       mac MessageAuthenticationCode,
- *       unauthAttrs [3] IMPLICIT UnauthAttributes OPTIONAL }
- *
- * AuthAttributes ::= SET SIZE (1..MAX) OF Attribute
- *
- * UnauthAttributes ::= SET SIZE (1..MAX) OF Attribute
- *
- * MessageAuthenticationCode ::= OCTET STRING
- * </pre>
- */
-public class AuthenticatedDataParser
-{
-    private ASN1SequenceParser seq;
-    private ASN1Integer version;
-    private ASN1Encodable nextObject;
-    private boolean originatorInfoCalled;
-
-    public AuthenticatedDataParser(
-        ASN1SequenceParser seq)
-        throws IOException
-    {
-        this.seq = seq;
-        this.version = ASN1Integer.getInstance(seq.readObject());
-    }
-
-    public ASN1Integer getVersion()
-    {
-        return version;
-    }
-
-    public OriginatorInfo getOriginatorInfo()
-        throws IOException
-    {
-        originatorInfoCalled = true;
-
-        if (nextObject == null)
-        {
-            nextObject = seq.readObject();
-        }
-
-        if (nextObject instanceof ASN1TaggedObjectParser && ((ASN1TaggedObjectParser)nextObject).getTagNo() == 0)
-        {
-            ASN1SequenceParser originatorInfo = (ASN1SequenceParser) ((ASN1TaggedObjectParser)nextObject).getObjectParser(BERTags.SEQUENCE, false);
-            nextObject = null;
-            return OriginatorInfo.getInstance(originatorInfo.toASN1Primitive());
-        }
-
-        return null;
-    }
-
-    public ASN1SetParser getRecipientInfos()
-        throws IOException
-    {
-        if (!originatorInfoCalled)
-        {
-            getOriginatorInfo();
-        }
-
-        if (nextObject == null)
-        {
-            nextObject = seq.readObject();
-        }
-
-        ASN1SetParser recipientInfos = (ASN1SetParser)nextObject;
-        nextObject = null;
-        return recipientInfos;
-    }
-
-    public AlgorithmIdentifier getMacAlgorithm()
-        throws IOException
-    {
-        if (nextObject == null)
-        {
-            nextObject = seq.readObject();
-        }
-
-        if (nextObject != null)
-        {
-            ASN1SequenceParser o = (ASN1SequenceParser)nextObject;
-            nextObject = null;
-            return AlgorithmIdentifier.getInstance(o.toASN1Primitive());
-        }
-
-        return null;
-    }
-
-    public AlgorithmIdentifier getDigestAlgorithm()
-        throws IOException
-    {
-        if (nextObject == null)
-        {
-            nextObject = seq.readObject();
-        }
-
-        if (nextObject instanceof ASN1TaggedObjectParser)
-        {
-            AlgorithmIdentifier obj = AlgorithmIdentifier.getInstance((ASN1TaggedObject)nextObject.toASN1Primitive(), false);
-            nextObject = null;
-            return obj;
-        }
-
-        return null;
-    }
-
-    public ContentInfoParser getEncapsulatedContentInfo()
-        throws IOException
-    {
-        if (nextObject == null)
-        {
-            nextObject = seq.readObject();
-        }
-
-        if (nextObject != null)
-        {
-            ASN1SequenceParser o = (ASN1SequenceParser)nextObject;
-            nextObject = null;
-            return new ContentInfoParser(o);
-        }
-
-        return null;
-    }
-
-    public ASN1SetParser getAuthAttrs()
-        throws IOException
-    {
-        if (nextObject == null)
-        {
-            nextObject = seq.readObject();
-        }
-
-        if (nextObject instanceof ASN1TaggedObjectParser)
-        {
-            ASN1Encodable o = nextObject;
-            nextObject = null;
-            return (ASN1SetParser)((ASN1TaggedObjectParser)o).getObjectParser(BERTags.SET, false);
-        }
-
-        return null;
-    }
-
-    public ASN1OctetString getMac()
-        throws IOException
-    {
-        if (nextObject == null)
-        {
-            nextObject = seq.readObject();
-        }
-
-        ASN1Encodable o = nextObject;
-        nextObject = null;
-
-        return ASN1OctetString.getInstance(o.toASN1Primitive());
-    }
-
-    public ASN1SetParser getUnauthAttrs()
-        throws IOException
-    {
-        if (nextObject == null)
-        {
-            nextObject = seq.readObject();
-        }
-
-        if (nextObject != null)
-        {
-            ASN1Encodable o = nextObject;
-            nextObject = null;
-            return (ASN1SetParser)((ASN1TaggedObjectParser)o).getObjectParser(BERTags.SET, false);
-        }
-
-        return null;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/CCMParameters.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/CCMParameters.java
deleted file mode 100644
index 3277bb2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/CCMParameters.java
+++ /dev/null

@@ -1,102 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.util.Arrays;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5084">RFC 5084</a>: CCMParameters object.
- * <p>
- * <pre>
- CCMParameters ::= SEQUENCE {
-   aes-nonce        OCTET STRING, -- recommended size is 12 octets
-   aes-ICVlen       AES-CCM-ICVlen DEFAULT 12 }
- * </pre>
- */
-public class CCMParameters
-    extends ASN1Object
-{
-    private byte[] nonce;
-    private int icvLen;
-
-    /**
-     * Return an CCMParameters object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link org.bouncycastle.asn1.cms.CCMParameters} object
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(Object) ASN1Sequence} input formats with CCMParameters structure inside
-     * </ul>
-     *
-     * @param obj the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static CCMParameters getInstance(
-        Object  obj)
-    {
-        if (obj instanceof CCMParameters)
-        {
-            return (CCMParameters)obj;
-        }
-        else if (obj != null)
-        {
-            return new CCMParameters(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private CCMParameters(
-        ASN1Sequence seq)
-    {
-        this.nonce = ASN1OctetString.getInstance(seq.getObjectAt(0)).getOctets();
-
-        if (seq.size() == 2)
-        {
-            this.icvLen = ASN1Integer.getInstance(seq.getObjectAt(1)).getValue().intValue();
-        }
-        else
-        {
-            this.icvLen = 12;
-        }
-    }
-
-    public CCMParameters(
-        byte[] nonce,
-        int icvLen)
-    {
-        this.nonce = Arrays.clone(nonce);
-        this.icvLen = icvLen;
-    }
-
-    public byte[] getNonce()
-    {
-        return Arrays.clone(nonce);
-    }
-
-    public int getIcvLen()
-    {
-        return icvLen;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector    v = new ASN1EncodableVector();
-
-        v.add(new DEROctetString(nonce));
-
-        if (icvLen != 12)
-        {
-            v.add(new ASN1Integer(icvLen));
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/CompressedData.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/CompressedData.java
deleted file mode 100644
index e546470..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/CompressedData.java
+++ /dev/null

@@ -1,117 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.BERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/** 
- * <a href="http://tools.ietf.org/html/rfc3274">RFC 3274</a>: CMS Compressed Data.
- * 
- * <pre>
- * CompressedData ::= SEQUENCE {
- *     version CMSVersion,
- *     compressionAlgorithm CompressionAlgorithmIdentifier,
- *     encapContentInfo EncapsulatedContentInfo
- * }
- * </pre>
- */
-public class CompressedData
-    extends ASN1Object
-{
-    private ASN1Integer           version;
-    private AlgorithmIdentifier  compressionAlgorithm;
-    private ContentInfo          encapContentInfo;
-
-    public CompressedData(
-        AlgorithmIdentifier compressionAlgorithm,
-        ContentInfo         encapContentInfo)
-    {
-        this.version = new ASN1Integer(0);
-        this.compressionAlgorithm = compressionAlgorithm;
-        this.encapContentInfo = encapContentInfo;
-    }
-    
-    private CompressedData(
-        ASN1Sequence seq)
-    {
-        this.version = (ASN1Integer)seq.getObjectAt(0);
-        this.compressionAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(1));
-        this.encapContentInfo = ContentInfo.getInstance(seq.getObjectAt(2));
-    }
-
-    /**
-     * Return a CompressedData object from a tagged object.
-     *
-     * @param ato the tagged object holding the object we want.
-     * @param isExplicit true if the object is meant to be explicitly
-     *              tagged false otherwise.
-     * @exception IllegalArgumentException if the object held by the
-     *          tagged object cannot be converted.
-     */
-    public static CompressedData getInstance(
-        ASN1TaggedObject ato,
-        boolean isExplicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(ato, isExplicit));
-    }
-    
-    /**
-     * Return a CompressedData object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link CompressedData} object
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with CompressedData structure inside
-     * </ul>
-     *
-     * @param obj the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static CompressedData getInstance(
-        Object obj)
-    {
-        if (obj instanceof CompressedData)
-        {
-            return (CompressedData)obj;
-        }
-
-        if (obj != null)
-        {
-            return new CompressedData(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public ASN1Integer getVersion()
-    {
-        return version;
-    }
-
-    public AlgorithmIdentifier getCompressionAlgorithmIdentifier()
-    {
-        return compressionAlgorithm;
-    }
-
-    public ContentInfo getEncapContentInfo()
-    {
-        return encapContentInfo;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(version);
-        v.add(compressionAlgorithm);
-        v.add(encapContentInfo);
-
-        return new BERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/CompressedDataParser.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/CompressedDataParser.java
deleted file mode 100644
index 41895ce..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/CompressedDataParser.java
+++ /dev/null

@@ -1,49 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1SequenceParser;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * Parser of <a href="http://tools.ietf.org/html/rfc3274">RFC 3274</a> {@link CompressedData} object.
- * <p>
- * <pre>
- * CompressedData ::= SEQUENCE {
- *     version CMSVersion,
- *     compressionAlgorithm CompressionAlgorithmIdentifier,
- *     encapContentInfo EncapsulatedContentInfo
- * }
- * </pre>
- */
-public class CompressedDataParser
-{
-    private ASN1Integer _version;
-    private AlgorithmIdentifier _compressionAlgorithm;
-    private ContentInfoParser _encapContentInfo;
-
-    public CompressedDataParser(
-        ASN1SequenceParser seq)
-        throws IOException
-    {
-        this._version = (ASN1Integer)seq.readObject();
-        this._compressionAlgorithm = AlgorithmIdentifier.getInstance(seq.readObject().toASN1Primitive());
-        this._encapContentInfo = new ContentInfoParser((ASN1SequenceParser)seq.readObject());
-    }
-
-    public ASN1Integer getVersion()
-    {
-        return _version;
-    }
-
-    public AlgorithmIdentifier getCompressionAlgorithmIdentifier()
-    {
-        return _compressionAlgorithm;
-    }
-
-    public ContentInfoParser getEncapContentInfo()
-    {
-        return _encapContentInfo;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/ContentInfoParser.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/ContentInfoParser.java
deleted file mode 100644
index 19f0ec8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/ContentInfoParser.java
+++ /dev/null

@@ -1,48 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1SequenceParser;
-import org.bouncycastle.asn1.ASN1TaggedObjectParser;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5652#section-3">RFC 5652</a> {@link ContentInfo} object parser.
- *
- * <pre>
- * ContentInfo ::= SEQUENCE {
- *     contentType ContentType,
- *     content [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL }
- * </pre>
- */
-public class ContentInfoParser
-{
-    private ASN1ObjectIdentifier contentType;
-    private ASN1TaggedObjectParser content;
-
-    public ContentInfoParser(
-        ASN1SequenceParser seq)
-        throws IOException
-    {
-        contentType = (ASN1ObjectIdentifier)seq.readObject();
-        content = (ASN1TaggedObjectParser)seq.readObject();
-    }
-
-    public ASN1ObjectIdentifier getContentType()
-    {
-        return contentType;
-    }
-
-    public ASN1Encodable getContent(
-        int  tag)
-        throws IOException
-    {
-        if (content != null)
-        {
-            return content.getObjectParser(tag, true);
-        }
-
-        return null;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/DigestedData.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/DigestedData.java
deleted file mode 100644
index 0f3b906..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/DigestedData.java
+++ /dev/null

@@ -1,128 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.BERSequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/** 
- * <a href="http://tools.ietf.org/html/rfc5652#section-7">RFC 5652</a> DigestedData object.
- * <pre>
- * DigestedData ::= SEQUENCE {
- *       version CMSVersion,
- *       digestAlgorithm DigestAlgorithmIdentifier,
- *       encapContentInfo EncapsulatedContentInfo,
- *       digest Digest }
- * </pre>
- */
-public class DigestedData
-    extends ASN1Object
-{
-    private ASN1Integer           version;
-    private AlgorithmIdentifier  digestAlgorithm;
-    private ContentInfo          encapContentInfo;
-    private ASN1OctetString      digest;
-
-    public DigestedData(
-        AlgorithmIdentifier digestAlgorithm,
-        ContentInfo encapContentInfo,
-        byte[]      digest)
-    {
-        this.version = new ASN1Integer(0);
-        this.digestAlgorithm = digestAlgorithm;
-        this.encapContentInfo = encapContentInfo;
-        this.digest = new DEROctetString(digest);
-    }
-
-    private DigestedData(
-        ASN1Sequence seq)
-    {
-        this.version = (ASN1Integer)seq.getObjectAt(0);
-        this.digestAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(1));
-        this.encapContentInfo = ContentInfo.getInstance(seq.getObjectAt(2));
-        this.digest = ASN1OctetString.getInstance(seq.getObjectAt(3));
-    }
-
-    /**
-     * Return a DigestedData object from a tagged object.
-     *
-     * @param ato the tagged object holding the object we want.
-     * @param isExplicit true if the object is meant to be explicitly
-     *              tagged false otherwise.
-     * @exception IllegalArgumentException if the object held by the
-     *          tagged object cannot be converted.
-     */
-    public static DigestedData getInstance(
-        ASN1TaggedObject ato,
-        boolean isExplicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(ato, isExplicit));
-    }
-    
-    /**
-     * Return a DigestedData object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link DigestedData} object
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats
-     * </ul>
-     *
-     * @param obj the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static DigestedData getInstance(
-        Object obj)
-    {
-        if (obj instanceof DigestedData)
-        {
-            return (DigestedData)obj;
-        }
-        
-        if (obj != null)
-        {
-            return new DigestedData(ASN1Sequence.getInstance(obj));
-        }
-        
-        return null;
-    }
-
-    public ASN1Integer getVersion()
-    {
-        return version;
-    }
-
-    public AlgorithmIdentifier getDigestAlgorithm()
-    {
-        return digestAlgorithm;
-    }
-
-    public ContentInfo getEncapContentInfo()
-    {
-        return encapContentInfo;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(version);
-        v.add(digestAlgorithm);
-        v.add(encapContentInfo);
-        v.add(digest);
-
-        return new BERSequence(v);
-    }
-
-    public byte[] getDigest()
-    {
-        return digest.getOctets();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/EncryptedContentInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/EncryptedContentInfo.java
deleted file mode 100644
index 64d887d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/EncryptedContentInfo.java
+++ /dev/null

@@ -1,120 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.BERSequence;
-import org.bouncycastle.asn1.BERTaggedObject;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5652#section-6.1">RFC 5652</a> EncryptedContentInfo object.
- *
- * <pre>
- * EncryptedContentInfo ::= SEQUENCE {
- *     contentType ContentType,
- *     contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
- *     encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL 
- * }
- * </pre>
- */
-public class EncryptedContentInfo
-    extends ASN1Object
-{
-    private ASN1ObjectIdentifier contentType;
-    private AlgorithmIdentifier contentEncryptionAlgorithm;
-    private ASN1OctetString     encryptedContent;
-    
-    public EncryptedContentInfo(
-        ASN1ObjectIdentifier contentType, 
-        AlgorithmIdentifier contentEncryptionAlgorithm,
-        ASN1OctetString     encryptedContent)
-    {
-        this.contentType = contentType;
-        this.contentEncryptionAlgorithm = contentEncryptionAlgorithm;
-        this.encryptedContent = encryptedContent;
-    }
-    
-    private EncryptedContentInfo(
-        ASN1Sequence seq)
-    {
-        if (seq.size() < 2)
-        {
-            throw new IllegalArgumentException("Truncated Sequence Found");
-        }
-
-        contentType = (ASN1ObjectIdentifier)seq.getObjectAt(0);
-        contentEncryptionAlgorithm = AlgorithmIdentifier.getInstance(
-                                                        seq.getObjectAt(1));
-        if (seq.size() > 2)
-        {
-            encryptedContent = ASN1OctetString.getInstance(
-                                (ASN1TaggedObject)seq.getObjectAt(2), false);
-        }
-    }
-
-    /**
-     * Return an EncryptedContentInfo object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link EncryptedContentInfo} object
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats
-     * </ul>
-     *
-     * @param obj the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static EncryptedContentInfo getInstance(
-        Object obj)
-    {
-        if (obj instanceof EncryptedContentInfo)
-        {
-            return (EncryptedContentInfo)obj;
-        }
-        if (obj != null)
-        {
-            return new EncryptedContentInfo(ASN1Sequence.getInstance(obj));
-        }
-        
-        return null;
-    }
-
-    public ASN1ObjectIdentifier getContentType()
-    {
-        return contentType;
-    }
-
-    public AlgorithmIdentifier getContentEncryptionAlgorithm()
-    {
-        return contentEncryptionAlgorithm;
-    }
-
-    public ASN1OctetString getEncryptedContent()
-    {
-        return encryptedContent;
-    }
-
-    /** 
-     * Produce an object suitable for an ASN1OutputStream.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-        
-        v.add(contentType);
-        v.add(contentEncryptionAlgorithm);
-
-        if (encryptedContent != null)
-        {
-            v.add(new BERTaggedObject(false, 0, encryptedContent));
-        }
-        
-        return new BERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/EncryptedContentInfoParser.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/EncryptedContentInfoParser.java
deleted file mode 100644
index 77fb0bb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/EncryptedContentInfoParser.java
+++ /dev/null

@@ -1,53 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1SequenceParser;
-import org.bouncycastle.asn1.ASN1TaggedObjectParser;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * Parser for <a href="http://tools.ietf.org/html/rfc5652#section-6.1">RFC 5652</a> EncryptedContentInfo object.
- * <p>
- * <pre>
- * EncryptedContentInfo ::= SEQUENCE {
- *     contentType ContentType,
- *     contentEncryptionAlgorithm ContentEncryptionAlgorithmIdentifier,
- *     encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL 
- * }
- * </pre>
- */
-public class EncryptedContentInfoParser
-{
-    private ASN1ObjectIdentifier    _contentType;
-    private AlgorithmIdentifier     _contentEncryptionAlgorithm;
-    private ASN1TaggedObjectParser _encryptedContent;
-
-    public EncryptedContentInfoParser(
-        ASN1SequenceParser  seq) 
-        throws IOException
-    {
-        _contentType = (ASN1ObjectIdentifier)seq.readObject();
-        _contentEncryptionAlgorithm = AlgorithmIdentifier.getInstance(seq.readObject().toASN1Primitive());
-        _encryptedContent = (ASN1TaggedObjectParser)seq.readObject();
-    }
-    
-    public ASN1ObjectIdentifier getContentType()
-    {
-        return _contentType;
-    }
-    
-    public AlgorithmIdentifier getContentEncryptionAlgorithm()
-    {
-        return _contentEncryptionAlgorithm;
-    }
-
-    public ASN1Encodable getEncryptedContent(
-        int  tag) 
-        throws IOException
-    {
-        return _encryptedContent.getObjectParser(tag, false);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/EncryptedData.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/EncryptedData.java
deleted file mode 100644
index 080abfc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/EncryptedData.java
+++ /dev/null

@@ -1,112 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.BERSequence;
-import org.bouncycastle.asn1.BERTaggedObject;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5652#section-8">RFC 5652</a> EncryptedData object.
- * <p>
- * <pre>
- * EncryptedData ::= SEQUENCE {
- *     version CMSVersion,
- *     encryptedContentInfo EncryptedContentInfo,
- *     unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL }
- * </pre>
- */
-public class EncryptedData
-    extends ASN1Object
-{
-    private ASN1Integer version;
-    private EncryptedContentInfo encryptedContentInfo;
-    private ASN1Set unprotectedAttrs;
-
-    /**
-     * Return an EncryptedData object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link EncryptedData} object
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats
-     * </ul>
-     *
-     * @param o the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static EncryptedData getInstance(Object o)
-    {
-        if (o instanceof EncryptedData)
-        {
-            return (EncryptedData)o;
-        }
-
-        if (o != null)
-        {
-            return new EncryptedData(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public EncryptedData(EncryptedContentInfo encInfo)
-    {
-        this(encInfo,  null);
-    }
-
-    public EncryptedData(EncryptedContentInfo encInfo, ASN1Set unprotectedAttrs)
-    {
-        this.version = new ASN1Integer((unprotectedAttrs == null) ? 0 : 2);
-        this.encryptedContentInfo = encInfo;
-        this.unprotectedAttrs = unprotectedAttrs;
-    }
-
-    private EncryptedData(ASN1Sequence seq)
-    {
-        this.version = ASN1Integer.getInstance(seq.getObjectAt(0));
-        this.encryptedContentInfo = EncryptedContentInfo.getInstance(seq.getObjectAt(1));
-
-        if (seq.size() == 3)
-        {
-            this.unprotectedAttrs = ASN1Set.getInstance((ASN1TaggedObject)seq.getObjectAt(2), false);
-        }
-    }
-
-    public ASN1Integer getVersion()
-    {
-        return version;
-    }
-
-    public EncryptedContentInfo getEncryptedContentInfo()
-    {
-        return encryptedContentInfo;
-    }
-
-    public ASN1Set getUnprotectedAttrs()
-    {
-        return unprotectedAttrs;
-    }
-
-    /**
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(version);
-        v.add(encryptedContentInfo);
-        if (unprotectedAttrs != null)
-        {
-            v.add(new BERTaggedObject(false, 1, unprotectedAttrs));
-        }
-
-        return new BERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/EnvelopedData.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/EnvelopedData.java
deleted file mode 100644
index 994575a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/EnvelopedData.java
+++ /dev/null

@@ -1,215 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.BERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5652#section-6.1">RFC 5652</a> EnvelopedData object.
- * <pre>
- * EnvelopedData ::= SEQUENCE {
- *     version CMSVersion,
- *     originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
- *     recipientInfos RecipientInfos,
- *     encryptedContentInfo EncryptedContentInfo,
- *     unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL 
- * }
- * </pre>
- */
-public class EnvelopedData
-    extends ASN1Object
-{
-    private ASN1Integer              version;
-    private OriginatorInfo          originatorInfo;
-    private ASN1Set                 recipientInfos;
-    private EncryptedContentInfo    encryptedContentInfo;
-    private ASN1Set                 unprotectedAttrs;
-
-    public EnvelopedData(
-        OriginatorInfo          originatorInfo,
-        ASN1Set                 recipientInfos,
-        EncryptedContentInfo    encryptedContentInfo,
-        ASN1Set                 unprotectedAttrs)
-    {
-        version = new ASN1Integer(calculateVersion(originatorInfo, recipientInfos, unprotectedAttrs));
-
-        this.originatorInfo = originatorInfo;
-        this.recipientInfos = recipientInfos;
-        this.encryptedContentInfo = encryptedContentInfo;
-        this.unprotectedAttrs = unprotectedAttrs;
-    }
-
-    public EnvelopedData(
-        OriginatorInfo          originatorInfo,
-        ASN1Set                 recipientInfos,
-        EncryptedContentInfo    encryptedContentInfo,
-        Attributes              unprotectedAttrs)
-    {
-        version = new ASN1Integer(calculateVersion(originatorInfo, recipientInfos, ASN1Set.getInstance(unprotectedAttrs)));
-
-        this.originatorInfo = originatorInfo;
-        this.recipientInfos = recipientInfos;
-        this.encryptedContentInfo = encryptedContentInfo;
-        this.unprotectedAttrs = ASN1Set.getInstance(unprotectedAttrs);
-    }
-
-    /**
-     * @deprecated use getInstance()
-     */
-    public EnvelopedData(
-        ASN1Sequence seq)
-    {
-        int     index = 0;
-        
-        version = (ASN1Integer)seq.getObjectAt(index++);
-        
-        Object  tmp = seq.getObjectAt(index++);
-
-        if (tmp instanceof ASN1TaggedObject)
-        {
-            originatorInfo = OriginatorInfo.getInstance((ASN1TaggedObject)tmp, false);
-            tmp = seq.getObjectAt(index++);
-        }
-
-        recipientInfos = ASN1Set.getInstance(tmp);
-        
-        encryptedContentInfo = EncryptedContentInfo.getInstance(seq.getObjectAt(index++));
-        
-        if(seq.size() > index)
-        {
-            unprotectedAttrs = ASN1Set.getInstance((ASN1TaggedObject)seq.getObjectAt(index), false);
-        }
-    }
-    
-    /**
-     * Return an EnvelopedData object from a tagged object.
-     *
-     * @param obj the tagged object holding the object we want.
-     * @param explicit true if the object is meant to be explicitly
-     *              tagged false otherwise.
-     * @exception IllegalArgumentException if the object held by the
-     *          tagged object cannot be converted.
-     */
-    public static EnvelopedData getInstance(
-        ASN1TaggedObject obj,
-        boolean explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-    
-    /**
-     * Return an EnvelopedData object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link EnvelopedData} object
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with EnvelopedData structure inside
-     * </ul>
-     *
-     * @param obj the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static EnvelopedData getInstance(
-        Object obj)
-    {
-        if (obj instanceof EnvelopedData)
-        {
-            return (EnvelopedData)obj;
-        }
-        
-        if (obj != null)
-        {
-            return new EnvelopedData(ASN1Sequence.getInstance(obj));
-        }
-        
-        return null;
-    }
-
-    public ASN1Integer getVersion()
-    {
-        return version;
-    }
-    
-    public OriginatorInfo getOriginatorInfo()
-    {
-        return originatorInfo;
-    }
-
-    public ASN1Set getRecipientInfos()
-    {
-        return recipientInfos;
-    }
-
-    public EncryptedContentInfo getEncryptedContentInfo()
-    {
-        return encryptedContentInfo;
-    }
-
-    public ASN1Set getUnprotectedAttrs()
-    {
-        return unprotectedAttrs;
-    }
-
-    /** 
-     * Produce an object suitable for an ASN1OutputStream.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-        
-        v.add(version);
-
-        if (originatorInfo != null)
-        {
-            v.add(new DERTaggedObject(false, 0, originatorInfo));
-        }
-
-        v.add(recipientInfos);
-        v.add(encryptedContentInfo);
-
-        if (unprotectedAttrs != null)
-        {
-            v.add(new DERTaggedObject(false, 1, unprotectedAttrs));
-        }
-        
-        return new BERSequence(v);
-    }
-
-    public static int calculateVersion(OriginatorInfo originatorInfo, ASN1Set recipientInfos, ASN1Set unprotectedAttrs)
-    {
-        int version;
-
-        if (originatorInfo != null || unprotectedAttrs != null)
-        {
-            version = 2;
-        }
-        else
-        {
-            version = 0;
-
-            Enumeration e = recipientInfos.getObjects();
-
-            while (e.hasMoreElements())
-            {
-                RecipientInfo   ri = RecipientInfo.getInstance(e.nextElement());
-
-                if (ri.getVersion().getValue().intValue() != version)
-                {
-                    version = 2;
-                    break;
-                }
-            }
-        }
-
-        return version;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/EnvelopedDataParser.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/EnvelopedDataParser.java
deleted file mode 100644
index 774813a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/EnvelopedDataParser.java
+++ /dev/null

@@ -1,120 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1SequenceParser;
-import org.bouncycastle.asn1.ASN1SetParser;
-import org.bouncycastle.asn1.ASN1TaggedObjectParser;
-import org.bouncycastle.asn1.BERTags;
-
-/** 
- * Parser of <a href="http://tools.ietf.org/html/rfc5652#section-6.1">RFC 5652</a> {@link EnvelopedData} object.
- * <p>
- * <pre>
- * EnvelopedData ::= SEQUENCE {
- *     version CMSVersion,
- *     originatorInfo [0] IMPLICIT OriginatorInfo OPTIONAL,
- *     recipientInfos RecipientInfos,
- *     encryptedContentInfo EncryptedContentInfo,
- *     unprotectedAttrs [1] IMPLICIT UnprotectedAttributes OPTIONAL 
- * }
- * </pre>
- */
-public class EnvelopedDataParser
-{
-    private ASN1SequenceParser _seq;
-    private ASN1Integer        _version;
-    private ASN1Encodable      _nextObject;
-    private boolean            _originatorInfoCalled;
-    
-    public EnvelopedDataParser(
-        ASN1SequenceParser seq)
-        throws IOException
-    {
-        this._seq = seq;
-        this._version = ASN1Integer.getInstance(seq.readObject());
-    }
-
-    public ASN1Integer getVersion()
-    {
-        return _version;
-    }
-
-    public OriginatorInfo getOriginatorInfo() 
-        throws IOException
-    {
-        _originatorInfoCalled = true; 
-        
-        if (_nextObject == null)
-        {
-            _nextObject = _seq.readObject();
-        }
-        
-        if (_nextObject instanceof ASN1TaggedObjectParser && ((ASN1TaggedObjectParser)_nextObject).getTagNo() == 0)
-        {
-            ASN1SequenceParser originatorInfo = (ASN1SequenceParser) ((ASN1TaggedObjectParser)_nextObject).getObjectParser(BERTags.SEQUENCE, false);
-            _nextObject = null;
-            return OriginatorInfo.getInstance(originatorInfo.toASN1Primitive());
-        }
-        
-        return null;
-    }
-    
-    public ASN1SetParser getRecipientInfos()
-        throws IOException
-    {
-        if (!_originatorInfoCalled)
-        {
-            getOriginatorInfo();
-        }
-        
-        if (_nextObject == null)
-        {
-            _nextObject = _seq.readObject();
-        }
-        
-        ASN1SetParser recipientInfos = (ASN1SetParser)_nextObject;
-        _nextObject = null;
-        return recipientInfos;
-    }
-
-    public EncryptedContentInfoParser getEncryptedContentInfo() 
-        throws IOException
-    {
-        if (_nextObject == null)
-        {
-            _nextObject = _seq.readObject();
-        }
-        
-        
-        if (_nextObject != null)
-        {
-            ASN1SequenceParser o = (ASN1SequenceParser) _nextObject;
-            _nextObject = null;
-            return new EncryptedContentInfoParser(o);
-        }
-        
-        return null;
-    }
-
-    public ASN1SetParser getUnprotectedAttrs()
-        throws IOException
-    {
-        if (_nextObject == null)
-        {
-            _nextObject = _seq.readObject();
-        }
-        
-        
-        if (_nextObject != null)
-        {
-            ASN1Encodable o = _nextObject;
-            _nextObject = null;
-            return (ASN1SetParser)((ASN1TaggedObjectParser)o).getObjectParser(BERTags.SET, false);
-        }
-        
-        return null;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/Evidence.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/Evidence.java
deleted file mode 100644
index 4dcbfde..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/Evidence.java
+++ /dev/null

@@ -1,80 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERTaggedObject;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5544">RFC 5544</a>:
- * Binding Documents with Time-Stamps; Evidence object.
- * <p>
- * <pre>
- * Evidence ::= CHOICE {
- *     tstEvidence    [0] TimeStampTokenEvidence,   -- see RFC 3161
- *     ersEvidence    [1] EvidenceRecord,           -- see RFC 4998
- *     otherEvidence  [2] OtherEvidence
- * }
- * </pre>
- */
-public class Evidence
-    extends ASN1Object
-    implements ASN1Choice
-{
-    private TimeStampTokenEvidence tstEvidence;
-
-    public Evidence(TimeStampTokenEvidence tstEvidence)
-    {
-        this.tstEvidence = tstEvidence;
-    }
-
-    private Evidence(ASN1TaggedObject tagged)
-    {
-        if (tagged.getTagNo() == 0)
-        {
-            this.tstEvidence = TimeStampTokenEvidence.getInstance(tagged, false);
-        }
-    }
-
-    /**
-     * Return an Evidence object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> {@link Evidence} object
-     * <li> {@link org.bouncycastle.asn1.ASN1TaggedObject#getInstance(java.lang.Object) ASN1TaggedObject} input formats with Evidence data inside
-     * </ul>
-     *
-     * @param obj the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static Evidence getInstance(Object obj)
-    {
-        if (obj == null || obj instanceof Evidence)
-        {
-            return (Evidence)obj;
-        }
-        else if (obj instanceof ASN1TaggedObject)
-        {
-            return new Evidence(ASN1TaggedObject.getInstance(obj));
-        }
-
-        throw new IllegalArgumentException("unknown object in getInstance");
-    }
-
-    public TimeStampTokenEvidence getTstEvidence()
-    {
-        return tstEvidence;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-       if (tstEvidence != null)
-       {
-           return new DERTaggedObject(false, 0, tstEvidence);
-       }
-
-       return null;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/GenericHybridParameters.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/GenericHybridParameters.java
deleted file mode 100644
index e0157b4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/GenericHybridParameters.java
+++ /dev/null

@@ -1,79 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * RFC 5990 GenericHybridParameters class.
- * <pre>
- * GenericHybridParameters ::= SEQUENCE {
- *    kem  KeyEncapsulationMechanism,
- *    dem  DataEncapsulationMechanism
- * }
- *
- * KeyEncapsulationMechanism ::= AlgorithmIdentifier {{KEMAlgorithms}}
- * DataEncapsulationMechanism ::= AlgorithmIdentifier {{DEMAlgorithms}}
- * </pre>
- */
-public class GenericHybridParameters
-    extends ASN1Object
-{
-    private final AlgorithmIdentifier kem;
-    private final AlgorithmIdentifier dem;
-
-    private GenericHybridParameters(ASN1Sequence sequence)
-    {
-        if (sequence.size() != 2)
-        {
-            throw new IllegalArgumentException("ASN.1 SEQUENCE should be of length 2");
-        }
-
-        this.kem = AlgorithmIdentifier.getInstance(sequence.getObjectAt(0));
-        this.dem = AlgorithmIdentifier.getInstance(sequence.getObjectAt(1));
-    }
-
-    public static GenericHybridParameters getInstance(
-        Object  o)
-    {
-        if (o instanceof GenericHybridParameters)
-        {
-            return (GenericHybridParameters)o;
-        }
-        else if (o != null)
-        {
-            return new GenericHybridParameters(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public GenericHybridParameters(AlgorithmIdentifier kem, AlgorithmIdentifier dem)
-    {
-        this.kem = kem;
-        this.dem = dem;
-    }
-
-    public AlgorithmIdentifier getDem()
-    {
-        return dem;
-    }
-
-    public AlgorithmIdentifier getKem()
-    {
-        return kem;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(kem);
-        v.add(dem);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/KEKIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/KEKIdentifier.java
deleted file mode 100644
index 0361e9f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/KEKIdentifier.java
+++ /dev/null

@@ -1,151 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5652#section-6.2.3">RFC 5652</a>:
- * Content encryption key delivery mechanisms.
- * <p>
- * <pre>
- * KEKIdentifier ::= SEQUENCE {
- *     keyIdentifier OCTET STRING,
- *     date GeneralizedTime OPTIONAL,
- *     other OtherKeyAttribute OPTIONAL 
- * }
- * </pre>
- */
-public class KEKIdentifier
-    extends ASN1Object
-{
-    private ASN1OctetString    keyIdentifier;
-    private ASN1GeneralizedTime date;
-    private OtherKeyAttribute  other;
-    
-    public KEKIdentifier(
-        byte[]              keyIdentifier,
-        ASN1GeneralizedTime  date,
-        OtherKeyAttribute   other)
-    {
-        this.keyIdentifier = new DEROctetString(keyIdentifier);
-        this.date = date;
-        this.other = other;
-    }
-    
-    private KEKIdentifier(
-        ASN1Sequence seq)
-    {
-        keyIdentifier = (ASN1OctetString)seq.getObjectAt(0);
-        
-        switch (seq.size())
-        {
-        case 1:
-            break;
-        case 2:
-            if (seq.getObjectAt(1) instanceof ASN1GeneralizedTime)
-            {
-                date = (ASN1GeneralizedTime)seq.getObjectAt(1); 
-            }
-            else
-            {
-                other = OtherKeyAttribute.getInstance(seq.getObjectAt(1));
-            }
-            break;
-        case 3:
-            date  = (ASN1GeneralizedTime)seq.getObjectAt(1);
-            other = OtherKeyAttribute.getInstance(seq.getObjectAt(2));
-            break;
-        default:
-                throw new IllegalArgumentException("Invalid KEKIdentifier");
-        }
-    }
-
-    /**
-     * Return a KEKIdentifier object from a tagged object.
-     *
-     * @param obj the tagged object holding the object we want.
-     * @param explicit true if the object is meant to be explicitly
-     *              tagged false otherwise.
-     * @exception IllegalArgumentException if the object held by the
-     *          tagged object cannot be converted.
-     */
-    public static KEKIdentifier getInstance(
-        ASN1TaggedObject obj,
-        boolean explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-    
-    /**
-     * Return a KEKIdentifier object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link KEKIdentifier} object
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with KEKIdentifier structure inside
-     * </ul>
-     *
-     * @param obj the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static KEKIdentifier getInstance(
-        Object obj)
-    {
-        if (obj == null || obj instanceof KEKIdentifier)
-        {
-            return (KEKIdentifier)obj;
-        }
-        
-        if (obj instanceof ASN1Sequence)
-        {
-            return new KEKIdentifier((ASN1Sequence)obj);
-        }
-        
-        throw new IllegalArgumentException("Invalid KEKIdentifier: " + obj.getClass().getName());
-    }
-
-    public ASN1OctetString getKeyIdentifier()
-    {
-        return keyIdentifier;
-    }
-
-    public ASN1GeneralizedTime getDate()
-    {
-        return date;
-    }
-
-    public OtherKeyAttribute getOther()
-    {
-        return other;
-    }
-
-    /** 
-     * Produce an object suitable for an ASN1OutputStream.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        v.add(keyIdentifier);
-        
-        if (date != null)
-        {
-            v.add(date);
-        }
-
-        if (other != null)
-        {
-            v.add(other);
-        }
-        
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/KEKRecipientInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/KEKRecipientInfo.java
deleted file mode 100644
index 2d0cfa6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/KEKRecipientInfo.java
+++ /dev/null

@@ -1,133 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5652#section-6.2.3">RFC 5652</a>:
- * Content encryption key delivery mechanisms.
- * <p>
- * <pre>
- * KEKRecipientInfo ::= SEQUENCE {
- *     version CMSVersion,  -- always set to 4
- *     kekid KEKIdentifier,
- *     keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
- *     encryptedKey EncryptedKey 
- * }
- * </pre>
- */
-public class KEKRecipientInfo
-    extends ASN1Object
-{
-    private ASN1Integer          version;
-    private KEKIdentifier       kekid;
-    private AlgorithmIdentifier keyEncryptionAlgorithm;
-    private ASN1OctetString     encryptedKey;
-
-    public KEKRecipientInfo(
-        KEKIdentifier       kekid,
-        AlgorithmIdentifier keyEncryptionAlgorithm,
-        ASN1OctetString     encryptedKey)
-    {
-        this.version = new ASN1Integer(4);
-        this.kekid = kekid;
-        this.keyEncryptionAlgorithm = keyEncryptionAlgorithm;
-        this.encryptedKey = encryptedKey;
-    }
-    
-    public KEKRecipientInfo(
-        ASN1Sequence seq)
-    {
-        version = (ASN1Integer)seq.getObjectAt(0);
-        kekid = KEKIdentifier.getInstance(seq.getObjectAt(1));
-        keyEncryptionAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(2));
-        encryptedKey = (ASN1OctetString)seq.getObjectAt(3);
-    }
-
-    /**
-     * Return a KEKRecipientInfo object from a tagged object.
-     *
-     * @param obj the tagged object holding the object we want.
-     * @param explicit true if the object is meant to be explicitly
-     *              tagged false otherwise.
-     * @exception IllegalArgumentException if the object held by the
-     *          tagged object cannot be converted.
-     */
-    public static KEKRecipientInfo getInstance(
-        ASN1TaggedObject    obj,
-        boolean             explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-    
-    /**
-     * Return a KEKRecipientInfo object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link KEKRecipientInfo} object
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with KEKRecipientInfo structure inside
-     * </ul>
-     *
-     * @param obj the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static KEKRecipientInfo getInstance(
-        Object obj)
-    {
-        if (obj instanceof KEKRecipientInfo)
-        {
-            return (KEKRecipientInfo)obj;
-        }
-        
-        if (obj != null)
-        {
-            return new KEKRecipientInfo(ASN1Sequence.getInstance(obj));
-        }
-        
-        return null;
-    }
-
-    public ASN1Integer getVersion()
-    {
-        return version;
-    }
-    
-    public KEKIdentifier getKekid()
-    {
-        return kekid;
-    }
-
-    public AlgorithmIdentifier getKeyEncryptionAlgorithm()
-    {
-        return keyEncryptionAlgorithm;
-    }
-
-    public ASN1OctetString getEncryptedKey()
-    {
-        return encryptedKey;
-    }
-
-    /** 
-     * Produce an object suitable for an ASN1OutputStream.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        v.add(version);
-        v.add(kekid);
-        v.add(keyEncryptionAlgorithm);
-        v.add(encryptedKey);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/KeyAgreeRecipientIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/KeyAgreeRecipientIdentifier.java
deleted file mode 100644
index 6580cd4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/KeyAgreeRecipientIdentifier.java
+++ /dev/null

@@ -1,116 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERTaggedObject;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5652#section-6.2.2">RFC 5652</a>:
- * Content encryption key delivery mechanisms.
- * <p>
- * <pre>
- * KeyAgreeRecipientIdentifier ::= CHOICE {
- *     issuerAndSerialNumber IssuerAndSerialNumber,
- *     rKeyId [0] IMPLICIT RecipientKeyIdentifier }
- * </pre>
- */
-public class KeyAgreeRecipientIdentifier
-    extends ASN1Object
-    implements ASN1Choice
-{
-    private IssuerAndSerialNumber issuerSerial;
-    private RecipientKeyIdentifier rKeyID;
-
-    /**
-     * Return an KeyAgreeRecipientIdentifier object from a tagged object.
-     *
-     * @param obj the tagged object holding the object we want.
-     * @param explicit true if the object is meant to be explicitly
-     *              tagged false otherwise.
-     * @exception IllegalArgumentException if the object held by the
-     *          tagged object cannot be converted.
-     */
-    public static KeyAgreeRecipientIdentifier getInstance(
-        ASN1TaggedObject    obj,
-        boolean             explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-    
-    /**
-     * Return an KeyAgreeRecipientIdentifier object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> {@link KeyAgreeRecipientIdentifier} object
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with IssuerAndSerialNumber structure inside
-     * <li> {@link org.bouncycastle.asn1.ASN1TaggedObject#getInstance(java.lang.Object) ASN1TaggedObject} with tag value 0: a KeyAgreeRecipientIdentifier data structure
-     * </ul>
-     * <p>
-     * Note: no byte[] input!
-     *
-     * @param obj the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static KeyAgreeRecipientIdentifier getInstance(
-        Object obj)
-    {
-        if (obj == null || obj instanceof KeyAgreeRecipientIdentifier)
-        {
-            return (KeyAgreeRecipientIdentifier)obj;
-        }
-        
-        if (obj instanceof ASN1Sequence)
-        {
-            return new KeyAgreeRecipientIdentifier(IssuerAndSerialNumber.getInstance(obj));
-        }
-        
-        if (obj instanceof ASN1TaggedObject && ((ASN1TaggedObject)obj).getTagNo() == 0)
-        {
-            return new KeyAgreeRecipientIdentifier(RecipientKeyIdentifier.getInstance(
-                (ASN1TaggedObject)obj, false));
-        }
-        
-        throw new IllegalArgumentException("Invalid KeyAgreeRecipientIdentifier: " + obj.getClass().getName());
-    } 
-
-    public KeyAgreeRecipientIdentifier(
-        IssuerAndSerialNumber issuerSerial)
-    {
-        this.issuerSerial = issuerSerial;
-        this.rKeyID = null;
-    }
-
-    public KeyAgreeRecipientIdentifier(
-         RecipientKeyIdentifier rKeyID)
-    {
-        this.issuerSerial = null;
-        this.rKeyID = rKeyID;
-    }
-
-    public IssuerAndSerialNumber getIssuerAndSerialNumber()
-    {
-        return issuerSerial;
-    }
-
-    public RecipientKeyIdentifier getRKeyID()
-    {
-        return rKeyID;
-    }
-
-    /** 
-     * Produce an object suitable for an ASN1OutputStream.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        if (issuerSerial != null)
-        {
-            return issuerSerial.toASN1Primitive();
-        }
-
-        return new DERTaggedObject(false, 0, rKeyID);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/KeyAgreeRecipientInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/KeyAgreeRecipientInfo.java
deleted file mode 100644
index 224932a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/KeyAgreeRecipientInfo.java
+++ /dev/null

@@ -1,166 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5652#section-6.2.2">RFC 5652</a>:
- * Content encryption key delivery mechanisms.
- * <p>
- * <pre>
- * KeyAgreeRecipientInfo ::= SEQUENCE {
- *     version CMSVersion,  -- always set to 3
- *     originator [0] EXPLICIT OriginatorIdentifierOrKey,
- *     ukm [1] EXPLICIT UserKeyingMaterial OPTIONAL,
- *     keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
- *     recipientEncryptedKeys RecipientEncryptedKeys 
- * }
- *
- * UserKeyingMaterial ::= OCTET STRING
- * </pre>
- */
-public class KeyAgreeRecipientInfo
-    extends ASN1Object
-{
-    private ASN1Integer                  version;
-    private OriginatorIdentifierOrKey   originator;
-    private ASN1OctetString             ukm;
-    private AlgorithmIdentifier         keyEncryptionAlgorithm;
-    private ASN1Sequence                recipientEncryptedKeys;
-    
-    public KeyAgreeRecipientInfo(
-        OriginatorIdentifierOrKey   originator,
-        ASN1OctetString             ukm,
-        AlgorithmIdentifier         keyEncryptionAlgorithm,
-        ASN1Sequence                recipientEncryptedKeys)
-    {
-        this.version = new ASN1Integer(3);
-        this.originator = originator;
-        this.ukm = ukm;
-        this.keyEncryptionAlgorithm = keyEncryptionAlgorithm;
-        this.recipientEncryptedKeys = recipientEncryptedKeys;
-    }
-
-    /**
-     * @deprecated use getInstance()
-     */
-    public KeyAgreeRecipientInfo(
-        ASN1Sequence seq)
-    {
-        int index = 0;
-        
-        version = (ASN1Integer)seq.getObjectAt(index++);
-        originator = OriginatorIdentifierOrKey.getInstance(
-                            (ASN1TaggedObject)seq.getObjectAt(index++), true);
-
-        if (seq.getObjectAt(index) instanceof ASN1TaggedObject)
-        {
-            ukm = ASN1OctetString.getInstance(
-                            (ASN1TaggedObject)seq.getObjectAt(index++), true);
-        }
-
-        keyEncryptionAlgorithm = AlgorithmIdentifier.getInstance(
-                                                seq.getObjectAt(index++));
-
-        recipientEncryptedKeys = (ASN1Sequence)seq.getObjectAt(index++);
-    }
-    
-    /**
-     * Return a KeyAgreeRecipientInfo object from a tagged object.
-     *
-     * @param obj the tagged object holding the object we want.
-     * @param explicit true if the object is meant to be explicitly
-     *              tagged false otherwise.
-     * @exception IllegalArgumentException if the object held by the
-     *          tagged object cannot be converted.
-     */
-    public static KeyAgreeRecipientInfo getInstance(
-        ASN1TaggedObject    obj,
-        boolean             explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-    
-    /**
-     * Return a KeyAgreeRecipientInfo object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link KeyAgreeRecipientInfo} object
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with KeyAgreeRecipientInfo structure inside
-     * </ul>
-     *
-     * @param obj the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static KeyAgreeRecipientInfo getInstance(
-        Object obj)
-    {
-        if (obj instanceof KeyAgreeRecipientInfo)
-        {
-            return (KeyAgreeRecipientInfo)obj;
-        }
-        
-        if (obj != null)
-        {
-            return new KeyAgreeRecipientInfo(ASN1Sequence.getInstance(obj));
-        }
-        
-        return null;
-    } 
-
-    public ASN1Integer getVersion()
-    {
-        return version;
-    }
-
-    public OriginatorIdentifierOrKey getOriginator()
-    {
-        return originator;
-    }
-
-    public ASN1OctetString getUserKeyingMaterial()
-    {
-        return ukm;
-    }
-
-    public AlgorithmIdentifier getKeyEncryptionAlgorithm()
-    {
-        return keyEncryptionAlgorithm;
-    }
-
-    public ASN1Sequence getRecipientEncryptedKeys()
-    {
-        return recipientEncryptedKeys;
-    }
-
-    /** 
-     * Produce an object suitable for an ASN1OutputStream.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        v.add(version);
-        v.add(new DERTaggedObject(true, 0, originator));
-        
-        if (ukm != null)
-        {
-            v.add(new DERTaggedObject(true, 1, ukm));
-        }
-        
-        v.add(keyEncryptionAlgorithm);
-        v.add(recipientEncryptedKeys);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/KeyTransRecipientInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/KeyTransRecipientInfo.java
deleted file mode 100644
index 7d31111..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/KeyTransRecipientInfo.java
+++ /dev/null

@@ -1,127 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5652#section-6.2.1">RFC 5652</a>:
- * Content encryption key delivery mechanisms.
- * <pre>
- * KeyTransRecipientInfo ::= SEQUENCE {
- *     version CMSVersion,  -- always set to 0 or 2
- *     rid RecipientIdentifier,
- *     keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
- *     encryptedKey EncryptedKey 
- * }
- * </pre>
- */
-public class KeyTransRecipientInfo
-    extends ASN1Object
-{
-    private ASN1Integer          version;
-    private RecipientIdentifier rid;
-    private AlgorithmIdentifier keyEncryptionAlgorithm;
-    private ASN1OctetString     encryptedKey;
-
-    public KeyTransRecipientInfo(
-        RecipientIdentifier rid,
-        AlgorithmIdentifier keyEncryptionAlgorithm,
-        ASN1OctetString     encryptedKey)
-    {
-        if (rid.toASN1Primitive() instanceof ASN1TaggedObject)
-        {
-            this.version = new ASN1Integer(2);
-        }
-        else
-        {
-            this.version = new ASN1Integer(0);
-        }
-
-        this.rid = rid;
-        this.keyEncryptionAlgorithm = keyEncryptionAlgorithm;
-        this.encryptedKey = encryptedKey;
-    }
-
-    /**
-     * @deprecated use getInstance()
-     */
-    public KeyTransRecipientInfo(
-        ASN1Sequence seq)
-    {
-        this.version = (ASN1Integer)seq.getObjectAt(0);
-        this.rid = RecipientIdentifier.getInstance(seq.getObjectAt(1));
-        this.keyEncryptionAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(2));
-        this.encryptedKey = (ASN1OctetString)seq.getObjectAt(3);
-    }
-
-    /**
-     * Return a KeyTransRecipientInfo object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link KeyTransRecipientInfo} object
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with KeyTransRecipientInfo structure inside
-     * </ul>
-     *
-     * @param obj the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static KeyTransRecipientInfo getInstance(
-        Object obj)
-    {
-        if (obj instanceof KeyTransRecipientInfo)
-        {
-            return (KeyTransRecipientInfo)obj;
-        }
-        
-        if(obj != null)
-        {
-            return new KeyTransRecipientInfo(ASN1Sequence.getInstance(obj));
-        }
-        
-        return null;
-    } 
-
-    public ASN1Integer getVersion()
-    {
-        return version;
-    }
-
-    public RecipientIdentifier getRecipientIdentifier()
-    {
-        return rid;
-    }
-
-    public AlgorithmIdentifier getKeyEncryptionAlgorithm()
-    {
-        return keyEncryptionAlgorithm;
-    }
-
-    public ASN1OctetString getEncryptedKey()
-    {
-        return encryptedKey;
-    }
-
-    /** 
-     * Produce an object suitable for an ASN1OutputStream.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        v.add(version);
-        v.add(rid);
-        v.add(keyEncryptionAlgorithm);
-        v.add(encryptedKey);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/MetaData.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/MetaData.java
deleted file mode 100644
index 667187b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/MetaData.java
+++ /dev/null

@@ -1,135 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1Boolean;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERIA5String;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERUTF8String;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5544">RFC 5544</a>:
- * Binding Documents with Time-Stamps; MetaData object.
- * <p>
- * <pre>
- * MetaData ::= SEQUENCE {
- *   hashProtected        BOOLEAN,
- *   fileName             UTF8String OPTIONAL,
- *   mediaType            IA5String OPTIONAL,
- *   otherMetaData        Attributes OPTIONAL
- * }
- * </pre>
- */
-public class MetaData
-    extends ASN1Object
-{
-    private ASN1Boolean hashProtected;
-    private DERUTF8String fileName;
-    private DERIA5String  mediaType;
-    private Attributes otherMetaData;
-
-    public MetaData(
-        ASN1Boolean hashProtected,
-        DERUTF8String fileName,
-        DERIA5String mediaType,
-        Attributes otherMetaData)
-    {
-        this.hashProtected = hashProtected;
-        this.fileName = fileName;
-        this.mediaType = mediaType;
-        this.otherMetaData = otherMetaData;
-    }
-
-    private MetaData(ASN1Sequence seq)
-    {
-        this.hashProtected = ASN1Boolean.getInstance(seq.getObjectAt(0));
-
-        int index = 1;
-
-        if (index < seq.size() && seq.getObjectAt(index) instanceof DERUTF8String)
-        {
-            this.fileName = DERUTF8String.getInstance(seq.getObjectAt(index++));
-        }
-        if (index < seq.size() && seq.getObjectAt(index) instanceof DERIA5String)
-        {
-            this.mediaType = DERIA5String.getInstance(seq.getObjectAt(index++));
-        }
-        if (index < seq.size())
-        {
-            this.otherMetaData = Attributes.getInstance(seq.getObjectAt(index++));
-        }
-    }
-
-    /**
-     * Return a MetaData object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link MetaData} object
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with MetaData structure inside
-     * </ul>
-     *
-     * @param obj the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static MetaData getInstance(Object obj)
-    {
-        if (obj instanceof MetaData)
-        {
-            return (MetaData)obj;
-        }
-        else if (obj != null)
-        {
-            return new MetaData(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(hashProtected);
-
-        if (fileName != null)
-        {
-            v.add(fileName);
-        }
-
-        if (mediaType != null)
-        {
-            v.add(mediaType);
-        }
-
-        if (otherMetaData != null)
-        {
-            v.add(otherMetaData);
-        }
-        
-        return new DERSequence(v);
-    }
-
-    public boolean isHashProtected()
-    {
-        return hashProtected.isTrue();
-    }
-
-    public DERUTF8String getFileName()
-    {
-        return this.fileName;
-    }
-
-    public DERIA5String getMediaType()
-    {
-        return this.mediaType;
-    }
-
-    public Attributes getOtherMetaData()
-    {
-        return otherMetaData;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/OriginatorIdentifierOrKey.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/OriginatorIdentifierOrKey.java
deleted file mode 100644
index 3fcf288..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/OriginatorIdentifierOrKey.java
+++ /dev/null

@@ -1,176 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5652#section-6.2.2">RFC 5652</a>:
- * Content encryption key delivery mechanisms.
- * <pre>
- * OriginatorIdentifierOrKey ::= CHOICE {
- *     issuerAndSerialNumber IssuerAndSerialNumber,
- *     subjectKeyIdentifier [0] SubjectKeyIdentifier,
- *     originatorKey [1] OriginatorPublicKey 
- * }
- *
- * SubjectKeyIdentifier ::= OCTET STRING
- * </pre>
- */
-public class OriginatorIdentifierOrKey
-    extends ASN1Object
-    implements ASN1Choice
-{
-    private ASN1Encodable id;
-
-    public OriginatorIdentifierOrKey(
-        IssuerAndSerialNumber id)
-    {
-        this.id = id;
-    }
-
-    /**
-     * @deprecated use version taking a SubjectKeyIdentifier
-     */
-    public OriginatorIdentifierOrKey(
-        ASN1OctetString id)
-    {
-        this(new SubjectKeyIdentifier(id.getOctets()));
-    }
-
-    public OriginatorIdentifierOrKey(
-        SubjectKeyIdentifier id)
-    {
-        this.id = new DERTaggedObject(false, 0, id);
-    }
-
-    public OriginatorIdentifierOrKey(
-        OriginatorPublicKey id)
-    {
-        this.id = new DERTaggedObject(false, 1, id);
-    }
-
-    /**
-     * @deprecated use more specific version
-     */
-    public OriginatorIdentifierOrKey(
-        ASN1Primitive id)
-    {
-        this.id = id;
-    }
-
-    /**
-     * Return an OriginatorIdentifierOrKey object from a tagged object.
-     *
-     * @param o the tagged object holding the object we want.
-     * @param explicit true if the object is meant to be explicitly
-     *              tagged false otherwise.
-     * @exception IllegalArgumentException if the object held by the
-     *          tagged object cannot be converted.
-     */
-    public static OriginatorIdentifierOrKey getInstance(
-        ASN1TaggedObject    o,
-        boolean             explicit)
-    {
-        if (!explicit)
-        {
-            throw new IllegalArgumentException(
-                    "Can't implicitly tag OriginatorIdentifierOrKey");
-        }
-
-        return getInstance(o.getObject());
-    }
-    
-    /**
-     * Return an OriginatorIdentifierOrKey object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link OriginatorIdentifierOrKey} object
-     * <li> {@link IssuerAndSerialNumber} object
-     * <li> {@link org.bouncycastle.asn1.ASN1TaggedObject#getInstance(java.lang.Object) ASN1TaggedObject} input formats with IssuerAndSerialNumber structure inside
-     * </ul>
-     *
-     * @param o the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static OriginatorIdentifierOrKey getInstance(
-        Object o)
-    {
-        if (o == null || o instanceof OriginatorIdentifierOrKey)
-        {
-            return (OriginatorIdentifierOrKey)o;
-        }
-
-        if (o instanceof IssuerAndSerialNumber || o instanceof ASN1Sequence)
-        {
-            return new OriginatorIdentifierOrKey(IssuerAndSerialNumber.getInstance(o));
-        }
-
-        if (o instanceof ASN1TaggedObject)
-        {
-            ASN1TaggedObject tagged = (ASN1TaggedObject)o;
-
-            if (tagged.getTagNo() == 0)
-            {
-                return new OriginatorIdentifierOrKey(SubjectKeyIdentifier.getInstance(tagged, false));
-            }
-            else if (tagged.getTagNo() == 1)
-            {
-                return new OriginatorIdentifierOrKey(OriginatorPublicKey.getInstance(tagged, false));
-            }
-        }
-
-        throw new IllegalArgumentException("Invalid OriginatorIdentifierOrKey: " + o.getClass().getName());
-    }
-
-    public ASN1Encodable getId()
-    {
-        return id;
-    }
-
-    public IssuerAndSerialNumber getIssuerAndSerialNumber()
-    {
-        if (id instanceof IssuerAndSerialNumber)
-        {
-            return (IssuerAndSerialNumber)id;
-        }
-
-        return null;
-    }
-
-    public SubjectKeyIdentifier getSubjectKeyIdentifier()
-    {
-        if (id instanceof ASN1TaggedObject && ((ASN1TaggedObject)id).getTagNo() == 0)
-        {
-            return SubjectKeyIdentifier.getInstance((ASN1TaggedObject)id, false);
-        }
-
-        return null;
-    }
-
-    public OriginatorPublicKey getOriginatorKey()
-    {
-        if (id instanceof ASN1TaggedObject && ((ASN1TaggedObject)id).getTagNo() == 1)
-        {
-            return OriginatorPublicKey.getInstance((ASN1TaggedObject)id, false);
-        }
-
-        return null;
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return id.toASN1Primitive();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/OriginatorInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/OriginatorInfo.java
deleted file mode 100644
index 96abf7d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/OriginatorInfo.java
+++ /dev/null

@@ -1,159 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5652#section-6.2.1">RFC 5652</a>: OriginatorInfo object.
- * <pre>
- * RFC 3369:
- *
- * OriginatorInfo ::= SEQUENCE {
- *     certs [0] IMPLICIT CertificateSet OPTIONAL,
- *     crls  [1] IMPLICIT CertificateRevocationLists OPTIONAL 
- * }
- * CertificateRevocationLists ::= SET OF CertificateList (from X.509)
- *
- * RFC 3582 / 5652:
- *
- * OriginatorInfo ::= SEQUENCE {
- *     certs [0] IMPLICIT CertificateSet OPTIONAL,
- *     crls  [1] IMPLICIT RevocationInfoChoices OPTIONAL
- * }
- * RevocationInfoChoices ::= SET OF RevocationInfoChoice
- * RevocationInfoChoice ::= CHOICE {
- *     crl CertificateList,
- *     other [1] IMPLICIT OtherRevocationInfoFormat }
- *
- * OtherRevocationInfoFormat ::= SEQUENCE {
- *     otherRevInfoFormat OBJECT IDENTIFIER,
- *     otherRevInfo ANY DEFINED BY otherRevInfoFormat }
- * </pre>
- * <p>
- * TODO: RevocationInfoChoices / RevocationInfoChoice.
- *       Constructor using CertificateSet, CertificationInfoChoices
- */
-public class OriginatorInfo
-    extends ASN1Object
-{
-    private ASN1Set certs;
-    private ASN1Set crls;
-    
-    public OriginatorInfo(
-        ASN1Set certs,
-        ASN1Set crls)
-    {
-        this.certs = certs;
-        this.crls = crls;
-    }
-    
-    private OriginatorInfo(
-        ASN1Sequence seq)
-    {
-        switch (seq.size())
-        {
-        case 0:     // empty
-            break;
-        case 1:
-            ASN1TaggedObject o = (ASN1TaggedObject)seq.getObjectAt(0);
-            switch (o.getTagNo())
-            {
-            case 0 :
-                certs = ASN1Set.getInstance(o, false);
-                break;
-            case 1 :
-                crls = ASN1Set.getInstance(o, false);
-                break;
-            default:
-                throw new IllegalArgumentException("Bad tag in OriginatorInfo: " + o.getTagNo());
-            }
-            break;
-        case 2:
-            certs = ASN1Set.getInstance((ASN1TaggedObject)seq.getObjectAt(0), false);
-            crls  = ASN1Set.getInstance((ASN1TaggedObject)seq.getObjectAt(1), false);
-            break;
-        default:
-            throw new IllegalArgumentException("OriginatorInfo too big");
-        }
-    }
-    
-    /**
-     * Return an OriginatorInfo object from a tagged object.
-     *
-     * @param obj the tagged object holding the object we want.
-     * @param explicit true if the object is meant to be explicitly
-     *              tagged false otherwise.
-     * @exception IllegalArgumentException if the object held by the
-     *          tagged object cannot be converted.
-     */
-    public static OriginatorInfo getInstance(
-        ASN1TaggedObject    obj,
-        boolean             explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-    
-    /**
-     * Return an OriginatorInfo object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link OriginatorInfo} object
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with OriginatorInfo structure inside
-     * </ul>
-     *
-     * @param obj the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static OriginatorInfo getInstance(
-        Object obj)
-    {
-        if (obj instanceof OriginatorInfo)
-        {
-            return (OriginatorInfo)obj;
-        }
-        else if (obj != null)
-        {
-            return new OriginatorInfo(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-    
-    public ASN1Set getCertificates()
-    {
-        return certs;
-    }
-
-    public ASN1Set getCRLs()
-    {
-        return crls;
-    }
-
-    /** 
-     * Produce an object suitable for an ASN1OutputStream.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        if (certs != null)
-        {
-            v.add(new DERTaggedObject(false, 0, certs));
-        }
-        
-        if (crls != null)
-        {
-            v.add(new DERTaggedObject(false, 1, crls));
-        }
-        
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/OriginatorPublicKey.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/OriginatorPublicKey.java
deleted file mode 100644
index b9bc52f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/OriginatorPublicKey.java
+++ /dev/null

@@ -1,114 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5652#section-6.2.2">RFC 5652</a>:
- * Content encryption key delivery mechanisms.
- * <p>
- * <pre>
- * OriginatorPublicKey ::= SEQUENCE {
- *     algorithm AlgorithmIdentifier,
- *     publicKey BIT STRING 
- * }
- * </pre>
- */
-public class OriginatorPublicKey
-    extends ASN1Object
-{
-    private AlgorithmIdentifier algorithm;
-    private DERBitString        publicKey;
-    
-    public OriginatorPublicKey(
-        AlgorithmIdentifier algorithm,
-        byte[]              publicKey)
-    {
-        this.algorithm = algorithm;
-        this.publicKey = new DERBitString(publicKey);
-    }
-
-    /**
-     * @deprecated use getInstance()
-     */
-    public OriginatorPublicKey(
-        ASN1Sequence seq)
-    {
-        algorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(0));
-        publicKey = (DERBitString)seq.getObjectAt(1);
-    }
-    
-    /**
-     * Return an OriginatorPublicKey object from a tagged object.
-     *
-     * @param obj the tagged object holding the object we want.
-     * @param explicit true if the object is meant to be explicitly
-     *              tagged false otherwise.
-     * @exception IllegalArgumentException if the object held by the
-     *          tagged object cannot be converted.
-     */
-    public static OriginatorPublicKey getInstance(
-        ASN1TaggedObject    obj,
-        boolean             explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-    
-    /**
-     * Return an OriginatorPublicKey object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link OriginatorPublicKey} object
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with OriginatorPublicKey structure inside
-     * </ul>
-     *
-     * @param obj the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static OriginatorPublicKey getInstance(
-        Object obj)
-    {
-        if (obj instanceof OriginatorPublicKey)
-        {
-            return (OriginatorPublicKey)obj;
-        }
-        
-        if (obj != null)
-        {
-            return new OriginatorPublicKey(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    } 
-
-    public AlgorithmIdentifier getAlgorithm()
-    {
-        return algorithm;
-    }
-
-    public DERBitString getPublicKey()
-    {
-        return publicKey;
-    }
-
-    /** 
-     * Produce an object suitable for an ASN1OutputStream.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        v.add(algorithm);
-        v.add(publicKey);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/OtherKeyAttribute.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/OtherKeyAttribute.java
deleted file mode 100644
index 576bee6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/OtherKeyAttribute.java
+++ /dev/null

@@ -1,93 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5652#section-10.2.7">RFC 5652</a>: OtherKeyAttribute object.
- * <p>
- * <pre>
- * OtherKeyAttribute ::= SEQUENCE {
- *     keyAttrId OBJECT IDENTIFIER,
- *     keyAttr ANY DEFINED BY keyAttrId OPTIONAL
- * }
- * </pre>
- */
-public class OtherKeyAttribute
-    extends ASN1Object
-{
-    private ASN1ObjectIdentifier keyAttrId;
-    private ASN1Encodable        keyAttr;
-
-    /**
-     * Return an OtherKeyAttribute object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link OtherKeyAttribute} object
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with OtherKeyAttribute structure inside
-     * </ul>
-     *
-     * @param o the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static OtherKeyAttribute getInstance(
-        Object o)
-    {
-        if (o instanceof OtherKeyAttribute)
-        {
-            return (OtherKeyAttribute)o;
-        }
-        
-        if (o != null)
-        {
-            return new OtherKeyAttribute(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    private OtherKeyAttribute(
-        ASN1Sequence seq)
-    {
-        keyAttrId = (ASN1ObjectIdentifier)seq.getObjectAt(0);
-        keyAttr = seq.getObjectAt(1);
-    }
-
-    public OtherKeyAttribute(
-        ASN1ObjectIdentifier keyAttrId,
-        ASN1Encodable        keyAttr)
-    {
-        this.keyAttrId = keyAttrId;
-        this.keyAttr = keyAttr;
-    }
-
-    public ASN1ObjectIdentifier getKeyAttrId()
-    {
-        return keyAttrId;
-    }
-    
-    public ASN1Encodable getKeyAttr()
-    {
-        return keyAttr;
-    }
-
-    /** 
-     * Produce an object suitable for an ASN1OutputStream.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(keyAttrId);
-        v.add(keyAttr);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/OtherRecipientInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/OtherRecipientInfo.java
deleted file mode 100644
index a8d5ed0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/OtherRecipientInfo.java
+++ /dev/null

@@ -1,109 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5652#section-6.2.5">RFC 5652</a>:
- * Content encryption key delivery mechanisms.
- * <pre>
- * OtherRecipientInfo ::= SEQUENCE {
- *    oriType OBJECT IDENTIFIER,
- *    oriValue ANY DEFINED BY oriType }
- * </pre>
- */
-public class OtherRecipientInfo
-    extends ASN1Object
-{
-    private ASN1ObjectIdentifier    oriType;
-    private ASN1Encodable           oriValue;
-
-    public OtherRecipientInfo(
-        ASN1ObjectIdentifier     oriType,
-        ASN1Encodable            oriValue)
-    {
-        this.oriType = oriType;
-        this.oriValue = oriValue;
-    }
-    
-    private OtherRecipientInfo(
-        ASN1Sequence seq)
-    {
-        oriType = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
-        oriValue = seq.getObjectAt(1);
-    }
-
-    /**
-     * Return a OtherRecipientInfo object from a tagged object.
-     *
-     * @param obj the tagged object holding the object we want.
-     * @param explicit true if the object is meant to be explicitly
-     *              tagged false otherwise.
-     * @exception IllegalArgumentException if the object held by the
-     *          tagged object cannot be converted.
-     */
-    public static OtherRecipientInfo getInstance(
-        ASN1TaggedObject    obj,
-        boolean             explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-    
-    /**
-     * Return a OtherRecipientInfo object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link PasswordRecipientInfo} object
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with OtherRecipientInfo structure inside
-     * </ul>
-     *
-     * @param obj the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static OtherRecipientInfo getInstance(
-        Object obj)
-    {
-        if (obj instanceof OtherRecipientInfo)
-        {
-            return (OtherRecipientInfo)obj;
-        }
-        
-        if (obj != null)
-        {
-            return new OtherRecipientInfo(ASN1Sequence.getInstance(obj));
-        }
-        
-        return null;
-    }
-
-    public ASN1ObjectIdentifier getType()
-    {
-        return oriType;
-    }
-
-    public ASN1Encodable getValue()
-    {
-        return oriValue;
-    }
-
-    /** 
-     * Produce an object suitable for an ASN1OutputStream.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        v.add(oriType);
-        v.add(oriValue);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/OtherRevocationInfoFormat.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/OtherRevocationInfoFormat.java
deleted file mode 100644
index a8348ff..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/OtherRevocationInfoFormat.java
+++ /dev/null

@@ -1,109 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5652#section-10.2.1">RFC 5652</a>: OtherRevocationInfoFormat object.
- * <p>
- * <pre>
- * OtherRevocationInfoFormat ::= SEQUENCE {
- *      otherRevInfoFormat OBJECT IDENTIFIER,
- *      otherRevInfo ANY DEFINED BY otherRevInfoFormat }
- * </pre>
- */
-public class OtherRevocationInfoFormat
-    extends ASN1Object
-{
-    private ASN1ObjectIdentifier otherRevInfoFormat;
-    private ASN1Encodable otherRevInfo;
-
-    public OtherRevocationInfoFormat(
-        ASN1ObjectIdentifier otherRevInfoFormat,
-        ASN1Encodable otherRevInfo)
-    {
-        this.otherRevInfoFormat = otherRevInfoFormat;
-        this.otherRevInfo = otherRevInfo;
-    }
-
-    private OtherRevocationInfoFormat(
-        ASN1Sequence seq)
-    {
-        otherRevInfoFormat = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
-        otherRevInfo = seq.getObjectAt(1);
-    }
-
-    /**
-     * Return a OtherRevocationInfoFormat object from a tagged object.
-     *
-     * @param obj the tagged object holding the object we want.
-     * @param explicit true if the object is meant to be explicitly
-     *              tagged false otherwise.
-     * @exception IllegalArgumentException if the object held by the
-     *          tagged object cannot be converted.
-     */
-    public static OtherRevocationInfoFormat getInstance(
-        ASN1TaggedObject    obj,
-        boolean             explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-    
-    /**
-     * Return a OtherRevocationInfoFormat object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link OtherRevocationInfoFormat} object
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with OtherRevocationInfoFormat structure inside
-     * </ul>
-     *
-     * @param obj the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static OtherRevocationInfoFormat getInstance(
-        Object obj)
-    {
-        if (obj instanceof OtherRevocationInfoFormat)
-        {
-            return (OtherRevocationInfoFormat)obj;
-        }
-        
-        if (obj != null)
-        {
-            return new OtherRevocationInfoFormat(ASN1Sequence.getInstance(obj));
-        }
-        
-        return null;
-    }
-
-    public ASN1ObjectIdentifier getInfoFormat()
-    {
-        return otherRevInfoFormat;
-    }
-
-    public ASN1Encodable getInfo()
-    {
-        return otherRevInfo;
-    }
-
-    /** 
-     * Produce an object suitable for an ASN1OutputStream.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        v.add(otherRevInfoFormat);
-        v.add(otherRevInfo);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/PasswordRecipientInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/PasswordRecipientInfo.java
deleted file mode 100644
index 7ed16cf..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/PasswordRecipientInfo.java
+++ /dev/null

@@ -1,157 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5652#section-10.2.7">RFC 5652</a>:
- * Content encryption key delivery mechanisms.
- * <pre>
- * PasswordRecipientInfo ::= SEQUENCE {
- *     version       CMSVersion,   -- Always set to 0
- *     keyDerivationAlgorithm [0] KeyDerivationAlgorithmIdentifier
- *                             OPTIONAL,
- *     keyEncryptionAlgorithm KeyEncryptionAlgorithmIdentifier,
- *     encryptedKey  EncryptedKey }
- * </pre>
- */
-public class PasswordRecipientInfo
-    extends ASN1Object
-{
-    private ASN1Integer          version;
-    private AlgorithmIdentifier keyDerivationAlgorithm;
-    private AlgorithmIdentifier keyEncryptionAlgorithm;
-    private ASN1OctetString     encryptedKey;
-
-    public PasswordRecipientInfo(
-        AlgorithmIdentifier     keyEncryptionAlgorithm,
-        ASN1OctetString         encryptedKey)
-    {
-        this.version = new ASN1Integer(0);
-        this.keyEncryptionAlgorithm = keyEncryptionAlgorithm;
-        this.encryptedKey = encryptedKey;
-    }
-    
-    public PasswordRecipientInfo(
-        AlgorithmIdentifier     keyDerivationAlgorithm,
-        AlgorithmIdentifier     keyEncryptionAlgorithm,
-        ASN1OctetString         encryptedKey)
-    {
-        this.version = new ASN1Integer(0);
-        this.keyDerivationAlgorithm = keyDerivationAlgorithm;
-        this.keyEncryptionAlgorithm = keyEncryptionAlgorithm;
-        this.encryptedKey = encryptedKey;
-    }
-
-    /**
-     * @deprecated use getInstance() method.
-     */
-    public PasswordRecipientInfo(
-        ASN1Sequence seq)
-    {
-        version = (ASN1Integer)seq.getObjectAt(0);
-        if (seq.getObjectAt(1) instanceof ASN1TaggedObject)
-        {
-            keyDerivationAlgorithm = AlgorithmIdentifier.getInstance((ASN1TaggedObject)seq.getObjectAt(1), false);
-            keyEncryptionAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(2));
-            encryptedKey = (ASN1OctetString)seq.getObjectAt(3);
-        }
-        else
-        {
-            keyEncryptionAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(1));
-            encryptedKey = (ASN1OctetString)seq.getObjectAt(2);
-        }
-    }
-
-    /**
-     * Return a PasswordRecipientInfo object from a tagged object.
-     *
-     * @param obj the tagged object holding the object we want.
-     * @param explicit true if the object is meant to be explicitly
-     *              tagged false otherwise.
-     * @exception IllegalArgumentException if the object held by the
-     *          tagged object cannot be converted.
-     */
-    public static PasswordRecipientInfo getInstance(
-        ASN1TaggedObject    obj,
-        boolean             explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-    
-    /**
-     * Return a PasswordRecipientInfo object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link PasswordRecipientInfo} object
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with PasswordRecipientInfo structure inside
-     * </ul>
-     *
-     * @param obj the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static PasswordRecipientInfo getInstance(
-        Object obj)
-    {
-        if (obj instanceof PasswordRecipientInfo)
-        {
-            return (PasswordRecipientInfo)obj;
-        }
-        
-        if (obj != null)
-        {
-            return new PasswordRecipientInfo(ASN1Sequence.getInstance(obj));
-        }
-        
-        return null;
-    }
-
-    public ASN1Integer getVersion()
-    {
-        return version;
-    }
-
-    public AlgorithmIdentifier getKeyDerivationAlgorithm()
-    {
-        return keyDerivationAlgorithm;
-    }
-
-    public AlgorithmIdentifier getKeyEncryptionAlgorithm()
-    {
-        return keyEncryptionAlgorithm;
-    }
-
-    public ASN1OctetString getEncryptedKey()
-    {
-        return encryptedKey;
-    }
-
-    /** 
-     * Produce an object suitable for an ASN1OutputStream.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        v.add(version);
-        
-        if (keyDerivationAlgorithm != null)
-        {
-            v.add(new DERTaggedObject(false, 0, keyDerivationAlgorithm));
-        }
-        v.add(keyEncryptionAlgorithm);
-        v.add(encryptedKey);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientEncryptedKey.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientEncryptedKey.java
deleted file mode 100644
index 5062c10..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientEncryptedKey.java
+++ /dev/null

@@ -1,109 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5652#section-6.2.2">RFC 5652</a>:
- * Content encryption key delivery mechanisms.
- * <pre>
- * RecipientEncryptedKey ::= SEQUENCE {
- *     rid KeyAgreeRecipientIdentifier,
- *     encryptedKey EncryptedKey
- * }
- * </pre>
- */
-public class RecipientEncryptedKey
-    extends ASN1Object
-{
-    private KeyAgreeRecipientIdentifier identifier;
-    private ASN1OctetString encryptedKey;
-
-    private RecipientEncryptedKey(
-        ASN1Sequence seq)
-    {
-        identifier = KeyAgreeRecipientIdentifier.getInstance(seq.getObjectAt(0));
-        encryptedKey = (ASN1OctetString)seq.getObjectAt(1);
-    }
-    
-    /**
-     * Return an RecipientEncryptedKey object from a tagged object.
-     *
-     * @param obj the tagged object holding the object we want.
-     * @param explicit true if the object is meant to be explicitly
-     *              tagged false otherwise.
-     * @exception IllegalArgumentException if the object held by the
-     *          tagged object cannot be converted.
-     */
-    public static RecipientEncryptedKey getInstance(
-        ASN1TaggedObject    obj,
-        boolean             explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-    
-    /**
-     * Return a RecipientEncryptedKey object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link RecipientEncryptedKey} object
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with RecipientEncryptedKey structure inside
-     * </ul>
-     *
-     * @param obj the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static RecipientEncryptedKey getInstance(
-        Object obj)
-    {
-        if (obj instanceof RecipientEncryptedKey)
-        {
-            return (RecipientEncryptedKey)obj;
-        }
-        
-        if (obj != null)
-        {
-            return new RecipientEncryptedKey(ASN1Sequence.getInstance(obj));
-        }
-        
-        return null;
-    } 
-
-    public RecipientEncryptedKey(
-        KeyAgreeRecipientIdentifier id,
-        ASN1OctetString             encryptedKey)
-    {
-        this.identifier = id;
-        this.encryptedKey = encryptedKey;
-    }
-
-    public KeyAgreeRecipientIdentifier getIdentifier()
-    {
-        return identifier;
-    }
-
-    public ASN1OctetString getEncryptedKey()
-    {
-        return encryptedKey;
-    }
-
-    /** 
-     * Produce an object suitable for an ASN1OutputStream.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        v.add(identifier);
-        v.add(encryptedKey);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientIdentifier.java
deleted file mode 100644
index 66b154a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientIdentifier.java
+++ /dev/null

@@ -1,111 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERTaggedObject;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5652#section-6.2.1">RFC 5652</a>:
- * Content encryption key delivery mechanisms.
- * <pre>
- * RecipientIdentifier ::= CHOICE {
- *     issuerAndSerialNumber IssuerAndSerialNumber,
- *     subjectKeyIdentifier [0] SubjectKeyIdentifier 
- * }
- *
- * SubjectKeyIdentifier ::= OCTET STRING
- * </pre>
- */
-public class RecipientIdentifier
-    extends ASN1Object
-    implements ASN1Choice
-{
-    private ASN1Encodable id;
-    
-    public RecipientIdentifier(
-        IssuerAndSerialNumber id)
-    {
-        this.id = id;
-    }
-    
-    public RecipientIdentifier(
-        ASN1OctetString id)
-    {
-        this.id = new DERTaggedObject(false, 0, id);
-    }
-    
-    public RecipientIdentifier(
-        ASN1Primitive id)
-    {
-        this.id = id;
-    }
-    
-    /**
-     * Return a RecipientIdentifier object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link RecipientIdentifier} object
-     * <li> {@link IssuerAndSerialNumber} object
-     * <li> {@link org.bouncycastle.asn1.ASN1OctetString#getInstance(java.lang.Object) ASN1OctetString} input formats (OctetString, byte[]) with value of KeyIdentifier in DER form
-     * <li> {@link org.bouncycastle.asn1.ASN1Primitive ASN1Primitive} for RecipientIdentifier constructor
-     * </ul>
-     *
-     * @param o the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static RecipientIdentifier getInstance(
-        Object o)
-    {
-        if (o == null || o instanceof RecipientIdentifier)
-        {
-            return (RecipientIdentifier)o;
-        }
-        
-        if (o instanceof IssuerAndSerialNumber)
-        {
-            return new RecipientIdentifier((IssuerAndSerialNumber)o);
-        }
-        
-        if (o instanceof ASN1OctetString)
-        {
-            return new RecipientIdentifier((ASN1OctetString)o);
-        }
-        
-        if (o instanceof ASN1Primitive)
-        {
-            return new RecipientIdentifier((ASN1Primitive)o);
-        }
-        
-        throw new IllegalArgumentException(
-          "Illegal object in RecipientIdentifier: " + o.getClass().getName());
-    } 
-
-    public boolean isTagged()
-    {
-        return (id instanceof ASN1TaggedObject);
-    }
-
-    public ASN1Encodable getId()
-    {
-        if (id instanceof ASN1TaggedObject)
-        {
-            return ASN1OctetString.getInstance((ASN1TaggedObject)id, false);
-        }
-
-        return IssuerAndSerialNumber.getInstance(id);
-    }
-
-    /** 
-     * Produce an object suitable for an ASN1OutputStream.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return id.toASN1Primitive();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientInfo.java
deleted file mode 100644
index 39a7bb2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientInfo.java
+++ /dev/null

@@ -1,173 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERTaggedObject;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5652#section-6.2">RFC 5652</a>:
- * Content encryption key delivery mechanisms.
- * <p>
- * <pre>
- * RecipientInfo ::= CHOICE {
- *     ktri      KeyTransRecipientInfo,
- *     kari  [1] KeyAgreeRecipientInfo,
- *     kekri [2] KEKRecipientInfo,
- *     pwri  [3] PasswordRecipientInfo,
- *     ori   [4] OtherRecipientInfo }
- * </pre>
- */
-public class RecipientInfo
-    extends ASN1Object
-    implements ASN1Choice
-{
-    ASN1Encodable    info;
-
-    public RecipientInfo(
-        KeyTransRecipientInfo info)
-    {
-        this.info = info;
-    }
-
-    public RecipientInfo(
-        KeyAgreeRecipientInfo info)
-    {
-        this.info = new DERTaggedObject(false, 1, info);
-    }
-
-    public RecipientInfo(
-        KEKRecipientInfo info)
-    {
-        this.info = new DERTaggedObject(false, 2, info);
-    }
-
-    public RecipientInfo(
-        PasswordRecipientInfo info)
-    {
-        this.info = new DERTaggedObject(false, 3, info);
-    }
-
-    public RecipientInfo(
-        OtherRecipientInfo info)
-    {
-        this.info = new DERTaggedObject(false, 4, info);
-    }
-
-    public RecipientInfo(
-        ASN1Primitive   info)
-    {
-        this.info = info;
-    }
-
-    /**
-     * Return a RecipientInfo object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link RecipientInfo} object
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with RecipientInfo structure inside
-     * <li> {@link org.bouncycastle.asn1.ASN1TaggedObject#getInstance(java.lang.Object) ASN1TaggedObject} input formats with RecipientInfo structure inside
-     * </ul>
-     *
-     * @param o the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static RecipientInfo getInstance(
-        Object  o)
-    {
-        if (o == null || o instanceof RecipientInfo)
-        {
-            return (RecipientInfo)o;
-        }
-        else if (o instanceof ASN1Sequence)
-        {
-            return new RecipientInfo((ASN1Sequence)o);
-        }
-        else if (o instanceof ASN1TaggedObject)
-        {
-            return new RecipientInfo((ASN1TaggedObject)o);
-        }
-
-        throw new IllegalArgumentException("unknown object in factory: "
-                                                    + o.getClass().getName());
-    }
-
-    public ASN1Integer getVersion()
-    {
-        if (info instanceof ASN1TaggedObject)
-        {
-            ASN1TaggedObject o = (ASN1TaggedObject)info;
-
-            switch (o.getTagNo())
-            {
-            case 1:
-                return KeyAgreeRecipientInfo.getInstance(o, false).getVersion();
-            case 2:
-                return getKEKInfo(o).getVersion();
-            case 3:
-                return PasswordRecipientInfo.getInstance(o, false).getVersion();
-            case 4:
-                return new ASN1Integer(0);    // no syntax version for OtherRecipientInfo
-            default:
-                throw new IllegalStateException("unknown tag");
-            }
-        }
-
-        return KeyTransRecipientInfo.getInstance(info).getVersion();
-    }
-
-    public boolean isTagged()
-    {
-        return (info instanceof ASN1TaggedObject);
-    }
-
-    public ASN1Encodable getInfo()
-    {
-        if (info instanceof ASN1TaggedObject)
-        {
-            ASN1TaggedObject o = (ASN1TaggedObject)info;
-
-            switch (o.getTagNo())
-            {
-            case 1:
-                return KeyAgreeRecipientInfo.getInstance(o, false);
-            case 2:
-                return getKEKInfo(o);
-            case 3:
-                return PasswordRecipientInfo.getInstance(o, false);
-            case 4:
-                return OtherRecipientInfo.getInstance(o, false);
-            default:
-                throw new IllegalStateException("unknown tag");
-            }
-        }
-
-        return KeyTransRecipientInfo.getInstance(info);
-    }
-
-    private KEKRecipientInfo getKEKInfo(ASN1TaggedObject o)
-    {
-        if (o.isExplicit())
-        {                        // compatibilty with erroneous version
-            return KEKRecipientInfo.getInstance(o, true);
-        }
-        else
-        {
-            return KEKRecipientInfo.getInstance(o, false);
-        }
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return info.toASN1Primitive();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientKeyIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientKeyIdentifier.java
deleted file mode 100644
index a680e4a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/RecipientKeyIdentifier.java
+++ /dev/null

@@ -1,171 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5652#section-6.2.2">RFC 5652</a>:
- * Content encryption key delivery mechanisms.
- * <p>
- * <pre>
- * RecipientKeyIdentifier ::= SEQUENCE {
- *     subjectKeyIdentifier SubjectKeyIdentifier,
- *     date GeneralizedTime OPTIONAL,
- *     other OtherKeyAttribute OPTIONAL 
- * }
- *
- * SubjectKeyIdentifier ::= OCTET STRING
- * </pre>
- */
-public class RecipientKeyIdentifier
-    extends ASN1Object
-{
-    private ASN1OctetString      subjectKeyIdentifier;
-    private ASN1GeneralizedTime  date;
-    private OtherKeyAttribute    other;
-
-    public RecipientKeyIdentifier(
-        ASN1OctetString         subjectKeyIdentifier,
-        ASN1GeneralizedTime     date,
-        OtherKeyAttribute       other)
-    {
-        this.subjectKeyIdentifier = subjectKeyIdentifier;
-        this.date = date;
-        this.other = other;
-    }
-
-    public RecipientKeyIdentifier(
-        byte[]                  subjectKeyIdentifier,
-        ASN1GeneralizedTime     date,
-        OtherKeyAttribute       other)
-    {
-        this.subjectKeyIdentifier = new DEROctetString(subjectKeyIdentifier);
-        this.date = date;
-        this.other = other;
-    }
-
-    public RecipientKeyIdentifier(
-        byte[]         subjectKeyIdentifier)
-    {
-        this(subjectKeyIdentifier, null, null);
-    }
-
-    /**
-     * @deprecated use getInstance()
-     */
-    public RecipientKeyIdentifier(
-        ASN1Sequence seq)
-    {
-        subjectKeyIdentifier = ASN1OctetString.getInstance(
-                                                    seq.getObjectAt(0));
-        
-        switch(seq.size())
-        {
-        case 1:
-            break;
-        case 2:
-            if (seq.getObjectAt(1) instanceof ASN1GeneralizedTime)
-            {
-                date = ASN1GeneralizedTime.getInstance(seq.getObjectAt(1));
-            }
-            else
-            {
-                other = OtherKeyAttribute.getInstance(seq.getObjectAt(2));
-            }
-            break;
-        case 3:
-            date  = ASN1GeneralizedTime.getInstance(seq.getObjectAt(1));
-            other = OtherKeyAttribute.getInstance(seq.getObjectAt(2));
-            break;
-        default:
-            throw new IllegalArgumentException("Invalid RecipientKeyIdentifier");
-        }
-    }
-
-    /**
-     * Return a RecipientKeyIdentifier object from a tagged object.
-     *
-     * @param ato the tagged object holding the object we want.
-     * @param isExplicit true if the object is meant to be explicitly
-     *              tagged false otherwise.
-     * @exception IllegalArgumentException if the object held by the
-     *          tagged object cannot be converted.
-     */
-    public static RecipientKeyIdentifier getInstance(ASN1TaggedObject ato, boolean isExplicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(ato, isExplicit));
-    }
-    
-    /**
-     * Return a RecipientKeyIdentifier object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link RecipientKeyIdentifier} object
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with RecipientKeyIdentifier structure inside
-     * </ul>
-     *
-     * @param obj the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static RecipientKeyIdentifier getInstance(Object obj)
-    {
-        if (obj instanceof RecipientKeyIdentifier)
-        {
-            return (RecipientKeyIdentifier)obj;
-        }
-        
-        if(obj != null)
-        {
-            return new RecipientKeyIdentifier(ASN1Sequence.getInstance(obj));
-        }
-        
-        return null;
-    } 
-
-    public ASN1OctetString getSubjectKeyIdentifier()
-    {
-        return subjectKeyIdentifier;
-    }
-
-    public ASN1GeneralizedTime getDate()
-    {
-        return date;
-    }
-
-    public OtherKeyAttribute getOtherKeyAttribute()
-    {
-        return other;
-    }
-
-
-    /** 
-     * Produce an object suitable for an ASN1OutputStream.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        v.add(subjectKeyIdentifier);
-        
-        if (date != null)
-        {
-            v.add(date);
-        }
-
-        if (other != null)
-        {
-            v.add(other);
-        }
-        
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/RsaKemParameters.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/RsaKemParameters.java
deleted file mode 100644
index 07315a6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/RsaKemParameters.java
+++ /dev/null

@@ -1,87 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * RFC 5990 RSA KEM parameters class.
- * <pre>
- *  RsaKemParameters ::= SEQUENCE {
- *     keyDerivationFunction  KeyDerivationFunction,
- *     keyLength              KeyLength
- *   }
- *
- *   KeyDerivationFunction ::= AlgorithmIdentifier
- *   KeyLength ::= INTEGER (1..MAX)
- * </pre>
- */
-public class RsaKemParameters
-    extends ASN1Object
-{
-    private final AlgorithmIdentifier keyDerivationFunction;
-    private final BigInteger keyLength;
-
-    private RsaKemParameters(ASN1Sequence sequence)
-    {
-        if (sequence.size() != 2)
-        {
-            throw new IllegalArgumentException("ASN.1 SEQUENCE should be of length 2");
-        }
-        this.keyDerivationFunction = AlgorithmIdentifier.getInstance(sequence.getObjectAt(0));
-        this.keyLength = ASN1Integer.getInstance(sequence.getObjectAt(1)).getValue();
-    }
-
-    public static RsaKemParameters getInstance(
-        Object  o)
-    {
-        if (o instanceof RsaKemParameters)
-        {
-            return (RsaKemParameters)o;
-        }
-        else if (o != null)
-        {
-            return new RsaKemParameters(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    /**
-     * Base constructor.
-     *
-     * @param keyDerivationFunction algorithm ID describing the key derivation function.
-     * @param keyLength length of key to be derived (in bytes).
-     */
-    public RsaKemParameters(AlgorithmIdentifier keyDerivationFunction, int keyLength)
-    {
-        this.keyDerivationFunction = keyDerivationFunction;
-        this.keyLength = BigInteger.valueOf(keyLength);
-    }
-
-    public AlgorithmIdentifier getKeyDerivationFunction()
-    {
-        return keyDerivationFunction;
-    }
-
-    public BigInteger getKeyLength()
-    {
-        return keyLength;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(keyDerivationFunction);
-        v.add(new ASN1Integer(keyLength));
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/SCVPReqRes.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/SCVPReqRes.java
deleted file mode 100644
index 52279c3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/SCVPReqRes.java
+++ /dev/null

@@ -1,108 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5940">RFC 5940</a>:
- * Additional Cryptographic Message Syntax (CMS) Revocation Information Choices.
- * <p>
- * <pre>
- * SCVPReqRes ::= SEQUENCE {
- *     request  [0] EXPLICIT ContentInfo OPTIONAL,
- *     response     ContentInfo }
- * </pre>
- */
-public class SCVPReqRes
-    extends ASN1Object
-{
-    private final ContentInfo request;
-    private final ContentInfo response;
-
-    /**
-     * Return a SCVPReqRes object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link SCVPReqRes} object
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with SCVPReqRes structure inside
-     * </ul>
-     *
-     * @param obj the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static SCVPReqRes getInstance(
-        Object  obj)
-    {
-        if (obj instanceof SCVPReqRes)
-        {
-            return (SCVPReqRes)obj;
-        }
-        else if (obj != null)
-        {
-            return new SCVPReqRes(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private SCVPReqRes(
-        ASN1Sequence seq)
-    {
-        if (seq.getObjectAt(0) instanceof ASN1TaggedObject)
-        {
-            this.request = ContentInfo.getInstance(ASN1TaggedObject.getInstance(seq.getObjectAt(0)), true);
-            this.response = ContentInfo.getInstance(seq.getObjectAt(1));
-        }
-        else
-        {
-            this.request = null;
-            this.response = ContentInfo.getInstance(seq.getObjectAt(0));
-        }
-    }
-
-    public SCVPReqRes(ContentInfo response)
-    {
-        this.request = null;       // use of this confuses earlier JDKs
-        this.response = response;
-    }
-
-    public SCVPReqRes(ContentInfo request, ContentInfo response)
-    {
-        this.request = request;
-        this.response = response;
-    }
-
-    public ContentInfo getRequest()
-    {
-        return request;
-    }
-
-    public ContentInfo getResponse()
-    {
-        return response;
-    }
-
-    /**
-     * @return  the ASN.1 primitive representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector    v = new ASN1EncodableVector();
-
-        if (request != null)
-        {
-            v.add(new DERTaggedObject(true, 0, request));
-        }
-
-        v.add(response);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/SignedDataParser.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/SignedDataParser.java
deleted file mode 100644
index df22b8e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/SignedDataParser.java
+++ /dev/null

@@ -1,141 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1SequenceParser;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.ASN1SetParser;
-import org.bouncycastle.asn1.ASN1TaggedObjectParser;
-import org.bouncycastle.asn1.BERTags;
-
-/**
- * Parser for <a href="http://tools.ietf.org/html/rfc5652#section-5.1">RFC 5652</a>: {@link SignedData} object.
- * <p>
- * <pre>
- * SignedData ::= SEQUENCE {
- *     version CMSVersion,
- *     digestAlgorithms DigestAlgorithmIdentifiers,
- *     encapContentInfo EncapsulatedContentInfo,
- *     certificates [0] IMPLICIT CertificateSet OPTIONAL,
- *     crls [1] IMPLICIT CertificateRevocationLists OPTIONAL,
- *     signerInfos SignerInfos
- *   }
- * </pre>
- */
-public class SignedDataParser
-{
-    private ASN1SequenceParser _seq;
-    private ASN1Integer         _version;
-    private Object             _nextObject;
-    private boolean            _certsCalled;
-    private boolean            _crlsCalled;
-
-    public static SignedDataParser getInstance(
-        Object o)
-        throws IOException
-    {
-        if (o instanceof ASN1Sequence)
-        {
-            return new SignedDataParser(((ASN1Sequence)o).parser());
-        }
-        if (o instanceof ASN1SequenceParser)
-        {
-            return new SignedDataParser((ASN1SequenceParser)o);
-        }
-
-        throw new IOException("unknown object encountered: " + o.getClass().getName());
-    }
-
-    private SignedDataParser(
-        ASN1SequenceParser seq)
-        throws IOException
-    {
-        this._seq = seq;
-        this._version = (ASN1Integer)seq.readObject();
-    }
-
-    public ASN1Integer getVersion()
-    {
-        return _version;
-    }
-
-    public ASN1SetParser getDigestAlgorithms()
-        throws IOException
-    {
-        Object o = _seq.readObject();
-
-        if (o instanceof ASN1Set)
-        {
-            return ((ASN1Set)o).parser();
-        }
-
-        return (ASN1SetParser)o;
-    }
-
-    public ContentInfoParser getEncapContentInfo()
-        throws IOException
-    {
-        return new ContentInfoParser((ASN1SequenceParser)_seq.readObject());
-    }
-
-    public ASN1SetParser getCertificates()
-        throws IOException
-    {
-        _certsCalled = true;
-        _nextObject = _seq.readObject();
-
-        if (_nextObject instanceof ASN1TaggedObjectParser && ((ASN1TaggedObjectParser)_nextObject).getTagNo() == 0)
-        {
-            ASN1SetParser certs = (ASN1SetParser)((ASN1TaggedObjectParser)_nextObject).getObjectParser(BERTags.SET, false);
-            _nextObject = null;
-
-            return certs;
-        }
-
-        return null;
-    }
-
-    public ASN1SetParser getCrls()
-        throws IOException
-    {
-        if (!_certsCalled)
-        {
-            throw new IOException("getCerts() has not been called.");
-        }
-
-        _crlsCalled = true;
-
-        if (_nextObject == null)
-        {
-            _nextObject = _seq.readObject();
-        }
-
-        if (_nextObject instanceof ASN1TaggedObjectParser && ((ASN1TaggedObjectParser)_nextObject).getTagNo() == 1)
-        {
-            ASN1SetParser crls = (ASN1SetParser)((ASN1TaggedObjectParser)_nextObject).getObjectParser(BERTags.SET, false);
-            _nextObject = null;
-
-            return crls;
-        }
-
-        return null;
-    }
-
-    public ASN1SetParser getSignerInfos()
-        throws IOException
-    {
-        if (!_certsCalled || !_crlsCalled)
-        {
-            throw new IOException("getCerts() and/or getCrls() has not been called.");
-        }
-
-        if (_nextObject == null)
-        {
-            _nextObject = _seq.readObject();
-        }
-
-        return (ASN1SetParser)_nextObject;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/Time.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/Time.java
index 84f12a9..a6f8d8f 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/Time.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/cms/Time.java

@@ -2,6 +2,8 @@
 
 import java.text.ParseException;
 import java.text.SimpleDateFormat;
+// Android-added: Localization support
+import java.util.Calendar;
 import java.util.Date;
 import java.util.Locale;
 import java.util.SimpleTimeZone;
@@ -70,7 +72,9 @@
         Date    time)
     {
         SimpleTimeZone      tz = new SimpleTimeZone(0, "Z");
-        SimpleDateFormat    dateF = new SimpleDateFormat("yyyyMMddHHmmss");
+        // Android-changed: Use localized version
+        // SimpleDateFormat    dateF = new SimpleDateFormat("yyyyMMddHHmmss");
+        SimpleDateFormat    dateF = new SimpleDateFormat("yyyyMMddHHmmss", Locale.US);
 
         dateF.setTimeZone(tz);
 
@@ -101,7 +105,11 @@
         Locale locale)
     {
         SimpleTimeZone      tz = new SimpleTimeZone(0, "Z");
-        SimpleDateFormat    dateF = new SimpleDateFormat("yyyyMMddHHmmss", locale);
+        // BEGIN Android-changed: Use localized version
+        // SimpleDateFormat    dateF = new SimpleDateFormat("yyyyMMddHHmmss", locale);
+        SimpleDateFormat    dateF = new SimpleDateFormat("yyyyMMddHHmmss", Locale.US);
+        dateF.setCalendar(Calendar.getInstance(locale));
+        // END Android-changed: Use localized version
 
         dateF.setTimeZone(tz);
 

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampAndCRL.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampAndCRL.java
deleted file mode 100644
index f6d8d5a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampAndCRL.java
+++ /dev/null

@@ -1,96 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.CertificateList;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5544">RFC 5544</a>
- * Binding Documents with Time-Stamps; TimeStampAndCRL object.
- * <pre>
- * TimeStampAndCRL ::= SEQUENCE {
- *     timeStamp   TimeStampToken,          -- according to RFC 3161
- *     crl         CertificateList OPTIONAL -- according to RFC 5280
- *  }
- * </pre>
- */
-public class TimeStampAndCRL
-    extends ASN1Object
-{
-    private ContentInfo timeStamp;
-    private CertificateList crl;
-
-    public TimeStampAndCRL(ContentInfo timeStamp)
-    {
-        this.timeStamp = timeStamp;
-    }
-
-    private TimeStampAndCRL(ASN1Sequence seq)
-    {
-        this.timeStamp = ContentInfo.getInstance(seq.getObjectAt(0));
-        if (seq.size() == 2)
-        {
-            this.crl = CertificateList.getInstance(seq.getObjectAt(1));
-        }
-    }
-
-    /**
-     * Return a TimeStampAndCRL object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link TimeStampAndCRL} object
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with TimeStampAndCRL structure inside
-     * </ul>
-     *
-     * @param obj the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static TimeStampAndCRL getInstance(Object obj)
-    {
-        if (obj instanceof TimeStampAndCRL)
-        {
-            return (TimeStampAndCRL)obj;
-        }
-        else if (obj != null)
-        {
-            return new TimeStampAndCRL(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public ContentInfo getTimeStampToken()
-    {
-        return this.timeStamp;
-    }
-
-    /** @deprecated use getCRL() */
-    public CertificateList getCertificateList()
-    {
-        return this.crl;
-    }
-
-    public CertificateList getCRL()
-    {
-        return this.crl;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(timeStamp);
-
-        if (crl != null)
-        {
-            v.add(crl);
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampTokenEvidence.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampTokenEvidence.java
deleted file mode 100644
index d290b15..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampTokenEvidence.java
+++ /dev/null

@@ -1,107 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5544">RFC 5544</a>
- * Binding Documents with Time-Stamps; TimeStampTokenEvidence object.
- * <pre>
- * TimeStampTokenEvidence ::=
- *    SEQUENCE SIZE(1..MAX) OF TimeStampAndCRL
- * </pre>
- */
-public class TimeStampTokenEvidence
-    extends ASN1Object
-{
-    private TimeStampAndCRL[] timeStampAndCRLs;
-
-    public TimeStampTokenEvidence(TimeStampAndCRL[] timeStampAndCRLs)
-    {
-        this.timeStampAndCRLs = copy(timeStampAndCRLs);
-    }
-
-    public TimeStampTokenEvidence(TimeStampAndCRL timeStampAndCRL)
-    {
-        this.timeStampAndCRLs = new TimeStampAndCRL[1];
-
-        timeStampAndCRLs[0] = timeStampAndCRL;
-    }
-
-    private TimeStampTokenEvidence(ASN1Sequence seq)
-    {
-        this.timeStampAndCRLs = new TimeStampAndCRL[seq.size()];
-
-        int count = 0;
-
-        for (Enumeration en = seq.getObjects(); en.hasMoreElements();)
-        {
-            timeStampAndCRLs[count++] = TimeStampAndCRL.getInstance(en.nextElement());
-        }
-    }
-
-    public static TimeStampTokenEvidence getInstance(ASN1TaggedObject tagged, boolean explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(tagged, explicit));
-    }
-
-    /**
-     * Return a TimeStampTokenEvidence object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link TimeStampTokenEvidence} object
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with TimeStampTokenEvidence structure inside
-     * </ul>
-     *
-     * @param obj the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static TimeStampTokenEvidence getInstance(Object obj)
-    {
-        if (obj instanceof TimeStampTokenEvidence)
-        {
-            return (TimeStampTokenEvidence)obj;
-        }
-        else if (obj != null)
-        {
-            return new TimeStampTokenEvidence(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public TimeStampAndCRL[] toTimeStampAndCRLArray()
-    {
-        return copy(timeStampAndCRLs);
-    }
-
-    private TimeStampAndCRL[] copy(TimeStampAndCRL[] tsAndCrls)
-    {
-        TimeStampAndCRL[] tmp = new TimeStampAndCRL[tsAndCrls.length];
-
-        System.arraycopy(tsAndCrls, 0, tmp, 0, tmp.length);
-
-        return tmp;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        for (int i = 0; i != timeStampAndCRLs.length; i++)
-        {
-            v.add(timeStampAndCRLs[i]);
-        }
-
-        return new DERSequence(v);
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampedData.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampedData.java
deleted file mode 100644
index f19061e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampedData.java
+++ /dev/null

@@ -1,131 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.BERSequence;
-import org.bouncycastle.asn1.DERIA5String;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5544">RFC 5544</a>:
- * Binding Documents with Time-Stamps; TimeStampedData object.
- * <p>
- * <pre>
- * TimeStampedData ::= SEQUENCE {
- *   version              INTEGER { v1(1) },
- *   dataUri              IA5String OPTIONAL,
- *   metaData             MetaData OPTIONAL,
- *   content              OCTET STRING OPTIONAL,
- *   temporalEvidence     Evidence
- * }
- * </pre>
- */
-public class TimeStampedData
-    extends ASN1Object
-{
-    private ASN1Integer version;
-    private DERIA5String dataUri;
-    private MetaData metaData;
-    private ASN1OctetString content;
-    private Evidence temporalEvidence;
-
-    public TimeStampedData(DERIA5String dataUri, MetaData metaData, ASN1OctetString content, Evidence temporalEvidence)
-    {
-        this.version = new ASN1Integer(1);
-        this.dataUri = dataUri;
-        this.metaData = metaData;
-        this.content = content;
-        this.temporalEvidence = temporalEvidence;
-    }
-
-    private TimeStampedData(ASN1Sequence seq)
-    {
-        this.version = ASN1Integer.getInstance(seq.getObjectAt(0));
-
-        int index = 1;
-        if (seq.getObjectAt(index) instanceof DERIA5String)
-        {
-            this.dataUri = DERIA5String.getInstance(seq.getObjectAt(index++));
-        }
-        if (seq.getObjectAt(index) instanceof MetaData || seq.getObjectAt(index) instanceof ASN1Sequence)
-        {
-            this.metaData = MetaData.getInstance(seq.getObjectAt(index++));
-        }
-        if (seq.getObjectAt(index) instanceof ASN1OctetString)
-        {
-            this.content = ASN1OctetString.getInstance(seq.getObjectAt(index++));
-        }
-        this.temporalEvidence = Evidence.getInstance(seq.getObjectAt(index));
-    }
-
-    /**
-     * Return a TimeStampedData object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link RecipientKeyIdentifier} object
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with TimeStampedData structure inside
-     * </ul>
-     *
-     * @param obj the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static TimeStampedData getInstance(Object obj)
-    {
-        if (obj == null || obj instanceof TimeStampedData)
-        {
-            return (TimeStampedData)obj;
-        }
-        return new TimeStampedData(ASN1Sequence.getInstance(obj));
-    }
-
-    public DERIA5String getDataUri()
-    {
-        return dataUri;
-    }
-
-    public MetaData getMetaData()
-    {
-        return metaData;
-    }
-
-    public ASN1OctetString getContent()
-    {
-        return content;
-    }
-
-    public Evidence getTemporalEvidence()
-    {
-        return temporalEvidence;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(version);
-
-        if (dataUri != null)
-        {
-            v.add(dataUri);
-        }
-
-        if (metaData != null)
-        {
-            v.add(metaData);
-        }
-
-        if (content != null)
-        {
-            v.add(content);
-        }
-
-        v.add(temporalEvidence);
-
-        return new BERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampedDataParser.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampedDataParser.java
deleted file mode 100644
index 07ede56..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/TimeStampedDataParser.java
+++ /dev/null

@@ -1,99 +0,0 @@
-package org.bouncycastle.asn1.cms;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1OctetStringParser;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1SequenceParser;
-import org.bouncycastle.asn1.DERIA5String;
-
-/**
- * Parser for <a href="http://tools.ietf.org/html/rfc5544">RFC 5544</a>:
- * {@link TimeStampedData} object.
- * <p>
- * <pre>
- * TimeStampedData ::= SEQUENCE {
- *   version              INTEGER { v1(1) },
- *   dataUri              IA5String OPTIONAL,
- *   metaData             MetaData OPTIONAL,
- *   content              OCTET STRING OPTIONAL,
- *   temporalEvidence     Evidence
- * }
- * </pre>
- */
-public class TimeStampedDataParser
-{
-    private ASN1Integer version;
-    private DERIA5String dataUri;
-    private MetaData metaData;
-    private ASN1OctetStringParser content;
-    private Evidence temporalEvidence;
-    private ASN1SequenceParser parser;
-
-    private TimeStampedDataParser(ASN1SequenceParser parser)
-        throws IOException
-    {
-        this.parser = parser;
-        this.version = ASN1Integer.getInstance(parser.readObject());
-
-        ASN1Encodable obj = parser.readObject();
-
-        if (obj instanceof DERIA5String)
-        {
-            this.dataUri = DERIA5String.getInstance(obj);
-            obj = parser.readObject();
-        }
-        if (obj instanceof MetaData || obj instanceof ASN1SequenceParser)
-        {
-            this.metaData = MetaData.getInstance(obj.toASN1Primitive());
-            obj = parser.readObject();
-        }
-        if (obj instanceof ASN1OctetStringParser)
-        {
-            this.content = (ASN1OctetStringParser)obj;
-        }
-    }
-
-    public static TimeStampedDataParser getInstance(Object obj)
-        throws IOException
-    {
-        if (obj instanceof ASN1Sequence)
-        {
-            return new TimeStampedDataParser(((ASN1Sequence)obj).parser());
-        }
-        if (obj instanceof ASN1SequenceParser)
-        {
-            return new TimeStampedDataParser((ASN1SequenceParser)obj);
-        }
-
-        return null;
-    }
-
-    public DERIA5String getDataUri()
-    {
-        return dataUri;
-    }
-
-    public MetaData getMetaData()
-    {
-        return metaData;
-    }
-
-    public ASN1OctetStringParser getContent()
-    {
-        return content;
-    }
-
-    public Evidence getTemporalEvidence()
-        throws IOException
-    {
-        if (temporalEvidence == null)
-        {
-            temporalEvidence = Evidence.getInstance(parser.readObject().toASN1Primitive());
-        }
-
-        return temporalEvidence;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/ecc/ECCCMSSharedInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/ecc/ECCCMSSharedInfo.java
deleted file mode 100644
index 5bfdc86..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/ecc/ECCCMSSharedInfo.java
+++ /dev/null

@@ -1,117 +0,0 @@
-package org.bouncycastle.asn1.cms.ecc;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.Arrays;
-
-/**
- * <pre>
- *     ECC-CMS-SharedInfo ::= SEQUENCE {
- *        keyInfo AlgorithmIdentifier,
- *        entityUInfo [0] EXPLICIT OCTET STRING OPTIONAL,
- *        suppPubInfo [2] EXPLICIT OCTET STRING   }
- * </pre>
- */
-public class ECCCMSSharedInfo
-    extends ASN1Object
-{
-
-    private final AlgorithmIdentifier keyInfo;
-    private final byte[] entityUInfo;
-    private final byte[] suppPubInfo;
-
-    public ECCCMSSharedInfo(
-        AlgorithmIdentifier keyInfo,
-        byte[] entityUInfo,
-        byte[] suppPubInfo)
-    {
-        this.keyInfo = keyInfo;
-        this.entityUInfo = Arrays.clone(entityUInfo);
-        this.suppPubInfo = Arrays.clone(suppPubInfo);
-    }
-
-    public ECCCMSSharedInfo(
-        AlgorithmIdentifier keyInfo,
-        byte[] suppPubInfo)
-    {
-        this.keyInfo = keyInfo;
-        this.entityUInfo = null;
-        this.suppPubInfo = Arrays.clone(suppPubInfo);
-    }
-
-    private ECCCMSSharedInfo(
-        ASN1Sequence seq)
-    {
-        this.keyInfo = AlgorithmIdentifier.getInstance(seq.getObjectAt(0));
-
-        if (seq.size() == 2)
-        {
-            this.entityUInfo = null;
-            this.suppPubInfo = ASN1OctetString.getInstance((ASN1TaggedObject)seq.getObjectAt(1), true).getOctets();
-        }
-        else
-        {
-            this.entityUInfo = ASN1OctetString.getInstance((ASN1TaggedObject)seq.getObjectAt(1), true).getOctets();
-            this.suppPubInfo = ASN1OctetString.getInstance((ASN1TaggedObject)seq.getObjectAt(2), true).getOctets();
-        }
-    }
-
-    /**
-     * Return an ECC-CMS-SharedInfo object from a tagged object.
-     *
-     * @param obj      the tagged object holding the object we want.
-     * @param explicit true if the object is meant to be explicitly
-     *                 tagged false otherwise.
-     * @throws IllegalArgumentException if the object held by the
-     *                                  tagged object cannot be converted.
-     */
-    public static ECCCMSSharedInfo getInstance(
-        ASN1TaggedObject obj,
-        boolean explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    public static ECCCMSSharedInfo getInstance(
-        Object obj)
-    {
-        if (obj instanceof ECCCMSSharedInfo)
-        {
-            return (ECCCMSSharedInfo)obj;
-        }
-        else if (obj != null)
-        {
-            return new ECCCMSSharedInfo(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(keyInfo);
-
-        if (entityUInfo != null)
-        {
-            v.add(new DERTaggedObject(true, 0, new DEROctetString(entityUInfo)));
-        }
-
-        v.add(new DERTaggedObject(true, 2, new DEROctetString(suppPubInfo)));
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/ecc/MQVuserKeyingMaterial.java b/bcprov/src/main/java/org/bouncycastle/asn1/cms/ecc/MQVuserKeyingMaterial.java
deleted file mode 100644
index 5036898..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/ecc/MQVuserKeyingMaterial.java
+++ /dev/null

@@ -1,127 +0,0 @@
-package org.bouncycastle.asn1.cms.ecc;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.cms.OriginatorPublicKey;
-
-/**
- * <a href="http://tools.ietf.org/html/rfc5753">RFC 5753/3278</a>: MQVuserKeyingMaterial object.
- * <pre>
- * MQVuserKeyingMaterial ::= SEQUENCE {
- *   ephemeralPublicKey OriginatorPublicKey,
- *   addedukm [0] EXPLICIT UserKeyingMaterial OPTIONAL  }
- * </pre>
- */
-public class MQVuserKeyingMaterial
-    extends ASN1Object
-{
-    private OriginatorPublicKey ephemeralPublicKey;
-    private ASN1OctetString addedukm;
-
-    public MQVuserKeyingMaterial(
-        OriginatorPublicKey ephemeralPublicKey,
-        ASN1OctetString addedukm)
-    {
-        if (ephemeralPublicKey == null)
-        {
-            throw new IllegalArgumentException("Ephemeral public key cannot be null");
-        }
-
-        this.ephemeralPublicKey = ephemeralPublicKey;
-        this.addedukm = addedukm;
-    }
-
-    private MQVuserKeyingMaterial(
-        ASN1Sequence seq)
-    {
-        if (seq.size() != 1 && seq.size() != 2)
-        {
-            throw new IllegalArgumentException("Sequence has incorrect number of elements");
-        }
-
-        this.ephemeralPublicKey = OriginatorPublicKey.getInstance(
-            seq.getObjectAt(0));
-
-        if (seq.size() > 1)
-        {
-            this.addedukm = ASN1OctetString.getInstance(
-                (ASN1TaggedObject)seq.getObjectAt(1), true);
-        }
-    }
-
-    /**
-     * Return an MQVuserKeyingMaterial object from a tagged object.
-     *
-     * @param obj      the tagged object holding the object we want.
-     * @param explicit true if the object is meant to be explicitly
-     *                 tagged false otherwise.
-     * @throws IllegalArgumentException if the object held by the
-     *                                  tagged object cannot be converted.
-     */
-    public static MQVuserKeyingMaterial getInstance(
-        ASN1TaggedObject obj,
-        boolean explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    /**
-     * Return an MQVuserKeyingMaterial object from the given object.
-     * <p>
-     * Accepted inputs:
-     * <ul>
-     * <li> null &rarr; null
-     * <li> {@link MQVuserKeyingMaterial} object
-     * <li> {@link org.bouncycastle.asn1.ASN1Sequence ASN1Sequence} with MQVuserKeyingMaterial inside it.
-     * </ul>
-     *
-     * @param obj the object we want converted.
-     * @throws IllegalArgumentException if the object cannot be converted.
-     */
-    public static MQVuserKeyingMaterial getInstance(
-        Object obj)
-    {
-        if (obj instanceof MQVuserKeyingMaterial)
-        {
-            return (MQVuserKeyingMaterial)obj;
-        }
-        else if (obj != null)
-        {
-            return new MQVuserKeyingMaterial(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public OriginatorPublicKey getEphemeralPublicKey()
-    {
-        return ephemeralPublicKey;
-    }
-
-    public ASN1OctetString getAddedukm()
-    {
-        return addedukm;
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        v.add(ephemeralPublicKey);
-
-        if (addedukm != null)
-        {
-            v.add(new DERTaggedObject(true, 0, addedukm));
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/ecc/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/cms/ecc/package.html
deleted file mode 100644
index 9d33025..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/ecc/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes for CMS ECC - RFC 5753/3278.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cms/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/cms/package.html
deleted file mode 100644
index c165a7a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cms/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes useful for encoding and supporting Cryptographic Message Syntax as described in PKCS#7 and RFC 3369 (formerly RFC 2630).
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/AttributeTypeAndValue.java b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/AttributeTypeAndValue.java
deleted file mode 100644
index ec7d283..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/AttributeTypeAndValue.java
+++ /dev/null

@@ -1,80 +0,0 @@
-package org.bouncycastle.asn1.crmf;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-public class AttributeTypeAndValue
-    extends ASN1Object
-{
-    private ASN1ObjectIdentifier type;
-    private ASN1Encodable       value;
-
-    private AttributeTypeAndValue(ASN1Sequence seq)
-    {
-        type = (ASN1ObjectIdentifier)seq.getObjectAt(0);
-        value = (ASN1Encodable)seq.getObjectAt(1);
-    }
-
-    public static AttributeTypeAndValue getInstance(Object o)
-    {
-        if (o instanceof AttributeTypeAndValue)
-        {
-            return (AttributeTypeAndValue)o;
-        }
-
-        if (o != null)
-        {
-            return new AttributeTypeAndValue(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public AttributeTypeAndValue(
-        String oid,
-        ASN1Encodable value)
-    {
-        this(new ASN1ObjectIdentifier(oid), value);
-    }
-
-    public AttributeTypeAndValue(
-        ASN1ObjectIdentifier type,
-        ASN1Encodable value)
-    {
-        this.type = type;
-        this.value = value;
-    }
-
-    public ASN1ObjectIdentifier getType()
-    {
-        return type;
-    }
-
-    public ASN1Encodable getValue()
-    {
-        return value;
-    }
-
-    /**
-     * <pre>
-     * AttributeTypeAndValue ::= SEQUENCE {
-     *           type         OBJECT IDENTIFIER,
-     *           value        ANY DEFINED BY type }
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(type);
-        v.add(value);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/CRMFObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/CRMFObjectIdentifiers.java
deleted file mode 100644
index 9db240c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/CRMFObjectIdentifiers.java
+++ /dev/null

@@ -1,36 +0,0 @@
-package org.bouncycastle.asn1.crmf;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-
-public interface CRMFObjectIdentifiers
-{
-    /** 1.3.6.1.5.5.7 */
-    static final ASN1ObjectIdentifier id_pkix = new ASN1ObjectIdentifier("1.3.6.1.5.5.7");
-
-    // arc for Internet X.509 PKI protocols and their components
-
-    /** 1.3.6.1.5.5.7.5 */
-    static final ASN1ObjectIdentifier id_pkip    = id_pkix.branch("5");
-
-    /** 1.3.6.1.5.5.7.1 */
-    static final ASN1ObjectIdentifier id_regCtrl = id_pkip.branch("1");
-    /** 1.3.6.1.5.5.7.1.1 */
-    static final ASN1ObjectIdentifier id_regCtrl_regToken           = id_regCtrl.branch("1");
-    /** 1.3.6.1.5.5.7.1.2 */
-    static final ASN1ObjectIdentifier id_regCtrl_authenticator      = id_regCtrl.branch("2");
-    /** 1.3.6.1.5.5.7.1.3 */
-    static final ASN1ObjectIdentifier id_regCtrl_pkiPublicationInfo = id_regCtrl.branch("3");
-    /** 1.3.6.1.5.5.7.1.4 */
-    static final ASN1ObjectIdentifier id_regCtrl_pkiArchiveOptions  = id_regCtrl.branch("4");
-
-    /** 1.2.840.113549.1.9.16.1,21 */
-    static final ASN1ObjectIdentifier id_ct_encKeyWithID = PKCSObjectIdentifiers.id_ct.branch("21");
-
-    /** 1.3.6.1.5.5.7.6 */
-    static final ASN1ObjectIdentifier id_alg    = id_pkix.branch("6");
-
-    static final ASN1ObjectIdentifier id_dh_sig_hmac_sha1 = id_alg.branch("3");
-
-    static final ASN1ObjectIdentifier id_alg_dh_pop = id_alg.branch("4");
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/CertId.java b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/CertId.java
deleted file mode 100644
index bd54c11..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/CertId.java
+++ /dev/null

@@ -1,84 +0,0 @@
-package org.bouncycastle.asn1.crmf;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.GeneralName;
-
-public class CertId
-    extends ASN1Object
-{
-    private GeneralName issuer;
-    private ASN1Integer serialNumber;
-
-    private CertId(ASN1Sequence seq)
-    {
-        issuer = GeneralName.getInstance(seq.getObjectAt(0));
-        serialNumber = ASN1Integer.getInstance(seq.getObjectAt(1));
-    }
-
-    public static CertId getInstance(Object o)
-    {
-        if (o instanceof CertId)
-        {
-            return (CertId)o;
-        }
-
-        if (o != null)
-        {
-            return new CertId(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public static CertId getInstance(ASN1TaggedObject obj, boolean isExplicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, isExplicit));
-    }
-
-    public CertId(GeneralName issuer, BigInteger serialNumber)
-    {
-        this(issuer, new ASN1Integer(serialNumber));
-    }
-
-    public CertId(GeneralName issuer, ASN1Integer serialNumber)
-    {
-        this.issuer = issuer;
-        this.serialNumber = serialNumber;
-    }
-
-    public GeneralName getIssuer()
-    {
-        return issuer;
-    }
-
-    public ASN1Integer getSerialNumber()
-    {
-        return serialNumber;
-    }
-
-    /**
-     * <pre>
-     * CertId ::= SEQUENCE {
-     *                 issuer           GeneralName,
-     *                 serialNumber     INTEGER }
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(issuer);
-        v.add(serialNumber);
-        
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/CertReqMessages.java b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/CertReqMessages.java
deleted file mode 100644
index aa48a18..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/CertReqMessages.java
+++ /dev/null

@@ -1,74 +0,0 @@
-package org.bouncycastle.asn1.crmf;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-public class CertReqMessages
-    extends ASN1Object
-{
-    private ASN1Sequence content;
-
-    private CertReqMessages(ASN1Sequence seq)
-    {
-        content = seq;
-    }
-
-    public static CertReqMessages getInstance(Object o)
-    {
-        if (o instanceof CertReqMessages)
-        {
-            return (CertReqMessages)o;
-        }
-
-        if (o != null)
-        {
-            return new CertReqMessages(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public CertReqMessages(
-        CertReqMsg msg)
-    {
-        content = new DERSequence(msg);
-    }
-
-    public CertReqMessages(
-        CertReqMsg[] msgs)
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        for (int i = 0; i < msgs.length; i++)
-        {
-            v.add(msgs[i]);
-        }
-        content = new DERSequence(v);
-    }
-
-    public CertReqMsg[] toCertReqMsgArray()
-    {
-        CertReqMsg[] result = new CertReqMsg[content.size()];
-
-        for (int i = 0; i != result.length; i++)
-        {
-            result[i] = CertReqMsg.getInstance(content.getObjectAt(i));
-        }
-
-        return result;
-    }
-
-    /**
-     * <pre>
-     * CertReqMessages ::= SEQUENCE SIZE (1..MAX) OF CertReqMsg
-     * </pre>
-     *
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return content;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/CertReqMsg.java b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/CertReqMsg.java
deleted file mode 100644
index 1ea22eb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/CertReqMsg.java
+++ /dev/null

@@ -1,152 +0,0 @@
-package org.bouncycastle.asn1.crmf;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-
-public class CertReqMsg
-    extends ASN1Object
-{
-    private CertRequest certReq;
-    private ProofOfPossession pop;
-    private ASN1Sequence regInfo;
-
-    private CertReqMsg(ASN1Sequence seq)
-    {
-        Enumeration en = seq.getObjects();
-
-        certReq = CertRequest.getInstance(en.nextElement());
-        while (en.hasMoreElements())
-        {
-            Object o = en.nextElement();
-
-            if (o instanceof ASN1TaggedObject || o instanceof ProofOfPossession)
-            {
-                pop = ProofOfPossession.getInstance(o);
-            }
-            else
-            {
-                regInfo = ASN1Sequence.getInstance(o);
-            }
-        }
-    }
-
-    public static CertReqMsg getInstance(Object o)
-    {
-        if (o instanceof CertReqMsg)
-        {
-            return (CertReqMsg)o;
-        }
-        else if (o != null)
-        {
-            return new CertReqMsg(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public static CertReqMsg getInstance(
-        ASN1TaggedObject obj,
-        boolean explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    /**
-     * Creates a new CertReqMsg.
-     * @param certReq CertRequest
-     * @param pop may be null
-     * @param regInfo may be null
-     */
-    public CertReqMsg(
-        CertRequest certReq,
-        ProofOfPossession pop,
-        AttributeTypeAndValue[] regInfo)
-    {
-        if (certReq == null)
-        {
-            throw new IllegalArgumentException("'certReq' cannot be null");
-        }
-
-        this.certReq = certReq;
-        this.pop = pop;
-
-        if (regInfo != null)
-        {
-            this.regInfo = new DERSequence(regInfo);
-        }
-    }
-
-    public CertRequest getCertReq()
-    {
-        return certReq;
-    }
-
-
-    /**
-     * @deprecated use getPopo
-     */
-    public ProofOfPossession getPop()
-    {
-        return pop;
-    }
-
-
-    public ProofOfPossession getPopo()
-    {
-        return pop;
-    }
-
-    public AttributeTypeAndValue[] getRegInfo()
-    {
-        if (regInfo == null)
-        {
-            return null;
-        }
-
-        AttributeTypeAndValue[] results = new AttributeTypeAndValue[regInfo.size()];
-
-        for (int i = 0; i != results.length; i++)
-        {
-            results[i] = AttributeTypeAndValue.getInstance(regInfo.getObjectAt(i));
-        }
-
-        return results;
-    }
-
-    /**
-     * <pre>
-     * CertReqMsg ::= SEQUENCE {
-     *                    certReq   CertRequest,
-     *                    popo       ProofOfPossession  OPTIONAL,
-     *                    -- content depends upon key type
-     *                    regInfo   SEQUENCE SIZE(1..MAX) OF AttributeTypeAndValue OPTIONAL }
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(certReq);
-
-        addOptional(v, pop);
-        addOptional(v, regInfo);
-
-        return new DERSequence(v);
-    }
-
-    private void addOptional(ASN1EncodableVector v, ASN1Encodable obj)
-    {
-        if (obj != null)
-        {
-            v.add(obj);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/CertRequest.java b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/CertRequest.java
deleted file mode 100644
index 70afe8e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/CertRequest.java
+++ /dev/null

@@ -1,97 +0,0 @@
-package org.bouncycastle.asn1.crmf;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-public class CertRequest
-    extends ASN1Object
-{
-    private ASN1Integer certReqId;
-    private CertTemplate certTemplate;
-    private Controls controls;
-
-    private CertRequest(ASN1Sequence seq)
-    {
-        certReqId = new ASN1Integer(ASN1Integer.getInstance(seq.getObjectAt(0)).getValue());
-        certTemplate = CertTemplate.getInstance(seq.getObjectAt(1));
-        if (seq.size() > 2)
-        {
-            controls = Controls.getInstance(seq.getObjectAt(2));
-        }
-    }
-
-    public static CertRequest getInstance(Object o)
-    {
-        if (o instanceof CertRequest)
-        {
-            return (CertRequest)o;
-        }
-        else if (o != null)
-        {
-            return new CertRequest(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public CertRequest(
-        int certReqId,
-        CertTemplate certTemplate,
-        Controls controls)
-    {
-        this(new ASN1Integer(certReqId), certTemplate, controls);
-    }
-
-    public CertRequest(
-        ASN1Integer certReqId,
-        CertTemplate certTemplate,
-        Controls controls)
-    {
-        this.certReqId = certReqId;
-        this.certTemplate = certTemplate;
-        this.controls = controls;
-    }
-
-    public ASN1Integer getCertReqId()
-    {
-        return certReqId;
-    }
-
-    public CertTemplate getCertTemplate()
-    {
-        return certTemplate;
-    }
-
-    public Controls getControls()
-    {
-        return controls;
-    }
-
-    /**
-     * <pre>
-     * CertRequest ::= SEQUENCE {
-     *                      certReqId     INTEGER,          -- ID for matching request and reply
-     *                      certTemplate  CertTemplate,  -- Selected fields of cert to be issued
-     *                      controls      Controls OPTIONAL }   -- Attributes affecting issuance
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(certReqId);
-        v.add(certTemplate);
-
-        if (controls != null)
-        {
-            v.add(controls);
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/CertTemplate.java b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/CertTemplate.java
deleted file mode 100644
index 2d77aad..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/CertTemplate.java
+++ /dev/null

@@ -1,173 +0,0 @@
-package org.bouncycastle.asn1.crmf;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.Extensions;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-
-public class CertTemplate
-    extends ASN1Object
-{
-    private ASN1Sequence seq;
-
-    private ASN1Integer version;
-    private ASN1Integer serialNumber;
-    private AlgorithmIdentifier signingAlg;
-    private X500Name issuer;
-    private OptionalValidity validity;
-    private X500Name subject;
-    private SubjectPublicKeyInfo publicKey;
-    private DERBitString issuerUID;
-    private DERBitString subjectUID;
-    private Extensions extensions;
-
-    private CertTemplate(ASN1Sequence seq)
-    {
-        this.seq = seq;
-
-        Enumeration en = seq.getObjects();
-        while (en.hasMoreElements())
-        {
-            ASN1TaggedObject tObj = (ASN1TaggedObject)en.nextElement();
-
-            switch (tObj.getTagNo())
-            {
-            case 0:
-                version = ASN1Integer.getInstance(tObj, false);
-                break;
-            case 1:
-                serialNumber = ASN1Integer.getInstance(tObj, false);
-                break;
-            case 2:
-                signingAlg = AlgorithmIdentifier.getInstance(tObj, false);
-                break;
-            case 3:
-                issuer = X500Name.getInstance(tObj, true); // CHOICE
-                break;
-            case 4:
-                validity = OptionalValidity.getInstance(ASN1Sequence.getInstance(tObj, false));
-                break;
-            case 5:
-                subject = X500Name.getInstance(tObj, true); // CHOICE
-                break;
-            case 6:
-                publicKey = SubjectPublicKeyInfo.getInstance(tObj, false);
-                break;
-            case 7:
-                issuerUID = DERBitString.getInstance(tObj, false);
-                break;
-            case 8:
-                subjectUID = DERBitString.getInstance(tObj, false);
-                break;
-            case 9:
-                extensions = Extensions.getInstance(tObj, false);
-                break;
-            default:
-                throw new IllegalArgumentException("unknown tag: " + tObj.getTagNo());
-            }
-        }
-    }
-
-    public static CertTemplate getInstance(Object o)
-    {
-        if (o instanceof CertTemplate)
-        {
-            return (CertTemplate)o;
-        }
-        else if (o != null)
-        {
-            return new CertTemplate(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    /**
-     * Return Version - -1 if not set.
-     *
-     * @return Version value.
-     */
-    public int getVersion()
-    {
-        if (version != null)
-        {
-            return version.getValue().intValue();
-        }
-
-        return -1;
-    }
-
-    public ASN1Integer getSerialNumber()
-    {
-        return serialNumber;
-    }
-
-    public AlgorithmIdentifier getSigningAlg()
-    {
-        return signingAlg;
-    }
-
-    public X500Name getIssuer()
-    {
-        return issuer;
-    }
-
-    public OptionalValidity getValidity()
-    {
-        return validity;
-    }
-
-    public X500Name getSubject()
-    {
-        return subject;
-    }
-
-    public SubjectPublicKeyInfo getPublicKey()
-    {
-        return publicKey;
-    }
-
-    public DERBitString getIssuerUID()
-    {
-        return issuerUID;
-    }
-
-    public DERBitString getSubjectUID()
-    {
-        return subjectUID;
-    }
-
-    public Extensions getExtensions()
-    {
-        return extensions;
-    }
-
-    /**
-     * <pre>
-     *  CertTemplate ::= SEQUENCE {
-     *      version      [0] Version               OPTIONAL,
-     *      serialNumber [1] INTEGER               OPTIONAL,
-     *      signingAlg   [2] AlgorithmIdentifier   OPTIONAL,
-     *      issuer       [3] Name                  OPTIONAL,
-     *      validity     [4] OptionalValidity      OPTIONAL,
-     *      subject      [5] Name                  OPTIONAL,
-     *      publicKey    [6] SubjectPublicKeyInfo  OPTIONAL,
-     *      issuerUID    [7] UniqueIdentifier      OPTIONAL,
-     *      subjectUID   [8] UniqueIdentifier      OPTIONAL,
-     *      extensions   [9] Extensions            OPTIONAL }
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return seq;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/CertTemplateBuilder.java b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/CertTemplateBuilder.java
deleted file mode 100644
index 9ea7430..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/CertTemplateBuilder.java
+++ /dev/null

@@ -1,150 +0,0 @@
-package org.bouncycastle.asn1.crmf;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.Extensions;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x509.X509Extensions;
-
-public class CertTemplateBuilder
-{
-    private ASN1Integer version;
-    private ASN1Integer serialNumber;
-    private AlgorithmIdentifier signingAlg;
-    private X500Name issuer;
-    private OptionalValidity validity;
-    private X500Name subject;
-    private SubjectPublicKeyInfo publicKey;
-    private DERBitString issuerUID;
-    private DERBitString subjectUID;
-    private Extensions extensions;
-
-    /** Sets the X.509 version. Note: for X509v3, use 2 here. */
-    public CertTemplateBuilder setVersion(int ver)
-    {
-        version = new ASN1Integer(ver);
-
-        return this;
-    }
-
-    public CertTemplateBuilder setSerialNumber(ASN1Integer ser)
-    {
-        serialNumber = ser;
-
-        return this;
-    }
-
-    public CertTemplateBuilder setSigningAlg(AlgorithmIdentifier aid)
-    {
-        signingAlg = aid;
-
-        return this;
-    }
-
-    public CertTemplateBuilder setIssuer(X500Name name)
-    {
-        issuer = name;
-
-        return this;
-    }
-
-    public CertTemplateBuilder setValidity(OptionalValidity v)
-    {
-        validity = v;
-
-        return this;
-    }
-
-    public CertTemplateBuilder setSubject(X500Name name)
-    {
-        subject = name;
-
-        return this;
-    }
-
-    public CertTemplateBuilder setPublicKey(SubjectPublicKeyInfo spki)
-    {
-        publicKey = spki;
-
-        return this;
-    }
-
-    /** Sets the issuer unique ID (deprecated in X.509v3) */
-    public CertTemplateBuilder setIssuerUID(DERBitString uid)
-    {
-        issuerUID = uid;
-
-        return this;
-    }
-
-    /** Sets the subject unique ID (deprecated in X.509v3) */
-    public CertTemplateBuilder setSubjectUID(DERBitString uid)
-    {
-        subjectUID = uid;
-
-        return this;
-    }
-
-    /**
-     * @deprecated use method taking Extensions
-     */
-    public CertTemplateBuilder setExtensions(X509Extensions extens)
-    {
-        return setExtensions(Extensions.getInstance(extens));
-    }
-
-    public CertTemplateBuilder setExtensions(Extensions extens)
-    {
-        extensions = extens;
-
-        return this;
-    }
-
-    /**
-     * <pre>
-     *  CertTemplate ::= SEQUENCE {
-     *      version      [0] Version               OPTIONAL,
-     *      serialNumber [1] INTEGER               OPTIONAL,
-     *      signingAlg   [2] AlgorithmIdentifier   OPTIONAL,
-     *      issuer       [3] Name                  OPTIONAL,
-     *      validity     [4] OptionalValidity      OPTIONAL,
-     *      subject      [5] Name                  OPTIONAL,
-     *      publicKey    [6] SubjectPublicKeyInfo  OPTIONAL,
-     *      issuerUID    [7] UniqueIdentifier      OPTIONAL,
-     *      subjectUID   [8] UniqueIdentifier      OPTIONAL,
-     *      extensions   [9] Extensions            OPTIONAL }
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public CertTemplate build()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        addOptional(v, 0, false, version);
-        addOptional(v, 1, false, serialNumber);
-        addOptional(v, 2, false, signingAlg);
-        addOptional(v, 3, true, issuer); // CHOICE
-        addOptional(v, 4, false, validity);
-        addOptional(v, 5, true, subject); // CHOICE
-        addOptional(v, 6, false, publicKey);
-        addOptional(v, 7, false, issuerUID);
-        addOptional(v, 8, false, subjectUID);
-        addOptional(v, 9, false, extensions);
-
-        return CertTemplate.getInstance(new DERSequence(v));
-    }
-
-    private void addOptional(ASN1EncodableVector v, int tagNo, boolean isExplicit, ASN1Encodable obj)
-    {
-        if (obj != null)
-        {
-            v.add(new DERTaggedObject(isExplicit, tagNo, obj));
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/Controls.java b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/Controls.java
deleted file mode 100644
index 2e188fe..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/Controls.java
+++ /dev/null

@@ -1,72 +0,0 @@
-package org.bouncycastle.asn1.crmf;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-public class Controls
-    extends ASN1Object
-{
-    private ASN1Sequence content;
-
-    private Controls(ASN1Sequence seq)
-    {
-        content = seq;
-    }
-
-    public static Controls getInstance(Object o)
-    {
-        if (o instanceof Controls)
-        {
-            return (Controls)o;
-        }
-
-        if (o != null)
-        {
-            return new Controls(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public Controls(AttributeTypeAndValue atv)
-    {
-        content = new DERSequence(atv);
-    }
-
-    public Controls(AttributeTypeAndValue[] atvs)
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        for (int i = 0; i < atvs.length; i++)
-        {
-            v.add(atvs[i]);
-        }
-        content = new DERSequence(v);
-    }
-
-    public AttributeTypeAndValue[] toAttributeTypeAndValueArray()
-    {
-        AttributeTypeAndValue[] result = new AttributeTypeAndValue[content.size()];
-
-        for (int i = 0; i != result.length; i++)
-        {
-            result[i] = AttributeTypeAndValue.getInstance(content.getObjectAt(i));
-        }
-
-        return result;
-    }
-
-    /**
-     * <pre>
-     * Controls  ::= SEQUENCE SIZE(1..MAX) OF AttributeTypeAndValue
-     * </pre>
-     *
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return content;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/DhSigStatic.java b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/DhSigStatic.java
deleted file mode 100644
index a7295e5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/DhSigStatic.java
+++ /dev/null

@@ -1,94 +0,0 @@
-package org.bouncycastle.asn1.crmf;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
-import org.bouncycastle.util.Arrays;
-
-/**
- * From RFC 2875 for Diffie-Hellman POP.
- * <pre>
- *     DhSigStatic ::= SEQUENCE {
- *         IssuerAndSerial IssuerAndSerialNumber OPTIONAL,
- *         hashValue       MessageDigest
- *     }
- * </pre>
- */
-public class DhSigStatic
-    extends ASN1Object
-{
-    private final IssuerAndSerialNumber issuerAndSerial;
-    private final ASN1OctetString hashValue;
-
-    public DhSigStatic(byte[] hashValue)
-    {
-        this(null, hashValue);
-    }
-
-    public DhSigStatic(IssuerAndSerialNumber issuerAndSerial, byte[] hashValue)
-    {
-        this.issuerAndSerial = issuerAndSerial;
-        this.hashValue = new DEROctetString(Arrays.clone(hashValue));
-    }
-
-    public static DhSigStatic getInstance(Object o)
-    {
-        if (o instanceof DhSigStatic)
-        {
-            return (DhSigStatic)o;
-        }
-        else if (o != null)
-        {
-            return new DhSigStatic(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    private DhSigStatic(ASN1Sequence seq)
-    {
-        if (seq.size() == 1)
-        {
-            issuerAndSerial = null;
-            hashValue = ASN1OctetString.getInstance(seq.getObjectAt(0));
-        }
-        else if (seq.size() == 2)
-        {
-            issuerAndSerial = IssuerAndSerialNumber.getInstance(seq.getObjectAt(0));
-            hashValue = ASN1OctetString.getInstance(seq.getObjectAt(1));
-        }
-        else
-        {
-            throw new IllegalArgumentException("sequence wrong length for DhSigStatic");
-        }
-    }
-
-    public IssuerAndSerialNumber getIssuerAndSerial()
-    {
-        return issuerAndSerial;
-    }
-
-    public byte[] getHashValue()
-    {
-        return Arrays.clone(hashValue.getOctets());
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        if (issuerAndSerial != null)
-        {
-            v.add(issuerAndSerial);
-        }
-
-        v.add(hashValue);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/EncKeyWithID.java b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/EncKeyWithID.java
deleted file mode 100644
index 4207217..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/EncKeyWithID.java
+++ /dev/null

@@ -1,117 +0,0 @@
-package org.bouncycastle.asn1.crmf;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.GeneralName;
-
-public class EncKeyWithID
-    extends ASN1Object
-{
-    private final PrivateKeyInfo privKeyInfo;
-    private final ASN1Encodable identifier;
-
-    public static EncKeyWithID getInstance(Object o)
-    {
-        if (o instanceof EncKeyWithID)
-        {
-            return (EncKeyWithID)o;
-        }
-        else if (o != null)
-        {
-            return new EncKeyWithID(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    private EncKeyWithID(ASN1Sequence seq)
-    {
-        this.privKeyInfo = PrivateKeyInfo.getInstance(seq.getObjectAt(0));
-
-        if (seq.size() > 1)
-        {
-            if (!(seq.getObjectAt(1) instanceof DERUTF8String))
-            {
-                this.identifier = GeneralName.getInstance(seq.getObjectAt(1));
-            }
-            else
-            {
-                this.identifier = (ASN1Encodable)seq.getObjectAt(1);
-            }
-        }
-        else
-        {
-            this.identifier = null;
-        }
-    }
-
-    public EncKeyWithID(PrivateKeyInfo privKeyInfo)
-    {
-        this.privKeyInfo = privKeyInfo;
-        this.identifier = null;
-    }
-
-    public EncKeyWithID(PrivateKeyInfo privKeyInfo, DERUTF8String str)
-    {
-        this.privKeyInfo = privKeyInfo;
-        this.identifier = str;
-    }
-
-    public EncKeyWithID(PrivateKeyInfo privKeyInfo, GeneralName generalName)
-    {
-        this.privKeyInfo = privKeyInfo;
-        this.identifier = generalName;
-    }
-
-    public PrivateKeyInfo getPrivateKey()
-    {
-        return privKeyInfo;
-    }
-
-    public boolean hasIdentifier()
-    {
-        return identifier != null;
-    }
-
-    public boolean isIdentifierUTF8String()
-    {
-        return identifier instanceof DERUTF8String;
-    }
-
-    public ASN1Encodable getIdentifier()
-    {
-        return identifier;
-    }
-    
-    /**
-     * <pre>
-     * EncKeyWithID ::= SEQUENCE {
-     *      privateKey           PrivateKeyInfo,
-     *      identifier CHOICE {
-     *         string               UTF8String,
-     *         generalName          GeneralName
-     *     } OPTIONAL
-     * }
-     * </pre>
-     * @return an ASN.1 primitive composition of this EncKeyWithID.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(privKeyInfo);
-
-        if (identifier != null)
-        {
-            v.add(identifier);
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/EncryptedKey.java b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/EncryptedKey.java
deleted file mode 100644
index 10ae47b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/EncryptedKey.java
+++ /dev/null

@@ -1,81 +0,0 @@
-package org.bouncycastle.asn1.crmf;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.cms.EnvelopedData;
-
-public class EncryptedKey
-    extends ASN1Object
-    implements ASN1Choice
-{
-    private EnvelopedData envelopedData;
-    private EncryptedValue encryptedValue;
-
-    public static EncryptedKey getInstance(Object o)
-    {
-        if (o instanceof EncryptedKey)
-        {
-            return (EncryptedKey)o;
-        }
-        else if (o instanceof ASN1TaggedObject)
-        {
-            return new EncryptedKey(EnvelopedData.getInstance((ASN1TaggedObject)o, false));
-        }
-        else if (o instanceof EncryptedValue)
-        {
-            return new EncryptedKey((EncryptedValue)o);
-        }
-        else
-        {
-            return new EncryptedKey(EncryptedValue.getInstance(o));
-        }
-    }
-
-    public EncryptedKey(EnvelopedData envelopedData)
-    {
-        this.envelopedData = envelopedData;
-    }
-
-    public EncryptedKey(EncryptedValue encryptedValue)
-    {
-        this.encryptedValue = encryptedValue;
-    }
-
-    public boolean isEncryptedValue()
-    {
-        return encryptedValue != null;
-    }
-
-    public ASN1Encodable getValue()
-    {
-        if (encryptedValue != null)
-        {
-            return encryptedValue;
-        }
-
-        return envelopedData;
-    }
-
-    /**
-     * <pre>
-     *    EncryptedKey ::= CHOICE {
-     *        encryptedValue        EncryptedValue, -- deprecated
-     *        envelopedData     [0] EnvelopedData }
-     *        -- The encrypted private key MUST be placed in the envelopedData
-     *        -- encryptedContentInfo encryptedContent OCTET STRING.
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        if (encryptedValue != null)
-        {
-            return encryptedValue.toASN1Primitive();
-        }
-
-        return new DERTaggedObject(false, 0, envelopedData);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/EncryptedValue.java b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/EncryptedValue.java
deleted file mode 100644
index 608b532..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/EncryptedValue.java
+++ /dev/null

@@ -1,166 +0,0 @@
-package org.bouncycastle.asn1.crmf;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-public class EncryptedValue
-    extends ASN1Object
-{
-    private AlgorithmIdentifier intendedAlg;
-    private AlgorithmIdentifier symmAlg;
-    private DERBitString        encSymmKey;
-    private AlgorithmIdentifier keyAlg;
-    private ASN1OctetString     valueHint;
-    private DERBitString        encValue;
-
-    private EncryptedValue(ASN1Sequence seq)
-    {
-        int index = 0;
-        while (seq.getObjectAt(index) instanceof ASN1TaggedObject)
-        {
-            ASN1TaggedObject tObj = (ASN1TaggedObject)seq.getObjectAt(index);
-
-            switch (tObj.getTagNo())
-            {
-            case 0:
-                intendedAlg = AlgorithmIdentifier.getInstance(tObj, false);
-                break;
-            case 1:
-                symmAlg = AlgorithmIdentifier.getInstance(tObj, false);
-                break;
-            case 2:
-                encSymmKey = DERBitString.getInstance(tObj, false);
-                break;
-            case 3:
-                keyAlg = AlgorithmIdentifier.getInstance(tObj, false);
-                break;
-            case 4:
-                valueHint = ASN1OctetString.getInstance(tObj, false);
-                break;
-            default:
-                throw new IllegalArgumentException("Unknown tag encountered: " + tObj.getTagNo());
-            }
-            index++;
-        }
-
-        encValue = DERBitString.getInstance(seq.getObjectAt(index));
-    }
-
-    public static EncryptedValue getInstance(Object o)
-    {
-        if (o instanceof EncryptedValue)
-        {
-            return (EncryptedValue)o;
-        }
-        else if (o != null)
-        {
-            return new EncryptedValue(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public EncryptedValue(
-        AlgorithmIdentifier intendedAlg,
-        AlgorithmIdentifier symmAlg,
-        DERBitString encSymmKey,
-        AlgorithmIdentifier keyAlg,
-        ASN1OctetString valueHint,
-        DERBitString encValue)
-    {
-        if (encValue == null)
-        {
-            throw new IllegalArgumentException("'encValue' cannot be null");
-        }
-
-        this.intendedAlg = intendedAlg;
-        this.symmAlg = symmAlg;
-        this.encSymmKey = encSymmKey;
-        this.keyAlg = keyAlg;
-        this.valueHint = valueHint;
-        this.encValue = encValue;
-    }
-
-    public AlgorithmIdentifier getIntendedAlg()
-    {
-        return intendedAlg;
-    }
-
-    public AlgorithmIdentifier getSymmAlg()
-    {
-        return symmAlg;
-    }
-
-    public DERBitString getEncSymmKey()
-    {
-        return encSymmKey;
-    }
-
-    public AlgorithmIdentifier getKeyAlg()
-    {
-        return keyAlg;
-    }
-
-    public ASN1OctetString getValueHint()
-    {
-        return valueHint;
-    }
-
-    public DERBitString getEncValue()
-    {
-        return encValue;
-    }
-
-    /**
-     * <pre>
-     * EncryptedValue ::= SEQUENCE {
-     *                     intendedAlg   [0] AlgorithmIdentifier  OPTIONAL,
-     *                     -- the intended algorithm for which the value will be used
-     *                     symmAlg       [1] AlgorithmIdentifier  OPTIONAL,
-     *                     -- the symmetric algorithm used to encrypt the value
-     *                     encSymmKey    [2] BIT STRING           OPTIONAL,
-     *                     -- the (encrypted) symmetric key used to encrypt the value
-     *                     keyAlg        [3] AlgorithmIdentifier  OPTIONAL,
-     *                     -- algorithm used to encrypt the symmetric key
-     *                     valueHint     [4] OCTET STRING         OPTIONAL,
-     *                     -- a brief description or identifier of the encValue content
-     *                     -- (may be meaningful only to the sending entity, and used only
-     *                     -- if EncryptedValue might be re-examined by the sending entity
-     *                     -- in the future)
-     *                     encValue       BIT STRING }
-     *                     -- the encrypted value itself
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        addOptional(v, 0, intendedAlg);
-        addOptional(v, 1, symmAlg);
-        addOptional(v, 2, encSymmKey);
-        addOptional(v, 3, keyAlg);
-        addOptional(v, 4, valueHint);
-
-        v.add(encValue);
-
-        return new DERSequence(v);
-    }
-
-    private void addOptional(ASN1EncodableVector v, int tagNo, ASN1Encodable obj)
-    {
-        if (obj != null)
-        {
-            v.add(new DERTaggedObject(false, tagNo, obj));
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/OptionalValidity.java b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/OptionalValidity.java
deleted file mode 100644
index 9174b5f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/OptionalValidity.java
+++ /dev/null

@@ -1,98 +0,0 @@
-package org.bouncycastle.asn1.crmf;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x509.Time;
-
-public class OptionalValidity
-    extends ASN1Object
-{
-    private Time notBefore;
-    private Time notAfter;
-
-    private OptionalValidity(ASN1Sequence seq)
-    {
-        Enumeration en = seq.getObjects();
-        while (en.hasMoreElements())
-        {
-            ASN1TaggedObject tObj = (ASN1TaggedObject)en.nextElement();
-
-            if (tObj.getTagNo() == 0)
-            {
-                notBefore = Time.getInstance(tObj, true);
-            }
-            else
-            {
-                notAfter = Time.getInstance(tObj, true);
-            }
-        }
-    }
-
-    public static OptionalValidity getInstance(Object o)
-    {
-        if (o instanceof OptionalValidity)
-        {
-            return (OptionalValidity)o;
-        }
-
-        if (o != null)
-        {
-            return new OptionalValidity(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public OptionalValidity(Time notBefore, Time notAfter)
-    {
-        if (notBefore == null && notAfter == null)
-        {
-            throw new IllegalArgumentException("at least one of notBefore/notAfter must not be null.");
-        }
-
-        this.notBefore = notBefore;
-        this.notAfter = notAfter;
-    }
-
-    public Time getNotBefore()
-    {
-        return notBefore;
-    }
-
-    public Time getNotAfter()
-    {
-        return notAfter;
-    }
-
-    /**
-     * <pre>
-     * OptionalValidity ::= SEQUENCE {
-     *                        notBefore  [0] Time OPTIONAL,
-     *                        notAfter   [1] Time OPTIONAL } --at least one MUST be present
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        if (notBefore != null)
-        {
-            v.add(new DERTaggedObject(true, 0, notBefore));
-        }
-
-        if (notAfter != null)
-        {
-            v.add(new DERTaggedObject(true, 1, notAfter));
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/PKIArchiveOptions.java b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/PKIArchiveOptions.java
deleted file mode 100644
index 46e0e44..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/PKIArchiveOptions.java
+++ /dev/null

@@ -1,116 +0,0 @@
-package org.bouncycastle.asn1.crmf;
-
-import org.bouncycastle.asn1.ASN1Boolean;
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERTaggedObject;
-
-public class PKIArchiveOptions
-    extends ASN1Object
-    implements ASN1Choice
-{
-    public static final int encryptedPrivKey = 0;
-    public static final int keyGenParameters = 1;
-    public static final int archiveRemGenPrivKey = 2;
-
-    private ASN1Encodable value;
-
-    public static PKIArchiveOptions getInstance(Object o)
-    {
-        if (o == null || o instanceof PKIArchiveOptions)
-        {
-            return (PKIArchiveOptions)o;
-        }
-        else if (o instanceof ASN1TaggedObject)
-        {
-            return new PKIArchiveOptions((ASN1TaggedObject)o);
-        }
-
-        throw new IllegalArgumentException("unknown object: " + o);
-    }
-
-    private PKIArchiveOptions(ASN1TaggedObject tagged)
-    {
-        switch (tagged.getTagNo())
-        {
-        case encryptedPrivKey:
-            value = EncryptedKey.getInstance(tagged.getObject());
-            break;
-        case keyGenParameters:
-            value = ASN1OctetString.getInstance(tagged, false);
-            break;
-        case archiveRemGenPrivKey:
-            value = ASN1Boolean.getInstance(tagged, false);
-            break;
-        default:
-            throw new IllegalArgumentException("unknown tag number: " + tagged.getTagNo());
-        }
-    }
-
-    public PKIArchiveOptions(EncryptedKey encKey)
-    {
-        this.value = encKey;
-    }
-
-    public PKIArchiveOptions(ASN1OctetString keyGenParameters)
-    {
-        this.value = keyGenParameters;
-    }
-
-    public PKIArchiveOptions(boolean archiveRemGenPrivKey)
-    {
-        this.value = ASN1Boolean.getInstance(archiveRemGenPrivKey);
-    }
-
-    public int getType()
-    {
-        if (value instanceof EncryptedKey)
-        {
-            return encryptedPrivKey;
-        }
-
-        if (value instanceof ASN1OctetString)
-        {
-            return keyGenParameters;
-        }
-
-        return archiveRemGenPrivKey;
-    }
-
-    public ASN1Encodable getValue()
-    {
-        return value;
-    }
-    
-    /**
-     * <pre>
-     *  PKIArchiveOptions ::= CHOICE {
-     *      encryptedPrivKey     [0] EncryptedKey,
-     *      -- the actual value of the private key
-     *      keyGenParameters     [1] KeyGenParameters,
-     *      -- parameters which allow the private key to be re-generated
-     *      archiveRemGenPrivKey [2] BOOLEAN }
-     *      -- set to TRUE if sender wishes receiver to archive the private
-     *      -- key of a key pair that the receiver generates in response to
-     *      -- this request; set to FALSE if no archival is desired.
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        if (value instanceof EncryptedKey)
-        {
-            return new DERTaggedObject(true, encryptedPrivKey, value);  // choice
-        }
-
-        if (value instanceof ASN1OctetString)
-        {
-            return new DERTaggedObject(false, keyGenParameters, value);
-        }
-
-        return new DERTaggedObject(false, archiveRemGenPrivKey, value);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/PKIPublicationInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/PKIPublicationInfo.java
deleted file mode 100644
index a2f598a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/PKIPublicationInfo.java
+++ /dev/null

@@ -1,136 +0,0 @@
-package org.bouncycastle.asn1.crmf;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <pre>
- * PKIPublicationInfo ::= SEQUENCE {
- *                  action     INTEGER {
- *                                 dontPublish (0),
- *                                 pleasePublish (1) },
- *                  pubInfos  SEQUENCE SIZE (1..MAX) OF SinglePubInfo OPTIONAL }
- * -- pubInfos MUST NOT be present if action is "dontPublish"
- * -- (if action is "pleasePublish" and pubInfos is omitted,
- * -- "dontCare" is assumed)
- * </pre>
- */
-public class PKIPublicationInfo
-    extends ASN1Object
-{
-    public static final ASN1Integer dontPublish = new ASN1Integer(0);
-    public static final ASN1Integer pleasePublish = new ASN1Integer(1);
-
-    private ASN1Integer action;
-    private ASN1Sequence pubInfos;
-
-    private PKIPublicationInfo(ASN1Sequence seq)
-    {
-        action = ASN1Integer.getInstance(seq.getObjectAt(0));
-        if (seq.size() > 1)
-        {
-            pubInfos = ASN1Sequence.getInstance(seq.getObjectAt(1));
-        }
-    }
-
-    public static PKIPublicationInfo getInstance(Object o)
-    {
-        if (o instanceof PKIPublicationInfo)
-        {
-            return (PKIPublicationInfo)o;
-        }
-
-        if (o != null)
-        {
-            return new PKIPublicationInfo(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public PKIPublicationInfo(BigInteger action)
-    {
-        this(new ASN1Integer(action));
-    }
-
-    public PKIPublicationInfo(ASN1Integer action)
-    {
-        this.action = action;
-    }
-
-    /**
-     * Constructor with a single pubInfo, assumes pleasePublish as the action.
-     *
-     * @param pubInfo the pubInfo to be published (can be null if don't care is required).
-     */
-    public PKIPublicationInfo(SinglePubInfo pubInfo)
-    {
-        this(pubInfo != null ? new SinglePubInfo[] { pubInfo } : (SinglePubInfo[])null);
-    }
-
-    /**
-     * Constructor with multiple pubInfo, assumes pleasePublish as the action.
-     *
-     * @param pubInfos the pubInfos to be published (can be null if don't care is required).
-     */
-    public PKIPublicationInfo(SinglePubInfo[] pubInfos)
-    {
-        this.action = pleasePublish;
-
-        if (pubInfos != null)
-        {
-            this.pubInfos = new DERSequence(pubInfos);
-        }
-        else
-        {
-            this.pubInfos = null;
-        }
-    }
-
-    public ASN1Integer getAction()
-    {
-        return action;
-    }
-
-    public SinglePubInfo[] getPubInfos()
-    {
-        if (pubInfos == null)
-        {
-            return null;
-        }
-
-        SinglePubInfo[] results = new SinglePubInfo[pubInfos.size()];
-
-        for (int i = 0; i != results.length; i++)
-        {
-            results[i] = SinglePubInfo.getInstance(pubInfos.getObjectAt(i));
-        }
-
-        return results;
-    }
-
-    /**
-     * Return the primitive representation of PKIPublicationInfo.
-     *
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(action);
-
-        if (pubInfos != null)
-        {
-            v.add(pubInfos);
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/PKMACValue.java b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/PKMACValue.java
deleted file mode 100644
index ebbf2dc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/PKMACValue.java
+++ /dev/null

@@ -1,104 +0,0 @@
-package org.bouncycastle.asn1.crmf;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cmp.CMPObjectIdentifiers;
-import org.bouncycastle.asn1.cmp.PBMParameter;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * Password-based MAC value for use with POPOSigningKeyInput.
- */
-public class PKMACValue
-    extends ASN1Object
-{
-    private AlgorithmIdentifier  algId;
-    private DERBitString        value;
-
-    private PKMACValue(ASN1Sequence seq)
-    {
-        algId = AlgorithmIdentifier.getInstance(seq.getObjectAt(0));
-        value = DERBitString.getInstance(seq.getObjectAt(1));
-    }
-
-    public static PKMACValue getInstance(Object o)
-    {
-        if (o instanceof PKMACValue)
-        {
-            return (PKMACValue)o;
-        }
-
-        if (o != null)
-        {
-            return new PKMACValue(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public static PKMACValue getInstance(ASN1TaggedObject obj, boolean isExplicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, isExplicit));
-    }
-
-    /**
-     * Creates a new PKMACValue.
-     * @param params parameters for password-based MAC
-     * @param value MAC of the DER-encoded SubjectPublicKeyInfo
-     */
-    public PKMACValue(
-        PBMParameter params,
-        DERBitString value)
-    {
-        this(new AlgorithmIdentifier(
-                    CMPObjectIdentifiers.passwordBasedMac, params), value);
-    }
-
-    /**
-     * Creates a new PKMACValue.
-     * @param aid CMPObjectIdentifiers.passwordBasedMAC, with PBMParameter
-     * @param value MAC of the DER-encoded SubjectPublicKeyInfo
-     */
-    public PKMACValue(
-        AlgorithmIdentifier aid,
-        DERBitString value)
-    {
-        this.algId = aid;
-        this.value = value;
-    }
-
-    public AlgorithmIdentifier getAlgId()
-    {
-        return algId;
-    }
-
-    public DERBitString getValue()
-    {
-        return value;
-    }
-
-    /**
-     * <pre>
-     * PKMACValue ::= SEQUENCE {
-     *      algId  AlgorithmIdentifier,
-     *      -- algorithm value shall be PasswordBasedMac 1.2.840.113533.7.66.13
-     *      -- parameter value is PBMParameter
-     *      value  BIT STRING }
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(algId);
-        v.add(value);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/POPOPrivKey.java b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/POPOPrivKey.java
deleted file mode 100644
index 6603f06..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/POPOPrivKey.java
+++ /dev/null

@@ -1,110 +0,0 @@
-package org.bouncycastle.asn1.crmf;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.cms.EnvelopedData;
-
-public class POPOPrivKey
-    extends ASN1Object
-    implements ASN1Choice
-{
-    public static final int thisMessage = 0;
-    public static final int subsequentMessage = 1;
-    public static final int dhMAC = 2;
-    public static final int agreeMAC = 3;
-    public static final int encryptedKey = 4;
-
-    private int tagNo;
-    private ASN1Encodable obj;
-
-    private POPOPrivKey(ASN1TaggedObject obj)
-    {
-        this.tagNo = obj.getTagNo();
-
-        switch (tagNo)
-        {
-        case thisMessage:
-            this.obj = DERBitString.getInstance(obj, false);
-            break;
-        case subsequentMessage:
-            this.obj = SubsequentMessage.valueOf(ASN1Integer.getInstance(obj, false).getValue().intValue());
-            break;
-        case dhMAC:
-            this.obj = DERBitString.getInstance(obj, false);
-            break;
-        case agreeMAC:
-            this.obj = PKMACValue.getInstance(obj, false);
-            break;
-        case encryptedKey:
-            this.obj = EnvelopedData.getInstance(obj, false);
-            break;
-        default:
-            throw new IllegalArgumentException("unknown tag in POPOPrivKey");
-        }
-    }
-
-    public static POPOPrivKey getInstance(Object obj)
-    {
-        if (obj instanceof POPOPrivKey)
-        {
-            return (POPOPrivKey)obj;
-        }
-        if (obj != null)
-        {
-            return new POPOPrivKey(ASN1TaggedObject.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public static POPOPrivKey getInstance(ASN1TaggedObject obj, boolean explicit)
-    {
-        return getInstance(ASN1TaggedObject.getInstance(obj, explicit));
-    }
-
-    public POPOPrivKey(PKMACValue agreeMac)
-    {
-        this.tagNo = agreeMAC;
-        this.obj = agreeMac;
-    }
-
-    public POPOPrivKey(SubsequentMessage msg)
-    {
-        this.tagNo = subsequentMessage;
-        this.obj = msg;
-    }
-
-    public int getType()
-    {
-        return tagNo;
-    }
-
-    public ASN1Encodable getValue()
-    {
-        return obj;
-    }
-
-    /**
-     * <pre>
-     * POPOPrivKey ::= CHOICE {
-     *        thisMessage       [0] BIT STRING,         -- Deprecated
-     *         -- possession is proven in this message (which contains the private
-     *         -- key itself (encrypted for the CA))
-     *        subsequentMessage [1] SubsequentMessage,
-     *         -- possession will be proven in a subsequent message
-     *        dhMAC             [2] BIT STRING,         -- Deprecated
-     *        agreeMAC          [3] PKMACValue,
-     *        encryptedKey      [4] EnvelopedData }
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return new DERTaggedObject(false, tagNo, obj);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/POPOSigningKey.java b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/POPOSigningKey.java
deleted file mode 100644
index 43dd05b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/POPOSigningKey.java
+++ /dev/null

@@ -1,127 +0,0 @@
-package org.bouncycastle.asn1.crmf;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-public class POPOSigningKey
-    extends ASN1Object
-{
-    private POPOSigningKeyInput poposkInput;
-    private AlgorithmIdentifier algorithmIdentifier;
-    private DERBitString signature;
-
-    private POPOSigningKey(ASN1Sequence seq)
-    {
-        int index = 0;
-
-        if (seq.getObjectAt(index) instanceof ASN1TaggedObject)
-        {
-            ASN1TaggedObject tagObj
-                = (ASN1TaggedObject)seq.getObjectAt(index++);
-            if (tagObj.getTagNo() != 0)
-            {
-                throw new IllegalArgumentException(
-                    "Unknown POPOSigningKeyInput tag: " + tagObj.getTagNo());
-            }
-            poposkInput = POPOSigningKeyInput.getInstance(tagObj.getObject());
-        }
-        algorithmIdentifier = AlgorithmIdentifier.getInstance(seq.getObjectAt(index++));
-        signature = DERBitString.getInstance(seq.getObjectAt(index));
-    }
-
-    public static POPOSigningKey getInstance(Object o)
-    {
-        if (o instanceof POPOSigningKey)
-        {
-            return (POPOSigningKey)o;
-        }
-
-        if (o != null)
-        {
-            return new POPOSigningKey(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public static POPOSigningKey getInstance(ASN1TaggedObject obj, boolean explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    /**
-     * Creates a new Proof of Possession object for a signing key.
-     *
-     * @param poposkIn  the POPOSigningKeyInput structure, or null if the
-     *                  CertTemplate includes both subject and publicKey values.
-     * @param aid       the AlgorithmIdentifier used to sign the proof of possession.
-     * @param signature a signature over the DER-encoded value of poposkIn,
-     *                  or the DER-encoded value of certReq if poposkIn is null.
-     */
-    public POPOSigningKey(
-        POPOSigningKeyInput poposkIn,
-        AlgorithmIdentifier aid,
-        DERBitString signature)
-    {
-        this.poposkInput = poposkIn;
-        this.algorithmIdentifier = aid;
-        this.signature = signature;
-    }
-
-    public POPOSigningKeyInput getPoposkInput()
-    {
-        return poposkInput;
-    }
-
-    public AlgorithmIdentifier getAlgorithmIdentifier()
-    {
-        return algorithmIdentifier;
-    }
-
-    public DERBitString getSignature()
-    {
-        return signature;
-    }
-
-    /**
-     * <pre>
-     * POPOSigningKey ::= SEQUENCE {
-     *                      poposkInput           [0] POPOSigningKeyInput OPTIONAL,
-     *                      algorithmIdentifier   AlgorithmIdentifier,
-     *                      signature             BIT STRING }
-     *  -- The signature (using "algorithmIdentifier") is on the
-     *  -- DER-encoded value of poposkInput.  NOTE: If the CertReqMsg
-     *  -- certReq CertTemplate contains the subject and publicKey values,
-     *  -- then poposkInput MUST be omitted and the signature MUST be
-     *  -- computed on the DER-encoded value of CertReqMsg certReq.  If
-     *  -- the CertReqMsg certReq CertTemplate does not contain the public
-     *  -- key and subject values, then poposkInput MUST be present and
-     *  -- MUST be signed.  This strategy ensures that the public key is
-     *  -- not present in both the poposkInput and CertReqMsg certReq
-     *  -- CertTemplate fields.
-     * </pre>
-     *
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        if (poposkInput != null)
-        {
-            v.add(new DERTaggedObject(false, 0, poposkInput));
-        }
-
-        v.add(algorithmIdentifier);
-        v.add(signature);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/POPOSigningKeyInput.java b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/POPOSigningKeyInput.java
deleted file mode 100644
index 54d828e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/POPOSigningKeyInput.java
+++ /dev/null

@@ -1,134 +0,0 @@
-package org.bouncycastle.asn1.crmf;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-
-public class POPOSigningKeyInput
-    extends ASN1Object
-{
-    private GeneralName sender;
-    private PKMACValue publicKeyMAC;
-    private SubjectPublicKeyInfo publicKey;
-
-    private POPOSigningKeyInput(ASN1Sequence seq)
-    {
-        ASN1Encodable authInfo = (ASN1Encodable)seq.getObjectAt(0);
-
-        if (authInfo instanceof ASN1TaggedObject)
-        {
-            ASN1TaggedObject tagObj = (ASN1TaggedObject)authInfo;
-            if (tagObj.getTagNo() != 0)
-            {
-                throw new IllegalArgumentException(
-                    "Unknown authInfo tag: " + tagObj.getTagNo());
-            }
-            sender = GeneralName.getInstance(tagObj.getObject());
-        }
-        else
-        {
-            publicKeyMAC = PKMACValue.getInstance(authInfo);
-        }
-
-        publicKey = SubjectPublicKeyInfo.getInstance(seq.getObjectAt(1));
-    }
-
-    public static POPOSigningKeyInput getInstance(Object o)
-    {
-        if (o instanceof POPOSigningKeyInput)
-        {
-            return (POPOSigningKeyInput)o;
-        }
-
-        if (o != null)
-        {
-            return new POPOSigningKeyInput(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    /**
-     *  Creates a new POPOSigningKeyInput with sender name as authInfo.
-     */
-    public POPOSigningKeyInput(
-        GeneralName sender,
-        SubjectPublicKeyInfo spki)
-    {
-        this.sender = sender;
-        this.publicKey = spki;
-    }
-
-    /**
-     * Creates a new POPOSigningKeyInput using password-based MAC.
-     */
-    public POPOSigningKeyInput(
-        PKMACValue pkmac,
-        SubjectPublicKeyInfo spki)
-    {
-        this.publicKeyMAC = pkmac;
-        this.publicKey = spki;
-    }
-
-    /**
-     * Returns the sender field, or null if authInfo is publicKeyMAC
-     */
-    public GeneralName getSender()
-    {
-        return sender;
-    }
-
-    /**
-     * Returns the publicKeyMAC field, or null if authInfo is sender
-     */
-    public PKMACValue getPublicKeyMAC()
-    {
-        return publicKeyMAC;
-    }
-
-    public SubjectPublicKeyInfo getPublicKey()
-    {
-        return publicKey;
-    }
-
-    /**
-     * <pre>
-     * POPOSigningKeyInput ::= SEQUENCE {
-     *        authInfo             CHOICE {
-     *                                 sender              [0] GeneralName,
-     *                                 -- used only if an authenticated identity has been
-     *                                 -- established for the sender (e.g., a DN from a
-     *                                 -- previously-issued and currently-valid certificate
-     *                                 publicKeyMAC        PKMACValue },
-     *                                 -- used if no authenticated GeneralName currently exists for
-     *                                 -- the sender; publicKeyMAC contains a password-based MAC
-     *                                 -- on the DER-encoded value of publicKey
-     *        publicKey           SubjectPublicKeyInfo }  -- from CertTemplate
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        if (sender != null)
-        {
-            v.add(new DERTaggedObject(false, 0, sender));
-        }
-        else
-        {
-            v.add(publicKeyMAC);
-        }
-
-        v.add(publicKey);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/ProofOfPossession.java b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/ProofOfPossession.java
deleted file mode 100644
index 8ff2342..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/ProofOfPossession.java
+++ /dev/null

@@ -1,108 +0,0 @@
-package org.bouncycastle.asn1.crmf;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DERTaggedObject;
-
-public class ProofOfPossession
-    extends ASN1Object
-    implements ASN1Choice
-{
-    public static final int TYPE_RA_VERIFIED = 0;
-    public static final int TYPE_SIGNING_KEY = 1;
-    public static final int TYPE_KEY_ENCIPHERMENT = 2;
-    public static final int TYPE_KEY_AGREEMENT = 3;
-
-    private int tagNo;
-    private ASN1Encodable obj;
-
-    private ProofOfPossession(ASN1TaggedObject tagged)
-    {
-        tagNo = tagged.getTagNo();
-        switch (tagNo)
-        {
-        case 0:
-            obj = DERNull.INSTANCE;
-            break;
-        case 1:
-            obj = POPOSigningKey.getInstance(tagged, false);
-            break;
-        case 2:
-        case 3:
-            obj = POPOPrivKey.getInstance(tagged, true);
-            break;
-        default:
-            throw new IllegalArgumentException("unknown tag: " + tagNo);
-        }
-    }
-
-    public static ProofOfPossession getInstance(Object o)
-    {
-        if (o == null || o instanceof ProofOfPossession)
-        {
-            return (ProofOfPossession)o;
-        }
-
-        if (o instanceof ASN1TaggedObject)
-        {
-            return new ProofOfPossession((ASN1TaggedObject)o);
-        }
-
-        throw new IllegalArgumentException("Invalid object: " + o.getClass().getName());
-    }
-
-    /** Creates a ProofOfPossession with type raVerified. */
-    public ProofOfPossession()
-    {
-        tagNo = TYPE_RA_VERIFIED;
-        obj = DERNull.INSTANCE;
-    }
-
-    /** Creates a ProofOfPossession for a signing key. */
-    public ProofOfPossession(POPOSigningKey poposk)
-    {
-        tagNo = TYPE_SIGNING_KEY;
-        obj = poposk;
-    }
-
-    /**
-     * Creates a ProofOfPossession for key encipherment or agreement.
-     * @param type one of TYPE_KEY_ENCIPHERMENT or TYPE_KEY_AGREEMENT
-     */
-    public ProofOfPossession(int type, POPOPrivKey privkey)
-    {
-        tagNo = type;
-        obj = privkey;
-    }
-
-    public int getType()
-    {
-        return tagNo;
-    }
-
-    public ASN1Encodable getObject()
-    {
-        return obj;
-    }
-
-    /**
-     * <pre>
-     * ProofOfPossession ::= CHOICE {
-     *                           raVerified        [0] NULL,
-     *                           -- used if the RA has already verified that the requester is in
-     *                           -- possession of the private key
-     *                           signature         [1] POPOSigningKey,
-     *                           keyEncipherment   [2] POPOPrivKey,
-     *                           keyAgreement      [3] POPOPrivKey }
-     * </pre>
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return new DERTaggedObject(false, tagNo, obj);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/SinglePubInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/SinglePubInfo.java
deleted file mode 100644
index 06aa7b7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/SinglePubInfo.java
+++ /dev/null

@@ -1,92 +0,0 @@
-package org.bouncycastle.asn1.crmf;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.GeneralName;
-
-/**
- * <pre>
- * SinglePubInfo ::= SEQUENCE {
- *        pubMethod    INTEGER {
- *           dontCare    (0),
- *           x500        (1),
- *           web         (2),
- *           ldap        (3) },
- *       pubLocation  GeneralName OPTIONAL }
- * </pre>
- */
-public class SinglePubInfo
-    extends ASN1Object
-{
-    public static final ASN1Integer dontCare = new ASN1Integer(0);
-    public static final ASN1Integer x500 = new ASN1Integer(1);
-    public static final ASN1Integer web = new ASN1Integer(2);
-    public static final ASN1Integer ldap = new ASN1Integer(3);
-
-    private ASN1Integer pubMethod;
-    private GeneralName pubLocation;
-
-    private SinglePubInfo(ASN1Sequence seq)
-    {
-        pubMethod = ASN1Integer.getInstance(seq.getObjectAt(0));
-
-        if (seq.size() == 2)
-        {
-            pubLocation = GeneralName.getInstance(seq.getObjectAt(1));
-        }
-    }
-
-    public static SinglePubInfo getInstance(Object o)
-    {
-        if (o instanceof SinglePubInfo)
-        {
-            return (SinglePubInfo)o;
-        }
-
-        if (o != null)
-        {
-            return new SinglePubInfo(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public SinglePubInfo(ASN1Integer pubMethod, GeneralName pubLocation)
-    {
-        this.pubMethod = pubMethod;
-        this.pubLocation = pubLocation;
-    }
-
-    public ASN1Integer getPubMethod()
-    {
-        return pubMethod;
-    }
-
-    public GeneralName getPubLocation()
-    {
-        return pubLocation;
-    }
-
-    /**
-     * Return the primitive representation of SinglePubInfo.
-     *
-     * @return a basic ASN.1 object representation.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(pubMethod);
-
-        if (pubLocation != null)
-        {
-            v.add(pubLocation);
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/SubsequentMessage.java b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/SubsequentMessage.java
deleted file mode 100644
index 4691722..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/SubsequentMessage.java
+++ /dev/null

@@ -1,29 +0,0 @@
-package org.bouncycastle.asn1.crmf;
-
-import org.bouncycastle.asn1.ASN1Integer;
-
-public class SubsequentMessage
-    extends ASN1Integer
-{
-    public static final SubsequentMessage encrCert = new SubsequentMessage(0);
-    public static final SubsequentMessage challengeResp = new SubsequentMessage(1);
-    
-    private SubsequentMessage(int value)
-    {
-        super(value);
-    }
-
-    public static SubsequentMessage valueOf(int value)
-    {
-        if (value == 0)
-        {
-            return encrCert;
-        }
-        if (value == 1)
-        {
-            return challengeResp;
-        }
-
-        throw new IllegalArgumentException("unknown value: " + value);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/crmf/package.html
deleted file mode 100644
index c804924..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/crmf/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes useful for encoding and supporting PKIX-CRMF as described RFC 4211.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cryptlib/CryptlibObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/cryptlib/CryptlibObjectIdentifiers.java
deleted file mode 100644
index 88dd03f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cryptlib/CryptlibObjectIdentifiers.java
+++ /dev/null

@@ -1,12 +0,0 @@
-package org.bouncycastle.asn1.cryptlib;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-
-public class CryptlibObjectIdentifiers
-{
-    public static final ASN1ObjectIdentifier cryptlib = new ASN1ObjectIdentifier("1.3.6.1.4.1.3029");
-
-    public static final ASN1ObjectIdentifier ecc = cryptlib.branch("1").branch("5");
-
-    public static final ASN1ObjectIdentifier curvey25519 = ecc.branch("1");
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/CryptoProObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/CryptoProObjectIdentifiers.java
deleted file mode 100644
index 1299056..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/CryptoProObjectIdentifiers.java
+++ /dev/null

@@ -1,111 +0,0 @@
-package org.bouncycastle.asn1.cryptopro;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-
-/**
- * <pre>
- * GOST Algorithms OBJECT IDENTIFIERS :
- *    { iso(1) member-body(2) ru(643) rans(2) cryptopro(2)}
- * </pre>
- */
-public interface CryptoProObjectIdentifiers
-{
-    /** Base OID: 1.2.643.2.2 */
-    static final ASN1ObjectIdentifier    GOST_id            = new ASN1ObjectIdentifier("1.2.643.2.2");
-
-    /** Gost R3411 OID: 1.2.643.2.2.9 */
-    static final ASN1ObjectIdentifier    gostR3411          = GOST_id.branch("9");
-    /** Gost R3411 HMAC OID: 1.2.643.2.2.10 */
-    static final ASN1ObjectIdentifier    gostR3411Hmac      = GOST_id.branch("10");
-
-    static final ASN1ObjectIdentifier    id_Gost28147_89_None_KeyWrap =  GOST_id.branch("13.0");
-    static final ASN1ObjectIdentifier    id_Gost28147_89_CryptoPro_KeyWrap =  GOST_id.branch("13.1");
-
-    /** Gost R28147 OID: 1.2.643.2.2.21 */
-    static final ASN1ObjectIdentifier    gostR28147_gcfb = GOST_id.branch("21");
-
-    /** Gost R28147-89-CryotoPro-A-ParamSet OID: 1.2.643.2.2.31.0 */
-    static final ASN1ObjectIdentifier    id_Gost28147_89_CryptoPro_TestParamSet = GOST_id.branch("31.0");
-
-    /** Gost R28147-89-CryotoPro-A-ParamSet OID: 1.2.643.2.2.31.1 */
-    static final ASN1ObjectIdentifier    id_Gost28147_89_CryptoPro_A_ParamSet = GOST_id.branch("31.1");
-
-    /** Gost R28147-89-CryotoPro-B-ParamSet OID: 1.2.643.2.2.31.2 */
-    static final ASN1ObjectIdentifier    id_Gost28147_89_CryptoPro_B_ParamSet = GOST_id.branch("31.2");
-
-    /** Gost R28147-89-CryotoPro-C-ParamSet OID: 1.2.643.2.2.31.3 */
-    static final ASN1ObjectIdentifier    id_Gost28147_89_CryptoPro_C_ParamSet = GOST_id.branch("31.3");
-
-    /** Gost R28147-89-CryotoPro-D-ParamSet OID: 1.2.643.2.2.31.4 */
-    static final ASN1ObjectIdentifier    id_Gost28147_89_CryptoPro_D_ParamSet = GOST_id.branch("31.4");
-
-    /** Gost R3410-94 OID: 1.2.643.2.2.20 */
-    static final ASN1ObjectIdentifier    gostR3410_94       = GOST_id.branch("20");
-    /** Gost R3410-2001 OID: 1.2.643.2.2.19 */
-    static final ASN1ObjectIdentifier    gostR3410_2001     = GOST_id.branch("19");
-
-    /** Gost R3411-94-with-R3410-94 OID: 1.2.643.2.2.4 */
-    static final ASN1ObjectIdentifier    gostR3411_94_with_gostR3410_94   = GOST_id.branch("4");
-    /** Gost R3411-94-with-R3410-2001 OID: 1.2.643.2.2.3 */
-    static final ASN1ObjectIdentifier    gostR3411_94_with_gostR3410_2001 = GOST_id.branch("3");
-
-    /**
-     * { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) hashes(30) }
-     * <p>
-     * Gost R3411-94-CryptoProParamSet OID: 1.2.643.2.2.30.1
-     */
-    static final ASN1ObjectIdentifier    gostR3411_94_CryptoProParamSet = GOST_id.branch("30.1");
-
-    /**
-     * { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) signs(32) }
-     * <p>
-     * Gost R3410-94-CryptoPro-A OID: 1.2.643.2.2.32.2
-     */
-    static final ASN1ObjectIdentifier    gostR3410_94_CryptoPro_A     = GOST_id.branch("32.2");
-    /** Gost R3410-94-CryptoPro-B OID: 1.2.643.2.2.32.3 */
-    static final ASN1ObjectIdentifier    gostR3410_94_CryptoPro_B     = GOST_id.branch("32.3");
-    /** Gost R3410-94-CryptoPro-C OID: 1.2.643.2.2.32.4 */
-    static final ASN1ObjectIdentifier    gostR3410_94_CryptoPro_C     = GOST_id.branch("32.4");
-    /** Gost R3410-94-CryptoPro-D OID: 1.2.643.2.2.32.5 */
-    static final ASN1ObjectIdentifier    gostR3410_94_CryptoPro_D     = GOST_id.branch("32.5");
-
-    /**
-     * { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) exchanges(33) }
-     * <p>
-     * Gost R3410-94-CryptoPro-XchA OID: 1.2.643.2.2.33.1
-     */
-    static final ASN1ObjectIdentifier    gostR3410_94_CryptoPro_XchA  = GOST_id.branch("33.1");
-    /** Gost R3410-94-CryptoPro-XchB OID: 1.2.643.2.2.33.2 */
-    static final ASN1ObjectIdentifier    gostR3410_94_CryptoPro_XchB  = GOST_id.branch("33.2");
-    /** Gost R3410-94-CryptoPro-XchC OID: 1.2.643.2.2.33.3 */
-    static final ASN1ObjectIdentifier    gostR3410_94_CryptoPro_XchC  = GOST_id.branch("33.3");
-
-    /**
-     * { iso(1) member-body(2)ru(643) rans(2) cryptopro(2) ecc-signs(35) }
-     * <p>
-     * Gost R3410-2001-CryptoPro-A OID: 1.2.643.2.2.35.1
-     */
-    static final ASN1ObjectIdentifier    gostR3410_2001_CryptoPro_A = GOST_id.branch("35.1");
-    /** Gost R3410-2001-CryptoPro-B OID: 1.2.643.2.2.35.2 */
-    static final ASN1ObjectIdentifier    gostR3410_2001_CryptoPro_B = GOST_id.branch("35.2");
-    /** Gost R3410-2001-CryptoPro-C OID: 1.2.643.2.2.35.3 */
-    static final ASN1ObjectIdentifier    gostR3410_2001_CryptoPro_C = GOST_id.branch("35.3");
-
-    /**
-     * { iso(1) member-body(2) ru(643) rans(2) cryptopro(2) ecc-exchanges(36) }
-     * <p>
-     * Gost R3410-2001-CryptoPro-XchA OID: 1.2.643.2.2.36.0
-     */
-    static final ASN1ObjectIdentifier    gostR3410_2001_CryptoPro_XchA  = GOST_id.branch("36.0");
-    /** Gost R3410-2001-CryptoPro-XchA OID: 1.2.643.2.2.36.1 */
-    static final ASN1ObjectIdentifier    gostR3410_2001_CryptoPro_XchB  = GOST_id.branch("36.1");
-    
-    /** Gost R3410-ElSqDH3410-default OID: 1.2.643.2.2.36.0 */
-    static final ASN1ObjectIdentifier    gost_ElSgDH3410_default    = GOST_id.branch("36.0");
-    /** Gost R3410-ElSqDH3410-1 OID: 1.2.643.2.2.36.1 */
-    static final ASN1ObjectIdentifier    gost_ElSgDH3410_1          = GOST_id.branch("36.1");
-
-    static final ASN1ObjectIdentifier    gostR3410_2001_CryptoPro_ESDH = GOST_id.branch("96");
-
-    static final ASN1ObjectIdentifier    gostR3410_2001DH = GOST_id.branch("98");
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/ECGOST3410NamedCurves.java b/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/ECGOST3410NamedCurves.java
deleted file mode 100644
index f7520b6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/ECGOST3410NamedCurves.java
+++ /dev/null

@@ -1,248 +0,0 @@
-package org.bouncycastle.asn1.cryptopro;
-
-import java.math.BigInteger;
-import java.util.Enumeration;
-import java.util.Hashtable;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-
-/**
- * table of the available named parameters for GOST 3410-2001 / 2012.
- */
-public class ECGOST3410NamedCurves
-{
-    static final Hashtable objIds = new Hashtable();
-    static final Hashtable params = new Hashtable();
-    static final Hashtable names = new Hashtable();
-
-    static
-    {
-        BigInteger mod_p = new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639319");
-        BigInteger mod_q = new BigInteger("115792089237316195423570985008687907853073762908499243225378155805079068850323");
-
-        ECCurve.Fp curve = new ECCurve.Fp(
-            mod_p, // p
-            new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639316"), // a
-            new BigInteger("166"), // b
-            mod_q, ECConstants.ONE);
-
-        ECDomainParameters ecParams = new ECDomainParameters(
-            curve,
-            curve.createPoint(
-                new BigInteger("1"), // x
-                new BigInteger("64033881142927202683649881450433473985931760268884941288852745803908878638612")), // y
-            mod_q, ECConstants.ONE);
-
-        params.put(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_A, ecParams);  
-
-        mod_p = new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639319");
-        mod_q = new BigInteger("115792089237316195423570985008687907853073762908499243225378155805079068850323");
-
-        curve = new ECCurve.Fp(
-            mod_p, // p
-            new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639316"),
-            new BigInteger("166"),
-            mod_q, ECConstants.ONE);
-
-        ecParams = new ECDomainParameters(
-            curve,
-            curve.createPoint(
-                new BigInteger("1"), // x
-                new BigInteger("64033881142927202683649881450433473985931760268884941288852745803908878638612")), // y
-            mod_q, ECConstants.ONE);
-
-        params.put(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_XchA, ecParams); 
-
-        mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564823193"); //p
-        mod_q = new BigInteger("57896044618658097711785492504343953927102133160255826820068844496087732066703"); //q
-
-        curve = new ECCurve.Fp(
-            mod_p, // p
-            new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564823190"), // a
-            new BigInteger("28091019353058090096996979000309560759124368558014865957655842872397301267595"), // b
-            mod_q, ECConstants.ONE);
-
-        ecParams = new ECDomainParameters(
-            curve,
-            curve.createPoint(
-                new BigInteger("1"), // x
-                new BigInteger("28792665814854611296992347458380284135028636778229113005756334730996303888124")), // y
-            mod_q, ECConstants.ONE);
-
-        params.put(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_B, ecParams);  
-
-        mod_p = new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502619");
-        mod_q = new BigInteger("70390085352083305199547718019018437840920882647164081035322601458352298396601");
-
-        curve = new ECCurve.Fp(
-            mod_p, // p
-            new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502616"),
-            new BigInteger("32858"),
-            mod_q, ECConstants.ONE);
-
-        ecParams = new ECDomainParameters(
-            curve,
-            curve.createPoint(
-                new BigInteger("0"),
-                new BigInteger("29818893917731240733471273240314769927240550812383695689146495261604565990247")),
-            mod_q, ECConstants.ONE);
-
-        params.put(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_XchB, ecParams);  
-
-        mod_p = new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502619"); //p
-        mod_q = new BigInteger("70390085352083305199547718019018437840920882647164081035322601458352298396601"); //q
-        curve = new ECCurve.Fp(
-            mod_p, // p
-            new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502616"), // a
-            new BigInteger("32858"), // b
-            mod_q, ECConstants.ONE);
-
-        ecParams = new ECDomainParameters(
-            curve,
-            curve.createPoint(
-                new BigInteger("0"), // x
-                new BigInteger("29818893917731240733471273240314769927240550812383695689146495261604565990247")), // y
-            mod_q, ECConstants.ONE);
-
-        params.put(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_C, ecParams);
-
-        //GOST34.10 2012
-        mod_p = new BigInteger("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD97", 16); //p
-        mod_q = new BigInteger("400000000000000000000000000000000FD8CDDFC87B6635C115AF556C360C67", 16); //q
-        curve = new ECCurve.Fp(
-            mod_p, // p
-            new BigInteger("C2173F1513981673AF4892C23035A27CE25E2013BF95AA33B22C656F277E7335", 16), // a
-            new BigInteger("295F9BAE7428ED9CCC20E7C359A9D41A22FCCD9108E17BF7BA9337A6F8AE9513", 16), // b
-            mod_q, ECConstants.FOUR);
-
-        ecParams = new ECDomainParameters(
-            curve,
-            curve.createPoint(
-                new BigInteger("91E38443A5E82C0D880923425712B2BB658B9196932E02C78B2582FE742DAA28", 16), // x
-                new BigInteger("32879423AB1A0375895786C4BB46E9565FDE0B5344766740AF268ADB32322E5C", 16)), // y
-            mod_q, ECConstants.FOUR);
-        params.put(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256_paramSetA, ecParams);
-
-        mod_p = new BigInteger("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFDC7",16); //p
-        mod_q = new BigInteger("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF27E69532F48D89116FF22B8D4E0560609B4B38ABFAD2B85DCACDB1411F10B275",16); //q
-        curve = new ECCurve.Fp(
-            mod_p, // p
-            new BigInteger("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFDC4",16), // a
-            new BigInteger("E8C2505DEDFC86DDC1BD0B2B6667F1DA34B82574761CB0E879BD081CFD0B6265EE3CB090F30D27614CB4574010DA90DD862EF9D4EBEE4761503190785A71C760",16), // b
-            mod_q, ECConstants.ONE);
-
-        ecParams = new ECDomainParameters(
-            curve,
-            curve.createPoint(
-                new BigInteger("00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000003"), // x
-                new BigInteger("7503CFE87A836AE3A61B8816E25450E6CE5E1C93ACF1ABC1778064FDCBEFA921DF1626BE4FD036E93D75E6A50E3A41E98028FE5FC235F5B889A589CB5215F2A4",16)), // y
-            mod_q, ECConstants.ONE);
-        params.put(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetA, ecParams);
-
-        mod_p = new BigInteger("8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006F",16); //p
-        mod_q = new BigInteger("800000000000000000000000000000000000000000000000000000000000000149A1EC142565A545ACFDB77BD9D40CFA8B996712101BEA0EC6346C54374F25BD",16); //q
-        curve = new ECCurve.Fp(
-            mod_p, // p
-            new BigInteger("8000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006C",16), // a
-            new BigInteger("687D1B459DC841457E3E06CF6F5E2517B97C7D614AF138BCBF85DC806C4B289F3E965D2DB1416D217F8B276FAD1AB69C50F78BEE1FA3106EFB8CCBC7C5140116",16), // b
-            mod_q, ECConstants.ONE);
-
-        ecParams = new ECDomainParameters(
-            curve,
-            curve.createPoint(
-                new BigInteger("00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000002"), // x
-                new BigInteger("1A8F7EDA389B094C2C071E3647A8940F3C123B697578C213BE6DD9E6C8EC7335DCB228FD1EDF4A39152CBCAAF8C0398828041055F94CEEEC7E21340780FE41BD",16)), // y
-            mod_q, ECConstants.ONE);
-        params.put(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetB, ecParams);
-
-        mod_p = new BigInteger("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFDC7",16); //p
-        mod_q = new BigInteger("3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC98CDBA46506AB004C33A9FF5147502CC8EDA9E7A769A12694623CEF47F023ED",16); //q
-        curve = new ECCurve.Fp(
-            mod_p, // p
-            new BigInteger("DC9203E514A721875485A529D2C722FB187BC8980EB866644DE41C68E143064546E861C0E2C9EDD92ADE71F46FCF50FF2AD97F951FDA9F2A2EB6546F39689BD3",16), // a
-            new BigInteger("B4C4EE28CEBC6C2C8AC12952CF37F16AC7EFB6A9F69F4B57FFDA2E4F0DE5ADE038CBC2FFF719D2C18DE0284B8BFEF3B52B8CC7A5F5BF0A3C8D2319A5312557E1",16), // b
-            mod_q, ECConstants.FOUR);
-
-        ecParams = new ECDomainParameters(
-            curve,
-            curve.createPoint(
-                new BigInteger("E2E31EDFC23DE7BDEBE241CE593EF5DE2295B7A9CBAEF021D385F7074CEA043AA27272A7AE602BF2A7B9033DB9ED3610C6FB85487EAE97AAC5BC7928C1950148", 16), // x
-                new BigInteger("F5CE40D95B5EB899ABBCCFF5911CB8577939804D6527378B8C108C3D2090FF9BE18E2D33E3021ED2EF32D85822423B6304F726AA854BAE07D0396E9A9ADDC40F",16)), // y
-            mod_q, ECConstants.FOUR);
-        params.put(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetC, ecParams);
-
-
-
-        objIds.put("GostR3410-2001-CryptoPro-A", CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_A);
-        objIds.put("GostR3410-2001-CryptoPro-B", CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_B);
-        objIds.put("GostR3410-2001-CryptoPro-C", CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_C);
-        objIds.put("GostR3410-2001-CryptoPro-XchA", CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_XchA);
-        objIds.put("GostR3410-2001-CryptoPro-XchB", CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_XchB);
-        objIds.put("Tc26-Gost-3410-12-256-paramSetA", RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256_paramSetA);
-        objIds.put("Tc26-Gost-3410-12-512-paramSetA", RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetA);
-        objIds.put("Tc26-Gost-3410-12-512-paramSetB", RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetB);
-        objIds.put("Tc26-Gost-3410-12-512-paramSetC", RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetC);
-
-        names.put(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_A, "GostR3410-2001-CryptoPro-A");
-        names.put(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_B, "GostR3410-2001-CryptoPro-B");
-        names.put(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_C, "GostR3410-2001-CryptoPro-C");
-        names.put(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_XchA, "GostR3410-2001-CryptoPro-XchA");
-        names.put(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_XchB, "GostR3410-2001-CryptoPro-XchB");
-        names.put(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256_paramSetA, "Tc26-Gost-3410-12-256-paramSetA");
-        names.put(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetA, "Tc26-Gost-3410-12-512-paramSetA");
-        names.put(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetB, "Tc26-Gost-3410-12-512-paramSetB");
-        names.put(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetC, "Tc26-Gost-3410-12-512-paramSetC");
-    }
-
-    /**
-     * return the ECDomainParameters object for the given OID, null if it 
-     * isn't present.
-     *
-     * @param oid an object identifier representing a named parameters, if present.
-     */
-    public static ECDomainParameters getByOID(
-        ASN1ObjectIdentifier  oid)
-    {
-        return (ECDomainParameters)params.get(oid);
-    }
-
-    /**
-     * returns an enumeration containing the name strings for parameters
-     * contained in this structure.
-     */
-    public static Enumeration getNames()
-    {
-        return names.elements();
-    }
-
-    public static ECDomainParameters getByName(
-        String  name)
-    {
-        ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)objIds.get(name);
-
-        if (oid != null)
-        {
-            return (ECDomainParameters)params.get(oid);
-        }
-
-        return null;
-    }
-
-    /**
-     * return the named curve name represented by the given object identifier.
-     */
-    public static String getName(
-        ASN1ObjectIdentifier  oid)
-    {
-        return (String)names.get(oid);
-    }
-    
-    public static ASN1ObjectIdentifier getOID(String name)
-    {
-        return (ASN1ObjectIdentifier)objIds.get(name);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/ECGOST3410ParamSetParameters.java b/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/ECGOST3410ParamSetParameters.java
deleted file mode 100644
index 189eabd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/ECGOST3410ParamSetParameters.java
+++ /dev/null

@@ -1,99 +0,0 @@
-package org.bouncycastle.asn1.cryptopro;
-
-import java.math.BigInteger;
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-
-public class ECGOST3410ParamSetParameters
-    extends ASN1Object
-{
-    ASN1Integer      p, q, a, b, x, y;
-
-    public static ECGOST3410ParamSetParameters getInstance(
-        ASN1TaggedObject obj,
-        boolean          explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    public static ECGOST3410ParamSetParameters getInstance(
-        Object obj)
-    {
-        if(obj == null || obj instanceof ECGOST3410ParamSetParameters)
-        {
-            return (ECGOST3410ParamSetParameters)obj;
-        }
-
-        if(obj instanceof ASN1Sequence)
-        {
-            return new ECGOST3410ParamSetParameters((ASN1Sequence)obj);
-        }
-
-        throw new IllegalArgumentException("Invalid GOST3410Parameter: " + obj.getClass().getName());
-    }
-
-    public ECGOST3410ParamSetParameters(
-        BigInteger a,
-        BigInteger b,
-        BigInteger p,
-        BigInteger q,
-        int        x,
-        BigInteger y)
-    {
-        this.a = new ASN1Integer(a);
-        this.b = new ASN1Integer(b);
-        this.p = new ASN1Integer(p);
-        this.q = new ASN1Integer(q);
-        this.x = new ASN1Integer(x);
-        this.y = new ASN1Integer(y);
-    }
-
-    public ECGOST3410ParamSetParameters(
-        ASN1Sequence  seq)
-    {
-        Enumeration     e = seq.getObjects();
-
-        a = (ASN1Integer)e.nextElement();
-        b = (ASN1Integer)e.nextElement();
-        p = (ASN1Integer)e.nextElement();
-        q = (ASN1Integer)e.nextElement();
-        x = (ASN1Integer)e.nextElement();
-        y = (ASN1Integer)e.nextElement();
-    }
-    
-    public BigInteger getP()
-    {
-        return p.getPositiveValue();
-    }
-
-    public BigInteger getQ()
-    {
-        return q.getPositiveValue();
-    }
-
-    public BigInteger getA()
-    {
-        return a.getPositiveValue();
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        v.add(a);
-        v.add(b);
-        v.add(p);
-        v.add(q);
-        v.add(x);
-        v.add(y);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/GOST28147Parameters.java b/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/GOST28147Parameters.java
deleted file mode 100644
index 909db0a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/GOST28147Parameters.java
+++ /dev/null

@@ -1,105 +0,0 @@
-package org.bouncycastle.asn1.cryptopro;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.util.Arrays;
-
-/**
- * ASN.1 algorithm identifier parameters for GOST-28147
- */
-public class GOST28147Parameters
-    extends ASN1Object
-{
-    private ASN1OctetString iv;
-    private ASN1ObjectIdentifier paramSet;
-
-    public static GOST28147Parameters getInstance(
-        ASN1TaggedObject obj,
-        boolean          explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    public static GOST28147Parameters getInstance(
-        Object obj)
-    {
-        if (obj instanceof GOST28147Parameters)
-        {
-            return (GOST28147Parameters)obj;
-        }
-
-        if (obj != null)
-        {
-            return new GOST28147Parameters(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public GOST28147Parameters(
-        byte[] iv,
-        ASN1ObjectIdentifier paramSet)
-    {
-        this.iv = new DEROctetString(iv);
-        this.paramSet = paramSet;
-    }
-
-    private GOST28147Parameters(
-        ASN1Sequence  seq)
-    {
-        Enumeration     e = seq.getObjects();
-
-        iv = (ASN1OctetString)e.nextElement();
-        paramSet = (ASN1ObjectIdentifier)e.nextElement();
-    }
-
-    /**
-     * <pre>
-     * Gost28147-89-Parameters ::=
-     *               SEQUENCE {
-     *                       iv                   Gost28147-89-IV,
-     *                       encryptionParamSet   OBJECT IDENTIFIER
-     *                }
-     *
-     *   Gost28147-89-IV ::= OCTET STRING (SIZE (8))
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        v.add(iv);
-        v.add(paramSet);
-
-        return new DERSequence(v);
-    }
-
-    /**
-     * Return the OID representing the sBox to use.
-     *
-     * @return the sBox OID.
-     */
-    public ASN1ObjectIdentifier getEncryptionParamSet()
-    {
-        return paramSet;
-    }
-
-    /**
-     * Return the initialisation vector to use.
-     *
-     * @return the IV.
-     */
-    public byte[] getIV()
-    {
-        return Arrays.clone(iv.getOctets());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/GOST3410NamedParameters.java b/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/GOST3410NamedParameters.java
deleted file mode 100644
index 6c398b5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/GOST3410NamedParameters.java
+++ /dev/null

@@ -1,116 +0,0 @@
-package org.bouncycastle.asn1.cryptopro;
-
-import java.math.BigInteger;
-import java.util.Enumeration;
-import java.util.Hashtable;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-
-/**
- * table of the available named parameters for GOST 3410-94.
- */
-public class GOST3410NamedParameters
-{
-    static final Hashtable objIds = new Hashtable();
-    static final Hashtable params = new Hashtable();
-    static final Hashtable names = new Hashtable();
-
-    static private GOST3410ParamSetParameters cryptoProA = new GOST3410ParamSetParameters(
-            1024,
-            new BigInteger("127021248288932417465907042777176443525787653508916535812817507265705031260985098497423188333483401180925999995120988934130659205614996724254121049274349357074920312769561451689224110579311248812610229678534638401693520013288995000362260684222750813532307004517341633685004541062586971416883686778842537820383"),
-            new BigInteger("68363196144955700784444165611827252895102170888761442055095051287550314083023"),
-            new BigInteger("100997906755055304772081815535925224869841082572053457874823515875577147990529272777244152852699298796483356699682842027972896052747173175480590485607134746852141928680912561502802222185647539190902656116367847270145019066794290930185446216399730872221732889830323194097355403213400972588322876850946740663962")
-//            validationAlgorithm {
-//                    algorithm
-//                        id-GostR3410-94-bBis,
-//                    parameters
-//                        GostR3410-94-ValidationBisParameters: {
-//                            x0      1376285941,
-//                            c       3996757427
-//                        }
-//                }
-
-           );
-    
-    static private GOST3410ParamSetParameters cryptoProB = new GOST3410ParamSetParameters(
-            1024,
-            new BigInteger("139454871199115825601409655107690713107041707059928031797758001454375765357722984094124368522288239833039114681648076688236921220737322672160740747771700911134550432053804647694904686120113087816240740184800477047157336662926249423571248823968542221753660143391485680840520336859458494803187341288580489525163"),
-            new BigInteger("79885141663410976897627118935756323747307951916507639758300472692338873533959"),
-            new BigInteger("42941826148615804143873447737955502392672345968607143066798112994089471231420027060385216699563848719957657284814898909770759462613437669456364882730370838934791080835932647976778601915343474400961034231316672578686920482194932878633360203384797092684342247621055760235016132614780652761028509445403338652341")
-//    validationAlgorithm {
-//            algorithm
-//                id-GostR3410-94-bBis,
-//            parameters
-//                GostR3410-94-ValidationBisParameters: {
-//                    x0      1536654555,
-//                    c       1855361757,
-//                    d       14408629386140014567655
-//4902939282056547857802241461782996702017713059974755104394739915140
-//6115284791024439062735788342744854120601660303926203867703556828005
-//8957203818114895398976594425537561271800850306
-//                }
-//        }
-//}
-         );
-
-    static private GOST3410ParamSetParameters cryptoProXchA = new GOST3410ParamSetParameters(
-    1024,
-    new BigInteger("142011741597563481196368286022318089743276138395243738762872573441927459393512718973631166078467600360848946623567625795282774719212241929071046134208380636394084512691828894000571524625445295769349356752728956831541775441763139384457191755096847107846595662547942312293338483924514339614727760681880609734239"),
-    new BigInteger("91771529896554605945588149018382750217296858393520724172743325725474374979801"),
-    new BigInteger("133531813272720673433859519948319001217942375967847486899482359599369642528734712461590403327731821410328012529253871914788598993103310567744136196364803064721377826656898686468463277710150809401182608770201615324990468332931294920912776241137878030224355746606283971659376426832674269780880061631528163475887")
-   );
-    
-    static
-    {      
-        params.put(CryptoProObjectIdentifiers.gostR3410_94_CryptoPro_A, cryptoProA);       
-        params.put(CryptoProObjectIdentifiers.gostR3410_94_CryptoPro_B, cryptoProB);       
-//        params.put(CryptoProObjectIdentifiers.gostR3410_94_CryptoPro_C, cryptoProC);       
-//        params.put(CryptoProObjectIdentifiers.gostR3410_94_CryptoPro_D, cryptoProD);       
-        params.put(CryptoProObjectIdentifiers.gostR3410_94_CryptoPro_XchA, cryptoProXchA);       
-//        params.put(CryptoProObjectIdentifiers.gostR3410_94_CryptoPro_XchB, cryptoProXchA);   
-//        params.put(CryptoProObjectIdentifiers.gostR3410_94_CryptoPro_XchC, cryptoProXchA);
-        
-        objIds.put("GostR3410-94-CryptoPro-A", CryptoProObjectIdentifiers.gostR3410_94_CryptoPro_A);
-        objIds.put("GostR3410-94-CryptoPro-B", CryptoProObjectIdentifiers.gostR3410_94_CryptoPro_B);
-        objIds.put("GostR3410-94-CryptoPro-XchA", CryptoProObjectIdentifiers.gostR3410_94_CryptoPro_XchA);
-    }
-
-    /**
-     * return the GOST3410ParamSetParameters object for the given OID, null if it 
-     * isn't present.
-     *
-     * @param oid an object identifier representing a named parameters, if present.
-     */
-    public static GOST3410ParamSetParameters getByOID(
-        ASN1ObjectIdentifier  oid)
-    {
-        return (GOST3410ParamSetParameters)params.get(oid);
-    }
-
-    /**
-     * returns an enumeration containing the name strings for parameters
-     * contained in this structure.
-     */
-    public static Enumeration getNames()
-    {
-        return objIds.keys();
-    }
-
-    public static GOST3410ParamSetParameters getByName(
-        String  name)
-    {
-        ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)objIds.get(name);
-
-        if (oid != null)
-        {
-            return (GOST3410ParamSetParameters)params.get(oid);
-        }
-
-        return null;
-    }
-
-    public static ASN1ObjectIdentifier getOID(String name)
-    {
-        return (ASN1ObjectIdentifier)objIds.get(name);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/GOST3410ParamSetParameters.java b/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/GOST3410ParamSetParameters.java
deleted file mode 100644
index 35e9b73..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/GOST3410ParamSetParameters.java
+++ /dev/null

@@ -1,105 +0,0 @@
-package org.bouncycastle.asn1.cryptopro;
-
-import java.math.BigInteger;
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-
-public class GOST3410ParamSetParameters
-    extends ASN1Object
-{
-    int             keySize;
-    ASN1Integer      p, q, a;
-
-    public static GOST3410ParamSetParameters getInstance(
-        ASN1TaggedObject obj,
-        boolean          explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    public static GOST3410ParamSetParameters getInstance(
-        Object obj)
-    {
-        if(obj == null || obj instanceof GOST3410ParamSetParameters)
-        {
-            return (GOST3410ParamSetParameters)obj;
-        }
-
-        if(obj instanceof ASN1Sequence)
-        {
-            return new GOST3410ParamSetParameters((ASN1Sequence)obj);
-        }
-
-        throw new IllegalArgumentException("Invalid GOST3410Parameter: " + obj.getClass().getName());
-    }
-
-    public GOST3410ParamSetParameters(
-        int keySize,
-        BigInteger  p,
-        BigInteger  q,
-        BigInteger  a)
-    {
-        this.keySize = keySize;
-        this.p = new ASN1Integer(p);
-        this.q = new ASN1Integer(q);
-        this.a = new ASN1Integer(a);
-    }
-
-    public GOST3410ParamSetParameters(
-        ASN1Sequence  seq)
-    {
-        Enumeration     e = seq.getObjects();
-
-        keySize = ((ASN1Integer)e.nextElement()).getValue().intValue();
-        p = (ASN1Integer)e.nextElement();
-        q = (ASN1Integer)e.nextElement();
-        a = (ASN1Integer)e.nextElement();
-    }
-
-    /**
-     * @deprecated use getKeySize
-     */
-    public int getLKeySize()
-    {
-        return keySize;
-    }
-
-    public int getKeySize()
-    {
-        return keySize;
-    }
-    
-    public BigInteger getP()
-    {
-        return p.getPositiveValue();
-    }
-
-    public BigInteger getQ()
-    {
-        return q.getPositiveValue();
-    }
-
-    public BigInteger getA()
-    {
-        return a.getPositiveValue();
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        v.add(new ASN1Integer(keySize));
-        v.add(p);
-        v.add(q);
-        v.add(a);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/GOST3410PublicKeyAlgParameters.java b/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/GOST3410PublicKeyAlgParameters.java
deleted file mode 100644
index 45d7814..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/GOST3410PublicKeyAlgParameters.java
+++ /dev/null

@@ -1,104 +0,0 @@
-package org.bouncycastle.asn1.cryptopro;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-
-public class GOST3410PublicKeyAlgParameters
-    extends ASN1Object
-{
-    private ASN1ObjectIdentifier  publicKeyParamSet;
-    private ASN1ObjectIdentifier  digestParamSet;
-    private ASN1ObjectIdentifier  encryptionParamSet;
-    
-    public static GOST3410PublicKeyAlgParameters getInstance(
-        ASN1TaggedObject obj,
-        boolean          explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    public static GOST3410PublicKeyAlgParameters getInstance(
-        Object obj)
-    {
-        if (obj instanceof GOST3410PublicKeyAlgParameters)
-        {
-            return (GOST3410PublicKeyAlgParameters)obj;
-        }
-
-        if(obj != null)
-        {
-            return new GOST3410PublicKeyAlgParameters(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-    
-    public GOST3410PublicKeyAlgParameters(
-        ASN1ObjectIdentifier  publicKeyParamSet,
-        ASN1ObjectIdentifier  digestParamSet)
-    {
-        this.publicKeyParamSet = publicKeyParamSet;
-        this.digestParamSet = digestParamSet;
-        this.encryptionParamSet = null;
-    }
-
-    public GOST3410PublicKeyAlgParameters(
-        ASN1ObjectIdentifier  publicKeyParamSet,
-        ASN1ObjectIdentifier  digestParamSet,
-        ASN1ObjectIdentifier  encryptionParamSet)
-    {
-        this.publicKeyParamSet = publicKeyParamSet;
-        this.digestParamSet = digestParamSet;
-        this.encryptionParamSet = encryptionParamSet;
-    }
-
-    /**
-     * @deprecated use getInstance()
-     */
-    public GOST3410PublicKeyAlgParameters(
-        ASN1Sequence  seq)
-    {
-        this.publicKeyParamSet = (ASN1ObjectIdentifier)seq.getObjectAt(0);
-        this.digestParamSet = (ASN1ObjectIdentifier)seq.getObjectAt(1);
-        
-        if (seq.size() > 2)
-        {
-            this.encryptionParamSet = (ASN1ObjectIdentifier)seq.getObjectAt(2);
-        }
-    }
-
-    public ASN1ObjectIdentifier getPublicKeyParamSet()
-    {
-        return publicKeyParamSet;
-    }
-
-    public ASN1ObjectIdentifier getDigestParamSet()
-    {
-        return digestParamSet;
-    }
-
-    public ASN1ObjectIdentifier getEncryptionParamSet()
-    {
-        return encryptionParamSet;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        v.add(publicKeyParamSet);
-        v.add(digestParamSet);
-        
-        if (encryptionParamSet != null)
-        {
-            v.add(encryptionParamSet);
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/Gost2814789EncryptedKey.java b/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/Gost2814789EncryptedKey.java
deleted file mode 100644
index 45e4bba..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/Gost2814789EncryptedKey.java
+++ /dev/null

@@ -1,107 +0,0 @@
-package org.bouncycastle.asn1.cryptopro;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.util.Arrays;
-
-/**
- * <pre>
- * Gost28147-89-EncryptedKey ::=   SEQUENCE {
- *       encryptedKey         Gost28147-89-Key,
- *       maskKey              [0] IMPLICIT Gost28147-89-Key
- *                                 OPTIONAL,
- *       macKey               Gost28147-89-MAC
- * }
- * </pre>
- */
-public class Gost2814789EncryptedKey
-    extends ASN1Object
-{
-    private final byte[] encryptedKey;
-    private final byte[] maskKey;
-    private final byte[] macKey;
-
-    private Gost2814789EncryptedKey(ASN1Sequence seq)
-    {
-        if (seq.size() == 2)
-        {
-            encryptedKey = Arrays.clone(ASN1OctetString.getInstance(seq.getObjectAt(0)).getOctets());
-            macKey = Arrays.clone(ASN1OctetString.getInstance(seq.getObjectAt(1)).getOctets());
-            maskKey = null;
-        }
-        else if (seq.size() == 3)
-        {
-            encryptedKey = Arrays.clone(ASN1OctetString.getInstance(seq.getObjectAt(0)).getOctets());
-            maskKey = Arrays.clone(ASN1OctetString.getInstance(ASN1TaggedObject.getInstance(seq.getObjectAt(1)), false).getOctets());
-            macKey = Arrays.clone(ASN1OctetString.getInstance(seq.getObjectAt(2)).getOctets());
-        }
-        else
-        {
-            throw new IllegalArgumentException("unknown sequence length: " + seq.size());
-        }
-    }
-
-    public static Gost2814789EncryptedKey getInstance(
-        Object obj)
-    {
-        if (obj instanceof Gost2814789EncryptedKey)
-        {
-            return (Gost2814789EncryptedKey)obj;
-        }
-
-        if (obj != null)
-        {
-            return new Gost2814789EncryptedKey(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public Gost2814789EncryptedKey(byte[] encryptedKey, byte[] macKey)
-    {
-        this(encryptedKey, null, macKey);
-    }
-
-    public Gost2814789EncryptedKey(byte[] encryptedKey, byte[] maskKey, byte[] macKey)
-    {
-        this.encryptedKey = Arrays.clone(encryptedKey);
-        this.maskKey = Arrays.clone(maskKey);
-        this.macKey = Arrays.clone(macKey);
-    }
-
-    public byte[] getEncryptedKey()
-    {
-        return Arrays.clone(encryptedKey);
-    }
-
-    public byte[] getMaskKey()
-    {
-        return Arrays.clone(maskKey);
-    }
-
-    public byte[] getMacKey()
-    {
-        return Arrays.clone(macKey);
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(new DEROctetString(encryptedKey));
-        if (maskKey != null)
-        {
-            v.add(new DERTaggedObject(false, 0, new DEROctetString(encryptedKey)));
-        }
-        v.add(new DEROctetString(macKey));
-        
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/Gost2814789KeyWrapParameters.java b/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/Gost2814789KeyWrapParameters.java
deleted file mode 100644
index 9d3376e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/Gost2814789KeyWrapParameters.java
+++ /dev/null

@@ -1,86 +0,0 @@
-package org.bouncycastle.asn1.cryptopro;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.util.Arrays;
-
-public class Gost2814789KeyWrapParameters
-    extends ASN1Object
-{
-    private final ASN1ObjectIdentifier encryptionParamSet;
-    private final byte[] ukm;
-
-    private Gost2814789KeyWrapParameters(ASN1Sequence seq)
-    {
-        if (seq.size() == 2)
-        {
-            this.encryptionParamSet = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
-            this.ukm = ASN1OctetString.getInstance(seq.getObjectAt(1)).getOctets();
-        }
-        else if (seq.size() == 1)
-        {
-            this.encryptionParamSet = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
-            this.ukm = null;
-        }
-        else
-        {
-            throw new IllegalArgumentException("unknown sequence length: " + seq.size());
-        }
-    }
-
-    public static Gost2814789KeyWrapParameters getInstance(
-        Object obj)
-    {
-        if (obj instanceof Gost2814789KeyWrapParameters)
-        {
-            return (Gost2814789KeyWrapParameters)obj;
-        }
-
-        if (obj != null)
-        {
-            return new Gost2814789KeyWrapParameters(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public Gost2814789KeyWrapParameters(ASN1ObjectIdentifier encryptionParamSet)
-    {
-        this(encryptionParamSet, null);
-    }
-
-    public Gost2814789KeyWrapParameters(ASN1ObjectIdentifier encryptionParamSet, byte[] ukm)
-    {
-        this.encryptionParamSet = encryptionParamSet;
-        this.ukm = Arrays.clone(ukm);
-    }
-
-    public ASN1ObjectIdentifier getEncryptionParamSet()
-    {
-        return encryptionParamSet;
-    }
-
-    public byte[] getUkm()
-    {
-        return Arrays.clone(ukm);
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(encryptionParamSet);
-        if (ukm != null)
-        {
-            v.add(new DEROctetString(ukm));
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/GostR3410KeyTransport.java b/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/GostR3410KeyTransport.java
deleted file mode 100644
index c0d4c4c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/GostR3410KeyTransport.java
+++ /dev/null

@@ -1,76 +0,0 @@
-package org.bouncycastle.asn1.cryptopro;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-
-/**
- * <pre>
- *     GostR3410-KeyTransport ::= SEQUENCE {
- *       sessionEncryptedKey   Gost28147-89-EncryptedKey,
- *       transportParameters
- *          [0] IMPLICIT GostR3410-TransportParameters OPTIONAL
- *    }
- * </pre>
- */
-public class GostR3410KeyTransport
-    extends ASN1Object
-{
-    private final Gost2814789EncryptedKey sessionEncryptedKey;
-    private final GostR3410TransportParameters transportParameters;
-
-    private GostR3410KeyTransport(ASN1Sequence seq)
-    {
-       this.sessionEncryptedKey = Gost2814789EncryptedKey.getInstance(seq.getObjectAt(0));
-       this.transportParameters = GostR3410TransportParameters.getInstance(ASN1TaggedObject.getInstance(seq.getObjectAt(1)), false);
-    }
-
-    public GostR3410KeyTransport(Gost2814789EncryptedKey sessionEncryptedKey, GostR3410TransportParameters transportParameters)
-    {
-        this.sessionEncryptedKey = sessionEncryptedKey;
-        this.transportParameters = transportParameters;
-    }
-
-    public static GostR3410KeyTransport getInstance(
-        Object obj)
-    {
-        if (obj instanceof GostR3410KeyTransport)
-        {
-            return (GostR3410KeyTransport)obj;
-        }
-
-        if (obj != null)
-        {
-            return new GostR3410KeyTransport(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public Gost2814789EncryptedKey getSessionEncryptedKey()
-    {
-        return sessionEncryptedKey;
-    }
-
-    public GostR3410TransportParameters getTransportParameters()
-    {
-        return transportParameters;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(sessionEncryptedKey);
-        if (transportParameters != null)
-        {
-            v.add(new DERTaggedObject(false, 0, transportParameters));
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/GostR3410TransportParameters.java b/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/GostR3410TransportParameters.java
deleted file mode 100644
index 20d5fe5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/GostR3410TransportParameters.java
+++ /dev/null

@@ -1,113 +0,0 @@
-package org.bouncycastle.asn1.cryptopro;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.util.Arrays;
-
-/**
- *  <pre>
- * GostR3410-TransportParameters ::= SEQUENCE {
- *        encryptionParamSet   OBJECT IDENTIFIER,
- *        ephemeralPublicKey   [0] IMPLICIT SubjectPublicKeyInfo OPTIONAL,
- *        ukm                  OCTET STRING
- * }
- *  </pre>
- */
-public class GostR3410TransportParameters
-    extends ASN1Object
-{
-    private final ASN1ObjectIdentifier encryptionParamSet;
-    private final SubjectPublicKeyInfo ephemeralPublicKey;
-    private final byte[] ukm;
-
-    public GostR3410TransportParameters(ASN1ObjectIdentifier encryptionParamSet, SubjectPublicKeyInfo ephemeralPublicKey, byte[] ukm)
-    {
-        this.encryptionParamSet = encryptionParamSet;
-        this.ephemeralPublicKey = ephemeralPublicKey;
-        this.ukm = Arrays.clone(ukm);
-    }
-
-    private GostR3410TransportParameters(ASN1Sequence seq)
-    {
-        if (seq.size() == 2)
-        {
-            this.encryptionParamSet = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
-            this.ukm = ASN1OctetString.getInstance(seq.getObjectAt(1)).getOctets();
-            this.ephemeralPublicKey = null;
-        }
-        else if (seq.size() == 3)
-        {
-            this.encryptionParamSet = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
-            this.ephemeralPublicKey = SubjectPublicKeyInfo.getInstance(
-                ASN1TaggedObject.getInstance(seq.getObjectAt(1)), false);
-            this.ukm = ASN1OctetString.getInstance(seq.getObjectAt(2)).getOctets();
-        }
-        else
-        {
-            throw new IllegalArgumentException("unknown sequence length: " + seq.size());
-        }
-    }
-
-    public static GostR3410TransportParameters getInstance(
-        Object obj)
-    {
-        if (obj instanceof GostR3410TransportParameters)
-        {
-            return (GostR3410TransportParameters)obj;
-        }
-
-        if (obj != null)
-        {
-            return new GostR3410TransportParameters(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public static GostR3410TransportParameters getInstance(
-        ASN1TaggedObject    obj,
-        boolean             explicit)
-    {
-        return new GostR3410TransportParameters(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    public ASN1ObjectIdentifier getEncryptionParamSet()
-    {
-        return encryptionParamSet;
-    }
-
-    public SubjectPublicKeyInfo getEphemeralPublicKey()
-    {
-        return ephemeralPublicKey;
-    }
-
-    public byte[] getUkm()
-    {
-        return Arrays.clone(ukm);
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(encryptionParamSet);
-
-        if (ephemeralPublicKey != null)
-        {
-            v.add(new DERTaggedObject(false, 0, ephemeralPublicKey));
-        }
-
-        v.add(new DEROctetString(ukm));
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/package.html
deleted file mode 100644
index 2b0af9e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/cryptopro/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes for CRYPTO-PRO related objects - such as GOST identifiers.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/CertEtcToken.java b/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/CertEtcToken.java
deleted file mode 100644
index 3f69c52..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/CertEtcToken.java
+++ /dev/null

@@ -1,171 +0,0 @@
-package org.bouncycastle.asn1.dvcs;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.cmp.PKIStatusInfo;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.ess.ESSCertID;
-import org.bouncycastle.asn1.ocsp.CertID;
-import org.bouncycastle.asn1.ocsp.CertStatus;
-import org.bouncycastle.asn1.ocsp.OCSPResponse;
-import org.bouncycastle.asn1.smime.SMIMECapabilities;
-import org.bouncycastle.asn1.x509.Certificate;
-import org.bouncycastle.asn1.x509.CertificateList;
-import org.bouncycastle.asn1.x509.Extension;
-
-/**
- * <pre>
- * CertEtcToken ::= CHOICE {
- *         certificate                  [0] IMPLICIT Certificate ,
- *         esscertid                    [1] ESSCertId ,
- *         pkistatus                    [2] IMPLICIT PKIStatusInfo ,
- *         assertion                    [3] ContentInfo ,
- *         crl                          [4] IMPLICIT CertificateList,
- *         ocspcertstatus               [5] CertStatus,
- *         oscpcertid                   [6] IMPLICIT CertId ,
- *         oscpresponse                 [7] IMPLICIT OCSPResponse,
- *         capabilities                 [8] SMIMECapabilities,
- *         extension                    Extension
- * }
- * </pre>
- */
-public class CertEtcToken
-    extends ASN1Object
-    implements ASN1Choice
-{
-    public static final int TAG_CERTIFICATE = 0;
-    public static final int TAG_ESSCERTID = 1;
-    public static final int TAG_PKISTATUS = 2;
-    public static final int TAG_ASSERTION = 3;
-    public static final int TAG_CRL = 4;
-    public static final int TAG_OCSPCERTSTATUS = 5;
-    public static final int TAG_OCSPCERTID = 6;
-    public static final int TAG_OCSPRESPONSE = 7;
-    public static final int TAG_CAPABILITIES = 8;
-
-    private static final boolean[] explicit = new boolean[]
-        {
-            false, true, false, true, false, true, false, false, true
-        };
-
-    private int tagNo;
-    private ASN1Encodable value;
-    private Extension extension;
-
-    public CertEtcToken(int tagNo, ASN1Encodable value)
-    {
-        this.tagNo = tagNo;
-        this.value = value;
-    }
-
-    public CertEtcToken(Extension extension)
-    {
-        this.tagNo = -1;
-        this.extension = extension;
-    }
-
-    private CertEtcToken(ASN1TaggedObject choice)
-    {
-        this.tagNo = choice.getTagNo();
-
-        switch (tagNo)
-        {
-        case TAG_CERTIFICATE:
-            value = Certificate.getInstance(choice, false);
-            break;
-        case TAG_ESSCERTID:
-            value = ESSCertID.getInstance(choice.getObject());
-            break;
-        case TAG_PKISTATUS:
-            value = PKIStatusInfo.getInstance(choice, false);
-            break;
-        case TAG_ASSERTION:
-            value = ContentInfo.getInstance(choice.getObject());
-            break;
-        case TAG_CRL:
-            value = CertificateList.getInstance(choice, false);
-            break;
-        case TAG_OCSPCERTSTATUS:
-            value = CertStatus.getInstance(choice.getObject());
-            break;
-        case TAG_OCSPCERTID:
-            value = CertID.getInstance(choice, false);
-            break;
-        case TAG_OCSPRESPONSE:
-            value = OCSPResponse.getInstance(choice, false);
-            break;
-        case TAG_CAPABILITIES:
-            value = SMIMECapabilities.getInstance(choice.getObject());
-            break;
-        default:
-            throw new IllegalArgumentException("Unknown tag: " + tagNo);
-        }
-    }
-
-    public static CertEtcToken getInstance(Object obj)
-    {
-        if (obj instanceof CertEtcToken)
-        {
-            return (CertEtcToken)obj;
-        }
-        else if (obj instanceof ASN1TaggedObject)
-        {
-            return new CertEtcToken((ASN1TaggedObject)obj);
-        }
-        else if (obj != null)
-        {
-            return new CertEtcToken(Extension.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        if (extension == null)
-        {
-            return new DERTaggedObject(explicit[tagNo], tagNo, value);
-        }
-        else
-        {
-            return extension.toASN1Primitive();
-        }
-    }
-
-    public int getTagNo()
-    {
-        return tagNo;
-    }
-
-    public ASN1Encodable getValue()
-    {
-        return value;
-    }
-
-    public Extension getExtension()
-    {
-        return extension;
-    }
-
-    public String toString()
-    {
-        return "CertEtcToken {\n" + value + "}\n";
-    }
-
-    public static CertEtcToken[] arrayFromSequence(ASN1Sequence seq)
-    {
-        CertEtcToken[] tmp = new CertEtcToken[seq.size()];
-
-        for (int i = 0; i != tmp.length; i++)
-        {
-            tmp[i] = CertEtcToken.getInstance(seq.getObjectAt(i));
-        }
-
-        return tmp;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSCertInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSCertInfo.java
deleted file mode 100644
index d7b77b8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSCertInfo.java
+++ /dev/null

@@ -1,300 +0,0 @@
-package org.bouncycastle.asn1.dvcs;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.cmp.PKIStatusInfo;
-import org.bouncycastle.asn1.x509.DigestInfo;
-import org.bouncycastle.asn1.x509.Extensions;
-import org.bouncycastle.asn1.x509.PolicyInformation;
-
-/**
- * <pre>
- *     DVCSCertInfo::= SEQUENCE  {
- *         version             Integer DEFAULT 1 ,
- *         dvReqInfo           DVCSRequestInformation,
- *         messageImprint      DigestInfo,
- *         serialNumber        Integer,
- *         responseTime        DVCSTime,
- *         dvStatus            [0] PKIStatusInfo OPTIONAL,
- *         policy              [1] PolicyInformation OPTIONAL,
- *         reqSignature        [2] SignerInfos  OPTIONAL,
- *         certs               [3] SEQUENCE SIZE (1..MAX) OF
- *                                 TargetEtcChain OPTIONAL,
- *         extensions          Extensions OPTIONAL
- *     }
- * </pre>
- */
-
-public class DVCSCertInfo
-    extends ASN1Object
-{
-
-    private int version = DEFAULT_VERSION;
-    private DVCSRequestInformation dvReqInfo;
-    private DigestInfo messageImprint;
-    private ASN1Integer serialNumber;
-    private DVCSTime responseTime;
-    private PKIStatusInfo dvStatus;
-    private PolicyInformation policy;
-    private ASN1Set reqSignature;
-    private ASN1Sequence certs;
-    private Extensions extensions;
-
-    private static final int DEFAULT_VERSION = 1;
-    private static final int TAG_DV_STATUS = 0;
-    private static final int TAG_POLICY = 1;
-    private static final int TAG_REQ_SIGNATURE = 2;
-    private static final int TAG_CERTS = 3;
-
-    public DVCSCertInfo(
-        DVCSRequestInformation dvReqInfo,
-        DigestInfo messageImprint,
-        ASN1Integer serialNumber,
-        DVCSTime responseTime)
-    {
-        this.dvReqInfo = dvReqInfo;
-        this.messageImprint = messageImprint;
-        this.serialNumber = serialNumber;
-        this.responseTime = responseTime;
-    }
-
-    private DVCSCertInfo(ASN1Sequence seq)
-    {
-        int i = 0;
-        ASN1Encodable x = seq.getObjectAt(i++);
-        try
-        {
-            ASN1Integer encVersion = ASN1Integer.getInstance(x);
-            this.version = encVersion.getValue().intValue();
-            x = seq.getObjectAt(i++);
-        }
-        catch (IllegalArgumentException e)
-        {
-        }
-
-        this.dvReqInfo = DVCSRequestInformation.getInstance(x);
-        x = seq.getObjectAt(i++);
-        this.messageImprint = DigestInfo.getInstance(x);
-        x = seq.getObjectAt(i++);
-        this.serialNumber = ASN1Integer.getInstance(x);
-        x = seq.getObjectAt(i++);
-        this.responseTime = DVCSTime.getInstance(x);
-
-        while (i < seq.size())
-        {
-
-            x = seq.getObjectAt(i++);
-
-            if (x instanceof ASN1TaggedObject)
-            {
-                ASN1TaggedObject t = ASN1TaggedObject.getInstance(x);
-                int tagNo = t.getTagNo();
-
-                switch (tagNo)
-                {
-                case TAG_DV_STATUS:
-                    this.dvStatus = PKIStatusInfo.getInstance(t, false);
-                    break;
-                case TAG_POLICY:
-                    this.policy = PolicyInformation.getInstance(ASN1Sequence.getInstance(t, false));
-                    break;
-                case TAG_REQ_SIGNATURE:
-                    this.reqSignature = ASN1Set.getInstance(t, false);
-                    break;
-                case TAG_CERTS:
-                    this.certs = ASN1Sequence.getInstance(t, false);
-                    break;
-                default:
-                    throw new IllegalArgumentException("Unknown tag encountered: " + tagNo);
-                }
-
-                continue;
-            }
-
-            try
-            {
-                this.extensions = Extensions.getInstance(x);
-            }
-            catch (IllegalArgumentException e)
-            {
-            }
-
-        }
-
-    }
-
-    public static DVCSCertInfo getInstance(Object obj)
-    {
-        if (obj instanceof DVCSCertInfo)
-        {
-            return (DVCSCertInfo)obj;
-        }
-        else if (obj != null)
-        {
-            return new DVCSCertInfo(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public static DVCSCertInfo getInstance(
-        ASN1TaggedObject obj,
-        boolean explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        if (version != DEFAULT_VERSION)
-        {
-            v.add(new ASN1Integer(version));
-        }
-        v.add(dvReqInfo);
-        v.add(messageImprint);
-        v.add(serialNumber);
-        v.add(responseTime);
-        if (dvStatus != null)
-        {
-            v.add(new DERTaggedObject(false, TAG_DV_STATUS, dvStatus));
-        }
-        if (policy != null)
-        {
-            v.add(new DERTaggedObject(false, TAG_POLICY, policy));
-        }
-        if (reqSignature != null)
-        {
-            v.add(new DERTaggedObject(false, TAG_REQ_SIGNATURE, reqSignature));
-        }
-        if (certs != null)
-        {
-            v.add(new DERTaggedObject(false, TAG_CERTS, certs));
-        }
-        if (extensions != null)
-        {
-            v.add(extensions);
-        }
-
-        return new DERSequence(v);
-    }
-
-    public String toString()
-    {
-        StringBuffer s = new StringBuffer();
-
-        s.append("DVCSCertInfo {\n");
-
-        if (version != DEFAULT_VERSION)
-        {
-            s.append("version: " + version + "\n");
-        }
-        s.append("dvReqInfo: " + dvReqInfo + "\n");
-        s.append("messageImprint: " + messageImprint + "\n");
-        s.append("serialNumber: " + serialNumber + "\n");
-        s.append("responseTime: " + responseTime + "\n");
-        if (dvStatus != null)
-        {
-            s.append("dvStatus: " + dvStatus + "\n");
-        }
-        if (policy != null)
-        {
-            s.append("policy: " + policy + "\n");
-        }
-        if (reqSignature != null)
-        {
-            s.append("reqSignature: " + reqSignature + "\n");
-        }
-        if (certs != null)
-        {
-            s.append("certs: " + certs + "\n");
-        }
-        if (extensions != null)
-        {
-            s.append("extensions: " + extensions + "\n");
-        }
-
-        s.append("}\n");
-        return s.toString();
-    }
-
-    public int getVersion()
-    {
-        return version;
-    }
-
-    private void setVersion(int version)
-    {
-        this.version = version;
-    }
-
-    public DVCSRequestInformation getDvReqInfo()
-    {
-        return dvReqInfo;
-    }
-
-    private void setDvReqInfo(DVCSRequestInformation dvReqInfo)
-    {
-        this.dvReqInfo = dvReqInfo;
-    }
-
-    public DigestInfo getMessageImprint()
-    {
-        return messageImprint;
-    }
-
-    private void setMessageImprint(DigestInfo messageImprint)
-    {
-        this.messageImprint = messageImprint;
-    }
-
-    public ASN1Integer getSerialNumber()
-    {
-        return serialNumber;
-    }
-
-    public DVCSTime getResponseTime()
-    {
-        return responseTime;
-    }
-
-    public PKIStatusInfo getDvStatus()
-    {
-        return dvStatus;
-    }
-
-    public PolicyInformation getPolicy()
-    {
-        return policy;
-    }
-
-    public ASN1Set getReqSignature()
-    {
-        return reqSignature;
-    }
-
-    public TargetEtcChain[] getCerts()
-    {
-        if (certs != null)
-        {
-            return TargetEtcChain.arrayFromSequence(certs);
-        }
-
-        return null;
-    }
-
-    public Extensions getExtensions()
-    {
-        return extensions;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSCertInfoBuilder.java b/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSCertInfoBuilder.java
deleted file mode 100644
index 5da097f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSCertInfoBuilder.java
+++ /dev/null

@@ -1,151 +0,0 @@
-package org.bouncycastle.asn1.dvcs;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.cmp.PKIStatusInfo;
-import org.bouncycastle.asn1.x509.DigestInfo;
-import org.bouncycastle.asn1.x509.Extensions;
-import org.bouncycastle.asn1.x509.PolicyInformation;
-
-/**
- * <pre>
- *     DVCSCertInfo::= SEQUENCE  {
- *         version             Integer DEFAULT 1 ,
- *         dvReqInfo           DVCSRequestInformation,
- *         messageImprint      DigestInfo,
- *         serialNumber        Integer,
- *         responseTime        DVCSTime,
- *         dvStatus            [0] PKIStatusInfo OPTIONAL,
- *         policy              [1] PolicyInformation OPTIONAL,
- *         reqSignature        [2] SignerInfos  OPTIONAL,
- *         certs               [3] SEQUENCE SIZE (1..MAX) OF
- *                                 TargetEtcChain OPTIONAL,
- *         extensions          Extensions OPTIONAL
- *     }
- * </pre>
- */
-
-public class DVCSCertInfoBuilder
-{
-
-    private int version = DEFAULT_VERSION;
-    private DVCSRequestInformation dvReqInfo;
-    private DigestInfo messageImprint;
-    private ASN1Integer serialNumber;
-    private DVCSTime responseTime;
-    private PKIStatusInfo dvStatus;
-    private PolicyInformation policy;
-    private ASN1Set reqSignature;
-    private ASN1Sequence certs;
-    private Extensions extensions;
-
-    private static final int DEFAULT_VERSION = 1;
-    private static final int TAG_DV_STATUS = 0;
-    private static final int TAG_POLICY = 1;
-    private static final int TAG_REQ_SIGNATURE = 2;
-    private static final int TAG_CERTS = 3;
-
-    public DVCSCertInfoBuilder(
-        DVCSRequestInformation dvReqInfo,
-        DigestInfo messageImprint,
-        ASN1Integer serialNumber,
-        DVCSTime responseTime)
-    {
-        this.dvReqInfo = dvReqInfo;
-        this.messageImprint = messageImprint;
-        this.serialNumber = serialNumber;
-        this.responseTime = responseTime;
-    }
-
-    public DVCSCertInfo build()
-    {
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        if (version != DEFAULT_VERSION)
-        {
-            v.add(new ASN1Integer(version));
-        }
-        v.add(dvReqInfo);
-        v.add(messageImprint);
-        v.add(serialNumber);
-        v.add(responseTime);
-        if (dvStatus != null)
-        {
-            v.add(new DERTaggedObject(false, TAG_DV_STATUS, dvStatus));
-        }
-        if (policy != null)
-        {
-            v.add(new DERTaggedObject(false, TAG_POLICY, policy));
-        }
-        if (reqSignature != null)
-        {
-            v.add(new DERTaggedObject(false, TAG_REQ_SIGNATURE, reqSignature));
-        }
-        if (certs != null)
-        {
-            v.add(new DERTaggedObject(false, TAG_CERTS, certs));
-        }
-        if (extensions != null)
-        {
-            v.add(extensions);
-        }
-
-        return DVCSCertInfo.getInstance(new DERSequence(v));
-    }
-
-    public void setVersion(int version)
-    {
-        this.version = version;
-    }
-
-    public void setDvReqInfo(DVCSRequestInformation dvReqInfo)
-    {
-        this.dvReqInfo = dvReqInfo;
-    }
-
-    public void setMessageImprint(DigestInfo messageImprint)
-    {
-        this.messageImprint = messageImprint;
-    }
-
-    public void setSerialNumber(ASN1Integer serialNumber)
-    {
-        this.serialNumber = serialNumber;
-    }
-
-    public void setResponseTime(DVCSTime responseTime)
-    {
-        this.responseTime = responseTime;
-    }
-
-    public void setDvStatus(PKIStatusInfo dvStatus)
-    {
-        this.dvStatus = dvStatus;
-    }
-
-    public void setPolicy(PolicyInformation policy)
-    {
-        this.policy = policy;
-    }
-
-    public void setReqSignature(ASN1Set reqSignature)
-    {
-        this.reqSignature = reqSignature;
-    }
-
-    public void setCerts(TargetEtcChain[] certs)
-    {
-        this.certs = new DERSequence(certs);
-    }
-
-    public void setExtensions(Extensions extensions)
-    {
-        this.extensions = extensions;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSErrorNotice.java b/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSErrorNotice.java
deleted file mode 100644
index 8dd69a9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSErrorNotice.java
+++ /dev/null

@@ -1,96 +0,0 @@
-package org.bouncycastle.asn1.dvcs;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cmp.PKIStatusInfo;
-import org.bouncycastle.asn1.x509.GeneralName;
-
-/**
- * <pre>
- *     DVCSErrorNotice ::= SEQUENCE {
- *         transactionStatus           PKIStatusInfo ,
- *         transactionIdentifier       GeneralName OPTIONAL
- *     }
- * </pre>
- */
-public class DVCSErrorNotice
-    extends ASN1Object
-{
-    private PKIStatusInfo transactionStatus;
-    private GeneralName transactionIdentifier;
-
-    public DVCSErrorNotice(PKIStatusInfo status)
-    {
-        this(status, null);
-    }
-
-    public DVCSErrorNotice(PKIStatusInfo status, GeneralName transactionIdentifier)
-    {
-        this.transactionStatus = status;
-        this.transactionIdentifier = transactionIdentifier;
-    }
-
-    private DVCSErrorNotice(ASN1Sequence seq)
-    {
-        this.transactionStatus = PKIStatusInfo.getInstance(seq.getObjectAt(0));
-        if (seq.size() > 1)
-        {
-            this.transactionIdentifier = GeneralName.getInstance(seq.getObjectAt(1));
-        }
-    }
-
-    public static DVCSErrorNotice getInstance(Object obj)
-    {
-        if (obj instanceof DVCSErrorNotice)
-        {
-            return (DVCSErrorNotice)obj;
-        }
-        else if (obj != null)
-        {
-            return new DVCSErrorNotice(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public static DVCSErrorNotice getInstance(
-        ASN1TaggedObject obj,
-        boolean explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        v.add(transactionStatus);
-        if (transactionIdentifier != null)
-        {
-            v.add(transactionIdentifier);
-        }
-        return new DERSequence(v);
-    }
-
-    public String toString()
-    {
-        return "DVCSErrorNotice {\n" +
-            "transactionStatus: " + transactionStatus + "\n" +
-            (transactionIdentifier != null ? "transactionIdentifier: " + transactionIdentifier + "\n" : "") +
-            "}\n";
-    }
-
-
-    public PKIStatusInfo getTransactionStatus()
-    {
-        return transactionStatus;
-    }
-
-    public GeneralName getTransactionIdentifier()
-    {
-        return transactionIdentifier;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSObjectIdentifiers.java
deleted file mode 100644
index d5f6ab6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSObjectIdentifiers.java
+++ /dev/null

@@ -1,29 +0,0 @@
-package org.bouncycastle.asn1.dvcs;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-
-/**
- * OIDs for <a href="http://tools.ietf.org/html/rfc3029">RFC 3029</a>
- * Data Validation and Certification Server Protocols
- */
-public interface DVCSObjectIdentifiers
-{
-    /** Base OID id-pkix: 1.3.6.1.5.5.7 */
-    static final ASN1ObjectIdentifier id_pkix  = new ASN1ObjectIdentifier("1.3.6.1.5.5.7");
-    /** Base OID id-smime: 1.2.840.113549.1.9.16 */
-    static final ASN1ObjectIdentifier id_smime = new ASN1ObjectIdentifier("1.2.840.113549.1.9.16");
-
-    /** Authority Information Access for DVCS; id-ad-dcvs;  OID: 1.3.6.1.5.5.7.48.4 */
-    static final ASN1ObjectIdentifier id_ad_dvcs = id_pkix.branch("48.4");
-
-    /** Key Purpose for DVCS; id-kp-dvcs; OID: 1.3.6.1.5.5.7.3.10 */
-    static final ASN1ObjectIdentifier id_kp_dvcs = id_pkix.branch("3.10");
-
-    /** SMIME eContentType id-ct-DVCSRequestData;   OID: 1.2.840.113549.1.9.16.1.7 */
-    static final ASN1ObjectIdentifier id_ct_DVCSRequestData  = id_smime.branch("1.7");
-    /** SMIME eContentType id-ct-DVCSResponseData;  OID: 1.2.840.113549.1.9.16.1.8 */
-    static final ASN1ObjectIdentifier id_ct_DVCSResponseData = id_smime.branch("1.8");
-
-    /** SMIME DataValidation certificate attribute id-aa-dvcs-dvc;  OID: 1.2.840.113549.1.9.16.2,29 */
-    static final ASN1ObjectIdentifier id_aa_dvcs_dvc = id_smime.branch("2.29");
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSRequest.java b/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSRequest.java
deleted file mode 100644
index b9506e7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSRequest.java
+++ /dev/null

@@ -1,107 +0,0 @@
-package org.bouncycastle.asn1.dvcs;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.GeneralName;
-
-/**
- * <pre>
- *     DVCSRequest ::= SEQUENCE  {
- *         requestInformation         DVCSRequestInformation,
- *         data                       Data,
- *         transactionIdentifier      GeneralName OPTIONAL
- *     }
- * </pre>
- */
-
-public class DVCSRequest
-    extends ASN1Object
-{
-
-    private DVCSRequestInformation requestInformation;
-    private Data data;
-    private GeneralName transactionIdentifier;
-
-    public DVCSRequest(DVCSRequestInformation requestInformation, Data data)
-    {
-        this(requestInformation, data, null);
-    }
-
-    public DVCSRequest(DVCSRequestInformation requestInformation, Data data, GeneralName transactionIdentifier)
-    {
-        this.requestInformation = requestInformation;
-        this.data = data;
-        this.transactionIdentifier = transactionIdentifier;
-    }
-
-    private DVCSRequest(ASN1Sequence seq)
-    {
-        requestInformation = DVCSRequestInformation.getInstance(seq.getObjectAt(0));
-        data = Data.getInstance(seq.getObjectAt(1));
-        if (seq.size() > 2)
-        {
-            transactionIdentifier = GeneralName.getInstance(seq.getObjectAt(2));
-        }
-    }
-
-    public static DVCSRequest getInstance(Object obj)
-    {
-        if (obj instanceof DVCSRequest)
-        {
-            return (DVCSRequest)obj;
-        }
-        else if (obj != null)
-        {
-            return new DVCSRequest(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public static DVCSRequest getInstance(
-        ASN1TaggedObject obj,
-        boolean explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        v.add(requestInformation);
-        v.add(data);
-        if (transactionIdentifier != null)
-        {
-            v.add(transactionIdentifier);
-        }
-        return new DERSequence(v);
-    }
-
-    public String toString()
-    {
-        return "DVCSRequest {\n" +
-            "requestInformation: " + requestInformation + "\n" +
-            "data: " + data + "\n" +
-            (transactionIdentifier != null ? "transactionIdentifier: " + transactionIdentifier + "\n" : "") +
-            "}\n";
-    }
-
-    public Data getData()
-    {
-        return data;
-    }
-
-    public DVCSRequestInformation getRequestInformation()
-    {
-        return requestInformation;
-    }
-
-    public GeneralName getTransactionIdentifier()
-    {
-        return transactionIdentifier;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSRequestInformation.java b/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSRequestInformation.java
deleted file mode 100644
index 79d5805..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSRequestInformation.java
+++ /dev/null

@@ -1,273 +0,0 @@
-package org.bouncycastle.asn1.dvcs;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x509.Extensions;
-import org.bouncycastle.asn1.x509.GeneralNames;
-import org.bouncycastle.asn1.x509.PolicyInformation;
-
-/**
- * <pre>
- *     DVCSRequestInformation ::= SEQUENCE  {
- *         version                      INTEGER DEFAULT 1 ,
- *         service                      ServiceType,
- *         nonce                        Nonce OPTIONAL,
- *         requestTime                  DVCSTime OPTIONAL,
- *         requester                    [0] GeneralNames OPTIONAL,
- *         requestPolicy                [1] PolicyInformation OPTIONAL,
- *         dvcs                         [2] GeneralNames OPTIONAL,
- *         dataLocations                [3] GeneralNames OPTIONAL,
- *         extensions                   [4] IMPLICIT Extensions OPTIONAL
- *     }
- * </pre>
- */
-
-public class DVCSRequestInformation
-    extends ASN1Object
-{
-    private int version = DEFAULT_VERSION;
-    private ServiceType service;
-    private BigInteger nonce;
-    private DVCSTime requestTime;
-    private GeneralNames requester;
-    private PolicyInformation requestPolicy;
-    private GeneralNames dvcs;
-    private GeneralNames dataLocations;
-    private Extensions extensions;
-
-    private static final int DEFAULT_VERSION = 1;
-    private static final int TAG_REQUESTER = 0;
-    private static final int TAG_REQUEST_POLICY = 1;
-    private static final int TAG_DVCS = 2;
-    private static final int TAG_DATA_LOCATIONS = 3;
-    private static final int TAG_EXTENSIONS = 4;
-
-    private DVCSRequestInformation(ASN1Sequence seq)
-    {
-        int i = 0;
-
-        if (seq.getObjectAt(0) instanceof ASN1Integer)
-        {
-            ASN1Integer encVersion = ASN1Integer.getInstance(seq.getObjectAt(i++));
-            this.version = encVersion.getValue().intValue();
-        }
-        else
-        {
-            this.version = 1;
-        }
-
-        this.service = ServiceType.getInstance(seq.getObjectAt(i++));
-
-        while (i < seq.size())
-        {
-            ASN1Encodable x = seq.getObjectAt(i);
-
-            if (x instanceof ASN1Integer)
-            {
-                this.nonce = ASN1Integer.getInstance(x).getValue();
-            }
-            else if (x instanceof ASN1GeneralizedTime)
-            {
-                this.requestTime = DVCSTime.getInstance(x);
-            }
-            else if (x instanceof ASN1TaggedObject)
-            {
-                ASN1TaggedObject t = ASN1TaggedObject.getInstance(x);
-                int tagNo = t.getTagNo();
-
-                switch (tagNo)
-                {
-                case TAG_REQUESTER:
-                    this.requester = GeneralNames.getInstance(t, false);
-                    break;
-                case TAG_REQUEST_POLICY:
-                    this.requestPolicy = PolicyInformation.getInstance(ASN1Sequence.getInstance(t, false));
-                    break;
-                case TAG_DVCS:
-                    this.dvcs = GeneralNames.getInstance(t, false);
-                    break;
-                case TAG_DATA_LOCATIONS:
-                    this.dataLocations = GeneralNames.getInstance(t, false);
-                    break;
-                case TAG_EXTENSIONS:
-                    this.extensions = Extensions.getInstance(t, false);
-                    break;
-                default:
-                    throw new IllegalArgumentException("unknown tag number encountered: " + tagNo);
-                }
-            }
-            else
-            {
-                this.requestTime = DVCSTime.getInstance(x);
-            }
-
-            i++;
-        }
-    }
-
-    public static DVCSRequestInformation getInstance(Object obj)
-    {
-        if (obj instanceof DVCSRequestInformation)
-        {
-            return (DVCSRequestInformation)obj;
-        }
-        else if (obj != null)
-        {
-            return new DVCSRequestInformation(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public static DVCSRequestInformation getInstance(
-        ASN1TaggedObject obj,
-        boolean explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        if (version != DEFAULT_VERSION)
-        {
-            v.add(new ASN1Integer(version));
-        }
-        v.add(service);
-        if (nonce != null)
-        {
-            v.add(new ASN1Integer(nonce));
-        }
-        if (requestTime != null)
-        {
-            v.add(requestTime);
-        }
-
-        int[] tags = new int[]{
-            TAG_REQUESTER,
-            TAG_REQUEST_POLICY,
-            TAG_DVCS,
-            TAG_DATA_LOCATIONS,
-            TAG_EXTENSIONS
-        };
-        ASN1Encodable[] taggedObjects = new ASN1Encodable[]{
-            requester,
-            requestPolicy,
-            dvcs,
-            dataLocations,
-            extensions
-        };
-        for (int i = 0; i < tags.length; i++)
-        {
-            int tag = tags[i];
-            ASN1Encodable taggedObject = taggedObjects[i];
-            if (taggedObject != null)
-            {
-                v.add(new DERTaggedObject(false, tag, taggedObject));
-            }
-        }
-
-        return new DERSequence(v);
-    }
-
-    public String toString()
-    {
-
-        StringBuffer s = new StringBuffer();
-
-        s.append("DVCSRequestInformation {\n");
-
-        if (version != DEFAULT_VERSION)
-        {
-            s.append("version: " + version + "\n");
-        }
-        s.append("service: " + service + "\n");
-        if (nonce != null)
-        {
-            s.append("nonce: " + nonce + "\n");
-        }
-        if (requestTime != null)
-        {
-            s.append("requestTime: " + requestTime + "\n");
-        }
-        if (requester != null)
-        {
-            s.append("requester: " + requester + "\n");
-        }
-        if (requestPolicy != null)
-        {
-            s.append("requestPolicy: " + requestPolicy + "\n");
-        }
-        if (dvcs != null)
-        {
-            s.append("dvcs: " + dvcs + "\n");
-        }
-        if (dataLocations != null)
-        {
-            s.append("dataLocations: " + dataLocations + "\n");
-        }
-        if (extensions != null)
-        {
-            s.append("extensions: " + extensions + "\n");
-        }
-
-        s.append("}\n");
-        return s.toString();
-    }
-
-    public int getVersion()
-    {
-        return version;
-    }
-
-    public ServiceType getService()
-    {
-        return service;
-    }
-
-    public BigInteger getNonce()
-    {
-        return nonce;
-    }
-
-    public DVCSTime getRequestTime()
-    {
-        return requestTime;
-    }
-
-    public GeneralNames getRequester()
-    {
-        return requester;
-    }
-
-    public PolicyInformation getRequestPolicy()
-    {
-        return requestPolicy;
-    }
-
-    public GeneralNames getDVCS()
-    {
-        return dvcs;
-    }
-
-    public GeneralNames getDataLocations()
-    {
-        return dataLocations;
-    }
-
-    public Extensions getExtensions()
-    {
-        return extensions;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSRequestInformationBuilder.java b/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSRequestInformationBuilder.java
deleted file mode 100644
index 9b73c0a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSRequestInformationBuilder.java
+++ /dev/null

@@ -1,224 +0,0 @@
-package org.bouncycastle.asn1.dvcs;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x509.Extensions;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.GeneralNames;
-import org.bouncycastle.asn1.x509.PolicyInformation;
-import org.bouncycastle.util.BigIntegers;
-
-/**
- * <pre>
- *     DVCSRequestInformation ::= SEQUENCE  {
- *         version                      INTEGER DEFAULT 1 ,
- *         service                      ServiceType,
- *         nonce                        Nonce OPTIONAL,
- *         requestTime                  DVCSTime OPTIONAL,
- *         requester                    [0] GeneralNames OPTIONAL,
- *         requestPolicy                [1] PolicyInformation OPTIONAL,
- *         dvcs                         [2] GeneralNames OPTIONAL,
- *         dataLocations                [3] GeneralNames OPTIONAL,
- *         extensions                   [4] IMPLICIT Extensions OPTIONAL
- *     }
- * </pre>
- */
-public class DVCSRequestInformationBuilder
-{
-    private int version = DEFAULT_VERSION;
-
-    private final ServiceType service;
-    private DVCSRequestInformation initialInfo;
-
-    private BigInteger nonce;
-    private DVCSTime requestTime;
-    private GeneralNames requester;
-    private PolicyInformation requestPolicy;
-    private GeneralNames dvcs;
-    private GeneralNames dataLocations;
-    private Extensions extensions;
-
-    private static final int DEFAULT_VERSION = 1;
-    private static final int TAG_REQUESTER = 0;
-    private static final int TAG_REQUEST_POLICY = 1;
-    private static final int TAG_DVCS = 2;
-    private static final int TAG_DATA_LOCATIONS = 3;
-    private static final int TAG_EXTENSIONS = 4;
-
-    public DVCSRequestInformationBuilder(ServiceType service)
-    {
-        this.service = service;
-    }
-
-    public DVCSRequestInformationBuilder(DVCSRequestInformation initialInfo)
-    {
-        this.initialInfo = initialInfo;
-        this.service = initialInfo.getService();
-        this.version = initialInfo.getVersion();
-        this.nonce = initialInfo.getNonce();
-        this.requestTime = initialInfo.getRequestTime();
-        this.requestPolicy = initialInfo.getRequestPolicy();
-        this.dvcs = initialInfo.getDVCS();
-        this.dataLocations = initialInfo.getDataLocations();
-    }
-
-    public DVCSRequestInformation build()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        if (version != DEFAULT_VERSION)
-        {
-            v.add(new ASN1Integer(version));
-        }
-        v.add(service);
-        if (nonce != null)
-        {
-            v.add(new ASN1Integer(nonce));
-        }
-        if (requestTime != null)
-        {
-            v.add(requestTime);
-        }
-
-        int[] tags = new int[]{
-            TAG_REQUESTER,
-            TAG_REQUEST_POLICY,
-            TAG_DVCS,
-            TAG_DATA_LOCATIONS,
-            TAG_EXTENSIONS
-        };
-        ASN1Encodable[] taggedObjects = new ASN1Encodable[]{
-            requester,
-            requestPolicy,
-            dvcs,
-            dataLocations,
-            extensions
-        };
-        for (int i = 0; i < tags.length; i++)
-        {
-            int tag = tags[i];
-            ASN1Encodable taggedObject = taggedObjects[i];
-            if (taggedObject != null)
-            {
-                v.add(new DERTaggedObject(false, tag, taggedObject));
-            }
-        }
-
-        return DVCSRequestInformation.getInstance(new DERSequence(v));
-    }
-
-    public void setVersion(int version)
-    {
-        if (initialInfo != null)
-        {
-            throw new IllegalStateException("cannot change version in existing DVCSRequestInformation");
-        }
-
-        this.version = version;
-    }
-
-    public void setNonce(BigInteger nonce)
-    {
-        // RFC 3029, 9.1: The DVCS MAY modify the fields
-        // 'dvcs', 'requester', 'dataLocations', and 'nonce' of the ReqInfo structure
-
-        // RFC 3029, 9.1: The only modification
-        // allowed to a 'nonce' is the inclusion of a new field if it was not
-        // present, or to concatenate other data to the end (right) of an
-        // existing value.
-        if (initialInfo != null)
-        {
-            if (initialInfo.getNonce() == null)
-            {
-                this.nonce = nonce;
-            }
-            else
-            {
-                byte[] initialBytes = initialInfo.getNonce().toByteArray();
-                byte[] newBytes = BigIntegers.asUnsignedByteArray(nonce);
-                byte[] nonceBytes = new byte[initialBytes.length + newBytes.length];
-
-                System.arraycopy(initialBytes, 0, nonceBytes, 0, initialBytes.length);
-                System.arraycopy(newBytes, 0, nonceBytes, initialBytes.length, newBytes.length);
-
-                this.nonce = new BigInteger(nonceBytes);
-            }
-        }
-
-        this.nonce = nonce;
-    }
-
-    public void setRequestTime(DVCSTime requestTime)
-    {
-        if (initialInfo != null)
-        {
-            throw new IllegalStateException("cannot change request time in existing DVCSRequestInformation");
-        }
-
-        this.requestTime = requestTime;
-    }
-
-    public void setRequester(GeneralName requester)
-    {
-        this.setRequester(new GeneralNames(requester));
-    }
-
-    public void setRequester(GeneralNames requester)
-    {
-        // RFC 3029, 9.1: The DVCS MAY modify the fields
-        // 'dvcs', 'requester', 'dataLocations', and 'nonce' of the ReqInfo structure
-
-        this.requester = requester;
-    }
-
-    public void setRequestPolicy(PolicyInformation requestPolicy)
-    {
-        if (initialInfo != null)
-        {
-            throw new IllegalStateException("cannot change request policy in existing DVCSRequestInformation");
-        }
-
-        this.requestPolicy = requestPolicy;
-    }
-
-    public void setDVCS(GeneralName dvcs)
-    {
-        this.setDVCS(new GeneralNames(dvcs));
-    }
-
-    public void setDVCS(GeneralNames dvcs)
-    {
-        // RFC 3029, 9.1: The DVCS MAY modify the fields
-        // 'dvcs', 'requester', 'dataLocations', and 'nonce' of the ReqInfo structure
-
-        this.dvcs = dvcs;
-    }
-
-    public void setDataLocations(GeneralName dataLocation)
-    {
-        this.setDataLocations(new GeneralNames(dataLocation));
-    }
-
-    public void setDataLocations(GeneralNames dataLocations)
-    {
-        // RFC 3029, 9.1: The DVCS MAY modify the fields
-        // 'dvcs', 'requester', 'dataLocations', and 'nonce' of the ReqInfo structure
-
-        this.dataLocations = dataLocations;
-    }
-
-    public void setExtensions(Extensions extensions)
-    {
-        if (initialInfo != null)
-        {
-            throw new IllegalStateException("cannot change extensions in existing DVCSRequestInformation");
-        }
-
-        this.extensions = extensions;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSResponse.java b/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSResponse.java
deleted file mode 100644
index 3c05c66..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSResponse.java
+++ /dev/null

@@ -1,116 +0,0 @@
-package org.bouncycastle.asn1.dvcs;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERTaggedObject;
-
-/**
- * <pre>
- *     DVCSResponse ::= CHOICE
- *     {
- *         dvCertInfo         DVCSCertInfo ,
- *         dvErrorNote        [0] DVCSErrorNotice
- *     }
- * </pre>
- */
-
-public class DVCSResponse
-    extends ASN1Object
-    implements ASN1Choice
-{
-    private DVCSCertInfo dvCertInfo;
-    private DVCSErrorNotice dvErrorNote;
-
-    public DVCSResponse(DVCSCertInfo dvCertInfo)
-    {
-        this.dvCertInfo = dvCertInfo;
-    }
-
-    public DVCSResponse(DVCSErrorNotice dvErrorNote)
-    {
-        this.dvErrorNote = dvErrorNote;
-    }
-
-    public static DVCSResponse getInstance(Object obj)
-    {
-        if (obj == null || obj instanceof DVCSResponse)
-        {
-            return (DVCSResponse)obj;
-        }
-        else
-        {
-            if (obj instanceof byte[])
-            {
-                try
-                {
-                    return getInstance(ASN1Primitive.fromByteArray((byte[])obj));
-                }
-                catch (IOException e)
-                {
-                    throw new IllegalArgumentException("failed to construct sequence from byte[]: " + e.getMessage());
-                }
-            }
-            if (obj instanceof ASN1Sequence)
-            {
-                DVCSCertInfo dvCertInfo = DVCSCertInfo.getInstance(obj);
-
-                return new DVCSResponse(dvCertInfo);
-            }
-            if (obj instanceof ASN1TaggedObject)
-            {
-                ASN1TaggedObject t = ASN1TaggedObject.getInstance(obj);
-                DVCSErrorNotice dvErrorNote = DVCSErrorNotice.getInstance(t, false);
-
-                return new DVCSResponse(dvErrorNote);
-            }
-        }
-
-        throw new IllegalArgumentException("Couldn't convert from object to DVCSResponse: " + obj.getClass().getName());
-    }
-
-    public static DVCSResponse getInstance(
-        ASN1TaggedObject obj,
-        boolean explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    public DVCSCertInfo getCertInfo()
-    {
-        return dvCertInfo;
-    }
-
-    public DVCSErrorNotice getErrorNotice()
-    {
-        return dvErrorNote;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        if (dvCertInfo != null)
-        {
-            return dvCertInfo.toASN1Primitive();
-        }
-        else
-        {
-            return new DERTaggedObject(false, 0, dvErrorNote);
-        }
-    }
-
-    public String toString()
-    {
-        if (dvCertInfo != null)
-        {
-            return "DVCSResponse {\ndvCertInfo: " + dvCertInfo.toString() + "}\n";
-        }
-        else
-        {
-            return "DVCSResponse {\ndvErrorNote: " + dvErrorNote.toString() + "}\n";
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSTime.java b/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSTime.java
deleted file mode 100644
index 1d67a10..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/DVCSTime.java
+++ /dev/null

@@ -1,107 +0,0 @@
-package org.bouncycastle.asn1.dvcs;
-
-import java.util.Date;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.cms.ContentInfo;
-
-/**
- * <pre>
- *     DVCSTime ::= CHOICE  {
- *         genTime                      GeneralizedTime,
- *         timeStampToken               ContentInfo
- *     }
- * </pre>
- */
-public class DVCSTime
-    extends ASN1Object
-    implements ASN1Choice
-{
-    private final ASN1GeneralizedTime genTime;
-    private final ContentInfo timeStampToken;
-
-    // constructors:
-
-    public DVCSTime(Date time)
-    {
-        this(new ASN1GeneralizedTime(time));
-    }
-
-    public DVCSTime(ASN1GeneralizedTime genTime)
-    {
-        this.genTime = genTime;
-        this.timeStampToken = null;
-    }
-
-    public DVCSTime(ContentInfo timeStampToken)
-    {
-        this.genTime = null;
-        this.timeStampToken = timeStampToken;
-    }
-
-    public static DVCSTime getInstance(Object obj)
-    {
-        if (obj instanceof DVCSTime)
-        {
-            return (DVCSTime)obj;
-        }
-        else if (obj instanceof ASN1GeneralizedTime)
-        {
-            return new DVCSTime(ASN1GeneralizedTime.getInstance(obj));
-        }
-        else if (obj != null)
-        {
-            return new DVCSTime(ContentInfo.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public static DVCSTime getInstance(
-        ASN1TaggedObject obj,
-        boolean explicit)
-    {
-        return getInstance(obj.getObject()); // must be explicitly tagged
-    }
-
-
-    // selectors:
-
-    public ASN1GeneralizedTime getGenTime()
-    {
-        return genTime;
-    }
-
-    public ContentInfo getTimeStampToken()
-    {
-        return timeStampToken;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        if (genTime != null)
-        {
-            return genTime;
-        }
-        else
-        {
-            return timeStampToken.toASN1Primitive();
-        }
-    }
-
-    public String toString()
-    {
-        if (genTime != null)
-        {
-            return genTime.toString();
-        }
-        else
-        {
-            return timeStampToken.toString();
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/Data.java b/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/Data.java
deleted file mode 100644
index 9c661f1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/Data.java
+++ /dev/null

@@ -1,149 +0,0 @@
-package org.bouncycastle.asn1.dvcs;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x509.DigestInfo;
-
-/**
- * <pre>
- * Data ::= CHOICE {
- *   message           OCTET STRING ,
- *   messageImprint    DigestInfo,
- *   certs             [0] SEQUENCE SIZE (1..MAX) OF
- *                         TargetEtcChain
- * }
- * </pre>
- */
-
-public class Data
-    extends ASN1Object
-    implements ASN1Choice
-{
-    private ASN1OctetString message;
-    private DigestInfo messageImprint;
-    private ASN1Sequence certs;
-
-    public Data(byte[] messageBytes)
-    {
-        this.message = new DEROctetString(messageBytes);
-    }
-
-    public Data(ASN1OctetString message)
-    {
-        this.message = message;
-    }
-
-    public Data(DigestInfo messageImprint)
-    {
-        this.messageImprint = messageImprint;
-    }
-
-    public Data(TargetEtcChain cert)
-    {
-        this.certs = new DERSequence(cert);
-    }
-
-    public Data(TargetEtcChain[] certs)
-    {
-        this.certs = new DERSequence(certs);
-    }
-
-    private Data(ASN1Sequence certs)
-    {
-        this.certs = certs;
-    }
-
-    public static Data getInstance(Object obj)
-    {
-        if (obj instanceof Data)
-        {
-            return (Data)obj;
-        }
-        else if (obj instanceof ASN1OctetString)
-        {
-            return new Data((ASN1OctetString)obj);
-        }
-        else if (obj instanceof ASN1Sequence)
-        {
-            return new Data(DigestInfo.getInstance(obj));
-        }
-        else if (obj instanceof ASN1TaggedObject)
-        {
-            return new Data(ASN1Sequence.getInstance((ASN1TaggedObject)obj, false));
-        }
-        throw new IllegalArgumentException("Unknown object submitted to getInstance: " + obj.getClass().getName());
-    }
-
-    public static Data getInstance(
-        ASN1TaggedObject obj,
-        boolean explicit)
-    {
-        return getInstance(obj.getObject());
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        if (message != null)
-        {
-            return message.toASN1Primitive();
-        }
-        if (messageImprint != null)
-        {
-            return messageImprint.toASN1Primitive();
-        }
-        else
-        {
-            return new DERTaggedObject(false, 0, certs);
-        }
-    }
-
-    public String toString()
-    {
-        if (message != null)
-        {
-            return "Data {\n" + message + "}\n";
-        }
-        if (messageImprint != null)
-        {
-            return "Data {\n" + messageImprint + "}\n";
-        }
-        else
-        {
-            return "Data {\n" + certs + "}\n";
-        }
-    }
-
-    public ASN1OctetString getMessage()
-    {
-        return message;
-    }
-
-    public DigestInfo getMessageImprint()
-    {
-        return messageImprint;
-    }
-
-    public TargetEtcChain[] getCerts()
-    {
-        if (certs == null)
-        {
-            return null;
-        }
-
-        TargetEtcChain[] tmp = new TargetEtcChain[certs.size()];
-
-        for (int i = 0; i != tmp.length; i++)
-        {
-            tmp[i] = TargetEtcChain.getInstance(certs.getObjectAt(i));
-        }
-
-        return tmp;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/PathProcInput.java b/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/PathProcInput.java
deleted file mode 100644
index 4c8fec4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/PathProcInput.java
+++ /dev/null

@@ -1,193 +0,0 @@
-package org.bouncycastle.asn1.dvcs;
-
-import java.util.Arrays;
-
-import org.bouncycastle.asn1.ASN1Boolean;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x509.PolicyInformation;
-
-/**
- * <pre>
- *     PathProcInput ::= SEQUENCE {
- *         acceptablePolicySet          SEQUENCE SIZE (1..MAX) OF
- *                                         PolicyInformation,
- *         inhibitPolicyMapping         BOOLEAN DEFAULT FALSE,
- *         explicitPolicyReqd           [0] BOOLEAN DEFAULT FALSE ,
- *         inhibitAnyPolicy             [1] BOOLEAN DEFAULT FALSE
- *     }
- * </pre>
- */
-public class PathProcInput
-    extends ASN1Object
-{
-    private PolicyInformation[] acceptablePolicySet;
-    private boolean inhibitPolicyMapping = false;
-    private boolean explicitPolicyReqd = false;
-    private boolean inhibitAnyPolicy = false;
-
-    public PathProcInput(PolicyInformation[] acceptablePolicySet)
-    {
-        this.acceptablePolicySet = copy(acceptablePolicySet);
-    }
-
-    public PathProcInput(PolicyInformation[] acceptablePolicySet, boolean inhibitPolicyMapping, boolean explicitPolicyReqd, boolean inhibitAnyPolicy)
-    {
-        this.acceptablePolicySet = copy(acceptablePolicySet);
-        this.inhibitPolicyMapping = inhibitPolicyMapping;
-        this.explicitPolicyReqd = explicitPolicyReqd;
-        this.inhibitAnyPolicy = inhibitAnyPolicy;
-    }
-
-    private static PolicyInformation[] fromSequence(ASN1Sequence seq)
-    {
-        PolicyInformation[] tmp = new PolicyInformation[seq.size()];
-
-        for (int i = 0; i != tmp.length; i++)
-        {
-            tmp[i] = PolicyInformation.getInstance(seq.getObjectAt(i));
-        }
-
-        return tmp;
-    }
-
-    public static PathProcInput getInstance(Object obj)
-    {
-        if (obj instanceof PathProcInput)
-        {
-            return (PathProcInput)obj;
-        }
-        else if (obj != null)
-        {
-            ASN1Sequence seq = ASN1Sequence.getInstance(obj);
-            ASN1Sequence policies = ASN1Sequence.getInstance(seq.getObjectAt(0));
-            PathProcInput result = new PathProcInput(fromSequence(policies));
-
-            for (int i = 1; i < seq.size(); i++)
-            {
-                Object o = seq.getObjectAt(i);
-
-                if (o instanceof ASN1Boolean)
-                {
-                    ASN1Boolean x = ASN1Boolean.getInstance(o);
-                    result.setInhibitPolicyMapping(x.isTrue());
-                }
-                else if (o instanceof ASN1TaggedObject)
-                {
-                    ASN1TaggedObject t = ASN1TaggedObject.getInstance(o);
-                    ASN1Boolean x;
-                    switch (t.getTagNo())
-                    {
-                    case 0:
-                        x = ASN1Boolean.getInstance(t, false);
-                        result.setExplicitPolicyReqd(x.isTrue());
-                        break;
-                    case 1:
-                        x = ASN1Boolean.getInstance(t, false);
-                        result.setInhibitAnyPolicy(x.isTrue());
-                        break;
-                    default:
-                        throw new IllegalArgumentException("Unknown tag encountered: " + t.getTagNo());
-                    }
-                }
-            }
-            return result;
-        }
-
-        return null;
-    }
-
-    public static PathProcInput getInstance(
-        ASN1TaggedObject obj,
-        boolean explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        ASN1EncodableVector pV = new ASN1EncodableVector();
-
-        for (int i = 0; i != acceptablePolicySet.length; i++)
-        {
-            pV.add(acceptablePolicySet[i]);
-        }
-
-        v.add(new DERSequence(pV));
-
-        if (inhibitPolicyMapping)
-        {
-            v.add(ASN1Boolean.getInstance(inhibitPolicyMapping));
-        }
-        if (explicitPolicyReqd)
-        {
-            v.add(new DERTaggedObject(false, 0, ASN1Boolean.getInstance(explicitPolicyReqd)));
-        }
-        if (inhibitAnyPolicy)
-        {
-            v.add(new DERTaggedObject(false, 1, ASN1Boolean.getInstance(inhibitAnyPolicy)));
-        }
-
-        return new DERSequence(v);
-    }
-
-    public String toString()
-    {
-        return "PathProcInput: {\n" +
-            "acceptablePolicySet: " + Arrays.asList(acceptablePolicySet) + "\n" +
-            "inhibitPolicyMapping: " + inhibitPolicyMapping + "\n" +
-            "explicitPolicyReqd: " + explicitPolicyReqd + "\n" +
-            "inhibitAnyPolicy: " + inhibitAnyPolicy + "\n" +
-            "}\n";
-    }
-
-    public PolicyInformation[] getAcceptablePolicySet()
-    {
-        return copy(acceptablePolicySet);
-    }
-
-    public boolean isInhibitPolicyMapping()
-    {
-        return inhibitPolicyMapping;
-    }
-
-    private void setInhibitPolicyMapping(boolean inhibitPolicyMapping)
-    {
-        this.inhibitPolicyMapping = inhibitPolicyMapping;
-    }
-
-    public boolean isExplicitPolicyReqd()
-    {
-        return explicitPolicyReqd;
-    }
-
-    private void setExplicitPolicyReqd(boolean explicitPolicyReqd)
-    {
-        this.explicitPolicyReqd = explicitPolicyReqd;
-    }
-
-    public boolean isInhibitAnyPolicy()
-    {
-        return inhibitAnyPolicy;
-    }
-
-    private void setInhibitAnyPolicy(boolean inhibitAnyPolicy)
-    {
-        this.inhibitAnyPolicy = inhibitAnyPolicy;
-    }
-
-    private PolicyInformation[] copy(PolicyInformation[] policySet)
-    {
-        PolicyInformation[] rv = new PolicyInformation[policySet.length];
-
-        System.arraycopy(policySet, 0, rv, 0, rv.length);
-
-        return rv;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/ServiceType.java b/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/ServiceType.java
deleted file mode 100644
index d6ee94f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/ServiceType.java
+++ /dev/null

@@ -1,92 +0,0 @@
-package org.bouncycastle.asn1.dvcs;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1Enumerated;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-
-
-/**
- * ServiceType ::= ENUMERATED { cpd(1), vsd(2), cpkc(3), ccpd(4) }
- */
-
-public class ServiceType
-    extends ASN1Object
-{
-    /**
-     * Identifier of CPD service (Certify Possession of Data).
-     */
-    public static final ServiceType CPD = new ServiceType(1);
-
-    /**
-     * Identifier of VSD service (Verify Signed Document).
-     */
-    public static final ServiceType VSD = new ServiceType(2);
-
-    /**
-     * Identifier of VPKC service (Verify Public Key Certificates (also referred to as CPKC)).
-     */
-    public static final ServiceType VPKC = new ServiceType(3);
-
-    /**
-     * Identifier of CCPD service (Certify Claim of Possession of Data).
-     */
-    public static final ServiceType CCPD = new ServiceType(4);
-
-    private ASN1Enumerated value;
-
-    public ServiceType(int value)
-    {
-        this.value = new ASN1Enumerated(value);
-    }
-
-    private ServiceType(ASN1Enumerated value)
-    {
-        this.value = value;
-    }
-
-    public static ServiceType getInstance(Object obj)
-    {
-        if (obj instanceof ServiceType)
-        {
-            return (ServiceType)obj;
-        }
-        else if (obj != null)
-        {
-            return new ServiceType(ASN1Enumerated.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public static ServiceType getInstance(
-        ASN1TaggedObject obj,
-        boolean explicit)
-    {
-        return getInstance(ASN1Enumerated.getInstance(obj, explicit));
-    }
-
-    public BigInteger getValue()
-    {
-        return value.getValue();
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return value;
-    }
-
-    public String toString()
-    {
-        int num = value.getValue().intValue();
-        return "" + num + (
-            num == CPD.getValue().intValue() ? "(CPD)" :
-                num == VSD.getValue().intValue() ? "(VSD)" :
-                    num == VPKC.getValue().intValue() ? "(VPKC)" :
-                        num == CCPD.getValue().intValue() ? "(CCPD)" :
-                            "?");
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/TargetEtcChain.java b/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/TargetEtcChain.java
deleted file mode 100644
index 3dc1a27..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/TargetEtcChain.java
+++ /dev/null

@@ -1,181 +0,0 @@
-package org.bouncycastle.asn1.dvcs;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-
-/**
- * <pre>
- *     TargetEtcChain ::= SEQUENCE {
- *         target                       CertEtcToken,
- *         chain                        SEQUENCE SIZE (1..MAX) OF
- *                                         CertEtcToken OPTIONAL,
- *         pathProcInput                [0] PathProcInput OPTIONAL
- *     }
- * </pre>
- */
-
-public class TargetEtcChain
-    extends ASN1Object
-{
-    private CertEtcToken target;
-    private ASN1Sequence chain;
-    private PathProcInput pathProcInput;
-
-    public TargetEtcChain(CertEtcToken target)
-    {
-        this(target, null, null);
-    }
-
-    public TargetEtcChain(CertEtcToken target, CertEtcToken[] chain)
-    {
-        this(target, chain, null);
-    }
-
-    public TargetEtcChain(CertEtcToken target, PathProcInput pathProcInput)
-    {
-        this(target, null, pathProcInput);
-    }
-
-    public TargetEtcChain(CertEtcToken target, CertEtcToken[] chain, PathProcInput pathProcInput)
-    {
-        this.target = target;
-
-        if (chain != null)
-        {
-            this.chain = new DERSequence(chain);
-        }
-
-        this.pathProcInput = pathProcInput;
-    }
-
-    private TargetEtcChain(ASN1Sequence seq)
-    {
-        int i = 0;
-        ASN1Encodable obj = seq.getObjectAt(i++);
-        this.target = CertEtcToken.getInstance(obj);
-
-        if (seq.size() > 1)
-        {
-            obj = seq.getObjectAt(i++);
-            if (obj instanceof ASN1TaggedObject)
-            {
-                extractPathProcInput(obj);
-            }
-            else
-            {
-                this.chain = ASN1Sequence.getInstance(obj);
-                if (seq.size() > 2)
-                {
-                    obj = seq.getObjectAt(i);
-                    extractPathProcInput(obj);
-                }
-            }
-        }
-    }
-
-    private void extractPathProcInput(ASN1Encodable obj)
-    {
-        ASN1TaggedObject tagged = ASN1TaggedObject.getInstance(obj);
-        switch (tagged.getTagNo())
-        {
-        case 0:
-            this.pathProcInput = PathProcInput.getInstance(tagged, false);
-            break;
-        default:
-            throw new IllegalArgumentException("Unknown tag encountered: " + tagged.getTagNo());
-        }
-    }
-
-    public static TargetEtcChain getInstance(Object obj)
-    {
-        if (obj instanceof TargetEtcChain)
-        {
-            return (TargetEtcChain)obj;
-        }
-        else if (obj != null)
-        {
-            return new TargetEtcChain(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public static TargetEtcChain getInstance(
-        ASN1TaggedObject obj,
-        boolean explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        v.add(target);
-        if (chain != null)
-        {
-            v.add(chain);
-        }
-        if (pathProcInput != null)
-        {
-            v.add(new DERTaggedObject(false, 0, pathProcInput));
-        }
-
-        return new DERSequence(v);
-    }
-
-    public String toString()
-    {
-        StringBuffer s = new StringBuffer();
-        s.append("TargetEtcChain {\n");
-        s.append("target: " + target + "\n");
-        if (chain != null)
-        {
-            s.append("chain: " + chain + "\n");
-        }
-        if (pathProcInput != null)
-        {
-            s.append("pathProcInput: " + pathProcInput + "\n");
-        }
-        s.append("}\n");
-        return s.toString();
-    }
-
-
-    public CertEtcToken getTarget()
-    {
-        return target;
-    }
-
-    public CertEtcToken[] getChain()
-    {
-        if (chain != null)
-        {
-            return CertEtcToken.arrayFromSequence(chain);
-        }
-
-        return null;
-    }
-
-    public PathProcInput getPathProcInput()
-    {
-        return pathProcInput;
-    }
-
-    public static TargetEtcChain[] arrayFromSequence(ASN1Sequence seq)
-    {
-        TargetEtcChain[] tmp = new TargetEtcChain[seq.size()];
-
-        for (int i = 0; i != tmp.length; i++)
-        {
-            tmp[i] = TargetEtcChain.getInstance(seq.getObjectAt(i));
-        }
-
-        return tmp;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/package.html
deleted file mode 100644
index a941922..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/dvcs/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes useful for encoding and processing Data Validation and Certification Server (DVCS) protocols as described in RFC 3029.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/eac/BidirectionalMap.java b/bcprov/src/main/java/org/bouncycastle/asn1/eac/BidirectionalMap.java
deleted file mode 100644
index 3cf1450..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/eac/BidirectionalMap.java
+++ /dev/null

@@ -1,23 +0,0 @@
-package org.bouncycastle.asn1.eac;
-
-import java.util.Hashtable;
-
-public class BidirectionalMap
-    extends Hashtable
-{
-    private static final long serialVersionUID = -7457289971962812909L;
-
-    Hashtable reverseMap = new Hashtable();
-
-    public Object getReverse(Object o)
-    {
-        return reverseMap.get(o);
-    }
-
-    public Object put(Object key, Object o)
-    {
-        reverseMap.put(o, key);
-        return super.put(key, o);
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/eac/CVCertificate.java b/bcprov/src/main/java/org/bouncycastle/asn1/eac/CVCertificate.java
deleted file mode 100644
index 9b5e86d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/eac/CVCertificate.java
+++ /dev/null

@@ -1,314 +0,0 @@
-package org.bouncycastle.asn1.eac;
-
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1ApplicationSpecific;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1ParsingException;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DERApplicationSpecific;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.util.Arrays;
-
-
-/**
- * an iso7816Certificate structure.
- * <pre>
- *  Certificate ::= SEQUENCE {
- *      CertificateBody         Iso7816CertificateBody,
- *      signature               DER Application specific
- *  }
- * </pre>
- */
-public class CVCertificate
-    extends ASN1Object
-{
-    private CertificateBody certificateBody;
-    private byte[] signature;
-    private int valid;
-    private static int bodyValid = 0x01;
-    private static int signValid = 0x02;
-
-    /**
-     * Sets the values of the certificate (body and signature).
-     *
-     * @param appSpe is a ASN1ApplicationSpecific object containing body and signature.
-     * @throws IOException if tags or value are incorrect.
-     */
-    private void setPrivateData(ASN1ApplicationSpecific appSpe)
-        throws IOException
-    {
-        valid = 0;
-        if (appSpe.getApplicationTag() == EACTags.CARDHOLDER_CERTIFICATE)
-        {
-            ASN1InputStream content = new ASN1InputStream(appSpe.getContents());
-            ASN1Primitive tmpObj;
-            while ((tmpObj = content.readObject()) != null)
-            {
-                ASN1ApplicationSpecific aSpe;
-                if (tmpObj instanceof ASN1ApplicationSpecific)
-                {
-                    aSpe = (ASN1ApplicationSpecific)tmpObj;
-                    switch (aSpe.getApplicationTag())
-                    {
-                    case EACTags.CERTIFICATE_CONTENT_TEMPLATE:
-                        certificateBody = CertificateBody.getInstance(aSpe);
-                        valid |= bodyValid;
-                        break;
-                    case EACTags.STATIC_INTERNAL_AUTHENTIFICATION_ONE_STEP:
-                        signature = aSpe.getContents();
-                        valid |= signValid;
-                        break;
-                    default:
-                        throw new IOException("Invalid tag, not an Iso7816CertificateStructure :" + aSpe.getApplicationTag());
-                    }
-                }
-                else
-                {
-                    throw new IOException("Invalid Object, not an Iso7816CertificateStructure");
-                }
-            }
-            content.close();
-        }
-        else
-        {
-            throw new IOException("not a CARDHOLDER_CERTIFICATE :" + appSpe.getApplicationTag());
-        }
-
-        if (valid != (signValid | bodyValid))
-        {
-            throw new IOException("invalid CARDHOLDER_CERTIFICATE :" + appSpe.getApplicationTag());
-        }
-    }
-
-    /**
-     * Create an iso7816Certificate structure from an ASN1InputStream.
-     *
-     * @param aIS the byte stream to parse.
-     * @throws IOException if there is a problem parsing the data.
-     */
-    public CVCertificate(ASN1InputStream aIS)
-        throws IOException
-    {
-        initFrom(aIS);
-    }
-
-    private void initFrom(ASN1InputStream aIS)
-        throws IOException
-    {
-        ASN1Primitive obj;
-        while ((obj = aIS.readObject()) != null)
-        {
-            if (obj instanceof ASN1ApplicationSpecific)
-            {
-                setPrivateData((ASN1ApplicationSpecific)obj);
-            }
-            else
-            {
-                throw new IOException("Invalid Input Stream for creating an Iso7816CertificateStructure");
-            }
-        }
-    }
-
-    /**
-     * Create an iso7816Certificate structure from a ASN1ApplicationSpecific.
-     *
-     * @param appSpe the ASN1ApplicationSpecific object.
-     * @return the Iso7816CertificateStructure represented by the ASN1ApplicationSpecific object.
-     * @throws IOException if there is a problem parsing the data.
-     */
-    private CVCertificate(ASN1ApplicationSpecific appSpe)
-        throws IOException
-    {
-        setPrivateData(appSpe);
-    }
-
-    /**
-     * Create an iso7816Certificate structure from a body and its signature.
-     *
-     * @param body the Iso7816CertificateBody object containing the body.
-     * @param signature   the byte array containing the signature
-     * @throws IOException if there is a problem parsing the data.
-     */
-    public CVCertificate(CertificateBody body, byte[] signature)
-        throws IOException
-    {
-        certificateBody = body;
-        this.signature = Arrays.clone(signature);
-        // patch remi
-        valid |= bodyValid;
-        valid |= signValid;
-    }
-
-    /**
-     * Create an iso7816Certificate structure from an object.
-     *
-     * @param obj the Object to extract the certificate from.
-     * @return the Iso7816CertificateStructure represented by the byte stream.
-     */
-    public static CVCertificate getInstance(Object obj)
-    {
-        if (obj instanceof CVCertificate)
-        {
-            return (CVCertificate)obj;
-        }
-        else if (obj != null)
-        {
-            try
-            {
-                return new CVCertificate(ASN1ApplicationSpecific.getInstance(obj));
-            }
-            catch (IOException e)
-            {
-                throw new ASN1ParsingException("unable to parse data: " + e.getMessage(), e);
-            }
-        }
-
-        return null;
-    }
-
-    /**
-     * Gives the signature of the whole body. Type of signature is given in
-     * the Iso7816CertificateBody.Iso7816PublicKey.ASN1ObjectIdentifier
-     *
-     * @return the signature of the body.
-     */
-    public byte[] getSignature()
-    {
-        return Arrays.clone(signature);
-    }
-
-    /**
-     * Gives the body of the certificate.
-     *
-     * @return the body.
-     */
-    public CertificateBody getBody()
-    {
-        return certificateBody;
-    }
-
-    /**
-     * @see org.bouncycastle.asn1.ASN1Object#toASN1Primitive()
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(certificateBody);
-
-        try
-        {
-            v.add(new DERApplicationSpecific(false, EACTags.STATIC_INTERNAL_AUTHENTIFICATION_ONE_STEP, new DEROctetString(signature)));
-        }
-        catch (IOException e)
-        {
-            throw new IllegalStateException("unable to convert signature!");
-        }
-
-        return new DERApplicationSpecific(EACTags.CARDHOLDER_CERTIFICATE, v);
-    }
-
-    /**
-     * @return the Holder authorization and role (CVCA, DV, IS).
-     */
-    public ASN1ObjectIdentifier getHolderAuthorization()
-        throws IOException
-    {
-        CertificateHolderAuthorization cha = certificateBody.getCertificateHolderAuthorization();
-        return cha.getOid();
-    }
-
-    /**
-     * @return the date of the certificate generation
-     */
-    public PackedDate getEffectiveDate()
-        throws IOException
-    {
-        return certificateBody.getCertificateEffectiveDate();
-    }
-
-
-    /**
-     * @return the type of certificate (request or profile)
-     *         value is either Iso7816CertificateBody.profileType
-     *         or Iso7816CertificateBody.requestType. Any other value
-     *         is not valid.
-     */
-    public int getCertificateType()
-    {
-        return this.certificateBody.getCertificateType();
-    }
-
-    /**
-     * @return the date of the certificate generation
-     */
-    public PackedDate getExpirationDate()
-        throws IOException
-    {
-        return certificateBody.getCertificateExpirationDate();
-    }
-
-
-    /**
-     * return a bits field coded on one byte. For signification of the
-     * several bit see Iso7816CertificateHolderAuthorization
-     *
-     * @return role and access rigth
-     * @throws IOException
-     * @see CertificateHolderAuthorization
-     */
-    public int getRole()
-        throws IOException
-    {
-        CertificateHolderAuthorization cha = certificateBody.getCertificateHolderAuthorization();
-        return cha.getAccessRights();
-    }
-
-    /**
-     * @return the Authority Reference field of the certificate
-     * @throws IOException
-     */
-    public CertificationAuthorityReference getAuthorityReference()
-        throws IOException
-    {
-        return certificateBody.getCertificationAuthorityReference();
-    }
-
-    /**
-     * @return the Holder Reference Field of the certificate
-     * @throws IOException
-     */
-    public CertificateHolderReference getHolderReference()
-        throws IOException
-    {
-        return certificateBody.getCertificateHolderReference();
-    }
-
-    /**
-     * @return the bits corresponding to the role intented for the certificate
-     *         See Iso7816CertificateHolderAuthorization static int for values
-     * @throws IOException
-     */
-    public int getHolderAuthorizationRole()
-        throws IOException
-    {
-        int rights = certificateBody.getCertificateHolderAuthorization().getAccessRights();
-        return rights & 0xC0;
-    }
-
-    /**
-     * @return the bits corresponding the authorizations contained in the certificate
-     *         See Iso7816CertificateHolderAuthorization static int for values
-     * @throws IOException
-     */
-    public Flags getHolderAuthorizationRights()
-        throws IOException
-    {
-        return new Flags(certificateBody.getCertificateHolderAuthorization().getAccessRights() & 0x1F);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/eac/CVCertificateRequest.java b/bcprov/src/main/java/org/bouncycastle/asn1/eac/CVCertificateRequest.java
deleted file mode 100644
index 699d482..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/eac/CVCertificateRequest.java
+++ /dev/null

@@ -1,163 +0,0 @@
-package org.bouncycastle.asn1.eac;
-
-import java.io.IOException;
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1ApplicationSpecific;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ParsingException;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.BERTags;
-import org.bouncycastle.asn1.DERApplicationSpecific;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.util.Arrays;
-
-public class CVCertificateRequest
-    extends ASN1Object
-{
-    private final ASN1ApplicationSpecific original;
-
-    private CertificateBody certificateBody;
-
-    private byte[] innerSignature = null;
-    private byte[] outerSignature = null;
-
-    private static final int bodyValid = 0x01;
-    private static final int signValid = 0x02;
-
-    private CVCertificateRequest(ASN1ApplicationSpecific request)
-        throws IOException
-    {
-        this.original = request;
-
-        if (request.isConstructed() && request.getApplicationTag() == EACTags.AUTHENTIFICATION_DATA)
-        {
-            ASN1Sequence seq = ASN1Sequence.getInstance(request.getObject(BERTags.SEQUENCE));
-
-            initCertBody(ASN1ApplicationSpecific.getInstance(seq.getObjectAt(0)));
-
-            outerSignature = ASN1ApplicationSpecific.getInstance(seq.getObjectAt(seq.size() - 1)).getContents();
-        }
-        else
-        {
-            initCertBody(request);
-        }
-    }
-
-    private void initCertBody(ASN1ApplicationSpecific request)
-        throws IOException
-    {
-        if (request.getApplicationTag() == EACTags.CARDHOLDER_CERTIFICATE)
-        {
-            int valid = 0;
-            ASN1Sequence seq = ASN1Sequence.getInstance(request.getObject(BERTags.SEQUENCE));
-            for (Enumeration en = seq.getObjects(); en.hasMoreElements();)
-            {
-                ASN1ApplicationSpecific obj = ASN1ApplicationSpecific.getInstance(en.nextElement());
-                switch (obj.getApplicationTag())
-                {
-                case EACTags.CERTIFICATE_CONTENT_TEMPLATE:
-                    certificateBody = CertificateBody.getInstance(obj);
-                    valid |= bodyValid;
-                    break;
-                case EACTags.STATIC_INTERNAL_AUTHENTIFICATION_ONE_STEP:
-                    innerSignature = obj.getContents();
-                    valid |= signValid;
-                    break;
-                default:
-                    throw new IOException("Invalid tag, not an CV Certificate Request element:" + obj.getApplicationTag());
-                }
-            }
-            if ((valid & (bodyValid | signValid)) == 0)
-            {
-                throw new IOException("Invalid CARDHOLDER_CERTIFICATE in request:" + request.getApplicationTag());
-            }
-        }
-        else
-        {
-            throw new IOException("not a CARDHOLDER_CERTIFICATE in request:" + request.getApplicationTag());
-        }
-    }
-
-    public static CVCertificateRequest getInstance(Object obj)
-    {
-        if (obj instanceof CVCertificateRequest)
-        {
-            return (CVCertificateRequest)obj;
-        }
-        else if (obj != null)
-        {
-            try
-            {
-                return new CVCertificateRequest(ASN1ApplicationSpecific.getInstance(obj));
-            }
-            catch (IOException e)
-            {
-                throw new ASN1ParsingException("unable to parse data: " + e.getMessage(), e);
-            }
-        }
-
-        return null;
-    }
-
-    /**
-     * Returns the body of the certificate template
-     *
-     * @return the body.
-     */
-    public CertificateBody getCertificateBody()
-    {
-        return certificateBody;
-    }
-
-    /**
-     * Return the public key data object carried in the request
-     * @return  the public key
-     */
-    public PublicKeyDataObject getPublicKey()
-    {
-        return certificateBody.getPublicKey();
-    }
-
-    public byte[] getInnerSignature()
-    {
-        return Arrays.clone(innerSignature);
-    }
-
-    public byte[] getOuterSignature()
-    {
-        return Arrays.clone(outerSignature);
-    }
-
-    public boolean hasOuterSignature()
-    {
-        return outerSignature != null;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        if (original != null)
-        {
-            return original;
-        }
-        else
-        {
-            ASN1EncodableVector v = new ASN1EncodableVector();
-
-            v.add(certificateBody);
-
-            try
-            {
-                v.add(new DERApplicationSpecific(false, EACTags.STATIC_INTERNAL_AUTHENTIFICATION_ONE_STEP, new DEROctetString(innerSignature)));
-            }
-            catch (IOException e)
-            {
-                throw new IllegalStateException("unable to convert signature!");
-            }
-
-            return new DERApplicationSpecific(EACTags.CARDHOLDER_CERTIFICATE, v);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/eac/CertificateBody.java b/bcprov/src/main/java/org/bouncycastle/asn1/eac/CertificateBody.java
deleted file mode 100644
index 7bcc241..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/eac/CertificateBody.java
+++ /dev/null

@@ -1,474 +0,0 @@
-package org.bouncycastle.asn1.eac;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1ApplicationSpecific;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.BERTags;
-import org.bouncycastle.asn1.DERApplicationSpecific;
-import org.bouncycastle.asn1.DEROctetString;
-
-
-/**
- * an Iso7816CertificateBody structure.
- * <pre>
- *  CertificateBody ::= SEQUENCE {
- *      // version of the certificate format. Must be 0 (version 1)
- *      CertificateProfileIdentifer         ASN1ApplicationSpecific,
- *      //uniquely identifies the issuinng CA's signature key pair
- *      // contains the iso3166-1 alpha2 encoded country code, the
- *      // name of issuer and the sequence number of the key pair.
- *      CertificationAuthorityReference        ASN1ApplicationSpecific,
- *      // stores the encoded public key
- *      PublicKey                            Iso7816PublicKey,
- *      //associates the public key contained in the certificate with a unique name
- *      // contains the iso3166-1 alpha2 encoded country code, the
- *      // name of the holder and the sequence number of the key pair.
- *      certificateHolderReference            ASN1ApplicationSpecific,
- *      // Encodes the role of the holder (i.e. CVCA, DV, IS) and assigns read/write
- *      // access rights to data groups storing sensitive data
- *      certificateHolderAuthorization        Iso7816CertificateHolderAuthorization,
- *      // the date of the certificate generation
- *      CertificateEffectiveDate            ASN1ApplicationSpecific,
- *      // the date after wich the certificate expires
- *      certificateExpirationDate            ASN1ApplicationSpecific
- *  }
- * </pre>
- */
-public class CertificateBody
-    extends ASN1Object
-{
-    ASN1InputStream seq;
-    private ASN1ApplicationSpecific certificateProfileIdentifier;// version of the certificate format. Must be 0 (version 1)
-    private ASN1ApplicationSpecific certificationAuthorityReference;//uniquely identifies the issuinng CA's signature key pair
-    private PublicKeyDataObject publicKey;// stores the encoded public key
-    private ASN1ApplicationSpecific certificateHolderReference;//associates the public key contained in the certificate with a unique name
-    private CertificateHolderAuthorization certificateHolderAuthorization;// Encodes the role of the holder (i.e. CVCA, DV, IS) and assigns read/write access rights to data groups storing sensitive data
-    private ASN1ApplicationSpecific certificateEffectiveDate;// the date of the certificate generation
-    private ASN1ApplicationSpecific certificateExpirationDate;// the date after wich the certificate expires
-    private int certificateType = 0;// bit field of initialized data. This will tell us if the data are valid.
-    private static final int CPI = 0x01;//certificate Profile Identifier
-    private static final int CAR = 0x02;//certification Authority Reference
-    private static final int PK = 0x04;//public Key
-    private static final int CHR = 0x08;//certificate Holder Reference
-    private static final int CHA = 0x10;//certificate Holder Authorization
-    private static final int CEfD = 0x20;//certificate Effective Date
-    private static final int CExD = 0x40;//certificate Expiration Date
-
-    public static final int profileType = 0x7f;//Profile type Certificate
-    public static final int requestType = 0x0D;// Request type Certificate
-
-    private void setIso7816CertificateBody(ASN1ApplicationSpecific appSpe)
-        throws IOException
-    {
-        byte[] content;
-        if (appSpe.getApplicationTag() == EACTags.CERTIFICATE_CONTENT_TEMPLATE)
-        {
-            content = appSpe.getContents();
-        }
-        else
-        {
-            throw new IOException("Bad tag : not an iso7816 CERTIFICATE_CONTENT_TEMPLATE");
-        }
-        ASN1InputStream aIS = new ASN1InputStream(content);
-        ASN1Primitive obj;
-        while ((obj = aIS.readObject()) != null)
-        {
-            ASN1ApplicationSpecific aSpe;
-
-            if (obj instanceof ASN1ApplicationSpecific)
-            {
-                aSpe = (ASN1ApplicationSpecific)obj;
-            }
-            else
-            {
-                throw new IOException("Not a valid iso7816 content : not a ASN1ApplicationSpecific Object :" + EACTags.encodeTag(appSpe) + obj.getClass());
-            }
-            switch (aSpe.getApplicationTag())
-            {
-            case EACTags.INTERCHANGE_PROFILE:
-                setCertificateProfileIdentifier(aSpe);
-                break;
-            case EACTags.ISSUER_IDENTIFICATION_NUMBER:
-                setCertificationAuthorityReference(aSpe);
-                break;
-            case EACTags.CARDHOLDER_PUBLIC_KEY_TEMPLATE:
-                setPublicKey(PublicKeyDataObject.getInstance(aSpe.getObject(BERTags.SEQUENCE)));
-                break;
-            case EACTags.CARDHOLDER_NAME:
-                setCertificateHolderReference(aSpe);
-                break;
-            case EACTags.CERTIFICATE_HOLDER_AUTHORIZATION_TEMPLATE:
-                setCertificateHolderAuthorization(new CertificateHolderAuthorization(aSpe));
-                break;
-            case EACTags.APPLICATION_EFFECTIVE_DATE:
-                setCertificateEffectiveDate(aSpe);
-                break;
-            case EACTags.APPLICATION_EXPIRATION_DATE:
-                setCertificateExpirationDate(aSpe);
-                break;
-            default:
-                certificateType = 0;
-                throw new IOException("Not a valid iso7816 ASN1ApplicationSpecific tag " + aSpe.getApplicationTag());
-            }
-        }
-        aIS.close();
-    }
-
-    /**
-     * builds an Iso7816CertificateBody by settings each parameters.
-     *
-     * @param certificateProfileIdentifier
-     * @param certificationAuthorityReference
-     *
-     * @param publicKey
-     * @param certificateHolderReference
-     * @param certificateHolderAuthorization
-     * @param certificateEffectiveDate
-     * @param certificateExpirationDate
-     */
-    public CertificateBody(
-        ASN1ApplicationSpecific certificateProfileIdentifier,
-        CertificationAuthorityReference certificationAuthorityReference,
-        PublicKeyDataObject publicKey,
-        CertificateHolderReference certificateHolderReference,
-        CertificateHolderAuthorization certificateHolderAuthorization,
-        PackedDate certificateEffectiveDate,
-        PackedDate certificateExpirationDate
-    )
-    {
-        setCertificateProfileIdentifier(certificateProfileIdentifier);
-        setCertificationAuthorityReference(new DERApplicationSpecific(
-            EACTags.ISSUER_IDENTIFICATION_NUMBER, certificationAuthorityReference.getEncoded()));
-        setPublicKey(publicKey);
-        setCertificateHolderReference(new DERApplicationSpecific(
-            EACTags.CARDHOLDER_NAME, certificateHolderReference.getEncoded()));
-        setCertificateHolderAuthorization(certificateHolderAuthorization);
-        try
-        {
-            setCertificateEffectiveDate(new DERApplicationSpecific(
-                false, EACTags.APPLICATION_EFFECTIVE_DATE, new DEROctetString(certificateEffectiveDate.getEncoding())));
-            setCertificateExpirationDate(new DERApplicationSpecific(
-                false, EACTags.APPLICATION_EXPIRATION_DATE, new DEROctetString(certificateExpirationDate.getEncoding())));
-        }
-        catch (IOException e)
-        {
-            throw new IllegalArgumentException("unable to encode dates: " + e.getMessage());
-        }
-    }
-
-    /**
-     * builds an Iso7816CertificateBody with an ASN1InputStream.
-     *
-     * @param obj ASN1ApplicationSpecific containing the whole body.
-     * @throws IOException if the body is not valid.
-     */
-    private CertificateBody(ASN1ApplicationSpecific obj)
-        throws IOException
-    {
-        setIso7816CertificateBody(obj);
-    }
-
-    /**
-     * create a profile type Iso7816CertificateBody.
-     *
-     * @return return the "profile" type certificate body.
-     * @throws IOException if the ASN1ApplicationSpecific cannot be created.
-     */
-    private ASN1Primitive profileToASN1Object()
-        throws IOException
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(certificateProfileIdentifier);
-        v.add(certificationAuthorityReference);
-        v.add(new DERApplicationSpecific(false, EACTags.CARDHOLDER_PUBLIC_KEY_TEMPLATE, publicKey));
-        v.add(certificateHolderReference);
-        v.add(certificateHolderAuthorization);
-        v.add(certificateEffectiveDate);
-        v.add(certificateExpirationDate);
-        return new DERApplicationSpecific(EACTags.CERTIFICATE_CONTENT_TEMPLATE, v);
-    }
-
-    private void setCertificateProfileIdentifier(ASN1ApplicationSpecific certificateProfileIdentifier)
-        throws IllegalArgumentException
-    {
-        if (certificateProfileIdentifier.getApplicationTag() == EACTags.INTERCHANGE_PROFILE)
-        {
-            this.certificateProfileIdentifier = certificateProfileIdentifier;
-            certificateType |= CPI;
-        }
-        else
-        {
-            throw new IllegalArgumentException("Not an Iso7816Tags.INTERCHANGE_PROFILE tag :" + EACTags.encodeTag(certificateProfileIdentifier));
-        }
-    }
-
-    private void setCertificateHolderReference(ASN1ApplicationSpecific certificateHolderReference)
-        throws IllegalArgumentException
-    {
-        if (certificateHolderReference.getApplicationTag() == EACTags.CARDHOLDER_NAME)
-        {
-            this.certificateHolderReference = certificateHolderReference;
-            certificateType |= CHR;
-        }
-        else
-        {
-            throw new IllegalArgumentException("Not an Iso7816Tags.CARDHOLDER_NAME tag");
-        }
-    }
-
-    /**
-     * set the CertificationAuthorityReference.
-     *
-     * @param certificationAuthorityReference
-     *         the ASN1ApplicationSpecific containing the CertificationAuthorityReference.
-     * @throws IllegalArgumentException if the ASN1ApplicationSpecific is not valid.
-     */
-    private void setCertificationAuthorityReference(
-        ASN1ApplicationSpecific certificationAuthorityReference)
-        throws IllegalArgumentException
-    {
-        if (certificationAuthorityReference.getApplicationTag() == EACTags.ISSUER_IDENTIFICATION_NUMBER)
-        {
-            this.certificationAuthorityReference = certificationAuthorityReference;
-            certificateType |= CAR;
-        }
-        else
-        {
-            throw new IllegalArgumentException("Not an Iso7816Tags.ISSUER_IDENTIFICATION_NUMBER tag");
-        }
-    }
-
-    /**
-     * set the public Key
-     *
-     * @param publicKey : the ASN1ApplicationSpecific containing the public key
-     * @throws java.io.IOException
-     */
-    private void setPublicKey(PublicKeyDataObject publicKey)
-    {
-        this.publicKey = PublicKeyDataObject.getInstance(publicKey);
-        this.certificateType |= PK;
-    }
-
-    /**
-     * create a request type Iso7816CertificateBody.
-     *
-     * @return return the "request" type certificate body.
-     * @throws IOException if the ASN1ApplicationSpecific cannot be created.
-     */
-    private ASN1Primitive requestToASN1Object()
-        throws IOException
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(certificateProfileIdentifier);
-        v.add(new DERApplicationSpecific(false, EACTags.CARDHOLDER_PUBLIC_KEY_TEMPLATE, publicKey));
-        v.add(certificateHolderReference);
-        return new DERApplicationSpecific(EACTags.CERTIFICATE_CONTENT_TEMPLATE, v);
-    }
-
-    /**
-     * create a "request" or "profile" type Iso7816CertificateBody according to the variables sets.
-     *
-     * @return return the ASN1Primitive representing the "request" or "profile" type certificate body.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        try
-        {
-            if (certificateType == profileType)
-            {
-                return profileToASN1Object();
-            }
-            if (certificateType == requestType)
-            {
-                return requestToASN1Object();
-            }
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-        return null;
-    }
-
-    /**
-     * gives the type of the certificate (value should be profileType or requestType if all data are set).
-     *
-     * @return the int representing the data already set.
-     */
-    public int getCertificateType()
-    {
-        return certificateType;
-    }
-
-    /**
-     * Gives an instance of Iso7816CertificateBody taken from Object obj
-     *
-     * @param obj is the Object to extract the certificate body from.
-     * @return the Iso7816CertificateBody taken from Object obj.
-     * @throws IOException if object is not valid.
-     */
-    public static CertificateBody getInstance(Object obj)
-        throws IOException
-    {
-        if (obj instanceof CertificateBody)
-        {
-            return (CertificateBody)obj;
-        }
-        else if (obj != null)
-        {
-            return new CertificateBody(ASN1ApplicationSpecific.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    /**
-     * @return the date of the certificate generation
-     */
-    public PackedDate getCertificateEffectiveDate()
-    {
-        if ((this.certificateType & CertificateBody.CEfD) ==
-            CertificateBody.CEfD)
-        {
-            return new PackedDate(certificateEffectiveDate.getContents());
-        }
-        return null;
-    }
-
-    /**
-     * set the date of the certificate generation
-     *
-     * @param ced ASN1ApplicationSpecific containing the date of the certificate generation
-     * @throws IllegalArgumentException if the tag is not Iso7816Tags.APPLICATION_EFFECTIVE_DATE
-     */
-    private void setCertificateEffectiveDate(ASN1ApplicationSpecific ced)
-        throws IllegalArgumentException
-    {
-        if (ced.getApplicationTag() == EACTags.APPLICATION_EFFECTIVE_DATE)
-        {
-            this.certificateEffectiveDate = ced;
-            certificateType |= CEfD;
-        }
-        else
-        {
-            throw new IllegalArgumentException("Not an Iso7816Tags.APPLICATION_EFFECTIVE_DATE tag :" + EACTags.encodeTag(ced));
-        }
-    }
-
-    /**
-     * @return the date after wich the certificate expires
-     */
-    public PackedDate getCertificateExpirationDate()
-        throws IOException
-    {
-        if ((this.certificateType & CertificateBody.CExD) ==
-            CertificateBody.CExD)
-        {
-            return new PackedDate(certificateExpirationDate.getContents());
-        }
-        throw new IOException("certificate Expiration Date not set");
-    }
-
-    /**
-     * set the date after wich the certificate expires
-     *
-     * @param ced ASN1ApplicationSpecific containing the date after wich the certificate expires
-     * @throws IllegalArgumentException if the tag is not Iso7816Tags.APPLICATION_EXPIRATION_DATE
-     */
-    private void setCertificateExpirationDate(ASN1ApplicationSpecific ced)
-        throws IllegalArgumentException
-    {
-        if (ced.getApplicationTag() == EACTags.APPLICATION_EXPIRATION_DATE)
-        {
-            this.certificateExpirationDate = ced;
-            certificateType |= CExD;
-        }
-        else
-        {
-            throw new IllegalArgumentException("Not an Iso7816Tags.APPLICATION_EXPIRATION_DATE tag");
-        }
-    }
-
-    /**
-     * the Iso7816CertificateHolderAuthorization encodes the role of the holder
-     * (i.e. CVCA, DV, IS) and assigns read/write access rights to data groups
-     * storing sensitive data. This functions returns the Certificate Holder
-     * Authorization
-     *
-     * @return the Iso7816CertificateHolderAuthorization
-     */
-    public CertificateHolderAuthorization getCertificateHolderAuthorization()
-        throws IOException
-    {
-        if ((this.certificateType & CertificateBody.CHA) ==
-            CertificateBody.CHA)
-        {
-            return certificateHolderAuthorization;
-        }
-        throw new IOException("Certificate Holder Authorisation not set");
-    }
-
-    /**
-     * set the CertificateHolderAuthorization
-     *
-     * @param cha the Certificate Holder Authorization
-     */
-    private void setCertificateHolderAuthorization(
-        CertificateHolderAuthorization cha)
-    {
-        this.certificateHolderAuthorization = cha;
-        certificateType |= CHA;
-    }
-
-    /**
-     * certificateHolderReference : associates the public key contained in the certificate with a unique name
-     *
-     * @return the certificateHolderReference.
-     */
-    public CertificateHolderReference getCertificateHolderReference()
-    {
-        return new CertificateHolderReference(certificateHolderReference.getContents());
-    }
-
-    /**
-     * CertificateProfileIdentifier : version of the certificate format. Must be 0 (version 1)
-     *
-     * @return the CertificateProfileIdentifier
-     */
-    public ASN1ApplicationSpecific getCertificateProfileIdentifier()
-    {
-        return certificateProfileIdentifier;
-    }
-
-    /**
-     * get the certificationAuthorityReference
-     * certificationAuthorityReference : uniquely identifies the issuinng CA's signature key pair
-     *
-     * @return the certificationAuthorityReference
-     */
-    public CertificationAuthorityReference getCertificationAuthorityReference()
-        throws IOException
-    {
-        if ((this.certificateType & CertificateBody.CAR) ==
-            CertificateBody.CAR)
-        {
-            return new CertificationAuthorityReference(certificationAuthorityReference.getContents());
-        }
-        throw new IOException("Certification authority reference not set");
-    }
-
-    /**
-     * @return the PublicKey
-     */
-    public PublicKeyDataObject getPublicKey()
-    {
-        return publicKey;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/eac/CertificateHolderAuthorization.java b/bcprov/src/main/java/org/bouncycastle/asn1/eac/CertificateHolderAuthorization.java
deleted file mode 100644
index ad16921..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/eac/CertificateHolderAuthorization.java
+++ /dev/null

@@ -1,184 +0,0 @@
-package org.bouncycastle.asn1.eac;
-
-import java.io.IOException;
-import java.util.Hashtable;
-
-import org.bouncycastle.asn1.ASN1ApplicationSpecific;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DERApplicationSpecific;
-import org.bouncycastle.util.Integers;
-
-/**
- * an Iso7816CertificateHolderAuthorization structure.
- * <pre>
- *  Certificate Holder Authorization ::= SEQUENCE {
- *      // specifies the format and the rules for the evaluation of the authorization
- *      // level
- *      ASN1ObjectIdentifier        oid,
- *      // access rights
- *      DERApplicationSpecific    accessRights,
- *  }
- * </pre>
- */
-public class CertificateHolderAuthorization
-    extends ASN1Object
-{
-    ASN1ObjectIdentifier oid;
-    ASN1ApplicationSpecific accessRights;
-    public static final ASN1ObjectIdentifier id_role_EAC = EACObjectIdentifiers.bsi_de.branch("3.1.2.1");
-    public static final int CVCA = 0xC0;
-    public static final int DV_DOMESTIC = 0x80;
-    public static final int DV_FOREIGN = 0x40;
-    public static final int IS = 0;
-    public static final int RADG4 = 0x02;//Read Access to DG4 (Iris)
-    public static final int RADG3 = 0x01;//Read Access to DG3 (fingerprint)
-
-    static Hashtable RightsDecodeMap = new Hashtable();
-    static BidirectionalMap AuthorizationRole = new BidirectionalMap();
-    static Hashtable ReverseMap = new Hashtable();
-
-    static
-    {
-        RightsDecodeMap.put(Integers.valueOf(RADG4), "RADG4");
-        RightsDecodeMap.put(Integers.valueOf(RADG3), "RADG3");
-
-        AuthorizationRole.put(Integers.valueOf(CVCA), "CVCA");
-        AuthorizationRole.put(Integers.valueOf(DV_DOMESTIC), "DV_DOMESTIC");
-        AuthorizationRole.put(Integers.valueOf(DV_FOREIGN), "DV_FOREIGN");
-        AuthorizationRole.put(Integers.valueOf(IS), "IS");
-
-        /*
-          for (int i : RightsDecodeMap.keySet())
-              ReverseMap.put(RightsDecodeMap.get(i), i);
-
-          for (int i : AuthorizationRole.keySet())
-              ReverseMap.put(AuthorizationRole.get(i), i);
-          */
-    }
-
-    public static String getRoleDescription(int i)
-    {
-        return (String)AuthorizationRole.get(Integers.valueOf(i));
-    }
-
-    public static int getFlag(String description)
-    {
-        Integer i = (Integer)AuthorizationRole.getReverse(description);
-        if (i == null)
-        {
-            throw new IllegalArgumentException("Unknown value " + description);
-        }
-
-        return i.intValue();
-    }
-
-    private void setPrivateData(ASN1InputStream cha)
-        throws IOException
-    {
-        ASN1Primitive obj;
-        obj = cha.readObject();
-        if (obj instanceof ASN1ObjectIdentifier)
-        {
-            this.oid = (ASN1ObjectIdentifier)obj;
-        }
-        else
-        {
-            throw new IllegalArgumentException("no Oid in CerticateHolderAuthorization");
-        }
-        obj = cha.readObject();
-        if (obj instanceof ASN1ApplicationSpecific)
-        {
-            this.accessRights = (ASN1ApplicationSpecific)obj;
-        }
-        else
-        {
-            throw new IllegalArgumentException("No access rights in CerticateHolderAuthorization");
-        }
-    }
-
-
-    /**
-     * create an Iso7816CertificateHolderAuthorization according to the parameters
-     *
-     * @param oid    Object Identifier : specifies the format and the rules for the
-     *               evaluatioin of the authorization level.
-     * @param rights specifies the access rights
-     * @throws IOException
-     */
-    public CertificateHolderAuthorization(ASN1ObjectIdentifier oid, int rights)
-        throws IOException
-    {
-        setOid(oid);
-        setAccessRights((byte)rights);
-    }
-
-    /**
-     * create an Iso7816CertificateHolderAuthorization according to the {@link ASN1ApplicationSpecific}
-     *
-     * @param aSpe the DERApplicationSpecific containing the data
-     * @throws IOException
-     */
-    public CertificateHolderAuthorization(ASN1ApplicationSpecific aSpe)
-        throws IOException
-    {
-        if (aSpe.getApplicationTag() == EACTags.CERTIFICATE_HOLDER_AUTHORIZATION_TEMPLATE)
-        {
-            setPrivateData(new ASN1InputStream(aSpe.getContents()));
-        }
-    }
-
-    /**
-     * @return containing the access rights
-     */
-    public int getAccessRights()
-    {
-        return accessRights.getContents()[0] & 0xff;
-    }
-
-    /**
-     * create a DERApplicationSpecific and set the access rights to "rights"
-     *
-     * @param rights byte containing the rights.
-     */
-    private void setAccessRights(byte rights)
-    {
-        byte[] accessRights = new byte[1];
-        accessRights[0] = rights;
-        this.accessRights = new DERApplicationSpecific(EACTags.DISCRETIONARY_DATA, accessRights);
-    }
-
-    /**
-     * @return the Object identifier
-     */
-    public ASN1ObjectIdentifier getOid()
-    {
-        return oid;
-    }
-
-    /**
-     * set the Object Identifier
-     *
-     * @param oid {@link ASN1ObjectIdentifier} containing the Object Identifier
-     */
-    private void setOid(ASN1ObjectIdentifier oid)
-    {
-        this.oid = oid;
-    }
-
-    /**
-     * return the Certificate Holder Authorization as a DERApplicationSpecific Object
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(oid);
-        v.add(accessRights);
-
-        return new DERApplicationSpecific(EACTags.CERTIFICATE_HOLDER_AUTHORIZATION_TEMPLATE, v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/eac/CertificateHolderReference.java b/bcprov/src/main/java/org/bouncycastle/asn1/eac/CertificateHolderReference.java
deleted file mode 100644
index ec8dec0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/eac/CertificateHolderReference.java
+++ /dev/null

@@ -1,66 +0,0 @@
-package org.bouncycastle.asn1.eac;
-
-import java.io.UnsupportedEncodingException;
-
-public class CertificateHolderReference
-{
-    private static final String ReferenceEncoding = "ISO-8859-1";
-
-    private String countryCode;
-    private String holderMnemonic;
-    private String sequenceNumber;
-
-    public CertificateHolderReference(String countryCode, String holderMnemonic, String sequenceNumber)
-    {
-        this.countryCode = countryCode;
-        this.holderMnemonic = holderMnemonic;
-        this.sequenceNumber = sequenceNumber;
-    }
-
-    CertificateHolderReference(byte[] contents)
-    {
-        try
-        {
-            String concat = new String(contents, ReferenceEncoding);
-
-            this.countryCode = concat.substring(0, 2);
-            this.holderMnemonic = concat.substring(2, concat.length() - 5);
-
-            this.sequenceNumber = concat.substring(concat.length() - 5);
-        }
-        catch (UnsupportedEncodingException e)
-        {
-            throw new IllegalStateException(e.toString());
-        }
-    }
-
-    public String getCountryCode()
-    {
-        return countryCode;
-    }
-
-    public String getHolderMnemonic()
-    {
-        return holderMnemonic;
-    }
-
-    public String getSequenceNumber()
-    {
-        return sequenceNumber;
-    }
-
-
-    public byte[] getEncoded()
-    {
-        String ref = countryCode + holderMnemonic + sequenceNumber;
-
-        try
-        {
-            return ref.getBytes(ReferenceEncoding);
-        }
-        catch (UnsupportedEncodingException e)
-        {
-            throw new IllegalStateException(e.toString());
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/eac/CertificationAuthorityReference.java b/bcprov/src/main/java/org/bouncycastle/asn1/eac/CertificationAuthorityReference.java
deleted file mode 100644
index 7a5dc8a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/eac/CertificationAuthorityReference.java
+++ /dev/null

@@ -1,15 +0,0 @@
-package org.bouncycastle.asn1.eac;
-
-public class CertificationAuthorityReference
-    extends CertificateHolderReference
-{
-    public CertificationAuthorityReference(String countryCode, String holderMnemonic, String sequenceNumber)
-    {
-        super(countryCode, holderMnemonic, sequenceNumber);
-    }
-
-    CertificationAuthorityReference(byte[] contents)
-    {
-        super(contents);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/eac/EACTags.java b/bcprov/src/main/java/org/bouncycastle/asn1/eac/EACTags.java
deleted file mode 100644
index 4643923..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/eac/EACTags.java
+++ /dev/null

@@ -1,209 +0,0 @@
-package org.bouncycastle.asn1.eac;
-
-import org.bouncycastle.asn1.ASN1ApplicationSpecific;
-import org.bouncycastle.asn1.BERTags;
-
-public class EACTags
-{
-    public static final int COUNTRY_CODE_NATIONAL_DATA = 0x01;
-    public static final int ISSUER_IDENTIFICATION_NUMBER = 0x02; //0x42;
-    public static final int CARD_SERVICE_DATA = 0x03;
-    public static final int INITIAL_ACCESS_DATA = 0x04;
-    public static final int CARD_ISSUER_DATA = 0x05;
-    public static final int PRE_ISSUING_DATA = 0x06;
-    public static final int CARD_CAPABILITIES = 0x07;
-    public static final int STATUS_INFORMATION = 0x08;
-    public static final int EXTENDED_HEADER_LIST = 0x0D;
-    public static final int APPLICATION_IDENTIFIER = 0x0F;
-    public static final int APPLICATION_LABEL = 0x10;
-    public static final int FILE_REFERENCE = 0x11;           // 0x51
-    public static final int COMMAND_TO_PERFORM = 0x12;
-    public static final int DISCRETIONARY_DATA = 0x13;
-    public static final int OFFSET_DATA_OBJECT = 0x14;
-    public static final int TRACK1_APPLICATION = 0x16;
-    public static final int TRACK2_APPLICATION = 0x17;
-    public static final int TRACK3_APPLICATION = 0x18;
-    public static final int CARD_EXPIRATION_DATA = 0x19;
-    public static final int PRIMARY_ACCOUNT_NUMBER = 0x1A;// PAN
-    public static final int NAME = 0x1B;
-    public static final int TAG_LIST = 0x1C;
-    public static final int HEADER_LIST = 0x1D;
-    public static final int LOGIN_DATA = 0x1E;
-    public static final int CARDHOLDER_NAME = 0x20; // 0x5F20;
-    public static final int TRACK1_CARD = 0x21;
-    public static final int TRACK2_CARD = 0x22;
-    public static final int TRACK3_CARD = 0x23;
-    public static final int APPLICATION_EXPIRATION_DATE = 0x24; // 0x5F24;
-    public static final int APPLICATION_EFFECTIVE_DATE = 0x25; // 0x5F25;
-    public static final int CARD_EFFECTIVE_DATE = 0x26;
-    public static final int INTERCHANGE_CONTROL = 0x27;
-    public static final int COUNTRY_CODE = 0x28;
-    public static final int INTERCHANGE_PROFILE = 0x29; // 0x5F29;
-    public static final int CURRENCY_CODE = 0x2A;
-    public static final int DATE_OF_BIRTH = 0x2B;
-    public static final int CARDHOLDER_NATIONALITY = 0x2C;
-    public static final int LANGUAGE_PREFERENCES = 0x2D;
-    public static final int CARDHOLDER_BIOMETRIC_DATA = 0x2E;
-    public static final int PIN_USAGE_POLICY = 0x2F;
-    public static final int SERVICE_CODE = 0x30;
-    public static final int TRANSACTION_COUNTER = 0x32;
-    public static final int TRANSACTION_DATE = 0x33;
-    public static final int CARD_SEQUENCE_NUMBER = 0x34;
-    public static final int SEX = 0x35;
-    public static final int CURRENCY_EXPONENT = 0x36;
-    public static final int STATIC_INTERNAL_AUTHENTIFICATION_ONE_STEP = 0x37;    // 0x5F37;
-    public static final int SIGNATURE = 0x37;                                    // 0x5F37
-    public static final int STATIC_INTERNAL_AUTHENTIFICATION_FIRST_DATA = 0x38;  // 0x5F38
-    public static final int STATIC_INTERNAL_AUTHENTIFICATION_SECOND_DATA = 0x39; // 0x5F39
-    public static final int DYNAMIC_INTERNAL_AUTHENTIFICATION = 0x3A;            // 0x5F3A
-    public static final int DYNAMIC_EXTERNAL_AUTHENTIFICATION = 0x3B;            // 0x5F3B
-    public static final int DYNAMIC_MUTUAL_AUTHENTIFICATION = 0x3C;              // 0x5F3C
-    public static final int CARDHOLDER_PORTRAIT_IMAGE = 0x40;                    // 0x5F40
-    public static final int ELEMENT_LIST = 0x41;                                 // 0x5F41
-    public static final int ADDRESS = 0x42;                                      // 0x5F42
-    public static final int CARDHOLDER_HANDWRITTEN_SIGNATURE = 0x43;             // 0x5F43
-    public static final int APPLICATION_IMAGE = 0x44;                            // 0x5F44
-    public static final int DISPLAY_IMAGE = 0x45;                                // 0x5F45
-    public static final int TIMER = 0x46;                                        // 0x5F46
-    public static final int MESSAGE_REFERENCE = 0x47;                            // 0x5F47
-    public static final int CARDHOLDER_PRIVATE_KEY = 0x48;                       // 0x5F48
-    public static final int CARDHOLDER_PUBLIC_KEY = 0x49;                        // 0x5F49
-    public static final int CERTIFICATION_AUTHORITY_PUBLIC_KEY = 0x4A;           // 0x5F4A
-    public static final int DEPRECATED = 0x4B;                                   // 0x5F4B
-    public static final int CERTIFICATE_HOLDER_AUTHORIZATION = 0x4C;    // 0x5F4C Not yet defined in iso7816. The allocation is requested
-    public static final int INTEGRATED_CIRCUIT_MANUFACTURER_ID = 0x4D;  // 0x5F4D
-    public static final int CERTIFICATE_CONTENT = 0x4E;                 // 0x5F4E
-    public static final int UNIFORM_RESOURCE_LOCATOR = 0x50;            // 0x5F50
-    public static final int ANSWER_TO_RESET = 0x51;                     // 0x5F51
-    public static final int HISTORICAL_BYTES = 0x52;                    // 0x5F52
-    public static final int DIGITAL_SIGNATURE = 0x3D;                   // 0x5F3D
-    public static final int APPLICATION_TEMPLATE = 0x01;                // 0x61
-    public static final int FCP_TEMPLATE = 0x02;                        // 0x62
-    public static final int WRAPPER = 0x03;                             // 0x63
-    public static final int FMD_TEMPLATE = 0x04;                        // 0x64
-    public static final int CARDHOLDER_RELATIVE_DATA = 0x05;            // 0x65
-    public static final int CARD_DATA = 0x06;                           // 0x66
-    public static final int AUTHENTIFICATION_DATA = 0x07;               // 0x67
-    public static final int SPECIAL_USER_REQUIREMENTS = 0x08;           // 0x68
-    public static final int LOGIN_TEMPLATE = 0x0A;                      // 0x6A
-    public static final int QUALIFIED_NAME = 0x0B;                      // 0x6B
-    public static final int CARDHOLDER_IMAGE_TEMPLATE = 0x0C;           // 0x6C
-    public static final int APPLICATION_IMAGE_TEMPLATE = 0x0D;          // 0x6D
-    public static final int APPLICATION_RELATED_DATA = 0x0E;            // 0x6E
-    public static final int FCI_TEMPLATE = 0x0F;                        // 0x6F
-    public static final int DISCRETIONARY_DATA_OBJECTS = 0x13;          // 0x73
-    public static final int COMPATIBLE_TAG_ALLOCATION_AUTHORITY = 0x18; // 0x78
-    public static final int COEXISTANT_TAG_ALLOCATION_AUTHORITY = 0x19; // 0x79
-    public static final int SECURITY_SUPPORT_TEMPLATE = 0x1A;           // 0x7A
-    public static final int SECURITY_ENVIRONMENT_TEMPLATE = 0x1B;       // 0x7B
-    public static final int DYNAMIC_AUTHENTIFICATION_TEMPLATE = 0x1C;   // 0x7C
-    public static final int SECURE_MESSAGING_TEMPLATE = 0x1D;           // 0x7D
-    public static final int NON_INTERINDUSTRY_DATA_OBJECT_NESTING_TEMPLATE = 0x1E; // 0x7E
-    public static final int DISPLAY_CONTROL = 0x20;                           // 0x7F20
-    public static final int CARDHOLDER_CERTIFICATE = 0x21;                    // 0x7F21;
-    public static final int CV_CERTIFICATE = 0x21;                            // 0x7F21;
-    public static final int CARDHOLER_REQUIREMENTS_INCLUDED_FEATURES = 0x22;  // 0x7F22;
-    public static final int CARDHOLER_REQUIREMENTS_EXCLUDED_FEATURES = 0x23;  // 0x7F23;
-    public static final int BIOMETRIC_DATA_TEMPLATE = 0x2E;                   // 0x7F2E;
-    public static final int DIGITAL_SIGNATURE_BLOCK = 0x3D;                   // 0x7F3D;
-    public static final int CARDHOLDER_PRIVATE_KEY_TEMPLATE = 0x48;           // 0x7F48;
-    public static final int CARDHOLDER_PUBLIC_KEY_TEMPLATE = 0x49;            // 0x7F49;
-    public static final int CERTIFICATE_HOLDER_AUTHORIZATION_TEMPLATE = 0x4C; // 0x7F4C;
-    public static final int CERTIFICATE_CONTENT_TEMPLATE = 0x4E;              // 0x7F4E;
-    public static final int CERTIFICATE_BODY = 0x4E;                          // 0x7F4E;
-    public static final int BIOMETRIC_INFORMATION_TEMPLATE = 0x00;            // 0x60
-    public static final int BIOMETRIC_INFORMATION_GROUP_TEMPLATE = 0x01;      // 0x61
-
-    public static int getTag(int encodedTag)
-    {
-        /*
-        int i;
-        for (i = 24; i>=0; i-=8) {
-            if (((0xFF<<i) & tag) != 0)
-                return (((0xFF<<i) & tag) >> i);
-        }
-        return 0;
-        */
-        return decodeTag(encodedTag);
-    }
-
-    public static int getTagNo(int tag)
-    {
-        int i;
-        for (i = 24; i >= 0; i -= 8)
-        {
-            if (((0xFF << i) & tag) != 0)
-            {
-                return ((~(0xFF << i)) & tag);
-            }
-        }
-        return 0;
-    }
-
-    public static int encodeTag(ASN1ApplicationSpecific spec)
-    {
-        int retValue = BERTags.APPLICATION;
-        boolean constructed = spec.isConstructed();
-        if (constructed)
-        {
-            retValue |= BERTags.CONSTRUCTED;
-        }
-
-        int tag = spec.getApplicationTag();
-
-        if (tag > 31)
-        {
-            retValue |= 0x1F;
-            retValue <<= 8;
-
-            int currentByte = tag & 0x7F;
-            retValue |= currentByte;
-            tag >>= 7;
-
-            while (tag > 0)
-            {
-                retValue |= 0x80;
-                retValue <<= 8;
-
-                currentByte = tag & 0x7F;
-                retValue |= currentByte;
-                tag >>= 7;
-            }
-        }
-        else
-        {
-            retValue |= tag;
-        }
-
-        return retValue;
-    }
-
-    public static int decodeTag(int tag)
-    {
-        int retValue = 0;
-        boolean multiBytes = false;
-        for (int i = 24; i >= 0; i -= 8)
-        {
-            int currentByte = tag >> i & 0xFF;
-            if (currentByte == 0)
-            {
-                continue;
-            }
-
-            if (multiBytes)
-            {
-                retValue <<= 7;
-                retValue |= currentByte & 0x7F;
-            }
-            else if ((currentByte & 0x1F) == 0x1F)
-            {
-                multiBytes = true;
-            }
-            else
-            {
-                return currentByte & 0x1F; // higher order bit are for DER.Constructed and type
-            }
-        }
-        return retValue;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/eac/ECDSAPublicKey.java b/bcprov/src/main/java/org/bouncycastle/asn1/eac/ECDSAPublicKey.java
deleted file mode 100644
index 9ccf08f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/eac/ECDSAPublicKey.java
+++ /dev/null

@@ -1,341 +0,0 @@
-package org.bouncycastle.asn1.eac;
-
-import java.math.BigInteger;
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.util.Arrays;
-
-/**
- * an Iso7816ECDSAPublicKeyStructure structure.
- * <pre>
- *  Certificate Holder Authorization ::= SEQUENCE {
- *      ASN1TaggedObject primeModulusP;        // OPTIONAL
- *      ASN1TaggedObject firstCoefA;            // OPTIONAL
- *      ASN1TaggedObject secondCoefB;        // OPTIONAL
- *      ASN1TaggedObject basePointG;            // OPTIONAL
- *      ASN1TaggedObject orderOfBasePointR;    // OPTIONAL
- *      ASN1TaggedObject publicPointY;        //REQUIRED
- *      ASN1TaggedObject    cofactorF;            // OPTIONAL
- *  }
- * </pre>
- */
-public class ECDSAPublicKey
-    extends PublicKeyDataObject
-{
-    private ASN1ObjectIdentifier usage;
-    private BigInteger primeModulusP;        // OPTIONAL
-    private BigInteger firstCoefA;            // OPTIONAL
-    private BigInteger secondCoefB;        // OPTIONAL
-    private byte[]     basePointG;            // OPTIONAL
-    private BigInteger orderOfBasePointR;    // OPTIONAL
-    private byte[]     publicPointY;        //REQUIRED
-    private BigInteger cofactorF;            // OPTIONAL
-    private int options;
-    private static final int P = 0x01;
-    private static final int A = 0x02;
-    private static final int B = 0x04;
-    private static final int G = 0x08;
-    private static final int R = 0x10;
-    private static final int Y = 0x20;
-    private static final int F = 0x40;
-
-    ECDSAPublicKey(ASN1Sequence seq)
-        throws IllegalArgumentException
-    {
-        Enumeration en = seq.getObjects();
-
-        this.usage = ASN1ObjectIdentifier.getInstance(en.nextElement());
-
-        options = 0;
-        while (en.hasMoreElements())
-        {
-            Object obj = en.nextElement();
-            
-            if (obj instanceof ASN1TaggedObject)
-            {
-                ASN1TaggedObject to = (ASN1TaggedObject)obj;
-                switch (to.getTagNo())
-                {
-                case 0x1:
-                    setPrimeModulusP(UnsignedInteger.getInstance(to).getValue());
-                    break;
-                case 0x2:
-                    setFirstCoefA(UnsignedInteger.getInstance(to).getValue());
-                    break;
-                case 0x3:
-                    setSecondCoefB(UnsignedInteger.getInstance(to).getValue());
-                    break;
-                case 0x4:
-                    setBasePointG(ASN1OctetString.getInstance(to, false));
-                    break;
-                case 0x5:
-                    setOrderOfBasePointR(UnsignedInteger.getInstance(to).getValue());
-                    break;
-                case 0x6:
-                    setPublicPointY(ASN1OctetString.getInstance(to, false));
-                    break;
-                case 0x7:
-                    setCofactorF(UnsignedInteger.getInstance(to).getValue());
-                    break;
-                default:
-                    options = 0;
-                    throw new IllegalArgumentException("Unknown Object Identifier!");
-                }
-            }
-            else
-            {
-                throw new IllegalArgumentException("Unknown Object Identifier!");
-            }
-        }
-        if (options != 0x20 && options != 0x7F)
-        {
-            throw new IllegalArgumentException("All options must be either present or absent!");
-        }
-    }
-
-    public ECDSAPublicKey(ASN1ObjectIdentifier usage, byte[] ppY)
-        throws IllegalArgumentException
-    {
-        this.usage = usage;
-        setPublicPointY(new DEROctetString(ppY));
-    }
-
-    public ECDSAPublicKey(ASN1ObjectIdentifier usage, BigInteger p, BigInteger a, BigInteger b, byte[] basePoint, BigInteger order, byte[] publicPoint, int cofactor)
-    {
-        this.usage = usage;
-        setPrimeModulusP(p);
-        setFirstCoefA(a);
-        setSecondCoefB(b);
-        setBasePointG(new DEROctetString(basePoint));
-        setOrderOfBasePointR(order);
-        setPublicPointY(new DEROctetString(publicPoint));
-        setCofactorF(BigInteger.valueOf(cofactor));
-    }
-
-    public ASN1ObjectIdentifier getUsage()
-    {
-        return usage;
-    }
-
-    public byte[] getBasePointG()
-    {
-        if ((options & G) != 0)
-        {
-            return Arrays.clone(basePointG);
-        }
-        else
-        {
-            return null;
-        }
-    }
-
-    private void setBasePointG(ASN1OctetString basePointG)
-        throws IllegalArgumentException
-    {
-        if ((options & G) == 0)
-        {
-            options |= G;
-            this.basePointG = basePointG.getOctets();
-        }
-        else
-        {
-            throw new IllegalArgumentException("Base Point G already set");
-        }
-    }
-
-    public BigInteger getCofactorF()
-    {
-        if ((options & F) != 0)
-        {
-            return cofactorF;
-        }
-        else
-        {
-            return null;
-        }
-    }
-
-    private void setCofactorF(BigInteger cofactorF)
-        throws IllegalArgumentException
-    {
-        if ((options & F) == 0)
-        {
-            options |= F;
-            this.cofactorF = cofactorF;
-        }
-        else
-        {
-            throw new IllegalArgumentException("Cofactor F already set");
-        }
-    }
-
-    public BigInteger getFirstCoefA()
-    {
-        if ((options & A) != 0)
-        {
-            return firstCoefA;
-        }
-        else
-        {
-            return null;
-        }
-    }
-
-    private void setFirstCoefA(BigInteger firstCoefA)
-        throws IllegalArgumentException
-    {
-        if ((options & A) == 0)
-        {
-            options |= A;
-            this.firstCoefA = firstCoefA;
-        }
-        else
-        {
-            throw new IllegalArgumentException("First Coef A already set");
-        }
-    }
-
-    public BigInteger getOrderOfBasePointR()
-    {
-        if ((options & R) != 0)
-        {
-            return orderOfBasePointR;
-        }
-        else
-        {
-            return null;
-        }
-    }
-
-    private void setOrderOfBasePointR(BigInteger orderOfBasePointR)
-        throws IllegalArgumentException
-    {
-        if ((options & R) == 0)
-        {
-            options |= R;
-            this.orderOfBasePointR = orderOfBasePointR;
-        }
-        else
-        {
-            throw new IllegalArgumentException("Order of base point R already set");
-        }
-    }
-
-    public BigInteger getPrimeModulusP()
-    {
-        if ((options & P) != 0)
-        {
-            return primeModulusP;
-        }
-        else
-        {
-            return null;
-        }
-    }
-
-    private void setPrimeModulusP(BigInteger primeModulusP)
-    {
-        if ((options & P) == 0)
-        {
-            options |= P;
-            this.primeModulusP = primeModulusP;
-        }
-        else
-        {
-            throw new IllegalArgumentException("Prime Modulus P already set");
-        }
-    }
-
-    public byte[] getPublicPointY()
-    {
-        if ((options & Y) != 0)
-        {
-            return Arrays.clone(publicPointY);
-        }
-        else
-        {
-            return null;
-        }
-    }
-
-    private void setPublicPointY(ASN1OctetString publicPointY)
-        throws IllegalArgumentException
-    {
-        if ((options & Y) == 0)
-        {
-            options |= Y;
-            this.publicPointY = publicPointY.getOctets();
-        }
-        else
-        {
-            throw new IllegalArgumentException("Public Point Y already set");
-        }
-    }
-
-    public BigInteger getSecondCoefB()
-    {
-        if ((options & B) != 0)
-        {
-            return secondCoefB;
-        }
-        else
-        {
-            return null;
-        }
-    }
-
-    private void setSecondCoefB(BigInteger secondCoefB)
-        throws IllegalArgumentException
-    {
-        if ((options & B) == 0)
-        {
-            options |= B;
-            this.secondCoefB = secondCoefB;
-        }
-        else
-        {
-            throw new IllegalArgumentException("Second Coef B already set");
-        }
-    }
-
-    public boolean hasParameters()
-    {
-        return primeModulusP != null;
-    }
-
-    public ASN1EncodableVector getASN1EncodableVector(ASN1ObjectIdentifier oid, boolean publicPointOnly)
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        v.add(oid);
-
-        if (!publicPointOnly)
-        {
-            v.add(new UnsignedInteger(0x01, getPrimeModulusP()));
-            v.add(new UnsignedInteger(0x02, getFirstCoefA()));
-            v.add(new UnsignedInteger(0x03, getSecondCoefB()));
-            v.add(new DERTaggedObject(false, 0x04, new DEROctetString(getBasePointG())));
-            v.add(new UnsignedInteger(0x05, getOrderOfBasePointR()));
-        }
-        v.add(new DERTaggedObject(false, 0x06, new DEROctetString(getPublicPointY())));
-        if (!publicPointOnly)
-        {
-            v.add(new UnsignedInteger(0x07, getCofactorF()));
-        }
-
-        return v;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return new DERSequence(getASN1EncodableVector(usage, !hasParameters()));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/eac/Flags.java b/bcprov/src/main/java/org/bouncycastle/asn1/eac/Flags.java
deleted file mode 100644
index e8dfbbe..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/eac/Flags.java
+++ /dev/null

@@ -1,96 +0,0 @@
-package org.bouncycastle.asn1.eac;
-
-import java.util.Enumeration;
-import java.util.Hashtable;
-
-
-public class Flags
-{
-
-    int value = 0;
-
-    public Flags()
-    {
-
-    }
-
-    public Flags(int v)
-    {
-        value = v;
-    }
-
-    public void set(int flag)
-    {
-        value |= flag;
-    }
-
-    public boolean isSet(int flag)
-    {
-        return (value & flag) != 0;
-    }
-
-    public int getFlags()
-    {
-        return value;
-    }
-
-    /* Java 1.5
-     String decode(Map<Integer, String> decodeMap)
-     {
-         StringJoiner joiner = new StringJoiner(" ");
-         for (int i : decodeMap.keySet())
-         {
-             if (isSet(i))
-                 joiner.add(decodeMap.get(i));
-         }
-         return joiner.toString();
-     }
-     */
-
-    String decode(Hashtable decodeMap)
-    {
-        StringJoiner joiner = new StringJoiner(" ");
-        Enumeration e = decodeMap.keys();
-        while (e.hasMoreElements())
-        {
-            Integer i = (Integer)e.nextElement();
-            if (isSet(i.intValue()))
-            {
-                joiner.add((String)decodeMap.get(i));
-            }
-        }
-        return joiner.toString();
-    }
-
-    private static class StringJoiner
-    {
-
-        String mSeparator;
-        boolean First = true;
-        StringBuffer b = new StringBuffer();
-
-        public StringJoiner(String separator)
-        {
-            mSeparator = separator;
-        }
-
-        public void add(String str)
-        {
-            if (First)
-            {
-                First = false;
-            }
-            else
-            {
-                b.append(mSeparator);
-            }
-
-            b.append(str);
-        }
-
-        public String toString()
-        {
-            return b.toString();
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/eac/PackedDate.java b/bcprov/src/main/java/org/bouncycastle/asn1/eac/PackedDate.java
deleted file mode 100644
index 143040b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/eac/PackedDate.java
+++ /dev/null

@@ -1,124 +0,0 @@
-package org.bouncycastle.asn1.eac;
-
-import java.text.ParseException;
-import java.text.SimpleDateFormat;
-import java.util.Date;
-import java.util.Locale;
-import java.util.SimpleTimeZone;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * EAC encoding date object
- */
-public class PackedDate
-{
-    private byte[]      time;
-
-    public PackedDate(
-        String time)
-    {
-        this.time = convert(time);
-    }
-
-    /**
-     * Base constructor from a java.util.date object.
-     *
-     * @param time a date object representing the time of interest.
-     */
-    public PackedDate(
-        Date time)
-    {
-        SimpleDateFormat dateF = new SimpleDateFormat("yyMMdd'Z'");
-
-        dateF.setTimeZone(new SimpleTimeZone(0,"Z"));
-
-        this.time = convert(dateF.format(time));
-    }
-
-    /**
-     * Base constructor from a java.util.date object. You may need to use this constructor if the default locale
-     * doesn't use a Gregorian calender so that the PackedDate produced is compatible with other ASN.1 implementations.
-     *
-     * @param time a date object representing the time of interest.
-     * @param locale an appropriate Locale for producing an ASN.1 GeneralizedTime value.
-     */
-    public PackedDate(
-        Date time,
-        Locale locale)
-    {
-        SimpleDateFormat dateF = new SimpleDateFormat("yyMMdd'Z'", locale);
-
-        dateF.setTimeZone(new SimpleTimeZone(0,"Z"));
-
-        this.time = convert(dateF.format(time));
-    }
-
-    private byte[] convert(String sTime)
-    {
-        char[] digs = sTime.toCharArray();
-        byte[] date = new byte[6];
-
-        for (int i = 0; i != 6; i++)
-        {
-            date[i] = (byte)(digs[i] - '0');
-        }
-
-        return date;
-    }
-
-    PackedDate(
-        byte[] bytes)
-    {
-        this.time = bytes;
-    }
-
-    /**
-     * return the time as a date based on whatever a 2 digit year will return. For
-     * standardised processing use getAdjustedDate().
-     *
-     * @return the resulting date
-     * @exception java.text.ParseException if the date string cannot be parsed.
-     */
-    public Date getDate()
-        throws ParseException
-    {
-        SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMdd");
-
-        return dateF.parse("20" + toString());
-    }
-
-    public int hashCode()
-    {
-        return Arrays.hashCode(time);
-    }
-
-    public boolean equals(Object o)
-    {
-        if (!(o instanceof PackedDate))
-        {
-            return false;
-        }
-
-        PackedDate other = (PackedDate)o;
-
-        return Arrays.areEqual(time, other.time);
-    }
-
-    public String toString() 
-    {
-        char[]  dateC = new char[time.length];
-
-        for (int i = 0; i != dateC.length; i++)
-        {
-            dateC[i] = (char)((time[i] & 0xff) + '0');
-        }
-
-        return new String(dateC);
-    }
-
-    public byte[] getEncoding()
-    {
-        return Arrays.clone(time);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/eac/PublicKeyDataObject.java b/bcprov/src/main/java/org/bouncycastle/asn1/eac/PublicKeyDataObject.java
deleted file mode 100644
index 40ad3bb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/eac/PublicKeyDataObject.java
+++ /dev/null

@@ -1,35 +0,0 @@
-package org.bouncycastle.asn1.eac;
-
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Sequence;
-
-public abstract class PublicKeyDataObject
-    extends ASN1Object
-{
-    public static PublicKeyDataObject getInstance(Object obj)
-    {
-        if (obj instanceof PublicKeyDataObject)
-        {
-            return (PublicKeyDataObject)obj;
-        }
-        if (obj != null)
-        {
-            ASN1Sequence seq = ASN1Sequence.getInstance(obj);
-            ASN1ObjectIdentifier usage = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
-
-            if (usage.on(EACObjectIdentifiers.id_TA_ECDSA))
-            {
-                return new ECDSAPublicKey(seq);
-            }
-            else
-            {
-                return new RSAPublicKey(seq);
-            }
-        }
-
-        return null;
-    }
-
-    public abstract ASN1ObjectIdentifier getUsage();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/eac/RSAPublicKey.java b/bcprov/src/main/java/org/bouncycastle/asn1/eac/RSAPublicKey.java
deleted file mode 100644
index 3e1727e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/eac/RSAPublicKey.java
+++ /dev/null

@@ -1,120 +0,0 @@
-package org.bouncycastle.asn1.eac;
-
-import java.math.BigInteger;
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-
-/**
- * an Iso7816RSAPublicKeyStructure structure.
- * <pre>
- *  Certificate Holder Authorization ::= SEQUENCE {
- *      // modulus should be at least 1024bit and a multiple of 512.
- *      DERTaggedObject        modulus,
- *      // access rights    exponent
- *      DERTaggedObject    accessRights,
- *  }
- * </pre>
- */
-public class RSAPublicKey
-    extends PublicKeyDataObject
-{
-    private ASN1ObjectIdentifier usage;
-    private BigInteger modulus;
-    private BigInteger exponent;
-    private int valid = 0;
-    private static int modulusValid = 0x01;
-    private static int exponentValid = 0x02;
-
-    RSAPublicKey(ASN1Sequence seq)
-    {
-        Enumeration en = seq.getObjects();
-
-        this.usage = ASN1ObjectIdentifier.getInstance(en.nextElement());
-
-        while (en.hasMoreElements())
-        {
-            UnsignedInteger val = UnsignedInteger.getInstance(en.nextElement());
-
-            switch (val.getTagNo())
-            {
-            case 0x1:
-                setModulus(val);
-                break;
-            case 0x2:
-                setExponent(val);
-                break;
-            default:
-                throw new IllegalArgumentException("Unknown DERTaggedObject :" + val.getTagNo() + "-> not an Iso7816RSAPublicKeyStructure");
-            }
-        }
-        if (valid != 0x3)
-        {
-            throw new IllegalArgumentException("missing argument -> not an Iso7816RSAPublicKeyStructure");
-        }
-    }
-
-    public RSAPublicKey(ASN1ObjectIdentifier usage, BigInteger modulus, BigInteger exponent)
-    {
-        this.usage = usage;
-        this.modulus = modulus;
-        this.exponent = exponent;
-    }
-
-    public ASN1ObjectIdentifier getUsage()
-    {
-        return usage;
-    }
-
-    public BigInteger getModulus()
-    {
-        return modulus;
-    }
-
-    public BigInteger getPublicExponent()
-    {
-        return exponent;
-    }
-
-    private void setModulus(UnsignedInteger modulus)
-    {
-        if ((valid & modulusValid) == 0)
-        {
-            valid |= modulusValid;
-            this.modulus = modulus.getValue();
-        }
-        else
-        {
-            throw new IllegalArgumentException("Modulus already set");
-        }
-    }
-
-    private void setExponent(UnsignedInteger exponent)
-    {
-        if ((valid & exponentValid) == 0)
-        {
-            valid |= exponentValid;
-            this.exponent = exponent.getValue();
-        }
-        else
-        {
-            throw new IllegalArgumentException("Exponent already set");
-        }
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(usage);
-        v.add(new UnsignedInteger(0x01, getModulus()));
-        v.add(new UnsignedInteger(0x02, getPublicExponent()));
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/eac/UnsignedInteger.java b/bcprov/src/main/java/org/bouncycastle/asn1/eac/UnsignedInteger.java
deleted file mode 100644
index 64a9142..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/eac/UnsignedInteger.java
+++ /dev/null

@@ -1,74 +0,0 @@
-package org.bouncycastle.asn1.eac;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERTaggedObject;
-
-public class UnsignedInteger
-    extends ASN1Object
-{
-    private int tagNo;
-    private BigInteger value;
-
-    public UnsignedInteger(int tagNo, BigInteger value)
-    {
-        this.tagNo = tagNo;
-        this.value = value;
-    }
-
-    private UnsignedInteger(ASN1TaggedObject obj)
-    {
-        this.tagNo = obj.getTagNo();
-        this.value = new BigInteger(1, ASN1OctetString.getInstance(obj, false).getOctets());
-    }
-
-    public static UnsignedInteger getInstance(Object obj)
-    {
-        if (obj instanceof  UnsignedInteger)
-        {
-            return (UnsignedInteger)obj;
-        }
-        if (obj != null)
-        {
-            return new UnsignedInteger(ASN1TaggedObject.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private byte[] convertValue()
-    {
-        byte[] v = value.toByteArray();
-
-        if (v[0] == 0)
-        {
-            byte[] tmp = new byte[v.length - 1];
-
-            System.arraycopy(v, 1, tmp, 0, tmp.length);
-
-            return tmp;
-        }
-
-        return v;
-    }
-
-    public int getTagNo()
-    {
-        return tagNo;
-    }
-
-    public BigInteger getValue()
-    {
-        return value;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return new DERTaggedObject(false, tagNo, new DEROctetString(convertValue()));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/eac/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/eac/package.html
deleted file mode 100644
index 360d598..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/eac/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-ASN.1 classes specific to the Bundesamt f&uuml;r Sicherheit in der Informationstechnik (BSI) Technical Guideline Advanced Security Mechanisms for Machine Readable Travel Documents.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/edec/EdECObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/edec/EdECObjectIdentifiers.java
deleted file mode 100644
index 0ff7f38..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/edec/EdECObjectIdentifiers.java
+++ /dev/null

@@ -1,16 +0,0 @@
-package org.bouncycastle.asn1.edec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-
-/**
- * Edwards Elliptic Curve Object Identifiers (RFC 8410)
- */
-public interface EdECObjectIdentifiers
-{
-    ASN1ObjectIdentifier id_edwards_curve_algs      = new ASN1ObjectIdentifier("1.3.101");
-
-    ASN1ObjectIdentifier id_X25519 = id_edwards_curve_algs.branch("110").intern();
-    ASN1ObjectIdentifier id_X448 = id_edwards_curve_algs.branch("111").intern();
-    ASN1ObjectIdentifier id_Ed25519 = id_edwards_curve_algs.branch("112").intern();
-    ASN1ObjectIdentifier id_Ed448 = id_edwards_curve_algs.branch("113").intern();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/CommitmentTypeIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/esf/CommitmentTypeIdentifier.java
deleted file mode 100644
index be52e45..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/esf/CommitmentTypeIdentifier.java
+++ /dev/null

@@ -1,14 +0,0 @@
-package org.bouncycastle.asn1.esf;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-
-public interface CommitmentTypeIdentifier
-{
-    public static final ASN1ObjectIdentifier proofOfOrigin = PKCSObjectIdentifiers.id_cti_ets_proofOfOrigin;
-    public static final ASN1ObjectIdentifier proofOfReceipt = PKCSObjectIdentifiers.id_cti_ets_proofOfReceipt;
-    public static final ASN1ObjectIdentifier proofOfDelivery = PKCSObjectIdentifiers.id_cti_ets_proofOfDelivery;
-    public static final ASN1ObjectIdentifier proofOfSender = PKCSObjectIdentifiers.id_cti_ets_proofOfSender;
-    public static final ASN1ObjectIdentifier proofOfApproval = PKCSObjectIdentifiers.id_cti_ets_proofOfApproval;
-    public static final ASN1ObjectIdentifier proofOfCreation = PKCSObjectIdentifiers.id_cti_ets_proofOfCreation;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/CommitmentTypeIndication.java b/bcprov/src/main/java/org/bouncycastle/asn1/esf/CommitmentTypeIndication.java
deleted file mode 100644
index 9e2533d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/esf/CommitmentTypeIndication.java
+++ /dev/null

@@ -1,83 +0,0 @@
-package org.bouncycastle.asn1.esf;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-public class CommitmentTypeIndication
-    extends ASN1Object
-{
-    private ASN1ObjectIdentifier   commitmentTypeId;
-    private ASN1Sequence          commitmentTypeQualifier;
-    
-    private CommitmentTypeIndication(
-        ASN1Sequence seq)
-    {
-        commitmentTypeId = (ASN1ObjectIdentifier)seq.getObjectAt(0);
-
-        if (seq.size() > 1)
-        {
-            commitmentTypeQualifier = (ASN1Sequence)seq.getObjectAt(1);
-        }
-    }
-
-    public CommitmentTypeIndication(
-        ASN1ObjectIdentifier commitmentTypeId)
-    {
-        this.commitmentTypeId = commitmentTypeId;
-    }
-
-    public CommitmentTypeIndication(
-        ASN1ObjectIdentifier commitmentTypeId,
-        ASN1Sequence        commitmentTypeQualifier)
-    {
-        this.commitmentTypeId = commitmentTypeId;
-        this.commitmentTypeQualifier = commitmentTypeQualifier;
-    }
-
-    public static CommitmentTypeIndication getInstance(
-        Object obj)
-    {
-        if (obj == null || obj instanceof CommitmentTypeIndication)
-        {
-            return (CommitmentTypeIndication)obj;
-        }
-
-        return new CommitmentTypeIndication(ASN1Sequence.getInstance(obj));
-    }
-
-    public ASN1ObjectIdentifier getCommitmentTypeId()
-    {
-        return commitmentTypeId;
-    }
-    
-    public ASN1Sequence getCommitmentTypeQualifier()
-    {
-        return commitmentTypeQualifier;
-    }
-    
-    /**
-     * <pre>
-     * CommitmentTypeIndication ::= SEQUENCE {
-     *      commitmentTypeId   CommitmentTypeIdentifier,
-     *      commitmentTypeQualifier   SEQUENCE SIZE (1..MAX) OF
-     *              CommitmentTypeQualifier OPTIONAL }
-     * </pre>
-     */ 
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        
-        v.add(commitmentTypeId);
-
-        if (commitmentTypeQualifier != null)
-        {
-            v.add(commitmentTypeQualifier);
-        }
-        
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/CommitmentTypeQualifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/esf/CommitmentTypeQualifier.java
deleted file mode 100644
index 2cbba92..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/esf/CommitmentTypeQualifier.java
+++ /dev/null

@@ -1,108 +0,0 @@
-package org.bouncycastle.asn1.esf;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * Commitment type qualifiers, used in the Commitment-Type-Indication attribute (RFC3126).
- * 
- * <pre>
- *   CommitmentTypeQualifier ::= SEQUENCE {
- *       commitmentTypeIdentifier  CommitmentTypeIdentifier,
- *       qualifier          ANY DEFINED BY commitmentTypeIdentifier OPTIONAL }
- * </pre>
- */
-public class CommitmentTypeQualifier
-    extends ASN1Object
-{
-   private ASN1ObjectIdentifier commitmentTypeIdentifier;
-   private ASN1Encodable qualifier;
-
-   /**
-    * Creates a new <code>CommitmentTypeQualifier</code> instance.
-    *
-    * @param commitmentTypeIdentifier a <code>CommitmentTypeIdentifier</code> value
-    */
-    public CommitmentTypeQualifier(
-        ASN1ObjectIdentifier commitmentTypeIdentifier)
-    {
-        this(commitmentTypeIdentifier, null);
-    }
-    
-   /**
-    * Creates a new <code>CommitmentTypeQualifier</code> instance.
-    *
-    * @param commitmentTypeIdentifier a <code>CommitmentTypeIdentifier</code> value
-    * @param qualifier the qualifier, defined by the above field.
-    */
-    public CommitmentTypeQualifier(
-        ASN1ObjectIdentifier commitmentTypeIdentifier,
-        ASN1Encodable qualifier)
-    {
-        this.commitmentTypeIdentifier = commitmentTypeIdentifier;
-        this.qualifier = qualifier;
-    }
-
-    /**
-     * Creates a new <code>CommitmentTypeQualifier</code> instance.
-     *
-     * @param as <code>CommitmentTypeQualifier</code> structure
-     * encoded as an ASN1Sequence. 
-     */
-    private CommitmentTypeQualifier(
-        ASN1Sequence as)
-    {
-        commitmentTypeIdentifier = (ASN1ObjectIdentifier)as.getObjectAt(0);
-        
-        if (as.size() > 1)
-        {
-            qualifier = as.getObjectAt(1);
-        }
-    }
-
-    public static CommitmentTypeQualifier getInstance(Object as)
-    {
-        if (as instanceof CommitmentTypeQualifier)
-        {
-            return (CommitmentTypeQualifier)as;
-        }
-        else if (as != null)
-        {
-            return new CommitmentTypeQualifier(ASN1Sequence.getInstance(as));
-        }
-
-        return null;
-    }
-
-    public ASN1ObjectIdentifier getCommitmentTypeIdentifier()
-    {
-        return commitmentTypeIdentifier;
-    }
-    
-    public ASN1Encodable getQualifier()
-    {
-        return qualifier;
-    }
-
-   /**
-    * Returns a DER-encodable representation of this instance. 
-    *
-    * @return a <code>ASN1Primitive</code> value
-    */
-   public ASN1Primitive toASN1Primitive()
-   {
-      ASN1EncodableVector dev = new ASN1EncodableVector();
-      dev.add(commitmentTypeIdentifier);
-      if (qualifier != null)
-      {
-          dev.add(qualifier);
-      }
-
-      return new DERSequence(dev);
-   }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/CompleteRevocationRefs.java b/bcprov/src/main/java/org/bouncycastle/asn1/esf/CompleteRevocationRefs.java
deleted file mode 100644
index 4e81f29..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/esf/CompleteRevocationRefs.java
+++ /dev/null

@@ -1,65 +0,0 @@
-package org.bouncycastle.asn1.esf;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <pre>
- * CompleteRevocationRefs ::= SEQUENCE OF CrlOcspRef
- * </pre>
- */
-public class CompleteRevocationRefs
-    extends ASN1Object
-{
-
-    private ASN1Sequence crlOcspRefs;
-
-    public static CompleteRevocationRefs getInstance(Object obj)
-    {
-        if (obj instanceof CompleteRevocationRefs)
-        {
-            return (CompleteRevocationRefs)obj;
-        }
-        else if (obj != null)
-        {
-            return new CompleteRevocationRefs(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private CompleteRevocationRefs(ASN1Sequence seq)
-    {
-        Enumeration seqEnum = seq.getObjects();
-        while (seqEnum.hasMoreElements())
-        {
-            CrlOcspRef.getInstance(seqEnum.nextElement());
-        }
-        this.crlOcspRefs = seq;
-    }
-
-    public CompleteRevocationRefs(CrlOcspRef[] crlOcspRefs)
-    {
-        this.crlOcspRefs = new DERSequence(crlOcspRefs);
-    }
-
-    public CrlOcspRef[] getCrlOcspRefs()
-    {
-        CrlOcspRef[] result = new CrlOcspRef[this.crlOcspRefs.size()];
-        for (int idx = 0; idx < result.length; idx++)
-        {
-            result[idx] = CrlOcspRef.getInstance(this.crlOcspRefs
-                .getObjectAt(idx));
-        }
-        return result;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return this.crlOcspRefs;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/CrlIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/esf/CrlIdentifier.java
deleted file mode 100644
index 6800418..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/esf/CrlIdentifier.java
+++ /dev/null

@@ -1,106 +0,0 @@
-package org.bouncycastle.asn1.esf;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1UTCTime;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x500.X500Name;
-
-/**
- * <pre>
- *  CrlIdentifier ::= SEQUENCE 
- * {
- *   crlissuer    Name,
- *   crlIssuedTime  UTCTime,
- *   crlNumber    INTEGER OPTIONAL
- * }
- * </pre>
- */
-public class CrlIdentifier
-    extends ASN1Object
-{
-    private X500Name crlIssuer;
-    private ASN1UTCTime crlIssuedTime;
-    private ASN1Integer crlNumber;
-
-    public static CrlIdentifier getInstance(Object obj)
-    {
-        if (obj instanceof CrlIdentifier)
-        {
-            return (CrlIdentifier)obj;
-        }
-        else if (obj != null)
-        {
-            return new CrlIdentifier(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private CrlIdentifier(ASN1Sequence seq)
-    {
-        if (seq.size() < 2 || seq.size() > 3)
-        {
-            throw new IllegalArgumentException();
-        }
-        this.crlIssuer = X500Name.getInstance(seq.getObjectAt(0));
-        this.crlIssuedTime = ASN1UTCTime.getInstance(seq.getObjectAt(1));
-        if (seq.size() > 2)
-        {
-            this.crlNumber = ASN1Integer.getInstance(seq.getObjectAt(2));
-        }
-    }
-
-    public CrlIdentifier(X500Name crlIssuer, ASN1UTCTime crlIssuedTime)
-    {
-        this(crlIssuer, crlIssuedTime, null);
-    }
-
-    public CrlIdentifier(X500Name crlIssuer, ASN1UTCTime crlIssuedTime,
-                         BigInteger crlNumber)
-    {
-        this.crlIssuer = crlIssuer;
-        this.crlIssuedTime = crlIssuedTime;
-        if (null != crlNumber)
-        {
-            this.crlNumber = new ASN1Integer(crlNumber);
-        }
-    }
-
-    public X500Name getCrlIssuer()
-    {
-        return this.crlIssuer;
-    }
-
-    public ASN1UTCTime getCrlIssuedTime()
-    {
-        return this.crlIssuedTime;
-    }
-
-    public BigInteger getCrlNumber()
-    {
-        if (null == this.crlNumber)
-        {
-            return null;
-        }
-        return this.crlNumber.getValue();
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        v.add(this.crlIssuer.toASN1Primitive());
-        v.add(this.crlIssuedTime);
-        if (null != this.crlNumber)
-        {
-            v.add(this.crlNumber);
-        }
-        return new DERSequence(v);
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/CrlListID.java b/bcprov/src/main/java/org/bouncycastle/asn1/esf/CrlListID.java
deleted file mode 100644
index c0cb333..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/esf/CrlListID.java
+++ /dev/null

@@ -1,66 +0,0 @@
-package org.bouncycastle.asn1.esf;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <pre>
- * CRLListID ::= SEQUENCE {
- *     crls SEQUENCE OF CrlValidatedID }
- * </pre>
- */
-public class CrlListID
-    extends ASN1Object
-{
-
-    private ASN1Sequence crls;
-
-    public static CrlListID getInstance(Object obj)
-    {
-        if (obj instanceof CrlListID)
-        {
-            return (CrlListID)obj;
-        }
-        else if (obj != null)
-        {
-            return new CrlListID(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private CrlListID(ASN1Sequence seq)
-    {
-        this.crls = (ASN1Sequence)seq.getObjectAt(0);
-        Enumeration e = this.crls.getObjects();
-        while (e.hasMoreElements())
-        {
-            CrlValidatedID.getInstance(e.nextElement());
-        }
-    }
-
-    public CrlListID(CrlValidatedID[] crls)
-    {
-        this.crls = new DERSequence(crls);
-    }
-
-    public CrlValidatedID[] getCrls()
-    {
-        CrlValidatedID[] result = new CrlValidatedID[this.crls.size()];
-        for (int idx = 0; idx < result.length; idx++)
-        {
-            result[idx] = CrlValidatedID
-                .getInstance(this.crls.getObjectAt(idx));
-        }
-        return result;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return new DERSequence(this.crls);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/CrlOcspRef.java b/bcprov/src/main/java/org/bouncycastle/asn1/esf/CrlOcspRef.java
deleted file mode 100644
index ff14ea9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/esf/CrlOcspRef.java
+++ /dev/null

@@ -1,107 +0,0 @@
-package org.bouncycastle.asn1.esf;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-
-/**
- * <pre>
- * CrlOcspRef ::= SEQUENCE {
- *     crlids [0] CRLListID OPTIONAL,
- *     ocspids [1] OcspListID OPTIONAL,
- *     otherRev [2] OtherRevRefs OPTIONAL
- * }
- * </pre>
- */
-public class CrlOcspRef
-    extends ASN1Object
-{
-
-    private CrlListID crlids;
-    private OcspListID ocspids;
-    private OtherRevRefs otherRev;
-
-    public static CrlOcspRef getInstance(Object obj)
-    {
-        if (obj instanceof CrlOcspRef)
-        {
-            return (CrlOcspRef)obj;
-        }
-        else if (obj != null)
-        {
-            return new CrlOcspRef(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private CrlOcspRef(ASN1Sequence seq)
-    {
-        Enumeration e = seq.getObjects();
-        while (e.hasMoreElements())
-        {
-            ASN1TaggedObject o = (ASN1TaggedObject)e.nextElement();
-            switch (o.getTagNo())
-            {
-                case 0:
-                    this.crlids = CrlListID.getInstance(o.getObject());
-                    break;
-                case 1:
-                    this.ocspids = OcspListID.getInstance(o.getObject());
-                    break;
-                case 2:
-                    this.otherRev = OtherRevRefs.getInstance(o.getObject());
-                    break;
-                default:
-                    throw new IllegalArgumentException("illegal tag");
-            }
-        }
-    }
-
-    public CrlOcspRef(CrlListID crlids, OcspListID ocspids,
-                      OtherRevRefs otherRev)
-    {
-        this.crlids = crlids;
-        this.ocspids = ocspids;
-        this.otherRev = otherRev;
-    }
-
-    public CrlListID getCrlids()
-    {
-        return this.crlids;
-    }
-
-    public OcspListID getOcspids()
-    {
-        return this.ocspids;
-    }
-
-    public OtherRevRefs getOtherRev()
-    {
-        return this.otherRev;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        if (null != this.crlids)
-        {
-            v.add(new DERTaggedObject(true, 0, this.crlids.toASN1Primitive()));
-        }
-        if (null != this.ocspids)
-        {
-            v.add(new DERTaggedObject(true, 1, this.ocspids.toASN1Primitive()));
-        }
-        if (null != this.otherRev)
-        {
-            v.add(new DERTaggedObject(true, 2, this.otherRev.toASN1Primitive()));
-        }
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/CrlValidatedID.java b/bcprov/src/main/java/org/bouncycastle/asn1/esf/CrlValidatedID.java
deleted file mode 100644
index b378aea..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/esf/CrlValidatedID.java
+++ /dev/null

@@ -1,82 +0,0 @@
-package org.bouncycastle.asn1.esf;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <pre>
- * CrlValidatedID ::= SEQUENCE {
- *   crlHash OtherHash,
- *   crlIdentifier CrlIdentifier OPTIONAL }
- * </pre>
- */
-public class CrlValidatedID
-    extends ASN1Object
-{
-
-    private OtherHash crlHash;
-    private CrlIdentifier crlIdentifier;
-
-    public static CrlValidatedID getInstance(Object obj)
-    {
-        if (obj instanceof CrlValidatedID)
-        {
-            return (CrlValidatedID)obj;
-        }
-        else if (obj != null)
-        {
-            return new CrlValidatedID(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private CrlValidatedID(ASN1Sequence seq)
-    {
-        if (seq.size() < 1 || seq.size() > 2)
-        {
-            throw new IllegalArgumentException("Bad sequence size: "
-                + seq.size());
-        }
-        this.crlHash = OtherHash.getInstance(seq.getObjectAt(0));
-        if (seq.size() > 1)
-        {
-            this.crlIdentifier = CrlIdentifier.getInstance(seq.getObjectAt(1));
-        }
-    }
-
-    public CrlValidatedID(OtherHash crlHash)
-    {
-        this(crlHash, null);
-    }
-
-    public CrlValidatedID(OtherHash crlHash, CrlIdentifier crlIdentifier)
-    {
-        this.crlHash = crlHash;
-        this.crlIdentifier = crlIdentifier;
-    }
-
-    public OtherHash getCrlHash()
-    {
-        return this.crlHash;
-    }
-
-    public CrlIdentifier getCrlIdentifier()
-    {
-        return this.crlIdentifier;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        v.add(this.crlHash.toASN1Primitive());
-        if (null != this.crlIdentifier)
-        {
-            v.add(this.crlIdentifier.toASN1Primitive());
-        }
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/ESFAttributes.java b/bcprov/src/main/java/org/bouncycastle/asn1/esf/ESFAttributes.java
deleted file mode 100644
index ebdc5ea..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/esf/ESFAttributes.java
+++ /dev/null

@@ -1,22 +0,0 @@
-package org.bouncycastle.asn1.esf;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-
-public interface ESFAttributes
-{
-    public static final ASN1ObjectIdentifier  sigPolicyId = PKCSObjectIdentifiers.id_aa_ets_sigPolicyId;
-    public static final ASN1ObjectIdentifier  commitmentType = PKCSObjectIdentifiers.id_aa_ets_commitmentType;
-    public static final ASN1ObjectIdentifier  signerLocation = PKCSObjectIdentifiers.id_aa_ets_signerLocation;
-    public static final ASN1ObjectIdentifier  signerAttr = PKCSObjectIdentifiers.id_aa_ets_signerAttr;
-    public static final ASN1ObjectIdentifier  otherSigCert = PKCSObjectIdentifiers.id_aa_ets_otherSigCert;
-    public static final ASN1ObjectIdentifier  contentTimestamp = PKCSObjectIdentifiers.id_aa_ets_contentTimestamp;
-    public static final ASN1ObjectIdentifier  certificateRefs = PKCSObjectIdentifiers.id_aa_ets_certificateRefs;
-    public static final ASN1ObjectIdentifier  revocationRefs = PKCSObjectIdentifiers.id_aa_ets_revocationRefs;
-    public static final ASN1ObjectIdentifier  certValues = PKCSObjectIdentifiers.id_aa_ets_certValues;
-    public static final ASN1ObjectIdentifier  revocationValues = PKCSObjectIdentifiers.id_aa_ets_revocationValues;
-    public static final ASN1ObjectIdentifier  escTimeStamp = PKCSObjectIdentifiers.id_aa_ets_escTimeStamp;
-    public static final ASN1ObjectIdentifier  certCRLTimestamp = PKCSObjectIdentifiers.id_aa_ets_certCRLTimestamp;
-    public static final ASN1ObjectIdentifier  archiveTimestamp = PKCSObjectIdentifiers.id_aa_ets_archiveTimestamp;
-    public static final ASN1ObjectIdentifier  archiveTimestampV2 = PKCSObjectIdentifiers.id_aa.branch("48");
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/OcspIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/esf/OcspIdentifier.java
deleted file mode 100644
index a3c41d4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/esf/OcspIdentifier.java
+++ /dev/null

@@ -1,73 +0,0 @@
-package org.bouncycastle.asn1.esf;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.ocsp.ResponderID;
-
-/**
- * <pre>
- * OcspIdentifier ::= SEQUENCE {
- *     ocspResponderID ResponderID, -- As in OCSP response data
- *     producedAt GeneralizedTime -- As in OCSP response data
- * }
- * </pre>
- */
-public class OcspIdentifier
-    extends ASN1Object
-{
-    private ResponderID ocspResponderID;
-    private ASN1GeneralizedTime producedAt;
-
-    public static OcspIdentifier getInstance(Object obj)
-    {
-        if (obj instanceof OcspIdentifier)
-        {
-            return (OcspIdentifier)obj;
-        }
-        else if (obj != null)
-        {
-            return new OcspIdentifier(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private OcspIdentifier(ASN1Sequence seq)
-    {
-        if (seq.size() != 2)
-        {
-            throw new IllegalArgumentException("Bad sequence size: "
-                + seq.size());
-        }
-        this.ocspResponderID = ResponderID.getInstance(seq.getObjectAt(0));
-        this.producedAt = (ASN1GeneralizedTime)seq.getObjectAt(1);
-    }
-
-    public OcspIdentifier(ResponderID ocspResponderID, ASN1GeneralizedTime producedAt)
-    {
-        this.ocspResponderID = ocspResponderID;
-        this.producedAt = producedAt;
-    }
-
-    public ResponderID getOcspResponderID()
-    {
-        return this.ocspResponderID;
-    }
-
-    public ASN1GeneralizedTime getProducedAt()
-    {
-        return this.producedAt;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        v.add(this.ocspResponderID);
-        v.add(this.producedAt);
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/OcspListID.java b/bcprov/src/main/java/org/bouncycastle/asn1/esf/OcspListID.java
deleted file mode 100644
index 349136f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/esf/OcspListID.java
+++ /dev/null

@@ -1,72 +0,0 @@
-package org.bouncycastle.asn1.esf;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <pre>
- * OcspListID ::=  SEQUENCE {
- *    ocspResponses  SEQUENCE OF OcspResponsesID
- * }
- * </pre>
- */
-public class OcspListID
-    extends ASN1Object
-{
-    private ASN1Sequence ocspResponses;
-
-    public static OcspListID getInstance(Object obj)
-    {
-        if (obj instanceof OcspListID)
-        {
-            return (OcspListID)obj;
-        }
-        else if (obj != null)
-        {
-            return new OcspListID(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private OcspListID(ASN1Sequence seq)
-    {
-        if (seq.size() != 1)
-        {
-            throw new IllegalArgumentException("Bad sequence size: "
-                + seq.size());
-        }
-        this.ocspResponses = (ASN1Sequence)seq.getObjectAt(0);
-        Enumeration e = this.ocspResponses.getObjects();
-        while (e.hasMoreElements())
-        {
-            OcspResponsesID.getInstance(e.nextElement());
-        }
-    }
-
-    public OcspListID(OcspResponsesID[] ocspResponses)
-    {
-        this.ocspResponses = new DERSequence(ocspResponses);
-    }
-
-    public OcspResponsesID[] getOcspResponses()
-    {
-        OcspResponsesID[] result = new OcspResponsesID[this.ocspResponses
-            .size()];
-        for (int idx = 0; idx < result.length; idx++)
-        {
-            result[idx] = OcspResponsesID.getInstance(this.ocspResponses
-                .getObjectAt(idx));
-        }
-        return result;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return new DERSequence(this.ocspResponses);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/OcspResponsesID.java b/bcprov/src/main/java/org/bouncycastle/asn1/esf/OcspResponsesID.java
deleted file mode 100644
index 2aac80e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/esf/OcspResponsesID.java
+++ /dev/null

@@ -1,83 +0,0 @@
-package org.bouncycastle.asn1.esf;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <pre>
- * OcspResponsesID ::= SEQUENCE {
- *    ocspIdentifier OcspIdentifier,
- *    ocspRepHash OtherHash OPTIONAL
- * }
- * </pre>
- */
-public class OcspResponsesID
-    extends ASN1Object
-{
-
-    private OcspIdentifier ocspIdentifier;
-    private OtherHash ocspRepHash;
-
-    public static OcspResponsesID getInstance(Object obj)
-    {
-        if (obj instanceof OcspResponsesID)
-        {
-            return (OcspResponsesID)obj;
-        }
-        else if (obj != null)
-        {
-            return new OcspResponsesID(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private OcspResponsesID(ASN1Sequence seq)
-    {
-        if (seq.size() < 1 || seq.size() > 2)
-        {
-            throw new IllegalArgumentException("Bad sequence size: "
-                + seq.size());
-        }
-        this.ocspIdentifier = OcspIdentifier.getInstance(seq.getObjectAt(0));
-        if (seq.size() > 1)
-        {
-            this.ocspRepHash = OtherHash.getInstance(seq.getObjectAt(1));
-        }
-    }
-
-    public OcspResponsesID(OcspIdentifier ocspIdentifier)
-    {
-        this(ocspIdentifier, null);
-    }
-
-    public OcspResponsesID(OcspIdentifier ocspIdentifier, OtherHash ocspRepHash)
-    {
-        this.ocspIdentifier = ocspIdentifier;
-        this.ocspRepHash = ocspRepHash;
-    }
-
-    public OcspIdentifier getOcspIdentifier()
-    {
-        return this.ocspIdentifier;
-    }
-
-    public OtherHash getOcspRepHash()
-    {
-        return this.ocspRepHash;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        v.add(this.ocspIdentifier);
-        if (null != this.ocspRepHash)
-        {
-            v.add(this.ocspRepHash);
-        }
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/OtherHash.java b/bcprov/src/main/java/org/bouncycastle/asn1/esf/OtherHash.java
deleted file mode 100644
index 0ec257d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/esf/OtherHash.java
+++ /dev/null

@@ -1,81 +0,0 @@
-package org.bouncycastle.asn1.esf;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * <pre>
- * OtherHash ::= CHOICE {
- *    sha1Hash  OtherHashValue, -- This contains a SHA-1 hash
- *   otherHash  OtherHashAlgAndValue
- *  }
- * </pre>
- */
-public class OtherHash
-    extends ASN1Object
-    implements ASN1Choice
-{
-
-    private ASN1OctetString sha1Hash;
-    private OtherHashAlgAndValue otherHash;
-
-    public static OtherHash getInstance(Object obj)
-    {
-        if (obj instanceof OtherHash)
-        {
-            return (OtherHash)obj;
-        }
-        if (obj instanceof ASN1OctetString)
-        {
-            return new OtherHash((ASN1OctetString)obj);
-        }
-        return new OtherHash(OtherHashAlgAndValue.getInstance(obj));
-    }
-
-    private OtherHash(ASN1OctetString sha1Hash)
-    {
-        this.sha1Hash = sha1Hash;
-    }
-
-    public OtherHash(OtherHashAlgAndValue otherHash)
-    {
-        this.otherHash = otherHash;
-    }
-
-    public OtherHash(byte[] sha1Hash)
-    {
-        this.sha1Hash = new DEROctetString(sha1Hash);
-    }
-
-    public AlgorithmIdentifier getHashAlgorithm()
-    {
-        if (null == this.otherHash)
-        {
-            return new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1);
-        }
-        return this.otherHash.getHashAlgorithm();
-    }
-
-    public byte[] getHashValue()
-    {
-        if (null == this.otherHash)
-        {
-            return this.sha1Hash.getOctets();
-        }
-        return this.otherHash.getHashValue().getOctets();
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        if (null == this.otherHash)
-        {
-            return this.sha1Hash;
-        }
-        return this.otherHash.toASN1Primitive();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/OtherHashAlgAndValue.java b/bcprov/src/main/java/org/bouncycastle/asn1/esf/OtherHashAlgAndValue.java
deleted file mode 100644
index 34229d4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/esf/OtherHashAlgAndValue.java
+++ /dev/null

@@ -1,81 +0,0 @@
-package org.bouncycastle.asn1.esf;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-public class OtherHashAlgAndValue
-    extends ASN1Object
-{
-    private AlgorithmIdentifier hashAlgorithm;
-    private ASN1OctetString     hashValue;
-
-
-    public static OtherHashAlgAndValue getInstance(
-        Object obj)
-    {
-        if (obj instanceof OtherHashAlgAndValue)
-        {
-            return (OtherHashAlgAndValue) obj;
-        }
-        else if (obj != null)
-        {
-            return new OtherHashAlgAndValue(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private OtherHashAlgAndValue(
-        ASN1Sequence seq)
-    {
-        if (seq.size() != 2)
-        {
-            throw new IllegalArgumentException("Bad sequence size: " + seq.size());
-        }
-
-        hashAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(0));
-        hashValue = ASN1OctetString.getInstance(seq.getObjectAt(1));
-    }
-
-    public OtherHashAlgAndValue(
-        AlgorithmIdentifier hashAlgorithm,
-        ASN1OctetString     hashValue)
-    {
-        this.hashAlgorithm = hashAlgorithm;
-        this.hashValue = hashValue;
-    }
-
-    public AlgorithmIdentifier getHashAlgorithm()
-    {
-        return hashAlgorithm;
-    }
-
-    public ASN1OctetString getHashValue()
-    {
-        return hashValue;
-    }
-
-    /**
-     * <pre>
-     * OtherHashAlgAndValue ::= SEQUENCE {
-     *     hashAlgorithm AlgorithmIdentifier,
-     *     hashValue OtherHashValue }
-     *
-     * OtherHashValue ::= OCTET STRING
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(hashAlgorithm);
-        v.add(hashValue);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/OtherRevRefs.java b/bcprov/src/main/java/org/bouncycastle/asn1/esf/OtherRevRefs.java
deleted file mode 100644
index ed9a9b3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/esf/OtherRevRefs.java
+++ /dev/null

@@ -1,87 +0,0 @@
-package org.bouncycastle.asn1.esf;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <pre>
- * OtherRevRefs ::= SEQUENCE {
- *   otherRevRefType OtherRevRefType,
- *   otherRevRefs ANY DEFINED BY otherRevRefType
- * }
- *
- * OtherRevRefType ::= OBJECT IDENTIFIER
- * </pre>
- */
-public class OtherRevRefs
-    extends ASN1Object
-{
-
-    private ASN1ObjectIdentifier otherRevRefType;
-    private ASN1Encodable otherRevRefs;
-
-    public static OtherRevRefs getInstance(Object obj)
-    {
-        if (obj instanceof OtherRevRefs)
-        {
-            return (OtherRevRefs)obj;
-        }
-        else if (obj != null)
-        {
-            return new OtherRevRefs(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private OtherRevRefs(ASN1Sequence seq)
-    {
-        if (seq.size() != 2)
-        {
-            throw new IllegalArgumentException("Bad sequence size: "
-                + seq.size());
-        }
-        this.otherRevRefType = new ASN1ObjectIdentifier(((ASN1ObjectIdentifier)seq.getObjectAt(0)).getId());
-        try
-        {
-            this.otherRevRefs = ASN1Primitive.fromByteArray(seq.getObjectAt(1)
-                .toASN1Primitive().getEncoded(ASN1Encoding.DER));
-        }
-        catch (IOException e)
-        {
-            throw new IllegalStateException();
-        }
-    }
-
-    public OtherRevRefs(ASN1ObjectIdentifier otherRevRefType, ASN1Encodable otherRevRefs)
-    {
-        this.otherRevRefType = otherRevRefType;
-        this.otherRevRefs = otherRevRefs;
-    }
-
-    public ASN1ObjectIdentifier getOtherRevRefType()
-    {
-        return this.otherRevRefType;
-    }
-
-    public ASN1Encodable getOtherRevRefs()
-    {
-        return this.otherRevRefs;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        v.add(this.otherRevRefType);
-        v.add(this.otherRevRefs);
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/OtherRevVals.java b/bcprov/src/main/java/org/bouncycastle/asn1/esf/OtherRevVals.java
deleted file mode 100644
index 7389bdf..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/esf/OtherRevVals.java
+++ /dev/null

@@ -1,89 +0,0 @@
-package org.bouncycastle.asn1.esf;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <pre>
- * OtherRevVals ::= SEQUENCE {
- *    otherRevValType OtherRevValType,
- *    otherRevVals ANY DEFINED BY OtherRevValType
- * }
- *
- * OtherRevValType ::= OBJECT IDENTIFIER
- * </pre>
- */
-public class OtherRevVals
-    extends ASN1Object
-{
-
-    private ASN1ObjectIdentifier otherRevValType;
-
-    private ASN1Encodable otherRevVals;
-
-    public static OtherRevVals getInstance(Object obj)
-    {
-        if (obj instanceof OtherRevVals)
-        {
-            return (OtherRevVals)obj;
-        }
-        if (obj != null)
-        {
-            return new OtherRevVals(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private OtherRevVals(ASN1Sequence seq)
-    {
-        if (seq.size() != 2)
-        {
-            throw new IllegalArgumentException("Bad sequence size: "
-                + seq.size());
-        }
-        this.otherRevValType = (ASN1ObjectIdentifier)seq.getObjectAt(0);
-        try
-        {
-            this.otherRevVals = ASN1Primitive.fromByteArray(seq.getObjectAt(1)
-                .toASN1Primitive().getEncoded(ASN1Encoding.DER));
-        }
-        catch (IOException e)
-        {
-            throw new IllegalStateException();
-        }
-    }
-
-    public OtherRevVals(ASN1ObjectIdentifier otherRevValType,
-                        ASN1Encodable otherRevVals)
-    {
-        this.otherRevValType = otherRevValType;
-        this.otherRevVals = otherRevVals;
-    }
-
-    public ASN1ObjectIdentifier getOtherRevValType()
-    {
-        return this.otherRevValType;
-    }
-
-    public ASN1Encodable getOtherRevVals()
-    {
-        return this.otherRevVals;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        v.add(this.otherRevValType);
-        v.add(this.otherRevVals);
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/RevocationValues.java b/bcprov/src/main/java/org/bouncycastle/asn1/esf/RevocationValues.java
deleted file mode 100644
index 4e3a147..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/esf/RevocationValues.java
+++ /dev/null

@@ -1,152 +0,0 @@
-package org.bouncycastle.asn1.esf;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.ocsp.BasicOCSPResponse;
-import org.bouncycastle.asn1.x509.CertificateList;
-
-/**
- * <pre>
- * RevocationValues ::= SEQUENCE {
- *    crlVals [0] SEQUENCE OF CertificateList OPTIONAL,
- *    ocspVals [1] SEQUENCE OF BasicOCSPResponse OPTIONAL,
- *    otherRevVals [2] OtherRevVals OPTIONAL}
- * </pre>
- */
-public class RevocationValues
-    extends ASN1Object
-{
-
-    private ASN1Sequence crlVals;
-    private ASN1Sequence ocspVals;
-    private OtherRevVals otherRevVals;
-
-    public static RevocationValues getInstance(Object obj)
-    {
-        if (obj instanceof RevocationValues)
-        {
-            return (RevocationValues)obj;
-        }
-        else if (obj != null)
-        {
-            return new RevocationValues(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private RevocationValues(ASN1Sequence seq)
-    {
-        if (seq.size() > 3)
-        {
-            throw new IllegalArgumentException("Bad sequence size: "
-                + seq.size());
-        }
-        Enumeration e = seq.getObjects();
-        while (e.hasMoreElements())
-        {
-            ASN1TaggedObject o = (ASN1TaggedObject)e.nextElement();
-            switch (o.getTagNo())
-            {
-                case 0:
-                    ASN1Sequence crlValsSeq = (ASN1Sequence)o.getObject();
-                    Enumeration crlValsEnum = crlValsSeq.getObjects();
-                    while (crlValsEnum.hasMoreElements())
-                    {
-                        CertificateList.getInstance(crlValsEnum.nextElement());
-                    }
-                    this.crlVals = crlValsSeq;
-                    break;
-                case 1:
-                    ASN1Sequence ocspValsSeq = (ASN1Sequence)o.getObject();
-                    Enumeration ocspValsEnum = ocspValsSeq.getObjects();
-                    while (ocspValsEnum.hasMoreElements())
-                    {
-                        BasicOCSPResponse.getInstance(ocspValsEnum.nextElement());
-                    }
-                    this.ocspVals = ocspValsSeq;
-                    break;
-                case 2:
-                    this.otherRevVals = OtherRevVals.getInstance(o.getObject());
-                    break;
-                default:
-                    throw new IllegalArgumentException("invalid tag: "
-                        + o.getTagNo());
-            }
-        }
-    }
-
-    public RevocationValues(CertificateList[] crlVals,
-                            BasicOCSPResponse[] ocspVals, OtherRevVals otherRevVals)
-    {
-        if (null != crlVals)
-        {
-            this.crlVals = new DERSequence(crlVals);
-        }
-        if (null != ocspVals)
-        {
-            this.ocspVals = new DERSequence(ocspVals);
-        }
-        this.otherRevVals = otherRevVals;
-    }
-
-    public CertificateList[] getCrlVals()
-    {
-        if (null == this.crlVals)
-        {
-            return new CertificateList[0];
-        }
-        CertificateList[] result = new CertificateList[this.crlVals.size()];
-        for (int idx = 0; idx < result.length; idx++)
-        {
-            result[idx] = CertificateList.getInstance(this.crlVals
-                .getObjectAt(idx));
-        }
-        return result;
-    }
-
-    public BasicOCSPResponse[] getOcspVals()
-    {
-        if (null == this.ocspVals)
-        {
-            return new BasicOCSPResponse[0];
-        }
-        BasicOCSPResponse[] result = new BasicOCSPResponse[this.ocspVals.size()];
-        for (int idx = 0; idx < result.length; idx++)
-        {
-            result[idx] = BasicOCSPResponse.getInstance(this.ocspVals
-                .getObjectAt(idx));
-        }
-        return result;
-    }
-
-    public OtherRevVals getOtherRevVals()
-    {
-        return this.otherRevVals;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        if (null != this.crlVals)
-        {
-            v.add(new DERTaggedObject(true, 0, this.crlVals));
-        }
-        if (null != this.ocspVals)
-        {
-            v.add(new DERTaggedObject(true, 1, this.ocspVals));
-        }
-        if (null != this.otherRevVals)
-        {
-            v.add(new DERTaggedObject(true, 2, this.otherRevVals.toASN1Primitive()));
-        }
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/SPUserNotice.java b/bcprov/src/main/java/org/bouncycastle/asn1/esf/SPUserNotice.java
deleted file mode 100644
index c026cde..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/esf/SPUserNotice.java
+++ /dev/null

@@ -1,99 +0,0 @@
-package org.bouncycastle.asn1.esf;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1String;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.DisplayText;
-import org.bouncycastle.asn1.x509.NoticeReference;
-
-public class SPUserNotice
-    extends ASN1Object
-{
-    private NoticeReference noticeRef;
-    private DisplayText     explicitText;
-
-    public static SPUserNotice getInstance(
-        Object obj)
-    {
-        if (obj instanceof SPUserNotice)
-        {
-            return (SPUserNotice)obj;
-        }
-        else if (obj != null)
-        {
-            return new SPUserNotice(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private SPUserNotice(
-        ASN1Sequence seq)
-    {
-        Enumeration e = seq.getObjects();
-        while (e.hasMoreElements())
-        {
-            ASN1Encodable object = (ASN1Encodable)e.nextElement();
-            if (object instanceof DisplayText || object instanceof ASN1String)
-            {
-                explicitText = DisplayText.getInstance(object);
-            }
-            else if (object instanceof NoticeReference || object instanceof ASN1Sequence)
-            {
-                noticeRef = NoticeReference.getInstance(object);
-            }
-            else
-            {
-                throw new IllegalArgumentException("Invalid element in 'SPUserNotice': " + object.getClass().getName());
-            }
-        }
-    }
-
-    public SPUserNotice(
-        NoticeReference noticeRef,
-        DisplayText     explicitText)
-    {
-        this.noticeRef = noticeRef;
-        this.explicitText = explicitText;
-    }
-
-    public NoticeReference getNoticeRef()
-    {
-        return noticeRef;
-    }
-
-    public DisplayText getExplicitText()
-    {
-        return explicitText;
-    }
-
-    /**
-     * <pre>
-     * SPUserNotice ::= SEQUENCE {
-     *     noticeRef NoticeReference OPTIONAL,
-     *     explicitText DisplayText OPTIONAL }
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        if (noticeRef != null)
-        {
-            v.add(noticeRef);
-        }
-
-        if (explicitText != null)
-        {
-            v.add(explicitText);
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/SPuri.java b/bcprov/src/main/java/org/bouncycastle/asn1/esf/SPuri.java
deleted file mode 100644
index 2e2483d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/esf/SPuri.java
+++ /dev/null

@@ -1,45 +0,0 @@
-package org.bouncycastle.asn1.esf;
-
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DERIA5String;
-
-public class SPuri
-{
-    private DERIA5String uri;
-
-    public static SPuri getInstance(
-        Object obj)
-    {
-        if (obj instanceof SPuri)
-        {
-            return (SPuri) obj;
-        }
-        else if (obj instanceof DERIA5String)
-        {
-            return new SPuri(DERIA5String.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public SPuri(
-        DERIA5String uri)
-    {
-        this.uri = uri;
-    }
-
-    public DERIA5String getUri()
-    {
-        return uri;
-    }
-
-    /**
-     * <pre>
-     * SPuri ::= IA5String
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return uri.toASN1Primitive();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/SigPolicyQualifierInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/esf/SigPolicyQualifierInfo.java
deleted file mode 100644
index 3ce4836..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/esf/SigPolicyQualifierInfo.java
+++ /dev/null

@@ -1,75 +0,0 @@
-package org.bouncycastle.asn1.esf;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-public class SigPolicyQualifierInfo
-    extends ASN1Object
-{
-    private ASN1ObjectIdentifier  sigPolicyQualifierId;
-    private ASN1Encodable         sigQualifier;
-
-    public SigPolicyQualifierInfo(
-        ASN1ObjectIdentifier   sigPolicyQualifierId,
-        ASN1Encodable          sigQualifier)
-    {
-        this.sigPolicyQualifierId = sigPolicyQualifierId;
-        this.sigQualifier = sigQualifier;
-    }
-
-    private SigPolicyQualifierInfo(
-        ASN1Sequence seq)
-    {
-        sigPolicyQualifierId = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
-        sigQualifier = seq.getObjectAt(1);
-    }
-
-    public static SigPolicyQualifierInfo getInstance(
-        Object obj)
-    {
-        if (obj instanceof SigPolicyQualifierInfo)
-        {
-            return (SigPolicyQualifierInfo) obj;
-        }
-        else if (obj != null)
-        {
-            return new SigPolicyQualifierInfo(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public ASN1ObjectIdentifier getSigPolicyQualifierId()
-    {
-        return new ASN1ObjectIdentifier(sigPolicyQualifierId.getId());
-    }
-
-    public ASN1Encodable getSigQualifier()
-    {
-        return sigQualifier;
-    }
-
-    /**
-     * <pre>
-     * SigPolicyQualifierInfo ::= SEQUENCE {
-     *    sigPolicyQualifierId SigPolicyQualifierId,
-     *    sigQualifier ANY DEFINED BY sigPolicyQualifierId }
-     *
-     * SigPolicyQualifierId ::= OBJECT IDENTIFIER
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        v.add(sigPolicyQualifierId);
-        v.add(sigQualifier);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/SigPolicyQualifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/esf/SigPolicyQualifiers.java
deleted file mode 100644
index 453c6d0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/esf/SigPolicyQualifiers.java
+++ /dev/null

@@ -1,77 +0,0 @@
-package org.bouncycastle.asn1.esf;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-public class SigPolicyQualifiers
-    extends ASN1Object
-{
-    ASN1Sequence qualifiers;
-
-    public static SigPolicyQualifiers getInstance(
-        Object obj)
-    {
-        if (obj instanceof SigPolicyQualifiers)
-        {
-            return (SigPolicyQualifiers) obj;
-        }
-        else if (obj instanceof ASN1Sequence)
-        {
-            return new SigPolicyQualifiers(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private SigPolicyQualifiers(
-        ASN1Sequence seq)
-    {
-        qualifiers = seq;
-    }
-
-    public SigPolicyQualifiers(
-        SigPolicyQualifierInfo[] qualifierInfos)
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        for (int i=0; i < qualifierInfos.length; i++)
-        {
-            v.add(qualifierInfos[i]);
-        }
-        qualifiers = new DERSequence(v);
-    }
-
-    /**
-     * Return the number of qualifier info elements present.
-     *
-     * @return number of elements present.
-     */
-    public int size()
-    {
-        return qualifiers.size();
-    }
-
-    /**
-     * Return the SigPolicyQualifierInfo at index i.
-     *
-     * @param i index of the info of interest
-     * @return the info at index i.
-     */
-    public SigPolicyQualifierInfo getInfoAt(
-        int i)
-    {
-        return SigPolicyQualifierInfo.getInstance(qualifiers.getObjectAt(i));
-    }
-
-    /**
-     * <pre>
-     * SigPolicyQualifiers ::= SEQUENCE SIZE (1..MAX) OF SigPolicyQualifierInfo
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return qualifiers;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/SignaturePolicyId.java b/bcprov/src/main/java/org/bouncycastle/asn1/esf/SignaturePolicyId.java
deleted file mode 100644
index 10b88f8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/esf/SignaturePolicyId.java
+++ /dev/null

@@ -1,103 +0,0 @@
-package org.bouncycastle.asn1.esf;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-public class SignaturePolicyId
-    extends ASN1Object
-{
-    private ASN1ObjectIdentifier  sigPolicyId;
-    private OtherHashAlgAndValue sigPolicyHash;
-    private SigPolicyQualifiers  sigPolicyQualifiers;
-
-
-    public static SignaturePolicyId getInstance(
-        Object obj)
-    {
-        if (obj instanceof SignaturePolicyId)
-        {
-            return (SignaturePolicyId)obj;
-        }
-        else if (obj != null)
-        {
-            return new SignaturePolicyId(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private SignaturePolicyId(
-        ASN1Sequence seq)
-    {
-        if (seq.size() != 2 && seq.size() != 3)
-        {
-            throw new IllegalArgumentException("Bad sequence size: " + seq.size());
-        }
-
-        sigPolicyId = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
-        sigPolicyHash = OtherHashAlgAndValue.getInstance(seq.getObjectAt(1));
-
-        if (seq.size() == 3)
-        {
-            sigPolicyQualifiers = SigPolicyQualifiers.getInstance(seq.getObjectAt(2));
-        }
-    }
-
-    public SignaturePolicyId(
-        ASN1ObjectIdentifier   sigPolicyIdentifier,
-        OtherHashAlgAndValue  sigPolicyHash)
-    {
-        this(sigPolicyIdentifier, sigPolicyHash, null);
-    }
-
-    public SignaturePolicyId(
-        ASN1ObjectIdentifier   sigPolicyId,
-        OtherHashAlgAndValue  sigPolicyHash,
-        SigPolicyQualifiers   sigPolicyQualifiers)
-    {
-        this.sigPolicyId = sigPolicyId;
-        this.sigPolicyHash = sigPolicyHash;
-        this.sigPolicyQualifiers = sigPolicyQualifiers;
-    }
-
-    public ASN1ObjectIdentifier getSigPolicyId()
-    {
-        return new ASN1ObjectIdentifier(sigPolicyId.getId());
-    }
-
-    public OtherHashAlgAndValue getSigPolicyHash()
-    {
-        return sigPolicyHash;
-    }
-
-    public SigPolicyQualifiers getSigPolicyQualifiers()
-    {
-        return sigPolicyQualifiers;
-    }
-
-    /**
-     * <pre>
-     * SignaturePolicyId ::= SEQUENCE {
-     *     sigPolicyId SigPolicyId,
-     *     sigPolicyHash SigPolicyHash,
-     *     sigPolicyQualifiers SEQUENCE SIZE (1..MAX) OF SigPolicyQualifierInfo OPTIONAL}
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        v.add(sigPolicyId);
-        v.add(sigPolicyHash);
-        if (sigPolicyQualifiers != null)
-        {
-            v.add(sigPolicyQualifiers);
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/SignaturePolicyIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/esf/SignaturePolicyIdentifier.java
deleted file mode 100644
index acd8ac4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/esf/SignaturePolicyIdentifier.java
+++ /dev/null

@@ -1,76 +0,0 @@
-package org.bouncycastle.asn1.esf;
-
-import org.bouncycastle.asn1.ASN1Null;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.BERTags;
-import org.bouncycastle.asn1.DERNull;
-
-public class SignaturePolicyIdentifier
-    extends ASN1Object
-{
-    private SignaturePolicyId   signaturePolicyId;
-    private boolean             isSignaturePolicyImplied;
-
-    public static SignaturePolicyIdentifier getInstance(
-        Object  obj)
-    {
-        if (obj instanceof SignaturePolicyIdentifier)
-        {
-            return (SignaturePolicyIdentifier)obj;
-        }
-        else if (obj instanceof ASN1Null || hasEncodedTagValue(obj, BERTags.NULL))
-        {
-            return new SignaturePolicyIdentifier();
-        }
-        else if (obj != null)
-        {
-            return new SignaturePolicyIdentifier(SignaturePolicyId.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public SignaturePolicyIdentifier()
-    {
-        this.isSignaturePolicyImplied = true;
-    }
-
-    public SignaturePolicyIdentifier(
-        SignaturePolicyId signaturePolicyId)
-    {
-        this.signaturePolicyId = signaturePolicyId;
-        this.isSignaturePolicyImplied = false;
-    }
-
-    public SignaturePolicyId getSignaturePolicyId()
-    {
-        return signaturePolicyId;
-    }
-
-    public boolean isSignaturePolicyImplied()
-    {
-        return isSignaturePolicyImplied;
-    }
-
-    /**
-     * <pre>
-     * SignaturePolicyIdentifier ::= CHOICE{
-     *     SignaturePolicyId         SignaturePolicyId,
-     *     SignaturePolicyImplied    SignaturePolicyImplied }
-     *
-     * SignaturePolicyImplied ::= NULL
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        if (isSignaturePolicyImplied)
-        {
-            return DERNull.INSTANCE;
-        }
-        else
-        {
-            return signaturePolicyId.toASN1Primitive();
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/SignerAttribute.java b/bcprov/src/main/java/org/bouncycastle/asn1/esf/SignerAttribute.java
deleted file mode 100644
index d851080..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/esf/SignerAttribute.java
+++ /dev/null

@@ -1,127 +0,0 @@
-package org.bouncycastle.asn1.esf;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x509.Attribute;
-import org.bouncycastle.asn1.x509.AttributeCertificate;
-
-
-public class SignerAttribute
-    extends ASN1Object
-{
-    private Object[] values;
-
-    public static SignerAttribute getInstance(
-        Object o)
-    {
-        if (o instanceof SignerAttribute)
-        {
-            return (SignerAttribute) o;
-        }
-        else if (o != null)
-        {
-            return new SignerAttribute(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    private SignerAttribute(
-        ASN1Sequence seq)
-    {
-        int index = 0;
-        values = new Object[seq.size()];
-
-        for (Enumeration e = seq.getObjects(); e.hasMoreElements();)
-        {
-            ASN1TaggedObject taggedObject = ASN1TaggedObject.getInstance(e.nextElement());
-
-            if (taggedObject.getTagNo() == 0)
-            {
-                ASN1Sequence attrs = ASN1Sequence.getInstance(taggedObject, true);
-                Attribute[]  attributes = new Attribute[attrs.size()];
-
-                for (int i = 0; i != attributes.length; i++)
-                {
-                    attributes[i] = Attribute.getInstance(attrs.getObjectAt(i));
-                }
-                values[index] = attributes;
-            }
-            else if (taggedObject.getTagNo() == 1)
-            {
-                values[index] = AttributeCertificate.getInstance(ASN1Sequence.getInstance(taggedObject, true));
-            }
-            else
-            {
-                throw new IllegalArgumentException("illegal tag: " + taggedObject.getTagNo());
-            }
-            index++;
-        }
-    }
-
-    public SignerAttribute(
-        Attribute[] claimedAttributes)
-    {
-        this.values = new Object[1];
-        this.values[0] = claimedAttributes;
-    }
-
-    public SignerAttribute(
-        AttributeCertificate certifiedAttributes)
-    {
-        this.values = new Object[1];
-        this.values[0] = certifiedAttributes;
-    }
-
-    /**
-     * Return the sequence of choices - the array elements will either be of
-     * type Attribute[] or AttributeCertificate depending on what tag was used.
-     *
-     * @return array of choices.
-     */
-    public Object[] getValues()
-    {
-        Object[] rv = new Object[values.length];
-
-        System.arraycopy(values, 0, rv, 0, rv.length);
-
-        return rv;
-    }
-
-    /**
-     *
-     * <pre>
-     *  SignerAttribute ::= SEQUENCE OF CHOICE {
-     *      claimedAttributes   [0] ClaimedAttributes,
-     *      certifiedAttributes [1] CertifiedAttributes }
-     *
-     *  ClaimedAttributes ::= SEQUENCE OF Attribute
-     *  CertifiedAttributes ::= AttributeCertificate -- as defined in RFC 3281: see clause 4.1.
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        for (int i = 0; i != values.length; i++)
-        {
-            if (values[i] instanceof Attribute[])
-            {
-                v.add(new DERTaggedObject(0, new DERSequence((Attribute[])values[i])));
-            }
-            else
-            {
-                v.add(new DERTaggedObject(1, (AttributeCertificate)values[i]));
-            }
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/SignerLocation.java b/bcprov/src/main/java/org/bouncycastle/asn1/esf/SignerLocation.java
deleted file mode 100644
index f8d484b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/esf/SignerLocation.java
+++ /dev/null

@@ -1,221 +0,0 @@
-package org.bouncycastle.asn1.esf;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.asn1.x500.DirectoryString;
-
-/**
- * Signer-Location attribute (RFC3126).
- * 
- * <pre>
- *   SignerLocation ::= SEQUENCE {
- *       countryName        [0] DirectoryString OPTIONAL,
- *       localityName       [1] DirectoryString OPTIONAL,
- *       postalAddress      [2] PostalAddress OPTIONAL }
- *
- *   PostalAddress ::= SEQUENCE SIZE(1..6) OF DirectoryString
- * </pre>
- */
-public class SignerLocation
-    extends ASN1Object
-{
-    private DirectoryString   countryName;
-    private DirectoryString   localityName;
-    private ASN1Sequence      postalAddress;
-    
-    private SignerLocation(
-        ASN1Sequence seq)
-    {
-        Enumeration     e = seq.getObjects();
-
-        while (e.hasMoreElements())
-        {
-            ASN1TaggedObject o = (ASN1TaggedObject)e.nextElement();
-
-            switch (o.getTagNo())
-            {
-            case 0:
-                this.countryName = DirectoryString.getInstance(o, true);;
-                break;
-            case 1:
-                this.localityName = DirectoryString.getInstance(o, true);
-                break;
-            case 2:
-                if (o.isExplicit())
-                {
-                    this.postalAddress = ASN1Sequence.getInstance(o, true);
-                }
-                else    // handle erroneous implicitly tagged sequences
-                {
-                    this.postalAddress = ASN1Sequence.getInstance(o, false);
-                }
-                if (postalAddress != null && postalAddress.size() > 6)
-                {
-                    throw new IllegalArgumentException("postal address must contain less than 6 strings");
-                }
-                break;
-            default:
-                throw new IllegalArgumentException("illegal tag");
-            }
-        }
-    }
-
-    private SignerLocation(
-        DirectoryString   countryName,
-        DirectoryString   localityName,
-        ASN1Sequence      postalAddress)
-    {
-        if (postalAddress != null && postalAddress.size() > 6)
-        {
-            throw new IllegalArgumentException("postal address must contain less than 6 strings");
-        }
-
-        this.countryName = countryName;
-        this.localityName = localityName;
-        this.postalAddress = postalAddress;
-    }
-
-    public SignerLocation(
-        DirectoryString   countryName,
-        DirectoryString   localityName,
-        DirectoryString[] postalAddress)
-    {
-        this(countryName, localityName, new DERSequence(postalAddress));
-    }
-
-    public SignerLocation(
-        DERUTF8String   countryName,
-        DERUTF8String   localityName,
-        ASN1Sequence    postalAddress)
-    {
-        this(DirectoryString.getInstance(countryName), DirectoryString.getInstance(localityName), postalAddress);
-    }
-
-    public static SignerLocation getInstance(
-        Object obj)
-    {
-        if (obj == null || obj instanceof SignerLocation)
-        {
-            return (SignerLocation)obj;
-        }
-
-        return new SignerLocation(ASN1Sequence.getInstance(obj));
-    }
-
-    /**
-     * Return the countryName DirectoryString
-     *
-     * @return the countryName, null if absent.
-     */
-    public DirectoryString getCountry()
-    {
-        return countryName;
-    }
-
-    /**
-     * Return the localityName DirectoryString
-     *
-     * @return the localityName, null if absent.
-     */
-    public DirectoryString getLocality()
-    {
-        return localityName;
-    }
-
-    /**
-     * Return the postalAddress DirectoryStrings
-     *
-     * @return the postalAddress, null if absent.
-     */
-    public DirectoryString[] getPostal()
-    {
-        if (postalAddress == null)
-        {
-            return null;
-        }
-
-        DirectoryString[] dirStrings = new DirectoryString[postalAddress.size()];
-        for (int i = 0; i != dirStrings.length; i++)
-        {
-            dirStrings[i] = DirectoryString.getInstance(postalAddress.getObjectAt(i));
-        }
-
-        return dirStrings;
-    }
-
-    /**
-     * @deprecated use getCountry()
-     */
-    public DERUTF8String getCountryName()
-    {
-        if (countryName == null)
-        {
-            return null;
-        }
-        return new DERUTF8String(getCountry().getString());
-    }
-
-    /**
-     * @deprecated use getLocality()
-     */
-    public DERUTF8String getLocalityName()
-    {
-        if (localityName == null)
-        {
-            return null;
-        }
-        return new DERUTF8String(getLocality().getString());
-    }
-
-    public ASN1Sequence getPostalAddress()
-    {
-        return postalAddress;
-    }
-
-    /**
-     * <pre>
-     *   SignerLocation ::= SEQUENCE {
-     *       countryName        [0] DirectoryString OPTIONAL,
-     *       localityName       [1] DirectoryString OPTIONAL,
-     *       postalAddress      [2] PostalAddress OPTIONAL }
-     *
-     *   PostalAddress ::= SEQUENCE SIZE(1..6) OF DirectoryString
-     *   
-     *   DirectoryString ::= CHOICE {
-     *         teletexString           TeletexString (SIZE (1..MAX)),
-     *         printableString         PrintableString (SIZE (1..MAX)),
-     *         universalString         UniversalString (SIZE (1..MAX)),
-     *         utf8String              UTF8String (SIZE (1.. MAX)),
-     *         bmpString               BMPString (SIZE (1..MAX)) }
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        if (countryName != null)
-        {
-            v.add(new DERTaggedObject(true, 0, countryName));
-        }
-
-        if (localityName != null)
-        {
-            v.add(new DERTaggedObject(true, 1, localityName));
-        }
-
-        if (postalAddress != null)
-        {
-            v.add(new DERTaggedObject(true, 2, postalAddress));
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/esf/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/esf/package.html
deleted file mode 100644
index de27367..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/esf/package.html
+++ /dev/null

@@ -1,6 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes useful for encoding and supporting [ESF] RFC3126 
-Electronic Signature Formats for long term electronic signatures.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ess/ContentHints.java b/bcprov/src/main/java/org/bouncycastle/asn1/ess/ContentHints.java
deleted file mode 100644
index 462d968..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ess/ContentHints.java
+++ /dev/null

@@ -1,94 +0,0 @@
-package org.bouncycastle.asn1.ess;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERUTF8String;
-
-public class ContentHints
-    extends ASN1Object
-{
-    private DERUTF8String contentDescription;
-    private ASN1ObjectIdentifier contentType;
-
-    public static ContentHints getInstance(Object o)
-    {
-        if (o instanceof ContentHints)
-        {
-            return (ContentHints)o;
-        }
-        else if (o != null)
-        {
-            return new ContentHints(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    /**
-     * constructor
-     */
-    private ContentHints(ASN1Sequence seq)
-    {
-        ASN1Encodable field = seq.getObjectAt(0);
-        if (field.toASN1Primitive() instanceof DERUTF8String)
-        {
-            contentDescription = DERUTF8String.getInstance(field);
-            contentType = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(1));
-        }
-        else
-        {
-            contentType = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
-        }
-    }
-
-    public ContentHints(
-        ASN1ObjectIdentifier contentType)
-    {
-        this.contentType = contentType;
-        this.contentDescription = null;
-    }
-
-    public ContentHints(
-        ASN1ObjectIdentifier contentType,
-        DERUTF8String contentDescription)
-    {
-        this.contentType = contentType;
-        this.contentDescription = contentDescription;
-    }
-
-    public ASN1ObjectIdentifier getContentType()
-    {
-        return contentType;
-    }
-
-    public DERUTF8String getContentDescription()
-    {
-        return contentDescription;
-    }
-
-    /**
-     * <pre>
-     * ContentHints ::= SEQUENCE {
-     *   contentDescription UTF8String (SIZE (1..MAX)) OPTIONAL,
-     *   contentType ContentType }
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        if (contentDescription != null)
-        {
-            v.add(contentDescription);
-        }
-
-        v.add(contentType);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ess/ContentIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/ess/ContentIdentifier.java
deleted file mode 100644
index 37064c4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ess/ContentIdentifier.java
+++ /dev/null

@@ -1,63 +0,0 @@
-package org.bouncycastle.asn1.ess;
-
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DEROctetString;
-
-public class ContentIdentifier
-    extends ASN1Object
-{
-     ASN1OctetString value;
-
-    public static ContentIdentifier getInstance(Object o)
-    {
-        if (o instanceof ContentIdentifier)
-        {
-            return (ContentIdentifier) o;
-        }
-        else if (o != null)
-        {
-            return new ContentIdentifier(ASN1OctetString.getInstance(o));
-        }
-
-        return null;
-    }
-
-    /**
-     * Create from OCTET STRING whose octets represent the identifier.
-     */
-    private ContentIdentifier(
-        ASN1OctetString value)
-    {
-        this.value = value;
-    }
-
-    /**
-     * Create from byte array representing the identifier.
-     */
-    public ContentIdentifier(
-        byte[] value)
-    {
-        this(new DEROctetString(value));
-    }
-    
-    public ASN1OctetString getValue()
-    {
-        return value;
-    }
-
-    /**
-     * The definition of ContentIdentifier is
-     * <pre>
-     * ContentIdentifier ::=  OCTET STRING
-     * </pre>
-     * id-aa-contentIdentifier OBJECT IDENTIFIER ::= { iso(1)
-     *  member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
-     *  smime(16) id-aa(2) 7 }
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return value;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ess/ESSCertID.java b/bcprov/src/main/java/org/bouncycastle/asn1/ess/ESSCertID.java
deleted file mode 100644
index a6cc315..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ess/ESSCertID.java
+++ /dev/null

@@ -1,95 +0,0 @@
-package org.bouncycastle.asn1.ess;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.IssuerSerial;
-
-public class ESSCertID
-    extends ASN1Object
-{
-    private ASN1OctetString certHash;
-
-    private IssuerSerial issuerSerial;
-
-    public static ESSCertID getInstance(Object o)
-    {
-        if (o instanceof ESSCertID)
-        {
-            return (ESSCertID)o;
-        }
-        else if (o != null)
-        {
-            return new ESSCertID(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    /**
-     * constructor
-     */
-    private ESSCertID(ASN1Sequence seq)
-    {
-        if (seq.size() < 1 || seq.size() > 2)
-        {
-            throw new IllegalArgumentException("Bad sequence size: " + seq.size());
-        }
-
-        certHash = ASN1OctetString.getInstance(seq.getObjectAt(0));
- 
-        if (seq.size() > 1)
-        {
-            issuerSerial = IssuerSerial.getInstance(seq.getObjectAt(1));
-        }
-    }
-
-    public ESSCertID(
-        byte[]          hash)
-    {
-        certHash = new DEROctetString(hash);
-    }
-
-    public ESSCertID(
-        byte[]          hash,
-        IssuerSerial    issuerSerial)
-    {
-        this.certHash = new DEROctetString(hash);
-        this.issuerSerial = issuerSerial;
-    }
-
-    public byte[] getCertHash()
-    {
-        return certHash.getOctets();
-    }
-
-    public IssuerSerial getIssuerSerial()
-    {
-        return issuerSerial;
-    }
-
-    /**
-     * <pre>
-     * ESSCertID ::= SEQUENCE {
-     *     certHash Hash, 
-     *     issuerSerial IssuerSerial OPTIONAL }
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        
-        v.add(certHash);
-        
-        if (issuerSerial != null)
-        {
-            v.add(issuerSerial);
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ess/ESSCertIDv2.java b/bcprov/src/main/java/org/bouncycastle/asn1/ess/ESSCertIDv2.java
deleted file mode 100644
index ffc1f9f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ess/ESSCertIDv2.java
+++ /dev/null

@@ -1,156 +0,0 @@
-package org.bouncycastle.asn1.ess;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.IssuerSerial;
-import org.bouncycastle.util.Arrays;
-
-public class ESSCertIDv2
-    extends ASN1Object
-{
-    private AlgorithmIdentifier hashAlgorithm;
-    private byte[]              certHash;
-    private IssuerSerial        issuerSerial;
-    private static final AlgorithmIdentifier DEFAULT_ALG_ID = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256);
-
-    public static ESSCertIDv2 getInstance(
-        Object o)
-    {
-        if (o instanceof ESSCertIDv2)
-        {
-            return (ESSCertIDv2) o;
-        }
-        else if (o != null)
-        {
-            return new ESSCertIDv2(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    private ESSCertIDv2(
-        ASN1Sequence seq)
-    {
-        if (seq.size() > 3)
-        {
-            throw new IllegalArgumentException("Bad sequence size: " + seq.size());
-        }
-
-        int count = 0;
-
-        if (seq.getObjectAt(0) instanceof ASN1OctetString)
-        {
-            // Default value
-            this.hashAlgorithm = DEFAULT_ALG_ID;
-        }
-        else
-        {
-            this.hashAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(count++).toASN1Primitive());
-        }
-
-        this.certHash = ASN1OctetString.getInstance(seq.getObjectAt(count++).toASN1Primitive()).getOctets();
-
-        if (seq.size() > count)
-        {
-            this.issuerSerial = IssuerSerial.getInstance(seq.getObjectAt(count));
-        }
-    }
-
-    public ESSCertIDv2(
-        byte[]              certHash)
-    {
-        this(null, certHash, null);
-    }
-
-    public ESSCertIDv2(
-        AlgorithmIdentifier algId,
-        byte[]              certHash)
-    {
-        this(algId, certHash, null);
-    }
-
-    public ESSCertIDv2(
-        byte[]              certHash,
-        IssuerSerial        issuerSerial)
-    {
-        this(null, certHash, issuerSerial);
-    }
-
-    public ESSCertIDv2(
-        AlgorithmIdentifier algId,
-        byte[]              certHash,
-        IssuerSerial        issuerSerial)
-    {
-        if (algId == null)
-        {
-            // Default value
-            this.hashAlgorithm = DEFAULT_ALG_ID;
-        }
-        else
-        {
-            this.hashAlgorithm = algId;
-        }
-
-        this.certHash = Arrays.clone(certHash);
-        this.issuerSerial = issuerSerial;
-    }
-
-    public AlgorithmIdentifier getHashAlgorithm()
-    {
-        return this.hashAlgorithm;
-    }
-
-    public byte[] getCertHash()
-    {
-        return Arrays.clone(certHash);
-    }
-
-    public IssuerSerial getIssuerSerial()
-    {
-        return issuerSerial;
-    }
-
-    /**
-     * <pre>
-     * ESSCertIDv2 ::=  SEQUENCE {
-     *     hashAlgorithm     AlgorithmIdentifier
-     *              DEFAULT {algorithm id-sha256},
-     *     certHash          Hash,
-     *     issuerSerial      IssuerSerial OPTIONAL
-     * }
-     *
-     * Hash ::= OCTET STRING
-     *
-     * IssuerSerial ::= SEQUENCE {
-     *     issuer         GeneralNames,
-     *     serialNumber   CertificateSerialNumber
-     * }
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        if (!hashAlgorithm.equals(DEFAULT_ALG_ID))
-        {
-            v.add(hashAlgorithm);
-        }
-
-        v.add(new DEROctetString(certHash).toASN1Primitive());
-
-        if (issuerSerial != null)
-        {
-            v.add(issuerSerial);
-        }
-
-        return new DERSequence(v);
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ess/OtherCertID.java b/bcprov/src/main/java/org/bouncycastle/asn1/ess/OtherCertID.java
deleted file mode 100644
index 9d190a8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ess/OtherCertID.java
+++ /dev/null

@@ -1,138 +0,0 @@
-package org.bouncycastle.asn1.ess;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.DigestInfo;
-import org.bouncycastle.asn1.x509.IssuerSerial;
-
-public class OtherCertID
-    extends ASN1Object
-{
-    private ASN1Encodable otherCertHash;
-    private IssuerSerial issuerSerial;
-
-    public static OtherCertID getInstance(Object o)
-    {
-        if (o instanceof OtherCertID)
-        {
-            return (OtherCertID) o;
-        }
-        else if (o != null)
-        {
-            return new OtherCertID(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    /**
-     * constructor
-     */
-    private OtherCertID(ASN1Sequence seq)
-    {
-        if (seq.size() < 1 || seq.size() > 2)
-        {
-            throw new IllegalArgumentException("Bad sequence size: "
-                    + seq.size());
-        }
-
-        if (seq.getObjectAt(0).toASN1Primitive() instanceof ASN1OctetString)
-        {
-            otherCertHash = ASN1OctetString.getInstance(seq.getObjectAt(0));
-        }
-        else
-        {
-            otherCertHash = DigestInfo.getInstance(seq.getObjectAt(0));
-
-        }
-
-        if (seq.size() > 1)
-        {
-            issuerSerial = IssuerSerial.getInstance(seq.getObjectAt(1));
-        }
-    }
-
-    public OtherCertID(
-        AlgorithmIdentifier  algId,
-        byte[]               digest)
-    {
-        this.otherCertHash = new DigestInfo(algId, digest);
-    }
-
-    public OtherCertID(
-        AlgorithmIdentifier  algId,
-        byte[]               digest,
-        IssuerSerial    issuerSerial)
-    {
-        this.otherCertHash = new DigestInfo(algId, digest);
-        this.issuerSerial = issuerSerial;
-    }
-
-    public AlgorithmIdentifier getAlgorithmHash()
-    {
-        if (otherCertHash.toASN1Primitive() instanceof ASN1OctetString)
-        {
-            // SHA-1
-            return new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1);
-        }
-        else
-        {
-            return DigestInfo.getInstance(otherCertHash).getAlgorithmId();
-        }
-    }
-
-    public byte[] getCertHash()
-    {
-        if (otherCertHash.toASN1Primitive() instanceof ASN1OctetString)
-        {
-            // SHA-1
-            return ((ASN1OctetString)otherCertHash.toASN1Primitive()).getOctets();
-        }
-        else
-        {
-            return DigestInfo.getInstance(otherCertHash).getDigest();
-        }
-    }
-
-    public IssuerSerial getIssuerSerial()
-    {
-        return issuerSerial;
-    }
-
-    /**
-     * <pre>
-     * OtherCertID ::= SEQUENCE {
-     *     otherCertHash    OtherHash,
-     *     issuerSerial     IssuerSerial OPTIONAL }
-     *
-     * OtherHash ::= CHOICE {
-     *     sha1Hash     OCTET STRING,
-     *     otherHash    OtherHashAlgAndValue }
-     *
-     * OtherHashAlgAndValue ::= SEQUENCE {
-     *     hashAlgorithm    AlgorithmIdentifier,
-     *     hashValue        OCTET STRING }
-     *
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(otherCertHash);
-
-        if (issuerSerial != null)
-        {
-            v.add(issuerSerial);
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ess/OtherSigningCertificate.java b/bcprov/src/main/java/org/bouncycastle/asn1/ess/OtherSigningCertificate.java
deleted file mode 100644
index 41f9e93..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ess/OtherSigningCertificate.java
+++ /dev/null

@@ -1,109 +0,0 @@
-package org.bouncycastle.asn1.ess;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.PolicyInformation;
-
-public class OtherSigningCertificate
-    extends ASN1Object
-{
-    ASN1Sequence certs;
-    ASN1Sequence policies;
-
-    public static OtherSigningCertificate getInstance(Object o)
-    {
-        if (o instanceof OtherSigningCertificate)
-        {
-            return (OtherSigningCertificate) o;
-        }
-        else if (o != null)
-        {
-            return new OtherSigningCertificate(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    /**
-     * constructeurs
-     */
-    private OtherSigningCertificate(ASN1Sequence seq)
-    {
-        if (seq.size() < 1 || seq.size() > 2)
-        {
-            throw new IllegalArgumentException("Bad sequence size: "
-                    + seq.size());
-        }
-
-        this.certs = ASN1Sequence.getInstance(seq.getObjectAt(0));
-
-        if (seq.size() > 1)
-        {
-            this.policies = ASN1Sequence.getInstance(seq.getObjectAt(1));
-        }
-    }
-
-    public OtherSigningCertificate(
-        OtherCertID otherCertID)
-    {
-        certs = new DERSequence(otherCertID);
-    }
-
-    public OtherCertID[] getCerts()
-    {
-        OtherCertID[] cs = new OtherCertID[certs.size()];
-
-        for (int i = 0; i != certs.size(); i++)
-        {
-            cs[i] = OtherCertID.getInstance(certs.getObjectAt(i));
-        }
-
-        return cs;
-    }
-
-    public PolicyInformation[] getPolicies()
-    {
-        if (policies == null)
-        {
-            return null;
-        }
-
-        PolicyInformation[] ps = new PolicyInformation[policies.size()];
-
-        for (int i = 0; i != policies.size(); i++)
-        {
-            ps[i] = PolicyInformation.getInstance(policies.getObjectAt(i));
-        }
-
-        return ps;
-    }
-
-    /**
-     * The definition of OtherSigningCertificate is
-     * <pre>
-     * OtherSigningCertificate ::=  SEQUENCE {
-     *      certs        SEQUENCE OF OtherCertID,
-     *      policies     SEQUENCE OF PolicyInformation OPTIONAL
-     * }
-     * </pre>
-     * id-aa-ets-otherSigCert OBJECT IDENTIFIER ::= { iso(1)
-     *  member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
-     *  smime(16) id-aa(2) 19 }
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(certs);
-
-        if (policies != null)
-        {
-            v.add(policies);
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ess/SigningCertificate.java b/bcprov/src/main/java/org/bouncycastle/asn1/ess/SigningCertificate.java
deleted file mode 100644
index eaf22e9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ess/SigningCertificate.java
+++ /dev/null

@@ -1,109 +0,0 @@
-package org.bouncycastle.asn1.ess;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.PolicyInformation;
-
-
-public class SigningCertificate
-    extends ASN1Object
-{
-    ASN1Sequence certs;
-    ASN1Sequence policies;
-
-    public static SigningCertificate getInstance(Object o)
-    {
-        if (o instanceof SigningCertificate)
-        {
-            return (SigningCertificate) o;
-        }
-        else if (o != null)
-        {
-            return new SigningCertificate(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    /**
-     * constructeurs
-     */
-    private SigningCertificate(ASN1Sequence seq)
-    {
-        if (seq.size() < 1 || seq.size() > 2)
-        {
-            throw new IllegalArgumentException("Bad sequence size: "
-                    + seq.size());
-        }
-        this.certs = ASN1Sequence.getInstance(seq.getObjectAt(0));
-        
-        if (seq.size() > 1)
-        {
-            this.policies = ASN1Sequence.getInstance(seq.getObjectAt(1));
-        }
-    }
-
-    public SigningCertificate(
-        ESSCertID essCertID)
-    {
-        certs = new DERSequence(essCertID);
-    }
-
-    public ESSCertID[] getCerts()
-    {
-        ESSCertID[] cs = new ESSCertID[certs.size()];
-        
-        for (int i = 0; i != certs.size(); i++)
-        {
-            cs[i] = ESSCertID.getInstance(certs.getObjectAt(i));
-        }
-        
-        return cs;
-    }
-    
-    public PolicyInformation[] getPolicies()
-    {
-        if (policies == null)
-        {
-            return null;
-        }
-        
-        PolicyInformation[] ps = new PolicyInformation[policies.size()];
-        
-        for (int i = 0; i != policies.size(); i++)
-        {
-            ps[i] = PolicyInformation.getInstance(policies.getObjectAt(i));
-        }
-        
-        return ps;
-    }
-    
-    /**
-     * The definition of SigningCertificate is
-     * <pre>
-     * SigningCertificate ::=  SEQUENCE {
-     *      certs        SEQUENCE OF ESSCertID,
-     *      policies     SEQUENCE OF PolicyInformation OPTIONAL
-     * }
-     * </pre>
-     * id-aa-signingCertificate OBJECT IDENTIFIER ::= { iso(1)
-     *  member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
-     *  smime(16) id-aa(2) 12 }
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(certs);
-        
-        if (policies != null)
-        {
-            v.add(policies);
-        }
-        
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ess/SigningCertificateV2.java b/bcprov/src/main/java/org/bouncycastle/asn1/ess/SigningCertificateV2.java
deleted file mode 100644
index 07219cd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ess/SigningCertificateV2.java
+++ /dev/null

@@ -1,136 +0,0 @@
-package org.bouncycastle.asn1.ess;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.PolicyInformation;
-
-public class SigningCertificateV2
-    extends ASN1Object
-{
-    ASN1Sequence certs;
-    ASN1Sequence policies;
-
-    public static SigningCertificateV2 getInstance(
-        Object o)
-    {
-        if (o == null || o instanceof SigningCertificateV2)
-        {
-            return (SigningCertificateV2) o;
-        }
-        else if (o instanceof ASN1Sequence)
-        {
-            return new SigningCertificateV2((ASN1Sequence) o);
-        }
-
-        return null;
-    }
-
-    private SigningCertificateV2(
-        ASN1Sequence seq)
-    {
-        if (seq.size() < 1 || seq.size() > 2)
-        {
-            throw new IllegalArgumentException("Bad sequence size: " + seq.size());
-        }
-
-        this.certs = ASN1Sequence.getInstance(seq.getObjectAt(0));
-
-        if (seq.size() > 1)
-        {
-            this.policies = ASN1Sequence.getInstance(seq.getObjectAt(1));
-        }
-    }
-
-    public SigningCertificateV2(
-        ESSCertIDv2 cert)
-    {
-        this.certs = new DERSequence(cert);
-    }
-
-    public SigningCertificateV2(
-        ESSCertIDv2[] certs)
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        for (int i=0; i < certs.length; i++)
-        {
-            v.add(certs[i]);
-        }
-        this.certs = new DERSequence(v);
-    }
-
-    public SigningCertificateV2(
-        ESSCertIDv2[] certs,
-        PolicyInformation[] policies)
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        for (int i=0; i < certs.length; i++)
-        {
-            v.add(certs[i]);
-        }
-        this.certs = new DERSequence(v);
-
-        if (policies != null)
-        {
-            v = new ASN1EncodableVector();
-            for (int i=0; i < policies.length; i++)
-            {
-                v.add(policies[i]);
-            }
-            this.policies = new DERSequence(v);
-        }
-    }
-
-    public ESSCertIDv2[] getCerts()
-    {
-        ESSCertIDv2[] certIds = new ESSCertIDv2[certs.size()];
-        for (int i = 0; i != certs.size(); i++)
-        {
-            certIds[i] = ESSCertIDv2.getInstance(certs.getObjectAt(i));
-        }
-        return certIds;
-    }
-
-    public PolicyInformation[] getPolicies()
-    {
-        if (policies == null)
-        {
-            return null;
-        }
-
-        PolicyInformation[] policyInformations = new PolicyInformation[policies.size()];
-        for (int i = 0; i != policies.size(); i++)
-        {
-            policyInformations[i] = PolicyInformation.getInstance(policies.getObjectAt(i));
-        }
-        return policyInformations;
-    }
-
-    /**
-     * The definition of SigningCertificateV2 is
-     * <pre>
-     * SigningCertificateV2 ::=  SEQUENCE {
-     *      certs        SEQUENCE OF ESSCertIDv2,
-     *      policies     SEQUENCE OF PolicyInformation OPTIONAL
-     * }
-     * </pre>
-     * id-aa-signingCertificateV2 OBJECT IDENTIFIER ::= { iso(1)
-     *    member-body(2) us(840) rsadsi(113549) pkcs(1) pkcs9(9)
-     *    smime(16) id-aa(2) 47 }
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(certs);
-
-        if (policies != null)
-        {
-            v.add(policies);
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ess/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/ess/package.html
deleted file mode 100644
index 21854b3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ess/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes useful for encoding and supporting Enhanced Security Services for S/MIME as described RFC 2634 and RFC 5035.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/est/AttrOrOID.java b/bcprov/src/main/java/org/bouncycastle/asn1/est/AttrOrOID.java
deleted file mode 100644
index 456e655..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/est/AttrOrOID.java
+++ /dev/null

@@ -1,100 +0,0 @@
-package org.bouncycastle.asn1.est;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.pkcs.Attribute;
-
-/**
- * <pre>
- *    AttrOrOID ::= CHOICE (oid OBJECT IDENTIFIER, attribute Attribute }
- * </pre>
- */
-public class AttrOrOID
-    extends ASN1Object
-    implements ASN1Choice
-{
-    private final ASN1ObjectIdentifier oid;
-    private final Attribute attribute;
-
-    public AttrOrOID(ASN1ObjectIdentifier oid)
-    {
-        this.oid = oid;
-        attribute = null;
-    }
-
-    public AttrOrOID(Attribute attribute)
-    {
-        this.oid = null;
-        this.attribute = attribute;
-    }
-
-    public static AttrOrOID getInstance(
-        Object obj)
-    {
-        if (obj instanceof AttrOrOID)
-        {
-            return (AttrOrOID)obj;
-        }
-
-        if (obj != null)
-        {
-            if (obj instanceof ASN1Encodable)
-            {
-                ASN1Encodable asn1Prim = ((ASN1Encodable)obj).toASN1Primitive();
-
-                if (asn1Prim instanceof ASN1ObjectIdentifier)
-                {
-                    return new AttrOrOID(ASN1ObjectIdentifier.getInstance(asn1Prim));
-                }
-                if (asn1Prim instanceof ASN1Sequence)
-                {
-                    return new AttrOrOID(Attribute.getInstance(asn1Prim));
-                }
-            }
-            if (obj instanceof byte[])
-            {
-                try
-                {
-                    return getInstance(ASN1Primitive.fromByteArray((byte[])obj));
-                }
-                catch (IOException e)
-                {
-                    throw new IllegalArgumentException("unknown encoding in getInstance()");
-                }
-            }
-            throw new IllegalArgumentException("unknown object in getInstance(): " + obj.getClass().getName());
-        }
-
-        return null;
-    }
-
-    public boolean isOid()
-    {
-        return oid != null;
-    }
-
-    public ASN1ObjectIdentifier getOid()
-    {
-        return oid;
-    }
-
-    public Attribute getAttribute()
-    {
-        return attribute;
-    }
-    public ASN1Primitive toASN1Primitive()
-    {
-        if (oid != null)
-        {
-            return oid;
-        }
-
-        return attribute.toASN1Primitive();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/est/CsrAttrs.java b/bcprov/src/main/java/org/bouncycastle/asn1/est/CsrAttrs.java
deleted file mode 100644
index a1ceeb4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/est/CsrAttrs.java
+++ /dev/null

@@ -1,85 +0,0 @@
-package org.bouncycastle.asn1.est;
-
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <pre>
- *      CsrAttrs ::= SEQUENCE SIZE (0..MAX) OF AttrOrOID
- * </pre>
- */
-public class CsrAttrs
-    extends ASN1Object
-{
-    private final AttrOrOID[] attrOrOIDs;
-
-    public static CsrAttrs getInstance(
-        Object obj)
-    {
-        if (obj instanceof CsrAttrs)
-        {
-            return (CsrAttrs)obj;
-        }
-
-        if (obj != null)
-        {
-            return new CsrAttrs(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public static CsrAttrs getInstance(
-        ASN1TaggedObject obj,
-        boolean explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    /**
-     * Construct a CsrAttrs object containing one AttrOrOID.
-     *
-     * @param attrOrOID the AttrOrOID to be contained.
-     */
-    public CsrAttrs(
-        AttrOrOID attrOrOID)
-    {
-        this.attrOrOIDs = new AttrOrOID[]{attrOrOID};
-    }
-
-
-    public CsrAttrs(
-        AttrOrOID[] attrOrOIDs)
-    {
-        this.attrOrOIDs = Utils.clone(attrOrOIDs);
-    }
-
-    private CsrAttrs(
-        ASN1Sequence seq)
-    {
-        this.attrOrOIDs = new AttrOrOID[seq.size()];
-
-        for (int i = 0; i != seq.size(); i++)
-        {
-            attrOrOIDs[i] = AttrOrOID.getInstance(seq.getObjectAt(i));
-        }
-    }
-
-    public AttrOrOID[] getAttrOrOIDs()
-    {
-        return Utils.clone(attrOrOIDs);
-    }
-
-    public int size()
-    {
-        return attrOrOIDs.length;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return new DERSequence(attrOrOIDs);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/est/Utils.java b/bcprov/src/main/java/org/bouncycastle/asn1/est/Utils.java
deleted file mode 100644
index 43a406a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/est/Utils.java
+++ /dev/null

@@ -1,13 +0,0 @@
-package org.bouncycastle.asn1.est;
-
-class Utils
-{
-    static AttrOrOID[] clone(AttrOrOID[] ids)
-    {
-        AttrOrOID[] tmp = new AttrOrOID[ids.length];
-
-        System.arraycopy(ids, 0, tmp, 0, ids.length);
-
-        return tmp;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/est/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/est/package.html
deleted file mode 100644
index 19b82dc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/est/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes for Enrollment over Secure Transport (EST) - RFC 7030.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/gm/GMNamedCurves.java b/bcprov/src/main/java/org/bouncycastle/asn1/gm/GMNamedCurves.java
deleted file mode 100644
index a0e65e5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/gm/GMNamedCurves.java
+++ /dev/null

@@ -1,142 +0,0 @@
-package org.bouncycastle.asn1.gm;
-
-import java.math.BigInteger;
-import java.util.Enumeration;
-import java.util.Hashtable;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.asn1.x9.X9ECParametersHolder;
-import org.bouncycastle.asn1.x9.X9ECPoint;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-
-/**
- * Chinese standard GM named curves.
- */
-public class GMNamedCurves
-{
-    private static ECCurve configureCurve(ECCurve curve)
-    {
-        return curve;
-    }
-
-    private static BigInteger fromHex(
-        String hex)
-    {
-        return new BigInteger(1, Hex.decode(hex));
-    }
-
-    /*
-     * SM2SysParams
-     */
-    static X9ECParametersHolder sm2p256v1 = new X9ECParametersHolder()
-    {
-        protected X9ECParameters createParameters()
-        {
-
-            BigInteger p = fromHex("FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFF");
-            BigInteger a = fromHex("FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC");
-            BigInteger b = fromHex("28E9FA9E9D9F5E344D5A9E4BCF6509A7F39789F515AB8F92DDBCBD414D940E93");
-            byte[] S = null;
-            BigInteger n = fromHex("FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFF7203DF6B21C6052B53BBF40939D54123");
-            BigInteger h = BigInteger.valueOf(1);
-
-            ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b, n, h));
-            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
-                + "32C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7"
-                + "BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A0"));
-
-            return new X9ECParameters(curve, G, n, h, S);
-        }
-    };
-
-    static X9ECParametersHolder wapip192v1 = new X9ECParametersHolder()
-    {
-        protected X9ECParameters createParameters()
-        {
-            BigInteger p = fromHex("BDB6F4FE3E8B1D9E0DA8C0D46F4C318CEFE4AFE3B6B8551F");
-            BigInteger a = fromHex("BB8E5E8FBC115E139FE6A814FE48AAA6F0ADA1AA5DF91985");
-            BigInteger b = fromHex("1854BEBDC31B21B7AEFC80AB0ECD10D5B1B3308E6DBF11C1");
-            byte[] S = null;
-            BigInteger n = fromHex("BDB6F4FE3E8B1D9E0DA8C0D40FC962195DFAE76F56564677");
-            BigInteger h = BigInteger.valueOf(1);
-
-            ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b, n, h));
-            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
-                + "4AD5F7048DE709AD51236DE6" + "5E4D4B482C836DC6E4106640"
-                + "02BB3A02D4AAADACAE24817A" + "4CA3A1B014B5270432DB27D2"));
-
-            return new X9ECParameters(curve, G, n, h, S);
-        }
-    };
-    
-    static final Hashtable objIds = new Hashtable();
-    static final Hashtable curves = new Hashtable();
-    static final Hashtable names = new Hashtable();
-
-    static void defineCurve(String name, ASN1ObjectIdentifier oid, X9ECParametersHolder holder)
-    {
-        objIds.put(Strings.toLowerCase(name), oid);
-        names.put(oid, name);
-        curves.put(oid, holder);
-    }
-
-    static
-    {
-        defineCurve("wapip192v1", GMObjectIdentifiers.wapip192v1, wapip192v1);
-        defineCurve("sm2p256v1", GMObjectIdentifiers.sm2p256v1, sm2p256v1);
-    }
-
-    public static X9ECParameters getByName(
-        String name)
-    {
-        ASN1ObjectIdentifier oid = getOID(name);
-        return oid == null ? null : getByOID(oid);
-    }
-
-    /**
-     * return the X9ECParameters object for the named curve represented by
-     * the passed in object identifier. Null if the curve isn't present.
-     *
-     * @param oid an object identifier representing a named curve, if present.
-     */
-    public static X9ECParameters getByOID(
-        ASN1ObjectIdentifier oid)
-    {
-        X9ECParametersHolder holder = (X9ECParametersHolder)curves.get(oid);
-        return holder == null ? null : holder.getParameters();
-    }
-
-    /**
-     * return the object identifier signified by the passed in name. Null
-     * if there is no object identifier associated with name.
-     *
-     * @return the object identifier associated with name, if present.
-     */
-    public static ASN1ObjectIdentifier getOID(
-        String name)
-    {
-        return (ASN1ObjectIdentifier)objIds.get(Strings.toLowerCase(name));
-    }
-
-    /**
-     * return the named curve name represented by the given object identifier.
-     */
-    public static String getName(
-        ASN1ObjectIdentifier oid)
-    {
-        return (String)names.get(oid);
-    }
-
-    /**
-     * returns an enumeration containing the name strings for curves
-     * contained in this structure.
-     */
-    public static Enumeration getNames()
-    {
-        return names.elements();
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/gnu/GNUObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/gnu/GNUObjectIdentifiers.java
deleted file mode 100644
index 0f82da0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/gnu/GNUObjectIdentifiers.java
+++ /dev/null

@@ -1,111 +0,0 @@
-package org.bouncycastle.asn1.gnu;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-
-/**
- * GNU project OID collection<p>
- * { iso(1) identifier-organization(3) dod(6) internet(1) private(4) } == IETF defined things
- */
-public interface GNUObjectIdentifiers
-{
-    /**
-     * 1.3.6.1.4.1.11591.1 -- used by GNU Radius
-     */
-    ASN1ObjectIdentifier GNU = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.1"); // GNU Radius
-    /**
-     * 1.3.6.1.4.1.11591.2 -- used by GNU PG
-     */
-    ASN1ObjectIdentifier GnuPG = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.2"); // GnuPG (Ägypten)
-    /**
-     * 1.3.6.1.4.1.11591.2.1 -- notation
-     */
-    ASN1ObjectIdentifier notation = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.2.1"); // notation
-    /**
-     * 1.3.6.1.4.1.11591.2.1.1 -- pkaAddress
-     */
-    ASN1ObjectIdentifier pkaAddress = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.2.1.1"); // pkaAddress
-    /**
-     * 1.3.6.1.4.1.11591.3 -- GNU Radar
-     */
-    ASN1ObjectIdentifier GnuRadar = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.3"); // GNU Radar
-    /**
-     * 1.3.6.1.4.1.11591.12 -- digestAlgorithm
-     */
-    ASN1ObjectIdentifier digestAlgorithm = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.12"); // digestAlgorithm
-    /**
-     * 1.3.6.1.4.1.11591.12.2 -- TIGER/192
-     */
-    ASN1ObjectIdentifier Tiger_192 = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.12.2"); // TIGER/192
-    /**
-     * 1.3.6.1.4.1.11591.13 -- encryptionAlgorithm
-     */
-    ASN1ObjectIdentifier encryptionAlgorithm = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13"); // encryptionAlgorithm
-    /**
-     * 1.3.6.1.4.1.11591.13.2 -- Serpent
-     */
-    ASN1ObjectIdentifier Serpent = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13.2"); // Serpent
-    /**
-     * 1.3.6.1.4.1.11591.13.2.1 -- Serpent-128-ECB
-     */
-    ASN1ObjectIdentifier Serpent_128_ECB = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13.2.1"); // Serpent-128-ECB
-    /**
-     * 1.3.6.1.4.1.11591.13.2.2 -- Serpent-128-CBC
-     */
-    ASN1ObjectIdentifier Serpent_128_CBC = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13.2.2"); // Serpent-128-CBC
-    /**
-     * 1.3.6.1.4.1.11591.13.2.3 -- Serpent-128-OFB
-     */
-    ASN1ObjectIdentifier Serpent_128_OFB = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13.2.3"); // Serpent-128-OFB
-    /**
-     * 1.3.6.1.4.1.11591.13.2.4 -- Serpent-128-CFB
-     */
-    ASN1ObjectIdentifier Serpent_128_CFB = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13.2.4"); // Serpent-128-CFB
-    /**
-     * 1.3.6.1.4.1.11591.13.2.21 -- Serpent-192-ECB
-     */
-    ASN1ObjectIdentifier Serpent_192_ECB = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13.2.21"); // Serpent-192-ECB
-    /**
-     * 1.3.6.1.4.1.11591.13.2.22 -- Serpent-192-CCB
-     */
-    ASN1ObjectIdentifier Serpent_192_CBC = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13.2.22"); // Serpent-192-CBC
-    /**
-     * 1.3.6.1.4.1.11591.13.2.23 -- Serpent-192-OFB
-     */
-    ASN1ObjectIdentifier Serpent_192_OFB = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13.2.23"); // Serpent-192-OFB
-    /**
-     * 1.3.6.1.4.1.11591.13.2.24 -- Serpent-192-CFB
-     */
-    ASN1ObjectIdentifier Serpent_192_CFB = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13.2.24"); // Serpent-192-CFB
-    /**
-     * 1.3.6.1.4.1.11591.13.2.41 -- Serpent-256-ECB
-     */
-    ASN1ObjectIdentifier Serpent_256_ECB = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13.2.41"); // Serpent-256-ECB
-    /**
-     * 1.3.6.1.4.1.11591.13.2.42 -- Serpent-256-CBC
-     */
-    ASN1ObjectIdentifier Serpent_256_CBC = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13.2.42"); // Serpent-256-CBC
-    /**
-     * 1.3.6.1.4.1.11591.13.2.43 -- Serpent-256-OFB
-     */
-    ASN1ObjectIdentifier Serpent_256_OFB = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13.2.43"); // Serpent-256-OFB
-    /**
-     * 1.3.6.1.4.1.11591.13.2.44 -- Serpent-256-CFB
-     */
-    ASN1ObjectIdentifier Serpent_256_CFB = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.13.2.44"); // Serpent-256-CFB
-
-    /**
-     * 1.3.6.1.4.1.11591.14 -- CRC algorithms
-     */
-    ASN1ObjectIdentifier CRC = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.14"); // CRC algorithms
-    /**
-     * 1.3.6.1.4.1.11591.14,1 -- CRC32
-     */
-    ASN1ObjectIdentifier CRC32 = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.14.1"); // CRC 32
-
-    /**
-     * 1.3.6.1.4.1.11591.15 - ellipticCurve
-     */
-    ASN1ObjectIdentifier ellipticCurve = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.15");
-
-    ASN1ObjectIdentifier Ed25519 = ellipticCurve.branch("1");
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/gnu/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/gnu/package.html
deleted file mode 100644
index cdb9f59..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/gnu/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-ASN.1 classes specific to the GNU APIs and applications.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/iana/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/iana/package.html
deleted file mode 100644
index bb60b43..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/iana/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-ASN.1 classes specific to the Internet Assigned Numbers Authority (IANA).
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/icao/CscaMasterList.java b/bcprov/src/main/java/org/bouncycastle/asn1/icao/CscaMasterList.java
deleted file mode 100644
index ff629f2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/icao/CscaMasterList.java
+++ /dev/null

@@ -1,114 +0,0 @@
-package org.bouncycastle.asn1.icao;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.x509.Certificate;
-
-/**
- * The CscaMasterList object. This object can be wrapped in a
- * CMSSignedData to be published in LDAP.
- *
- * <pre>
- * CscaMasterList ::= SEQUENCE {
- *   version                CscaMasterListVersion,
- *   certList               SET OF Certificate }
- *
- * CscaMasterListVersion :: INTEGER {v0(0)}
- * </pre>
- */
-
-public class CscaMasterList
-    extends ASN1Object
-{
-    private ASN1Integer version = new ASN1Integer(0);
-    private Certificate[] certList;
-
-    public static CscaMasterList getInstance(
-        Object obj)
-    {
-        if (obj instanceof CscaMasterList)
-        {
-            return (CscaMasterList)obj;
-        }
-        else if (obj != null)
-        {
-            return new CscaMasterList(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private CscaMasterList(
-        ASN1Sequence seq)
-    {
-        if (seq == null || seq.size() == 0)
-        {
-            throw new IllegalArgumentException(
-                "null or empty sequence passed.");
-        }
-        if (seq.size() != 2)
-        {
-            throw new IllegalArgumentException(
-                "Incorrect sequence size: " + seq.size());
-        }
-
-        version = ASN1Integer.getInstance(seq.getObjectAt(0));
-        ASN1Set certSet = ASN1Set.getInstance(seq.getObjectAt(1));
-        certList = new Certificate[certSet.size()];
-        for (int i = 0; i < certList.length; i++)
-        {
-            certList[i]
-                = Certificate.getInstance(certSet.getObjectAt(i));
-        }
-    }
-
-    public CscaMasterList(
-        Certificate[] certStructs)
-    {
-        certList = copyCertList(certStructs);
-    }
-
-    public int getVersion()
-    {
-        return version.getValue().intValue();
-    }
-
-    public Certificate[] getCertStructs()
-    {
-        return copyCertList(certList);
-    }
-
-    private Certificate[] copyCertList(Certificate[] orig)
-    {
-        Certificate[] certs = new Certificate[orig.length];
-
-        for (int i = 0; i != certs.length; i++)
-        {
-            certs[i] = orig[i];
-        }
-
-        return certs;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector seq = new ASN1EncodableVector();
-
-        seq.add(version);
-
-        ASN1EncodableVector certSet = new ASN1EncodableVector();
-        for (int i = 0; i < certList.length; i++)
-        {
-            certSet.add(certList[i]);
-        }
-        seq.add(new DERSet(certSet));
-
-        return new DERSequence(seq);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/icao/DataGroupHash.java b/bcprov/src/main/java/org/bouncycastle/asn1/icao/DataGroupHash.java
deleted file mode 100644
index b4c4c5c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/icao/DataGroupHash.java
+++ /dev/null

@@ -1,97 +0,0 @@
-package org.bouncycastle.asn1.icao;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * The DataGroupHash object.
- * <pre>
- * DataGroupHash  ::=  SEQUENCE {
- *      dataGroupNumber         DataGroupNumber,
- *      dataGroupHashValue     OCTET STRING }
- * 
- * DataGroupNumber ::= INTEGER {
- *         dataGroup1    (1),
- *         dataGroup1    (2),
- *         dataGroup1    (3),
- *         dataGroup1    (4),
- *         dataGroup1    (5),
- *         dataGroup1    (6),
- *         dataGroup1    (7),
- *         dataGroup1    (8),
- *         dataGroup1    (9),
- *         dataGroup1    (10),
- *         dataGroup1    (11),
- *         dataGroup1    (12),
- *         dataGroup1    (13),
- *         dataGroup1    (14),
- *         dataGroup1    (15),
- *         dataGroup1    (16) }
- * 
- * </pre>
- */
-public class DataGroupHash 
-    extends ASN1Object
-{
-    ASN1Integer dataGroupNumber;    
-    ASN1OctetString    dataGroupHashValue;
-    
-    public static DataGroupHash getInstance(
-        Object obj)
-    {
-        if (obj instanceof DataGroupHash)
-        {
-            return (DataGroupHash)obj;
-        }
-        else if (obj != null)
-        {
-            return new DataGroupHash(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }                
-            
-    private DataGroupHash(ASN1Sequence seq)
-    {
-        Enumeration e = seq.getObjects();
-
-        // dataGroupNumber
-        dataGroupNumber = ASN1Integer.getInstance(e.nextElement());
-        // dataGroupHashValue
-        dataGroupHashValue = ASN1OctetString.getInstance(e.nextElement());   
-    }
-    
-    public DataGroupHash(
-        int dataGroupNumber,        
-        ASN1OctetString     dataGroupHashValue)
-    {
-        this.dataGroupNumber = new ASN1Integer(dataGroupNumber);
-        this.dataGroupHashValue = dataGroupHashValue; 
-    }    
-
-    public int getDataGroupNumber()
-    {
-        return dataGroupNumber.getValue().intValue();
-    }
-    
-    public ASN1OctetString getDataGroupHashValue()
-    {
-        return dataGroupHashValue;
-    }     
-    
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector seq = new ASN1EncodableVector();
-        seq.add(dataGroupNumber);
-        seq.add(dataGroupHashValue);  
-
-        return new DERSequence(seq);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/icao/ICAOObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/icao/ICAOObjectIdentifiers.java
deleted file mode 100644
index 3c271da..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/icao/ICAOObjectIdentifiers.java
+++ /dev/null

@@ -1,49 +0,0 @@
-package org.bouncycastle.asn1.icao;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-
-/**
- *
- * { ISOITU(2) intorgs(23) icao(136) }
- */
-public interface ICAOObjectIdentifiers
-{
-    //
-    // base id
-    //
-    /**  2.23.136  */
-    static final ASN1ObjectIdentifier    id_icao                   = new ASN1ObjectIdentifier("2.23.136");
-
-    /**  2.23.136.1  */
-    static final ASN1ObjectIdentifier    id_icao_mrtd              = id_icao.branch("1");
-    /**  2.23.136.1.1  */
-    static final ASN1ObjectIdentifier    id_icao_mrtd_security     = id_icao_mrtd.branch("1");
-
-    /** LDS security object, see ICAO Doc 9303-Volume 2-Section IV-A3.2<p>
-     *  2.23.136.1.1.1  */
-    static final ASN1ObjectIdentifier    id_icao_ldsSecurityObject = id_icao_mrtd_security.branch("1");
-
-    /** CSCA master list, see TR CSCA Countersigning and Master List issuance<p>
-     * 2.23.136.1.1.2
-     */
-    static final ASN1ObjectIdentifier    id_icao_cscaMasterList    = id_icao_mrtd_security.branch("2");
-    /** 2.23.136.1.1.3 */
-    static final ASN1ObjectIdentifier    id_icao_cscaMasterListSigningKey = id_icao_mrtd_security.branch("3");
-
-    /** document type list, see draft TR LDS and PKI Maintenance, par. 3.2.1 <p>
-     * 2.23.136.1.1.4
-     */
-    static final ASN1ObjectIdentifier    id_icao_documentTypeList  = id_icao_mrtd_security.branch("4");
-
-    /** Active Authentication protocol, see draft TR LDS and PKI Maintenance, par. 5.2.2<p>
-     * 2.23.136.1.1.5
-     */
-    static final ASN1ObjectIdentifier    id_icao_aaProtocolObject  = id_icao_mrtd_security.branch("5");
-
-    /** CSCA name change and key reoll-over, see draft TR LDS and PKI Maintenance, par. 3.2.1<p>
-     * 2.23.136.1.1.6
-     */
-    static final ASN1ObjectIdentifier    id_icao_extensions        = id_icao_mrtd_security.branch("6");
-    /** 2.23.136.1.1.6.1 */
-    static final ASN1ObjectIdentifier    id_icao_extensions_namechangekeyrollover = id_icao_extensions.branch("1");
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/icao/LDSSecurityObject.java b/bcprov/src/main/java/org/bouncycastle/asn1/icao/LDSSecurityObject.java
deleted file mode 100644
index dfee3c7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/icao/LDSSecurityObject.java
+++ /dev/null

@@ -1,167 +0,0 @@
-package org.bouncycastle.asn1.icao;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * The LDSSecurityObject object (V1.8).
- * <pre>
- * LDSSecurityObject ::= SEQUENCE {
- *   version                LDSSecurityObjectVersion,
- *   hashAlgorithm          DigestAlgorithmIdentifier,
- *   dataGroupHashValues    SEQUENCE SIZE (2..ub-DataGroups) OF DataHashGroup,
- *   ldsVersionInfo         LDSVersionInfo OPTIONAL
- *   -- if present, version MUST be v1 }
- *
- * DigestAlgorithmIdentifier ::= AlgorithmIdentifier,
- *
- * LDSSecurityObjectVersion :: INTEGER {V0(0)}
- * </pre>
- */
-public class LDSSecurityObject
-    extends ASN1Object
-    implements ICAOObjectIdentifiers
-{
-    public static final int ub_DataGroups = 16;
-
-    private ASN1Integer version = new ASN1Integer(0);
-    private AlgorithmIdentifier digestAlgorithmIdentifier;
-    private DataGroupHash[] datagroupHash;
-    private LDSVersionInfo versionInfo;
-
-    public static LDSSecurityObject getInstance(
-        Object obj)
-    {
-        if (obj instanceof LDSSecurityObject)
-        {
-            return (LDSSecurityObject)obj;
-        }
-        else if (obj != null)
-        {
-            return new LDSSecurityObject(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private LDSSecurityObject(
-        ASN1Sequence seq)
-    {
-        if (seq == null || seq.size() == 0)
-        {
-            throw new IllegalArgumentException("null or empty sequence passed.");
-        }
-
-        Enumeration e = seq.getObjects();
-
-        // version
-        version = ASN1Integer.getInstance(e.nextElement());
-        // digestAlgorithmIdentifier
-        digestAlgorithmIdentifier = AlgorithmIdentifier.getInstance(e.nextElement());
-
-        ASN1Sequence datagroupHashSeq = ASN1Sequence.getInstance(e.nextElement());
-
-        if (version.getValue().intValue() == 1)
-        {
-            versionInfo = LDSVersionInfo.getInstance(e.nextElement());
-        }
-
-        checkDatagroupHashSeqSize(datagroupHashSeq.size());
-
-        datagroupHash = new DataGroupHash[datagroupHashSeq.size()];
-        for (int i = 0; i < datagroupHashSeq.size(); i++)
-        {
-            datagroupHash[i] = DataGroupHash.getInstance(datagroupHashSeq.getObjectAt(i));
-        }
-    }
-
-    public LDSSecurityObject(
-        AlgorithmIdentifier digestAlgorithmIdentifier,
-        DataGroupHash[] datagroupHash)
-    {
-        this.version = new ASN1Integer(0);
-        this.digestAlgorithmIdentifier = digestAlgorithmIdentifier;
-        this.datagroupHash = copy(datagroupHash);
-
-        checkDatagroupHashSeqSize(datagroupHash.length);
-    }
-
-    public LDSSecurityObject(
-        AlgorithmIdentifier digestAlgorithmIdentifier,
-        DataGroupHash[] datagroupHash,
-        LDSVersionInfo versionInfo)
-    {
-        this.version = new ASN1Integer(1);
-        this.digestAlgorithmIdentifier = digestAlgorithmIdentifier;
-        this.datagroupHash = copy(datagroupHash);
-        this.versionInfo = versionInfo;
-
-        checkDatagroupHashSeqSize(datagroupHash.length);
-    }
-
-    private void checkDatagroupHashSeqSize(int size)
-    {
-        if ((size < 2) || (size > ub_DataGroups))
-        {
-            throw new IllegalArgumentException("wrong size in DataGroupHashValues : not in (2.." + ub_DataGroups + ")");
-        }
-    }
-
-    public int getVersion()
-    {
-        return version.getValue().intValue();
-    }
-
-    public AlgorithmIdentifier getDigestAlgorithmIdentifier()
-    {
-        return digestAlgorithmIdentifier;
-    }
-
-    public DataGroupHash[] getDatagroupHash()
-    {
-        return copy(datagroupHash);
-    }
-
-    public LDSVersionInfo getVersionInfo()
-    {
-        return versionInfo;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector seq = new ASN1EncodableVector();
-
-        seq.add(version);
-        seq.add(digestAlgorithmIdentifier);
-
-        ASN1EncodableVector seqname = new ASN1EncodableVector();
-        for (int i = 0; i < datagroupHash.length; i++)
-        {
-            seqname.add(datagroupHash[i]);
-        }
-        seq.add(new DERSequence(seqname));
-
-        if (versionInfo != null)
-        {
-            seq.add(versionInfo);
-        }
-
-        return new DERSequence(seq);
-    }
-
-    private DataGroupHash[] copy(DataGroupHash[] dgHash)
-    {
-        DataGroupHash[] rv = new DataGroupHash[dgHash.length];
-
-        System.arraycopy(dgHash, 0, rv, 0, rv.length);
-
-        return rv;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/icao/LDSVersionInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/icao/LDSVersionInfo.java
deleted file mode 100644
index 64575a8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/icao/LDSVersionInfo.java
+++ /dev/null

@@ -1,75 +0,0 @@
-package org.bouncycastle.asn1.icao;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERPrintableString;
-import org.bouncycastle.asn1.DERSequence;
-
-public class LDSVersionInfo
-    extends ASN1Object
-{
-    private DERPrintableString ldsVersion;
-    private DERPrintableString unicodeVersion;
-
-    public LDSVersionInfo(String ldsVersion, String unicodeVersion)
-    {
-        this.ldsVersion = new DERPrintableString(ldsVersion);
-        this.unicodeVersion = new DERPrintableString(unicodeVersion);
-    }
-
-    private LDSVersionInfo(ASN1Sequence seq)
-    {
-        if (seq.size() != 2)
-        {
-            throw new IllegalArgumentException("sequence wrong size for LDSVersionInfo");
-        }
-
-        this.ldsVersion = DERPrintableString.getInstance(seq.getObjectAt(0));
-        this.unicodeVersion = DERPrintableString.getInstance(seq.getObjectAt(1));
-    }
-
-    public static LDSVersionInfo getInstance(Object obj)
-    {
-        if (obj instanceof LDSVersionInfo)
-        {
-            return (LDSVersionInfo)obj;
-        }
-        else if (obj != null)
-        {
-            return new LDSVersionInfo(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public String getLdsVersion()
-    {
-        return ldsVersion.getString();
-    }
-
-    public String getUnicodeVersion()
-    {
-        return unicodeVersion.getString();
-    }
-
-    /**
-     * <pre>
-     * LDSVersionInfo ::= SEQUENCE {
-     *    ldsVersion PRINTABLE STRING
-     *    unicodeVersion PRINTABLE STRING
-     *  }
-     * </pre>
-     * @return  an ASN.1 primitive composition of this LDSVersionInfo.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(ldsVersion);
-        v.add(unicodeVersion);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/icao/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/icao/package.html
deleted file mode 100644
index f2301db..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/icao/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-ICAO ASN.1 classes for electronic passport.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/ocsp/CertHash.java b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/ocsp/CertHash.java
deleted file mode 100644
index e7cf777..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/ocsp/CertHash.java
+++ /dev/null

@@ -1,121 +0,0 @@
-package org.bouncycastle.asn1.isismtt.ocsp;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.Arrays;
-
-/**
- * ISIS-MTT PROFILE: The responder may include this extension in a response to
- * send the hash of the requested certificate to the responder. This hash is
- * cryptographically bound to the certificate and serves as evidence that the
- * certificate is known to the responder (i.e. it has been issued and is present
- * in the directory). Hence, this extension is a means to provide a positive
- * statement of availability as described in T8.[8]. As explained in T13.[1],
- * clients may rely on this information to be able to validate signatures after
- * the expiry of the corresponding certificate. Hence, clients MUST support this
- * extension. If a positive statement of availability is to be delivered, this
- * extension syntax and OID MUST be used.
- * <pre>
- *     CertHash ::= SEQUENCE {
- *       hashAlgorithm AlgorithmIdentifier,
- *       certificateHash OCTET STRING
- *     }
- * </pre>
- */
-public class CertHash
-    extends ASN1Object
-{
-
-    private AlgorithmIdentifier hashAlgorithm;
-    private byte[] certificateHash;
-
-    public static CertHash getInstance(Object obj)
-    {
-        if (obj == null || obj instanceof CertHash)
-        {
-            return (CertHash)obj;
-        }
-
-        if (obj instanceof ASN1Sequence)
-        {
-            return new CertHash((ASN1Sequence)obj);
-        }
-
-        throw new IllegalArgumentException("illegal object in getInstance: "
-            + obj.getClass().getName());
-    }
-
-    /**
-     * Constructor from ASN1Sequence.
-     * <p>
-     * The sequence is of type CertHash:
-     * <pre>
-     *     CertHash ::= SEQUENCE {
-     *       hashAlgorithm AlgorithmIdentifier,
-     *       certificateHash OCTET STRING
-     *     }
-     * </pre>
-     * </p>
-     * @param seq The ASN.1 sequence.
-     */
-    private CertHash(ASN1Sequence seq)
-    {
-        if (seq.size() != 2)
-        {
-            throw new IllegalArgumentException("Bad sequence size: "
-                + seq.size());
-        }
-        hashAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(0));
-        certificateHash = DEROctetString.getInstance(seq.getObjectAt(1)).getOctets();
-    }
-
-    /**
-     * Constructor from a given details.
-     *
-     * @param hashAlgorithm   The hash algorithm identifier.
-     * @param certificateHash The hash of the whole DER encoding of the certificate.
-     */
-    public CertHash(AlgorithmIdentifier hashAlgorithm, byte[] certificateHash)
-    {
-        this.hashAlgorithm = hashAlgorithm;
-        this.certificateHash = new byte[certificateHash.length];
-        System.arraycopy(certificateHash, 0, this.certificateHash, 0,
-            certificateHash.length);
-    }
-
-    public AlgorithmIdentifier getHashAlgorithm()
-    {
-        return hashAlgorithm;
-    }
-
-    public byte[] getCertificateHash()
-    {
-        return Arrays.clone(certificateHash);
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     * <p>
-     * Returns:
-     * <pre>
-     *     CertHash ::= SEQUENCE {
-     *       hashAlgorithm AlgorithmIdentifier,
-     *       certificateHash OCTET STRING
-     *     }
-     * </pre>
-     *
-     * @return a DERObject
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector vec = new ASN1EncodableVector();
-        vec.add(hashAlgorithm);
-        vec.add(new DEROctetString(certificateHash));
-        return new DERSequence(vec);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/ocsp/RequestedCertificate.java b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/ocsp/RequestedCertificate.java
deleted file mode 100644
index b2e249c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/ocsp/RequestedCertificate.java
+++ /dev/null

@@ -1,182 +0,0 @@
-package org.bouncycastle.asn1.isismtt.ocsp;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x509.Certificate;
-import org.bouncycastle.util.Arrays;
-
-/**
- * ISIS-MTT-Optional: The certificate requested by the client by inserting the
- * RetrieveIfAllowed extension in the request, will be returned in this
- * extension.
- * <p>
- * ISIS-MTT-SigG: The signature act allows publishing certificates only then,
- * when the certificate owner gives his explicit permission. Accordingly, there
- * may be �nondownloadable� certificates, about which the responder must provide
- * status information, but MUST NOT include them in the response. Clients may
- * get therefore the following three kind of answers on a single request
- * including the RetrieveIfAllowed extension:
- * <ul>
- * <li> a) the responder supports the extension and is allowed to publish the
- * certificate: RequestedCertificate returned including the requested
- * certificate
- * <li>b) the responder supports the extension but is NOT allowed to publish
- * the certificate: RequestedCertificate returned including an empty OCTET
- * STRING
- * <li>c) the responder does not support the extension: RequestedCertificate is
- * not included in the response
- * </ul>
- * Clients requesting RetrieveIfAllowed MUST be able to handle these cases. If
- * any of the OCTET STRING options is used, it MUST contain the DER encoding of
- * the requested certificate.
- * <pre>
- *            RequestedCertificate ::= CHOICE {
- *              Certificate Certificate,
- *              publicKeyCertificate [0] EXPLICIT OCTET STRING,
- *              attributeCertificate [1] EXPLICIT OCTET STRING
- *            }
- * </pre>
- */
-public class RequestedCertificate
-    extends ASN1Object
-    implements ASN1Choice
-{
-    public static final int certificate = -1;
-    public static final int publicKeyCertificate = 0;
-    public static final int attributeCertificate = 1;
-
-    private Certificate cert;
-    private byte[] publicKeyCert;
-    private byte[] attributeCert;
-
-    public static RequestedCertificate getInstance(Object obj)
-    {
-        if (obj == null || obj instanceof RequestedCertificate)
-        {
-            return (RequestedCertificate)obj;
-        }
-
-        if (obj instanceof ASN1Sequence)
-        {
-            return new RequestedCertificate(Certificate.getInstance(obj));
-        }
-        if (obj instanceof ASN1TaggedObject)
-        {
-            return new RequestedCertificate((ASN1TaggedObject)obj);
-        }
-
-        throw new IllegalArgumentException("illegal object in getInstance: "
-            + obj.getClass().getName());
-    }
-
-    public static RequestedCertificate getInstance(ASN1TaggedObject obj, boolean explicit)
-    {
-        if (!explicit)
-        {
-            throw new IllegalArgumentException("choice item must be explicitly tagged");
-        }
-
-        return getInstance(obj.getObject());
-    }
-
-    private RequestedCertificate(ASN1TaggedObject tagged)
-    {
-        if (tagged.getTagNo() == publicKeyCertificate)
-        {
-            publicKeyCert = ASN1OctetString.getInstance(tagged, true).getOctets();
-        }
-        else if (tagged.getTagNo() == attributeCertificate)
-        {
-            attributeCert = ASN1OctetString.getInstance(tagged, true).getOctets();
-        }
-        else
-        {
-            throw new IllegalArgumentException("unknown tag number: " + tagged.getTagNo());
-        }
-    }
-
-    /**
-     * Constructor from a given details.
-     * <p>
-     * Only one parameter can be given. All other must be <code>null</code>.
-     *
-     * @param certificate          Given as Certificate
-     */
-    public RequestedCertificate(Certificate certificate)
-    {
-        this.cert = certificate;
-    }
-
-    public RequestedCertificate(int type, byte[] certificateOctets)
-    {
-        this(new DERTaggedObject(type, new DEROctetString(certificateOctets)));
-    }
-
-    public int getType()
-    {
-        if (cert != null)
-        {
-            return certificate;
-        }
-        if (publicKeyCert != null)
-        {
-            return publicKeyCertificate;
-        }
-        return attributeCertificate;
-    }
-
-    public byte[] getCertificateBytes()
-    {
-        if (cert != null)
-        {
-            try
-            {
-                return cert.getEncoded();
-            }
-            catch (IOException e)
-            {
-                throw new IllegalStateException("can't decode certificate: " + e);
-            }
-        }
-        if (publicKeyCert != null)
-        {
-            return Arrays.clone(publicKeyCert);
-        }
-        return Arrays.clone(attributeCert);
-    }
-    
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     * <p>
-     * Returns:
-     * <pre>
-     *            RequestedCertificate ::= CHOICE {
-     *              Certificate Certificate,
-     *              publicKeyCertificate [0] EXPLICIT OCTET STRING,
-     *              attributeCertificate [1] EXPLICIT OCTET STRING
-     *            }
-     * </pre>
-     *
-     * @return a DERObject
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        if (publicKeyCert != null)
-        {
-            return new DERTaggedObject(0, new DEROctetString(publicKeyCert));
-        }
-        if (attributeCert != null)
-        {
-            return new DERTaggedObject(1, new DEROctetString(attributeCert));
-        }
-        return cert.toASN1Primitive();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/ocsp/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/ocsp/package.html
deleted file mode 100644
index cd95ca3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/ocsp/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes for the ISIS-MTT profile for OCSP.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/package.html
deleted file mode 100644
index 14ab390..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes for the ISIS-MTT Project.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/AdditionalInformationSyntax.java b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/AdditionalInformationSyntax.java
deleted file mode 100644
index 454100a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/AdditionalInformationSyntax.java
+++ /dev/null

@@ -1,69 +0,0 @@
-package org.bouncycastle.asn1.isismtt.x509;
-
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.x500.DirectoryString;
-
-/**
- * Some other information of non-restrictive nature regarding the usage of this
- * certificate.
- * 
- * <pre>
- *    AdditionalInformationSyntax ::= DirectoryString (SIZE(1..2048))
- * </pre>
- */
-public class AdditionalInformationSyntax
-    extends ASN1Object
-{
-    private DirectoryString information;
-
-    public static AdditionalInformationSyntax getInstance(Object obj)
-    {
-        if (obj instanceof AdditionalInformationSyntax)
-        {
-            return (AdditionalInformationSyntax)obj;
-        }
-
-        if (obj != null)
-        {
-            return new AdditionalInformationSyntax(DirectoryString.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private AdditionalInformationSyntax(DirectoryString information)
-    {
-        this.information = information;
-    }
-
-    /**
-     * Constructor from a given details.
-     *
-     * @param information The description of the information.
-     */
-    public AdditionalInformationSyntax(String information)
-    {
-        this(new DirectoryString(information));
-    }
-
-    public DirectoryString getInformation()
-    {
-        return information;
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     * <p>
-     * Returns:
-     * <pre>
-     *   AdditionalInformationSyntax ::= DirectoryString (SIZE(1..2048))
-     * </pre>
-     *
-     * @return a DERObject
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return information.toASN1Primitive();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/AdmissionSyntax.java b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/AdmissionSyntax.java
deleted file mode 100644
index 4943d52..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/AdmissionSyntax.java
+++ /dev/null

@@ -1,275 +0,0 @@
-package org.bouncycastle.asn1.isismtt.x509;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.GeneralName;
-
-/**
- * Attribute to indicate admissions to certain professions.
- *
- * <pre>
- *     AdmissionSyntax ::= SEQUENCE
- *     {
- *       admissionAuthority GeneralName OPTIONAL,
- *       contentsOfAdmissions SEQUENCE OF Admissions
- *     }
- *
- *     Admissions ::= SEQUENCE
- *     {
- *       admissionAuthority [0] EXPLICIT GeneralName OPTIONAL
- *       namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL
- *       professionInfos SEQUENCE OF ProfessionInfo
- *     }
- *
- *     NamingAuthority ::= SEQUENCE
- *     {
- *       namingAuthorityId OBJECT IDENTIFIER OPTIONAL,
- *       namingAuthorityUrl IA5String OPTIONAL,
- *       namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL
- *     }
- *
- *     ProfessionInfo ::= SEQUENCE
- *     {
- *       namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL,
- *       professionItems SEQUENCE OF DirectoryString (SIZE(1..128)),
- *       professionOIDs SEQUENCE OF OBJECT IDENTIFIER OPTIONAL,
- *       registrationNumber PrintableString(SIZE(1..128)) OPTIONAL,
- *       addProfessionInfo OCTET STRING OPTIONAL
- *     }
- * </pre>
- * <p>
- * ISIS-MTT PROFILE: The relatively complex structure of AdmissionSyntax
- * supports the following concepts and requirements:
- * <ul>
- * <li> External institutions (e.g. professional associations, chambers, unions,
- * administrative bodies, companies, etc.), which are responsible for granting
- * and verifying professional admissions, are indicated by means of the data
- * field admissionAuthority. An admission authority is indicated by a
- * GeneralName object. Here an X.501 directory name (distinguished name) can be
- * indicated in the field directoryName, a URL address can be indicated in the
- * field uniformResourceIdentifier, and an object identifier can be indicated in
- * the field registeredId.
- * <li> The names of authorities which are responsible for the administration of
- * title registers are indicated in the data field namingAuthority. The name of
- * the authority can be identified by an object identifier in the field
- * namingAuthorityId, by means of a text string in the field
- * namingAuthorityText, by means of a URL address in the field
- * namingAuthorityUrl, or by a combination of them. For example, the text string
- * can contain the name of the authority, the country and the name of the title
- * register. The URL-option refers to a web page which contains lists with
- * �officially� registered professions (text and possibly OID) as well as
- * further information on these professions. Object identifiers for the
- * component namingAuthorityId are grouped under the OID-branch
- * id-isis-at-namingAuthorities and must be applied for.
- * <li>See
- * http://www.teletrust.de/anwend.asp?Id=30200&amp;Sprache=E_&amp;HomePG=0 for
- * an application form and http://www.teletrust.de/links.asp?id=30220,11
- * for an overview of registered naming authorities.
- * <li> By means of the data type ProfessionInfo certain professions,
- * specializations, disciplines, fields of activity, etc. are identified. A
- * profession is represented by one or more text strings, resp. profession OIDs
- * in the fields professionItems and professionOIDs and by a registration number
- * in the field registrationNumber. An indication in text form must always be
- * present, whereas the other indications are optional. The component
- * addProfessionInfo may contain additional applicationspecific information in
- * DER-encoded form.
- * </ul>
- * <p>
- * By means of different namingAuthority-OIDs or profession OIDs hierarchies of
- * professions, specializations, disciplines, fields of activity, etc. can be
- * expressed. The issuing admission authority should always be indicated (field
- * admissionAuthority), whenever a registration number is presented. Still,
- * information on admissions can be given without indicating an admission or a
- * naming authority by the exclusive use of the component professionItems. In
- * this case the certification authority is responsible for the verification of
- * the admission information.
- * <p>
- * This attribute is single-valued. Still, several admissions can be captured in
- * the sequence structure of the component contentsOfAdmissions of
- * AdmissionSyntax or in the component professionInfos of Admissions. The
- * component admissionAuthority of AdmissionSyntax serves as default value for
- * the component admissionAuthority of Admissions. Within the latter component
- * the default value can be overwritten, in case that another authority is
- * responsible. The component namingAuthority of Admissions serves as a default
- * value for the component namingAuthority of ProfessionInfo. Within the latter
- * component the default value can be overwritten, in case that another naming
- * authority needs to be recorded.
- * <p>
- * The length of the string objects is limited to 128 characters. It is
- * recommended to indicate a namingAuthorityURL in all issued attribute
- * certificates. If a namingAuthorityURL is indicated, the field professionItems
- * of ProfessionInfo should contain only registered titles. If the field
- * professionOIDs exists, it has to contain the OIDs of the professions listed
- * in professionItems in the same order. In general, the field professionInfos
- * should contain only one entry, unless the admissions that are to be listed
- * are logically connected (e.g. they have been issued under the same admission
- * number).
- *
- * @see org.bouncycastle.asn1.isismtt.x509.Admissions
- * @see org.bouncycastle.asn1.isismtt.x509.ProfessionInfo
- * @see org.bouncycastle.asn1.isismtt.x509.NamingAuthority
- */
-public class AdmissionSyntax
-    extends ASN1Object
-{
-
-    private GeneralName admissionAuthority;
-
-    private ASN1Sequence contentsOfAdmissions;
-
-    public static AdmissionSyntax getInstance(Object obj)
-    {
-        if (obj == null || obj instanceof AdmissionSyntax)
-        {
-            return (AdmissionSyntax)obj;
-        }
-
-        if (obj instanceof ASN1Sequence)
-        {
-            return new AdmissionSyntax((ASN1Sequence)obj);
-        }
-
-        throw new IllegalArgumentException("illegal object in getInstance: "
-            + obj.getClass().getName());
-    }
-
-    /**
-     * Constructor from ASN1Sequence.
-     * <p>
-     * The sequence is of type ProcurationSyntax:
-     * <pre>
-     *     AdmissionSyntax ::= SEQUENCE
-     *     {
-     *       admissionAuthority GeneralName OPTIONAL,
-     *       contentsOfAdmissions SEQUENCE OF Admissions
-     *     }
-     *
-     *     Admissions ::= SEQUENCE
-     *     {
-     *       admissionAuthority [0] EXPLICIT GeneralName OPTIONAL
-     *       namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL
-     *       professionInfos SEQUENCE OF ProfessionInfo
-     *     }
-     *
-     *     NamingAuthority ::= SEQUENCE
-     *     {
-     *       namingAuthorityId OBJECT IDENTIFIER OPTIONAL,
-     *       namingAuthorityUrl IA5String OPTIONAL,
-     *       namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL
-     *     }
-     *
-     *     ProfessionInfo ::= SEQUENCE
-     *     {
-     *       namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL,
-     *       professionItems SEQUENCE OF DirectoryString (SIZE(1..128)),
-     *       professionOIDs SEQUENCE OF OBJECT IDENTIFIER OPTIONAL,
-     *       registrationNumber PrintableString(SIZE(1..128)) OPTIONAL,
-     *       addProfessionInfo OCTET STRING OPTIONAL
-     *     }
-     * </pre>
-     * </p>
-     * @param seq The ASN.1 sequence.
-     */
-    private AdmissionSyntax(ASN1Sequence seq)
-    {
-        switch (seq.size())
-        {
-        case 1:
-            contentsOfAdmissions = DERSequence.getInstance(seq.getObjectAt(0));
-            break;
-        case 2:
-            admissionAuthority = GeneralName.getInstance(seq.getObjectAt(0));
-            contentsOfAdmissions = DERSequence.getInstance(seq.getObjectAt(1));
-            break;
-        default:
-            throw new IllegalArgumentException("Bad sequence size: " + seq.size());
-        }
-    }
-
-    /**
-     * Constructor from given details.
-     *
-     * @param admissionAuthority   The admission authority.
-     * @param contentsOfAdmissions The admissions.
-     */
-    public AdmissionSyntax(GeneralName admissionAuthority, ASN1Sequence contentsOfAdmissions)
-    {
-        this.admissionAuthority = admissionAuthority;
-        this.contentsOfAdmissions = contentsOfAdmissions;
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     * <p>
-     * Returns:
-     * <pre>
-     *     AdmissionSyntax ::= SEQUENCE
-     *     {
-     *       admissionAuthority GeneralName OPTIONAL,
-     *       contentsOfAdmissions SEQUENCE OF Admissions
-     *     }
-     *
-     *     Admissions ::= SEQUENCE
-     *     {
-     *       admissionAuthority [0] EXPLICIT GeneralName OPTIONAL
-     *       namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL
-     *       professionInfos SEQUENCE OF ProfessionInfo
-     *     }
-     *
-     *     NamingAuthority ::= SEQUENCE
-     *     {
-     *       namingAuthorityId OBJECT IDENTIFIER OPTIONAL,
-     *       namingAuthorityUrl IA5String OPTIONAL,
-     *       namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL
-     *     }
-     *
-     *     ProfessionInfo ::= SEQUENCE
-     *     {
-     *       namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL,
-     *       professionItems SEQUENCE OF DirectoryString (SIZE(1..128)),
-     *       professionOIDs SEQUENCE OF OBJECT IDENTIFIER OPTIONAL,
-     *       registrationNumber PrintableString(SIZE(1..128)) OPTIONAL,
-     *       addProfessionInfo OCTET STRING OPTIONAL
-     *     }
-     * </pre>
-     *
-     * @return a DERObject
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector vec = new ASN1EncodableVector();
-        if (admissionAuthority != null)
-        {
-            vec.add(admissionAuthority);
-        }
-        vec.add(contentsOfAdmissions);
-        return new DERSequence(vec);
-    }
-
-    /**
-     * @return Returns the admissionAuthority if present, null otherwise.
-     */
-    public GeneralName getAdmissionAuthority()
-    {
-        return admissionAuthority;
-    }
-
-    /**
-     * @return Returns the contentsOfAdmissions.
-     */
-    public Admissions[] getContentsOfAdmissions()
-    {
-        Admissions[] admissions = new Admissions[contentsOfAdmissions.size()];
-        int count = 0;
-        for (Enumeration e = contentsOfAdmissions.getObjects(); e.hasMoreElements();)
-        {
-            admissions[count++] = Admissions.getInstance(e.nextElement());
-        }
-        return admissions;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/Admissions.java b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/Admissions.java
deleted file mode 100644
index bda1514..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/Admissions.java
+++ /dev/null

@@ -1,184 +0,0 @@
-package org.bouncycastle.asn1.isismtt.x509;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x509.GeneralName;
-
-/**
- * An Admissions structure.
- * <pre>
- *            Admissions ::= SEQUENCE
- *            {
- *              admissionAuthority [0] EXPLICIT GeneralName OPTIONAL
- *              namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL
- *              professionInfos SEQUENCE OF ProfessionInfo
- *            }
- * </pre>
- *
- * @see org.bouncycastle.asn1.isismtt.x509.AdmissionSyntax
- * @see org.bouncycastle.asn1.isismtt.x509.ProfessionInfo
- * @see org.bouncycastle.asn1.isismtt.x509.NamingAuthority
- */
-public class Admissions 
-    extends ASN1Object
-{
-
-    private GeneralName admissionAuthority;
-
-    private NamingAuthority namingAuthority;
-
-    private ASN1Sequence professionInfos;
-
-    public static Admissions getInstance(Object obj)
-    {
-        if (obj == null || obj instanceof Admissions)
-        {
-            return (Admissions)obj;
-        }
-
-        if (obj instanceof ASN1Sequence)
-        {
-            return new Admissions((ASN1Sequence)obj);
-        }
-
-        throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName());
-    }
-
-    /**
-     * Constructor from ASN1Sequence.
-     * <p>
-     * The sequence is of type ProcurationSyntax:
-     * <pre>
-     *            Admissions ::= SEQUENCE
-     *            {
-     *              admissionAuthority [0] EXPLICIT GeneralName OPTIONAL
-     *              namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL
-     *              professionInfos SEQUENCE OF ProfessionInfo
-     *            }
-     * </pre>
-     * </p>
-     * @param seq The ASN.1 sequence.
-     */
-    private Admissions(ASN1Sequence seq)
-    {
-        if (seq.size() > 3)
-        {
-            throw new IllegalArgumentException("Bad sequence size: "
-                + seq.size());
-        }
-        Enumeration e = seq.getObjects();
-
-        ASN1Encodable o = (ASN1Encodable)e.nextElement();
-        if (o instanceof ASN1TaggedObject)
-        {
-            switch (((ASN1TaggedObject)o).getTagNo())
-            {
-            case 0:
-                admissionAuthority = GeneralName.getInstance((ASN1TaggedObject)o, true);
-                break;
-            case 1:
-                namingAuthority = NamingAuthority.getInstance((ASN1TaggedObject)o, true);
-                break;
-            default:
-                throw new IllegalArgumentException("Bad tag number: " + ((ASN1TaggedObject)o).getTagNo());
-            }
-            o = (ASN1Encodable)e.nextElement();
-        }
-        if (o instanceof ASN1TaggedObject)
-        {
-            switch (((ASN1TaggedObject)o).getTagNo())
-            {
-            case 1:
-                namingAuthority = NamingAuthority.getInstance((ASN1TaggedObject)o, true);
-                break;
-            default:
-                throw new IllegalArgumentException("Bad tag number: " + ((ASN1TaggedObject)o).getTagNo());
-            }
-            o = (ASN1Encodable)e.nextElement();
-        }
-        professionInfos = ASN1Sequence.getInstance(o);
-        if (e.hasMoreElements())
-        {
-            throw new IllegalArgumentException("Bad object encountered: "
-                + e.nextElement().getClass());
-        }
-    }
-
-    /**
-     * Constructor from a given details.
-     * <p>
-     * Parameter <code>professionInfos</code> is mandatory.
-     *
-     * @param admissionAuthority The admission authority.
-     * @param namingAuthority    The naming authority.
-     * @param professionInfos    The profession infos.
-     */
-    public Admissions(GeneralName admissionAuthority,
-                      NamingAuthority namingAuthority, ProfessionInfo[] professionInfos)
-    {
-        this.admissionAuthority = admissionAuthority;
-        this.namingAuthority = namingAuthority;
-        this.professionInfos = new DERSequence(professionInfos);
-    }
-
-    public GeneralName getAdmissionAuthority()
-    {
-        return admissionAuthority;
-    }
-
-    public NamingAuthority getNamingAuthority()
-    {
-        return namingAuthority;
-    }
-
-    public ProfessionInfo[] getProfessionInfos()
-    {
-        ProfessionInfo[] infos = new ProfessionInfo[professionInfos.size()];
-        int count = 0;
-        for (Enumeration e = professionInfos.getObjects(); e.hasMoreElements();)
-        {
-            infos[count++] = ProfessionInfo.getInstance(e.nextElement());
-        }
-        return infos;
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     * <p>
-     * Returns:
-     * <pre>
-     *       Admissions ::= SEQUENCE
-     *       {
-     *         admissionAuthority [0] EXPLICIT GeneralName OPTIONAL
-     *         namingAuthority [1] EXPLICIT NamingAuthority OPTIONAL
-     *         professionInfos SEQUENCE OF ProfessionInfo
-     *       }
-     * </pre>
-     *
-     * @return an ASN1Primitive
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector vec = new ASN1EncodableVector();
-        
-        if (admissionAuthority != null)
-        {
-            vec.add(new DERTaggedObject(true, 0, admissionAuthority));
-        }
-        if (namingAuthority != null)
-        {
-            vec.add(new DERTaggedObject(true, 1, namingAuthority));
-        }
-        vec.add(professionInfos);
-
-        return new DERSequence(vec);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/DeclarationOfMajority.java b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/DeclarationOfMajority.java
deleted file mode 100644
index 987c590..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/DeclarationOfMajority.java
+++ /dev/null

@@ -1,163 +0,0 @@
-package org.bouncycastle.asn1.isismtt.x509;
-
-import org.bouncycastle.asn1.ASN1Boolean;
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERPrintableString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-
-/**
- * A declaration of majority.
- *
- * <pre>
- *           DeclarationOfMajoritySyntax ::= CHOICE
- *           {
- *             notYoungerThan [0] IMPLICIT INTEGER,
- *             fullAgeAtCountry [1] IMPLICIT SEQUENCE
- *             {
- *               fullAge BOOLEAN DEFAULT TRUE,
- *               country PrintableString (SIZE(2))
- *             }
- *             dateOfBirth [2] IMPLICIT GeneralizedTime
- *           }
- * </pre>
- * <p>
- * fullAgeAtCountry indicates the majority of the owner with respect to the laws
- * of a specific country.
- */
-public class DeclarationOfMajority
-    extends ASN1Object
-    implements ASN1Choice
-{
-    public static final int notYoungerThan = 0;
-    public static final int fullAgeAtCountry = 1;
-    public static final int dateOfBirth = 2;
-
-    private ASN1TaggedObject declaration;
-
-    public DeclarationOfMajority(int notYoungerThan)
-    {
-        declaration = new DERTaggedObject(false, 0, new ASN1Integer(notYoungerThan));
-    }
-
-    public DeclarationOfMajority(boolean fullAge, String country)
-    {
-        if (country.length() > 2)
-        {
-            throw new IllegalArgumentException("country can only be 2 characters");
-        }
-
-        if (fullAge)
-        {
-            declaration = new DERTaggedObject(false, 1, new DERSequence(new DERPrintableString(country, true)));
-        }
-        else
-        {
-            ASN1EncodableVector v = new ASN1EncodableVector();
-
-            v.add(ASN1Boolean.FALSE);
-            v.add(new DERPrintableString(country, true));
-
-            declaration = new DERTaggedObject(false, 1, new DERSequence(v));
-        }
-    }
-
-    public DeclarationOfMajority(ASN1GeneralizedTime dateOfBirth)
-    {
-        declaration = new DERTaggedObject(false, 2, dateOfBirth);
-    }
-
-    public static DeclarationOfMajority getInstance(Object obj)
-    {
-        if (obj == null || obj instanceof DeclarationOfMajority)
-        {
-            return (DeclarationOfMajority)obj;
-        }
-
-        if (obj instanceof ASN1TaggedObject)
-        {
-            return new DeclarationOfMajority((ASN1TaggedObject)obj);
-        }
-
-        throw new IllegalArgumentException("illegal object in getInstance: "
-            + obj.getClass().getName());
-    }
-
-    private DeclarationOfMajority(ASN1TaggedObject o)
-    {
-        if (o.getTagNo() > 2)
-        {
-                throw new IllegalArgumentException("Bad tag number: " + o.getTagNo());
-        }
-        declaration = o;
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     * <p>
-     * Returns:
-     * <pre>
-     *           DeclarationOfMajoritySyntax ::= CHOICE
-     *           {
-     *             notYoungerThan [0] IMPLICIT INTEGER,
-     *             fullAgeAtCountry [1] IMPLICIT SEQUENCE
-     *             {
-     *               fullAge BOOLEAN DEFAULT TRUE,
-     *               country PrintableString (SIZE(2))
-     *             }
-     *             dateOfBirth [2] IMPLICIT GeneralizedTime
-     *           }
-     * </pre>
-     *
-     * @return a DERObject
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return declaration;
-    }
-
-    public int getType()
-    {
-        return declaration.getTagNo();
-    }
-
-    /**
-     * @return notYoungerThan if that's what we are, -1 otherwise
-     */
-    public int notYoungerThan()
-    {
-        if (declaration.getTagNo() != 0)
-        {
-            return -1;
-        }
-
-        return ASN1Integer.getInstance(declaration, false).getValue().intValue();
-    }
-
-    public ASN1Sequence fullAgeAtCountry()
-    {
-        if (declaration.getTagNo() != 1)
-        {
-            return null;
-        }
-
-        return ASN1Sequence.getInstance(declaration, false);
-    }
-
-    public ASN1GeneralizedTime getDateOfBirth()
-    {
-        if (declaration.getTagNo() != 2)
-        {
-            return null;
-        }
-
-        return ASN1GeneralizedTime.getInstance(declaration, false);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/MonetaryLimit.java b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/MonetaryLimit.java
deleted file mode 100644
index 7425287..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/MonetaryLimit.java
+++ /dev/null

@@ -1,128 +0,0 @@
-package org.bouncycastle.asn1.isismtt.x509;
-
-import java.math.BigInteger;
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERPrintableString;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * Monetary limit for transactions. The QcEuMonetaryLimit QC statement MUST be
- * used in new certificates in place of the extension/attribute MonetaryLimit
- * since January 1, 2004. For the sake of backward compatibility with
- * certificates already in use, components SHOULD support MonetaryLimit (as well
- * as QcEuLimitValue).
- * <p>
- * Indicates a monetary limit within which the certificate holder is authorized
- * to act. (This value DOES NOT express a limit on the liability of the
- * certification authority).
- * <pre>
- *    MonetaryLimitSyntax ::= SEQUENCE
- *    {
- *      currency PrintableString (SIZE(3)),
- *      amount INTEGER,
- *      exponent INTEGER
- *    }
- * </pre>
- * <p>
- * currency must be the ISO code.
- * <p>
- * value = amount�10*exponent
- */
-public class MonetaryLimit
-    extends ASN1Object
-{
-    DERPrintableString currency;
-    ASN1Integer amount;
-    ASN1Integer exponent;
-
-    public static MonetaryLimit getInstance(Object obj)
-    {
-        if (obj == null || obj instanceof MonetaryLimit)
-        {
-            return (MonetaryLimit)obj;
-        }
-
-        if (obj instanceof ASN1Sequence)
-        {
-            return new MonetaryLimit(ASN1Sequence.getInstance(obj));
-        }
-
-        throw new IllegalArgumentException("unknown object in getInstance");
-    }
-
-    private MonetaryLimit(ASN1Sequence seq)
-    {
-        if (seq.size() != 3)
-        {
-            throw new IllegalArgumentException("Bad sequence size: "
-                + seq.size());
-        }
-        Enumeration e = seq.getObjects();
-        currency = DERPrintableString.getInstance(e.nextElement());
-        amount = ASN1Integer.getInstance(e.nextElement());
-        exponent = ASN1Integer.getInstance(e.nextElement());
-    }
-
-    /**
-     * Constructor from a given details.
-     * <p>
-     * value = amount�10^exponent
-     *
-     * @param currency The currency. Must be the ISO code.
-     * @param amount   The amount
-     * @param exponent The exponent
-     */
-    public MonetaryLimit(String currency, int amount, int exponent)
-    {
-        this.currency = new DERPrintableString(currency, true);
-        this.amount = new ASN1Integer(amount);
-        this.exponent = new ASN1Integer(exponent);
-    }
-
-    public String getCurrency()
-    {
-        return currency.getString();
-    }
-
-    public BigInteger getAmount()
-    {
-        return amount.getValue();
-    }
-
-    public BigInteger getExponent()
-    {
-        return exponent.getValue();
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     * <p>
-     * Returns:
-     * <pre>
-     *    MonetaryLimitSyntax ::= SEQUENCE
-     *    {
-     *      currency PrintableString (SIZE(3)),
-     *      amount INTEGER,
-     *      exponent INTEGER
-     *    }
-     * </pre>
-     *
-     * @return a DERObject
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector seq = new ASN1EncodableVector();
-        seq.add(currency);
-        seq.add(amount);
-        seq.add(exponent);
-
-        return new DERSequence(seq);
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/NamingAuthority.java b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/NamingAuthority.java
deleted file mode 100644
index 9a123c3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/NamingAuthority.java
+++ /dev/null

@@ -1,222 +0,0 @@
-package org.bouncycastle.asn1.isismtt.x509;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1String;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERIA5String;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.isismtt.ISISMTTObjectIdentifiers;
-import org.bouncycastle.asn1.x500.DirectoryString;
-
-/**
- * Names of authorities which are responsible for the administration of title
- * registers.
- * 
- * <pre>
- *             NamingAuthority ::= SEQUENCE 
- *             {
- *               namingAuthorityId OBJECT IDENTIFIER OPTIONAL,
- *               namingAuthorityUrl IA5String OPTIONAL,
- *               namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL
- *             }
- * </pre>
- * @see org.bouncycastle.asn1.isismtt.x509.AdmissionSyntax
- * 
- */
-public class NamingAuthority
-    extends ASN1Object
-{
-
-    /**
-     * Profession OIDs should always be defined under the OID branch of the
-     * responsible naming authority. At the time of this writing, the work group
-     * �Recht, Wirtschaft, Steuern� (�Law, Economy, Taxes�) is registered as the
-     * first naming authority under the OID id-isismtt-at-namingAuthorities.
-     */
-    public static final ASN1ObjectIdentifier id_isismtt_at_namingAuthorities_RechtWirtschaftSteuern =
-        new ASN1ObjectIdentifier(ISISMTTObjectIdentifiers.id_isismtt_at_namingAuthorities + ".1");
-
-    private ASN1ObjectIdentifier namingAuthorityId;
-    private String namingAuthorityUrl;
-    private DirectoryString namingAuthorityText;
-
-    public static NamingAuthority getInstance(Object obj)
-    {
-        if (obj == null || obj instanceof NamingAuthority)
-        {
-            return (NamingAuthority)obj;
-        }
-
-        if (obj instanceof ASN1Sequence)
-        {
-            return new NamingAuthority((ASN1Sequence)obj);
-        }
-
-        throw new IllegalArgumentException("illegal object in getInstance: "
-            + obj.getClass().getName());
-    }
-
-    public static NamingAuthority getInstance(ASN1TaggedObject obj, boolean explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    /**
-     * Constructor from ASN1Sequence.
-     * <pre>
-     *             NamingAuthority ::= SEQUENCE
-     *             {
-     *               namingAuthorityId OBJECT IDENTIFIER OPTIONAL,
-     *               namingAuthorityUrl IA5String OPTIONAL,
-     *               namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL
-     *             }
-     * </pre>
-     *
-     * @param seq The ASN.1 sequence.
-     */
-    private NamingAuthority(ASN1Sequence seq)
-    {
-
-        if (seq.size() > 3)
-        {
-            throw new IllegalArgumentException("Bad sequence size: "
-                + seq.size());
-        }
-
-        Enumeration e = seq.getObjects();
-
-        if (e.hasMoreElements())
-        {
-            ASN1Encodable o = (ASN1Encodable)e.nextElement();
-            if (o instanceof ASN1ObjectIdentifier)
-            {
-                namingAuthorityId = (ASN1ObjectIdentifier)o;
-            }
-            else if (o instanceof DERIA5String)
-            {
-                namingAuthorityUrl = DERIA5String.getInstance(o).getString();
-            }
-            else if (o instanceof ASN1String)
-            {
-                namingAuthorityText = DirectoryString.getInstance(o);
-            }
-            else
-            {
-                throw new IllegalArgumentException("Bad object encountered: "
-                    + o.getClass());
-            }
-        }
-        if (e.hasMoreElements())
-        {
-            ASN1Encodable o = (ASN1Encodable)e.nextElement();
-            if (o instanceof DERIA5String)
-            {
-                namingAuthorityUrl = DERIA5String.getInstance(o).getString();
-            }
-            else if (o instanceof ASN1String)
-            {
-                namingAuthorityText = DirectoryString.getInstance(o);
-            }
-            else
-            {
-                throw new IllegalArgumentException("Bad object encountered: "
-                    + o.getClass());
-            }
-        }
-        if (e.hasMoreElements())
-        {
-            ASN1Encodable o = (ASN1Encodable)e.nextElement();
-            if (o instanceof ASN1String)
-            {
-                namingAuthorityText = DirectoryString.getInstance(o);
-            }
-            else
-            {
-                throw new IllegalArgumentException("Bad object encountered: "
-                    + o.getClass());
-            }
-
-        }
-    }
-
-    /**
-     * @return Returns the namingAuthorityId.
-     */
-    public ASN1ObjectIdentifier getNamingAuthorityId()
-    {
-        return namingAuthorityId;
-    }
-
-    /**
-     * @return Returns the namingAuthorityText.
-     */
-    public DirectoryString getNamingAuthorityText()
-    {
-        return namingAuthorityText;
-    }
-
-    /**
-     * @return Returns the namingAuthorityUrl.
-     */
-    public String getNamingAuthorityUrl()
-    {
-        return namingAuthorityUrl;
-    }
-
-    /**
-     * Constructor from given details.
-     * <p>
-     * All parameters can be combined.
-     *
-     * @param namingAuthorityId   ObjectIdentifier for naming authority.
-     * @param namingAuthorityUrl  URL for naming authority.
-     * @param namingAuthorityText Textual representation of naming authority.
-     */
-    public NamingAuthority(ASN1ObjectIdentifier namingAuthorityId,
-                           String namingAuthorityUrl, DirectoryString namingAuthorityText)
-    {
-        this.namingAuthorityId = namingAuthorityId;
-        this.namingAuthorityUrl = namingAuthorityUrl;
-        this.namingAuthorityText = namingAuthorityText;
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     * <p>
-     * Returns:
-     * <pre>
-     *             NamingAuthority ::= SEQUENCE
-     *             {
-     *               namingAuthorityId OBJECT IDENTIFIER OPTIONAL,
-     *               namingAuthorityUrl IA5String OPTIONAL,
-     *               namingAuthorityText DirectoryString(SIZE(1..128)) OPTIONAL
-     *             }
-     * </pre>
-     *
-     * @return a DERObject
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector vec = new ASN1EncodableVector();
-        if (namingAuthorityId != null)
-        {
-            vec.add(namingAuthorityId);
-        }
-        if (namingAuthorityUrl != null)
-        {
-            vec.add(new DERIA5String(namingAuthorityUrl, true));
-        }
-        if (namingAuthorityText != null)
-        {
-            vec.add(namingAuthorityText);
-        }
-        return new DERSequence(vec);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/ProcurationSyntax.java b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/ProcurationSyntax.java
deleted file mode 100644
index 506f75a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/ProcurationSyntax.java
+++ /dev/null

@@ -1,236 +0,0 @@
-package org.bouncycastle.asn1.isismtt.x509;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERPrintableString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x500.DirectoryString;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.IssuerSerial;
-
-/**
- * Attribute to indicate that the certificate holder may sign in the name of a
- * third person.
- * <p>
- * ISIS-MTT PROFILE: The corresponding ProcurationSyntax contains either the
- * name of the person who is represented (subcomponent thirdPerson) or a
- * reference to his/her base certificate (in the component signingFor,
- * subcomponent certRef), furthermore the optional components country and
- * typeSubstitution to indicate the country whose laws apply, and respectively
- * the type of procuration (e.g. manager, procuration, custody).
- * <p>
- * ISIS-MTT PROFILE: The GeneralName MUST be of type directoryName and MAY only
- * contain: - RFC3039 attributes, except pseudonym (countryName, commonName,
- * surname, givenName, serialNumber, organizationName, organizationalUnitName,
- * stateOrProvincename, localityName, postalAddress) and - SubjectDirectoryName
- * attributes (title, dateOfBirth, placeOfBirth, gender, countryOfCitizenship,
- * countryOfResidence and NameAtBirth).
- * 
- * <pre>
- *               ProcurationSyntax ::= SEQUENCE {
- *                 country [1] EXPLICIT PrintableString(SIZE(2)) OPTIONAL,
- *                 typeOfSubstitution [2] EXPLICIT DirectoryString (SIZE(1..128)) OPTIONAL,
- *                 signingFor [3] EXPLICIT SigningFor 
- *               }
- *               
- *               SigningFor ::= CHOICE 
- *               { 
- *                 thirdPerson GeneralName,
- *                 certRef IssuerSerial 
- *               }
- * </pre>
- * 
- */
-public class ProcurationSyntax
-    extends ASN1Object
-{
-    private String country;
-    private DirectoryString typeOfSubstitution;
-
-    private GeneralName thirdPerson;
-    private IssuerSerial certRef;
-
-    public static ProcurationSyntax getInstance(Object obj)
-    {
-        if (obj == null || obj instanceof ProcurationSyntax)
-        {
-            return (ProcurationSyntax)obj;
-        }
-
-        if (obj instanceof ASN1Sequence)
-        {
-            return new ProcurationSyntax((ASN1Sequence)obj);
-        }
-
-        throw new IllegalArgumentException("illegal object in getInstance: "
-            + obj.getClass().getName());
-    }
-
-    /**
-     * Constructor from ASN1Sequence.
-     * <p>
-     * The sequence is of type ProcurationSyntax:
-     * <pre>
-     *               ProcurationSyntax ::= SEQUENCE {
-     *                 country [1] EXPLICIT PrintableString(SIZE(2)) OPTIONAL,
-     *                 typeOfSubstitution [2] EXPLICIT DirectoryString (SIZE(1..128)) OPTIONAL,
-     *                 signingFor [3] EXPLICIT SigningFor
-     *               }
-     *
-     *               SigningFor ::= CHOICE
-     *               {
-     *                 thirdPerson GeneralName,
-     *                 certRef IssuerSerial
-     *               }
-     * </pre>
-     * </p>
-     * @param seq The ASN.1 sequence.
-     */
-    private ProcurationSyntax(ASN1Sequence seq)
-    {
-        if (seq.size() < 1 || seq.size() > 3)
-        {
-            throw new IllegalArgumentException("Bad sequence size: " + seq.size());
-        }
-        Enumeration e = seq.getObjects();
-
-        while (e.hasMoreElements())
-        {
-            ASN1TaggedObject o = ASN1TaggedObject.getInstance(e.nextElement());
-            switch (o.getTagNo())
-            {
-                case 1:
-                    country = DERPrintableString.getInstance(o, true).getString();
-                    break;
-                case 2:
-                    typeOfSubstitution = DirectoryString.getInstance(o, true);
-                    break;
-                case 3:
-                    ASN1Encodable signingFor = o.getObject();
-                    if (signingFor instanceof ASN1TaggedObject)
-                    {
-                        thirdPerson = GeneralName.getInstance(signingFor);
-                    }
-                    else
-                    {
-                        certRef = IssuerSerial.getInstance(signingFor);
-                    }
-                    break;
-                default:
-                    throw new IllegalArgumentException("Bad tag number: " + o.getTagNo());
-            }
-        }
-    }
-
-    /**
-     * Constructor from a given details.
-     * <p>
-     * Either <code>generalName</code> or <code>certRef</code> MUST be
-     * <code>null</code>.
-     *
-     * @param country            The country code whose laws apply.
-     * @param typeOfSubstitution The type of procuration.
-     * @param certRef            Reference to certificate of the person who is represented.
-     */
-    public ProcurationSyntax(
-        String country,
-        DirectoryString typeOfSubstitution,
-        IssuerSerial certRef)
-    {
-        this.country = country;
-        this.typeOfSubstitution = typeOfSubstitution;
-        this.thirdPerson = null;
-        this.certRef = certRef;
-    }
-
-    /**
-     * Constructor from a given details.
-     * <p>
-     * Either <code>generalName</code> or <code>certRef</code> MUST be
-     * <code>null</code>.
-     *
-     * @param country            The country code whose laws apply.
-     * @param typeOfSubstitution The type of procuration.
-     * @param thirdPerson        The GeneralName of the person who is represented.
-     */
-    public ProcurationSyntax(
-        String country,
-        DirectoryString typeOfSubstitution,
-        GeneralName thirdPerson)
-    {
-        this.country = country;
-        this.typeOfSubstitution = typeOfSubstitution;
-        this.thirdPerson = thirdPerson;
-        this.certRef = null;
-    }
-
-    public String getCountry()
-    {
-        return country;
-    }
-
-    public DirectoryString getTypeOfSubstitution()
-    {
-        return typeOfSubstitution;
-    }
-
-    public GeneralName getThirdPerson()
-    {
-        return thirdPerson;
-    }
-
-    public IssuerSerial getCertRef()
-    {
-        return certRef;
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     * <p>
-     * Returns:
-     * <pre>
-     *               ProcurationSyntax ::= SEQUENCE {
-     *                 country [1] EXPLICIT PrintableString(SIZE(2)) OPTIONAL,
-     *                 typeOfSubstitution [2] EXPLICIT DirectoryString (SIZE(1..128)) OPTIONAL,
-     *                 signingFor [3] EXPLICIT SigningFor
-     *               }
-     *
-     *               SigningFor ::= CHOICE
-     *               {
-     *                 thirdPerson GeneralName,
-     *                 certRef IssuerSerial
-     *               }
-     * </pre>
-     *
-     * @return a DERObject
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector vec = new ASN1EncodableVector();
-        if (country != null)
-        {
-            vec.add(new DERTaggedObject(true, 1, new DERPrintableString(country, true)));
-        }
-        if (typeOfSubstitution != null)
-        {
-            vec.add(new DERTaggedObject(true, 2, typeOfSubstitution));
-        }
-        if (thirdPerson != null)
-        {
-            vec.add(new DERTaggedObject(true, 3, thirdPerson));
-        }
-        else
-        {
-            vec.add(new DERTaggedObject(true, 3, certRef));
-        }
-
-        return new DERSequence(vec);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/ProfessionInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/ProfessionInfo.java
deleted file mode 100644
index e0f94be..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/ProfessionInfo.java
+++ /dev/null

@@ -1,405 +0,0 @@
-package org.bouncycastle.asn1.isismtt.x509;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERPrintableString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x500.DirectoryString;
-
-/**
- * Professions, specializations, disciplines, fields of activity, etc.
- * 
- * <pre>
- *               ProfessionInfo ::= SEQUENCE 
- *               {
- *                 namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL,
- *                 professionItems SEQUENCE OF DirectoryString (SIZE(1..128)),
- *                 professionOIDs SEQUENCE OF OBJECT IDENTIFIER OPTIONAL,
- *                 registrationNumber PrintableString(SIZE(1..128)) OPTIONAL,
- *                 addProfessionInfo OCTET STRING OPTIONAL 
- *               }
- * </pre>
- * 
- * @see org.bouncycastle.asn1.isismtt.x509.AdmissionSyntax
- */
-public class ProfessionInfo 
-    extends ASN1Object
-{
-
-    /**
-     * Rechtsanw�ltin
-     */
-    public static final ASN1ObjectIdentifier Rechtsanwltin = new ASN1ObjectIdentifier(
-        NamingAuthority.id_isismtt_at_namingAuthorities_RechtWirtschaftSteuern + ".1");
-
-    /**
-     * Rechtsanwalt
-     */
-    public static final ASN1ObjectIdentifier Rechtsanwalt = new ASN1ObjectIdentifier(
-        NamingAuthority.id_isismtt_at_namingAuthorities_RechtWirtschaftSteuern + ".2");
-
-    /**
-     * Rechtsbeistand
-     */
-    public static final ASN1ObjectIdentifier Rechtsbeistand = new ASN1ObjectIdentifier(
-        NamingAuthority.id_isismtt_at_namingAuthorities_RechtWirtschaftSteuern + ".3");
-
-    /**
-     * Steuerberaterin
-     */
-    public static final ASN1ObjectIdentifier Steuerberaterin = new ASN1ObjectIdentifier(
-        NamingAuthority.id_isismtt_at_namingAuthorities_RechtWirtschaftSteuern + ".4");
-
-    /**
-     * Steuerberater
-     */
-    public static final ASN1ObjectIdentifier Steuerberater = new ASN1ObjectIdentifier(
-        NamingAuthority.id_isismtt_at_namingAuthorities_RechtWirtschaftSteuern + ".5");
-
-    /**
-     * Steuerbevollm�chtigte
-     */
-    public static final ASN1ObjectIdentifier Steuerbevollmchtigte = new ASN1ObjectIdentifier(
-        NamingAuthority.id_isismtt_at_namingAuthorities_RechtWirtschaftSteuern + ".6");
-
-    /**
-     * Steuerbevollm�chtigter
-     */
-    public static final ASN1ObjectIdentifier Steuerbevollmchtigter = new ASN1ObjectIdentifier(
-        NamingAuthority.id_isismtt_at_namingAuthorities_RechtWirtschaftSteuern + ".7");
-
-    /**
-     * Notarin
-     */
-    public static final ASN1ObjectIdentifier Notarin = new ASN1ObjectIdentifier(
-        NamingAuthority.id_isismtt_at_namingAuthorities_RechtWirtschaftSteuern + ".8");
-
-    /**
-     * Notar
-     */
-    public static final ASN1ObjectIdentifier Notar = new ASN1ObjectIdentifier(
-        NamingAuthority.id_isismtt_at_namingAuthorities_RechtWirtschaftSteuern + ".9");
-
-    /**
-     * Notarvertreterin
-     */
-    public static final ASN1ObjectIdentifier Notarvertreterin = new ASN1ObjectIdentifier(
-        NamingAuthority.id_isismtt_at_namingAuthorities_RechtWirtschaftSteuern + ".10");
-
-    /**
-     * Notarvertreter
-     */
-    public static final ASN1ObjectIdentifier Notarvertreter = new ASN1ObjectIdentifier(
-        NamingAuthority.id_isismtt_at_namingAuthorities_RechtWirtschaftSteuern + ".11");
-
-    /**
-     * Notariatsverwalterin
-     */
-    public static final ASN1ObjectIdentifier Notariatsverwalterin = new ASN1ObjectIdentifier(
-        NamingAuthority.id_isismtt_at_namingAuthorities_RechtWirtschaftSteuern + ".12");
-
-    /**
-     * Notariatsverwalter
-     */
-    public static final ASN1ObjectIdentifier Notariatsverwalter = new ASN1ObjectIdentifier(
-        NamingAuthority.id_isismtt_at_namingAuthorities_RechtWirtschaftSteuern + ".13");
-
-    /**
-     * Wirtschaftspr�ferin
-     */
-    public static final ASN1ObjectIdentifier Wirtschaftsprferin = new ASN1ObjectIdentifier(
-        NamingAuthority.id_isismtt_at_namingAuthorities_RechtWirtschaftSteuern + ".14");
-
-    /**
-     * Wirtschaftspr�fer
-     */
-    public static final ASN1ObjectIdentifier Wirtschaftsprfer = new ASN1ObjectIdentifier(
-        NamingAuthority.id_isismtt_at_namingAuthorities_RechtWirtschaftSteuern + ".15");
-
-    /**
-     * Vereidigte Buchpr�ferin
-     */
-    public static final ASN1ObjectIdentifier VereidigteBuchprferin = new ASN1ObjectIdentifier(
-        NamingAuthority.id_isismtt_at_namingAuthorities_RechtWirtschaftSteuern + ".16");
-
-    /**
-     * Vereidigter Buchpr�fer
-     */
-    public static final ASN1ObjectIdentifier VereidigterBuchprfer = new ASN1ObjectIdentifier(
-        NamingAuthority.id_isismtt_at_namingAuthorities_RechtWirtschaftSteuern + ".17");
-
-    /**
-     * Patentanw�ltin
-     */
-    public static final ASN1ObjectIdentifier Patentanwltin = new ASN1ObjectIdentifier(
-        NamingAuthority.id_isismtt_at_namingAuthorities_RechtWirtschaftSteuern + ".18");
-
-    /**
-     * Patentanwalt
-     */
-    public static final ASN1ObjectIdentifier Patentanwalt = new ASN1ObjectIdentifier(
-        NamingAuthority.id_isismtt_at_namingAuthorities_RechtWirtschaftSteuern + ".19");
-
-    private NamingAuthority namingAuthority;
-
-    private ASN1Sequence professionItems;
-
-    private ASN1Sequence professionOIDs;
-
-    private String registrationNumber;
-
-    private ASN1OctetString addProfessionInfo;
-
-    public static ProfessionInfo getInstance(Object obj)
-    {
-        if (obj == null || obj instanceof ProfessionInfo)
-        {
-            return (ProfessionInfo)obj;
-        }
-
-        if (obj instanceof ASN1Sequence)
-        {
-            return new ProfessionInfo((ASN1Sequence)obj);
-        }
-
-        throw new IllegalArgumentException("illegal object in getInstance: "
-            + obj.getClass().getName());
-    }
-
-    /**
-     * Constructor from ASN1Sequence.
-     * <pre>
-     *               ProfessionInfo ::= SEQUENCE
-     *               {
-     *                 namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL,
-     *                 professionItems SEQUENCE OF DirectoryString (SIZE(1..128)),
-     *                 professionOIDs SEQUENCE OF OBJECT IDENTIFIER OPTIONAL,
-     *                 registrationNumber PrintableString(SIZE(1..128)) OPTIONAL,
-     *                 addProfessionInfo OCTET STRING OPTIONAL
-     *               }
-     * </pre>
-     *
-     * @param seq The ASN.1 sequence.
-     */
-    private ProfessionInfo(ASN1Sequence seq)
-    {
-        if (seq.size() > 5)
-        {
-            throw new IllegalArgumentException("Bad sequence size: "
-                + seq.size());
-        }
-
-        Enumeration e = seq.getObjects();
-
-        ASN1Encodable o = (ASN1Encodable)e.nextElement();
-
-        if (o instanceof ASN1TaggedObject)
-        {
-            if (((ASN1TaggedObject)o).getTagNo() != 0)
-            {
-                throw new IllegalArgumentException("Bad tag number: "
-                    + ((ASN1TaggedObject)o).getTagNo());
-            }
-            namingAuthority = NamingAuthority.getInstance((ASN1TaggedObject)o, true);
-            o = (ASN1Encodable)e.nextElement();
-        }
-
-        professionItems = ASN1Sequence.getInstance(o);
-
-        if (e.hasMoreElements())
-        {
-            o = (ASN1Encodable)e.nextElement();
-            if (o instanceof ASN1Sequence)
-            {
-                professionOIDs = ASN1Sequence.getInstance(o);
-            }
-            else if (o instanceof DERPrintableString)
-            {
-                registrationNumber = DERPrintableString.getInstance(o).getString();
-            }
-            else if (o instanceof ASN1OctetString)
-            {
-                addProfessionInfo = ASN1OctetString.getInstance(o);
-            }
-            else
-            {
-                throw new IllegalArgumentException("Bad object encountered: "
-                    + o.getClass());
-            }
-        }
-        if (e.hasMoreElements())
-        {
-            o = (ASN1Encodable)e.nextElement();
-            if (o instanceof DERPrintableString)
-            {
-                registrationNumber = DERPrintableString.getInstance(o).getString();
-            }
-            else if (o instanceof DEROctetString)
-            {
-                addProfessionInfo = (DEROctetString)o;
-            }
-            else
-            {
-                throw new IllegalArgumentException("Bad object encountered: "
-                    + o.getClass());
-            }
-        }
-        if (e.hasMoreElements())
-        {
-            o = (ASN1Encodable)e.nextElement();
-            if (o instanceof DEROctetString)
-            {
-                addProfessionInfo = (DEROctetString)o;
-            }
-            else
-            {
-                throw new IllegalArgumentException("Bad object encountered: "
-                    + o.getClass());
-            }
-        }
-
-    }
-
-    /**
-     * Constructor from given details.
-     * <p>
-     * <code>professionItems</code> is mandatory, all other parameters are
-     * optional.
-     *
-     * @param namingAuthority    The naming authority.
-     * @param professionItems    Directory strings of the profession.
-     * @param professionOIDs     DERObjectIdentfier objects for the
-     *                           profession.
-     * @param registrationNumber Registration number.
-     * @param addProfessionInfo  Additional infos in encoded form.
-     */
-    public ProfessionInfo(NamingAuthority namingAuthority,
-                          DirectoryString[] professionItems, ASN1ObjectIdentifier[] professionOIDs,
-                          String registrationNumber, ASN1OctetString addProfessionInfo)
-    {
-        this.namingAuthority = namingAuthority;
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        for (int i = 0; i != professionItems.length; i++)
-        {
-            v.add(professionItems[i]);
-        }
-        this.professionItems = new DERSequence(v);
-        if (professionOIDs != null)
-        {
-            v = new ASN1EncodableVector();
-            for (int i = 0; i != professionOIDs.length; i++)
-            {
-                v.add(professionOIDs[i]);
-            }
-            this.professionOIDs = new DERSequence(v);
-        }
-        this.registrationNumber = registrationNumber;
-        this.addProfessionInfo = addProfessionInfo;
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     * <p>
-     * Returns:
-     * <pre>
-     *               ProfessionInfo ::= SEQUENCE
-     *               {
-     *                 namingAuthority [0] EXPLICIT NamingAuthority OPTIONAL,
-     *                 professionItems SEQUENCE OF DirectoryString (SIZE(1..128)),
-     *                 professionOIDs SEQUENCE OF OBJECT IDENTIFIER OPTIONAL,
-     *                 registrationNumber PrintableString(SIZE(1..128)) OPTIONAL,
-     *                 addProfessionInfo OCTET STRING OPTIONAL
-     *               }
-     * </pre>
-     *
-     * @return a DERObject
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector vec = new ASN1EncodableVector();
-        if (namingAuthority != null)
-        {
-            vec.add(new DERTaggedObject(true, 0, namingAuthority));
-        }
-        vec.add(professionItems);
-        if (professionOIDs != null)
-        {
-            vec.add(professionOIDs);
-        }
-        if (registrationNumber != null)
-        {
-            vec.add(new DERPrintableString(registrationNumber, true));
-        }
-        if (addProfessionInfo != null)
-        {
-            vec.add(addProfessionInfo);
-        }
-        return new DERSequence(vec);
-    }
-
-    /**
-     * @return Returns the addProfessionInfo.
-     */
-    public ASN1OctetString getAddProfessionInfo()
-    {
-        return addProfessionInfo;
-    }
-
-    /**
-     * @return Returns the namingAuthority.
-     */
-    public NamingAuthority getNamingAuthority()
-    {
-        return namingAuthority;
-    }
-
-    /**
-     * @return Returns the professionItems.
-     */
-    public DirectoryString[] getProfessionItems()
-    {
-        DirectoryString[] items = new DirectoryString[professionItems.size()];
-        int count = 0;
-        for (Enumeration e = professionItems.getObjects(); e.hasMoreElements();)
-        {
-            items[count++] = DirectoryString.getInstance(e.nextElement());
-        }
-        return items;
-    }
-
-    /**
-     * @return Returns the professionOIDs.
-     */
-    public ASN1ObjectIdentifier[] getProfessionOIDs()
-    {
-        if (professionOIDs == null)
-        {
-            return new ASN1ObjectIdentifier[0];
-        }
-        ASN1ObjectIdentifier[] oids = new ASN1ObjectIdentifier[professionOIDs.size()];
-        int count = 0;
-        for (Enumeration e = professionOIDs.getObjects(); e.hasMoreElements();)
-        {
-            oids[count++] = ASN1ObjectIdentifier.getInstance(e.nextElement());
-        }
-        return oids;
-    }
-
-    /**
-     * @return Returns the registrationNumber.
-     */
-    public String getRegistrationNumber()
-    {
-        return registrationNumber;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/Restriction.java b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/Restriction.java
deleted file mode 100644
index 1a72bea..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/Restriction.java
+++ /dev/null

@@ -1,78 +0,0 @@
-package org.bouncycastle.asn1.isismtt.x509;
-
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.x500.DirectoryString;
-
-/**
- * Some other restriction regarding the usage of this certificate.
- *
- * <pre>
- *  RestrictionSyntax ::= DirectoryString (SIZE(1..1024))
- * </pre>
- */
-public class Restriction
-    extends ASN1Object
-{
-    private DirectoryString restriction;
-
-    public static Restriction getInstance(Object obj)
-    {
-        if (obj instanceof Restriction)
-        {
-            return (Restriction)obj;
-        }
-
-        if (obj != null)
-        {
-            return new Restriction(DirectoryString.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    /**
-     * Constructor from DirectoryString.
-     * <p>
-     * The DirectoryString is of type RestrictionSyntax:
-     * <pre>
-     *      RestrictionSyntax ::= DirectoryString (SIZE(1..1024))
-     * </pre>
-     * </p>
-     * @param restriction A DirectoryString.
-     */
-    private Restriction(DirectoryString restriction)
-    {
-        this.restriction = restriction;
-    }
-
-    /**
-     * Constructor from a given details.
-     *
-     * @param restriction The describtion of the restriction.
-     */
-    public Restriction(String restriction)
-    {
-        this.restriction = new DirectoryString(restriction);
-    }
-
-    public DirectoryString getRestriction()
-    {
-        return restriction;
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     * <p>
-     * Returns:
-     * <pre>
-     *      RestrictionSyntax ::= DirectoryString (SIZE(1..1024))
-     * </pre>
-     *
-     * @return a DERObject
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return restriction.toASN1Primitive();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/package.html
deleted file mode 100644
index fa411ec..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/isismtt/x509/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes for the ISIS-MTT X.509 Certificate Extensions.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/iso/ISOIECObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/iso/ISOIECObjectIdentifiers.java
deleted file mode 100644
index a9816b1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/iso/ISOIECObjectIdentifiers.java
+++ /dev/null

@@ -1,35 +0,0 @@
-package org.bouncycastle.asn1.iso;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-
-/**
- * OIDS from  ISO/IEC 10118-3:2004
- */
-public interface ISOIECObjectIdentifiers
-{
-    ASN1ObjectIdentifier iso_encryption_algorithms = new ASN1ObjectIdentifier("1.0.10118");
-
-    ASN1ObjectIdentifier hash_algorithms = iso_encryption_algorithms.branch("3.0");
-
-    ASN1ObjectIdentifier ripemd160 = hash_algorithms.branch("49");
-    ASN1ObjectIdentifier ripemd128 = hash_algorithms.branch("50");
-    ASN1ObjectIdentifier whirlpool = hash_algorithms.branch("55");
-
-
-
-    /**
-     *   -- ISO/IEC 18033-2 arc
-
-        is18033-2 OID ::= { iso(1) standard(0) is18033(18033) part2(2) }
-     */
-    ASN1ObjectIdentifier is18033_2 = new ASN1ObjectIdentifier("1.0.18033.2");
-
-    ASN1ObjectIdentifier id_ac_generic_hybrid = is18033_2.branch("1.2");
-
-    /**
-    id-kem-rsa OID ::= {
-       is18033-2 key-encapsulation-mechanism(2) rsa(4)
-    }
-     */
-    ASN1ObjectIdentifier id_kem_rsa = is18033_2.branch("2.4");
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/iso/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/iso/package.html
deleted file mode 100644
index dfd5299..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/iso/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes for various ISO Standards.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/kisa/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/kisa/package.html
deleted file mode 100644
index 48b5afd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/kisa/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes for the Korea Information Security Agency (KISA) standard - SEED algorithm.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/microsoft/MicrosoftObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/microsoft/MicrosoftObjectIdentifiers.java
deleted file mode 100644
index a7b651a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/microsoft/MicrosoftObjectIdentifiers.java
+++ /dev/null

@@ -1,30 +0,0 @@
-package org.bouncycastle.asn1.microsoft;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-
-/**
- * Microsoft
- * <p>
- * Object identifier base:
- * <pre>
- *    iso(1) identified-organization(3) dod(6) internet(1) private(4) enterprise(1) microsoft(311)
- * </pre>
- * 1.3.6.1.4.1.311
- */
-public interface MicrosoftObjectIdentifiers
-{
-    /** Base OID: 1.3.6.1.4.1.311 */
-    static final ASN1ObjectIdentifier    microsoft               = new ASN1ObjectIdentifier("1.3.6.1.4.1.311");
-    /** OID: 1.3.6.1.4.1.311.20.2 */
-    static final ASN1ObjectIdentifier    microsoftCertTemplateV1 = microsoft.branch("20.2");
-    /** OID: 1.3.6.1.4.1.311.21.1 */
-    static final ASN1ObjectIdentifier    microsoftCaVersion      = microsoft.branch("21.1");
-    /** OID: 1.3.6.1.4.1.311.21.2 */
-    static final ASN1ObjectIdentifier    microsoftPrevCaCertHash = microsoft.branch("21.2");
-    /** OID: 1.3.6.1.4.1.311.21.4 */
-    static final ASN1ObjectIdentifier    microsoftCrlNextPublish = microsoft.branch("21.4");
-    /** OID: 1.3.6.1.4.1.311.21.7 */
-    static final ASN1ObjectIdentifier    microsoftCertTemplateV2 = microsoft.branch("21.7");
-    /** OID: 1.3.6.1.4.1.311.21.10 */
-    static final ASN1ObjectIdentifier    microsoftAppPolicies    = microsoft.branch("21.10");
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/microsoft/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/microsoft/package.html
deleted file mode 100644
index 35d1248..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/microsoft/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support for Microsoft specific ASN.1 classes and object identifiers.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/misc/CAST5CBCParameters.java b/bcprov/src/main/java/org/bouncycastle/asn1/misc/CAST5CBCParameters.java
deleted file mode 100644
index b47dee3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/misc/CAST5CBCParameters.java
+++ /dev/null

@@ -1,79 +0,0 @@
-package org.bouncycastle.asn1.misc;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.util.Arrays;
-
-public class CAST5CBCParameters
-    extends ASN1Object
-{
-    ASN1Integer      keyLength;
-    ASN1OctetString iv;
-
-    public static CAST5CBCParameters getInstance(
-        Object  o)
-    {
-        if (o instanceof CAST5CBCParameters)
-        {
-            return (CAST5CBCParameters)o;
-        }
-        else if (o != null)
-        {
-            return new CAST5CBCParameters(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public CAST5CBCParameters(
-        byte[]  iv,
-        int     keyLength)
-    {
-        this.iv = new DEROctetString(Arrays.clone(iv));
-        this.keyLength = new ASN1Integer(keyLength);
-    }
-
-    private CAST5CBCParameters(
-        ASN1Sequence  seq)
-    {
-        iv = (ASN1OctetString)seq.getObjectAt(0);
-        keyLength = (ASN1Integer)seq.getObjectAt(1);
-    }
-
-    public byte[] getIV()
-    {
-        return Arrays.clone(iv.getOctets());
-    }
-
-    public int getKeyLength()
-    {
-        return keyLength.getValue().intValue();
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     * <pre>
-     * cast5CBCParameters ::= SEQUENCE {
-     *                           iv         OCTET STRING DEFAULT 0,
-     *                                  -- Initialization vector
-     *                           keyLength  INTEGER
-     *                                  -- Key length, in bits
-     *                      }
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        v.add(iv);
-        v.add(keyLength);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/misc/IDEACBCPar.java b/bcprov/src/main/java/org/bouncycastle/asn1/misc/IDEACBCPar.java
deleted file mode 100644
index 7682b04..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/misc/IDEACBCPar.java
+++ /dev/null

@@ -1,82 +0,0 @@
-package org.bouncycastle.asn1.misc;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.util.Arrays;
-
-public class IDEACBCPar
-    extends ASN1Object
-{
-    ASN1OctetString  iv;
-
-    public static IDEACBCPar getInstance(
-        Object  o)
-    {
-        if (o instanceof IDEACBCPar)
-        {
-            return (IDEACBCPar)o;
-        }
-        else if (o != null)
-        {
-            return new IDEACBCPar(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public IDEACBCPar(
-        byte[]  iv)
-    {
-        this.iv = new DEROctetString(iv);
-    }
-
-    private IDEACBCPar(
-        ASN1Sequence  seq)
-    {
-        if (seq.size() == 1)
-        {
-            iv = (ASN1OctetString)seq.getObjectAt(0);
-        }
-        else
-        {
-            iv = null;
-        }
-    }
-
-    public byte[] getIV()
-    {
-        if (iv != null)
-        {
-            return Arrays.clone(iv.getOctets());
-        }
-        else
-        {
-            return null;
-        }
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     * <pre>
-     * IDEA-CBCPar ::= SEQUENCE {
-     *                      iv    OCTET STRING OPTIONAL -- exactly 8 octets
-     *                  }
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        if (iv != null)
-        {
-            v.add(iv);
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/misc/ScryptParams.java b/bcprov/src/main/java/org/bouncycastle/asn1/misc/ScryptParams.java
deleted file mode 100644
index 010d23a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/misc/ScryptParams.java
+++ /dev/null

@@ -1,147 +0,0 @@
-package org.bouncycastle.asn1.misc;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.util.Arrays;
-
-/**
- * RFC 7914 scrypt parameters.
- *
- * <pre>
- * scrypt-params ::= SEQUENCE {
- *      salt OCTET STRING,
- *      costParameter INTEGER (1..MAX),
- *      blockSize INTEGER (1..MAX),
- *      parallelizationParameter INTEGER (1..MAX),
- *      keyLength INTEGER (1..MAX) OPTIONAL
- * }
- * </pre>
- */
-public class ScryptParams
-    extends ASN1Object
-{
-    private final byte[] salt;
-    private final BigInteger costParameter;
-    private final BigInteger blockSize;
-    private final BigInteger parallelizationParameter;
-    private final BigInteger keyLength;
-
-    public ScryptParams(byte[] salt, int costParameter, int blockSize, int parallelizationParameter)
-    {
-        this(salt, BigInteger.valueOf(costParameter), BigInteger.valueOf(blockSize), BigInteger.valueOf(parallelizationParameter), null);
-    }
-
-    public ScryptParams(byte[] salt, int costParameter, int blockSize, int parallelizationParameter, int keyLength)
-    {
-        this(salt, BigInteger.valueOf(costParameter), BigInteger.valueOf(blockSize), BigInteger.valueOf(parallelizationParameter), BigInteger.valueOf(keyLength));
-    }
-    
-    /**
-     * Base constructor.
-     *
-     * @param salt salt value
-     * @param costParameter specifies the CPU/Memory cost parameter N
-     * @param blockSize block size parameter r
-     * @param parallelizationParameter parallelization parameter
-     * @param keyLength length of key to be derived (in octects)
-     */
-    public ScryptParams(byte[] salt, BigInteger costParameter, BigInteger blockSize, BigInteger parallelizationParameter, BigInteger keyLength)
-    {
-        this.salt = Arrays.clone(salt);
-        this.costParameter = costParameter;
-        this.blockSize = blockSize;
-        this.parallelizationParameter = parallelizationParameter;
-        this.keyLength = keyLength;
-    }
-
-    public static ScryptParams getInstance(
-        Object  o)
-    {
-        if (o instanceof ScryptParams)
-        {
-            return (ScryptParams)o;
-        }
-        else if (o != null)
-        {
-            return new ScryptParams(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    private ScryptParams(ASN1Sequence seq)
-    {
-        if (seq.size() != 4 && seq.size() != 5)
-        {
-            throw new IllegalArgumentException("invalid sequence: size = " + seq.size());
-        }
-
-        this.salt = Arrays.clone(ASN1OctetString.getInstance(seq.getObjectAt(0)).getOctets());
-        this.costParameter = ASN1Integer.getInstance(seq.getObjectAt(1)).getValue();
-        this.blockSize = ASN1Integer.getInstance(seq.getObjectAt(2)).getValue();
-        this.parallelizationParameter = ASN1Integer.getInstance(seq.getObjectAt(3)).getValue();
-
-        if (seq.size() == 5)
-        {
-            this.keyLength = ASN1Integer.getInstance(seq.getObjectAt(4)).getValue();
-        }
-        else
-        {
-            this.keyLength = null;
-        }
-    }
-
-    public byte[] getSalt()
-    {
-        return Arrays.clone(salt);
-    }
-
-    public BigInteger getCostParameter()
-    {
-        return costParameter;
-    }
-
-    public BigInteger getBlockSize()
-    {
-        return blockSize;
-    }
-
-    public BigInteger getParallelizationParameter()
-    {
-        return parallelizationParameter;
-    }
-
-    /**
-     * Return the length in octets for the derived key.
-     *
-     * @return length for key to be derived (in octets)
-     */
-    public BigInteger getKeyLength()
-    {
-        return keyLength;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(new DEROctetString(salt));
-        v.add(new ASN1Integer(costParameter));
-        v.add(new ASN1Integer(blockSize));
-        v.add(new ASN1Integer(parallelizationParameter));
-        if (keyLength != null)
-        {
-            v.add(new ASN1Integer(keyLength));
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/misc/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/misc/package.html
deleted file mode 100644
index e3bda64..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/misc/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Miscellaneous object identifiers and objects.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/mozilla/PublicKeyAndChallenge.java b/bcprov/src/main/java/org/bouncycastle/asn1/mozilla/PublicKeyAndChallenge.java
deleted file mode 100644
index b4e44bf..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/mozilla/PublicKeyAndChallenge.java
+++ /dev/null

@@ -1,63 +0,0 @@
-package org.bouncycastle.asn1.mozilla;
-
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERIA5String;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-
-/**
- * This is designed to parse
- * the PublicKeyAndChallenge created by the KEYGEN tag included by
- * Mozilla based browsers.
- *  <pre>
- *  PublicKeyAndChallenge ::= SEQUENCE {
- *    spki SubjectPublicKeyInfo,
- *    challenge IA5STRING
- *  }
- *
- *  </pre>
- */
-public class PublicKeyAndChallenge
-    extends ASN1Object
-{
-    private ASN1Sequence         pkacSeq;
-    private SubjectPublicKeyInfo spki;
-    private DERIA5String         challenge;
-
-    public static PublicKeyAndChallenge getInstance(Object obj)
-    {
-        if (obj instanceof PublicKeyAndChallenge)
-        {
-            return (PublicKeyAndChallenge)obj;
-        }
-        else if (obj != null)
-        {
-            return new PublicKeyAndChallenge(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private PublicKeyAndChallenge(ASN1Sequence seq)
-    {
-        pkacSeq = seq;
-        spki = SubjectPublicKeyInfo.getInstance(seq.getObjectAt(0));
-        challenge = DERIA5String.getInstance(seq.getObjectAt(1));
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return pkacSeq;
-    }
-
-    public SubjectPublicKeyInfo getSubjectPublicKeyInfo()
-    {
-        return spki;
-    }
-
-    public DERIA5String getChallenge()
-    {
-        return challenge;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/mozilla/SignedPublicKeyAndChallenge.java b/bcprov/src/main/java/org/bouncycastle/asn1/mozilla/SignedPublicKeyAndChallenge.java
deleted file mode 100644
index 2bc06cc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/mozilla/SignedPublicKeyAndChallenge.java
+++ /dev/null

@@ -1,64 +0,0 @@
-package org.bouncycastle.asn1.mozilla;
-
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * <pre>
- *  SignedPublicKeyAndChallenge ::= SEQUENCE {
- *    publicKeyAndChallenge PublicKeyAndChallenge,
- *    signatureAlgorithm AlgorithmIdentifier,
- *    signature BIT STRING
- *  }
- *
- *  </pre>
- */
-public class SignedPublicKeyAndChallenge
-    extends ASN1Object
-{
-    private final PublicKeyAndChallenge pubKeyAndChal;
-    private final ASN1Sequence pkacSeq;
-
-    public static SignedPublicKeyAndChallenge getInstance(Object obj)
-    {
-        if (obj instanceof SignedPublicKeyAndChallenge)
-        {
-            return (SignedPublicKeyAndChallenge)obj;
-        }
-        else if (obj != null)
-        {
-            return new SignedPublicKeyAndChallenge(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private SignedPublicKeyAndChallenge(ASN1Sequence seq)
-    {
-        pkacSeq = seq;
-        pubKeyAndChal = PublicKeyAndChallenge.getInstance(seq.getObjectAt(0));
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return pkacSeq;
-    }
-
-    public PublicKeyAndChallenge getPublicKeyAndChallenge()
-    {
-        return pubKeyAndChal;
-    }
-
-    public AlgorithmIdentifier getSignatureAlgorithm()
-    {
-        return AlgorithmIdentifier.getInstance(pkacSeq.getObjectAt(1));
-    }
-
-    public DERBitString getSignature()
-    {
-        return DERBitString.getInstance(pkacSeq.getObjectAt(2));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/mozilla/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/mozilla/package.html
deleted file mode 100644
index 40776b0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/mozilla/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes useful for encoding objects used by mozilla.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/nist/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/nist/package.html
deleted file mode 100644
index 1cdca76..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/nist/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes for NIST related objects.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ntt/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/ntt/package.html
deleted file mode 100644
index 4b9d05d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ntt/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-ASN.1 classes relevant to the standards produced by Nippon Telegraph and Telephone.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/ServiceLocator.java b/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/ServiceLocator.java
deleted file mode 100644
index d523687..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/ServiceLocator.java
+++ /dev/null

@@ -1,77 +0,0 @@
-package org.bouncycastle.asn1.ocsp;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.AuthorityInformationAccess;
-
-public class ServiceLocator
-    extends ASN1Object
-{
-    private final X500Name    issuer;
-    private final AuthorityInformationAccess locator;
-
-    private ServiceLocator(ASN1Sequence sequence)
-    {
-        this.issuer = X500Name.getInstance(sequence.getObjectAt(0));
-        if (sequence.size() == 2)
-        {
-            this.locator = AuthorityInformationAccess.getInstance(sequence.getObjectAt(1));
-        }
-        else
-        {
-            this.locator = null;
-
-        }
-    }
-
-    public static ServiceLocator getInstance(
-        Object  obj)
-    {
-        if (obj instanceof ServiceLocator)
-        {
-            return (ServiceLocator)obj;
-        }
-        else if (obj != null)
-        {
-            return new ServiceLocator(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public X500Name getIssuer()
-    {
-        return issuer;
-    }
-
-    public AuthorityInformationAccess getLocator()
-    {
-        return locator;
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     * <pre>
-     * ServiceLocator ::= SEQUENCE {
-     *     issuer    Name,
-     *     locator   AuthorityInfoAccessSyntax OPTIONAL }
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector    v = new ASN1EncodableVector();
-
-        v.add(issuer);
-
-        if (locator != null)
-        {
-            v.add(locator);
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/package.html
deleted file mode 100644
index 22c560d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ocsp/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes useful for encoding and supporting OCSP objects.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/oiw/ElGamalParameter.java b/bcprov/src/main/java/org/bouncycastle/asn1/oiw/ElGamalParameter.java
deleted file mode 100644
index d654d03..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/oiw/ElGamalParameter.java
+++ /dev/null

@@ -1,68 +0,0 @@
-package org.bouncycastle.asn1.oiw;
-
-import java.math.BigInteger;
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-public class ElGamalParameter
-    extends ASN1Object
-{
-    ASN1Integer      p, g;
-
-    public ElGamalParameter(
-        BigInteger  p,
-        BigInteger  g)
-    {
-        this.p = new ASN1Integer(p);
-        this.g = new ASN1Integer(g);
-    }
-
-    private ElGamalParameter(
-        ASN1Sequence  seq)
-    {
-        Enumeration     e = seq.getObjects();
-
-        p = (ASN1Integer)e.nextElement();
-        g = (ASN1Integer)e.nextElement();
-    }
-
-    public static ElGamalParameter getInstance(Object o)
-    {
-        if (o instanceof ElGamalParameter)
-        {
-            return (ElGamalParameter)o;
-        }
-        else if (o != null)
-        {
-            return new ElGamalParameter(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public BigInteger getP()
-    {
-        return p.getPositiveValue();
-    }
-
-    public BigInteger getG()
-    {
-        return g.getPositiveValue();
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        v.add(p);
-        v.add(g);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/oiw/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/oiw/package.html
deleted file mode 100644
index 44eb2fe..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/oiw/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Objects and OID for the support of ISO OIW.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/package.html
deleted file mode 100644
index 1ac16a5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-A library for parsing and writing ASN.1 objects. Support is provided for DER and BER encoding.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java
index db5c026..d245b9b 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java

@@ -13,10 +13,14 @@
     ASN1ObjectIdentifier    pkcs_1                    = new ASN1ObjectIdentifier("1.2.840.113549.1.1");
     /** PKCS#1: 1.2.840.113549.1.1.1 */
     ASN1ObjectIdentifier    rsaEncryption             = pkcs_1.branch("1");
-    /** PKCS#1: 1.2.840.113549.1.1.2 */
+    // BEGIN Android-removed: MD2 and MD4 are unsupported
+    /*
+    /** PKCS#1: 1.2.840.113549.1.1.2 *
     ASN1ObjectIdentifier    md2WithRSAEncryption      = pkcs_1.branch("2");
-    /** PKCS#1: 1.2.840.113549.1.1.3 */
+    /** PKCS#1: 1.2.840.113549.1.1.3 *
     ASN1ObjectIdentifier    md4WithRSAEncryption      = pkcs_1.branch("3");
+    */
+    // END Android-removed: MD2 and MD4 are unsupported
     /** PKCS#1: 1.2.840.113549.1.1.4 */
     ASN1ObjectIdentifier    md5WithRSAEncryption      = pkcs_1.branch("4");
     /** PKCS#1: 1.2.840.113549.1.1.5 */
@@ -100,15 +104,19 @@
     // md2 OBJECT IDENTIFIER ::=
     //      {iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 2}
     //
-    /**  1.2.840.113549.2.2 */
-    ASN1ObjectIdentifier    md2                    = digestAlgorithm.branch("2");
+    // BEGIN android-removed
+    // /**  1.2.840.113549.2.2 */
+    // ASN1ObjectIdentifier    md2                    = digestAlgorithm.branch("2");
+    // END android-removed
 
     //
     // md4 OBJECT IDENTIFIER ::=
     //      {iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 4}
     //
-    /**  1.2.840.113549.2.4 */
-    ASN1ObjectIdentifier    md4                    = digestAlgorithm.branch("4");
+    // BEGIN android-removed
+    // /**  1.2.840.113549.2.4 */
+    // ASN1ObjectIdentifier    md4                    = digestAlgorithm.branch("4");
+    // END android-removed
 
     //
     // md5 OBJECT IDENTIFIER ::=

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/RC2CBCParameter.java b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/RC2CBCParameter.java
deleted file mode 100644
index 0a116f7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/RC2CBCParameter.java
+++ /dev/null

@@ -1,93 +0,0 @@
-package org.bouncycastle.asn1.pkcs;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-
-public class RC2CBCParameter
-    extends ASN1Object
-{
-    ASN1Integer      version;
-    ASN1OctetString iv;
-
-    public static RC2CBCParameter getInstance(
-        Object  o)
-    {
-        if (o instanceof RC2CBCParameter)
-        {
-            return (RC2CBCParameter)o;
-        }
-        if (o != null)
-        {
-            return new RC2CBCParameter(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public RC2CBCParameter(
-        byte[]  iv)
-    {
-        this.version = null;
-        this.iv = new DEROctetString(iv);
-    }
-
-    public RC2CBCParameter(
-        int     parameterVersion,
-        byte[]  iv)
-    {
-        this.version = new ASN1Integer(parameterVersion);
-        this.iv = new DEROctetString(iv);
-    }
-
-    private RC2CBCParameter(
-        ASN1Sequence  seq)
-    {
-        if (seq.size() == 1)
-        {
-            version = null;
-            iv = (ASN1OctetString)seq.getObjectAt(0);
-        }
-        else
-        {
-            version = (ASN1Integer)seq.getObjectAt(0);
-            iv = (ASN1OctetString)seq.getObjectAt(1);
-        }
-    }
-
-    public BigInteger getRC2ParameterVersion()
-    {
-        if (version == null)
-        {
-            return null;
-        }
-
-        return version.getValue();
-    }
-
-    public byte[] getIV()
-    {
-        return iv.getOctets();
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        if (version != null)
-        {
-            v.add(version);
-        }
-
-        v.add(iv);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/SignerInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/SignerInfo.java
deleted file mode 100644
index ab5d78a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/SignerInfo.java
+++ /dev/null

@@ -1,178 +0,0 @@
-package org.bouncycastle.asn1.pkcs;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * a PKCS#7 signer info object.
- */
-public class SignerInfo
-    extends ASN1Object
-{
-    private ASN1Integer              version;
-    private IssuerAndSerialNumber   issuerAndSerialNumber;
-    private AlgorithmIdentifier     digAlgorithm;
-    private ASN1Set                 authenticatedAttributes;
-    private AlgorithmIdentifier     digEncryptionAlgorithm;
-    private ASN1OctetString         encryptedDigest;
-    private ASN1Set                 unauthenticatedAttributes;
-
-    public static SignerInfo getInstance(
-        Object  o)
-    {
-        if (o instanceof SignerInfo)
-        {
-            return (SignerInfo)o;
-        }
-        else if (o instanceof ASN1Sequence)
-        {
-            return new SignerInfo((ASN1Sequence)o);
-        }
-
-        throw new IllegalArgumentException("unknown object in factory: " + o.getClass().getName());
-    }
-
-    public SignerInfo(
-        ASN1Integer              version,
-        IssuerAndSerialNumber   issuerAndSerialNumber,
-        AlgorithmIdentifier     digAlgorithm,
-        ASN1Set                 authenticatedAttributes,
-        AlgorithmIdentifier     digEncryptionAlgorithm,
-        ASN1OctetString         encryptedDigest,
-        ASN1Set                 unauthenticatedAttributes)
-    {
-        this.version = version;
-        this.issuerAndSerialNumber = issuerAndSerialNumber;
-        this.digAlgorithm = digAlgorithm;
-        this.authenticatedAttributes = authenticatedAttributes;
-        this.digEncryptionAlgorithm = digEncryptionAlgorithm;
-        this.encryptedDigest = encryptedDigest;
-        this.unauthenticatedAttributes = unauthenticatedAttributes;
-    }
-
-    public SignerInfo(
-        ASN1Sequence seq)
-    {
-        Enumeration     e = seq.getObjects();
-
-        version = (ASN1Integer)e.nextElement();
-        issuerAndSerialNumber = IssuerAndSerialNumber.getInstance(e.nextElement());
-        digAlgorithm = AlgorithmIdentifier.getInstance(e.nextElement());
-
-        Object obj = e.nextElement();
-
-        if (obj instanceof ASN1TaggedObject)
-        {
-            authenticatedAttributes = ASN1Set.getInstance((ASN1TaggedObject)obj, false);
-
-            digEncryptionAlgorithm = AlgorithmIdentifier.getInstance(e.nextElement());
-        }
-        else
-        {
-            authenticatedAttributes = null;
-            digEncryptionAlgorithm = AlgorithmIdentifier.getInstance(obj);
-        }
-
-        encryptedDigest = DEROctetString.getInstance(e.nextElement());
-
-        if (e.hasMoreElements())
-        {
-            unauthenticatedAttributes = ASN1Set.getInstance((ASN1TaggedObject)e.nextElement(), false);
-        }
-        else
-        {
-            unauthenticatedAttributes = null;
-        }
-    }
-
-    public ASN1Integer getVersion()
-    {
-        return version;
-    }
-
-    public IssuerAndSerialNumber getIssuerAndSerialNumber()
-    {
-        return issuerAndSerialNumber;
-    }
-
-    public ASN1Set getAuthenticatedAttributes()
-    {
-        return authenticatedAttributes;
-    }
-
-    public AlgorithmIdentifier getDigestAlgorithm()
-    {
-        return digAlgorithm;
-    }
-
-    public ASN1OctetString getEncryptedDigest()
-    {
-        return encryptedDigest;
-    }
-
-    public AlgorithmIdentifier getDigestEncryptionAlgorithm()
-    {
-        return digEncryptionAlgorithm;
-    }
-
-    public ASN1Set getUnauthenticatedAttributes()
-    {
-        return unauthenticatedAttributes;
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     * <pre>
-     *  SignerInfo ::= SEQUENCE {
-     *      version Version,
-     *      issuerAndSerialNumber IssuerAndSerialNumber,
-     *      digestAlgorithm DigestAlgorithmIdentifier,
-     *      authenticatedAttributes [0] IMPLICIT Attributes OPTIONAL,
-     *      digestEncryptionAlgorithm DigestEncryptionAlgorithmIdentifier,
-     *      encryptedDigest EncryptedDigest,
-     *      unauthenticatedAttributes [1] IMPLICIT Attributes OPTIONAL
-     *  }
-     *
-     *  EncryptedDigest ::= OCTET STRING
-     *
-     *  DigestAlgorithmIdentifier ::= AlgorithmIdentifier
-     *
-     *  DigestEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(version);
-        v.add(issuerAndSerialNumber);
-        v.add(digAlgorithm);
-
-        if (authenticatedAttributes != null)
-        {
-            v.add(new DERTaggedObject(false, 0, authenticatedAttributes));
-        }
-
-        v.add(digEncryptionAlgorithm);
-        v.add(encryptedDigest);
-
-        if (unauthenticatedAttributes != null)
-        {
-            v.add(new DERTaggedObject(false, 1, unauthenticatedAttributes));
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/package.html
deleted file mode 100644
index ab800f4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/pkcs/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes useful for encoding and supporting the various RSA PKCS documents.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/rosstandart/RosstandartObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/rosstandart/RosstandartObjectIdentifiers.java
deleted file mode 100644
index 888b40d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/rosstandart/RosstandartObjectIdentifiers.java
+++ /dev/null

@@ -1,46 +0,0 @@
-package org.bouncycastle.asn1.rosstandart;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-
-public interface RosstandartObjectIdentifiers
-{
-    static final ASN1ObjectIdentifier rosstandart = new ASN1ObjectIdentifier("1.2.643.7");
-
-    static final ASN1ObjectIdentifier id_tc26 = rosstandart.branch("1");
-
-    static final ASN1ObjectIdentifier id_tc26_gost_3411_12_256 = id_tc26.branch("1.2.2");
-
-    static final ASN1ObjectIdentifier id_tc26_gost_3411_12_512 = id_tc26.branch("1.2.3");
-
-    static final ASN1ObjectIdentifier id_tc26_hmac_gost_3411_12_256 = id_tc26.branch("1.4.1");
-
-    static final ASN1ObjectIdentifier id_tc26_hmac_gost_3411_12_512 = id_tc26.branch("1.4.2");
-
-    static final ASN1ObjectIdentifier id_tc26_gost_3410_12_256 = id_tc26.branch("1.1.1");
-
-    static final ASN1ObjectIdentifier id_tc26_gost_3410_12_512 = id_tc26.branch("1.1.2");
-
-    static final ASN1ObjectIdentifier id_tc26_signwithdigest_gost_3410_12_256 = id_tc26.branch("1.3.2");
-
-    static final ASN1ObjectIdentifier id_tc26_signwithdigest_gost_3410_12_512 = id_tc26.branch("1.3.3");
-
-    static final ASN1ObjectIdentifier id_tc26_agreement = id_tc26.branch("1.6");
-
-    static final ASN1ObjectIdentifier id_tc26_agreement_gost_3410_12_256 = id_tc26_agreement.branch("1");
-
-    static final ASN1ObjectIdentifier id_tc26_agreement_gost_3410_12_512  = id_tc26_agreement.branch("2");
-
-    static final ASN1ObjectIdentifier id_tc26_gost_3410_12_256_paramSet = id_tc26.branch("2.1.1");
-
-    static final ASN1ObjectIdentifier id_tc26_gost_3410_12_256_paramSetA = id_tc26_gost_3410_12_256_paramSet.branch("1");
-
-    static final ASN1ObjectIdentifier id_tc26_gost_3410_12_512_paramSet = id_tc26.branch("2.1.2");
-
-    static final ASN1ObjectIdentifier id_tc26_gost_3410_12_512_paramSetA = id_tc26_gost_3410_12_512_paramSet.branch("1");
-
-    static final ASN1ObjectIdentifier id_tc26_gost_3410_12_512_paramSetB = id_tc26_gost_3410_12_512_paramSet.branch("2");
-
-    static final ASN1ObjectIdentifier id_tc26_gost_3410_12_512_paramSetC = id_tc26_gost_3410_12_512_paramSet.branch("3");
-
-    static final ASN1ObjectIdentifier id_tc26_gost_28147_param_Z = id_tc26.branch("2.5.1.1");
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/rosstandart/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/rosstandart/package.html
deleted file mode 100644
index 9d1b842..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/rosstandart/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes algorithms from the Russian Federal Agency on Technical Regulating and Metrology - Rosstandart.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/sec/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/sec/package.html
deleted file mode 100644
index 5e34dec..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/sec/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Classes for support of the SEC standard for Elliptic Curve.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/smime/SMIMEAttributes.java b/bcprov/src/main/java/org/bouncycastle/asn1/smime/SMIMEAttributes.java
deleted file mode 100644
index 79d693a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/smime/SMIMEAttributes.java
+++ /dev/null

@@ -1,10 +0,0 @@
-package org.bouncycastle.asn1.smime;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-
-public interface SMIMEAttributes
-{
-    ASN1ObjectIdentifier  smimeCapabilities = PKCSObjectIdentifiers.pkcs_9_at_smimeCapabilities;
-    ASN1ObjectIdentifier  encrypKeyPref = PKCSObjectIdentifiers.id_aa_encrypKeyPref;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/smime/SMIMECapabilities.java b/bcprov/src/main/java/org/bouncycastle/asn1/smime/SMIMECapabilities.java
deleted file mode 100644
index 9c7fba4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/smime/SMIMECapabilities.java
+++ /dev/null

@@ -1,121 +0,0 @@
-package org.bouncycastle.asn1.smime;
-
-import java.util.Enumeration;
-import java.util.Vector;
-
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.cms.Attribute;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-
-/**
- * Handler class for dealing with S/MIME Capabilities
- */
-public class SMIMECapabilities
-    extends ASN1Object
-{
-    /**
-     * general preferences
-     */
-    public static final ASN1ObjectIdentifier preferSignedData = PKCSObjectIdentifiers.preferSignedData;
-    public static final ASN1ObjectIdentifier canNotDecryptAny = PKCSObjectIdentifiers.canNotDecryptAny;
-    public static final ASN1ObjectIdentifier sMIMECapabilitesVersions = PKCSObjectIdentifiers.sMIMECapabilitiesVersions;
-
-    /**
-     * encryption algorithms preferences
-     */
-    public static final ASN1ObjectIdentifier aes256_CBC = NISTObjectIdentifiers.id_aes256_CBC;
-    public static final ASN1ObjectIdentifier aes192_CBC = NISTObjectIdentifiers.id_aes192_CBC;
-    public static final ASN1ObjectIdentifier aes128_CBC = NISTObjectIdentifiers.id_aes128_CBC;
-    public static final ASN1ObjectIdentifier idea_CBC = new ASN1ObjectIdentifier("1.3.6.1.4.1.188.7.1.1.2");
-    public static final ASN1ObjectIdentifier cast5_CBC = new ASN1ObjectIdentifier("1.2.840.113533.7.66.10");
-    public static final ASN1ObjectIdentifier dES_CBC = new ASN1ObjectIdentifier("1.3.14.3.2.7");
-    public static final ASN1ObjectIdentifier dES_EDE3_CBC = PKCSObjectIdentifiers.des_EDE3_CBC;
-    public static final ASN1ObjectIdentifier rC2_CBC = PKCSObjectIdentifiers.RC2_CBC;
-    
-    private ASN1Sequence         capabilities;
-
-    /**
-     * return an Attribute object from the given object.
-     *
-     * @param o the object we want converted.
-     * @exception IllegalArgumentException if the object cannot be converted.
-     */
-    public static SMIMECapabilities getInstance(
-        Object o)
-    {
-        if (o == null || o instanceof SMIMECapabilities)
-        {
-            return (SMIMECapabilities)o;
-        }
-        
-        if (o instanceof ASN1Sequence)
-        {
-            return new SMIMECapabilities((ASN1Sequence)o);
-        }
-
-        if (o instanceof Attribute)
-        {
-            return new SMIMECapabilities(
-                (ASN1Sequence)(((Attribute)o).getAttrValues().getObjectAt(0)));
-        }
-
-        throw new IllegalArgumentException("unknown object in factory: " + o.getClass().getName());
-    }
-    
-    public SMIMECapabilities(
-        ASN1Sequence seq)
-    {
-        capabilities = seq;
-    }
-
-    /**
-     * returns a vector with 0 or more objects of all the capabilities
-     * matching the passed in capability OID. If the OID passed is null the
-     * entire set is returned.
-     */
-    public Vector getCapabilities(
-        ASN1ObjectIdentifier capability)
-    {
-        Enumeration e = capabilities.getObjects();
-        Vector      list = new Vector();
-
-        if (capability == null)
-        {
-            while (e.hasMoreElements())
-            {
-                SMIMECapability  cap = SMIMECapability.getInstance(e.nextElement());
-
-                list.addElement(cap);
-            }
-        }
-        else
-        {
-            while (e.hasMoreElements())
-            {
-                SMIMECapability  cap = SMIMECapability.getInstance(e.nextElement());
-
-                if (capability.equals(cap.getCapabilityID()))
-                {
-                    list.addElement(cap);
-                }
-            }
-        }
-
-        return list;
-    }
-
-    /** 
-     * Produce an object suitable for an ASN1OutputStream.
-     * <pre>
-     * SMIMECapabilities ::= SEQUENCE OF SMIMECapability
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return capabilities;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/smime/SMIMECapabilitiesAttribute.java b/bcprov/src/main/java/org/bouncycastle/asn1/smime/SMIMECapabilitiesAttribute.java
deleted file mode 100644
index cfad31e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/smime/SMIMECapabilitiesAttribute.java
+++ /dev/null

@@ -1,16 +0,0 @@
-package org.bouncycastle.asn1.smime;
-
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.cms.Attribute;
-
-public class SMIMECapabilitiesAttribute
-    extends Attribute
-{
-    public SMIMECapabilitiesAttribute(
-        SMIMECapabilityVector capabilities)
-    {
-        super(SMIMEAttributes.smimeCapabilities,
-                new DERSet(new DERSequence(capabilities.toASN1EncodableVector())));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/smime/SMIMECapability.java b/bcprov/src/main/java/org/bouncycastle/asn1/smime/SMIMECapability.java
deleted file mode 100644
index f70d28a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/smime/SMIMECapability.java
+++ /dev/null

@@ -1,103 +0,0 @@
-package org.bouncycastle.asn1.smime;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-
-public class SMIMECapability
-    extends ASN1Object
-{
-    /**
-     * general preferences
-     */
-    public static final ASN1ObjectIdentifier preferSignedData = PKCSObjectIdentifiers.preferSignedData;
-    public static final ASN1ObjectIdentifier canNotDecryptAny = PKCSObjectIdentifiers.canNotDecryptAny;
-    public static final ASN1ObjectIdentifier sMIMECapabilitiesVersions = PKCSObjectIdentifiers.sMIMECapabilitiesVersions;
-
-    /**
-     * encryption algorithms preferences
-     */
-    public static final ASN1ObjectIdentifier dES_CBC = new ASN1ObjectIdentifier("1.3.14.3.2.7");
-    public static final ASN1ObjectIdentifier dES_EDE3_CBC = PKCSObjectIdentifiers.des_EDE3_CBC;
-    public static final ASN1ObjectIdentifier rC2_CBC = PKCSObjectIdentifiers.RC2_CBC;
-    public static final ASN1ObjectIdentifier aES128_CBC = NISTObjectIdentifiers.id_aes128_CBC;
-    public static final ASN1ObjectIdentifier aES192_CBC = NISTObjectIdentifiers.id_aes192_CBC;
-    public static final ASN1ObjectIdentifier aES256_CBC = NISTObjectIdentifiers.id_aes256_CBC;
-    
-    private ASN1ObjectIdentifier capabilityID;
-    private ASN1Encodable        parameters;
-
-    public SMIMECapability(
-        ASN1Sequence seq)
-    {
-        capabilityID = (ASN1ObjectIdentifier)seq.getObjectAt(0);
-
-        if (seq.size() > 1)
-        {
-            parameters = (ASN1Primitive)seq.getObjectAt(1);
-        }
-    }
-
-    public SMIMECapability(
-        ASN1ObjectIdentifier capabilityID,
-        ASN1Encodable        parameters)
-    {
-        this.capabilityID = capabilityID;
-        this.parameters = parameters;
-    }
-    
-    public static SMIMECapability getInstance(
-        Object obj)
-    {
-        if (obj == null || obj instanceof SMIMECapability)
-        {
-            return (SMIMECapability)obj;
-        }
-        
-        if (obj instanceof ASN1Sequence)
-        {
-            return new SMIMECapability((ASN1Sequence)obj);
-        }
-        
-        throw new IllegalArgumentException("Invalid SMIMECapability");
-    } 
-
-    public ASN1ObjectIdentifier getCapabilityID()
-    {
-        return capabilityID;
-    }
-
-    public ASN1Encodable getParameters()
-    {
-        return parameters;
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     * <pre> 
-     * SMIMECapability ::= SEQUENCE {
-     *     capabilityID OBJECT IDENTIFIER,
-     *     parameters ANY DEFINED BY capabilityID OPTIONAL 
-     * }
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        v.add(capabilityID);
-        
-        if (parameters != null)
-        {
-            v.add(parameters);
-        }
-        
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/smime/SMIMECapabilityVector.java b/bcprov/src/main/java/org/bouncycastle/asn1/smime/SMIMECapabilityVector.java
deleted file mode 100644
index 965a996..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/smime/SMIMECapabilityVector.java
+++ /dev/null

@@ -1,50 +0,0 @@
-package org.bouncycastle.asn1.smime;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * Handler for creating a vector S/MIME Capabilities
- */
-public class SMIMECapabilityVector
-{
-    private ASN1EncodableVector    capabilities = new ASN1EncodableVector();
-
-    public void addCapability(
-        ASN1ObjectIdentifier capability)
-    {
-        capabilities.add(new DERSequence(capability));
-    }
-
-    public void addCapability(
-        ASN1ObjectIdentifier capability,
-        int                 value)
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        v.add(capability);
-        v.add(new ASN1Integer(value));
-
-        capabilities.add(new DERSequence(v));
-    }
-
-    public void addCapability(
-        ASN1ObjectIdentifier capability,
-        ASN1Encodable params)
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        v.add(capability);
-        v.add(params);
-
-        capabilities.add(new DERSequence(v));
-    }
-
-    public ASN1EncodableVector toASN1EncodableVector()
-    {
-        return capabilities;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/smime/SMIMEEncryptionKeyPreferenceAttribute.java b/bcprov/src/main/java/org/bouncycastle/asn1/smime/SMIMEEncryptionKeyPreferenceAttribute.java
deleted file mode 100644
index 1e5b539..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/smime/SMIMEEncryptionKeyPreferenceAttribute.java
+++ /dev/null

@@ -1,48 +0,0 @@
-package org.bouncycastle.asn1.smime;
-
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.cms.Attribute;
-import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
-import org.bouncycastle.asn1.cms.RecipientKeyIdentifier;
-
-/**
- * The SMIMEEncryptionKeyPreference object.
- * <pre>
- * SMIMEEncryptionKeyPreference ::= CHOICE {
- *     issuerAndSerialNumber   [0] IssuerAndSerialNumber,
- *     receipentKeyId          [1] RecipientKeyIdentifier,
- *     subjectAltKeyIdentifier [2] SubjectKeyIdentifier
- * }
- * </pre>
- */
-public class SMIMEEncryptionKeyPreferenceAttribute
-    extends Attribute
-{
-    public SMIMEEncryptionKeyPreferenceAttribute(
-        IssuerAndSerialNumber issAndSer)
-    {
-        super(SMIMEAttributes.encrypKeyPref,
-                new DERSet(new DERTaggedObject(false, 0, issAndSer)));
-    }
-    
-    public SMIMEEncryptionKeyPreferenceAttribute(
-        RecipientKeyIdentifier rKeyId)
-    {
-
-        super(SMIMEAttributes.encrypKeyPref, 
-                    new DERSet(new DERTaggedObject(false, 1, rKeyId)));
-    }
-    
-    /**
-     * @param sKeyId the subjectKeyIdentifier value (normally the X.509 one)
-     */
-    public SMIMEEncryptionKeyPreferenceAttribute(
-        ASN1OctetString sKeyId)
-    {
-
-        super(SMIMEAttributes.encrypKeyPref,
-                    new DERSet(new DERTaggedObject(false, 2, sKeyId)));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/smime/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/smime/package.html
deleted file mode 100644
index d527aba..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/smime/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes useful for encoding and supporting S/MIME.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/TeleTrusTNamedCurves.java b/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/TeleTrusTNamedCurves.java
deleted file mode 100644
index 4879180..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/TeleTrusTNamedCurves.java
+++ /dev/null

@@ -1,399 +0,0 @@
-package org.bouncycastle.asn1.teletrust;
-
-import java.math.BigInteger;
-import java.util.Enumeration;
-import java.util.Hashtable;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.asn1.x9.X9ECParametersHolder;
-import org.bouncycastle.asn1.x9.X9ECPoint;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-
-/**
- * Elliptic curves defined in "ECC Brainpool Standard Curves and Curve Generation"
- * http://www.ecc-brainpool.org/download/draft_pkix_additional_ecc_dp.txt
- */
-public class TeleTrusTNamedCurves
-{
-    private static ECCurve configureCurve(ECCurve curve)
-    {
-        return curve;
-    }
-
-    static X9ECParametersHolder brainpoolP160r1 = new X9ECParametersHolder()
-    {
-        protected X9ECParameters createParameters()
-        {
-            BigInteger n = new BigInteger("E95E4A5F737059DC60DF5991D45029409E60FC09", 16);
-            BigInteger h = new BigInteger("01", 16);
-
-            ECCurve curve = configureCurve(new ECCurve.Fp(
-                new BigInteger("E95E4A5F737059DC60DFC7AD95B3D8139515620F", 16), // q
-                new BigInteger("340E7BE2A280EB74E2BE61BADA745D97E8F7C300", 16), // a
-                new BigInteger("1E589A8595423412134FAA2DBDEC95C8D8675E58", 16), // b
-                n, h));
-
-            return new X9ECParameters(
-                curve,
-                new X9ECPoint(curve, Hex.decode("04BED5AF16EA3F6A4F62938C4631EB5AF7BDBCDBC31667CB477A1A8EC338F94741669C976316DA6321")), // G
-                n, h);
-        }
-    };
-
-    static X9ECParametersHolder brainpoolP160t1 = new X9ECParametersHolder()
-    {
-        protected X9ECParameters createParameters()
-        {
-            BigInteger n = new BigInteger("E95E4A5F737059DC60DF5991D45029409E60FC09", 16);
-            BigInteger h = new BigInteger("01", 16);
-
-            ECCurve curve = configureCurve(new ECCurve.Fp(
-                //   new BigInteger("24DBFF5DEC9B986BBFE5295A29BFBAE45E0F5D0B", 16), // Z
-                new BigInteger("E95E4A5F737059DC60DFC7AD95B3D8139515620F", 16), // q
-                new BigInteger("E95E4A5F737059DC60DFC7AD95B3D8139515620C", 16), // a'
-                new BigInteger("7A556B6DAE535B7B51ED2C4D7DAA7A0B5C55F380", 16), // b'
-                n, h));
-
-            return new X9ECParameters(
-                curve,
-                new X9ECPoint(curve, Hex.decode("04B199B13B9B34EFC1397E64BAEB05ACC265FF2378ADD6718B7C7C1961F0991B842443772152C9E0AD")), // G
-                n, h);
-        }
-    };
-
-    static X9ECParametersHolder brainpoolP192r1 = new X9ECParametersHolder()
-    {
-        protected X9ECParameters createParameters()
-        {
-            BigInteger n = new BigInteger("C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1", 16);
-            BigInteger h = new BigInteger("01", 16);
-
-            ECCurve curve = configureCurve(new ECCurve.Fp(
-                new BigInteger("C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297", 16), // q
-                new BigInteger("6A91174076B1E0E19C39C031FE8685C1CAE040E5C69A28EF", 16), // a
-                new BigInteger("469A28EF7C28CCA3DC721D044F4496BCCA7EF4146FBF25C9", 16), // b
-                n, h));
-
-            return new X9ECParameters(
-                curve,
-                new X9ECPoint(curve, Hex.decode("04C0A0647EAAB6A48753B033C56CB0F0900A2F5C4853375FD614B690866ABD5BB88B5F4828C1490002E6773FA2FA299B8F")), // G
-                n, h);
-        }
-    };
-
-    static X9ECParametersHolder brainpoolP192t1 = new X9ECParametersHolder()
-    {
-        protected X9ECParameters createParameters()
-        {
-            BigInteger n = new BigInteger("C302F41D932A36CDA7A3462F9E9E916B5BE8F1029AC4ACC1", 16);
-            BigInteger h = new BigInteger("01", 16);
-
-            ECCurve curve = configureCurve(new ECCurve.Fp(
-                //new BigInteger("1B6F5CC8DB4DC7AF19458A9CB80DC2295E5EB9C3732104CB") //Z
-                new BigInteger("C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86297", 16), // q
-                new BigInteger("C302F41D932A36CDA7A3463093D18DB78FCE476DE1A86294", 16), // a'
-                new BigInteger("13D56FFAEC78681E68F9DEB43B35BEC2FB68542E27897B79", 16), // b'
-                n, h));
-
-            return new X9ECParameters(
-                curve,
-                new X9ECPoint(curve, Hex.decode("043AE9E58C82F63C30282E1FE7BBF43FA72C446AF6F4618129097E2C5667C2223A902AB5CA449D0084B7E5B3DE7CCC01C9")), // G'
-                n, h);
-        }
-    };
-
-    static X9ECParametersHolder brainpoolP224r1 = new X9ECParametersHolder()
-    {
-        protected X9ECParameters createParameters()
-        {
-            BigInteger n = new BigInteger("D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F", 16);
-            BigInteger h = new BigInteger("01", 16);
-
-            ECCurve curve = configureCurve(new ECCurve.Fp(
-                new BigInteger("D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF", 16), // q
-                new BigInteger("68A5E62CA9CE6C1C299803A6C1530B514E182AD8B0042A59CAD29F43", 16), // a
-                new BigInteger("2580F63CCFE44138870713B1A92369E33E2135D266DBB372386C400B", 16), // b
-                n, h));
-
-            return new X9ECParameters(
-                curve,
-                new X9ECPoint(curve, Hex.decode("040D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C1E6EFDEE12C07D58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D3761402CD")), // G
-                n, h);
-        }
-    };
-    static X9ECParametersHolder brainpoolP224t1 = new X9ECParametersHolder()
-    {
-        protected X9ECParameters createParameters()
-        {
-            BigInteger n = new BigInteger("D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F", 16);
-            BigInteger h = new BigInteger("01", 16);
-
-            ECCurve curve = configureCurve(new ECCurve.Fp(
-                //new BigInteger("2DF271E14427A346910CF7A2E6CFA7B3F484E5C2CCE1C8B730E28B3F") //Z
-                new BigInteger("D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF", 16), // q
-                new BigInteger("D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FC", 16), // a'
-                new BigInteger("4B337D934104CD7BEF271BF60CED1ED20DA14C08B3BB64F18A60888D", 16), // b'
-                n, h));
-
-            return new X9ECParameters(
-                curve,
-                new X9ECPoint(curve, Hex.decode("046AB1E344CE25FF3896424E7FFE14762ECB49F8928AC0C76029B4D5800374E9F5143E568CD23F3F4D7C0D4B1E41C8CC0D1C6ABD5F1A46DB4C")), // G'
-                n, h);
-        }
-    };
-    static X9ECParametersHolder brainpoolP256r1 = new X9ECParametersHolder()
-    {
-        protected X9ECParameters createParameters()
-        {
-            BigInteger n = new BigInteger("A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7", 16);
-            BigInteger h = new BigInteger("01", 16);
-
-            ECCurve curve = configureCurve(new ECCurve.Fp(
-                new BigInteger("A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377", 16), // q
-                new BigInteger("7D5A0975FC2C3057EEF67530417AFFE7FB8055C126DC5C6CE94A4B44F330B5D9", 16), // a
-                new BigInteger("26DC5C6CE94A4B44F330B5D9BBD77CBF958416295CF7E1CE6BCCDC18FF8C07B6", 16), // b
-                n, h));
-
-            return new X9ECParameters(
-                curve,
-                new X9ECPoint(curve, Hex.decode("048BD2AEB9CB7E57CB2C4B482FFC81B7AFB9DE27E1E3BD23C23A4453BD9ACE3262547EF835C3DAC4FD97F8461A14611DC9C27745132DED8E545C1D54C72F046997")), // G
-                n, h);
-        }
-    };
-    static X9ECParametersHolder brainpoolP256t1 = new X9ECParametersHolder()
-    {
-        protected X9ECParameters createParameters()
-        {
-            BigInteger n = new BigInteger("A9FB57DBA1EEA9BC3E660A909D838D718C397AA3B561A6F7901E0E82974856A7", 16);
-            BigInteger h = new BigInteger("01", 16);
-
-            ECCurve curve = configureCurve(new ECCurve.Fp(
-                //new BigInteger("3E2D4BD9597B58639AE7AA669CAB9837CF5CF20A2C852D10F655668DFC150EF0") //Z
-                new BigInteger("A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5377", 16), // q
-                new BigInteger("A9FB57DBA1EEA9BC3E660A909D838D726E3BF623D52620282013481D1F6E5374", 16), // a'
-                new BigInteger("662C61C430D84EA4FE66A7733D0B76B7BF93EBC4AF2F49256AE58101FEE92B04", 16), // b'
-                n, h));
-
-            return new X9ECParameters(
-                curve,
-                new X9ECPoint(curve, Hex.decode("04A3E8EB3CC1CFE7B7732213B23A656149AFA142C47AAFBC2B79A191562E1305F42D996C823439C56D7F7B22E14644417E69BCB6DE39D027001DABE8F35B25C9BE")), // G'
-                n, h);
-        }
-    };
-    static X9ECParametersHolder brainpoolP320r1 = new X9ECParametersHolder()
-    {
-        protected X9ECParameters createParameters()
-        {
-            BigInteger n = new BigInteger("D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311", 16);
-            BigInteger h = new BigInteger("01", 16);
-
-            ECCurve curve = configureCurve(new ECCurve.Fp(
-                new BigInteger("D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27", 16), // q
-                new BigInteger("3EE30B568FBAB0F883CCEBD46D3F3BB8A2A73513F5EB79DA66190EB085FFA9F492F375A97D860EB4", 16), // a
-                new BigInteger("520883949DFDBC42D3AD198640688A6FE13F41349554B49ACC31DCCD884539816F5EB4AC8FB1F1A6", 16), // b
-                n, h));
-
-            return new X9ECParameters(
-                curve,
-                new X9ECPoint(curve, Hex.decode("0443BD7E9AFB53D8B85289BCC48EE5BFE6F20137D10A087EB6E7871E2A10A599C710AF8D0D39E2061114FDD05545EC1CC8AB4093247F77275E0743FFED117182EAA9C77877AAAC6AC7D35245D1692E8EE1")), // G
-                n, h);
-        }
-    };
-    static X9ECParametersHolder brainpoolP320t1 = new X9ECParametersHolder()
-    {
-        protected X9ECParameters createParameters()
-        {
-            BigInteger n = new BigInteger("D35E472036BC4FB7E13C785ED201E065F98FCFA5B68F12A32D482EC7EE8658E98691555B44C59311", 16);
-            BigInteger h = new BigInteger("01", 16);
-
-            ECCurve curve = configureCurve(new ECCurve.Fp(
-                //new BigInteger("15F75CAF668077F7E85B42EB01F0A81FF56ECD6191D55CB82B7D861458A18FEFC3E5AB7496F3C7B1") //Z
-                new BigInteger("D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E27", 16), // q
-                new BigInteger("D35E472036BC4FB7E13C785ED201E065F98FCFA6F6F40DEF4F92B9EC7893EC28FCD412B1F1B32E24", 16), // a'
-                new BigInteger("A7F561E038EB1ED560B3D147DB782013064C19F27ED27C6780AAF77FB8A547CEB5B4FEF422340353", 16), // b'
-                n, h));
-
-            return new X9ECParameters(
-                curve,
-                new X9ECPoint(curve, Hex.decode("04925BE9FB01AFC6FB4D3E7D4990010F813408AB106C4F09CB7EE07868CC136FFF3357F624A21BED5263BA3A7A27483EBF6671DBEF7ABB30EBEE084E58A0B077AD42A5A0989D1EE71B1B9BC0455FB0D2C3")), // G'
-                n, h);
-        }
-    };
-    static X9ECParametersHolder brainpoolP384r1 = new X9ECParametersHolder()
-    {
-        protected X9ECParameters createParameters()
-        {
-            BigInteger n = new BigInteger("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565", 16);
-            BigInteger h = new BigInteger("01", 16);
-
-            ECCurve curve = configureCurve(new ECCurve.Fp(
-                new BigInteger("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53", 16), // q
-                new BigInteger("7BC382C63D8C150C3C72080ACE05AFA0C2BEA28E4FB22787139165EFBA91F90F8AA5814A503AD4EB04A8C7DD22CE2826", 16), // a
-                new BigInteger("4A8C7DD22CE28268B39B55416F0447C2FB77DE107DCD2A62E880EA53EEB62D57CB4390295DBC9943AB78696FA504C11", 16), // b
-                n, h));
-
-            return new X9ECParameters(
-                curve,
-                new X9ECPoint(curve, Hex.decode("041D1C64F068CF45FFA2A63A81B7C13F6B8847A3E77EF14FE3DB7FCAFE0CBD10E8E826E03436D646AAEF87B2E247D4AF1E8ABE1D7520F9C2A45CB1EB8E95CFD55262B70B29FEEC5864E19C054FF99129280E4646217791811142820341263C5315")), // G
-                n, h);
-        }
-    };
-    static X9ECParametersHolder brainpoolP384t1 = new X9ECParametersHolder()
-    {
-        protected X9ECParameters createParameters()
-        {
-            BigInteger n = new BigInteger("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B31F166E6CAC0425A7CF3AB6AF6B7FC3103B883202E9046565", 16);
-            BigInteger h = new BigInteger("01", 16);
-
-            ECCurve curve = configureCurve(new ECCurve.Fp(
-                //new BigInteger("41DFE8DD399331F7166A66076734A89CD0D2BCDB7D068E44E1F378F41ECBAE97D2D63DBC87BCCDDCCC5DA39E8589291C") //Z
-                new BigInteger("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC53", 16), // q
-                new BigInteger("8CB91E82A3386D280F5D6F7E50E641DF152F7109ED5456B412B1DA197FB71123ACD3A729901D1A71874700133107EC50", 16), // a'
-                new BigInteger("7F519EADA7BDA81BD826DBA647910F8C4B9346ED8CCDC64E4B1ABD11756DCE1D2074AA263B88805CED70355A33B471EE", 16), // b'
-                n, h));
-
-            return new X9ECParameters(
-                curve,
-                new X9ECPoint(curve, Hex.decode("0418DE98B02DB9A306F2AFCD7235F72A819B80AB12EBD653172476FECD462AABFFC4FF191B946A5F54D8D0AA2F418808CC25AB056962D30651A114AFD2755AD336747F93475B7A1FCA3B88F2B6A208CCFE469408584DC2B2912675BF5B9E582928")), // G'
-                n, h);
-        }
-    };
-    static X9ECParametersHolder brainpoolP512r1 = new X9ECParametersHolder()
-    {
-        protected X9ECParameters createParameters()
-        {
-            BigInteger n = new BigInteger("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069", 16);
-            BigInteger h = new BigInteger("01", 16);
-
-            ECCurve curve = configureCurve(new ECCurve.Fp(
-                new BigInteger("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3", 16), // q
-                new BigInteger("7830A3318B603B89E2327145AC234CC594CBDD8D3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CA", 16), // a
-                new BigInteger("3DF91610A83441CAEA9863BC2DED5D5AA8253AA10A2EF1C98B9AC8B57F1117A72BF2C7B9E7C1AC4D77FC94CADC083E67984050B75EBAE5DD2809BD638016F723", 16), // b
-                n, h));
-
-            return new X9ECParameters(
-                curve,
-                new X9ECPoint(curve, Hex.decode("0481AEE4BDD82ED9645A21322E9C4C6A9385ED9F70B5D916C1B43B62EEF4D0098EFF3B1F78E2D0D48D50D1687B93B97D5F7C6D5047406A5E688B352209BCB9F8227DDE385D566332ECC0EABFA9CF7822FDF209F70024A57B1AA000C55B881F8111B2DCDE494A5F485E5BCA4BD88A2763AED1CA2B2FA8F0540678CD1E0F3AD80892")), // G
-                n, h);
-        }
-    };
-    static X9ECParametersHolder brainpoolP512t1 = new X9ECParametersHolder()
-    {
-        protected X9ECParameters createParameters()
-        {
-            BigInteger n = new BigInteger("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA70330870553E5C414CA92619418661197FAC10471DB1D381085DDADDB58796829CA90069", 16);
-            BigInteger h = new BigInteger("01", 16);
-
-            ECCurve curve = configureCurve(new ECCurve.Fp(
-                //new BigInteger("12EE58E6764838B69782136F0F2D3BA06E27695716054092E60A80BEDB212B64E585D90BCE13761F85C3F1D2A64E3BE8FEA2220F01EBA5EEB0F35DBD29D922AB") //Z
-                new BigInteger("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F3", 16), // q
-                new BigInteger("AADD9DB8DBE9C48B3FD4E6AE33C9FC07CB308DB3B3C9D20ED6639CCA703308717D4D9B009BC66842AECDA12AE6A380E62881FF2F2D82C68528AA6056583A48F0", 16), // a'
-                new BigInteger("7CBBBCF9441CFAB76E1890E46884EAE321F70C0BCB4981527897504BEC3E36A62BCDFA2304976540F6450085F2DAE145C22553B465763689180EA2571867423E", 16), // b'
-                n, h));
-
-            return new X9ECParameters(
-                curve,
-                new X9ECPoint(curve, Hex.decode("04640ECE5C12788717B9C1BA06CBC2A6FEBA85842458C56DDE9DB1758D39C0313D82BA51735CDB3EA499AA77A7D6943A64F7A3F25FE26F06B51BAA2696FA9035DA5B534BD595F5AF0FA2C892376C84ACE1BB4E3019B71634C01131159CAE03CEE9D9932184BEEF216BD71DF2DADF86A627306ECFF96DBB8BACE198B61E00F8B332")), // G'
-                n, h);
-        }
-    };
-
-    static final Hashtable objIds = new Hashtable();
-    static final Hashtable curves = new Hashtable();
-    static final Hashtable names = new Hashtable();
-
-    static void defineCurve(String name, ASN1ObjectIdentifier oid, X9ECParametersHolder holder)
-    {
-        objIds.put(Strings.toLowerCase(name), oid);
-        names.put(oid, name);
-        curves.put(oid, holder);
-    }
-
-    static
-    {
-        defineCurve("brainpoolP160r1", TeleTrusTObjectIdentifiers.brainpoolP160r1, brainpoolP160r1);
-        defineCurve("brainpoolP160t1", TeleTrusTObjectIdentifiers.brainpoolP160t1, brainpoolP160t1);
-        defineCurve("brainpoolP192r1", TeleTrusTObjectIdentifiers.brainpoolP192r1, brainpoolP192r1);
-        defineCurve("brainpoolP192t1", TeleTrusTObjectIdentifiers.brainpoolP192t1, brainpoolP192t1);
-        defineCurve("brainpoolP224r1", TeleTrusTObjectIdentifiers.brainpoolP224r1, brainpoolP224r1);
-        defineCurve("brainpoolP224t1", TeleTrusTObjectIdentifiers.brainpoolP224t1, brainpoolP224t1);
-        defineCurve("brainpoolP256r1", TeleTrusTObjectIdentifiers.brainpoolP256r1, brainpoolP256r1);
-        defineCurve("brainpoolP256t1", TeleTrusTObjectIdentifiers.brainpoolP256t1, brainpoolP256t1);
-        defineCurve("brainpoolP320r1", TeleTrusTObjectIdentifiers.brainpoolP320r1, brainpoolP320r1);
-        defineCurve("brainpoolP320t1", TeleTrusTObjectIdentifiers.brainpoolP320t1, brainpoolP320t1);
-        defineCurve("brainpoolP384r1", TeleTrusTObjectIdentifiers.brainpoolP384r1, brainpoolP384r1);
-        defineCurve("brainpoolP384t1", TeleTrusTObjectIdentifiers.brainpoolP384t1, brainpoolP384t1);
-        defineCurve("brainpoolP512r1", TeleTrusTObjectIdentifiers.brainpoolP512r1, brainpoolP512r1);
-        defineCurve("brainpoolP512t1", TeleTrusTObjectIdentifiers.brainpoolP512t1, brainpoolP512t1);
-    }
-
-    public static X9ECParameters getByName(
-        String name)
-    {
-        ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)objIds.get(Strings.toLowerCase(name));
-
-        if (oid != null)
-        {
-            return getByOID(oid);
-        }
-
-        return null;
-    }
-
-    /**
-     * return the X9ECParameters object for the named curve represented by
-     * the passed in object identifier. Null if the curve isn't present.
-     *
-     * @param oid an object identifier representing a named curve, if present.
-     */
-    public static X9ECParameters getByOID(
-        ASN1ObjectIdentifier oid)
-    {
-        X9ECParametersHolder holder = (X9ECParametersHolder)curves.get(oid);
-
-        if (holder != null)
-        {
-            return holder.getParameters();
-        }
-
-        return null;
-    }
-
-    /**
-     * return the object identifier signified by the passed in name. Null
-     * if there is no object identifier associated with name.
-     *
-     * @return the object identifier associated with name, if present.
-     */
-    public static ASN1ObjectIdentifier getOID(
-        String name)
-    {
-        return (ASN1ObjectIdentifier)objIds.get(Strings.toLowerCase(name));
-    }
-
-    /**
-     * return the named curve name represented by the given object identifier.
-     */
-    public static String getName(
-        ASN1ObjectIdentifier oid)
-    {
-        return (String)names.get(oid);
-    }
-
-    /**
-     * returns an enumeration containing the name strings for curves
-     * contained in this structure.
-     */
-    public static Enumeration getNames()
-    {    // we need to use names so we get the mixed case names.
-        return names.elements();
-    }
-
-    public static ASN1ObjectIdentifier getOID(short curvesize, boolean twisted)
-    {
-        return getOID("brainpoolP" + curvesize + (twisted ? "t" : "r") + "1");
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/package.html
deleted file mode 100644
index 86606c3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/teletrust/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes for TeleTrust related objects.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/ASN1IntegerTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/ASN1IntegerTest.java
deleted file mode 100644
index c9eaed4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/ASN1IntegerTest.java
+++ /dev/null

@@ -1,356 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1Enumerated;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.util.Properties;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class ASN1IntegerTest
-    extends SimpleTest
-{
-    private static final byte[] suspectKey = Base64.decode(
-        "MIGJAoGBAHNc+iExm94LUrJdPSJ4QJ9tDRuvaNmGVHpJ4X7a5zKI02v+2E7RotuiR2MHDJfVJkb9LUs2kb3XBlyENhtMLsbeH+3Muy3" +
-            "hGDlh/mLJSh1s4c5jDKBRYOHom7Uc8wP0P2+zBCA+OEdikNDFBaP5PbR2Xq9okG2kPh35M2quAiMTAgMBAAE=");
-
-    public String getName()
-    {
-        return "ASN1Integer";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        System.setProperty("org.bouncycastle.asn1.allow_unsafe_integer", "true");
-
-        ASN1Sequence.getInstance(suspectKey);
-
-        testValidEncodingSingleByte();
-        testValidEncodingMultiByte();
-        testInvalidEncoding_00();
-        testInvalidEncoding_ff();
-        testInvalidEncoding_00_32bits();
-        testInvalidEncoding_ff_32bits();
-        //testLooseInvalidValidEncoding_FF_32B();
-        //testLooseInvalidValidEncoding_zero_32B();
-        testLooseValidEncoding_zero_32BAligned();
-        testLooseValidEncoding_FF_32BAligned();
-        testLooseValidEncoding_FF_32BAligned_1not0();
-        testLooseValidEncoding_FF_32BAligned_2not0();
-        testOversizedEncoding();
-        
-        System.setProperty("org.bouncycastle.asn1.allow_unsafe_integer", "true");
-
-        new ASN1Integer(Hex.decode("ffda47bfc776bcd269da4832626ac332adfca6dd835e8ecd83cd1ebe7d709b0e"));
-
-        new ASN1Enumerated(Hex.decode("ffda47bfc776bcd269da4832626ac332adfca6dd835e8ecd83cd1ebe7d709b0e"));
-
-        System.setProperty("org.bouncycastle.asn1.allow_unsafe_integer", "false");
-        
-        try
-        {
-            new ASN1Integer(Hex.decode("ffda47bfc776bcd269da4832626ac332adfca6dd835e8ecd83cd1ebe7d709b"));
-
-            fail("no exception");
-        }
-        catch (IllegalArgumentException e)
-        {
-            isEquals("malformed integer", e.getMessage());
-        }
-
-        isTrue(!Properties.setThreadOverride("org.bouncycastle.asn1.allow_unsafe_integer", true));
-        
-        new ASN1Integer(Hex.decode("ffda47bfc776bcd269da4832626ac332adfca6dd835e8ecd83cd1ebe7d709b"));
-
-        isTrue(Properties.removeThreadOverride("org.bouncycastle.asn1.allow_unsafe_integer"));
-
-        try
-        {
-            ASN1Sequence.getInstance(suspectKey);
-
-            fail("no exception");
-        }
-        catch (IllegalArgumentException e)
-        { 
-            isEquals("test 1", "failed to construct sequence from byte[]: corrupted stream detected", e.getMessage());
-        }
-
-        try
-        {
-            new ASN1Integer(Hex.decode("ffda47bfc776bcd269da4832626ac332adfca6dd835e8ecd83cd1ebe7d709b0e"));
-
-            fail("no exception");
-        }
-        catch (IllegalArgumentException e)
-        {
-            isEquals("malformed integer", e.getMessage());
-        }
-
-        try
-        {
-            new ASN1Enumerated(Hex.decode("ffda47bfc776bcd269da4832626ac332adfca6dd835e8ecd83cd1ebe7d709b0e"));
-
-            fail("no exception");
-        }
-        catch (IllegalArgumentException e)
-        {
-            isEquals("malformed enumerated", e.getMessage());
-        }
-    }
-
-    /**
-     * Ensure existing single byte behavior.
-     */
-    public void testValidEncodingSingleByte()
-        throws Exception
-    {
-        System.setProperty("org.bouncycastle.asn1.allow_unsafe_integer", "false");
-        //
-        // Without property, single byte.
-        //
-        byte[] rawInt = Hex.decode("10");
-        ASN1Integer i = new ASN1Integer(rawInt);
-        isEquals(i.getValue().intValue(), 16);
-
-        //
-        // With property set.
-        //
-        System.setProperty("org.bouncycastle.asn1.allow_unsafe_integer", "true");
-
-        rawInt = Hex.decode("10");
-        i = new ASN1Integer(rawInt);
-        isEquals(i.getValue().intValue(), 16);
-
-    }
-
-    public void testValidEncodingMultiByte()
-        throws Exception
-    {
-        System.setProperty("org.bouncycastle.asn1.allow_unsafe_integer", "false");
-        //
-        // Without property, single byte.
-        //
-        byte[] rawInt = Hex.decode("10FF");
-        ASN1Integer i = new ASN1Integer(rawInt);
-        isEquals(i.getValue().intValue(), 4351);
-
-        //
-        // With property set.
-        //
-        System.setProperty("org.bouncycastle.asn1.allow_unsafe_integer", "true");
-
-        rawInt = Hex.decode("10FF");
-        i = new ASN1Integer(rawInt);
-        isEquals(i.getValue().intValue(), 4351);
-
-    }
-
-    public void testInvalidEncoding_00()
-        throws Exception
-    {
-        System.setProperty("org.bouncycastle.asn1.allow_unsafe_integer", "false");
-        try
-        {
-            byte[] rawInt = Hex.decode("0010FF");
-            ASN1Integer i = new ASN1Integer(rawInt);
-            isEquals(i.getValue().intValue(), 4351);
-            fail("Expecting illegal argument exception.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            isEquals("malformed integer", e.getMessage());
-        }
-    }
-
-    public void testInvalidEncoding_ff()
-        throws Exception
-    {
-        System.setProperty("org.bouncycastle.asn1.allow_unsafe_integer", "false");
-        try
-        {
-            byte[] rawInt = Hex.decode("FF81FF");
-            ASN1Integer i = new ASN1Integer(rawInt);
-            fail("Expecting illegal argument exception.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            isEquals("malformed integer", e.getMessage());
-        }
-    }
-
-    public void testInvalidEncoding_00_32bits()
-        throws Exception
-    {
-        System.setProperty("org.bouncycastle.asn1.allow_unsafe_integer", "false");
-        //
-        // Check what would pass loose validation fails outside of loose validation.
-        //
-        try
-        {
-            byte[] rawInt = Hex.decode("0000000010FF");
-            ASN1Integer i = new ASN1Integer(rawInt);
-            isEquals(i.getValue().intValue(), 4351);
-            fail("Expecting illegal argument exception.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            isEquals("malformed integer", e.getMessage());
-        }
-    }
-
-    public void testInvalidEncoding_ff_32bits()
-        throws Exception
-    {
-        System.setProperty("org.bouncycastle.asn1.allow_unsafe_integer", "false");
-        //
-        // Check what would pass loose validation fails outside of loose validation.
-        //
-        try
-        {
-            byte[] rawInt = Hex.decode("FFFFFFFF01FF");
-            ASN1Integer i = new ASN1Integer(rawInt);
-            fail("Expecting illegal argument exception.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            isEquals("malformed integer", e.getMessage());
-        }
-    }
-
-    /*
-     Unfortunately it turns out that integers stored without sign bits that are assumed to be
-     unsigned.. this means a string of FF may occur and then the user will call getPositiveValue().
-     Sigh..
-    public void testLooseInvalidValidEncoding_zero_32B()
-        throws Exception
-    {
-        System.setProperty("org.bouncycastle.asn1.allow_unsafe_integer", "false");
-        //
-        // Should still fail as loose validation only permits 3 leading 0x00 bytes.
-        //
-        try
-        {
-            System.getProperties().put("org.bouncycastle.asn1.allow_unsafe_integer", "true");
-            byte[] rawInt = Hex.decode("0000000010FF");
-            ASN1Integer i = new ASN1Integer(rawInt);
-            fail("Expecting illegal argument exception.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            isEquals("malformed integer", e.getMessage());
-        }
-    }
-
-    public void testLooseInvalidValidEncoding_FF_32B()
-        throws Exception
-    {
-        System.setProperty("org.bouncycastle.asn1.allow_unsafe_integer", "false");
-        //
-        // Should still fail as loose validation only permits 3 leading 0xFF bytes.
-        //
-        try
-        {
-            System.getProperties().put("org.bouncycastle.asn1.allow_unsafe_integer", "true");
-            byte[] rawInt = Hex.decode("FFFFFFFF10FF");
-            ASN1Integer i = new ASN1Integer(rawInt);
-            fail("Expecting illegal argument exception.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            isEquals("malformed integer", e.getMessage());
-        }
-    }
-    */
-
-    public void testLooseValidEncoding_zero_32BAligned()
-        throws Exception
-    {
-        System.setProperty("org.bouncycastle.asn1.allow_unsafe_integer", "false");
-        //
-        // Should pass as loose validation permits 3 leading 0x00 bytes.
-        //
-
-        System.getProperties().put("org.bouncycastle.asn1.allow_unsafe_integer", "true");
-        byte[] rawInt = Hex.decode("00000010FF000000");
-        ASN1Integer i = new ASN1Integer(rawInt);
-        isEquals(72997666816L, i.getValue().longValue());
-
-    }
-
-    public void testLooseValidEncoding_FF_32BAligned()
-        throws Exception
-    {
-        System.setProperty("org.bouncycastle.asn1.allow_unsafe_integer", "false");
-        //
-        // Should pass as loose validation permits 3
-
-        System.getProperties().put("org.bouncycastle.asn1.allow_unsafe_integer", "true");
-        byte[] rawInt = Hex.decode("FFFFFF10FF000000");
-        ASN1Integer i = new ASN1Integer(rawInt);
-        isEquals(-1026513960960L, i.getValue().longValue());
-
-    }
-
-    public void testLooseValidEncoding_FF_32BAligned_1not0()
-        throws Exception
-    {
-        System.setProperty("org.bouncycastle.asn1.allow_unsafe_integer", "false");
-        //
-        // Should pass as loose validation permits 3 leading 0xFF bytes.
-        //
-
-        System.getProperties().put("org.bouncycastle.asn1.allow_unsafe_integer", "true");
-        byte[] rawInt = Hex.decode("FFFEFF10FF000000");
-        ASN1Integer i = new ASN1Integer(rawInt);
-        isEquals(-282501490671616L, i.getValue().longValue());
-
-    }
-
-    public void testLooseValidEncoding_FF_32BAligned_2not0()
-        throws Exception
-    {
-        System.setProperty("org.bouncycastle.asn1.allow_unsafe_integer", "false");
-        //
-        // Should pass as loose validation permits 3 leading 0xFF bytes.
-        //
-
-        System.getProperties().put("org.bouncycastle.asn1.allow_unsafe_integer", "true");
-        byte[] rawInt = Hex.decode("FFFFFE10FF000000");
-        ASN1Integer i = new ASN1Integer(rawInt);
-        isEquals(-2126025588736L, i.getValue().longValue());
-    }
-
-    public void testOversizedEncoding()
-        throws Exception
-    {
-        System.setProperty("org.bouncycastle.asn1.allow_unsafe_integer", "false");
-        //
-        // Should pass as loose validation permits 3 leading 0xFF bytes.
-        //
-
-        System.getProperties().put("org.bouncycastle.asn1.allow_unsafe_integer", "true");
-        byte[] rawInt = Hex.decode("FFFFFFFE10FF000000000000");
-        ASN1Integer i = new ASN1Integer(rawInt);
-        isEquals(new BigInteger(Hex.decode("FFFFFFFE10FF000000000000")), i.getValue());
-
-        rawInt = Hex.decode("FFFFFFFFFE10FF000000000000");
-        try
-        {
-            new ASN1Integer(rawInt);
-        }
-        catch (IllegalArgumentException e)
-        {
-            isEquals("malformed integer", e.getMessage());
-        }
-    }
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new ASN1IntegerTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/ASN1SequenceParserTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/ASN1SequenceParserTest.java
deleted file mode 100644
index e0cd1af..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/ASN1SequenceParserTest.java
+++ /dev/null

@@ -1,372 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.math.BigInteger;
-import java.util.Arrays;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Null;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1SequenceParser;
-import org.bouncycastle.asn1.ASN1StreamParser;
-import org.bouncycastle.asn1.BERSequenceGenerator;
-import org.bouncycastle.asn1.DERSequenceGenerator;
-import org.bouncycastle.util.encoders.Hex;
-
-public class ASN1SequenceParserTest 
-    extends TestCase 
-{
-    private static final byte[] seqData = Hex.decode("3006020100060129");
-    private static final byte[] nestedSeqData = Hex.decode("300b0201000601293003020101");
-    private static final byte[] expTagSeqData = Hex.decode("a1083006020100060129");
-    private static final byte[] implTagSeqData = Hex.decode("a106020100060129");
-    private static final byte[] nestedSeqExpTagData = Hex.decode("300d020100060129a1053003020101");
-    private static final byte[] nestedSeqImpTagData = Hex.decode("300b020100060129a103020101");
-    
-    private static final byte[] berSeqData = Hex.decode("30800201000601290000");
-    private static final byte[] berDERNestedSeqData = Hex.decode("308002010006012930030201010000");
-    private static final byte[] berNestedSeqData = Hex.decode("3080020100060129308002010100000000");
-    private static final byte[] berExpTagSeqData = Hex.decode("a180308002010006012900000000");
-
-    private static final byte[] berSeqWithDERNullData = Hex.decode("308005000201000601290000");
-
-    public void testDERWriting()
-        throws Exception
-    {
-       ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-       DERSequenceGenerator  seqGen = new DERSequenceGenerator(bOut);
-       
-       seqGen.addObject(new ASN1Integer(BigInteger.valueOf(0)));
-       
-       seqGen.addObject(new ASN1ObjectIdentifier("1.1"));
-       
-       seqGen.close();
-
-       assertTrue("basic DER writing test failed.", Arrays.equals(seqData, bOut.toByteArray()));
-    }
- 
-    public void testNestedDERWriting()
-        throws Exception
-    {
-       ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-       DERSequenceGenerator seqGen1 = new DERSequenceGenerator(bOut);
-       
-       seqGen1.addObject(new ASN1Integer(BigInteger.valueOf(0)));
-       
-       seqGen1.addObject(new ASN1ObjectIdentifier("1.1"));
-       
-       DERSequenceGenerator seqGen2 = new DERSequenceGenerator(seqGen1.getRawOutputStream());
-       
-       seqGen2.addObject(new ASN1Integer(BigInteger.valueOf(1)));
-       
-       seqGen2.close();
-       
-       seqGen1.close();
-
-       assertTrue("nested DER writing test failed.", Arrays.equals(nestedSeqData, bOut.toByteArray()));
-    }
-
-    public void testDERExplicitTaggedSequenceWriting()
-        throws Exception
-    {
-       ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-       DERSequenceGenerator  seqGen = new DERSequenceGenerator(bOut, 1, true);
-       
-       seqGen.addObject(new ASN1Integer(BigInteger.valueOf(0)));
-       
-       seqGen.addObject(new ASN1ObjectIdentifier("1.1"));
-       
-       seqGen.close();
-
-       assertTrue("explicit tag writing test failed.", Arrays.equals(expTagSeqData, bOut.toByteArray()));
-    }
-    
-    public void testDERImplicitTaggedSequenceWriting()
-        throws Exception
-    {
-       ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-       DERSequenceGenerator  seqGen = new DERSequenceGenerator(bOut, 1, false);
-       
-       seqGen.addObject(new ASN1Integer(BigInteger.valueOf(0)));
-       
-       seqGen.addObject(new ASN1ObjectIdentifier("1.1"));
-       
-       seqGen.close();
-
-       assertTrue("implicit tag writing test failed.", Arrays.equals(implTagSeqData, bOut.toByteArray()));
-    }
-    
-    public void testNestedExplicitTagDERWriting()
-        throws Exception
-    {
-       ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-       DERSequenceGenerator  seqGen1 = new DERSequenceGenerator(bOut);
-       
-       seqGen1.addObject(new ASN1Integer(BigInteger.valueOf(0)));
-       
-       seqGen1.addObject(new ASN1ObjectIdentifier("1.1"));
-       
-       DERSequenceGenerator seqGen2 = new DERSequenceGenerator(seqGen1.getRawOutputStream(), 1, true);
-       
-       seqGen2.addObject(new ASN1Integer(BigInteger.valueOf(1)));
-       
-       seqGen2.close();
-       
-       seqGen1.close();
-
-       assertTrue("nested explicit tagged DER writing test failed.", Arrays.equals(nestedSeqExpTagData, bOut.toByteArray()));
-    }
-    
-    public void testNestedImplicitTagDERWriting()
-        throws Exception
-    {
-       ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-       DERSequenceGenerator  seqGen1 = new DERSequenceGenerator(bOut);
-       
-       seqGen1.addObject(new ASN1Integer(BigInteger.valueOf(0)));
-       
-       seqGen1.addObject(new ASN1ObjectIdentifier("1.1"));
-       
-       DERSequenceGenerator seqGen2 = new DERSequenceGenerator(seqGen1.getRawOutputStream(), 1, false);
-       
-       seqGen2.addObject(new ASN1Integer(BigInteger.valueOf(1)));
-       
-       seqGen2.close();
-       
-       seqGen1.close();
-
-       assertTrue("nested implicit tagged DER writing test failed.", Arrays.equals(nestedSeqImpTagData, bOut.toByteArray()));
-    }
-    
-    public void testBERWriting()
-        throws Exception
-    {
-       ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-       BERSequenceGenerator  seqGen = new BERSequenceGenerator(bOut);
-       
-       seqGen.addObject(new ASN1Integer(BigInteger.valueOf(0)));
-       
-       seqGen.addObject(new ASN1ObjectIdentifier("1.1"));
-       
-       seqGen.close();
-       
-       assertTrue("basic BER writing test failed.", Arrays.equals(berSeqData, bOut.toByteArray()));
-    }
-
-    public void testNestedBERDERWriting()
-        throws Exception
-    {
-       ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-       BERSequenceGenerator seqGen1 = new BERSequenceGenerator(bOut);
-       
-       seqGen1.addObject(new ASN1Integer(BigInteger.valueOf(0)));
-       
-       seqGen1.addObject(new ASN1ObjectIdentifier("1.1"));
-       
-       DERSequenceGenerator seqGen2 = new DERSequenceGenerator(seqGen1.getRawOutputStream());
-       
-       seqGen2.addObject(new ASN1Integer(BigInteger.valueOf(1)));
-       
-       seqGen2.close();
-       
-       seqGen1.close();
-
-       assertTrue("nested BER/DER writing test failed.", Arrays.equals(berDERNestedSeqData, bOut.toByteArray()));
-    }
-    
-    public void testNestedBERWriting()
-        throws Exception
-    {
-       ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-       BERSequenceGenerator  seqGen1 = new BERSequenceGenerator(bOut);
-       
-       seqGen1.addObject(new ASN1Integer(BigInteger.valueOf(0)));
-       
-       seqGen1.addObject(new ASN1ObjectIdentifier("1.1"));
-       
-       BERSequenceGenerator seqGen2 = new BERSequenceGenerator(seqGen1.getRawOutputStream());
-       
-       seqGen2.addObject(new ASN1Integer(BigInteger.valueOf(1)));
-       
-       seqGen2.close();
-       
-       seqGen1.close();
-
-       assertTrue("nested BER writing test failed.", Arrays.equals(berNestedSeqData, bOut.toByteArray()));
-    }
-    
-    public void testDERReading()
-        throws Exception
-    {
-        ASN1StreamParser aIn = new ASN1StreamParser(seqData);
-        
-        ASN1SequenceParser    seq = (ASN1SequenceParser)aIn.readObject();
-        Object          o;
-        int             count = 0;
-        
-        assertNotNull("null sequence returned", seq);
-        
-        while ((o = seq.readObject()) != null)
-        {
-            switch (count)
-            {
-            case 0:
-                assertTrue(o instanceof ASN1Integer);
-                break;
-            case 1:
-                assertTrue(o instanceof ASN1ObjectIdentifier);
-                break;
-            }
-            count++;
-        }
-        
-        assertEquals("wrong number of objects in sequence", 2, count);
-    }
-
-    private void testNestedReading(
-        byte[] data)
-        throws Exception
-    {
-        ASN1StreamParser aIn = new ASN1StreamParser(data);
-        
-        ASN1SequenceParser seq = (ASN1SequenceParser)aIn.readObject();
-        Object          o;
-        int             count = 0;
-        
-        assertNotNull("null sequence returned", seq);
-        
-        while ((o = seq.readObject()) != null)
-        {
-            switch (count)
-            {
-            case 0:
-                assertTrue(o instanceof ASN1Integer);
-                break;
-            case 1:
-                assertTrue(o instanceof ASN1ObjectIdentifier);
-                break;
-            case 2:
-                assertTrue(o instanceof ASN1SequenceParser);
-                
-                ASN1SequenceParser s = (ASN1SequenceParser)o;
-
-                // NB: Must exhaust the nested parser
-                while (s.readObject() != null)
-                {
-                    // Nothing
-                }
-
-                break;
-            }
-            count++;
-        }
-        
-        assertEquals("wrong number of objects in sequence", 3, count);
-    }
-    
-    public void testNestedDERReading()
-        throws Exception
-    {
-        testNestedReading(nestedSeqData);
-    }
-    
-    public void testBERReading()
-        throws Exception
-    {
-        ASN1StreamParser aIn = new ASN1StreamParser(berSeqData);
-        
-        ASN1SequenceParser    seq = (ASN1SequenceParser)aIn.readObject();
-        Object          o;
-        int             count = 0;
-        
-        assertNotNull("null sequence returned", seq);
-        
-        while ((o = seq.readObject()) != null)
-        {
-            switch (count)
-            {
-            case 0:
-                assertTrue(o instanceof ASN1Integer);
-                break;
-            case 1:
-                assertTrue(o instanceof ASN1ObjectIdentifier);
-                break;
-            }
-            count++;
-        }
-        
-        assertEquals("wrong number of objects in sequence", 2, count);
-    }
-    
-    public void testNestedBERDERReading()
-        throws Exception
-    {
-        testNestedReading(berDERNestedSeqData);
-    }
-    
-    public void testNestedBERReading()
-        throws Exception
-    {
-        testNestedReading(berNestedSeqData);
-    }
-    
-    public void testBERExplicitTaggedSequenceWriting()
-        throws Exception
-    {
-       ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-       BERSequenceGenerator  seqGen = new BERSequenceGenerator(bOut, 1, true);
-       
-       seqGen.addObject(new ASN1Integer(BigInteger.valueOf(0)));
-       
-       seqGen.addObject(new ASN1ObjectIdentifier("1.1"));
-       
-       seqGen.close();
-      
-       assertTrue("explicit BER tag writing test failed.", Arrays.equals(berExpTagSeqData, bOut.toByteArray()));
-    }
-
-    public void testSequenceWithDERNullReading()
-        throws Exception
-    {
-        testParseWithNull(berSeqWithDERNullData);
-    }
-
-    private void testParseWithNull(byte[] data)
-        throws IOException
-    {
-        ASN1StreamParser aIn = new ASN1StreamParser(data);
-        ASN1SequenceParser seq = (ASN1SequenceParser)aIn.readObject();
-        Object          o;
-        int             count = 0;
-
-        assertNotNull("null sequence returned", seq);
-
-        while ((o = seq.readObject()) != null)
-        {
-            switch (count)
-            {
-            case 0:
-                assertTrue(o instanceof ASN1Null);
-                break;
-            case 1:
-                assertTrue(o instanceof ASN1Integer);
-                break;
-            case 2:
-                assertTrue(o instanceof ASN1ObjectIdentifier);
-                break;
-            }
-            count++;
-        }
-
-        assertEquals("wrong number of objects in sequence", 3, count);
-    }
-
-    public static Test suite()
-    {
-        return new TestSuite(ASN1SequenceParserTest.class);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/ASN1UnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/ASN1UnitTest.java
deleted file mode 100644
index d51cc6a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/ASN1UnitTest.java
+++ /dev/null

@@ -1,89 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.util.test.SimpleTest;
-
-import java.math.BigInteger;
-
-public abstract class ASN1UnitTest
-    extends SimpleTest
-{
-    protected void checkMandatoryField(String name, ASN1Encodable expected, ASN1Encodable present)
-    {
-        if (!expected.equals(present))
-        {
-            fail(name + " field doesn't match.");
-        }
-    }
-
-    protected void checkMandatoryField(String name, String expected, String present)
-    {
-        if (!expected.equals(present))
-        {
-            fail(name + " field doesn't match.");
-        }
-    }
-
-    protected void checkMandatoryField(String name, byte[] expected, byte[] present)
-    {
-        if (!areEqual(expected, present))
-        {
-            fail(name + " field doesn't match.");
-        }
-    }
-
-    protected void checkMandatoryField(String name, int expected, int present)
-    {
-        if (expected != present)
-        {
-            fail(name + " field doesn't match.");
-        }
-    }
-
-    protected void checkOptionalField(String name, ASN1Encodable expected, ASN1Encodable present)
-    {
-        if (expected != null)
-        {
-            if (!expected.equals(present))
-            {
-                fail(name + " field doesn't match.");
-            }
-        }
-        else if (present != null)
-        {
-            fail(name + " field found when none expected.");
-        }
-    }
-
-    protected void checkOptionalField(String name, String expected, String present)
-    {
-        if (expected != null)
-        {
-            if (!expected.equals(present))
-            {
-                fail(name + " field doesn't match.");
-            }
-        }
-        else if (present != null)
-        {
-            fail(name + " field found when none expected.");
-        }
-    }
-
-    protected void checkOptionalField(String name, BigInteger expected, BigInteger present)
-    {
-        if (expected != null)
-        {
-            if (!expected.equals(present))
-            {
-                fail(name + " field doesn't match.");
-            }
-        }
-        else if (present != null)
-        {
-            fail(name + " field found when none expected.");
-        }
-    }
-
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/AdditionalInformationSyntaxUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/AdditionalInformationSyntaxUnitTest.java
deleted file mode 100644
index c343f3d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/AdditionalInformationSyntaxUnitTest.java
+++ /dev/null

@@ -1,69 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1String;
-import org.bouncycastle.asn1.isismtt.x509.AdditionalInformationSyntax;
-import org.bouncycastle.asn1.x500.DirectoryString;
-
-public class AdditionalInformationSyntaxUnitTest
-    extends ASN1UnitTest
-{
-    public String getName()
-    {
-        return "AdditionalInformationSyntax";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        AdditionalInformationSyntax syntax = new AdditionalInformationSyntax("hello world");
-
-        checkConstruction(syntax, new DirectoryString("hello world"));
-
-        try
-        {
-            AdditionalInformationSyntax.getInstance(new Object());
-
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void checkConstruction(
-        AdditionalInformationSyntax syntax,
-        DirectoryString information)
-        throws IOException
-    {
-        checkValues(syntax, information);
-
-        syntax = AdditionalInformationSyntax.getInstance(syntax);
-
-        checkValues(syntax, information);
-
-        ASN1InputStream aIn = new ASN1InputStream(syntax.toASN1Primitive().getEncoded());
-
-        ASN1String info = (ASN1String)aIn.readObject();
-
-        syntax = AdditionalInformationSyntax.getInstance(info);
-
-        checkValues(syntax, information);
-    }
-
-    private void checkValues(
-        AdditionalInformationSyntax syntax,
-        DirectoryString information)
-    {
-        checkMandatoryField("information", information, syntax.getInformation());
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new AdditionalInformationSyntaxUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/AdmissionSyntaxUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/AdmissionSyntaxUnitTest.java
deleted file mode 100644
index 74cc76c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/AdmissionSyntaxUnitTest.java
+++ /dev/null

@@ -1,97 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.isismtt.x509.AdmissionSyntax;
-import org.bouncycastle.asn1.isismtt.x509.Admissions;
-import org.bouncycastle.asn1.isismtt.x509.NamingAuthority;
-import org.bouncycastle.asn1.isismtt.x509.ProfessionInfo;
-import org.bouncycastle.asn1.x500.DirectoryString;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.GeneralName;
-
-public class AdmissionSyntaxUnitTest
-    extends ASN1UnitTest
-{
-    public String getName()
-    {
-        return "AdmissionSyntax";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        GeneralName     name = new GeneralName(new X500Name("CN=hello world"));
-        ASN1Sequence    admissions = new DERSequence(
-                                        new Admissions(name,
-                                          new NamingAuthority(new ASN1ObjectIdentifier("1.2.3"), "url", new DirectoryString("fred")),
-                                          new ProfessionInfo[0]));
-        AdmissionSyntax syntax = new AdmissionSyntax(name, admissions);
-
-        checkConstruction(syntax, name, admissions);
-
-        syntax = AdmissionSyntax.getInstance(null);
-
-        if (syntax != null)
-        {
-            fail("null getInstance() failed.");
-        }
-
-        try
-        {
-            AdmissionSyntax.getInstance(new Object());
-
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void checkConstruction(
-        AdmissionSyntax syntax,
-        GeneralName     authority,
-        ASN1Sequence    admissions)
-        throws IOException
-    {
-        checkValues(syntax, authority, admissions);
-
-        syntax = AdmissionSyntax.getInstance(syntax);
-
-        checkValues(syntax, authority, admissions);
-
-        ASN1InputStream aIn = new ASN1InputStream(syntax.toASN1Primitive().getEncoded());
-
-        ASN1Sequence info = (ASN1Sequence)aIn.readObject();
-
-        syntax = AdmissionSyntax.getInstance(info);
-
-        checkValues(syntax, authority, admissions);
-    }
-
-    private void checkValues(
-        AdmissionSyntax syntax,
-        GeneralName     authority,
-        ASN1Sequence    admissions)
-    {
-        checkMandatoryField("admissionAuthority", authority, syntax.getAdmissionAuthority());
-
-        Admissions[] adm = syntax.getContentsOfAdmissions();
-
-        if (adm.length != 1 || !adm[0].equals(admissions.getObjectAt(0)))
-        {
-            fail("admissions check failed");
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new AdmissionSyntaxUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/AdmissionsUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/AdmissionsUnitTest.java
deleted file mode 100644
index d32768e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/AdmissionsUnitTest.java
+++ /dev/null

@@ -1,86 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.isismtt.x509.Admissions;
-import org.bouncycastle.asn1.isismtt.x509.NamingAuthority;
-import org.bouncycastle.asn1.isismtt.x509.ProfessionInfo;
-import org.bouncycastle.asn1.x500.DirectoryString;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.GeneralName;
-
-public class AdmissionsUnitTest
-    extends ASN1UnitTest
-{
-    public String getName()
-    {
-        return "Admissions";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        GeneralName name = new GeneralName(new X500Name("CN=hello world"));
-        NamingAuthority auth =  new NamingAuthority(new ASN1ObjectIdentifier("1.2.3"), "url", new DirectoryString("fred"));
-        Admissions  admissions = new Admissions(name, auth, new ProfessionInfo[0]);
-
-        checkConstruction(admissions, name, auth);
-
-        admissions = Admissions.getInstance(null);
-
-        if (admissions != null)
-        {
-            fail("null getInstance() failed.");
-        }
-
-        try
-        {
-            Admissions.getInstance(new Object());
-
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void checkConstruction(
-        Admissions      admissions,
-        GeneralName     name,
-        NamingAuthority auth)
-        throws IOException
-    {
-        checkValues(admissions, name, auth);
-
-        admissions = Admissions.getInstance(admissions);
-
-        checkValues(admissions, name, auth);
-
-        ASN1InputStream aIn = new ASN1InputStream(admissions.toASN1Primitive().getEncoded());
-
-        ASN1Sequence info = (ASN1Sequence)aIn.readObject();
-
-        admissions = Admissions.getInstance(info);
-
-        checkValues(admissions, name, auth);
-    }
-
-    private void checkValues(
-        Admissions      admissions,
-        GeneralName     name,
-        NamingAuthority auth)
-    {
-        checkMandatoryField("admissionAuthority", name, admissions.getAdmissionAuthority());
-        checkMandatoryField("namingAuthority", auth, admissions.getNamingAuthority());
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new AdmissionsUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/AllTests.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/AllTests.java
deleted file mode 100644
index b80680d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/AllTests.java
+++ /dev/null

@@ -1,63 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.util.test.SimpleTestResult;
-
-public class AllTests
-    extends TestCase
-{
-    public void testASN1()
-    {   
-        org.bouncycastle.util.test.Test[] tests = RegressionTest.tests;
-        
-        for (int i = 0; i != tests.length; i++)
-        {
-            SimpleTestResult  result = (SimpleTestResult)tests[i].perform();
-            
-            if (!result.isSuccessful())
-            {
-                fail(result.toString());
-            }
-        }
-    }
-    
-    public static void main (String[] args)
-    {
-        junit.textui.TestRunner.run(suite());
-    }
-    
-    public static Test suite()
-    {
-        TestSuite suite = new TestSuite("ASN.1 Tests");
-        
-        suite.addTestSuite(AllTests.class);
-        suite.addTestSuite(GetInstanceTest.class);
-        suite.addTestSuite(ASN1SequenceParserTest.class);
-        suite.addTestSuite(OctetStringTest.class);
-        suite.addTestSuite(ParseTest.class);
-        
-        return new BCTestSetup(suite);
-    }
-
-    static class BCTestSetup
-        extends TestSetup
-    {
-        public BCTestSetup(Test test)
-        {
-            super(test);
-        }
-
-        protected void setUp()
-        {
-
-        }
-
-        protected void tearDown()
-        {
-
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/AttributeTableUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/AttributeTableUnitTest.java
deleted file mode 100644
index 337fb1a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/AttributeTableUnitTest.java
+++ /dev/null

@@ -1,144 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.util.Hashtable;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.cms.Attribute;
-import org.bouncycastle.asn1.cms.AttributeTable;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class AttributeTableUnitTest 
-    extends SimpleTest
-{
-    private static final ASN1ObjectIdentifier type1 = new ASN1ObjectIdentifier("1.1.1");
-    private static final ASN1ObjectIdentifier type2 = new ASN1ObjectIdentifier("1.1.2");
-    private static final ASN1ObjectIdentifier type3 = new ASN1ObjectIdentifier("1.1.3");
-    
-    public String getName()
-    {
-        return "AttributeTable";
-    }
-    
-    public void performTest() 
-        throws Exception
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        
-        v.add(new Attribute(type1, new DERSet(type1)));
-        v.add(new Attribute(type2, new DERSet(type2)));
-        
-        AttributeTable table = new AttributeTable(v);
-        
-        Attribute a = table.get(type1);
-        if (a == null)
-        {
-            fail("type1 attribute not found.");
-        }
-        if (!a.getAttrValues().equals(new DERSet(type1)))
-        {
-            fail("wrong value retrieved for type1!");
-        }
-        
-        a = table.get(type2);
-        if (a == null)
-        {
-            fail("type2 attribute not found.");
-        }
-        if (!a.getAttrValues().equals(new DERSet(type2)))
-        {
-            fail("wrong value retrieved for type2!");
-        }
-        
-        a = table.get(type3);
-        if (a != null)
-        {
-            fail("type3 attribute found when none expected.");
-        }
-        
-        ASN1EncodableVector vec = table.getAll(type1);
-        if (vec.size() != 1)
-        {
-            fail("wrong vector size for type1.");
-        }
-        
-        vec = table.getAll(type3);
-        if (vec.size() != 0)
-        {
-            fail("wrong vector size for type3.");
-        }
-        
-        vec = table.toASN1EncodableVector();
-        if (vec.size() != 2)
-        {
-            fail("wrong vector size for single.");
-        }
-        
-        Hashtable t = table.toHashtable();
-        
-        if (t.size() != 2)
-        {
-            fail("hashtable wrong size.");
-        }
-        
-        // multiple
-        
-        v = new ASN1EncodableVector();
-        
-        v.add(new Attribute(type1, new DERSet(type1)));
-        v.add(new Attribute(type1, new DERSet(type2)));
-        v.add(new Attribute(type1, new DERSet(type3)));
-        v.add(new Attribute(type2, new DERSet(type2)));
-        
-        table = new AttributeTable(v);
-        
-        a = table.get(type1);
-        if (!a.getAttrValues().equals(new DERSet(type1)))
-        {
-            fail("wrong value retrieved for type1 multi get!");
-        }
-        
-        vec = table.getAll(type1);
-        if (vec.size() != 3)
-        {
-            fail("wrong vector size for multiple type1.");
-        }
-        
-        a = (Attribute)vec.get(0);
-        if (!a.getAttrValues().equals(new DERSet(type1)))
-        {
-            fail("wrong value retrieved for type1(0)!");
-        }
-        
-        a = (Attribute)vec.get(1);
-        if (!a.getAttrValues().equals(new DERSet(type2)))
-        {
-            fail("wrong value retrieved for type1(1)!");
-        }
-        
-        a = (Attribute)vec.get(2);
-        if (!a.getAttrValues().equals(new DERSet(type3)))
-        {
-            fail("wrong value retrieved for type1(2)!");
-        }
-        
-        vec = table.getAll(type2);
-        if (vec.size() != 1)
-        {
-            fail("wrong vector size for multiple type2.");
-        }
-        
-        vec = table.toASN1EncodableVector();
-        if (vec.size() != 4)
-        {
-            fail("wrong vector size for multiple.");
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new AttributeTableUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/BiometricDataUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/BiometricDataUnitTest.java
deleted file mode 100644
index 0d93838..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/BiometricDataUnitTest.java
+++ /dev/null

@@ -1,133 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERIA5String;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.qualified.BiometricData;
-import org.bouncycastle.asn1.x509.qualified.TypeOfBiometricData;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class BiometricDataUnitTest 
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "BiometricData";
-    }
-
-    private byte[] generateHash()
-    {
-        SecureRandom rand = new SecureRandom();
-        byte[] bytes = new byte[20];
-        
-        rand.nextBytes(bytes);
-        
-        return bytes;
-    }
-    
-    public void performTest() 
-        throws Exception
-    {
-        TypeOfBiometricData dataType = new TypeOfBiometricData(TypeOfBiometricData.HANDWRITTEN_SIGNATURE);
-        AlgorithmIdentifier hashAlgorithm = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE);
-        ASN1OctetString     dataHash = new DEROctetString(generateHash());
-        BiometricData       bd = new BiometricData(dataType, hashAlgorithm, dataHash);
-
-        checkConstruction(bd, dataType, hashAlgorithm, dataHash, null);
-        
-        DERIA5String dataUri = new DERIA5String("http://test");
-        
-        bd = new BiometricData(dataType, hashAlgorithm, dataHash, dataUri);
-        
-        checkConstruction(bd, dataType, hashAlgorithm, dataHash, dataUri);
-        
-        bd = BiometricData.getInstance(null);
-        
-        if (bd != null)
-        {
-            fail("null getInstance() failed.");
-        }
-        
-        try
-        {
-            BiometricData.getInstance(new Object());
-            
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void checkConstruction(
-        BiometricData bd,
-        TypeOfBiometricData dataType, 
-        AlgorithmIdentifier hashAlgorithm,
-        ASN1OctetString dataHash, 
-        DERIA5String dataUri)
-        throws Exception
-    {
-        checkValues(bd, dataType, hashAlgorithm, dataHash, dataUri);
-
-        bd = BiometricData.getInstance(bd);
-
-        checkValues(bd, dataType, hashAlgorithm, dataHash, dataUri);
-
-        ASN1InputStream aIn = new ASN1InputStream(bd.toASN1Primitive().getEncoded());
-
-        ASN1Sequence seq = (ASN1Sequence)aIn.readObject();
-
-        bd = BiometricData.getInstance(seq);
-
-        checkValues(bd, dataType, hashAlgorithm, dataHash, dataUri);
-    }
-
-    private void checkValues(
-        BiometricData       bd,
-        TypeOfBiometricData dataType,
-        AlgorithmIdentifier algID,
-        ASN1OctetString     dataHash,
-        DERIA5String        sourceDataURI)
-    {
-        if (!bd.getTypeOfBiometricData().equals(dataType))
-        {
-            fail("types don't match.");
-        }
-        
-        if (!bd.getHashAlgorithm().equals(algID))
-        {
-            fail("hash algorithms don't match.");
-        }
-        
-        if (!bd.getBiometricDataHash().equals(dataHash))
-        {
-            fail("hash algorithms don't match.");
-        }
-        
-        if (sourceDataURI != null)
-        {
-            if (!bd.getSourceDataUri().equals(sourceDataURI))
-            {
-                fail("data uris don't match.");
-            }
-        }
-        else if (bd.getSourceDataUri() != null)
-        {
-            fail("data uri found when none expected.");
-        }
-    }
-    
-    public static void main(
-        String[]    args)
-    {
-        runTest(new BiometricDataUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/BitStringConstantTester.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/BitStringConstantTester.java
deleted file mode 100644
index bbea4a3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/BitStringConstantTester.java
+++ /dev/null

@@ -1,22 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-public class BitStringConstantTester
-{
-    private static final int[] bits =
-    { 
-        1 << 7, 1 << 6, 1 << 5, 1 << 4, 1 << 3, 1 << 2, 1 << 1, 1 << 0,
-        1 << 15, 1 << 14, 1 << 13, 1 << 12, 1 << 11, 1 << 10, 1 << 9, 1 << 8,
-        1 << 23, 1 << 22, 1 << 21, 1 << 20, 1 << 19, 1 << 18, 1 << 17, 1 << 16,
-        1 << 31, 1 << 30, 1 << 29, 1 << 28, 1 << 27, 1 << 26, 1 << 25, 1 << 24
-    };
-    
-    public static void testFlagValueCorrect(
-        int bitNo,
-        int value)
-    {
-        if (bits[bitNo] != value)
-        {
-            throw new IllegalArgumentException("bit value " + bitNo + " wrong");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/BitStringTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/BitStringTest.java
deleted file mode 100644
index 4c49f32..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/BitStringTest.java
+++ /dev/null

@@ -1,185 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1BitString;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DLBitString;
-import org.bouncycastle.asn1.x509.KeyUsage;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestResult;
-
-public class BitStringTest
-    extends SimpleTest
-{
-    private void testZeroLengthStrings()
-        throws Exception
-    {
-        // basic construction
-        DERBitString s1 = new DERBitString(new byte[0], 0);
-
-        // check getBytes()
-        s1.getBytes();
-
-        // check encoding/decoding
-        DERBitString derBit = (DERBitString)ASN1Primitive.fromByteArray(s1.getEncoded());
-
-        if (!Arrays.areEqual(s1.getEncoded(), Hex.decode("030100")))
-        {
-            fail("zero encoding wrong");
-        }
-
-        try
-        {
-            new DERBitString(null, 1);
-            fail("exception not thrown");
-        }
-        catch (NullPointerException e)
-        {
-            if (!"data cannot be null".equals(e.getMessage()))
-            {
-                fail("Unexpected exception");
-            }
-        }
-
-        try
-        {
-            new DERBitString(new byte[0], 1);
-            fail("exception not thrown");
-        }
-        catch (IllegalArgumentException e)
-        {
-            if (!"zero length data with non-zero pad bits".equals(e.getMessage()))
-            {
-                fail("Unexpected exception");
-            }
-        }
-
-        try
-        {
-            new DERBitString(new byte[1], 8);
-            fail("exception not thrown");
-        }
-        catch (IllegalArgumentException e)
-        {
-            if (!"pad bits cannot be greater than 7 or less than 0".equals(e.getMessage()))
-            {
-                fail("Unexpected exception");
-            }
-        }
-
-        DERBitString s2 = new DERBitString(0);
-        if (!Arrays.areEqual(s1.getEncoded(), s2.getEncoded()))
-        {
-            fail("zero encoding wrong");
-        }
-    }
-
-    private void testRandomPadBits()
-        throws Exception
-    {
-        byte[] test = Hex.decode("030206c0");
-
-        byte[] test1 = Hex.decode("030206f0");
-        byte[] test2 = Hex.decode("030206c1");
-        byte[] test3 = Hex.decode("030206c7");
-        byte[] test4 = Hex.decode("030206d1");
-
-        encodingCheck(test, test1);
-        encodingCheck(test, test2);
-        encodingCheck(test, test3);
-        encodingCheck(test, test4);
-    }
-
-    private void encodingCheck(byte[] derData, byte[] dlData)
-        throws IOException
-    {
-        if (Arrays.areEqual(derData, ASN1Primitive.fromByteArray(dlData).getEncoded()))
-        {
-            fail("failed DL check");
-        }
-        ASN1BitString dl = DLBitString.getInstance(dlData);
-
-        isTrue("DL test failed", dl instanceof DLBitString);
-        if (!Arrays.areEqual(derData, ASN1Primitive.fromByteArray(dlData).getEncoded(ASN1Encoding.DER)))
-        {
-            fail("failed DER check");
-        }
-        try
-        {
-            DERBitString.getInstance(dlData);
-            fail("no exception");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // ignore
-        }
-        ASN1BitString der = DERBitString.getInstance(derData);
-        isTrue("DER test failed", der instanceof DERBitString);
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        KeyUsage k = new KeyUsage(KeyUsage.digitalSignature);
-        if ((k.getBytes()[0] != (byte)KeyUsage.digitalSignature) || (k.getPadBits() != 7))
-        {
-            fail("failed digitalSignature");
-        }
-
-        k = new KeyUsage(KeyUsage.nonRepudiation);
-        if ((k.getBytes()[0] != (byte)KeyUsage.nonRepudiation) || (k.getPadBits() != 6))
-        {
-            fail("failed nonRepudiation");
-        }
-
-        k = new KeyUsage(KeyUsage.keyEncipherment);
-        if ((k.getBytes()[0] != (byte)KeyUsage.keyEncipherment) || (k.getPadBits() != 5))
-        {
-            fail("failed keyEncipherment");
-        }
-
-        k = new KeyUsage(KeyUsage.cRLSign);
-        if ((k.getBytes()[0] != (byte)KeyUsage.cRLSign) || (k.getPadBits() != 1))
-        {
-            fail("failed cRLSign");
-        }
-
-        k = new KeyUsage(KeyUsage.decipherOnly);
-        if ((k.getBytes()[1] != (byte)(KeyUsage.decipherOnly >> 8)) || (k.getPadBits() != 7))
-        {
-            fail("failed decipherOnly");
-        }
-
-        // test for zero length bit string
-        try
-        {
-            ASN1Primitive.fromByteArray(new DERBitString(new byte[0], 0).getEncoded());
-        }
-        catch (IOException e)
-        {
-            fail(e.toString());
-        }
-
-        testRandomPadBits();
-        testZeroLengthStrings();
-    }
-
-    public String getName()
-    {
-        return "BitString";
-    }
-
-    public static void main(
-        String[] args)
-    {
-        BitStringTest test = new BitStringTest();
-        TestResult result = test.perform();
-
-        System.out.println(result);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/BodyPartIDTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/BodyPartIDTest.java
deleted file mode 100644
index 5cfd7a7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/BodyPartIDTest.java
+++ /dev/null

@@ -1,97 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-
-import org.bouncycastle.asn1.cmc.BodyPartID;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class BodyPartIDTest
-    extends SimpleTest
-{
-
-
-    public void performTest()
-        throws Exception
-    {
-        // Test correct encode / decode
-
-
-        {
-            // Test encode and decode from Long and from other instance of BodyPartID
-            BodyPartID bpd = new BodyPartID(10L);
-            byte[] b = bpd.getEncoded();
-            BodyPartID resBpd = BodyPartID.getInstance(b);
-            isEquals("Correct / Encode byte array", resBpd.getID(), bpd.getID());
-
-            BodyPartID rootPartID = new BodyPartID(12L);
-            bpd = BodyPartID.getInstance(rootPartID);
-            b = bpd.getEncoded();
-            resBpd = BodyPartID.getInstance(b);
-            isEquals("Correct / Encode byte array", resBpd.getID(), rootPartID.getID());
-        }
-
-
-        {
-            // Test lower limit, should not throw exception
-            try
-            {
-                new BodyPartID(0);
-            }
-            catch (Throwable t)
-            {
-                fail("Unexpected exception: " + t.getMessage(), t);
-            }
-
-            // Test below lower range
-            try
-            {
-                new BodyPartID(-1);
-                fail("Expecting IllegalArgumentException because of outside lower range");
-            }
-            catch (Throwable e)
-            {
-                if (!(e instanceof IllegalArgumentException))
-                {
-                    fail("Expecting only IllegalArgumentException, got:" + e.getMessage(), e);
-                }
-            }
-        }
-
-        {
-            // Test upper limit, should not throw exception.
-            try
-            {
-                new BodyPartID(4294967295L);
-            }
-            catch (Throwable t)
-            {
-                fail("Unexpected exception: " + t.getMessage(), t);
-            }
-
-            // Test above upper range
-            try
-            {
-                new BodyPartID(4294967296L);
-                fail("Expecting IllegalArgumentException because of outside upper range");
-            }
-            catch (Throwable e)
-            {
-                if (!(e instanceof IllegalArgumentException))
-                {
-                    fail("Expecting only IllegalArgumentException, got:" + e.getMessage(), e);
-                }
-            }
-        }
-    }
-
-    public String getName()
-    {
-        return "BodyPartIDTest";
-    }
-
-    public static void main(String[] args)
-        throws Exception
-    {
-        runTest(new BodyPartIDTest());
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/BodyPartListTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/BodyPartListTest.java
deleted file mode 100644
index 9feed1f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/BodyPartListTest.java
+++ /dev/null

@@ -1,71 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.util.Random;
-
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cmc.BodyPartID;
-import org.bouncycastle.asn1.cmc.BodyPartList;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-/**
- * Test the creation of BodyPartListTest and encoding and decoding.
- */
-public class BodyPartListTest
-    extends SimpleTest
-{
-
-    public void performTest()
-        throws Exception
-    {
-        Random rand = new Random();
-        {
-            BodyPartID[] bpid = new BodyPartID[Math.abs(rand.nextInt()) % 20];
-            for (int t = 0; t < bpid.length; t++)
-            {
-                bpid[t] = new BodyPartID(Math.abs(rand.nextLong() % 4294967295L));
-            }
-            BodyPartList bpl = new BodyPartList(bpid);
-            DERSequence _bpl = (DERSequence)bpl.toASN1Primitive();
-            byte[] b = bpl.getEncoded();
-
-            //
-            // Decode and compare results.
-            //
-
-            BodyPartList resList = BodyPartList.getInstance(b);
-            DERSequence _resList = (DERSequence)resList.toASN1Primitive();
-
-            isEquals(_bpl.size(), _resList.size());
-
-            for (int j = 0; j < _bpl.size(); j++)
-            {
-                isEquals(_resList.getObjectAt(j), _bpl.getObjectAt(j));
-            }
-        }
-        {
-            //
-            // Compare when same thing instantiated via different constructors.
-            //
-
-            BodyPartID bpid = new BodyPartID(Math.abs(rand.nextLong() % 4294967295L));
-            BodyPartList bpidList = new BodyPartList(bpid); // Single entry constructor.
-            BodyPartList resList = new BodyPartList(new BodyPartID[]{bpid}); // Array constructor.
-
-            DERSequence _bpidList = (DERSequence)bpidList.toASN1Primitive();
-            DERSequence _resList = (DERSequence)resList.toASN1Primitive();
-
-            isEquals(_bpidList, _resList);
-        }
-    }
-
-    public String getName()
-    {
-        return "BodyPartListTest";
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new BodyPartListTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/BodyPartPathTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/BodyPartPathTest.java
deleted file mode 100644
index f5fc24a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/BodyPartPathTest.java
+++ /dev/null

@@ -1,69 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-
-import java.util.Random;
-
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cmc.BodyPartID;
-import org.bouncycastle.asn1.cmc.BodyPartPath;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class BodyPartPathTest
-    extends SimpleTest
-{
-
-    public void performTest()
-        throws Exception
-    {
-        Random rand = new Random();
-        {
-            BodyPartID[] bpid = new BodyPartID[Math.abs(rand.nextInt()) % 20];
-            for (int t = 0; t < bpid.length; t++)
-            {
-                bpid[t] = new BodyPartID(Math.abs(rand.nextLong() % 4294967295L));
-            }
-            BodyPartPath bpp = new BodyPartPath(bpid);
-            DERSequence _bpp = (DERSequence)bpp.toASN1Primitive();
-            byte[] b = bpp.getEncoded();
-
-            //
-            // Decode and compare results.
-            //
-
-            BodyPartPath resList = BodyPartPath.getInstance(b);
-            DERSequence _resList = (DERSequence)resList.toASN1Primitive();
-
-            isEquals(_bpp.size(), _resList.size());
-
-            for (int j = 0; j < _bpp.size(); j++)
-            {
-                isEquals(_resList.getObjectAt(j), _bpp.getObjectAt(j));
-            }
-        }
-        {
-            //
-            // Compare when same thing instantiated via different constructors.
-            //
-
-            BodyPartID bpid = new BodyPartID(Math.abs(rand.nextLong() % 4294967295L));
-            BodyPartPath bpidList = new BodyPartPath(bpid); // Single entry constructor.
-            BodyPartPath resList = new BodyPartPath(new BodyPartID[]{bpid}); // Array constructor.
-
-            DERSequence _bpidList = (DERSequence)bpidList.toASN1Primitive();
-            DERSequence _resList = (DERSequence)resList.toASN1Primitive();
-
-            isEquals(_bpidList, _resList);
-        }
-    }
-
-    public String getName()
-    {
-        return "BodyPartPathTest";
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new BodyPartPathTest());
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/BodyPartReferenceTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/BodyPartReferenceTest.java
deleted file mode 100644
index 5a56f00..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/BodyPartReferenceTest.java
+++ /dev/null

@@ -1,79 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.util.Random;
-
-import org.bouncycastle.asn1.cmc.BodyPartID;
-import org.bouncycastle.asn1.cmc.BodyPartPath;
-import org.bouncycastle.asn1.cmc.BodyPartReference;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-public class BodyPartReferenceTest
-    extends SimpleTest
-{
-
-    public String getName()
-    {
-        return "BodyPartReferenceTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        Random rand = new Random();
-        BodyPartReference ch0 = null;
-        BodyPartReference ch1 = null;
-        {
-            // Choice 1
-            BodyPartID id = new BodyPartID(Math.abs(rand.nextLong() % 4294967295L));
-
-            ch0 = new BodyPartReference(id);
-            byte[] b = ch0.getEncoded();
-
-            BodyPartReference brRes = BodyPartReference.getInstance(b);
-            isEquals(brRes, ch0);
-        }
-
-        {
-            // Choice 2
-
-            BodyPartID[] bpid = new BodyPartID[Math.abs(rand.nextInt()) % 20];
-            for (int t = 0; t < bpid.length; t++)
-            {
-                bpid[t] = new BodyPartID(Math.abs(rand.nextLong() % 4294967295L));
-            }
-
-            ch1 = new BodyPartReference(new BodyPartPath(bpid));
-            byte[] b = ch1.getEncoded();
-
-            BodyPartReference brRes = BodyPartReference.getInstance(b);
-            isEquals(brRes, ch1);
-        }
-
-
-        {
-            // Test choice alternatives are not equal.
-            BodyPartID id = new BodyPartID(Math.abs(rand.nextLong() % 4294967295L));
-
-            ch0 = new BodyPartReference(id);
-            ch1 = new BodyPartReference(new BodyPartPath(id));
-
-            try
-            {
-                isEquals(ch0, ch1);
-                fail("Must not be equal.");
-            }
-            catch (Throwable t)
-            {
-                // Ignored
-            }
-        }
-
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new BodyPartReferenceTest());
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/CMCCertificationRequestTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/CMCCertificationRequestTest.java
deleted file mode 100644
index 57e23b4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/CMCCertificationRequestTest.java
+++ /dev/null

@@ -1,83 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.ByteArrayOutputStream;
-
-import org.bouncycastle.asn1.DEROutputStream;
-import org.bouncycastle.asn1.cmc.CertificationRequest;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class CMCCertificationRequestTest
-    extends SimpleTest
-{
-    byte[]    req1 = Base64.decode(
-                "MIHoMIGTAgEAMC4xDjAMBgNVBAMTBVRlc3QyMQ8wDQYDVQQKEwZBbmFUb20xCzAJBgNVBAYTAlNF"
-            +   "MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALlEt31Tzt2MlcOljvacJgzQVhmlMoqAOgqJ9Pgd3Gux"
-            +   "Z7/WcIlgW4QCB7WZT21O1YoghwBhPDMcNGrHei9kHQkCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA0EA"
-            +   "NDEI4ecNtJ3uHwGGlitNFq9WxcoZ0djbQJ5hABMotav6gtqlrwKXY2evaIrsNwkJtNdwwH18aQDU"
-            +   "KCjOuBL38Q==");
-
-    byte[]    req2 = Base64.decode(
-               "MIIB6TCCAVICAQAwgagxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRQwEgYDVQQH"
-            +  "EwtTYW50YSBDbGFyYTEMMAoGA1UEChMDQUJCMVEwTwYDVQQLHEhQAAAAAAAAAG8AAAAAAAAAdwAA"
-            +  "AAAAAABlAAAAAAAAAHIAAAAAAAAAIAAAAAAAAABUAAAAAAAAABxIAAAAAAAARAAAAAAAAAAxDTAL"
-            +  "BgNVBAMTBGJsdWUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANETRZ+6occCOrFxNhfKIp4C"
-            +  "mMkxwhBNb7TnnahpbM9O0r4hrBPcfYuL7u9YX/jN0YNUP+/CiT39HhSe/bikaBPDEyNsl988I8vX"
-            +  "piEdgxYq/+LTgGHbjRsRYCkPtmzwBbuBldNF8bV7pu0v4UScSsExmGqqDlX1TbPU8KkPU1iTAgMB"
-            +  "AAGgADANBgkqhkiG9w0BAQQFAAOBgQAFbrs9qUwh93CtETk7DeUD5HcdCnxauo1bck44snSV6MZV"
-            +  "OCIGaYu1501kmhEvAtVVRr6SEHwimfQDDIjnrWwYsEr/DT6tkTZAbfRd3qUu3iKjT0H0vlUZp0hJ"
-            +  "66mINtBM84uZFBfoXiWY8M3FuAnGmvy6ah/dYtJorTxLKiGkew==");
-
-    public String getName()
-    {
-        return "CMCCertificationRequestTest";
-    }
-    
-    public void certReqTest(
-        String  testName,
-        byte[]  req)
-        throws Exception
-    {
-        CertificationRequest    r = CertificationRequest.getInstance(req);
-
-        ByteArrayOutputStream    bOut = new ByteArrayOutputStream();
-        DEROutputStream          dOut = new DEROutputStream(bOut);
-
-        dOut.writeObject(r.toASN1Primitive());
-
-        byte[]                    bytes = bOut.toByteArray();
-
-        if (bytes.length != req.length)
-        {
-            fail(testName + " failed length test");
-        }
-
-        for (int i = 0; i != req.length; i++)
-        {
-            if (bytes[i] != req[i])
-            {
-                fail(testName + " failed comparison test");
-            }
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        certReqTest("req1", req1);
-        certReqTest("req2", req2);
-
-        CertificationRequest    a = CertificationRequest.getInstance(req1);
-        CertificationRequest    b = new CertificationRequest(a.getSubject(), a.getSubjectPublicKeyAlgorithm(), a.getSubjectPublicKey(), a.getAttributes(), a.getSignatureAlgorithm(), a.getSignature());
-
-        isTrue(Arrays.areEqual(a.getEncoded(), b.getEncoded()));
-    }
-
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new CMCCertificationRequestTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/CMCFailInfoTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/CMCFailInfoTest.java
deleted file mode 100644
index d134a8c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/CMCFailInfoTest.java
+++ /dev/null

@@ -1,96 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.lang.reflect.Field;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.Map;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.cmc.CMCFailInfo;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class CMCFailInfoTest
-    extends SimpleTest
-{
-
-    // From Page 68, CMC: Structures RFC 5272
-    private static Object[][] types = new Object[][]{
-        {"badAlg", new Long(0L) },
-        {"badMessageCheck", new Long(1L) },
-        {"badRequest", new Long(2L) },
-        {"badTime", new Long(3L) },
-        {"badCertId", new Long(4L) },
-        {"unsupportedExt", new Long(5L) },
-        {"mustArchiveKeys", new Long(6L) },
-        {"badIdentity", new Long(7L) },
-        {"popRequired", new Long(8L) },
-        {"popFailed", new Long(9L) },
-        {"noKeyReuse", new Long(10L) },
-        {"internalCAError", new Long(11L) },
-        {"tryLater", new Long(12L) },
-        {"authDataFail", new Long(13L)}
-    };
-    private static Map typesMap = new HashMap();
-
-    static
-    {
-        for (int t = 0; t < types.length; t++)
-        {
-            typesMap.put(types[t][1], types[t][0]);
-        }
-    }
-
-
-    public void performTest()
-        throws Exception
-    {
-
-        //
-        // Check that range has changed and this test has not been updated or vice versa.
-        // It is intended to act as a double check on the addition of CMCFailInfo presets by
-        // requiring this test to be updated equally to ensure it will pass.
-        //
-
-        Field rangeField = CMCFailInfo.class.getDeclaredField("range");
-        rangeField.setAccessible(true);
-
-        Map range = (Map)rangeField.get(null);
-
-        isEquals("Range in CMCFailInfo does not match test data.",range.size(), types.length);
-
-        for (Iterator rangeKeys = range.keySet().iterator(); rangeKeys.hasNext(); )
-        {   Object j = rangeKeys.next();
-            if (!typesMap.containsKey(new Long(((ASN1Integer)j).getValue().longValue())))  {
-                fail("The 'range' map in CMCFailInfo contains a value not in the test ('typesMap') map, value was: "+j.toString());
-            }
-        }
-
-
-        for (Iterator typeKeys = typesMap.keySet().iterator(); typeKeys.hasNext(); )
-        {   Object j = typeKeys.next();
-            if (!range.containsKey(new ASN1Integer(((Long)j).longValue())))  {
-                fail("The 'typesMap' map in CMCFailInfoTest contains a value not in the CMCFailInfo ('range') map, value was: "+j.toString());
-            }
-        }
-
-
-        //
-        // Test encoding / decoding
-        //
-
-        byte[] b = CMCFailInfo.authDataFail.getEncoded();
-        CMCFailInfo r = CMCFailInfo.getInstance(b);
-        isEquals(r,CMCFailInfo.authDataFail);
-
-    }
-
-    public String getName()
-    {
-        return "CMCFailInfoTest";
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new CMCFailInfoTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/CMCPublicationInfoTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/CMCPublicationInfoTest.java
deleted file mode 100644
index 3cf5ef1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/CMCPublicationInfoTest.java
+++ /dev/null

@@ -1,67 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cmc.CMCPublicationInfo;
-import org.bouncycastle.asn1.crmf.PKIPublicationInfo;
-import org.bouncycastle.asn1.crmf.SinglePubInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class CMCPublicationInfoTest
-    extends SimpleTest
-{
-
-    public void performTest()
-        throws Exception
-    {
-        SecureRandom secureRandom = new SecureRandom();
-
-        //
-        // Test encode and decode.
-        //
-
-        // Not a real AlgorithmIdentifier
-        AlgorithmIdentifier testIA = new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.1.2.3"), DERNull.INSTANCE);
-        byte[][] hashes = new byte[5][64];
-        for(int i =0; i<hashes.length; i++) {
-            secureRandom.nextBytes(hashes[i]);
-        }
-
-        PKIPublicationInfo pinfo = new PKIPublicationInfo(new SinglePubInfo(SinglePubInfo.dontCare, null));
-
-        CMCPublicationInfo cmcPublicationInfo = new CMCPublicationInfo(testIA,hashes,pinfo);
-        byte[] b = cmcPublicationInfo.getEncoded();
-        CMCPublicationInfo resCmcPublicationInfo = CMCPublicationInfo.getInstance(b);
-
-        isEquals(resCmcPublicationInfo,cmcPublicationInfo);
-
-        //
-        // Test fail on small sequence.
-        //
-
-        try
-        {
-            CMCPublicationInfo.getInstance(new DERSequence(new ASN1Encodable[]{testIA}));
-            fail("Expecting exception.");
-        } catch (Exception t) {
-            isEquals("Wrong exception: "+t.getMessage(), t.getClass(), IllegalArgumentException.class);
-        }
-
-    }
-
-    public String getName()
-    {
-        return "CMCPublicationInfo";
-    }
-
-    public static void main(String[] args) {
-        runTest(new CMCPublicationInfoTest());
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/CMCStatusInfoTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/CMCStatusInfoTest.java
deleted file mode 100644
index 3ace794..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/CMCStatusInfoTest.java
+++ /dev/null

@@ -1,115 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.util.Date;
-
-import org.bouncycastle.asn1.DERGeneralizedTime;
-import org.bouncycastle.asn1.cmc.BodyPartID;
-import org.bouncycastle.asn1.cmc.CMCFailInfo;
-import org.bouncycastle.asn1.cmc.CMCStatus;
-import org.bouncycastle.asn1.cmc.CMCStatusInfo;
-import org.bouncycastle.asn1.cmc.CMCStatusInfoBuilder;
-import org.bouncycastle.asn1.cmc.PendInfo;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-public class CMCStatusInfoTest
-    extends SimpleTest
-{
-
-    public static void main(String[] args)
-    {
-        runTest(new CMCStatusInfoTest());
-    }
-
-    public String getName()
-    {
-        return "CMCStatusInfoTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        { // Without optional status String
-
-             CMCStatusInfoBuilder bldr =
-                 new CMCStatusInfoBuilder(CMCStatus.confirmRequired, new BodyPartID(10));
-
-             CMCStatusInfo cmsInfo = bldr.build();
-
-             isTrue("Has statusString", null == cmsInfo.getStatusString());
-             isEquals("Has other info", false, cmsInfo.hasOtherInfo());
-
-             byte[] b = cmsInfo.getEncoded();
-             CMCStatusInfo res = CMCStatusInfo.getInstance(b);
-
-             // Same
-             isEquals("CMCStatus with no optional part",cmsInfo, res);
-
-             isEquals("Has other info", false, res.hasOtherInfo());
-
-         }
-
-        { // Without optional other info.
-
-            CMCStatusInfoBuilder bldr =
-                new CMCStatusInfoBuilder(CMCStatus.confirmRequired, new BodyPartID(10)).setStatusString("Cats");
-
-            CMCStatusInfo cmsInfo = bldr.build();
-
-            isEquals("Has other info", false, cmsInfo.hasOtherInfo());
-
-            byte[] b = cmsInfo.getEncoded();
-            CMCStatusInfo res = CMCStatusInfo.getInstance(b);
-
-            // Same
-            isEquals("CMCStatus with no optional part",cmsInfo, res);
-
-            isEquals("Has other info", false, res.hasOtherInfo());
-
-        }
-
-
-        { // With optional info: PendInfo
-            CMCStatusInfoBuilder bldr =
-                new CMCStatusInfoBuilder(CMCStatus.confirmRequired, new BodyPartID(10))
-                    .setStatusString("Cats")
-                    .setOtherInfo(new PendInfo(Strings.toByteArray("fish"), new DERGeneralizedTime(new Date())));
-
-            CMCStatusInfo cmsInfo = bldr.build();
-
-            isEquals("Must have other info", true, cmsInfo.hasOtherInfo());
-            isEquals("Other is NOT fail info", false, cmsInfo.getOtherInfo().isFailInfo());
-
-            byte[] b = cmsInfo.getEncoded();
-            CMCStatusInfo res = CMCStatusInfo.getInstance(b);
-
-            isEquals("With optional info: PendInfo",cmsInfo, res);
-
-            isEquals("Must have other info", true, res.hasOtherInfo());
-            isEquals("Other is NOT fail info", false, res.getOtherInfo().isFailInfo());
-        }
-
-
-        { // With optional info: CMCFailInfo
-            CMCStatusInfoBuilder bldr =
-                new CMCStatusInfoBuilder(CMCStatus.confirmRequired, new BodyPartID(10))
-                    .setStatusString("Cats")
-                    .setOtherInfo(CMCFailInfo.authDataFail);
-
-            CMCStatusInfo cmsInfo = bldr.build();
-
-            isEquals("Must have other info", true, cmsInfo.hasOtherInfo());
-            isEquals("Other is fail info", true, cmsInfo.getOtherInfo().isFailInfo());
-
-            byte[] b = cmsInfo.getEncoded();
-            CMCStatusInfo res = CMCStatusInfo.getInstance(b);
-
-            isEquals("With optional info: CMCFailInfo",cmsInfo, res);
-
-            isEquals("Must have other info", true, res.hasOtherInfo());
-            isEquals("Other is fail info", true, res.getOtherInfo().isFailInfo());
-        }
-
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/CMCStatusInfoV2Test.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/CMCStatusInfoV2Test.java
deleted file mode 100644
index b5c396d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/CMCStatusInfoV2Test.java
+++ /dev/null

@@ -1,141 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.util.Date;
-
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.DERGeneralizedTime;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.cmc.BodyPartID;
-import org.bouncycastle.asn1.cmc.CMCFailInfo;
-import org.bouncycastle.asn1.cmc.CMCStatus;
-import org.bouncycastle.asn1.cmc.CMCStatusInfoV2;
-import org.bouncycastle.asn1.cmc.CMCStatusInfoV2Builder;
-import org.bouncycastle.asn1.cmc.ExtendedFailInfo;
-import org.bouncycastle.asn1.cmc.PendInfo;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-public class CMCStatusInfoV2Test
-    extends SimpleTest
-{
-
-    public static void main(String[] args)
-    {
-        runTest(new CMCStatusInfoV2Test());
-    }
-
-    public String getName()
-    {
-        return "CMCStatusInfoV2Test";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        { // Without optional status String
-
-            CMCStatusInfoV2Builder bldr =
-                new CMCStatusInfoV2Builder(CMCStatus.confirmRequired, new BodyPartID(10));
-
-            CMCStatusInfoV2 cmsInfo = bldr.build();
-
-            isTrue("Has statusString", null == cmsInfo.getStatusString());
-            isEquals("Has other info", false, cmsInfo.hasOtherInfo());
-
-            byte[] b = cmsInfo.getEncoded();
-            CMCStatusInfoV2 res = CMCStatusInfoV2.getInstance(b);
-
-            // Same
-            isEquals("CMCStatus with no optional part", cmsInfo, res);
-
-            isEquals("Has other info", false, res.hasOtherInfo());
-
-        }
-
-        { // Without optional other info.
-
-            CMCStatusInfoV2Builder bldr =
-                new CMCStatusInfoV2Builder(CMCStatus.confirmRequired, new BodyPartID(10)).setStatusString("Cats");
-
-            CMCStatusInfoV2 cmsInfo = bldr.build();
-
-            isEquals("Has other info", false, cmsInfo.hasOtherInfo());
-
-            byte[] b = cmsInfo.getEncoded();
-            CMCStatusInfoV2 res = CMCStatusInfoV2.getInstance(b);
-
-            // Same
-            isEquals("CMCStatus with no optional part", cmsInfo, res);
-
-            isEquals("Has other info", false, res.hasOtherInfo());
-
-        }
-
-
-        { // With optional info: PendInfo
-            CMCStatusInfoV2Builder bldr =
-                new CMCStatusInfoV2Builder(CMCStatus.confirmRequired, new BodyPartID(10))
-                    .setStatusString("Cats")
-                    .setOtherInfo(new PendInfo(Strings.toByteArray("fish"), new DERGeneralizedTime(new Date())));
-
-            CMCStatusInfoV2 cmsInfo = bldr.build();
-
-            isEquals("Must have other info", true, cmsInfo.hasOtherInfo());
-            isEquals("Other is NOT fail info", false, cmsInfo.getOtherStatusInfo().isFailInfo());
-
-            byte[] b = cmsInfo.getEncoded();
-            CMCStatusInfoV2 res = CMCStatusInfoV2.getInstance(b);
-
-            isEquals("With optional info: PendInfo", cmsInfo, res);
-
-            isEquals("Must have other info", true, res.hasOtherInfo());
-            isEquals("Other is NOT fail info", false, res.getOtherStatusInfo().isFailInfo());
-        }
-
-
-        { // With optional info: CMCFailInfo
-            CMCStatusInfoV2Builder bldr =
-                new CMCStatusInfoV2Builder(CMCStatus.confirmRequired, new BodyPartID(10))
-                    .setStatusString("Cats")
-                    .setOtherInfo(CMCFailInfo.authDataFail);
-
-            CMCStatusInfoV2 cmsInfo = bldr.build();
-
-            isEquals("Must have other info", true, cmsInfo.hasOtherInfo());
-            isEquals("Other is fail info", true, cmsInfo.getOtherStatusInfo().isFailInfo());
-
-            byte[] b = cmsInfo.getEncoded();
-            CMCStatusInfoV2 res = CMCStatusInfoV2.getInstance(b);
-
-            isEquals("With optional info: CMCFailInfo", cmsInfo, res);
-
-            isEquals("Must have other info", true, res.hasOtherInfo());
-            isEquals("Other is fail info", true, res.getOtherStatusInfo().isFailInfo());
-        }
-
-
-        { // With optional info: ExtendedFailInfo
-            CMCStatusInfoV2Builder bldr =
-                new CMCStatusInfoV2Builder(CMCStatus.confirmRequired, new BodyPartID(10))
-                    .setStatusString("Cats")
-                    .setOtherInfo(new ExtendedFailInfo(PKCSObjectIdentifiers.bagtypes, new DEROctetString("fish".getBytes())));
-
-            CMCStatusInfoV2 cmsInfo = bldr.build();
-
-            isEquals("Must have other info", true, cmsInfo.hasOtherInfo());
-            isEquals("Other is extended fail info", true, cmsInfo.getOtherStatusInfo().isExtendedFailInfo());
-
-            byte[] b = cmsInfo.getEncoded();
-            CMCStatusInfoV2 res = CMCStatusInfoV2.getInstance(b);
-
-            isEquals("With optional info: ExtendedFailInfo", cmsInfo, res);
-
-            isEquals("Must have other info", true, res.hasOtherInfo());
-            isEquals("Other is extended fail info", true, res.getOtherStatusInfo().isExtendedFailInfo());
-        }
-
-
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/CMCStatusTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/CMCStatusTest.java
deleted file mode 100644
index 3d17e8c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/CMCStatusTest.java
+++ /dev/null

@@ -1,96 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.lang.reflect.Field;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.Map;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.cmc.CMCStatus;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-public class CMCStatusTest
-    extends SimpleTest
-{
-
-    public static void main(String[] args)
-    {
-        runTest(new CMCStatusTest());
-    }
-
-    public String getName()
-    {
-        return "CMCStatusTest";
-    }
-
-    // From Page 68, CMC: Structures RFC 5272
-    private static Object[][] types = new Object[][]{
-        {"success", new Long(0L) },
-        // -- reserved            (1),
-        {"failed", new Long(2L) },
-        {"pending", new Long(3L) },
-        {"noSupport", new Long(4L) },
-        {"confirmRequired", new Long(5L) },
-        {"popRequired", new Long(6L) },
-        {"partial", new Long(7L) }
-    };
-    private static Map typesMap = new HashMap();
-
-    static
-    {
-        for (int t = 0; t < types.length; t++)
-        {
-            typesMap.put(types[t][1], types[t][0]);
-        }
-    }
-
-
-    public void performTest()
-        throws Exception
-    {
-
-        //
-        // Check that range has changed and this test has not been updated or vice versa.
-        // It is intended to act as a double check on the addition of CMCStatus presets by
-        // requiring this test to be updated equally to ensure it will pass.
-        //
-
-        Field rangeField = CMCStatus.class.getDeclaredField("range");
-        rangeField.setAccessible(true);
-
-        Map range = (Map)rangeField.get(null);
-
-        isEquals("Range in CMCStatus does not match test data.", range.size(), types.length);
-
-        for (Iterator rangeKeys = range.keySet().iterator(); rangeKeys.hasNext(); )
-        {
-            Object j = rangeKeys.next();
-            if (!typesMap.containsKey(new Long(((ASN1Integer)j).getValue().longValue())))
-            {
-                fail("The 'range' map in CMCStatus contains a value not in the test ('typesMap') map, value was: " + j.toString());
-            }
-        }
-
-
-        for (Iterator typeKeys = typesMap.keySet().iterator(); typeKeys.hasNext(); )
-        {
-            Object j = typeKeys.next();
-            if (!range.containsKey(new ASN1Integer(((Long)j).longValue())))
-            {
-                fail("The 'typesMap' map in CMCStatusTest contains a value not in the CMCStatus ('range') map, value was: " + j.toString());
-            }
-        }
-
-
-        //
-        // Test encoding / decoding
-        //
-
-        byte[] b = CMCStatus.failed.getEncoded();
-        CMCStatus r = CMCStatus.getInstance(b);
-        isEquals(r, CMCStatus.failed);
-
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/CMCUnsignedDataTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/CMCUnsignedDataTest.java
deleted file mode 100644
index a1095ae..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/CMCUnsignedDataTest.java
+++ /dev/null

@@ -1,63 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cmc.BodyPartID;
-import org.bouncycastle.asn1.cmc.BodyPartPath;
-import org.bouncycastle.asn1.cmc.CMCUnsignedData;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-public class CMCUnsignedDataTest
-    extends SimpleTest
-{
-
-    public static void main(String[] args)
-    {
-        runTest(new CMCUnsignedDataTest());
-    }
-
-    public String getName()
-    {
-        return "CMCUnsignedDataTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        // Encode then decode
-        CMCUnsignedData data = new CMCUnsignedData(new BodyPartPath(new BodyPartID(10L)), PKCSObjectIdentifiers.certBag, new DEROctetString("Cats".getBytes()));
-        byte[] b = data.getEncoded();
-        CMCUnsignedData result = CMCUnsignedData.getInstance(data);
-
-        isEquals(data.getBodyPartPath(), result.getBodyPartPath());
-        isEquals(data.getIdentifier(), result.getIdentifier());
-        isEquals(data.getContent(), result.getContent());
-
-        // Sequence length must be 3
-
-        try
-        {
-            CMCUnsignedData.getInstance(new DERSequence(new ASN1Integer(10)));
-            fail("Must fail, sequence must be 3");
-        }
-        catch (Exception ex)
-        {
-            isEquals(ex.getClass(), IllegalArgumentException.class);
-        }
-
-        try
-        {
-            CMCUnsignedData.getInstance(new DERSequence(new ASN1Encodable[]{new ASN1Integer(10), new ASN1Integer(10), new ASN1Integer(10), new ASN1Integer(10)}));
-            fail("Must fail, sequence must be 3");
-        }
-        catch (Exception ex)
-        {
-            isEquals(ex.getClass(), IllegalArgumentException.class);
-        }
-
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/CMSTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/CMSTest.java
deleted file mode 100644
index 873b27c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/CMSTest.java
+++ /dev/null

@@ -1,358 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.InputStream;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1OctetStringParser;
-import org.bouncycastle.asn1.ASN1OutputStream;
-import org.bouncycastle.asn1.ASN1SequenceParser;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.ASN1SetParser;
-import org.bouncycastle.asn1.ASN1StreamParser;
-import org.bouncycastle.asn1.BERTags;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
-import org.bouncycastle.asn1.cms.CompressedData;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.cms.ContentInfoParser;
-import org.bouncycastle.asn1.cms.EncryptedContentInfoParser;
-import org.bouncycastle.asn1.cms.EnvelopedData;
-import org.bouncycastle.asn1.cms.EnvelopedDataParser;
-import org.bouncycastle.asn1.cms.KEKRecipientInfo;
-import org.bouncycastle.asn1.cms.KeyTransRecipientInfo;
-import org.bouncycastle.asn1.cms.RecipientInfo;
-import org.bouncycastle.asn1.cms.SignedData;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.io.Streams;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-public class CMSTest
-    implements Test
-{
-    //
-    // compressed data object
-    //
-    byte[]  compData = Base64.decode(
-            "MIAGCyqGSIb3DQEJEAEJoIAwgAIBADANBgsqhkiG9w0BCRADCDCABgkqhkiG9w0BBwGggCSABIIC"
-          + "Hnic7ZRdb9owFIbvK/k/5PqVYPFXGK12YYyboVFASSp1vQtZGiLRACZE49/XHoUW7S/0tXP8Efux"
-          + "fU5ivWnasml72XFb3gb5druui7ytN803M570nii7C5r8tfwR281hy/p/KSM3+jzH5s3+pbQ90xSb"
-          + "P3VT3QbLusnt8WPIuN5vN/vaA2+DulnXTXkXvNTr8j8ouZmkCmGI/UW+ZS/C8zP0bz2dz0zwLt+1"
-          + "UEk2M8mlaxjRMByAhZTj0RGYg4TvogiRASROsZgjpVcJCb1KV6QzQeDJ1XkoQ5Jm+C5PbOHZZGRi"
-          + "v+ORAcshOGeCcdFJyfgFxdtCdEcmOrbinc/+BBMzRThEYpwl+jEBpciSGWQkI0TSlREmD/eOHb2D"
-          + "SGLuESm/iKUFt1y4XHBO2a5oq0IKJKWLS9kUZTA7vC5LSxYmgVL46SIWxIfWBQd6AdrnjLmH94UT"
-          + "vGxVibLqRCtIpp4g2qpdtqK1LiOeolpVK5wVQ5P7+QjZAlrh0cePYTx/gNZuB9Vhndtgujl9T/tg"
-          + "W9ogK+3rnmg3YWygnTuF5GDS+Q/jIVLnCcYZFc6Kk/+c80wKwZjwdZIqDYWRH68MuBQSXLgXYXj2"
-          + "3CAaYOBNJMliTl0X7eV5DnoKIFSKYdj3cRpD/cK/JWTHJRe76MUXnfBW8m7Hd5zhQ4ri2NrVF/WL"
-          + "+kV1/3AGSlJ32bFPd2BsQD8uSzIx6lObkjdz95c0AAAAAAAAAAAAAAAA");
-    
-    //
-    // enveloped data
-    //
-    byte[]   envDataKeyTrns = Base64.decode(
-            "MIAGCSqGSIb3DQEHA6CAMIACAQAxgcQwgcECAQAwKjAlMRYwFAYDVQQKEw1Cb3Vu"
-          + "Y3kgQ2FzdGxlMQswCQYDVQQGEwJBVQIBCjANBgkqhkiG9w0BAQEFAASBgC5vdGrB"
-          + "itQSGwifLf3KwPILjaB4WEXgT/IIO1KDzrsbItCJsMA0Smq2y0zptxT0pSRL6JRg"
-          + "NMxLk1ySnrIrvGiEPLMR1zjxlT8yQ6VLX+kEoK43ztd1aaLw0oBfrcXcLN7BEpZ1"
-          + "TIdjlBfXIOx1S88WY1MiYqJJFc3LMwRUaTEDMIAGCSqGSIb3DQEHATAdBglghkgB"
-          + "ZQMEARYEEAfxLMWeaBOTTZQwUq0Y5FuggAQgwOJhL04rjSZCBCSOv5i5XpFfGsOd"
-          + "YSHSqwntGpFqCx4AAAAAAAAAAAAA");
-    
-    byte[]   envDataKEK = Base64.decode(
-            "MIAGCSqGSIb3DQEHA6CAMIACAQIxUqJQAgEEMAcEBQECAwQFMBAGCyqGSIb3DQEJE"
-          + "AMHAgE6BDC7G/HyUPilIrin2Yeajqmj795VoLWETRnZAAFcAiQdoQWyz+oCh6WY/H"
-          + "jHHi+0y+cwgAYJKoZIhvcNAQcBMBQGCCqGSIb3DQMHBAiY3eDBBbF6naCABBiNdzJb"
-          + "/v6+UZB3XXKipxFDUpz9GyjzB+gAAAAAAAAAAAAA");
-
-    byte[] envDataNestedNDEF = Base64.decode(
-          "MIAGCSqGSIb3DQEHA6CAMIACAQAxge8wgewCAQAwgZUwgY8xKDAmBgNVBAoMH1RoZSBMZWdpb24g"
-        + "b2YgdGhlIEJvdW5jeSBDYXN0bGUxLzAtBgkqhkiG9w0BCQEWIGZlZWRiYWNrLWNyeXB0b0Bib3Vu"
-        + "Y3ljYXN0bGUub3JnMREwDwYDVQQIDAhWaWN0b3JpYTESMBAGA1UEBwwJTWVsYm91cm5lMQswCQYD"
-        + "VQQGEwJBVQIBATANBgkqhkiG9w0BAQEFAARABIXMd8xiTyWDKO/LQfvdGYTPW3I9oSQWwtm4OIaN"
-        + "VINpfY2lfwTvbmE6VXiLKeALC0dMBV8z7DEM9hE0HVmvLDCABgkqhkiG9w0BBwEwHQYJYIZIAWUD"
-        + "BAECBBB32ko6WrVxDTqwUYEpV6IUoIAEggKgS6RowrhNlmWWI13zxD/lryxkZ5oWXPUfNiUxYX/P"
-        + "r5iscW3s8VKJKUpJ4W5SNA7JGL4l/5LmSnJ4Qu/xzxcoH4r4vmt75EDE9p2Ob2Xi1NuSFAZubJFc"
-        + "Zlnp4e05UHKikmoaz0PbiAi277sLQlK2FcVsntTYVT00y8+IwuuQu0ATVqkXC+VhfjV/sK6vQZnw"
-        + "2rQKedZhLB7B4dUkmxCujb/UAq4lgSpLMXg2P6wMimTczXyQxRiZxPeI4ByCENjkafXbfcJft2eD"
-        + "gv1DEDdYM5WrW9Z75b4lmJiOJ/xxDniHCvum7KGXzpK1d1mqTlpzPC2xoz08/MO4lRf5Mb0bYdq6"
-        + "CjMaYqVwGsYryp/2ayX+d8H+JphEG+V9Eg8uPcDoibwhDI4KkoyGHstPw5bxcy7vVFt7LXUdNjJc"
-        + "K1wxaUKEXDGKt9Vj93FnBTLMX0Pc9HpueV5o1ipX34dn/P3HZB9XK8ScbrE38B1VnIgylStnhVFO"
-        + "Cj9s7qSVqI2L+xYHJRHsxaMumIRnmRuOqdXDfIo28EZAnFtQ/b9BziMGVvAW5+A8h8s2oazhSmK2"
-        + "23ftV7uv98ScgE8fCd3PwT1kKJM83ThTYyBzokvMfPYCCvsonMV+kTWXhWcwjYTS4ukrpR452ZdW"
-        + "l3aJqDnzobt5FK4T8OGciOj+1PxYFZyRmCuafm2Dx6o7Et2Tu/T5HYvhdY9jHyqtDl2PXH4CTnVi"
-        + "gA1YOAArjPVmsZVwAM3Ml46uyXXhcsXwQ1X0Tv4D+PSa/id4UQ2cObOw8Cj1eW2GB8iJIZVqkZaU"
-        + "XBexqgWYOIoxjqODSeoZKiBsTK3c+oOUBqBDueY1i55swE2o6dDt95FluX6iyr/q4w2wLt3upY1J"
-        + "YL+TuvZxAKviuAczMS1bAAAAAAAAAAAAAA==");
-
-    //
-    // signed data
-    //
-    byte[]   signedData = Base64.decode(
-            "MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAaCA"
-          + "JIAEDEhlbGxvIFdvcmxkIQAAAAAAAKCCBGIwggINMIIBdqADAgECAgEBMA0GCSqG"
-          + "SIb3DQEBBAUAMCUxFjAUBgNVBAoTDUJvdW5jeSBDYXN0bGUxCzAJBgNVBAYTAkFV"
-          + "MB4XDTA0MTAyNDA0MzA1OFoXDTA1MDIwMTA0MzA1OFowJTEWMBQGA1UEChMNQm91"
-          + "bmN5IENhc3RsZTELMAkGA1UEBhMCQVUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ"
-          + "AoGBAJj3OAshAOgDmPcYZ1jdNSuhOHRH9VhC/PG17FdiInVGc2ulJhEifEQga/uq"
-          + "ZCpSd1nHsJUZKm9k1bVneWzC0941i9Znfxgb2jnXXsa5kwB2KEVESrOWsRjSRtnY"
-          + "iLgqBG0rzpaMn5A5ntu7N0406EesBhe19cjZAageEHGZDbufAgMBAAGjTTBLMB0G"
-          + "A1UdDgQWBBR/iHNKOo6f4ByWFFywRNZ65XSr1jAfBgNVHSMEGDAWgBR/iHNKOo6f"
-          + "4ByWFFywRNZ65XSr1jAJBgNVHRMEAjAAMA0GCSqGSIb3DQEBBAUAA4GBAFMJJ7QO"
-          + "pHo30bnlQ4Ny3PCnK+Se+Gw3TpaYGp84+a8fGD9Dme78G6NEsgvpFGTyoLxvJ4CB"
-          + "84Kzys+1p2HdXzoZiyXAer5S4IwptE3TxxFwKyj28cRrM6dK47DDyXUkV0qwBAMN"
-          + "luwnk/no4K7ilzN2MZk5l7wXyNa9yJ6CHW6dMIICTTCCAbagAwIBAgIBAjANBgkq"
-          + "hkiG9w0BAQQFADAlMRYwFAYDVQQKEw1Cb3VuY3kgQ2FzdGxlMQswCQYDVQQGEwJB"
-          + "VTAeFw0wNDEwMjQwNDMwNTlaFw0wNTAyMDEwNDMwNTlaMGUxGDAWBgNVBAMTD0Vy"
-          + "aWMgSC4gRWNoaWRuYTEkMCIGCSqGSIb3DQEJARYVZXJpY0Bib3VuY3ljYXN0bGUu"
-          + "b3JnMRYwFAYDVQQKEw1Cb3VuY3kgQ2FzdGxlMQswCQYDVQQGEwJBVTCBnzANBgkq"
-          + "hkiG9w0BAQEFAAOBjQAwgYkCgYEAm+5CnGU6W45iUpCsaGkn5gDruZv3j/o7N6ag"
-          + "mRZhikaLG2JF6ECaX13iioVJfmzBsPKxAACWwuTXCoSSXG8viK/qpSHwJpfQHYEh"
-          + "tcC0CxIqlnltv3KQAGwh/PdwpSPvSNnkQBGvtFq++9gnXDBbynfP8b2L2Eis0X9U"
-          + "2y6gFiMCAwEAAaNNMEswHQYDVR0OBBYEFEAmOksnF66FoQm6IQBVN66vJo1TMB8G"
-          + "A1UdIwQYMBaAFH+Ic0o6jp/gHJYUXLBE1nrldKvWMAkGA1UdEwQCMAAwDQYJKoZI"
-          + "hvcNAQEEBQADgYEAEeIjvNkKMPU/ZYCu1TqjGZPEqi+glntg2hC/CF0oGyHFpMuG"
-          + "tMepF3puW+uzKM1s61ar3ahidp3XFhr/GEU/XxK24AolI3yFgxP8PRgUWmQizTQX"
-          + "pWUmhlsBe1uIKVEfNAzCgtYfJQ8HJIKsUCcdWeCKVKs4jRionsek1rozkPExggEv"
-          + "MIIBKwIBATAqMCUxFjAUBgNVBAoTDUJvdW5jeSBDYXN0bGUxCzAJBgNVBAYTAkFV"
-          + "AgECMAkGBSsOAwIaBQCgXTAYBgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqG"
-          + "SIb3DQEJBTEPFw0wNDEwMjQwNDMwNTlaMCMGCSqGSIb3DQEJBDEWBBQu973mCM5U"
-          + "BOl9XwQvlfifHCMocTANBgkqhkiG9w0BAQEFAASBgGHbe3/jcZu6b/erRhc3PEji"
-          + "MUO8mEIRiNYBr5/vFNhkry8TrGfOpI45m7gu1MS0/vdas7ykvidl/sNZfO0GphEI"
-          + "UaIjMRT3U6yuTWF4aLpatJbbRsIepJO/B2kdIAbV5SCbZgVDJIPOR2qnruHN2wLF"
-          + "a+fEv4J8wQ8Xwvk0C8iMAAAAAAAA");
-
-    private boolean isSameAs(
-        byte[]  a,
-        byte[]  b)
-    {
-        if (a.length != b.length)
-        {
-            return false;
-        }
-        
-        for (int i = 0; i != a.length; i++)
-        {
-            if (a[i] != b[i])
-            {
-                return false;
-            }
-        }
-        
-        return true;
-    }
-    
-    private TestResult compressionTest()
-    {
-        try
-        {
-            ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(compData));
-            
-            ContentInfo     info = ContentInfo.getInstance(aIn.readObject());
-            CompressedData  data = CompressedData.getInstance(info.getContent());
-            
-            data = new CompressedData(data.getCompressionAlgorithmIdentifier(), data.getEncapContentInfo());
-            info = new ContentInfo(CMSObjectIdentifiers.compressedData, data);
-            
-            ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
-            ASN1OutputStream        aOut = new ASN1OutputStream(bOut);
-            
-            aOut.writeObject(info);
-            
-            if (!isSameAs(bOut.toByteArray(), compData))
-            {
-                return new SimpleTestResult(false, getName() + ": CMS compression failed to re-encode");
-            }
-            
-            return new SimpleTestResult(true, getName() + ": Okay");
-        }
-        catch (Exception e)
-        {
-            return new SimpleTestResult(false, getName() + ": CMS compression failed - " + e.toString(), e);
-        }
-    }
-    
-    private TestResult envelopedTest()
-    {
-        try
-        {
-            //
-            // Key trans
-            //
-            ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(envDataKeyTrns));
-            
-            ContentInfo     info = ContentInfo.getInstance(aIn.readObject());
-            EnvelopedData   envData = EnvelopedData.getInstance(info.getContent());
-            ASN1Set         s = envData.getRecipientInfos();
-            
-            if (s.size() != 1)
-            {
-                return new SimpleTestResult(false, getName() + ": CMS KeyTrans enveloped, wrong number of recipients");
-            }
-            
-            RecipientInfo   recip = RecipientInfo.getInstance(s.getObjectAt(0));
-
-            if (recip.getInfo() instanceof KeyTransRecipientInfo)
-            {
-                KeyTransRecipientInfo   inf = KeyTransRecipientInfo.getInstance(recip.getInfo());
-                
-                inf = new KeyTransRecipientInfo(inf.getRecipientIdentifier(), inf.getKeyEncryptionAlgorithm(), inf.getEncryptedKey());
-                
-                s = new DERSet(new RecipientInfo(inf));
-            }
-            else
-            {
-                return new SimpleTestResult(false, getName() + ": CMS KeyTrans enveloped, wrong recipient type");
-            }
-
-            ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
-            ASN1OutputStream        aOut = new ASN1OutputStream(bOut);
-            
-            envData = new EnvelopedData(envData.getOriginatorInfo(), s, envData.getEncryptedContentInfo(), envData.getUnprotectedAttrs());
-            info = new ContentInfo(CMSObjectIdentifiers.envelopedData, envData);
-            
-            aOut.writeObject(info);
-            
-            if (!isSameAs(bOut.toByteArray(), envDataKeyTrns))
-            {
-                return new SimpleTestResult(false, getName() + ": CMS KeyTrans enveloped failed to re-encode");
-            }
-            
-            //
-            // KEK
-            //
-            aIn = new ASN1InputStream(new ByteArrayInputStream(envDataKEK));
-            
-            info = ContentInfo.getInstance(aIn.readObject());
-            envData = EnvelopedData.getInstance(info.getContent());
-            s = envData.getRecipientInfos();
-            
-            if (s.size() != 1)
-            {
-                return new SimpleTestResult(false, getName() + ": CMS KEK enveloped, wrong number of recipients");
-            }
-            
-            recip = RecipientInfo.getInstance(s.getObjectAt(0));
-
-            if (recip.getInfo() instanceof KEKRecipientInfo)
-            {
-                KEKRecipientInfo   inf = KEKRecipientInfo.getInstance(recip.getInfo());
-                
-                inf = new KEKRecipientInfo(inf.getKekid(), inf.getKeyEncryptionAlgorithm(), inf.getEncryptedKey());
-                
-                s = new DERSet(new RecipientInfo(inf));
-            }
-            else
-            {
-                return new SimpleTestResult(false, getName() + ": CMS KEK enveloped, wrong recipient type");
-            }
-            
-            bOut = new ByteArrayOutputStream();
-            aOut = new ASN1OutputStream(bOut);
-            
-            envData = new EnvelopedData(envData.getOriginatorInfo(), s, envData.getEncryptedContentInfo(), envData.getUnprotectedAttrs());
-            info = new ContentInfo(CMSObjectIdentifiers.envelopedData, envData);
-            
-            aOut.writeObject(info);
-            
-            if (!isSameAs(bOut.toByteArray(), envDataKEK))
-            {                                                         System.out.println(new String(Base64.encode(bOut.toByteArray())));
-                return new SimpleTestResult(false, getName() + ": CMS KEK enveloped failed to re-encode");
-            }
-
-            // Nested NDEF problem
-            ASN1StreamParser asn1In = new ASN1StreamParser(new ByteArrayInputStream(envDataNestedNDEF));
-            ContentInfoParser ci = new ContentInfoParser((ASN1SequenceParser)asn1In.readObject());
-            EnvelopedDataParser ed = new EnvelopedDataParser((ASN1SequenceParser)ci
-                .getContent(BERTags.SEQUENCE));
-            ed.getVersion();
-            ed.getOriginatorInfo();
-            ed.getRecipientInfos().toASN1Primitive();
-            EncryptedContentInfoParser eci = ed.getEncryptedContentInfo();
-            eci.getContentType();
-            eci.getContentEncryptionAlgorithm();
-
-            InputStream dataIn = ((ASN1OctetStringParser)eci.getEncryptedContent(BERTags.OCTET_STRING))
-                .getOctetStream();
-            Streams.drain(dataIn);
-            dataIn.close();
-
-            // Test data doesn't have unprotected attrs, bug was being thrown by this call
-            ASN1SetParser upa = ed.getUnprotectedAttrs();
-            if (upa != null)
-            {
-                upa.toASN1Primitive();
-            }
-
-            return new SimpleTestResult(true, getName() + ": Okay");
-        }
-        catch (Exception e)
-        {
-            return new SimpleTestResult(false, getName() + ": CMS enveloped failed - " + e.toString(), e);
-        }
-    }
-    
-    private TestResult signedTest()
-    {
-        try
-        {
-            ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(signedData));
-            
-            ContentInfo     info = ContentInfo.getInstance(aIn.readObject());
-            SignedData      sData = SignedData.getInstance(info.getContent());
-            
-            ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
-            ASN1OutputStream        aOut = new ASN1OutputStream(bOut);
-            
-            sData = new SignedData(sData.getDigestAlgorithms(), sData.getEncapContentInfo(), sData.getCertificates(), sData.getCRLs(), sData.getSignerInfos());
-            info = new ContentInfo(CMSObjectIdentifiers.signedData, sData);
-            
-            aOut.writeObject(info);
-            
-            if (!isSameAs(bOut.toByteArray(), signedData))
-            {
-                return new SimpleTestResult(false, getName() + ": CMS signed failed to re-encode");
-            }
-            
-            return new SimpleTestResult(true, getName() + ": Okay");
-        }
-        catch (Exception e)
-        {
-            return new SimpleTestResult(false, getName() + ": CMS signed failed - " + e.toString(), e);
-        }
-    }
-    
-    public TestResult perform()
-    {
-        TestResult  res = compressionTest();
-        
-        if (!res.isSuccessful())
-        {
-            return res;
-        }
-        
-        res = envelopedTest();
-        if (!res.isSuccessful())
-        {
-            return res;
-        }
-        
-        return signedTest();
-    }
-
-    public String getName()
-    {
-        return "CMS";
-    }
-
-    public static void main(
-        String[] args)
-    {
-        CMSTest    test = new CMSTest();
-        TestResult result = test.perform();
-
-        System.out.println(result);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/CertHashUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/CertHashUnitTest.java
deleted file mode 100644
index 2af01ee..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/CertHashUnitTest.java
+++ /dev/null

@@ -1,84 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.isismtt.ocsp.CertHash;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-public class CertHashUnitTest
-    extends ASN1UnitTest
-{
-    public String getName()
-    {
-        return "CertHash";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        AlgorithmIdentifier algId = new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.2.2.3"));
-        byte[]              digest = new byte[20];
-        
-        CertHash certID = new CertHash(algId, digest);
-
-        checkConstruction(certID, algId, digest);
-
-        certID = CertHash.getInstance(null);
-
-        if (certID != null)
-        {
-            fail("null getInstance() failed.");
-        }
-
-        try
-        {
-            CertHash.getInstance(new Object());
-
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void checkConstruction(
-        CertHash certHash,
-        AlgorithmIdentifier algId,
-        byte[] digest)
-        throws IOException
-    {
-        checkValues(certHash, algId, digest);
-
-        certHash = CertHash.getInstance(certHash);
-
-        checkValues(certHash, algId, digest);
-
-        ASN1InputStream aIn = new ASN1InputStream(certHash.toASN1Primitive().getEncoded());
-
-        ASN1Sequence seq = (ASN1Sequence)aIn.readObject();
-
-        certHash = CertHash.getInstance(seq);
-
-        checkValues(certHash, algId, digest);
-    }
-
-    private void checkValues(
-        CertHash certHash,
-        AlgorithmIdentifier algId,
-        byte[] digest)
-    {
-        checkMandatoryField("algorithmHash", algId, certHash.getHashAlgorithm());
-
-        checkMandatoryField("certificateHash", digest, certHash.getCertificateHash());
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new CertHashUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/CertificateTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/CertificateTest.java
deleted file mode 100644
index 6aa8cef..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/CertificateTest.java
+++ /dev/null

@@ -1,602 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.ByteArrayInputStream;
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.AttCertIssuer;
-import org.bouncycastle.asn1.x509.AttCertValidityPeriod;
-import org.bouncycastle.asn1.x509.Attribute;
-import org.bouncycastle.asn1.x509.AttributeCertificate;
-import org.bouncycastle.asn1.x509.AttributeCertificateInfo;
-import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
-import org.bouncycastle.asn1.x509.BasicConstraints;
-import org.bouncycastle.asn1.x509.CRLDistPoint;
-import org.bouncycastle.asn1.x509.Certificate;
-import org.bouncycastle.asn1.x509.DistributionPoint;
-import org.bouncycastle.asn1.x509.ExtendedKeyUsage;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.Extensions;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.GeneralNames;
-import org.bouncycastle.asn1.x509.Holder;
-import org.bouncycastle.asn1.x509.KeyPurposeId;
-import org.bouncycastle.asn1.x509.KeyUsage;
-import org.bouncycastle.asn1.x509.PolicyInformation;
-import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
-import org.bouncycastle.asn1.x509.TBSCertificate;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class CertificateTest
-    extends SimpleTest
-{
-    //
-    // server.crt
-    //
-    byte[]  cert1 = Base64.decode(
-           "MIIDXjCCAsegAwIBAgIBBzANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx"
-         + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY"
-         + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB"
-         + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ"
-         + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU2MjFaFw0wMTA2"
-         + "MDIwNzU2MjFaMIG4MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW"
-         + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM"
-         + "dGQxFzAVBgNVBAsTDldlYnNlcnZlciBUZWFtMR0wGwYDVQQDExR3d3cyLmNvbm5l"
-         + "Y3Q0LmNvbS5hdTEoMCYGCSqGSIb3DQEJARYZd2VibWFzdGVyQGNvbm5lY3Q0LmNv"
-         + "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArvDxclKAhyv7Q/Wmr2re"
-         + "Gw4XL9Cnh9e+6VgWy2AWNy/MVeXdlxzd7QAuc1eOWQkGQEiLPy5XQtTY+sBUJ3AO"
-         + "Rvd2fEVJIcjf29ey7bYua9J/vz5MG2KYo9/WCHIwqD9mmG9g0xLcfwq/s8ZJBswE"
-         + "7sb85VU+h94PTvsWOsWuKaECAwEAAaN3MHUwJAYDVR0RBB0wG4EZd2VibWFzdGVy"
-         + "QGNvbm5lY3Q0LmNvbS5hdTA6BglghkgBhvhCAQ0ELRYrbW9kX3NzbCBnZW5lcmF0"
-         + "ZWQgY3VzdG9tIHNlcnZlciBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCBkAw"
-         + "DQYJKoZIhvcNAQEEBQADgYEAotccfKpwSsIxM1Hae8DR7M/Rw8dg/RqOWx45HNVL"
-         + "iBS4/3N/TO195yeQKbfmzbAA2jbPVvIvGgTxPgO1MP4ZgvgRhasaa0qCJCkWvpM4"
-         + "yQf33vOiYQbpv4rTwzU8AmRlBG45WdjyNIigGV+oRc61aKCTnLq7zB8N3z1TF/bF"
-         + "5/8=");
-
-    //
-    // ca.crt
-    //
-    byte[]  cert2 = Base64.decode(
-           "MIIDbDCCAtWgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx"
-         + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY"
-         + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB"
-         + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ"
-         + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU1MzNaFw0wMTA2"
-         + "MDIwNzU1MzNaMIG3MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW"
-         + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM"
-         + "dGQxHjAcBgNVBAsTFUNlcnRpZmljYXRlIEF1dGhvcml0eTEVMBMGA1UEAxMMQ29u"
-         + "bmVjdCA0IENBMSgwJgYJKoZIhvcNAQkBFhl3ZWJtYXN0ZXJAY29ubmVjdDQuY29t"
-         + "LmF1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgs5ptNG6Qv1ZpCDuUNGmv"
-         + "rhjqMDPd3ri8JzZNRiiFlBA4e6/ReaO1U8ASewDeQMH6i9R6degFdQRLngbuJP0s"
-         + "xcEE+SksEWNvygfzLwV9J/q+TQDyJYK52utb++lS0b48A1KPLwEsyL6kOAgelbur"
-         + "ukwxowprKUIV7Knf1ajetQIDAQABo4GFMIGCMCQGA1UdEQQdMBuBGXdlYm1hc3Rl"
-         + "ckBjb25uZWN0NC5jb20uYXUwDwYDVR0TBAgwBgEB/wIBADA2BglghkgBhvhCAQ0E"
-         + "KRYnbW9kX3NzbCBnZW5lcmF0ZWQgY3VzdG9tIENBIGNlcnRpZmljYXRlMBEGCWCG"
-         + "SAGG+EIBAQQEAwICBDANBgkqhkiG9w0BAQQFAAOBgQCsGvfdghH8pPhlwm1r3pQk"
-         + "msnLAVIBb01EhbXm2861iXZfWqGQjrGAaA0ZpXNk9oo110yxoqEoSJSzniZa7Xtz"
-         + "soTwNUpE0SLHvWf/SlKdFWlzXA+vOZbzEv4UmjeelekTm7lc01EEa5QRVzOxHFtQ"
-         + "DhkaJ8VqOMajkQFma2r9iA==");
-
-    //
-    // testx509.pem
-    //
-    byte[]  cert3 = Base64.decode(
-           "MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV"
-         + "BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz"
-         + "MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM"
-         + "RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF"
-         + "AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO"
-         + "/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE"
-         + "Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ"
-         + "zl9HYIMxATFyqSiD9jsx");
-
-    //
-    // v3-cert1.pem
-    //
-    byte[]  cert4 = Base64.decode(
-           "MIICjTCCAfigAwIBAgIEMaYgRzALBgkqhkiG9w0BAQQwRTELMAkGA1UEBhMCVVMx"
-         + "NjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlz"
-         + "dHJhdGlvbjAmFxE5NjA1MjgxMzQ5MDUrMDgwMBcROTgwNTI4MTM0OTA1KzA4MDAw"
-         + "ZzELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu"
-         + "ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEgMAkGA1UEBRMCMTYwEwYDVQQDEwxTdGV2"
-         + "ZSBTY2hvY2gwWDALBgkqhkiG9w0BAQEDSQAwRgJBALrAwyYdgxmzNP/ts0Uyf6Bp"
-         + "miJYktU/w4NG67ULaN4B5CnEz7k57s9o3YY3LecETgQ5iQHmkwlYDTL2fTgVfw0C"
-         + "AQOjgaswgagwZAYDVR0ZAQH/BFowWDBWMFQxCzAJBgNVBAYTAlVTMTYwNAYDVQQK"
-         + "Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x"
-         + "DTALBgNVBAMTBENSTDEwFwYDVR0BAQH/BA0wC4AJODMyOTcwODEwMBgGA1UdAgQR"
-         + "MA8ECTgzMjk3MDgyM4ACBSAwDQYDVR0KBAYwBAMCBkAwCwYJKoZIhvcNAQEEA4GB"
-         + "AH2y1VCEw/A4zaXzSYZJTTUi3uawbbFiS2yxHvgf28+8Js0OHXk1H1w2d6qOHH21"
-         + "X82tZXd/0JtG0g1T9usFFBDvYK8O0ebgz/P5ELJnBL2+atObEuJy1ZZ0pBDWINR3"
-         + "WkDNLCGiTkCKp0F5EWIrVDwh54NNevkCQRZita+z4IBO");
-
-    //
-    // v3-cert2.pem
-    //
-    byte[]  cert5 = Base64.decode(
-           "MIICiTCCAfKgAwIBAgIEMeZfHzANBgkqhkiG9w0BAQQFADB9MQswCQYDVQQGEwJD"
-         + "YTEPMA0GA1UEBxMGTmVwZWFuMR4wHAYDVQQLExVObyBMaWFiaWxpdHkgQWNjZXB0"
-         + "ZWQxHzAdBgNVBAoTFkZvciBEZW1vIFB1cnBvc2VzIE9ubHkxHDAaBgNVBAMTE0Vu"
-         + "dHJ1c3QgRGVtbyBXZWIgQ0EwHhcNOTYwNzEyMTQyMDE1WhcNOTYxMDEyMTQyMDE1"
-         + "WjB0MSQwIgYJKoZIhvcNAQkBExVjb29rZUBpc3NsLmF0bC5ocC5jb20xCzAJBgNV"
-         + "BAYTAlVTMScwJQYDVQQLEx5IZXdsZXR0IFBhY2thcmQgQ29tcGFueSAoSVNTTCkx"
-         + "FjAUBgNVBAMTDVBhdWwgQS4gQ29va2UwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA"
-         + "6ceSq9a9AU6g+zBwaL/yVmW1/9EE8s5you1mgjHnj0wAILuoB3L6rm6jmFRy7QZT"
-         + "G43IhVZdDua4e+5/n1ZslwIDAQABo2MwYTARBglghkgBhvhCAQEEBAMCB4AwTAYJ"
-         + "YIZIAYb4QgENBD8WPVRoaXMgY2VydGlmaWNhdGUgaXMgb25seSBpbnRlbmRlZCBm"
-         + "b3IgZGVtb25zdHJhdGlvbiBwdXJwb3Nlcy4wDQYJKoZIhvcNAQEEBQADgYEAi8qc"
-         + "F3zfFqy1sV8NhjwLVwOKuSfhR/Z8mbIEUeSTlnH3QbYt3HWZQ+vXI8mvtZoBc2Fz"
-         + "lexKeIkAZXCesqGbs6z6nCt16P6tmdfbZF3I3AWzLquPcOXjPf4HgstkyvVBn0Ap"
-         + "jAFN418KF/Cx4qyHB4cjdvLrRjjQLnb2+ibo7QU=");
-
-   byte[] cert6 = Base64.decode(
-       "MIIEDjCCAvagAwIBAgIEFAAq2jANBgkqhkiG9w0BAQUFADBLMSowKAYDVQQDEyFT"
-    + "dW4gTWljcm9zeXN0ZW1zIEluYyBDQSAoQ2xhc3MgQikxHTAbBgNVBAoTFFN1biBN"
-    + "aWNyb3N5c3RlbXMgSW5jMB4XDTA0MDIyOTAwNDMzNFoXDTA5MDMwMTAwNDMzNFow"
-    + "NzEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJbmMxFjAUBgNVBAMTDXN0b3Jl"
-    + "LnN1bi5jb20wgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAP9ErzFT7MPg2bVV"
-    + "LNmHTgN4kmiRNlPpuLGWS7EDIXYBbLeSSOCp/e1ANcOGnsuf0WIq9ejd/CPyEfh4"
-    + "sWoVvQzpOfHZ/Jyei29PEuxzWT+4kQmCx3+sLK25lAnDFsz1KiFmB6Y3GJ/JSjpp"
-    + "L0Yy1R9YlIc82I8gSw44y5JDABW5AgMBAAGjggGQMIIBjDAOBgNVHQ8BAf8EBAMC"
-    + "BaAwHQYDVR0OBBYEFG1WB3PApZM7OPPVWJ31UrERaoKWMEcGA1UdIARAMD4wPAYL"
-    + "YIZIAYb3AIN9k18wLTArBggrBgEFBQcCARYfaHR0cDovL3d3dy5zdW4uY29tL3Br"
-    + "aS9jcHMuaHRtbDCBhQYDVR0fBH4wfDB6oCegJYYjaHR0cDovL3d3dy5zdW4uY29t"
-    + "L3BraS9wa2lzbWljYS5jcmyiT6RNMEsxKjAoBgNVBAMTIVN1biBNaWNyb3N5c3Rl"
-    + "bXMgSW5jIENBIChDbGFzcyBCKTEdMBsGA1UEChMUU3VuIE1pY3Jvc3lzdGVtcyBJ"
-    + "bmMwHwYDVR0jBBgwFoAUT7ZnqR/EEBSgG6h1wdYMI5RiiWswVAYIKwYBBQUHAQEE"
-    + "SDBGMB0GCCsGAQUFBzABhhFodHRwOi8vdmEuc3VuLmNvbTAlBggrBgEFBQcwAYYZ"
-    + "aHR0cDovL3ZhLmNlbnRyYWwuc3VuLmNvbTATBgNVHSUEDDAKBggrBgEFBQcDATAN"
-    + "BgkqhkiG9w0BAQUFAAOCAQEAq3byQgyU24tBpR07iQK7agm1zQyzDQ6itdbji0ln"
-    + "T7fOd5Pnp99iig8ovwWliNtXKAmgtJY60jWz7nEuk38AioZJhS+RPWIWX/+2PRV7"
-    + "s2aWTzM3n43BypD+jU2qF9c9kDWP/NW9K9IcrS7SfU/2MZVmiCMD/9FEL+CWndwE"
-    + "JJQ/oenXm44BFISI/NjV7fMckN8EayPvgtzQkD5KnEiggOD6HOrwTDFR+tmAEJ0K"
-    + "ZttQNwOzCOcEdxXTg6qBHUbONdL7bjTT5NzV+JR/bnfiCqHzdnGwfbHzhmrnXw8j"
-    + "QCVXcfBfL9++nmpNNRlnJMRdYGeCY6OAfh/PRo8/fXak1Q==");
-   
-   byte[] cert7 = Base64.decode(
-     "MIIFJDCCBAygAwIBAgIKEcJZuwAAAAAABzANBgkqhkiG9w0BAQUFADAPMQ0wCwYD"
-    + "VQQDEwRNU0NBMB4XDTA0MDUyMjE2MTM1OFoXDTA1MDUyMjE2MjM1OFowaTEbMBkG"
-    + "CSqGSIb3DQEJCBMMMTkyLjE2OC4xLjMzMScwJQYJKoZIhvcNAQkCExhwaXhmaXJl"
-    + "d2FsbC5jaXNjb3BpeC5jb20xITAfBgNVBAMTGHBpeGZpcmV3YWxsLmNpc2NvcGl4"
-    + "LmNvbTB8MA0GCSqGSIb3DQEBAQUAA2sAMGgCYQCbcsY7vrjweXZiFQdhUafEjJV+"
-    + "HRy5UKmuCy0237ffmYrN+XNLw0h90cdCSK6KPZebd2E2Bc2UmTikc/FY8meBT3/E"
-    + "O/Osmywzi++Ur8/IrDvtuR1zd0c/xEPnV1ZRezkCAwEAAaOCAs4wggLKMAsGA1Ud"
-    + "DwQEAwIFoDAdBgNVHQ4EFgQUzJBSxkQiN9TKvhTMQ1/Aq4gZnHswHwYDVR0jBBgw"
-    + "FoAUMsxzXVh+5UKMNpwNHmqSfcRYfJ4wgfcGA1UdHwSB7zCB7DCB6aCB5qCB44aB"
-    + "r2xkYXA6Ly8vQ049TVNDQSxDTj1NQVVELENOPUNEUCxDTj1QdWJsaWMlMjBLZXkl"
-    + "MjBTZXJ2aWNlcyxDTj1TZXJ2aWNlcyxDTj1Db25maWd1cmF0aW9uLERDPWludCxE"
-    + "Qz1wcmltZWtleSxEQz1zZT9jZXJ0aWZpY2F0ZVJldm9jYXRpb25MaXN0P2Jhc2U/"
-    + "b2JqZWN0Q2xhc3M9Y1JMRGlzdHJpYnV0aW9uUG9pbnSGL2h0dHA6Ly9tYXVkLmlu"
-    + "dC5wcmltZWtleS5zZS9DZXJ0RW5yb2xsL01TQ0EuY3JsMIIBEAYIKwYBBQUHAQEE"
-    + "ggECMIH/MIGqBggrBgEFBQcwAoaBnWxkYXA6Ly8vQ049TVNDQSxDTj1BSUEsQ049"
-    + "UHVibGljJTIwS2V5JTIwU2VydmljZXMsQ049U2VydmljZXMsQ049Q29uZmlndXJh"
-    + "dGlvbixEQz1pbnQsREM9cHJpbWVrZXksREM9c2U/Y0FDZXJ0aWZpY2F0ZT9iYXNl"
-    + "P29iamVjdENsYXNzPWNlcnRpZmljYXRpb25BdXRob3JpdHkwUAYIKwYBBQUHMAKG"
-    + "RGh0dHA6Ly9tYXVkLmludC5wcmltZWtleS5zZS9DZXJ0RW5yb2xsL01BVUQuaW50"
-    + "LnByaW1la2V5LnNlX01TQ0EuY3J0MCwGA1UdEQEB/wQiMCCCGHBpeGZpcmV3YWxs"
-    + "LmNpc2NvcGl4LmNvbYcEwKgBITA/BgkrBgEEAYI3FAIEMh4wAEkAUABTAEUAQwBJ"
-    + "AG4AdABlAHIAbQBlAGQAaQBhAHQAZQBPAGYAZgBsAGkAbgBlMA0GCSqGSIb3DQEB"
-    + "BQUAA4IBAQCa0asiPbObLJjpSz6ndJ7y4KOWMiuuBc/VQBnLr7RBCF3ZlZ6z1+e6"
-    + "dmv8se/z11NgateKfxw69IhLCriA960HEgX9Z61MiVG+DrCFpbQyp8+hPFHoqCZN"
-    + "b7upc8k2OtJW6KPaP9k0DW52YQDIky4Vb2rZeC4AMCorWN+KlndHhr1HFA14HxwA"
-    + "4Mka0FM6HNWnBV2UmTjBZMDr/OrGH1jLYIceAaZK0X2R+/DWXeeqIga8jwP5empq"
-    + "JetYnkXdtTbEh3xL0BX+mZl8vDI+/PGcwox/7YjFmyFWphRMxk9CZ3rF2/FQWMJP"
-    + "YqQpKiQOmQg5NAhcwffLAuVjVVibPYqi");
-
-   byte[] cert8 = Base64.decode(
-     "MIIB0zCCATwCAQEwbqBsMGekZTBjMQswCQYDVQQGEwJERTELMAkGA1UECBMCQlkx"
-    + "EzARBgNVBAcTClJlZ2Vuc2J1cmcxEDAOBgNVBAoTB0FDIFRlc3QxCzAJBgNVBAsT" 
-    + "AkNBMRMwEQYDVQQDEwpBQyBUZXN0IENBAgEBoHYwdKRyMHAxCzAJBgNVBAYTAkRF"
-    + "MQswCQYDVQQIEwJCWTETMBEGA1UEBxMKUmVnZW5zYnVyZzESMBAGA1UEChMJQUMg"
-    + "SXNzdWVyMRowGAYDVQQLExFBQyBJc3N1ZXIgc2VjdGlvbjEPMA0GA1UEAxMGQUMg"
-    + "TWFuMA0GCSqGSIb3DQEBBQUAAgEBMCIYDzIwMDQxMTI2MTI1MjUxWhgPMjAwNDEy"
-    + "MzEyMzAwMDBaMBkwFwYDVRhIMRAwDoEMREFVMTIzNDU2Nzg5MA0GCSqGSIb3DQEB"
-    + "BQUAA4GBABd4Odx3yEMGL/BvItuT1RafNR2uuWuZbajg0pD6bshUsl+WCIfRiEkq"
-    + "lHMkpI7WqAZikdnAEQ5jQsVWEuVejWxR6gjejKxc0fb9qpIui7/GoI5Eh6dmG20e"
-    + "xbwJL3+6YYFrZwxR8cC5rPvWrblUR5XKJy+Zp/H5+t9iANnL1L8J");
-
-    // V1 attribute certificate
-    private static final byte[] attrCertv1 = Base64.decode(
-        "MIIFdDCCBFygXTBbMFOkUTBPMQswCQYDVQQGEwJERTEcMBoGA1UECgwTRGV1"
-      + "dHNjaGUgVGVsZWtvbSBBRzEiMCAGA1UEAwwZVGVsZVNlYyBQS1MgU2lnRyBD"
-      + "QSAxNzpQTgIEG1toDjBTpFEwTzELMAkGA1UEBhMCREUxHDAaBgNVBAoME0Rl"
-      + "dXRzY2hlIFRlbGVrb20gQUcxIjAgBgNVBAMMGVRlbGVTZWMgUEtTIFNpZ0cg"
-      + "Q0EgMjU6UE4wDQYJKoZIhvcNAQELBQACBCep3f0wIhgPMjAxMDA0MTIxMTI5"
-      + "MTJaGA8yMDEyMDQxMjEwNTkyOFowggGmMIIBogYFKyQIAwgxggGXDIIBk1Ro"
-      + "ZSBxdWFsaWZpZWQgc2lnbmF0dXJlIGF0IGhhbmQgaXMgcmVzdHJpY3RlZCB0"
-      + "byBwcmVzZW50aW5nIGludm9pY2VzIG9yIGNyZWRpdHMgdG8gY3VzdG9tZXJz"
-      + "IGFjY29yZGluZyB0byBFVSBDb3VuY2lsIGRpcmVjdGl2ZSAyMDAxLzExNS9F"
-      + "QyAoMjB0aCBEZWNlbWJlciAyMDAxKSBhbmQgR2VybWFuIFZBVCB0YXggKMKn"
-      + "MTQgVVN0RykuICBEaWUgdm9ybGllZ2VuZGUgcXVhbGlmaXppZXJ0ZSBTaWdu"
-      + "YXR1ciBpc3QgYXVmIGRpZSAgUHJhZXNlbnRhdGlvbiB2b24gUmVjaG51bmdl"
-      + "biBvZGVyIEd1dHNjaHJpZnRlbiBnZW1hZXNzIEVVIERpcmVrdGl2ZSAyMDAx"
-      + "LzExNS9FQyAoMjAuIERlemVtYmVyIDIwMDEpIHVuZCBkZXV0c2NoZW0gVW1z"
-      + "YXR6c3RldWVyZ2VzZXR6ICAowqcxNCBVU3RHKSBiZXNjaHJhZW5rdC4wggHB"
-      + "MB8GA1UdIwQYMBaAFM6i1yR/z8IikpxpU/Fdh8BPxhq8MEMGA1UdIAQ8MDow"
-      + "OAYFKyQIAQEwLzAtBggrBgEFBQcCARYhaHR0cDovL3Brcy50ZWxlc2VjLmRl"
-      + "L2Nwcy9jcHMucGRmMIIBBAYDVR0fBIH8MIH5MIH2oG2ga4Y1bGRhcDovL3Br"
-      + "cy1sZGFwLnRlbGVzZWMuZGUvbz1EZXV0c2NoZSBUZWxla29tIEFHLGM9ZGWG"
-      + "Mmh0dHA6Ly9wa3MudGVsZXNlYy5kZS90ZWxlc2VjL3NlcnZsZXQvZG93bmxv"
-      + "YWRfY3JsooGEpIGBMH8xCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2No"
-      + "ZSBUZWxla29tIEFHMR8wHQYDVQQLFBZQcm9kdWt0emVudHJ1bSBUZWxlU2Vj"
-      + "MTEwDAYHAoIGAQoHFBMBMTAhBgNVBAMUGlRlbGVTZWMgUEtTIFNpZ0cgRElS"
-      + "IDM1OlBOMDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAYYbaHR0cDovL3Br"
-      + "cy50ZWxlc2VjLmRlL29jc3ByMBgGCCsGAQUFBwEDBAwwCjAIBgYEAI5GAQEw"
-      + "DQYJKoZIhvcNAQELBQADggEBAEz2OvU9YytJUKHMDQcND5njIyUXTkSrlWjV"
-      + "F28uwxVlveO4JPTAY7PvXy69HUuTPwlvqCfJIUF2RLPZFQx0wFto8ajC9v5X"
-      + "SqwQcINXRakpE6FPAdQFnH44TaIQWXW1hy9xr8GuD0uhQLTJGYqVzHfLoM8e"
-      + "llPNHUVhC7CEOxDb1PTHCUlQFNkFRmeeqzEVoj1F0pM6wI5zf8+w2WwrFPCD"
-      + "jrjEr/VoBRoEi/tKnsLq6oOkizUKT0KJEnSyYxoOa7euT1yX+Co94SPnMZi5"
-      + "qukHSj8Kiio6Jecl//qDPG/mHo1ro+8rH+rbze7EEfKMp5yeWCwXGthL9oYo"
-      + "RYl+UuI=");
-
-
-    // bad issuer certificate
-    private static final byte[] dudCert = Base64.decode(
-        "MIICLzCCAZgCBFp/9TowDQYJKoZIhvcNAQEFBQAwAjEAMB4XDTA4MDcyNTEzNTQ0" +
-        "MFoXDTEzMDgyNTA1MDAwMFowgboxCzAJBgNVBAYTAlVTMQ0wCwYDVQQIEwRJb3dh" +
-        "MRMwEQYDVQQHEwpEZXMgTW9pbmVzMT0wOwYDVQQKEzRTdGF0ZSBvZiBJb3dhLCBE" +
-        "ZXBhcnRtZW50IG9mIEFkbWluaXN0cmF0aXZlIFNlcnZpY2VzMSowKAYDVQQLEyFJ" +
-        "bmZvcm1hdGlvbiBUZWNobm9sb2d5IEVudGVycHJpc2UxHDAaBgNVBAMTE3d3dy5k" +
-        "b20uc3RhdGUuaWEudXMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAK0C7Jca" +
-        "C0RiD0hcBcPUdGc78y815yPuHGmF/A2K+3LbwfFXDhsY7ebRxHVfL7gt+nFBvJ2r" +
-        "MqDBIMHFB3vYdSnGbND41eso6cLnzkMVtSisG25Tat3F8BF/js54sa0mFEn4qMQ+" +
-        "6T6jxyPflsjKpmi6L7lfRdPNbBbKSmK9ik2lAgMBAAEwDQYJKoZIhvcNAQEFBQAD" +
-        "gYEAc9Rx95MiPzJiCn3nOoP+3PPQCGTyUcUWZfYKXuC7aOzMYUXes71Q3K1/W6Vy" +
-        "V2Tlrbj0KT8j2/kBmy8+7d5whnUklJNsH6VJMst3V4Uxvk3os+uaW0FHsW389sNY" +
-        "/5LdslDjfqV2nUc2GqDPn38PATL26SRJKlCvU2NagdID3WM="
-    );
-
-   String[] subjects = 
-   {
-       "C=AU,ST=Victoria,L=South Melbourne,O=Connect 4 Pty Ltd,OU=Webserver Team,CN=www2.connect4.com.au,E=webmaster@connect4.com.au",
-       "C=AU,ST=Victoria,L=South Melbourne,O=Connect 4 Pty Ltd,OU=Certificate Authority,CN=Connect 4 CA,E=webmaster@connect4.com.au",
-       "C=AU,ST=QLD,CN=SSLeay/rsa test cert",
-       "C=US,O=National Aeronautics and Space Administration,SERIALNUMBER=16+CN=Steve Schoch",
-       "E=cooke@issl.atl.hp.com,C=US,OU=Hewlett Packard Company (ISSL),CN=Paul A. Cooke",
-       "O=Sun Microsystems Inc,CN=store.sun.com",
-       "unstructuredAddress=192.168.1.33,unstructuredName=pixfirewall.ciscopix.com,CN=pixfirewall.ciscopix.com"
-    };
-
-    public String getName()
-    {
-        return "Certificate";
-    }
-
-    public void checkCertificate(
-        int     id,
-        byte[]  cert)
-        throws Exception
-    {
-        ByteArrayInputStream bIn = new ByteArrayInputStream(cert);
-        ASN1InputStream aIn = new ASN1InputStream(bIn);
-
-        ASN1Sequence      seq = (ASN1Sequence)aIn.readObject();
-//        String dump = ASN1Dump.dumpAsString(seq);
-
-        Certificate obj = Certificate.getInstance(seq);
-        TBSCertificate     tbsCert = obj.getTBSCertificate();
-        
-        if (!tbsCert.getSubject().toString().equals(subjects[id - 1]))
-        {
-            fail("failed subject test for certificate id " + id + " got " + tbsCert.getSubject().toString());
-        }
-        
-        if (tbsCert.getVersionNumber() == 3)
-        {
-            Extensions                ext = tbsCert.getExtensions();
-            if (ext != null)
-            {
-                Enumeration    en = ext.oids();
-                while (en.hasMoreElements())
-                {
-                    ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)en.nextElement();
-                    Extension            extVal = ext.getExtension(oid);
-                    
-                    ASN1OctetString        oct = extVal.getExtnValue();
-                    ASN1InputStream        extIn = new ASN1InputStream(new ByteArrayInputStream(oct.getOctets()));
-                    
-                    if (oid.equals(Extension.subjectKeyIdentifier))
-                    {
-                        SubjectKeyIdentifier si = SubjectKeyIdentifier.getInstance(extIn.readObject());
-
-                        if (!si.equals(SubjectKeyIdentifier.fromExtensions(ext)))
-                        {
-                            fail("SubjectKeyIdentifier not matched");
-                        }
-                    }
-                    else if (oid.equals(Extension.keyUsage))
-                    {
-                        KeyUsage ku = KeyUsage.getInstance(extIn.readObject());
-
-                        if (!ku.equals(KeyUsage.fromExtensions(ext)))
-                        {
-                            fail("KeyUsage not matched");
-                        }
-                    }
-                    else if (oid.equals(Extension.extendedKeyUsage))
-                    {
-                        ExtendedKeyUsage ku = ExtendedKeyUsage.getInstance(extIn.readObject());
-                        
-                        ASN1Sequence    sq = (ASN1Sequence)ku.toASN1Primitive();
-                        for (int i = 0; i != sq.size(); i++)
-                        {
-                            ASN1ObjectIdentifier    p = ASN1ObjectIdentifier.getInstance(KeyPurposeId.getInstance(sq.getObjectAt(i)));
-                        }
-
-                        if (!ku.equals(ExtendedKeyUsage.fromExtensions(ext)))
-                        {
-                            fail("ExtendedKeyUsage not matched");
-                        }
-                    }
-                    else if (oid.equals(Extension.subjectAlternativeName))
-                    {
-                        GeneralNames    gn = GeneralNames.getInstance(extIn.readObject());
-                        
-                        ASN1Sequence    sq = (ASN1Sequence)gn.toASN1Primitive();
-                        for (int i = 0; i != sq.size(); i++)
-                        {
-                            GeneralName    n = GeneralName.getInstance(sq.getObjectAt(i));
-                        }
-                    }
-                    else if (oid.equals(Extension.issuerAlternativeName))
-                    {
-                        GeneralNames    gn = GeneralNames.getInstance(extIn.readObject());
-                        
-                        ASN1Sequence    sq = (ASN1Sequence)gn.toASN1Primitive();
-                        for (int i = 0; i != sq.size(); i++)
-                        {
-                            GeneralName    n = GeneralName.getInstance(sq.getObjectAt(i));
-                        }
-                    }
-                    else if (oid.equals(Extension.cRLDistributionPoints))
-                    {
-                        CRLDistPoint    p = CRLDistPoint.getInstance(extIn.readObject());
-                        
-                        DistributionPoint[] points = p.getDistributionPoints();
-                        for (int i = 0; i != points.length; i++)
-                        {
-                            // do nothing
-                        }
-                    }
-                    else if (oid.equals(Extension.certificatePolicies))
-                    {
-                        ASN1Sequence    cp = (ASN1Sequence)extIn.readObject();
-                        
-                        for (int i = 0; i != cp.size(); i++)
-                        {
-                            PolicyInformation.getInstance(cp.getObjectAt(i));
-                        }
-                    }
-                    else if (oid.equals(Extension.authorityKeyIdentifier))
-                    {
-                        AuthorityKeyIdentifier    auth = AuthorityKeyIdentifier.getInstance(extIn.readObject());
-
-                        if (!auth.equals(AuthorityKeyIdentifier.fromExtensions(ext)))
-                        {
-                            fail("AuthorityKeyIdentifier not matched");
-                        }
-                    }
-                    else if (oid.equals(Extension.basicConstraints))
-                    {
-                        BasicConstraints    bc = BasicConstraints.getInstance(extIn.readObject());
-
-                        if (!bc.equals(BasicConstraints.fromExtensions(ext)))
-                        {
-                            fail("BasicConstraints not matched");
-                        }
-                    }
-                    else
-                    {
-                        //System.out.println(oid.getId());
-                    }
-                }
-            }
-        }
-    }
-
-
-    public void checkAttributeCertificate(
-        int     id,
-        byte[]  cert)
-        throws Exception
-    {
-        ByteArrayInputStream bIn;
-        ASN1InputStream aIn;
-
-        bIn = new ByteArrayInputStream(cert);
-        aIn = new ASN1InputStream(bIn);
-
-        ASN1Sequence seq = (ASN1Sequence) aIn.readObject();
-//        String dump = ASN1Dump.dumpAsString(seq);
-
-        AttributeCertificate obj = AttributeCertificate.getInstance(seq);
-        AttributeCertificateInfo acInfo = obj.getAcinfo();
-
-        // Version
-        if (!(acInfo.getVersion().equals(new ASN1Integer(1)))
-                && (!(acInfo.getVersion().equals(new ASN1Integer(2)))))
-        {
-            fail(
-                    "failed AC Version test for id " + id);
-        }
-
-        // Holder
-        Holder h = acInfo.getHolder();
-        if (h == null)
-        {
-            fail(
-                    "failed AC Holder test, it's null, for id " + id);
-        }
-
-        // Issuer
-        AttCertIssuer aci = acInfo.getIssuer();
-        if (aci == null)
-        {
-            fail(
-                    "failed AC Issuer test, it's null, for id " + id);
-        }
-
-        // Signature
-        AlgorithmIdentifier sig = acInfo.getSignature();
-        if (sig == null)
-        {
-            fail(
-                    "failed AC Signature test for id " + id);
-        }
-
-        // Serial
-        ASN1Integer serial = acInfo.getSerialNumber();
-
-        // Validity
-        AttCertValidityPeriod validity = acInfo.getAttrCertValidityPeriod();
-        if (validity == null)
-        {
-            fail("failed AC AttCertValidityPeriod test for id " + id);
-        }
-
-        // Attributes
-        ASN1Sequence attribSeq = acInfo.getAttributes();
-        Attribute att[] = new Attribute[attribSeq.size()];
-        for (int i = 0; i < attribSeq.size(); i++)
-        {
-            att[i] = Attribute.getInstance(attribSeq.getObjectAt(i));
-        }
-
-        // IssuerUniqueId
-        // TODO, how to best test?
-
-        // X509 Extensions
-        Extensions ext = acInfo.getExtensions();
-        if (ext != null)
-        {
-            Enumeration en = ext.oids();
-            while (en.hasMoreElements())
-            {
-                ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) en
-                        .nextElement();
-                Extension extVal = ext.getExtension(oid);
-            }
-        }
-    }
-
-    public void checkV1AttributeCertificate(
-        int     id,
-        byte[]  cert)
-        throws Exception
-    {
-        ByteArrayInputStream bIn;
-        ASN1InputStream aIn;
-
-        bIn = new ByteArrayInputStream(cert);
-        aIn = new ASN1InputStream(bIn);
-
-        ASN1Sequence seq = (ASN1Sequence) aIn.readObject();
-        //String dump = ASN1Dump.dumpAsString(seq);
-
-        AttributeCertificate obj = AttributeCertificate.getInstance(seq);
-        AttributeCertificateInfo acInfo = obj.getAcinfo();
-
-        // Version
-        if (!(acInfo.getVersion().equals(new ASN1Integer(0))))
-        {
-            fail(
-                    "failed AC Version test for id " + id);
-        }
-
-        // Holder
-        Holder h = acInfo.getHolder();
-        if (h == null)
-        {
-            fail(
-                    "failed AC Holder test, it's null, for id " + id);
-        }
-
-        // Issuer
-        AttCertIssuer aci = acInfo.getIssuer();
-        if (aci == null)
-        {
-            fail(
-                    "failed AC Issuer test, it's null, for id " + id);
-        }
-
-        // Signature
-        AlgorithmIdentifier sig = acInfo.getSignature();
-        if (sig == null)
-        {
-            fail(
-                    "failed AC Signature test for id " + id);
-        }
-
-        // Serial
-        ASN1Integer serial = acInfo.getSerialNumber();
-
-        // Validity
-        AttCertValidityPeriod validity = acInfo.getAttrCertValidityPeriod();
-        if (validity == null)
-        {
-            fail("failed AC AttCertValidityPeriod test for id " + id);
-        }
-
-        // Attributes
-        ASN1Sequence attribSeq = acInfo.getAttributes();
-        Attribute att[] = new Attribute[attribSeq.size()];
-        for (int i = 0; i < attribSeq.size(); i++)
-        {
-            att[i] = Attribute.getInstance(attribSeq.getObjectAt(i));
-        }
-
-        // IssuerUniqueId
-        // TODO, how to best test?
-
-        // X509 Extensions
-        Extensions ext = acInfo.getExtensions();
-        if (ext != null)
-        {
-            Enumeration en = ext.oids();
-            while (en.hasMoreElements())
-            {
-                ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) en
-                        .nextElement();
-                Extension extVal = ext.getExtension(oid);
-            }
-        }
-    }
-
-    private void checkDudCertificate()
-    {
-        Certificate cert = Certificate.getInstance(dudCert);
-
-        if (!"".equals(cert.getIssuer().toString()))
-        {
-            fail("empty issuer not recognised correctly");
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        checkCertificate(1, cert1);
-        checkCertificate(2, cert2);
-        checkCertificate(3, cert3);
-        checkCertificate(4, cert4);
-        checkCertificate(5, cert5);
-        checkCertificate(6, cert6);
-        checkCertificate(7, cert7);
-        checkAttributeCertificate(8,cert8);
-        checkV1AttributeCertificate(9, attrCertv1);
-        checkDudCertificate();
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new CertificateTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/CertifiedKeyPairTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/CertifiedKeyPairTest.java
deleted file mode 100644
index c3b0dbf..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/CertifiedKeyPairTest.java
+++ /dev/null

@@ -1,113 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.cmp.CMPCertificate;
-import org.bouncycastle.asn1.cmp.CertOrEncCert;
-import org.bouncycastle.asn1.cmp.CertifiedKeyPair;
-import org.bouncycastle.asn1.crmf.EncryptedValue;
-import org.bouncycastle.asn1.crmf.PKIPublicationInfo;
-import org.bouncycastle.asn1.x509.Certificate;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class CertifiedKeyPairTest
-    extends SimpleTest
-{
-    byte[]  cert1 = Base64.decode(
-           "MIIDXjCCAsegAwIBAgIBBzANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx"
-         + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY"
-         + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB"
-         + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ"
-         + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU2MjFaFw0wMTA2"
-         + "MDIwNzU2MjFaMIG4MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW"
-         + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM"
-         + "dGQxFzAVBgNVBAsTDldlYnNlcnZlciBUZWFtMR0wGwYDVQQDExR3d3cyLmNvbm5l"
-         + "Y3Q0LmNvbS5hdTEoMCYGCSqGSIb3DQEJARYZd2VibWFzdGVyQGNvbm5lY3Q0LmNv"
-         + "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArvDxclKAhyv7Q/Wmr2re"
-         + "Gw4XL9Cnh9e+6VgWy2AWNy/MVeXdlxzd7QAuc1eOWQkGQEiLPy5XQtTY+sBUJ3AO"
-         + "Rvd2fEVJIcjf29ey7bYua9J/vz5MG2KYo9/WCHIwqD9mmG9g0xLcfwq/s8ZJBswE"
-         + "7sb85VU+h94PTvsWOsWuKaECAwEAAaN3MHUwJAYDVR0RBB0wG4EZd2VibWFzdGVy"
-         + "QGNvbm5lY3Q0LmNvbS5hdTA6BglghkgBhvhCAQ0ELRYrbW9kX3NzbCBnZW5lcmF0"
-         + "ZWQgY3VzdG9tIHNlcnZlciBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCBkAw"
-         + "DQYJKoZIhvcNAQEEBQADgYEAotccfKpwSsIxM1Hae8DR7M/Rw8dg/RqOWx45HNVL"
-         + "iBS4/3N/TO195yeQKbfmzbAA2jbPVvIvGgTxPgO1MP4ZgvgRhasaa0qCJCkWvpM4"
-         + "yQf33vOiYQbpv4rTwzU8AmRlBG45WdjyNIigGV+oRc61aKCTnLq7zB8N3z1TF/bF"
-         + "5/8=");
-
-    byte[] encEncryptedValue = Hex.decode(
-        "30820145a11d060960864801650304010204109ed75dc2111f006e0ea707583" +
-            "daa49898241001fad2520dec6122c51f9f292fc96de9adb881a2101a49155de" +
-            "3e4b04a4699ee517d7a7623679812f62e0fc996854d89df2daa6850862f11e4" +
-            "f1751768e8a1a8da30d06092a864886f70d01010105000381d100bb1084782a" +
-            "3b326390ce1096b44eda81e89b24e117c22b197a0df3ff3d181a5e3d96f30f6" +
-            "a7f8b545733a867f27f299ff3c2c0ec64bcdca18f566a5e3be893e4842a7442" +
-            "184a4d147066515d8bcb9aa7d8e6655937e393b2c45186119bf0869702fc58a" +
-            "ae8a983ce5b54cf5273bcd2e5273e219e2947e41446612c8cf8f4d9e1ede52d" +
-            "25e00d505485083ea8359f7767c0ae66ff47894f9d621459f50f60e0376059a" +
-            "6a3b6fe7caca1c13274cf549f6721cf9f3654462687c7392a1c0efea2f393d9" +
-            "4a5d33b829de8bd521c7205069db");
-
-    public void performTest()
-        throws Exception
-    {
-        CertOrEncCert certOrEncCert = new CertOrEncCert(new CMPCertificate(Certificate.getInstance(cert1)));
-
-        CertifiedKeyPair ckp = new CertifiedKeyPair(certOrEncCert);
-
-        isEquals(certOrEncCert, ckp.getCertOrEncCert());
-        isTrue(null == ckp.getPrivateKey());
-        isTrue(null == ckp.getPublicationInfo());
-
-        encEqualTest(ckp);
-
-        PKIPublicationInfo pubInfo = new PKIPublicationInfo(PKIPublicationInfo.dontPublish);
-        ckp = new CertifiedKeyPair(certOrEncCert, null, pubInfo);
-
-        isEquals(certOrEncCert, ckp.getCertOrEncCert());
-        isTrue(null == ckp.getPrivateKey());
-        isEquals(pubInfo, ckp.getPublicationInfo());
-
-        encEqualTest(ckp);
-
-        EncryptedValue encValue = EncryptedValue.getInstance(encEncryptedValue);
-
-        ckp = new CertifiedKeyPair(certOrEncCert, encValue, null);
-
-        isEquals(certOrEncCert, ckp.getCertOrEncCert());
-        isEquals(encValue, ckp.getPrivateKey());
-        isTrue(null == ckp.getPublicationInfo());
-
-        encEqualTest(ckp);
-
-        ckp = new CertifiedKeyPair(certOrEncCert, encValue, pubInfo);
-
-        isEquals(certOrEncCert, ckp.getCertOrEncCert());
-        isEquals(encValue, ckp.getPrivateKey());
-        isEquals(pubInfo, ckp.getPublicationInfo());
-
-        encEqualTest(ckp);
-    }
-
-    private void encEqualTest(CertifiedKeyPair ckp)
-        throws IOException
-    {
-        byte[] b = ckp.getEncoded();
-
-        CertifiedKeyPair ckpResult = CertifiedKeyPair.getInstance(b);
-
-        isEquals(ckp, ckpResult);
-    }
-
-    public String getName()
-    {
-        return "CertifiedKeyPairTest";
-    }
-
-    public static void main(String[] args) {
-        runTest(new CertifiedKeyPairTest());
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/CommitmentTypeIndicationUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/CommitmentTypeIndicationUnitTest.java
deleted file mode 100644
index eca88ba..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/CommitmentTypeIndicationUnitTest.java
+++ /dev/null

@@ -1,103 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.esf.CommitmentTypeIdentifier;
-import org.bouncycastle.asn1.esf.CommitmentTypeIndication;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class CommitmentTypeIndicationUnitTest 
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "CommitmentTypeIndication";
-    }
-
-    public void performTest() 
-        throws Exception
-    {
-        CommitmentTypeIndication cti = new CommitmentTypeIndication(CommitmentTypeIdentifier.proofOfOrigin);
-        
-        checkConstruction(cti, CommitmentTypeIdentifier.proofOfOrigin, null);
-        
-        ASN1Sequence qualifier = new DERSequence(new ASN1ObjectIdentifier("1.2"));
-        
-        cti = new CommitmentTypeIndication(CommitmentTypeIdentifier.proofOfOrigin, qualifier);
-
-        checkConstruction(cti, CommitmentTypeIdentifier.proofOfOrigin, qualifier);
-        
-        cti = CommitmentTypeIndication.getInstance(null);
-        
-        if (cti != null)
-        {
-            fail("null getInstance() failed.");
-        }
-        
-        try
-        {
-            CommitmentTypeIndication.getInstance(new Object());
-            
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void checkConstruction(
-         CommitmentTypeIndication mv,
-         ASN1ObjectIdentifier commitmenttTypeId,
-         ASN1Encodable qualifier) 
-         throws IOException
-    {
-        checkStatement(mv, commitmenttTypeId, qualifier);
-        
-        mv = CommitmentTypeIndication.getInstance(mv);
-        
-        checkStatement(mv, commitmenttTypeId, qualifier);
-        
-        ASN1InputStream aIn = new ASN1InputStream(mv.toASN1Primitive().getEncoded());
-
-        ASN1Sequence seq = (ASN1Sequence)aIn.readObject();
-        
-        mv = CommitmentTypeIndication.getInstance(seq);
-        
-        checkStatement(mv, commitmenttTypeId, qualifier);
-    }
-
-    private void checkStatement(
-        CommitmentTypeIndication cti,
-        ASN1ObjectIdentifier     commitmentTypeId,
-        ASN1Encodable           qualifier)
-    {
-        if (!cti.getCommitmentTypeId().equals(commitmentTypeId))
-        {
-            fail("commitmentTypeIds don't match.");
-        }
-        
-        if (qualifier != null)
-        {
-            if (!cti.getCommitmentTypeQualifier().equals(qualifier))
-            {
-                fail("qualifiers don't match.");
-            }
-        }
-        else if (cti.getCommitmentTypeQualifier() != null)
-        {
-            fail("qualifier found when none expected.");
-        }
-    }
-    
-    public static void main(
-        String[]    args)
-    {
-        runTest(new CommitmentTypeIndicationUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/CommitmentTypeQualifierUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/CommitmentTypeQualifierUnitTest.java
deleted file mode 100644
index abad06a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/CommitmentTypeQualifierUnitTest.java
+++ /dev/null

@@ -1,102 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.esf.CommitmentTypeIdentifier;
-import org.bouncycastle.asn1.esf.CommitmentTypeQualifier;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class CommitmentTypeQualifierUnitTest 
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "CommitmentTypeQualifier";
-    }
-
-    public void performTest() 
-        throws Exception
-    {
-        CommitmentTypeQualifier ctq = new CommitmentTypeQualifier(CommitmentTypeIdentifier.proofOfOrigin);
-        
-        checkConstruction(ctq, CommitmentTypeIdentifier.proofOfOrigin, null);
-        
-        ASN1Encodable info = new ASN1ObjectIdentifier("1.2");
-        
-        ctq = new CommitmentTypeQualifier(CommitmentTypeIdentifier.proofOfOrigin, info);
-
-        checkConstruction(ctq, CommitmentTypeIdentifier.proofOfOrigin, info);
-        
-        ctq = CommitmentTypeQualifier.getInstance(null);
-        
-        if (ctq != null)
-        {
-            fail("null getInstance() failed.");
-        }
-        
-        try
-        {
-            CommitmentTypeQualifier.getInstance(new Object());
-            
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void checkConstruction(
-         CommitmentTypeQualifier mv,
-         ASN1ObjectIdentifier commitmenttTypeId,
-         ASN1Encodable qualifier) 
-         throws IOException
-    {
-        checkStatement(mv, commitmenttTypeId, qualifier);
-        
-        mv = CommitmentTypeQualifier.getInstance(mv);
-        
-        checkStatement(mv, commitmenttTypeId, qualifier);
-        
-        ASN1InputStream aIn = new ASN1InputStream(mv.toASN1Primitive().getEncoded());
-
-        ASN1Sequence seq = (ASN1Sequence)aIn.readObject();
-        
-        mv = CommitmentTypeQualifier.getInstance(seq);
-        
-        checkStatement(mv, commitmenttTypeId, qualifier);
-    }
-
-    private void checkStatement(
-        CommitmentTypeQualifier ctq,
-        ASN1ObjectIdentifier     commitmentTypeId,
-        ASN1Encodable           qualifier)
-    {
-        if (!ctq.getCommitmentTypeIdentifier().equals(commitmentTypeId))
-        {
-            fail("commitmentTypeIds don't match.");
-        }
-        
-        if (qualifier != null)
-        {
-            if (!ctq.getQualifier().equals(qualifier))
-            {
-                fail("qualifiers don't match.");
-            }
-        }
-        else if (ctq.getQualifier() != null)
-        {
-            fail("qualifier found when none expected.");
-        }
-    }
-    
-    public static void main(
-        String[]    args)
-    {
-        runTest(new CommitmentTypeQualifierUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/ContentHintsUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/ContentHintsUnitTest.java
deleted file mode 100644
index 1ae15e7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/ContentHintsUnitTest.java
+++ /dev/null

@@ -1,87 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.asn1.ess.ContentHints;
-
-public class ContentHintsUnitTest
-    extends ASN1UnitTest
-{
-    public String getName()
-    {
-        return "ContentHints";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        DERUTF8String contentDescription = new DERUTF8String("Description");
-        ASN1ObjectIdentifier contentType = new ASN1ObjectIdentifier("1.2.2.3");
-
-        ContentHints hints = new ContentHints(contentType);
-
-        checkConstruction(hints, contentType, null);
-
-        hints = new ContentHints(contentType, contentDescription);
-
-        checkConstruction(hints, contentType, contentDescription);
-
-        hints = ContentHints.getInstance(null);
-
-        if (hints != null)
-        {
-            fail("null getInstance() failed.");
-        }
-
-        try
-        {
-            ContentHints.getInstance(new Object());
-
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void checkConstruction(
-        ContentHints hints,
-        ASN1ObjectIdentifier contentType,
-        DERUTF8String description)
-        throws IOException
-    {
-        checkValues(hints, contentType, description);
-
-        hints = ContentHints.getInstance(hints);
-
-        checkValues(hints, contentType, description);
-
-        ASN1InputStream aIn = new ASN1InputStream(hints.toASN1Primitive().getEncoded());
-
-        ASN1Sequence seq = (ASN1Sequence)aIn.readObject();
-
-        hints = ContentHints.getInstance(seq);
-
-        checkValues(hints, contentType, description);
-    }
-
-    private void checkValues(
-        ContentHints hints,
-        ASN1ObjectIdentifier contentType,
-        DERUTF8String description)
-    {
-        checkMandatoryField("contentType", contentType, hints.getContentType());
-        checkOptionalField("description", description, hints.getContentDescription());
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new ContentHintsUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/ControlsProcessedTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/ControlsProcessedTest.java
deleted file mode 100644
index 8434023..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/ControlsProcessedTest.java
+++ /dev/null

@@ -1,52 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.asn1.cmc.BodyPartID;
-import org.bouncycastle.asn1.cmc.BodyPartReference;
-import org.bouncycastle.asn1.cmc.ControlsProcessed;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class ControlsProcessedTest
-    extends SimpleTest
-{
-    public static void main(String[] args)
-    {
-        runTest(new ControlsProcessedTest());
-    }
-
-    public String getName()
-    {
-        return "ControlsProcessedTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        ControlsProcessed cp = new ControlsProcessed(new BodyPartReference[]{new BodyPartReference(new BodyPartID(12L)), new BodyPartReference(new BodyPartID(14L))});
-        byte[] b = cp.getEncoded();
-        ControlsProcessed cpResult = ControlsProcessed.getInstance(b);
-        isTrue(cpResult.getBodyList().length == cp.getBodyList().length);
-        isEquals(cpResult.getBodyList()[0], cp.getBodyList()[0]);
-        isEquals(cpResult.getBodyList()[1], cp.getBodyList()[1]);
-
-        //
-        // Incorrect sequence size.
-        //
-
-        try
-        {
-            ControlsProcessed.getInstance(new DERSequence(
-                new ASN1Encodable[]{new ASN1Integer(12L), new DERUTF8String("Monkeys")
-                }));
-            fail("Must accept only sequence length of 1");
-        }
-        catch (Throwable t)
-        {
-            isEquals(t.getClass(), IllegalArgumentException.class);
-        }
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/CscaMasterListTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/CscaMasterListTest.java
deleted file mode 100644
index c870069..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/CscaMasterListTest.java
+++ /dev/null

@@ -1,49 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.icao.CscaMasterList;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.io.Streams;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class CscaMasterListTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "CscaMasterList";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        byte[] input = getInput("masterlist-content.data");
-        CscaMasterList parsedList
-            = CscaMasterList.getInstance(ASN1Primitive.fromByteArray(input));
-
-        if (parsedList.getCertStructs().length != 3)
-        {
-            fail("Cert structure parsing failed: incorrect length");
-        }
-
-        byte[] output = parsedList.getEncoded();
-        if (!Arrays.areEqual(input, output))
-        {
-            fail("Encoding failed after parse");
-        }
-    }
-
-    private byte[] getInput(String name)
-        throws IOException
-    {
-        return Streams.readAll(getClass().getResourceAsStream(name));
-    }
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new CscaMasterListTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/DERApplicationSpecificTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/DERApplicationSpecificTest.java
deleted file mode 100644
index 44d21d9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/DERApplicationSpecificTest.java
+++ /dev/null

@@ -1,139 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.ASN1ApplicationSpecific;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.BERTags;
-import org.bouncycastle.asn1.DERApplicationSpecific;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.DERVisibleString;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class DERApplicationSpecificTest
-    extends SimpleTest
-{
-    private static final byte[] impData = Hex.decode("430109");
-
-    private static final byte[] certData = Hex.decode(
-        "7F218201897F4E8201495F290100420E44454356434145504153533030317F49"
-      + "81FD060A04007F00070202020202811CD7C134AA264366862A18302575D1D787"
-      + "B09F075797DA89F57EC8C0FF821C68A5E62CA9CE6C1C299803A6C1530B514E18"
-      + "2AD8B0042A59CAD29F43831C2580F63CCFE44138870713B1A92369E33E2135D2"
-      + "66DBB372386C400B8439040D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C"
-      + "1E6EFDEE12C07D58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D376"
-      + "1402CD851CD7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A793"
-      + "9F863904393EE8E06DB6C7F528F8B4260B49AA93309824D92CDB1807E5437EE2"
-      + "E26E29B73A7111530FA86B350037CB9415E153704394463797139E148701015F"
-      + "200E44454356434145504153533030317F4C0E060904007F0007030102015301"
-      + "C15F25060007000400015F24060009000400015F37384CCF25C59F3612EEE188"
-      + "75F6C5F2E2D21F0395683B532A26E4C189B71EFE659C3F26E0EB9AEAE9986310"
-      + "7F9B0DADA16414FFA204516AEE2B");
-
-    private final static byte[] sampleData = Hex.decode(
-        "613280020780a106060456000104a203020101a305a103020101be80288006025101020109a080b2800a01000000000000000000");
-
-    public String getName()
-    {
-        return "DERApplicationSpecific";
-    }
-
-    private void testTaggedObject()
-                throws Exception
-    {
-        // boolean explicit, int tagNo, ASN1Encodable obj
-        boolean explicit = false;
-
-        // Type1 ::= VisibleString
-        DERVisibleString type1 = new DERVisibleString("Jones");
-        if (!Arrays.areEqual(Hex.decode("1A054A6F6E6573"), type1.getEncoded()))
-        {
-            fail("ERROR: expected value doesn't match!");
-        }
-
-        // Type2 ::= [APPLICATION 3] IMPLICIT Type1
-        explicit = false;
-        DERApplicationSpecific type2 = new DERApplicationSpecific(explicit, 3, type1);
-        // type2.isConstructed()
-        if (!Arrays.areEqual(Hex.decode("43054A6F6E6573"), type2.getEncoded()))
-        {
-            fail("ERROR: expected value doesn't match!");
-        }
-
-        // Type3 ::= [2] Type2
-        explicit = true;
-        DERTaggedObject type3 = new DERTaggedObject(explicit, 2, type2);
-        if (!Arrays.areEqual(Hex.decode("A20743054A6F6E6573"), type3.getEncoded()))
-        {
-            fail("ERROR: expected value doesn't match!");
-        }
-
-        // Type4 ::= [APPLICATION 7] IMPLICIT Type3
-        explicit = false;
-        DERApplicationSpecific type4 = new DERApplicationSpecific(explicit, 7, type3);
-        if (!Arrays.areEqual(Hex.decode("670743054A6F6E6573"), type4.getEncoded()))
-        {
-            fail("ERROR: expected value doesn't match!");
-        }
-
-        // Type5 ::= [2] IMPLICIT Type2
-        explicit = false;
-        DERTaggedObject type5 = new DERTaggedObject(explicit, 2, type2);
-        // type5.isConstructed()
-        if (!Arrays.areEqual(Hex.decode("82054A6F6E6573"), type5.getEncoded()))
-        {
-            fail("ERROR: expected value doesn't match!");
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        testTaggedObject();
-
-        ASN1ApplicationSpecific appSpec = (ASN1ApplicationSpecific)ASN1Primitive.fromByteArray(sampleData);
-
-        if (1 != appSpec.getApplicationTag())
-        {
-            fail("wrong tag detected");
-        }
-
-        ASN1Integer value = new ASN1Integer(9);
-
-        DERApplicationSpecific tagged = new DERApplicationSpecific(false, 3, value);
-
-        if (!areEqual(impData, tagged.getEncoded()))
-        {
-            fail("implicit encoding failed");
-        }
-
-        ASN1Integer recVal = (ASN1Integer)tagged.getObject(BERTags.INTEGER);
-
-        if (!value.equals(recVal))
-        {
-            fail("implicit read back failed");
-        }
-
-        ASN1ApplicationSpecific certObj = (ASN1ApplicationSpecific)ASN1Primitive.fromByteArray(certData);
-
-        if (!certObj.isConstructed() || certObj.getApplicationTag() != 33)
-        {
-            fail("parsing of certificate data failed");
-        }
-
-        byte[] encoded = certObj.getEncoded(ASN1Encoding.DER);
-    
-        if (!Arrays.areEqual(certData, encoded))
-        {
-            fail("re-encoding of certificate data failed");
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new DERApplicationSpecificTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/DERUTF8StringTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/DERUTF8StringTest.java
deleted file mode 100644
index 7e38d7d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/DERUTF8StringTest.java
+++ /dev/null

@@ -1,101 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-public class DERUTF8StringTest 
-    implements Test
-{
-
-    /**
-     * Unicode code point U+10400 coded as surrogate in two native Java UTF-16
-     * code units
-     */
-    private final static char[] glyph1_utf16 = { 0xd801, 0xdc00 };
-
-    /**
-     * U+10400 coded in UTF-8
-     */
-    private final static byte[] glyph1_utf8 = { (byte)0xF0, (byte)0x90, (byte)0x90, (byte)0x80 };
-
-    /**
-     * Unicode code point U+6771 in native Java UTF-16
-     */
-    private final static char[] glyph2_utf16 = { 0x6771 };
-
-    /**
-     * U+6771 coded in UTF-8
-     */
-    private final static byte[] glyph2_utf8 = { (byte)0xE6, (byte)0x9D, (byte)0xB1 };
-
-    /**
-     * Unicode code point U+00DF in native Java UTF-16
-     */
-    private final static char[] glyph3_utf16 = { 0x00DF };
-
-    /**
-     * U+00DF coded in UTF-8
-     */
-    private final static byte[] glyph3_utf8 = { (byte)0xC3, (byte)0x9f };
-
-    /**
-     * Unicode code point U+0041 in native Java UTF-16
-     */
-    private final static char[] glyph4_utf16 = { 0x0041 };
-
-    /**
-     * U+0041 coded in UTF-8
-     */
-    private final static byte[] glyph4_utf8 = { 0x41 };
-
-    private final static byte[][] glyphs_utf8 = { glyph1_utf8, glyph2_utf8, glyph3_utf8, glyph4_utf8 };
-
-    private final static char[][] glyphs_utf16 = { glyph1_utf16, glyph2_utf16, glyph3_utf16, glyph4_utf16 };
-
-    public TestResult perform()
-    {
-        try
-        {
-            for (int i = 0; i < glyphs_utf16.length; i++)
-            {
-                String s = new String(glyphs_utf16[i]);
-                byte[] b1 = new DERUTF8String(s).getEncoded();
-                byte temp[] = new byte[b1.length - 2];
-                System.arraycopy(b1, 2, temp, 0, b1.length - 2);
-                byte[] b2 = new DERUTF8String(Strings.fromUTF8ByteArray(new DEROctetString(temp).getOctets())).getEncoded();
-                if (!Arrays.areEqual(b1, b2))
-                {
-                    return new SimpleTestResult(false, getName() + ": failed UTF-8 encoding and decoding");
-                }
-                if (!Arrays.areEqual(temp, glyphs_utf8[i]))
-                {
-                    return new SimpleTestResult(false, getName() + ": failed UTF-8 encoding and decoding");
-                }
-            }
-        }
-        catch (Exception e)
-        {
-            return new SimpleTestResult(false, getName() + ": failed with Exception " + e.getMessage());
-        }
-
-        return new SimpleTestResult(true, getName() + ": Okay");
-    }
-
-    public String getName()
-    {
-        return "DERUTF8String";
-    }
-
-    public static void main(String[] args)
-    {
-        DERUTF8StringTest test = new DERUTF8StringTest();
-        TestResult result = test.perform();
-
-        System.out.println(result);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/DataGroupHashUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/DataGroupHashUnitTest.java
deleted file mode 100644
index 78b9936..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/DataGroupHashUnitTest.java
+++ /dev/null

@@ -1,106 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-import java.util.Random;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.icao.DataGroupHash;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class DataGroupHashUnitTest 
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "DataGroupHash";
-    }
-
-    private byte[] generateHash()
-    {
-        Random rand = new Random();
-        byte[] bytes = new byte[20];
-        
-        for (int i = 0; i != bytes.length; i++)
-        {
-            bytes[i] = (byte)rand.nextInt();
-        }
-        
-        return bytes;
-    }
-    
-    public void performTest() 
-        throws Exception
-    {
-        int dataGroupNumber = 1;       
-        ASN1OctetString     dataHash = new DEROctetString(generateHash());
-        DataGroupHash       dg = new DataGroupHash(dataGroupNumber, dataHash);
-
-        checkConstruction(dg, dataGroupNumber, dataHash);
-
-        try
-        {
-            DataGroupHash.getInstance(null);
-        }
-        catch (Exception e)
-        {
-            fail("getInstance() failed to handle null.");
-        }
-
-        try
-        {
-            DataGroupHash.getInstance(new Object());
-            
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void checkConstruction(
-        DataGroupHash dg,
-        int dataGroupNumber,        
-        ASN1OctetString     dataGroupHashValue) 
-        throws IOException
-    {
-        checkValues(dg, dataGroupNumber, dataGroupHashValue);
-
-        dg = DataGroupHash.getInstance(dg);
-
-        checkValues(dg, dataGroupNumber, dataGroupHashValue);
-
-        ASN1InputStream aIn = new ASN1InputStream(dg.toASN1Primitive().getEncoded());
-
-        ASN1Sequence seq = (ASN1Sequence)aIn.readObject();
-
-        dg = DataGroupHash.getInstance(seq);
-
-        checkValues(dg, dataGroupNumber, dataGroupHashValue);
-    }
-
-    private void checkValues(
-        DataGroupHash dg,
-        int dataGroupNumber,        
-        ASN1OctetString     dataGroupHashValue)
-    {
-        if (dg.getDataGroupNumber() != dataGroupNumber)
-        {
-            fail("group number don't match.");
-        }
-        
-        if (!dg.getDataGroupHashValue().equals(dataGroupHashValue))
-        {
-            fail("hash value don't match.");
-        }         
-    }
-    
-    public static void main(
-        String[]    args)
-    {
-        runTest(new DataGroupHashUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/DeclarationOfMajorityUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/DeclarationOfMajorityUnitTest.java
deleted file mode 100644
index a9e7e42..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/DeclarationOfMajorityUnitTest.java
+++ /dev/null

@@ -1,90 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.isismtt.x509.DeclarationOfMajority;
-
-public class DeclarationOfMajorityUnitTest
-    extends ASN1UnitTest
-{
-    public String getName()
-    {
-        return "DeclarationOfMajority";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        ASN1GeneralizedTime dateOfBirth = new ASN1GeneralizedTime("20070315173729Z");
-        DeclarationOfMajority decl = new DeclarationOfMajority(dateOfBirth);
-
-        checkConstruction(decl, DeclarationOfMajority.dateOfBirth, dateOfBirth, -1);
-
-        decl = new DeclarationOfMajority(6);
-
-        checkConstruction(decl, DeclarationOfMajority.notYoungerThan, null, 6);
-
-        decl = DeclarationOfMajority.getInstance(null);
-
-        if (decl != null)
-        {
-            fail("null getInstance() failed.");
-        }
-
-        try
-        {
-            DeclarationOfMajority.getInstance(new Object());
-
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void checkConstruction(
-        DeclarationOfMajority decl,
-        int                   type,
-        ASN1GeneralizedTime   dateOfBirth,
-        int                   notYoungerThan)
-        throws IOException
-    {
-        checkValues(decl, type, dateOfBirth, notYoungerThan);
-
-        decl = DeclarationOfMajority.getInstance(decl);
-
-        checkValues(decl, type, dateOfBirth, notYoungerThan);
-
-        ASN1InputStream aIn = new ASN1InputStream(decl.toASN1Primitive().getEncoded());
-
-        DERTaggedObject info = (DERTaggedObject)aIn.readObject();
-
-        decl = DeclarationOfMajority.getInstance(info);
-
-        checkValues(decl, type, dateOfBirth, notYoungerThan);
-    }
-
-    private void checkValues(
-        DeclarationOfMajority decl,
-        int                   type,
-        ASN1GeneralizedTime   dateOfBirth,
-        int                   notYoungerThan)
-    {
-        checkMandatoryField("type", type, decl.getType());
-        checkOptionalField("dateOfBirth", dateOfBirth, decl.getDateOfBirth());
-        if (notYoungerThan != -1 && notYoungerThan != decl.notYoungerThan())
-        {
-            fail("notYoungerThan mismatch");
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new DeclarationOfMajorityUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/DecryptedPOPTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/DecryptedPOPTest.java
deleted file mode 100644
index cf04729..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/DecryptedPOPTest.java
+++ /dev/null

@@ -1,45 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cmc.BodyPartID;
-import org.bouncycastle.asn1.cmc.DecryptedPOP;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class DecryptedPOPTest
-    extends SimpleTest
-{
-    public static void main(String[] args)
-    {
-        runTest(new DecryptedPOPTest());
-    }
-
-    public String getName()
-    {
-        return "DecryptedPOPTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        AlgorithmIdentifier algId = new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.9.8.7.6")); // Not real!
-        DecryptedPOP pop = new DecryptedPOP(new BodyPartID(10L), algId, "cats".getBytes());
-        byte[] b = pop.getEncoded();
-        DecryptedPOP popResult = DecryptedPOP.getInstance(b);
-        isEquals("Bodypart id", popResult.getBodyPartID(), pop.getBodyPartID());
-        isTrue("The POP", Arrays.areEqual(popResult.getThePOP(), pop.getThePOP()));
-        isEquals("POP Result", popResult.getThePOPAlgID(), pop.getThePOPAlgID());
-
-        try
-        {
-            DecryptedPOP.getInstance(new DERSequence(new BodyPartID(10L)));
-            fail("Sequence must be 3 elements long");
-        }
-        catch (Throwable t)
-        {
-            isEquals(t.getClass(), IllegalArgumentException.class);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/DhSigStaticTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/DhSigStaticTest.java
deleted file mode 100644
index 656ce99..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/DhSigStaticTest.java
+++ /dev/null

@@ -1,73 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-
-import java.io.IOException;
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
-import org.bouncycastle.asn1.crmf.DhSigStatic;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class DhSigStaticTest
-    extends SimpleTest
-{
-
-
-    public void performTest()
-        throws Exception
-    {
-        // Test correct encode / decode
-
-        // Test encode and decode from Long and from other instance of DhSigStatic
-        DhSigStatic dhS = new DhSigStatic(new byte[20]);
-        instanceTest(dhS);
-
-        dhS = new DhSigStatic(new IssuerAndSerialNumber(new X500Name("CN=Test"), BigInteger.valueOf(20)), new byte[20]);
-        instanceTest(dhS);
-
-        dhS = DhSigStatic.getInstance(new DERSequence(new DEROctetString(Hex.decode("0102030405060708090a"))));
-
-        isTrue(Arrays.areEqual(Hex.decode("0102030405060708090a"), dhS.getHashValue()));
-
-        try
-        {
-            dhS = DhSigStatic.getInstance(new DERSequence(
-                new ASN1Encodable[] {
-                    new DEROctetString(Hex.decode("0102030405060708090a")),
-                    new DEROctetString(Hex.decode("0102030405060708090a")),
-                    new DEROctetString(Hex.decode("0102030405060708090a")) }));
-            fail("no exception");
-        }
-        catch (IllegalArgumentException e)
-        {
-            isEquals(e.getMessage(), "sequence wrong length for DhSigStatic", e.getMessage());
-        }
-    }
-
-    private void instanceTest(DhSigStatic bpd)
-        throws IOException
-    {
-        byte[] b = bpd.getEncoded();
-        DhSigStatic resBpd = DhSigStatic.getInstance(b);
-        isTrue("hash check failed", areEqual(bpd.getHashValue(), resBpd.getHashValue()));
-        isEquals("issuerAndSerial failed", bpd.getIssuerAndSerial(), resBpd.getIssuerAndSerial());
-    }
-
-    public String getName()
-    {
-        return "DhSigStaticTest";
-    }
-
-    public static void main(String[] args)
-        throws Exception
-    {
-        runTest(new DhSigStaticTest());
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/ESSCertIDv2UnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/ESSCertIDv2UnitTest.java
deleted file mode 100644
index e8978ca..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/ESSCertIDv2UnitTest.java
+++ /dev/null

@@ -1,33 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ess.ESSCertIDv2;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-public class ESSCertIDv2UnitTest
-    extends ASN1UnitTest
-{
-    public String getName()
-    {
-        return "ESSCertIDv2";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        // check getInstance on default algorithm.
-        byte[] digest = new byte [256];
-        ESSCertIDv2 essCertIdv2 = new ESSCertIDv2(new AlgorithmIdentifier(
-            NISTObjectIdentifiers.id_sha256), digest);
-        ASN1Primitive asn1Object = essCertIdv2.toASN1Primitive();
-
-        ESSCertIDv2.getInstance(asn1Object);
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new ESSCertIDv2UnitTest());
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/EncryptedPOPTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/EncryptedPOPTest.java
deleted file mode 100644
index df130f7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/EncryptedPOPTest.java
+++ /dev/null

@@ -1,69 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cmc.BodyPartID;
-import org.bouncycastle.asn1.cmc.CertificationRequest;
-import org.bouncycastle.asn1.cmc.EncryptedPOP;
-import org.bouncycastle.asn1.cmc.TaggedCertificationRequest;
-import org.bouncycastle.asn1.cmc.TaggedRequest;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class EncryptedPOPTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "EncryptedPOPTest";
-    }
-
-    private byte[] req1 = Base64.decode(
-        "MIHoMIGTAgEAMC4xDjAMBgNVBAMTBVRlc3QyMQ8wDQYDVQQKEwZBbmFUb20xCzAJBgNVBAYTAlNF"
-            + "MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALlEt31Tzt2MlcOljvacJgzQVhmlMoqAOgqJ9Pgd3Gux"
-            + "Z7/WcIlgW4QCB7WZT21O1YoghwBhPDMcNGrHei9kHQkCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA0EA"
-            + "NDEI4ecNtJ3uHwGGlitNFq9WxcoZ0djbQJ5hABMotav6gtqlrwKXY2evaIrsNwkJtNdwwH18aQDU"
-            + "KCjOuBL38Q==");
-
-    public void performTest()
-        throws Exception
-    {
-        // All Object Identifiers are not real!
-        TaggedRequest taggedRequest = new TaggedRequest(new TaggedCertificationRequest(new BodyPartID(10L), CertificationRequest.getInstance(req1)));
-        ContentInfo cms = new ContentInfo(new ASN1ObjectIdentifier("1.2.3"), new ASN1Integer(12L));
-        AlgorithmIdentifier thePopID = new AlgorithmIdentifier(new ASN1ObjectIdentifier("2.2.5.2"));
-        AlgorithmIdentifier whitenessID = new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.2.5.2.5"));
-        byte[] whiteness = "Fish and Chips".getBytes();
-
-        EncryptedPOP ep = new EncryptedPOP(taggedRequest, cms, thePopID, whitenessID, whiteness);
-        byte[] b = ep.getEncoded();
-        EncryptedPOP epResult = EncryptedPOP.getInstance(b);
-
-        isEquals("TaggedRequest", epResult.getRequest(), taggedRequest);
-        isEquals("ContentInfo (cms)", epResult.getCms(), cms);
-        isEquals("Pop Algorithm ID", epResult.getThePOPAlgID(), thePopID);
-        isEquals("Whiteness ID", epResult.getWitnessAlgID(), whitenessID);
-        isTrue("Whiteness", areEqual(epResult.getWitness(), whiteness));
-
-        // Test sequence length
-
-        try
-        {
-            EncryptedPOP.getInstance(new DERSequence(new ASN1Integer(1L)));
-            fail("Sequence must be 5 items long.");
-        }
-        catch (Throwable t)
-        {
-            isEquals(t.getClass(), IllegalArgumentException.class);
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new EncryptedPOPTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/EncryptedPrivateKeyInfoTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/EncryptedPrivateKeyInfoTest.java
deleted file mode 100644
index f179fa7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/EncryptedPrivateKeyInfoTest.java
+++ /dev/null

@@ -1,136 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DEROutputStream;
-import org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo;
-import org.bouncycastle.asn1.util.ASN1Dump;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Test the reading and writing of EncryptedPrivateKeyInfo objects using
- * the test vectors provided at
- * <a href=http://www.rsasecurity.com/rsalabs/pkcs/pkcs-5/index.html>
- * RSA's PKCS5 Page</a>.
- * <br>
- * The vectors are Base 64 encoded and encrypted using the password "password"
- * (without quotes). They should all yield the same PrivateKeyInfo object.
- */
-public class EncryptedPrivateKeyInfoTest
-    extends SimpleTest
-{
-    static byte[] sample1 = Base64.decode(
-        "MIIBozA9BgkqhkiG9w0BBQ0wMDAbBgkqhkiG9w0BBQwwDgQIfWBDXwLp4K4CAggA"
-      + "MBEGBSsOAwIHBAiaCF/AvOgQ6QSCAWDWX4BdAzCRNSQSANSuNsT5X8mWYO27mr3Y"
-      + "9c9LoBVXGNmYWKA77MI4967f7SmjNcgXj3xNE/jmnVz6hhsjS8E5VPT3kfyVkpdZ"
-      + "0lr5e9Yk2m3JWpPU7++v5zBkZmC4V/MwV/XuIs6U+vykgzMgpxQg0oZKS9zgmiZo"
-      + "f/4dOCL0UtCDnyOSvqT7mCVIcMDIEKu8QbVlgZYBop08l60EuEU3gARUo8WsYQmO"
-      + "Dz/ldx0Z+znIT0SXVuOwc+RVItC5T/Qx+aijmmpt+9l14nmaGBrEkmuhmtdvU/4v"
-      + "aptewGRgmjOfD6cqK+zs0O5NrrJ3P/6ZSxXj91CQgrThGfOv72bUncXEMNtc8pks"
-      + "2jpHFjGMdKufnadAD7XuMgzkkaklEXZ4f5tU6heIIwr51g0GBEGF96gYPFnjnSQM"
-      + "75JE02Clo+DfcfXpcybPTwwFg2jd6JTTOfkdf6OdSlA/1XNK43FA");
-
-    static byte[] sample2 = Base64.decode(
-        "MIIBpjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIeFeOWl1jywYCAggA"
-      + "MBQGCCqGSIb3DQMHBAjUJ5eGBhQGtQSCAWBrHrRgqO8UUMLcWzZEtpk1l3mjxiF/"
-      + "koCMkHsFwowgyWhEbgIkTgbSViK54LVK8PskekcGNLph+rB6bGZ7pPbL5pbXASJ8"
-      + "+MkQcG3FZdlS4Ek9tTJDApj3O1UubZGFG4uvTlJJFbF1BOJ3MkY3XQ9Gl1qwv7j5"
-      + "6e103Da7Cq9+oIDKmznza78XXQYrUsPo8mJGjUxPskEYlzwvHjKubRnYm/K6RKhi"
-      + "5f4zX4BQ/Dt3H812ZjRXrsjAJP0KrD/jyD/jCT7zNBVPH1izBds+RwizyQAHwfNJ"
-      + "BFR78TH4cgzB619X47FDVOnT0LqQNVd0O3cSwnPrXE9XR3tPayE+iOB15llFSmi8"
-      + "z0ByOXldEpkezCn92Umk++suzIVj1qfsK+bv2phZWJPbLEIWPDRHUbYf76q5ArAr"
-      + "u4xtxT/hoK3krEs/IN3d70qjlUJ36SEw1UaZ82PWhakQbdtu39ZraMJB");
-
-    static byte[] sample3 = Base64.decode(
-        "MIIBrjBIBgkqhkiG9w0BBQ0wOzAeBgkqhkiG9w0BBQwwEQQIrHyQPBZqWLUCAggA"
-      + "AgEQMBkGCCqGSIb3DQMCMA0CAToECEhbh7YZKiPSBIIBYCT1zp6o5jpFlIkgwPop"
-      + "7bW1+8ACr4exqzkeb3WflQ8cWJ4cURxzVdvxUnXeW1VJdaQZtjS/QHs5GhPTG/0f"
-      + "wtvnaPfwrIJ3FeGaZfcg2CrYhalOFmEb4xrE4KyoEQmUN8tb/Cg94uzd16BOPw21"
-      + "RDnE8bnPdIGY7TyL95kbkqH23mK53pi7h+xWIgduW+atIqDyyt55f7WMZcvDvlj6"
-      + "VpN/V0h+qxBHL274WA4dj6GYgeyUFpi60HdGCK7By2TBy8h1ZvKGjmB9h8jZvkx1"
-      + "MkbRumXxyFsowTZawyYvO8Um6lbfEDP9zIEUq0IV8RqH2MRyblsPNSikyYhxX/cz"
-      + "tdDxRKhilySbSBg5Kr8OfcwKp9bpinN96nmG4xr3Tch1bnVvqJzOQ5+Vva2WwVvH"
-      + "2JkWvYm5WaANg4Q6bRxu9vz7DuhbJjQdZbxFezIAgrJdSe92B00jO/0Kny1WjiVO"
-      + "6DA=");
-
-    public String getName()
-    {
-        return "EncryptedPrivateKeyInfoTest";
-    }
-
-    private void test(
-        int     id,
-        byte[]  sample)
-    {
-        ByteArrayInputStream    bIn = new ByteArrayInputStream(sample);
-        ASN1InputStream         aIn = new ASN1InputStream(bIn);
-        EncryptedPrivateKeyInfo info = null;
-
-        try
-        {
-            info = EncryptedPrivateKeyInfo.getInstance(aIn.readObject());
-        }
-        catch (Exception e)
-        {
-            fail("test " + id + " failed construction - exception " + e.toString(), e);
-        }
-
-        ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
-        DEROutputStream         dOut = new DEROutputStream(bOut);
-
-        try
-        {
-            dOut.writeObject(info);
-        }
-        catch (Exception e)
-        {
-            fail("test " + id + " failed writing - exception " + e.toString(), e);
-        }
-
-        byte[]  bytes = bOut.toByteArray();
-
-        if (bytes.length != sample.length)
-        {
-            try
-            {
-                bIn = new ByteArrayInputStream(bytes);
-                aIn = new ASN1InputStream(bIn);
-
-                ASN1Primitive obj = aIn.readObject();
-    
-                fail("test " + id + " length mismatch - expected " + sample.length + Strings.lineSeparator() + ASN1Dump.dumpAsString(info) + " got " + bytes.length + Strings.lineSeparator() + ASN1Dump.dumpAsString(obj));
-            }
-            catch (Exception e)
-            {
-                fail("test " + id + " length mismatch - exception " + e.toString());
-            }
-        }
-
-        for (int i = 0; i != bytes.length; i++)
-        {
-            if (bytes[i] != sample[i])
-            {
-                fail("test " + id + " data mismatch");
-            }
-        }
-    }
-
-    public void performTest()
-    {
-        test(0, sample1);
-        test(1, sample2);
-        test(2, sample3);
-    }
-
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new EncryptedPrivateKeyInfoTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/EnumeratedTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/EnumeratedTest.java
deleted file mode 100644
index c1c3b3b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/EnumeratedTest.java
+++ /dev/null

@@ -1,115 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import junit.framework.TestCase;
-
-import org.bouncycastle.asn1.ASN1Boolean;
-import org.bouncycastle.asn1.ASN1Enumerated;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.util.encoders.Hex;
-
-/**
- * Tests used to verify correct decoding of the ENUMERATED type.
- */
-public class EnumeratedTest
-    extends TestCase
-{
-    /**
-     * Test vector used to test decoding of multiple items. This sample uses an ENUMERATED and a BOOLEAN.
-     */
-    private static final byte[] MultipleSingleByteItems = Hex.decode("30060a01010101ff");
-
-    /**
-     * Test vector used to test decoding of multiple items. This sample uses two ENUMERATEDs.
-     */
-    private static final byte[] MultipleDoubleByteItems = Hex.decode("30080a0201010a020202");
-
-    /**
-     * Test vector used to test decoding of multiple items. This sample uses an ENUMERATED and an OBJECT IDENTIFIER.
-     */
-    private static final byte[] MultipleTripleByteItems = Hex.decode("300a0a0301010106032b0601");
-
-    /**
-     * Makes sure multiple identically sized values are parsed correctly.
-     */
-    public void testReadingMultipleSingleByteItems()
-        throws IOException
-    {
-        ASN1Primitive obj = ASN1Primitive.fromByteArray(MultipleSingleByteItems);
-
-        assertTrue("Null ASN.1 SEQUENCE", obj instanceof ASN1Sequence);
-
-        ASN1Sequence sequence = (ASN1Sequence)obj;
-
-        assertEquals("2 items expected", 2, sequence.size());
-
-        ASN1Enumerated enumerated = ASN1Enumerated.getInstance(sequence.getObjectAt(0));
-
-        assertNotNull("ENUMERATED expected", enumerated);
-
-        assertEquals("Unexpected ENUMERATED value", 1, enumerated.getValue().intValue());
-
-        ASN1Boolean b = ASN1Boolean.getInstance(sequence.getObjectAt(1));
-
-        assertNotNull("BOOLEAN expected", b);
-
-        assertTrue("Unexpected BOOLEAN value", b.isTrue());
-    }
-
-    /**
-     * Makes sure multiple identically sized values are parsed correctly.
-     */
-    public void testReadingMultipleDoubleByteItems()
-        throws IOException
-    {
-        ASN1Primitive obj = ASN1Primitive.fromByteArray(MultipleDoubleByteItems);
-
-        assertTrue("Null ASN.1 SEQUENCE", obj instanceof ASN1Sequence);
-
-        ASN1Sequence sequence = (ASN1Sequence)obj;
-
-        assertEquals("2 items expected", 2, sequence.size());
-
-        ASN1Enumerated enumerated1 = ASN1Enumerated.getInstance(sequence.getObjectAt(0));
-
-        assertNotNull("ENUMERATED expected", enumerated1);
-
-        assertEquals("Unexpected ENUMERATED value", 257, enumerated1.getValue().intValue());
-
-        ASN1Enumerated enumerated2 = ASN1Enumerated.getInstance(sequence.getObjectAt(1));
-
-        assertNotNull("ENUMERATED expected", enumerated2);
-
-        assertEquals("Unexpected ENUMERATED value", 514, enumerated2.getValue().intValue());
-    }
-
-    /**
-     * Makes sure multiple identically sized values are parsed correctly.
-     */
-    public void testReadingMultipleTripleByteItems()
-        throws IOException
-    {
-        ASN1Primitive obj = ASN1Primitive.fromByteArray(MultipleTripleByteItems);
-
-        assertTrue("Null ASN.1 SEQUENCE", obj instanceof ASN1Sequence);
-
-        ASN1Sequence sequence = (ASN1Sequence)obj;
-
-        assertEquals("2 items expected", 2, sequence.size());
-
-        ASN1Enumerated enumerated = ASN1Enumerated.getInstance(sequence.getObjectAt(0));
-
-        assertNotNull("ENUMERATED expected", enumerated);
-
-        assertEquals("Unexpected ENUMERATED value", 65793, enumerated.getValue().intValue());
-
-        ASN1ObjectIdentifier objectId = ASN1ObjectIdentifier.getInstance(sequence.getObjectAt(1));
-
-        assertNotNull("OBJECT IDENTIFIER expected", objectId);
-
-        assertEquals("Unexpected OBJECT IDENTIFIER value", "1.3.6.1", objectId.getId());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/EqualsAndHashCodeTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/EqualsAndHashCodeTest.java
deleted file mode 100644
index 1785ce0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/EqualsAndHashCodeTest.java
+++ /dev/null

@@ -1,131 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.util.Date;
-
-import org.bouncycastle.asn1.ASN1Boolean;
-import org.bouncycastle.asn1.ASN1Enumerated;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OutputStream;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.BERConstructedOctetString;
-import org.bouncycastle.asn1.BERSequence;
-import org.bouncycastle.asn1.BERSet;
-import org.bouncycastle.asn1.BERTaggedObject;
-import org.bouncycastle.asn1.DERApplicationSpecific;
-import org.bouncycastle.asn1.DERBMPString;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERGeneralString;
-import org.bouncycastle.asn1.DERGeneralizedTime;
-import org.bouncycastle.asn1.DERGraphicString;
-import org.bouncycastle.asn1.DERIA5String;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DERNumericString;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERPrintableString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.DERT61String;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.DERUTCTime;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.asn1.DERUniversalString;
-import org.bouncycastle.asn1.DERVideotexString;
-import org.bouncycastle.asn1.DERVisibleString;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-public class EqualsAndHashCodeTest
-    implements Test
-{
-    public TestResult perform()
-    {
-        byte[]    data = { 0, 1, 0, 1, 0, 0, 1 };
-        
-        ASN1Primitive    values[] = {
-                new BERConstructedOctetString(data),
-                new BERSequence(new DERPrintableString("hello world")),
-                new BERSet(new DERPrintableString("hello world")),
-                new BERTaggedObject(0, new DERPrintableString("hello world")),
-                new DERApplicationSpecific(0, data),
-                new DERBitString(data),
-                new DERBMPString("hello world"),
-                new ASN1Boolean(true),
-                new ASN1Boolean(false),
-                new ASN1Enumerated(100),
-                new DERGeneralizedTime("20070315173729Z"),
-                new DERGeneralString("hello world"),
-                new DERIA5String("hello"),
-                new ASN1Integer(1000),
-                new DERNull(),
-                new DERNumericString("123456"),
-                new ASN1ObjectIdentifier("1.1.1.10000.1"),
-                new DEROctetString(data),
-                new DERPrintableString("hello world"),
-                new DERSequence(new DERPrintableString("hello world")),
-                new DERSet(new DERPrintableString("hello world")),
-                new DERT61String("hello world"),
-                new DERTaggedObject(0, new DERPrintableString("hello world")),
-                new DERUniversalString(data),
-                new DERUTCTime(new Date()),
-                new DERUTF8String("hello world"),
-                new DERVisibleString("hello world") ,
-                new DERGraphicString(Hex.decode("deadbeef")),
-                new DERVideotexString(Strings.toByteArray("Hello World"))
-            };
-        
-        try
-        {
-            ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
-            ASN1OutputStream        aOut = new ASN1OutputStream(bOut);
-            
-            for (int i = 0; i != values.length; i++)
-            {
-                aOut.writeObject(values[i]);
-            }
-
-            ByteArrayInputStream    bIn = new ByteArrayInputStream(bOut.toByteArray());
-            ASN1InputStream         aIn = new ASN1InputStream(bIn);
-            
-            for (int i = 0; i != values.length; i++)
-            {
-                ASN1Primitive o = aIn.readObject();
-                if (!o.equals(values[i]))
-                {
-                    return new SimpleTestResult(false, getName() + ": Failed equality test for " + o.getClass());
-                }
-                
-                if (o.hashCode() != values[i].hashCode())
-                {
-                    return new SimpleTestResult(false, getName() + ": Failed hashCode test for " + o.getClass());
-                }
-            }
-        }
-        catch (Exception e)
-        {
-            return new SimpleTestResult(false, getName() + ": Failed - exception " + e.toString(), e);
-        }
-        
-        return new SimpleTestResult(true, getName() + ": Okay");
-    }
-
-    public String getName()
-    {
-        return "EqualsAndHashCode";
-    }
-
-    public static void main(
-        String[] args)
-    {
-        EqualsAndHashCodeTest    test = new EqualsAndHashCodeTest();
-        TestResult      result = test.perform();
-
-        System.out.println(result);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/ExtendedFailInfoTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/ExtendedFailInfoTest.java
deleted file mode 100644
index b55b51d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/ExtendedFailInfoTest.java
+++ /dev/null

@@ -1,48 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cmc.ExtendedFailInfo;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-public class ExtendedFailInfoTest
-    extends SimpleTest
-{
-
-    public static void main(String[] args)
-    {
-        runTest(new ExtendedFailInfoTest());
-    }
-
-    public String getName()
-    {
-        return "ExtendedFailInfo";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        // OID not real
-        ExtendedFailInfo extendedFailInfo = new ExtendedFailInfo(
-            new ASN1ObjectIdentifier("1.2.3.2"),
-            new ASN1Integer(10L));
-        byte[] b = extendedFailInfo.getEncoded();
-        ExtendedFailInfo extendedFailInfoResult = ExtendedFailInfo.getInstance(b);
-
-        isEquals("failInfoOID", extendedFailInfo.getFailInfoOID(), extendedFailInfoResult.getFailInfoOID());
-        isEquals("failInfoValue", extendedFailInfo.getFailInfoValue(), extendedFailInfoResult.getFailInfoValue());
-
-        try
-        {
-            ExtendedFailInfo.getInstance(new DERSequence(new ASN1Integer(10L)));
-            fail("Sequence must be 2 elements.");
-        }
-        catch (Throwable t)
-        {
-            isEquals("Wrong exception type",t.getClass(), IllegalArgumentException.class);
-        }
-
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/ExtensionReqTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/ExtensionReqTest.java
deleted file mode 100644
index a54c4da..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/ExtensionReqTest.java
+++ /dev/null

@@ -1,39 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.ASN1Boolean;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.cmc.ExtensionReq;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-public class ExtensionReqTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "ExtensionReqTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        ExtensionReq extensionReq = new ExtensionReq(
-            new Extension(
-                new ASN1ObjectIdentifier("1.2.4"), ASN1Boolean.FALSE, new DEROctetString("abcdef".getBytes())
-            ));
-        byte[] b = extensionReq.getEncoded();
-
-        ExtensionReq extensionReqResult = ExtensionReq.getInstance(b);
-
-        isEquals("Extensions", extensionReq.getExtensions()[0], extensionReqResult.getExtensions()[0]);
-
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new ExtensionReqTest());
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/GeneralNameTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/GeneralNameTest.java
deleted file mode 100644
index e45f94e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/GeneralNameTest.java
+++ /dev/null

@@ -1,173 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.GeneralNames;
-import org.bouncycastle.asn1.x509.GeneralNamesBuilder;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class GeneralNameTest
-    extends SimpleTest
-{
-    private static final byte[] ipv4 = Hex.decode("87040a090800");
-    private static final byte[] ipv4WithMask1 = Hex.decode("87080a090800ffffff00");
-    private static final byte[] ipv4WithMask2 = Hex.decode("87080a090800ffff8000");
-    private static final byte[] ipv4WithMask3 = Hex.decode("87080a090800ffffc000");
-
-    private static final byte[] ipv6a = Hex.decode("871020010db885a308d313198a2e03707334");
-    private static final byte[] ipv6b = Hex.decode("871020010db885a3000013198a2e03707334");
-    private static final byte[] ipv6c = Hex.decode("871000000000000000000000000000000001");
-    private static final byte[] ipv6d = Hex.decode("871020010db885a3000000008a2e03707334");
-    private static final byte[] ipv6e = Hex.decode("871020010db885a3000000008a2e0a090800");
-    private static final byte[] ipv6f = Hex.decode("872020010db885a3000000008a2e0a090800ffffffffffff00000000000000000000");
-    private static final byte[] ipv6g = Hex.decode("872020010db885a3000000008a2e0a090800ffffffffffffffffffffffffffffffff");
-    private static final byte[] ipv6h = Hex.decode("872020010db885a300000000000000000000ffffffffffff00000000000000000000");
-    private static final byte[] ipv6i = Hex.decode("872020010db885a300000000000000000000fffffffffffe00000000000000000000");
-    private static final byte[] ipv6j = Hex.decode("872020010db885a300000000000000000000ffffffffffff80000000000000000000");
-
-    public String getName()
-    {
-        return "GeneralName";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        GeneralName nm = new GeneralName(GeneralName.iPAddress, "10.9.8.0");
-        if (!Arrays.areEqual(nm.getEncoded(), ipv4))
-        {
-            fail("ipv4 encoding failed");
-        }
-
-        nm = new GeneralName(GeneralName.iPAddress, "10.9.8.0/255.255.255.0");
-        if (!Arrays.areEqual(nm.getEncoded(), ipv4WithMask1))
-        {
-            fail("ipv4 with netmask 1 encoding failed");
-        }
-
-        nm = new GeneralName(GeneralName.iPAddress, "10.9.8.0/24");
-        if (!Arrays.areEqual(nm.getEncoded(), ipv4WithMask1))
-        {
-            fail("ipv4 with netmask 2 encoding failed");
-        }
-
-        nm = new GeneralName(GeneralName.iPAddress, "10.9.8.0/255.255.128.0");
-        if (!Arrays.areEqual(nm.getEncoded(), ipv4WithMask2))
-        {
-            fail("ipv4 with netmask 3a encoding failed");
-        }
-
-        nm = new GeneralName(GeneralName.iPAddress, "10.9.8.0/17");
-        if (!Arrays.areEqual(nm.getEncoded(), ipv4WithMask2))
-        {
-            fail("ipv4 with netmask 3b encoding failed");
-        }
-
-        nm = new GeneralName(GeneralName.iPAddress, "10.9.8.0/255.255.192.0");
-        if (!Arrays.areEqual(nm.getEncoded(), ipv4WithMask3))
-        {
-            fail("ipv4 with netmask 3a encoding failed");
-        }
-
-        nm = new GeneralName(GeneralName.iPAddress, "10.9.8.0/18");
-        if (!Arrays.areEqual(nm.getEncoded(), ipv4WithMask3))
-        {
-            fail("ipv4 with netmask 3b encoding failed");
-        }
-
-        nm = new GeneralName(GeneralName.iPAddress, "2001:0db8:85a3:08d3:1319:8a2e:0370:7334");
-        if (!Arrays.areEqual(nm.getEncoded(), ipv6a))
-        {
-            fail("ipv6 with netmask encoding failed");
-        }
-
-        nm = new GeneralName(GeneralName.iPAddress, "2001:0db8:85a3::1319:8a2e:0370:7334");
-        if (!Arrays.areEqual(nm.getEncoded(), ipv6b))
-        {
-            fail("ipv6b encoding failed");
-        }
-
-        nm = new GeneralName(GeneralName.iPAddress, "::1");
-        if (!Arrays.areEqual(nm.getEncoded(), ipv6c))
-        {
-            fail("ipv6c failed");
-        }
-
-        nm = new GeneralName(GeneralName.iPAddress, "2001:0db8:85a3::8a2e:0370:7334");
-        if (!Arrays.areEqual(nm.getEncoded(), ipv6d))
-        {
-            fail("ipv6d failed");
-        }
-
-        nm = new GeneralName(GeneralName.iPAddress, "2001:0db8:85a3::8a2e:10.9.8.0");
-        if (!Arrays.areEqual(nm.getEncoded(), ipv6e))
-        {
-            fail("ipv6e failed");
-        }
-
-        nm = new GeneralName(GeneralName.iPAddress, "2001:0db8:85a3::8a2e:10.9.8.0/ffff:ffff:ffff::0000");
-        if (!Arrays.areEqual(nm.getEncoded(), ipv6f))
-        {
-            fail("ipv6f failed");
-        }
-
-        nm = new GeneralName(GeneralName.iPAddress, "2001:0db8:85a3::8a2e:10.9.8.0/128");
-        if (!Arrays.areEqual(nm.getEncoded(), ipv6g))
-        {
-            fail("ipv6g failed");
-        }
-
-        nm = new GeneralName(GeneralName.iPAddress, "2001:0db8:85a3::/48");
-        if (!Arrays.areEqual(nm.getEncoded(), ipv6h))
-        {
-            fail("ipv6h failed");
-        }
-
-        nm = new GeneralName(GeneralName.iPAddress, "2001:0db8:85a3::/47");
-        if (!Arrays.areEqual(nm.getEncoded(), ipv6i))
-        {
-            fail("ipv6i failed");
-        }
-
-        nm = new GeneralName(GeneralName.iPAddress, "2001:0db8:85a3::/49");
-        if (!Arrays.areEqual(nm.getEncoded(), ipv6j))
-        {
-            fail("ipv6j failed");
-        }
-
-        GeneralNamesBuilder genNamesBuilder = new GeneralNamesBuilder();
-
-        GeneralName name1 = new GeneralName(GeneralName.iPAddress, "2001:0db8:85a3::8a2e:0370:7334");
-
-        genNamesBuilder.addName(name1);
-
-        if (!genNamesBuilder.build().equals(new GeneralNames(name1)))
-        {
-            fail("single build failed");
-        }
-
-        GeneralName nm1 = new GeneralName(GeneralName.iPAddress, "2001:0db8:85a3::/48");
-        GeneralName nm2 = new GeneralName(GeneralName.iPAddress, "2001:0db8:85a3::/47");
-        GeneralName nm3 = new GeneralName(GeneralName.iPAddress, "2001:0db8:85a3::/49");
-
-        genNamesBuilder = new GeneralNamesBuilder();
-
-        genNamesBuilder.addName(name1);
-
-        genNamesBuilder.addNames(new GeneralNames(new GeneralName[]{nm1, nm2}));
-
-        genNamesBuilder.addName(nm3);
-
-        if (!genNamesBuilder.build().equals(new GeneralNames(new GeneralName[] { name1, nm1, nm2, nm3 })))
-        {
-            fail("multi build failed");
-        }
-    }
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new GeneralNameTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/GeneralizedTimeTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/GeneralizedTimeTest.java
deleted file mode 100644
index 4663484..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/GeneralizedTimeTest.java
+++ /dev/null

@@ -1,256 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.text.SimpleDateFormat;
-import java.util.Date;
-import java.util.SimpleTimeZone;
-import java.util.TimeZone;
-
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.DERGeneralizedTime;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * X.690 test example
- */
-public class GeneralizedTimeTest
-    extends SimpleTest
-{
-    String[] input =
-        {
-            "20020122122220",
-            "20020122122220Z",
-            "20020122122220-1000",
-            "20020122122220+00",
-            "20020122122220.1",
-            "20020122122220.1Z",
-            "20020122122220.1-1000",
-            "20020122122220.1+00",
-            "20020122122220.01",
-            "20020122122220.01Z",
-            "20020122122220.01-1000",
-            "20020122122220.01+00",
-            "20020122122220.001",
-            "20020122122220.001Z",
-            "20020122122220.001-1000",
-            "20020122122220.001+00",
-            "20020122122220.0001",
-            "20020122122220.0001Z",
-            "20020122122220.0001-1000",
-            "20020122122220.0001+00",
-            "20020122122220.0001+1000"
-        };
-
-    String[] output = {
-            "20020122122220",
-            "20020122122220GMT+00:00",
-            "20020122122220GMT-10:00",
-            "20020122122220GMT+00:00",
-            "20020122122220.1",
-            "20020122122220.1GMT+00:00",
-            "20020122122220.1GMT-10:00",
-            "20020122122220.1GMT+00:00",
-            "20020122122220.01",
-            "20020122122220.01GMT+00:00",
-            "20020122122220.01GMT-10:00",
-            "20020122122220.01GMT+00:00",
-            "20020122122220.001",
-            "20020122122220.001GMT+00:00",
-            "20020122122220.001GMT-10:00",
-            "20020122122220.001GMT+00:00",
-            "20020122122220.0001",
-            "20020122122220.0001GMT+00:00",
-            "20020122122220.0001GMT-10:00",
-            "20020122122220.0001GMT+00:00",
-            "20020122122220.0001GMT+10:00" };
-
-    String[] zOutput = {
-            "20020122122220Z",
-            "20020122122220Z",
-            "20020122222220Z",
-            "20020122122220Z",
-            "20020122122220Z",
-            "20020122122220Z",
-            "20020122222220Z",
-            "20020122122220Z",
-            "20020122122220Z",
-            "20020122122220Z",
-            "20020122222220Z",
-            "20020122122220Z",
-            "20020122122220Z",
-            "20020122122220Z",
-            "20020122222220Z",
-            "20020122122220Z",
-            "20020122122220Z",
-            "20020122122220Z",
-            "20020122222220Z",
-            "20020122122220Z",
-            "20020122022220Z"
-    };
-
-    String[] mzOutput = {
-        "20020122122220.000Z",
-        "20020122122220.000Z",
-        "20020122222220.000Z",
-        "20020122122220.000Z",
-        "20020122122220.100Z",
-        "20020122122220.100Z",
-        "20020122222220.100Z",
-        "20020122122220.100Z",
-        "20020122122220.010Z",
-        "20020122122220.010Z",
-        "20020122222220.010Z",
-        "20020122122220.010Z",
-        "20020122122220.001Z",
-        "20020122122220.001Z",
-        "20020122222220.001Z",
-        "20020122122220.001Z",
-        "20020122122220.000Z",
-        "20020122122220.000Z",
-        "20020122222220.000Z",
-        "20020122122220.000Z",
-        "20020122022220.000Z"
-    };
-
-    String[] derMzOutput = {
-        "20020122122220Z",
-        "20020122122220Z",
-        "20020122222220Z",
-        "20020122122220Z",
-        "20020122122220.1Z",
-        "20020122122220.1Z",
-        "20020122222220.1Z",
-        "20020122122220.1Z",
-        "20020122122220.01Z",
-        "20020122122220.01Z",
-        "20020122222220.01Z",
-        "20020122122220.01Z",
-        "20020122122220.001Z",
-        "20020122122220.001Z",
-        "20020122222220.001Z",
-        "20020122122220.001Z",
-        "20020122122220Z",
-        "20020122122220Z",
-        "20020122222220Z",
-        "20020122122220Z",
-        "20020122022220Z"
-    };
-
-    String[] truncOutput = {
-         "200201221222Z",
-         "2002012212Z"
-     };
-
-     String[] derTruncOutput = {
-         "20020122122200Z",
-         "20020122120000Z"
-     };
-
-    public String getName()
-    {
-        return "GeneralizedTime";
-    }
-    
-    public void performTest()
-        throws Exception
-    {
-        SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'");
-
-        dateF.setTimeZone(new SimpleTimeZone(0,"Z"));
-
-        for (int i = 0; i != input.length; i++)
-        {
-            ASN1GeneralizedTime    t = new ASN1GeneralizedTime(input[i]);
-
-            if (output[i].indexOf('G') > 0)   // don't check local time the same way
-            {
-                if (!t.getTime().equals(output[i]))
-                {
-                    fail("failed conversion test");
-                }
-                if (!dateF.format(t.getDate()).equals(zOutput[i]))
-                {
-                    fail("failed date conversion test");
-                }
-            }
-            else
-            {
-                String offset = calculateGMTOffset(t.getDate());
-                if (!t.getTime().equals(output[i] + offset))
-                {
-                    fail("failed conversion test");
-                }
-            }
-        }
-
-        dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS'Z'");
-
-        dateF.setTimeZone(new SimpleTimeZone(0,"Z"));
-
-        for (int i = 0; i != input.length; i++)
-        {
-            ASN1GeneralizedTime    t = new ASN1GeneralizedTime(input[i]);
-
-            if (!dateF.format(t.getDate()).equals(mzOutput[i]))
-            {
-                fail("failed long date conversion test");
-            }
-        }
-
-        for (int i = 0; i != mzOutput.length; i++)
-        {
-            ASN1GeneralizedTime    t = new DERGeneralizedTime(mzOutput[i]);
-
-            if (!areEqual(t.getEncoded(), new ASN1GeneralizedTime(derMzOutput[i]).getEncoded()))
-            {
-                fail("der encoding wrong");
-            }
-        }
-
-        for (int i = 0; i != truncOutput.length; i++)
-        {
-            DERGeneralizedTime    t = new DERGeneralizedTime(truncOutput[i]);
-
-            if (!areEqual(t.getEncoded(), new ASN1GeneralizedTime(derTruncOutput[i]).getEncoded()))
-            {
-                fail("trunc der encoding wrong");
-            }
-        }
-    }
-
-    private String calculateGMTOffset(Date date)
-    {
-        String sign = "+";
-        TimeZone timeZone = TimeZone.getDefault();
-        int offset = timeZone.getRawOffset();
-        if (offset < 0)
-        {
-            sign = "-";
-            offset = -offset;
-        }
-        int hours = offset / (60 * 60 * 1000);
-        int minutes = (offset - (hours * 60 * 60 * 1000)) / (60 * 1000);
-
-        if (timeZone.useDaylightTime() && timeZone.inDaylightTime(date))
-        {
-            hours += sign.equals("+") ? 1 : -1;
-        }
-
-        return "GMT" + sign + convert(hours) + ":" + convert(minutes);
-    }
-
-    private String convert(int time)
-    {
-        if (time < 10)
-        {
-            return "0" + time;
-        }
-
-        return Integer.toString(time);
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new GeneralizedTimeTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/GenerationTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/GenerationTest.java
deleted file mode 100644
index bf34fc7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/GenerationTest.java
+++ /dev/null

@@ -1,424 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.math.BigInteger;
-import java.text.ParseException;
-import java.util.Date;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1OutputStream;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.oiw.ElGamalParameter;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.RSAPublicKey;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
-import org.bouncycastle.asn1.x509.CRLReason;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.Extensions;
-import org.bouncycastle.asn1.x509.ExtensionsGenerator;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.GeneralNames;
-import org.bouncycastle.asn1.x509.IssuingDistributionPoint;
-import org.bouncycastle.asn1.x509.KeyUsage;
-import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x509.TBSCertList;
-import org.bouncycastle.asn1.x509.TBSCertificate;
-import org.bouncycastle.asn1.x509.Time;
-import org.bouncycastle.asn1.x509.V1TBSCertificateGenerator;
-import org.bouncycastle.asn1.x509.V2TBSCertListGenerator;
-import org.bouncycastle.asn1.x509.V3TBSCertificateGenerator;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class GenerationTest
-    extends SimpleTest
-{
-    private byte[] v1Cert = Base64.decode(
-          "MIGtAgEBMA0GCSqGSIb3DQEBBAUAMCUxCzAJBgNVBAMMAkFVMRYwFAYDVQQKDA1Cb"
-        + "3VuY3kgQ2FzdGxlMB4XDTcwMDEwMTAwMDAwMVoXDTcwMDEwMTAwMDAxMlowNjELMA"
-        + "kGA1UEAwwCQVUxFjAUBgNVBAoMDUJvdW5jeSBDYXN0bGUxDzANBgNVBAsMBlRlc3Q"
-        + "gMTAaMA0GCSqGSIb3DQEBAQUAAwkAMAYCAQECAQI=");
-
-    private byte[] v3Cert = Base64.decode(
-          "MIIBSKADAgECAgECMA0GCSqGSIb3DQEBBAUAMCUxCzAJBgNVBAMMAkFVMRYwFAYD"
-        + "VQQKDA1Cb3VuY3kgQ2FzdGxlMB4XDTcwMDEwMTAwMDAwMVoXDTcwMDEwMTAwMDAw"
-        + "MlowNjELMAkGA1UEAwwCQVUxFjAUBgNVBAoMDUJvdW5jeSBDYXN0bGUxDzANBgNV"
-        + "BAsMBlRlc3QgMjAYMBAGBisOBwIBATAGAgEBAgECAwQAAgEDo4GVMIGSMGEGA1Ud"
-        + "IwEB/wRXMFWAFDZPdpHPzKi7o8EJokkQU2uqCHRRoTqkODA2MQswCQYDVQQDDAJB"
-        + "VTEWMBQGA1UECgwNQm91bmN5IENhc3RsZTEPMA0GA1UECwwGVGVzdCAyggECMCAG"
-        + "A1UdDgEB/wQWBBQ2T3aRz8you6PBCaJJEFNrqgh0UTALBgNVHQ8EBAMCBBA=");
-
-    private byte[] v3CertNullSubject = Base64.decode(
-          "MIHGoAMCAQICAQIwDQYJKoZIhvcNAQEEBQAwJTELMAkGA1UEAwwCQVUxFjAUBgNVB"
-        + "AoMDUJvdW5jeSBDYXN0bGUwHhcNNzAwMTAxMDAwMDAxWhcNNzAwMTAxMDAwMDAyWj"
-        + "AAMBgwEAYGKw4HAgEBMAYCAQECAQIDBAACAQOjSjBIMEYGA1UdEQEB/wQ8MDqkODA"
-        + "2MQswCQYDVQQDDAJBVTEWMBQGA1UECgwNQm91bmN5IENhc3RsZTEPMA0GA1UECwwG"
-        + "VGVzdCAy");
-
-    private byte[] v2CertList = Base64.decode(
-          "MIIBQwIBATANBgkqhkiG9w0BAQUFADAlMQswCQYDVQQDDAJBVTEWMBQGA1UECgwN" +
-          "Qm91bmN5IENhc3RsZRcNNzAwMTAxMDAwMDAwWhcNNzAwMTAxMDAwMDAyWjAiMCAC" +
-          "AQEXDTcwMDEwMTAwMDAwMVowDDAKBgNVHRUEAwoBCqCBxTCBwjBhBgNVHSMBAf8E" +
-          "VzBVgBQ2T3aRz8you6PBCaJJEFNrqgh0UaE6pDgwNjELMAkGA1UEAwwCQVUxFjAU" +
-          "BgNVBAoMDUJvdW5jeSBDYXN0bGUxDzANBgNVBAsMBlRlc3QgMoIBAjBDBgNVHRIE" +
-          "PDA6pDgwNjELMAkGA1UEAwwCQVUxFjAUBgNVBAoMDUJvdW5jeSBDYXN0bGUxDzAN" +
-          "BgNVBAsMBlRlc3QgMzAKBgNVHRQEAwIBATAMBgNVHRwBAf8EAjAA");
-    
-    private void tbsV1CertGen()
-        throws IOException
-    {
-        V1TBSCertificateGenerator   gen = new V1TBSCertificateGenerator();
-        Date                        startDate = new Date(1000);
-        Date                        endDate = new Date(12000);
-
-        gen.setSerialNumber(new ASN1Integer(1));
-
-        gen.setStartDate(new Time(startDate));
-        gen.setEndDate(new Time(endDate));
-
-        gen.setIssuer(new X500Name("CN=AU,O=Bouncy Castle"));
-        gen.setSubject(new X500Name("CN=AU,O=Bouncy Castle,OU=Test 1"));
-
-        gen.setSignature(new AlgorithmIdentifier(PKCSObjectIdentifiers.md5WithRSAEncryption, DERNull.INSTANCE));
-
-        SubjectPublicKeyInfo    info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE),
-                                                     new RSAPublicKey(BigInteger.valueOf(1), BigInteger.valueOf(2)));
-
-        gen.setSubjectPublicKeyInfo(info);
-
-        TBSCertificate              tbs = gen.generateTBSCertificate();
-        ByteArrayOutputStream       bOut = new ByteArrayOutputStream();
-        ASN1OutputStream            aOut = new ASN1OutputStream(bOut);
-
-        aOut.writeObject(tbs);
-
-        if (!Arrays.areEqual(bOut.toByteArray(), v1Cert))
-        {
-            fail("failed v1 cert generation");
-        }
-
-        //
-        // read back test
-        //
-        ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(v1Cert));
-        ASN1Primitive       o = aIn.readObject();
-
-        bOut = new ByteArrayOutputStream();
-        aOut = new ASN1OutputStream(bOut);
-
-        aOut.writeObject(o);
-
-        if (!Arrays.areEqual(bOut.toByteArray(), v1Cert))
-        {
-            fail("failed v1 cert read back test");
-        }
-    }
-    
-    private AuthorityKeyIdentifier createAuthorityKeyId(
-        SubjectPublicKeyInfo    info,
-        X500Name                name,
-        int                     sNumber)
-    {
-        GeneralName             genName = new GeneralName(name);
-        ASN1EncodableVector     v = new ASN1EncodableVector();
-
-        v.add(genName);
-
-        return new AuthorityKeyIdentifier(
-            info, GeneralNames.getInstance(new DERSequence(v)), BigInteger.valueOf(sNumber));
-    }
-    
-    private void tbsV3CertGen()
-        throws IOException
-    {
-        V3TBSCertificateGenerator   gen = new V3TBSCertificateGenerator();
-        Date                        startDate = new Date(1000);
-        Date                        endDate = new Date(2000);
-
-        gen.setSerialNumber(new ASN1Integer(2));
-
-        gen.setStartDate(new Time(startDate));
-        gen.setEndDate(new Time(endDate));
-
-        gen.setIssuer(new X500Name("CN=AU,O=Bouncy Castle"));
-        gen.setSubject(new X500Name("CN=AU,O=Bouncy Castle,OU=Test 2"));
-
-        gen.setSignature(new AlgorithmIdentifier(PKCSObjectIdentifiers.md5WithRSAEncryption, DERNull.INSTANCE));
-
-        SubjectPublicKeyInfo    info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(OIWObjectIdentifiers.elGamalAlgorithm, new ElGamalParameter(BigInteger.valueOf(1), BigInteger.valueOf(2))), new ASN1Integer(3));
-
-        gen.setSubjectPublicKeyInfo(info);
-
-        //
-        // add extensions
-        //
-        Extensions ex = new Extensions(new Extension[] {
-            new Extension(Extension.authorityKeyIdentifier, true, new DEROctetString(createAuthorityKeyId(info, new X500Name("CN=AU,O=Bouncy Castle,OU=Test 2"), 2))),
-            new Extension(Extension.subjectKeyIdentifier, true, new DEROctetString(new SubjectKeyIdentifier(getDigest(info)))),
-            new Extension(Extension.keyUsage, false, new DEROctetString(new KeyUsage(KeyUsage.dataEncipherment)))
-        });
-
-        gen.setExtensions(ex);
-
-        TBSCertificate              tbs = gen.generateTBSCertificate();
-        ByteArrayOutputStream       bOut = new ByteArrayOutputStream();
-        ASN1OutputStream            aOut = new ASN1OutputStream(bOut);
-
-        aOut.writeObject(tbs);
-
-        if (!Arrays.areEqual(bOut.toByteArray(), v3Cert))
-        {
-            fail("failed v3 cert generation");
-        }
-
-        //
-        // read back test
-        //
-        ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(v3Cert));
-        ASN1Primitive       o = aIn.readObject();
-
-        bOut = new ByteArrayOutputStream();
-        aOut = new ASN1OutputStream(bOut);
-
-        aOut.writeObject(o);
-
-        if (!Arrays.areEqual(bOut.toByteArray(), v3Cert))
-        {
-            fail("failed v3 cert read back test");
-        }
-    }
-
-    private void tbsV3CertGenWithNullSubject()
-        throws IOException
-    {
-        V3TBSCertificateGenerator   gen = new V3TBSCertificateGenerator();
-        Date                        startDate = new Date(1000);
-        Date                        endDate = new Date(2000);
-
-        gen.setSerialNumber(new ASN1Integer(2));
-
-        gen.setStartDate(new Time(startDate));
-        gen.setEndDate(new Time(endDate));
-
-        gen.setIssuer(new X500Name("CN=AU,O=Bouncy Castle"));
-
-        gen.setSignature(new AlgorithmIdentifier(PKCSObjectIdentifiers.md5WithRSAEncryption, DERNull.INSTANCE));
-
-        SubjectPublicKeyInfo    info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(OIWObjectIdentifiers.elGamalAlgorithm, new ElGamalParameter(BigInteger.valueOf(1), BigInteger.valueOf(2))), new ASN1Integer(3));
-
-        gen.setSubjectPublicKeyInfo(info);
-
-        try
-        {
-            gen.generateTBSCertificate();
-            fail("null subject not caught!");
-        }
-        catch (IllegalStateException e)
-        {
-            if (!e.getMessage().equals("not all mandatory fields set in V3 TBScertificate generator"))
-            {
-                fail("unexpected exception", e);
-            }
-        }
-
-        //
-        // add extensions
-        //
-
-        Extensions ex = new Extensions(new Extension(Extension.subjectAlternativeName, true,
-            new DEROctetString(new GeneralNames(new GeneralName(new X500Name("CN=AU,O=Bouncy Castle,OU=Test 2"))))));
-
-        gen.setExtensions(ex);
-
-        TBSCertificate              tbs = gen.generateTBSCertificate();
-        ByteArrayOutputStream       bOut = new ByteArrayOutputStream();
-        ASN1OutputStream            aOut = new ASN1OutputStream(bOut);
-
-        aOut.writeObject(tbs);
-
-        if (!Arrays.areEqual(bOut.toByteArray(), v3CertNullSubject))
-        {
-            fail("failed v3 null sub cert generation");
-        }
-
-        //
-        // read back test
-        //
-        ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(v3CertNullSubject));
-        ASN1Primitive       o = aIn.readObject();
-
-        bOut = new ByteArrayOutputStream();
-        aOut = new ASN1OutputStream(bOut);
-
-        aOut.writeObject(o);
-
-        if (!Arrays.areEqual(bOut.toByteArray(), v3CertNullSubject))
-        {
-            fail("failed v3 null sub cert read back test");
-        }
-    }
-
-    private void tbsV2CertListGen()
-        throws IOException
-    {
-        V2TBSCertListGenerator  gen = new V2TBSCertListGenerator();
-
-        gen.setIssuer(new X500Name("CN=AU,O=Bouncy Castle"));
-
-        gen.addCRLEntry(new ASN1Integer(1), new Time(new Date(1000)), CRLReason.aACompromise);
-
-        gen.setNextUpdate(new Time(new Date(2000)));
-
-        gen.setThisUpdate(new Time(new Date(500)));
-
-        gen.setSignature(new AlgorithmIdentifier(PKCSObjectIdentifiers.sha1WithRSAEncryption, DERNull.INSTANCE));
-
-        //
-        // extensions
-        //
-        SubjectPublicKeyInfo    info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(OIWObjectIdentifiers.elGamalAlgorithm, new ElGamalParameter(BigInteger.valueOf(1), BigInteger.valueOf(2))), new ASN1Integer(3));
-
-        ExtensionsGenerator     extGen = new ExtensionsGenerator();
-
-        extGen.addExtension(Extension.authorityKeyIdentifier, true, createAuthorityKeyId(info, new X500Name("CN=AU,O=Bouncy Castle,OU=Test 2"), 2));
-        extGen.addExtension(Extension.issuerAlternativeName, false, new GeneralNames(new GeneralName(new X500Name("CN=AU,O=Bouncy Castle,OU=Test 3"))));
-        extGen.addExtension(Extension.cRLNumber, false, new ASN1Integer(1));
-        extGen.addExtension(Extension.issuingDistributionPoint, true, IssuingDistributionPoint.getInstance(new DERSequence()));
-
-        Extensions          ex = extGen.generate();
-
-        gen.setExtensions(ex);
-
-        TBSCertList                 tbs = gen.generateTBSCertList();
-        ByteArrayOutputStream       bOut = new ByteArrayOutputStream();
-        ASN1OutputStream            aOut = new ASN1OutputStream(bOut);
-
-        aOut.writeObject(tbs);
-
-        if (!Arrays.areEqual(bOut.toByteArray(), v2CertList))
-        {
-            System.out.println(new String(Base64.encode(bOut.toByteArray())));
-            fail("failed v2 cert list generation");
-        }
-
-        //
-        // read back test
-        //
-        ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(v2CertList));
-        ASN1Primitive o = aIn.readObject();
-
-        bOut = new ByteArrayOutputStream();
-        aOut = new ASN1OutputStream(bOut);
-
-        aOut.writeObject(o);
-
-        if (!Arrays.areEqual(bOut.toByteArray(), v2CertList))
-        {
-            fail("failed v2 cert list read back test");
-        }
-
-        //
-        // check we can add a custom reason
-        //
-        gen.addCRLEntry(new ASN1Integer(1), new Time(new Date(1000)), CRLReason.aACompromise);
-
-        //
-        // check invalidity date
-        gen.addCRLEntry(new ASN1Integer(2), new Time(new Date(1000)), CRLReason.affiliationChanged, new ASN1GeneralizedTime(new Date(2000)));
-
-        TBSCertList crl = gen.generateTBSCertList();
-
-        TBSCertList.CRLEntry[] entries = crl.getRevokedCertificates();
-        for (int i = 0; i != entries.length; i++)
-        {
-            TBSCertList.CRLEntry entry = entries[i];
-
-            if (entry.getUserCertificate().equals(new ASN1Integer(1)))
-            {
-                Extensions extensions = entry.getExtensions();
-                Extension ext = extensions.getExtension(Extension.reasonCode);
-
-                CRLReason r = CRLReason.getInstance(ext.getParsedValue());
-
-                if (r.getValue().intValue() != CRLReason.aACompromise)
-                {
-                    fail("reason code mismatch");
-                }
-            }
-            else if (entry.getUserCertificate().equals(new ASN1Integer(2)))
-            {
-                Extensions extensions = entry.getExtensions();
-                Extension ext = extensions.getExtension(Extension.reasonCode);
-
-                CRLReason r = CRLReason.getInstance(ext.getParsedValue());
-
-                if (r.getValue().intValue() != CRLReason.affiliationChanged)
-                {
-                    fail("reason code mismatch");
-                }
-
-                ext = extensions.getExtension(Extension.invalidityDate);
-
-                ASN1GeneralizedTime t = ASN1GeneralizedTime.getInstance(ext.getParsedValue());
-
-                try
-                {
-                    if (!t.getDate().equals(new Date(2000)))
-                    {
-                        fail("invalidity date mismatch");
-                    }
-                }
-                catch (ParseException e)
-                {
-                    fail("can't parse date", e);
-                }
-            }
-        }
-    }
-    
-    public void performTest()
-        throws Exception
-    {
-        tbsV1CertGen();
-        tbsV3CertGen();
-        tbsV3CertGenWithNullSubject();
-        tbsV2CertListGen();
-    }
-
-    public String getName()
-    {
-        return "Generation";
-    }
-
-    private static byte[] getDigest(SubjectPublicKeyInfo spki)
-    {
-        Digest digest = new SHA1Digest();
-        byte[]  resBuf = new byte[digest.getDigestSize()];
-
-        byte[] bytes = spki.getPublicKeyData().getBytes();
-        digest.update(bytes, 0, bytes.length);
-        digest.doFinal(resBuf, 0);
-        return resBuf;
-    }
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new GenerationTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/GetCRLTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/GetCRLTest.java
deleted file mode 100644
index eed531e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/GetCRLTest.java
+++ /dev/null

@@ -1,122 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.util.Date;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cmc.GetCRL;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x500.X500NameBuilder;
-import org.bouncycastle.asn1.x500.style.BCStyle;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.ReasonFlags;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class GetCRLTest
-    extends SimpleTest
-{
-
-    public static void main(String[] args)
-    {
-        runTest(new GetCRLTest());
-    }
-
-    public String getName()
-    {
-        return "GetCRLTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-
-        {
-            X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE);
-            builder.addRDN(BCStyle.C, "AU");
-            X500Name name = new X500Name(builder.build().toString());
-
-            GetCRL crl = new GetCRL(
-                name,
-                new GeneralName(GeneralName.rfc822Name, "/"),
-                new ASN1GeneralizedTime(new Date()),
-                new ReasonFlags(ReasonFlags.affiliationChanged)
-            );
-
-            byte[] b = crl.getEncoded();
-
-            GetCRL crlResp = GetCRL.getInstance(b);
-
-            isEquals("IssuerName", crl.getIssuerName(), crlResp.getIssuerName());
-            isEquals("cRLName", crl.getcRLName(), crlResp.getcRLName());
-            isEquals("time", crl.getTime(), crlResp.getTime());
-            isEquals("reasons", crl.getReasons(), crlResp.getReasons());
-
-            try
-            {
-                GetCRL.getInstance(new DERSequence(new ASN1Encodable[0]));
-                fail("Must not accept sequence less than 1");
-            }
-            catch (Throwable t)
-            {
-                isEquals("", t.getClass(), IllegalArgumentException.class);
-            }
-
-            try
-            {
-                GetCRL.getInstance(new DERSequence(new ASN1Encodable[5]));
-                fail("Must not accept sequence larger than 5");
-            }
-            catch (Throwable t)
-            {
-                isEquals("", t.getClass(), IllegalArgumentException.class);
-            }
-        }
-
-        { // Permutate on options test all possible combinations.
-
-            X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE);
-            builder.addRDN(BCStyle.C, "AU");
-            X500Name name = new X500Name(builder.build().toString());
-            GeneralName generalName = null;
-            ASN1GeneralizedTime generalizedTime = null;
-            ReasonFlags flags = null;
-
-            for (int t = 0; t < 8; t++)
-            {
-                if ((t & 1) == 1)
-                {
-                    generalName = new GeneralName(GeneralName.rfc822Name, "/");
-                }
-                if ((t & 2) == 2)
-                {
-                    generalizedTime = new ASN1GeneralizedTime(new Date());
-                }
-
-                if ((t & 4) == 4)
-                {
-                    flags = new ReasonFlags(ReasonFlags.affiliationChanged);
-                }
-
-
-                GetCRL crl = new GetCRL(
-                    name,
-                    generalName,
-                    generalizedTime,
-                    flags
-                );
-
-                byte[] b = crl.getEncoded();
-
-                GetCRL crlResp = GetCRL.getInstance(b);
-
-                isEquals("IssuerName", crl.getIssuerName(), crlResp.getIssuerName());
-                isEquals("cRLName", crl.getcRLName(), crlResp.getcRLName());
-                isEquals("time", crl.getTime(), crlResp.getTime());
-                isEquals("reasons", crl.getReasons(), crlResp.getReasons());
-
-            }
-        }
-
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/GetCertTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/GetCertTest.java
deleted file mode 100644
index 1dd5e7e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/GetCertTest.java
+++ /dev/null

@@ -1,41 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cmc.GetCert;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-public class GetCertTest extends SimpleTest
-{
-    public static void main(String[] args) {
-        runTest(new GetCertTest());
-    }
-
-    public String getName()
-    {
-        return "GetCertTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        GetCert gs = new GetCert(new GeneralName(GeneralName.dNSName,"fish"),new BigInteger("109"));
-        byte[] b = gs.getEncoded();
-        GetCert gsResp = GetCert.getInstance(b);
-
-        isEquals("Issuer Name",gs.getIssuerName(), gsResp.getIssuerName());
-        isEquals("Serial Number",gs.getSerialNumber(), gsResp.getSerialNumber());
-
-        try {
-            GetCert.getInstance(new DERSequence(new ASN1Integer(1L)));
-            fail("Sequence must be length of 2");
-        } catch (Throwable t) {
-            isEquals("Wrong exception",t.getClass(), IllegalArgumentException.class);
-        }
-
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/GetInstanceTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/GetInstanceTest.java
deleted file mode 100644
index e52879f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/GetInstanceTest.java
+++ /dev/null

@@ -1,886 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.lang.reflect.Method;
-import java.math.BigInteger;
-import java.util.Date;
-import java.util.Vector;
-
-import junit.framework.TestCase;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Enumerated;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.ASN1UTCTime;
-import org.bouncycastle.asn1.DERBMPString;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERGeneralString;
-import org.bouncycastle.asn1.DERIA5String;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DERNumericString;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERPrintableString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.DERT61String;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.asn1.DERUniversalString;
-import org.bouncycastle.asn1.DERVisibleString;
-import org.bouncycastle.asn1.cmp.CAKeyUpdAnnContent;
-import org.bouncycastle.asn1.cmp.CMPCertificate;
-import org.bouncycastle.asn1.cmp.CRLAnnContent;
-import org.bouncycastle.asn1.cmp.CertConfirmContent;
-import org.bouncycastle.asn1.cmp.CertOrEncCert;
-import org.bouncycastle.asn1.cmp.CertRepMessage;
-import org.bouncycastle.asn1.cmp.CertResponse;
-import org.bouncycastle.asn1.cmp.CertifiedKeyPair;
-import org.bouncycastle.asn1.cmp.Challenge;
-import org.bouncycastle.asn1.cmp.ErrorMsgContent;
-import org.bouncycastle.asn1.cmp.GenMsgContent;
-import org.bouncycastle.asn1.cmp.GenRepContent;
-import org.bouncycastle.asn1.cmp.InfoTypeAndValue;
-import org.bouncycastle.asn1.cmp.KeyRecRepContent;
-import org.bouncycastle.asn1.cmp.OOBCertHash;
-import org.bouncycastle.asn1.cmp.PBMParameter;
-import org.bouncycastle.asn1.cmp.PKIBody;
-import org.bouncycastle.asn1.cmp.PKIConfirmContent;
-import org.bouncycastle.asn1.cmp.PKIFailureInfo;
-import org.bouncycastle.asn1.cmp.PKIFreeText;
-import org.bouncycastle.asn1.cmp.PKIHeader;
-import org.bouncycastle.asn1.cmp.PKIMessage;
-import org.bouncycastle.asn1.cmp.PKIMessages;
-import org.bouncycastle.asn1.cmp.PKIStatus;
-import org.bouncycastle.asn1.cmp.PKIStatusInfo;
-import org.bouncycastle.asn1.cmp.POPODecKeyChallContent;
-import org.bouncycastle.asn1.cmp.POPODecKeyRespContent;
-import org.bouncycastle.asn1.cmp.PollRepContent;
-import org.bouncycastle.asn1.cmp.PollReqContent;
-import org.bouncycastle.asn1.cmp.ProtectedPart;
-import org.bouncycastle.asn1.cmp.RevAnnContent;
-import org.bouncycastle.asn1.cmp.RevDetails;
-import org.bouncycastle.asn1.cmp.RevRepContent;
-import org.bouncycastle.asn1.cmp.RevReqContent;
-import org.bouncycastle.asn1.cms.Attribute;
-import org.bouncycastle.asn1.cms.Attributes;
-import org.bouncycastle.asn1.cms.AuthEnvelopedData;
-import org.bouncycastle.asn1.cms.AuthenticatedData;
-import org.bouncycastle.asn1.cms.CompressedData;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.cms.EncryptedContentInfo;
-import org.bouncycastle.asn1.cms.EncryptedData;
-import org.bouncycastle.asn1.cms.EnvelopedData;
-import org.bouncycastle.asn1.cms.Evidence;
-import org.bouncycastle.asn1.cms.IssuerAndSerialNumber;
-import org.bouncycastle.asn1.cms.KEKIdentifier;
-import org.bouncycastle.asn1.cms.KEKRecipientInfo;
-import org.bouncycastle.asn1.cms.KeyAgreeRecipientIdentifier;
-import org.bouncycastle.asn1.cms.KeyAgreeRecipientInfo;
-import org.bouncycastle.asn1.cms.KeyTransRecipientInfo;
-import org.bouncycastle.asn1.cms.MetaData;
-import org.bouncycastle.asn1.cms.OriginatorIdentifierOrKey;
-import org.bouncycastle.asn1.cms.OriginatorInfo;
-import org.bouncycastle.asn1.cms.OriginatorPublicKey;
-import org.bouncycastle.asn1.cms.OtherKeyAttribute;
-import org.bouncycastle.asn1.cms.OtherRecipientInfo;
-import org.bouncycastle.asn1.cms.PasswordRecipientInfo;
-import org.bouncycastle.asn1.cms.RecipientEncryptedKey;
-import org.bouncycastle.asn1.cms.RecipientIdentifier;
-import org.bouncycastle.asn1.cms.RecipientInfo;
-import org.bouncycastle.asn1.cms.RecipientKeyIdentifier;
-import org.bouncycastle.asn1.cms.SignerIdentifier;
-import org.bouncycastle.asn1.cms.SignerInfo;
-import org.bouncycastle.asn1.cms.TimeStampAndCRL;
-import org.bouncycastle.asn1.cms.TimeStampTokenEvidence;
-import org.bouncycastle.asn1.cms.TimeStampedData;
-import org.bouncycastle.asn1.cms.ecc.MQVuserKeyingMaterial;
-import org.bouncycastle.asn1.crmf.AttributeTypeAndValue;
-import org.bouncycastle.asn1.crmf.CertId;
-import org.bouncycastle.asn1.crmf.CertReqMessages;
-import org.bouncycastle.asn1.crmf.CertReqMsg;
-import org.bouncycastle.asn1.crmf.CertRequest;
-import org.bouncycastle.asn1.crmf.CertTemplate;
-import org.bouncycastle.asn1.crmf.Controls;
-import org.bouncycastle.asn1.crmf.EncKeyWithID;
-import org.bouncycastle.asn1.crmf.EncryptedKey;
-import org.bouncycastle.asn1.crmf.EncryptedValue;
-import org.bouncycastle.asn1.crmf.OptionalValidity;
-import org.bouncycastle.asn1.crmf.PKIArchiveOptions;
-import org.bouncycastle.asn1.crmf.PKIPublicationInfo;
-import org.bouncycastle.asn1.crmf.PKMACValue;
-import org.bouncycastle.asn1.crmf.POPOPrivKey;
-import org.bouncycastle.asn1.crmf.POPOSigningKey;
-import org.bouncycastle.asn1.crmf.POPOSigningKeyInput;
-import org.bouncycastle.asn1.crmf.ProofOfPossession;
-import org.bouncycastle.asn1.crmf.SinglePubInfo;
-import org.bouncycastle.asn1.cryptopro.ECGOST3410ParamSetParameters;
-import org.bouncycastle.asn1.cryptopro.GOST28147Parameters;
-import org.bouncycastle.asn1.cryptopro.GOST3410ParamSetParameters;
-import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
-import org.bouncycastle.asn1.eac.CVCertificate;
-import org.bouncycastle.asn1.eac.CVCertificateRequest;
-import org.bouncycastle.asn1.eac.CertificateBody;
-import org.bouncycastle.asn1.eac.PublicKeyDataObject;
-import org.bouncycastle.asn1.eac.RSAPublicKey;
-import org.bouncycastle.asn1.eac.UnsignedInteger;
-import org.bouncycastle.asn1.esf.CommitmentTypeIndication;
-import org.bouncycastle.asn1.esf.CommitmentTypeQualifier;
-import org.bouncycastle.asn1.esf.CompleteRevocationRefs;
-import org.bouncycastle.asn1.esf.CrlIdentifier;
-import org.bouncycastle.asn1.esf.CrlListID;
-import org.bouncycastle.asn1.esf.CrlOcspRef;
-import org.bouncycastle.asn1.esf.CrlValidatedID;
-import org.bouncycastle.asn1.esf.OcspIdentifier;
-import org.bouncycastle.asn1.esf.OcspListID;
-import org.bouncycastle.asn1.esf.OcspResponsesID;
-import org.bouncycastle.asn1.esf.OtherHash;
-import org.bouncycastle.asn1.esf.OtherHashAlgAndValue;
-import org.bouncycastle.asn1.esf.OtherRevRefs;
-import org.bouncycastle.asn1.esf.OtherRevVals;
-import org.bouncycastle.asn1.esf.RevocationValues;
-import org.bouncycastle.asn1.esf.SPUserNotice;
-import org.bouncycastle.asn1.esf.SPuri;
-import org.bouncycastle.asn1.esf.SigPolicyQualifierInfo;
-import org.bouncycastle.asn1.esf.SigPolicyQualifiers;
-import org.bouncycastle.asn1.esf.SignaturePolicyId;
-import org.bouncycastle.asn1.esf.SignaturePolicyIdentifier;
-import org.bouncycastle.asn1.esf.SignerAttribute;
-import org.bouncycastle.asn1.esf.SignerLocation;
-import org.bouncycastle.asn1.ess.ContentHints;
-import org.bouncycastle.asn1.ess.ContentIdentifier;
-import org.bouncycastle.asn1.ess.ESSCertID;
-import org.bouncycastle.asn1.ess.ESSCertIDv2;
-import org.bouncycastle.asn1.ess.OtherCertID;
-import org.bouncycastle.asn1.ess.OtherSigningCertificate;
-import org.bouncycastle.asn1.ess.SigningCertificate;
-import org.bouncycastle.asn1.ess.SigningCertificateV2;
-import org.bouncycastle.asn1.icao.CscaMasterList;
-import org.bouncycastle.asn1.icao.DataGroupHash;
-import org.bouncycastle.asn1.icao.LDSSecurityObject;
-import org.bouncycastle.asn1.icao.LDSVersionInfo;
-import org.bouncycastle.asn1.isismtt.ocsp.CertHash;
-import org.bouncycastle.asn1.isismtt.ocsp.RequestedCertificate;
-import org.bouncycastle.asn1.isismtt.x509.AdditionalInformationSyntax;
-import org.bouncycastle.asn1.isismtt.x509.AdmissionSyntax;
-import org.bouncycastle.asn1.isismtt.x509.Admissions;
-import org.bouncycastle.asn1.isismtt.x509.DeclarationOfMajority;
-import org.bouncycastle.asn1.isismtt.x509.MonetaryLimit;
-import org.bouncycastle.asn1.isismtt.x509.NamingAuthority;
-import org.bouncycastle.asn1.isismtt.x509.ProcurationSyntax;
-import org.bouncycastle.asn1.isismtt.x509.ProfessionInfo;
-import org.bouncycastle.asn1.isismtt.x509.Restriction;
-import org.bouncycastle.asn1.misc.CAST5CBCParameters;
-import org.bouncycastle.asn1.misc.IDEACBCPar;
-import org.bouncycastle.asn1.mozilla.PublicKeyAndChallenge;
-import org.bouncycastle.asn1.ocsp.BasicOCSPResponse;
-import org.bouncycastle.asn1.ocsp.CertID;
-import org.bouncycastle.asn1.ocsp.CertStatus;
-import org.bouncycastle.asn1.ocsp.CrlID;
-import org.bouncycastle.asn1.ocsp.OCSPRequest;
-import org.bouncycastle.asn1.ocsp.OCSPResponse;
-import org.bouncycastle.asn1.ocsp.OCSPResponseStatus;
-import org.bouncycastle.asn1.ocsp.Request;
-import org.bouncycastle.asn1.ocsp.ResponderID;
-import org.bouncycastle.asn1.ocsp.ResponseBytes;
-import org.bouncycastle.asn1.ocsp.ResponseData;
-import org.bouncycastle.asn1.ocsp.RevokedInfo;
-import org.bouncycastle.asn1.ocsp.Signature;
-import org.bouncycastle.asn1.ocsp.SingleResponse;
-import org.bouncycastle.asn1.ocsp.TBSRequest;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.AuthenticatedSafe;
-import org.bouncycastle.asn1.pkcs.CertificationRequest;
-import org.bouncycastle.asn1.pkcs.CertificationRequestInfo;
-import org.bouncycastle.asn1.pkcs.DHParameter;
-import org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo;
-import org.bouncycastle.asn1.pkcs.MacData;
-import org.bouncycastle.asn1.pkcs.PBEParameter;
-import org.bouncycastle.asn1.pkcs.PBES2Parameters;
-import org.bouncycastle.asn1.pkcs.PBKDF2Params;
-import org.bouncycastle.asn1.pkcs.PKCS12PBEParams;
-import org.bouncycastle.asn1.pkcs.Pfx;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.pkcs.RC2CBCParameter;
-import org.bouncycastle.asn1.pkcs.RSAESOAEPparams;
-import org.bouncycastle.asn1.pkcs.RSAPrivateKey;
-import org.bouncycastle.asn1.pkcs.RSASSAPSSparams;
-import org.bouncycastle.asn1.pkcs.SafeBag;
-import org.bouncycastle.asn1.pkcs.SignedData;
-import org.bouncycastle.asn1.sec.ECPrivateKey;
-import org.bouncycastle.asn1.smime.SMIMECapabilities;
-import org.bouncycastle.asn1.smime.SMIMECapability;
-import org.bouncycastle.asn1.tsp.Accuracy;
-import org.bouncycastle.asn1.tsp.MessageImprint;
-import org.bouncycastle.asn1.tsp.TSTInfo;
-import org.bouncycastle.asn1.tsp.TimeStampReq;
-import org.bouncycastle.asn1.tsp.TimeStampResp;
-import org.bouncycastle.asn1.x500.DirectoryString;
-import org.bouncycastle.asn1.x500.RDN;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.AccessDescription;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.AttCertIssuer;
-import org.bouncycastle.asn1.x509.AttCertValidityPeriod;
-import org.bouncycastle.asn1.x509.AttributeCertificate;
-import org.bouncycastle.asn1.x509.AttributeCertificateInfo;
-import org.bouncycastle.asn1.x509.AuthorityInformationAccess;
-import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
-import org.bouncycastle.asn1.x509.BasicConstraints;
-import org.bouncycastle.asn1.x509.CRLDistPoint;
-import org.bouncycastle.asn1.x509.CRLNumber;
-import org.bouncycastle.asn1.x509.CRLReason;
-import org.bouncycastle.asn1.x509.Certificate;
-import org.bouncycastle.asn1.x509.CertificateList;
-import org.bouncycastle.asn1.x509.CertificatePair;
-import org.bouncycastle.asn1.x509.CertificatePolicies;
-import org.bouncycastle.asn1.x509.DSAParameter;
-import org.bouncycastle.asn1.x509.DigestInfo;
-import org.bouncycastle.asn1.x509.DisplayText;
-import org.bouncycastle.asn1.x509.DistributionPoint;
-import org.bouncycastle.asn1.x509.DistributionPointName;
-import org.bouncycastle.asn1.x509.ExtendedKeyUsage;
-import org.bouncycastle.asn1.x509.Extensions;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.GeneralNames;
-import org.bouncycastle.asn1.x509.GeneralSubtree;
-import org.bouncycastle.asn1.x509.Holder;
-import org.bouncycastle.asn1.x509.IetfAttrSyntax;
-import org.bouncycastle.asn1.x509.IssuerSerial;
-import org.bouncycastle.asn1.x509.IssuingDistributionPoint;
-import org.bouncycastle.asn1.x509.NameConstraints;
-import org.bouncycastle.asn1.x509.NoticeReference;
-import org.bouncycastle.asn1.x509.ObjectDigestInfo;
-import org.bouncycastle.asn1.x509.PolicyInformation;
-import org.bouncycastle.asn1.x509.PolicyMappings;
-import org.bouncycastle.asn1.x509.PolicyQualifierInfo;
-import org.bouncycastle.asn1.x509.PrivateKeyUsagePeriod;
-import org.bouncycastle.asn1.x509.RoleSyntax;
-import org.bouncycastle.asn1.x509.SubjectDirectoryAttributes;
-import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x509.TBSCertList;
-import org.bouncycastle.asn1.x509.TBSCertificate;
-import org.bouncycastle.asn1.x509.TBSCertificateStructure;
-import org.bouncycastle.asn1.x509.Target;
-import org.bouncycastle.asn1.x509.TargetInformation;
-import org.bouncycastle.asn1.x509.Targets;
-import org.bouncycastle.asn1.x509.Time;
-import org.bouncycastle.asn1.x509.UserNotice;
-import org.bouncycastle.asn1.x509.V2Form;
-import org.bouncycastle.asn1.x509.X509CertificateStructure;
-import org.bouncycastle.asn1.x509.X509Extensions;
-import org.bouncycastle.asn1.x509.qualified.BiometricData;
-import org.bouncycastle.asn1.x509.qualified.Iso4217CurrencyCode;
-import org.bouncycastle.asn1.x509.qualified.MonetaryValue;
-import org.bouncycastle.asn1.x509.qualified.QCStatement;
-import org.bouncycastle.asn1.x509.qualified.SemanticsInformation;
-import org.bouncycastle.asn1.x509.qualified.TypeOfBiometricData;
-import org.bouncycastle.asn1.x509.sigi.NameOrPseudonym;
-import org.bouncycastle.asn1.x509.sigi.PersonalData;
-import org.bouncycastle.asn1.x9.DHDomainParameters;
-import org.bouncycastle.asn1.x9.DHPublicKey;
-import org.bouncycastle.asn1.x9.DHValidationParms;
-import org.bouncycastle.asn1.x9.X962Parameters;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.util.Integers;
-import org.bouncycastle.util.encoders.Base64;
-
-public class GetInstanceTest
-    extends TestCase
-{
-    public static byte[]  attrCert = Base64.decode(
-            "MIIHQDCCBqkCAQEwgZChgY2kgYowgYcxHDAaBgkqhkiG9w0BCQEWDW1sb3JjaEB2"
-          + "dC5lZHUxHjAcBgNVBAMTFU1hcmt1cyBMb3JjaCAobWxvcmNoKTEbMBkGA1UECxMS"
-          + "VmlyZ2luaWEgVGVjaCBVc2VyMRAwDgYDVQQLEwdDbGFzcyAyMQswCQYDVQQKEwJ2"
-          + "dDELMAkGA1UEBhMCVVMwgYmkgYYwgYMxGzAZBgkqhkiG9w0BCQEWDHNzaGFoQHZ0"
-          + "LmVkdTEbMBkGA1UEAxMSU3VtaXQgU2hhaCAoc3NoYWgpMRswGQYDVQQLExJWaXJn"
-          + "aW5pYSBUZWNoIFVzZXIxEDAOBgNVBAsTB0NsYXNzIDExCzAJBgNVBAoTAnZ0MQsw"
-          + "CQYDVQQGEwJVUzANBgkqhkiG9w0BAQQFAAIBBTAiGA8yMDAzMDcxODE2MDgwMloY"
-          + "DzIwMDMwNzI1MTYwODAyWjCCBU0wggVJBgorBgEEAbRoCAEBMYIFORaCBTU8UnVs"
-          + "ZSBSdWxlSWQ9IkZpbGUtUHJpdmlsZWdlLVJ1bGUiIEVmZmVjdD0iUGVybWl0Ij4K"
-          + "IDxUYXJnZXQ+CiAgPFN1YmplY3RzPgogICA8U3ViamVjdD4KICAgIDxTdWJqZWN0"
-          + "TWF0Y2ggTWF0Y2hJZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjEuMDpmdW5j"
-          + "dGlvbjpzdHJpbmctZXF1YWwiPgogICAgIDxBdHRyaWJ1dGVWYWx1ZSBEYXRhVHlw"
-          + "ZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjc3RyaW5nIj4KICAg"
-          + "ICAgIENOPU1hcmt1cyBMb3JjaDwvQXR0cmlidXRlVmFsdWU+CiAgICAgPFN1Ympl"
-          + "Y3RBdHRyaWJ1dGVEZXNpZ25hdG9yIEF0dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFt"
-          + "ZXM6dGM6eGFjbWw6MS4wOnN1YmplY3Q6c3ViamVjdC1pZCIgRGF0YVR5cGU9Imh0"
-          + "dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hI3N0cmluZyIgLz4gCiAgICA8"
-          + "L1N1YmplY3RNYXRjaD4KICAgPC9TdWJqZWN0PgogIDwvU3ViamVjdHM+CiAgPFJl"
-          + "c291cmNlcz4KICAgPFJlc291cmNlPgogICAgPFJlc291cmNlTWF0Y2ggTWF0Y2hJ"
-          + "ZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjEuMDpmdW5jdGlvbjpzdHJpbmct"
-          + "ZXF1YWwiPgogICAgIDxBdHRyaWJ1dGVWYWx1ZSBEYXRhVHlwZT0iaHR0cDovL3d3"
-          + "dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjYW55VVJJIj4KICAgICAgaHR0cDovL3p1"
-          + "bmkuY3MudnQuZWR1PC9BdHRyaWJ1dGVWYWx1ZT4KICAgICA8UmVzb3VyY2VBdHRy"
-          + "aWJ1dGVEZXNpZ25hdG9yIEF0dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFtZXM6dGM6"
-          + "eGFjbWw6MS4wOnJlc291cmNlOnJlc291cmNlLWlkIiBEYXRhVHlwZT0iaHR0cDov"
-          + "L3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjYW55VVJJIiAvPiAKICAgIDwvUmVz"
-          + "b3VyY2VNYXRjaD4KICAgPC9SZXNvdXJjZT4KICA8L1Jlc291cmNlcz4KICA8QWN0"
-          + "aW9ucz4KICAgPEFjdGlvbj4KICAgIDxBY3Rpb25NYXRjaCBNYXRjaElkPSJ1cm46"
-          + "b2FzaXM6bmFtZXM6dGM6eGFjbWw6MS4wOmZ1bmN0aW9uOnN0cmluZy1lcXVhbCI+"
-          + "CiAgICAgPEF0dHJpYnV0ZVZhbHVlIERhdGFUeXBlPSJodHRwOi8vd3d3LnczLm9y"
-          + "Zy8yMDAxL1hNTFNjaGVtYSNzdHJpbmciPgpEZWxlZ2F0ZSBBY2Nlc3MgICAgIDwv"
-          + "QXR0cmlidXRlVmFsdWU+CgkgIDxBY3Rpb25BdHRyaWJ1dGVEZXNpZ25hdG9yIEF0"
-          + "dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFtZXM6dGM6eGFjbWw6MS4wOmFjdGlvbjph"
-          + "Y3Rpb24taWQiIERhdGFUeXBlPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNj"
-          + "aGVtYSNzdHJpbmciIC8+IAogICAgPC9BY3Rpb25NYXRjaD4KICAgPC9BY3Rpb24+"
-          + "CiAgPC9BY3Rpb25zPgogPC9UYXJnZXQ+CjwvUnVsZT4KMA0GCSqGSIb3DQEBBAUA"
-          + "A4GBAGiJSM48XsY90HlYxGmGVSmNR6ZW2As+bot3KAfiCIkUIOAqhcphBS23egTr"
-          + "6asYwy151HshbPNYz+Cgeqs45KkVzh7bL/0e1r8sDVIaaGIkjHK3CqBABnfSayr3"
-          + "Rd1yBoDdEv8Qb+3eEPH6ab9021AsLEnJ6LWTmybbOpMNZ3tv");
-
-    byte[]  cert1 = Base64.decode(
-        "MIIDXjCCAsegAwIBAgIBBzANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx"
-            + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY"
-            + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB"
-            + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ"
-            + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU2MjFaFw0wMTA2"
-            + "MDIwNzU2MjFaMIG4MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW"
-            + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM"
-            + "dGQxFzAVBgNVBAsTDldlYnNlcnZlciBUZWFtMR0wGwYDVQQDExR3d3cyLmNvbm5l"
-            + "Y3Q0LmNvbS5hdTEoMCYGCSqGSIb3DQEJARYZd2VibWFzdGVyQGNvbm5lY3Q0LmNv"
-            + "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArvDxclKAhyv7Q/Wmr2re"
-            + "Gw4XL9Cnh9e+6VgWy2AWNy/MVeXdlxzd7QAuc1eOWQkGQEiLPy5XQtTY+sBUJ3AO"
-            + "Rvd2fEVJIcjf29ey7bYua9J/vz5MG2KYo9/WCHIwqD9mmG9g0xLcfwq/s8ZJBswE"
-            + "7sb85VU+h94PTvsWOsWuKaECAwEAAaN3MHUwJAYDVR0RBB0wG4EZd2VibWFzdGVy"
-            + "QGNvbm5lY3Q0LmNvbS5hdTA6BglghkgBhvhCAQ0ELRYrbW9kX3NzbCBnZW5lcmF0"
-            + "ZWQgY3VzdG9tIHNlcnZlciBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCBkAw"
-            + "DQYJKoZIhvcNAQEEBQADgYEAotccfKpwSsIxM1Hae8DR7M/Rw8dg/RqOWx45HNVL"
-            + "iBS4/3N/TO195yeQKbfmzbAA2jbPVvIvGgTxPgO1MP4ZgvgRhasaa0qCJCkWvpM4"
-            + "yQf33vOiYQbpv4rTwzU8AmRlBG45WdjyNIigGV+oRc61aKCTnLq7zB8N3z1TF/bF"
-            + "5/8=");
-
-    private byte[] v2CertList = Base64.decode(
-          "MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT"
-        + "F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy"
-        + "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw"
-        + "MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw"
-        + "MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw"
-        + "MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw"
-        + "MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw"
-        + "MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw"
-        + "MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw"
-        + "NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw"
-        + "NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF"
-        + "AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ"
-        + "wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt"
-        + "JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v");
-
-    private static final Object[] NULL_ARGS = new Object[] { null };
-
-    private void doFullGetInstanceTest(Class clazz, ASN1Object o1)
-        throws Exception
-    {
-        Method m;
-
-        try
-        {
-            m = clazz.getMethod("getInstance", Object.class);
-        }
-        catch (NoSuchMethodException e)
-        {
-            fail("no getInstance method found");
-            return;
-        }
-
-        ASN1Object o2 = (ASN1Object)m.invoke(clazz, NULL_ARGS);
-        if (o2 != null)
-        {
-            fail(clazz.getName() + " null failed");
-        }
-
-        o2 = (ASN1Object)m.invoke(clazz, o1);
-
-        if (!o1.equals(o2) || !clazz.isInstance(o2))
-        {
-            fail(clazz.getName() + " equality failed");
-        }
-
-        o2 = (ASN1Object)m.invoke(clazz, o1.getEncoded());
-        if (!o1.equals(o2) || !clazz.isInstance(o2))
-        {
-            fail(clazz.getName() + " encoded equality failed");
-        }
-
-        o2 = (ASN1Object)m.invoke(clazz, o1.toASN1Primitive());
-        if (!o1.equals(o2) || !clazz.isInstance(o2))
-        {
-            fail(clazz.getName() + " sequence equality failed");
-        }
-
-        try
-        {
-            m = clazz.getMethod("getInstance", ASN1TaggedObject.class, Boolean.TYPE);
-        }
-        catch (NoSuchMethodException e)
-        {
-            return;
-        }
-
-        ASN1TaggedObject t = new DERTaggedObject(true, 0, o1);
-        o2 = (ASN1Object)m.invoke(clazz, t, true);
-        if (!o1.equals(o2) || !clazz.isInstance(o2))
-        {
-            fail(clazz.getName() + " tag equality failed");
-        }
-
-        t = new DERTaggedObject(true, 0, o1.toASN1Primitive());
-        o2 = (ASN1Object)m.invoke(clazz, t, true);
-        if (!o1.equals(o2) || !clazz.isInstance(o2))
-        {
-            fail(clazz.getName() + " tag equality failed");
-        }
-
-        t = ASN1TaggedObject.getInstance(t.getEncoded());
-        o2 = (ASN1Object)m.invoke(clazz, t, true);
-        if (!o1.equals(o2) || !clazz.isInstance(o2))
-        {
-            fail(clazz.getName() + " tag equality failed");
-        }
-
-        t = new DERTaggedObject(false, 0, o1);
-        o2 = (ASN1Object)m.invoke(clazz, t, false);
-        if (!o1.equals(o2) || !clazz.isInstance(o2))
-        {
-            fail(clazz.getName() + " tag equality failed");
-        }
-
-        t = new DERTaggedObject(false, 0, o1.toASN1Primitive());
-        o2 = (ASN1Object)m.invoke(clazz, t, false);
-        if (!o1.equals(o2) || !clazz.isInstance(o2))
-        {
-            fail(clazz.getName() + " tag equality failed");
-        }
-
-        t = ASN1TaggedObject.getInstance(t.getEncoded());
-        o2 = (ASN1Object)m.invoke(clazz, t, false);
-        if (!o1.equals(o2) || !clazz.isInstance(o2))
-        {
-            fail(clazz.getName() + " tag equality failed");
-        }
-    }
-
-    public void testGetInstance()
-        throws Exception
-    {
-        doFullGetInstanceTest(DERPrintableString.class, new DERPrintableString("hello world"));
-        doFullGetInstanceTest(DERBMPString.class, new DERBMPString("hello world"));
-        doFullGetInstanceTest(DERUTF8String.class, new DERUTF8String("hello world"));
-        doFullGetInstanceTest(DERUniversalString.class, new DERUniversalString(new byte[20]));
-        doFullGetInstanceTest(DERIA5String.class, new DERIA5String("hello world"));
-        doFullGetInstanceTest(DERGeneralString.class, new DERGeneralString("hello world"));
-        doFullGetInstanceTest(DERNumericString.class, new DERNumericString("hello world"));
-        doFullGetInstanceTest(DERNumericString.class, new DERNumericString("99999", true));
-        doFullGetInstanceTest(DERT61String.class, new DERT61String("hello world"));
-        doFullGetInstanceTest(DERVisibleString.class, new DERVisibleString("hello world"));
-
-        doFullGetInstanceTest(ASN1Integer.class, new ASN1Integer(1));
-        doFullGetInstanceTest(ASN1GeneralizedTime.class, new ASN1GeneralizedTime(new Date()));
-        doFullGetInstanceTest(ASN1UTCTime.class, new ASN1UTCTime(new Date()));
-        doFullGetInstanceTest(ASN1Enumerated.class, new ASN1Enumerated(1));
-
-        CMPCertificate cmpCert = new CMPCertificate(Certificate.getInstance(cert1));
-        CertificateList crl = CertificateList.getInstance(v2CertList);
-        AttributeCertificate attributeCert = AttributeCertificate.getInstance(attrCert);
-
-        doFullGetInstanceTest(CAKeyUpdAnnContent.class, new CAKeyUpdAnnContent(cmpCert, cmpCert, cmpCert));
-
-        CertConfirmContent.getInstance(null);
-        CertifiedKeyPair.getInstance(null);
-        CertOrEncCert.getInstance(null);
-        CertRepMessage.getInstance(null);
-        doFullGetInstanceTest(CertResponse.class, new CertResponse(new ASN1Integer(1), new PKIStatusInfo(PKIStatus.granted)));
-        doFullGetInstanceTest(org.bouncycastle.asn1.cmp.CertStatus.class, new org.bouncycastle.asn1.cmp.CertStatus(new byte[10], BigInteger.valueOf(1), new PKIStatusInfo(PKIStatus.granted)));
-        doFullGetInstanceTest(Challenge.class, new Challenge(new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE), new byte[10], new byte[10]));
-
-        doFullGetInstanceTest(CMPCertificate.class, cmpCert);
-        doFullGetInstanceTest(CRLAnnContent.class, new CRLAnnContent(crl));
-        doFullGetInstanceTest(ErrorMsgContent.class, new ErrorMsgContent(new PKIStatusInfo(PKIStatus.granted), new ASN1Integer(1), new PKIFreeText("fred")));
-        GenMsgContent.getInstance(null);
-        GenRepContent.getInstance(null);
-        InfoTypeAndValue.getInstance(null);
-        KeyRecRepContent.getInstance(null);
-        OOBCertHash.getInstance(null);
-        PBMParameter.getInstance(null);
-        PKIBody.getInstance(null);
-        PKIConfirmContent.getInstance(null);
-        PKIFreeText.getInstance(null);
-        doFullGetInstanceTest(PKIFreeText.class, new PKIFreeText("hello world"));
-        doFullGetInstanceTest(PKIFreeText.class, new PKIFreeText(new String[]{"hello", "world"}));
-        doFullGetInstanceTest(PKIFreeText.class, new PKIFreeText(new DERUTF8String[]{new DERUTF8String("hello"), new DERUTF8String("world")}));
-        PKIHeader.getInstance(null);
-        PKIMessage.getInstance(null);
-        PKIMessages.getInstance(null);
-        doFullGetInstanceTest(PKIStatusInfo.class, new PKIStatusInfo(PKIStatus.rejection, new PKIFreeText("hello world"), new PKIFailureInfo(PKIFailureInfo.badAlg)));
-        doFullGetInstanceTest(PKIStatusInfo.class, new PKIStatusInfo(PKIStatus.granted, new PKIFreeText("hello world")));
-        PKIStatus.getInstance(null);
-        PollRepContent.getInstance(null);
-        PollReqContent.getInstance(null);
-        POPODecKeyChallContent.getInstance(null);
-        POPODecKeyRespContent.getInstance(null);
-        ProtectedPart.getInstance(null);
-        RevAnnContent.getInstance(null);
-        RevDetails.getInstance(null);
-        RevRepContent.getInstance(null);
-        RevReqContent.getInstance(null);
-        Attribute.getInstance(null);
-        Attributes.getInstance(null);
-        AuthenticatedData.getInstance(null);
-        AuthenticatedData.getInstance(null);
-        AuthEnvelopedData.getInstance(null);
-        AuthEnvelopedData.getInstance(null);
-        CompressedData.getInstance(null);
-        CompressedData.getInstance(null);
-        ContentInfo.getInstance(null);
-        EncryptedContentInfo.getInstance(null);
-        EncryptedData.getInstance(null);
-        EnvelopedData.getInstance(null);
-        EnvelopedData.getInstance(null);
-        Evidence.getInstance(null);
-        IssuerAndSerialNumber.getInstance(null);
-        KEKIdentifier.getInstance(null);
-        KEKIdentifier.getInstance(null);
-        KEKRecipientInfo.getInstance(null);
-        KEKRecipientInfo.getInstance(null);
-        KeyAgreeRecipientIdentifier.getInstance(null);
-        KeyAgreeRecipientIdentifier.getInstance(null);
-        KeyAgreeRecipientInfo.getInstance(null);
-        KeyAgreeRecipientInfo.getInstance(null);
-        KeyTransRecipientInfo.getInstance(null);
-        MetaData.getInstance(null);
-        OriginatorIdentifierOrKey.getInstance(null);
-        OriginatorIdentifierOrKey.getInstance(null);
-        OriginatorInfo.getInstance(null);
-        OriginatorInfo.getInstance(null);
-        OriginatorPublicKey.getInstance(null);
-        OriginatorPublicKey.getInstance(null);
-        OtherKeyAttribute.getInstance(null);
-        OtherRecipientInfo.getInstance(null);
-        OtherRecipientInfo.getInstance(null);
-        PasswordRecipientInfo.getInstance(null);
-        PasswordRecipientInfo.getInstance(null);
-        RecipientEncryptedKey.getInstance(null);
-        RecipientIdentifier.getInstance(null);
-        RecipientInfo.getInstance(null);
-        RecipientKeyIdentifier.getInstance(null);
-        RecipientKeyIdentifier.getInstance(null);
-        SignedData.getInstance(null);
-        SignerIdentifier.getInstance(null);
-        SignerInfo.getInstance(null);
-        Time.getInstance(null);
-        Time.getInstance(null);
-        TimeStampAndCRL.getInstance(null);
-        TimeStampedData.getInstance(null);
-        TimeStampTokenEvidence.getInstance(null);
-        AttributeTypeAndValue.getInstance(null);
-
-        doFullGetInstanceTest(CertId.class, new CertId(new GeneralName(new X500Name("CN=Test")), BigInteger.valueOf(1)));
-
-
-        CertReqMessages.getInstance(null);
-        CertReqMsg.getInstance(null);
-        CertRequest.getInstance(null);
-        CertTemplate.getInstance(null);
-        Controls.getInstance(null);
-        EncKeyWithID.getInstance(null);
-        EncryptedKey.getInstance(null);
-        EncryptedValue.getInstance(null);
-        OptionalValidity.getInstance(null);
-        PKIArchiveOptions.getInstance(null);
-        PKIPublicationInfo.getInstance(null);
-        PKMACValue.getInstance(null);
-        PKMACValue.getInstance(null);
-        POPOPrivKey.getInstance(null);
-        POPOSigningKeyInput.getInstance(null);
-        POPOSigningKey.getInstance(null);
-        POPOSigningKey.getInstance(null);
-        ProofOfPossession.getInstance(null);
-        SinglePubInfo.getInstance(null);
-        ECGOST3410ParamSetParameters.getInstance(null);
-        ECGOST3410ParamSetParameters.getInstance(null);
-        GOST28147Parameters.getInstance(null);
-        GOST28147Parameters.getInstance(null);
-        GOST3410ParamSetParameters.getInstance(null);
-        GOST3410ParamSetParameters.getInstance(null);
-        GOST3410PublicKeyAlgParameters.getInstance(null);
-        GOST3410PublicKeyAlgParameters.getInstance(null);
-        CertificateBody.getInstance(null);
-        CVCertificate.getInstance(null);
-        CVCertificateRequest.getInstance(null);
-        PublicKeyDataObject.getInstance(null);
-        UnsignedInteger.getInstance(null);
-        CommitmentTypeIndication.getInstance(null);
-        CommitmentTypeQualifier.getInstance(null);
-
-        OcspIdentifier ocspIdentifier = new OcspIdentifier(new ResponderID(new X500Name("CN=Test")), new ASN1GeneralizedTime(new Date()));
-        CrlListID crlListID = new CrlListID(new CrlValidatedID[]{new CrlValidatedID(new OtherHash(new byte[20]))});
-        OcspListID ocspListID = new OcspListID(new OcspResponsesID[] { new OcspResponsesID(ocspIdentifier) });
-        OtherRevRefs otherRevRefs = new OtherRevRefs(new ASN1ObjectIdentifier("1.2.1"), new DERSequence());
-        OtherRevVals otherRevVals = new OtherRevVals(new ASN1ObjectIdentifier("1.2.1"), new DERSequence());
-        CrlOcspRef crlOcspRef = new CrlOcspRef(crlListID, ocspListID, otherRevRefs);
-        doFullGetInstanceTest(CompleteRevocationRefs.class, new CompleteRevocationRefs(new CrlOcspRef[]{crlOcspRef, crlOcspRef}));
-
-        doFullGetInstanceTest(CrlIdentifier.class, new CrlIdentifier(new X500Name("CN=Test"), new ASN1UTCTime(new Date()), BigInteger.valueOf(1)));
-
-
-        doFullGetInstanceTest(CrlListID.class, crlListID);
-        doFullGetInstanceTest(CrlOcspRef.class, crlOcspRef);
-        doFullGetInstanceTest(CrlValidatedID.class, new CrlValidatedID(new OtherHash(new byte[20])));
-        doFullGetInstanceTest(OcspIdentifier.class, ocspIdentifier);
-        doFullGetInstanceTest(OcspListID.class, ocspListID);
-        doFullGetInstanceTest(OcspResponsesID.class, new OcspResponsesID(ocspIdentifier));
-
-        OtherHashAlgAndValue otherHashAlgAndValue = new OtherHashAlgAndValue(new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE), new DEROctetString(new byte[10]));
-        doFullGetInstanceTest(OtherHashAlgAndValue.class, otherHashAlgAndValue);
-        OtherHash.getInstance(null);
-        doFullGetInstanceTest(OtherRevRefs.class, otherRevRefs);
-        doFullGetInstanceTest(OtherRevVals.class, otherRevVals);
-        doFullGetInstanceTest(RevocationValues.class, new RevocationValues(new CertificateList[]{crl}, null, otherRevVals));
-
-        SignaturePolicyId signaturePolicyId = new SignaturePolicyId(new ASN1ObjectIdentifier("1.2.1"), otherHashAlgAndValue);
-        doFullGetInstanceTest(SignaturePolicyIdentifier.class, new SignaturePolicyIdentifier());
-        doFullGetInstanceTest(SignaturePolicyIdentifier.class, new SignaturePolicyIdentifier(signaturePolicyId));
-        doFullGetInstanceTest(SignaturePolicyId.class, signaturePolicyId);
-        doFullGetInstanceTest(SignerAttribute.class, new SignerAttribute(new org.bouncycastle.asn1.x509.Attribute[]{new org.bouncycastle.asn1.x509.Attribute(new ASN1ObjectIdentifier("1.2.1"), new DERSet())}));
-        doFullGetInstanceTest(SignerAttribute.class, new SignerAttribute(attributeCert));
-
-        ASN1EncodableVector postalAddr = new ASN1EncodableVector();
-
-        postalAddr.add(new DERUTF8String("line 1"));
-        postalAddr.add(new DERUTF8String("line 2"));
-
-        doFullGetInstanceTest(SignerLocation.class, new SignerLocation(new DERUTF8String("AU"), new DERUTF8String("Melbourne"), new DERSequence(postalAddr)));
-        doFullGetInstanceTest(SigPolicyQualifierInfo.class, new SigPolicyQualifierInfo(new ASN1ObjectIdentifier("1.2.1"), new DERSequence()));
-        SigPolicyQualifiers.getInstance(null);
-        SPuri.getInstance(null);
-        Vector v = new Vector();
-
-        v.add(Integers.valueOf(1));
-        v.add(BigInteger.valueOf(2));
-        NoticeReference noticeReference = new NoticeReference("BC", v);
-        doFullGetInstanceTest(SPUserNotice.class, new SPUserNotice(noticeReference, new DisplayText("hello world")));
-        ContentHints.getInstance(null);
-        ContentIdentifier.getInstance(null);
-        ESSCertID.getInstance(null);
-        ESSCertIDv2.getInstance(null);
-        OtherCertID.getInstance(null);
-        OtherSigningCertificate.getInstance(null);
-        SigningCertificate.getInstance(null);
-        SigningCertificateV2.getInstance(null);
-        CscaMasterList.getInstance(null);
-        DataGroupHash.getInstance(null);
-        LDSSecurityObject.getInstance(null);
-        LDSVersionInfo.getInstance(null);
-        CAST5CBCParameters.getInstance(null);
-        IDEACBCPar.getInstance(null);
-        PublicKeyAndChallenge.getInstance(null);
-        BasicOCSPResponse.getInstance(null);
-        BasicOCSPResponse.getInstance(null);
-
-        doFullGetInstanceTest(CertID.class, new CertID(new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE), new DEROctetString(new byte[1]), new DEROctetString(new byte[1]), new ASN1Integer(1)));
-
-        CertStatus.getInstance(null);
-        CertStatus.getInstance(null);
-        CrlID.getInstance(null);
-        OCSPRequest.getInstance(null);
-        OCSPRequest.getInstance(null);
-        OCSPResponse.getInstance(null);
-        OCSPResponse.getInstance(null);
-        OCSPResponseStatus.getInstance(null);
-        Request.getInstance(null);
-        Request.getInstance(null);
-        ResponderID.getInstance(null);
-        ResponderID.getInstance(null);
-        ResponseBytes.getInstance(null);
-        ResponseBytes.getInstance(null);
-        ResponseData.getInstance(null);
-        ResponseData.getInstance(null);
-        RevokedInfo.getInstance(null);
-        RevokedInfo.getInstance(null);
-        Signature.getInstance(null);
-        Signature.getInstance(null);
-        SingleResponse.getInstance(null);
-        SingleResponse.getInstance(null);
-        TBSRequest.getInstance(null);
-        TBSRequest.getInstance(null);
-        Attribute.getInstance(null);
-        AuthenticatedSafe.getInstance(null);
-        CertificationRequestInfo.getInstance(null);
-        CertificationRequest.getInstance(null);
-        ContentInfo.getInstance(null);
-        DHParameter.getInstance(null);
-        EncryptedData.getInstance(null);
-        EncryptedPrivateKeyInfo.getInstance(null);
-        AlgorithmIdentifier.getInstance(null);
-        IssuerAndSerialNumber.getInstance(null);
-        MacData.getInstance(null);
-        PBEParameter.getInstance(null);
-        PBES2Parameters.getInstance(null);
-        PBKDF2Params.getInstance(null);
-        Pfx.getInstance(null);
-        PKCS12PBEParams.getInstance(null);
-        PrivateKeyInfo.getInstance(null);
-        PrivateKeyInfo.getInstance(null);
-        RC2CBCParameter.getInstance(null);
-        RSAESOAEPparams.getInstance(null);
-        RSAPrivateKey.getInstance(null);
-        RSAPrivateKey.getInstance(null);
-        RSAPublicKey.getInstance(null);
-        RSAPublicKey.getInstance(null);
-        RSASSAPSSparams.getInstance(null);
-        SafeBag.getInstance(null);
-        SignedData.getInstance(null);
-        SignerInfo.getInstance(null);
-        ECPrivateKey.getInstance(null);
-        SMIMECapabilities.getInstance(null);
-        SMIMECapability.getInstance(null);
-        Accuracy.getInstance(null);
-        MessageImprint.getInstance(null);
-        TimeStampReq.getInstance(null);
-        TimeStampResp.getInstance(null);
-        TSTInfo.getInstance(null);
-        AttributeTypeAndValue.getInstance(null);
-        DirectoryString.getInstance(null);
-        DirectoryString.getInstance(null);
-        RDN.getInstance(null);
-        X500Name.getInstance(null);
-        X500Name.getInstance(null);
-        AccessDescription.getInstance(null);
-        AlgorithmIdentifier.getInstance(null);
-        AlgorithmIdentifier.getInstance(null);
-        AttCertIssuer.getInstance(null);
-        AttCertIssuer.getInstance(null);
-        AttCertValidityPeriod.getInstance(null);
-        AttributeCertificateInfo.getInstance(null);
-        AttributeCertificateInfo.getInstance(null);
-        AttributeCertificate.getInstance(null);
-        Attribute.getInstance(null);
-        AuthorityInformationAccess.getInstance(null);
-        AuthorityKeyIdentifier.getInstance(null);
-        AuthorityKeyIdentifier.getInstance(null);
-        BasicConstraints.getInstance(null);
-        BasicConstraints.getInstance(null);
-        Certificate.getInstance(null);
-        Certificate.getInstance(null);
-        CertificateList.getInstance(null);
-        CertificateList.getInstance(null);
-        CertificatePair.getInstance(null);
-        CertificatePolicies.getInstance(null);
-        CertificatePolicies.getInstance(null);
-        CRLDistPoint.getInstance(null);
-        CRLDistPoint.getInstance(null);
-        CRLNumber.getInstance(null);
-        CRLReason.getInstance(null);
-        DigestInfo.getInstance(null);
-        DigestInfo.getInstance(null);
-        DisplayText.getInstance(null);
-        DisplayText.getInstance(null);
-        DistributionPoint.getInstance(null);
-        DistributionPoint.getInstance(null);
-        DistributionPointName.getInstance(null);
-        DistributionPointName.getInstance(null);
-        DSAParameter.getInstance(null);
-        DSAParameter.getInstance(null);
-        ExtendedKeyUsage.getInstance(null);
-        ExtendedKeyUsage.getInstance(null);
-        Extensions.getInstance(null);
-        Extensions.getInstance(null);
-        GeneralName.getInstance(null);
-        GeneralName.getInstance(null);
-        GeneralNames.getInstance(null);
-        GeneralNames.getInstance(null);
-
-        GeneralSubtree generalSubtree = new GeneralSubtree(new GeneralName(new X500Name("CN=Test")));
-        ASN1ObjectIdentifier algOid = new ASN1ObjectIdentifier("1.2.1");
-        ObjectDigestInfo objectDigestInfo = new ObjectDigestInfo(ObjectDigestInfo.otherObjectDigest, algOid, new AlgorithmIdentifier(algOid), new byte[20]);
-
-        doFullGetInstanceTest(GeneralSubtree.class, generalSubtree);
-        doFullGetInstanceTest(Holder.class, new Holder(objectDigestInfo));
-        IetfAttrSyntax.getInstance(null);
-        IssuerSerial.getInstance(null);
-        IssuerSerial.getInstance(null);
-        IssuingDistributionPoint.getInstance(null);
-        IssuingDistributionPoint.getInstance(null);
-        DERBitString.getInstance(null);
-
-        v.clear();
-        v.add(generalSubtree);
-
-        doFullGetInstanceTest(NameConstraints.class, new NameConstraints(null, null));
-        doFullGetInstanceTest(NoticeReference.class, noticeReference);
-        doFullGetInstanceTest(ObjectDigestInfo.class, objectDigestInfo);
-
-        PolicyInformation.getInstance(null);
-        PolicyMappings.getInstance(null);
-        PolicyQualifierInfo.getInstance(null);
-        PrivateKeyUsagePeriod.getInstance(null);
-        doFullGetInstanceTest(RoleSyntax.class, new RoleSyntax(new GeneralNames(new GeneralName(new X500Name("CN=Test"))), new GeneralName(GeneralName.uniformResourceIdentifier, "http://bc")));
-        org.bouncycastle.asn1.pkcs.RSAPublicKey.getInstance(null);
-        RSAPublicKey.getInstance(null);
-        SubjectDirectoryAttributes.getInstance(null);
-        SubjectKeyIdentifier.getInstance(null);
-        SubjectKeyIdentifier.getInstance(null);
-        SubjectPublicKeyInfo.getInstance(null);
-        SubjectPublicKeyInfo.getInstance(null);
-        TargetInformation.getInstance(null);
-        Target.getInstance(null);
-        Targets.getInstance(null);
-        TBSCertificate.getInstance(null);
-        TBSCertificate.getInstance(null);
-        TBSCertificateStructure.getInstance(null);
-        TBSCertificateStructure.getInstance(null);
-        TBSCertList.CRLEntry.getInstance(null);
-        TBSCertList.getInstance(null);
-        TBSCertList.getInstance(null);
-        Time.getInstance(null);
-        Time.getInstance(null);
-        doFullGetInstanceTest(UserNotice.class, new UserNotice(noticeReference, "hello world"));
-        V2Form.getInstance(null);
-        V2Form.getInstance(null);
-        X509CertificateStructure.getInstance(null);
-        X509CertificateStructure.getInstance(null);
-        X509Extensions.getInstance(null);
-        X509Extensions.getInstance(null);
-        X500Name.getInstance(null);
-        X500Name.getInstance(null);
-        DHDomainParameters.getInstance(null);
-        DHDomainParameters.getInstance(null);
-        DHPublicKey.getInstance(null);
-        DHPublicKey.getInstance(null);
-        DHValidationParms.getInstance(null);
-        DHValidationParms.getInstance(null);
-        X962Parameters.getInstance(null);
-        X962Parameters.getInstance(null);
-        X9ECParameters.getInstance(null);
-        MQVuserKeyingMaterial.getInstance(null);
-        MQVuserKeyingMaterial.getInstance(null);
-        CertHash.getInstance(null);
-        RequestedCertificate.getInstance(null);
-        RequestedCertificate.getInstance(null);
-        AdditionalInformationSyntax.getInstance(null);
-        Admissions.getInstance(null);
-        AdmissionSyntax.getInstance(null);
-        DeclarationOfMajority.getInstance(null);
-        MonetaryLimit.getInstance(null);
-        NamingAuthority.getInstance(null);
-        NamingAuthority.getInstance(null);
-        ProcurationSyntax.getInstance(null);
-        ProfessionInfo.getInstance(null);
-        Restriction.getInstance(null);
-        BiometricData.getInstance(null);
-        Iso4217CurrencyCode.getInstance(null);
-        MonetaryValue.getInstance(null);
-        QCStatement.getInstance(null);
-        SemanticsInformation.getInstance(null);
-        TypeOfBiometricData.getInstance(null);
-        NameOrPseudonym.getInstance(null);
-        PersonalData.getInstance(null);
-    }
-
-    public String getName()
-    {
-        return "GetInstanceNullTest";
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/IdentityProofV2Test.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/IdentityProofV2Test.java
deleted file mode 100644
index ced7443..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/IdentityProofV2Test.java
+++ /dev/null

@@ -1,52 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cmc.IdentityProofV2;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class IdentityProofV2Test
-    extends SimpleTest
-{
-    public static void main(String[] args)
-    {
-        runTest(new IdentityProofV2Test());
-    }
-
-    public String getName()
-    {
-        return "IdentityProofV2";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        IdentityProofV2 proofV2 = new IdentityProofV2(
-            new AlgorithmIdentifier(PKCSObjectIdentifiers.encryptionAlgorithm, new ASN1Integer(10L)),
-            new AlgorithmIdentifier(PKCSObjectIdentifiers.bagtypes, new ASN1Integer(10L)),
-            "Cats".getBytes()
-        );
-
-        byte[] b = proofV2.getEncoded();
-        IdentityProofV2 proofV2Res = IdentityProofV2.getInstance(b);
-
-        isEquals("proofAldID", proofV2.getProofAlgID(), proofV2Res.getProofAlgID());
-        isEquals("macAlgId", proofV2.getMacAlgId(), proofV2Res.getMacAlgId());
-        isTrue("witness",  areEqual(proofV2.getWitness(), proofV2Res.getWitness()));
-
-
-        try
-        {
-            IdentityProofV2.getInstance(new DERSequence(new ASN1Encodable[0]));
-            fail("Sequence must be length of 3");
-        }
-        catch (Throwable t)
-        {
-            isEquals("Exception incorrect", t.getClass(), IllegalArgumentException.class);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/InputStreamTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/InputStreamTest.java
deleted file mode 100644
index 819d285..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/InputStreamTest.java
+++ /dev/null

@@ -1,75 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class InputStreamTest 
-    extends SimpleTest
-{
-    private static final byte[] outOfBoundsLength = new byte[] { (byte)0x30, (byte)0xff, (byte)0xff, (byte)0xff, (byte)0xff, (byte)0xff };
-    private static final byte[] negativeLength = new byte[] { (byte)0x30, (byte)0x84, (byte)0xff, (byte)0xff, (byte)0xff, (byte)0xff };
-    private static final byte[] outsideLimitLength = new byte[] { (byte)0x30, (byte)0x83, (byte)0x0f, (byte)0xff, (byte)0xff };
-    
-    
-    public String getName()
-    {
-        return "InputStream";
-    }
-    
-    public void performTest() 
-        throws Exception
-    {
-        ASN1InputStream aIn = new ASN1InputStream(outOfBoundsLength);
-        
-        try
-        {
-            aIn.readObject();
-            fail("out of bounds length not detected.");
-        }
-        catch (IOException e)
-        {
-            if (!e.getMessage().startsWith("DER length more than 4 bytes"))
-            {
-                fail("wrong exception: " + e.getMessage());
-            }
-        }
-        
-        aIn = new ASN1InputStream(negativeLength);
-        
-        try
-        {
-            aIn.readObject();
-            fail("negative length not detected.");
-        }
-        catch (IOException e)
-        {
-            if (!e.getMessage().equals("corrupted stream - negative length found"))
-            {
-                fail("wrong exception: " + e.getMessage());
-            }
-        }
-        
-        aIn = new ASN1InputStream(outsideLimitLength);
-        
-        try
-        {
-            aIn.readObject();
-            fail("outside limit length not detected.");
-        }
-        catch (IOException e)
-        {
-            if (!e.getMessage().equals("corrupted stream - out of bounds length found"))
-            {
-                fail("wrong exception: " + e.getMessage());
-            }
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new InputStreamTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/Iso4217CurrencyCodeUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/Iso4217CurrencyCodeUnitTest.java
deleted file mode 100644
index ef3b20d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/Iso4217CurrencyCodeUnitTest.java
+++ /dev/null

@@ -1,142 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.x509.qualified.Iso4217CurrencyCode;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class Iso4217CurrencyCodeUnitTest 
-    extends SimpleTest
-{
-    private static final String ALPHABETIC_CURRENCY_CODE = "AUD";
-    private static final int    NUMERIC_CURRENCY_CODE = 1;
-
-    public String getName()
-    {
-        return "Iso4217CurrencyCode";
-    }
-
-    public void performTest() 
-        throws Exception
-    {
-        //
-        // alphabetic
-        //
-        Iso4217CurrencyCode cc = new Iso4217CurrencyCode(ALPHABETIC_CURRENCY_CODE);
-
-        checkNumeric(cc, ALPHABETIC_CURRENCY_CODE);
-        
-        cc = Iso4217CurrencyCode.getInstance(cc);
-        
-        checkNumeric(cc, ALPHABETIC_CURRENCY_CODE);
-        
-        ASN1Primitive obj = cc.toASN1Primitive();
-        
-        cc = Iso4217CurrencyCode.getInstance(obj);
-        
-        checkNumeric(cc, ALPHABETIC_CURRENCY_CODE);
-        
-        //
-        // numeric
-        //
-        cc = new Iso4217CurrencyCode(NUMERIC_CURRENCY_CODE);
-
-        checkNumeric(cc, NUMERIC_CURRENCY_CODE);
-        
-        cc = Iso4217CurrencyCode.getInstance(cc);
-        
-        checkNumeric(cc, NUMERIC_CURRENCY_CODE);
-        
-        obj = cc.toASN1Primitive();
-        
-        cc = Iso4217CurrencyCode.getInstance(obj);
-        
-        checkNumeric(cc, NUMERIC_CURRENCY_CODE);
-        
-        cc = Iso4217CurrencyCode.getInstance(null);
-        
-        if (cc != null)
-        {
-            fail("null getInstance() failed.");
-        }
-        
-        try
-        {
-            Iso4217CurrencyCode.getInstance(new Object());
-            
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-        
-        try
-        {
-            new Iso4217CurrencyCode("ABCD");
-            
-            fail("constructor failed to detect out of range currencycode.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-        
-        try
-        {
-            new Iso4217CurrencyCode(0);
-            
-            fail("constructor failed to detect out of range small numeric code.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-        
-        try
-        {
-            new Iso4217CurrencyCode(1000);
-            
-            fail("constructor failed to detect out of range large numeric code.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void checkNumeric(
-        Iso4217CurrencyCode cc,
-        String              code)
-    {
-        if (!cc.isAlphabetic())
-        {
-            fail("non-alphabetic code found when one expected.");
-        }
-        
-        if (!cc.getAlphabetic().equals(code))
-        {
-            fail("string codes don't match.");
-        }
-    }
-    
-    private void checkNumeric(
-        Iso4217CurrencyCode cc,
-        int                 code)
-    {
-        if (cc.isAlphabetic())
-        {
-            fail("alphabetic code found when one not expected.");
-        }
-        
-        if (cc.getNumeric() != code)
-        {
-            fail("numeric codes don't match.");
-        }
-    }
-    
-    public static void main(
-        String[]    args)
-    {
-        runTest(new Iso4217CurrencyCodeUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/IssuingDistributionPointUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/IssuingDistributionPointUnitTest.java
deleted file mode 100644
index fa0af30..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/IssuingDistributionPointUnitTest.java
+++ /dev/null

@@ -1,122 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.DistributionPointName;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.GeneralNames;
-import org.bouncycastle.asn1.x509.IssuingDistributionPoint;
-import org.bouncycastle.asn1.x509.ReasonFlags;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class IssuingDistributionPointUnitTest 
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "IssuingDistributionPoint";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        DistributionPointName    name = new DistributionPointName(
-                                              new GeneralNames(new GeneralName(new X500Name("cn=test"))));
-        ReasonFlags reasonFlags = new ReasonFlags(ReasonFlags.cACompromise);
-
-        checkPoint(6, name, true, true, reasonFlags, true, true);
-
-        checkPoint(2, name, false, false, reasonFlags, false, false);
-
-        checkPoint(0, null, false, false, null, false, false);
-
-        try
-        {
-            IssuingDistributionPoint.getInstance(new Object());
-
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void checkPoint(
-        int size,
-        DistributionPointName distributionPoint,
-        boolean onlyContainsUserCerts,
-        boolean onlyContainsCACerts,
-        ReasonFlags onlySomeReasons,
-        boolean indirectCRL,
-        boolean onlyContainsAttributeCerts)
-        throws IOException
-    {
-        IssuingDistributionPoint point = new IssuingDistributionPoint(distributionPoint, onlyContainsUserCerts, onlyContainsCACerts, onlySomeReasons, indirectCRL, onlyContainsAttributeCerts);
-
-        checkValues(point, distributionPoint, onlyContainsUserCerts, onlyContainsCACerts, onlySomeReasons, indirectCRL, onlyContainsAttributeCerts);
-
-        ASN1Sequence seq = ASN1Sequence.getInstance(ASN1Primitive.fromByteArray(point.getEncoded()));
-
-        if (seq.size() != size)
-        {
-            fail("size mismatch");
-        }
-
-        point = IssuingDistributionPoint.getInstance(seq);
-
-        checkValues(point, distributionPoint, onlyContainsUserCerts, onlyContainsCACerts, onlySomeReasons, indirectCRL, onlyContainsAttributeCerts);
-    }
-
-    private void checkValues(IssuingDistributionPoint point, DistributionPointName distributionPoint, boolean onlyContainsUserCerts, boolean onlyContainsCACerts, ReasonFlags onlySomeReasons, boolean indirectCRL, boolean onlyContainsAttributeCerts)
-    {
-        if (point.onlyContainsUserCerts() != onlyContainsUserCerts)
-        {
-            fail("mismatch on onlyContainsUserCerts");
-        }
-
-        if (point.onlyContainsCACerts() != onlyContainsCACerts)
-        {
-            fail("mismatch on onlyContainsCACerts");
-        }
-
-        if (point.isIndirectCRL() != indirectCRL)
-        {
-            fail("mismatch on indirectCRL");
-        }
-
-        if (point.onlyContainsAttributeCerts() != onlyContainsAttributeCerts)
-        {
-            fail("mismatch on onlyContainsAttributeCerts");
-        }
-
-        if (!isEquiv(onlySomeReasons, point.getOnlySomeReasons()))
-        {
-            fail("mismatch on onlySomeReasons");
-        }
-
-        if (!isEquiv(distributionPoint, point.getDistributionPoint()))
-        {
-            fail("mismatch on distributionPoint");
-        }
-    }
-
-    private boolean isEquiv(Object o1, Object o2)
-    {
-        if (o1 == null)
-        {
-            return o2 == null;
-        }
-
-        return o1.equals(o2);
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new IssuingDistributionPointUnitTest());
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/KeyUsageTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/KeyUsageTest.java
deleted file mode 100644
index f5c90cd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/KeyUsageTest.java
+++ /dev/null

@@ -1,55 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.x509.KeyUsage;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class KeyUsageTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "KeyUsage";
-    }
-
-    public void performTest()
-        throws IOException
-    {
-        BitStringConstantTester.testFlagValueCorrect(0, KeyUsage.digitalSignature); 
-        BitStringConstantTester.testFlagValueCorrect(1, KeyUsage.nonRepudiation);
-        BitStringConstantTester.testFlagValueCorrect(2, KeyUsage.keyEncipherment);
-        BitStringConstantTester.testFlagValueCorrect(3, KeyUsage.dataEncipherment);
-        BitStringConstantTester.testFlagValueCorrect(4, KeyUsage.keyAgreement);
-        BitStringConstantTester.testFlagValueCorrect(5, KeyUsage.keyCertSign);
-        BitStringConstantTester.testFlagValueCorrect(6, KeyUsage.cRLSign);
-        BitStringConstantTester.testFlagValueCorrect(7, KeyUsage.encipherOnly);
-        BitStringConstantTester.testFlagValueCorrect(8, KeyUsage.decipherOnly);
-
-        if (!new KeyUsage(KeyUsage.keyCertSign).hasUsages(KeyUsage.keyCertSign))
-        {
-            fail("usages bit test failed 1");
-        }
-
-        if (new KeyUsage(KeyUsage.cRLSign).hasUsages(KeyUsage.keyCertSign))
-        {
-            fail("usages bit test failed 2");
-        }
-
-        if (!new KeyUsage(KeyUsage.cRLSign | KeyUsage.decipherOnly).hasUsages(KeyUsage.cRLSign | KeyUsage.decipherOnly))
-        {
-            fail("usages bit test failed 3");
-        }
-
-        if (new KeyUsage(KeyUsage.cRLSign | KeyUsage.decipherOnly).hasUsages(KeyUsage.cRLSign | KeyUsage.decipherOnly | KeyUsage.keyCertSign))
-        {
-            fail("usages bit test failed 4");
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new KeyUsageTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/LDSSecurityObjectUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/LDSSecurityObjectUnitTest.java
deleted file mode 100644
index 809177a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/LDSSecurityObjectUnitTest.java
+++ /dev/null

@@ -1,216 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-import java.util.Random;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.icao.DataGroupHash;
-import org.bouncycastle.asn1.icao.LDSSecurityObject;
-import org.bouncycastle.asn1.icao.LDSVersionInfo;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class LDSSecurityObjectUnitTest 
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "LDSSecurityObject";
-    }
-    
-    private byte[] generateHash()
-    {
-        Random rand = new Random();
-        byte[] bytes = new byte[20];
-        
-        for (int i = 0; i != bytes.length; i++)
-        {
-            bytes[i] = (byte)rand.nextInt();
-        }
-        
-        return bytes;
-    }
-    
-    public void performTest() 
-        throws Exception
-    {
-        AlgorithmIdentifier  algoId = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1);
-        DataGroupHash[] datas = new DataGroupHash[2];
-      
-        datas[0] = new DataGroupHash(1, new DEROctetString(generateHash()));
-        datas[1] = new DataGroupHash(2, new DEROctetString(generateHash()));
-        
-        LDSSecurityObject so = new LDSSecurityObject(algoId, datas);
-
-        checkConstruction(so, algoId, datas);
-
-        LDSVersionInfo versionInfo = new LDSVersionInfo("Hello", "world");
-
-        so = new LDSSecurityObject(algoId, datas, versionInfo);
-
-        checkConstruction(so, algoId, datas, versionInfo);
-
-        try
-        {
-            LDSSecurityObject.getInstance(null);
-        }
-        catch (Exception e)
-        {
-            fail("getInstance() failed to handle null.");
-        }
-        
-        try
-        {
-            LDSSecurityObject.getInstance(new Object());
-            
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-        
-        try
-        {
-            ASN1EncodableVector v = new ASN1EncodableVector();
-            
-            LDSSecurityObject.getInstance(new DERSequence(v));
-            
-            fail("constructor failed to detect empty sequence.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-        
-        try
-        {
-            new LDSSecurityObject(algoId, new DataGroupHash[1]);
-            
-            fail("constructor failed to detect small DataGroupHash array.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-        
-        try
-        {
-            new LDSSecurityObject(algoId, new DataGroupHash[LDSSecurityObject.ub_DataGroups + 1]);
-            
-            fail("constructor failed to out of bounds DataGroupHash array.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void checkConstruction(
-        LDSSecurityObject so,
-        AlgorithmIdentifier digestAlgorithmIdentifier, 
-        DataGroupHash[]       datagroupHash) 
-        throws IOException
-    {
-        checkStatement(so, digestAlgorithmIdentifier, datagroupHash, null);
-        
-        so = LDSSecurityObject.getInstance(so);
-        
-        checkStatement(so, digestAlgorithmIdentifier, datagroupHash, null);
-        
-        ASN1InputStream aIn = new ASN1InputStream(so.toASN1Primitive().getEncoded());
-
-        ASN1Sequence seq = (ASN1Sequence)aIn.readObject();
-        
-        so = LDSSecurityObject.getInstance(seq);
-        
-        checkStatement(so, digestAlgorithmIdentifier, datagroupHash, null);
-    }
-
-    private void checkConstruction(
-        LDSSecurityObject   so,
-        AlgorithmIdentifier digestAlgorithmIdentifier,
-        DataGroupHash[]     datagroupHash,
-        LDSVersionInfo      versionInfo)
-        throws IOException
-    {
-        if (so.getVersion() != 1)
-        {
-            fail("version number not 1");
-        }
-
-        checkStatement(so, digestAlgorithmIdentifier, datagroupHash, versionInfo);
-
-        so = LDSSecurityObject.getInstance(so);
-
-        checkStatement(so, digestAlgorithmIdentifier, datagroupHash, versionInfo);
-
-        ASN1InputStream aIn = new ASN1InputStream(so.toASN1Primitive().getEncoded());
-
-        ASN1Sequence seq = (ASN1Sequence)aIn.readObject();
-
-        so = LDSSecurityObject.getInstance(seq);
-
-        checkStatement(so, digestAlgorithmIdentifier, datagroupHash, versionInfo);
-    }
-
-    private void checkStatement(
-        LDSSecurityObject   so,
-        AlgorithmIdentifier digestAlgorithmIdentifier, 
-        DataGroupHash[]     datagroupHash,
-        LDSVersionInfo      versionInfo)
-    {
-        if (digestAlgorithmIdentifier != null)
-        {
-            if (!so.getDigestAlgorithmIdentifier().equals(digestAlgorithmIdentifier))
-            {
-                fail("ids don't match.");
-            }
-        }
-        else if (so.getDigestAlgorithmIdentifier() != null)
-        {
-            fail("digest algorithm Id found when none expected.");
-        }
-        
-        if (datagroupHash != null)
-        {
-            DataGroupHash[] datas = so.getDatagroupHash();
-            
-            for (int i = 0; i != datas.length; i++)
-            {
-                if (!datagroupHash[i].equals(datas[i]))
-                {
-                    fail("name registration authorities don't match.");
-                }
-            }
-        }
-        else if (so.getDatagroupHash() != null)
-        {
-            fail("data hash groups found when none expected.");
-        }
-
-        if (versionInfo != null)
-        {
-            if (!versionInfo.equals(so.getVersionInfo()))
-            {
-                fail("versionInfo doesn't match");
-            }
-        }
-        else if (so.getVersionInfo() != null)
-        {
-            fail("version info found when none expected.");
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new LDSSecurityObjectUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/LocaleTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/LocaleTest.java
deleted file mode 100644
index 89ee7e0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/LocaleTest.java
+++ /dev/null

@@ -1,59 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.text.DateFormat;
-import java.util.Date;
-import java.util.Locale;
-
-import org.bouncycastle.asn1.DERGeneralizedTime;
-import org.bouncycastle.asn1.DERUTCTime;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class LocaleTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "LocaleTest";
-    }
-
-    private void doTestLocale(Locale l)
-        throws Exception
-    {
-        long time = 1538063166000L;
-        String timeString = "180927154606GMT+00:00";
-        String longTimeString = "20180927154606Z";
-
-        Locale.setDefault(l);
-
-        isTrue(time == new DERUTCTime(timeString).getAdjustedDate().getTime());
-        isTrue(time == new DERGeneralizedTime(longTimeString).getDate().getTime());
-
-        isTrue(time == new DERUTCTime(new Date(time)).getAdjustedDate().getTime());
-        isTrue(time == new DERGeneralizedTime(new Date(time)).getDate().getTime());
-
-        Date d = new Date();
-
-        isTrue((d.getTime() - (d.getTime() % 1000)) == new DERUTCTime(d).getAdjustedDate().getTime());
-        isTrue((d.getTime() - (d.getTime() % 1000)) == new DERGeneralizedTime(d).getDate().getTime());
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        Locale defLocale = Locale.getDefault();
-
-        Locale list[] = DateFormat.getAvailableLocales();
-        for (int i = 0; i != list.length; i++)
-        {
-            doTestLocale(list[i]);
-        }
-
-        Locale.setDefault(defLocale);
-    }
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new LocaleTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/LraPopWitnessTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/LraPopWitnessTest.java
deleted file mode 100644
index 85a52b6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/LraPopWitnessTest.java
+++ /dev/null

@@ -1,42 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cmc.BodyPartID;
-import org.bouncycastle.asn1.cmc.LraPopWitness;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-public class LraPopWitnessTest
-    extends SimpleTest
-{
-
-    public static void main(String[] args)
-    {
-        runTest(new LraPopWitnessTest());
-    }
-
-    public String getName()
-    {
-        return "LraPopWitnessTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        LraPopWitness popWitness = new LraPopWitness(new BodyPartID(10L), new DERSequence(new ASN1Integer(20L)));
-        byte[] b = popWitness.getEncoded();
-        LraPopWitness popWitnessResult = LraPopWitness.getInstance(b);
-
-        isTrue("BodyIds", Arrays.areEqual(popWitness.getBodyIds(), popWitnessResult.getBodyIds()));
-        isEquals("PkiDataBody", popWitness.getPkiDataBodyid(), popWitnessResult.getPkiDataBodyid());
-
-        try {
-            LraPopWitness.getInstance(new DERSequence());
-            fail("Sequence length must be 2");
-        } catch (Throwable t) {
-            isEquals("Exception class",t.getClass(), IllegalArgumentException.class);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/MiscTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/MiscTest.java
deleted file mode 100644
index f4dc225..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/MiscTest.java
+++ /dev/null

@@ -1,150 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Enumerated;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1OutputStream;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.BERSequence;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERIA5String;
-import org.bouncycastle.asn1.misc.CAST5CBCParameters;
-import org.bouncycastle.asn1.misc.IDEACBCPar;
-import org.bouncycastle.asn1.misc.NetscapeCertType;
-import org.bouncycastle.asn1.misc.NetscapeRevocationURL;
-import org.bouncycastle.asn1.misc.VerisignCzagExtension;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class MiscTest
-    extends SimpleTest
-{
-    public void shouldFailOnExtraData()
-        throws Exception
-    {
-        // basic construction
-        DERBitString s1 = new DERBitString(new byte[0], 0);
-
-        ASN1Primitive.fromByteArray(s1.getEncoded());
-
-        ASN1Primitive.fromByteArray(new BERSequence(s1).getEncoded());
-
-        try
-        {
-            ASN1Primitive obj = ASN1Primitive.fromByteArray(Arrays.concatenate(s1.getEncoded(), new byte[1]));
-            fail("no exception");
-        }
-        catch (IOException e)
-        {
-            if (!"Extra data detected in stream".equals(e.getMessage()))
-            {
-                fail("wrong exception");
-            }
-        }
-    }
-
-    public void derIntegerTest()
-        throws Exception
-    {
-        try
-        {
-            new ASN1Integer(new byte[] { 0, 0, 0, 1});
-        }
-        catch (IllegalArgumentException e)
-        {
-            isTrue("wrong exc", "malformed integer".equals(e.getMessage()));
-        }
-
-        try
-        {
-            new ASN1Integer(new byte[] {(byte)0xff, (byte)0x80, 0, 1});
-        }
-        catch (IllegalArgumentException e)
-        {
-            isTrue("wrong exc", "malformed integer".equals(e.getMessage()));
-        }
-
-        try
-        {
-            new ASN1Enumerated(new byte[] { 0, 0, 0, 1});
-        }
-        catch (IllegalArgumentException e)
-        {
-            isTrue("wrong exc", "malformed enumerated".equals(e.getMessage()));
-        }
-
-        try
-        {
-            new ASN1Enumerated(new byte[] {(byte)0xff, (byte)0x80, 0, 1});
-        }
-        catch (IllegalArgumentException e)
-        {
-            isTrue("wrong exc", "malformed enumerated".equals(e.getMessage()));
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        byte[]  testIv = { 1, 2, 3, 4, 5, 6, 7, 8 };
-        
-        ASN1Encodable[]     values = {
-            new CAST5CBCParameters(testIv, 128), 
-            new NetscapeCertType(NetscapeCertType.smime),    
-            new VerisignCzagExtension(new DERIA5String("hello")),
-            new IDEACBCPar(testIv),        
-            new NetscapeRevocationURL(new DERIA5String("http://test"))
-        };
-        
-        byte[] data = Base64.decode("MA4ECAECAwQFBgcIAgIAgAMCBSAWBWhlbGxvMAoECAECAwQFBgcIFgtodHRwOi8vdGVzdA==");
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        ASN1OutputStream aOut = new ASN1OutputStream(bOut);
-
-        for (int i = 0; i != values.length; i++)
-        {
-            aOut.writeObject(values[i]);
-        }
-
-        if (!areEqual(bOut.toByteArray(), data))
-        {
-            fail("Failed data check");
-        }
-
-        ASN1InputStream aIn = new ASN1InputStream(bOut.toByteArray());
-
-        for (int i = 0; i != values.length; i++)
-        {
-            ASN1Primitive o = aIn.readObject();
-            if (!values[i].equals(o))
-            {
-                fail("Failed equality test for " + o);
-            }
-
-            if (o.hashCode() != values[i].hashCode())
-            {
-                fail("Failed hashCode test for " + o);
-            }
-        }
-
-        shouldFailOnExtraData();
-        derIntegerTest();
-    }
-
-    public String getName()
-    {
-        return "Misc";
-    }
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new MiscTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/ModCertTemplateTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/ModCertTemplateTest.java
deleted file mode 100644
index 3c09b90..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/ModCertTemplateTest.java
+++ /dev/null

@@ -1,83 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.DLSequence;
-import org.bouncycastle.asn1.cmc.BodyPartID;
-import org.bouncycastle.asn1.cmc.BodyPartList;
-import org.bouncycastle.asn1.cmc.BodyPartPath;
-import org.bouncycastle.asn1.cmc.ModCertTemplate;
-import org.bouncycastle.asn1.crmf.CertTemplate;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-public class ModCertTemplateTest
-    extends SimpleTest
-{
-    public static void main(String[] args)
-    {
-        runTest(new ModCertTemplateTest());
-    }
-
-    public String getName()
-    {
-        return "ModCertTemplateTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-
-        BodyPartPath pkiDataReference = new BodyPartPath(new BodyPartID(10L));
-        BodyPartList certReferences = new BodyPartList(new BodyPartID(12L));
-        boolean replace = false;
-        CertTemplate certTemplate = CertTemplate.getInstance(new DLSequence(new DERTaggedObject(false, 1, new ASN1Integer(34L))));
-        {
-            ModCertTemplate modCertTemplate = new ModCertTemplate(
-                pkiDataReference,
-                certReferences,
-                replace,
-                certTemplate
-            );
-
-            byte[] b = modCertTemplate.getEncoded();
-
-            ModCertTemplate modCertTemplateResult = ModCertTemplate.getInstance(b);
-
-            isEquals("pkiDataReference", modCertTemplate.getPkiDataReference(), modCertTemplateResult.getPkiDataReference());
-            isEquals("certReference", modCertTemplate.getCertReferences(), modCertTemplateResult.getCertReferences());
-            isEquals("replacingFields", modCertTemplate.isReplacingFields(), modCertTemplateResult.isReplacingFields());
-            isEquals("certTemplate", modCertTemplate.getCertTemplate().getSerialNumber(), modCertTemplateResult.getCertTemplate().getSerialNumber());
-        }
-
-
-        {
-            // Test default 'result'
-            ModCertTemplate mct = ModCertTemplate.getInstance(new DERSequence(new ASN1Encodable[]{
-                pkiDataReference,
-                certReferences,
-                certTemplate
-            }));
-
-            isEquals("pkiDataReference", mct.getPkiDataReference(), pkiDataReference);
-            isEquals("certReference", mct.getCertReferences(), certReferences);
-            isEquals("DEFAULT TRUE on replacingFields", mct.isReplacingFields(), true);
-            isEquals("certTemplate", mct.getCertTemplate().getSerialNumber(), certTemplate.getSerialNumber());
-        }
-
-
-        try
-        {
-            ModCertTemplate.getInstance(new DERSequence());
-            fail("Sequence must be 3 or 4.");
-        }
-        catch (Throwable t)
-        {
-            isEquals(t.getClass(), IllegalArgumentException.class);
-        }
-
-
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/MonetaryLimitUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/MonetaryLimitUnitTest.java
deleted file mode 100644
index 0f256c8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/MonetaryLimitUnitTest.java
+++ /dev/null

@@ -1,85 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.isismtt.x509.MonetaryLimit;
-
-public class MonetaryLimitUnitTest
-    extends ASN1UnitTest
-{
-    public String getName()
-    {
-        return "MonetaryLimit";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        String currency = "AUD";
-        int    amount = 1;
-        int    exponent = 2;
-
-        MonetaryLimit limit = new MonetaryLimit(currency, amount, exponent);
-
-        checkConstruction(limit, currency, amount, exponent);
-
-        limit = MonetaryLimit.getInstance(null);
-
-        if (limit != null)
-        {
-            fail("null getInstance() failed.");
-        }
-
-        try
-        {
-            MonetaryLimit.getInstance(new Object());
-
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void checkConstruction(
-        MonetaryLimit limit,
-        String currency,
-        int    amount,
-        int    exponent)
-        throws IOException
-    {
-        checkValues(limit, currency, amount, exponent);
-
-        limit = MonetaryLimit.getInstance(limit);
-
-        checkValues(limit, currency, amount, exponent);
-
-        ASN1InputStream aIn = new ASN1InputStream(limit.toASN1Primitive().getEncoded());
-
-        ASN1Sequence seq = (ASN1Sequence)aIn.readObject();
-
-        limit = MonetaryLimit.getInstance(seq);
-
-        checkValues(limit, currency, amount, exponent);
-    }
-
-    private void checkValues(
-        MonetaryLimit limit,
-        String currency,
-        int    amount,
-        int    exponent)
-    {
-        checkMandatoryField("currency", currency, limit.getCurrency());
-        checkMandatoryField("amount", amount, limit.getAmount().intValue());
-        checkMandatoryField("exponent", exponent, limit.getExponent().intValue());
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new MonetaryLimitUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/MonetaryValueUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/MonetaryValueUnitTest.java
deleted file mode 100644
index 9b74b54..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/MonetaryValueUnitTest.java
+++ /dev/null

@@ -1,88 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.x509.qualified.Iso4217CurrencyCode;
-import org.bouncycastle.asn1.x509.qualified.MonetaryValue;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class MonetaryValueUnitTest 
-    extends SimpleTest
-{
-    private static final int TEST_AMOUNT = 100;
-    private static final int ZERO_EXPONENT = 0;
-    
-    private static final String CURRENCY_CODE = "AUD";
-
-    public String getName()
-    {
-        return "MonetaryValue";
-    }
-
-    public void performTest() 
-        throws Exception
-    {
-        MonetaryValue mv = new MonetaryValue(new Iso4217CurrencyCode(CURRENCY_CODE), TEST_AMOUNT, ZERO_EXPONENT);
-
-        checkValues(mv, TEST_AMOUNT, ZERO_EXPONENT);
-        
-        mv = MonetaryValue.getInstance(mv);
-        
-        checkValues(mv, TEST_AMOUNT, ZERO_EXPONENT);
-        
-        ASN1InputStream aIn = new ASN1InputStream(mv.toASN1Primitive().getEncoded());
-
-        ASN1Sequence seq = (ASN1Sequence)aIn.readObject();
-        
-        mv = MonetaryValue.getInstance(seq);
-        
-        checkValues(mv, TEST_AMOUNT, ZERO_EXPONENT);
-        
-        mv = MonetaryValue.getInstance(null);
-        
-        if (mv != null)
-        {
-            fail("null getInstance() failed.");
-        }
-        
-        try
-        {
-            MonetaryValue.getInstance(new Object());
-            
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void checkValues(
-        MonetaryValue mv,
-        int           amount,
-        int           exponent)
-    {
-        if (mv.getAmount().intValue() != amount)
-        {
-            fail("amounts don't match.");
-        }
-        
-        if (mv.getExponent().intValue() != exponent)
-        {
-            fail("exponents don't match.");
-        }
-        
-        Iso4217CurrencyCode cc = mv.getCurrency();
-        
-        if (!cc.getAlphabetic().equals(CURRENCY_CODE))
-        {
-            fail("currency code wrong");
-        }
-    }
-    
-    public static void main(
-        String[]    args)
-    {
-        runTest(new MonetaryValueUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/NameOrPseudonymUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/NameOrPseudonymUnitTest.java
deleted file mode 100644
index 7730dc1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/NameOrPseudonymUnitTest.java
+++ /dev/null

@@ -1,108 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1String;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x500.DirectoryString;
-import org.bouncycastle.asn1.x509.sigi.NameOrPseudonym;
-
-public class NameOrPseudonymUnitTest
-    extends ASN1UnitTest
-{
-    public String getName()
-    {
-        return "NameOrPseudonym";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        String          pseudonym = "pseudonym";
-        DirectoryString surname = new DirectoryString("surname");
-        ASN1Sequence    givenName = new DERSequence(new DirectoryString("givenName"));
-
-        NameOrPseudonym id = new NameOrPseudonym(pseudonym);
-
-        checkConstruction(id, pseudonym, null, null);
-
-        id = new NameOrPseudonym(surname, givenName);
-
-        checkConstruction(id, null, surname, givenName);
-
-        id = NameOrPseudonym.getInstance(null);
-
-        if (id != null)
-        {
-            fail("null getInstance() failed.");
-        }
-
-        try
-        {
-            NameOrPseudonym.getInstance(new Object());
-
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void checkConstruction(
-        NameOrPseudonym id,
-        String          pseudonym,
-        DirectoryString surname,
-        ASN1Sequence    givenName)
-        throws IOException
-    {
-        checkValues(id, pseudonym, surname, givenName);
-
-        id = NameOrPseudonym.getInstance(id);
-
-        checkValues(id, pseudonym, surname, givenName);
-
-        ASN1InputStream aIn = new ASN1InputStream(id.toASN1Primitive().getEncoded());
-
-        if (surname != null)
-        {
-            ASN1Sequence seq = (ASN1Sequence)aIn.readObject();
-
-            id = NameOrPseudonym.getInstance(seq);
-        }
-        else
-        {
-            ASN1String s = (ASN1String)aIn.readObject();
-
-            id = NameOrPseudonym.getInstance(s);
-        }
-
-        checkValues(id, pseudonym, surname, givenName);
-    }
-
-    private void checkValues(
-        NameOrPseudonym id,
-        String          pseudonym,
-        DirectoryString surname,
-        ASN1Sequence    givenName)
-    {
-
-        if (surname != null)
-        {
-            checkMandatoryField("surname", surname, id.getSurname());
-            checkMandatoryField("givenName", givenName, new DERSequence(id.getGivenName()[0]));
-        }
-        else
-        {
-            checkOptionalField("pseudonym", new DirectoryString(pseudonym), id.getPseudonym());
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new NameOrPseudonymUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/NamingAuthorityUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/NamingAuthorityUnitTest.java
deleted file mode 100644
index 9e5a535..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/NamingAuthorityUnitTest.java
+++ /dev/null

@@ -1,99 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.isismtt.x509.NamingAuthority;
-import org.bouncycastle.asn1.x500.DirectoryString;
-
-public class NamingAuthorityUnitTest
-    extends ASN1UnitTest
-{
-    public String getName()
-    {
-        return "NamingAuthority";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        ASN1ObjectIdentifier namingAuthorityID = new ASN1ObjectIdentifier("1.2.3");
-        String              namingAuthorityURL = "url";
-        DirectoryString     namingAuthorityText = new DirectoryString("text");
-
-        NamingAuthority auth =  new NamingAuthority(namingAuthorityID, namingAuthorityURL, namingAuthorityText);
-
-        checkConstruction(auth, namingAuthorityID, namingAuthorityURL, namingAuthorityText);
-
-        auth =  new NamingAuthority(null, namingAuthorityURL, namingAuthorityText);
-
-        checkConstruction(auth, null, namingAuthorityURL, namingAuthorityText);
-
-        auth =  new NamingAuthority(namingAuthorityID, null, namingAuthorityText);
-
-        checkConstruction(auth, namingAuthorityID, null, namingAuthorityText);
-
-        auth =  new NamingAuthority(namingAuthorityID, namingAuthorityURL, null);
-
-        checkConstruction(auth, namingAuthorityID, namingAuthorityURL, null);
-
-        auth = NamingAuthority.getInstance(null);
-
-        if (auth != null)
-        {
-            fail("null getInstance() failed.");
-        }
-
-        try
-        {
-            NamingAuthority.getInstance(new Object());
-
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void checkConstruction(
-        NamingAuthority auth,
-        ASN1ObjectIdentifier namingAuthorityID,
-        String              namingAuthorityURL,
-        DirectoryString     namingAuthorityText)
-        throws IOException
-    {
-        checkValues(auth, namingAuthorityID, namingAuthorityURL, namingAuthorityText);
-
-        auth = NamingAuthority.getInstance(auth);
-
-        checkValues(auth, namingAuthorityID, namingAuthorityURL, namingAuthorityText);
-
-        ASN1InputStream aIn = new ASN1InputStream(auth.toASN1Primitive().getEncoded());
-
-        ASN1Sequence seq = (ASN1Sequence)aIn.readObject();
-
-        auth = NamingAuthority.getInstance(seq);
-
-        checkValues(auth, namingAuthorityID, namingAuthorityURL, namingAuthorityText);
-    }
-
-    private void checkValues(
-        NamingAuthority auth,
-        ASN1ObjectIdentifier namingAuthorityId,
-        String              namingAuthorityURL,
-        DirectoryString     namingAuthorityText)
-    {
-        checkOptionalField("namingAuthorityId", namingAuthorityId, auth.getNamingAuthorityId());
-        checkOptionalField("namingAuthorityURL", namingAuthorityURL, auth.getNamingAuthorityUrl());
-        checkOptionalField("namingAuthorityText", namingAuthorityText, auth.getNamingAuthorityText());
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new NamingAuthorityUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/NetscapeCertTypeTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/NetscapeCertTypeTest.java
deleted file mode 100644
index e5aa96e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/NetscapeCertTypeTest.java
+++ /dev/null

@@ -1,34 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.misc.NetscapeCertType;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class NetscapeCertTypeTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "NetscapeCertType";
-    }
-
-    public void performTest()
-        throws IOException
-    {
-        BitStringConstantTester.testFlagValueCorrect(0, NetscapeCertType.sslClient);
-        BitStringConstantTester.testFlagValueCorrect(1, NetscapeCertType.sslServer);
-        BitStringConstantTester.testFlagValueCorrect(2, NetscapeCertType.smime);
-        BitStringConstantTester.testFlagValueCorrect(3, NetscapeCertType.objectSigning);
-        BitStringConstantTester.testFlagValueCorrect(4, NetscapeCertType.reserved);
-        BitStringConstantTester.testFlagValueCorrect(5, NetscapeCertType.sslCA);
-        BitStringConstantTester.testFlagValueCorrect(6, NetscapeCertType.smimeCA);
-        BitStringConstantTester.testFlagValueCorrect(7, NetscapeCertType.objectSigningCA);
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new NetscapeCertTypeTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/OCSPTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/OCSPTest.java
deleted file mode 100644
index ae1b035..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/OCSPTest.java
+++ /dev/null

@@ -1,193 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.ByteArrayInputStream;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.ocsp.BasicOCSPResponse;
-import org.bouncycastle.asn1.ocsp.OCSPRequest;
-import org.bouncycastle.asn1.ocsp.OCSPResponse;
-import org.bouncycastle.asn1.ocsp.ResponseBytes;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-import org.bouncycastle.util.test.SimpleTestResult;
-
-public class OCSPTest
-    implements Test
-{
-    private byte[] unsignedReq = Base64.decode(
-        "MEIwQDA+MDwwOjAJBgUrDgMCGgUABBRDb9GODnq7lRhSkEqw4XX24huERwQUkY4j"
-      + "a6eKuDlkVP9hRgkEvIWqHPECAQE=");
-    
-    private byte[] signedReq = Base64.decode(
-        "MIIC9jBAMD4wPDA6MAkGBSsOAwIaBQAEFENv0Y4OeruVGFKQSrDhdfbiG4RHBBTc"
-      + "Mr1fP+mZAxbF2ZdehWxn6mtAngIBAaCCArAwggKsMA0GCSqGSIb3DQEBBQUAA4GB"
-      + "AAzHBm4nL5AcRQB3Jkz7ScNeZF+GbRZ0p4kBDTnqi3IeESuso12yJhpqqyijdnj5"
-      + "gd4/GsSAgdluLHyYZ6wgozV7G9MDXCnFnG4PBUW05HaVX81JYAp+amVyU0NOgNrG"
-      + "90npVBsHb0o+UlkxNgMiEbSkp/TeGb6YURsYKhmwp7BgoIICFTCCAhEwggINMIIB"
-      + "dqADAgECAgEBMA0GCSqGSIb3DQEBBAUAMCUxFjAUBgNVBAoTDUJvdW5jeSBDYXN0"
-      + "bGUxCzAJBgNVBAYTAkFVMB4XDTA0MTAyNDEzNDc0M1oXDTA1MDIwMTEzNDc0M1ow"
-      + "JTEWMBQGA1UEChMNQm91bmN5IENhc3RsZTELMAkGA1UEBhMCQVUwgZ8wDQYJKoZI"
-      + "hvcNAQEBBQADgY0AMIGJAoGBAJBmLeIzthMHUeTkOeJ76iBxcMHY31o/i3a9VT12"
-      + "y2FcS/ejJmeUCMTdtwl5alOwXY66vF4DyT1VU/nJG3mHpSoqq7qrMXOIFGcXg1Wf"
-      + "oJRrQgTOLdQ6bod7i9ME/EjEJy70orh0nVS7NGcu0R5TjcbLde2J5zxjb/W9wqfy"
-      + "RovJAgMBAAGjTTBLMB0GA1UdDgQWBBTcMr1fP+mZAxbF2ZdehWxn6mtAnjAfBgNV"
-      + "HSMEGDAWgBTcMr1fP+mZAxbF2ZdehWxn6mtAnjAJBgNVHRMEAjAAMA0GCSqGSIb3"
-      + "DQEBBAUAA4GBAF/4EH1KkNrNxocJPIp7lThmG1KIVYESIadowMowrbok46ESofRF"
-      + "OIPku07W+e1Y1Y1KXLIiPMG3IGwrBrn04iLsbbBUiN37BcC/VyT4xKJ2MYscGjKL"
-      + "ua/9bU0lOyeTRAwqb8towWRd5lLYAI3RQ7dhStUTFp3Vqd803PJ/cpR6");
-
-    private byte[] response = Base64.decode(
-            "MIIFnAoBAKCCBZUwggWRBgkrBgEFBQcwAQEEggWCMIIFfjCCARehgZ8wgZwx"
-          + "CzAJBgNVBAYTAklOMRcwFQYDVQQIEw5BbmRocmEgcHJhZGVzaDESMBAGA1UE"
-          + "BxMJSHlkZXJhYmFkMQwwCgYDVQQKEwNUQ1MxDDAKBgNVBAsTA0FUQzEeMBwG"
-          + "A1UEAxMVVENTLUNBIE9DU1AgUmVzcG9uZGVyMSQwIgYJKoZIhvcNAQkBFhVv"
-          + "Y3NwQHRjcy1jYS50Y3MuY28uaW4YDzIwMDMwNDAyMTIzNDU4WjBiMGAwOjAJ"
-          + "BgUrDgMCGgUABBRs07IuoCWNmcEl1oHwIak1BPnX8QQUtGyl/iL9WJ1VxjxF"
-          + "j0hAwJ/s1AcCAQKhERgPMjAwMjA4MjkwNzA5MjZaGA8yMDAzMDQwMjEyMzQ1"
-          + "OFowDQYJKoZIhvcNAQEFBQADgYEAfbN0TCRFKdhsmvOdUoiJ+qvygGBzDxD/"
-          + "VWhXYA+16AphHLIWNABR3CgHB3zWtdy2j7DJmQ/R7qKj7dUhWLSqclAiPgFt"
-          + "QQ1YvSJAYfEIdyHkxv4NP0LSogxrumANcDyC9yt/W9yHjD2ICPBIqCsZLuLk"
-          + "OHYi5DlwWe9Zm9VFwCGgggPMMIIDyDCCA8QwggKsoAMCAQICAQYwDQYJKoZI"
-          + "hvcNAQEFBQAwgZQxFDASBgNVBAMTC1RDUy1DQSBPQ1NQMSYwJAYJKoZIhvcN"
-          + "AQkBFhd0Y3MtY2FAdGNzLWNhLnRjcy5jby5pbjEMMAoGA1UEChMDVENTMQww"
-          + "CgYDVQQLEwNBVEMxEjAQBgNVBAcTCUh5ZGVyYWJhZDEXMBUGA1UECBMOQW5k"
-          + "aHJhIHByYWRlc2gxCzAJBgNVBAYTAklOMB4XDTAyMDgyOTA3MTE0M1oXDTAz"
-          + "MDgyOTA3MTE0M1owgZwxCzAJBgNVBAYTAklOMRcwFQYDVQQIEw5BbmRocmEg"
-          + "cHJhZGVzaDESMBAGA1UEBxMJSHlkZXJhYmFkMQwwCgYDVQQKEwNUQ1MxDDAK"
-          + "BgNVBAsTA0FUQzEeMBwGA1UEAxMVVENTLUNBIE9DU1AgUmVzcG9uZGVyMSQw"
-          + "IgYJKoZIhvcNAQkBFhVvY3NwQHRjcy1jYS50Y3MuY28uaW4wgZ8wDQYJKoZI"
-          + "hvcNAQEBBQADgY0AMIGJAoGBAM+XWW4caMRv46D7L6Bv8iwtKgmQu0SAybmF"
-          + "RJiz12qXzdvTLt8C75OdgmUomxp0+gW/4XlTPUqOMQWv463aZRv9Ust4f8MH"
-          + "EJh4ekP/NS9+d8vEO3P40ntQkmSMcFmtA9E1koUtQ3MSJlcs441JjbgUaVnm"
-          + "jDmmniQnZY4bU3tVAgMBAAGjgZowgZcwDAYDVR0TAQH/BAIwADALBgNVHQ8E"
-          + "BAMCB4AwEwYDVR0lBAwwCgYIKwYBBQUHAwkwNgYIKwYBBQUHAQEEKjAoMCYG"
-          + "CCsGAQUFBzABhhpodHRwOi8vMTcyLjE5LjQwLjExMDo3NzAwLzAtBgNVHR8E"
-          + "JjAkMCKgIKAehhxodHRwOi8vMTcyLjE5LjQwLjExMC9jcmwuY3JsMA0GCSqG"
-          + "SIb3DQEBBQUAA4IBAQB6FovM3B4VDDZ15o12gnADZsIk9fTAczLlcrmXLNN4"
-          + "PgmqgnwF0Ymj3bD5SavDOXxbA65AZJ7rBNAguLUo+xVkgxmoBH7R2sBxjTCc"
-          + "r07NEadxM3HQkt0aX5XYEl8eRoifwqYAI9h0ziZfTNes8elNfb3DoPPjqq6V"
-          + "mMg0f0iMS4W8LjNPorjRB+kIosa1deAGPhq0eJ8yr0/s2QR2/WFD5P4aXc8I"
-          + "KWleklnIImS3zqiPrq6tl2Bm8DZj7vXlTOwmraSQxUwzCKwYob1yGvNOUQTq"
-          + "pG6jxn7jgDawHU1+WjWQe4Q34/pWeGLysxTraMa+Ug9kPe+jy/qRX2xwvKBZ");
-    
-    private boolean isSameAs(
-        byte[]  a,
-        byte[]  b)
-    {
-        if (a.length != b.length)
-        {
-            return false;
-        }
-        
-        for (int i = 0; i != a.length; i++)
-        {
-            if (a[i] != b[i])
-            {
-                return false;
-            }
-        }
-        
-        return true;
-    }
-    
-    private TestResult unsignedRequest()
-    {
-        try
-        {
-            ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(unsignedReq));
-            OCSPRequest     req = OCSPRequest.getInstance(aIn.readObject());
-            
-            if (!isSameAs(req.getEncoded(), unsignedReq))
-            {
-                return new SimpleTestResult(false, getName() + ": OCSP unsigned request failed to re-encode");
-            }
-            
-            return new SimpleTestResult(true, getName() + ": Okay");
-        }
-        catch (Exception e)
-        {
-            return new SimpleTestResult(false, getName() + ": failed unsigned exception - " + e.toString(), e);
-        }
-    }
-    
-    private TestResult signedRequest()
-    {
-        try
-        {
-            ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(signedReq));
-            OCSPRequest     req = OCSPRequest.getInstance(aIn.readObject());
-            
-            if (!isSameAs(req.getEncoded(), signedReq))
-            {
-                return new SimpleTestResult(false, getName() + ": OCSP signed request failed to re-encode");
-            }
-            
-            return new SimpleTestResult(true, getName() + ": Okay");
-        }
-        catch (Exception e)
-        {
-            return new SimpleTestResult(false, getName() + ": failed signed exception - " + e.toString(), e);
-        }
-    }
-    
-    private TestResult response()
-    {
-        try
-        {
-            ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(response));
-            OCSPResponse    resp = OCSPResponse.getInstance(aIn.readObject());
-            ResponseBytes   rBytes = ResponseBytes.getInstance(resp.getResponseBytes());
-            
-            aIn = new ASN1InputStream(new ByteArrayInputStream(rBytes.getResponse().getOctets()));
-            
-            BasicOCSPResponse   bResp = BasicOCSPResponse.getInstance(aIn.readObject());
-            
-            resp = new OCSPResponse(resp.getResponseStatus(), new ResponseBytes(rBytes.getResponseType(), new DEROctetString(bResp.getEncoded())));
-            
-            if (!isSameAs(resp.getEncoded(), response))
-            {
-                return new SimpleTestResult(false, getName() + ": OCSP response failed to re-encode");
-            }
-            
-            return new SimpleTestResult(true, getName() + ": Okay");
-        }
-        catch (Exception e)
-        {
-            return new SimpleTestResult(false, getName() + ": failed response exception - " + e.toString(), e);
-        }
-    }
-
-    public TestResult perform()
-    {
-        TestResult  res = unsignedRequest();
-        
-        if (!res.isSuccessful())
-        {
-            return res;
-        }
-        
-        res = signedRequest();
-        if (!res.isSuccessful())
-        {
-            return res;
-        }
-        
-        return response();
-    }
-
-    public String getName()
-    {
-        return "OCSP";
-    }
-
-    public static void main(
-        String[] args)
-    {
-        OCSPTest    test = new OCSPTest();
-        TestResult      result = test.perform();
-
-        System.out.println(result);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/OIDTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/OIDTest.java
deleted file mode 100644
index fa5aa61..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/OIDTest.java
+++ /dev/null

@@ -1,165 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OutputStream;
-import org.bouncycastle.asn1.DEROutputStream;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-/**
- * X.690 test example
- */
-public class OIDTest
-    extends SimpleTest
-{
-    byte[]    req1 = Hex.decode("0603813403");
-    byte[]    req2 = Hex.decode("06082A36FFFFFFDD6311");
-
-    public String getName()
-    {
-        return "OID";
-    }
-    
-    private void recodeCheck(
-        String oid, 
-        byte[] enc) 
-        throws IOException
-    {
-        ByteArrayInputStream     bIn = new ByteArrayInputStream(enc);
-        ASN1InputStream          aIn = new ASN1InputStream(bIn);
-
-        ASN1ObjectIdentifier      o = new ASN1ObjectIdentifier(oid);
-        ASN1ObjectIdentifier      encO = (ASN1ObjectIdentifier)aIn.readObject();
-        
-        if (!o.equals(encO))
-        {
-            fail("oid ID didn't match", o, encO);
-        }
-        
-        ByteArrayOutputStream    bOut = new ByteArrayOutputStream();
-        DEROutputStream          dOut = new DEROutputStream(bOut);
-
-        dOut.writeObject(o);
-
-        byte[]                    bytes = bOut.toByteArray();
-
-        if (bytes.length != enc.length)
-        {
-            fail("failed length test");
-        }
-
-        for (int i = 0; i != enc.length; i++)
-        {
-            if (bytes[i] != enc[i])
-            {
-                fail("failed comparison test", new String(Hex.encode(enc)), new String(Hex.encode(bytes)));
-            }
-        }
-    }
-    
-    private void validOidCheck(
-        String  oid)
-        throws IOException
-    {
-        ASN1ObjectIdentifier     o = new ASN1ObjectIdentifier(oid);
-        ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
-        ASN1OutputStream        aOut = new ASN1OutputStream(bOut);
-        
-        aOut.writeObject(o);
-        
-        ByteArrayInputStream    bIn = new ByteArrayInputStream(bOut.toByteArray());
-        ASN1InputStream         aIn = new ASN1InputStream(bIn);
-        
-        o = (ASN1ObjectIdentifier)aIn.readObject();
-        
-        if (!o.getId().equals(oid))
-        {
-            fail("failed oid check for " + oid);
-        }
-    }
-
-    private void invalidOidCheck(
-        String oid)
-    {
-        try
-        {
-            new ASN1ObjectIdentifier(oid);
-            fail("failed to catch bad oid: " + oid);
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void branchCheck(String stem, String branch)
-    {
-        String expected = stem + "." + branch;
-        String actual = new ASN1ObjectIdentifier(stem).branch(branch).getId();
-
-        if (!expected.equals(actual))
-        {
-            fail("failed 'branch' check for " + stem + "/" + branch);
-        }
-    }
-
-    private void onCheck(String stem, String test, boolean expected)
-    {
-        if (expected != new ASN1ObjectIdentifier(test).on(new ASN1ObjectIdentifier(stem)))
-        {
-            fail("failed 'on' check for " + stem + "/" + test);
-        }
-    }
-
-    public void performTest()
-        throws IOException
-    {
-        recodeCheck("2.100.3", req1);
-        recodeCheck("1.2.54.34359733987.17", req2);
-        
-        validOidCheck(PKCSObjectIdentifiers.pkcs_9_at_contentType.getId());
-        validOidCheck("0.1");
-        validOidCheck("1.1.127.32512.8323072.2130706432.545460846592.139637976727552.35747322042253312.9151314442816847872");
-        validOidCheck("1.2.123.12345678901.1.1.1");
-        validOidCheck("2.25.196556539987194312349856245628873852187.1");
-
-        invalidOidCheck("0");
-        invalidOidCheck("1");
-        invalidOidCheck("2");
-        invalidOidCheck("3.1");
-        invalidOidCheck("..1");
-        invalidOidCheck("192.168.1.1");
-        invalidOidCheck(".123452");
-        invalidOidCheck("1.");
-        invalidOidCheck("1.345.23.34..234");
-        invalidOidCheck("1.345.23.34.234.");
-        invalidOidCheck(".12.345.77.234");
-        invalidOidCheck(".12.345.77.234.");
-        invalidOidCheck("1.2.3.4.A.5");
-        invalidOidCheck("1,2");
-
-        branchCheck("1.1", "2.2");
-
-        onCheck("1.1", "1.1", false);
-        onCheck("1.1", "1.2", false);
-        onCheck("1.1", "1.2.1", false);
-        onCheck("1.1", "2.1", false);
-        onCheck("1.1", "1.11", false);
-        onCheck("1.12", "1.1.2", false);
-        onCheck("1.1", "1.1.1", true);
-        onCheck("1.1", "1.1.2", true);
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new OIDTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/ObjectIdentifierTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/ObjectIdentifierTest.java
deleted file mode 100644
index 9f74425..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/ObjectIdentifierTest.java
+++ /dev/null

@@ -1,85 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestResult;
-
-public class ObjectIdentifierTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "ObjectIdentifier";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        // exercise the object cache
-        for (int i = 0; i < 100; i++)
-        {
-            for (int j = 0; j < 100; j++)
-            {
-                final ASN1ObjectIdentifier oid1 = new ASN1ObjectIdentifier("1.1." + i + "." + j);
-                final byte[] encoded1 = oid1.getEncoded();
-                final ASN1ObjectIdentifier oid2 = ASN1ObjectIdentifier.getInstance(encoded1);
-                if (oid1 == oid2)
-                {
-                    fail("Shouldn't be the same: " + oid1 + " " + oid2);
-                }
-                if (!oid1.equals(oid2))
-                {
-                    fail("Should be equal: " + oid1 + " " + oid2);
-                }
-                final ASN1ObjectIdentifier oid3 = oid2.intern();
-                if (oid2 != oid3)
-                {
-                    fail("Should be the same: " + oid2 + " " + oid3);
-                }
-                if (!oid2.equals(oid3))
-                {
-                    fail("Should be equal: " + oid2 + " " + oid3);
-                }
-                final byte[] encoded2 = oid3.getEncoded();
-                final ASN1ObjectIdentifier oid4 = ASN1ObjectIdentifier.getInstance(encoded2);
-                if (oid3 != oid4)
-                {
-                    fail("Should be taken from cache: " + oid3 + " " + oid4);
-                }
-                if (!oid3.equals(oid4))
-                {
-                    fail("Should be equal: " + oid3 + " " + oid4);
-                }
-            }
-        }
-
-        // make sure we're not leaking memory
-        for (int i = 0; i < 100; i++)
-        {
-            for (int j = 0; j < 100; j++)
-            {
-                final ASN1ObjectIdentifier oid1 = new ASN1ObjectIdentifier("1.1.2." + i + "." + j);
-                final byte[] encoded1 = oid1.getEncoded();
-                final ASN1ObjectIdentifier oid2 = ASN1ObjectIdentifier.getInstance(encoded1);
-                final ASN1ObjectIdentifier oid3 = ASN1ObjectIdentifier.getInstance(encoded1);
-                if (oid1 == oid2)
-                {
-                    fail("Shouldn't be the same: " + oid1 + " " + oid2);
-                }
-                if (oid2 == oid3)
-                {
-                    fail("Shouldn't be the same: " + oid2 + " " + oid3);
-                }
-            }
-        }
-    }
-
-    public static void main(
-        String[] args)
-    {
-        ObjectIdentifierTest test = new ObjectIdentifierTest();
-        TestResult result = test.perform();
-
-        System.out.println(result);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/OctetStringTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/OctetStringTest.java
deleted file mode 100644
index 68ed5da..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/OctetStringTest.java
+++ /dev/null

@@ -1,203 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.ByteArrayOutputStream;
-import java.io.InputStream;
-import java.io.OutputStream;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetStringParser;
-import org.bouncycastle.asn1.ASN1SequenceParser;
-import org.bouncycastle.asn1.ASN1StreamParser;
-import org.bouncycastle.asn1.BEROctetStringGenerator;
-import org.bouncycastle.asn1.BERSequenceGenerator;
-import org.bouncycastle.asn1.BERTags;
-import org.bouncycastle.asn1.DERSequenceGenerator;
-import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
-import org.bouncycastle.asn1.cms.CompressedDataParser;
-import org.bouncycastle.asn1.cms.ContentInfoParser;
-
-public class OctetStringTest 
-    extends TestCase 
-{
-    public void testReadingWriting()
-        throws Exception
-    {
-       ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-       BEROctetStringGenerator octGen = new BEROctetStringGenerator(bOut);
-       
-       OutputStream out = octGen.getOctetOutputStream();
-       
-       out.write(new byte[] { 1, 2, 3, 4 });
-       out.write(new byte[4]);
-       
-       out.close();
-       
-       ASN1StreamParser aIn = new ASN1StreamParser(bOut.toByteArray());
-       
-       ASN1OctetStringParser s = (ASN1OctetStringParser)aIn.readObject();
-       
-       InputStream in = s.getOctetStream();
-       int         count = 0;
-       
-       while (in.read() >= 0)
-       {
-           count++;
-       }
-
-       assertEquals(8, count);
-    }
-    
-    public void testReadingWritingZeroInLength()
-        throws Exception
-    {
-       ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-       BEROctetStringGenerator octGen = new BEROctetStringGenerator(bOut);
-       
-       OutputStream out = octGen.getOctetOutputStream();
-       
-       out.write(new byte[] { 1, 2, 3, 4 });
-       out.write(new byte[512]);  // forces a zero to appear in length
-       
-       out.close();
-       
-       ASN1StreamParser aIn = new ASN1StreamParser(bOut.toByteArray());
-       
-       ASN1OctetStringParser s = (ASN1OctetStringParser)aIn.readObject();
-       
-       InputStream in = s.getOctetStream();
-       int         count = 0;
-       
-       while (in.read() >= 0)
-       {
-           count++;
-       }
-    
-       assertEquals(516, count);
-    }
-    
-    public void testReadingWritingNested()
-        throws Exception
-    {
-       ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-       BERSequenceGenerator sGen = new BERSequenceGenerator(bOut);
-       BEROctetStringGenerator octGen = new BEROctetStringGenerator(sGen.getRawOutputStream());
-       
-       OutputStream out = octGen.getOctetOutputStream();
-       
-       BERSequenceGenerator inSGen = new BERSequenceGenerator(out);
-       
-       BEROctetStringGenerator inOctGen = new BEROctetStringGenerator(inSGen.getRawOutputStream());
-       
-       OutputStream inOut = inOctGen.getOctetOutputStream();
-       
-       inOut.write(new byte[] { 1, 2, 3, 4 });
-       inOut.write(new byte[10]);
-       
-       inOut.close();
-       
-       inSGen.close();
-       
-       out.close();
-       
-       sGen.close();
-       
-       ASN1StreamParser aIn = new ASN1StreamParser(bOut.toByteArray());
-       
-       ASN1SequenceParser sq = (ASN1SequenceParser)aIn.readObject();
-       
-       ASN1OctetStringParser s = (ASN1OctetStringParser)sq.readObject();
-       
-       ASN1StreamParser aIn2 = new ASN1StreamParser(s.getOctetStream());
-       
-       ASN1SequenceParser sq2 = (ASN1SequenceParser)aIn2.readObject();
-       
-       ASN1OctetStringParser inS = (ASN1OctetStringParser)sq2.readObject();
-       
-       InputStream in = inS.getOctetStream();
-       int         count = 0;
-       
-       while (in.read() >= 0)
-       {
-           count++;
-       }
-    
-       assertEquals(14, count);
-    }
-    
-    public void testNestedStructure()
-        throws Exception
-    {
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        
-        BERSequenceGenerator sGen = new BERSequenceGenerator(bOut);
-        
-        sGen.addObject(new ASN1ObjectIdentifier(CMSObjectIdentifiers.compressedData.getId()));
-        
-        BERSequenceGenerator cGen = new BERSequenceGenerator(sGen.getRawOutputStream(), 0, true);
-        
-        cGen.addObject(new ASN1Integer(0));
-        
-        //
-        // AlgorithmIdentifier
-        //
-        DERSequenceGenerator algGen = new DERSequenceGenerator(cGen.getRawOutputStream());
-        
-        algGen.addObject(new ASN1ObjectIdentifier("1.2"));
-
-        algGen.close();
-        
-        //
-        // Encapsulated ContentInfo
-        //
-        BERSequenceGenerator eiGen = new BERSequenceGenerator(cGen.getRawOutputStream());
-        
-        eiGen.addObject(new ASN1ObjectIdentifier("1.1"));
-        
-        BEROctetStringGenerator octGen = new BEROctetStringGenerator(eiGen.getRawOutputStream(), 0, true);
-        
-        //
-        // output containing zeroes
-        //
-        OutputStream out = octGen.getOctetOutputStream();
-        
-        out.write(new byte[] { 1, 2, 3, 4 });
-        out.write(new byte[4]);
-        out.write(new byte[20]);
-        
-        out.close();
-        eiGen.close();
-        cGen.close();
-        sGen.close();
-        
-        //
-        // reading back
-        //
-        ASN1StreamParser aIn = new ASN1StreamParser(bOut.toByteArray());
-
-        ContentInfoParser cp = new ContentInfoParser((ASN1SequenceParser)aIn.readObject());
-        
-        CompressedDataParser comData = new CompressedDataParser((ASN1SequenceParser)cp.getContent(BERTags.SEQUENCE));
-        ContentInfoParser     content = comData.getEncapContentInfo();
-
-        ASN1OctetStringParser bytes = (ASN1OctetStringParser)content.getContent(BERTags.OCTET_STRING);
-
-        InputStream in = bytes.getOctetStream();
-        int         count = 0;
-        
-        while (in.read() >= 0)
-        {
-            count++;
-        }
-
-        assertEquals(28, count);
-    }
-    
-    public static Test suite()
-    {
-        return new TestSuite(OctetStringTest.class);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/OtherCertIDUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/OtherCertIDUnitTest.java
deleted file mode 100644
index 6b0a455..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/OtherCertIDUnitTest.java
+++ /dev/null

@@ -1,97 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ess.OtherCertID;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.GeneralNames;
-import org.bouncycastle.asn1.x509.IssuerSerial;
-
-public class OtherCertIDUnitTest
-    extends ASN1UnitTest
-{
-    public String getName()
-    {
-        return "OtherCertID";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        AlgorithmIdentifier algId = new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.2.2.3"));
-        byte[]              digest = new byte[20];
-        IssuerSerial        issuerSerial = new IssuerSerial(new GeneralNames(new GeneralName(new X500Name("CN=test"))), new ASN1Integer(1));
-
-        OtherCertID certID = new OtherCertID(algId, digest);
-
-        checkConstruction(certID, algId, digest, null);
-
-        certID = new OtherCertID(algId, digest, issuerSerial);
-
-        checkConstruction(certID, algId, digest, issuerSerial);
-
-        certID = OtherCertID.getInstance(null);
-
-        if (certID != null)
-        {
-            fail("null getInstance() failed.");
-        }
-
-        try
-        {
-            OtherCertID.getInstance(new Object());
-
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void checkConstruction(
-        OtherCertID certID,
-        AlgorithmIdentifier algId,
-        byte[] digest,
-        IssuerSerial issuerSerial)
-        throws IOException
-    {
-        checkValues(certID, algId, digest, issuerSerial);
-
-        certID = OtherCertID.getInstance(certID);
-
-        checkValues(certID, algId, digest, issuerSerial);
-
-        ASN1InputStream aIn = new ASN1InputStream(certID.toASN1Primitive().getEncoded());
-
-        ASN1Sequence seq = (ASN1Sequence)aIn.readObject();
-
-        certID = OtherCertID.getInstance(seq);
-
-        checkValues(certID, algId, digest, issuerSerial);
-    }
-
-    private void checkValues(
-        OtherCertID certID,
-        AlgorithmIdentifier algId,
-        byte[] digest,
-        IssuerSerial issuerSerial)
-    {
-        checkMandatoryField("algorithmHash", algId, certID.getAlgorithmHash());
-        checkMandatoryField("certHash", digest, certID.getCertHash());
-
-        checkOptionalField("issuerSerial", issuerSerial, certID.getIssuerSerial());
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new OtherCertIDUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/OtherMsgTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/OtherMsgTest.java
deleted file mode 100644
index e212936..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/OtherMsgTest.java
+++ /dev/null

@@ -1,42 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.asn1.cmc.BodyPartID;
-import org.bouncycastle.asn1.cmc.OtherMsg;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-public class OtherMsgTest
-    extends SimpleTest
-{
-    public static void main(String[] args)
-    {
-        runTest(new OtherMsgTest());
-    }
-
-    public String getName()
-    {
-        return "OtherMsgTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        OtherMsg otherMsg = new OtherMsg(new BodyPartID(10L), PKCSObjectIdentifiers.id_aa, new DERUTF8String("Cats"));
-        byte[] b = otherMsg.getEncoded();
-        OtherMsg otherMsgResult = OtherMsg.getInstance(b);
-
-        isEquals("bodyPartID", otherMsg.getBodyPartID(), otherMsgResult.getBodyPartID());
-        isEquals("otherMsgType", otherMsg.getOtherMsgType(), otherMsgResult.getOtherMsgType());
-        isEquals("otherMsgValue", otherMsg.getOtherMsgValue(), otherMsgResult.getOtherMsgValue());
-
-        try {
-            OtherMsg.getInstance(new DERSequence());
-            fail("Sequence should be 3 elements long.");
-        } catch (Throwable t) {
-            isEquals("Sequence size",t.getClass(), IllegalArgumentException.class);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/OtherSigningCertificateUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/OtherSigningCertificateUnitTest.java
deleted file mode 100644
index 7dfc4f4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/OtherSigningCertificateUnitTest.java
+++ /dev/null

@@ -1,86 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ess.OtherCertID;
-import org.bouncycastle.asn1.ess.OtherSigningCertificate;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-public class OtherSigningCertificateUnitTest
-    extends ASN1UnitTest
-{
-    public String getName()
-    {
-        return "OtherSigningCertificate";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        AlgorithmIdentifier algId = new AlgorithmIdentifier(new ASN1ObjectIdentifier("1.2.2.3"));
-        byte[]              digest = new byte[20];
-        OtherCertID         otherCertID = new OtherCertID(algId, digest);
-
-        OtherSigningCertificate otherCert = new OtherSigningCertificate(otherCertID);
-
-        checkConstruction(otherCert, otherCertID);
-
-        otherCert = OtherSigningCertificate.getInstance(null);
-
-        if (otherCert != null)
-        {
-            fail("null getInstance() failed.");
-        }
-
-        try
-        {
-            OtherCertID.getInstance(new Object());
-
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void checkConstruction(
-        OtherSigningCertificate otherCert,
-        OtherCertID otherCertID)
-        throws IOException
-    {
-        checkValues(otherCert, otherCertID);
-
-        otherCert = OtherSigningCertificate.getInstance(otherCert);
-
-        checkValues(otherCert, otherCertID);
-
-        ASN1InputStream aIn = new ASN1InputStream(otherCert.toASN1Primitive().getEncoded());
-
-        ASN1Sequence seq = (ASN1Sequence)aIn.readObject();
-
-        otherCert = OtherSigningCertificate.getInstance(seq);
-
-        checkValues(otherCert, otherCertID);
-    }
-
-    private void checkValues(
-        OtherSigningCertificate otherCert,
-        OtherCertID otherCertID)
-    {
-        if (otherCert.getCerts().length != 1)
-        {
-            fail("getCerts() length wrong");
-        }
-        checkMandatoryField("getCerts()[0]", otherCertID, otherCert.getCerts()[0]);
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new OtherSigningCertificateUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/OtherStatusInfoTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/OtherStatusInfoTest.java
deleted file mode 100644
index 1034c51..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/OtherStatusInfoTest.java
+++ /dev/null

@@ -1,68 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.util.Date;
-
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.cmc.CMCFailInfo;
-import org.bouncycastle.asn1.cmc.ExtendedFailInfo;
-import org.bouncycastle.asn1.cmc.OtherStatusInfo;
-import org.bouncycastle.asn1.cmc.PendInfo;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-public class OtherStatusInfoTest
-    extends SimpleTest
-{
-    public static void main(String[] args)
-    {
-        runTest(new OtherStatusInfoTest());
-    }
-
-    public String getName()
-    {
-        return "OtherStatusInfoTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        {
-            OtherStatusInfo ose = OtherStatusInfo.getInstance(CMCFailInfo.badCertId.toASN1Primitive());
-            byte[] b = ose.getEncoded();
-            OtherStatusInfo oseResult = OtherStatusInfo.getInstance(b);
-
-            isEquals("isFailInfo", oseResult.isFailInfo(), true);
-            isEquals("isPendInfo", oseResult.isPendingInfo(), false);
-            isEquals("isExtendedFailInfo", oseResult.isExtendedFailInfo(), false);
-
-            isEquals(ose, oseResult);
-        }
-
-        {
-            OtherStatusInfo ose = OtherStatusInfo.getInstance(new PendInfo("Fish".getBytes(), new ASN1GeneralizedTime(new Date())));
-            byte[] b = ose.getEncoded();
-            OtherStatusInfo oseResult = OtherStatusInfo.getInstance(b);
-
-            isEquals("isFailInfo", oseResult.isFailInfo(), false);
-            isEquals("isPendInfo", oseResult.isPendingInfo(), true);
-            isEquals("isExtendedFailInfo", oseResult.isExtendedFailInfo(), false);
-
-            isEquals(ose, oseResult);
-        }
-
-        {
-            OtherStatusInfo ose = OtherStatusInfo.getInstance(
-                new ExtendedFailInfo(PKCSObjectIdentifiers.canNotDecryptAny, new ASN1Integer(10L)));
-            byte[] b = ose.getEncoded();
-            OtherStatusInfo oseResult = OtherStatusInfo.getInstance(b);
-
-            isEquals("isFailInfo", oseResult.isFailInfo(), false);
-            isEquals("isPendInfo", oseResult.isPendingInfo(), false);
-            isEquals("isExtendedFailInfo", oseResult.isExtendedFailInfo(), true);
-
-            isEquals(ose, oseResult);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/PKCS10Test.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/PKCS10Test.java
deleted file mode 100644
index da6571d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/PKCS10Test.java
+++ /dev/null

@@ -1,101 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROutputStream;
-import org.bouncycastle.asn1.pkcs.CertificationRequest;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-public class PKCS10Test
-    implements Test
-{
-    byte[]    req1 = Base64.decode(
-                "MIHoMIGTAgEAMC4xDjAMBgNVBAMTBVRlc3QyMQ8wDQYDVQQKEwZBbmFUb20xCzAJBgNVBAYTAlNF"
-            +   "MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALlEt31Tzt2MlcOljvacJgzQVhmlMoqAOgqJ9Pgd3Gux"
-            +   "Z7/WcIlgW4QCB7WZT21O1YoghwBhPDMcNGrHei9kHQkCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA0EA"
-            +   "NDEI4ecNtJ3uHwGGlitNFq9WxcoZ0djbQJ5hABMotav6gtqlrwKXY2evaIrsNwkJtNdwwH18aQDU"
-            +   "KCjOuBL38Q==");
-
-    byte[]    req2 = Base64.decode(
-               "MIIB6TCCAVICAQAwgagxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRQwEgYDVQQH"
-            +  "EwtTYW50YSBDbGFyYTEMMAoGA1UEChMDQUJCMVEwTwYDVQQLHEhQAAAAAAAAAG8AAAAAAAAAdwAA"
-            +  "AAAAAABlAAAAAAAAAHIAAAAAAAAAIAAAAAAAAABUAAAAAAAAABxIAAAAAAAARAAAAAAAAAAxDTAL"
-            +  "BgNVBAMTBGJsdWUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANETRZ+6occCOrFxNhfKIp4C"
-            +  "mMkxwhBNb7TnnahpbM9O0r4hrBPcfYuL7u9YX/jN0YNUP+/CiT39HhSe/bikaBPDEyNsl988I8vX"
-            +  "piEdgxYq/+LTgGHbjRsRYCkPtmzwBbuBldNF8bV7pu0v4UScSsExmGqqDlX1TbPU8KkPU1iTAgMB"
-            +  "AAGgADANBgkqhkiG9w0BAQQFAAOBgQAFbrs9qUwh93CtETk7DeUD5HcdCnxauo1bck44snSV6MZV"
-            +  "OCIGaYu1501kmhEvAtVVRr6SEHwimfQDDIjnrWwYsEr/DT6tkTZAbfRd3qUu3iKjT0H0vlUZp0hJ"
-            +  "66mINtBM84uZFBfoXiWY8M3FuAnGmvy6ah/dYtJorTxLKiGkew==");
-
-    public String getName()
-    {
-        return "PKCS10";
-    }
-    
-    public TestResult pkcs10Test(
-        String  testName,
-        byte[]  req)
-    {
-        try
-        {
-            ByteArrayInputStream    bIn = new ByteArrayInputStream(req);
-            ASN1InputStream         aIn = new ASN1InputStream(bIn);
-
-            CertificationRequest    r = new CertificationRequest((ASN1Sequence)aIn.readObject());
-
-            ByteArrayOutputStream    bOut = new ByteArrayOutputStream();
-            DEROutputStream            dOut = new DEROutputStream(bOut);
-
-            dOut.writeObject(r.toASN1Primitive());
-
-            byte[]                    bytes = bOut.toByteArray();
-
-            if (bytes.length != req.length)
-            {
-                return new SimpleTestResult(false, getName() + ": " + testName + " failed length test");
-            }
-
-            for (int i = 0; i != req.length; i++)
-            {
-                if (bytes[i] != req[i])
-                {
-                    return new SimpleTestResult(false, getName() + ": " + testName + " failed comparison test");
-                }
-            }
-        }
-        catch (Exception e)
-        {
-            return new SimpleTestResult(false, getName() + ": Exception - " + testName + " " + e.toString());
-        }
-
-        return new SimpleTestResult(true, getName() + ": Okay");
-    }
-
-    public TestResult perform()
-    {
-        TestResult  res = pkcs10Test("basic CR", req1);
-
-        if (!res.isSuccessful())
-        {
-            return res;
-        }
-
-        return pkcs10Test("Universal CR", req2);
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Test    test = new PKCS10Test();
-
-        TestResult  result = test.perform();
-
-        System.out.println(result);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/PKCS12Test.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/PKCS12Test.java
deleted file mode 100644
index f533a65..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/PKCS12Test.java
+++ /dev/null

@@ -1,227 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1OutputStream;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.BEROctetString;
-import org.bouncycastle.asn1.DLSequence;
-import org.bouncycastle.asn1.pkcs.AuthenticatedSafe;
-import org.bouncycastle.asn1.pkcs.ContentInfo;
-import org.bouncycastle.asn1.pkcs.EncryptedData;
-import org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo;
-import org.bouncycastle.asn1.pkcs.MacData;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.Pfx;
-import org.bouncycastle.asn1.pkcs.SafeBag;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.DigestInfo;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class PKCS12Test
-    extends SimpleTest
-{
-    byte[] pkcs12 = Base64.decode(
-          "MIACAQMwgAYJKoZIhvcNAQcBoIAkgASCA+gwgDCABgkqhkiG9w0BBwGggCSA"
-        + "BIIDRDCCA0AwggM8BgsqhkiG9w0BDAoBAqCCArEwggKtMCcGCiqGSIb3DQEM"
-        + "AQMwGQQUFlnNVpQoEHc+J3UEGxARipkHu5kCAWQEggKAAH9tmy40lly6QDoc"
-        + "1TfmY9y2qysD+lrgk+dnxP04RfoJfycTRDeaz2sPLImZtio9nsqCFqtzU/sl"
-        + "eWigbH34BpKU1sC0Gq1cyik0GO65sW95S6YjKtGcGOBfQCPk1oQjfiqnfU3G"
-        + "oeOaG3COQJukMFj8unv55u0xbX1hwO8SsZmr9RjPzLrVaeY6BP5+CCzOKBaj"
-        + "GxneIDqnQW7/kBIVWK7M+JXGdgQyiKhD6NvXL/zD8oKEne0nIX7IokQuWEn6"
-        + "8Sglv5OSclsSdvHTk57bCuV5lVzoIzczA4J/LZWdrtITeVefBLQSalBzpRde"
-        + "rSTMj485z2x5ChizhjE627/KQ5vkKQkQVqXYYXVyeTvKZRpL7vz13C4DUCwN"
-        + "im1XvNSCNebXS1yHJRtcONDhGJN3UsrVjHr+2kCfE5SCEeSU/dqgNLuLa1tk"
-        + "5+jwZFNj/HjO88wlOwPCol1uuJjDpaEW7dxu5qsVSfZhEXWHs8rZAMttFMzi"
-        + "yxsEkZe8kqngRbNJOY6KpppYedsMWDusUJGfIHo+8zymiw3gv/z+lmFOlDGt"
-        + "CKMk9Es/MgfjpbfhbTVYHOBKS6Qyrz7LdTuBMI8XdsZMuN+Uf73690ggLmKW"
-        + "IELUg8h1RX0ra2n6jOc/1rnebAifMhiMkL1ABQvqOobfOrG/9h9XcXoi64Qr"
-        + "htc3T7yMAHafBX5KUcNkbcn6kssYhpvd8bPADoLBnbx3GxGh/uziB0zKQEI0"
-        + "GnaY4SL7aR4C5xNNi41lYtsR6ohKyfPEGslhrhd4axx0cKxC2sHgVl0k+r8B"
-        + "8Vu44XHbW8LqdspjOHN9qg2erES1Dvgj05SfHDup+V6a3ogJo2YKXOiu3DF4"
-        + "MFEGCSqGSIb3DQEJFDFEHkIARABhAHYAaQBkACAARwAuACAASABvAG8AawAn"
-        + "AHMAIABWAGUAcgBpAFMAaQBnAG4ALAAgAEkAbgBjAC4AIABJAEQwIwYJKoZI"
-        + "hvcNAQkVMRYEFKEcMJ798oZLFkH0OnpbUBnrTLgWAAAAAAAAMIAGCSqGSIb3"
-        + "DQEHBqCAMIACAQAwgAYJKoZIhvcNAQcBMCcGCiqGSIb3DQEMAQYwGQQUTErH"
-        + "kWZ8nBXZYWO53FH4yqRZZsECAWSggASCDGCreuCr6/azcOv5w04bN3jkg4G2"
-        + "dsvTPAjL8bichaEOQCykhuNPt1dv3FsjUsdFC550K0+Y48RyBIID6JTiN9Gj"
-        + "K+a5aLPaXgTRdY74Toof1hYtZ4DIcVyq25LezVQHoe/++pAgEpWjqHTxVDIv"
-        + "YFAgT2oDB+2vkeXM61XnNWOjwCY3pXpk/VGjyN4USkD7Q/Y6tPjQOywvQE7c"
-        + "Ab1z62k9iMia7Yk/qmh+zJu4SSneo0/RLLdMZOlGZv89MResVG038TC8MTA9"
-        + "Uf+wDRcS20d7XDbTaBAgju8TpFIw5/lbDi0feUVlk6L+jkT1ktaTc1Pwtxn7"
-        + "psXMFW6HAWB4exOi09297R9BCOQX6vcetK/iA/3jIC6NuTdizYof0DWetdGy"
-        + "haIkMiEnERYE3unJocH4fq585Rw6mE+BYssPVPkVWZZInF3l69bKduuxsQt+"
-        + "pcApgBVsTjsU+1FOiUxuW2wWKi70RcQprPv5Ef1A5FRNxPFp+7IzLNlE4qCo"
-        + "wvC6NTpeuRw3aGsXSfqHmSddrHugNPmghNgG5lv1Ef7A8MUuyp8fyjAgxCDk"
-        + "4Hpb8PCHGj5t//Fr6Cd0MygJMIFQmv4kUd2LVHxQ9A9WFNCqTz/nBe+ZRLJL"
-        + "NghTv6gGpjGJiBnXYv6Sod2fs+5J2GIvex4qbdh6gzZIU2YTAwpj6Aca3SjA"
-        + "X8+m8AXt2SC3Z6T5+m8SxyiNp2P511paV/TZKtLWXQGKeEX1JXhQkaM6Q5W/"
-        + "IhSgC8/gppk1gbIraBqrW8bEnGBnC03wi0OnMz3ohM4CVHyaW3dQquT2+u6F"
-        + "8VeGXAYHU022NkrpPl/VlfNNEAyisU2+oJqpPZkqL6FsDWF3k6Fq2jXBLL+/"
-        + "a0WA82jIpgjNeXze/cgoHtU023V9E9Qcu+5nPBYdCTR4sRxvHLANii0W8lPv"
-        + "tvU5XO1UsEjHDfKL4E1bhGzGpb/OU5yg/98EN95r/xdFL5G+XVyHeR0UtkcB"
-        + "IuvyBdhkwoprCjkcgLZe8FPIBNw84HRe7Ye6f2gDW/F5uej6rBehJS1VFvCh"
-        + "DXzkajGmK40Gc2APS1/1vZqPu68polgw9dT84rem36PLEOq4KuU7n4QE0g7T"
-        + "YR2G8+4FNgQTjjg/qw3lX+sj6yLn1lYt1dOVvkiM8i8tdZg/3pCKKAW1uV7a"
-        + "astlBxVSkFfn1BrFTc2oFGkTrlUg90a+parOfGHTfDiaHX8ouEg63fk0+Xdi"
-        + "FCarXsqHNPDbpmWLKw8TAmdeneGipyScntJJk4ajy+jROQBgGew3ofOmfkqm"
-        + "oJFNwUvKOXN2ucViLZgsdK/7YgV1OR7oiTh8knQNPk3d5fRYSMFf9GJTjQRV"
-        + "y2CLdICAVzvrUXf9k7miWYkjIp2/HGD7pOH018sX9MrpfJKqvdPFOssZiFd0"
-        + "I2FUbgcEggPotvnT0XoabEiurTm8EPPpw66NKmK/H1kQL0hEtdIazPxfLmm/"
-        + "ZUDokwa7d4bE3BwFh0weQfEvMzJu6Y5E7ir2MqD33XaGMOGys1nst1SPPyDB"
-        + "WpOWD9w7Ng3yU1JVzqFWuVXaXDYbfnlG7AGevKF5PYNZj/RIQBBf5Xle9hTd"
-        + "c9CtxPkrsJwA8DeAwKl2WIfbXGzAYLSnXoYUcoTkWn/O81BlUFgAXv80gLe8"
-        + "NUrH7bhsnyGaPY953NyDk8IWUYrsn/sXvxTy5B0/7/WGMh3CSZrLX3p7TcFY"
-        + "yBrL6SRas4q9rrcwuhBq0tUUbbgWi92nhZl4bOGmx7ehHnwuUId2HWXyVGoB"
-        + "qToee/2E4PZFxSZwKCY6dahswFq5QGDrQKN2/qpOLZcJib6SvSGyEZl2pqr0"
-        + "lqk7tVPzBkN/4uP0qrcbZCDbGW6IXwu3RGMRehqj/HEJcs92lZKfVrk/U07X"
-        + "MBAiQHqV+kLw7kStECR/MGJG1c0xhqqBrf0W74+LpJiv/Q9iFNdWbXvE/cAk"
-        + "G7+OTUABd2kI88uA43T0UoRuPOi5KnLuD3AG+7IuyGyP69Xncd4u0srMg2fn"
-        + "DiLLZUy6vWmxwRFsSMCEfQNLtZaggukoPIihQvbX3mQS9izwLs6D89WtEcZ5"
-        + "6DVbIlUqUinnNKsT8vW1DZo5FMJkUxB666YIPVmkQbbJOEUU89dZg5Gw0og6"
-        + "rn4irEr4xHFdx+S7iqJXhzs9THg/9e4/k8KQ136z7LALOqDookcSdBzW6H8c"
-        + "STjs4qKQyNimsLB90mEuIEApzhseAaLFl+kgORGJv/2a+uoukZchMsJ98MVo"
-        + "sEPS1oBXJl2m9AshkWfON2GDeJatgcw6CyC1mSx++Gg602ZKUZZUaWxkz1Sw"
-        + "zTj3nhiJe+SZsdfxhsojNq7zfxqgY/Rq7BwvphU3StjnxvkB4rTkbmbiGOBO"
-        + "cvTFg4yOtQGRcifk2/XH/bgYiPqQrYSXpO3WRASV005RaSGufcpTtj3YlHGe"
-        + "8FUgZfDtfiGezhNET9KO3/Q0i34bGEpoIb/9uOWH4ZHULIlfdSm1ynV50nE4"
-        + "mJTXccrF6BE80KZI5GWGhqXdfPFaHTK1S20+XCw7bRJCGeiwVxvGfB+C0SZ4"
-        + "ndtqx165dKG5JwFukcygiIZN6foh0/PhwzmFxmPtZuPQt9dtuIQ35Y7PSDsy"
-        + "IH2Ot0Hh0YIN99lHJ6n9HomSjpwcgDXGssEuevbpz27u/MI/Uhq4Gfx0k5RF"
-        + "0pcRYtk1dYSx44a+8WgqZLF8DUNtyjSE/H8P5iGa6tqOl7kNyeeEkfoTtKst"
-        + "asGFwL4Qxxus4GC7repyVi7IJgSCA+iopiqKQJ2IqUHvoIEuD//sZooDx0Je"
-        + "oFRO5VakkTO6WHd8JpOOEU2f6Zjg++HdIl0QK7xcUaRH075LzEfqgn1vyw6J"
-        + "N6ex8D76sf/nAy01NvDPij48Z50XDwXu4kJGJvv0AJwId8BpjziBF0j3K/DI"
-        + "YOOpd6nW4EvdivCgaCnxqlIU/u1OP4BwpO+AUjJh6RKlKviGihQpi103DFhR"
-        + "yXNDhh55pqgCCCuNeEB+ovRt7UxzlGAVRSxJh1Zbjp/+iQun0E32RlSR4Diz"
-        + "p5vDk8NBZpIiKRqI+8GWZc3G1igp7dvViTLw4OdWMKwhccV5+3Ll/W72aNVm"
-        + "azYUoYOVn+OYS1NJkER0tjFOCozRGm5hfkxGlP+02wbH5uu/AQoJMqWIxT6l"
-        + "46IWC24lmAnDCXuM+gWmwUvyXLwuBdejVK8iG1Lnfg1qztoLpYRbBROgRdpt"
-        + "2cbPRm+9seqrth3eJbtmxCvuh3bZ3pR2e0/r5Tob/fDcOc5Kp+j4ndXWkwpa"
-        + "OuH1yxam7zNJR+mcYp1Wiujia5qIeY1QCAEY5QgAWaSHtjlEprwUuootA2Xm"
-        + "V7D8Vsr9BValhm9zMKj6IzsPmM+HZJWlhHcoucuAmPK6Lnys3Kv/mbkSgNOq"
-        + "fJDY901veFfKeqiCbAm6hZjNWoQDNJKFhjXUALrcOv9VCFPA3bMW3Xul/sB4"
-        + "Mq595e+x/1HkNOgZorBv97C6X7ENVDaAFcyZvrRU/ZeDnvFhisfxS4EJhzxl"
-        + "cWWnQhzD+ur1FTTlkmUFzgoB/rW+i3XigiHOuRRnkcoMy1uV17rwH8eELHJu"
-        + "Yni5vu2QUaD4jNEhliE2XCsn8Sm6bcXnfzBa7FXC39QvAcdJHzqcD6iIwjIz"
-        + "hKLu+/XoWFMFFNsgV78AwzPAn6TRya8LLCYPoIZkEP4qBoeZtUZ8PIS/Y7M9"
-        + "QStMwa/NI9SPswb3iScTGvor/obUEQS4QM6mVxFMpQWfwJfyU6jingX4EHRE"
-        + "mqvZ3ehzU8ZLOdKzRKuk022YDT7hwEQ+VL0Fg0Ld9oexqT96nQpUTHZtDRMV"
-        + "iTuJoUYTneDs2c9tsY4mWBqamZQSfTegj4sLMZagkuSUp/SpPM2zSGuD3nY6"
-        + "u3553gIM9jYhvLBEXwjGudVCwMd3bqo/4EhnKb2PcwUzdaMkipQlNteHZjBT"
-        + "1ici63xjJva+di0qTV+W9cyYyHwg1927X2qcMh06BhbHlcXQKbgmbL18KJEt"
-        + "K+GGhGNkP7mtPyHHgBb6vref/z8p7oxT2CG+oBuN/z+xQoYfe9c4IC3e/kNN"
-        + "DIoyYvPyEzAdfMS2aL8qDxzc5GH9UE9kcusJ/2dNEFTzBH2GK1CItL3IACv/"
-        + "LwX1SkI0w7oIQTL127CSnuTrUUkvJ/+rOYScQTMD/ntZPdLdu2ffszg3SzhN"
-        + "ELgojK8ss1OBlruWRHw/fP736Nx8MNsuOvXMnO8lruz+uyuEhF3BLv96oTcg"
-        + "XVHdWhPmOoqNdBQdRgAAAAAAAAAAAAAAAAAAAAAAADA8MCEwCQYFKw4DAhoF"
-        + "AAQUJMZn7MEKv4vW/+voCVyHBa6B0EMEFJOzH/BEjRtNNsZWlo/4L840aE5r"
-        + "AgFkAAA=");
-    
-    public void performTest()
-        throws Exception
-    {
-        ASN1InputStream     aIn = new ASN1InputStream(new ByteArrayInputStream(pkcs12));
-        ASN1Sequence        obj = (ASN1Sequence)aIn.readObject();
-        Pfx                 bag = Pfx.getInstance(obj);
-        ContentInfo         info = bag.getAuthSafe();
-        MacData             mData = bag.getMacData();
-        DigestInfo          dInfo = mData.getMac();
-        AlgorithmIdentifier algId = dInfo.getAlgorithmId();
-        byte[]              salt = mData.getSalt();
-        int                 itCount = mData.getIterationCount().intValue();
-
-        aIn = new ASN1InputStream(new ByteArrayInputStream(((ASN1OctetString)info.getContent()).getOctets()));
-
-        AuthenticatedSafe   authSafe = AuthenticatedSafe.getInstance(aIn.readObject());
-        ContentInfo[]       c = authSafe.getContentInfo();
-
-        //
-        // private key section
-        //
-        if (!c[0].getContentType().equals(PKCSObjectIdentifiers.data))
-        {
-            fail("failed comparison data test");
-        }
-
-        aIn = new ASN1InputStream(new ByteArrayInputStream(((ASN1OctetString)c[0].getContent()).getOctets()));
-        ASN1Sequence    seq = (ASN1Sequence)aIn.readObject();
-
-        SafeBag b = SafeBag.getInstance(seq.getObjectAt(0));
-        if (!b.getBagId().equals(PKCSObjectIdentifiers.pkcs8ShroudedKeyBag))
-        {
-            fail("failed comparison shroudedKeyBag test");
-        }
-
-        EncryptedPrivateKeyInfo encInfo = EncryptedPrivateKeyInfo.getInstance(b.getBagValue());
-
-        encInfo = new EncryptedPrivateKeyInfo(encInfo.getEncryptionAlgorithm(), encInfo.getEncryptedData());
-
-        b = new SafeBag(PKCSObjectIdentifiers.pkcs8ShroudedKeyBag, encInfo.toASN1Primitive(), b.getBagAttributes());
-
-        ByteArrayOutputStream abOut = new ByteArrayOutputStream();
-        ASN1OutputStream      berOut = new ASN1OutputStream(abOut);
-
-        berOut.writeObject(new DLSequence(b));
-
-        c[0] = new ContentInfo(PKCSObjectIdentifiers.data, new BEROctetString(abOut.toByteArray()));
-
-        //
-        // certificates
-        //
-        if (!c[1].getContentType().equals(PKCSObjectIdentifiers.encryptedData))
-        {
-            fail("failed comparison encryptedData test");
-        }
-
-        EncryptedData   eData = EncryptedData.getInstance(c[1].getContent());
-
-        c[1] = new ContentInfo(PKCSObjectIdentifiers.encryptedData, eData);
-
-        //
-        // create an octet stream represent the BER encoding of authSafe
-        //
-        authSafe = new AuthenticatedSafe(c);
-
-        abOut = new ByteArrayOutputStream();
-        berOut = new ASN1OutputStream(abOut);
-
-        berOut.writeObject(authSafe);
-
-        info = new ContentInfo(PKCSObjectIdentifiers.data, new BEROctetString(abOut.toByteArray()));
-
-        mData = new MacData(new DigestInfo(algId, dInfo.getDigest()), salt, itCount);
-
-        bag = new Pfx(info, mData);
-
-        //
-        // comparison test
-        //
-
-        ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
-        ASN1OutputStream        aOut = new ASN1OutputStream(bOut);
-
-        aOut.writeObject(bag);
-
-        if (!Arrays.areEqual(bOut.toByteArray(), pkcs12))
-        {
-            fail("failed comparison test");
-        }
-    }
-
-    public String getName()
-    {
-        return "PKCS12";
-    }
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new PKCS12Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/PKIDataTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/PKIDataTest.java
deleted file mode 100644
index 6fd2339..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/PKIDataTest.java
+++ /dev/null

@@ -1,73 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.cmc.BodyPartID;
-import org.bouncycastle.asn1.cmc.CertificationRequest;
-import org.bouncycastle.asn1.cmc.OtherMsg;
-import org.bouncycastle.asn1.cmc.PKIData;
-import org.bouncycastle.asn1.cmc.TaggedAttribute;
-import org.bouncycastle.asn1.cmc.TaggedCertificationRequest;
-import org.bouncycastle.asn1.cmc.TaggedContentInfo;
-import org.bouncycastle.asn1.cmc.TaggedRequest;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-public class PKIDataTest
-    extends SimpleTest
-{
-    public static void main(String[] args)
-    {
-        runTest(new PKIDataTest());
-    }
-
-    public String getName()
-    {
-        return "PKIDataTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-
-        byte[] req1 = Base64.decode(
-            "MIHoMIGTAgEAMC4xDjAMBgNVBAMTBVRlc3QyMQ8wDQYDVQQKEwZBbmFUb20xCzAJBgNVBAYTAlNF"
-                + "MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALlEt31Tzt2MlcOljvacJgzQVhmlMoqAOgqJ9Pgd3Gux"
-                + "Z7/WcIlgW4QCB7WZT21O1YoghwBhPDMcNGrHei9kHQkCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA0EA"
-                + "NDEI4ecNtJ3uHwGGlitNFq9WxcoZ0djbQJ5hABMotav6gtqlrwKXY2evaIrsNwkJtNdwwH18aQDU"
-                + "KCjOuBL38Q==");
-
-
-        PKIData pkiData = new PKIData(
-            new TaggedAttribute[]{new TaggedAttribute(new BodyPartID(10L), PKCSObjectIdentifiers.id_aa, new DERSet())},
-            new TaggedRequest[]{new TaggedRequest(new TaggedCertificationRequest(new BodyPartID(10L), CertificationRequest.getInstance(req1)))},
-            new TaggedContentInfo[]{new TaggedContentInfo(new BodyPartID(10L), new ContentInfo(PKCSObjectIdentifiers.id_aa_ets_commitmentType, new ASN1Integer(10L)))},
-            new OtherMsg[]{new OtherMsg(new BodyPartID(10L), PKCSObjectIdentifiers.pkcs_9, new ASN1Integer(10L))});
-
-
-        byte[] b = pkiData.getEncoded();
-
-        PKIData pkiDataResult = PKIData.getInstance(b);
-
-        isTrue("controlSequence", Arrays.areEqual(pkiData.getControlSequence(), pkiDataResult.getControlSequence()));
-        isTrue("reqSequence", Arrays.areEqual(pkiData.getReqSequence(), pkiDataResult.getReqSequence()));
-        isTrue("cmsSequence", Arrays.areEqual(pkiData.getCmsSequence(), pkiDataResult.getCmsSequence()));
-        isTrue("otherMsgSequence", Arrays.areEqual(pkiData.getOtherMsgSequence(), pkiDataResult.getOtherMsgSequence()));
-
-        try
-        {
-            PKIData.getInstance(new DERSequence());
-            fail("Sequence must be 4.");
-        }
-        catch (Throwable t)
-        {
-            isEquals("Exception type", t.getClass(), IllegalArgumentException.class);
-        }
-
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/PKIFailureInfoTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/PKIFailureInfoTest.java
deleted file mode 100644
index ba29d43..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/PKIFailureInfoTest.java
+++ /dev/null

@@ -1,80 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.cmp.PKIFailureInfo;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-/**
- * PKIFailureInfoTest
- */
-public class PKIFailureInfoTest
-    extends SimpleTest
-{
-    // A correct hex encoded BAD_DATA_FORMAT PKIFailureInfo 
-    private static final byte[] CORRECT_FAILURE_INFO = Base64.decode("AwIANQ==");
-    
-    public String getName()
-    {
-        return "PKIFailureInfo";
-    }
-    
-    private void testEncoding()
-        throws IOException
-    {
-        DERBitString bitString = (DERBitString)new ASN1InputStream(CORRECT_FAILURE_INFO).readObject();
-        PKIFailureInfo correct = new PKIFailureInfo(bitString);
-                        
-        PKIFailureInfo bug = new PKIFailureInfo(PKIFailureInfo.badRequest | PKIFailureInfo.badTime |PKIFailureInfo.badDataFormat | PKIFailureInfo.incorrectData);
-
-        if (!areEqual(correct.getEncoded(ASN1Encoding.DER),bug.getEncoded(ASN1Encoding.DER)))
-        {
-            fail("encoding doesn't match");
-        }
-    }
-    
-    public void performTest()
-        throws IOException
-    {
-        BitStringConstantTester.testFlagValueCorrect(0, PKIFailureInfo.badAlg);
-        BitStringConstantTester.testFlagValueCorrect(1, PKIFailureInfo.badMessageCheck);
-        BitStringConstantTester.testFlagValueCorrect(2, PKIFailureInfo.badRequest);
-        BitStringConstantTester.testFlagValueCorrect(3, PKIFailureInfo.badTime);
-        BitStringConstantTester.testFlagValueCorrect(4, PKIFailureInfo.badCertId);
-        BitStringConstantTester.testFlagValueCorrect(5, PKIFailureInfo.badDataFormat);
-        BitStringConstantTester.testFlagValueCorrect(6, PKIFailureInfo.wrongAuthority);
-        BitStringConstantTester.testFlagValueCorrect(7, PKIFailureInfo.incorrectData);
-        BitStringConstantTester.testFlagValueCorrect(8, PKIFailureInfo.missingTimeStamp);
-        BitStringConstantTester.testFlagValueCorrect(9, PKIFailureInfo.badPOP);
-        BitStringConstantTester.testFlagValueCorrect(10, PKIFailureInfo.certRevoked);
-        BitStringConstantTester.testFlagValueCorrect(11, PKIFailureInfo.certConfirmed);
-        BitStringConstantTester.testFlagValueCorrect(12, PKIFailureInfo.wrongIntegrity);
-        BitStringConstantTester.testFlagValueCorrect(13, PKIFailureInfo.badRecipientNonce);
-        BitStringConstantTester.testFlagValueCorrect(14, PKIFailureInfo.timeNotAvailable);
-        BitStringConstantTester.testFlagValueCorrect(15, PKIFailureInfo.unacceptedPolicy);
-        BitStringConstantTester.testFlagValueCorrect(16, PKIFailureInfo.unacceptedExtension);
-        BitStringConstantTester.testFlagValueCorrect(17, PKIFailureInfo.addInfoNotAvailable);
-        BitStringConstantTester.testFlagValueCorrect(18, PKIFailureInfo.badSenderNonce);
-        BitStringConstantTester.testFlagValueCorrect(19, PKIFailureInfo.badCertTemplate);
-        BitStringConstantTester.testFlagValueCorrect(20, PKIFailureInfo.signerNotTrusted);
-        BitStringConstantTester.testFlagValueCorrect(21, PKIFailureInfo.transactionIdInUse);
-        BitStringConstantTester.testFlagValueCorrect(22, PKIFailureInfo.unsupportedVersion);
-        BitStringConstantTester.testFlagValueCorrect(23, PKIFailureInfo.notAuthorized);
-        BitStringConstantTester.testFlagValueCorrect(24, PKIFailureInfo.systemUnavail);
-        BitStringConstantTester.testFlagValueCorrect(25, PKIFailureInfo.systemFailure);
-        BitStringConstantTester.testFlagValueCorrect(26, PKIFailureInfo.duplicateCertReq);
-
-        testEncoding();
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new PKIFailureInfoTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/PKIPublicationInfoTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/PKIPublicationInfoTest.java
deleted file mode 100644
index 6f1a2bb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/PKIPublicationInfoTest.java
+++ /dev/null

@@ -1,84 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.crmf.PKIPublicationInfo;
-import org.bouncycastle.asn1.crmf.SinglePubInfo;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-public class PKIPublicationInfoTest
-    extends SimpleTest
-{
-    public static void main(String[] args)
-    {
-        runTest(new PKIPublicationInfoTest());
-    }
-
-    public String getName()
-    {
-        return "PKIPublicationInfoTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        PKIPublicationInfo pkiPubInfo = new PKIPublicationInfo(PKIPublicationInfo.dontPublish);
-
-        isEquals(PKIPublicationInfo.dontPublish, pkiPubInfo.getAction());
-
-        encEqualTest(pkiPubInfo);
-
-        pkiPubInfo = new PKIPublicationInfo(PKIPublicationInfo.dontPublish.getValue());
-
-        isEquals(PKIPublicationInfo.dontPublish, pkiPubInfo.getAction());
-
-        encEqualTest(pkiPubInfo);
-
-        SinglePubInfo singlePubInfo1 = new SinglePubInfo(SinglePubInfo.x500, new GeneralName(new X500Name("CN=TEST")));
-        pkiPubInfo = new PKIPublicationInfo(singlePubInfo1);
-
-        isEquals(PKIPublicationInfo.pleasePublish, pkiPubInfo.getAction());
-        isEquals(1, pkiPubInfo.getPubInfos().length);
-        isEquals(singlePubInfo1, pkiPubInfo.getPubInfos()[0]);
-        
-        encEqualTest(pkiPubInfo);
-
-        SinglePubInfo singlePubInfo2 = new SinglePubInfo(SinglePubInfo.x500, new GeneralName(new X500Name("CN=BLOOT")));
-
-        pkiPubInfo = new PKIPublicationInfo(new SinglePubInfo[] { singlePubInfo1, singlePubInfo2 });
-
-        isEquals(PKIPublicationInfo.pleasePublish, pkiPubInfo.getAction());
-        isEquals(2, pkiPubInfo.getPubInfos().length);
-        isEquals(singlePubInfo1, pkiPubInfo.getPubInfos()[0]);
-        isEquals(singlePubInfo2, pkiPubInfo.getPubInfos()[1]);
-        
-        encEqualTest(pkiPubInfo);
-
-        pkiPubInfo = new PKIPublicationInfo((SinglePubInfo)null);
-
-        isEquals(PKIPublicationInfo.pleasePublish, pkiPubInfo.getAction());
-        isTrue(null == pkiPubInfo.getPubInfos());
-
-        encEqualTest(pkiPubInfo);
-
-        pkiPubInfo = new PKIPublicationInfo((SinglePubInfo[])null);
-
-        isEquals(PKIPublicationInfo.pleasePublish, pkiPubInfo.getAction());
-        isTrue(null == pkiPubInfo.getPubInfos());
-
-        encEqualTest(pkiPubInfo);
-    }
-
-    private void encEqualTest(PKIPublicationInfo pubInfo)
-        throws IOException
-    {
-        byte[] b = pubInfo.getEncoded();
-
-        PKIPublicationInfo pubInfoResult = PKIPublicationInfo.getInstance(b);
-
-        isEquals(pubInfo, pubInfoResult);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/PKIResponseTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/PKIResponseTest.java
deleted file mode 100644
index 7e5fe97..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/PKIResponseTest.java
+++ /dev/null

@@ -1,47 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.asn1.cmc.BodyPartID;
-import org.bouncycastle.asn1.cmc.OtherMsg;
-import org.bouncycastle.asn1.cmc.PKIResponse;
-import org.bouncycastle.asn1.cmc.TaggedAttribute;
-import org.bouncycastle.asn1.cmc.TaggedContentInfo;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-public class PKIResponseTest
-    extends SimpleTest
-{
-    public static void main(String[] args)
-    {
-        runTest(new PKIResponseTest());
-    }
-
-    public String getName()
-    {
-        return "PKIResponseTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        PKIResponse pkiResponse = PKIResponse.getInstance(new DERSequence(new ASN1Encodable[]{
-            new DERSequence(new TaggedAttribute(new BodyPartID(10L), PKCSObjectIdentifiers.bagtypes, new DERSet())),
-            new DERSequence(new TaggedContentInfo(new BodyPartID(12L), new ContentInfo(PKCSObjectIdentifiers.id_aa, new ASN1Integer(10L)))),
-            new DERSequence(new OtherMsg(new BodyPartID(12), PKCSObjectIdentifiers.id_aa_msgSigDigest, new DERUTF8String("foo")))
-        }));
-
-        byte[] b = pkiResponse.getEncoded();
-
-        PKIResponse pkiResponseResult = PKIResponse.getInstance(b);
-
-        isEquals(pkiResponse, pkiResponseResult);
-
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/ParseTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/ParseTest.java
deleted file mode 100644
index 2e5112a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/ParseTest.java
+++ /dev/null

@@ -1,308 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import junit.framework.TestCase;
-import org.bouncycastle.asn1.ASN1OctetStringParser;
-import org.bouncycastle.asn1.ASN1SequenceParser;
-import org.bouncycastle.asn1.ASN1StreamParser;
-import org.bouncycastle.asn1.ASN1TaggedObjectParser;
-import org.bouncycastle.asn1.BERTags;
-import org.bouncycastle.asn1.cms.ContentInfoParser;
-import org.bouncycastle.asn1.cms.EncryptedContentInfoParser;
-import org.bouncycastle.asn1.cms.EnvelopedDataParser;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.io.Streams;
-
-public class ParseTest
-    extends TestCase
-{
-    private static byte[] classCastTest = Base64.decode(
-      "MIIXqAYJKoZIhvcNAQcDoIIXmTCCF5UCAQAxggG1MIIBsQIBADCBmDCBkDEL"
-    + "MAkGA1UEBhMCVVMxETAPBgNVBAgTCE1pY2hpZ2FuMQ0wCwYDVQQHEwRUcm95"
-    + "MQwwCgYDVQQKEwNFRFMxGTAXBgNVBAsTEEVMSVQgRW5naW5lZXJpbmcxJDAi"
-    + "BgkqhkiG9w0BCQEWFUVsaXQuU2VydmljZXNAZWRzLmNvbTEQMA4GA1UEAxMH"
-    + "RURTRUxJVAIDD6FBMA0GCSqGSIb3DQEBAQUABIIBAGh04C2SyEnH9J2Va18w"
-    + "3vdp5L7immD5h5CDZFgdgHln5QBzT7hodXMVHmyGnycsWnAjYqpsil96H3xQ"
-    + "A6+9a7yB6TYSLTNv8zhL2qU3IrfdmUJyxxfsFJlWFO1MlRmu9xEAW5CeauXs"
-    + "RurQCT+C5tLc5uytbvw0Jqbz+Qp1+eaRbfvyhWFGkO/BYZ89hVL9Yl1sg/Ls"
-    + "mA5jwTj2AvHkAwis+F33ZhYlto2QDvbPsUa0cldnX8+1Pz4QzKMHmfUbFD2D"
-    + "ngaYN1tDlmezCsYFQmNx1th1SaQtTefvPr+qaqRsm8KEXlWbJQXmIfdyi0zY"
-    + "qiwztEtO81hXZYkKqc5fKMMwghXVBgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcE"
-    + "CEq3cLLWVds9gIIVsAAik3al6Nn5pr7r0mSy9Ki3vEeCBcV9EzEG44BvNHNA"
-    + "WyEsqQsdSxuF7h1/DJAMuZFwCbGflaRGx/1L94zrmtpeuH501lzPMvvZCmpj"
-    + "KrOF8e1B4MVQ5TfQTdUVyRnbcDa6E4V1ZZIdAI7BgDeJttS4+L6btquXfxUg"
-    + "ttPYQkevF7MdShYNnfLkY4vUMDOp3+iVzrOlq0elM95dfSA7OdBavgDJbz/7"
-    + "mro3AFTytnWjGz8TUos+oUujTk9/kHOn4cEAIm0hHrNhPS5qoj3QnNduNrad"
-    + "rLpGtcYyNlHIsYCsvPMxwoHmIw+r9xQQRjjzmVYzidn+cNOt0FmLs6YE8ds4"
-    + "wvHRO9S69TgKPHRgk2bihgHqII9lF9qIzfG40YwJLHzGoEwVO1O0+wn8j2EP"
-    + "O9I/Q3vreCH+5VbpUD2NGTwsMwZ3YlUesurLwse/YICxmgdN5Ro4DeQJSa9M"
-    + "iJnRFYWRq+58cKgr+L11mNc9nApZBShlpPP7pdNqWOafStIEjo+dsY/J+iyS"
-    + "6WLlUvNt/12qF4NAgZMb3FvRQ9PrMe87lqSRnHcpLWHcFjuKbMKCBvcdWGWI"
-    + "R7JR8UNzUvoLGGAUI9Ck+yTq4QtfgtL5MLmdBGxSKzgs44Mmek+LnrFx+e9n"
-    + "pkrdDf2gM/m7E50FnLYqzUjctKYGLNYpXQorq9MJx6TB20CHXcqOOoQqesXa"
-    + "9jL9PIOtBQy1Ow5Bh4SP07nTFWFSMI/Wt4ZvNvWJj3ecA9KjMOA9EXWUDS/H"
-    + "k9iCb2EEMo7fe5mhoyxMxPO+EIa1sEC9A1+rDACKPQCHOLI0uPmsdo0AEECC"
-    + "QLgOQkcwQlkHexOyHiOOtBxehtGZ1eBQQZ+31DF+RRU6WvS6grg58eS4gGOQ"
-    + "bd7CS9yYebvAQkz61J8KprWdtZuG1gBGma12wKMuQuC6RuWlKsj+rPMvaQCt"
-    + "8mucGbkElPGZVhdyD8/BvpSCNbgRwb6iSiw4EECovu4P4GFJaMGUYEuCA711"
-    + "itEieYc1QqS6ULjb3LFL/RcwSw0fGdjnt6B2nHckC2VsYKU1NwU7j0R1Omb4"
-    + "y5AvSgpuWjTXWnHnE9Ey0B+KP5ERZA+jJGiwYz48ynYlvQFSbBm4I6nh/DuI"
-    + "dWB2dLNxWuhdfzafBGtEHhLHzjW3WQwwRZsKesgHLrrj9hBUObodl1uvqvZN"
-    + "AjMOj8DrqbGOhAClj1t4S1Zk1ZekuMjsuoxEL+/lgtbT+056ES0k3A/LnpRb"
-    + "uxA1ZBr26Im+GVFzEcsV0hB4vNujSwStTTZH5jX5rMyi085yJfnikcLYUn9N"
-    + "apl+srhpIZlDJPw7IHaw8tsqXKDxF7MozIXo8B45CKv5Am+BMrIemCMX/ehu"
-    + "PODICl98Ur8tNAn1L+m0nj7H3c8HW2vNuBLEI3SEHHgm2Ij3IY5pyyeVUaWC"
-    + "pumhy8Ru5dj3fZcfKgYuJBQxWMf+UqPsf4iUK3923pouJ1cQ8XU8gOXIRrtX"
-    + "e41d/yR+UAZXSig6SITLw+wLtvitSvtxvjcUSUOI9CYTovKyuz1PQKiaLsV5"
-    + "4CoJhMQ5uRlVFS3H829I2d2gLRpSp6pNWeIZO2NMBxPYf2qcSHyHqQjR7xP2"
-    + "ZTg7U3OO6dZHORfXxzAnW2ExavBIYQmZh1gLn5jSS4wXFPXyvnJAsF4s5wed"
-    + "YHsyAqM/ek0n2Oo/zAh7UcP2vcb9FOoeRK8qC9HjTciS6WbjskRN0ft4T69G"
-    + "+1RsH8/edBxo2LZeA48BSCXDXOlBZJBsOptzYJD8HSZONPnef0jn23lk0fkU"
-    + "C3BjJu2ubFChctRvJniTko4klpidkHwuJgrTnL4er8rG3RfiiEHn/d5era15"
-    + "E1cekdVYWqwQOObOd4v+0gZSJgI48TBc5Qdy8F6wIU38DR2pn/5uNthNDgXk"
-    + "NcV9a2gOE3DoLe8CEIPMihqYMPY8NuSp97eHB2YhKpjP7qX9TUMoOdE2Iat2"
-    + "klNxadJt6JTFeiBPL6R9RHAD5sVBrkrl0S+oYtgF92f9WHVwAXU7zP6IgM4x"
-    + "hhzeJT07yyIp44mKd//F+7ntbgQjZ/iLbHh0mtOlUmzkFsDR0UNSXEQoourZ"
-    + "EY4A62HXj0DMqEQbik6QwEF7FKuwZX2opdOyVKH9MzJxNfDLd5dc8wAc8bCX"
-    + "jcCx5/GzHx2S5DndWQEVhp2hOQYuoJS3r6QCYFaHtDPKnFHS2PBFyFWL+2UK"
-    + "c0WsvVaHYqYKnksmxse9I9oU75kx5O05DZCThPX6h8J8MHRuxU9tcuuleIUQ"
-    + "XY8On+JeEtLSUZgp+Z7ITLuagf6yuKQpaR396MlDii/449/dvBiXAXeduyO1"
-    + "QzSkQCh37fdasqGL3mP0ssMcxM/qpOwQsx3gMtwiHQRi1oQE1QHb8qZHDE4m"
-    + "I5afQJ9O/H/m/EVlGUSn2yYOsPlZrWuI3BBZKoRzRq1lZOQDtOh18BE3tWmX"
-    + "viGIAxajam0i2Ce3h2U7vNwtiePRNEgPmQ7RwTTv0U6X8qqkjeYskiF4Cv9G"
-    + "nrB0WreC19ih5psEWLIkCYKTr+OhQuRrtv7RcyUi9QSneh7BjcvRjlGB6joA"
-    + "F6J4Y6ENAA/nzOZJ699VkljTi59bbNJYlONpQhOeRTu8M/wExkIJz7yR9DTY"
-    + "bY4/JdbdHNFf5DSDmYAHaFLmdnnfuRy+tC9CGGJvlcLVv5LMFJQGt2Wi15p8"
-    + "lctx7sL6yNCi7OakWbEOCvGPOxY7ejnvOjVK/Krx1T+dAXNUqrsDZmvmakOP"
-    + "We+P4Di1GqcyLVOTP8wNCkuAUoN0JFoBHy336/Xnae91KlY4DciPMpEOIpPN"
-    + "oB+3h6CozV7IWX5Wh3rhfC25nyGJshIBUS6cMXAsswQI8rOylMlGaekNcSU4"
-    + "gNKNDZAK5jNkS0Z/ziIrElSvMNTfYbnx3gCkY0pV18uadmchXihVT11Bt77O"
-    + "8KCKHycR39WYFIRO09wvGv6P42CRBFTdQbWFtkSwRiH8l6x39Z7pIkDFxokT"
-    + "Dp6Htkj3ywfQXNbFgRXZUXqgD1gZVFDFx920hcJnuu65CKz6pEL6X0XUwNPg"
-    + "vtraA2nj4wjVB/y+Cxc+1FgzeELB4CAmWO1OfRVLjYe7WEe/X5DPT6p8HBkB"
-    + "5mWuv+iQ3e37e1Lrsjt2frRYQWoOSP5Lv7c8tZiNfuIp07IYnJKBWZLTqNf9"
-    + "60uiY93ssE0gr3mfYOj+fSbbjy6NgAenT7NRZmFCjFwAfmapIV0hJoqnquaN"
-    + "jj5KKOP72hp+Zr9l8cEcvIhG/BbkY3kYbx3JJ9lnujBVr69PphHQTdw67CNB"
-    + "mDkH7y3bvZ+YaDY0vdKOJif9YwW2qoALXKgVBu1T2BONbCTIUTOzrKhWEvW8"
-    + "D6x03JsWrMMqOKeoyomf1iMt4dIOjp7yGl/lQ3iserzzLsAzR699W2+PWrAT"
-    + "5vLgklJPX/Fb3Tojbsc074lBq669WZe3xzlj85hFcBmoLPPyBE91BLhEwlGC"
-    + "+lWmwFOENLFGZE0mGoRN+KYxwqfA2N6H8TWoz6m0oPUW4uQvy9sGtYTSyQO9"
-    + "6ZwVNT3ndlFrP5p2atdEFVc5aO5FsK8/Fenwez06B2wv9cE9QTVpFrnJkKtF"
-    + "SaPCZkignj64XN7cHbk7Ys6nC3WIrTCcj1UOyp5ihuMS9eL9vosYADsmrR6M"
-    + "uqqeqHsf2+6U1sO1JBkDYtLzoaILTJoqg9/eH7cTA0T0mEfxVos9kAzk5nVN"
-    + "nVOKFrCGVIbOStpYlWP6wyykIKVkssfO6D42D5Im0zmgUwgNEkB+Vxvs8bEs"
-    + "l1wPuB2YPRDCEvwM3A5d5vTKhPtKMECIcDxpdwkD5RmLt+iaYN6oSFzyeeU0"
-    + "YvXBQzq8gfpqJu/lP8cFsjEJ0qCKdDHVTAAeWE6s5XpIzXt5cEWa5JK7Us+I"
-    + "VbSmri4z0sVwSpuopXmhLqLlNWLGXRDyTjZSGGJbguczXCq5XJ2E3E4WGYd6"
-    + "mUWhnP5H7gfW7ILOUN8HLbwOWon8A6xZlMQssL/1PaP3nL8ukvOqzbIBCZQY"
-    + "nrIYGowGKDU83zhO6IOgO8RIVQBJsdjXbN0FyV/sFCs5Sf5WyPlXw/dUAXIA"
-    + "cQiVKM3GiVeAg/q8f5nfrr8+OD4TGMVtUVYujfJocDEtdjxBuyFz3aUaKj0F"
-    + "r9DM3ozAxgWcEvl2CUqJLPHH+AWn5kM7bDyQ2sTIUf5M6hdeick09hwrmXRF"
-    + "NdIoUpn7rZORh0h2VX3XytLj2ERmvv/jPVC97VKU916n1QeMJLprjIsp7GsH"
-    + "KieC1RCKEfg4i9uHoIyHo/VgnKrnTOGX/ksj2ArMhviUJ0yjDDx5jo/k5wLn"
-    + "Rew2+bhiQdghRSriUMkubFh7TN901yl1kF2BBP5PHbpgfTP6R7qfl8ZEwzzO"
-    + "elHe7t7SvI7ff5LkwDvUXSEIrHPGajYvBNZsgro+4Sx5rmaE0QSXACG228OQ"
-    + "Qaju8qWqA2UaPhcHSPHO/u7ad/r8kHceu0dYnSFNe1p5v9Tjux0Yn6y1c+xf"
-    + "V1cu3plCwzW3Byw14PH9ATmi8KJpZQaJOqTxn+zD9TvOa93blK/9b5KDY1QM"
-    + "1s70+VOq0lEMI6Ch3QhFbXaslpgMUJLgvEa5fz3GhmD6+BRHkqjjwlLdwmyR"
-    + "qbr4v6o+vnJKucoUmzvDT8ZH9nH2WCtiiEtQaLNU2vsJ4kZvEy0CEajOrqUF"
-    + "d8qgEAHgh9it5oiyGBB2X/52notXWOi6OMKgWlxxKHPTJDvEVcQ4zZUverII"
-    + "4vYrveRXdiDodggfrafziDrA/0eEKWpcZj7fDBYjUBazwjrsn5VIWfwP2AUE"
-    + "wNn+xR81/so8Nl7EDBeoRXttyH7stbZYdRnkPK025CQug9RLzfhEAgjdgQYw"
-    + "uG+z0IuyctJW1Q1E8YSOpWEFcOK5okQkLFUfB63sO1M2LS0dDHzmdZriCfIE"
-    + "F+9aPMzojaHg3OQmZD7MiIjioV6w43bzVmtMRG22weZIYH/Sh3lDRZn13AS9"
-    + "YV6L7hbFtKKYrie79SldtYazYT8FTSNml/+Qv2TvYTjVwYwHpm7t479u+MLh"
-    + "LxMRVsVeJeSxjgufHmiLk7yYJajNyS2j9Kx/fmXmJbWZNcerrfLP+q+b594Y"
-    + "1TGWr8E6ZTh9I1gU2JR7WYl/hB2/eT6sgSYHTPyGSxTEvEHP242lmjkiHY94"
-    + "CfiTMDu281gIsnAskl05aeCBkj2M5S0BWCxy7bpVAVFf5nhf74EFIBOtHaJl"
-    + "/8psz1kGVF3TzgYHkZXpUjVX/mJX8FG0R8HN7g/xK73HSvqeamr4qVz3Kmm/"
-    + "kMtYRbZre7E1D10qh/ksNYnOkYBcG4P2JyjZ5q+8CQNungz2/b0Glg5LztNz"
-    + "hUgG27xDOUraJXjkkZl/GOh0eTqhfLHXC/TfyoEAQOPcA59MKqvroFC5Js0Q"
-    + "sTgqm2lWzaLNz+PEXpJHuSifHFXaYIkLUJs+8X5711+0M03y8iP4jZeEOrjI"
-    + "l9t3ZYbazwsI3hBIke2hGprw4m3ZmSvQ22g+N6+hnitnDALMsZThesjb6aJd"
-    + "XOwhjLkWRD4nQN594o6ZRrfv4bFEPTp4ev8l6diouKlXSFFnVqz7AZw3Pe53"
-    + "BvIsoh66zHBpZhauPV/s/uLb5x6Z8sU2OK6AoJ7b8R9V/AT7zvonBi/XQNw3"
-    + "nwkwGnTS9Mh7PFnGHLJWTKKlYXrSpNviR1vPxqHMO6b+Lki10d/YMY0vHQrY"
-    + "P6oSVkA6RIKsepHWo11+rV838+2NRrdedCe91foUmOs+eoWQnwmTy2CTZmQ5"
-    + "b7/TTcau9ewimZAqI+MtDWcmWoZfgibZmnIITGcduNOJDRn+aLt9dz+zr1qA"
-    + "HxlLXCOyBPdtfx6eo4Jon+fVte37i3HmxHk+8ZGMMSS9hJbLQEkA59b4E+7L"
-    + "GI3JZjvEkhizB4n/aFeG7KT7K3x072DMbHLZ7VgsXQ1VDDmcZmizFwgyNqKy"
-    + "hKCKxU+I2O10IMtiZUpEzV1Pw7hD5Kv/eFCsJFPXOJ2j3KP6qPtX5IYki1qH"
-    + "Juo5C5uGKtqNc6OzkXsvNUfBz5sJkEYl0WfitSSo4ARyshFUNh2hGxNxUVKM"
-    + "2opOcuHSxBgwUSmVprym50C305zdHulBXv3mLzGjvRstE9qfkQ8qVJYLQEkL"
-    + "1Yn7E92ex71YsC8JhNNMy0/YZwMkiFrqyaFd/LrblWpBbGumhe4reCJ4K3mk"
-    + "lFGEsICcMoe+zU1+QuLlz/bQ+UtvClHUe8hTyIjfY04Fwo2vbdSc1U/SHho5"
-    + "thQy+lOZ/HijzCmfWK3aTqYMdwCUTCsoxri2N8vyD/K2kbMLQWUfUlBQfDOK"
-    + "VrksBoSfcluNVaO56uEUw3enPhhJghfNlJnpr5gUcrAMES53DfkjNr0dCsfM"
-    + "JOY2ZfQEwwYey1c4W1MNNMoegSTg4aXzjVc0xDgKa7RGbtRmVNbOxIhUNAVi"
-    + "thQV3Qujoz1ehDt2GyLpjGjHSpQo3WlIU4OUqJaQfF6EH+3khFqUmp1LT7Iq"
-    + "zH3ydYsoCDjvdXSSEY3hLcZVijUJqoaNWBLb/LF8OG5qTjsM2gLgy2vgO/lM"
-    + "NsqkHnWTtDimoaRRjZBlYLhdzf6QlfLi7RPmmRriiAOM0nXmylF5xBPHQLoz"
-    + "LO9lXYIfNbVJVqQsV43z52MvEQCqPNpGqjB+Au/PZalYHbosiVOQLgTB9hTI"
-    + "sGutSXXeLnf5rftCFvWyL3n5DgURzDFLibrbyVGGKAk166bK1RyVP9XZJonr"
-    + "hPYELk4KawCysJJSmC0E8sSsuXpfd6PPDru6nCV1EdXKR7DybS7NVHCktiPR"
-    + "4B4y8O/AgfJX8sb6LuxmjaINtUKEJ1+O88Gb69uy6b/Kpu2ri/SUBaNNw4Sn"
-    + "/tuaD+jxroL7RlZmt9ME/saNKn9OmLuggd6IUKAL4Ifsx9i7+JKcYuP8Cjdf"
-    + "Rx6U6H4qkEwwYGXnZYqF3jxplyOfqA2Vpvp4rnf8mST6dRLKk49IhKGTzwZr"
-    + "4za/RZhyl6lyoRAFDrVs1b+tj6RYZk0QnK3dLiN1MFYojLyz5Uvi5KlSyFw9"
-    + "trsvXyfyWdyRmJqo1fT7OUe0ImJW2RN3v/qs1k+EXizgb7DW4Rc2goDsCGrZ"
-    + "ZdMwuAdpRnyg9WNtmWwp4XXeb66u3hJHr4RwMd5oyKFB1GsmzZF7aOhSIb2B"
-    + "t3coNXo/Y+WpEj9fD7/snq7I1lS2+3Jrnna1048O7N4b5S4b5TtEcCBILP1C"
-    + "SRvaHyZhBtJpoH6UyimKfabXi08ksrcHmbs1+HRvn+3pl0bHcdeBIQS/wjk1"
-    + "TVEDtaP+K9zkJxaExtoa45QvqowxtcKtMftNoznF45LvwriXEDV9jCXvKMcO"
-    + "nxG5aQ//fbnn4j4q1wsKXxn61wuLUW5Nrg9fIhX7nTNAAooETO7bMUeOWjig"
-    + "2S1nscmtwaV+Sumyz/XUhvWynwE0AXveLrA8Gxfx");
-    
-    private static byte[] derExpTest = Base64.decode(
-      "MIIS6AYJKoZIhvcNAQcDoIIS2TCCEtUCAQAxggG1MIIBsQIBADCBmDCBkDEL"
-    + "MAkGA1UEBhMCVVMxETAPBgNVBAgTCE1pY2hpZ2FuMQ0wCwYDVQQHEwRUcm95"
-    + "MQwwCgYDVQQKEwNFRFMxGTAXBgNVBAsTEEVMSVQgRW5naW5lZXJpbmcxJDAi"
-    + "BgkqhkiG9w0BCQEWFUVsaXQuU2VydmljZXNAZWRzLmNvbTEQMA4GA1UEAxMH"
-    + "RURTRUxJVAIDD6FBMA0GCSqGSIb3DQEBAQUABIIBAGsRYK/jP1YujirddAMl"
-    + "ATysfLCwd0eZhENohVqLiMleH25Dnwf+tBaH4a9hyW+7VrWw/LC6ILPVbKpo"
-    + "oLBAOical40cw6C3zulajc4gM3AlE2KEeAWtI+bgPMXhumqiWDb4byX/APYk"
-    + "53Gk7WXF6Xs4hj3tmrHSJxCUOsTdHKUJYvOqjwKGARPQDjP0EUbVJezeAwBA"
-    + "RMlJ/qBVLBj2UW28n5oJZm3oaSaU93Uc6GPVIk43IWrmEUcWVPiMfUtUCwcX"
-    + "tRNtHuQ9os++rmdNBiuB5p+vtUeA45KWnTUtkwJXvrzE6Sf9AUH/p8uOvvZJ"
-    + "3yt9LhPxcZukGIVvcQnBxLswghEVBgkqhkiG9w0BBwEwFAYIKoZIhvcNAwcE"
-    + "CGObmTycubs2gIIQ8AKUC8ciGPxa3sFJ1EPeX/nRwYGNAarlpVnG+07NITL2"
-    + "pUzqZSgsYh5JiKd8TptQBZNdebzNmCvjrVv5s9PaescGcypL7FNVPEubh0w/"
-    + "8h9rTACqUpF5yRgfcgpAGeK29F1hyZ1WaIH43avUCaDnrZcOKB7wc1ats1aQ"
-    + "TSDLImyFn4KjSo5k0Ec/xSoWnfg391vebp8eOsyHZhFMffFtKQMaayZNHJ7Q"
-    + "BzG3r/ysUbkgI5x+0bX0QfZjEIs7yuV5Wt8DxMTueCm3RQ+HkR4lNdTBkM4V"
-    + "qozCqC1SjcAF5YHB0WFkGouEPGgTlmyvLqR2xerEXVZn9YwSnT48kOde3oGt"
-    + "EAYyg0yHbNbL0sp6LDM7upRmrgWwxf0BR6lP4wyWdv/XSLatEB7twSNiPBJ4"
-    + "PJ+QagK08yQJ84UB7YpMTudKsaUs7zW76eA7KkW3TndfDYGdhbmZ5wxNl+5x"
-    + "yPZc/jcQHW7vplMfWglUVxnzibNW12th0QXSB57Mzk8v1Rvc/HLGvAOJZG/S"
-    + "N12FZOxbUrMIHGi3kXsmfWznVyq92X4P9tuDDD7sxkSGsyUAm/UJIZ3KsXhV"
-    + "QeaRHVTVDxtJtnbYxBupy1FDBO6AhVrp16Blvnip9cPn/aLfxDoFHzmsZmEg"
-    + "IcOFqpT1fW+KN6i/JxLD3mn3gKzzdL1/8F36A2GxhCbefQFp0MfIovlnMLFv"
-    + "mrINwMP8a9VnP8gIV5oW5CxmmMUPHuGkXrfg+69iVACaC2sTq6KGebhtg9OC"
-    + "8vZhmu7+Eescst694pYa3b8Sbr5bTFXV68mMMjuRnhvF2NZgF+O0jzU+sFps"
-    + "o7s1rUloCBk1clJUJ/r+j9vbhVahCeJQw62JAqjZu4R1JYAzON3S7jWU5zJ7"
-    + "pWYPSAQkLYUz3FmRRS2Yv65mXDNHqR9vqkHTIphwA9CLMKC2rIONxSVB57q1"
-    + "Npa/TFkVdXnw+cmYjyFWiWeDP7Mw0Kwy7tO008UrBY0rKQU466RI5ezDqYPc"
-    + "Lm73dUH2EjUYmKUi8zCtXpzgfTYVa/DmkbVUL9ThHMVRq1OpT2nctE7kpXZk"
-    + "OsZjEZHZX4MCrSOlc10ZW7MJIRreWMs70n7JX7MISU+8fK6JKOuaQNG8XcQp"
-    + "5IrCTIH8vmN2rVt4UT8zgm640FtO3jWUxScvxCtUJJ49hGCwK+HwDDpO6fLw"
-    + "LFuybey+6hnAbtaDyqgsgDh2KN8GSkQT9wixqwQPWsMQ4h0xQixf4IMdFOjP"
-    + "ciwp3ul8KAp/q70i0xldWGqcDjUasx6WHKc++rFjVJjoVvijKgEhlod5wJIw"
-    + "BqQVMKRsXle07NS1MOB+CRTVW6mwBEhDDERL+ym2GT2Q4uSDzoolmLq2y5vL"
-    + "+RfDHuh3W0UeC3Q5D2bJclgMsVjgfQUN19iD+lPFp2xvLTaNWi5fYDn4uuJL"
-    + "lgVDXIMmM8I+Z2hlTXTM1Pldz2/UFe3QXTbYnjP6kfd7Bo2Webhhgs/YmSR2"
-    + "XPuA42tWNAAjlK77lETWodxi3UC7XELjZ9xoGPRbxjOklXXvev9v5Vo+vcmN"
-    + "0KrLXhLdkyHRSm81SRsWoadCTSyT8ibv66P00GOt+OlIUOt0YKSUkULQfPvC"
-    + "EgMpeTm1/9l8n9bJ6td5fpJFDqLDm+FpJX6T2sWevV/Tyt6aoDPuET5iHBHW"
-    + "PoHxKl8YPRHBf+nRWoh45QMGQWNSrJRDlO8oYOhdznh4wxLn3DXEfDr0Z7Kd"
-    + "gEg6xr1XCobBn6Gi7wWXp5FDTaRF41t7fH8VxPwwDa8Yfu3vsgB6q426kjAj"
-    + "Q77wx1QFIg8gOYopTOgqze1i4h1U8ehP9btznDD6OR8+hPsVKoXYGp8Ukkc7"
-    + "JBA0o8l9O2DSGh0StsD94UhdYzn+ri7ozkXFy2SHFT2/saC34NHLoIF0v/aw"
-    + "L9G506Dtz6xXOACZ4brCG+NNnPLIcGblXIrYTy4+sm0KSdsl6BGzYh9uc8tu"
-    + "tfCh+iDuhT0n+nfnvdCmPwonONFb53Is1+dz5sisILfjB7OPRW4ngyfjgfHm"
-    + "oxxHDC/N01uoJIdmQRIisLi2nLhG+si8+Puz0SyPaB820VuV2mp77Y2osTAB"
-    + "0hTDv/sU0DQjqcuepYPUMvMs3SlkEmaEzNSiu7xOOBQYB8FoK4PeOXDIW6n2"
-    + "0hv6iS17hcZ+8GdhwC4x2Swkxt99ikRM0AxWrh1lCk5BagVN5xG79c/ZQ1M7"
-    + "a0k3WTzYF1Y4d6QPNOYeOBP9+G7/a2o3hGXDRRXnFpO7gQtlXy9A15RfvsWH"
-    + "O+UuFsOTtuiiZk1qRgWW5nkSCPCl2rP1Z7bwr3VD7o6VYhNCSdjuFfxwgNbW"
-    + "x8t35dBn6xLkc6QcBs2SZaRxvPTSAfjON++Ke0iK5w3mec0Br4QSNB1B0Aza"
-    + "w3t3AleqPyJC6IP1OQl5bi+PA+h3YZthwQmcwgXgW9bWxNDqUjUPZfsnNNDX"
-    + "MU9ANDLjITxvwr3F3ZSfJyeeDdbhr3EJUTtnzzWC6157EL9dt0jdPO35V0w4"
-    + "iUyZIW1FcYlCJp6t6Sy9n3TmxeLbq2xML4hncJBClaDMOp2QfabJ0XEYrD8F"
-    + "jq+aDM0NEUHng+Gt9WNqnjc8GzNlhxTNm3eQ6gyM/9Ip154GhH6c9hsmkMy5"
-    + "DlMjGFpFnsSTNFka2+DOzumWUiXLGbe4M3RePl1N4MLwXrkR2llguQynyoqF"
-    + "Ptat2Ky5yW2q9+IQHY49NJTlsCpunE5HFkAK9rY/4lM4/Q7hVunP6U4a0Kbu"
-    + "beFuOQMKQlBZvcplnYBefXD79uarY/q7ui6nFHlqND5mlXMknMrsQk3papfp"
-    + "OpMS4T07rCTLek0ODtb5KsHdIF76NZXevko4+d/xbv7HLCUYd8xuOuqf+y4I"
-    + "VJiT1FmYtZd9w+ubfHrOfHxY+SBtN6fs02WAccZqBXUYzZEijRbN2YUv1OnG"
-    + "rfYe4EcfOu/Sa+wLbB7msYpLfvUfEO3iseKf4LXZkgtF5P610PBZR8edeSgr"
-    + "YZW+J0K78PRAl5nEi1mvzBxi9DyNf6iQ9mWLyyCmr9p9HGE+aCMKVCn9jfZH"
-    + "WeBDAJNYDcUh5NEckqJtbEc2S1FJM7yZBWLQUt3NCQvj+nvQT45osZ3BJvFg"
-    + "IcGJ0CysoblVz4fCLybrYxby9HP89WMLHqdqsIeVX8IJ3x84SqLPuzrqf9FT"
-    + "ZVYLo0F2oBjAzjT7obt9+NJc/psOMCg+OGQkAfwj3VNvaqkkQsVxSiozgxrC"
-    + "7KaTXuAL6eKKspman96kz4QVk9P0usUPii+LFnW4XYc0RNfgJVO6BgJT7pLX"
-    + "NWwv/izMIMNAqSiWfzHHRVkhq4f1TMSF91auXOSICpJb3QQ4XFh52Mgl8+zs"
-    + "fobsb0geyb49WqFrZhUu+X+8LfQztppGmiUpFL+8EW0aPHbfaf4y9J1/Wthy"
-    + "c28Yqu62j/ljXq4Qa21uaEkoxzH1wPKCoKM9TXJtZJ39Yl9cf119Qy4M6QsB"
-    + "6oMXExlMjqIMCCWaLXLRiqbc2Y7rZHgEr08msibdoYHbSkEl8U+Kii2p6Vdx"
-    + "zyiEIz4CadrFbrAzxmrR/+3u8JuBdq0K3KNR0WWx73BU+G0rgBX56GnP7Ixy"
-    + "fuvkRb4YfJUF4PkDa50BGVhybPrIhoFteT6bSh6LQtBm9c4Kop8Svx3ZbqOT"
-    + "kgQDa0n+O0iR7x3fvNZ0Wz4YJrKGnVOPCqJSlSsnX6v2JScmaNdrSwkMTnUf"
-    + "F9450Hasd88+skC4jVAv3WAB03Gz1MtiGDhdUKFnHnU9HeHUnh38peCFEfnK"
-    + "WihakVQNfc72YoFVZHeJI5fJAW8P7xGTZ95ysyirtirxt2zkRVJa5p7semOw"
-    + "bL/lBC1bp4J6xHF/NHY8NQjvuhqkDyNlh3dRpIBVBu6Z04hRhLFW6IBxcCCv"
-    + "pjfoxJoox9yxKQKpr3J6MiZKBlndZRbSogO/wYwFeh7HhUzMNM1xIy3jWVVC"
-    + "CrzWp+Q1uxnL74SwrMP/EcZh+jZO4CYWk6guUMhTo1kbW03BZfyAqbPM+X+e"
-    + "ZqMZljydH8AWgl0MZd2IAfajDxI03/6XZSgzq24n+J7wKMYWS3WzB98OIwr+"
-    + "oKoQ7aKwaaT/KtR8ggUVYsCLs4ScFY24MnjUvMm+gQcVyeX74UlqR30Aipnf"
-    + "qzDRVcAUMMNcs0fuqePcrZ/yxPo+P135YClPDo9J8bwNpioUY8g+BQxjEQTj"
-    + "py3i2rAoX+Z5fcGjnZQVPMog0niIvLPRJ1Xl7yzPW0SevhlnMo6uDYDjWgQ2"
-    + "TLeTehRCiSd3z7ZunYR3kvJIw1Kzo4YjdO3l3WNf3RQvxPmJcSKzeqKVxWxU"
-    + "QBMIC/dIzmRDcY787qjAlKDZOdDp7qBKIqnfodWolxBA0KhvE61eYabZqUCT"
-    + "G2HJaQE1SvOdL9KM4ORFlxE3/dqv8ttBJ6N1qKk423CJjajZHYTwf1dCfj8T"
-    + "VAE/A3INTc6vg02tfkig+7ebmbeXJRH93KveEo2Wi1xQDsWNA+3DVzsMyTqV"
-    + "+AgfSjjwKouXAznhpgNc5QjmD2I6RyTf+hngftve18ZmVhtlW5+K6qi62M7o"
-    + "aM83KweH1QgCS12/p2tMEAfz//pPbod2NrFDxnmozhp2ZnD04wC+6HGz6bX/"
-    + "h8x2PDaXrpuqnZREFEYzUDKQqxdglXj5oE/chBR8+eBfYSS4JW3TBkW6RfwM"
-    + "KOBBOOv8pe3Sfq/bg7OLq5bn0jKwulqP50bysZJNlQUG/KqJagKRx60fnTqB"
-    + "7gZRebvtqgn3JQU3fRCm8ikmGz9XHruoPlrUQJitWIt4AWFxjyl3oj+suLJn"
-    + "7sK62KwsqAztLV7ztoC9dxldJF34ykok1XQ2cMT+uSrD6ghYZrmrG5QDkiKW"
-    + "tOQCUvVh/CorZNlON2rt67UvueMoW+ua25K4pLKDW316c2hGZRf/jmCpRSdb"
-    + "Xr3RDaRFIK6JpmEiFMMOEnk9yf4rChnS6MHrun7vPkf82w6Q0VxoR8NRdFyW"
-    + "3mETtm2mmG5zPFMMD8uM0BYJ/mlJ2zUcD4P3hWZ8NRiU5y1kazvrC6v7NijV"
-    + "o459AKOasZUj1rDMlXDLPloTHT2ViURHh/8GKqFHi2PDhIjPYUlLR5IrPRAl"
-    + "3m6DLZ7/tvZ1hHEu9lUMMcjrt7EJ3ujS/RRkuxhrM9BFlwzpa2VK8eckuCHm"
-    + "j89UH5Nn7TvH964K67hp3TeV5DKV6WTJmtIoZKCxSi6FFzMlky73gHZM4Vur"
-    + "eccwycFHu+8o+tQqbIAVXaJvdDstHpluUCMtb2SzVmI0bxABXp5XrkOOCg8g"
-    + "EDZz1I7rKLFcyERSifhsnXaC5E99BY0DJ/7v668ZR3bE5cU7Pmo/YmJctK3n"
-    + "m8cThrYDXJNbUi0c5vrAs36ZQECn7BY/bdDDk2NPgi36UfePI8XsbezcyrUR"
-    + "ZZwT+uQ5LOB931NjD5GOMEb96cjmECONcRjB0uD7DoTiVeS3QoWmf7Yz4g0p"
-    + "v9894YWQgOl+CvmTERO4dxd7X5wJsM3Y0acGPwneDF+HtQrIpJlslm2DivEv"
-    + "sikc6DtAQrnVRSNDr67HPPeIpgzThbxH3bm5UjvnP/zcGV1W8Nzk/OBQWi0l"
-    + "fQM9DccS6P/DW3XPSD1+fDtUK5dfH8DFf8wwgnxeVwi/1hCBq9+33XPwiVpz"
-    + "489DnjGhHqq7BdHjTIqAZvNm8UPQfXRpeexbkFZx1mJvS7so54Cs58/hHgQN"
-    + "GHJh4AUCLEt0v7Hc3CMy38ovLr3Q8eZsyNGKO5GvGNa7EffGjzOKxgqtMwT2"
-    + "yv8TOTFCWnZEUTtVA9+2CpwfmuEjD2UQ4vxoM+o=");
-
-    byte[] longTagged = Hex.decode("9f1f023330");
-    
-    public void testClassCast()
-        throws IOException
-    {
-        parseEnveloped(classCastTest);
-    }
-
-    public void testDerExp()
-        throws IOException
-    {
-        parseEnveloped(derExpTest);
-    }
-    
-    public void testLongTag()
-        throws IOException
-    {
-        ASN1StreamParser aIn = new ASN1StreamParser(longTagged);
-        
-        ASN1TaggedObjectParser tagged = (ASN1TaggedObjectParser)aIn.readObject();
-        
-        assertEquals(31, tagged.getTagNo());
-    }
-    
-    private void parseEnveloped(byte[] data) throws IOException
-    {
-        ASN1StreamParser aIn = new ASN1StreamParser(data);
-        
-        ContentInfoParser cP = new ContentInfoParser((ASN1SequenceParser)aIn.readObject());
-        
-        EnvelopedDataParser eP = new EnvelopedDataParser((ASN1SequenceParser)cP.getContent(BERTags.SEQUENCE));
-        
-        eP.getRecipientInfos().toASN1Primitive(); // Must drain the parser!
-        
-        EncryptedContentInfoParser ecP = eP.getEncryptedContentInfo();
-        
-        ASN1OctetStringParser content = (ASN1OctetStringParser)ecP.getEncryptedContent(BERTags.OCTET_STRING);
-
-        Streams.drain(content.getOctetStream());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/ParsingTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/ParsingTest.java
deleted file mode 100644
index c5a3353..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/ParsingTest.java
+++ /dev/null

@@ -1,99 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1StreamParser;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class ParsingTest
-    extends SimpleTest
-{
-     String[] streams = {
-        "oRNphCO0F+jcMQKC1uMO8qFBPikDDYmtfVGeB45xvbfj1qu696YGjdW2igRnePYM/KkQtADG7gMHIhqBRcl7dBtkejNeolOklPNA3NgsACTiVN9JFUsYq0a5842+TU+U2/6Kt/D0kvz0WmwWFRPHWEWVM9PYOWabGsh28Iucc6s7eEqmr8NEzWUx/jM3dmjpFYVpSpxt2KbbT+yUO0EqFQyy8hQ7JvKRgv1AoWQfPjMsfjkKgxnA8DjenmwXaZnDaKEvQIKQl46L1Yyu3boN082SQliSJMJVgNuNNLFIt5QSUdG1ant5O6f9Yr0niAkAoqGzmqz+LZE1S7RrGHWiQ3DowE9NzviBuaAoI4WdCn1ClMwb9fdEmBMU4C7DJSgs3qaJzPUuaAT9vU3GhZqZ0wcTV5DHxSRzGLqg9JEJRi4qyeuG3Qkg3YBtathl+FiLJ7mVoO3dFIccRuuqp2MpMhfuP1DxHLNLNiUZEhLMQ0CLTGabUISBuyQudVFlKBZIpcLD0k7fKpMPuywrYiDrTinMc2ZP3fOGevoR5fnZ6kZAE5oMTtMNokzBuctGqVapblXNrVMLYbriT538oYz5",
-        "KEKVhHxtyUR9D3v5K4IJbVQLAMiVKoK9z7wFWUjzvLFNLg9C/r8zKfBa3YgZrt0Nq64+MxBePMbiNLCnfditc2qUcQZUHnvNnhwT6uGK37JmXg7MvQiKwvi31EIYt6ghqBZVs1iaqc0ep7wuQ16uwSQMlaDdXc9Qf1L0dGO/6eLyREz+p4UR4NOXK+GooQLfMxYL40zJlYcwNyR0rigvIr84WP2IMS2hZjqXtyS6HMM4yUv70hkIorjr7+JC4GtU1MyWuPuNSAGen0AZTaEEXd5sMbqXMqWg3jeM4mzRH1Kb3WdAChO5vMJZPBj9jZZKgXzmxkUh5GlIhUdYgztoNceBzQ3PIc7slCDUw9I2PjB87xsfy7jA5tFtFADs2EUyxUTMCuhilP664jSHgwbrr80k9Xc4sU+MCwCq2nQmcZYcPgKb4M31VJMlKwnZF3JUU2Jtqgg4gbErw58YoBwSkEcMJ2Juhiyx9U36MzxHs9OcTURfpsilMy+mDL8arCDx1knM1KkAHCLjWuJI+p1PvuIypgCwVc+MtGfd7wW8iR1JPJLBiuoZyNJ+xx9htd/HVB+rLtB57H8Gz8W+R00f",
-        "Ol9I/rXMwbLpxTY97v70B+HCl2+cojz2574x/cC56A7KGVF13La8RdzOOvSkl338ct9T/blEFa6QwNz3GmF+MoPdH9lncwz+tqixIqGU02Bp5swH0qjbp/Yjaeq91eR6B+9fl+KKrpglBr8S1BrI4Ey5v3AxxJdCWP8Gd+6Sp15/HMYanwlHBpCsW4+Kq8sGJoJXUXpQ/GBUJKs+WjX1zE6PsvF7/B8cByuqE3NJt7x4Oa+qZtF8qNc0CFDNj31Yhdt7JkAoD30IAd+ue9OhImQMCWwFwySRIRJXU3865K2dBR+VhLuI2aKzLh7MlgVKJk6b2P/ZIkc86ksR1sOUiHrs9EdoYuIssAgMc8QGzn4VN8lxopdzQYVG6pbXGS/VQlHkGdyLd+OHt4srz/NTUWiOquVTRxa6GgtlBFfIXikPTb+iT2pZKyKUlBvpgo0BY9vVUadsteHAI5qrFZBrL5ecK/Qtl9hf/M8qEjyjt2aCXe9B96Hg2QR5A53qW2PJW5VzS0AeB3g+zJSPCTpygrBs20q5Xrna0ux2l17r6HT9Q/AXIOkwPZUXXn0d02igS4D6Hxrg3Fhdp+OTXL8G",
-        "o3eXWpwAGmUkxHEKm/pGkDb1ZQQctCQ06lltZjeMXDp9AkowmA0KXjPQCQwyWE/nqEvk2g/58AxNU0TWSujo5uU0h4/hdMZ7Mrj33NSskWvDpKe7lE5tUjPi74Rmc5RRS+1T/EQobpNxoic3+tTO7NBbZfJtcUYeZ3jqxL+3YQL3PrGe/Zpno9TnQW8mWbbhKhDRtKY4p3Pgk9hPSpJCM9xYo3EMAOAIiH2P6RKH6uX/gSaUY2b6DE/TT0V6v/jdSmYM4+cnYiTyJCi5txI35jfCqIlVCXJd7klirvUMg9SXBhGR25AgQ5Z8yjd7lbB8FvD8JQAXZrp6xiHxbLIW7G11fWEo7RGLFtALI6H38Ud0vKjsEN7N5AibJcxS2A/CWk9R00sTHRBHFUP8o5mz8nE7FeCiwJPs/+tCt04nGb9wxBFMsmWcPEDfIzphCaO6U/D/tQHlA846gbKoikv/6LI0ussSR/i85XBclNcvzTctxylSbCR02lZ+go6fe5rmMouiel/0Tndz8t1YpQGilVeOQ3mqAFyAJk3dgfTNKZuOhNzVIZ5GWScKQ5ZtNcWrg6siR+6YwKvLiRb/TJZk",
-        "PwRUnW4yU8PI7ggbI1BIO9fcTup8optkqCirodyHCiqsPOMZ4g28bJ2+kpfQRujWGlKFYQzA1ZT32s9hdci+fvXPX0KAjcUgcxsGzMABFbEm04BwDF2WLgg9s4/x71r5JrgME1S08I3mCo4N0eFHWDeLJL1b5YNNo6tfO5V2WpIE867N9zdAgvp1gijVjUNWqEB3A/NLb3reLMu2hYgqRFTCVBfcFclD46k0XEfUJqwWdQhOz92WNl/3g53bjKX1hDZgjLIzK6m+SU6+J/h4NidrS7E0gOBevZW8gRYdKMVqNWxzUfxv6kgG+kIeF9JqMcO6jdh/Zu/0tpZoHFeCweZ1jT1eEtltFu1FcTTPc1UT0pT+ZNVgefrBONoGnvn8+dBjPese6F2TmRCExJq9taKlIh/kHdkbpaa7vwrBpYRgVGfARPyM9SSCaE7pVBDuwkFeYiGU4tamm5Gq10ojRQgetJ3UOg/PGTJcxo97GBiG5zAST9NdHdgK3eI4FAbWpGwmWxNpPWOst0a7zuGKAzYU+1IQh8XA3IgJ2vy3+w0JihU6G+12LUzsL2aQtpG7d1PqLhwOqHq3Qqv3SDsB",
-        "ZIAKizvGzbvqvqOlxOeVgHGHV9TfKNjjqyzbCj8tggv2yp7kkq1D3yRlC349tuul3zN9g4u83Ctio9Gg3HiLzMULxoOImF/hKRDhJpPLbLm0jSq1fyF+N7/YvyLeFhGoPhYEBUihDcxo1NIcWy66aBt3EuOlTyDQWrDe0Za3mrTrrl10uLHVKcQMgeD+UMgjQqmHzQJR8wdNjHPKHWVvZEdiwI031nV2giHJHXv08Jvf4vmw4dAlH2drCl6cBgg33jy7ohK8IiXz6eCw6iY9Ri8YaMzxOhgE2BOHzEz5ZC2hilL4xO/ambTER4bhb4+9VTUIehHP18FcXm8TKPQRMqyKP2fMlzWW3/uelYfPP5SHlyLAULa1KjDCkLIDunEKZDpv2ljGB6JPrTlNwFsvlZcihfOAwjbr2jW3MwP704OA8xzd/dynBU47unIZEu0LAvQ3TUz3PLga0GGO1LZGtg0Foo9zFG2wuVCdgYHmozOQ+8I3gRguW1CjGy7ZCTBuN1GZ510ERhae+bRQtldHsLeiHTghnkU1xEX1+W0iEf3csDYrgpuq3NaBYRGirovDiPBYFHmru0AMclhFnpcX",
-        "uG0wQ55kMlfZtJFAqTl0bnYW/oy9NFOi0e4FqAYwsvMxGO4JtGzXgkVwEUAC0AUDItRUjxBl+TkoPTYaprgn0M/NQvKPpXJ+yzI7Ssi+F2alLR0T6eF/4rQ32AVjnANJaghXZm0ZKduckbhSxk5lilJVJRuzXKchZRtlPluvlj448bq+iThktsEQoNP8NMpi7n/EVxovp+dow4Q6t7msSRP4cGXtyYoWKbf/7e5XzBKOZZ1/f3s86uJke4dcKIaljpJfBrtuFxZC6NYXzX6PkoDoBgqQ8RBrxsX54S9cBDAPxxmkq8zviAOW3oqPMULGGmQzHBiRwE8oeDFoMnzF5aR/lkbNuTLOxhbIkosgLWlDNVEFYx9bVhdLzO7VwaAK829dimlPOo5loKB7Pd2G7ekRKXwu7wNvJBq8KRkhtLKbKoS8D6TaRWUMb9VBJ1CMy4mrw+YwTmAKURQ6Dko9J/RgzRg5Y/sUlwdMYS9HOnvKiTVu5I/ha35wwkhIPVm+FCn05tstntZaXXXu4xExHeugAKNBhkcc/SQt+GFdxXDd+R4C2LfKxGDSyZKVTFYojHTdZUo8Gx6SZLY6b2SZ",
-        "sH0kIwIq1THAfTLfqUKJfG1YauCQKPc9/mk3l39yK6zgxSpCH2IjZIwhhJtGm3F+8PTneT725OuyR617nxqrgqMGkkZkyY4DA5CjsikpBo5mo8TspX1g+vtXXtxymJMTMo8JwX3nSH4gSb3vPia+gwOW2TcJmxVdp3ITPA4gJpMfqoMBqRM+eDWO6QXW5ijVL4+wnp40u5bU4fQLVzpg25+QGLqBHD6PZTQaN6F9Vy5XpsAGDlncCklVuX3Lkp3Xb9cTiNa/4ii04uwZqx0juszjwFAMPPb6u56crvN1x4FXfXzabWECHbdQLlKazowvU9bEnqG2i4H44Ae+v8Iw8HK5mbZ6ercLTD9oPgs7Ogal037l2WwLApUz/fmD5fV8SxHh+vKDpfOzv6xcQxynS82jAJw9AdUwE/4ndGzzHPIu2M81gbAgZQ02EurMMU62hYgiXeridrtyh+H5R+CiwQdEyX7/op6WVihsYj2O3O/1hgjhGQRFD6sGwnko50jgWRxaMMfJGNlyGoT8WT5k931jU7547u7Ovr7XP/t8r3G7ceCiCcYjQgdwXdvIStzPvvV7Yy02isZjiJF8TLJQ",
-        "tycxf1mOz1yLE6cT/ZlCxMeTxlEEHFeIdw0+nF/40Tsw4vLco+4kR2A6cVml611CSpN6l/RMKk2LnAkprrbJ/Uam902WBnQ+I6Vsl6GkFFq7362bdixojqMFVKYytXLCT8I78f6s8M6a3jSALQloD6Ftvn+cc+cctO3weaaaPgAlrz+f2MFs8bqpnLQYbbY/JS9IAYJFH+yVtLz7eKcedEp9JMlJ3/43szU2fDN9ZMxBoQnxEmF3WZv6GF0WRc8VhTblXRgk4mlz6Fu3IXvwW/rbn+VCYYIk/XaVLrxFAnnw6mBozAF7vmV0OrIYBlSDU8rMb+F7AvE7pwErO9TJtCE8IUvQf8TsJYRoYv21/X57pzcBedtqVeU3DnTlmESHxG6H1uJbadSFLWSxKS4svfp8T9FWqX5815yD/UplAKEIeorLTAlPIC2ASKDU6SQW260biNAfY8FYQCWa8btaTwFuY8NMwSHzyqgU0aoPKnagi/4hOIWNO5rZ8Xcnzx+ELtEl33hQnzc4OUlT5eeVYQWkz2IWVQ6Re4JWF3L4OXzNZWgefKGMzZU6IHoBeCgfi+popLRJpaOx0dcvwGjk",
-        "oDsoFvUA+sGOoMyZY6w1UhY3NBkeoozzjEkDSRN1golyXJ1dC5CtYNEjvAJYKj+sqNwg9mBlYyybYpnI3GSP125zMeBHPCoy5CoNOkJW4OH/oLyjVeQbFNic/b2Jcz6lTguYhep8hq9EM2XuFV8T1rm5+4ucI7fH1UiOqRZyuHBAJ0Cna5kv6D3efsa9rd+swybiMIUjmPWpyxzNOOihCYuf4JqRh/D5eZKm6x0Zj2uRhTAYYxI7Q3czd0R9490ufG8VbF8ASBMireMONNNAA/OZCpxJh6xnIANBqV6YDeysws3NBWY2QuNumvg5Kr3/g+VMzJHi4wGuJjraKWi9+ylMfelHF5h/h+pAQVxCotq8JU3OTnMUW4rQp2a8BR5S+mZqPSPlb87tDG9r0+yqb1uO4UIo71C7Xxwoq4M0tXjk6mSmtP/sm+Lh14qfUzKRhTHVdz91TK104mbTJNXbK+jGPD/2BJO9fiaXY8IYanpfDLBfJo06VYbm6HehRZTwnDHnN50j7ki4aMS3COZvffjRInXD8dS5h9zmtKNpoqg//lPg4gpS+4Th2sJ3SGtBV0Ne89r7AfZMAVa26PMK",
-        "MIDLuZTrtZnEBOB6l14iSEyokAg5Wf5JviumhfPeL7WSFTHfOodU2hrvhyvM6oAlRHY1blTj7mw+Tcf9Tmc+/FHT6PGu0NT5UAqaqChX0gS9jizgAE2Yfhd4X/DoeQySMAixKuhu8TbvDxb54jeW9+7LVkmlntJ/0SkMgsT+WQ31OfpwDmEGDczYc+Ol14aJS+EW+rnGv9d38bo/cy+EnpNh8iV2rGGoC8fDzFHKU4gqGFSZF/tnD2OfCne0Vjr/GD6kyp2MVcHig19DBg2toGRkHnuY5kLkwOanztXA80IaAmv8e6s62U8CE8ozUZeDBcvBigEkSGx79Vsyiks8+9Kq9xLHLeS5kRT6zSl8whe8U1fIfrgic34KPlozcQVahwCru1XWyQ+9uevih8x4zMftkJ3JBZhPrnlgtx9McntH/Ss9fdUEkNwWpDnq8Xby8/5gMMMwQ13XDB73vqqteDiltMq8i7LRez4iIHfSBBfIkZIzMZAblQXaSm029iBcAAUes7wcGHUl7KOpRy18jNtI3+h7e1Ri6sT2vJYQaove0nzZ5xAjpBKnbJX+lpGVlI00fC2YSTfyNqFA0jkL",
-        "MG4QbKLbQR3enPn6Z/kEUtHrzWBIqYKR7Gvs5QHLPF6417p1O58suZq38Bb8dO5udtgOqNEVAPGmOuidYygWWfWOP5ReggTUk5XlrkvRxCU0MHWbkSKkJ+T4nLjozreqTJ0io41sFVrpxuOugAvXJ6QtMmixSABUaNgU9SkkWf9pOEiJI8dfND51HxJCbXHwsMCMBp5FbaMZmlWPwirRdAox4wbLk9ZLmoWUcorUjdaWhKvT/LnjMgPmwnwwKpN/4MOnRDdAPdzXX3aWHdkzpfsQnqt3UJsTsSaJlzeUja5C5L4CXGyt99qmfcwB8OB9TL4EYTIl3maD/gUWBfckOsji8x2E2c2iuKKrcmMmcChYr4wCjtTjEeVKOAZ2m9mU2MKc2z2hDw3AuZxsY6aOtdAjnrwl5QXGRg9I5LVl5SI5RwnLwk90pJzDGuSSCtSmzh9DUZ4WpfN+1393aTGRqCMOsB4KxbXjspUbVMFJbnXXlsSNWaoFTpHjK6b6Ghi2/re7KJpoKElM3nGs3qvxdvGTKu7LKr/sgKDL6uQLRKoyk8AHSIGX9c8ZUTk7Sq9jV9p4QfV1WFVpaBxSsEmw",
-        "MR0BACgWKis9/AKwG9/ARgGWJn1aM3nU8YXzWG+b7aeRUkVCjl4WxeL38E3FAMLW4UcyLzxeb+CskOqhPPTglmxhK7jQcrNILsWcZvdZfApYIvk5uKqA5FKuUuL48uvD0aKGRENe/VEUFlkQru5YX4Xnp+ZThrJJlgn7ANat/qAdP6ULEcLaOQlLYcGRh5ttsJTRT4+cZQggTJjWt+9idUQ66HfC6zQ1qHcMuochy7GHiUmNXAs0AgwOF9Jwet/Qh74KGMtmppJ9gkEqiYECFQA2gVgKc1AufHJS6S6Re72FfH/UkL41L2hvlwktkD5/hZrUZ1R+RG12Eip2zKgus4g/aGl0V8B/JvkcnFUsZJ6uxs24arOBDJOuzzxky5F5B/hwVGPEdcfHunqndUcx26/KCK72hOljlqTXl8yEbXlcMqVFNByZLr7TnGzGGUlO7kuHPW/ItZUJvrHokpsLLrb3ZhEZ8pTQd75gFcf0Ve8CYzEtk2ISHtNJQV6Iz4AZHWssU6F6YWM/OlJz5JGTtPHfGMJXgl4oxbBjeenS3JQ0X7vWXYMwPe3U1dat6m5hrRC1KzI6e6w+gPDtF8GQ",
-        "DH2WX6XoIseX6lHIey3seUr3DAz82fyk0jL7xc5IDTrDfqS64QBhHDpqHETF/81MrPXsM3IANBfjDOl9g/gua8wWPpPNxuWZMNh0GLcAr6PJ939TCbjE3soZHF2wiA82nZEO8jIZosDVRWFUfJS6Y3nrJz63SExqB6OUdBfvSfz1Y1M/90ofBxkfeuS85deMdn+1rZdsnZJYwz2Z6lCDvYjUTfrSwfVFJBP8Y2BXr8WClUYkfGG4eNG7IPNBRuMmhrhHj5y9z+5Jor+EbbTi5F5Jvdu2/bDM7s32XsaMNLYuVtNYONrbQ+3QZ746/yKZM4hDREvxyGLgDx3Apz7pyvwKm0//iTCY3yJLxZifGLh2uc28cFBln7IH1x8oui4Xq9vF+Z2EH4Ow48Ln5pzggBKMGy4dsfW6266TNYd/Z3SZUi28sxondqhGCSGUo7ZVPAOoYDcYKvjdI/cJ688PHliyZSYBYVmR5HBxZ57sqWwgZQ7zVvwv4CHHysvb92sPrXijHxBIkwpNuK56UMyQCcywlTRLDCMAMNAEGi4fWbDQIoPfn+NixMhEieg3Zh7GXPwHxW8morlgBW5aF76P",
-        "AwClK6Tq9R2DYGf8RAHu9dEttLeOfUVmS4WPwX0NehsnyM7y7n2sgGnXsiva3yFqK1hKZICkVukvHF7/bpgEEm/jRwcAhQUoG+c1qVde38eHJXj58YOBGTveruc+021or9/tHBtenmYPO6+arLQtONi43NKm7+I6ugkgQlp6iBr4haa0XMDTzMX9c8Qm/O+MrVo3qESYKkVtoSSK7SGZTBaRWNF/dOM0NQxeMP+XTVOuroqE23ZNsubBTEZnd4vUilFb/iKnhyT9XnIo7gM/Yz7HLVU5yc3yIj2sFUE+DcwpvcNO5EnPhj3bHsJvf3N4r72+5my2KjoR3KAJE1Imabd54o4xZ/9UaR93qLkVuXMkLRCCU/zlZDtfbJDsRR0C5rSYd2k6IPlNcl7PgmUpsNPUyoDYqvhuRUZxgoUAfKbogzJX8FU/QpllsKVtt68ucBi0bqC5pVKu23j79nDvYQsSlYY3JwJQaM5M558J5qpP1yEF2p4kSRphnB9UR29wWgch5eWZ4a02LlHVM5Msl6W5PdmHt+eFARBRv6edIyYDFzxm4WZroH5F/GxBhM0KObgawkxa5VWsYm0VhhXb",
-        "KACwq8rZuOLHuNnZJA07WzI7kppCwptbcYU2B7t86QcZrnadCtxoM5QNcl9rsbMA26iWCPV3VlDAmLSWcxtMoSKWuo4edJpk8K915xkFU5U6I/901vx5hqAECQDy/Q+QDWmWTXDoVHqFV9wvIj3wCJPpJL/Ewpl0NZd+68jjOjUhjIdNebLrWNK2nhTPiIjFjkcVqEgashpOmnbHT+2MV/CHoixmUEiuRI1B0dvSf7FHGRgbXGBubisuu60g8XTens5zyRo4Qn/LTxIu2aj4LTtyLonV3sXr+y35A1zq5mCrE1f1nOINVzwYYY76iJGIaBkZuMU3366FPIbYkmXwla6RQU1FA0Y7n05qczw7Ie5TveRTByKFtUqW8OAb9vH+H2ezJ4CXE3AGbu/nTj64KClO/zL499GA+97g+X6tTN6xOJdNknlqw6ZnFNtCL8+A3hL4OyOgWD0IGC+xFvcKjDUaaJenCtQvprCJaFrvoOS+yYmixnFqglnPYL/64/Lca8NmDVpPzlHI8HNwUDzKiXTw3q7GnQZWmUYzu1vLIEi6/hyqrULRN1vLdd/8HCMNQFj4ot61UftHtOG8MCKa",
-        "rUABPQ3SEWE5rY16pM+o+7EObLNM1jEa5YCMQM/aen0PWajWNax3Pyo6TZL8aGDXZF0yWqDM3b2m6UHOr6yqsUSrD+0jXPT48QN1VdBmh+AFRK+UcaYO383a0nvtv0c9uHt4yfceXLPGWrNjW+uTnS/lKpCdpE4GfLF1SFHIUcMxT+3At7hwDHNkLXllEXqbgDP8LyQSlYwT5jQUDCOzwc8CSxAryUOj6fN+iLKAiw4haPV/WZDG+JOmDMG2azo8SoBMi3y6Z2Le2fz2dMuvn5DUvCUvazrUmWYx4NEdSzc9GfBc6cXkduMqCs+lT2Ik2GHO0WjhrEB6j5NULOaCtbrislM85P6QutN4Pj9l18pcD6vZCcDTOwMj/BznclH342jeMn7rBgpW1YSzbNGP6KC4NeNW1H2xqNtuyhcJvasx4dwhzO18A36H6HtkiQyJNnfnVHh1oviO6mi3atmnh9B/55ugXM1Wf/6Kv8kJyaKtK8cWo+jCAR0/P/EsPtzToJM9Yk2+qxaPFd3k7T2KXvCQ9D1jLeECxL59L+WDvdBtxOEBD7W0a/Mn/9LuQPOiwARKJSTU+blJ6ezTeo83",
-        "poA1hF4zRh7HF0xVglYoLFqkUR7Pru/qYFnfMKBPuEOOGdgO3MMcAvIZ+w+Ug4THr/6+Vux0TN3wdOB+beObOboLgNE2zaD65lyMFbaulzrEnWjUgIg63CdpQJ2ESaimHGg/GmsipUCndRJ37TbUtn8W112SehsAgrsjiBcuJhw61i4bVfAZEcycq4Y/FlEDxtzoH8WzDoESNbl+r5agLcHGr37BFi81IXS8TLihC1T8b7d6tLb6lpXT+9IR4xAyZTw1IFMDZZEzVmHgYE/Et20/WhkX/oGghkWSpCxR0kynDplk+BEK2oyGKnl+rf4vymhsse2iQ/C99PhaodZjDfuGVSwPLoU0AYyAKaEwmgHPOFbDlrAmNk4iBp+IZYm9guZM2hcQ4GeA5WQyZzw4C1yMywWbdjtL9ZhpClmmPZ28nmwNORAat7tXPJoBBdXFB0gNT/wU7UYIKU5GnAiDIFJ0o8ijnuAMat3AsBki2vxwdypuBq5M6OF9DVA0HRUjOA0l4JHjK8Y282mz3U34PDPQvwCT342uD9cO3uXoSr3T2FnDmsVHz4Q9zYpSjioLmZk9ZTnQWgN5V5Oyat6m"
-     };
-
-    public String getName()
-    {
-        return "ParsingTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        inputStreamTest();
-        parserTest();
-    }
-
-    private void parserTest()
-    {
-        for (int i = 0; i != streams.length; i++)
-        {
-            ASN1StreamParser aIn = new ASN1StreamParser(Base64.decode(streams[i]));
-
-            try
-            {
-                Object obj;
-
-                while ((obj = aIn.readObject()) != null)
-                {
-
-                }
-
-                fail("bad stream parsed successfully!");
-            }
-            catch (IOException e)
-            {
-                // ignore
-            }
-        }
-    }
-
-    private void inputStreamTest()
-    {
-        for (int i = 0; i != streams.length; i++)
-        {
-            ASN1InputStream aIn = new ASN1InputStream(Base64.decode(streams[i]));
-
-            try
-            {
-                Object obj;
-
-                while ((obj = aIn.readObject()) != null)
-                {
-
-                }
-
-                fail("bad stream parsed successfully!");
-            }
-            catch (IOException e)
-            {
-                // ignore
-            }
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new ParsingTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/PendInfoTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/PendInfoTest.java
deleted file mode 100644
index 990c9c6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/PendInfoTest.java
+++ /dev/null

@@ -1,45 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.util.Date;
-
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cmc.PendInfo;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-public class PendInfoTest
-    extends SimpleTest
-{
-    public static void main(String[] args)
-    {
-        runTest(new PendInfoTest());
-    }
-
-    public String getName()
-    {
-        return "PendInfoTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        PendInfo info = new PendInfo("".getBytes(), new ASN1GeneralizedTime(new Date()));
-        byte[] b = info.getEncoded();
-        PendInfo infoResult = PendInfo.getInstance(b);
-
-        isTrue("pendToken", areEqual(info.getPendToken(), infoResult.getPendToken()));
-        isEquals("pendTime", info.getPendTime(), infoResult.getPendTime());
-
-        try
-        {
-            PendInfo.getInstance(new DERSequence());
-            fail("Sequence length not 2");
-        }
-        catch (Throwable t)
-        {
-            isEquals("Exception type", t.getClass(), IllegalArgumentException.class);
-        }
-
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/PersonalDataUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/PersonalDataUnitTest.java
deleted file mode 100644
index 01bce30..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/PersonalDataUnitTest.java
+++ /dev/null

@@ -1,121 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.x500.DirectoryString;
-import org.bouncycastle.asn1.x509.sigi.NameOrPseudonym;
-import org.bouncycastle.asn1.x509.sigi.PersonalData;
-
-public class PersonalDataUnitTest
-    extends ASN1UnitTest
-{
-    public String getName()
-    {
-        return "PersonalData";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        NameOrPseudonym nameOrPseudonym = new NameOrPseudonym("pseudonym");
-        BigInteger nameDistinguisher = BigInteger.valueOf(10);
-        ASN1GeneralizedTime dateOfBirth= new ASN1GeneralizedTime("20070315173729Z");
-        DirectoryString placeOfBirth = new DirectoryString("placeOfBirth");
-        String gender = "M";
-        DirectoryString postalAddress = new DirectoryString("address");
-
-        PersonalData data = new PersonalData(nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, postalAddress);
-
-        checkConstruction(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, postalAddress);
-
-        data = new PersonalData(nameOrPseudonym, null, dateOfBirth, placeOfBirth, gender, postalAddress);
-
-        checkConstruction(data, nameOrPseudonym, null, dateOfBirth, placeOfBirth, gender, postalAddress);
-
-        data = new PersonalData(nameOrPseudonym, nameDistinguisher, null, placeOfBirth, gender, postalAddress);
-
-        checkConstruction(data, nameOrPseudonym, nameDistinguisher, null, placeOfBirth, gender, postalAddress);
-
-        data = new PersonalData(nameOrPseudonym, nameDistinguisher, dateOfBirth, null, gender, postalAddress);
-
-        checkConstruction(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, null, gender, postalAddress);
-
-        data = new PersonalData(nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, null, postalAddress);
-
-        checkConstruction(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, null, postalAddress);
-
-        data = new PersonalData(nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, null);
-
-        checkConstruction(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, null);
-
-        data = PersonalData.getInstance(null);
-
-        if (data != null)
-        {
-            fail("null getInstance() failed.");
-        }
-
-        try
-        {
-            PersonalData.getInstance(new Object());
-
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void checkConstruction(
-        PersonalData data,
-        NameOrPseudonym nameOrPseudonym,
-        BigInteger nameDistinguisher,
-        ASN1GeneralizedTime dateOfBirth,
-        DirectoryString placeOfBirth,
-        String gender,
-        DirectoryString postalAddress)
-        throws IOException
-    {
-        checkValues(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, postalAddress);
-
-        data = PersonalData.getInstance(data);
-
-        checkValues(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, postalAddress);
-
-        ASN1InputStream aIn = new ASN1InputStream(data.toASN1Primitive().getEncoded());
-
-        ASN1Sequence seq = (ASN1Sequence)aIn.readObject();
-
-        data = PersonalData.getInstance(seq);
-
-        checkValues(data, nameOrPseudonym, nameDistinguisher, dateOfBirth, placeOfBirth, gender, postalAddress);
-    }
-
-    private void checkValues(
-        PersonalData data,
-        NameOrPseudonym nameOrPseudonym,
-        BigInteger nameDistinguisher,
-        ASN1GeneralizedTime dateOfBirth,
-        DirectoryString placeOfBirth,
-        String gender,
-        DirectoryString postalAddress)
-    {
-        checkMandatoryField("nameOrPseudonym", nameOrPseudonym, data.getNameOrPseudonym());
-        checkOptionalField("nameDistinguisher", nameDistinguisher, data.getNameDistinguisher());
-        checkOptionalField("dateOfBirth", dateOfBirth, data.getDateOfBirth());
-        checkOptionalField("placeOfBirth", placeOfBirth, data.getPlaceOfBirth());
-        checkOptionalField("gender", gender, data.getGender());
-        checkOptionalField("postalAddress", postalAddress, data.getPostalAddress());
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new PersonalDataUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/PolicyConstraintsTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/PolicyConstraintsTest.java
deleted file mode 100644
index bc0d2f0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/PolicyConstraintsTest.java
+++ /dev/null

@@ -1,55 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x509.PolicyConstraints;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class PolicyConstraintsTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "PolicyConstraints";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        PolicyConstraints constraints = new PolicyConstraints(BigInteger.valueOf(1), BigInteger.valueOf(2));
-
-        PolicyConstraints c = PolicyConstraints.getInstance(constraints.getEncoded());
-
-        isTrue("1 requireExplicitPolicyMapping", c.getRequireExplicitPolicyMapping().equals(BigInteger.valueOf(1)));
-        isTrue("2 inhibitPolicyMapping", c.getInhibitPolicyMapping().equals(BigInteger.valueOf(2)));
-
-        constraints = new PolicyConstraints(BigInteger.valueOf(3), null);
-
-        c = PolicyConstraints.getInstance(constraints.getEncoded());
-
-        isTrue("3 requireExplicitPolicyMapping", c.getRequireExplicitPolicyMapping().equals(BigInteger.valueOf(3)));
-        isTrue("4 inhibitPolicyMapping", c.getInhibitPolicyMapping() == null);
-
-
-        constraints = new PolicyConstraints(null, BigInteger.valueOf(4));
-
-        c = PolicyConstraints.getInstance(constraints.getEncoded());
-
-        isTrue("5 inhibitPolicyMapping", c.getInhibitPolicyMapping().equals(BigInteger.valueOf(4)));
-        isTrue("6 requireExplicitPolicyMapping", c.getRequireExplicitPolicyMapping() == null);
-
-        isTrue("encoding test", Arrays.areEqual(
-            new PolicyConstraints(BigInteger.valueOf(1), null).getEncoded(),
-            new DERSequence(new DERTaggedObject(false, 0, new ASN1Integer(1))).getEncoded()));
-    }
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new PolicyConstraintsTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/PollReqContentTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/PollReqContentTest.java
deleted file mode 100644
index 1b81f77..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/PollReqContentTest.java
+++ /dev/null

@@ -1,55 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.cmp.PollReqContent;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class PollReqContentTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "PollReqContentTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        BigInteger one = BigInteger.valueOf(1), two = BigInteger.valueOf(2);
-        BigInteger[] ids = new BigInteger[] { one, two };
-
-        PollReqContent c = new PollReqContent(ids);
-
-        ASN1Integer[][] vs = c.getCertReqIds();
-
-        isTrue(vs.length == 2);
-        for (int i = 0; i != vs.length; i++)
-        {
-            isTrue(vs[i].length == 1);
-            isTrue(vs[i][0].getValue().equals(ids[i]));
-        }
-
-        BigInteger[] values = c.getCertReqIdValues();
-
-        isTrue(values.length == 2);
-        for (int i = 0; i != values.length; i++)
-        {
-            isTrue(values[i].equals(ids[i]));
-        }
-
-        c = new PollReqContent(two);
-        vs = c.getCertReqIds();
-
-        isTrue(vs.length == 1);
-
-        isTrue(vs[0].length == 1);
-        isTrue(vs[0][0].getValue().equals(two));
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new PollReqContentTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/PopLinkWitnessV2Test.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/PopLinkWitnessV2Test.java
deleted file mode 100644
index e8cbeb4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/PopLinkWitnessV2Test.java
+++ /dev/null

@@ -1,49 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cmc.PopLinkWitnessV2;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-public class PopLinkWitnessV2Test
-    extends SimpleTest
-{
-    public static void main(String[] args)
-    {
-        runTest(new PopLinkWitnessV2Test());
-    }
-
-    public String getName()
-    {
-        return "PopLinkWitnessV2Test";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        // Object identifiers real but not correct in this context.
-        PopLinkWitnessV2 popLinkWitnessV2 = new PopLinkWitnessV2(
-            new AlgorithmIdentifier(PKCSObjectIdentifiers.bagtypes, new ASN1Integer(10L)),
-            new AlgorithmIdentifier(PKCSObjectIdentifiers.crlTypes, new ASN1Integer(12L)),
-            "cats".getBytes()
-        );
-
-        byte[] b = popLinkWitnessV2.getEncoded();
-        PopLinkWitnessV2 popLinkWitnessV2Result = PopLinkWitnessV2.getInstance(b);
-
-        isEquals(popLinkWitnessV2, popLinkWitnessV2Result);
-
-        try
-        {
-            PopLinkWitnessV2.getInstance(new DERSequence());
-            fail("Length must be 3");
-        }
-        catch (Throwable t)
-        {
-            isEquals(t.getClass(), IllegalArgumentException.class);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/PrivateKeyInfoTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/PrivateKeyInfoTest.java
deleted file mode 100644
index 5ee0445..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/PrivateKeyInfoTest.java
+++ /dev/null

@@ -1,49 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class PrivateKeyInfoTest
-    extends SimpleTest
-{
-    private static final byte[] priv = Base64.decode(
-        "MC4CAQAwBQYDK2VwBCIEINTuctv5E1hK1bbY8fdp+K06/nwoy/HU++CXqI9EdVhC");
-
-    private static final byte[] privWithPub = Base64.decode(
-        "MHICAQEwBQYDK2VwBCIEINTuctv5E1hK1bbY8fdp+K06/nwoy/HU++CXqI9EdVhC" +
-            "oB8wHQYKKoZIhvcNAQkJFDEPDA1DdXJkbGUgQ2hhaXJzgSEAGb9ECWmEzf6FQbrB" +
-            "Z9w7lshQhqowtrbLDFw4rXAxZuE=");
-
-
-    public String getName()
-    {
-        return "PrivateKeyInfoTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        PrivateKeyInfo privInfo1 = PrivateKeyInfo.getInstance(priv);
-
-        isTrue(!privInfo1.hasPublicKey());
-
-        PrivateKeyInfo privInfo2 = new PrivateKeyInfo(privInfo1.getPrivateKeyAlgorithm(), privInfo1.parsePrivateKey());
-
-        isTrue("enc 1 failed", areEqual(priv, privInfo2.getEncoded()));
-
-        privInfo1 = PrivateKeyInfo.getInstance(privWithPub);
-
-        isTrue(privInfo1.hasPublicKey());
-
-        privInfo2 = new PrivateKeyInfo(privInfo1.getPrivateKeyAlgorithm(), privInfo1.parsePrivateKey(), privInfo1.getAttributes(), privInfo1.getPublicKeyData().getOctets());
-
-        isTrue("enc 2 failed", areEqual(privWithPub, privInfo2.getEncoded()));
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new PrivateKeyInfoTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/ProcurationSyntaxUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/ProcurationSyntaxUnitTest.java
deleted file mode 100644
index 25de429..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/ProcurationSyntaxUnitTest.java
+++ /dev/null

@@ -1,107 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.isismtt.x509.ProcurationSyntax;
-import org.bouncycastle.asn1.x500.DirectoryString;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.GeneralNames;
-import org.bouncycastle.asn1.x509.IssuerSerial;
-
-public class ProcurationSyntaxUnitTest
-    extends ASN1UnitTest
-{
-    public String getName()
-    {
-        return "ProcurationSyntax";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        String country = "AU";
-        DirectoryString  typeOfSubstitution = new DirectoryString("substitution");
-        GeneralName thirdPerson = new GeneralName(new X500Name("CN=thirdPerson"));
-        IssuerSerial certRef = new IssuerSerial(new GeneralNames(new GeneralName(new X500Name("CN=test"))), new ASN1Integer(1));
-
-        ProcurationSyntax procuration = new ProcurationSyntax(country, typeOfSubstitution, thirdPerson);
-
-        checkConstruction(procuration, country, typeOfSubstitution, thirdPerson, null);
-
-        procuration = new ProcurationSyntax(country, typeOfSubstitution, certRef);
-
-        checkConstruction(procuration, country, typeOfSubstitution, null, certRef);
-
-        procuration = new ProcurationSyntax(null, typeOfSubstitution, certRef);
-
-        checkConstruction(procuration, null, typeOfSubstitution, null, certRef);
-
-        procuration = new ProcurationSyntax(country, null, certRef);
-
-        checkConstruction(procuration, country, null, null, certRef);
-
-        procuration = ProcurationSyntax.getInstance(null);
-
-        if (procuration != null)
-        {
-            fail("null getInstance() failed.");
-        }
-
-        try
-        {
-            ProcurationSyntax.getInstance(new Object());
-
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void checkConstruction(
-        ProcurationSyntax procuration,
-        String country,
-        DirectoryString  typeOfSubstitution,
-        GeneralName thirdPerson,
-        IssuerSerial certRef)
-        throws IOException
-    {
-        checkValues(procuration, country, typeOfSubstitution, thirdPerson, certRef);
-
-        procuration = ProcurationSyntax.getInstance(procuration);
-
-        checkValues(procuration, country, typeOfSubstitution, thirdPerson, certRef);
-
-        ASN1InputStream aIn = new ASN1InputStream(procuration.toASN1Primitive().getEncoded());
-
-        ASN1Sequence seq = (ASN1Sequence)aIn.readObject();
-
-        procuration = ProcurationSyntax.getInstance(seq);
-
-        checkValues(procuration, country, typeOfSubstitution, thirdPerson, certRef);
-    }
-
-    private void checkValues(
-        ProcurationSyntax procuration,
-        String country,
-        DirectoryString  typeOfSubstitution,
-        GeneralName thirdPerson,
-        IssuerSerial certRef)
-    {
-        checkOptionalField("country", country, procuration.getCountry());
-        checkOptionalField("typeOfSubstitution", typeOfSubstitution, procuration.getTypeOfSubstitution());
-        checkOptionalField("thirdPerson", thirdPerson, procuration.getThirdPerson());
-        checkOptionalField("certRef", certRef, procuration.getCertRef());
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new ProcurationSyntaxUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/ProfessionInfoUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/ProfessionInfoUnitTest.java
deleted file mode 100644
index 5aeb138..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/ProfessionInfoUnitTest.java
+++ /dev/null

@@ -1,117 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.isismtt.x509.NamingAuthority;
-import org.bouncycastle.asn1.isismtt.x509.ProcurationSyntax;
-import org.bouncycastle.asn1.isismtt.x509.ProfessionInfo;
-import org.bouncycastle.asn1.x500.DirectoryString;
-
-public class ProfessionInfoUnitTest
-    extends ASN1UnitTest
-{
-    public String getName()
-    {
-        return "ProfessionInfo";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        NamingAuthority auth =  new NamingAuthority(new ASN1ObjectIdentifier("1.2.3"), "url", new DirectoryString("fred"));
-        DirectoryString[] professionItems = { new DirectoryString("substitution") };
-        ASN1ObjectIdentifier[] professionOids = { new ASN1ObjectIdentifier("1.2.3") };
-        String registrationNumber = "12345";
-        DEROctetString addProfInfo = new DEROctetString(new byte[20]);
-
-        ProfessionInfo info = new ProfessionInfo(auth, professionItems, professionOids, registrationNumber, addProfInfo);
-
-        checkConstruction(info, auth, professionItems, professionOids, registrationNumber, addProfInfo);
-
-        info = new ProfessionInfo(null, professionItems, professionOids, registrationNumber, addProfInfo);
-
-        checkConstruction(info, null, professionItems, professionOids, registrationNumber, addProfInfo);
-
-        info = new ProfessionInfo(auth, professionItems, null, registrationNumber, addProfInfo);
-
-        checkConstruction(info, auth, professionItems, null, registrationNumber, addProfInfo);
-
-        info = new ProfessionInfo(auth, professionItems, professionOids, null, addProfInfo);
-
-        checkConstruction(info, auth, professionItems, professionOids, null, addProfInfo);
-
-        info = new ProfessionInfo(auth, professionItems, professionOids, registrationNumber, null);
-
-        checkConstruction(info, auth, professionItems, professionOids, registrationNumber, null);
-
-        info = ProfessionInfo.getInstance(null);
-
-        if (info != null)
-        {
-            fail("null getInstance() failed.");
-        }
-
-        try
-        {
-            ProcurationSyntax.getInstance(new Object());
-
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void checkConstruction(
-        ProfessionInfo profInfo,
-        NamingAuthority auth,
-        DirectoryString[] professionItems,
-        ASN1ObjectIdentifier[] professionOids,
-        String registrationNumber,
-        DEROctetString addProfInfo)
-        throws IOException
-    {
-        checkValues(profInfo, auth, professionItems, professionOids, registrationNumber, addProfInfo);
-
-        profInfo = ProfessionInfo.getInstance(profInfo);
-
-        checkValues(profInfo, auth, professionItems, professionOids, registrationNumber, addProfInfo);
-
-        ASN1InputStream aIn = new ASN1InputStream(profInfo.toASN1Primitive().getEncoded());
-
-        ASN1Sequence seq = (ASN1Sequence)aIn.readObject();
-
-        profInfo = ProfessionInfo.getInstance(seq);
-
-        checkValues(profInfo, auth, professionItems, professionOids, registrationNumber, addProfInfo);
-    }
-
-    private void checkValues(
-        ProfessionInfo profInfo,
-        NamingAuthority auth,
-        DirectoryString[] professionItems,
-        ASN1ObjectIdentifier[] professionOids,
-        String registrationNumber,
-        DEROctetString addProfInfo)
-    {
-        checkOptionalField("auth", auth, profInfo.getNamingAuthority());
-        checkMandatoryField("professionItems", professionItems[0], profInfo.getProfessionItems()[0]);
-        if (professionOids != null)
-        {
-            checkOptionalField("professionOids", professionOids[0], profInfo.getProfessionOIDs()[0]);
-        }
-        checkOptionalField("registrationNumber", registrationNumber, profInfo.getRegistrationNumber());
-        checkOptionalField("addProfessionInfo", addProfInfo, profInfo.getAddProfessionInfo());
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new ProfessionInfoUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/PublishTrustAnchorsTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/PublishTrustAnchorsTest.java
deleted file mode 100644
index 19a1480..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/PublishTrustAnchorsTest.java
+++ /dev/null

@@ -1,51 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cmc.PublishTrustAnchors;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-public class PublishTrustAnchorsTest
-    extends SimpleTest
-{
-    public static void main(String[] args)
-    {
-        runTest(new PublishTrustAnchorsTest());
-    }
-
-    public String getName()
-    {
-        return "PublishTrustAnchorsTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        PublishTrustAnchors publishTrustAnchors = new PublishTrustAnchors(
-            new BigInteger("10"), new AlgorithmIdentifier(PKCSObjectIdentifiers.crlTypes,
-            new ASN1Integer(5L)), new byte[][]{"cats".getBytes()});
-
-        byte[] b = publishTrustAnchors.getEncoded();
-
-        PublishTrustAnchors publishTrustAnchorsResult = PublishTrustAnchors.getInstance(b);
-
-        isEquals("seqNumber", publishTrustAnchors.getSeqNumber(), publishTrustAnchorsResult.getSeqNumber());
-        isEquals("hashAlgorithm", publishTrustAnchors.getHashAlgorithm(), publishTrustAnchorsResult.getHashAlgorithm());
-        isTrue("anchorHashes", areEqual(publishTrustAnchors.getAnchorHashes(), publishTrustAnchorsResult.getAnchorHashes()));
-
-        try
-        {
-            PublishTrustAnchors.getInstance(new DERSequence());
-            fail("Sequence must be 3");
-        }
-        catch (Throwable t)
-        {
-            isEquals("Expect IllegalArgumentException", t.getClass(), IllegalArgumentException.class);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/QCStatementUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/QCStatementUnitTest.java
deleted file mode 100644
index 2b5d427..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/QCStatementUnitTest.java
+++ /dev/null

@@ -1,104 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.x509.qualified.QCStatement;
-import org.bouncycastle.asn1.x509.qualified.RFC3739QCObjectIdentifiers;
-import org.bouncycastle.asn1.x509.qualified.SemanticsInformation;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class QCStatementUnitTest 
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "QCStatement";
-    }
-
-    public void performTest() 
-        throws Exception
-    {
-        QCStatement mv = new QCStatement(RFC3739QCObjectIdentifiers.id_qcs_pkixQCSyntax_v1);
-
-        checkConstruction(mv, RFC3739QCObjectIdentifiers.id_qcs_pkixQCSyntax_v1, null);
-        
-        ASN1Encodable info = new SemanticsInformation(new ASN1ObjectIdentifier("1.2"));
-        
-        mv = new QCStatement(RFC3739QCObjectIdentifiers.id_qcs_pkixQCSyntax_v1, info);
-
-        checkConstruction(mv, RFC3739QCObjectIdentifiers.id_qcs_pkixQCSyntax_v1, info);
-        
-        mv = QCStatement.getInstance(null);
-        
-        if (mv != null)
-        {
-            fail("null getInstance() failed.");
-        }
-        
-        try
-        {
-            QCStatement.getInstance(new Object());
-            
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void checkConstruction(
-         QCStatement mv,
-         ASN1ObjectIdentifier statementId,
-         ASN1Encodable statementInfo) 
-         throws IOException
-    {
-        checkStatement(mv, statementId, statementInfo);
-        
-        mv = QCStatement.getInstance(mv);
-        
-        checkStatement(mv, statementId, statementInfo);
-        
-        ASN1InputStream aIn = new ASN1InputStream(mv.toASN1Primitive().getEncoded());
-
-        ASN1Sequence seq = (ASN1Sequence)aIn.readObject();
-        
-        mv = QCStatement.getInstance(seq);
-        
-        checkStatement(mv, statementId, statementInfo);
-    }
-
-    private void checkStatement(
-        QCStatement         qcs,
-        ASN1ObjectIdentifier statementId,
-        ASN1Encodable       statementInfo)
-        throws IOException
-    {
-        if (!qcs.getStatementId().equals(statementId))
-        {
-            fail("statementIds don't match.");
-        }
-        
-        if (statementInfo != null)
-        {
-            if (!qcs.getStatementInfo().equals(statementInfo))
-            {
-                fail("statementInfos don't match.");
-            }
-        }
-        else if (qcs.getStatementInfo() != null)
-        {
-            fail("statementInfo found when none expected.");
-        }
-    }
-    
-    public static void main(
-        String[]    args)
-    {
-        runTest(new QCStatementUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/RFC4519Test.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/RFC4519Test.java
deleted file mode 100644
index 8b8adae..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/RFC4519Test.java
+++ /dev/null

@@ -1,149 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x500.X500NameStyle;
-import org.bouncycastle.asn1.x500.style.RFC4519Style;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class RFC4519Test
-    extends SimpleTest
-{
-    static String[] attributeTypes =
-        {
-            "businessCategory",
-            "c",
-            "cn",
-            "dc",
-            "description",
-            "destinationIndicator",
-            "distinguishedName",
-            "dnQualifier",
-            "enhancedSearchGuide",
-            "facsimileTelephoneNumber",
-            "generationQualifier",
-            "givenName",
-            "houseIdentifier",
-            "initials",
-            "internationalISDNNumber",
-            "l",
-            "member",
-            "name",
-            "o",
-            "ou",
-            "owner",
-            "physicalDeliveryOfficeName",
-            "postalAddress",
-            "postalCode",
-            "postOfficeBox",
-            "preferredDeliveryMethod",
-            "registeredAddress",
-            "roleOccupant",
-            "searchGuide",
-            "seeAlso",
-            "serialNumber",
-            "sn",
-            "st",
-            "street",
-            "telephoneNumber",
-            "teletexTerminalIdentifier",
-            "telexNumber",
-            "title",
-            "uid",
-            "uniqueMember",
-            "userPassword",
-            "x121Address",
-            "x500UniqueIdentifier"
-        };
-
-    static ASN1ObjectIdentifier[] attributeTypeOIDs =
-        {
-            new ASN1ObjectIdentifier("2.5.4.15"),
-            new ASN1ObjectIdentifier("2.5.4.6"),
-            new ASN1ObjectIdentifier("2.5.4.3"),
-            new ASN1ObjectIdentifier("0.9.2342.19200300.100.1.25"),
-            new ASN1ObjectIdentifier("2.5.4.13"),
-            new ASN1ObjectIdentifier("2.5.4.27"),
-            new ASN1ObjectIdentifier("2.5.4.49"),
-            new ASN1ObjectIdentifier("2.5.4.46"),
-            new ASN1ObjectIdentifier("2.5.4.47"),
-            new ASN1ObjectIdentifier("2.5.4.23"),
-            new ASN1ObjectIdentifier("2.5.4.44"),
-            new ASN1ObjectIdentifier("2.5.4.42"),
-            new ASN1ObjectIdentifier("2.5.4.51"),
-            new ASN1ObjectIdentifier("2.5.4.43"),
-            new ASN1ObjectIdentifier("2.5.4.25"),
-            new ASN1ObjectIdentifier("2.5.4.7"),
-            new ASN1ObjectIdentifier("2.5.4.31"),
-            new ASN1ObjectIdentifier("2.5.4.41"),
-            new ASN1ObjectIdentifier("2.5.4.10"),
-            new ASN1ObjectIdentifier("2.5.4.11"),
-            new ASN1ObjectIdentifier("2.5.4.32"),
-            new ASN1ObjectIdentifier("2.5.4.19"),
-            new ASN1ObjectIdentifier("2.5.4.16"),
-            new ASN1ObjectIdentifier("2.5.4.17"),
-            new ASN1ObjectIdentifier("2.5.4.18"),
-            new ASN1ObjectIdentifier("2.5.4.28"),
-            new ASN1ObjectIdentifier("2.5.4.26"),
-            new ASN1ObjectIdentifier("2.5.4.33"),
-            new ASN1ObjectIdentifier("2.5.4.14"),
-            new ASN1ObjectIdentifier("2.5.4.34"),
-            new ASN1ObjectIdentifier("2.5.4.5"),
-            new ASN1ObjectIdentifier("2.5.4.4"),
-            new ASN1ObjectIdentifier("2.5.4.8"),
-            new ASN1ObjectIdentifier("2.5.4.9"),
-            new ASN1ObjectIdentifier("2.5.4.20"),
-            new ASN1ObjectIdentifier("2.5.4.22"),
-            new ASN1ObjectIdentifier("2.5.4.21"),
-            new ASN1ObjectIdentifier("2.5.4.12"),
-            new ASN1ObjectIdentifier("0.9.2342.19200300.100.1.1"),
-            new ASN1ObjectIdentifier("2.5.4.50"),
-            new ASN1ObjectIdentifier("2.5.4.35"),
-            new ASN1ObjectIdentifier("2.5.4.24"),
-            new ASN1ObjectIdentifier("2.5.4.45")
-        };
-
-    public String getName()
-    {
-        return "RFC4519Test";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        X500NameStyle style = RFC4519Style.INSTANCE;
-
-        for (int i = 0; i != attributeTypes.length; i++)
-        {
-            if (!attributeTypeOIDs[i].equals(style.attrNameToOID(attributeTypes[i])))
-            {
-                fail("mismatch for " + attributeTypes[i]);
-            }
-        }
-
-        byte[] enc = Hex.decode("305e310b300906035504061302415531283026060355040a0c1f546865204c6567696f6e206f662074686520426f756e637920436173746c653125301006035504070c094d656c626f75726e653011060355040b0c0a4173636f742056616c65");
-
-        X500Name n = X500Name.getInstance(style, X500Name.getInstance(enc));
-
-        if (!n.toString().equals("l=Melbourne+ou=Ascot Vale,o=The Legion of the Bouncy Castle,c=AU"))
-        {
-            fail("Failed composite to string test got: " + n.toString());
-        }
-
-        n = new X500Name(style, "l=Melbourne+ou=Ascot Vale,o=The Legion of the Bouncy Castle,c=AU");
-
-        if (!Arrays.areEqual(n.getEncoded(), enc))
-        {
-            fail("re-encoding test after parse failed");
-        }
-    }
-
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new RFC4519Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/ReasonFlagsTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/ReasonFlagsTest.java
deleted file mode 100644
index ebfd126..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/ReasonFlagsTest.java
+++ /dev/null

@@ -1,35 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.x509.ReasonFlags;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class ReasonFlagsTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "ReasonFlags";
-    }
-
-    public void performTest()
-        throws IOException
-    {
-        BitStringConstantTester.testFlagValueCorrect(0, ReasonFlags.unused);
-        BitStringConstantTester.testFlagValueCorrect(1, ReasonFlags.keyCompromise);
-        BitStringConstantTester.testFlagValueCorrect(2, ReasonFlags.cACompromise);
-        BitStringConstantTester.testFlagValueCorrect(3, ReasonFlags.affiliationChanged);
-        BitStringConstantTester.testFlagValueCorrect(4, ReasonFlags.superseded);
-        BitStringConstantTester.testFlagValueCorrect(5, ReasonFlags.cessationOfOperation);
-        BitStringConstantTester.testFlagValueCorrect(6, ReasonFlags.certificateHold);
-        BitStringConstantTester.testFlagValueCorrect(7, ReasonFlags.privilegeWithdrawn);
-        BitStringConstantTester.testFlagValueCorrect(8, ReasonFlags.aACompromise);
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new ReasonFlagsTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/RegressionTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/RegressionTest.java
deleted file mode 100644
index 2106cf0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/RegressionTest.java
+++ /dev/null

@@ -1,100 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-public class RegressionTest
-{
-    public static Test[]    tests = {
-        new InputStreamTest(),
-        new EqualsAndHashCodeTest(),
-        new TagTest(),
-        new SetTest(),
-        new ASN1IntegerTest(),
-        new DERUTF8StringTest(),
-        new CertificateTest(),
-        new GenerationTest(),
-        new CMSTest(),
-        new OCSPTest(),
-        new OIDTest(),
-        new PKCS10Test(),
-        new PKCS12Test(),
-        new X509NameTest(),
-        new X500NameTest(),
-        new X509ExtensionsTest(),
-        new GeneralizedTimeTest(),
-        new BitStringTest(),
-        new MiscTest(),
-        new SMIMETest(),
-        new X9Test(),
-        new MonetaryValueUnitTest(),
-        new BiometricDataUnitTest(),
-        new Iso4217CurrencyCodeUnitTest(),
-        new SemanticsInformationUnitTest(),
-        new QCStatementUnitTest(),
-        new TypeOfBiometricDataUnitTest(),
-        new SignerLocationUnitTest(),
-        new CommitmentTypeQualifierUnitTest(),
-        new CommitmentTypeIndicationUnitTest(),
-        new EncryptedPrivateKeyInfoTest(),
-        new DataGroupHashUnitTest(),
-        new LDSSecurityObjectUnitTest(),
-        new CscaMasterListTest(),
-        new AttributeTableUnitTest(),
-        new ReasonFlagsTest(),
-        new NetscapeCertTypeTest(),
-        new PKIFailureInfoTest(),
-        new KeyUsageTest(),
-        new StringTest(),
-        new UTCTimeTest(),
-        new RequestedCertificateUnitTest(),
-        new OtherCertIDUnitTest(),
-        new OtherSigningCertificateUnitTest(),
-        new ContentHintsUnitTest(),
-        new CertHashUnitTest(),
-        new AdditionalInformationSyntaxUnitTest(),
-        new AdmissionSyntaxUnitTest(),
-        new AdmissionsUnitTest(),
-        new DeclarationOfMajorityUnitTest(),
-        new ProcurationSyntaxUnitTest(),
-        new ProfessionInfoUnitTest(),
-        new RestrictionUnitTest(),
-        new NamingAuthorityUnitTest(),
-        new MonetaryLimitUnitTest(),
-        new NameOrPseudonymUnitTest(),
-        new PersonalDataUnitTest(),
-        new DERApplicationSpecificTest(),
-        new IssuingDistributionPointUnitTest(),
-        new TargetInformationTest(),
-        new SubjectKeyIdentifierTest(),
-        new ESSCertIDv2UnitTest(),
-        new ParsingTest(),
-        new GeneralNameTest(),
-        new ObjectIdentifierTest(),
-        new RFC4519Test(),
-        new PolicyConstraintsTest(),
-        new PollReqContentTest(),
-        new DhSigStaticTest(),
-        new PKIPublicationInfoTest(),
-        new CertifiedKeyPairTest(),
-        new PrivateKeyInfoTest(),
-        new LocaleTest()
-    };
-
-    public static void main(
-        String[]    args)
-    {
-        for (int i = 0; i != tests.length; i++)
-        {
-            TestResult  result = tests[i].perform();
-            
-            if (result.getException() != null)
-            {
-                result.getException().printStackTrace();
-            }
-            
-            System.out.println(result);
-        }
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/RequestedCertificateUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/RequestedCertificateUnitTest.java
deleted file mode 100644
index 385b9f8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/RequestedCertificateUnitTest.java
+++ /dev/null

@@ -1,108 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.isismtt.ocsp.RequestedCertificate;
-import org.bouncycastle.asn1.x509.Certificate;
-import org.bouncycastle.util.encoders.Base64;
-
-public class RequestedCertificateUnitTest
-    extends ASN1UnitTest
-{
-   byte[]  certBytes = Base64.decode(
-           "MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV"
-         + "BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz"
-         + "MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM"
-         + "RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF"
-         + "AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO"
-         + "/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE"
-         + "Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ"
-         + "zl9HYIMxATFyqSiD9jsx");
-
-    public String getName()
-    {
-        return "RequestedCertificate";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        int type = 1;
-        byte[] certOctets = new byte[20];
-        Certificate cert = Certificate.getInstance(certBytes);
-
-        RequestedCertificate requested = new RequestedCertificate(type, certOctets);
-
-        checkConstruction(requested, type, certOctets, null);
-
-        requested = new RequestedCertificate(cert);
-
-        checkConstruction(requested, RequestedCertificate.certificate, null, cert);
-
-        requested = RequestedCertificate.getInstance(null);
-
-        if (requested != null)
-        {
-            fail("null getInstance() failed.");
-        }
-
-        try
-        {
-            RequestedCertificate.getInstance(new Object());
-
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void checkConstruction(
-        RequestedCertificate requested,
-        int type,
-        byte[] certOctets,
-        Certificate cert)
-        throws IOException
-    {
-        checkValues(requested, type, certOctets, cert);
-
-        requested = RequestedCertificate.getInstance(requested);
-
-        checkValues(requested, type, certOctets, cert);
-
-        ASN1InputStream aIn = new ASN1InputStream(requested.toASN1Primitive().getEncoded());
-
-        Object obj = aIn.readObject();
-
-        requested = RequestedCertificate.getInstance(obj);
-
-        checkValues(requested, type, certOctets, cert);
-    }
-
-    private void checkValues(
-        RequestedCertificate requested,
-        int type,
-        byte[] certOctets,
-        Certificate cert)
-        throws IOException
-    {
-        checkMandatoryField("certType", type, requested.getType());
-
-        if (requested.getType() == RequestedCertificate.certificate)
-        {
-            checkMandatoryField("certificate", cert.getEncoded(), requested.getCertificateBytes());
-        }
-        else
-        {
-            checkMandatoryField("certificateOctets", certOctets, requested.getCertificateBytes());
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new RequestedCertificateUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/RestrictionUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/RestrictionUnitTest.java
deleted file mode 100644
index 8330030..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/RestrictionUnitTest.java
+++ /dev/null

@@ -1,70 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1String;
-import org.bouncycastle.asn1.isismtt.x509.Restriction;
-import org.bouncycastle.asn1.x500.DirectoryString;
-
-public class RestrictionUnitTest
-    extends ASN1UnitTest
-{
-    public String getName()
-    {
-        return "Restriction";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        DirectoryString res = new DirectoryString("test");
-        Restriction restriction = new Restriction(res.getString());
-
-        checkConstruction(restriction, res);
-
-        try
-        {
-            Restriction.getInstance(new Object());
-
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void checkConstruction(
-        Restriction restriction,
-        DirectoryString res)
-        throws IOException
-    {
-        checkValues(restriction, res);
-
-        restriction = Restriction.getInstance(restriction);
-
-        checkValues(restriction, res);
-
-        ASN1InputStream aIn = new ASN1InputStream(restriction.toASN1Primitive().getEncoded());
-
-        ASN1String str = (ASN1String)aIn.readObject();
-
-        restriction = Restriction.getInstance(str);
-
-        checkValues(restriction, res);
-    }
-
-    private void checkValues(
-        Restriction restriction,
-        DirectoryString res)
-    {
-        checkMandatoryField("restriction", res, restriction.getRestriction());
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new RestrictionUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/RevokeRequestTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/RevokeRequestTest.java
deleted file mode 100644
index ef03771..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/RevokeRequestTest.java
+++ /dev/null

@@ -1,93 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.util.Date;
-
-import org.bouncycastle.asn1.ASN1Enumerated;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.asn1.cmc.RevokeRequest;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x500.X500NameBuilder;
-import org.bouncycastle.asn1.x500.style.BCStyle;
-import org.bouncycastle.asn1.x509.CRLReason;
-import org.bouncycastle.util.Pack;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-public class RevokeRequestTest
-    extends SimpleTest
-{
-    public static void main(String[] args)
-    {
-        runTest(new RevokeRequestTest());
-    }
-
-    public String getName()
-    {
-        return "RevokeRequestTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-
-
-        X500NameBuilder builder = new X500NameBuilder();
-        builder.addRDN(BCStyle.OU, "Bouncycastle");
-
-        X500Name name = builder.build();
-
-        for (int t = 0; t < 8; t++)
-        {
-            ASN1GeneralizedTime invalidityDate = null;
-            ASN1OctetString passphrase = null;
-            DERUTF8String comment = null;
-
-            if ((t & 1) == 1)
-            {
-                invalidityDate = new ASN1GeneralizedTime(new Date());
-            }
-            if ((t & 2) == 2)
-            {
-                passphrase = new DEROctetString(Pack.longToBigEndian(System.currentTimeMillis()));
-            }
-            if ((t & 4) == 4)
-            {
-                comment = new DERUTF8String("T" + Long.toOctalString(System.currentTimeMillis()));
-            }
-
-            RevokeRequest rr = new RevokeRequest(
-                name,
-                new ASN1Integer(12L),
-                CRLReason.getInstance(new ASN1Enumerated(CRLReason.certificateHold)),
-                invalidityDate,
-                passphrase,
-                comment);
-            byte[] b = rr.getEncoded();
-            RevokeRequest rrResp = RevokeRequest.getInstance(b);
-
-            isEquals("issuerName", rr.getName(), rrResp.getName());
-            isEquals("serialNumber", rr.getSerialNumber(), rrResp.getSerialNumber());
-            isEquals("reason", rr.getReason(), rrResp.getReason());
-            isEquals("invalidityDate", rr.getInvalidityDate(), rrResp.getInvalidityDate());
-            isTrue("passphrase", areEqual(rr.getPassPhrase(), rrResp.getPassPhrase()));
-            isEquals("comment", rr.getComment(), rrResp.getComment());
-
-        }
-
-        try
-        {
-            RevokeRequest.getInstance(new DERSequence());
-            fail("Sequence is less that 3");
-        }
-        catch (Throwable t)
-        {
-            isEquals("Exception type", t.getClass(), IllegalArgumentException.class);
-        }
-
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/SMIMETest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/SMIMETest.java
deleted file mode 100644
index 44d6b1c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/SMIMETest.java
+++ /dev/null

@@ -1,109 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.ByteArrayInputStream;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DERGeneralizedTime;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.cms.RecipientKeyIdentifier;
-import org.bouncycastle.asn1.smime.SMIMECapabilitiesAttribute;
-import org.bouncycastle.asn1.smime.SMIMECapability;
-import org.bouncycastle.asn1.smime.SMIMECapabilityVector;
-import org.bouncycastle.asn1.smime.SMIMEEncryptionKeyPreferenceAttribute;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-public class SMIMETest
-    implements Test
-{
-    byte[] attrBytes = Base64.decode("MDQGCSqGSIb3DQEJDzEnMCUwCgYIKoZIhvcNAwcwDgYIKoZIhvcNAwICAgCAMAcGBSsOAwIH");
-    byte[] prefBytes = Base64.decode("MCwGCyqGSIb3DQEJEAILMR2hGwQIAAAAAAAAAAAYDzIwMDcwMzE1MTczNzI5Wg==");
-
-    private boolean isSameAs(
-        byte[]  a,
-        byte[]  b)
-    {
-        if (a.length != b.length)
-        {
-            return false;
-        }
-        
-        for (int i = 0; i != a.length; i++)
-        {
-            if (a[i] != b[i])
-            {
-                return false;
-            }
-        }
-        
-        return true;
-    }
-    
-    public TestResult perform()
-    {
-        SMIMECapabilityVector       caps = new SMIMECapabilityVector();
-                
-        caps.addCapability(SMIMECapability.dES_EDE3_CBC);
-        caps.addCapability(SMIMECapability.rC2_CBC, 128);
-        caps.addCapability(SMIMECapability.dES_CBC);
-                
-        SMIMECapabilitiesAttribute attr = new SMIMECapabilitiesAttribute(caps);
-        
-        SMIMEEncryptionKeyPreferenceAttribute   pref = new SMIMEEncryptionKeyPreferenceAttribute(
-                                                  new RecipientKeyIdentifier(new DEROctetString(new byte[8]), new DERGeneralizedTime("20070315173729Z"), null));
-        
-        try
-        {
-            if (!isSameAs(attr.getEncoded(), attrBytes))
-            {
-                return new SimpleTestResult(false, getName() + ": Failed attr data check");
-            }
-            
-            ByteArrayInputStream    bIn = new ByteArrayInputStream(attrBytes);
-            ASN1InputStream         aIn = new ASN1InputStream(bIn);
-            
-            ASN1Primitive o = aIn.readObject();
-            if (!attr.equals(o))
-            {
-                return new SimpleTestResult(false, getName() + ": Failed equality test for attr");
-            }
-            
-            if (!isSameAs(pref.getEncoded(), prefBytes))
-            {
-                return new SimpleTestResult(false, getName() + ": Failed attr data check");
-            }
-            
-            bIn = new ByteArrayInputStream(prefBytes);
-            aIn = new ASN1InputStream(bIn);
-            
-            o = aIn.readObject();
-            if (!pref.equals(o))
-            {
-                return new SimpleTestResult(false, getName() + ": Failed equality test for pref");
-            }
-            
-            return new SimpleTestResult(true, getName() + ": Okay");
-        }
-        catch (Exception e)
-        {
-            return new SimpleTestResult(false, getName() + ": Failed - exception " + e.toString(), e);
-        }
-    }
-
-    public String getName()
-    {
-        return "SMIME";
-    }
-
-    public static void main(
-        String[] args)
-    {
-        SMIMETest    test = new SMIMETest();
-        TestResult      result = test.perform();
-
-        System.out.println(result);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/SemanticsInformationUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/SemanticsInformationUnitTest.java
deleted file mode 100644
index 9957a92..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/SemanticsInformationUnitTest.java
+++ /dev/null

@@ -1,135 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.qualified.SemanticsInformation;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class SemanticsInformationUnitTest 
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "SemanticsInformation";
-    }
-
-    public void performTest() 
-        throws Exception
-    {
-        ASN1ObjectIdentifier statementId = new ASN1ObjectIdentifier("1.1");
-        SemanticsInformation mv = new SemanticsInformation(statementId);
-
-        checkConstruction(mv, statementId, null);
-        
-        GeneralName[] names = new GeneralName[2];
-        
-        names[0] = new GeneralName(GeneralName.rfc822Name, "test@test.org");
-        names[1] = new GeneralName(new X500Name("cn=test"));
-        
-        mv = new SemanticsInformation(statementId, names);
-
-        checkConstruction(mv, statementId, names);
-        
-        mv = new SemanticsInformation(names);
-
-        checkConstruction(mv, null, names);
-        
-        mv = SemanticsInformation.getInstance(null);
-        
-        if (mv != null)
-        {
-            fail("null getInstance() failed.");
-        }
-        
-        try
-        {
-            SemanticsInformation.getInstance(new Object());
-            
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-        
-        try
-        {
-            ASN1EncodableVector v = new ASN1EncodableVector();
-            
-            SemanticsInformation.getInstance(new DERSequence(v));
-            
-            fail("constructor failed to detect empty sequence.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void checkConstruction(
-        SemanticsInformation mv,
-        ASN1ObjectIdentifier  semanticsIdentifier,
-        GeneralName[]        names)
-        throws Exception
-    {
-        checkStatement(mv, semanticsIdentifier, names);
-        
-        mv = SemanticsInformation.getInstance(mv);
-        
-        checkStatement(mv, semanticsIdentifier, names);
-        
-        ASN1InputStream aIn = new ASN1InputStream(mv.toASN1Primitive().getEncoded());
-        
-        ASN1Sequence seq = (ASN1Sequence)aIn.readObject();
-
-        mv = SemanticsInformation.getInstance(seq);
-        
-        checkStatement(mv, semanticsIdentifier, names);
-    }
-
-    private void checkStatement(
-        SemanticsInformation si,
-        ASN1ObjectIdentifier  id,
-        GeneralName[]        names)
-    {
-        if (id != null)
-        {
-            if (!si.getSemanticsIdentifier().equals(id))
-            {
-                fail("ids don't match.");
-            }
-        }
-        else if (si.getSemanticsIdentifier() != null)
-        {
-            fail("statementId found when none expected.");
-        }
-        
-        if (names != null)
-        {
-            GeneralName[] siNames = si.getNameRegistrationAuthorities();
-            
-            for (int i = 0; i != siNames.length; i++)
-            {
-                if (!names[i].equals(siNames[i]))
-                {
-                    fail("name registration authorities don't match.");
-                }
-            }
-        }
-        else if (si.getNameRegistrationAuthorities() != null)
-        {
-            fail("name registration authorities found when none expected.");
-        }
-    }
-    
-    public static void main(
-        String[]    args)
-    {
-        runTest(new SemanticsInformationUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/SetTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/SetTest.java
deleted file mode 100644
index 9e568a9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/SetTest.java
+++ /dev/null

@@ -1,115 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.ASN1Boolean;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.BERSet;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Set sorting test example
- */
-public class SetTest
-    extends SimpleTest
-{
-
-    public String getName()
-    {
-        return "Set";
-    }
-
-    private void checkedSortedSet(int attempt, ASN1Set s)
-    {
-        if (s.getObjectAt(0) instanceof ASN1Boolean
-            && s.getObjectAt(1) instanceof ASN1Integer
-            && s.getObjectAt(2) instanceof DERBitString
-            && s.getObjectAt(3) instanceof DEROctetString)
-        {
-            return;
-        }
-
-        fail("sorting failed on attempt: " + attempt);
-    }
-
-    public void performTest()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        byte[] data = new byte[10];
-
-        v.add(new DEROctetString(data));
-        v.add(new DERBitString(data));
-        v.add(new ASN1Integer(100));
-        v.add(ASN1Boolean.getInstance(true));
-
-        checkedSortedSet(0, new DERSet(v));
-
-        v = new ASN1EncodableVector();
-        v.add(new ASN1Integer(100));
-        v.add(ASN1Boolean.getInstance(true));
-        v.add(new DEROctetString(data));
-        v.add(new DERBitString(data));
-
-        checkedSortedSet(1, new DERSet(v));
-
-        v = new ASN1EncodableVector();
-        v.add(ASN1Boolean.getInstance(true));
-        v.add(new DEROctetString(data));
-        v.add(new DERBitString(data));
-        v.add(new ASN1Integer(100));
-
-
-        checkedSortedSet(2, new DERSet(v));
-
-        v = new ASN1EncodableVector();
-        v.add(new DERBitString(data));
-        v.add(new DEROctetString(data));
-        v.add(new ASN1Integer(100));
-        v.add(ASN1Boolean.getInstance(true));
-
-        checkedSortedSet(3, new DERSet(v));
-
-        v = new ASN1EncodableVector();
-        v.add(new DEROctetString(data));
-        v.add(new DERBitString(data));
-        v.add(new ASN1Integer(100));
-        v.add(ASN1Boolean.getInstance(true));
-
-        ASN1Set s = new BERSet(v);
-
-        if (!(s.getObjectAt(0) instanceof DEROctetString))
-        {
-            fail("BER set sort order changed.");
-        }
-
-        // create an implicitly tagged "set" without sorting
-        ASN1TaggedObject tag = new DERTaggedObject(false, 1, new DERSequence(v));
-        s = ASN1Set.getInstance(tag, false);
-
-        if (s.getObjectAt(0) instanceof ASN1Boolean)
-        {
-            fail("sorted when shouldn't be.");
-        }
-
-        // equality test
-        v = new ASN1EncodableVector();
-
-        v.add(ASN1Boolean.getInstance(true));
-        v.add(ASN1Boolean.getInstance(true));
-        v.add(ASN1Boolean.getInstance(true));
-
-        s = new DERSet(v);
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new SetTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/SignerLocationUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/SignerLocationUnitTest.java
deleted file mode 100644
index 29dcd06..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/SignerLocationUnitTest.java
+++ /dev/null

@@ -1,198 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.asn1.esf.SignerLocation;
-import org.bouncycastle.asn1.x500.DirectoryString;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class SignerLocationUnitTest 
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "SignerLocation";
-    }
-
-    public void performTest() 
-        throws Exception
-    {
-        DERUTF8String countryName = new DERUTF8String("Australia");
-        
-        SignerLocation sl = new SignerLocation(countryName, null, null);
-
-        checkConstruction(sl, DirectoryString.getInstance(countryName), null, null);
-
-        DERUTF8String localityName = new DERUTF8String("Melbourne");
-        
-        sl = new SignerLocation(null, localityName, null);
-
-        checkConstruction(sl, null, DirectoryString.getInstance(localityName), null);
-        
-        sl = new SignerLocation(countryName, localityName, null);
-
-        checkConstruction(sl, DirectoryString.getInstance(countryName), DirectoryString.getInstance(localityName), null);
-        
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        
-        v.add(new DERUTF8String("line 1"));
-        v.add(new DERUTF8String("line 2"));
-        
-        ASN1Sequence postalAddress = new DERSequence(v);
-        
-        sl = new SignerLocation(null, null, postalAddress);
-        
-        checkConstruction(sl, null, null, postalAddress);
-        
-        sl = new SignerLocation(countryName, null, postalAddress);
-        
-        checkConstruction(sl, DirectoryString.getInstance(countryName), null, postalAddress);
-        
-        sl = new SignerLocation(countryName, localityName, postalAddress);
-        
-        checkConstruction(sl, DirectoryString.getInstance(countryName), DirectoryString.getInstance(localityName), postalAddress);
-        
-        sl = SignerLocation.getInstance(null);
-        
-        if (sl != null)
-        {
-            fail("null getInstance() failed.");
-        }
-        
-        try
-        {
-            SignerLocation.getInstance(new Object());
-            
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-      
-        //
-        // out of range postal address
-        //
-        v = new ASN1EncodableVector();
-        
-        v.add(new DERUTF8String("line 1"));
-        v.add(new DERUTF8String("line 2"));
-        v.add(new DERUTF8String("line 3"));
-        v.add(new DERUTF8String("line 4"));
-        v.add(new DERUTF8String("line 5"));
-        v.add(new DERUTF8String("line 6"));
-        v.add(new DERUTF8String("line 7"));
-        
-        postalAddress = new DERSequence(v);
-        
-        try
-        {
-            new SignerLocation(null, null, postalAddress);
-            
-            fail("constructor failed to detect bad postalAddress.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-        
-        try
-        {
-            SignerLocation.getInstance(new DERSequence(new DERTaggedObject(2, postalAddress)));
-            
-            fail("sequence constructor failed to detect bad postalAddress.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-        
-        try
-        {
-            SignerLocation.getInstance(new DERSequence(new DERTaggedObject(5, postalAddress)));
-            
-            fail("sequence constructor failed to detect bad tag.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    private void checkConstruction(
-        SignerLocation sl,
-        DirectoryString  countryName,
-        DirectoryString  localityName,
-        ASN1Sequence   postalAddress) 
-        throws IOException
-    {
-        checkValues(sl, countryName, localityName, postalAddress);
-        
-        sl = SignerLocation.getInstance(sl);
-        
-        checkValues(sl, countryName, localityName, postalAddress);
-        
-        ASN1InputStream aIn = new ASN1InputStream(sl.toASN1Primitive().getEncoded());
-
-        ASN1Sequence seq = (ASN1Sequence)aIn.readObject();
-        
-        sl = SignerLocation.getInstance(seq);
-        
-        checkValues(sl, countryName, localityName, postalAddress);
-    }
-    
-    private void checkValues(
-        SignerLocation sl,
-        DirectoryString countryName,
-        DirectoryString  localityName,
-        ASN1Sequence   postalAddress)
-    {
-        if (countryName != null)
-        {
-            if (!countryName.equals(sl.getCountryName()))
-            {
-                fail("countryNames don't match.");
-            }
-        }
-        else if (sl.getCountryName() != null)
-        {
-            fail("countryName found when none expected.");
-        }
-        
-        if (localityName != null)
-        {
-            if (!localityName.equals(sl.getLocalityName()))
-            {
-                fail("localityNames don't match.");
-            }
-        }
-        else if (sl.getLocalityName() != null)
-        {
-            fail("localityName found when none expected.");
-        }
-        
-        if (postalAddress != null)
-        {
-            if (!postalAddress.equals(sl.getPostalAddress()))
-            {
-                fail("postalAddresses don't match.");
-            }
-        }
-        else if (sl.getPostalAddress() != null)
-        {
-            fail("postalAddress found when none expected.");
-        }
-    }
-    
-    public static void main(
-        String[]    args)
-    {
-        runTest(new SignerLocationUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/StringTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/StringTest.java
deleted file mode 100644
index 426c06a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/StringTest.java
+++ /dev/null

@@ -1,161 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1String;
-import org.bouncycastle.asn1.DERBMPString;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERGeneralString;
-import org.bouncycastle.asn1.DERIA5String;
-import org.bouncycastle.asn1.DERNumericString;
-import org.bouncycastle.asn1.DERPrintableString;
-import org.bouncycastle.asn1.DERT61String;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.asn1.DERUniversalString;
-import org.bouncycastle.asn1.DERVisibleString;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * X.690 test example
- */
-public class StringTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "String";
-    }
-
-    public void performTest()
-        throws IOException
-    {
-        DERBitString bs = new DERBitString(
-            new byte[] { (byte)0x01,(byte)0x23,(byte)0x45,(byte)0x67,(byte)0x89,(byte)0xab,(byte)0xcd,(byte)0xef });
-
-        if (!bs.getString().equals("#0309000123456789ABCDEF"))
-        {
-            fail("DERBitString.getString() result incorrect");
-        }
-
-        if (!bs.toString().equals("#0309000123456789ABCDEF"))
-        {
-            fail("DERBitString.toString() result incorrect");
-        }
-
-        bs = new DERBitString(
-            new byte[] { (byte)0xfe,(byte)0xdc,(byte)0xba,(byte)0x98,(byte)0x76,(byte)0x54,(byte)0x32,(byte)0x10 });
-
-        if (!bs.getString().equals("#030900FEDCBA9876543210"))
-        {
-            fail("DERBitString.getString() result incorrect");
-        }
-
-        if (!bs.toString().equals("#030900FEDCBA9876543210"))
-        {
-            fail("DERBitString.toString() result incorrect");
-        }
-
-        DERUniversalString us = new DERUniversalString(
-            new byte[] { (byte)0x01,(byte)0x23,(byte)0x45,(byte)0x67,(byte)0x89,(byte)0xab,(byte)0xcd,(byte)0xef });
-
-        if (!us.getString().equals("#1C080123456789ABCDEF"))
-        {
-            fail("DERUniversalString.getString() result incorrect");
-        }
-
-        if (!us.toString().equals("#1C080123456789ABCDEF"))
-        {
-            fail("DERUniversalString.toString() result incorrect");
-        }
-
-        us = new DERUniversalString(
-            new byte[] { (byte)0xfe,(byte)0xdc,(byte)0xba,(byte)0x98,(byte)0x76,(byte)0x54,(byte)0x32,(byte)0x10 });
-
-        if (!us.getString().equals("#1C08FEDCBA9876543210"))
-        {
-            fail("DERUniversalString.getString() result incorrect");
-        }
-
-        if (!us.toString().equals("#1C08FEDCBA9876543210"))
-        {
-            fail("DERUniversalString.toString() result incorrect");
-        }
-
-        byte[] t61Bytes = new byte[] { -1, -2, -3, -4, -5, -6, -7, -8 };
-        String t61String = new String(t61Bytes, "iso-8859-1");
-        DERT61String t61 = new DERT61String(Strings.fromByteArray(t61Bytes));
-
-        if (!t61.getString().equals(t61String))
-        {
-            fail("DERT61String.getString() result incorrect");
-        }
-
-        if (!t61.toString().equals(t61String))
-        {
-            fail("DERT61String.toString() result incorrect");
-        }
-
-        char[] shortChars = new char[] { 'a', 'b', 'c', 'd', 'e'};
-        char[] longChars = new char[1000];
-
-        for (int i = 0; i != longChars.length; i++)
-        {
-            longChars[i] = 'X';
-        }
-
-        checkString(new DERBMPString(new String(shortChars)), new DERBMPString(new String(longChars)));
-        checkString(new DERUTF8String(new String(shortChars)), new DERUTF8String(new String(longChars)));
-        checkString(new DERIA5String(new String(shortChars)), new DERIA5String(new String(longChars)));
-        checkString(new DERPrintableString(new String(shortChars)), new DERPrintableString(new String(longChars)));
-        checkString(new DERVisibleString(new String(shortChars)), new DERVisibleString(new String(longChars)));
-        checkString(new DERGeneralString(new String(shortChars)), new DERGeneralString(new String(longChars)));
-        checkString(new DERT61String(new String(shortChars)), new DERT61String(new String(longChars)));
-
-        shortChars = new char[] { '1', '2', '3', '4', '5'};
-        longChars = new char[1000];
-
-        for (int i = 0; i != longChars.length; i++)
-        {
-            longChars[i] = '1';
-        }
-
-        checkString(new DERNumericString(new String(shortChars)), new DERNumericString(new String(longChars)));
-
-        byte[] shortBytes = new byte[] { (byte)'a', (byte)'b', (byte)'c', (byte)'d', (byte)'e'};
-        byte[] longBytes = new byte[1000];
-
-        for (int i = 0; i != longChars.length; i++)
-        {
-            longBytes[i] = (byte)'X';
-        }
-
-        checkString(new DERUniversalString(shortBytes), new DERUniversalString(longBytes));
-
-    }
-
-    private void checkString(ASN1String shortString, ASN1String longString)
-        throws IOException
-    {
-        ASN1String short2 = (ASN1String)ASN1Primitive.fromByteArray(((ASN1Primitive)shortString).getEncoded());
-
-        if (!shortString.toString().equals(short2.toString()))
-        {
-            fail(short2.getClass().getName() + " shortBytes result incorrect");
-        }
-
-        ASN1String long2 = (ASN1String)ASN1Primitive.fromByteArray(((ASN1Primitive)longString).getEncoded());
-
-        if (!longString.toString().equals(long2.toString()))
-        {
-            fail(long2.getClass().getName() + " longBytes result incorrect");
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new StringTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/SubjectKeyIdentifierTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/SubjectKeyIdentifierTest.java
deleted file mode 100644
index 9887a31..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/SubjectKeyIdentifierTest.java
+++ /dev/null

@@ -1,48 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class SubjectKeyIdentifierTest
-    extends SimpleTest
-{
-    private static byte[] pubKeyInfo = Base64.decode(
-        "MFgwCwYJKoZIhvcNAQEBA0kAMEYCQQC6wMMmHYMZszT/7bNFMn+gaZoiWJLVP8ODRuu1C2jeAe" +
-        "QpxM+5Oe7PaN2GNy3nBE4EOYkB5pMJWA0y9n04FX8NAgED");
-
-    private static byte[] shaID = Hex.decode("d8128a06d6c2feb0865994a2936e7b75b836a021");
-    private static byte[] shaTruncID = Hex.decode("436e7b75b836a021");
-
-    public String getName()
-    {
-        return "SubjectKeyIdentifier";
-    }
-
-    public void performTest()
-        throws IOException
-    {
-//        SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(pubKeyInfo));
-//        SubjectKeyIdentifier ski = SubjectKeyIdentifier.createSHA1KeyIdentifier(pubInfo);
-//
-//        if (!Arrays.areEqual(shaID, ski.getKeyIdentifier()))
-//        {
-//            fail("SHA-1 ID does not match");
-//        }
-//
-//        ski = SubjectKeyIdentifier.createTruncatedSHA1KeyIdentifier(pubInfo);
-//
-//        if (!Arrays.areEqual(shaTruncID, ski.getKeyIdentifier()))
-//        {
-//            fail("truncated SHA-1 ID does not match");
-//        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new SubjectKeyIdentifierTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/TagTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/TagTest.java
deleted file mode 100644
index f06c87c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/TagTest.java
+++ /dev/null

@@ -1,114 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-import java.security.SecureRandom;
-
-import org.bouncycastle.asn1.ASN1ApplicationSpecific;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERApplicationSpecific;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-/**
- * X.690 test example
- */
-public class TagTest
-    extends SimpleTest
-{
-    byte[] longTagged = Base64.decode(
-                  "ZSRzIp8gEEZFRENCQTk4NzY1NDMyMTCfIQwyMDA2MDQwMTEyMzSUCCAFERVz"
-                + "A4kCAHEXGBkalAggBRcYGRqUCCAFZS6QAkRFkQlURUNITklLRVKSBQECAwQF"
-                + "kxAREhMUFRYXGBkalAggBREVcwOJAgBxFxgZGpQIIAUXGBkalAggBWUukAJE"
-                + "RZEJVEVDSE5JS0VSkgUBAgMEBZMQERITFBUWFxgZGpQIIAURFXMDiQIAcRcY"
-                + "GRqUCCAFFxgZGpQIIAVlLpACREWRCVRFQ0hOSUtFUpIFAQIDBAWTEBESExQV"
-                + "FhcYGRqUCCAFERVzA4kCAHEXGBkalAggBRcYGRqUCCAFFxgZGpQIIAUXGBka"
-                + "lAg=");
-
-    byte[] longAppSpecificTag = Hex.decode("5F610101");
-
-    public String getName()
-    {
-        return "Tag";
-    }
-    
-    public void performTest()
-        throws IOException
-    {
-        ASN1InputStream aIn = new ASN1InputStream(longTagged);
-
-        ASN1ApplicationSpecific app = (ASN1ApplicationSpecific)aIn.readObject();
-        
-        aIn = new ASN1InputStream(app.getContents());
-
-        app = (ASN1ApplicationSpecific)aIn.readObject();
-
-        aIn = new ASN1InputStream(app.getContents());
-
-        ASN1TaggedObject tagged = (ASN1TaggedObject)aIn.readObject();
-
-        if (tagged.getTagNo() != 32)
-        {
-            fail("unexpected tag value found - not 32");
-        }
-
-        tagged = (ASN1TaggedObject)ASN1Primitive.fromByteArray(tagged.getEncoded());
-
-        if (tagged.getTagNo() != 32)
-        {
-            fail("unexpected tag value found on recode - not 32");
-        }
-
-        tagged = (ASN1TaggedObject)aIn.readObject();
-
-        if (tagged.getTagNo() != 33)
-        {
-            fail("unexpected tag value found - not 33");
-        }
-
-        tagged = (ASN1TaggedObject)ASN1Primitive.fromByteArray(tagged.getEncoded());
-
-        if (tagged.getTagNo() != 33)
-        {
-            fail("unexpected tag value found on recode - not 33");
-        }
-
-        aIn = new ASN1InputStream(longAppSpecificTag);
-
-        app = (ASN1ApplicationSpecific)aIn.readObject();
-
-        if (app.getApplicationTag() != 97)
-        {
-            fail("incorrect tag number read");
-        }
-
-        app = (ASN1ApplicationSpecific)ASN1Primitive.fromByteArray(app.getEncoded());
-
-        if (app.getApplicationTag() != 97)
-        {
-            fail("incorrect tag number read on recode");
-        }
-
-        SecureRandom sr = new SecureRandom();
-        for (int i = 0; i < 100; ++i)
-        {
-            int testTag = sr.nextInt() >>> (1 + (sr.nextInt() >>> 1) % 26);
-            app = new DERApplicationSpecific(testTag, new byte[]{ 1 });
-            app = (ASN1ApplicationSpecific)ASN1Primitive.fromByteArray(app.getEncoded());
-
-            if (app.getApplicationTag() != testTag)
-            {
-                fail("incorrect tag number read on recode (random test value: " + testTag + ")");
-            }
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new TagTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/TaggedAttributeTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/TaggedAttributeTest.java
deleted file mode 100644
index a185399..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/TaggedAttributeTest.java
+++ /dev/null

@@ -1,82 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERIA5String;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.cmc.BodyPartID;
-import org.bouncycastle.asn1.cmc.CMCObjectIdentifiers;
-import org.bouncycastle.asn1.cmc.TaggedAttribute;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-public class TaggedAttributeTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "TaggedAttributeTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        //
-        // This creates and tests the various get instance  methods.
-        //
-        TaggedAttribute ta = new TaggedAttribute(
-            new BodyPartID(10L),
-            CMCObjectIdentifiers.id_cct_PKIData,
-            new DERSet(new DERIA5String("Cats")));
-
-        byte[] d = ta.getEncoded();
-
-        {
-            TaggedAttribute res1 = TaggedAttribute.getInstance(d);
-            isEquals(ta.getBodyPartID(), res1.getBodyPartID());
-            isEquals(ta.getAttrType(), res1.getAttrType());
-            isEquals(ta.getAttrValues().getObjectAt(0), res1.getAttrValues().getObjectAt(0));
-            isTrue(Arrays.areEqual(res1.getEncoded(), d));
-        }
-
-        //
-        // Where sequence is too short.
-        //
-        try
-        {
-            ASN1Sequence seq = new DERSequence(new ASN1Encodable[] { new BodyPartID(10) });
-
-            TaggedAttribute.getInstance(seq);
-            fail("no exception");
-        }
-        catch (IllegalArgumentException e)
-        {
-            isEquals("incorrect sequence size", e.getMessage());
-        }
-
-        //
-        // Where sequence is too long.
-        //
-        try
-        {
-            ASN1Sequence seq = new DERSequence(new ASN1Encodable[] { ta.getBodyPartID(), ta.getAttrType(), ta.getAttrValues(), new ASN1Integer(0)});
-
-            TaggedAttribute.getInstance(seq);
-            fail("no exception");
-        }
-        catch (IllegalArgumentException e)
-        {
-            isEquals("incorrect sequence size", e.getMessage());
-        }
-    }
-
-    public static void main(String[] args)
-        throws Exception
-    {
-        runTest(new TaggedAttributeTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/TaggedCertificationRequestTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/TaggedCertificationRequestTest.java
deleted file mode 100644
index d205588..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/TaggedCertificationRequestTest.java
+++ /dev/null

@@ -1,41 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.cmc.BodyPartID;
-import org.bouncycastle.asn1.cmc.CertificationRequest;
-import org.bouncycastle.asn1.cmc.TaggedCertificationRequest;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-public class TaggedCertificationRequestTest extends SimpleTest
-{
-    public static void main(String[] args) {
-        runTest(new TaggedCertificationRequestTest());
-    }
-
-    public String getName()
-    {
-        return "TaggedCertificationRequestTest";
-    }
-
-
-    private static byte[]    req1 = Base64.decode(
-        "MIHoMIGTAgEAMC4xDjAMBgNVBAMTBVRlc3QyMQ8wDQYDVQQKEwZBbmFUb20xCzAJBgNVBAYTAlNF"
-            +   "MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALlEt31Tzt2MlcOljvacJgzQVhmlMoqAOgqJ9Pgd3Gux"
-            +   "Z7/WcIlgW4QCB7WZT21O1YoghwBhPDMcNGrHei9kHQkCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA0EA"
-            +   "NDEI4ecNtJ3uHwGGlitNFq9WxcoZ0djbQJ5hABMotav6gtqlrwKXY2evaIrsNwkJtNdwwH18aQDU"
-            +   "KCjOuBL38Q==");
-
-
-    public void performTest()
-        throws Exception
-    {
-        CertificationRequest    r = CertificationRequest.getInstance(req1);
-        TaggedCertificationRequest tcr = new TaggedCertificationRequest(new BodyPartID(10L), r);
-
-        byte[] b = tcr.getEncoded();
-        TaggedCertificationRequest tcrResp = TaggedCertificationRequest.getInstance(b);
-
-        isEquals(tcrResp,tcr);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/TaggedContentInfoTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/TaggedContentInfoTest.java
deleted file mode 100644
index 699c5c6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/TaggedContentInfoTest.java
+++ /dev/null

@@ -1,49 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.asn1.cmc.BodyPartID;
-import org.bouncycastle.asn1.cmc.TaggedContentInfo;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class TaggedContentInfoTest
-    extends SimpleTest
-{
-    public static void main(String[] args)
-    {
-        runTest(new TaggedContentInfoTest());
-    }
-
-    public String getName()
-    {
-        return "TaggedContentInfoTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        TaggedContentInfo tci = new TaggedContentInfo(
-            new BodyPartID(10L),
-            new ContentInfo(PKCSObjectIdentifiers.pkcs_9_at_contentType, new DERUTF8String("Cats")));
-
-        byte[] b = tci.getEncoded();
-
-        TaggedContentInfo tciResp = TaggedContentInfo.getInstance(b);
-
-        isEquals("bodyPartID", tci.getBodyPartID(), tciResp.getBodyPartID());
-        isEquals("contentInfo", tci.getContentInfo(), tciResp.getContentInfo());
-
-        try
-        {
-            TaggedContentInfo.getInstance(new DERSequence());
-            fail("Sequence must be 2");
-        }
-        catch (Throwable t)
-        {
-            isEquals("Exception type", t.getClass(), IllegalArgumentException.class);
-        }
-
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/TaggedRequestTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/TaggedRequestTest.java
deleted file mode 100644
index 0a3d3cf..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/TaggedRequestTest.java
+++ /dev/null

@@ -1,111 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.cmc.BodyPartID;
-import org.bouncycastle.asn1.cmc.CertificationRequest;
-import org.bouncycastle.asn1.cmc.TaggedCertificationRequest;
-import org.bouncycastle.asn1.cmc.TaggedRequest;
-import org.bouncycastle.asn1.crmf.AttributeTypeAndValue;
-import org.bouncycastle.asn1.crmf.CertReqMsg;
-import org.bouncycastle.asn1.crmf.CertRequest;
-import org.bouncycastle.asn1.crmf.CertTemplate;
-import org.bouncycastle.asn1.crmf.Controls;
-import org.bouncycastle.asn1.crmf.POPOSigningKey;
-import org.bouncycastle.asn1.crmf.POPOSigningKeyInput;
-import org.bouncycastle.asn1.crmf.ProofOfPossession;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class TaggedRequestTest
-    extends SimpleTest
-{
-    public static void main(String[] args)
-    {
-        runTest(new TaggedRequestTest());
-    }
-
-    public String getName()
-    {
-        return "TaggedRequestTest";
-    }
-
-    private static byte[] req1 = Base64.decode(
-        "MIHoMIGTAgEAMC4xDjAMBgNVBAMTBVRlc3QyMQ8wDQYDVQQKEwZBbmFUb20xCzAJBgNVBAYTAlNF"
-            + "MFwwDQYJKoZIhvcNAQEBBQADSwAwSAJBALlEt31Tzt2MlcOljvacJgzQVhmlMoqAOgqJ9Pgd3Gux"
-            + "Z7/WcIlgW4QCB7WZT21O1YoghwBhPDMcNGrHei9kHQkCAwEAAaAAMA0GCSqGSIb3DQEBBQUAA0EA"
-            + "NDEI4ecNtJ3uHwGGlitNFq9WxcoZ0djbQJ5hABMotav6gtqlrwKXY2evaIrsNwkJtNdwwH18aQDU"
-            + "KCjOuBL38Q==");
-
-
-    public void performTest()
-        throws Exception
-    {
-        { // TaggedCertificationRequest
-            TaggedRequest tr = new TaggedRequest(
-                new TaggedCertificationRequest(
-                    new BodyPartID(10L),
-                    CertificationRequest.getInstance(req1))
-            );
-            byte[] b = tr.getEncoded();
-            TaggedRequest trResult = TaggedRequest.getInstance(b);
-            isEquals("Tag", tr.getTagNo(), trResult.getTagNo());
-            isEquals("Is TCR tag", TaggedRequest.TCR, tr.getTagNo());
-            isEquals("Value", tr.getValue(), trResult.getValue());
-        }
-
-        { // CertReqMsg
-
-            POPOSigningKeyInput pski = new POPOSigningKeyInput(
-                new GeneralName(GeneralName.rfc822Name, "fish"),
-                new SubjectPublicKeyInfo(new AlgorithmIdentifier(
-                    PKCSObjectIdentifiers.certBag,
-                    new ASN1Integer(5L)), new ASN1Integer(4L)
-                ));
-
-            AlgorithmIdentifier aid = new AlgorithmIdentifier(PKCSObjectIdentifiers.crlTypes, new ASN1Integer(1L));
-            DERBitString dbi = new DERBitString(2);
-
-            POPOSigningKey popoSigningKey = new POPOSigningKey(pski, aid, dbi);
-            ProofOfPossession proofOfPossession = new ProofOfPossession(new POPOSigningKey(pski, aid, dbi));
-
-            TaggedRequest tr = new TaggedRequest(
-                new CertReqMsg(new CertRequest(
-                    new ASN1Integer(1L),
-                    CertTemplate.getInstance(new DERSequence(new DERTaggedObject(0,new ASN1Integer(3L)))),
-                    new Controls(new AttributeTypeAndValue(PKCSObjectIdentifiers.pkcs_9,new ASN1Integer(3)))),
-                    proofOfPossession,
-                    new AttributeTypeAndValue[0])
-            );
-            byte[] b = tr.getEncoded();
-            TaggedRequest trResult = TaggedRequest.getInstance(b);
-            isEquals("Tag", tr.getTagNo(), trResult.getTagNo());
-            isEquals("Is CRM tag", TaggedRequest.CRM, tr.getTagNo());
-            isEquals("Value", tr.getValue(), trResult.getValue());
-        }
-
-
-        { // ORM
-            TaggedRequest tr = TaggedRequest.getInstance( new DERTaggedObject(TaggedRequest.ORM, new DERSequence(new ASN1Encodable[]{
-                new BodyPartID(1L),
-                PKCSObjectIdentifiers.data,
-                new DERSet(new ASN1Encodable[]{new ASN1Integer(5L)})
-            })));
-            byte[] b = tr.getEncoded();
-            TaggedRequest trResult = TaggedRequest.getInstance(b);
-            isEquals("Tag", tr.getTagNo(), trResult.getTagNo());
-            isEquals("Is ORM tag", TaggedRequest.ORM, tr.getTagNo());
-            isEquals("Value", tr.getValue(), trResult.getValue());
-        }
-
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/TargetInformationTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/TargetInformationTest.java
deleted file mode 100644
index 34dc70f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/TargetInformationTest.java
+++ /dev/null

@@ -1,48 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.Target;
-import org.bouncycastle.asn1.x509.TargetInformation;
-import org.bouncycastle.asn1.x509.Targets;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class TargetInformationTest
-    extends SimpleTest
-{
-
-    public String getName()
-    {
-        return "TargetInformation";
-    }
-
-    public void performTest() throws Exception
-    {
-        Target[] targets = new Target[2];
-        Target targetName = new Target(Target.targetName, new GeneralName(GeneralName.dNSName, "www.test.com"));
-        Target targetGroup = new Target(Target.targetGroup, new GeneralName(GeneralName.directoryName, "o=Test, ou=Test"));
-        targets[0] = targetName;
-        targets[1] = targetGroup;
-        Targets targetss = new Targets(targets);
-        TargetInformation targetInformation1 = new TargetInformation(targetss);
-        // use an Target array
-        TargetInformation targetInformation2 = new TargetInformation(targets);
-        // targetInformation1 and targetInformation2 must have same
-        // encoding.
-        if (!targetInformation1.equals(targetInformation2))
-        {
-            fail("targetInformation1 and targetInformation2 should have the same encoding.");
-        }
-        TargetInformation targetInformation3 = TargetInformation.getInstance(targetInformation1);
-        TargetInformation targetInformation4 = TargetInformation.getInstance(targetInformation2);
-        if (!targetInformation3.equals(targetInformation4))
-        {
-            fail("targetInformation3 and targetInformation4 should have the same encoding.");
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new TargetInformationTest());
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/TypeOfBiometricDataUnitTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/TypeOfBiometricDataUnitTest.java
deleted file mode 100644
index 3a5fc7e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/TypeOfBiometricDataUnitTest.java
+++ /dev/null

@@ -1,144 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.x509.qualified.TypeOfBiometricData;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class TypeOfBiometricDataUnitTest 
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "TypeOfBiometricData";
-    }
-
-    public void performTest() 
-        throws Exception
-    {
-        //
-        // predefined
-        //
-        checkPredefinedType(TypeOfBiometricData.PICTURE);
-        
-        checkPredefinedType(TypeOfBiometricData.HANDWRITTEN_SIGNATURE);
-        
-        //
-        // non-predefined
-        //
-        ASN1ObjectIdentifier localType = new ASN1ObjectIdentifier("1.1");
-        
-        TypeOfBiometricData type = new TypeOfBiometricData(localType);
-
-        checkNonPredefined(type, localType);
-        
-        type = TypeOfBiometricData.getInstance(type);
-        
-        checkNonPredefined(type, localType);
-        
-        ASN1Primitive obj = type.toASN1Primitive();
-        
-        type = TypeOfBiometricData.getInstance(obj);
-        
-        checkNonPredefined(type, localType);
-        
-        type = TypeOfBiometricData.getInstance(null);
-        
-        if (type != null)
-        {
-            fail("null getInstance() failed.");
-        }
-        
-        try
-        {
-            TypeOfBiometricData.getInstance(new Object());
-            
-            fail("getInstance() failed to detect bad object.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-        
-        try
-        {
-            new TypeOfBiometricData(100);
-            
-            fail("constructor failed to detect bad predefined type.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-        
-        if (TypeOfBiometricData.PICTURE != 0)
-        {
-            fail("predefined picture should be 0");
-        }
-        
-        if (TypeOfBiometricData.HANDWRITTEN_SIGNATURE != 1)
-        {
-            fail("predefined handwritten signature should be 1");
-        }
-    }
-
-    private void checkPredefinedType(
-        int predefinedType)
-        throws IOException
-    {
-        TypeOfBiometricData type = new TypeOfBiometricData(predefinedType);
-
-        checkPredefined(type, predefinedType);
-        
-        type = TypeOfBiometricData.getInstance(type);
-        
-        checkPredefined(type, predefinedType);
-        
-        ASN1InputStream aIn = new ASN1InputStream(type.toASN1Primitive().getEncoded());
-
-        ASN1Primitive obj = aIn.readObject();
-
-        type = TypeOfBiometricData.getInstance(obj);
-        
-        checkPredefined(type, predefinedType);
-    }
-
-    private void checkPredefined(
-        TypeOfBiometricData type,
-        int                 value)
-    {
-        if (!type.isPredefined())
-        {
-            fail("predefined type expected but not found.");
-        }
-        
-        if (type.getPredefinedBiometricType() != value)
-        {
-            fail("predefined type does not match.");
-        }
-    }
-    
-    private void checkNonPredefined(
-        TypeOfBiometricData type,
-        ASN1ObjectIdentifier value)
-    {
-        if (type.isPredefined())
-        {
-            fail("predefined type found when not expected.");
-        }
-        
-        if (!type.getBiometricDataOid().equals(value))
-        {
-            fail("data oid does not match.");
-        }
-    }
-    
-    public static void main(
-        String[]    args)
-    {
-        runTest(new TypeOfBiometricDataUnitTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/UTCTimeTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/UTCTimeTest.java
deleted file mode 100644
index 8067e78..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/UTCTimeTest.java
+++ /dev/null

@@ -1,108 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.DERUTCTime;
-import org.bouncycastle.util.test.SimpleTest;
-
-import java.text.SimpleDateFormat;
-import java.util.SimpleTimeZone;
-
-/**
- * X.690 test example
- */
-public class UTCTimeTest
-    extends SimpleTest
-{
-    String[] input =
-        {
-            "020122122220Z",
-            "020122122220-1000",
-            "020122122220+1000",
-            "020122122220+00",
-            "0201221222Z",
-            "0201221222-1000",
-            "0201221222+1000",
-            "0201221222+00",
-            "550122122220Z",
-            "5501221222Z"
-        };
-
-    String[] output = {
-            "20020122122220GMT+00:00",
-            "20020122122220GMT-10:00",
-            "20020122122220GMT+10:00",
-            "20020122122220GMT+00:00",
-            "20020122122200GMT+00:00",
-            "20020122122200GMT-10:00",
-            "20020122122200GMT+10:00",
-            "20020122122200GMT+00:00",
-            "19550122122220GMT+00:00",
-            "19550122122200GMT+00:00"
-             };
-
-    String[] zOutput1 = {
-            "20020122122220Z",
-            "20020122222220Z",
-            "20020122022220Z",
-            "20020122122220Z",
-            "20020122122200Z",
-            "20020122222200Z",
-            "20020122022200Z",
-            "20020122122200Z",
-            "19550122122220Z",
-            "19550122122200Z"
-    };
-
-    String[] zOutput2 = {
-            "20020122122220Z",
-            "20020122222220Z",
-            "20020122022220Z",
-            "20020122122220Z",
-            "20020122122200Z",
-            "20020122222200Z",
-            "20020122022200Z",
-            "20020122122200Z",
-            "19550122122220Z",
-            "19550122122200Z"
-    };
-
-    public String getName()
-    {
-        return "UTCTime";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        SimpleDateFormat yyyyF = new SimpleDateFormat("yyyyMMddHHmmss'Z'");
-        SimpleDateFormat yyF = new SimpleDateFormat("yyyyMMddHHmmss'Z'");
-
-        yyyyF.setTimeZone(new SimpleTimeZone(0,"Z"));
-        yyF.setTimeZone(new SimpleTimeZone(0,"Z"));
-
-        for (int i = 0; i != input.length; i++)
-        {
-            DERUTCTime t = new DERUTCTime(input[i]);
-
-            if (!t.getAdjustedTime().equals(output[i]))
-            {
-                fail("failed conversion test " + i);
-            }
-
-            if (!yyyyF.format(t.getAdjustedDate()).equals(zOutput1[i]))
-            {
-                fail("failed date conversion test " + i);
-            }
-
-            if (!yyF.format(t.getDate()).equals(zOutput2[i]))
-            {
-                fail("failed date shortened conversion test " + i);
-            }
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new UTCTimeTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/X500NameTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/X500NameTest.java
deleted file mode 100644
index 663e71f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/X500NameTest.java
+++ /dev/null

@@ -1,778 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OutputStream;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.ASN1String;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERIA5String;
-import org.bouncycastle.asn1.DERPrintableString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.asn1.x500.RDN;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x500.X500NameBuilder;
-import org.bouncycastle.asn1.x500.style.BCStrictStyle;
-import org.bouncycastle.asn1.x500.style.BCStyle;
-import org.bouncycastle.asn1.x500.style.IETFUtils;
-import org.bouncycastle.asn1.x509.X509DefaultEntryConverter;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class X500NameTest
-    extends SimpleTest
-{
-   String[] subjects =
-   {
-       "C=AU,ST=Victoria,L=South Melbourne,O=Connect 4 Pty Ltd,OU=Webserver Team,CN=www2.connect4.com.au,E=webmaster@connect4.com.au",
-       "C=AU,ST=Victoria,L=South Melbourne,O=Connect 4 Pty Ltd,OU=Certificate Authority,CN=Connect 4 CA,E=webmaster@connect4.com.au",
-       "C=AU,ST=QLD,CN=SSLeay/rsa test cert",
-       "C=US,O=National Aeronautics and Space Administration,SERIALNUMBER=16+CN=Steve Schoch",
-       "E=cooke@issl.atl.hp.com,C=US,OU=Hewlett Packard Company (ISSL),CN=Paul A. Cooke",
-       "O=Sun Microsystems Inc,CN=store.sun.com",
-       "unstructuredAddress=192.168.1.33,unstructuredName=pixfirewall.ciscopix.com,CN=pixfirewall.ciscopix.com",
-       "CN=*.canal-plus.com,OU=Provided by TBS INTERNET http://www.tbs-certificats.com/,OU=\\ CANAL \\+,O=CANAL\\+DISTRIBUTION,L=issy les moulineaux,ST=Hauts de Seine,C=FR",
-       "O=Bouncy Castle,CN=www.bouncycastle.org\\ ",
-       "O=Bouncy Castle,CN=c:\\\\fred\\\\bob",
-    };
-
-    String[] hexSubjects =
-    {
-        "CN=\\20Test\\20X,O=\\20Test,C=GB",    // input
-        "CN=\\ Test X,O=\\ Test,C=GB",          // expected
-        "CN=\\20Test\\20X\\20,O=\\20Test,C=GB",    // input
-        "CN=\\ Test X\\ ,O=\\ Test,C=GB"          // expected
-    };
-
-    public String getName()
-    {
-        return "X500Name";
-    }
-    
-    private static X500Name fromBytes(
-        byte[]  bytes) 
-        throws IOException
-    {
-        return X500Name.getInstance(new ASN1InputStream(new ByteArrayInputStream(bytes)).readObject());
-    }
-
-    private ASN1Encodable createEntryValue(ASN1ObjectIdentifier oid, String value)
-    {
-        X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE);
-
-        builder.addRDN(oid, value);
-        
-        X500Name name = builder.build();
-
-        ASN1Sequence seq = (ASN1Sequence)name.toASN1Primitive();
-        ASN1Set set = ASN1Set.getInstance(seq.getObjectAt(0).toASN1Primitive());
-        seq = (ASN1Sequence)set.getObjectAt(0);
-
-        return seq.getObjectAt(1);
-    }
-
-    private ASN1Encodable createEntryValueFromString(ASN1ObjectIdentifier oid, String value)
-    {
-        X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE);
-
-        builder.addRDN(oid, value);
-
-        X500Name name = new X500Name(builder.build().toString());
-
-        ASN1Sequence seq = (ASN1Sequence)name.toASN1Primitive();
-        ASN1Set set = ASN1Set.getInstance(seq.getObjectAt(0).toASN1Primitive());
-        seq = (ASN1Sequence)set.getObjectAt(0);
-
-        return seq.getObjectAt(1);
-    }
-
-    private void testEncodingPrintableString(ASN1ObjectIdentifier oid, String value)
-    {
-        ASN1Encodable converted = createEntryValue(oid, value);
-        if (!(converted instanceof DERPrintableString))
-        {
-            fail("encoding for " + oid + " not printable string");
-        }
-    }
-
-    private void testEncodingIA5String(ASN1ObjectIdentifier oid, String value)
-    {
-        ASN1Encodable converted = createEntryValue(oid, value);
-        if (!(converted instanceof DERIA5String))
-        {
-            fail("encoding for " + oid + " not IA5String");
-        }
-    }
-
-    private void testEncodingUTF8String(ASN1ObjectIdentifier oid, String value)
-        throws IOException
-    {
-        ASN1Encodable converted = createEntryValue(oid, value);
-        if (!(converted instanceof DERUTF8String))
-        {
-            fail("encoding for " + oid + " not IA5String");
-        }
-        if (!value.equals((DERUTF8String.getInstance(converted.toASN1Primitive().getEncoded()).getString())))
-        {
-            fail("decoding not correct");
-        }
-    }
-
-    private void testEncodingGeneralizedTime(ASN1ObjectIdentifier oid, String value)
-    {
-        ASN1Encodable converted = createEntryValue(oid, value);
-        if (!(converted instanceof ASN1GeneralizedTime))
-        {
-            fail("encoding for " + oid + " not GeneralizedTime");
-        }
-        converted = createEntryValueFromString(oid, value);
-        if (!(converted instanceof ASN1GeneralizedTime))
-        {
-            fail("encoding for " + oid + " not GeneralizedTime");
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        ietfUtilsTest();
-
-        testEncodingPrintableString(BCStyle.C, "AU");
-        testEncodingPrintableString(BCStyle.SERIALNUMBER, "123456");
-        testEncodingPrintableString(BCStyle.DN_QUALIFIER, "123456");
-        testEncodingIA5String(BCStyle.EmailAddress, "test@test.com");
-        testEncodingIA5String(BCStyle.DC, "test");
-        // correct encoding
-        testEncodingGeneralizedTime(BCStyle.DATE_OF_BIRTH, "#180F32303032303132323132323232305A");
-        // compatibility encoding
-        testEncodingGeneralizedTime(BCStyle.DATE_OF_BIRTH, "20020122122220Z");
-        testEncodingUTF8String(BCStyle.CN, "Mörsky");
-        testEncodingUTF8String(BCStyle.ORGANIZATION_IDENTIFIER, "Mörsky");
-        
-        //
-        // composite
-        //
-        X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE);
-
-        builder.addRDN(BCStyle.C, "AU");
-        builder.addRDN(BCStyle.O, "The Legion of the Bouncy Castle");
-        builder.addRDN(BCStyle.L, "Melbourne");
-        builder.addRDN(BCStyle.ST, "Victoria");
-        builder.addRDN(BCStyle.E, "feedback-crypto@bouncycastle.org");
-
-        X500Name    name1 = builder.build();
-
-        if (!name1.equals(name1))
-        {
-            fail("Failed same object test");
-        }
-
-//        if (!name1.equals(name1, true))
-//        {
-//            fail("Failed same object test - in Order");
-//        }
-
-        builder = new X500NameBuilder(BCStyle.INSTANCE);
-
-        builder.addRDN(BCStyle.C, "AU");
-        builder.addRDN(BCStyle.O, "The Legion of the Bouncy Castle");
-        builder.addRDN(BCStyle.L, "Melbourne");
-        builder.addRDN(BCStyle.ST, "Victoria");
-        builder.addRDN(BCStyle.E, "feedback-crypto@bouncycastle.org");
-
-        X500Name    name2 = builder.build();
-
-        if (!name1.equals(name2))
-        {
-            fail("Failed same name test");
-        }
-
-//        if (!name1.equals(name2, true))
-//        {
-//            fail("Failed same name test - in Order");
-//        }
-
-        if (name1.hashCode() != name2.hashCode())
-        {
-            fail("Failed same name test - in Order");
-        }
-
-        X500NameBuilder builder1 = new X500NameBuilder(BCStyle.INSTANCE);
-
-        builder.addRDN(BCStyle.C, "AU");
-        builder.addRDN(BCStyle.O, "The Legion of the Bouncy Castle");
-        builder.addRDN(BCStyle.L, "Melbourne");
-        builder.addRDN(BCStyle.ST, "Victoria");
-        builder.addRDN(BCStyle.E, "feedback-crypto@bouncycastle.org");
-
-        X500NameBuilder builder2 = new X500NameBuilder(BCStyle.INSTANCE);
-
-        builder.addRDN(BCStyle.E, "feedback-crypto@bouncycastle.org");
-        builder.addRDN(BCStyle.C, "AU");
-        builder.addRDN(BCStyle.O, "The Legion of the Bouncy Castle");
-        builder.addRDN(BCStyle.L, "Melbourne");
-        builder.addRDN(BCStyle.ST, "Victoria");
-
-        name1 = builder1.build();
-        name2 = builder2.build();
-
-        if (!name1.equals(name2))
-        {
-            fail("Failed reverse name test");
-        }
-
-        if (name1.hashCode() != name2.hashCode())
-        {
-            fail("Failed reverse name test hashCode");
-        }
-
-//        if (name1.equals(name2, true))
-//        {
-//            fail("Failed reverse name test - in Order");
-//        }
-//
-//        if (!name1.equals(name2, false))
-//        {
-//            fail("Failed reverse name test - in Order false");
-//        }
-
-//        Vector oids = name1.getOIDs();
-//        if (!compareVectors(oids, ord1))
-//        {
-//            fail("oid comparison test");
-//        }
-       /*
-        Vector val1 = new Vector();
-
-        val1.addElement("AU");
-        val1.addElement("The Legion of the Bouncy Castle");
-        val1.addElement("Melbourne");
-        val1.addElement("Victoria");
-        val1.addElement("feedback-crypto@bouncycastle.org");
-
-        name1 = new X500Name(ord1, val1);
-
-        Vector values = name1.getValues();
-        if (!compareVectors(values, val1))
-        {
-            fail("value comparison test");
-        }
-
-        ord2 = new Vector();
-
-        ord2.addElement(X500Name.ST);
-        ord2.addElement(X500Name.ST);
-        ord2.addElement(X500Name.L);
-        ord2.addElement(X500Name.O);
-        ord2.addElement(X500Name.C);
-
-        name1 = new X500Name(ord1, attrs);
-        name2 = new X500Name(ord2, attrs);
-
-        if (name1.equals(name2))
-        {
-            fail("Failed different name test");
-        }
-
-        ord2 = new Vector();
-
-        ord2.addElement(X500Name.ST);
-        ord2.addElement(X500Name.L);
-        ord2.addElement(X500Name.O);
-        ord2.addElement(X500Name.C);
-
-        name1 = new X500Name(ord1, attrs);
-        name2 = new X500Name(ord2, attrs);
-
-        if (name1.equals(name2))
-        {
-            fail("Failed subset name test");
-        }
-
-        compositeTest();
-         */
-        ByteArrayOutputStream bOut;
-        ASN1OutputStream aOut;
-        ASN1InputStream aIn;
-       /*
-        //
-        // getValues test
-        //
-        Vector v1 = name1.getValues(X500Name.O);
-
-        if (v1.size() != 1 || !v1.elementAt(0).equals("The Legion of the Bouncy Castle"))
-        {
-            fail("O test failed");
-        }
-
-        Vector v2 = name1.getValues(X500Name.L);
-
-        if (v2.size() != 1 || !v2.elementAt(0).equals("Melbourne"))
-        {
-            fail("L test failed");
-        }
-       */
-        //
-        // general subjects test
-        //
-        for (int i = 0; i != subjects.length; i++)
-        {
-            X500Name    name = new X500Name(subjects[i]);
-
-            bOut = new ByteArrayOutputStream();
-            aOut = new ASN1OutputStream(bOut);
-
-            aOut.writeObject(name);
-
-            aIn = new ASN1InputStream(new ByteArrayInputStream(bOut.toByteArray()));
-
-            name = X500Name.getInstance(aIn.readObject());
-            if (!name.toString().equals(subjects[i]))
-            {
-                fail("failed regeneration test " + i + " got: " + name.toString() + " expected " + subjects[i]);
-            }
-        }
-
-        for (int i = 0; i < hexSubjects.length; i += 2)
-        {
-            X500Name    name = new X500Name(hexSubjects[i]);
-
-            bOut = new ByteArrayOutputStream();
-            aOut = new ASN1OutputStream(bOut);
-
-            aOut.writeObject(name);
-
-            aIn = new ASN1InputStream(new ByteArrayInputStream(bOut.toByteArray()));
-
-            name = X500Name.getInstance(aIn.readObject());
-            if (!name.toString().equals(hexSubjects[i + 1]))
-            {
-                fail("failed hex regeneration test " + i + " got: " + name.toString() + " expected " + subjects[i]);
-            }
-        }
-
-        //
-        // sort test
-        //
-        X500Name unsorted = new X500Name("SERIALNUMBER=BBB + CN=AA");
-
-        if (!fromBytes(unsorted.getEncoded()).toString().equals("CN=AA+SERIALNUMBER=BBB"))
-        {
-            fail("failed sort test 1");
-        }
-
-        unsorted = new X500Name("CN=AA + SERIALNUMBER=BBB");
-
-        if (!fromBytes(unsorted.getEncoded()).toString().equals("CN=AA+SERIALNUMBER=BBB"))
-        {
-            fail("failed sort test 2");
-        }
-
-        unsorted = new X500Name("SERIALNUMBER=B + CN=AA");
-
-        if (!fromBytes(unsorted.getEncoded()).toString().equals("SERIALNUMBER=B+CN=AA"))
-        {
-            fail("failed sort test 3");
-        }
-
-        unsorted = new X500Name("CN=AA + SERIALNUMBER=B");
-
-        if (!fromBytes(unsorted.getEncoded()).toString().equals("SERIALNUMBER=B+CN=AA"))
-        {
-            fail("failed sort test 4");
-        }
-
-        //
-        // equality tests
-        //
-        equalityTest(new X500Name("CN=The     Legion"), new X500Name("CN=The Legion"));
-        equalityTest(new X500Name("CN=   The Legion"), new X500Name("CN=The Legion"));
-        equalityTest(new X500Name("CN=The Legion   "), new X500Name("CN=The Legion"));
-        equalityTest(new X500Name("CN=  The     Legion "), new X500Name("CN=The Legion"));
-        equalityTest(new X500Name("CN=  the     legion "), new X500Name("CN=The Legion"));
-
-        equalityTest(new X500Name("CN=  the     legion+C=AU, O=Legion "), new X500Name("CN=The Legion+C=AU, O=Legion"));
-        // # test
-
-        X500Name n1 = new X500Name("SERIALNUMBER=8,O=ABC,CN=ABC Class 3 CA,C=LT");
-        X500Name n2 = new X500Name("2.5.4.5=8,O=ABC,CN=ABC Class 3 CA,C=LT");
-        X500Name n3 = new X500Name("2.5.4.5=#130138,O=ABC,CN=ABC Class 3 CA,C=LT");
-
-        equalityTest(n1, n2);
-        equalityTest(n2, n3);
-        equalityTest(n3, n1);
-
-        n1 = new X500Name("2.5.4.5=#130138,CN=SSC Class 3 CA,O=UAB Skaitmeninio sertifikavimo centras,C=LT");
-        n2 = new X500Name("SERIALNUMBER=#130138,CN=SSC Class 3 CA,O=UAB Skaitmeninio sertifikavimo centras,C=LT");
-        n3 = X500Name.getInstance(ASN1Primitive.fromByteArray(Hex.decode("3063310b3009060355040613024c54312f302d060355040a1326"
-            + "55414220536b6169746d656e696e696f20736572746966696b6176696d6f2063656e74726173311730150603550403130e53534320436c6173732033204341310a30080603550405130138")));
-
-        equalityTest(n1, n2);
-        equalityTest(n2, n3);
-        equalityTest(n3, n1);
-
-        n1 = new X500Name("SERIALNUMBER=8,O=XX,CN=ABC Class 3 CA,C=LT");
-        n2 = new X500Name("2.5.4.5=8,O=,CN=ABC Class 3 CA,C=LT");
-
-//        if (n1.equals(n2))
-//        {
-//            fail("empty inequality check failed");
-//        }
-
-        n1 = new X500Name("SERIALNUMBER=8,O=,CN=ABC Class 3 CA,C=LT");
-        n2 = new X500Name("2.5.4.5=8,O=,CN=ABC Class 3 CA,C=LT");
-
-        equalityTest(n1, n2);
-
-        equalityTest(X500Name.getInstance(BCStrictStyle.INSTANCE, n1), X500Name.getInstance(BCStrictStyle.INSTANCE, n2));
-
-        n2 = new X500Name("C=LT,2.5.4.5=8,O=,CN=ABC Class 3 CA");
-
-        equalityTest(n1, n2);
-
-        if (X500Name.getInstance(BCStrictStyle.INSTANCE, n1).equals(X500Name.getInstance(BCStrictStyle.INSTANCE, n2)))
-        {
-            fail("strict comparison failed");
-        }
-
-        //
-        // inequality to sequences
-        //
-        name1 = new X500Name("CN=The Legion");
-
-        if (name1.equals(new DERSequence()))
-        {
-            fail("inequality test with sequence");
-        }
-
-        if (name1.equals(new DERSequence(new DERSet())))
-        {
-            fail("inequality test with sequence and set");
-        }
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(new ASN1ObjectIdentifier("1.1"));
-        v.add(new ASN1ObjectIdentifier("1.1"));
-        if (name1.equals(new DERSequence(new DERSet(new DERSet(v)))))
-        {
-            fail("inequality test with sequence and bad set");
-        }
-
-        if (name1.equals(new DERSequence(new DERSet(new DERSet(v)))))
-        {
-            fail("inequality test with sequence and bad set");
-        }
-
-        if (name1.equals(new DERSequence(new DERSet(new DERSequence()))))
-        {
-            fail("inequality test with sequence and short sequence");
-        }
-
-        if (name1.equals(new DERSequence(new DERSet(new DERSequence()))))
-        {
-            fail("inequality test with sequence and short sequence");
-        }
-
-        v = new ASN1EncodableVector();
-
-        v.add(new ASN1ObjectIdentifier("1.1"));
-        v.add(new DERSequence());
-
-        if (name1.equals(new DERSequence(new DERSet(new DERSequence(v)))))
-        {
-            fail("inequality test with sequence and bad sequence");
-        }
-
-        if (name1.equals(null))
-        {
-            fail("inequality test with null");
-        }
-
-//        if (name1.equals(null, true))
-//        {
-//            fail("inequality test with null");
-//        }
-
-        //
-        // this is contrived but it checks sorting of sets with equal elements
-        //
-        unsorted = new X500Name("CN=AA + CN=AA + CN=AA");
-
-        ASN1ObjectIdentifier[] types = unsorted.getAttributeTypes();
-        if (types.length != 3 || !types[0].equals(BCStyle.CN) || !types[1].equals(BCStyle.CN) || !types[2].equals(BCStyle.CN))
-        {
-            fail("types not matched correctly");
-        }
-
-        // general type test
-        X500Name nested = new X500Name("CN=AA + CN=AA, C=AU");
-
-        types = nested.getAttributeTypes();
-        if (types.length != 3 || !types[0].equals(BCStyle.CN) || !types[1].equals(BCStyle.CN) || !types[2].equals(BCStyle.C))
-        {
-            fail("nested types not matched correctly");
-        }
-        //
-        // tagging test - only works if CHOICE implemented
-        //
-        ASN1TaggedObject tag = new DERTaggedObject(false, 1, new X500Name("CN=AA"));
-
-        if (!tag.isExplicit())
-        {
-            fail("failed to explicitly tag CHOICE object");
-        }
-
-        X500Name name = X500Name.getInstance(tag, false);
-
-        if (!name.equals(new X500Name("CN=AA")))
-        {
-            fail("failed to recover tagged name");
-        }
-
-        DERUTF8String testString = new DERUTF8String("The Legion of the Bouncy Castle");
-        byte[] encodedBytes = testString.getEncoded();
-        byte[] hexEncodedBytes = Hex.encode(encodedBytes);
-        String hexEncodedString = "#" + new String(hexEncodedBytes);
-
-        DERUTF8String converted = (DERUTF8String)
-            new X509DefaultEntryConverter().getConvertedValue(
-                BCStyle.L , hexEncodedString);
-
-        if (!converted.equals(testString))
-        {
-            fail("failed X509DefaultEntryConverter test");
-        }
-
-        //
-        // try escaped.
-        //
-        converted = (DERUTF8String)
-            new X509DefaultEntryConverter().getConvertedValue(
-                BCStyle.L , "\\" + hexEncodedString);
-
-        if (!converted.equals(new DERUTF8String(hexEncodedString)))
-        {
-            fail("failed X509DefaultEntryConverter test got " + converted + " expected: " + hexEncodedString);
-        }
-
-        //
-        // try a weird value
-        //
-        X500Name n = new X500Name("CN=\\#nothex#string");
-
-        if (!n.toString().equals("CN=\\#nothex#string"))
-        {
-            fail("# string not properly escaped.");
-        }
-
-        RDN[] vls = n.getRDNs(BCStyle.CN);
-        if (vls.length != 1 || !getValue(vls[0]).equals("#nothex#string"))
-        {
-            fail("escaped # not reduced properly");
-        }
-
-        types = n.getAttributeTypes();
-        if (types.length != 1 || !types[0].equals(BCStyle.CN))
-        {
-            fail("type not matched correctly");
-        }
-
-        n = new X500Name("CN=\"a+b\"");
-
-        vls = n.getRDNs(BCStyle.CN);
-        if (vls.length != 1 || !getValue(vls[0]).equals("a+b"))
-        {
-            fail("escaped + not reduced properly");
-        }
-
-        n = new X500Name("CN=a\\+b");
-
-        vls = n.getRDNs(BCStyle.CN);
-        if (vls.length != 1 || !getValue(vls[0]).equals("a+b"))
-        {
-            fail("escaped + not reduced properly");
-        }
-
-        if (!n.toString().equals("CN=a\\+b"))
-        {
-            fail("+ in string not properly escaped.");
-        }
-
-        n = new X500Name("CN=a\\=b");
-
-        vls = n.getRDNs(BCStyle.CN);
-        if (vls.length != 1 || !getValue(vls[0]).equals("a=b"))
-        {
-            fail("escaped = not reduced properly");
-        }
-
-        if (!n.toString().equals("CN=a\\=b"))
-        {
-            fail("= in string not properly escaped.");
-        }
-
-        n = new X500Name("TELEPHONENUMBER=\"+61999999999\"");
-
-        vls = n.getRDNs(BCStyle.TELEPHONE_NUMBER);
-        if (vls.length != 1 || !getValue(vls[0]).equals("+61999999999"))
-        {
-            fail("telephonenumber escaped + not reduced properly");
-        }
-
-        n = new X500Name("TELEPHONENUMBER=\\+61999999999");
-
-        vls = n.getRDNs(BCStyle.TELEPHONE_NUMBER);
-        if (vls.length != 1 || !getValue(vls[0]).equals("+61999999999"))
-        {
-            fail("telephonenumber escaped + not reduced properly");
-        }
-
-        // test query methods
-        if (!"E".equals(BCStyle.INSTANCE.oidToDisplayName(BCStyle.EmailAddress)))
-        {
-            fail("display name for E incorrect");
-        }
-
-        String[] aliases = BCStyle.INSTANCE.oidToAttrNames(BCStyle.EmailAddress);
-        if (aliases.length != 2)
-        {
-            fail("no aliases found");
-        }
-        if (!("e".equals(aliases[0]) || "e".equals(aliases[1])))
-        {
-            fail("first alias name for E incorrect");
-        }
-        if (!("emailaddress".equals(aliases[0]) || "emailaddress".equals(aliases[1])))
-        {
-            fail("second alias name for E incorrect");
-        }
-
-        if (BCStyle.INSTANCE.oidToDisplayName(new ASN1ObjectIdentifier("1.2.1")) != null)
-        {
-            fail("unknown oid matched!");
-        }
-
-        if (BCStyle.INSTANCE.oidToAttrNames(new ASN1ObjectIdentifier("1.2.1")).length != 0)
-        {
-            fail("unknown oid matched aliases!");
-        }
-
-        if (!new X500Name("CN=\"  CA1 -   CP.04.03\", OU=Testing, OU=Dod, O=U.S. Government, C=US")
-            .equals(new X500Name("CN=\"ca1 - CP.04.03  \", OU=Testing, OU=Dod, O=U.S. Government, C=US")))
-        {
-            fail("padded equality test failed");
-        }
-    }
-
-    private String getValue(RDN vl)
-    {
-        return ((ASN1String)vl.getFirst().getValue()).getString();
-    }
-
-    private void ietfUtilsTest()
-        throws Exception
-    {
-        IETFUtils.valueToString(new DERUTF8String(" "));
-    }
-
-    /*
-  private boolean compareVectors(Vector a, Vector b)    // for compatibility with early JDKs
-  {
-      if (a.size() != b.size())
-      {
-          return false;
-      }
-
-      for (int i = 0; i != a.size(); i++)
-      {
-          if (!a.elementAt(i).equals(b.elementAt(i)))
-          {
-              return false;
-          }
-      }
-
-      return true;
-  }
-
-  private void compositeTest()
-      throws IOException
-  {
-      //
-      // composite test
-      //
-      byte[]  enc = Hex.decode("305e310b300906035504061302415531283026060355040a0c1f546865204c6567696f6e206f662074686520426f756e637920436173746c653125301006035504070c094d656c626f75726e653011060355040b0c0a4173636f742056616c65");
-      ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(enc));
-
-      X500Name    n = X500Name.getInstance(aIn.readObject());
-
-      if (!n.toString().equals("C=AU,O=The Legion of the Bouncy Castle,L=Melbourne+OU=Ascot Vale"))
-      {
-          fail("Failed composite to string test got: " + n.toString());
-      }
-
-      if (!n.toString(true, X500Name.DefaultSymbols).equals("L=Melbourne+OU=Ascot Vale,O=The Legion of the Bouncy Castle,C=AU"))
-      {
-          fail("Failed composite to string test got: " + n.toString(true, X500Name.DefaultSymbols));
-      }
-
-      n = new X500Name(true, "L=Melbourne+OU=Ascot Vale,O=The Legion of the Bouncy Castle,C=AU");
-      if (!n.toString().equals("C=AU,O=The Legion of the Bouncy Castle,L=Melbourne+OU=Ascot Vale"))
-      {
-          fail("Failed composite to string reversal test got: " + n.toString());
-      }
-
-      n = new X500Name("C=AU, O=The Legion of the Bouncy Castle, L=Melbourne + OU=Ascot Vale");
-
-      ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-      ASN1OutputStream aOut = new ASN1OutputStream(bOut);
-
-      aOut.writeObject(n);
-
-      byte[]  enc2 = bOut.toByteArray();
-
-      if (!Arrays.areEqual(enc, enc2))
-      {
-          fail("Failed composite string to encoding test");
-      }
-
-      //
-      // dud name test - handle empty DN without barfing.
-      //
-      n = new X500Name("C=CH,O=,OU=dummy,CN=mail@dummy.com");
-
-      n = X500Name.getInstance(ASN1Object.fromByteArray(n.getEncoded()));
-  }
-    */
-    private void equalityTest(X500Name name1, X500Name name2)
-    {
-        if (!name1.equals(name2))
-        {
-            fail("equality test failed for " + name1 + " : " + name2);
-        }
-
-        if (name1.hashCode() != name2.hashCode())
-        {
-            fail("hashCodeTest test failed for " + name1 + " : " + name2);
-        }
-    }
-
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new X500NameTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/X509ExtensionsTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/X509ExtensionsTest.java
deleted file mode 100644
index 008d4d8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/X509ExtensionsTest.java
+++ /dev/null

@@ -1,105 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.x509.X509Extensions;
-import org.bouncycastle.asn1.x509.X509ExtensionsGenerator;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class X509ExtensionsTest
-    extends SimpleTest
-{
-    private static final ASN1ObjectIdentifier OID_2 = new ASN1ObjectIdentifier("1.2.2");
-    private static final ASN1ObjectIdentifier OID_3 = new ASN1ObjectIdentifier("1.2.3");
-    private static final ASN1ObjectIdentifier OID_1 = new ASN1ObjectIdentifier("1.2.1");
-
-    public String getName()
-    {
-        return "X509Extensions";
-    }
-
-    public void performTest() throws Exception
-    {
-        X509ExtensionsGenerator gen = new X509ExtensionsGenerator();
-
-        gen.addExtension(OID_1, true, new byte[20]);
-        gen.addExtension(OID_2, true, new byte[20]);
-
-        X509Extensions ext1 = gen.generate();
-        X509Extensions ext2 = gen.generate();
-
-        if (!ext1.equals(ext2))
-        {
-            fail("equals test failed");
-        }
-
-        gen.reset();
-
-        gen.addExtension(OID_2, true, new byte[20]);
-        gen.addExtension(OID_1, true, new byte[20]);
-
-        ext2 = gen.generate();
-
-        if (ext1.equals(ext2))
-        {
-            fail("inequality test failed");
-        }
-
-        if (!ext1.equivalent(ext2))
-        {
-            fail("equivalence true failed");
-        }
-
-        gen.reset();
-
-        gen.addExtension(OID_1, true, new byte[22]);
-        gen.addExtension(OID_2, true, new byte[20]);
-
-        ext2 = gen.generate();
-
-        if (ext1.equals(ext2))
-        {
-            fail("inequality 1 failed");
-        }
-
-        if (ext1.equivalent(ext2))
-        {
-            fail("non-equivalence 1 failed");
-        }
-
-        gen.reset();
-
-        gen.addExtension(OID_3, true, new byte[20]);
-        gen.addExtension(OID_2, true, new byte[20]);
-
-        ext2 = gen.generate();
-
-        if (ext1.equals(ext2))
-        {
-            fail("inequality 2 failed");
-        }
-
-        if (ext1.equivalent(ext2))
-        {
-            fail("non-equivalence 2 failed");
-        }
-
-        try
-        {
-            gen.addExtension(OID_2, true, new byte[20]);
-            fail("repeated oid");
-        }
-        catch (IllegalArgumentException e)
-        {
-            if (!e.getMessage().equals("extension 1.2.2 already added"))
-            {
-                fail("wrong exception on repeated oid: " + e.getMessage());
-            }
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new X509ExtensionsTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/X509NameTest.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/X509NameTest.java
deleted file mode 100644
index f1ae757..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/X509NameTest.java
+++ /dev/null

@@ -1,693 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.util.Hashtable;
-import java.util.Vector;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OutputStream;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.DERIA5String;
-import org.bouncycastle.asn1.DERPrintableString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x500.X500NameBuilder;
-import org.bouncycastle.asn1.x500.style.BCStyle;
-import org.bouncycastle.asn1.x509.X509DefaultEntryConverter;
-import org.bouncycastle.asn1.x509.X509Name;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class X509NameTest
-    extends SimpleTest
-{
-   String[] subjects =
-   {
-       "C=AU,ST=Victoria,L=South Melbourne,O=Connect 4 Pty Ltd,OU=Webserver Team,CN=www2.connect4.com.au,E=webmaster@connect4.com.au",
-       "C=AU,ST=Victoria,L=South Melbourne,O=Connect 4 Pty Ltd,OU=Certificate Authority,CN=Connect 4 CA,E=webmaster@connect4.com.au",
-       "C=AU,ST=QLD,CN=SSLeay/rsa test cert",
-       "C=US,O=National Aeronautics and Space Administration,SERIALNUMBER=16+CN=Steve Schoch",
-       "E=cooke@issl.atl.hp.com,C=US,OU=Hewlett Packard Company (ISSL),CN=Paul A. Cooke",
-       "O=Sun Microsystems Inc,CN=store.sun.com",
-       "unstructuredAddress=192.168.1.33,unstructuredName=pixfirewall.ciscopix.com,CN=pixfirewall.ciscopix.com",
-       "CN=*.canal-plus.com,OU=Provided by TBS INTERNET http://www.tbs-certificats.com/,OU=\\ CANAL \\+,O=CANAL\\+DISTRIBUTION,L=issy les moulineaux,ST=Hauts de Seine,C=FR",
-       "O=Bouncy Castle,CN=www.bouncycastle.org\\ ",
-       "O=Bouncy Castle,CN=c:\\\\fred\\\\bob"
-    };
-
-    public String getName()
-    {
-        return "X509Name";
-    }
-    
-    private static X509Name fromBytes(
-        byte[]  bytes) 
-        throws IOException
-    {
-        return X509Name.getInstance(new ASN1InputStream(new ByteArrayInputStream(bytes)).readObject());
-    }
-
-    private ASN1Encodable createEntryValue(ASN1ObjectIdentifier oid, String value)
-    {
-        Hashtable attrs = new Hashtable();
-
-        attrs.put(oid, value);
-
-        Vector order = new Vector();
-
-        order.addElement(oid);
-        
-        X509Name name = new X509Name(order, attrs);
-
-        ASN1Sequence seq = (ASN1Sequence)name.toASN1Primitive();
-        ASN1Set set = (ASN1Set)seq.getObjectAt(0);
-        seq = (ASN1Sequence)set.getObjectAt(0);
-
-        return seq.getObjectAt(1);
-    }
-
-    private ASN1Encodable createEntryValueFromString(ASN1ObjectIdentifier oid, String value)
-    {
-        Hashtable attrs = new Hashtable();
-
-        attrs.put(oid, value);
-
-        Vector order = new Vector();
-
-        order.addElement(oid);
-        
-        X509Name name = new X509Name(new X509Name(order, attrs).toString());
-
-        ASN1Sequence seq = (ASN1Sequence)name.toASN1Primitive();
-        ASN1Set set = (ASN1Set)seq.getObjectAt(0);
-        seq = (ASN1Sequence)set.getObjectAt(0);
-
-        return seq.getObjectAt(1);
-    }
-
-    private void testEncodingPrintableString(ASN1ObjectIdentifier oid, String value)
-    {
-        ASN1Encodable converted = createEntryValue(oid, value);
-        if (!(converted instanceof DERPrintableString))
-        {
-            fail("encoding for " + oid + " not printable string");
-        }
-    }
-
-    private void testEncodingIA5String(ASN1ObjectIdentifier oid, String value)
-    {
-        ASN1Encodable converted = createEntryValue(oid, value);
-        if (!(converted instanceof DERIA5String))
-        {
-            fail("encoding for " + oid + " not IA5String");
-        }
-    }
-
-
-    private void testEncodingUTF8String(ASN1ObjectIdentifier oid, String value)
-        throws IOException
-    {
-        ASN1Encodable converted = createEntryValue(oid, value);
-        if (!(converted instanceof DERUTF8String))
-        {
-            fail("encoding for " + oid + " not IA5String");
-        }
-        if (!value.equals((DERUTF8String.getInstance(converted.toASN1Primitive().getEncoded()).getString())))
-        {
-            fail("decoding not correct");
-        }
-    }
-
-    private void testEncodingGeneralizedTime(ASN1ObjectIdentifier oid, String value)
-    {
-        ASN1Encodable converted = createEntryValue(oid, value);
-        if (!(converted instanceof ASN1GeneralizedTime))
-        {
-            fail("encoding for " + oid + " not GeneralizedTime");
-        }
-        converted = createEntryValueFromString(oid, value);
-        if (!(converted instanceof ASN1GeneralizedTime))
-        {
-            fail("encoding for " + oid + " not GeneralizedTime");
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        testEncodingPrintableString(X509Name.C, "AU");
-        testEncodingPrintableString(X509Name.SERIALNUMBER, "123456");
-        testEncodingPrintableString(X509Name.DN_QUALIFIER, "123456");
-        testEncodingIA5String(X509Name.EmailAddress, "test@test.com");
-        testEncodingIA5String(X509Name.DC, "test");
-        // correct encoding
-        testEncodingGeneralizedTime(X509Name.DATE_OF_BIRTH, "#180F32303032303132323132323232305A");
-        // compatibility encoding
-        testEncodingGeneralizedTime(X509Name.DATE_OF_BIRTH, "20020122122220Z");
-        testEncodingUTF8String(X509Name.CN, "Mörsky");
-        //
-        // composite
-        //
-        Hashtable                   attrs = new Hashtable();
-
-        attrs.put(X509Name.C, "AU");
-        attrs.put(X509Name.O, "The Legion of the Bouncy Castle");
-        attrs.put(X509Name.L, "Melbourne");
-        attrs.put(X509Name.ST, "Victoria");
-        attrs.put(X509Name.E, "feedback-crypto@bouncycastle.org");
-
-        Vector                     order = new Vector();
-
-        order.addElement(X509Name.C);
-        order.addElement(X509Name.O);
-        order.addElement(X509Name.L);
-        order.addElement(X509Name.ST);
-        order.addElement(X509Name.E);
-
-        X509Name    name1 = new X509Name(order, attrs);
-
-        if (!name1.equals(name1))
-        {
-            fail("Failed same object test");
-        }
-
-        if (!name1.equals(name1, true))
-        {
-            fail("Failed same object test - in Order");
-        }
-
-        X509Name    name2 = new X509Name(order, attrs);
-
-        if (!name1.equals(name2))
-        {
-            fail("Failed same name test");
-        }
-
-        if (!name1.equals(name2, true))
-        {
-            fail("Failed same name test - in Order");
-        }
-
-        if (name1.hashCode() != name2.hashCode())
-        {
-            fail("Failed same name test - in Order");
-        }
-
-        Vector  ord1 = new Vector();
-
-        ord1.addElement(X509Name.C);
-        ord1.addElement(X509Name.O);
-        ord1.addElement(X509Name.L);
-        ord1.addElement(X509Name.ST);
-        ord1.addElement(X509Name.E);
-
-        Vector  ord2 = new Vector();
-
-        ord2.addElement(X509Name.E);
-        ord2.addElement(X509Name.ST);
-        ord2.addElement(X509Name.L);
-        ord2.addElement(X509Name.O);
-        ord2.addElement(X509Name.C);
-
-        name1 = new X509Name(ord1, attrs);
-        name2 = new X509Name(ord2, attrs);
-
-        if (!name1.equals(name2))
-        {
-            fail("Failed reverse name test");
-        }
-
-        if (name1.hashCode() != name2.hashCode())
-        {
-            fail("Failed reverse name test hashCode");
-        }
-
-        if (name1.equals(name2, true))
-        {
-            fail("Failed reverse name test - in Order");
-        }
-
-        if (!name1.equals(name2, false))
-        {
-            fail("Failed reverse name test - in Order false");
-        }
-
-        Vector oids = name1.getOIDs();
-        if (!compareVectors(oids, ord1))
-        {
-            fail("oid comparison test");
-        }
-
-        Vector val1 = new Vector();
-
-        val1.addElement("AU");
-        val1.addElement("The Legion of the Bouncy Castle");
-        val1.addElement("Melbourne");
-        val1.addElement("Victoria");
-        val1.addElement("feedback-crypto@bouncycastle.org");
-
-        name1 = new X509Name(ord1, val1);
-        
-        Vector values = name1.getValues();
-        if (!compareVectors(values, val1))
-        {
-            fail("value comparison test");
-        }
-
-        ord2 = new Vector();
-
-        ord2.addElement(X509Name.ST);
-        ord2.addElement(X509Name.ST);
-        ord2.addElement(X509Name.L);
-        ord2.addElement(X509Name.O);
-        ord2.addElement(X509Name.C);
-
-        name1 = new X509Name(ord1, attrs);
-        name2 = new X509Name(ord2, attrs);
-
-        if (name1.equals(name2))
-        {
-            fail("Failed different name test");
-        }
-
-        ord2 = new Vector();
-
-        ord2.addElement(X509Name.ST);
-        ord2.addElement(X509Name.L);
-        ord2.addElement(X509Name.O);
-        ord2.addElement(X509Name.C);
-
-        name1 = new X509Name(ord1, attrs);
-        name2 = new X509Name(ord2, attrs);
-
-        if (name1.equals(name2))
-        {
-            fail("Failed subset name test");
-        }
-
-        compositeTest();
-
-        ByteArrayOutputStream bOut;
-        ASN1OutputStream aOut;
-        ASN1InputStream aIn;
-
-        //
-        // getValues test
-        //
-        Vector v1 = name1.getValues(X509Name.O);
-
-        if (v1.size() != 1 || !v1.elementAt(0).equals("The Legion of the Bouncy Castle"))
-        {
-            fail("O test failed");
-        }
-
-        Vector v2 = name1.getValues(X509Name.L);
-
-        if (v2.size() != 1 || !v2.elementAt(0).equals("Melbourne"))
-        {
-            fail("L test failed");
-        }
-
-        //
-        // general subjects test
-        //
-        for (int i = 0; i != subjects.length; i++)
-        {
-            X509Name    name = new X509Name(subjects[i]);
-
-            bOut = new ByteArrayOutputStream();
-            aOut = new ASN1OutputStream(bOut);
-
-            aOut.writeObject(name);
-
-            aIn = new ASN1InputStream(new ByteArrayInputStream(bOut.toByteArray()));
-
-            name = X509Name.getInstance(aIn.readObject());
-
-            if (!name.toString().equals(subjects[i]))
-            {
-                fail("failed regeneration test " + i + " got " + name.toString());
-            }
-        }
-
-        //
-        // sort test
-        //
-        X509Name unsorted = new X509Name("SERIALNUMBER=BBB + CN=AA");
-
-        if (!fromBytes(unsorted.getEncoded()).toString().equals("CN=AA+SERIALNUMBER=BBB"))
-        {
-            fail("failed sort test 1");
-        }
-
-        unsorted = new X509Name("CN=AA + SERIALNUMBER=BBB");
-
-        if (!fromBytes(unsorted.getEncoded()).toString().equals("CN=AA+SERIALNUMBER=BBB"))
-        {
-            fail("failed sort test 2");
-        }
-
-        unsorted = new X509Name("SERIALNUMBER=B + CN=AA");
-
-        if (!fromBytes(unsorted.getEncoded()).toString().equals("SERIALNUMBER=B+CN=AA"))
-        {
-            fail("failed sort test 3");
-        }
-
-        unsorted = new X509Name("CN=AA + SERIALNUMBER=B");
-
-        if (!fromBytes(unsorted.getEncoded()).toString().equals("SERIALNUMBER=B+CN=AA"))
-        {
-            fail("failed sort test 4");
-        }
-
-        //
-        // equality tests
-        //
-        equalityTest(new X509Name("CN=The     Legion"), new X509Name("CN=The Legion"));
-        equalityTest(new X509Name("CN=   The Legion"), new X509Name("CN=The Legion"));
-        equalityTest(new X509Name("CN=The Legion   "), new X509Name("CN=The Legion"));
-        equalityTest(new X509Name("CN=  The     Legion "), new X509Name("CN=The Legion"));
-        equalityTest(new X509Name("CN=  the     legion "), new X509Name("CN=The Legion"));
-
-        // # test
-
-        X509Name n1 = new X509Name("SERIALNUMBER=8,O=ABC,CN=ABC Class 3 CA,C=LT");
-        X509Name n2 = new X509Name("2.5.4.5=8,O=ABC,CN=ABC Class 3 CA,C=LT");
-        X509Name n3 = new X509Name("2.5.4.5=#130138,O=ABC,CN=ABC Class 3 CA,C=LT");
-
-        equalityTest(n1, n2);
-        equalityTest(n2, n3);
-        equalityTest(n3, n1);
-
-        n1 = new X509Name(true, "2.5.4.5=#130138,CN=SSC Class 3 CA,O=UAB Skaitmeninio sertifikavimo centras,C=LT");
-        n2 = new X509Name(true, "SERIALNUMBER=#130138,CN=SSC Class 3 CA,O=UAB Skaitmeninio sertifikavimo centras,C=LT");
-        n3 = X509Name.getInstance(ASN1Primitive.fromByteArray(Hex.decode("3063310b3009060355040613024c54312f302d060355040a1326"
-            + "55414220536b6169746d656e696e696f20736572746966696b6176696d6f2063656e74726173311730150603550403130e53534320436c6173732033204341310a30080603550405130138")));
-
-        equalityTest(n1, n2);
-        equalityTest(n2, n3);
-        equalityTest(n3, n1);
-
-        n1 = new X509Name("SERIALNUMBER=8,O=XX,CN=ABC Class 3 CA,C=LT");
-        n2 = new X509Name("2.5.4.5=8,O=,CN=ABC Class 3 CA,C=LT");
-
-        if (n1.equals(n2))
-        {
-            fail("empty inequality check failed");
-        }
-
-        n1 = new X509Name("SERIALNUMBER=8,O=,CN=ABC Class 3 CA,C=LT");
-        n2 = new X509Name("2.5.4.5=8,O=,CN=ABC Class 3 CA,C=LT");
-
-        equalityTest(n1, n2);
-        
-        //
-        // inequality to sequences
-        //
-        name1 = new X509Name("CN=The Legion");
-
-        if (name1.equals(new DERSequence()))
-        {
-            fail("inequality test with sequence");
-        }
-
-        if (name1.equals(new DERSequence(new DERSet())))
-        {
-            fail("inequality test with sequence and set");
-        }
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(new ASN1ObjectIdentifier("1.1"));
-        v.add(new ASN1ObjectIdentifier("1.1"));
-        if (name1.equals(new DERSequence(new DERSet(new DERSet(v)))))
-        {
-            fail("inequality test with sequence and bad set");
-        }
-
-        if (name1.equals(new DERSequence(new DERSet(new DERSet(v))), true))
-        {
-            fail("inequality test with sequence and bad set");
-        }
-
-        if (name1.equals(new DERSequence(new DERSet(new DERSequence()))))
-        {
-            fail("inequality test with sequence and short sequence");
-        }
-
-        if (name1.equals(new DERSequence(new DERSet(new DERSequence())), true))
-        {
-            fail("inequality test with sequence and short sequence");
-        }
-
-        v = new ASN1EncodableVector();
-
-        v.add(new ASN1ObjectIdentifier("1.1"));
-        v.add(new DERSequence());
-
-        if (name1.equals(new DERSequence(new DERSet(new DERSequence(v)))))
-        {
-            fail("inequality test with sequence and bad sequence");
-        }
-
-        if (name1.equals(null))
-        {
-            fail("inequality test with null");
-        }
-
-        if (name1.equals(null, true))
-        {
-            fail("inequality test with null");
-        }
-
-        //
-        // this is contrived but it checks sorting of sets with equal elements
-        //
-        unsorted = new X509Name("CN=AA + CN=AA + CN=AA");
-
-        //
-        // tagging test - only works if CHOICE implemented
-        //
-        /*
-        ASN1TaggedObject tag = new DERTaggedObject(false, 1, new X509Name("CN=AA"));
-
-        if (!tag.isExplicit())
-        {
-            fail("failed to explicitly tag CHOICE object");
-        }
-
-        X509Name name = X509Name.getInstance(tag, false);
-
-        if (!name.equals(new X509Name("CN=AA")))
-        {
-            fail("failed to recover tagged name");
-        }
-        */
-
-        DERUTF8String testString = new DERUTF8String("The Legion of the Bouncy Castle");
-        byte[] encodedBytes = testString.getEncoded();
-        byte[] hexEncodedBytes = Hex.encode(encodedBytes);
-        String hexEncodedString = "#" + new String(hexEncodedBytes);
-
-        DERUTF8String converted = (DERUTF8String)
-            new X509DefaultEntryConverter().getConvertedValue(
-                X509Name.L , hexEncodedString);
-
-        if (!converted.equals(testString))
-        {
-            fail("failed X509DefaultEntryConverter test");
-        }
-
-        //
-        // try escaped.
-        //
-        converted = (DERUTF8String)
-            new X509DefaultEntryConverter().getConvertedValue(
-                X509Name.L , "\\" + hexEncodedString);
-
-        if (!converted.equals(new DERUTF8String(hexEncodedString)))
-        {
-            fail("failed X509DefaultEntryConverter test got " + converted + " expected: " + hexEncodedString);
-        }
-        
-        //
-        // try a weird value
-        //
-        X509Name n = new X509Name("CN=\\#nothex#string");
-
-        if (!n.toString().equals("CN=\\#nothex#string"))
-        {
-            fail("# string not properly escaped.");
-        }
-
-        Vector vls = n.getValues(X509Name.CN);
-        if (vls.size() != 1 || !vls.elementAt(0).equals("#nothex#string"))
-        {
-            fail("escaped # not reduced properly");
-        }
-
-        n = new X509Name("CN=\"a+b\"");
-
-        vls = n.getValues(X509Name.CN);
-        if (vls.size() != 1 || !vls.elementAt(0).equals("a+b"))
-        {
-            fail("escaped + not reduced properly");
-        }
-
-        n = new X509Name("CN=a\\+b");
-
-        vls = n.getValues(X509Name.CN);
-        if (vls.size() != 1 || !vls.elementAt(0).equals("a+b"))
-        {
-            fail("escaped + not reduced properly");
-        }
-
-        if (!n.toString().equals("CN=a\\+b"))
-        {
-            fail("+ in string not properly escaped.");
-        }
-
-        n = new X509Name("CN=a\\=b");
-
-        vls = n.getValues(X509Name.CN);
-        if (vls.size() != 1 || !vls.elementAt(0).equals("a=b"))
-        {
-            fail("escaped = not reduced properly");
-        }
-
-        if (!n.toString().equals("CN=a\\=b"))
-        {
-            fail("= in string not properly escaped.");
-        }
-
-        n = new X509Name("TELEPHONENUMBER=\"+61999999999\"");
-
-        vls = n.getValues(X509Name.TELEPHONE_NUMBER);
-        if (vls.size() != 1 || !vls.elementAt(0).equals("+61999999999"))
-        {
-            fail("telephonenumber escaped + not reduced properly");
-        }
-
-        n = new X509Name("TELEPHONENUMBER=\\+61999999999");
-
-        vls = n.getValues(X509Name.TELEPHONE_NUMBER);
-        if (vls.size() != 1 || !vls.elementAt(0).equals("+61999999999"))
-        {
-            fail("telephonenumber escaped + not reduced properly");
-        }
-
-        // migration
-        X500NameBuilder builder = new X500NameBuilder(BCStyle.INSTANCE);
-        builder.addMultiValuedRDN(new ASN1ObjectIdentifier[] { BCStyle.CN, BCStyle.SN }, new String[] { "Thomas", "CVR:12341233-UID:1111" });
-        builder.addRDN(BCStyle.O, "Test");
-        builder.addRDN(BCStyle.C, "DK");
-
-        X500Name subject = builder.build();
-        ASN1Primitive derObject = subject.toASN1Primitive();
-        X509Name instance = X509Name.getInstance(derObject);
-    }
-
-    private boolean compareVectors(Vector a, Vector b)    // for compatibility with early JDKs
-    {
-        if (a.size() != b.size())
-        {
-            return false;
-        }
-
-        for (int i = 0; i != a.size(); i++)
-        {
-            if (!a.elementAt(i).equals(b.elementAt(i)))
-            {
-                return false;
-            }
-        }
-
-        return true;
-    }
-
-    private void compositeTest()
-        throws IOException
-    {
-        //
-        // composite test
-        //
-        byte[]  enc = Hex.decode("305e310b300906035504061302415531283026060355040a0c1f546865204c6567696f6e206f662074686520426f756e637920436173746c653125301006035504070c094d656c626f75726e653011060355040b0c0a4173636f742056616c65");
-        ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(enc));
-
-        X509Name    n = X509Name.getInstance(aIn.readObject());
-
-        if (!n.toString().equals("C=AU,O=The Legion of the Bouncy Castle,L=Melbourne+OU=Ascot Vale"))
-        {
-            fail("Failed composite to string test got: " + n.toString());
-        }
-
-        if (!n.toString(true, X509Name.DefaultSymbols).equals("L=Melbourne+OU=Ascot Vale,O=The Legion of the Bouncy Castle,C=AU"))
-        {
-            fail("Failed composite to string test got: " + n.toString(true, X509Name.DefaultSymbols));
-        }
-
-        n = new X509Name(true, "L=Melbourne+OU=Ascot Vale,O=The Legion of the Bouncy Castle,C=AU");
-        if (!n.toString().equals("C=AU,O=The Legion of the Bouncy Castle,L=Melbourne+OU=Ascot Vale"))
-        {
-            fail("Failed composite to string reversal test got: " + n.toString());
-        }
-
-        n = new X509Name("C=AU, O=The Legion of the Bouncy Castle, L=Melbourne + OU=Ascot Vale");
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        ASN1OutputStream aOut = new ASN1OutputStream(bOut);
-
-        aOut.writeObject(n);
-
-        byte[]  enc2 = bOut.toByteArray();
-
-        if (!Arrays.areEqual(enc, enc2))
-        {
-            //fail("Failed composite string to encoding test");
-        }
-        
-        //
-        // dud name test - handle empty DN without barfing.
-        //
-        n = new X509Name("C=CH,O=,OU=dummy,CN=mail@dummy.com");
-
-        n = X509Name.getInstance(ASN1Primitive.fromByteArray(n.getEncoded()));
-    }
-
-    private void equalityTest(X509Name x509Name, X509Name x509Name1)
-    {
-        if (!x509Name.equals(x509Name1))
-        {
-            fail("equality test failed for " + x509Name + " : " + x509Name1);
-        }
-
-        if (x509Name.hashCode() != x509Name1.hashCode())
-        {
-            fail("hashCodeTest test failed for " + x509Name + " : " + x509Name1);
-        }
-
-        if (!x509Name.equals(x509Name1, true))
-        {
-            fail("equality test failed for " + x509Name + " : " + x509Name1);
-        }
-    }
-
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new X509NameTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/X9Test.java b/bcprov/src/main/java/org/bouncycastle/asn1/test/X9Test.java
deleted file mode 100644
index 3fc3e14..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/X9Test.java
+++ /dev/null

@@ -1,174 +0,0 @@
-package org.bouncycastle.asn1.test;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.sec.ECPrivateKey;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x9.X962NamedCurves;
-import org.bouncycastle.asn1.x9.X962Parameters;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.asn1.x9.X9ECPoint;
-import org.bouncycastle.asn1.x9.X9IntegerConverter;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class X9Test
-    extends SimpleTest
-{
-    private byte[] namedPub = Base64.decode("MDcwEwYHKoZIzj0CAQYIKoZIzj0DAQEDIAADG5xRI+Iki/JrvL20hoDUa7Cggzorv5B9yyqSMjYu");
-    private byte[] expPub = Base64.decode(
-                "MIH8MIHXBgcqhkjOPQIBMIHLAgEBMCkGByqGSM49AQECHn///////////////3///////4AAAA" +
-                "AAAH///////zBXBB5///////////////9///////+AAAAAAAB///////wEHiVXBfoqMGZUsfTL" +
-                "A9anUKMMJQEC1JiHF9m6FattPgMVAH1zdBaP/jRxtgqFdoahlHXTv6L/BB8DZ2iujhi7ks/PAF" +
-                "yUmqLG2UhT0OZgu/hUsclQX+laAh5///////////////9///+XXetBs6YFfDxDIUZSZVECAQED" +
-                "IAADG5xRI+Iki/JrvL20hoDUa7Cggzorv5B9yyqSMjYu");
-
-    private byte[] namedPriv = Base64.decode("MDkCAQAwEwYHKoZIzj0CAQYIKoZIzj0DAQEEHzAdAgEBBB" +
-                                                 "gAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAo=");
-
-    private byte[] expPriv = Base64.decode(
-                "MIIBBAIBADCB1wYHKoZIzj0CATCBywIBATApBgcqhkjOPQEBAh5///////////////9///////" +
-                    "+AAAAAAAB///////8wVwQef///////////////f///////gAAAAAAAf//////8BB4lVwX6KjBmVL" +
-                    "H0ywPWp1CjDCUBAtSYhxfZuhWrbT4DFQB9c3QWj/40cbYKhXaGoZR107+i/wQfA2doro4Yu5LPzw" +
-                    "BclJqixtlIU9DmYLv4VLHJUF/pWgIef///////////////f///l13rQbOmBXw8QyFGUmVRAgEBBC" +
-                    "UwIwIBAQQeAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAU");
-
-    private void encodePublicKey()
-        throws Exception
-    {
-        X9ECParameters          ecP = X962NamedCurves.getByOID(X9ObjectIdentifiers.prime239v3);
-
-        X9IntegerConverter conv = new X9IntegerConverter();
-
-        if (conv.getByteLength(ecP.getCurve()) != 30)
-        {
-            fail("wrong byte length reported for curve");
-        }
-
-        if (ecP.getCurve().getFieldSize() != 239)
-        {
-            fail("wrong field size reported for curve");
-        }
-
-        //
-        // named curve
-        //
-        X962Parameters          params = new X962Parameters(X9ObjectIdentifiers.prime192v1);
-        ECPoint                 point = ecP.getG().multiply(BigInteger.valueOf(100));
-
-        ASN1OctetString         p = new DEROctetString(point.getEncoded(true));
-
-        SubjectPublicKeyInfo    info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params), p.getOctets());
-        if (!areEqual(info.getEncoded(), namedPub))
-        {
-            fail("failed public named generation");
-        }
-
-        X9ECPoint               x9P = new X9ECPoint(ecP.getCurve(), p);
-
-        if (!Arrays.areEqual(p.getOctets(), x9P.getPoint().getEncoded()))
-        {
-            fail("point encoding not preserved");
-        }
-
-        ASN1Primitive           o = ASN1Primitive.fromByteArray(namedPub);
-
-        if (!info.equals(o))
-        {
-            fail("failed public named equality");
-        }
-
-        //
-        // explicit curve parameters
-        //
-        params = new X962Parameters(ecP);
-
-        info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params), p.getOctets());
-
-        if (!areEqual(info.getEncoded(), expPub))
-        {
-            fail("failed public explicit generation");
-        }
-
-        o = ASN1Primitive.fromByteArray(expPub);
-
-        if (!info.equals(o))
-        {
-            fail("failed public explicit equality");
-        }
-    }
-
-    private void encodePrivateKey()
-        throws Exception
-    {
-        X9ECParameters          ecP = X962NamedCurves.getByOID(X9ObjectIdentifiers.prime192v1);
-
-        //
-        // named curve
-        //
-        X962Parameters          params = new X962Parameters(X9ObjectIdentifiers.prime192v1);
-
-        PrivateKeyInfo          info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params),
-            new ECPrivateKey(ecP.getN().bitLength(), BigInteger.valueOf(10)));
-
-        if (!areEqual(info.getEncoded(), namedPriv))
-        {
-            fail("failed private named generation");
-        }
-
-        ASN1Primitive           o = ASN1Primitive.fromByteArray(namedPriv);
-
-        if (!info.equals(o))
-        {
-            fail("failed private named equality");
-        }
-
-        //
-        // explicit curve parameters
-        //
-        ecP = X962NamedCurves.getByOID(X9ObjectIdentifiers.prime239v3);
-
-        params = new X962Parameters(ecP);
-
-        info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params),
-            new ECPrivateKey(ecP.getN().bitLength(), BigInteger.valueOf(20)));
-
-        if (!areEqual(info.getEncoded(), expPriv))
-        {
-            fail("failed private explicit generation");
-        }
-
-        o = ASN1Primitive.fromByteArray(expPriv);
-
-        if (!info.equals(o))
-        {
-            fail("failed private explicit equality");
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        encodePublicKey();
-        encodePrivateKey();
-    }
-
-    public String getName()
-    {
-        return "X9";
-    }
-                                                      
-    public static void main(
-        String[]    args)
-    {
-        runTest(new X9Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/test/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/test/package.html
deleted file mode 100644
index df45e19..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/test/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Test programs for the ASN.1 package.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/Accuracy.java b/bcprov/src/main/java/org/bouncycastle/asn1/tsp/Accuracy.java
deleted file mode 100644
index 1d618ff..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/Accuracy.java
+++ /dev/null

@@ -1,174 +0,0 @@
-package org.bouncycastle.asn1.tsp;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-
-
-public class Accuracy
-    extends ASN1Object
-{
-    ASN1Integer seconds;
-
-    ASN1Integer millis;
-
-    ASN1Integer micros;
-
-    // constantes
-    protected static final int MIN_MILLIS = 1;
-
-    protected static final int MAX_MILLIS = 999;
-
-    protected static final int MIN_MICROS = 1;
-
-    protected static final int MAX_MICROS = 999;
-
-    protected Accuracy()
-    {
-    }
-
-    public Accuracy(
-        ASN1Integer seconds,
-        ASN1Integer millis,
-        ASN1Integer micros)
-    {
-        this.seconds = seconds;
-
-        //Verifications
-        if (millis != null
-                && (millis.getValue().intValue() < MIN_MILLIS || millis
-                        .getValue().intValue() > MAX_MILLIS))
-        {
-            throw new IllegalArgumentException(
-                    "Invalid millis field : not in (1..999)");
-        }
-        else
-        {
-            this.millis = millis;
-        }
-
-        if (micros != null
-                && (micros.getValue().intValue() < MIN_MICROS || micros
-                        .getValue().intValue() > MAX_MICROS))
-        {
-            throw new IllegalArgumentException(
-                    "Invalid micros field : not in (1..999)");
-        }
-        else
-        {
-            this.micros = micros;
-        }
-
-    }
-
-    private Accuracy(ASN1Sequence seq)
-    {
-        seconds = null;
-        millis = null;
-        micros = null;
-
-        for (int i = 0; i < seq.size(); i++)
-        {
-            // seconds
-            if (seq.getObjectAt(i) instanceof ASN1Integer)
-            {
-                seconds = (ASN1Integer) seq.getObjectAt(i);
-            }
-            else if (seq.getObjectAt(i) instanceof ASN1TaggedObject)
-            {
-                ASN1TaggedObject extra = (ASN1TaggedObject)seq.getObjectAt(i);
-
-                switch (extra.getTagNo())
-                {
-                case 0:
-                    millis = ASN1Integer.getInstance(extra, false);
-                    if (millis.getValue().intValue() < MIN_MILLIS
-                            || millis.getValue().intValue() > MAX_MILLIS)
-                    {
-                        throw new IllegalArgumentException(
-                                "Invalid millis field : not in (1..999).");
-                    }
-                    break;
-                case 1:
-                    micros = ASN1Integer.getInstance(extra, false);
-                    if (micros.getValue().intValue() < MIN_MICROS
-                            || micros.getValue().intValue() > MAX_MICROS)
-                    {
-                        throw new IllegalArgumentException(
-                                "Invalid micros field : not in (1..999).");
-                    }
-                    break;
-                default:
-                    throw new IllegalArgumentException("Invalig tag number");
-                }
-            }
-        }
-    }
-
-    public static Accuracy getInstance(Object o)
-    {
-        if (o instanceof Accuracy)
-        {
-            return (Accuracy) o;
-        }
-
-        if (o != null)
-        {
-            return new Accuracy(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public ASN1Integer getSeconds()
-    {
-        return seconds;
-    }
-
-    public ASN1Integer getMillis()
-    {
-        return millis;
-    }
-
-    public ASN1Integer getMicros()
-    {
-        return micros;
-    }
-
-    /**
-     * <pre>
-     * Accuracy ::= SEQUENCE {
-     *             seconds        INTEGER              OPTIONAL,
-     *             millis     [0] INTEGER  (1..999)    OPTIONAL,
-     *             micros     [1] INTEGER  (1..999)    OPTIONAL
-     *             }
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        
-        if (seconds != null)
-        {
-            v.add(seconds);
-        }
-        
-        if (millis != null)
-        {
-            v.add(new DERTaggedObject(false, 0, millis));
-        }
-        
-        if (micros != null)
-        {
-            v.add(new DERTaggedObject(false, 1, micros));
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/ArchiveTimeStamp.java b/bcprov/src/main/java/org/bouncycastle/asn1/tsp/ArchiveTimeStamp.java
deleted file mode 100644
index 8095d53..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/ArchiveTimeStamp.java
+++ /dev/null

@@ -1,210 +0,0 @@
-package org.bouncycastle.asn1.tsp;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.cms.Attributes;
-import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.cms.SignedData;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * Implementation of the Archive Timestamp type defined in RFC4998.
- * {@see <a href="https://tools.ietf.org/html/rfc4998">RFC 4998</a>}
- * <p>
- * ASN.1 Archive Timestamp
- * <p>
- * ArchiveTimeStamp ::= SEQUENCE {
- * digestAlgorithm [Ø] AlgorithmIdentifier OPTIONAL,
- * attributes      [1] Attributes OPTIONAL,
- * reducedHashtree [2] SEQUENCE OF PartialHashtree OPTIONAL,
- * timeStamp       ContentInfo}
- * <p>
- * PartialHashtree ::= SEQUENCE OF OCTET STRING
- * <p>
- * Attributes ::= SET SIZE (1..MAX) OF Attribute
- */
-public class ArchiveTimeStamp
-    extends ASN1Object
-{
-    private AlgorithmIdentifier digestAlgorithm;
-    private Attributes attributes;
-    private ASN1Sequence reducedHashTree;
-    private ContentInfo timeStamp;
-
-    /**
-     * Return an ArchiveTimestamp from the given object.
-     *
-     * @param obj the object we want converted.
-     * @return an ArchiveTimestamp instance, or null.
-     * @throws IllegalArgumentException if the object cannot be converted.
-     */
-    public static ArchiveTimeStamp getInstance(final Object obj)
-    {
-        if (obj instanceof ArchiveTimeStamp)
-        {
-            return (ArchiveTimeStamp)obj;
-        }
-        else if (obj != null)
-        {
-            return new ArchiveTimeStamp(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public ArchiveTimeStamp(
-        AlgorithmIdentifier digestAlgorithm,
-        PartialHashtree[] reducedHashTree,
-        ContentInfo timeStamp)
-    {
-        this.digestAlgorithm = digestAlgorithm;
-        this.reducedHashTree = new DERSequence(reducedHashTree);
-        this.timeStamp = timeStamp;
-    }
-
-    public ArchiveTimeStamp(
-        AlgorithmIdentifier digestAlgorithm,
-        Attributes attributes,
-        PartialHashtree[] reducedHashTree,
-        ContentInfo timeStamp)
-    {
-        this.digestAlgorithm = digestAlgorithm;
-        this.attributes = attributes;
-        this.reducedHashTree = new DERSequence(reducedHashTree);
-        this.timeStamp = timeStamp;
-    }
-
-    public ArchiveTimeStamp(
-        ContentInfo timeStamp)
-    {
-        this.timeStamp = timeStamp;
-    }
-
-    private ArchiveTimeStamp(final ASN1Sequence sequence)
-    {
-        if (sequence.size() < 1 || sequence.size() > 4)
-        {
-            throw new IllegalArgumentException("wrong sequence size in constructor: " + sequence.size());
-        }
-
-        for (int i = 0; i < sequence.size() - 1; i++)
-        {
-            Object obj = sequence.getObjectAt(i);
-
-            if (obj instanceof ASN1TaggedObject)
-            {
-                ASN1TaggedObject taggedObject = ASN1TaggedObject.getInstance(obj);
-
-                switch (taggedObject.getTagNo())
-                {
-                case 0:
-                    digestAlgorithm = AlgorithmIdentifier.getInstance(taggedObject, false);
-                    break;
-                case 1:
-                    attributes = Attributes.getInstance(taggedObject, false);
-                    break;
-                case 2:
-                    reducedHashTree = ASN1Sequence.getInstance(taggedObject, false);
-                    break;
-                default:
-                    throw new IllegalArgumentException("invalid tag no in constructor: "
-                        + taggedObject.getTagNo());
-                }
-            }
-        }
-
-        timeStamp = ContentInfo.getInstance(sequence.getObjectAt(sequence.size() - 1));
-    }
-
-    public AlgorithmIdentifier getDigestAlgorithmIdentifier()
-    {
-        if (digestAlgorithm != null)
-        {
-            return digestAlgorithm;
-        }
-        else
-        {
-            if (timeStamp.getContentType().equals(CMSObjectIdentifiers.signedData))
-            {
-                SignedData tsData = SignedData.getInstance(timeStamp.getContent());
-                if (tsData.getEncapContentInfo().getContentType().equals(PKCSObjectIdentifiers.id_ct_TSTInfo))
-                {
-                    TSTInfo tstData = TSTInfo.getInstance(tsData.getEncapContentInfo());
-
-                    return tstData.getMessageImprint().getHashAlgorithm();
-                }
-                else
-                {
-                    throw new IllegalStateException("cannot parse time stamp");
-                }
-            }
-            else
-            {
-                throw new IllegalStateException("cannot identify algorithm identifier for digest");
-            }
-        }
-    }
-
-    /**
-     * Return the contents of the digestAlgorithm field - null if not set.
-     *
-     * @return the contents of the digestAlgorithm field, or null if not set.
-     */
-    public AlgorithmIdentifier getDigestAlgorithm()
-    {
-        return digestAlgorithm;
-    }
-
-    public PartialHashtree[] getReducedHashTree()
-    {
-        if (reducedHashTree == null)
-        {
-           return null;
-        }
-
-        PartialHashtree[] rv = new PartialHashtree[reducedHashTree.size()];
-
-        for (int i = 0; i != rv.length; i++)
-        {
-            rv[i] = PartialHashtree.getInstance(reducedHashTree.getObjectAt(i));
-        }
-
-        return rv;
-    }
-
-    public ContentInfo getTimeStamp()
-    {
-        return timeStamp;
-    }
-    
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        if (digestAlgorithm != null)
-        {
-            v.add(new DERTaggedObject(false, 0, digestAlgorithm));
-        }
-
-        if (attributes != null)
-        {
-            v.add(new DERTaggedObject(false, 1, attributes));
-        }
-
-        if (reducedHashTree != null)
-        {
-            v.add(new DERTaggedObject(false, 2, reducedHashTree));
-        }
-
-        v.add(timeStamp);
-
-        return new DERSequence(v);
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/ArchiveTimeStampChain.java b/bcprov/src/main/java/org/bouncycastle/asn1/tsp/ArchiveTimeStampChain.java
deleted file mode 100644
index f96948b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/ArchiveTimeStampChain.java
+++ /dev/null

@@ -1,104 +0,0 @@
-package org.bouncycastle.asn1.tsp;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * Implementation of ArchiveTimeStampChain type, as defined in RFC4998 and RFC6283.
- * <p>
- * An ArchiveTimeStampChain corresponds to a SEQUENCE OF ArchiveTimeStamps, and has the following
- * ASN.1 Syntax:
- * <p>
- * ArchiveTimeStampChain ::= SEQUENCE OF ArchiveTimeStamp
- */
-public class ArchiveTimeStampChain
-    extends ASN1Object
-{
-    private ASN1Sequence archiveTimestamps;
-
-    /**
-     * Return an ArchiveTimeStampChain from the given object.
-     *
-     * @param obj the object we want converted.
-     * @return an ArchiveTimeStampChain instance, or null.
-     * @throws IllegalArgumentException if the object cannot be converted.
-     */
-    public static ArchiveTimeStampChain getInstance(final Object obj)
-    {
-        if (obj instanceof ArchiveTimeStampChain)
-        {
-            return (ArchiveTimeStampChain)obj;
-        }
-        else if (obj != null)
-        {
-            return new ArchiveTimeStampChain(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public ArchiveTimeStampChain(ArchiveTimeStamp archiveTimeStamp)
-    {
-        archiveTimestamps = new DERSequence(archiveTimeStamp);
-    }
-
-    public ArchiveTimeStampChain(ArchiveTimeStamp[] archiveTimeStamps)
-    {
-        archiveTimestamps = new DERSequence(archiveTimeStamps);
-    }
-
-    private ArchiveTimeStampChain(final ASN1Sequence sequence)
-    {
-        final ASN1EncodableVector vector = new ASN1EncodableVector();
-        final Enumeration objects = sequence.getObjects();
-
-        while (objects.hasMoreElements())
-        {
-            vector.add(ArchiveTimeStamp.getInstance(objects.nextElement()));
-        }
-
-        archiveTimestamps = new DERSequence(vector);
-    }
-
-    public ArchiveTimeStamp[] getArchiveTimestamps()
-    {
-        ArchiveTimeStamp[] rv = new ArchiveTimeStamp[archiveTimestamps.size()];
-
-        for (int i = 0; i != rv.length; i++)
-        {
-            rv[i] = ArchiveTimeStamp.getInstance(archiveTimestamps.getObjectAt(i));
-        }
-
-        return rv;
-    }
-
-    /**
-     * Adds an {@link ArchiveTimeStamp} object to the archive timestamp chain.
-     *
-     * @param archiveTimeStamp the {@link ArchiveTimeStamp} to add.
-     * @return returns the modified chain.
-     */
-    public ArchiveTimeStampChain append(final ArchiveTimeStamp archiveTimeStamp)
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        for (int i = 0; i != archiveTimestamps.size(); i++)
-        {
-            v.add(archiveTimestamps.getObjectAt(i));
-        }
-
-        v.add(archiveTimeStamp);
-
-        return new ArchiveTimeStampChain(new DERSequence(v));
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return archiveTimestamps;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/ArchiveTimeStampSequence.java b/bcprov/src/main/java/org/bouncycastle/asn1/tsp/ArchiveTimeStampSequence.java
deleted file mode 100644
index 15af812..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/ArchiveTimeStampSequence.java
+++ /dev/null

@@ -1,115 +0,0 @@
-package org.bouncycastle.asn1.tsp;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * Implementation of ArchiveTimeStampSequence type, as defined in RFC4998.
- * <p>
- * An ArchiveTimeStampSequence corresponds to a SEQUENCE OF ArchiveTimeStampChains and has the
- * following ASN.1 Syntax:
- * <p>
- * ArchiveTimeStampSequence ::= SEQUENCE OF ArchiveTimeStampChain
- */
-public class ArchiveTimeStampSequence
-    extends ASN1Object
-{
-    private ASN1Sequence archiveTimeStampChains;
-
-    /**
-     * Return an ArchiveTimestampSequence from the given object.
-     *
-     * @param obj the object we want converted.
-     * @return an ArchiveTimeStampSequence instance, or null.
-     * @throws IllegalArgumentException if the object cannot be converted.
-     */
-    public static ArchiveTimeStampSequence getInstance(final Object obj)
-    {
-        if (obj instanceof ArchiveTimeStampChain)
-        {
-            return (ArchiveTimeStampSequence)obj;
-        }
-        else if (obj != null)
-        {
-            return new ArchiveTimeStampSequence(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private ArchiveTimeStampSequence(final ASN1Sequence sequence)
-        throws IllegalArgumentException
-    {
-        final ASN1EncodableVector vector = new ASN1EncodableVector();
-        Enumeration objects = sequence.getObjects();
-
-        while (objects.hasMoreElements())
-        {
-            vector.add(ArchiveTimeStampChain.getInstance(objects.nextElement()));
-        }
-
-        this.archiveTimeStampChains = new DERSequence(vector);
-    }
-
-    public ArchiveTimeStampSequence(ArchiveTimeStampChain archiveTimeStampChain)
-    {
-        this.archiveTimeStampChains = new DERSequence(archiveTimeStampChain);
-    }
-
-    public ArchiveTimeStampSequence(ArchiveTimeStampChain[] archiveTimeStampChains)
-    {
-        this.archiveTimeStampChains = new DERSequence(archiveTimeStampChains);
-    }
-
-    /**
-     * Returns the sequence of ArchiveTimeStamp chains that compose the ArchiveTimeStamp sequence.
-     *
-     * @return the {@link ASN1Sequence} containing the ArchiveTimeStamp chains.
-     */
-    public ArchiveTimeStampChain[] getArchiveTimeStampChains()
-    {
-        ArchiveTimeStampChain[] rv = new ArchiveTimeStampChain[archiveTimeStampChains.size()];
-
-        for (int i = 0; i != rv.length; i++)
-        {
-            rv[i] = ArchiveTimeStampChain.getInstance(archiveTimeStampChains.getObjectAt(i));
-        }
-
-        return rv;
-    }
-
-    public int size()
-    {
-        return archiveTimeStampChains.size();
-    }
-
-    /**
-     * Adds an {@link ArchiveTimeStampChain} to the ArchiveTimeStamp sequence.
-     *
-     * @param chain the {@link ArchiveTimeStampChain} to add
-     * @return returns the modified sequence.
-     */
-    public ArchiveTimeStampSequence append(ArchiveTimeStampChain chain) {
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        for (int i = 0; i != archiveTimeStampChains.size(); i++)
-        {
-            v.add(archiveTimeStampChains.getObjectAt(i));
-        }
-
-        v.add(chain);
-
-        return new ArchiveTimeStampSequence(new DERSequence(v));
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return archiveTimeStampChains;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/CryptoInfos.java b/bcprov/src/main/java/org/bouncycastle/asn1/tsp/CryptoInfos.java
deleted file mode 100644
index 2cc02f4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/CryptoInfos.java
+++ /dev/null

@@ -1,67 +0,0 @@
-package org.bouncycastle.asn1.tsp;
-
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cms.Attribute;
-
-/**
- * Implementation of the CryptoInfos element defined in RFC 4998:
- * <p>
- * CryptoInfos ::= SEQUENCE SIZE (1..MAX) OF Attribute
- */
-public class CryptoInfos
-    extends ASN1Object
-{
-    private ASN1Sequence attributes;
-
-    public static CryptoInfos getInstance(final Object obj)
-    {
-        if (obj instanceof CryptoInfos)
-        {
-            return (CryptoInfos)obj;
-        }
-        else if (obj != null)
-        {
-            return new CryptoInfos(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public static CryptoInfos getInstance(
-        ASN1TaggedObject obj,
-        boolean explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    private CryptoInfos(final ASN1Sequence attributes)
-    {
-        this.attributes = attributes;
-    }
-
-    public CryptoInfos(Attribute[] attrs)
-    {
-        attributes = new DERSequence(attrs);
-    }
-
-    public Attribute[] getAttributes()
-    {
-        Attribute[] rv = new Attribute[attributes.size()];
-
-        for (int i = 0; i != rv.length; i++)
-        {
-            rv[i] = Attribute.getInstance(attributes.getObjectAt(i));
-        }
-
-        return rv;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return attributes;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/EncryptionInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/tsp/EncryptionInfo.java
deleted file mode 100644
index edae856..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/EncryptionInfo.java
+++ /dev/null

@@ -1,101 +0,0 @@
-package org.bouncycastle.asn1.tsp;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-
-/**
- * Implementation of the EncryptionInfo element defined in RFC 4998:
- * <p>
- * 1988 ASN.1 EncryptionInfo
- * <p>
- * EncryptionInfo       ::=     SEQUENCE {
- * encryptionInfoType     OBJECT IDENTIFIER,
- * encryptionInfoValue    ANY DEFINED BY encryptionInfoType
- * }
- * <p>
- * 1997-ASN.1 EncryptionInfo
- * <p>
- * EncryptionInfo       ::=     SEQUENCE {
- * encryptionInfoType   ENCINFO-TYPE.&id
- * ({SupportedEncryptionAlgorithms}),
- * encryptionInfoValue  ENCINFO-TYPE.&Type
- * ({SupportedEncryptionAlgorithms}{@encryptionInfoType})
- * }
- * <p>
- * ENCINFO-TYPE ::= TYPE-IDENTIFIER
- * <p>
- * SupportedEncryptionAlgorithms ENCINFO-TYPE ::= {...}
- */
-public class EncryptionInfo
-    extends ASN1Object
-{
-
-    /**
-     * The OID for EncryptionInfo type.
-     */
-    private ASN1ObjectIdentifier encryptionInfoType;
-
-    /**
-     * The value of EncryptionInfo
-     */
-    private ASN1Encodable encryptionInfoValue;
-
-    public static EncryptionInfo getInstance(final ASN1Object obj)
-    {
-        if (obj instanceof EncryptionInfo)
-        {
-            return (EncryptionInfo)obj;
-        }
-        else if (obj != null)
-        {
-            return new EncryptionInfo(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public static EncryptionInfo getInstance(
-        ASN1TaggedObject obj,
-        boolean explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    private EncryptionInfo(ASN1Sequence sequence)
-    {
-        if (sequence.size() != 2)
-        {
-            throw new IllegalArgumentException("wrong sequence size in constructor: " + sequence.size());
-        }
-
-        this.encryptionInfoType = ASN1ObjectIdentifier.getInstance(sequence.getObjectAt(0));
-        this.encryptionInfoValue = sequence.getObjectAt(1);
-    }
-
-    public EncryptionInfo(ASN1ObjectIdentifier encryptionInfoType,
-                          ASN1Encodable encryptionInfoValue)
-    {
-        this.encryptionInfoType = encryptionInfoType;
-        this.encryptionInfoValue = encryptionInfoValue;
-    }
-
-    private EncryptionInfo()
-    {
-
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-
-        final ASN1EncodableVector v = new ASN1EncodableVector();
-        v.add(encryptionInfoType);
-        v.add(encryptionInfoValue);
-
-        return ASN1Sequence.getInstance(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/EvidenceRecord.java b/bcprov/src/main/java/org/bouncycastle/asn1/tsp/EvidenceRecord.java
deleted file mode 100644
index 49bfa78..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/EvidenceRecord.java
+++ /dev/null

@@ -1,244 +0,0 @@
-package org.bouncycastle.asn1.tsp;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.BigIntegers;
-
-/**
- * <a href="https://tools.ietf.org/html/rfc4998">RFC 4998</a>:
- * Evidence Record Syntax (ERS)
- * <p>
- * <pre>
- * EvidenceRecord ::= SEQUENCE {
- *   version                   INTEGER { v1(1) } ,
- *   digestAlgorithms          SEQUENCE OF AlgorithmIdentifier,
- *   cryptoInfos               [0] CryptoInfos OPTIONAL,
- *   encryptionInfo            [1] EncryptionInfo OPTIONAL,
- *   archiveTimeStampSequence  ArchiveTimeStampSequence
- * }
- *
- * CryptoInfos ::= SEQUENCE SIZE (1..MAX) OF Attribute
- * </pre>
- */
-public class EvidenceRecord
-    extends ASN1Object
-{
-
-    /**
-     * ERS {iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) ltans(11)
-     * id-mod(0) id-mod-ers88(2) id-mod-ers88-v1(1) }
-     */
-    private static final ASN1ObjectIdentifier OID = new ASN1ObjectIdentifier("1.3.6.1.5.5.11.0.2.1");
-
-    private ASN1Integer version = new ASN1Integer(1);
-    private ASN1Sequence digestAlgorithms;
-    private CryptoInfos cryptoInfos;
-    private EncryptionInfo encryptionInfo;
-    private ArchiveTimeStampSequence archiveTimeStampSequence;
-
-    /**
-     * Return an EvidenceRecord from the given object.
-     *
-     * @param obj the object we want converted.
-     * @return an EvidenceRecord instance, or null.
-     * @throws IllegalArgumentException if the object cannot be converted.
-     */
-    public static EvidenceRecord getInstance(final Object obj)
-    {
-        if (obj instanceof EvidenceRecord)
-        {
-            return (EvidenceRecord)obj;
-        }
-        else if (obj != null)
-        {
-            return new EvidenceRecord(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private EvidenceRecord(
-        EvidenceRecord evidenceRecord,
-        ArchiveTimeStampSequence replacementSequence,
-        ArchiveTimeStamp newChainTimeStamp)
-    {
-        this.version = evidenceRecord.version;
-
-        // check the list of digest algorithms is correct.
-        if (newChainTimeStamp != null)
-        {
-            AlgorithmIdentifier algId = newChainTimeStamp.getDigestAlgorithmIdentifier();
-            final ASN1EncodableVector vector = new ASN1EncodableVector();
-            final Enumeration enumeration = evidenceRecord.digestAlgorithms.getObjects();
-            boolean found = false;
-
-            while (enumeration.hasMoreElements())
-            {
-                final AlgorithmIdentifier algorithmIdentifier = AlgorithmIdentifier.getInstance(
-                                                                            enumeration.nextElement());
-                vector.add(algorithmIdentifier);
-
-                if (algorithmIdentifier.equals(algId))
-                {
-                    found = true;
-                    break;
-                }
-            }
-
-            if (!found)
-            {
-                vector.add(algId);
-                this.digestAlgorithms = new DERSequence(vector);
-            }
-            else
-            {
-                this.digestAlgorithms = evidenceRecord.digestAlgorithms;
-            }
-        }
-        else
-        {
-            this.digestAlgorithms = evidenceRecord.digestAlgorithms;
-        }
-
-        this.cryptoInfos = evidenceRecord.cryptoInfos;
-        this.encryptionInfo = evidenceRecord.encryptionInfo;
-        this.archiveTimeStampSequence = replacementSequence;
-    }
-
-    public EvidenceRecord(
-        AlgorithmIdentifier[] digestAlgorithms,
-        CryptoInfos cryptoInfos,
-        EncryptionInfo encryptionInfo,
-        ArchiveTimeStampSequence archiveTimeStampSequence)
-    {
-        this.digestAlgorithms = new DERSequence(digestAlgorithms);
-        this.cryptoInfos = cryptoInfos;
-        this.encryptionInfo = encryptionInfo;
-        this.archiveTimeStampSequence = archiveTimeStampSequence;
-    }
-
-    private EvidenceRecord(final ASN1Sequence sequence)
-    {
-        if (sequence.size() < 3 && sequence.size() > 5)
-        {
-            throw new IllegalArgumentException("wrong sequence size in constructor: " + sequence.size());
-        }
-
-        final ASN1Integer versionNumber = ASN1Integer.getInstance(sequence.getObjectAt(0));
-        if (!versionNumber.getValue().equals(BigIntegers.ONE))
-        {
-            throw new IllegalArgumentException("incompatible version");
-        }
-        else
-        {
-            this.version = versionNumber;
-        }
-
-        this.digestAlgorithms = ASN1Sequence.getInstance(sequence.getObjectAt(1));
-        for (int i = 2; i != sequence.size() - 1; i++)
-        {
-            ASN1Encodable object = sequence.getObjectAt(i);
-
-            if (object instanceof ASN1TaggedObject)
-            {
-                ASN1TaggedObject asn1TaggedObject = (ASN1TaggedObject)object;
-                switch (asn1TaggedObject.getTagNo())
-                {
-                case 0:
-                    cryptoInfos = CryptoInfos.getInstance(asn1TaggedObject, false);
-                    break;
-                case 1:
-                    encryptionInfo = EncryptionInfo.getInstance(asn1TaggedObject, false);
-                    break;
-                default:
-                    throw new IllegalArgumentException("unknown tag in getInstance: " + asn1TaggedObject.getTagNo());
-                }
-            }
-            else
-            {
-                throw new IllegalArgumentException("unknown object in getInstance: " +
-                    object.getClass().getName());
-            }
-        }
-        archiveTimeStampSequence = ArchiveTimeStampSequence.getInstance(sequence.getObjectAt(sequence.size() - 1));
-    }
-
-    public AlgorithmIdentifier[] getDigestAlgorithms()
-    {
-        AlgorithmIdentifier[] rv = new AlgorithmIdentifier[digestAlgorithms.size()];
-
-        for (int i = 0; i != rv.length; i++)
-        {
-            rv[i] = AlgorithmIdentifier.getInstance(digestAlgorithms.getObjectAt(i));
-        }
-
-        return rv;
-    }
-
-    public ArchiveTimeStampSequence getArchiveTimeStampSequence()
-    {
-        return archiveTimeStampSequence;
-    }
-
-    /**
-     * Return a new EvidenceRecord with an added ArchiveTimeStamp
-     *
-     * @param ats         the archive timestamp to add
-     * @param newChain states whether this new archive timestamp must be added as part of a
-     *                    new sequence (i.e. in the case of hashtree renewal) or not (i.e. in the case of timestamp
-     *                    renewal)
-     * @return the new EvidenceRecord
-     */
-    public EvidenceRecord addArchiveTimeStamp(final ArchiveTimeStamp ats, final boolean newChain)
-    {
-        if (newChain)
-        {
-            ArchiveTimeStampChain chain = new ArchiveTimeStampChain(ats);
-            
-            return new EvidenceRecord(this, archiveTimeStampSequence.append(chain), ats);
-        }
-        else
-        {
-            ArchiveTimeStampChain[] chains = archiveTimeStampSequence.getArchiveTimeStampChains();
-
-            chains[chains.length - 1] = chains[chains.length - 1].append(ats);
-            return new EvidenceRecord(this, new ArchiveTimeStampSequence(chains), null);
-        }
-    }
-
-    public String toString()
-    {
-        return ("EvidenceRecord: Oid(" + OID + ")");
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        final ASN1EncodableVector vector = new ASN1EncodableVector();
-
-        vector.add(version);
-        vector.add(digestAlgorithms);
-
-        if (null != cryptoInfos)
-        {
-            vector.add(cryptoInfos);
-        }
-        if (null != encryptionInfo)
-        {
-            vector.add(encryptionInfo);
-        }
-
-        vector.add(archiveTimeStampSequence);
-
-        return new DERSequence(vector);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/MessageImprint.java b/bcprov/src/main/java/org/bouncycastle/asn1/tsp/MessageImprint.java
deleted file mode 100644
index 2ba3c6b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/MessageImprint.java
+++ /dev/null

@@ -1,79 +0,0 @@
-package org.bouncycastle.asn1.tsp;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.Arrays;
-
-public class MessageImprint
-    extends ASN1Object
-{
-    AlgorithmIdentifier hashAlgorithm;
-    byte[]              hashedMessage;
-    
-    /**
-     * @param o
-     * @return a MessageImprint object.
-     */
-    public static MessageImprint getInstance(Object o)
-    {
-        if (o instanceof MessageImprint)
-        {
-            return (MessageImprint)o;
-        }
-
-        if (o != null)
-        {
-            return new MessageImprint(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-    
-    private MessageImprint(
-        ASN1Sequence seq)
-    {
-        this.hashAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(0));
-        this.hashedMessage = ASN1OctetString.getInstance(seq.getObjectAt(1)).getOctets();
-    }
-    
-    public MessageImprint(
-        AlgorithmIdentifier hashAlgorithm,
-        byte[]              hashedMessage)
-    {
-        this.hashAlgorithm = hashAlgorithm;
-        this.hashedMessage = Arrays.clone(hashedMessage);
-    }
-    
-    public AlgorithmIdentifier getHashAlgorithm()
-    {
-        return hashAlgorithm;
-    }
-    
-    public byte[] getHashedMessage()
-    {
-        return Arrays.clone(hashedMessage);
-    }
-    
-    /**
-     * <pre>
-     *    MessageImprint ::= SEQUENCE  {
-     *       hashAlgorithm                AlgorithmIdentifier,
-     *       hashedMessage                OCTET STRING  }
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(hashAlgorithm);
-        v.add(new DEROctetString(hashedMessage));
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/PartialHashtree.java b/bcprov/src/main/java/org/bouncycastle/asn1/tsp/PartialHashtree.java
deleted file mode 100644
index 51a5ac1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/PartialHashtree.java
+++ /dev/null

@@ -1,94 +0,0 @@
-package org.bouncycastle.asn1.tsp;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Implementation of PartialHashtree, as defined in RFC 4998.
- * <p>
- * The ASN.1 notation for a PartialHashTree is:
- * <p>
- * PartialHashtree ::= SEQUENCE OF OCTET STRING
- */
-public class PartialHashtree
-    extends ASN1Object
-{
-    /**
-     * Hash values that constitute the hash tree, as ASN.1 Octet Strings.
-     */
-    private ASN1Sequence values;
-
-    /**
-     * Return a PartialHashtree from the given object.
-     *
-     * @param obj the object we want converted.
-     * @return a PartialHashtree instance, or null.
-     * @throws IllegalArgumentException if the object cannot be converted.
-     */
-    public static PartialHashtree getInstance(final Object obj)
-    {
-        if (obj instanceof PartialHashtree)
-        {
-            return (PartialHashtree)obj;
-        }
-        else if (obj != null)
-        {
-            return new PartialHashtree(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private PartialHashtree(final ASN1Sequence values)
-    {
-        for (int i = 0; i != values.size(); i++)
-        {
-            if (!(values.getObjectAt(i) instanceof DEROctetString))
-            {
-                throw new IllegalArgumentException("unknown object in constructor: " + values
-                    .getObjectAt(i).getClass().getName());
-            }
-        }
-        this.values = values;
-    }
-
-    public PartialHashtree(byte[] values)
-    {
-        this(new byte[][] { values });
-    }
-
-    public PartialHashtree(byte[][] values)
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        for (int i = 0; i != values.length; i++)
-        {
-            v.add(new DEROctetString(Arrays.clone(values[i])));
-        }
-
-        this.values = new DERSequence(v);
-    }
-
-    public byte[][] getValues()
-    {
-        byte[][] rv = new byte[values.size()][];
-
-        for (int i = 0; i != rv.length; i++)
-        {
-            rv[i] = Arrays.clone(ASN1OctetString.getInstance(values.getObjectAt(i)).getOctets());
-        }
-
-        return rv;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return values;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/TSTInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/tsp/TSTInfo.java
deleted file mode 100644
index eacb019..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/TSTInfo.java
+++ /dev/null

@@ -1,233 +0,0 @@
-package org.bouncycastle.asn1.tsp;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1Boolean;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x509.Extensions;
-import org.bouncycastle.asn1.x509.GeneralName;
-
-public class TSTInfo
-    extends ASN1Object
-{
-    private ASN1Integer version;
-    private ASN1ObjectIdentifier tsaPolicyId;
-    private MessageImprint messageImprint;
-    private ASN1Integer serialNumber;
-    private ASN1GeneralizedTime genTime;
-    private Accuracy accuracy;
-    private ASN1Boolean ordering;
-    private ASN1Integer nonce;
-    private GeneralName tsa;
-    private Extensions extensions;
-
-    public static TSTInfo getInstance(Object o)
-    {
-        if (o instanceof TSTInfo)
-        {
-            return (TSTInfo)o;
-        }
-        else if (o != null)
-        {
-            return new TSTInfo(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    private TSTInfo(ASN1Sequence seq)
-    {
-        Enumeration e = seq.getObjects();
-
-        // version
-        version = ASN1Integer.getInstance(e.nextElement());
-
-        // tsaPolicy
-        tsaPolicyId = ASN1ObjectIdentifier.getInstance(e.nextElement());
-
-        // messageImprint
-        messageImprint = MessageImprint.getInstance(e.nextElement());
-
-        // serialNumber
-        serialNumber = ASN1Integer.getInstance(e.nextElement());
-
-        // genTime
-        genTime = ASN1GeneralizedTime.getInstance(e.nextElement());
-
-        // default for ordering
-        ordering = ASN1Boolean.getInstance(false);
-        
-        while (e.hasMoreElements())
-        {
-            ASN1Object o = (ASN1Object) e.nextElement();
-
-            if (o instanceof ASN1TaggedObject)
-            {
-                ASN1TaggedObject tagged = (ASN1TaggedObject) o;
-
-                switch (tagged.getTagNo())
-                {
-                case 0:
-                    tsa = GeneralName.getInstance(tagged, true);
-                    break;
-                case 1:
-                    extensions = Extensions.getInstance(tagged, false);
-                    break;
-                default:
-                    throw new IllegalArgumentException("Unknown tag value " + tagged.getTagNo());
-                }
-            }
-            else if (o instanceof ASN1Sequence || o instanceof Accuracy)
-            {
-                accuracy = Accuracy.getInstance(o);
-            }
-            else if (o instanceof ASN1Boolean)
-            {
-                ordering = ASN1Boolean.getInstance(o);
-            }
-            else if (o instanceof ASN1Integer)
-            {
-                nonce = ASN1Integer.getInstance(o);
-            }
-
-        }
-    }
-
-    public TSTInfo(ASN1ObjectIdentifier tsaPolicyId, MessageImprint messageImprint,
-            ASN1Integer serialNumber, ASN1GeneralizedTime genTime,
-            Accuracy accuracy, ASN1Boolean ordering, ASN1Integer nonce,
-            GeneralName tsa, Extensions extensions)
-    {
-        version = new ASN1Integer(1);
-        this.tsaPolicyId = tsaPolicyId;
-        this.messageImprint = messageImprint;
-        this.serialNumber = serialNumber;
-        this.genTime = genTime;
-
-        this.accuracy = accuracy;
-        this.ordering = ordering;
-        this.nonce = nonce;
-        this.tsa = tsa;
-        this.extensions = extensions;
-    }
-
-    public ASN1Integer getVersion()
-    {
-        return version;
-    }
-
-    public MessageImprint getMessageImprint()
-    {
-        return messageImprint;
-    }
-
-    public ASN1ObjectIdentifier getPolicy()
-    {
-        return tsaPolicyId;
-    }
-
-    public ASN1Integer getSerialNumber()
-    {
-        return serialNumber;
-    }
-
-    public Accuracy getAccuracy()
-    {
-        return accuracy;
-    }
-
-    public ASN1GeneralizedTime getGenTime()
-    {
-        return genTime;
-    }
-
-    public ASN1Boolean getOrdering()
-    {
-        return ordering;
-    }
-
-    public ASN1Integer getNonce()
-    {
-        return nonce;
-    }
-
-    public GeneralName getTsa()
-    {
-        return tsa;
-    }
-
-    public Extensions getExtensions()
-    {
-        return extensions;
-    }
-
-    /**
-     * <pre>
-     * 
-     *     TSTInfo ::= SEQUENCE  {
-     *        version                      INTEGER  { v1(1) },
-     *        policy                       TSAPolicyId,
-     *        messageImprint               MessageImprint,
-     *          -- MUST have the same value as the similar field in
-     *          -- TimeStampReq
-     *        serialNumber                 INTEGER,
-     *         -- Time-Stamping users MUST be ready to accommodate integers
-     *         -- up to 160 bits.
-     *        genTime                      GeneralizedTime,
-     *        accuracy                     Accuracy                 OPTIONAL,
-     *        ordering                     BOOLEAN             DEFAULT FALSE,
-     *        nonce                        INTEGER                  OPTIONAL,
-     *          -- MUST be present if the similar field was present
-     *          -- in TimeStampReq.  In that case it MUST have the same value.
-     *        tsa                          [0] GeneralName          OPTIONAL,
-     *        extensions                   [1] IMPLICIT Extensions   OPTIONAL  }
-     * 
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector seq = new ASN1EncodableVector();
-        seq.add(version);
-
-        seq.add(tsaPolicyId);
-        seq.add(messageImprint);
-        seq.add(serialNumber);
-        seq.add(genTime);
-
-        if (accuracy != null)
-        {
-            seq.add(accuracy);
-        }
-        
-        if (ordering != null && ordering.isTrue())
-        {
-            seq.add(ordering);
-        }
-        
-        if (nonce != null)
-        {
-            seq.add(nonce);
-        }
-        
-        if (tsa != null)
-        {
-            seq.add(new DERTaggedObject(true, 0, tsa));
-        }
-        
-        if (extensions != null)
-        {
-            seq.add(new DERTaggedObject(false, 1, extensions));
-        }
-
-        return new DERSequence(seq);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/TimeStampReq.java b/bcprov/src/main/java/org/bouncycastle/asn1/tsp/TimeStampReq.java
deleted file mode 100644
index 44490f0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/TimeStampReq.java
+++ /dev/null

@@ -1,179 +0,0 @@
-package org.bouncycastle.asn1.tsp;
-
-import org.bouncycastle.asn1.ASN1Boolean;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x509.Extensions;
-
-public class TimeStampReq
-    extends ASN1Object
-{
-    ASN1Integer version;
-
-    MessageImprint messageImprint;
-
-    ASN1ObjectIdentifier tsaPolicy;
-
-    ASN1Integer nonce;
-
-    ASN1Boolean certReq;
-
-    Extensions extensions;
-
-    public static TimeStampReq getInstance(Object o)
-    {
-        if (o instanceof TimeStampReq)
-        {
-            return (TimeStampReq) o;
-        }
-        else if (o != null)
-        {
-            return new TimeStampReq(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    private TimeStampReq(ASN1Sequence seq)
-    {
-        int nbObjects = seq.size();
-
-        int seqStart = 0;
-
-        // version
-        version = ASN1Integer.getInstance(seq.getObjectAt(seqStart));
-
-        seqStart++;
-
-        // messageImprint
-        messageImprint = MessageImprint.getInstance(seq.getObjectAt(seqStart));
-
-        seqStart++;
-
-        for (int opt = seqStart; opt < nbObjects; opt++)
-        {
-            // tsaPolicy
-            if (seq.getObjectAt(opt) instanceof ASN1ObjectIdentifier)
-            {
-                tsaPolicy = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(opt));
-            }
-            // nonce
-            else if (seq.getObjectAt(opt) instanceof ASN1Integer)
-            {
-                nonce = ASN1Integer.getInstance(seq.getObjectAt(opt));
-            }
-            // certReq
-            else if (seq.getObjectAt(opt) instanceof ASN1Boolean)
-            {
-                certReq = ASN1Boolean.getInstance(seq.getObjectAt(opt));
-            }
-            // extensions
-            else if (seq.getObjectAt(opt) instanceof ASN1TaggedObject)
-            {
-                ASN1TaggedObject    tagged = (ASN1TaggedObject)seq.getObjectAt(opt);
-                if (tagged.getTagNo() == 0)
-                {
-                    extensions = Extensions.getInstance(tagged, false);
-                }
-            }
-        }
-    }
-
-    public TimeStampReq(
-        MessageImprint      messageImprint,
-        ASN1ObjectIdentifier tsaPolicy,
-        ASN1Integer          nonce,
-        ASN1Boolean          certReq,
-        Extensions      extensions)
-    {
-        // default
-        version = new ASN1Integer(1);
-
-        this.messageImprint = messageImprint;
-        this.tsaPolicy = tsaPolicy;
-        this.nonce = nonce;
-        this.certReq = certReq;
-        this.extensions = extensions;
-    }
-
-    public ASN1Integer getVersion()
-    {
-        return version;
-    }
-
-    public MessageImprint getMessageImprint()
-    {
-        return messageImprint;
-    }
-
-    public ASN1ObjectIdentifier getReqPolicy()
-    {
-        return tsaPolicy;
-    }
-
-    public ASN1Integer getNonce()
-    {
-        return nonce;
-    }
-
-    public ASN1Boolean getCertReq()
-    {
-        return certReq;
-    }
-
-    public Extensions getExtensions()
-    {
-        return extensions;
-    }
-
-    /**
-     * <pre>
-     * TimeStampReq ::= SEQUENCE  {
-     *  version                      INTEGER  { v1(1) },
-     *  messageImprint               MessageImprint,
-     *    --a hash algorithm OID and the hash value of the data to be
-     *    --time-stamped
-     *  reqPolicy             TSAPolicyId              OPTIONAL,
-     *  nonce                 INTEGER                  OPTIONAL,
-     *  certReq               BOOLEAN                  DEFAULT FALSE,
-     *  extensions            [0] IMPLICIT Extensions  OPTIONAL
-     * }
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        
-        v.add(version);
-        v.add(messageImprint);
-        
-        if (tsaPolicy != null)
-        {
-            v.add(tsaPolicy);
-        }
-        
-        if (nonce != null)
-        {
-            v.add(nonce);
-        }
-        
-        if (certReq != null && certReq.isTrue())
-        {
-            v.add(certReq);
-        }
-        
-        if (extensions != null)
-        {
-            v.add(new DERTaggedObject(false, 0, extensions));
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/TimeStampResp.java b/bcprov/src/main/java/org/bouncycastle/asn1/tsp/TimeStampResp.java
deleted file mode 100644
index 96d08a1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/TimeStampResp.java
+++ /dev/null

@@ -1,84 +0,0 @@
-package org.bouncycastle.asn1.tsp;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cmp.PKIStatusInfo;
-import org.bouncycastle.asn1.cms.ContentInfo;
-
-
-public class TimeStampResp
-    extends ASN1Object
-{
-    PKIStatusInfo pkiStatusInfo;
-
-    ContentInfo timeStampToken;
-
-    public static TimeStampResp getInstance(Object o)
-    {
-        if (o instanceof TimeStampResp)
-        {
-            return (TimeStampResp) o;
-        }
-        else if (o != null)
-        {
-            return new TimeStampResp(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    private TimeStampResp(ASN1Sequence seq)
-    {
-
-        Enumeration e = seq.getObjects();
-
-        // status
-        pkiStatusInfo = PKIStatusInfo.getInstance(e.nextElement());
-
-        if (e.hasMoreElements())
-        {
-            timeStampToken = ContentInfo.getInstance(e.nextElement());
-        }
-    }
-
-    public TimeStampResp(PKIStatusInfo pkiStatusInfo, ContentInfo timeStampToken)
-    {
-        this.pkiStatusInfo = pkiStatusInfo;
-        this.timeStampToken = timeStampToken;
-    }
-
-    public PKIStatusInfo getStatus()
-    {
-        return pkiStatusInfo;
-    }
-
-    public ContentInfo getTimeStampToken()
-    {
-        return timeStampToken;
-    }
-
-    /**
-     * <pre>
-     * TimeStampResp ::= SEQUENCE  {
-     *   status                  PKIStatusInfo,
-     *   timeStampToken          TimeStampToken     OPTIONAL  }
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        
-        v.add(pkiStatusInfo);
-        if (timeStampToken != null)
-        {
-            v.add(timeStampToken);
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/tsp/package.html
deleted file mode 100644
index d6265f0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/tsp/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes useful for encoding and supporting Time Stamp Protocol as described RFC 3161.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145BinaryField.java b/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145BinaryField.java
deleted file mode 100644
index a0cca6b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145BinaryField.java
+++ /dev/null

@@ -1,119 +0,0 @@
-package org.bouncycastle.asn1.ua;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-public class DSTU4145BinaryField
-    extends ASN1Object
-{
-
-    private int m, k, j, l;
-
-    private DSTU4145BinaryField(ASN1Sequence seq)
-    {
-        m = ASN1Integer.getInstance(seq.getObjectAt(0)).getPositiveValue().intValue();
-
-        if (seq.getObjectAt(1) instanceof ASN1Integer)
-        {
-            k = ((ASN1Integer)seq.getObjectAt(1)).getPositiveValue().intValue();
-        }
-        else if (seq.getObjectAt(1) instanceof ASN1Sequence)
-        {
-            ASN1Sequence coefs = ASN1Sequence.getInstance(seq.getObjectAt(1));
-
-            k = ASN1Integer.getInstance(coefs.getObjectAt(0)).getPositiveValue().intValue();
-            j = ASN1Integer.getInstance(coefs.getObjectAt(1)).getPositiveValue().intValue();
-            l = ASN1Integer.getInstance(coefs.getObjectAt(2)).getPositiveValue().intValue();
-        }
-        else
-        {
-            throw new IllegalArgumentException("object parse error");
-        }
-    }
-
-    public static DSTU4145BinaryField getInstance(Object obj)
-    {
-        if (obj instanceof DSTU4145BinaryField)
-        {
-            return (DSTU4145BinaryField)obj;
-        }
-
-        if (obj != null)
-        {
-            return new DSTU4145BinaryField(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public DSTU4145BinaryField(int m, int k1, int k2, int k3)
-    {
-        this.m = m;
-        this.k = k1;
-        this.j = k2;
-        this.l = k3;
-    }
-
-    public int getM()
-    {
-        return m;
-    }
-
-    public int getK1()
-    {
-        return k;
-    }
-
-    public int getK2()
-    {
-        return j;
-    }
-
-    public int getK3()
-    {
-        return l;
-    }
-
-    public DSTU4145BinaryField(int m, int k)
-    {
-        this(m, k, 0, 0);
-    }
-
-    /**
-     * BinaryField ::= SEQUENCE {
-     * M INTEGER,
-     * CHOICE {Trinomial,    Pentanomial}
-     * Trinomial::= INTEGER
-     * Pentanomial::= SEQUENCE {
-     * k INTEGER,
-     * j INTEGER,
-     * l INTEGER}
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(new ASN1Integer(m));
-        if (j == 0) //Trinomial
-        {
-            v.add(new ASN1Integer(k));
-        }
-        else
-        {
-            ASN1EncodableVector coefs = new ASN1EncodableVector();
-            coefs.add(new ASN1Integer(k));
-            coefs.add(new ASN1Integer(j));
-            coefs.add(new ASN1Integer(l));
-
-            v.add(new DERSequence(coefs));
-        }
-
-        return new DERSequence(v);
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145ECBinary.java b/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145ECBinary.java
deleted file mode 100644
index 4b2d658..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145ECBinary.java
+++ /dev/null

@@ -1,158 +0,0 @@
-package org.bouncycastle.asn1.ua;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.math.ec.ECAlgorithms;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.field.PolynomialExtensionField;
-import org.bouncycastle.util.Arrays;
-
-public class DSTU4145ECBinary
-    extends ASN1Object
-{
-    BigInteger version = BigInteger.valueOf(0);
-
-    DSTU4145BinaryField f;
-    ASN1Integer a;
-    ASN1OctetString b;
-    ASN1Integer n;
-    ASN1OctetString bp;
-
-    public DSTU4145ECBinary(ECDomainParameters params)
-    {
-        ECCurve curve = params.getCurve();
-        if (!ECAlgorithms.isF2mCurve(curve))
-        {
-            throw new IllegalArgumentException("only binary domain is possible");
-        }
-
-        // We always use big-endian in parameter encoding
-
-        PolynomialExtensionField field = (PolynomialExtensionField)curve.getField();
-        int[] exponents = field.getMinimalPolynomial().getExponentsPresent();
-        if (exponents.length == 3)
-        {
-            f = new DSTU4145BinaryField(exponents[2], exponents[1]);
-        }
-        else if (exponents.length == 5)
-        {
-            f = new DSTU4145BinaryField(exponents[4], exponents[1], exponents[2], exponents[3]);
-        }
-        else
-        {
-            throw new IllegalArgumentException("curve must have a trinomial or pentanomial basis");
-        }
-
-        a = new ASN1Integer(curve.getA().toBigInteger());
-        b = new DEROctetString(curve.getB().getEncoded());
-        n = new ASN1Integer(params.getN());
-        bp = new DEROctetString(DSTU4145PointEncoder.encodePoint(params.getG()));
-    }
-
-    private DSTU4145ECBinary(ASN1Sequence seq)
-    {
-        int index = 0;
-
-        if (seq.getObjectAt(index) instanceof ASN1TaggedObject)
-        {
-            ASN1TaggedObject taggedVersion = (ASN1TaggedObject)seq.getObjectAt(index);
-            if (taggedVersion.isExplicit() && 0 == taggedVersion.getTagNo())
-            {
-                version = ASN1Integer.getInstance(taggedVersion.getLoadedObject()).getValue();
-                index++;
-            }
-            else
-            {
-                throw new IllegalArgumentException("object parse error");
-            }
-        }
-        f = DSTU4145BinaryField.getInstance(seq.getObjectAt(index));
-        index++;
-        a = ASN1Integer.getInstance(seq.getObjectAt(index));
-        index++;
-        b = ASN1OctetString.getInstance(seq.getObjectAt(index));
-        index++;
-        n = ASN1Integer.getInstance(seq.getObjectAt(index));
-        index++;
-        bp = ASN1OctetString.getInstance(seq.getObjectAt(index));
-    }
-
-    public static DSTU4145ECBinary getInstance(Object obj)
-    {
-        if (obj instanceof DSTU4145ECBinary)
-        {
-            return (DSTU4145ECBinary)obj;
-        }
-
-        if (obj != null)
-        {
-            return new DSTU4145ECBinary(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public DSTU4145BinaryField getField()
-    {
-        return f;
-    }
-
-    public BigInteger getA()
-    {
-        return a.getValue();
-    }
-
-    public byte[] getB()
-    {
-        return Arrays.clone(b.getOctets());
-    }
-
-    public BigInteger getN()
-    {
-        return n.getValue();
-    }
-
-    public byte[] getG()
-    {
-        return Arrays.clone(bp.getOctets());
-    }
-
-    /**
-     * ECBinary  ::= SEQUENCE {
-     * version          [0] EXPLICIT INTEGER    DEFAULT 0,
-     * f     BinaryField,
-     * a    INTEGER (0..1),
-     * b    OCTET STRING,
-     * n    INTEGER,
-     * bp    OCTET STRING}
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        if (0 != version.compareTo(BigInteger.valueOf(0)))
-        {
-            v.add(new DERTaggedObject(true, 0, new ASN1Integer(version)));
-        }
-        v.add(f);
-        v.add(a);
-        v.add(b);
-        v.add(n);
-        v.add(bp);
-
-        return new DERSequence(v);
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145NamedCurves.java b/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145NamedCurves.java
deleted file mode 100644
index b18953a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145NamedCurves.java
+++ /dev/null

@@ -1,106 +0,0 @@
-package org.bouncycastle.asn1.ua;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECPoint;
-
-public class DSTU4145NamedCurves
-{
-    private static final BigInteger ZERO = BigInteger.valueOf(0);
-    private static final BigInteger ONE = BigInteger.valueOf(1);
-
-    static final ECDomainParameters[] params = new ECDomainParameters[10];
-    static final ASN1ObjectIdentifier[] oids = new ASN1ObjectIdentifier[10];
-
-    //All named curves have the following oid format: 1.2.804.2.1.1.1.1.3.1.1.2.X
-    //where X is the curve number 0-9
-    static final String oidBase = UAObjectIdentifiers.dstu4145le.getId() + ".2.";
-
-    static
-    {
-        BigInteger[] n_s = new BigInteger[10];
-        n_s[0] = new BigInteger("400000000000000000002BEC12BE2262D39BCF14D", 16);
-        n_s[1] = new BigInteger("3FFFFFFFFFFFFFFFFFFFFFB12EBCC7D7F29FF7701F", 16);
-        n_s[2] = new BigInteger("800000000000000000000189B4E67606E3825BB2831", 16);
-        n_s[3] = new BigInteger("3FFFFFFFFFFFFFFFFFFFFFFB981960435FE5AB64236EF", 16);
-        n_s[4] = new BigInteger("40000000000000000000000069A779CAC1DABC6788F7474F", 16);
-        n_s[5] = new BigInteger("1000000000000000000000000000013E974E72F8A6922031D2603CFE0D7", 16);
-        n_s[6] = new BigInteger("800000000000000000000000000000006759213AF182E987D3E17714907D470D", 16);
-        n_s[7] = new BigInteger("3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC079C2F3825DA70D390FBBA588D4604022B7B7", 16);
-        n_s[8] = new BigInteger("40000000000000000000000000000000000000000000009C300B75A3FA824F22428FD28CE8812245EF44049B2D49", 16);
-        n_s[9] = new BigInteger("3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFBA3175458009A8C0A724F02F81AA8A1FCBAF80D90C7A95110504CF", 16);
-
-        BigInteger[] h_s = new BigInteger[10];
-        h_s[0] = BigInteger.valueOf(2);
-        h_s[1] = BigInteger.valueOf(2);
-        h_s[2] = BigInteger.valueOf(4);
-        h_s[3] = BigInteger.valueOf(2);
-        h_s[4] = BigInteger.valueOf(2);
-        h_s[5] = BigInteger.valueOf(2);
-        h_s[6] = BigInteger.valueOf(4);
-        h_s[7] = BigInteger.valueOf(2);
-        h_s[8] = BigInteger.valueOf(2);
-        h_s[9] = BigInteger.valueOf(2);
-
-        ECCurve.F2m[] curves = new ECCurve.F2m[10];
-        curves[0] = new ECCurve.F2m(163, 3, 6, 7, ONE, new BigInteger("5FF6108462A2DC8210AB403925E638A19C1455D21", 16), n_s[0], h_s[0]);
-        curves[1] = new ECCurve.F2m(167, 6, ONE, new BigInteger("6EE3CEEB230811759F20518A0930F1A4315A827DAC", 16), n_s[1], h_s[1]);
-        curves[2] = new ECCurve.F2m(173, 1, 2, 10, ZERO, new BigInteger("108576C80499DB2FC16EDDF6853BBB278F6B6FB437D9", 16), n_s[2], h_s[2]);
-        curves[3] = new ECCurve.F2m(179, 1, 2, 4, ONE, new BigInteger("4A6E0856526436F2F88DD07A341E32D04184572BEB710", 16), n_s[3], h_s[3]);
-        curves[4] = new ECCurve.F2m(191, 9, ONE, new BigInteger("7BC86E2102902EC4D5890E8B6B4981ff27E0482750FEFC03", 16), n_s[4], h_s[4]);
-        curves[5] = new ECCurve.F2m(233, 1, 4, 9, ONE, new BigInteger("06973B15095675534C7CF7E64A21BD54EF5DD3B8A0326AA936ECE454D2C", 16), n_s[5], h_s[5]);
-        curves[6] = new ECCurve.F2m(257, 12, ZERO, new BigInteger("1CEF494720115657E18F938D7A7942394FF9425C1458C57861F9EEA6ADBE3BE10", 16), n_s[6], h_s[6]);
-        curves[7] = new ECCurve.F2m(307, 2, 4, 8, ONE, new BigInteger("393C7F7D53666B5054B5E6C6D3DE94F4296C0C599E2E2E241050DF18B6090BDC90186904968BB", 16), n_s[7], h_s[7]);
-        curves[8] = new ECCurve.F2m(367, 21, ONE, new BigInteger("43FC8AD242B0B7A6F3D1627AD5654447556B47BF6AA4A64B0C2AFE42CADAB8F93D92394C79A79755437B56995136", 16), n_s[8], h_s[8]);
-        curves[9] = new ECCurve.F2m(431, 1, 3, 5, ONE, new BigInteger("03CE10490F6A708FC26DFE8C3D27C4F94E690134D5BFF988D8D28AAEAEDE975936C66BAC536B18AE2DC312CA493117DAA469C640CAF3", 16), n_s[9], h_s[9]);
-
-        ECPoint[] points = new ECPoint[10];
-        points[0] = curves[0].createPoint(new BigInteger("2E2F85F5DD74CE983A5C4237229DAF8A3F35823BE", 16), new BigInteger("3826F008A8C51D7B95284D9D03FF0E00CE2CD723A", 16));
-        points[1] = curves[1].createPoint(new BigInteger("7A1F6653786A68192803910A3D30B2A2018B21CD54", 16), new BigInteger("5F49EB26781C0EC6B8909156D98ED435E45FD59918", 16));
-        points[2] = curves[2].createPoint(new BigInteger("4D41A619BCC6EADF0448FA22FAD567A9181D37389CA", 16), new BigInteger("10B51CC12849B234C75E6DD2028BF7FF5C1CE0D991A1", 16));
-        points[3] = curves[3].createPoint(new BigInteger("6BA06FE51464B2BD26DC57F48819BA9954667022C7D03", 16), new BigInteger("25FBC363582DCEC065080CA8287AAFF09788A66DC3A9E", 16));
-        points[4] = curves[4].createPoint(new BigInteger("714114B762F2FF4A7912A6D2AC58B9B5C2FCFE76DAEB7129", 16), new BigInteger("29C41E568B77C617EFE5902F11DB96FA9613CD8D03DB08DA", 16));
-        points[5] = curves[5].createPoint(new BigInteger("3FCDA526B6CDF83BA1118DF35B3C31761D3545F32728D003EEB25EFE96", 16), new BigInteger("9CA8B57A934C54DEEDA9E54A7BBAD95E3B2E91C54D32BE0B9DF96D8D35", 16));
-        points[6] = curves[6].createPoint(new BigInteger("02A29EF207D0E9B6C55CD260B306C7E007AC491CA1B10C62334A9E8DCD8D20FB7", 16), new BigInteger("10686D41FF744D4449FCCF6D8EEA03102E6812C93A9D60B978B702CF156D814EF", 16));
-        points[7] = curves[7].createPoint(new BigInteger("216EE8B189D291A0224984C1E92F1D16BF75CCD825A087A239B276D3167743C52C02D6E7232AA", 16), new BigInteger("5D9306BACD22B7FAEB09D2E049C6E2866C5D1677762A8F2F2DC9A11C7F7BE8340AB2237C7F2A0", 16));
-        points[8] = curves[8].createPoint(new BigInteger("324A6EDDD512F08C49A99AE0D3F961197A76413E7BE81A400CA681E09639B5FE12E59A109F78BF4A373541B3B9A1", 16), new BigInteger("1AB597A5B4477F59E39539007C7F977D1A567B92B043A49C6B61984C3FE3481AAF454CD41BA1F051626442B3C10", 16));
-        points[9] = curves[9].createPoint(new BigInteger("1A62BA79D98133A16BBAE7ED9A8E03C32E0824D57AEF72F88986874E5AAE49C27BED49A2A95058068426C2171E99FD3B43C5947C857D", 16), new BigInteger("70B5E1E14031C1F70BBEFE96BDDE66F451754B4CA5F48DA241F331AA396B8D1839A855C1769B1EA14BA53308B5E2723724E090E02DB9", 16));
-
-        for (int i = 0; i < params.length; i++)
-        {
-            params[i] = new ECDomainParameters(curves[i], points[i], n_s[i], h_s[i]);
-        }
-
-        for (int i = 0; i < oids.length; i++)
-        {
-            oids[i] = new ASN1ObjectIdentifier(oidBase + i);
-        }
-    }
-
-    /**
-     * All named curves have the following oid format: 1.2.804.2.1.1.1.1.3.1.1.2.X
-     * where X is the curve number 0-9
-     */
-    public static ASN1ObjectIdentifier[] getOIDs()
-    {
-        return oids;
-    }
-
-    /**
-     * All named curves have the following oid format: 1.2.804.2.1.1.1.1.3.1.1.2.X
-     * where X is the curve number 0-9
-     */
-    public static ECDomainParameters getByOID(ASN1ObjectIdentifier oid)
-    {
-        String oidStr = oid.getId();
-        if (oidStr.startsWith(oidBase))
-        {
-            int index = Integer.parseInt(oidStr.substring(oidStr.lastIndexOf('.') + 1));
-            return (index >= 0 && index < params.length) ? params[index] : null;
-        }
-        return null;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145Params.java b/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145Params.java
deleted file mode 100644
index 101d797..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145Params.java
+++ /dev/null

@@ -1,128 +0,0 @@
-package org.bouncycastle.asn1.ua;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.util.Arrays;
-
-public class DSTU4145Params
-    extends ASN1Object
-{
-    private static final byte DEFAULT_DKE[] = {
-        (byte)0xa9, (byte)0xd6, (byte)0xeb, 0x45, (byte)0xf1, 0x3c, 0x70, (byte)0x82,
-        (byte)0x80, (byte)0xc4, (byte)0x96, 0x7b, 0x23, 0x1f, 0x5e, (byte)0xad,
-        (byte)0xf6, 0x58, (byte)0xeb, (byte)0xa4, (byte)0xc0, 0x37, 0x29, 0x1d,
-        0x38, (byte)0xd9, 0x6b, (byte)0xf0, 0x25, (byte)0xca, 0x4e, 0x17,
-        (byte)0xf8, (byte)0xe9, 0x72, 0x0d, (byte)0xc6, 0x15, (byte)0xb4, 0x3a,
-        0x28, (byte)0x97, 0x5f, 0x0b, (byte)0xc1, (byte)0xde, (byte)0xa3, 0x64,
-        0x38, (byte)0xb5, 0x64, (byte)0xea, 0x2c, 0x17, (byte)0x9f, (byte)0xd0,
-        0x12, 0x3e, 0x6d, (byte)0xb8, (byte)0xfa, (byte)0xc5, 0x79, 0x04};
-
-
-    private ASN1ObjectIdentifier namedCurve;
-    private DSTU4145ECBinary ecbinary;
-    private byte[] dke = DEFAULT_DKE;
-
-    public DSTU4145Params(ASN1ObjectIdentifier namedCurve)
-    {
-        this.namedCurve = namedCurve;
-    }
-
-    public DSTU4145Params(ASN1ObjectIdentifier namedCurve, byte[] dke)
-    {
-        this.namedCurve = namedCurve;
-        this.dke = Arrays.clone(dke);
-    }
-
-    public DSTU4145Params(DSTU4145ECBinary ecbinary)
-    {
-        this.ecbinary = ecbinary;
-    }
-
-    public boolean isNamedCurve()
-    {
-        return namedCurve != null;
-    }
-
-    public DSTU4145ECBinary getECBinary()
-    {
-        return ecbinary;
-    }
-
-    public byte[] getDKE()
-    {
-        return Arrays.clone(dke);
-    }
-
-    public static byte[] getDefaultDKE()
-    {
-        return Arrays.clone(DEFAULT_DKE);
-    }
-
-    public ASN1ObjectIdentifier getNamedCurve()
-    {
-        return namedCurve;
-    }
-
-    public static DSTU4145Params getInstance(Object obj)
-    {
-        if (obj instanceof DSTU4145Params)
-        {
-            return (DSTU4145Params)obj;
-        }
-
-        if (obj != null)
-        {
-            ASN1Sequence seq = ASN1Sequence.getInstance(obj);
-            DSTU4145Params params;
-
-            if (seq.getObjectAt(0) instanceof ASN1ObjectIdentifier)
-            {
-                params = new DSTU4145Params(ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0)));
-            }
-            else
-            {
-                params = new DSTU4145Params(DSTU4145ECBinary.getInstance(seq.getObjectAt(0)));
-            }
-
-            if (seq.size() == 2)
-            {
-                params.dke = ASN1OctetString.getInstance(seq.getObjectAt(1)).getOctets();
-                if (params.dke.length != DSTU4145Params.DEFAULT_DKE.length)
-                {
-                    throw new IllegalArgumentException("object parse error");
-                }
-            }
-
-            return params;
-        }
-
-        throw new IllegalArgumentException("object parse error");
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        if (namedCurve != null)
-        {
-            v.add(namedCurve);
-        }
-        else
-        {
-            v.add(ecbinary);
-        }
-
-        if (!org.bouncycastle.util.Arrays.areEqual(dke, DEFAULT_DKE))
-        {
-            v.add(new DEROctetString(dke));
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145PointEncoder.java b/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145PointEncoder.java
deleted file mode 100644
index b9fac52..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145PointEncoder.java
+++ /dev/null

@@ -1,154 +0,0 @@
-package org.bouncycastle.asn1.ua;
-
-import java.math.BigInteger;
-import java.util.Random;
-
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-
-/**
- * DSTU4145 encodes points somewhat differently than X9.62
- * It compresses the point to the size of the field element
- */
-public abstract class DSTU4145PointEncoder
-{
-    private static ECFieldElement trace(ECFieldElement fe)
-    {
-        ECFieldElement t = fe;
-        for (int i = 1; i < fe.getFieldSize(); ++i)
-        {
-            t = t.square().add(fe);
-        }
-        return t;
-    }
-
-    /**
-     * Solves a quadratic equation <code>z<sup>2</sup> + z = beta</code>(X9.62
-     * D.1.6) The other solution is <code>z + 1</code>.
-     *
-     * @param beta The value to solve the quadratic equation for.
-     * @return the solution for <code>z<sup>2</sup> + z = beta</code> or
-     *         <code>null</code> if no solution exists.
-     */
-    private static ECFieldElement solveQuadraticEquation(ECCurve curve, ECFieldElement beta)
-    {
-        if (beta.isZero())
-        {
-            return beta;
-        }
-
-        ECFieldElement zeroElement = curve.fromBigInteger(ECConstants.ZERO);
-
-        ECFieldElement z = null;
-        ECFieldElement gamma = null;
-
-        Random rand = new Random();
-        int m = beta.getFieldSize();
-        do
-        {
-            ECFieldElement t = curve.fromBigInteger(new BigInteger(m, rand));
-            z = zeroElement;
-            ECFieldElement w = beta;
-            for (int i = 1; i <= m - 1; i++)
-            {
-                ECFieldElement w2 = w.square();
-                z = z.square().add(w2.multiply(t));
-                w = w2.add(beta);
-            }
-            if (!w.isZero())
-            {
-                return null;
-            }
-            gamma = z.square().add(z);
-        }
-        while (gamma.isZero());
-
-        return z;
-    }
-
-    public static byte[] encodePoint(ECPoint Q)
-    {
-        /*if (!Q.isCompressed())
-              Q=new ECPoint.F2m(Q.getCurve(),Q.getX(),Q.getY(),true);
-
-          byte[] bytes=Q.getEncoded();
-
-          if (bytes[0]==0x02)
-              bytes[bytes.length-1]&=0xFE;
-          else if (bytes[0]==0x02)
-              bytes[bytes.length-1]|=0x01;
-
-          return Arrays.copyOfRange(bytes, 1, bytes.length);*/
-
-        Q = Q.normalize();
-
-        ECFieldElement x = Q.getAffineXCoord();
-
-        byte[] bytes = x.getEncoded();
-
-        if (!x.isZero())
-        {
-            ECFieldElement z = Q.getAffineYCoord().divide(x);
-            if (trace(z).isOne())
-            {
-                bytes[bytes.length - 1] |= 0x01;
-            }
-            else
-            {
-                bytes[bytes.length - 1] &= 0xFE;
-            }
-        }
-
-        return bytes;
-    }
-
-    public static ECPoint decodePoint(ECCurve curve, byte[] bytes)
-    {
-        /*byte[] bp_enc=new byte[bytes.length+1];
-          if (0==(bytes[bytes.length-1]&0x1))
-              bp_enc[0]=0x02;
-          else
-              bp_enc[0]=0x03;
-          System.arraycopy(bytes, 0, bp_enc, 1, bytes.length);
-          if (!trace(curve.fromBigInteger(new BigInteger(1, bytes))).equals(curve.getA().toBigInteger()))
-              bp_enc[bp_enc.length-1]^=0x01;
-
-          return curve.decodePoint(bp_enc);*/
-
-        ECFieldElement k = curve.fromBigInteger(BigInteger.valueOf(bytes[bytes.length - 1] & 0x1));
-
-        ECFieldElement xp = curve.fromBigInteger(new BigInteger(1, bytes));
-        if (!trace(xp).equals(curve.getA()))
-        {
-            xp = xp.addOne();
-        }
-
-        ECFieldElement yp = null;
-        if (xp.isZero())
-        {
-            yp = curve.getB().sqrt();
-        }
-        else
-        {
-            ECFieldElement beta = xp.square().invert().multiply(curve.getB()).add(curve.getA()).add(xp);
-            ECFieldElement z = solveQuadraticEquation(curve, beta);
-            if (z != null)
-            {
-                if (!trace(z).equals(k))
-                {
-                    z = z.addOne();
-                }
-                yp = xp.multiply(z);
-            }
-        }
-
-        if (yp == null)
-        {
-            throw new IllegalArgumentException("Invalid point compression");
-        }
-
-        return curve.validatePoint(xp.toBigInteger(), yp.toBigInteger());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145PublicKey.java b/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145PublicKey.java
deleted file mode 100644
index 769eff6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ua/DSTU4145PublicKey.java
+++ /dev/null

@@ -1,46 +0,0 @@
-package org.bouncycastle.asn1.ua;
-
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.math.ec.ECPoint;
-
-public class DSTU4145PublicKey
-    extends ASN1Object
-{
-
-    private ASN1OctetString pubKey;
-
-    public DSTU4145PublicKey(ECPoint pubKey)
-    {
-        // We always use big-endian in parameter encoding
-        this.pubKey = new DEROctetString(DSTU4145PointEncoder.encodePoint(pubKey));
-    }
-
-    private DSTU4145PublicKey(ASN1OctetString ocStr)
-    {
-        pubKey = ocStr;
-    }
-
-    public static DSTU4145PublicKey getInstance(Object obj)
-    {
-        if (obj instanceof DSTU4145PublicKey)
-        {
-            return (DSTU4145PublicKey)obj;
-        }
-
-        if (obj != null)
-        {
-            return new DSTU4145PublicKey(ASN1OctetString.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return pubKey;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ua/UAObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/ua/UAObjectIdentifiers.java
deleted file mode 100644
index d0d4a8d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ua/UAObjectIdentifiers.java
+++ /dev/null

@@ -1,108 +0,0 @@
-package org.bouncycastle.asn1.ua;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-
-/**
- * Ukrainian object identifiers
- * <p>
- * {iso(1) member-body(2) Ukraine(804) root(2) security(1) cryptography(1) pki(1)}
- * <p>
- * { ...  pki-alg(1) pki-alg-sym(3) Dstu4145WithGost34311(1) PB(1)}
- * <p>
- * DSTU4145 in polynomial basis has 2 oids, one for little-endian representation and one for big-endian
- */
-public interface UAObjectIdentifiers
-{
-    /** Base OID: 1.2.804.2.1.1.1 */
-    static final ASN1ObjectIdentifier UaOid = new ASN1ObjectIdentifier("1.2.804.2.1.1.1");
-
-    /** DSTU4145 Little Endian presentation.  OID: 1.2.804.2.1.1.1.1.3.1.1 */
-    static final ASN1ObjectIdentifier dstu4145le = UaOid.branch("1.3.1.1");
-    /** DSTU4145 Big Endian presentation.  OID: 1.2.804.2.1.1.1.1.3.1.1.1 */
-    static final ASN1ObjectIdentifier dstu4145be = UaOid.branch("1.3.1.1.1.1");
-    
-    /** DSTU7564 256-bit digest presentation. */
-    static final ASN1ObjectIdentifier dstu7564digest_256 = UaOid.branch("1.2.2.1");
-    /** DSTU7564 384-bit digest presentation. */
-    static final ASN1ObjectIdentifier dstu7564digest_384 = UaOid.branch("1.2.2.2");
-    /** DSTU7564 512-bit digest presentation. */
-    static final ASN1ObjectIdentifier dstu7564digest_512 = UaOid.branch("1.2.2.3");
-
-    /** DSTU7564 256-bit mac presentation. */
-    static final ASN1ObjectIdentifier dstu7564mac_256 = UaOid.branch("1.2.2.4");
-    /** DSTU7564 384-bit mac presentation. */
-    static final ASN1ObjectIdentifier dstu7564mac_384 = UaOid.branch("1.2.2.5");
-    /** DSTU7564 512-bit mac presentation. */
-    static final ASN1ObjectIdentifier dstu7564mac_512 = UaOid.branch("1.2.2.6");
-
-
-    /** DSTU7624 in ECB mode with 128 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624ecb_128 = UaOid.branch("1.1.3.1.1");
-    /** DSTU7624 in ECB mode with 256 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624ecb_256 = UaOid.branch("1.1.3.1.2");
-    /** DSTU7624 in ECB mode with 512 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624ecb_512 = UaOid.branch("1.1.3.1.3");
-
-    /** DSTU7624 in CTR mode with 128 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624ctr_128 = UaOid.branch("1.1.3.2.1");
-    /** DSTU7624 in CTR mode with 256 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624ctr_256 = UaOid.branch("1.1.3.2.2");
-    /** DSTU7624 in CTR mode with 512 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624ctr_512 = UaOid.branch("1.1.3.2.3");
-
-    /** DSTU7624 in CFB mode with 128 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624cfb_128 = UaOid.branch("1.1.3.3.1");
-    /** DSTU7624 in CFB mode with 256 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624cfb_256 = UaOid.branch("1.1.3.3.2");
-    /** DSTU7624 in CFB mode with 512 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624cfb_512 = UaOid.branch("1.1.3.3.3");
-
-    /** DSTU7624 in MAC mode with 128 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624cmac_128 = UaOid.branch("1.1.3.4.1");
-    /** DSTU7624 in MAC mode with 256 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624cmac_256 = UaOid.branch("1.1.3.4.2");
-    /** DSTU7624 in MAC mode with 512 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624cmac_512 = UaOid.branch("1.1.3.4.3");
-
-    /** DSTU7624 in CBC mode with 128 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624cbc_128 = UaOid.branch("1.1.3.5.1");
-    /** DSTU7624 in CBC mode with 256 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624cbc_256 = UaOid.branch("1.1.3.5.2");
-    /** DSTU7624 in CBC mode with 512 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624cbc_512 = UaOid.branch("1.1.3.5.3");
-
-    /** DSTU7624 in OFB mode with 128 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624ofb_128 = UaOid.branch("1.1.3.6.1");
-    /** DSTU7624 in OFB mode with 256 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624ofb_256 = UaOid.branch("1.1.3.6.2");
-    /** DSTU7624 in OFB mode with 512 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624ofb_512 = UaOid.branch("1.1.3.6.3");
-
-    /** DSTU7624 in GMAC (GCM witout encryption) mode with 128 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624gmac_128 = UaOid.branch("1.1.3.7.1");
-    /** DSTU7624 in GMAC (GCM witout encryption) mode with 256 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624gmac_256 = UaOid.branch("1.1.3.7.2");
-    /** DSTU7624 in GMAC (GCM witout encryption) mode with 512 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624gmac_512 = UaOid.branch("1.1.3.7.3");
-
-    /** DSTU7624 in CCM mode with 128 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624ccm_128 = UaOid.branch("1.1.3.8.1");
-    /** DSTU7624 in CCM mode with 256 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624ccm_256 = UaOid.branch("1.1.3.8.2");
-    /** DSTU7624 in CCM mode with 512 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624ccm_512 = UaOid.branch("1.1.3.8.3");
-
-    /** DSTU7624 in XTS mode with 128 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624xts_128 = UaOid.branch("1.1.3.9.1");
-    /** DSTU7624 in XTS mode with 256 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624xts_256 = UaOid.branch("1.1.3.9.2");
-    /** DSTU7624 in XTS mode with 512 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624xts_512 = UaOid.branch("1.1.3.9.3");
-
-    /** DSTU7624 in key wrap (KW) mode with 128 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624kw_128 = UaOid.branch("1.1.3.10.1");
-    /** DSTU7624 in key wrap (KW) mode with 256 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624kw_256 = UaOid.branch("1.1.3.10.2");
-    /** DSTU7624 in key wrap (KW) mode with 512 bit block/key presentation */
-    static final ASN1ObjectIdentifier dstu7624kw_512 = UaOid.branch("1.1.3.10.3");
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/ua/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/ua/package.html
deleted file mode 100644
index 0fc273f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/ua/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes for the Ukrainian DSTU standard.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/util/DERDump.java b/bcprov/src/main/java/org/bouncycastle/asn1/util/DERDump.java
deleted file mode 100644
index 78875ff..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/util/DERDump.java
+++ /dev/null

@@ -1,41 +0,0 @@
-package org.bouncycastle.asn1.util;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Primitive;
-
-/**
- * @deprecated use ASN1Dump.
- */
-public class DERDump
-    extends ASN1Dump
-{
-    /**
-     * dump out a DER object as a formatted string
-     *
-     * @param obj the ASN1Primitive to be dumped out.
-     */
-    public static String dumpAsString(
-        ASN1Primitive obj)
-    {
-        StringBuffer buf = new StringBuffer();
-
-        _dumpAsString("", false, obj, buf);
-
-        return buf.toString();
-    }
-
-    /**
-     * dump out a DER object as a formatted string
-     *
-     * @param obj the ASN1Primitive to be dumped out.
-     */
-    public static String dumpAsString(
-        ASN1Encodable obj)
-    {
-        StringBuffer buf = new StringBuffer();
-
-        _dumpAsString("", false, obj.toASN1Primitive(), buf);
-
-        return buf.toString();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/util/Dump.java b/bcprov/src/main/java/org/bouncycastle/asn1/util/Dump.java
deleted file mode 100644
index 28d59e2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/util/Dump.java
+++ /dev/null

@@ -1,28 +0,0 @@
-package org.bouncycastle.asn1.util;
-
-import java.io.FileInputStream;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-
-/**
- * Command line ASN.1 Dump utility.
- * <p>
- *     Usage: org.bouncycastle.asn1.util.Dump ber_encoded_file
- * </p>
- */
-public class Dump
-{
-    public static void main(
-        String args[])
-        throws Exception
-    {
-        FileInputStream fIn = new FileInputStream(args[0]);
-        ASN1InputStream bIn = new ASN1InputStream(fIn);
-        Object          obj = null;
-
-        while ((obj = bIn.readObject()) != null)
-        {
-            System.out.println(ASN1Dump.dumpAsString(obj));
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/util/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/util/package.html
deleted file mode 100644
index 1db893d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/util/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-An ASN.1 dump utility.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x500/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/x500/package.html
deleted file mode 100644
index 9a3f9c6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x500/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes for the creation and processing of object based on X.500 names.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/package.html
deleted file mode 100644
index 219d3f5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x500/style/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Template classes for the common styles used for converting X.500 names to strings and back.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/AccessDescription.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/AccessDescription.java
deleted file mode 100644
index a1aaca4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/AccessDescription.java
+++ /dev/null

@@ -1,98 +0,0 @@
-package org.bouncycastle.asn1.x509;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * The AccessDescription object.
- * <pre>
- * AccessDescription  ::=  SEQUENCE {
- *       accessMethod          OBJECT IDENTIFIER,
- *       accessLocation        GeneralName  }
- * </pre>
- */
-public class AccessDescription
-    extends ASN1Object
-{
-    public final static ASN1ObjectIdentifier id_ad_caIssuers = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.48.2");
-    
-    public final static ASN1ObjectIdentifier id_ad_ocsp = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.48.1");
-        
-    ASN1ObjectIdentifier accessMethod = null;
-    GeneralName accessLocation = null;
-
-    public static AccessDescription getInstance(
-        Object  obj)
-    {
-        if (obj instanceof AccessDescription)
-        {
-            return (AccessDescription)obj;
-        }
-        else if (obj != null)
-        {
-            return new AccessDescription(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
- 
-    private AccessDescription(
-        ASN1Sequence   seq)
-    {
-        if (seq.size() != 2) 
-        {
-            throw new IllegalArgumentException("wrong number of elements in sequence");
-        }
-        
-        accessMethod = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
-        accessLocation = GeneralName.getInstance(seq.getObjectAt(1));
-    }
-
-    /**
-     * create an AccessDescription with the oid and location provided.
-     */
-    public AccessDescription(
-        ASN1ObjectIdentifier oid,
-        GeneralName location)
-    {
-        accessMethod = oid;
-        accessLocation = location;
-    }
-
-    /**
-     * 
-     * @return the access method.
-     */
-    public ASN1ObjectIdentifier getAccessMethod()
-    {
-        return accessMethod;
-    }
-    
-    /**
-     * 
-     * @return the access location
-     */
-    public GeneralName getAccessLocation()
-    {
-        return accessLocation;
-    }
-    
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector accessDescription  = new ASN1EncodableVector();
-        
-        accessDescription.add(accessMethod);
-        accessDescription.add(accessLocation);
-
-        return new DERSequence(accessDescription);
-    }
-
-    public String toString()
-    {
-        return ("AccessDescription: Oid(" + this.accessMethod.getId() + ")");
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/AuthorityInformationAccess.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/AuthorityInformationAccess.java
deleted file mode 100644
index 34a10f8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/AuthorityInformationAccess.java
+++ /dev/null

@@ -1,116 +0,0 @@
-package org.bouncycastle.asn1.x509;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * The AuthorityInformationAccess object.
- * <pre>
- * id-pe-authorityInfoAccess OBJECT IDENTIFIER ::= { id-pe 1 }
- *
- * AuthorityInfoAccessSyntax  ::=
- *      SEQUENCE SIZE (1..MAX) OF AccessDescription
- * AccessDescription  ::=  SEQUENCE {
- *       accessMethod          OBJECT IDENTIFIER,
- *       accessLocation        GeneralName  }
- *
- * id-ad OBJECT IDENTIFIER ::= { id-pkix 48 }
- * id-ad-caIssuers OBJECT IDENTIFIER ::= { id-ad 2 }
- * id-ad-ocsp OBJECT IDENTIFIER ::= { id-ad 1 }
- * </pre>
- */
-public class AuthorityInformationAccess
-    extends ASN1Object
-{
-    private AccessDescription[]    descriptions;
-
-    public static AuthorityInformationAccess getInstance(
-        Object  obj)
-    {
-        if (obj instanceof AuthorityInformationAccess)
-        {
-            return (AuthorityInformationAccess)obj;
-        }
-
-        if (obj != null)
-        {
-            return new AuthorityInformationAccess(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public static AuthorityInformationAccess fromExtensions(Extensions extensions)
-    {
-         return AuthorityInformationAccess.getInstance(extensions.getExtensionParsedValue(Extension.authorityInfoAccess));
-    }
-
-    private AuthorityInformationAccess(
-        ASN1Sequence   seq)
-    {
-        if (seq.size() < 1) 
-        {
-            throw new IllegalArgumentException("sequence may not be empty");
-        }
-
-        descriptions = new AccessDescription[seq.size()];
-        
-        for (int i = 0; i != seq.size(); i++)
-        {
-            descriptions[i] = AccessDescription.getInstance(seq.getObjectAt(i));
-        }
-    }
-
-    public AuthorityInformationAccess(
-        AccessDescription description)
-    {
-        this(new AccessDescription[]{ description });
-    }
-
-    public AuthorityInformationAccess(
-        AccessDescription[] descriptions)
-    {
-        this.descriptions = new AccessDescription[descriptions.length];
-        System.arraycopy(descriptions, 0, this.descriptions, 0, descriptions.length);
-    }
-
-    /**
-     * create an AuthorityInformationAccess with the oid and location provided.
-     */
-    public AuthorityInformationAccess(
-        ASN1ObjectIdentifier oid,
-        GeneralName location)
-    {
-        this(new AccessDescription(oid, location));
-    }
-
-    /**
-     * 
-     * @return the access descriptions contained in this object.
-     */
-    public AccessDescription[] getAccessDescriptions()
-    {
-        return descriptions;
-    }
-    
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector vec = new ASN1EncodableVector();
-        
-        for (int i = 0; i != descriptions.length; i++)
-        {
-            vec.add(descriptions[i]);
-        }
-        
-        return new DERSequence(vec);
-    }
-
-    public String toString()
-    {
-        return ("AuthorityInformationAccess: Oid(" + this.descriptions[0].getAccessMethod().getId() + ")");
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java
index d84ad4c..df4ad65 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java

@@ -14,7 +14,9 @@
 import org.bouncycastle.asn1.DERSequence;
 import org.bouncycastle.asn1.DERTaggedObject;
 import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
+// Android-changed: Use Android digests
+// import org.bouncycastle.crypto.digests.SHA1Digest;
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
 import org.bouncycastle.util.encoders.Hex;
 
 /**
@@ -107,7 +109,9 @@
     public AuthorityKeyIdentifier(
         SubjectPublicKeyInfo    spki)
     {
-        Digest  digest = new SHA1Digest();
+        // Android-changed: Use Android digests
+        // Digest  digest = new SHA1Digest();
+        Digest  digest = AndroidDigestFactory.getSHA1();
         byte[]  resBuf = new byte[digest.getDigestSize()];
 
         byte[] bytes = spki.getPublicKeyData().getBytes();
@@ -126,7 +130,9 @@
         GeneralNames            name,
         BigInteger              serialNumber)
     {
-        Digest  digest = new SHA1Digest();
+        // Android-changed: Use Android digests
+        // Digest  digest = new SHA1Digest();
+        Digest  digest = AndroidDigestFactory.getSHA1();
         byte[]  resBuf = new byte[digest.getDigestSize()];
 
         byte[] bytes = spki.getPublicKeyData().getBytes();

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/CertPolicyId.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/CertPolicyId.java
deleted file mode 100644
index ab1e5a2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/CertPolicyId.java
+++ /dev/null

@@ -1,57 +0,0 @@
-package org.bouncycastle.asn1.x509;
-
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-
-
-/**
- * CertPolicyId, used in the CertificatePolicies and PolicyMappings
- * X509V3 Extensions.
- *
- * <pre>
- *     CertPolicyId ::= OBJECT IDENTIFIER
- * </pre>
- */
-/**
- * CertPolicyId, used in the CertificatePolicies and PolicyMappings
- * X509V3 Extensions.
- *
- * <pre>
- *     CertPolicyId ::= OBJECT IDENTIFIER
- * </pre>
- */
-public class CertPolicyId
-    extends ASN1Object
-{
-    private ASN1ObjectIdentifier id;
-
-    private CertPolicyId(ASN1ObjectIdentifier id)
-    {
-        this.id = id;
-    }
-
-    public static CertPolicyId getInstance(Object o)
-    {
-        if (o instanceof CertPolicyId)
-        {
-            return (CertPolicyId)o;
-        }
-        else if (o != null)
-        {
-            return new CertPolicyId(ASN1ObjectIdentifier.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public String getId()
-    {
-        return id.getId();
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return id;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/CertificatePair.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/CertificatePair.java
deleted file mode 100644
index ef187e1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/CertificatePair.java
+++ /dev/null

@@ -1,167 +0,0 @@
-package org.bouncycastle.asn1.x509;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-
-/**
- * This class helps to support crossCerfificatePairs in a LDAP directory
- * according RFC 2587
- * 
- * <pre>
- *     crossCertificatePairATTRIBUTE::={
- *       WITH SYNTAX   CertificatePair
- *       EQUALITY MATCHING RULE certificatePairExactMatch
- *       ID joint-iso-ccitt(2) ds(5) attributeType(4) crossCertificatePair(40)}
- * </pre>
- * 
- * <blockquote> The forward elements of the crossCertificatePair attribute of a
- * CA's directory entry shall be used to store all, except self-issued
- * certificates issued to this CA. Optionally, the reverse elements of the
- * crossCertificatePair attribute, of a CA's directory entry may contain a
- * subset of certificates issued by this CA to other CAs. When both the forward
- * and the reverse elements are present in a single attribute value, issuer name
- * in one certificate shall match the subject name in the other and vice versa,
- * and the subject public key in one certificate shall be capable of verifying
- * the digital signature on the other certificate and vice versa.
- * 
- * When a reverse element is present, the forward element value and the reverse
- * element value need not be stored in the same attribute value; in other words,
- * they can be stored in either a single attribute value or two attribute
- * values. </blockquote>
- * 
- * <pre>
- *       CertificatePair ::= SEQUENCE {
- *         forward        [0]    Certificate OPTIONAL,
- *         reverse        [1]    Certificate OPTIONAL,
- *         -- at least one of the pair shall be present -- } 
- * </pre>
- */
-public class CertificatePair
-    extends ASN1Object
-{
-    private Certificate forward;
-
-    private Certificate reverse;
-
-    public static CertificatePair getInstance(Object obj)
-    {
-        if (obj == null || obj instanceof CertificatePair)
-        {
-            return (CertificatePair)obj;
-        }
-
-        if (obj instanceof ASN1Sequence)
-        {
-            return new CertificatePair((ASN1Sequence)obj);
-        }
-
-        throw new IllegalArgumentException("illegal object in getInstance: "
-            + obj.getClass().getName());
-    }
-
-    /**
-     * Constructor from ASN1Sequence.
-     * <p>
-     * The sequence is of type CertificatePair:
-     * <pre>
-     *       CertificatePair ::= SEQUENCE {
-     *         forward        [0]    Certificate OPTIONAL,
-     *         reverse        [1]    Certificate OPTIONAL,
-     *         -- at least one of the pair shall be present -- }
-     * </pre>
-     * </p>
-     * @param seq The ASN.1 sequence.
-     */
-    private CertificatePair(ASN1Sequence seq)
-    {
-        if (seq.size() != 1 && seq.size() != 2)
-        {
-            throw new IllegalArgumentException("Bad sequence size: "
-                + seq.size());
-        }
-
-        Enumeration e = seq.getObjects();
-
-        while (e.hasMoreElements())
-        {
-            ASN1TaggedObject o = ASN1TaggedObject.getInstance(e.nextElement());
-            if (o.getTagNo() == 0)
-            {
-                forward = Certificate.getInstance(o, true);
-            }
-            else if (o.getTagNo() == 1)
-            {
-                reverse = Certificate.getInstance(o, true);
-            }
-            else
-            {
-                throw new IllegalArgumentException("Bad tag number: "
-                    + o.getTagNo());
-            }
-        }
-    }
-
-    /**
-     * Constructor from a given details.
-     *
-     * @param forward Certificates issued to this CA.
-     * @param reverse Certificates issued by this CA to other CAs.
-     */
-    public CertificatePair(Certificate forward, Certificate reverse)
-    {
-        this.forward = forward;
-        this.reverse = reverse;
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     * <p>
-     * Returns:
-     * <pre>
-     *       CertificatePair ::= SEQUENCE {
-     *         forward        [0]    Certificate OPTIONAL,
-     *         reverse        [1]    Certificate OPTIONAL,
-     *         -- at least one of the pair shall be present -- }
-     * </pre>
-     *
-     * @return a ASN1Primitive
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector vec = new ASN1EncodableVector();
-
-        if (forward != null)
-        {
-            vec.add(new DERTaggedObject(0, forward));
-        }
-        if (reverse != null)
-        {
-            vec.add(new DERTaggedObject(1, reverse));
-        }
-
-        return new DERSequence(vec);
-    }
-
-    /**
-     * @return Returns the forward.
-     */
-    public Certificate getForward()
-    {
-        return forward;
-    }
-
-    /**
-     * @return Returns the reverse.
-     */
-    public Certificate getReverse()
-    {
-        return reverse;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/CertificatePolicies.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/CertificatePolicies.java
deleted file mode 100644
index 560b464..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/CertificatePolicies.java
+++ /dev/null

@@ -1,129 +0,0 @@
-package org.bouncycastle.asn1.x509;
-
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-
-public class CertificatePolicies
-    extends ASN1Object
-{
-    private final PolicyInformation[] policyInformation;
-
-    public static CertificatePolicies getInstance(
-        Object  obj)
-    {
-        if (obj instanceof CertificatePolicies)
-        {
-            return (CertificatePolicies)obj;
-        }
-
-        if (obj != null)
-        {
-            return new CertificatePolicies(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public static CertificatePolicies getInstance(
-        ASN1TaggedObject obj,
-        boolean          explicit)
-    {
-        return getInstance(ASN1Sequence.getInstance(obj, explicit));
-    }
-
-    /**
-     * Retrieve a CertificatePolicies for a passed in Extensions object, if present.
-     *
-     * @param extensions the extensions object to be examined.
-     * @return  the CertificatePolicies, null if the extension is not present.
-     */
-    public static CertificatePolicies fromExtensions(Extensions extensions)
-    {
-        return CertificatePolicies.getInstance(extensions.getExtensionParsedValue(Extension.certificatePolicies));
-    }
-
-    /**
-     * Construct a CertificatePolicies object containing one PolicyInformation.
-     * 
-     * @param name the name to be contained.
-     */
-    public CertificatePolicies(
-        PolicyInformation  name)
-    {
-        this.policyInformation = new PolicyInformation[] { name };
-    }
-
-    public CertificatePolicies(
-        PolicyInformation[] policyInformation)
-    {
-        this.policyInformation = copyPolicyInfo(policyInformation);
-    }
-
-    private CertificatePolicies(
-        ASN1Sequence  seq)
-    {
-        this.policyInformation = new PolicyInformation[seq.size()];
-
-        for (int i = 0; i != seq.size(); i++)
-        {
-            policyInformation[i] = PolicyInformation.getInstance(seq.getObjectAt(i));
-        }
-    }
-
-    public PolicyInformation[] getPolicyInformation()
-    {
-        return copyPolicyInfo(policyInformation);
-    }
-
-    private PolicyInformation[] copyPolicyInfo(PolicyInformation[] policyInfo)
-    {
-        PolicyInformation[] tmp = new PolicyInformation[policyInfo.length];
-
-        System.arraycopy(policyInfo, 0, tmp, 0, policyInfo.length);
-
-        return tmp;
-    }
-
-    public PolicyInformation getPolicyInformation(ASN1ObjectIdentifier policyIdentifier)
-    {
-        for (int i = 0; i != policyInformation.length; i++)
-        {
-            if (policyIdentifier.equals(policyInformation[i].getPolicyIdentifier()))
-            {
-                 return policyInformation[i];
-            }
-        }
-
-        return null;
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     * <pre>
-     * CertificatePolicies ::= SEQUENCE SIZE {1..MAX} OF PolicyInformation
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return new DERSequence(policyInformation);
-    }
-
-    public String toString()
-    {
-        StringBuffer p = new StringBuffer();
-        for (int i = 0; i < policyInformation.length; i++)
-        {
-            if (p.length() != 0)
-            {
-                p.append(", ");
-            }
-            p.append(policyInformation[i]);
-        }
-
-        return "CertificatePolicies: [" + p + "]";
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/DisplayText.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/DisplayText.java
deleted file mode 100644
index 5cc85cd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/DisplayText.java
+++ /dev/null

@@ -1,185 +0,0 @@
-
-package org.bouncycastle.asn1.x509;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1String;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERBMPString;
-import org.bouncycastle.asn1.DERIA5String;
-import org.bouncycastle.asn1.DERUTF8String;
-import org.bouncycastle.asn1.DERVisibleString;
-
-/**
- * <code>DisplayText</code> class, used in
- * <code>CertificatePolicies</code> X509 V3 extensions (in policy qualifiers).
- *
- * <p>It stores a string in a chosen encoding. 
- * <pre>
- * DisplayText ::= CHOICE {
- *      ia5String        IA5String      (SIZE (1..200)),
- *      visibleString    VisibleString  (SIZE (1..200)),
- *      bmpString        BMPString      (SIZE (1..200)),
- *      utf8String       UTF8String     (SIZE (1..200)) }
- * </pre>
- * @see PolicyQualifierInfo
- * @see PolicyInformation
- */
-public class DisplayText 
-    extends ASN1Object
-    implements ASN1Choice
-{
-   /**
-    * Constant corresponding to ia5String encoding. 
-    *
-    */
-   public static final int CONTENT_TYPE_IA5STRING = 0;
-   /**
-    * Constant corresponding to bmpString encoding. 
-    *
-    */
-   public static final int CONTENT_TYPE_BMPSTRING = 1;
-   /**
-    * Constant corresponding to utf8String encoding. 
-    *
-    */
-   public static final int CONTENT_TYPE_UTF8STRING = 2;
-   /**
-    * Constant corresponding to visibleString encoding. 
-    *
-    */
-   public static final int CONTENT_TYPE_VISIBLESTRING = 3;
-
-   /**
-    * Describe constant <code>DISPLAY_TEXT_MAXIMUM_SIZE</code> here.
-    *
-    */
-   public static final int DISPLAY_TEXT_MAXIMUM_SIZE = 200;
-   
-   int contentType;
-   ASN1String contents;
-   
-   /**
-    * Creates a new <code>DisplayText</code> instance.
-    *
-    * @param type the desired encoding type for the text. 
-    * @param text the text to store. Strings longer than 200
-    * characters are truncated. 
-    */
-   public DisplayText(int type, String text)
-   {
-      if (text.length() > DISPLAY_TEXT_MAXIMUM_SIZE)
-      {
-         // RFC3280 limits these strings to 200 chars
-         // truncate the string
-         text = text.substring (0, DISPLAY_TEXT_MAXIMUM_SIZE);
-      }
-     
-      contentType = type;
-      switch (type)
-      {
-         case CONTENT_TYPE_IA5STRING:
-            contents = new DERIA5String(text);
-            break;
-         case CONTENT_TYPE_UTF8STRING:
-            contents = new DERUTF8String(text);
-            break;
-         case CONTENT_TYPE_VISIBLESTRING:
-            contents = new DERVisibleString(text);
-            break;
-         case CONTENT_TYPE_BMPSTRING:
-            contents = new DERBMPString(text);
-            break;
-         default:
-            contents = new DERUTF8String(text);
-            break;
-      }
-   }
-   
-   /**
-    * Creates a new <code>DisplayText</code> instance.
-    *
-    * @param text the text to encapsulate. Strings longer than 200
-    * characters are truncated. 
-    */
-   public DisplayText(String text) 
-   {
-      // by default use UTF8String
-      if (text.length() > DISPLAY_TEXT_MAXIMUM_SIZE)
-      {
-         text = text.substring(0, DISPLAY_TEXT_MAXIMUM_SIZE);
-      }
-      
-      contentType = CONTENT_TYPE_UTF8STRING;
-      contents = new DERUTF8String(text);
-   }
-
-   /**
-    * Creates a new <code>DisplayText</code> instance.
-    * <p>Useful when reading back a <code>DisplayText</code> class
-    * from it's ASN1Encodable/DEREncodable form. 
-    *
-    * @param de a <code>DEREncodable</code> instance. 
-    */
-   private DisplayText(ASN1String de)
-   {
-      contents = de;
-      if (de instanceof DERUTF8String)
-      {
-         contentType = CONTENT_TYPE_UTF8STRING;
-      }
-      else if (de instanceof DERBMPString)
-      {
-         contentType = CONTENT_TYPE_BMPSTRING;
-      }
-      else if (de instanceof DERIA5String)
-      {
-         contentType = CONTENT_TYPE_IA5STRING;
-      }
-      else if (de instanceof DERVisibleString)
-      {
-         contentType = CONTENT_TYPE_VISIBLESTRING;
-      }
-      else
-      {
-         throw new IllegalArgumentException("unknown STRING type in DisplayText");
-      }
-   }
-
-   public static DisplayText getInstance(Object obj) 
-   {
-      if  (obj instanceof ASN1String)
-      {
-          return new DisplayText((ASN1String)obj);
-      }
-      else if (obj == null || obj instanceof DisplayText)
-      {
-          return (DisplayText)obj;
-      }
-
-      throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName());
-   }
-
-   public static DisplayText getInstance(
-       ASN1TaggedObject obj,
-       boolean          explicit)
-   {
-       return getInstance(obj.getObject()); // must be explicitly tagged
-   }
-   
-   public ASN1Primitive toASN1Primitive()
-   {
-      return (ASN1Primitive)contents;
-   }
-
-   /**
-    * Returns the stored <code>String</code> object. 
-    *
-    * @return the stored text as a <code>String</code>. 
-    */
-   public String getString() 
-   {
-      return contents.getString();
-   }   
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/GeneralNamesBuilder.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/GeneralNamesBuilder.java
deleted file mode 100644
index 14f0c2c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/GeneralNamesBuilder.java
+++ /dev/null

@@ -1,39 +0,0 @@
-package org.bouncycastle.asn1.x509;
-
-import java.util.Vector;
-
-public class GeneralNamesBuilder
-{
-    private Vector names = new Vector();
-
-    public GeneralNamesBuilder addNames(GeneralNames names)
-    {
-        GeneralName[] n = names.getNames();
-
-        for (int i = 0; i != n.length; i++)
-        {
-            this.names.addElement(n[i]);
-        }
-
-        return this;
-    }
-
-    public GeneralNamesBuilder addName(GeneralName name)
-    {
-        names.addElement(name);
-
-        return this;
-    }
-
-    public GeneralNames build()
-    {
-        GeneralName[] tmp = new GeneralName[names.size()];
-
-        for (int i = 0; i != tmp.length; i++)
-        {
-            tmp[i] = (GeneralName)names.elementAt(i);
-        }
-
-        return new GeneralNames(tmp);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/IetfAttrSyntax.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/IetfAttrSyntax.java
deleted file mode 100644
index 5a70140..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/IetfAttrSyntax.java
+++ /dev/null

@@ -1,189 +0,0 @@
-package org.bouncycastle.asn1.x509;
-
-import java.util.Enumeration;
-import java.util.Vector;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.DERUTF8String;
-
-/**
- * Implementation of <code>IetfAttrSyntax</code> as specified by RFC3281.
- */
-public class IetfAttrSyntax
-    extends ASN1Object
-{
-    public static final int VALUE_OCTETS    = 1;
-    public static final int VALUE_OID       = 2;
-    public static final int VALUE_UTF8      = 3;
-    GeneralNames            policyAuthority = null;
-    Vector                  values          = new Vector();
-    int                     valueChoice     = -1;
-
-    public static IetfAttrSyntax getInstance(Object obj)
-    {
-        if (obj instanceof IetfAttrSyntax)
-        {
-            return (IetfAttrSyntax)obj;
-        }
-        if (obj != null)
-        {
-            return new IetfAttrSyntax(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    /**
-     *  
-     */
-    private IetfAttrSyntax(ASN1Sequence seq)
-    {
-        int i = 0;
-
-        if (seq.getObjectAt(0) instanceof ASN1TaggedObject)
-        {
-            policyAuthority = GeneralNames.getInstance(((ASN1TaggedObject)seq.getObjectAt(0)), false);
-            i++;
-        }
-        else if (seq.size() == 2)
-        { // VOMS fix
-            policyAuthority = GeneralNames.getInstance(seq.getObjectAt(0));
-            i++;
-        }
-
-        if (!(seq.getObjectAt(i) instanceof ASN1Sequence))
-        {
-            throw new IllegalArgumentException("Non-IetfAttrSyntax encoding");
-        }
-
-        seq = (ASN1Sequence)seq.getObjectAt(i);
-
-        for (Enumeration e = seq.getObjects(); e.hasMoreElements();)
-        {
-            ASN1Primitive obj = (ASN1Primitive)e.nextElement();
-            int type;
-
-            if (obj instanceof ASN1ObjectIdentifier)
-            {
-                type = VALUE_OID;
-            }
-            else if (obj instanceof DERUTF8String)
-            {
-                type = VALUE_UTF8;
-            }
-            else if (obj instanceof DEROctetString)
-            {
-                type = VALUE_OCTETS;
-            }
-            else
-            {
-                throw new IllegalArgumentException("Bad value type encoding IetfAttrSyntax");
-            }
-
-            if (valueChoice < 0)
-            {
-                valueChoice = type;
-            }
-
-            if (type != valueChoice)
-            {
-                throw new IllegalArgumentException("Mix of value types in IetfAttrSyntax");
-            }
-
-            values.addElement(obj);
-        }
-    }
-
-    public GeneralNames getPolicyAuthority()
-    {
-        return policyAuthority;
-    }
-
-    public int getValueType()
-    {
-        return valueChoice;
-    }
-
-    public Object[] getValues()
-    {
-        if (this.getValueType() == VALUE_OCTETS)
-        {
-            ASN1OctetString[] tmp = new ASN1OctetString[values.size()];
-            
-            for (int i = 0; i != tmp.length; i++)
-            {
-                tmp[i] = (ASN1OctetString)values.elementAt(i);
-            }
-            
-            return tmp;
-        }
-        else if (this.getValueType() == VALUE_OID)
-        {
-            ASN1ObjectIdentifier[] tmp = new ASN1ObjectIdentifier[values.size()];
-            
-            for (int i = 0; i != tmp.length; i++)
-            {
-                tmp[i] = (ASN1ObjectIdentifier)values.elementAt(i);
-            }
-            
-            return tmp;
-        }
-        else
-        {
-            DERUTF8String[] tmp = new DERUTF8String[values.size()];
-            
-            for (int i = 0; i != tmp.length; i++)
-            {
-                tmp[i] = (DERUTF8String)values.elementAt(i);
-            }
-            
-            return tmp;
-        }
-    }
-
-    /**
-     * 
-     * <pre>
-     * 
-     *  IetfAttrSyntax ::= SEQUENCE {
-     *    policyAuthority [0] GeneralNames OPTIONAL,
-     *    values SEQUENCE OF CHOICE {
-     *      octets OCTET STRING,
-     *      oid OBJECT IDENTIFIER,
-     *      string UTF8String
-     *    }
-     *  }
-     *  
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        if (policyAuthority != null)
-        {
-            v.add(new DERTaggedObject(0, policyAuthority));
-        }
-
-        ASN1EncodableVector v2 = new ASN1EncodableVector();
-
-        for (Enumeration i = values.elements(); i.hasMoreElements();)
-        {
-            v2.add((ASN1Encodable)i.nextElement());
-        }
-
-        v.add(new DERSequence(v2));
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/NoticeReference.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/NoticeReference.java
deleted file mode 100644
index d46f524..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/NoticeReference.java
+++ /dev/null

@@ -1,170 +0,0 @@
-package org.bouncycastle.asn1.x509;
-
-import java.math.BigInteger;
-import java.util.Enumeration;
-import java.util.Vector;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <code>NoticeReference</code> class, used in
- * <code>CertificatePolicies</code> X509 V3 extensions
- * (in policy qualifiers).
- * 
- * <pre>
- *  NoticeReference ::= SEQUENCE {
- *      organization     DisplayText,
- *      noticeNumbers    SEQUENCE OF INTEGER }
- *
- * </pre> 
- * 
- * @see PolicyQualifierInfo
- * @see PolicyInformation
- */
-public class NoticeReference 
-    extends ASN1Object
-{
-    private DisplayText organization;
-    private ASN1Sequence noticeNumbers;
-
-    private static ASN1EncodableVector convertVector(Vector numbers)
-    {
-        ASN1EncodableVector av = new ASN1EncodableVector();
-
-        Enumeration it = numbers.elements();
-
-        while (it.hasMoreElements())
-        {
-            Object o = it.nextElement();
-            ASN1Integer di;
-
-            if (o instanceof BigInteger)
-            {
-                di = new ASN1Integer((BigInteger)o);
-            }
-            else if (o instanceof Integer)
-            {
-                di = new ASN1Integer(((Integer)o).intValue());
-            }
-            else
-            {
-                throw new IllegalArgumentException();
-            }
-
-            av.add(di);
-        }
-        return av;
-    }
-
-   /**
-    * Creates a new <code>NoticeReference</code> instance.
-    *
-    * @param organization a <code>String</code> value
-    * @param numbers a <code>Vector</code> value
-    */
-   public NoticeReference(
-       String organization,
-       Vector numbers) 
-   {
-       this(organization, convertVector(numbers));
-   }
-
-    /**
-    * Creates a new <code>NoticeReference</code> instance.
-    *
-    * @param organization a <code>String</code> value
-    * @param noticeNumbers an <code>ASN1EncodableVector</code> value
-    */
-   public NoticeReference(
-       String organization,
-       ASN1EncodableVector noticeNumbers)
-   {
-       this(new DisplayText(organization), noticeNumbers);
-   }
-
-   /**
-    * Creates a new <code>NoticeReference</code> instance.
-    *
-    * @param organization displayText
-    * @param noticeNumbers an <code>ASN1EncodableVector</code> value
-    */
-   public NoticeReference(
-       DisplayText  organization,
-       ASN1EncodableVector noticeNumbers)
-   {
-       this.organization = organization;
-       this.noticeNumbers = new DERSequence(noticeNumbers);
-   }
-
-   /**
-    * Creates a new <code>NoticeReference</code> instance.
-    * <p>Useful for reconstructing a <code>NoticeReference</code>
-    * instance from its encodable/encoded form. 
-    *
-    * @param as an <code>ASN1Sequence</code> value obtained from either
-    * calling @{link toASN1Primitive()} for a <code>NoticeReference</code>
-    * instance or from parsing it from a DER-encoded stream. 
-    */
-   private NoticeReference(
-       ASN1Sequence as) 
-   {
-       if (as.size() != 2)
-       {
-            throw new IllegalArgumentException("Bad sequence size: "
-                    + as.size());
-       }
-
-       organization = DisplayText.getInstance(as.getObjectAt(0));
-       noticeNumbers = ASN1Sequence.getInstance(as.getObjectAt(1));
-   }
-
-   public static NoticeReference getInstance(
-       Object as) 
-   {
-      if (as instanceof NoticeReference)
-      {
-          return (NoticeReference)as;
-      }
-      else if (as != null)
-      {
-          return new NoticeReference(ASN1Sequence.getInstance(as));
-      }
-
-      return null;
-   }
-   
-   public DisplayText getOrganization()
-   {
-       return organization;
-   }
-   
-   public ASN1Integer[] getNoticeNumbers()
-   {
-       ASN1Integer[] tmp = new ASN1Integer[noticeNumbers.size()];
-
-       for (int i = 0; i != noticeNumbers.size(); i++)
-       {
-           tmp[i] = ASN1Integer.getInstance(noticeNumbers.getObjectAt(i));
-       }
-
-       return tmp;
-   }
-   
-   /**
-    * Describe <code>toASN1Object</code> method here.
-    *
-    * @return a <code>ASN1Primitive</code> value
-    */
-   public ASN1Primitive toASN1Primitive()
-   {
-      ASN1EncodableVector av = new ASN1EncodableVector();
-      av.add (organization);
-      av.add (noticeNumbers);
-      return new DERSequence (av);
-   }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/PolicyMappings.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/PolicyMappings.java
deleted file mode 100644
index 6afab95..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/PolicyMappings.java
+++ /dev/null

@@ -1,107 +0,0 @@
-package org.bouncycastle.asn1.x509;
-
-import java.util.Enumeration;
-import java.util.Hashtable;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * PolicyMappings V3 extension, described in RFC3280.
- * <pre>
- *    PolicyMappings ::= SEQUENCE SIZE (1..MAX) OF SEQUENCE {
- *      issuerDomainPolicy      CertPolicyId,
- *      subjectDomainPolicy     CertPolicyId }
- * </pre>
- *
- * @see <a href="http://www.faqs.org/rfc/rfc3280.txt">RFC 3280, section 4.2.1.6</a>
- */
-public class PolicyMappings
-    extends ASN1Object
-{
-    ASN1Sequence seq = null;
-
-    public static PolicyMappings getInstance(Object obj)
-    {
-        if (obj instanceof PolicyMappings)
-        {
-            return (PolicyMappings)obj;
-        }
-        if (obj != null)
-        {
-            return new PolicyMappings(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    /**
-     * Creates a new <code>PolicyMappings</code> instance.
-     *
-     * @param seq an <code>ASN1Sequence</code> constructed as specified
-     *            in RFC 3280
-     */
-    private PolicyMappings(ASN1Sequence seq)
-    {
-        this.seq = seq;
-    }
-
-    /**
-     * Creates a new <code>PolicyMappings</code> instance.
-     *
-     * @param mappings a <code>HashMap</code> value that maps
-     *                 <code>String</code> oids
-     *                 to other <code>String</code> oids.
-     * @deprecated use CertPolicyId constructors.
-     */
-    public PolicyMappings(Hashtable mappings)
-    {
-        ASN1EncodableVector dev = new ASN1EncodableVector();
-        Enumeration it = mappings.keys();
-
-        while (it.hasMoreElements())
-        {
-            String idp = (String)it.nextElement();
-            String sdp = (String)mappings.get(idp);
-            ASN1EncodableVector dv = new ASN1EncodableVector();
-            dv.add(new ASN1ObjectIdentifier(idp));
-            dv.add(new ASN1ObjectIdentifier(sdp));
-            dev.add(new DERSequence(dv));
-        }
-
-        seq = new DERSequence(dev);
-    }
-
-    public PolicyMappings(CertPolicyId issuerDomainPolicy, CertPolicyId subjectDomainPolicy)
-    {
-        ASN1EncodableVector dv = new ASN1EncodableVector();
-        dv.add(issuerDomainPolicy);
-        dv.add(subjectDomainPolicy);
-
-        seq = new DERSequence(new DERSequence(dv));
-    }
-
-    public PolicyMappings(CertPolicyId[] issuerDomainPolicy, CertPolicyId[] subjectDomainPolicy)
-    {
-        ASN1EncodableVector dev = new ASN1EncodableVector();
-
-        for (int i = 0; i != issuerDomainPolicy.length; i++)
-        {
-            ASN1EncodableVector dv = new ASN1EncodableVector();
-            dv.add(issuerDomainPolicy[i]);
-            dv.add(subjectDomainPolicy[i]);
-            dev.add(new DERSequence(dv));
-        }
-
-        seq = new DERSequence(dev);
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return seq;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/PrivateKeyUsagePeriod.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/PrivateKeyUsagePeriod.java
deleted file mode 100644
index 44e0b67..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/PrivateKeyUsagePeriod.java
+++ /dev/null

@@ -1,84 +0,0 @@
-package org.bouncycastle.asn1.x509;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-
-/**
- * <pre>
- *    PrivateKeyUsagePeriod ::= SEQUENCE {
- *      notBefore       [0]     GeneralizedTime OPTIONAL,
- *      notAfter        [1]     GeneralizedTime OPTIONAL }
- * </pre>
- */
-public class PrivateKeyUsagePeriod
-    extends ASN1Object
-{
-    public static PrivateKeyUsagePeriod getInstance(Object obj)
-    {
-        if (obj instanceof PrivateKeyUsagePeriod)
-        {
-            return (PrivateKeyUsagePeriod)obj;
-        }
-
-        if (obj != null)
-        {
-            return new PrivateKeyUsagePeriod(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private ASN1GeneralizedTime _notBefore, _notAfter;
-
-    private PrivateKeyUsagePeriod(ASN1Sequence seq)
-    {
-        Enumeration en = seq.getObjects();
-        while (en.hasMoreElements())
-        {
-            ASN1TaggedObject tObj = (ASN1TaggedObject)en.nextElement();
-
-            if (tObj.getTagNo() == 0)
-            {
-                _notBefore = ASN1GeneralizedTime.getInstance(tObj, false);
-            }
-            else if (tObj.getTagNo() == 1)
-            {
-                _notAfter = ASN1GeneralizedTime.getInstance(tObj, false);
-            }
-        }
-    }
-
-    public ASN1GeneralizedTime getNotBefore()
-    {
-        return _notBefore;
-    }
-
-    public ASN1GeneralizedTime getNotAfter()
-    {
-        return _notAfter;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        if (_notBefore != null)
-        {
-            v.add(new DERTaggedObject(false, 0, _notBefore));
-        }
-        if (_notAfter != null)
-        {
-            v.add(new DERTaggedObject(false, 1, _notAfter));
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/RoleSyntax.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/RoleSyntax.java
deleted file mode 100644
index 7558c12..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/RoleSyntax.java
+++ /dev/null

@@ -1,237 +0,0 @@
-package org.bouncycastle.asn1.x509;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1String;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-
-/**
- * Implementation of the RoleSyntax object as specified by the RFC3281.
- * 
- * <pre>
- * RoleSyntax ::= SEQUENCE {
- *                 roleAuthority  [0] GeneralNames OPTIONAL,
- *                 roleName       [1] GeneralName
- *           } 
- * </pre>
- */
-public class RoleSyntax 
-    extends ASN1Object
-{
-    private GeneralNames roleAuthority;
-    private GeneralName roleName;
-
-    /**
-     * RoleSyntax factory method.
-     * @param obj the object used to construct an instance of <code>
-     * RoleSyntax</code>. It must be an instance of <code>RoleSyntax
-     * </code> or <code>ASN1Sequence</code>.
-     * @return the instance of <code>RoleSyntax</code> built from the
-     * supplied object.
-     * @throws java.lang.IllegalArgumentException if the object passed
-     * to the factory is not an instance of <code>RoleSyntax</code> or
-     * <code>ASN1Sequence</code>.
-     */
-    public static RoleSyntax getInstance(
-        Object obj)
-    {
-        
-        if (obj instanceof RoleSyntax)
-        {
-            return (RoleSyntax)obj;
-        }
-        else if (obj != null)
-        {
-            return new RoleSyntax(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-    
-    /**
-     * Constructor.
-     * @param roleAuthority the role authority of this RoleSyntax.
-     * @param roleName    the role name of this RoleSyntax.
-     */
-    public RoleSyntax(
-        GeneralNames roleAuthority,
-        GeneralName roleName)
-    {
-        if(roleName == null || 
-                roleName.getTagNo() != GeneralName.uniformResourceIdentifier ||
-                ((ASN1String)roleName.getName()).getString().equals(""))
-        {
-            throw new IllegalArgumentException("the role name MUST be non empty and MUST " +
-                    "use the URI option of GeneralName");
-        }
-        this.roleAuthority = roleAuthority;
-        this.roleName = roleName;
-    }
-    
-    /**
-     * Constructor. Invoking this constructor is the same as invoking
-     * <code>new RoleSyntax(null, roleName)</code>.
-     * @param roleName    the role name of this RoleSyntax.
-     */
-    public RoleSyntax(
-        GeneralName roleName)
-    {
-        this(null, roleName);
-    }
-
-    /**
-     * Utility constructor. Takes a <code>String</code> argument representing
-     * the role name, builds a <code>GeneralName</code> to hold the role name
-     * and calls the constructor that takes a <code>GeneralName</code>.
-     * @param roleName
-     */
-    public RoleSyntax(
-        String roleName)
-    {
-        this(new GeneralName(GeneralName.uniformResourceIdentifier,
-                (roleName == null)? "": roleName));
-    }
-    
-    /**
-     * Constructor that builds an instance of <code>RoleSyntax</code> by
-     * extracting the encoded elements from the <code>ASN1Sequence</code>
-     * object supplied.
-     * @param seq    an instance of <code>ASN1Sequence</code> that holds
-     * the encoded elements used to build this <code>RoleSyntax</code>.
-     */
-    private RoleSyntax(
-        ASN1Sequence seq)
-    {
-        if (seq.size() < 1 || seq.size() > 2)
-        {
-            throw new IllegalArgumentException("Bad sequence size: "
-                    + seq.size());
-        }
-
-        for (int i = 0; i != seq.size(); i++)
-        {
-            ASN1TaggedObject taggedObject = ASN1TaggedObject.getInstance(seq.getObjectAt(i));
-            switch (taggedObject.getTagNo())
-            {
-            case 0:
-                roleAuthority = GeneralNames.getInstance(taggedObject, false);
-                break;
-            case 1:
-                roleName = GeneralName.getInstance(taggedObject, true);
-                break;
-            default:
-                throw new IllegalArgumentException("Unknown tag in RoleSyntax");
-            }
-        }
-    }
-
-    /**
-     * Gets the role authority of this RoleSyntax.
-     * @return    an instance of <code>GeneralNames</code> holding the
-     * role authority of this RoleSyntax.
-     */
-    public GeneralNames getRoleAuthority()
-    {
-        return this.roleAuthority;
-    }
-    
-    /**
-     * Gets the role name of this RoleSyntax.
-     * @return    an instance of <code>GeneralName</code> holding the
-     * role name of this RoleSyntax.
-     */
-    public GeneralName getRoleName()
-    {
-        return this.roleName;
-    }
-    
-    /**
-     * Gets the role name as a <code>java.lang.String</code> object.
-     * @return    the role name of this RoleSyntax represented as a 
-     * <code>java.lang.String</code> object.
-     */
-    public String getRoleNameAsString()
-    {
-        ASN1String str = (ASN1String)this.roleName.getName();
-        
-        return str.getString();
-    }
-    
-    /**
-     * Gets the role authority as a <code>String[]</code> object.
-     * @return the role authority of this RoleSyntax represented as a
-     * <code>String[]</code> array.
-     */
-    public String[] getRoleAuthorityAsString() 
-    {
-        if(roleAuthority == null) 
-        {
-            return new String[0];
-        }
-        
-        GeneralName[] names = roleAuthority.getNames();
-        String[] namesString = new String[names.length];
-        for(int i = 0; i < names.length; i++) 
-        {
-            ASN1Encodable value = names[i].getName();
-            if(value instanceof ASN1String)
-            {
-                namesString[i] = ((ASN1String)value).getString();
-            }
-            else
-            {
-                namesString[i] = value.toString();
-            }
-        }
-        return namesString;
-    }
-    
-    /**
-     * Implementation of the method <code>toASN1Object</code> as
-     * required by the superclass <code>ASN1Encodable</code>.
-     * 
-     * <pre>
-     * RoleSyntax ::= SEQUENCE {
-     *                 roleAuthority  [0] GeneralNames OPTIONAL,
-     *                 roleName       [1] GeneralName
-     *           } 
-     * </pre>
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        if(this.roleAuthority != null)
-        {
-            v.add(new DERTaggedObject(false, 0, roleAuthority));
-        }
-        v.add(new DERTaggedObject(true, 1, roleName));
-        
-        return new DERSequence(v);
-    }
-    
-    public String toString() 
-    {
-        StringBuffer buff = new StringBuffer("Name: " + this.getRoleNameAsString() +
-                " - Auth: ");
-        if(this.roleAuthority == null || roleAuthority.getNames().length == 0)
-        {
-            buff.append("N/A");
-        }
-        else 
-        {
-            String[] names = this.getRoleAuthorityAsString();
-            buff.append('[').append(names[0]);
-            for(int i = 1; i < names.length; i++) 
-            {
-                    buff.append(", ").append(names[i]);
-            }
-            buff.append(']');
-        }
-        return buff.toString();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/SubjectDirectoryAttributes.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/SubjectDirectoryAttributes.java
deleted file mode 100644
index 9591802..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/SubjectDirectoryAttributes.java
+++ /dev/null

@@ -1,144 +0,0 @@
-package org.bouncycastle.asn1.x509;
-
-import java.util.Enumeration;
-import java.util.Vector;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * This extension may contain further X.500 attributes of the subject. See also
- * RFC 3039.
- * 
- * <pre>
- *     SubjectDirectoryAttributes ::= Attributes
- *     Attributes ::= SEQUENCE SIZE (1..MAX) OF Attribute
- *     Attribute ::= SEQUENCE 
- *     {
- *       type AttributeType 
- *       values SET OF AttributeValue 
- *     }
- *     
- *     AttributeType ::= OBJECT IDENTIFIER
- *     AttributeValue ::= ANY DEFINED BY AttributeType
- * </pre>
- * 
- * @see org.bouncycastle.asn1.x500.style.BCStyle for AttributeType ObjectIdentifiers.
- */
-public class SubjectDirectoryAttributes 
-    extends ASN1Object
-{
-    private Vector attributes = new Vector();
-
-    public static SubjectDirectoryAttributes getInstance(
-        Object obj)
-    {
-        if (obj instanceof SubjectDirectoryAttributes)
-        {
-            return (SubjectDirectoryAttributes)obj;
-        }
-
-        if (obj != null)
-        {
-            return new SubjectDirectoryAttributes(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    /**
-     * Constructor from ASN1Sequence.
-     * 
-     * The sequence is of type SubjectDirectoryAttributes:
-     * 
-     * <pre>
-     *      SubjectDirectoryAttributes ::= Attributes
-     *      Attributes ::= SEQUENCE SIZE (1..MAX) OF Attribute
-     *      Attribute ::= SEQUENCE 
-     *      {
-     *        type AttributeType 
-     *        values SET OF AttributeValue 
-     *      }
-     *      
-     *      AttributeType ::= OBJECT IDENTIFIER
-     *      AttributeValue ::= ANY DEFINED BY AttributeType
-     * </pre>
-     * 
-     * @param seq
-     *            The ASN.1 sequence.
-     */
-    private SubjectDirectoryAttributes(ASN1Sequence seq)
-    {
-        Enumeration e = seq.getObjects();
-
-        while (e.hasMoreElements())
-        {
-            ASN1Sequence s = ASN1Sequence.getInstance(e.nextElement());
-            attributes.addElement(Attribute.getInstance(s));
-        }
-    }
-
-    /**
-     * Constructor from a vector of attributes.
-     * 
-     * The vector consists of attributes of type {@link Attribute Attribute}
-     * 
-     * @param attributes
-     *            The attributes.
-     * 
-     */
-    public SubjectDirectoryAttributes(Vector attributes)
-    {
-        Enumeration e = attributes.elements();
-
-        while (e.hasMoreElements())
-        {
-            this.attributes.addElement(e.nextElement());
-        }
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     * 
-     * Returns:
-     * 
-     * <pre>
-     *      SubjectDirectoryAttributes ::= Attributes
-     *      Attributes ::= SEQUENCE SIZE (1..MAX) OF Attribute
-     *      Attribute ::= SEQUENCE 
-     *      {
-     *        type AttributeType 
-     *        values SET OF AttributeValue 
-     *      }
-     *      
-     *      AttributeType ::= OBJECT IDENTIFIER
-     *      AttributeValue ::= ANY DEFINED BY AttributeType
-     * </pre>
-     * 
-     * @return a ASN1Primitive
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector vec = new ASN1EncodableVector();
-        Enumeration e = attributes.elements();
-
-        while (e.hasMoreElements())
-        {
-
-            vec.add((Attribute)e.nextElement());
-        }
-
-        return new DERSequence(vec);
-    }
-
-    /**
-     * @return Returns the attributes.
-     */
-    public Vector getAttributes()
-    {
-        return attributes;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/Target.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/Target.java
deleted file mode 100644
index b302f5a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/Target.java
+++ /dev/null

@@ -1,138 +0,0 @@
-package org.bouncycastle.asn1.x509;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERTaggedObject;
-
-/**
- * Target structure used in target information extension for attribute
- * certificates from RFC 3281.
- * 
- * <pre>
- *     Target  ::= CHOICE {
- *       targetName          [0] GeneralName,
- *       targetGroup         [1] GeneralName,
- *       targetCert          [2] TargetCert
- *     }
- * </pre>
- * 
- * <p>
- * The targetCert field is currently not supported and must not be used
- * according to RFC 3281.
- */
-public class Target
-    extends ASN1Object
-    implements ASN1Choice
-{
-    public static final int targetName = 0;
-    public static final int targetGroup = 1;
-
-    private GeneralName targName;
-    private GeneralName targGroup;
-
-    /**
-     * Creates an instance of a Target from the given object.
-     * <p>
-     * <code>obj</code> can be a Target or a {@link ASN1TaggedObject}
-     * 
-     * @param obj The object.
-     * @return A Target instance.
-     * @throws IllegalArgumentException if the given object cannot be
-     *             interpreted as Target.
-     */
-    public static Target getInstance(Object obj)
-    {
-        if (obj == null || obj instanceof Target)
-        {
-            return (Target) obj;
-        }
-        else if (obj instanceof ASN1TaggedObject)
-        {
-            return new Target((ASN1TaggedObject)obj);
-        }
-
-        throw new IllegalArgumentException("unknown object in factory: "
-            + obj.getClass());
-    }
-
-    /**
-     * Constructor from ASN1TaggedObject.
-     * 
-     * @param tagObj The tagged object.
-     * @throws IllegalArgumentException if the encoding is wrong.
-     */
-    private Target(ASN1TaggedObject tagObj)
-    {
-        switch (tagObj.getTagNo())
-        {
-        case targetName:     // GeneralName is already a choice so explicit
-            targName = GeneralName.getInstance(tagObj, true);
-            break;
-        case targetGroup:
-            targGroup = GeneralName.getInstance(tagObj, true);
-            break;
-        default:
-            throw new IllegalArgumentException("unknown tag: " + tagObj.getTagNo());
-        }
-    }
-
-    /**
-     * Constructor from given details.
-     * <p>
-     * Exactly one of the parameters must be not <code>null</code>.
-     *
-     * @param type the choice type to apply to the name.
-     * @param name the general name.
-     * @throws IllegalArgumentException if type is invalid.
-     */
-    public Target(int type, GeneralName name)
-    {
-        this(new DERTaggedObject(type, name));
-    }
-
-    /**
-     * @return Returns the targetGroup.
-     */
-    public GeneralName getTargetGroup()
-    {
-        return targGroup;
-    }
-
-    /**
-     * @return Returns the targetName.
-     */
-    public GeneralName getTargetName()
-    {
-        return targName;
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     * 
-     * Returns:
-     * 
-     * <pre>
-     *     Target  ::= CHOICE {
-     *       targetName          [0] GeneralName,
-     *       targetGroup         [1] GeneralName,
-     *       targetCert          [2] TargetCert
-     *     }
-     * </pre>
-     * 
-     * @return a ASN1Primitive
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        // GeneralName is a choice already so most be explicitly tagged
-        if (targName != null)
-        {
-            return new DERTaggedObject(true, 0, targName);
-        }
-        else
-        {
-            return new DERTaggedObject(true, 1, targGroup);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/TargetInformation.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/TargetInformation.java
deleted file mode 100644
index eb892b9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/TargetInformation.java
+++ /dev/null

@@ -1,120 +0,0 @@
-package org.bouncycastle.asn1.x509;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * Target information extension for attributes certificates according to RFC
- * 3281.
- * 
- * <pre>
- *           SEQUENCE OF Targets
- * </pre>
- * 
- */
-public class TargetInformation
-    extends ASN1Object
-{
-    private ASN1Sequence targets;
-
-    /**
-     * Creates an instance of a TargetInformation from the given object.
-     * <p>
-     * <code>obj</code> can be a TargetInformation or a {@link ASN1Sequence}
-     * 
-     * @param obj The object.
-     * @return A TargetInformation instance.
-     * @throws IllegalArgumentException if the given object cannot be
-     *             interpreted as TargetInformation.
-     */
-    public static TargetInformation getInstance(Object obj)
-    {
-        if (obj instanceof TargetInformation)
-        {
-            return (TargetInformation)obj;
-        }
-        else if (obj != null)
-        {
-            return new TargetInformation(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    /**
-     * Constructor from a ASN1Sequence.
-     * 
-     * @param seq The ASN1Sequence.
-     * @throws IllegalArgumentException if the sequence does not contain
-     *             correctly encoded Targets elements.
-     */
-    private TargetInformation(ASN1Sequence seq)
-    {
-        targets = seq;
-    }
-
-    /**
-     * Returns the targets in this target information extension.
-     * 
-     * @return Returns the targets.
-     */
-    public Targets[] getTargetsObjects()
-    {
-        Targets[] copy = new Targets[targets.size()];
-        int count = 0;
-        for (Enumeration e = targets.getObjects(); e.hasMoreElements();)
-        {
-            copy[count++] = Targets.getInstance(e.nextElement());
-        }
-        return copy;
-    }
-
-    /**
-     * Constructs a target information from a single targets element. 
-     * According to RFC 3281 only one targets element must be produced.
-     * 
-     * @param targets A Targets instance.
-     */
-    public TargetInformation(Targets targets)
-    {
-        this.targets = new DERSequence(targets);
-    }
-
-    /**
-     * According to RFC 3281 only one targets element must be produced. If
-     * multiple targets are given they must be merged in
-     * into one targets element.
-     *
-     * @param targets An array with {@link Targets}.
-     */
-    public TargetInformation(Target[] targets)
-    {
-        this(new Targets(targets));
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     * 
-     * Returns:
-     * 
-     * <pre>
-     *          SEQUENCE OF Targets
-     * </pre>
-     * 
-     * <p>
-     * According to RFC 3281 only one targets element must be produced. If
-     * multiple targets are given in the constructor they are merged into one
-     * targets element. If this was produced from a
-     * {@link org.bouncycastle.asn1.ASN1Sequence} the encoding is kept.
-     * 
-     * @return a ASN1Primitive
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return targets;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/Targets.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/Targets.java
deleted file mode 100644
index 4c7d062..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/Targets.java
+++ /dev/null

@@ -1,121 +0,0 @@
-package org.bouncycastle.asn1.x509;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * Targets structure used in target information extension for attribute
- * certificates from RFC 3281.
- * 
- * <pre>
- *            Targets ::= SEQUENCE OF Target
- *           
- *            Target  ::= CHOICE {
- *              targetName          [0] GeneralName,
- *              targetGroup         [1] GeneralName,
- *              targetCert          [2] TargetCert
- *            }
- *           
- *            TargetCert  ::= SEQUENCE {
- *              targetCertificate    IssuerSerial,
- *              targetName           GeneralName OPTIONAL,
- *              certDigestInfo       ObjectDigestInfo OPTIONAL
- *            }
- * </pre>
- * 
- * @see org.bouncycastle.asn1.x509.Target
- * @see org.bouncycastle.asn1.x509.TargetInformation
- */
-public class Targets
-    extends ASN1Object
-{
-    private ASN1Sequence targets;
-
-    /**
-     * Creates an instance of a Targets from the given object.
-     * <p>
-     * <code>obj</code> can be a Targets or a {@link ASN1Sequence}
-     * 
-     * @param obj The object.
-     * @return A Targets instance.
-     * @throws IllegalArgumentException if the given object cannot be
-     *             interpreted as Target.
-     */
-    public static Targets getInstance(Object obj)
-    {
-        if (obj instanceof Targets)
-        {
-            return (Targets)obj;
-        }
-        else if (obj != null)
-        {
-            return new Targets(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    /**
-     * Constructor from ASN1Sequence.
-     * 
-     * @param targets The ASN.1 SEQUENCE.
-     * @throws IllegalArgumentException if the contents of the sequence are
-     *             invalid.
-     */
-    private Targets(ASN1Sequence targets)
-    {
-        this.targets = targets;
-    }
-
-    /**
-     * Constructor from given targets.
-     * <p>
-     * The vector is copied.
-     * 
-     * @param targets A <code>Vector</code> of {@link Target}s.
-     * @see Target
-     * @throws IllegalArgumentException if the vector contains not only Targets.
-     */
-    public Targets(Target[] targets)
-    {
-        this.targets = new DERSequence(targets);
-    }
-
-    /**
-     * Returns the targets in a <code>Vector</code>.
-     * <p>
-     * The vector is cloned before it is returned.
-     * 
-     * @return Returns the targets.
-     */
-    public Target[] getTargets()
-    {
-        Target[] targs = new Target[targets.size()];
-        int count = 0;
-        for (Enumeration e = targets.getObjects(); e.hasMoreElements();)
-        {
-            targs[count++] = Target.getInstance(e.nextElement());
-        }
-        return targs;
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     * 
-     * Returns:
-     * 
-     * <pre>
-     *            Targets ::= SEQUENCE OF Target
-     * </pre>
-     * 
-     * @return a ASN1Primitive
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        return targets;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/Time.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/Time.java
index 77d36b3..a99dddf 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/Time.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/Time.java

@@ -2,6 +2,8 @@
 
 import java.text.ParseException;
 import java.text.SimpleDateFormat;
+// Android-added: Localization support
+import java.util.Calendar;
 import java.util.Date;
 import java.util.Locale;
 import java.util.SimpleTimeZone;
@@ -51,7 +53,9 @@
         Date    time)
     {
         SimpleTimeZone      tz = new SimpleTimeZone(0, "Z");
-        SimpleDateFormat    dateF = new SimpleDateFormat("yyyyMMddHHmmss");
+        // Android-changed: Use localized version
+        // SimpleDateFormat    dateF = new SimpleDateFormat("yyyyMMddHHmmss");
+        SimpleDateFormat    dateF = new SimpleDateFormat("yyyyMMddHHmmss", Locale.US);
 
         dateF.setTimeZone(tz);
 
@@ -82,7 +86,11 @@
         Locale locale)
     {
         SimpleTimeZone      tz = new SimpleTimeZone(0, "Z");
-        SimpleDateFormat    dateF = new SimpleDateFormat("yyyyMMddHHmmss", locale);
+        // BEGIN Android-changed: Use localized version
+        // SimpleDateFormat    dateF = new SimpleDateFormat("yyyyMMddHHmmss", locale);
+        SimpleDateFormat    dateF = new SimpleDateFormat("yyyyMMddHHmmss", Locale.US);
+        dateF.setCalendar(Calendar.getInstance(locale));
+        // END android-changed
 
         dateF.setTimeZone(tz);
 

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/UserNotice.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/UserNotice.java
deleted file mode 100644
index f6523c5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/UserNotice.java
+++ /dev/null

@@ -1,139 +0,0 @@
-package org.bouncycastle.asn1.x509;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * <code>UserNotice</code> class, used in
- * <code>CertificatePolicies</code> X509 extensions (in policy
- * qualifiers).
- * <pre>
- * UserNotice ::= SEQUENCE {
- *      noticeRef        NoticeReference OPTIONAL,
- *      explicitText     DisplayText OPTIONAL}
- *
- * </pre>
- * 
- * @see PolicyQualifierId
- * @see PolicyInformation
- */
-public class UserNotice 
-    extends ASN1Object
-{
-    private final NoticeReference noticeRef;
-    private final DisplayText     explicitText;
-   
-    /**
-     * Creates a new <code>UserNotice</code> instance.
-     *
-     * @param noticeRef a <code>NoticeReference</code> value
-     * @param explicitText a <code>DisplayText</code> value
-     */
-    public UserNotice(
-        NoticeReference noticeRef, 
-        DisplayText explicitText) 
-    {
-        this.noticeRef = noticeRef;
-        this.explicitText = explicitText;
-    }
-
-    /**
-     * Creates a new <code>UserNotice</code> instance.
-     *
-     * @param noticeRef a <code>NoticeReference</code> value
-     * @param str the explicitText field as a String. 
-     */
-    public UserNotice(
-        NoticeReference noticeRef, 
-        String str) 
-    {
-        this(noticeRef, new DisplayText(str));
-    }
-
-    /**
-     * Creates a new <code>UserNotice</code> instance.
-     * <p>Useful from reconstructing a <code>UserNotice</code> instance
-     * from its encodable/encoded form. 
-     *
-     * @param as an <code>ASN1Sequence</code> value obtained from either
-     * calling @{link toASN1Primitive()} for a <code>UserNotice</code>
-     * instance or from parsing it from a DER-encoded stream. 
-     */
-    private UserNotice(
-       ASN1Sequence as) 
-    {
-       if (as.size() == 2)
-       {
-           noticeRef = NoticeReference.getInstance(as.getObjectAt(0));
-           explicitText = DisplayText.getInstance(as.getObjectAt(1));
-       }
-       else if (as.size() == 1)
-       {
-           if (as.getObjectAt(0).toASN1Primitive() instanceof ASN1Sequence)
-           {
-               noticeRef = NoticeReference.getInstance(as.getObjectAt(0));
-               explicitText = null;
-           }
-           else
-           {
-               explicitText = DisplayText.getInstance(as.getObjectAt(0));
-               noticeRef = null;
-           }
-       }
-       else if (as.size() == 0)       // neither field set!
-       {
-           noticeRef = null;
-           explicitText = null;
-       }
-       else
-       {
-           throw new IllegalArgumentException("Bad sequence size: " + as.size());
-       }
-    }
-
-    public static UserNotice getInstance(
-        Object obj)
-    {
-        if (obj instanceof UserNotice)
-        {
-            return (UserNotice)obj;
-        }
-
-        if (obj != null)
-        {
-            return new UserNotice(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    public NoticeReference getNoticeRef()
-    {
-        return noticeRef;
-    }
-    
-    public DisplayText getExplicitText()
-    {
-        return explicitText;
-    }
-    
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector av = new ASN1EncodableVector();
-      
-        if (noticeRef != null)
-        {
-            av.add(noticeRef);
-        }
-        
-        if (explicitText != null)
-        {
-            av.add(explicitText);
-        }
-         
-        return new DERSequence(av);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/V2AttributeCertificateInfoGenerator.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/V2AttributeCertificateInfoGenerator.java
deleted file mode 100644
index 635a69e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/V2AttributeCertificateInfoGenerator.java
+++ /dev/null

@@ -1,158 +0,0 @@
-package org.bouncycastle.asn1.x509;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERSet;
-
-/**
- * Generator for Version 2 AttributeCertificateInfo
- * <pre>
- * AttributeCertificateInfo ::= SEQUENCE {
- *       version              AttCertVersion -- version is v2,
- *       holder               Holder,
- *       issuer               AttCertIssuer,
- *       signature            AlgorithmIdentifier,
- *       serialNumber         CertificateSerialNumber,
- *       attrCertValidityPeriod   AttCertValidityPeriod,
- *       attributes           SEQUENCE OF Attribute,
- *       issuerUniqueID       UniqueIdentifier OPTIONAL,
- *       extensions           Extensions OPTIONAL
- * }
- * </pre>
- *
- */
-public class V2AttributeCertificateInfoGenerator
-{
-    private ASN1Integer version;
-    private Holder holder;
-    private AttCertIssuer issuer;
-    private AlgorithmIdentifier signature;
-    private ASN1Integer serialNumber;
-    private ASN1EncodableVector attributes;
-    private DERBitString issuerUniqueID;
-    private Extensions extensions;
-
-    // Note: validity period start/end dates stored directly
-    //private AttCertValidityPeriod attrCertValidityPeriod;
-    private ASN1GeneralizedTime startDate, endDate; 
-
-    public V2AttributeCertificateInfoGenerator()
-    {
-        this.version = new ASN1Integer(1);
-        attributes = new ASN1EncodableVector();
-    }
-    
-    public void setHolder(Holder holder)
-    {
-        this.holder = holder;
-    }
-    
-    public void addAttribute(String oid, ASN1Encodable value) 
-    {
-        attributes.add(new Attribute(new ASN1ObjectIdentifier(oid), new DERSet(value)));
-    }
-
-    /**
-     * @param attribute
-     */
-    public void addAttribute(Attribute attribute)
-    {
-        attributes.add(attribute);
-    }
-    
-    public void setSerialNumber(
-        ASN1Integer  serialNumber)
-    {
-        this.serialNumber = serialNumber;
-    }
-
-    public void setSignature(
-        AlgorithmIdentifier    signature)
-    {
-        this.signature = signature;
-    }
-
-    public void setIssuer(
-        AttCertIssuer    issuer)
-    {
-        this.issuer = issuer;
-    }
-
-    public void setStartDate(
-        ASN1GeneralizedTime startDate)
-    {
-        this.startDate = startDate;
-    }
-
-    public void setEndDate(
-        ASN1GeneralizedTime endDate)
-    {
-        this.endDate = endDate;
-    }
-
-    public void setIssuerUniqueID(
-        DERBitString    issuerUniqueID)
-    {
-        this.issuerUniqueID = issuerUniqueID;
-    }
-
-    /**
-     * @deprecated use method taking Extensions
-     * @param extensions
-     */
-    public void setExtensions(
-        X509Extensions    extensions)
-    {
-        this.extensions = Extensions.getInstance(extensions.toASN1Primitive());
-    }
-
-    public void setExtensions(
-        Extensions    extensions)
-    {
-        this.extensions = extensions;
-    }
-
-    public AttributeCertificateInfo generateAttributeCertificateInfo()
-    {
-        if ((serialNumber == null) || (signature == null)
-            || (issuer == null) || (startDate == null) || (endDate == null)
-            || (holder == null) || (attributes == null))
-        {
-            throw new IllegalStateException("not all mandatory fields set in V2 AttributeCertificateInfo generator");
-        }
-
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        v.add(version);
-        v.add(holder);
-        v.add(issuer);
-        v.add(signature);
-        v.add(serialNumber);
-    
-        //
-        // before and after dates => AttCertValidityPeriod
-        //
-        AttCertValidityPeriod validity = new AttCertValidityPeriod(startDate, endDate);
-        v.add(validity);
-        
-        // Attributes
-        v.add(new DERSequence(attributes));
-        
-        if (issuerUniqueID != null)
-        {
-            v.add(issuerUniqueID);
-        }
-    
-        if (extensions != null)
-        {
-            v.add(extensions);
-        }
-
-        return AttributeCertificateInfo.getInstance(new DERSequence(v));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/V2TBSCertListGenerator.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/V2TBSCertListGenerator.java
deleted file mode 100644
index 869f5bc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/V2TBSCertListGenerator.java
+++ /dev/null

@@ -1,281 +0,0 @@
-package org.bouncycastle.asn1.x509;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1UTCTime;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x500.X500Name;
-
-/**
- * Generator for Version 2 TBSCertList structures.
- * <pre>
- *  TBSCertList  ::=  SEQUENCE  {
- *       version                 Version OPTIONAL,
- *                                    -- if present, shall be v2
- *       signature               AlgorithmIdentifier,
- *       issuer                  Name,
- *       thisUpdate              Time,
- *       nextUpdate              Time OPTIONAL,
- *       revokedCertificates     SEQUENCE OF SEQUENCE  {
- *            userCertificate         CertificateSerialNumber,
- *            revocationDate          Time,
- *            crlEntryExtensions      Extensions OPTIONAL
- *                                          -- if present, shall be v2
- *                                 }  OPTIONAL,
- *       crlExtensions           [0]  EXPLICIT Extensions OPTIONAL
- *                                          -- if present, shall be v2
- *                                 }
- * </pre>
- *
- * <b>Note: This class may be subject to change</b>
- */
-public class V2TBSCertListGenerator
-{
-    private ASN1Integer         version = new ASN1Integer(1);
-    private AlgorithmIdentifier signature;
-    private X500Name            issuer;
-    private Time                thisUpdate, nextUpdate=null;
-    private Extensions          extensions = null;
-    private ASN1EncodableVector crlentries = new ASN1EncodableVector();
-
-    private final static ASN1Sequence[] reasons;
-
-    static
-    {
-       reasons = new ASN1Sequence[11];
-
-        reasons[0] = createReasonExtension(CRLReason.unspecified);
-        reasons[1] = createReasonExtension(CRLReason.keyCompromise);
-        reasons[2] = createReasonExtension(CRLReason.cACompromise);
-        reasons[3] = createReasonExtension(CRLReason.affiliationChanged);
-        reasons[4] = createReasonExtension(CRLReason.superseded);
-        reasons[5] = createReasonExtension(CRLReason.cessationOfOperation);
-        reasons[6] = createReasonExtension(CRLReason.certificateHold);
-        reasons[7] = createReasonExtension(7); // 7 -> unknown
-        reasons[8] = createReasonExtension(CRLReason.removeFromCRL);
-        reasons[9] = createReasonExtension(CRLReason.privilegeWithdrawn);
-        reasons[10] = createReasonExtension(CRLReason.aACompromise);
-    }
-
-    public V2TBSCertListGenerator()
-    {
-    }
-
-
-    public void setSignature(
-        AlgorithmIdentifier    signature)
-    {
-        this.signature = signature;
-    }
-
-    /**
-     * @deprecated use X500Name method
-     */
-    public void setIssuer(
-        X509Name    issuer)
-    {
-        this.issuer = X500Name.getInstance(issuer.toASN1Primitive());
-    }
-
-    public void setIssuer(X500Name issuer)
-    {
-        this.issuer = issuer;
-    }
-
-    public void setThisUpdate(
-        ASN1UTCTime thisUpdate)
-    {
-        this.thisUpdate = new Time(thisUpdate);
-    }
-
-    public void setNextUpdate(
-        ASN1UTCTime nextUpdate)
-    {
-        this.nextUpdate = new Time(nextUpdate);
-    }
-
-    public void setThisUpdate(
-        Time thisUpdate)
-    {
-        this.thisUpdate = thisUpdate;
-    }
-
-    public void setNextUpdate(
-        Time nextUpdate)
-    {
-        this.nextUpdate = nextUpdate;
-    }
-
-    public void addCRLEntry(
-        ASN1Sequence crlEntry)
-    {
-        crlentries.add(crlEntry);
-    }
-
-    public void addCRLEntry(ASN1Integer userCertificate, ASN1UTCTime revocationDate, int reason)
-    {
-        addCRLEntry(userCertificate, new Time(revocationDate), reason);
-    }
-
-    public void addCRLEntry(ASN1Integer userCertificate, Time revocationDate, int reason)
-    {
-        addCRLEntry(userCertificate, revocationDate, reason, null);
-    }
-
-    public void addCRLEntry(ASN1Integer userCertificate, Time revocationDate, int reason, ASN1GeneralizedTime invalidityDate)
-    {
-        if (reason != 0)
-        {
-            ASN1EncodableVector v = new ASN1EncodableVector();
-
-            if (reason < reasons.length)
-            {
-                if (reason < 0)
-                {
-                    throw new IllegalArgumentException("invalid reason value: " + reason);
-                }
-                v.add(reasons[reason]);
-            }
-            else
-            {
-                v.add(createReasonExtension(reason));
-            }
-
-            if (invalidityDate != null)
-            {
-                v.add(createInvalidityDateExtension(invalidityDate));
-            }
-
-            internalAddCRLEntry(userCertificate, revocationDate, new DERSequence(v));
-        }
-        else if (invalidityDate != null)
-        {
-            ASN1EncodableVector v = new ASN1EncodableVector();
-
-            v.add(createInvalidityDateExtension(invalidityDate));
-
-            internalAddCRLEntry(userCertificate, revocationDate, new DERSequence(v));
-        }
-        else
-        {
-            addCRLEntry(userCertificate, revocationDate, null);
-        }
-    }
-
-    private void internalAddCRLEntry(ASN1Integer userCertificate, Time revocationDate, ASN1Sequence extensions)
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(userCertificate);
-        v.add(revocationDate);
-
-        if (extensions != null)
-        {
-            v.add(extensions);
-        }
-
-        addCRLEntry(new DERSequence(v));
-    }
-
-    public void addCRLEntry(ASN1Integer userCertificate, Time revocationDate, Extensions extensions)
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(userCertificate);
-        v.add(revocationDate);
-        
-        if (extensions != null)
-        {
-            v.add(extensions);
-        }
-        
-        addCRLEntry(new DERSequence(v));
-    }
-
-    public void setExtensions(
-        X509Extensions    extensions)
-    {
-        setExtensions(Extensions.getInstance(extensions));
-    }
-
-    public void setExtensions(
-        Extensions    extensions)
-    {
-        this.extensions = extensions;
-    }
-
-    public TBSCertList generateTBSCertList()
-    {
-        if ((signature == null) || (issuer == null) || (thisUpdate == null))
-        {
-            throw new IllegalStateException("Not all mandatory fields set in V2 TBSCertList generator.");
-        }
-
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        v.add(version);
-        v.add(signature);
-        v.add(issuer);
-
-        v.add(thisUpdate);
-        if (nextUpdate != null)
-        {
-            v.add(nextUpdate);
-        }
-
-        // Add CRLEntries if they exist
-        if (crlentries.size() != 0)
-        {
-            v.add(new DERSequence(crlentries));
-        }
-
-        if (extensions != null)
-        {
-            v.add(new DERTaggedObject(0, extensions));
-        }
-
-        return new TBSCertList(new DERSequence(v));
-    }
-
-    private static ASN1Sequence createReasonExtension(int reasonCode)
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        CRLReason crlReason = CRLReason.lookup(reasonCode);
-
-        try
-        {
-            v.add(Extension.reasonCode);
-            v.add(new DEROctetString(crlReason.getEncoded()));
-        }
-        catch (IOException e)
-        {
-            throw new IllegalArgumentException("error encoding reason: " + e);
-        }
-
-        return new DERSequence(v);
-    }
-
-    private static ASN1Sequence createInvalidityDateExtension(ASN1GeneralizedTime invalidityDate)
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        try
-        {
-            v.add(Extension.invalidityDate);
-            v.add(new DEROctetString(invalidityDate.getEncoded()));
-        }
-        catch (IOException e)
-        {
-            throw new IllegalArgumentException("error encoding reason: " + e);
-        }
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509AttributeIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509AttributeIdentifiers.java
deleted file mode 100644
index 0ed12f7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509AttributeIdentifiers.java
+++ /dev/null

@@ -1,29 +0,0 @@
-package org.bouncycastle.asn1.x509;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-
-public interface X509AttributeIdentifiers
-{
-    /**
-     * @deprecated use id_at_role
-     */
-    static final ASN1ObjectIdentifier RoleSyntax = new ASN1ObjectIdentifier("2.5.4.72");
-
-    static final ASN1ObjectIdentifier id_pe_ac_auditIdentity = X509ObjectIdentifiers.id_pe.branch("4");
-    static final ASN1ObjectIdentifier id_pe_aaControls       = X509ObjectIdentifiers.id_pe.branch("6");
-    static final ASN1ObjectIdentifier id_pe_ac_proxying      = X509ObjectIdentifiers.id_pe.branch("10");
-
-    static final ASN1ObjectIdentifier id_ce_targetInformation= X509ObjectIdentifiers.id_ce.branch("55");
-
-    static final ASN1ObjectIdentifier id_aca = X509ObjectIdentifiers.id_pkix.branch("10");
-
-    static final ASN1ObjectIdentifier id_aca_authenticationInfo    = id_aca.branch("1");
-    static final ASN1ObjectIdentifier id_aca_accessIdentity        = id_aca.branch("2");
-    static final ASN1ObjectIdentifier id_aca_chargingIdentity      = id_aca.branch("3");
-    static final ASN1ObjectIdentifier id_aca_group                 = id_aca.branch("4");
-    // { id-aca 5 } is reserved
-    static final ASN1ObjectIdentifier id_aca_encAttrs              = id_aca.branch("6");
-
-    static final ASN1ObjectIdentifier id_at_role = new ASN1ObjectIdentifier("2.5.4.72");
-    static final ASN1ObjectIdentifier id_at_clearance = new ASN1ObjectIdentifier("2.5.1.5.55");
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Name.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Name.java
index ff7af8c..fafb68f 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Name.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509Name.java

@@ -255,8 +255,10 @@
      */
     public static final Hashtable SymbolLookUp = DefaultLookUp;
 
-    private static final Boolean TRUE = new Boolean(true); // for J2ME compatibility
-    private static final Boolean FALSE = new Boolean(false);
+    // BEGIN Android-changed: Use Boolean class constants instead of Boolean constructor
+    private static final Boolean TRUE = Boolean.TRUE;
+    private static final Boolean FALSE = Boolean.FALSE;
+    // END Android-changed: Use Boolean class constants instead of Boolean constructor
 
     static
     {

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509NameTokenizer.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509NameTokenizer.java
index 7f99235..b1b1416 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509NameTokenizer.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/x509/X509NameTokenizer.java

@@ -78,6 +78,19 @@
                 }
                 else
                 {
+                    // BEGIN Android-added: Unknown reason
+                    // This was previously marked with the comment "copied from a newer version
+                    // of BouncyCastle", but I couldn't find any evidence that it ever was included
+                    // in any version of BC
+                    if (c == '#' && buf.charAt(buf.length() - 1) == '=')
+                    {
+                        buf.append('\\');
+                    }
+                    else if (c == '+' && separator != '+')
+                    {
+                        buf.append('\\');
+                    }
+                    // END Android-added: Unknown reason
                     buf.append(c);
                 }
             }

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/x509/package.html
deleted file mode 100644
index 728921a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes useful for encoding and processing X.509 certificates.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/BiometricData.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/BiometricData.java
deleted file mode 100644
index 32fa451..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/BiometricData.java
+++ /dev/null

@@ -1,122 +0,0 @@
-package org.bouncycastle.asn1.x509.qualified;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERIA5String;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * The BiometricData object.
- * <pre>
- * BiometricData  ::=  SEQUENCE {
- *       typeOfBiometricData  TypeOfBiometricData,
- *       hashAlgorithm        AlgorithmIdentifier,
- *       biometricDataHash    OCTET STRING,
- *       sourceDataUri        IA5String OPTIONAL  }
- * </pre>
- */
-public class BiometricData 
-    extends ASN1Object
-{
-    private TypeOfBiometricData typeOfBiometricData;
-    private AlgorithmIdentifier hashAlgorithm;
-    private ASN1OctetString     biometricDataHash;
-    private DERIA5String        sourceDataUri;
-    
-    public static BiometricData getInstance(
-        Object obj)
-    {
-        if (obj instanceof BiometricData)
-        {
-            return (BiometricData)obj;
-        }
-
-        if (obj != null)
-        {
-            return new BiometricData(ASN1Sequence.getInstance(obj));            
-        }
-
-        return null;
-    }                
-            
-    private BiometricData(ASN1Sequence seq)
-    {
-        Enumeration e = seq.getObjects();
-
-        // typeOfBiometricData
-        typeOfBiometricData = TypeOfBiometricData.getInstance(e.nextElement());
-        // hashAlgorithm
-        hashAlgorithm = AlgorithmIdentifier.getInstance(e.nextElement());
-        // biometricDataHash
-        biometricDataHash = ASN1OctetString.getInstance(e.nextElement());
-        // sourceDataUri
-        if (e.hasMoreElements())
-        {
-            sourceDataUri = DERIA5String.getInstance(e.nextElement());
-        }
-    }
-    
-    public BiometricData(
-        TypeOfBiometricData typeOfBiometricData,
-        AlgorithmIdentifier hashAlgorithm,
-        ASN1OctetString     biometricDataHash,
-        DERIA5String        sourceDataUri)
-    {
-        this.typeOfBiometricData = typeOfBiometricData;
-        this.hashAlgorithm = hashAlgorithm;
-        this.biometricDataHash = biometricDataHash;
-        this.sourceDataUri = sourceDataUri;
-    }
-    
-    public BiometricData(
-        TypeOfBiometricData typeOfBiometricData,
-        AlgorithmIdentifier hashAlgorithm,
-        ASN1OctetString     biometricDataHash)
-    {
-        this.typeOfBiometricData = typeOfBiometricData;
-        this.hashAlgorithm = hashAlgorithm;
-        this.biometricDataHash = biometricDataHash;
-        this.sourceDataUri = null;
-    }
-
-    public TypeOfBiometricData getTypeOfBiometricData()
-    {
-        return typeOfBiometricData;
-    }
-    
-    public AlgorithmIdentifier getHashAlgorithm()
-    {
-        return hashAlgorithm;
-    }
-    
-    public ASN1OctetString getBiometricDataHash()
-    {
-        return biometricDataHash;
-    }
-    
-    public DERIA5String getSourceDataUri()
-    {
-        return sourceDataUri;
-    }
-    
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector seq = new ASN1EncodableVector();
-        seq.add(typeOfBiometricData);
-        seq.add(hashAlgorithm);
-        seq.add(biometricDataHash); 
-        
-        if (sourceDataUri != null)
-        {
-            seq.add(sourceDataUri);
-        }
-
-        return new DERSequence(seq);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/ETSIQCObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/ETSIQCObjectIdentifiers.java
deleted file mode 100644
index a95ac94..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/ETSIQCObjectIdentifiers.java
+++ /dev/null

@@ -1,18 +0,0 @@
-package org.bouncycastle.asn1.x509.qualified;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-
-public interface ETSIQCObjectIdentifiers
-{
-    static final ASN1ObjectIdentifier    id_etsi_qcs_QcCompliance     = new ASN1ObjectIdentifier("0.4.0.1862.1.1");
-    static final ASN1ObjectIdentifier    id_etsi_qcs_LimiteValue      = new ASN1ObjectIdentifier("0.4.0.1862.1.2");
-    static final ASN1ObjectIdentifier    id_etsi_qcs_RetentionPeriod  = new ASN1ObjectIdentifier("0.4.0.1862.1.3");
-    static final ASN1ObjectIdentifier    id_etsi_qcs_QcSSCD           = new ASN1ObjectIdentifier("0.4.0.1862.1.4");
-
-    static final ASN1ObjectIdentifier    id_etsi_qcs_QcPds = new ASN1ObjectIdentifier("0.4.0.1862.1.5");
-
-    static final ASN1ObjectIdentifier    id_etsi_qcs_QcType = new ASN1ObjectIdentifier("0.4.0.1862.1.6");
-    static final ASN1ObjectIdentifier    id_etsi_qct_esign = id_etsi_qcs_QcType.branch("1");
-    static final ASN1ObjectIdentifier    id_etsi_qct_eseal = id_etsi_qcs_QcType.branch("2");
-    static final ASN1ObjectIdentifier    id_etsi_qct_web = id_etsi_qcs_QcType.branch("3");
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/Iso4217CurrencyCode.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/Iso4217CurrencyCode.java
deleted file mode 100644
index b6cfb62..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/Iso4217CurrencyCode.java
+++ /dev/null

@@ -1,93 +0,0 @@
-package org.bouncycastle.asn1.x509.qualified;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DERPrintableString;
-
-/**
- * The Iso4217CurrencyCode object.
- * <pre>
- * Iso4217CurrencyCode  ::=  CHOICE {
- *       alphabetic              PrintableString (SIZE 3), --Recommended
- *       numeric              INTEGER (1..999) }
- * -- Alphabetic or numeric currency code as defined in ISO 4217
- * -- It is recommended that the Alphabetic form is used
- * </pre>
- */
-public class Iso4217CurrencyCode 
-    extends ASN1Object
-    implements ASN1Choice
-{
-    final int ALPHABETIC_MAXSIZE = 3;
-    final int NUMERIC_MINSIZE = 1;
-    final int NUMERIC_MAXSIZE = 999;
-    
-    ASN1Encodable obj;
-    int          numeric;
-    
-    public static Iso4217CurrencyCode getInstance(
-        Object obj)
-    {
-        if (obj == null || obj instanceof Iso4217CurrencyCode)
-        {
-            return (Iso4217CurrencyCode)obj;
-        }
-
-        if (obj instanceof ASN1Integer)
-        {
-            ASN1Integer numericobj = ASN1Integer.getInstance(obj);
-            int numeric = numericobj.getValue().intValue();  
-            return new Iso4217CurrencyCode(numeric);            
-        }
-        else
-        if (obj instanceof DERPrintableString)
-        {
-            DERPrintableString alphabetic = DERPrintableString.getInstance(obj);
-            return new Iso4217CurrencyCode(alphabetic.getString());
-        }
-        throw new IllegalArgumentException("unknown object in getInstance");
-    }
-            
-    public Iso4217CurrencyCode(
-        int numeric)
-    {
-        if (numeric > NUMERIC_MAXSIZE || numeric < NUMERIC_MINSIZE)
-        {
-            throw new IllegalArgumentException("wrong size in numeric code : not in (" +NUMERIC_MINSIZE +".."+ NUMERIC_MAXSIZE +")");
-        }
-        obj = new ASN1Integer(numeric);
-    }
-    
-    public Iso4217CurrencyCode(
-        String alphabetic)
-    {
-        if (alphabetic.length() > ALPHABETIC_MAXSIZE)
-        {
-            throw new IllegalArgumentException("wrong size in alphabetic code : max size is " + ALPHABETIC_MAXSIZE);
-        }
-        obj = new DERPrintableString(alphabetic);
-    }            
-
-    public boolean isAlphabetic()
-    {
-        return obj instanceof DERPrintableString;
-    }
-    
-    public String getAlphabetic()
-    {
-        return ((DERPrintableString)obj).getString();
-    }
-    
-    public int getNumeric()
-    {
-        return ((ASN1Integer)obj).getValue().intValue();
-    }
-    
-    public ASN1Primitive toASN1Primitive()
-    {    
-        return obj.toASN1Primitive();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/MonetaryValue.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/MonetaryValue.java
deleted file mode 100644
index 1ec2dcd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/MonetaryValue.java
+++ /dev/null

@@ -1,92 +0,0 @@
-package org.bouncycastle.asn1.x509.qualified;
-
-import java.math.BigInteger;
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * The MonetaryValue object.
- * <pre>
- * MonetaryValue  ::=  SEQUENCE {
- *       currency              Iso4217CurrencyCode,
- *       amount               INTEGER, 
- *       exponent             INTEGER }
- * -- value = amount * 10^exponent
- * </pre>
- */
-public class MonetaryValue 
-    extends ASN1Object
-{
-    private Iso4217CurrencyCode currency;
-    private ASN1Integer         amount;
-    private ASN1Integer         exponent;
-        
-    public static MonetaryValue getInstance(
-        Object obj)
-    {
-        if (obj instanceof MonetaryValue)
-        {
-            return (MonetaryValue)obj;
-        }
-
-        if (obj != null)
-        {
-            return new MonetaryValue(ASN1Sequence.getInstance(obj));            
-        }
-        
-        return null;
-    }
-        
-    private MonetaryValue(
-        ASN1Sequence seq)
-    {
-        Enumeration e = seq.getObjects();    
-        // currency
-        currency = Iso4217CurrencyCode.getInstance(e.nextElement());
-        // hashAlgorithm
-        amount = ASN1Integer.getInstance(e.nextElement());
-        // exponent
-        exponent = ASN1Integer.getInstance(e.nextElement());            
-    }
-        
-    public MonetaryValue(
-        Iso4217CurrencyCode currency, 
-        int                 amount, 
-        int                 exponent)
-    {    
-        this.currency = currency;
-        this.amount = new ASN1Integer(amount);
-        this.exponent = new ASN1Integer(exponent);
-    }                    
-             
-    public Iso4217CurrencyCode getCurrency()
-    {
-        return currency;
-    }
-        
-    public BigInteger getAmount()
-    {
-        return amount.getValue();
-    }
-        
-    public BigInteger getExponent()
-    {
-        return exponent.getValue();
-    }   
-    
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector seq = new ASN1EncodableVector();
-        seq.add(currency);
-        seq.add(amount);
-        seq.add(exponent); 
-        
-        return new DERSequence(seq);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/QCStatement.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/QCStatement.java
deleted file mode 100644
index 82b01e7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/QCStatement.java
+++ /dev/null

@@ -1,95 +0,0 @@
-package org.bouncycastle.asn1.x509.qualified;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * The QCStatement object.
- * <pre>
- * QCStatement ::= SEQUENCE {
- *   statementId        OBJECT IDENTIFIER,
- *   statementInfo      ANY DEFINED BY statementId OPTIONAL} 
- * </pre>
- */
-
-public class QCStatement 
-    extends ASN1Object
-    implements ETSIQCObjectIdentifiers, RFC3739QCObjectIdentifiers
-{
-    ASN1ObjectIdentifier qcStatementId;
-    ASN1Encodable        qcStatementInfo;
-
-    public static QCStatement getInstance(
-        Object obj)
-    {
-        if (obj instanceof QCStatement)
-        {
-            return (QCStatement)obj;
-        }
-        if (obj != null)
-        {
-            return new QCStatement(ASN1Sequence.getInstance(obj));            
-        }
-        
-        return null;
-    }    
-    
-    private QCStatement(
-        ASN1Sequence seq)
-    {
-        Enumeration e = seq.getObjects();
-
-        // qcStatementId
-        qcStatementId = ASN1ObjectIdentifier.getInstance(e.nextElement());
-        // qcstatementInfo
-        if (e.hasMoreElements())
-        {
-            qcStatementInfo = (ASN1Encodable) e.nextElement();
-        }
-    }    
-    
-    public QCStatement(
-        ASN1ObjectIdentifier qcStatementId)
-    {
-        this.qcStatementId = qcStatementId;
-        this.qcStatementInfo = null;
-    }
-    
-    public QCStatement(
-        ASN1ObjectIdentifier qcStatementId,
-        ASN1Encodable       qcStatementInfo)
-    {
-        this.qcStatementId = qcStatementId;
-        this.qcStatementInfo = qcStatementInfo;
-    }    
-        
-    public ASN1ObjectIdentifier getStatementId()
-    {
-        return qcStatementId;
-    }
-    
-    public ASN1Encodable getStatementInfo()
-    {
-        return qcStatementInfo;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector seq = new ASN1EncodableVector();
-        seq.add(qcStatementId);       
-        
-        if (qcStatementInfo != null)
-        {
-            seq.add(qcStatementInfo);
-        }
-
-        return new DERSequence(seq);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/RFC3739QCObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/RFC3739QCObjectIdentifiers.java
deleted file mode 100644
index 0c840bd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/RFC3739QCObjectIdentifiers.java
+++ /dev/null

@@ -1,11 +0,0 @@
-package org.bouncycastle.asn1.x509.qualified;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-
-public interface RFC3739QCObjectIdentifiers
-{
-    /** OID: 1.3.6.1.5.5.7.11.1 */
-    static final ASN1ObjectIdentifier   id_qcs_pkixQCSyntax_v1  = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.11.1");
-    /** OID: 1.3.6.1.5.5.7.11.2 */
-    static final ASN1ObjectIdentifier   id_qcs_pkixQCSyntax_v2  = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.11.2");
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/SemanticsInformation.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/SemanticsInformation.java
deleted file mode 100644
index 17cb9f1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/SemanticsInformation.java
+++ /dev/null

@@ -1,144 +0,0 @@
-package org.bouncycastle.asn1.x509.qualified;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.GeneralName;
-
-/**
- * The SemanticsInformation object.
- * <pre>
- *       SemanticsInformation ::= SEQUENCE {
- *         semanticsIdentifier        OBJECT IDENTIFIER   OPTIONAL,
- *         nameRegistrationAuthorities NameRegistrationAuthorities
- *                                                         OPTIONAL }
- *         (WITH COMPONENTS {..., semanticsIdentifier PRESENT}|
- *          WITH COMPONENTS {..., nameRegistrationAuthorities PRESENT})
- *
- *     NameRegistrationAuthorities ::=  SEQUENCE SIZE (1..MAX) OF
- *         GeneralName
- * </pre>
- */
-public class SemanticsInformation
-    extends ASN1Object
-{
-    private ASN1ObjectIdentifier semanticsIdentifier;
-    private GeneralName[] nameRegistrationAuthorities;
-    
-    public static SemanticsInformation getInstance(Object obj)
-    {
-        if (obj instanceof SemanticsInformation)
-        {
-            return (SemanticsInformation)obj;
-        }
-
-        if (obj != null)
-        {
-            return new SemanticsInformation(ASN1Sequence.getInstance(obj));            
-        }
-        
-        return null;
-    }
-        
-    private SemanticsInformation(ASN1Sequence seq)
-    {
-        Enumeration e = seq.getObjects();
-        if (seq.size() < 1)
-        {
-             throw new IllegalArgumentException("no objects in SemanticsInformation");
-        }
-        
-        Object object = e.nextElement();
-        if (object instanceof ASN1ObjectIdentifier)
-        {
-            semanticsIdentifier = ASN1ObjectIdentifier.getInstance(object);
-            if (e.hasMoreElements())
-            {
-                object = e.nextElement();
-            }
-            else
-            {
-                object = null;
-            }
-        }
-        
-        if (object != null)
-        {
-            ASN1Sequence generalNameSeq = ASN1Sequence.getInstance(object);
-            nameRegistrationAuthorities = new GeneralName[generalNameSeq.size()];
-            for (int i= 0; i < generalNameSeq.size(); i++)
-            {
-                nameRegistrationAuthorities[i] = GeneralName.getInstance(generalNameSeq.getObjectAt(i));
-            } 
-        }
-    }
-        
-    public SemanticsInformation(
-        ASN1ObjectIdentifier semanticsIdentifier,
-        GeneralName[] generalNames)
-    {
-        this.semanticsIdentifier = semanticsIdentifier;
-        this.nameRegistrationAuthorities = cloneNames(generalNames);
-    }
-
-    public SemanticsInformation(ASN1ObjectIdentifier semanticsIdentifier)
-    {
-        this.semanticsIdentifier = semanticsIdentifier;
-        this.nameRegistrationAuthorities = null;
-    }
-
-    public SemanticsInformation(GeneralName[] generalNames)
-    {
-        this.semanticsIdentifier = null;
-        this.nameRegistrationAuthorities = cloneNames(generalNames);
-    }        
-    
-    public ASN1ObjectIdentifier getSemanticsIdentifier()
-    {
-        return semanticsIdentifier;
-    }
-        
-    public GeneralName[] getNameRegistrationAuthorities()
-    {
-        return cloneNames(nameRegistrationAuthorities);
-    } 
-    
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector seq = new ASN1EncodableVector();
-        
-        if (this.semanticsIdentifier != null)
-        {
-            seq.add(semanticsIdentifier);
-        }
-        if (this.nameRegistrationAuthorities != null)
-        {
-            ASN1EncodableVector seqname = new ASN1EncodableVector();
-            for (int i = 0; i < nameRegistrationAuthorities.length; i++) 
-            {
-                seqname.add(nameRegistrationAuthorities[i]);
-            }            
-            seq.add(new DERSequence(seqname));
-        }            
-        
-        return new DERSequence(seq);
-    }
-
-    private static GeneralName[] cloneNames(GeneralName[] names)
-    {
-        if (names != null)
-        {
-            GeneralName[] tmp = new GeneralName[names.length];
-
-            System.arraycopy(names, 0, tmp, 0, names.length);
-
-            return tmp;
-        }
-        return null;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/TypeOfBiometricData.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/TypeOfBiometricData.java
deleted file mode 100644
index 01b254e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/TypeOfBiometricData.java
+++ /dev/null

@@ -1,90 +0,0 @@
-package org.bouncycastle.asn1.x509.qualified;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-
-/**
- * The TypeOfBiometricData object.
- * <pre>
- * TypeOfBiometricData ::= CHOICE {
- *   predefinedBiometricType   PredefinedBiometricType,
- *   biometricDataOid          OBJECT IDENTIFIER }
- *
- * PredefinedBiometricType ::= INTEGER {
- *   picture(0),handwritten-signature(1)}
- *   (picture|handwritten-signature)
- * </pre>
- */
-public class TypeOfBiometricData  
-    extends ASN1Object
-    implements ASN1Choice
-{
-    public static final int PICTURE                     = 0;
-    public static final int HANDWRITTEN_SIGNATURE       = 1;
-
-    ASN1Encodable      obj;
-
-    public static TypeOfBiometricData getInstance(Object obj)
-    {
-        if (obj == null || obj instanceof TypeOfBiometricData)
-        {
-            return (TypeOfBiometricData)obj;
-        }
-
-        if (obj instanceof ASN1Integer)
-        {
-            ASN1Integer predefinedBiometricTypeObj = ASN1Integer.getInstance(obj);
-            int  predefinedBiometricType = predefinedBiometricTypeObj.getValue().intValue();
-
-            return new TypeOfBiometricData(predefinedBiometricType);
-        }
-        else if (obj instanceof ASN1ObjectIdentifier)
-        {
-            ASN1ObjectIdentifier BiometricDataID = ASN1ObjectIdentifier.getInstance(obj);
-            return new TypeOfBiometricData(BiometricDataID);
-        }
-
-        throw new IllegalArgumentException("unknown object in getInstance");
-    }
-        
-    public TypeOfBiometricData(int predefinedBiometricType)
-    {
-        if (predefinedBiometricType == PICTURE || predefinedBiometricType == HANDWRITTEN_SIGNATURE)
-        {
-                obj = new ASN1Integer(predefinedBiometricType);
-        }
-        else
-        {
-            throw new IllegalArgumentException("unknow PredefinedBiometricType : " + predefinedBiometricType);
-        }        
-    }
-    
-    public TypeOfBiometricData(ASN1ObjectIdentifier BiometricDataID)
-    {
-        obj = BiometricDataID;
-    }
-    
-    public boolean isPredefined()
-    {
-        return obj instanceof ASN1Integer;
-    }
-    
-    public int getPredefinedBiometricType()
-    {
-        return ((ASN1Integer)obj).getValue().intValue();
-    }
-    
-    public ASN1ObjectIdentifier getBiometricDataOid()
-    {
-        return (ASN1ObjectIdentifier)obj;
-    }
-    
-    public ASN1Primitive toASN1Primitive()
-    {        
-        return obj.toASN1Primitive();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/package.html
deleted file mode 100644
index 28cfef9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/qualified/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes useful for encoding and processing messages based around RFC3739
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/sigi/NameOrPseudonym.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/sigi/NameOrPseudonym.java
deleted file mode 100644
index 8c05277..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/sigi/NameOrPseudonym.java
+++ /dev/null

@@ -1,188 +0,0 @@
-package org.bouncycastle.asn1.x509.sigi;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1Choice;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1String;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x500.DirectoryString;
-
-/**
- * Structure for a name or pseudonym.
- * 
- * <pre>
- *       NameOrPseudonym ::= CHOICE {
- *            surAndGivenName SEQUENCE {
- *              surName DirectoryString,
- *              givenName SEQUENCE OF DirectoryString 
- *         },
- *            pseudonym DirectoryString 
- *       }
- * </pre>
- * 
- * @see org.bouncycastle.asn1.x509.sigi.PersonalData
- * 
- */
-public class NameOrPseudonym
-    extends ASN1Object
-    implements ASN1Choice
-{
-    private DirectoryString pseudonym;
-
-    private DirectoryString surname;
-
-    private ASN1Sequence givenName;
-
-    public static NameOrPseudonym getInstance(Object obj)
-    {
-        if (obj == null || obj instanceof NameOrPseudonym)
-        {
-            return (NameOrPseudonym)obj;
-        }
-
-        if (obj instanceof ASN1String)
-        {
-            return new NameOrPseudonym(DirectoryString.getInstance(obj));
-        }
-
-        if (obj instanceof ASN1Sequence)
-        {
-            return new NameOrPseudonym((ASN1Sequence)obj);
-        }
-
-        throw new IllegalArgumentException("illegal object in getInstance: "
-            + obj.getClass().getName());
-    }
-
-    /**
-     * Constructor from DirectoryString.
-     * <p>
-     * The sequence is of type NameOrPseudonym:
-     * <pre>
-     *       NameOrPseudonym ::= CHOICE {
-     *            surAndGivenName SEQUENCE {
-     *              surName DirectoryString,
-     *              givenName SEQUENCE OF DirectoryString
-     *         },
-     *            pseudonym DirectoryString
-     *       }
-     * </pre>
-     * @param pseudonym pseudonym value to use.
-     */
-    public NameOrPseudonym(DirectoryString pseudonym)
-    {
-        this.pseudonym = pseudonym;
-    }
-
-    /**
-     * Constructor from ASN1Sequence.
-     * <p>
-     * The sequence is of type NameOrPseudonym:
-     * <pre>
-     *       NameOrPseudonym ::= CHOICE {
-     *            surAndGivenName SEQUENCE {
-     *              surName DirectoryString,
-     *              givenName SEQUENCE OF DirectoryString
-     *         },
-     *            pseudonym DirectoryString
-     *       }
-     * </pre>
-     * </p>
-     * @param seq The ASN.1 sequence.
-     */
-    private NameOrPseudonym(ASN1Sequence seq)
-    {
-        if (seq.size() != 2)
-        {
-            throw new IllegalArgumentException("Bad sequence size: "
-                + seq.size());
-        }
-
-        if (!(seq.getObjectAt(0) instanceof ASN1String))
-        {
-            throw new IllegalArgumentException("Bad object encountered: "
-                + seq.getObjectAt(0).getClass());
-        }
-
-        surname = DirectoryString.getInstance(seq.getObjectAt(0));
-        givenName = ASN1Sequence.getInstance(seq.getObjectAt(1));
-    }
-
-    /**
-     * Constructor from a given details.
-     *
-     * @param pseudonym The pseudonym.
-     */
-    public NameOrPseudonym(String pseudonym)
-    {
-        this(new DirectoryString(pseudonym));
-    }
-
-    /**
-     * Constructor from a given details.
-     *
-     * @param surname   The surname.
-     * @param givenName A sequence of directory strings making up the givenName
-     */
-    public NameOrPseudonym(DirectoryString surname, ASN1Sequence givenName)
-    {
-        this.surname = surname;
-        this.givenName = givenName;
-    }
-
-    public DirectoryString getPseudonym()
-    {
-        return pseudonym;
-    }
-
-    public DirectoryString getSurname()
-    {
-        return surname;
-    }
-
-    public DirectoryString[] getGivenName()
-    {
-        DirectoryString[] items = new DirectoryString[givenName.size()];
-        int count = 0;
-        for (Enumeration e = givenName.getObjects(); e.hasMoreElements();)
-        {
-            items[count++] = DirectoryString.getInstance(e.nextElement());
-        }
-        return items;
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     * <p>
-     * Returns:
-     * <pre>
-     *       NameOrPseudonym ::= CHOICE {
-     *            surAndGivenName SEQUENCE {
-     *              surName DirectoryString,
-     *              givenName SEQUENCE OF DirectoryString
-     *         },
-     *            pseudonym DirectoryString
-     *       }
-     * </pre>
-     *
-     * @return a DERObject
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        if (pseudonym != null)
-        {
-            return pseudonym.toASN1Primitive();
-        }
-        else
-        {
-            ASN1EncodableVector vec1 = new ASN1EncodableVector();
-            vec1.add(surname);
-            vec1.add(givenName);
-            return new DERSequence(vec1);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/sigi/PersonalData.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/sigi/PersonalData.java
deleted file mode 100644
index 883ed8d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/sigi/PersonalData.java
+++ /dev/null

@@ -1,212 +0,0 @@
-package org.bouncycastle.asn1.x509.sigi;
-
-import java.math.BigInteger;
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERPrintableString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x500.DirectoryString;
-
-/**
- * Contains personal data for the otherName field in the subjectAltNames
- * extension.
- *
- * <pre>
- *     PersonalData ::= SEQUENCE {
- *       nameOrPseudonym NameOrPseudonym,
- *       nameDistinguisher [0] INTEGER OPTIONAL,
- *       dateOfBirth [1] GeneralizedTime OPTIONAL,
- *       placeOfBirth [2] DirectoryString OPTIONAL,
- *       gender [3] PrintableString OPTIONAL,
- *       postalAddress [4] DirectoryString OPTIONAL
- *       }
- * </pre>
- *
- * @see org.bouncycastle.asn1.x509.sigi.NameOrPseudonym
- * @see org.bouncycastle.asn1.x509.sigi.SigIObjectIdentifiers
- */
-public class PersonalData
-    extends ASN1Object
-{
-    private NameOrPseudonym nameOrPseudonym;
-    private BigInteger nameDistinguisher;
-    private ASN1GeneralizedTime dateOfBirth;
-    private DirectoryString placeOfBirth;
-    private String gender;
-    private DirectoryString postalAddress;
-
-    public static PersonalData getInstance(Object obj)
-    {
-        if (obj == null || obj instanceof PersonalData)
-        {
-            return (PersonalData)obj;
-        }
-
-        if (obj instanceof ASN1Sequence)
-        {
-            return new PersonalData((ASN1Sequence)obj);
-        }
-
-        throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName());
-    }
-
-    /**
-     * Constructor from ASN1Sequence.
-     * <p>
-     * The sequence is of type NameOrPseudonym:
-     * <pre>
-     *     PersonalData ::= SEQUENCE {
-     *       nameOrPseudonym NameOrPseudonym,
-     *       nameDistinguisher [0] INTEGER OPTIONAL,
-     *       dateOfBirth [1] GeneralizedTime OPTIONAL,
-     *       placeOfBirth [2] DirectoryString OPTIONAL,
-     *       gender [3] PrintableString OPTIONAL,
-     *       postalAddress [4] DirectoryString OPTIONAL
-     *       }
-     * </pre>
-     * </p>
-     * @param seq The ASN.1 sequence.
-     */
-    private PersonalData(ASN1Sequence seq)
-    {
-        if (seq.size() < 1)
-        {
-            throw new IllegalArgumentException("Bad sequence size: "
-                + seq.size());
-        }
-
-        Enumeration e = seq.getObjects();
-
-        nameOrPseudonym = NameOrPseudonym.getInstance(e.nextElement());
-
-        while (e.hasMoreElements())
-        {
-            ASN1TaggedObject o = ASN1TaggedObject.getInstance(e.nextElement());
-            int tag = o.getTagNo();
-            switch (tag)
-            {
-                case 0:
-                    nameDistinguisher = ASN1Integer.getInstance(o, false).getValue();
-                    break;
-                case 1:
-                    dateOfBirth = ASN1GeneralizedTime.getInstance(o, false);
-                    break;
-                case 2:
-                    placeOfBirth = DirectoryString.getInstance(o, true);
-                    break;
-                case 3:
-                    gender = DERPrintableString.getInstance(o, false).getString();
-                    break;
-                case 4:
-                    postalAddress = DirectoryString.getInstance(o, true);
-                    break;
-                default:
-                    throw new IllegalArgumentException("Bad tag number: " + o.getTagNo());
-            }
-        }
-    }
-
-    /**
-     * Constructor from a given details.
-     *
-     * @param nameOrPseudonym   Name or pseudonym.
-     * @param nameDistinguisher Name distinguisher.
-     * @param dateOfBirth       Date of birth.
-     * @param placeOfBirth      Place of birth.
-     * @param gender            Gender.
-     * @param postalAddress     Postal Address.
-     */
-    public PersonalData(NameOrPseudonym nameOrPseudonym,
-                        BigInteger nameDistinguisher, ASN1GeneralizedTime dateOfBirth,
-                        DirectoryString placeOfBirth, String gender, DirectoryString postalAddress)
-    {
-        this.nameOrPseudonym = nameOrPseudonym;
-        this.dateOfBirth = dateOfBirth;
-        this.gender = gender;
-        this.nameDistinguisher = nameDistinguisher;
-        this.postalAddress = postalAddress;
-        this.placeOfBirth = placeOfBirth;
-    }
-
-    public NameOrPseudonym getNameOrPseudonym()
-    {
-        return nameOrPseudonym;
-    }
-
-    public BigInteger getNameDistinguisher()
-    {
-        return nameDistinguisher;
-    }
-
-    public ASN1GeneralizedTime getDateOfBirth()
-    {
-        return dateOfBirth;
-    }
-
-    public DirectoryString getPlaceOfBirth()
-    {
-        return placeOfBirth;
-    }
-
-    public String getGender()
-    {
-        return gender;
-    }
-
-    public DirectoryString getPostalAddress()
-    {
-        return postalAddress;
-    }
-
-    /**
-     * Produce an object suitable for an ASN1OutputStream.
-     * <p>
-     * Returns:
-     * <pre>
-     *     PersonalData ::= SEQUENCE {
-     *       nameOrPseudonym NameOrPseudonym,
-     *       nameDistinguisher [0] INTEGER OPTIONAL,
-     *       dateOfBirth [1] GeneralizedTime OPTIONAL,
-     *       placeOfBirth [2] DirectoryString OPTIONAL,
-     *       gender [3] PrintableString OPTIONAL,
-     *       postalAddress [4] DirectoryString OPTIONAL
-     *       }
-     * </pre>
-     *
-     * @return a DERObject
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector vec = new ASN1EncodableVector();
-        vec.add(nameOrPseudonym);
-        if (nameDistinguisher != null)
-        {
-            vec.add(new DERTaggedObject(false, 0, new ASN1Integer(nameDistinguisher)));
-        }
-        if (dateOfBirth != null)
-        {
-            vec.add(new DERTaggedObject(false, 1, dateOfBirth));
-        }
-        if (placeOfBirth != null)
-        {
-            vec.add(new DERTaggedObject(true, 2, placeOfBirth));
-        }
-        if (gender != null)
-        {
-            vec.add(new DERTaggedObject(false, 3, new DERPrintableString(gender, true)));
-        }
-        if (postalAddress != null)
-        {
-            vec.add(new DERTaggedObject(true, 4, postalAddress));
-        }
-        return new DERSequence(vec);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/sigi/SigIObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/asn1/x509/sigi/SigIObjectIdentifiers.java
deleted file mode 100644
index d338614..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/sigi/SigIObjectIdentifiers.java
+++ /dev/null

@@ -1,60 +0,0 @@
-package org.bouncycastle.asn1.x509.sigi;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-
-/**
- * Object Identifiers of SigI specifciation (German Signature Law
- * Interoperability specification).
- */
-public interface SigIObjectIdentifiers
-{
-    /**
-     * OID: 1.3.36.8
-     */
-    public final static ASN1ObjectIdentifier id_sigi = new ASN1ObjectIdentifier("1.3.36.8");
-
-    /**
-     * Key purpose IDs for German SigI (Signature Interoperability
-     * Specification)
-     * <p>
-     * OID: 1.3.36.8.2
-     */
-    public final static ASN1ObjectIdentifier id_sigi_kp = new ASN1ObjectIdentifier("1.3.36.8.2");
-
-    /**
-     * Certificate policy IDs for German SigI (Signature Interoperability
-     * Specification)
-     * <p>
-     * OID: 1.3.36.8.1
-     */
-    public final static ASN1ObjectIdentifier id_sigi_cp = new ASN1ObjectIdentifier("1.3.36.8.1");
-
-    /**
-     * Other Name IDs for German SigI (Signature Interoperability Specification)
-     * <p>
-     * OID: 1.3.36.8.4
-     */
-    public final static ASN1ObjectIdentifier id_sigi_on = new ASN1ObjectIdentifier("1.3.36.8.4");
-
-    /**
-     * To be used for for the generation of directory service certificates.
-     * <p>
-     * OID: 1.3.36.8.2.1
-     */
-    public static final ASN1ObjectIdentifier id_sigi_kp_directoryService = new ASN1ObjectIdentifier("1.3.36.8.2.1");
-
-    /**
-     * ID for PersonalData
-     * <p>
-     * OID: 1.3.36.8.4.1
-     */
-    public static final ASN1ObjectIdentifier id_sigi_on_personalData = new ASN1ObjectIdentifier("1.3.36.8.4.1");
-
-    /**
-     * Certificate is conformant to german signature law.
-     * <p>
-     * OID: 1.3.36.8.1.1
-     */
-    public static final ASN1ObjectIdentifier id_sigi_cp_sigconform = new ASN1ObjectIdentifier("1.3.36.8.1.1");
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x509/sigi/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/x509/sigi/package.html
deleted file mode 100644
index 4e073ce..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x509/sigi/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes for the  German SigI (Signature Interoperability Specification)  standard.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x9/ECNamedCurveTable.java b/bcprov/src/main/java/org/bouncycastle/asn1/x9/ECNamedCurveTable.java
index bc57b9b..41f12b1 100644
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x9/ECNamedCurveTable.java
+++ b/bcprov/src/main/java/org/bouncycastle/asn1/x9/ECNamedCurveTable.java

@@ -4,12 +4,14 @@
 import java.util.Vector;
 
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.anssi.ANSSINamedCurves;
-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
-import org.bouncycastle.asn1.gm.GMNamedCurves;
+// Android-removed: Unsupported curves
+// import org.bouncycastle.asn1.anssi.ANSSINamedCurves;
+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
+// import org.bouncycastle.asn1.gm.GMNamedCurves;
 import org.bouncycastle.asn1.nist.NISTNamedCurves;
 import org.bouncycastle.asn1.sec.SECNamedCurves;
-import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves;
+// Android-removed: Unsupported curves
+// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves;
 import org.bouncycastle.crypto.ec.CustomNamedCurves;
 import org.bouncycastle.crypto.params.ECDomainParameters;
 
@@ -40,6 +42,8 @@
             ecP = NISTNamedCurves.getByName(name);
         }
 
+        // BEGIN Android-removed: Unsupported curves
+        /*
         if (ecP == null)
         {
             ecP = TeleTrusTNamedCurves.getByName(name);
@@ -59,6 +63,8 @@
         {
             ecP = GMNamedCurves.getByName(name);
         }
+        */
+        // END Android-removed: Unsupported curves
 
         return ecP;
     }
@@ -84,6 +90,8 @@
             oid = NISTNamedCurves.getOID(name);
         }
 
+        // BEGIN Android-removed: Unsupported curves
+        /*
         if (oid == null)
         {
             oid = TeleTrusTNamedCurves.getOID(name);
@@ -103,6 +111,8 @@
         {
             oid = GMNamedCurves.getOID(name);
         }
+        */
+        // END Android-removed: Unsupported curves
 
         return oid;
     }
@@ -129,6 +139,8 @@
             name = NISTNamedCurves.getName(oid);
         }
 
+        // BEGIN Android-removed: Unsupported curves
+        /*
         if (name == null)
         {
             name = TeleTrusTNamedCurves.getName(oid);
@@ -153,6 +165,8 @@
         {
             name = CustomNamedCurves.getName(oid);
         }
+        */
+        // END Android-removed: Unsupported curves
 
         return name;
     }
@@ -176,6 +190,8 @@
 
         // NOTE: All the NIST curves are currently from SEC, so no point in redundant OID lookup
 
+        // BEGIN Android-removed: Unsupported curves
+        /*
         if (ecP == null)
         {
             ecP = TeleTrusTNamedCurves.getByOID(oid);
@@ -195,6 +211,8 @@
         {
             ecP = GMNamedCurves.getByOID(oid);
         }
+        */
+        // END Android-removed: Unsupported curves
 
         return ecP;
     }
@@ -211,10 +229,12 @@
         addEnumeration(v, X962NamedCurves.getNames());
         addEnumeration(v, SECNamedCurves.getNames());
         addEnumeration(v, NISTNamedCurves.getNames());
-        addEnumeration(v, TeleTrusTNamedCurves.getNames());
-        addEnumeration(v, ANSSINamedCurves.getNames());
-        addEnumeration(v, ECGOST3410NamedCurves.getNames());
-        addEnumeration(v, GMNamedCurves.getNames());
+        // BEGIN Android-removed: Unsupported curves
+        // addEnumeration(v, TeleTrusTNamedCurves.getNames());
+        // addEnumeration(v, ANSSINamedCurves.getNames());
+        // addEnumeration(v, ECGOST3410NamedCurves.getNames());
+        // addEnumeration(v, GMNamedCurves.getNames());
+        // END Android-removed: Unsupported curves
 
         return v.elements();
     }

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x9/KeySpecificInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/x9/KeySpecificInfo.java
deleted file mode 100644
index 1c03d95..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x9/KeySpecificInfo.java
+++ /dev/null

@@ -1,106 +0,0 @@
-package org.bouncycastle.asn1.x9;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-
-/**
- * ASN.1 def for Diffie-Hellman key exchange KeySpecificInfo structure. See
- * RFC 2631, or X9.42, for further details.
- * <pre>
- *  KeySpecificInfo ::= SEQUENCE {
- *      algorithm OBJECT IDENTIFIER,
- *      counter OCTET STRING SIZE (4..4)
- *  }
- * </pre>
- */
-public class KeySpecificInfo
-    extends ASN1Object
-{
-    private ASN1ObjectIdentifier algorithm;
-    private ASN1OctetString      counter;
-
-    /**
-     * Base constructor.
-     *
-     * @param algorithm  algorithm identifier for the CEK.
-     * @param counter initial counter value for key derivation.
-     */
-    public KeySpecificInfo(
-        ASN1ObjectIdentifier algorithm,
-        ASN1OctetString      counter)
-    {
-        this.algorithm = algorithm;
-        this.counter = counter;
-    }
-
-    /**
-     * Return a KeySpecificInfo object from the passed in object.
-     *
-     * @param obj an object for conversion or a byte[].
-     * @return a KeySpecificInfo
-     */
-    public static KeySpecificInfo getInstance(Object obj)
-    {
-        if (obj instanceof KeySpecificInfo)
-        {
-            return (KeySpecificInfo)obj;
-        }
-        else if (obj != null)
-        {
-            return new KeySpecificInfo(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private KeySpecificInfo(
-        ASN1Sequence  seq)
-    {
-        Enumeration e = seq.getObjects();
-
-        algorithm = (ASN1ObjectIdentifier)e.nextElement();
-        counter = (ASN1OctetString)e.nextElement();
-    }
-
-    /**
-     * The object identifier for the CEK wrapping algorithm.
-     *
-     * @return CEK wrapping algorithm OID.
-     */
-    public ASN1ObjectIdentifier getAlgorithm()
-    {
-        return algorithm;
-    }
-
-    /**
-     * The initial counter value for key derivation.
-     *
-     * @return initial counter value as a 4 byte octet string (big endian).
-     */
-    public ASN1OctetString getCounter()
-    {
-        return counter;
-    }
-
-    /**
-     * Return an ASN.1 primitive representation of this object.
-     *
-     * @return a DERSequence containing the KeySpecificInfo values.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        v.add(algorithm);
-        v.add(counter);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x9/OtherInfo.java b/bcprov/src/main/java/org/bouncycastle/asn1/x9/OtherInfo.java
deleted file mode 100644
index fc4c201..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x9/OtherInfo.java
+++ /dev/null

@@ -1,134 +0,0 @@
-package org.bouncycastle.asn1.x9;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-
-/**
- * ASN.1 def for Diffie-Hellman key exchange OtherInfo structure. See
- * RFC 2631, or X9.42, for further details.
- * <pre>
- *  OtherInfo ::= SEQUENCE {
- *      keyInfo KeySpecificInfo,
- *      partyAInfo [0] OCTET STRING OPTIONAL,
- *      suppPubInfo [2] OCTET STRING
- *  }
- * </pre>
- */
-public class OtherInfo
-    extends ASN1Object
-{
-    private KeySpecificInfo     keyInfo;
-    private ASN1OctetString     partyAInfo;
-    private ASN1OctetString     suppPubInfo;
-
-    public OtherInfo(
-        KeySpecificInfo     keyInfo,
-        ASN1OctetString     partyAInfo,
-        ASN1OctetString     suppPubInfo)
-    {
-        this.keyInfo = keyInfo;
-        this.partyAInfo = partyAInfo;
-        this.suppPubInfo = suppPubInfo;
-    }
-
-    /**
-     * Return a OtherInfo object from the passed in object.
-     *
-     * @param obj an object for conversion or a byte[].
-     * @return a OtherInfo
-     */
-    public static OtherInfo getInstance(Object obj)
-    {
-        if (obj instanceof OtherInfo)
-        {
-            return (OtherInfo)obj;
-        }
-        else if (obj != null)
-        {
-            return new OtherInfo(ASN1Sequence.getInstance(obj));
-        }
-
-        return null;
-    }
-
-    private OtherInfo(
-        ASN1Sequence  seq)
-    {
-        Enumeration e = seq.getObjects();
-
-        keyInfo = KeySpecificInfo.getInstance(e.nextElement());
-
-        while (e.hasMoreElements())
-        {
-            ASN1TaggedObject o = (ASN1TaggedObject)e.nextElement();
-
-            if (o.getTagNo() == 0)
-            {
-                partyAInfo = (ASN1OctetString)o.getObject();
-            }
-            else if (o.getTagNo() == 2)
-            {
-                suppPubInfo = (ASN1OctetString)o.getObject();
-            }
-        }
-    }
-
-    /**
-     * Return the key specific info for the KEK/CEK.
-     *
-     * @return the key specific info.
-     */
-    public KeySpecificInfo getKeyInfo()
-    {
-        return keyInfo;
-    }
-
-    /**
-     * PartyA info for key deriviation.
-     *
-     * @return PartyA info.
-     */
-    public ASN1OctetString getPartyAInfo()
-    {
-        return partyAInfo;
-    }
-
-    /**
-     * The length of the KEK to be generated as a 4 byte big endian.
-     *
-     * @return KEK length as a 4 byte big endian in an octet string.
-     */
-    public ASN1OctetString getSuppPubInfo()
-    {
-        return suppPubInfo;
-    }
-
-    /**
-     * Return an ASN.1 primitive representation of this object.
-     *
-     * @return a DERSequence containing the OtherInfo values.
-     */
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector  v = new ASN1EncodableVector();
-
-        v.add(keyInfo);
-
-        if (partyAInfo != null)
-        {
-            v.add(new DERTaggedObject(0, partyAInfo));
-        }
-
-        v.add(new DERTaggedObject(2, suppPubInfo));
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/asn1/x9/package.html b/bcprov/src/main/java/org/bouncycastle/asn1/x9/package.html
deleted file mode 100644
index 42fc97c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/asn1/x9/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes useful for encoding and supporting X9.62 elliptic curve.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/BufferedAsymmetricBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/crypto/BufferedAsymmetricBlockCipher.java
deleted file mode 100644
index 1bf7ce3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/BufferedAsymmetricBlockCipher.java
+++ /dev/null

@@ -1,171 +0,0 @@
-package org.bouncycastle.crypto;
-
-/**
- * a buffer wrapper for an asymmetric block cipher, allowing input
- * to be accumulated in a piecemeal fashion until final processing.
- */
-public class BufferedAsymmetricBlockCipher
-{
-    protected byte[]        buf;
-    protected int           bufOff;
-
-    private final AsymmetricBlockCipher   cipher;
-
-    /**
-     * base constructor.
-     *
-     * @param cipher the cipher this buffering object wraps.
-     */
-    public BufferedAsymmetricBlockCipher(
-        AsymmetricBlockCipher     cipher)
-    {
-        this.cipher = cipher;
-    }
-
-    /**
-     * return the underlying cipher for the buffer.
-     *
-     * @return the underlying cipher for the buffer.
-     */
-    public AsymmetricBlockCipher getUnderlyingCipher()
-    {
-        return cipher;
-    }
-
-    /**
-     * return the amount of data sitting in the buffer.
-     *
-     * @return the amount of data sitting in the buffer.
-     */
-    public int getBufferPosition()
-    {
-        return bufOff;
-    }
-
-    /**
-     * initialise the buffer and the underlying cipher.
-     *
-     * @param forEncryption if true the cipher is initialised for
-     *  encryption, if false for decryption.
-     * @param params the key and other data required by the cipher.
-     */
-    public void init(
-        boolean             forEncryption,
-        CipherParameters    params)
-    {
-        reset();
-
-        cipher.init(forEncryption, params);
-
-        //
-        // we allow for an extra byte where people are using their own padding
-        // mechanisms on a raw cipher.
-        //
-        buf = new byte[cipher.getInputBlockSize() + (forEncryption ? 1 : 0)];
-        bufOff = 0;
-    }
-
-    /**
-     * returns the largest size an input block can be.
-     *
-     * @return maximum size for an input block.
-     */
-    public int getInputBlockSize()
-    {
-        return cipher.getInputBlockSize();
-    }
-
-    /**
-     * returns the maximum size of the block produced by this cipher.
-     *
-     * @return maximum size of the output block produced by the cipher.
-     */
-    public int getOutputBlockSize()
-    {
-        return cipher.getOutputBlockSize();
-    }
-
-    /**
-     * add another byte for processing.
-     * 
-     * @param in the input byte.
-     */
-    public void processByte(
-        byte        in)
-    {
-        if (bufOff >= buf.length)
-        {
-            throw new DataLengthException("attempt to process message too long for cipher");
-        }
-
-        buf[bufOff++] = in;
-    }
-
-    /**
-     * add len bytes to the buffer for processing.
-     *
-     * @param in the input data
-     * @param inOff offset into the in array where the data starts
-     * @param len the length of the block to be processed.
-     */
-    public void processBytes(
-        byte[]      in,
-        int         inOff,
-        int         len)
-    {
-        if (len == 0)
-        {
-            return;
-        }
-
-        if (len < 0)
-        {
-            throw new IllegalArgumentException("Can't have a negative input length!");
-        }
-
-        if (bufOff + len > buf.length)
-        {
-            throw new DataLengthException("attempt to process message too long for cipher");
-        }
-
-        System.arraycopy(in, inOff, buf, bufOff, len);
-        bufOff += len;
-    }
-
-    /**
-     * process the contents of the buffer using the underlying
-     * cipher.
-     *
-     * @return the result of the encryption/decryption process on the
-     * buffer.
-     * @exception InvalidCipherTextException if we are given a garbage block.
-     */
-    public byte[] doFinal()
-        throws InvalidCipherTextException
-    {
-        byte[] out = cipher.processBlock(buf, 0, bufOff);
-
-        reset();
-
-        return out;
-    }
-
-    /**
-     * Reset the buffer and the underlying cipher.
-     */
-    public void reset()
-    {
-        /*
-         * clean the buffer.
-         */
-        if (buf != null)
-        {
-            for (int i = 0; i < buf.length; i++)
-            {
-                buf[i] = 0;
-            }
-        }
-
-        bufOff = 0;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/CharToByteConverter.java b/bcprov/src/main/java/org/bouncycastle/crypto/CharToByteConverter.java
deleted file mode 100644
index 8b64099..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/CharToByteConverter.java
+++ /dev/null

@@ -1,22 +0,0 @@
-package org.bouncycastle.crypto;
-
-/**
- * Interface for a converter that produces a byte encoding for a char array.
- */
-public interface CharToByteConverter
-{
-    /**
-     * Return the type of the conversion.
-     *
-     * @return a type name for the conversion.
-     */
-    String getType();
-
-    /**
-     * Return a byte encoded representation of the passed in password.
-     *
-     * @param password the characters to encode.
-     * @return a byte encoding of password.
-     */
-    byte[] convert(char[] password);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/Commitment.java b/bcprov/src/main/java/org/bouncycastle/crypto/Commitment.java
deleted file mode 100644
index f1dc05a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/Commitment.java
+++ /dev/null

@@ -1,42 +0,0 @@
-package org.bouncycastle.crypto;
-
-/**
- * General holding class for a commitment.
- */
-public class Commitment
-{
-    private final byte[] secret;
-    private final byte[] commitment;
-
-    /**
-     * Base constructor.
-     *
-     * @param secret  an encoding of the secret required to reveal the commitment.
-     * @param commitment  an encoding of the sealed commitment.
-     */
-    public Commitment(byte[] secret, byte[] commitment)
-    {
-        this.secret = secret;
-        this.commitment = commitment;
-    }
-
-    /**
-     * The secret required to reveal the commitment.
-     *
-     * @return an encoding of the secret associated with the commitment.
-     */
-    public byte[] getSecret()
-    {
-        return secret;
-    }
-
-    /**
-     * The sealed commitment.
-     *
-     * @return an encoding of the sealed commitment.
-     */
-    public byte[] getCommitment()
-    {
-        return commitment;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/Committer.java b/bcprov/src/main/java/org/bouncycastle/crypto/Committer.java
deleted file mode 100644
index 5c93e5d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/Committer.java
+++ /dev/null

@@ -1,24 +0,0 @@
-package org.bouncycastle.crypto;
-
-/**
- * General interface fdr classes that produce and validate commitments.
- */
-public interface Committer
-{
-    /**
-     * Generate a commitment for the passed in message.
-     *
-     * @param message the message to be committed to,
-     * @return a Commitment
-     */
-    Commitment commit(byte[] message);
-
-    /**
-     * Return true if the passed in commitment represents a commitment to the passed in maessage.
-     *
-     * @param commitment a commitment previously generated.
-     * @param message the message that was expected to have been committed to.
-     * @return true if commitment matches message, false otherwise.
-     */
-    boolean isRevealed(Commitment commitment, byte[] message);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/DigestDerivationFunction.java b/bcprov/src/main/java/org/bouncycastle/crypto/DigestDerivationFunction.java
deleted file mode 100644
index 180382d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/DigestDerivationFunction.java
+++ /dev/null

@@ -1,13 +0,0 @@
-package org.bouncycastle.crypto;
-
-/**
- * base interface for general purpose Digest based byte derivation functions.
- */
-public interface DigestDerivationFunction
-    extends DerivationFunction
-{
-    /**
-     * return the message digest used as the basis for the function
-     */
-    public Digest getDigest();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/EphemeralKeyPair.java b/bcprov/src/main/java/org/bouncycastle/crypto/EphemeralKeyPair.java
deleted file mode 100644
index f16812f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/EphemeralKeyPair.java
+++ /dev/null

@@ -1,23 +0,0 @@
-package org.bouncycastle.crypto;
-
-public class EphemeralKeyPair
-{
-    private AsymmetricCipherKeyPair keyPair;
-    private KeyEncoder publicKeyEncoder;
-
-    public EphemeralKeyPair(AsymmetricCipherKeyPair keyPair, KeyEncoder publicKeyEncoder)
-    {
-        this.keyPair = keyPair;
-        this.publicKeyEncoder = publicKeyEncoder;
-    }
-
-    public AsymmetricCipherKeyPair getKeyPair()
-    {
-        return keyPair;
-    }
-
-    public byte[] getEncodedPublicKey()
-    {
-        return publicKeyEncoder.getEncoded(keyPair.getPublic());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/KeyEncapsulation.java b/bcprov/src/main/java/org/bouncycastle/crypto/KeyEncapsulation.java
deleted file mode 100644
index 1674457..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/KeyEncapsulation.java
+++ /dev/null

@@ -1,22 +0,0 @@
-package org.bouncycastle.crypto;
-
-/**
- * The basic interface for key encapsulation mechanisms.
- */
-public interface KeyEncapsulation
-{
-    /**
-     * Initialise the key encapsulation mechanism.
-     */
-    public void init(CipherParameters param);
-
-    /**
-     * Encapsulate a randomly generated session key.    
-     */
-    public CipherParameters encrypt(byte[] out, int outOff, int keyLen);
-    
-    /**
-     * Decapsulate an encapsulated session key.
-     */
-    public CipherParameters decrypt(byte[] in, int inOff, int inLen, int keyLen);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/KeyEncoder.java b/bcprov/src/main/java/org/bouncycastle/crypto/KeyEncoder.java
deleted file mode 100644
index 92ded9c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/KeyEncoder.java
+++ /dev/null

@@ -1,8 +0,0 @@
-package org.bouncycastle.crypto;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-
-public interface KeyEncoder
-{
-    byte[] getEncoded(AsymmetricKeyParameter keyParameter);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/KeyParser.java b/bcprov/src/main/java/org/bouncycastle/crypto/KeyParser.java
deleted file mode 100644
index 60ce29d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/KeyParser.java
+++ /dev/null

@@ -1,12 +0,0 @@
-package org.bouncycastle.crypto;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-
-public interface KeyParser
-{
-    AsymmetricKeyParameter readKey(InputStream stream)
-        throws IOException;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/MacDerivationFunction.java b/bcprov/src/main/java/org/bouncycastle/crypto/MacDerivationFunction.java
deleted file mode 100644
index dc6d028..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/MacDerivationFunction.java
+++ /dev/null

@@ -1,15 +0,0 @@
-package org.bouncycastle.crypto;
-
-/**
- * base interface for general purpose Mac based byte derivation functions.
- */
-public interface MacDerivationFunction
-    extends DerivationFunction
-{
-    /**
-     * return the MAC used as the basis for the function
-     *
-     * @return the Mac.
-     */
-    public Mac getMac();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/MaxBytesExceededException.java b/bcprov/src/main/java/org/bouncycastle/crypto/MaxBytesExceededException.java
deleted file mode 100644
index bfa1544..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/MaxBytesExceededException.java
+++ /dev/null

@@ -1,27 +0,0 @@
-package org.bouncycastle.crypto;
-
-/**
- * this exception is thrown whenever a cipher requires a change of key, iv
- * or similar after x amount of bytes enciphered
- */
-public class MaxBytesExceededException
-    extends RuntimeCryptoException
-{
-    /**
-     * base constructor.
-     */
-    public MaxBytesExceededException()
-    {
-    }
-
-    /**
-     * create an with the given message.
-     *
-     * @param message the message to be carried with the exception.
-     */
-    public MaxBytesExceededException(
-        String  message)
-    {
-        super(message);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/PasswordConverter.java b/bcprov/src/main/java/org/bouncycastle/crypto/PasswordConverter.java
deleted file mode 100644
index 4cde0fc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/PasswordConverter.java
+++ /dev/null

@@ -1,54 +0,0 @@
-package org.bouncycastle.crypto;
-
-/**
- * Standard char[] to byte[] converters for password based derivation algorithms.
- */
-public enum PasswordConverter
-    implements CharToByteConverter
-{
-    /**
-     * Do a straight char[] to 8 bit conversion.
-     */
-    ASCII
-        {
-            public String getType()
-            {
-                return "ASCII";
-            }
-
-            public byte[] convert(char[] password)
-            {
-                return PBEParametersGenerator.PKCS5PasswordToBytes(password);
-            }
-        },
-    /**
-     * Do a char[] conversion by producing UTF-8 data.
-     */
-    UTF8
-        {
-            public String getType()
-            {
-                return "UTF8";
-            }
-
-            public byte[] convert(char[] password)
-            {
-                return PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(password);
-            }
-        },
-    /**
-     * Do char[] to BMP conversion (i.e. 2 bytes per character).
-     */
-    PKCS12
-        {
-            public String getType()
-            {
-                return "PKCS12";
-            }
-
-            public byte[] convert(char[] password)
-            {
-                return PBEParametersGenerator.PKCS12PasswordToBytes(password);
-            }
-        };
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/Xof.java b/bcprov/src/main/java/org/bouncycastle/crypto/Xof.java
deleted file mode 100644
index fe85206..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/Xof.java
+++ /dev/null

@@ -1,30 +0,0 @@
-package org.bouncycastle.crypto;
-
-/**
- * With FIPS PUB 202 a new kind of message digest was announced which supported extendable output, or variable digest sizes.
- * This interface provides the extra method required to support variable output on an extended digest implementation.
- */
-public interface Xof
-    extends ExtendedDigest
-{
-    /**
-     * Output the results of the final calculation for this digest to outLen number of bytes.
-     *
-     * @param out output array to write the output bytes to.
-     * @param outOff offset to start writing the bytes at.
-     * @param outLen the number of output bytes requested.
-     * @return the number of bytes written
-     */
-    int doFinal(byte[] out, int outOff, int outLen);
-
-    /**
-     * Start outputting the results of the final calculation for this digest. Unlike doFinal, this method
-     * will continue producing output until the Xof is explicitly reset, or signals otherwise.
-     *
-     * @param out output array to write the output bytes to.
-     * @param outOff offset to start writing the bytes at.
-     * @param outLen the number of output bytes requested.
-     * @return the number of bytes written
-     */
-    int doOutput(byte[] out, int outOff, int outLen);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/DHAgreement.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/DHAgreement.java
deleted file mode 100644
index c606eae..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/DHAgreement.java
+++ /dev/null

@@ -1,109 +0,0 @@
-package org.bouncycastle.crypto.agreement;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.generators.DHKeyPairGenerator;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.DHKeyGenerationParameters;
-import org.bouncycastle.crypto.params.DHParameters;
-import org.bouncycastle.crypto.params.DHPrivateKeyParameters;
-import org.bouncycastle.crypto.params.DHPublicKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-
-/**
- * a Diffie-Hellman key exchange engine.
- * <p>
- * note: This uses MTI/A0 key agreement in order to make the key agreement
- * secure against passive attacks. If you're doing Diffie-Hellman and both
- * parties have long term public keys you should look at using this. For
- * further information have a look at RFC 2631.
- * <p>
- * It's possible to extend this to more than two parties as well, for the moment
- * that is left as an exercise for the reader.
- */
-public class DHAgreement
-{
-    private static final BigInteger ONE = BigInteger.valueOf(1);
-
-    private DHPrivateKeyParameters  key;
-    private DHParameters            dhParams;
-    private BigInteger              privateValue;
-    private SecureRandom            random;
-
-    public void init(
-        CipherParameters    param)
-    {
-        AsymmetricKeyParameter  kParam;
-
-        if (param instanceof ParametersWithRandom)
-        {
-            ParametersWithRandom    rParam = (ParametersWithRandom)param;
-
-            this.random = rParam.getRandom();
-            kParam = (AsymmetricKeyParameter)rParam.getParameters();
-        }
-        else
-        {
-            this.random = CryptoServicesRegistrar.getSecureRandom();
-            kParam = (AsymmetricKeyParameter)param;
-        }
-
-        
-        if (!(kParam instanceof DHPrivateKeyParameters))
-        {
-            throw new IllegalArgumentException("DHEngine expects DHPrivateKeyParameters");
-        }
-
-        this.key = (DHPrivateKeyParameters)kParam;
-        this.dhParams = key.getParameters();
-    }
-
-    /**
-     * calculate our initial message.
-     */
-    public BigInteger calculateMessage()
-    {
-        DHKeyPairGenerator dhGen = new DHKeyPairGenerator();
-        dhGen.init(new DHKeyGenerationParameters(random, dhParams));
-        AsymmetricCipherKeyPair dhPair = dhGen.generateKeyPair();
-
-        this.privateValue = ((DHPrivateKeyParameters)dhPair.getPrivate()).getX();
-
-        return ((DHPublicKeyParameters)dhPair.getPublic()).getY();
-    }
-
-    /**
-     * given a message from a given party and the corresponding public key,
-     * calculate the next message in the agreement sequence. In this case
-     * this will represent the shared secret.
-     */
-    public BigInteger calculateAgreement(
-        DHPublicKeyParameters   pub,
-        BigInteger              message)
-    {
-        if (!pub.getParameters().equals(dhParams))
-        {
-            throw new IllegalArgumentException("Diffie-Hellman public key has wrong parameters.");
-        }
-
-        BigInteger p = dhParams.getP();
-
-        BigInteger peerY = pub.getY();
-        if (peerY == null || peerY.compareTo(ONE) <= 0 || peerY.compareTo(p.subtract(ONE)) >= 0)
-        {
-            throw new IllegalArgumentException("Diffie-Hellman public key is weak");
-        }
-
-        BigInteger result = peerY.modPow(privateValue, p);
-        if (result.equals(ONE))
-        {
-            throw new IllegalStateException("Shared key can't be 1");
-        }
-
-        return message.modPow(key.getX(), p).multiply(result).mod(p);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/DHStandardGroups.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/DHStandardGroups.java
deleted file mode 100644
index ceae404..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/DHStandardGroups.java
+++ /dev/null

@@ -1,306 +0,0 @@
-package org.bouncycastle.crypto.agreement;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.params.DHParameters;
-import org.bouncycastle.util.encoders.Hex;
-
-/**
- * Standard Diffie-Hellman groups from various IETF specifications.
- */
-public class DHStandardGroups
-{
-    private static final BigInteger TWO = BigInteger.valueOf(2);
-
-    private static BigInteger fromHex(String hex)
-    {
-        return new BigInteger(1, Hex.decode(hex));
-    }
-
-    private static DHParameters fromPG(String hexP, String hexG)
-    {
-        return new DHParameters(fromHex(hexP), fromHex(hexG));
-    }
-
-    private static DHParameters fromPGQ(String hexP, String hexG, String hexQ)
-    {
-        return new DHParameters(fromHex(hexP), fromHex(hexG), fromHex(hexQ));
-    }
-
-    private static DHParameters rfc7919Parameters(String hexP, int l)
-    {
-        // NOTE: All the groups in RFC 7919 use safe primes, i.e. q = (p-1)/2, and generator g = 2
-        BigInteger p = fromHex(hexP);
-        return new DHParameters(p, TWO, p.shiftRight(1), l);
-    }
-
-    /*
-     * RFC 2409
-     */
-    private static final String rfc2409_768_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
-        + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
-        + "E485B576625E7EC6F44C42E9A63A3620FFFFFFFFFFFFFFFF";
-    private static final String rfc2409_768_g = "02";
-    public static final DHParameters rfc2409_768 = fromPG(rfc2409_768_p, rfc2409_768_g);
-
-    private static final String rfc2409_1024_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
-        + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
-        + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381"
-        + "FFFFFFFFFFFFFFFF";
-    private static final String rfc2409_1024_g = "02";
-    public static final DHParameters rfc2409_1024 = fromPG(rfc2409_1024_p, rfc2409_1024_g);
-
-    /*
-     * RFC 3526
-     */
-    private static final String rfc3526_1536_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
-        + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
-        + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
-        + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
-        + "670C354E4ABC9804F1746C08CA237327FFFFFFFFFFFFFFFF";
-    private static final String rfc3526_1536_g = "02";
-    public static final DHParameters rfc3526_1536 = fromPG(rfc3526_1536_p, rfc3526_1536_g);
-
-    private static final String rfc3526_2048_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
-        + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
-        + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
-        + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
-        + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
-        + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" + "15728E5A8AACAA68FFFFFFFFFFFFFFFF";
-    private static final String rfc3526_2048_g = "02";
-    public static final DHParameters rfc3526_2048 = fromPG(rfc3526_2048_p, rfc3526_2048_g);
-
-    private static final String rfc3526_3072_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
-        + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
-        + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
-        + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
-        + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
-        + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" + "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"
-        + "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" + "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"
-        + "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"
-        + "43DB5BFCE0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF";
-    private static final String rfc3526_3072_g = "02";
-    public static final DHParameters rfc3526_3072 = fromPG(rfc3526_3072_p, rfc3526_3072_g);
-
-    private static final String rfc3526_4096_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
-        + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
-        + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
-        + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
-        + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
-        + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" + "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"
-        + "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" + "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"
-        + "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"
-        + "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7" + "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA"
-        + "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6" + "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED"
-        + "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9" + "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199"
-        + "FFFFFFFFFFFFFFFF";
-    private static final String rfc3526_4096_g = "02";
-    public static final DHParameters rfc3526_4096 = fromPG(rfc3526_4096_p, rfc3526_4096_g);
-
-    private static final String rfc3526_6144_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08"
-        + "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B"
-        + "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9"
-        + "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6"
-        + "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8"
-        + "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D"
-        + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C"
-        + "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718"
-        + "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D"
-        + "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D"
-        + "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226"
-        + "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
-        + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC"
-        + "E0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B26"
-        + "99C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB"
-        + "04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2"
-        + "233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127"
-        + "D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492"
-        + "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406"
-        + "AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918"
-        + "DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B33205151"
-        + "2BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03"
-        + "F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97F"
-        + "BEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA"
-        + "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58B"
-        + "B7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632"
-        + "387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E"
-        + "6DCC4024FFFFFFFFFFFFFFFF";
-    private static final String rfc3526_6144_g = "02";
-    public static final DHParameters rfc3526_6144 = fromPG(rfc3526_6144_p, rfc3526_6144_g);
-
-    private static final String rfc3526_8192_p = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1"
-        + "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" + "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245"
-        + "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" + "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE45B3D"
-        + "C2007CB8A163BF0598DA48361C55D39A69163FA8FD24CF5F" + "83655D23DCA3AD961C62F356208552BB9ED529077096966D"
-        + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3B" + "E39E772C180E86039B2783A2EC07A28FB5C55DF06F4C52C9"
-        + "DE2BCBF6955817183995497CEA956AE515D2261898FA0510" + "15728E5A8AAAC42DAD33170D04507A33A85521ABDF1CBA64"
-        + "ECFB850458DBEF0A8AEA71575D060C7DB3970F85A6E1E4C7" + "ABF5AE8CDB0933D71E8C94E04A25619DCEE3D2261AD2EE6B"
-        + "F12FFA06D98A0864D87602733EC86A64521F2B18177B200C" + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB31"
-        + "43DB5BFCE0FD108E4B82D120A92108011A723C12A787E6D7" + "88719A10BDBA5B2699C327186AF4E23C1A946834B6150BDA"
-        + "2583E9CA2AD44CE8DBBBC2DB04DE8EF92E8EFC141FBECAA6" + "287C59474E6BC05D99B2964FA090C3A2233BA186515BE7ED"
-        + "1F612970CEE2D7AFB81BDD762170481CD0069127D5B05AA9" + "93B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492"
-        + "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BD" + "F8FF9406AD9E530EE5DB382F413001AEB06A53ED9027D831"
-        + "179727B0865A8918DA3EDBEBCF9B14ED44CE6CBACED4BB1B" + "DB7F1447E6CC254B332051512BD7AF426FB8F401378CD2BF"
-        + "5983CA01C64B92ECF032EA15D1721D03F482D7CE6E74FEF6" + "D55E702F46980C82B5A84031900B1C9E59E7C97FBEC7E8F3"
-        + "23A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA" + "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE328"
-        + "06A1D58BB7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55C" + "DA56C9EC2EF29632387FE8D76E3C0468043E8F663F4860EE"
-        + "12BF2D5B0B7474D6E694F91E6DBE115974A3926F12FEE5E4" + "38777CB6A932DF8CD8BEC4D073B931BA3BC832B68D9DD300"
-        + "741FA7BF8AFC47ED2576F6936BA424663AAB639C5AE4F568" + "3423B4742BF1C978238F16CBE39D652DE3FDB8BEFC848AD9"
-        + "22222E04A4037C0713EB57A81A23F0C73473FC646CEA306B" + "4BCBC8862F8385DDFA9D4B7FA2C087E879683303ED5BDD3A"
-        + "062B3CF5B3A278A66D2A13F83F44F82DDF310EE074AB6A36" + "4597E899A0255DC164F31CC50846851DF9AB48195DED7EA1"
-        + "B1D510BD7EE74D73FAF36BC31ECFA268359046F4EB879F92" + "4009438B481C6CD7889A002ED5EE382BC9190DA6FC026E47"
-        + "9558E4475677E9AA9E3050E2765694DFC81F56E880B96E71" + "60C980DD98EDD3DFFFFFFFFFFFFFFFFF";
-    private static final String rfc3526_8192_g = "02";
-    public static final DHParameters rfc3526_8192 = fromPG(rfc3526_8192_p, rfc3526_8192_g);
-
-    /*
-     * RFC 4306
-     */
-    public static final DHParameters rfc4306_768 = rfc2409_768;
-    public static final DHParameters rfc4306_1024 = rfc2409_1024;
-
-    /*
-     * RFC 5114
-     */
-    private static final String rfc5114_1024_160_p = "B10B8F96A080E01DDE92DE5EAE5D54EC52C99FBCFB06A3C6"
-        + "9A6A9DCA52D23B616073E28675A23D189838EF1E2EE652C0" + "13ECB4AEA906112324975C3CD49B83BFACCBDD7D90C4BD70"
-        + "98488E9C219A73724EFFD6FAE5644738FAA31A4FF55BCCC0" + "A151AF5F0DC8B4BD45BF37DF365C1A65E68CFDA76D4DA708"
-        + "DF1FB2BC2E4A4371";
-    private static final String rfc5114_1024_160_g = "A4D1CBD5C3FD34126765A442EFB99905F8104DD258AC507F"
-        + "D6406CFF14266D31266FEA1E5C41564B777E690F5504F213" + "160217B4B01B886A5E91547F9E2749F4D7FBD7D3B9A92EE1"
-        + "909D0D2263F80A76A6A24C087A091F531DBF0A0169B6A28A" + "D662A4D18E73AFA32D779D5918D08BC8858F4DCEF97C2A24"
-        + "855E6EEB22B3B2E5";
-    private static final String rfc5114_1024_160_q = "F518AA8781A8DF278ABA4E7D64B7CB9D49462353";
-
-    /**
-     * @deprecated Existence of a "hidden SNFS" backdoor cannot be ruled out. see https://eprint.iacr.org/2016/961.pdf
-     */
-    public static final DHParameters rfc5114_1024_160 = fromPGQ(rfc5114_1024_160_p, rfc5114_1024_160_g,
-        rfc5114_1024_160_q);
-
-    private static final String rfc5114_2048_224_p = "AD107E1E9123A9D0D660FAA79559C51FA20D64E5683B9FD1"
-        + "B54B1597B61D0A75E6FA141DF95A56DBAF9A3C407BA1DF15" + "EB3D688A309C180E1DE6B85A1274A0A66D3F8152AD6AC212"
-        + "9037C9EDEFDA4DF8D91E8FEF55B7394B7AD5B7D0B6C12207" + "C9F98D11ED34DBF6C6BA0B2C8BBC27BE6A00E0A0B9C49708"
-        + "B3BF8A317091883681286130BC8985DB1602E714415D9330" + "278273C7DE31EFDC7310F7121FD5A07415987D9ADC0A486D"
-        + "CDF93ACC44328387315D75E198C641A480CD86A1B9E587E8" + "BE60E69CC928B2B9C52172E413042E9B23F10B0E16E79763"
-        + "C9B53DCF4BA80A29E3FB73C16B8E75B97EF363E2FFA31F71" + "CF9DE5384E71B81C0AC4DFFE0C10E64F";
-    private static final String rfc5114_2048_224_g = "AC4032EF4F2D9AE39DF30B5C8FFDAC506CDEBE7B89998CAF"
-        + "74866A08CFE4FFE3A6824A4E10B9A6F0DD921F01A70C4AFA" + "AB739D7700C29F52C57DB17C620A8652BE5E9001A8D66AD7"
-        + "C17669101999024AF4D027275AC1348BB8A762D0521BC98A" + "E247150422EA1ED409939D54DA7460CDB5F6C6B250717CBE"
-        + "F180EB34118E98D119529A45D6F834566E3025E316A330EF" + "BB77A86F0C1AB15B051AE3D428C8F8ACB70A8137150B8EEB"
-        + "10E183EDD19963DDD9E263E4770589EF6AA21E7F5F2FF381" + "B539CCE3409D13CD566AFBB48D6C019181E1BCFE94B30269"
-        + "EDFE72FE9B6AA4BD7B5A0F1C71CFFF4C19C418E1F6EC0179" + "81BC087F2A7065B384B890D3191F2BFA";
-    private static final String rfc5114_2048_224_q = "801C0D34C58D93FE997177101F80535A4738CEBCBF389A99B36371EB";
-
-    /**
-     * @deprecated Existence of a "hidden SNFS" backdoor cannot be ruled out. see https://eprint.iacr.org/2016/961.pdf
-     */
-    public static final DHParameters rfc5114_2048_224 = fromPGQ(rfc5114_2048_224_p, rfc5114_2048_224_g,
-        rfc5114_2048_224_q);
-
-    private static final String rfc5114_2048_256_p = "87A8E61DB4B6663CFFBBD19C651959998CEEF608660DD0F2"
-        + "5D2CEED4435E3B00E00DF8F1D61957D4FAF7DF4561B2AA30" + "16C3D91134096FAA3BF4296D830E9A7C209E0C6497517ABD"
-        + "5A8A9D306BCF67ED91F9E6725B4758C022E0B1EF4275BF7B" + "6C5BFC11D45F9088B941F54EB1E59BB8BC39A0BF12307F5C"
-        + "4FDB70C581B23F76B63ACAE1CAA6B7902D52526735488A0E" + "F13C6D9A51BFA4AB3AD8347796524D8EF6A167B5A41825D9"
-        + "67E144E5140564251CCACB83E6B486F6B3CA3F7971506026" + "C0B857F689962856DED4010ABD0BE621C3A3960A54E710C3"
-        + "75F26375D7014103A4B54330C198AF126116D2276E11715F" + "693877FAD7EF09CADB094AE91E1A1597";
-    private static final String rfc5114_2048_256_g = "3FB32C9B73134D0B2E77506660EDBD484CA7B18F21EF2054"
-        + "07F4793A1A0BA12510DBC15077BE463FFF4FED4AAC0BB555" + "BE3A6C1B0C6B47B1BC3773BF7E8C6F62901228F8C28CBB18"
-        + "A55AE31341000A650196F931C77A57F2DDF463E5E9EC144B" + "777DE62AAAB8A8628AC376D282D6ED3864E67982428EBC83"
-        + "1D14348F6F2F9193B5045AF2767164E1DFC967C1FB3F2E55" + "A4BD1BFFE83B9C80D052B985D182EA0ADB2A3B7313D3FE14"
-        + "C8484B1E052588B9B7D2BBD2DF016199ECD06E1557CD0915" + "B3353BBB64E0EC377FD028370DF92B52C7891428CDC67EB6"
-        + "184B523D1DB246C32F63078490F00EF8D647D148D4795451" + "5E2327CFEF98C582664B4C0F6CC41659";
-    private static final String rfc5114_2048_256_q = "8CF83642A709A097B447997640129DA299B1A47D1EB3750B"
-        + "A308B0FE64F5FBD3";
-
-    /**
-     * @deprecated Existence of a "hidden SNFS" backdoor cannot be ruled out. see https://eprint.iacr.org/2016/961.pdf
-     */
-    public static final DHParameters rfc5114_2048_256 = fromPGQ(rfc5114_2048_256_p, rfc5114_2048_256_g,
-        rfc5114_2048_256_q);
-
-    /*
-     * RFC 5996
-     */
-    public static final DHParameters rfc5996_768 = rfc4306_768;
-    public static final DHParameters rfc5996_1024 = rfc4306_1024;
-
-    /*
-     * RFC 7919
-     */
-    private static final String rfc7919_ffdhe2048_p = "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1"
-        + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561"
-        + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735"
-        + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19"
-        + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73"
-        + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" + "886B423861285C97FFFFFFFFFFFFFFFF";
-    public static final DHParameters rfc7919_ffdhe2048 = rfc7919Parameters(rfc7919_ffdhe2048_p, 225);
-
-    private static final String rfc7919_ffdhe3072_p = "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1"
-        + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561"
-        + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735"
-        + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19"
-        + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73"
-        + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238"
-        + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C" + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3"
-        + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D" + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF"
-        + "3C1B20EE3FD59D7C25E41D2B66C62E37FFFFFFFFFFFFFFFF";
-    public static final DHParameters rfc7919_ffdhe3072 = rfc7919Parameters(rfc7919_ffdhe3072_p, 275);
-
-    private static final String rfc7919_ffdhe4096_p = "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1"
-        + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561"
-        + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735"
-        + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19"
-        + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73"
-        + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238"
-        + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C" + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3"
-        + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D" + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF"
-        + "3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB" + "7930E9E4E58857B6AC7D5F42D69F6D187763CF1D55034004"
-        + "87F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832" + "A907600A918130C46DC778F971AD0038092999A333CB8B7A"
-        + "1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF" + "8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E655F6A"
-        + "FFFFFFFFFFFFFFFF";
-    public static final DHParameters rfc7919_ffdhe4096 = rfc7919Parameters(rfc7919_ffdhe4096_p, 325);
-
-    private static final String rfc7919_ffdhe6144_p = "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1"
-        + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561"
-        + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735"
-        + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19"
-        + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73"
-        + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238"
-        + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C" + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3"
-        + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D" + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF"
-        + "3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB" + "7930E9E4E58857B6AC7D5F42D69F6D187763CF1D55034004"
-        + "87F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832" + "A907600A918130C46DC778F971AD0038092999A333CB8B7A"
-        + "1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF" + "8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E0DD902"
-        + "0BFD64B645036C7A4E677D2C38532A3A23BA4442CAF53EA6" + "3BB454329B7624C8917BDD64B1C0FD4CB38E8C334C701C3A"
-        + "CDAD0657FCCFEC719B1F5C3E4E46041F388147FB4CFDB477" + "A52471F7A9A96910B855322EDB6340D8A00EF092350511E3"
-        + "0ABEC1FFF9E3A26E7FB29F8C183023C3587E38DA0077D9B4" + "763E4E4B94B2BBC194C6651E77CAF992EEAAC0232A281BF6"
-        + "B3A739C1226116820AE8DB5847A67CBEF9C9091B462D538C" + "D72B03746AE77F5E62292C311562A846505DC82DB854338A"
-        + "E49F5235C95B91178CCF2DD5CACEF403EC9D1810C6272B04" + "5B3B71F9DC6B80D63FDD4A8E9ADB1E6962A69526D43161C1"
-        + "A41D570D7938DAD4A40E329CD0E40E65FFFFFFFFFFFFFFFF";
-    public static final DHParameters rfc7919_ffdhe6144 = rfc7919Parameters(rfc7919_ffdhe6144_p, 375);
-
-    private static final String rfc7919_ffdhe8192_p = "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1"
-        + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9" + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561"
-        + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935" + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735"
-        + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB" + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19"
-        + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61" + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73"
-        + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA" + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238"
-        + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C" + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3"
-        + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D" + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF"
-        + "3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB" + "7930E9E4E58857B6AC7D5F42D69F6D187763CF1D55034004"
-        + "87F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832" + "A907600A918130C46DC778F971AD0038092999A333CB8B7A"
-        + "1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF" + "8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E0DD902"
-        + "0BFD64B645036C7A4E677D2C38532A3A23BA4442CAF53EA6" + "3BB454329B7624C8917BDD64B1C0FD4CB38E8C334C701C3A"
-        + "CDAD0657FCCFEC719B1F5C3E4E46041F388147FB4CFDB477" + "A52471F7A9A96910B855322EDB6340D8A00EF092350511E3"
-        + "0ABEC1FFF9E3A26E7FB29F8C183023C3587E38DA0077D9B4" + "763E4E4B94B2BBC194C6651E77CAF992EEAAC0232A281BF6"
-        + "B3A739C1226116820AE8DB5847A67CBEF9C9091B462D538C" + "D72B03746AE77F5E62292C311562A846505DC82DB854338A"
-        + "E49F5235C95B91178CCF2DD5CACEF403EC9D1810C6272B04" + "5B3B71F9DC6B80D63FDD4A8E9ADB1E6962A69526D43161C1"
-        + "A41D570D7938DAD4A40E329CCFF46AAA36AD004CF600C838" + "1E425A31D951AE64FDB23FCEC9509D43687FEB69EDD1CC5E"
-        + "0B8CC3BDF64B10EF86B63142A3AB8829555B2F747C932665" + "CB2C0F1CC01BD70229388839D2AF05E454504AC78B758282"
-        + "2846C0BA35C35F5C59160CC046FD8251541FC68C9C86B022" + "BB7099876A460E7451A8A93109703FEE1C217E6C3826E52C"
-        + "51AA691E0E423CFC99E9E31650C1217B624816CDAD9A95F9" + "D5B8019488D9C0A0A1FE3075A577E23183F81D4A3F2FA457"
-        + "1EFC8CE0BA8A4FE8B6855DFE72B0A66EDED2FBABFBE58A30" + "FAFABE1C5D71A87E2F741EF8C1FE86FEA6BBFDE530677F0D"
-        + "97D11D49F7A8443D0822E506A9F4614E011E2A94838FF88C" + "D68C8BB7C5C6424CFFFFFFFFFFFFFFFF";
-    public static final DHParameters rfc7919_ffdhe8192 = rfc7919Parameters(rfc7919_ffdhe8192_p, 400);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/DHUnifiedAgreement.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/DHUnifiedAgreement.java
deleted file mode 100644
index 97172f6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/DHUnifiedAgreement.java
+++ /dev/null

@@ -1,48 +0,0 @@
-package org.bouncycastle.crypto.agreement;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.params.DHUPrivateParameters;
-import org.bouncycastle.crypto.params.DHUPublicParameters;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.BigIntegers;
-
-/**
- * FFC Unified static/ephemeral agreement as described in NIST SP 800-56A.
- */
-public class DHUnifiedAgreement
-{
-    private DHUPrivateParameters privParams;
-
-    public void init(
-        CipherParameters key)
-    {
-        this.privParams = (DHUPrivateParameters)key;
-    }
-
-    public int getFieldSize()
-    {
-        return (privParams.getStaticPrivateKey().getParameters().getP().bitLength() + 7) / 8;
-    }
-
-    public byte[] calculateAgreement(CipherParameters pubKey)
-    {
-        DHUPublicParameters pubParams = (DHUPublicParameters)pubKey;
-
-        DHBasicAgreement sAgree = new DHBasicAgreement();
-        DHBasicAgreement eAgree = new DHBasicAgreement();
-
-        sAgree.init(privParams.getStaticPrivateKey());
-
-        BigInteger sComp = sAgree.calculateAgreement(pubParams.getStaticPublicKey());
-
-        eAgree.init(privParams.getEphemeralPrivateKey());
-
-        BigInteger eComp = eAgree.calculateAgreement(pubParams.getEphemeralPublicKey());
-
-        return Arrays.concatenate(
-            BigIntegers.asUnsignedByteArray(this.getFieldSize(), eComp),
-            BigIntegers.asUnsignedByteArray(this.getFieldSize(), sComp));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/ECDHCBasicAgreement.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/ECDHCBasicAgreement.java
deleted file mode 100644
index a0c8554..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/ECDHCBasicAgreement.java
+++ /dev/null

@@ -1,76 +0,0 @@
-package org.bouncycastle.crypto.agreement;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.BasicAgreement;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.math.ec.ECAlgorithms;
-import org.bouncycastle.math.ec.ECPoint;
-
-/**
- * P1363 7.2.2 ECSVDP-DHC
- *
- * ECSVDP-DHC is Elliptic Curve Secret Value Derivation Primitive,
- * Diffie-Hellman version with cofactor multiplication. It is based on
- * the work of [DH76], [Mil86], [Kob87], [LMQ98] and [Kal98a]. This
- * primitive derives a shared secret value from one party's private key
- * and another party's public key, where both have the same set of EC
- * domain parameters. If two parties correctly execute this primitive,
- * they will produce the same output. This primitive can be invoked by a
- * scheme to derive a shared secret key; specifically, it may be used
- * with the schemes ECKAS-DH1 and DL/ECKAS-DH2. It does not assume the
- * validity of the input public key (see also Section 7.2.1).
- * <p>
- * Note: As stated P1363 compatibility mode with ECDH can be preset, and
- * in this case the implementation doesn't have a ECDH compatibility mode
- * (if you want that just use ECDHBasicAgreement and note they both implement
- * BasicAgreement!).
- */
-public class ECDHCBasicAgreement
-    implements BasicAgreement
-{
-    ECPrivateKeyParameters key;
-
-    public void init(
-        CipherParameters key)
-    {
-        this.key = (ECPrivateKeyParameters)key;
-    }
-
-    public int getFieldSize()
-    {
-        return (key.getParameters().getCurve().getFieldSize() + 7) / 8;
-    }
-
-    public BigInteger calculateAgreement(
-        CipherParameters pubKey)
-    {
-        ECPublicKeyParameters pub = (ECPublicKeyParameters)pubKey;
-        ECDomainParameters params = key.getParameters();
-        if (!params.equals(pub.getParameters()))
-        {
-            throw new IllegalStateException("ECDHC public key has wrong domain parameters");
-        }
-
-        BigInteger hd = params.getH().multiply(key.getD()).mod(params.getN());
-
-        // Always perform calculations on the exact curve specified by our private key's parameters
-        ECPoint pubPoint = ECAlgorithms.cleanPoint(params.getCurve(), pub.getQ());
-        if (pubPoint.isInfinity())
-        {
-            throw new IllegalStateException("Infinity is not a valid public key for ECDHC");
-        }
-
-        ECPoint P = pubPoint.multiply(hd).normalize();
-
-        if (P.isInfinity())
-        {
-            throw new IllegalStateException("Infinity is not a valid agreement value for ECDHC");
-        }
-
-        return P.getAffineXCoord().toBigInteger();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/ECDHCUnifiedAgreement.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/ECDHCUnifiedAgreement.java
deleted file mode 100644
index 463c9a4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/ECDHCUnifiedAgreement.java
+++ /dev/null

@@ -1,48 +0,0 @@
-package org.bouncycastle.crypto.agreement;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.params.ECDHUPrivateParameters;
-import org.bouncycastle.crypto.params.ECDHUPublicParameters;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.BigIntegers;
-
-/**
- * EC Unified static/ephemeral agreement as described in NIST SP 800-56A using EC co-factor Diffie-Hellman.
- */
-public class ECDHCUnifiedAgreement
-{
-    private ECDHUPrivateParameters privParams;
-
-    public void init(
-        CipherParameters key)
-    {
-        this.privParams = (ECDHUPrivateParameters)key;
-    }
-
-    public int getFieldSize()
-    {
-        return (privParams.getStaticPrivateKey().getParameters().getCurve().getFieldSize() + 7) / 8;
-    }
-
-    public byte[] calculateAgreement(CipherParameters pubKey)
-    {
-        ECDHUPublicParameters pubParams = (ECDHUPublicParameters)pubKey;
-
-        ECDHCBasicAgreement sAgree = new ECDHCBasicAgreement();
-        ECDHCBasicAgreement eAgree = new ECDHCBasicAgreement();
-
-        sAgree.init(privParams.getStaticPrivateKey());
-
-        BigInteger sComp = sAgree.calculateAgreement(pubParams.getStaticPublicKey());
-
-        eAgree.init(privParams.getEphemeralPrivateKey());
-
-        BigInteger eComp = eAgree.calculateAgreement(pubParams.getEphemeralPublicKey());
-
-        return Arrays.concatenate(
-            BigIntegers.asUnsignedByteArray(this.getFieldSize(), eComp),
-            BigIntegers.asUnsignedByteArray(this.getFieldSize(), sComp));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/ECMQVBasicAgreement.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/ECMQVBasicAgreement.java
deleted file mode 100644
index 10aa3a9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/ECMQVBasicAgreement.java
+++ /dev/null

@@ -1,97 +0,0 @@
-package org.bouncycastle.crypto.agreement;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.BasicAgreement;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.MQVPrivateParameters;
-import org.bouncycastle.crypto.params.MQVPublicParameters;
-import org.bouncycastle.math.ec.ECAlgorithms;
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.util.Properties;
-
-public class ECMQVBasicAgreement
-    implements BasicAgreement
-{
-    MQVPrivateParameters privParams;
-
-    public void init(
-        CipherParameters key)
-    {
-        this.privParams = (MQVPrivateParameters)key;
-    }
-
-    public int getFieldSize()
-    {
-        return (privParams.getStaticPrivateKey().getParameters().getCurve().getFieldSize() + 7) / 8;
-    }
-
-    public BigInteger calculateAgreement(CipherParameters pubKey)
-    {
-        if (Properties.isOverrideSet("org.bouncycastle.ec.disable_mqv"))
-        {
-            throw new IllegalStateException("ECMQV explicitly disabled");
-        }
-
-        MQVPublicParameters pubParams = (MQVPublicParameters)pubKey;
-
-        ECPrivateKeyParameters staticPrivateKey = privParams.getStaticPrivateKey();
-        ECDomainParameters parameters = staticPrivateKey.getParameters();
-
-        if (!parameters.equals(pubParams.getStaticPublicKey().getParameters()))
-        {
-            throw new IllegalStateException("ECMQV public key components have wrong domain parameters");
-        }
-
-        ECPoint agreement = calculateMqvAgreement(parameters, staticPrivateKey,
-            privParams.getEphemeralPrivateKey(), privParams.getEphemeralPublicKey(),
-            pubParams.getStaticPublicKey(), pubParams.getEphemeralPublicKey()).normalize();
-
-        if (agreement.isInfinity())
-        {
-            throw new IllegalStateException("Infinity is not a valid agreement value for MQV");
-        }
-
-        return agreement.getAffineXCoord().toBigInteger();
-    }
-
-    // The ECMQV Primitive as described in SEC-1, 3.4
-    private ECPoint calculateMqvAgreement(
-        ECDomainParameters      parameters,
-        ECPrivateKeyParameters  d1U,
-        ECPrivateKeyParameters  d2U,
-        ECPublicKeyParameters   Q2U,
-        ECPublicKeyParameters   Q1V,
-        ECPublicKeyParameters   Q2V)
-    {
-        BigInteger n = parameters.getN();
-        int e = (n.bitLength() + 1) / 2;
-        BigInteger powE = ECConstants.ONE.shiftLeft(e);
-
-        ECCurve curve = parameters.getCurve();
-
-        // The Q2U public key is optional - but will be calculated for us if it wasn't present
-        ECPoint q2u = ECAlgorithms.cleanPoint(curve, Q2U.getQ());
-        ECPoint q1v = ECAlgorithms.cleanPoint(curve, Q1V.getQ());
-        ECPoint q2v = ECAlgorithms.cleanPoint(curve, Q2V.getQ());
-
-        BigInteger x = q2u.getAffineXCoord().toBigInteger();
-        BigInteger xBar = x.mod(powE);
-        BigInteger Q2UBar = xBar.setBit(e);
-        BigInteger s = d1U.getD().multiply(Q2UBar).add(d2U.getD()).mod(n);
-
-        BigInteger xPrime = q2v.getAffineXCoord().toBigInteger();
-        BigInteger xPrimeBar = xPrime.mod(powE);
-        BigInteger Q2VBar = xPrimeBar.setBit(e);
-
-        BigInteger hs = parameters.getH().multiply(s).mod(n);
-
-        return ECAlgorithms.sumOfTwoMultiplies(
-            q1v, Q2VBar.multiply(hs).mod(n), q2v, hs);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/ECVKOAgreement.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/ECVKOAgreement.java
deleted file mode 100644
index 5a8de6a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/ECVKOAgreement.java
+++ /dev/null

@@ -1,121 +0,0 @@
-package org.bouncycastle.crypto.agreement;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithUKM;
-import org.bouncycastle.math.ec.ECAlgorithms;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.util.BigIntegers;
-
-/**
- * GOST VKO key agreement class - RFC 7836 Section 4.3
- */
-public class ECVKOAgreement
-{
-    private final Digest digest;
-
-    private ECPrivateKeyParameters key;
-    private BigInteger ukm;
-
-    public ECVKOAgreement(Digest digest)
-    {
-        this.digest = digest;
-    }
-
-    public void init(
-        CipherParameters key)
-    {
-        ParametersWithUKM p = (ParametersWithUKM)key;
-
-        this.key = (ECPrivateKeyParameters)p.getParameters();
-        this.ukm = toInteger(p.getUKM());
-    }
-
-    public int getFieldSize()
-    {
-        return (key.getParameters().getCurve().getFieldSize() + 7) / 8;
-    }
-
-    public byte[] calculateAgreement(
-        CipherParameters pubKey)
-    {
-        ECPublicKeyParameters pub = (ECPublicKeyParameters)pubKey;
-        ECDomainParameters params = key.getParameters();
-        if (!params.equals(pub.getParameters()))
-        {
-            throw new IllegalStateException("ECVKO public key has wrong domain parameters");
-        }
-
-        BigInteger hd = params.getH().multiply(ukm).multiply(key.getD()).mod(params.getN());
-
-        // Always perform calculations on the exact curve specified by our private key's parameters
-        ECPoint pubPoint = ECAlgorithms.cleanPoint(params.getCurve(), pub.getQ());
-        if (pubPoint.isInfinity())
-        {
-            throw new IllegalStateException("Infinity is not a valid public key for ECDHC");
-        }
-
-        ECPoint P = pubPoint.multiply(hd).normalize();
-
-        if (P.isInfinity())
-        {
-            throw new IllegalStateException("Infinity is not a valid agreement value for ECVKO");
-        }
-
-        return fromPoint(P);
-    }
-
-    private static BigInteger toInteger(byte[] ukm)
-    {
-        byte[] v = new byte[ukm.length];
-
-        for (int i = 0; i != v.length; i++)
-        {
-            v[i] = ukm[ukm.length - i - 1];
-        }
-
-        return new BigInteger(1, v);
-    }
-
-    private byte[] fromPoint(ECPoint v)
-    {
-        BigInteger bX = v.getAffineXCoord().toBigInteger();
-        BigInteger bY = v.getAffineYCoord().toBigInteger();
-
-        int size;
-        if (bX.toByteArray().length > 33)
-        {
-            size = 64;
-        }
-        else
-        {
-            size = 32;
-        }
-
-        byte[] bytes = new byte[2 * size];
-        byte[] x = BigIntegers.asUnsignedByteArray(size, bX);
-        byte[] y = BigIntegers.asUnsignedByteArray(size, bY);
-
-        for (int i = 0; i != size; i++)
-        {
-            bytes[i] = x[size - i - 1];
-        }
-        for (int i = 0; i != size; i++)
-        {
-            bytes[size + i] = y[size - i - 1];
-        }
-
-        digest.update(bytes, 0, bytes.length);
-
-        byte[] rv = new byte[digest.getDigestSize()];
-
-        digest.doFinal(rv, 0);
-
-        return rv;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/MQVBasicAgreement.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/MQVBasicAgreement.java
deleted file mode 100644
index c16e4f8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/MQVBasicAgreement.java
+++ /dev/null

@@ -1,80 +0,0 @@
-package org.bouncycastle.crypto.agreement;
-
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.BasicAgreement;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.params.DHMQVPrivateParameters;
-import org.bouncycastle.crypto.params.DHMQVPublicParameters;
-import org.bouncycastle.crypto.params.DHParameters;
-import org.bouncycastle.crypto.params.DHPrivateKeyParameters;
-import org.bouncycastle.crypto.params.DHPublicKeyParameters;
-
-public class MQVBasicAgreement
-    implements BasicAgreement
-{
-    private static final BigInteger ONE = BigInteger.valueOf(1);
-
-    DHMQVPrivateParameters privParams;
-
-    public void init(
-        CipherParameters key)
-    {
-        this.privParams = (DHMQVPrivateParameters)key;
-    }
-
-    public int getFieldSize()
-    {
-        return (privParams.getStaticPrivateKey().getParameters().getP().bitLength() + 7) / 8;
-    }
-
-    public BigInteger calculateAgreement(CipherParameters pubKey)
-    {
-        DHMQVPublicParameters pubParams = (DHMQVPublicParameters)pubKey;
-
-        DHPrivateKeyParameters staticPrivateKey = privParams.getStaticPrivateKey();
-
-        if (!privParams.getStaticPrivateKey().getParameters().equals(pubParams.getStaticPublicKey().getParameters()))
-        {
-            throw new IllegalStateException("MQV public key components have wrong domain parameters");
-        }
-
-        if (privParams.getStaticPrivateKey().getParameters().getQ() == null)
-        {
-            throw new IllegalStateException("MQV key domain parameters do not have Q set");
-        }
-
-        BigInteger agreement = calculateDHMQVAgreement(staticPrivateKey.getParameters(), staticPrivateKey,
-            pubParams.getStaticPublicKey(), privParams.getEphemeralPrivateKey(), privParams.getEphemeralPublicKey(),
-            pubParams.getEphemeralPublicKey());
-
-        if (agreement.equals(ONE))
-        {
-            throw new IllegalStateException("1 is not a valid agreement value for MQV");
-        }
-
-        return agreement;
-    }
-
-    private BigInteger calculateDHMQVAgreement(
-        DHParameters parameters,
-        DHPrivateKeyParameters xA,
-        DHPublicKeyParameters yB,
-        DHPrivateKeyParameters rA,
-        DHPublicKeyParameters tA,
-        DHPublicKeyParameters tB)
-    {
-        BigInteger q = parameters.getQ();
-
-        int w = (q.bitLength() + 1) / 2;
-        BigInteger twoW = BigInteger.valueOf(2).pow(w);
-
-        BigInteger TA =  tA.getY().mod(twoW).add(twoW);
-        BigInteger SA =  rA.getX().add(TA.multiply(xA.getX())).mod(q);
-        BigInteger TB =  tB.getY().mod(twoW).add(twoW);
-        BigInteger Z =   tB.getY().multiply(yB.getY().modPow(TB, parameters.getP())).modPow(SA, parameters.getP());
-
-        return Z;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/SM2KeyExchange.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/SM2KeyExchange.java
deleted file mode 100644
index df792ca..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/SM2KeyExchange.java
+++ /dev/null

@@ -1,294 +0,0 @@
-package org.bouncycastle.crypto.agreement;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SM3Digest;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithID;
-import org.bouncycastle.crypto.params.SM2KeyExchangePrivateParameters;
-import org.bouncycastle.crypto.params.SM2KeyExchangePublicParameters;
-import org.bouncycastle.math.ec.ECAlgorithms;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Memoable;
-import org.bouncycastle.util.Pack;
-
-/**
- * SM2 Key Exchange protocol - based on https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02
- */
-public class SM2KeyExchange
-{
-    private final Digest digest;
-
-    private byte[] userID;
-    private ECPrivateKeyParameters staticKey;
-    private ECPoint staticPubPoint;
-    private ECPoint ephemeralPubPoint;
-    private ECDomainParameters ecParams;
-    private int w;
-    private ECPrivateKeyParameters ephemeralKey;
-    private boolean initiator;
-
-    public SM2KeyExchange()
-    {
-        this(new SM3Digest());
-    }
-
-    public SM2KeyExchange(Digest digest)
-    {
-        this.digest = digest;
-    }
-
-    public void init(
-        CipherParameters privParam)
-    {
-        SM2KeyExchangePrivateParameters baseParam;
-
-        if (privParam instanceof ParametersWithID)
-        {
-            baseParam = (SM2KeyExchangePrivateParameters)((ParametersWithID)privParam).getParameters();
-            userID = ((ParametersWithID)privParam).getID();
-        }
-        else
-        {
-            baseParam = (SM2KeyExchangePrivateParameters)privParam;
-            userID = new byte[0];
-        }
-
-        initiator = baseParam.isInitiator();
-        staticKey = baseParam.getStaticPrivateKey();
-        ephemeralKey = baseParam.getEphemeralPrivateKey();
-        ecParams = staticKey.getParameters();
-        staticPubPoint = baseParam.getStaticPublicPoint();
-        ephemeralPubPoint = baseParam.getEphemeralPublicPoint();
-
-        w = ecParams.getCurve().getFieldSize() / 2 - 1;
-    }
-
-    public byte[] calculateKey(int kLen, CipherParameters pubParam)
-    {
-        SM2KeyExchangePublicParameters otherPub;
-        byte[] otherUserID;
-
-        if (pubParam instanceof ParametersWithID)
-        {
-            otherPub = (SM2KeyExchangePublicParameters)((ParametersWithID)pubParam).getParameters();
-            otherUserID = ((ParametersWithID)pubParam).getID();
-        }
-        else
-        {
-            otherPub = (SM2KeyExchangePublicParameters)pubParam;
-            otherUserID = new byte[0];
-        }
-
-        byte[] za = getZ(digest, userID, staticPubPoint);
-        byte[] zb = getZ(digest, otherUserID, otherPub.getStaticPublicKey().getQ());
-
-        ECPoint U = calculateU(otherPub);
-
-        byte[] rv;
-        if (initiator)
-        {
-            rv = kdf(U, za, zb, kLen);
-        }
-        else
-        {
-            rv = kdf(U, zb, za, kLen);
-        }
-
-        return rv;
-    }
-
-    public byte[][] calculateKeyWithConfirmation(int kLen, byte[] confirmationTag, CipherParameters pubParam)
-    {
-        SM2KeyExchangePublicParameters otherPub;
-        byte[] otherUserID;
-
-        if (pubParam instanceof ParametersWithID)
-        {
-            otherPub = (SM2KeyExchangePublicParameters)((ParametersWithID)pubParam).getParameters();
-            otherUserID = ((ParametersWithID)pubParam).getID();
-        }
-        else
-        {
-            otherPub = (SM2KeyExchangePublicParameters)pubParam;
-            otherUserID = new byte[0];
-        }
-
-        if (initiator && confirmationTag == null)
-        {
-            throw new IllegalArgumentException("if initiating, confirmationTag must be set");
-        }
-        
-        byte[] za = getZ(digest, userID, staticPubPoint);
-        byte[] zb = getZ(digest, otherUserID, otherPub.getStaticPublicKey().getQ());
-
-        ECPoint U = calculateU(otherPub);
-
-        byte[] rv;
-        if (initiator)
-        {
-            rv = kdf(U, za, zb, kLen);
-
-            byte[] inner = calculateInnerHash(digest, U, za, zb, ephemeralPubPoint, otherPub.getEphemeralPublicKey().getQ());
-
-            byte[] s1 = S1(digest, U, inner);
-
-            if (!Arrays.constantTimeAreEqual(s1, confirmationTag))
-            {
-                throw new IllegalStateException("confirmation tag mismatch");
-            }
-            
-            return new byte[][] { rv, S2(digest, U, inner)};
-        }
-        else
-        {
-            rv = kdf(U, zb, za, kLen);
-
-            byte[] inner = calculateInnerHash(digest, U, zb, za, otherPub.getEphemeralPublicKey().getQ(), ephemeralPubPoint);
-
-            return new byte[][] { rv, S1(digest, U, inner), S2(digest, U, inner) };
-        }
-    }
-
-    private ECPoint calculateU(SM2KeyExchangePublicParameters otherPub)
-    {
-        ECDomainParameters params = staticKey.getParameters();
-
-        ECPoint p1 = ECAlgorithms.cleanPoint(params.getCurve(), otherPub.getStaticPublicKey().getQ());
-        ECPoint p2 = ECAlgorithms.cleanPoint(params.getCurve(), otherPub.getEphemeralPublicKey().getQ());
-
-        BigInteger x1 = reduce(ephemeralPubPoint.getAffineXCoord().toBigInteger());
-        BigInteger x2 = reduce(p2.getAffineXCoord().toBigInteger());
-        BigInteger tA = staticKey.getD().add(x1.multiply(ephemeralKey.getD()));
-        BigInteger k1 = ecParams.getH().multiply(tA).mod(ecParams.getN());
-        BigInteger k2 = k1.multiply(x2).mod(ecParams.getN());
-
-        return ECAlgorithms.sumOfTwoMultiplies(p1, k1, p2, k2).normalize();
-    }
-
-    private byte[] kdf(ECPoint u, byte[] za, byte[] zb, int klen)
-    {
-         int digestSize = digest.getDigestSize();
-         byte[] buf = new byte[Math.max(4, digestSize)];
-         byte[] rv = new byte[(klen + 7) / 8];
-         int off = 0;
-
-         Memoable memo = null;
-         Memoable copy = null;
-
-         if (digest instanceof Memoable)
-         {
-             addFieldElement(digest, u.getAffineXCoord());
-             addFieldElement(digest, u.getAffineYCoord());
-             digest.update(za, 0, za.length);
-             digest.update(zb, 0, zb.length);
-             memo = (Memoable)digest;
-             copy = memo.copy();
-         }
-
-         int ct = 0;
-
-         while (off < rv.length)
-         {
-             if (memo != null)
-             {
-                 memo.reset(copy);
-             }
-             else
-             {
-                 addFieldElement(digest, u.getAffineXCoord());
-                 addFieldElement(digest, u.getAffineYCoord());
-                 digest.update(za, 0, za.length);
-                 digest.update(zb, 0, zb.length);
-             }
-
-             Pack.intToBigEndian(++ct, buf, 0);
-             digest.update(buf, 0, 4);
-             digest.doFinal(buf, 0);
-
-             int copyLen = Math.min(digestSize, rv.length - off);
-             System.arraycopy(buf, 0, rv, off, copyLen);
-             off += copyLen;
-         }
-
-         return rv;
-    }
-
-    //x1~=2^w+(x1 AND (2^w-1))
-    private BigInteger reduce(BigInteger x)
-    {
-        return x.and(BigInteger.valueOf(1).shiftLeft(w).subtract(BigInteger.valueOf(1))).setBit(w);
-    }
-
-    private byte[] S1(Digest digest, ECPoint u, byte[] inner)
-    {
-        digest.update((byte)0x02);
-        addFieldElement(digest, u.getAffineYCoord());
-        digest.update(inner, 0, inner.length);
-
-        return digestDoFinal();
-    }
-
-    private byte[] calculateInnerHash(Digest digest, ECPoint u, byte[] za, byte[] zb, ECPoint p1, ECPoint p2)
-    {
-        addFieldElement(digest, u.getAffineXCoord());
-        digest.update(za, 0, za.length);
-        digest.update(zb, 0, zb.length);
-        addFieldElement(digest, p1.getAffineXCoord());
-        addFieldElement(digest, p1.getAffineYCoord());
-        addFieldElement(digest, p2.getAffineXCoord());
-        addFieldElement(digest, p2.getAffineYCoord());
-
-        return digestDoFinal();
-    }
-
-    private byte[] S2(Digest digest, ECPoint u, byte[] inner)
-    {
-        digest.update((byte)0x03);
-        addFieldElement(digest, u.getAffineYCoord());
-        digest.update(inner, 0, inner.length);
-
-        return digestDoFinal();
-    }
-
-    private byte[] getZ(Digest digest, byte[] userID, ECPoint pubPoint)
-    {
-        addUserID(digest, userID);
-
-        addFieldElement(digest, ecParams.getCurve().getA());
-        addFieldElement(digest, ecParams.getCurve().getB());
-        addFieldElement(digest, ecParams.getG().getAffineXCoord());
-        addFieldElement(digest, ecParams.getG().getAffineYCoord());
-        addFieldElement(digest, pubPoint.getAffineXCoord());
-        addFieldElement(digest, pubPoint.getAffineYCoord());
-
-        return digestDoFinal();
-    }
-
-    private void addUserID(Digest digest, byte[] userID)
-    {
-        int len = userID.length * 8;
-
-        digest.update((byte)(len >>> 8));
-        digest.update((byte)len);
-        digest.update(userID, 0, userID.length);
-    }
-
-    private void addFieldElement(Digest digest, ECFieldElement v)
-    {
-        byte[] p = v.getEncoded();
-        digest.update(p, 0, p.length);
-    }
-
-    private byte[] digestDoFinal()
-    {
-        byte[] result = new byte[digest.getDigestSize()];
-        digest.doFinal(result, 0);
-        return result;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/X25519Agreement.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/X25519Agreement.java
deleted file mode 100644
index f5acd70..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/X25519Agreement.java
+++ /dev/null

@@ -1,27 +0,0 @@
-package org.bouncycastle.crypto.agreement;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.RawAgreement;
-import org.bouncycastle.crypto.params.X25519PrivateKeyParameters;
-import org.bouncycastle.crypto.params.X25519PublicKeyParameters;
-
-public final class X25519Agreement
-    implements RawAgreement
-{
-    private X25519PrivateKeyParameters privateKey;
-
-    public void init(CipherParameters parameters)
-    {
-        this.privateKey = (X25519PrivateKeyParameters)parameters;
-    }
-
-    public int getAgreementSize()
-    {
-        return X25519PrivateKeyParameters.SECRET_SIZE;
-    }
-
-    public void calculateAgreement(CipherParameters publicKey, byte[] buf, int off)
-    {
-        privateKey.generateSecret((X25519PublicKeyParameters)publicKey, buf, off);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/X448Agreement.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/X448Agreement.java
deleted file mode 100644
index 561afca..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/X448Agreement.java
+++ /dev/null

@@ -1,27 +0,0 @@
-package org.bouncycastle.crypto.agreement;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.RawAgreement;
-import org.bouncycastle.crypto.params.X448PrivateKeyParameters;
-import org.bouncycastle.crypto.params.X448PublicKeyParameters;
-
-public final class X448Agreement
-    implements RawAgreement
-{
-    private X448PrivateKeyParameters privateKey;
-
-    public void init(CipherParameters parameters)
-    {
-        this.privateKey = (X448PrivateKeyParameters)parameters;
-    }
-
-    public int getAgreementSize()
-    {
-        return X448PrivateKeyParameters.SECRET_SIZE;
-    }
-
-    public void calculateAgreement(CipherParameters publicKey, byte[] buf, int off)
-    {
-        privateKey.generateSecret((X448PublicKeyParameters)publicKey, buf, off);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/XDHUnifiedAgreement.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/XDHUnifiedAgreement.java
deleted file mode 100644
index e922f18..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/XDHUnifiedAgreement.java
+++ /dev/null

@@ -1,43 +0,0 @@
-package org.bouncycastle.crypto.agreement;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.RawAgreement;
-import org.bouncycastle.crypto.params.XDHUPrivateParameters;
-import org.bouncycastle.crypto.params.XDHUPublicParameters;
-
-public class XDHUnifiedAgreement
-    implements RawAgreement
-{
-    private final RawAgreement xAgreement;
-
-    private XDHUPrivateParameters privParams;
-
-    public XDHUnifiedAgreement(RawAgreement xAgreement)
-    {
-        this.xAgreement = xAgreement;
-    }
-
-    public void init(
-        CipherParameters key)
-    {
-        this.privParams = (XDHUPrivateParameters)key;
-    }
-
-    public int getAgreementSize()
-    {
-        return xAgreement.getAgreementSize() * 2;
-    }
-
-    public void calculateAgreement(CipherParameters publicKey, byte[] buf, int off)
-    {
-        XDHUPublicParameters pubParams = (XDHUPublicParameters)publicKey;
-
-        xAgreement.init(privParams.getEphemeralPrivateKey());
-
-        xAgreement.calculateAgreement(pubParams.getEphemeralPublicKey(), buf, off);
-
-        xAgreement.init(privParams.getStaticPrivateKey());
-
-        xAgreement.calculateAgreement(pubParams.getStaticPublicKey(), buf, off + xAgreement.getAgreementSize());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/jpake/JPAKEParticipant.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/jpake/JPAKEParticipant.java
deleted file mode 100644
index aca5029..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/jpake/JPAKEParticipant.java
+++ /dev/null

@@ -1,548 +0,0 @@
-package org.bouncycastle.crypto.agreement.jpake;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.util.Arrays;
-
-/**
- * A participant in a Password Authenticated Key Exchange by Juggling (J-PAKE) exchange.
- * <p>
- * The J-PAKE exchange is defined by Feng Hao and Peter Ryan in the paper
- * <a href="http://grouper.ieee.org/groups/1363/Research/contributions/hao-ryan-2008.pdf">
- * "Password Authenticated Key Exchange by Juggling, 2008."</a>
- * <p>
- * The J-PAKE protocol is symmetric.
- * There is no notion of a <i>client</i> or <i>server</i>, but rather just two <i>participants</i>.
- * An instance of {@link JPAKEParticipant} represents one participant, and
- * is the primary interface for executing the exchange.
- * <p>
- * To execute an exchange, construct a {@link JPAKEParticipant} on each end,
- * and call the following 7 methods
- * (once and only once, in the given order, for each participant, sending messages between them as described):
- * <ol>
- * <li>{@link #createRound1PayloadToSend()} - and send the payload to the other participant</li>
- * <li>{@link #validateRound1PayloadReceived(JPAKERound1Payload)} - use the payload received from the other participant</li>
- * <li>{@link #createRound2PayloadToSend()} - and send the payload to the other participant</li>
- * <li>{@link #validateRound2PayloadReceived(JPAKERound2Payload)} - use the payload received from the other participant</li>
- * <li>{@link #calculateKeyingMaterial()}</li>
- * <li>{@link #createRound3PayloadToSend(BigInteger)} - and send the payload to the other participant</li>
- * <li>{@link #validateRound3PayloadReceived(JPAKERound3Payload, BigInteger)} - use the payload received from the other participant</li>
- * </ol>
- * <p>
- * Each side should derive a session key from the keying material returned by {@link #calculateKeyingMaterial()}.
- * The caller is responsible for deriving the session key using a secure key derivation function (KDF).
- * <p>
- * Round 3 is an optional key confirmation process.
- * If you do not execute round 3, then there is no assurance that both participants are using the same key.
- * (i.e. if the participants used different passwords, then their session keys will differ.)
- * <p>
- * If the round 3 validation succeeds, then the keys are guaranteed to be the same on both sides.
- * <p>
- * The symmetric design can easily support the asymmetric cases when one party initiates the communication.
- * e.g. Sometimes the round1 payload and round2 payload may be sent in one pass.
- * Also, in some cases, the key confirmation payload can be sent together with the round2 payload.
- * These are the trivial techniques to optimize the communication.
- * <p>
- * The key confirmation process is implemented as specified in
- * <a href="http://csrc.nist.gov/publications/nistpubs/800-56A/SP800-56A_Revision1_Mar08-2007.pdf">NIST SP 800-56A Revision 1</a>,
- * Section 8.2 Unilateral Key Confirmation for Key Agreement Schemes.
- * <p>
- * This class is stateful and NOT threadsafe.
- * Each instance should only be used for ONE complete J-PAKE exchange
- * (i.e. a new {@link JPAKEParticipant} should be constructed for each new J-PAKE exchange).
- * <p>
- */
-public class JPAKEParticipant
-{
-    /*
-     * Possible internal states.  Used for state checking.
-     */
-
-    public static final int STATE_INITIALIZED = 0;
-    public static final int STATE_ROUND_1_CREATED = 10;
-    public static final int STATE_ROUND_1_VALIDATED = 20;
-    public static final int STATE_ROUND_2_CREATED = 30;
-    public static final int STATE_ROUND_2_VALIDATED = 40;
-    public static final int STATE_KEY_CALCULATED = 50;
-    public static final int STATE_ROUND_3_CREATED = 60;
-    public static final int STATE_ROUND_3_VALIDATED = 70;
-
-    /**
-     * Unique identifier of this participant.
-     * The two participants in the exchange must NOT share the same id.
-     */
-    private final String participantId;
-
-    /**
-     * Shared secret.  This only contains the secret between construction
-     * and the call to {@link #calculateKeyingMaterial()}.
-     * <p>
-     * i.e. When {@link #calculateKeyingMaterial()} is called, this buffer overwritten with 0's,
-     * and the field is set to null.
-     * </p>
-     */
-    private char[] password;
-
-    /**
-     * Digest to use during calculations.
-     */
-    private final Digest digest;
-
-    /**
-     * Source of secure random data.
-     */
-    private final SecureRandom random;
-
-    private final BigInteger p;
-    private final BigInteger q;
-    private final BigInteger g;
-
-    /**
-     * The participantId of the other participant in this exchange.
-     */
-    private String partnerParticipantId;
-
-    /**
-     * Alice's x1 or Bob's x3.
-     */
-    private BigInteger x1;
-    /**
-     * Alice's x2 or Bob's x4.
-     */
-    private BigInteger x2;
-    /**
-     * Alice's g^x1 or Bob's g^x3.
-     */
-    private BigInteger gx1;
-    /**
-     * Alice's g^x2 or Bob's g^x4.
-     */
-    private BigInteger gx2;
-    /**
-     * Alice's g^x3 or Bob's g^x1.
-     */
-    private BigInteger gx3;
-    /**
-     * Alice's g^x4 or Bob's g^x2.
-     */
-    private BigInteger gx4;
-    /**
-     * Alice's B or Bob's A.
-     */
-    private BigInteger b;
-
-    /**
-     * The current state.
-     * See the <tt>STATE_*</tt> constants for possible values.
-     */
-    private int state;
-
-    /**
-     * Convenience constructor for a new {@link JPAKEParticipant} that uses
-     * the {@link JPAKEPrimeOrderGroups#NIST_3072} prime order group,
-     * a SHA-256 digest, and a default {@link SecureRandom} implementation.
-     * <p>
-     * After construction, the {@link #getState() state} will be  {@link #STATE_INITIALIZED}.
-     *
-     * @param participantId unique identifier of this participant.
-     *                      The two participants in the exchange must NOT share the same id.
-     * @param password      shared secret.
-     *                      A defensive copy of this array is made (and cleared once {@link #calculateKeyingMaterial()} is called).
-     *                      Caller should clear the input password as soon as possible.
-     * @throws NullPointerException if any argument is null
-     * @throws IllegalArgumentException if password is empty
-     */
-    public JPAKEParticipant(
-        String participantId,
-        char[] password)
-    {
-        this(
-            participantId,
-            password,
-            JPAKEPrimeOrderGroups.NIST_3072);
-    }
-
-
-    /**
-     * Convenience constructor for a new {@link JPAKEParticipant} that uses
-     * a SHA-256 digest and a default {@link SecureRandom} implementation.
-     * <p>
-     * After construction, the {@link #getState() state} will be  {@link #STATE_INITIALIZED}.
-     *
-     * @param participantId unique identifier of this participant.
-     *                      The two participants in the exchange must NOT share the same id.
-     * @param password      shared secret.
-     *                      A defensive copy of this array is made (and cleared once {@link #calculateKeyingMaterial()} is called).
-     *                      Caller should clear the input password as soon as possible.
-     * @param group         prime order group.
-     *                      See {@link JPAKEPrimeOrderGroups} for standard groups
-     * @throws NullPointerException if any argument is null
-     * @throws IllegalArgumentException if password is empty
-     */
-    public JPAKEParticipant(
-        String participantId,
-        char[] password,
-        JPAKEPrimeOrderGroup group)
-    {
-        this(
-            participantId,
-            password,
-            group,
-            new SHA256Digest(),
-            CryptoServicesRegistrar.getSecureRandom());
-    }
-
-
-    /**
-     * Construct a new {@link JPAKEParticipant}.
-     * <p>
-     * After construction, the {@link #getState() state} will be  {@link #STATE_INITIALIZED}.
-     *
-     * @param participantId unique identifier of this participant.
-     *                      The two participants in the exchange must NOT share the same id.
-     * @param password      shared secret.
-     *                      A defensive copy of this array is made (and cleared once {@link #calculateKeyingMaterial()} is called).
-     *                      Caller should clear the input password as soon as possible.
-     * @param group         prime order group.
-     *                      See {@link JPAKEPrimeOrderGroups} for standard groups
-     * @param digest        digest to use during zero knowledge proofs and key confirmation (SHA-256 or stronger preferred)
-     * @param random        source of secure random data for x1 and x2, and for the zero knowledge proofs
-     * @throws NullPointerException if any argument is null
-     * @throws IllegalArgumentException if password is empty
-     */
-    public JPAKEParticipant(
-        String participantId,
-        char[] password,
-        JPAKEPrimeOrderGroup group,
-        Digest digest,
-        SecureRandom random)
-    {
-        JPAKEUtil.validateNotNull(participantId, "participantId");
-        JPAKEUtil.validateNotNull(password, "password");
-        JPAKEUtil.validateNotNull(group, "p");
-        JPAKEUtil.validateNotNull(digest, "digest");
-        JPAKEUtil.validateNotNull(random, "random");
-        if (password.length == 0)
-        {
-            throw new IllegalArgumentException("Password must not be empty.");
-        }
-
-        this.participantId = participantId;
-        
-        /*
-         * Create a defensive copy so as to fully encapsulate the password.
-         * 
-         * This array will contain the password for the lifetime of this
-         * participant BEFORE {@link #calculateKeyingMaterial()} is called.
-         * 
-         * i.e. When {@link #calculateKeyingMaterial()} is called, the array will be cleared
-         * in order to remove the password from memory.
-         * 
-         * The caller is responsible for clearing the original password array
-         * given as input to this constructor.
-         */
-        this.password = Arrays.copyOf(password, password.length);
-
-        this.p = group.getP();
-        this.q = group.getQ();
-        this.g = group.getG();
-
-        this.digest = digest;
-        this.random = random;
-
-        this.state = STATE_INITIALIZED;
-    }
-
-    /**
-     * Gets the current state of this participant.
-     * See the <tt>STATE_*</tt> constants for possible values.
-     */
-    public int getState()
-    {
-        return this.state;
-    }
-
-    /**
-     * Creates and returns the payload to send to the other participant during round 1.
-     * <p>
-     * After execution, the {@link #getState() state} will be  {@link #STATE_ROUND_1_CREATED}.
-     */
-    public JPAKERound1Payload createRound1PayloadToSend()
-    {
-        if (this.state >= STATE_ROUND_1_CREATED)
-        {
-            throw new IllegalStateException("Round1 payload already created for " + participantId);
-        }
-
-        this.x1 = JPAKEUtil.generateX1(q, random);
-        this.x2 = JPAKEUtil.generateX2(q, random);
-
-        this.gx1 = JPAKEUtil.calculateGx(p, g, x1);
-        this.gx2 = JPAKEUtil.calculateGx(p, g, x2);
-        BigInteger[] knowledgeProofForX1 = JPAKEUtil.calculateZeroKnowledgeProof(p, q, g, gx1, x1, participantId, digest, random);
-        BigInteger[] knowledgeProofForX2 = JPAKEUtil.calculateZeroKnowledgeProof(p, q, g, gx2, x2, participantId, digest, random);
-
-        this.state = STATE_ROUND_1_CREATED;
-
-        return new JPAKERound1Payload(participantId, gx1, gx2, knowledgeProofForX1, knowledgeProofForX2);
-    }
-
-    /**
-     * Validates the payload received from the other participant during round 1.
-     * <p>
-     * Must be called prior to {@link #createRound2PayloadToSend()}.
-     * <p>
-     * After execution, the {@link #getState() state} will be  {@link #STATE_ROUND_1_VALIDATED}.
-     *
-     * @throws CryptoException if validation fails.
-     * @throws IllegalStateException if called multiple times.
-     */
-    public void validateRound1PayloadReceived(JPAKERound1Payload round1PayloadReceived)
-        throws CryptoException
-    {
-        if (this.state >= STATE_ROUND_1_VALIDATED)
-        {
-            throw new IllegalStateException("Validation already attempted for round1 payload for" + participantId);
-        }
-        this.partnerParticipantId = round1PayloadReceived.getParticipantId();
-        this.gx3 = round1PayloadReceived.getGx1();
-        this.gx4 = round1PayloadReceived.getGx2();
-
-        BigInteger[] knowledgeProofForX3 = round1PayloadReceived.getKnowledgeProofForX1();
-        BigInteger[] knowledgeProofForX4 = round1PayloadReceived.getKnowledgeProofForX2();
-
-        JPAKEUtil.validateParticipantIdsDiffer(participantId, round1PayloadReceived.getParticipantId());
-        JPAKEUtil.validateGx4(gx4);
-        JPAKEUtil.validateZeroKnowledgeProof(p, q, g, gx3, knowledgeProofForX3, round1PayloadReceived.getParticipantId(), digest);
-        JPAKEUtil.validateZeroKnowledgeProof(p, q, g, gx4, knowledgeProofForX4, round1PayloadReceived.getParticipantId(), digest);
-
-        this.state = STATE_ROUND_1_VALIDATED;
-    }
-
-    /**
-     * Creates and returns the payload to send to the other participant during round 2.
-     * <p>
-     * {@link #validateRound1PayloadReceived(JPAKERound1Payload)} must be called prior to this method.
-     * <p>
-     * After execution, the {@link #getState() state} will be  {@link #STATE_ROUND_2_CREATED}.
-     *
-     * @throws IllegalStateException if called prior to {@link #validateRound1PayloadReceived(JPAKERound1Payload)}, or multiple times
-     */
-    public JPAKERound2Payload createRound2PayloadToSend()
-    {
-        if (this.state >= STATE_ROUND_2_CREATED)
-        {
-            throw new IllegalStateException("Round2 payload already created for " + this.participantId);
-        }
-        if (this.state < STATE_ROUND_1_VALIDATED)
-        {
-            throw new IllegalStateException("Round1 payload must be validated prior to creating Round2 payload for " + this.participantId);
-        }
-        BigInteger gA = JPAKEUtil.calculateGA(p, gx1, gx3, gx4);
-        BigInteger s = JPAKEUtil.calculateS(password);
-        BigInteger x2s = JPAKEUtil.calculateX2s(q, x2, s);
-        BigInteger A = JPAKEUtil.calculateA(p, q, gA, x2s);
-        BigInteger[] knowledgeProofForX2s = JPAKEUtil.calculateZeroKnowledgeProof(p, q, gA, A, x2s, participantId, digest, random);
-
-        this.state = STATE_ROUND_2_CREATED;
-
-        return new JPAKERound2Payload(participantId, A, knowledgeProofForX2s);
-    }
-
-    /**
-     * Validates the payload received from the other participant during round 2.
-     * <p>
-     * Note that this DOES NOT detect a non-common password.
-     * The only indication of a non-common password is through derivation
-     * of different keys (which can be detected explicitly by executing round 3 and round 4)
-     * <p>
-     * Must be called prior to {@link #calculateKeyingMaterial()}.
-     * <p>
-     * After execution, the {@link #getState() state} will be  {@link #STATE_ROUND_2_VALIDATED}.
-     *
-     * @throws CryptoException if validation fails.
-     * @throws IllegalStateException if called prior to {@link #validateRound1PayloadReceived(JPAKERound1Payload)}, or multiple times
-     */
-    public void validateRound2PayloadReceived(JPAKERound2Payload round2PayloadReceived)
-        throws CryptoException
-    {
-        if (this.state >= STATE_ROUND_2_VALIDATED)
-        {
-            throw new IllegalStateException("Validation already attempted for round2 payload for" + participantId);
-        }
-        if (this.state < STATE_ROUND_1_VALIDATED)
-        {
-            throw new IllegalStateException("Round1 payload must be validated prior to validating Round2 payload for " + this.participantId);
-        }
-        BigInteger gB = JPAKEUtil.calculateGA(p, gx3, gx1, gx2);
-        this.b = round2PayloadReceived.getA();
-        BigInteger[] knowledgeProofForX4s = round2PayloadReceived.getKnowledgeProofForX2s();
-
-        JPAKEUtil.validateParticipantIdsDiffer(participantId, round2PayloadReceived.getParticipantId());
-        JPAKEUtil.validateParticipantIdsEqual(this.partnerParticipantId, round2PayloadReceived.getParticipantId());
-        JPAKEUtil.validateGa(gB);
-        JPAKEUtil.validateZeroKnowledgeProof(p, q, gB, b, knowledgeProofForX4s, round2PayloadReceived.getParticipantId(), digest);
-
-        this.state = STATE_ROUND_2_VALIDATED;
-    }
-
-    /**
-     * Calculates and returns the key material.
-     * A session key must be derived from this key material using a secure key derivation function (KDF).
-     * The KDF used to derive the key is handled externally (i.e. not by {@link JPAKEParticipant}).
-     * <p>
-     * The keying material will be identical for each participant if and only if
-     * each participant's password is the same.  i.e. If the participants do not
-     * share the same password, then each participant will derive a different key.
-     * Therefore, if you immediately start using a key derived from
-     * the keying material, then you must handle detection of incorrect keys.
-     * If you want to handle this detection explicitly, you can optionally perform
-     * rounds 3 and 4.  See {@link JPAKEParticipant} for details on how to execute
-     * rounds 3 and 4.
-     * <p>
-     * The keying material will be in the range <tt>[0, p-1]</tt>.
-     * <p>
-     * {@link #validateRound2PayloadReceived(JPAKERound2Payload)} must be called prior to this method.
-     * <p>
-     * As a side effect, the internal {@link #password} array is cleared, since it is no longer needed.
-     * <p>
-     * After execution, the {@link #getState() state} will be  {@link #STATE_KEY_CALCULATED}.
-     *
-     * @throws IllegalStateException if called prior to {@link #validateRound2PayloadReceived(JPAKERound2Payload)},
-     * or if called multiple times.
-     */
-    public BigInteger calculateKeyingMaterial()
-    {
-        if (this.state >= STATE_KEY_CALCULATED)
-        {
-            throw new IllegalStateException("Key already calculated for " + participantId);
-        }
-        if (this.state < STATE_ROUND_2_VALIDATED)
-        {
-            throw new IllegalStateException("Round2 payload must be validated prior to creating key for " + participantId);
-        }
-        BigInteger s = JPAKEUtil.calculateS(password);
-        
-        /*
-         * Clear the password array from memory, since we don't need it anymore.
-         * 
-         * Also set the field to null as a flag to indicate that the key has already been calculated.
-         */
-        Arrays.fill(password, (char)0);
-        this.password = null;
-
-        BigInteger keyingMaterial = JPAKEUtil.calculateKeyingMaterial(p, q, gx4, x2, s, b);
-        
-        /*
-         * Clear the ephemeral private key fields as well.
-         * Note that we're relying on the garbage collector to do its job to clean these up.
-         * The old objects will hang around in memory until the garbage collector destroys them.
-         * 
-         * If the ephemeral private keys x1 and x2 are leaked,
-         * the attacker might be able to brute-force the password.
-         */
-        this.x1 = null;
-        this.x2 = null;
-        this.b = null;
-        
-        /*
-         * Do not clear gx* yet, since those are needed by round 3.
-         */
-
-        this.state = STATE_KEY_CALCULATED;
-
-        return keyingMaterial;
-    }
-
-
-    /**
-     * Creates and returns the payload to send to the other participant during round 3.
-     * <p>
-     * See {@link JPAKEParticipant} for more details on round 3.
-     * <p>
-     * After execution, the {@link #getState() state} will be  {@link #STATE_ROUND_3_CREATED}.
-     *
-     * @param keyingMaterial The keying material as returned from {@link #calculateKeyingMaterial()}.
-     * @throws IllegalStateException if called prior to {@link #calculateKeyingMaterial()}, or multiple times
-     */
-    public JPAKERound3Payload createRound3PayloadToSend(BigInteger keyingMaterial)
-    {
-        if (this.state >= STATE_ROUND_3_CREATED)
-        {
-            throw new IllegalStateException("Round3 payload already created for " + this.participantId);
-        }
-        if (this.state < STATE_KEY_CALCULATED)
-        {
-            throw new IllegalStateException("Keying material must be calculated prior to creating Round3 payload for " + this.participantId);
-        }
-
-        BigInteger macTag = JPAKEUtil.calculateMacTag(
-            this.participantId,
-            this.partnerParticipantId,
-            this.gx1,
-            this.gx2,
-            this.gx3,
-            this.gx4,
-            keyingMaterial,
-            this.digest);
-
-        this.state = STATE_ROUND_3_CREATED;
-
-        return new JPAKERound3Payload(participantId, macTag);
-    }
-
-    /**
-     * Validates the payload received from the other participant during round 3.
-     * <p>
-     * See {@link JPAKEParticipant} for more details on round 3.
-     * <p>
-     * After execution, the {@link #getState() state} will be {@link #STATE_ROUND_3_VALIDATED}.
-     *
-     * @param round3PayloadReceived The round 3 payload received from the other participant.
-     * @param keyingMaterial The keying material as returned from {@link #calculateKeyingMaterial()}.
-     * @throws CryptoException if validation fails.
-     * @throws IllegalStateException if called prior to {@link #calculateKeyingMaterial()}, or multiple times
-     */
-    public void validateRound3PayloadReceived(JPAKERound3Payload round3PayloadReceived, BigInteger keyingMaterial)
-        throws CryptoException
-    {
-        if (this.state >= STATE_ROUND_3_VALIDATED)
-        {
-            throw new IllegalStateException("Validation already attempted for round3 payload for" + participantId);
-        }
-        if (this.state < STATE_KEY_CALCULATED)
-        {
-            throw new IllegalStateException("Keying material must be calculated validated prior to validating Round3 payload for " + this.participantId);
-        }
-        JPAKEUtil.validateParticipantIdsDiffer(participantId, round3PayloadReceived.getParticipantId());
-        JPAKEUtil.validateParticipantIdsEqual(this.partnerParticipantId, round3PayloadReceived.getParticipantId());
-
-        JPAKEUtil.validateMacTag(
-            this.participantId,
-            this.partnerParticipantId,
-            this.gx1,
-            this.gx2,
-            this.gx3,
-            this.gx4,
-            keyingMaterial,
-            this.digest,
-            round3PayloadReceived.getMacTag());
-        
-        
-        /*
-         * Clear the rest of the fields.
-         */
-        this.gx1 = null;
-        this.gx2 = null;
-        this.gx3 = null;
-        this.gx4 = null;
-
-        this.state = STATE_ROUND_3_VALIDATED;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/jpake/JPAKEPrimeOrderGroup.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/jpake/JPAKEPrimeOrderGroup.java
deleted file mode 100644
index ad2c6ae..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/jpake/JPAKEPrimeOrderGroup.java
+++ /dev/null

@@ -1,115 +0,0 @@
-package org.bouncycastle.crypto.agreement.jpake;
-
-import java.math.BigInteger;
-
-/**
- * A pre-computed prime order group for use during a J-PAKE exchange.
- * <p>
- * Typically a Schnorr group is used.  In general, J-PAKE can use any prime order group
- * that is suitable for public key cryptography, including elliptic curve cryptography.
- * <p>
- * See {@link JPAKEPrimeOrderGroups} for convenient standard groups.
- * <p>
- * NIST <a href="http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/DSA2_All.pdf">publishes</a>
- * many groups that can be used for the desired level of security.
- */
-public class JPAKEPrimeOrderGroup
-{
-    private final BigInteger p;
-    private final BigInteger q;
-    private final BigInteger g;
-
-    /**
-     * Constructs a new {@link JPAKEPrimeOrderGroup}.
-     * <p>
-     * In general, you should use one of the pre-approved groups from
-     * {@link JPAKEPrimeOrderGroups}, rather than manually constructing one.
-     * <p>
-     * The following basic checks are performed:
-     * <ul>
-     * <li>p-1 must be evenly divisible by q</li>
-     * <li>g must be in [2, p-1]</li>
-     * <li>g^q mod p must equal 1</li>
-     * <li>p must be prime (within reasonably certainty)</li>
-     * <li>q must be prime (within reasonably certainty)</li>
-     * </ul>
-     * <p>
-     * The prime checks are performed using {@link BigInteger#isProbablePrime(int)},
-     * and are therefore subject to the same probability guarantees.
-     * <p>
-     * These checks prevent trivial mistakes.
-     * However, due to the small uncertainties if p and q are not prime,
-     * advanced attacks are not prevented.
-     * Use it at your own risk.
-     *
-     * @throws NullPointerException if any argument is null
-     * @throws IllegalArgumentException if any of the above validations fail
-     */
-    public JPAKEPrimeOrderGroup(BigInteger p, BigInteger q, BigInteger g)
-    {
-        /*
-         * Don't skip the checks on user-specified groups.
-         */
-        this(p, q, g, false);
-    }
-
-    /**
-     * Internal package-private constructor used by the pre-approved
-     * groups in {@link JPAKEPrimeOrderGroups}.
-     * These pre-approved groups can avoid the expensive checks.
-     */
-    JPAKEPrimeOrderGroup(BigInteger p, BigInteger q, BigInteger g, boolean skipChecks)
-    {
-        JPAKEUtil.validateNotNull(p, "p");
-        JPAKEUtil.validateNotNull(q, "q");
-        JPAKEUtil.validateNotNull(g, "g");
-
-        if (!skipChecks)
-        {
-            if (!p.subtract(JPAKEUtil.ONE).mod(q).equals(JPAKEUtil.ZERO))
-            {
-                throw new IllegalArgumentException("p-1 must be evenly divisible by q");
-            }
-            if (g.compareTo(BigInteger.valueOf(2)) == -1 || g.compareTo(p.subtract(JPAKEUtil.ONE)) == 1)
-            {
-                throw new IllegalArgumentException("g must be in [2, p-1]");
-            }
-            if (!g.modPow(q, p).equals(JPAKEUtil.ONE))
-            {
-                throw new IllegalArgumentException("g^q mod p must equal 1");
-            }
-            /*
-             * Note that these checks do not guarantee that p and q are prime.
-             * We just have reasonable certainty that they are prime.
-             */
-            if (!p.isProbablePrime(20))
-            {
-                throw new IllegalArgumentException("p must be prime");
-            }
-            if (!q.isProbablePrime(20))
-            {
-                throw new IllegalArgumentException("q must be prime");
-            }
-        }
-
-        this.p = p;
-        this.q = q;
-        this.g = g;
-    }
-
-    public BigInteger getP()
-    {
-        return p;
-    }
-
-    public BigInteger getQ()
-    {
-        return q;
-    }
-
-    public BigInteger getG()
-    {
-        return g;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/jpake/JPAKEPrimeOrderGroups.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/jpake/JPAKEPrimeOrderGroups.java
deleted file mode 100644
index 2fb1861..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/jpake/JPAKEPrimeOrderGroups.java
+++ /dev/null

@@ -1,111 +0,0 @@
-package org.bouncycastle.crypto.agreement.jpake;
-
-import java.math.BigInteger;
-
-/**
- * Standard pre-computed prime order groups for use by J-PAKE.
- * (J-PAKE can use pre-computed prime order groups, same as DSA and Diffie-Hellman.)
- * <p>
- * This class contains some convenient constants for use as input for
- * constructing {@link JPAKEParticipant}s.
- * <p>
- * The prime order groups below are taken from Sun's JDK JavaDoc (docs/guide/security/CryptoSpec.html#AppB),
- * and from the prime order groups
- * <a href="http://csrc.nist.gov/groups/ST/toolkit/documents/Examples/DSA2_All.pdf">published by NIST</a>.
- */
-public class JPAKEPrimeOrderGroups
-{
-    /**
-     * From Sun's JDK JavaDoc (docs/guide/security/CryptoSpec.html#AppB)
-     * 1024-bit p, 160-bit q and 1024-bit g for 80-bit security.
-     */
-    public static final JPAKEPrimeOrderGroup SUN_JCE_1024 = new JPAKEPrimeOrderGroup(
-        // p
-        new BigInteger(
-            "fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669" +
-                "455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b7" +
-                "6b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb" +
-                "83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7", 16),
-        // q
-        new BigInteger(
-            "9760508f15230bccb292b982a2eb840bf0581cf5", 16),
-        // g
-        new BigInteger(
-            "f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d078267" +
-                "5159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e1" +
-                "3c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243b" +
-                "cca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a", 16),
-        true
-    );
-
-    /**
-     * From NIST.
-     * 2048-bit p, 224-bit q and 2048-bit g for 112-bit security.
-     */
-    public static final JPAKEPrimeOrderGroup NIST_2048 = new JPAKEPrimeOrderGroup(
-        // p
-        new BigInteger(
-            "C196BA05AC29E1F9C3C72D56DFFC6154A033F1477AC88EC37F09BE6C5BB95F51" +
-                "C296DD20D1A28A067CCC4D4316A4BD1DCA55ED1066D438C35AEBAABF57E7DAE4" +
-                "28782A95ECA1C143DB701FD48533A3C18F0FE23557EA7AE619ECACC7E0B51652" +
-                "A8776D02A425567DED36EABD90CA33A1E8D988F0BBB92D02D1D20290113BB562" +
-                "CE1FC856EEB7CDD92D33EEA6F410859B179E7E789A8F75F645FAE2E136D252BF" +
-                "FAFF89528945C1ABE705A38DBC2D364AADE99BE0D0AAD82E5320121496DC65B3" +
-                "930E38047294FF877831A16D5228418DE8AB275D7D75651CEFED65F78AFC3EA7" +
-                "FE4D79B35F62A0402A1117599ADAC7B269A59F353CF450E6982D3B1702D9CA83", 16),
-        // q
-        new BigInteger(
-            "90EAF4D1AF0708B1B612FF35E0A2997EB9E9D263C9CE659528945C0D", 16),
-        // g
-        new BigInteger(
-            "A59A749A11242C58C894E9E5A91804E8FA0AC64B56288F8D47D51B1EDC4D6544" +
-                "4FECA0111D78F35FC9FDD4CB1F1B79A3BA9CBEE83A3F811012503C8117F98E50" +
-                "48B089E387AF6949BF8784EBD9EF45876F2E6A5A495BE64B6E770409494B7FEE" +
-                "1DBB1E4B2BC2A53D4F893D418B7159592E4FFFDF6969E91D770DAEBD0B5CB14C" +
-                "00AD68EC7DC1E5745EA55C706C4A1C5C88964E34D09DEB753AD418C1AD0F4FDF" +
-                "D049A955E5D78491C0B7A2F1575A008CCD727AB376DB6E695515B05BD412F5B8" +
-                "C2F4C77EE10DA48ABD53F5DD498927EE7B692BBBCDA2FB23A516C5B4533D7398" +
-                "0B2A3B60E384ED200AE21B40D273651AD6060C13D97FD69AA13C5611A51B9085", 16),
-        true
-    );
-
-    /**
-     * From NIST.
-     * 3072-bit p, 256-bit q and 3072-bit g for 128-bit security.
-     */
-    public static final JPAKEPrimeOrderGroup NIST_3072 = new JPAKEPrimeOrderGroup(
-        // p
-        new BigInteger(
-            "90066455B5CFC38F9CAA4A48B4281F292C260FEEF01FD61037E56258A7795A1C" +
-                "7AD46076982CE6BB956936C6AB4DCFE05E6784586940CA544B9B2140E1EB523F" +
-                "009D20A7E7880E4E5BFA690F1B9004A27811CD9904AF70420EEFD6EA11EF7DA1" +
-                "29F58835FF56B89FAA637BC9AC2EFAAB903402229F491D8D3485261CD068699B" +
-                "6BA58A1DDBBEF6DB51E8FE34E8A78E542D7BA351C21EA8D8F1D29F5D5D159394" +
-                "87E27F4416B0CA632C59EFD1B1EB66511A5A0FBF615B766C5862D0BD8A3FE7A0" +
-                "E0DA0FB2FE1FCB19E8F9996A8EA0FCCDE538175238FC8B0EE6F29AF7F642773E" +
-                "BE8CD5402415A01451A840476B2FCEB0E388D30D4B376C37FE401C2A2C2F941D" +
-                "AD179C540C1C8CE030D460C4D983BE9AB0B20F69144C1AE13F9383EA1C08504F" +
-                "B0BF321503EFE43488310DD8DC77EC5B8349B8BFE97C2C560EA878DE87C11E3D" +
-                "597F1FEA742D73EEC7F37BE43949EF1A0D15C3F3E3FC0A8335617055AC91328E" +
-                "C22B50FC15B941D3D1624CD88BC25F3E941FDDC6200689581BFEC416B4B2CB73", 16),
-        // q
-        new BigInteger(
-            "CFA0478A54717B08CE64805B76E5B14249A77A4838469DF7F7DC987EFCCFB11D", 16),
-        // g
-        new BigInteger(
-            "5E5CBA992E0A680D885EB903AEA78E4A45A469103D448EDE3B7ACCC54D521E37" +
-                "F84A4BDD5B06B0970CC2D2BBB715F7B82846F9A0C393914C792E6A923E2117AB" +
-                "805276A975AADB5261D91673EA9AAFFEECBFA6183DFCB5D3B7332AA19275AFA1" +
-                "F8EC0B60FB6F66CC23AE4870791D5982AAD1AA9485FD8F4A60126FEB2CF05DB8" +
-                "A7F0F09B3397F3937F2E90B9E5B9C9B6EFEF642BC48351C46FB171B9BFA9EF17" +
-                "A961CE96C7E7A7CC3D3D03DFAD1078BA21DA425198F07D2481622BCE45969D9C" +
-                "4D6063D72AB7A0F08B2F49A7CC6AF335E08C4720E31476B67299E231F8BD90B3" +
-                "9AC3AE3BE0C6B6CACEF8289A2E2873D58E51E029CAFBD55E6841489AB66B5B4B" +
-                "9BA6E2F784660896AFF387D92844CCB8B69475496DE19DA2E58259B090489AC8" +
-                "E62363CDF82CFD8EF2A427ABCD65750B506F56DDE3B988567A88126B914D7828" +
-                "E2B63A6D7ED0747EC59E0E0A23CE7D8A74C1D2C2A7AFB6A29799620F00E11C33" +
-                "787F7DED3B30E1A22D09F1FBDA1ABBBFBF25CAE05A13F812E34563F99410E73B", 16),
-        true
-    );
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/jpake/JPAKERound1Payload.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/jpake/JPAKERound1Payload.java
deleted file mode 100644
index c704040..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/jpake/JPAKERound1Payload.java
+++ /dev/null

@@ -1,98 +0,0 @@
-package org.bouncycastle.crypto.agreement.jpake;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * The payload sent/received during the first round of a J-PAKE exchange.
- * <p>
- * Each {@link JPAKEParticipant} creates and sends an instance
- * of this payload to the other {@link JPAKEParticipant}.
- * The payload to send should be created via
- * {@link JPAKEParticipant#createRound1PayloadToSend()}.
- * <p>
- * Each {@link JPAKEParticipant} must also validate the payload
- * received from the other {@link JPAKEParticipant}.
- * The received payload should be validated via
- * {@link JPAKEParticipant#validateRound1PayloadReceived(JPAKERound1Payload)}.
- */
-public class JPAKERound1Payload
-{
-    /**
-     * The id of the {@link JPAKEParticipant} who created/sent this payload.
-     */
-    private final String participantId;
-
-    /**
-     * The value of g^x1
-     */
-    private final BigInteger gx1;
-
-    /**
-     * The value of g^x2
-     */
-    private final BigInteger gx2;
-
-    /**
-     * The zero knowledge proof for x1.
-     * <p>
-     * This is a two element array, containing {g^v, r} for x1.
-     * </p>
-     */
-    private final BigInteger[] knowledgeProofForX1;
-
-    /**
-     * The zero knowledge proof for x2.
-     * <p>
-     * This is a two element array, containing {g^v, r} for x2.
-     * </p>
-     */
-    private final BigInteger[] knowledgeProofForX2;
-
-    public JPAKERound1Payload(
-        String participantId,
-        BigInteger gx1,
-        BigInteger gx2,
-        BigInteger[] knowledgeProofForX1,
-        BigInteger[] knowledgeProofForX2)
-    {
-        JPAKEUtil.validateNotNull(participantId, "participantId");
-        JPAKEUtil.validateNotNull(gx1, "gx1");
-        JPAKEUtil.validateNotNull(gx2, "gx2");
-        JPAKEUtil.validateNotNull(knowledgeProofForX1, "knowledgeProofForX1");
-        JPAKEUtil.validateNotNull(knowledgeProofForX2, "knowledgeProofForX2");
-
-        this.participantId = participantId;
-        this.gx1 = gx1;
-        this.gx2 = gx2;
-        this.knowledgeProofForX1 = Arrays.copyOf(knowledgeProofForX1, knowledgeProofForX1.length);
-        this.knowledgeProofForX2 = Arrays.copyOf(knowledgeProofForX2, knowledgeProofForX2.length);
-    }
-
-    public String getParticipantId()
-    {
-        return participantId;
-    }
-
-    public BigInteger getGx1()
-    {
-        return gx1;
-    }
-
-    public BigInteger getGx2()
-    {
-        return gx2;
-    }
-
-    public BigInteger[] getKnowledgeProofForX1()
-    {
-        return Arrays.copyOf(knowledgeProofForX1, knowledgeProofForX1.length);
-    }
-
-    public BigInteger[] getKnowledgeProofForX2()
-    {
-        return Arrays.copyOf(knowledgeProofForX2, knowledgeProofForX2.length);
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/jpake/JPAKERound2Payload.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/jpake/JPAKERound2Payload.java
deleted file mode 100644
index af3cb5f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/jpake/JPAKERound2Payload.java
+++ /dev/null

@@ -1,69 +0,0 @@
-package org.bouncycastle.crypto.agreement.jpake;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * The payload sent/received during the second round of a J-PAKE exchange.
- * <p>
- * Each {@link JPAKEParticipant} creates and sends an instance
- * of this payload to the other {@link JPAKEParticipant}.
- * The payload to send should be created via
- * {@link JPAKEParticipant#createRound2PayloadToSend()}
- * <p>
- * Each {@link JPAKEParticipant} must also validate the payload
- * received from the other {@link JPAKEParticipant}.
- * The received payload should be validated via
- * {@link JPAKEParticipant#validateRound2PayloadReceived(JPAKERound2Payload)}
- */
-public class JPAKERound2Payload
-{
-    /**
-     * The id of the {@link JPAKEParticipant} who created/sent this payload.
-     */
-    private final String participantId;
-
-    /**
-     * The value of A, as computed during round 2.
-     */
-    private final BigInteger a;
-
-    /**
-     * The zero knowledge proof for x2 * s.
-     * <p>
-     * This is a two element array, containing {g^v, r} for x2 * s.
-     * </p>
-     */
-    private final BigInteger[] knowledgeProofForX2s;
-
-    public JPAKERound2Payload(
-        String participantId,
-        BigInteger a,
-        BigInteger[] knowledgeProofForX2s)
-    {
-        JPAKEUtil.validateNotNull(participantId, "participantId");
-        JPAKEUtil.validateNotNull(a, "a");
-        JPAKEUtil.validateNotNull(knowledgeProofForX2s, "knowledgeProofForX2s");
-
-        this.participantId = participantId;
-        this.a = a;
-        this.knowledgeProofForX2s = Arrays.copyOf(knowledgeProofForX2s, knowledgeProofForX2s.length);
-    }
-
-    public String getParticipantId()
-    {
-        return participantId;
-    }
-
-    public BigInteger getA()
-    {
-        return a;
-    }
-
-    public BigInteger[] getKnowledgeProofForX2s()
-    {
-        return Arrays.copyOf(knowledgeProofForX2s, knowledgeProofForX2s.length);
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/jpake/JPAKERound3Payload.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/jpake/JPAKERound3Payload.java
deleted file mode 100644
index 0fe1cba..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/jpake/JPAKERound3Payload.java
+++ /dev/null

@@ -1,49 +0,0 @@
-package org.bouncycastle.crypto.agreement.jpake;
-
-import java.math.BigInteger;
-
-/**
- * The payload sent/received during the optional third round of a J-PAKE exchange,
- * which is for explicit key confirmation.
- * <p>
- * Each {@link JPAKEParticipant} creates and sends an instance
- * of this payload to the other {@link JPAKEParticipant}.
- * The payload to send should be created via
- * {@link JPAKEParticipant#createRound3PayloadToSend(BigInteger)}
- * <p>
- * Each {@link JPAKEParticipant} must also validate the payload
- * received from the other {@link JPAKEParticipant}.
- * The received payload should be validated via
- * {@link JPAKEParticipant#validateRound3PayloadReceived(JPAKERound3Payload, BigInteger)}
- */
-public class JPAKERound3Payload
-{
-    /**
-     * The id of the {@link JPAKEParticipant} who created/sent this payload.
-     */
-    private final String participantId;
-
-    /**
-     * The value of MacTag, as computed by round 3.
-     *
-     * @see JPAKEUtil#calculateMacTag(String, String, BigInteger, BigInteger, BigInteger, BigInteger, BigInteger, org.bouncycastle.crypto.Digest)
-     */
-    private final BigInteger macTag;
-
-    public JPAKERound3Payload(String participantId, BigInteger magTag)
-    {
-        this.participantId = participantId;
-        this.macTag = magTag;
-    }
-
-    public String getParticipantId()
-    {
-        return participantId;
-    }
-
-    public BigInteger getMacTag()
-    {
-        return macTag;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/jpake/JPAKEUtil.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/jpake/JPAKEUtil.java
deleted file mode 100644
index 0a6c5fe..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/jpake/JPAKEUtil.java
+++ /dev/null

@@ -1,495 +0,0 @@
-package org.bouncycastle.crypto.agreement.jpake;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.BigIntegers;
-import org.bouncycastle.util.Strings;
-
-/**
- * Primitives needed for a J-PAKE exchange.
- * <p>
- * The recommended way to perform a J-PAKE exchange is by using
- * two {@link JPAKEParticipant}s.  Internally, those participants
- * call these primitive operations in {@link JPAKEUtil}.
- * <p>
- * The primitives, however, can be used without a {@link JPAKEParticipant}
- * if needed.
- */
-public class JPAKEUtil
-{
-    static final BigInteger ZERO = BigInteger.valueOf(0);
-    static final BigInteger ONE = BigInteger.valueOf(1);
-
-    /**
-     * Return a value that can be used as x1 or x3 during round 1.
-     * <p>
-     * The returned value is a random value in the range <tt>[0, q-1]</tt>.
-     */
-    public static BigInteger generateX1(
-        BigInteger q,
-        SecureRandom random)
-    {
-        BigInteger min = ZERO;
-        BigInteger max = q.subtract(ONE);
-        return BigIntegers.createRandomInRange(min, max, random);
-    }
-
-    /**
-     * Return a value that can be used as x2 or x4 during round 1.
-     * <p>
-     * The returned value is a random value in the range <tt>[1, q-1]</tt>.
-     */
-    public static BigInteger generateX2(
-        BigInteger q,
-        SecureRandom random)
-    {
-        BigInteger min = ONE;
-        BigInteger max = q.subtract(ONE);
-        return BigIntegers.createRandomInRange(min, max, random);
-    }
-
-    /**
-     * Converts the given password to a {@link BigInteger}
-     * for use in arithmetic calculations.
-     */
-    public static BigInteger calculateS(char[] password)
-    {
-        return new BigInteger(Strings.toUTF8ByteArray(password));
-    }
-
-    /**
-     * Calculate g^x mod p as done in round 1.
-     */
-    public static BigInteger calculateGx(
-        BigInteger p,
-        BigInteger g,
-        BigInteger x)
-    {
-        return g.modPow(x, p);
-    }
-
-
-    /**
-     * Calculate ga as done in round 2.
-     */
-    public static BigInteger calculateGA(
-        BigInteger p,
-        BigInteger gx1,
-        BigInteger gx3,
-        BigInteger gx4)
-    {
-        // ga = g^(x1+x3+x4) = g^x1 * g^x3 * g^x4 
-        return gx1.multiply(gx3).multiply(gx4).mod(p);
-    }
-
-
-    /**
-     * Calculate x2 * s as done in round 2.
-     */
-    public static BigInteger calculateX2s(
-        BigInteger q,
-        BigInteger x2,
-        BigInteger s)
-    {
-        return x2.multiply(s).mod(q);
-    }
-
-
-    /**
-     * Calculate A as done in round 2.
-     */
-    public static BigInteger calculateA(
-        BigInteger p,
-        BigInteger q,
-        BigInteger gA,
-        BigInteger x2s)
-    {
-        // A = ga^(x*s)
-        return gA.modPow(x2s, p);
-    }
-
-    /**
-     * Calculate a zero knowledge proof of x using Schnorr's signature.
-     * The returned array has two elements {g^v, r = v-x*h} for x.
-     */
-    public static BigInteger[] calculateZeroKnowledgeProof(
-        BigInteger p,
-        BigInteger q,
-        BigInteger g,
-        BigInteger gx,
-        BigInteger x,
-        String participantId,
-        Digest digest,
-        SecureRandom random)
-    {
-        BigInteger[] zeroKnowledgeProof = new BigInteger[2];
-
-        /* Generate a random v, and compute g^v */
-        BigInteger vMin = ZERO;
-        BigInteger vMax = q.subtract(ONE);
-        BigInteger v = BigIntegers.createRandomInRange(vMin, vMax, random);
-
-        BigInteger gv = g.modPow(v, p);
-        BigInteger h = calculateHashForZeroKnowledgeProof(g, gv, gx, participantId, digest); // h
-
-        zeroKnowledgeProof[0] = gv;
-        zeroKnowledgeProof[1] = v.subtract(x.multiply(h)).mod(q); // r = v-x*h
-
-        return zeroKnowledgeProof;
-    }
-
-    private static BigInteger calculateHashForZeroKnowledgeProof(
-        BigInteger g,
-        BigInteger gr,
-        BigInteger gx,
-        String participantId,
-        Digest digest)
-    {
-        digest.reset();
-
-        updateDigestIncludingSize(digest, g);
-
-        updateDigestIncludingSize(digest, gr);
-
-        updateDigestIncludingSize(digest, gx);
-
-        updateDigestIncludingSize(digest, participantId);
-
-        byte[] output = new byte[digest.getDigestSize()];
-        digest.doFinal(output, 0);
-
-        return new BigInteger(output);
-    }
-
-    /**
-     * Validates that g^x4 is not 1.
-     *
-     * @throws CryptoException if g^x4 is 1
-     */
-    public static void validateGx4(BigInteger gx4)
-        throws CryptoException
-    {
-        if (gx4.equals(ONE))
-        {
-            throw new CryptoException("g^x validation failed.  g^x should not be 1.");
-        }
-    }
-
-    /**
-     * Validates that ga is not 1.
-     * <p>
-     * As described by Feng Hao...
-     * <p>
-     * <blockquote>
-     * Alice could simply check ga != 1 to ensure it is a generator.
-     * In fact, as we will explain in Section 3, (x1 + x3 + x4 ) is random over Zq even in the face of active attacks.
-     * Hence, the probability for ga = 1 is extremely small - on the order of 2^160 for 160-bit q.
-     * </blockquote>
-     *
-     * @throws CryptoException if ga is 1
-     */
-    public static void validateGa(BigInteger ga)
-        throws CryptoException
-    {
-        if (ga.equals(ONE))
-        {
-            throw new CryptoException("ga is equal to 1.  It should not be.  The chances of this happening are on the order of 2^160 for a 160-bit q.  Try again.");
-        }
-    }
-
-    /**
-     * Validates the zero knowledge proof (generated by
-     * {@link #calculateZeroKnowledgeProof(BigInteger, BigInteger, BigInteger, BigInteger, BigInteger, String, Digest, SecureRandom)})
-     * is correct.
-     *
-     * @throws CryptoException if the zero knowledge proof is not correct
-     */
-    public static void validateZeroKnowledgeProof(
-        BigInteger p,
-        BigInteger q,
-        BigInteger g,
-        BigInteger gx,
-        BigInteger[] zeroKnowledgeProof,
-        String participantId,
-        Digest digest)
-        throws CryptoException
-    {
-
-        /* sig={g^v,r} */
-        BigInteger gv = zeroKnowledgeProof[0];
-        BigInteger r = zeroKnowledgeProof[1];
-
-        BigInteger h = calculateHashForZeroKnowledgeProof(g, gv, gx, participantId, digest);
-        if (!(gx.compareTo(ZERO) == 1 && // g^x > 0
-            gx.compareTo(p) == -1 && // g^x < p
-            gx.modPow(q, p).compareTo(ONE) == 0 && // g^x^q mod q = 1
-                /*
-                 * Below, I took an straightforward way to compute g^r * g^x^h,
-                 * which needs 2 exp. Using a simultaneous computation technique
-                 * would only need 1 exp.
-                 */
-            g.modPow(r, p).multiply(gx.modPow(h, p)).mod(p).compareTo(gv) == 0)) // g^v=g^r * g^x^h
-        {
-            throw new CryptoException("Zero-knowledge proof validation failed");
-        }
-    }
-
-    /**
-     * Calculates the keying material, which can be done after round 2 has completed.
-     * A session key must be derived from this key material using a secure key derivation function (KDF).
-     * The KDF used to derive the key is handled externally (i.e. not by {@link JPAKEParticipant}).
-     * <pre>
-     * KeyingMaterial = (B/g^{x2*x4*s})^x2
-     * </pre>
-     */
-    public static BigInteger calculateKeyingMaterial(
-        BigInteger p,
-        BigInteger q,
-        BigInteger gx4,
-        BigInteger x2,
-        BigInteger s,
-        BigInteger B)
-    {
-        return gx4.modPow(x2.multiply(s).negate().mod(q), p).multiply(B).modPow(x2, p);
-    }
-
-    /**
-     * Validates that the given participant ids are not equal.
-     * (For the J-PAKE exchange, each participant must use a unique id.)
-     *
-     * @throws CryptoException if the participantId strings are equal.
-     */
-    public static void validateParticipantIdsDiffer(String participantId1, String participantId2)
-        throws CryptoException
-    {
-        if (participantId1.equals(participantId2))
-        {
-            throw new CryptoException(
-                "Both participants are using the same participantId ("
-                    + participantId1
-                    + "). This is not allowed. "
-                    + "Each participant must use a unique participantId.");
-        }
-    }
-
-    /**
-     * Validates that the given participant ids are equal.
-     * This is used to ensure that the payloads received from
-     * each round all come from the same participant.
-     *
-     * @throws CryptoException if the participantId strings are equal.
-     */
-    public static void validateParticipantIdsEqual(String expectedParticipantId, String actualParticipantId)
-        throws CryptoException
-    {
-        if (!expectedParticipantId.equals(actualParticipantId))
-        {
-            throw new CryptoException(
-                "Received payload from incorrect partner ("
-                    + actualParticipantId
-                    + "). Expected to receive payload from "
-                    + expectedParticipantId
-                    + ".");
-        }
-    }
-
-    /**
-     * Validates that the given object is not null.
-     *
-     *  @param object object in question
-     * @param description name of the object (to be used in exception message)
-     * @throws NullPointerException if the object is null.
-     */
-    public static void validateNotNull(Object object, String description)
-    {
-        if (object == null)
-        {
-            throw new NullPointerException(description + " must not be null");
-        }
-    }
-
-    /**
-     * Calculates the MacTag (to be used for key confirmation), as defined by
-     * <a href="http://csrc.nist.gov/publications/nistpubs/800-56A/SP800-56A_Revision1_Mar08-2007.pdf">NIST SP 800-56A Revision 1</a>,
-     * Section 8.2 Unilateral Key Confirmation for Key Agreement Schemes.
-     * <pre>
-     * MacTag = HMAC(MacKey, MacLen, MacData)
-     *
-     * MacKey = H(K || "JPAKE_KC")
-     *
-     * MacData = "KC_1_U" || participantId || partnerParticipantId || gx1 || gx2 || gx3 || gx4
-     *
-     * Note that both participants use "KC_1_U" because the sender of the round 3 message
-     * is always the initiator for key confirmation.
-     *
-     * HMAC = {@link HMac} used with the given {@link Digest}
-     * H = The given {@link Digest}
-     * MacLen = length of MacTag
-     * </pre>
-     */
-    public static BigInteger calculateMacTag(
-        String participantId,
-        String partnerParticipantId,
-        BigInteger gx1,
-        BigInteger gx2,
-        BigInteger gx3,
-        BigInteger gx4,
-        BigInteger keyingMaterial,
-        Digest digest)
-    {
-        byte[] macKey = calculateMacKey(
-            keyingMaterial,
-            digest);
-
-        HMac mac = new HMac(digest);
-        byte[] macOutput = new byte[mac.getMacSize()];
-        mac.init(new KeyParameter(macKey));
-        
-        /*
-         * MacData = "KC_1_U" || participantId_Alice || participantId_Bob || gx1 || gx2 || gx3 || gx4.
-         */
-        updateMac(mac, "KC_1_U");
-        updateMac(mac, participantId);
-        updateMac(mac, partnerParticipantId);
-        updateMac(mac, gx1);
-        updateMac(mac, gx2);
-        updateMac(mac, gx3);
-        updateMac(mac, gx4);
-
-        mac.doFinal(macOutput, 0);
-
-        Arrays.fill(macKey, (byte)0);
-
-        return new BigInteger(macOutput);
-
-    }
-
-    /**
-     * Calculates the MacKey (i.e. the key to use when calculating the MagTag for key confirmation).
-     * <pre>
-     * MacKey = H(K || "JPAKE_KC")
-     * </pre>
-     */
-    private static byte[] calculateMacKey(BigInteger keyingMaterial, Digest digest)
-    {
-        digest.reset();
-
-        updateDigest(digest, keyingMaterial);
-        /*
-         * This constant is used to ensure that the macKey is NOT the same as the derived key.
-         */
-        updateDigest(digest, "JPAKE_KC");
-
-        byte[] output = new byte[digest.getDigestSize()];
-        digest.doFinal(output, 0);
-
-        return output;
-    }
-
-    /**
-     * Validates the MacTag received from the partner participant.
-     *
-     * @param partnerMacTag the MacTag received from the partner.
-     * @throws CryptoException if the participantId strings are equal.
-     */
-    public static void validateMacTag(
-        String participantId,
-        String partnerParticipantId,
-        BigInteger gx1,
-        BigInteger gx2,
-        BigInteger gx3,
-        BigInteger gx4,
-        BigInteger keyingMaterial,
-        Digest digest,
-        BigInteger partnerMacTag)
-        throws CryptoException
-    {
-        /*
-         * Calculate the expected MacTag using the parameters as the partner
-         * would have used when the partner called calculateMacTag.
-         * 
-         * i.e. basically all the parameters are reversed.
-         * participantId <-> partnerParticipantId
-         *            x1 <-> x3
-         *            x2 <-> x4
-         */
-        BigInteger expectedMacTag = calculateMacTag(
-            partnerParticipantId,
-            participantId,
-            gx3,
-            gx4,
-            gx1,
-            gx2,
-            keyingMaterial,
-            digest);
-
-        if (!expectedMacTag.equals(partnerMacTag))
-        {
-            throw new CryptoException(
-                "Partner MacTag validation failed. "
-                    + "Therefore, the password, MAC, or digest algorithm of each participant does not match.");
-        }
-    }
-
-    private static void updateDigest(Digest digest, BigInteger bigInteger)
-    {
-        byte[] byteArray = BigIntegers.asUnsignedByteArray(bigInteger);
-        digest.update(byteArray, 0, byteArray.length);
-        Arrays.fill(byteArray, (byte)0);
-    }
-
-    private static void updateDigestIncludingSize(Digest digest, BigInteger bigInteger)
-    {
-        byte[] byteArray = BigIntegers.asUnsignedByteArray(bigInteger);
-        digest.update(intToByteArray(byteArray.length), 0, 4);
-        digest.update(byteArray, 0, byteArray.length);
-        Arrays.fill(byteArray, (byte)0);
-    }
-
-    private static void updateDigest(Digest digest, String string)
-    {
-        byte[] byteArray = Strings.toUTF8ByteArray(string);
-        digest.update(byteArray, 0, byteArray.length);
-        Arrays.fill(byteArray, (byte)0);
-    }
-
-    private static void updateDigestIncludingSize(Digest digest, String string)
-    {
-        byte[] byteArray = Strings.toUTF8ByteArray(string);
-        digest.update(intToByteArray(byteArray.length), 0, 4);
-        digest.update(byteArray, 0, byteArray.length);
-        Arrays.fill(byteArray, (byte)0);
-    }
-
-    private static void updateMac(Mac mac, BigInteger bigInteger)
-    {
-        byte[] byteArray = BigIntegers.asUnsignedByteArray(bigInteger);
-        mac.update(byteArray, 0, byteArray.length);
-        Arrays.fill(byteArray, (byte)0);
-    }
-
-    private static void updateMac(Mac mac, String string)
-    {
-        byte[] byteArray = Strings.toUTF8ByteArray(string);
-        mac.update(byteArray, 0, byteArray.length);
-        Arrays.fill(byteArray, (byte)0);
-    }
-
-    private static byte[] intToByteArray(int value)
-    {
-        return new byte[]{
-            (byte)(value >>> 24),
-            (byte)(value >>> 16),
-            (byte)(value >>> 8),
-            (byte)value
-        };
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/jpake/package.html b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/jpake/package.html
deleted file mode 100644
index df16b4f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/jpake/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes for Password Authenticated Key Exchange by Juggling (J-PAKE) key exchange.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/kdf/ConcatenationKDFGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/kdf/ConcatenationKDFGenerator.java
deleted file mode 100644
index ef0e450..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/kdf/ConcatenationKDFGenerator.java
+++ /dev/null

@@ -1,125 +0,0 @@
-package org.bouncycastle.crypto.agreement.kdf;
-
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.DerivationFunction;
-import org.bouncycastle.crypto.DerivationParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.KDFParameters;
-
-/**
- * Generator for Concatenation Key Derivation Function defined in NIST SP 800-56A, Sect 5.8.1
- */
-public class ConcatenationKDFGenerator
-    implements DerivationFunction
-{
-    private Digest  digest;
-    private byte[]  shared;
-    private byte[]  otherInfo;
-    private int     hLen;
-
-    /**
-     * @param digest the digest to be used as the source of generated bytes
-     */
-    public ConcatenationKDFGenerator(
-        Digest digest)
-    {
-        this.digest = digest;
-        this.hLen = digest.getDigestSize();
-    }
-
-    public void init(
-        DerivationParameters    param)
-    {
-        if (param instanceof KDFParameters)
-        {
-            KDFParameters p = (KDFParameters)param;
-
-            shared = p.getSharedSecret();
-            otherInfo = p.getIV();
-        }
-        else
-        {
-            throw new IllegalArgumentException("KDF parameters required for generator");
-        }
-    }
-
-    /**
-     * return the underlying digest.
-     */
-    public Digest getDigest()
-    {
-        return digest;
-    }
-
-    /**
-     * int to octet string.
-     */
-    private void ItoOSP(
-        int     i,
-        byte[]  sp)
-    {
-        sp[0] = (byte)(i >>> 24);
-        sp[1] = (byte)(i >>> 16);
-        sp[2] = (byte)(i >>> 8);
-        sp[3] = (byte)(i >>> 0);
-    }
-
-    /**
-     * fill len bytes of the output buffer with bytes generated from
-     * the derivation function.
-     *
-     * @throws DataLengthException if the out buffer is too small.
-     */
-    public int generateBytes(
-        byte[]  out,
-        int     outOff,
-        int     len)
-        throws DataLengthException, IllegalArgumentException
-    {
-        if ((out.length - len) < outOff)
-        {
-            throw new OutputLengthException("output buffer too small");
-        }
-
-        byte[]  hashBuf = new byte[hLen];
-        byte[]  C = new byte[4];
-        int     counter = 1;
-        int     outputLen = 0;
-
-        digest.reset();
-
-        if (len > hLen)
-        {
-            do
-            {
-                ItoOSP(counter, C);
-
-                digest.update(C, 0, C.length);
-                digest.update(shared, 0, shared.length);
-                digest.update(otherInfo, 0, otherInfo.length);
-
-                digest.doFinal(hashBuf, 0);
-
-                System.arraycopy(hashBuf, 0, out, outOff + outputLen, hLen);
-                outputLen += hLen;
-            }
-            while ((counter++) < (len / hLen));
-        }
-
-        if (outputLen < len)
-        {
-            ItoOSP(counter, C);
-
-            digest.update(C, 0, C.length);
-            digest.update(shared, 0, shared.length);
-            digest.update(otherInfo, 0, otherInfo.length);
-
-            digest.doFinal(hashBuf, 0);
-
-            System.arraycopy(hashBuf, 0, out, outOff + outputLen, len - outputLen);
-        }
-
-        return len;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/kdf/DHKDFParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/kdf/DHKDFParameters.java
deleted file mode 100644
index 315c548..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/kdf/DHKDFParameters.java
+++ /dev/null

@@ -1,53 +0,0 @@
-package org.bouncycastle.crypto.agreement.kdf;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.crypto.DerivationParameters;
-
-public class DHKDFParameters
-    implements DerivationParameters
-{
-    private ASN1ObjectIdentifier algorithm;
-    private int keySize;
-    private byte[] z;
-    private byte[] extraInfo;
-
-    public DHKDFParameters(
-        ASN1ObjectIdentifier algorithm,
-        int keySize,
-        byte[] z)
-    {
-        this(algorithm, keySize, z, null);
-    }
-
-    public DHKDFParameters(
-        ASN1ObjectIdentifier algorithm,
-        int keySize,
-        byte[] z,
-        byte[] extraInfo)
-    {
-        this.algorithm = algorithm;
-        this.keySize = keySize;
-        this.z = z;
-        this.extraInfo = extraInfo;
-    }
-
-    public ASN1ObjectIdentifier getAlgorithm()
-    {
-        return algorithm;
-    }
-
-    public int getKeySize()
-    {
-        return keySize;
-    }
-
-    public byte[] getZ()
-    {
-        return z;
-    }
-
-    public byte[] getExtraInfo()
-    {
-        return extraInfo;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/kdf/DHKEKGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/kdf/DHKEKGenerator.java
deleted file mode 100644
index 7b7d870..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/kdf/DHKEKGenerator.java
+++ /dev/null

@@ -1,132 +0,0 @@
-package org.bouncycastle.crypto.agreement.kdf;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.DerivationFunction;
-import org.bouncycastle.crypto.DerivationParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.util.Pack;
-
-/**
- * RFC 2631 Diffie-hellman KEK derivation function.
- */
-public class DHKEKGenerator
-    implements DerivationFunction
-{
-    private final Digest digest;
-
-    private ASN1ObjectIdentifier algorithm;
-    private int                 keySize;
-    private byte[]              z;
-    private byte[]              partyAInfo;
-
-    public DHKEKGenerator(
-        Digest digest)
-    {
-        this.digest = digest;
-    }
-
-    public void init(DerivationParameters param)
-    {
-        DHKDFParameters params = (DHKDFParameters)param;
-
-        this.algorithm = params.getAlgorithm();
-        this.keySize = params.getKeySize();
-        this.z = params.getZ();
-        this.partyAInfo = params.getExtraInfo();
-    }
-
-    public Digest getDigest()
-    {
-        return digest;
-    }
-
-    public int generateBytes(byte[] out, int outOff, int len)
-        throws DataLengthException, IllegalArgumentException
-    {
-        if ((out.length - len) < outOff)
-        {
-            throw new OutputLengthException("output buffer too small");
-        }
-
-        long    oBytes = len;
-        int     outLen = digest.getDigestSize();
-
-        //
-        // this is at odds with the standard implementation, the
-        // maximum value should be hBits * (2^32 - 1) where hBits
-        // is the digest output size in bits. We can't have an
-        // array with a long index at the moment...
-        //
-        if (oBytes > ((2L << 32) - 1))
-        {
-            throw new IllegalArgumentException("Output length too large");
-        }
-
-        int cThreshold = (int)((oBytes + outLen - 1) / outLen);
-
-        byte[] dig = new byte[digest.getDigestSize()];
-
-        int counter = 1;
-
-        for (int i = 0; i < cThreshold; i++)
-        {
-            digest.update(z, 0, z.length);
-
-            // OtherInfo
-            ASN1EncodableVector v1 = new ASN1EncodableVector();
-            // KeySpecificInfo
-            ASN1EncodableVector v2 = new ASN1EncodableVector();
-
-            v2.add(algorithm);
-            v2.add(new DEROctetString(Pack.intToBigEndian(counter)));
-
-            v1.add(new DERSequence(v2));
-
-            if (partyAInfo != null)
-            {
-                v1.add(new DERTaggedObject(true, 0, new DEROctetString(partyAInfo)));
-            }
-
-            v1.add(new DERTaggedObject(true, 2, new DEROctetString(Pack.intToBigEndian(keySize))));
-
-            try
-            {
-                byte[] other = new DERSequence(v1).getEncoded(ASN1Encoding.DER);
-
-                digest.update(other, 0, other.length);
-            }
-            catch (IOException e)
-            {
-                throw new IllegalArgumentException("unable to encode parameter info: " + e.getMessage());
-            }
-
-            digest.doFinal(dig, 0);
-
-            if (len > outLen)
-            {
-                System.arraycopy(dig, 0, out, outOff, outLen);
-                outOff += outLen;
-                len -= outLen;
-            }
-            else
-            {
-                System.arraycopy(dig, 0, out, outOff, len);
-            }
-
-            counter++;
-        }
-
-        digest.reset();
-
-        return (int)oBytes;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/kdf/ECDHKEKGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/kdf/ECDHKEKGenerator.java
deleted file mode 100644
index 1e50fc1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/kdf/ECDHKEKGenerator.java
+++ /dev/null

@@ -1,79 +0,0 @@
-package org.bouncycastle.crypto.agreement.kdf;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.DerivationParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.DigestDerivationFunction;
-import org.bouncycastle.crypto.generators.KDF2BytesGenerator;
-import org.bouncycastle.crypto.params.KDFParameters;
-import org.bouncycastle.util.Pack;
-
-/**
- * X9.63 based key derivation function for ECDH CMS.
- */
-public class ECDHKEKGenerator
-    implements DigestDerivationFunction
-{
-    private DigestDerivationFunction kdf;
-
-    private ASN1ObjectIdentifier algorithm;
-    private int                 keySize;
-    private byte[]              z;
-
-    public ECDHKEKGenerator(
-        Digest digest)
-    {
-        this.kdf = new KDF2BytesGenerator(digest);
-    }
-
-    public void init(DerivationParameters param)
-    {
-        DHKDFParameters params = (DHKDFParameters)param;
-
-        this.algorithm = params.getAlgorithm();
-        this.keySize = params.getKeySize();
-        this.z = params.getZ();
-    }
-
-    public Digest getDigest()
-    {
-        return kdf.getDigest();
-    }
-
-    public int generateBytes(byte[] out, int outOff, int len)
-        throws DataLengthException, IllegalArgumentException
-    {
-        if (outOff + len > out.length)
-        {
-            throw new DataLengthException("output buffer too small");
-        }
-
-        // TODO Create an ASN.1 class for this (RFC3278)
-        // ECC-CMS-SharedInfo
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(new AlgorithmIdentifier(algorithm, DERNull.INSTANCE));
-        v.add(new DERTaggedObject(true, 2, new DEROctetString(Pack.intToBigEndian(keySize))));
-
-        try
-        {
-            kdf.init(new KDFParameters(z, new DERSequence(v).getEncoded(ASN1Encoding.DER)));
-        }
-        catch (IOException e)
-        {
-            throw new IllegalArgumentException("unable to initialise kdf: " + e.getMessage());
-        }
-
-        return kdf.generateBytes(out, outOff, len);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/kdf/GSKKDFParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/kdf/GSKKDFParameters.java
deleted file mode 100644
index 12c3798..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/kdf/GSKKDFParameters.java
+++ /dev/null

@@ -1,41 +0,0 @@
-package org.bouncycastle.crypto.agreement.kdf;
-
-import org.bouncycastle.crypto.DerivationParameters;
-
-/**
- * BSI Key Derivation Function Parameters for Session Keys (see BSI-TR-03111 Section 4.3.3)
- */
-public class GSKKDFParameters
-    implements DerivationParameters
-{
-    private final byte[] z;
-    private final int startCounter;
-    private final byte[] nonce;
-
-    public GSKKDFParameters(byte[] z, int startCounter)
-    {
-        this(z, startCounter, null);
-    }
-
-    public GSKKDFParameters(byte[] z, int startCounter, byte[] nonce)
-    {
-        this.z = z;
-        this.startCounter = startCounter;
-        this.nonce = nonce;
-    }
-
-    public byte[] getZ()
-    {
-        return z;
-    }
-
-    public int getStartCounter()
-    {
-        return startCounter;
-    }
-
-    public byte[] getNonce()
-    {
-        return nonce;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/kdf/GSKKFDGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/kdf/GSKKFDGenerator.java
deleted file mode 100644
index 36cb639..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/kdf/GSKKFDGenerator.java
+++ /dev/null

@@ -1,76 +0,0 @@
-package org.bouncycastle.crypto.agreement.kdf;
-
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.DerivationParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.DigestDerivationFunction;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Pack;
-
-/**
- * BSI Key Derivation Function for Session Keys (see BSI-TR-03111 Section 4.3.3)
- */
-public class GSKKFDGenerator
-    implements DigestDerivationFunction
-{
-    private final Digest digest;
-
-    private byte[] z;
-    private int counter;
-    private byte[] r;
-
-    private byte[] buf;
-
-    public GSKKFDGenerator(Digest digest)
-    {
-        this.digest = digest;
-        this.buf = new byte[digest.getDigestSize()];
-    }
-
-    public Digest getDigest()
-    {
-        return digest;
-    }
-
-    public void init(DerivationParameters param)
-    {
-        if (param instanceof GSKKDFParameters)
-        {
-            this.z = ((GSKKDFParameters)param).getZ();
-            this.counter = ((GSKKDFParameters)param).getStartCounter();
-            this.r = ((GSKKDFParameters)param).getNonce();
-        }
-        else
-        {
-            throw new IllegalArgumentException("unkown parameters type");
-        }
-    }
-
-    public int generateBytes(byte[] out, int outOff, int len)
-        throws DataLengthException, IllegalArgumentException
-    {
-        if (outOff + len > out.length)
-        {
-            throw new DataLengthException("output buffer too small");
-        }
-
-        digest.update(z, 0, z.length);
-
-        byte[] c = Pack.intToBigEndian(counter++);
-
-        digest.update(c, 0, c.length);
-
-        if (r != null)
-        {
-            digest.update(r, 0, r.length);
-        }
-
-        digest.doFinal(buf, 0);
-
-        System.arraycopy(buf, 0, out, outOff, len);
-
-        Arrays.clear(buf);
-
-        return len;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/kdf/package.html b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/kdf/package.html
deleted file mode 100644
index a00160f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/kdf/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes for KDF based key derivation functions.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/package.html b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/package.html
deleted file mode 100644
index 4b49331..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Basic key agreement classes.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/srp/SRP6Client.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/srp/SRP6Client.java
deleted file mode 100644
index 43316fc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/srp/SRP6Client.java
+++ /dev/null

@@ -1,164 +0,0 @@
-package org.bouncycastle.crypto.agreement.srp;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.params.SRP6GroupParameters;
-
-/**
- * Implements the client side SRP-6a protocol. Note that this class is stateful, and therefore NOT threadsafe.
- * This implementation of SRP is based on the optimized message sequence put forth by Thomas Wu in the paper
- * "SRP-6: Improvements and Refinements to the Secure Remote Password Protocol, 2002"
- */
-public class SRP6Client
-{
-    protected BigInteger N;
-    protected BigInteger g;
-
-    protected BigInteger a;
-    protected BigInteger A;
-
-    protected BigInteger B;
-
-    protected BigInteger x;
-    protected BigInteger u;
-    protected BigInteger S;
-
-    protected BigInteger M1;
-	protected BigInteger M2;
-	protected BigInteger Key;
-	
-    protected Digest digest;
-    protected SecureRandom random;
-
-    public SRP6Client()
-    {
-    }
-
-    /**
-     * Initialises the client to begin new authentication attempt
-     * @param N The safe prime associated with the client's verifier
-     * @param g The group parameter associated with the client's verifier
-     * @param digest The digest algorithm associated with the client's verifier
-     * @param random For key generation
-     */
-    public void init(BigInteger N, BigInteger g, Digest digest, SecureRandom random)
-    {
-        this.N = N;
-        this.g = g;
-        this.digest = digest;
-        this.random = random;
-    }
-
-    public void init(SRP6GroupParameters group, Digest digest, SecureRandom random)
-    {
-        init(group.getN(), group.getG(), digest, random);
-    }
-
-    /**
-     * Generates client's credentials given the client's salt, identity and password
-     * @param salt The salt used in the client's verifier.
-     * @param identity The user's identity (eg. username)
-     * @param password The user's password
-     * @return Client's public value to send to server
-     */
-    public BigInteger generateClientCredentials(byte[] salt, byte[] identity, byte[] password)
-    {
-        this.x = SRP6Util.calculateX(digest, N, salt, identity, password);
-        this.a = selectPrivateValue();
-        this.A = g.modPow(a, N);
-
-        return A;
-    }
-
-    /**
-     * Generates the secret S given the server's credentials
-     * @param serverB The server's credentials
-     * @return Client's verification message for the server
-     * @throws CryptoException If server's credentials are invalid
-     */
-    public BigInteger calculateSecret(BigInteger serverB) throws CryptoException
-    {
-        this.B = SRP6Util.validatePublicValue(N, serverB);
-        this.u = SRP6Util.calculateU(digest, N, A, B);
-        this.S = calculateS();
-
-        return S;
-    }
-
-    protected BigInteger selectPrivateValue()
-    {
-        return SRP6Util.generatePrivateValue(digest, N, g, random);        
-    }
-
-    private BigInteger calculateS()
-    {
-        BigInteger k = SRP6Util.calculateK(digest, N, g);
-        BigInteger exp = u.multiply(x).add(a);
-        BigInteger tmp = g.modPow(x, N).multiply(k).mod(N);
-        return B.subtract(tmp).mod(N).modPow(exp, N);
-    }
-    
-    /**
-	 * Computes the client evidence message M1 using the previously received values.
-	 * To be called after calculating the secret S.
-	 * @return M1: the client side generated evidence message
-	 * @throws CryptoException
-	 */
-	public BigInteger calculateClientEvidenceMessage() throws CryptoException
-	{
-		// Verify pre-requirements
-		if (this.A == null || this.B == null || this.S == null)
-		{
-			throw new CryptoException("Impossible to compute M1: " +
-					"some data are missing from the previous operations (A,B,S)");
-		}
-		// compute the client evidence message 'M1'
-		this.M1 = SRP6Util.calculateM1(digest, N, A, B, S);  
-		return M1;
-	}
-
-	/** Authenticates the server evidence message M2 received and saves it only if correct.
-	 * @param serverM2 the server side generated evidence message
-	 * @return A boolean indicating if the server message M2 was the expected one.
-	 * @throws CryptoException
-	 */
-	public boolean verifyServerEvidenceMessage(BigInteger serverM2) throws CryptoException
-	{
-		// Verify pre-requirements
-		if (this.A == null || this.M1 == null || this.S == null)
-		{
-			throw new CryptoException("Impossible to compute and verify M2: " +
-					"some data are missing from the previous operations (A,M1,S)");
-		}
-
-		// Compute the own server evidence message 'M2'
-		BigInteger computedM2 = SRP6Util.calculateM2(digest, N, A, M1, S);
-		if (computedM2.equals(serverM2))
-		{
-			this.M2 = serverM2;
-			return true;
-		}
-		return false;
-	}
-
-	/**
-	 * Computes the final session key as a result of the SRP successful mutual authentication
-	 * To be called after verifying the server evidence message M2.
-	 * @return Key: the mutually authenticated symmetric session key
-	 * @throws CryptoException
-	 */
-	public BigInteger calculateSessionKey() throws CryptoException
-	{
-		// Verify pre-requirements (here we enforce a previous calculation of M1 and M2)
-		if (this.S == null || this.M1 == null || this.M2 == null)
-		{
-			throw new CryptoException("Impossible to compute Key: " +
-					"some data are missing from the previous operations (S,M1,M2)");
-		}
-		this.Key = SRP6Util.calculateKey(digest, N, S);
-		return Key;
-	}
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/srp/SRP6Server.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/srp/SRP6Server.java
deleted file mode 100644
index 33333bd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/srp/SRP6Server.java
+++ /dev/null

@@ -1,163 +0,0 @@
-package org.bouncycastle.crypto.agreement.srp;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.params.SRP6GroupParameters;
-
-/**
- * Implements the server side SRP-6a protocol. Note that this class is stateful, and therefore NOT threadsafe.
- * This implementation of SRP is based on the optimized message sequence put forth by Thomas Wu in the paper
- * "SRP-6: Improvements and Refinements to the Secure Remote Password Protocol, 2002"
- */
-public class SRP6Server
-{
-    protected BigInteger N;
-    protected BigInteger g;
-    protected BigInteger v;
-
-    protected SecureRandom random;
-    protected Digest digest;
-
-    protected BigInteger A;
-
-    protected BigInteger b;
-    protected BigInteger B;
-
-    protected BigInteger u;
-    protected BigInteger S;
-    protected BigInteger M1;
-	protected BigInteger M2;
-	protected BigInteger Key;
-	
-    public SRP6Server()
-    {
-    }
-
-    /**
-     * Initialises the server to accept a new client authentication attempt
-     * @param N The safe prime associated with the client's verifier
-     * @param g The group parameter associated with the client's verifier
-     * @param v The client's verifier
-     * @param digest The digest algorithm associated with the client's verifier
-     * @param random For key generation
-     */
-    public void init(BigInteger N, BigInteger g, BigInteger v, Digest digest, SecureRandom random)
-    {
-        this.N = N;
-        this.g = g;
-        this.v = v;
-
-        this.random = random;
-        this.digest = digest;
-    }
-
-    public void init(SRP6GroupParameters group, BigInteger v, Digest digest, SecureRandom random)
-    {
-        init(group.getN(), group.getG(), v, digest, random);
-    }
-
-    /**
-     * Generates the server's credentials that are to be sent to the client.
-     * @return The server's public value to the client
-     */
-    public BigInteger generateServerCredentials()
-    {
-        BigInteger k = SRP6Util.calculateK(digest, N, g);
-        this.b = selectPrivateValue();
-        this.B = k.multiply(v).mod(N).add(g.modPow(b, N)).mod(N);
-
-        return B;
-    }
-
-    /**
-     * Processes the client's credentials. If valid the shared secret is generated and returned.
-     * @param clientA The client's credentials
-     * @return A shared secret BigInteger
-     * @throws CryptoException If client's credentials are invalid
-     */
-    public BigInteger calculateSecret(BigInteger clientA) throws CryptoException
-    {
-        this.A = SRP6Util.validatePublicValue(N, clientA);
-        this.u = SRP6Util.calculateU(digest, N, A, B);
-        this.S = calculateS();
-
-        return S;
-    }
-
-    protected BigInteger selectPrivateValue()
-    {
-        return SRP6Util.generatePrivateValue(digest, N, g, random);        
-    }
-
-    private BigInteger calculateS()
-    {
-        return v.modPow(u, N).multiply(A).mod(N).modPow(b, N);
-    }
-    
-    /** 
-	 * Authenticates the received client evidence message M1 and saves it only if correct.
-	 * To be called after calculating the secret S.
-	 * @param clientM1 the client side generated evidence message
-	 * @return A boolean indicating if the client message M1 was the expected one.
-	 * @throws CryptoException 
-	 */
-	public boolean verifyClientEvidenceMessage(BigInteger clientM1) throws CryptoException
-	{
-		// Verify pre-requirements
-		if (this.A == null || this.B == null || this.S == null)
-		{
-			throw new CryptoException("Impossible to compute and verify M1: " +
-					"some data are missing from the previous operations (A,B,S)");
-		}
-
-		// Compute the own client evidence message 'M1'
-		BigInteger computedM1 = SRP6Util.calculateM1(digest, N, A, B, S);
-		if (computedM1.equals(clientM1))
-		{
-			this.M1 = clientM1;
-			return true;
-		}
-		return false;
-	}
-	
-	/**
-	 * Computes the server evidence message M2 using the previously verified values.
-	 * To be called after successfully verifying the client evidence message M1.
-	 * @return M2: the server side generated evidence message
-	 * @throws CryptoException
-	 */
-	public BigInteger calculateServerEvidenceMessage() throws CryptoException
-	{
-		// Verify pre-requirements
-		if (this.A == null || this.M1 == null || this.S == null)
-		{
-			throw new CryptoException("Impossible to compute M2: " +
-					"some data are missing from the previous operations (A,M1,S)");
-		}
-
-		// Compute the server evidence message 'M2'
-		this.M2 = SRP6Util.calculateM2(digest, N, A, M1, S);  
-		return M2;
-	}
-	
-	/**
-	 * Computes the final session key as a result of the SRP successful mutual authentication
-	 * To be called after calculating the server evidence message M2.
-	 * @return Key: the mutual authenticated symmetric session key
-	 * @throws CryptoException
-	 */
-	public BigInteger calculateSessionKey() throws CryptoException
-	{
-		// Verify pre-requirements
-		if (this.S == null || this.M1 == null || this.M2 == null)
-		{
-			throw new CryptoException("Impossible to compute Key: " +
-					"some data are missing from the previous operations (S,M1,M2)");
-		}
-		this.Key = SRP6Util.calculateKey(digest, N, S);
-		return Key;
-	}
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/srp/SRP6StandardGroups.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/srp/SRP6StandardGroups.java
deleted file mode 100644
index cc8b356..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/srp/SRP6StandardGroups.java
+++ /dev/null

@@ -1,157 +0,0 @@
-package org.bouncycastle.crypto.agreement.srp;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.params.SRP6GroupParameters;
-import org.bouncycastle.util.encoders.Hex;
-
-public class SRP6StandardGroups
-{
-    private static BigInteger fromHex(String hex)
-    {
-        return new BigInteger(1, Hex.decode(hex));
-    }
-
-    private static SRP6GroupParameters fromNG(String hexN, String hexG)
-    {
-        return new SRP6GroupParameters(fromHex(hexN), fromHex(hexG));
-    }
-
-    /*
-     * RFC 5054
-     */
-    private static final String rfc5054_1024_N = "EEAF0AB9ADB38DD69C33F80AFA8FC5E86072618775FF3C0B9EA2314C"
-        + "9C256576D674DF7496EA81D3383B4813D692C6E0E0D5D8E250B98BE4"
-        + "8E495C1D6089DAD15DC7D7B46154D6B6CE8EF4AD69B15D4982559B29"
-        + "7BCF1885C529F566660E57EC68EDBC3C05726CC02FD4CBF4976EAA9A" + "FD5138FE8376435B9FC61D2FC0EB06E3";
-    private static final String rfc5054_1024_g = "02";
-    public static final SRP6GroupParameters rfc5054_1024 = fromNG(rfc5054_1024_N, rfc5054_1024_g);
-
-    private static final String rfc5054_1536_N = "9DEF3CAFB939277AB1F12A8617A47BBBDBA51DF499AC4C80BEEEA961"
-        + "4B19CC4D5F4F5F556E27CBDE51C6A94BE4607A291558903BA0D0F843"
-        + "80B655BB9A22E8DCDF028A7CEC67F0D08134B1C8B97989149B609E0B"
-        + "E3BAB63D47548381DBC5B1FC764E3F4B53DD9DA1158BFD3E2B9C8CF5"
-        + "6EDF019539349627DB2FD53D24B7C48665772E437D6C7F8CE442734A"
-        + "F7CCB7AE837C264AE3A9BEB87F8A2FE9B8B5292E5A021FFF5E91479E"
-        + "8CE7A28C2442C6F315180F93499A234DCF76E3FED135F9BB";
-    private static final String rfc5054_1536_g = "02";
-    public static final SRP6GroupParameters rfc5054_1536 = fromNG(rfc5054_1536_N, rfc5054_1536_g);
-
-    private static final String rfc5054_2048_N = "AC6BDB41324A9A9BF166DE5E1389582FAF72B6651987EE07FC319294"
-        + "3DB56050A37329CBB4A099ED8193E0757767A13DD52312AB4B03310D"
-        + "CD7F48A9DA04FD50E8083969EDB767B0CF6095179A163AB3661A05FB"
-        + "D5FAAAE82918A9962F0B93B855F97993EC975EEAA80D740ADBF4FF74"
-        + "7359D041D5C33EA71D281E446B14773BCA97B43A23FB801676BD207A"
-        + "436C6481F1D2B9078717461A5B9D32E688F87748544523B524B0D57D"
-        + "5EA77A2775D2ECFA032CFBDBF52FB3786160279004E57AE6AF874E73"
-        + "03CE53299CCC041C7BC308D82A5698F3A8D0C38271AE35F8E9DBFBB6"
-        + "94B5C803D89F7AE435DE236D525F54759B65E372FCD68EF20FA7111F" + "9E4AFF73";
-    private static final String rfc5054_2048_g = "02";
-    public static final SRP6GroupParameters rfc5054_2048 = fromNG(rfc5054_2048_N, rfc5054_2048_g);
-
-    private static final String rfc5054_3072_N = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08"
-        + "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B"
-        + "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9"
-        + "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6"
-        + "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8"
-        + "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D"
-        + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C"
-        + "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718"
-        + "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D"
-        + "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D"
-        + "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226"
-        + "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
-        + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC" + "E0FD108E4B82D120A93AD2CAFFFFFFFFFFFFFFFF";
-    private static final String rfc5054_3072_g = "05";
-    public static final SRP6GroupParameters rfc5054_3072 = fromNG(rfc5054_3072_N, rfc5054_3072_g);
-
-    private static final String rfc5054_4096_N = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08"
-        + "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B"
-        + "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9"
-        + "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6"
-        + "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8"
-        + "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D"
-        + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C"
-        + "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718"
-        + "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D"
-        + "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D"
-        + "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226"
-        + "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
-        + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC"
-        + "E0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B26"
-        + "99C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB"
-        + "04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2"
-        + "233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127"
-        + "D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934063199" + "FFFFFFFFFFFFFFFF";
-    private static final String rfc5054_4096_g = "05";
-    public static final SRP6GroupParameters rfc5054_4096 = fromNG(rfc5054_4096_N, rfc5054_4096_g);
-
-    private static final String rfc5054_6144_N = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08"
-        + "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B"
-        + "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9"
-        + "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6"
-        + "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8"
-        + "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D"
-        + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C"
-        + "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718"
-        + "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D"
-        + "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D"
-        + "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226"
-        + "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
-        + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC"
-        + "E0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B26"
-        + "99C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB"
-        + "04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2"
-        + "233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127"
-        + "D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492"
-        + "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406"
-        + "AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918"
-        + "DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B33205151"
-        + "2BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03"
-        + "F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97F"
-        + "BEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA"
-        + "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58B"
-        + "B7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632"
-        + "387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E" + "6DCC4024FFFFFFFFFFFFFFFF";
-    private static final String rfc5054_6144_g = "05";
-    public static final SRP6GroupParameters rfc5054_6144 = fromNG(rfc5054_6144_N, rfc5054_6144_g);
-
-    private static final String rfc5054_8192_N = "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD129024E08"
-        + "8A67CC74020BBEA63B139B22514A08798E3404DDEF9519B3CD3A431B"
-        + "302B0A6DF25F14374FE1356D6D51C245E485B576625E7EC6F44C42E9"
-        + "A637ED6B0BFF5CB6F406B7EDEE386BFB5A899FA5AE9F24117C4B1FE6"
-        + "49286651ECE45B3DC2007CB8A163BF0598DA48361C55D39A69163FA8"
-        + "FD24CF5F83655D23DCA3AD961C62F356208552BB9ED529077096966D"
-        + "670C354E4ABC9804F1746C08CA18217C32905E462E36CE3BE39E772C"
-        + "180E86039B2783A2EC07A28FB5C55DF06F4C52C9DE2BCBF695581718"
-        + "3995497CEA956AE515D2261898FA051015728E5A8AAAC42DAD33170D"
-        + "04507A33A85521ABDF1CBA64ECFB850458DBEF0A8AEA71575D060C7D"
-        + "B3970F85A6E1E4C7ABF5AE8CDB0933D71E8C94E04A25619DCEE3D226"
-        + "1AD2EE6BF12FFA06D98A0864D87602733EC86A64521F2B18177B200C"
-        + "BBE117577A615D6C770988C0BAD946E208E24FA074E5AB3143DB5BFC"
-        + "E0FD108E4B82D120A92108011A723C12A787E6D788719A10BDBA5B26"
-        + "99C327186AF4E23C1A946834B6150BDA2583E9CA2AD44CE8DBBBC2DB"
-        + "04DE8EF92E8EFC141FBECAA6287C59474E6BC05D99B2964FA090C3A2"
-        + "233BA186515BE7ED1F612970CEE2D7AFB81BDD762170481CD0069127"
-        + "D5B05AA993B4EA988D8FDDC186FFB7DC90A6C08F4DF435C934028492"
-        + "36C3FAB4D27C7026C1D4DCB2602646DEC9751E763DBA37BDF8FF9406"
-        + "AD9E530EE5DB382F413001AEB06A53ED9027D831179727B0865A8918"
-        + "DA3EDBEBCF9B14ED44CE6CBACED4BB1BDB7F1447E6CC254B33205151"
-        + "2BD7AF426FB8F401378CD2BF5983CA01C64B92ECF032EA15D1721D03"
-        + "F482D7CE6E74FEF6D55E702F46980C82B5A84031900B1C9E59E7C97F"
-        + "BEC7E8F323A97A7E36CC88BE0F1D45B7FF585AC54BD407B22B4154AA"
-        + "CC8F6D7EBF48E1D814CC5ED20F8037E0A79715EEF29BE32806A1D58B"
-        + "B7C5DA76F550AA3D8A1FBFF0EB19CCB1A313D55CDA56C9EC2EF29632"
-        + "387FE8D76E3C0468043E8F663F4860EE12BF2D5B0B7474D6E694F91E"
-        + "6DBE115974A3926F12FEE5E438777CB6A932DF8CD8BEC4D073B931BA"
-        + "3BC832B68D9DD300741FA7BF8AFC47ED2576F6936BA424663AAB639C"
-        + "5AE4F5683423B4742BF1C978238F16CBE39D652DE3FDB8BEFC848AD9"
-        + "22222E04A4037C0713EB57A81A23F0C73473FC646CEA306B4BCBC886"
-        + "2F8385DDFA9D4B7FA2C087E879683303ED5BDD3A062B3CF5B3A278A6"
-        + "6D2A13F83F44F82DDF310EE074AB6A364597E899A0255DC164F31CC5"
-        + "0846851DF9AB48195DED7EA1B1D510BD7EE74D73FAF36BC31ECFA268"
-        + "359046F4EB879F924009438B481C6CD7889A002ED5EE382BC9190DA6"
-        + "FC026E479558E4475677E9AA9E3050E2765694DFC81F56E880B96E71" + "60C980DD98EDD3DFFFFFFFFFFFFFFFFF";
-    private static final String rfc5054_8192_g = "13";
-    public static final SRP6GroupParameters rfc5054_8192 = fromNG(rfc5054_8192_N, rfc5054_8192_g);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/srp/SRP6Util.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/srp/SRP6Util.java
deleted file mode 100644
index 324c1a9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/srp/SRP6Util.java
+++ /dev/null

@@ -1,155 +0,0 @@
-package org.bouncycastle.crypto.agreement.srp;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.util.BigIntegers;
-
-public class SRP6Util
-{
-    private static BigInteger ZERO = BigInteger.valueOf(0);
-    private static BigInteger ONE = BigInteger.valueOf(1);
-
-    public static BigInteger calculateK(Digest digest, BigInteger N, BigInteger g)
-    {
-        return hashPaddedPair(digest, N, N, g);
-    }
-
-    public static BigInteger calculateU(Digest digest, BigInteger N, BigInteger A, BigInteger B)
-    {
-        return hashPaddedPair(digest, N, A, B);
-    }
-
-    public static BigInteger calculateX(Digest digest, BigInteger N, byte[] salt, byte[] identity, byte[] password)
-    {
-        byte[] output = new byte[digest.getDigestSize()];
-
-        digest.update(identity, 0, identity.length);
-        digest.update((byte)':');
-        digest.update(password, 0, password.length);
-        digest.doFinal(output, 0);
-
-        digest.update(salt, 0, salt.length);
-        digest.update(output, 0, output.length);
-        digest.doFinal(output, 0);
-
-        return new BigInteger(1, output);
-    }
-
-    public static BigInteger generatePrivateValue(Digest digest, BigInteger N, BigInteger g, SecureRandom random)
-    {
-        int minBits = Math.min(256, N.bitLength() / 2);
-        BigInteger min = ONE.shiftLeft(minBits - 1);
-        BigInteger max = N.subtract(ONE);
-
-        return BigIntegers.createRandomInRange(min, max, random);
-    }
-
-    public static BigInteger validatePublicValue(BigInteger N, BigInteger val)
-        throws CryptoException
-    {
-        val = val.mod(N);
-
-        // Check that val % N != 0
-        if (val.equals(ZERO))
-        {
-            throw new CryptoException("Invalid public value: 0");
-        }
-
-        return val;
-    }
-
-    /** 
-	 * Computes the client evidence message (M1) according to the standard routine:
-	 * M1 = H( A | B | S )
-	 * @param digest The Digest used as the hashing function H
-	 * @param N Modulus used to get the pad length
-	 * @param A The public client value
-	 * @param B The public server value
-	 * @param S The secret calculated by both sides
-	 * @return M1 The calculated client evidence message
-	 */
-	public static BigInteger calculateM1(Digest digest, BigInteger N, BigInteger A, BigInteger B, BigInteger S) {
-		BigInteger M1 = hashPaddedTriplet(digest,N,A,B,S);
-		return M1;
-	}
-
-	/** 
-	 * Computes the server evidence message (M2) according to the standard routine:
-	 * M2 = H( A | M1 | S )
-	 * @param digest The Digest used as the hashing function H
-	 * @param N Modulus used to get the pad length
-	 * @param A The public client value
-	 * @param M1 The client evidence message
-	 * @param S The secret calculated by both sides
-	 * @return M2 The calculated server evidence message
-	 */
-	public static BigInteger calculateM2(Digest digest, BigInteger N, BigInteger A, BigInteger M1, BigInteger S){
-		BigInteger M2 = hashPaddedTriplet(digest,N,A,M1,S);
-		return M2;
-	}
-
-	/**
-	 * Computes the final Key according to the standard routine: Key = H(S)
-	 * @param digest The Digest used as the hashing function H
-	 * @param N Modulus used to get the pad length
-	 * @param S The secret calculated by both sides
-	 * @return the final Key value.
-	 */
-	public static BigInteger calculateKey(Digest digest, BigInteger N, BigInteger S) {
-		int padLength = (N.bitLength() + 7) / 8;
-		byte[] _S = getPadded(S,padLength);
-		digest.update(_S, 0, _S.length);
-		
-		byte[] output = new byte[digest.getDigestSize()];
-        digest.doFinal(output, 0);
-        return new BigInteger(1, output);
-	}
-
-	private static BigInteger hashPaddedTriplet(Digest digest, BigInteger N, BigInteger n1, BigInteger n2, BigInteger n3){
-        int padLength = (N.bitLength() + 7) / 8;
-
-        byte[] n1_bytes = getPadded(n1, padLength);
-        byte[] n2_bytes = getPadded(n2, padLength);
-        byte[] n3_bytes = getPadded(n3, padLength);
-
-        digest.update(n1_bytes, 0, n1_bytes.length);
-        digest.update(n2_bytes, 0, n2_bytes.length);
-        digest.update(n3_bytes, 0, n3_bytes.length);
-
-        byte[] output = new byte[digest.getDigestSize()];
-        digest.doFinal(output, 0);
-
-        return new BigInteger(1, output);
-    }
-
-    private static BigInteger hashPaddedPair(Digest digest, BigInteger N, BigInteger n1, BigInteger n2)
-    {
-        int padLength = (N.bitLength() + 7) / 8;
-
-        byte[] n1_bytes = getPadded(n1, padLength);
-        byte[] n2_bytes = getPadded(n2, padLength);
-
-        digest.update(n1_bytes, 0, n1_bytes.length);
-        digest.update(n2_bytes, 0, n2_bytes.length);
-
-        byte[] output = new byte[digest.getDigestSize()];
-        digest.doFinal(output, 0);
-
-        return new BigInteger(1, output);
-    }
-
-    private static byte[] getPadded(BigInteger n, int length)
-    {
-        byte[] bs = BigIntegers.asUnsignedByteArray(n);
-        if (bs.length < length)
-        {
-            byte[] tmp = new byte[length];
-            System.arraycopy(bs, 0, tmp, length - bs.length, bs.length);
-            bs = tmp;
-        }
-        return bs;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/srp/SRP6VerifierGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/srp/SRP6VerifierGenerator.java
deleted file mode 100644
index e0ae200..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/srp/SRP6VerifierGenerator.java
+++ /dev/null

@@ -1,55 +0,0 @@
-package org.bouncycastle.crypto.agreement.srp;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.params.SRP6GroupParameters;
-
-/**
- * Generates new SRP verifier for user
- */
-public class SRP6VerifierGenerator
-{
-    protected BigInteger N;
-    protected BigInteger g;
-    protected Digest digest;
-
-    public SRP6VerifierGenerator()
-    {
-    }
-
-    /**
-     * Initialises generator to create new verifiers
-     * @param N The safe prime to use (see DHParametersGenerator)
-     * @param g The group parameter to use (see DHParametersGenerator)
-     * @param digest The digest to use. The same digest type will need to be used later for the actual authentication
-     * attempt. Also note that the final session key size is dependent on the chosen digest.
-     */
-    public void init(BigInteger N, BigInteger g, Digest digest)
-    {
-        this.N = N;
-        this.g = g;
-        this.digest = digest;
-    }
-
-    public void init(SRP6GroupParameters group, Digest digest)
-    {
-        this.N = group.getN();
-        this.g = group.getG();
-        this.digest = digest;
-    }
-
-    /**
-     * Creates a new SRP verifier
-     * @param salt The salt to use, generally should be large and random
-     * @param identity The user's identifying information (eg. username)
-     * @param password The user's password
-     * @return A new verifier for use in future SRP authentication
-     */
-    public BigInteger generateVerifier(byte[] salt, byte[] identity, byte[] password)
-    {
-        BigInteger x = SRP6Util.calculateX(digest, N, salt, identity, password);
-
-        return g.modPow(x, N);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/srp/package.html b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/srp/package.html
deleted file mode 100644
index c125ffe..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/srp/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Support classes for Secure Remote Password (SRP) protocol.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/test/AllTests.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/test/AllTests.java
deleted file mode 100644
index 22c1588..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/test/AllTests.java
+++ /dev/null

@@ -1,45 +0,0 @@
-package org.bouncycastle.crypto.agreement.test;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-
-public class AllTests
-    extends TestCase
-{
-    public static void main(String[] args)
-    {
-        junit.textui.TestRunner.run(suite());
-    }
-
-    public static Test suite()
-    {
-        TestSuite suite = new TestSuite("JPAKE Engine Tests");
-
-        suite.addTestSuite(JPAKEParticipantTest.class);
-        suite.addTestSuite(JPAKEPrimeOrderGroupTest.class);
-        suite.addTestSuite(JPAKEUtilTest.class);
-
-        return new BCTestSetup(suite);
-    }
-
-    static class BCTestSetup
-        extends TestSetup
-    {
-        public BCTestSetup(Test test)
-        {
-            super(test);
-        }
-
-        protected void setUp()
-        {
-
-        }
-
-        protected void tearDown()
-        {
-
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/test/JPAKEParticipantTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/test/JPAKEParticipantTest.java
deleted file mode 100644
index c6ecba2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/test/JPAKEParticipantTest.java
+++ /dev/null

@@ -1,561 +0,0 @@
-package org.bouncycastle.crypto.agreement.test;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import junit.framework.TestCase;
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.agreement.jpake.JPAKEParticipant;
-import org.bouncycastle.crypto.agreement.jpake.JPAKEPrimeOrderGroup;
-import org.bouncycastle.crypto.agreement.jpake.JPAKEPrimeOrderGroups;
-import org.bouncycastle.crypto.agreement.jpake.JPAKERound1Payload;
-import org.bouncycastle.crypto.agreement.jpake.JPAKERound2Payload;
-import org.bouncycastle.crypto.agreement.jpake.JPAKERound3Payload;
-import org.bouncycastle.crypto.agreement.jpake.JPAKEUtil;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-
-public class JPAKEParticipantTest
-    extends TestCase
-{
-
-    public void testConstruction()
-        throws CryptoException
-    {
-        JPAKEPrimeOrderGroup group = JPAKEPrimeOrderGroups.SUN_JCE_1024;
-        SecureRandom random = new SecureRandom();
-        Digest digest = new SHA256Digest();
-        String participantId = "participantId";
-        char[] password = "password".toCharArray();
-
-        // should succeed
-        new JPAKEParticipant(participantId, password, group, digest, random);
-
-        // null participantId
-        try
-        {
-            new JPAKEParticipant(null, password, group, digest, random);
-            fail();
-        }
-        catch (NullPointerException e)
-        {
-            // pass
-        }
-
-        // null password
-        try
-        {
-            new JPAKEParticipant(participantId, null, group, digest, random);
-            fail();
-        }
-        catch (NullPointerException e)
-        {
-            // pass
-        }
-
-        // empty password
-        try
-        {
-            new JPAKEParticipant(participantId, "".toCharArray(), group, digest, random);
-            fail();
-        }
-        catch (IllegalArgumentException e)
-        {
-            // pass
-        }
-
-        // null group
-        try
-        {
-            new JPAKEParticipant(participantId, password, null, digest, random);
-            fail();
-        }
-        catch (NullPointerException e)
-        {
-            // pass
-        }
-
-        // null digest
-        try
-        {
-            new JPAKEParticipant(participantId, password, group, null, random);
-            fail();
-        }
-        catch (NullPointerException e)
-        {
-            // pass
-        }
-
-        // null random
-        try
-        {
-            new JPAKEParticipant(participantId, password, group, digest, null);
-            fail();
-        }
-        catch (NullPointerException e)
-        {
-            // pass
-        }
-    }
-
-    public void testSuccessfulExchange()
-        throws CryptoException
-    {
-
-        JPAKEParticipant alice = createAlice();
-        JPAKEParticipant bob = createBob();
-
-        ExchangeAfterRound2Creation exchange = runExchangeUntilRound2Creation(alice, bob);
-
-        alice.validateRound2PayloadReceived(exchange.bobRound2Payload);
-        bob.validateRound2PayloadReceived(exchange.aliceRound2Payload);
-
-        BigInteger aliceKeyingMaterial = alice.calculateKeyingMaterial();
-        BigInteger bobKeyingMaterial = bob.calculateKeyingMaterial();
-
-        JPAKERound3Payload aliceRound3Payload = alice.createRound3PayloadToSend(aliceKeyingMaterial);
-        JPAKERound3Payload bobRound3Payload = bob.createRound3PayloadToSend(bobKeyingMaterial);
-
-        alice.validateRound3PayloadReceived(bobRound3Payload, aliceKeyingMaterial);
-        bob.validateRound3PayloadReceived(aliceRound3Payload, bobKeyingMaterial);
-
-        assertEquals(aliceKeyingMaterial, bobKeyingMaterial);
-
-    }
-
-    public void testIncorrectPassword()
-        throws CryptoException
-    {
-
-        JPAKEParticipant alice = createAlice();
-        JPAKEParticipant bob = createBobWithWrongPassword();
-
-        ExchangeAfterRound2Creation exchange = runExchangeUntilRound2Creation(alice, bob);
-
-        alice.validateRound2PayloadReceived(exchange.bobRound2Payload);
-        bob.validateRound2PayloadReceived(exchange.aliceRound2Payload);
-
-        BigInteger aliceKeyingMaterial = alice.calculateKeyingMaterial();
-        BigInteger bobKeyingMaterial = bob.calculateKeyingMaterial();
-
-        JPAKERound3Payload aliceRound3Payload = alice.createRound3PayloadToSend(aliceKeyingMaterial);
-        JPAKERound3Payload bobRound3Payload = bob.createRound3PayloadToSend(bobKeyingMaterial);
-
-        try
-        {
-            alice.validateRound3PayloadReceived(bobRound3Payload, aliceKeyingMaterial);
-            fail();
-        }
-        catch (CryptoException e)
-        {
-            // pass
-        }
-
-        try
-        {
-            bob.validateRound3PayloadReceived(aliceRound3Payload, bobKeyingMaterial);
-            fail();
-        }
-        catch (CryptoException e)
-        {
-            // pass
-        }
-
-    }
-
-    /**
-     * Tests that {@link JPAKEParticipant} throws appropriate {@link IllegalStateException}s
-     * when the methods are called in the wrong order.
-     */
-    public void testStateValidation()
-        throws CryptoException
-    {
-
-        JPAKEParticipant alice = createAlice();
-        JPAKEParticipant bob = createBob();
-
-        // We're testing alice here. Bob is just used for help.
-
-        // START ROUND 1 CHECKS
-
-        assertEquals(JPAKEParticipant.STATE_INITIALIZED, alice.getState());
-
-        // create round 2 before round 1
-        try
-        {
-            alice.createRound2PayloadToSend();
-            fail();
-        }
-        catch (IllegalStateException e)
-        {
-            // pass
-        }
-
-        JPAKERound1Payload aliceRound1Payload = alice.createRound1PayloadToSend();
-
-        assertEquals(JPAKEParticipant.STATE_ROUND_1_CREATED, alice.getState());
-
-        // create round 1 payload twice
-        try
-        {
-            alice.createRound1PayloadToSend();
-            fail();
-        }
-        catch (IllegalStateException e)
-        {
-            // pass
-        }
-
-        // create round 2 before validating round 1
-        try
-        {
-            alice.createRound2PayloadToSend();
-            fail();
-        }
-        catch (IllegalStateException e)
-        {
-            // pass
-        }
-
-        // validate round 2 before validating round 1
-        try
-        {
-            alice.validateRound2PayloadReceived(null);
-            fail();
-        }
-        catch (IllegalStateException e)
-        {
-            // pass
-        }
-
-        JPAKERound1Payload bobRound1Payload = bob.createRound1PayloadToSend();
-
-        alice.validateRound1PayloadReceived(bobRound1Payload);
-
-        assertEquals(JPAKEParticipant.STATE_ROUND_1_VALIDATED, alice.getState());
-
-        // validate round 1 payload twice
-        try
-        {
-            alice.validateRound1PayloadReceived(bobRound1Payload);
-            fail();
-        }
-        catch (IllegalStateException e)
-        {
-            // pass
-        }
-
-        bob.validateRound1PayloadReceived(aliceRound1Payload);
-
-        // START ROUND 2 CHECKS
-
-        JPAKERound2Payload aliceRound2Payload = alice.createRound2PayloadToSend();
-
-        assertEquals(JPAKEParticipant.STATE_ROUND_2_CREATED, alice.getState());
-
-        // create round 2 payload twice
-        try
-        {
-            alice.createRound2PayloadToSend();
-            fail();
-        }
-        catch (IllegalStateException e)
-        {
-            // pass
-        }
-
-        // create key before validating round 2
-        try
-        {
-            alice.calculateKeyingMaterial();
-            fail();
-        }
-        catch (IllegalStateException e)
-        {
-            // pass
-        }
-
-        // validate round 3 before validating round 2
-        try
-        {
-            alice.validateRound3PayloadReceived(null, null);
-            fail();
-        }
-        catch (IllegalStateException e)
-        {
-            // pass
-        }
-
-        JPAKERound2Payload bobRound2Payload = bob.createRound2PayloadToSend();
-
-        alice.validateRound2PayloadReceived(bobRound2Payload);
-
-        assertEquals(JPAKEParticipant.STATE_ROUND_2_VALIDATED, alice.getState());
-
-        // validate round 2 payload twice
-        try
-        {
-            alice.validateRound2PayloadReceived(bobRound2Payload);
-            fail();
-        }
-        catch (IllegalStateException e)
-        {
-            // pass
-        }
-
-        bob.validateRound2PayloadReceived(aliceRound2Payload);
-
-        // create round 3 before calculating key
-        try
-        {
-            alice.createRound3PayloadToSend(BigInteger.ONE);
-            fail();
-        }
-        catch (IllegalStateException e)
-        {
-            // pass
-        }
-
-        // START KEY CALCULATION CHECKS
-
-        BigInteger aliceKeyingMaterial = alice.calculateKeyingMaterial();
-
-        assertEquals(JPAKEParticipant.STATE_KEY_CALCULATED, alice.getState());
-
-        // calculate key twice
-        try
-        {
-            alice.calculateKeyingMaterial();
-            fail();
-        }
-        catch (IllegalStateException e)
-        {
-            // pass
-        }
-
-        BigInteger bobKeyingMaterial = bob.calculateKeyingMaterial();
-
-        // START ROUND 3 CHECKS
-
-        JPAKERound3Payload aliceRound3Payload = alice.createRound3PayloadToSend(aliceKeyingMaterial);
-
-        assertEquals(JPAKEParticipant.STATE_ROUND_3_CREATED, alice.getState());
-
-        // create round 3 payload twice
-        try
-        {
-            alice.createRound3PayloadToSend(aliceKeyingMaterial);
-            fail();
-        }
-        catch (IllegalStateException e)
-        {
-            // pass
-        }
-
-        JPAKERound3Payload bobRound3Payload = bob.createRound3PayloadToSend(bobKeyingMaterial);
-
-        alice.validateRound3PayloadReceived(bobRound3Payload, aliceKeyingMaterial);
-
-        assertEquals(JPAKEParticipant.STATE_ROUND_3_VALIDATED, alice.getState());
-
-        // validate round 3 payload twice
-        try
-        {
-            alice.validateRound3PayloadReceived(bobRound3Payload, aliceKeyingMaterial);
-            fail();
-        }
-        catch (IllegalStateException e)
-        {
-            // pass
-        }
-
-        bob.validateRound3PayloadReceived(aliceRound3Payload, bobKeyingMaterial);
-
-
-    }
-
-    /**
-     * Tests that {@link JPAKEParticipant#validateRound1PayloadReceived(JPAKERound1Payload)}
-     * calls the appropriate validate methods in {@link JPAKEUtil}.
-     * Note that {@link JPAKEUtilTest} tests the individual validate methods
-     * called by {@link JPAKEParticipant} more extensively.
-     */
-    public void testValidateRound1PayloadReceived()
-        throws CryptoException
-    {
-
-        // We're testing alice here. Bob is just used for help.
-
-        JPAKERound1Payload bobRound1Payload = createBob().createRound1PayloadToSend();
-
-        // should succeed
-        createAlice().validateRound1PayloadReceived(bobRound1Payload);
-
-        // alice verifies alice's payload
-        try
-        {
-            JPAKEParticipant alice = createAlice();
-            alice.validateRound1PayloadReceived(alice.createRound1PayloadToSend());
-            fail();
-        }
-        catch (CryptoException e)
-        {
-            // pass
-        }
-
-        // g^x4 == 1
-        try
-        {
-            createAlice().validateRound1PayloadReceived(new JPAKERound1Payload(
-                bobRound1Payload.getParticipantId(),
-                bobRound1Payload.getGx1(),
-                BigInteger.ONE,
-                bobRound1Payload.getKnowledgeProofForX1(),
-                bobRound1Payload.getKnowledgeProofForX2()));
-            fail();
-        }
-        catch (CryptoException e)
-        {
-            // pass
-        }
-
-        // zero knowledge proof for x3 fails
-        try
-        {
-            JPAKERound1Payload bobRound1Payload2 = createBob().createRound1PayloadToSend();
-            createAlice().validateRound1PayloadReceived(new JPAKERound1Payload(
-                bobRound1Payload.getParticipantId(),
-                bobRound1Payload.getGx1(),
-                bobRound1Payload.getGx2(),
-                bobRound1Payload2.getKnowledgeProofForX1(),
-                bobRound1Payload.getKnowledgeProofForX2()));
-            fail();
-        }
-        catch (CryptoException e)
-        {
-            // pass
-        }
-
-        // zero knowledge proof for x4 fails
-        try
-        {
-            JPAKERound1Payload bobRound1Payload2 = createBob().createRound1PayloadToSend();
-            createAlice().validateRound1PayloadReceived(new JPAKERound1Payload(
-                bobRound1Payload.getParticipantId(),
-                bobRound1Payload.getGx1(),
-                bobRound1Payload.getGx2(),
-                bobRound1Payload.getKnowledgeProofForX1(),
-                bobRound1Payload2.getKnowledgeProofForX2()));
-            fail();
-        }
-        catch (CryptoException e)
-        {
-            // pass
-        }
-
-    }
-
-    /**
-     * Tests that {@link JPAKEParticipant#validateRound2PayloadReceived(JPAKERound2Payload)}
-     * calls the appropriate validate methods in {@link JPAKEUtil}.
-     * Note that {@link JPAKEUtilTest} tests the individual validate methods
-     * called by {@link JPAKEParticipant} more extensively.
-     */
-    public void testValidateRound2PayloadReceived()
-        throws CryptoException
-    {
-
-        // We're testing alice here. Bob is just used for help.
-
-        // should succeed
-        ExchangeAfterRound2Creation exchange1 = runExchangeUntilRound2Creation(createAlice(), createBob());
-        exchange1.alice.validateRound2PayloadReceived(exchange1.bobRound2Payload);
-
-        // alice verifies alice's payload
-        ExchangeAfterRound2Creation exchange2 = runExchangeUntilRound2Creation(createAlice(), createBob());
-        try
-        {
-            exchange2.alice.validateRound2PayloadReceived(exchange2.aliceRound2Payload);
-            fail();
-        }
-        catch (CryptoException e)
-        {
-            // pass
-        }
-
-        // wrong z
-        ExchangeAfterRound2Creation exchange3 = runExchangeUntilRound2Creation(createAlice(), createBob());
-        ExchangeAfterRound2Creation exchange4 = runExchangeUntilRound2Creation(createAlice(), createBob());
-        try
-        {
-            exchange3.alice.validateRound2PayloadReceived(exchange4.bobRound2Payload);
-            fail();
-        }
-        catch (CryptoException e)
-        {
-            // pass
-        }
-
-    }
-
-    private static class ExchangeAfterRound2Creation
-    {
-
-        public JPAKEParticipant alice;
-        public JPAKERound2Payload aliceRound2Payload;
-        public JPAKERound2Payload bobRound2Payload;
-
-        public ExchangeAfterRound2Creation(
-            JPAKEParticipant alice,
-            JPAKERound2Payload aliceRound2Payload,
-            JPAKERound2Payload bobRound2Payload)
-        {
-            this.alice = alice;
-            this.aliceRound2Payload = aliceRound2Payload;
-            this.bobRound2Payload = bobRound2Payload;
-        }
-
-    }
-
-    private ExchangeAfterRound2Creation runExchangeUntilRound2Creation(JPAKEParticipant alice, JPAKEParticipant bob)
-        throws CryptoException
-    {
-        JPAKERound1Payload aliceRound1Payload = alice.createRound1PayloadToSend();
-        JPAKERound1Payload bobRound1Payload = bob.createRound1PayloadToSend();
-
-        alice.validateRound1PayloadReceived(bobRound1Payload);
-        bob.validateRound1PayloadReceived(aliceRound1Payload);
-
-        JPAKERound2Payload aliceRound2Payload = alice.createRound2PayloadToSend();
-        JPAKERound2Payload bobRound2Payload = bob.createRound2PayloadToSend();
-
-        return new ExchangeAfterRound2Creation(
-            alice,
-            aliceRound2Payload,
-            bobRound2Payload);
-    }
-
-    private JPAKEParticipant createAlice()
-    {
-        return createParticipant("alice", "password");
-    }
-
-    private JPAKEParticipant createBob()
-    {
-        return createParticipant("bob", "password");
-    }
-
-    private JPAKEParticipant createBobWithWrongPassword()
-    {
-        return createParticipant("bob", "wrong");
-    }
-
-    private JPAKEParticipant createParticipant(String participantId, String password)
-    {
-        return new JPAKEParticipant(
-            participantId,
-            password.toCharArray(),
-            JPAKEPrimeOrderGroups.SUN_JCE_1024);
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/test/JPAKEPrimeOrderGroupTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/test/JPAKEPrimeOrderGroupTest.java
deleted file mode 100644
index 7d22f16..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/test/JPAKEPrimeOrderGroupTest.java
+++ /dev/null

@@ -1,85 +0,0 @@
-package org.bouncycastle.crypto.agreement.test;
-
-import java.math.BigInteger;
-
-import junit.framework.TestCase;
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.agreement.jpake.JPAKEPrimeOrderGroup;
-
-public class JPAKEPrimeOrderGroupTest
-    extends TestCase
-{
-
-    public void testConstruction()
-        throws CryptoException
-    {
-        // p-1 not evenly divisible by q
-        try
-        {
-            new JPAKEPrimeOrderGroup(BigInteger.valueOf(7), BigInteger.valueOf(5), BigInteger.valueOf(6));
-            fail();
-        }
-        catch (IllegalArgumentException e)
-        {
-            // pass
-        }
-
-        // g < 2
-        try
-        {
-            new JPAKEPrimeOrderGroup(BigInteger.valueOf(11), BigInteger.valueOf(5), BigInteger.valueOf(1));
-            fail();
-        }
-        catch (IllegalArgumentException e)
-        {
-            // pass
-        }
-
-        // g > p-1
-        try
-        {
-            new JPAKEPrimeOrderGroup(BigInteger.valueOf(11), BigInteger.valueOf(5), BigInteger.valueOf(11));
-            fail();
-        }
-        catch (IllegalArgumentException e)
-        {
-            // pass
-        }
-
-        // g^q mod p not equal 1
-        try
-        {
-            new JPAKEPrimeOrderGroup(BigInteger.valueOf(11), BigInteger.valueOf(5), BigInteger.valueOf(6));
-            fail();
-        }
-        catch (IllegalArgumentException e)
-        {
-            // pass
-        }
-
-        // p not prime
-        try
-        {
-            new JPAKEPrimeOrderGroup(BigInteger.valueOf(15), BigInteger.valueOf(2), BigInteger.valueOf(4));
-            fail();
-        }
-        catch (IllegalArgumentException e)
-        {
-            // pass
-        }
-
-        // q not prime
-        try
-        {
-            new JPAKEPrimeOrderGroup(BigInteger.valueOf(7), BigInteger.valueOf(6), BigInteger.valueOf(3));
-            fail();
-        }
-        catch (IllegalArgumentException e)
-        {
-            // pass
-        }
-
-        // should succeed
-        new JPAKEPrimeOrderGroup(BigInteger.valueOf(7), BigInteger.valueOf(3), BigInteger.valueOf(4));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/test/JPAKEUtilTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/agreement/test/JPAKEUtilTest.java
deleted file mode 100644
index 20268b8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/agreement/test/JPAKEUtilTest.java
+++ /dev/null

@@ -1,267 +0,0 @@
-package org.bouncycastle.crypto.agreement.test;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import junit.framework.TestCase;
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.agreement.jpake.JPAKEPrimeOrderGroup;
-import org.bouncycastle.crypto.agreement.jpake.JPAKEPrimeOrderGroups;
-import org.bouncycastle.crypto.agreement.jpake.JPAKEUtil;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-
-public class JPAKEUtilTest
-    extends TestCase
-{
-    private static final BigInteger TEN = BigInteger.valueOf(10);
-
-    public void testValidateGx4()
-        throws CryptoException
-    {
-        JPAKEUtil.validateGx4(TEN);
-
-        try
-        {
-            JPAKEUtil.validateGx4(BigInteger.ONE);
-            fail();
-        }
-        catch (CryptoException e)
-        {
-            // pass
-        }
-    }
-
-    public void testValidateGa()
-        throws CryptoException
-    {
-        JPAKEUtil.validateGa(TEN);
-
-        try
-        {
-            JPAKEUtil.validateGa(BigInteger.ONE);
-            fail();
-        }
-        catch (CryptoException e)
-        {
-            // pass
-        }
-    }
-
-    public void testValidateParticipantIdsDiffer()
-        throws CryptoException
-    {
-        JPAKEUtil.validateParticipantIdsDiffer("a", "b");
-        JPAKEUtil.validateParticipantIdsDiffer("a", "A");
-
-        try
-        {
-            JPAKEUtil.validateParticipantIdsDiffer("a", "a");
-            fail();
-        }
-        catch (CryptoException e)
-        {
-            // pass
-        }
-    }
-
-    public void testValidateParticipantIdsEqual()
-        throws CryptoException
-    {
-        JPAKEUtil.validateParticipantIdsEqual("a", "a");
-
-        try
-        {
-            JPAKEUtil.validateParticipantIdsEqual("a", "b");
-            fail();
-        }
-        catch (CryptoException e)
-        {
-            // pass
-        }
-    }
-
-    public void testValidateMacTag()
-        throws CryptoException
-    {
-        JPAKEPrimeOrderGroup pg1 = JPAKEPrimeOrderGroups.SUN_JCE_1024;
-
-        SecureRandom random = new SecureRandom();
-        Digest digest = new SHA256Digest();
-
-        BigInteger x1 = JPAKEUtil.generateX1(pg1.getQ(), random);
-        BigInteger x2 = JPAKEUtil.generateX2(pg1.getQ(), random);
-        BigInteger x3 = JPAKEUtil.generateX1(pg1.getQ(), random);
-        BigInteger x4 = JPAKEUtil.generateX2(pg1.getQ(), random);
-
-        BigInteger gx1 = JPAKEUtil.calculateGx(pg1.getP(), pg1.getG(), x1);
-        BigInteger gx2 = JPAKEUtil.calculateGx(pg1.getP(), pg1.getG(), x2);
-        BigInteger gx3 = JPAKEUtil.calculateGx(pg1.getP(), pg1.getG(), x3);
-        BigInteger gx4 = JPAKEUtil.calculateGx(pg1.getP(), pg1.getG(), x4);
-
-        BigInteger gB = JPAKEUtil.calculateGA(pg1.getP(), gx3, gx1, gx2);
-
-        BigInteger s = JPAKEUtil.calculateS("password".toCharArray());
-
-        BigInteger xs = JPAKEUtil.calculateX2s(pg1.getQ(), x4, s);
-
-        BigInteger B = JPAKEUtil.calculateA(pg1.getP(), pg1.getQ(), gB, xs);
-
-        BigInteger keyingMaterial = JPAKEUtil.calculateKeyingMaterial(pg1.getP(), pg1.getQ(), gx4, x2, s, B);
-
-        BigInteger macTag = JPAKEUtil.calculateMacTag("participantId", "partnerParticipantId", gx1, gx2, gx3, gx4, keyingMaterial, digest);
-
-        // should succed
-        JPAKEUtil.validateMacTag("partnerParticipantId", "participantId", gx3, gx4, gx1, gx2, keyingMaterial, digest, macTag);
-
-        // validating own macTag (as opposed to the other party's mactag)
-        try
-        {
-            JPAKEUtil.validateMacTag("participantId", "partnerParticipantId", gx1, gx2, gx3, gx4, keyingMaterial, digest, macTag);
-            fail();
-        }
-        catch (CryptoException e)
-        {
-            // pass
-        }
-
-        // participant ids switched
-        try
-        {
-            JPAKEUtil.validateMacTag("participantId", "partnerParticipantId", gx3, gx4, gx1, gx2, keyingMaterial, digest, macTag);
-            fail();
-        }
-        catch (CryptoException e)
-        {
-            // pass
-        }
-    }
-
-    public void testValidateNotNull()
-    {
-        JPAKEUtil.validateNotNull("a", "description");
-
-        try
-        {
-            JPAKEUtil.validateNotNull(null, "description");
-            fail();
-        }
-        catch (NullPointerException e)
-        {
-            // pass
-        }
-    }
-
-    public void testValidateZeroKnowledgeProof()
-        throws CryptoException
-    {
-        JPAKEPrimeOrderGroup pg1 = JPAKEPrimeOrderGroups.SUN_JCE_1024;
-
-        SecureRandom random = new SecureRandom();
-        Digest digest1 = new SHA256Digest();
-
-        BigInteger x1 = JPAKEUtil.generateX1(pg1.getQ(), random);
-        BigInteger gx1 = JPAKEUtil.calculateGx(pg1.getP(), pg1.getG(), x1);
-        String participantId1 = "participant1";
-
-        BigInteger[] zkp1 = JPAKEUtil.calculateZeroKnowledgeProof(pg1.getP(), pg1.getQ(), pg1.getG(), gx1, x1, participantId1, digest1, random);
-
-        // should succeed
-        JPAKEUtil.validateZeroKnowledgeProof(pg1.getP(), pg1.getQ(), pg1.getG(), gx1, zkp1, participantId1, digest1);
-
-        // wrong group
-        JPAKEPrimeOrderGroup pg2 = JPAKEPrimeOrderGroups.NIST_3072;
-        try
-        {
-            JPAKEUtil.validateZeroKnowledgeProof(pg2.getP(), pg2.getQ(), pg2.getG(), gx1, zkp1, participantId1, digest1);
-            fail();
-        }
-        catch (CryptoException e)
-        {
-            // pass
-        }
-
-        // wrong digest
-        Digest digest2 = new SHA1Digest();
-        try
-        {
-            JPAKEUtil.validateZeroKnowledgeProof(pg1.getP(), pg1.getQ(), pg1.getG(), gx1, zkp1, participantId1, digest2);
-            fail();
-        }
-        catch (CryptoException e)
-        {
-            // pass
-        }
-
-        // wrong participant
-        String participantId2 = "participant2";
-        try
-        {
-            JPAKEUtil.validateZeroKnowledgeProof(pg1.getP(), pg1.getQ(), pg1.getG(), gx1, zkp1, participantId2, digest1);
-            fail();
-        }
-        catch (CryptoException e)
-        {
-            // pass
-        }
-
-        // wrong gx
-        BigInteger x2 = JPAKEUtil.generateX1(pg1.getQ(), random);
-        BigInteger gx2 = JPAKEUtil.calculateGx(pg1.getP(), pg1.getG(), x2);
-        try
-        {
-            JPAKEUtil.validateZeroKnowledgeProof(pg1.getP(), pg1.getQ(), pg1.getG(), gx2, zkp1, participantId1, digest1);
-            fail();
-        }
-        catch (CryptoException e)
-        {
-            // pass
-        }
-
-        // wrong zkp
-        BigInteger[] zkp2 = JPAKEUtil.calculateZeroKnowledgeProof(pg1.getP(), pg1.getQ(), pg1.getG(), gx2, x2, participantId1, digest1, random);
-        try
-        {
-            JPAKEUtil.validateZeroKnowledgeProof(pg1.getP(), pg1.getQ(), pg1.getG(), gx1, zkp2, participantId1, digest1);
-            fail();
-        }
-        catch (CryptoException e)
-        {
-            // pass
-        }
-
-        // gx <= 0
-        try
-        {
-            JPAKEUtil.validateZeroKnowledgeProof(pg1.getP(), pg1.getQ(), pg1.getG(), BigInteger.ZERO, zkp1, participantId1, digest1);
-            fail();
-        }
-        catch (CryptoException e)
-        {
-            // pass
-        }
-
-        // gx >= p
-        try
-        {
-            JPAKEUtil.validateZeroKnowledgeProof(pg1.getP(), pg1.getQ(), pg1.getG(), pg1.getP(), zkp1, participantId1, digest1);
-            fail();
-        }
-        catch (CryptoException e)
-        {
-            // pass
-        }
-
-        // gx mod q == 1
-        try
-        {
-            JPAKEUtil.validateZeroKnowledgeProof(pg1.getP(), pg1.getQ(), pg1.getG(), pg1.getQ().add(BigInteger.ONE), zkp1, participantId1, digest1);
-            fail();
-        }
-        catch (CryptoException e)
-        {
-            // pass
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/commitments/GeneralHashCommitter.java b/bcprov/src/main/java/org/bouncycastle/crypto/commitments/GeneralHashCommitter.java
deleted file mode 100644
index 3969fe8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/commitments/GeneralHashCommitter.java
+++ /dev/null

@@ -1,93 +0,0 @@
-package org.bouncycastle.crypto.commitments;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.Commitment;
-import org.bouncycastle.crypto.Committer;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.ExtendedDigest;
-import org.bouncycastle.util.Arrays;
-
-/**
- * A basic hash-committer based on the one described in "Making Mix Nets Robust for Electronic Voting by Randomized Partial Checking",
- * by Jakobsson, Juels, and Rivest (11th Usenix Security Symposium, 2002).
- * <p>
- * The algorithm used by this class differs from the one given in that it includes the length of the message in the hash calculation.
- * </p>
- */
-public class GeneralHashCommitter
-    implements Committer
-{
-    private final Digest digest;
-    private final int byteLength;
-    private final SecureRandom random;
-
-    /**
-     * Base Constructor. The maximum message length that can be committed to is half the length of the internal
-     * block size for the digest (ExtendedDigest.getBlockLength()).
-     *
-     * @param digest digest to use for creating commitments.
-     * @param random source of randomness for generating secrets.
-     */
-    public GeneralHashCommitter(ExtendedDigest digest, SecureRandom random)
-    {
-        this.digest = digest;
-        this.byteLength = digest.getByteLength();
-        this.random = random;
-    }
-
-    /**
-     * Generate a commitment for the passed in message.
-     *
-     * @param message the message to be committed to,
-     * @return a Commitment
-     */
-    public Commitment commit(byte[] message)
-    {
-        if (message.length > byteLength / 2)
-        {
-            throw new DataLengthException("Message to be committed to too large for digest.");
-        }
-
-        byte[] w = new byte[byteLength - message.length];
-
-        random.nextBytes(w);
-
-        return new Commitment(w, calculateCommitment(w, message));
-    }
-
-    /**
-     * Return true if the passed in commitment represents a commitment to the passed in message.
-     *
-     * @param commitment a commitment previously generated.
-     * @param message the message that was expected to have been committed to.
-     * @return true if commitment matches message, false otherwise.
-     */
-    public boolean isRevealed(Commitment commitment, byte[] message)
-    {
-        if (message.length + commitment.getSecret().length != byteLength)
-        {
-            throw new DataLengthException("Message and witness secret lengths do not match.");
-        }
-
-        byte[] calcCommitment = calculateCommitment(commitment.getSecret(), message);
-
-        return Arrays.constantTimeAreEqual(commitment.getCommitment(), calcCommitment);
-    }
-
-    private byte[] calculateCommitment(byte[] w, byte[] message)
-    {
-        byte[] commitment = new byte[digest.getDigestSize()];
-
-        digest.update(w, 0, w.length);
-        digest.update(message, 0, message.length);
-
-        digest.update((byte)((message.length >>> 8)));
-        digest.update((byte)(message.length));
-
-        digest.doFinal(commitment, 0);
-
-        return commitment;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/commitments/HashCommitter.java b/bcprov/src/main/java/org/bouncycastle/crypto/commitments/HashCommitter.java
deleted file mode 100644
index b5860b5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/commitments/HashCommitter.java
+++ /dev/null

@@ -1,89 +0,0 @@
-package org.bouncycastle.crypto.commitments;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.Commitment;
-import org.bouncycastle.crypto.Committer;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.ExtendedDigest;
-import org.bouncycastle.util.Arrays;
-
-/**
- * A basic hash-committer as described in "Making Mix Nets Robust for Electronic Voting by Randomized Partial Checking",
- * by Jakobsson, Juels, and Rivest (11th Usenix Security Symposium, 2002).
- * <p>
- * Use this class if you can enforce fixed length for messages. If you need something more general, use the GeneralHashCommitter.
- * </p>
- */
-public class HashCommitter
-    implements Committer
-{
-    private final Digest digest;
-    private final int byteLength;
-    private final SecureRandom random;
-
-    /**
-     * Base Constructor. The maximum message length that can be committed to is half the length of the internal
-     * block size for the digest (ExtendedDigest.getBlockLength()).
-     *
-     * @param digest digest to use for creating commitments.
-     * @param random source of randomness for generating secrets.
-     */
-    public HashCommitter(ExtendedDigest digest, SecureRandom random)
-    {
-        this.digest = digest;
-        this.byteLength = digest.getByteLength();
-        this.random = random;
-    }
-
-    /**
-     * Generate a commitment for the passed in message.
-     *
-     * @param message the message to be committed to,
-     * @return a Commitment
-     */
-    public Commitment commit(byte[] message)
-    {
-        if (message.length > byteLength / 2)
-        {
-            throw new DataLengthException("Message to be committed to too large for digest.");
-        }
-
-        byte[] w = new byte[byteLength - message.length];
-
-        random.nextBytes(w);
-
-        return new Commitment(w, calculateCommitment(w, message));
-    }
-
-    /**
-     * Return true if the passed in commitment represents a commitment to the passed in message.
-     *
-     * @param commitment a commitment previously generated.
-     * @param message the message that was expected to have been committed to.
-     * @return true if commitment matches message, false otherwise.
-     */
-    public boolean isRevealed(Commitment commitment, byte[] message)
-    {
-        if (message.length + commitment.getSecret().length != byteLength)
-        {
-            throw new DataLengthException("Message and witness secret lengths do not match.");
-        }
-
-        byte[] calcCommitment = calculateCommitment(commitment.getSecret(), message);
-
-        return Arrays.constantTimeAreEqual(commitment.getCommitment(), calcCommitment);
-    }
-
-    private byte[] calculateCommitment(byte[] w, byte[] message)
-    {
-        byte[] commitment = new byte[digest.getDigestSize()];
-
-        digest.update(w, 0, w.length);
-        digest.update(message, 0, message.length);
-        digest.doFinal(commitment, 0);
-
-        return commitment;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/commitments/package.html b/bcprov/src/main/java/org/bouncycastle/crypto/commitments/package.html
deleted file mode 100644
index 5bab3fc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/commitments/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Classes for supporting commitment calculation.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/AndroidDigestFactory.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/AndroidDigestFactory.java
new file mode 100644
index 0000000..c8f0775
--- /dev/null
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/digests/AndroidDigestFactory.java

@@ -0,0 +1,109 @@
+/*
+ * Copyright (C) 2012 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.bouncycastle.crypto.digests;
+
+import java.security.Security;
+import java.util.Locale;
+
+import org.bouncycastle.crypto.Digest;
+
+/**
+ * Level of indirection to let us select OpenSSLDigest implementations
+ * for libcore but fallback to BouncyCastle ones on the RI.
+ */
+public final class AndroidDigestFactory {
+    private static final AndroidDigestFactoryInterface CONSCRYPT;
+    private static final AndroidDigestFactoryInterface BC;
+
+    static {
+        BC = new AndroidDigestFactoryBouncyCastle();
+        if (Security.getProvider("AndroidOpenSSL") != null) {
+            CONSCRYPT = new AndroidDigestFactoryOpenSSL();
+        } else {
+            if (System.getProperty("java.vendor", "").toLowerCase(Locale.US).contains("android")) {
+                throw new AssertionError("Provider AndroidOpenSSL must exist");
+            }
+            CONSCRYPT = null;
+        }
+    }
+
+    public static Digest getMD5() {
+        if (CONSCRYPT != null) {
+            try {
+                return CONSCRYPT.getMD5();
+            } catch (Exception ignored) {
+            }
+        }
+
+        return BC.getMD5();
+    }
+
+    public static Digest getSHA1() {
+        if (CONSCRYPT != null) {
+            try {
+                return CONSCRYPT.getSHA1();
+            } catch (Exception ignored) {
+            }
+        }
+
+        return BC.getSHA1();
+    }
+
+    public static Digest getSHA224() {
+        if (CONSCRYPT != null) {
+            try {
+                return CONSCRYPT.getSHA224();
+            } catch (Exception ignored) {
+            }
+        }
+
+        return BC.getSHA224();
+    }
+
+    public static Digest getSHA256() {
+        if (CONSCRYPT != null) {
+            try {
+                return CONSCRYPT.getSHA256();
+            } catch (Exception ignored) {
+            }
+        }
+
+        return BC.getSHA256();
+    }
+
+    public static Digest getSHA384() {
+        if (CONSCRYPT != null) {
+            try {
+                return CONSCRYPT.getSHA384();
+            } catch (Exception ignored) {
+            }
+        }
+
+        return BC.getSHA384();
+    }
+
+    public static Digest getSHA512() {
+        if (CONSCRYPT != null) {
+            try {
+                return CONSCRYPT.getSHA512();
+            } catch (Exception ignored) {
+            }
+        }
+
+        return BC.getSHA512();
+    }
+}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java
new file mode 100644
index 0000000..5868046
--- /dev/null
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java

@@ -0,0 +1,40 @@
+/*
+ * Copyright (C) 2012 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.bouncycastle.crypto.digests;
+
+import org.bouncycastle.crypto.Digest;
+
+public class AndroidDigestFactoryBouncyCastle implements AndroidDigestFactoryInterface {
+    public Digest getMD5() {
+        return new MD5Digest();
+    }
+    public Digest getSHA1() {
+        return new SHA1Digest();
+    }
+    public Digest getSHA224() {
+        return new SHA224Digest();
+    }
+    public Digest getSHA256() {
+        return new SHA256Digest();
+    }
+    public Digest getSHA384() {
+        return new SHA384Digest();
+    }
+    public Digest getSHA512() {
+        return new SHA512Digest();
+    }
+}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java
new file mode 100644
index 0000000..9ac224e
--- /dev/null
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java

@@ -0,0 +1,28 @@
+/*
+ * Copyright (C) 2012 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.bouncycastle.crypto.digests;
+
+import org.bouncycastle.crypto.Digest;
+
+interface AndroidDigestFactoryInterface {
+    public Digest getMD5();
+    public Digest getSHA1();
+    public Digest getSHA224();
+    public Digest getSHA256();
+    public Digest getSHA384();
+    public Digest getSHA512();
+}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java
new file mode 100644
index 0000000..908f485
--- /dev/null
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java

@@ -0,0 +1,40 @@
+/*
+ * Copyright (C) 2012 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.bouncycastle.crypto.digests;
+
+import org.bouncycastle.crypto.Digest;
+
+public class AndroidDigestFactoryOpenSSL implements AndroidDigestFactoryInterface {
+    public Digest getMD5() {
+        return new OpenSSLDigest.MD5();
+    }
+    public Digest getSHA1() {
+        return new OpenSSLDigest.SHA1();
+    }
+    public Digest getSHA224() {
+        return new OpenSSLDigest.SHA224();
+    }
+    public Digest getSHA256() {
+        return new OpenSSLDigest.SHA256();
+    }
+    public Digest getSHA384() {
+        return new OpenSSLDigest.SHA384();
+    }
+    public Digest getSHA512() {
+        return new OpenSSLDigest.SHA512();
+    }
+}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/Blake2bDigest.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/Blake2bDigest.java
deleted file mode 100644
index 5e8af99..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/digests/Blake2bDigest.java
+++ /dev/null

@@ -1,554 +0,0 @@
-package org.bouncycastle.crypto.digests;
-
-
-/*  The BLAKE2 cryptographic hash function was designed by Jean-
- Philippe Aumasson, Samuel Neves, Zooko Wilcox-O'Hearn, and Christian
- Winnerlein.
-   
- Reference Implementation and Description can be found at: https://blake2.net/      
- Internet Draft: https://tools.ietf.org/html/draft-saarinen-blake2-02
-
- This implementation does not support the Tree Hashing Mode. 
- 
-   For unkeyed hashing, developers adapting BLAKE2 to ASN.1 - based
-   message formats SHOULD use the OID tree at x = 1.3.6.1.4.1.1722.12.2.
-
-         Algorithm     | Target | Collision | Hash | Hash ASN.1 |
-            Identifier |  Arch  |  Security |  nn  | OID Suffix |
-        ---------------+--------+-----------+------+------------+
-         id-blake2b160 | 64-bit |   2**80   |  20  |   x.1.20   |
-         id-blake2b256 | 64-bit |   2**128  |  32  |   x.1.32   |
-         id-blake2b384 | 64-bit |   2**192  |  48  |   x.1.48   |
-         id-blake2b512 | 64-bit |   2**256  |  64  |   x.1.64   |
-        ---------------+--------+-----------+------+------------+
- */
-
-import org.bouncycastle.crypto.ExtendedDigest;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Pack;
-
-
-/**
- * Implementation of the cryptographic hash function Blakbe2b.
- * <p>
- * Blake2b offers a built-in keying mechanism to be used directly
- * for authentication ("Prefix-MAC") rather than a HMAC construction.
- * <p>
- * Blake2b offers a built-in support for a salt for randomized hashing
- * and a personal string for defining a unique hash function for each application.
- * <p>
- * BLAKE2b is optimized for 64-bit platforms and produces digests of any size
- * between 1 and 64 bytes.
- */
-public class Blake2bDigest
-    implements ExtendedDigest
-{
-    // Blake2b Initialization Vector:
-    private final static long[] blake2b_IV =
-        // Produced from the square root of primes 2, 3, 5, 7, 11, 13, 17, 19.
-        // The same as SHA-512 IV.
-        {
-            0x6a09e667f3bcc908L, 0xbb67ae8584caa73bL, 0x3c6ef372fe94f82bL,
-            0xa54ff53a5f1d36f1L, 0x510e527fade682d1L, 0x9b05688c2b3e6c1fL,
-            0x1f83d9abfb41bd6bL, 0x5be0cd19137e2179L
-        };
-
-    // Message word permutations:
-    private final static byte[][] blake2b_sigma =
-        {
-            {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15},
-            {14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3},
-            {11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4},
-            {7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8},
-            {9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13},
-            {2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9},
-            {12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11},
-            {13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10},
-            {6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5},
-            {10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0},
-            {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15},
-            {14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3}
-        };
-
-    private static int ROUNDS = 12; // to use for Catenas H'
-    private final static int BLOCK_LENGTH_BYTES = 128;// bytes
-
-    // General parameters:
-    private int digestLength = 64; // 1- 64 bytes
-    private int keyLength = 0; // 0 - 64 bytes for keyed hashing for MAC
-    private byte[] salt = null;// new byte[16];
-    private byte[] personalization = null;// new byte[16];
-
-    // the key
-    private byte[] key = null;
-
-    // Tree hashing parameters:
-    // Because this class does not implement the Tree Hashing Mode,
-    // these parameters can be treated as constants (see init() function)
-	/*
-	 * private int fanout = 1; // 0-255 private int depth = 1; // 1 - 255
-	 * private int leafLength= 0; private long nodeOffset = 0L; private int
-	 * nodeDepth = 0; private int innerHashLength = 0;
-	 */
-
-    // whenever this buffer overflows, it will be processed
-    // in the compress() function.
-    // For performance issues, long messages will not use this buffer.
-    private byte[] buffer = null;// new byte[BLOCK_LENGTH_BYTES];
-    // Position of last inserted byte:
-    private int bufferPos = 0;// a value from 0 up to 128
-
-    private long[] internalState = new long[16]; // In the Blake2b paper it is
-    // called: v
-    private long[] chainValue = null; // state vector, in the Blake2b paper it
-    // is called: h
-
-    private long t0 = 0L; // holds last significant bits, counter (counts bytes)
-    private long t1 = 0L; // counter: Length up to 2^128 are supported
-    private long f0 = 0L; // finalization flag, for last block: ~0L
-
-    // For Tree Hashing Mode, not used here:
-    // private long f1 = 0L; // finalization flag, for last node: ~0L
-
-    public Blake2bDigest()
-    {
-        this(512);
-    }
-
-    public Blake2bDigest(Blake2bDigest digest)
-    {
-        this.bufferPos = digest.bufferPos;
-        this.buffer = Arrays.clone(digest.buffer);
-        this.keyLength = digest.keyLength;
-        this.key = Arrays.clone(digest.key);
-        this.digestLength = digest.digestLength;
-        this.chainValue = Arrays.clone(digest.chainValue);
-        this.personalization = Arrays.clone(digest.personalization);
-        this.salt = Arrays.clone(digest.salt);
-        this.t0 = digest.t0;
-        this.t1 = digest.t1;
-        this.f0 = digest.f0;
-    }
-
-    /**
-     * Basic sized constructor - size in bits.
-     *
-     * @param digestSize size of the digest in bits
-     */
-    public Blake2bDigest(int digestSize)
-    {
-        if (digestSize < 8 || digestSize > 512 || digestSize % 8 != 0)
-        {
-            throw new IllegalArgumentException(
-                "BLAKE2b digest bit length must be a multiple of 8 and not greater than 512");
-        }
-
-        buffer = new byte[BLOCK_LENGTH_BYTES];
-        keyLength = 0;
-        this.digestLength = digestSize / 8;
-        init();
-    }
-
-    /**
-     * Blake2b for authentication ("Prefix-MAC mode").
-     * After calling the doFinal() method, the key will
-     * remain to be used for further computations of
-     * this instance.
-     * The key can be overwritten using the clearKey() method.
-     *
-     * @param key A key up to 64 bytes or null
-     */
-    public Blake2bDigest(byte[] key)
-    {
-        buffer = new byte[BLOCK_LENGTH_BYTES];
-        if (key != null)
-        {
-            this.key = new byte[key.length];
-            System.arraycopy(key, 0, this.key, 0, key.length);
-
-            if (key.length > 64)
-            {
-                throw new IllegalArgumentException(
-                    "Keys > 64 are not supported");
-            }
-            keyLength = key.length;
-            System.arraycopy(key, 0, buffer, 0, key.length);
-            bufferPos = BLOCK_LENGTH_BYTES; // zero padding
-        }
-        digestLength = 64;
-        init();
-    }
-
-    /**
-     * Blake2b with key, required digest length (in bytes), salt and personalization.
-     * After calling the doFinal() method, the key, the salt and the personal string
-     * will remain and might be used for further computations with this instance.
-     * The key can be overwritten using the clearKey() method, the salt (pepper)
-     * can be overwritten using the clearSalt() method.
-     *
-     * @param key             A key up to 64 bytes or null
-     * @param digestLength    from 1 up to 64 bytes
-     * @param salt            16 bytes or null
-     * @param personalization 16 bytes or null
-     */
-    public Blake2bDigest(byte[] key, int digestLength, byte[] salt, byte[] personalization)
-    {
-
-        buffer = new byte[BLOCK_LENGTH_BYTES];
-        if (digestLength < 1 || digestLength > 64)
-        {
-            throw new IllegalArgumentException(
-                "Invalid digest length (required: 1 - 64)");
-        }
-        this.digestLength = digestLength;
-        if (salt != null)
-        {
-            if (salt.length != 16)
-            {
-                throw new IllegalArgumentException(
-                    "salt length must be exactly 16 bytes");
-            }
-            this.salt = new byte[16];
-            System.arraycopy(salt, 0, this.salt, 0, salt.length);
-        }
-        if (personalization != null)
-        {
-            if (personalization.length != 16)
-            {
-                throw new IllegalArgumentException(
-                    "personalization length must be exactly 16 bytes");
-            }
-            this.personalization = new byte[16];
-            System.arraycopy(personalization, 0, this.personalization, 0,
-                personalization.length);
-        }
-        if (key != null)
-        {
-            this.key = new byte[key.length];
-            System.arraycopy(key, 0, this.key, 0, key.length);
-
-            if (key.length > 64)
-            {
-                throw new IllegalArgumentException(
-                    "Keys > 64 are not supported");
-            }
-            keyLength = key.length;
-            System.arraycopy(key, 0, buffer, 0, key.length);
-            bufferPos = BLOCK_LENGTH_BYTES; // zero padding
-        }
-        init();
-    }
-
-    // initialize chainValue
-    private void init()
-    {
-        if (chainValue == null)
-        {
-            chainValue = new long[8];
-
-            chainValue[0] = blake2b_IV[0]
-                ^ (digestLength | (keyLength << 8) | 0x1010000);
-            // 0x1010000 = ((fanout << 16) | (depth << 24) | (leafLength <<
-            // 32));
-            // with fanout = 1; depth = 0; leafLength = 0;
-            chainValue[1] = blake2b_IV[1];// ^ nodeOffset; with nodeOffset = 0;
-            chainValue[2] = blake2b_IV[2];// ^ ( nodeDepth | (innerHashLength <<
-            // 8) );
-            // with nodeDepth = 0; innerHashLength = 0;
-
-            chainValue[3] = blake2b_IV[3];
-
-            chainValue[4] = blake2b_IV[4];
-            chainValue[5] = blake2b_IV[5];
-            if (salt != null)
-            {
-                chainValue[4] ^= Pack.littleEndianToLong(salt, 0);
-                chainValue[5] ^= Pack.littleEndianToLong(salt, 8);
-            }
-
-            chainValue[6] = blake2b_IV[6];
-            chainValue[7] = blake2b_IV[7];
-            if (personalization != null)
-            {
-                chainValue[6] ^= Pack.littleEndianToLong(personalization, 0);
-                chainValue[7] ^= Pack.littleEndianToLong(personalization, 8);
-            }
-        }
-    }
-
-    private void initializeInternalState()
-    {
-        // initialize v:
-        System.arraycopy(chainValue, 0, internalState, 0, chainValue.length);
-        System.arraycopy(blake2b_IV, 0, internalState, chainValue.length, 4);
-        internalState[12] = t0 ^ blake2b_IV[4];
-        internalState[13] = t1 ^ blake2b_IV[5];
-        internalState[14] = f0 ^ blake2b_IV[6];
-        internalState[15] = blake2b_IV[7];// ^ f1 with f1 = 0
-    }
-
-    /**
-     * update the message digest with a single byte.
-     *
-     * @param b the input byte to be entered.
-     */
-    public void update(byte b)
-    {
-        int remainingLength = 0; // left bytes of buffer
-
-        // process the buffer if full else add to buffer:
-        remainingLength = BLOCK_LENGTH_BYTES - bufferPos;
-        if (remainingLength == 0)
-        { // full buffer
-            t0 += BLOCK_LENGTH_BYTES;
-            if (t0 == 0)
-            { // if message > 2^64
-                t1++;
-            }
-            compress(buffer, 0);
-            Arrays.fill(buffer, (byte)0);// clear buffer
-            buffer[0] = b;
-            bufferPos = 1;
-        }
-        else
-        {
-            buffer[bufferPos] = b;
-            bufferPos++;
-            return;
-        }
-    }
-
-    /**
-     * update the message digest with a block of bytes.
-     *
-     * @param message the byte array containing the data.
-     * @param offset  the offset into the byte array where the data starts.
-     * @param len     the length of the data.
-     */
-    public void update(byte[] message, int offset, int len)
-    {
-
-        if (message == null || len == 0)
-        {
-            return;
-        }
-
-        int remainingLength = 0; // left bytes of buffer
-
-        if (bufferPos != 0)
-        { // commenced, incomplete buffer
-
-            // complete the buffer:
-            remainingLength = BLOCK_LENGTH_BYTES - bufferPos;
-            if (remainingLength < len)
-            { // full buffer + at least 1 byte
-                System.arraycopy(message, offset, buffer, bufferPos,
-                    remainingLength);
-                t0 += BLOCK_LENGTH_BYTES;
-                if (t0 == 0)
-                { // if message > 2^64
-                    t1++;
-                }
-                compress(buffer, 0);
-                bufferPos = 0;
-                Arrays.fill(buffer, (byte)0);// clear buffer
-            }
-            else
-            {
-                System.arraycopy(message, offset, buffer, bufferPos, len);
-                bufferPos += len;
-                return;
-            }
-        }
-
-        // process blocks except last block (also if last block is full)
-        int messagePos;
-        int blockWiseLastPos = offset + len - BLOCK_LENGTH_BYTES;
-        for (messagePos = offset + remainingLength; messagePos < blockWiseLastPos; messagePos += BLOCK_LENGTH_BYTES)
-        { // block wise 128 bytes
-            // without buffer:
-            t0 += BLOCK_LENGTH_BYTES;
-            if (t0 == 0)
-            {
-                t1++;
-            }
-            compress(message, messagePos);
-        }
-
-        // fill the buffer with left bytes, this might be a full block
-        System.arraycopy(message, messagePos, buffer, 0, offset + len
-            - messagePos);
-        bufferPos += offset + len - messagePos;
-    }
-
-    /**
-     * close the digest, producing the final digest value. The doFinal
-     * call leaves the digest reset.
-     * Key, salt and personal string remain.
-     *
-     * @param out       the array the digest is to be copied into.
-     * @param outOffset the offset into the out array the digest is to start at.
-     */
-    public int doFinal(byte[] out, int outOffset)
-    {
-
-        f0 = 0xFFFFFFFFFFFFFFFFL;
-        t0 += bufferPos;
-        if (bufferPos > 0 && t0 == 0)
-        {
-            t1++;
-        }
-        compress(buffer, 0);
-        Arrays.fill(buffer, (byte)0);// Holds eventually the key if input is null
-        Arrays.fill(internalState, 0L);
-
-        for (int i = 0; i < chainValue.length && (i * 8 < digestLength); i++)
-        {
-            byte[] bytes = Pack.longToLittleEndian(chainValue[i]);
-
-            if (i * 8 < digestLength - 8)
-            {
-                System.arraycopy(bytes, 0, out, outOffset + i * 8, 8);
-            }
-            else
-            {
-                System.arraycopy(bytes, 0, out, outOffset + i * 8, digestLength - (i * 8));
-            }
-        }
-
-        Arrays.fill(chainValue, 0L);
-
-        reset();
-
-        return digestLength;
-    }
-
-    /**
-     * Reset the digest back to it's initial state.
-     * The key, the salt and the personal string will
-     * remain for further computations.
-     */
-    public void reset()
-    {
-        bufferPos = 0;
-        f0 = 0L;
-        t0 = 0L;
-        t1 = 0L;
-        chainValue = null;
-        Arrays.fill(buffer, (byte)0);
-        if (key != null)
-        {
-            System.arraycopy(key, 0, buffer, 0, key.length);
-            bufferPos = BLOCK_LENGTH_BYTES; // zero padding
-        }
-        init();
-    }
-
-    private void compress(byte[] message, int messagePos)
-    {
-
-        initializeInternalState();
-
-        long[] m = new long[16];
-        for (int j = 0; j < 16; j++)
-        {
-            m[j] = Pack.littleEndianToLong(message, messagePos + j * 8);
-        }
-
-        for (int round = 0; round < ROUNDS; round++)
-        {
-
-            // G apply to columns of internalState:m[blake2b_sigma[round][2 *
-            // blockPos]] /+1
-            G(m[blake2b_sigma[round][0]], m[blake2b_sigma[round][1]], 0, 4, 8, 12);
-            G(m[blake2b_sigma[round][2]], m[blake2b_sigma[round][3]], 1, 5, 9, 13);
-            G(m[blake2b_sigma[round][4]], m[blake2b_sigma[round][5]], 2, 6, 10, 14);
-            G(m[blake2b_sigma[round][6]], m[blake2b_sigma[round][7]], 3, 7, 11, 15);
-            // G apply to diagonals of internalState:
-            G(m[blake2b_sigma[round][8]], m[blake2b_sigma[round][9]], 0, 5, 10, 15);
-            G(m[blake2b_sigma[round][10]], m[blake2b_sigma[round][11]], 1, 6, 11, 12);
-            G(m[blake2b_sigma[round][12]], m[blake2b_sigma[round][13]], 2, 7, 8, 13);
-            G(m[blake2b_sigma[round][14]], m[blake2b_sigma[round][15]], 3, 4, 9, 14);
-        }
-
-        // update chain values:
-        for (int offset = 0; offset < chainValue.length; offset++)
-        {
-            chainValue[offset] = chainValue[offset] ^ internalState[offset] ^ internalState[offset + 8];
-        }
-    }
-
-    private void G(long m1, long m2, int posA, int posB, int posC, int posD)
-    {
-
-        internalState[posA] = internalState[posA] + internalState[posB] + m1;
-        internalState[posD] = rotr64(internalState[posD] ^ internalState[posA], 32);
-        internalState[posC] = internalState[posC] + internalState[posD];
-        internalState[posB] = rotr64(internalState[posB] ^ internalState[posC], 24); // replaces 25 of BLAKE
-        internalState[posA] = internalState[posA] + internalState[posB] + m2;
-        internalState[posD] = rotr64(internalState[posD] ^ internalState[posA], 16);
-        internalState[posC] = internalState[posC] + internalState[posD];
-        internalState[posB] = rotr64(internalState[posB] ^ internalState[posC], 63); // replaces 11 of BLAKE
-    }
-
-    private static long rotr64(long x, int rot)
-    {
-        return x >>> rot | (x << (64 - rot));
-    }
-
-    /**
-     * return the algorithm name
-     *
-     * @return the algorithm name
-     */
-    public String getAlgorithmName()
-    {
-        return "BLAKE2b";
-    }
-
-    /**
-     * return the size, in bytes, of the digest produced by this message digest.
-     *
-     * @return the size, in bytes, of the digest produced by this message digest.
-     */
-    public int getDigestSize()
-    {
-        return digestLength;
-    }
-
-    /**
-     * Return the size in bytes of the internal buffer the digest applies it's compression
-     * function to.
-     *
-     * @return byte length of the digests internal buffer.
-     */
-    public int getByteLength()
-    {
-        return BLOCK_LENGTH_BYTES;
-    }
-
-    /**
-     * Overwrite the key
-     * if it is no longer used (zeroization)
-     */
-    public void clearKey()
-    {
-        if (key != null)
-        {
-            Arrays.fill(key, (byte)0);
-            Arrays.fill(buffer, (byte)0);
-        }
-    }
-
-    /**
-     * Overwrite the salt (pepper) if it
-     * is secret and no longer used (zeroization)
-     */
-    public void clearSalt()
-    {
-        if (salt != null)
-        {
-            Arrays.fill(salt, (byte)0);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/Blake2sDigest.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/Blake2sDigest.java
deleted file mode 100644
index 9f892eb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/digests/Blake2sDigest.java
+++ /dev/null

@@ -1,567 +0,0 @@
-package org.bouncycastle.crypto.digests;
-
-/*
-  The BLAKE2 cryptographic hash function was designed by Jean-
-  Philippe Aumasson, Samuel Neves, Zooko Wilcox-O'Hearn, and Christian
-  Winnerlein.
-
-  Reference Implementation and Description can be found at: https://blake2.net/
-  RFC: https://tools.ietf.org/html/rfc7693
-
-  This implementation does not support the Tree Hashing Mode.
-
-  For unkeyed hashing, developers adapting BLAKE2 to ASN.1 - based
-  message formats SHOULD use the OID tree at x = 1.3.6.1.4.1.1722.12.2.
-
-         Algorithm     | Target | Collision | Hash | Hash ASN.1 |
-            Identifier |  Arch  |  Security |  nn  | OID Suffix |
-        ---------------+--------+-----------+------+------------+
-         id-blake2s128 | 32-bit |   2**64   |  16  |   x.2.4    |
-         id-blake2s160 | 32-bit |   2**80   |  20  |   x.2.5    |
-         id-blake2s224 | 32-bit |   2**112  |  28  |   x.2.7    |
-         id-blake2s256 | 32-bit |   2**128  |  32  |   x.2.8    |
-        ---------------+--------+-----------+------+------------+
- */
-
-import org.bouncycastle.crypto.ExtendedDigest;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Pack;
-
-/**
- * Implementation of the cryptographic hash function BLAKE2s.
- * <p/>
- * BLAKE2s offers a built-in keying mechanism to be used directly
- * for authentication ("Prefix-MAC") rather than a HMAC construction.
- * <p/>
- * BLAKE2s offers a built-in support for a salt for randomized hashing
- * and a personal string for defining a unique hash function for each application.
- * <p/>
- * BLAKE2s is optimized for 32-bit platforms and produces digests of any size
- * between 1 and 32 bytes.
- */
-public class Blake2sDigest
-    implements ExtendedDigest
-{
-    /**
-     * BLAKE2s Initialization Vector
-     **/
-    private static final int[] blake2s_IV =
-        // Produced from the square root of primes 2, 3, 5, 7, 11, 13, 17, 19.
-        // The same as SHA-256 IV.
-        {
-            0x6a09e667, 0xbb67ae85, 0x3c6ef372,
-            0xa54ff53a, 0x510e527f, 0x9b05688c,
-            0x1f83d9ab, 0x5be0cd19
-        };
-
-    /**
-     * Message word permutations
-     **/
-    private static final byte[][] blake2s_sigma =
-        {
-            {0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15},
-            {14, 10, 4, 8, 9, 15, 13, 6, 1, 12, 0, 2, 11, 7, 5, 3},
-            {11, 8, 12, 0, 5, 2, 15, 13, 10, 14, 3, 6, 7, 1, 9, 4},
-            {7, 9, 3, 1, 13, 12, 11, 14, 2, 6, 5, 10, 4, 0, 15, 8},
-            {9, 0, 5, 7, 2, 4, 10, 15, 14, 1, 11, 12, 6, 8, 3, 13},
-            {2, 12, 6, 10, 0, 11, 8, 3, 4, 13, 7, 5, 15, 14, 1, 9},
-            {12, 5, 1, 15, 14, 13, 4, 10, 0, 7, 6, 3, 9, 2, 8, 11},
-            {13, 11, 7, 14, 12, 1, 3, 9, 5, 0, 15, 4, 8, 6, 2, 10},
-            {6, 15, 14, 9, 11, 3, 0, 8, 12, 2, 13, 7, 1, 4, 10, 5},
-            {10, 2, 8, 4, 7, 6, 1, 5, 15, 11, 9, 14, 3, 12, 13, 0}
-        };
-
-    private static final int ROUNDS = 10; // to use for Catenas H'
-    private static final int BLOCK_LENGTH_BYTES = 64;// bytes
-
-    // General parameters:
-    private int digestLength = 32; // 1- 32 bytes
-    private int keyLength = 0; // 0 - 32 bytes for keyed hashing for MAC
-    private byte[] salt = null;
-    private byte[] personalization = null;
-    private byte[] key = null;
-
-    // Tree hashing parameters:
-    // Because this class does not implement the Tree Hashing Mode,
-    // these parameters can be treated as constants (see init() function)
-	/*
-	 * private int fanout = 1; // 0-255
-	 * private int depth = 1; // 1 - 255
-	 * private int leafLength= 0;
-	 * private long nodeOffset = 0L;
-	 * private int nodeDepth = 0;
-	 * private int innerHashLength = 0;
-	 */
-
-    /**
-     * Whenever this buffer overflows, it will be processed in the compress()
-     * function. For performance issues, long messages will not use this buffer.
-     */
-    private byte[] buffer = null;
-    /**
-     * Position of last inserted byte
-     **/
-    private int bufferPos = 0;// a value from 0 up to BLOCK_LENGTH_BYTES
-
-    /**
-     * Internal state, in the BLAKE2 paper it is called v
-     **/
-    private int[] internalState = new int[16];
-    /**
-     * State vector, in the BLAKE2 paper it is called h
-     **/
-    private int[] chainValue = null;
-
-    // counter (counts bytes): Length up to 2^64 are supported
-    /**
-     * holds least significant bits of counter
-     **/
-    private int t0 = 0;
-    /**
-     * holds most significant bits of counter
-     **/
-    private int t1 = 0;
-    /**
-     * finalization flag, for last block: ~0
-     **/
-    private int f0 = 0;
-
-    // For Tree Hashing Mode, not used here:
-    // private long f1 = 0L; // finalization flag, for last node: ~0L
-
-    /**
-     * BLAKE2s-256 for hashing.
-     */
-    public Blake2sDigest()
-    {
-        this(256);
-    }
-
-    public Blake2sDigest(Blake2sDigest digest)
-    {
-        this.bufferPos = digest.bufferPos;
-        this.buffer = Arrays.clone(digest.buffer);
-        this.keyLength = digest.keyLength;
-        this.key = Arrays.clone(digest.key);
-        this.digestLength = digest.digestLength;
-        this.chainValue = Arrays.clone(digest.chainValue);
-        this.personalization = Arrays.clone(digest.personalization);
-    }
-
-    /**
-     * BLAKE2s for hashing.
-     *
-     * @param digestBits the desired digest length in bits. Must be a multiple of 8 and less than 256.
-     */
-    public Blake2sDigest(int digestBits)
-    {
-        if (digestBits < 8 || digestBits > 256 || digestBits % 8 != 0)
-        {
-            throw new IllegalArgumentException(
-                "BLAKE2s digest bit length must be a multiple of 8 and not greater than 256");
-        }
-        buffer = new byte[BLOCK_LENGTH_BYTES];
-        keyLength = 0;
-        digestLength = digestBits / 8;
-        init();
-    }
-
-    /**
-     * BLAKE2s for authentication ("Prefix-MAC mode").
-     * <p/>
-     * After calling the doFinal() method, the key will remain to be used for
-     * further computations of this instance. The key can be overwritten using
-     * the clearKey() method.
-     *
-     * @param key a key up to 32 bytes or null
-     */
-    public Blake2sDigest(byte[] key)
-    {
-        buffer = new byte[BLOCK_LENGTH_BYTES];
-        if (key != null)
-        {
-            if (key.length > 32)
-            {
-                throw new IllegalArgumentException(
-                    "Keys > 32 are not supported");
-            }
-            this.key = new byte[key.length];
-            System.arraycopy(key, 0, this.key, 0, key.length);
-
-            keyLength = key.length;
-            System.arraycopy(key, 0, buffer, 0, key.length);
-            bufferPos = BLOCK_LENGTH_BYTES; // zero padding
-        }
-        digestLength = 32;
-        init();
-    }
-
-    /**
-     * BLAKE2s with key, required digest length, salt and personalization.
-     * <p/>
-     * After calling the doFinal() method, the key, the salt and the personal
-     * string will remain and might be used for further computations with this
-     * instance. The key can be overwritten using the clearKey() method, the
-     * salt (pepper) can be overwritten using the clearSalt() method.
-     *
-     * @param key             a key up to 32 bytes or null
-     * @param digestBytes     from 1 up to 32 bytes
-     * @param salt            8 bytes or null
-     * @param personalization 8 bytes or null
-     */
-    public Blake2sDigest(byte[] key, int digestBytes, byte[] salt,
-                         byte[] personalization)
-    {
-        buffer = new byte[BLOCK_LENGTH_BYTES];
-        if (digestBytes < 1 || digestBytes > 32)
-        {
-            throw new IllegalArgumentException(
-                "Invalid digest length (required: 1 - 32)");
-        }
-        digestLength = digestBytes;
-        if (salt != null)
-        {
-            if (salt.length != 8)
-            {
-                throw new IllegalArgumentException(
-                    "Salt length must be exactly 8 bytes");
-            }
-            this.salt = new byte[8];
-            System.arraycopy(salt, 0, this.salt, 0, salt.length);
-        }
-        if (personalization != null)
-        {
-            if (personalization.length != 8)
-            {
-                throw new IllegalArgumentException(
-                    "Personalization length must be exactly 8 bytes");
-            }
-            this.personalization = new byte[8];
-            System.arraycopy(personalization, 0, this.personalization, 0,
-                personalization.length);
-        }
-        if (key != null)
-        {
-            if (key.length > 32)
-            {
-                throw new IllegalArgumentException(
-                    "Keys > 32 bytes are not supported");
-            }
-            this.key = new byte[key.length];
-            System.arraycopy(key, 0, this.key, 0, key.length);
-
-            keyLength = key.length;
-            System.arraycopy(key, 0, buffer, 0, key.length);
-            bufferPos = BLOCK_LENGTH_BYTES; // zero padding
-        }
-        init();
-    }
-
-    // initialize chainValue
-    private void init()
-    {
-        if (chainValue == null)
-        {
-            chainValue = new int[8];
-
-            chainValue[0] = blake2s_IV[0]
-                ^ (digestLength | (keyLength << 8) | 0x1010000);
-            // 0x1010000 = ((fanout << 16) | (depth << 24));
-            // with fanout = 1; depth = 0;
-            chainValue[1] = blake2s_IV[1];// ^ leafLength; with leafLength = 0;
-            chainValue[2] = blake2s_IV[2];// ^ nodeOffset; with nodeOffset = 0;
-            chainValue[3] = blake2s_IV[3];// ^ ( (nodeOffset << 32) |
-            // (nodeDepth << 16) | (innerHashLength << 24) );
-            // with nodeDepth = 0; innerHashLength = 0;
-
-            chainValue[4] = blake2s_IV[4];
-            chainValue[5] = blake2s_IV[5];
-            if (salt != null)
-            {
-                chainValue[4] ^= Pack.littleEndianToInt(salt, 0);
-                chainValue[5] ^= Pack.littleEndianToInt(salt, 4);
-            }
-
-            chainValue[6] = blake2s_IV[6];
-            chainValue[7] = blake2s_IV[7];
-            if (personalization != null)
-            {
-                chainValue[6] ^= Pack.littleEndianToInt(personalization, 0);
-                chainValue[7] ^= Pack.littleEndianToInt(personalization, 4);
-            }
-        }
-    }
-
-    private void initializeInternalState()
-    {
-        // initialize v:
-        System.arraycopy(chainValue, 0, internalState, 0, chainValue.length);
-        System.arraycopy(blake2s_IV, 0, internalState, chainValue.length, 4);
-        internalState[12] = t0 ^ blake2s_IV[4];
-        internalState[13] = t1 ^ blake2s_IV[5];
-        internalState[14] = f0 ^ blake2s_IV[6];
-        internalState[15] = blake2s_IV[7];// ^ f1 with f1 = 0
-    }
-
-    /**
-     * Update the message digest with a single byte.
-     *
-     * @param b the input byte to be entered.
-     */
-    public void update(byte b)
-    {
-        int remainingLength; // left bytes of buffer
-
-        // process the buffer if full else add to buffer:
-        remainingLength = BLOCK_LENGTH_BYTES - bufferPos;
-        if (remainingLength == 0)
-        { // full buffer
-            t0 += BLOCK_LENGTH_BYTES;
-            if (t0 == 0)
-            { // if message > 2^32
-                t1++;
-            }
-            compress(buffer, 0);
-            Arrays.fill(buffer, (byte)0);// clear buffer
-            buffer[0] = b;
-            bufferPos = 1;
-        }
-        else
-        {
-            buffer[bufferPos] = b;
-            bufferPos++;
-        }
-    }
-
-    /**
-     * Update the message digest with a block of bytes.
-     *
-     * @param message the byte array containing the data.
-     * @param offset  the offset into the byte array where the data starts.
-     * @param len     the length of the data.
-     */
-    public void update(byte[] message, int offset, int len)
-    {
-        if (message == null || len == 0)
-        {
-            return;
-        }
-
-        int remainingLength = 0; // left bytes of buffer
-
-        if (bufferPos != 0)
-        { // commenced, incomplete buffer
-
-            // complete the buffer:
-            remainingLength = BLOCK_LENGTH_BYTES - bufferPos;
-            if (remainingLength < len)
-            { // full buffer + at least 1 byte
-                System.arraycopy(message, offset, buffer, bufferPos,
-                    remainingLength);
-                t0 += BLOCK_LENGTH_BYTES;
-                if (t0 == 0)
-                { // if message > 2^32
-                    t1++;
-                }
-                compress(buffer, 0);
-                bufferPos = 0;
-                Arrays.fill(buffer, (byte)0);// clear buffer
-            }
-            else
-            {
-                System.arraycopy(message, offset, buffer, bufferPos, len);
-                bufferPos += len;
-                return;
-            }
-        }
-
-        // process blocks except last block (also if last block is full)
-        int messagePos;
-        int blockWiseLastPos = offset + len - BLOCK_LENGTH_BYTES;
-        for (messagePos = offset + remainingLength;
-             messagePos < blockWiseLastPos;
-             messagePos += BLOCK_LENGTH_BYTES)
-        { // block wise 64 bytes
-            // without buffer:
-            t0 += BLOCK_LENGTH_BYTES;
-            if (t0 == 0)
-            {
-                t1++;
-            }
-            compress(message, messagePos);
-        }
-
-        // fill the buffer with left bytes, this might be a full block
-        System.arraycopy(message, messagePos, buffer, 0, offset + len
-            - messagePos);
-        bufferPos += offset + len - messagePos;
-    }
-
-    /**
-     * Close the digest, producing the final digest value. The doFinal() call
-     * leaves the digest reset. Key, salt and personal string remain.
-     *
-     * @param out       the array the digest is to be copied into.
-     * @param outOffset the offset into the out array the digest is to start at.
-     */
-    public int doFinal(byte[] out, int outOffset)
-    {
-        f0 = 0xFFFFFFFF;
-        t0 += bufferPos;
-        // bufferPos may be < 64, so (t0 == 0) does not work
-        // for 2^32 < message length > 2^32 - 63
-        if ((t0 < 0) && (bufferPos > -t0))
-        {
-            t1++;
-        }
-        compress(buffer, 0);
-        Arrays.fill(buffer, (byte)0);// Holds eventually the key if input is null
-        Arrays.fill(internalState, 0);
-
-        for (int i = 0; i < chainValue.length && (i * 4 < digestLength); i++)
-        {
-            byte[] bytes = Pack.intToLittleEndian(chainValue[i]);
-
-            if (i * 4 < digestLength - 4)
-            {
-                System.arraycopy(bytes, 0, out, outOffset + i * 4, 4);
-            }
-            else
-            {
-                System.arraycopy(bytes, 0, out, outOffset + i * 4,
-                    digestLength - (i * 4));
-            }
-        }
-
-        Arrays.fill(chainValue, 0);
-
-        reset();
-
-        return digestLength;
-    }
-
-    /**
-     * Reset the digest back to its initial state. The key, the salt and the
-     * personal string will remain for further computations.
-     */
-    public void reset()
-    {
-        bufferPos = 0;
-        f0 = 0;
-        t0 = 0;
-        t1 = 0;
-        chainValue = null;
-        Arrays.fill(buffer, (byte)0);
-        if (key != null)
-        {
-            System.arraycopy(key, 0, buffer, 0, key.length);
-            bufferPos = BLOCK_LENGTH_BYTES; // zero padding
-        }
-        init();
-    }
-
-    private void compress(byte[] message, int messagePos)
-    {
-        initializeInternalState();
-
-        int[] m = new int[16];
-        for (int j = 0; j < 16; j++)
-        {
-            m[j] = Pack.littleEndianToInt(message, messagePos + j * 4);
-        }
-
-        for (int round = 0; round < ROUNDS; round++)
-        {
-
-            // G apply to columns of internalState:m[blake2s_sigma[round][2 *
-            // blockPos]] /+1
-            G(m[blake2s_sigma[round][0]], m[blake2s_sigma[round][1]], 0, 4, 8, 12);
-            G(m[blake2s_sigma[round][2]], m[blake2s_sigma[round][3]], 1, 5, 9, 13);
-            G(m[blake2s_sigma[round][4]], m[blake2s_sigma[round][5]], 2, 6, 10, 14);
-            G(m[blake2s_sigma[round][6]], m[blake2s_sigma[round][7]], 3, 7, 11, 15);
-            // G apply to diagonals of internalState:
-            G(m[blake2s_sigma[round][8]], m[blake2s_sigma[round][9]], 0, 5, 10, 15);
-            G(m[blake2s_sigma[round][10]], m[blake2s_sigma[round][11]], 1, 6, 11, 12);
-            G(m[blake2s_sigma[round][12]], m[blake2s_sigma[round][13]], 2, 7, 8, 13);
-            G(m[blake2s_sigma[round][14]], m[blake2s_sigma[round][15]], 3, 4, 9, 14);
-        }
-
-        // update chain values:
-        for (int offset = 0; offset < chainValue.length; offset++)
-        {
-            chainValue[offset] = chainValue[offset] ^ internalState[offset] ^ internalState[offset + 8];
-        }
-    }
-
-    private void G(int m1, int m2, int posA, int posB, int posC, int posD)
-    {
-        internalState[posA] = internalState[posA] + internalState[posB] + m1;
-        internalState[posD] = rotr32(internalState[posD] ^ internalState[posA], 16);
-        internalState[posC] = internalState[posC] + internalState[posD];
-        internalState[posB] = rotr32(internalState[posB] ^ internalState[posC], 12);
-        internalState[posA] = internalState[posA] + internalState[posB] + m2;
-        internalState[posD] = rotr32(internalState[posD] ^ internalState[posA], 8);
-        internalState[posC] = internalState[posC] + internalState[posD];
-        internalState[posB] = rotr32(internalState[posB] ^ internalState[posC], 7);
-    }
-
-    private int rotr32(int x, int rot)
-    {
-        return x >>> rot | (x << (32 - rot));
-    }
-
-    /**
-     * Return the algorithm name.
-     *
-     * @return the algorithm name
-     */
-    public String getAlgorithmName()
-    {
-        return "BLAKE2s";
-    }
-
-    /**
-     * Return the size in bytes of the digest produced by this message digest.
-     *
-     * @return the size in bytes of the digest produced by this message digest.
-     */
-    public int getDigestSize()
-    {
-        return digestLength;
-    }
-
-    /**
-     * Return the size in bytes of the internal buffer the digest applies its
-     * compression function to.
-     *
-     * @return byte length of the digest's internal buffer.
-     */
-    public int getByteLength()
-    {
-        return BLOCK_LENGTH_BYTES;
-    }
-
-    /**
-     * Overwrite the key if it is no longer used (zeroization).
-     */
-    public void clearKey()
-    {
-        if (key != null)
-        {
-            Arrays.fill(key, (byte)0);
-            Arrays.fill(buffer, (byte)0);
-        }
-    }
-
-    /**
-     * Overwrite the salt (pepper) if it is secret and no longer used
-     * (zeroization).
-     */
-    public void clearSalt()
-    {
-        if (salt != null)
-        {
-            Arrays.fill(salt, (byte)0);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/CSHAKEDigest.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/CSHAKEDigest.java
deleted file mode 100644
index 7629497..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/digests/CSHAKEDigest.java
+++ /dev/null

@@ -1,112 +0,0 @@
-package org.bouncycastle.crypto.digests;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * Customizable SHAKE function.
- */
-public class CSHAKEDigest
-    extends SHAKEDigest
-{
-    private static final byte[] padding = new byte[100];
-    private final byte[] diff;
-
-    /**
-     * Base constructor.
-     *
-     * @param bitLength bit length of the underlying SHAKE function, 128 or 256.
-     * @param N the function name string, note this is reserved for use by NIST. Avoid using it if not required.
-     * @param S the customization string - available for local use.
-     */
-    public CSHAKEDigest(int bitLength, byte[] N, byte[] S)
-    {
-        super(bitLength);
-
-        if ((N == null || N.length == 0) && (S == null || S.length == 0))
-        {
-            diff = null;
-        }
-        else
-        {
-            diff = Arrays.concatenate(leftEncode(rate / 8), encodeString(N), encodeString(S));
-            diffPadAndAbsorb();
-        }
-    }
-
-    private void diffPadAndAbsorb()
-    {
-        int blockSize = rate / 8;
-        absorb(diff, 0, diff.length);
-
-        int required = blockSize - (diff.length % blockSize);
-
-        while (required > padding.length)
-        {
-            absorb(padding, 0, padding.length);
-            required -= padding.length;
-        }
-        
-        absorb(padding, 0, required);
-    }
-
-    private byte[] encodeString(byte[] str)
-    {
-        if (str == null || str.length == 0)
-        {
-            return leftEncode(0);
-        }
-
-        return Arrays.concatenate(leftEncode(str.length * 8L), str);
-    }
-    
-    private static byte[] leftEncode(long strLen)
-    {
-    	byte n = 1;
-
-        long v = strLen;
-    	while ((v >>= 8) != 0)
-        {
-    		n++;
-    	}
-
-        byte[] b = new byte[n + 1];
-
-    	b[0] = n;
-  
-    	for (int i = 1; i <= n; i++)
-    	{
-    		b[i] = (byte)(strLen >> (8 * (n - i)));
-    	}
- 
-    	return b;
-    }
-    
-    public int doOutput(byte[] out, int outOff, int outLen)
-    {
-        if (diff != null)
-        {
-            if (!squeezing)
-            {
-                absorbBits(0x00, 2);
-            }
-
-            squeeze(out, outOff, ((long)outLen) * 8);
-
-            return outLen;
-        }
-        else
-        {
-            return super.doOutput(out, outOff, outLen);
-        }
-    }
-
-    public void reset()
-    {
-        super.reset();
-        
-        if (diff != null)
-        {
-            diffPadAndAbsorb();
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/DSTU7564Digest.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/DSTU7564Digest.java
deleted file mode 100644
index 0ca74a4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/digests/DSTU7564Digest.java
+++ /dev/null

@@ -1,577 +0,0 @@
-package org.bouncycastle.crypto.digests;
-
-import org.bouncycastle.crypto.ExtendedDigest;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Memoable;
-import org.bouncycastle.util.Pack;
-
-/**
- * Reference implementation of national ukrainian standard of hashing transformation DSTU7564.
- * Thanks to Roman Oliynykov' native C implementation:
- * https://github.com/Roman-Oliynykov/Kupyna-reference
- */
-public class DSTU7564Digest
-    implements ExtendedDigest, Memoable
-{
-    /* Number of 8-byte words in operating state for <= 256-bit hash codes */
-    private static final int NB_512 = 8;
-
-    /* Number of 8-byte words in operating state for <= 512-bit hash codes */
-    private static final int NB_1024 = 16;
-
-    /* Number of rounds for 512-bit state */
-    private static final int NR_512 = 10;
-
-    /* Number of rounds for 1024-bit state */
-    private static final int NR_1024 = 14;
-
-    private int hashSize;
-    private int blockSize;
-
-    private int columns;
-    private int rounds;
-
-    private long[] state;
-    private long[] tempState1;
-    private long[] tempState2;
-
-    // TODO Guard against 'inputBlocks' overflow (2^64 blocks)
-    private long inputBlocks;
-    private int bufOff;
-    private byte[] buf;
-
-    public DSTU7564Digest(DSTU7564Digest digest)
-    {
-        copyIn(digest);
-    }
-
-    private void copyIn(DSTU7564Digest digest)
-    {
-        this.hashSize = digest.hashSize;
-        this.blockSize = digest.blockSize;
-
-        this.rounds = digest.rounds;
-        if (columns > 0 && columns == digest.columns)
-        {
-            System.arraycopy(digest.state, 0, state, 0, columns);
-            System.arraycopy(digest.buf, 0, buf, 0, blockSize);
-        }
-        else
-        {
-            this.columns = digest.columns;
-            this.state = Arrays.clone(digest.state);
-            this.tempState1 = new long[columns];
-            this.tempState2 = new long[columns];
-            this.buf = Arrays.clone(digest.buf);
-        }
-
-        this.inputBlocks = digest.inputBlocks;
-        this.bufOff = digest.bufOff;
-    }
-
-    public DSTU7564Digest(int hashSizeBits)
-    {
-        if (hashSizeBits == 256 || hashSizeBits == 384 || hashSizeBits == 512)
-        {
-            this.hashSize = hashSizeBits >>> 3;
-        }
-        else
-        {
-            throw new IllegalArgumentException("Hash size is not recommended. Use 256/384/512 instead");
-        }
-
-        if (hashSizeBits > 256)
-        {
-            this.columns = NB_1024;
-            this.rounds = NR_1024;
-        }
-        else
-        {
-            this.columns = NB_512;
-            this.rounds = NR_512;
-        }
-
-        this.blockSize = columns << 3;
-
-        this.state = new long[columns];
-        this.state[0] = blockSize;
-
-        this.tempState1 = new long[columns];
-        this.tempState2 = new long[columns];
-
-        this.buf = new byte[blockSize];
-    }
-
-    public String getAlgorithmName()
-    {
-        return "DSTU7564";
-    }
-
-    public int getDigestSize()
-    {
-        return hashSize;
-    }
-
-    public int getByteLength()
-    {
-        return blockSize;
-    }
-
-    public void update(byte in)
-    {
-        buf[bufOff++] = in;
-        if (bufOff == blockSize)
-        {
-            processBlock(buf, 0);
-            bufOff = 0;
-            ++inputBlocks;
-        }
-    }
-
-    public void update(byte[] in, int inOff, int len)
-    {
-        while (bufOff != 0 && len > 0)
-        {
-            update(in[inOff++]);
-            --len;
-        }
-
-        if (len > 0)
-        {
-            while (len >= blockSize)
-            {
-                processBlock(in, inOff);
-                inOff += blockSize;
-                len -= blockSize;
-                ++inputBlocks;
-            }
-
-            while (len > 0)
-            {
-                update(in[inOff++]);
-                --len;
-            }
-        }
-    }
-
-    public int doFinal(byte[] out, int outOff)
-    {
-        // Apply padding: terminator byte and 96-bit length field
-        {
-            int inputBytes = bufOff;
-            buf[bufOff++] = (byte)0x80;
-
-            int lenPos = blockSize - 12;
-            if (bufOff > lenPos)
-            {
-                while (bufOff < blockSize)
-                {
-                    buf[bufOff++] = 0;
-                }
-                bufOff = 0;
-                processBlock(buf, 0);
-            }
-
-            while (bufOff < lenPos)
-            {
-                buf[bufOff++] = 0;
-            }
-
-            long c = ((inputBlocks & 0xFFFFFFFFL) * blockSize + inputBytes) << 3;
-            Pack.intToLittleEndian((int)c, buf, bufOff);
-            bufOff += 4;
-            c >>>= 32;
-            c += ((inputBlocks >>> 32) * blockSize) << 3;
-            Pack.longToLittleEndian(c, buf, bufOff);
-//            bufOff += 8;
-            processBlock(buf, 0);
-        }
-
-        {
-            System.arraycopy(state, 0, tempState1, 0, columns);
-
-            P(tempState1);
-
-            for (int col = 0; col < columns; ++col)
-            {
-                state[col] ^= tempState1[col];
-            }
-        }
-
-        int neededColumns = hashSize >>> 3;
-        for (int col = columns - neededColumns; col < columns; ++col)
-        {
-            Pack.longToLittleEndian(state[col], out, outOff);
-            outOff += 8;
-        }
-
-        reset();
-
-        return hashSize;
-    }
-
-    public void reset()
-    {
-        Arrays.fill(state, 0L);
-        state[0] = blockSize;
-
-        inputBlocks = 0;
-        bufOff = 0;
-    }
-
-    private void processBlock(byte[] input, int inOff)
-    {
-        int pos = inOff;
-        for (int col = 0; col < columns; ++col)
-        {
-            long word = Pack.littleEndianToLong(input, pos);
-            pos += 8;
-
-            tempState1[col] = state[col] ^ word;
-            tempState2[col] = word;
-        }
-
-        P(tempState1);
-        Q(tempState2);
-
-        for (int col = 0; col < columns; ++col)
-        {
-            state[col] ^= tempState1[col] ^ tempState2[col];
-        }
-    }
-
-    private void P(long[] s)
-    {
-        for (int round = 0; round < rounds; ++round)
-        {
-            long rc = round;
-
-            /* AddRoundConstants */
-            for (int col = 0; col < columns; ++col)
-            {
-                s[col] ^= rc;
-                rc += 0x10L;
-            }
-
-            shiftRows(s);
-            subBytes(s);
-            mixColumns(s);
-        }
-    }
-
-    private void Q(long[] s)
-    {
-        for (int round = 0; round < rounds; ++round)
-        {
-            /* AddRoundConstantsQ */
-            long rc = ((long)(((columns - 1) << 4) ^ round) << 56) | 0x00F0F0F0F0F0F0F3L;
-
-            for (int col = 0; col < columns; ++col)
-            {
-                s[col] += rc;
-                rc -= 0x1000000000000000L;
-            }
-
-            shiftRows(s);
-            subBytes(s);
-            mixColumns(s);
-        }
-    }
-
-    private static long mixColumn(long c)
-    {
-//        // Calculate column multiplied by powers of 'x'
-//        long x0 = c;
-//        long x1 = ((x0 & 0x7F7F7F7F7F7F7F7FL) << 1) ^ (((x0 & 0x8080808080808080L) >>> 7) * 0x1DL);
-//        long x2 = ((x1 & 0x7F7F7F7F7F7F7F7FL) << 1) ^ (((x1 & 0x8080808080808080L) >>> 7) * 0x1DL);
-//        long x3 = ((x2 & 0x7F7F7F7F7F7F7F7FL) << 1) ^ (((x2 & 0x8080808080808080L) >>> 7) * 0x1DL);
-//
-//        // Calculate products with circulant matrix from (0x01, 0x01, 0x05, 0x01, 0x08, 0x06, 0x07, 0x04)
-//        long m0 = x0;
-//        long m1 = x0;
-//        long m2 = x0 ^ x2;
-//        long m3 = x0;
-//        long m4 = x3;
-//        long m5 = x1 ^ x2;
-//        long m6 = x0 ^ x1 ^ x2;
-//        long m7 = x2;
-//
-//        // Assemble the rotated products
-//        return m0
-//            ^ rotate(8, m1)
-//            ^ rotate(16, m2)
-//            ^ rotate(24, m3)
-//            ^ rotate(32, m4)
-//            ^ rotate(40, m5)
-//            ^ rotate(48, m6)
-//            ^ rotate(56, m7);
-
-        // Multiply elements by 'x'
-        long x1 = ((c & 0x7F7F7F7F7F7F7F7FL) << 1) ^ (((c & 0x8080808080808080L) >>> 7) * 0x1DL);
-        long u, v;
-
-        u  = rotate(8, c) ^ c;
-        u ^= rotate(16, u);
-        u ^= rotate(48, c);
-
-        v  = u ^ c ^ x1;
-
-        // Multiply elements by 'x^2'
-        v  = ((v & 0x3F3F3F3F3F3F3F3FL) << 2) ^ (((v & 0x8080808080808080L) >>> 6) * 0x1DL) ^ (((v & 0x4040404040404040L) >>> 6) * 0x1DL);
-
-        return u ^ rotate(32, v) ^ rotate(40, x1) ^ rotate(48, x1);
-    }
-
-    private void mixColumns(long[] s)
-    {
-        for (int col = 0; col < columns; ++col)
-        {
-            s[col] = mixColumn(s[col]);
-        }
-    }
-
-    private static long rotate(int n, long x)
-    {
-        return (x >>> n) | (x << -n);
-    }
-
-    private void shiftRows(long[] s)
-    {
-        switch (columns)
-        {
-        case NB_512:
-        {
-            long c0 = s[0], c1 = s[1], c2 = s[2], c3 = s[3];
-            long c4 = s[4], c5 = s[5], c6 = s[6], c7 = s[7];
-            long d;
-
-            d = (c0 ^ c4) & 0xFFFFFFFF00000000L; c0 ^= d; c4 ^= d;
-            d = (c1 ^ c5) & 0x00FFFFFFFF000000L; c1 ^= d; c5 ^= d;
-            d = (c2 ^ c6) & 0x0000FFFFFFFF0000L; c2 ^= d; c6 ^= d;
-            d = (c3 ^ c7) & 0x000000FFFFFFFF00L; c3 ^= d; c7 ^= d;
-
-            d = (c0 ^ c2) & 0xFFFF0000FFFF0000L; c0 ^= d; c2 ^= d;
-            d = (c1 ^ c3) & 0x00FFFF0000FFFF00L; c1 ^= d; c3 ^= d;
-            d = (c4 ^ c6) & 0xFFFF0000FFFF0000L; c4 ^= d; c6 ^= d;
-            d = (c5 ^ c7) & 0x00FFFF0000FFFF00L; c5 ^= d; c7 ^= d;
-
-            d = (c0 ^ c1) & 0xFF00FF00FF00FF00L; c0 ^= d; c1 ^= d;
-            d = (c2 ^ c3) & 0xFF00FF00FF00FF00L; c2 ^= d; c3 ^= d;
-            d = (c4 ^ c5) & 0xFF00FF00FF00FF00L; c4 ^= d; c5 ^= d;
-            d = (c6 ^ c7) & 0xFF00FF00FF00FF00L; c6 ^= d; c7 ^= d;
-
-            s[0] = c0; s[1] = c1; s[2] = c2; s[3] = c3;
-            s[4] = c4; s[5] = c5; s[6] = c6; s[7] = c7;
-            break;
-        }
-        case NB_1024:
-        {
-            long c00 = s[ 0], c01 = s[ 1], c02 = s[ 2], c03 = s[ 3];
-            long c04 = s[ 4], c05 = s[ 5], c06 = s[ 6], c07 = s[ 7];
-            long c08 = s[ 8], c09 = s[ 9], c10 = s[10], c11 = s[11];
-            long c12 = s[12], c13 = s[13], c14 = s[14], c15 = s[15];
-            long d;
-
-            // NOTE: Row 7 is shifted by 11
-
-            d = (c00 ^ c08) & 0xFF00000000000000L; c00 ^= d; c08 ^= d;
-            d = (c01 ^ c09) & 0xFF00000000000000L; c01 ^= d; c09 ^= d;
-            d = (c02 ^ c10) & 0xFFFF000000000000L; c02 ^= d; c10 ^= d;
-            d = (c03 ^ c11) & 0xFFFFFF0000000000L; c03 ^= d; c11 ^= d;
-            d = (c04 ^ c12) & 0xFFFFFFFF00000000L; c04 ^= d; c12 ^= d;
-            d = (c05 ^ c13) & 0x00FFFFFFFF000000L; c05 ^= d; c13 ^= d;
-            d = (c06 ^ c14) & 0x00FFFFFFFFFF0000L; c06 ^= d; c14 ^= d;
-            d = (c07 ^ c15) & 0x00FFFFFFFFFFFF00L; c07 ^= d; c15 ^= d;
-
-            d = (c00 ^ c04) & 0x00FFFFFF00000000L; c00 ^= d; c04 ^= d;
-            d = (c01 ^ c05) & 0xFFFFFFFFFF000000L; c01 ^= d; c05 ^= d;
-            d = (c02 ^ c06) & 0xFF00FFFFFFFF0000L; c02 ^= d; c06 ^= d;
-            d = (c03 ^ c07) & 0xFF0000FFFFFFFF00L; c03 ^= d; c07 ^= d;
-            d = (c08 ^ c12) & 0x00FFFFFF00000000L; c08 ^= d; c12 ^= d;
-            d = (c09 ^ c13) & 0xFFFFFFFFFF000000L; c09 ^= d; c13 ^= d;
-            d = (c10 ^ c14) & 0xFF00FFFFFFFF0000L; c10 ^= d; c14 ^= d;
-            d = (c11 ^ c15) & 0xFF0000FFFFFFFF00L; c11 ^= d; c15 ^= d;
-
-            d = (c00 ^ c02) & 0xFFFF0000FFFF0000L; c00 ^= d; c02 ^= d;
-            d = (c01 ^ c03) & 0x00FFFF0000FFFF00L; c01 ^= d; c03 ^= d;
-            d = (c04 ^ c06) & 0xFFFF0000FFFF0000L; c04 ^= d; c06 ^= d;
-            d = (c05 ^ c07) & 0x00FFFF0000FFFF00L; c05 ^= d; c07 ^= d;
-            d = (c08 ^ c10) & 0xFFFF0000FFFF0000L; c08 ^= d; c10 ^= d;
-            d = (c09 ^ c11) & 0x00FFFF0000FFFF00L; c09 ^= d; c11 ^= d;
-            d = (c12 ^ c14) & 0xFFFF0000FFFF0000L; c12 ^= d; c14 ^= d;
-            d = (c13 ^ c15) & 0x00FFFF0000FFFF00L; c13 ^= d; c15 ^= d;
-
-            d = (c00 ^ c01) & 0xFF00FF00FF00FF00L; c00 ^= d; c01 ^= d;
-            d = (c02 ^ c03) & 0xFF00FF00FF00FF00L; c02 ^= d; c03 ^= d;
-            d = (c04 ^ c05) & 0xFF00FF00FF00FF00L; c04 ^= d; c05 ^= d;
-            d = (c06 ^ c07) & 0xFF00FF00FF00FF00L; c06 ^= d; c07 ^= d;
-            d = (c08 ^ c09) & 0xFF00FF00FF00FF00L; c08 ^= d; c09 ^= d;
-            d = (c10 ^ c11) & 0xFF00FF00FF00FF00L; c10 ^= d; c11 ^= d;
-            d = (c12 ^ c13) & 0xFF00FF00FF00FF00L; c12 ^= d; c13 ^= d;
-            d = (c14 ^ c15) & 0xFF00FF00FF00FF00L; c14 ^= d; c15 ^= d;
-
-            s[ 0] = c00; s[ 1] = c01; s[ 2] = c02; s[ 3] = c03;
-            s[ 4] = c04; s[ 5] = c05; s[ 6] = c06; s[ 7] = c07;
-            s[ 8] = c08; s[ 9] = c09; s[10] = c10; s[11] = c11;
-            s[12] = c12; s[13] = c13; s[14] = c14; s[15] = c15;
-            break;
-        }
-        default:
-        {
-            throw new IllegalStateException("unsupported state size: only 512/1024 are allowed");
-        }
-        }
-    }
-
-    private void subBytes(long[] s)
-    {
-        for (int i = 0; i < columns; ++i)
-        {
-            long u = s[i];
-            int lo = (int)u, hi = (int)(u >>> 32);
-            byte t0 = S0[lo & 0xFF];
-            byte t1 = S1[(lo >>> 8) & 0xFF];
-            byte t2 = S2[(lo >>> 16) & 0xFF];
-            byte t3 = S3[lo >>> 24];
-            lo = (t0 & 0xFF) | ((t1 & 0xFF) << 8) | ((t2 & 0xFF) << 16) | ((int)t3 << 24);
-            byte t4 = S0[hi & 0xFF];
-            byte t5 = S1[(hi >>> 8) & 0xFF];
-            byte t6 = S2[(hi >>> 16) & 0xFF];
-            byte t7 = S3[hi >>> 24];
-            hi = (t4 & 0xFF) | ((t5 & 0xFF) << 8) | ((t6 & 0xFF) << 16) | ((int)t7 << 24);
-            s[i] = (lo & 0xFFFFFFFFL) | ((long)hi << 32);
-        }
-    }
-
-    private static final byte[] S0 = new byte[]{ (byte)0xa8, (byte)0x43, (byte)0x5f, (byte)0x06, (byte)0x6b, (byte)0x75,
-        (byte)0x6c, (byte)0x59, (byte)0x71, (byte)0xdf, (byte)0x87, (byte)0x95, (byte)0x17, (byte)0xf0, (byte)0xd8,
-        (byte)0x09, (byte)0x6d, (byte)0xf3, (byte)0x1d, (byte)0xcb, (byte)0xc9, (byte)0x4d, (byte)0x2c, (byte)0xaf,
-        (byte)0x79, (byte)0xe0, (byte)0x97, (byte)0xfd, (byte)0x6f, (byte)0x4b, (byte)0x45, (byte)0x39, (byte)0x3e,
-        (byte)0xdd, (byte)0xa3, (byte)0x4f, (byte)0xb4, (byte)0xb6, (byte)0x9a, (byte)0x0e, (byte)0x1f, (byte)0xbf,
-        (byte)0x15, (byte)0xe1, (byte)0x49, (byte)0xd2, (byte)0x93, (byte)0xc6, (byte)0x92, (byte)0x72, (byte)0x9e,
-        (byte)0x61, (byte)0xd1, (byte)0x63, (byte)0xfa, (byte)0xee, (byte)0xf4, (byte)0x19, (byte)0xd5, (byte)0xad,
-        (byte)0x58, (byte)0xa4, (byte)0xbb, (byte)0xa1, (byte)0xdc, (byte)0xf2, (byte)0x83, (byte)0x37, (byte)0x42,
-        (byte)0xe4, (byte)0x7a, (byte)0x32, (byte)0x9c, (byte)0xcc, (byte)0xab, (byte)0x4a, (byte)0x8f, (byte)0x6e,
-        (byte)0x04, (byte)0x27, (byte)0x2e, (byte)0xe7, (byte)0xe2, (byte)0x5a, (byte)0x96, (byte)0x16, (byte)0x23,
-        (byte)0x2b, (byte)0xc2, (byte)0x65, (byte)0x66, (byte)0x0f, (byte)0xbc, (byte)0xa9, (byte)0x47, (byte)0x41,
-        (byte)0x34, (byte)0x48, (byte)0xfc, (byte)0xb7, (byte)0x6a, (byte)0x88, (byte)0xa5, (byte)0x53, (byte)0x86,
-        (byte)0xf9, (byte)0x5b, (byte)0xdb, (byte)0x38, (byte)0x7b, (byte)0xc3, (byte)0x1e, (byte)0x22, (byte)0x33,
-        (byte)0x24, (byte)0x28, (byte)0x36, (byte)0xc7, (byte)0xb2, (byte)0x3b, (byte)0x8e, (byte)0x77, (byte)0xba,
-        (byte)0xf5, (byte)0x14, (byte)0x9f, (byte)0x08, (byte)0x55, (byte)0x9b, (byte)0x4c, (byte)0xfe, (byte)0x60,
-        (byte)0x5c, (byte)0xda, (byte)0x18, (byte)0x46, (byte)0xcd, (byte)0x7d, (byte)0x21, (byte)0xb0, (byte)0x3f,
-        (byte)0x1b, (byte)0x89, (byte)0xff, (byte)0xeb, (byte)0x84, (byte)0x69, (byte)0x3a, (byte)0x9d, (byte)0xd7,
-        (byte)0xd3, (byte)0x70, (byte)0x67, (byte)0x40, (byte)0xb5, (byte)0xde, (byte)0x5d, (byte)0x30, (byte)0x91,
-        (byte)0xb1, (byte)0x78, (byte)0x11, (byte)0x01, (byte)0xe5, (byte)0x00, (byte)0x68, (byte)0x98, (byte)0xa0,
-        (byte)0xc5, (byte)0x02, (byte)0xa6, (byte)0x74, (byte)0x2d, (byte)0x0b, (byte)0xa2, (byte)0x76, (byte)0xb3,
-        (byte)0xbe, (byte)0xce, (byte)0xbd, (byte)0xae, (byte)0xe9, (byte)0x8a, (byte)0x31, (byte)0x1c, (byte)0xec,
-        (byte)0xf1, (byte)0x99, (byte)0x94, (byte)0xaa, (byte)0xf6, (byte)0x26, (byte)0x2f, (byte)0xef, (byte)0xe8,
-        (byte)0x8c, (byte)0x35, (byte)0x03, (byte)0xd4, (byte)0x7f, (byte)0xfb, (byte)0x05, (byte)0xc1, (byte)0x5e,
-        (byte)0x90, (byte)0x20, (byte)0x3d, (byte)0x82, (byte)0xf7, (byte)0xea, (byte)0x0a, (byte)0x0d, (byte)0x7e,
-        (byte)0xf8, (byte)0x50, (byte)0x1a, (byte)0xc4, (byte)0x07, (byte)0x57, (byte)0xb8, (byte)0x3c, (byte)0x62,
-        (byte)0xe3, (byte)0xc8, (byte)0xac, (byte)0x52, (byte)0x64, (byte)0x10, (byte)0xd0, (byte)0xd9, (byte)0x13,
-        (byte)0x0c, (byte)0x12, (byte)0x29, (byte)0x51, (byte)0xb9, (byte)0xcf, (byte)0xd6, (byte)0x73, (byte)0x8d,
-        (byte)0x81, (byte)0x54, (byte)0xc0, (byte)0xed, (byte)0x4e, (byte)0x44, (byte)0xa7, (byte)0x2a, (byte)0x85,
-        (byte)0x25, (byte)0xe6, (byte)0xca, (byte)0x7c, (byte)0x8b, (byte)0x56, (byte)0x80 };
-
-    private static final byte[] S1 = new byte[]{ (byte)0xce, (byte)0xbb, (byte)0xeb, (byte)0x92, (byte)0xea, (byte)0xcb,
-        (byte)0x13, (byte)0xc1, (byte)0xe9, (byte)0x3a, (byte)0xd6, (byte)0xb2, (byte)0xd2, (byte)0x90, (byte)0x17,
-        (byte)0xf8, (byte)0x42, (byte)0x15, (byte)0x56, (byte)0xb4, (byte)0x65, (byte)0x1c, (byte)0x88, (byte)0x43,
-        (byte)0xc5, (byte)0x5c, (byte)0x36, (byte)0xba, (byte)0xf5, (byte)0x57, (byte)0x67, (byte)0x8d, (byte)0x31,
-        (byte)0xf6, (byte)0x64, (byte)0x58, (byte)0x9e, (byte)0xf4, (byte)0x22, (byte)0xaa, (byte)0x75, (byte)0x0f,
-        (byte)0x02, (byte)0xb1, (byte)0xdf, (byte)0x6d, (byte)0x73, (byte)0x4d, (byte)0x7c, (byte)0x26, (byte)0x2e,
-        (byte)0xf7, (byte)0x08, (byte)0x5d, (byte)0x44, (byte)0x3e, (byte)0x9f, (byte)0x14, (byte)0xc8, (byte)0xae,
-        (byte)0x54, (byte)0x10, (byte)0xd8, (byte)0xbc, (byte)0x1a, (byte)0x6b, (byte)0x69, (byte)0xf3, (byte)0xbd,
-        (byte)0x33, (byte)0xab, (byte)0xfa, (byte)0xd1, (byte)0x9b, (byte)0x68, (byte)0x4e, (byte)0x16, (byte)0x95,
-        (byte)0x91, (byte)0xee, (byte)0x4c, (byte)0x63, (byte)0x8e, (byte)0x5b, (byte)0xcc, (byte)0x3c, (byte)0x19,
-        (byte)0xa1, (byte)0x81, (byte)0x49, (byte)0x7b, (byte)0xd9, (byte)0x6f, (byte)0x37, (byte)0x60, (byte)0xca,
-        (byte)0xe7, (byte)0x2b, (byte)0x48, (byte)0xfd, (byte)0x96, (byte)0x45, (byte)0xfc, (byte)0x41, (byte)0x12,
-        (byte)0x0d, (byte)0x79, (byte)0xe5, (byte)0x89, (byte)0x8c, (byte)0xe3, (byte)0x20, (byte)0x30, (byte)0xdc,
-        (byte)0xb7, (byte)0x6c, (byte)0x4a, (byte)0xb5, (byte)0x3f, (byte)0x97, (byte)0xd4, (byte)0x62, (byte)0x2d,
-        (byte)0x06, (byte)0xa4, (byte)0xa5, (byte)0x83, (byte)0x5f, (byte)0x2a, (byte)0xda, (byte)0xc9, (byte)0x00,
-        (byte)0x7e, (byte)0xa2, (byte)0x55, (byte)0xbf, (byte)0x11, (byte)0xd5, (byte)0x9c, (byte)0xcf, (byte)0x0e,
-        (byte)0x0a, (byte)0x3d, (byte)0x51, (byte)0x7d, (byte)0x93, (byte)0x1b, (byte)0xfe, (byte)0xc4, (byte)0x47,
-        (byte)0x09, (byte)0x86, (byte)0x0b, (byte)0x8f, (byte)0x9d, (byte)0x6a, (byte)0x07, (byte)0xb9, (byte)0xb0,
-        (byte)0x98, (byte)0x18, (byte)0x32, (byte)0x71, (byte)0x4b, (byte)0xef, (byte)0x3b, (byte)0x70, (byte)0xa0,
-        (byte)0xe4, (byte)0x40, (byte)0xff, (byte)0xc3, (byte)0xa9, (byte)0xe6, (byte)0x78, (byte)0xf9, (byte)0x8b,
-        (byte)0x46, (byte)0x80, (byte)0x1e, (byte)0x38, (byte)0xe1, (byte)0xb8, (byte)0xa8, (byte)0xe0, (byte)0x0c,
-        (byte)0x23, (byte)0x76, (byte)0x1d, (byte)0x25, (byte)0x24, (byte)0x05, (byte)0xf1, (byte)0x6e, (byte)0x94,
-        (byte)0x28, (byte)0x9a, (byte)0x84, (byte)0xe8, (byte)0xa3, (byte)0x4f, (byte)0x77, (byte)0xd3, (byte)0x85,
-        (byte)0xe2, (byte)0x52, (byte)0xf2, (byte)0x82, (byte)0x50, (byte)0x7a, (byte)0x2f, (byte)0x74, (byte)0x53,
-        (byte)0xb3, (byte)0x61, (byte)0xaf, (byte)0x39, (byte)0x35, (byte)0xde, (byte)0xcd, (byte)0x1f, (byte)0x99,
-        (byte)0xac, (byte)0xad, (byte)0x72, (byte)0x2c, (byte)0xdd, (byte)0xd0, (byte)0x87, (byte)0xbe, (byte)0x5e,
-        (byte)0xa6, (byte)0xec, (byte)0x04, (byte)0xc6, (byte)0x03, (byte)0x34, (byte)0xfb, (byte)0xdb, (byte)0x59,
-        (byte)0xb6, (byte)0xc2, (byte)0x01, (byte)0xf0, (byte)0x5a, (byte)0xed, (byte)0xa7, (byte)0x66, (byte)0x21,
-        (byte)0x7f, (byte)0x8a, (byte)0x27, (byte)0xc7, (byte)0xc0, (byte)0x29, (byte)0xd7 };
-
-    private static final byte[] S2 = new byte[]{ (byte)0x93, (byte)0xd9, (byte)0x9a, (byte)0xb5, (byte)0x98, (byte)0x22,
-        (byte)0x45, (byte)0xfc, (byte)0xba, (byte)0x6a, (byte)0xdf, (byte)0x02, (byte)0x9f, (byte)0xdc, (byte)0x51,
-        (byte)0x59, (byte)0x4a, (byte)0x17, (byte)0x2b, (byte)0xc2, (byte)0x94, (byte)0xf4, (byte)0xbb, (byte)0xa3,
-        (byte)0x62, (byte)0xe4, (byte)0x71, (byte)0xd4, (byte)0xcd, (byte)0x70, (byte)0x16, (byte)0xe1, (byte)0x49,
-        (byte)0x3c, (byte)0xc0, (byte)0xd8, (byte)0x5c, (byte)0x9b, (byte)0xad, (byte)0x85, (byte)0x53, (byte)0xa1,
-        (byte)0x7a, (byte)0xc8, (byte)0x2d, (byte)0xe0, (byte)0xd1, (byte)0x72, (byte)0xa6, (byte)0x2c, (byte)0xc4,
-        (byte)0xe3, (byte)0x76, (byte)0x78, (byte)0xb7, (byte)0xb4, (byte)0x09, (byte)0x3b, (byte)0x0e, (byte)0x41,
-        (byte)0x4c, (byte)0xde, (byte)0xb2, (byte)0x90, (byte)0x25, (byte)0xa5, (byte)0xd7, (byte)0x03, (byte)0x11,
-        (byte)0x00, (byte)0xc3, (byte)0x2e, (byte)0x92, (byte)0xef, (byte)0x4e, (byte)0x12, (byte)0x9d, (byte)0x7d,
-        (byte)0xcb, (byte)0x35, (byte)0x10, (byte)0xd5, (byte)0x4f, (byte)0x9e, (byte)0x4d, (byte)0xa9, (byte)0x55,
-        (byte)0xc6, (byte)0xd0, (byte)0x7b, (byte)0x18, (byte)0x97, (byte)0xd3, (byte)0x36, (byte)0xe6, (byte)0x48,
-        (byte)0x56, (byte)0x81, (byte)0x8f, (byte)0x77, (byte)0xcc, (byte)0x9c, (byte)0xb9, (byte)0xe2, (byte)0xac,
-        (byte)0xb8, (byte)0x2f, (byte)0x15, (byte)0xa4, (byte)0x7c, (byte)0xda, (byte)0x38, (byte)0x1e, (byte)0x0b,
-        (byte)0x05, (byte)0xd6, (byte)0x14, (byte)0x6e, (byte)0x6c, (byte)0x7e, (byte)0x66, (byte)0xfd, (byte)0xb1,
-        (byte)0xe5, (byte)0x60, (byte)0xaf, (byte)0x5e, (byte)0x33, (byte)0x87, (byte)0xc9, (byte)0xf0, (byte)0x5d,
-        (byte)0x6d, (byte)0x3f, (byte)0x88, (byte)0x8d, (byte)0xc7, (byte)0xf7, (byte)0x1d, (byte)0xe9, (byte)0xec,
-        (byte)0xed, (byte)0x80, (byte)0x29, (byte)0x27, (byte)0xcf, (byte)0x99, (byte)0xa8, (byte)0x50, (byte)0x0f,
-        (byte)0x37, (byte)0x24, (byte)0x28, (byte)0x30, (byte)0x95, (byte)0xd2, (byte)0x3e, (byte)0x5b, (byte)0x40,
-        (byte)0x83, (byte)0xb3, (byte)0x69, (byte)0x57, (byte)0x1f, (byte)0x07, (byte)0x1c, (byte)0x8a, (byte)0xbc,
-        (byte)0x20, (byte)0xeb, (byte)0xce, (byte)0x8e, (byte)0xab, (byte)0xee, (byte)0x31, (byte)0xa2, (byte)0x73,
-        (byte)0xf9, (byte)0xca, (byte)0x3a, (byte)0x1a, (byte)0xfb, (byte)0x0d, (byte)0xc1, (byte)0xfe, (byte)0xfa,
-        (byte)0xf2, (byte)0x6f, (byte)0xbd, (byte)0x96, (byte)0xdd, (byte)0x43, (byte)0x52, (byte)0xb6, (byte)0x08,
-        (byte)0xf3, (byte)0xae, (byte)0xbe, (byte)0x19, (byte)0x89, (byte)0x32, (byte)0x26, (byte)0xb0, (byte)0xea,
-        (byte)0x4b, (byte)0x64, (byte)0x84, (byte)0x82, (byte)0x6b, (byte)0xf5, (byte)0x79, (byte)0xbf, (byte)0x01,
-        (byte)0x5f, (byte)0x75, (byte)0x63, (byte)0x1b, (byte)0x23, (byte)0x3d, (byte)0x68, (byte)0x2a, (byte)0x65,
-        (byte)0xe8, (byte)0x91, (byte)0xf6, (byte)0xff, (byte)0x13, (byte)0x58, (byte)0xf1, (byte)0x47, (byte)0x0a,
-        (byte)0x7f, (byte)0xc5, (byte)0xa7, (byte)0xe7, (byte)0x61, (byte)0x5a, (byte)0x06, (byte)0x46, (byte)0x44,
-        (byte)0x42, (byte)0x04, (byte)0xa0, (byte)0xdb, (byte)0x39, (byte)0x86, (byte)0x54, (byte)0xaa, (byte)0x8c,
-        (byte)0x34, (byte)0x21, (byte)0x8b, (byte)0xf8, (byte)0x0c, (byte)0x74, (byte)0x67 };
-
-    private static final byte[] S3 = new byte[]{ (byte)0x68, (byte)0x8d, (byte)0xca, (byte)0x4d, (byte)0x73, (byte)0x4b,
-        (byte)0x4e, (byte)0x2a, (byte)0xd4, (byte)0x52, (byte)0x26, (byte)0xb3, (byte)0x54, (byte)0x1e, (byte)0x19,
-        (byte)0x1f, (byte)0x22, (byte)0x03, (byte)0x46, (byte)0x3d, (byte)0x2d, (byte)0x4a, (byte)0x53, (byte)0x83,
-        (byte)0x13, (byte)0x8a, (byte)0xb7, (byte)0xd5, (byte)0x25, (byte)0x79, (byte)0xf5, (byte)0xbd, (byte)0x58,
-        (byte)0x2f, (byte)0x0d, (byte)0x02, (byte)0xed, (byte)0x51, (byte)0x9e, (byte)0x11, (byte)0xf2, (byte)0x3e,
-        (byte)0x55, (byte)0x5e, (byte)0xd1, (byte)0x16, (byte)0x3c, (byte)0x66, (byte)0x70, (byte)0x5d, (byte)0xf3,
-        (byte)0x45, (byte)0x40, (byte)0xcc, (byte)0xe8, (byte)0x94, (byte)0x56, (byte)0x08, (byte)0xce, (byte)0x1a,
-        (byte)0x3a, (byte)0xd2, (byte)0xe1, (byte)0xdf, (byte)0xb5, (byte)0x38, (byte)0x6e, (byte)0x0e, (byte)0xe5,
-        (byte)0xf4, (byte)0xf9, (byte)0x86, (byte)0xe9, (byte)0x4f, (byte)0xd6, (byte)0x85, (byte)0x23, (byte)0xcf,
-        (byte)0x32, (byte)0x99, (byte)0x31, (byte)0x14, (byte)0xae, (byte)0xee, (byte)0xc8, (byte)0x48, (byte)0xd3,
-        (byte)0x30, (byte)0xa1, (byte)0x92, (byte)0x41, (byte)0xb1, (byte)0x18, (byte)0xc4, (byte)0x2c, (byte)0x71,
-        (byte)0x72, (byte)0x44, (byte)0x15, (byte)0xfd, (byte)0x37, (byte)0xbe, (byte)0x5f, (byte)0xaa, (byte)0x9b,
-        (byte)0x88, (byte)0xd8, (byte)0xab, (byte)0x89, (byte)0x9c, (byte)0xfa, (byte)0x60, (byte)0xea, (byte)0xbc,
-        (byte)0x62, (byte)0x0c, (byte)0x24, (byte)0xa6, (byte)0xa8, (byte)0xec, (byte)0x67, (byte)0x20, (byte)0xdb,
-        (byte)0x7c, (byte)0x28, (byte)0xdd, (byte)0xac, (byte)0x5b, (byte)0x34, (byte)0x7e, (byte)0x10, (byte)0xf1,
-        (byte)0x7b, (byte)0x8f, (byte)0x63, (byte)0xa0, (byte)0x05, (byte)0x9a, (byte)0x43, (byte)0x77, (byte)0x21,
-        (byte)0xbf, (byte)0x27, (byte)0x09, (byte)0xc3, (byte)0x9f, (byte)0xb6, (byte)0xd7, (byte)0x29, (byte)0xc2,
-        (byte)0xeb, (byte)0xc0, (byte)0xa4, (byte)0x8b, (byte)0x8c, (byte)0x1d, (byte)0xfb, (byte)0xff, (byte)0xc1,
-        (byte)0xb2, (byte)0x97, (byte)0x2e, (byte)0xf8, (byte)0x65, (byte)0xf6, (byte)0x75, (byte)0x07, (byte)0x04,
-        (byte)0x49, (byte)0x33, (byte)0xe4, (byte)0xd9, (byte)0xb9, (byte)0xd0, (byte)0x42, (byte)0xc7, (byte)0x6c,
-        (byte)0x90, (byte)0x00, (byte)0x8e, (byte)0x6f, (byte)0x50, (byte)0x01, (byte)0xc5, (byte)0xda, (byte)0x47,
-        (byte)0x3f, (byte)0xcd, (byte)0x69, (byte)0xa2, (byte)0xe2, (byte)0x7a, (byte)0xa7, (byte)0xc6, (byte)0x93,
-        (byte)0x0f, (byte)0x0a, (byte)0x06, (byte)0xe6, (byte)0x2b, (byte)0x96, (byte)0xa3, (byte)0x1c, (byte)0xaf,
-        (byte)0x6a, (byte)0x12, (byte)0x84, (byte)0x39, (byte)0xe7, (byte)0xb0, (byte)0x82, (byte)0xf7, (byte)0xfe,
-        (byte)0x9d, (byte)0x87, (byte)0x5c, (byte)0x81, (byte)0x35, (byte)0xde, (byte)0xb4, (byte)0xa5, (byte)0xfc,
-        (byte)0x80, (byte)0xef, (byte)0xcb, (byte)0xbb, (byte)0x6b, (byte)0x76, (byte)0xba, (byte)0x5a, (byte)0x7d,
-        (byte)0x78, (byte)0x0b, (byte)0x95, (byte)0xe3, (byte)0xad, (byte)0x74, (byte)0x98, (byte)0x3b, (byte)0x36,
-        (byte)0x64, (byte)0x6d, (byte)0xdc, (byte)0xf0, (byte)0x59, (byte)0xa9, (byte)0x4c, (byte)0x17, (byte)0x7f,
-        (byte)0x91, (byte)0xb8, (byte)0xc9, (byte)0x57, (byte)0x1b, (byte)0xe0, (byte)0x61 };
-
-    public Memoable copy()
-    {
-        return new DSTU7564Digest(this);
-    }
-
-    public void reset(Memoable other)
-    {
-        DSTU7564Digest d = (DSTU7564Digest)other;
-
-        copyIn(d);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/GOST3411Digest.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/GOST3411Digest.java
deleted file mode 100644
index 2df2d51..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/digests/GOST3411Digest.java
+++ /dev/null

@@ -1,362 +0,0 @@
-package org.bouncycastle.crypto.digests;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.ExtendedDigest;
-import org.bouncycastle.crypto.engines.GOST28147Engine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithSBox;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Memoable;
-import org.bouncycastle.util.Pack;
-
-/**
- * implementation of GOST R 34.11-94
- */
-public class GOST3411Digest
-    implements ExtendedDigest, Memoable
-{
-    private static final int    DIGEST_LENGTH = 32;
-
-    private byte[]   H = new byte[32], L = new byte[32],
-                     M = new byte[32], Sum = new byte[32];
-    private byte[][] C = new byte[4][32];
-
-    private byte[]  xBuf = new byte[32];
-    private int  xBufOff;
-    private long byteCount;
-    
-    private BlockCipher cipher = new GOST28147Engine();
-    private byte[] sBox;
-
-    /**
-     * Standard constructor
-     */
-    public GOST3411Digest()
-    {
-        sBox = GOST28147Engine.getSBox("D-A");
-        cipher.init(true, new ParametersWithSBox(null, sBox));
-
-        reset();
-    }
-
-    /**
-     * Constructor to allow use of a particular sbox with GOST28147
-     * @see GOST28147Engine#getSBox(String)
-     */
-    public GOST3411Digest(byte[] sBoxParam)
-    {
-        sBox = Arrays.clone(sBoxParam);
-        cipher.init(true, new ParametersWithSBox(null, sBox));
-
-        reset();
-    }
-
-    /**
-     * Copy constructor.  This will copy the state of the provided
-     * message digest.
-     */
-    public GOST3411Digest(GOST3411Digest t)
-    {
-        reset(t);
-    }
-
-    public String getAlgorithmName()
-    {
-        return "GOST3411";
-    }
-
-    public int getDigestSize()
-    {
-        return DIGEST_LENGTH;
-    }
-
-    public void update(byte in)
-    {
-        xBuf[xBufOff++] = in;
-        if (xBufOff == xBuf.length)
-        {
-            sumByteArray(xBuf); // calc sum M
-            processBlock(xBuf, 0);
-            xBufOff = 0;
-        }
-        byteCount++;
-    }
-
-    public void update(byte[] in, int inOff, int len)
-    {
-        while ((xBufOff != 0) && (len > 0))
-        {
-            update(in[inOff]);
-            inOff++;
-            len--;
-        }
-
-        while (len > xBuf.length)
-        {
-            System.arraycopy(in, inOff, xBuf, 0, xBuf.length);
-
-            sumByteArray(xBuf); // calc sum M
-            processBlock(xBuf, 0);
-            inOff += xBuf.length;
-            len -= xBuf.length;
-            byteCount += xBuf.length;
-        }
-
-        // load in the remainder.
-        while (len > 0)
-        {
-            update(in[inOff]);
-            inOff++;
-            len--;
-        }
-    }
-
-    // (i + 1 + 4(k - 1)) = 8i + k      i = 0-3, k = 1-8
-    private byte[] K = new byte[32];
-
-    private byte[] P(byte[] in)
-    {
-        for(int k = 0; k < 8; k++)
-        {
-            K[4*k] = in[k];
-            K[1 + 4*k] = in[ 8 + k];
-            K[2 + 4*k] = in[16 + k];
-            K[3 + 4*k] = in[24 + k];
-        }
-
-        return K;
-    }
-
-    //A (x) = (x0 ^ x1) || x3 || x2 || x1
-    byte[] a = new byte[8];
-    private byte[] A(byte[] in)
-    {
-        for(int j=0; j<8; j++)
-        {
-            a[j]=(byte)(in[j] ^ in[j+8]);
-        }
-
-        System.arraycopy(in, 8, in, 0, 24);
-        System.arraycopy(a, 0, in, 24, 8);
-
-        return in;
-    }
-
-    //Encrypt function, ECB mode
-    private void E(byte[] key, byte[] s, int sOff, byte[] in, int inOff)
-    {
-        cipher.init(true, new KeyParameter(key));
-        
-        cipher.processBlock(in, inOff, s, sOff);
-    }
-
-    // (in:) n16||..||n1 ==> (out:) n1^n2^n3^n4^n13^n16||n16||..||n2
-    short[] wS = new short[16], w_S = new short[16];
-
-    private void fw(byte[] in)
-    {
-        cpyBytesToShort(in, wS);
-        w_S[15] = (short)(wS[0] ^ wS[1] ^ wS[2] ^ wS[3] ^ wS[12] ^ wS[15]);
-        System.arraycopy(wS, 1, w_S, 0, 15);
-        cpyShortToBytes(w_S, in);
-    }
-
-    // block processing
-    byte[] S = new byte[32];
-    byte[] U = new byte[32], V = new byte[32], W = new byte[32];
-
-    protected void processBlock(byte[] in, int inOff)
-    {
-        System.arraycopy(in, inOff, M, 0, 32);
-
-        //key step 1
- 
-        // H = h3 || h2 || h1 || h0
-        // S = s3 || s2 || s1 || s0
-        System.arraycopy(H, 0, U, 0, 32);
-        System.arraycopy(M, 0, V, 0, 32);
-        for (int j=0; j<32; j++)
-        {
-            W[j] = (byte)(U[j]^V[j]);
-        }
-        // Encrypt gost28147-ECB
-        E(P(W), S, 0, H, 0); // s0 = EK0 [h0]
-
-        //keys step 2,3,4
-        for (int i=1; i<4; i++)
-        {
-            byte[] tmpA = A(U);
-            for (int j=0; j<32; j++)
-            {
-                U[j] = (byte)(tmpA[j] ^ C[i][j]);
-            }
-            V = A(A(V));
-            for (int j=0; j<32; j++)
-            {
-                W[j] = (byte)(U[j]^V[j]);
-            }
-            // Encrypt gost28147-ECB
-            E(P(W), S, i * 8, H, i * 8); // si = EKi [hi]
-        }
-
-        // x(M, H) = y61(H^y(M^y12(S)))
-        for(int n = 0; n < 12; n++)
-        {
-            fw(S);
-        }
-        for(int n = 0; n < 32; n++)
-        {
-            S[n] = (byte)(S[n] ^ M[n]);
-        }
-
-        fw(S);
-
-        for(int n = 0; n < 32; n++)
-        {
-            S[n] = (byte)(H[n] ^ S[n]);
-        }
-        for(int n = 0; n < 61; n++)
-        {
-            fw(S);
-        }
-        System.arraycopy(S, 0, H, 0, H.length);
-    }
-
-    private void finish()
-    {
-        Pack.longToLittleEndian(byteCount * 8, L, 0); // get length into L (byteCount * 8 = bitCount)
-
-        while (xBufOff != 0)
-        {
-            update((byte)0);
-        }
-
-        processBlock(L, 0);
-        processBlock(Sum, 0);
-    }
-
-    public int doFinal(
-        byte[]  out,
-        int     outOff)
-    {
-        finish();
-
-        System.arraycopy(H, 0, out, outOff, H.length);
-
-        reset();
-
-        return DIGEST_LENGTH;
-    }
-
-    /**
-     * reset the chaining variables to the IV values.
-     */
-    private static final byte[]  C2 = {
-       0x00,(byte)0xFF,0x00,(byte)0xFF,0x00,(byte)0xFF,0x00,(byte)0xFF,
-       (byte)0xFF,0x00,(byte)0xFF,0x00,(byte)0xFF,0x00,(byte)0xFF,0x00,
-       0x00,(byte)0xFF,(byte)0xFF,0x00,(byte)0xFF,0x00,0x00,(byte)0xFF,
-       (byte)0xFF,0x00,0x00,0x00,(byte)0xFF,(byte)0xFF,0x00,(byte)0xFF};
-
-    public void reset()
-    {
-        byteCount = 0;
-        xBufOff = 0;
-
-        for(int i=0; i<H.length; i++)
-        {
-            H[i] = 0;  // start vector H
-        }
-        for(int i=0; i<L.length; i++)
-        {
-            L[i] = 0;
-        }
-        for(int i=0; i<M.length; i++)
-        {
-            M[i] = 0;
-        }
-        for(int i=0; i<C[1].length; i++)
-        {
-            C[1][i] = 0;  // real index C = +1 because index array with 0.
-        }
-        for(int i=0; i<C[3].length; i++)
-        {
-            C[3][i] = 0;
-        }
-        for(int i=0; i<Sum.length; i++)
-        {
-            Sum[i] = 0;
-        }
-        for(int i = 0; i < xBuf.length; i++)
-        {
-            xBuf[i] = 0;
-        }
-
-        System.arraycopy(C2, 0, C[2], 0, C2.length);
-    }
-
-    //  256 bitsblock modul -> (Sum + a mod (2^256))
-    private void sumByteArray(byte[] in)
-    {
-        int carry = 0;
-
-        for (int i = 0; i != Sum.length; i++)
-        {
-            int sum = (Sum[i] & 0xff) + (in[i] & 0xff) + carry;
-
-            Sum[i] = (byte)sum;
-
-            carry = sum >>> 8;
-        }
-    }
-
-    private void cpyBytesToShort(byte[] S, short[] wS)
-    {
-        for(int i=0; i<S.length/2; i++)
-        {
-            wS[i] = (short)(((S[i*2+1]<<8)&0xFF00)|(S[i*2]&0xFF));
-        }
-    }
-
-    private void cpyShortToBytes(short[] wS, byte[] S)
-    {
-        for(int i=0; i<S.length/2; i++) 
-        {
-            S[i*2 + 1] = (byte)(wS[i] >> 8);
-            S[i*2] = (byte)wS[i];
-        }
-    }
-
-   public int getByteLength() 
-   {
-      return 32;
-   }
-
-    public Memoable copy()
-    {
-        return new GOST3411Digest(this);
-    }
-
-    public void reset(Memoable other)
-    {
-        GOST3411Digest t = (GOST3411Digest)other;
-
-        this.sBox = t.sBox;
-        cipher.init(true, new ParametersWithSBox(null, sBox));
-
-        reset();
-
-        System.arraycopy(t.H, 0, this.H, 0, t.H.length);
-        System.arraycopy(t.L, 0, this.L, 0, t.L.length);
-        System.arraycopy(t.M, 0, this.M, 0, t.M.length);
-        System.arraycopy(t.Sum, 0, this.Sum, 0, t.Sum.length);
-        System.arraycopy(t.C[1], 0, this.C[1], 0, t.C[1].length);
-        System.arraycopy(t.C[2], 0, this.C[2], 0, t.C[2].length);
-        System.arraycopy(t.C[3], 0, this.C[3], 0, t.C[3].length);
-        System.arraycopy(t.xBuf, 0, this.xBuf, 0, t.xBuf.length);
-
-        this.xBufOff = t.xBufOff;
-        this.byteCount = t.byteCount;
-    }
-}
-
-

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/GOST3411_2012Digest.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/GOST3411_2012Digest.java
deleted file mode 100644
index 6efcb89..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/digests/GOST3411_2012Digest.java
+++ /dev/null

@@ -1,1050 +0,0 @@
-package org.bouncycastle.crypto.digests;
-
-import org.bouncycastle.crypto.ExtendedDigest;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Memoable;
-
-/**
- * General Information
- * <p/>
- * 1. GOST R 34.11-2012 was developed by the Center for Information
- * Protection and Special Communications of the Federal Security
- * Service of the Russian Federation with participation of the Open
- * joint-stock company "Information Technologies and Communication
- * Systems" (InfoTeCS JSC).
- * <p/>
- * 2. GOST R 34.11-2012 was approved and introduced by Decree #216 of
- * the Federal Agency on Technical Regulating and Metrology on
- * 07.08.2012.
- * <p/>
- * 3. GOST R 34.11-2012 intended to replace GOST R 34.11-94 national
- * standard of Russian Federation.
- * <p/>
- * Reference Implementation and Description can be found at: https://www.streebog.net/
- * RFC: https://tools.ietf.org/html/rfc6986
- */
-
-/**
- * Base class for GOST3411-2012 256-bit and GOST3411-2012 512-bit digests.
- */
-public abstract class GOST3411_2012Digest
-    implements ExtendedDigest, Memoable
-{
-    private final byte[] IV = new byte[64];
-    private final byte[] N = new byte[64];
-    private final byte[] Sigma = new byte[64];
-    private final byte[] Ki = new byte[64];
-    private final byte[] m = new byte[64];
-    private final byte[] h = new byte[64];
-
-    // Temporary buffers
-    private final byte[] tmp = new byte[64];
-    private final byte[] block = new byte[64];
-
-    private int bOff = 64;
-
-    public GOST3411_2012Digest(byte[] IV)
-    {
-        System.arraycopy(IV, 0, this.IV, 0, 64);
-        System.arraycopy(IV, 0, h, 0, 64);
-    }
-
-    public int getByteLength()
-    {
-        return 64;
-    }
-
-    public abstract String getAlgorithmName();
-
-    public abstract int getDigestSize();
-
-    public void update(byte in)
-    {
-        block[--bOff] = in;
-        if (bOff == 0)
-        {
-            g_N(h, N, block);
-            addMod512(N, 512);
-            addMod512(Sigma, block);
-            bOff = 64;
-        }
-    }
-
-    public void update(byte[] in, int inOff, int len)
-    {
-        while (bOff != 64 && len > 0)
-        {
-            update(in[inOff++]);
-            len--;
-        }
-        while (len >= 64)
-        {
-            System.arraycopy(in, inOff, tmp, 0, 64);
-            reverse(tmp, block);
-            g_N(h, N, block);
-            addMod512(N, 512);
-            addMod512(Sigma, block);
-
-            len -= 64;
-            inOff += 64;
-        }
-        while (len > 0)
-        {
-            update(in[inOff++]);
-            len--;
-        }
-    }
-
-    public int doFinal(byte[] out, int outOff)
-    {
-        int lenM = 64 - bOff;
-
-        // At this point it is certain that lenM is smaller than 64
-        for (int i = 0; i != 64 - lenM; i++)
-        {
-            m[i] = 0;
-        }
-
-        m[63 - lenM] = 1;
-
-        if (bOff != 64)
-        {
-            System.arraycopy(block, bOff, m, 64 - lenM, lenM);
-        }
-
-        g_N(h, N, m);
-        addMod512(N, lenM * 8);
-        addMod512(Sigma, m);
-        g_N(h, Zero, N);
-        g_N(h, Zero, Sigma);
-
-        reverse(h, tmp);
-        System.arraycopy(tmp, 0, out, outOff, 64);
-
-        reset();
-        return 64;
-    }
-
-    public void reset()
-    {
-        bOff = 64;
-        Arrays.fill(N, (byte)0);
-        Arrays.fill(Sigma, (byte)0);
-        System.arraycopy(IV, 0, h, 0, 64);
-        Arrays.fill(block, (byte)0);
-    }
-
-    public abstract Memoable copy();
-
-    public void reset(Memoable other)
-    {
-        GOST3411_2012Digest o = (GOST3411_2012Digest)other;
-
-        System.arraycopy(o.IV, 0, this.IV, 0, 64);
-        System.arraycopy(o.N, 0, this.N, 0, 64);
-        System.arraycopy(o.Sigma, 0, this.Sigma, 0, 64);
-        System.arraycopy(o.Ki, 0, this.Ki, 0, 64);
-        System.arraycopy(o.m, 0, this.m, 0, 64);
-        System.arraycopy(o.h, 0, this.h, 0, 64);
-
-        System.arraycopy(o.block, 0, this.block, 0, 64);
-        this.bOff = o.bOff;
-    }
-
-    private void F(byte[] V)
-    {
-        long[] res = new long[8];
-        long r;
-
-        r = 0;
-        r ^= T[0][(V[56] & 0xFF)];
-        r ^= T[1][(V[48] & 0xFF)];
-        r ^= T[2][(V[40] & 0xFF)];
-        r ^= T[3][(V[32] & 0xFF)];
-        r ^= T[4][(V[24] & 0xFF)];
-        r ^= T[5][(V[16] & 0xFF)];
-        r ^= T[6][(V[8] & 0xFF)];
-        r ^= T[7][(V[0] & 0xFF)];
-        res[0] = r;
-
-        r = 0;
-        r ^= T[0][(V[57] & 0xFF)];
-        r ^= T[1][(V[49] & 0xFF)];
-        r ^= T[2][(V[41] & 0xFF)];
-        r ^= T[3][(V[33] & 0xFF)];
-        r ^= T[4][(V[25] & 0xFF)];
-        r ^= T[5][(V[17] & 0xFF)];
-        r ^= T[6][(V[9] & 0xFF)];
-        r ^= T[7][(V[1] & 0xFF)];
-        res[1] = r;
-
-        r = 0;
-        r ^= T[0][(V[58] & 0xFF)];
-        r ^= T[1][(V[50] & 0xFF)];
-        r ^= T[2][(V[42] & 0xFF)];
-        r ^= T[3][(V[34] & 0xFF)];
-        r ^= T[4][(V[26] & 0xFF)];
-        r ^= T[5][(V[18] & 0xFF)];
-        r ^= T[6][(V[10] & 0xFF)];
-        r ^= T[7][(V[2] & 0xFF)];
-        res[2] = r;
-
-        r = 0;
-        r ^= T[0][(V[59] & 0xFF)];
-        r ^= T[1][(V[51] & 0xFF)];
-        r ^= T[2][(V[43] & 0xFF)];
-        r ^= T[3][(V[35] & 0xFF)];
-        r ^= T[4][(V[27] & 0xFF)];
-        r ^= T[5][(V[19] & 0xFF)];
-        r ^= T[6][(V[11] & 0xFF)];
-        r ^= T[7][(V[3] & 0xFF)];
-        res[3] = r;
-
-        r = 0;
-        r ^= T[0][(V[60] & 0xFF)];
-        r ^= T[1][(V[52] & 0xFF)];
-        r ^= T[2][(V[44] & 0xFF)];
-        r ^= T[3][(V[36] & 0xFF)];
-        r ^= T[4][(V[28] & 0xFF)];
-        r ^= T[5][(V[20] & 0xFF)];
-        r ^= T[6][(V[12] & 0xFF)];
-        r ^= T[7][(V[4] & 0xFF)];
-        res[4] = r;
-
-        r = 0;
-        r ^= T[0][(V[61] & 0xFF)];
-        r ^= T[1][(V[53] & 0xFF)];
-        r ^= T[2][(V[45] & 0xFF)];
-        r ^= T[3][(V[37] & 0xFF)];
-        r ^= T[4][(V[29] & 0xFF)];
-        r ^= T[5][(V[21] & 0xFF)];
-        r ^= T[6][(V[13] & 0xFF)];
-        r ^= T[7][(V[5] & 0xFF)];
-        res[5] = r;
-
-        r = 0;
-        r ^= T[0][(V[62] & 0xFF)];
-        r ^= T[1][(V[54] & 0xFF)];
-        r ^= T[2][(V[46] & 0xFF)];
-        r ^= T[3][(V[38] & 0xFF)];
-        r ^= T[4][(V[30] & 0xFF)];
-        r ^= T[5][(V[22] & 0xFF)];
-        r ^= T[6][(V[14] & 0xFF)];
-        r ^= T[7][(V[6] & 0xFF)];
-        res[6] = r;
-
-        r = 0;
-        r ^= T[0][(V[63] & 0xFF)];
-        r ^= T[1][(V[55] & 0xFF)];
-        r ^= T[2][(V[47] & 0xFF)];
-        r ^= T[3][(V[39] & 0xFF)];
-        r ^= T[4][(V[31] & 0xFF)];
-        r ^= T[5][(V[23] & 0xFF)];
-        r ^= T[6][(V[15] & 0xFF)];
-        r ^= T[7][(V[7] & 0xFF)];
-        res[7] = r;
-
-        r = res[0];
-        V[7] = (byte)(r >> 56);
-        V[6] = (byte)(r >> 48);
-        V[5] = (byte)(r >> 40);
-        V[4] = (byte)(r >> 32);
-        V[3] = (byte)(r >> 24);
-        V[2] = (byte)(r >> 16);
-        V[1] = (byte)(r >> 8);
-        V[0] = (byte)(r);
-
-        r = res[1];
-        V[15] = (byte)(r >> 56);
-        V[14] = (byte)(r >> 48);
-        V[13] = (byte)(r >> 40);
-        V[12] = (byte)(r >> 32);
-        V[11] = (byte)(r >> 24);
-        V[10] = (byte)(r >> 16);
-        V[9] = (byte)(r >> 8);
-        V[8] = (byte)(r);
-
-        r = res[2];
-        V[23] = (byte)(r >> 56);
-        V[22] = (byte)(r >> 48);
-        V[21] = (byte)(r >> 40);
-        V[20] = (byte)(r >> 32);
-        V[19] = (byte)(r >> 24);
-        V[18] = (byte)(r >> 16);
-        V[17] = (byte)(r >> 8);
-        V[16] = (byte)(r);
-
-        r = res[3];
-        V[31] = (byte)(r >> 56);
-        V[30] = (byte)(r >> 48);
-        V[29] = (byte)(r >> 40);
-        V[28] = (byte)(r >> 32);
-        V[27] = (byte)(r >> 24);
-        V[26] = (byte)(r >> 16);
-        V[25] = (byte)(r >> 8);
-        V[24] = (byte)(r);
-
-        r = res[4];
-        V[39] = (byte)(r >> 56);
-        V[38] = (byte)(r >> 48);
-        V[37] = (byte)(r >> 40);
-        V[36] = (byte)(r >> 32);
-        V[35] = (byte)(r >> 24);
-        V[34] = (byte)(r >> 16);
-        V[33] = (byte)(r >> 8);
-        V[32] = (byte)(r);
-
-        r = res[5];
-        V[47] = (byte)(r >> 56);
-        V[46] = (byte)(r >> 48);
-        V[45] = (byte)(r >> 40);
-        V[44] = (byte)(r >> 32);
-        V[43] = (byte)(r >> 24);
-        V[42] = (byte)(r >> 16);
-        V[41] = (byte)(r >> 8);
-        V[40] = (byte)(r);
-
-        r = res[6];
-        V[55] = (byte)(r >> 56);
-        V[54] = (byte)(r >> 48);
-        V[53] = (byte)(r >> 40);
-        V[52] = (byte)(r >> 32);
-        V[51] = (byte)(r >> 24);
-        V[50] = (byte)(r >> 16);
-        V[49] = (byte)(r >> 8);
-        V[48] = (byte)(r);
-
-        r = res[7];
-        V[63] = (byte)(r >> 56);
-        V[62] = (byte)(r >> 48);
-        V[61] = (byte)(r >> 40);
-        V[60] = (byte)(r >> 32);
-        V[59] = (byte)(r >> 24);
-        V[58] = (byte)(r >> 16);
-        V[57] = (byte)(r >> 8);
-        V[56] = (byte)(r);
-    }
-
-    private void xor512(byte[] A, byte[] B)
-    {
-        for (int i = 0; i < 64; ++i)
-        {
-            A[i] ^= B[i];
-        }
-    }
-
-    private void E(byte[] K, byte[] m)
-    {
-        System.arraycopy(K, 0, Ki, 0, 64);
-        xor512(K, m);
-        F(K);
-        for (int i = 0; i < 11; ++i)
-        {
-            xor512(Ki, C[i]);
-            F(Ki);
-            xor512(K, Ki);
-            F(K);
-        }
-        xor512(Ki, C[11]);
-        F(Ki);
-        xor512(K, Ki);
-    }
-
-    private void g_N(byte[] h, byte[] N, byte[] m)
-    {
-        System.arraycopy(h, 0, tmp, 0, 64);
-
-        xor512(h, N);
-        F(h);
-
-        E(h, m);
-        xor512(h, tmp);
-        xor512(h, m);
-    }
-
-    private void addMod512(byte[] A, int num)
-    {
-        int c;
-        c = (A[63] & 0xFF) + (num & 0xFF);
-        A[63] = (byte)c;
-
-        c = (A[62] & 0xFF) + ((num >> 8) & 0xFF) + (c >> 8);
-        A[62] = (byte)c;
-
-        for (int i = 61; (i >= 0) && (c > 0); --i)
-        {
-            c = (A[i] & 0xFF) + (c >> 8);
-            A[i] = (byte)c;
-        }
-    }
-
-    private void addMod512(byte[] A, byte[] B)
-    {
-        for (int c = 0, i = 63; i >= 0; --i)
-        {
-            c = (A[i] & 0xFF) + (B[i] & 0xFF) + (c >> 8);
-            A[i] = (byte)c;
-        }
-    }
-
-    private void reverse(byte[] src, byte[] dst)
-    {
-        final int len = src.length;
-        for (int i = 0; i < len; i++)
-        {
-            dst[len - 1 - i] = src[i];
-        }
-    }
-
-    private final static byte[][] C = {{
-        (byte)0xb1, (byte)0x08, (byte)0x5b, (byte)0xda, (byte)0x1e, (byte)0xca, (byte)0xda, (byte)0xe9,
-        (byte)0xeb, (byte)0xcb, (byte)0x2f, (byte)0x81, (byte)0xc0, (byte)0x65, (byte)0x7c, (byte)0x1f,
-        (byte)0x2f, (byte)0x6a, (byte)0x76, (byte)0x43, (byte)0x2e, (byte)0x45, (byte)0xd0, (byte)0x16,
-        (byte)0x71, (byte)0x4e, (byte)0xb8, (byte)0x8d, (byte)0x75, (byte)0x85, (byte)0xc4, (byte)0xfc,
-        (byte)0x4b, (byte)0x7c, (byte)0xe0, (byte)0x91, (byte)0x92, (byte)0x67, (byte)0x69, (byte)0x01,
-        (byte)0xa2, (byte)0x42, (byte)0x2a, (byte)0x08, (byte)0xa4, (byte)0x60, (byte)0xd3, (byte)0x15,
-        (byte)0x05, (byte)0x76, (byte)0x74, (byte)0x36, (byte)0xcc, (byte)0x74, (byte)0x4d, (byte)0x23,
-        (byte)0xdd, (byte)0x80, (byte)0x65, (byte)0x59, (byte)0xf2, (byte)0xa6, (byte)0x45, (byte)0x07},
-        {
-            (byte)0x6f, (byte)0xa3, (byte)0xb5, (byte)0x8a, (byte)0xa9, (byte)0x9d, (byte)0x2f, (byte)0x1a,
-            (byte)0x4f, (byte)0xe3, (byte)0x9d, (byte)0x46, (byte)0x0f, (byte)0x70, (byte)0xb5, (byte)0xd7,
-            (byte)0xf3, (byte)0xfe, (byte)0xea, (byte)0x72, (byte)0x0a, (byte)0x23, (byte)0x2b, (byte)0x98,
-            (byte)0x61, (byte)0xd5, (byte)0x5e, (byte)0x0f, (byte)0x16, (byte)0xb5, (byte)0x01, (byte)0x31,
-            (byte)0x9a, (byte)0xb5, (byte)0x17, (byte)0x6b, (byte)0x12, (byte)0xd6, (byte)0x99, (byte)0x58,
-            (byte)0x5c, (byte)0xb5, (byte)0x61, (byte)0xc2, (byte)0xdb, (byte)0x0a, (byte)0xa7, (byte)0xca,
-            (byte)0x55, (byte)0xdd, (byte)0xa2, (byte)0x1b, (byte)0xd7, (byte)0xcb, (byte)0xcd, (byte)0x56,
-            (byte)0xe6, (byte)0x79, (byte)0x04, (byte)0x70, (byte)0x21, (byte)0xb1, (byte)0x9b, (byte)0xb7},
-        {
-            (byte)0xf5, (byte)0x74, (byte)0xdc, (byte)0xac, (byte)0x2b, (byte)0xce, (byte)0x2f, (byte)0xc7,
-            (byte)0x0a, (byte)0x39, (byte)0xfc, (byte)0x28, (byte)0x6a, (byte)0x3d, (byte)0x84, (byte)0x35,
-            (byte)0x06, (byte)0xf1, (byte)0x5e, (byte)0x5f, (byte)0x52, (byte)0x9c, (byte)0x1f, (byte)0x8b,
-            (byte)0xf2, (byte)0xea, (byte)0x75, (byte)0x14, (byte)0xb1, (byte)0x29, (byte)0x7b, (byte)0x7b,
-            (byte)0xd3, (byte)0xe2, (byte)0x0f, (byte)0xe4, (byte)0x90, (byte)0x35, (byte)0x9e, (byte)0xb1,
-            (byte)0xc1, (byte)0xc9, (byte)0x3a, (byte)0x37, (byte)0x60, (byte)0x62, (byte)0xdb, (byte)0x09,
-            (byte)0xc2, (byte)0xb6, (byte)0xf4, (byte)0x43, (byte)0x86, (byte)0x7a, (byte)0xdb, (byte)0x31,
-            (byte)0x99, (byte)0x1e, (byte)0x96, (byte)0xf5, (byte)0x0a, (byte)0xba, (byte)0x0a, (byte)0xb2},
-        {
-            (byte)0xef, (byte)0x1f, (byte)0xdf, (byte)0xb3, (byte)0xe8, (byte)0x15, (byte)0x66, (byte)0xd2,
-            (byte)0xf9, (byte)0x48, (byte)0xe1, (byte)0xa0, (byte)0x5d, (byte)0x71, (byte)0xe4, (byte)0xdd,
-            (byte)0x48, (byte)0x8e, (byte)0x85, (byte)0x7e, (byte)0x33, (byte)0x5c, (byte)0x3c, (byte)0x7d,
-            (byte)0x9d, (byte)0x72, (byte)0x1c, (byte)0xad, (byte)0x68, (byte)0x5e, (byte)0x35, (byte)0x3f,
-            (byte)0xa9, (byte)0xd7, (byte)0x2c, (byte)0x82, (byte)0xed, (byte)0x03, (byte)0xd6, (byte)0x75,
-            (byte)0xd8, (byte)0xb7, (byte)0x13, (byte)0x33, (byte)0x93, (byte)0x52, (byte)0x03, (byte)0xbe,
-            (byte)0x34, (byte)0x53, (byte)0xea, (byte)0xa1, (byte)0x93, (byte)0xe8, (byte)0x37, (byte)0xf1,
-            (byte)0x22, (byte)0x0c, (byte)0xbe, (byte)0xbc, (byte)0x84, (byte)0xe3, (byte)0xd1, (byte)0x2e},
-        {
-            (byte)0x4b, (byte)0xea, (byte)0x6b, (byte)0xac, (byte)0xad, (byte)0x47, (byte)0x47, (byte)0x99,
-            (byte)0x9a, (byte)0x3f, (byte)0x41, (byte)0x0c, (byte)0x6c, (byte)0xa9, (byte)0x23, (byte)0x63,
-            (byte)0x7f, (byte)0x15, (byte)0x1c, (byte)0x1f, (byte)0x16, (byte)0x86, (byte)0x10, (byte)0x4a,
-            (byte)0x35, (byte)0x9e, (byte)0x35, (byte)0xd7, (byte)0x80, (byte)0x0f, (byte)0xff, (byte)0xbd,
-            (byte)0xbf, (byte)0xcd, (byte)0x17, (byte)0x47, (byte)0x25, (byte)0x3a, (byte)0xf5, (byte)0xa3,
-            (byte)0xdf, (byte)0xff, (byte)0x00, (byte)0xb7, (byte)0x23, (byte)0x27, (byte)0x1a, (byte)0x16,
-            (byte)0x7a, (byte)0x56, (byte)0xa2, (byte)0x7e, (byte)0xa9, (byte)0xea, (byte)0x63, (byte)0xf5,
-            (byte)0x60, (byte)0x17, (byte)0x58, (byte)0xfd, (byte)0x7c, (byte)0x6c, (byte)0xfe, (byte)0x57},
-        {
-            (byte)0xae, (byte)0x4f, (byte)0xae, (byte)0xae, (byte)0x1d, (byte)0x3a, (byte)0xd3, (byte)0xd9,
-            (byte)0x6f, (byte)0xa4, (byte)0xc3, (byte)0x3b, (byte)0x7a, (byte)0x30, (byte)0x39, (byte)0xc0,
-            (byte)0x2d, (byte)0x66, (byte)0xc4, (byte)0xf9, (byte)0x51, (byte)0x42, (byte)0xa4, (byte)0x6c,
-            (byte)0x18, (byte)0x7f, (byte)0x9a, (byte)0xb4, (byte)0x9a, (byte)0xf0, (byte)0x8e, (byte)0xc6,
-            (byte)0xcf, (byte)0xfa, (byte)0xa6, (byte)0xb7, (byte)0x1c, (byte)0x9a, (byte)0xb7, (byte)0xb4,
-            (byte)0x0a, (byte)0xf2, (byte)0x1f, (byte)0x66, (byte)0xc2, (byte)0xbe, (byte)0xc6, (byte)0xb6,
-            (byte)0xbf, (byte)0x71, (byte)0xc5, (byte)0x72, (byte)0x36, (byte)0x90, (byte)0x4f, (byte)0x35,
-            (byte)0xfa, (byte)0x68, (byte)0x40, (byte)0x7a, (byte)0x46, (byte)0x64, (byte)0x7d, (byte)0x6e},
-        {
-            (byte)0xf4, (byte)0xc7, (byte)0x0e, (byte)0x16, (byte)0xee, (byte)0xaa, (byte)0xc5, (byte)0xec,
-            (byte)0x51, (byte)0xac, (byte)0x86, (byte)0xfe, (byte)0xbf, (byte)0x24, (byte)0x09, (byte)0x54,
-            (byte)0x39, (byte)0x9e, (byte)0xc6, (byte)0xc7, (byte)0xe6, (byte)0xbf, (byte)0x87, (byte)0xc9,
-            (byte)0xd3, (byte)0x47, (byte)0x3e, (byte)0x33, (byte)0x19, (byte)0x7a, (byte)0x93, (byte)0xc9,
-            (byte)0x09, (byte)0x92, (byte)0xab, (byte)0xc5, (byte)0x2d, (byte)0x82, (byte)0x2c, (byte)0x37,
-            (byte)0x06, (byte)0x47, (byte)0x69, (byte)0x83, (byte)0x28, (byte)0x4a, (byte)0x05, (byte)0x04,
-            (byte)0x35, (byte)0x17, (byte)0x45, (byte)0x4c, (byte)0xa2, (byte)0x3c, (byte)0x4a, (byte)0xf3,
-            (byte)0x88, (byte)0x86, (byte)0x56, (byte)0x4d, (byte)0x3a, (byte)0x14, (byte)0xd4, (byte)0x93},
-        {
-            (byte)0x9b, (byte)0x1f, (byte)0x5b, (byte)0x42, (byte)0x4d, (byte)0x93, (byte)0xc9, (byte)0xa7,
-            (byte)0x03, (byte)0xe7, (byte)0xaa, (byte)0x02, (byte)0x0c, (byte)0x6e, (byte)0x41, (byte)0x41,
-            (byte)0x4e, (byte)0xb7, (byte)0xf8, (byte)0x71, (byte)0x9c, (byte)0x36, (byte)0xde, (byte)0x1e,
-            (byte)0x89, (byte)0xb4, (byte)0x44, (byte)0x3b, (byte)0x4d, (byte)0xdb, (byte)0xc4, (byte)0x9a,
-            (byte)0xf4, (byte)0x89, (byte)0x2b, (byte)0xcb, (byte)0x92, (byte)0x9b, (byte)0x06, (byte)0x90,
-            (byte)0x69, (byte)0xd1, (byte)0x8d, (byte)0x2b, (byte)0xd1, (byte)0xa5, (byte)0xc4, (byte)0x2f,
-            (byte)0x36, (byte)0xac, (byte)0xc2, (byte)0x35, (byte)0x59, (byte)0x51, (byte)0xa8, (byte)0xd9,
-            (byte)0xa4, (byte)0x7f, (byte)0x0d, (byte)0xd4, (byte)0xbf, (byte)0x02, (byte)0xe7, (byte)0x1e},
-        {
-            (byte)0x37, (byte)0x8f, (byte)0x5a, (byte)0x54, (byte)0x16, (byte)0x31, (byte)0x22, (byte)0x9b,
-            (byte)0x94, (byte)0x4c, (byte)0x9a, (byte)0xd8, (byte)0xec, (byte)0x16, (byte)0x5f, (byte)0xde,
-            (byte)0x3a, (byte)0x7d, (byte)0x3a, (byte)0x1b, (byte)0x25, (byte)0x89, (byte)0x42, (byte)0x24,
-            (byte)0x3c, (byte)0xd9, (byte)0x55, (byte)0xb7, (byte)0xe0, (byte)0x0d, (byte)0x09, (byte)0x84,
-            (byte)0x80, (byte)0x0a, (byte)0x44, (byte)0x0b, (byte)0xdb, (byte)0xb2, (byte)0xce, (byte)0xb1,
-            (byte)0x7b, (byte)0x2b, (byte)0x8a, (byte)0x9a, (byte)0xa6, (byte)0x07, (byte)0x9c, (byte)0x54,
-            (byte)0x0e, (byte)0x38, (byte)0xdc, (byte)0x92, (byte)0xcb, (byte)0x1f, (byte)0x2a, (byte)0x60,
-            (byte)0x72, (byte)0x61, (byte)0x44, (byte)0x51, (byte)0x83, (byte)0x23, (byte)0x5a, (byte)0xdb},
-        {
-            (byte)0xab, (byte)0xbe, (byte)0xde, (byte)0xa6, (byte)0x80, (byte)0x05, (byte)0x6f, (byte)0x52,
-            (byte)0x38, (byte)0x2a, (byte)0xe5, (byte)0x48, (byte)0xb2, (byte)0xe4, (byte)0xf3, (byte)0xf3,
-            (byte)0x89, (byte)0x41, (byte)0xe7, (byte)0x1c, (byte)0xff, (byte)0x8a, (byte)0x78, (byte)0xdb,
-            (byte)0x1f, (byte)0xff, (byte)0xe1, (byte)0x8a, (byte)0x1b, (byte)0x33, (byte)0x61, (byte)0x03,
-            (byte)0x9f, (byte)0xe7, (byte)0x67, (byte)0x02, (byte)0xaf, (byte)0x69, (byte)0x33, (byte)0x4b,
-            (byte)0x7a, (byte)0x1e, (byte)0x6c, (byte)0x30, (byte)0x3b, (byte)0x76, (byte)0x52, (byte)0xf4,
-            (byte)0x36, (byte)0x98, (byte)0xfa, (byte)0xd1, (byte)0x15, (byte)0x3b, (byte)0xb6, (byte)0xc3,
-            (byte)0x74, (byte)0xb4, (byte)0xc7, (byte)0xfb, (byte)0x98, (byte)0x45, (byte)0x9c, (byte)0xed},
-        {
-            (byte)0x7b, (byte)0xcd, (byte)0x9e, (byte)0xd0, (byte)0xef, (byte)0xc8, (byte)0x89, (byte)0xfb,
-            (byte)0x30, (byte)0x02, (byte)0xc6, (byte)0xcd, (byte)0x63, (byte)0x5a, (byte)0xfe, (byte)0x94,
-            (byte)0xd8, (byte)0xfa, (byte)0x6b, (byte)0xbb, (byte)0xeb, (byte)0xab, (byte)0x07, (byte)0x61,
-            (byte)0x20, (byte)0x01, (byte)0x80, (byte)0x21, (byte)0x14, (byte)0x84, (byte)0x66, (byte)0x79,
-            (byte)0x8a, (byte)0x1d, (byte)0x71, (byte)0xef, (byte)0xea, (byte)0x48, (byte)0xb9, (byte)0xca,
-            (byte)0xef, (byte)0xba, (byte)0xcd, (byte)0x1d, (byte)0x7d, (byte)0x47, (byte)0x6e, (byte)0x98,
-            (byte)0xde, (byte)0xa2, (byte)0x59, (byte)0x4a, (byte)0xc0, (byte)0x6f, (byte)0xd8, (byte)0x5d,
-            (byte)0x6b, (byte)0xca, (byte)0xa4, (byte)0xcd, (byte)0x81, (byte)0xf3, (byte)0x2d, (byte)0x1b},
-        {
-            (byte)0x37, (byte)0x8e, (byte)0xe7, (byte)0x67, (byte)0xf1, (byte)0x16, (byte)0x31, (byte)0xba,
-            (byte)0xd2, (byte)0x13, (byte)0x80, (byte)0xb0, (byte)0x04, (byte)0x49, (byte)0xb1, (byte)0x7a,
-            (byte)0xcd, (byte)0xa4, (byte)0x3c, (byte)0x32, (byte)0xbc, (byte)0xdf, (byte)0x1d, (byte)0x77,
-            (byte)0xf8, (byte)0x20, (byte)0x12, (byte)0xd4, (byte)0x30, (byte)0x21, (byte)0x9f, (byte)0x9b,
-            (byte)0x5d, (byte)0x80, (byte)0xef, (byte)0x9d, (byte)0x18, (byte)0x91, (byte)0xcc, (byte)0x86,
-            (byte)0xe7, (byte)0x1d, (byte)0xa4, (byte)0xaa, (byte)0x88, (byte)0xe1, (byte)0x28, (byte)0x52,
-            (byte)0xfa, (byte)0xf4, (byte)0x17, (byte)0xd5, (byte)0xd9, (byte)0xb2, (byte)0x1b, (byte)0x99,
-            (byte)0x48, (byte)0xbc, (byte)0x92, (byte)0x4a, (byte)0xf1, (byte)0x1b, (byte)0xd7, (byte)0x20}
-    };
-
-    private final static byte[] Zero = {
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
-    };
-
-    private final static long[][] T = {
-        {
-            0xE6F87E5C5B711FD0L, 0x258377800924FA16L, 0xC849E07E852EA4A8L, 0x5B4686A18F06C16AL,
-            0x0B32E9A2D77B416EL, 0xABDA37A467815C66L, 0xF61796A81A686676L, 0xF5DC0B706391954BL,
-            0x4862F38DB7E64BF1L, 0xFF5C629A68BD85C5L, 0xCB827DA6FCD75795L, 0x66D36DAF69B9F089L,
-            0x356C9F74483D83B0L, 0x7CBCECB1238C99A1L, 0x36A702AC31C4708DL, 0x9EB6A8D02FBCDFD6L,
-            0x8B19FA51E5B3AE37L, 0x9CCFB5408A127D0BL, 0xBC0C78B508208F5AL, 0xE533E3842288ECEDL,
-            0xCEC2C7D377C15FD2L, 0xEC7817B6505D0F5EL, 0xB94CC2C08336871DL, 0x8C205DB4CB0B04ADL,
-            0x763C855B28A0892FL, 0x588D1B79F6FF3257L, 0x3FECF69E4311933EL, 0x0FC0D39F803A18C9L,
-            0xEE010A26F5F3AD83L, 0x10EFE8F4411979A6L, 0x5DCDA10C7DE93A10L, 0x4A1BEE1D1248E92CL,
-            0x53BFF2DB21847339L, 0xB4F50CCFA6A23D09L, 0x5FB4BC9CD84798CDL, 0xE88A2D8B071C56F9L,
-            0x7F7771695A756A9CL, 0xC5F02E71A0BA1EBCL, 0xA663F9AB4215E672L, 0x2EB19E22DE5FBB78L,
-            0x0DB9CE0F2594BA14L, 0x82520E6397664D84L, 0x2F031E6A0208EA98L, 0x5C7F2144A1BE6BF0L,
-            0x7A37CB1CD16362DBL, 0x83E08E2B4B311C64L, 0xCF70479BAB960E32L, 0x856BA986B9DEE71EL,
-            0xB5478C877AF56CE9L, 0xB8FE42885F61D6FDL, 0x1BDD0156966238C8L, 0x622157923EF8A92EL,
-            0xFC97FF42114476F8L, 0x9D7D350856452CEBL, 0x4C90C9B0E0A71256L, 0x2308502DFBCB016CL,
-            0x2D7A03FAA7A64845L, 0xF46E8B38BFC6C4ABL, 0xBDBEF8FDD477DEBAL, 0x3AAC4CEBC8079B79L,
-            0xF09CB105E8879D0CL, 0x27FA6A10AC8A58CBL, 0x8960E7C1401D0CEAL, 0x1A6F811E4A356928L,
-            0x90C4FB0773D196FFL, 0x43501A2F609D0A9FL, 0xF7A516E0C63F3796L, 0x1CE4A6B3B8DA9252L,
-            0x1324752C38E08A9BL, 0xA5A864733BEC154FL, 0x2BF124575549B33FL, 0xD766DB15440DC5C7L,
-            0xA7D179E39E42B792L, 0xDADF151A61997FD3L, 0x86A0345EC0271423L, 0x38D5517B6DA939A4L,
-            0x6518F077104003B4L, 0x02791D90A5AEA2DDL, 0x88D267899C4A5D0AL, 0x930F66DF0A2865C2L,
-            0x4EE9D4204509B08BL, 0x325538916685292AL, 0x412907BFC533A842L, 0xB27E2B62544DC673L,
-            0x6C5304456295E007L, 0x5AF406E95351908AL, 0x1F2F3B6BC123616FL, 0xC37B09DC5255E5C6L,
-            0x3967D133B1FE6844L, 0x298839C7F0E711E2L, 0x409B87F71964F9A2L, 0xE938ADC3DB4B0719L,
-            0x0C0B4E47F9C3EBF4L, 0x5534D576D36B8843L, 0x4610A05AEB8B02D8L, 0x20C3CDF58232F251L,
-            0x6DE1840DBEC2B1E7L, 0xA0E8DE06B0FA1D08L, 0x7B854B540D34333BL, 0x42E29A67BCCA5B7FL,
-            0xD8A6088AC437DD0EL, 0xC63BB3A9D943ED81L, 0x21714DBD5E65A3B1L, 0x6761EDE7B5EEA169L,
-            0x2431F7C8D573ABF6L, 0xD51FC685E1A3671AL, 0x5E063CD40410C92DL, 0x283AB98F2CB04002L,
-            0x8FEBC06CB2F2F790L, 0x17D64F116FA1D33CL, 0xE07359F1A99EE4AAL, 0x784ED68C74CDC006L,
-            0x6E2A19D5C73B42DAL, 0x8712B4161C7045C3L, 0x371582E4ED93216DL, 0xACE390414939F6FCL,
-            0x7EC5F12186223B7CL, 0xC0B094042BAC16FBL, 0xF9D745379A527EBFL, 0x737C3F2EA3B68168L,
-            0x33E7B8D9BAD278CAL, 0xA9A32A34C22FFEBBL, 0xE48163CCFEDFBD0DL, 0x8E5940246EA5A670L,
-            0x51C6EF4B842AD1E4L, 0x22BAD065279C508CL, 0xD91488C218608CEEL, 0x319EA5491F7CDA17L,
-            0xD394E128134C9C60L, 0x094BF43272D5E3B3L, 0x9BF612A5A4AAD791L, 0xCCBBDA43D26FFD0FL,
-            0x34DE1F3C946AD250L, 0x4F5B5468995EE16BL, 0xDF9FAF6FEA8F7794L, 0x2648EA5870DD092BL,
-            0xBFC7E56D71D97C67L, 0xDDE6B2FF4F21D549L, 0x3C276B463AE86003L, 0x91767B4FAF86C71FL,
-            0x68A13E7835D4B9A0L, 0xB68C115F030C9FD4L, 0x141DD2C916582001L, 0x983D8F7DDD5324ACL,
-            0x64AA703FCC175254L, 0xC2C989948E02B426L, 0x3E5E76D69F46C2DEL, 0x50746F03587D8004L,
-            0x45DB3D829272F1E5L, 0x60584A029B560BF3L, 0xFBAE58A73FFCDC62L, 0xA15A5E4E6CAD4CE8L,
-            0x4BA96E55CE1FB8CCL, 0x08F9747AAE82B253L, 0xC102144CF7FB471BL, 0x9F042898F3EB8E36L,
-            0x068B27ADF2EFFB7AL, 0xEDCA97FE8C0A5EBEL, 0x778E0513F4F7D8CFL, 0x302C2501C32B8BF7L,
-            0x8D92DDFC175C554DL, 0xF865C57F46052F5FL, 0xEAF3301BA2B2F424L, 0xAA68B7ECBBD60D86L,
-            0x998F0F350104754CL, 0x0000000000000000L, 0xF12E314D34D0CCECL, 0x710522BE061823B5L,
-            0xAF280D9930C005C1L, 0x97FD5CE25D693C65L, 0x19A41CC633CC9A15L, 0x95844172F8C79EB8L,
-            0xDC5432B7937684A9L, 0x9436C13A2490CF58L, 0x802B13F332C8EF59L, 0xC442AE397CED4F5CL,
-            0xFA1CD8EFE3AB8D82L, 0xF2E5AC954D293FD1L, 0x6AD823E8907A1B7DL, 0x4D2249F83CF043B6L,
-            0x03CB9DD879F9F33DL, 0xDE2D2F2736D82674L, 0x2A43A41F891EE2DFL, 0x6F98999D1B6C133AL,
-            0xD4AD46CD3DF436FAL, 0xBB35DF50269825C0L, 0x964FDCAA813E6D85L, 0xEB41B0537EE5A5C4L,
-            0x0540BA758B160847L, 0xA41AE43BE7BB44AFL, 0xE3B8C429D0671797L, 0x819993BBEE9FBEB9L,
-            0xAE9A8DD1EC975421L, 0xF3572CDD917E6E31L, 0x6393D7DAE2AFF8CEL, 0x47A2201237DC5338L,
-            0xA32343DEC903EE35L, 0x79FC56C4A89A91E6L, 0x01B28048DC5751E0L, 0x1296F564E4B7DB7BL,
-            0x75F7188351597A12L, 0xDB6D9552BDCE2E33L, 0x1E9DBB231D74308FL, 0x520D7293FDD322D9L,
-            0xE20A44610C304677L, 0xFEEEE2D2B4EAD425L, 0xCA30FDEE20800675L, 0x61EACA4A47015A13L,
-            0xE74AFE1487264E30L, 0x2CC883B27BF119A5L, 0x1664CF59B3F682DCL, 0xA811AA7C1E78AF5BL,
-            0x1D5626FB648DC3B2L, 0xB73E9117DF5BCE34L, 0xD05F7CF06AB56F5DL, 0xFD257F0ACD132718L,
-            0x574DC8E676C52A9EL, 0x0739A7E52EB8AA9AL, 0x5486553E0F3CD9A3L, 0x56FF48AEAA927B7EL,
-            0xBE756525AD8E2D87L, 0x7D0E6CF9FFDBC841L, 0x3B1ECCA31450CA99L, 0x6913BE30E983E840L,
-            0xAD511009956EA71CL, 0xB1B5B6BA2DB4354EL, 0x4469BDCA4E25A005L, 0x15AF5281CA0F71E1L,
-            0x744598CB8D0E2BF2L, 0x593F9B312AA863B7L, 0xEFB38A6E29A4FC63L, 0x6B6AA3A04C2D4A9DL,
-            0x3D95EB0EE6BF31E3L, 0xA291C3961554BFD5L, 0x18169C8EEF9BCBF5L, 0x115D68BC9D4E2846L,
-            0xBA875F18FACF7420L, 0xD1EDFCB8B6E23EBDL, 0xB00736F2F1E364AEL, 0x84D929CE6589B6FEL,
-            0x70B7A2F6DA4F7255L, 0x0E7253D75C6D4929L, 0x04F23A3D574159A7L, 0x0A8069EA0B2C108EL,
-            0x49D073C56BB11A11L, 0x8AAB7A1939E4FFD7L, 0xCD095A0B0E38ACEFL, 0xC9FB60365979F548L,
-            0x92BDE697D67F3422L, 0xC78933E10514BC61L, 0xE1C1D9B975C9B54AL, 0xD2266160CF1BCD80L,
-            0x9A4492ED78FD8671L, 0xB3CCAB2A881A9793L, 0x72CEBF667FE1D088L, 0xD6D45B5D985A9427L
-        },
-        {
-            0xC811A8058C3F55DEL, 0x65F5B43196B50619L, 0xF74F96B1D6706E43L, 0x859D1E8BCB43D336L,
-            0x5AAB8A85CCFA3D84L, 0xF9C7BF99C295FCFDL, 0xA21FD5A1DE4B630FL, 0xCDB3EF763B8B456DL,
-            0x803F59F87CF7C385L, 0xB27C73BE5F31913CL, 0x98E3AC6633B04821L, 0xBF61674C26B8F818L,
-            0x0FFBC995C4C130C8L, 0xAAA0862010761A98L, 0x6057F342210116AAL, 0xF63C760C0654CC35L,
-            0x2DDB45CC667D9042L, 0xBCF45A964BD40382L, 0x68E8A0C3EF3C6F3DL, 0xA7BD92D269FF73BCL,
-            0x290AE20201ED2287L, 0xB7DE34CDE885818FL, 0xD901EEA7DD61059BL, 0xD6FA273219A03553L,
-            0xD56F1AE874CCCEC9L, 0xEA31245C2E83F554L, 0x7034555DA07BE499L, 0xCE26D2AC56E7BEF7L,
-            0xFD161857A5054E38L, 0x6A0E7DA4527436D1L, 0x5BD86A381CDE9FF2L, 0xCAF7756231770C32L,
-            0xB09AAED9E279C8D0L, 0x5DEF1091C60674DBL, 0x111046A2515E5045L, 0x23536CE4729802FCL,
-            0xC50CBCF7F5B63CFAL, 0x73A16887CD171F03L, 0x7D2941AFD9F28DBDL, 0x3F5E3EB45A4F3B9DL,
-            0x84EEFE361B677140L, 0x3DB8E3D3E7076271L, 0x1A3A28F9F20FD248L, 0x7EBC7C75B49E7627L,
-            0x74E5F293C7EB565CL, 0x18DCF59E4F478BA4L, 0x0C6EF44FA9ADCB52L, 0xC699812D98DAC760L,
-            0x788B06DC6E469D0EL, 0xFC65F8EA7521EC4EL, 0x30A5F7219E8E0B55L, 0x2BEC3F65BCA57B6BL,
-            0xDDD04969BAF1B75EL, 0x99904CDBE394EA57L, 0x14B201D1E6EA40F6L, 0xBBB0C08241284ADDL,
-            0x50F20463BF8F1DFFL, 0xE8D7F93B93CBACB8L, 0x4D8CB68E477C86E8L, 0xC1DD1B3992268E3FL,
-            0x7C5AA11209D62FCBL, 0x2F3D98ABDB35C9AEL, 0x671369562BFD5FF5L, 0x15C1E16C36CEE280L,
-            0x1D7EB2EDF8F39B17L, 0xDA94D37DB00DFE01L, 0x877BC3EC760B8ADAL, 0xCB8495DFE153AE44L,
-            0x05A24773B7B410B3L, 0x12857B783C32ABDFL, 0x8EB770D06812513BL, 0x536739B9D2E3E665L,
-            0x584D57E271B26468L, 0xD789C78FC9849725L, 0xA935BBFA7D1AE102L, 0x8B1537A3DFA64188L,
-            0xD0CD5D9BC378DE7AL, 0x4AC82C9A4D80CFB7L, 0x42777F1B83BDB620L, 0x72D2883A1D33BD75L,
-            0x5E7A2D4BAB6A8F41L, 0xF4DAAB6BBB1C95D9L, 0x905CFFE7FD8D31B6L, 0x83AA6422119B381FL,
-            0xC0AEFB8442022C49L, 0xA0F908C663033AE3L, 0xA428AF0804938826L, 0xADE41C341A8A53C7L,
-            0xAE7121EE77E6A85DL, 0xC47F5C4A25929E8CL, 0xB538E9AA55CDD863L, 0x06377AA9DAD8EB29L,
-            0xA18AE87BB3279895L, 0x6EDFDA6A35E48414L, 0x6B7D9D19825094A7L, 0xD41CFA55A4E86CBFL,
-            0xE5CAEDC9EA42C59CL, 0xA36C351C0E6FC179L, 0x5181E4DE6FABBF89L, 0xFFF0C530184D17D4L,
-            0x9D41EB1584045892L, 0x1C0D525028D73961L, 0xF178EC180CA8856AL, 0x9A0571018EF811CDL,
-            0x4091A27C3EF5EFCCL, 0x19AF15239F6329D2L, 0x347450EFF91EB990L, 0xE11B4A078DD27759L,
-            0xB9561DE5FC601331L, 0x912F1F5A2DA993C0L, 0x1654DCB65BA2191AL, 0x3E2DDE098A6B99EBL,
-            0x8A66D71E0F82E3FEL, 0x8C51ADB7D55A08D7L, 0x4533E50F8941FF7FL, 0x02E6DD67BD4859ECL,
-            0xE068AABA5DF6D52FL, 0xC24826E3FF4A75A5L, 0x6C39070D88ACDDF8L, 0x6486548C4691A46FL,
-            0xD1BEBD26135C7C0CL, 0xB30F93038F15334AL, 0x82D9849FC1BF9A69L, 0x9C320BA85420FAE4L,
-            0xFA528243AFF90767L, 0x9ED4D6CFE968A308L, 0xB825FD582C44B147L, 0x9B7691BC5EDCB3BBL,
-            0xC7EA619048FE6516L, 0x1063A61F817AF233L, 0x47D538683409A693L, 0x63C2CE984C6DED30L,
-            0x2A9FDFD86C81D91DL, 0x7B1E3B06032A6694L, 0x666089EBFBD9FD83L, 0x0A598EE67375207BL,
-            0x07449A140AFC495FL, 0x2CA8A571B6593234L, 0x1F986F8A45BBC2FBL, 0x381AA4A050B372C2L,
-            0x5423A3ADD81FAF3AL, 0x17273C0B8B86BB6CL, 0xFE83258DC869B5A2L, 0x287902BFD1C980F1L,
-            0xF5A94BD66B3837AFL, 0x88800A79B2CABA12L, 0x55504310083B0D4CL, 0xDF36940E07B9EEB2L,
-            0x04D1A7CE6790B2C5L, 0x612413FFF125B4DCL, 0x26F12B97C52C124FL, 0x86082351A62F28ACL,
-            0xEF93632F9937E5E7L, 0x3507B052293A1BE6L, 0xE72C30AE570A9C70L, 0xD3586041AE1425E0L,
-            0xDE4574B3D79D4CC4L, 0x92BA228040C5685AL, 0xF00B0CA5DC8C271CL, 0xBE1287F1F69C5A6EL,
-            0xF39E317FB1E0DC86L, 0x495D114020EC342DL, 0x699B407E3F18CD4BL, 0xDCA3A9D46AD51528L,
-            0x0D1D14F279896924L, 0x0000000000000000L, 0x593EB75FA196C61EL, 0x2E4E78160B116BD8L,
-            0x6D4AE7B058887F8EL, 0xE65FD013872E3E06L, 0x7A6DDBBBD30EC4E2L, 0xAC97FC89CAAEF1B1L,
-            0x09CCB33C1E19DBE1L, 0x89F3EAC462EE1864L, 0x7770CF49AA87ADC6L, 0x56C57ECA6557F6D6L,
-            0x03953DDA6D6CFB9AL, 0x36928D884456E07CL, 0x1EEB8F37959F608DL, 0x31D6179C4EAAA923L,
-            0x6FAC3AD7E5C02662L, 0x43049FA653991456L, 0xABD3669DC052B8EEL, 0xAF02C153A7C20A2BL,
-            0x3CCB036E3723C007L, 0x93C9C23D90E1CA2CL, 0xC33BC65E2F6ED7D3L, 0x4CFF56339758249EL,
-            0xB1E94E64325D6AA6L, 0x37E16D359472420AL, 0x79F8E661BE623F78L, 0x5214D90402C74413L,
-            0x482EF1FDF0C8965BL, 0x13F69BC5EC1609A9L, 0x0E88292814E592BEL, 0x4E198B542A107D72L,
-            0xCCC00FCBEBAFE71BL, 0x1B49C844222B703EL, 0x2564164DA840E9D5L, 0x20C6513E1FF4F966L,
-            0xBAC3203F910CE8ABL, 0xF2EDD1C261C47EF0L, 0x814CB945ACD361F3L, 0x95FEB8944A392105L,
-            0x5C9CF02C1622D6ADL, 0x971865F3F77178E9L, 0xBD87BA2B9BF0A1F4L, 0x444005B259655D09L,
-            0xED75BE48247FBC0BL, 0x7596122E17CFF42AL, 0xB44B091785E97A15L, 0x966B854E2755DA9FL,
-            0xEEE0839249134791L, 0x32432A4623C652B9L, 0xA8465B47AD3E4374L, 0xF8B45F2412B15E8BL,
-            0x2417F6F078644BA3L, 0xFB2162FE7FDDA511L, 0x4BBBCC279DA46DC1L, 0x0173E0BDD024A276L,
-            0x22208C59A2BCA08AL, 0x8FC4906DB836F34DL, 0xE4B90D743A6667EAL, 0x7147B5E0705F46EFL,
-            0x2782CB2A1508B039L, 0xEC065EF5F45B1E7DL, 0x21B5B183CFD05B10L, 0xDBE733C060295C77L,
-            0x9FA73672394C017EL, 0xCF55321186C31C81L, 0xD8720E1A0D45A7EDL, 0x3B8F997A3DDF8958L,
-            0x3AFC79C7EDFB2B2EL, 0xE9A4198643EF0ECEL, 0x5F09CDF67B4E2D37L, 0x4F6A6BE9FA34DF04L,
-            0xB6ADD47038A123F9L, 0x8D224D0A057EAAA1L, 0xC96248B85C1BF7A8L, 0xE3FD9760309A2EB5L,
-            0x0B2A6E5BA351820DL, 0xEB42C4E1FEA75722L, 0x948D58299A1D8373L, 0x7FCF9CC864BAD451L,
-            0xA55B4FB5D4B72A50L, 0x08BF5381CE3D7997L, 0x46A6D8D5E42D04E5L, 0xD22B80FC7E308796L,
-            0x57B69E77B57354A0L, 0x3969441D8097D0B4L, 0x3330CAFBF3E2F0CFL, 0xE28E77DDE0BE8CC3L,
-            0x62B12E259C494F46L, 0xA6CE726FB9DBD1CAL, 0x41E242C1EED14DBAL, 0x76032FF47AA30FB0L
-        },
-        {
-            0x45B268A93ACDE4CCL, 0xAF7F0BE884549D08L, 0x048354B3C1468263L, 0x925435C2C80EFED2L,
-            0xEE4E37F27FDFFBA7L, 0x167A33920C60F14DL, 0xFB123B52EA03E584L, 0x4A0CAB53FDBB9007L,
-            0x9DEAF6380F788A19L, 0xCB48EC558F0CB32AL, 0xB59DC4B2D6FEF7E0L, 0xDCDBCA22F4F3ECB6L,
-            0x11DF5813549A9C40L, 0xE33FDEDF568ACED3L, 0xA0C1C8124322E9C3L, 0x07A56B8158FA6D0DL,
-            0x77279579B1E1F3DDL, 0xD9B18B74422AC004L, 0xB8EC2D9FFFABC294L, 0xF4ACF8A82D75914FL,
-            0x7BBF69B1EF2B6878L, 0xC4F62FAF487AC7E1L, 0x76CE809CC67E5D0CL, 0x6711D88F92E4C14CL,
-            0x627B99D9243DEDFEL, 0x234AA5C3DFB68B51L, 0x909B1F15262DBF6DL, 0x4F66EA054B62BCB5L,
-            0x1AE2CF5A52AA6AE8L, 0xBEA053FBD0CE0148L, 0xED6808C0E66314C9L, 0x43FE16CD15A82710L,
-            0xCD049231A06970F6L, 0xE7BC8A6C97CC4CB0L, 0x337CE835FCB3B9C0L, 0x65DEF2587CC780F3L,
-            0x52214EDE4132BB50L, 0x95F15E4390F493DFL, 0x870839625DD2E0F1L, 0x41313C1AFB8B66AFL,
-            0x91720AF051B211BCL, 0x477D427ED4EEA573L, 0x2E3B4CEEF6E3BE25L, 0x82627834EB0BCC43L,
-            0x9C03E3DD78E724C8L, 0x2877328AD9867DF9L, 0x14B51945E243B0F2L, 0x574B0F88F7EB97E2L,
-            0x88B6FA989AA4943AL, 0x19C4F068CB168586L, 0x50EE6409AF11FAEFL, 0x7DF317D5C04EABA4L,
-            0x7A567C5498B4C6A9L, 0xB6BBFB804F42188EL, 0x3CC22BCF3BC5CD0BL, 0xD04336EAAA397713L,
-            0xF02FAC1BEC33132CL, 0x2506DBA7F0D3488DL, 0xD7E65D6BF2C31A1EL, 0x5EB9B2161FF820F5L,
-            0x842E0650C46E0F9FL, 0x716BEB1D9E843001L, 0xA933758CAB315ED4L, 0x3FE414FDA2792265L,
-            0x27C9F1701EF00932L, 0x73A4C1CA70A771BEL, 0x94184BA6E76B3D0EL, 0x40D829FF8C14C87EL,
-            0x0FBEC3FAC77674CBL, 0x3616A9634A6A9572L, 0x8F139119C25EF937L, 0xF545ED4D5AEA3F9EL,
-            0xE802499650BA387BL, 0x6437E7BD0B582E22L, 0xE6559F89E053E261L, 0x80AD52E305288DFCL,
-            0x6DC55A23E34B9935L, 0xDE14E0F51AD0AD09L, 0xC6390578A659865EL, 0x96D7617109487CB1L,
-            0xE2D6CB3A21156002L, 0x01E915E5779FAED1L, 0xADB0213F6A77DCB7L, 0x9880B76EB9A1A6ABL,
-            0x5D9F8D248644CF9BL, 0xFD5E4536C5662658L, 0xF1C6B9FE9BACBDFDL, 0xEACD6341BE9979C4L,
-            0xEFA7221708405576L, 0x510771ECD88E543EL, 0xC2BA51CB671F043DL, 0x0AD482AC71AF5879L,
-            0xFE787A045CDAC936L, 0xB238AF338E049AEDL, 0xBD866CC94972EE26L, 0x615DA6EBBD810290L,
-            0x3295FDD08B2C1711L, 0xF834046073BF0AEAL, 0xF3099329758FFC42L, 0x1CAEB13E7DCFA934L,
-            0xBA2307481188832BL, 0x24EFCE42874CE65CL, 0x0E57D61FB0E9DA1AL, 0xB3D1BAD6F99B343CL,
-            0xC0757B1C893C4582L, 0x2B510DB8403A9297L, 0x5C7698C1F1DB614AL, 0x3E0D0118D5E68CB4L,
-            0xD60F488E855CB4CFL, 0xAE961E0DF3CB33D9L, 0x3A8E55AB14A00ED7L, 0x42170328623789C1L,
-            0x838B6DD19C946292L, 0x895FEF7DED3B3AEBL, 0xCFCBB8E64E4A3149L, 0x064C7E642F65C3DCL,
-            0x3D2B3E2A4C5A63DAL, 0x5BD3F340A9210C47L, 0xB474D157A1615931L, 0xAC5934DA1DE87266L,
-            0x6EE365117AF7765BL, 0xC86ED36716B05C44L, 0x9BA6885C201D49C5L, 0xB905387A88346C45L,
-            0x131072C4BAB9DDFFL, 0xBF49461EA751AF99L, 0xD52977BC1CE05BA1L, 0xB0F785E46027DB52L,
-            0x546D30BA6E57788CL, 0x305AD707650F56AEL, 0xC987C682612FF295L, 0xA5AB8944F5FBC571L,
-            0x7ED528E759F244CAL, 0x8DDCBBCE2C7DB888L, 0xAA154ABE328DB1BAL, 0x1E619BE993ECE88BL,
-            0x09F2BD9EE813B717L, 0x7401AA4B285D1CB3L, 0x21858F143195CAEEL, 0x48C381841398D1B8L,
-            0xFCB750D3B2F98889L, 0x39A86A998D1CE1B9L, 0x1F888E0CE473465AL, 0x7899568376978716L,
-            0x02CF2AD7EE2341BFL, 0x85C713B5B3F1A14EL, 0xFF916FE12B4567E7L, 0x7C1A0230B7D10575L,
-            0x0C98FCC85ECA9BA5L, 0xA3E7F720DA9E06ADL, 0x6A6031A2BBB1F438L, 0x973E74947ED7D260L,
-            0x2CF4663918C0FF9AL, 0x5F50A7F368678E24L, 0x34D983B4A449D4CDL, 0x68AF1B755592B587L,
-            0x7F3C3D022E6DEA1BL, 0xABFC5F5B45121F6BL, 0x0D71E92D29553574L, 0xDFFDF5106D4F03D8L,
-            0x081BA87B9F8C19C6L, 0xDB7EA1A3AC0981BBL, 0xBBCA12AD66172DFAL, 0x79704366010829C7L,
-            0x179326777BFF5F9CL, 0x0000000000000000L, 0xEB2476A4C906D715L, 0x724DD42F0738DF6FL,
-            0xB752EE6538DDB65FL, 0x37FFBC863DF53BA3L, 0x8EFA84FCB5C157E6L, 0xE9EB5C73272596AAL,
-            0x1B0BDABF2535C439L, 0x86E12C872A4D4E20L, 0x9969A28BCE3E087AL, 0xFAFB2EB79D9C4B55L,
-            0x056A4156B6D92CB2L, 0x5A3AE6A5DEBEA296L, 0x22A3B026A8292580L, 0x53C85B3B36AD1581L,
-            0xB11E900117B87583L, 0xC51F3A4A3FE56930L, 0xE019E1EDCF3621BDL, 0xEC811D2591FCBA18L,
-            0x445B7D4C4D524A1DL, 0xA8DA6069DCAEF005L, 0x58F5CC72309DE329L, 0xD4C062596B7FF570L,
-            0xCE22AD0339D59F98L, 0x591CD99747024DF8L, 0x8B90C5AA03187B54L, 0xF663D27FC356D0F0L,
-            0xD8589E9135B56ED5L, 0x35309651D3D67A1CL, 0x12F96721CD26732EL, 0xD28C1C3D441A36ACL,
-            0x492A946164077F69L, 0x2D1D73DC6F5F514BL, 0x6F0A70F40D68D88AL, 0x60B4B30ECA1EAC41L,
-            0xD36509D83385987DL, 0x0B3D97490630F6A8L, 0x9ECCC90A96C46577L, 0xA20EE2C5AD01A87CL,
-            0xE49AB55E0E70A3DEL, 0xA4429CA182646BA0L, 0xDA97B446DB962F6AL, 0xCCED87D4D7F6DE27L,
-            0x2AB8185D37A53C46L, 0x9F25DCEFE15BCBA6L, 0xC19C6EF9FEA3EB53L, 0xA764A3931BD884CEL,
-            0x2FD2590B817C10F4L, 0x56A21A6D80743933L, 0xE573A0BB79EF0D0FL, 0x155C0CA095DC1E23L,
-            0x6C2C4FC694D437E4L, 0x10364DF623053291L, 0xDD32DFC7836C4267L, 0x03263F3299BCEF6EL,
-            0x66F8CD6AE57B6F9DL, 0x8C35AE2B5BE21659L, 0x31B3C2E21290F87FL, 0x93BD2027BF915003L,
-            0x69460E90220D1B56L, 0x299E276FAE19D328L, 0x63928C3C53A2432FL, 0x7082FEF8E91B9ED0L,
-            0xBC6F792C3EED40F7L, 0x4C40D537D2DE53DBL, 0x75E8BFAE5FC2B262L, 0x4DA9C0D2A541FD0AL,
-            0x4E8FFFE03CFD1264L, 0x2620E495696FA7E3L, 0xE1F0F408B8A98F6CL, 0xD1AA230FDDA6D9C2L,
-            0xC7D0109DD1C6288FL, 0x8A79D04F7487D585L, 0x4694579BA3710BA2L, 0x38417F7CFA834F68L,
-            0x1D47A4DB0A5007E5L, 0x206C9AF1460A643FL, 0xA128DDF734BD4712L, 0x8144470672B7232DL,
-            0xF2E086CC02105293L, 0x182DE58DBC892B57L, 0xCAA1F9B0F8931DFBL, 0x6B892447CC2E5AE9L,
-            0xF9DD11850420A43BL, 0x4BE5BEB68A243ED6L, 0x5584255F19C8D65DL, 0x3B67404E633FA006L,
-            0xA68DB6766C472A1FL, 0xF78AC79AB4C97E21L, 0xC353442E1080AAECL, 0x9A4F9DB95782E714L
-        },
-        {
-            0x05BA7BC82C9B3220L, 0x31A54665F8B65E4FL, 0xB1B651F77547F4D4L, 0x8BFA0D857BA46682L,
-            0x85A96C5AA16A98BBL, 0x990FAEF908EB79C9L, 0xA15E37A247F4A62DL, 0x76857DCD5D27741EL,
-            0xF8C50B800A1820BCL, 0xBE65DCB201F7A2B4L, 0x666D1B986F9426E7L, 0x4CC921BF53C4E648L,
-            0x95410A0F93D9CA42L, 0x20CDCCAA647BA4EFL, 0x429A4060890A1871L, 0x0C4EA4F69B32B38BL,
-            0xCCDA362DDE354CD3L, 0x96DC23BC7C5B2FA9L, 0xC309BB68AA851AB3L, 0xD26131A73648E013L,
-            0x021DC52941FC4DB2L, 0xCD5ADAB7704BE48AL, 0xA77965D984ED71E6L, 0x32386FD61734BBA4L,
-            0xE82D6DD538AB7245L, 0x5C2147EA6177B4B1L, 0x5DA1AB70CF091CE8L, 0xAC907FCE72B8BDFFL,
-            0x57C85DFD972278A8L, 0xA4E44C6A6B6F940DL, 0x3851995B4F1FDFE4L, 0x62578CCAED71BC9EL,
-            0xD9882BB0C01D2C0AL, 0x917B9D5D113C503BL, 0xA2C31E11A87643C6L, 0xE463C923A399C1CEL,
-            0xF71686C57EA876DCL, 0x87B4A973E096D509L, 0xAF0D567D9D3A5814L, 0xB40C2A3F59DCC6F4L,
-            0x3602F88495D121DDL, 0xD3E1DD3D9836484AL, 0xF945E71AA46688E5L, 0x7518547EB2A591F5L,
-            0x9366587450C01D89L, 0x9EA81018658C065BL, 0x4F54080CBC4603A3L, 0x2D0384C65137BF3DL,
-            0xDC325078EC861E2AL, 0xEA30A8FC79573FF7L, 0x214D2030CA050CB6L, 0x65F0322B8016C30CL,
-            0x69BE96DD1B247087L, 0xDB95EE9981E161B8L, 0xD1FC1814D9CA05F8L, 0x820ED2BBCC0DE729L,
-            0x63D76050430F14C7L, 0x3BCCB0E8A09D3A0FL, 0x8E40764D573F54A2L, 0x39D175C1E16177BDL,
-            0x12F5A37C734F1F4BL, 0xAB37C12F1FDFC26DL, 0x5648B167395CD0F1L, 0x6C04ED1537BF42A7L,
-            0xED97161D14304065L, 0x7D6C67DAAB72B807L, 0xEC17FA87BA4EE83CL, 0xDFAF79CB0304FBC1L,
-            0x733F060571BC463EL, 0x78D61C1287E98A27L, 0xD07CF48E77B4ADA1L, 0xB9C262536C90DD26L,
-            0xE2449B5860801605L, 0x8FC09AD7F941FCFBL, 0xFAD8CEA94BE46D0EL, 0xA343F28B0608EB9FL,
-            0x9B126BD04917347BL, 0x9A92874AE7699C22L, 0x1B017C42C4E69EE0L, 0x3A4C5C720EE39256L,
-            0x4B6E9F5E3EA399DAL, 0x6BA353F45AD83D35L, 0xE7FEE0904C1B2425L, 0x22D009832587E95DL,
-            0x842980C00F1430E2L, 0xC6B3C0A0861E2893L, 0x087433A419D729F2L, 0x341F3DADD42D6C6FL,
-            0xEE0A3FAEFBB2A58EL, 0x4AEE73C490DD3183L, 0xAAB72DB5B1A16A34L, 0xA92A04065E238FDFL,
-            0x7B4B35A1686B6FCCL, 0x6A23BF6EF4A6956CL, 0x191CB96B851AD352L, 0x55D598D4D6DE351AL,
-            0xC9604DE5F2AE7EF3L, 0x1CA6C2A3A981E172L, 0xDE2F9551AD7A5398L, 0x3025AAFF56C8F616L,
-            0x15521D9D1E2860D9L, 0x506FE31CFA45073AL, 0x189C55F12B647B0BL, 0x0180EC9AAE7EA859L,
-            0x7CEC8B40050C105EL, 0x2350E5198BF94104L, 0xEF8AD33455CC0DD7L, 0x07A7BEE16D677F92L,
-            0xE5E325B90DE76997L, 0x5A061591A26E637AL, 0xB611EF1618208B46L, 0x09F4DF3EB7A981ABL,
-            0x1EBB078AE87DACC0L, 0xB791038CB65E231FL, 0x0FD38D4574B05660L, 0x67EDF702C1EA8EBEL,
-            0xBA5F4BE0831238CDL, 0xE3C477C2CEFEBE5CL, 0x0DCE486C354C1BD2L, 0x8C5DB36416C31910L,
-            0x26EA9ED1A7627324L, 0x039D29B3EF82E5EBL, 0x9F28FC82CBF2AE02L, 0xA8AAE89CF05D2786L,
-            0x431AACFA2774B028L, 0xCF471F9E31B7A938L, 0x581BD0B8E3922EC8L, 0xBC78199B400BEF06L,
-            0x90FB71C7BF42F862L, 0x1F3BEB1046030499L, 0x683E7A47B55AD8DEL, 0x988F4263A695D190L,
-            0xD808C72A6E638453L, 0x0627527BC319D7CBL, 0xEBB04466D72997AEL, 0xE67E0C0AE2658C7CL,
-            0x14D2F107B056C880L, 0x7122C32C30400B8CL, 0x8A7AE11FD5DACEDBL, 0xA0DEDB38E98A0E74L,
-            0xAD109354DCC615A6L, 0x0BE91A17F655CC19L, 0x8DDD5FFEB8BDB149L, 0xBFE53028AF890AEDL,
-            0xD65BA6F5B4AD7A6AL, 0x7956F0882997227EL, 0x10E8665532B352F9L, 0x0E5361DFDACEFE39L,
-            0xCEC7F3049FC90161L, 0xFF62B561677F5F2EL, 0x975CCF26D22587F0L, 0x51EF0F86543BAF63L,
-            0x2F1E41EF10CBF28FL, 0x52722635BBB94A88L, 0xAE8DBAE73344F04DL, 0x410769D36688FD9AL,
-            0xB3AB94DE34BBB966L, 0x801317928DF1AA9BL, 0xA564A0F0C5113C54L, 0xF131D4BEBDB1A117L,
-            0x7F71A2F3EA8EF5B5L, 0x40878549C8F655C3L, 0x7EF14E6944F05DECL, 0xD44663DCF55137D8L,
-            0xF2ACFD0D523344FCL, 0x0000000000000000L, 0x5FBC6E598EF5515AL, 0x16CF342EF1AA8532L,
-            0xB036BD6DDB395C8DL, 0x13754FE6DD31B712L, 0xBBDFA77A2D6C9094L, 0x89E7C8AC3A582B30L,
-            0x3C6B0E09CDFA459DL, 0xC4AE0589C7E26521L, 0x49735A777F5FD468L, 0xCAFD64561D2C9B18L,
-            0xDA1502032F9FC9E1L, 0x8867243694268369L, 0x3782141E3BAF8984L, 0x9CB5D53124704BE9L,
-            0xD7DB4A6F1AD3D233L, 0xA6F989432A93D9BFL, 0x9D3539AB8A0EE3B0L, 0x53F2CAAF15C7E2D1L,
-            0x6E19283C76430F15L, 0x3DEBE2936384EDC4L, 0x5E3C82C3208BF903L, 0x33B8834CB94A13FDL,
-            0x6470DEB12E686B55L, 0x359FD1377A53C436L, 0x61CAA57902F35975L, 0x043A975282E59A79L,
-            0xFD7F70482683129CL, 0xC52EE913699CCD78L, 0x28B9FF0E7DAC8D1DL, 0x5455744E78A09D43L,
-            0xCB7D88CCB3523341L, 0x44BD121B4A13CFBAL, 0x4D49CD25FDBA4E11L, 0x3E76CB208C06082FL,
-            0x3FF627BA2278A076L, 0xC28957F204FBB2EAL, 0x453DFE81E46D67E3L, 0x94C1E6953DA7621BL,
-            0x2C83685CFF491764L, 0xF32C1197FC4DECA5L, 0x2B24D6BD922E68F6L, 0xB22B78449AC5113FL,
-            0x48F3B6EDD1217C31L, 0x2E9EAD75BEB55AD6L, 0x174FD8B45FD42D6BL, 0x4ED4E4961238ABFAL,
-            0x92E6B4EEFEBEB5D0L, 0x46A0D7320BEF8208L, 0x47203BA8A5912A51L, 0x24F75BF8E69E3E96L,
-            0xF0B1382413CF094EL, 0xFEE259FBC901F777L, 0x276A724B091CDB7DL, 0xBDF8F501EE75475FL,
-            0x599B3C224DEC8691L, 0x6D84018F99C1EAFEL, 0x7498B8E41CDB39ACL, 0xE0595E71217C5BB7L,
-            0x2AA43A273C50C0AFL, 0xF50B43EC3F543B6EL, 0x838E3E2162734F70L, 0xC09492DB4507FF58L,
-            0x72BFEA9FDFC2EE67L, 0x11688ACF9CCDFAA0L, 0x1A8190D86A9836B9L, 0x7ACBD93BC615C795L,
-            0xC7332C3A286080CAL, 0x863445E94EE87D50L, 0xF6966A5FD0D6DE85L, 0xE9AD814F96D5DA1CL,
-            0x70A22FB69E3EA3D5L, 0x0A69F68D582B6440L, 0xB8428EC9C2EE757FL, 0x604A49E3AC8DF12CL,
-            0x5B86F90B0C10CB23L, 0xE1D9B2EB8F02F3EEL, 0x29391394D3D22544L, 0xC8E0A17F5CD0D6AAL,
-            0xB58CC6A5F7A26EADL, 0x8193FB08238F02C2L, 0xD5C68F465B2F9F81L, 0xFCFF9CD288FDBAC5L,
-            0x77059157F359DC47L, 0x1D262E3907FF492BL, 0xFB582233E59AC557L, 0xDDB2BCE242F8B673L,
-            0x2577B76248E096CFL, 0x6F99C4A6D83DA74CL, 0xC1147E41EB795701L, 0xF48BAF76912A9337L
-        },
-        {
-            0x3EF29D249B2C0A19L, 0xE9E16322B6F8622FL, 0x5536994047757F7AL, 0x9F4D56D5A47B0B33L,
-            0x822567466AA1174CL, 0xB8F5057DEB082FB2L, 0xCC48C10BF4475F53L, 0x373088D4275DEC3AL,
-            0x968F4325180AED10L, 0x173D232CF7016151L, 0xAE4ED09F946FCC13L, 0xFD4B4741C4539873L,
-            0x1B5B3F0DD9933765L, 0x2FFCB0967B644052L, 0xE02376D20A89840CL, 0xA3AE3A70329B18D7L,
-            0x419CBD2335DE8526L, 0xFAFEBF115B7C3199L, 0x0397074F85AA9B0DL, 0xC58AD4FB4836B970L,
-            0xBEC60BE3FC4104A8L, 0x1EFF36DC4B708772L, 0x131FDC33ED8453B6L, 0x0844E33E341764D3L,
-            0x0FF11B6EAB38CD39L, 0x64351F0A7761B85AL, 0x3B5694F509CFBA0EL, 0x30857084B87245D0L,
-            0x47AFB3BD2297AE3CL, 0xF2BA5C2F6F6B554AL, 0x74BDC4761F4F70E1L, 0xCFDFC64471EDC45EL,
-            0xE610784C1DC0AF16L, 0x7ACA29D63C113F28L, 0x2DED411776A859AFL, 0xAC5F211E99A3D5EEL,
-            0xD484F949A87EF33BL, 0x3CE36CA596E013E4L, 0xD120F0983A9D432CL, 0x6BC40464DC597563L,
-            0x69D5F5E5D1956C9EL, 0x9AE95F043698BB24L, 0xC9ECC8DA66A4EF44L, 0xD69508C8A5B2EAC6L,
-            0xC40C2235C0503B80L, 0x38C193BA8C652103L, 0x1CEEC75D46BC9E8FL, 0xD331011937515AD1L,
-            0xD8E2E56886ECA50FL, 0xB137108D5779C991L, 0x709F3B6905CA4206L, 0x4FEB50831680CAEFL,
-            0xEC456AF3241BD238L, 0x58D673AFE181ABBEL, 0x242F54E7CAD9BF8CL, 0x0211F1810DCC19FDL,
-            0x90BC4DBB0F43C60AL, 0x9518446A9DA0761DL, 0xA1BFCBF13F57012AL, 0x2BDE4F8961E172B5L,
-            0x27B853A84F732481L, 0xB0B1E643DF1F4B61L, 0x18CC38425C39AC68L, 0xD2B7F7D7BF37D821L,
-            0x3103864A3014C720L, 0x14AA246372ABFA5CL, 0x6E600DB54EBAC574L, 0x394765740403A3F3L,
-            0x09C215F0BC71E623L, 0x2A58B947E987F045L, 0x7B4CDF18B477BDD8L, 0x9709B5EB906C6FE0L,
-            0x73083C268060D90BL, 0xFEDC400E41F9037EL, 0x284948C6E44BE9B8L, 0x728ECAE808065BFBL,
-            0x06330E9E17492B1AL, 0x5950856169E7294EL, 0xBAE4F4FCE6C4364FL, 0xCA7BCF95E30E7449L,
-            0x7D7FD186A33E96C2L, 0x52836110D85AD690L, 0x4DFAA1021B4CD312L, 0x913ABB75872544FAL,
-            0xDD46ECB9140F1518L, 0x3D659A6B1E869114L, 0xC23F2CABD719109AL, 0xD713FE062DD46836L,
-            0xD0A60656B2FBC1DCL, 0x221C5A79DD909496L, 0xEFD26DBCA1B14935L, 0x0E77EDA0235E4FC9L,
-            0xCBFD395B6B68F6B9L, 0x0DE0EAEFA6F4D4C4L, 0x0422FF1F1A8532E7L, 0xF969B85EDED6AA94L,
-            0x7F6E2007AEF28F3FL, 0x3AD0623B81A938FEL, 0x6624EE8B7AADA1A7L, 0xB682E8DDC856607BL,
-            0xA78CC56F281E2A30L, 0xC79B257A45FAA08DL, 0x5B4174E0642B30B3L, 0x5F638BFF7EAE0254L,
-            0x4BC9AF9C0C05F808L, 0xCE59308AF98B46AEL, 0x8FC58DA9CC55C388L, 0x803496C7676D0EB1L,
-            0xF33CAAE1E70DD7BAL, 0xBB6202326EA2B4BFL, 0xD5020F87201871CBL, 0x9D5CA754A9B712CEL,
-            0x841669D87DE83C56L, 0x8A6184785EB6739FL, 0x420BBA6CB0741E2BL, 0xF12D5B60EAC1CE47L,
-            0x76AC35F71283691CL, 0x2C6BB7D9FECEDB5FL, 0xFCCDB18F4C351A83L, 0x1F79C012C3160582L,
-            0xF0ABADAE62A74CB7L, 0xE1A5801C82EF06FCL, 0x67A21845F2CB2357L, 0x5114665F5DF04D9DL,
-            0xBF40FD2D74278658L, 0xA0393D3FB73183DAL, 0x05A409D192E3B017L, 0xA9FB28CF0B4065F9L,
-            0x25A9A22942BF3D7CL, 0xDB75E22703463E02L, 0xB326E10C5AB5D06CL, 0xE7968E8295A62DE6L,
-            0xB973F3B3636EAD42L, 0xDF571D3819C30CE5L, 0xEE549B7229D7CBC5L, 0x12992AFD65E2D146L,
-            0xF8EF4E9056B02864L, 0xB7041E134030E28BL, 0xC02EDD2ADAD50967L, 0x932B4AF48AE95D07L,
-            0x6FE6FB7BC6DC4784L, 0x239AACB755F61666L, 0x401A4BEDBDB807D6L, 0x485EA8D389AF6305L,
-            0xA41BC220ADB4B13DL, 0x753B32B89729F211L, 0x997E584BB3322029L, 0x1D683193CEDA1C7FL,
-            0xFF5AB6C0C99F818EL, 0x16BBD5E27F67E3A1L, 0xA59D34EE25D233CDL, 0x98F8AE853B54A2D9L,
-            0x6DF70AFACB105E79L, 0x795D2E99B9BBA425L, 0x8E437B6744334178L, 0x0186F6CE886682F0L,
-            0xEBF092A3BB347BD2L, 0xBCD7FA62F18D1D55L, 0xADD9D7D011C5571EL, 0x0BD3E471B1BDFFDEL,
-            0xAA6C2F808EEAFEF4L, 0x5EE57D31F6C880A4L, 0xF50FA47FF044FCA0L, 0x1ADDC9C351F5B595L,
-            0xEA76646D3352F922L, 0x0000000000000000L, 0x85909F16F58EBEA6L, 0x46294573AAF12CCCL,
-            0x0A5512BF39DB7D2EL, 0x78DBD85731DD26D5L, 0x29CFBE086C2D6B48L, 0x218B5D36583A0F9BL,
-            0x152CD2ADFACD78ACL, 0x83A39188E2C795BCL, 0xC3B9DA655F7F926AL, 0x9ECBA01B2C1D89C3L,
-            0x07B5F8509F2FA9EAL, 0x7EE8D6C926940DCFL, 0x36B67E1AAF3B6ECAL, 0x86079859702425ABL,
-            0xFB7849DFD31AB369L, 0x4C7C57CC932A51E2L, 0xD96413A60E8A27FFL, 0x263EA566C715A671L,
-            0x6C71FC344376DC89L, 0x4A4F595284637AF8L, 0xDAF314E98B20BCF2L, 0x572768C14AB96687L,
-            0x1088DB7C682EC8BBL, 0x887075F9537A6A62L, 0x2E7A4658F302C2A2L, 0x619116DBE582084DL,
-            0xA87DDE018326E709L, 0xDCC01A779C6997E8L, 0xEDC39C3DAC7D50C8L, 0xA60A33A1A078A8C0L,
-            0xC1A82BE452B38B97L, 0x3F746BEA134A88E9L, 0xA228CCBEBAFD9A27L, 0xABEAD94E068C7C04L,
-            0xF48952B178227E50L, 0x5CF48CB0FB049959L, 0x6017E0156DE48ABDL, 0x4438B4F2A73D3531L,
-            0x8C528AE649FF5885L, 0xB515EF924DFCFB76L, 0x0C661C212E925634L, 0xB493195CC59A7986L,
-            0x9CDA519A21D1903EL, 0x32948105B5BE5C2DL, 0x194ACE8CD45F2E98L, 0x438D4CA238129CDBL,
-            0x9B6FA9CABEFE39D4L, 0x81B26009EF0B8C41L, 0xDED1EBF691A58E15L, 0x4E6DA64D9EE6481FL,
-            0x54B06F8ECF13FD8AL, 0x49D85E1D01C9E1F5L, 0xAFC826511C094EE3L, 0xF698A33075EE67ADL,
-            0x5AC7822EEC4DB243L, 0x8DD47C28C199DA75L, 0x89F68337DB1CE892L, 0xCDCE37C57C21DDA3L,
-            0x530597DE503C5460L, 0x6A42F2AA543FF793L, 0x5D727A7E73621BA9L, 0xE232875307459DF1L,
-            0x56A19E0FC2DFE477L, 0xC61DD3B4CD9C227DL, 0xE5877F03986A341BL, 0x949EB2A415C6F4EDL,
-            0x6206119460289340L, 0x6380E75AE84E11B0L, 0x8BE772B6D6D0F16FL, 0x50929091D596CF6DL,
-            0xE86795EC3E9EE0DFL, 0x7CF927482B581432L, 0xC86A3E14EEC26DB4L, 0x7119CDA78DACC0F6L,
-            0xE40189CD100CB6EBL, 0x92ADBC3A028FDFF7L, 0xB2A017C2D2D3529CL, 0x200DABF8D05C8D6BL,
-            0x34A78F9BA2F77737L, 0xE3B4719D8F231F01L, 0x45BE423C2F5BB7C1L, 0xF71E55FEFD88E55DL,
-            0x6853032B59F3EE6EL, 0x65B3E9C4FF073AAAL, 0x772AC3399AE5EBECL, 0x87816E97F842A75BL,
-            0x110E2DB2E0484A4BL, 0x331277CB3DD8DEDDL, 0xBD510CAC79EB9FA5L, 0x352179552A91F5C7L
-        },
-        {
-            0x8AB0A96846E06A6DL, 0x43C7E80B4BF0B33AL, 0x08C9B3546B161EE5L, 0x39F1C235EBA990BEL,
-            0xC1BEF2376606C7B2L, 0x2C209233614569AAL, 0xEB01523B6FC3289AL, 0x946953AB935ACEDDL,
-            0x272838F63E13340EL, 0x8B0455ECA12BA052L, 0x77A1B2C4978FF8A2L, 0xA55122CA13E54086L,
-            0x2276135862D3F1CDL, 0xDB8DDFDE08B76CFEL, 0x5D1E12C89E4A178AL, 0x0E56816B03969867L,
-            0xEE5F79953303ED59L, 0xAFED748BAB78D71DL, 0x6D929F2DF93E53EEL, 0xF5D8A8F8BA798C2AL,
-            0xF619B1698E39CF6BL, 0x95DDAF2F749104E2L, 0xEC2A9C80E0886427L, 0xCE5C8FD8825B95EAL,
-            0xC4E0D9993AC60271L, 0x4699C3A5173076F9L, 0x3D1B151F50A29F42L, 0x9ED505EA2BC75946L,
-            0x34665ACFDC7F4B98L, 0x61B1FB53292342F7L, 0xC721C0080E864130L, 0x8693CD1696FD7B74L,
-            0x872731927136B14BL, 0xD3446C8A63A1721BL, 0x669A35E8A6680E4AL, 0xCAB658F239509A16L,
-            0xA4E5DE4EF42E8AB9L, 0x37A7435EE83F08D9L, 0x134E6239E26C7F96L, 0x82791A3C2DF67488L,
-            0x3F6EF00A8329163CL, 0x8E5A7E42FDEB6591L, 0x5CAAEE4C7981DDB5L, 0x19F234785AF1E80DL,
-            0x255DDDE3ED98BD70L, 0x50898A32A99CCCACL, 0x28CA4519DA4E6656L, 0xAE59880F4CB31D22L,
-            0x0D9798FA37D6DB26L, 0x32F968F0B4FFCD1AL, 0xA00F09644F258545L, 0xFA3AD5175E24DE72L,
-            0xF46C547C5DB24615L, 0x713E80FBFF0F7E20L, 0x7843CF2B73D2AAFAL, 0xBD17EA36AEDF62B4L,
-            0xFD111BACD16F92CFL, 0x4ABAA7DBC72D67E0L, 0xB3416B5DAD49FAD3L, 0xBCA316B24914A88BL,
-            0x15D150068AECF914L, 0xE27C1DEBE31EFC40L, 0x4FE48C759BEDA223L, 0x7EDCFD141B522C78L,
-            0x4E5070F17C26681CL, 0xE696CAC15815F3BCL, 0x35D2A64B3BB481A7L, 0x800CFF29FE7DFDF6L,
-            0x1ED9FAC3D5BAA4B0L, 0x6C2663A91EF599D1L, 0x03C1199134404341L, 0xF7AD4DED69F20554L,
-            0xCD9D9649B61BD6ABL, 0xC8C3BDE7EADB1368L, 0xD131899FB02AFB65L, 0x1D18E352E1FAE7F1L,
-            0xDA39235AEF7CA6C1L, 0xA1BBF5E0A8EE4F7AL, 0x91377805CF9A0B1EL, 0x3138716180BF8E5BL,
-            0xD9F83ACBDB3CE580L, 0x0275E515D38B897EL, 0x472D3F21F0FBBCC6L, 0x2D946EB7868EA395L,
-            0xBA3C248D21942E09L, 0xE7223645BFDE3983L, 0xFF64FEB902E41BB1L, 0xC97741630D10D957L,
-            0xC3CB1722B58D4ECCL, 0xA27AEC719CAE0C3BL, 0x99FECB51A48C15FBL, 0x1465AC826D27332BL,
-            0xE1BD047AD75EBF01L, 0x79F733AF941960C5L, 0x672EC96C41A3C475L, 0xC27FEBA6524684F3L,
-            0x64EFD0FD75E38734L, 0xED9E60040743AE18L, 0xFB8E2993B9EF144DL, 0x38453EB10C625A81L,
-            0x6978480742355C12L, 0x48CF42CE14A6EE9EL, 0x1CAC1FD606312DCEL, 0x7B82D6BA4792E9BBL,
-            0x9D141C7B1F871A07L, 0x5616B80DC11C4A2EL, 0xB849C198F21FA777L, 0x7CA91801C8D9A506L,
-            0xB1348E487EC273ADL, 0x41B20D1E987B3A44L, 0x7460AB55A3CFBBE3L, 0x84E628034576F20AL,
-            0x1B87D16D897A6173L, 0x0FE27DEFE45D5258L, 0x83CDE6B8CA3DBEB7L, 0x0C23647ED01D1119L,
-            0x7A362A3EA0592384L, 0xB61F40F3F1893F10L, 0x75D457D1440471DCL, 0x4558DA34237035B8L,
-            0xDCA6116587FC2043L, 0x8D9B67D3C9AB26D0L, 0x2B0B5C88EE0E2517L, 0x6FE77A382AB5DA90L,
-            0x269CC472D9D8FE31L, 0x63C41E46FAA8CB89L, 0xB7ABBC771642F52FL, 0x7D1DE4852F126F39L,
-            0xA8C6BA3024339BA0L, 0x600507D7CEE888C8L, 0x8FEE82C61A20AFAEL, 0x57A2448926D78011L,
-            0xFCA5E72836A458F0L, 0x072BCEBB8F4B4CBDL, 0x497BBE4AF36D24A1L, 0x3CAFE99BB769557DL,
-            0x12FA9EBD05A7B5A9L, 0xE8C04BAA5B836BDBL, 0x4273148FAC3B7905L, 0x908384812851C121L,
-            0xE557D3506C55B0FDL, 0x72FF996ACB4F3D61L, 0x3EDA0C8E64E2DC03L, 0xF0868356E6B949E9L,
-            0x04EAD72ABB0B0FFCL, 0x17A4B5135967706AL, 0xE3C8E16F04D5367FL, 0xF84F30028DAF570CL,
-            0x1846C8FCBD3A2232L, 0x5B8120F7F6CA9108L, 0xD46FA231ECEA3EA6L, 0x334D947453340725L,
-            0x58403966C28AD249L, 0xBED6F3A79A9F21F5L, 0x68CCB483A5FE962DL, 0xD085751B57E1315AL,
-            0xFED0023DE52FD18EL, 0x4B0E5B5F20E6ADDFL, 0x1A332DE96EB1AB4CL, 0xA3CE10F57B65C604L,
-            0x108F7BA8D62C3CD7L, 0xAB07A3A11073D8E1L, 0x6B0DAD1291BED56CL, 0xF2F366433532C097L,
-            0x2E557726B2CEE0D4L, 0x0000000000000000L, 0xCB02A476DE9B5029L, 0xE4E32FD48B9E7AC2L,
-            0x734B65EE2C84F75EL, 0x6E5386BCCD7E10AFL, 0x01B4FC84E7CBCA3FL, 0xCFE8735C65905FD5L,
-            0x3613BFDA0FF4C2E6L, 0x113B872C31E7F6E8L, 0x2FE18BA255052AEBL, 0xE974B72EBC48A1E4L,
-            0x0ABC5641B89D979BL, 0xB46AA5E62202B66EL, 0x44EC26B0C4BBFF87L, 0xA6903B5B27A503C7L,
-            0x7F680190FC99E647L, 0x97A84A3AA71A8D9CL, 0xDD12EDE16037EA7CL, 0xC554251DDD0DC84EL,
-            0x88C54C7D956BE313L, 0x4D91696048662B5DL, 0xB08072CC9909B992L, 0xB5DE5962C5C97C51L,
-            0x81B803AD19B637C9L, 0xB2F597D94A8230ECL, 0x0B08AAC55F565DA4L, 0xF1327FD2017283D6L,
-            0xAD98919E78F35E63L, 0x6AB9519676751F53L, 0x24E921670A53774FL, 0xB9FD3D1C15D46D48L,
-            0x92F66194FBDA485FL, 0x5A35DC7311015B37L, 0xDED3F4705477A93DL, 0xC00A0EB381CD0D8DL,
-            0xBB88D809C65FE436L, 0x16104997BEACBA55L, 0x21B70AC95693B28CL, 0x59F4C5E225411876L,
-            0xD5DB5EB50B21F499L, 0x55D7A19CF55C096FL, 0xA97246B4C3F8519FL, 0x8552D487A2BD3835L,
-            0x54635D181297C350L, 0x23C2EFDC85183BF2L, 0x9F61F96ECC0C9379L, 0x534893A39DDC8FEDL,
-            0x5EDF0B59AA0A54CBL, 0xAC2C6D1A9F38945CL, 0xD7AEBBA0D8AA7DE7L, 0x2ABFA00C09C5EF28L,
-            0xD84CC64F3CF72FBFL, 0x2003F64DB15878B3L, 0xA724C7DFC06EC9F8L, 0x069F323F68808682L,
-            0xCC296ACD51D01C94L, 0x055E2BAE5CC0C5C3L, 0x6270E2C21D6301B6L, 0x3B842720382219C0L,
-            0xD2F0900E846AB824L, 0x52FC6F277A1745D2L, 0xC6953C8CE94D8B0FL, 0xE009F8FE3095753EL,
-            0x655B2C7992284D0BL, 0x984A37D54347DFC4L, 0xEAB5AEBF8808E2A5L, 0x9A3FD2C090CC56BAL,
-            0x9CA0E0FFF84CD038L, 0x4C2595E4AFADE162L, 0xDF6708F4B3BC6302L, 0xBF620F237D54EBCAL,
-            0x93429D101C118260L, 0x097D4FD08CDDD4DAL, 0x8C2F9B572E60ECEFL, 0x708A7C7F18C4B41FL,
-            0x3A30DBA4DFE9D3FFL, 0x4006F19A7FB0F07BL, 0x5F6BF7DD4DC19EF4L, 0x1F6D064732716E8FL,
-            0xF9FBCC866A649D33L, 0x308C8DE567744464L, 0x8971B0F972A0292CL, 0xD61A47243F61B7D8L,
-            0xEFEB8511D4C82766L, 0x961CB6BE40D147A3L, 0xAAB35F25F7B812DEL, 0x76154E407044329DL,
-            0x513D76B64E570693L, 0xF3479AC7D2F90AA8L, 0x9B8B2E4477079C85L, 0x297EB99D3D85AC69L
-        },
-        {
-            0x7E37E62DFC7D40C3L, 0x776F25A4EE939E5BL, 0xE045C850DD8FB5ADL, 0x86ED5BA711FF1952L,
-            0xE91D0BD9CF616B35L, 0x37E0AB256E408FFBL, 0x9607F6C031025A7AL, 0x0B02F5E116D23C9DL,
-            0xF3D8486BFB50650CL, 0x621CFF27C40875F5L, 0x7D40CB71FA5FD34AL, 0x6DAA6616DAA29062L,
-            0x9F5F354923EC84E2L, 0xEC847C3DC507C3B3L, 0x025A3668043CE205L, 0xA8BF9E6C4DAC0B19L,
-            0xFA808BE2E9BEBB94L, 0xB5B99C5277C74FA3L, 0x78D9BC95F0397BCCL, 0xE332E50CDBAD2624L,
-            0xC74FCE129332797EL, 0x1729ECEB2EA709ABL, 0xC2D6B9F69954D1F8L, 0x5D898CBFBAB8551AL,
-            0x859A76FB17DD8ADBL, 0x1BE85886362F7FB5L, 0xF6413F8FF136CD8AL, 0xD3110FA5BBB7E35CL,
-            0x0A2FEED514CC4D11L, 0xE83010EDCD7F1AB9L, 0xA1E75DE55F42D581L, 0xEEDE4A55C13B21B6L,
-            0xF2F5535FF94E1480L, 0x0CC1B46D1888761EL, 0xBCE15FDB6529913BL, 0x2D25E8975A7181C2L,
-            0x71817F1CE2D7A554L, 0x2E52C5CB5C53124BL, 0xF9F7A6BEEF9C281DL, 0x9E722E7D21F2F56EL,
-            0xCE170D9B81DCA7E6L, 0x0E9B82051CB4941BL, 0x1E712F623C49D733L, 0x21E45CFA42F9F7DCL,
-            0xCB8E7A7F8BBA0F60L, 0x8E98831A010FB646L, 0x474CCF0D8E895B23L, 0xA99285584FB27A95L,
-            0x8CC2B57205335443L, 0x42D5B8E984EFF3A5L, 0x012D1B34021E718CL, 0x57A6626AAE74180BL,
-            0xFF19FC06E3D81312L, 0x35BA9D4D6A7C6DFEL, 0xC9D44C178F86ED65L, 0x506523E6A02E5288L,
-            0x03772D5C06229389L, 0x8B01F4FE0B691EC0L, 0xF8DABD8AED825991L, 0x4C4E3AEC985B67BEL,
-            0xB10DF0827FBF96A9L, 0x6A69279AD4F8DAE1L, 0xE78689DCD3D5FF2EL, 0x812E1A2B1FA553D1L,
-            0xFBAD90D6EBA0CA18L, 0x1AC543B234310E39L, 0x1604F7DF2CB97827L, 0xA6241C6951189F02L,
-            0x753513CCEAAF7C5EL, 0x64F2A59FC84C4EFAL, 0x247D2B1E489F5F5AL, 0xDB64D718AB474C48L,
-            0x79F4A7A1F2270A40L, 0x1573DA832A9BEBAEL, 0x3497867968621C72L, 0x514838D2A2302304L,
-            0xF0AF6537FD72F685L, 0x1D06023E3A6B44BAL, 0x678588C3CE6EDD73L, 0x66A893F7CC70ACFFL,
-            0xD4D24E29B5EDA9DFL, 0x3856321470EA6A6CL, 0x07C3418C0E5A4A83L, 0x2BCBB22F5635BACDL,
-            0x04B46CD00878D90AL, 0x06EE5AB80C443B0FL, 0x3B211F4876C8F9E5L, 0x0958C38912EEDE98L,
-            0xD14B39CDBF8B0159L, 0x397B292072F41BE0L, 0x87C0409313E168DEL, 0xAD26E98847CAA39FL,
-            0x4E140C849C6785BBL, 0xD5FF551DB7F3D853L, 0xA0CA46D15D5CA40DL, 0xCD6020C787FE346FL,
-            0x84B76DCF15C3FB57L, 0xDEFDA0FCA121E4CEL, 0x4B8D7B6096012D3DL, 0x9AC642AD298A2C64L,
-            0x0875D8BD10F0AF14L, 0xB357C6EA7B8374ACL, 0x4D6321D89A451632L, 0xEDA96709C719B23FL,
-            0xF76C24BBF328BC06L, 0xC662D526912C08F2L, 0x3CE25EC47892B366L, 0xB978283F6F4F39BDL,
-            0xC08C8F9E9D6833FDL, 0x4F3917B09E79F437L, 0x593DE06FB2C08C10L, 0xD6887841B1D14BDAL,
-            0x19B26EEE32139DB0L, 0xB494876675D93E2FL, 0x825937771987C058L, 0x90E9AC783D466175L,
-            0xF1827E03FF6C8709L, 0x945DC0A8353EB87FL, 0x4516F9658AB5B926L, 0x3F9573987EB020EFL,
-            0xB855330B6D514831L, 0x2AE6A91B542BCB41L, 0x6331E413C6160479L, 0x408F8E8180D311A0L,
-            0xEFF35161C325503AL, 0xD06622F9BD9570D5L, 0x8876D9A20D4B8D49L, 0xA5533135573A0C8BL,
-            0xE168D364DF91C421L, 0xF41B09E7F50A2F8FL, 0x12B09B0F24C1A12DL, 0xDA49CC2CA9593DC4L,
-            0x1F5C34563E57A6BFL, 0x54D14F36A8568B82L, 0xAF7CDFE043F6419AL, 0xEA6A2685C943F8BCL,
-            0xE5DCBFB4D7E91D2BL, 0xB27ADDDE799D0520L, 0x6B443CAED6E6AB6DL, 0x7BAE91C9F61BE845L,
-            0x3EB868AC7CAE5163L, 0x11C7B65322E332A4L, 0xD23C1491B9A992D0L, 0x8FB5982E0311C7CAL,
-            0x70AC6428E0C9D4D8L, 0x895BC2960F55FCC5L, 0x76423E90EC8DEFD7L, 0x6FF0507EDE9E7267L,
-            0x3DCF45F07A8CC2EAL, 0x4AA06054941F5CB1L, 0x5810FB5BB0DEFD9CL, 0x5EFEA1E3BC9AC693L,
-            0x6EDD4B4ADC8003EBL, 0x741808F8E8B10DD2L, 0x145EC1B728859A22L, 0x28BC9F7350172944L,
-            0x270A06424EBDCCD3L, 0x972AEDF4331C2BF6L, 0x059977E40A66A886L, 0x2550302A4A812ED6L,
-            0xDD8A8DA0A7037747L, 0xC515F87A970E9B7BL, 0x3023EAA9601AC578L, 0xB7E3AA3A73FBADA6L,
-            0x0FB699311EAAE597L, 0x0000000000000000L, 0x310EF19D6204B4F4L, 0x229371A644DB6455L,
-            0x0DECAF591A960792L, 0x5CA4978BB8A62496L, 0x1C2B190A38753536L, 0x41A295B582CD602CL,
-            0x3279DCC16426277DL, 0xC1A194AA9F764271L, 0x139D803B26DFD0A1L, 0xAE51C4D441E83016L,
-            0xD813FA44AD65DFC1L, 0xAC0BF2BC45D4D213L, 0x23BE6A9246C515D9L, 0x49D74D08923DCF38L,
-            0x9D05032127D066E7L, 0x2F7FDEFF5E4D63C7L, 0xA47E2A0155247D07L, 0x99B16FF12FA8BFEDL,
-            0x4661D4398C972AAFL, 0xDFD0BBC8A33F9542L, 0xDCA79694A51D06CBL, 0xB020EBB67DA1E725L,
-            0xBA0F0563696DAA34L, 0xE4F1A480D5F76CA7L, 0xC438E34E9510EAF7L, 0x939E81243B64F2FCL,
-            0x8DEFAE46072D25CFL, 0x2C08F3A3586FF04EL, 0xD7A56375B3CF3A56L, 0x20C947CE40E78650L,
-            0x43F8A3DD86F18229L, 0x568B795EAC6A6987L, 0x8003011F1DBB225DL, 0xF53612D3F7145E03L,
-            0x189F75DA300DEC3CL, 0x9570DB9C3720C9F3L, 0xBB221E576B73DBB8L, 0x72F65240E4F536DDL,
-            0x443BE25188ABC8AAL, 0xE21FFE38D9B357A8L, 0xFD43CA6EE7E4F117L, 0xCAA3614B89A47EECL,
-            0xFE34E732E1C6629EL, 0x83742C431B99B1D4L, 0xCF3A16AF83C2D66AL, 0xAAE5A8044990E91CL,
-            0x26271D764CA3BD5FL, 0x91C4B74C3F5810F9L, 0x7C6DD045F841A2C6L, 0x7F1AFD19FE63314FL,
-            0xC8F957238D989CE9L, 0xA709075D5306EE8EL, 0x55FC5402AA48FA0EL, 0x48FA563C9023BEB4L,
-            0x65DFBEABCA523F76L, 0x6C877D22D8BCE1EEL, 0xCC4D3BF385E045E3L, 0xBEBB69B36115733EL,
-            0x10EAAD6720FD4328L, 0xB6CEB10E71E5DC2AL, 0xBDCC44EF6737E0B7L, 0x523F158EA412B08DL,
-            0x989C74C52DB6CE61L, 0x9BEB59992B945DE8L, 0x8A2CEFCA09776F4CL, 0xA3BD6B8D5B7E3784L,
-            0xEB473DB1CB5D8930L, 0xC3FBA2C29B4AA074L, 0x9C28181525CE176BL, 0x683311F2D0C438E4L,
-            0x5FD3BAD7BE84B71FL, 0xFC6ED15AE5FA809BL, 0x36CDB0116C5EFE77L, 0x29918447520958C8L,
-            0xA29070B959604608L, 0x53120EBAA60CC101L, 0x3A0C047C74D68869L, 0x691E0AC6D2DA4968L,
-            0x73DB4974E6EB4751L, 0x7A838AFDF40599C9L, 0x5A4ACD33B4E21F99L, 0x6046C94FC03497F0L,
-            0xE6AB92E8D1CB8EA2L, 0x3354C7F5663856F1L, 0xD93EE170AF7BAE4DL, 0x616BD27BC22AE67CL,
-            0x92B39A10397A8370L, 0xABC8B3304B8E9890L, 0xBF967287630B02B2L, 0x5B67D607B6FC6E15L
-        },
-        {
-            0xD031C397CE553FE6L, 0x16BA5B01B006B525L, 0xA89BADE6296E70C8L, 0x6A1F525D77D3435BL,
-            0x6E103570573DFA0BL, 0x660EFB2A17FC95ABL, 0x76327A9E97634BF6L, 0x4BAD9D6462458BF5L,
-            0xF1830CAEDBC3F748L, 0xC5C8F542669131FFL, 0x95044A1CDC48B0CBL, 0x892962DF3CF8B866L,
-            0xB0B9E208E930C135L, 0xA14FB3F0611A767CL, 0x8D2605F21C160136L, 0xD6B71922FECC549EL,
-            0x37089438A5907D8BL, 0x0B5DA38E5803D49CL, 0x5A5BCC9CEA6F3CBCL, 0xEDAE246D3B73FFE5L,
-            0xD2B87E0FDE22EDCEL, 0x5E54ABB1CA8185ECL, 0x1DE7F88FE80561B9L, 0xAD5E1A870135A08CL,
-            0x2F2ADBD665CECC76L, 0x5780B5A782F58358L, 0x3EDC8A2EEDE47B3FL, 0xC9D95C3506BEE70FL,
-            0x83BE111D6C4E05EEL, 0xA603B90959367410L, 0x103C81B4809FDE5DL, 0x2C69B6027D0C774AL,
-            0x399080D7D5C87953L, 0x09D41E16487406B4L, 0xCDD63B1826505E5FL, 0xF99DC2F49B0298E8L,
-            0x9CD0540A943CB67FL, 0xBCA84B7F891F17C5L, 0x723D1DB3B78DF2A6L, 0x78AA6E71E73B4F2EL,
-            0x1433E699A071670DL, 0x84F21BE454620782L, 0x98DF3327B4D20F2FL, 0xF049DCE2D3769E5CL,
-            0xDB6C60199656EB7AL, 0x648746B2078B4783L, 0x32CD23598DCBADCFL, 0x1EA4955BF0C7DA85L,
-            0xE9A143401B9D46B5L, 0xFD92A5D9BBEC21B8L, 0xC8138C790E0B8E1BL, 0x2EE00B9A6D7BA562L,
-            0xF85712B893B7F1FCL, 0xEB28FED80BEA949DL, 0x564A65EB8A40EA4CL, 0x6C9988E8474A2823L,
-            0x4535898B121D8F2DL, 0xABD8C03231ACCBF4L, 0xBA2E91CAB9867CBDL, 0x7960BE3DEF8E263AL,
-            0x0C11A977602FD6F0L, 0xCB50E1AD16C93527L, 0xEAE22E94035FFD89L, 0x2866D12F5DE2CE1AL,
-            0xFF1B1841AB9BF390L, 0x9F9339DE8CFE0D43L, 0x964727C8C48A0BF7L, 0x524502C6AAAE531CL,
-            0x9B9C5EF3AC10B413L, 0x4FA2FA4942AB32A5L, 0x3F165A62E551122BL, 0xC74148DA76E6E3D7L,
-            0x924840E5E464B2A7L, 0xD372AE43D69784DAL, 0x233B72A105E11A86L, 0xA48A04914941A638L,
-            0xB4B68525C9DE7865L, 0xDDEABAACA6CF8002L, 0x0A9773C250B6BD88L, 0xC284FFBB5EBD3393L,
-            0x8BA0DF472C8F6A4EL, 0x2AEF6CB74D951C32L, 0x427983722A318D41L, 0x73F7CDFFBF389BB2L,
-            0x074C0AF9382C026CL, 0x8A6A0F0B243A035AL, 0x6FDAE53C5F88931FL, 0xC68B98967E538AC3L,
-            0x44FF59C71AA8E639L, 0xE2FCE0CE439E9229L, 0xA20CDE2479D8CD40L, 0x19E89FA2C8EBD8E9L,
-            0xF446BBCFF398270CL, 0x43B3533E2284E455L, 0xD82F0DCD8E945046L, 0x51066F12B26CE820L,
-            0xE73957AF6BC5426DL, 0x081ECE5A40C16FA0L, 0x3B193D4FC5BFAB7BL, 0x7FE66488DF174D42L,
-            0x0E9814EF705804D8L, 0x8137AC857C39D7C6L, 0xB1733244E185A821L, 0x695C3F896F11F867L,
-            0xF6CF0657E3EFF524L, 0x1AABF276D02963D5L, 0x2DA3664E75B91E5EL, 0x0289BD981077D228L,
-            0x90C1FD7DF413608FL, 0x3C5537B6FD93A917L, 0xAA12107E3919A2E0L, 0x0686DAB530996B78L,
-            0xDAA6B0559EE3826EL, 0xC34E2FF756085A87L, 0x6D5358A44FFF4137L, 0xFC587595B35948ACL,
-            0x7CA5095CC7D5F67EL, 0xFB147F6C8B754AC0L, 0xBFEB26AB91DDACF9L, 0x6896EFC567A49173L,
-            0xCA9A31E11E7C5C33L, 0xBBE44186B13315A9L, 0x0DDB793B689ABFE4L, 0x70B4A02BA7FA208EL,
-            0xE47A3A7B7307F951L, 0x8CECD5BE14A36822L, 0xEEED49B923B144D9L, 0x17708B4DB8B3DC31L,
-            0x6088219F2765FED3L, 0xB3FA8FDCF1F27A09L, 0x910B2D31FCA6099BL, 0x0F52C4A378ED6DCCL,
-            0x50CCBF5EBAD98134L, 0x6BD582117F662A4FL, 0x94CE9A50D4FDD9DFL, 0x2B25BCFB45207526L,
-            0x67C42B661F49FCBFL, 0x492420FC723259DDL, 0x03436DD418C2BB3CL, 0x1F6E4517F872B391L,
-            0xA08563BC69AF1F68L, 0xD43EA4BAEEBB86B6L, 0x01CAD04C08B56914L, 0xAC94CACB0980C998L,
-            0x54C3D8739A373864L, 0x26FEC5C02DBACAC2L, 0xDEA9D778BE0D3B3EL, 0x040F672D20EEB950L,
-            0xE5B0EA377BB29045L, 0xF30AB136CBB42560L, 0x62019C0737122CFBL, 0xE86B930C13282FA1L,
-            0xCC1CEB542EE5374BL, 0x538FD28AA21B3A08L, 0x1B61223AD89C0AC1L, 0x36C24474AD25149FL,
-            0x7A23D3E9F74C9D06L, 0xBE21F6E79968C5EDL, 0xCF5F868036278C77L, 0xF705D61BEB5A9C30L,
-            0x4D2B47D152DCE08DL, 0x5F9E7BFDC234ECF8L, 0x247778583DCD18EAL, 0x867BA67C4415D5AAL,
-            0x4CE1979D5A698999L, 0x0000000000000000L, 0xEC64F42133C696F1L, 0xB57C5569C16B1171L,
-            0xC1C7926F467F88AFL, 0x654D96FE0F3E2E97L, 0x15F936D5A8C40E19L, 0xB8A72C52A9F1AE95L,
-            0xA9517DAA21DB19DCL, 0x58D27104FA18EE94L, 0x5918A148F2AD8780L, 0x5CDD1629DAF657C4L,
-            0x8274C15164FB6CFAL, 0xD1FB13DBC6E056F2L, 0x7D6FD910CF609F6AL, 0xB63F38BDD9A9AA4DL,
-            0x3D9FE7FAF526C003L, 0x74BBC706871499DEL, 0xDF630734B6B8522AL, 0x3AD3ED03CD0AC26FL,
-            0xFADEAF2083C023D4L, 0xC00D42234ECAE1BBL, 0x8538CBA85CD76E96L, 0xC402250E6E2458EBL,
-            0x47BC3413026A5D05L, 0xAFD7A71F114272A4L, 0x978DF784CC3F62E3L, 0xB96DFC1EA144C781L,
-            0x21B2CF391596C8AEL, 0x318E4E8D950916F3L, 0xCE9556CC3E92E563L, 0x385A509BDD7D1047L,
-            0x358129A0B5E7AFA3L, 0xE6F387E363702B79L, 0xE0755D5653E94001L, 0x7BE903A5FFF9F412L,
-            0x12B53C2C90E80C75L, 0x3307F315857EC4DBL, 0x8FAFB86A0C61D31EL, 0xD9E5DD8186213952L,
-            0x77F8AAD29FD622E2L, 0x25BDA814357871FEL, 0x7571174A8FA1F0CAL, 0x137FEC60985D6561L,
-            0x30449EC19DBC7FE7L, 0xA540D4DD41F4CF2CL, 0xDC206AE0AE7AE916L, 0x5B911CD0E2DA55A8L,
-            0xB2305F90F947131DL, 0x344BF9ECBD52C6B7L, 0x5D17C665D2433ED0L, 0x18224FEEC05EB1FDL,
-            0x9E59E992844B6457L, 0x9A568EBFA4A5DD07L, 0xA3C60E68716DA454L, 0x7E2CB4C4D7A22456L,
-            0x87B176304CA0BCBEL, 0x413AEEA632F3367DL, 0x9915E36BBC67663BL, 0x40F03EEA3A465F69L,
-            0x1C2D28C3E0B008ADL, 0x4E682A054A1E5BB1L, 0x05C5B761285BD044L, 0xE1BF8D1A5B5C2915L,
-            0xF2C0617AC3014C74L, 0xB7F5E8F1D11CC359L, 0x63CB4C4B3FA745EFL, 0x9D1A84469C89DF6BL,
-            0xE33630824B2BFB3DL, 0xD5F474F6E60EEFA2L, 0xF58C6B83FB2D4E18L, 0x4676E45F0ADF3411L,
-            0x20781F751D23A1BAL, 0xBD629B3381AA7ED1L, 0xAE1D775319F71BB0L, 0xFED1C80DA32E9A84L,
-            0x5509083F92825170L, 0x29AC01635557A70EL, 0xA7C9694551831D04L, 0x8E65682604D4BA0AL,
-            0x11F651F8882AB749L, 0xD77DC96EF6793D8AL, 0xEF2799F52B042DCDL, 0x48EEF0B07A8730C9L,
-            0x22F1A2ED0D547392L, 0x6142F1D32FD097C7L, 0x4A674D286AF0E2E1L, 0x80FD7CC9748CBED2L,
-            0x717E7067AF4F499AL, 0x938290A9ECD1DBB3L, 0x88E3B293344DD172L, 0x2734158C250FA3D6L
-        }
-    };
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/GOST3411_2012_256Digest.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/GOST3411_2012_256Digest.java
deleted file mode 100644
index 2a9a32b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/digests/GOST3411_2012_256Digest.java
+++ /dev/null

@@ -1,57 +0,0 @@
-package org.bouncycastle.crypto.digests;
-
-import org.bouncycastle.util.Memoable;
-
-/**
- * implementation of GOST R 34.11-2012 256-bit
- */
-public final class GOST3411_2012_256Digest
-    extends GOST3411_2012Digest
-{
-    private final static byte[] IV = {
-        0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
-        0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
-        0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
-        0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
-        0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
-        0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
-        0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01,
-        0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01, 0x01
-    };
-
-    public GOST3411_2012_256Digest()
-    {
-        super(IV);
-    }
-
-    public GOST3411_2012_256Digest(GOST3411_2012_256Digest other)
-    {
-        super(IV);
-        reset(other);
-    }
-
-    public String getAlgorithmName()
-    {
-        return "GOST3411-2012-256";
-    }
-
-    public int getDigestSize()
-    {
-        return 32;
-    }
-
-    public int doFinal(byte[] out, int outOff)
-    {
-        byte[] result = new byte[64];
-        super.doFinal(result, 0);
-
-        System.arraycopy(result, 32, out, outOff, 32);
-
-        return 32;
-    }
-
-    public Memoable copy()
-    {
-        return new GOST3411_2012_256Digest(this);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/GOST3411_2012_512Digest.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/GOST3411_2012_512Digest.java
deleted file mode 100644
index 56ccc0f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/digests/GOST3411_2012_512Digest.java
+++ /dev/null

@@ -1,47 +0,0 @@
-package org.bouncycastle.crypto.digests;
-
-import org.bouncycastle.util.Memoable;
-
-/**
- * implementation of GOST R 34.11-2012 512-bit
- */
-public class GOST3411_2012_512Digest
-    extends GOST3411_2012Digest
-{
-    private final static byte[] IV = {
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00,
-        0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x00
-    };
-
-    public GOST3411_2012_512Digest()
-    {
-        super(IV);
-    }
-
-    public GOST3411_2012_512Digest(GOST3411_2012_512Digest other)
-    {
-        super(IV);
-        reset(other);
-    }
-
-    public String getAlgorithmName()
-    {
-        return "GOST3411-2012-512";
-    }
-
-    public int getDigestSize()
-    {
-        return 64;
-    }
-
-    public Memoable copy()
-    {
-        return new GOST3411_2012_512Digest(this);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/KeccakDigest.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/KeccakDigest.java
deleted file mode 100644
index e14c5c4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/digests/KeccakDigest.java
+++ /dev/null

@@ -1,399 +0,0 @@
-package org.bouncycastle.crypto.digests;
-
-import org.bouncycastle.crypto.ExtendedDigest;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Pack;
-
-/**
- * implementation of Keccak based on following KeccakNISTInterface.c from http://keccak.noekeon.org/
- * <p>
- * Following the naming conventions used in the C source code to enable easy review of the implementation.
- */
-public class KeccakDigest
-    implements ExtendedDigest
-{
-    private static long[] KeccakRoundConstants = new long[]{ 0x0000000000000001L, 0x0000000000008082L,
-        0x800000000000808aL, 0x8000000080008000L, 0x000000000000808bL, 0x0000000080000001L, 0x8000000080008081L,
-        0x8000000000008009L, 0x000000000000008aL, 0x0000000000000088L, 0x0000000080008009L, 0x000000008000000aL,
-        0x000000008000808bL, 0x800000000000008bL, 0x8000000000008089L, 0x8000000000008003L, 0x8000000000008002L,
-        0x8000000000000080L, 0x000000000000800aL, 0x800000008000000aL, 0x8000000080008081L, 0x8000000000008080L,
-        0x0000000080000001L, 0x8000000080008008L };
-
-    protected long[] state = new long[25];
-    protected byte[] dataQueue = new byte[192];
-    protected int rate;
-    protected int bitsInQueue;
-    protected int fixedOutputLength;
-    protected boolean squeezing;
-
-    public KeccakDigest()
-    {
-        this(288);
-    }
-
-    public KeccakDigest(int bitLength)
-    {
-        init(bitLength);
-    }
-
-    public KeccakDigest(KeccakDigest source)
-    {
-        System.arraycopy(source.state, 0, this.state, 0, source.state.length);
-        System.arraycopy(source.dataQueue, 0, this.dataQueue, 0, source.dataQueue.length);
-        this.rate = source.rate;
-        this.bitsInQueue = source.bitsInQueue;
-        this.fixedOutputLength = source.fixedOutputLength;
-        this.squeezing = source.squeezing;
-    }
-
-    public String getAlgorithmName()
-    {
-        return "Keccak-" + fixedOutputLength;
-    }
-
-    public int getDigestSize()
-    {
-        return fixedOutputLength / 8;
-    }
-
-    public void update(byte in)
-    {
-        absorb(new byte[]{ in }, 0, 1);
-    }
-
-    public void update(byte[] in, int inOff, int len)
-    {
-        absorb(in, inOff, len);
-    }
-
-    public int doFinal(byte[] out, int outOff)
-    {
-        squeeze(out, outOff, fixedOutputLength);
-
-        reset();
-
-        return getDigestSize();
-    }
-
-    /*
-     * TODO Possible API change to support partial-byte suffixes.
-     */
-    protected int doFinal(byte[] out, int outOff, byte partialByte, int partialBits)
-    {
-        if (partialBits > 0)
-        {
-            absorbBits(partialByte, partialBits);
-        }
-
-        squeeze(out, outOff, fixedOutputLength);
-
-        reset();
-
-        return getDigestSize();
-    }
-
-    public void reset()
-    {
-        init(fixedOutputLength);
-    }
-
-    /**
-     * Return the size of block that the compression function is applied to in bytes.
-     *
-     * @return internal byte length of a block.
-     */
-    public int getByteLength()
-    {
-        return rate / 8;
-    }
-
-    private void init(int bitLength)
-    {
-        switch (bitLength)
-        {
-        case 128:
-        case 224:
-        case 256:
-        case 288:
-        case 384:
-        case 512:
-            initSponge(1600 - (bitLength << 1));
-            break;
-        default:
-            throw new IllegalArgumentException("bitLength must be one of 128, 224, 256, 288, 384, or 512.");
-        }
-    }
-
-    private void initSponge(int rate)
-    {
-        if ((rate <= 0) || (rate >= 1600) || ((rate % 64) != 0))
-        {
-            throw new IllegalStateException("invalid rate value");
-        }
-
-        this.rate = rate;
-        for (int i = 0; i < state.length; ++i)
-        {
-            state[i] = 0L;
-        }
-        Arrays.fill(this.dataQueue, (byte)0);
-        this.bitsInQueue = 0;
-        this.squeezing = false;
-        this.fixedOutputLength = (1600 - rate) / 2;
-    }
-
-    protected void absorb(byte[] data, int off, int len)
-    {
-        if ((bitsInQueue % 8) != 0)
-        {
-            throw new IllegalStateException("attempt to absorb with odd length queue");
-        }
-        if (squeezing)
-        {
-            throw new IllegalStateException("attempt to absorb while squeezing");
-        }
-
-        int bytesInQueue = bitsInQueue >> 3;
-        int rateBytes = rate >> 3;
-
-        int count = 0;
-        while (count < len)
-        {
-            if (bytesInQueue == 0 && count <= (len - rateBytes))
-            {
-                do
-                {
-                    KeccakAbsorb(data, off + count);
-                    count += rateBytes;
-                }
-                while (count <= (len - rateBytes));
-            }
-            else
-            {
-                int partialBlock = Math.min(rateBytes - bytesInQueue, len - count);
-                System.arraycopy(data, off + count, dataQueue, bytesInQueue, partialBlock);
-
-                bytesInQueue += partialBlock;
-                count += partialBlock;
-
-                if (bytesInQueue == rateBytes)
-                {
-                    KeccakAbsorb(dataQueue, 0);
-                    bytesInQueue = 0;
-                }
-            }
-        }
-
-        bitsInQueue = bytesInQueue << 3;
-    }
-
-    protected void absorbBits(int data, int bits)
-    {
-        if (bits < 1 || bits > 7)
-        {
-            throw new IllegalArgumentException("'bits' must be in the range 1 to 7");
-        }
-        if ((bitsInQueue % 8) != 0)
-        {
-            throw new IllegalStateException("attempt to absorb with odd length queue");
-        }
-        if (squeezing)
-        {
-            throw new IllegalStateException("attempt to absorb while squeezing");
-        }
-
-        int mask = (1 << bits) - 1;
-        dataQueue[bitsInQueue >> 3] = (byte)(data & mask);
-
-        // NOTE: After this, bitsInQueue is no longer a multiple of 8, so no more absorbs will work
-        bitsInQueue += bits;
-    }
-
-    private void padAndSwitchToSqueezingPhase()
-    {
-        dataQueue[bitsInQueue >> 3] |= (byte)(1L << (bitsInQueue & 7));
-
-        if (++bitsInQueue == rate)
-        {
-            KeccakAbsorb(dataQueue, 0);
-            bitsInQueue = 0;
-        }
-
-        {
-            int full = bitsInQueue >> 6, partial = bitsInQueue & 63;
-            int off = 0;
-            for (int i = 0; i < full; ++i)
-            {
-                state[i] ^= Pack.littleEndianToLong(dataQueue, off);
-                off += 8;
-            }
-            if (partial > 0)
-            {
-                long mask = (1L << partial) - 1L;
-                state[full] ^= Pack.littleEndianToLong(dataQueue, off) & mask;
-            }
-            state[(rate - 1) >> 6] ^= (1L << 63);
-        }
-
-        KeccakPermutation();
-
-        KeccakExtract();
-        bitsInQueue = rate;
-
-        squeezing = true;
-    }
-
-    protected void squeeze(byte[] output, int offset, long outputLength)
-    {
-        if (!squeezing)
-        {
-            padAndSwitchToSqueezingPhase();
-        }
-        if ((outputLength % 8) != 0)
-        {
-            throw new IllegalStateException("outputLength not a multiple of 8");
-        }
-
-        long i = 0;
-        while (i < outputLength)
-        {
-            if (bitsInQueue == 0)
-            {
-                KeccakPermutation();
-                KeccakExtract();
-                bitsInQueue = rate;
-            }
-            int partialBlock = (int)Math.min((long)bitsInQueue, outputLength - i);
-            System.arraycopy(dataQueue, (rate - bitsInQueue) / 8, output, offset + (int)(i / 8), partialBlock / 8);
-            bitsInQueue -= partialBlock;
-            i += partialBlock;
-        }
-    }
-
-    private void KeccakAbsorb(byte[] data, int off)
-    {
-        int count = rate >> 6;
-        for (int i = 0; i < count; ++i)
-        {
-            state[i] ^= Pack.littleEndianToLong(data, off);
-            off += 8;
-        }
-
-        KeccakPermutation();
-    }
-
-    private void KeccakExtract()
-    {
-        Pack.longToLittleEndian(state, 0, rate >> 6, dataQueue, 0);
-    }
-
-    private void KeccakPermutation()
-    {
-        long[] A = state;
-
-        long a00 = A[ 0], a01 = A[ 1], a02 = A[ 2], a03 = A[ 3], a04 = A[ 4];
-        long a05 = A[ 5], a06 = A[ 6], a07 = A[ 7], a08 = A[ 8], a09 = A[ 9];
-        long a10 = A[10], a11 = A[11], a12 = A[12], a13 = A[13], a14 = A[14];
-        long a15 = A[15], a16 = A[16], a17 = A[17], a18 = A[18], a19 = A[19];
-        long a20 = A[20], a21 = A[21], a22 = A[22], a23 = A[23], a24 = A[24];
-
-        for (int i = 0; i < 24; i++)
-        {
-            // theta
-            long c0 = a00 ^ a05 ^ a10 ^ a15 ^ a20;
-            long c1 = a01 ^ a06 ^ a11 ^ a16 ^ a21;
-            long c2 = a02 ^ a07 ^ a12 ^ a17 ^ a22;
-            long c3 = a03 ^ a08 ^ a13 ^ a18 ^ a23;
-            long c4 = a04 ^ a09 ^ a14 ^ a19 ^ a24;
-
-            long d1 = (c1 << 1 | c1 >>> -1) ^ c4;
-            long d2 = (c2 << 1 | c2 >>> -1) ^ c0;
-            long d3 = (c3 << 1 | c3 >>> -1) ^ c1;
-            long d4 = (c4 << 1 | c4 >>> -1) ^ c2;
-            long d0 = (c0 << 1 | c0 >>> -1) ^ c3;
-
-            a00 ^= d1; a05 ^= d1; a10 ^= d1; a15 ^= d1; a20 ^= d1;
-            a01 ^= d2; a06 ^= d2; a11 ^= d2; a16 ^= d2; a21 ^= d2;
-            a02 ^= d3; a07 ^= d3; a12 ^= d3; a17 ^= d3; a22 ^= d3;
-            a03 ^= d4; a08 ^= d4; a13 ^= d4; a18 ^= d4; a23 ^= d4;
-            a04 ^= d0; a09 ^= d0; a14 ^= d0; a19 ^= d0; a24 ^= d0;
-
-            // rho/pi
-            c1  = a01 <<  1 | a01 >>> 63;
-            a01 = a06 << 44 | a06 >>> 20;
-            a06 = a09 << 20 | a09 >>> 44;
-            a09 = a22 << 61 | a22 >>>  3;
-            a22 = a14 << 39 | a14 >>> 25;
-            a14 = a20 << 18 | a20 >>> 46;
-            a20 = a02 << 62 | a02 >>>  2;
-            a02 = a12 << 43 | a12 >>> 21;
-            a12 = a13 << 25 | a13 >>> 39;
-            a13 = a19 <<  8 | a19 >>> 56;
-            a19 = a23 << 56 | a23 >>>  8;
-            a23 = a15 << 41 | a15 >>> 23;
-            a15 = a04 << 27 | a04 >>> 37;
-            a04 = a24 << 14 | a24 >>> 50;
-            a24 = a21 <<  2 | a21 >>> 62;
-            a21 = a08 << 55 | a08 >>>  9;
-            a08 = a16 << 45 | a16 >>> 19;
-            a16 = a05 << 36 | a05 >>> 28;
-            a05 = a03 << 28 | a03 >>> 36;
-            a03 = a18 << 21 | a18 >>> 43;
-            a18 = a17 << 15 | a17 >>> 49;
-            a17 = a11 << 10 | a11 >>> 54;
-            a11 = a07 <<  6 | a07 >>> 58;
-            a07 = a10 <<  3 | a10 >>> 61;
-            a10 = c1;
-
-            // chi
-            c0 = a00 ^ (~a01 & a02);
-            c1 = a01 ^ (~a02 & a03);
-            a02 ^= ~a03 & a04;
-            a03 ^= ~a04 & a00;
-            a04 ^= ~a00 & a01;
-            a00 = c0;
-            a01 = c1;
-
-            c0 = a05 ^ (~a06 & a07);
-            c1 = a06 ^ (~a07 & a08);
-            a07 ^= ~a08 & a09;
-            a08 ^= ~a09 & a05;
-            a09 ^= ~a05 & a06;
-            a05 = c0;
-            a06 = c1;
-
-            c0 = a10 ^ (~a11 & a12);
-            c1 = a11 ^ (~a12 & a13);
-            a12 ^= ~a13 & a14;
-            a13 ^= ~a14 & a10;
-            a14 ^= ~a10 & a11;
-            a10 = c0;
-            a11 = c1;
-
-            c0 = a15 ^ (~a16 & a17);
-            c1 = a16 ^ (~a17 & a18);
-            a17 ^= ~a18 & a19;
-            a18 ^= ~a19 & a15;
-            a19 ^= ~a15 & a16;
-            a15 = c0;
-            a16 = c1;
-
-            c0 = a20 ^ (~a21 & a22);
-            c1 = a21 ^ (~a22 & a23);
-            a22 ^= ~a23 & a24;
-            a23 ^= ~a24 & a20;
-            a24 ^= ~a20 & a21;
-            a20 = c0;
-            a21 = c1;
-
-            // iota
-            a00 ^= KeccakRoundConstants[i];
-        }
-        
-        A[ 0] = a00; A[ 1] = a01; A[ 2] = a02; A[ 3] = a03; A[ 4] = a04;
-        A[ 5] = a05; A[ 6] = a06; A[ 7] = a07; A[ 8] = a08; A[ 9] = a09;
-        A[10] = a10; A[11] = a11; A[12] = a12; A[13] = a13; A[14] = a14;
-        A[15] = a15; A[16] = a16; A[17] = a17; A[18] = a18; A[19] = a19;
-        A[20] = a20; A[21] = a21; A[22] = a22; A[23] = a23; A[24] = a24;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/MD2Digest.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/MD2Digest.java
deleted file mode 100644
index f96b4a1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/digests/MD2Digest.java
+++ /dev/null

@@ -1,258 +0,0 @@
-package org.bouncycastle.crypto.digests;
-
-import org.bouncycastle.crypto.*;
-import org.bouncycastle.util.Memoable;
-
-/**
- * implementation of MD2
- * as outlined in RFC1319 by B.Kaliski from RSA Laboratories April 1992
- */
-public class MD2Digest
-    implements ExtendedDigest, Memoable
-{
-    private static final int DIGEST_LENGTH = 16;
-
-    /* X buffer */
-    private byte[]   X = new byte[48];
-    private int     xOff;
-    /* M buffer */
-    private byte[]   M = new byte[16];
-    private int     mOff;
-    /* check sum */
-    private byte[]   C = new byte[16];
-    private int COff;
-
-    public MD2Digest()
-    {
-        reset();
-    }
-
-    public MD2Digest(MD2Digest t)
-    {
-        copyIn(t);
-    }
-
-    private void copyIn(MD2Digest t)
-    {
-        System.arraycopy(t.X, 0, X, 0, t.X.length);
-        xOff = t.xOff;
-        System.arraycopy(t.M, 0, M, 0, t.M.length);
-        mOff = t.mOff;
-        System.arraycopy(t.C, 0, C, 0, t.C.length);
-        COff = t.COff;
-    }
-
-    /**
-     * return the algorithm name
-     *
-     * @return the algorithm name
-     */
-    public String getAlgorithmName()
-    {
-        return "MD2";
-    }
-    /**
-     * return the size, in bytes, of the digest produced by this message digest.
-     *
-     * @return the size, in bytes, of the digest produced by this message digest.
-     */
-    public int getDigestSize()
-    {
-        return DIGEST_LENGTH;
-    }
-    /**
-     * close the digest, producing the final digest value. The doFinal
-     * call leaves the digest reset.
-     *
-     * @param out the array the digest is to be copied into.
-     * @param outOff the offset into the out array the digest is to start at.
-     */
-    public int doFinal(byte[] out, int outOff)
-    {
-        // add padding
-        byte paddingByte = (byte)(M.length-mOff);
-        for (int i=mOff;i<M.length;i++)
-        {
-            M[i] = paddingByte;
-        }
-        //do final check sum
-        processCheckSum(M);
-        // do final block process
-        processBlock(M);
-
-        processBlock(C);
-
-        System.arraycopy(X,xOff,out,outOff,16);
-
-        reset();
-
-        return DIGEST_LENGTH;
-    }
-    /**
-     * reset the digest back to it's initial state.
-     */
-    public void reset()
-    {
-        xOff = 0;
-        for (int i = 0; i != X.length; i++)
-        {
-            X[i] = 0;
-        }
-        mOff = 0;
-        for (int i = 0; i != M.length; i++)
-        {
-            M[i] = 0;
-        }
-        COff = 0;
-        for (int i = 0; i != C.length; i++)
-        {
-            C[i] = 0;
-        }
-    }
-    /**
-     * update the message digest with a single byte.
-     *
-     * @param in the input byte to be entered.
-     */
-    public void update(byte in)
-    {
-        M[mOff++] = in;
-
-        if (mOff == 16)
-        {
-            processCheckSum(M);
-            processBlock(M);
-            mOff = 0;
-        }
-    }
-
-    /**
-     * update the message digest with a block of bytes.
-     *
-     * @param in the byte array containing the data.
-     * @param inOff the offset into the byte array where the data starts.
-     * @param len the length of the data.
-     */
-    public void update(byte[] in, int inOff, int len)
-    {
-        //
-        // fill the current word
-        //
-        while ((mOff != 0) && (len > 0))
-        {
-            update(in[inOff]);
-            inOff++;
-            len--;
-        }
-
-        //
-        // process whole words.
-        //
-        while (len > 16)
-        {
-            System.arraycopy(in,inOff,M,0,16);
-            processCheckSum(M);
-            processBlock(M);
-            len -= 16;
-            inOff += 16;
-        }
-
-        //
-        // load in the remainder.
-        //
-        while (len > 0)
-        {
-            update(in[inOff]);
-            inOff++;
-            len--;
-        }
-    }
-    protected void processCheckSum(byte[] m)
-    {
-        int L = C[15];
-        for (int i=0;i<16;i++)
-        {
-            C[i] ^= S[(m[i] ^ L) & 0xff];
-            L = C[i];
-        }
-    }
-    protected void processBlock(byte[] m)
-    {
-        for (int i=0;i<16;i++)
-        {
-            X[i+16] = m[i];
-            X[i+32] = (byte)(m[i] ^ X[i]);
-        }
-        // encrypt block
-        int t = 0;
-
-        for (int j=0;j<18;j++)
-        {
-            for (int k=0;k<48;k++)
-            {
-                t = X[k] ^= S[t];
-                t = t & 0xff;
-            }
-            t = (t + j)%256;
-        }
-     }
-     // 256-byte random permutation constructed from the digits of PI
-    private static final byte[] S = {
-      (byte)41,(byte)46,(byte)67,(byte)201,(byte)162,(byte)216,(byte)124,
-      (byte)1,(byte)61,(byte)54,(byte)84,(byte)161,(byte)236,(byte)240,
-      (byte)6,(byte)19,(byte)98,(byte)167,(byte)5,(byte)243,(byte)192,
-      (byte)199,(byte)115,(byte)140,(byte)152,(byte)147,(byte)43,(byte)217,
-      (byte)188,(byte)76,(byte)130,(byte)202,(byte)30,(byte)155,(byte)87,
-      (byte)60,(byte)253,(byte)212,(byte)224,(byte)22,(byte)103,(byte)66,
-      (byte)111,(byte)24,(byte)138,(byte)23,(byte)229,(byte)18,(byte)190,
-      (byte)78,(byte)196,(byte)214,(byte)218,(byte)158,(byte)222,(byte)73,
-      (byte)160,(byte)251,(byte)245,(byte)142,(byte)187,(byte)47,(byte)238,
-      (byte)122,(byte)169,(byte)104,(byte)121,(byte)145,(byte)21,(byte)178,
-      (byte)7,(byte)63,(byte)148,(byte)194,(byte)16,(byte)137,(byte)11,
-      (byte)34,(byte)95,(byte)33,(byte)128,(byte)127,(byte)93,(byte)154,
-      (byte)90,(byte)144,(byte)50,(byte)39,(byte)53,(byte)62,(byte)204,
-      (byte)231,(byte)191,(byte)247,(byte)151,(byte)3,(byte)255,(byte)25,
-      (byte)48,(byte)179,(byte)72,(byte)165,(byte)181,(byte)209,(byte)215,
-      (byte)94,(byte)146,(byte)42,(byte)172,(byte)86,(byte)170,(byte)198,
-      (byte)79,(byte)184,(byte)56,(byte)210,(byte)150,(byte)164,(byte)125,
-      (byte)182,(byte)118,(byte)252,(byte)107,(byte)226,(byte)156,(byte)116,
-      (byte)4,(byte)241,(byte)69,(byte)157,(byte)112,(byte)89,(byte)100,
-      (byte)113,(byte)135,(byte)32,(byte)134,(byte)91,(byte)207,(byte)101,
-      (byte)230,(byte)45,(byte)168,(byte)2,(byte)27,(byte)96,(byte)37,
-      (byte)173,(byte)174,(byte)176,(byte)185,(byte)246,(byte)28,(byte)70,
-      (byte)97,(byte)105,(byte)52,(byte)64,(byte)126,(byte)15,(byte)85,
-      (byte)71,(byte)163,(byte)35,(byte)221,(byte)81,(byte)175,(byte)58,
-      (byte)195,(byte)92,(byte)249,(byte)206,(byte)186,(byte)197,(byte)234,
-      (byte)38,(byte)44,(byte)83,(byte)13,(byte)110,(byte)133,(byte)40,
-      (byte)132, 9,(byte)211,(byte)223,(byte)205,(byte)244,(byte)65,
-      (byte)129,(byte)77,(byte)82,(byte)106,(byte)220,(byte)55,(byte)200,
-      (byte)108,(byte)193,(byte)171,(byte)250,(byte)36,(byte)225,(byte)123,
-      (byte)8,(byte)12,(byte)189,(byte)177,(byte)74,(byte)120,(byte)136,
-      (byte)149,(byte)139,(byte)227,(byte)99,(byte)232,(byte)109,(byte)233,
-      (byte)203,(byte)213,(byte)254,(byte)59,(byte)0,(byte)29,(byte)57,
-      (byte)242,(byte)239,(byte)183,(byte)14,(byte)102,(byte)88,(byte)208,
-      (byte)228,(byte)166,(byte)119,(byte)114,(byte)248,(byte)235,(byte)117,
-      (byte)75,(byte)10,(byte)49,(byte)68,(byte)80,(byte)180,(byte)143,
-      (byte)237,(byte)31,(byte)26,(byte)219,(byte)153,(byte)141,(byte)51,
-      (byte)159,(byte)17,(byte)131,(byte)20
-    };
-
-   public int getByteLength()
-   {
-      return 16;
-   }
-
-    public Memoable copy()
-    {
-        return new MD2Digest(this);
-    }
-
-    public void reset(Memoable other)
-    {
-        MD2Digest d = (MD2Digest)other;
-
-        copyIn(d);
-    }
-}
-
-

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/MD4Digest.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/MD4Digest.java
deleted file mode 100644
index 68532bd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/digests/MD4Digest.java
+++ /dev/null

@@ -1,291 +0,0 @@
-package org.bouncycastle.crypto.digests;
-
-
-import org.bouncycastle.util.Memoable;
-
-/**
- * implementation of MD4 as RFC 1320 by R. Rivest, MIT Laboratory for
- * Computer Science and RSA Data Security, Inc.
- * <p>
- * <b>NOTE</b>: This algorithm is only included for backwards compatability
- * with legacy applications, it's not secure, don't use it for anything new!
- */
-public class MD4Digest
-    extends GeneralDigest
-{
-    private static final int    DIGEST_LENGTH = 16;
-
-    private int     H1, H2, H3, H4;         // IV's
-
-    private int[]   X = new int[16];
-    private int     xOff;
-
-    /**
-     * Standard constructor
-     */
-    public MD4Digest()
-    {
-        reset();
-    }
-
-    /**
-     * Copy constructor.  This will copy the state of the provided
-     * message digest.
-     */
-    public MD4Digest(MD4Digest t)
-    {
-        super(t);
-
-        copyIn(t);
-    }
-
-    private void copyIn(MD4Digest t)
-    {
-        super.copyIn(t);
-
-        H1 = t.H1;
-        H2 = t.H2;
-        H3 = t.H3;
-        H4 = t.H4;
-
-        System.arraycopy(t.X, 0, X, 0, t.X.length);
-        xOff = t.xOff;
-    }
-
-    public String getAlgorithmName()
-    {
-        return "MD4";
-    }
-
-    public int getDigestSize()
-    {
-        return DIGEST_LENGTH;
-    }
-
-    protected void processWord(
-        byte[]  in,
-        int     inOff)
-    {
-        X[xOff++] = (in[inOff] & 0xff) | ((in[inOff + 1] & 0xff) << 8)
-            | ((in[inOff + 2] & 0xff) << 16) | ((in[inOff + 3] & 0xff) << 24); 
-
-        if (xOff == 16)
-        {
-            processBlock();
-        }
-    }
-
-    protected void processLength(
-        long    bitLength)
-    {
-        if (xOff > 14)
-        {
-            processBlock();
-        }
-
-        X[14] = (int)(bitLength & 0xffffffff);
-        X[15] = (int)(bitLength >>> 32);
-    }
-
-    private void unpackWord(
-        int     word,
-        byte[]  out,
-        int     outOff)
-    {
-        out[outOff]     = (byte)word;
-        out[outOff + 1] = (byte)(word >>> 8);
-        out[outOff + 2] = (byte)(word >>> 16);
-        out[outOff + 3] = (byte)(word >>> 24);
-    }
-
-    public int doFinal(
-        byte[]  out,
-        int     outOff)
-    {
-        finish();
-
-        unpackWord(H1, out, outOff);
-        unpackWord(H2, out, outOff + 4);
-        unpackWord(H3, out, outOff + 8);
-        unpackWord(H4, out, outOff + 12);
-
-        reset();
-
-        return DIGEST_LENGTH;
-    }
-
-    /**
-     * reset the chaining variables to the IV values.
-     */
-    public void reset()
-    {
-        super.reset();
-
-        H1 = 0x67452301;
-        H2 = 0xefcdab89;
-        H3 = 0x98badcfe;
-        H4 = 0x10325476;
-
-        xOff = 0;
-
-        for (int i = 0; i != X.length; i++)
-        {
-            X[i] = 0;
-        }
-    }
-
-    //
-    // round 1 left rotates
-    //
-    private static final int S11 = 3;
-    private static final int S12 = 7;
-    private static final int S13 = 11;
-    private static final int S14 = 19;
-
-    //
-    // round 2 left rotates
-    //
-    private static final int S21 = 3;
-    private static final int S22 = 5;
-    private static final int S23 = 9;
-    private static final int S24 = 13;
-
-    //
-    // round 3 left rotates
-    //
-    private static final int S31 = 3;
-    private static final int S32 = 9;
-    private static final int S33 = 11;
-    private static final int S34 = 15;
-
-    /*
-     * rotate int x left n bits.
-     */
-    private int rotateLeft(
-        int x,
-        int n)
-    {
-        return (x << n) | (x >>> (32 - n));
-    }
-
-    /*
-     * F, G, H and I are the basic MD4 functions.
-     */
-    private int F(
-        int u,
-        int v,
-        int w)
-    {
-        return (u & v) | (~u & w);
-    }
-
-    private int G(
-        int u,
-        int v,
-        int w)
-    {
-        return (u & v) | (u & w) | (v & w);
-    }
-
-    private int H(
-        int u,
-        int v,
-        int w)
-    {
-        return u ^ v ^ w;
-    }
-
-    protected void processBlock()
-    {
-        int a = H1;
-        int b = H2;
-        int c = H3;
-        int d = H4;
-
-        //
-        // Round 1 - F cycle, 16 times.
-        //
-        a = rotateLeft(a + F(b, c, d) + X[ 0], S11);
-        d = rotateLeft(d + F(a, b, c) + X[ 1], S12);
-        c = rotateLeft(c + F(d, a, b) + X[ 2], S13);
-        b = rotateLeft(b + F(c, d, a) + X[ 3], S14);
-        a = rotateLeft(a + F(b, c, d) + X[ 4], S11);
-        d = rotateLeft(d + F(a, b, c) + X[ 5], S12);
-        c = rotateLeft(c + F(d, a, b) + X[ 6], S13);
-        b = rotateLeft(b + F(c, d, a) + X[ 7], S14);
-        a = rotateLeft(a + F(b, c, d) + X[ 8], S11);
-        d = rotateLeft(d + F(a, b, c) + X[ 9], S12);
-        c = rotateLeft(c + F(d, a, b) + X[10], S13);
-        b = rotateLeft(b + F(c, d, a) + X[11], S14);
-        a = rotateLeft(a + F(b, c, d) + X[12], S11);
-        d = rotateLeft(d + F(a, b, c) + X[13], S12);
-        c = rotateLeft(c + F(d, a, b) + X[14], S13);
-        b = rotateLeft(b + F(c, d, a) + X[15], S14);
-
-        //
-        // Round 2 - G cycle, 16 times.
-        //
-        a = rotateLeft(a + G(b, c, d) + X[ 0] + 0x5a827999, S21);
-        d = rotateLeft(d + G(a, b, c) + X[ 4] + 0x5a827999, S22);
-        c = rotateLeft(c + G(d, a, b) + X[ 8] + 0x5a827999, S23);
-        b = rotateLeft(b + G(c, d, a) + X[12] + 0x5a827999, S24);
-        a = rotateLeft(a + G(b, c, d) + X[ 1] + 0x5a827999, S21);
-        d = rotateLeft(d + G(a, b, c) + X[ 5] + 0x5a827999, S22);
-        c = rotateLeft(c + G(d, a, b) + X[ 9] + 0x5a827999, S23);
-        b = rotateLeft(b + G(c, d, a) + X[13] + 0x5a827999, S24);
-        a = rotateLeft(a + G(b, c, d) + X[ 2] + 0x5a827999, S21);
-        d = rotateLeft(d + G(a, b, c) + X[ 6] + 0x5a827999, S22);
-        c = rotateLeft(c + G(d, a, b) + X[10] + 0x5a827999, S23);
-        b = rotateLeft(b + G(c, d, a) + X[14] + 0x5a827999, S24);
-        a = rotateLeft(a + G(b, c, d) + X[ 3] + 0x5a827999, S21);
-        d = rotateLeft(d + G(a, b, c) + X[ 7] + 0x5a827999, S22);
-        c = rotateLeft(c + G(d, a, b) + X[11] + 0x5a827999, S23);
-        b = rotateLeft(b + G(c, d, a) + X[15] + 0x5a827999, S24);
-
-        //
-        // Round 3 - H cycle, 16 times.
-        //
-        a = rotateLeft(a + H(b, c, d) + X[ 0] + 0x6ed9eba1, S31);
-        d = rotateLeft(d + H(a, b, c) + X[ 8] + 0x6ed9eba1, S32);
-        c = rotateLeft(c + H(d, a, b) + X[ 4] + 0x6ed9eba1, S33);
-        b = rotateLeft(b + H(c, d, a) + X[12] + 0x6ed9eba1, S34);
-        a = rotateLeft(a + H(b, c, d) + X[ 2] + 0x6ed9eba1, S31);
-        d = rotateLeft(d + H(a, b, c) + X[10] + 0x6ed9eba1, S32);
-        c = rotateLeft(c + H(d, a, b) + X[ 6] + 0x6ed9eba1, S33);
-        b = rotateLeft(b + H(c, d, a) + X[14] + 0x6ed9eba1, S34);
-        a = rotateLeft(a + H(b, c, d) + X[ 1] + 0x6ed9eba1, S31);
-        d = rotateLeft(d + H(a, b, c) + X[ 9] + 0x6ed9eba1, S32);
-        c = rotateLeft(c + H(d, a, b) + X[ 5] + 0x6ed9eba1, S33);
-        b = rotateLeft(b + H(c, d, a) + X[13] + 0x6ed9eba1, S34);
-        a = rotateLeft(a + H(b, c, d) + X[ 3] + 0x6ed9eba1, S31);
-        d = rotateLeft(d + H(a, b, c) + X[11] + 0x6ed9eba1, S32);
-        c = rotateLeft(c + H(d, a, b) + X[ 7] + 0x6ed9eba1, S33);
-        b = rotateLeft(b + H(c, d, a) + X[15] + 0x6ed9eba1, S34);
-
-        H1 += a;
-        H2 += b;
-        H3 += c;
-        H4 += d;
-
-        //
-        // reset the offset and clean out the word buffer.
-        //
-        xOff = 0;
-        for (int i = 0; i != X.length; i++)
-        {
-            X[i] = 0;
-        }
-    }
-
-    public Memoable copy()
-    {
-        return new MD4Digest(this);
-    }
-
-    public void reset(Memoable other)
-    {
-        MD4Digest d = (MD4Digest)other;
-
-        copyIn(d);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/NonMemoableDigest.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/NonMemoableDigest.java
deleted file mode 100644
index 87a4d24..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/digests/NonMemoableDigest.java
+++ /dev/null

@@ -1,64 +0,0 @@
-package org.bouncycastle.crypto.digests;
-
-import org.bouncycastle.crypto.ExtendedDigest;
-
-/**
- * Wrapper removes exposure to the Memoable interface on an ExtendedDigest implementation.
- */
-public class NonMemoableDigest
-    implements ExtendedDigest
-{
-    private ExtendedDigest baseDigest;
-
-    /**
-     * Base constructor.
-     *
-     * @param baseDigest underlying digest to use.
-     * @exception IllegalArgumentException if baseDigest is null
-     */
-    public NonMemoableDigest(
-        ExtendedDigest baseDigest)
-    {
-        if (baseDigest == null)
-        {
-            throw new IllegalArgumentException("baseDigest must not be null");
-        }
-
-        this.baseDigest = baseDigest;
-    }
-    
-    public String getAlgorithmName()
-    {
-        return baseDigest.getAlgorithmName();
-    }
-
-    public int getDigestSize()
-    {
-        return baseDigest.getDigestSize();
-    }
-
-    public void update(byte in)
-    {
-        baseDigest.update(in);
-    }
-
-    public void update(byte[] in, int inOff, int len)
-    {
-        baseDigest.update(in, inOff, len);
-    }
-
-    public int doFinal(byte[] out, int outOff)
-    {
-        return baseDigest.doFinal(out, outOff);
-    }
-
-    public void reset()
-    {
-        baseDigest.reset();
-    }
-
-    public int getByteLength()
-    {
-        return baseDigest.getByteLength();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/OpenSSLDigest.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/OpenSSLDigest.java
new file mode 100644
index 0000000..5a87f2a
--- /dev/null
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/digests/OpenSSLDigest.java

@@ -0,0 +1,97 @@
+/*
+ * Copyright (C) 2008 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.bouncycastle.crypto.digests;
+
+import org.bouncycastle.crypto.ExtendedDigest;
+import org.bouncycastle.jcajce.provider.keystore.bc.BcKeyStoreSpi;
+import java.security.DigestException;
+import java.security.MessageDigest;
+
+/**
+ * Implements the BouncyCastle Digest interface using OpenSSL's EVP API. This
+ * must be an ExtendedDigest for {@link BcKeyStoreSpi} to be able to use it.
+ */
+public class OpenSSLDigest implements ExtendedDigest {
+    private final MessageDigest delegate;
+
+    private final int byteSize;
+
+    public OpenSSLDigest(String algorithm, int byteSize) {
+        try {
+            delegate = MessageDigest.getInstance(algorithm, "AndroidOpenSSL");
+            this.byteSize = byteSize;
+        } catch (Exception e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    public String getAlgorithmName() {
+        return delegate.getAlgorithm();
+    }
+
+    public int getDigestSize() {
+        return delegate.getDigestLength();
+    }
+
+    public int getByteLength() {
+        return byteSize;
+    }
+
+    public void reset() {
+        delegate.reset();
+    }
+
+    public void update(byte in) {
+        delegate.update(in);
+    }
+
+    public void update(byte[] in, int inOff, int len) {
+        delegate.update(in, inOff, len);
+    }
+
+    public int doFinal(byte[] out, int outOff) {
+        try {
+            return delegate.digest(out, outOff, out.length - outOff);
+        } catch (DigestException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    public static class MD5 extends OpenSSLDigest {
+        public MD5() { super("MD5", 64); }
+    }
+
+    public static class SHA1 extends OpenSSLDigest {
+        public SHA1() { super("SHA-1", 64); }
+    }
+
+    public static class SHA224 extends OpenSSLDigest {
+        public SHA224() { super("SHA-224", 64); }
+    }
+
+    public static class SHA256 extends OpenSSLDigest {
+        public SHA256() { super("SHA-256", 64); }
+    }
+
+    public static class SHA384 extends OpenSSLDigest {
+        public SHA384() { super("SHA-384", 128); }
+    }
+
+    public static class SHA512 extends OpenSSLDigest {
+        public SHA512() { super("SHA-512", 128); }
+    }
+}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/RIPEMD128Digest.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/RIPEMD128Digest.java
deleted file mode 100644
index ec7fa85..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/digests/RIPEMD128Digest.java
+++ /dev/null

@@ -1,482 +0,0 @@
-package org.bouncycastle.crypto.digests;
-
-
-import org.bouncycastle.util.Memoable;
-
-/**
- * implementation of RIPEMD128
- */
-public class RIPEMD128Digest
-    extends GeneralDigest
-{
-    private static final int DIGEST_LENGTH = 16;
-
-    private int H0, H1, H2, H3; // IV's
-
-    private int[] X = new int[16];
-    private int xOff;
-
-    /**
-     * Standard constructor
-     */
-    public RIPEMD128Digest()
-    {
-        reset();
-    }
-
-    /**
-     * Copy constructor.  This will copy the state of the provided
-     * message digest.
-     */
-    public RIPEMD128Digest(RIPEMD128Digest t)
-    {
-        super(t);
-
-        copyIn(t);
-    }
-
-    private void copyIn(RIPEMD128Digest t)
-    {
-        super.copyIn(t);
-
-        H0 = t.H0;
-        H1 = t.H1;
-        H2 = t.H2;
-        H3 = t.H3;
-
-        System.arraycopy(t.X, 0, X, 0, t.X.length);
-        xOff = t.xOff;
-    }
-
-    public String getAlgorithmName()
-    {
-        return "RIPEMD128";
-    }
-
-    public int getDigestSize()
-    {
-        return DIGEST_LENGTH;
-    }
-
-    protected void processWord(
-        byte[] in,
-        int inOff)
-    {
-        X[xOff++] = (in[inOff] & 0xff) | ((in[inOff + 1] & 0xff) << 8)
-            | ((in[inOff + 2] & 0xff) << 16) | ((in[inOff + 3] & 0xff) << 24); 
-
-        if (xOff == 16)
-        {
-            processBlock();
-        }
-    }
-
-    protected void processLength(
-        long bitLength)
-    {
-        if (xOff > 14)
-        {
-        processBlock();
-        }
-
-        X[14] = (int)(bitLength & 0xffffffff);
-        X[15] = (int)(bitLength >>> 32);
-    }
-
-    private void unpackWord(
-        int word,
-        byte[] out,
-        int outOff)
-    {
-        out[outOff]     = (byte)word;
-        out[outOff + 1] = (byte)(word >>> 8);
-        out[outOff + 2] = (byte)(word >>> 16);
-        out[outOff + 3] = (byte)(word >>> 24);
-    }
-
-    public int doFinal(
-        byte[] out,
-        int outOff)
-    {
-        finish();
-
-        unpackWord(H0, out, outOff);
-        unpackWord(H1, out, outOff + 4);
-        unpackWord(H2, out, outOff + 8);
-        unpackWord(H3, out, outOff + 12);
-
-        reset();
-
-        return DIGEST_LENGTH;
-    }
-
-    /**
-    * reset the chaining variables to the IV values.
-    */
-    public void reset()
-    {
-        super.reset();
-
-        H0 = 0x67452301;
-        H1 = 0xefcdab89;
-        H2 = 0x98badcfe;
-        H3 = 0x10325476;
-
-        xOff = 0;
-
-        for (int i = 0; i != X.length; i++)
-        {
-            X[i] = 0;
-        }
-    }
-
-    /*
-     * rotate int x left n bits.
-     */
-    private int RL(
-        int x,
-        int n)
-    {
-        return (x << n) | (x >>> (32 - n));
-    }
-
-    /*
-     * f1,f2,f3,f4 are the basic RIPEMD128 functions.
-     */
-
-    /*
-     * F
-     */
-    private int f1(
-        int x,
-        int y,
-        int z)
-    {
-        return x ^ y ^ z;
-    }
-
-    /*
-     * G
-     */
-    private int f2(
-        int x,
-        int y,
-        int z)
-    {
-        return (x & y) | (~x & z);
-    }
-
-    /*
-     * H
-     */
-    private int f3(
-        int x,
-        int y,
-        int z)
-    {
-        return (x | ~y) ^ z;
-    }
-
-    /*
-     * I
-     */
-    private int f4(
-        int x,
-        int y,
-        int z)
-    {
-        return (x & z) | (y & ~z);
-    }
-
-    private int F1(
-        int a,
-        int b,
-        int c,
-        int d,
-        int x,
-        int s)
-    {
-        return RL(a + f1(b, c, d) + x, s);
-    }
-
-    private int F2(
-        int a,
-        int b,
-        int c,
-        int d,
-        int x,
-        int s)
-    {
-        return RL(a + f2(b, c, d) + x + 0x5a827999, s);
-    }
-
-    private int F3(
-        int a,
-        int b,
-        int c,
-        int d,
-        int x,
-        int s)
-    {
-        return RL(a + f3(b, c, d) + x + 0x6ed9eba1, s);
-    }
-
-    private int F4(
-        int a,
-        int b,
-        int c,
-        int d,
-        int x,
-        int s)
-    {
-        return RL(a + f4(b, c, d) + x + 0x8f1bbcdc, s);
-    }
-
-    private int FF1(
-        int a,
-        int b,
-        int c,
-        int d,
-        int x,
-        int s)
-    {
-        return RL(a + f1(b, c, d) + x, s);
-    }
-
-    private int FF2(
-        int a,
-        int b,
-        int c,
-        int d,
-        int x,
-        int s)
-    {
-      return RL(a + f2(b, c, d) + x + 0x6d703ef3, s);
-    }
-
-    private int FF3(
-        int a,
-        int b,
-        int c,
-        int d,
-        int x,
-        int s)
-    {
-      return RL(a + f3(b, c, d) + x + 0x5c4dd124, s);
-    }
-
-    private int FF4(
-        int a,
-        int b,
-        int c,
-        int d,
-        int x,
-        int s)
-    {
-      return RL(a + f4(b, c, d) + x + 0x50a28be6, s);
-    }
-
-    protected void processBlock()
-    {
-        int a, aa;
-        int b, bb;
-        int c, cc;
-        int d, dd;
-
-        a = aa = H0;
-        b = bb = H1;
-        c = cc = H2;
-        d = dd = H3;
-
-        //
-        // Round 1
-        //
-        a = F1(a, b, c, d, X[ 0], 11);
-        d = F1(d, a, b, c, X[ 1], 14);
-        c = F1(c, d, a, b, X[ 2], 15);
-        b = F1(b, c, d, a, X[ 3], 12);
-        a = F1(a, b, c, d, X[ 4],  5);
-        d = F1(d, a, b, c, X[ 5],  8);
-        c = F1(c, d, a, b, X[ 6],  7);
-        b = F1(b, c, d, a, X[ 7],  9);
-        a = F1(a, b, c, d, X[ 8], 11);
-        d = F1(d, a, b, c, X[ 9], 13);
-        c = F1(c, d, a, b, X[10], 14);
-        b = F1(b, c, d, a, X[11], 15);
-        a = F1(a, b, c, d, X[12],  6);
-        d = F1(d, a, b, c, X[13],  7);
-        c = F1(c, d, a, b, X[14],  9);
-        b = F1(b, c, d, a, X[15],  8);
-
-        //
-        // Round 2
-        //
-        a = F2(a, b, c, d, X[ 7],  7);
-        d = F2(d, a, b, c, X[ 4],  6);
-        c = F2(c, d, a, b, X[13],  8);
-        b = F2(b, c, d, a, X[ 1], 13);
-        a = F2(a, b, c, d, X[10], 11);
-        d = F2(d, a, b, c, X[ 6],  9);
-        c = F2(c, d, a, b, X[15],  7);
-        b = F2(b, c, d, a, X[ 3], 15);
-        a = F2(a, b, c, d, X[12],  7);
-        d = F2(d, a, b, c, X[ 0], 12);
-        c = F2(c, d, a, b, X[ 9], 15);
-        b = F2(b, c, d, a, X[ 5],  9);
-        a = F2(a, b, c, d, X[ 2], 11);
-        d = F2(d, a, b, c, X[14],  7);
-        c = F2(c, d, a, b, X[11], 13);
-        b = F2(b, c, d, a, X[ 8], 12);
-
-        //
-        // Round 3
-        //
-        a = F3(a, b, c, d, X[ 3], 11);
-        d = F3(d, a, b, c, X[10], 13);
-        c = F3(c, d, a, b, X[14],  6);
-        b = F3(b, c, d, a, X[ 4],  7);
-        a = F3(a, b, c, d, X[ 9], 14);
-        d = F3(d, a, b, c, X[15],  9);
-        c = F3(c, d, a, b, X[ 8], 13);
-        b = F3(b, c, d, a, X[ 1], 15);
-        a = F3(a, b, c, d, X[ 2], 14);
-        d = F3(d, a, b, c, X[ 7],  8);
-        c = F3(c, d, a, b, X[ 0], 13);
-        b = F3(b, c, d, a, X[ 6],  6);
-        a = F3(a, b, c, d, X[13],  5);
-        d = F3(d, a, b, c, X[11], 12);
-        c = F3(c, d, a, b, X[ 5],  7);
-        b = F3(b, c, d, a, X[12],  5);
-
-        //
-        // Round 4
-        //
-        a = F4(a, b, c, d, X[ 1], 11);
-        d = F4(d, a, b, c, X[ 9], 12);
-        c = F4(c, d, a, b, X[11], 14);
-        b = F4(b, c, d, a, X[10], 15);
-        a = F4(a, b, c, d, X[ 0], 14);
-        d = F4(d, a, b, c, X[ 8], 15);
-        c = F4(c, d, a, b, X[12],  9);
-        b = F4(b, c, d, a, X[ 4],  8);
-        a = F4(a, b, c, d, X[13],  9);
-        d = F4(d, a, b, c, X[ 3], 14);
-        c = F4(c, d, a, b, X[ 7],  5);
-        b = F4(b, c, d, a, X[15],  6);
-        a = F4(a, b, c, d, X[14],  8);
-        d = F4(d, a, b, c, X[ 5],  6);
-        c = F4(c, d, a, b, X[ 6],  5);
-        b = F4(b, c, d, a, X[ 2], 12);
-
-        //
-        // Parallel round 1
-        //
-        aa = FF4(aa, bb, cc, dd, X[ 5],  8);
-        dd = FF4(dd, aa, bb, cc, X[14],  9);
-        cc = FF4(cc, dd, aa, bb, X[ 7],  9);
-        bb = FF4(bb, cc, dd, aa, X[ 0], 11);
-        aa = FF4(aa, bb, cc, dd, X[ 9], 13);
-        dd = FF4(dd, aa, bb, cc, X[ 2], 15);
-        cc = FF4(cc, dd, aa, bb, X[11], 15);
-        bb = FF4(bb, cc, dd, aa, X[ 4],  5);
-        aa = FF4(aa, bb, cc, dd, X[13],  7);
-        dd = FF4(dd, aa, bb, cc, X[ 6],  7);
-        cc = FF4(cc, dd, aa, bb, X[15],  8);
-        bb = FF4(bb, cc, dd, aa, X[ 8], 11);
-        aa = FF4(aa, bb, cc, dd, X[ 1], 14);
-        dd = FF4(dd, aa, bb, cc, X[10], 14);
-        cc = FF4(cc, dd, aa, bb, X[ 3], 12);
-        bb = FF4(bb, cc, dd, aa, X[12],  6);
-
-        //
-        // Parallel round 2
-        //
-        aa = FF3(aa, bb, cc, dd, X[ 6],  9);
-        dd = FF3(dd, aa, bb, cc, X[11], 13);
-        cc = FF3(cc, dd, aa, bb, X[ 3], 15);
-        bb = FF3(bb, cc, dd, aa, X[ 7],  7);
-        aa = FF3(aa, bb, cc, dd, X[ 0], 12);
-        dd = FF3(dd, aa, bb, cc, X[13],  8);
-        cc = FF3(cc, dd, aa, bb, X[ 5],  9);
-        bb = FF3(bb, cc, dd, aa, X[10], 11);
-        aa = FF3(aa, bb, cc, dd, X[14],  7);
-        dd = FF3(dd, aa, bb, cc, X[15],  7);
-        cc = FF3(cc, dd, aa, bb, X[ 8], 12);
-        bb = FF3(bb, cc, dd, aa, X[12],  7);
-        aa = FF3(aa, bb, cc, dd, X[ 4],  6);
-        dd = FF3(dd, aa, bb, cc, X[ 9], 15);
-        cc = FF3(cc, dd, aa, bb, X[ 1], 13);
-        bb = FF3(bb, cc, dd, aa, X[ 2], 11);
-
-        //
-        // Parallel round 3
-        //
-        aa = FF2(aa, bb, cc, dd, X[15],  9);
-        dd = FF2(dd, aa, bb, cc, X[ 5],  7);
-        cc = FF2(cc, dd, aa, bb, X[ 1], 15);
-        bb = FF2(bb, cc, dd, aa, X[ 3], 11);
-        aa = FF2(aa, bb, cc, dd, X[ 7],  8);
-        dd = FF2(dd, aa, bb, cc, X[14],  6);
-        cc = FF2(cc, dd, aa, bb, X[ 6],  6);
-        bb = FF2(bb, cc, dd, aa, X[ 9], 14);
-        aa = FF2(aa, bb, cc, dd, X[11], 12);
-        dd = FF2(dd, aa, bb, cc, X[ 8], 13);
-        cc = FF2(cc, dd, aa, bb, X[12],  5);
-        bb = FF2(bb, cc, dd, aa, X[ 2], 14);
-        aa = FF2(aa, bb, cc, dd, X[10], 13);
-        dd = FF2(dd, aa, bb, cc, X[ 0], 13);
-        cc = FF2(cc, dd, aa, bb, X[ 4],  7);
-        bb = FF2(bb, cc, dd, aa, X[13],  5);
-
-        //
-        // Parallel round 4
-        //
-        aa = FF1(aa, bb, cc, dd, X[ 8], 15);
-        dd = FF1(dd, aa, bb, cc, X[ 6],  5);
-        cc = FF1(cc, dd, aa, bb, X[ 4],  8);
-        bb = FF1(bb, cc, dd, aa, X[ 1], 11);
-        aa = FF1(aa, bb, cc, dd, X[ 3], 14);
-        dd = FF1(dd, aa, bb, cc, X[11], 14);
-        cc = FF1(cc, dd, aa, bb, X[15],  6);
-        bb = FF1(bb, cc, dd, aa, X[ 0], 14);
-        aa = FF1(aa, bb, cc, dd, X[ 5],  6);
-        dd = FF1(dd, aa, bb, cc, X[12],  9);
-        cc = FF1(cc, dd, aa, bb, X[ 2], 12);
-        bb = FF1(bb, cc, dd, aa, X[13],  9);
-        aa = FF1(aa, bb, cc, dd, X[ 9], 12);
-        dd = FF1(dd, aa, bb, cc, X[ 7],  5);
-        cc = FF1(cc, dd, aa, bb, X[10], 15);
-        bb = FF1(bb, cc, dd, aa, X[14],  8);
-
-        dd += c + H1;               // final result for H0
-
-        //
-        // combine the results
-        //
-        H1 = H2 + d + aa;
-        H2 = H3 + a + bb;
-        H3 = H0 + b + cc;
-        H0 = dd;
-
-        //
-        // reset the offset and clean out the word buffer.
-        //
-        xOff = 0;
-        for (int i = 0; i != X.length; i++)
-        {
-            X[i] = 0;
-        }
-    }
-
-    public Memoable copy()
-    {
-        return new RIPEMD128Digest(this);
-    }
-
-    public void reset(Memoable other)
-    {
-        RIPEMD128Digest d = (RIPEMD128Digest)other;
-
-        copyIn(d);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/RIPEMD160Digest.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/RIPEMD160Digest.java
deleted file mode 100644
index 20c81e6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/digests/RIPEMD160Digest.java
+++ /dev/null

@@ -1,443 +0,0 @@
-package org.bouncycastle.crypto.digests;
-
-
-import org.bouncycastle.util.Memoable;
-
-/**
- * implementation of RIPEMD see,
- * http://www.esat.kuleuven.ac.be/~bosselae/ripemd160.html
- */
-public class RIPEMD160Digest
-    extends GeneralDigest
-{
-    private static final int DIGEST_LENGTH = 20;
-
-    private int H0, H1, H2, H3, H4; // IV's
-
-    private int[] X = new int[16];
-    private int xOff;
-
-    /**
-     * Standard constructor
-     */
-    public RIPEMD160Digest()
-    {
-        reset();
-    }
-
-    /**
-     * Copy constructor.  This will copy the state of the provided
-     * message digest.
-     */
-    public RIPEMD160Digest(RIPEMD160Digest t)
-    {
-        super(t);
-
-        copyIn(t);
-    }
-
-    private void copyIn(RIPEMD160Digest t)
-    {
-        super.copyIn(t);
-
-        H0 = t.H0;
-        H1 = t.H1;
-        H2 = t.H2;
-        H3 = t.H3;
-        H4 = t.H4;
-
-        System.arraycopy(t.X, 0, X, 0, t.X.length);
-        xOff = t.xOff;
-    }
-
-    public String getAlgorithmName()
-    {
-        return "RIPEMD160";
-    }
-
-    public int getDigestSize()
-    {
-        return DIGEST_LENGTH;
-    }
-
-    protected void processWord(
-        byte[] in,
-        int inOff)
-    {
-        X[xOff++] = (in[inOff] & 0xff) | ((in[inOff + 1] & 0xff) << 8)
-            | ((in[inOff + 2] & 0xff) << 16) | ((in[inOff + 3] & 0xff) << 24); 
-
-        if (xOff == 16)
-        {
-            processBlock();
-        }
-    }
-
-    protected void processLength(
-        long bitLength)
-    {
-        if (xOff > 14)
-        {
-        processBlock();
-        }
-
-        X[14] = (int)(bitLength & 0xffffffff);
-        X[15] = (int)(bitLength >>> 32);
-    }
-
-    private void unpackWord(
-        int word,
-        byte[] out,
-        int outOff)
-    {
-        out[outOff]     = (byte)word;
-        out[outOff + 1] = (byte)(word >>> 8);
-        out[outOff + 2] = (byte)(word >>> 16);
-        out[outOff + 3] = (byte)(word >>> 24);
-    }
-
-    public int doFinal(
-        byte[] out,
-        int outOff)
-    {
-        finish();
-
-        unpackWord(H0, out, outOff);
-        unpackWord(H1, out, outOff + 4);
-        unpackWord(H2, out, outOff + 8);
-        unpackWord(H3, out, outOff + 12);
-        unpackWord(H4, out, outOff + 16);
-
-        reset();
-
-        return DIGEST_LENGTH;
-    }
-
-    /**
-    * reset the chaining variables to the IV values.
-    */
-    public void reset()
-    {
-        super.reset();
-
-        H0 = 0x67452301;
-        H1 = 0xefcdab89;
-        H2 = 0x98badcfe;
-        H3 = 0x10325476;
-        H4 = 0xc3d2e1f0;
-
-        xOff = 0;
-
-        for (int i = 0; i != X.length; i++)
-        {
-            X[i] = 0;
-        }
-    }
-
-    /*
-     * rotate int x left n bits.
-     */
-    private int RL(
-        int x,
-        int n)
-    {
-        return (x << n) | (x >>> (32 - n));
-    }
-
-    /*
-     * f1,f2,f3,f4,f5 are the basic RIPEMD160 functions.
-     */
-
-    /*
-     * rounds 0-15
-     */
-    private int f1(
-        int x,
-        int y,
-        int z)
-    {
-        return x ^ y ^ z;
-    }
-
-    /*
-     * rounds 16-31
-     */
-    private int f2(
-        int x,
-        int y,
-        int z)
-    {
-        return (x & y) | (~x & z);
-    }
-
-    /*
-     * rounds 32-47
-     */
-    private int f3(
-        int x,
-        int y,
-        int z)
-    {
-        return (x | ~y) ^ z;
-    }
-
-    /*
-     * rounds 48-63
-     */
-    private int f4(
-        int x,
-        int y,
-        int z)
-    {
-        return (x & z) | (y & ~z);
-    }
-
-    /*
-     * rounds 64-79
-     */
-    private int f5(
-        int x,
-        int y,
-        int z)
-    {
-        return x ^ (y | ~z);
-    }
-
-    protected void processBlock()
-    {
-        int a, aa;
-        int b, bb;
-        int c, cc;
-        int d, dd;
-        int e, ee;
-
-        a = aa = H0;
-        b = bb = H1;
-        c = cc = H2;
-        d = dd = H3;
-        e = ee = H4;
-
-        //
-        // Rounds 1 - 16
-        //
-        // left
-        a = RL(a + f1(b,c,d) + X[ 0], 11) + e; c = RL(c, 10);
-        e = RL(e + f1(a,b,c) + X[ 1], 14) + d; b = RL(b, 10);
-        d = RL(d + f1(e,a,b) + X[ 2], 15) + c; a = RL(a, 10);
-        c = RL(c + f1(d,e,a) + X[ 3], 12) + b; e = RL(e, 10);
-        b = RL(b + f1(c,d,e) + X[ 4],  5) + a; d = RL(d, 10);
-        a = RL(a + f1(b,c,d) + X[ 5],  8) + e; c = RL(c, 10);
-        e = RL(e + f1(a,b,c) + X[ 6],  7) + d; b = RL(b, 10);
-        d = RL(d + f1(e,a,b) + X[ 7],  9) + c; a = RL(a, 10);
-        c = RL(c + f1(d,e,a) + X[ 8], 11) + b; e = RL(e, 10);
-        b = RL(b + f1(c,d,e) + X[ 9], 13) + a; d = RL(d, 10);
-        a = RL(a + f1(b,c,d) + X[10], 14) + e; c = RL(c, 10);
-        e = RL(e + f1(a,b,c) + X[11], 15) + d; b = RL(b, 10);
-        d = RL(d + f1(e,a,b) + X[12],  6) + c; a = RL(a, 10);
-        c = RL(c + f1(d,e,a) + X[13],  7) + b; e = RL(e, 10);
-        b = RL(b + f1(c,d,e) + X[14],  9) + a; d = RL(d, 10);
-        a = RL(a + f1(b,c,d) + X[15],  8) + e; c = RL(c, 10);
-
-        // right
-        aa = RL(aa + f5(bb,cc,dd) + X[ 5] + 0x50a28be6,  8) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f5(aa,bb,cc) + X[14] + 0x50a28be6,  9) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f5(ee,aa,bb) + X[ 7] + 0x50a28be6,  9) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f5(dd,ee,aa) + X[ 0] + 0x50a28be6, 11) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f5(cc,dd,ee) + X[ 9] + 0x50a28be6, 13) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f5(bb,cc,dd) + X[ 2] + 0x50a28be6, 15) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f5(aa,bb,cc) + X[11] + 0x50a28be6, 15) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f5(ee,aa,bb) + X[ 4] + 0x50a28be6,  5) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f5(dd,ee,aa) + X[13] + 0x50a28be6,  7) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f5(cc,dd,ee) + X[ 6] + 0x50a28be6,  7) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f5(bb,cc,dd) + X[15] + 0x50a28be6,  8) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f5(aa,bb,cc) + X[ 8] + 0x50a28be6, 11) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f5(ee,aa,bb) + X[ 1] + 0x50a28be6, 14) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f5(dd,ee,aa) + X[10] + 0x50a28be6, 14) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f5(cc,dd,ee) + X[ 3] + 0x50a28be6, 12) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f5(bb,cc,dd) + X[12] + 0x50a28be6,  6) + ee; cc = RL(cc, 10);
-
-        //
-        // Rounds 16-31
-        //
-        // left
-        e = RL(e + f2(a,b,c) + X[ 7] + 0x5a827999,  7) + d; b = RL(b, 10);
-        d = RL(d + f2(e,a,b) + X[ 4] + 0x5a827999,  6) + c; a = RL(a, 10);
-        c = RL(c + f2(d,e,a) + X[13] + 0x5a827999,  8) + b; e = RL(e, 10);
-        b = RL(b + f2(c,d,e) + X[ 1] + 0x5a827999, 13) + a; d = RL(d, 10);
-        a = RL(a + f2(b,c,d) + X[10] + 0x5a827999, 11) + e; c = RL(c, 10);
-        e = RL(e + f2(a,b,c) + X[ 6] + 0x5a827999,  9) + d; b = RL(b, 10);
-        d = RL(d + f2(e,a,b) + X[15] + 0x5a827999,  7) + c; a = RL(a, 10);
-        c = RL(c + f2(d,e,a) + X[ 3] + 0x5a827999, 15) + b; e = RL(e, 10);
-        b = RL(b + f2(c,d,e) + X[12] + 0x5a827999,  7) + a; d = RL(d, 10);
-        a = RL(a + f2(b,c,d) + X[ 0] + 0x5a827999, 12) + e; c = RL(c, 10);
-        e = RL(e + f2(a,b,c) + X[ 9] + 0x5a827999, 15) + d; b = RL(b, 10);
-        d = RL(d + f2(e,a,b) + X[ 5] + 0x5a827999,  9) + c; a = RL(a, 10);
-        c = RL(c + f2(d,e,a) + X[ 2] + 0x5a827999, 11) + b; e = RL(e, 10);
-        b = RL(b + f2(c,d,e) + X[14] + 0x5a827999,  7) + a; d = RL(d, 10);
-        a = RL(a + f2(b,c,d) + X[11] + 0x5a827999, 13) + e; c = RL(c, 10);
-        e = RL(e + f2(a,b,c) + X[ 8] + 0x5a827999, 12) + d; b = RL(b, 10);
-
-        // right
-        ee = RL(ee + f4(aa,bb,cc) + X[ 6] + 0x5c4dd124,  9) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f4(ee,aa,bb) + X[11] + 0x5c4dd124, 13) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f4(dd,ee,aa) + X[ 3] + 0x5c4dd124, 15) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f4(cc,dd,ee) + X[ 7] + 0x5c4dd124,  7) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f4(bb,cc,dd) + X[ 0] + 0x5c4dd124, 12) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f4(aa,bb,cc) + X[13] + 0x5c4dd124,  8) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f4(ee,aa,bb) + X[ 5] + 0x5c4dd124,  9) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f4(dd,ee,aa) + X[10] + 0x5c4dd124, 11) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f4(cc,dd,ee) + X[14] + 0x5c4dd124,  7) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f4(bb,cc,dd) + X[15] + 0x5c4dd124,  7) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f4(aa,bb,cc) + X[ 8] + 0x5c4dd124, 12) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f4(ee,aa,bb) + X[12] + 0x5c4dd124,  7) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f4(dd,ee,aa) + X[ 4] + 0x5c4dd124,  6) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f4(cc,dd,ee) + X[ 9] + 0x5c4dd124, 15) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f4(bb,cc,dd) + X[ 1] + 0x5c4dd124, 13) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f4(aa,bb,cc) + X[ 2] + 0x5c4dd124, 11) + dd; bb = RL(bb, 10);
-
-        //
-        // Rounds 32-47
-        //
-        // left
-        d = RL(d + f3(e,a,b) + X[ 3] + 0x6ed9eba1, 11) + c; a = RL(a, 10);
-        c = RL(c + f3(d,e,a) + X[10] + 0x6ed9eba1, 13) + b; e = RL(e, 10);
-        b = RL(b + f3(c,d,e) + X[14] + 0x6ed9eba1,  6) + a; d = RL(d, 10);
-        a = RL(a + f3(b,c,d) + X[ 4] + 0x6ed9eba1,  7) + e; c = RL(c, 10);
-        e = RL(e + f3(a,b,c) + X[ 9] + 0x6ed9eba1, 14) + d; b = RL(b, 10);
-        d = RL(d + f3(e,a,b) + X[15] + 0x6ed9eba1,  9) + c; a = RL(a, 10);
-        c = RL(c + f3(d,e,a) + X[ 8] + 0x6ed9eba1, 13) + b; e = RL(e, 10);
-        b = RL(b + f3(c,d,e) + X[ 1] + 0x6ed9eba1, 15) + a; d = RL(d, 10);
-        a = RL(a + f3(b,c,d) + X[ 2] + 0x6ed9eba1, 14) + e; c = RL(c, 10);
-        e = RL(e + f3(a,b,c) + X[ 7] + 0x6ed9eba1,  8) + d; b = RL(b, 10);
-        d = RL(d + f3(e,a,b) + X[ 0] + 0x6ed9eba1, 13) + c; a = RL(a, 10);
-        c = RL(c + f3(d,e,a) + X[ 6] + 0x6ed9eba1,  6) + b; e = RL(e, 10);
-        b = RL(b + f3(c,d,e) + X[13] + 0x6ed9eba1,  5) + a; d = RL(d, 10);
-        a = RL(a + f3(b,c,d) + X[11] + 0x6ed9eba1, 12) + e; c = RL(c, 10);
-        e = RL(e + f3(a,b,c) + X[ 5] + 0x6ed9eba1,  7) + d; b = RL(b, 10);
-        d = RL(d + f3(e,a,b) + X[12] + 0x6ed9eba1,  5) + c; a = RL(a, 10);
-
-        // right
-        dd = RL(dd + f3(ee,aa,bb) + X[15] + 0x6d703ef3,  9) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f3(dd,ee,aa) + X[ 5] + 0x6d703ef3,  7) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f3(cc,dd,ee) + X[ 1] + 0x6d703ef3, 15) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f3(bb,cc,dd) + X[ 3] + 0x6d703ef3, 11) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f3(aa,bb,cc) + X[ 7] + 0x6d703ef3,  8) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f3(ee,aa,bb) + X[14] + 0x6d703ef3,  6) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f3(dd,ee,aa) + X[ 6] + 0x6d703ef3,  6) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f3(cc,dd,ee) + X[ 9] + 0x6d703ef3, 14) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f3(bb,cc,dd) + X[11] + 0x6d703ef3, 12) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f3(aa,bb,cc) + X[ 8] + 0x6d703ef3, 13) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f3(ee,aa,bb) + X[12] + 0x6d703ef3,  5) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f3(dd,ee,aa) + X[ 2] + 0x6d703ef3, 14) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f3(cc,dd,ee) + X[10] + 0x6d703ef3, 13) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f3(bb,cc,dd) + X[ 0] + 0x6d703ef3, 13) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f3(aa,bb,cc) + X[ 4] + 0x6d703ef3,  7) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f3(ee,aa,bb) + X[13] + 0x6d703ef3,  5) + cc; aa = RL(aa, 10);
-
-        //
-        // Rounds 48-63
-        //
-        // left
-        c = RL(c + f4(d,e,a) + X[ 1] + 0x8f1bbcdc, 11) + b; e = RL(e, 10);
-        b = RL(b + f4(c,d,e) + X[ 9] + 0x8f1bbcdc, 12) + a; d = RL(d, 10);
-        a = RL(a + f4(b,c,d) + X[11] + 0x8f1bbcdc, 14) + e; c = RL(c, 10);
-        e = RL(e + f4(a,b,c) + X[10] + 0x8f1bbcdc, 15) + d; b = RL(b, 10);
-        d = RL(d + f4(e,a,b) + X[ 0] + 0x8f1bbcdc, 14) + c; a = RL(a, 10);
-        c = RL(c + f4(d,e,a) + X[ 8] + 0x8f1bbcdc, 15) + b; e = RL(e, 10);
-        b = RL(b + f4(c,d,e) + X[12] + 0x8f1bbcdc,  9) + a; d = RL(d, 10);
-        a = RL(a + f4(b,c,d) + X[ 4] + 0x8f1bbcdc,  8) + e; c = RL(c, 10);
-        e = RL(e + f4(a,b,c) + X[13] + 0x8f1bbcdc,  9) + d; b = RL(b, 10);
-        d = RL(d + f4(e,a,b) + X[ 3] + 0x8f1bbcdc, 14) + c; a = RL(a, 10);
-        c = RL(c + f4(d,e,a) + X[ 7] + 0x8f1bbcdc,  5) + b; e = RL(e, 10);
-        b = RL(b + f4(c,d,e) + X[15] + 0x8f1bbcdc,  6) + a; d = RL(d, 10);
-        a = RL(a + f4(b,c,d) + X[14] + 0x8f1bbcdc,  8) + e; c = RL(c, 10);
-        e = RL(e + f4(a,b,c) + X[ 5] + 0x8f1bbcdc,  6) + d; b = RL(b, 10);
-        d = RL(d + f4(e,a,b) + X[ 6] + 0x8f1bbcdc,  5) + c; a = RL(a, 10);
-        c = RL(c + f4(d,e,a) + X[ 2] + 0x8f1bbcdc, 12) + b; e = RL(e, 10);
-
-        // right
-        cc = RL(cc + f2(dd,ee,aa) + X[ 8] + 0x7a6d76e9, 15) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f2(cc,dd,ee) + X[ 6] + 0x7a6d76e9,  5) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f2(bb,cc,dd) + X[ 4] + 0x7a6d76e9,  8) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f2(aa,bb,cc) + X[ 1] + 0x7a6d76e9, 11) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f2(ee,aa,bb) + X[ 3] + 0x7a6d76e9, 14) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f2(dd,ee,aa) + X[11] + 0x7a6d76e9, 14) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f2(cc,dd,ee) + X[15] + 0x7a6d76e9,  6) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f2(bb,cc,dd) + X[ 0] + 0x7a6d76e9, 14) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f2(aa,bb,cc) + X[ 5] + 0x7a6d76e9,  6) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f2(ee,aa,bb) + X[12] + 0x7a6d76e9,  9) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f2(dd,ee,aa) + X[ 2] + 0x7a6d76e9, 12) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f2(cc,dd,ee) + X[13] + 0x7a6d76e9,  9) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f2(bb,cc,dd) + X[ 9] + 0x7a6d76e9, 12) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f2(aa,bb,cc) + X[ 7] + 0x7a6d76e9,  5) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f2(ee,aa,bb) + X[10] + 0x7a6d76e9, 15) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f2(dd,ee,aa) + X[14] + 0x7a6d76e9,  8) + bb; ee = RL(ee, 10);
-
-        //
-        // Rounds 64-79
-        //
-        // left
-        b = RL(b + f5(c,d,e) + X[ 4] + 0xa953fd4e,  9) + a; d = RL(d, 10);
-        a = RL(a + f5(b,c,d) + X[ 0] + 0xa953fd4e, 15) + e; c = RL(c, 10);
-        e = RL(e + f5(a,b,c) + X[ 5] + 0xa953fd4e,  5) + d; b = RL(b, 10);
-        d = RL(d + f5(e,a,b) + X[ 9] + 0xa953fd4e, 11) + c; a = RL(a, 10);
-        c = RL(c + f5(d,e,a) + X[ 7] + 0xa953fd4e,  6) + b; e = RL(e, 10);
-        b = RL(b + f5(c,d,e) + X[12] + 0xa953fd4e,  8) + a; d = RL(d, 10);
-        a = RL(a + f5(b,c,d) + X[ 2] + 0xa953fd4e, 13) + e; c = RL(c, 10);
-        e = RL(e + f5(a,b,c) + X[10] + 0xa953fd4e, 12) + d; b = RL(b, 10);
-        d = RL(d + f5(e,a,b) + X[14] + 0xa953fd4e,  5) + c; a = RL(a, 10);
-        c = RL(c + f5(d,e,a) + X[ 1] + 0xa953fd4e, 12) + b; e = RL(e, 10);
-        b = RL(b + f5(c,d,e) + X[ 3] + 0xa953fd4e, 13) + a; d = RL(d, 10);
-        a = RL(a + f5(b,c,d) + X[ 8] + 0xa953fd4e, 14) + e; c = RL(c, 10);
-        e = RL(e + f5(a,b,c) + X[11] + 0xa953fd4e, 11) + d; b = RL(b, 10);
-        d = RL(d + f5(e,a,b) + X[ 6] + 0xa953fd4e,  8) + c; a = RL(a, 10);
-        c = RL(c + f5(d,e,a) + X[15] + 0xa953fd4e,  5) + b; e = RL(e, 10);
-        b = RL(b + f5(c,d,e) + X[13] + 0xa953fd4e,  6) + a; d = RL(d, 10);
-
-        // right
-        bb = RL(bb + f1(cc,dd,ee) + X[12],  8) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f1(bb,cc,dd) + X[15],  5) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f1(aa,bb,cc) + X[10], 12) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f1(ee,aa,bb) + X[ 4],  9) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f1(dd,ee,aa) + X[ 1], 12) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f1(cc,dd,ee) + X[ 5],  5) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f1(bb,cc,dd) + X[ 8], 14) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f1(aa,bb,cc) + X[ 7],  6) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f1(ee,aa,bb) + X[ 6],  8) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f1(dd,ee,aa) + X[ 2], 13) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f1(cc,dd,ee) + X[13],  6) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f1(bb,cc,dd) + X[14],  5) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f1(aa,bb,cc) + X[ 0], 15) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f1(ee,aa,bb) + X[ 3], 13) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f1(dd,ee,aa) + X[ 9], 11) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f1(cc,dd,ee) + X[11], 11) + aa; dd = RL(dd, 10);
-
-        dd += c + H1;
-        H1 = H2 + d + ee;
-        H2 = H3 + e + aa;
-        H3 = H4 + a + bb;
-        H4 = H0 + b + cc;
-        H0 = dd;
-
-        //
-        // reset the offset and clean out the word buffer.
-        //
-        xOff = 0;
-        for (int i = 0; i != X.length; i++)
-        {
-            X[i] = 0;
-        }
-    }
-
-    public Memoable copy()
-    {
-        return new RIPEMD160Digest(this);
-    }
-
-    public void reset(Memoable other)
-    {
-        RIPEMD160Digest d = (RIPEMD160Digest)other;
-
-        copyIn(d);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/RIPEMD256Digest.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/RIPEMD256Digest.java
deleted file mode 100644
index 86746b4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/digests/RIPEMD256Digest.java
+++ /dev/null

@@ -1,497 +0,0 @@
-package org.bouncycastle.crypto.digests;
-
-
-import org.bouncycastle.util.Memoable;
-
-/**
- * implementation of RIPEMD256.
- * <p>
- * <b>note:</b> this algorithm offers the same level of security as RIPEMD128.
- */
-public class RIPEMD256Digest
-    extends GeneralDigest
-{
-    private static final int DIGEST_LENGTH = 32;
-
-    private int H0, H1, H2, H3, H4, H5, H6, H7; // IV's
-
-    private int[] X = new int[16];
-    private int xOff;
-
-    /**
-     * Standard constructor
-     */
-    public RIPEMD256Digest()
-    {
-        reset();
-    }
-
-    /**
-     * Copy constructor.  This will copy the state of the provided
-     * message digest.
-     */
-    public RIPEMD256Digest(RIPEMD256Digest t)
-    {
-        super(t);
-
-        copyIn(t);
-    }
-
-    private void copyIn(RIPEMD256Digest t)
-    {
-        super.copyIn(t);
-
-        H0 = t.H0;
-        H1 = t.H1;
-        H2 = t.H2;
-        H3 = t.H3;
-        H4 = t.H4;
-        H5 = t.H5;
-        H6 = t.H6;
-        H7 = t.H7;
-
-        System.arraycopy(t.X, 0, X, 0, t.X.length);
-        xOff = t.xOff;
-    }
-
-    public String getAlgorithmName()
-    {
-        return "RIPEMD256";
-    }
-
-    public int getDigestSize()
-    {
-        return DIGEST_LENGTH;
-    }
-
-    protected void processWord(
-        byte[] in,
-        int inOff)
-    {
-        X[xOff++] = (in[inOff] & 0xff) | ((in[inOff + 1] & 0xff) << 8)
-            | ((in[inOff + 2] & 0xff) << 16) | ((in[inOff + 3] & 0xff) << 24); 
-
-        if (xOff == 16)
-        {
-            processBlock();
-        }
-    }
-
-    protected void processLength(
-        long bitLength)
-    {
-        if (xOff > 14)
-        {
-            processBlock();
-        }
-
-        X[14] = (int)(bitLength & 0xffffffff);
-        X[15] = (int)(bitLength >>> 32);
-    }
-
-    private void unpackWord(
-        int word,
-        byte[] out,
-        int outOff)
-    {
-        out[outOff]     = (byte)word;
-        out[outOff + 1] = (byte)(word >>> 8);
-        out[outOff + 2] = (byte)(word >>> 16);
-        out[outOff + 3] = (byte)(word >>> 24);
-    }
-
-    public int doFinal(
-        byte[] out,
-        int outOff)
-    {
-        finish();
-
-        unpackWord(H0, out, outOff);
-        unpackWord(H1, out, outOff + 4);
-        unpackWord(H2, out, outOff + 8);
-        unpackWord(H3, out, outOff + 12);
-        unpackWord(H4, out, outOff + 16);
-        unpackWord(H5, out, outOff + 20);
-        unpackWord(H6, out, outOff + 24);
-        unpackWord(H7, out, outOff + 28);
-
-        reset();
-
-        return DIGEST_LENGTH;
-    }
-
-    /**
-    * reset the chaining variables to the IV values.
-    */
-    public void reset()
-    {
-        super.reset();
-
-        H0 = 0x67452301;
-        H1 = 0xefcdab89;
-        H2 = 0x98badcfe;
-        H3 = 0x10325476; 
-        H4 = 0x76543210; 
-        H5 = 0xFEDCBA98; 
-        H6 = 0x89ABCDEF; 
-        H7 = 0x01234567;
-        
-        xOff = 0;
-
-        for (int i = 0; i != X.length; i++)
-        {
-            X[i] = 0;
-        }
-    }
-
-    /*
-     * rotate int x left n bits.
-     */
-    private int RL(
-        int x,
-        int n)
-    {
-        return (x << n) | (x >>> (32 - n));
-    }
-
-    /*
-     * f1,f2,f3,f4 are the basic RIPEMD128 functions.
-     */
-
-    /*
-     * F
-     */
-    private int f1(
-        int x,
-        int y,
-        int z)
-    {
-        return x ^ y ^ z;
-    }
-
-    /*
-     * G
-     */
-    private int f2(
-        int x,
-        int y,
-        int z)
-    {
-        return (x & y) | (~x & z);
-    }
-
-    /*
-     * H
-     */
-    private int f3(
-        int x,
-        int y,
-        int z)
-    {
-        return (x | ~y) ^ z;
-    }
-
-    /*
-     * I
-     */
-    private int f4(
-        int x,
-        int y,
-        int z)
-    {
-        return (x & z) | (y & ~z);
-    }
-
-    private int F1(
-        int a,
-        int b,
-        int c,
-        int d,
-        int x,
-        int s)
-    {
-        return RL(a + f1(b, c, d) + x, s);
-    }
-
-    private int F2(
-        int a,
-        int b,
-        int c,
-        int d,
-        int x,
-        int s)
-    {
-        return RL(a + f2(b, c, d) + x + 0x5a827999, s);
-    }
-
-    private int F3(
-        int a,
-        int b,
-        int c,
-        int d,
-        int x,
-        int s)
-    {
-        return RL(a + f3(b, c, d) + x + 0x6ed9eba1, s);
-    }
-
-    private int F4(
-        int a,
-        int b,
-        int c,
-        int d,
-        int x,
-        int s)
-    {
-        return RL(a + f4(b, c, d) + x + 0x8f1bbcdc, s);
-    }
-
-    private int FF1(
-        int a,
-        int b,
-        int c,
-        int d,
-        int x,
-        int s)
-    {
-        return RL(a + f1(b, c, d) + x, s);
-    }
-
-    private int FF2(
-        int a,
-        int b,
-        int c,
-        int d,
-        int x,
-        int s)
-    {
-      return RL(a + f2(b, c, d) + x + 0x6d703ef3, s);
-    }
-
-    private int FF3(
-        int a,
-        int b,
-        int c,
-        int d,
-        int x,
-        int s)
-    {
-      return RL(a + f3(b, c, d) + x + 0x5c4dd124, s);
-    }
-
-    private int FF4(
-        int a,
-        int b,
-        int c,
-        int d,
-        int x,
-        int s)
-    {
-      return RL(a + f4(b, c, d) + x + 0x50a28be6, s);
-    }
-
-    protected void processBlock()
-    {
-        int a, aa;
-        int b, bb;
-        int c, cc;
-        int d, dd;
-        int t;
-        
-        a = H0;
-        b = H1;
-        c = H2;
-        d = H3;
-        aa = H4;
-        bb = H5;
-        cc = H6;
-        dd = H7;
-
-        //
-        // Round 1
-        //
-        
-        a = F1(a, b, c, d, X[ 0], 11);
-        d = F1(d, a, b, c, X[ 1], 14);
-        c = F1(c, d, a, b, X[ 2], 15);
-        b = F1(b, c, d, a, X[ 3], 12);
-        a = F1(a, b, c, d, X[ 4],  5);
-        d = F1(d, a, b, c, X[ 5],  8);
-        c = F1(c, d, a, b, X[ 6],  7);
-        b = F1(b, c, d, a, X[ 7],  9);
-        a = F1(a, b, c, d, X[ 8], 11);
-        d = F1(d, a, b, c, X[ 9], 13);
-        c = F1(c, d, a, b, X[10], 14);
-        b = F1(b, c, d, a, X[11], 15);
-        a = F1(a, b, c, d, X[12],  6);
-        d = F1(d, a, b, c, X[13],  7);
-        c = F1(c, d, a, b, X[14],  9);
-        b = F1(b, c, d, a, X[15],  8);
-
-        aa = FF4(aa, bb, cc, dd, X[ 5],  8);
-        dd = FF4(dd, aa, bb, cc, X[14],  9);
-        cc = FF4(cc, dd, aa, bb, X[ 7],  9);
-        bb = FF4(bb, cc, dd, aa, X[ 0], 11);
-        aa = FF4(aa, bb, cc, dd, X[ 9], 13);
-        dd = FF4(dd, aa, bb, cc, X[ 2], 15);
-        cc = FF4(cc, dd, aa, bb, X[11], 15);
-        bb = FF4(bb, cc, dd, aa, X[ 4],  5);
-        aa = FF4(aa, bb, cc, dd, X[13],  7);
-        dd = FF4(dd, aa, bb, cc, X[ 6],  7);
-        cc = FF4(cc, dd, aa, bb, X[15],  8);
-        bb = FF4(bb, cc, dd, aa, X[ 8], 11);
-        aa = FF4(aa, bb, cc, dd, X[ 1], 14);
-        dd = FF4(dd, aa, bb, cc, X[10], 14);
-        cc = FF4(cc, dd, aa, bb, X[ 3], 12);
-        bb = FF4(bb, cc, dd, aa, X[12],  6);
-
-        t = a; a = aa; aa = t;
-        
-        //
-        // Round 2
-        //
-        a = F2(a, b, c, d, X[ 7],  7);
-        d = F2(d, a, b, c, X[ 4],  6);
-        c = F2(c, d, a, b, X[13],  8);
-        b = F2(b, c, d, a, X[ 1], 13);
-        a = F2(a, b, c, d, X[10], 11);
-        d = F2(d, a, b, c, X[ 6],  9);
-        c = F2(c, d, a, b, X[15],  7);
-        b = F2(b, c, d, a, X[ 3], 15);
-        a = F2(a, b, c, d, X[12],  7);
-        d = F2(d, a, b, c, X[ 0], 12);
-        c = F2(c, d, a, b, X[ 9], 15);
-        b = F2(b, c, d, a, X[ 5],  9);
-        a = F2(a, b, c, d, X[ 2], 11);
-        d = F2(d, a, b, c, X[14],  7);
-        c = F2(c, d, a, b, X[11], 13);
-        b = F2(b, c, d, a, X[ 8], 12);
-
-        aa = FF3(aa, bb, cc, dd, X[ 6],  9);
-        dd = FF3(dd, aa, bb, cc, X[ 11], 13);
-        cc = FF3(cc, dd, aa, bb, X[3], 15);
-        bb = FF3(bb, cc, dd, aa, X[ 7],  7);
-        aa = FF3(aa, bb, cc, dd, X[0], 12);
-        dd = FF3(dd, aa, bb, cc, X[13],  8);
-        cc = FF3(cc, dd, aa, bb, X[5],  9);
-        bb = FF3(bb, cc, dd, aa, X[10], 11);
-        aa = FF3(aa, bb, cc, dd, X[14],  7);
-        dd = FF3(dd, aa, bb, cc, X[15],  7);
-        cc = FF3(cc, dd, aa, bb, X[ 8], 12);
-        bb = FF3(bb, cc, dd, aa, X[12],  7);
-        aa = FF3(aa, bb, cc, dd, X[ 4],  6);
-        dd = FF3(dd, aa, bb, cc, X[ 9], 15);
-        cc = FF3(cc, dd, aa, bb, X[ 1], 13);
-        bb = FF3(bb, cc, dd, aa, X[ 2], 11);
-
-        t = b; b = bb; bb = t;
-        
-        //
-        // Round 3
-        //
-        a = F3(a, b, c, d, X[ 3], 11);
-        d = F3(d, a, b, c, X[10], 13);
-        c = F3(c, d, a, b, X[14],  6);
-        b = F3(b, c, d, a, X[ 4],  7);
-        a = F3(a, b, c, d, X[ 9], 14);
-        d = F3(d, a, b, c, X[15],  9);
-        c = F3(c, d, a, b, X[ 8], 13);
-        b = F3(b, c, d, a, X[ 1], 15);
-        a = F3(a, b, c, d, X[ 2], 14);
-        d = F3(d, a, b, c, X[ 7],  8);
-        c = F3(c, d, a, b, X[ 0], 13);
-        b = F3(b, c, d, a, X[ 6],  6);
-        a = F3(a, b, c, d, X[13],  5);
-        d = F3(d, a, b, c, X[11], 12);
-        c = F3(c, d, a, b, X[ 5],  7);
-        b = F3(b, c, d, a, X[12],  5);
-
-        aa = FF2(aa, bb, cc, dd, X[ 15], 9);
-        dd = FF2(dd, aa, bb, cc, X[5], 7);
-        cc = FF2(cc, dd, aa, bb, X[1], 15);
-        bb = FF2(bb, cc, dd, aa, X[ 3],  11);
-        aa = FF2(aa, bb, cc, dd, X[ 7], 8);
-        dd = FF2(dd, aa, bb, cc, X[14],  6);
-        cc = FF2(cc, dd, aa, bb, X[ 6], 6);
-        bb = FF2(bb, cc, dd, aa, X[ 9], 14);
-        aa = FF2(aa, bb, cc, dd, X[11], 12);
-        dd = FF2(dd, aa, bb, cc, X[ 8], 13);
-        cc = FF2(cc, dd, aa, bb, X[12],  5);
-        bb = FF2(bb, cc, dd, aa, X[ 2], 14);
-        aa = FF2(aa, bb, cc, dd, X[10], 13);
-        dd = FF2(dd, aa, bb, cc, X[ 0], 13);
-        cc = FF2(cc, dd, aa, bb, X[ 4],  7);
-        bb = FF2(bb, cc, dd, aa, X[13],  5);
-
-        t = c; c = cc; cc = t;
-
-        //
-        // Round 4
-        //
-        a = F4(a, b, c, d, X[ 1], 11);
-        d = F4(d, a, b, c, X[ 9], 12);
-        c = F4(c, d, a, b, X[11], 14);
-        b = F4(b, c, d, a, X[10], 15);
-        a = F4(a, b, c, d, X[ 0], 14);
-        d = F4(d, a, b, c, X[ 8], 15);
-        c = F4(c, d, a, b, X[12],  9);
-        b = F4(b, c, d, a, X[ 4],  8);
-        a = F4(a, b, c, d, X[13],  9);
-        d = F4(d, a, b, c, X[ 3], 14);
-        c = F4(c, d, a, b, X[ 7],  5);
-        b = F4(b, c, d, a, X[15],  6);
-        a = F4(a, b, c, d, X[14],  8);
-        d = F4(d, a, b, c, X[ 5],  6);
-        c = F4(c, d, a, b, X[ 6],  5);
-        b = F4(b, c, d, a, X[ 2], 12);
-
-        aa = FF1(aa, bb, cc, dd, X[ 8], 15);
-        dd = FF1(dd, aa, bb, cc, X[ 6],  5);
-        cc = FF1(cc, dd, aa, bb, X[ 4],  8);
-        bb = FF1(bb, cc, dd, aa, X[ 1], 11);
-        aa = FF1(aa, bb, cc, dd, X[ 3], 14);
-        dd = FF1(dd, aa, bb, cc, X[11], 14);
-        cc = FF1(cc, dd, aa, bb, X[15],  6);
-        bb = FF1(bb, cc, dd, aa, X[ 0], 14);
-        aa = FF1(aa, bb, cc, dd, X[ 5],  6);
-        dd = FF1(dd, aa, bb, cc, X[12],  9);
-        cc = FF1(cc, dd, aa, bb, X[ 2],  12);
-        bb = FF1(bb, cc, dd, aa, X[13],  9);
-        aa = FF1(aa, bb, cc, dd, X[ 9],  12);
-        dd = FF1(dd, aa, bb, cc, X[ 7],  5);
-        cc = FF1(cc, dd, aa, bb, X[10],  15);
-        bb = FF1(bb, cc, dd, aa, X[14], 8);
-
-        t = d; d = dd; dd = t;
-
-        H0 += a; 
-        H1 += b; 
-        H2 += c; 
-        H3 += d;
-        H4 += aa; 
-        H5 += bb; 
-        H6 += cc; 
-        H7 += dd;
-        
-        //
-        // reset the offset and clean out the word buffer.
-        //
-        xOff = 0;
-        for (int i = 0; i != X.length; i++)
-        {
-            X[i] = 0;
-        }
-    }
-
-    public Memoable copy()
-    {
-        return new RIPEMD256Digest(this);
-    }
-
-    public void reset(Memoable other)
-    {
-        RIPEMD256Digest d = (RIPEMD256Digest)other;
-
-        copyIn(d);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/RIPEMD320Digest.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/RIPEMD320Digest.java
deleted file mode 100644
index 32775e7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/digests/RIPEMD320Digest.java
+++ /dev/null

@@ -1,481 +0,0 @@
-package org.bouncycastle.crypto.digests;
-
-
-import org.bouncycastle.util.Memoable;
-
-/**
- * implementation of RIPEMD 320.
- * <p>
- * <b>Note:</b> this implementation offers the same level of security
- * as RIPEMD 160.
- */
-public class RIPEMD320Digest
-    extends GeneralDigest
-{
-    private static final int DIGEST_LENGTH = 40;
-
-    private int H0, H1, H2, H3, H4, H5, H6, H7, H8, H9; // IV's
-
-    private int[] X = new int[16];
-    private int xOff;
-
-    /**
-     * Standard constructor
-     */
-    public RIPEMD320Digest()
-    {
-        reset();
-    }
-
-    /**
-     * Copy constructor.  This will copy the state of the provided
-     * message digest.
-     */
-    public RIPEMD320Digest(RIPEMD320Digest t)
-    {
-        super(t);
-
-        doCopy(t);
-    }
-
-    private void doCopy(RIPEMD320Digest t)
-    {
-        super.copyIn(t);
-        H0 = t.H0;
-        H1 = t.H1;
-        H2 = t.H2;
-        H3 = t.H3;
-        H4 = t.H4;
-        H5 = t.H5;
-        H6 = t.H6;
-        H7 = t.H7;
-        H8 = t.H8;
-        H9 = t.H9;
-        
-        System.arraycopy(t.X, 0, X, 0, t.X.length);
-        xOff = t.xOff;
-    }
-
-    public String getAlgorithmName()
-    {
-        return "RIPEMD320";
-    }
-
-    public int getDigestSize()
-    {
-        return DIGEST_LENGTH;
-    }
-
-    protected void processWord(
-        byte[] in,
-        int inOff)
-    {
-        X[xOff++] = (in[inOff] & 0xff) | ((in[inOff + 1] & 0xff) << 8)
-            | ((in[inOff + 2] & 0xff) << 16) | ((in[inOff + 3] & 0xff) << 24); 
-
-        if (xOff == 16)
-        {
-            processBlock();
-        }
-    }
-
-    protected void processLength(
-        long bitLength)
-    {
-        if (xOff > 14)
-        {
-        processBlock();
-        }
-
-        X[14] = (int)(bitLength & 0xffffffff);
-        X[15] = (int)(bitLength >>> 32);
-    }
-
-    private void unpackWord(
-        int word,
-        byte[] out,
-        int outOff)
-    {
-        out[outOff]     = (byte)word;
-        out[outOff + 1] = (byte)(word >>> 8);
-        out[outOff + 2] = (byte)(word >>> 16);
-        out[outOff + 3] = (byte)(word >>> 24);
-    }
-
-    public int doFinal(
-        byte[] out,
-        int outOff)
-    {
-        finish();
-
-        unpackWord(H0, out, outOff);
-        unpackWord(H1, out, outOff + 4);
-        unpackWord(H2, out, outOff + 8);
-        unpackWord(H3, out, outOff + 12);
-        unpackWord(H4, out, outOff + 16);
-        unpackWord(H5, out, outOff + 20);
-        unpackWord(H6, out, outOff + 24);
-        unpackWord(H7, out, outOff + 28);
-        unpackWord(H8, out, outOff + 32);
-        unpackWord(H9, out, outOff + 36);
-
-        reset();
-
-        return DIGEST_LENGTH;
-    }
-
-    /**
-    * reset the chaining variables to the IV values.
-    */
-    public void reset()
-    {
-        super.reset();
-
-        H0 = 0x67452301;
-        H1 = 0xefcdab89;
-        H2 = 0x98badcfe;
-        H3 = 0x10325476;
-        H4 = 0xc3d2e1f0;
-        H5 = 0x76543210; 
-        H6 = 0xFEDCBA98;
-        H7 = 0x89ABCDEF; 
-        H8 = 0x01234567; 
-        H9 = 0x3C2D1E0F;
-
-        xOff = 0;
-
-        for (int i = 0; i != X.length; i++)
-        {
-            X[i] = 0;
-        }
-    }
-
-    /*
-     * rotate int x left n bits.
-     */
-    private int RL(
-        int x,
-        int n)
-    {
-        return (x << n) | (x >>> (32 - n));
-    }
-
-    /*
-     * f1,f2,f3,f4,f5 are the basic RIPEMD160 functions.
-     */
-
-    /*
-     * rounds 0-15
-     */
-    private int f1(
-        int x,
-        int y,
-        int z)
-    {
-        return x ^ y ^ z;
-    }
-
-    /*
-     * rounds 16-31
-     */
-    private int f2(
-        int x,
-        int y,
-        int z)
-    {
-        return (x & y) | (~x & z);
-    }
-
-    /*
-     * rounds 32-47
-     */
-    private int f3(
-        int x,
-        int y,
-        int z)
-    {
-        return (x | ~y) ^ z;
-    }
-
-    /*
-     * rounds 48-63
-     */
-    private int f4(
-        int x,
-        int y,
-        int z)
-    {
-        return (x & z) | (y & ~z);
-    }
-
-    /*
-     * rounds 64-79
-     */
-    private int f5(
-        int x,
-        int y,
-        int z)
-    {
-        return x ^ (y | ~z);
-    }
-
-    protected void processBlock()
-    {
-        int a, aa;
-        int b, bb;
-        int c, cc;
-        int d, dd;
-        int e, ee;
-        int t;
-
-        a = H0;
-        b = H1;
-        c = H2;
-        d = H3;
-        e = H4;
-        aa = H5;
-        bb = H6;
-        cc = H7;
-        dd = H8;
-        ee = H9;
-        
-        //
-        // Rounds 1 - 16
-        //
-        // left
-        a = RL(a + f1(b,c,d) + X[ 0], 11) + e; c = RL(c, 10);
-        e = RL(e + f1(a,b,c) + X[ 1], 14) + d; b = RL(b, 10);
-        d = RL(d + f1(e,a,b) + X[ 2], 15) + c; a = RL(a, 10);
-        c = RL(c + f1(d,e,a) + X[ 3], 12) + b; e = RL(e, 10);
-        b = RL(b + f1(c,d,e) + X[ 4],  5) + a; d = RL(d, 10);
-        a = RL(a + f1(b,c,d) + X[ 5],  8) + e; c = RL(c, 10);
-        e = RL(e + f1(a,b,c) + X[ 6],  7) + d; b = RL(b, 10);
-        d = RL(d + f1(e,a,b) + X[ 7],  9) + c; a = RL(a, 10);
-        c = RL(c + f1(d,e,a) + X[ 8], 11) + b; e = RL(e, 10);
-        b = RL(b + f1(c,d,e) + X[ 9], 13) + a; d = RL(d, 10);
-        a = RL(a + f1(b,c,d) + X[10], 14) + e; c = RL(c, 10);
-        e = RL(e + f1(a,b,c) + X[11], 15) + d; b = RL(b, 10);
-        d = RL(d + f1(e,a,b) + X[12],  6) + c; a = RL(a, 10);
-        c = RL(c + f1(d,e,a) + X[13],  7) + b; e = RL(e, 10);
-        b = RL(b + f1(c,d,e) + X[14],  9) + a; d = RL(d, 10);
-        a = RL(a + f1(b,c,d) + X[15],  8) + e; c = RL(c, 10);
-
-        // right
-        aa = RL(aa + f5(bb,cc,dd) + X[ 5] + 0x50a28be6,  8) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f5(aa,bb,cc) + X[14] + 0x50a28be6,  9) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f5(ee,aa,bb) + X[ 7] + 0x50a28be6,  9) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f5(dd,ee,aa) + X[ 0] + 0x50a28be6, 11) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f5(cc,dd,ee) + X[ 9] + 0x50a28be6, 13) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f5(bb,cc,dd) + X[ 2] + 0x50a28be6, 15) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f5(aa,bb,cc) + X[11] + 0x50a28be6, 15) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f5(ee,aa,bb) + X[ 4] + 0x50a28be6,  5) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f5(dd,ee,aa) + X[13] + 0x50a28be6,  7) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f5(cc,dd,ee) + X[ 6] + 0x50a28be6,  7) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f5(bb,cc,dd) + X[15] + 0x50a28be6,  8) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f5(aa,bb,cc) + X[ 8] + 0x50a28be6, 11) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f5(ee,aa,bb) + X[ 1] + 0x50a28be6, 14) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f5(dd,ee,aa) + X[10] + 0x50a28be6, 14) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f5(cc,dd,ee) + X[ 3] + 0x50a28be6, 12) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f5(bb,cc,dd) + X[12] + 0x50a28be6,  6) + ee; cc = RL(cc, 10);
-
-        t = a; a = aa; aa = t;
-
-        //
-        // Rounds 16-31
-        //
-        // left
-        e = RL(e + f2(a,b,c) + X[ 7] + 0x5a827999,  7) + d; b = RL(b, 10);
-        d = RL(d + f2(e,a,b) + X[ 4] + 0x5a827999,  6) + c; a = RL(a, 10);
-        c = RL(c + f2(d,e,a) + X[13] + 0x5a827999,  8) + b; e = RL(e, 10);
-        b = RL(b + f2(c,d,e) + X[ 1] + 0x5a827999, 13) + a; d = RL(d, 10);
-        a = RL(a + f2(b,c,d) + X[10] + 0x5a827999, 11) + e; c = RL(c, 10);
-        e = RL(e + f2(a,b,c) + X[ 6] + 0x5a827999,  9) + d; b = RL(b, 10);
-        d = RL(d + f2(e,a,b) + X[15] + 0x5a827999,  7) + c; a = RL(a, 10);
-        c = RL(c + f2(d,e,a) + X[ 3] + 0x5a827999, 15) + b; e = RL(e, 10);
-        b = RL(b + f2(c,d,e) + X[12] + 0x5a827999,  7) + a; d = RL(d, 10);
-        a = RL(a + f2(b,c,d) + X[ 0] + 0x5a827999, 12) + e; c = RL(c, 10);
-        e = RL(e + f2(a,b,c) + X[ 9] + 0x5a827999, 15) + d; b = RL(b, 10);
-        d = RL(d + f2(e,a,b) + X[ 5] + 0x5a827999,  9) + c; a = RL(a, 10);
-        c = RL(c + f2(d,e,a) + X[ 2] + 0x5a827999, 11) + b; e = RL(e, 10);
-        b = RL(b + f2(c,d,e) + X[14] + 0x5a827999,  7) + a; d = RL(d, 10);
-        a = RL(a + f2(b,c,d) + X[11] + 0x5a827999, 13) + e; c = RL(c, 10);
-        e = RL(e + f2(a,b,c) + X[ 8] + 0x5a827999, 12) + d; b = RL(b, 10);
-
-        // right
-        ee = RL(ee + f4(aa,bb,cc) + X[ 6] + 0x5c4dd124,  9) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f4(ee,aa,bb) + X[11] + 0x5c4dd124, 13) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f4(dd,ee,aa) + X[ 3] + 0x5c4dd124, 15) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f4(cc,dd,ee) + X[ 7] + 0x5c4dd124,  7) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f4(bb,cc,dd) + X[ 0] + 0x5c4dd124, 12) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f4(aa,bb,cc) + X[13] + 0x5c4dd124,  8) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f4(ee,aa,bb) + X[ 5] + 0x5c4dd124,  9) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f4(dd,ee,aa) + X[10] + 0x5c4dd124, 11) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f4(cc,dd,ee) + X[14] + 0x5c4dd124,  7) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f4(bb,cc,dd) + X[15] + 0x5c4dd124,  7) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f4(aa,bb,cc) + X[ 8] + 0x5c4dd124, 12) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f4(ee,aa,bb) + X[12] + 0x5c4dd124,  7) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f4(dd,ee,aa) + X[ 4] + 0x5c4dd124,  6) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f4(cc,dd,ee) + X[ 9] + 0x5c4dd124, 15) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f4(bb,cc,dd) + X[ 1] + 0x5c4dd124, 13) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f4(aa,bb,cc) + X[ 2] + 0x5c4dd124, 11) + dd; bb = RL(bb, 10);
-
-        t = b; b = bb; bb = t;
-
-        //
-        // Rounds 32-47
-        //
-        // left
-        d = RL(d + f3(e,a,b) + X[ 3] + 0x6ed9eba1, 11) + c; a = RL(a, 10);
-        c = RL(c + f3(d,e,a) + X[10] + 0x6ed9eba1, 13) + b; e = RL(e, 10);
-        b = RL(b + f3(c,d,e) + X[14] + 0x6ed9eba1,  6) + a; d = RL(d, 10);
-        a = RL(a + f3(b,c,d) + X[ 4] + 0x6ed9eba1,  7) + e; c = RL(c, 10);
-        e = RL(e + f3(a,b,c) + X[ 9] + 0x6ed9eba1, 14) + d; b = RL(b, 10);
-        d = RL(d + f3(e,a,b) + X[15] + 0x6ed9eba1,  9) + c; a = RL(a, 10);
-        c = RL(c + f3(d,e,a) + X[ 8] + 0x6ed9eba1, 13) + b; e = RL(e, 10);
-        b = RL(b + f3(c,d,e) + X[ 1] + 0x6ed9eba1, 15) + a; d = RL(d, 10);
-        a = RL(a + f3(b,c,d) + X[ 2] + 0x6ed9eba1, 14) + e; c = RL(c, 10);
-        e = RL(e + f3(a,b,c) + X[ 7] + 0x6ed9eba1,  8) + d; b = RL(b, 10);
-        d = RL(d + f3(e,a,b) + X[ 0] + 0x6ed9eba1, 13) + c; a = RL(a, 10);
-        c = RL(c + f3(d,e,a) + X[ 6] + 0x6ed9eba1,  6) + b; e = RL(e, 10);
-        b = RL(b + f3(c,d,e) + X[13] + 0x6ed9eba1,  5) + a; d = RL(d, 10);
-        a = RL(a + f3(b,c,d) + X[11] + 0x6ed9eba1, 12) + e; c = RL(c, 10);
-        e = RL(e + f3(a,b,c) + X[ 5] + 0x6ed9eba1,  7) + d; b = RL(b, 10);
-        d = RL(d + f3(e,a,b) + X[12] + 0x6ed9eba1,  5) + c; a = RL(a, 10);
-
-        // right
-        dd = RL(dd + f3(ee,aa,bb) + X[15] + 0x6d703ef3,  9) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f3(dd,ee,aa) + X[ 5] + 0x6d703ef3,  7) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f3(cc,dd,ee) + X[ 1] + 0x6d703ef3, 15) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f3(bb,cc,dd) + X[ 3] + 0x6d703ef3, 11) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f3(aa,bb,cc) + X[ 7] + 0x6d703ef3,  8) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f3(ee,aa,bb) + X[14] + 0x6d703ef3,  6) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f3(dd,ee,aa) + X[ 6] + 0x6d703ef3,  6) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f3(cc,dd,ee) + X[ 9] + 0x6d703ef3, 14) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f3(bb,cc,dd) + X[11] + 0x6d703ef3, 12) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f3(aa,bb,cc) + X[ 8] + 0x6d703ef3, 13) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f3(ee,aa,bb) + X[12] + 0x6d703ef3,  5) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f3(dd,ee,aa) + X[ 2] + 0x6d703ef3, 14) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f3(cc,dd,ee) + X[10] + 0x6d703ef3, 13) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f3(bb,cc,dd) + X[ 0] + 0x6d703ef3, 13) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f3(aa,bb,cc) + X[ 4] + 0x6d703ef3,  7) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f3(ee,aa,bb) + X[13] + 0x6d703ef3,  5) + cc; aa = RL(aa, 10);
-
-        t = c; c = cc; cc = t;
-
-        //
-        // Rounds 48-63
-        //
-        // left
-        c = RL(c + f4(d,e,a) + X[ 1] + 0x8f1bbcdc, 11) + b; e = RL(e, 10);
-        b = RL(b + f4(c,d,e) + X[ 9] + 0x8f1bbcdc, 12) + a; d = RL(d, 10);
-        a = RL(a + f4(b,c,d) + X[11] + 0x8f1bbcdc, 14) + e; c = RL(c, 10);
-        e = RL(e + f4(a,b,c) + X[10] + 0x8f1bbcdc, 15) + d; b = RL(b, 10);
-        d = RL(d + f4(e,a,b) + X[ 0] + 0x8f1bbcdc, 14) + c; a = RL(a, 10);
-        c = RL(c + f4(d,e,a) + X[ 8] + 0x8f1bbcdc, 15) + b; e = RL(e, 10);
-        b = RL(b + f4(c,d,e) + X[12] + 0x8f1bbcdc,  9) + a; d = RL(d, 10);
-        a = RL(a + f4(b,c,d) + X[ 4] + 0x8f1bbcdc,  8) + e; c = RL(c, 10);
-        e = RL(e + f4(a,b,c) + X[13] + 0x8f1bbcdc,  9) + d; b = RL(b, 10);
-        d = RL(d + f4(e,a,b) + X[ 3] + 0x8f1bbcdc, 14) + c; a = RL(a, 10);
-        c = RL(c + f4(d,e,a) + X[ 7] + 0x8f1bbcdc,  5) + b; e = RL(e, 10);
-        b = RL(b + f4(c,d,e) + X[15] + 0x8f1bbcdc,  6) + a; d = RL(d, 10);
-        a = RL(a + f4(b,c,d) + X[14] + 0x8f1bbcdc,  8) + e; c = RL(c, 10);
-        e = RL(e + f4(a,b,c) + X[ 5] + 0x8f1bbcdc,  6) + d; b = RL(b, 10);
-        d = RL(d + f4(e,a,b) + X[ 6] + 0x8f1bbcdc,  5) + c; a = RL(a, 10);
-        c = RL(c + f4(d,e,a) + X[ 2] + 0x8f1bbcdc, 12) + b; e = RL(e, 10);
-
-        // right
-        cc = RL(cc + f2(dd,ee,aa) + X[ 8] + 0x7a6d76e9, 15) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f2(cc,dd,ee) + X[ 6] + 0x7a6d76e9,  5) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f2(bb,cc,dd) + X[ 4] + 0x7a6d76e9,  8) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f2(aa,bb,cc) + X[ 1] + 0x7a6d76e9, 11) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f2(ee,aa,bb) + X[ 3] + 0x7a6d76e9, 14) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f2(dd,ee,aa) + X[11] + 0x7a6d76e9, 14) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f2(cc,dd,ee) + X[15] + 0x7a6d76e9,  6) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f2(bb,cc,dd) + X[ 0] + 0x7a6d76e9, 14) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f2(aa,bb,cc) + X[ 5] + 0x7a6d76e9,  6) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f2(ee,aa,bb) + X[12] + 0x7a6d76e9,  9) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f2(dd,ee,aa) + X[ 2] + 0x7a6d76e9, 12) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f2(cc,dd,ee) + X[13] + 0x7a6d76e9,  9) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f2(bb,cc,dd) + X[ 9] + 0x7a6d76e9, 12) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f2(aa,bb,cc) + X[ 7] + 0x7a6d76e9,  5) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f2(ee,aa,bb) + X[10] + 0x7a6d76e9, 15) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f2(dd,ee,aa) + X[14] + 0x7a6d76e9,  8) + bb; ee = RL(ee, 10);
-
-       t = d; d = dd; dd = t;
-
-        //
-        // Rounds 64-79
-        //
-        // left
-        b = RL(b + f5(c,d,e) + X[ 4] + 0xa953fd4e,  9) + a; d = RL(d, 10);
-        a = RL(a + f5(b,c,d) + X[ 0] + 0xa953fd4e, 15) + e; c = RL(c, 10);
-        e = RL(e + f5(a,b,c) + X[ 5] + 0xa953fd4e,  5) + d; b = RL(b, 10);
-        d = RL(d + f5(e,a,b) + X[ 9] + 0xa953fd4e, 11) + c; a = RL(a, 10);
-        c = RL(c + f5(d,e,a) + X[ 7] + 0xa953fd4e,  6) + b; e = RL(e, 10);
-        b = RL(b + f5(c,d,e) + X[12] + 0xa953fd4e,  8) + a; d = RL(d, 10);
-        a = RL(a + f5(b,c,d) + X[ 2] + 0xa953fd4e, 13) + e; c = RL(c, 10);
-        e = RL(e + f5(a,b,c) + X[10] + 0xa953fd4e, 12) + d; b = RL(b, 10);
-        d = RL(d + f5(e,a,b) + X[14] + 0xa953fd4e,  5) + c; a = RL(a, 10);
-        c = RL(c + f5(d,e,a) + X[ 1] + 0xa953fd4e, 12) + b; e = RL(e, 10);
-        b = RL(b + f5(c,d,e) + X[ 3] + 0xa953fd4e, 13) + a; d = RL(d, 10);
-        a = RL(a + f5(b,c,d) + X[ 8] + 0xa953fd4e, 14) + e; c = RL(c, 10);
-        e = RL(e + f5(a,b,c) + X[11] + 0xa953fd4e, 11) + d; b = RL(b, 10);
-        d = RL(d + f5(e,a,b) + X[ 6] + 0xa953fd4e,  8) + c; a = RL(a, 10);
-        c = RL(c + f5(d,e,a) + X[15] + 0xa953fd4e,  5) + b; e = RL(e, 10);
-        b = RL(b + f5(c,d,e) + X[13] + 0xa953fd4e,  6) + a; d = RL(d, 10);
-
-        // right
-        bb = RL(bb + f1(cc,dd,ee) + X[12],  8) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f1(bb,cc,dd) + X[15],  5) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f1(aa,bb,cc) + X[10], 12) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f1(ee,aa,bb) + X[ 4],  9) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f1(dd,ee,aa) + X[ 1], 12) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f1(cc,dd,ee) + X[ 5],  5) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f1(bb,cc,dd) + X[ 8], 14) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f1(aa,bb,cc) + X[ 7],  6) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f1(ee,aa,bb) + X[ 6],  8) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f1(dd,ee,aa) + X[ 2], 13) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f1(cc,dd,ee) + X[13],  6) + aa; dd = RL(dd, 10);
-        aa = RL(aa + f1(bb,cc,dd) + X[14],  5) + ee; cc = RL(cc, 10);
-        ee = RL(ee + f1(aa,bb,cc) + X[ 0], 15) + dd; bb = RL(bb, 10);
-        dd = RL(dd + f1(ee,aa,bb) + X[ 3], 13) + cc; aa = RL(aa, 10);
-        cc = RL(cc + f1(dd,ee,aa) + X[ 9], 11) + bb; ee = RL(ee, 10);
-        bb = RL(bb + f1(cc,dd,ee) + X[11], 11) + aa; dd = RL(dd, 10);
-
-        //
-        // do (e, ee) swap as part of assignment.
-        //
-
-        H0 += a;
-        H1 += b;
-        H2 += c;
-        H3 += d;
-        H4 += ee;
-        H5 += aa;
-        H6 += bb;
-        H7 += cc;
-        H8 += dd;
-        H9 += e;
-        
-        //
-        // reset the offset and clean out the word buffer.
-        //
-        xOff = 0;
-        for (int i = 0; i != X.length; i++)
-        {
-            X[i] = 0;
-        }
-    }
-
-    public Memoable copy()
-    {
-        return new RIPEMD320Digest(this);
-    }
-
-    public void reset(Memoable other)
-    {
-        RIPEMD320Digest d = (RIPEMD320Digest)other;
-
-        doCopy(d);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/SHA3Digest.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/SHA3Digest.java
deleted file mode 100644
index 85537d0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/digests/SHA3Digest.java
+++ /dev/null

@@ -1,74 +0,0 @@
-package org.bouncycastle.crypto.digests;
-
-
-/**
- * implementation of SHA-3 based on following KeccakNISTInterface.c from http://keccak.noekeon.org/
- * <p>
- * Following the naming conventions used in the C source code to enable easy review of the implementation.
- */
-public class SHA3Digest
-    extends KeccakDigest
-{
-    private static int checkBitLength(int bitLength)
-    {
-        switch (bitLength)
-        {
-        case 224:
-        case 256:
-        case 384:
-        case 512:
-            return bitLength;
-        default:
-            throw new IllegalArgumentException("'bitLength' " + bitLength + " not supported for SHA-3");
-        }
-    }
-
-    public SHA3Digest()
-    {
-        this(256);
-    }
-
-    public SHA3Digest(int bitLength)
-    {
-        super(checkBitLength(bitLength));
-    }
-
-    public SHA3Digest(SHA3Digest source) {
-        super(source);
-    }
-
-    public String getAlgorithmName()
-    {
-        return "SHA3-" + fixedOutputLength;
-    }
-
-    public int doFinal(byte[] out, int outOff)
-    {
-        absorbBits(0x02, 2);
-        
-        return super.doFinal(out,  outOff);
-    }
-
-    /*
-     * TODO Possible API change to support partial-byte suffixes.
-     */
-    protected int doFinal(byte[] out, int outOff, byte partialByte, int partialBits)
-    {
-        if (partialBits < 0 || partialBits > 7)
-        {
-            throw new IllegalArgumentException("'partialBits' must be in the range [0,7]");
-        }
-
-        int finalInput = (partialByte & ((1 << partialBits) - 1)) | (0x02 << partialBits);
-        int finalBits = partialBits + 2;
-
-        if (finalBits >= 8)
-        {
-            absorb(new byte[]{ (byte)finalInput }, 0, 1);
-            finalBits -= 8;
-            finalInput >>>= 8;
-        }
-
-        return super.doFinal(out, outOff, (byte)finalInput, finalBits);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/SHA512tDigest.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/SHA512tDigest.java
deleted file mode 100644
index d5848b1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/digests/SHA512tDigest.java
+++ /dev/null

@@ -1,227 +0,0 @@
-package org.bouncycastle.crypto.digests;
-
-import org.bouncycastle.util.Memoable;
-import org.bouncycastle.util.MemoableResetException;
-import org.bouncycastle.util.Pack;
-
-/**
- * FIPS 180-4 implementation of SHA-512/t
- */
-public class SHA512tDigest
-    extends LongDigest
-{
-    private int digestLength;      // non-final due to old flow analyser.
-
-    private long  H1t, H2t, H3t, H4t, H5t, H6t, H7t, H8t;
-
-    /**
-     * Standard constructor
-     */
-    public SHA512tDigest(int bitLength)
-    {
-        if (bitLength >= 512)
-        {
-            throw new IllegalArgumentException("bitLength cannot be >= 512");
-        }
-
-        if (bitLength % 8 != 0)
-        {
-            throw new IllegalArgumentException("bitLength needs to be a multiple of 8");
-        }
-
-        if (bitLength == 384)
-        {
-            throw new IllegalArgumentException("bitLength cannot be 384 use SHA384 instead");
-        }
-
-        this.digestLength = bitLength / 8;
-
-        tIvGenerate(digestLength * 8);
-
-        reset();
-    }
-
-    /**
-     * Copy constructor.  This will copy the state of the provided
-     * message digest.
-     */
-    public SHA512tDigest(SHA512tDigest t)
-    {
-        super(t);
-
-        this.digestLength = t.digestLength;
-
-        reset(t);
-    }
-
-    public SHA512tDigest(byte[] encodedState)
-    {
-        this(readDigestLength(encodedState));
-        restoreState(encodedState);
-    }
-
-    private static int readDigestLength(byte[] encodedState)
-    {
-        return Pack.bigEndianToInt(encodedState, encodedState.length - 4);
-    }
-
-    public String getAlgorithmName()
-    {
-        return "SHA-512/" + Integer.toString(digestLength * 8);
-    }
-
-    public int getDigestSize()
-    {
-        return digestLength;
-    }
-
-    public int doFinal(
-        byte[]  out,
-        int     outOff)
-    {
-        finish();
-
-        longToBigEndian(H1, out, outOff, digestLength);
-        longToBigEndian(H2, out, outOff + 8, digestLength - 8);
-        longToBigEndian(H3, out, outOff + 16, digestLength - 16);
-        longToBigEndian(H4, out, outOff + 24, digestLength - 24);
-        longToBigEndian(H5, out, outOff + 32, digestLength - 32);
-        longToBigEndian(H6, out, outOff + 40, digestLength - 40);
-        longToBigEndian(H7, out, outOff + 48, digestLength - 48);
-        longToBigEndian(H8, out, outOff + 56, digestLength - 56);
-
-        reset();
-
-        return digestLength;
-    }
-
-    /**
-     * reset the chaining variables
-     */
-    public void reset()
-    {
-        super.reset();
-
-        /*
-         * initial hash values use the iv generation algorithm for t.
-         */
-        H1 = H1t;
-        H2 = H2t;
-        H3 = H3t;
-        H4 = H4t;
-        H5 = H5t;
-        H6 = H6t;
-        H7 = H7t;
-        H8 = H8t;
-    }
-
-    private void tIvGenerate(int bitLength)
-    {
-        H1 = 0x6a09e667f3bcc908L ^ 0xa5a5a5a5a5a5a5a5L;
-        H2 = 0xbb67ae8584caa73bL ^ 0xa5a5a5a5a5a5a5a5L;
-        H3 = 0x3c6ef372fe94f82bL ^ 0xa5a5a5a5a5a5a5a5L;
-        H4 = 0xa54ff53a5f1d36f1L ^ 0xa5a5a5a5a5a5a5a5L;
-        H5 = 0x510e527fade682d1L ^ 0xa5a5a5a5a5a5a5a5L;
-        H6 = 0x9b05688c2b3e6c1fL ^ 0xa5a5a5a5a5a5a5a5L;
-        H7 = 0x1f83d9abfb41bd6bL ^ 0xa5a5a5a5a5a5a5a5L;
-        H8 = 0x5be0cd19137e2179L ^ 0xa5a5a5a5a5a5a5a5L;
-
-        update((byte)0x53);
-        update((byte)0x48);
-        update((byte)0x41);
-        update((byte)0x2D);
-        update((byte)0x35);
-        update((byte)0x31);
-        update((byte)0x32);
-        update((byte)0x2F);
-
-        if (bitLength > 100)
-        {
-            update((byte)(bitLength / 100 + 0x30));
-            bitLength = bitLength % 100;
-            update((byte)(bitLength / 10 + 0x30));
-            bitLength = bitLength % 10;
-            update((byte)(bitLength + 0x30));
-        }
-        else if (bitLength > 10)
-        {
-            update((byte)(bitLength / 10 + 0x30));
-            bitLength = bitLength % 10;
-            update((byte)(bitLength + 0x30));
-        }
-        else
-        {
-            update((byte)(bitLength + 0x30));
-        }
-
-        finish();
-
-        H1t = H1;
-        H2t = H2;
-        H3t = H3;
-        H4t = H4;
-        H5t = H5;
-        H6t = H6;
-        H7t = H7;
-        H8t = H8;
-    }
-
-    private static void longToBigEndian(long n, byte[] bs, int off, int max)
-    {
-        if (max > 0)
-        {
-            intToBigEndian((int)(n >>> 32), bs, off, max);
-
-            if (max > 4)
-            {
-                intToBigEndian((int)(n & 0xffffffffL), bs, off + 4, max - 4);
-            }
-        }
-    }
-
-    private static void intToBigEndian(int n, byte[] bs, int off, int max)
-    {
-        int num = Math.min(4, max);
-        while (--num >= 0)
-        {
-            int shift = 8 * (3 - num);
-            bs[off + num] = (byte)(n >>> shift);
-        }
-    }
-
-    public Memoable copy()
-    {
-        return new SHA512tDigest(this);
-    }
-
-    public void reset(Memoable other)
-    {
-        SHA512tDigest t = (SHA512tDigest)other;
-
-        if (this.digestLength != t.digestLength)
-        {
-            throw new MemoableResetException("digestLength inappropriate in other");
-        }
-
-        super.copyIn(t);
-
-        this.H1t = t.H1t;
-        this.H2t = t.H2t;
-        this.H3t = t.H3t;
-        this.H4t = t.H4t;
-        this.H5t = t.H5t;
-        this.H6t = t.H6t;
-        this.H7t = t.H7t;
-        this.H8t = t.H8t;
-    }
-
-    public byte[] getEncodedState()
-    {
-        final int baseSize = getEncodedStateSize();
-        byte[] encoded = new byte[baseSize + 4];
-        populateState(encoded);
-        Pack.intToBigEndian(digestLength * 8, encoded, baseSize);
-        return encoded;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/SHAKEDigest.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/SHAKEDigest.java
deleted file mode 100644
index 67375c8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/digests/SHAKEDigest.java
+++ /dev/null

@@ -1,111 +0,0 @@
-package org.bouncycastle.crypto.digests;
-
-import org.bouncycastle.crypto.Xof;
-
-
-/**
- * implementation of SHAKE based on following KeccakNISTInterface.c from http://keccak.noekeon.org/
- * <p>
- * Following the naming conventions used in the C source code to enable easy review of the implementation.
- */
-public class SHAKEDigest
-    extends KeccakDigest
-    implements Xof
-{
-    private static int checkBitLength(int bitLength)
-    {
-        switch (bitLength)
-        {
-        case 128:
-        case 256:
-            return bitLength;
-        default:
-            throw new IllegalArgumentException("'bitLength' " + bitLength + " not supported for SHAKE");
-        }
-    }
-
-    public SHAKEDigest()
-    {
-        this(128);
-    }
-
-    public SHAKEDigest(int bitLength)
-    {
-        super(checkBitLength(bitLength));
-    }
-
-    public SHAKEDigest(SHAKEDigest source) {
-        super(source);
-    }
-
-    public String getAlgorithmName()
-    {
-        return "SHAKE" + fixedOutputLength;
-    }
-
-    public int doFinal(byte[] out, int outOff)
-    {
-        return doFinal(out, outOff, getDigestSize());
-    }
-
-    public int doFinal(byte[] out, int outOff, int outLen)
-    {
-        int length = doOutput(out, outOff, outLen);
-
-        reset();
-
-        return length;
-    }
-
-    public int doOutput(byte[] out, int outOff, int outLen)
-    {
-        if (!squeezing)
-        {
-            absorbBits(0x0F, 4);
-        }
-
-        squeeze(out, outOff, ((long)outLen) * 8);
-
-        return outLen;
-    }
-
-    /*
-     * TODO Possible API change to support partial-byte suffixes.
-     */
-    protected int doFinal(byte[] out, int outOff, byte partialByte, int partialBits)
-    {
-        return doFinal(out, outOff, getDigestSize(), partialByte, partialBits);
-    }
-
-    /*
-     * TODO Possible API change to support partial-byte suffixes.
-     */
-    protected int doFinal(byte[] out, int outOff, int outLen, byte partialByte, int partialBits)
-    {
-        if (partialBits < 0 || partialBits > 7)
-        {
-            throw new IllegalArgumentException("'partialBits' must be in the range [0,7]");
-        }
-
-        int finalInput = (partialByte & ((1 << partialBits) - 1)) | (0x0F << partialBits);
-        int finalBits = partialBits + 4;
-
-        if (finalBits >= 8)
-        {
-            absorb(new byte[]{ (byte)finalInput }, 0, 1);
-            finalBits -= 8;
-            finalInput >>>= 8;
-        }
-
-        if (finalBits > 0)
-        {
-            absorbBits(finalInput, finalBits);
-        }
-
-        squeeze(out, outOff, ((long)outLen) * 8);
-
-        reset();
-
-        return outLen;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/SM3Digest.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/SM3Digest.java
deleted file mode 100644
index 4a527c1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/digests/SM3Digest.java
+++ /dev/null

@@ -1,325 +0,0 @@
-package org.bouncycastle.crypto.digests;
-
-import org.bouncycastle.util.Memoable;
-import org.bouncycastle.util.Pack;
-
-/**
- * Implementation of Chinese SM3 digest as described at
- * http://tools.ietf.org/html/draft-shen-sm3-hash-01
- * and at .... ( Chinese PDF )
- * <p>
- * The specification says "process a bit stream",
- * but this is written to process bytes in blocks of 4,
- * meaning this will process 32-bit word groups.
- * But so do also most other digest specifications,
- * including the SHA-256 which was a origin for
- * this specification.
- */
-public class SM3Digest
-    extends GeneralDigest
-{
-    private static final int DIGEST_LENGTH = 32;   // bytes
-    private static final int BLOCK_SIZE = 64 / 4; // of 32 bit ints (16 ints)
-
-    private int[] V = new int[DIGEST_LENGTH / 4]; // in 32 bit ints (8 ints)
-    private int[] inwords = new int[BLOCK_SIZE];
-    private int xOff;
-
-    // Work-bufs used within processBlock()
-    private int[] W = new int[68];
-
-    // Round constant T for processBlock() which is 32 bit integer rolled left up to (63 MOD 32) bit positions.
-    private static final int[] T = new int[64];
-
-    static
-    {
-        for (int i = 0; i < 16; ++i)
-        {
-            int t = 0x79CC4519;
-            T[i] = (t << i) | (t >>> (32 - i));
-        }
-        for (int i = 16; i < 64; ++i)
-        {
-            int n = i % 32;
-            int t = 0x7A879D8A;
-            T[i] = (t << n) | (t >>> (32 - n));
-        }
-    }
-
-
-    /**
-     * Standard constructor
-     */
-    public SM3Digest()
-    {
-        reset();
-    }
-
-    /**
-     * Copy constructor.  This will copy the state of the provided
-     * message digest.
-     */
-    public SM3Digest(SM3Digest t)
-    {
-        super(t);
-
-        copyIn(t);
-    }
-
-    private void copyIn(SM3Digest t)
-    {
-        System.arraycopy(t.V, 0, this.V, 0, this.V.length);
-        System.arraycopy(t.inwords, 0, this.inwords, 0, this.inwords.length);
-        xOff = t.xOff;
-    }
-
-    public String getAlgorithmName()
-    {
-        return "SM3";
-    }
-
-    public int getDigestSize()
-    {
-        return DIGEST_LENGTH;
-    }
-
-
-    public Memoable copy()
-    {
-        return new SM3Digest(this);
-    }
-
-    public void reset(Memoable other)
-    {
-        SM3Digest d = (SM3Digest)other;
-
-        super.copyIn(d);
-        copyIn(d);
-    }
-
-
-    /**
-     * reset the chaining variables
-     */
-    public void reset()
-    {
-        super.reset();
-
-        this.V[0] = 0x7380166F;
-        this.V[1] = 0x4914B2B9;
-        this.V[2] = 0x172442D7;
-        this.V[3] = 0xDA8A0600;
-        this.V[4] = 0xA96F30BC;
-        this.V[5] = 0x163138AA;
-        this.V[6] = 0xE38DEE4D;
-        this.V[7] = 0xB0FB0E4E;
-
-        this.xOff = 0;
-    }
-
-
-    public int doFinal(byte[] out,
-                       int outOff)
-    {
-        finish();
-
-        Pack.intToBigEndian(V, out, outOff);
-
-        reset();
-
-        return DIGEST_LENGTH;
-    }
-
-
-    protected void processWord(byte[] in,
-                               int inOff)
-    {
-        // Note: Inlined for performance
-        // this.inwords[xOff] = Pack.bigEndianToInt(in, inOff);
-        int n = (((in[inOff] & 0xff) << 24) |
-            ((in[++inOff] & 0xff) << 16) |
-            ((in[++inOff] & 0xff) << 8) |
-            ((in[++inOff] & 0xff)));
-
-        this.inwords[this.xOff] = n;
-        ++this.xOff;
-
-        if (this.xOff >= 16)
-        {
-            processBlock();
-        }
-    }
-
-    protected void processLength(long bitLength)
-    {
-        if (this.xOff > (BLOCK_SIZE - 2))
-        {
-            // xOff == 15  --> can't fit the 64 bit length field at tail..
-            this.inwords[this.xOff] = 0; // fill with zero
-            ++this.xOff;
-
-            processBlock();
-        }
-        // Fill with zero words, until reach 2nd to last slot
-        while (this.xOff < (BLOCK_SIZE - 2))
-        {
-            this.inwords[this.xOff] = 0;
-            ++this.xOff;
-        }
-
-        // Store input data length in BITS
-        this.inwords[this.xOff++] = (int)(bitLength >>> 32);
-        this.inwords[this.xOff++] = (int)(bitLength);
-    }
-
-/*
-
-3.4.2.  Constants
-
-
-   Tj = 79cc4519        when 0  < = j < = 15
-   Tj = 7a879d8a        when 16 < = j < = 63
-
-3.4.3.  Boolean function
-
-
-   FFj(X;Y;Z) = X XOR Y XOR Z                       when 0  < = j < = 15
-              = (X AND Y) OR (X AND Z) OR (Y AND Z) when 16 < = j < = 63
-
-   GGj(X;Y;Z) = X XOR Y XOR Z                       when 0  < = j < = 15
-              = (X AND Y) OR (NOT X AND Z)          when 16 < = j < = 63
-
-   The X, Y, Z in the fomular are words!GBP
-
-3.4.4.  Permutation function
-
-
-   P0(X) = X XOR (X <<<  9) XOR (X <<< 17)   ## ROLL, not SHIFT
-   P1(X) = X XOR (X <<< 15) XOR (X <<< 23)   ## ROLL, not SHIFT
-
-   The X in the fomular are a word.
-
-----------
-
-Each ROLL converted to Java expression:
-
-ROLL 9  :  ((x <<  9) | (x >>> (32-9))))
-ROLL 17 :  ((x << 17) | (x >>> (32-17)))
-ROLL 15 :  ((x << 15) | (x >>> (32-15)))
-ROLL 23 :  ((x << 23) | (x >>> (32-23)))
-
- */
-
-    private int P0(final int x)
-    {
-        final int r9 = ((x << 9) | (x >>> (32 - 9)));
-        final int r17 = ((x << 17) | (x >>> (32 - 17)));
-        return (x ^ r9 ^ r17);
-    }
-
-    private int P1(final int x)
-    {
-        final int r15 = ((x << 15) | (x >>> (32 - 15)));
-        final int r23 = ((x << 23) | (x >>> (32 - 23)));
-        return (x ^ r15 ^ r23);
-    }
-
-    private int FF0(final int x, final int y, final int z)
-    {
-        return (x ^ y ^ z);
-    }
-
-    private int FF1(final int x, final int y, final int z)
-    {
-        return ((x & y) | (x & z) | (y & z));
-    }
-
-    private int GG0(final int x, final int y, final int z)
-    {
-        return (x ^ y ^ z);
-    }
-
-    private int GG1(final int x, final int y, final int z)
-    {
-        return ((x & y) | ((~x) & z));
-    }
-
-
-    protected void processBlock()
-    {
-        for (int j = 0; j < 16; ++j)
-        {
-            this.W[j] = this.inwords[j];
-        }
-        for (int j = 16; j < 68; ++j)
-        {
-            int wj3 = this.W[j - 3];
-            int r15 = ((wj3 << 15) | (wj3 >>> (32 - 15)));
-            int wj13 = this.W[j - 13];
-            int r7 = ((wj13 << 7) | (wj13 >>> (32 - 7)));
-            this.W[j] = P1(this.W[j - 16] ^ this.W[j - 9] ^ r15) ^ r7 ^ this.W[j - 6];
-        }
-
-        int A = this.V[0];
-        int B = this.V[1];
-        int C = this.V[2];
-        int D = this.V[3];
-        int E = this.V[4];
-        int F = this.V[5];
-        int G = this.V[6];
-        int H = this.V[7];
-
-
-        for (int j = 0; j < 16; ++j)
-        {
-            int a12 = ((A << 12) | (A >>> (32 - 12)));
-            int s1_ = a12 + E + T[j];
-            int SS1 = ((s1_ << 7) | (s1_ >>> (32 - 7)));
-            int SS2 = SS1 ^ a12;
-            int Wj = W[j];
-            int W1j = Wj ^ W[j + 4];
-            int TT1 = FF0(A, B, C) + D + SS2 + W1j;
-            int TT2 = GG0(E, F, G) + H + SS1 + Wj;
-            D = C;
-            C = ((B << 9) | (B >>> (32 - 9)));
-            B = A;
-            A = TT1;
-            H = G;
-            G = ((F << 19) | (F >>> (32 - 19)));
-            F = E;
-            E = P0(TT2);
-        }
-
-        // Different FF,GG functions on rounds 16..63
-        for (int j = 16; j < 64; ++j)
-        {
-            int a12 = ((A << 12) | (A >>> (32 - 12)));
-            int s1_ = a12 + E + T[j];
-            int SS1 = ((s1_ << 7) | (s1_ >>> (32 - 7)));
-            int SS2 = SS1 ^ a12;
-            int Wj = W[j];
-            int W1j = Wj ^ W[j + 4];
-            int TT1 = FF1(A, B, C) + D + SS2 + W1j;
-            int TT2 = GG1(E, F, G) + H + SS1 + Wj;
-            D = C;
-            C = ((B << 9) | (B >>> (32 - 9)));
-            B = A;
-            A = TT1;
-            H = G;
-            G = ((F << 19) | (F >>> (32 - 19)));
-            F = E;
-            E = P0(TT2);
-        }
-
-        this.V[0] ^= A;
-        this.V[1] ^= B;
-        this.V[2] ^= C;
-        this.V[3] ^= D;
-        this.V[4] ^= E;
-        this.V[5] ^= F;
-        this.V[6] ^= G;
-        this.V[7] ^= H;
-
-        this.xOff = 0;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/ShortenedDigest.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/ShortenedDigest.java
deleted file mode 100644
index 89033e8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/digests/ShortenedDigest.java
+++ /dev/null

@@ -1,80 +0,0 @@
-package org.bouncycastle.crypto.digests;
-
-import org.bouncycastle.crypto.ExtendedDigest;
-
-/**
- * Wrapper class that reduces the output length of a particular digest to
- * only the first n bytes of the digest function.
- */
-public class ShortenedDigest 
-    implements ExtendedDigest
-{
-    private ExtendedDigest baseDigest;
-    private int            length;
-    
-    /**
-     * Base constructor.
-     * 
-     * @param baseDigest underlying digest to use.
-     * @param length length in bytes of the output of doFinal.
-     * @exception IllegalArgumentException if baseDigest is null, or length is greater than baseDigest.getDigestSize().
-     */
-    public ShortenedDigest(
-        ExtendedDigest baseDigest,
-        int            length)
-    {
-        if (baseDigest == null)
-        {
-            throw new IllegalArgumentException("baseDigest must not be null");
-        }
-        
-        if (length > baseDigest.getDigestSize())
-        {
-            throw new IllegalArgumentException("baseDigest output not large enough to support length");
-        }
-        
-        this.baseDigest = baseDigest;
-        this.length = length;
-    }
-    
-    public String getAlgorithmName()
-    {
-        return baseDigest.getAlgorithmName() + "(" + length * 8 + ")";
-    }
-
-    public int getDigestSize()
-    {
-        return length;
-    }
-
-    public void update(byte in)
-    {
-        baseDigest.update(in);
-    }
-
-    public void update(byte[] in, int inOff, int len)
-    {
-        baseDigest.update(in, inOff, len);
-    }
-
-    public int doFinal(byte[] out, int outOff)
-    {
-        byte[] tmp = new byte[baseDigest.getDigestSize()];
-        
-        baseDigest.doFinal(tmp, 0);
-        
-        System.arraycopy(tmp, 0, out, outOff, length);
-        
-        return length;
-    }
-
-    public void reset()
-    {
-        baseDigest.reset();
-    }
-
-    public int getByteLength()
-    {
-        return baseDigest.getByteLength();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/SkeinDigest.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/SkeinDigest.java
deleted file mode 100644
index ae1dbd6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/digests/SkeinDigest.java
+++ /dev/null

@@ -1,115 +0,0 @@
-package org.bouncycastle.crypto.digests;
-
-import org.bouncycastle.crypto.ExtendedDigest;
-import org.bouncycastle.crypto.engines.ThreefishEngine;
-import org.bouncycastle.crypto.params.SkeinParameters;
-import org.bouncycastle.util.Memoable;
-
-/**
- * Implementation of the Skein parameterised hash function in 256, 512 and 1024 bit block sizes,
- * based on the {@link ThreefishEngine Threefish} tweakable block cipher.
- * <p>
- * This is the 1.3 version of Skein defined in the Skein hash function submission to the NIST SHA-3
- * competition in October 2010.
- * <p>
- * Skein was designed by Niels Ferguson - Stefan Lucks - Bruce Schneier - Doug Whiting - Mihir
- * Bellare - Tadayoshi Kohno - Jon Callas - Jesse Walker.
- *
- * @see SkeinEngine
- * @see SkeinParameters
- */
-public class SkeinDigest
-    implements ExtendedDigest, Memoable
-{
-    /**
-     * 256 bit block size - Skein-256
-     */
-    public static final int SKEIN_256 = SkeinEngine.SKEIN_256;
-    /**
-     * 512 bit block size - Skein-512
-     */
-    public static final int SKEIN_512 = SkeinEngine.SKEIN_512;
-    /**
-     * 1024 bit block size - Skein-1024
-     */
-    public static final int SKEIN_1024 = SkeinEngine.SKEIN_1024;
-
-    private SkeinEngine engine;
-
-    /**
-     * Constructs a Skein digest with an internal state size and output size.
-     *
-     * @param stateSizeBits  the internal state size in bits - one of {@link #SKEIN_256}, {@link #SKEIN_512} or
-     *                       {@link #SKEIN_1024}.
-     * @param digestSizeBits the output/digest size to produce in bits, which must be an integral number of
-     *                       bytes.
-     */
-    public SkeinDigest(int stateSizeBits, int digestSizeBits)
-    {
-        this.engine = new SkeinEngine(stateSizeBits, digestSizeBits);
-        init(null);
-    }
-
-    public SkeinDigest(SkeinDigest digest)
-    {
-        this.engine = new SkeinEngine(digest.engine);
-    }
-
-    public void reset(Memoable other)
-    {
-        SkeinDigest d = (SkeinDigest)other;
-        engine.reset(d.engine);
-    }
-
-    public Memoable copy()
-    {
-        return new SkeinDigest(this);
-    }
-
-    public String getAlgorithmName()
-    {
-        return "Skein-" + (engine.getBlockSize() * 8) + "-" + (engine.getOutputSize() * 8);
-    }
-
-    public int getDigestSize()
-    {
-        return engine.getOutputSize();
-    }
-
-    public int getByteLength()
-    {
-        return engine.getBlockSize();
-    }
-
-    /**
-     * Optionally initialises the Skein digest with the provided parameters.<br>
-     * See {@link SkeinParameters} for details on the parameterisation of the Skein hash function.
-     *
-     * @param params the parameters to apply to this engine, or <code>null</code> to use no parameters.
-     */
-    public void init(SkeinParameters params)
-    {
-        engine.init(params);
-    }
-
-    public void reset()
-    {
-        engine.reset();
-    }
-
-    public void update(byte in)
-    {
-        engine.update(in);
-    }
-
-    public void update(byte[] in, int inOff, int len)
-    {
-        engine.update(in, inOff, len);
-    }
-
-    public int doFinal(byte[] out, int outOff)
-    {
-        return engine.doFinal(out, outOff);
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/SkeinEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/SkeinEngine.java
deleted file mode 100644
index 1d4e840..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/digests/SkeinEngine.java
+++ /dev/null

@@ -1,818 +0,0 @@
-package org.bouncycastle.crypto.digests;
-
-import java.util.Enumeration;
-import java.util.Hashtable;
-import java.util.Vector;
-
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.engines.ThreefishEngine;
-import org.bouncycastle.crypto.macs.SkeinMac;
-import org.bouncycastle.crypto.params.SkeinParameters;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Integers;
-import org.bouncycastle.util.Memoable;
-
-/**
- * Implementation of the Skein family of parameterised hash functions in 256, 512 and 1024 bit block
- * sizes, based on the {@link ThreefishEngine Threefish} tweakable block cipher.
- * <p>
- * This is the 1.3 version of Skein defined in the Skein hash function submission to the NIST SHA-3
- * competition in October 2010.
- * <p>
- * Skein was designed by Niels Ferguson - Stefan Lucks - Bruce Schneier - Doug Whiting - Mihir
- * Bellare - Tadayoshi Kohno - Jon Callas - Jesse Walker.
- * <p>
- * This implementation is the basis for {@link SkeinDigest} and {@link SkeinMac}, implementing the
- * parameter based configuration system that allows Skein to be adapted to multiple applications. <br>
- * Initialising the engine with {@link SkeinParameters} allows standard and arbitrary parameters to
- * be applied during the Skein hash function.
- * <p>
- * Implemented:
- * <ul>
- * <li>256, 512 and 1024 bit internal states.</li>
- * <li>Full 96 bit input length.</li>
- * <li>Parameters defined in the Skein specification, and arbitrary other pre and post message
- * parameters.</li>
- * <li>Arbitrary output size in 1 byte intervals.</li>
- * </ul>
- * <p>
- * Not implemented:
- * <ul>
- * <li>Sub-byte length input (bit padding).</li>
- * <li>Tree hashing.</li>
- * </ul>
- *
- * @see SkeinParameters
- */
-public class SkeinEngine
-    implements Memoable
-{
-    /**
-     * 256 bit block size - Skein 256
-     */
-    public static final int SKEIN_256 = ThreefishEngine.BLOCKSIZE_256;
-    /**
-     * 512 bit block size - Skein 512
-     */
-    public static final int SKEIN_512 = ThreefishEngine.BLOCKSIZE_512;
-    /**
-     * 1024 bit block size - Skein 1024
-     */
-    public static final int SKEIN_1024 = ThreefishEngine.BLOCKSIZE_1024;
-
-    // Minimal at present, but more complex when tree hashing is implemented
-    private static class Configuration
-    {
-        private byte[] bytes = new byte[32];
-
-        public Configuration(long outputSizeBits)
-        {
-            // 0..3 = ASCII SHA3
-            bytes[0] = (byte)'S';
-            bytes[1] = (byte)'H';
-            bytes[2] = (byte)'A';
-            bytes[3] = (byte)'3';
-
-            // 4..5 = version number in LSB order
-            bytes[4] = 1;
-            bytes[5] = 0;
-
-            // 8..15 = output length
-            ThreefishEngine.wordToBytes(outputSizeBits, bytes, 8);
-        }
-
-        public byte[] getBytes()
-        {
-            return bytes;
-        }
-
-    }
-
-    public static class Parameter
-    {
-        private int type;
-        private byte[] value;
-
-        public Parameter(int type, byte[] value)
-        {
-            this.type = type;
-            this.value = value;
-        }
-
-        public int getType()
-        {
-            return type;
-        }
-
-        public byte[] getValue()
-        {
-            return value;
-        }
-
-    }
-
-    /**
-     * The parameter type for the Skein key.
-     */
-    private static final int PARAM_TYPE_KEY = 0;
-
-    /**
-     * The parameter type for the Skein configuration block.
-     */
-    private static final int PARAM_TYPE_CONFIG = 4;
-
-    /**
-     * The parameter type for the message.
-     */
-    private static final int PARAM_TYPE_MESSAGE = 48;
-
-    /**
-     * The parameter type for the output transformation.
-     */
-    private static final int PARAM_TYPE_OUTPUT = 63;
-
-    /**
-     * Precalculated UBI(CFG) states for common state/output combinations without key or other
-     * pre-message params.
-     */
-    private static final Hashtable INITIAL_STATES = new Hashtable();
-
-    static
-    {
-        // From Appendix C of the Skein 1.3 NIST submission
-        initialState(SKEIN_256, 128, new long[]{
-            0xe1111906964d7260L,
-            0x883daaa77c8d811cL,
-            0x10080df491960f7aL,
-            0xccf7dde5b45bc1c2L});
-
-        initialState(SKEIN_256, 160, new long[]{
-            0x1420231472825e98L,
-            0x2ac4e9a25a77e590L,
-            0xd47a58568838d63eL,
-            0x2dd2e4968586ab7dL});
-
-        initialState(SKEIN_256, 224, new long[]{
-            0xc6098a8c9ae5ea0bL,
-            0x876d568608c5191cL,
-            0x99cb88d7d7f53884L,
-            0x384bddb1aeddb5deL});
-
-        initialState(SKEIN_256, 256, new long[]{
-            0xfc9da860d048b449L,
-            0x2fca66479fa7d833L,
-            0xb33bc3896656840fL,
-            0x6a54e920fde8da69L});
-
-        initialState(SKEIN_512, 128, new long[]{
-            0xa8bc7bf36fbf9f52L,
-            0x1e9872cebd1af0aaL,
-            0x309b1790b32190d3L,
-            0xbcfbb8543f94805cL,
-            0x0da61bcd6e31b11bL,
-            0x1a18ebead46a32e3L,
-            0xa2cc5b18ce84aa82L,
-            0x6982ab289d46982dL});
-
-        initialState(SKEIN_512, 160, new long[]{
-            0x28b81a2ae013bd91L,
-            0xc2f11668b5bdf78fL,
-            0x1760d8f3f6a56f12L,
-            0x4fb747588239904fL,
-            0x21ede07f7eaf5056L,
-            0xd908922e63ed70b8L,
-            0xb8ec76ffeccb52faL,
-            0x01a47bb8a3f27a6eL});
-
-        initialState(SKEIN_512, 224, new long[]{
-            0xccd0616248677224L,
-            0xcba65cf3a92339efL,
-            0x8ccd69d652ff4b64L,
-            0x398aed7b3ab890b4L,
-            0x0f59d1b1457d2bd0L,
-            0x6776fe6575d4eb3dL,
-            0x99fbc70e997413e9L,
-            0x9e2cfccfe1c41ef7L});
-
-        initialState(SKEIN_512, 384, new long[]{
-            0xa3f6c6bf3a75ef5fL,
-            0xb0fef9ccfd84faa4L,
-            0x9d77dd663d770cfeL,
-            0xd798cbf3b468fddaL,
-            0x1bc4a6668a0e4465L,
-            0x7ed7d434e5807407L,
-            0x548fc1acd4ec44d6L,
-            0x266e17546aa18ff8L});
-
-        initialState(SKEIN_512, 512, new long[]{
-            0x4903adff749c51ceL,
-            0x0d95de399746df03L,
-            0x8fd1934127c79bceL,
-            0x9a255629ff352cb1L,
-            0x5db62599df6ca7b0L,
-            0xeabe394ca9d5c3f4L,
-            0x991112c71a75b523L,
-            0xae18a40b660fcc33L});
-    }
-
-    private static void initialState(int blockSize, int outputSize, long[] state)
-    {
-        INITIAL_STATES.put(variantIdentifier(blockSize / 8, outputSize / 8), state);
-    }
-
-    private static Integer variantIdentifier(int blockSizeBytes, int outputSizeBytes)
-    {
-        return Integers.valueOf((outputSizeBytes << 16) | blockSizeBytes);
-    }
-
-    private static class UbiTweak
-    {
-        /**
-         * Point at which position might overflow long, so switch to add with carry logic
-         */
-        private static final long LOW_RANGE = Long.MAX_VALUE - Integer.MAX_VALUE;
-
-        /**
-         * Bit 127 = final
-         */
-        private static final long T1_FINAL = 1L << 63;
-
-        /**
-         * Bit 126 = first
-         */
-        private static final long T1_FIRST = 1L << 62;
-
-        /**
-         * UBI uses a 128 bit tweak
-         */
-        private long tweak[] = new long[2];
-
-        /**
-         * Whether 64 bit position exceeded
-         */
-        private boolean extendedPosition;
-
-        public UbiTweak()
-        {
-            reset();
-        }
-
-        public void reset(UbiTweak tweak)
-        {
-            this.tweak = Arrays.clone(tweak.tweak, this.tweak);
-            this.extendedPosition = tweak.extendedPosition;
-        }
-
-        public void reset()
-        {
-            tweak[0] = 0;
-            tweak[1] = 0;
-            extendedPosition = false;
-            setFirst(true);
-        }
-
-        public void setType(int type)
-        {
-            // Bits 120..125 = type
-            tweak[1] = (tweak[1] & 0xFFFFFFC000000000L) | ((type & 0x3FL) << 56);
-        }
-
-        public int getType()
-        {
-            return (int)((tweak[1] >>> 56) & 0x3FL);
-        }
-
-        public void setFirst(boolean first)
-        {
-            if (first)
-            {
-                tweak[1] |= T1_FIRST;
-            }
-            else
-            {
-                tweak[1] &= ~T1_FIRST;
-            }
-        }
-
-        public boolean isFirst()
-        {
-            return ((tweak[1] & T1_FIRST) != 0);
-        }
-
-        public void setFinal(boolean last)
-        {
-            if (last)
-            {
-                tweak[1] |= T1_FINAL;
-            }
-            else
-            {
-                tweak[1] &= ~T1_FINAL;
-            }
-        }
-
-        public boolean isFinal()
-        {
-            return ((tweak[1] & T1_FINAL) != 0);
-        }
-
-        /**
-         * Advances the position in the tweak by the specified value.
-         */
-        public void advancePosition(int advance)
-        {
-            // Bits 0..95 = position
-            if (extendedPosition)
-            {
-                long[] parts = new long[3];
-                parts[0] = tweak[0] & 0xFFFFFFFFL;
-                parts[1] = (tweak[0] >>> 32) & 0xFFFFFFFFL;
-                parts[2] = tweak[1] & 0xFFFFFFFFL;
-
-                long carry = advance;
-                for (int i = 0; i < parts.length; i++)
-                {
-                    carry += parts[i];
-                    parts[i] = carry;
-                    carry >>>= 32;
-                }
-                tweak[0] = ((parts[1] & 0xFFFFFFFFL) << 32) | (parts[0] & 0xFFFFFFFFL);
-                tweak[1] = (tweak[1] & 0xFFFFFFFF00000000L) | (parts[2] & 0xFFFFFFFFL);
-            }
-            else
-            {
-                long position = tweak[0];
-                position += advance;
-                tweak[0] = position;
-                if (position > LOW_RANGE)
-                {
-                    extendedPosition = true;
-                }
-            }
-        }
-
-        public long[] getWords()
-        {
-            return tweak;
-        }
-
-        public String toString()
-        {
-            return getType() + " first: " + isFirst() + ", final: " + isFinal();
-        }
-
-    }
-
-    /**
-     * The Unique Block Iteration chaining mode.
-     */
-    // TODO: This might be better as methods...
-    private class UBI
-    {
-        private final UbiTweak tweak = new UbiTweak();
-
-        /**
-         * Buffer for the current block of message data
-         */
-        private byte[] currentBlock;
-
-        /**
-         * Offset into the current message block
-         */
-        private int currentOffset;
-
-        /**
-         * Buffer for message words for feedback into encrypted block
-         */
-        private long[] message;
-
-        public UBI(int blockSize)
-        {
-            currentBlock = new byte[blockSize];
-            message = new long[currentBlock.length / 8];
-        }
-
-        public void reset(UBI ubi)
-        {
-            currentBlock = Arrays.clone(ubi.currentBlock, currentBlock);
-            currentOffset = ubi.currentOffset;
-            message = Arrays.clone(ubi.message, this.message);
-            tweak.reset(ubi.tweak);
-        }
-
-        public void reset(int type)
-        {
-            tweak.reset();
-            tweak.setType(type);
-            currentOffset = 0;
-        }
-
-        public void update(byte[] value, int offset, int len, long[] output)
-        {
-            /*
-             * Buffer complete blocks for the underlying Threefish cipher, only flushing when there
-             * are subsequent bytes (last block must be processed in doFinal() with final=true set).
-             */
-            int copied = 0;
-            while (len > copied)
-            {
-                if (currentOffset == currentBlock.length)
-                {
-                    processBlock(output);
-                    tweak.setFirst(false);
-                    currentOffset = 0;
-                }
-
-                int toCopy = Math.min((len - copied), currentBlock.length - currentOffset);
-                System.arraycopy(value, offset + copied, currentBlock, currentOffset, toCopy);
-                copied += toCopy;
-                currentOffset += toCopy;
-                tweak.advancePosition(toCopy);
-            }
-        }
-
-        private void processBlock(long[] output)
-        {
-            threefish.init(true, chain, tweak.getWords());
-            for (int i = 0; i < message.length; i++)
-            {
-                message[i] = ThreefishEngine.bytesToWord(currentBlock, i * 8);
-            }
-
-            threefish.processBlock(message, output);
-
-            for (int i = 0; i < output.length; i++)
-            {
-                output[i] ^= message[i];
-            }
-        }
-
-        public void doFinal(long[] output)
-        {
-            // Pad remainder of current block with zeroes
-            for (int i = currentOffset; i < currentBlock.length; i++)
-            {
-                currentBlock[i] = 0;
-            }
-
-            tweak.setFinal(true);
-            processBlock(output);
-        }
-
-    }
-
-    /**
-     * Underlying Threefish tweakable block cipher
-     */
-    final ThreefishEngine threefish;
-
-    /**
-     * Size of the digest output, in bytes
-     */
-    private final int outputSizeBytes;
-
-    /**
-     * The current chaining/state value
-     */
-    long[] chain;
-
-    /**
-     * The initial state value
-     */
-    private long[] initialState;
-
-    /**
-     * The (optional) key parameter
-     */
-    private byte[] key;
-
-    /**
-     * Parameters to apply prior to the message
-     */
-    private Parameter[] preMessageParameters;
-
-    /**
-     * Parameters to apply after the message, but prior to output
-     */
-    private Parameter[] postMessageParameters;
-
-    /**
-     * The current UBI operation
-     */
-    private final UBI ubi;
-
-    /**
-     * Buffer for single byte update method
-     */
-    private final byte[] singleByte = new byte[1];
-
-    /**
-     * Constructs a Skein engine.
-     *
-     * @param blockSizeBits  the internal state size in bits - one of {@link #SKEIN_256}, {@link #SKEIN_512} or
-     *                       {@link #SKEIN_1024}.
-     * @param outputSizeBits the output/digest size to produce in bits, which must be an integral number of
-     *                       bytes.
-     */
-    public SkeinEngine(int blockSizeBits, int outputSizeBits)
-    {
-        if (outputSizeBits % 8 != 0)
-        {
-            throw new IllegalArgumentException("Output size must be a multiple of 8 bits. :" + outputSizeBits);
-        }
-        // TODO: Prevent digest sizes > block size?
-        this.outputSizeBytes = outputSizeBits / 8;
-
-        this.threefish = new ThreefishEngine(blockSizeBits);
-        this.ubi = new UBI(threefish.getBlockSize());
-    }
-
-    /**
-     * Creates a SkeinEngine as an exact copy of an existing instance.
-     */
-    public SkeinEngine(SkeinEngine engine)
-    {
-        this(engine.getBlockSize() * 8, engine.getOutputSize() * 8);
-        copyIn(engine);
-    }
-
-    private void copyIn(SkeinEngine engine)
-    {
-        this.ubi.reset(engine.ubi);
-        this.chain = Arrays.clone(engine.chain, this.chain);
-        this.initialState = Arrays.clone(engine.initialState, this.initialState);
-        this.key = Arrays.clone(engine.key, this.key);
-        this.preMessageParameters = clone(engine.preMessageParameters, this.preMessageParameters);
-        this.postMessageParameters = clone(engine.postMessageParameters, this.postMessageParameters);
-    }
-
-    private static Parameter[] clone(Parameter[] data, Parameter[] existing)
-    {
-        if (data == null)
-        {
-            return null;
-        }
-        if ((existing == null) || (existing.length != data.length))
-        {
-            existing = new Parameter[data.length];
-        }
-        System.arraycopy(data, 0, existing, 0, existing.length);
-        return existing;
-    }
-
-    public Memoable copy()
-    {
-        return new SkeinEngine(this);
-    }
-
-    public void reset(Memoable other)
-    {
-        SkeinEngine s = (SkeinEngine)other;
-        if ((getBlockSize() != s.getBlockSize()) || (outputSizeBytes != s.outputSizeBytes))
-        {
-            throw new IllegalArgumentException("Incompatible parameters in provided SkeinEngine.");
-        }
-        copyIn(s);
-    }
-
-    public int getOutputSize()
-    {
-        return outputSizeBytes;
-    }
-
-    public int getBlockSize()
-    {
-        return threefish.getBlockSize();
-    }
-
-    /**
-     * Initialises the Skein engine with the provided parameters. See {@link SkeinParameters} for
-     * details on the parameterisation of the Skein hash function.
-     *
-     * @param params the parameters to apply to this engine, or <code>null</code> to use no parameters.
-     */
-    public void init(SkeinParameters params)
-    {
-        this.chain = null;
-        this.key = null;
-        this.preMessageParameters = null;
-        this.postMessageParameters = null;
-
-        if (params != null)
-        {
-            byte[] key = params.getKey();
-            if (key.length < 16)
-            {
-                throw new IllegalArgumentException("Skein key must be at least 128 bits.");
-            }
-            initParams(params.getParameters());
-        }
-        createInitialState();
-
-        // Initialise message block
-        ubiInit(PARAM_TYPE_MESSAGE);
-    }
-
-    private void initParams(Hashtable parameters)
-    {
-        Enumeration keys = parameters.keys();
-        final Vector pre = new Vector();
-        final Vector post = new Vector();
-
-        while (keys.hasMoreElements())
-        {
-            Integer type = (Integer)keys.nextElement();
-            byte[] value = (byte[])parameters.get(type);
-
-            if (type.intValue() == PARAM_TYPE_KEY)
-            {
-                this.key = value;
-            }
-            else if (type.intValue() < PARAM_TYPE_MESSAGE)
-            {
-                pre.addElement(new Parameter(type.intValue(), value));
-            }
-            else
-            {
-                post.addElement(new Parameter(type.intValue(), value));
-            }
-        }
-        preMessageParameters = new Parameter[pre.size()];
-        pre.copyInto(preMessageParameters);
-        sort(preMessageParameters);
-
-        postMessageParameters = new Parameter[post.size()];
-        post.copyInto(postMessageParameters);
-        sort(postMessageParameters);
-    }
-
-    private static void sort(Parameter[] params)
-    {
-        if (params == null)
-        {
-            return;
-        }
-        // Insertion sort, for Java 1.1 compatibility
-        for (int i = 1; i < params.length; i++)
-        {
-            Parameter param = params[i];
-            int hole = i;
-            while (hole > 0 && param.getType() < params[hole - 1].getType())
-            {
-                params[hole] = params[hole - 1];
-                hole = hole - 1;
-            }
-            params[hole] = param;
-        }
-    }
-
-    /**
-     * Calculate the initial (pre message block) chaining state.
-     */
-    private void createInitialState()
-    {
-        long[] precalc = (long[])INITIAL_STATES.get(variantIdentifier(getBlockSize(), getOutputSize()));
-        if ((key == null) && (precalc != null))
-        {
-            // Precalculated UBI(CFG)
-            chain = Arrays.clone(precalc);
-        }
-        else
-        {
-            // Blank initial state
-            chain = new long[getBlockSize() / 8];
-
-            // Process key block
-            if (key != null)
-            {
-                ubiComplete(SkeinParameters.PARAM_TYPE_KEY, key);
-            }
-
-            // Process configuration block
-            ubiComplete(PARAM_TYPE_CONFIG, new Configuration(outputSizeBytes * 8).getBytes());
-        }
-
-        // Process additional pre-message parameters
-        if (preMessageParameters != null)
-        {
-            for (int i = 0; i < preMessageParameters.length; i++)
-            {
-                Parameter param = preMessageParameters[i];
-                ubiComplete(param.getType(), param.getValue());
-            }
-        }
-        initialState = Arrays.clone(chain);
-    }
-
-    /**
-     * Reset the engine to the initial state (with the key and any pre-message parameters , ready to
-     * accept message input.
-     */
-    public void reset()
-    {
-        System.arraycopy(initialState, 0, chain, 0, chain.length);
-
-        ubiInit(PARAM_TYPE_MESSAGE);
-    }
-
-    private void ubiComplete(int type, byte[] value)
-    {
-        ubiInit(type);
-        this.ubi.update(value, 0, value.length, chain);
-        ubiFinal();
-    }
-
-    private void ubiInit(int type)
-    {
-        this.ubi.reset(type);
-    }
-
-    private void ubiFinal()
-    {
-        ubi.doFinal(chain);
-    }
-
-    private void checkInitialised()
-    {
-        if (this.ubi == null)
-        {
-            throw new IllegalArgumentException("Skein engine is not initialised.");
-        }
-    }
-
-    public void update(byte in)
-    {
-        singleByte[0] = in;
-        update(singleByte, 0, 1);
-    }
-
-    public void update(byte[] in, int inOff, int len)
-    {
-        checkInitialised();
-        ubi.update(in, inOff, len, chain);
-    }
-
-    public int doFinal(byte[] out, int outOff)
-    {
-        checkInitialised();
-        if (out.length < (outOff + outputSizeBytes))
-        {
-            throw new OutputLengthException("Output buffer is too short to hold output");
-        }
-
-        // Finalise message block
-        ubiFinal();
-
-        // Process additional post-message parameters
-        if (postMessageParameters != null)
-        {
-            for (int i = 0; i < postMessageParameters.length; i++)
-            {
-                Parameter param = postMessageParameters[i];
-                ubiComplete(param.getType(), param.getValue());
-            }
-        }
-
-        // Perform the output transform
-        final int blockSize = getBlockSize();
-        final int blocksRequired = ((outputSizeBytes + blockSize - 1) / blockSize);
-        for (int i = 0; i < blocksRequired; i++)
-        {
-            final int toWrite = Math.min(blockSize, outputSizeBytes - (i * blockSize));
-            output(i, out, outOff + (i * blockSize), toWrite);
-        }
-
-        reset();
-
-        return outputSizeBytes;
-    }
-
-    private void output(long outputSequence, byte[] out, int outOff, int outputBytes)
-    {
-        byte[] currentBytes = new byte[8];
-        ThreefishEngine.wordToBytes(outputSequence, currentBytes, 0);
-
-        // Output is a sequence of UBI invocations all of which use and preserve the pre-output
-        // state
-        long[] outputWords = new long[chain.length];
-        ubiInit(PARAM_TYPE_OUTPUT);
-        this.ubi.update(currentBytes, 0, currentBytes.length, outputWords);
-        ubi.doFinal(outputWords);
-
-        final int wordsRequired = ((outputBytes + 8 - 1) / 8);
-        for (int i = 0; i < wordsRequired; i++)
-        {
-            int toWrite = Math.min(8, outputBytes - (i * 8));
-            if (toWrite == 8)
-            {
-                ThreefishEngine.wordToBytes(outputWords[i], out, outOff + (i * 8));
-            }
-            else
-            {
-                ThreefishEngine.wordToBytes(outputWords[i], currentBytes, 0);
-                System.arraycopy(currentBytes, 0, out, outOff + (i * 8), toWrite);
-            }
-        }
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/TigerDigest.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/TigerDigest.java
deleted file mode 100644
index 2899e30..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/digests/TigerDigest.java
+++ /dev/null

@@ -1,879 +0,0 @@
-package org.bouncycastle.crypto.digests;
-
-import org.bouncycastle.crypto.ExtendedDigest;
-import org.bouncycastle.util.Memoable;
-
-/**
- * implementation of Tiger based on:
- * <a href="http://www.cs.technion.ac.il/~biham/Reports/Tiger">
- *  http://www.cs.technion.ac.il/~biham/Reports/Tiger</a>
- */
-public class TigerDigest
-    implements ExtendedDigest, Memoable
-{
-    private static final int BYTE_LENGTH = 64;
-    
-    /*
-     * S-Boxes.
-     */
-    private static final long[] t1 = {
-        0x02AAB17CF7E90C5EL   /*    0 */,    0xAC424B03E243A8ECL   /*    1 */,
-        0x72CD5BE30DD5FCD3L   /*    2 */,    0x6D019B93F6F97F3AL   /*    3 */,
-        0xCD9978FFD21F9193L   /*    4 */,    0x7573A1C9708029E2L   /*    5 */,
-        0xB164326B922A83C3L   /*    6 */,    0x46883EEE04915870L   /*    7 */,
-        0xEAACE3057103ECE6L   /*    8 */,    0xC54169B808A3535CL   /*    9 */,
-        0x4CE754918DDEC47CL   /*   10 */,    0x0AA2F4DFDC0DF40CL   /*   11 */,
-        0x10B76F18A74DBEFAL   /*   12 */,    0xC6CCB6235AD1AB6AL   /*   13 */,
-        0x13726121572FE2FFL   /*   14 */,    0x1A488C6F199D921EL   /*   15 */,
-        0x4BC9F9F4DA0007CAL   /*   16 */,    0x26F5E6F6E85241C7L   /*   17 */,
-        0x859079DBEA5947B6L   /*   18 */,    0x4F1885C5C99E8C92L   /*   19 */,
-        0xD78E761EA96F864BL   /*   20 */,    0x8E36428C52B5C17DL   /*   21 */,
-        0x69CF6827373063C1L   /*   22 */,    0xB607C93D9BB4C56EL   /*   23 */,
-        0x7D820E760E76B5EAL   /*   24 */,    0x645C9CC6F07FDC42L   /*   25 */,
-        0xBF38A078243342E0L   /*   26 */,    0x5F6B343C9D2E7D04L   /*   27 */,
-        0xF2C28AEB600B0EC6L   /*   28 */,    0x6C0ED85F7254BCACL   /*   29 */,
-        0x71592281A4DB4FE5L   /*   30 */,    0x1967FA69CE0FED9FL   /*   31 */,
-        0xFD5293F8B96545DBL   /*   32 */,    0xC879E9D7F2A7600BL   /*   33 */,
-        0x860248920193194EL   /*   34 */,    0xA4F9533B2D9CC0B3L   /*   35 */,
-        0x9053836C15957613L   /*   36 */,    0xDB6DCF8AFC357BF1L   /*   37 */,
-        0x18BEEA7A7A370F57L   /*   38 */,    0x037117CA50B99066L   /*   39 */,
-        0x6AB30A9774424A35L   /*   40 */,    0xF4E92F02E325249BL   /*   41 */,
-        0x7739DB07061CCAE1L   /*   42 */,    0xD8F3B49CECA42A05L   /*   43 */,
-        0xBD56BE3F51382F73L   /*   44 */,    0x45FAED5843B0BB28L   /*   45 */,
-        0x1C813D5C11BF1F83L   /*   46 */,    0x8AF0E4B6D75FA169L   /*   47 */,
-        0x33EE18A487AD9999L   /*   48 */,    0x3C26E8EAB1C94410L   /*   49 */,
-        0xB510102BC0A822F9L   /*   50 */,    0x141EEF310CE6123BL   /*   51 */,
-        0xFC65B90059DDB154L   /*   52 */,    0xE0158640C5E0E607L   /*   53 */,
-        0x884E079826C3A3CFL   /*   54 */,    0x930D0D9523C535FDL   /*   55 */,
-        0x35638D754E9A2B00L   /*   56 */,    0x4085FCCF40469DD5L   /*   57 */,
-        0xC4B17AD28BE23A4CL   /*   58 */,    0xCAB2F0FC6A3E6A2EL   /*   59 */,
-        0x2860971A6B943FCDL   /*   60 */,    0x3DDE6EE212E30446L   /*   61 */,
-        0x6222F32AE01765AEL   /*   62 */,    0x5D550BB5478308FEL   /*   63 */,
-        0xA9EFA98DA0EDA22AL   /*   64 */,    0xC351A71686C40DA7L   /*   65 */,
-        0x1105586D9C867C84L   /*   66 */,    0xDCFFEE85FDA22853L   /*   67 */,
-        0xCCFBD0262C5EEF76L   /*   68 */,    0xBAF294CB8990D201L   /*   69 */,
-        0xE69464F52AFAD975L   /*   70 */,    0x94B013AFDF133E14L   /*   71 */,
-        0x06A7D1A32823C958L   /*   72 */,    0x6F95FE5130F61119L   /*   73 */,
-        0xD92AB34E462C06C0L   /*   74 */,    0xED7BDE33887C71D2L   /*   75 */,
-        0x79746D6E6518393EL   /*   76 */,    0x5BA419385D713329L   /*   77 */,
-        0x7C1BA6B948A97564L   /*   78 */,    0x31987C197BFDAC67L   /*   79 */,
-        0xDE6C23C44B053D02L   /*   80 */,    0x581C49FED002D64DL   /*   81 */,
-        0xDD474D6338261571L   /*   82 */,    0xAA4546C3E473D062L   /*   83 */,
-        0x928FCE349455F860L   /*   84 */,    0x48161BBACAAB94D9L   /*   85 */,
-        0x63912430770E6F68L   /*   86 */,    0x6EC8A5E602C6641CL   /*   87 */,
-        0x87282515337DDD2BL   /*   88 */,    0x2CDA6B42034B701BL   /*   89 */,
-        0xB03D37C181CB096DL   /*   90 */,    0xE108438266C71C6FL   /*   91 */,
-        0x2B3180C7EB51B255L   /*   92 */,    0xDF92B82F96C08BBCL   /*   93 */,
-        0x5C68C8C0A632F3BAL   /*   94 */,    0x5504CC861C3D0556L   /*   95 */,
-        0xABBFA4E55FB26B8FL   /*   96 */,    0x41848B0AB3BACEB4L   /*   97 */,
-        0xB334A273AA445D32L   /*   98 */,    0xBCA696F0A85AD881L   /*   99 */,
-        0x24F6EC65B528D56CL   /*  100 */,    0x0CE1512E90F4524AL   /*  101 */,
-        0x4E9DD79D5506D35AL   /*  102 */,    0x258905FAC6CE9779L   /*  103 */,
-        0x2019295B3E109B33L   /*  104 */,    0xF8A9478B73A054CCL   /*  105 */,
-        0x2924F2F934417EB0L   /*  106 */,    0x3993357D536D1BC4L   /*  107 */,
-        0x38A81AC21DB6FF8BL   /*  108 */,    0x47C4FBF17D6016BFL   /*  109 */,
-        0x1E0FAADD7667E3F5L   /*  110 */,    0x7ABCFF62938BEB96L   /*  111 */,
-        0xA78DAD948FC179C9L   /*  112 */,    0x8F1F98B72911E50DL   /*  113 */,
-        0x61E48EAE27121A91L   /*  114 */,    0x4D62F7AD31859808L   /*  115 */,
-        0xECEBA345EF5CEAEBL   /*  116 */,    0xF5CEB25EBC9684CEL   /*  117 */,
-        0xF633E20CB7F76221L   /*  118 */,    0xA32CDF06AB8293E4L   /*  119 */,
-        0x985A202CA5EE2CA4L   /*  120 */,    0xCF0B8447CC8A8FB1L   /*  121 */,
-        0x9F765244979859A3L   /*  122 */,    0xA8D516B1A1240017L   /*  123 */,
-        0x0BD7BA3EBB5DC726L   /*  124 */,    0xE54BCA55B86ADB39L   /*  125 */,
-        0x1D7A3AFD6C478063L   /*  126 */,    0x519EC608E7669EDDL   /*  127 */,
-        0x0E5715A2D149AA23L   /*  128 */,    0x177D4571848FF194L   /*  129 */,
-        0xEEB55F3241014C22L   /*  130 */,    0x0F5E5CA13A6E2EC2L   /*  131 */,
-        0x8029927B75F5C361L   /*  132 */,    0xAD139FABC3D6E436L   /*  133 */,
-        0x0D5DF1A94CCF402FL   /*  134 */,    0x3E8BD948BEA5DFC8L   /*  135 */,
-        0xA5A0D357BD3FF77EL   /*  136 */,    0xA2D12E251F74F645L   /*  137 */,
-        0x66FD9E525E81A082L   /*  138 */,    0x2E0C90CE7F687A49L   /*  139 */,
-        0xC2E8BCBEBA973BC5L   /*  140 */,    0x000001BCE509745FL   /*  141 */,
-        0x423777BBE6DAB3D6L   /*  142 */,    0xD1661C7EAEF06EB5L   /*  143 */,
-        0xA1781F354DAACFD8L   /*  144 */,    0x2D11284A2B16AFFCL   /*  145 */,
-        0xF1FC4F67FA891D1FL   /*  146 */,    0x73ECC25DCB920ADAL   /*  147 */,
-        0xAE610C22C2A12651L   /*  148 */,    0x96E0A810D356B78AL   /*  149 */,
-        0x5A9A381F2FE7870FL   /*  150 */,    0xD5AD62EDE94E5530L   /*  151 */,
-        0xD225E5E8368D1427L   /*  152 */,    0x65977B70C7AF4631L   /*  153 */,
-        0x99F889B2DE39D74FL   /*  154 */,    0x233F30BF54E1D143L   /*  155 */,
-        0x9A9675D3D9A63C97L   /*  156 */,    0x5470554FF334F9A8L   /*  157 */,
-        0x166ACB744A4F5688L   /*  158 */,    0x70C74CAAB2E4AEADL   /*  159 */,
-        0xF0D091646F294D12L   /*  160 */,    0x57B82A89684031D1L   /*  161 */,
-        0xEFD95A5A61BE0B6BL   /*  162 */,    0x2FBD12E969F2F29AL   /*  163 */,
-        0x9BD37013FEFF9FE8L   /*  164 */,    0x3F9B0404D6085A06L   /*  165 */,
-        0x4940C1F3166CFE15L   /*  166 */,    0x09542C4DCDF3DEFBL   /*  167 */,
-        0xB4C5218385CD5CE3L   /*  168 */,    0xC935B7DC4462A641L   /*  169 */,
-        0x3417F8A68ED3B63FL   /*  170 */,    0xB80959295B215B40L   /*  171 */,
-        0xF99CDAEF3B8C8572L   /*  172 */,    0x018C0614F8FCB95DL   /*  173 */,
-        0x1B14ACCD1A3ACDF3L   /*  174 */,    0x84D471F200BB732DL   /*  175 */,
-        0xC1A3110E95E8DA16L   /*  176 */,    0x430A7220BF1A82B8L   /*  177 */,
-        0xB77E090D39DF210EL   /*  178 */,    0x5EF4BD9F3CD05E9DL   /*  179 */,
-        0x9D4FF6DA7E57A444L   /*  180 */,    0xDA1D60E183D4A5F8L   /*  181 */,
-        0xB287C38417998E47L   /*  182 */,    0xFE3EDC121BB31886L   /*  183 */,
-        0xC7FE3CCC980CCBEFL   /*  184 */,    0xE46FB590189BFD03L   /*  185 */,
-        0x3732FD469A4C57DCL   /*  186 */,    0x7EF700A07CF1AD65L   /*  187 */,
-        0x59C64468A31D8859L   /*  188 */,    0x762FB0B4D45B61F6L   /*  189 */,
-        0x155BAED099047718L   /*  190 */,    0x68755E4C3D50BAA6L   /*  191 */,
-        0xE9214E7F22D8B4DFL   /*  192 */,    0x2ADDBF532EAC95F4L   /*  193 */,
-        0x32AE3909B4BD0109L   /*  194 */,    0x834DF537B08E3450L   /*  195 */,
-        0xFA209DA84220728DL   /*  196 */,    0x9E691D9B9EFE23F7L   /*  197 */,
-        0x0446D288C4AE8D7FL   /*  198 */,    0x7B4CC524E169785BL   /*  199 */,
-        0x21D87F0135CA1385L   /*  200 */,    0xCEBB400F137B8AA5L   /*  201 */,
-        0x272E2B66580796BEL   /*  202 */,    0x3612264125C2B0DEL   /*  203 */,
-        0x057702BDAD1EFBB2L   /*  204 */,    0xD4BABB8EACF84BE9L   /*  205 */,
-        0x91583139641BC67BL   /*  206 */,    0x8BDC2DE08036E024L   /*  207 */,
-        0x603C8156F49F68EDL   /*  208 */,    0xF7D236F7DBEF5111L   /*  209 */,
-        0x9727C4598AD21E80L   /*  210 */,    0xA08A0896670A5FD7L   /*  211 */,
-        0xCB4A8F4309EBA9CBL   /*  212 */,    0x81AF564B0F7036A1L   /*  213 */,
-        0xC0B99AA778199ABDL   /*  214 */,    0x959F1EC83FC8E952L   /*  215 */,
-        0x8C505077794A81B9L   /*  216 */,    0x3ACAAF8F056338F0L   /*  217 */,
-        0x07B43F50627A6778L   /*  218 */,    0x4A44AB49F5ECCC77L   /*  219 */,
-        0x3BC3D6E4B679EE98L   /*  220 */,    0x9CC0D4D1CF14108CL   /*  221 */,
-        0x4406C00B206BC8A0L   /*  222 */,    0x82A18854C8D72D89L   /*  223 */,
-        0x67E366B35C3C432CL   /*  224 */,    0xB923DD61102B37F2L   /*  225 */,
-        0x56AB2779D884271DL   /*  226 */,    0xBE83E1B0FF1525AFL   /*  227 */,
-        0xFB7C65D4217E49A9L   /*  228 */,    0x6BDBE0E76D48E7D4L   /*  229 */,
-        0x08DF828745D9179EL   /*  230 */,    0x22EA6A9ADD53BD34L   /*  231 */,
-        0xE36E141C5622200AL   /*  232 */,    0x7F805D1B8CB750EEL   /*  233 */,
-        0xAFE5C7A59F58E837L   /*  234 */,    0xE27F996A4FB1C23CL   /*  235 */,
-        0xD3867DFB0775F0D0L   /*  236 */,    0xD0E673DE6E88891AL   /*  237 */,
-        0x123AEB9EAFB86C25L   /*  238 */,    0x30F1D5D5C145B895L   /*  239 */,
-        0xBB434A2DEE7269E7L   /*  240 */,    0x78CB67ECF931FA38L   /*  241 */,
-        0xF33B0372323BBF9CL   /*  242 */,    0x52D66336FB279C74L   /*  243 */,
-        0x505F33AC0AFB4EAAL   /*  244 */,    0xE8A5CD99A2CCE187L   /*  245 */,
-        0x534974801E2D30BBL   /*  246 */,    0x8D2D5711D5876D90L   /*  247 */,
-        0x1F1A412891BC038EL   /*  248 */,    0xD6E2E71D82E56648L   /*  249 */,
-        0x74036C3A497732B7L   /*  250 */,    0x89B67ED96361F5ABL   /*  251 */,
-        0xFFED95D8F1EA02A2L   /*  252 */,    0xE72B3BD61464D43DL   /*  253 */,
-        0xA6300F170BDC4820L   /*  254 */,    0xEBC18760ED78A77AL   /*  255 */,
-    };
-
-    private static final long[] t2 = {
-        0xE6A6BE5A05A12138L   /*  256 */,    0xB5A122A5B4F87C98L   /*  257 */,
-        0x563C6089140B6990L   /*  258 */,    0x4C46CB2E391F5DD5L   /*  259 */,
-        0xD932ADDBC9B79434L   /*  260 */,    0x08EA70E42015AFF5L   /*  261 */,
-        0xD765A6673E478CF1L   /*  262 */,    0xC4FB757EAB278D99L   /*  263 */,
-        0xDF11C6862D6E0692L   /*  264 */,    0xDDEB84F10D7F3B16L   /*  265 */,
-        0x6F2EF604A665EA04L   /*  266 */,    0x4A8E0F0FF0E0DFB3L   /*  267 */,
-        0xA5EDEEF83DBCBA51L   /*  268 */,    0xFC4F0A2A0EA4371EL   /*  269 */,
-        0xE83E1DA85CB38429L   /*  270 */,    0xDC8FF882BA1B1CE2L   /*  271 */,
-        0xCD45505E8353E80DL   /*  272 */,    0x18D19A00D4DB0717L   /*  273 */,
-        0x34A0CFEDA5F38101L   /*  274 */,    0x0BE77E518887CAF2L   /*  275 */,
-        0x1E341438B3C45136L   /*  276 */,    0xE05797F49089CCF9L   /*  277 */,
-        0xFFD23F9DF2591D14L   /*  278 */,    0x543DDA228595C5CDL   /*  279 */,
-        0x661F81FD99052A33L   /*  280 */,    0x8736E641DB0F7B76L   /*  281 */,
-        0x15227725418E5307L   /*  282 */,    0xE25F7F46162EB2FAL   /*  283 */,
-        0x48A8B2126C13D9FEL   /*  284 */,    0xAFDC541792E76EEAL   /*  285 */,
-        0x03D912BFC6D1898FL   /*  286 */,    0x31B1AAFA1B83F51BL   /*  287 */,
-        0xF1AC2796E42AB7D9L   /*  288 */,    0x40A3A7D7FCD2EBACL   /*  289 */,
-        0x1056136D0AFBBCC5L   /*  290 */,    0x7889E1DD9A6D0C85L   /*  291 */,
-        0xD33525782A7974AAL   /*  292 */,    0xA7E25D09078AC09BL   /*  293 */,
-        0xBD4138B3EAC6EDD0L   /*  294 */,    0x920ABFBE71EB9E70L   /*  295 */,
-        0xA2A5D0F54FC2625CL   /*  296 */,    0xC054E36B0B1290A3L   /*  297 */,
-        0xF6DD59FF62FE932BL   /*  298 */,    0x3537354511A8AC7DL   /*  299 */,
-        0xCA845E9172FADCD4L   /*  300 */,    0x84F82B60329D20DCL   /*  301 */,
-        0x79C62CE1CD672F18L   /*  302 */,    0x8B09A2ADD124642CL   /*  303 */,
-        0xD0C1E96A19D9E726L   /*  304 */,    0x5A786A9B4BA9500CL   /*  305 */,
-        0x0E020336634C43F3L   /*  306 */,    0xC17B474AEB66D822L   /*  307 */,
-        0x6A731AE3EC9BAAC2L   /*  308 */,    0x8226667AE0840258L   /*  309 */,
-        0x67D4567691CAECA5L   /*  310 */,    0x1D94155C4875ADB5L   /*  311 */,
-        0x6D00FD985B813FDFL   /*  312 */,    0x51286EFCB774CD06L   /*  313 */,
-        0x5E8834471FA744AFL   /*  314 */,    0xF72CA0AEE761AE2EL   /*  315 */,
-        0xBE40E4CDAEE8E09AL   /*  316 */,    0xE9970BBB5118F665L   /*  317 */,
-        0x726E4BEB33DF1964L   /*  318 */,    0x703B000729199762L   /*  319 */,
-        0x4631D816F5EF30A7L   /*  320 */,    0xB880B5B51504A6BEL   /*  321 */,
-        0x641793C37ED84B6CL   /*  322 */,    0x7B21ED77F6E97D96L   /*  323 */,
-        0x776306312EF96B73L   /*  324 */,    0xAE528948E86FF3F4L   /*  325 */,
-        0x53DBD7F286A3F8F8L   /*  326 */,    0x16CADCE74CFC1063L   /*  327 */,
-        0x005C19BDFA52C6DDL   /*  328 */,    0x68868F5D64D46AD3L   /*  329 */,
-        0x3A9D512CCF1E186AL   /*  330 */,    0x367E62C2385660AEL   /*  331 */,
-        0xE359E7EA77DCB1D7L   /*  332 */,    0x526C0773749ABE6EL   /*  333 */,
-        0x735AE5F9D09F734BL   /*  334 */,    0x493FC7CC8A558BA8L   /*  335 */,
-        0xB0B9C1533041AB45L   /*  336 */,    0x321958BA470A59BDL   /*  337 */,
-        0x852DB00B5F46C393L   /*  338 */,    0x91209B2BD336B0E5L   /*  339 */,
-        0x6E604F7D659EF19FL   /*  340 */,    0xB99A8AE2782CCB24L   /*  341 */,
-        0xCCF52AB6C814C4C7L   /*  342 */,    0x4727D9AFBE11727BL   /*  343 */,
-        0x7E950D0C0121B34DL   /*  344 */,    0x756F435670AD471FL   /*  345 */,
-        0xF5ADD442615A6849L   /*  346 */,    0x4E87E09980B9957AL   /*  347 */,
-        0x2ACFA1DF50AEE355L   /*  348 */,    0xD898263AFD2FD556L   /*  349 */,
-        0xC8F4924DD80C8FD6L   /*  350 */,    0xCF99CA3D754A173AL   /*  351 */,
-        0xFE477BACAF91BF3CL   /*  352 */,    0xED5371F6D690C12DL   /*  353 */,
-        0x831A5C285E687094L   /*  354 */,    0xC5D3C90A3708A0A4L   /*  355 */,
-        0x0F7F903717D06580L   /*  356 */,    0x19F9BB13B8FDF27FL   /*  357 */,
-        0xB1BD6F1B4D502843L   /*  358 */,    0x1C761BA38FFF4012L   /*  359 */,
-        0x0D1530C4E2E21F3BL   /*  360 */,    0x8943CE69A7372C8AL   /*  361 */,
-        0xE5184E11FEB5CE66L   /*  362 */,    0x618BDB80BD736621L   /*  363 */,
-        0x7D29BAD68B574D0BL   /*  364 */,    0x81BB613E25E6FE5BL   /*  365 */,
-        0x071C9C10BC07913FL   /*  366 */,    0xC7BEEB7909AC2D97L   /*  367 */,
-        0xC3E58D353BC5D757L   /*  368 */,    0xEB017892F38F61E8L   /*  369 */,
-        0xD4EFFB9C9B1CC21AL   /*  370 */,    0x99727D26F494F7ABL   /*  371 */,
-        0xA3E063A2956B3E03L   /*  372 */,    0x9D4A8B9A4AA09C30L   /*  373 */,
-        0x3F6AB7D500090FB4L   /*  374 */,    0x9CC0F2A057268AC0L   /*  375 */,
-        0x3DEE9D2DEDBF42D1L   /*  376 */,    0x330F49C87960A972L   /*  377 */,
-        0xC6B2720287421B41L   /*  378 */,    0x0AC59EC07C00369CL   /*  379 */,
-        0xEF4EAC49CB353425L   /*  380 */,    0xF450244EEF0129D8L   /*  381 */,
-        0x8ACC46E5CAF4DEB6L   /*  382 */,    0x2FFEAB63989263F7L   /*  383 */,
-        0x8F7CB9FE5D7A4578L   /*  384 */,    0x5BD8F7644E634635L   /*  385 */,
-        0x427A7315BF2DC900L   /*  386 */,    0x17D0C4AA2125261CL   /*  387 */,
-        0x3992486C93518E50L   /*  388 */,    0xB4CBFEE0A2D7D4C3L   /*  389 */,
-        0x7C75D6202C5DDD8DL   /*  390 */,    0xDBC295D8E35B6C61L   /*  391 */,
-        0x60B369D302032B19L   /*  392 */,    0xCE42685FDCE44132L   /*  393 */,
-        0x06F3DDB9DDF65610L   /*  394 */,    0x8EA4D21DB5E148F0L   /*  395 */,
-        0x20B0FCE62FCD496FL   /*  396 */,    0x2C1B912358B0EE31L   /*  397 */,
-        0xB28317B818F5A308L   /*  398 */,    0xA89C1E189CA6D2CFL   /*  399 */,
-        0x0C6B18576AAADBC8L   /*  400 */,    0xB65DEAA91299FAE3L   /*  401 */,
-        0xFB2B794B7F1027E7L   /*  402 */,    0x04E4317F443B5BEBL   /*  403 */,
-        0x4B852D325939D0A6L   /*  404 */,    0xD5AE6BEEFB207FFCL   /*  405 */,
-        0x309682B281C7D374L   /*  406 */,    0xBAE309A194C3B475L   /*  407 */,
-        0x8CC3F97B13B49F05L   /*  408 */,    0x98A9422FF8293967L   /*  409 */,
-        0x244B16B01076FF7CL   /*  410 */,    0xF8BF571C663D67EEL   /*  411 */,
-        0x1F0D6758EEE30DA1L   /*  412 */,    0xC9B611D97ADEB9B7L   /*  413 */,
-        0xB7AFD5887B6C57A2L   /*  414 */,    0x6290AE846B984FE1L   /*  415 */,
-        0x94DF4CDEACC1A5FDL   /*  416 */,    0x058A5BD1C5483AFFL   /*  417 */,
-        0x63166CC142BA3C37L   /*  418 */,    0x8DB8526EB2F76F40L   /*  419 */,
-        0xE10880036F0D6D4EL   /*  420 */,    0x9E0523C9971D311DL   /*  421 */,
-        0x45EC2824CC7CD691L   /*  422 */,    0x575B8359E62382C9L   /*  423 */,
-        0xFA9E400DC4889995L   /*  424 */,    0xD1823ECB45721568L   /*  425 */,
-        0xDAFD983B8206082FL   /*  426 */,    0xAA7D29082386A8CBL   /*  427 */,
-        0x269FCD4403B87588L   /*  428 */,    0x1B91F5F728BDD1E0L   /*  429 */,
-        0xE4669F39040201F6L   /*  430 */,    0x7A1D7C218CF04ADEL   /*  431 */,
-        0x65623C29D79CE5CEL   /*  432 */,    0x2368449096C00BB1L   /*  433 */,
-        0xAB9BF1879DA503BAL   /*  434 */,    0xBC23ECB1A458058EL   /*  435 */,
-        0x9A58DF01BB401ECCL   /*  436 */,    0xA070E868A85F143DL   /*  437 */,
-        0x4FF188307DF2239EL   /*  438 */,    0x14D565B41A641183L   /*  439 */,
-        0xEE13337452701602L   /*  440 */,    0x950E3DCF3F285E09L   /*  441 */,
-        0x59930254B9C80953L   /*  442 */,    0x3BF299408930DA6DL   /*  443 */,
-        0xA955943F53691387L   /*  444 */,    0xA15EDECAA9CB8784L   /*  445 */,
-        0x29142127352BE9A0L   /*  446 */,    0x76F0371FFF4E7AFBL   /*  447 */,
-        0x0239F450274F2228L   /*  448 */,    0xBB073AF01D5E868BL   /*  449 */,
-        0xBFC80571C10E96C1L   /*  450 */,    0xD267088568222E23L   /*  451 */,
-        0x9671A3D48E80B5B0L   /*  452 */,    0x55B5D38AE193BB81L   /*  453 */,
-        0x693AE2D0A18B04B8L   /*  454 */,    0x5C48B4ECADD5335FL   /*  455 */,
-        0xFD743B194916A1CAL   /*  456 */,    0x2577018134BE98C4L   /*  457 */,
-        0xE77987E83C54A4ADL   /*  458 */,    0x28E11014DA33E1B9L   /*  459 */,
-        0x270CC59E226AA213L   /*  460 */,    0x71495F756D1A5F60L   /*  461 */,
-        0x9BE853FB60AFEF77L   /*  462 */,    0xADC786A7F7443DBFL   /*  463 */,
-        0x0904456173B29A82L   /*  464 */,    0x58BC7A66C232BD5EL   /*  465 */,
-        0xF306558C673AC8B2L   /*  466 */,    0x41F639C6B6C9772AL   /*  467 */,
-        0x216DEFE99FDA35DAL   /*  468 */,    0x11640CC71C7BE615L   /*  469 */,
-        0x93C43694565C5527L   /*  470 */,    0xEA038E6246777839L   /*  471 */,
-        0xF9ABF3CE5A3E2469L   /*  472 */,    0x741E768D0FD312D2L   /*  473 */,
-        0x0144B883CED652C6L   /*  474 */,    0xC20B5A5BA33F8552L   /*  475 */,
-        0x1AE69633C3435A9DL   /*  476 */,    0x97A28CA4088CFDECL   /*  477 */,
-        0x8824A43C1E96F420L   /*  478 */,    0x37612FA66EEEA746L   /*  479 */,
-        0x6B4CB165F9CF0E5AL   /*  480 */,    0x43AA1C06A0ABFB4AL   /*  481 */,
-        0x7F4DC26FF162796BL   /*  482 */,    0x6CBACC8E54ED9B0FL   /*  483 */,
-        0xA6B7FFEFD2BB253EL   /*  484 */,    0x2E25BC95B0A29D4FL   /*  485 */,
-        0x86D6A58BDEF1388CL   /*  486 */,    0xDED74AC576B6F054L   /*  487 */,
-        0x8030BDBC2B45805DL   /*  488 */,    0x3C81AF70E94D9289L   /*  489 */,
-        0x3EFF6DDA9E3100DBL   /*  490 */,    0xB38DC39FDFCC8847L   /*  491 */,
-        0x123885528D17B87EL   /*  492 */,    0xF2DA0ED240B1B642L   /*  493 */,
-        0x44CEFADCD54BF9A9L   /*  494 */,    0x1312200E433C7EE6L   /*  495 */,
-        0x9FFCC84F3A78C748L   /*  496 */,    0xF0CD1F72248576BBL   /*  497 */,
-        0xEC6974053638CFE4L   /*  498 */,    0x2BA7B67C0CEC4E4CL   /*  499 */,
-        0xAC2F4DF3E5CE32EDL   /*  500 */,    0xCB33D14326EA4C11L   /*  501 */,
-        0xA4E9044CC77E58BCL   /*  502 */,    0x5F513293D934FCEFL   /*  503 */,
-        0x5DC9645506E55444L   /*  504 */,    0x50DE418F317DE40AL   /*  505 */,
-        0x388CB31A69DDE259L   /*  506 */,    0x2DB4A83455820A86L   /*  507 */,
-        0x9010A91E84711AE9L   /*  508 */,    0x4DF7F0B7B1498371L   /*  509 */,
-        0xD62A2EABC0977179L   /*  510 */,    0x22FAC097AA8D5C0EL   /*  511 */,
-    };
-
-    private static final long[] t3 = {
-        0xF49FCC2FF1DAF39BL   /*  512 */,    0x487FD5C66FF29281L   /*  513 */,
-        0xE8A30667FCDCA83FL   /*  514 */,    0x2C9B4BE3D2FCCE63L   /*  515 */,
-        0xDA3FF74B93FBBBC2L   /*  516 */,    0x2FA165D2FE70BA66L   /*  517 */,
-        0xA103E279970E93D4L   /*  518 */,    0xBECDEC77B0E45E71L   /*  519 */,
-        0xCFB41E723985E497L   /*  520 */,    0xB70AAA025EF75017L   /*  521 */,
-        0xD42309F03840B8E0L   /*  522 */,    0x8EFC1AD035898579L   /*  523 */,
-        0x96C6920BE2B2ABC5L   /*  524 */,    0x66AF4163375A9172L   /*  525 */,
-        0x2174ABDCCA7127FBL   /*  526 */,    0xB33CCEA64A72FF41L   /*  527 */,
-        0xF04A4933083066A5L   /*  528 */,    0x8D970ACDD7289AF5L   /*  529 */,
-        0x8F96E8E031C8C25EL   /*  530 */,    0xF3FEC02276875D47L   /*  531 */,
-        0xEC7BF310056190DDL   /*  532 */,    0xF5ADB0AEBB0F1491L   /*  533 */,
-        0x9B50F8850FD58892L   /*  534 */,    0x4975488358B74DE8L   /*  535 */,
-        0xA3354FF691531C61L   /*  536 */,    0x0702BBE481D2C6EEL   /*  537 */,
-        0x89FB24057DEDED98L   /*  538 */,    0xAC3075138596E902L   /*  539 */,
-        0x1D2D3580172772EDL   /*  540 */,    0xEB738FC28E6BC30DL   /*  541 */,
-        0x5854EF8F63044326L   /*  542 */,    0x9E5C52325ADD3BBEL   /*  543 */,
-        0x90AA53CF325C4623L   /*  544 */,    0xC1D24D51349DD067L   /*  545 */,
-        0x2051CFEEA69EA624L   /*  546 */,    0x13220F0A862E7E4FL   /*  547 */,
-        0xCE39399404E04864L   /*  548 */,    0xD9C42CA47086FCB7L   /*  549 */,
-        0x685AD2238A03E7CCL   /*  550 */,    0x066484B2AB2FF1DBL   /*  551 */,
-        0xFE9D5D70EFBF79ECL   /*  552 */,    0x5B13B9DD9C481854L   /*  553 */,
-        0x15F0D475ED1509ADL   /*  554 */,    0x0BEBCD060EC79851L   /*  555 */,
-        0xD58C6791183AB7F8L   /*  556 */,    0xD1187C5052F3EEE4L   /*  557 */,
-        0xC95D1192E54E82FFL   /*  558 */,    0x86EEA14CB9AC6CA2L   /*  559 */,
-        0x3485BEB153677D5DL   /*  560 */,    0xDD191D781F8C492AL   /*  561 */,
-        0xF60866BAA784EBF9L   /*  562 */,    0x518F643BA2D08C74L   /*  563 */,
-        0x8852E956E1087C22L   /*  564 */,    0xA768CB8DC410AE8DL   /*  565 */,
-        0x38047726BFEC8E1AL   /*  566 */,    0xA67738B4CD3B45AAL   /*  567 */,
-        0xAD16691CEC0DDE19L   /*  568 */,    0xC6D4319380462E07L   /*  569 */,
-        0xC5A5876D0BA61938L   /*  570 */,    0x16B9FA1FA58FD840L   /*  571 */,
-        0x188AB1173CA74F18L   /*  572 */,    0xABDA2F98C99C021FL   /*  573 */,
-        0x3E0580AB134AE816L   /*  574 */,    0x5F3B05B773645ABBL   /*  575 */,
-        0x2501A2BE5575F2F6L   /*  576 */,    0x1B2F74004E7E8BA9L   /*  577 */,
-        0x1CD7580371E8D953L   /*  578 */,    0x7F6ED89562764E30L   /*  579 */,
-        0xB15926FF596F003DL   /*  580 */,    0x9F65293DA8C5D6B9L   /*  581 */,
-        0x6ECEF04DD690F84CL   /*  582 */,    0x4782275FFF33AF88L   /*  583 */,
-        0xE41433083F820801L   /*  584 */,    0xFD0DFE409A1AF9B5L   /*  585 */,
-        0x4325A3342CDB396BL   /*  586 */,    0x8AE77E62B301B252L   /*  587 */,
-        0xC36F9E9F6655615AL   /*  588 */,    0x85455A2D92D32C09L   /*  589 */,
-        0xF2C7DEA949477485L   /*  590 */,    0x63CFB4C133A39EBAL   /*  591 */,
-        0x83B040CC6EBC5462L   /*  592 */,    0x3B9454C8FDB326B0L   /*  593 */,
-        0x56F56A9E87FFD78CL   /*  594 */,    0x2DC2940D99F42BC6L   /*  595 */,
-        0x98F7DF096B096E2DL   /*  596 */,    0x19A6E01E3AD852BFL   /*  597 */,
-        0x42A99CCBDBD4B40BL   /*  598 */,    0xA59998AF45E9C559L   /*  599 */,
-        0x366295E807D93186L   /*  600 */,    0x6B48181BFAA1F773L   /*  601 */,
-        0x1FEC57E2157A0A1DL   /*  602 */,    0x4667446AF6201AD5L   /*  603 */,
-        0xE615EBCACFB0F075L   /*  604 */,    0xB8F31F4F68290778L   /*  605 */,
-        0x22713ED6CE22D11EL   /*  606 */,    0x3057C1A72EC3C93BL   /*  607 */,
-        0xCB46ACC37C3F1F2FL   /*  608 */,    0xDBB893FD02AAF50EL   /*  609 */,
-        0x331FD92E600B9FCFL   /*  610 */,    0xA498F96148EA3AD6L   /*  611 */,
-        0xA8D8426E8B6A83EAL   /*  612 */,    0xA089B274B7735CDCL   /*  613 */,
-        0x87F6B3731E524A11L   /*  614 */,    0x118808E5CBC96749L   /*  615 */,
-        0x9906E4C7B19BD394L   /*  616 */,    0xAFED7F7E9B24A20CL   /*  617 */,
-        0x6509EADEEB3644A7L   /*  618 */,    0x6C1EF1D3E8EF0EDEL   /*  619 */,
-        0xB9C97D43E9798FB4L   /*  620 */,    0xA2F2D784740C28A3L   /*  621 */,
-        0x7B8496476197566FL   /*  622 */,    0x7A5BE3E6B65F069DL   /*  623 */,
-        0xF96330ED78BE6F10L   /*  624 */,    0xEEE60DE77A076A15L   /*  625 */,
-        0x2B4BEE4AA08B9BD0L   /*  626 */,    0x6A56A63EC7B8894EL   /*  627 */,
-        0x02121359BA34FEF4L   /*  628 */,    0x4CBF99F8283703FCL   /*  629 */,
-        0x398071350CAF30C8L   /*  630 */,    0xD0A77A89F017687AL   /*  631 */,
-        0xF1C1A9EB9E423569L   /*  632 */,    0x8C7976282DEE8199L   /*  633 */,
-        0x5D1737A5DD1F7ABDL   /*  634 */,    0x4F53433C09A9FA80L   /*  635 */,
-        0xFA8B0C53DF7CA1D9L   /*  636 */,    0x3FD9DCBC886CCB77L   /*  637 */,
-        0xC040917CA91B4720L   /*  638 */,    0x7DD00142F9D1DCDFL   /*  639 */,
-        0x8476FC1D4F387B58L   /*  640 */,    0x23F8E7C5F3316503L   /*  641 */,
-        0x032A2244E7E37339L   /*  642 */,    0x5C87A5D750F5A74BL   /*  643 */,
-        0x082B4CC43698992EL   /*  644 */,    0xDF917BECB858F63CL   /*  645 */,
-        0x3270B8FC5BF86DDAL   /*  646 */,    0x10AE72BB29B5DD76L   /*  647 */,
-        0x576AC94E7700362BL   /*  648 */,    0x1AD112DAC61EFB8FL   /*  649 */,
-        0x691BC30EC5FAA427L   /*  650 */,    0xFF246311CC327143L   /*  651 */,
-        0x3142368E30E53206L   /*  652 */,    0x71380E31E02CA396L   /*  653 */,
-        0x958D5C960AAD76F1L   /*  654 */,    0xF8D6F430C16DA536L   /*  655 */,
-        0xC8FFD13F1BE7E1D2L   /*  656 */,    0x7578AE66004DDBE1L   /*  657 */,
-        0x05833F01067BE646L   /*  658 */,    0xBB34B5AD3BFE586DL   /*  659 */,
-        0x095F34C9A12B97F0L   /*  660 */,    0x247AB64525D60CA8L   /*  661 */,
-        0xDCDBC6F3017477D1L   /*  662 */,    0x4A2E14D4DECAD24DL   /*  663 */,
-        0xBDB5E6D9BE0A1EEBL   /*  664 */,    0x2A7E70F7794301ABL   /*  665 */,
-        0xDEF42D8A270540FDL   /*  666 */,    0x01078EC0A34C22C1L   /*  667 */,
-        0xE5DE511AF4C16387L   /*  668 */,    0x7EBB3A52BD9A330AL   /*  669 */,
-        0x77697857AA7D6435L   /*  670 */,    0x004E831603AE4C32L   /*  671 */,
-        0xE7A21020AD78E312L   /*  672 */,    0x9D41A70C6AB420F2L   /*  673 */,
-        0x28E06C18EA1141E6L   /*  674 */,    0xD2B28CBD984F6B28L   /*  675 */,
-        0x26B75F6C446E9D83L   /*  676 */,    0xBA47568C4D418D7FL   /*  677 */,
-        0xD80BADBFE6183D8EL   /*  678 */,    0x0E206D7F5F166044L   /*  679 */,
-        0xE258A43911CBCA3EL   /*  680 */,    0x723A1746B21DC0BCL   /*  681 */,
-        0xC7CAA854F5D7CDD3L   /*  682 */,    0x7CAC32883D261D9CL   /*  683 */,
-        0x7690C26423BA942CL   /*  684 */,    0x17E55524478042B8L   /*  685 */,
-        0xE0BE477656A2389FL   /*  686 */,    0x4D289B5E67AB2DA0L   /*  687 */,
-        0x44862B9C8FBBFD31L   /*  688 */,    0xB47CC8049D141365L   /*  689 */,
-        0x822C1B362B91C793L   /*  690 */,    0x4EB14655FB13DFD8L   /*  691 */,
-        0x1ECBBA0714E2A97BL   /*  692 */,    0x6143459D5CDE5F14L   /*  693 */,
-        0x53A8FBF1D5F0AC89L   /*  694 */,    0x97EA04D81C5E5B00L   /*  695 */,
-        0x622181A8D4FDB3F3L   /*  696 */,    0xE9BCD341572A1208L   /*  697 */,
-        0x1411258643CCE58AL   /*  698 */,    0x9144C5FEA4C6E0A4L   /*  699 */,
-        0x0D33D06565CF620FL   /*  700 */,    0x54A48D489F219CA1L   /*  701 */,
-        0xC43E5EAC6D63C821L   /*  702 */,    0xA9728B3A72770DAFL   /*  703 */,
-        0xD7934E7B20DF87EFL   /*  704 */,    0xE35503B61A3E86E5L   /*  705 */,
-        0xCAE321FBC819D504L   /*  706 */,    0x129A50B3AC60BFA6L   /*  707 */,
-        0xCD5E68EA7E9FB6C3L   /*  708 */,    0xB01C90199483B1C7L   /*  709 */,
-        0x3DE93CD5C295376CL   /*  710 */,    0xAED52EDF2AB9AD13L   /*  711 */,
-        0x2E60F512C0A07884L   /*  712 */,    0xBC3D86A3E36210C9L   /*  713 */,
-        0x35269D9B163951CEL   /*  714 */,    0x0C7D6E2AD0CDB5FAL   /*  715 */,
-        0x59E86297D87F5733L   /*  716 */,    0x298EF221898DB0E7L   /*  717 */,
-        0x55000029D1A5AA7EL   /*  718 */,    0x8BC08AE1B5061B45L   /*  719 */,
-        0xC2C31C2B6C92703AL   /*  720 */,    0x94CC596BAF25EF42L   /*  721 */,
-        0x0A1D73DB22540456L   /*  722 */,    0x04B6A0F9D9C4179AL   /*  723 */,
-        0xEFFDAFA2AE3D3C60L   /*  724 */,    0xF7C8075BB49496C4L   /*  725 */,
-        0x9CC5C7141D1CD4E3L   /*  726 */,    0x78BD1638218E5534L   /*  727 */,
-        0xB2F11568F850246AL   /*  728 */,    0xEDFABCFA9502BC29L   /*  729 */,
-        0x796CE5F2DA23051BL   /*  730 */,    0xAAE128B0DC93537CL   /*  731 */,
-        0x3A493DA0EE4B29AEL   /*  732 */,    0xB5DF6B2C416895D7L   /*  733 */,
-        0xFCABBD25122D7F37L   /*  734 */,    0x70810B58105DC4B1L   /*  735 */,
-        0xE10FDD37F7882A90L   /*  736 */,    0x524DCAB5518A3F5CL   /*  737 */,
-        0x3C9E85878451255BL   /*  738 */,    0x4029828119BD34E2L   /*  739 */,
-        0x74A05B6F5D3CECCBL   /*  740 */,    0xB610021542E13ECAL   /*  741 */,
-        0x0FF979D12F59E2ACL   /*  742 */,    0x6037DA27E4F9CC50L   /*  743 */,
-        0x5E92975A0DF1847DL   /*  744 */,    0xD66DE190D3E623FEL   /*  745 */,
-        0x5032D6B87B568048L   /*  746 */,    0x9A36B7CE8235216EL   /*  747 */,
-        0x80272A7A24F64B4AL   /*  748 */,    0x93EFED8B8C6916F7L   /*  749 */,
-        0x37DDBFF44CCE1555L   /*  750 */,    0x4B95DB5D4B99BD25L   /*  751 */,
-        0x92D3FDA169812FC0L   /*  752 */,    0xFB1A4A9A90660BB6L   /*  753 */,
-        0x730C196946A4B9B2L   /*  754 */,    0x81E289AA7F49DA68L   /*  755 */,
-        0x64669A0F83B1A05FL   /*  756 */,    0x27B3FF7D9644F48BL   /*  757 */,
-        0xCC6B615C8DB675B3L   /*  758 */,    0x674F20B9BCEBBE95L   /*  759 */,
-        0x6F31238275655982L   /*  760 */,    0x5AE488713E45CF05L   /*  761 */,
-        0xBF619F9954C21157L   /*  762 */,    0xEABAC46040A8EAE9L   /*  763 */,
-        0x454C6FE9F2C0C1CDL   /*  764 */,    0x419CF6496412691CL   /*  765 */,
-        0xD3DC3BEF265B0F70L   /*  766 */,    0x6D0E60F5C3578A9EL   /*  767 */,
-    };
-
-    private static final long[] t4 = {
-        0x5B0E608526323C55L   /*  768 */,    0x1A46C1A9FA1B59F5L   /*  769 */,
-        0xA9E245A17C4C8FFAL   /*  770 */,    0x65CA5159DB2955D7L   /*  771 */,
-        0x05DB0A76CE35AFC2L   /*  772 */,    0x81EAC77EA9113D45L   /*  773 */,
-        0x528EF88AB6AC0A0DL   /*  774 */,    0xA09EA253597BE3FFL   /*  775 */,
-        0x430DDFB3AC48CD56L   /*  776 */,    0xC4B3A67AF45CE46FL   /*  777 */,
-        0x4ECECFD8FBE2D05EL   /*  778 */,    0x3EF56F10B39935F0L   /*  779 */,
-        0x0B22D6829CD619C6L   /*  780 */,    0x17FD460A74DF2069L   /*  781 */,
-        0x6CF8CC8E8510ED40L   /*  782 */,    0xD6C824BF3A6ECAA7L   /*  783 */,
-        0x61243D581A817049L   /*  784 */,    0x048BACB6BBC163A2L   /*  785 */,
-        0xD9A38AC27D44CC32L   /*  786 */,    0x7FDDFF5BAAF410ABL   /*  787 */,
-        0xAD6D495AA804824BL   /*  788 */,    0xE1A6A74F2D8C9F94L   /*  789 */,
-        0xD4F7851235DEE8E3L   /*  790 */,    0xFD4B7F886540D893L   /*  791 */,
-        0x247C20042AA4BFDAL   /*  792 */,    0x096EA1C517D1327CL   /*  793 */,
-        0xD56966B4361A6685L   /*  794 */,    0x277DA5C31221057DL   /*  795 */,
-        0x94D59893A43ACFF7L   /*  796 */,    0x64F0C51CCDC02281L   /*  797 */,
-        0x3D33BCC4FF6189DBL   /*  798 */,    0xE005CB184CE66AF1L   /*  799 */,
-        0xFF5CCD1D1DB99BEAL   /*  800 */,    0xB0B854A7FE42980FL   /*  801 */,
-        0x7BD46A6A718D4B9FL   /*  802 */,    0xD10FA8CC22A5FD8CL   /*  803 */,
-        0xD31484952BE4BD31L   /*  804 */,    0xC7FA975FCB243847L   /*  805 */,
-        0x4886ED1E5846C407L   /*  806 */,    0x28CDDB791EB70B04L   /*  807 */,
-        0xC2B00BE2F573417FL   /*  808 */,    0x5C9590452180F877L   /*  809 */,
-        0x7A6BDDFFF370EB00L   /*  810 */,    0xCE509E38D6D9D6A4L   /*  811 */,
-        0xEBEB0F00647FA702L   /*  812 */,    0x1DCC06CF76606F06L   /*  813 */,
-        0xE4D9F28BA286FF0AL   /*  814 */,    0xD85A305DC918C262L   /*  815 */,
-        0x475B1D8732225F54L   /*  816 */,    0x2D4FB51668CCB5FEL   /*  817 */,
-        0xA679B9D9D72BBA20L   /*  818 */,    0x53841C0D912D43A5L   /*  819 */,
-        0x3B7EAA48BF12A4E8L   /*  820 */,    0x781E0E47F22F1DDFL   /*  821 */,
-        0xEFF20CE60AB50973L   /*  822 */,    0x20D261D19DFFB742L   /*  823 */,
-        0x16A12B03062A2E39L   /*  824 */,    0x1960EB2239650495L   /*  825 */,
-        0x251C16FED50EB8B8L   /*  826 */,    0x9AC0C330F826016EL   /*  827 */,
-        0xED152665953E7671L   /*  828 */,    0x02D63194A6369570L   /*  829 */,
-        0x5074F08394B1C987L   /*  830 */,    0x70BA598C90B25CE1L   /*  831 */,
-        0x794A15810B9742F6L   /*  832 */,    0x0D5925E9FCAF8C6CL   /*  833 */,
-        0x3067716CD868744EL   /*  834 */,    0x910AB077E8D7731BL   /*  835 */,
-        0x6A61BBDB5AC42F61L   /*  836 */,    0x93513EFBF0851567L   /*  837 */,
-        0xF494724B9E83E9D5L   /*  838 */,    0xE887E1985C09648DL   /*  839 */,
-        0x34B1D3C675370CFDL   /*  840 */,    0xDC35E433BC0D255DL   /*  841 */,
-        0xD0AAB84234131BE0L   /*  842 */,    0x08042A50B48B7EAFL   /*  843 */,
-        0x9997C4EE44A3AB35L   /*  844 */,    0x829A7B49201799D0L   /*  845 */,
-        0x263B8307B7C54441L   /*  846 */,    0x752F95F4FD6A6CA6L   /*  847 */,
-        0x927217402C08C6E5L   /*  848 */,    0x2A8AB754A795D9EEL   /*  849 */,
-        0xA442F7552F72943DL   /*  850 */,    0x2C31334E19781208L   /*  851 */,
-        0x4FA98D7CEAEE6291L   /*  852 */,    0x55C3862F665DB309L   /*  853 */,
-        0xBD0610175D53B1F3L   /*  854 */,    0x46FE6CB840413F27L   /*  855 */,
-        0x3FE03792DF0CFA59L   /*  856 */,    0xCFE700372EB85E8FL   /*  857 */,
-        0xA7BE29E7ADBCE118L   /*  858 */,    0xE544EE5CDE8431DDL   /*  859 */,
-        0x8A781B1B41F1873EL   /*  860 */,    0xA5C94C78A0D2F0E7L   /*  861 */,
-        0x39412E2877B60728L   /*  862 */,    0xA1265EF3AFC9A62CL   /*  863 */,
-        0xBCC2770C6A2506C5L   /*  864 */,    0x3AB66DD5DCE1CE12L   /*  865 */,
-        0xE65499D04A675B37L   /*  866 */,    0x7D8F523481BFD216L   /*  867 */,
-        0x0F6F64FCEC15F389L   /*  868 */,    0x74EFBE618B5B13C8L   /*  869 */,
-        0xACDC82B714273E1DL   /*  870 */,    0xDD40BFE003199D17L   /*  871 */,
-        0x37E99257E7E061F8L   /*  872 */,    0xFA52626904775AAAL   /*  873 */,
-        0x8BBBF63A463D56F9L   /*  874 */,    0xF0013F1543A26E64L   /*  875 */,
-        0xA8307E9F879EC898L   /*  876 */,    0xCC4C27A4150177CCL   /*  877 */,
-        0x1B432F2CCA1D3348L   /*  878 */,    0xDE1D1F8F9F6FA013L   /*  879 */,
-        0x606602A047A7DDD6L   /*  880 */,    0xD237AB64CC1CB2C7L   /*  881 */,
-        0x9B938E7225FCD1D3L   /*  882 */,    0xEC4E03708E0FF476L   /*  883 */,
-        0xFEB2FBDA3D03C12DL   /*  884 */,    0xAE0BCED2EE43889AL   /*  885 */,
-        0x22CB8923EBFB4F43L   /*  886 */,    0x69360D013CF7396DL   /*  887 */,
-        0x855E3602D2D4E022L   /*  888 */,    0x073805BAD01F784CL   /*  889 */,
-        0x33E17A133852F546L   /*  890 */,    0xDF4874058AC7B638L   /*  891 */,
-        0xBA92B29C678AA14AL   /*  892 */,    0x0CE89FC76CFAADCDL   /*  893 */,
-        0x5F9D4E0908339E34L   /*  894 */,    0xF1AFE9291F5923B9L   /*  895 */,
-        0x6E3480F60F4A265FL   /*  896 */,    0xEEBF3A2AB29B841CL   /*  897 */,
-        0xE21938A88F91B4ADL   /*  898 */,    0x57DFEFF845C6D3C3L   /*  899 */,
-        0x2F006B0BF62CAAF2L   /*  900 */,    0x62F479EF6F75EE78L   /*  901 */,
-        0x11A55AD41C8916A9L   /*  902 */,    0xF229D29084FED453L   /*  903 */,
-        0x42F1C27B16B000E6L   /*  904 */,    0x2B1F76749823C074L   /*  905 */,
-        0x4B76ECA3C2745360L   /*  906 */,    0x8C98F463B91691BDL   /*  907 */,
-        0x14BCC93CF1ADE66AL   /*  908 */,    0x8885213E6D458397L   /*  909 */,
-        0x8E177DF0274D4711L   /*  910 */,    0xB49B73B5503F2951L   /*  911 */,
-        0x10168168C3F96B6BL   /*  912 */,    0x0E3D963B63CAB0AEL   /*  913 */,
-        0x8DFC4B5655A1DB14L   /*  914 */,    0xF789F1356E14DE5CL   /*  915 */,
-        0x683E68AF4E51DAC1L   /*  916 */,    0xC9A84F9D8D4B0FD9L   /*  917 */,
-        0x3691E03F52A0F9D1L   /*  918 */,    0x5ED86E46E1878E80L   /*  919 */,
-        0x3C711A0E99D07150L   /*  920 */,    0x5A0865B20C4E9310L   /*  921 */,
-        0x56FBFC1FE4F0682EL   /*  922 */,    0xEA8D5DE3105EDF9BL   /*  923 */,
-        0x71ABFDB12379187AL   /*  924 */,    0x2EB99DE1BEE77B9CL   /*  925 */,
-        0x21ECC0EA33CF4523L   /*  926 */,    0x59A4D7521805C7A1L   /*  927 */,
-        0x3896F5EB56AE7C72L   /*  928 */,    0xAA638F3DB18F75DCL   /*  929 */,
-        0x9F39358DABE9808EL   /*  930 */,    0xB7DEFA91C00B72ACL   /*  931 */,
-        0x6B5541FD62492D92L   /*  932 */,    0x6DC6DEE8F92E4D5BL   /*  933 */,
-        0x353F57ABC4BEEA7EL   /*  934 */,    0x735769D6DA5690CEL   /*  935 */,
-        0x0A234AA642391484L   /*  936 */,    0xF6F9508028F80D9DL   /*  937 */,
-        0xB8E319A27AB3F215L   /*  938 */,    0x31AD9C1151341A4DL   /*  939 */,
-        0x773C22A57BEF5805L   /*  940 */,    0x45C7561A07968633L   /*  941 */,
-        0xF913DA9E249DBE36L   /*  942 */,    0xDA652D9B78A64C68L   /*  943 */,
-        0x4C27A97F3BC334EFL   /*  944 */,    0x76621220E66B17F4L   /*  945 */,
-        0x967743899ACD7D0BL   /*  946 */,    0xF3EE5BCAE0ED6782L   /*  947 */,
-        0x409F753600C879FCL   /*  948 */,    0x06D09A39B5926DB6L   /*  949 */,
-        0x6F83AEB0317AC588L   /*  950 */,    0x01E6CA4A86381F21L   /*  951 */,
-        0x66FF3462D19F3025L   /*  952 */,    0x72207C24DDFD3BFBL   /*  953 */,
-        0x4AF6B6D3E2ECE2EBL   /*  954 */,    0x9C994DBEC7EA08DEL   /*  955 */,
-        0x49ACE597B09A8BC4L   /*  956 */,    0xB38C4766CF0797BAL   /*  957 */,
-        0x131B9373C57C2A75L   /*  958 */,    0xB1822CCE61931E58L   /*  959 */,
-        0x9D7555B909BA1C0CL   /*  960 */,    0x127FAFDD937D11D2L   /*  961 */,
-        0x29DA3BADC66D92E4L   /*  962 */,    0xA2C1D57154C2ECBCL   /*  963 */,
-        0x58C5134D82F6FE24L   /*  964 */,    0x1C3AE3515B62274FL   /*  965 */,
-        0xE907C82E01CB8126L   /*  966 */,    0xF8ED091913E37FCBL   /*  967 */,
-        0x3249D8F9C80046C9L   /*  968 */,    0x80CF9BEDE388FB63L   /*  969 */,
-        0x1881539A116CF19EL   /*  970 */,    0x5103F3F76BD52457L   /*  971 */,
-        0x15B7E6F5AE47F7A8L   /*  972 */,    0xDBD7C6DED47E9CCFL   /*  973 */,
-        0x44E55C410228BB1AL   /*  974 */,    0xB647D4255EDB4E99L   /*  975 */,
-        0x5D11882BB8AAFC30L   /*  976 */,    0xF5098BBB29D3212AL   /*  977 */,
-        0x8FB5EA14E90296B3L   /*  978 */,    0x677B942157DD025AL   /*  979 */,
-        0xFB58E7C0A390ACB5L   /*  980 */,    0x89D3674C83BD4A01L   /*  981 */,
-        0x9E2DA4DF4BF3B93BL   /*  982 */,    0xFCC41E328CAB4829L   /*  983 */,
-        0x03F38C96BA582C52L   /*  984 */,    0xCAD1BDBD7FD85DB2L   /*  985 */,
-        0xBBB442C16082AE83L   /*  986 */,    0xB95FE86BA5DA9AB0L   /*  987 */,
-        0xB22E04673771A93FL   /*  988 */,    0x845358C9493152D8L   /*  989 */,
-        0xBE2A488697B4541EL   /*  990 */,    0x95A2DC2DD38E6966L   /*  991 */,
-        0xC02C11AC923C852BL   /*  992 */,    0x2388B1990DF2A87BL   /*  993 */,
-        0x7C8008FA1B4F37BEL   /*  994 */,    0x1F70D0C84D54E503L   /*  995 */,
-        0x5490ADEC7ECE57D4L   /*  996 */,    0x002B3C27D9063A3AL   /*  997 */,
-        0x7EAEA3848030A2BFL   /*  998 */,    0xC602326DED2003C0L   /*  999 */,
-        0x83A7287D69A94086L   /* 1000 */,    0xC57A5FCB30F57A8AL   /* 1001 */,
-        0xB56844E479EBE779L   /* 1002 */,    0xA373B40F05DCBCE9L   /* 1003 */,
-        0xD71A786E88570EE2L   /* 1004 */,    0x879CBACDBDE8F6A0L   /* 1005 */,
-        0x976AD1BCC164A32FL   /* 1006 */,    0xAB21E25E9666D78BL   /* 1007 */,
-        0x901063AAE5E5C33CL   /* 1008 */,    0x9818B34448698D90L   /* 1009 */,
-        0xE36487AE3E1E8ABBL   /* 1010 */,    0xAFBDF931893BDCB4L   /* 1011 */,
-        0x6345A0DC5FBBD519L   /* 1012 */,    0x8628FE269B9465CAL   /* 1013 */,
-        0x1E5D01603F9C51ECL   /* 1014 */,    0x4DE44006A15049B7L   /* 1015 */,
-        0xBF6C70E5F776CBB1L   /* 1016 */,    0x411218F2EF552BEDL   /* 1017 */,
-        0xCB0C0708705A36A3L   /* 1018 */,    0xE74D14754F986044L   /* 1019 */,
-        0xCD56D9430EA8280EL   /* 1020 */,    0xC12591D7535F5065L   /* 1021 */,
-        0xC83223F1720AEF96L   /* 1022 */,    0xC3A0396F7363A51FL   /* 1023 */
-    };
-
-    private static final int    DIGEST_LENGTH = 24;
-
-    //
-    // registers
-    //
-    private long    a, b, c;
-    private long    byteCount;
-
-    //
-    // buffers
-    //
-    private byte[]  buf = new byte[8];
-    private int     bOff = 0;
-
-    private long[]  x = new long[8];
-    private int     xOff = 0;
-
-    /**
-     * Standard constructor
-     */
-    public TigerDigest()
-    {
-        reset();
-    }
-
-    /**
-     * Copy constructor.  This will copy the state of the provided
-     * message digest.
-     */
-    public TigerDigest(TigerDigest t)
-    {
-        this.reset(t);
-    }
-
-    public String getAlgorithmName()
-    {
-        return "Tiger";
-    }
-
-    public int getDigestSize()
-    {
-        return DIGEST_LENGTH;
-    }
-
-    private void processWord(
-        byte[]  b,
-        int     off)
-    {
-        x[xOff++] = ((long)(b[off + 7] & 0xff) << 56)
-             | ((long)(b[off + 6] & 0xff) << 48)
-             | ((long)(b[off + 5] & 0xff) << 40)
-             | ((long)(b[off + 4] & 0xff) << 32)
-             | ((long)(b[off + 3] & 0xff) << 24)
-             | ((long)(b[off + 2] & 0xff) << 16)
-             | ((long)(b[off + 1] & 0xff) << 8)
-             | ((b[off + 0] & 0xff));
-
-        if (xOff == x.length)
-        {
-            processBlock();
-        }
-
-        bOff = 0;
-    }
-
-    public void update(
-        byte in)
-    {
-        buf[bOff++] = in;
-
-        if (bOff == buf.length)
-        {
-            processWord(buf, 0);
-        }
-
-        byteCount++;
-    }
-
-    public void update(
-        byte[]  in,
-        int     inOff,
-        int     len)
-    {
-        //
-        // fill the current word
-        //
-        while ((bOff != 0) && (len > 0))
-        {
-            update(in[inOff]);
-
-            inOff++;
-            len--;
-        }
-
-        //
-        // process whole words.
-        //
-        while (len > 8)
-        {
-            processWord(in, inOff);
-
-            inOff += 8;
-            len -= 8;
-            byteCount += 8;
-        }
-
-        //
-        // load in the remainder.
-        //
-        while (len > 0)
-        {
-            update(in[inOff]);
-
-            inOff++;
-            len--;
-        }
-    }
-
-    private void roundABC(
-        long    x,
-        long    mul)
-    {
-         c ^= x ;
-         a -= t1[(int)c & 0xff] ^ t2[(int)(c >> 16) & 0xff]
-                ^ t3[(int)(c >> 32) & 0xff] ^ t4[(int)(c >> 48) & 0xff];
-         b += t4[(int)(c >> 8) & 0xff] ^ t3[(int)(c >> 24) & 0xff]
-                ^ t2[(int)(c >> 40) & 0xff] ^ t1[(int)(c >> 56) & 0xff];
-         b *= mul;
-    }
-
-    private void roundBCA(
-        long    x,
-        long    mul)
-    {
-         a ^= x ;
-         b -= t1[(int)a & 0xff] ^ t2[(int)(a >> 16) & 0xff]
-                ^ t3[(int)(a >> 32) & 0xff] ^ t4[(int)(a >> 48) & 0xff];
-         c += t4[(int)(a >> 8) & 0xff] ^ t3[(int)(a >> 24) & 0xff]
-                ^ t2[(int)(a >> 40) & 0xff] ^ t1[(int)(a >> 56) & 0xff];
-         c *= mul;
-    }
-
-    private void roundCAB(
-        long    x,
-        long    mul)
-    {
-         b ^= x ;
-         c -= t1[(int)b & 0xff] ^ t2[(int)(b >> 16) & 0xff]
-                ^ t3[(int)(b >> 32) & 0xff] ^ t4[(int)(b >> 48) & 0xff];
-         a += t4[(int)(b >> 8) & 0xff] ^ t3[(int)(b >> 24) & 0xff]
-                ^ t2[(int)(b >> 40) & 0xff] ^ t1[(int)(b >> 56) & 0xff];
-         a *= mul;
-    }
-
-    private void keySchedule()
-    {
-        x[0] -= x[7] ^ 0xA5A5A5A5A5A5A5A5L; 
-        x[1] ^= x[0]; 
-        x[2] += x[1]; 
-        x[3] -= x[2] ^ ((~x[1]) << 19); 
-        x[4] ^= x[3]; 
-        x[5] += x[4]; 
-        x[6] -= x[5] ^ ((~x[4]) >>> 23); 
-        x[7] ^= x[6]; 
-        x[0] += x[7]; 
-        x[1] -= x[0] ^ ((~x[7]) << 19); 
-        x[2] ^= x[1]; 
-        x[3] += x[2]; 
-        x[4] -= x[3] ^ ((~x[2]) >>> 23); 
-        x[5] ^= x[4]; 
-        x[6] += x[5]; 
-        x[7] -= x[6] ^ 0x0123456789ABCDEFL;
-    }
-
-    private void processBlock()
-    {
-        //
-        // save abc
-        //
-        long aa = a;
-        long bb = b;
-        long cc = c;
-
-        //
-        // rounds and schedule
-        //
-        roundABC(x[0], 5);
-        roundBCA(x[1], 5);
-        roundCAB(x[2], 5);
-        roundABC(x[3], 5);
-        roundBCA(x[4], 5);
-        roundCAB(x[5], 5);
-        roundABC(x[6], 5);
-        roundBCA(x[7], 5);
-
-        keySchedule();
-
-        roundCAB(x[0], 7);
-        roundABC(x[1], 7);
-        roundBCA(x[2], 7);
-        roundCAB(x[3], 7);
-        roundABC(x[4], 7);
-        roundBCA(x[5], 7);
-        roundCAB(x[6], 7);
-        roundABC(x[7], 7);
-
-        keySchedule();
-
-        roundBCA(x[0], 9);
-        roundCAB(x[1], 9);
-        roundABC(x[2], 9);
-        roundBCA(x[3], 9);
-        roundCAB(x[4], 9);
-        roundABC(x[5], 9);
-        roundBCA(x[6], 9);
-        roundCAB(x[7], 9);
-
-        //
-        // feed forward
-        //
-        a ^= aa;
-        b -= bb;
-        c += cc;
-
-        //
-        // clear the x buffer
-        //
-        xOff = 0;
-        for (int i = 0; i != x.length; i++)
-        {
-            x[i] = 0;
-        }
-    }
-
-    public void unpackWord(
-        long    r,
-        byte[]  out,
-        int     outOff)
-    {
-        out[outOff + 7]     = (byte)(r >> 56);
-        out[outOff + 6] = (byte)(r >> 48);
-        out[outOff + 5] = (byte)(r >> 40);
-        out[outOff + 4] = (byte)(r >> 32);
-        out[outOff + 3] = (byte)(r >> 24);
-        out[outOff + 2] = (byte)(r >> 16);
-        out[outOff + 1] = (byte)(r >> 8);
-        out[outOff] = (byte)r;
-    }
-        
-    private void processLength(
-        long    bitLength)
-    {
-        x[7] = bitLength;
-    }
-
-    private void finish()
-    {
-        long    bitLength = (byteCount << 3);
-
-        update((byte)0x01);
-
-        while (bOff != 0)
-        {
-            update((byte)0);
-        }
-
-        processLength(bitLength);
-
-        processBlock();
-    }
-
-    public int doFinal(
-        byte[]  out,
-        int     outOff)
-    {
-        finish();
-
-        unpackWord(a, out, outOff);
-        unpackWord(b, out, outOff + 8);
-        unpackWord(c, out, outOff + 16);
-
-        reset();
-
-        return DIGEST_LENGTH;
-    }
-
-    /**
-     * reset the chaining variables
-     */
-    public void reset()
-    {
-        a = 0x0123456789ABCDEFL;
-        b = 0xFEDCBA9876543210L;
-        c = 0xF096A5B4C3B2E187L;
-
-        xOff = 0;
-        for (int i = 0; i != x.length; i++)
-        {
-            x[i] = 0;
-        }
-
-        bOff = 0;
-        for (int i = 0; i != buf.length; i++)
-        {
-            buf[i] = 0;
-        }
-
-        byteCount = 0;
-    }
-
-    public int getByteLength()
-    {
-        return BYTE_LENGTH;
-    }
-
-    public Memoable copy()
-    {
-        return new TigerDigest(this);
-    }
-
-    public void reset(Memoable other)
-    {
-        TigerDigest t = (TigerDigest)other;
-
-        a = t.a;
-        b = t.b;
-        c = t.c;
-
-        System.arraycopy(t.x, 0, x, 0, t.x.length);
-        xOff = t.xOff;
-
-        System.arraycopy(t.buf, 0, buf, 0, t.buf.length);
-        bOff = t.bOff;
-
-        byteCount = t.byteCount;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/WhirlpoolDigest.java b/bcprov/src/main/java/org/bouncycastle/crypto/digests/WhirlpoolDigest.java
deleted file mode 100644
index 11e884c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/digests/WhirlpoolDigest.java
+++ /dev/null

@@ -1,409 +0,0 @@
-package org.bouncycastle.crypto.digests;
-
-import org.bouncycastle.crypto.ExtendedDigest;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Memoable;
-
-
-/**
- * Implementation of WhirlpoolDigest, based on Java source published by Barreto
- * and Rijmen.
- *  
- */
-public final class WhirlpoolDigest 
-    implements ExtendedDigest, Memoable
-{
-    private static final int BYTE_LENGTH = 64;
-    
-    private static final int DIGEST_LENGTH_BYTES = 512 / 8;
-    private static final int ROUNDS = 10;
-    private static final int REDUCTION_POLYNOMIAL = 0x011d; // 2^8 + 2^4 + 2^3 + 2 + 1;
-
-    private static final int[] SBOX = {
-        0x18, 0x23, 0xc6, 0xe8, 0x87, 0xb8, 0x01, 0x4f, 0x36, 0xa6, 0xd2, 0xf5, 0x79, 0x6f, 0x91, 0x52,
-        0x60, 0xbc, 0x9b, 0x8e, 0xa3, 0x0c, 0x7b, 0x35, 0x1d, 0xe0, 0xd7, 0xc2, 0x2e, 0x4b, 0xfe, 0x57,
-        0x15, 0x77, 0x37, 0xe5, 0x9f, 0xf0, 0x4a, 0xda, 0x58, 0xc9, 0x29, 0x0a, 0xb1, 0xa0, 0x6b, 0x85,
-        0xbd, 0x5d, 0x10, 0xf4, 0xcb, 0x3e, 0x05, 0x67, 0xe4, 0x27, 0x41, 0x8b, 0xa7, 0x7d, 0x95, 0xd8,
-        0xfb, 0xee, 0x7c, 0x66, 0xdd, 0x17, 0x47, 0x9e, 0xca, 0x2d, 0xbf, 0x07, 0xad, 0x5a, 0x83, 0x33,
-        0x63, 0x02, 0xaa, 0x71, 0xc8, 0x19, 0x49, 0xd9, 0xf2, 0xe3, 0x5b, 0x88, 0x9a, 0x26, 0x32, 0xb0,
-        0xe9, 0x0f, 0xd5, 0x80, 0xbe, 0xcd, 0x34, 0x48, 0xff, 0x7a, 0x90, 0x5f, 0x20, 0x68, 0x1a, 0xae,
-        0xb4, 0x54, 0x93, 0x22, 0x64, 0xf1, 0x73, 0x12, 0x40, 0x08, 0xc3, 0xec, 0xdb, 0xa1, 0x8d, 0x3d,
-        0x97, 0x00, 0xcf, 0x2b, 0x76, 0x82, 0xd6, 0x1b, 0xb5, 0xaf, 0x6a, 0x50, 0x45, 0xf3, 0x30, 0xef,
-        0x3f, 0x55, 0xa2, 0xea, 0x65, 0xba, 0x2f, 0xc0, 0xde, 0x1c, 0xfd, 0x4d, 0x92, 0x75, 0x06, 0x8a,
-        0xb2, 0xe6, 0x0e, 0x1f, 0x62, 0xd4, 0xa8, 0x96, 0xf9, 0xc5, 0x25, 0x59, 0x84, 0x72, 0x39, 0x4c,
-        0x5e, 0x78, 0x38, 0x8c, 0xd1, 0xa5, 0xe2, 0x61, 0xb3, 0x21, 0x9c, 0x1e, 0x43, 0xc7, 0xfc, 0x04,
-        0x51, 0x99, 0x6d, 0x0d, 0xfa, 0xdf, 0x7e, 0x24, 0x3b, 0xab, 0xce, 0x11, 0x8f, 0x4e, 0xb7, 0xeb,
-        0x3c, 0x81, 0x94, 0xf7, 0xb9, 0x13, 0x2c, 0xd3, 0xe7, 0x6e, 0xc4, 0x03, 0x56, 0x44, 0x7f, 0xa9,
-        0x2a, 0xbb, 0xc1, 0x53, 0xdc, 0x0b, 0x9d, 0x6c, 0x31, 0x74, 0xf6, 0x46, 0xac, 0x89, 0x14, 0xe1,
-        0x16, 0x3a, 0x69, 0x09, 0x70, 0xb6, 0xd0, 0xed, 0xcc, 0x42, 0x98, 0xa4, 0x28, 0x5c, 0xf8, 0x86
-    };
-    
-    private static final long[] C0 = new long[256];
-    private static final long[] C1 = new long[256];
-    private static final long[] C2 = new long[256];
-    private static final long[] C3 = new long[256];
-    private static final long[] C4 = new long[256];
-    private static final long[] C5 = new long[256];
-    private static final long[] C6 = new long[256];
-    private static final long[] C7 = new long[256];
-
-    private final long[] _rc = new long[ROUNDS + 1];
-        
-    public WhirlpoolDigest()
-    {
-        for (int i = 0; i < 256; i++)
-        {
-            int v1 = SBOX[i];
-            int v2 = maskWithReductionPolynomial(v1 << 1);
-            int v4 = maskWithReductionPolynomial(v2 << 1);
-            int v5 = v4 ^ v1;
-            int v8 = maskWithReductionPolynomial(v4 << 1);
-            int v9 = v8 ^ v1;
-            
-            C0[i] = packIntoLong(v1, v1, v4, v1, v8, v5, v2, v9);
-            C1[i] = packIntoLong(v9, v1, v1, v4, v1, v8, v5, v2);
-            C2[i] = packIntoLong(v2, v9, v1, v1, v4, v1, v8, v5);
-            C3[i] = packIntoLong(v5, v2, v9, v1, v1, v4, v1, v8);
-            C4[i] = packIntoLong(v8, v5, v2, v9, v1, v1, v4, v1);
-            C5[i] = packIntoLong(v1, v8, v5, v2, v9, v1, v1, v4);
-            C6[i] = packIntoLong(v4, v1, v8, v5, v2, v9, v1, v1);
-            C7[i] = packIntoLong(v1, v4, v1, v8, v5, v2, v9, v1);
-            
-        }
-        
-        _rc[0] = 0L;
-        for (int r = 1; r <= ROUNDS; r++)
-        {
-            int i = 8 * (r - 1);
-            _rc[r] =    (C0[i    ] & 0xff00000000000000L) ^ 
-                        (C1[i + 1] & 0x00ff000000000000L) ^ 
-                        (C2[i + 2] & 0x0000ff0000000000L) ^
-                        (C3[i + 3] & 0x000000ff00000000L) ^ 
-                        (C4[i + 4] & 0x00000000ff000000L) ^
-                        (C5[i + 5] & 0x0000000000ff0000L) ^
-                        (C6[i + 6] & 0x000000000000ff00L) ^ 
-                        (C7[i + 7] & 0x00000000000000ffL);
-        }
-        
-    }
-
-    private long packIntoLong(int b7, int b6, int b5, int b4, int b3, int b2, int b1, int b0)
-    {
-        return 
-                    ((long)b7 << 56) ^
-                    ((long)b6 << 48) ^
-                    ((long)b5 << 40) ^
-                    ((long)b4 << 32) ^
-                    ((long)b3 << 24) ^
-                    ((long)b2 << 16) ^
-                    ((long)b1 <<  8) ^
-                    b0;
-    }
-
-    /*
-     * int's are used to prevent sign extension.  The values that are really being used are
-     * actually just 0..255
-     */
-    private int maskWithReductionPolynomial(int input)
-    {
-        int rv = input;
-        if (rv >= 0x100L) // high bit set
-        {
-            rv ^= REDUCTION_POLYNOMIAL; // reduced by the polynomial
-        }
-        return rv;
-    }
-        
-    // --------------------------------------------------------------------------------------//
-    
-    // -- buffer information --
-    private static final int BITCOUNT_ARRAY_SIZE = 32;
-    private byte[]  _buffer    = new byte[64];
-    private int     _bufferPos = 0;
-    private short[] _bitCount  = new short[BITCOUNT_ARRAY_SIZE];
-    
-    // -- internal hash state --
-    private long[] _hash  = new long[8];
-    private long[] _K = new long[8]; // the round key
-    private long[] _L = new long[8];
-    private long[] _block = new long[8]; // mu (buffer)
-    private long[] _state = new long[8]; // the current "cipher" state
-    
-
-
-    /**
-     * Copy constructor. This will copy the state of the provided message
-     * digest.
-     */
-    public WhirlpoolDigest(WhirlpoolDigest originalDigest)
-    {
-        reset(originalDigest);
-    }
-
-    public String getAlgorithmName()
-    {
-        return "Whirlpool";
-    }
-
-    public int getDigestSize()
-    {
-        return DIGEST_LENGTH_BYTES;
-    }
-
-    public int doFinal(byte[] out, int outOff)
-    {
-        // sets out[outOff] .. out[outOff+DIGEST_LENGTH_BYTES]
-        finish();
-
-        for (int i = 0; i < 8; i++)
-        {
-            convertLongToByteArray(_hash[i], out, outOff + (i * 8));
-        }
-
-        reset();        
-        return getDigestSize();
-    }
-    
-    /**
-     * reset the chaining variables
-     */
-    public void reset()
-    {
-        // set variables to null, blank, whatever
-        _bufferPos = 0;
-        Arrays.fill(_bitCount, (short)0);
-        Arrays.fill(_buffer, (byte)0);
-        Arrays.fill(_hash, 0);
-        Arrays.fill(_K, 0);
-        Arrays.fill(_L, 0);
-        Arrays.fill(_block, 0);
-        Arrays.fill(_state, 0);
-    }
-
-    // this takes a buffer of information and fills the block
-    private void processFilledBuffer(byte[] in, int inOff)
-    {
-        // copies into the block...
-        for (int i = 0; i < _state.length; i++)
-        {
-            _block[i] = bytesToLongFromBuffer(_buffer, i * 8);
-        }
-        processBlock();
-        _bufferPos = 0;
-        Arrays.fill(_buffer, (byte)0);
-    }
-
-    private long bytesToLongFromBuffer(byte[] buffer, int startPos)
-    {
-        long rv = (((buffer[startPos + 0] & 0xffL) << 56) |
-                   ((buffer[startPos + 1] & 0xffL) << 48) |
-                   ((buffer[startPos + 2] & 0xffL) << 40) |
-                   ((buffer[startPos + 3] & 0xffL) << 32) |
-                   ((buffer[startPos + 4] & 0xffL) << 24) |
-                   ((buffer[startPos + 5] & 0xffL) << 16) |
-                   ((buffer[startPos + 6] & 0xffL) <<  8) |
-                   ((buffer[startPos + 7]) & 0xffL));
-        
-        return rv;
-    }
-
-    private void convertLongToByteArray(long inputLong, byte[] outputArray, int offSet)
-    {
-        for (int i = 0; i < 8; i++)
-        {
-            outputArray[offSet + i] = (byte)((inputLong >> (56 - (i * 8))) & 0xff);
-        }
-    }
-
-    protected void processBlock()
-    {
-        // buffer contents have been transferred to the _block[] array via
-        // processFilledBuffer
-        
-        // compute and apply K^0
-        for (int i = 0; i < 8; i++)
-        {
-            _state[i] = _block[i] ^ (_K[i] = _hash[i]);
-        }
-
-        // iterate over the rounds
-        for (int round = 1; round <= ROUNDS; round++)
-        {
-            for (int i = 0; i < 8; i++)
-            {
-                _L[i] = 0;
-                _L[i] ^= C0[(int)(_K[(i - 0) & 7] >>> 56) & 0xff];
-                _L[i] ^= C1[(int)(_K[(i - 1) & 7] >>> 48) & 0xff];
-                _L[i] ^= C2[(int)(_K[(i - 2) & 7] >>> 40) & 0xff];
-                _L[i] ^= C3[(int)(_K[(i - 3) & 7] >>> 32) & 0xff];
-                _L[i] ^= C4[(int)(_K[(i - 4) & 7] >>> 24) & 0xff];
-                _L[i] ^= C5[(int)(_K[(i - 5) & 7] >>> 16) & 0xff];
-                _L[i] ^= C6[(int)(_K[(i - 6) & 7] >>>  8) & 0xff];
-                _L[i] ^= C7[(int)(_K[(i - 7) & 7]) & 0xff];
-            }
-
-            System.arraycopy(_L, 0, _K, 0, _K.length);
-            
-            _K[0] ^= _rc[round];
-            
-            // apply the round transformation
-            for (int i = 0; i < 8; i++)
-            {
-                _L[i] = _K[i];
-                
-                _L[i] ^= C0[(int)(_state[(i - 0) & 7] >>> 56) & 0xff];
-                _L[i] ^= C1[(int)(_state[(i - 1) & 7] >>> 48) & 0xff];
-                _L[i] ^= C2[(int)(_state[(i - 2) & 7] >>> 40) & 0xff];
-                _L[i] ^= C3[(int)(_state[(i - 3) & 7] >>> 32) & 0xff];
-                _L[i] ^= C4[(int)(_state[(i - 4) & 7] >>> 24) & 0xff];
-                _L[i] ^= C5[(int)(_state[(i - 5) & 7] >>> 16) & 0xff];
-                _L[i] ^= C6[(int)(_state[(i - 6) & 7] >>> 8) & 0xff];
-                _L[i] ^= C7[(int)(_state[(i - 7) & 7]) & 0xff];
-            }
-            
-            // save the current state
-            System.arraycopy(_L, 0, _state, 0, _state.length);
-        }
-        
-        // apply Miuaguchi-Preneel compression
-        for (int i = 0; i < 8; i++)
-        {
-            _hash[i] ^= _state[i] ^ _block[i];
-        }
-        
-    }
-
-    public void update(byte in)
-    {
-        _buffer[_bufferPos] = in;
-
-        //System.out.println("adding to buffer = "+_buffer[_bufferPos]);
-        
-        ++_bufferPos;
-        
-        if (_bufferPos == _buffer.length)
-        {
-            processFilledBuffer(_buffer, 0);
-        }
-
-        increment();
-    }
-
-    /*
-     * increment() can be implemented in this way using 2 arrays or
-     * by having some temporary variables that are used to set the
-     * value provided by EIGHT[i] and carry within the loop.
-     * 
-     * not having done any timing, this seems likely to be faster
-     * at the slight expense of 32*(sizeof short) bytes
-     */
-    private static final short[] EIGHT = new short[BITCOUNT_ARRAY_SIZE];
-    static 
-    {
-        EIGHT[BITCOUNT_ARRAY_SIZE - 1] = 8;
-    }
-    
-    private void increment()
-    {
-        int carry = 0;
-        for (int i = _bitCount.length - 1; i >= 0; i--)
-        {
-            int sum = (_bitCount[i] & 0xff) + EIGHT[i] + carry;
-
-            carry = sum >>> 8;
-            _bitCount[i] = (short)(sum & 0xff);
-        }
-    }    
-    
-    public void update(byte[] in, int inOff, int len)
-    {
-        while (len > 0)
-        {
-            update(in[inOff]);
-            ++inOff;
-            --len;
-        }
-        
-    }
-    
-    private void finish()
-    {
-        /*
-         * this makes a copy of the current bit length. at the expense of an
-         * object creation of 32 bytes rather than providing a _stopCounting
-         * boolean which was the alternative I could think of.
-         */
-        byte[] bitLength = copyBitLength(); 
-        
-        _buffer[_bufferPos++] |= 0x80;
-
-        if (_bufferPos == _buffer.length)
-        {
-            processFilledBuffer(_buffer, 0);
-        }
-
-        /*
-         * Final block contains 
-         * [ ... data .... ][0][0][0][ length ]
-         * 
-         * if [ length ] cannot fit.  Need to create a new block.
-         */
-        if (_bufferPos > 32)
-        {
-            while (_bufferPos != 0)
-            {
-                update((byte)0);
-            }
-        }
-        
-        while (_bufferPos <= 32)
-        {
-            update((byte)0);
-        }
-        
-        // copy the length information to the final 32 bytes of the
-        // 64 byte block....
-        System.arraycopy(bitLength, 0, _buffer, 32, bitLength.length);
-        
-        processFilledBuffer(_buffer, 0);
-    }
-
-    private byte[] copyBitLength()
-    {
-        byte[] rv = new byte[BITCOUNT_ARRAY_SIZE];
-        for (int i = 0; i < rv.length; i++)
-        {
-            rv[i] = (byte)(_bitCount[i] & 0xff);
-        }
-        return rv;
-    }    
-    
-    public int getByteLength()
-    {
-        return BYTE_LENGTH;
-    }
-
-    public Memoable copy()
-    {
-        return new WhirlpoolDigest(this);
-    }
-
-    public void reset(Memoable other)
-    {
-        WhirlpoolDigest originalDigest = (WhirlpoolDigest)other;
-
-        System.arraycopy(originalDigest._rc, 0, _rc, 0, _rc.length);
-
-        System.arraycopy(originalDigest._buffer, 0, _buffer, 0, _buffer.length);
-
-        this._bufferPos = originalDigest._bufferPos;
-        System.arraycopy(originalDigest._bitCount, 0, _bitCount, 0, _bitCount.length);
-
-        // -- internal hash state --
-        System.arraycopy(originalDigest._hash, 0, _hash, 0, _hash.length);
-        System.arraycopy(originalDigest._K, 0, _K, 0, _K.length);
-        System.arraycopy(originalDigest._L, 0, _L, 0, _L.length);
-        System.arraycopy(originalDigest._block, 0, _block, 0, _block.length);
-        System.arraycopy(originalDigest._state, 0, _state, 0, _state.length);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/digests/package.html b/bcprov/src/main/java/org/bouncycastle/crypto/digests/package.html
deleted file mode 100644
index 0a0d95c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/digests/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Message digest classes.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/ec/CustomNamedCurves.java b/bcprov/src/main/java/org/bouncycastle/crypto/ec/CustomNamedCurves.java
index 186f5a6..006047c 100644
--- a/bcprov/src/main/java/org/bouncycastle/crypto/ec/CustomNamedCurves.java
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/ec/CustomNamedCurves.java

@@ -6,19 +6,22 @@
 import java.util.Vector;
 
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cryptlib.CryptlibObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cryptlib.CryptlibObjectIdentifiers;
 import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
 import org.bouncycastle.asn1.sec.SECObjectIdentifiers;
 import org.bouncycastle.asn1.x9.X9ECParameters;
 import org.bouncycastle.asn1.x9.X9ECParametersHolder;
 import org.bouncycastle.asn1.x9.X9ECPoint;
 import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.custom.djb.Curve25519;
-import org.bouncycastle.math.ec.custom.gm.SM2P256V1Curve;
-import org.bouncycastle.math.ec.custom.sec.SecP128R1Curve;
-import org.bouncycastle.math.ec.custom.sec.SecP160K1Curve;
-import org.bouncycastle.math.ec.custom.sec.SecP160R1Curve;
-import org.bouncycastle.math.ec.custom.sec.SecP160R2Curve;
+// BEGIN android-removed
+// import org.bouncycastle.math.ec.custom.djb.Curve25519;
+// import org.bouncycastle.math.ec.custom.gm.SM2P256V1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecP128R1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecP160K1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecP160R1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecP160R2Curve;
+// END android-removed
 import org.bouncycastle.math.ec.custom.sec.SecP192K1Curve;
 import org.bouncycastle.math.ec.custom.sec.SecP192R1Curve;
 import org.bouncycastle.math.ec.custom.sec.SecP224K1Curve;
@@ -27,24 +30,26 @@
 import org.bouncycastle.math.ec.custom.sec.SecP256R1Curve;
 import org.bouncycastle.math.ec.custom.sec.SecP384R1Curve;
 import org.bouncycastle.math.ec.custom.sec.SecP521R1Curve;
-import org.bouncycastle.math.ec.custom.sec.SecT113R1Curve;
-import org.bouncycastle.math.ec.custom.sec.SecT113R2Curve;
-import org.bouncycastle.math.ec.custom.sec.SecT131R1Curve;
-import org.bouncycastle.math.ec.custom.sec.SecT131R2Curve;
-import org.bouncycastle.math.ec.custom.sec.SecT163K1Curve;
-import org.bouncycastle.math.ec.custom.sec.SecT163R1Curve;
-import org.bouncycastle.math.ec.custom.sec.SecT163R2Curve;
-import org.bouncycastle.math.ec.custom.sec.SecT193R1Curve;
-import org.bouncycastle.math.ec.custom.sec.SecT193R2Curve;
-import org.bouncycastle.math.ec.custom.sec.SecT233K1Curve;
-import org.bouncycastle.math.ec.custom.sec.SecT233R1Curve;
-import org.bouncycastle.math.ec.custom.sec.SecT239K1Curve;
-import org.bouncycastle.math.ec.custom.sec.SecT283K1Curve;
-import org.bouncycastle.math.ec.custom.sec.SecT283R1Curve;
-import org.bouncycastle.math.ec.custom.sec.SecT409K1Curve;
-import org.bouncycastle.math.ec.custom.sec.SecT409R1Curve;
-import org.bouncycastle.math.ec.custom.sec.SecT571K1Curve;
-import org.bouncycastle.math.ec.custom.sec.SecT571R1Curve;
+// BEGIN android-removed
+// import org.bouncycastle.math.ec.custom.sec.SecT113R1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT113R2Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT131R1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT131R2Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT163K1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT163R1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT163R2Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT193R1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT193R2Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT233K1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT233R1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT239K1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT283K1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT283R1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT409K1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT409R1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT571K1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT571R1Curve;
+// END android-removed
 import org.bouncycastle.math.ec.endo.GLVTypeBEndomorphism;
 import org.bouncycastle.math.ec.endo.GLVTypeBParameters;
 import org.bouncycastle.util.Strings;
@@ -62,9 +67,11 @@
         return c.configure().setEndomorphism(new GLVTypeBEndomorphism(c, p)).create();
     }
 
+    // BEGIN Android-removed: Unsupported curves
+    /*
     /*
      * curve25519
-     */
+     *
     static X9ECParametersHolder curve25519 = new X9ECParametersHolder()
     {
         protected X9ECParameters createParameters()
@@ -80,7 +87,7 @@
              * point has. The choice here is guided by language in the Ed25519 paper.
              * 
              * (The other possible y value is 5F51E65E475F794B1FE122D388B72EB36DC2B28192839E4DD6163A5D81312C14) 
-             */
+             *
             X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
                 + "2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD245A"
                 + "20AE19A1B8A086B4E01EDD2C7748D14C923D4D7E6D7C61B229E9C5A27ECED3D9"));
@@ -91,7 +98,7 @@
 
     /*
      * secp128r1
-     */
+     *
     static X9ECParametersHolder secp128r1 = new X9ECParametersHolder()
     {
         protected X9ECParameters createParameters()
@@ -107,7 +114,7 @@
 
     /*
      * secp160k1
-     */
+     *
     static X9ECParametersHolder secp160k1 = new X9ECParametersHolder()
     {
         protected X9ECParameters createParameters()
@@ -135,7 +142,7 @@
 
     /*
      * secp160r1
-     */
+     *
     static X9ECParametersHolder secp160r1 = new X9ECParametersHolder()
     {
         protected X9ECParameters createParameters()
@@ -151,7 +158,7 @@
 
     /*
      * secp160r2
-     */
+     *
     static X9ECParametersHolder secp160r2 = new X9ECParametersHolder()
     {
         protected X9ECParameters createParameters()
@@ -164,6 +171,8 @@
             return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
         }
     };
+    */
+    // END Android-removed: Unsupported curves
 
     /*
      * secp192k1
@@ -329,9 +338,11 @@
         }
     };
 
+    // BEGIN Android-removed: Unsupported curves
+    /*
     /*
      * sect113r1
-     */
+     *
     static X9ECParametersHolder sect113r1 = new X9ECParametersHolder()
     {
         protected X9ECParameters createParameters()
@@ -347,7 +358,7 @@
 
     /*
      * sect113r2
-     */
+     *
     static X9ECParametersHolder sect113r2 = new X9ECParametersHolder()
     {
         protected X9ECParameters createParameters()
@@ -363,7 +374,7 @@
 
     /*
      * sect131r1
-     */
+     *
     static X9ECParametersHolder sect131r1 = new X9ECParametersHolder()
     {
         protected X9ECParameters createParameters()
@@ -379,7 +390,7 @@
 
     /*
      * sect131r2
-     */
+     *
     static X9ECParametersHolder sect131r2 = new X9ECParametersHolder()
     {
         protected X9ECParameters createParameters()
@@ -395,7 +406,7 @@
 
     /*
      * sect163k1
-     */
+     *
     static X9ECParametersHolder sect163k1 = new X9ECParametersHolder()
     {
         protected X9ECParameters createParameters()
@@ -411,7 +422,7 @@
 
     /*
      * sect163r1
-     */
+     *
     static X9ECParametersHolder sect163r1 = new X9ECParametersHolder()
     {
         protected X9ECParameters createParameters()
@@ -427,7 +438,7 @@
 
     /*
      * sect163r2
-     */
+     *
     static X9ECParametersHolder sect163r2 = new X9ECParametersHolder()
     {
         protected X9ECParameters createParameters()
@@ -443,7 +454,7 @@
 
     /*
      * sect193r1
-     */
+     *
     static X9ECParametersHolder sect193r1 = new X9ECParametersHolder()
     {
         protected X9ECParameters createParameters()
@@ -459,7 +470,7 @@
 
     /*
      * sect193r2
-     */
+     *
     static X9ECParametersHolder sect193r2 = new X9ECParametersHolder()
     {
         protected X9ECParameters createParameters()
@@ -475,7 +486,7 @@
 
     /*
      * sect233k1
-     */
+     *
     static X9ECParametersHolder sect233k1 = new X9ECParametersHolder()
     {
         protected X9ECParameters createParameters()
@@ -491,7 +502,7 @@
 
     /*
      * sect233r1
-     */
+     *
     static X9ECParametersHolder sect233r1 = new X9ECParametersHolder()
     {
         protected X9ECParameters createParameters()
@@ -507,7 +518,7 @@
 
     /*
      * sect239k1
-     */
+     *
     static X9ECParametersHolder sect239k1 = new X9ECParametersHolder()
     {
         protected X9ECParameters createParameters()
@@ -523,7 +534,7 @@
 
     /*
      * sect283k1
-     */
+     *
     static X9ECParametersHolder sect283k1 = new X9ECParametersHolder()
     {
         protected X9ECParameters createParameters()
@@ -539,7 +550,7 @@
 
     /*
      * sect283r1
-     */
+     *
     static X9ECParametersHolder sect283r1 = new X9ECParametersHolder()
     {
         protected X9ECParameters createParameters()
@@ -555,7 +566,7 @@
 
     /*
      * sect409k1
-     */
+     *
     static X9ECParametersHolder sect409k1 = new X9ECParametersHolder()
     {
         protected X9ECParameters createParameters()
@@ -571,7 +582,7 @@
 
     /*
      * sect409r1
-     */
+     *
     static X9ECParametersHolder sect409r1 = new X9ECParametersHolder()
     {
         protected X9ECParameters createParameters()
@@ -587,7 +598,7 @@
 
     /*
      * sect571k1
-     */
+     *
     static X9ECParametersHolder sect571k1 = new X9ECParametersHolder()
     {
         protected X9ECParameters createParameters()
@@ -603,7 +614,7 @@
 
     /*
      * sect571r1
-     */
+     *
     static X9ECParametersHolder sect571r1 = new X9ECParametersHolder()
     {
         protected X9ECParameters createParameters()
@@ -619,7 +630,7 @@
 
     /*
      * sm2p256v1
-     */
+     *
     static X9ECParametersHolder sm2p256v1 = new X9ECParametersHolder()
     {
         protected X9ECParameters createParameters()
@@ -632,6 +643,8 @@
             return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
         }
     };
+    */
+    // END Android-removed: Unsupported curves
 
     static final Hashtable nameToCurve = new Hashtable();
     static final Hashtable nameToOID = new Hashtable();
@@ -671,6 +684,8 @@
 
     static
     {
+        // BEGIN Android-removed: Unsupported curves
+        /*
         defineCurveWithOID("curve25519", CryptlibObjectIdentifiers.curvey25519, curve25519);
 
 //        defineCurveWithOID("secp112r1", SECObjectIdentifiers.secp112r1, secp112r1);
@@ -680,6 +695,8 @@
         defineCurveWithOID("secp160k1", SECObjectIdentifiers.secp160k1, secp160k1);
         defineCurveWithOID("secp160r1", SECObjectIdentifiers.secp160r1, secp160r1);
         defineCurveWithOID("secp160r2", SECObjectIdentifiers.secp160r2, secp160r2);
+        */
+        // END Android-removed: Unsupported curves
         defineCurveWithOID("secp192k1", SECObjectIdentifiers.secp192k1, secp192k1);
         defineCurveWithOID("secp192r1", SECObjectIdentifiers.secp192r1, secp192r1);
         defineCurveWithOID("secp224k1", SECObjectIdentifiers.secp224k1, secp224k1);
@@ -689,6 +706,8 @@
         defineCurveWithOID("secp384r1", SECObjectIdentifiers.secp384r1, secp384r1);
         defineCurveWithOID("secp521r1", SECObjectIdentifiers.secp521r1, secp521r1);
 
+        // BEGIN Android-removed: Unsupported curves
+        /*
         defineCurveWithOID("sect113r1", SECObjectIdentifiers.sect113r1, sect113r1);
         defineCurveWithOID("sect113r2", SECObjectIdentifiers.sect113r2, sect113r2);
         defineCurveWithOID("sect131r1", SECObjectIdentifiers.sect131r1, sect131r1);
@@ -721,6 +740,8 @@
         defineCurveAlias("K-283", SECObjectIdentifiers.sect283k1);
         defineCurveAlias("K-409", SECObjectIdentifiers.sect409k1);
         defineCurveAlias("K-571", SECObjectIdentifiers.sect571k1);
+        */
+        // END Android-removed: Unsupported curves
 
         defineCurveAlias("P-192", SECObjectIdentifiers.secp192r1);
         defineCurveAlias("P-224", SECObjectIdentifiers.secp224r1);

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECDecryptor.java b/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECDecryptor.java
deleted file mode 100644
index c4faf4c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECDecryptor.java
+++ /dev/null

@@ -1,11 +0,0 @@
-package org.bouncycastle.crypto.ec;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.math.ec.ECPoint;
-
-public interface ECDecryptor
-{
-    void init(CipherParameters params);
-
-    ECPoint decrypt(ECPair cipherText);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECElGamalDecryptor.java b/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECElGamalDecryptor.java
deleted file mode 100644
index bca958a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECElGamalDecryptor.java
+++ /dev/null

@@ -1,51 +0,0 @@
-package org.bouncycastle.crypto.ec;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.math.ec.ECAlgorithms;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECPoint;
-
-/**
- * this does your basic decryption ElGamal style using EC
- */
-public class ECElGamalDecryptor
-    implements ECDecryptor
-{
-    private ECPrivateKeyParameters key;
-
-    /**
-     * initialise the decryptor.
-     *
-     * @param param the necessary EC key parameters.
-     */
-    public void init(
-        CipherParameters param)
-    {
-        if (!(param instanceof ECPrivateKeyParameters))
-        {
-            throw new IllegalArgumentException("ECPrivateKeyParameters are required for decryption.");
-        }
-
-        this.key = (ECPrivateKeyParameters)param;
-    }
-
-    /**
-     * Decrypt an EC pair producing the original EC point.
-     *
-     * @param pair the EC point pair to process.
-     * @return the result of the Elgamal process.
-     */
-    public ECPoint decrypt(ECPair pair)
-    {
-        if (key == null)
-        {
-            throw new IllegalStateException("ECElGamalDecryptor not initialised");
-        }
-
-        ECCurve curve = key.getParameters().getCurve();
-        ECPoint tmp = ECAlgorithms.cleanPoint(curve, pair.getX()).multiply(key.getD());
-
-        return ECAlgorithms.cleanPoint(curve, pair.getY()).subtract(tmp).normalize();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECElGamalEncryptor.java b/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECElGamalEncryptor.java
deleted file mode 100644
index b43bfb2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECElGamalEncryptor.java
+++ /dev/null

@@ -1,88 +0,0 @@
-package org.bouncycastle.crypto.ec;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.math.ec.ECAlgorithms;
-import org.bouncycastle.math.ec.ECMultiplier;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.FixedPointCombMultiplier;
-
-/**
- * this does your basic ElGamal encryption algorithm using EC
- */
-public class ECElGamalEncryptor
-    implements ECEncryptor
-{
-    private ECPublicKeyParameters key;
-    private SecureRandom          random;
-
-    /**
-     * initialise the encryptor.
-     *
-     * @param param the necessary EC key parameters.
-     */
-    public void init(
-        CipherParameters    param)
-    {
-        if (param instanceof ParametersWithRandom)
-        {
-            ParametersWithRandom    p = (ParametersWithRandom)param;
-
-            if (!(p.getParameters() instanceof ECPublicKeyParameters))
-            {
-                throw new IllegalArgumentException("ECPublicKeyParameters are required for encryption.");
-            }
-            this.key = (ECPublicKeyParameters)p.getParameters();
-            this.random = p.getRandom();
-        }
-        else
-        {
-            if (!(param instanceof ECPublicKeyParameters))
-            {
-                throw new IllegalArgumentException("ECPublicKeyParameters are required for encryption.");
-            }
-
-            this.key = (ECPublicKeyParameters)param;
-            this.random = CryptoServicesRegistrar.getSecureRandom();
-        }
-    }
-
-    /**
-     * Process a single EC point using the basic ElGamal algorithm.
-     *
-     * @param point the EC point to process.
-     * @return the result of the Elgamal process.
-     */
-    public ECPair encrypt(ECPoint point)
-    {
-        if (key == null)
-        {
-            throw new IllegalStateException("ECElGamalEncryptor not initialised");
-        }
-
-        ECDomainParameters ec = key.getParameters();
-        BigInteger k = ECUtil.generateK(ec.getN(), random);
-
-        ECMultiplier basePointMultiplier = createBasePointMultiplier();
-
-        ECPoint[] gamma_phi = new ECPoint[]{
-            basePointMultiplier.multiply(ec.getG(), k),
-            key.getQ().multiply(k).add(ECAlgorithms.cleanPoint(ec.getCurve(), point))
-        };
-
-        ec.getCurve().normalizeAll(gamma_phi);
-
-        return new ECPair(gamma_phi[0], gamma_phi[1]);
-    }
-
-    protected ECMultiplier createBasePointMultiplier()
-    {
-        return new FixedPointCombMultiplier();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECEncryptor.java b/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECEncryptor.java
deleted file mode 100644
index 39704b9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECEncryptor.java
+++ /dev/null

@@ -1,11 +0,0 @@
-package org.bouncycastle.crypto.ec;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.math.ec.ECPoint;
-
-public interface ECEncryptor
-{
-    void init(CipherParameters params);
-
-    ECPair encrypt(ECPoint point);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECFixedTransform.java b/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECFixedTransform.java
deleted file mode 100644
index 5a36135..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECFixedTransform.java
+++ /dev/null

@@ -1,89 +0,0 @@
-package org.bouncycastle.crypto.ec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.math.ec.ECAlgorithms;
-import org.bouncycastle.math.ec.ECMultiplier;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.FixedPointCombMultiplier;
-
-/**
- * this transforms the original randomness used for an ElGamal encryption by a fixed value.
- */
-public class ECFixedTransform
-    implements ECPairFactorTransform
-{
-    private ECPublicKeyParameters key;
-
-    private BigInteger k;
-
-    public ECFixedTransform(BigInteger k)
-    {
-        this.k = k;
-    }
-
-    /**
-     * initialise the underlying EC ElGamal engine.
-     *
-     * @param param the necessary EC key parameters.
-     */
-    public void init(
-        CipherParameters    param)
-    {
-        if (!(param instanceof ECPublicKeyParameters))
-        {
-            throw new IllegalArgumentException("ECPublicKeyParameters are required for fixed transform.");
-        }
-
-        this.key = (ECPublicKeyParameters)param;
-    }
-
-    /**
-     * Transform an existing cipher text pair using the ElGamal algorithm. Note: it is assumed this
-     * transform has been initialised with the same public key that was used to create the original
-     * cipher text.
-     *
-     * @param cipherText the EC point to process.
-     * @return returns a new ECPair representing the result of the process.
-     */
-    public ECPair transform(ECPair cipherText)
-    {
-        if (key == null)
-        {
-            throw new IllegalStateException("ECFixedTransform not initialised");
-        }
-
-        ECDomainParameters ec = key.getParameters();
-        BigInteger n = ec.getN();
-
-        ECMultiplier basePointMultiplier = createBasePointMultiplier();
-        BigInteger k = this.k.mod(n);
-
-        ECPoint[] gamma_phi = new ECPoint[]{
-            basePointMultiplier.multiply(ec.getG(), k).add(ECAlgorithms.cleanPoint(ec.getCurve(), cipherText.getX())),
-            key.getQ().multiply(k).add(ECAlgorithms.cleanPoint(ec.getCurve(), cipherText.getY()))
-        };
-
-        ec.getCurve().normalizeAll(gamma_phi);
-
-        return new ECPair(gamma_phi[0], gamma_phi[1]);
-    }
-
-    /**
-     * Return the last transform value used by the transform
-     *
-     * @return a BigInteger representing k value.
-     */
-    public BigInteger getTransformValue()
-    {
-        return k;
-    }
-
-    protected ECMultiplier createBasePointMultiplier()
-    {
-        return new FixedPointCombMultiplier();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECNewPublicKeyTransform.java b/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECNewPublicKeyTransform.java
deleted file mode 100644
index dd9d112..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECNewPublicKeyTransform.java
+++ /dev/null

@@ -1,90 +0,0 @@
-package org.bouncycastle.crypto.ec;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.math.ec.ECAlgorithms;
-import org.bouncycastle.math.ec.ECMultiplier;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.FixedPointCombMultiplier;
-
-/**
- * this does your basic Elgamal encryption algorithm using EC
- */
-public class ECNewPublicKeyTransform
-    implements ECPairTransform
-{
-    private ECPublicKeyParameters key;
-    private SecureRandom          random;
-
-    /**
-     * initialise the EC Elgamal engine.
-     *
-     * @param param the necessary EC key parameters.
-     */
-    public void init(
-        CipherParameters    param)
-    {
-        if (param instanceof ParametersWithRandom)
-        {
-            ParametersWithRandom    p = (ParametersWithRandom)param;
-
-            if (!(p.getParameters() instanceof ECPublicKeyParameters))
-            {
-                throw new IllegalArgumentException("ECPublicKeyParameters are required for new public key transform.");
-            }
-            this.key = (ECPublicKeyParameters)p.getParameters();
-            this.random = p.getRandom();
-        }
-        else
-        {
-            if (!(param instanceof ECPublicKeyParameters))
-            {
-                throw new IllegalArgumentException("ECPublicKeyParameters are required for new public key transform.");
-            }
-
-            this.key = (ECPublicKeyParameters)param;
-            this.random = CryptoServicesRegistrar.getSecureRandom();
-        }
-    }
-
-    /**
-     * Transform an existing cipher text pair using the ElGamal algorithm. Note: the input cipherText will
-     * need to be preserved in order to complete the transformation to the new public key.
-     *
-     * @param cipherText the EC point to process.
-     * @return returns a new ECPair representing the result of the process.
-     */
-    public ECPair transform(ECPair cipherText)
-    {
-        if (key == null)
-        {
-            throw new IllegalStateException("ECNewPublicKeyTransform not initialised");
-        }
-
-        ECDomainParameters ec = key.getParameters();
-        BigInteger n = ec.getN();
-
-        ECMultiplier basePointMultiplier = createBasePointMultiplier();
-        BigInteger k = ECUtil.generateK(n, random);
-
-        ECPoint[] gamma_phi = new ECPoint[]{
-            basePointMultiplier.multiply(ec.getG(), k),
-            key.getQ().multiply(k).add(ECAlgorithms.cleanPoint(ec.getCurve(), cipherText.getY()))
-        };
-
-        ec.getCurve().normalizeAll(gamma_phi);
-
-        return new ECPair(gamma_phi[0], gamma_phi[1]);
-    }
-
-    protected ECMultiplier createBasePointMultiplier()
-    {
-        return new FixedPointCombMultiplier();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECNewRandomnessTransform.java b/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECNewRandomnessTransform.java
deleted file mode 100644
index ac6fde3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECNewRandomnessTransform.java
+++ /dev/null

@@ -1,107 +0,0 @@
-package org.bouncycastle.crypto.ec;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.math.ec.ECAlgorithms;
-import org.bouncycastle.math.ec.ECMultiplier;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.FixedPointCombMultiplier;
-
-/**
- * this transforms the original randomness used for an ElGamal encryption.
- */
-public class ECNewRandomnessTransform
-    implements ECPairFactorTransform
-{
-    private ECPublicKeyParameters key;
-    private SecureRandom          random;
-
-    private BigInteger            lastK;
-
-    /**
-     * initialise the underlying EC ElGamal engine.
-     *
-     * @param param the necessary EC key parameters.
-     */
-    public void init(
-        CipherParameters    param)
-    {
-        if (param instanceof ParametersWithRandom)
-        {
-            ParametersWithRandom    p = (ParametersWithRandom)param;
-
-            if (!(p.getParameters() instanceof ECPublicKeyParameters))
-            {
-                throw new IllegalArgumentException("ECPublicKeyParameters are required for new randomness transform.");
-            }
-
-            this.key = (ECPublicKeyParameters)p.getParameters();
-            this.random = p.getRandom();
-        }
-        else
-        {
-            if (!(param instanceof ECPublicKeyParameters))
-            {
-                throw new IllegalArgumentException("ECPublicKeyParameters are required for new randomness transform.");
-            }
-
-            this.key = (ECPublicKeyParameters)param;
-            this.random = CryptoServicesRegistrar.getSecureRandom();
-        }
-    }
-
-    /**
-     * Transform an existing cipher test pair using the ElGamal algorithm. Note: it is assumed this
-     * transform has been initialised with the same public key that was used to create the original
-     * cipher text.
-     *
-     * @param cipherText the EC point to process.
-     * @return returns a new ECPair representing the result of the process.
-     */
-    public ECPair transform(ECPair cipherText)
-    {
-        if (key == null)
-        {
-            throw new IllegalStateException("ECNewRandomnessTransform not initialised");
-        }
-
-
-        ECDomainParameters ec = key.getParameters();
-        BigInteger n = ec.getN();
-
-        ECMultiplier basePointMultiplier = createBasePointMultiplier();
-        BigInteger k = ECUtil.generateK(n, random);
-
-        ECPoint[] gamma_phi = new ECPoint[]{
-            basePointMultiplier.multiply(ec.getG(), k).add(ECAlgorithms.cleanPoint(ec.getCurve(), cipherText.getX())),
-            key.getQ().multiply(k).add(ECAlgorithms.cleanPoint(ec.getCurve(), cipherText.getY()))
-        };
-
-        ec.getCurve().normalizeAll(gamma_phi);
-
-        lastK = k;
-
-        return new ECPair(gamma_phi[0], gamma_phi[1]);
-    }
-
-    /**
-     * Return the last random value generated for a transform
-     *
-     * @return a BigInteger representing the last random value.
-     */
-    public BigInteger getTransformValue()
-    {
-        return lastK;
-    }
-
-    protected ECMultiplier createBasePointMultiplier()
-    {
-        return new FixedPointCombMultiplier();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECPair.java b/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECPair.java
deleted file mode 100644
index ea3b4b9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECPair.java
+++ /dev/null

@@ -1,40 +0,0 @@
-package org.bouncycastle.crypto.ec;
-
-import org.bouncycastle.math.ec.ECPoint;
-
-public class ECPair
-{
-    private final ECPoint x;
-    private final ECPoint y;
-
-    public ECPair(ECPoint x, ECPoint y)
-    {
-        this.x = x;
-        this.y = y;
-    }
-
-    public ECPoint getX()
-    {
-        return x;
-    }
-
-    public ECPoint getY()
-    {
-        return y;
-    }
-
-    public boolean equals(ECPair other)
-    {
-        return other.getX().equals(getX()) && other.getY().equals(getY());
-    }
-
-    public boolean equals(Object other)
-    {
-        return other instanceof ECPair ? equals((ECPair)other) : false;
-    }
-
-    public int hashCode()
-    {
-        return x.hashCode() + 37 * y.hashCode();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECPairFactorTransform.java b/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECPairFactorTransform.java
deleted file mode 100644
index be48551..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECPairFactorTransform.java
+++ /dev/null

@@ -1,14 +0,0 @@
-package org.bouncycastle.crypto.ec;
-
-import java.math.BigInteger;
-
-public interface ECPairFactorTransform
-    extends ECPairTransform
-{
-    /**
-     * Return the last value used to calculated a transform.
-     *
-     * @return a BigInteger representing the last transform value used.
-     */
-    BigInteger getTransformValue();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECPairTransform.java b/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECPairTransform.java
deleted file mode 100644
index e3f1787..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECPairTransform.java
+++ /dev/null

@@ -1,10 +0,0 @@
-package org.bouncycastle.crypto.ec;
-
-import org.bouncycastle.crypto.CipherParameters;
-
-public interface ECPairTransform
-{
-    void init(CipherParameters params);
-
-    ECPair transform(ECPair cipherText);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECUtil.java b/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECUtil.java
deleted file mode 100644
index ee75f31..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/ec/ECUtil.java
+++ /dev/null

@@ -1,22 +0,0 @@
-package org.bouncycastle.crypto.ec;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.util.BigIntegers;
-
-class ECUtil
-{
-    static BigInteger generateK(BigInteger n, SecureRandom random)
-    {
-        int nBitLength = n.bitLength();
-        BigInteger k;
-        do
-        {
-            k = BigIntegers.createRandomBigInteger(nBitLength, random);
-        }
-        while (k.equals(ECConstants.ZERO) || (k.compareTo(n) >= 0));
-        return k;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/ec/package.html b/bcprov/src/main/java/org/bouncycastle/crypto/ec/package.html
deleted file mode 100644
index 223823e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/ec/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Utility classes for support Elliptic Curve cryptographic transforms.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/ec/test/AllTests.java b/bcprov/src/main/java/org/bouncycastle/crypto/ec/test/AllTests.java
deleted file mode 100644
index 496f0a1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/ec/test/AllTests.java
+++ /dev/null

@@ -1,60 +0,0 @@
-package org.bouncycastle.crypto.ec.test;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.util.test.SimpleTestResult;
-
-public class AllTests
-    extends TestCase
-{
-    public void testCrypto()
-    {
-        org.bouncycastle.util.test.Test[] tests = { new ECElGamalTest(), new ECTransformationTest() };
-
-        for (int i = 0; i != tests.length; i++)
-        {
-            SimpleTestResult result = (SimpleTestResult)tests[i].perform();
-
-            if (!result.isSuccessful())
-            {
-                fail(result.toString());
-            }
-        }
-    }
-
-    public static void main (String[] args)
-    {
-        junit.textui.TestRunner.run(suite());
-    }
-
-    public static Test suite()
-    {
-        TestSuite suite = new TestSuite("Lightweight EC ElGamal Tests");
-
-        suite.addTestSuite(AllTests.class);
-
-        return new BCTestSetup(suite);
-    }
-
-    static class BCTestSetup
-        extends TestSetup
-    {
-        public BCTestSetup(Test test)
-        {
-            super(test);
-        }
-
-        protected void setUp()
-        {
-
-        }
-
-        protected void tearDown()
-        {
-
-        }
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/ec/test/ECElGamalTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/ec/test/ECElGamalTest.java
deleted file mode 100644
index 629c1a4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/ec/test/ECElGamalTest.java
+++ /dev/null

@@ -1,88 +0,0 @@
-package org.bouncycastle.crypto.ec.test;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.ec.ECDecryptor;
-import org.bouncycastle.crypto.ec.ECElGamalDecryptor;
-import org.bouncycastle.crypto.ec.ECElGamalEncryptor;
-import org.bouncycastle.crypto.ec.ECEncryptor;
-import org.bouncycastle.crypto.ec.ECPair;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class ECElGamalTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "ECElGamal";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        BigInteger n = new BigInteger("6277101735386680763835789423176059013767194773182842284081");
-
-        ECCurve.Fp curve = new ECCurve.Fp(
-            new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q
-            new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a
-            new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16), // b
-            n, ECConstants.ONE);
-
-        ECDomainParameters params = new ECDomainParameters(
-                curve,
-                curve.decodePoint(Hex.decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")), // G
-                n);
-
-        ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
-                    curve.decodePoint(Hex.decode("0262b12d60690cdcf330babab6e69763b471f994dd702d16a5")), // Q
-                    params);
-
-        ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
-            new BigInteger("651056770906015076056810763456358567190100156695615665659"), // d
-            params);
-
-        ParametersWithRandom pRandom = new ParametersWithRandom(pubKey, new SecureRandom());
-
-        doTest(priKey, pRandom, BigInteger.valueOf(20));
-
-        BigInteger rand = new BigInteger(pubKey.getParameters().getN().bitLength() - 1, new SecureRandom());
-
-        doTest(priKey, pRandom, rand);
-    }
-
-    private void doTest(ECPrivateKeyParameters priKey, ParametersWithRandom pRandom, BigInteger value)
-    {
-        ECPoint data = priKey.getParameters().getG().multiply(value);
-
-        ECEncryptor encryptor = new ECElGamalEncryptor();
-
-        encryptor.init(pRandom);
-
-        ECPair pair = encryptor.encrypt(data);
-
-        ECDecryptor decryptor = new ECElGamalDecryptor();
-
-        decryptor.init(priKey);
-
-        ECPoint result = decryptor.decrypt(pair);
-
-        if (!data.equals(result))
-        {
-            fail("point pair failed to decrypt back to original");
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new ECElGamalTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/ec/test/ECTransformationTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/ec/test/ECTransformationTest.java
deleted file mode 100644
index 96ada14..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/ec/test/ECTransformationTest.java
+++ /dev/null

@@ -1,149 +0,0 @@
-package org.bouncycastle.crypto.ec.test;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.ec.ECDecryptor;
-import org.bouncycastle.crypto.ec.ECElGamalDecryptor;
-import org.bouncycastle.crypto.ec.ECElGamalEncryptor;
-import org.bouncycastle.crypto.ec.ECEncryptor;
-import org.bouncycastle.crypto.ec.ECNewPublicKeyTransform;
-import org.bouncycastle.crypto.ec.ECNewRandomnessTransform;
-import org.bouncycastle.crypto.ec.ECPair;
-import org.bouncycastle.crypto.ec.ECPairTransform;
-import org.bouncycastle.crypto.generators.ECKeyPairGenerator;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECKeyGenerationParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class ECTransformationTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "ECTransformationTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        BigInteger n = new BigInteger("6277101735386680763835789423176059013767194773182842284081");
-
-        ECCurve.Fp curve = new ECCurve.Fp(
-            new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q
-            new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a
-            new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16), // b
-            n, ECConstants.ONE);
-
-        ECDomainParameters params = new ECDomainParameters(
-                curve,
-                curve.decodePoint(Hex.decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")), // G
-                n);
-
-        ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
-                    curve.decodePoint(Hex.decode("0262b12d60690cdcf330babab6e69763b471f994dd702d16a5")), // Q
-                    params);
-
-        ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
-            new BigInteger("651056770906015076056810763456358567190100156695615665659"), // d
-            params);
-
-
-        ParametersWithRandom pRandom = new ParametersWithRandom(pubKey, new SecureRandom());
-
-        doTest(priKey, pRandom, BigInteger.valueOf(20));
-
-        BigInteger rand = new BigInteger(pubKey.getParameters().getN().bitLength() - 1, new SecureRandom());
-
-        doTest(priKey, pRandom, rand);
-        doSameKeyTest(priKey, pRandom, rand);
-    }
-
-    private void doTest(ECPrivateKeyParameters priKey, ParametersWithRandom pRandom, BigInteger value)
-    {
-        ECPoint data = priKey.getParameters().getG().multiply(value);
-
-        ECEncryptor encryptor = new ECElGamalEncryptor();
-
-        encryptor.init(pRandom);
-
-        ECPair pair = encryptor.encrypt(data);
-
-        ECKeyPairGenerator ecGen = new ECKeyPairGenerator();
-
-        ecGen.init(new ECKeyGenerationParameters(priKey.getParameters(), new SecureRandom()));
-
-        AsymmetricCipherKeyPair reEncKP = ecGen.generateKeyPair();
-
-        ECPairTransform ecr = new ECNewPublicKeyTransform();
-
-        ecr.init(reEncKP.getPublic());
-
-        ECPair srcPair = pair;
-
-        // re-encrypt the message portion
-        pair = ecr.transform(srcPair);
-
-        ECDecryptor decryptor = new ECElGamalDecryptor();
-
-        decryptor.init(priKey);
-
-        // decrypt out the original private key
-        ECPoint p = decryptor.decrypt(new ECPair(srcPair.getX(), pair.getY()));
-
-        decryptor.init(reEncKP.getPrivate());
-
-        // decrypt the fully transformed point.
-        ECPoint result = decryptor.decrypt(new ECPair(pair.getX(), p));
-
-        if (!data.equals(result))
-        {
-            fail("point pair failed to decrypt back to original");
-        }
-    }
-
-    private void doSameKeyTest(ECPrivateKeyParameters priKey, ParametersWithRandom pRandom, BigInteger value)
-    {
-        ECPoint data = priKey.getParameters().getG().multiply(value);
-
-        ECEncryptor encryptor = new ECElGamalEncryptor();
-
-        encryptor.init(pRandom);
-
-        ECPair pair = encryptor.encrypt(data);
-
-        ECPairTransform ecr = new ECNewRandomnessTransform();
-
-        ecr.init(pRandom);
-
-        ECPair srcPair = pair;
-
-        // re-encrypt the message portion
-        pair = ecr.transform(srcPair);
-
-        ECDecryptor decryptor = new ECElGamalDecryptor();
-
-        decryptor.init(priKey);
-
-        // decrypt the fully transformed point.
-        ECPoint result = decryptor.decrypt(pair);
-
-        if (!data.equals(result))
-        {
-            fail("point pair failed to decrypt back to original");
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new ECTransformationTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/encodings/ISO9796d1Encoding.java b/bcprov/src/main/java/org/bouncycastle/crypto/encodings/ISO9796d1Encoding.java
deleted file mode 100644
index ec91e1a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/encodings/ISO9796d1Encoding.java
+++ /dev/null

@@ -1,287 +0,0 @@
-package org.bouncycastle.crypto.encodings;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.AsymmetricBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-
-/**
- * ISO 9796-1 padding. Note in the light of recent results you should
- * only use this with RSA (rather than the "simpler" Rabin keys) and you
- * should never use it with anything other than a hash (ie. even if the
- * message is small don't sign the message, sign it's hash) or some "random"
- * value. See your favorite search engine for details.
- */
-public class ISO9796d1Encoding
-    implements AsymmetricBlockCipher
-{
-    private static final BigInteger SIXTEEN = BigInteger.valueOf(16L);
-    private static final BigInteger SIX     = BigInteger.valueOf(6L);
-
-    private static byte[]    shadows = { 0xe, 0x3, 0x5, 0x8, 0x9, 0x4, 0x2, 0xf,
-                                    0x0, 0xd, 0xb, 0x6, 0x7, 0xa, 0xc, 0x1 };
-    private static byte[]    inverse = { 0x8, 0xf, 0x6, 0x1, 0x5, 0x2, 0xb, 0xc,
-                                    0x3, 0x4, 0xd, 0xa, 0xe, 0x9, 0x0, 0x7 };
-
-    private AsymmetricBlockCipher   engine;
-    private boolean                 forEncryption;
-    private int                     bitSize;
-    private int                     padBits = 0;
-    private BigInteger              modulus;
-
-    public ISO9796d1Encoding(
-        AsymmetricBlockCipher   cipher)
-    {
-        this.engine = cipher;
-    }
-
-    public AsymmetricBlockCipher getUnderlyingCipher()
-    {
-        return engine;
-    }
-
-    public void init(
-        boolean             forEncryption,
-        CipherParameters    param)
-    {
-        RSAKeyParameters  kParam = null;
-
-        if (param instanceof ParametersWithRandom)
-        {
-            ParametersWithRandom    rParam = (ParametersWithRandom)param;
-
-            kParam = (RSAKeyParameters)rParam.getParameters();
-        }
-        else
-        {
-            kParam = (RSAKeyParameters)param;
-        }
-
-        engine.init(forEncryption, param);
-
-        modulus = kParam.getModulus();
-        bitSize = modulus.bitLength();
-
-        this.forEncryption = forEncryption;
-    }
-
-    /**
-     * return the input block size. The largest message we can process
-     * is (key_size_in_bits + 3)/16, which in our world comes to
-     * key_size_in_bytes / 2.
-     */
-    public int getInputBlockSize()
-    {
-        int     baseBlockSize = engine.getInputBlockSize();
-
-        if (forEncryption)
-        {
-            return (baseBlockSize + 1) / 2;
-        }
-        else
-        {
-            return baseBlockSize;
-        }
-    }
-
-    /**
-     * return the maximum possible size for the output.
-     */
-    public int getOutputBlockSize()
-    {
-        int     baseBlockSize = engine.getOutputBlockSize();
-
-        if (forEncryption)
-        {
-            return baseBlockSize;
-        }
-        else
-        {
-            return (baseBlockSize + 1) / 2;
-        }
-    }
-
-    /**
-     * set the number of bits in the next message to be treated as
-     * pad bits.
-     */
-    public void setPadBits(
-        int     padBits)
-    {
-        if (padBits > 7)
-        {
-            throw new IllegalArgumentException("padBits > 7");
-        }
-
-        this.padBits = padBits;
-    }
-
-    /**
-     * retrieve the number of pad bits in the last decoded message.
-     */
-    public int getPadBits()
-    {
-        return padBits;
-    }
-
-    public byte[] processBlock(
-        byte[]  in,
-        int     inOff,
-        int     inLen)
-        throws InvalidCipherTextException
-    {
-        if (forEncryption)
-        {
-            return encodeBlock(in, inOff, inLen);
-        }
-        else
-        {
-            return decodeBlock(in, inOff, inLen);
-        }
-    }
-
-    private byte[] encodeBlock(
-        byte[]  in,
-        int     inOff,
-        int     inLen)
-        throws InvalidCipherTextException
-    {
-        byte[]  block = new byte[(bitSize + 7) / 8];
-        int     r = padBits + 1;
-        int     z = inLen;
-        int     t = (bitSize + 13) / 16;
-
-        for (int i = 0; i < t; i += z)
-        {
-            if (i > t - z)
-            {
-                System.arraycopy(in, inOff + inLen - (t - i),
-                                    block, block.length - t, t - i);
-            }
-            else
-            {
-                System.arraycopy(in, inOff, block, block.length - (i + z), z);
-            }
-        }
-
-        for (int i = block.length - 2 * t; i != block.length; i += 2)
-        {
-            byte    val = block[block.length - t + i / 2];
-
-            block[i] = (byte)((shadows[(val & 0xff) >>> 4] << 4)
-                                                | shadows[val & 0x0f]);
-            block[i + 1] = val;
-        }
-
-        block[block.length - 2 * z] ^= r;
-        block[block.length - 1] = (byte)((block[block.length - 1] << 4) | 0x06);
-
-        int maxBit = (8 - (bitSize - 1) % 8);
-        int offSet = 0;
-
-        if (maxBit != 8)
-        {
-            block[0] &= 0xff >>> maxBit;
-            block[0] |= 0x80 >>> maxBit;
-        }
-        else
-        {
-            block[0] = 0x00;
-            block[1] |= 0x80;
-            offSet = 1;
-        }
-
-        return engine.processBlock(block, offSet, block.length - offSet);
-    }
-
-    /**
-     * @exception InvalidCipherTextException if the decrypted block is not a valid ISO 9796 bit string
-     */
-    private byte[] decodeBlock(
-        byte[]  in,
-        int     inOff,
-        int     inLen)
-        throws InvalidCipherTextException
-    {
-        byte[]  block = engine.processBlock(in, inOff, inLen);
-        int     r = 1;
-        int     t = (bitSize + 13) / 16;
-
-        BigInteger iS = new BigInteger(1, block);
-        BigInteger iR;
-        if (iS.mod(SIXTEEN).equals(SIX))
-        {
-            iR = iS;
-        }
-        else if ((modulus.subtract(iS)).mod(SIXTEEN).equals(SIX))
-        {
-            iR = modulus.subtract(iS);
-        }
-        else
-        {
-            throw new InvalidCipherTextException("resulting integer iS or (modulus - iS) is not congruent to 6 mod 16");
-        }
-
-        block = convertOutputDecryptOnly(iR);
-
-        if ((block[block.length - 1] & 0x0f) != 0x6 )
-        {
-            throw new InvalidCipherTextException("invalid forcing byte in block");
-        }
-
-        block[block.length - 1] = (byte)(((block[block.length - 1] & 0xff) >>> 4) | ((inverse[(block[block.length - 2] & 0xff) >> 4]) << 4));
-        block[0] = (byte)((shadows[(block[1] & 0xff) >>> 4] << 4)
-                                                | shadows[block[1] & 0x0f]);
-
-        boolean boundaryFound = false;
-        int     boundary = 0;
-
-        for (int i = block.length - 1; i >= block.length - 2 * t; i -= 2)
-        {
-            int val = ((shadows[(block[i] & 0xff) >>> 4] << 4)
-                                        | shadows[block[i] & 0x0f]);
-
-            if (((block[i - 1] ^ val) & 0xff) != 0)
-            {
-                if (!boundaryFound)
-                {
-                    boundaryFound = true;
-                    r = (block[i - 1] ^ val) & 0xff;
-                    boundary = i - 1;
-                }
-                else
-                {
-                    throw new InvalidCipherTextException("invalid tsums in block");
-                }
-            }
-        }
-
-        block[boundary] = 0;
-
-        byte[]  nblock = new byte[(block.length - boundary) / 2];
-
-        for (int i = 0; i < nblock.length; i++)
-        {
-            nblock[i] = block[2 * i + boundary + 1];
-        }
-
-        padBits = r - 1;
-
-        return nblock;
-    }
-
-    private static byte[] convertOutputDecryptOnly(BigInteger result)
-    {
-        byte[] output = result.toByteArray();
-        if (output[0] == 0) // have ended up with an extra zero byte, copy down.
-        {
-            byte[] tmp = new byte[output.length - 1];
-            System.arraycopy(output, 1, tmp, 0, tmp.length);
-            return tmp;
-        }
-        return output;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/encodings/OAEPEncoding.java b/bcprov/src/main/java/org/bouncycastle/crypto/encodings/OAEPEncoding.java
index a0d9361..417161e 100644
--- a/bcprov/src/main/java/org/bouncycastle/crypto/encodings/OAEPEncoding.java
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/encodings/OAEPEncoding.java

@@ -9,7 +9,9 @@
 import org.bouncycastle.crypto.Digest;
 import org.bouncycastle.crypto.InvalidCipherTextException;
 import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.util.DigestFactory;
+// Android-changed: Use Android digests
+// import org.bouncycastle.crypto.util.DigestFactory;
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
 import org.bouncycastle.util.Arrays;
 
 /**
@@ -28,7 +30,9 @@
     public OAEPEncoding(
         AsymmetricBlockCipher   cipher)
     {
-        this(cipher, DigestFactory.createSHA1(), null);
+        // Android-changed: Use Android digests
+        // this(cipher, DigestFactory.createSHA1(), null);
+        this(cipher, AndroidDigestFactory.getSHA1(), null);
     }
     
     public OAEPEncoding(

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/encodings/package.html b/bcprov/src/main/java/org/bouncycastle/crypto/encodings/package.html
deleted file mode 100644
index fc56f63..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/encodings/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Block encodings for asymmetric ciphers.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/AESLightEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/AESLightEngine.java
deleted file mode 100644
index 8759578..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/AESLightEngine.java
+++ /dev/null

@@ -1,517 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Pack;
-
-/**
- * an implementation of the AES (Rijndael), from FIPS-197.
- * <p>
- * For further details see: <a href="http://csrc.nist.gov/encryption/aes/">http://csrc.nist.gov/encryption/aes/</a>.
- *
- * This implementation is based on optimizations from Dr. Brian Gladman's paper and C code at
- * <a href="http://fp.gladman.plus.com/cryptography_technology/rijndael/">http://fp.gladman.plus.com/cryptography_technology/rijndael/</a>
- *
- * There are three levels of tradeoff of speed vs memory
- * Because java has no preprocessor, they are written as three separate classes from which to choose
- *
- * The fastest uses 8Kbytes of static tables to precompute round calculations, 4 256 word tables for encryption
- * and 4 for decryption.
- *
- * The middle performance version uses only one 256 word table for each, for a total of 2Kbytes,
- * adding 12 rotate operations per round to compute the values contained in the other tables from
- * the contents of the first
- *
- * The slowest version uses no static tables at all and computes the values
- * in each round.
- * <p>
- * This file contains the slowest performance version with no static tables
- * for round precomputation, but it has the smallest foot print.
- *
- */
-public class AESLightEngine
-    implements BlockCipher
-{
-    // The S box
-    private static final byte[] S = {
-        (byte)99, (byte)124, (byte)119, (byte)123, (byte)242, (byte)107, (byte)111, (byte)197,
-        (byte)48,   (byte)1, (byte)103,  (byte)43, (byte)254, (byte)215, (byte)171, (byte)118,
-        (byte)202, (byte)130, (byte)201, (byte)125, (byte)250,  (byte)89,  (byte)71, (byte)240,
-        (byte)173, (byte)212, (byte)162, (byte)175, (byte)156, (byte)164, (byte)114, (byte)192,
-        (byte)183, (byte)253, (byte)147,  (byte)38,  (byte)54,  (byte)63, (byte)247, (byte)204,
-        (byte)52, (byte)165, (byte)229, (byte)241, (byte)113, (byte)216,  (byte)49,  (byte)21,
-        (byte)4, (byte)199,  (byte)35, (byte)195,  (byte)24, (byte)150,   (byte)5, (byte)154,
-        (byte)7,  (byte)18, (byte)128, (byte)226, (byte)235,  (byte)39, (byte)178, (byte)117,
-        (byte)9, (byte)131,  (byte)44,  (byte)26,  (byte)27, (byte)110,  (byte)90, (byte)160,
-        (byte)82,  (byte)59, (byte)214, (byte)179,  (byte)41, (byte)227,  (byte)47, (byte)132,
-        (byte)83, (byte)209,   (byte)0, (byte)237,  (byte)32, (byte)252, (byte)177,  (byte)91,
-        (byte)106, (byte)203, (byte)190,  (byte)57,  (byte)74,  (byte)76,  (byte)88, (byte)207,
-        (byte)208, (byte)239, (byte)170, (byte)251,  (byte)67,  (byte)77,  (byte)51, (byte)133,
-        (byte)69, (byte)249,   (byte)2, (byte)127,  (byte)80,  (byte)60, (byte)159, (byte)168,
-        (byte)81, (byte)163,  (byte)64, (byte)143, (byte)146, (byte)157,  (byte)56, (byte)245,
-        (byte)188, (byte)182, (byte)218,  (byte)33,  (byte)16, (byte)255, (byte)243, (byte)210,
-        (byte)205,  (byte)12,  (byte)19, (byte)236,  (byte)95, (byte)151,  (byte)68,  (byte)23,
-        (byte)196, (byte)167, (byte)126,  (byte)61, (byte)100,  (byte)93,  (byte)25, (byte)115,
-        (byte)96, (byte)129,  (byte)79, (byte)220,  (byte)34,  (byte)42, (byte)144, (byte)136,
-        (byte)70, (byte)238, (byte)184,  (byte)20, (byte)222,  (byte)94,  (byte)11, (byte)219,
-        (byte)224,  (byte)50,  (byte)58,  (byte)10,  (byte)73,   (byte)6,  (byte)36,  (byte)92,
-        (byte)194, (byte)211, (byte)172,  (byte)98, (byte)145, (byte)149, (byte)228, (byte)121,
-        (byte)231, (byte)200,  (byte)55, (byte)109, (byte)141, (byte)213,  (byte)78, (byte)169,
-        (byte)108,  (byte)86, (byte)244, (byte)234, (byte)101, (byte)122, (byte)174,   (byte)8,
-        (byte)186, (byte)120,  (byte)37,  (byte)46,  (byte)28, (byte)166, (byte)180, (byte)198,
-        (byte)232, (byte)221, (byte)116,  (byte)31,  (byte)75, (byte)189, (byte)139, (byte)138,
-        (byte)112,  (byte)62, (byte)181, (byte)102,  (byte)72,   (byte)3, (byte)246,  (byte)14,
-        (byte)97,  (byte)53,  (byte)87, (byte)185, (byte)134, (byte)193,  (byte)29, (byte)158,
-        (byte)225, (byte)248, (byte)152,  (byte)17, (byte)105, (byte)217, (byte)142, (byte)148,
-        (byte)155,  (byte)30, (byte)135, (byte)233, (byte)206,  (byte)85,  (byte)40, (byte)223,
-        (byte)140, (byte)161, (byte)137,  (byte)13, (byte)191, (byte)230,  (byte)66, (byte)104,
-        (byte)65, (byte)153,  (byte)45,  (byte)15, (byte)176,  (byte)84, (byte)187,  (byte)22,
-    };
-
-    // The inverse S-box
-    private static final byte[] Si = {
-        (byte)82,   (byte)9, (byte)106, (byte)213,  (byte)48,  (byte)54, (byte)165,  (byte)56,
-        (byte)191,  (byte)64, (byte)163, (byte)158, (byte)129, (byte)243, (byte)215, (byte)251,
-        (byte)124, (byte)227,  (byte)57, (byte)130, (byte)155,  (byte)47, (byte)255, (byte)135,
-        (byte)52, (byte)142,  (byte)67,  (byte)68, (byte)196, (byte)222, (byte)233, (byte)203,
-        (byte)84, (byte)123, (byte)148,  (byte)50, (byte)166, (byte)194,  (byte)35,  (byte)61,
-        (byte)238,  (byte)76, (byte)149,  (byte)11,  (byte)66, (byte)250, (byte)195,  (byte)78,
-        (byte)8,  (byte)46, (byte)161, (byte)102,  (byte)40, (byte)217,  (byte)36, (byte)178,
-        (byte)118,  (byte)91, (byte)162,  (byte)73, (byte)109, (byte)139, (byte)209,  (byte)37,
-        (byte)114, (byte)248, (byte)246, (byte)100, (byte)134, (byte)104, (byte)152,  (byte)22,
-        (byte)212, (byte)164,  (byte)92, (byte)204,  (byte)93, (byte)101, (byte)182, (byte)146,
-        (byte)108, (byte)112,  (byte)72,  (byte)80, (byte)253, (byte)237, (byte)185, (byte)218,
-        (byte)94,  (byte)21,  (byte)70,  (byte)87, (byte)167, (byte)141, (byte)157, (byte)132,
-        (byte)144, (byte)216, (byte)171,   (byte)0, (byte)140, (byte)188, (byte)211,  (byte)10,
-        (byte)247, (byte)228,  (byte)88,   (byte)5, (byte)184, (byte)179,  (byte)69,   (byte)6,
-        (byte)208,  (byte)44,  (byte)30, (byte)143, (byte)202,  (byte)63,  (byte)15,   (byte)2,
-        (byte)193, (byte)175, (byte)189,   (byte)3,   (byte)1,  (byte)19, (byte)138, (byte)107,
-        (byte)58, (byte)145,  (byte)17,  (byte)65,  (byte)79, (byte)103, (byte)220, (byte)234,
-        (byte)151, (byte)242, (byte)207, (byte)206, (byte)240, (byte)180, (byte)230, (byte)115,
-        (byte)150, (byte)172, (byte)116,  (byte)34, (byte)231, (byte)173,  (byte)53, (byte)133,
-        (byte)226, (byte)249,  (byte)55, (byte)232,  (byte)28, (byte)117, (byte)223, (byte)110,
-        (byte)71, (byte)241,  (byte)26, (byte)113,  (byte)29,  (byte)41, (byte)197, (byte)137,
-        (byte)111, (byte)183,  (byte)98,  (byte)14, (byte)170,  (byte)24, (byte)190,  (byte)27,
-        (byte)252,  (byte)86,  (byte)62,  (byte)75, (byte)198, (byte)210, (byte)121,  (byte)32,
-        (byte)154, (byte)219, (byte)192, (byte)254, (byte)120, (byte)205,  (byte)90, (byte)244,
-        (byte)31, (byte)221, (byte)168,  (byte)51, (byte)136,   (byte)7, (byte)199,  (byte)49,
-        (byte)177,  (byte)18,  (byte)16,  (byte)89,  (byte)39, (byte)128, (byte)236,  (byte)95,
-        (byte)96,  (byte)81, (byte)127, (byte)169,  (byte)25, (byte)181,  (byte)74,  (byte)13,
-        (byte)45, (byte)229, (byte)122, (byte)159, (byte)147, (byte)201, (byte)156, (byte)239,
-        (byte)160, (byte)224,  (byte)59,  (byte)77, (byte)174,  (byte)42, (byte)245, (byte)176,
-        (byte)200, (byte)235, (byte)187,  (byte)60, (byte)131,  (byte)83, (byte)153,  (byte)97,
-        (byte)23,  (byte)43,   (byte)4, (byte)126, (byte)186, (byte)119, (byte)214,  (byte)38,
-        (byte)225, (byte)105,  (byte)20,  (byte)99,  (byte)85,  (byte)33,  (byte)12, (byte)125,
-        };
-
-    // vector used in calculating key schedule (powers of x in GF(256))
-    private static final int[] rcon = {
-         0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a,
-         0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91 };
-
-    private static int shift(int r, int shift)
-    {
-        return (r >>> shift) | (r << -shift);
-    }
-
-    /* multiply four bytes in GF(2^8) by 'x' {02} in parallel */
-
-    private static final int m1 = 0x80808080;
-    private static final int m2 = 0x7f7f7f7f;
-    private static final int m3 = 0x0000001b;
-    private static final int m4 = 0xC0C0C0C0;
-    private static final int m5 = 0x3f3f3f3f;
-
-    private static int FFmulX(int x)
-    {
-        return (((x & m2) << 1) ^ (((x & m1) >>> 7) * m3));
-    }
-
-    private static int FFmulX2(int x)
-    {
-        int t0  = (x & m5) << 2;
-        int t1  = (x & m4);
-            t1 ^= (t1 >>> 1);
-        return t0 ^ (t1 >>> 2) ^ (t1 >>> 5);
-    }
-
-    /* 
-       The following defines provide alternative definitions of FFmulX that might
-       give improved performance if a fast 32-bit multiply is not available.
-       
-       private int FFmulX(int x) { int u = x & m1; u |= (u >> 1); return ((x & m2) << 1) ^ ((u >>> 3) | (u >>> 6)); } 
-       private static final int  m4 = 0x1b1b1b1b;
-       private int FFmulX(int x) { int u = x & m1; return ((x & m2) << 1) ^ ((u - (u >>> 7)) & m4); } 
-
-    */
-
-    private static int mcol(int x)
-    {
-        int t0, t1;
-        t0  = shift(x, 8);
-        t1  = x ^ t0;
-        return shift(t1, 16) ^ t0 ^ FFmulX(t1);
-    }
-
-    private static int inv_mcol(int x)
-    {
-        int t0, t1;
-        t0  = x;
-        t1  = t0 ^ shift(t0, 8);
-        t0 ^= FFmulX(t1);
-        t1 ^= FFmulX2(t0);
-        t0 ^= t1 ^ shift(t1, 16);
-        return t0;
-    }
-
-
-    private static int subWord(int x)
-    {
-        return (S[x&255]&255 | ((S[(x>>8)&255]&255)<<8) | ((S[(x>>16)&255]&255)<<16) | S[(x>>24)&255]<<24);
-    }
-
-    /**
-     * Calculate the necessary round keys
-     * The number of calculations depends on key size and block size
-     * AES specified a fixed block size of 128 bits and key sizes 128/192/256 bits
-     * This code is written assuming those are the only possible values
-     */
-    private int[][] generateWorkingKey(byte[] key, boolean forEncryption)
-    {
-        int keyLen = key.length;
-        if (keyLen < 16 || keyLen > 32 || (keyLen & 7) != 0)
-        {
-            throw new IllegalArgumentException("Key length not 128/192/256 bits.");
-        }
-
-        int KC = keyLen >> 2;
-        ROUNDS = KC + 6;  // This is not always true for the generalized Rijndael that allows larger block sizes
-        int[][] W = new int[ROUNDS+1][4];   // 4 words in a block
-
-        switch (KC)
-        {
-        case 4:
-        {
-            int t0 = Pack.littleEndianToInt(key,  0); W[0][0] = t0;
-            int t1 = Pack.littleEndianToInt(key,  4); W[0][1] = t1;
-            int t2 = Pack.littleEndianToInt(key,  8); W[0][2] = t2;
-            int t3 = Pack.littleEndianToInt(key, 12); W[0][3] = t3;
-
-            for (int i = 1; i <= 10; ++i)
-            {
-                int u = subWord(shift(t3, 8)) ^ rcon[i - 1];
-                t0 ^= u;  W[i][0] = t0;
-                t1 ^= t0; W[i][1] = t1;
-                t2 ^= t1; W[i][2] = t2;
-                t3 ^= t2; W[i][3] = t3;
-            }
-
-            break;
-        }
-        case 6:
-        {
-            int t0 = Pack.littleEndianToInt(key,  0); W[0][0] = t0;
-            int t1 = Pack.littleEndianToInt(key,  4); W[0][1] = t1;
-            int t2 = Pack.littleEndianToInt(key,  8); W[0][2] = t2;
-            int t3 = Pack.littleEndianToInt(key, 12); W[0][3] = t3;
-            int t4 = Pack.littleEndianToInt(key, 16); W[1][0] = t4;
-            int t5 = Pack.littleEndianToInt(key, 20); W[1][1] = t5;
-
-            int rcon = 1;
-            int u = subWord(shift(t5, 8)) ^ rcon; rcon <<= 1;
-            t0 ^= u;  W[1][2] = t0;
-            t1 ^= t0; W[1][3] = t1;
-            t2 ^= t1; W[2][0] = t2;
-            t3 ^= t2; W[2][1] = t3;
-            t4 ^= t3; W[2][2] = t4;
-            t5 ^= t4; W[2][3] = t5;
-
-            for (int i = 3; i < 12; i += 3)
-            {
-                u = subWord(shift(t5, 8)) ^ rcon; rcon <<= 1;
-                t0 ^= u;  W[i    ][0] = t0;
-                t1 ^= t0; W[i    ][1] = t1;
-                t2 ^= t1; W[i    ][2] = t2;
-                t3 ^= t2; W[i    ][3] = t3;
-                t4 ^= t3; W[i + 1][0] = t4;
-                t5 ^= t4; W[i + 1][1] = t5;
-                u = subWord(shift(t5, 8)) ^ rcon; rcon <<= 1;
-                t0 ^= u;  W[i + 1][2] = t0;
-                t1 ^= t0; W[i + 1][3] = t1;
-                t2 ^= t1; W[i + 2][0] = t2;
-                t3 ^= t2; W[i + 2][1] = t3;
-                t4 ^= t3; W[i + 2][2] = t4;
-                t5 ^= t4; W[i + 2][3] = t5;
-            }
-
-            u = subWord(shift(t5, 8)) ^ rcon;
-            t0 ^= u;  W[12][0] = t0;
-            t1 ^= t0; W[12][1] = t1;
-            t2 ^= t1; W[12][2] = t2;
-            t3 ^= t2; W[12][3] = t3;
-
-            break;
-        }
-        case 8:
-        {
-            int t0 = Pack.littleEndianToInt(key,  0); W[0][0] = t0;
-            int t1 = Pack.littleEndianToInt(key,  4); W[0][1] = t1;
-            int t2 = Pack.littleEndianToInt(key,  8); W[0][2] = t2;
-            int t3 = Pack.littleEndianToInt(key, 12); W[0][3] = t3;
-            int t4 = Pack.littleEndianToInt(key, 16); W[1][0] = t4;
-            int t5 = Pack.littleEndianToInt(key, 20); W[1][1] = t5;
-            int t6 = Pack.littleEndianToInt(key, 24); W[1][2] = t6;
-            int t7 = Pack.littleEndianToInt(key, 28); W[1][3] = t7;
-
-            int u, rcon = 1;
-
-            for (int i = 2; i < 14; i += 2)
-            {
-                u = subWord(shift(t7, 8)) ^ rcon; rcon <<= 1;
-                t0 ^= u;  W[i    ][0] = t0;
-                t1 ^= t0; W[i    ][1] = t1;
-                t2 ^= t1; W[i    ][2] = t2;
-                t3 ^= t2; W[i    ][3] = t3;
-                u = subWord(t3);
-                t4 ^= u;  W[i + 1][0] = t4;
-                t5 ^= t4; W[i + 1][1] = t5;
-                t6 ^= t5; W[i + 1][2] = t6;
-                t7 ^= t6; W[i + 1][3] = t7;
-            }
-
-            u = subWord(shift(t7, 8)) ^ rcon;
-            t0 ^= u;  W[14][0] = t0;
-            t1 ^= t0; W[14][1] = t1;
-            t2 ^= t1; W[14][2] = t2;
-            t3 ^= t2; W[14][3] = t3;
-
-            break;
-        }
-        default:
-        {
-            throw new IllegalStateException("Should never get here");
-        }
-        }
-
-        if (!forEncryption)
-        {
-            for (int j = 1; j < ROUNDS; j++)
-            {
-                for (int i = 0; i < 4; i++)
-                {
-                    W[j][i] = inv_mcol(W[j][i]);
-                }
-            }
-        }
-
-        return W;
-    }
-
-    private int         ROUNDS;
-    private int[][]     WorkingKey = null;
-    private int         C0, C1, C2, C3;
-    private boolean     forEncryption;
-
-    private static final int BLOCK_SIZE = 16;
-
-    /**
-     * default constructor - 128 bit block size.
-     */
-    public AESLightEngine()
-    {
-    }
-
-    /**
-     * initialise an AES cipher.
-     *
-     * @param forEncryption whether or not we are for encryption.
-     * @param params the parameters required to set up the cipher.
-     * @exception IllegalArgumentException if the params argument is
-     * inappropriate.
-     */
-    public void init(
-        boolean           forEncryption,
-        CipherParameters  params)
-    {
-        if (params instanceof KeyParameter)
-        {
-            WorkingKey = generateWorkingKey(((KeyParameter)params).getKey(), forEncryption);
-            this.forEncryption = forEncryption;
-            return;
-        }
-
-        throw new IllegalArgumentException("invalid parameter passed to AES init - " + params.getClass().getName());
-    }
-
-    public String getAlgorithmName()
-    {
-        return "AES";
-    }
-
-    public int getBlockSize()
-    {
-        return BLOCK_SIZE;
-    }
-
-    public int processBlock(
-        byte[] in,
-        int inOff,
-        byte[] out,
-        int outOff)
-    {
-        if (WorkingKey == null)
-        {
-            throw new IllegalStateException("AES engine not initialised");
-        }
-
-        if ((inOff + (32 / 2)) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-
-        if ((outOff + (32 / 2)) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-
-        if (forEncryption)
-        {
-            unpackBlock(in, inOff);
-            encryptBlock(WorkingKey);
-            packBlock(out, outOff);
-        }
-        else
-        {
-            unpackBlock(in, inOff);
-            decryptBlock(WorkingKey);
-            packBlock(out, outOff);
-        }
-
-        return BLOCK_SIZE;
-    }
-
-    public void reset()
-    {
-    }
-
-    private void unpackBlock(
-        byte[]      bytes,
-        int         off)
-    {
-        int     index = off;
-
-        C0 = (bytes[index++] & 0xff);
-        C0 |= (bytes[index++] & 0xff) << 8;
-        C0 |= (bytes[index++] & 0xff) << 16;
-        C0 |= bytes[index++] << 24;
-
-        C1 = (bytes[index++] & 0xff);
-        C1 |= (bytes[index++] & 0xff) << 8;
-        C1 |= (bytes[index++] & 0xff) << 16;
-        C1 |= bytes[index++] << 24;
-
-        C2 = (bytes[index++] & 0xff);
-        C2 |= (bytes[index++] & 0xff) << 8;
-        C2 |= (bytes[index++] & 0xff) << 16;
-        C2 |= bytes[index++] << 24;
-
-        C3 = (bytes[index++] & 0xff);
-        C3 |= (bytes[index++] & 0xff) << 8;
-        C3 |= (bytes[index++] & 0xff) << 16;
-        C3 |= bytes[index++] << 24;
-    }
-
-    private void packBlock(
-        byte[]      bytes,
-        int         off)
-    {
-        int     index = off;
-
-        bytes[index++] = (byte)C0;
-        bytes[index++] = (byte)(C0 >> 8);
-        bytes[index++] = (byte)(C0 >> 16);
-        bytes[index++] = (byte)(C0 >> 24);
-
-        bytes[index++] = (byte)C1;
-        bytes[index++] = (byte)(C1 >> 8);
-        bytes[index++] = (byte)(C1 >> 16);
-        bytes[index++] = (byte)(C1 >> 24);
-
-        bytes[index++] = (byte)C2;
-        bytes[index++] = (byte)(C2 >> 8);
-        bytes[index++] = (byte)(C2 >> 16);
-        bytes[index++] = (byte)(C2 >> 24);
-
-        bytes[index++] = (byte)C3;
-        bytes[index++] = (byte)(C3 >> 8);
-        bytes[index++] = (byte)(C3 >> 16);
-        bytes[index++] = (byte)(C3 >> 24);
-    }
-
-    private void encryptBlock(int[][] KW)
-    {
-        int t0 = this.C0 ^ KW[0][0];
-        int t1 = this.C1 ^ KW[0][1];
-        int t2 = this.C2 ^ KW[0][2];
-
-        int r = 1, r0, r1, r2, r3 = this.C3 ^ KW[0][3];
-        while (r < ROUNDS - 1)
-        {
-            r0 = mcol((S[t0&255]&255) ^ ((S[(t1>>8)&255]&255)<<8) ^ ((S[(t2>>16)&255]&255)<<16) ^ (S[(r3>>24)&255]<<24)) ^ KW[r][0];
-            r1 = mcol((S[t1&255]&255) ^ ((S[(t2>>8)&255]&255)<<8) ^ ((S[(r3>>16)&255]&255)<<16) ^ (S[(t0>>24)&255]<<24)) ^ KW[r][1];
-            r2 = mcol((S[t2&255]&255) ^ ((S[(r3>>8)&255]&255)<<8) ^ ((S[(t0>>16)&255]&255)<<16) ^ (S[(t1>>24)&255]<<24)) ^ KW[r][2];
-            r3 = mcol((S[r3&255]&255) ^ ((S[(t0>>8)&255]&255)<<8) ^ ((S[(t1>>16)&255]&255)<<16) ^ (S[(t2>>24)&255]<<24)) ^ KW[r++][3];
-            t0 = mcol((S[r0&255]&255) ^ ((S[(r1>>8)&255]&255)<<8) ^ ((S[(r2>>16)&255]&255)<<16) ^ (S[(r3>>24)&255]<<24)) ^ KW[r][0];
-            t1 = mcol((S[r1&255]&255) ^ ((S[(r2>>8)&255]&255)<<8) ^ ((S[(r3>>16)&255]&255)<<16) ^ (S[(r0>>24)&255]<<24)) ^ KW[r][1];
-            t2 = mcol((S[r2&255]&255) ^ ((S[(r3>>8)&255]&255)<<8) ^ ((S[(r0>>16)&255]&255)<<16) ^ (S[(r1>>24)&255]<<24)) ^ KW[r][2];
-            r3 = mcol((S[r3&255]&255) ^ ((S[(r0>>8)&255]&255)<<8) ^ ((S[(r1>>16)&255]&255)<<16) ^ (S[(r2>>24)&255]<<24)) ^ KW[r++][3];
-        }
-
-        r0 = mcol((S[t0&255]&255) ^ ((S[(t1>>8)&255]&255)<<8) ^ ((S[(t2>>16)&255]&255)<<16) ^ (S[(r3>>24)&255]<<24)) ^ KW[r][0];
-        r1 = mcol((S[t1&255]&255) ^ ((S[(t2>>8)&255]&255)<<8) ^ ((S[(r3>>16)&255]&255)<<16) ^ (S[(t0>>24)&255]<<24)) ^ KW[r][1];
-        r2 = mcol((S[t2&255]&255) ^ ((S[(r3>>8)&255]&255)<<8) ^ ((S[(t0>>16)&255]&255)<<16) ^ (S[(t1>>24)&255]<<24)) ^ KW[r][2];
-        r3 = mcol((S[r3&255]&255) ^ ((S[(t0>>8)&255]&255)<<8) ^ ((S[(t1>>16)&255]&255)<<16) ^ (S[(t2>>24)&255]<<24)) ^ KW[r++][3];
-
-        // the final round is a simple function of S
-
-        this.C0 = (S[r0&255]&255) ^ ((S[(r1>>8)&255]&255)<<8) ^ ((S[(r2>>16)&255]&255)<<16) ^ (S[(r3>>24)&255]<<24) ^ KW[r][0];
-        this.C1 = (S[r1&255]&255) ^ ((S[(r2>>8)&255]&255)<<8) ^ ((S[(r3>>16)&255]&255)<<16) ^ (S[(r0>>24)&255]<<24) ^ KW[r][1];
-        this.C2 = (S[r2&255]&255) ^ ((S[(r3>>8)&255]&255)<<8) ^ ((S[(r0>>16)&255]&255)<<16) ^ (S[(r1>>24)&255]<<24) ^ KW[r][2];
-        this.C3 = (S[r3&255]&255) ^ ((S[(r0>>8)&255]&255)<<8) ^ ((S[(r1>>16)&255]&255)<<16) ^ (S[(r2>>24)&255]<<24) ^ KW[r][3];
-    }
-
-    private void decryptBlock(int[][] KW)
-    {
-        int t0 = this.C0 ^ KW[ROUNDS][0];
-        int t1 = this.C1 ^ KW[ROUNDS][1];
-        int t2 = this.C2 ^ KW[ROUNDS][2];
-
-        int r = ROUNDS - 1, r0, r1, r2, r3 = this.C3 ^ KW[ROUNDS][3];
-        while (r > 1)
-        {
-            r0 = inv_mcol((Si[t0&255]&255) ^ ((Si[(r3>>8)&255]&255)<<8) ^ ((Si[(t2>>16)&255]&255)<<16) ^ (Si[(t1>>24)&255]<<24)) ^ KW[r][0];
-            r1 = inv_mcol((Si[t1&255]&255) ^ ((Si[(t0>>8)&255]&255)<<8) ^ ((Si[(r3>>16)&255]&255)<<16) ^ (Si[(t2>>24)&255]<<24)) ^ KW[r][1];
-            r2 = inv_mcol((Si[t2&255]&255) ^ ((Si[(t1>>8)&255]&255)<<8) ^ ((Si[(t0>>16)&255]&255)<<16) ^ (Si[(r3>>24)&255]<<24)) ^ KW[r][2];
-            r3 = inv_mcol((Si[r3&255]&255) ^ ((Si[(t2>>8)&255]&255)<<8) ^ ((Si[(t1>>16)&255]&255)<<16) ^ (Si[(t0>>24)&255]<<24)) ^ KW[r--][3];
-            t0 = inv_mcol((Si[r0&255]&255) ^ ((Si[(r3>>8)&255]&255)<<8) ^ ((Si[(r2>>16)&255]&255)<<16) ^ (Si[(r1>>24)&255]<<24)) ^ KW[r][0];
-            t1 = inv_mcol((Si[r1&255]&255) ^ ((Si[(r0>>8)&255]&255)<<8) ^ ((Si[(r3>>16)&255]&255)<<16) ^ (Si[(r2>>24)&255]<<24)) ^ KW[r][1];
-            t2 = inv_mcol((Si[r2&255]&255) ^ ((Si[(r1>>8)&255]&255)<<8) ^ ((Si[(r0>>16)&255]&255)<<16) ^ (Si[(r3>>24)&255]<<24)) ^ KW[r][2];
-            r3 = inv_mcol((Si[r3&255]&255) ^ ((Si[(r2>>8)&255]&255)<<8) ^ ((Si[(r1>>16)&255]&255)<<16) ^ (Si[(r0>>24)&255]<<24)) ^ KW[r--][3];
-        }
-
-        r0 = inv_mcol((Si[t0&255]&255) ^ ((Si[(r3>>8)&255]&255)<<8) ^ ((Si[(t2>>16)&255]&255)<<16) ^ (Si[(t1>>24)&255]<<24)) ^ KW[r][0];
-        r1 = inv_mcol((Si[t1&255]&255) ^ ((Si[(t0>>8)&255]&255)<<8) ^ ((Si[(r3>>16)&255]&255)<<16) ^ (Si[(t2>>24)&255]<<24)) ^ KW[r][1];
-        r2 = inv_mcol((Si[t2&255]&255) ^ ((Si[(t1>>8)&255]&255)<<8) ^ ((Si[(t0>>16)&255]&255)<<16) ^ (Si[(r3>>24)&255]<<24)) ^ KW[r][2];
-        r3 = inv_mcol((Si[r3&255]&255) ^ ((Si[(t2>>8)&255]&255)<<8) ^ ((Si[(t1>>16)&255]&255)<<16) ^ (Si[(t0>>24)&255]<<24)) ^ KW[r][3];
-
-        // the final round's table is a simple function of Si
-
-        this.C0 = (Si[r0&255]&255) ^ ((Si[(r3>>8)&255]&255)<<8) ^ ((Si[(r2>>16)&255]&255)<<16) ^ (Si[(r1>>24)&255]<<24) ^ KW[0][0];
-        this.C1 = (Si[r1&255]&255) ^ ((Si[(r0>>8)&255]&255)<<8) ^ ((Si[(r3>>16)&255]&255)<<16) ^ (Si[(r2>>24)&255]<<24) ^ KW[0][1];
-        this.C2 = (Si[r2&255]&255) ^ ((Si[(r1>>8)&255]&255)<<8) ^ ((Si[(r0>>16)&255]&255)<<16) ^ (Si[(r3>>24)&255]<<24) ^ KW[0][2];
-        this.C3 = (Si[r3&255]&255) ^ ((Si[(r2>>8)&255]&255)<<8) ^ ((Si[(r1>>16)&255]&255)<<16) ^ (Si[(r0>>24)&255]<<24) ^ KW[0][3];
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/AESWrapPadEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/AESWrapPadEngine.java
deleted file mode 100644
index 7776061..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/AESWrapPadEngine.java
+++ /dev/null

@@ -1,10 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-public class AESWrapPadEngine
-    extends RFC5649WrapEngine
-{
-    public AESWrapPadEngine()
-    {
-        super(new AESEngine());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/ARIAEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/ARIAEngine.java
deleted file mode 100644
index 6854f50..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/ARIAEngine.java
+++ /dev/null

@@ -1,424 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.encoders.Hex;
-
-/**
- * RFC 5794.
- * 
- * ARIA is a 128-bit block cipher with 128-, 192-, and 256-bit keys.
- */
-public class ARIAEngine
-    implements BlockCipher
-{
-    private static final byte[][] C = { Hex.decode("517cc1b727220a94fe13abe8fa9a6ee0"),
-        Hex.decode("6db14acc9e21c820ff28b1d5ef5de2b0"), Hex.decode("db92371d2126e9700324977504e8c90e") };
-
-    private static final byte[] SB1_sbox = { (byte)0x63, (byte)0x7c, (byte)0x77, (byte)0x7b, (byte)0xf2, (byte)0x6b,
-        (byte)0x6f, (byte)0xc5, (byte)0x30, (byte)0x01, (byte)0x67, (byte)0x2b, (byte)0xfe, (byte)0xd7, (byte)0xab,
-        (byte)0x76, (byte)0xca, (byte)0x82, (byte)0xc9, (byte)0x7d, (byte)0xfa, (byte)0x59, (byte)0x47, (byte)0xf0,
-        (byte)0xad, (byte)0xd4, (byte)0xa2, (byte)0xaf, (byte)0x9c, (byte)0xa4, (byte)0x72, (byte)0xc0, (byte)0xb7,
-        (byte)0xfd, (byte)0x93, (byte)0x26, (byte)0x36, (byte)0x3f, (byte)0xf7, (byte)0xcc, (byte)0x34, (byte)0xa5,
-        (byte)0xe5, (byte)0xf1, (byte)0x71, (byte)0xd8, (byte)0x31, (byte)0x15, (byte)0x04, (byte)0xc7, (byte)0x23,
-        (byte)0xc3, (byte)0x18, (byte)0x96, (byte)0x05, (byte)0x9a, (byte)0x07, (byte)0x12, (byte)0x80, (byte)0xe2,
-        (byte)0xeb, (byte)0x27, (byte)0xb2, (byte)0x75, (byte)0x09, (byte)0x83, (byte)0x2c, (byte)0x1a, (byte)0x1b,
-        (byte)0x6e, (byte)0x5a, (byte)0xa0, (byte)0x52, (byte)0x3b, (byte)0xd6, (byte)0xb3, (byte)0x29, (byte)0xe3,
-        (byte)0x2f, (byte)0x84, (byte)0x53, (byte)0xd1, (byte)0x00, (byte)0xed, (byte)0x20, (byte)0xfc, (byte)0xb1,
-        (byte)0x5b, (byte)0x6a, (byte)0xcb, (byte)0xbe, (byte)0x39, (byte)0x4a, (byte)0x4c, (byte)0x58, (byte)0xcf,
-        (byte)0xd0, (byte)0xef, (byte)0xaa, (byte)0xfb, (byte)0x43, (byte)0x4d, (byte)0x33, (byte)0x85, (byte)0x45,
-        (byte)0xf9, (byte)0x02, (byte)0x7f, (byte)0x50, (byte)0x3c, (byte)0x9f, (byte)0xa8, (byte)0x51, (byte)0xa3,
-        (byte)0x40, (byte)0x8f, (byte)0x92, (byte)0x9d, (byte)0x38, (byte)0xf5, (byte)0xbc, (byte)0xb6, (byte)0xda,
-        (byte)0x21, (byte)0x10, (byte)0xff, (byte)0xf3, (byte)0xd2, (byte)0xcd, (byte)0x0c, (byte)0x13, (byte)0xec,
-        (byte)0x5f, (byte)0x97, (byte)0x44, (byte)0x17, (byte)0xc4, (byte)0xa7, (byte)0x7e, (byte)0x3d, (byte)0x64,
-        (byte)0x5d, (byte)0x19, (byte)0x73, (byte)0x60, (byte)0x81, (byte)0x4f, (byte)0xdc, (byte)0x22, (byte)0x2a,
-        (byte)0x90, (byte)0x88, (byte)0x46, (byte)0xee, (byte)0xb8, (byte)0x14, (byte)0xde, (byte)0x5e, (byte)0x0b,
-        (byte)0xdb, (byte)0xe0, (byte)0x32, (byte)0x3a, (byte)0x0a, (byte)0x49, (byte)0x06, (byte)0x24, (byte)0x5c,
-        (byte)0xc2, (byte)0xd3, (byte)0xac, (byte)0x62, (byte)0x91, (byte)0x95, (byte)0xe4, (byte)0x79, (byte)0xe7,
-        (byte)0xc8, (byte)0x37, (byte)0x6d, (byte)0x8d, (byte)0xd5, (byte)0x4e, (byte)0xa9, (byte)0x6c, (byte)0x56,
-        (byte)0xf4, (byte)0xea, (byte)0x65, (byte)0x7a, (byte)0xae, (byte)0x08, (byte)0xba, (byte)0x78, (byte)0x25,
-        (byte)0x2e, (byte)0x1c, (byte)0xa6, (byte)0xb4, (byte)0xc6, (byte)0xe8, (byte)0xdd, (byte)0x74, (byte)0x1f,
-        (byte)0x4b, (byte)0xbd, (byte)0x8b, (byte)0x8a, (byte)0x70, (byte)0x3e, (byte)0xb5, (byte)0x66, (byte)0x48,
-        (byte)0x03, (byte)0xf6, (byte)0x0e, (byte)0x61, (byte)0x35, (byte)0x57, (byte)0xb9, (byte)0x86, (byte)0xc1,
-        (byte)0x1d, (byte)0x9e, (byte)0xe1, (byte)0xf8, (byte)0x98, (byte)0x11, (byte)0x69, (byte)0xd9, (byte)0x8e,
-        (byte)0x94, (byte)0x9b, (byte)0x1e, (byte)0x87, (byte)0xe9, (byte)0xce, (byte)0x55, (byte)0x28, (byte)0xdf,
-        (byte)0x8c, (byte)0xa1, (byte)0x89, (byte)0x0d, (byte)0xbf, (byte)0xe6, (byte)0x42, (byte)0x68, (byte)0x41,
-        (byte)0x99, (byte)0x2d, (byte)0x0f, (byte)0xb0, (byte)0x54, (byte)0xbb, (byte)0x16 };
-
-    private static final byte[] SB2_sbox = { (byte)0xe2, (byte)0x4e, (byte)0x54, (byte)0xfc, (byte)0x94, (byte)0xc2,
-        (byte)0x4a, (byte)0xcc, (byte)0x62, (byte)0x0d, (byte)0x6a, (byte)0x46, (byte)0x3c, (byte)0x4d, (byte)0x8b,
-        (byte)0xd1, (byte)0x5e, (byte)0xfa, (byte)0x64, (byte)0xcb, (byte)0xb4, (byte)0x97, (byte)0xbe, (byte)0x2b,
-        (byte)0xbc, (byte)0x77, (byte)0x2e, (byte)0x03, (byte)0xd3, (byte)0x19, (byte)0x59, (byte)0xc1, (byte)0x1d,
-        (byte)0x06, (byte)0x41, (byte)0x6b, (byte)0x55, (byte)0xf0, (byte)0x99, (byte)0x69, (byte)0xea, (byte)0x9c,
-        (byte)0x18, (byte)0xae, (byte)0x63, (byte)0xdf, (byte)0xe7, (byte)0xbb, (byte)0x00, (byte)0x73, (byte)0x66,
-        (byte)0xfb, (byte)0x96, (byte)0x4c, (byte)0x85, (byte)0xe4, (byte)0x3a, (byte)0x09, (byte)0x45, (byte)0xaa,
-        (byte)0x0f, (byte)0xee, (byte)0x10, (byte)0xeb, (byte)0x2d, (byte)0x7f, (byte)0xf4, (byte)0x29, (byte)0xac,
-        (byte)0xcf, (byte)0xad, (byte)0x91, (byte)0x8d, (byte)0x78, (byte)0xc8, (byte)0x95, (byte)0xf9, (byte)0x2f,
-        (byte)0xce, (byte)0xcd, (byte)0x08, (byte)0x7a, (byte)0x88, (byte)0x38, (byte)0x5c, (byte)0x83, (byte)0x2a,
-        (byte)0x28, (byte)0x47, (byte)0xdb, (byte)0xb8, (byte)0xc7, (byte)0x93, (byte)0xa4, (byte)0x12, (byte)0x53,
-        (byte)0xff, (byte)0x87, (byte)0x0e, (byte)0x31, (byte)0x36, (byte)0x21, (byte)0x58, (byte)0x48, (byte)0x01,
-        (byte)0x8e, (byte)0x37, (byte)0x74, (byte)0x32, (byte)0xca, (byte)0xe9, (byte)0xb1, (byte)0xb7, (byte)0xab,
-        (byte)0x0c, (byte)0xd7, (byte)0xc4, (byte)0x56, (byte)0x42, (byte)0x26, (byte)0x07, (byte)0x98, (byte)0x60,
-        (byte)0xd9, (byte)0xb6, (byte)0xb9, (byte)0x11, (byte)0x40, (byte)0xec, (byte)0x20, (byte)0x8c, (byte)0xbd,
-        (byte)0xa0, (byte)0xc9, (byte)0x84, (byte)0x04, (byte)0x49, (byte)0x23, (byte)0xf1, (byte)0x4f, (byte)0x50,
-        (byte)0x1f, (byte)0x13, (byte)0xdc, (byte)0xd8, (byte)0xc0, (byte)0x9e, (byte)0x57, (byte)0xe3, (byte)0xc3,
-        (byte)0x7b, (byte)0x65, (byte)0x3b, (byte)0x02, (byte)0x8f, (byte)0x3e, (byte)0xe8, (byte)0x25, (byte)0x92,
-        (byte)0xe5, (byte)0x15, (byte)0xdd, (byte)0xfd, (byte)0x17, (byte)0xa9, (byte)0xbf, (byte)0xd4, (byte)0x9a,
-        (byte)0x7e, (byte)0xc5, (byte)0x39, (byte)0x67, (byte)0xfe, (byte)0x76, (byte)0x9d, (byte)0x43, (byte)0xa7,
-        (byte)0xe1, (byte)0xd0, (byte)0xf5, (byte)0x68, (byte)0xf2, (byte)0x1b, (byte)0x34, (byte)0x70, (byte)0x05,
-        (byte)0xa3, (byte)0x8a, (byte)0xd5, (byte)0x79, (byte)0x86, (byte)0xa8, (byte)0x30, (byte)0xc6, (byte)0x51,
-        (byte)0x4b, (byte)0x1e, (byte)0xa6, (byte)0x27, (byte)0xf6, (byte)0x35, (byte)0xd2, (byte)0x6e, (byte)0x24,
-        (byte)0x16, (byte)0x82, (byte)0x5f, (byte)0xda, (byte)0xe6, (byte)0x75, (byte)0xa2, (byte)0xef, (byte)0x2c,
-        (byte)0xb2, (byte)0x1c, (byte)0x9f, (byte)0x5d, (byte)0x6f, (byte)0x80, (byte)0x0a, (byte)0x72, (byte)0x44,
-        (byte)0x9b, (byte)0x6c, (byte)0x90, (byte)0x0b, (byte)0x5b, (byte)0x33, (byte)0x7d, (byte)0x5a, (byte)0x52,
-        (byte)0xf3, (byte)0x61, (byte)0xa1, (byte)0xf7, (byte)0xb0, (byte)0xd6, (byte)0x3f, (byte)0x7c, (byte)0x6d,
-        (byte)0xed, (byte)0x14, (byte)0xe0, (byte)0xa5, (byte)0x3d, (byte)0x22, (byte)0xb3, (byte)0xf8, (byte)0x89,
-        (byte)0xde, (byte)0x71, (byte)0x1a, (byte)0xaf, (byte)0xba, (byte)0xb5, (byte)0x81 };
-
-    private static final byte[] SB3_sbox = { (byte)0x52, (byte)0x09, (byte)0x6a, (byte)0xd5, (byte)0x30, (byte)0x36,
-        (byte)0xa5, (byte)0x38, (byte)0xbf, (byte)0x40, (byte)0xa3, (byte)0x9e, (byte)0x81, (byte)0xf3, (byte)0xd7,
-        (byte)0xfb, (byte)0x7c, (byte)0xe3, (byte)0x39, (byte)0x82, (byte)0x9b, (byte)0x2f, (byte)0xff, (byte)0x87,
-        (byte)0x34, (byte)0x8e, (byte)0x43, (byte)0x44, (byte)0xc4, (byte)0xde, (byte)0xe9, (byte)0xcb, (byte)0x54,
-        (byte)0x7b, (byte)0x94, (byte)0x32, (byte)0xa6, (byte)0xc2, (byte)0x23, (byte)0x3d, (byte)0xee, (byte)0x4c,
-        (byte)0x95, (byte)0x0b, (byte)0x42, (byte)0xfa, (byte)0xc3, (byte)0x4e, (byte)0x08, (byte)0x2e, (byte)0xa1,
-        (byte)0x66, (byte)0x28, (byte)0xd9, (byte)0x24, (byte)0xb2, (byte)0x76, (byte)0x5b, (byte)0xa2, (byte)0x49,
-        (byte)0x6d, (byte)0x8b, (byte)0xd1, (byte)0x25, (byte)0x72, (byte)0xf8, (byte)0xf6, (byte)0x64, (byte)0x86,
-        (byte)0x68, (byte)0x98, (byte)0x16, (byte)0xd4, (byte)0xa4, (byte)0x5c, (byte)0xcc, (byte)0x5d, (byte)0x65,
-        (byte)0xb6, (byte)0x92, (byte)0x6c, (byte)0x70, (byte)0x48, (byte)0x50, (byte)0xfd, (byte)0xed, (byte)0xb9,
-        (byte)0xda, (byte)0x5e, (byte)0x15, (byte)0x46, (byte)0x57, (byte)0xa7, (byte)0x8d, (byte)0x9d, (byte)0x84,
-        (byte)0x90, (byte)0xd8, (byte)0xab, (byte)0x00, (byte)0x8c, (byte)0xbc, (byte)0xd3, (byte)0x0a, (byte)0xf7,
-        (byte)0xe4, (byte)0x58, (byte)0x05, (byte)0xb8, (byte)0xb3, (byte)0x45, (byte)0x06, (byte)0xd0, (byte)0x2c,
-        (byte)0x1e, (byte)0x8f, (byte)0xca, (byte)0x3f, (byte)0x0f, (byte)0x02, (byte)0xc1, (byte)0xaf, (byte)0xbd,
-        (byte)0x03, (byte)0x01, (byte)0x13, (byte)0x8a, (byte)0x6b, (byte)0x3a, (byte)0x91, (byte)0x11, (byte)0x41,
-        (byte)0x4f, (byte)0x67, (byte)0xdc, (byte)0xea, (byte)0x97, (byte)0xf2, (byte)0xcf, (byte)0xce, (byte)0xf0,
-        (byte)0xb4, (byte)0xe6, (byte)0x73, (byte)0x96, (byte)0xac, (byte)0x74, (byte)0x22, (byte)0xe7, (byte)0xad,
-        (byte)0x35, (byte)0x85, (byte)0xe2, (byte)0xf9, (byte)0x37, (byte)0xe8, (byte)0x1c, (byte)0x75, (byte)0xdf,
-        (byte)0x6e, (byte)0x47, (byte)0xf1, (byte)0x1a, (byte)0x71, (byte)0x1d, (byte)0x29, (byte)0xc5, (byte)0x89,
-        (byte)0x6f, (byte)0xb7, (byte)0x62, (byte)0x0e, (byte)0xaa, (byte)0x18, (byte)0xbe, (byte)0x1b, (byte)0xfc,
-        (byte)0x56, (byte)0x3e, (byte)0x4b, (byte)0xc6, (byte)0xd2, (byte)0x79, (byte)0x20, (byte)0x9a, (byte)0xdb,
-        (byte)0xc0, (byte)0xfe, (byte)0x78, (byte)0xcd, (byte)0x5a, (byte)0xf4, (byte)0x1f, (byte)0xdd, (byte)0xa8,
-        (byte)0x33, (byte)0x88, (byte)0x07, (byte)0xc7, (byte)0x31, (byte)0xb1, (byte)0x12, (byte)0x10, (byte)0x59,
-        (byte)0x27, (byte)0x80, (byte)0xec, (byte)0x5f, (byte)0x60, (byte)0x51, (byte)0x7f, (byte)0xa9, (byte)0x19,
-        (byte)0xb5, (byte)0x4a, (byte)0x0d, (byte)0x2d, (byte)0xe5, (byte)0x7a, (byte)0x9f, (byte)0x93, (byte)0xc9,
-        (byte)0x9c, (byte)0xef, (byte)0xa0, (byte)0xe0, (byte)0x3b, (byte)0x4d, (byte)0xae, (byte)0x2a, (byte)0xf5,
-        (byte)0xb0, (byte)0xc8, (byte)0xeb, (byte)0xbb, (byte)0x3c, (byte)0x83, (byte)0x53, (byte)0x99, (byte)0x61,
-        (byte)0x17, (byte)0x2b, (byte)0x04, (byte)0x7e, (byte)0xba, (byte)0x77, (byte)0xd6, (byte)0x26, (byte)0xe1,
-        (byte)0x69, (byte)0x14, (byte)0x63, (byte)0x55, (byte)0x21, (byte)0x0c, (byte)0x7d };
-
-    private static final byte[] SB4_sbox = { (byte)0x30, (byte)0x68, (byte)0x99, (byte)0x1b, (byte)0x87, (byte)0xb9,
-        (byte)0x21, (byte)0x78, (byte)0x50, (byte)0x39, (byte)0xdb, (byte)0xe1, (byte)0x72, (byte)0x9, (byte)0x62,
-        (byte)0x3c, (byte)0x3e, (byte)0x7e, (byte)0x5e, (byte)0x8e, (byte)0xf1, (byte)0xa0, (byte)0xcc, (byte)0xa3,
-        (byte)0x2a, (byte)0x1d, (byte)0xfb, (byte)0xb6, (byte)0xd6, (byte)0x20, (byte)0xc4, (byte)0x8d, (byte)0x81,
-        (byte)0x65, (byte)0xf5, (byte)0x89, (byte)0xcb, (byte)0x9d, (byte)0x77, (byte)0xc6, (byte)0x57, (byte)0x43,
-        (byte)0x56, (byte)0x17, (byte)0xd4, (byte)0x40, (byte)0x1a, (byte)0x4d, (byte)0xc0, (byte)0x63, (byte)0x6c,
-        (byte)0xe3, (byte)0xb7, (byte)0xc8, (byte)0x64, (byte)0x6a, (byte)0x53, (byte)0xaa, (byte)0x38, (byte)0x98,
-        (byte)0x0c, (byte)0xf4, (byte)0x9b, (byte)0xed, (byte)0x7f, (byte)0x22, (byte)0x76, (byte)0xaf, (byte)0xdd,
-        (byte)0x3a, (byte)0x0b, (byte)0x58, (byte)0x67, (byte)0x88, (byte)0x06, (byte)0xc3, (byte)0x35, (byte)0x0d,
-        (byte)0x01, (byte)0x8b, (byte)0x8c, (byte)0xc2, (byte)0xe6, (byte)0x5f, (byte)0x02, (byte)0x24, (byte)0x75,
-        (byte)0x93, (byte)0x66, (byte)0x1e, (byte)0xe5, (byte)0xe2, (byte)0x54, (byte)0xd8, (byte)0x10, (byte)0xce,
-        (byte)0x7a, (byte)0xe8, (byte)0x08, (byte)0x2c, (byte)0x12, (byte)0x97, (byte)0x32, (byte)0xab, (byte)0xb4,
-        (byte)0x27, (byte)0x0a, (byte)0x23, (byte)0xdf, (byte)0xef, (byte)0xca, (byte)0xd9, (byte)0xb8, (byte)0xfa,
-        (byte)0xdc, (byte)0x31, (byte)0x6b, (byte)0xd1, (byte)0xad, (byte)0x19, (byte)0x49, (byte)0xbd, (byte)0x51,
-        (byte)0x96, (byte)0xee, (byte)0xe4, (byte)0xa8, (byte)0x41, (byte)0xda, (byte)0xff, (byte)0xcd, (byte)0x55,
-        (byte)0x86, (byte)0x36, (byte)0xbe, (byte)0x61, (byte)0x52, (byte)0xf8, (byte)0xbb, (byte)0x0e, (byte)0x82,
-        (byte)0x48, (byte)0x69, (byte)0x9a, (byte)0xe0, (byte)0x47, (byte)0x9e, (byte)0x5c, (byte)0x04, (byte)0x4b,
-        (byte)0x34, (byte)0x15, (byte)0x79, (byte)0x26, (byte)0xa7, (byte)0xde, (byte)0x29, (byte)0xae, (byte)0x92,
-        (byte)0xd7, (byte)0x84, (byte)0xe9, (byte)0xd2, (byte)0xba, (byte)0x5d, (byte)0xf3, (byte)0xc5, (byte)0xb0,
-        (byte)0xbf, (byte)0xa4, (byte)0x3b, (byte)0x71, (byte)0x44, (byte)0x46, (byte)0x2b, (byte)0xfc, (byte)0xeb,
-        (byte)0x6f, (byte)0xd5, (byte)0xf6, (byte)0x14, (byte)0xfe, (byte)0x7c, (byte)0x70, (byte)0x5a, (byte)0x7d,
-        (byte)0xfd, (byte)0x2f, (byte)0x18, (byte)0x83, (byte)0x16, (byte)0xa5, (byte)0x91, (byte)0x1f, (byte)0x05,
-        (byte)0x95, (byte)0x74, (byte)0xa9, (byte)0xc1, (byte)0x5b, (byte)0x4a, (byte)0x85, (byte)0x6d, (byte)0x13,
-        (byte)0x07, (byte)0x4f, (byte)0x4e, (byte)0x45, (byte)0xb2, (byte)0x0f, (byte)0xc9, (byte)0x1c, (byte)0xa6,
-        (byte)0xbc, (byte)0xec, (byte)0x73, (byte)0x90, (byte)0x7b, (byte)0xcf, (byte)0x59, (byte)0x8f, (byte)0xa1,
-        (byte)0xf9, (byte)0x2d, (byte)0xf2, (byte)0xb1, (byte)0x00, (byte)0x94, (byte)0x37, (byte)0x9f, (byte)0xd0,
-        (byte)0x2e, (byte)0x9c, (byte)0x6e, (byte)0x28, (byte)0x3f, (byte)0x80, (byte)0xf0, (byte)0x3d, (byte)0xd3,
-        (byte)0x25, (byte)0x8a, (byte)0xb5, (byte)0xe7, (byte)0x42, (byte)0xb3, (byte)0xc7, (byte)0xea, (byte)0xf7,
-        (byte)0x4c, (byte)0x11, (byte)0x33, (byte)0x03, (byte)0xa2, (byte)0xac, (byte)0x60 };
-
-    protected static final int BLOCK_SIZE = 16;
-
-    private byte[][] roundKeys;
-    //private boolean forEncryption;
-
-    public void init(boolean forEncryption, CipherParameters params) throws IllegalArgumentException
-    {
-        if (!(params instanceof KeyParameter))
-        {
-            throw new IllegalArgumentException(
-                "invalid parameter passed to ARIA init - " + params.getClass().getName());
-        }
-
-        //this.forEncryption = forEncryption;
-        this.roundKeys = keySchedule(forEncryption, ((KeyParameter)params).getKey());
-    }
-
-    public String getAlgorithmName()
-    {
-        return "ARIA";
-    }
-
-    public int getBlockSize()
-    {
-        return BLOCK_SIZE;
-    }
-
-    public int processBlock(byte[] in, int inOff, byte[] out, int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        if (roundKeys == null)
-        {
-            throw new IllegalStateException("ARIA engine not initialised");
-        }
-        if (inOff > (in.length - BLOCK_SIZE))
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-        if (outOff > (out.length - BLOCK_SIZE))
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-
-        byte[] z = new byte[BLOCK_SIZE];
-        System.arraycopy(in, inOff, z, 0, BLOCK_SIZE);
-
-        int i = 0, rounds = roundKeys.length - 3;
-        while (i < rounds)
-        {
-            FO(z, roundKeys[i++]);
-            FE(z, roundKeys[i++]);
-        }
-
-        FO(z, roundKeys[i++]);
-        xor(z, roundKeys[i++]);
-        SL2(z);
-        xor(z, roundKeys[i]);
-
-        System.arraycopy(z, 0, out, outOff, BLOCK_SIZE);
-
-        return BLOCK_SIZE;
-    }
-
-    public void reset()
-    {
-        // Empty
-    }
-
-    protected static void A(byte[] z)
-    {
-        byte x0 = z[0], x1 = z[1], x2 = z[2], x3 = z[3], x4 = z[4], x5 = z[5], x6 = z[6], x7 = z[7], x8 = z[8],
-            x9 = z[9], x10 = z[10], x11 = z[11], x12 = z[12], x13 = z[13], x14 = z[14], x15 = z[15];
-
-        z[0] = (byte)(x3 ^ x4 ^ x6 ^ x8 ^ x9 ^ x13 ^ x14);
-        z[1] = (byte)(x2 ^ x5 ^ x7 ^ x8 ^ x9 ^ x12 ^ x15);
-        z[2] = (byte)(x1 ^ x4 ^ x6 ^ x10 ^ x11 ^ x12 ^ x15);
-        z[3] = (byte)(x0 ^ x5 ^ x7 ^ x10 ^ x11 ^ x13 ^ x14);
-        z[4] = (byte)(x0 ^ x2 ^ x5 ^ x8 ^ x11 ^ x14 ^ x15);
-        z[5] = (byte)(x1 ^ x3 ^ x4 ^ x9 ^ x10 ^ x14 ^ x15);
-        z[6] = (byte)(x0 ^ x2 ^ x7 ^ x9 ^ x10 ^ x12 ^ x13);
-        z[7] = (byte)(x1 ^ x3 ^ x6 ^ x8 ^ x11 ^ x12 ^ x13);
-        z[8] = (byte)(x0 ^ x1 ^ x4 ^ x7 ^ x10 ^ x13 ^ x15);
-        z[9] = (byte)(x0 ^ x1 ^ x5 ^ x6 ^ x11 ^ x12 ^ x14);
-        z[10] = (byte)(x2 ^ x3 ^ x5 ^ x6 ^ x8 ^ x13 ^ x15);
-        z[11] = (byte)(x2 ^ x3 ^ x4 ^ x7 ^ x9 ^ x12 ^ x14);
-        z[12] = (byte)(x1 ^ x2 ^ x6 ^ x7 ^ x9 ^ x11 ^ x12);
-        z[13] = (byte)(x0 ^ x3 ^ x6 ^ x7 ^ x8 ^ x10 ^ x13);
-        z[14] = (byte)(x0 ^ x3 ^ x4 ^ x5 ^ x9 ^ x11 ^ x14);
-        z[15] = (byte)(x1 ^ x2 ^ x4 ^ x5 ^ x8 ^ x10 ^ x15);
-    }
-
-    protected static void FE(byte[] D, byte[] RK)
-    {
-        xor(D, RK);
-        SL2(D);
-        A(D);
-    }
-
-    protected static void FO(byte[] D, byte[] RK)
-    {
-        xor(D, RK);
-        SL1(D);
-        A(D);
-    }
-
-    protected static byte[][] keySchedule(boolean forEncryption, byte[] K)
-    {
-        int keyLen = K.length;
-        if (keyLen < 16 || keyLen > 32 || (keyLen & 7) != 0)
-        {
-            throw new IllegalArgumentException("Key length not 128/192/256 bits.");
-        }
-
-        int keyLenIdx = (keyLen >>> 3) - 2;
-
-        byte[] CK1 = C[keyLenIdx];
-        byte[] CK2 = C[(keyLenIdx + 1) % 3];
-        byte[] CK3 = C[(keyLenIdx + 2) % 3];
-
-        byte[] KL = new byte[16], KR = new byte[16];
-        System.arraycopy(K, 0, KL, 0, 16);
-        System.arraycopy(K, 16, KR, 0, keyLen - 16);
-
-        byte[] W0 = new byte[16];
-        byte[] W1 = new byte[16];
-        byte[] W2 = new byte[16];
-        byte[] W3 = new byte[16];
-
-        System.arraycopy(KL, 0, W0, 0, 16);
-
-        System.arraycopy(W0, 0, W1, 0, 16);
-        FO(W1, CK1);
-        xor(W1, KR);
-
-        System.arraycopy(W1, 0, W2, 0, 16);
-        FE(W2, CK2);
-        xor(W2, W0);
-
-        System.arraycopy(W2, 0, W3, 0, 16);
-        FO(W3, CK3);
-        xor(W3, W1);
-
-        int numRounds = 12 + (keyLenIdx * 2);
-        byte[][] rks = new byte[numRounds + 1][16];
-
-        keyScheduleRound(rks[0], W0, W1, 19);
-        keyScheduleRound(rks[1], W1, W2, 19);
-        keyScheduleRound(rks[2], W2, W3, 19);
-        keyScheduleRound(rks[3], W3, W0, 19);
-
-        keyScheduleRound(rks[4], W0, W1, 31);
-        keyScheduleRound(rks[5], W1, W2, 31);
-        keyScheduleRound(rks[6], W2, W3, 31);
-        keyScheduleRound(rks[7], W3, W0, 31);
-
-        keyScheduleRound(rks[8], W0, W1, 67);
-        keyScheduleRound(rks[9], W1, W2, 67);
-        keyScheduleRound(rks[10], W2, W3, 67);
-        keyScheduleRound(rks[11], W3, W0, 67);
-
-        keyScheduleRound(rks[12], W0, W1, 97);
-        if (numRounds > 12)
-        {
-            keyScheduleRound(rks[13], W1, W2, 97);
-            keyScheduleRound(rks[14], W2, W3, 97);
-            if (numRounds > 14)
-            {
-                keyScheduleRound(rks[15], W3, W0, 97);
-
-                keyScheduleRound(rks[16], W0, W1, 109);
-            }
-        }
-
-        if (!forEncryption)
-        {
-            reverseKeys(rks);
-
-            for (int i = 1; i < numRounds; ++i)
-            {
-                A(rks[i]);
-            }
-        }
-
-        return rks;
-    }
-
-    protected static void keyScheduleRound(byte[] rk, byte[] w, byte[] wr, int n)
-    {
-        int off = n >>> 3, right = n & 7, left = 8 - right;
-
-        int hi = wr[15 - off] & 0xFF;
-
-        for (int to = 0; to < 16; ++to)
-        {
-            int lo = wr[(to - off) & 0xF] & 0xFF;
-
-            int b = (hi << left) | (lo >>> right);
-            b ^= (w[to] & 0xFF);
-
-            rk[to] = (byte)b;
-
-            hi = lo;
-        }
-    }
-
-    protected static void reverseKeys(byte[][] keys)
-    {
-        int length = keys.length, limit = length / 2, last = length - 1;
-        for (int i = 0; i < limit; ++i)
-        {
-            byte[] t = keys[i];
-            keys[i] = keys[last - i];
-            keys[last - i] = t;
-        }
-    }
-
-    protected static byte SB1(byte x)
-    {
-        return SB1_sbox[x & 0xFF];
-    }
-
-    protected static byte SB2(byte x)
-    {
-        return SB2_sbox[x & 0xFF];
-    }
-
-    protected static byte SB3(byte x)
-    {
-        return SB3_sbox[x & 0xFF];
-    }
-
-    protected static byte SB4(byte x)
-    {
-        return SB4_sbox[x & 0xFF];
-    }
-
-    protected static void SL1(byte[] z)
-    {
-        z[0] = SB1(z[0]);
-        z[1] = SB2(z[1]);
-        z[2] = SB3(z[2]);
-        z[3] = SB4(z[3]);
-        z[4] = SB1(z[4]);
-        z[5] = SB2(z[5]);
-        z[6] = SB3(z[6]);
-        z[7] = SB4(z[7]);
-        z[8] = SB1(z[8]);
-        z[9] = SB2(z[9]);
-        z[10] = SB3(z[10]);
-        z[11] = SB4(z[11]);
-        z[12] = SB1(z[12]);
-        z[13] = SB2(z[13]);
-        z[14] = SB3(z[14]);
-        z[15] = SB4(z[15]);
-    }
-
-    protected static void SL2(byte[] z)
-    {
-        z[0] = SB3(z[0]);
-        z[1] = SB4(z[1]);
-        z[2] = SB1(z[2]);
-        z[3] = SB2(z[3]);
-        z[4] = SB3(z[4]);
-        z[5] = SB4(z[5]);
-        z[6] = SB1(z[6]);
-        z[7] = SB2(z[7]);
-        z[8] = SB3(z[8]);
-        z[9] = SB4(z[9]);
-        z[10] = SB1(z[10]);
-        z[11] = SB2(z[11]);
-        z[12] = SB3(z[12]);
-        z[13] = SB4(z[13]);
-        z[14] = SB1(z[14]);
-        z[15] = SB2(z[15]);
-    }
-
-    protected static void xor(byte[] z, byte[] x)
-    {
-        for (int i = 0; i < 16; ++i)
-        {
-            z[i] ^= x[i];
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/ARIAWrapEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/ARIAWrapEngine.java
deleted file mode 100644
index 8630c89..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/ARIAWrapEngine.java
+++ /dev/null

@@ -1,29 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-/**
- * an implementation of the ARIA Key Wrapper from the NIST Key Wrap
- * Specification.
- * <p>
- * For further details see: <a href="http://csrc.nist.gov/encryption/kms/key-wrap.pdf">http://csrc.nist.gov/encryption/kms/key-wrap.pdf</a>.
- */
-public class ARIAWrapEngine
-    extends RFC3394WrapEngine
-{
-    /**
-     * Create a regular AESWrapEngine specifying the encrypt for wrapping, decrypt for unwrapping.
-     */
-    public ARIAWrapEngine()
-    {
-        super(new ARIAEngine());
-    }
-
-    /**
-     * Create an AESWrapEngine where the underlying cipher is set to decrypt for wrapping, encrypt for unwrapping.
-     *
-     * @param useReverseDirection true if underlying cipher should be used in decryption mode, false otherwise.
-     */
-    public ARIAWrapEngine(boolean useReverseDirection)
-    {
-        super(new ARIAEngine(), useReverseDirection);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/ARIAWrapPadEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/ARIAWrapPadEngine.java
deleted file mode 100644
index ac2b06b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/ARIAWrapPadEngine.java
+++ /dev/null

@@ -1,10 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-public class ARIAWrapPadEngine
-    extends RFC5649WrapEngine
-{
-    public ARIAWrapPadEngine()
-    {
-        super(new ARIAEngine());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/CAST5Engine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/CAST5Engine.java
deleted file mode 100644
index 4307676..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/CAST5Engine.java
+++ /dev/null

@@ -1,829 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.KeyParameter;
-
-/**
- * A class that provides CAST key encryption operations,
- * such as encoding data and generating keys.
- *
- * All the algorithms herein are from the Internet RFC's
- *
- * RFC2144 - CAST5 (64bit block, 40-128bit key)
- * RFC2612 - CAST6 (128bit block, 128-256bit key)
- *
- * and implement a simplified cryptography interface.
- */
-public class CAST5Engine
-    implements BlockCipher
-{
-    private final static int[]
-        S1 = {
-0x30fb40d4, 0x9fa0ff0b, 0x6beccd2f, 0x3f258c7a, 0x1e213f2f, 0x9c004dd3, 0x6003e540, 0xcf9fc949,
-0xbfd4af27, 0x88bbbdb5, 0xe2034090, 0x98d09675, 0x6e63a0e0, 0x15c361d2, 0xc2e7661d, 0x22d4ff8e,
-0x28683b6f, 0xc07fd059, 0xff2379c8, 0x775f50e2, 0x43c340d3, 0xdf2f8656, 0x887ca41a, 0xa2d2bd2d,
-0xa1c9e0d6, 0x346c4819, 0x61b76d87, 0x22540f2f, 0x2abe32e1, 0xaa54166b, 0x22568e3a, 0xa2d341d0,
-0x66db40c8, 0xa784392f, 0x004dff2f, 0x2db9d2de, 0x97943fac, 0x4a97c1d8, 0x527644b7, 0xb5f437a7,
-0xb82cbaef, 0xd751d159, 0x6ff7f0ed, 0x5a097a1f, 0x827b68d0, 0x90ecf52e, 0x22b0c054, 0xbc8e5935,
-0x4b6d2f7f, 0x50bb64a2, 0xd2664910, 0xbee5812d, 0xb7332290, 0xe93b159f, 0xb48ee411, 0x4bff345d,
-0xfd45c240, 0xad31973f, 0xc4f6d02e, 0x55fc8165, 0xd5b1caad, 0xa1ac2dae, 0xa2d4b76d, 0xc19b0c50,
-0x882240f2, 0x0c6e4f38, 0xa4e4bfd7, 0x4f5ba272, 0x564c1d2f, 0xc59c5319, 0xb949e354, 0xb04669fe,
-0xb1b6ab8a, 0xc71358dd, 0x6385c545, 0x110f935d, 0x57538ad5, 0x6a390493, 0xe63d37e0, 0x2a54f6b3,
-0x3a787d5f, 0x6276a0b5, 0x19a6fcdf, 0x7a42206a, 0x29f9d4d5, 0xf61b1891, 0xbb72275e, 0xaa508167,
-0x38901091, 0xc6b505eb, 0x84c7cb8c, 0x2ad75a0f, 0x874a1427, 0xa2d1936b, 0x2ad286af, 0xaa56d291,
-0xd7894360, 0x425c750d, 0x93b39e26, 0x187184c9, 0x6c00b32d, 0x73e2bb14, 0xa0bebc3c, 0x54623779,
-0x64459eab, 0x3f328b82, 0x7718cf82, 0x59a2cea6, 0x04ee002e, 0x89fe78e6, 0x3fab0950, 0x325ff6c2,
-0x81383f05, 0x6963c5c8, 0x76cb5ad6, 0xd49974c9, 0xca180dcf, 0x380782d5, 0xc7fa5cf6, 0x8ac31511,
-0x35e79e13, 0x47da91d0, 0xf40f9086, 0xa7e2419e, 0x31366241, 0x051ef495, 0xaa573b04, 0x4a805d8d,
-0x548300d0, 0x00322a3c, 0xbf64cddf, 0xba57a68e, 0x75c6372b, 0x50afd341, 0xa7c13275, 0x915a0bf5,
-0x6b54bfab, 0x2b0b1426, 0xab4cc9d7, 0x449ccd82, 0xf7fbf265, 0xab85c5f3, 0x1b55db94, 0xaad4e324,
-0xcfa4bd3f, 0x2deaa3e2, 0x9e204d02, 0xc8bd25ac, 0xeadf55b3, 0xd5bd9e98, 0xe31231b2, 0x2ad5ad6c,
-0x954329de, 0xadbe4528, 0xd8710f69, 0xaa51c90f, 0xaa786bf6, 0x22513f1e, 0xaa51a79b, 0x2ad344cc,
-0x7b5a41f0, 0xd37cfbad, 0x1b069505, 0x41ece491, 0xb4c332e6, 0x032268d4, 0xc9600acc, 0xce387e6d,
-0xbf6bb16c, 0x6a70fb78, 0x0d03d9c9, 0xd4df39de, 0xe01063da, 0x4736f464, 0x5ad328d8, 0xb347cc96,
-0x75bb0fc3, 0x98511bfb, 0x4ffbcc35, 0xb58bcf6a, 0xe11f0abc, 0xbfc5fe4a, 0xa70aec10, 0xac39570a,
-0x3f04442f, 0x6188b153, 0xe0397a2e, 0x5727cb79, 0x9ceb418f, 0x1cacd68d, 0x2ad37c96, 0x0175cb9d,
-0xc69dff09, 0xc75b65f0, 0xd9db40d8, 0xec0e7779, 0x4744ead4, 0xb11c3274, 0xdd24cb9e, 0x7e1c54bd,
-0xf01144f9, 0xd2240eb1, 0x9675b3fd, 0xa3ac3755, 0xd47c27af, 0x51c85f4d, 0x56907596, 0xa5bb15e6,
-0x580304f0, 0xca042cf1, 0x011a37ea, 0x8dbfaadb, 0x35ba3e4a, 0x3526ffa0, 0xc37b4d09, 0xbc306ed9,
-0x98a52666, 0x5648f725, 0xff5e569d, 0x0ced63d0, 0x7c63b2cf, 0x700b45e1, 0xd5ea50f1, 0x85a92872,
-0xaf1fbda7, 0xd4234870, 0xa7870bf3, 0x2d3b4d79, 0x42e04198, 0x0cd0ede7, 0x26470db8, 0xf881814c,
-0x474d6ad7, 0x7c0c5e5c, 0xd1231959, 0x381b7298, 0xf5d2f4db, 0xab838653, 0x6e2f1e23, 0x83719c9e,
-0xbd91e046, 0x9a56456e, 0xdc39200c, 0x20c8c571, 0x962bda1c, 0xe1e696ff, 0xb141ab08, 0x7cca89b9,
-0x1a69e783, 0x02cc4843, 0xa2f7c579, 0x429ef47d, 0x427b169c, 0x5ac9f049, 0xdd8f0f00, 0x5c8165bf
-             },
-        S2 = {
-0x1f201094, 0xef0ba75b, 0x69e3cf7e, 0x393f4380, 0xfe61cf7a, 0xeec5207a, 0x55889c94, 0x72fc0651,
-0xada7ef79, 0x4e1d7235, 0xd55a63ce, 0xde0436ba, 0x99c430ef, 0x5f0c0794, 0x18dcdb7d, 0xa1d6eff3,
-0xa0b52f7b, 0x59e83605, 0xee15b094, 0xe9ffd909, 0xdc440086, 0xef944459, 0xba83ccb3, 0xe0c3cdfb,
-0xd1da4181, 0x3b092ab1, 0xf997f1c1, 0xa5e6cf7b, 0x01420ddb, 0xe4e7ef5b, 0x25a1ff41, 0xe180f806,
-0x1fc41080, 0x179bee7a, 0xd37ac6a9, 0xfe5830a4, 0x98de8b7f, 0x77e83f4e, 0x79929269, 0x24fa9f7b,
-0xe113c85b, 0xacc40083, 0xd7503525, 0xf7ea615f, 0x62143154, 0x0d554b63, 0x5d681121, 0xc866c359,
-0x3d63cf73, 0xcee234c0, 0xd4d87e87, 0x5c672b21, 0x071f6181, 0x39f7627f, 0x361e3084, 0xe4eb573b,
-0x602f64a4, 0xd63acd9c, 0x1bbc4635, 0x9e81032d, 0x2701f50c, 0x99847ab4, 0xa0e3df79, 0xba6cf38c,
-0x10843094, 0x2537a95e, 0xf46f6ffe, 0xa1ff3b1f, 0x208cfb6a, 0x8f458c74, 0xd9e0a227, 0x4ec73a34,
-0xfc884f69, 0x3e4de8df, 0xef0e0088, 0x3559648d, 0x8a45388c, 0x1d804366, 0x721d9bfd, 0xa58684bb,
-0xe8256333, 0x844e8212, 0x128d8098, 0xfed33fb4, 0xce280ae1, 0x27e19ba5, 0xd5a6c252, 0xe49754bd,
-0xc5d655dd, 0xeb667064, 0x77840b4d, 0xa1b6a801, 0x84db26a9, 0xe0b56714, 0x21f043b7, 0xe5d05860,
-0x54f03084, 0x066ff472, 0xa31aa153, 0xdadc4755, 0xb5625dbf, 0x68561be6, 0x83ca6b94, 0x2d6ed23b,
-0xeccf01db, 0xa6d3d0ba, 0xb6803d5c, 0xaf77a709, 0x33b4a34c, 0x397bc8d6, 0x5ee22b95, 0x5f0e5304,
-0x81ed6f61, 0x20e74364, 0xb45e1378, 0xde18639b, 0x881ca122, 0xb96726d1, 0x8049a7e8, 0x22b7da7b,
-0x5e552d25, 0x5272d237, 0x79d2951c, 0xc60d894c, 0x488cb402, 0x1ba4fe5b, 0xa4b09f6b, 0x1ca815cf,
-0xa20c3005, 0x8871df63, 0xb9de2fcb, 0x0cc6c9e9, 0x0beeff53, 0xe3214517, 0xb4542835, 0x9f63293c,
-0xee41e729, 0x6e1d2d7c, 0x50045286, 0x1e6685f3, 0xf33401c6, 0x30a22c95, 0x31a70850, 0x60930f13,
-0x73f98417, 0xa1269859, 0xec645c44, 0x52c877a9, 0xcdff33a6, 0xa02b1741, 0x7cbad9a2, 0x2180036f,
-0x50d99c08, 0xcb3f4861, 0xc26bd765, 0x64a3f6ab, 0x80342676, 0x25a75e7b, 0xe4e6d1fc, 0x20c710e6,
-0xcdf0b680, 0x17844d3b, 0x31eef84d, 0x7e0824e4, 0x2ccb49eb, 0x846a3bae, 0x8ff77888, 0xee5d60f6,
-0x7af75673, 0x2fdd5cdb, 0xa11631c1, 0x30f66f43, 0xb3faec54, 0x157fd7fa, 0xef8579cc, 0xd152de58,
-0xdb2ffd5e, 0x8f32ce19, 0x306af97a, 0x02f03ef8, 0x99319ad5, 0xc242fa0f, 0xa7e3ebb0, 0xc68e4906,
-0xb8da230c, 0x80823028, 0xdcdef3c8, 0xd35fb171, 0x088a1bc8, 0xbec0c560, 0x61a3c9e8, 0xbca8f54d,
-0xc72feffa, 0x22822e99, 0x82c570b4, 0xd8d94e89, 0x8b1c34bc, 0x301e16e6, 0x273be979, 0xb0ffeaa6,
-0x61d9b8c6, 0x00b24869, 0xb7ffce3f, 0x08dc283b, 0x43daf65a, 0xf7e19798, 0x7619b72f, 0x8f1c9ba4,
-0xdc8637a0, 0x16a7d3b1, 0x9fc393b7, 0xa7136eeb, 0xc6bcc63e, 0x1a513742, 0xef6828bc, 0x520365d6,
-0x2d6a77ab, 0x3527ed4b, 0x821fd216, 0x095c6e2e, 0xdb92f2fb, 0x5eea29cb, 0x145892f5, 0x91584f7f,
-0x5483697b, 0x2667a8cc, 0x85196048, 0x8c4bacea, 0x833860d4, 0x0d23e0f9, 0x6c387e8a, 0x0ae6d249,
-0xb284600c, 0xd835731d, 0xdcb1c647, 0xac4c56ea, 0x3ebd81b3, 0x230eabb0, 0x6438bc87, 0xf0b5b1fa,
-0x8f5ea2b3, 0xfc184642, 0x0a036b7a, 0x4fb089bd, 0x649da589, 0xa345415e, 0x5c038323, 0x3e5d3bb9,
-0x43d79572, 0x7e6dd07c, 0x06dfdf1e, 0x6c6cc4ef, 0x7160a539, 0x73bfbe70, 0x83877605, 0x4523ecf1
-            },
-        S3 = {
-0x8defc240, 0x25fa5d9f, 0xeb903dbf, 0xe810c907, 0x47607fff, 0x369fe44b, 0x8c1fc644, 0xaececa90,
-0xbeb1f9bf, 0xeefbcaea, 0xe8cf1950, 0x51df07ae, 0x920e8806, 0xf0ad0548, 0xe13c8d83, 0x927010d5,
-0x11107d9f, 0x07647db9, 0xb2e3e4d4, 0x3d4f285e, 0xb9afa820, 0xfade82e0, 0xa067268b, 0x8272792e,
-0x553fb2c0, 0x489ae22b, 0xd4ef9794, 0x125e3fbc, 0x21fffcee, 0x825b1bfd, 0x9255c5ed, 0x1257a240,
-0x4e1a8302, 0xbae07fff, 0x528246e7, 0x8e57140e, 0x3373f7bf, 0x8c9f8188, 0xa6fc4ee8, 0xc982b5a5,
-0xa8c01db7, 0x579fc264, 0x67094f31, 0xf2bd3f5f, 0x40fff7c1, 0x1fb78dfc, 0x8e6bd2c1, 0x437be59b,
-0x99b03dbf, 0xb5dbc64b, 0x638dc0e6, 0x55819d99, 0xa197c81c, 0x4a012d6e, 0xc5884a28, 0xccc36f71,
-0xb843c213, 0x6c0743f1, 0x8309893c, 0x0feddd5f, 0x2f7fe850, 0xd7c07f7e, 0x02507fbf, 0x5afb9a04,
-0xa747d2d0, 0x1651192e, 0xaf70bf3e, 0x58c31380, 0x5f98302e, 0x727cc3c4, 0x0a0fb402, 0x0f7fef82,
-0x8c96fdad, 0x5d2c2aae, 0x8ee99a49, 0x50da88b8, 0x8427f4a0, 0x1eac5790, 0x796fb449, 0x8252dc15,
-0xefbd7d9b, 0xa672597d, 0xada840d8, 0x45f54504, 0xfa5d7403, 0xe83ec305, 0x4f91751a, 0x925669c2,
-0x23efe941, 0xa903f12e, 0x60270df2, 0x0276e4b6, 0x94fd6574, 0x927985b2, 0x8276dbcb, 0x02778176,
-0xf8af918d, 0x4e48f79e, 0x8f616ddf, 0xe29d840e, 0x842f7d83, 0x340ce5c8, 0x96bbb682, 0x93b4b148,
-0xef303cab, 0x984faf28, 0x779faf9b, 0x92dc560d, 0x224d1e20, 0x8437aa88, 0x7d29dc96, 0x2756d3dc,
-0x8b907cee, 0xb51fd240, 0xe7c07ce3, 0xe566b4a1, 0xc3e9615e, 0x3cf8209d, 0x6094d1e3, 0xcd9ca341,
-0x5c76460e, 0x00ea983b, 0xd4d67881, 0xfd47572c, 0xf76cedd9, 0xbda8229c, 0x127dadaa, 0x438a074e,
-0x1f97c090, 0x081bdb8a, 0x93a07ebe, 0xb938ca15, 0x97b03cff, 0x3dc2c0f8, 0x8d1ab2ec, 0x64380e51,
-0x68cc7bfb, 0xd90f2788, 0x12490181, 0x5de5ffd4, 0xdd7ef86a, 0x76a2e214, 0xb9a40368, 0x925d958f,
-0x4b39fffa, 0xba39aee9, 0xa4ffd30b, 0xfaf7933b, 0x6d498623, 0x193cbcfa, 0x27627545, 0x825cf47a,
-0x61bd8ba0, 0xd11e42d1, 0xcead04f4, 0x127ea392, 0x10428db7, 0x8272a972, 0x9270c4a8, 0x127de50b,
-0x285ba1c8, 0x3c62f44f, 0x35c0eaa5, 0xe805d231, 0x428929fb, 0xb4fcdf82, 0x4fb66a53, 0x0e7dc15b,
-0x1f081fab, 0x108618ae, 0xfcfd086d, 0xf9ff2889, 0x694bcc11, 0x236a5cae, 0x12deca4d, 0x2c3f8cc5,
-0xd2d02dfe, 0xf8ef5896, 0xe4cf52da, 0x95155b67, 0x494a488c, 0xb9b6a80c, 0x5c8f82bc, 0x89d36b45,
-0x3a609437, 0xec00c9a9, 0x44715253, 0x0a874b49, 0xd773bc40, 0x7c34671c, 0x02717ef6, 0x4feb5536,
-0xa2d02fff, 0xd2bf60c4, 0xd43f03c0, 0x50b4ef6d, 0x07478cd1, 0x006e1888, 0xa2e53f55, 0xb9e6d4bc,
-0xa2048016, 0x97573833, 0xd7207d67, 0xde0f8f3d, 0x72f87b33, 0xabcc4f33, 0x7688c55d, 0x7b00a6b0,
-0x947b0001, 0x570075d2, 0xf9bb88f8, 0x8942019e, 0x4264a5ff, 0x856302e0, 0x72dbd92b, 0xee971b69,
-0x6ea22fde, 0x5f08ae2b, 0xaf7a616d, 0xe5c98767, 0xcf1febd2, 0x61efc8c2, 0xf1ac2571, 0xcc8239c2,
-0x67214cb8, 0xb1e583d1, 0xb7dc3e62, 0x7f10bdce, 0xf90a5c38, 0x0ff0443d, 0x606e6dc6, 0x60543a49,
-0x5727c148, 0x2be98a1d, 0x8ab41738, 0x20e1be24, 0xaf96da0f, 0x68458425, 0x99833be5, 0x600d457d,
-0x282f9350, 0x8334b362, 0xd91d1120, 0x2b6d8da0, 0x642b1e31, 0x9c305a00, 0x52bce688, 0x1b03588a,
-0xf7baefd5, 0x4142ed9c, 0xa4315c11, 0x83323ec5, 0xdfef4636, 0xa133c501, 0xe9d3531c, 0xee353783
-            },
-        S4 = {
-0x9db30420, 0x1fb6e9de, 0xa7be7bef, 0xd273a298, 0x4a4f7bdb, 0x64ad8c57, 0x85510443, 0xfa020ed1,
-0x7e287aff, 0xe60fb663, 0x095f35a1, 0x79ebf120, 0xfd059d43, 0x6497b7b1, 0xf3641f63, 0x241e4adf,
-0x28147f5f, 0x4fa2b8cd, 0xc9430040, 0x0cc32220, 0xfdd30b30, 0xc0a5374f, 0x1d2d00d9, 0x24147b15,
-0xee4d111a, 0x0fca5167, 0x71ff904c, 0x2d195ffe, 0x1a05645f, 0x0c13fefe, 0x081b08ca, 0x05170121,
-0x80530100, 0xe83e5efe, 0xac9af4f8, 0x7fe72701, 0xd2b8ee5f, 0x06df4261, 0xbb9e9b8a, 0x7293ea25,
-0xce84ffdf, 0xf5718801, 0x3dd64b04, 0xa26f263b, 0x7ed48400, 0x547eebe6, 0x446d4ca0, 0x6cf3d6f5,
-0x2649abdf, 0xaea0c7f5, 0x36338cc1, 0x503f7e93, 0xd3772061, 0x11b638e1, 0x72500e03, 0xf80eb2bb,
-0xabe0502e, 0xec8d77de, 0x57971e81, 0xe14f6746, 0xc9335400, 0x6920318f, 0x081dbb99, 0xffc304a5,
-0x4d351805, 0x7f3d5ce3, 0xa6c866c6, 0x5d5bcca9, 0xdaec6fea, 0x9f926f91, 0x9f46222f, 0x3991467d,
-0xa5bf6d8e, 0x1143c44f, 0x43958302, 0xd0214eeb, 0x022083b8, 0x3fb6180c, 0x18f8931e, 0x281658e6,
-0x26486e3e, 0x8bd78a70, 0x7477e4c1, 0xb506e07c, 0xf32d0a25, 0x79098b02, 0xe4eabb81, 0x28123b23,
-0x69dead38, 0x1574ca16, 0xdf871b62, 0x211c40b7, 0xa51a9ef9, 0x0014377b, 0x041e8ac8, 0x09114003,
-0xbd59e4d2, 0xe3d156d5, 0x4fe876d5, 0x2f91a340, 0x557be8de, 0x00eae4a7, 0x0ce5c2ec, 0x4db4bba6,
-0xe756bdff, 0xdd3369ac, 0xec17b035, 0x06572327, 0x99afc8b0, 0x56c8c391, 0x6b65811c, 0x5e146119,
-0x6e85cb75, 0xbe07c002, 0xc2325577, 0x893ff4ec, 0x5bbfc92d, 0xd0ec3b25, 0xb7801ab7, 0x8d6d3b24,
-0x20c763ef, 0xc366a5fc, 0x9c382880, 0x0ace3205, 0xaac9548a, 0xeca1d7c7, 0x041afa32, 0x1d16625a,
-0x6701902c, 0x9b757a54, 0x31d477f7, 0x9126b031, 0x36cc6fdb, 0xc70b8b46, 0xd9e66a48, 0x56e55a79,
-0x026a4ceb, 0x52437eff, 0x2f8f76b4, 0x0df980a5, 0x8674cde3, 0xedda04eb, 0x17a9be04, 0x2c18f4df,
-0xb7747f9d, 0xab2af7b4, 0xefc34d20, 0x2e096b7c, 0x1741a254, 0xe5b6a035, 0x213d42f6, 0x2c1c7c26,
-0x61c2f50f, 0x6552daf9, 0xd2c231f8, 0x25130f69, 0xd8167fa2, 0x0418f2c8, 0x001a96a6, 0x0d1526ab,
-0x63315c21, 0x5e0a72ec, 0x49bafefd, 0x187908d9, 0x8d0dbd86, 0x311170a7, 0x3e9b640c, 0xcc3e10d7,
-0xd5cad3b6, 0x0caec388, 0xf73001e1, 0x6c728aff, 0x71eae2a1, 0x1f9af36e, 0xcfcbd12f, 0xc1de8417,
-0xac07be6b, 0xcb44a1d8, 0x8b9b0f56, 0x013988c3, 0xb1c52fca, 0xb4be31cd, 0xd8782806, 0x12a3a4e2,
-0x6f7de532, 0x58fd7eb6, 0xd01ee900, 0x24adffc2, 0xf4990fc5, 0x9711aac5, 0x001d7b95, 0x82e5e7d2,
-0x109873f6, 0x00613096, 0xc32d9521, 0xada121ff, 0x29908415, 0x7fbb977f, 0xaf9eb3db, 0x29c9ed2a,
-0x5ce2a465, 0xa730f32c, 0xd0aa3fe8, 0x8a5cc091, 0xd49e2ce7, 0x0ce454a9, 0xd60acd86, 0x015f1919,
-0x77079103, 0xdea03af6, 0x78a8565e, 0xdee356df, 0x21f05cbe, 0x8b75e387, 0xb3c50651, 0xb8a5c3ef,
-0xd8eeb6d2, 0xe523be77, 0xc2154529, 0x2f69efdf, 0xafe67afb, 0xf470c4b2, 0xf3e0eb5b, 0xd6cc9876,
-0x39e4460c, 0x1fda8538, 0x1987832f, 0xca007367, 0xa99144f8, 0x296b299e, 0x492fc295, 0x9266beab,
-0xb5676e69, 0x9bd3ddda, 0xdf7e052f, 0xdb25701c, 0x1b5e51ee, 0xf65324e6, 0x6afce36c, 0x0316cc04,
-0x8644213e, 0xb7dc59d0, 0x7965291f, 0xccd6fd43, 0x41823979, 0x932bcdf6, 0xb657c34d, 0x4edfd282,
-0x7ae5290c, 0x3cb9536b, 0x851e20fe, 0x9833557e, 0x13ecf0b0, 0xd3ffb372, 0x3f85c5c1, 0x0aef7ed2
-            },
-        S5 = {
-0x7ec90c04, 0x2c6e74b9, 0x9b0e66df, 0xa6337911, 0xb86a7fff, 0x1dd358f5, 0x44dd9d44, 0x1731167f,
-0x08fbf1fa, 0xe7f511cc, 0xd2051b00, 0x735aba00, 0x2ab722d8, 0x386381cb, 0xacf6243a, 0x69befd7a,
-0xe6a2e77f, 0xf0c720cd, 0xc4494816, 0xccf5c180, 0x38851640, 0x15b0a848, 0xe68b18cb, 0x4caadeff,
-0x5f480a01, 0x0412b2aa, 0x259814fc, 0x41d0efe2, 0x4e40b48d, 0x248eb6fb, 0x8dba1cfe, 0x41a99b02,
-0x1a550a04, 0xba8f65cb, 0x7251f4e7, 0x95a51725, 0xc106ecd7, 0x97a5980a, 0xc539b9aa, 0x4d79fe6a,
-0xf2f3f763, 0x68af8040, 0xed0c9e56, 0x11b4958b, 0xe1eb5a88, 0x8709e6b0, 0xd7e07156, 0x4e29fea7,
-0x6366e52d, 0x02d1c000, 0xc4ac8e05, 0x9377f571, 0x0c05372a, 0x578535f2, 0x2261be02, 0xd642a0c9,
-0xdf13a280, 0x74b55bd2, 0x682199c0, 0xd421e5ec, 0x53fb3ce8, 0xc8adedb3, 0x28a87fc9, 0x3d959981,
-0x5c1ff900, 0xfe38d399, 0x0c4eff0b, 0x062407ea, 0xaa2f4fb1, 0x4fb96976, 0x90c79505, 0xb0a8a774,
-0xef55a1ff, 0xe59ca2c2, 0xa6b62d27, 0xe66a4263, 0xdf65001f, 0x0ec50966, 0xdfdd55bc, 0x29de0655,
-0x911e739a, 0x17af8975, 0x32c7911c, 0x89f89468, 0x0d01e980, 0x524755f4, 0x03b63cc9, 0x0cc844b2,
-0xbcf3f0aa, 0x87ac36e9, 0xe53a7426, 0x01b3d82b, 0x1a9e7449, 0x64ee2d7e, 0xcddbb1da, 0x01c94910,
-0xb868bf80, 0x0d26f3fd, 0x9342ede7, 0x04a5c284, 0x636737b6, 0x50f5b616, 0xf24766e3, 0x8eca36c1,
-0x136e05db, 0xfef18391, 0xfb887a37, 0xd6e7f7d4, 0xc7fb7dc9, 0x3063fcdf, 0xb6f589de, 0xec2941da,
-0x26e46695, 0xb7566419, 0xf654efc5, 0xd08d58b7, 0x48925401, 0xc1bacb7f, 0xe5ff550f, 0xb6083049,
-0x5bb5d0e8, 0x87d72e5a, 0xab6a6ee1, 0x223a66ce, 0xc62bf3cd, 0x9e0885f9, 0x68cb3e47, 0x086c010f,
-0xa21de820, 0xd18b69de, 0xf3f65777, 0xfa02c3f6, 0x407edac3, 0xcbb3d550, 0x1793084d, 0xb0d70eba,
-0x0ab378d5, 0xd951fb0c, 0xded7da56, 0x4124bbe4, 0x94ca0b56, 0x0f5755d1, 0xe0e1e56e, 0x6184b5be,
-0x580a249f, 0x94f74bc0, 0xe327888e, 0x9f7b5561, 0xc3dc0280, 0x05687715, 0x646c6bd7, 0x44904db3,
-0x66b4f0a3, 0xc0f1648a, 0x697ed5af, 0x49e92ff6, 0x309e374f, 0x2cb6356a, 0x85808573, 0x4991f840,
-0x76f0ae02, 0x083be84d, 0x28421c9a, 0x44489406, 0x736e4cb8, 0xc1092910, 0x8bc95fc6, 0x7d869cf4,
-0x134f616f, 0x2e77118d, 0xb31b2be1, 0xaa90b472, 0x3ca5d717, 0x7d161bba, 0x9cad9010, 0xaf462ba2,
-0x9fe459d2, 0x45d34559, 0xd9f2da13, 0xdbc65487, 0xf3e4f94e, 0x176d486f, 0x097c13ea, 0x631da5c7,
-0x445f7382, 0x175683f4, 0xcdc66a97, 0x70be0288, 0xb3cdcf72, 0x6e5dd2f3, 0x20936079, 0x459b80a5,
-0xbe60e2db, 0xa9c23101, 0xeba5315c, 0x224e42f2, 0x1c5c1572, 0xf6721b2c, 0x1ad2fff3, 0x8c25404e,
-0x324ed72f, 0x4067b7fd, 0x0523138e, 0x5ca3bc78, 0xdc0fd66e, 0x75922283, 0x784d6b17, 0x58ebb16e,
-0x44094f85, 0x3f481d87, 0xfcfeae7b, 0x77b5ff76, 0x8c2302bf, 0xaaf47556, 0x5f46b02a, 0x2b092801,
-0x3d38f5f7, 0x0ca81f36, 0x52af4a8a, 0x66d5e7c0, 0xdf3b0874, 0x95055110, 0x1b5ad7a8, 0xf61ed5ad,
-0x6cf6e479, 0x20758184, 0xd0cefa65, 0x88f7be58, 0x4a046826, 0x0ff6f8f3, 0xa09c7f70, 0x5346aba0,
-0x5ce96c28, 0xe176eda3, 0x6bac307f, 0x376829d2, 0x85360fa9, 0x17e3fe2a, 0x24b79767, 0xf5a96b20,
-0xd6cd2595, 0x68ff1ebf, 0x7555442c, 0xf19f06be, 0xf9e0659a, 0xeeb9491d, 0x34010718, 0xbb30cab8,
-0xe822fe15, 0x88570983, 0x750e6249, 0xda627e55, 0x5e76ffa8, 0xb1534546, 0x6d47de08, 0xefe9e7d4
-            },
-        S6 = {
-0xf6fa8f9d, 0x2cac6ce1, 0x4ca34867, 0xe2337f7c, 0x95db08e7, 0x016843b4, 0xeced5cbc, 0x325553ac,
-0xbf9f0960, 0xdfa1e2ed, 0x83f0579d, 0x63ed86b9, 0x1ab6a6b8, 0xde5ebe39, 0xf38ff732, 0x8989b138,
-0x33f14961, 0xc01937bd, 0xf506c6da, 0xe4625e7e, 0xa308ea99, 0x4e23e33c, 0x79cbd7cc, 0x48a14367,
-0xa3149619, 0xfec94bd5, 0xa114174a, 0xeaa01866, 0xa084db2d, 0x09a8486f, 0xa888614a, 0x2900af98,
-0x01665991, 0xe1992863, 0xc8f30c60, 0x2e78ef3c, 0xd0d51932, 0xcf0fec14, 0xf7ca07d2, 0xd0a82072,
-0xfd41197e, 0x9305a6b0, 0xe86be3da, 0x74bed3cd, 0x372da53c, 0x4c7f4448, 0xdab5d440, 0x6dba0ec3,
-0x083919a7, 0x9fbaeed9, 0x49dbcfb0, 0x4e670c53, 0x5c3d9c01, 0x64bdb941, 0x2c0e636a, 0xba7dd9cd,
-0xea6f7388, 0xe70bc762, 0x35f29adb, 0x5c4cdd8d, 0xf0d48d8c, 0xb88153e2, 0x08a19866, 0x1ae2eac8,
-0x284caf89, 0xaa928223, 0x9334be53, 0x3b3a21bf, 0x16434be3, 0x9aea3906, 0xefe8c36e, 0xf890cdd9,
-0x80226dae, 0xc340a4a3, 0xdf7e9c09, 0xa694a807, 0x5b7c5ecc, 0x221db3a6, 0x9a69a02f, 0x68818a54,
-0xceb2296f, 0x53c0843a, 0xfe893655, 0x25bfe68a, 0xb4628abc, 0xcf222ebf, 0x25ac6f48, 0xa9a99387,
-0x53bddb65, 0xe76ffbe7, 0xe967fd78, 0x0ba93563, 0x8e342bc1, 0xe8a11be9, 0x4980740d, 0xc8087dfc,
-0x8de4bf99, 0xa11101a0, 0x7fd37975, 0xda5a26c0, 0xe81f994f, 0x9528cd89, 0xfd339fed, 0xb87834bf,
-0x5f04456d, 0x22258698, 0xc9c4c83b, 0x2dc156be, 0x4f628daa, 0x57f55ec5, 0xe2220abe, 0xd2916ebf,
-0x4ec75b95, 0x24f2c3c0, 0x42d15d99, 0xcd0d7fa0, 0x7b6e27ff, 0xa8dc8af0, 0x7345c106, 0xf41e232f,
-0x35162386, 0xe6ea8926, 0x3333b094, 0x157ec6f2, 0x372b74af, 0x692573e4, 0xe9a9d848, 0xf3160289,
-0x3a62ef1d, 0xa787e238, 0xf3a5f676, 0x74364853, 0x20951063, 0x4576698d, 0xb6fad407, 0x592af950,
-0x36f73523, 0x4cfb6e87, 0x7da4cec0, 0x6c152daa, 0xcb0396a8, 0xc50dfe5d, 0xfcd707ab, 0x0921c42f,
-0x89dff0bb, 0x5fe2be78, 0x448f4f33, 0x754613c9, 0x2b05d08d, 0x48b9d585, 0xdc049441, 0xc8098f9b,
-0x7dede786, 0xc39a3373, 0x42410005, 0x6a091751, 0x0ef3c8a6, 0x890072d6, 0x28207682, 0xa9a9f7be,
-0xbf32679d, 0xd45b5b75, 0xb353fd00, 0xcbb0e358, 0x830f220a, 0x1f8fb214, 0xd372cf08, 0xcc3c4a13,
-0x8cf63166, 0x061c87be, 0x88c98f88, 0x6062e397, 0x47cf8e7a, 0xb6c85283, 0x3cc2acfb, 0x3fc06976,
-0x4e8f0252, 0x64d8314d, 0xda3870e3, 0x1e665459, 0xc10908f0, 0x513021a5, 0x6c5b68b7, 0x822f8aa0,
-0x3007cd3e, 0x74719eef, 0xdc872681, 0x073340d4, 0x7e432fd9, 0x0c5ec241, 0x8809286c, 0xf592d891,
-0x08a930f6, 0x957ef305, 0xb7fbffbd, 0xc266e96f, 0x6fe4ac98, 0xb173ecc0, 0xbc60b42a, 0x953498da,
-0xfba1ae12, 0x2d4bd736, 0x0f25faab, 0xa4f3fceb, 0xe2969123, 0x257f0c3d, 0x9348af49, 0x361400bc,
-0xe8816f4a, 0x3814f200, 0xa3f94043, 0x9c7a54c2, 0xbc704f57, 0xda41e7f9, 0xc25ad33a, 0x54f4a084,
-0xb17f5505, 0x59357cbe, 0xedbd15c8, 0x7f97c5ab, 0xba5ac7b5, 0xb6f6deaf, 0x3a479c3a, 0x5302da25,
-0x653d7e6a, 0x54268d49, 0x51a477ea, 0x5017d55b, 0xd7d25d88, 0x44136c76, 0x0404a8c8, 0xb8e5a121,
-0xb81a928a, 0x60ed5869, 0x97c55b96, 0xeaec991b, 0x29935913, 0x01fdb7f1, 0x088e8dfa, 0x9ab6f6f5,
-0x3b4cbf9f, 0x4a5de3ab, 0xe6051d35, 0xa0e1d855, 0xd36b4cf1, 0xf544edeb, 0xb0e93524, 0xbebb8fbd,
-0xa2d762cf, 0x49c92f54, 0x38b5f331, 0x7128a454, 0x48392905, 0xa65b1db8, 0x851c97bd, 0xd675cf2f 
-            },
-        S7 = {
-0x85e04019, 0x332bf567, 0x662dbfff, 0xcfc65693, 0x2a8d7f6f, 0xab9bc912, 0xde6008a1, 0x2028da1f,
-0x0227bce7, 0x4d642916, 0x18fac300, 0x50f18b82, 0x2cb2cb11, 0xb232e75c, 0x4b3695f2, 0xb28707de,
-0xa05fbcf6, 0xcd4181e9, 0xe150210c, 0xe24ef1bd, 0xb168c381, 0xfde4e789, 0x5c79b0d8, 0x1e8bfd43,
-0x4d495001, 0x38be4341, 0x913cee1d, 0x92a79c3f, 0x089766be, 0xbaeeadf4, 0x1286becf, 0xb6eacb19,
-0x2660c200, 0x7565bde4, 0x64241f7a, 0x8248dca9, 0xc3b3ad66, 0x28136086, 0x0bd8dfa8, 0x356d1cf2,
-0x107789be, 0xb3b2e9ce, 0x0502aa8f, 0x0bc0351e, 0x166bf52a, 0xeb12ff82, 0xe3486911, 0xd34d7516,
-0x4e7b3aff, 0x5f43671b, 0x9cf6e037, 0x4981ac83, 0x334266ce, 0x8c9341b7, 0xd0d854c0, 0xcb3a6c88,
-0x47bc2829, 0x4725ba37, 0xa66ad22b, 0x7ad61f1e, 0x0c5cbafa, 0x4437f107, 0xb6e79962, 0x42d2d816,
-0x0a961288, 0xe1a5c06e, 0x13749e67, 0x72fc081a, 0xb1d139f7, 0xf9583745, 0xcf19df58, 0xbec3f756,
-0xc06eba30, 0x07211b24, 0x45c28829, 0xc95e317f, 0xbc8ec511, 0x38bc46e9, 0xc6e6fa14, 0xbae8584a,
-0xad4ebc46, 0x468f508b, 0x7829435f, 0xf124183b, 0x821dba9f, 0xaff60ff4, 0xea2c4e6d, 0x16e39264,
-0x92544a8b, 0x009b4fc3, 0xaba68ced, 0x9ac96f78, 0x06a5b79a, 0xb2856e6e, 0x1aec3ca9, 0xbe838688,
-0x0e0804e9, 0x55f1be56, 0xe7e5363b, 0xb3a1f25d, 0xf7debb85, 0x61fe033c, 0x16746233, 0x3c034c28,
-0xda6d0c74, 0x79aac56c, 0x3ce4e1ad, 0x51f0c802, 0x98f8f35a, 0x1626a49f, 0xeed82b29, 0x1d382fe3,
-0x0c4fb99a, 0xbb325778, 0x3ec6d97b, 0x6e77a6a9, 0xcb658b5c, 0xd45230c7, 0x2bd1408b, 0x60c03eb7,
-0xb9068d78, 0xa33754f4, 0xf430c87d, 0xc8a71302, 0xb96d8c32, 0xebd4e7be, 0xbe8b9d2d, 0x7979fb06,
-0xe7225308, 0x8b75cf77, 0x11ef8da4, 0xe083c858, 0x8d6b786f, 0x5a6317a6, 0xfa5cf7a0, 0x5dda0033,
-0xf28ebfb0, 0xf5b9c310, 0xa0eac280, 0x08b9767a, 0xa3d9d2b0, 0x79d34217, 0x021a718d, 0x9ac6336a,
-0x2711fd60, 0x438050e3, 0x069908a8, 0x3d7fedc4, 0x826d2bef, 0x4eeb8476, 0x488dcf25, 0x36c9d566,
-0x28e74e41, 0xc2610aca, 0x3d49a9cf, 0xbae3b9df, 0xb65f8de6, 0x92aeaf64, 0x3ac7d5e6, 0x9ea80509,
-0xf22b017d, 0xa4173f70, 0xdd1e16c3, 0x15e0d7f9, 0x50b1b887, 0x2b9f4fd5, 0x625aba82, 0x6a017962,
-0x2ec01b9c, 0x15488aa9, 0xd716e740, 0x40055a2c, 0x93d29a22, 0xe32dbf9a, 0x058745b9, 0x3453dc1e,
-0xd699296e, 0x496cff6f, 0x1c9f4986, 0xdfe2ed07, 0xb87242d1, 0x19de7eae, 0x053e561a, 0x15ad6f8c,
-0x66626c1c, 0x7154c24c, 0xea082b2a, 0x93eb2939, 0x17dcb0f0, 0x58d4f2ae, 0x9ea294fb, 0x52cf564c,
-0x9883fe66, 0x2ec40581, 0x763953c3, 0x01d6692e, 0xd3a0c108, 0xa1e7160e, 0xe4f2dfa6, 0x693ed285,
-0x74904698, 0x4c2b0edd, 0x4f757656, 0x5d393378, 0xa132234f, 0x3d321c5d, 0xc3f5e194, 0x4b269301,
-0xc79f022f, 0x3c997e7e, 0x5e4f9504, 0x3ffafbbd, 0x76f7ad0e, 0x296693f4, 0x3d1fce6f, 0xc61e45be,
-0xd3b5ab34, 0xf72bf9b7, 0x1b0434c0, 0x4e72b567, 0x5592a33d, 0xb5229301, 0xcfd2a87f, 0x60aeb767,
-0x1814386b, 0x30bcc33d, 0x38a0c07d, 0xfd1606f2, 0xc363519b, 0x589dd390, 0x5479f8e6, 0x1cb8d647,
-0x97fd61a9, 0xea7759f4, 0x2d57539d, 0x569a58cf, 0xe84e63ad, 0x462e1b78, 0x6580f87e, 0xf3817914,
-0x91da55f4, 0x40a230f3, 0xd1988f35, 0xb6e318d2, 0x3ffa50bc, 0x3d40f021, 0xc3c0bdae, 0x4958c24c,
-0x518f36b2, 0x84b1d370, 0x0fedce83, 0x878ddada, 0xf2a279c7, 0x94e01be8, 0x90716f4b, 0x954b8aa3 
-            },
-        S8 = {
-0xe216300d, 0xbbddfffc, 0xa7ebdabd, 0x35648095, 0x7789f8b7, 0xe6c1121b, 0x0e241600, 0x052ce8b5,
-0x11a9cfb0, 0xe5952f11, 0xece7990a, 0x9386d174, 0x2a42931c, 0x76e38111, 0xb12def3a, 0x37ddddfc,
-0xde9adeb1, 0x0a0cc32c, 0xbe197029, 0x84a00940, 0xbb243a0f, 0xb4d137cf, 0xb44e79f0, 0x049eedfd,
-0x0b15a15d, 0x480d3168, 0x8bbbde5a, 0x669ded42, 0xc7ece831, 0x3f8f95e7, 0x72df191b, 0x7580330d,
-0x94074251, 0x5c7dcdfa, 0xabbe6d63, 0xaa402164, 0xb301d40a, 0x02e7d1ca, 0x53571dae, 0x7a3182a2,
-0x12a8ddec, 0xfdaa335d, 0x176f43e8, 0x71fb46d4, 0x38129022, 0xce949ad4, 0xb84769ad, 0x965bd862,
-0x82f3d055, 0x66fb9767, 0x15b80b4e, 0x1d5b47a0, 0x4cfde06f, 0xc28ec4b8, 0x57e8726e, 0x647a78fc,
-0x99865d44, 0x608bd593, 0x6c200e03, 0x39dc5ff6, 0x5d0b00a3, 0xae63aff2, 0x7e8bd632, 0x70108c0c,
-0xbbd35049, 0x2998df04, 0x980cf42a, 0x9b6df491, 0x9e7edd53, 0x06918548, 0x58cb7e07, 0x3b74ef2e,
-0x522fffb1, 0xd24708cc, 0x1c7e27cd, 0xa4eb215b, 0x3cf1d2e2, 0x19b47a38, 0x424f7618, 0x35856039,
-0x9d17dee7, 0x27eb35e6, 0xc9aff67b, 0x36baf5b8, 0x09c467cd, 0xc18910b1, 0xe11dbf7b, 0x06cd1af8,
-0x7170c608, 0x2d5e3354, 0xd4de495a, 0x64c6d006, 0xbcc0c62c, 0x3dd00db3, 0x708f8f34, 0x77d51b42,
-0x264f620f, 0x24b8d2bf, 0x15c1b79e, 0x46a52564, 0xf8d7e54e, 0x3e378160, 0x7895cda5, 0x859c15a5,
-0xe6459788, 0xc37bc75f, 0xdb07ba0c, 0x0676a3ab, 0x7f229b1e, 0x31842e7b, 0x24259fd7, 0xf8bef472,
-0x835ffcb8, 0x6df4c1f2, 0x96f5b195, 0xfd0af0fc, 0xb0fe134c, 0xe2506d3d, 0x4f9b12ea, 0xf215f225,
-0xa223736f, 0x9fb4c428, 0x25d04979, 0x34c713f8, 0xc4618187, 0xea7a6e98, 0x7cd16efc, 0x1436876c,
-0xf1544107, 0xbedeee14, 0x56e9af27, 0xa04aa441, 0x3cf7c899, 0x92ecbae6, 0xdd67016d, 0x151682eb,
-0xa842eedf, 0xfdba60b4, 0xf1907b75, 0x20e3030f, 0x24d8c29e, 0xe139673b, 0xefa63fb8, 0x71873054,
-0xb6f2cf3b, 0x9f326442, 0xcb15a4cc, 0xb01a4504, 0xf1e47d8d, 0x844a1be5, 0xbae7dfdc, 0x42cbda70,
-0xcd7dae0a, 0x57e85b7a, 0xd53f5af6, 0x20cf4d8c, 0xcea4d428, 0x79d130a4, 0x3486ebfb, 0x33d3cddc,
-0x77853b53, 0x37effcb5, 0xc5068778, 0xe580b3e6, 0x4e68b8f4, 0xc5c8b37e, 0x0d809ea2, 0x398feb7c,
-0x132a4f94, 0x43b7950e, 0x2fee7d1c, 0x223613bd, 0xdd06caa2, 0x37df932b, 0xc4248289, 0xacf3ebc3,
-0x5715f6b7, 0xef3478dd, 0xf267616f, 0xc148cbe4, 0x9052815e, 0x5e410fab, 0xb48a2465, 0x2eda7fa4,
-0xe87b40e4, 0xe98ea084, 0x5889e9e1, 0xefd390fc, 0xdd07d35b, 0xdb485694, 0x38d7e5b2, 0x57720101,
-0x730edebc, 0x5b643113, 0x94917e4f, 0x503c2fba, 0x646f1282, 0x7523d24a, 0xe0779695, 0xf9c17a8f,
-0x7a5b2121, 0xd187b896, 0x29263a4d, 0xba510cdf, 0x81f47c9f, 0xad1163ed, 0xea7b5965, 0x1a00726e,
-0x11403092, 0x00da6d77, 0x4a0cdd61, 0xad1f4603, 0x605bdfb0, 0x9eedc364, 0x22ebe6a8, 0xcee7d28a,
-0xa0e736a0, 0x5564a6b9, 0x10853209, 0xc7eb8f37, 0x2de705ca, 0x8951570f, 0xdf09822b, 0xbd691a6c,
-0xaa12e4f2, 0x87451c0f, 0xe0f6a27a, 0x3ada4819, 0x4cf1764f, 0x0d771c2b, 0x67cdb156, 0x350d8384,
-0x5938fa0f, 0x42399ef3, 0x36997b07, 0x0e84093d, 0x4aa93e61, 0x8360d87b, 0x1fa98b0c, 0x1149382c,
-0xe97625a5, 0x0614d1b7, 0x0e25244b, 0x0c768347, 0x589e8d82, 0x0d2059d1, 0xa466bb1e, 0xf8da0a82,
-0x04f19130, 0xba6e4ec0, 0x99265164, 0x1ee7230d, 0x50b2ad80, 0xeaee6801, 0x8db2a283, 0xea8bf59e 
-            };
-
-    //====================================
-    // Useful constants
-    //====================================
-
-    protected static final int    MAX_ROUNDS = 16;
-    protected static final int    RED_ROUNDS = 12;
-
-    protected static final int    BLOCK_SIZE = 8;  // bytes = 64 bits
-
-    protected int _Kr[] = new int[17];        // the rotating round key
-    protected int _Km[] = new int[17];        // the masking round key
-
-    private boolean _encrypting = false;
-
-    private byte[]  _workingKey = null;
-    private int     _rounds = MAX_ROUNDS;
-
-    public CAST5Engine()
-    {
-    }
-
-    /**
-     * initialise a CAST cipher.
-     *
-     * @param encrypting whether or not we are for encryption.
-     * @param params the parameters required to set up the cipher.
-     * @exception IllegalArgumentException if the params argument is
-     * inappropriate.
-     */
-    public void init(
-        boolean             encrypting,
-        CipherParameters    params)
-    {
-        if (params instanceof KeyParameter)
-        {
-            _encrypting = encrypting;
-            _workingKey = ((KeyParameter)params).getKey();
-
-            setKey(_workingKey);
-
-            return;
-        }
-
-        throw new IllegalArgumentException("Invalid parameter passed to "+getAlgorithmName()+" init - " + params.getClass().getName());
-    }
-
-    public String getAlgorithmName()
-    {
-        return "CAST5";
-    }
-
-    public int processBlock(
-        byte[] in,
-        int inOff,
-        byte[] out,
-        int outOff)
-    {
-        if (_workingKey == null)
-        {
-            throw new IllegalStateException(getAlgorithmName()+" not initialised");
-        }
-
-        int blockSize = getBlockSize();
-        if ((inOff + blockSize) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-
-        if ((outOff + blockSize) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-
-        if (_encrypting)
-        {
-            return encryptBlock(in, inOff, out, outOff);
-        }
-        else
-        {    
-            return decryptBlock(in, inOff, out, outOff);
-        }
-    }
-
-    public void reset()
-    {
-    }
-
-    public int getBlockSize()
-    {
-        return BLOCK_SIZE;
-    }
-
-    //==================================
-    // Private Implementation
-    //==================================
-
-    /*
-     * Creates the subkeys using the same nomenclature
-     * as described in RFC2144.
-     *
-     * See section 2.4
-     */
-    protected void setKey(byte[] key)
-    {
-        /* 
-         * Determine the key size here, if required
-         *
-         * if keysize <= 80bits, use 12 rounds instead of 16
-         * if keysize < 128bits, pad with 0
-         *
-         * Typical key sizes => 40, 64, 80, 128
-         */
-
-        if (key.length < 11)
-        {
-            _rounds = RED_ROUNDS;
-        }
-
-        int z[] = new int[16];
-        int x[] = new int[16];
-
-        int z03, z47, z8B, zCF;
-        int x03, x47, x8B, xCF;
-
-        /* copy the key into x */
-        for (int i=0; i< key.length; i++) 
-        { 
-            x[i] = key[i] & 0xff; 
-        }
-
-        /*
-         * This will look different because the selection of
-         * bytes from the input key I've already chosen the
-         * correct int.
-         */
-        x03 = IntsTo32bits(x, 0x0);
-        x47 = IntsTo32bits(x, 0x4);
-        x8B = IntsTo32bits(x, 0x8);
-        xCF = IntsTo32bits(x, 0xC);
-
-        z03 = x03 ^S5[x[0xD]] ^S6[x[0xF]] ^S7[x[0xC]] ^S8[x[0xE]] ^S7[x[0x8]];
-
-        Bits32ToInts(z03, z, 0x0);
-        z47 = x8B ^S5[z[0x0]] ^S6[z[0x2]] ^S7[z[0x1]] ^S8[z[0x3]] ^S8[x[0xA]];
-        Bits32ToInts(z47, z, 0x4);
-        z8B = xCF ^S5[z[0x7]] ^S6[z[0x6]] ^S7[z[0x5]] ^S8[z[0x4]] ^S5[x[0x9]];
-        Bits32ToInts(z8B, z, 0x8);
-        zCF = x47 ^S5[z[0xA]] ^S6[z[0x9]] ^S7[z[0xB]] ^S8[z[0x8]] ^S6[x[0xB]];
-        Bits32ToInts(zCF, z, 0xC);
-        _Km[ 1]= S5[z[0x8]] ^ S6[z[0x9]] ^ S7[z[0x7]] ^ S8[z[0x6]] ^ S5[z[0x2]];
-        _Km[ 2]= S5[z[0xA]] ^ S6[z[0xB]] ^ S7[z[0x5]] ^ S8[z[0x4]] ^ S6[z[0x6]];
-        _Km[ 3]= S5[z[0xC]] ^ S6[z[0xD]] ^ S7[z[0x3]] ^ S8[z[0x2]] ^ S7[z[0x9]];
-        _Km[ 4]= S5[z[0xE]] ^ S6[z[0xF]] ^ S7[z[0x1]] ^ S8[z[0x0]] ^ S8[z[0xC]];
-
-        z03 = IntsTo32bits(z, 0x0);
-        z47 = IntsTo32bits(z, 0x4);
-        z8B = IntsTo32bits(z, 0x8);
-        zCF = IntsTo32bits(z, 0xC);
-        x03 = z8B ^S5[z[0x5]] ^S6[z[0x7]] ^S7[z[0x4]] ^S8[z[0x6]] ^S7[z[0x0]];
-        Bits32ToInts(x03, x, 0x0);
-        x47 = z03 ^S5[x[0x0]] ^S6[x[0x2]] ^S7[x[0x1]] ^S8[x[0x3]] ^S8[z[0x2]];
-        Bits32ToInts(x47, x, 0x4);
-        x8B = z47 ^S5[x[0x7]] ^S6[x[0x6]] ^S7[x[0x5]] ^S8[x[0x4]] ^S5[z[0x1]];
-        Bits32ToInts(x8B, x, 0x8);
-        xCF = zCF ^S5[x[0xA]] ^S6[x[0x9]] ^S7[x[0xB]] ^S8[x[0x8]] ^S6[z[0x3]];
-        Bits32ToInts(xCF, x, 0xC);
-        _Km[ 5]= S5[x[0x3]] ^ S6[x[0x2]] ^ S7[x[0xC]] ^ S8[x[0xD]] ^ S5[x[0x8]];
-        _Km[ 6]= S5[x[0x1]] ^ S6[x[0x0]] ^ S7[x[0xE]] ^ S8[x[0xF]] ^ S6[x[0xD]];
-        _Km[ 7]= S5[x[0x7]] ^ S6[x[0x6]] ^ S7[x[0x8]] ^ S8[x[0x9]] ^ S7[x[0x3]];
-        _Km[ 8]= S5[x[0x5]] ^ S6[x[0x4]] ^ S7[x[0xA]] ^ S8[x[0xB]] ^ S8[x[0x7]];
-
-        x03 = IntsTo32bits(x, 0x0);
-        x47 = IntsTo32bits(x, 0x4);
-        x8B = IntsTo32bits(x, 0x8);
-        xCF = IntsTo32bits(x, 0xC);
-        z03 = x03 ^S5[x[0xD]] ^S6[x[0xF]] ^S7[x[0xC]] ^S8[x[0xE]] ^S7[x[0x8]];
-        Bits32ToInts(z03, z, 0x0);
-        z47 = x8B ^S5[z[0x0]] ^S6[z[0x2]] ^S7[z[0x1]] ^S8[z[0x3]] ^S8[x[0xA]];
-        Bits32ToInts(z47, z, 0x4);
-        z8B = xCF ^S5[z[0x7]] ^S6[z[0x6]] ^S7[z[0x5]] ^S8[z[0x4]] ^S5[x[0x9]];
-        Bits32ToInts(z8B, z, 0x8);
-        zCF = x47 ^S5[z[0xA]] ^S6[z[0x9]] ^S7[z[0xB]] ^S8[z[0x8]] ^S6[x[0xB]];
-        Bits32ToInts(zCF, z, 0xC);
-        _Km[ 9]= S5[z[0x3]] ^ S6[z[0x2]] ^ S7[z[0xC]] ^ S8[z[0xD]] ^ S5[z[0x9]];
-        _Km[10]= S5[z[0x1]] ^ S6[z[0x0]] ^ S7[z[0xE]] ^ S8[z[0xF]] ^ S6[z[0xc]];
-        _Km[11]= S5[z[0x7]] ^ S6[z[0x6]] ^ S7[z[0x8]] ^ S8[z[0x9]] ^ S7[z[0x2]];
-        _Km[12]= S5[z[0x5]] ^ S6[z[0x4]] ^ S7[z[0xA]] ^ S8[z[0xB]] ^ S8[z[0x6]];
-
-        z03 = IntsTo32bits(z, 0x0);
-        z47 = IntsTo32bits(z, 0x4);
-        z8B = IntsTo32bits(z, 0x8);
-        zCF = IntsTo32bits(z, 0xC);
-        x03 = z8B ^S5[z[0x5]] ^S6[z[0x7]] ^S7[z[0x4]] ^S8[z[0x6]] ^S7[z[0x0]];
-        Bits32ToInts(x03, x, 0x0);
-        x47 = z03 ^S5[x[0x0]] ^S6[x[0x2]] ^S7[x[0x1]] ^S8[x[0x3]] ^S8[z[0x2]];
-        Bits32ToInts(x47, x, 0x4);
-        x8B = z47 ^S5[x[0x7]] ^S6[x[0x6]] ^S7[x[0x5]] ^S8[x[0x4]] ^S5[z[0x1]];
-        Bits32ToInts(x8B, x, 0x8);
-        xCF = zCF ^S5[x[0xA]] ^S6[x[0x9]] ^S7[x[0xB]] ^S8[x[0x8]] ^S6[z[0x3]];
-        Bits32ToInts(xCF, x, 0xC);
-        _Km[13]= S5[x[0x8]] ^ S6[x[0x9]] ^ S7[x[0x7]] ^ S8[x[0x6]] ^ S5[x[0x3]];
-        _Km[14]= S5[x[0xA]] ^ S6[x[0xB]] ^ S7[x[0x5]] ^ S8[x[0x4]] ^ S6[x[0x7]];
-        _Km[15]= S5[x[0xC]] ^ S6[x[0xD]] ^ S7[x[0x3]] ^ S8[x[0x2]] ^ S7[x[0x8]];
-        _Km[16]= S5[x[0xE]] ^ S6[x[0xF]] ^ S7[x[0x1]] ^ S8[x[0x0]] ^ S8[x[0xD]];
-
-        x03 = IntsTo32bits(x, 0x0);
-        x47 = IntsTo32bits(x, 0x4);
-        x8B = IntsTo32bits(x, 0x8);
-        xCF = IntsTo32bits(x, 0xC);
-        z03 = x03 ^S5[x[0xD]] ^S6[x[0xF]] ^S7[x[0xC]] ^S8[x[0xE]] ^S7[x[0x8]];
-        Bits32ToInts(z03, z, 0x0);
-        z47 = x8B ^S5[z[0x0]] ^S6[z[0x2]] ^S7[z[0x1]] ^S8[z[0x3]] ^S8[x[0xA]];
-        Bits32ToInts(z47, z, 0x4);
-        z8B = xCF ^S5[z[0x7]] ^S6[z[0x6]] ^S7[z[0x5]] ^S8[z[0x4]] ^S5[x[0x9]];
-        Bits32ToInts(z8B, z, 0x8);
-        zCF = x47 ^S5[z[0xA]] ^S6[z[0x9]] ^S7[z[0xB]] ^S8[z[0x8]] ^S6[x[0xB]];
-        Bits32ToInts(zCF, z, 0xC);
-        _Kr[ 1]=(S5[z[0x8]]^S6[z[0x9]]^S7[z[0x7]]^S8[z[0x6]] ^ S5[z[0x2]])&0x1f;
-        _Kr[ 2]=(S5[z[0xA]]^S6[z[0xB]]^S7[z[0x5]]^S8[z[0x4]] ^ S6[z[0x6]])&0x1f;
-        _Kr[ 3]=(S5[z[0xC]]^S6[z[0xD]]^S7[z[0x3]]^S8[z[0x2]] ^ S7[z[0x9]])&0x1f;
-        _Kr[ 4]=(S5[z[0xE]]^S6[z[0xF]]^S7[z[0x1]]^S8[z[0x0]] ^ S8[z[0xC]])&0x1f;
-
-        z03 = IntsTo32bits(z, 0x0);
-        z47 = IntsTo32bits(z, 0x4);
-        z8B = IntsTo32bits(z, 0x8);
-        zCF = IntsTo32bits(z, 0xC);
-        x03 = z8B ^S5[z[0x5]] ^S6[z[0x7]] ^S7[z[0x4]] ^S8[z[0x6]] ^S7[z[0x0]];
-        Bits32ToInts(x03, x, 0x0);
-        x47 = z03 ^S5[x[0x0]] ^S6[x[0x2]] ^S7[x[0x1]] ^S8[x[0x3]] ^S8[z[0x2]];
-        Bits32ToInts(x47, x, 0x4);
-        x8B = z47 ^S5[x[0x7]] ^S6[x[0x6]] ^S7[x[0x5]] ^S8[x[0x4]] ^S5[z[0x1]];
-        Bits32ToInts(x8B, x, 0x8);
-        xCF = zCF ^S5[x[0xA]] ^S6[x[0x9]] ^S7[x[0xB]] ^S8[x[0x8]] ^S6[z[0x3]];
-        Bits32ToInts(xCF, x, 0xC);
-        _Kr[ 5]=(S5[x[0x3]]^S6[x[0x2]]^S7[x[0xC]]^S8[x[0xD]]^S5[x[0x8]])&0x1f;
-        _Kr[ 6]=(S5[x[0x1]]^S6[x[0x0]]^S7[x[0xE]]^S8[x[0xF]]^S6[x[0xD]])&0x1f;
-        _Kr[ 7]=(S5[x[0x7]]^S6[x[0x6]]^S7[x[0x8]]^S8[x[0x9]]^S7[x[0x3]])&0x1f;
-        _Kr[ 8]=(S5[x[0x5]]^S6[x[0x4]]^S7[x[0xA]]^S8[x[0xB]]^S8[x[0x7]])&0x1f;
-
-        x03 = IntsTo32bits(x, 0x0);
-        x47 = IntsTo32bits(x, 0x4);
-        x8B = IntsTo32bits(x, 0x8);
-        xCF = IntsTo32bits(x, 0xC);
-        z03 = x03 ^S5[x[0xD]] ^S6[x[0xF]] ^S7[x[0xC]] ^S8[x[0xE]] ^S7[x[0x8]];
-        Bits32ToInts(z03, z, 0x0);
-        z47 = x8B ^S5[z[0x0]] ^S6[z[0x2]] ^S7[z[0x1]] ^S8[z[0x3]] ^S8[x[0xA]];
-        Bits32ToInts(z47, z, 0x4);
-        z8B = xCF ^S5[z[0x7]] ^S6[z[0x6]] ^S7[z[0x5]] ^S8[z[0x4]] ^S5[x[0x9]];
-        Bits32ToInts(z8B, z, 0x8);
-        zCF = x47 ^S5[z[0xA]] ^S6[z[0x9]] ^S7[z[0xB]] ^S8[z[0x8]] ^S6[x[0xB]];
-        Bits32ToInts(zCF, z, 0xC);
-        _Kr[ 9]=(S5[z[0x3]]^S6[z[0x2]]^S7[z[0xC]]^S8[z[0xD]]^S5[z[0x9]])&0x1f;
-        _Kr[10]=(S5[z[0x1]]^S6[z[0x0]]^S7[z[0xE]]^S8[z[0xF]]^S6[z[0xc]])&0x1f;
-        _Kr[11]=(S5[z[0x7]]^S6[z[0x6]]^S7[z[0x8]]^S8[z[0x9]]^S7[z[0x2]])&0x1f;
-        _Kr[12]=(S5[z[0x5]]^S6[z[0x4]]^S7[z[0xA]]^S8[z[0xB]]^S8[z[0x6]])&0x1f;
-
-        z03 = IntsTo32bits(z, 0x0);
-        z47 = IntsTo32bits(z, 0x4);
-        z8B = IntsTo32bits(z, 0x8);
-        zCF = IntsTo32bits(z, 0xC);
-        x03 = z8B ^S5[z[0x5]] ^S6[z[0x7]] ^S7[z[0x4]] ^S8[z[0x6]] ^S7[z[0x0]];
-        Bits32ToInts(x03, x, 0x0);
-        x47 = z03 ^S5[x[0x0]] ^S6[x[0x2]] ^S7[x[0x1]] ^S8[x[0x3]] ^S8[z[0x2]];
-        Bits32ToInts(x47, x, 0x4);
-        x8B = z47 ^S5[x[0x7]] ^S6[x[0x6]] ^S7[x[0x5]] ^S8[x[0x4]] ^S5[z[0x1]];
-        Bits32ToInts(x8B, x, 0x8);
-        xCF = zCF ^S5[x[0xA]] ^S6[x[0x9]] ^S7[x[0xB]] ^S8[x[0x8]] ^S6[z[0x3]];
-        Bits32ToInts(xCF, x, 0xC);
-        _Kr[13]=(S5[x[0x8]]^S6[x[0x9]]^S7[x[0x7]]^S8[x[0x6]]^S5[x[0x3]])&0x1f;
-        _Kr[14]=(S5[x[0xA]]^S6[x[0xB]]^S7[x[0x5]]^S8[x[0x4]]^S6[x[0x7]])&0x1f;
-        _Kr[15]=(S5[x[0xC]]^S6[x[0xD]]^S7[x[0x3]]^S8[x[0x2]]^S7[x[0x8]])&0x1f;
-        _Kr[16]=(S5[x[0xE]]^S6[x[0xF]]^S7[x[0x1]]^S8[x[0x0]]^S8[x[0xD]])&0x1f;
-    }
-
-    /**
-     * Encrypt the given input starting at the given offset and place
-     * the result in the provided buffer starting at the given offset.
-     *
-     * @param src        The plaintext buffer
-     * @param srcIndex    An offset into src
-     * @param dst        The ciphertext buffer
-     * @param dstIndex    An offset into dst
-     */
-    protected int encryptBlock(
-        byte[] src, 
-        int srcIndex,
-        byte[] dst,
-        int dstIndex)
-    {
-
-        int  result[] = new int[2];
-
-        // process the input block 
-        // batch the units up into a 32 bit chunk and go for it
-        // the array is in bytes, the increment is 8x8 bits = 64
-
-        int L0 = BytesTo32bits(src, srcIndex);
-        int R0 = BytesTo32bits(src, srcIndex + 4);
-
-        CAST_Encipher(L0, R0, result);
-
-        // now stuff them into the destination block
-        Bits32ToBytes(result[0], dst, dstIndex);
-        Bits32ToBytes(result[1], dst, dstIndex + 4);
-
-        return BLOCK_SIZE;
-    }
-
-    /**
-     * Decrypt the given input starting at the given offset and place
-     * the result in the provided buffer starting at the given offset.
-     *
-     * @param src        The plaintext buffer
-     * @param srcIndex    An offset into src
-     * @param dst        The ciphertext buffer
-     * @param dstIndex    An offset into dst
-     */
-    protected int decryptBlock(
-        byte[] src, 
-        int srcIndex,
-        byte[] dst,
-        int dstIndex)
-    {
-        int  result[] = new int[2];
-
-        // process the input block
-        // batch the units up into a 32 bit chunk and go for it
-        // the array is in bytes, the increment is 8x8 bits = 64
-        int L16 = BytesTo32bits(src, srcIndex);
-        int R16 = BytesTo32bits(src, srcIndex+4);
-
-        CAST_Decipher(L16, R16, result);
-
-        // now stuff them into the destination block
-        Bits32ToBytes(result[0], dst, dstIndex);
-        Bits32ToBytes(result[1], dst, dstIndex+4);
-
-        return BLOCK_SIZE;
-    }
-
-    /**
-     * The first of the three processing functions for the
-     * encryption and decryption.
-     *
-     * @param D            the input to be processed
-     * @param Kmi        the mask to be used from Km[n]
-     * @param Kri        the rotation value to be used
-     *
-     */
-    protected final int F1(int D, int Kmi, int Kri)
-    {
-        int I = Kmi + D;
-        I = I << Kri | I >>> (32-Kri);
-        return ((S1[(I>>>24)&0xff]^S2[(I>>>16)&0xff])-S3[(I>>> 8)&0xff])+
-                 S4[I & 0xff];
-    }
-
-    /**
-     * The second of the three processing functions for the
-     * encryption and decryption.
-     *
-     * @param D            the input to be processed
-     * @param Kmi        the mask to be used from Km[n]
-     * @param Kri        the rotation value to be used
-     *
-     */
-    protected final int F2(int D, int Kmi, int Kri)
-    {
-        int I = Kmi ^ D;
-        I = I << Kri | I >>> (32-Kri);
-        return ((S1[(I>>>24)&0xff]-S2[(I>>>16)&0xff])+S3[(I>>> 8)&0xff])^
-                 S4[I & 0xff];
-    }
-
-    /**
-     * The third of the three processing functions for the
-     * encryption and decryption.
-     *
-     * @param D            the input to be processed
-     * @param Kmi        the mask to be used from Km[n]
-     * @param Kri        the rotation value to be used
-     *
-     */
-    protected final int F3(int D, int Kmi, int Kri)
-    {
-        int I = Kmi - D;
-        I = I << Kri | I >>> (32-Kri);
-        return ((S1[(I>>>24)&0xff]+S2[(I>>>16)&0xff])^S3[(I>>> 8)&0xff])-
-                 S4[I & 0xff];
-    }
-
-    /**
-     * Does the 16 rounds to encrypt the block.
-     * 
-     * @param L0    the LH-32bits of the plaintext block
-     * @param R0    the RH-32bits of the plaintext block
-     */
-    protected final void CAST_Encipher(int L0, int R0, int result[])
-    {
-        int Lp = L0;        // the previous value, equiv to L[i-1]
-        int Rp = R0;        // equivalent to R[i-1]
-
-        /* 
-         * numbering consistent with paper to make
-         * checking and validating easier
-         */
-        int Li = L0, Ri = R0;
-
-        for (int i = 1; i<=_rounds ; i++)
-        {
-            Lp = Li;
-            Rp = Ri;
-
-            Li = Rp;
-            switch (i)
-            {
-                case  1:
-                case  4:
-                case  7:
-                case 10:
-                case 13:
-                case 16:
-                    Ri = Lp ^ F1(Rp, _Km[i], _Kr[i]);
-                    break;
-                case  2:
-                case  5:
-                case  8:
-                case 11:
-                case 14:
-                    Ri = Lp ^ F2(Rp, _Km[i], _Kr[i]);
-                    break;
-                case  3:
-                case  6:
-                case  9:
-                case 12:
-                case 15:
-                    Ri = Lp ^ F3(Rp, _Km[i], _Kr[i]);
-                    break;
-            }
-        }
-
-        result[0] = Ri;
-        result[1] = Li;
-
-        return;
-    }
-
-    protected final void CAST_Decipher(int L16, int R16, int result[])
-    {
-        int Lp = L16;        // the previous value, equiv to L[i-1]
-        int Rp = R16;        // equivalent to R[i-1]
-
-        /* 
-         * numbering consistent with paper to make
-         * checking and validating easier
-         */
-        int Li = L16, Ri = R16;
-
-        for (int i = _rounds; i > 0; i--)
-        {
-            Lp = Li;
-            Rp = Ri;
-
-            Li = Rp;
-            switch (i)
-            {
-                case  1:
-                case  4:
-                case  7:
-                case 10:
-                case 13:
-                case 16:
-                    Ri = Lp ^ F1(Rp, _Km[i], _Kr[i]);
-                    break;
-                case  2:
-                case  5:
-                case  8:
-                case 11:
-                case 14:
-                    Ri = Lp ^ F2(Rp, _Km[i], _Kr[i]);
-                    break;
-                case  3:
-                case  6:
-                case  9:
-                case 12:
-                case 15:
-                    Ri = Lp ^ F3(Rp, _Km[i], _Kr[i]);
-                    break;
-            }
-        }
-
-        result[0] = Ri;
-        result[1] = Li;
-
-        return;
-    }
-
-    protected final void Bits32ToInts(int in,  int[] b, int offset)
-    {
-        b[offset + 3] = (in & 0xff);
-        b[offset + 2] = ((in >>> 8) & 0xff);
-        b[offset + 1] = ((in >>> 16) & 0xff);
-        b[offset]     = ((in >>> 24) & 0xff);
-    }
-
-    protected final int IntsTo32bits(int[] b, int i)
-    {
-        int rv = 0;
-
-        rv = ((b[i]   & 0xff) << 24) | 
-             ((b[i+1] & 0xff) << 16) |
-             ((b[i+2] & 0xff) << 8) |
-             ((b[i+3] & 0xff));
-
-        return rv;
-    }
-
-    protected final void Bits32ToBytes(int in,  byte[] b, int offset)
-    {
-        b[offset + 3] = (byte)in;
-        b[offset + 2] = (byte)(in >>> 8);
-        b[offset + 1] = (byte)(in >>> 16);
-        b[offset]     = (byte)(in >>> 24);
-    }
-
-    protected final int BytesTo32bits(byte[] b, int i)
-    {
-        return ((b[i]   & 0xff) << 24) | 
-            ((b[i+1] & 0xff) << 16) |
-            ((b[i+2] & 0xff) << 8) |
-            ((b[i+3] & 0xff));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/CAST6Engine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/CAST6Engine.java
deleted file mode 100644
index db57b50..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/CAST6Engine.java
+++ /dev/null

@@ -1,296 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-
-/**
- * A class that provides CAST6 key encryption operations,
- * such as encoding data and generating keys.
- *
- * All the algorithms herein are from the Internet RFC
- *
- * RFC2612 - CAST6 (128bit block, 128-256bit key)
- *
- * and implement a simplified cryptography interface.
- */
-public final class CAST6Engine extends CAST5Engine
-{
-    //====================================
-    // Useful constants
-    //====================================
-
-    protected static final int    ROUNDS = 12;
-
-    protected static final int    BLOCK_SIZE = 16;  // bytes = 128 bits
-
-    /*
-     * Put the round and mask keys into an array.
-     * Kr0[i] => _Kr[i*4 + 0]
-     */
-    protected int _Kr[] = new int[ROUNDS*4]; // the rotating round key(s)
-    protected int _Km[] = new int[ROUNDS*4]; // the masking round key(s)
-
-    /*
-     * Key setup
-     */
-    protected int _Tr[] = new int[24 * 8];
-    protected int _Tm[] = new int[24 * 8];
-
-    private int[] _workingKey = new int[8];
-
-    public CAST6Engine()
-    {
-    }
-
-    public String getAlgorithmName()
-    {
-        return "CAST6";
-    }
-
-    public void reset()
-    {
-    }
-
-    public int getBlockSize()
-    {
-        return BLOCK_SIZE;
-    }
-
-    //==================================
-    // Private Implementation
-    //==================================
-
-    /*
-     * Creates the subkeys using the same nomenclature
-     * as described in RFC2612.
-     *
-     * See section 2.4
-     */
-    protected void setKey(byte[] key)
-    {
-        int Cm = 0x5a827999;
-        int Mm = 0x6ed9eba1;
-        int Cr = 19;
-        int Mr = 17;
-
-        /* 
-         * Determine the key size here, if required
-         *
-         * if keysize < 256 bytes, pad with 0
-         *
-         * Typical key sizes => 128, 160, 192, 224, 256
-         */
-        for (int i=0; i< 24; i++)
-        {
-            for (int j=0; j< 8; j++)
-            {
-                _Tm[i*8 + j] = Cm;
-                Cm = (Cm + Mm);    // mod 2^32;
-
-                _Tr[i*8 + j] = Cr;
-                Cr = (Cr + Mr) & 0x1f;            // mod 32
-            }
-        }
-
-        byte[] tmpKey = new byte[64];
-        int length = key.length;
-        System.arraycopy(key, 0, tmpKey, 0, length);
-
-        // now create ABCDEFGH
-        for (int i=0; i< 8; i++)
-        {
-            _workingKey[i] = BytesTo32bits(tmpKey, i*4);
-        }
-
-        // Generate the key schedule
-        for (int i=0; i< 12; i++)
-        {
-            // KAPPA <- W2i(KAPPA)
-            int i2 = i*2 *8;
-            _workingKey[6] ^= F1(_workingKey[7], _Tm[i2  ], _Tr[i2  ]);
-            _workingKey[5] ^= F2(_workingKey[6], _Tm[i2+1], _Tr[i2+1]);
-            _workingKey[4] ^= F3(_workingKey[5], _Tm[i2+2], _Tr[i2+2]);
-            _workingKey[3] ^= F1(_workingKey[4], _Tm[i2+3], _Tr[i2+3]);
-            _workingKey[2] ^= F2(_workingKey[3], _Tm[i2+4], _Tr[i2+4]);
-            _workingKey[1] ^= F3(_workingKey[2], _Tm[i2+5], _Tr[i2+5]);
-            _workingKey[0] ^= F1(_workingKey[1], _Tm[i2+6], _Tr[i2+6]);
-            _workingKey[7] ^= F2(_workingKey[0], _Tm[i2+7], _Tr[i2+7]);
-
-            // KAPPA <- W2i+1(KAPPA)
-            i2 = (i*2 + 1)*8;
-            _workingKey[6] ^= F1(_workingKey[7], _Tm[i2  ], _Tr[i2  ]);
-            _workingKey[5] ^= F2(_workingKey[6], _Tm[i2+1], _Tr[i2+1]);
-            _workingKey[4] ^= F3(_workingKey[5], _Tm[i2+2], _Tr[i2+2]);
-            _workingKey[3] ^= F1(_workingKey[4], _Tm[i2+3], _Tr[i2+3]);
-            _workingKey[2] ^= F2(_workingKey[3], _Tm[i2+4], _Tr[i2+4]);
-            _workingKey[1] ^= F3(_workingKey[2], _Tm[i2+5], _Tr[i2+5]);
-            _workingKey[0] ^= F1(_workingKey[1], _Tm[i2+6], _Tr[i2+6]);
-            _workingKey[7] ^= F2(_workingKey[0], _Tm[i2+7], _Tr[i2+7]);
-
-            // Kr_(i) <- KAPPA
-            _Kr[i*4    ] = _workingKey[0] & 0x1f;
-            _Kr[i*4 + 1] = _workingKey[2] & 0x1f;
-            _Kr[i*4 + 2] = _workingKey[4] & 0x1f;
-            _Kr[i*4 + 3] = _workingKey[6] & 0x1f;
-
-
-            // Km_(i) <- KAPPA
-            _Km[i*4    ] = _workingKey[7];
-            _Km[i*4 + 1] = _workingKey[5];
-            _Km[i*4 + 2] = _workingKey[3];
-            _Km[i*4 + 3] = _workingKey[1];
-        }
-        
-    }
-
-    /**
-     * Encrypt the given input starting at the given offset and place
-     * the result in the provided buffer starting at the given offset.
-     *
-     * @param src        The plaintext buffer
-     * @param srcIndex    An offset into src
-     * @param dst        The ciphertext buffer
-     * @param dstIndex    An offset into dst
-     */
-    protected int encryptBlock(
-        byte[] src, 
-        int srcIndex,
-        byte[] dst,
-        int dstIndex)
-    {
-
-        int  result[] = new int[4];
-
-        // process the input block 
-        // batch the units up into 4x32 bit chunks and go for it
-
-        int A = BytesTo32bits(src, srcIndex);
-        int B = BytesTo32bits(src, srcIndex + 4);
-        int C = BytesTo32bits(src, srcIndex + 8);
-        int D = BytesTo32bits(src, srcIndex + 12);
-
-        CAST_Encipher(A, B, C, D, result);
-
-        // now stuff them into the destination block
-        Bits32ToBytes(result[0], dst, dstIndex);
-        Bits32ToBytes(result[1], dst, dstIndex + 4);
-        Bits32ToBytes(result[2], dst, dstIndex + 8);
-        Bits32ToBytes(result[3], dst, dstIndex + 12);
-
-        return BLOCK_SIZE;
-    }
-
-    /**
-     * Decrypt the given input starting at the given offset and place
-     * the result in the provided buffer starting at the given offset.
-     *
-     * @param src        The plaintext buffer
-     * @param srcIndex    An offset into src
-     * @param dst        The ciphertext buffer
-     * @param dstIndex    An offset into dst
-     */
-    protected int decryptBlock(
-        byte[] src, 
-        int srcIndex,
-        byte[] dst,
-        int dstIndex)
-    {
-        int  result[] = new int[4];
-
-        // process the input block
-        // batch the units up into 4x32 bit chunks and go for it
-        int A = BytesTo32bits(src, srcIndex);
-        int B = BytesTo32bits(src, srcIndex + 4);
-        int C = BytesTo32bits(src, srcIndex + 8);
-        int D = BytesTo32bits(src, srcIndex + 12);
-
-        CAST_Decipher(A, B, C, D, result);
-
-        // now stuff them into the destination block
-        Bits32ToBytes(result[0], dst, dstIndex);
-        Bits32ToBytes(result[1], dst, dstIndex + 4);
-        Bits32ToBytes(result[2], dst, dstIndex + 8);
-        Bits32ToBytes(result[3], dst, dstIndex + 12);
-
-        return BLOCK_SIZE;
-    }
-
-    /**
-     * Does the 12 quad rounds rounds to encrypt the block.
-     * 
-     * @param A    the 00-31  bits of the plaintext block
-     * @param B    the 32-63  bits of the plaintext block
-     * @param C    the 64-95  bits of the plaintext block
-     * @param D    the 96-127 bits of the plaintext block
-     * @param result the resulting ciphertext
-     */
-    protected final void CAST_Encipher(int A, int B, int C, int D,int result[])
-    {
-        int x;
-        for (int i=0; i< 6; i++)
-        {
-            x = i*4;
-            // BETA <- Qi(BETA)
-            C ^= F1(D, _Km[x], _Kr[x]);
-            B ^= F2(C, _Km[x + 1], _Kr[x + 1]);
-            A ^= F3(B, _Km[x + 2], _Kr[x + 2]);
-            D ^= F1(A, _Km[x + 3], _Kr[x + 3]);
-
-        }
-
-        for (int i=6; i<12; i++)
-        {
-            x = i*4;
-            // BETA <- QBARi(BETA)
-            D ^= F1(A, _Km[x + 3], _Kr[x + 3]);
-            A ^= F3(B, _Km[x + 2], _Kr[x + 2]);
-            B ^= F2(C, _Km[x + 1], _Kr[x + 1]);
-            C ^= F1(D, _Km[x], _Kr[x]);
-
-        }
-
-        result[0] = A;
-        result[1] = B;
-        result[2] = C;
-        result[3] = D;
-    }
-
-    /**
-     * Does the 12 quad rounds rounds to decrypt the block.
-     * 
-     * @param A    the 00-31  bits of the ciphertext block
-     * @param B    the 32-63  bits of the ciphertext block
-     * @param C    the 64-95  bits of the ciphertext block
-     * @param D    the 96-127 bits of the ciphertext block
-     * @param result the resulting plaintext
-     */
-    protected final void CAST_Decipher(int A, int B, int C, int D,int result[])
-    {
-        int x;
-        for (int i=0; i< 6; i++)
-        {
-            x = (11-i)*4;
-            // BETA <- Qi(BETA)
-            C ^= F1(D, _Km[x], _Kr[x]);
-            B ^= F2(C, _Km[x + 1], _Kr[x + 1]);
-            A ^= F3(B, _Km[x + 2], _Kr[x + 2]);
-            D ^= F1(A, _Km[x + 3], _Kr[x + 3]);
-
-        }
-
-        for (int i=6; i<12; i++)
-        {
-            x = (11-i)*4;
-            // BETA <- QBARi(BETA)
-            D ^= F1(A, _Km[x + 3], _Kr[x + 3]);
-            A ^= F3(B, _Km[x + 2], _Kr[x + 2]);
-            B ^= F2(C, _Km[x + 1], _Kr[x + 1]);
-            C ^= F1(D, _Km[x], _Kr[x]);
-
-        }
-
-        result[0] = A;
-        result[1] = B;
-        result[2] = C;
-        result[3] = D;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/CamelliaEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/CamelliaEngine.java
deleted file mode 100644
index a486e1b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/CamelliaEngine.java
+++ /dev/null

@@ -1,684 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.KeyParameter;
-
-/**
- * Camellia - based on RFC 3713.
- */
-public class CamelliaEngine
-    implements BlockCipher
-{
-    private boolean initialised = false;
-    private boolean _keyIs128;
-
-    private static final int BLOCK_SIZE = 16;
-    private static final int MASK8 = 0xff;
-
-    private int[] subkey = new int[24 * 4];
-    private int[] kw = new int[4 * 2]; // for whitening
-    private int[] ke = new int[6 * 2]; // for FL and FL^(-1)
-    private int[] state = new int[4]; // for encryption and decryption
-
-    private static final int SIGMA[] = {
-        0xa09e667f, 0x3bcc908b,
-        0xb67ae858, 0x4caa73b2,
-        0xc6ef372f, 0xe94f82be,
-        0x54ff53a5, 0xf1d36f1c,
-        0x10e527fa, 0xde682d1d,
-        0xb05688c2, 0xb3e6c1fd
-    };
-
-    /*
-    *
-    * S-box data
-    *
-    */
-    private static final int SBOX1_1110[] = {
-        0x70707000, 0x82828200, 0x2c2c2c00, 0xececec00, 0xb3b3b300, 0x27272700,
-        0xc0c0c000, 0xe5e5e500, 0xe4e4e400, 0x85858500, 0x57575700, 0x35353500,
-        0xeaeaea00, 0x0c0c0c00, 0xaeaeae00, 0x41414100, 0x23232300, 0xefefef00,
-        0x6b6b6b00, 0x93939300, 0x45454500, 0x19191900, 0xa5a5a500, 0x21212100,
-        0xededed00, 0x0e0e0e00, 0x4f4f4f00, 0x4e4e4e00, 0x1d1d1d00, 0x65656500,
-        0x92929200, 0xbdbdbd00, 0x86868600, 0xb8b8b800, 0xafafaf00, 0x8f8f8f00,
-        0x7c7c7c00, 0xebebeb00, 0x1f1f1f00, 0xcecece00, 0x3e3e3e00, 0x30303000,
-        0xdcdcdc00, 0x5f5f5f00, 0x5e5e5e00, 0xc5c5c500, 0x0b0b0b00, 0x1a1a1a00,
-        0xa6a6a600, 0xe1e1e100, 0x39393900, 0xcacaca00, 0xd5d5d500, 0x47474700,
-        0x5d5d5d00, 0x3d3d3d00, 0xd9d9d900, 0x01010100, 0x5a5a5a00, 0xd6d6d600,
-        0x51515100, 0x56565600, 0x6c6c6c00, 0x4d4d4d00, 0x8b8b8b00, 0x0d0d0d00,
-        0x9a9a9a00, 0x66666600, 0xfbfbfb00, 0xcccccc00, 0xb0b0b000, 0x2d2d2d00,
-        0x74747400, 0x12121200, 0x2b2b2b00, 0x20202000, 0xf0f0f000, 0xb1b1b100,
-        0x84848400, 0x99999900, 0xdfdfdf00, 0x4c4c4c00, 0xcbcbcb00, 0xc2c2c200,
-        0x34343400, 0x7e7e7e00, 0x76767600, 0x05050500, 0x6d6d6d00, 0xb7b7b700,
-        0xa9a9a900, 0x31313100, 0xd1d1d100, 0x17171700, 0x04040400, 0xd7d7d700,
-        0x14141400, 0x58585800, 0x3a3a3a00, 0x61616100, 0xdedede00, 0x1b1b1b00,
-        0x11111100, 0x1c1c1c00, 0x32323200, 0x0f0f0f00, 0x9c9c9c00, 0x16161600,
-        0x53535300, 0x18181800, 0xf2f2f200, 0x22222200, 0xfefefe00, 0x44444400,
-        0xcfcfcf00, 0xb2b2b200, 0xc3c3c300, 0xb5b5b500, 0x7a7a7a00, 0x91919100,
-        0x24242400, 0x08080800, 0xe8e8e800, 0xa8a8a800, 0x60606000, 0xfcfcfc00,
-        0x69696900, 0x50505000, 0xaaaaaa00, 0xd0d0d000, 0xa0a0a000, 0x7d7d7d00,
-        0xa1a1a100, 0x89898900, 0x62626200, 0x97979700, 0x54545400, 0x5b5b5b00,
-        0x1e1e1e00, 0x95959500, 0xe0e0e000, 0xffffff00, 0x64646400, 0xd2d2d200,
-        0x10101000, 0xc4c4c400, 0x00000000, 0x48484800, 0xa3a3a300, 0xf7f7f700,
-        0x75757500, 0xdbdbdb00, 0x8a8a8a00, 0x03030300, 0xe6e6e600, 0xdadada00,
-        0x09090900, 0x3f3f3f00, 0xdddddd00, 0x94949400, 0x87878700, 0x5c5c5c00,
-        0x83838300, 0x02020200, 0xcdcdcd00, 0x4a4a4a00, 0x90909000, 0x33333300,
-        0x73737300, 0x67676700, 0xf6f6f600, 0xf3f3f300, 0x9d9d9d00, 0x7f7f7f00,
-        0xbfbfbf00, 0xe2e2e200, 0x52525200, 0x9b9b9b00, 0xd8d8d800, 0x26262600,
-        0xc8c8c800, 0x37373700, 0xc6c6c600, 0x3b3b3b00, 0x81818100, 0x96969600,
-        0x6f6f6f00, 0x4b4b4b00, 0x13131300, 0xbebebe00, 0x63636300, 0x2e2e2e00,
-        0xe9e9e900, 0x79797900, 0xa7a7a700, 0x8c8c8c00, 0x9f9f9f00, 0x6e6e6e00,
-        0xbcbcbc00, 0x8e8e8e00, 0x29292900, 0xf5f5f500, 0xf9f9f900, 0xb6b6b600,
-        0x2f2f2f00, 0xfdfdfd00, 0xb4b4b400, 0x59595900, 0x78787800, 0x98989800,
-        0x06060600, 0x6a6a6a00, 0xe7e7e700, 0x46464600, 0x71717100, 0xbababa00,
-        0xd4d4d400, 0x25252500, 0xababab00, 0x42424200, 0x88888800, 0xa2a2a200,
-        0x8d8d8d00, 0xfafafa00, 0x72727200, 0x07070700, 0xb9b9b900, 0x55555500,
-        0xf8f8f800, 0xeeeeee00, 0xacacac00, 0x0a0a0a00, 0x36363600, 0x49494900,
-        0x2a2a2a00, 0x68686800, 0x3c3c3c00, 0x38383800, 0xf1f1f100, 0xa4a4a400,
-        0x40404000, 0x28282800, 0xd3d3d300, 0x7b7b7b00, 0xbbbbbb00, 0xc9c9c900,
-        0x43434300, 0xc1c1c100, 0x15151500, 0xe3e3e300, 0xadadad00, 0xf4f4f400,
-        0x77777700, 0xc7c7c700, 0x80808000, 0x9e9e9e00
-    };
-
-    private static final int SBOX4_4404[] = {
-        0x70700070, 0x2c2c002c, 0xb3b300b3, 0xc0c000c0, 0xe4e400e4, 0x57570057,
-        0xeaea00ea, 0xaeae00ae, 0x23230023, 0x6b6b006b, 0x45450045, 0xa5a500a5,
-        0xeded00ed, 0x4f4f004f, 0x1d1d001d, 0x92920092, 0x86860086, 0xafaf00af,
-        0x7c7c007c, 0x1f1f001f, 0x3e3e003e, 0xdcdc00dc, 0x5e5e005e, 0x0b0b000b,
-        0xa6a600a6, 0x39390039, 0xd5d500d5, 0x5d5d005d, 0xd9d900d9, 0x5a5a005a,
-        0x51510051, 0x6c6c006c, 0x8b8b008b, 0x9a9a009a, 0xfbfb00fb, 0xb0b000b0,
-        0x74740074, 0x2b2b002b, 0xf0f000f0, 0x84840084, 0xdfdf00df, 0xcbcb00cb,
-        0x34340034, 0x76760076, 0x6d6d006d, 0xa9a900a9, 0xd1d100d1, 0x04040004,
-        0x14140014, 0x3a3a003a, 0xdede00de, 0x11110011, 0x32320032, 0x9c9c009c,
-        0x53530053, 0xf2f200f2, 0xfefe00fe, 0xcfcf00cf, 0xc3c300c3, 0x7a7a007a,
-        0x24240024, 0xe8e800e8, 0x60600060, 0x69690069, 0xaaaa00aa, 0xa0a000a0,
-        0xa1a100a1, 0x62620062, 0x54540054, 0x1e1e001e, 0xe0e000e0, 0x64640064,
-        0x10100010, 0x00000000, 0xa3a300a3, 0x75750075, 0x8a8a008a, 0xe6e600e6,
-        0x09090009, 0xdddd00dd, 0x87870087, 0x83830083, 0xcdcd00cd, 0x90900090,
-        0x73730073, 0xf6f600f6, 0x9d9d009d, 0xbfbf00bf, 0x52520052, 0xd8d800d8,
-        0xc8c800c8, 0xc6c600c6, 0x81810081, 0x6f6f006f, 0x13130013, 0x63630063,
-        0xe9e900e9, 0xa7a700a7, 0x9f9f009f, 0xbcbc00bc, 0x29290029, 0xf9f900f9,
-        0x2f2f002f, 0xb4b400b4, 0x78780078, 0x06060006, 0xe7e700e7, 0x71710071,
-        0xd4d400d4, 0xabab00ab, 0x88880088, 0x8d8d008d, 0x72720072, 0xb9b900b9,
-        0xf8f800f8, 0xacac00ac, 0x36360036, 0x2a2a002a, 0x3c3c003c, 0xf1f100f1,
-        0x40400040, 0xd3d300d3, 0xbbbb00bb, 0x43430043, 0x15150015, 0xadad00ad,
-        0x77770077, 0x80800080, 0x82820082, 0xecec00ec, 0x27270027, 0xe5e500e5,
-        0x85850085, 0x35350035, 0x0c0c000c, 0x41410041, 0xefef00ef, 0x93930093,
-        0x19190019, 0x21210021, 0x0e0e000e, 0x4e4e004e, 0x65650065, 0xbdbd00bd,
-        0xb8b800b8, 0x8f8f008f, 0xebeb00eb, 0xcece00ce, 0x30300030, 0x5f5f005f,
-        0xc5c500c5, 0x1a1a001a, 0xe1e100e1, 0xcaca00ca, 0x47470047, 0x3d3d003d,
-        0x01010001, 0xd6d600d6, 0x56560056, 0x4d4d004d, 0x0d0d000d, 0x66660066,
-        0xcccc00cc, 0x2d2d002d, 0x12120012, 0x20200020, 0xb1b100b1, 0x99990099,
-        0x4c4c004c, 0xc2c200c2, 0x7e7e007e, 0x05050005, 0xb7b700b7, 0x31310031,
-        0x17170017, 0xd7d700d7, 0x58580058, 0x61610061, 0x1b1b001b, 0x1c1c001c,
-        0x0f0f000f, 0x16160016, 0x18180018, 0x22220022, 0x44440044, 0xb2b200b2,
-        0xb5b500b5, 0x91910091, 0x08080008, 0xa8a800a8, 0xfcfc00fc, 0x50500050,
-        0xd0d000d0, 0x7d7d007d, 0x89890089, 0x97970097, 0x5b5b005b, 0x95950095,
-        0xffff00ff, 0xd2d200d2, 0xc4c400c4, 0x48480048, 0xf7f700f7, 0xdbdb00db,
-        0x03030003, 0xdada00da, 0x3f3f003f, 0x94940094, 0x5c5c005c, 0x02020002,
-        0x4a4a004a, 0x33330033, 0x67670067, 0xf3f300f3, 0x7f7f007f, 0xe2e200e2,
-        0x9b9b009b, 0x26260026, 0x37370037, 0x3b3b003b, 0x96960096, 0x4b4b004b,
-        0xbebe00be, 0x2e2e002e, 0x79790079, 0x8c8c008c, 0x6e6e006e, 0x8e8e008e,
-        0xf5f500f5, 0xb6b600b6, 0xfdfd00fd, 0x59590059, 0x98980098, 0x6a6a006a,
-        0x46460046, 0xbaba00ba, 0x25250025, 0x42420042, 0xa2a200a2, 0xfafa00fa,
-        0x07070007, 0x55550055, 0xeeee00ee, 0x0a0a000a, 0x49490049, 0x68680068,
-        0x38380038, 0xa4a400a4, 0x28280028, 0x7b7b007b, 0xc9c900c9, 0xc1c100c1,
-        0xe3e300e3, 0xf4f400f4, 0xc7c700c7, 0x9e9e009e
-    };
-
-    private static final int SBOX2_0222[] = {
-        0x00e0e0e0, 0x00050505, 0x00585858, 0x00d9d9d9, 0x00676767, 0x004e4e4e,
-        0x00818181, 0x00cbcbcb, 0x00c9c9c9, 0x000b0b0b, 0x00aeaeae, 0x006a6a6a,
-        0x00d5d5d5, 0x00181818, 0x005d5d5d, 0x00828282, 0x00464646, 0x00dfdfdf,
-        0x00d6d6d6, 0x00272727, 0x008a8a8a, 0x00323232, 0x004b4b4b, 0x00424242,
-        0x00dbdbdb, 0x001c1c1c, 0x009e9e9e, 0x009c9c9c, 0x003a3a3a, 0x00cacaca,
-        0x00252525, 0x007b7b7b, 0x000d0d0d, 0x00717171, 0x005f5f5f, 0x001f1f1f,
-        0x00f8f8f8, 0x00d7d7d7, 0x003e3e3e, 0x009d9d9d, 0x007c7c7c, 0x00606060,
-        0x00b9b9b9, 0x00bebebe, 0x00bcbcbc, 0x008b8b8b, 0x00161616, 0x00343434,
-        0x004d4d4d, 0x00c3c3c3, 0x00727272, 0x00959595, 0x00ababab, 0x008e8e8e,
-        0x00bababa, 0x007a7a7a, 0x00b3b3b3, 0x00020202, 0x00b4b4b4, 0x00adadad,
-        0x00a2a2a2, 0x00acacac, 0x00d8d8d8, 0x009a9a9a, 0x00171717, 0x001a1a1a,
-        0x00353535, 0x00cccccc, 0x00f7f7f7, 0x00999999, 0x00616161, 0x005a5a5a,
-        0x00e8e8e8, 0x00242424, 0x00565656, 0x00404040, 0x00e1e1e1, 0x00636363,
-        0x00090909, 0x00333333, 0x00bfbfbf, 0x00989898, 0x00979797, 0x00858585,
-        0x00686868, 0x00fcfcfc, 0x00ececec, 0x000a0a0a, 0x00dadada, 0x006f6f6f,
-        0x00535353, 0x00626262, 0x00a3a3a3, 0x002e2e2e, 0x00080808, 0x00afafaf,
-        0x00282828, 0x00b0b0b0, 0x00747474, 0x00c2c2c2, 0x00bdbdbd, 0x00363636,
-        0x00222222, 0x00383838, 0x00646464, 0x001e1e1e, 0x00393939, 0x002c2c2c,
-        0x00a6a6a6, 0x00303030, 0x00e5e5e5, 0x00444444, 0x00fdfdfd, 0x00888888,
-        0x009f9f9f, 0x00656565, 0x00878787, 0x006b6b6b, 0x00f4f4f4, 0x00232323,
-        0x00484848, 0x00101010, 0x00d1d1d1, 0x00515151, 0x00c0c0c0, 0x00f9f9f9,
-        0x00d2d2d2, 0x00a0a0a0, 0x00555555, 0x00a1a1a1, 0x00414141, 0x00fafafa,
-        0x00434343, 0x00131313, 0x00c4c4c4, 0x002f2f2f, 0x00a8a8a8, 0x00b6b6b6,
-        0x003c3c3c, 0x002b2b2b, 0x00c1c1c1, 0x00ffffff, 0x00c8c8c8, 0x00a5a5a5,
-        0x00202020, 0x00898989, 0x00000000, 0x00909090, 0x00474747, 0x00efefef,
-        0x00eaeaea, 0x00b7b7b7, 0x00151515, 0x00060606, 0x00cdcdcd, 0x00b5b5b5,
-        0x00121212, 0x007e7e7e, 0x00bbbbbb, 0x00292929, 0x000f0f0f, 0x00b8b8b8,
-        0x00070707, 0x00040404, 0x009b9b9b, 0x00949494, 0x00212121, 0x00666666,
-        0x00e6e6e6, 0x00cecece, 0x00ededed, 0x00e7e7e7, 0x003b3b3b, 0x00fefefe,
-        0x007f7f7f, 0x00c5c5c5, 0x00a4a4a4, 0x00373737, 0x00b1b1b1, 0x004c4c4c,
-        0x00919191, 0x006e6e6e, 0x008d8d8d, 0x00767676, 0x00030303, 0x002d2d2d,
-        0x00dedede, 0x00969696, 0x00262626, 0x007d7d7d, 0x00c6c6c6, 0x005c5c5c,
-        0x00d3d3d3, 0x00f2f2f2, 0x004f4f4f, 0x00191919, 0x003f3f3f, 0x00dcdcdc,
-        0x00797979, 0x001d1d1d, 0x00525252, 0x00ebebeb, 0x00f3f3f3, 0x006d6d6d,
-        0x005e5e5e, 0x00fbfbfb, 0x00696969, 0x00b2b2b2, 0x00f0f0f0, 0x00313131,
-        0x000c0c0c, 0x00d4d4d4, 0x00cfcfcf, 0x008c8c8c, 0x00e2e2e2, 0x00757575,
-        0x00a9a9a9, 0x004a4a4a, 0x00575757, 0x00848484, 0x00111111, 0x00454545,
-        0x001b1b1b, 0x00f5f5f5, 0x00e4e4e4, 0x000e0e0e, 0x00737373, 0x00aaaaaa,
-        0x00f1f1f1, 0x00dddddd, 0x00595959, 0x00141414, 0x006c6c6c, 0x00929292,
-        0x00545454, 0x00d0d0d0, 0x00787878, 0x00707070, 0x00e3e3e3, 0x00494949,
-        0x00808080, 0x00505050, 0x00a7a7a7, 0x00f6f6f6, 0x00777777, 0x00939393,
-        0x00868686, 0x00838383, 0x002a2a2a, 0x00c7c7c7, 0x005b5b5b, 0x00e9e9e9,
-        0x00eeeeee, 0x008f8f8f, 0x00010101, 0x003d3d3d
-    };
-
-    private static final int SBOX3_3033[] = {
-        0x38003838, 0x41004141, 0x16001616, 0x76007676, 0xd900d9d9, 0x93009393,
-        0x60006060, 0xf200f2f2, 0x72007272, 0xc200c2c2, 0xab00abab, 0x9a009a9a,
-        0x75007575, 0x06000606, 0x57005757, 0xa000a0a0, 0x91009191, 0xf700f7f7,
-        0xb500b5b5, 0xc900c9c9, 0xa200a2a2, 0x8c008c8c, 0xd200d2d2, 0x90009090,
-        0xf600f6f6, 0x07000707, 0xa700a7a7, 0x27002727, 0x8e008e8e, 0xb200b2b2,
-        0x49004949, 0xde00dede, 0x43004343, 0x5c005c5c, 0xd700d7d7, 0xc700c7c7,
-        0x3e003e3e, 0xf500f5f5, 0x8f008f8f, 0x67006767, 0x1f001f1f, 0x18001818,
-        0x6e006e6e, 0xaf00afaf, 0x2f002f2f, 0xe200e2e2, 0x85008585, 0x0d000d0d,
-        0x53005353, 0xf000f0f0, 0x9c009c9c, 0x65006565, 0xea00eaea, 0xa300a3a3,
-        0xae00aeae, 0x9e009e9e, 0xec00ecec, 0x80008080, 0x2d002d2d, 0x6b006b6b,
-        0xa800a8a8, 0x2b002b2b, 0x36003636, 0xa600a6a6, 0xc500c5c5, 0x86008686,
-        0x4d004d4d, 0x33003333, 0xfd00fdfd, 0x66006666, 0x58005858, 0x96009696,
-        0x3a003a3a, 0x09000909, 0x95009595, 0x10001010, 0x78007878, 0xd800d8d8,
-        0x42004242, 0xcc00cccc, 0xef00efef, 0x26002626, 0xe500e5e5, 0x61006161,
-        0x1a001a1a, 0x3f003f3f, 0x3b003b3b, 0x82008282, 0xb600b6b6, 0xdb00dbdb,
-        0xd400d4d4, 0x98009898, 0xe800e8e8, 0x8b008b8b, 0x02000202, 0xeb00ebeb,
-        0x0a000a0a, 0x2c002c2c, 0x1d001d1d, 0xb000b0b0, 0x6f006f6f, 0x8d008d8d,
-        0x88008888, 0x0e000e0e, 0x19001919, 0x87008787, 0x4e004e4e, 0x0b000b0b,
-        0xa900a9a9, 0x0c000c0c, 0x79007979, 0x11001111, 0x7f007f7f, 0x22002222,
-        0xe700e7e7, 0x59005959, 0xe100e1e1, 0xda00dada, 0x3d003d3d, 0xc800c8c8,
-        0x12001212, 0x04000404, 0x74007474, 0x54005454, 0x30003030, 0x7e007e7e,
-        0xb400b4b4, 0x28002828, 0x55005555, 0x68006868, 0x50005050, 0xbe00bebe,
-        0xd000d0d0, 0xc400c4c4, 0x31003131, 0xcb00cbcb, 0x2a002a2a, 0xad00adad,
-        0x0f000f0f, 0xca00caca, 0x70007070, 0xff00ffff, 0x32003232, 0x69006969,
-        0x08000808, 0x62006262, 0x00000000, 0x24002424, 0xd100d1d1, 0xfb00fbfb,
-        0xba00baba, 0xed00eded, 0x45004545, 0x81008181, 0x73007373, 0x6d006d6d,
-        0x84008484, 0x9f009f9f, 0xee00eeee, 0x4a004a4a, 0xc300c3c3, 0x2e002e2e,
-        0xc100c1c1, 0x01000101, 0xe600e6e6, 0x25002525, 0x48004848, 0x99009999,
-        0xb900b9b9, 0xb300b3b3, 0x7b007b7b, 0xf900f9f9, 0xce00cece, 0xbf00bfbf,
-        0xdf00dfdf, 0x71007171, 0x29002929, 0xcd00cdcd, 0x6c006c6c, 0x13001313,
-        0x64006464, 0x9b009b9b, 0x63006363, 0x9d009d9d, 0xc000c0c0, 0x4b004b4b,
-        0xb700b7b7, 0xa500a5a5, 0x89008989, 0x5f005f5f, 0xb100b1b1, 0x17001717,
-        0xf400f4f4, 0xbc00bcbc, 0xd300d3d3, 0x46004646, 0xcf00cfcf, 0x37003737,
-        0x5e005e5e, 0x47004747, 0x94009494, 0xfa00fafa, 0xfc00fcfc, 0x5b005b5b,
-        0x97009797, 0xfe00fefe, 0x5a005a5a, 0xac00acac, 0x3c003c3c, 0x4c004c4c,
-        0x03000303, 0x35003535, 0xf300f3f3, 0x23002323, 0xb800b8b8, 0x5d005d5d,
-        0x6a006a6a, 0x92009292, 0xd500d5d5, 0x21002121, 0x44004444, 0x51005151,
-        0xc600c6c6, 0x7d007d7d, 0x39003939, 0x83008383, 0xdc00dcdc, 0xaa00aaaa,
-        0x7c007c7c, 0x77007777, 0x56005656, 0x05000505, 0x1b001b1b, 0xa400a4a4,
-        0x15001515, 0x34003434, 0x1e001e1e, 0x1c001c1c, 0xf800f8f8, 0x52005252,
-        0x20002020, 0x14001414, 0xe900e9e9, 0xbd00bdbd, 0xdd00dddd, 0xe400e4e4,
-        0xa100a1a1, 0xe000e0e0, 0x8a008a8a, 0xf100f1f1, 0xd600d6d6, 0x7a007a7a,
-        0xbb00bbbb, 0xe300e3e3, 0x40004040, 0x4f004f4f
-    };
-
-    private static int rightRotate(int x, int s)
-    {
-        return (((x) >>> (s)) + ((x) << (32 - s)));
-    }
-
-    private static int leftRotate(int x, int s)
-    {
-        return ((x) << (s)) + ((x) >>> (32 - s));
-    }
-
-    private static void roldq(int rot, int[] ki, int ioff,
-                                    int[] ko, int ooff)
-    {
-        ko[0 + ooff] = (ki[0 + ioff] << rot) | (ki[1 + ioff] >>> (32 - rot));
-        ko[1 + ooff] = (ki[1 + ioff] << rot) | (ki[2 + ioff] >>> (32 - rot));
-        ko[2 + ooff] = (ki[2 + ioff] << rot) | (ki[3 + ioff] >>> (32 - rot));
-        ko[3 + ooff] = (ki[3 + ioff] << rot) | (ki[0 + ioff] >>> (32 - rot));
-        ki[0 + ioff] = ko[0 + ooff];
-        ki[1 + ioff] = ko[1 + ooff];
-        ki[2 + ioff] = ko[2 + ooff];
-        ki[3 + ioff] = ko[3 + ooff];
-    }
-
-    private static void decroldq(int rot, int[] ki, int ioff,
-                                       int[] ko, int ooff)
-    {
-        ko[2 + ooff] = (ki[0 + ioff] << rot) | (ki[1 + ioff] >>> (32 - rot));
-        ko[3 + ooff] = (ki[1 + ioff] << rot) | (ki[2 + ioff] >>> (32 - rot));
-        ko[0 + ooff] = (ki[2 + ioff] << rot) | (ki[3 + ioff] >>> (32 - rot));
-        ko[1 + ooff] = (ki[3 + ioff] << rot) | (ki[0 + ioff] >>> (32 - rot));
-        ki[0 + ioff] = ko[2 + ooff];
-        ki[1 + ioff] = ko[3 + ooff];
-        ki[2 + ioff] = ko[0 + ooff];
-        ki[3 + ioff] = ko[1 + ooff];
-    }
-
-    private static void roldqo32(int rot, int[] ki, int ioff,
-                                       int[] ko, int ooff)
-    {
-        ko[0 + ooff] = (ki[1 + ioff] << (rot - 32)) | (ki[2 + ioff] >>> (64 - rot));
-        ko[1 + ooff] = (ki[2 + ioff] << (rot - 32)) | (ki[3 + ioff] >>> (64 - rot));
-        ko[2 + ooff] = (ki[3 + ioff] << (rot - 32)) | (ki[0 + ioff] >>> (64 - rot));
-        ko[3 + ooff] = (ki[0 + ioff] << (rot - 32)) | (ki[1 + ioff] >>> (64 - rot));
-        ki[0 + ioff] = ko[0 + ooff];
-        ki[1 + ioff] = ko[1 + ooff];
-        ki[2 + ioff] = ko[2 + ooff];
-        ki[3 + ioff] = ko[3 + ooff];
-    }
-
-    private static void decroldqo32(int rot, int[] ki, int ioff,
-                                          int[] ko, int ooff)
-    {
-        ko[2 + ooff] = (ki[1 + ioff] << (rot - 32)) | (ki[2 + ioff] >>> (64 - rot));
-        ko[3 + ooff] = (ki[2 + ioff] << (rot - 32)) | (ki[3 + ioff] >>> (64 - rot));
-        ko[0 + ooff] = (ki[3 + ioff] << (rot - 32)) | (ki[0 + ioff] >>> (64 - rot));
-        ko[1 + ooff] = (ki[0 + ioff] << (rot - 32)) | (ki[1 + ioff] >>> (64 - rot));
-        ki[0 + ioff] = ko[2 + ooff];
-        ki[1 + ioff] = ko[3 + ooff];
-        ki[2 + ioff] = ko[0 + ooff];
-        ki[3 + ioff] = ko[1 + ooff];
-    }
-
-    private int bytes2int(byte[] src, int offset)
-    {
-        int word = 0;
-
-        for (int i = 0; i < 4; i++)
-        {
-            word = (word << 8) + (src[i + offset] & MASK8);
-        }
-        return word;
-    }
-
-    private void int2bytes(int word, byte[] dst, int offset)
-    {
-        for (int i = 0; i < 4; i++)
-        {
-            dst[(3 - i) + offset] = (byte)word;
-            word >>>= 8;
-        }
-    }
-
-    private void camelliaF2(int[] s, int[] skey, int keyoff)
-    {
-        int t1, t2, u, v;
-
-        t1 = s[0] ^ skey[0 + keyoff];
-        u = SBOX4_4404[t1 & MASK8];
-        u ^= SBOX3_3033[(t1 >>> 8) & MASK8];
-        u ^= SBOX2_0222[(t1 >>> 16) & MASK8];
-        u ^= SBOX1_1110[(t1 >>> 24) & MASK8];
-        t2 = s[1] ^ skey[1 + keyoff];
-        v = SBOX1_1110[t2 & MASK8];
-        v ^= SBOX4_4404[(t2 >>> 8) & MASK8];
-        v ^= SBOX3_3033[(t2 >>> 16) & MASK8];
-        v ^= SBOX2_0222[(t2 >>> 24) & MASK8];
-
-        s[2] ^= u ^ v;
-        s[3] ^= u ^ v ^ rightRotate(u, 8);
-
-        t1 = s[2] ^ skey[2 + keyoff];
-        u = SBOX4_4404[t1 & MASK8];
-        u ^= SBOX3_3033[(t1 >>> 8) & MASK8];
-        u ^= SBOX2_0222[(t1 >>> 16) & MASK8];
-        u ^= SBOX1_1110[(t1 >>> 24) & MASK8];
-        t2 = s[3] ^ skey[3 + keyoff];
-        v = SBOX1_1110[t2 & MASK8];
-        v ^= SBOX4_4404[(t2 >>> 8) & MASK8];
-        v ^= SBOX3_3033[(t2 >>> 16) & MASK8];
-        v ^= SBOX2_0222[(t2 >>> 24) & MASK8];
-
-        s[0] ^= u ^ v;
-        s[1] ^= u ^ v ^ rightRotate(u, 8);
-    }
-
-    private void camelliaFLs(int[] s, int[] fkey, int keyoff)
-    {
-
-        s[1] ^= leftRotate(s[0] & fkey[0 + keyoff], 1);
-        s[0] ^= fkey[1 + keyoff] | s[1];
-
-        s[2] ^= fkey[3 + keyoff] | s[3];
-        s[3] ^= leftRotate(fkey[2 + keyoff] & s[2], 1);
-    }
-
-    private void setKey(boolean forEncryption, byte[] key)
-    {
-        int[] k = new int[8];
-        int[] ka = new int[4];
-        int[] kb = new int[4];
-        int[] t = new int[4];
-
-        switch (key.length)
-        {
-            case 16:
-                _keyIs128 = true;
-                k[0] = bytes2int(key, 0);
-                k[1] = bytes2int(key, 4);
-                k[2] = bytes2int(key, 8);
-                k[3] = bytes2int(key, 12);
-                k[4] = k[5] = k[6] = k[7] = 0;
-                break;
-            case 24:
-                k[0] = bytes2int(key, 0);
-                k[1] = bytes2int(key, 4);
-                k[2] = bytes2int(key, 8);
-                k[3] = bytes2int(key, 12);
-                k[4] = bytes2int(key, 16);
-                k[5] = bytes2int(key, 20);
-                k[6] = ~k[4];
-                k[7] = ~k[5];
-                _keyIs128 = false;
-                break;
-            case 32:
-                k[0] = bytes2int(key, 0);
-                k[1] = bytes2int(key, 4);
-                k[2] = bytes2int(key, 8);
-                k[3] = bytes2int(key, 12);
-                k[4] = bytes2int(key, 16);
-                k[5] = bytes2int(key, 20);
-                k[6] = bytes2int(key, 24);
-                k[7] = bytes2int(key, 28);
-                _keyIs128 = false;
-                break;
-            default:
-                throw new
-                    IllegalArgumentException("key sizes are only 16/24/32 bytes.");
-        }
-
-        for (int i = 0; i < 4; i++)
-        {
-            ka[i] = k[i] ^ k[i + 4];
-        }
-        /* compute KA */
-        camelliaF2(ka, SIGMA, 0);
-        for (int i = 0; i < 4; i++)
-        {
-            ka[i] ^= k[i];
-        }
-        camelliaF2(ka, SIGMA, 4);
-
-        if (_keyIs128)
-        {
-            if (forEncryption)
-            {
-                /* KL dependant keys */
-                kw[0] = k[0];
-                kw[1] = k[1];
-                kw[2] = k[2];
-                kw[3] = k[3];
-                roldq(15, k, 0, subkey, 4);
-                roldq(30, k, 0, subkey, 12);
-                roldq(15, k, 0, t, 0);
-                subkey[18] = t[2];
-                subkey[19] = t[3];
-                roldq(17, k, 0, ke, 4);
-                roldq(17, k, 0, subkey, 24);
-                roldq(17, k, 0, subkey, 32);
-                /* KA dependant keys */
-                subkey[0] = ka[0];
-                subkey[1] = ka[1];
-                subkey[2] = ka[2];
-                subkey[3] = ka[3];
-                roldq(15, ka, 0, subkey, 8);
-                roldq(15, ka, 0, ke, 0);
-                roldq(15, ka, 0, t, 0);
-                subkey[16] = t[0];
-                subkey[17] = t[1];
-                roldq(15, ka, 0, subkey, 20);
-                roldqo32(34, ka, 0, subkey, 28);
-                roldq(17, ka, 0, kw, 4);
-
-            }
-            else
-            { // decryption
-                /* KL dependant keys */
-                kw[4] = k[0];
-                kw[5] = k[1];
-                kw[6] = k[2];
-                kw[7] = k[3];
-                decroldq(15, k, 0, subkey, 28);
-                decroldq(30, k, 0, subkey, 20);
-                decroldq(15, k, 0, t, 0);
-                subkey[16] = t[0];
-                subkey[17] = t[1];
-                decroldq(17, k, 0, ke, 0);
-                decroldq(17, k, 0, subkey, 8);
-                decroldq(17, k, 0, subkey, 0);
-                /* KA dependant keys */
-                subkey[34] = ka[0];
-                subkey[35] = ka[1];
-                subkey[32] = ka[2];
-                subkey[33] = ka[3];
-                decroldq(15, ka, 0, subkey, 24);
-                decroldq(15, ka, 0, ke, 4);
-                decroldq(15, ka, 0, t, 0);
-                subkey[18] = t[2];
-                subkey[19] = t[3];
-                decroldq(15, ka, 0, subkey, 12);
-                decroldqo32(34, ka, 0, subkey, 4);
-                roldq(17, ka, 0, kw, 0);
-            }
-        }
-        else
-        { // 192bit or 256bit
-            /* compute KB */
-            for (int i = 0; i < 4; i++)
-            {
-                kb[i] = ka[i] ^ k[i + 4];
-            }
-            camelliaF2(kb, SIGMA, 8);
-
-            if (forEncryption)
-            {
-                /* KL dependant keys */
-                kw[0] = k[0];
-                kw[1] = k[1];
-                kw[2] = k[2];
-                kw[3] = k[3];
-                roldqo32(45, k, 0, subkey, 16);
-                roldq(15, k, 0, ke, 4);
-                roldq(17, k, 0, subkey, 32);
-                roldqo32(34, k, 0, subkey, 44);
-                /* KR dependant keys */
-                roldq(15, k, 4, subkey, 4);
-                roldq(15, k, 4, ke, 0);
-                roldq(30, k, 4, subkey, 24);
-                roldqo32(34, k, 4, subkey, 36);
-                /* KA dependant keys */
-                roldq(15, ka, 0, subkey, 8);
-                roldq(30, ka, 0, subkey, 20);
-                /* 32bit rotation */
-                ke[8] = ka[1];
-                ke[9] = ka[2];
-                ke[10] = ka[3];
-                ke[11] = ka[0];
-                roldqo32(49, ka, 0, subkey, 40);
-
-                /* KB dependant keys */
-                subkey[0] = kb[0];
-                subkey[1] = kb[1];
-                subkey[2] = kb[2];
-                subkey[3] = kb[3];
-                roldq(30, kb, 0, subkey, 12);
-                roldq(30, kb, 0, subkey, 28);
-                roldqo32(51, kb, 0, kw, 4);
-
-            }
-            else
-            { // decryption
-                /* KL dependant keys */
-                kw[4] = k[0];
-                kw[5] = k[1];
-                kw[6] = k[2];
-                kw[7] = k[3];
-                decroldqo32(45, k, 0, subkey, 28);
-                decroldq(15, k, 0, ke, 4);
-                decroldq(17, k, 0, subkey, 12);
-                decroldqo32(34, k, 0, subkey, 0);
-                /* KR dependant keys */
-                decroldq(15, k, 4, subkey, 40);
-                decroldq(15, k, 4, ke, 8);
-                decroldq(30, k, 4, subkey, 20);
-                decroldqo32(34, k, 4, subkey, 8);
-                /* KA dependant keys */
-                decroldq(15, ka, 0, subkey, 36);
-                decroldq(30, ka, 0, subkey, 24);
-                /* 32bit rotation */
-                ke[2] = ka[1];
-                ke[3] = ka[2];
-                ke[0] = ka[3];
-                ke[1] = ka[0];
-                decroldqo32(49, ka, 0, subkey, 4);
-
-                /* KB dependant keys */
-                subkey[46] = kb[0];
-                subkey[47] = kb[1];
-                subkey[44] = kb[2];
-                subkey[45] = kb[3];
-                decroldq(30, kb, 0, subkey, 32);
-                decroldq(30, kb, 0, subkey, 16);
-                roldqo32(51, kb, 0, kw, 0);
-            }
-        }
-    }
-
-    private int processBlock128(byte[] in, int inOff,
-                                      byte[] out, int outOff)
-    {
-        for (int i = 0; i < 4; i++)
-        {
-            state[i] = bytes2int(in, inOff + (i * 4));
-            state[i] ^= kw[i];
-        }
-
-        camelliaF2(state, subkey, 0);
-        camelliaF2(state, subkey, 4);
-        camelliaF2(state, subkey, 8);
-        camelliaFLs(state, ke, 0);
-        camelliaF2(state, subkey, 12);
-        camelliaF2(state, subkey, 16);
-        camelliaF2(state, subkey, 20);
-        camelliaFLs(state, ke, 4);
-        camelliaF2(state, subkey, 24);
-        camelliaF2(state, subkey, 28);
-        camelliaF2(state, subkey, 32);
-
-        state[2] ^= kw[4];
-        state[3] ^= kw[5];
-        state[0] ^= kw[6];
-        state[1] ^= kw[7];
-
-        int2bytes(state[2], out, outOff);
-        int2bytes(state[3], out, outOff + 4);
-        int2bytes(state[0], out, outOff + 8);
-        int2bytes(state[1], out, outOff + 12);
-
-        return BLOCK_SIZE;
-    }
-
-    private int processBlock192or256(byte[] in, int inOff,
-                                           byte[] out, int outOff)
-    {
-        for (int i = 0; i < 4; i++)
-        {
-            state[i] = bytes2int(in, inOff + (i * 4));
-            state[i] ^= kw[i];
-        }
-
-        camelliaF2(state, subkey, 0);
-        camelliaF2(state, subkey, 4);
-        camelliaF2(state, subkey, 8);
-        camelliaFLs(state, ke, 0);
-        camelliaF2(state, subkey, 12);
-        camelliaF2(state, subkey, 16);
-        camelliaF2(state, subkey, 20);
-        camelliaFLs(state, ke, 4);
-        camelliaF2(state, subkey, 24);
-        camelliaF2(state, subkey, 28);
-        camelliaF2(state, subkey, 32);
-        camelliaFLs(state, ke, 8);
-        camelliaF2(state, subkey, 36);
-        camelliaF2(state, subkey, 40);
-        camelliaF2(state, subkey, 44);
-
-        state[2] ^= kw[4];
-        state[3] ^= kw[5];
-        state[0] ^= kw[6];
-        state[1] ^= kw[7];
-
-        int2bytes(state[2], out, outOff);
-        int2bytes(state[3], out, outOff + 4);
-        int2bytes(state[0], out, outOff + 8);
-        int2bytes(state[1], out, outOff + 12);
-        return BLOCK_SIZE;
-    }
-
-    public CamelliaEngine()
-    {
-    }
-
-    public void init(boolean forEncryption, CipherParameters params)
-        throws IllegalArgumentException
-    {
-        if (!(params instanceof KeyParameter))
-        {
-            throw new IllegalArgumentException("only simple KeyParameter expected.");
-        }
-
-        setKey(forEncryption, ((KeyParameter)params).getKey());
-        initialised = true;
-    }
-
-    public String getAlgorithmName()
-    {
-        return "Camellia";
-    }
-
-    public int getBlockSize()
-    {
-        return BLOCK_SIZE;
-    }
-
-    public int processBlock(
-        byte[] in,
-        int inOff,
-        byte[] out,
-        int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        if (!initialised)
-        {
-            throw new IllegalStateException("Camellia engine not initialised");
-        }
-
-        if ((inOff + BLOCK_SIZE) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-
-        if ((outOff + BLOCK_SIZE) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-
-        if (_keyIs128)
-        {
-            return processBlock128(in, inOff, out, outOff);
-        }
-        else
-        {
-            return processBlock192or256(in, inOff, out, outOff);
-        }
-    }
-
-    public void reset()
-    {
-        // nothing
-
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/CamelliaLightEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/CamelliaLightEngine.java
deleted file mode 100644
index 2b1e71b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/CamelliaLightEngine.java
+++ /dev/null

@@ -1,592 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.KeyParameter;
-
-/**
- * Camellia - based on RFC 3713, smaller implementation, about half the size of CamelliaEngine.
- */
-
-public class CamelliaLightEngine
-    implements BlockCipher
-{
-    private static final int BLOCK_SIZE = 16;
-    private static final int MASK8 = 0xff;
-    private boolean initialized;
-    private boolean _keyis128;
-
-    private int[] subkey = new int[24 * 4];
-    private int[] kw = new int[4 * 2]; // for whitening
-    private int[] ke = new int[6 * 2]; // for FL and FL^(-1)
-    private int[] state = new int[4]; // for encryption and decryption
-
-    private static final int SIGMA[] = {
-        0xa09e667f, 0x3bcc908b,
-        0xb67ae858, 0x4caa73b2,
-        0xc6ef372f, 0xe94f82be,
-        0x54ff53a5, 0xf1d36f1c,
-        0x10e527fa, 0xde682d1d,
-        0xb05688c2, 0xb3e6c1fd
-    };
-
-    /*
-    *
-    * S-box data
-    *
-    */
-    private static final byte SBOX1[] = {
-        (byte)112, (byte)130, (byte)44, (byte)236,
-        (byte)179, (byte)39, (byte)192, (byte)229,
-        (byte)228, (byte)133, (byte)87, (byte)53,
-        (byte)234, (byte)12, (byte)174, (byte)65,
-        (byte)35, (byte)239, (byte)107, (byte)147,
-        (byte)69, (byte)25, (byte)165, (byte)33,
-        (byte)237, (byte)14, (byte)79, (byte)78,
-        (byte)29, (byte)101, (byte)146, (byte)189,
-        (byte)134, (byte)184, (byte)175, (byte)143,
-        (byte)124, (byte)235, (byte)31, (byte)206,
-        (byte)62, (byte)48, (byte)220, (byte)95,
-        (byte)94, (byte)197, (byte)11, (byte)26,
-        (byte)166, (byte)225, (byte)57, (byte)202,
-        (byte)213, (byte)71, (byte)93, (byte)61,
-        (byte)217, (byte)1, (byte)90, (byte)214,
-        (byte)81, (byte)86, (byte)108, (byte)77,
-        (byte)139, (byte)13, (byte)154, (byte)102,
-        (byte)251, (byte)204, (byte)176, (byte)45,
-        (byte)116, (byte)18, (byte)43, (byte)32,
-        (byte)240, (byte)177, (byte)132, (byte)153,
-        (byte)223, (byte)76, (byte)203, (byte)194,
-        (byte)52, (byte)126, (byte)118, (byte)5,
-        (byte)109, (byte)183, (byte)169, (byte)49,
-        (byte)209, (byte)23, (byte)4, (byte)215,
-        (byte)20, (byte)88, (byte)58, (byte)97,
-        (byte)222, (byte)27, (byte)17, (byte)28,
-        (byte)50, (byte)15, (byte)156, (byte)22,
-        (byte)83, (byte)24, (byte)242, (byte)34,
-        (byte)254, (byte)68, (byte)207, (byte)178,
-        (byte)195, (byte)181, (byte)122, (byte)145,
-        (byte)36, (byte)8, (byte)232, (byte)168,
-        (byte)96, (byte)252, (byte)105, (byte)80,
-        (byte)170, (byte)208, (byte)160, (byte)125,
-        (byte)161, (byte)137, (byte)98, (byte)151,
-        (byte)84, (byte)91, (byte)30, (byte)149,
-        (byte)224, (byte)255, (byte)100, (byte)210,
-        (byte)16, (byte)196, (byte)0, (byte)72,
-        (byte)163, (byte)247, (byte)117, (byte)219,
-        (byte)138, (byte)3, (byte)230, (byte)218,
-        (byte)9, (byte)63, (byte)221, (byte)148,
-        (byte)135, (byte)92, (byte)131, (byte)2,
-        (byte)205, (byte)74, (byte)144, (byte)51,
-        (byte)115, (byte)103, (byte)246, (byte)243,
-        (byte)157, (byte)127, (byte)191, (byte)226,
-        (byte)82, (byte)155, (byte)216, (byte)38,
-        (byte)200, (byte)55, (byte)198, (byte)59,
-        (byte)129, (byte)150, (byte)111, (byte)75,
-        (byte)19, (byte)190, (byte)99, (byte)46,
-        (byte)233, (byte)121, (byte)167, (byte)140,
-        (byte)159, (byte)110, (byte)188, (byte)142,
-        (byte)41, (byte)245, (byte)249, (byte)182,
-        (byte)47, (byte)253, (byte)180, (byte)89,
-        (byte)120, (byte)152, (byte)6, (byte)106,
-        (byte)231, (byte)70, (byte)113, (byte)186,
-        (byte)212, (byte)37, (byte)171, (byte)66,
-        (byte)136, (byte)162, (byte)141, (byte)250,
-        (byte)114, (byte)7, (byte)185, (byte)85,
-        (byte)248, (byte)238, (byte)172, (byte)10,
-        (byte)54, (byte)73, (byte)42, (byte)104,
-        (byte)60, (byte)56, (byte)241, (byte)164,
-        (byte)64, (byte)40, (byte)211, (byte)123,
-        (byte)187, (byte)201, (byte)67, (byte)193,
-        (byte)21, (byte)227, (byte)173, (byte)244,
-        (byte)119, (byte)199, (byte)128, (byte)158
-    };
-
-    private static int rightRotate(int x, int s)
-    {
-        return (((x) >>> (s)) + ((x) << (32 - s)));
-    }
-
-    private static int leftRotate(int x, int s)
-    {
-        return ((x) << (s)) + ((x) >>> (32 - s));
-    }
-
-    private static void roldq(int rot, int[] ki, int ioff,
-                                    int[] ko, int ooff)
-    {
-        ko[0 + ooff] = (ki[0 + ioff] << rot) | (ki[1 + ioff] >>> (32 - rot));
-        ko[1 + ooff] = (ki[1 + ioff] << rot) | (ki[2 + ioff] >>> (32 - rot));
-        ko[2 + ooff] = (ki[2 + ioff] << rot) | (ki[3 + ioff] >>> (32 - rot));
-        ko[3 + ooff] = (ki[3 + ioff] << rot) | (ki[0 + ioff] >>> (32 - rot));
-        ki[0 + ioff] = ko[0 + ooff];
-        ki[1 + ioff] = ko[1 + ooff];
-        ki[2 + ioff] = ko[2 + ooff];
-        ki[3 + ioff] = ko[3 + ooff];
-    }
-
-    private static void decroldq(int rot, int[] ki, int ioff,
-                                       int[] ko, int ooff)
-    {
-        ko[2 + ooff] = (ki[0 + ioff] << rot) | (ki[1 + ioff] >>> (32 - rot));
-        ko[3 + ooff] = (ki[1 + ioff] << rot) | (ki[2 + ioff] >>> (32 - rot));
-        ko[0 + ooff] = (ki[2 + ioff] << rot) | (ki[3 + ioff] >>> (32 - rot));
-        ko[1 + ooff] = (ki[3 + ioff] << rot) | (ki[0 + ioff] >>> (32 - rot));
-        ki[0 + ioff] = ko[2 + ooff];
-        ki[1 + ioff] = ko[3 + ooff];
-        ki[2 + ioff] = ko[0 + ooff];
-        ki[3 + ioff] = ko[1 + ooff];
-    }
-
-    private static void roldqo32(int rot, int[] ki, int ioff,
-                                       int[] ko, int ooff)
-    {
-        ko[0 + ooff] = (ki[1 + ioff] << (rot - 32)) | (ki[2 + ioff] >>> (64 - rot));
-        ko[1 + ooff] = (ki[2 + ioff] << (rot - 32)) | (ki[3 + ioff] >>> (64 - rot));
-        ko[2 + ooff] = (ki[3 + ioff] << (rot - 32)) | (ki[0 + ioff] >>> (64 - rot));
-        ko[3 + ooff] = (ki[0 + ioff] << (rot - 32)) | (ki[1 + ioff] >>> (64 - rot));
-        ki[0 + ioff] = ko[0 + ooff];
-        ki[1 + ioff] = ko[1 + ooff];
-        ki[2 + ioff] = ko[2 + ooff];
-        ki[3 + ioff] = ko[3 + ooff];
-    }
-
-    private static void decroldqo32(int rot, int[] ki, int ioff,
-                                          int[] ko, int ooff)
-    {
-        ko[2 + ooff] = (ki[1 + ioff] << (rot - 32)) | (ki[2 + ioff] >>> (64 - rot));
-        ko[3 + ooff] = (ki[2 + ioff] << (rot - 32)) | (ki[3 + ioff] >>> (64 - rot));
-        ko[0 + ooff] = (ki[3 + ioff] << (rot - 32)) | (ki[0 + ioff] >>> (64 - rot));
-        ko[1 + ooff] = (ki[0 + ioff] << (rot - 32)) | (ki[1 + ioff] >>> (64 - rot));
-        ki[0 + ioff] = ko[2 + ooff];
-        ki[1 + ioff] = ko[3 + ooff];
-        ki[2 + ioff] = ko[0 + ooff];
-        ki[3 + ioff] = ko[1 + ooff];
-    }
-
-    private int bytes2int(byte[] src, int offset)
-    {
-        int word = 0;
-
-        for (int i = 0; i < 4; i++)
-        {
-            word = (word << 8) + (src[i + offset] & MASK8);
-        }
-        return word;
-    }
-
-    private void int2bytes(int word, byte[] dst, int offset)
-    {
-        for (int i = 0; i < 4; i++)
-        {
-            dst[(3 - i) + offset] = (byte)word;
-            word >>>= 8;
-        }
-    }
-
-    private byte lRot8(byte v, int rot)
-    {
-        return (byte)((v << rot) | ((v & 0xff) >>> (8 - rot)));
-    }
-
-    private int sbox2(int x)
-    {
-        return (lRot8(SBOX1[x], 1) & MASK8);
-    }
-
-    private int sbox3(int x)
-    {
-        return (lRot8(SBOX1[x], 7) & MASK8);
-    }
-
-    private int sbox4(int x)
-    {
-        return (SBOX1[((int)lRot8((byte)x, 1) & MASK8)] & MASK8);
-    }
-
-    private void camelliaF2(int[] s, int[] skey, int keyoff)
-    {
-        int t1, t2, u, v;
-
-        t1 = s[0] ^ skey[0 + keyoff];
-        u = sbox4((t1 & MASK8));
-        u |= (sbox3(((t1 >>> 8) & MASK8)) << 8);
-        u |= (sbox2(((t1 >>> 16) & MASK8)) << 16);
-        u |= ((int)(SBOX1[((t1 >>> 24) & MASK8)] & MASK8) << 24);
-
-        t2 = s[1] ^ skey[1 + keyoff];
-        v = (int)SBOX1[(t2 & MASK8)] & MASK8;
-        v |= (sbox4(((t2 >>> 8) & MASK8)) << 8);
-        v |= (sbox3(((t2 >>> 16) & MASK8)) << 16);
-        v |= (sbox2(((t2 >>> 24) & MASK8)) << 24);
-
-        v = leftRotate(v, 8);
-        u ^= v;
-        v = leftRotate(v, 8) ^ u;
-        u = rightRotate(u, 8) ^ v;
-        s[2] ^= leftRotate(v, 16) ^ u;
-        s[3] ^= leftRotate(u, 8);
-
-        t1 = s[2] ^ skey[2 + keyoff];
-        u = sbox4((t1 & MASK8));
-        u |= sbox3(((t1 >>> 8) & MASK8)) << 8;
-        u |= sbox2(((t1 >>> 16) & MASK8)) << 16;
-        u |= ((int)SBOX1[((t1 >>> 24) & MASK8)] & MASK8) << 24;
-
-        t2 = s[3] ^ skey[3 + keyoff];
-        v = ((int)SBOX1[(t2 & MASK8)] & MASK8);
-        v |= sbox4(((t2 >>> 8) & MASK8)) << 8;
-        v |= sbox3(((t2 >>> 16) & MASK8)) << 16;
-        v |= sbox2(((t2 >>> 24) & MASK8)) << 24;
-
-        v = leftRotate(v, 8);
-        u ^= v;
-        v = leftRotate(v, 8) ^ u;
-        u = rightRotate(u, 8) ^ v;
-        s[0] ^= leftRotate(v, 16) ^ u;
-        s[1] ^= leftRotate(u, 8);
-    }
-
-    private void camelliaFLs(int[] s, int[] fkey, int keyoff)
-    {
-
-        s[1] ^= leftRotate(s[0] & fkey[0 + keyoff], 1);
-        s[0] ^= fkey[1 + keyoff] | s[1];
-
-        s[2] ^= fkey[3 + keyoff] | s[3];
-        s[3] ^= leftRotate(fkey[2 + keyoff] & s[2], 1);
-    }
-
-    private void setKey(boolean forEncryption, byte[] key)
-    {
-        int[] k = new int[8];
-        int[] ka = new int[4];
-        int[] kb = new int[4];
-        int[] t = new int[4];
-
-        switch (key.length)
-        {
-            case 16:
-                _keyis128 = true;
-                k[0] = bytes2int(key, 0);
-                k[1] = bytes2int(key, 4);
-                k[2] = bytes2int(key, 8);
-                k[3] = bytes2int(key, 12);
-                k[4] = k[5] = k[6] = k[7] = 0;
-                break;
-            case 24:
-                k[0] = bytes2int(key, 0);
-                k[1] = bytes2int(key, 4);
-                k[2] = bytes2int(key, 8);
-                k[3] = bytes2int(key, 12);
-                k[4] = bytes2int(key, 16);
-                k[5] = bytes2int(key, 20);
-                k[6] = ~k[4];
-                k[7] = ~k[5];
-                _keyis128 = false;
-                break;
-            case 32:
-                k[0] = bytes2int(key, 0);
-                k[1] = bytes2int(key, 4);
-                k[2] = bytes2int(key, 8);
-                k[3] = bytes2int(key, 12);
-                k[4] = bytes2int(key, 16);
-                k[5] = bytes2int(key, 20);
-                k[6] = bytes2int(key, 24);
-                k[7] = bytes2int(key, 28);
-                _keyis128 = false;
-                break;
-            default:
-                throw new
-                    IllegalArgumentException("key sizes are only 16/24/32 bytes.");
-        }
-
-        for (int i = 0; i < 4; i++)
-        {
-            ka[i] = k[i] ^ k[i + 4];
-        }
-        /* compute KA */
-        camelliaF2(ka, SIGMA, 0);
-        for (int i = 0; i < 4; i++)
-        {
-            ka[i] ^= k[i];
-        }
-        camelliaF2(ka, SIGMA, 4);
-
-        if (_keyis128)
-        {
-            if (forEncryption)
-            {
-                /* KL dependant keys */
-                kw[0] = k[0];
-                kw[1] = k[1];
-                kw[2] = k[2];
-                kw[3] = k[3];
-                roldq(15, k, 0, subkey, 4);
-                roldq(30, k, 0, subkey, 12);
-                roldq(15, k, 0, t, 0);
-                subkey[18] = t[2];
-                subkey[19] = t[3];
-                roldq(17, k, 0, ke, 4);
-                roldq(17, k, 0, subkey, 24);
-                roldq(17, k, 0, subkey, 32);
-                /* KA dependant keys */
-                subkey[0] = ka[0];
-                subkey[1] = ka[1];
-                subkey[2] = ka[2];
-                subkey[3] = ka[3];
-                roldq(15, ka, 0, subkey, 8);
-                roldq(15, ka, 0, ke, 0);
-                roldq(15, ka, 0, t, 0);
-                subkey[16] = t[0];
-                subkey[17] = t[1];
-                roldq(15, ka, 0, subkey, 20);
-                roldqo32(34, ka, 0, subkey, 28);
-                roldq(17, ka, 0, kw, 4);
-
-            }
-            else
-            { // decryption
-                /* KL dependant keys */
-                kw[4] = k[0];
-                kw[5] = k[1];
-                kw[6] = k[2];
-                kw[7] = k[3];
-                decroldq(15, k, 0, subkey, 28);
-                decroldq(30, k, 0, subkey, 20);
-                decroldq(15, k, 0, t, 0);
-                subkey[16] = t[0];
-                subkey[17] = t[1];
-                decroldq(17, k, 0, ke, 0);
-                decroldq(17, k, 0, subkey, 8);
-                decroldq(17, k, 0, subkey, 0);
-                /* KA dependant keys */
-                subkey[34] = ka[0];
-                subkey[35] = ka[1];
-                subkey[32] = ka[2];
-                subkey[33] = ka[3];
-                decroldq(15, ka, 0, subkey, 24);
-                decroldq(15, ka, 0, ke, 4);
-                decroldq(15, ka, 0, t, 0);
-                subkey[18] = t[2];
-                subkey[19] = t[3];
-                decroldq(15, ka, 0, subkey, 12);
-                decroldqo32(34, ka, 0, subkey, 4);
-                roldq(17, ka, 0, kw, 0);
-            }
-        }
-        else
-        { // 192bit or 256bit
-            /* compute KB */
-            for (int i = 0; i < 4; i++)
-            {
-                kb[i] = ka[i] ^ k[i + 4];
-            }
-            camelliaF2(kb, SIGMA, 8);
-
-            if (forEncryption)
-            {
-                /* KL dependant keys */
-                kw[0] = k[0];
-                kw[1] = k[1];
-                kw[2] = k[2];
-                kw[3] = k[3];
-                roldqo32(45, k, 0, subkey, 16);
-                roldq(15, k, 0, ke, 4);
-                roldq(17, k, 0, subkey, 32);
-                roldqo32(34, k, 0, subkey, 44);
-                /* KR dependant keys */
-                roldq(15, k, 4, subkey, 4);
-                roldq(15, k, 4, ke, 0);
-                roldq(30, k, 4, subkey, 24);
-                roldqo32(34, k, 4, subkey, 36);
-                /* KA dependant keys */
-                roldq(15, ka, 0, subkey, 8);
-                roldq(30, ka, 0, subkey, 20);
-                /* 32bit rotation */
-                ke[8] = ka[1];
-                ke[9] = ka[2];
-                ke[10] = ka[3];
-                ke[11] = ka[0];
-                roldqo32(49, ka, 0, subkey, 40);
-
-                /* KB dependant keys */
-                subkey[0] = kb[0];
-                subkey[1] = kb[1];
-                subkey[2] = kb[2];
-                subkey[3] = kb[3];
-                roldq(30, kb, 0, subkey, 12);
-                roldq(30, kb, 0, subkey, 28);
-                roldqo32(51, kb, 0, kw, 4);
-
-            }
-            else
-            { // decryption
-                /* KL dependant keys */
-                kw[4] = k[0];
-                kw[5] = k[1];
-                kw[6] = k[2];
-                kw[7] = k[3];
-                decroldqo32(45, k, 0, subkey, 28);
-                decroldq(15, k, 0, ke, 4);
-                decroldq(17, k, 0, subkey, 12);
-                decroldqo32(34, k, 0, subkey, 0);
-                /* KR dependant keys */
-                decroldq(15, k, 4, subkey, 40);
-                decroldq(15, k, 4, ke, 8);
-                decroldq(30, k, 4, subkey, 20);
-                decroldqo32(34, k, 4, subkey, 8);
-                /* KA dependant keys */
-                decroldq(15, ka, 0, subkey, 36);
-                decroldq(30, ka, 0, subkey, 24);
-                /* 32bit rotation */
-                ke[2] = ka[1];
-                ke[3] = ka[2];
-                ke[0] = ka[3];
-                ke[1] = ka[0];
-                decroldqo32(49, ka, 0, subkey, 4);
-
-                /* KB dependant keys */
-                subkey[46] = kb[0];
-                subkey[47] = kb[1];
-                subkey[44] = kb[2];
-                subkey[45] = kb[3];
-                decroldq(30, kb, 0, subkey, 32);
-                decroldq(30, kb, 0, subkey, 16);
-                roldqo32(51, kb, 0, kw, 0);
-            }
-        }
-    }
-
-    private int processBlock128(byte[] in, int inOff,
-                                      byte[] out, int outOff)
-    {
-        for (int i = 0; i < 4; i++)
-        {
-            state[i] = bytes2int(in, inOff + (i * 4));
-            state[i] ^= kw[i];
-        }
-
-        camelliaF2(state, subkey, 0);
-        camelliaF2(state, subkey, 4);
-        camelliaF2(state, subkey, 8);
-        camelliaFLs(state, ke, 0);
-        camelliaF2(state, subkey, 12);
-        camelliaF2(state, subkey, 16);
-        camelliaF2(state, subkey, 20);
-        camelliaFLs(state, ke, 4);
-        camelliaF2(state, subkey, 24);
-        camelliaF2(state, subkey, 28);
-        camelliaF2(state, subkey, 32);
-
-        state[2] ^= kw[4];
-        state[3] ^= kw[5];
-        state[0] ^= kw[6];
-        state[1] ^= kw[7];
-
-        int2bytes(state[2], out, outOff);
-        int2bytes(state[3], out, outOff + 4);
-        int2bytes(state[0], out, outOff + 8);
-        int2bytes(state[1], out, outOff + 12);
-
-        return BLOCK_SIZE;
-    }
-
-    private int processBlock192or256(byte[] in, int inOff,
-                                           byte[] out, int outOff)
-    {
-        for (int i = 0; i < 4; i++)
-        {
-            state[i] = bytes2int(in, inOff + (i * 4));
-            state[i] ^= kw[i];
-        }
-
-        camelliaF2(state, subkey, 0);
-        camelliaF2(state, subkey, 4);
-        camelliaF2(state, subkey, 8);
-        camelliaFLs(state, ke, 0);
-        camelliaF2(state, subkey, 12);
-        camelliaF2(state, subkey, 16);
-        camelliaF2(state, subkey, 20);
-        camelliaFLs(state, ke, 4);
-        camelliaF2(state, subkey, 24);
-        camelliaF2(state, subkey, 28);
-        camelliaF2(state, subkey, 32);
-        camelliaFLs(state, ke, 8);
-        camelliaF2(state, subkey, 36);
-        camelliaF2(state, subkey, 40);
-        camelliaF2(state, subkey, 44);
-
-        state[2] ^= kw[4];
-        state[3] ^= kw[5];
-        state[0] ^= kw[6];
-        state[1] ^= kw[7];
-
-        int2bytes(state[2], out, outOff);
-        int2bytes(state[3], out, outOff + 4);
-        int2bytes(state[0], out, outOff + 8);
-        int2bytes(state[1], out, outOff + 12);
-        return BLOCK_SIZE;
-    }
-
-    public CamelliaLightEngine()
-    {
-    }
-
-    public String getAlgorithmName()
-    {
-        return "Camellia";
-    }
-
-    public int getBlockSize()
-    {
-        return BLOCK_SIZE;
-    }
-
-    public void init(boolean forEncryption, CipherParameters params)
-    {
-        if (!(params instanceof KeyParameter))
-        {
-            throw new IllegalArgumentException("only simple KeyParameter expected.");
-        }
-
-        setKey(forEncryption, ((KeyParameter)params).getKey());
-        initialized = true;
-    }
-
-    public int processBlock(byte[] in, int inOff,
-                            byte[] out, int outOff)
-        throws IllegalStateException
-    {
-
-        if (!initialized)
-        {
-            throw new IllegalStateException("Camellia is not initialized");
-        }
-
-        if ((inOff + BLOCK_SIZE) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-
-        if ((outOff + BLOCK_SIZE) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-        
-        if (_keyis128)
-        {
-            return processBlock128(in, inOff, out, outOff);
-        }
-        else
-        {
-            return processBlock192or256(in, inOff, out, outOff);
-        }
-    }
-
-    public void reset()
-    {
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/CamelliaWrapEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/CamelliaWrapEngine.java
deleted file mode 100644
index 5ca239a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/CamelliaWrapEngine.java
+++ /dev/null

@@ -1,15 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-/**
- * An implementation of the Camellia key wrapper based on RFC 3657/RFC 3394.
- * <p>
- * For further details see: <a href="http://www.ietf.org/rfc/rfc3657.txt">http://www.ietf.org/rfc/rfc3657.txt</a>.
- */
-public class CamelliaWrapEngine
-    extends RFC3394WrapEngine
-{
-    public CamelliaWrapEngine()
-    {
-        super(new CamelliaEngine());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/ChaCha7539Engine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/ChaCha7539Engine.java
deleted file mode 100644
index c795c85..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/ChaCha7539Engine.java
+++ /dev/null

@@ -1,120 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.util.Pack;
-
-/**
- * Implementation of Daniel J. Bernstein's ChaCha stream cipher.
- */
-public class ChaCha7539Engine extends Salsa20Engine
-{
-    /**
-     * Creates a 20 rounds ChaCha engine.
-     */
-    public ChaCha7539Engine()
-    {
-        super();
-    }
-
-    public String getAlgorithmName()
-    {
-        return "ChaCha7539-" + rounds;
-    }
-
-    protected int getNonceSize()
-    {
-        return 12;
-    }
-
-    protected void advanceCounter(long diff)
-    {
-        int hi = (int)(diff >>> 32);
-        int lo = (int)diff;
-
-        if (hi > 0)
-        {
-            throw new IllegalStateException("attempt to increase counter past 2^32.");
-        }
-
-        int oldState = engineState[12];
-
-        engineState[12] += lo;
-
-        if (oldState != 0 && engineState[12] < oldState)
-        {
-            throw new IllegalStateException("attempt to increase counter past 2^32.");
-        }
-    }
-
-    protected void advanceCounter()
-    {
-        if (++engineState[12] == 0)
-        {
-            throw new IllegalStateException("attempt to increase counter past 2^32.");
-        }
-    }
-
-    protected void retreatCounter(long diff)
-    {
-        int hi = (int)(diff >>> 32);
-        int lo = (int)diff;
-
-        if (hi != 0)
-        {
-            throw new IllegalStateException("attempt to reduce counter past zero.");
-        }
-
-        if ((engineState[12] & 0xffffffffL) >= (lo & 0xffffffffL))
-        {
-            engineState[12] -= lo;
-        }
-        else
-        {
-            throw new IllegalStateException("attempt to reduce counter past zero.");
-        }
-    }
-
-    protected void retreatCounter()
-    {
-        if (engineState[12] == 0)
-        {
-            throw new IllegalStateException("attempt to reduce counter past zero.");
-        }
-
-        --engineState[12];
-    }
-
-    protected long getCounter()
-    {
-        return engineState[12] & 0xffffffffL;
-    }
-
-    protected void resetCounter()
-    {
-        engineState[12] = 0;
-    }
-
-    protected void setKey(byte[] keyBytes, byte[] ivBytes)
-    {
-        if (keyBytes != null)
-        {
-            if (keyBytes.length != 32)
-            {
-                throw new IllegalArgumentException(getAlgorithmName() + " requires 256 bit key");
-            }
-
-            packTauOrSigma(keyBytes.length, engineState, 0);
-
-            // Key
-            Pack.littleEndianToInt(keyBytes, 0, engineState, 4, 8);
-        }
-
-        // IV
-        Pack.littleEndianToInt(ivBytes, 0, engineState, 13, 3);
-    }
-
-    protected void generateKeyStream(byte[] output)
-    {
-        ChaChaEngine.chachaCore(rounds, engineState, x);
-        Pack.intToLittleEndian(x, output, 0);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/ChaChaEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/ChaChaEngine.java
deleted file mode 100644
index 58a2171..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/ChaChaEngine.java
+++ /dev/null

@@ -1,235 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.util.Pack;
-
-/**
- * Implementation of Daniel J. Bernstein's ChaCha stream cipher.
- */
-public class ChaChaEngine extends Salsa20Engine
-{
-    /**
-     * Creates a 20 rounds ChaCha engine.
-     */
-    public ChaChaEngine()
-    {
-        super();
-    }
-
-    /**
-     * Creates a ChaCha engine with a specific number of rounds.
-     * @param rounds the number of rounds (must be an even number).
-     */
-    public ChaChaEngine(int rounds)
-    {
-        super(rounds);
-    }
-
-    public String getAlgorithmName()
-    {
-        return "ChaCha" + rounds;
-    }
-
-    protected void advanceCounter(long diff)
-    {
-        int hi = (int)(diff >>> 32);
-        int lo = (int)diff;
-
-        if (hi > 0)
-        {
-            engineState[13] += hi;
-        }
-
-        int oldState = engineState[12];
-
-        engineState[12] += lo;
-
-        if (oldState != 0 && engineState[12] < oldState)
-        {
-            engineState[13]++;
-        }
-    }
-
-    protected void advanceCounter()
-    {
-        if (++engineState[12] == 0)
-        {
-            ++engineState[13];
-        }
-    }
-
-    protected void retreatCounter(long diff)
-    {
-        int hi = (int)(diff >>> 32);
-        int lo = (int)diff;
-
-        if (hi != 0)
-        {
-            if ((engineState[13] & 0xffffffffL) >= (hi & 0xffffffffL))
-            {
-                engineState[13] -= hi;
-            }
-            else
-            {
-                throw new IllegalStateException("attempt to reduce counter past zero.");
-            }
-        }
-
-        if ((engineState[12] & 0xffffffffL) >= (lo & 0xffffffffL))
-        {
-            engineState[12] -= lo;
-        }
-        else
-        {
-            if (engineState[13] != 0)
-            {
-                --engineState[13];
-                engineState[12] -= lo;
-            }
-            else
-            {
-                throw new IllegalStateException("attempt to reduce counter past zero.");
-            }
-        }
-    }
-
-    protected void retreatCounter()
-    {
-        if (engineState[12] == 0 && engineState[13] == 0)
-        {
-            throw new IllegalStateException("attempt to reduce counter past zero.");
-        }
-
-        if (--engineState[12] == -1)
-        {
-            --engineState[13];
-        }
-    }
-
-    protected long getCounter()
-    {
-        return ((long)engineState[13] << 32) | (engineState[12] & 0xffffffffL);
-    }
-
-    protected void resetCounter()
-    {
-        engineState[12] = engineState[13] = 0;
-    }
-
-    protected void setKey(byte[] keyBytes, byte[] ivBytes)
-    {
-        if (keyBytes != null)
-        {
-            if ((keyBytes.length != 16) && (keyBytes.length != 32))
-            {
-                throw new IllegalArgumentException(getAlgorithmName() + " requires 128 bit or 256 bit key");
-            }
-
-            packTauOrSigma(keyBytes.length, engineState, 0);
-
-            // Key
-            Pack.littleEndianToInt(keyBytes, 0, engineState, 4, 4);
-            Pack.littleEndianToInt(keyBytes, keyBytes.length - 16, engineState, 8, 4);
-        }
-
-        // IV
-        Pack.littleEndianToInt(ivBytes, 0, engineState, 14, 2);
-    }
-
-    protected void generateKeyStream(byte[] output)
-    {
-        chachaCore(rounds, engineState, x);
-        Pack.intToLittleEndian(x, output, 0);
-    }
-
-    /**
-     * ChaCha function
-     *
-     * @param   input   input data
-     */    
-    public static void chachaCore(int rounds, int[] input, int[] x)
-    {
-        if (input.length != 16)
-        {
-            throw new IllegalArgumentException();
-        }
-        if (x.length != 16)
-        {
-            throw new IllegalArgumentException();
-        }
-        if (rounds % 2 != 0)
-        {
-            throw new IllegalArgumentException("Number of rounds must be even");
-        }
-
-        int x00 = input[ 0];
-        int x01 = input[ 1];
-        int x02 = input[ 2];
-        int x03 = input[ 3];
-        int x04 = input[ 4];
-        int x05 = input[ 5];
-        int x06 = input[ 6];
-        int x07 = input[ 7];
-        int x08 = input[ 8];
-        int x09 = input[ 9];
-        int x10 = input[10];
-        int x11 = input[11];
-        int x12 = input[12];
-        int x13 = input[13];
-        int x14 = input[14];
-        int x15 = input[15];
-
-        for (int i = rounds; i > 0; i -= 2)
-        {
-            x00 += x04; x12 = rotl(x12 ^ x00, 16);
-            x08 += x12; x04 = rotl(x04 ^ x08, 12);
-            x00 += x04; x12 = rotl(x12 ^ x00, 8);
-            x08 += x12; x04 = rotl(x04 ^ x08, 7);
-            x01 += x05; x13 = rotl(x13 ^ x01, 16);
-            x09 += x13; x05 = rotl(x05 ^ x09, 12);
-            x01 += x05; x13 = rotl(x13 ^ x01, 8);
-            x09 += x13; x05 = rotl(x05 ^ x09, 7);
-            x02 += x06; x14 = rotl(x14 ^ x02, 16);
-            x10 += x14; x06 = rotl(x06 ^ x10, 12);
-            x02 += x06; x14 = rotl(x14 ^ x02, 8);
-            x10 += x14; x06 = rotl(x06 ^ x10, 7);
-            x03 += x07; x15 = rotl(x15 ^ x03, 16);
-            x11 += x15; x07 = rotl(x07 ^ x11, 12);
-            x03 += x07; x15 = rotl(x15 ^ x03, 8);
-            x11 += x15; x07 = rotl(x07 ^ x11, 7);
-            x00 += x05; x15 = rotl(x15 ^ x00, 16);
-            x10 += x15; x05 = rotl(x05 ^ x10, 12);
-            x00 += x05; x15 = rotl(x15 ^ x00, 8);
-            x10 += x15; x05 = rotl(x05 ^ x10, 7);
-            x01 += x06; x12 = rotl(x12 ^ x01, 16);
-            x11 += x12; x06 = rotl(x06 ^ x11, 12);
-            x01 += x06; x12 = rotl(x12 ^ x01, 8);
-            x11 += x12; x06 = rotl(x06 ^ x11, 7);
-            x02 += x07; x13 = rotl(x13 ^ x02, 16);
-            x08 += x13; x07 = rotl(x07 ^ x08, 12);
-            x02 += x07; x13 = rotl(x13 ^ x02, 8);
-            x08 += x13; x07 = rotl(x07 ^ x08, 7);
-            x03 += x04; x14 = rotl(x14 ^ x03, 16);
-            x09 += x14; x04 = rotl(x04 ^ x09, 12);
-            x03 += x04; x14 = rotl(x14 ^ x03, 8);
-            x09 += x14; x04 = rotl(x04 ^ x09, 7);
-
-        }
-
-        x[ 0] = x00 + input[ 0];
-        x[ 1] = x01 + input[ 1];
-        x[ 2] = x02 + input[ 2];
-        x[ 3] = x03 + input[ 3];
-        x[ 4] = x04 + input[ 4];
-        x[ 5] = x05 + input[ 5];
-        x[ 6] = x06 + input[ 6];
-        x[ 7] = x07 + input[ 7];
-        x[ 8] = x08 + input[ 8];
-        x[ 9] = x09 + input[ 9];
-        x[10] = x10 + input[10];
-        x[11] = x11 + input[11];
-        x[12] = x12 + input[12];
-        x[13] = x13 + input[13];
-        x[14] = x14 + input[14];
-        x[15] = x15 + input[15];
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/CramerShoupCiphertext.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/CramerShoupCiphertext.java
deleted file mode 100644
index edf1bd2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/CramerShoupCiphertext.java
+++ /dev/null

@@ -1,147 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Pack;
-
-/**
- * Class, holding Cramer Shoup ciphertexts (u1, u2, e, v)
- */
-public class CramerShoupCiphertext
-{
-    BigInteger u1, u2, e, v;
-
-    public CramerShoupCiphertext()
-    {
-    }
-
-    public CramerShoupCiphertext(BigInteger u1, BigInteger u2, BigInteger e, BigInteger v)
-    {
-        this.u1 = u1;
-        this.u2 = u2;
-        this.e = e;
-        this.v = v;
-    }
-
-    public CramerShoupCiphertext(byte[] c)
-    {
-        int off = 0, s;
-        byte[] tmp;
-
-        s = Pack.bigEndianToInt(c, off);
-        off += 4;
-        tmp = Arrays.copyOfRange(c, off, off + s);
-        off += s;
-        u1 = new BigInteger(tmp);
-
-        s = Pack.bigEndianToInt(c, off);
-        off += 4;
-        tmp = Arrays.copyOfRange(c, off, off + s);
-        off += s;
-        u2 = new BigInteger(tmp);
-
-        s = Pack.bigEndianToInt(c, off);
-        off += 4;
-        tmp = Arrays.copyOfRange(c, off, off + s);
-        off += s;
-        e = new BigInteger(tmp);
-
-        s = Pack.bigEndianToInt(c, off);
-        off += 4;
-        tmp = Arrays.copyOfRange(c, off, off + s);
-        off += s;
-        v = new BigInteger(tmp);
-    }
-
-    public BigInteger getU1()
-    {
-        return u1;
-    }
-
-    public void setU1(BigInteger u1)
-    {
-        this.u1 = u1;
-    }
-
-    public BigInteger getU2()
-    {
-        return u2;
-    }
-
-    public void setU2(BigInteger u2)
-    {
-        this.u2 = u2;
-    }
-
-    public BigInteger getE()
-    {
-        return e;
-    }
-
-    public void setE(BigInteger e)
-    {
-        this.e = e;
-    }
-
-    public BigInteger getV()
-    {
-        return v;
-    }
-
-    public void setV(BigInteger v)
-    {
-        this.v = v;
-    }
-
-    public String toString()
-    {
-        StringBuffer result = new StringBuffer();
-
-        result.append("u1: " + u1.toString());
-        result.append("\nu2: " + u2.toString());
-        result.append("\ne: " + e.toString());
-        result.append("\nv: " + v.toString());
-
-        return result.toString();
-    }
-
-    /**
-     * convert the cipher-text in a byte array,
-     * prepending them with 4 Bytes for their length
-     *
-     * @return a byte array of the cipher text.
-     */
-    public byte[] toByteArray()
-    {
-        byte[] u1Bytes = u1.toByteArray();
-        int u1Length = u1Bytes.length;
-        byte[] u2Bytes = u2.toByteArray();
-        int u2Length = u2Bytes.length;
-        byte[] eBytes = e.toByteArray();
-        int eLength = eBytes.length;
-        byte[] vBytes = v.toByteArray();
-        int vLength = vBytes.length;
-
-        int off = 0;
-        byte[] result = new byte[u1Length + u2Length + eLength + vLength + 4 * 4];
-        Pack.intToBigEndian(u1Length, result, off);
-        off += 4;
-        System.arraycopy(u1Bytes, 0, result, off, u1Length);
-        off += u1Length;
-        Pack.intToBigEndian(u2Length, result, off);
-        off += 4;
-        System.arraycopy(u2Bytes, 0, result, off, u2Length);
-        off += u2Length;
-        Pack.intToBigEndian(eLength, result, off);
-        off += 4;
-        System.arraycopy(eBytes, 0, result, off, eLength);
-        off += eLength;
-        Pack.intToBigEndian(vLength, result, off);
-        off += 4;
-        System.arraycopy(vBytes, 0, result, off, vLength);
-        off += vLength;
-
-        return result;
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/CramerShoupCoreEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/CramerShoupCoreEngine.java
deleted file mode 100644
index 9cd3f79..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/CramerShoupCoreEngine.java
+++ /dev/null

@@ -1,310 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.params.CramerShoupKeyParameters;
-import org.bouncycastle.crypto.params.CramerShoupPrivateKeyParameters;
-import org.bouncycastle.crypto.params.CramerShoupPublicKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.util.BigIntegers;
-import org.bouncycastle.util.Strings;
-
-/**
- * Essentially the Cramer-Shoup encryption / decryption algorithms according to
- * "A practical public key cryptosystem provably secure against adaptive chosen ciphertext attack." (Crypto 1998)
- */
-public class CramerShoupCoreEngine
-{
-    private static final BigInteger ONE = BigInteger.valueOf(1);
-
-    private CramerShoupKeyParameters key;
-    private SecureRandom random;
-    private boolean forEncryption;
-    private byte[] label = null;
-
-    /**
-     * initialise the CramerShoup engine.
-     *
-     * @param forEncryption whether this engine should encrypt or decrypt
-     * @param param         the necessary CramerShoup key parameters.
-     * @param label         the label for labelled CS as {@link String}
-     */
-    public void init(boolean forEncryption, CipherParameters param, String label)
-    {
-        init(forEncryption, param);
-
-        this.label = Strings.toUTF8ByteArray(label);
-    }
-
-    /**
-     * initialise the CramerShoup engine.
-     *
-     * @param forEncryption whether this engine should encrypt or decrypt
-     * @param param         the necessary CramerShoup key parameters.
-     */
-    public void init(boolean forEncryption, CipherParameters param)
-    {
-        SecureRandom providedRandom = null;
-
-        if (param instanceof ParametersWithRandom)
-        {
-            ParametersWithRandom rParam = (ParametersWithRandom)param;
-
-            key = (CramerShoupKeyParameters)rParam.getParameters();
-            providedRandom = rParam.getRandom();
-        }
-        else
-        {
-            key = (CramerShoupKeyParameters)param;
-        }
-
-        this.random = initSecureRandom(forEncryption, providedRandom);
-        this.forEncryption = forEncryption;
-    }
-
-    /**
-     * Return the maximum size for an input block to this engine. For Cramer
-     * Shoup this is always one byte less than the key size on encryption, and
-     * the same length as the key size on decryption.
-     * TODO: correct?
-     * @return maximum size for an input block.
-     */
-    public int getInputBlockSize()
-    {
-        int bitSize = key.getParameters().getP().bitLength();
-
-        if (forEncryption)
-        {
-            return (bitSize + 7) / 8 - 1;
-        }
-        else
-        {
-            return (bitSize + 7) / 8;
-        }
-    }
-
-    /**
-     * Return the maximum size for an output block to this engine. For Cramer
-     * Shoup this is always one byte less than the key size on decryption, and
-     * the same length as the key size on encryption.
-     * TODO: correct?
-     * @return maximum size for an output block.
-     */
-    public int getOutputBlockSize()
-    {
-        int bitSize = key.getParameters().getP().bitLength();
-
-        if (forEncryption)
-        {
-            return (bitSize + 7) / 8;
-        }
-        else
-        {
-            return (bitSize + 7) / 8 - 1;
-        }
-    }
-
-    public BigInteger convertInput(byte[] in, int inOff, int inLen)
-    {
-        if (inLen > (getInputBlockSize() + 1))
-        {
-            throw new DataLengthException("input too large for Cramer Shoup cipher.");
-        }
-        else if (inLen == (getInputBlockSize() + 1) && forEncryption)
-        {
-            throw new DataLengthException("input too large for Cramer Shoup cipher.");
-        }
-
-        byte[] block;
-
-        if (inOff != 0 || inLen != in.length)
-        {
-            block = new byte[inLen];
-
-            System.arraycopy(in, inOff, block, 0, inLen);
-        }
-        else
-        {
-            block = in;
-        }
-
-        BigInteger res = new BigInteger(1, block);
-        if (res.compareTo(key.getParameters().getP()) >= 0)
-        {
-            throw new DataLengthException("input too large for Cramer Shoup cipher.");
-        }
-
-        return res;
-    }
-
-    public byte[] convertOutput(BigInteger result)
-    {
-        byte[] output = result.toByteArray();
-
-        if (!forEncryption)
-        {
-            if (output[0] == 0 && output.length > getOutputBlockSize())
-            { // have ended up with an extra zero byte, copy down.
-                byte[] tmp = new byte[output.length - 1];
-
-                System.arraycopy(output, 1, tmp, 0, tmp.length);
-
-                return tmp;
-            }
-
-            if (output.length < getOutputBlockSize())
-            {// have ended up with less bytes than normal, lengthen
-                byte[] tmp = new byte[getOutputBlockSize()];
-
-                System.arraycopy(output, 0, tmp, tmp.length - output.length, output.length);
-
-                return tmp;
-            }
-        }
-        else
-        {
-            if (output[0] == 0)
-            { // have ended up with an extra zero byte, copy down.
-                byte[] tmp = new byte[output.length - 1];
-
-                System.arraycopy(output, 1, tmp, 0, tmp.length);
-
-                return tmp;
-            }
-        }
-
-        return output;
-    }
-
-    public CramerShoupCiphertext encryptBlock(BigInteger input)
-    {
-
-        CramerShoupCiphertext result = null;
-
-        if (!key.isPrivate() && this.forEncryption && key instanceof CramerShoupPublicKeyParameters)
-        {
-            CramerShoupPublicKeyParameters pk = (CramerShoupPublicKeyParameters)key;
-            BigInteger p = pk.getParameters().getP();
-            BigInteger g1 = pk.getParameters().getG1();
-            BigInteger g2 = pk.getParameters().getG2();
-
-            BigInteger h = pk.getH();
-
-            if (!isValidMessage(input, p))
-            {
-                return result;
-            }
-
-            BigInteger r = generateRandomElement(p, random);
-
-            BigInteger u1, u2, v, e, a;
-
-            u1 = g1.modPow(r, p);
-            u2 = g2.modPow(r, p);
-            e = h.modPow(r, p).multiply(input).mod(p);
-
-            Digest digest = pk.getParameters().getH();
-            byte[] u1Bytes = u1.toByteArray();
-            digest.update(u1Bytes, 0, u1Bytes.length);
-            byte[] u2Bytes = u2.toByteArray();
-            digest.update(u2Bytes, 0, u2Bytes.length);
-            byte[] eBytes = e.toByteArray();
-            digest.update(eBytes, 0, eBytes.length);
-            if (this.label != null)
-            {
-                byte[] lBytes = this.label;
-                digest.update(lBytes, 0, lBytes.length);
-            }
-            byte[] out = new byte[digest.getDigestSize()];
-            digest.doFinal(out, 0);
-            a = new BigInteger(1, out);
-
-            v = pk.getC().modPow(r, p).multiply(pk.getD().modPow(r.multiply(a), p)).mod(p);
-
-            result = new CramerShoupCiphertext(u1, u2, e, v);
-        }
-        return result;
-    }
-
-    public BigInteger decryptBlock(CramerShoupCiphertext input)
-        throws CramerShoupCiphertextException
-    {
-
-        BigInteger result = null;
-
-        if (key.isPrivate() && !this.forEncryption && key instanceof CramerShoupPrivateKeyParameters)
-        {
-            CramerShoupPrivateKeyParameters sk = (CramerShoupPrivateKeyParameters)key;
-
-            BigInteger p = sk.getParameters().getP();
-
-            Digest digest = sk.getParameters().getH();
-            byte[] u1Bytes = input.getU1().toByteArray();
-            digest.update(u1Bytes, 0, u1Bytes.length);
-            byte[] u2Bytes = input.getU2().toByteArray();
-            digest.update(u2Bytes, 0, u2Bytes.length);
-            byte[] eBytes = input.getE().toByteArray();
-            digest.update(eBytes, 0, eBytes.length);
-            if (this.label != null)
-            {
-                byte[] lBytes = this.label;
-                digest.update(lBytes, 0, lBytes.length);
-            }
-            byte[] out = new byte[digest.getDigestSize()];
-            digest.doFinal(out, 0);
-
-            BigInteger a = new BigInteger(1, out);
-            BigInteger v = input.u1.modPow(sk.getX1().add(sk.getY1().multiply(a)), p).
-                multiply(input.u2.modPow(sk.getX2().add(sk.getY2().multiply(a)), p)).mod(p);
-
-            // check correctness of ciphertext
-            if (input.v.equals(v))
-            {
-                result = input.e.multiply(input.u1.modPow(sk.getZ(), p).modInverse(p)).mod(p);
-            }
-            else
-            {
-                throw new CramerShoupCiphertextException("Sorry, that ciphertext is not correct");
-            }
-        }
-        return result;
-    }
-
-    private BigInteger generateRandomElement(BigInteger p, SecureRandom random)
-    {
-        return BigIntegers.createRandomInRange(ONE, p.subtract(ONE), random);
-    }
-
-    /**
-     * just checking whether the message m is actually less than the group order p
-     */
-    private boolean isValidMessage(BigInteger m, BigInteger p)
-    {
-        return m.compareTo(p) < 0;
-    }
-
-    protected SecureRandom initSecureRandom(boolean needed, SecureRandom provided)
-    {
-        return !needed ? null : (provided != null) ? provided : CryptoServicesRegistrar.getSecureRandom();
-    }
-
-    /**
-     * CS exception for wrong cipher-texts
-     */
-    public static class CramerShoupCiphertextException
-        extends Exception
-    {
-        private static final long serialVersionUID = -6360977166495345076L;
-
-        public CramerShoupCiphertextException(String msg)
-        {
-            super(msg);
-        }
-
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/CryptoProWrapEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/CryptoProWrapEngine.java
deleted file mode 100644
index d6cebac..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/CryptoProWrapEngine.java
+++ /dev/null

@@ -1,112 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.modes.GCFBBlockCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.params.ParametersWithSBox;
-import org.bouncycastle.crypto.params.ParametersWithUKM;
-import org.bouncycastle.util.Pack;
-
-public class CryptoProWrapEngine
-    extends GOST28147WrapEngine
-{
-    public void init(boolean forWrapping, CipherParameters param)
-    {
-        if (param instanceof ParametersWithRandom)
-        {
-            ParametersWithRandom pr = (ParametersWithRandom)param;
-            param = pr.getParameters();
-        }
-        
-        ParametersWithUKM pU = (ParametersWithUKM)param;
-        byte[] sBox = null;
-
-
-        KeyParameter kParam;
-
-        if (pU.getParameters() instanceof ParametersWithSBox)
-        {
-            kParam = (KeyParameter)((ParametersWithSBox)pU.getParameters()).getParameters();
-            sBox = ((ParametersWithSBox)pU.getParameters()).getSBox();
-        }
-        else
-        {
-            kParam = (KeyParameter)pU.getParameters();
-        }
-
-        kParam = new KeyParameter(cryptoProDiversify(kParam.getKey(), pU.getUKM(), sBox));
-
-        if (sBox != null)
-        {
-            super.init(forWrapping, new ParametersWithUKM(new ParametersWithSBox(kParam, sBox), pU.getUKM()));
-        }
-        else
-        {
-            super.init(forWrapping, new ParametersWithUKM(kParam, pU.getUKM()));
-        }
-    }
-
-    /*
-         RFC 4357 6.5.  CryptoPro KEK Diversification Algorithm
-
-         Given a random 64-bit UKM and a GOST 28147-89 key K, this algorithm
-         creates a new GOST 28147-89 key K(UKM).
-
-          1) Let K[0] = K;
-          2) UKM is split into components a[i,j]:
-             UKM = a[0]|..|a[7] (a[i] - byte, a[i,0]..a[i,7] - it's bits)
-          3) Let i be 0.
-          4) K[1]..K[8] are calculated by repeating the following algorithm
-             eight times:
-           A) K[i] is split into components k[i,j]:
-              K[i] = k[i,0]|k[i,1]|..|k[i,7] (k[i,j] - 32-bit integer)
-           B) Vector S[i] is calculated:
-              S[i] = ((a[i,0]*k[i,0] + ... + a[i,7]*k[i,7]) mod 2^32) |
-              (((~a[i,0])*k[i,0] + ... + (~a[i,7])*k[i,7]) mod 2^32);
-           C) K[i+1] = encryptCFB (S[i], K[i], K[i])
-           D) i = i + 1
-          5) Let K(UKM) be K[8].
-     */
-    private static byte[] cryptoProDiversify(byte[] K, byte[] ukm, byte[] sBox)
-    {
-        for (int i = 0; i != 8; i++)
-        {
-            int sOn = 0;
-            int sOff = 0;
-            for (int j = 0; j != 8; j++)
-            {
-                int kj = Pack.littleEndianToInt(K, j * 4);
-                if (bitSet(ukm[i], j))
-                {
-                    sOn += kj;
-                }
-                else
-                {
-                    sOff += kj;
-                }
-            }
-
-            byte[] s = new byte[8];
-            Pack.intToLittleEndian(sOn, s, 0);
-            Pack.intToLittleEndian(sOff, s, 4);
-
-            GCFBBlockCipher c = new GCFBBlockCipher(new GOST28147Engine());
-
-            c.init(true, new ParametersWithIV(new ParametersWithSBox(new KeyParameter(K), sBox), s));
-
-            c.processBlock(K, 0, K, 0);
-            c.processBlock(K, 8, K, 8);
-            c.processBlock(K, 16, K, 16);
-            c.processBlock(K, 24, K, 24);
-        }
-
-        return K;
-    }
-
-    private static boolean bitSet(byte v, int bitNo)
-    {
-        return (v & (1 << bitNo)) != 0;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/DESedeWrapEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/DESedeWrapEngine.java
index 9db5b42..76f20bb 100644
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/DESedeWrapEngine.java
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/engines/DESedeWrapEngine.java

@@ -11,7 +11,9 @@
 import org.bouncycastle.crypto.params.KeyParameter;
 import org.bouncycastle.crypto.params.ParametersWithIV;
 import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.util.DigestFactory;
+// Android-changed: Use Android digests
+// import org.bouncycastle.crypto.util.DigestFactory;
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
 import org.bouncycastle.util.Arrays;
 
 /**
@@ -52,7 +54,9 @@
     //
     // checksum digest
     //
-    Digest  sha1 = DigestFactory.createSHA1();
+    // Android-changed: Use Android digests
+    // Digest  sha1 = DigestFactory.createSHA1();
+    Digest  sha1 = AndroidDigestFactory.getSHA1();
     byte[]  digest = new byte[20];
 
    /**

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/DSTU7624Engine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/DSTU7624Engine.java
deleted file mode 100644
index b18cb9a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/DSTU7624Engine.java
+++ /dev/null

@@ -1,1183 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Pack;
-
-
-/*
-* Reference implementation of DSTU7624 national Ukrainian standard of block encryption.
-* Thanks to Roman Oliynikov' native C implementation:
-* https://github.com/Roman-Oliynikov/Kalyna-reference
-*
-* DSTU7564 is very similar to AES but with some security improvements in key schedule algorithm
-* and supports different block and key lengths (128/256/512 bits).
-*/
-public class DSTU7624Engine
-    implements BlockCipher
-{
-    private long[] internalState;
-    private long[] workingKey;
-    private long[][] roundKeys;
-
-    /* Number of 64-bit words in block */
-    private int wordsInBlock;
-
-    /* Number of 64-bit words in key */
-    private int wordsInKey;
-
-    /* Number of encryption rounds depending on key length */
-    private static final int ROUNDS_128 = 10;
-    private static final int ROUNDS_256 = 14;
-    private static final int ROUNDS_512 = 18;
-
-    private int roundsAmount;
-
-    private boolean forEncryption;
-
-    public DSTU7624Engine(int blockBitLength)
-        throws IllegalArgumentException
-    {
-        /* DSTU7624 supports 128 | 256 | 512 key/block sizes */
-        if (blockBitLength != 128 && blockBitLength != 256 && blockBitLength != 512)
-        {
-            throw new IllegalArgumentException("unsupported block length: only 128/256/512 are allowed");
-        }
-
-        wordsInBlock = blockBitLength >>> 6;
-        internalState = new long[wordsInBlock];
-    }
-
-    public void init(boolean forEncryption, CipherParameters params)
-        throws IllegalArgumentException
-    {
-        if (!(params instanceof KeyParameter))
-        {
-            throw new IllegalArgumentException("Invalid parameter passed to DSTU7624Engine init");
-        }
-
-        this.forEncryption = forEncryption;
-
-        byte[] keyBytes = ((KeyParameter)params).getKey();
-        int keyBitLength = keyBytes.length << 3;
-        int blockBitLength = wordsInBlock << 6;
-
-        if (keyBitLength != 128 && keyBitLength != 256 && keyBitLength != 512)
-        {
-            throw new IllegalArgumentException("unsupported key length: only 128/256/512 are allowed");
-        }
-
-        /* Limitations on key lengths depending on block lengths. See table 6.1 in standard */
-        if (keyBitLength != blockBitLength && keyBitLength != (2 * blockBitLength))
-        {
-            throw new IllegalArgumentException("Unsupported key length");
-        }
-
-        switch (keyBitLength)
-        {
-        case 128:
-            roundsAmount = ROUNDS_128;
-            break;
-        case 256:
-            roundsAmount = ROUNDS_256;
-            break;
-        case 512:
-            roundsAmount = ROUNDS_512;
-            break;
-        }
-
-        wordsInKey = keyBitLength >>> 6;
-
-        /* +1 round key as defined in standard */
-        roundKeys = new long[roundsAmount + 1][];
-        for (int roundKeyIndex = 0; roundKeyIndex < roundKeys.length; roundKeyIndex++)
-        {
-            roundKeys[roundKeyIndex] = new long[wordsInBlock];
-        }
-
-        workingKey = new long[wordsInKey];
-
-        if (keyBytes.length != (keyBitLength >>> 3))
-        {
-            throw new IllegalArgumentException("Invalid key parameter passed to DSTU7624Engine init");
-        }
-
-        /* Unpack encryption key bytes to words */
-        Pack.littleEndianToLong(keyBytes, 0, workingKey);
-
-        long[] tempKeys = new long[wordsInBlock];
-
-        /* KSA in DSTU7624 is strengthened to mitigate known weaknesses in AES KSA (eprint.iacr.org/2012/260.pdf) */
-        workingKeyExpandKT(workingKey, tempKeys);
-        workingKeyExpandEven(workingKey, tempKeys);
-        workingKeyExpandOdd();
-    }
-
-    public String getAlgorithmName()
-    {
-        return "DSTU7624";
-    }
-
-    public int getBlockSize()
-    {
-        return wordsInBlock << 3;
-    }
-
-    public int processBlock(byte[] in, int inOff, byte[] out, int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        if (workingKey == null)
-        {
-            throw new IllegalStateException("DSTU7624Engine not initialised");
-        }
-
-        if (inOff + getBlockSize() > in.length)
-        {
-            throw new DataLengthException("Input buffer too short");
-        }
-
-        if (outOff + getBlockSize() > out.length)
-        {
-            throw new OutputLengthException("Output buffer too short");
-        }
-
-        if (forEncryption)
-        {
-            /* Encrypt */
-            switch (wordsInBlock)
-            {
-            case 2:
-            {
-                encryptBlock_128(in, inOff, out, outOff);
-                break;
-            }
-            default:
-            {
-                Pack.littleEndianToLong(in, inOff, internalState);
-                addRoundKey(0);
-                for (int round = 0;;)
-                {
-                    subBytes();
-                    shiftRows();
-                    mixColumns();
-
-                    if (++round == roundsAmount)
-                    {
-                        break;
-                    }
-
-                    xorRoundKey(round);
-                }
-                addRoundKey(roundsAmount);
-                Pack.longToLittleEndian(internalState, out, outOff);
-                break;
-            }
-            }
-        }
-        else
-        {
-            /* Decrypt */
-            switch (wordsInBlock)
-            {
-            case 2:
-            {
-                decryptBlock_128(in, inOff, out, outOff);
-                break;
-            }
-            default:
-            {
-                Pack.littleEndianToLong(in, inOff, internalState);
-                subRoundKey(roundsAmount);
-                for (int round = roundsAmount;;)
-                {
-                    mixColumnsInv();
-                    invShiftRows();
-                    invSubBytes();
-    
-                    if (--round == 0)
-                    {
-                        break;
-                    }
-    
-                    xorRoundKey(round);
-                }
-                subRoundKey(0);
-                Pack.longToLittleEndian(internalState, out, outOff);
-                break;
-            }
-            }
-        }
-
-        return getBlockSize();
-    }
-
-    public void reset()
-    {
-        Arrays.fill(internalState, 0);
-    }
-
-    private void addRoundKey(int round)
-    {
-        long[] roundKey = roundKeys[round];
-        for (int i = 0; i < wordsInBlock; ++i)
-        {
-            internalState[i] += roundKey[i];
-        }
-    }
-
-    private void subRoundKey(int round)
-    {
-        long[] roundKey = roundKeys[round];
-        for (int i = 0; i < wordsInBlock; ++i)
-        {
-            internalState[i] -= roundKey[i];
-        }
-    }
-
-    private void xorRoundKey(int round)
-    {
-        long[] roundKey = roundKeys[round];
-        for (int i = 0; i < wordsInBlock; ++i)
-        {
-            internalState[i] ^= roundKey[i];
-        }
-    }
-
-    private void workingKeyExpandKT(long[] workingKey, long[] tempKeys)
-    {
-        long[] k0 = new long[wordsInBlock];
-        long[] k1 = new long[wordsInBlock];
-
-        internalState = new long[wordsInBlock];
-        internalState[0] += wordsInBlock + wordsInKey + 1;
-
-        if (wordsInBlock == wordsInKey)
-        {
-            System.arraycopy(workingKey, 0, k0, 0, k0.length);
-            System.arraycopy(workingKey, 0, k1, 0, k1.length);
-        }
-        else
-        {
-            System.arraycopy(workingKey, 0, k0, 0, wordsInBlock);
-            System.arraycopy(workingKey, wordsInBlock, k1, 0, wordsInBlock);
-        }
-
-
-        for (int wordIndex = 0; wordIndex < internalState.length; wordIndex++)
-        {
-            internalState[wordIndex] += k0[wordIndex];
-        }
-
-        subBytes();
-        shiftRows();
-        mixColumns();
-
-        for (int wordIndex = 0; wordIndex < internalState.length; wordIndex++)
-        {
-            internalState[wordIndex] ^= k1[wordIndex];
-        }
-
-        subBytes();
-        shiftRows();
-        mixColumns();
-
-        for (int wordIndex = 0; wordIndex < internalState.length; wordIndex++)
-        {
-            internalState[wordIndex] += k0[wordIndex];
-        }
-
-        subBytes();
-        shiftRows();
-        mixColumns();
-
-        System.arraycopy(internalState, 0, tempKeys, 0, wordsInBlock);
-    }
-
-    private void workingKeyExpandEven(long[] workingKey, long[] tempKey)
-    {
-        long[] initialData = new long[wordsInKey];
-        long[] tempRoundKey = new long[wordsInBlock];
-
-        int round = 0;
-
-        System.arraycopy(workingKey, 0, initialData, 0, wordsInKey);
-
-        long tmv = 0x0001000100010001L;
-
-        while (true)
-        {
-            for (int wordIndex = 0; wordIndex < wordsInBlock; wordIndex++)
-            {
-                tempRoundKey[wordIndex] = tempKey[wordIndex] + tmv;
-            }
-
-            for (int wordIndex = 0; wordIndex < wordsInBlock; wordIndex++)
-            {
-                internalState[wordIndex] = initialData[wordIndex] + tempRoundKey[wordIndex];
-            }
-
-            subBytes();
-            shiftRows();
-            mixColumns();
-
-            for (int wordIndex = 0; wordIndex < wordsInBlock; wordIndex++)
-            {
-                internalState[wordIndex] ^= tempRoundKey[wordIndex];
-            }
-
-            subBytes();
-            shiftRows();
-            mixColumns();
-
-            for (int wordIndex = 0; wordIndex < wordsInBlock; wordIndex++)
-            {
-                internalState[wordIndex] += tempRoundKey[wordIndex];
-            }
-
-            System.arraycopy(internalState, 0, roundKeys[round], 0, wordsInBlock);
-
-            if (roundsAmount == round)
-            {
-                break;
-            }
-
-            if (wordsInBlock != wordsInKey)
-            {
-                round += 2;
-                tmv <<= 1;
-
-                for (int wordIndex = 0; wordIndex < wordsInBlock; wordIndex++)
-                {
-                    tempRoundKey[wordIndex] = tempKey[wordIndex] + tmv;
-                }
-
-                for (int wordIndex = 0; wordIndex < wordsInBlock; wordIndex++)
-                {
-                    internalState[wordIndex] = initialData[wordsInBlock + wordIndex] + tempRoundKey[wordIndex];
-                }
-
-                subBytes();
-                shiftRows();
-                mixColumns();
-
-                for (int wordIndex = 0; wordIndex < wordsInBlock; wordIndex++)
-                {
-                    internalState[wordIndex] ^= tempRoundKey[wordIndex];
-                }
-
-                subBytes();
-                shiftRows();
-                mixColumns();
-
-                for (int wordIndex = 0; wordIndex < wordsInBlock; wordIndex++)
-                {
-                    internalState[wordIndex] += tempRoundKey[wordIndex];
-                }
-
-                System.arraycopy(internalState, 0, roundKeys[round], 0, wordsInBlock);
-
-                if (roundsAmount == round)
-                {
-                    break;
-                }
-            }
-
-            round += 2;
-            tmv <<= 1;
-
-            long temp = initialData[0];
-            for (int i = 1; i < initialData.length; ++i)
-            {
-                initialData[i - 1] = initialData[i];
-            }
-            initialData[initialData.length - 1] = temp;
-        }
-    }
-
-    private void workingKeyExpandOdd()
-    {
-        for (int roundIndex = 1; roundIndex < roundsAmount; roundIndex += 2)
-        {
-            rotateLeft(roundKeys[roundIndex - 1], roundKeys[roundIndex]);
-        }
-    }
-
-    private void decryptBlock_128(byte[] in, int inOff, byte[] out, int outOff)
-    {
-        long c0 = Pack.littleEndianToLong(in, inOff);
-        long c1 = Pack.littleEndianToLong(in, inOff + 8);
-
-        long[] roundKey = roundKeys[roundsAmount];
-        c0 -= roundKey[0];
-        c1 -= roundKey[1];
-
-        for (int round = roundsAmount;;)
-        {
-            c0 = mixColumnInv(c0);
-            c1 = mixColumnInv(c1);
-
-            int lo0 = (int)c0, hi0 = (int)(c0 >>> 32);
-            int lo1 = (int)c1, hi1 = (int)(c1 >>> 32);
-
-            {
-                byte t0 = T0[lo0 & 0xFF];
-                byte t1 = T1[(lo0 >>> 8) & 0xFF];
-                byte t2 = T2[(lo0 >>> 16) & 0xFF];
-                byte t3 = T3[lo0 >>> 24];
-                lo0 = (t0 & 0xFF) | ((t1 & 0xFF) << 8) | ((t2 & 0xFF) << 16) | ((int)t3 << 24);
-                byte t4 = T0[hi1 & 0xFF];
-                byte t5 = T1[(hi1 >>> 8) & 0xFF];
-                byte t6 = T2[(hi1 >>> 16) & 0xFF];
-                byte t7 = T3[hi1 >>> 24];
-                hi1 = (t4 & 0xFF) | ((t5 & 0xFF) << 8) | ((t6 & 0xFF) << 16) | ((int)t7 << 24);
-                c0 = (lo0 & 0xFFFFFFFFL) | ((long)hi1 << 32);
-            }
-
-            {
-                byte t0 = T0[lo1 & 0xFF];
-                byte t1 = T1[(lo1 >>> 8) & 0xFF];
-                byte t2 = T2[(lo1 >>> 16) & 0xFF];
-                byte t3 = T3[lo1 >>> 24];
-                lo1 = (t0 & 0xFF) | ((t1 & 0xFF) << 8) | ((t2 & 0xFF) << 16) | ((int)t3 << 24);
-                byte t4 = T0[hi0 & 0xFF];
-                byte t5 = T1[(hi0 >>> 8) & 0xFF];
-                byte t6 = T2[(hi0 >>> 16) & 0xFF];
-                byte t7 = T3[hi0 >>> 24];
-                hi0 = (t4 & 0xFF) | ((t5 & 0xFF) << 8) | ((t6 & 0xFF) << 16) | ((int)t7 << 24);
-                c1 = (lo1 & 0xFFFFFFFFL) | ((long)hi0 << 32);
-            }
-
-            if (--round == 0)
-            {
-                break;
-            }
-
-            roundKey = roundKeys[round];
-            c0 ^= roundKey[0];
-            c1 ^= roundKey[1];
-        }
-
-        roundKey = roundKeys[0];
-        c0 -= roundKey[0];
-        c1 -= roundKey[1];
-
-        Pack.longToLittleEndian(c0, out, outOff);
-        Pack.longToLittleEndian(c1, out, outOff + 8);
-    }
-
-    private void encryptBlock_128(byte[] in, int inOff, byte[] out, int outOff)
-    {
-        long c0 = Pack.littleEndianToLong(in, inOff);
-        long c1 = Pack.littleEndianToLong(in, inOff + 8);
-
-        long[] roundKey = roundKeys[0];
-        c0 += roundKey[0];
-        c1 += roundKey[1];
-
-        for (int round = 0;;)
-        {
-            int lo0 = (int)c0, hi0 = (int)(c0 >>> 32);
-            int lo1 = (int)c1, hi1 = (int)(c1 >>> 32);
-
-            {
-                byte t0 = S0[lo0 & 0xFF];
-                byte t1 = S1[(lo0 >>> 8) & 0xFF];
-                byte t2 = S2[(lo0 >>> 16) & 0xFF];
-                byte t3 = S3[lo0 >>> 24];
-                lo0 = (t0 & 0xFF) | ((t1 & 0xFF) << 8) | ((t2 & 0xFF) << 16) | ((int)t3 << 24);
-                byte t4 = S0[hi1 & 0xFF];
-                byte t5 = S1[(hi1 >>> 8) & 0xFF];
-                byte t6 = S2[(hi1 >>> 16) & 0xFF];
-                byte t7 = S3[hi1 >>> 24];
-                hi1 = (t4 & 0xFF) | ((t5 & 0xFF) << 8) | ((t6 & 0xFF) << 16) | ((int)t7 << 24);
-                c0 = (lo0 & 0xFFFFFFFFL) | ((long)hi1 << 32);
-            }
-
-            {
-                byte t0 = S0[lo1 & 0xFF];
-                byte t1 = S1[(lo1 >>> 8) & 0xFF];
-                byte t2 = S2[(lo1 >>> 16) & 0xFF];
-                byte t3 = S3[lo1 >>> 24];
-                lo1 = (t0 & 0xFF) | ((t1 & 0xFF) << 8) | ((t2 & 0xFF) << 16) | ((int)t3 << 24);
-                byte t4 = S0[hi0 & 0xFF];
-                byte t5 = S1[(hi0 >>> 8) & 0xFF];
-                byte t6 = S2[(hi0 >>> 16) & 0xFF];
-                byte t7 = S3[hi0 >>> 24];
-                hi0 = (t4 & 0xFF) | ((t5 & 0xFF) << 8) | ((t6 & 0xFF) << 16) | ((int)t7 << 24);
-                c1 = (lo1 & 0xFFFFFFFFL) | ((long)hi0 << 32);
-            }
-
-            c0 = mixColumn(c0);
-            c1 = mixColumn(c1);
-
-            if (++round == roundsAmount)
-            {
-                break;
-            }
-
-            roundKey = roundKeys[round];
-            c0 ^= roundKey[0];
-            c1 ^= roundKey[1];
-        }
-
-        roundKey = roundKeys[roundsAmount];
-        c0 += roundKey[0];
-        c1 += roundKey[1];
-
-        Pack.longToLittleEndian(c0, out, outOff);
-        Pack.longToLittleEndian(c1, out, outOff + 8);
-    }
-
-    private void subBytes()
-    {
-        for (int i = 0; i < wordsInBlock; i++)
-        {
-            long u = internalState[i];
-            int lo = (int)u, hi = (int)(u >>> 32);
-            byte t0 = S0[lo & 0xFF];
-            byte t1 = S1[(lo >>> 8) & 0xFF];
-            byte t2 = S2[(lo >>> 16) & 0xFF];
-            byte t3 = S3[lo >>> 24];
-            lo = (t0 & 0xFF) | ((t1 & 0xFF) << 8) | ((t2 & 0xFF) << 16) | ((int)t3 << 24);
-            byte t4 = S0[hi & 0xFF];
-            byte t5 = S1[(hi >>> 8) & 0xFF];
-            byte t6 = S2[(hi >>> 16) & 0xFF];
-            byte t7 = S3[hi >>> 24];
-            hi = (t4 & 0xFF) | ((t5 & 0xFF) << 8) | ((t6 & 0xFF) << 16) | ((int)t7 << 24);
-            internalState[i] = (lo & 0xFFFFFFFFL) | ((long)hi << 32);
-        }
-    }
-
-    private void invSubBytes()
-    {
-        for (int i = 0; i < wordsInBlock; i++)
-        {
-            long u = internalState[i];
-            int lo = (int)u, hi = (int)(u >>> 32);
-            byte t0 = T0[lo & 0xFF];
-            byte t1 = T1[(lo >>> 8) & 0xFF];
-            byte t2 = T2[(lo >>> 16) & 0xFF];
-            byte t3 = T3[lo >>> 24];
-            lo = (t0 & 0xFF) | ((t1 & 0xFF) << 8) | ((t2 & 0xFF) << 16) | ((int)t3 << 24);
-            byte t4 = T0[hi & 0xFF];
-            byte t5 = T1[(hi >>> 8) & 0xFF];
-            byte t6 = T2[(hi >>> 16) & 0xFF];
-            byte t7 = T3[hi >>> 24];
-            hi = (t4 & 0xFF) | ((t5 & 0xFF) << 8) | ((t6 & 0xFF) << 16) | ((int)t7 << 24);
-            internalState[i] = (lo & 0xFFFFFFFFL) | ((long)hi << 32);
-        }
-    }
-
-    private void shiftRows()
-    {
-        switch (wordsInBlock)
-        {
-        case 2:
-        {
-            long c0 = internalState[0], c1 = internalState[1];
-            long d;
-
-            d = (c0 ^ c1) & 0xFFFFFFFF00000000L; c0 ^= d; c1 ^= d;
-
-            internalState[0] = c0;
-            internalState[1] = c1;
-            break;
-        }
-        case 4:
-        {
-            long c0 = internalState[0], c1 = internalState[1], c2 = internalState[2], c3 = internalState[3];
-            long d;
-
-            d = (c0 ^ c2) & 0xFFFFFFFF00000000L; c0 ^= d; c2 ^= d;
-            d = (c1 ^ c3) & 0x0000FFFFFFFF0000L; c1 ^= d; c3 ^= d;
-
-            d = (c0 ^ c1) & 0xFFFF0000FFFF0000L; c0 ^= d; c1 ^= d;
-            d = (c2 ^ c3) & 0xFFFF0000FFFF0000L; c2 ^= d; c3 ^= d;
-
-            internalState[0] = c0;
-            internalState[1] = c1;
-            internalState[2] = c2;
-            internalState[3] = c3;
-            break;
-        }
-        case 8:
-        {
-            long c0 = internalState[0], c1 = internalState[1], c2 = internalState[2], c3 = internalState[3];
-            long c4 = internalState[4], c5 = internalState[5], c6 = internalState[6], c7 = internalState[7];
-            long d;
-
-            d = (c0 ^ c4) & 0xFFFFFFFF00000000L; c0 ^= d; c4 ^= d;
-            d = (c1 ^ c5) & 0x00FFFFFFFF000000L; c1 ^= d; c5 ^= d;
-            d = (c2 ^ c6) & 0x0000FFFFFFFF0000L; c2 ^= d; c6 ^= d;
-            d = (c3 ^ c7) & 0x000000FFFFFFFF00L; c3 ^= d; c7 ^= d;
-
-            d = (c0 ^ c2) & 0xFFFF0000FFFF0000L; c0 ^= d; c2 ^= d;
-            d = (c1 ^ c3) & 0x00FFFF0000FFFF00L; c1 ^= d; c3 ^= d;
-            d = (c4 ^ c6) & 0xFFFF0000FFFF0000L; c4 ^= d; c6 ^= d;
-            d = (c5 ^ c7) & 0x00FFFF0000FFFF00L; c5 ^= d; c7 ^= d;
-
-            d = (c0 ^ c1) & 0xFF00FF00FF00FF00L; c0 ^= d; c1 ^= d;
-            d = (c2 ^ c3) & 0xFF00FF00FF00FF00L; c2 ^= d; c3 ^= d;
-            d = (c4 ^ c5) & 0xFF00FF00FF00FF00L; c4 ^= d; c5 ^= d;
-            d = (c6 ^ c7) & 0xFF00FF00FF00FF00L; c6 ^= d; c7 ^= d;
-
-            internalState[0] = c0;
-            internalState[1] = c1;
-            internalState[2] = c2;
-            internalState[3] = c3;
-            internalState[4] = c4;
-            internalState[5] = c5;
-            internalState[6] = c6;
-            internalState[7] = c7;
-            break;
-        }
-        default:
-        {
-            throw new IllegalStateException("unsupported block length: only 128/256/512 are allowed");
-        }
-        }
-    }
-
-    private void invShiftRows()
-    {
-        switch (wordsInBlock)
-        {
-        case 2:
-        {
-            long c0 = internalState[0], c1 = internalState[1];
-            long d;
-
-            d = (c0 ^ c1) & 0xFFFFFFFF00000000L; c0 ^= d; c1 ^= d;
-
-            internalState[0] = c0;
-            internalState[1] = c1;
-            break;
-        }
-        case 4:
-        {
-            long c0 = internalState[0], c1 = internalState[1], c2 = internalState[2], c3 = internalState[3];
-            long d;
-
-            d = (c0 ^ c1) & 0xFFFF0000FFFF0000L; c0 ^= d; c1 ^= d;
-            d = (c2 ^ c3) & 0xFFFF0000FFFF0000L; c2 ^= d; c3 ^= d;
-
-            d = (c0 ^ c2) & 0xFFFFFFFF00000000L; c0 ^= d; c2 ^= d;
-            d = (c1 ^ c3) & 0x0000FFFFFFFF0000L; c1 ^= d; c3 ^= d;
-
-            internalState[0] = c0;
-            internalState[1] = c1;
-            internalState[2] = c2;
-            internalState[3] = c3;
-            break;
-        }
-        case 8:
-        {
-            long c0 = internalState[0], c1 = internalState[1], c2 = internalState[2], c3 = internalState[3];
-            long c4 = internalState[4], c5 = internalState[5], c6 = internalState[6], c7 = internalState[7];
-            long d;
-
-            d = (c0 ^ c1) & 0xFF00FF00FF00FF00L; c0 ^= d; c1 ^= d;
-            d = (c2 ^ c3) & 0xFF00FF00FF00FF00L; c2 ^= d; c3 ^= d;
-            d = (c4 ^ c5) & 0xFF00FF00FF00FF00L; c4 ^= d; c5 ^= d;
-            d = (c6 ^ c7) & 0xFF00FF00FF00FF00L; c6 ^= d; c7 ^= d;
-
-            d = (c0 ^ c2) & 0xFFFF0000FFFF0000L; c0 ^= d; c2 ^= d;
-            d = (c1 ^ c3) & 0x00FFFF0000FFFF00L; c1 ^= d; c3 ^= d;
-            d = (c4 ^ c6) & 0xFFFF0000FFFF0000L; c4 ^= d; c6 ^= d;
-            d = (c5 ^ c7) & 0x00FFFF0000FFFF00L; c5 ^= d; c7 ^= d;
-
-            d = (c0 ^ c4) & 0xFFFFFFFF00000000L; c0 ^= d; c4 ^= d;
-            d = (c1 ^ c5) & 0x00FFFFFFFF000000L; c1 ^= d; c5 ^= d;
-            d = (c2 ^ c6) & 0x0000FFFFFFFF0000L; c2 ^= d; c6 ^= d;
-            d = (c3 ^ c7) & 0x000000FFFFFFFF00L; c3 ^= d; c7 ^= d;
-
-            internalState[0] = c0;
-            internalState[1] = c1;
-            internalState[2] = c2;
-            internalState[3] = c3;
-            internalState[4] = c4;
-            internalState[5] = c5;
-            internalState[6] = c6;
-            internalState[7] = c7;
-            break;
-        }
-        default:
-        {
-            throw new IllegalStateException("unsupported block length: only 128/256/512 are allowed");
-        }
-        }
-    }
-
-    private static long mixColumn(long c)
-    {
-//        // Calculate column multiplied by powers of 'x'
-//        long x0 = c;
-//        long x1 = mulX(x0);
-//        long x2 = mulX(x1);
-//        long x3 = mulX(x2);
-//
-//        // Calculate products with circulant matrix from (0x01, 0x01, 0x05, 0x01, 0x08, 0x06, 0x07, 0x04)
-//        long m0 = x0;
-//        long m1 = x0;
-//        long m2 = x0 ^ x2;
-//        long m3 = x0;
-//        long m4 = x3;
-//        long m5 = x1 ^ x2;
-//        long m6 = x0 ^ x1 ^ x2;
-//        long m7 = x2;
-//
-//        // Assemble the rotated products
-//        return m0
-//            ^ rotate(8, m1)
-//            ^ rotate(16, m2)
-//            ^ rotate(24, m3)
-//            ^ rotate(32, m4)
-//            ^ rotate(40, m5)
-//            ^ rotate(48, m6)
-//            ^ rotate(56, m7);
-
-        long x1 = mulX(c);
-        long u, v;
-
-        u  = rotate(8, c) ^ c;
-        u ^= rotate(16, u);
-        u ^= rotate(48, c);
-
-        v  = mulX2(u ^ c ^ x1);
-
-        return u ^ rotate(32, v) ^ rotate(40, x1) ^ rotate(48, x1);
-    }
-
-    private void mixColumns()
-    {
-        for (int col = 0; col < wordsInBlock; ++col)
-        {
-            internalState[col] = mixColumn(internalState[col]);
-        }
-    }
-
-    private static long mixColumnInv(long c)
-    {
-/*
-        // Calculate column multiplied by powers of 'x'
-        long x0 = c;
-        long x1 = mulX(x0);
-        long x2 = mulX(x1);
-        long x3 = mulX(x2);
-        long x4 = mulX(x3);
-        long x5 = mulX(x4);
-        long x6 = mulX(x5);
-        long x7 = mulX(x6);
-
-        // Calculate products with circulant matrix from (0xAD,0x95,0x76,0xA8,0x2F,0x49,0xD7,0xCA)
-//        long m0 = x0 ^ x2 ^ x3 ^ x5 ^ x7;
-//        long m1 = x0 ^ x2 ^ x4 ^ x7;
-//        long m2 = x1 ^ x2 ^ x4 ^ x5 ^ x6;
-//        long m3 = x3 ^ x5 ^ x7;
-//        long m4 = x0 ^ x1 ^ x2 ^ x3 ^ x5;
-//        long m5 = x0 ^ x3 ^ x6;
-//        long m6 = x0 ^ x1 ^ x2 ^ x4 ^ x6 ^ x7;
-//        long m7 = x1 ^ x3 ^ x6 ^ x7;
-
-        long m5 = x0 ^ x3 ^ x6;
-        x0 ^= x2;
-        long m3 = x3 ^ x5 ^ x7;
-        long m0 = m3 ^ x0;
-        long m6 = x0 ^ x4;
-        long m1 = m6 ^ x7;
-        x5 ^= x1;
-        x7 ^= x1 ^ x6;
-        long m2 = x2 ^ x4 ^ x5 ^ x6;
-        long m4 = x0 ^ x3 ^ x5;
-        m6 ^= x7;
-        long m7 = x3 ^ x7;
-
-        // Assemble the rotated products
-        return m0
-            ^ rotate(8, m1)
-            ^ rotate(16, m2)
-            ^ rotate(24, m3)
-            ^ rotate(32, m4)
-            ^ rotate(40, m5)
-            ^ rotate(48, m6)
-            ^ rotate(56, m7);
-*/
-        
-        long u0 = c;
-        u0 ^= rotate( 8, u0);
-        u0 ^= rotate(32, u0);
-        u0 ^= rotate(48, c);
-
-        long t = u0 ^ c;
-
-        long c48 = rotate(48, c);
-        long c56 = rotate(56, c);
-
-        long u7 = t ^ c56;
-        long u6 = rotate(56, t);
-        u6 ^= mulX(u7);
-        long u5 = rotate(16, t) ^ c;
-        u5 ^= rotate(40, mulX(u6) ^ c);
-        long u4 = t ^ c48;
-        u4 ^= mulX(u5);
-        long u3 = rotate(16, u0);
-        u3 ^= mulX(u4);
-        long u2 = t ^ rotate(24, c) ^ c48 ^ c56;
-        u2 ^= mulX(u3);
-        long u1 = rotate(32, t) ^ c ^ c56;
-        u1 ^= mulX(u2);
-        u0 ^= mulX(rotate(40, u1));
-
-        return u0;
-    }
-
-    private void mixColumnsInv()
-    {
-        for (int col = 0; col < wordsInBlock; ++col)
-        {
-            internalState[col] = mixColumnInv(internalState[col]);
-        }
-    }
-
-    private static long mulX(long n)
-    {
-        return ((n & 0x7F7F7F7F7F7F7F7FL) << 1) ^ (((n & 0x8080808080808080L) >>> 7) * 0x1DL);
-    }
-
-    private static long mulX2(long n)
-    {
-        return ((n & 0x3F3F3F3F3F3F3F3FL) << 2) ^ (((n & 0x8080808080808080L) >>> 6) * 0x1DL) ^ (((n & 0x4040404040404040L) >>> 6) * 0x1DL);
-    }
-
-//    private static long mulX4(long n)
-//    {
-//        long u = n & 0xF0F0F0F0F0F0F0F0L;
-//        return ((n & 0x0F0F0F0F0F0F0F0FL) << 4) ^ u ^ (u >>> 1) ^ (u >>> 2) ^ (u >>> 4);
-//    }
-
-    /*
-     * Pair-wise modular multiplication of 8 byte-pairs.
-     * 
-     * REDUCTION_POLYNOMIAL is x^8 + x^4 + x^3 + x^2 + 1
-     */  
-//    private static long multiplyGFx8(long u, long v, int vMaxDegree)
-//    {
-//        long r = u & ((v & 0x0101010101010101L) * 0xFFL);
-//        for (int i = 1; i <= vMaxDegree; ++i)
-//        {
-//            u = ((u & 0x7F7F7F7F7F7F7F7FL) << 1) ^ (((u >>> 7) & 0x0101010101010101L) * 0x1DL);
-//            v >>>= 1;
-//
-//            r ^= u & ((v & 0x0101010101010101L) * 0xFFL);
-//        }
-//
-//        return r;
-//    }
-
-//    private static long multiplyMDS(long u)
-//    {
-//        long r = 0, s = 0, t = (u >>> 8);
-//        r ^= u & 0x0000001F00000000L; r <<= 1;
-//        s ^= t & 0x00000000E0000000L; s <<= 1;
-//        r ^= u & 0x3F3F3F00003F0000L; r <<= 1;
-//        s ^= t & 0x00C0C0C00000C000L; s <<= 1;
-//        r ^= u & 0x007F7F0000000000L; r <<= 1;
-//        s ^= t & 0x0000808000000000L; s <<= 1;
-//        r ^= u & 0x00FF0000FFFFFFFFL;
-//        r ^= s ^ (s << 2) ^ (s << 3) ^ (s << 4);
-//        return r;
-//    }
-
-    private static long rotate(int n, long x)
-    {
-        return (x >>> n) | (x << -n);
-    }
-
-    private void rotateLeft(long[] x, long[] z)
-    {
-        switch (wordsInBlock)
-        {
-        case 2:
-        {
-            long x0 = x[0], x1 = x[1];
-            z[0] = (x0 >>> 56) | (x1 << 8);
-            z[1] = (x1 >>> 56) | (x0 << 8);
-            break;
-        }
-        case 4:
-        {
-            long x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3];
-            z[0] = (x1 >>> 24) | (x2 << 40);
-            z[1] = (x2 >>> 24) | (x3 << 40);
-            z[2] = (x3 >>> 24) | (x0 << 40);
-            z[3] = (x0 >>> 24) | (x1 << 40);
-            break;
-        }
-        case 8:
-        {
-            long x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3];
-            long x4 = x[4], x5 = x[5], x6 = x[6], x7 = x[7];
-            z[0] = (x2 >>> 24) | (x3 << 40);
-            z[1] = (x3 >>> 24) | (x4 << 40);
-            z[2] = (x4 >>> 24) | (x5 << 40);
-            z[3] = (x5 >>> 24) | (x6 << 40);
-            z[4] = (x6 >>> 24) | (x7 << 40);
-            z[5] = (x7 >>> 24) | (x0 << 40);
-            z[6] = (x0 >>> 24) | (x1 << 40);
-            z[7] = (x1 >>> 24) | (x2 << 40);
-            break;
-        }
-        default:
-        {
-            throw new IllegalStateException("unsupported block length: only 128/256/512 are allowed");
-        }
-        }
-    }
-
-//    private static final long mdsMatrix = 0x0407060801050101L;
-//    private static final long mdsInvMatrix = 0xCAD7492FA87695ADL;
-
-    private static final byte[] S0 = new byte[]{ (byte)0xa8, (byte)0x43, (byte)0x5f, (byte)0x06, (byte)0x6b, (byte)0x75,
-        (byte)0x6c, (byte)0x59, (byte)0x71, (byte)0xdf, (byte)0x87, (byte)0x95, (byte)0x17, (byte)0xf0, (byte)0xd8,
-        (byte)0x09, (byte)0x6d, (byte)0xf3, (byte)0x1d, (byte)0xcb, (byte)0xc9, (byte)0x4d, (byte)0x2c, (byte)0xaf,
-        (byte)0x79, (byte)0xe0, (byte)0x97, (byte)0xfd, (byte)0x6f, (byte)0x4b, (byte)0x45, (byte)0x39, (byte)0x3e,
-        (byte)0xdd, (byte)0xa3, (byte)0x4f, (byte)0xb4, (byte)0xb6, (byte)0x9a, (byte)0x0e, (byte)0x1f, (byte)0xbf,
-        (byte)0x15, (byte)0xe1, (byte)0x49, (byte)0xd2, (byte)0x93, (byte)0xc6, (byte)0x92, (byte)0x72, (byte)0x9e,
-        (byte)0x61, (byte)0xd1, (byte)0x63, (byte)0xfa, (byte)0xee, (byte)0xf4, (byte)0x19, (byte)0xd5, (byte)0xad,
-        (byte)0x58, (byte)0xa4, (byte)0xbb, (byte)0xa1, (byte)0xdc, (byte)0xf2, (byte)0x83, (byte)0x37, (byte)0x42,
-        (byte)0xe4, (byte)0x7a, (byte)0x32, (byte)0x9c, (byte)0xcc, (byte)0xab, (byte)0x4a, (byte)0x8f, (byte)0x6e,
-        (byte)0x04, (byte)0x27, (byte)0x2e, (byte)0xe7, (byte)0xe2, (byte)0x5a, (byte)0x96, (byte)0x16, (byte)0x23,
-        (byte)0x2b, (byte)0xc2, (byte)0x65, (byte)0x66, (byte)0x0f, (byte)0xbc, (byte)0xa9, (byte)0x47, (byte)0x41,
-        (byte)0x34, (byte)0x48, (byte)0xfc, (byte)0xb7, (byte)0x6a, (byte)0x88, (byte)0xa5, (byte)0x53, (byte)0x86,
-        (byte)0xf9, (byte)0x5b, (byte)0xdb, (byte)0x38, (byte)0x7b, (byte)0xc3, (byte)0x1e, (byte)0x22, (byte)0x33,
-        (byte)0x24, (byte)0x28, (byte)0x36, (byte)0xc7, (byte)0xb2, (byte)0x3b, (byte)0x8e, (byte)0x77, (byte)0xba,
-        (byte)0xf5, (byte)0x14, (byte)0x9f, (byte)0x08, (byte)0x55, (byte)0x9b, (byte)0x4c, (byte)0xfe, (byte)0x60,
-        (byte)0x5c, (byte)0xda, (byte)0x18, (byte)0x46, (byte)0xcd, (byte)0x7d, (byte)0x21, (byte)0xb0, (byte)0x3f,
-        (byte)0x1b, (byte)0x89, (byte)0xff, (byte)0xeb, (byte)0x84, (byte)0x69, (byte)0x3a, (byte)0x9d, (byte)0xd7,
-        (byte)0xd3, (byte)0x70, (byte)0x67, (byte)0x40, (byte)0xb5, (byte)0xde, (byte)0x5d, (byte)0x30, (byte)0x91,
-        (byte)0xb1, (byte)0x78, (byte)0x11, (byte)0x01, (byte)0xe5, (byte)0x00, (byte)0x68, (byte)0x98, (byte)0xa0,
-        (byte)0xc5, (byte)0x02, (byte)0xa6, (byte)0x74, (byte)0x2d, (byte)0x0b, (byte)0xa2, (byte)0x76, (byte)0xb3,
-        (byte)0xbe, (byte)0xce, (byte)0xbd, (byte)0xae, (byte)0xe9, (byte)0x8a, (byte)0x31, (byte)0x1c, (byte)0xec,
-        (byte)0xf1, (byte)0x99, (byte)0x94, (byte)0xaa, (byte)0xf6, (byte)0x26, (byte)0x2f, (byte)0xef, (byte)0xe8,
-        (byte)0x8c, (byte)0x35, (byte)0x03, (byte)0xd4, (byte)0x7f, (byte)0xfb, (byte)0x05, (byte)0xc1, (byte)0x5e,
-        (byte)0x90, (byte)0x20, (byte)0x3d, (byte)0x82, (byte)0xf7, (byte)0xea, (byte)0x0a, (byte)0x0d, (byte)0x7e,
-        (byte)0xf8, (byte)0x50, (byte)0x1a, (byte)0xc4, (byte)0x07, (byte)0x57, (byte)0xb8, (byte)0x3c, (byte)0x62,
-        (byte)0xe3, (byte)0xc8, (byte)0xac, (byte)0x52, (byte)0x64, (byte)0x10, (byte)0xd0, (byte)0xd9, (byte)0x13,
-        (byte)0x0c, (byte)0x12, (byte)0x29, (byte)0x51, (byte)0xb9, (byte)0xcf, (byte)0xd6, (byte)0x73, (byte)0x8d,
-        (byte)0x81, (byte)0x54, (byte)0xc0, (byte)0xed, (byte)0x4e, (byte)0x44, (byte)0xa7, (byte)0x2a, (byte)0x85,
-        (byte)0x25, (byte)0xe6, (byte)0xca, (byte)0x7c, (byte)0x8b, (byte)0x56, (byte)0x80 };
-
-    private static final byte[] S1 = new byte[]{ (byte)0xce, (byte)0xbb, (byte)0xeb, (byte)0x92, (byte)0xea, (byte)0xcb,
-        (byte)0x13, (byte)0xc1, (byte)0xe9, (byte)0x3a, (byte)0xd6, (byte)0xb2, (byte)0xd2, (byte)0x90, (byte)0x17,
-        (byte)0xf8, (byte)0x42, (byte)0x15, (byte)0x56, (byte)0xb4, (byte)0x65, (byte)0x1c, (byte)0x88, (byte)0x43,
-        (byte)0xc5, (byte)0x5c, (byte)0x36, (byte)0xba, (byte)0xf5, (byte)0x57, (byte)0x67, (byte)0x8d, (byte)0x31,
-        (byte)0xf6, (byte)0x64, (byte)0x58, (byte)0x9e, (byte)0xf4, (byte)0x22, (byte)0xaa, (byte)0x75, (byte)0x0f,
-        (byte)0x02, (byte)0xb1, (byte)0xdf, (byte)0x6d, (byte)0x73, (byte)0x4d, (byte)0x7c, (byte)0x26, (byte)0x2e,
-        (byte)0xf7, (byte)0x08, (byte)0x5d, (byte)0x44, (byte)0x3e, (byte)0x9f, (byte)0x14, (byte)0xc8, (byte)0xae,
-        (byte)0x54, (byte)0x10, (byte)0xd8, (byte)0xbc, (byte)0x1a, (byte)0x6b, (byte)0x69, (byte)0xf3, (byte)0xbd,
-        (byte)0x33, (byte)0xab, (byte)0xfa, (byte)0xd1, (byte)0x9b, (byte)0x68, (byte)0x4e, (byte)0x16, (byte)0x95,
-        (byte)0x91, (byte)0xee, (byte)0x4c, (byte)0x63, (byte)0x8e, (byte)0x5b, (byte)0xcc, (byte)0x3c, (byte)0x19,
-        (byte)0xa1, (byte)0x81, (byte)0x49, (byte)0x7b, (byte)0xd9, (byte)0x6f, (byte)0x37, (byte)0x60, (byte)0xca,
-        (byte)0xe7, (byte)0x2b, (byte)0x48, (byte)0xfd, (byte)0x96, (byte)0x45, (byte)0xfc, (byte)0x41, (byte)0x12,
-        (byte)0x0d, (byte)0x79, (byte)0xe5, (byte)0x89, (byte)0x8c, (byte)0xe3, (byte)0x20, (byte)0x30, (byte)0xdc,
-        (byte)0xb7, (byte)0x6c, (byte)0x4a, (byte)0xb5, (byte)0x3f, (byte)0x97, (byte)0xd4, (byte)0x62, (byte)0x2d,
-        (byte)0x06, (byte)0xa4, (byte)0xa5, (byte)0x83, (byte)0x5f, (byte)0x2a, (byte)0xda, (byte)0xc9, (byte)0x00,
-        (byte)0x7e, (byte)0xa2, (byte)0x55, (byte)0xbf, (byte)0x11, (byte)0xd5, (byte)0x9c, (byte)0xcf, (byte)0x0e,
-        (byte)0x0a, (byte)0x3d, (byte)0x51, (byte)0x7d, (byte)0x93, (byte)0x1b, (byte)0xfe, (byte)0xc4, (byte)0x47,
-        (byte)0x09, (byte)0x86, (byte)0x0b, (byte)0x8f, (byte)0x9d, (byte)0x6a, (byte)0x07, (byte)0xb9, (byte)0xb0,
-        (byte)0x98, (byte)0x18, (byte)0x32, (byte)0x71, (byte)0x4b, (byte)0xef, (byte)0x3b, (byte)0x70, (byte)0xa0,
-        (byte)0xe4, (byte)0x40, (byte)0xff, (byte)0xc3, (byte)0xa9, (byte)0xe6, (byte)0x78, (byte)0xf9, (byte)0x8b,
-        (byte)0x46, (byte)0x80, (byte)0x1e, (byte)0x38, (byte)0xe1, (byte)0xb8, (byte)0xa8, (byte)0xe0, (byte)0x0c,
-        (byte)0x23, (byte)0x76, (byte)0x1d, (byte)0x25, (byte)0x24, (byte)0x05, (byte)0xf1, (byte)0x6e, (byte)0x94,
-        (byte)0x28, (byte)0x9a, (byte)0x84, (byte)0xe8, (byte)0xa3, (byte)0x4f, (byte)0x77, (byte)0xd3, (byte)0x85,
-        (byte)0xe2, (byte)0x52, (byte)0xf2, (byte)0x82, (byte)0x50, (byte)0x7a, (byte)0x2f, (byte)0x74, (byte)0x53,
-        (byte)0xb3, (byte)0x61, (byte)0xaf, (byte)0x39, (byte)0x35, (byte)0xde, (byte)0xcd, (byte)0x1f, (byte)0x99,
-        (byte)0xac, (byte)0xad, (byte)0x72, (byte)0x2c, (byte)0xdd, (byte)0xd0, (byte)0x87, (byte)0xbe, (byte)0x5e,
-        (byte)0xa6, (byte)0xec, (byte)0x04, (byte)0xc6, (byte)0x03, (byte)0x34, (byte)0xfb, (byte)0xdb, (byte)0x59,
-        (byte)0xb6, (byte)0xc2, (byte)0x01, (byte)0xf0, (byte)0x5a, (byte)0xed, (byte)0xa7, (byte)0x66, (byte)0x21,
-        (byte)0x7f, (byte)0x8a, (byte)0x27, (byte)0xc7, (byte)0xc0, (byte)0x29, (byte)0xd7 };
-
-    private static final byte[] S2 = new byte[]{ (byte)0x93, (byte)0xd9, (byte)0x9a, (byte)0xb5, (byte)0x98, (byte)0x22,
-        (byte)0x45, (byte)0xfc, (byte)0xba, (byte)0x6a, (byte)0xdf, (byte)0x02, (byte)0x9f, (byte)0xdc, (byte)0x51,
-        (byte)0x59, (byte)0x4a, (byte)0x17, (byte)0x2b, (byte)0xc2, (byte)0x94, (byte)0xf4, (byte)0xbb, (byte)0xa3,
-        (byte)0x62, (byte)0xe4, (byte)0x71, (byte)0xd4, (byte)0xcd, (byte)0x70, (byte)0x16, (byte)0xe1, (byte)0x49,
-        (byte)0x3c, (byte)0xc0, (byte)0xd8, (byte)0x5c, (byte)0x9b, (byte)0xad, (byte)0x85, (byte)0x53, (byte)0xa1,
-        (byte)0x7a, (byte)0xc8, (byte)0x2d, (byte)0xe0, (byte)0xd1, (byte)0x72, (byte)0xa6, (byte)0x2c, (byte)0xc4,
-        (byte)0xe3, (byte)0x76, (byte)0x78, (byte)0xb7, (byte)0xb4, (byte)0x09, (byte)0x3b, (byte)0x0e, (byte)0x41,
-        (byte)0x4c, (byte)0xde, (byte)0xb2, (byte)0x90, (byte)0x25, (byte)0xa5, (byte)0xd7, (byte)0x03, (byte)0x11,
-        (byte)0x00, (byte)0xc3, (byte)0x2e, (byte)0x92, (byte)0xef, (byte)0x4e, (byte)0x12, (byte)0x9d, (byte)0x7d,
-        (byte)0xcb, (byte)0x35, (byte)0x10, (byte)0xd5, (byte)0x4f, (byte)0x9e, (byte)0x4d, (byte)0xa9, (byte)0x55,
-        (byte)0xc6, (byte)0xd0, (byte)0x7b, (byte)0x18, (byte)0x97, (byte)0xd3, (byte)0x36, (byte)0xe6, (byte)0x48,
-        (byte)0x56, (byte)0x81, (byte)0x8f, (byte)0x77, (byte)0xcc, (byte)0x9c, (byte)0xb9, (byte)0xe2, (byte)0xac,
-        (byte)0xb8, (byte)0x2f, (byte)0x15, (byte)0xa4, (byte)0x7c, (byte)0xda, (byte)0x38, (byte)0x1e, (byte)0x0b,
-        (byte)0x05, (byte)0xd6, (byte)0x14, (byte)0x6e, (byte)0x6c, (byte)0x7e, (byte)0x66, (byte)0xfd, (byte)0xb1,
-        (byte)0xe5, (byte)0x60, (byte)0xaf, (byte)0x5e, (byte)0x33, (byte)0x87, (byte)0xc9, (byte)0xf0, (byte)0x5d,
-        (byte)0x6d, (byte)0x3f, (byte)0x88, (byte)0x8d, (byte)0xc7, (byte)0xf7, (byte)0x1d, (byte)0xe9, (byte)0xec,
-        (byte)0xed, (byte)0x80, (byte)0x29, (byte)0x27, (byte)0xcf, (byte)0x99, (byte)0xa8, (byte)0x50, (byte)0x0f,
-        (byte)0x37, (byte)0x24, (byte)0x28, (byte)0x30, (byte)0x95, (byte)0xd2, (byte)0x3e, (byte)0x5b, (byte)0x40,
-        (byte)0x83, (byte)0xb3, (byte)0x69, (byte)0x57, (byte)0x1f, (byte)0x07, (byte)0x1c, (byte)0x8a, (byte)0xbc,
-        (byte)0x20, (byte)0xeb, (byte)0xce, (byte)0x8e, (byte)0xab, (byte)0xee, (byte)0x31, (byte)0xa2, (byte)0x73,
-        (byte)0xf9, (byte)0xca, (byte)0x3a, (byte)0x1a, (byte)0xfb, (byte)0x0d, (byte)0xc1, (byte)0xfe, (byte)0xfa,
-        (byte)0xf2, (byte)0x6f, (byte)0xbd, (byte)0x96, (byte)0xdd, (byte)0x43, (byte)0x52, (byte)0xb6, (byte)0x08,
-        (byte)0xf3, (byte)0xae, (byte)0xbe, (byte)0x19, (byte)0x89, (byte)0x32, (byte)0x26, (byte)0xb0, (byte)0xea,
-        (byte)0x4b, (byte)0x64, (byte)0x84, (byte)0x82, (byte)0x6b, (byte)0xf5, (byte)0x79, (byte)0xbf, (byte)0x01,
-        (byte)0x5f, (byte)0x75, (byte)0x63, (byte)0x1b, (byte)0x23, (byte)0x3d, (byte)0x68, (byte)0x2a, (byte)0x65,
-        (byte)0xe8, (byte)0x91, (byte)0xf6, (byte)0xff, (byte)0x13, (byte)0x58, (byte)0xf1, (byte)0x47, (byte)0x0a,
-        (byte)0x7f, (byte)0xc5, (byte)0xa7, (byte)0xe7, (byte)0x61, (byte)0x5a, (byte)0x06, (byte)0x46, (byte)0x44,
-        (byte)0x42, (byte)0x04, (byte)0xa0, (byte)0xdb, (byte)0x39, (byte)0x86, (byte)0x54, (byte)0xaa, (byte)0x8c,
-        (byte)0x34, (byte)0x21, (byte)0x8b, (byte)0xf8, (byte)0x0c, (byte)0x74, (byte)0x67 };
-
-    private static final byte[] S3 = new byte[]{ (byte)0x68, (byte)0x8d, (byte)0xca, (byte)0x4d, (byte)0x73, (byte)0x4b,
-        (byte)0x4e, (byte)0x2a, (byte)0xd4, (byte)0x52, (byte)0x26, (byte)0xb3, (byte)0x54, (byte)0x1e, (byte)0x19,
-        (byte)0x1f, (byte)0x22, (byte)0x03, (byte)0x46, (byte)0x3d, (byte)0x2d, (byte)0x4a, (byte)0x53, (byte)0x83,
-        (byte)0x13, (byte)0x8a, (byte)0xb7, (byte)0xd5, (byte)0x25, (byte)0x79, (byte)0xf5, (byte)0xbd, (byte)0x58,
-        (byte)0x2f, (byte)0x0d, (byte)0x02, (byte)0xed, (byte)0x51, (byte)0x9e, (byte)0x11, (byte)0xf2, (byte)0x3e,
-        (byte)0x55, (byte)0x5e, (byte)0xd1, (byte)0x16, (byte)0x3c, (byte)0x66, (byte)0x70, (byte)0x5d, (byte)0xf3,
-        (byte)0x45, (byte)0x40, (byte)0xcc, (byte)0xe8, (byte)0x94, (byte)0x56, (byte)0x08, (byte)0xce, (byte)0x1a,
-        (byte)0x3a, (byte)0xd2, (byte)0xe1, (byte)0xdf, (byte)0xb5, (byte)0x38, (byte)0x6e, (byte)0x0e, (byte)0xe5,
-        (byte)0xf4, (byte)0xf9, (byte)0x86, (byte)0xe9, (byte)0x4f, (byte)0xd6, (byte)0x85, (byte)0x23, (byte)0xcf,
-        (byte)0x32, (byte)0x99, (byte)0x31, (byte)0x14, (byte)0xae, (byte)0xee, (byte)0xc8, (byte)0x48, (byte)0xd3,
-        (byte)0x30, (byte)0xa1, (byte)0x92, (byte)0x41, (byte)0xb1, (byte)0x18, (byte)0xc4, (byte)0x2c, (byte)0x71,
-        (byte)0x72, (byte)0x44, (byte)0x15, (byte)0xfd, (byte)0x37, (byte)0xbe, (byte)0x5f, (byte)0xaa, (byte)0x9b,
-        (byte)0x88, (byte)0xd8, (byte)0xab, (byte)0x89, (byte)0x9c, (byte)0xfa, (byte)0x60, (byte)0xea, (byte)0xbc,
-        (byte)0x62, (byte)0x0c, (byte)0x24, (byte)0xa6, (byte)0xa8, (byte)0xec, (byte)0x67, (byte)0x20, (byte)0xdb,
-        (byte)0x7c, (byte)0x28, (byte)0xdd, (byte)0xac, (byte)0x5b, (byte)0x34, (byte)0x7e, (byte)0x10, (byte)0xf1,
-        (byte)0x7b, (byte)0x8f, (byte)0x63, (byte)0xa0, (byte)0x05, (byte)0x9a, (byte)0x43, (byte)0x77, (byte)0x21,
-        (byte)0xbf, (byte)0x27, (byte)0x09, (byte)0xc3, (byte)0x9f, (byte)0xb6, (byte)0xd7, (byte)0x29, (byte)0xc2,
-        (byte)0xeb, (byte)0xc0, (byte)0xa4, (byte)0x8b, (byte)0x8c, (byte)0x1d, (byte)0xfb, (byte)0xff, (byte)0xc1,
-        (byte)0xb2, (byte)0x97, (byte)0x2e, (byte)0xf8, (byte)0x65, (byte)0xf6, (byte)0x75, (byte)0x07, (byte)0x04,
-        (byte)0x49, (byte)0x33, (byte)0xe4, (byte)0xd9, (byte)0xb9, (byte)0xd0, (byte)0x42, (byte)0xc7, (byte)0x6c,
-        (byte)0x90, (byte)0x00, (byte)0x8e, (byte)0x6f, (byte)0x50, (byte)0x01, (byte)0xc5, (byte)0xda, (byte)0x47,
-        (byte)0x3f, (byte)0xcd, (byte)0x69, (byte)0xa2, (byte)0xe2, (byte)0x7a, (byte)0xa7, (byte)0xc6, (byte)0x93,
-        (byte)0x0f, (byte)0x0a, (byte)0x06, (byte)0xe6, (byte)0x2b, (byte)0x96, (byte)0xa3, (byte)0x1c, (byte)0xaf,
-        (byte)0x6a, (byte)0x12, (byte)0x84, (byte)0x39, (byte)0xe7, (byte)0xb0, (byte)0x82, (byte)0xf7, (byte)0xfe,
-        (byte)0x9d, (byte)0x87, (byte)0x5c, (byte)0x81, (byte)0x35, (byte)0xde, (byte)0xb4, (byte)0xa5, (byte)0xfc,
-        (byte)0x80, (byte)0xef, (byte)0xcb, (byte)0xbb, (byte)0x6b, (byte)0x76, (byte)0xba, (byte)0x5a, (byte)0x7d,
-        (byte)0x78, (byte)0x0b, (byte)0x95, (byte)0xe3, (byte)0xad, (byte)0x74, (byte)0x98, (byte)0x3b, (byte)0x36,
-        (byte)0x64, (byte)0x6d, (byte)0xdc, (byte)0xf0, (byte)0x59, (byte)0xa9, (byte)0x4c, (byte)0x17, (byte)0x7f,
-        (byte)0x91, (byte)0xb8, (byte)0xc9, (byte)0x57, (byte)0x1b, (byte)0xe0, (byte)0x61 };
-
-    private static final byte[] T0 = new byte[]{ (byte)0xa4, (byte)0xa2, (byte)0xa9, (byte)0xc5, (byte)0x4e, (byte)0xc9,
-        (byte)0x03, (byte)0xd9, (byte)0x7e, (byte)0x0f, (byte)0xd2, (byte)0xad, (byte)0xe7, (byte)0xd3, (byte)0x27,
-        (byte)0x5b, (byte)0xe3, (byte)0xa1, (byte)0xe8, (byte)0xe6, (byte)0x7c, (byte)0x2a, (byte)0x55, (byte)0x0c,
-        (byte)0x86, (byte)0x39, (byte)0xd7, (byte)0x8d, (byte)0xb8, (byte)0x12, (byte)0x6f, (byte)0x28, (byte)0xcd,
-        (byte)0x8a, (byte)0x70, (byte)0x56, (byte)0x72, (byte)0xf9, (byte)0xbf, (byte)0x4f, (byte)0x73, (byte)0xe9,
-        (byte)0xf7, (byte)0x57, (byte)0x16, (byte)0xac, (byte)0x50, (byte)0xc0, (byte)0x9d, (byte)0xb7, (byte)0x47,
-        (byte)0x71, (byte)0x60, (byte)0xc4, (byte)0x74, (byte)0x43, (byte)0x6c, (byte)0x1f, (byte)0x93, (byte)0x77,
-        (byte)0xdc, (byte)0xce, (byte)0x20, (byte)0x8c, (byte)0x99, (byte)0x5f, (byte)0x44, (byte)0x01, (byte)0xf5,
-        (byte)0x1e, (byte)0x87, (byte)0x5e, (byte)0x61, (byte)0x2c, (byte)0x4b, (byte)0x1d, (byte)0x81, (byte)0x15,
-        (byte)0xf4, (byte)0x23, (byte)0xd6, (byte)0xea, (byte)0xe1, (byte)0x67, (byte)0xf1, (byte)0x7f, (byte)0xfe,
-        (byte)0xda, (byte)0x3c, (byte)0x07, (byte)0x53, (byte)0x6a, (byte)0x84, (byte)0x9c, (byte)0xcb, (byte)0x02,
-        (byte)0x83, (byte)0x33, (byte)0xdd, (byte)0x35, (byte)0xe2, (byte)0x59, (byte)0x5a, (byte)0x98, (byte)0xa5,
-        (byte)0x92, (byte)0x64, (byte)0x04, (byte)0x06, (byte)0x10, (byte)0x4d, (byte)0x1c, (byte)0x97, (byte)0x08,
-        (byte)0x31, (byte)0xee, (byte)0xab, (byte)0x05, (byte)0xaf, (byte)0x79, (byte)0xa0, (byte)0x18, (byte)0x46,
-        (byte)0x6d, (byte)0xfc, (byte)0x89, (byte)0xd4, (byte)0xc7, (byte)0xff, (byte)0xf0, (byte)0xcf, (byte)0x42,
-        (byte)0x91, (byte)0xf8, (byte)0x68, (byte)0x0a, (byte)0x65, (byte)0x8e, (byte)0xb6, (byte)0xfd, (byte)0xc3,
-        (byte)0xef, (byte)0x78, (byte)0x4c, (byte)0xcc, (byte)0x9e, (byte)0x30, (byte)0x2e, (byte)0xbc, (byte)0x0b,
-        (byte)0x54, (byte)0x1a, (byte)0xa6, (byte)0xbb, (byte)0x26, (byte)0x80, (byte)0x48, (byte)0x94, (byte)0x32,
-        (byte)0x7d, (byte)0xa7, (byte)0x3f, (byte)0xae, (byte)0x22, (byte)0x3d, (byte)0x66, (byte)0xaa, (byte)0xf6,
-        (byte)0x00, (byte)0x5d, (byte)0xbd, (byte)0x4a, (byte)0xe0, (byte)0x3b, (byte)0xb4, (byte)0x17, (byte)0x8b,
-        (byte)0x9f, (byte)0x76, (byte)0xb0, (byte)0x24, (byte)0x9a, (byte)0x25, (byte)0x63, (byte)0xdb, (byte)0xeb,
-        (byte)0x7a, (byte)0x3e, (byte)0x5c, (byte)0xb3, (byte)0xb1, (byte)0x29, (byte)0xf2, (byte)0xca, (byte)0x58,
-        (byte)0x6e, (byte)0xd8, (byte)0xa8, (byte)0x2f, (byte)0x75, (byte)0xdf, (byte)0x14, (byte)0xfb, (byte)0x13,
-        (byte)0x49, (byte)0x88, (byte)0xb2, (byte)0xec, (byte)0xe4, (byte)0x34, (byte)0x2d, (byte)0x96, (byte)0xc6,
-        (byte)0x3a, (byte)0xed, (byte)0x95, (byte)0x0e, (byte)0xe5, (byte)0x85, (byte)0x6b, (byte)0x40, (byte)0x21,
-        (byte)0x9b, (byte)0x09, (byte)0x19, (byte)0x2b, (byte)0x52, (byte)0xde, (byte)0x45, (byte)0xa3, (byte)0xfa,
-        (byte)0x51, (byte)0xc2, (byte)0xb5, (byte)0xd1, (byte)0x90, (byte)0xb9, (byte)0xf3, (byte)0x37, (byte)0xc1,
-        (byte)0x0d, (byte)0xba, (byte)0x41, (byte)0x11, (byte)0x38, (byte)0x7b, (byte)0xbe, (byte)0xd0, (byte)0xd5,
-        (byte)0x69, (byte)0x36, (byte)0xc8, (byte)0x62, (byte)0x1b, (byte)0x82, (byte)0x8f };
-
-    private static final byte[] T1 = new byte[]{ (byte)0x83, (byte)0xf2, (byte)0x2a, (byte)0xeb, (byte)0xe9, (byte)0xbf,
-        (byte)0x7b, (byte)0x9c, (byte)0x34, (byte)0x96, (byte)0x8d, (byte)0x98, (byte)0xb9, (byte)0x69, (byte)0x8c,
-        (byte)0x29, (byte)0x3d, (byte)0x88, (byte)0x68, (byte)0x06, (byte)0x39, (byte)0x11, (byte)0x4c, (byte)0x0e,
-        (byte)0xa0, (byte)0x56, (byte)0x40, (byte)0x92, (byte)0x15, (byte)0xbc, (byte)0xb3, (byte)0xdc, (byte)0x6f,
-        (byte)0xf8, (byte)0x26, (byte)0xba, (byte)0xbe, (byte)0xbd, (byte)0x31, (byte)0xfb, (byte)0xc3, (byte)0xfe,
-        (byte)0x80, (byte)0x61, (byte)0xe1, (byte)0x7a, (byte)0x32, (byte)0xd2, (byte)0x70, (byte)0x20, (byte)0xa1,
-        (byte)0x45, (byte)0xec, (byte)0xd9, (byte)0x1a, (byte)0x5d, (byte)0xb4, (byte)0xd8, (byte)0x09, (byte)0xa5,
-        (byte)0x55, (byte)0x8e, (byte)0x37, (byte)0x76, (byte)0xa9, (byte)0x67, (byte)0x10, (byte)0x17, (byte)0x36,
-        (byte)0x65, (byte)0xb1, (byte)0x95, (byte)0x62, (byte)0x59, (byte)0x74, (byte)0xa3, (byte)0x50, (byte)0x2f,
-        (byte)0x4b, (byte)0xc8, (byte)0xd0, (byte)0x8f, (byte)0xcd, (byte)0xd4, (byte)0x3c, (byte)0x86, (byte)0x12,
-        (byte)0x1d, (byte)0x23, (byte)0xef, (byte)0xf4, (byte)0x53, (byte)0x19, (byte)0x35, (byte)0xe6, (byte)0x7f,
-        (byte)0x5e, (byte)0xd6, (byte)0x79, (byte)0x51, (byte)0x22, (byte)0x14, (byte)0xf7, (byte)0x1e, (byte)0x4a,
-        (byte)0x42, (byte)0x9b, (byte)0x41, (byte)0x73, (byte)0x2d, (byte)0xc1, (byte)0x5c, (byte)0xa6, (byte)0xa2,
-        (byte)0xe0, (byte)0x2e, (byte)0xd3, (byte)0x28, (byte)0xbb, (byte)0xc9, (byte)0xae, (byte)0x6a, (byte)0xd1,
-        (byte)0x5a, (byte)0x30, (byte)0x90, (byte)0x84, (byte)0xf9, (byte)0xb2, (byte)0x58, (byte)0xcf, (byte)0x7e,
-        (byte)0xc5, (byte)0xcb, (byte)0x97, (byte)0xe4, (byte)0x16, (byte)0x6c, (byte)0xfa, (byte)0xb0, (byte)0x6d,
-        (byte)0x1f, (byte)0x52, (byte)0x99, (byte)0x0d, (byte)0x4e, (byte)0x03, (byte)0x91, (byte)0xc2, (byte)0x4d,
-        (byte)0x64, (byte)0x77, (byte)0x9f, (byte)0xdd, (byte)0xc4, (byte)0x49, (byte)0x8a, (byte)0x9a, (byte)0x24,
-        (byte)0x38, (byte)0xa7, (byte)0x57, (byte)0x85, (byte)0xc7, (byte)0x7c, (byte)0x7d, (byte)0xe7, (byte)0xf6,
-        (byte)0xb7, (byte)0xac, (byte)0x27, (byte)0x46, (byte)0xde, (byte)0xdf, (byte)0x3b, (byte)0xd7, (byte)0x9e,
-        (byte)0x2b, (byte)0x0b, (byte)0xd5, (byte)0x13, (byte)0x75, (byte)0xf0, (byte)0x72, (byte)0xb6, (byte)0x9d,
-        (byte)0x1b, (byte)0x01, (byte)0x3f, (byte)0x44, (byte)0xe5, (byte)0x87, (byte)0xfd, (byte)0x07, (byte)0xf1,
-        (byte)0xab, (byte)0x94, (byte)0x18, (byte)0xea, (byte)0xfc, (byte)0x3a, (byte)0x82, (byte)0x5f, (byte)0x05,
-        (byte)0x54, (byte)0xdb, (byte)0x00, (byte)0x8b, (byte)0xe3, (byte)0x48, (byte)0x0c, (byte)0xca, (byte)0x78,
-        (byte)0x89, (byte)0x0a, (byte)0xff, (byte)0x3e, (byte)0x5b, (byte)0x81, (byte)0xee, (byte)0x71, (byte)0xe2,
-        (byte)0xda, (byte)0x2c, (byte)0xb8, (byte)0xb5, (byte)0xcc, (byte)0x6e, (byte)0xa8, (byte)0x6b, (byte)0xad,
-        (byte)0x60, (byte)0xc6, (byte)0x08, (byte)0x04, (byte)0x02, (byte)0xe8, (byte)0xf5, (byte)0x4f, (byte)0xa4,
-        (byte)0xf3, (byte)0xc0, (byte)0xce, (byte)0x43, (byte)0x25, (byte)0x1c, (byte)0x21, (byte)0x33, (byte)0x0f,
-        (byte)0xaf, (byte)0x47, (byte)0xed, (byte)0x66, (byte)0x63, (byte)0x93, (byte)0xaa };
-
-    private static final byte[] T2 = new byte[]{ (byte)0x45, (byte)0xd4, (byte)0x0b, (byte)0x43, (byte)0xf1, (byte)0x72,
-        (byte)0xed, (byte)0xa4, (byte)0xc2, (byte)0x38, (byte)0xe6, (byte)0x71, (byte)0xfd, (byte)0xb6, (byte)0x3a,
-        (byte)0x95, (byte)0x50, (byte)0x44, (byte)0x4b, (byte)0xe2, (byte)0x74, (byte)0x6b, (byte)0x1e, (byte)0x11,
-        (byte)0x5a, (byte)0xc6, (byte)0xb4, (byte)0xd8, (byte)0xa5, (byte)0x8a, (byte)0x70, (byte)0xa3, (byte)0xa8,
-        (byte)0xfa, (byte)0x05, (byte)0xd9, (byte)0x97, (byte)0x40, (byte)0xc9, (byte)0x90, (byte)0x98, (byte)0x8f,
-        (byte)0xdc, (byte)0x12, (byte)0x31, (byte)0x2c, (byte)0x47, (byte)0x6a, (byte)0x99, (byte)0xae, (byte)0xc8,
-        (byte)0x7f, (byte)0xf9, (byte)0x4f, (byte)0x5d, (byte)0x96, (byte)0x6f, (byte)0xf4, (byte)0xb3, (byte)0x39,
-        (byte)0x21, (byte)0xda, (byte)0x9c, (byte)0x85, (byte)0x9e, (byte)0x3b, (byte)0xf0, (byte)0xbf, (byte)0xef,
-        (byte)0x06, (byte)0xee, (byte)0xe5, (byte)0x5f, (byte)0x20, (byte)0x10, (byte)0xcc, (byte)0x3c, (byte)0x54,
-        (byte)0x4a, (byte)0x52, (byte)0x94, (byte)0x0e, (byte)0xc0, (byte)0x28, (byte)0xf6, (byte)0x56, (byte)0x60,
-        (byte)0xa2, (byte)0xe3, (byte)0x0f, (byte)0xec, (byte)0x9d, (byte)0x24, (byte)0x83, (byte)0x7e, (byte)0xd5,
-        (byte)0x7c, (byte)0xeb, (byte)0x18, (byte)0xd7, (byte)0xcd, (byte)0xdd, (byte)0x78, (byte)0xff, (byte)0xdb,
-        (byte)0xa1, (byte)0x09, (byte)0xd0, (byte)0x76, (byte)0x84, (byte)0x75, (byte)0xbb, (byte)0x1d, (byte)0x1a,
-        (byte)0x2f, (byte)0xb0, (byte)0xfe, (byte)0xd6, (byte)0x34, (byte)0x63, (byte)0x35, (byte)0xd2, (byte)0x2a,
-        (byte)0x59, (byte)0x6d, (byte)0x4d, (byte)0x77, (byte)0xe7, (byte)0x8e, (byte)0x61, (byte)0xcf, (byte)0x9f,
-        (byte)0xce, (byte)0x27, (byte)0xf5, (byte)0x80, (byte)0x86, (byte)0xc7, (byte)0xa6, (byte)0xfb, (byte)0xf8,
-        (byte)0x87, (byte)0xab, (byte)0x62, (byte)0x3f, (byte)0xdf, (byte)0x48, (byte)0x00, (byte)0x14, (byte)0x9a,
-        (byte)0xbd, (byte)0x5b, (byte)0x04, (byte)0x92, (byte)0x02, (byte)0x25, (byte)0x65, (byte)0x4c, (byte)0x53,
-        (byte)0x0c, (byte)0xf2, (byte)0x29, (byte)0xaf, (byte)0x17, (byte)0x6c, (byte)0x41, (byte)0x30, (byte)0xe9,
-        (byte)0x93, (byte)0x55, (byte)0xf7, (byte)0xac, (byte)0x68, (byte)0x26, (byte)0xc4, (byte)0x7d, (byte)0xca,
-        (byte)0x7a, (byte)0x3e, (byte)0xa0, (byte)0x37, (byte)0x03, (byte)0xc1, (byte)0x36, (byte)0x69, (byte)0x66,
-        (byte)0x08, (byte)0x16, (byte)0xa7, (byte)0xbc, (byte)0xc5, (byte)0xd3, (byte)0x22, (byte)0xb7, (byte)0x13,
-        (byte)0x46, (byte)0x32, (byte)0xe8, (byte)0x57, (byte)0x88, (byte)0x2b, (byte)0x81, (byte)0xb2, (byte)0x4e,
-        (byte)0x64, (byte)0x1c, (byte)0xaa, (byte)0x91, (byte)0x58, (byte)0x2e, (byte)0x9b, (byte)0x5c, (byte)0x1b,
-        (byte)0x51, (byte)0x73, (byte)0x42, (byte)0x23, (byte)0x01, (byte)0x6e, (byte)0xf3, (byte)0x0d, (byte)0xbe,
-        (byte)0x3d, (byte)0x0a, (byte)0x2d, (byte)0x1f, (byte)0x67, (byte)0x33, (byte)0x19, (byte)0x7b, (byte)0x5e,
-        (byte)0xea, (byte)0xde, (byte)0x8b, (byte)0xcb, (byte)0xa9, (byte)0x8c, (byte)0x8d, (byte)0xad, (byte)0x49,
-        (byte)0x82, (byte)0xe4, (byte)0xba, (byte)0xc3, (byte)0x15, (byte)0xd1, (byte)0xe0, (byte)0x89, (byte)0xfc,
-        (byte)0xb1, (byte)0xb9, (byte)0xb5, (byte)0x07, (byte)0x79, (byte)0xb8, (byte)0xe1 };
-
-    private static final byte[] T3 = new byte[]{ (byte)0xb2, (byte)0xb6, (byte)0x23, (byte)0x11, (byte)0xa7, (byte)0x88,
-        (byte)0xc5, (byte)0xa6, (byte)0x39, (byte)0x8f, (byte)0xc4, (byte)0xe8, (byte)0x73, (byte)0x22, (byte)0x43,
-        (byte)0xc3, (byte)0x82, (byte)0x27, (byte)0xcd, (byte)0x18, (byte)0x51, (byte)0x62, (byte)0x2d, (byte)0xf7,
-        (byte)0x5c, (byte)0x0e, (byte)0x3b, (byte)0xfd, (byte)0xca, (byte)0x9b, (byte)0x0d, (byte)0x0f, (byte)0x79,
-        (byte)0x8c, (byte)0x10, (byte)0x4c, (byte)0x74, (byte)0x1c, (byte)0x0a, (byte)0x8e, (byte)0x7c, (byte)0x94,
-        (byte)0x07, (byte)0xc7, (byte)0x5e, (byte)0x14, (byte)0xa1, (byte)0x21, (byte)0x57, (byte)0x50, (byte)0x4e,
-        (byte)0xa9, (byte)0x80, (byte)0xd9, (byte)0xef, (byte)0x64, (byte)0x41, (byte)0xcf, (byte)0x3c, (byte)0xee,
-        (byte)0x2e, (byte)0x13, (byte)0x29, (byte)0xba, (byte)0x34, (byte)0x5a, (byte)0xae, (byte)0x8a, (byte)0x61,
-        (byte)0x33, (byte)0x12, (byte)0xb9, (byte)0x55, (byte)0xa8, (byte)0x15, (byte)0x05, (byte)0xf6, (byte)0x03,
-        (byte)0x06, (byte)0x49, (byte)0xb5, (byte)0x25, (byte)0x09, (byte)0x16, (byte)0x0c, (byte)0x2a, (byte)0x38,
-        (byte)0xfc, (byte)0x20, (byte)0xf4, (byte)0xe5, (byte)0x7f, (byte)0xd7, (byte)0x31, (byte)0x2b, (byte)0x66,
-        (byte)0x6f, (byte)0xff, (byte)0x72, (byte)0x86, (byte)0xf0, (byte)0xa3, (byte)0x2f, (byte)0x78, (byte)0x00,
-        (byte)0xbc, (byte)0xcc, (byte)0xe2, (byte)0xb0, (byte)0xf1, (byte)0x42, (byte)0xb4, (byte)0x30, (byte)0x5f,
-        (byte)0x60, (byte)0x04, (byte)0xec, (byte)0xa5, (byte)0xe3, (byte)0x8b, (byte)0xe7, (byte)0x1d, (byte)0xbf,
-        (byte)0x84, (byte)0x7b, (byte)0xe6, (byte)0x81, (byte)0xf8, (byte)0xde, (byte)0xd8, (byte)0xd2, (byte)0x17,
-        (byte)0xce, (byte)0x4b, (byte)0x47, (byte)0xd6, (byte)0x69, (byte)0x6c, (byte)0x19, (byte)0x99, (byte)0x9a,
-        (byte)0x01, (byte)0xb3, (byte)0x85, (byte)0xb1, (byte)0xf9, (byte)0x59, (byte)0xc2, (byte)0x37, (byte)0xe9,
-        (byte)0xc8, (byte)0xa0, (byte)0xed, (byte)0x4f, (byte)0x89, (byte)0x68, (byte)0x6d, (byte)0xd5, (byte)0x26,
-        (byte)0x91, (byte)0x87, (byte)0x58, (byte)0xbd, (byte)0xc9, (byte)0x98, (byte)0xdc, (byte)0x75, (byte)0xc0,
-        (byte)0x76, (byte)0xf5, (byte)0x67, (byte)0x6b, (byte)0x7e, (byte)0xeb, (byte)0x52, (byte)0xcb, (byte)0xd1,
-        (byte)0x5b, (byte)0x9f, (byte)0x0b, (byte)0xdb, (byte)0x40, (byte)0x92, (byte)0x1a, (byte)0xfa, (byte)0xac,
-        (byte)0xe4, (byte)0xe1, (byte)0x71, (byte)0x1f, (byte)0x65, (byte)0x8d, (byte)0x97, (byte)0x9e, (byte)0x95,
-        (byte)0x90, (byte)0x5d, (byte)0xb7, (byte)0xc1, (byte)0xaf, (byte)0x54, (byte)0xfb, (byte)0x02, (byte)0xe0,
-        (byte)0x35, (byte)0xbb, (byte)0x3a, (byte)0x4d, (byte)0xad, (byte)0x2c, (byte)0x3d, (byte)0x56, (byte)0x08,
-        (byte)0x1b, (byte)0x4a, (byte)0x93, (byte)0x6a, (byte)0xab, (byte)0xb8, (byte)0x7a, (byte)0xf2, (byte)0x7d,
-        (byte)0xda, (byte)0x3f, (byte)0xfe, (byte)0x3e, (byte)0xbe, (byte)0xea, (byte)0xaa, (byte)0x44, (byte)0xc6,
-        (byte)0xd0, (byte)0x36, (byte)0x48, (byte)0x70, (byte)0x96, (byte)0x77, (byte)0x24, (byte)0x53, (byte)0xdf,
-        (byte)0xf3, (byte)0x83, (byte)0x28, (byte)0x32, (byte)0x45, (byte)0x1e, (byte)0xa4, (byte)0xd3, (byte)0xa2,
-        (byte)0x46, (byte)0x6e, (byte)0x9c, (byte)0xdd, (byte)0x63, (byte)0xd4, (byte)0x9d };
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/DSTU7624WrapEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/DSTU7624WrapEngine.java
deleted file mode 100644
index c262d2a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/DSTU7624WrapEngine.java
+++ /dev/null

@@ -1,239 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import java.util.ArrayList;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.Wrapper;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Implementation of DSTU7624 KEY WRAP mode
- */
-public class DSTU7624WrapEngine
-    implements Wrapper
-{
-
-    private static final int BYTES_IN_INTEGER = 4;
-
-    private boolean forWrapping;
-    private DSTU7624Engine engine;
-
-    private byte[] B, intArray;
-    private byte[] checkSumArray, zeroArray;
-    private ArrayList<byte[]> Btemp;
-
-
-    public DSTU7624WrapEngine(int blockBitLength)
-    {
-
-        this.engine = new DSTU7624Engine(blockBitLength);
-        this.B = new byte[engine.getBlockSize() / 2];
-        this.checkSumArray = new byte[engine.getBlockSize()];
-        this.zeroArray = new byte[engine.getBlockSize()];
-        this.Btemp = new ArrayList<byte[]>();
-        this.intArray = new byte[BYTES_IN_INTEGER];
-
-    }
-
-    public void init(boolean forWrapping, CipherParameters param)
-    {
-        if (param instanceof ParametersWithRandom)
-        {
-            param = ((ParametersWithRandom)param).getParameters();
-        }
-
-        this.forWrapping = forWrapping;
-        if (param instanceof KeyParameter)
-        {
-            engine.init(forWrapping, param);
-        }
-        else
-        {
-            throw new IllegalArgumentException("invalid parameters passed to DSTU7624WrapEngine");
-        }
-
-    }
-
-    public String getAlgorithmName()
-    {
-        return "DSTU7624WrapEngine";
-    }
-
-    public byte[] wrap(byte[] in, int inOff, int inLen)
-    {
-        if (!forWrapping)
-        {
-            throw new IllegalStateException("not set for wrapping");
-        }
-
-        if ((inLen % engine.getBlockSize()) != 0)
-        {
-            //Partial blocks not supported
-            throw new DataLengthException("wrap data must be a multiple of " + engine.getBlockSize() + " bytes");
-        }
-
-        if (inOff + inLen > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-
-        int n = 2 * (1 + inLen / engine.getBlockSize()); /* Defined in DSTU7624 standard */
-        int V = (n - 1) * 6; /* Defined in DSTU7624 standard */
-
-
-        byte[] wrappedBuffer = new byte[inLen + engine.getBlockSize()];
-        System.arraycopy(in, inOff, wrappedBuffer, 0, inLen);
-
-        System.arraycopy(wrappedBuffer, 0, B, 0, engine.getBlockSize() / 2);
-
-        Btemp.clear();
-
-        int bHalfBlocksLen = wrappedBuffer.length - engine.getBlockSize() / 2;
-        int bufOff = engine.getBlockSize() / 2;
-        while (bHalfBlocksLen != 0)
-        {
-            byte[] temp = new byte[engine.getBlockSize() / 2];
-            System.arraycopy(wrappedBuffer, bufOff, temp, 0, engine.getBlockSize() / 2);
-
-            Btemp.add(temp);
-
-            bHalfBlocksLen -= engine.getBlockSize() / 2;
-            bufOff += engine.getBlockSize() / 2;
-        }
-
-        for (int j = 0; j < V; j++)
-        {
-            System.arraycopy(B, 0, wrappedBuffer, 0, engine.getBlockSize() / 2);
-            System.arraycopy(Btemp.get(0), 0, wrappedBuffer, engine.getBlockSize() / 2, engine.getBlockSize() / 2);
-
-            engine.processBlock(wrappedBuffer, 0, wrappedBuffer, 0);
-
-            intToBytes(j + 1, intArray, 0);
-            for (int byteNum = 0; byteNum < BYTES_IN_INTEGER; byteNum++)
-            {
-                wrappedBuffer[byteNum + engine.getBlockSize() / 2] ^= intArray[byteNum];
-            }
-
-            System.arraycopy(wrappedBuffer, engine.getBlockSize() / 2, B, 0, engine.getBlockSize() / 2);
-
-            for (int i = 2; i < n; i++)
-            {
-                System.arraycopy(Btemp.get(i - 1), 0, Btemp.get(i - 2), 0, engine.getBlockSize() / 2);
-            }
-
-            System.arraycopy(wrappedBuffer, 0, Btemp.get(n - 2), 0, engine.getBlockSize() / 2);
-        }
-
-
-        System.arraycopy(B, 0, wrappedBuffer, 0, engine.getBlockSize() / 2);
-        bufOff = engine.getBlockSize() / 2;
-
-        for (int i = 0; i < n - 1; i++)
-        {
-            System.arraycopy(Btemp.get(i), 0, wrappedBuffer, bufOff, engine.getBlockSize() / 2);
-            bufOff += engine.getBlockSize() / 2;
-        }
-
-        return wrappedBuffer;
-
-    }
-
-    public byte[] unwrap(byte[] in, int inOff, int inLen)
-        throws InvalidCipherTextException
-    {
-        if (forWrapping)
-        {
-            throw new IllegalStateException("not set for unwrapping");
-        }
-
-        if ((inLen % engine.getBlockSize()) != 0)
-        {
-            //Partial blocks not supported
-            throw new DataLengthException("unwrap data must be a multiple of " + engine.getBlockSize() + " bytes");
-        }
-
-        int n = 2 * inLen / engine.getBlockSize();
-
-        int V = (n - 1) * 6;
-
-        byte[] buffer = new byte[inLen];
-        System.arraycopy(in, inOff, buffer, 0, inLen);
-
-        byte[] B = new byte[engine.getBlockSize() / 2];
-        System.arraycopy(buffer, 0, B, 0, engine.getBlockSize() / 2);
-
-        Btemp.clear();
-
-        int bHalfBlocksLen = buffer.length - engine.getBlockSize() / 2;
-        int bufOff = engine.getBlockSize() / 2;
-        while (bHalfBlocksLen != 0)
-        {
-            byte[] temp = new byte[engine.getBlockSize() / 2];
-            System.arraycopy(buffer, bufOff, temp, 0, engine.getBlockSize() / 2);
-
-            Btemp.add(temp);
-
-            bHalfBlocksLen -= engine.getBlockSize() / 2;
-            bufOff += engine.getBlockSize() / 2;
-        }
-
-        for (int j = 0; j < V; j++)
-        {
-            System.arraycopy(Btemp.get(n - 2), 0, buffer, 0, engine.getBlockSize() / 2);
-            System.arraycopy(B, 0, buffer, engine.getBlockSize() / 2, engine.getBlockSize() / 2);
-            intToBytes(V - j, intArray, 0);
-            for (int byteNum = 0; byteNum < BYTES_IN_INTEGER; byteNum++)
-            {
-                buffer[byteNum + engine.getBlockSize() / 2] ^= intArray[byteNum];
-            }
-
-            engine.processBlock(buffer, 0, buffer, 0);
-
-            System.arraycopy(buffer, 0, B, 0, engine.getBlockSize() / 2);
-
-            for (int i = 2; i < n; i++)
-            {
-                System.arraycopy(Btemp.get(n - i - 1), 0, Btemp.get(n - i), 0, engine.getBlockSize() / 2);
-            }
-
-            System.arraycopy(buffer, engine.getBlockSize() / 2, Btemp.get(0), 0, engine.getBlockSize() / 2);
-        }
-
-        System.arraycopy(B, 0, buffer, 0, engine.getBlockSize() / 2);
-        bufOff = engine.getBlockSize() / 2;
-
-        for (int i = 0; i < n - 1; i++)
-        {
-            System.arraycopy(Btemp.get(i), 0, buffer, bufOff, engine.getBlockSize() / 2);
-            bufOff += engine.getBlockSize() / 2;
-        }
-
-        System.arraycopy(buffer, buffer.length - engine.getBlockSize(), checkSumArray, 0, engine.getBlockSize());
-
-        byte[] wrappedBuffer = new byte[buffer.length - engine.getBlockSize()];
-        if (!Arrays.areEqual(checkSumArray, zeroArray))
-        {
-            throw new InvalidCipherTextException("checksum failed");
-        }
-        else
-        {
-            System.arraycopy(buffer, 0, wrappedBuffer, 0, buffer.length - engine.getBlockSize());
-        }
-
-
-        return wrappedBuffer;
-    }
-
-
-    private void intToBytes(int number, byte[] outBytes, int outOff)
-    {
-        outBytes[outOff + 3] = (byte)(number >> 24);
-        outBytes[outOff + 2] = (byte)(number >> 16);
-        outBytes[outOff + 1] = (byte)(number >> 8);
-        outBytes[outOff] = (byte)number;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/ElGamalEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/ElGamalEngine.java
deleted file mode 100644
index 5b78c10..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/ElGamalEngine.java
+++ /dev/null

@@ -1,218 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.params.ElGamalKeyParameters;
-import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.util.BigIntegers;
-
-/**
- * this does your basic ElGamal algorithm.
- */
-public class ElGamalEngine
-    implements AsymmetricBlockCipher
-{
-    private ElGamalKeyParameters    key;
-    private SecureRandom            random;
-    private boolean                 forEncryption;
-    private int                     bitSize;
-
-    private static final BigInteger ZERO = BigInteger.valueOf(0);
-    private static final BigInteger ONE = BigInteger.valueOf(1);
-    private static final BigInteger TWO = BigInteger.valueOf(2);
-
-    /**
-     * initialise the ElGamal engine.
-     *
-     * @param forEncryption true if we are encrypting, false otherwise.
-     * @param param the necessary ElGamal key parameters.
-     */
-    public void init(
-        boolean             forEncryption,
-        CipherParameters    param)
-    {
-        if (param instanceof ParametersWithRandom)
-        {
-            ParametersWithRandom    p = (ParametersWithRandom)param;
-
-            this.key = (ElGamalKeyParameters)p.getParameters();
-            this.random = p.getRandom();
-        }
-        else
-        {
-            this.key = (ElGamalKeyParameters)param;
-            this.random = CryptoServicesRegistrar.getSecureRandom();
-        }
-
-        this.forEncryption = forEncryption;
-
-        BigInteger p = key.getParameters().getP();
-
-        bitSize = p.bitLength();
-
-        if (forEncryption)
-        {
-            if (!(key instanceof ElGamalPublicKeyParameters))
-            {
-                throw new IllegalArgumentException("ElGamalPublicKeyParameters are required for encryption.");
-            }
-        }
-        else
-        {
-            if (!(key instanceof ElGamalPrivateKeyParameters))
-            {
-                throw new IllegalArgumentException("ElGamalPrivateKeyParameters are required for decryption.");
-            }
-        }
-    }
-
-    /**
-     * Return the maximum size for an input block to this engine.
-     * For ElGamal this is always one byte less than the size of P on
-     * encryption, and twice the length as the size of P on decryption.
-     *
-     * @return maximum size for an input block.
-     */
-    public int getInputBlockSize()
-    {
-        if (forEncryption)
-        {
-            return (bitSize - 1) / 8;
-        }
-
-        return 2 * ((bitSize + 7) / 8);
-    }
-
-    /**
-     * Return the maximum size for an output block to this engine.
-     * For ElGamal this is always one byte less than the size of P on
-     * decryption, and twice the length as the size of P on encryption.
-     *
-     * @return maximum size for an output block.
-     */
-    public int getOutputBlockSize()
-    {
-        if (forEncryption)
-        {
-            return 2 * ((bitSize + 7) / 8);
-        }
-
-        return (bitSize - 1) / 8;
-    }
-
-    /**
-     * Process a single block using the basic ElGamal algorithm.
-     *
-     * @param in the input array.
-     * @param inOff the offset into the input buffer where the data starts.
-     * @param inLen the length of the data to be processed.
-     * @return the result of the ElGamal process.
-     * @exception DataLengthException the input block is too large.
-     */
-    public byte[] processBlock(
-        byte[]  in,
-        int     inOff,
-        int     inLen)
-    {
-        if (key == null)
-        {
-            throw new IllegalStateException("ElGamal engine not initialised");
-        }
-
-        int maxLength = forEncryption
-            ?   (bitSize - 1 + 7) / 8
-            :   getInputBlockSize();
-
-        if (inLen > maxLength)
-        {
-            throw new DataLengthException("input too large for ElGamal cipher.\n");
-        }
-
-        BigInteger  p = key.getParameters().getP();
-
-        if (key instanceof ElGamalPrivateKeyParameters) // decryption
-        {
-            byte[]  in1 = new byte[inLen / 2];
-            byte[]  in2 = new byte[inLen / 2];
-
-            System.arraycopy(in, inOff, in1, 0, in1.length);
-            System.arraycopy(in, inOff + in1.length, in2, 0, in2.length);
-
-            BigInteger  gamma = new BigInteger(1, in1);
-            BigInteger  phi = new BigInteger(1, in2);
-
-            ElGamalPrivateKeyParameters  priv = (ElGamalPrivateKeyParameters)key;
-            // a shortcut, which generally relies on p being prime amongst other things.
-            // if a problem with this shows up, check the p and g values!
-            BigInteger  m = gamma.modPow(p.subtract(ONE).subtract(priv.getX()), p).multiply(phi).mod(p);
-
-            return BigIntegers.asUnsignedByteArray(m);
-        }
-        else // encryption
-        {
-            byte[] block;
-            if (inOff != 0 || inLen != in.length)
-            {
-                block = new byte[inLen];
-
-                System.arraycopy(in, inOff, block, 0, inLen);
-            }
-            else
-            {
-                block = in;
-            }
-
-            BigInteger input = new BigInteger(1, block);
-
-            if (input.compareTo(p) >= 0)
-            {
-                throw new DataLengthException("input too large for ElGamal cipher.\n");
-            }
-
-            ElGamalPublicKeyParameters  pub = (ElGamalPublicKeyParameters)key;
-
-            int                         pBitLength = p.bitLength();
-            BigInteger                  k = BigIntegers.createRandomBigInteger(pBitLength, random);
-
-            while (k.equals(ZERO) || (k.compareTo(p.subtract(TWO)) > 0))
-            {
-                k = BigIntegers.createRandomBigInteger(pBitLength, random);
-            }
-
-            BigInteger  g = key.getParameters().getG();
-            BigInteger  gamma = g.modPow(k, p);
-            BigInteger  phi = input.multiply(pub.getY().modPow(k, p)).mod(p);
-
-            byte[]  out1 = gamma.toByteArray();
-            byte[]  out2 = phi.toByteArray();
-            byte[]  output = new byte[this.getOutputBlockSize()];
-
-            if (out1.length > output.length / 2)
-            {
-                System.arraycopy(out1, 1, output, output.length / 2 - (out1.length - 1), out1.length - 1);
-            }
-            else
-            {
-                System.arraycopy(out1, 0, output, output.length / 2 - out1.length, out1.length);
-            }
-
-            if (out2.length > output.length / 2)
-            {
-                System.arraycopy(out2, 1, output, output.length - (out2.length - 1), out2.length - 1);
-            }
-            else
-            {
-                System.arraycopy(out2, 0, output, output.length - out2.length, out2.length);
-            }
-
-            return output;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/GOST28147Engine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/GOST28147Engine.java
deleted file mode 100644
index e04673d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/GOST28147Engine.java
+++ /dev/null

@@ -1,401 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import java.util.Enumeration;
-import java.util.Hashtable;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithSBox;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-
-/**
- * implementation of GOST 28147-89
- */
-public class GOST28147Engine
-    implements BlockCipher
-{
-    protected static final int  BLOCK_SIZE = 8;
-    private int[]               workingKey = null;
-    private boolean forEncryption;
-
-    private byte[] S = Sbox_Default;
-
-    // these are the S-boxes given in Applied Cryptography 2nd Ed., p. 333
-    // This is default S-box!
-    private static byte Sbox_Default[] = {
-        0x4,0xA,0x9,0x2,0xD,0x8,0x0,0xE,0x6,0xB,0x1,0xC,0x7,0xF,0x5,0x3,
-        0xE,0xB,0x4,0xC,0x6,0xD,0xF,0xA,0x2,0x3,0x8,0x1,0x0,0x7,0x5,0x9,
-        0x5,0x8,0x1,0xD,0xA,0x3,0x4,0x2,0xE,0xF,0xC,0x7,0x6,0x0,0x9,0xB,
-        0x7,0xD,0xA,0x1,0x0,0x8,0x9,0xF,0xE,0x4,0x6,0xC,0xB,0x2,0x5,0x3,
-        0x6,0xC,0x7,0x1,0x5,0xF,0xD,0x8,0x4,0xA,0x9,0xE,0x0,0x3,0xB,0x2,
-        0x4,0xB,0xA,0x0,0x7,0x2,0x1,0xD,0x3,0x6,0x8,0x5,0x9,0xC,0xF,0xE,
-        0xD,0xB,0x4,0x1,0x3,0xF,0x5,0x9,0x0,0xA,0xE,0x7,0x6,0x8,0x2,0xC,
-        0x1,0xF,0xD,0x0,0x5,0x7,0xA,0x4,0x9,0x2,0x3,0xE,0x6,0xB,0x8,0xC
-    };
-    
-    /*
-     * class content S-box parameters for encrypting
-     * getting from, see: http://tools.ietf.org/id/draft-popov-cryptopro-cpalgs-01.txt
-     *                    http://tools.ietf.org/id/draft-popov-cryptopro-cpalgs-02.txt
-     */
-    private static byte[] ESbox_Test = {
-         0x4,0x2,0xF,0x5,0x9,0x1,0x0,0x8,0xE,0x3,0xB,0xC,0xD,0x7,0xA,0x6,
-         0xC,0x9,0xF,0xE,0x8,0x1,0x3,0xA,0x2,0x7,0x4,0xD,0x6,0x0,0xB,0x5,
-         0xD,0x8,0xE,0xC,0x7,0x3,0x9,0xA,0x1,0x5,0x2,0x4,0x6,0xF,0x0,0xB,
-         0xE,0x9,0xB,0x2,0x5,0xF,0x7,0x1,0x0,0xD,0xC,0x6,0xA,0x4,0x3,0x8,
-         0x3,0xE,0x5,0x9,0x6,0x8,0x0,0xD,0xA,0xB,0x7,0xC,0x2,0x1,0xF,0x4,
-         0x8,0xF,0x6,0xB,0x1,0x9,0xC,0x5,0xD,0x3,0x7,0xA,0x0,0xE,0x2,0x4,
-         0x9,0xB,0xC,0x0,0x3,0x6,0x7,0x5,0x4,0x8,0xE,0xF,0x1,0xA,0x2,0xD,
-         0xC,0x6,0x5,0x2,0xB,0x0,0x9,0xD,0x3,0xE,0x7,0xA,0xF,0x4,0x1,0x8
-    };
-    
-    private static byte[] ESbox_A = {
-         0x9,0x6,0x3,0x2,0x8,0xB,0x1,0x7,0xA,0x4,0xE,0xF,0xC,0x0,0xD,0x5,
-         0x3,0x7,0xE,0x9,0x8,0xA,0xF,0x0,0x5,0x2,0x6,0xC,0xB,0x4,0xD,0x1,
-         0xE,0x4,0x6,0x2,0xB,0x3,0xD,0x8,0xC,0xF,0x5,0xA,0x0,0x7,0x1,0x9,
-         0xE,0x7,0xA,0xC,0xD,0x1,0x3,0x9,0x0,0x2,0xB,0x4,0xF,0x8,0x5,0x6,
-         0xB,0x5,0x1,0x9,0x8,0xD,0xF,0x0,0xE,0x4,0x2,0x3,0xC,0x7,0xA,0x6,
-         0x3,0xA,0xD,0xC,0x1,0x2,0x0,0xB,0x7,0x5,0x9,0x4,0x8,0xF,0xE,0x6,
-         0x1,0xD,0x2,0x9,0x7,0xA,0x6,0x0,0x8,0xC,0x4,0x5,0xF,0x3,0xB,0xE,
-         0xB,0xA,0xF,0x5,0x0,0xC,0xE,0x8,0x6,0x2,0x3,0x9,0x1,0x7,0xD,0x4
-    };
-    
-    private static byte[] ESbox_B = {
-         0x8,0x4,0xB,0x1,0x3,0x5,0x0,0x9,0x2,0xE,0xA,0xC,0xD,0x6,0x7,0xF,
-         0x0,0x1,0x2,0xA,0x4,0xD,0x5,0xC,0x9,0x7,0x3,0xF,0xB,0x8,0x6,0xE,
-         0xE,0xC,0x0,0xA,0x9,0x2,0xD,0xB,0x7,0x5,0x8,0xF,0x3,0x6,0x1,0x4,
-         0x7,0x5,0x0,0xD,0xB,0x6,0x1,0x2,0x3,0xA,0xC,0xF,0x4,0xE,0x9,0x8,
-         0x2,0x7,0xC,0xF,0x9,0x5,0xA,0xB,0x1,0x4,0x0,0xD,0x6,0x8,0xE,0x3,
-         0x8,0x3,0x2,0x6,0x4,0xD,0xE,0xB,0xC,0x1,0x7,0xF,0xA,0x0,0x9,0x5,
-         0x5,0x2,0xA,0xB,0x9,0x1,0xC,0x3,0x7,0x4,0xD,0x0,0x6,0xF,0x8,0xE,
-         0x0,0x4,0xB,0xE,0x8,0x3,0x7,0x1,0xA,0x2,0x9,0x6,0xF,0xD,0x5,0xC
-    };
-    
-    private static byte[] ESbox_C = {
-         0x1,0xB,0xC,0x2,0x9,0xD,0x0,0xF,0x4,0x5,0x8,0xE,0xA,0x7,0x6,0x3,
-         0x0,0x1,0x7,0xD,0xB,0x4,0x5,0x2,0x8,0xE,0xF,0xC,0x9,0xA,0x6,0x3,
-         0x8,0x2,0x5,0x0,0x4,0x9,0xF,0xA,0x3,0x7,0xC,0xD,0x6,0xE,0x1,0xB,
-         0x3,0x6,0x0,0x1,0x5,0xD,0xA,0x8,0xB,0x2,0x9,0x7,0xE,0xF,0xC,0x4,
-         0x8,0xD,0xB,0x0,0x4,0x5,0x1,0x2,0x9,0x3,0xC,0xE,0x6,0xF,0xA,0x7,
-         0xC,0x9,0xB,0x1,0x8,0xE,0x2,0x4,0x7,0x3,0x6,0x5,0xA,0x0,0xF,0xD,
-         0xA,0x9,0x6,0x8,0xD,0xE,0x2,0x0,0xF,0x3,0x5,0xB,0x4,0x1,0xC,0x7,
-         0x7,0x4,0x0,0x5,0xA,0x2,0xF,0xE,0xC,0x6,0x1,0xB,0xD,0x9,0x3,0x8
-    };
-    
-    private static byte[] ESbox_D = {
-         0xF,0xC,0x2,0xA,0x6,0x4,0x5,0x0,0x7,0x9,0xE,0xD,0x1,0xB,0x8,0x3,
-         0xB,0x6,0x3,0x4,0xC,0xF,0xE,0x2,0x7,0xD,0x8,0x0,0x5,0xA,0x9,0x1,
-         0x1,0xC,0xB,0x0,0xF,0xE,0x6,0x5,0xA,0xD,0x4,0x8,0x9,0x3,0x7,0x2,
-         0x1,0x5,0xE,0xC,0xA,0x7,0x0,0xD,0x6,0x2,0xB,0x4,0x9,0x3,0xF,0x8,
-         0x0,0xC,0x8,0x9,0xD,0x2,0xA,0xB,0x7,0x3,0x6,0x5,0x4,0xE,0xF,0x1,
-         0x8,0x0,0xF,0x3,0x2,0x5,0xE,0xB,0x1,0xA,0x4,0x7,0xC,0x9,0xD,0x6,
-         0x3,0x0,0x6,0xF,0x1,0xE,0x9,0x2,0xD,0x8,0xC,0x4,0xB,0xA,0x5,0x7,
-         0x1,0xA,0x6,0x8,0xF,0xB,0x0,0x4,0xC,0x3,0x5,0x9,0x7,0xD,0x2,0xE
-    };
-
-    // Rosstandart param-Z
-    private static byte Param_Z[] = {
-        0xc, 0x4, 0x6, 0x2, 0xa, 0x5, 0xb, 0x9, 0xe, 0x8, 0xd, 0x7, 0x0, 0x3, 0xf, 0x1,
-        0x6, 0x8, 0x2, 0x3, 0x9, 0xa, 0x5, 0xc, 0x1, 0xe, 0x4, 0x7, 0xb, 0xd, 0x0, 0xf,
-        0xb, 0x3, 0x5, 0x8, 0x2, 0xf, 0xa, 0xd, 0xe, 0x1, 0x7, 0x4, 0xc, 0x9, 0x6, 0x0,
-        0xc, 0x8, 0x2, 0x1, 0xd, 0x4, 0xf, 0x6, 0x7, 0x0, 0xa, 0x5, 0x3, 0xe, 0x9, 0xb,
-        0x7, 0xf, 0x5, 0xa, 0x8, 0x1, 0x6, 0xd, 0x0, 0x9, 0x3, 0xe, 0xb, 0x4, 0x2, 0xc,
-        0x5, 0xd, 0xf, 0x6, 0x9, 0x2, 0xc, 0xa, 0xb, 0x7, 0x8, 0x1, 0x4, 0x3, 0xe, 0x0,
-        0x8, 0xe, 0x2, 0x5, 0x6, 0x9, 0x1, 0xc, 0xf, 0x4, 0xb, 0x0, 0xd, 0xa, 0x3, 0x7,
-        0x1, 0x7, 0xe, 0xd, 0x0, 0x5, 0x8, 0x3, 0x4, 0xf, 0xa, 0x6, 0x9, 0xc, 0xb, 0x2
-    };
-
-    //S-box for digest
-    private static byte DSbox_Test[] = {
-         0x4,0xA,0x9,0x2,0xD,0x8,0x0,0xE,0x6,0xB,0x1,0xC,0x7,0xF,0x5,0x3,
-         0xE,0xB,0x4,0xC,0x6,0xD,0xF,0xA,0x2,0x3,0x8,0x1,0x0,0x7,0x5,0x9,
-         0x5,0x8,0x1,0xD,0xA,0x3,0x4,0x2,0xE,0xF,0xC,0x7,0x6,0x0,0x9,0xB,
-         0x7,0xD,0xA,0x1,0x0,0x8,0x9,0xF,0xE,0x4,0x6,0xC,0xB,0x2,0x5,0x3,
-         0x6,0xC,0x7,0x1,0x5,0xF,0xD,0x8,0x4,0xA,0x9,0xE,0x0,0x3,0xB,0x2,
-         0x4,0xB,0xA,0x0,0x7,0x2,0x1,0xD,0x3,0x6,0x8,0x5,0x9,0xC,0xF,0xE,
-         0xD,0xB,0x4,0x1,0x3,0xF,0x5,0x9,0x0,0xA,0xE,0x7,0x6,0x8,0x2,0xC,
-         0x1,0xF,0xD,0x0,0x5,0x7,0xA,0x4,0x9,0x2,0x3,0xE,0x6,0xB,0x8,0xC
-    };
-    
-    private static byte DSbox_A[] = {
-         0xA,0x4,0x5,0x6,0x8,0x1,0x3,0x7,0xD,0xC,0xE,0x0,0x9,0x2,0xB,0xF,
-         0x5,0xF,0x4,0x0,0x2,0xD,0xB,0x9,0x1,0x7,0x6,0x3,0xC,0xE,0xA,0x8,
-         0x7,0xF,0xC,0xE,0x9,0x4,0x1,0x0,0x3,0xB,0x5,0x2,0x6,0xA,0x8,0xD,
-         0x4,0xA,0x7,0xC,0x0,0xF,0x2,0x8,0xE,0x1,0x6,0x5,0xD,0xB,0x9,0x3,
-         0x7,0x6,0x4,0xB,0x9,0xC,0x2,0xA,0x1,0x8,0x0,0xE,0xF,0xD,0x3,0x5,
-         0x7,0x6,0x2,0x4,0xD,0x9,0xF,0x0,0xA,0x1,0x5,0xB,0x8,0xE,0xC,0x3,
-         0xD,0xE,0x4,0x1,0x7,0x0,0x5,0xA,0x3,0xC,0x8,0xF,0x6,0x2,0x9,0xB,
-         0x1,0x3,0xA,0x9,0x5,0xB,0x4,0xF,0x8,0x6,0x7,0xE,0xD,0x0,0x2,0xC
-    };
-    
-    //
-    // pre-defined sbox table
-    //
-    private static Hashtable sBoxes = new Hashtable();
-    
-    static
-    {
-        addSBox("Default", Sbox_Default);
-        addSBox("E-TEST", ESbox_Test);
-        addSBox("E-A", ESbox_A);
-        addSBox("E-B", ESbox_B);
-        addSBox("E-C", ESbox_C);
-        addSBox("E-D", ESbox_D);
-        addSBox("Param-Z", Param_Z);
-        addSBox("D-TEST", DSbox_Test);
-        addSBox("D-A", DSbox_A);
-    }
-
-    private static void addSBox(String sBoxName, byte[] sBox)
-    {
-        sBoxes.put(Strings.toUpperCase(sBoxName), sBox);        
-    }
-    
-    /**
-     * standard constructor.
-     */
-    public GOST28147Engine()
-    {
-    }
-
-    /**
-     * initialise an GOST28147 cipher.
-     *
-     * @param forEncryption whether or not we are for encryption.
-     * @param params the parameters required to set up the cipher.
-     * @exception IllegalArgumentException if the params argument is
-     * inappropriate.
-     */
-    public void init(
-        boolean           forEncryption,
-        CipherParameters  params)
-    {
-        if (params instanceof ParametersWithSBox)
-        {
-            ParametersWithSBox   param = (ParametersWithSBox)params;
-
-            //
-            // Set the S-Box
-            //
-            byte[] sBox = param.getSBox();
-            if (sBox.length != Sbox_Default.length)
-            {
-                throw new IllegalArgumentException("invalid S-box passed to GOST28147 init");
-            }
-            this.S = Arrays.clone(sBox);
-
-            //
-            // set key if there is one
-            //
-            if (param.getParameters() != null)
-            {
-                workingKey = generateWorkingKey(forEncryption,
-                        ((KeyParameter)param.getParameters()).getKey());
-            }
-        }
-        else if (params instanceof KeyParameter)
-        {
-            workingKey = generateWorkingKey(forEncryption,
-                                  ((KeyParameter)params).getKey());
-        }
-        else if (params != null)
-        {
-           throw new IllegalArgumentException("invalid parameter passed to GOST28147 init - " + params.getClass().getName());
-        }
-    }
-
-    public String getAlgorithmName()
-    {
-        return "GOST28147";
-    }
-
-    public int getBlockSize()
-    {
-        return BLOCK_SIZE;
-    }
-
-    public int processBlock(
-        byte[] in,
-        int inOff,
-        byte[] out,
-        int outOff)
-    {
-        if (workingKey == null)
-        {
-            throw new IllegalStateException("GOST28147 engine not initialised");
-        }
-
-        if ((inOff + BLOCK_SIZE) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-
-        if ((outOff + BLOCK_SIZE) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-
-        GOST28147Func(workingKey, in, inOff, out, outOff);
-
-        return BLOCK_SIZE;
-    }
-
-    public void reset()
-    {
-    }
-
-    private int[] generateWorkingKey(
-        boolean forEncryption,
-        byte[]  userKey)
-    {
-         this.forEncryption = forEncryption;
-
-        if (userKey.length != 32)
-        {
-            throw new IllegalArgumentException("Key length invalid. Key needs to be 32 byte - 256 bit!!!");
-        }
-
-        int key[] = new int[8];
-        for(int i=0; i!=8; i++)
-        {
-            key[i] = bytesToint(userKey,i*4);
-        }
-
-        return key;
-    }
-
-    private int GOST28147_mainStep(int n1, int key)
-    {
-        int cm = (key + n1); // CM1
-
-        // S-box replacing
-
-        int om = S[  0 + ((cm >> (0 * 4)) & 0xF)] << (0 * 4);
-           om += S[ 16 + ((cm >> (1 * 4)) & 0xF)] << (1 * 4);
-           om += S[ 32 + ((cm >> (2 * 4)) & 0xF)] << (2 * 4);
-           om += S[ 48 + ((cm >> (3 * 4)) & 0xF)] << (3 * 4);
-           om += S[ 64 + ((cm >> (4 * 4)) & 0xF)] << (4 * 4);
-           om += S[ 80 + ((cm >> (5 * 4)) & 0xF)] << (5 * 4);
-           om += S[ 96 + ((cm >> (6 * 4)) & 0xF)] << (6 * 4);
-           om += S[112 + ((cm >> (7 * 4)) & 0xF)] << (7 * 4);
-
-        return om << 11 | om >>> (32-11); // 11-leftshift
-    }
-
-    private void GOST28147Func(
-        int[]   workingKey,
-        byte[]  in,
-        int     inOff,
-        byte[]  out,
-        int     outOff)
-    {
-        int N1, N2, tmp;  //tmp -> for saving N1
-        N1 = bytesToint(in, inOff);
-        N2 = bytesToint(in, inOff + 4);
-
-        if (this.forEncryption)
-        {
-          for(int k = 0; k < 3; k++)  // 1-24 steps
-          {
-            for(int j = 0; j < 8; j++)
-            {
-                tmp = N1;
-                N1 = N2 ^ GOST28147_mainStep(N1, workingKey[j]); // CM2
-                N2 = tmp;
-            }
-          }
-          for(int j = 7; j > 0; j--)  // 25-31 steps
-          {
-              tmp = N1;
-              N1 = N2 ^ GOST28147_mainStep(N1, workingKey[j]); // CM2
-              N2 = tmp;
-          }
-        }
-        else //decrypt
-        {
-          for(int j = 0; j < 8; j++)  // 1-8 steps
-          {
-             tmp = N1;
-             N1 = N2 ^ GOST28147_mainStep(N1, workingKey[j]); // CM2
-             N2 = tmp;
-          }
-          for(int k = 0; k < 3; k++)  //9-31 steps
-          {
-            for(int j = 7; j >= 0; j--)
-            {
-                if ((k == 2) && (j==0))
-                {
-                    break; // break 32 step
-                }
-                tmp = N1;
-                N1 = N2 ^ GOST28147_mainStep(N1, workingKey[j]); // CM2
-                N2 = tmp;
-            }
-          }
-        }
-
-        N2 = N2 ^ GOST28147_mainStep(N1, workingKey[0]);  // 32 step (N1=N1)
-
-        intTobytes(N1, out, outOff);
-        intTobytes(N2, out, outOff + 4);
-    }
-
-    //array of bytes to type int
-    private int bytesToint(
-        byte[]  in,
-        int     inOff)
-    {
-        return  ((in[inOff + 3] << 24) & 0xff000000) + ((in[inOff + 2] << 16) & 0xff0000) +
-                ((in[inOff + 1] << 8) & 0xff00) + (in[inOff] & 0xff);
-    }
-
-    //int to array of bytes
-    private void intTobytes(
-            int     num,
-            byte[]  out,
-            int     outOff)
-    {
-            out[outOff + 3] = (byte)(num >>> 24);
-            out[outOff + 2] = (byte)(num >>> 16);
-            out[outOff + 1] = (byte)(num >>> 8);
-            out[outOff] =     (byte)num;
-    }
-    
-    /**
-     * Return the S-Box associated with SBoxName
-     * @param sBoxName name of the S-Box
-     * @return byte array representing the S-Box
-     */
-    public static byte[] getSBox(
-        String sBoxName)
-    {
-        byte[] sBox = (byte[])sBoxes.get(Strings.toUpperCase(sBoxName));
-
-        if (sBox == null)
-        {
-            throw new IllegalArgumentException("Unknown S-Box - possible types: "
-                + "\"Default\", \"E-Test\", \"E-A\", \"E-B\", \"E-C\", \"E-D\", \"Param-Z\", \"D-Test\", \"D-A\".");
-        }
-
-        return Arrays.clone(sBox);
-    }
-
-    public static String getSBoxName(byte[] sBox)
-    {
-        for (Enumeration en = sBoxes.keys(); en.hasMoreElements();)
-        {
-            String name = (String)en.nextElement();
-            byte[] sb = (byte[])sBoxes.get(name);
-            if (Arrays.areEqual(sb, sBox))
-            {
-                return name;
-            }
-        }
-
-        throw new IllegalArgumentException("SBOX provided did not map to a known one");
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/GOST28147WrapEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/GOST28147WrapEngine.java
deleted file mode 100644
index 9cde5fe..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/GOST28147WrapEngine.java
+++ /dev/null

@@ -1,95 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.Wrapper;
-import org.bouncycastle.crypto.macs.GOST28147Mac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.params.ParametersWithSBox;
-import org.bouncycastle.crypto.params.ParametersWithUKM;
-import org.bouncycastle.util.Arrays;
-
-public class GOST28147WrapEngine
-    implements Wrapper
-{
-    private GOST28147Engine cipher = new GOST28147Engine();
-    private GOST28147Mac mac = new GOST28147Mac();
-
-    public void init(boolean forWrapping, CipherParameters param)
-    {
-        if (param instanceof ParametersWithRandom)
-        {
-            ParametersWithRandom pr = (ParametersWithRandom)param;
-            param = pr.getParameters();
-        }
-        
-        ParametersWithUKM pU = (ParametersWithUKM)param;
-
-        cipher.init(forWrapping, pU.getParameters());
-
-        KeyParameter kParam;
-
-        if (pU.getParameters() instanceof ParametersWithSBox)
-        {
-            kParam = (KeyParameter)((ParametersWithSBox)pU.getParameters()).getParameters();
-        }
-        else
-        {
-            kParam = (KeyParameter)pU.getParameters();
-        }
-
-
-        mac.init(new ParametersWithIV(kParam, pU.getUKM()));
-    }
-
-    public String getAlgorithmName()
-    {
-        return "GOST28147Wrap";
-    }
-
-    public byte[] wrap(byte[] input, int inOff, int inLen)
-    {
-        mac.update(input, inOff, inLen);
-
-        byte[] wrappedKey = new byte[inLen + mac.getMacSize()];
-
-        cipher.processBlock(input, inOff, wrappedKey, 0);
-        cipher.processBlock(input, inOff + 8, wrappedKey, 8);
-        cipher.processBlock(input, inOff + 16, wrappedKey, 16);
-        cipher.processBlock(input, inOff + 24, wrappedKey, 24);
-
-        mac.doFinal(wrappedKey, inLen);
-
-        return wrappedKey;
-    }
-
-    public byte[] unwrap(byte[] input, int inOff, int inLen)
-        throws InvalidCipherTextException
-    {
-        byte[] decKey = new byte[inLen - mac.getMacSize()];
-
-        cipher.processBlock(input, inOff, decKey, 0);
-        cipher.processBlock(input, inOff + 8, decKey, 8);
-        cipher.processBlock(input, inOff + 16, decKey, 16);
-        cipher.processBlock(input, inOff + 24, decKey, 24);
-
-        byte[] macResult = new byte[mac.getMacSize()];
-
-        mac.update(decKey, 0, decKey.length);
-
-        mac.doFinal(macResult, 0);
-
-        byte[] macExpected = new byte[mac.getMacSize()];
-
-        System.arraycopy(input, inOff + inLen - 4, macExpected, 0, mac.getMacSize());
-
-        if (!Arrays.constantTimeAreEqual(macResult, macExpected))
-        {
-            throw new IllegalStateException("mac mismatch");
-        }
-
-        return decKey;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/GOST3412_2015Engine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/GOST3412_2015Engine.java
deleted file mode 100644
index 3df685b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/GOST3412_2015Engine.java
+++ /dev/null

@@ -1,344 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Implementation of GOST 3412 2015 (aka "Kuznyechik") RFC 7801, GOST 3412
- */
-public class GOST3412_2015Engine
-    implements BlockCipher
-{
-
-    private static final byte[] PI = new byte[]
-        {
-            -4, -18, -35, 17, -49, 110, 49, 22, -5, -60, -6, -38, 35, -59, 4, 77, -23, 119, -16, -37, -109, 46, -103, -70,
-            23, 54, -15, -69, 20, -51, 95, -63, -7, 24, 101, 90, -30, 92, -17, 33, -127, 28, 60, 66, -117, 1, -114, 79, 5,
-            -124, 2, -82, -29, 106, -113, -96, 6, 11, -19, -104, 127, -44, -45, 31, -21, 52, 44, 81, -22, -56, 72, -85, -14,
-            42, 104, -94, -3, 58, -50, -52, -75, 112, 14, 86, 8, 12, 118, 18, -65, 114, 19, 71, -100, -73, 93, -121, 21,
-            -95, -106, 41, 16, 123, -102, -57, -13, -111, 120, 111, -99, -98, -78, -79, 50, 117, 25, 61, -1, 53, -118, 126,
-            109, 84, -58, -128, -61, -67, 13, 87, -33, -11, 36, -87, 62, -88, 67, -55, -41, 121, -42, -10, 124, 34, -71,
-            3, -32, 15, -20, -34, 122, -108, -80, -68, -36, -24, 40, 80, 78, 51, 10, 74, -89, -105, 96, 115, 30, 0, 98, 68,
-            26, -72, 56, -126, 100, -97, 38, 65, -83, 69, 70, -110, 39, 94, 85, 47, -116, -93, -91, 125, 105, -43, -107,
-            59, 7, 88, -77, 64, -122, -84, 29, -9, 48, 55, 107, -28, -120, -39, -25, -119, -31, 27, -125, 73, 76, 63, -8,
-            -2, -115, 83, -86, -112, -54, -40, -123, 97, 32, 113, 103, -92, 45, 43, 9, 91, -53, -101, 37, -48, -66, -27,
-            108, 82, 89, -90, 116, -46, -26, -12, -76, -64, -47, 102, -81, -62, 57, 75, 99, -74
-        };
-
-
-    private static final byte[] inversePI = new byte[]{
-        -91, 45, 50, -113, 14, 48, 56, -64, 84, -26, -98, 57, 85, 126, 82, -111, 100, 3, 87, 90, 28, 96, 7, 24, 33, 114,
-        -88, -47, 41, -58, -92, 63, -32, 39, -115, 12, -126, -22, -82, -76, -102, 99, 73, -27, 66, -28, 21, -73, -56, 6,
-        112, -99, 65, 117, 25, -55, -86, -4, 77, -65, 42, 115, -124, -43, -61, -81, 43, -122, -89, -79, -78, 91, 70, -45,
-        -97, -3, -44, 15, -100, 47, -101, 67, -17, -39, 121, -74, 83, 127, -63, -16, 35, -25, 37, 94, -75, 30, -94, -33,
-        -90, -2, -84, 34, -7, -30, 74, -68, 53, -54, -18, 120, 5, 107, 81, -31, 89, -93, -14, 113, 86, 17, 106, -119,
-        -108, 101, -116, -69, 119, 60, 123, 40, -85, -46, 49, -34, -60, 95, -52, -49, 118, 44, -72, -40, 46, 54, -37,
-        105, -77, 20, -107, -66, 98, -95, 59, 22, 102, -23, 92, 108, 109, -83, 55, 97, 75, -71, -29, -70, -15, -96, -123,
-        -125, -38, 71, -59, -80, 51, -6, -106, 111, 110, -62, -10, 80, -1, 93, -87, -114, 23, 27, -105, 125, -20, 88, -9,
-        31, -5, 124, 9, 13, 122, 103, 69, -121, -36, -24, 79, 29, 78, 4, -21, -8, -13, 62, 61, -67, -118, -120, -35, -51,
-        11, 19, -104, 2, -109, -128, -112, -48, 36, 52, -53, -19, -12, -50, -103, 16, 68, 64, -110, 58, 1, 38, 18, 26,
-        72, 104, -11, -127, -117, -57, -42, 32, 10, 8, 0, 76, -41, 116
-    };
-
-
-    private final byte[] lFactors = {
-        -108, 32, -123, 16, -62, -64, 1, -5, 1, -64, -62, 16, -123, 32, -108, 1
-    };
-
-
-    protected static final int BLOCK_SIZE = 16;
-    private int KEY_LENGTH = 32;
-    private int SUB_LENGTH = KEY_LENGTH / 2;
-    private byte[][] subKeys = null;
-    private boolean forEncryption;
-    private byte[][] _gf_mul = init_gf256_mul_table();
-
-
-    private static byte[][] init_gf256_mul_table()
-    {
-        byte[][] mul_table = new byte[256][];
-        for (int x = 0; x < 256; x++)
-        {
-            mul_table[x] = new byte[256];
-            for (int y = 0; y < 256; y++)
-            {
-                mul_table[x][y] = kuz_mul_gf256_slow((byte)x, (byte)y);
-            }
-        }
-        return mul_table;
-    }
-
-    private static byte kuz_mul_gf256_slow(byte a, byte b)
-    {
-        byte p = 0;
-        byte counter;
-        byte hi_bit_set;
-        for (counter = 0; counter < 8 && a != 0 && b != 0; counter++)
-        {
-            if ((b & 1) != 0)
-            {
-                p ^= a;
-            }
-            hi_bit_set = (byte)(a & 0x80);
-            a <<= 1;
-            if (hi_bit_set != 0)
-            {
-                a ^= 0xc3; /* x^8 + x^7 + x^6 + x + 1 */
-            }
-            b >>= 1;
-        }
-        return p;
-    }
-
-    public String getAlgorithmName()
-    {
-        return "GOST3412_2015";
-    }
-
-    public int getBlockSize()
-    {
-        return BLOCK_SIZE;
-    }
-
-    public void init(boolean forEncryption, CipherParameters params)
-        throws IllegalArgumentException
-    {
-
-        if (params instanceof KeyParameter)
-        {
-            this.forEncryption = forEncryption;
-            generateSubKeys(((KeyParameter)params).getKey());
-        }
-        else if (params != null)
-        {
-            throw new IllegalArgumentException("invalid parameter passed to GOST3412_2015 init - " + params.getClass().getName());
-        }
-    }
-
-    private void generateSubKeys(
-        byte[] userKey)
-    {
-
-        if (userKey.length != KEY_LENGTH)
-        {
-            throw new IllegalArgumentException("Key length invalid. Key needs to be 32 byte - 256 bit!!!");
-        }
-
-        subKeys = new byte[10][];
-        for (int i = 0; i < 10; i++)
-        {
-            subKeys[i] = new byte[SUB_LENGTH];
-        }
-
-        byte[] x = new byte[SUB_LENGTH];
-        byte[] y = new byte[SUB_LENGTH];
-
-
-        for (int i = 0; i < SUB_LENGTH; i++)
-        {
-            subKeys[0][i] = x[i] = userKey[i];
-            subKeys[1][i] = y[i] = userKey[i + SUB_LENGTH];
-        }
-
-        byte[] c = new byte[SUB_LENGTH];
-
-        for (int k = 1; k < 5; k++)
-        {
-
-            for (int j = 1; j <= 8; j++)
-            {
-                C(c, 8 * (k - 1) + j);
-                F(c, x, y);
-            }
-
-            System.arraycopy(x, 0, subKeys[2 * k], 0, SUB_LENGTH);
-            System.arraycopy(y, 0, subKeys[2 * k + 1], 0, SUB_LENGTH);
-        }
-    }
-
-
-    private void C(byte[] c, int i)
-    {
-
-        Arrays.clear(c);
-        c[15] = (byte)i;
-        L(c);
-    }
-
-
-    private void F(byte[] k, byte[] a1, byte[] a0)
-    {
-
-        byte[] temp = LSX(k, a1);
-        X(temp, a0);
-
-        System.arraycopy(a1, 0, a0, 0, SUB_LENGTH);
-        System.arraycopy(temp, 0, a1, 0, SUB_LENGTH);
-
-    }
-
-    public int processBlock(byte[] in, int inOff, byte[] out, int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-
-        if (subKeys == null)
-        {
-            throw new IllegalStateException("GOST3412_2015 engine not initialised");
-        }
-
-        if ((inOff + BLOCK_SIZE) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-
-        if ((outOff + BLOCK_SIZE) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-
-        GOST3412_2015Func(in, inOff, out, outOff);
-
-        return BLOCK_SIZE;
-    }
-
-
-    private void GOST3412_2015Func(
-        byte[] in,
-        int inOff,
-        byte[] out,
-        int outOff)
-    {
-
-        byte[] block = new byte[BLOCK_SIZE];
-        System.arraycopy(in, inOff, block, 0, BLOCK_SIZE);
-
-        if (forEncryption)
-        {
-
-            for (int i = 0; i < 9; i++)
-            {
-
-                byte[] temp = LSX(subKeys[i], block);
-                block = Arrays.copyOf(temp, BLOCK_SIZE);
-            }
-
-            X(block, subKeys[9]);
-        }
-        else
-        {
-
-            for (int i = 9; i > 0; i--)
-            {
-
-                byte[] temp = XSL(subKeys[i], block);
-                block = Arrays.copyOf(temp, BLOCK_SIZE);
-            }
-            X(block, subKeys[0]);
-        }
-
-
-        System.arraycopy(block, 0, out, outOff, BLOCK_SIZE);
-    }
-
-    private byte[] LSX(byte[] k, byte[] a)
-    {
-
-        byte[] result = Arrays.copyOf(k, k.length);
-        X(result, a);
-        S(result);
-        L(result);
-        return result;
-    }
-
-    private byte[] XSL(byte[] k, byte[] a)
-    {
-        byte[] result = Arrays.copyOf(k, k.length);
-        X(result, a);
-        inverseL(result);
-        inverseS(result);
-        return result;
-    }
-
-    private void X(byte[] result, byte[] data)
-    {
-        for (int i = 0; i < result.length; i++)
-        {
-            result[i] ^= data[i];
-        }
-    }
-
-    private void S(byte[] data)
-    {
-        for (int i = 0; i < data.length; i++)
-        {
-            data[i] = PI[unsignedByte(data[i])];
-        }
-    }
-
-    private void inverseS(byte[] data)
-    {
-        for (int i = 0; i < data.length; i++)
-        {
-            data[i] = inversePI[unsignedByte(data[i])];
-        }
-    }
-
-    private int unsignedByte(byte b)
-    {
-        return b & 0xFF;
-    }
-
-    private void L(byte[] data)
-    {
-        for (int i = 0; i < 16; i++)
-        {
-            R(data);
-        }
-    }
-
-    private void inverseL(byte[] data)
-    {
-        for (int i = 0; i < 16; i++)
-        {
-            inverseR(data);
-        }
-    }
-
-
-    private void R(byte[] data)
-    {
-        byte z = l(data);
-        System.arraycopy(data, 0, data, 1, 15);
-        data[0] = z;
-    }
-
-    private void inverseR(byte[] data)
-    {
-        byte[] temp = new byte[16];
-        System.arraycopy(data, 1, temp, 0, 15);
-        temp[15] = data[0];
-        byte z = l(temp);
-        System.arraycopy(data, 1, data, 0, 15);
-        data[15] = z;
-    }
-
-
-    private byte l(byte[] data)
-    {
-        byte x = data[15];
-        for (int i = 14; i >= 0; i--)
-        {
-            x ^= _gf_mul[unsignedByte(data[i])][unsignedByte(lFactors[i])];
-        }
-        return x;
-    }
-
-    public void reset()
-    {
-
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/Grain128Engine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/Grain128Engine.java
deleted file mode 100644
index f5ecb75..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/Grain128Engine.java
+++ /dev/null

@@ -1,304 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.StreamCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-
-/**
- * Implementation of Martin Hell's, Thomas Johansson's and Willi Meier's stream
- * cipher, Grain-128.
- */
-public class Grain128Engine
-    implements StreamCipher
-{
-
-    /**
-     * Constants
-     */
-    private static final int STATE_SIZE = 4;
-
-    /**
-     * Variables to hold the state of the engine during encryption and
-     * decryption
-     */
-    private byte[] workingKey;
-    private byte[] workingIV;
-    private byte[] out;
-    private int[] lfsr;
-    private int[] nfsr;
-    private int output;
-    private int index = 4;
-
-    private boolean initialised = false;
-
-    public String getAlgorithmName()
-    {
-        return "Grain-128";
-    }
-
-    /**
-     * Initialize a Grain-128 cipher.
-     *
-     * @param forEncryption Whether or not we are for encryption.
-     * @param params        The parameters required to set up the cipher.
-     * @throws IllegalArgumentException If the params argument is inappropriate.
-     */
-    public void init(boolean forEncryption, CipherParameters params)
-        throws IllegalArgumentException
-    {
-        /**
-         * Grain encryption and decryption is completely symmetrical, so the
-         * 'forEncryption' is irrelevant.
-         */
-        if (!(params instanceof ParametersWithIV))
-        {
-            throw new IllegalArgumentException(
-                "Grain-128 Init parameters must include an IV");
-        }
-
-        ParametersWithIV ivParams = (ParametersWithIV)params;
-
-        byte[] iv = ivParams.getIV();
-
-        if (iv == null || iv.length != 12)
-        {
-            throw new IllegalArgumentException(
-                "Grain-128  requires exactly 12 bytes of IV");
-        }
-
-        if (!(ivParams.getParameters() instanceof KeyParameter))
-        {
-            throw new IllegalArgumentException(
-                "Grain-128 Init parameters must include a key");
-        }
-
-        KeyParameter key = (KeyParameter)ivParams.getParameters();
-
-        /**
-         * Initialize variables.
-         */
-        workingIV = new byte[key.getKey().length];
-        workingKey = new byte[key.getKey().length];
-        lfsr = new int[STATE_SIZE];
-        nfsr = new int[STATE_SIZE];
-        out = new byte[4];
-
-        System.arraycopy(iv, 0, workingIV, 0, iv.length);
-        System.arraycopy(key.getKey(), 0, workingKey, 0, key.getKey().length);
-
-        reset();
-    }
-
-    /**
-     * 256 clocks initialization phase.
-     */
-    private void initGrain()
-    {
-        for (int i = 0; i < 8; i++)
-        {
-            output = getOutput();
-            nfsr = shift(nfsr, getOutputNFSR() ^ lfsr[0] ^ output);
-            lfsr = shift(lfsr, getOutputLFSR() ^ output);
-        }
-        initialised = true;
-    }
-
-    /**
-     * Get output from non-linear function g(x).
-     *
-     * @return Output from NFSR.
-     */
-    private int getOutputNFSR()
-    {
-        int b0 = nfsr[0];
-        int b3 = nfsr[0] >>> 3 | nfsr[1] << 29;
-        int b11 = nfsr[0] >>> 11 | nfsr[1] << 21;
-        int b13 = nfsr[0] >>> 13 | nfsr[1] << 19;
-        int b17 = nfsr[0] >>> 17 | nfsr[1] << 15;
-        int b18 = nfsr[0] >>> 18 | nfsr[1] << 14;
-        int b26 = nfsr[0] >>> 26 | nfsr[1] << 6;
-        int b27 = nfsr[0] >>> 27 | nfsr[1] << 5;
-        int b40 = nfsr[1] >>> 8 | nfsr[2] << 24;
-        int b48 = nfsr[1] >>> 16 | nfsr[2] << 16;
-        int b56 = nfsr[1] >>> 24 | nfsr[2] << 8;
-        int b59 = nfsr[1] >>> 27 | nfsr[2] << 5;
-        int b61 = nfsr[1] >>> 29 | nfsr[2] << 3;
-        int b65 = nfsr[2] >>> 1 | nfsr[3] << 31;
-        int b67 = nfsr[2] >>> 3 | nfsr[3] << 29;
-        int b68 = nfsr[2] >>> 4 | nfsr[3] << 28;
-        int b84 = nfsr[2] >>> 20 | nfsr[3] << 12;
-        int b91 = nfsr[2] >>> 27 | nfsr[3] << 5;
-        int b96 = nfsr[3];
-
-        return b0 ^ b26 ^ b56 ^ b91 ^ b96 ^ b3 & b67 ^ b11 & b13 ^ b17 & b18
-            ^ b27 & b59 ^ b40 & b48 ^ b61 & b65 ^ b68 & b84;
-    }
-
-    /**
-     * Get output from linear function f(x).
-     *
-     * @return Output from LFSR.
-     */
-    private int getOutputLFSR()
-    {
-        int s0 = lfsr[0];
-        int s7 = lfsr[0] >>> 7 | lfsr[1] << 25;
-        int s38 = lfsr[1] >>> 6 | lfsr[2] << 26;
-        int s70 = lfsr[2] >>> 6 | lfsr[3] << 26;
-        int s81 = lfsr[2] >>> 17 | lfsr[3] << 15;
-        int s96 = lfsr[3];
-
-        return s0 ^ s7 ^ s38 ^ s70 ^ s81 ^ s96;
-    }
-
-    /**
-     * Get output from output function h(x).
-     *
-     * @return Output from h(x).
-     */
-    private int getOutput()
-    {
-        int b2 = nfsr[0] >>> 2 | nfsr[1] << 30;
-        int b12 = nfsr[0] >>> 12 | nfsr[1] << 20;
-        int b15 = nfsr[0] >>> 15 | nfsr[1] << 17;
-        int b36 = nfsr[1] >>> 4 | nfsr[2] << 28;
-        int b45 = nfsr[1] >>> 13 | nfsr[2] << 19;
-        int b64 = nfsr[2];
-        int b73 = nfsr[2] >>> 9 | nfsr[3] << 23;
-        int b89 = nfsr[2] >>> 25 | nfsr[3] << 7;
-        int b95 = nfsr[2] >>> 31 | nfsr[3] << 1;
-        int s8 = lfsr[0] >>> 8 | lfsr[1] << 24;
-        int s13 = lfsr[0] >>> 13 | lfsr[1] << 19;
-        int s20 = lfsr[0] >>> 20 | lfsr[1] << 12;
-        int s42 = lfsr[1] >>> 10 | lfsr[2] << 22;
-        int s60 = lfsr[1] >>> 28 | lfsr[2] << 4;
-        int s79 = lfsr[2] >>> 15 | lfsr[3] << 17;
-        int s93 = lfsr[2] >>> 29 | lfsr[3] << 3;
-        int s95 = lfsr[2] >>> 31 | lfsr[3] << 1;
-
-        return b12 & s8 ^ s13 & s20 ^ b95 & s42 ^ s60 & s79 ^ b12 & b95 & s95 ^ s93
-            ^ b2 ^ b15 ^ b36 ^ b45 ^ b64 ^ b73 ^ b89;
-    }
-
-    /**
-     * Shift array 32 bits and add val to index.length - 1.
-     *
-     * @param array The array to shift.
-     * @param val   The value to shift in.
-     * @return The shifted array with val added to index.length - 1.
-     */
-    private int[] shift(int[] array, int val)
-    {
-        array[0] = array[1];
-        array[1] = array[2];
-        array[2] = array[3];
-        array[3] = val;
-
-        return array;
-    }
-
-    /**
-     * Set keys, reset cipher.
-     *
-     * @param keyBytes The key.
-     * @param ivBytes  The IV.
-     */
-    private void setKey(byte[] keyBytes, byte[] ivBytes)
-    {
-        ivBytes[12] = (byte)0xFF;
-        ivBytes[13] = (byte)0xFF;
-        ivBytes[14] = (byte)0xFF;
-        ivBytes[15] = (byte)0xFF;
-        workingKey = keyBytes;
-        workingIV = ivBytes;
-
-        /**
-         * Load NFSR and LFSR
-         */
-        int j = 0;
-        for (int i = 0; i < nfsr.length; i++)
-        {
-            nfsr[i] = ((workingKey[j + 3]) << 24) | ((workingKey[j + 2]) << 16)
-                & 0x00FF0000 | ((workingKey[j + 1]) << 8) & 0x0000FF00
-                | ((workingKey[j]) & 0x000000FF);
-
-            lfsr[i] = ((workingIV[j + 3]) << 24) | ((workingIV[j + 2]) << 16)
-                & 0x00FF0000 | ((workingIV[j + 1]) << 8) & 0x0000FF00
-                | ((workingIV[j]) & 0x000000FF);
-            j += 4;
-        }
-    }
-
-    public int processBytes(byte[] in, int inOff, int len, byte[] out,
-                             int outOff)
-        throws DataLengthException
-    {
-        if (!initialised)
-        {
-            throw new IllegalStateException(getAlgorithmName()
-                + " not initialised");
-        }
-
-        if ((inOff + len) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-
-        if ((outOff + len) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-
-        for (int i = 0; i < len; i++)
-        {
-            out[outOff + i] = (byte)(in[inOff + i] ^ getKeyStream());
-        }
-
-        return len;
-    }
-
-    public void reset()
-    {
-        index = 4;
-        setKey(workingKey, workingIV);
-        initGrain();
-    }
-
-    /**
-     * Run Grain one round(i.e. 32 bits).
-     */
-    private void oneRound()
-    {
-        output = getOutput();
-        out[0] = (byte)output;
-        out[1] = (byte)(output >> 8);
-        out[2] = (byte)(output >> 16);
-        out[3] = (byte)(output >> 24);
-
-        nfsr = shift(nfsr, getOutputNFSR() ^ lfsr[0]);
-        lfsr = shift(lfsr, getOutputLFSR());
-    }
-
-    public byte returnByte(byte in)
-    {
-        if (!initialised)
-        {
-            throw new IllegalStateException(getAlgorithmName()
-                + " not initialised");
-        }
-        return (byte)(in ^ getKeyStream());
-    }
-
-    private byte getKeyStream()
-    {
-        if (index > 3)
-        {
-            oneRound();
-            index = 0;
-        }
-        return out[index++];
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/Grainv1Engine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/Grainv1Engine.java
deleted file mode 100644
index 77f52d1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/Grainv1Engine.java
+++ /dev/null

@@ -1,290 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.StreamCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-
-/**
- * Implementation of Martin Hell's, Thomas Johansson's and Willi Meier's stream
- * cipher, Grain v1.
- */
-public class Grainv1Engine
-    implements StreamCipher
-{
-
-    /**
-     * Constants
-     */
-    private static final int STATE_SIZE = 5;
-
-    /**
-     * Variables to hold the state of the engine during encryption and
-     * decryption
-     */
-    private byte[] workingKey;
-    private byte[] workingIV;
-    private byte[] out;
-    private int[] lfsr;
-    private int[] nfsr;
-    private int output;
-    private int index = 2;
-
-    private boolean initialised = false;
-
-    public String getAlgorithmName()
-    {
-        return "Grain v1";
-    }
-
-    /**
-     * Initialize a Grain v1 cipher.
-     *
-     * @param forEncryption Whether or not we are for encryption.
-     * @param params        The parameters required to set up the cipher.
-     * @throws IllegalArgumentException If the params argument is inappropriate.
-     */
-    public void init(boolean forEncryption, CipherParameters params)
-        throws IllegalArgumentException
-    {
-        /**
-         * Grain encryption and decryption is completely symmetrical, so the
-         * 'forEncryption' is irrelevant.
-         */
-        if (!(params instanceof ParametersWithIV))
-        {
-            throw new IllegalArgumentException(
-                "Grain v1 Init parameters must include an IV");
-        }
-
-        ParametersWithIV ivParams = (ParametersWithIV)params;
-
-        byte[] iv = ivParams.getIV();
-
-        if (iv == null || iv.length != 8)
-        {
-            throw new IllegalArgumentException(
-                "Grain v1 requires exactly 8 bytes of IV");
-        }
-
-        if (!(ivParams.getParameters() instanceof KeyParameter))
-        {
-            throw new IllegalArgumentException(
-                "Grain v1 Init parameters must include a key");
-        }
-
-        KeyParameter key = (KeyParameter)ivParams.getParameters();
-
-        /**
-         * Initialize variables.
-         */
-        workingIV = new byte[key.getKey().length];
-        workingKey = new byte[key.getKey().length];
-        lfsr = new int[STATE_SIZE];
-        nfsr = new int[STATE_SIZE];
-        out = new byte[2];
-
-        System.arraycopy(iv, 0, workingIV, 0, iv.length);
-        System.arraycopy(key.getKey(), 0, workingKey, 0, key.getKey().length);
-
-        reset();
-    }
-
-    /**
-     * 160 clocks initialization phase.
-     */
-    private void initGrain()
-    {
-        for (int i = 0; i < 10; i++)
-        {
-            output = getOutput();
-            nfsr = shift(nfsr, getOutputNFSR() ^ lfsr[0] ^ output);
-            lfsr = shift(lfsr, getOutputLFSR() ^ output);
-        }
-        initialised = true;
-    }
-
-    /**
-     * Get output from non-linear function g(x).
-     *
-     * @return Output from NFSR.
-     */
-    private int getOutputNFSR()
-    {
-        int b0 = nfsr[0];
-        int b9 = nfsr[0] >>> 9 | nfsr[1] << 7;
-        int b14 = nfsr[0] >>> 14 | nfsr[1] << 2;
-        int b15 = nfsr[0] >>> 15 | nfsr[1] << 1;
-        int b21 = nfsr[1] >>> 5 | nfsr[2] << 11;
-        int b28 = nfsr[1] >>> 12 | nfsr[2] << 4;
-        int b33 = nfsr[2] >>> 1 | nfsr[3] << 15;
-        int b37 = nfsr[2] >>> 5 | nfsr[3] << 11;
-        int b45 = nfsr[2] >>> 13 | nfsr[3] << 3;
-        int b52 = nfsr[3] >>> 4 | nfsr[4] << 12;
-        int b60 = nfsr[3] >>> 12 | nfsr[4] << 4;
-        int b62 = nfsr[3] >>> 14 | nfsr[4] << 2;
-        int b63 = nfsr[3] >>> 15 | nfsr[4] << 1;
-
-        return (b62 ^ b60 ^ b52 ^ b45 ^ b37 ^ b33 ^ b28 ^ b21 ^ b14
-            ^ b9 ^ b0 ^ b63 & b60 ^ b37 & b33 ^ b15 & b9 ^ b60 & b52 & b45
-            ^ b33 & b28 & b21 ^ b63 & b45 & b28 & b9 ^ b60 & b52 & b37
-            & b33 ^ b63 & b60 & b21 & b15 ^ b63 & b60 & b52 & b45 & b37
-            ^ b33 & b28 & b21 & b15 & b9 ^ b52 & b45 & b37 & b33 & b28
-            & b21) & 0x0000FFFF;
-    }
-
-    /**
-     * Get output from linear function f(x).
-     *
-     * @return Output from LFSR.
-     */
-    private int getOutputLFSR()
-    {
-        int s0 = lfsr[0];
-        int s13 = lfsr[0] >>> 13 | lfsr[1] << 3;
-        int s23 = lfsr[1] >>> 7 | lfsr[2] << 9;
-        int s38 = lfsr[2] >>> 6 | lfsr[3] << 10;
-        int s51 = lfsr[3] >>> 3 | lfsr[4] << 13;
-        int s62 = lfsr[3] >>> 14 | lfsr[4] << 2;
-
-        return (s0 ^ s13 ^ s23 ^ s38 ^ s51 ^ s62) & 0x0000FFFF;
-    }
-
-    /**
-     * Get output from output function h(x).
-     *
-     * @return Output from h(x).
-     */
-    private int getOutput()
-    {
-        int b1 = nfsr[0] >>> 1 | nfsr[1] << 15;
-        int b2 = nfsr[0] >>> 2 | nfsr[1] << 14;
-        int b4 = nfsr[0] >>> 4 | nfsr[1] << 12;
-        int b10 = nfsr[0] >>> 10 | nfsr[1] << 6;
-        int b31 = nfsr[1] >>> 15 | nfsr[2] << 1;
-        int b43 = nfsr[2] >>> 11 | nfsr[3] << 5;
-        int b56 = nfsr[3] >>> 8 | nfsr[4] << 8;
-        int b63 = nfsr[3] >>> 15 | nfsr[4] << 1;
-        int s3 = lfsr[0] >>> 3 | lfsr[1] << 13;
-        int s25 = lfsr[1] >>> 9 | lfsr[2] << 7;
-        int s46 = lfsr[2] >>> 14 | lfsr[3] << 2;
-        int s64 = lfsr[4];
-
-        return (s25 ^ b63 ^ s3 & s64 ^ s46 & s64 ^ s64 & b63 ^ s3
-            & s25 & s46 ^ s3 & s46 & s64 ^ s3 & s46 & b63 ^ s25 & s46 & b63 ^ s46
-            & s64 & b63 ^ b1 ^ b2 ^ b4 ^ b10 ^ b31 ^ b43 ^ b56) & 0x0000FFFF;
-    }
-
-    /**
-     * Shift array 16 bits and add val to index.length - 1.
-     *
-     * @param array The array to shift.
-     * @param val   The value to shift in.
-     * @return The shifted array with val added to index.length - 1.
-     */
-    private int[] shift(int[] array, int val)
-    {
-        array[0] = array[1];
-        array[1] = array[2];
-        array[2] = array[3];
-        array[3] = array[4];
-        array[4] = val;
-
-        return array;
-    }
-
-    /**
-     * Set keys, reset cipher.
-     *
-     * @param keyBytes The key.
-     * @param ivBytes  The IV.
-     */
-    private void setKey(byte[] keyBytes, byte[] ivBytes)
-    {
-        ivBytes[8] = (byte)0xFF;
-        ivBytes[9] = (byte)0xFF;
-        workingKey = keyBytes;
-        workingIV = ivBytes;
-
-        /**
-         * Load NFSR and LFSR
-         */
-        int j = 0;
-        for (int i = 0; i < nfsr.length; i++)
-        {
-            nfsr[i] = (workingKey[j + 1] << 8 | workingKey[j] & 0xFF) & 0x0000FFFF;
-            lfsr[i] = (workingIV[j + 1] << 8 | workingIV[j] & 0xFF) & 0x0000FFFF;
-            j += 2;
-        }
-    }
-
-    public int processBytes(byte[] in, int inOff, int len, byte[] out,
-                             int outOff)
-        throws DataLengthException
-    {
-        if (!initialised)
-        {
-            throw new IllegalStateException(getAlgorithmName()
-                + " not initialised");
-        }
-
-        if ((inOff + len) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-
-        if ((outOff + len) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-
-        for (int i = 0; i < len; i++)
-        {
-            out[outOff + i] = (byte)(in[inOff + i] ^ getKeyStream());
-        }
-
-        return len;
-    }
-
-    public void reset()
-    {
-        index = 2;
-        setKey(workingKey, workingIV);
-        initGrain();
-    }
-
-    /**
-     * Run Grain one round(i.e. 16 bits).
-     */
-    private void oneRound()
-    {
-        output = getOutput();
-        out[0] = (byte)output;
-        out[1] = (byte)(output >> 8);
-
-        nfsr = shift(nfsr, getOutputNFSR() ^ lfsr[0]);
-        lfsr = shift(lfsr, getOutputLFSR());
-    }
-
-    public byte returnByte(byte in)
-    {
-        if (!initialised)
-        {
-            throw new IllegalStateException(getAlgorithmName()
-                + " not initialised");
-        }
-        return (byte)(in ^ getKeyStream());
-    }
-
-    private byte getKeyStream()
-    {
-        if (index > 1)
-        {
-            oneRound();
-            index = 0;
-        }
-        return out[index++];
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/HC128Engine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/HC128Engine.java
deleted file mode 100644
index 7d18d62..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/HC128Engine.java
+++ /dev/null

@@ -1,259 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.StreamCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-
-/**
- * HC-128 is a software-efficient stream cipher created by Hongjun Wu. It
- * generates keystream from a 128-bit secret key and a 128-bit initialization
- * vector.
- * <p>
- * http://www.ecrypt.eu.org/stream/p3ciphers/hc/hc128_p3.pdf
- * </p><p>
- * It is a third phase candidate in the eStream contest, and is patent-free.
- * No attacks are known as of today (April 2007). See
- *
- * http://www.ecrypt.eu.org/stream/hcp3.html
- * </p>
- */
-public class HC128Engine
-    implements StreamCipher
-{
-    private int[] p = new int[512];
-    private int[] q = new int[512];
-    private int cnt = 0;
-
-    private static int f1(int x)
-    {
-        return rotateRight(x, 7) ^ rotateRight(x, 18)
-            ^ (x >>> 3);
-    }
-
-    private static int f2(int x)
-    {
-        return rotateRight(x, 17) ^ rotateRight(x, 19)
-            ^ (x >>> 10);
-    }
-
-    private int g1(int x, int y, int z)
-    {
-        return (rotateRight(x, 10) ^ rotateRight(z, 23))
-            + rotateRight(y, 8);
-    }
-
-    private int g2(int x, int y, int z)
-    {
-        return (rotateLeft(x, 10) ^ rotateLeft(z, 23)) + rotateLeft(y, 8);
-    }
-
-    private static int rotateLeft(
-        int     x,
-        int     bits)
-    {
-        return (x << bits) | (x >>> -bits);
-    }
-
-    private static int rotateRight(
-        int     x,
-        int     bits)
-    {
-        return (x >>> bits) | (x << -bits);
-    }
-
-    private int h1(int x)
-    {
-        return q[x & 0xFF] + q[((x >> 16) & 0xFF) + 256];
-    }
-
-    private int h2(int x)
-    {
-        return p[x & 0xFF] + p[((x >> 16) & 0xFF) + 256];
-    }
-
-    private static int mod1024(int x)
-    {
-        return x & 0x3FF;
-    }
-
-    private static int mod512(int x)
-    {
-        return x & 0x1FF;
-    }
-
-    private static int dim(int x, int y)
-    {
-        return mod512(x - y);
-    }
-
-    private int step()
-    {
-        int j = mod512(cnt);
-        int ret;
-        if (cnt < 512)
-        {
-            p[j] += g1(p[dim(j, 3)], p[dim(j, 10)], p[dim(j, 511)]);
-            ret = h1(p[dim(j, 12)]) ^ p[j];
-        }
-        else
-        {
-            q[j] += g2(q[dim(j, 3)], q[dim(j, 10)], q[dim(j, 511)]);
-            ret = h2(q[dim(j, 12)]) ^ q[j];
-        }
-        cnt = mod1024(cnt + 1);
-        return ret;
-    }
-
-    private byte[] key, iv;
-    private boolean initialised;
-
-    private void init()
-    {
-        if (key.length != 16)
-        {
-            throw new java.lang.IllegalArgumentException(
-                "The key must be 128 bits long");
-        }
-
-        idx = 0;
-        cnt = 0;
-
-        int[] w = new int[1280];
-
-        for (int i = 0; i < 16; i++)
-        {
-            w[i >> 2] |= (key[i] & 0xff) << (8 * (i & 0x3));
-        }
-        System.arraycopy(w, 0, w, 4, 4);
-
-        for (int i = 0; i < iv.length && i < 16; i++)
-        {
-            w[(i >> 2) + 8] |= (iv[i] & 0xff) << (8 * (i & 0x3));
-        }
-        System.arraycopy(w, 8, w, 12, 4);
-
-        for (int i = 16; i < 1280; i++)
-        {
-            w[i] = f2(w[i - 2]) + w[i - 7] + f1(w[i - 15]) + w[i - 16] + i;
-        }
-
-        System.arraycopy(w, 256, p, 0, 512);
-        System.arraycopy(w, 768, q, 0, 512);
-
-        for (int i = 0; i < 512; i++)
-        {
-            p[i] = step();
-        }
-        for (int i = 0; i < 512; i++)
-        {
-            q[i] = step();
-        }
-
-        cnt = 0;
-    }
-
-    public String getAlgorithmName()
-    {
-        return "HC-128";
-    }
-
-    /**
-     * Initialise a HC-128 cipher.
-     *
-     * @param forEncryption whether or not we are for encryption. Irrelevant, as
-     *                      encryption and decryption are the same.
-     * @param params        the parameters required to set up the cipher.
-     * @throws IllegalArgumentException if the params argument is
-     *                                  inappropriate (ie. the key is not 128 bit long).
-     */
-    public void init(boolean forEncryption, CipherParameters params)
-        throws IllegalArgumentException
-    {
-        CipherParameters keyParam = params;
-
-        if (params instanceof ParametersWithIV)
-        {
-            iv = ((ParametersWithIV)params).getIV();
-            keyParam = ((ParametersWithIV)params).getParameters();
-        }
-        else
-        {
-            iv = new byte[0];
-        }
-
-        if (keyParam instanceof KeyParameter)
-        {
-            key = ((KeyParameter)keyParam).getKey();
-            init();
-        }
-        else
-        {
-            throw new IllegalArgumentException(
-                "Invalid parameter passed to HC128 init - "
-                    + params.getClass().getName());
-        }
-
-        initialised = true;
-    }
-
-    private byte[] buf = new byte[4];
-    private int idx = 0;
-
-    private byte getByte()
-    {
-        if (idx == 0)
-        {
-            int step = step();
-            buf[0] = (byte)(step & 0xFF);
-            step >>= 8;
-            buf[1] = (byte)(step & 0xFF);
-            step >>= 8;
-            buf[2] = (byte)(step & 0xFF);
-            step >>= 8;
-            buf[3] = (byte)(step & 0xFF);
-        }
-        byte ret = buf[idx];
-        idx = idx + 1 & 0x3;
-        return ret;
-    }
-
-    public int processBytes(byte[] in, int inOff, int len, byte[] out,
-                             int outOff) throws DataLengthException
-    {
-        if (!initialised)
-        {
-            throw new IllegalStateException(getAlgorithmName()
-                + " not initialised");
-        }
-
-        if ((inOff + len) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-
-        if ((outOff + len) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-
-        for (int i = 0; i < len; i++)
-        {
-            out[outOff + i] = (byte)(in[inOff + i] ^ getByte());
-        }
-
-        return len;
-    }
-
-    public void reset()
-    {
-        init();
-    }
-
-    public byte returnByte(byte in)
-    {
-        return (byte)(in ^ getByte());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/HC256Engine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/HC256Engine.java
deleted file mode 100644
index a74164a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/HC256Engine.java
+++ /dev/null

@@ -1,246 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.StreamCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-
-/**
- * HC-256 is a software-efficient stream cipher created by Hongjun Wu. It 
- * generates keystream from a 256-bit secret key and a 256-bit initialization 
- * vector.
- * <p>
- * http://www.ecrypt.eu.org/stream/p3ciphers/hc/hc256_p3.pdf
- * </p><p>
- * Its brother, HC-128, is a third phase candidate in the eStream contest.
- * The algorithm is patent-free. No attacks are known as of today (April 2007). 
- * See
- * 
- * http://www.ecrypt.eu.org/stream/hcp3.html
- * </p>
- */
-public class HC256Engine
-    implements StreamCipher
-{
-    private int[] p = new int[1024];
-    private int[] q = new int[1024];
-    private int cnt = 0;
-
-    private int step()
-    {
-        int j = cnt & 0x3FF;
-        int ret;
-        if (cnt < 1024)
-        {
-            int x = p[(j - 3 & 0x3FF)];
-            int y = p[(j - 1023 & 0x3FF)];
-            p[j] += p[(j - 10 & 0x3FF)]
-                + (rotateRight(x, 10) ^ rotateRight(y, 23))
-                + q[((x ^ y) & 0x3FF)];
-
-            x = p[(j - 12 & 0x3FF)];
-            ret = (q[x & 0xFF] + q[((x >> 8) & 0xFF) + 256]
-                + q[((x >> 16) & 0xFF) + 512] + q[((x >> 24) & 0xFF) + 768])
-                ^ p[j];
-        }
-        else
-        {
-            int x = q[(j - 3 & 0x3FF)];
-            int y = q[(j - 1023 & 0x3FF)];
-            q[j] += q[(j - 10 & 0x3FF)]
-                + (rotateRight(x, 10) ^ rotateRight(y, 23))
-                + p[((x ^ y) & 0x3FF)];
-
-            x = q[(j - 12 & 0x3FF)];
-            ret = (p[x & 0xFF] + p[((x >> 8) & 0xFF) + 256]
-                + p[((x >> 16) & 0xFF) + 512] + p[((x >> 24) & 0xFF) + 768])
-                ^ q[j];
-        }
-        cnt = cnt + 1 & 0x7FF;
-        return ret;
-    }
-
-    private byte[] key, iv;
-    private boolean initialised;
-
-    private void init()
-    {
-        if (key.length != 32 && key.length != 16)
-        {
-            throw new IllegalArgumentException(
-                "The key must be 128/256 bits long");
-        }
-
-        if (iv.length < 16)
-        {
-            throw new IllegalArgumentException(
-                "The IV must be at least 128 bits long");
-        }
-
-        if (key.length != 32)
-        {
-            byte[] k = new byte[32];
-
-            System.arraycopy(key, 0, k, 0, key.length);
-            System.arraycopy(key, 0, k, 16, key.length);
-
-            key = k;
-        }
-
-        if (iv.length < 32)
-        {
-            byte[] newIV = new byte[32];
-
-            System.arraycopy(iv, 0, newIV, 0, iv.length);
-            System.arraycopy(iv, 0, newIV, iv.length, newIV.length - iv.length);
-
-            iv = newIV;
-        }
-
-        idx = 0;
-        cnt = 0;
-
-        int[] w = new int[2560];
-
-        for (int i = 0; i < 32; i++)
-        {
-            w[i >> 2] |= (key[i] & 0xff) << (8 * (i & 0x3));
-        }
-
-        for (int i = 0; i < 32; i++)
-        {
-            w[(i >> 2) + 8] |= (iv[i] & 0xff) << (8 * (i & 0x3));
-        }
-
-        for (int i = 16; i < 2560; i++)
-        {
-            int x = w[i - 2];
-            int y = w[i - 15];
-            w[i] = (rotateRight(x, 17) ^ rotateRight(x, 19) ^ (x >>> 10))
-                + w[i - 7]
-                + (rotateRight(y, 7) ^ rotateRight(y, 18) ^ (y >>> 3))
-                + w[i - 16] + i;
-        }
-
-        System.arraycopy(w, 512, p, 0, 1024);
-        System.arraycopy(w, 1536, q, 0, 1024);
-
-        for (int i = 0; i < 4096; i++)
-        {
-            step();
-        }
-
-        cnt = 0;
-    }
-
-    public String getAlgorithmName()
-    {
-        return "HC-256";
-    }
-
-    /**
-     * Initialise a HC-256 cipher.
-     *
-     * @param forEncryption whether or not we are for encryption. Irrelevant, as
-     *                      encryption and decryption are the same.
-     * @param params        the parameters required to set up the cipher.
-     * @throws IllegalArgumentException if the params argument is
-     *                                  inappropriate (ie. the key is not 256 bit long).
-     */
-    public void init(boolean forEncryption, CipherParameters params)
-        throws IllegalArgumentException
-    {
-        CipherParameters keyParam = params;
-
-        if (params instanceof ParametersWithIV)
-        {
-            iv = ((ParametersWithIV)params).getIV();
-            keyParam = ((ParametersWithIV)params).getParameters();
-        }
-        else
-        {
-            iv = new byte[0];
-        }
-
-        if (keyParam instanceof KeyParameter)
-        {
-            key = ((KeyParameter)keyParam).getKey();
-            init();
-        }
-        else
-        {
-            throw new IllegalArgumentException(
-                "Invalid parameter passed to HC256 init - "
-                    + params.getClass().getName());
-        }
-
-        initialised = true;
-    }
-
-    private byte[] buf = new byte[4];
-    private int idx = 0;
-
-    private byte getByte()
-    {
-        if (idx == 0)
-        {
-            int step = step();
-            buf[0] = (byte)(step & 0xFF);
-            step >>= 8;
-            buf[1] = (byte)(step & 0xFF);
-            step >>= 8;
-            buf[2] = (byte)(step & 0xFF);
-            step >>= 8;
-            buf[3] = (byte)(step & 0xFF);
-        }
-        byte ret = buf[idx];
-        idx = idx + 1 & 0x3;
-        return ret;
-    }
-
-    public int processBytes(byte[] in, int inOff, int len, byte[] out,
-                             int outOff) throws DataLengthException
-    {
-        if (!initialised)
-        {
-            throw new IllegalStateException(getAlgorithmName()
-                + " not initialised");
-        }
-
-        if ((inOff + len) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-
-        if ((outOff + len) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-
-        for (int i = 0; i < len; i++)
-        {
-            out[outOff + i] = (byte)(in[inOff + i] ^ getByte());
-        }
-
-        return len;
-    }
-
-    public void reset()
-    {
-        init();
-    }
-
-    public byte returnByte(byte in)
-    {
-        return (byte)(in ^ getByte());
-    }
-
-    private static int rotateRight(
-        int     x,
-        int     bits)
-    {
-        return (x >>> bits) | (x << -bits);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/IDEAEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/IDEAEngine.java
deleted file mode 100644
index 08cf738..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/IDEAEngine.java
+++ /dev/null

@@ -1,357 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.KeyParameter;
-
-/**
- * A class that provides a basic International Data Encryption Algorithm (IDEA) engine.
- * <p>
- * This implementation is based on the "HOWTO: INTERNATIONAL DATA ENCRYPTION ALGORITHM"
- * implementation summary by Fauzan Mirza (F.U.Mirza@sheffield.ac.uk). (barring 1 typo at the
- * end of the mulinv function!).
- * <p>
- * It can be found at ftp://ftp.funet.fi/pub/crypt/cryptography/symmetric/idea/
- * <p>
- * Note: This algorithm was patented in the USA, Japan and Europe. These patents expired in 2011/2012. 
- */
-public class IDEAEngine
-    implements BlockCipher
-{
-    protected static final int  BLOCK_SIZE = 8;
-
-    private int[]               workingKey = null;
-
-    /**
-     * standard constructor.
-     */
-    public IDEAEngine()
-    {
-    }
-
-    /**
-     * initialise an IDEA cipher.
-     *
-     * @param forEncryption whether or not we are for encryption.
-     * @param params the parameters required to set up the cipher.
-     * @exception IllegalArgumentException if the params argument is
-     * inappropriate.
-     */
-    public void init(
-        boolean           forEncryption,
-        CipherParameters  params)
-    {
-        if (params instanceof KeyParameter)
-        {
-            workingKey = generateWorkingKey(forEncryption,
-                                  ((KeyParameter)params).getKey());
-            return;
-        }
-
-        throw new IllegalArgumentException("invalid parameter passed to IDEA init - " + params.getClass().getName());
-    }
-
-    public String getAlgorithmName()
-    {
-        return "IDEA";
-    }
-
-    public int getBlockSize()
-    {
-        return BLOCK_SIZE;
-    }
-
-    public int processBlock(
-        byte[] in,
-        int inOff,
-        byte[] out,
-        int outOff)
-    {
-        if (workingKey == null)
-        {
-            throw new IllegalStateException("IDEA engine not initialised");
-        }
-
-        if ((inOff + BLOCK_SIZE) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-
-        if ((outOff + BLOCK_SIZE) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-
-        ideaFunc(workingKey, in, inOff, out, outOff);
-
-        return BLOCK_SIZE;
-    }
-
-    public void reset()
-    {
-    }
-
-    private static final int    MASK = 0xffff;
-    private static final int    BASE = 0x10001;
-
-    private int bytesToWord(
-        byte[]  in,
-        int     inOff)
-    {
-        return ((in[inOff] << 8) & 0xff00) + (in[inOff + 1] & 0xff);
-    }
-
-    private void wordToBytes(
-        int     word,
-        byte[]  out,
-        int     outOff)
-    {
-        out[outOff] = (byte)(word >>> 8);
-        out[outOff + 1] = (byte)word;
-    }
-
-    /**
-     * return x = x * y where the multiplication is done modulo
-     * 65537 (0x10001) (as defined in the IDEA specification) and
-     * a zero input is taken to be 65536 (0x10000).
-     *
-     * @param x the x value
-     * @param y the y value
-     * @return x = x * y
-     */
-    private int mul(
-        int x,
-        int y)
-    {
-        if (x == 0)
-        {
-            x = (BASE - y);
-        }
-        else if (y == 0)
-        {
-            x = (BASE - x);
-        }
-        else
-        {
-            int     p = x * y;
-
-            y = p & MASK;
-            x = p >>> 16;
-            x = y - x + ((y < x) ? 1 : 0);
-        }
-
-        return x & MASK;
-    }
-
-    private void ideaFunc(
-        int[]   workingKey,
-        byte[]  in,
-        int     inOff,
-        byte[]  out,
-        int     outOff)
-    {
-        int     x0, x1, x2, x3, t0, t1;
-        int     keyOff = 0;
-
-        x0 = bytesToWord(in, inOff);
-        x1 = bytesToWord(in, inOff + 2);
-        x2 = bytesToWord(in, inOff + 4);
-        x3 = bytesToWord(in, inOff + 6);
-
-        for (int round = 0; round < 8; round++)
-        {
-            x0 = mul(x0, workingKey[keyOff++]);
-            x1 += workingKey[keyOff++];
-            x1 &= MASK;
-            x2 += workingKey[keyOff++];
-            x2 &= MASK;
-            x3 = mul(x3, workingKey[keyOff++]);
-
-            t0 = x1;
-            t1 = x2;
-            x2 ^= x0;
-            x1 ^= x3;
-
-            x2 = mul(x2, workingKey[keyOff++]);
-            x1 += x2;
-            x1 &= MASK;
-
-            x1 = mul(x1, workingKey[keyOff++]);
-            x2 += x1;
-            x2 &= MASK;
-
-            x0 ^= x1;
-            x3 ^= x2;
-            x1 ^= t1;
-            x2 ^= t0;
-        }
-
-        wordToBytes(mul(x0, workingKey[keyOff++]), out, outOff);
-        wordToBytes(x2 + workingKey[keyOff++], out, outOff + 2);  /* NB: Order */
-        wordToBytes(x1 + workingKey[keyOff++], out, outOff + 4);
-        wordToBytes(mul(x3, workingKey[keyOff]), out, outOff + 6);
-    }
-
-    /**
-     * The following function is used to expand the user key to the encryption
-     * subkey. The first 16 bytes are the user key, and the rest of the subkey
-     * is calculated by rotating the previous 16 bytes by 25 bits to the left,
-     * and so on until the subkey is completed.
-     */
-    private int[] expandKey(
-        byte[]  uKey)
-    {
-        int[]   key = new int[52];
-
-        if (uKey.length < 16)
-        {
-            byte[]  tmp = new byte[16];
-
-            System.arraycopy(uKey, 0, tmp, tmp.length - uKey.length, uKey.length);
-
-            uKey = tmp;
-        }
-
-        for (int i = 0; i < 8; i++)
-        {
-            key[i] = bytesToWord(uKey, i * 2);
-        }
-
-        for (int i = 8; i < 52; i++)
-        {
-            if ((i & 7) < 6)
-            {
-                key[i] = ((key[i - 7] & 127) << 9 | key[i - 6] >> 7) & MASK;
-            }
-            else if ((i & 7) == 6)
-            {
-                key[i] = ((key[i - 7] & 127) << 9 | key[i - 14] >> 7) & MASK;
-            }
-            else
-            {
-                key[i] = ((key[i - 15] & 127) << 9 | key[i - 14] >> 7) & MASK;
-            }
-        }
-
-        return key;
-    }
-
-    /**
-     * This function computes multiplicative inverse using Euclid's Greatest
-     * Common Divisor algorithm. Zero and one are self inverse.
-     * <p>
-     * i.e. x * mulInv(x) == 1 (modulo BASE)
-     */
-    private int mulInv(
-        int x)
-    {
-        int t0, t1, q, y;
-        
-        if (x < 2)
-        {
-            return x;
-        }
-
-        t0 = 1;
-        t1 = BASE / x;
-        y  = BASE % x;
-
-        while (y != 1)
-        {
-            q = x / y;
-            x = x % y;
-            t0 = (t0 + (t1 * q)) & MASK;
-            if (x == 1)
-            {
-                return t0;
-            }
-            q = y / x;
-            y = y % x;
-            t1 = (t1 + (t0 * q)) & MASK;
-        }
-
-        return (1 - t1) & MASK;
-    }
-
-    /**
-     * Return the additive inverse of x.
-     * <p>
-     * i.e. x + addInv(x) == 0
-     */
-    int addInv(
-        int x)
-    {
-        return (0 - x) & MASK;
-    }
-    
-    /**
-     * The function to invert the encryption subkey to the decryption subkey.
-     * It also involves the multiplicative inverse and the additive inverse functions.
-     */
-    private int[] invertKey(
-        int[] inKey)
-    {
-        int     t1, t2, t3, t4;
-        int     p = 52;                 /* We work backwards */
-        int[]   key = new int[52];
-        int     inOff = 0;
-    
-        t1 = mulInv(inKey[inOff++]);
-        t2 = addInv(inKey[inOff++]);
-        t3 = addInv(inKey[inOff++]);
-        t4 = mulInv(inKey[inOff++]);
-        key[--p] = t4;
-        key[--p] = t3;
-        key[--p] = t2;
-        key[--p] = t1;
-    
-        for (int round = 1; round < 8; round++)
-        {
-            t1 = inKey[inOff++];
-            t2 = inKey[inOff++];
-            key[--p] = t2;
-            key[--p] = t1;
-    
-            t1 = mulInv(inKey[inOff++]);
-            t2 = addInv(inKey[inOff++]);
-            t3 = addInv(inKey[inOff++]);
-            t4 = mulInv(inKey[inOff++]);
-            key[--p] = t4;
-            key[--p] = t2; /* NB: Order */
-            key[--p] = t3;
-            key[--p] = t1;
-        }
-
-        t1 = inKey[inOff++];
-        t2 = inKey[inOff++];
-        key[--p] = t2;
-        key[--p] = t1;
-    
-        t1 = mulInv(inKey[inOff++]);
-        t2 = addInv(inKey[inOff++]);
-        t3 = addInv(inKey[inOff++]);
-        t4 = mulInv(inKey[inOff]);
-        key[--p] = t4;
-        key[--p] = t3;
-        key[--p] = t2;
-        key[--p] = t1;
-
-        return key;
-    }
-    
-    private int[] generateWorkingKey(
-        boolean forEncryption,
-        byte[]  userKey)
-    {
-        if (forEncryption)
-        {
-            return expandKey(userKey);
-        }
-        else
-        {
-            return invertKey(expandKey(userKey));
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/IESEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/IESEngine.java
deleted file mode 100644
index b1bfddf..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/IESEngine.java
+++ /dev/null

@@ -1,460 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.BasicAgreement;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DerivationFunction;
-import org.bouncycastle.crypto.EphemeralKeyPair;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.KeyParser;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.generators.EphemeralKeyPairGenerator;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.IESParameters;
-import org.bouncycastle.crypto.params.IESWithCipherParameters;
-import org.bouncycastle.crypto.params.KDFParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.BigIntegers;
-import org.bouncycastle.util.Pack;
-
-/**
- * Support class for constructing integrated encryption ciphers
- * for doing basic message exchanges on top of key agreement ciphers.
- * Follows the description given in IEEE Std 1363a.
- */
-public class IESEngine
-{
-    BasicAgreement agree;
-    DerivationFunction kdf;
-    Mac mac;
-    BufferedBlockCipher cipher;
-    byte[] macBuf;
-
-    boolean forEncryption;
-    CipherParameters privParam, pubParam;
-    IESParameters param;
-
-    byte[] V;
-    private EphemeralKeyPairGenerator keyPairGenerator;
-    private KeyParser keyParser;
-    private byte[] IV;
-
-    /**
-     * Set up for use with stream mode, where the key derivation function
-     * is used to provide a stream of bytes to xor with the message.
-     *
-     * @param agree the key agreement used as the basis for the encryption
-     * @param kdf   the key derivation function used for byte generation
-     * @param mac   the message authentication code generator for the message
-     */
-    public IESEngine(
-        BasicAgreement agree,
-        DerivationFunction kdf,
-        Mac mac)
-    {
-        this.agree = agree;
-        this.kdf = kdf;
-        this.mac = mac;
-        this.macBuf = new byte[mac.getMacSize()];
-        this.cipher = null;
-    }
-
-
-    /**
-     * Set up for use in conjunction with a block cipher to handle the
-     * message. It is <b>strongly</b> recommended that the cipher is not in ECB mode.
-     *
-     * @param agree  the key agreement used as the basis for the encryption
-     * @param kdf    the key derivation function used for byte generation
-     * @param mac    the message authentication code generator for the message
-     * @param cipher the cipher to used for encrypting the message
-     */
-    public IESEngine(
-        BasicAgreement agree,
-        DerivationFunction kdf,
-        Mac mac,
-        BufferedBlockCipher cipher)
-    {
-        this.agree = agree;
-        this.kdf = kdf;
-        this.mac = mac;
-        this.macBuf = new byte[mac.getMacSize()];
-        this.cipher = cipher;
-    }
-
-    /**
-     * Initialise the encryptor.
-     *
-     * @param forEncryption whether or not this is encryption/decryption.
-     * @param privParam     our private key parameters
-     * @param pubParam      the recipient's/sender's public key parameters
-     * @param params        encoding and derivation parameters, may be wrapped to include an IV for an underlying block cipher.
-     */
-    public void init(
-        boolean forEncryption,
-        CipherParameters privParam,
-        CipherParameters pubParam,
-        CipherParameters params)
-    {
-        this.forEncryption = forEncryption;
-        this.privParam = privParam;
-        this.pubParam = pubParam;
-        this.V = new byte[0];
-
-        extractParams(params);
-    }
-
-    /**
-     * Initialise the decryptor.
-     *
-     * @param publicKey      the recipient's/sender's public key parameters
-     * @param params         encoding and derivation parameters, may be wrapped to include an IV for an underlying block cipher.
-     * @param ephemeralKeyPairGenerator             the ephemeral key pair generator to use.
-     */
-    public void init(AsymmetricKeyParameter publicKey, CipherParameters params, EphemeralKeyPairGenerator ephemeralKeyPairGenerator)
-    {
-        this.forEncryption = true;
-        this.pubParam = publicKey;
-        this.keyPairGenerator = ephemeralKeyPairGenerator;
-
-        extractParams(params);
-    }
-
-    /**
-     * Initialise the encryptor.
-     *
-     * @param privateKey      the recipient's private key.
-     * @param params          encoding and derivation parameters, may be wrapped to include an IV for an underlying block cipher.
-     * @param publicKeyParser the parser for reading the ephemeral public key.
-     */
-    public void init(AsymmetricKeyParameter privateKey, CipherParameters params, KeyParser publicKeyParser)
-    {
-        this.forEncryption = false;
-        this.privParam = privateKey;
-        this.keyParser = publicKeyParser;
-
-        extractParams(params);
-    }
-
-    private void extractParams(CipherParameters params)
-    {
-        if (params instanceof ParametersWithIV)
-        {
-            this.IV = ((ParametersWithIV)params).getIV();
-            this.param = (IESParameters)((ParametersWithIV)params).getParameters();
-        }
-        else
-        {
-            this.IV = null;
-            this.param = (IESParameters)params;
-        }
-    }
-
-    public BufferedBlockCipher getCipher()
-    {
-        return cipher;
-    }
-
-    public Mac getMac()
-    {
-        return mac;
-    }
-
-    private byte[] encryptBlock(
-        byte[] in,
-        int inOff,
-        int inLen)
-        throws InvalidCipherTextException
-    {
-        byte[] C = null, K = null, K1 = null, K2 = null;
-        int len;
-
-        if (cipher == null)
-        {
-            // Streaming mode.
-            K1 = new byte[inLen];
-            K2 = new byte[param.getMacKeySize() / 8];
-            K = new byte[K1.length + K2.length];
-
-            kdf.generateBytes(K, 0, K.length);
-
-            if (V.length != 0)
-            {
-                System.arraycopy(K, 0, K2, 0, K2.length);
-                System.arraycopy(K, K2.length, K1, 0, K1.length);
-            }
-            else
-            {
-                System.arraycopy(K, 0, K1, 0, K1.length);
-                System.arraycopy(K, inLen, K2, 0, K2.length);
-            }
-
-            C = new byte[inLen];
-
-            for (int i = 0; i != inLen; i++)
-            {
-                C[i] = (byte)(in[inOff + i] ^ K1[i]);
-            }
-            len = inLen;
-        }
-        else
-        {
-            // Block cipher mode.
-            K1 = new byte[((IESWithCipherParameters)param).getCipherKeySize() / 8];
-            K2 = new byte[param.getMacKeySize() / 8];
-            K = new byte[K1.length + K2.length];
-
-            kdf.generateBytes(K, 0, K.length);
-            System.arraycopy(K, 0, K1, 0, K1.length);
-            System.arraycopy(K, K1.length, K2, 0, K2.length);
-
-            // If iv provided use it to initialise the cipher
-            if (IV != null)
-            {
-                cipher.init(true, new ParametersWithIV(new KeyParameter(K1), IV));
-            }
-            else
-            {
-                cipher.init(true, new KeyParameter(K1));    
-            }
-            
-            C = new byte[cipher.getOutputSize(inLen)];
-            len = cipher.processBytes(in, inOff, inLen, C, 0);
-            len += cipher.doFinal(C, len);
-        }
-
-
-        // Convert the length of the encoding vector into a byte array.
-        byte[] P2 = param.getEncodingV();
-        byte[] L2 = null;
-        if (V.length != 0)
-        {
-            L2 = getLengthTag(P2);
-        }
-
-
-        // Apply the MAC.
-        byte[] T = new byte[mac.getMacSize()];
-
-        mac.init(new KeyParameter(K2));
-        mac.update(C, 0, C.length);
-        if (P2 != null)
-        {
-            mac.update(P2, 0, P2.length);
-        }
-        if (V.length != 0)
-        {
-            mac.update(L2, 0, L2.length);
-        }
-        mac.doFinal(T, 0);
-
-
-        // Output the triple (V,C,T).
-        byte[] Output = new byte[V.length + len + T.length];
-        System.arraycopy(V, 0, Output, 0, V.length);
-        System.arraycopy(C, 0, Output, V.length, len);
-        System.arraycopy(T, 0, Output, V.length + len, T.length);
-        return Output;
-    }
-
-    private byte[] decryptBlock(
-        byte[] in_enc,
-        int inOff,
-        int inLen)
-        throws InvalidCipherTextException
-    {
-        byte[] M, K, K1, K2;
-        int len = 0;
-
-        // Ensure that the length of the input is greater than the MAC in bytes
-        if (inLen < V.length + mac.getMacSize())
-        {
-            throw new InvalidCipherTextException("Length of input must be greater than the MAC and V combined");
-        }
-
-        // note order is important: set up keys, do simple encryptions, check mac, do final encryption.
-        if (cipher == null)
-        {
-            // Streaming mode.
-            K1 = new byte[inLen - V.length - mac.getMacSize()];
-            K2 = new byte[param.getMacKeySize() / 8];
-            K = new byte[K1.length + K2.length];
-
-            kdf.generateBytes(K, 0, K.length);
-
-            if (V.length != 0)
-            {
-                System.arraycopy(K, 0, K2, 0, K2.length);
-                System.arraycopy(K, K2.length, K1, 0, K1.length);
-            }
-            else
-            {
-                System.arraycopy(K, 0, K1, 0, K1.length);
-                System.arraycopy(K, K1.length, K2, 0, K2.length);
-            }
-
-            // process the message
-            M = new byte[K1.length];
-
-            for (int i = 0; i != K1.length; i++)
-            {
-                M[i] = (byte)(in_enc[inOff + V.length + i] ^ K1[i]);
-            }
-        }
-        else
-        {
-            // Block cipher mode.        
-            K1 = new byte[((IESWithCipherParameters)param).getCipherKeySize() / 8];
-            K2 = new byte[param.getMacKeySize() / 8];
-            K = new byte[K1.length + K2.length];
-
-            kdf.generateBytes(K, 0, K.length);
-            System.arraycopy(K, 0, K1, 0, K1.length);
-            System.arraycopy(K, K1.length, K2, 0, K2.length);
-
-            CipherParameters cp = new KeyParameter(K1);
-
-            // If IV provide use it to initialize the cipher
-            if (IV != null)
-            {
-                cp = new ParametersWithIV(cp, IV);
-            }
-
-            cipher.init(false, cp);
-
-            M = new byte[cipher.getOutputSize(inLen - V.length - mac.getMacSize())];
-
-            // do initial processing
-            len = cipher.processBytes(in_enc, inOff + V.length, inLen - V.length - mac.getMacSize(), M, 0);
-        }
-
-        // Convert the length of the encoding vector into a byte array.
-        byte[] P2 = param.getEncodingV();
-        byte[] L2 = null;
-        if (V.length != 0)
-        {
-            L2 = getLengthTag(P2);
-        }
-
-        // Verify the MAC.
-        int end = inOff + inLen;
-        byte[] T1 = Arrays.copyOfRange(in_enc, end - mac.getMacSize(), end);
-
-        byte[] T2 = new byte[T1.length];
-        mac.init(new KeyParameter(K2));
-        mac.update(in_enc, inOff + V.length, inLen - V.length - T2.length);
-
-        if (P2 != null)
-        {
-            mac.update(P2, 0, P2.length);
-        }
-        if (V.length != 0)
-        {
-            mac.update(L2, 0, L2.length);
-        }
-        mac.doFinal(T2, 0);
-
-        if (!Arrays.constantTimeAreEqual(T1, T2))
-        {
-            throw new InvalidCipherTextException("invalid MAC");
-        }
-
-        if (cipher == null)
-        {
-            return M;
-        }
-        else
-        {
-            len += cipher.doFinal(M, len);
-
-            return Arrays.copyOfRange(M, 0, len);
-        }
-    }
-
-
-    public byte[] processBlock(
-        byte[] in,
-        int inOff,
-        int inLen)
-        throws InvalidCipherTextException
-    {
-        if (forEncryption)
-        {
-            if (keyPairGenerator != null)
-            {
-                EphemeralKeyPair ephKeyPair = keyPairGenerator.generate();
-
-                this.privParam = ephKeyPair.getKeyPair().getPrivate();
-                this.V = ephKeyPair.getEncodedPublicKey();
-            }
-        }
-        else
-        {
-            if (keyParser != null)
-            {
-                ByteArrayInputStream bIn = new ByteArrayInputStream(in, inOff, inLen);
-
-                try
-                {
-                    this.pubParam = keyParser.readKey(bIn);
-                }
-                catch (IOException e)
-                {
-                    throw new InvalidCipherTextException("unable to recover ephemeral public key: " + e.getMessage(), e);
-                }
-                catch (IllegalArgumentException e)
-                {
-                    throw new InvalidCipherTextException("unable to recover ephemeral public key: " + e.getMessage(), e);
-                }
-
-                int encLength = (inLen - bIn.available());
-                this.V = Arrays.copyOfRange(in, inOff, inOff + encLength);
-            }
-        }
-
-        // Compute the common value and convert to byte array. 
-        agree.init(privParam);
-        BigInteger z = agree.calculateAgreement(pubParam);
-        byte[] Z = BigIntegers.asUnsignedByteArray(agree.getFieldSize(), z);
-
-        // Create input to KDF.  
-        if (V.length != 0)
-        {
-            byte[] VZ = Arrays.concatenate(V, Z);
-            Arrays.fill(Z, (byte)0);
-            Z = VZ;
-        }
-
-        try
-        {
-            // Initialise the KDF.
-            KDFParameters kdfParam = new KDFParameters(Z, param.getDerivationV());
-            kdf.init(kdfParam);
-
-            return forEncryption
-                ? encryptBlock(in, inOff, inLen)
-                : decryptBlock(in, inOff, inLen);
-        }
-        finally
-        {
-            Arrays.fill(Z, (byte)0);
-        }
-    }
-
-    // as described in Shroup's paper and P1363a
-    protected byte[] getLengthTag(byte[] p2)
-    {
-        byte[] L2 = new byte[8];
-        if (p2 != null)
-        {
-            Pack.longToBigEndian(p2.length * 8L, L2, 0);
-        }
-        return L2;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/ISAACEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/ISAACEngine.java
deleted file mode 100644
index d2dd265..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/ISAACEngine.java
+++ /dev/null

@@ -1,221 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.StreamCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Pack;
-
-/**
- * Implementation of Bob Jenkin's ISAAC (Indirection Shift Accumulate Add and Count).
- * see: http://www.burtleburtle.net/bob/rand/isaacafa.html
-*/
-public class ISAACEngine
-    implements StreamCipher
-{
-    // Constants
-    private final int sizeL          = 8,
-                      stateArraySize = sizeL<<5; // 256
-    
-    // Cipher's internal state
-    private int[]   engineState   = null, // mm                
-                    results       = null; // randrsl
-    private int     a = 0, b = 0, c = 0;
-    
-    // Engine state
-    private int     index         = 0;
-    private byte[]  keyStream     = new byte[stateArraySize<<2], // results expanded into bytes
-                    workingKey    = null;
-    private boolean initialised   = false;
-    
-    /**
-     * initialise an ISAAC cipher.
-     *
-     * @param forEncryption whether or not we are for encryption.
-     * @param params the parameters required to set up the cipher.
-     * @exception IllegalArgumentException if the params argument is
-     * inappropriate.
-     */
-    public void init(
-        boolean             forEncryption, 
-        CipherParameters    params)
-    {
-        if (!(params instanceof KeyParameter))
-        {
-            throw new IllegalArgumentException("invalid parameter passed to ISAAC init - " + params.getClass().getName());
-        }
-        /* 
-         * ISAAC encryption and decryption is completely
-         * symmetrical, so the 'forEncryption' is 
-         * irrelevant.
-         */
-        KeyParameter p = (KeyParameter)params;
-        setKey(p.getKey());
-        
-        return;
-    }
-                    
-    public byte returnByte(byte in)
-    {
-        if (index == 0) 
-        {
-            isaac();
-            keyStream = Pack.intToBigEndian(results);
-        }
-        byte out = (byte)(keyStream[index]^in);
-        index = (index + 1) & 1023;
-        
-        return out;
-    }
-    
-    public int processBytes(
-        byte[]  in, 
-        int     inOff, 
-        int     len, 
-        byte[]  out, 
-        int     outOff)
-    {
-        if (!initialised)
-        {
-            throw new IllegalStateException(getAlgorithmName()+" not initialised");
-        }
-        
-        if ((inOff + len) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-        
-        if ((outOff + len) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-        
-        for (int i = 0; i < len; i++)
-        {
-            if (index == 0) 
-            {
-                isaac();
-                keyStream = Pack.intToBigEndian(results);
-            }
-            out[i+outOff] = (byte)(keyStream[index]^in[i+inOff]);
-            index = (index + 1) & 1023;
-        }
-
-        return len;
-    }
-    
-    public String getAlgorithmName()
-    {
-        return "ISAAC";
-    }
-    
-    public void reset()
-    {
-        setKey(workingKey);
-    }
-    
-    // Private implementation
-    private void setKey(byte[] keyBytes)
-    {
-        workingKey = keyBytes;
-        
-        if (engineState == null)
-        {
-            engineState = new int[stateArraySize];
-        }
-        
-        if (results == null)
-        {
-            results = new int[stateArraySize];
-        }
-        
-        int i, j, k;
-        
-        // Reset state
-        for (i = 0; i < stateArraySize; i++)
-        {
-            engineState[i] = results[i] = 0;
-        }
-        a = b = c = 0;
-        
-        // Reset index counter for output
-        index = 0;
-        
-        // Convert the key bytes to ints and put them into results[] for initialization
-        byte[] t = new byte[keyBytes.length + (keyBytes.length & 3)];
-        System.arraycopy(keyBytes, 0, t, 0, keyBytes.length);
-        for (i = 0; i < t.length; i+=4)
-        {
-            results[i >>> 2] = Pack.littleEndianToInt(t, i);
-        }
-
-        // It has begun?
-        int[] abcdefgh = new int[sizeL];
-        
-        for (i = 0; i < sizeL; i++)
-        {
-            abcdefgh[i] = 0x9e3779b9; // Phi (golden ratio)
-        }
-        
-        for (i = 0; i < 4; i++)
-        {
-            mix(abcdefgh);
-        }
-        
-        for (i = 0; i < 2; i++)
-        {
-            for (j = 0; j < stateArraySize; j+=sizeL)
-            {
-                for (k = 0; k < sizeL; k++)
-                {
-                    abcdefgh[k] += (i<1) ? results[j+k] : engineState[j+k];
-                }
-                
-                mix(abcdefgh);
-                
-                for (k = 0; k < sizeL; k++)
-                {
-                    engineState[j+k] = abcdefgh[k];
-                }
-            }
-        }
-        
-        isaac();
-        
-        initialised = true;
-    }    
-    
-    private void isaac()
-    {
-        int i, x, y;
-        
-        b += ++c;
-        for (i = 0; i < stateArraySize; i++)
-        {
-            x = engineState[i];
-            switch (i & 3)
-            {
-                case 0: a ^= (a <<  13); break;
-                case 1: a ^= (a >>>  6); break;
-                case 2: a ^= (a <<   2); break;
-                case 3: a ^= (a >>> 16); break;
-            }
-            a += engineState[(i+128) & 0xFF];
-            engineState[i] = y = engineState[(x >>> 2) & 0xFF] + a + b;
-            results[i] = b = engineState[(y >>> 10) & 0xFF] + x;
-        }
-    }
-    
-    private void mix(int[] x)
-    {
-        x[0]^=x[1]<< 11; x[3]+=x[0]; x[1]+=x[2];
-        x[1]^=x[2]>>> 2; x[4]+=x[1]; x[2]+=x[3];
-        x[2]^=x[3]<<  8; x[5]+=x[2]; x[3]+=x[4];
-        x[3]^=x[4]>>>16; x[6]+=x[3]; x[4]+=x[5];
-        x[4]^=x[5]<< 10; x[7]+=x[4]; x[5]+=x[6];
-        x[5]^=x[6]>>> 4; x[0]+=x[5]; x[6]+=x[7];
-        x[6]^=x[7]<<  8; x[1]+=x[6]; x[7]+=x[0];
-        x[7]^=x[0]>>> 9; x[2]+=x[7]; x[0]+=x[1];
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/NaccacheSternEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/NaccacheSternEngine.java
deleted file mode 100644
index a5403fa..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/NaccacheSternEngine.java
+++ /dev/null

@@ -1,437 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import java.math.BigInteger;
-import java.util.Vector;
-import org.bouncycastle.util.Arrays;
-
-import org.bouncycastle.crypto.AsymmetricBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.params.NaccacheSternKeyParameters;
-import org.bouncycastle.crypto.params.NaccacheSternPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-
-/**
- * NaccacheStern Engine. For details on this cipher, please see
- * http://www.gemplus.com/smart/rd/publications/pdf/NS98pkcs.pdf
- */
-public class NaccacheSternEngine
-    implements AsymmetricBlockCipher
-{
-    private boolean forEncryption;
-
-    private NaccacheSternKeyParameters key;
-
-    private Vector[] lookup = null;
-
-    private boolean debug = false;
-
-    private static BigInteger ZERO = BigInteger.valueOf(0);
-    private static BigInteger ONE = BigInteger.valueOf(1);
-
-    /**
-     * Initializes this algorithm. Must be called before all other Functions.
-     * 
-     * @see org.bouncycastle.crypto.AsymmetricBlockCipher#init(boolean,
-     *      org.bouncycastle.crypto.CipherParameters)
-     */
-    public void init(boolean forEncryption, CipherParameters param)
-    {
-        this.forEncryption = forEncryption;
-
-        if (param instanceof ParametersWithRandom)
-        {
-            param = ((ParametersWithRandom) param).getParameters();
-        }
-
-        key = (NaccacheSternKeyParameters)param;
-
-        // construct lookup table for faster decryption if necessary
-        if (!this.forEncryption)
-        {
-            if (debug)
-            {
-                System.out.println("Constructing lookup Array");
-            }
-            NaccacheSternPrivateKeyParameters priv = (NaccacheSternPrivateKeyParameters)key;
-            Vector primes = priv.getSmallPrimes();
-            lookup = new Vector[primes.size()];
-            for (int i = 0; i < primes.size(); i++)
-            {
-                BigInteger actualPrime = (BigInteger)primes.elementAt(i);
-                int actualPrimeValue = actualPrime.intValue();
-
-                lookup[i] = new Vector();
-                lookup[i].addElement(ONE);
-
-                if (debug)
-                {
-                    System.out.println("Constructing lookup ArrayList for " + actualPrimeValue);
-                }
-
-                BigInteger accJ = ZERO;
-
-                for (int j = 1; j < actualPrimeValue; j++)
-                {
-                    accJ = accJ.add(priv.getPhi_n());
-                    BigInteger comp = accJ.divide(actualPrime);
-                    lookup[i].addElement(priv.getG().modPow(comp, priv.getModulus()));
-                }
-            }
-        }
-    }
-
-    public void setDebug(boolean debug)
-    {
-        this.debug = debug;
-    }
-
-    /**
-     * Returns the input block size of this algorithm.
-     * 
-     * @see org.bouncycastle.crypto.AsymmetricBlockCipher#getInputBlockSize()
-     */
-    public int getInputBlockSize()
-    {
-        if (forEncryption)
-        {
-            // We can only encrypt values up to lowerSigmaBound
-            return (key.getLowerSigmaBound() + 7) / 8 - 1;
-        }
-        else
-        {
-            // We pad to modulus-size bytes for easier decryption.
-            return key.getModulus().toByteArray().length;
-        }
-    }
-
-    /**
-     * Returns the output block size of this algorithm.
-     * 
-     * @see org.bouncycastle.crypto.AsymmetricBlockCipher#getOutputBlockSize()
-     */
-    public int getOutputBlockSize()
-    {
-        if (forEncryption)
-        {
-            // encrypted Data is always padded up to modulus size
-            return key.getModulus().toByteArray().length;
-        }
-        else
-        {
-            // decrypted Data has upper limit lowerSigmaBound
-            return (key.getLowerSigmaBound() + 7) / 8 - 1;
-        }
-    }
-
-    /**
-     * Process a single Block using the Naccache-Stern algorithm.
-     * 
-     * @see org.bouncycastle.crypto.AsymmetricBlockCipher#processBlock(byte[],
-     *      int, int)
-     */
-    public byte[] processBlock(byte[] in, int inOff, int len) throws InvalidCipherTextException
-    {
-        if (key == null)
-        {
-            throw new IllegalStateException("NaccacheStern engine not initialised");
-        }
-        if (len > (getInputBlockSize() + 1))
-        {
-            throw new DataLengthException("input too large for Naccache-Stern cipher.\n");
-        }
-
-        if (!forEncryption)
-        {
-            // At decryption make sure that we receive padded data blocks
-            if (len < getInputBlockSize())
-            {
-                throw new InvalidCipherTextException("BlockLength does not match modulus for Naccache-Stern cipher.\n");
-            }
-        }
-
-        byte[] block;
-
-        if (inOff != 0 || len != in.length)
-        {
-            block = new byte[len];
-            System.arraycopy(in, inOff, block, 0, len);
-        }
-        else
-        {
-            block = in;
-        }
-
-        // transform input into BigInteger
-        BigInteger input = new BigInteger(1, block);
-        if (debug)
-        {
-            System.out.println("input as BigInteger: " + input);
-        }
-        byte[] output;
-        if (forEncryption)
-        {
-            output = encrypt(input);
-        }
-        else
-        {
-            Vector plain = new Vector();
-            NaccacheSternPrivateKeyParameters priv = (NaccacheSternPrivateKeyParameters)key;
-            Vector primes = priv.getSmallPrimes();
-            // Get Chinese Remainders of CipherText
-            for (int i = 0; i < primes.size(); i++)
-            {
-                BigInteger exp = input.modPow(priv.getPhi_n().divide((BigInteger)primes.elementAt(i)), priv.getModulus());
-                Vector al = lookup[i];
-                if (lookup[i].size() != ((BigInteger)primes.elementAt(i)).intValue())
-                {
-                    if (debug)
-                    {
-                        System.out.println("Prime is " + primes.elementAt(i) + ", lookup table has size " + al.size());
-                    }
-                    throw new InvalidCipherTextException("Error in lookup Array for "
-                                    + ((BigInteger)primes.elementAt(i)).intValue()
-                                    + ": Size mismatch. Expected ArrayList with length "
-                                    + ((BigInteger)primes.elementAt(i)).intValue() + " but found ArrayList of length "
-                                    + lookup[i].size());
-                }
-                int lookedup = al.indexOf(exp);
-
-                if (lookedup == -1)
-                {
-                    if (debug)
-                    {
-                        System.out.println("Actual prime is " + primes.elementAt(i));
-                        System.out.println("Decrypted value is " + exp);
-
-                        System.out.println("LookupList for " + primes.elementAt(i) + " with size " + lookup[i].size()
-                                        + " is: ");
-                        for (int j = 0; j < lookup[i].size(); j++)
-                        {
-                            System.out.println(lookup[i].elementAt(j));
-                        }
-                    }
-                    throw new InvalidCipherTextException("Lookup failed");
-                }
-                plain.addElement(BigInteger.valueOf(lookedup));
-            }
-            BigInteger test = chineseRemainder(plain, primes);
-
-            // Should not be used as an oracle, so reencrypt output to see
-            // if it corresponds to input
-
-            // this breaks probabilisic encryption, so disable it. Anyway, we do
-            // use the first n primes for key generation, so it is pretty easy
-            // to guess them. But as stated in the paper, this is not a security
-            // breach. So we can just work with the correct sigma.
-
-            // if (debug) {
-            //      System.out.println("Decryption is " + test);
-            // }
-            // if ((key.getG().modPow(test, key.getModulus())).equals(input)) {
-            //      output = test.toByteArray();
-            // } else {
-            //      if(debug){
-            //          System.out.println("Engine seems to be used as an oracle,
-            //          returning null");
-            //      }
-            //      output = null;
-            // }
-
-            output = test.toByteArray();
-
-        }
-
-        return output;
-    }
-
-    /**
-     * Encrypts a BigInteger aka Plaintext with the public key.
-     * 
-     * @param plain
-     *            The BigInteger to encrypt
-     * @return The byte[] representation of the encrypted BigInteger (i.e.
-     *         crypted.toByteArray())
-     */
-    public byte[] encrypt(BigInteger plain)
-    {
-        // Always return modulus size values 0-padded at the beginning
-        // 0-padding at the beginning is correctly parsed by BigInteger :)
-        byte[] output = key.getModulus().toByteArray();
-        Arrays.fill(output, (byte)0);
-        byte[] tmp = key.getG().modPow(plain, key.getModulus()).toByteArray();
-        System
-                .arraycopy(tmp, 0, output, output.length - tmp.length,
-                        tmp.length);
-        if (debug)
-        {
-            System.out
-                    .println("Encrypted value is:  " + new BigInteger(output));
-        }
-        return output;
-    }
-
-    /**
-     * Adds the contents of two encrypted blocks mod sigma
-     * 
-     * @param block1
-     *            the first encrypted block
-     * @param block2
-     *            the second encrypted block
-     * @return encrypt((block1 + block2) mod sigma)
-     * @throws InvalidCipherTextException
-     */
-    public byte[] addCryptedBlocks(byte[] block1, byte[] block2)
-            throws InvalidCipherTextException
-    {
-        // check for correct blocksize
-        if (forEncryption)
-        {
-            if ((block1.length > getOutputBlockSize())
-                    || (block2.length > getOutputBlockSize()))
-            {
-                throw new InvalidCipherTextException(
-                        "BlockLength too large for simple addition.\n");
-            }
-        }
-        else
-        {
-            if ((block1.length > getInputBlockSize())
-                    || (block2.length > getInputBlockSize()))
-            {
-                throw new InvalidCipherTextException(
-                        "BlockLength too large for simple addition.\n");
-            }
-        }
-
-        // calculate resulting block
-        BigInteger m1Crypt = new BigInteger(1, block1);
-        BigInteger m2Crypt = new BigInteger(1, block2);
-        BigInteger m1m2Crypt = m1Crypt.multiply(m2Crypt);
-        m1m2Crypt = m1m2Crypt.mod(key.getModulus());
-        if (debug)
-        {
-            System.out.println("c(m1) as BigInteger:....... " + m1Crypt);
-            System.out.println("c(m2) as BigInteger:....... " + m2Crypt);
-            System.out.println("c(m1)*c(m2)%n = c(m1+m2)%n: " + m1m2Crypt);
-        }
-
-        byte[] output = key.getModulus().toByteArray();
-        Arrays.fill(output, (byte)0);
-        System.arraycopy(m1m2Crypt.toByteArray(), 0, output, output.length
-                - m1m2Crypt.toByteArray().length,
-                m1m2Crypt.toByteArray().length);
-
-        return output;
-    }
-
-    /**
-     * Convenience Method for data exchange with the cipher.
-     * 
-     * Determines blocksize and splits data to blocksize.
-     *
-     * @param data the data to be processed
-     * @return the data after it went through the NaccacheSternEngine.
-     * @throws InvalidCipherTextException 
-     */
-    public byte[] processData(byte[] data) throws InvalidCipherTextException
-    {
-        if (debug)
-        {
-            System.out.println();
-        }
-        if (data.length > getInputBlockSize())
-        {
-            int inBlocksize = getInputBlockSize();
-            int outBlocksize = getOutputBlockSize();
-            if (debug)
-            {
-                System.out.println("Input blocksize is:  " + inBlocksize + " bytes");
-                System.out.println("Output blocksize is: " + outBlocksize + " bytes");
-                System.out.println("Data has length:.... " + data.length + " bytes");
-            }
-            int datapos = 0;
-            int retpos = 0;
-            byte[] retval = new byte[(data.length / inBlocksize + 1) * outBlocksize];
-            while (datapos < data.length)
-            {
-                byte[] tmp;
-                if (datapos + inBlocksize < data.length)
-                {
-                    tmp = processBlock(data, datapos, inBlocksize);
-                    datapos += inBlocksize;
-                }
-                else
-                {
-                    tmp = processBlock(data, datapos, data.length - datapos);
-                    datapos += data.length - datapos;
-                }
-                if (debug)
-                {
-                    System.out.println("new datapos is " + datapos);
-                }
-                if (tmp != null)
-                {
-                    System.arraycopy(tmp, 0, retval, retpos, tmp.length);
-                    
-                    retpos += tmp.length;
-                }
-                else
-                {
-                    if (debug)
-                    {
-                        System.out.println("cipher returned null");
-                    }
-                    throw new InvalidCipherTextException("cipher returned null");
-                }
-            }
-            byte[] ret = new byte[retpos];
-            System.arraycopy(retval, 0, ret, 0, retpos);
-            if (debug)
-            {
-                System.out.println("returning " + ret.length + " bytes");
-            }
-            return ret;
-        }
-        else
-        {
-            if (debug)
-            {
-                System.out.println("data size is less then input block size, processing directly");
-            }
-            return processBlock(data, 0, data.length);
-        }
-    }
-
-    /**
-     * Computes the integer x that is expressed through the given primes and the
-     * congruences with the chinese remainder theorem (CRT).
-     * 
-     * @param congruences
-     *            the congruences c_i
-     * @param primes
-     *            the primes p_i
-     * @return an integer x for that x % p_i == c_i
-     */
-    private static BigInteger chineseRemainder(Vector congruences, Vector primes)
-    {
-        BigInteger retval = ZERO;
-        BigInteger all = ONE;
-        for (int i = 0; i < primes.size(); i++)
-        {
-            all = all.multiply((BigInteger)primes.elementAt(i));
-        }
-        for (int i = 0; i < primes.size(); i++)
-        {
-            BigInteger a = (BigInteger)primes.elementAt(i);
-            BigInteger b = all.divide(a);
-            BigInteger b_ = b.modInverse(a);
-            BigInteger tmp = b.multiply(b_);
-            tmp = tmp.multiply((BigInteger)congruences.elementAt(i));
-            retval = retval.add(tmp);
-        }
-
-        return retval.mod(all);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/NoekeonEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/NoekeonEngine.java
deleted file mode 100644
index c4494c4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/NoekeonEngine.java
+++ /dev/null

@@ -1,263 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.KeyParameter;
-
-/**
- * A Noekeon engine, using direct-key mode.
- */
-
-public class NoekeonEngine
-    implements BlockCipher
-{
-    private static final int genericSize = 16; // Block and key size, as well as the amount of rounds.
-    
-    private static final int[] nullVector = 
-                               {
-                                    0x00, 0x00, 0x00, 0x00 // Used in decryption
-                               },
-        
-                               roundConstants = 
-                               {
-                                    0x80, 0x1b, 0x36, 0x6c,
-                                    0xd8, 0xab, 0x4d, 0x9a,
-                                    0x2f, 0x5e, 0xbc, 0x63,
-                                    0xc6, 0x97, 0x35, 0x6a,
-                                    0xd4
-                               };
-    
-    private int[] state   = new int[4], // a
-                  subKeys = new int[4], // k
-                  decryptKeys = new int[4];
-    
-    private boolean _initialised,
-                    _forEncryption;
-    
-    /**
-     * Create an instance of the Noekeon encryption algorithm
-     * and set some defaults
-     */
-    public NoekeonEngine()
-    {
-        _initialised = false;
-    }
-    
-    public String getAlgorithmName()
-    {
-        return "Noekeon";
-    }
-    
-    public int getBlockSize()
-    {
-        return genericSize;
-    }
-    
-    /**
-     * initialise
-     *
-     * @param forEncryption whether or not we are for encryption.
-     * @param params the parameters required to set up the cipher.
-     * @exception IllegalArgumentException if the params argument is
-     * inappropriate.
-     */
-    public void init(
-                     boolean             forEncryption,
-                     CipherParameters    params)
-    {
-        if (!(params instanceof KeyParameter))
-        {
-            throw new IllegalArgumentException("invalid parameter passed to Noekeon init - " + params.getClass().getName());
-        }
-        
-        _forEncryption = forEncryption;
-        _initialised = true;
-        
-        KeyParameter       p = (KeyParameter)params;
-        
-        setKey(p.getKey());
-    }
-    
-    public int processBlock(
-                            byte[]  in,
-                            int     inOff,
-                            byte[]  out,
-                            int     outOff)
-    {
-        if (!_initialised)
-        {
-            throw new IllegalStateException(getAlgorithmName()+" not initialised");
-        }
-        
-        if ((inOff + genericSize) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-        
-        if ((outOff + genericSize) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-        
-        return (_forEncryption) ? encryptBlock(in, inOff, out, outOff)
-                                : decryptBlock(in, inOff, out, outOff);
-    }
-    
-    public void reset()
-    {
-    }
-    
-    /**
-     * Re-key the cipher.
-     * <p>
-     * @param  key  the key to be used
-     */
-    private void setKey(
-                        byte[]      key)
-    {
-        subKeys[0] = bytesToIntBig(key, 0);
-        subKeys[1] = bytesToIntBig(key, 4);
-        subKeys[2] = bytesToIntBig(key, 8);
-        subKeys[3] = bytesToIntBig(key, 12);
-    }
-    
-    private int encryptBlock(
-                             byte[]  in,
-                             int     inOff,
-                             byte[]  out,
-                             int     outOff)
-    {
-        state[0] = bytesToIntBig(in, inOff);
-        state[1] = bytesToIntBig(in, inOff+4);
-        state[2] = bytesToIntBig(in, inOff+8);
-        state[3] = bytesToIntBig(in, inOff+12);
-        
-        int i;
-        for (i = 0; i < genericSize; i++)
-        {
-            state[0] ^= roundConstants[i];
-            theta(state, subKeys);
-            pi1(state);
-            gamma(state);
-            pi2(state);            
-        }
-        
-        state[0] ^= roundConstants[i];
-        theta(state, subKeys);
-        
-        intToBytesBig(state[0], out, outOff);
-        intToBytesBig(state[1], out, outOff+4);
-        intToBytesBig(state[2], out, outOff+8);
-        intToBytesBig(state[3], out, outOff+12);
-        
-        return genericSize;
-    }
-    
-    private int decryptBlock(
-                             byte[]  in,
-                             int     inOff,
-                             byte[]  out,
-                             int     outOff)
-    {
-        state[0] = bytesToIntBig(in, inOff);
-        state[1] = bytesToIntBig(in, inOff+4);
-        state[2] = bytesToIntBig(in, inOff+8);
-        state[3] = bytesToIntBig(in, inOff+12);
-        
-        System.arraycopy(subKeys, 0, decryptKeys, 0, subKeys.length);
-        theta(decryptKeys, nullVector);
-        
-        int i;
-        for (i = genericSize; i > 0; i--)
-        {
-            theta(state, decryptKeys);
-            state[0] ^= roundConstants[i];
-            pi1(state);
-            gamma(state);
-            pi2(state);
-        }
-        
-        theta(state, decryptKeys);
-        state[0] ^= roundConstants[i];
-        
-        intToBytesBig(state[0], out, outOff);
-        intToBytesBig(state[1], out, outOff+4);
-        intToBytesBig(state[2], out, outOff+8);
-        intToBytesBig(state[3], out, outOff+12);
-        
-        return genericSize;
-    }
-        
-    private void gamma(int[] a)
-    {
-        a[1] ^= ~a[3] & ~a[2];
-        a[0] ^= a[2] & a[1];
-        
-        int tmp = a[3];
-        a[3]  = a[0];
-        a[0]  = tmp;
-        a[2] ^= a[0]^a[1]^a[3];
-        
-        a[1] ^= ~a[3] & ~a[2];
-        a[0] ^= a[2] & a[1];
-    }
-    
-    private void theta(int[] a, int[] k)
-    {
-        int tmp;
-        
-        tmp   = a[0]^a[2]; 
-        tmp  ^= rotl(tmp,8)^rotl(tmp,24); 
-        a[1] ^= tmp; 
-        a[3] ^= tmp; 
-        
-        for (int i = 0; i < 4; i++)
-        {
-            a[i] ^= k[i];
-        }
-        
-        tmp   = a[1]^a[3]; 
-        tmp  ^= rotl(tmp,8)^rotl(tmp,24); 
-        a[0] ^= tmp; 
-        a[2] ^= tmp;
-    }
-    
-    private void pi1(int[] a)
-    {
-        a[1] = rotl(a[1], 1);
-        a[2] = rotl(a[2], 5);
-        a[3] = rotl(a[3], 2);
-    }
-    
-    private void pi2(int[] a)
-    {
-        a[1] = rotl(a[1], 31);
-        a[2] = rotl(a[2], 27);
-        a[3] = rotl(a[3], 30);
-    }
-    
-    // Helpers
-    
-    private int bytesToIntBig(byte[] in, int off)
-    {
-        return ((in[off++]) << 24) |
-        ((in[off++] & 0xff) << 16) |
-        ((in[off++] & 0xff) <<  8) |
-         (in[off  ] & 0xff);
-    }
-    
-    private void intToBytesBig(int x, byte[] out, int off)
-    {
-        out[off++] = (byte)(x >>> 24);
-        out[off++] = (byte)(x >>> 16);
-        out[off++] = (byte)(x >>>  8);
-        out[off  ] = (byte)x;
-    }
-    
-    private int rotl(int x, int y)
-    {
-        return (x << y) | (x >>> (32-y));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/NullEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/NullEngine.java
deleted file mode 100644
index 1ad2c9d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/NullEngine.java
+++ /dev/null

@@ -1,96 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-
-/**
- * The no-op engine that just copies bytes through, irrespective of whether encrypting and decrypting.
- * Provided for the sake of completeness.
- */
-public class NullEngine implements BlockCipher
-{
-    private boolean initialised;
-    protected static final int DEFAULT_BLOCK_SIZE = 1;
-    private final int blockSize;
-
-    /**
-     * Constructs a null engine with a block size of 1 byte.
-     */
-    public NullEngine()
-    {
-        this(DEFAULT_BLOCK_SIZE);
-    }
-
-    /**
-     * Constructs a null engine with a specific block size.
-     * 
-     * @param blockSize the block size in bytes.
-     */
-    public NullEngine(int blockSize)
-    {
-        this.blockSize = blockSize;
-    }
-
-    /* (non-Javadoc)
-     * @see org.bouncycastle.crypto.BlockCipher#init(boolean, org.bouncycastle.crypto.CipherParameters)
-     */
-    public void init(boolean forEncryption, CipherParameters params) throws IllegalArgumentException
-    {
-        // we don't mind any parameters that may come in
-        this.initialised = true;
-    }
-
-    /* (non-Javadoc)
-     * @see org.bouncycastle.crypto.BlockCipher#getAlgorithmName()
-     */
-    public String getAlgorithmName()
-    {
-        return "Null";
-    }
-
-    /* (non-Javadoc)
-     * @see org.bouncycastle.crypto.BlockCipher#getBlockSize()
-     */
-    public int getBlockSize()
-    {
-        return blockSize;
-    }
-
-    /* (non-Javadoc)
-     * @see org.bouncycastle.crypto.BlockCipher#processBlock(byte[], int, byte[], int)
-     */
-    public int processBlock(byte[] in, int inOff, byte[] out, int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        if (!initialised)
-        {
-            throw new IllegalStateException("Null engine not initialised");
-        }
-        if ((inOff + blockSize) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-
-        if ((outOff + blockSize) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-
-        for (int i = 0; i < blockSize; ++i)
-        {
-            out[outOff + i] = in[inOff + i];
-        }
-
-        return blockSize;
-    }
-
-    /* (non-Javadoc)
-     * @see org.bouncycastle.crypto.BlockCipher#reset()
-     */
-    public void reset()
-    {
-        // nothing needs to be done
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/OldIESEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/OldIESEngine.java
deleted file mode 100644
index 48ecbe3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/OldIESEngine.java
+++ /dev/null

@@ -1,61 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.BasicAgreement;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.DerivationFunction;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.util.Pack;
-
-/**
- * Support class for constructing integrated encryption ciphers
- * for doing basic message exchanges on top of key agreement ciphers.
- * Follows the description given in IEEE Std 1363a.
- */
-public class OldIESEngine
-    extends IESEngine
-{
-    /**
-     * set up for use with stream mode, where the key derivation function
-     * is used to provide a stream of bytes to xor with the message.
-     *
-     * @param agree the key agreement used as the basis for the encryption
-     * @param kdf   the key derivation function used for byte generation
-     * @param mac   the message authentication code generator for the message
-     */
-    public OldIESEngine(
-        BasicAgreement agree,
-        DerivationFunction kdf,
-        Mac mac)
-    {
-        super(agree, kdf, mac);
-    }
-
-
-    /**
-     * set up for use in conjunction with a block cipher to handle the
-     * message.
-     *
-     * @param agree  the key agreement used as the basis for the encryption
-     * @param kdf    the key derivation function used for byte generation
-     * @param mac    the message authentication code generator for the message
-     * @param cipher the cipher to used for encrypting the message
-     */
-    public OldIESEngine(
-        BasicAgreement agree,
-        DerivationFunction kdf,
-        Mac mac,
-        BufferedBlockCipher cipher)
-    {
-        super(agree, kdf, mac, cipher);
-    }
-
-    protected byte[] getLengthTag(byte[] p2)
-    {
-        byte[] L2 = new byte[4];
-        if (p2 != null)
-        {
-            Pack.intToBigEndian(p2.length * 8, L2, 0);
-        }
-        return L2;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/RC2WrapEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/RC2WrapEngine.java
deleted file mode 100644
index 52bc031..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/RC2WrapEngine.java
+++ /dev/null

@@ -1,378 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.Wrapper;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.util.DigestFactory;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Wrap keys according to RFC 3217 - RC2 mechanism
- */
-public class RC2WrapEngine
-    implements Wrapper
-{
-   /** Field engine */
-   private CBCBlockCipher engine;
-
-   /** Field param */
-   private CipherParameters param;
-
-   /** Field paramPlusIV */
-   private ParametersWithIV paramPlusIV;
-
-   /** Field iv */
-   private byte[] iv;
-
-   /** Field forWrapping */
-   private boolean forWrapping;
-   
-   private SecureRandom sr;
-
-   /** Field IV2           */
-   private static final byte[] IV2 = { (byte) 0x4a, (byte) 0xdd, (byte) 0xa2,
-                                       (byte) 0x2c, (byte) 0x79, (byte) 0xe8,
-                                       (byte) 0x21, (byte) 0x05 };
-
-    //
-    // checksum digest
-    //
-    Digest  sha1 = DigestFactory.createSHA1();
-    byte[]  digest = new byte[20];
-
-   /**
-    * Method init
-    *
-    * @param forWrapping true if for wrapping, false for unwrap.
-    * @param param parameters for wrap/unwrapping (iv required for unwrap).
-    */
-   public void init(boolean forWrapping, CipherParameters param)
-   {
-        this.forWrapping = forWrapping;
-        this.engine = new CBCBlockCipher(new RC2Engine());
-
-        if (param instanceof ParametersWithRandom)
-        {
-            ParametersWithRandom pWithR = (ParametersWithRandom)param;
-            sr = pWithR.getRandom();
-            param = pWithR.getParameters();
-        }
-        else
-        {
-            sr = CryptoServicesRegistrar.getSecureRandom();
-        }
-        
-        if (param instanceof ParametersWithIV)
-        {
-            this.paramPlusIV = (ParametersWithIV)param;
-            this.iv = this.paramPlusIV.getIV();
-            this.param = this.paramPlusIV.getParameters();
-
-            if (this.forWrapping)
-            {
-                if ((this.iv == null) || (this.iv.length != 8))
-                {
-                    throw new IllegalArgumentException("IV is not 8 octets");
-                }
-            }
-            else
-            {
-                throw new IllegalArgumentException(
-                        "You should not supply an IV for unwrapping");
-            }
-        }
-        else
-        {
-            this.param = param;
-
-            if (this.forWrapping)
-            {
-
-                // Hm, we have no IV but we want to wrap ?!?
-                // well, then we have to create our own IV.
-                this.iv = new byte[8];
-
-                sr.nextBytes(iv);
-
-                this.paramPlusIV = new ParametersWithIV(this.param, this.iv);
-            }
-        }
-
-   }
-
-   /**
-    * Method getAlgorithmName
-    *
-    * @return the algorithm name "RC2".
-    */
-   public String getAlgorithmName() 
-   {
-      return "RC2";
-   }
-
-   /**
-    * Method wrap
-    *
-    * @param in byte array containing the key.
-    * @param inOff offset into in array that the key data starts at.
-    * @param inLen length of key data.
-    * @return the wrapped bytes.
-    */
-   public byte[] wrap(byte[] in, int inOff, int inLen)
-    {
-
-        if (!forWrapping)
-        {
-            throw new IllegalStateException("Not initialized for wrapping");
-        }
-
-        int length = inLen + 1;
-        if ((length % 8) != 0)
-        {
-            length += 8 - (length % 8);
-        }
-
-        byte keyToBeWrapped[] = new byte[length];
-
-        keyToBeWrapped[0] = (byte)inLen;
-        System.arraycopy(in, inOff, keyToBeWrapped, 1, inLen);
-        
-        byte[] pad = new byte[keyToBeWrapped.length - inLen - 1];
-
-        if (pad.length > 0)
-        {
-            sr.nextBytes(pad);
-            System.arraycopy(pad, 0, keyToBeWrapped, inLen + 1, pad.length);
-        }
-
-        // Compute the CMS Key Checksum, (section 5.6.1), call this CKS.
-        byte[] CKS = calculateCMSKeyChecksum(keyToBeWrapped);
-
-        // Let WKCKS = WK || CKS where || is concatenation.
-        byte[] WKCKS = new byte[keyToBeWrapped.length + CKS.length];
-
-        System.arraycopy(keyToBeWrapped, 0, WKCKS, 0, keyToBeWrapped.length);
-        System.arraycopy(CKS, 0, WKCKS, keyToBeWrapped.length, CKS.length);
-
-        // Encrypt WKCKS in CBC mode using KEK as the key and IV as the
-        // initialization vector. Call the results TEMP1.
-        byte TEMP1[] = new byte[WKCKS.length];
-
-        System.arraycopy(WKCKS, 0, TEMP1, 0, WKCKS.length);
-
-        int noOfBlocks = WKCKS.length / engine.getBlockSize();
-        int extraBytes = WKCKS.length % engine.getBlockSize();
-
-        if (extraBytes != 0)
-        {
-            throw new IllegalStateException("Not multiple of block length");
-        }
-
-        engine.init(true, paramPlusIV);
-
-        for (int i = 0; i < noOfBlocks; i++)
-        {
-            int currentBytePos = i * engine.getBlockSize();
-
-            engine.processBlock(TEMP1, currentBytePos, TEMP1, currentBytePos);
-        }
-
-        // Left TEMP2 = IV || TEMP1.
-        byte[] TEMP2 = new byte[this.iv.length + TEMP1.length];
-
-        System.arraycopy(this.iv, 0, TEMP2, 0, this.iv.length);
-        System.arraycopy(TEMP1, 0, TEMP2, this.iv.length, TEMP1.length);
-
-        // Reverse the order of the octets in TEMP2 and call the result TEMP3.
-        byte[] TEMP3 = new byte[TEMP2.length];
-
-        for (int i = 0; i < TEMP2.length; i++)
-        {
-            TEMP3[i] = TEMP2[TEMP2.length - (i + 1)];
-        }
-
-        // Encrypt TEMP3 in CBC mode using the KEK and an initialization vector
-        // of 0x 4a dd a2 2c 79 e8 21 05. The resulting cipher text is the
-        // desired
-        // result. It is 40 octets long if a 168 bit key is being wrapped.
-        ParametersWithIV param2 = new ParametersWithIV(this.param, IV2);
-
-        this.engine.init(true, param2);
-
-        for (int i = 0; i < noOfBlocks + 1; i++)
-        {
-            int currentBytePos = i * engine.getBlockSize();
-
-            engine.processBlock(TEMP3, currentBytePos, TEMP3, currentBytePos);
-        }
-
-        return TEMP3;
-   }
-
-   /**
-    * Method unwrap
-    *
-    * @param in byte array containing the wrapped key.
-    * @param inOff offset into in array that the wrapped key starts at.
-    * @param inLen length of wrapped key data.
-    * @return the unwrapped bytes.
-    * @throws InvalidCipherTextException
-    */
-   public byte[] unwrap(byte[] in, int inOff, int inLen)
-            throws InvalidCipherTextException
-    {
-
-        if (forWrapping)
-        {
-            throw new IllegalStateException("Not set for unwrapping");
-        }
-
-        if (in == null)
-        {
-            throw new InvalidCipherTextException("Null pointer as ciphertext");
-        }
-
-        if (inLen % engine.getBlockSize() != 0)
-        {
-            throw new InvalidCipherTextException("Ciphertext not multiple of "
-                    + engine.getBlockSize());
-        }
-
-        /*
-         * // Check if the length of the cipher text is reasonable given the key //
-         * type. It must be 40 bytes for a 168 bit key and either 32, 40, or //
-         * 48 bytes for a 128, 192, or 256 bit key. If the length is not
-         * supported // or inconsistent with the algorithm for which the key is
-         * intended, // return error. // // we do not accept 168 bit keys. it
-         * has to be 192 bit. int lengthA = (estimatedKeyLengthInBit / 8) + 16;
-         * int lengthB = estimatedKeyLengthInBit % 8;
-         * 
-         * if ((lengthA != keyToBeUnwrapped.length) || (lengthB != 0)) { throw
-         * new XMLSecurityException("empty"); }
-         */
-
-        // Decrypt the cipher text with TRIPLedeS in CBC mode using the KEK
-        // and an initialization vector (IV) of 0x4adda22c79e82105. Call the
-        // output TEMP3.
-        ParametersWithIV param2 = new ParametersWithIV(this.param, IV2);
-
-        this.engine.init(false, param2);
-
-        byte TEMP3[] = new byte[inLen];
-
-        System.arraycopy(in, inOff, TEMP3, 0, inLen);
-
-        for (int i = 0; i < (TEMP3.length / engine.getBlockSize()); i++)
-        {
-            int currentBytePos = i * engine.getBlockSize();
-
-            engine.processBlock(TEMP3, currentBytePos, TEMP3, currentBytePos);
-        }
-
-        // Reverse the order of the octets in TEMP3 and call the result TEMP2.
-        byte[] TEMP2 = new byte[TEMP3.length];
-
-        for (int i = 0; i < TEMP3.length; i++)
-        {
-            TEMP2[i] = TEMP3[TEMP3.length - (i + 1)];
-        }
-
-        // Decompose TEMP2 into IV, the first 8 octets, and TEMP1, the remaining
-        // octets.
-        this.iv = new byte[8];
-
-        byte[] TEMP1 = new byte[TEMP2.length - 8];
-
-        System.arraycopy(TEMP2, 0, this.iv, 0, 8);
-        System.arraycopy(TEMP2, 8, TEMP1, 0, TEMP2.length - 8);
-
-        // Decrypt TEMP1 using TRIPLedeS in CBC mode using the KEK and the IV
-        // found in the previous step. Call the result WKCKS.
-        this.paramPlusIV = new ParametersWithIV(this.param, this.iv);
-
-        this.engine.init(false, this.paramPlusIV);
-
-        byte[] LCEKPADICV = new byte[TEMP1.length];
-
-        System.arraycopy(TEMP1, 0, LCEKPADICV, 0, TEMP1.length);
-
-        for (int i = 0; i < (LCEKPADICV.length / engine.getBlockSize()); i++)
-        {
-            int currentBytePos = i * engine.getBlockSize();
-
-            engine.processBlock(LCEKPADICV, currentBytePos, LCEKPADICV,
-                    currentBytePos);
-        }
-
-        // Decompose LCEKPADICV. CKS is the last 8 octets and WK, the wrapped
-        // key, are
-        // those octets before the CKS.
-        byte[] result = new byte[LCEKPADICV.length - 8];
-        byte[] CKStoBeVerified = new byte[8];
-
-        System.arraycopy(LCEKPADICV, 0, result, 0, LCEKPADICV.length - 8);
-        System.arraycopy(LCEKPADICV, LCEKPADICV.length - 8, CKStoBeVerified, 0,
-                8);
-
-        // Calculate a CMS Key Checksum, (section 5.6.1), over the WK and
-        // compare
-        // with the CKS extracted in the above step. If they are not equal,
-        // return error.
-        if (!checkCMSKeyChecksum(result, CKStoBeVerified))
-        {
-            throw new InvalidCipherTextException(
-                    "Checksum inside ciphertext is corrupted");
-        }
-
-        if ((result.length - ((result[0] & 0xff) + 1)) > 7)
-        {
-            throw new InvalidCipherTextException("too many pad bytes ("
-                    + (result.length - ((result[0] & 0xff) + 1)) + ")");
-        }
-
-        // CEK is the wrapped key, now extracted for use in data decryption.
-        byte[] CEK = new byte[result[0]];
-        System.arraycopy(result, 1, CEK, 0, CEK.length);
-        return CEK;
-    }
-
-    /*
-     * Some key wrap algorithms make use of the Key Checksum defined
-     * in CMS [CMS-Algorithms]. This is used to provide an integrity
-     * check value for the key being wrapped. The algorithm is
-     *
-     * - Compute the 20 octet SHA-1 hash on the key being wrapped.
-     * - Use the first 8 octets of this hash as the checksum value.
-     *
-     * For details see  http://www.w3.org/TR/xmlenc-core/#sec-CMSKeyChecksum
-     */
-    private byte[] calculateCMSKeyChecksum(
-        byte[] key)
-    {
-        byte[]  result = new byte[8];
-
-        sha1.update(key, 0, key.length);
-        sha1.doFinal(digest, 0);
-
-        System.arraycopy(digest, 0, result, 0, 8);
-
-        return result;
-    }
-
-    /*
-     * For details see  http://www.w3.org/TR/xmlenc-core/#sec-CMSKeyChecksum
-     */
-    private boolean checkCMSKeyChecksum(
-        byte[] key,
-        byte[] checksum)
-    {
-        return Arrays.constantTimeAreEqual(calculateCMSKeyChecksum(key), checksum);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/RC532Engine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/RC532Engine.java
deleted file mode 100644
index 9fb6f55..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/RC532Engine.java
+++ /dev/null

@@ -1,287 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.RC5Parameters;
-
-/**
- * The specification for RC5 came from the <code>RC5 Encryption Algorithm</code>
- * publication in RSA CryptoBytes, Spring of 1995. 
- * <em>http://www.rsasecurity.com/rsalabs/cryptobytes</em>.
- * <p>
- * This implementation has a word size of 32 bits.
- * <p>
- * Implementation courtesy of Tito Pena.
- */
-public class RC532Engine
-    implements BlockCipher
-{
-    /*
-     * the number of rounds to perform
-     */
-    private int _noRounds;
-
-    /*
-     * the expanded key array of size 2*(rounds + 1)
-     */
-    private int _S[];
-
-    /*
-     * our "magic constants" for 32 32
-     *
-     * Pw = Odd((e-2) * 2^wordsize)
-     * Qw = Odd((o-2) * 2^wordsize)
-     *
-     * where e is the base of natural logarithms (2.718281828...)
-     * and o is the golden ratio (1.61803398...)
-     */
-    private static final int P32 = 0xb7e15163;
-    private static final int Q32 = 0x9e3779b9;
-
-    private boolean forEncryption;
-
-    /**
-     * Create an instance of the RC5 encryption algorithm
-     * and set some defaults
-     */
-    public RC532Engine()
-    {
-        _noRounds     = 12;         // the default
-        _S            = null;
-    }
-
-    public String getAlgorithmName()
-    {
-        return "RC5-32";
-    }
-
-    public int getBlockSize()
-    {
-        return 2 * 4;
-    }
-
-    /**
-     * initialise a RC5-32 cipher.
-     *
-     * @param forEncryption whether or not we are for encryption.
-     * @param params the parameters required to set up the cipher.
-     * @exception IllegalArgumentException if the params argument is
-     * inappropriate.
-     */
-    public void init(
-        boolean             forEncryption,
-        CipherParameters    params)
-    {
-        if (params instanceof RC5Parameters)
-        {
-            RC5Parameters       p = (RC5Parameters)params;
-
-            _noRounds     = p.getRounds();
-
-            setKey(p.getKey());
-        }
-        else if (params instanceof KeyParameter)
-        {
-            KeyParameter       p = (KeyParameter)params;
-
-            setKey(p.getKey());
-        }
-        else
-        {
-            throw new IllegalArgumentException("invalid parameter passed to RC532 init - " + params.getClass().getName());
-        }
-
-        this.forEncryption = forEncryption;
-    }
-
-    public int processBlock(
-        byte[]  in,
-        int     inOff,
-        byte[]  out,
-        int     outOff)
-    {
-        return (forEncryption) ? encryptBlock(in, inOff, out, outOff) 
-                                    : decryptBlock(in, inOff, out, outOff);
-    }
-
-    public void reset()
-    {
-    }
-
-    /**
-     * Re-key the cipher.
-     * <p>
-     * @param  key  the key to be used
-     */
-    private void setKey(
-        byte[]      key)
-    {
-        //
-        // KEY EXPANSION:
-        //
-        // There are 3 phases to the key expansion.
-        //
-        // Phase 1:
-        //   Copy the secret key K[0...b-1] into an array L[0..c-1] of
-        //   c = ceil(b/u), where u = 32/8 in little-endian order.
-        //   In other words, we fill up L using u consecutive key bytes
-        //   of K. Any unfilled byte positions in L are zeroed. In the
-        //   case that b = c = 0, set c = 1 and L[0] = 0.
-        //
-        int[]   L = new int[(key.length + (4 - 1)) / 4];
-
-        for (int i = 0; i != key.length; i++)
-        {
-            L[i / 4] += (key[i] & 0xff) << (8 * (i % 4));
-        }
-
-        //
-        // Phase 2:
-        //   Initialize S to a particular fixed pseudo-random bit pattern
-        //   using an arithmetic progression modulo 2^wordsize determined
-        //   by the magic numbers, Pw & Qw.
-        //
-        _S            = new int[2*(_noRounds + 1)];
-
-        _S[0] = P32;
-        for (int i=1; i < _S.length; i++)
-        {
-            _S[i] = (_S[i-1] + Q32);
-        }
-
-        //
-        // Phase 3:
-        //   Mix in the user's secret key in 3 passes over the arrays S & L.
-        //   The max of the arrays sizes is used as the loop control
-        //
-        int iter;
-
-        if (L.length > _S.length)
-        {
-            iter = 3 * L.length;
-        }
-        else
-        {
-            iter = 3 * _S.length;
-        }
-
-        int A = 0, B = 0;
-        int i = 0, j = 0;
-
-        for (int k = 0; k < iter; k++)
-        {
-            A = _S[i] = rotateLeft(_S[i] + A + B, 3);
-            B =  L[j] = rotateLeft(L[j] + A + B, A+B);
-            i = (i+1) % _S.length;
-            j = (j+1) %  L.length;
-        }
-    }
-
-    /**
-     * Encrypt the given block starting at the given offset and place
-     * the result in the provided buffer starting at the given offset.
-     * <p>
-     * @param  in     in byte buffer containing data to encrypt
-     * @param  inOff  offset into src buffer
-     * @param  out     out buffer where encrypted data is written
-     * @param  outOff  offset into out buffer
-     */
-    private int encryptBlock(
-        byte[]  in,
-        int     inOff,
-        byte[]  out,
-        int     outOff)
-    {
-        int A = bytesToWord(in, inOff) + _S[0];
-        int B = bytesToWord(in, inOff + 4) + _S[1];
-
-        for (int i = 1; i <= _noRounds; i++)
-        {
-            A = rotateLeft(A ^ B, B) + _S[2*i];
-            B = rotateLeft(B ^ A, A) + _S[2*i+1];
-        }
-        
-        wordToBytes(A, out, outOff);
-        wordToBytes(B, out, outOff + 4);
-        
-        return 2 * 4;
-    }
-
-    private int decryptBlock(
-        byte[]  in,
-        int     inOff,
-        byte[]  out,
-        int     outOff)
-    {
-        int A = bytesToWord(in, inOff);
-        int B = bytesToWord(in, inOff + 4);
-
-        for (int i = _noRounds; i >= 1; i--)
-        {
-            B = rotateRight(B - _S[2*i+1], A) ^ A;
-            A = rotateRight(A - _S[2*i],   B) ^ B;
-        }
-        
-        wordToBytes(A - _S[0], out, outOff);
-        wordToBytes(B - _S[1], out, outOff + 4);
-        
-        return 2 * 4;
-    }
-
-    
-    //////////////////////////////////////////////////////////////
-    //
-    // PRIVATE Helper Methods
-    //
-    //////////////////////////////////////////////////////////////
-
-    /**
-     * Perform a left "spin" of the word. The rotation of the given
-     * word <em>x</em> is rotated left by <em>y</em> bits.
-     * Only the <em>lg(32)</em> low-order bits of <em>y</em>
-     * are used to determine the rotation amount. Here it is 
-     * assumed that the wordsize used is a power of 2.
-     * <p>
-     * @param  x  word to rotate
-     * @param  y    number of bits to rotate % 32
-     */
-    private int rotateLeft(int x, int y)
-    {
-        return ((x << (y & (32-1))) | (x >>> (32 - (y & (32-1)))));
-    }
-
-    /**
-     * Perform a right "spin" of the word. The rotation of the given
-     * word <em>x</em> is rotated left by <em>y</em> bits.
-     * Only the <em>lg(32)</em> low-order bits of <em>y</em>
-     * are used to determine the rotation amount. Here it is 
-     * assumed that the wordsize used is a power of 2.
-     * <p>
-     * @param  x  word to rotate
-     * @param  y    number of bits to rotate % 32
-     */
-    private int rotateRight(int x, int y)
-    {
-        return ((x >>> (y & (32-1))) | (x << (32 - (y & (32-1)))));
-    }
-
-    private int bytesToWord(
-        byte[]  src,
-        int     srcOff)
-    {
-        return (src[srcOff] & 0xff) | ((src[srcOff + 1] & 0xff) << 8)
-            | ((src[srcOff + 2] & 0xff) << 16) | ((src[srcOff + 3] & 0xff) << 24);
-    }
-
-    private void wordToBytes(
-        int    word,
-        byte[]  dst,
-        int     dstOff)
-    {
-        dst[dstOff] = (byte)word;
-        dst[dstOff + 1] = (byte)(word >> 8);
-        dst[dstOff + 2] = (byte)(word >> 16);
-        dst[dstOff + 3] = (byte)(word >> 24);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/RC564Engine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/RC564Engine.java
deleted file mode 100644
index 2121a4b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/RC564Engine.java
+++ /dev/null

@@ -1,288 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.params.RC5Parameters;
-
-/**
- * The specification for RC5 came from the <code>RC5 Encryption Algorithm</code>
- * publication in RSA CryptoBytes, Spring of 1995. 
- * <em>http://www.rsasecurity.com/rsalabs/cryptobytes</em>.
- * <p>
- * This implementation is set to work with a 64 bit word size.
- * <p>
- * Implementation courtesy of Tito Pena.
- */
-public class RC564Engine
-    implements BlockCipher
-{
-    private static final int wordSize = 64;
-    private static final int bytesPerWord = wordSize / 8;
-
-    /*
-     * the number of rounds to perform
-     */
-    private int _noRounds;
-
-    /*
-     * the expanded key array of size 2*(rounds + 1)
-     */
-    private long _S[];
-
-    /*
-     * our "magic constants" for wordSize 62
-     *
-     * Pw = Odd((e-2) * 2^wordsize)
-     * Qw = Odd((o-2) * 2^wordsize)
-     *
-     * where e is the base of natural logarithms (2.718281828...)
-     * and o is the golden ratio (1.61803398...)
-     */
-    private static final long P64 = 0xb7e151628aed2a6bL;
-    private static final long Q64 = 0x9e3779b97f4a7c15L;
-
-    private boolean forEncryption;
-
-    /**
-     * Create an instance of the RC5 encryption algorithm
-     * and set some defaults
-     */
-    public RC564Engine()
-    {
-        _noRounds     = 12;
-        _S            = null;
-    }
-
-    public String getAlgorithmName()
-    {
-        return "RC5-64";
-    }
-
-    public int getBlockSize()
-    {
-        return 2 * bytesPerWord;
-    }
-
-    /**
-     * initialise a RC5-64 cipher.
-     *
-     * @param forEncryption whether or not we are for encryption.
-     * @param params the parameters required to set up the cipher.
-     * @exception IllegalArgumentException if the params argument is
-     * inappropriate.
-     */
-    public void init(
-        boolean             forEncryption,
-        CipherParameters    params)
-    {
-        if (!(params instanceof RC5Parameters))
-        {
-            throw new IllegalArgumentException("invalid parameter passed to RC564 init - " + params.getClass().getName());
-        }
-
-        RC5Parameters       p = (RC5Parameters)params;
-
-        this.forEncryption = forEncryption;
-
-        _noRounds     = p.getRounds();
-
-        setKey(p.getKey());
-    }
-
-    public int processBlock(
-        byte[]  in,
-        int     inOff,
-        byte[]  out,
-        int     outOff)
-    {
-        return (forEncryption) ? encryptBlock(in, inOff, out, outOff) 
-                                    : decryptBlock(in, inOff, out, outOff);
-    }
-
-    public void reset()
-    {
-    }
-
-    /**
-     * Re-key the cipher.
-     * <p>
-     * @param  key  the key to be used
-     */
-    private void setKey(
-        byte[]      key)
-    {
-        //
-        // KEY EXPANSION:
-        //
-        // There are 3 phases to the key expansion.
-        //
-        // Phase 1:
-        //   Copy the secret key K[0...b-1] into an array L[0..c-1] of
-        //   c = ceil(b/u), where u = wordSize/8 in little-endian order.
-        //   In other words, we fill up L using u consecutive key bytes
-        //   of K. Any unfilled byte positions in L are zeroed. In the
-        //   case that b = c = 0, set c = 1 and L[0] = 0.
-        //
-        long[]   L = new long[(key.length + (bytesPerWord - 1)) / bytesPerWord];
-
-        for (int i = 0; i != key.length; i++)
-        {
-            L[i / bytesPerWord] += (long)(key[i] & 0xff) << (8 * (i % bytesPerWord));
-        }
-
-        //
-        // Phase 2:
-        //   Initialize S to a particular fixed pseudo-random bit pattern
-        //   using an arithmetic progression modulo 2^wordsize determined
-        //   by the magic numbers, Pw & Qw.
-        //
-        _S            = new long[2*(_noRounds + 1)];
-
-        _S[0] = P64;
-        for (int i=1; i < _S.length; i++)
-        {
-            _S[i] = (_S[i-1] + Q64);
-        }
-
-        //
-        // Phase 3:
-        //   Mix in the user's secret key in 3 passes over the arrays S & L.
-        //   The max of the arrays sizes is used as the loop control
-        //
-        int iter;
-
-        if (L.length > _S.length)
-        {
-            iter = 3 * L.length;
-        }
-        else
-        {
-            iter = 3 * _S.length;
-        }
-
-        long A = 0, B = 0;
-        int i = 0, j = 0;
-
-        for (int k = 0; k < iter; k++)
-        {
-            A = _S[i] = rotateLeft(_S[i] + A + B, 3);
-            B =  L[j] = rotateLeft(L[j] + A + B, A+B);
-            i = (i+1) % _S.length;
-            j = (j+1) %  L.length;
-        }
-    }
-
-    /**
-     * Encrypt the given block starting at the given offset and place
-     * the result in the provided buffer starting at the given offset.
-     * <p>
-     * @param  in      in byte buffer containing data to encrypt
-     * @param  inOff   offset into src buffer
-     * @param  out     out buffer where encrypted data is written
-     * @param  outOff  offset into out buffer
-     */
-    private int encryptBlock(
-        byte[]  in,
-        int     inOff,
-        byte[]  out,
-        int     outOff)
-    {
-        long A = bytesToWord(in, inOff) + _S[0];
-        long B = bytesToWord(in, inOff + bytesPerWord) + _S[1];
-
-        for (int i = 1; i <= _noRounds; i++)
-        {
-            A = rotateLeft(A ^ B, B) + _S[2*i];
-            B = rotateLeft(B ^ A, A) + _S[2*i+1];
-        }
-        
-        wordToBytes(A, out, outOff);
-        wordToBytes(B, out, outOff + bytesPerWord);
-        
-        return 2 * bytesPerWord;
-    }
-
-    private int decryptBlock(
-        byte[]  in,
-        int     inOff,
-        byte[]  out,
-        int     outOff)
-    {
-        long A = bytesToWord(in, inOff);
-        long B = bytesToWord(in, inOff + bytesPerWord);
-
-        for (int i = _noRounds; i >= 1; i--)
-        {
-            B = rotateRight(B - _S[2*i+1], A) ^ A;
-            A = rotateRight(A - _S[2*i],   B) ^ B;
-        }
-        
-        wordToBytes(A - _S[0], out, outOff);
-        wordToBytes(B - _S[1], out, outOff + bytesPerWord);
-        
-        return 2 * bytesPerWord;
-    }
-
-    
-    //////////////////////////////////////////////////////////////
-    //
-    // PRIVATE Helper Methods
-    //
-    //////////////////////////////////////////////////////////////
-
-    /**
-     * Perform a left "spin" of the word. The rotation of the given
-     * word <em>x</em> is rotated left by <em>y</em> bits.
-     * Only the <em>lg(wordSize)</em> low-order bits of <em>y</em>
-     * are used to determine the rotation amount. Here it is 
-     * assumed that the wordsize used is a power of 2.
-     * <p>
-     * @param  x  word to rotate
-     * @param  y    number of bits to rotate % wordSize
-     */
-    private long rotateLeft(long x, long y)
-    {
-        return ((x << (y & (wordSize-1))) | (x >>> (wordSize - (y & (wordSize-1)))));
-    }
-
-    /**
-     * Perform a right "spin" of the word. The rotation of the given
-     * word <em>x</em> is rotated left by <em>y</em> bits.
-     * Only the <em>lg(wordSize)</em> low-order bits of <em>y</em>
-     * are used to determine the rotation amount. Here it is 
-     * assumed that the wordsize used is a power of 2.
-     * <p>
-     * @param  x  word to rotate
-     * @param  y    number of bits to rotate % wordSize
-     */
-    private long rotateRight(long x, long y)
-    {
-        return ((x >>> (y & (wordSize-1))) | (x << (wordSize - (y & (wordSize-1)))));
-    }
-
-    private long bytesToWord(
-        byte[]  src,
-        int     srcOff)
-    {
-        long    word = 0;
-
-        for (int i = bytesPerWord - 1; i >= 0; i--)
-        {
-            word = (word << 8) + (src[i + srcOff] & 0xff);
-        }
-
-        return word;
-    }
-
-    private void wordToBytes(
-        long    word,
-        byte[]  dst,
-        int     dstOff)
-    {
-        for (int i = 0; i < bytesPerWord; i++)
-        {
-            dst[i + dstOff] = (byte)word;
-            word >>>= 8;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/RC6Engine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/RC6Engine.java
deleted file mode 100644
index bbf5d30..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/RC6Engine.java
+++ /dev/null

@@ -1,363 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.KeyParameter;
-
-/**
- * An RC6 engine.
- */
-public class RC6Engine
-    implements BlockCipher
-{
-    private static final int wordSize = 32;
-    private static final int bytesPerWord = wordSize / 8;
-
-    /*
-     * the number of rounds to perform
-     */
-    private static final int _noRounds = 20;
-
-    /*
-     * the expanded key array of size 2*(rounds + 1)
-     */
-    private int _S[];
-
-    /*
-     * our "magic constants" for wordSize 32
-     *
-     * Pw = Odd((e-2) * 2^wordsize)
-     * Qw = Odd((o-2) * 2^wordsize)
-     *
-     * where e is the base of natural logarithms (2.718281828...)
-     * and o is the golden ratio (1.61803398...)
-     */
-    private static final int    P32 = 0xb7e15163;
-    private static final int    Q32 = 0x9e3779b9;
-
-    private static final int    LGW = 5;        // log2(32)
-
-    private boolean forEncryption;
-
-    /**
-     * Create an instance of the RC6 encryption algorithm
-     * and set some defaults
-     */
-    public RC6Engine()
-    {
-        _S            = null;
-    }
-
-    public String getAlgorithmName()
-    {
-        return "RC6";
-    }
-
-    public int getBlockSize()
-    {
-        return 4 * bytesPerWord;
-    }
-
-    /**
-     * initialise a RC5-32 cipher.
-     *
-     * @param forEncryption whether or not we are for encryption.
-     * @param params the parameters required to set up the cipher.
-     * @exception IllegalArgumentException if the params argument is
-     * inappropriate.
-     */
-    public void init(
-        boolean             forEncryption,
-        CipherParameters    params)
-    {
-        if (!(params instanceof KeyParameter))
-        {
-            throw new IllegalArgumentException("invalid parameter passed to RC6 init - " + params.getClass().getName());
-        }
-
-        KeyParameter       p = (KeyParameter)params;
-        this.forEncryption = forEncryption;
-        setKey(p.getKey());
-    }
-
-    public int processBlock(
-        byte[]  in,
-        int     inOff,
-        byte[]  out,
-        int     outOff)
-    {
-        int blockSize = getBlockSize();
-        if (_S == null)
-        {
-            throw new IllegalStateException("RC6 engine not initialised");
-        }
-        if ((inOff + blockSize) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-        if ((outOff + blockSize) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-
-        return (forEncryption)
-            ?   encryptBlock(in, inOff, out, outOff) 
-            :   decryptBlock(in, inOff, out, outOff);
-    }
-
-    public void reset()
-    {
-    }
-
-    /**
-     * Re-key the cipher.
-     * <p>
-     * @param  key  the key to be used
-     */
-    private void setKey(
-        byte[]      key)
-    {
-
-        //
-        // KEY EXPANSION:
-        //
-        // There are 3 phases to the key expansion.
-        //
-        // Phase 1:
-        //   Copy the secret key K[0...b-1] into an array L[0..c-1] of
-        //   c = ceil(b/u), where u = wordSize/8 in little-endian order.
-        //   In other words, we fill up L using u consecutive key bytes
-        //   of K. Any unfilled byte positions in L are zeroed. In the
-        //   case that b = c = 0, set c = 1 and L[0] = 0.
-        //
-        // compute number of dwords
-        int c = (key.length + (bytesPerWord - 1)) / bytesPerWord;
-        if (c == 0)
-        {
-            c = 1;
-        }
-        int[]   L = new int[(key.length + bytesPerWord - 1) / bytesPerWord];
-
-        // load all key bytes into array of key dwords
-        for (int i = key.length - 1; i >= 0; i--)
-        {
-            L[i / bytesPerWord] = (L[i / bytesPerWord] << 8) + (key[i] & 0xff);
-        }
-
-        //
-        // Phase 2:
-        //   Key schedule is placed in a array of 2+2*ROUNDS+2 = 44 dwords.
-        //   Initialize S to a particular fixed pseudo-random bit pattern
-        //   using an arithmetic progression modulo 2^wordsize determined
-        //   by the magic numbers, Pw & Qw.
-        //
-        _S            = new int[2+2*_noRounds+2];
-
-        _S[0] = P32;
-        for (int i=1; i < _S.length; i++)
-        {
-            _S[i] = (_S[i-1] + Q32);
-        }
-
-        //
-        // Phase 3:
-        //   Mix in the user's secret key in 3 passes over the arrays S & L.
-        //   The max of the arrays sizes is used as the loop control
-        //
-        int iter;
-
-        if (L.length > _S.length)
-        {
-            iter = 3 * L.length;
-        }
-        else
-        {
-            iter = 3 * _S.length;
-        }
-
-        int A = 0;
-        int B = 0;
-        int i = 0, j = 0;
-
-        for (int k = 0; k < iter; k++)
-        {
-            A = _S[i] = rotateLeft(_S[i] + A + B, 3);
-            B =  L[j] = rotateLeft(L[j] + A + B, A+B);
-            i = (i+1) % _S.length;
-            j = (j+1) %  L.length;
-        }
-    }
-
-    private int encryptBlock(
-        byte[]  in,
-        int     inOff,
-        byte[]  out,
-        int     outOff)
-    {
-        // load A,B,C and D registers from in.
-        int A = bytesToWord(in, inOff);
-        int B = bytesToWord(in, inOff + bytesPerWord);
-        int C = bytesToWord(in, inOff + bytesPerWord*2);
-        int D = bytesToWord(in, inOff + bytesPerWord*3);
-        
-        // Do pseudo-round #0: pre-whitening of B and D
-        B += _S[0];
-        D += _S[1];
-
-        // perform round #1,#2 ... #ROUNDS of encryption 
-        for (int i = 1; i <= _noRounds; i++)
-        {
-            int t = 0,u = 0;
-            
-            t = B*(2*B+1);
-            t = rotateLeft(t,5);
-            
-            u = D*(2*D+1);
-            u = rotateLeft(u,5);
-            
-            A ^= t;
-            A = rotateLeft(A,u);
-            A += _S[2*i];
-            
-            C ^= u;
-            C = rotateLeft(C,t);
-            C += _S[2*i+1];
-            
-            int temp = A;
-            A = B;
-            B = C;
-            C = D;
-            D = temp;            
-        }
-        // do pseudo-round #(ROUNDS+1) : post-whitening of A and C
-        A += _S[2*_noRounds+2];
-        C += _S[2*_noRounds+3];
-            
-        // store A, B, C and D registers to out        
-        wordToBytes(A, out, outOff);
-        wordToBytes(B, out, outOff + bytesPerWord);
-        wordToBytes(C, out, outOff + bytesPerWord*2);
-        wordToBytes(D, out, outOff + bytesPerWord*3);
-        
-        return 4 * bytesPerWord;
-    }
-
-    private int decryptBlock(
-        byte[]  in,
-        int     inOff,
-        byte[]  out,
-        int     outOff)
-    {
-        // load A,B,C and D registers from out.
-        int A = bytesToWord(in, inOff);
-        int B = bytesToWord(in, inOff + bytesPerWord);
-        int C = bytesToWord(in, inOff + bytesPerWord*2);
-        int D = bytesToWord(in, inOff + bytesPerWord*3);
-
-        // Undo pseudo-round #(ROUNDS+1) : post whitening of A and C 
-        C -= _S[2*_noRounds+3];
-        A -= _S[2*_noRounds+2];
-        
-        // Undo round #ROUNDS, .., #2,#1 of encryption 
-        for (int i = _noRounds; i >= 1; i--)
-        {
-            int t=0,u = 0;
-            
-            int temp = D;
-            D = C;
-            C = B;
-            B = A;
-            A = temp;
-            
-            t = B*(2*B+1);
-            t = rotateLeft(t, LGW);
-            
-            u = D*(2*D+1);
-            u = rotateLeft(u, LGW);
-            
-            C -= _S[2*i+1];
-            C = rotateRight(C,t);
-            C ^= u;
-            
-            A -= _S[2*i];
-            A = rotateRight(A,u);
-            A ^= t;
-            
-        }
-        // Undo pseudo-round #0: pre-whitening of B and D
-        D -= _S[1];
-        B -= _S[0];
-        
-        wordToBytes(A, out, outOff);
-        wordToBytes(B, out, outOff + bytesPerWord);
-        wordToBytes(C, out, outOff + bytesPerWord*2);
-        wordToBytes(D, out, outOff + bytesPerWord*3);
-        
-        return 4 * bytesPerWord;
-    }
-
-    
-    //////////////////////////////////////////////////////////////
-    //
-    // PRIVATE Helper Methods
-    //
-    //////////////////////////////////////////////////////////////
-
-    /**
-     * Perform a left "spin" of the word. The rotation of the given
-     * word <em>x</em> is rotated left by <em>y</em> bits.
-     * Only the <em>lg(wordSize)</em> low-order bits of <em>y</em>
-     * are used to determine the rotation amount. Here it is 
-     * assumed that the wordsize used is 32.
-     * <p>
-     * @param  x  word to rotate
-     * @param  y    number of bits to rotate % wordSize
-     */
-    private int rotateLeft(int x, int y)
-    {
-        return (x << y) | (x >>> -y);
-    }
-
-    /**
-     * Perform a right "spin" of the word. The rotation of the given
-     * word <em>x</em> is rotated left by <em>y</em> bits.
-     * Only the <em>lg(wordSize)</em> low-order bits of <em>y</em>
-     * are used to determine the rotation amount. Here it is 
-     * assumed that the wordsize used is a power of 2.
-     * <p>
-     * @param  x  word to rotate
-     * @param  y    number of bits to rotate % wordSize
-     */
-    private int rotateRight(int x, int y)
-    {
-        return (x >>> y) | (x << -y);
-    }
-
-    private int bytesToWord(
-        byte[]  src,
-        int     srcOff)
-    {
-        int    word = 0;
-
-        for (int i = bytesPerWord - 1; i >= 0; i--)
-        {
-            word = (word << 8) + (src[i + srcOff] & 0xff);
-        }
-
-        return word;
-    }
-
-    private void wordToBytes(
-        int    word,
-        byte[]  dst,
-        int     dstOff)
-    {
-        for (int i = 0; i < bytesPerWord; i++)
-        {
-            dst[i + dstOff] = (byte)word;
-            word >>>= 8;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/RFC3211WrapEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/RFC3211WrapEngine.java
deleted file mode 100644
index 397e75e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/RFC3211WrapEngine.java
+++ /dev/null

@@ -1,202 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.Wrapper;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.util.Arrays;
-
-/**
- * an implementation of the RFC 3211 Key Wrap
- * Specification.
- */
-public class RFC3211WrapEngine
-    implements Wrapper
-{
-    private CBCBlockCipher   engine;
-    private ParametersWithIV param;
-    private boolean          forWrapping;
-    private SecureRandom     rand;
-
-    public RFC3211WrapEngine(BlockCipher engine)
-    {
-        this.engine = new CBCBlockCipher(engine);
-    }
-
-    public void init(
-        boolean          forWrapping,
-        CipherParameters param)
-    {
-        this.forWrapping = forWrapping;
-
-        if (param instanceof ParametersWithRandom)
-        {
-            ParametersWithRandom p = (ParametersWithRandom)param;
-
-            rand = p.getRandom();
-
-            if (!(p.getParameters() instanceof ParametersWithIV))
-            {
-                throw new IllegalArgumentException("RFC3211Wrap requires an IV");
-            }
-
-            this.param = (ParametersWithIV)p.getParameters();
-        }
-        else
-        {
-            if (forWrapping)
-            {
-                rand = CryptoServicesRegistrar.getSecureRandom();
-            }
-
-            if (!(param instanceof ParametersWithIV))
-            {
-                throw new IllegalArgumentException("RFC3211Wrap requires an IV");
-            }
-
-            this.param = (ParametersWithIV)param;
-        }
-    }
-
-    public String getAlgorithmName()
-    {
-        return engine.getUnderlyingCipher().getAlgorithmName() + "/RFC3211Wrap";
-    }
-
-    public byte[] wrap(
-        byte[]  in,
-        int     inOff,
-        int     inLen)
-    {
-        if (!forWrapping)
-        {
-            throw new IllegalStateException("not set for wrapping");
-        }
-
-        if (inLen > 255 || inLen < 0)
-        {
-            throw new IllegalArgumentException("input must be from 0 to 255 bytes");
-        }
-        
-        engine.init(true, param);
-
-        int blockSize = engine.getBlockSize();
-        byte[] cekBlock;
-
-        if (inLen + 4 < blockSize * 2)
-        {
-            cekBlock = new byte[blockSize * 2];
-        }
-        else
-        {
-            cekBlock = new byte[(inLen + 4) % blockSize == 0 ? inLen + 4 : ((inLen + 4) / blockSize + 1) * blockSize];
-        }
-
-        cekBlock[0] = (byte)inLen;
-
-        System.arraycopy(in, inOff, cekBlock, 4, inLen);
-
-        byte[] pad = new byte[cekBlock.length - (inLen + 4)];
-
-        rand.nextBytes(pad);
-        System.arraycopy(pad, 0, cekBlock, inLen + 4, pad.length);
-
-        cekBlock[1] = (byte)~cekBlock[4];
-        cekBlock[2] = (byte)~cekBlock[4 + 1];
-        cekBlock[3] = (byte)~cekBlock[4 + 2];
-        
-        for (int i = 0; i < cekBlock.length; i += blockSize)
-        {
-            engine.processBlock(cekBlock, i, cekBlock, i);
-        }
-
-        for (int i = 0; i < cekBlock.length; i += blockSize)
-        {
-            engine.processBlock(cekBlock, i, cekBlock, i);
-        }
-
-        return cekBlock;
-    }
-
-    public byte[] unwrap(
-        byte[]  in,
-        int     inOff,
-        int     inLen)
-        throws InvalidCipherTextException
-    {
-        if (forWrapping)
-        {
-            throw new IllegalStateException("not set for unwrapping");
-        }
-
-        int blockSize = engine.getBlockSize();
-
-        if (inLen < 2 * blockSize)
-        {
-            throw new InvalidCipherTextException("input too short");
-        }
-        
-        byte[] cekBlock = new byte[inLen];
-        byte[] iv = new byte[blockSize];
-
-        System.arraycopy(in, inOff, cekBlock, 0, inLen);
-        System.arraycopy(in, inOff, iv, 0, iv.length);
-        
-        engine.init(false, new ParametersWithIV(param.getParameters(), iv));
-
-        for (int i = blockSize; i < cekBlock.length; i += blockSize)
-        {
-            engine.processBlock(cekBlock, i, cekBlock, i);    
-        }
-
-        System.arraycopy(cekBlock, cekBlock.length - iv.length, iv, 0, iv.length);
-
-        engine.init(false, new ParametersWithIV(param.getParameters(), iv));
-
-        engine.processBlock(cekBlock, 0, cekBlock, 0);
-
-        engine.init(false, param);
-
-        for (int i = 0; i < cekBlock.length; i += blockSize)
-        {
-            engine.processBlock(cekBlock, i, cekBlock, i);
-        }
-
-        boolean invalidLength = ((cekBlock[0] & 0xff) > cekBlock.length - 4);
-
-        byte[] key;
-        if (invalidLength)
-        {
-            key = new byte[cekBlock.length - 4];
-        }
-        else
-        {
-            key = new byte[cekBlock[0] & 0xff];
-        }
-
-        System.arraycopy(cekBlock, 4, key, 0, key.length);
-        
-        // Note: Using constant time comparison
-        int nonEqual = 0;
-        for (int i = 0; i != 3; i++)
-        {
-            byte check = (byte)~cekBlock[1 + i];
-            nonEqual |= (check ^ cekBlock[4 + i]);
-        }
-
-        Arrays.clear(cekBlock);
-
-        if (nonEqual != 0 | invalidLength)
-        {
-            throw new InvalidCipherTextException("wrapped key corrupted");
-        }
-
-        return key;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/RFC5649WrapEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/RFC5649WrapEngine.java
deleted file mode 100644
index 94d15b7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/RFC5649WrapEngine.java
+++ /dev/null

@@ -1,300 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.Wrapper;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Pack;
-
-/**
- * An implementation of the AES Key Wrap with Padding specification
- * as described in RFC 5649.
- * <p>
- * For details on the specification see:
- * <a href="https://tools.ietf.org/html/rfc5649">https://tools.ietf.org/html/rfc5649</a>
- * </p>
- */
-public class RFC5649WrapEngine
-    implements Wrapper
-{
-    private BlockCipher engine;
-    private KeyParameter param;
-    private boolean forWrapping;
-
-    // The AIV as defined in the RFC
-    private byte[] highOrderIV = {(byte)0xa6, (byte)0x59, (byte)0x59, (byte)0xa6};
-    private byte[] preIV = highOrderIV;
-
-    private byte[] extractedAIV = null;
-
-    public RFC5649WrapEngine(BlockCipher engine)
-    {
-        this.engine = engine;
-    }
-
-    public void init(boolean forWrapping, CipherParameters param)
-    {
-        this.forWrapping = forWrapping;
-
-        if (param instanceof ParametersWithRandom)
-        {
-            param = ((ParametersWithRandom)param).getParameters();
-        }
-
-        if (param instanceof KeyParameter)
-        {
-            this.param = (KeyParameter)param;
-            this.preIV = highOrderIV;
-        }
-        else if (param instanceof ParametersWithIV)
-        {
-            this.preIV = ((ParametersWithIV)param).getIV();
-            this.param = (KeyParameter)((ParametersWithIV)param).getParameters();
-            if (this.preIV.length != 4)
-            {
-                throw new IllegalArgumentException("IV length not equal to 4");
-            }
-        }
-    }
-
-    public String getAlgorithmName()
-    {
-        return engine.getAlgorithmName();
-    }
-
-    /**
-     * Pads the plaintext (i.e., the key to be wrapped)
-     * as per section 4.1 of RFC 5649.
-     *
-     * @param plaintext The key being wrapped.
-     * @return The padded key.
-     */
-    private byte[] padPlaintext(byte[] plaintext)
-    {
-        int plaintextLength = plaintext.length;
-        int numOfZerosToAppend = (8 - (plaintextLength % 8)) % 8;
-        byte[] paddedPlaintext = new byte[plaintextLength + numOfZerosToAppend];
-        System.arraycopy(plaintext, 0, paddedPlaintext, 0, plaintextLength);
-        if (numOfZerosToAppend != 0)
-        {
-            // plaintext (i.e., key to be wrapped) does not have
-            // a multiple of 8 octet blocks so it must be padded
-            byte[] zeros = new byte[numOfZerosToAppend];
-            System.arraycopy(zeros, 0, paddedPlaintext, plaintextLength, numOfZerosToAppend);
-        }
-        return paddedPlaintext;
-    }
-
-    public byte[] wrap(byte[] in, int inOff, int inLen)
-    {
-        if (!forWrapping)
-        {
-            throw new IllegalStateException("not set for wrapping");
-        }
-        byte[] iv = new byte[8];
-
-        // MLI = size of key to be wrapped
-        byte[] mli = Pack.intToBigEndian(inLen);
-        // copy in the fixed portion of the AIV
-        System.arraycopy(preIV, 0, iv, 0, preIV.length);
-        // copy in the MLI after the AIV
-        System.arraycopy(mli, 0, iv, preIV.length, mli.length);
-
-        // get the relevant plaintext to be wrapped
-        byte[] relevantPlaintext = new byte[inLen];
-        System.arraycopy(in, inOff, relevantPlaintext, 0, inLen);
-        byte[] paddedPlaintext = padPlaintext(relevantPlaintext);
-
-        if (paddedPlaintext.length == 8)
-        {
-            // if the padded plaintext contains exactly 8 octets,
-            // then prepend iv and encrypt using AES in ECB mode.
-
-            // prepend the IV to the plaintext
-            byte[] paddedPlainTextWithIV = new byte[paddedPlaintext.length + iv.length];
-            System.arraycopy(iv, 0, paddedPlainTextWithIV, 0, iv.length);
-            System.arraycopy(paddedPlaintext, 0, paddedPlainTextWithIV, iv.length, paddedPlaintext.length);
-
-            engine.init(true, param);
-            for (int i = 0; i < paddedPlainTextWithIV.length; i += engine.getBlockSize())
-            {
-                engine.processBlock(paddedPlainTextWithIV, i, paddedPlainTextWithIV, i);
-            }
-
-            return paddedPlainTextWithIV;
-        }
-        else
-        {
-            // otherwise, apply the RFC 3394 wrap to
-            // the padded plaintext with the new IV
-            Wrapper wrapper = new RFC3394WrapEngine(engine);
-            ParametersWithIV paramsWithIV = new ParametersWithIV(param, iv);
-            wrapper.init(true, paramsWithIV);
-            return wrapper.wrap(paddedPlaintext, 0, paddedPlaintext.length);
-        }
-
-    }
-
-    public byte[] unwrap(byte[] in, int inOff, int inLen)
-        throws InvalidCipherTextException
-    {
-        if (forWrapping)
-        {
-            throw new IllegalStateException("not set for unwrapping");
-        }
-
-        int n = inLen / 8;
-
-        if ((n * 8) != inLen)
-        {
-            throw new InvalidCipherTextException("unwrap data must be a multiple of 8 bytes");
-        }
-
-        if (n == 1)
-        {
-            throw new InvalidCipherTextException("unwrap data must be at least 16 bytes");
-        }
-
-        byte[] relevantCiphertext = new byte[inLen];
-        System.arraycopy(in, inOff, relevantCiphertext, 0, inLen);
-        byte[] decrypted = new byte[inLen];
-        byte[] paddedPlaintext;
-
-        if (n == 2)
-        {
-            // When there are exactly two 64-bit blocks of ciphertext,
-            // they are decrypted as a single block using AES in ECB.
-            engine.init(false, param);
-            for (int i = 0; i < relevantCiphertext.length; i += engine.getBlockSize())
-            {
-                engine.processBlock(relevantCiphertext, i, decrypted, i);
-            }
-
-            // extract the AIV
-            extractedAIV = new byte[8];
-            System.arraycopy(decrypted, 0, extractedAIV, 0, extractedAIV.length);
-            paddedPlaintext = new byte[decrypted.length - extractedAIV.length];
-            System.arraycopy(decrypted, extractedAIV.length, paddedPlaintext, 0, paddedPlaintext.length);
-        }
-        else
-        {
-            // Otherwise, unwrap as per RFC 3394 but don't check IV the same way
-            decrypted = rfc3394UnwrapNoIvCheck(in, inOff, inLen);
-            paddedPlaintext = decrypted;
-        }
-
-        // Decompose the extracted AIV to the fixed portion and the MLI
-        byte[] extractedHighOrderAIV = new byte[4];
-        byte[] mliBytes = new byte[4];
-        System.arraycopy(extractedAIV, 0, extractedHighOrderAIV, 0, extractedHighOrderAIV.length);
-        System.arraycopy(extractedAIV, extractedHighOrderAIV.length, mliBytes, 0, mliBytes.length);
-        int mli = Pack.bigEndianToInt(mliBytes, 0);
-        // Even if a check fails we still continue and check everything 
-        // else in order to avoid certain timing based side-channel attacks.
-        boolean isValid = true;
-
-        // Check the fixed portion of the AIV
-        if (!Arrays.constantTimeAreEqual(extractedHighOrderAIV, preIV))
-        {
-            isValid = false;
-        }
-
-        // Check the MLI against the actual length
-        int upperBound = paddedPlaintext.length;
-        int lowerBound = upperBound - 8;
-        if (mli <= lowerBound)
-        {
-            isValid = false;
-        }
-        if (mli > upperBound)
-        {
-            isValid = false;
-        }
-
-        // Check the number of padded zeros
-        int expectedZeros = upperBound - mli;
-        if (expectedZeros >= paddedPlaintext.length)
-        {
-            isValid = false;
-            expectedZeros = paddedPlaintext.length;
-        }
-
-        byte[] zeros = new byte[expectedZeros];
-        byte[] pad = new byte[expectedZeros];
-        System.arraycopy(paddedPlaintext, paddedPlaintext.length - expectedZeros, pad, 0, expectedZeros);
-        if (!Arrays.constantTimeAreEqual(pad, zeros))
-        {
-            isValid = false;
-        }
-
-        if (!isValid)
-        {
-            throw new InvalidCipherTextException("checksum failed");
-        }
-
-        // Extract the plaintext from the padded plaintext
-        byte[] plaintext = new byte[mli];
-        System.arraycopy(paddedPlaintext, 0, plaintext, 0, plaintext.length);
-
-        return plaintext;
-    }
-
-    /**
-     * Performs steps 1 and 2 of the unwrap process defined in RFC 3394.
-     * This code is duplicated from RFC3394WrapEngine because that class
-     * will throw an error during unwrap because the IV won't match up.
-     *
-     * @param in
-     * @param inOff
-     * @param inLen
-     * @return Unwrapped data.
-     */
-    private byte[] rfc3394UnwrapNoIvCheck(byte[] in, int inOff, int inLen)
-    {
-        byte[] iv = new byte[8];
-        byte[] block = new byte[inLen - iv.length];
-        byte[] a = new byte[iv.length];
-        byte[] buf = new byte[8 + iv.length];
-
-        System.arraycopy(in, inOff, a, 0, iv.length);
-        System.arraycopy(in, inOff + iv.length, block, 0, inLen - iv.length);
-
-        engine.init(false, param);
-
-        int n = inLen / 8;
-        n = n - 1;
-
-        for (int j = 5; j >= 0; j--)
-        {
-            for (int i = n; i >= 1; i--)
-            {
-                System.arraycopy(a, 0, buf, 0, iv.length);
-                System.arraycopy(block, 8 * (i - 1), buf, iv.length, 8);
-
-                int t = n * j + i;
-                for (int k = 1; t != 0; k++)
-                {
-                    byte v = (byte)t;
-
-                    buf[iv.length - k] ^= v;
-
-                    t >>>= 8;
-                }
-
-                engine.processBlock(buf, 0, buf, 0);
-                System.arraycopy(buf, 0, a, 0, 8);
-                System.arraycopy(buf, 8, block, 8 * (i - 1), 8);
-            }
-        }
-
-        // set the extracted AIV
-        extractedAIV = a;
-
-        return block;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/RSABlindingEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/RSABlindingEngine.java
deleted file mode 100644
index a8ecb9b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/RSABlindingEngine.java
+++ /dev/null

@@ -1,137 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.AsymmetricBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.params.RSABlindingParameters;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-
-import java.math.BigInteger;
-
-/**
- * This does your basic RSA Chaum's blinding and unblinding as outlined in
- * "Handbook of Applied Cryptography", page 475. You need to use this if you are
- * trying to get another party to generate signatures without them being aware
- * of the message they are signing.
- */
-public class RSABlindingEngine
-    implements AsymmetricBlockCipher
-{
-    private RSACoreEngine core = new RSACoreEngine();
-
-    private RSAKeyParameters key;
-    private BigInteger blindingFactor;
-
-    private boolean forEncryption;
-
-    /**
-     * Initialise the blinding engine.
-     *
-     * @param forEncryption true if we are encrypting (blinding), false otherwise.
-     * @param param         the necessary RSA key parameters.
-     */
-    public void init(
-        boolean forEncryption,
-        CipherParameters param)
-    {
-        RSABlindingParameters p;
-
-        if (param instanceof ParametersWithRandom)
-        {
-            ParametersWithRandom rParam = (ParametersWithRandom)param;
-
-            p = (RSABlindingParameters)rParam.getParameters();
-        }
-        else
-        {
-            p = (RSABlindingParameters)param;
-        }
-
-        core.init(forEncryption, p.getPublicKey());
-
-        this.forEncryption = forEncryption;
-        this.key = p.getPublicKey();
-        this.blindingFactor = p.getBlindingFactor();
-    }
-
-    /**
-     * Return the maximum size for an input block to this engine.
-     * For RSA this is always one byte less than the key size on
-     * encryption, and the same length as the key size on decryption.
-     *
-     * @return maximum size for an input block.
-     */
-    public int getInputBlockSize()
-    {
-        return core.getInputBlockSize();
-    }
-
-    /**
-     * Return the maximum size for an output block to this engine.
-     * For RSA this is always one byte less than the key size on
-     * decryption, and the same length as the key size on encryption.
-     *
-     * @return maximum size for an output block.
-     */
-    public int getOutputBlockSize()
-    {
-        return core.getOutputBlockSize();
-    }
-
-    /**
-     * Process a single block using the RSA blinding algorithm.
-     *
-     * @param in    the input array.
-     * @param inOff the offset into the input buffer where the data starts.
-     * @param inLen the length of the data to be processed.
-     * @return the result of the RSA process.
-     * @throws DataLengthException the input block is too large.
-     */
-    public byte[] processBlock(
-        byte[] in,
-        int inOff,
-        int inLen)
-    {
-        BigInteger msg = core.convertInput(in, inOff, inLen);
-
-        if (forEncryption)
-        {
-            msg = blindMessage(msg);
-        }
-        else
-        {
-            msg = unblindMessage(msg);
-        }
-
-        return core.convertOutput(msg);
-    }
-
-    /*
-     * Blind message with the blind factor.
-     */
-    private BigInteger blindMessage(
-        BigInteger msg)
-    {
-        BigInteger blindMsg = blindingFactor;
-        blindMsg = msg.multiply(blindMsg.modPow(key.getExponent(), key.getModulus()));
-        blindMsg = blindMsg.mod(key.getModulus());
-
-        return blindMsg;
-    }
-
-    /*
-     * Unblind the message blinded with the blind factor.
-     */
-    private BigInteger unblindMessage(
-        BigInteger blindedMsg)
-    {
-        BigInteger m = key.getModulus();
-        BigInteger msg = blindedMsg;
-        BigInteger blindFactorInverse = blindingFactor.modInverse(m);
-        msg = msg.multiply(blindFactorInverse);
-        msg = msg.mod(m);
-
-        return msg;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/RSAEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/RSAEngine.java
deleted file mode 100644
index 009dcd4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/RSAEngine.java
+++ /dev/null

@@ -1,78 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.AsymmetricBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-
-/**
- * this does your basic RSA algorithm.
- */
-public class RSAEngine
-    implements AsymmetricBlockCipher
-{
-    private RSACoreEngine core;
-
-    /**
-     * initialise the RSA engine.
-     *
-     * @param forEncryption true if we are encrypting, false otherwise.
-     * @param param the necessary RSA key parameters.
-     */
-    public void init(
-        boolean             forEncryption,
-        CipherParameters    param)
-    {
-        if (core == null)
-        {
-            core = new RSACoreEngine();
-        }
-
-        core.init(forEncryption, param);
-    }
-
-    /**
-     * Return the maximum size for an input block to this engine.
-     * For RSA this is always one byte less than the key size on
-     * encryption, and the same length as the key size on decryption.
-     *
-     * @return maximum size for an input block.
-     */
-    public int getInputBlockSize()
-    {
-        return core.getInputBlockSize();
-    }
-
-    /**
-     * Return the maximum size for an output block to this engine.
-     * For RSA this is always one byte less than the key size on
-     * decryption, and the same length as the key size on encryption.
-     *
-     * @return maximum size for an output block.
-     */
-    public int getOutputBlockSize()
-    {
-        return core.getOutputBlockSize();
-    }
-
-    /**
-     * Process a single block using the basic RSA algorithm.
-     *
-     * @param in the input array.
-     * @param inOff the offset into the input buffer where the data starts.
-     * @param inLen the length of the data to be processed.
-     * @return the result of the RSA process.
-     * @exception DataLengthException the input block is too large.
-     */
-    public byte[] processBlock(
-        byte[]  in,
-        int     inOff,
-        int     inLen)
-    {
-        if (core == null)
-        {
-            throw new IllegalStateException("RSA engine not initialised");
-        }
-
-        return core.convertOutput(core.processBlock(core.convertInput(in, inOff, inLen)));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/RijndaelEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/RijndaelEngine.java
deleted file mode 100644
index c80f665..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/RijndaelEngine.java
+++ /dev/null

@@ -1,725 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.KeyParameter;
-
-/**
- * an implementation of Rijndael, based on the documentation and reference implementation
- * by Paulo Barreto, Vincent Rijmen, for v2.0 August '99.
- * <p>
- * Note: this implementation is based on information prior to final NIST publication.
- */
-public class RijndaelEngine
-    implements BlockCipher
-{
-    private static final int MAXROUNDS = 14;
-
-    private static final int MAXKC = (256/4);
-
-    private static final byte[] logtable = {
-        (byte)0,    (byte)0,    (byte)25,   (byte)1,    (byte)50,   (byte)2,    (byte)26,   (byte)198,
-        (byte)75,   (byte)199,  (byte)27,   (byte)104,  (byte)51,   (byte)238,  (byte)223,  (byte)3,
-        (byte)100,  (byte)4,    (byte)224,  (byte)14,   (byte)52,   (byte)141,  (byte)129,  (byte)239,
-        (byte)76,   (byte)113,  (byte)8,    (byte)200,  (byte)248,  (byte)105,  (byte)28,   (byte)193,
-        (byte)125,  (byte)194,  (byte)29,   (byte)181,  (byte)249,  (byte)185,  (byte)39,   (byte)106,
-        (byte)77,   (byte)228,  (byte)166,  (byte)114,  (byte)154,  (byte)201,  (byte)9,    (byte)120,
-        (byte)101,  (byte)47,   (byte)138,  (byte)5,    (byte)33,   (byte)15,   (byte)225,  (byte)36,
-        (byte)18,   (byte)240,  (byte)130,  (byte)69,   (byte)53,   (byte)147,  (byte)218,  (byte)142,
-        (byte)150,  (byte)143,  (byte)219,  (byte)189,  (byte)54,   (byte)208,  (byte)206,  (byte)148,
-        (byte)19,   (byte)92,   (byte)210,  (byte)241,  (byte)64,   (byte)70,   (byte)131,  (byte)56,
-        (byte)102,  (byte)221,  (byte)253,  (byte)48,   (byte)191,  (byte)6,    (byte)139,  (byte)98,
-        (byte)179,  (byte)37,   (byte)226,  (byte)152,  (byte)34,   (byte)136,  (byte)145,  (byte)16,
-        (byte)126,  (byte)110,  (byte)72,   (byte)195,  (byte)163,  (byte)182,  (byte)30,   (byte)66,
-        (byte)58,   (byte)107,  (byte)40,   (byte)84,   (byte)250,  (byte)133,  (byte)61,   (byte)186,
-        (byte)43,   (byte)121,  (byte)10,   (byte)21,   (byte)155,  (byte)159,  (byte)94,   (byte)202,
-        (byte)78,   (byte)212,  (byte)172,  (byte)229,  (byte)243,  (byte)115,  (byte)167,  (byte)87,
-        (byte)175,  (byte)88,   (byte)168,  (byte)80,   (byte)244,  (byte)234,  (byte)214,  (byte)116,
-        (byte)79,   (byte)174,  (byte)233,  (byte)213,  (byte)231,  (byte)230,  (byte)173,  (byte)232,
-        (byte)44,   (byte)215,  (byte)117,  (byte)122,  (byte)235,  (byte)22,   (byte)11,   (byte)245,
-        (byte)89,   (byte)203,  (byte)95,   (byte)176,  (byte)156,  (byte)169,  (byte)81,   (byte)160,
-        (byte)127,  (byte)12,   (byte)246,  (byte)111,  (byte)23,   (byte)196,  (byte)73,   (byte)236,
-        (byte)216,  (byte)67,   (byte)31,   (byte)45,   (byte)164,  (byte)118,  (byte)123,  (byte)183,
-        (byte)204,  (byte)187,  (byte)62,   (byte)90,   (byte)251,  (byte)96,   (byte)177,  (byte)134,
-        (byte)59,   (byte)82,   (byte)161,  (byte)108,  (byte)170,  (byte)85,   (byte)41,   (byte)157,
-        (byte)151,  (byte)178,  (byte)135,  (byte)144,  (byte)97,   (byte)190,  (byte)220,  (byte)252,
-        (byte)188,  (byte)149,  (byte)207,  (byte)205,  (byte)55,   (byte)63,   (byte)91,   (byte)209,
-        (byte)83,   (byte)57,   (byte)132,  (byte)60,   (byte)65,   (byte)162,  (byte)109,  (byte)71,
-        (byte)20,   (byte)42,   (byte)158,  (byte)93,   (byte)86,   (byte)242,  (byte)211,  (byte)171,
-        (byte)68,   (byte)17,   (byte)146,  (byte)217,  (byte)35,   (byte)32,   (byte)46,   (byte)137,
-        (byte)180,  (byte)124,  (byte)184,  (byte)38,   (byte)119,  (byte)153,  (byte)227,  (byte)165,
-        (byte)103,  (byte)74,   (byte)237,  (byte)222,  (byte)197,  (byte)49,   (byte)254,  (byte)24,
-        (byte)13,   (byte)99,   (byte)140,  (byte)128,  (byte)192,  (byte)247,  (byte)112,  (byte)7
-    };
-
-    private static final byte[] aLogtable = {
-          (byte)0,   (byte)3,   (byte)5,  (byte)15,  (byte)17,  (byte)51,  (byte)85, (byte)255,  (byte)26,  (byte)46, (byte)114, (byte)150, (byte)161, (byte)248,  (byte)19,  (byte)53,
-         (byte)95, (byte)225,  (byte)56,  (byte)72, (byte)216, (byte)115, (byte)149, (byte)164, (byte)247,   (byte)2,   (byte)6,  (byte)10,  (byte)30,  (byte)34, (byte)102, (byte)170,
-        (byte)229,  (byte)52,  (byte)92, (byte)228,  (byte)55,  (byte)89, (byte)235,  (byte)38, (byte)106, (byte)190, (byte)217, (byte)112, (byte)144, (byte)171, (byte)230,  (byte)49,
-         (byte)83, (byte)245,   (byte)4,  (byte)12,  (byte)20,  (byte)60,  (byte)68, (byte)204,  (byte)79, (byte)209, (byte)104, (byte)184, (byte)211, (byte)110, (byte)178, (byte)205,
-         (byte)76, (byte)212, (byte)103, (byte)169, (byte)224,  (byte)59,  (byte)77, (byte)215,  (byte)98, (byte)166, (byte)241,   (byte)8,  (byte)24,  (byte)40, (byte)120, (byte)136,
-        (byte)131, (byte)158, (byte)185, (byte)208, (byte)107, (byte)189, (byte)220, (byte)127, (byte)129, (byte)152, (byte)179, (byte)206,  (byte)73, (byte)219, (byte)118, (byte)154,
-        (byte)181, (byte)196,  (byte)87, (byte)249,  (byte)16,  (byte)48,  (byte)80, (byte)240,  (byte)11,  (byte)29,  (byte)39, (byte)105, (byte)187, (byte)214,  (byte)97, (byte)163,
-        (byte)254,  (byte)25,  (byte)43, (byte)125, (byte)135, (byte)146, (byte)173, (byte)236,  (byte)47, (byte)113, (byte)147, (byte)174, (byte)233,  (byte)32,  (byte)96, (byte)160,
-        (byte)251,  (byte)22,  (byte)58,  (byte)78, (byte)210, (byte)109, (byte)183, (byte)194,  (byte)93, (byte)231,  (byte)50,  (byte)86, (byte)250,  (byte)21,  (byte)63,  (byte)65,
-        (byte)195,  (byte)94, (byte)226,  (byte)61,  (byte)71, (byte)201,  (byte)64, (byte)192,  (byte)91, (byte)237,  (byte)44, (byte)116, (byte)156, (byte)191, (byte)218, (byte)117,
-        (byte)159, (byte)186, (byte)213, (byte)100, (byte)172, (byte)239,  (byte)42, (byte)126, (byte)130, (byte)157, (byte)188, (byte)223, (byte)122, (byte)142, (byte)137, (byte)128,
-        (byte)155, (byte)182, (byte)193,  (byte)88, (byte)232,  (byte)35, (byte)101, (byte)175, (byte)234,  (byte)37, (byte)111, (byte)177, (byte)200,  (byte)67, (byte)197,  (byte)84,
-        (byte)252,  (byte)31,  (byte)33,  (byte)99, (byte)165, (byte)244,   (byte)7,   (byte)9,  (byte)27,  (byte)45, (byte)119, (byte)153, (byte)176, (byte)203,  (byte)70, (byte)202,
-         (byte)69, (byte)207,  (byte)74, (byte)222, (byte)121, (byte)139, (byte)134, (byte)145, (byte)168, (byte)227,  (byte)62,  (byte)66, (byte)198,  (byte)81, (byte)243,  (byte)14,
-         (byte)18,  (byte)54,  (byte)90, (byte)238,  (byte)41, (byte)123, (byte)141, (byte)140, (byte)143, (byte)138, (byte)133, (byte)148, (byte)167, (byte)242,  (byte)13,  (byte)23,
-         (byte)57,  (byte)75, (byte)221, (byte)124, (byte)132, (byte)151, (byte)162, (byte)253,  (byte)28,  (byte)36, (byte)108, (byte)180, (byte)199,  (byte)82, (byte)246,   (byte)1,
-          (byte)3,   (byte)5,  (byte)15,  (byte)17,  (byte)51,  (byte)85, (byte)255,  (byte)26,  (byte)46, (byte)114, (byte)150, (byte)161, (byte)248,  (byte)19,  (byte)53,
-         (byte)95, (byte)225,  (byte)56,  (byte)72, (byte)216, (byte)115, (byte)149, (byte)164, (byte)247,   (byte)2,   (byte)6,  (byte)10,  (byte)30,  (byte)34, (byte)102, (byte)170,
-        (byte)229,  (byte)52,  (byte)92, (byte)228,  (byte)55,  (byte)89, (byte)235,  (byte)38, (byte)106, (byte)190, (byte)217, (byte)112, (byte)144, (byte)171, (byte)230,  (byte)49,
-         (byte)83, (byte)245,   (byte)4,  (byte)12,  (byte)20,  (byte)60,  (byte)68, (byte)204,  (byte)79, (byte)209, (byte)104, (byte)184, (byte)211, (byte)110, (byte)178, (byte)205,
-         (byte)76, (byte)212, (byte)103, (byte)169, (byte)224,  (byte)59,  (byte)77, (byte)215,  (byte)98, (byte)166, (byte)241,   (byte)8,  (byte)24,  (byte)40, (byte)120, (byte)136,
-        (byte)131, (byte)158, (byte)185, (byte)208, (byte)107, (byte)189, (byte)220, (byte)127, (byte)129, (byte)152, (byte)179, (byte)206,  (byte)73, (byte)219, (byte)118, (byte)154,
-        (byte)181, (byte)196,  (byte)87, (byte)249,  (byte)16,  (byte)48,  (byte)80, (byte)240,  (byte)11,  (byte)29,  (byte)39, (byte)105, (byte)187, (byte)214,  (byte)97, (byte)163,
-        (byte)254,  (byte)25,  (byte)43, (byte)125, (byte)135, (byte)146, (byte)173, (byte)236,  (byte)47, (byte)113, (byte)147, (byte)174, (byte)233,  (byte)32,  (byte)96, (byte)160,
-        (byte)251,  (byte)22,  (byte)58,  (byte)78, (byte)210, (byte)109, (byte)183, (byte)194,  (byte)93, (byte)231,  (byte)50,  (byte)86, (byte)250,  (byte)21,  (byte)63,  (byte)65,
-        (byte)195,  (byte)94, (byte)226,  (byte)61,  (byte)71, (byte)201,  (byte)64, (byte)192,  (byte)91, (byte)237,  (byte)44, (byte)116, (byte)156, (byte)191, (byte)218, (byte)117,
-        (byte)159, (byte)186, (byte)213, (byte)100, (byte)172, (byte)239,  (byte)42, (byte)126, (byte)130, (byte)157, (byte)188, (byte)223, (byte)122, (byte)142, (byte)137, (byte)128,
-        (byte)155, (byte)182, (byte)193,  (byte)88, (byte)232,  (byte)35, (byte)101, (byte)175, (byte)234,  (byte)37, (byte)111, (byte)177, (byte)200,  (byte)67, (byte)197,  (byte)84,
-        (byte)252,  (byte)31,  (byte)33,  (byte)99, (byte)165, (byte)244,   (byte)7,   (byte)9,  (byte)27,  (byte)45, (byte)119, (byte)153, (byte)176, (byte)203,  (byte)70, (byte)202,
-         (byte)69, (byte)207,  (byte)74, (byte)222, (byte)121, (byte)139, (byte)134, (byte)145, (byte)168, (byte)227,  (byte)62,  (byte)66, (byte)198,  (byte)81, (byte)243,  (byte)14,
-         (byte)18,  (byte)54,  (byte)90, (byte)238,  (byte)41, (byte)123, (byte)141, (byte)140, (byte)143, (byte)138, (byte)133, (byte)148, (byte)167, (byte)242,  (byte)13,  (byte)23,
-         (byte)57,  (byte)75, (byte)221, (byte)124, (byte)132, (byte)151, (byte)162, (byte)253,  (byte)28,  (byte)36, (byte)108, (byte)180, (byte)199,  (byte)82, (byte)246,   (byte)1,
-        };
-
-    private static final byte[] S = {
-         (byte)99, (byte)124, (byte)119, (byte)123, (byte)242, (byte)107, (byte)111, (byte)197,  (byte)48,   (byte)1, (byte)103,  (byte)43, (byte)254, (byte)215, (byte)171, (byte)118,
-        (byte)202, (byte)130, (byte)201, (byte)125, (byte)250,  (byte)89,  (byte)71, (byte)240, (byte)173, (byte)212, (byte)162, (byte)175, (byte)156, (byte)164, (byte)114, (byte)192,
-        (byte)183, (byte)253, (byte)147,  (byte)38,  (byte)54,  (byte)63, (byte)247, (byte)204,  (byte)52, (byte)165, (byte)229, (byte)241, (byte)113, (byte)216,  (byte)49,  (byte)21,
-          (byte)4, (byte)199,  (byte)35, (byte)195,  (byte)24, (byte)150,   (byte)5, (byte)154,   (byte)7,  (byte)18, (byte)128, (byte)226, (byte)235,  (byte)39, (byte)178, (byte)117,
-          (byte)9, (byte)131,  (byte)44,  (byte)26,  (byte)27, (byte)110,  (byte)90, (byte)160,  (byte)82,  (byte)59, (byte)214, (byte)179,  (byte)41, (byte)227,  (byte)47, (byte)132,
-         (byte)83, (byte)209,   (byte)0, (byte)237,  (byte)32, (byte)252, (byte)177,  (byte)91, (byte)106, (byte)203, (byte)190,  (byte)57,  (byte)74,  (byte)76,  (byte)88, (byte)207,
-        (byte)208, (byte)239, (byte)170, (byte)251,  (byte)67,  (byte)77,  (byte)51, (byte)133,  (byte)69, (byte)249,   (byte)2, (byte)127,  (byte)80,  (byte)60, (byte)159, (byte)168,
-         (byte)81, (byte)163,  (byte)64, (byte)143, (byte)146, (byte)157,  (byte)56, (byte)245, (byte)188, (byte)182, (byte)218,  (byte)33,  (byte)16, (byte)255, (byte)243, (byte)210,
-        (byte)205,  (byte)12,  (byte)19, (byte)236,  (byte)95, (byte)151,  (byte)68,  (byte)23, (byte)196, (byte)167, (byte)126,  (byte)61, (byte)100,  (byte)93,  (byte)25, (byte)115,
-         (byte)96, (byte)129,  (byte)79, (byte)220,  (byte)34,  (byte)42, (byte)144, (byte)136,  (byte)70, (byte)238, (byte)184,  (byte)20, (byte)222,  (byte)94,  (byte)11, (byte)219,
-        (byte)224,  (byte)50,  (byte)58,  (byte)10,  (byte)73,   (byte)6,  (byte)36,  (byte)92, (byte)194, (byte)211, (byte)172,  (byte)98, (byte)145, (byte)149, (byte)228, (byte)121,
-        (byte)231, (byte)200,  (byte)55, (byte)109, (byte)141, (byte)213,  (byte)78, (byte)169, (byte)108,  (byte)86, (byte)244, (byte)234, (byte)101, (byte)122, (byte)174,   (byte)8,
-        (byte)186, (byte)120,  (byte)37,  (byte)46,  (byte)28, (byte)166, (byte)180, (byte)198, (byte)232, (byte)221, (byte)116,  (byte)31,  (byte)75, (byte)189, (byte)139, (byte)138,
-        (byte)112,  (byte)62, (byte)181, (byte)102,  (byte)72,   (byte)3, (byte)246,  (byte)14,  (byte)97,  (byte)53,  (byte)87, (byte)185, (byte)134, (byte)193,  (byte)29, (byte)158,
-        (byte)225, (byte)248, (byte)152,  (byte)17, (byte)105, (byte)217, (byte)142, (byte)148, (byte)155,  (byte)30, (byte)135, (byte)233, (byte)206,  (byte)85,  (byte)40, (byte)223,
-        (byte)140, (byte)161, (byte)137,  (byte)13, (byte)191, (byte)230,  (byte)66, (byte)104,  (byte)65, (byte)153,  (byte)45,  (byte)15, (byte)176,  (byte)84, (byte)187,  (byte)22,
-    };
-
-    private static final byte[] Si = {
-         (byte)82,   (byte)9, (byte)106, (byte)213,  (byte)48,  (byte)54, (byte)165,  (byte)56, (byte)191,  (byte)64, (byte)163, (byte)158, (byte)129, (byte)243, (byte)215, (byte)251,
-        (byte)124, (byte)227,  (byte)57, (byte)130, (byte)155,  (byte)47, (byte)255, (byte)135,  (byte)52, (byte)142,  (byte)67,  (byte)68, (byte)196, (byte)222, (byte)233, (byte)203,
-         (byte)84, (byte)123, (byte)148,  (byte)50, (byte)166, (byte)194,  (byte)35,  (byte)61, (byte)238,  (byte)76, (byte)149,  (byte)11,  (byte)66, (byte)250, (byte)195,  (byte)78,
-          (byte)8,  (byte)46, (byte)161, (byte)102,  (byte)40, (byte)217,  (byte)36, (byte)178, (byte)118,  (byte)91, (byte)162,  (byte)73, (byte)109, (byte)139, (byte)209,  (byte)37,
-        (byte)114, (byte)248, (byte)246, (byte)100, (byte)134, (byte)104, (byte)152,  (byte)22, (byte)212, (byte)164,  (byte)92, (byte)204,  (byte)93, (byte)101, (byte)182, (byte)146,
-        (byte)108, (byte)112,  (byte)72,  (byte)80, (byte)253, (byte)237, (byte)185, (byte)218,  (byte)94,  (byte)21,  (byte)70,  (byte)87, (byte)167, (byte)141, (byte)157, (byte)132,
-        (byte)144, (byte)216, (byte)171,   (byte)0, (byte)140, (byte)188, (byte)211,  (byte)10, (byte)247, (byte)228,  (byte)88,   (byte)5, (byte)184, (byte)179,  (byte)69,   (byte)6,
-        (byte)208,  (byte)44,  (byte)30, (byte)143, (byte)202,  (byte)63,  (byte)15,   (byte)2, (byte)193, (byte)175, (byte)189,   (byte)3,   (byte)1,  (byte)19, (byte)138, (byte)107,
-         (byte)58, (byte)145,  (byte)17,  (byte)65,  (byte)79, (byte)103, (byte)220, (byte)234, (byte)151, (byte)242, (byte)207, (byte)206, (byte)240, (byte)180, (byte)230, (byte)115,
-        (byte)150, (byte)172, (byte)116,  (byte)34, (byte)231, (byte)173,  (byte)53, (byte)133, (byte)226, (byte)249,  (byte)55, (byte)232,  (byte)28, (byte)117, (byte)223, (byte)110,
-         (byte)71, (byte)241,  (byte)26, (byte)113,  (byte)29,  (byte)41, (byte)197, (byte)137, (byte)111, (byte)183,  (byte)98,  (byte)14, (byte)170,  (byte)24, (byte)190,  (byte)27,
-        (byte)252,  (byte)86,  (byte)62,  (byte)75, (byte)198, (byte)210, (byte)121,  (byte)32, (byte)154, (byte)219, (byte)192, (byte)254, (byte)120, (byte)205,  (byte)90, (byte)244,
-         (byte)31, (byte)221, (byte)168,  (byte)51, (byte)136,   (byte)7, (byte)199,  (byte)49, (byte)177,  (byte)18,  (byte)16,  (byte)89,  (byte)39, (byte)128, (byte)236,  (byte)95,
-         (byte)96,  (byte)81, (byte)127, (byte)169,  (byte)25, (byte)181,  (byte)74,  (byte)13,  (byte)45, (byte)229, (byte)122, (byte)159, (byte)147, (byte)201, (byte)156, (byte)239,
-        (byte)160, (byte)224,  (byte)59,  (byte)77, (byte)174,  (byte)42, (byte)245, (byte)176, (byte)200, (byte)235, (byte)187,  (byte)60, (byte)131,  (byte)83, (byte)153,  (byte)97,
-         (byte)23,  (byte)43,   (byte)4, (byte)126, (byte)186, (byte)119, (byte)214,  (byte)38, (byte)225, (byte)105,  (byte)20,  (byte)99,  (byte)85,  (byte)33,  (byte)12, (byte)125,
-        };
-
-    private static final int[] rcon = {
-          0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a, 0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91 };
-
-    static byte[][] shifts0 =
-    {
-       { 0, 8, 16, 24 },
-       { 0, 8, 16, 24 },
-       { 0, 8, 16, 24 },
-       { 0, 8, 16, 32 },
-       { 0, 8, 24, 32 }
-    };
-
-    static byte[][] shifts1 =
-    {
-       { 0, 24, 16, 8 },
-       { 0, 32, 24, 16 },
-       { 0, 40, 32, 24 },
-       { 0, 48, 40, 24 },
-       { 0, 56, 40, 32 }
-    };
-
-    /**
-     * multiply two elements of GF(2^m)
-     * needed for MixColumn and InvMixColumn
-     */
-    private byte mul0x2(
-        int b)
-    {
-        if (b != 0)
-        {
-            return aLogtable[25 + (logtable[b] & 0xff)];
-        }
-        else
-        {
-            return 0;
-        }
-    }
-
-    private byte mul0x3(
-        int b)
-    {
-        if (b != 0)
-        {
-            return aLogtable[1 + (logtable[b] & 0xff)];
-        }
-        else
-        {
-            return 0;
-        }
-    }
-
-    private byte mul0x9(
-        int b)
-    {
-        if (b >= 0)
-        {
-            return aLogtable[199 + b];
-        }
-        else
-        {
-            return 0;
-        }
-    }
-
-    private byte mul0xb(
-        int b)
-    {
-        if (b >= 0)
-        {
-            return aLogtable[104 + b];
-        }
-        else
-        {
-            return 0;
-        }
-    }
-
-    private byte mul0xd(
-        int b)
-    {
-        if (b >= 0)
-        {
-            return aLogtable[238 + b];
-        }
-        else
-        {
-            return 0;
-        }
-    }
-
-    private byte mul0xe(
-        int b)
-    {
-        if (b >= 0)
-        {
-            return aLogtable[223 + b];
-        }
-        else
-        {
-            return 0;
-        }
-    }
-
-    /**
-     * xor corresponding text input and round key input bytes
-     */
-    private void KeyAddition(
-        long[] rk)
-    {
-        A0 ^= rk[0];
-        A1 ^= rk[1];
-        A2 ^= rk[2];
-        A3 ^= rk[3];
-    }
-
-    private long shift(
-        long    r,
-        int     shift)
-    {
-        return (((r >>> shift) | (r << (BC - shift)))) & BC_MASK;
-    }
-
-    /**
-     * Row 0 remains unchanged
-     * The other three rows are shifted a variable amount
-     */
-    private void ShiftRow(
-        byte[]      shiftsSC)
-    {
-        A1 = shift(A1, shiftsSC[1]);
-        A2 = shift(A2, shiftsSC[2]);
-        A3 = shift(A3, shiftsSC[3]);
-    }
-
-    private long applyS(
-        long    r,
-        byte[]  box)
-    {
-        long    res = 0;
-
-        for (int j = 0; j < BC; j += 8)
-        {
-            res |= (long)(box[(int)((r >> j) & 0xff)] & 0xff) << j;
-        }
-
-        return res;
-    }
-
-    /**
-     * Replace every byte of the input by the byte at that place
-     * in the nonlinear S-box
-     */
-    private void Substitution(
-        byte[]      box)
-    {
-        A0 = applyS(A0, box);
-        A1 = applyS(A1, box);
-        A2 = applyS(A2, box);
-        A3 = applyS(A3, box);
-    }
-
-    /**
-     * Mix the bytes of every column in a linear way
-     */
-    private void MixColumn()
-    {
-        long r0, r1, r2, r3;
-
-        r0 = r1 = r2 = r3 = 0;
-
-        for (int j = 0; j < BC; j += 8)
-        {
-            int a0 = (int)((A0 >> j) & 0xff);
-            int a1 = (int)((A1 >> j) & 0xff);
-            int a2 = (int)((A2 >> j) & 0xff);
-            int a3 = (int)((A3 >> j) & 0xff);
-
-            r0 |= (long)((mul0x2(a0) ^ mul0x3(a1) ^ a2 ^ a3) & 0xff) << j;
-
-            r1 |= (long)((mul0x2(a1) ^ mul0x3(a2) ^ a3 ^ a0) & 0xff) << j;
-
-            r2 |= (long)((mul0x2(a2) ^ mul0x3(a3) ^ a0 ^ a1) & 0xff) << j;
-
-            r3 |= (long)((mul0x2(a3) ^ mul0x3(a0) ^ a1 ^ a2) & 0xff) << j;
-        }
-
-        A0 = r0;
-        A1 = r1;
-        A2 = r2;
-        A3 = r3;
-    }
-
-    /**
-     * Mix the bytes of every column in a linear way
-     * This is the opposite operation of Mixcolumn
-     */
-    private void InvMixColumn()
-    {
-        long r0, r1, r2, r3;
-
-        r0 = r1 = r2 = r3 = 0;
-        for (int j = 0; j < BC; j += 8)
-        {
-            int a0 = (int)((A0 >> j) & 0xff);
-            int a1 = (int)((A1 >> j) & 0xff);
-            int a2 = (int)((A2 >> j) & 0xff);
-            int a3 = (int)((A3 >> j) & 0xff);
-
-            //
-            // pre-lookup the log table
-            //
-            a0 = (a0 != 0) ? (logtable[a0 & 0xff] & 0xff) : -1;
-            a1 = (a1 != 0) ? (logtable[a1 & 0xff] & 0xff) : -1;
-            a2 = (a2 != 0) ? (logtable[a2 & 0xff] & 0xff) : -1;
-            a3 = (a3 != 0) ? (logtable[a3 & 0xff] & 0xff) : -1;
-
-            r0 |= (long)((mul0xe(a0) ^ mul0xb(a1) ^ mul0xd(a2) ^ mul0x9(a3)) & 0xff) << j;
-
-            r1 |= (long)((mul0xe(a1) ^ mul0xb(a2) ^ mul0xd(a3) ^ mul0x9(a0)) & 0xff) << j;
-
-            r2 |= (long)((mul0xe(a2) ^ mul0xb(a3) ^ mul0xd(a0) ^ mul0x9(a1)) & 0xff) << j;
-
-            r3 |= (long)((mul0xe(a3) ^ mul0xb(a0) ^ mul0xd(a1) ^ mul0x9(a2)) & 0xff) << j;
-        }
-
-        A0 = r0;
-        A1 = r1;
-        A2 = r2;
-        A3 = r3;
-    }
-
-    /**
-     * Calculate the necessary round keys
-     * The number of calculations depends on keyBits and blockBits
-     */
-    private long[][] generateWorkingKey(
-        byte[]      key)
-    {
-        int         KC;
-        int         t, rconpointer = 0;
-        int         keyBits = key.length * 8;
-        byte[][]    tk = new byte[4][MAXKC];
-        long[][]    W = new long[MAXROUNDS+1][4];
-
-        switch (keyBits)
-        {
-        case 128:
-            KC = 4;
-            break;
-        case 160:
-            KC = 5;
-            break;
-        case 192:
-            KC = 6;
-            break;
-        case 224:
-            KC = 7;
-            break;
-        case 256:
-            KC = 8;
-            break;
-        default :
-            throw new IllegalArgumentException("Key length not 128/160/192/224/256 bits.");
-        }
-
-        if (keyBits >= blockBits)
-        {
-            ROUNDS = KC + 6;
-        }
-        else
-        {
-            ROUNDS = (BC / 8) + 6;
-        }
-
-        //
-        // copy the key into the processing area
-        //
-        int index = 0;
-
-        for (int i = 0; i < key.length; i++)
-        {
-            tk[i % 4][i / 4] = key[index++];
-        }
-
-        t = 0;
-
-        //
-        // copy values into round key array
-        //
-        for (int j = 0; (j < KC) && (t < (ROUNDS+1)*(BC / 8)); j++, t++)
-        {
-            for (int i = 0; i < 4; i++)
-            {
-                W[t / (BC / 8)][i] |= (long)(tk[i][j] & 0xff) << ((t * 8) % BC);
-            }
-        }
-
-        //
-        // while not enough round key material calculated
-        // calculate new values
-        //
-        while (t < (ROUNDS+1)*(BC/8))
-        {
-            for (int i = 0; i < 4; i++)
-            {
-                tk[i][0] ^= S[tk[(i+1)%4][KC-1] & 0xff];
-            }
-            tk[0][0] ^= rcon[rconpointer++];
-
-            if (KC <= 6)
-            {
-                for (int j = 1; j < KC; j++)
-                {
-                    for (int i = 0; i < 4; i++)
-                    {
-                        tk[i][j] ^= tk[i][j-1];
-                    }
-                }
-            }
-            else
-            {
-                for (int j = 1; j < 4; j++)
-                {
-                    for (int i = 0; i < 4; i++)
-                    {
-                        tk[i][j] ^= tk[i][j-1];
-                    }
-                }
-                for (int i = 0; i < 4; i++)
-                {
-                    tk[i][4] ^= S[tk[i][3] & 0xff];
-                }
-                for (int j = 5; j < KC; j++)
-                {
-                    for (int i = 0; i < 4; i++)
-                    {
-                        tk[i][j] ^= tk[i][j-1];
-                    }
-                }
-            }
-
-            //
-            // copy values into round key array
-            //
-            for (int j = 0; (j < KC) && (t < (ROUNDS+1)*(BC/8)); j++, t++)
-            {
-                for (int i = 0; i < 4; i++)
-                {
-                    W[t / (BC/8)][i] |= (long)(tk[i][j] & 0xff) << ((t * 8) % (BC));
-                }
-            }
-        }
-
-        return W;
-    }
-
-    private int         BC;
-    private long        BC_MASK;
-    private int         ROUNDS;
-    private int         blockBits;
-    private long[][]    workingKey;
-    private long        A0, A1, A2, A3;
-    private boolean     forEncryption;
-    private byte[]      shifts0SC;
-    private byte[]      shifts1SC;
-
-    /**
-     * default constructor - 128 bit block size.
-     */
-    public RijndaelEngine()
-    {
-        this(128);
-    }
-
-    /**
-     * basic constructor - set the cipher up for a given blocksize
-     *
-     * @param blockBits the blocksize in bits, must be 128, 192, or 256.
-     */
-    public RijndaelEngine(
-        int blockBits)
-    {
-        switch (blockBits)
-        {
-        case 128:
-            BC = 32;
-            BC_MASK = 0xffffffffL;
-            shifts0SC = shifts0[0];
-            shifts1SC = shifts1[0];
-            break;
-        case 160:
-            BC = 40;
-            BC_MASK = 0xffffffffffL;
-            shifts0SC = shifts0[1];
-            shifts1SC = shifts1[1];
-            break;
-        case 192:
-            BC = 48;
-            BC_MASK = 0xffffffffffffL;
-            shifts0SC = shifts0[2];
-            shifts1SC = shifts1[2];
-            break;
-        case 224:
-            BC = 56;
-            BC_MASK = 0xffffffffffffffL;
-            shifts0SC = shifts0[3];
-            shifts1SC = shifts1[3];
-            break;
-        case 256:
-            BC = 64;
-            BC_MASK = 0xffffffffffffffffL;
-            shifts0SC = shifts0[4];
-            shifts1SC = shifts1[4];
-            break;
-        default:
-            throw new IllegalArgumentException("unknown blocksize to Rijndael");
-        }
-
-        this.blockBits = blockBits;
-    }
-
-    /**
-     * initialise a Rijndael cipher.
-     *
-     * @param forEncryption whether or not we are for encryption.
-     * @param params the parameters required to set up the cipher.
-     * @exception IllegalArgumentException if the params argument is
-     * inappropriate.
-     */
-    public void init(
-        boolean           forEncryption,
-        CipherParameters  params)
-    {
-        if (params instanceof KeyParameter)
-        {
-            workingKey = generateWorkingKey(((KeyParameter)params).getKey());
-            this.forEncryption = forEncryption;
-            return;
-        }
-
-        throw new IllegalArgumentException("invalid parameter passed to Rijndael init - " + params.getClass().getName());
-    }
-
-    public String getAlgorithmName()
-    {
-        return "Rijndael";
-    }
-
-    public int getBlockSize()
-    {
-        return BC / 2;
-    }
-
-    public int processBlock(
-        byte[] in,
-        int inOff,
-        byte[] out,
-        int outOff)
-    {
-        if (workingKey == null)
-        {
-            throw new IllegalStateException("Rijndael engine not initialised");
-        }
-
-        if ((inOff + (BC / 2)) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-
-        if ((outOff + (BC / 2)) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-
-        if (forEncryption)
-        {
-            unpackBlock(in, inOff);
-            encryptBlock(workingKey);
-            packBlock(out, outOff);
-        }
-        else
-        {
-            unpackBlock(in, inOff);
-            decryptBlock(workingKey);
-            packBlock(out, outOff);
-        }
-
-        return BC / 2;
-    }
-
-    public void reset()
-    {
-    }
-
-    private void unpackBlock(
-        byte[]      bytes,
-        int         off)
-    {
-        int     index = off;
-
-        A0 = (bytes[index++] & 0xff);
-        A1 = (bytes[index++] & 0xff);
-        A2 = (bytes[index++] & 0xff);
-        A3 = (bytes[index++] & 0xff);
-
-        for (int j = 8; j != BC; j += 8)
-        {
-            A0 |= (long)(bytes[index++] & 0xff) << j;
-            A1 |= (long)(bytes[index++] & 0xff) << j;
-            A2 |= (long)(bytes[index++] & 0xff) << j;
-            A3 |= (long)(bytes[index++] & 0xff) << j;
-        }
-    }
-
-    private void packBlock(
-        byte[]      bytes,
-        int         off)
-    {
-        int     index = off;
-
-        for (int j = 0; j != BC; j += 8)
-        {
-            bytes[index++] = (byte)(A0 >> j);
-            bytes[index++] = (byte)(A1 >> j);
-            bytes[index++] = (byte)(A2 >> j);
-            bytes[index++] = (byte)(A3 >> j);
-        }
-    }
-
-    private void encryptBlock(
-        long[][] rk)
-    {
-        int r;
-
-        //
-        // begin with a key addition
-        //
-        KeyAddition(rk[0]);
-
-        //
-        // ROUNDS-1 ordinary rounds
-        //
-        for (r = 1; r < ROUNDS; r++)
-        {
-            Substitution(S);
-            ShiftRow(shifts0SC);
-            MixColumn();
-            KeyAddition(rk[r]);
-        }
-
-        //
-        // Last round is special: there is no MixColumn
-        //
-        Substitution(S);
-        ShiftRow(shifts0SC);
-        KeyAddition(rk[ROUNDS]);
-    }
-
-    private void decryptBlock(
-        long[][] rk)
-    {
-        int r;
-
-        // To decrypt: apply the inverse operations of the encrypt routine,
-        //             in opposite order
-        //
-        // (KeyAddition is an involution: it 's equal to its inverse)
-        // (the inverse of Substitution with table S is Substitution with the inverse table of S)
-        // (the inverse of Shiftrow is Shiftrow over a suitable distance)
-        //
-
-        // First the special round:
-        //   without InvMixColumn
-        //   with extra KeyAddition
-        //
-        KeyAddition(rk[ROUNDS]);
-        Substitution(Si);
-        ShiftRow(shifts1SC);
-
-        //
-        // ROUNDS-1 ordinary rounds
-        //
-        for (r = ROUNDS-1; r > 0; r--)
-        {
-            KeyAddition(rk[r]);
-            InvMixColumn();
-            Substitution(Si);
-            ShiftRow(shifts1SC);
-        }
-
-        //
-        // End with the extra key addition
-        //
-        KeyAddition(rk[0]);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/SEEDEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/SEEDEngine.java
deleted file mode 100644
index 43872ed..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/SEEDEngine.java
+++ /dev/null

@@ -1,346 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.KeyParameter;
-
-/**
- * Implementation of the SEED algorithm as described in RFC 4009
- */
-public class SEEDEngine
-    implements BlockCipher
-{
-    private final int BLOCK_SIZE = 16;
-
-    private static final int[] SS0 =
-        {
-            0x2989a1a8, 0x05858184, 0x16c6d2d4, 0x13c3d3d0, 0x14445054, 0x1d0d111c, 0x2c8ca0ac, 0x25052124,
-            0x1d4d515c, 0x03434340, 0x18081018, 0x1e0e121c, 0x11415150, 0x3cccf0fc, 0x0acac2c8, 0x23436360,
-            0x28082028, 0x04444044, 0x20002020, 0x1d8d919c, 0x20c0e0e0, 0x22c2e2e0, 0x08c8c0c8, 0x17071314,
-            0x2585a1a4, 0x0f8f838c, 0x03030300, 0x3b4b7378, 0x3b8bb3b8, 0x13031310, 0x12c2d2d0, 0x2ecee2ec,
-            0x30407070, 0x0c8c808c, 0x3f0f333c, 0x2888a0a8, 0x32023230, 0x1dcdd1dc, 0x36c6f2f4, 0x34447074,
-            0x2ccce0ec, 0x15859194, 0x0b0b0308, 0x17475354, 0x1c4c505c, 0x1b4b5358, 0x3d8db1bc, 0x01010100,
-            0x24042024, 0x1c0c101c, 0x33437370, 0x18889098, 0x10001010, 0x0cccc0cc, 0x32c2f2f0, 0x19c9d1d8,
-            0x2c0c202c, 0x27c7e3e4, 0x32427270, 0x03838380, 0x1b8b9398, 0x11c1d1d0, 0x06868284, 0x09c9c1c8,
-            0x20406060, 0x10405050, 0x2383a3a0, 0x2bcbe3e8, 0x0d0d010c, 0x3686b2b4, 0x1e8e929c, 0x0f4f434c,
-            0x3787b3b4, 0x1a4a5258, 0x06c6c2c4, 0x38487078, 0x2686a2a4, 0x12021210, 0x2f8fa3ac, 0x15c5d1d4,
-            0x21416160, 0x03c3c3c0, 0x3484b0b4, 0x01414140, 0x12425250, 0x3d4d717c, 0x0d8d818c, 0x08080008,
-            0x1f0f131c, 0x19899198, 0x00000000, 0x19091118, 0x04040004, 0x13435350, 0x37c7f3f4, 0x21c1e1e0,
-            0x3dcdf1fc, 0x36467274, 0x2f0f232c, 0x27072324, 0x3080b0b0, 0x0b8b8388, 0x0e0e020c, 0x2b8ba3a8,
-            0x2282a2a0, 0x2e4e626c, 0x13839390, 0x0d4d414c, 0x29496168, 0x3c4c707c, 0x09090108, 0x0a0a0208,
-            0x3f8fb3bc, 0x2fcfe3ec, 0x33c3f3f0, 0x05c5c1c4, 0x07878384, 0x14041014, 0x3ecef2fc, 0x24446064,
-            0x1eced2dc, 0x2e0e222c, 0x0b4b4348, 0x1a0a1218, 0x06060204, 0x21012120, 0x2b4b6368, 0x26466264,
-            0x02020200, 0x35c5f1f4, 0x12829290, 0x0a8a8288, 0x0c0c000c, 0x3383b3b0, 0x3e4e727c, 0x10c0d0d0,
-            0x3a4a7278, 0x07474344, 0x16869294, 0x25c5e1e4, 0x26062224, 0x00808080, 0x2d8da1ac, 0x1fcfd3dc,
-            0x2181a1a0, 0x30003030, 0x37073334, 0x2e8ea2ac, 0x36063234, 0x15051114, 0x22022220, 0x38083038,
-            0x34c4f0f4, 0x2787a3a4, 0x05454144, 0x0c4c404c, 0x01818180, 0x29c9e1e8, 0x04848084, 0x17879394,
-            0x35053134, 0x0bcbc3c8, 0x0ecec2cc, 0x3c0c303c, 0x31417170, 0x11011110, 0x07c7c3c4, 0x09898188,
-            0x35457174, 0x3bcbf3f8, 0x1acad2d8, 0x38c8f0f8, 0x14849094, 0x19495158, 0x02828280, 0x04c4c0c4,
-            0x3fcff3fc, 0x09494148, 0x39093138, 0x27476364, 0x00c0c0c0, 0x0fcfc3cc, 0x17c7d3d4, 0x3888b0b8,
-            0x0f0f030c, 0x0e8e828c, 0x02424240, 0x23032320, 0x11819190, 0x2c4c606c, 0x1bcbd3d8, 0x2484a0a4,
-            0x34043034, 0x31c1f1f0, 0x08484048, 0x02c2c2c0, 0x2f4f636c, 0x3d0d313c, 0x2d0d212c, 0x00404040,
-            0x3e8eb2bc, 0x3e0e323c, 0x3c8cb0bc, 0x01c1c1c0, 0x2a8aa2a8, 0x3a8ab2b8, 0x0e4e424c, 0x15455154,
-            0x3b0b3338, 0x1cccd0dc, 0x28486068, 0x3f4f737c, 0x1c8c909c, 0x18c8d0d8, 0x0a4a4248, 0x16465254,
-            0x37477374, 0x2080a0a0, 0x2dcde1ec, 0x06464244, 0x3585b1b4, 0x2b0b2328, 0x25456164, 0x3acaf2f8,
-            0x23c3e3e0, 0x3989b1b8, 0x3181b1b0, 0x1f8f939c, 0x1e4e525c, 0x39c9f1f8, 0x26c6e2e4, 0x3282b2b0,
-            0x31013130, 0x2acae2e8, 0x2d4d616c, 0x1f4f535c, 0x24c4e0e4, 0x30c0f0f0, 0x0dcdc1cc, 0x08888088,
-            0x16061214, 0x3a0a3238, 0x18485058, 0x14c4d0d4, 0x22426260, 0x29092128, 0x07070304, 0x33033330,
-            0x28c8e0e8, 0x1b0b1318, 0x05050104, 0x39497178, 0x10809090, 0x2a4a6268, 0x2a0a2228, 0x1a8a9298
-        };
-
-    private static final int[] SS1 =
-        {
-
-            0x38380830, 0xe828c8e0, 0x2c2d0d21, 0xa42686a2, 0xcc0fcfc3, 0xdc1eced2, 0xb03383b3, 0xb83888b0,
-            0xac2f8fa3, 0x60204060, 0x54154551, 0xc407c7c3, 0x44044440, 0x6c2f4f63, 0x682b4b63, 0x581b4b53,
-            0xc003c3c3, 0x60224262, 0x30330333, 0xb43585b1, 0x28290921, 0xa02080a0, 0xe022c2e2, 0xa42787a3,
-            0xd013c3d3, 0x90118191, 0x10110111, 0x04060602, 0x1c1c0c10, 0xbc3c8cb0, 0x34360632, 0x480b4b43,
-            0xec2fcfe3, 0x88088880, 0x6c2c4c60, 0xa82888a0, 0x14170713, 0xc404c4c0, 0x14160612, 0xf434c4f0,
-            0xc002c2c2, 0x44054541, 0xe021c1e1, 0xd416c6d2, 0x3c3f0f33, 0x3c3d0d31, 0x8c0e8e82, 0x98188890,
-            0x28280820, 0x4c0e4e42, 0xf436c6f2, 0x3c3e0e32, 0xa42585a1, 0xf839c9f1, 0x0c0d0d01, 0xdc1fcfd3,
-            0xd818c8d0, 0x282b0b23, 0x64264662, 0x783a4a72, 0x24270723, 0x2c2f0f23, 0xf031c1f1, 0x70324272,
-            0x40024242, 0xd414c4d0, 0x40014141, 0xc000c0c0, 0x70334373, 0x64274763, 0xac2c8ca0, 0x880b8b83,
-            0xf437c7f3, 0xac2d8da1, 0x80008080, 0x1c1f0f13, 0xc80acac2, 0x2c2c0c20, 0xa82a8aa2, 0x34340430,
-            0xd012c2d2, 0x080b0b03, 0xec2ecee2, 0xe829c9e1, 0x5c1d4d51, 0x94148490, 0x18180810, 0xf838c8f0,
-            0x54174753, 0xac2e8ea2, 0x08080800, 0xc405c5c1, 0x10130313, 0xcc0dcdc1, 0x84068682, 0xb83989b1,
-            0xfc3fcff3, 0x7c3d4d71, 0xc001c1c1, 0x30310131, 0xf435c5f1, 0x880a8a82, 0x682a4a62, 0xb03181b1,
-            0xd011c1d1, 0x20200020, 0xd417c7d3, 0x00020202, 0x20220222, 0x04040400, 0x68284860, 0x70314171,
-            0x04070703, 0xd81bcbd3, 0x9c1d8d91, 0x98198991, 0x60214161, 0xbc3e8eb2, 0xe426c6e2, 0x58194951,
-            0xdc1dcdd1, 0x50114151, 0x90108090, 0xdc1cccd0, 0x981a8a92, 0xa02383a3, 0xa82b8ba3, 0xd010c0d0,
-            0x80018181, 0x0c0f0f03, 0x44074743, 0x181a0a12, 0xe023c3e3, 0xec2ccce0, 0x8c0d8d81, 0xbc3f8fb3,
-            0x94168692, 0x783b4b73, 0x5c1c4c50, 0xa02282a2, 0xa02181a1, 0x60234363, 0x20230323, 0x4c0d4d41,
-            0xc808c8c0, 0x9c1e8e92, 0x9c1c8c90, 0x383a0a32, 0x0c0c0c00, 0x2c2e0e22, 0xb83a8ab2, 0x6c2e4e62,
-            0x9c1f8f93, 0x581a4a52, 0xf032c2f2, 0x90128292, 0xf033c3f3, 0x48094941, 0x78384870, 0xcc0cccc0,
-            0x14150511, 0xf83bcbf3, 0x70304070, 0x74354571, 0x7c3f4f73, 0x34350531, 0x10100010, 0x00030303,
-            0x64244460, 0x6c2d4d61, 0xc406c6c2, 0x74344470, 0xd415c5d1, 0xb43484b0, 0xe82acae2, 0x08090901,
-            0x74364672, 0x18190911, 0xfc3ecef2, 0x40004040, 0x10120212, 0xe020c0e0, 0xbc3d8db1, 0x04050501,
-            0xf83acaf2, 0x00010101, 0xf030c0f0, 0x282a0a22, 0x5c1e4e52, 0xa82989a1, 0x54164652, 0x40034343,
-            0x84058581, 0x14140410, 0x88098981, 0x981b8b93, 0xb03080b0, 0xe425c5e1, 0x48084840, 0x78394971,
-            0x94178793, 0xfc3cccf0, 0x1c1e0e12, 0x80028282, 0x20210121, 0x8c0c8c80, 0x181b0b13, 0x5c1f4f53,
-            0x74374773, 0x54144450, 0xb03282b2, 0x1c1d0d11, 0x24250521, 0x4c0f4f43, 0x00000000, 0x44064642,
-            0xec2dcde1, 0x58184850, 0x50124252, 0xe82bcbe3, 0x7c3e4e72, 0xd81acad2, 0xc809c9c1, 0xfc3dcdf1,
-            0x30300030, 0x94158591, 0x64254561, 0x3c3c0c30, 0xb43686b2, 0xe424c4e0, 0xb83b8bb3, 0x7c3c4c70,
-            0x0c0e0e02, 0x50104050, 0x38390931, 0x24260622, 0x30320232, 0x84048480, 0x68294961, 0x90138393,
-            0x34370733, 0xe427c7e3, 0x24240420, 0xa42484a0, 0xc80bcbc3, 0x50134353, 0x080a0a02, 0x84078783,
-            0xd819c9d1, 0x4c0c4c40, 0x80038383, 0x8c0f8f83, 0xcc0ecec2, 0x383b0b33, 0x480a4a42, 0xb43787b3
-        };
-
-    private static final int[] SS2 =
-        {
-
-            0xa1a82989, 0x81840585, 0xd2d416c6, 0xd3d013c3, 0x50541444, 0x111c1d0d, 0xa0ac2c8c, 0x21242505,
-            0x515c1d4d, 0x43400343, 0x10181808, 0x121c1e0e, 0x51501141, 0xf0fc3ccc, 0xc2c80aca, 0x63602343,
-            0x20282808, 0x40440444, 0x20202000, 0x919c1d8d, 0xe0e020c0, 0xe2e022c2, 0xc0c808c8, 0x13141707,
-            0xa1a42585, 0x838c0f8f, 0x03000303, 0x73783b4b, 0xb3b83b8b, 0x13101303, 0xd2d012c2, 0xe2ec2ece,
-            0x70703040, 0x808c0c8c, 0x333c3f0f, 0xa0a82888, 0x32303202, 0xd1dc1dcd, 0xf2f436c6, 0x70743444,
-            0xe0ec2ccc, 0x91941585, 0x03080b0b, 0x53541747, 0x505c1c4c, 0x53581b4b, 0xb1bc3d8d, 0x01000101,
-            0x20242404, 0x101c1c0c, 0x73703343, 0x90981888, 0x10101000, 0xc0cc0ccc, 0xf2f032c2, 0xd1d819c9,
-            0x202c2c0c, 0xe3e427c7, 0x72703242, 0x83800383, 0x93981b8b, 0xd1d011c1, 0x82840686, 0xc1c809c9,
-            0x60602040, 0x50501040, 0xa3a02383, 0xe3e82bcb, 0x010c0d0d, 0xb2b43686, 0x929c1e8e, 0x434c0f4f,
-            0xb3b43787, 0x52581a4a, 0xc2c406c6, 0x70783848, 0xa2a42686, 0x12101202, 0xa3ac2f8f, 0xd1d415c5,
-            0x61602141, 0xc3c003c3, 0xb0b43484, 0x41400141, 0x52501242, 0x717c3d4d, 0x818c0d8d, 0x00080808,
-            0x131c1f0f, 0x91981989, 0x00000000, 0x11181909, 0x00040404, 0x53501343, 0xf3f437c7, 0xe1e021c1,
-            0xf1fc3dcd, 0x72743646, 0x232c2f0f, 0x23242707, 0xb0b03080, 0x83880b8b, 0x020c0e0e, 0xa3a82b8b,
-            0xa2a02282, 0x626c2e4e, 0x93901383, 0x414c0d4d, 0x61682949, 0x707c3c4c, 0x01080909, 0x02080a0a,
-            0xb3bc3f8f, 0xe3ec2fcf, 0xf3f033c3, 0xc1c405c5, 0x83840787, 0x10141404, 0xf2fc3ece, 0x60642444,
-            0xd2dc1ece, 0x222c2e0e, 0x43480b4b, 0x12181a0a, 0x02040606, 0x21202101, 0x63682b4b, 0x62642646,
-            0x02000202, 0xf1f435c5, 0x92901282, 0x82880a8a, 0x000c0c0c, 0xb3b03383, 0x727c3e4e, 0xd0d010c0,
-            0x72783a4a, 0x43440747, 0x92941686, 0xe1e425c5, 0x22242606, 0x80800080, 0xa1ac2d8d, 0xd3dc1fcf,
-            0xa1a02181, 0x30303000, 0x33343707, 0xa2ac2e8e, 0x32343606, 0x11141505, 0x22202202, 0x30383808,
-            0xf0f434c4, 0xa3a42787, 0x41440545, 0x404c0c4c, 0x81800181, 0xe1e829c9, 0x80840484, 0x93941787,
-            0x31343505, 0xc3c80bcb, 0xc2cc0ece, 0x303c3c0c, 0x71703141, 0x11101101, 0xc3c407c7, 0x81880989,
-            0x71743545, 0xf3f83bcb, 0xd2d81aca, 0xf0f838c8, 0x90941484, 0x51581949, 0x82800282, 0xc0c404c4,
-            0xf3fc3fcf, 0x41480949, 0x31383909, 0x63642747, 0xc0c000c0, 0xc3cc0fcf, 0xd3d417c7, 0xb0b83888,
-            0x030c0f0f, 0x828c0e8e, 0x42400242, 0x23202303, 0x91901181, 0x606c2c4c, 0xd3d81bcb, 0xa0a42484,
-            0x30343404, 0xf1f031c1, 0x40480848, 0xc2c002c2, 0x636c2f4f, 0x313c3d0d, 0x212c2d0d, 0x40400040,
-            0xb2bc3e8e, 0x323c3e0e, 0xb0bc3c8c, 0xc1c001c1, 0xa2a82a8a, 0xb2b83a8a, 0x424c0e4e, 0x51541545,
-            0x33383b0b, 0xd0dc1ccc, 0x60682848, 0x737c3f4f, 0x909c1c8c, 0xd0d818c8, 0x42480a4a, 0x52541646,
-            0x73743747, 0xa0a02080, 0xe1ec2dcd, 0x42440646, 0xb1b43585, 0x23282b0b, 0x61642545, 0xf2f83aca,
-            0xe3e023c3, 0xb1b83989, 0xb1b03181, 0x939c1f8f, 0x525c1e4e, 0xf1f839c9, 0xe2e426c6, 0xb2b03282,
-            0x31303101, 0xe2e82aca, 0x616c2d4d, 0x535c1f4f, 0xe0e424c4, 0xf0f030c0, 0xc1cc0dcd, 0x80880888,
-            0x12141606, 0x32383a0a, 0x50581848, 0xd0d414c4, 0x62602242, 0x21282909, 0x03040707, 0x33303303,
-            0xe0e828c8, 0x13181b0b, 0x01040505, 0x71783949, 0x90901080, 0x62682a4a, 0x22282a0a, 0x92981a8a
-        };
-
-
-    private static final int[] SS3 =
-        {
-
-            0x08303838, 0xc8e0e828, 0x0d212c2d, 0x86a2a426, 0xcfc3cc0f, 0xced2dc1e, 0x83b3b033, 0x88b0b838,
-            0x8fa3ac2f, 0x40606020, 0x45515415, 0xc7c3c407, 0x44404404, 0x4f636c2f, 0x4b63682b, 0x4b53581b,
-            0xc3c3c003, 0x42626022, 0x03333033, 0x85b1b435, 0x09212829, 0x80a0a020, 0xc2e2e022, 0x87a3a427,
-            0xc3d3d013, 0x81919011, 0x01111011, 0x06020406, 0x0c101c1c, 0x8cb0bc3c, 0x06323436, 0x4b43480b,
-            0xcfe3ec2f, 0x88808808, 0x4c606c2c, 0x88a0a828, 0x07131417, 0xc4c0c404, 0x06121416, 0xc4f0f434,
-            0xc2c2c002, 0x45414405, 0xc1e1e021, 0xc6d2d416, 0x0f333c3f, 0x0d313c3d, 0x8e828c0e, 0x88909818,
-            0x08202828, 0x4e424c0e, 0xc6f2f436, 0x0e323c3e, 0x85a1a425, 0xc9f1f839, 0x0d010c0d, 0xcfd3dc1f,
-            0xc8d0d818, 0x0b23282b, 0x46626426, 0x4a72783a, 0x07232427, 0x0f232c2f, 0xc1f1f031, 0x42727032,
-            0x42424002, 0xc4d0d414, 0x41414001, 0xc0c0c000, 0x43737033, 0x47636427, 0x8ca0ac2c, 0x8b83880b,
-            0xc7f3f437, 0x8da1ac2d, 0x80808000, 0x0f131c1f, 0xcac2c80a, 0x0c202c2c, 0x8aa2a82a, 0x04303434,
-            0xc2d2d012, 0x0b03080b, 0xcee2ec2e, 0xc9e1e829, 0x4d515c1d, 0x84909414, 0x08101818, 0xc8f0f838,
-            0x47535417, 0x8ea2ac2e, 0x08000808, 0xc5c1c405, 0x03131013, 0xcdc1cc0d, 0x86828406, 0x89b1b839,
-            0xcff3fc3f, 0x4d717c3d, 0xc1c1c001, 0x01313031, 0xc5f1f435, 0x8a82880a, 0x4a62682a, 0x81b1b031,
-            0xc1d1d011, 0x00202020, 0xc7d3d417, 0x02020002, 0x02222022, 0x04000404, 0x48606828, 0x41717031,
-            0x07030407, 0xcbd3d81b, 0x8d919c1d, 0x89919819, 0x41616021, 0x8eb2bc3e, 0xc6e2e426, 0x49515819,
-            0xcdd1dc1d, 0x41515011, 0x80909010, 0xccd0dc1c, 0x8a92981a, 0x83a3a023, 0x8ba3a82b, 0xc0d0d010,
-            0x81818001, 0x0f030c0f, 0x47434407, 0x0a12181a, 0xc3e3e023, 0xcce0ec2c, 0x8d818c0d, 0x8fb3bc3f,
-            0x86929416, 0x4b73783b, 0x4c505c1c, 0x82a2a022, 0x81a1a021, 0x43636023, 0x03232023, 0x4d414c0d,
-            0xc8c0c808, 0x8e929c1e, 0x8c909c1c, 0x0a32383a, 0x0c000c0c, 0x0e222c2e, 0x8ab2b83a, 0x4e626c2e,
-            0x8f939c1f, 0x4a52581a, 0xc2f2f032, 0x82929012, 0xc3f3f033, 0x49414809, 0x48707838, 0xccc0cc0c,
-            0x05111415, 0xcbf3f83b, 0x40707030, 0x45717435, 0x4f737c3f, 0x05313435, 0x00101010, 0x03030003,
-            0x44606424, 0x4d616c2d, 0xc6c2c406, 0x44707434, 0xc5d1d415, 0x84b0b434, 0xcae2e82a, 0x09010809,
-            0x46727436, 0x09111819, 0xcef2fc3e, 0x40404000, 0x02121012, 0xc0e0e020, 0x8db1bc3d, 0x05010405,
-            0xcaf2f83a, 0x01010001, 0xc0f0f030, 0x0a22282a, 0x4e525c1e, 0x89a1a829, 0x46525416, 0x43434003,
-            0x85818405, 0x04101414, 0x89818809, 0x8b93981b, 0x80b0b030, 0xc5e1e425, 0x48404808, 0x49717839,
-            0x87939417, 0xccf0fc3c, 0x0e121c1e, 0x82828002, 0x01212021, 0x8c808c0c, 0x0b13181b, 0x4f535c1f,
-            0x47737437, 0x44505414, 0x82b2b032, 0x0d111c1d, 0x05212425, 0x4f434c0f, 0x00000000, 0x46424406,
-            0xcde1ec2d, 0x48505818, 0x42525012, 0xcbe3e82b, 0x4e727c3e, 0xcad2d81a, 0xc9c1c809, 0xcdf1fc3d,
-            0x00303030, 0x85919415, 0x45616425, 0x0c303c3c, 0x86b2b436, 0xc4e0e424, 0x8bb3b83b, 0x4c707c3c,
-            0x0e020c0e, 0x40505010, 0x09313839, 0x06222426, 0x02323032, 0x84808404, 0x49616829, 0x83939013,
-            0x07333437, 0xc7e3e427, 0x04202424, 0x84a0a424, 0xcbc3c80b, 0x43535013, 0x0a02080a, 0x87838407,
-            0xc9d1d819, 0x4c404c0c, 0x83838003, 0x8f838c0f, 0xcec2cc0e, 0x0b33383b, 0x4a42480a, 0x87b3b437
-        };
-
-
-    private static final int[] KC =
-        {
-            0x9e3779b9, 0x3c6ef373, 0x78dde6e6, 0xf1bbcdcc,
-            0xe3779b99, 0xc6ef3733, 0x8dde6e67, 0x1bbcdccf,
-            0x3779b99e, 0x6ef3733c, 0xdde6e678, 0xbbcdccf1,
-            0x779b99e3, 0xef3733c6, 0xde6e678d, 0xbcdccf1b
-        };
-
-    private int[] wKey;
-    private boolean forEncryption;
-
-    public void init(boolean forEncryption, CipherParameters params) throws IllegalArgumentException
-    {
-        this.forEncryption = forEncryption;
-        wKey = createWorkingKey(((KeyParameter)params).getKey());
-    }
-
-    public String getAlgorithmName()
-    {
-        return "SEED";
-    }
-
-    public int getBlockSize()
-    {
-        return BLOCK_SIZE;
-    }
-
-    public int processBlock(byte[] in, int inOff, byte[] out, int outOff) throws DataLengthException, IllegalStateException
-    {
-        if (wKey == null)
-        {
-            throw new IllegalStateException("SEED engine not initialised");
-        }
-
-        if (inOff + BLOCK_SIZE > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-
-        if (outOff + BLOCK_SIZE > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-
-        long l = bytesToLong(in, inOff + 0);
-        long r = bytesToLong(in, inOff + 8);
-
-        if (forEncryption)
-        {
-            for (int i = 0; i < 16; i++)
-            {
-               long nl = r;
-
-               r = l ^ F(wKey[2 * i], wKey[(2 * i) + 1], r);
-               l = nl;
-            }
-        }
-        else
-        {
-            for (int i = 15; i >= 0; i--)
-            {
-               long nl = r;
-
-               r = l ^ F(wKey[2 * i], wKey[(2 * i) + 1], r);
-               l = nl;
-            }
-        }
-
-        longToBytes(out, outOff + 0, r);
-        longToBytes(out, outOff + 8, l);
-
-        return BLOCK_SIZE;
-    }
-
-    public void reset()
-    {
-    }
-
-    private int[] createWorkingKey(byte[] inKey)
-    {
-        int[] key = new int[32];
-        long lower = bytesToLong(inKey, 0);
-        long upper = bytesToLong(inKey, 8);
-
-        int key0 = extractW0(lower);
-        int key1 = extractW1(lower);
-        int key2 = extractW0(upper);
-        int key3 = extractW1(upper);
-
-        for (int i = 0; i < 16; i++)
-        {
-            key[2 * i] = G(key0 + key2 - KC[i]);
-            key[2 * i + 1] = G(key1 - key3 + KC[i]);
-
-            if (i % 2 == 0)
-            {
-                lower = rotateRight8(lower);
-                key0 = extractW0(lower);
-                key1 = extractW1(lower);
-            }
-            else
-            {
-                upper = rotateLeft8(upper);
-                key2 = extractW0(upper);
-                key3 = extractW1(upper);
-            }
-        }
-
-        return key;
-    }
-
-    private int extractW1(long lVal)
-    {
-        return (int)lVal;
-    }
-
-    private int extractW0(long lVal)
-    {
-        return (int)(lVal >> 32);
-    }
-
-    private long rotateLeft8(long x)
-    {
-        return (x << 8) | (x >>> 56);
-    }
-
-    private long rotateRight8(long x)
-    {
-        return (x >>> 8) | (x << 56);
-    }
-
-    private long bytesToLong(
-        byte[]  src,
-        int     srcOff)
-    {
-        long    word = 0;
-
-        for (int i = 0; i <= 7; i++)
-        {
-            word = (word << 8) + (src[i + srcOff] & 0xff);
-        }
-
-        return word;
-    }
-
-    private void longToBytes(
-        byte[]  dest,
-        int     destOff,
-        long    value)
-    {
-        for (int i = 0; i < 8; i++)
-        {
-            dest[i + destOff] = (byte)(value >> ((7 - i) * 8));
-        }
-    }
-
-    private int G(int x)
-    {
-        return SS0[x & 0xff] ^ SS1[(x >> 8) & 0xff] ^ SS2[(x >> 16) & 0xff] ^ SS3[(x >> 24) & 0xff];
-    }
-
-    private long F(int ki0, int ki1, long r)
-    {
-        int r0 = (int)(r >> 32);
-        int r1 = (int)r;
-        int rd1 = phaseCalc2(r0, ki0, r1, ki1);
-        int rd0 = rd1 + phaseCalc1(r0, ki0, r1, ki1);
-
-        return ((long)rd0 << 32) | (rd1 & 0xffffffffL);
-    }
-
-    private int phaseCalc1(int r0, int ki0, int r1, int ki1)
-    {
-        return G(G((r0 ^ ki0) ^ (r1 ^ ki1)) + (r0 ^ ki0));
-    }
-
-    private int phaseCalc2(int r0, int ki0, int r1, int ki1)
-    {
-        return G(phaseCalc1(r0, ki0, r1, ki1) + G((r0 ^ ki0) ^ (r1 ^ ki1)));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/SEEDWrapEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/SEEDWrapEngine.java
deleted file mode 100644
index 5b65b00..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/SEEDWrapEngine.java
+++ /dev/null

@@ -1,15 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-/**
- * An implementation of the SEED key wrapper based on RFC 4010/RFC 3394.
- * <p>
- * For further details see: <a href="http://www.ietf.org/rfc/rfc4010.txt">http://www.ietf.org/rfc/rfc4010.txt</a>.
- */
-public class SEEDWrapEngine
-    extends RFC3394WrapEngine
-{
-    public SEEDWrapEngine()
-    {
-        super(new SEEDEngine());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/SM2Engine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/SM2Engine.java
deleted file mode 100644
index f3eb4ee..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/SM2Engine.java
+++ /dev/null

@@ -1,269 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.digests.SM3Digest;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECKeyParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECMultiplier;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.FixedPointCombMultiplier;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.BigIntegers;
-import org.bouncycastle.util.Memoable;
-import org.bouncycastle.util.Pack;
-
-/**
- * SM2 public key encryption engine - based on https://tools.ietf.org/html/draft-shen-sm2-ecdsa-02.
- */
-public class SM2Engine
-{
-    private final Digest digest;
-    
-    private boolean forEncryption;
-    private ECKeyParameters ecKey;
-    private ECDomainParameters ecParams;
-    private int curveLength;
-    private SecureRandom random;
-
-    public SM2Engine()
-    {
-        this(new SM3Digest());
-    }
-
-    public SM2Engine(Digest digest)
-    {
-        this.digest = digest;
-    }
-
-    public void init(boolean forEncryption, CipherParameters param)
-    {
-        this.forEncryption = forEncryption;
-
-        if (forEncryption)
-        {
-            ParametersWithRandom rParam = (ParametersWithRandom)param;
-
-            ecKey = (ECKeyParameters)rParam.getParameters();
-            ecParams = ecKey.getParameters();
-
-            ECPoint s = ((ECPublicKeyParameters)ecKey).getQ().multiply(ecParams.getH());
-            if (s.isInfinity())
-            {
-                throw new IllegalArgumentException("invalid key: [h]Q at infinity");
-            }
-
-            random = rParam.getRandom();
-        }
-        else
-        {
-            ecKey = (ECKeyParameters)param;
-            ecParams = ecKey.getParameters();
-        }
-
-        curveLength = (ecParams.getCurve().getFieldSize() + 7) / 8;
-    }
-
-    public byte[] processBlock(
-        byte[] in,
-        int inOff,
-        int inLen)
-        throws InvalidCipherTextException
-    {
-        if (forEncryption)
-        {
-            return encrypt(in, inOff, inLen);
-        }
-        else
-        {
-            return decrypt(in, inOff, inLen);
-        }
-    }
-
-    public int getOutputSize(int inputLen)
-    {
-        return (1 + 2 * curveLength) + inputLen + digest.getDigestSize();
-    }
-
-    protected ECMultiplier createBasePointMultiplier()
-    {
-        return new FixedPointCombMultiplier();
-    }
-
-    private byte[] encrypt(byte[] in, int inOff, int inLen)
-        throws InvalidCipherTextException
-    {
-        byte[] c2 = new byte[inLen];
-
-        System.arraycopy(in, inOff, c2, 0, c2.length);
-
-        ECMultiplier multiplier = createBasePointMultiplier();
-
-        byte[] c1;
-        ECPoint kPB;
-        do
-        {
-            BigInteger k = nextK();
-
-            ECPoint c1P = multiplier.multiply(ecParams.getG(), k).normalize();
-
-            c1 = c1P.getEncoded(false);
-
-            kPB = ((ECPublicKeyParameters)ecKey).getQ().multiply(k).normalize();
-
-            kdf(digest, kPB, c2);
-        }
-        while (notEncrypted(c2, in, inOff));
-
-        byte[] c3 = new byte[digest.getDigestSize()];
-
-        addFieldElement(digest, kPB.getAffineXCoord());
-        digest.update(in, inOff, inLen);
-        addFieldElement(digest, kPB.getAffineYCoord());
-
-        digest.doFinal(c3, 0);
-        
-        return Arrays.concatenate(c1, c2, c3);
-    }
-
-    private byte[] decrypt(byte[] in, int inOff, int inLen)
-        throws InvalidCipherTextException
-    {
-        byte[] c1 = new byte[curveLength * 2 + 1];
-
-        System.arraycopy(in, inOff, c1, 0, c1.length);
-
-        ECPoint c1P = ecParams.getCurve().decodePoint(c1);
-
-        ECPoint s = c1P.multiply(ecParams.getH());
-        if (s.isInfinity())
-        {
-            throw new InvalidCipherTextException("[h]C1 at infinity");
-        }
-
-        c1P = c1P.multiply(((ECPrivateKeyParameters)ecKey).getD()).normalize();
-
-        byte[] c2 = new byte[inLen - c1.length - digest.getDigestSize()];
-
-        System.arraycopy(in, inOff + c1.length, c2, 0, c2.length);
-
-        kdf(digest, c1P, c2);
-
-        byte[] c3 = new byte[digest.getDigestSize()];
-
-        addFieldElement(digest, c1P.getAffineXCoord());
-        digest.update(c2, 0, c2.length);
-        addFieldElement(digest, c1P.getAffineYCoord());
-
-        digest.doFinal(c3, 0);
-
-        int check = 0;
-        for (int i = 0; i != c3.length; i++)
-        {
-            check |= c3[i] ^ in[inOff + c1.length + c2.length + i];
-        }
-
-        Arrays.fill(c1, (byte)0);
-        Arrays.fill(c3, (byte)0);
-
-        if (check != 0)
-        {
-            Arrays.fill(c2, (byte)0);
-            throw new InvalidCipherTextException("invalid cipher text");
-        }
-
-        return c2;
-    }
-
-    private boolean notEncrypted(byte[] encData, byte[] in, int inOff)
-    {
-        for (int i = 0; i != encData.length; i++)
-        {
-            if (encData[i] != in[inOff])
-            {
-                return false;
-            }
-        }
-
-        return true;
-    }
-
-    private void kdf(Digest digest, ECPoint c1, byte[] encData)
-    {
-        int digestSize = digest.getDigestSize();
-        byte[] buf = new byte[Math.max(4, digestSize)];
-        int off = 0;
-
-        Memoable memo = null;
-        Memoable copy = null;
-
-        if (digest instanceof Memoable)
-        {
-            addFieldElement(digest, c1.getAffineXCoord());
-            addFieldElement(digest, c1.getAffineYCoord());
-            memo = (Memoable)digest;
-            copy = memo.copy();
-        }
-
-        int ct = 0;
-
-        while (off < encData.length)
-        {
-            if (memo != null)
-            {
-                memo.reset(copy);
-            }
-            else
-            {
-                addFieldElement(digest, c1.getAffineXCoord());
-                addFieldElement(digest, c1.getAffineYCoord());
-            }
-
-            Pack.intToBigEndian(++ct, buf, 0);
-            digest.update(buf, 0, 4);
-            digest.doFinal(buf, 0);
-
-            int xorLen = Math.min(digestSize, encData.length - off);
-            xor(encData, buf, off, xorLen);
-            off += xorLen;
-        }
-    }
-
-    private void xor(byte[] data, byte[] kdfOut, int dOff, int dRemaining)
-    {
-        for (int i = 0; i != dRemaining; i++)
-        {
-            data[dOff + i] ^= kdfOut[i];
-        }
-    }
-
-    private BigInteger nextK()
-    {
-        int qBitLength = ecParams.getN().bitLength();
-
-        BigInteger k;
-        do
-        {
-            k = BigIntegers.createRandomBigInteger(qBitLength, random);
-        }
-        while (k.equals(ECConstants.ZERO) || k.compareTo(ecParams.getN()) >= 0);
-
-        return k;
-    }
-
-    private void addFieldElement(Digest digest, ECFieldElement v)
-    {
-        byte[] p = BigIntegers.asUnsignedByteArray(curveLength, v.toBigInteger());
-
-        digest.update(p, 0, p.length);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/SM4Engine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/SM4Engine.java
deleted file mode 100644
index 033595b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/SM4Engine.java
+++ /dev/null

@@ -1,249 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Pack;
-
-/**
- * SM4 Block Cipher - SM4 is a 128 bit block cipher with a 128 bit key.
- * <p>
- *     The implementation here is based on the document <a href="http://eprint.iacr.org/2008/329.pdf">http://eprint.iacr.org/2008/329.pdf</a>
- *     by Whitfield Diffie and George Ledin, which is a translation of Prof. LU Shu-wang's original standard.
- * </p>
- */
-public class SM4Engine
-    implements BlockCipher
-{
-    private static final int BLOCK_SIZE = 16;
-
-    private final static byte[] Sbox =
-    {
-        (byte)0xd6, (byte)0x90, (byte)0xe9, (byte)0xfe, (byte)0xcc, (byte)0xe1, (byte)0x3d, (byte)0xb7, (byte)0x16, (byte)0xb6, (byte)0x14, (byte)0xc2, (byte)0x28, (byte)0xfb, (byte)0x2c, (byte)0x05,
-        (byte)0x2b, (byte)0x67, (byte)0x9a, (byte)0x76, (byte)0x2a, (byte)0xbe, (byte)0x04, (byte)0xc3, (byte)0xaa, (byte)0x44, (byte)0x13, (byte)0x26, (byte)0x49, (byte)0x86, (byte)0x06, (byte)0x99,
-        (byte)0x9c, (byte)0x42, (byte)0x50, (byte)0xf4, (byte)0x91, (byte)0xef, (byte)0x98, (byte)0x7a, (byte)0x33, (byte)0x54, (byte)0x0b, (byte)0x43, (byte)0xed, (byte)0xcf, (byte)0xac, (byte)0x62,
-        (byte)0xe4, (byte)0xb3, (byte)0x1c, (byte)0xa9, (byte)0xc9, (byte)0x08, (byte)0xe8, (byte)0x95, (byte)0x80, (byte)0xdf, (byte)0x94, (byte)0xfa, (byte)0x75, (byte)0x8f, (byte)0x3f, (byte)0xa6,
-        (byte)0x47, (byte)0x07, (byte)0xa7, (byte)0xfc, (byte)0xf3, (byte)0x73, (byte)0x17, (byte)0xba, (byte)0x83, (byte)0x59, (byte)0x3c, (byte)0x19, (byte)0xe6, (byte)0x85, (byte)0x4f, (byte)0xa8,
-        (byte)0x68, (byte)0x6b, (byte)0x81, (byte)0xb2, (byte)0x71, (byte)0x64, (byte)0xda, (byte)0x8b, (byte)0xf8, (byte)0xeb, (byte)0x0f, (byte)0x4b, (byte)0x70, (byte)0x56, (byte)0x9d, (byte)0x35,
-        (byte)0x1e, (byte)0x24, (byte)0x0e, (byte)0x5e, (byte)0x63, (byte)0x58, (byte)0xd1, (byte)0xa2, (byte)0x25, (byte)0x22, (byte)0x7c, (byte)0x3b, (byte)0x01, (byte)0x21, (byte)0x78, (byte)0x87,
-        (byte)0xd4, (byte)0x00, (byte)0x46, (byte)0x57, (byte)0x9f, (byte)0xd3, (byte)0x27, (byte)0x52, (byte)0x4c, (byte)0x36, (byte)0x02, (byte)0xe7, (byte)0xa0, (byte)0xc4, (byte)0xc8, (byte)0x9e,
-        (byte)0xea, (byte)0xbf, (byte)0x8a, (byte)0xd2, (byte)0x40, (byte)0xc7, (byte)0x38, (byte)0xb5, (byte)0xa3, (byte)0xf7, (byte)0xf2, (byte)0xce, (byte)0xf9, (byte)0x61, (byte)0x15, (byte)0xa1,
-        (byte)0xe0, (byte)0xae, (byte)0x5d, (byte)0xa4, (byte)0x9b, (byte)0x34, (byte)0x1a, (byte)0x55, (byte)0xad, (byte)0x93, (byte)0x32, (byte)0x30, (byte)0xf5, (byte)0x8c, (byte)0xb1, (byte)0xe3,
-        (byte)0x1d, (byte)0xf6, (byte)0xe2, (byte)0x2e, (byte)0x82, (byte)0x66, (byte)0xca, (byte)0x60, (byte)0xc0, (byte)0x29, (byte)0x23, (byte)0xab, (byte)0x0d, (byte)0x53, (byte)0x4e, (byte)0x6f,
-        (byte)0xd5, (byte)0xdb, (byte)0x37, (byte)0x45, (byte)0xde, (byte)0xfd, (byte)0x8e, (byte)0x2f, (byte)0x03, (byte)0xff, (byte)0x6a, (byte)0x72, (byte)0x6d, (byte)0x6c, (byte)0x5b, (byte)0x51,
-        (byte)0x8d, (byte)0x1b, (byte)0xaf, (byte)0x92, (byte)0xbb, (byte)0xdd, (byte)0xbc, (byte)0x7f, (byte)0x11, (byte)0xd9, (byte)0x5c, (byte)0x41, (byte)0x1f, (byte)0x10, (byte)0x5a, (byte)0xd8,
-        (byte)0x0a, (byte)0xc1, (byte)0x31, (byte)0x88, (byte)0xa5, (byte)0xcd, (byte)0x7b, (byte)0xbd, (byte)0x2d, (byte)0x74, (byte)0xd0, (byte)0x12, (byte)0xb8, (byte)0xe5, (byte)0xb4, (byte)0xb0,
-        (byte)0x89, (byte)0x69, (byte)0x97, (byte)0x4a, (byte)0x0c, (byte)0x96, (byte)0x77, (byte)0x7e, (byte)0x65, (byte)0xb9, (byte)0xf1, (byte)0x09, (byte)0xc5, (byte)0x6e, (byte)0xc6, (byte)0x84,
-        (byte)0x18, (byte)0xf0, (byte)0x7d, (byte)0xec, (byte)0x3a, (byte)0xdc, (byte)0x4d, (byte)0x20, (byte)0x79, (byte)0xee, (byte)0x5f, (byte)0x3e, (byte)0xd7, (byte)0xcb, (byte)0x39, (byte)0x48
-    };
-
-    private final static int[] CK =
-    {
-        0x00070e15, 0x1c232a31, 0x383f464d, 0x545b6269,
-        0x70777e85, 0x8c939aa1, 0xa8afb6bd, 0xc4cbd2d9,
-        0xe0e7eef5, 0xfc030a11, 0x181f262d, 0x343b4249,
-        0x50575e65, 0x6c737a81, 0x888f969d, 0xa4abb2b9,
-        0xc0c7ced5, 0xdce3eaf1, 0xf8ff060d, 0x141b2229,
-        0x30373e45, 0x4c535a61, 0x686f767d, 0x848b9299,
-        0xa0a7aeb5, 0xbcc3cad1, 0xd8dfe6ed, 0xf4fb0209,
-        0x10171e25, 0x2c333a41, 0x484f565d, 0x646b7279
-    };
-
-    private final static int[] FK =
-    {
-        0xa3b1bac6, 0x56aa3350, 0x677d9197, 0xb27022dc
-    };
-
-    private final int[] X = new int[4];
-
-    private int[] rk;
-
-    private int rotateLeft(
-        int x,
-        int bits)
-    {
-        return (x << bits) | (x >>> -bits);
-    }
-
-    // non-linear substitution tau.
-    private int tau(
-        int A)
-    {
-        int b0 = Sbox[(A >> 24) & 0xff] & 0xff;
-        int b1 = Sbox[(A >> 16) & 0xff] & 0xff;
-        int b2 = Sbox[(A >> 8) & 0xff] & 0xff;
-        int b3 = Sbox[A & 0xff] & 0xff;
-
-        return (b0 << 24) | (b1 << 16) | (b2 << 8) | b3;
-    }
-
-    private int L_ap(
-        int B)
-    {
-        return (B ^ (rotateLeft(B, 13)) ^ (rotateLeft(B, 23)));
-    }
-
-    private int T_ap(
-        int Z)
-    {
-        return L_ap(tau(Z));
-    }
-
-    // Key expansion
-    private int[] expandKey(boolean forEncryption, byte[] key)
-    {
-        int[] rk = new int[32];
-        int[] MK = new int[4];
-
-        MK[0] = Pack.bigEndianToInt(key, 0);
-        MK[1] = Pack.bigEndianToInt(key, 4);
-        MK[2] = Pack.bigEndianToInt(key, 8);
-        MK[3] = Pack.bigEndianToInt(key, 12);
-
-        int i;
-        int[] K = new int[4];
-        K[0] = MK[0] ^ FK[0];
-        K[1] = MK[1] ^ FK[1];
-        K[2] = MK[2] ^ FK[2];
-        K[3] = MK[3] ^ FK[3];
-
-        if (forEncryption)
-        {
-            rk[0] = K[0] ^ T_ap(K[1] ^ K[2] ^ K[3] ^ CK[0]);
-            rk[1] = K[1] ^ T_ap(K[2] ^ K[3] ^ rk[0] ^ CK[1]);
-            rk[2] = K[2] ^ T_ap(K[3] ^ rk[0] ^ rk[1] ^ CK[2]);
-            rk[3] = K[3] ^ T_ap(rk[0] ^ rk[1] ^ rk[2] ^ CK[3]);
-            for (i = 4; i < 32; i++)
-            {
-                rk[i] = rk[i - 4] ^ T_ap(rk[i - 3] ^ rk[i - 2] ^ rk[i - 1] ^ CK[i]);
-            }
-        }
-        else
-        {
-            rk[31] = K[0] ^ T_ap(K[1] ^ K[2] ^ K[3] ^ CK[0]);
-            rk[30] = K[1] ^ T_ap(K[2] ^ K[3] ^ rk[31] ^ CK[1]);
-            rk[29] = K[2] ^ T_ap(K[3] ^ rk[31] ^ rk[30] ^ CK[2]);
-            rk[28] = K[3] ^ T_ap(rk[31] ^ rk[30] ^ rk[29] ^ CK[3]);
-            for (i = 27; i >= 0; i--)
-            {
-                rk[i] = rk[i + 4] ^ T_ap(rk[i + 3] ^ rk[i + 2] ^ rk[i + 1] ^ CK[31 - i]);
-            }
-        }
-
-        return rk;
-    }
-
-
-    // Linear substitution L
-    private int L(int B)
-    {
-        int C;
-        C = (B ^ (rotateLeft(B, 2)) ^ (rotateLeft(B, 10)) ^ (rotateLeft(B,
-            18)) ^ (rotateLeft(B, 24)));
-        return C;
-    }
-
-    // Mixer-substitution T
-    private int T(int Z)
-    {
-        return L(tau(Z));
-    }
-
-    // The round functions
-    private int F0(int[] X, int rk)
-    {
-        return (X[0] ^ T(X[1] ^ X[2] ^ X[3] ^ rk));
-    }
-
-    private int F1(int[] X, int rk)
-    {
-        return (X[1] ^ T(X[2] ^ X[3] ^ X[0] ^ rk));
-    }
-
-    private int F2(int[] X, int rk)
-    {
-        return (X[2] ^ T(X[3] ^ X[0] ^ X[1] ^ rk));
-    }
-
-    private int F3(int[] X, int rk)
-    {
-        return (X[3] ^ T(X[0] ^ X[1] ^ X[2] ^ rk));
-    }
-
-    public void init(boolean forEncryption, CipherParameters params)
-        throws IllegalArgumentException
-    {
-        if (params instanceof KeyParameter)
-        {
-            byte[] key = ((KeyParameter)params).getKey();
-
-            if (key.length != 16)
-            {
-                throw new IllegalArgumentException("SM4 requires a 128 bit key");
-            }
-
-            rk = expandKey(forEncryption, key);
-        }
-        else
-        {
-            throw new IllegalArgumentException("invalid parameter passed to SM4 init - " + params.getClass().getName());
-        }
-    }
-
-    public String getAlgorithmName()
-    {
-        return "SM4";
-    }
-
-    public int getBlockSize()
-    {
-        return BLOCK_SIZE;
-    }
-
-    public int processBlock(byte[] in, int inOff, byte[] out, int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        if (rk == null)
-        {
-            throw new IllegalStateException("SM4 not initialised");
-        }
-
-        if ((inOff + BLOCK_SIZE) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-
-        if ((outOff + BLOCK_SIZE) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-
-        X[0] = Pack.bigEndianToInt(in, inOff);
-        X[1] = Pack.bigEndianToInt(in, inOff + 4);
-        X[2] = Pack.bigEndianToInt(in, inOff + 8);
-        X[3] = Pack.bigEndianToInt(in, inOff + 12);
-
-        int i;
-
-        for (i = 0; i < 32; i += 4)
-        {
-            X[0] = F0(X, rk[i]);
-            X[1] = F1(X, rk[i + 1]);
-            X[2] = F2(X, rk[i + 2]);
-            X[3] = F3(X, rk[i + 3]);
-        }
-
-        Pack.intToBigEndian(X[3], out, outOff);
-        Pack.intToBigEndian(X[2], out, outOff + 4);
-        Pack.intToBigEndian(X[1], out, outOff + 8);
-        Pack.intToBigEndian(X[0], out, outOff + 12);
-
-        return BLOCK_SIZE;
-    }
-
-    public void reset()
-    {
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/Salsa20Engine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/Salsa20Engine.java
deleted file mode 100644
index f25a25e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/Salsa20Engine.java
+++ /dev/null

@@ -1,542 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.MaxBytesExceededException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.SkippingStreamCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Pack;
-import org.bouncycastle.util.Strings;
-
-/**
- * Implementation of Daniel J. Bernstein's Salsa20 stream cipher, Snuffle 2005
- */
-public class Salsa20Engine
-    implements SkippingStreamCipher
-{
-    public final static int DEFAULT_ROUNDS = 20;
-
-    /** Constants */
-    private final static int STATE_SIZE = 16; // 16, 32 bit ints = 64 bytes
-
-    private final static int[] TAU_SIGMA = Pack.littleEndianToInt(Strings.toByteArray("expand 16-byte k" + "expand 32-byte k"), 0, 8);
-
-    protected void packTauOrSigma(int keyLength, int[] state, int stateOffset)
-    {
-        int tsOff = (keyLength - 16) / 4;
-        state[stateOffset    ] = TAU_SIGMA[tsOff    ];
-        state[stateOffset + 1] = TAU_SIGMA[tsOff + 1];
-        state[stateOffset + 2] = TAU_SIGMA[tsOff + 2];
-        state[stateOffset + 3] = TAU_SIGMA[tsOff + 3];
-    }
-
-    /** @deprecated */
-    protected final static byte[]
-        sigma = Strings.toByteArray("expand 32-byte k"),
-        tau   = Strings.toByteArray("expand 16-byte k");
-
-    protected int rounds;
-
-    /*
-     * variables to hold the state of the engine
-     * during encryption and decryption
-     */
-    private int         index = 0;
-    protected int[]     engineState = new int[STATE_SIZE]; // state
-    protected int[]     x = new int[STATE_SIZE] ; // internal buffer
-    private byte[]      keyStream   = new byte[STATE_SIZE * 4]; // expanded state, 64 bytes
-    private boolean     initialised = false;
-
-    /*
-     * internal counter
-     */
-    private int cW0, cW1, cW2;
-
-    /**
-     * Creates a 20 round Salsa20 engine.
-     */
-    public Salsa20Engine()
-    {
-        this(DEFAULT_ROUNDS);
-    }
-
-    /**
-     * Creates a Salsa20 engine with a specific number of rounds.
-     * @param rounds the number of rounds (must be an even number).
-     */
-    public Salsa20Engine(int rounds)
-    {
-        if (rounds <= 0 || (rounds & 1) != 0)
-        {
-            throw new IllegalArgumentException("'rounds' must be a positive, even number");
-        }
-
-        this.rounds = rounds;
-    }
-
-    /**
-     * initialise a Salsa20 cipher.
-     *
-     * @param forEncryption whether or not we are for encryption.
-     * @param params the parameters required to set up the cipher.
-     * @exception IllegalArgumentException if the params argument is
-     * inappropriate.
-     */
-    public void init(
-        boolean             forEncryption, 
-        CipherParameters     params)
-    {
-        /* 
-        * Salsa20 encryption and decryption is completely
-        * symmetrical, so the 'forEncryption' is 
-        * irrelevant. (Like 90% of stream ciphers)
-        */
-
-        if (!(params instanceof ParametersWithIV))
-        {
-            throw new IllegalArgumentException(getAlgorithmName() + " Init parameters must include an IV");
-        }
-
-        ParametersWithIV ivParams = (ParametersWithIV) params;
-
-        byte[] iv = ivParams.getIV();
-        if (iv == null || iv.length != getNonceSize())
-        {
-            throw new IllegalArgumentException(getAlgorithmName() + " requires exactly " + getNonceSize()
-                    + " bytes of IV");
-        }
-
-        CipherParameters keyParam = ivParams.getParameters();
-        if (keyParam == null)
-        {
-            if (!initialised)
-            {
-                throw new IllegalStateException(getAlgorithmName() + " KeyParameter can not be null for first initialisation");
-            }
-
-            setKey(null, iv);
-        }
-        else if (keyParam instanceof KeyParameter)
-        {
-            setKey(((KeyParameter)keyParam).getKey(), iv);
-        }
-        else
-        {
-            throw new IllegalArgumentException(getAlgorithmName() + " Init parameters must contain a KeyParameter (or null for re-init)");
-        }
-
-        reset();
-
-        initialised = true;
-    }
-
-    protected int getNonceSize()
-    {
-        return 8;
-    }
-
-    public String getAlgorithmName()
-    {
-        String name = "Salsa20";
-        if (rounds != DEFAULT_ROUNDS)
-        {
-            name += "/" + rounds;
-        }
-        return name;
-    }
-
-    public byte returnByte(byte in)
-    {
-        if (limitExceeded())
-        {
-            throw new MaxBytesExceededException("2^70 byte limit per IV; Change IV");
-        }
-
-        byte out = (byte)(keyStream[index]^in);
-        index = (index + 1) & 63;
-
-        if (index == 0)
-        {
-            advanceCounter();
-            generateKeyStream(keyStream);
-        }
-
-        return out;
-    }
-
-    protected void advanceCounter(long diff)
-    {
-        int hi = (int)(diff >>> 32);
-        int lo = (int)diff;
-
-        if (hi > 0)
-        {
-            engineState[9] += hi;
-        }
-
-        int oldState = engineState[8];
-
-        engineState[8] += lo;
-
-        if (oldState != 0 && engineState[8] < oldState)
-        {
-            engineState[9]++;
-        }
-    }
-
-    protected void advanceCounter()
-    {
-        if (++engineState[8] == 0)
-        {
-            ++engineState[9];
-        }
-    }
-
-    protected void retreatCounter(long diff)
-    {
-        int hi = (int)(diff >>> 32);
-        int lo = (int)diff;
-
-        if (hi != 0)
-        {
-            if ((engineState[9] & 0xffffffffL) >= (hi & 0xffffffffL))
-            {
-                engineState[9] -= hi;
-            }
-            else
-            {
-                throw new IllegalStateException("attempt to reduce counter past zero.");
-            }
-        }
-
-        if ((engineState[8] & 0xffffffffL) >= (lo & 0xffffffffL))
-        {
-            engineState[8] -= lo;
-        }
-        else
-        {
-            if (engineState[9] != 0)
-            {
-                --engineState[9];
-                engineState[8] -= lo;
-            }
-            else
-            {
-                throw new IllegalStateException("attempt to reduce counter past zero.");
-            }
-        }
-    }
-
-    protected void retreatCounter()
-    {
-        if (engineState[8] == 0 && engineState[9] == 0)
-        {
-            throw new IllegalStateException("attempt to reduce counter past zero.");
-        }
-
-        if (--engineState[8] == -1)
-        {
-            --engineState[9];
-        }
-    }
-
-    public int processBytes(
-        byte[]     in, 
-        int     inOff, 
-        int     len, 
-        byte[]     out, 
-        int     outOff)
-    {
-        if (!initialised)
-        {
-            throw new IllegalStateException(getAlgorithmName() + " not initialised");
-        }
-
-        if ((inOff + len) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-
-        if ((outOff + len) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-
-        if (limitExceeded(len))
-        {
-            throw new MaxBytesExceededException("2^70 byte limit per IV would be exceeded; Change IV");
-        }
-
-        for (int i = 0; i < len; i++)
-        {
-            out[i + outOff] = (byte)(keyStream[index] ^ in[i + inOff]);
-            index = (index + 1) & 63;
-
-            if (index == 0)
-            {
-                advanceCounter();
-                generateKeyStream(keyStream);
-            }
-        }
-
-        return len;
-    }
-
-    public long skip(long numberOfBytes)
-    {
-        if (numberOfBytes >= 0)
-        {
-            long remaining = numberOfBytes;
-
-            if (remaining >= 64)
-            {
-                long count = remaining / 64;
-
-                advanceCounter(count);
-
-                remaining -= count * 64;
-            }
-
-            int oldIndex = index;
-
-            index = (index + (int)remaining) & 63;
-
-            if (index < oldIndex)
-            {
-                advanceCounter();
-            }
-        }
-        else
-        {
-            long remaining = -numberOfBytes;
-
-            if (remaining >= 64)
-            {
-                long count = remaining / 64;
-
-                retreatCounter(count);
-
-                remaining -= count * 64;
-            }
-
-            for (long i = 0; i < remaining; i++)
-            {
-                if (index == 0)
-                {
-                    retreatCounter();
-                }
-
-                index = (index - 1) & 63;
-            }
-        }
-
-        generateKeyStream(keyStream);
-
-        return numberOfBytes;
-    }
-
-    public long seekTo(long position)
-    {
-        reset();
-
-        return skip(position);
-    }
-
-    public long getPosition()
-    {
-        return getCounter() * 64 + index;
-    }
-
-    public void reset()
-    {
-        index = 0;
-        resetLimitCounter();
-        resetCounter();
-
-        generateKeyStream(keyStream);
-    }
-
-    protected long getCounter()
-    {
-        return ((long)engineState[9] << 32) | (engineState[8] & 0xffffffffL);
-    }
-
-    protected void resetCounter()
-    {
-        engineState[8] = engineState[9] = 0;
-    }
-
-    protected void setKey(byte[] keyBytes, byte[] ivBytes)
-    {
-        if (keyBytes != null)
-        {
-            if ((keyBytes.length != 16) && (keyBytes.length != 32))
-            {
-                throw new IllegalArgumentException(getAlgorithmName() + " requires 128 bit or 256 bit key");
-            }
-
-            int tsOff = (keyBytes.length - 16) / 4;
-            engineState[0 ] = TAU_SIGMA[tsOff    ];
-            engineState[5 ] = TAU_SIGMA[tsOff + 1];
-            engineState[10] = TAU_SIGMA[tsOff + 2];
-            engineState[15] = TAU_SIGMA[tsOff + 3];
-
-            // Key
-            Pack.littleEndianToInt(keyBytes, 0, engineState, 1, 4);
-            Pack.littleEndianToInt(keyBytes, keyBytes.length - 16, engineState, 11, 4);
-        }
-
-        // IV
-        Pack.littleEndianToInt(ivBytes, 0, engineState, 6, 2);
-    }
-
-    protected void generateKeyStream(byte[] output)
-    {
-        salsaCore(rounds, engineState, x);
-        Pack.intToLittleEndian(x, output, 0);
-    }
-
-    /**
-     * Salsa20 function
-     *
-     * @param   input   input data
-     */    
-    public static void salsaCore(int rounds, int[] input, int[] x)
-    {
-        if (input.length != 16)
-        {
-            throw new IllegalArgumentException();
-        }
-        if (x.length != 16)
-        {
-            throw new IllegalArgumentException();
-        }
-        if (rounds % 2 != 0)
-        {
-            throw new IllegalArgumentException("Number of rounds must be even");
-        }
-
-        int x00 = input[ 0];
-        int x01 = input[ 1];
-        int x02 = input[ 2];
-        int x03 = input[ 3];
-        int x04 = input[ 4];
-        int x05 = input[ 5];
-        int x06 = input[ 6];
-        int x07 = input[ 7];
-        int x08 = input[ 8];
-        int x09 = input[ 9];
-        int x10 = input[10];
-        int x11 = input[11];
-        int x12 = input[12];
-        int x13 = input[13];
-        int x14 = input[14];
-        int x15 = input[15];
-
-        for (int i = rounds; i > 0; i -= 2)
-        {
-            x04 ^= rotl(x00 + x12, 7);
-            x08 ^= rotl(x04 + x00, 9);
-            x12 ^= rotl(x08 + x04, 13);
-            x00 ^= rotl(x12 + x08, 18);
-            x09 ^= rotl(x05 + x01, 7);
-            x13 ^= rotl(x09 + x05, 9);
-            x01 ^= rotl(x13 + x09, 13);
-            x05 ^= rotl(x01 + x13, 18);
-            x14 ^= rotl(x10 + x06, 7);
-            x02 ^= rotl(x14 + x10, 9);
-            x06 ^= rotl(x02 + x14, 13);
-            x10 ^= rotl(x06 + x02, 18);
-            x03 ^= rotl(x15 + x11, 7);
-            x07 ^= rotl(x03 + x15, 9);
-            x11 ^= rotl(x07 + x03, 13);
-            x15 ^= rotl(x11 + x07, 18);
-
-            x01 ^= rotl(x00 + x03, 7);
-            x02 ^= rotl(x01 + x00, 9);
-            x03 ^= rotl(x02 + x01, 13);
-            x00 ^= rotl(x03 + x02, 18);
-            x06 ^= rotl(x05 + x04, 7);
-            x07 ^= rotl(x06 + x05, 9);
-            x04 ^= rotl(x07 + x06, 13);
-            x05 ^= rotl(x04 + x07, 18);
-            x11 ^= rotl(x10 + x09, 7);
-            x08 ^= rotl(x11 + x10, 9);
-            x09 ^= rotl(x08 + x11, 13);
-            x10 ^= rotl(x09 + x08, 18);
-            x12 ^= rotl(x15 + x14, 7);
-            x13 ^= rotl(x12 + x15, 9);
-            x14 ^= rotl(x13 + x12, 13);
-            x15 ^= rotl(x14 + x13, 18);
-        }
-
-        x[ 0] = x00 + input[ 0];
-        x[ 1] = x01 + input[ 1];
-        x[ 2] = x02 + input[ 2];
-        x[ 3] = x03 + input[ 3];
-        x[ 4] = x04 + input[ 4];
-        x[ 5] = x05 + input[ 5];
-        x[ 6] = x06 + input[ 6];
-        x[ 7] = x07 + input[ 7];
-        x[ 8] = x08 + input[ 8];
-        x[ 9] = x09 + input[ 9];
-        x[10] = x10 + input[10];
-        x[11] = x11 + input[11];
-        x[12] = x12 + input[12];
-        x[13] = x13 + input[13];
-        x[14] = x14 + input[14];
-        x[15] = x15 + input[15];
-    }
-
-    /**
-     * Rotate left
-     *
-     * @param   x   value to rotate
-     * @param   y   amount to rotate x
-     *
-     * @return  rotated x
-     */
-    protected static int rotl(int x, int y)
-    {
-        return (x << y) | (x >>> -y);
-    }
-
-    private void resetLimitCounter()
-    {
-        cW0 = 0;
-        cW1 = 0;
-        cW2 = 0;
-    }
-
-    private boolean limitExceeded()
-    {
-        if (++cW0 == 0)
-        {
-            if (++cW1 == 0)
-            {
-                return (++cW2 & 0x20) != 0;          // 2^(32 + 32 + 6)
-            }
-        }
-
-        return false;
-    }
-
-    /*
-     * this relies on the fact len will always be positive.
-     */
-    private boolean limitExceeded(int len)
-    {
-        cW0 += len;
-        if (cW0 < len && cW0 >= 0)
-        {
-            if (++cW1 == 0)
-            {
-                return (++cW2 & 0x20) != 0;          // 2^(32 + 32 + 6)
-            }
-        }
-
-        return false;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/SerpentEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/SerpentEngine.java
deleted file mode 100644
index 4a20ea4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/SerpentEngine.java
+++ /dev/null

@@ -1,296 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.util.Pack;
-
-/**
- * Serpent is a 128-bit 32-round block cipher with variable key lengths,
- * including 128, 192 and 256 bit keys conjectured to be at least as
- * secure as three-key triple-DES.
- * <p>
- * Serpent was designed by Ross Anderson, Eli Biham and Lars Knudsen as a
- * candidate algorithm for the NIST AES Quest.
- * <p>
- * For full details see <a href="http://www.cl.cam.ac.uk/~rja14/serpent.html">The Serpent home page</a>
- */
-public final class SerpentEngine
-    extends SerpentEngineBase
-{
-    /**
-     * Expand a user-supplied key material into a session key.
-     *
-     * @param key  The user-key bytes (multiples of 4) to use.
-     * @exception IllegalArgumentException
-     */
-    protected int[] makeWorkingKey(
-        byte[] key)
-    throws  IllegalArgumentException
-    {
-        //
-        // pad key to 256 bits
-        //
-        int[]   kPad = new int[16];
-        int     off = 0;
-        int     length = 0;
-
-        for (off = 0; (off + 4) < key.length; off += 4)
-        {
-            kPad[length++] = Pack.littleEndianToInt(key, off);
-        }
-
-        if (off % 4 == 0)
-        {
-            kPad[length++] = Pack.littleEndianToInt(key, off);
-            if (length < 8)
-            {
-                kPad[length] = 1;
-            }
-        }
-        else
-        {
-            throw new IllegalArgumentException("key must be a multiple of 4 bytes");
-        }
-
-        //
-        // expand the padded key up to 33 x 128 bits of key material
-        //
-        int     amount = (ROUNDS + 1) * 4;
-        int[]   w = new int[amount];
-
-        //
-        // compute w0 to w7 from w-8 to w-1
-        //
-        for (int i = 8; i < 16; i++)
-        {
-            kPad[i] = rotateLeft(kPad[i - 8] ^ kPad[i - 5] ^ kPad[i - 3] ^ kPad[i - 1] ^ PHI ^ (i - 8), 11);
-        }
-
-        System.arraycopy(kPad, 8, w, 0, 8);
-
-        //
-        // compute w8 to w136
-        //
-        for (int i = 8; i < amount; i++)
-        {
-            w[i] = rotateLeft(w[i - 8] ^ w[i - 5] ^ w[i - 3] ^ w[i - 1] ^ PHI ^ i, 11);
-        }
-
-        //
-        // create the working keys by processing w with the Sbox and IP
-        //
-        sb3(w[0], w[1], w[2], w[3]);
-        w[0] = X0; w[1] = X1; w[2] = X2; w[3] = X3; 
-        sb2(w[4], w[5], w[6], w[7]);
-        w[4] = X0; w[5] = X1; w[6] = X2; w[7] = X3; 
-        sb1(w[8], w[9], w[10], w[11]);
-        w[8] = X0; w[9] = X1; w[10] = X2; w[11] = X3; 
-        sb0(w[12], w[13], w[14], w[15]);
-        w[12] = X0; w[13] = X1; w[14] = X2; w[15] = X3; 
-        sb7(w[16], w[17], w[18], w[19]);
-        w[16] = X0; w[17] = X1; w[18] = X2; w[19] = X3; 
-        sb6(w[20], w[21], w[22], w[23]);
-        w[20] = X0; w[21] = X1; w[22] = X2; w[23] = X3; 
-        sb5(w[24], w[25], w[26], w[27]);
-        w[24] = X0; w[25] = X1; w[26] = X2; w[27] = X3; 
-        sb4(w[28], w[29], w[30], w[31]);
-        w[28] = X0; w[29] = X1; w[30] = X2; w[31] = X3; 
-        sb3(w[32], w[33], w[34], w[35]);
-        w[32] = X0; w[33] = X1; w[34] = X2; w[35] = X3; 
-        sb2(w[36], w[37], w[38], w[39]);
-        w[36] = X0; w[37] = X1; w[38] = X2; w[39] = X3; 
-        sb1(w[40], w[41], w[42], w[43]);
-        w[40] = X0; w[41] = X1; w[42] = X2; w[43] = X3; 
-        sb0(w[44], w[45], w[46], w[47]);
-        w[44] = X0; w[45] = X1; w[46] = X2; w[47] = X3; 
-        sb7(w[48], w[49], w[50], w[51]);
-        w[48] = X0; w[49] = X1; w[50] = X2; w[51] = X3; 
-        sb6(w[52], w[53], w[54], w[55]);
-        w[52] = X0; w[53] = X1; w[54] = X2; w[55] = X3; 
-        sb5(w[56], w[57], w[58], w[59]);
-        w[56] = X0; w[57] = X1; w[58] = X2; w[59] = X3; 
-        sb4(w[60], w[61], w[62], w[63]);
-        w[60] = X0; w[61] = X1; w[62] = X2; w[63] = X3; 
-        sb3(w[64], w[65], w[66], w[67]);
-        w[64] = X0; w[65] = X1; w[66] = X2; w[67] = X3; 
-        sb2(w[68], w[69], w[70], w[71]);
-        w[68] = X0; w[69] = X1; w[70] = X2; w[71] = X3; 
-        sb1(w[72], w[73], w[74], w[75]);
-        w[72] = X0; w[73] = X1; w[74] = X2; w[75] = X3; 
-        sb0(w[76], w[77], w[78], w[79]);
-        w[76] = X0; w[77] = X1; w[78] = X2; w[79] = X3; 
-        sb7(w[80], w[81], w[82], w[83]);
-        w[80] = X0; w[81] = X1; w[82] = X2; w[83] = X3; 
-        sb6(w[84], w[85], w[86], w[87]);
-        w[84] = X0; w[85] = X1; w[86] = X2; w[87] = X3; 
-        sb5(w[88], w[89], w[90], w[91]);
-        w[88] = X0; w[89] = X1; w[90] = X2; w[91] = X3; 
-        sb4(w[92], w[93], w[94], w[95]);
-        w[92] = X0; w[93] = X1; w[94] = X2; w[95] = X3; 
-        sb3(w[96], w[97], w[98], w[99]);
-        w[96] = X0; w[97] = X1; w[98] = X2; w[99] = X3; 
-        sb2(w[100], w[101], w[102], w[103]);
-        w[100] = X0; w[101] = X1; w[102] = X2; w[103] = X3; 
-        sb1(w[104], w[105], w[106], w[107]);
-        w[104] = X0; w[105] = X1; w[106] = X2; w[107] = X3; 
-        sb0(w[108], w[109], w[110], w[111]);
-        w[108] = X0; w[109] = X1; w[110] = X2; w[111] = X3; 
-        sb7(w[112], w[113], w[114], w[115]);
-        w[112] = X0; w[113] = X1; w[114] = X2; w[115] = X3; 
-        sb6(w[116], w[117], w[118], w[119]);
-        w[116] = X0; w[117] = X1; w[118] = X2; w[119] = X3; 
-        sb5(w[120], w[121], w[122], w[123]);
-        w[120] = X0; w[121] = X1; w[122] = X2; w[123] = X3; 
-        sb4(w[124], w[125], w[126], w[127]);
-        w[124] = X0; w[125] = X1; w[126] = X2; w[127] = X3; 
-        sb3(w[128], w[129], w[130], w[131]);
-        w[128] = X0; w[129] = X1; w[130] = X2; w[131] = X3; 
-
-        return w;
-    }
-
-    /**
-     * Encrypt one block of plaintext.
-     *
-     * @param input the array containing the input data.
-     * @param inOff offset into the in array the data starts at.
-     * @param output the array the output data will be copied into.
-     * @param outOff the offset into the out array the output will start at.
-     */
-    protected void encryptBlock(
-        byte[]  input,
-        int     inOff,
-        byte[]  output,
-        int     outOff)
-    {
-        X0 = Pack.littleEndianToInt(input, inOff);
-        X1 = Pack.littleEndianToInt(input, inOff + 4);
-        X2 = Pack.littleEndianToInt(input, inOff + 8);
-        X3 = Pack.littleEndianToInt(input, inOff + 12);
-
-        sb0(wKey[0] ^ X0, wKey[1] ^ X1, wKey[2] ^ X2, wKey[3] ^ X3); LT();
-        sb1(wKey[4] ^ X0, wKey[5] ^ X1, wKey[6] ^ X2, wKey[7] ^ X3); LT();
-        sb2(wKey[8] ^ X0, wKey[9] ^ X1, wKey[10] ^ X2, wKey[11] ^ X3); LT();
-        sb3(wKey[12] ^ X0, wKey[13] ^ X1, wKey[14] ^ X2, wKey[15] ^ X3); LT();
-        sb4(wKey[16] ^ X0, wKey[17] ^ X1, wKey[18] ^ X2, wKey[19] ^ X3); LT();
-        sb5(wKey[20] ^ X0, wKey[21] ^ X1, wKey[22] ^ X2, wKey[23] ^ X3); LT();
-        sb6(wKey[24] ^ X0, wKey[25] ^ X1, wKey[26] ^ X2, wKey[27] ^ X3); LT();
-        sb7(wKey[28] ^ X0, wKey[29] ^ X1, wKey[30] ^ X2, wKey[31] ^ X3); LT();
-        sb0(wKey[32] ^ X0, wKey[33] ^ X1, wKey[34] ^ X2, wKey[35] ^ X3); LT();
-        sb1(wKey[36] ^ X0, wKey[37] ^ X1, wKey[38] ^ X2, wKey[39] ^ X3); LT();
-        sb2(wKey[40] ^ X0, wKey[41] ^ X1, wKey[42] ^ X2, wKey[43] ^ X3); LT();
-        sb3(wKey[44] ^ X0, wKey[45] ^ X1, wKey[46] ^ X2, wKey[47] ^ X3); LT();
-        sb4(wKey[48] ^ X0, wKey[49] ^ X1, wKey[50] ^ X2, wKey[51] ^ X3); LT();
-        sb5(wKey[52] ^ X0, wKey[53] ^ X1, wKey[54] ^ X2, wKey[55] ^ X3); LT();
-        sb6(wKey[56] ^ X0, wKey[57] ^ X1, wKey[58] ^ X2, wKey[59] ^ X3); LT();
-        sb7(wKey[60] ^ X0, wKey[61] ^ X1, wKey[62] ^ X2, wKey[63] ^ X3); LT();
-        sb0(wKey[64] ^ X0, wKey[65] ^ X1, wKey[66] ^ X2, wKey[67] ^ X3); LT();
-        sb1(wKey[68] ^ X0, wKey[69] ^ X1, wKey[70] ^ X2, wKey[71] ^ X3); LT();
-        sb2(wKey[72] ^ X0, wKey[73] ^ X1, wKey[74] ^ X2, wKey[75] ^ X3); LT();
-        sb3(wKey[76] ^ X0, wKey[77] ^ X1, wKey[78] ^ X2, wKey[79] ^ X3); LT();
-        sb4(wKey[80] ^ X0, wKey[81] ^ X1, wKey[82] ^ X2, wKey[83] ^ X3); LT();
-        sb5(wKey[84] ^ X0, wKey[85] ^ X1, wKey[86] ^ X2, wKey[87] ^ X3); LT();
-        sb6(wKey[88] ^ X0, wKey[89] ^ X1, wKey[90] ^ X2, wKey[91] ^ X3); LT();
-        sb7(wKey[92] ^ X0, wKey[93] ^ X1, wKey[94] ^ X2, wKey[95] ^ X3); LT();
-        sb0(wKey[96] ^ X0, wKey[97] ^ X1, wKey[98] ^ X2, wKey[99] ^ X3); LT();
-        sb1(wKey[100] ^ X0, wKey[101] ^ X1, wKey[102] ^ X2, wKey[103] ^ X3); LT();
-        sb2(wKey[104] ^ X0, wKey[105] ^ X1, wKey[106] ^ X2, wKey[107] ^ X3); LT();
-        sb3(wKey[108] ^ X0, wKey[109] ^ X1, wKey[110] ^ X2, wKey[111] ^ X3); LT();
-        sb4(wKey[112] ^ X0, wKey[113] ^ X1, wKey[114] ^ X2, wKey[115] ^ X3); LT();
-        sb5(wKey[116] ^ X0, wKey[117] ^ X1, wKey[118] ^ X2, wKey[119] ^ X3); LT();
-        sb6(wKey[120] ^ X0, wKey[121] ^ X1, wKey[122] ^ X2, wKey[123] ^ X3); LT();
-        sb7(wKey[124] ^ X0, wKey[125] ^ X1, wKey[126] ^ X2, wKey[127] ^ X3);
-
-        Pack.intToLittleEndian(wKey[128] ^ X0, output, outOff);
-        Pack.intToLittleEndian(wKey[129] ^ X1, output, outOff + 4);
-        Pack.intToLittleEndian(wKey[130] ^ X2, output, outOff + 8);
-        Pack.intToLittleEndian(wKey[131] ^ X3, output, outOff + 12);
-    }
-
-    /**
-     * Decrypt one block of ciphertext.
-     *
-     * @param input the array containing the input data.
-     * @param inOff offset into the in array the data starts at.
-     * @param output the array the output data will be copied into.
-     * @param outOff the offset into the out array the output will start at.
-     */
-    protected void decryptBlock(
-        byte[]  input,
-        int     inOff,
-        byte[]  output,
-        int     outOff)
-    {
-        X0 = wKey[128] ^ Pack.littleEndianToInt(input, inOff);
-        X1 = wKey[129] ^ Pack.littleEndianToInt(input, inOff + 4);
-        X2 = wKey[130] ^ Pack.littleEndianToInt(input, inOff + 8);
-        X3 = wKey[131] ^ Pack.littleEndianToInt(input, inOff + 12);
-
-        ib7(X0, X1, X2, X3);
-        X0 ^= wKey[124]; X1 ^= wKey[125]; X2 ^= wKey[126]; X3 ^= wKey[127];
-        inverseLT(); ib6(X0, X1, X2, X3);
-        X0 ^= wKey[120]; X1 ^= wKey[121]; X2 ^= wKey[122]; X3 ^= wKey[123];
-        inverseLT(); ib5(X0, X1, X2, X3);
-        X0 ^= wKey[116]; X1 ^= wKey[117]; X2 ^= wKey[118]; X3 ^= wKey[119];
-        inverseLT(); ib4(X0, X1, X2, X3);
-        X0 ^= wKey[112]; X1 ^= wKey[113]; X2 ^= wKey[114]; X3 ^= wKey[115];
-        inverseLT(); ib3(X0, X1, X2, X3);
-        X0 ^= wKey[108]; X1 ^= wKey[109]; X2 ^= wKey[110]; X3 ^= wKey[111];
-        inverseLT(); ib2(X0, X1, X2, X3);
-        X0 ^= wKey[104]; X1 ^= wKey[105]; X2 ^= wKey[106]; X3 ^= wKey[107];
-        inverseLT(); ib1(X0, X1, X2, X3);
-        X0 ^= wKey[100]; X1 ^= wKey[101]; X2 ^= wKey[102]; X3 ^= wKey[103];
-        inverseLT(); ib0(X0, X1, X2, X3);
-        X0 ^= wKey[96]; X1 ^= wKey[97]; X2 ^= wKey[98]; X3 ^= wKey[99];
-        inverseLT(); ib7(X0, X1, X2, X3);
-        X0 ^= wKey[92]; X1 ^= wKey[93]; X2 ^= wKey[94]; X3 ^= wKey[95];
-        inverseLT(); ib6(X0, X1, X2, X3);
-        X0 ^= wKey[88]; X1 ^= wKey[89]; X2 ^= wKey[90]; X3 ^= wKey[91];
-        inverseLT(); ib5(X0, X1, X2, X3);
-        X0 ^= wKey[84]; X1 ^= wKey[85]; X2 ^= wKey[86]; X3 ^= wKey[87];
-        inverseLT(); ib4(X0, X1, X2, X3);
-        X0 ^= wKey[80]; X1 ^= wKey[81]; X2 ^= wKey[82]; X3 ^= wKey[83];
-        inverseLT(); ib3(X0, X1, X2, X3);
-        X0 ^= wKey[76]; X1 ^= wKey[77]; X2 ^= wKey[78]; X3 ^= wKey[79];
-        inverseLT(); ib2(X0, X1, X2, X3);
-        X0 ^= wKey[72]; X1 ^= wKey[73]; X2 ^= wKey[74]; X3 ^= wKey[75];
-        inverseLT(); ib1(X0, X1, X2, X3);
-        X0 ^= wKey[68]; X1 ^= wKey[69]; X2 ^= wKey[70]; X3 ^= wKey[71];
-        inverseLT(); ib0(X0, X1, X2, X3);
-        X0 ^= wKey[64]; X1 ^= wKey[65]; X2 ^= wKey[66]; X3 ^= wKey[67];
-        inverseLT(); ib7(X0, X1, X2, X3);
-        X0 ^= wKey[60]; X1 ^= wKey[61]; X2 ^= wKey[62]; X3 ^= wKey[63];
-        inverseLT(); ib6(X0, X1, X2, X3);
-        X0 ^= wKey[56]; X1 ^= wKey[57]; X2 ^= wKey[58]; X3 ^= wKey[59];
-        inverseLT(); ib5(X0, X1, X2, X3);
-        X0 ^= wKey[52]; X1 ^= wKey[53]; X2 ^= wKey[54]; X3 ^= wKey[55];
-        inverseLT(); ib4(X0, X1, X2, X3);
-        X0 ^= wKey[48]; X1 ^= wKey[49]; X2 ^= wKey[50]; X3 ^= wKey[51];
-        inverseLT(); ib3(X0, X1, X2, X3);
-        X0 ^= wKey[44]; X1 ^= wKey[45]; X2 ^= wKey[46]; X3 ^= wKey[47];
-        inverseLT(); ib2(X0, X1, X2, X3);
-        X0 ^= wKey[40]; X1 ^= wKey[41]; X2 ^= wKey[42]; X3 ^= wKey[43];
-        inverseLT(); ib1(X0, X1, X2, X3);
-        X0 ^= wKey[36]; X1 ^= wKey[37]; X2 ^= wKey[38]; X3 ^= wKey[39];
-        inverseLT(); ib0(X0, X1, X2, X3);
-        X0 ^= wKey[32]; X1 ^= wKey[33]; X2 ^= wKey[34]; X3 ^= wKey[35];
-        inverseLT(); ib7(X0, X1, X2, X3);
-        X0 ^= wKey[28]; X1 ^= wKey[29]; X2 ^= wKey[30]; X3 ^= wKey[31];
-        inverseLT(); ib6(X0, X1, X2, X3);
-        X0 ^= wKey[24]; X1 ^= wKey[25]; X2 ^= wKey[26]; X3 ^= wKey[27];
-        inverseLT(); ib5(X0, X1, X2, X3);
-        X0 ^= wKey[20]; X1 ^= wKey[21]; X2 ^= wKey[22]; X3 ^= wKey[23];
-        inverseLT(); ib4(X0, X1, X2, X3);
-        X0 ^= wKey[16]; X1 ^= wKey[17]; X2 ^= wKey[18]; X3 ^= wKey[19];
-        inverseLT(); ib3(X0, X1, X2, X3);
-        X0 ^= wKey[12]; X1 ^= wKey[13]; X2 ^= wKey[14]; X3 ^= wKey[15];
-        inverseLT(); ib2(X0, X1, X2, X3);
-        X0 ^= wKey[8]; X1 ^= wKey[9]; X2 ^= wKey[10]; X3 ^= wKey[11];
-        inverseLT(); ib1(X0, X1, X2, X3);
-        X0 ^= wKey[4]; X1 ^= wKey[5]; X2 ^= wKey[6]; X3 ^= wKey[7];
-        inverseLT(); ib0(X0, X1, X2, X3);
-
-        Pack.intToLittleEndian(X0 ^ wKey[0], output, outOff);
-        Pack.intToLittleEndian(X1 ^ wKey[1], output, outOff + 4);
-        Pack.intToLittleEndian(X2 ^ wKey[2], output, outOff + 8);
-        Pack.intToLittleEndian(X3 ^ wKey[3], output, outOff + 12);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/SerpentEngineBase.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/SerpentEngineBase.java
deleted file mode 100644
index c47b2c2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/SerpentEngineBase.java
+++ /dev/null

@@ -1,486 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.KeyParameter;
-
-public abstract class SerpentEngineBase
-    implements BlockCipher
-{
-    protected static final int BLOCK_SIZE = 16;
-
-    static final int ROUNDS = 32;
-    static final int PHI = 0x9E3779B9;       // (sqrt(5) - 1) * 2**31
-
-    protected boolean encrypting;
-    protected int[] wKey;
-
-    protected int X0, X1, X2, X3;    // registers
-
-    SerpentEngineBase()
-    {
-
-    }
-
-    /**
-     * initialise a Serpent cipher.
-     *
-     * @param encrypting whether or not we are for encryption.
-     * @param params     the parameters required to set up the cipher.
-     * @throws IllegalArgumentException if the params argument is
-     * inappropriate.
-     */
-    public void init(
-        boolean encrypting,
-        CipherParameters params)
-    {
-        if (params instanceof KeyParameter)
-        {
-            this.encrypting = encrypting;
-            this.wKey = makeWorkingKey(((KeyParameter)params).getKey());
-            return;
-        }
-
-        throw new IllegalArgumentException("invalid parameter passed to " + getAlgorithmName() + " init - " + params.getClass().getName());
-    }
-
-    public String getAlgorithmName()
-    {
-        return "Serpent";
-    }
-
-    public int getBlockSize()
-    {
-        return BLOCK_SIZE;
-    }
-
-    /**
-     * Process one block of input from the array in and write it to
-     * the out array.
-     *
-     * @param in     the array containing the input data.
-     * @param inOff  offset into the in array the data starts at.
-     * @param out    the array the output data will be copied into.
-     * @param outOff the offset into the out array the output will start at.
-     * @return the number of bytes processed and produced.
-     * @throws DataLengthException if there isn't enough data in in, or
-     * space in out.
-     * @throws IllegalStateException if the cipher isn't initialised.
-     */
-    public final int processBlock(
-        byte[] in,
-        int inOff,
-        byte[] out,
-        int outOff)
-    {
-        if (wKey == null)
-        {
-            throw new IllegalStateException(getAlgorithmName() + " not initialised");
-        }
-
-        if ((inOff + BLOCK_SIZE) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-
-        if ((outOff + BLOCK_SIZE) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-
-        if (encrypting)
-        {
-            encryptBlock(in, inOff, out, outOff);
-        }
-        else
-        {
-            decryptBlock(in, inOff, out, outOff);
-        }
-
-        return BLOCK_SIZE;
-    }
-
-    public void reset()
-    {
-    }
-
-    protected static int rotateLeft(
-        int     x,
-        int     bits)
-    {
-        return (x << bits) | (x >>> -bits);
-    }
-
-    protected static int rotateRight(
-        int     x,
-        int     bits)
-    {
-        return (x >>> bits) | (x << -bits);
-    }
-
-    /**
-     * The sboxes below are based on the work of Brian Gladman and
-     * Sam Simpson, whose original notice appears below.
-     * <p>
-     * For further details see:
-     *      http://fp.gladman.plus.com/cryptography_technology/serpent/
-     */
-
-    /* Partially optimised Serpent S Box boolean functions derived  */
-    /* using a recursive descent analyser but without a full search */
-    /* of all subtrees. This set of S boxes is the result of work    */
-    /* by Sam Simpson and Brian Gladman using the spare time on a    */
-    /* cluster of high capacity servers to search for S boxes with    */
-    /* this customised search engine. There are now an average of    */
-    /* 15.375 terms    per S box.                                        */
-    /*                                                              */
-    /* Copyright:   Dr B. R Gladman (gladman@seven77.demon.co.uk)   */
-    /*                and Sam Simpson (s.simpson@mia.co.uk)            */
-    /*              17th December 1998                                */
-    /*                                                              */
-    /* We hereby give permission for information in this file to be */
-    /* used freely subject only to acknowledgement of its origin.    */
-
-    /**
-     * S0 - { 3, 8,15, 1,10, 6, 5,11,14,13, 4, 2, 7, 0, 9,12 } - 15 terms.
-     */
-    protected final void sb0(int a, int b, int c, int d)
-    {
-        int    t1 = a ^ d;
-        int    t3 = c ^ t1;
-        int    t4 = b ^ t3;
-        X3 = (a & d) ^ t4;
-        int    t7 = a ^ (b & t1);
-        X2 = t4 ^ (c | t7);
-        int    t12 = X3 & (t3 ^ t7);
-        X1 = (~t3) ^ t12;
-        X0 = t12 ^ (~t7);
-    }
-
-    /**
-     * InvSO - {13, 3,11, 0,10, 6, 5,12, 1,14, 4, 7,15, 9, 8, 2 } - 15 terms.
-     */
-    protected final void ib0(int a, int b, int c, int d)
-    {
-        int    t1 = ~a;
-        int    t2 = a ^ b;
-        int    t4 = d ^ (t1 | t2);
-        int    t5 = c ^ t4;
-        X2 = t2 ^ t5;
-        int    t8 = t1 ^ (d & t2);
-        X1 = t4 ^ (X2 & t8);
-        X3 = (a & t4) ^ (t5 | X1);
-        X0 = X3 ^ (t5 ^ t8);
-    }
-
-    /**
-     * S1 - {15,12, 2, 7, 9, 0, 5,10, 1,11,14, 8, 6,13, 3, 4 } - 14 terms.
-     */
-    protected final void sb1(int a, int b, int c, int d)
-    {
-        int    t2 = b ^ (~a);
-        int    t5 = c ^ (a | t2);
-        X2 = d ^ t5;
-        int    t7 = b ^ (d | t2);
-        int    t8 = t2 ^ X2;
-        X3 = t8 ^ (t5 & t7);
-        int    t11 = t5 ^ t7;
-        X1 = X3 ^ t11;
-        X0 = t5 ^ (t8 & t11);
-    }
-
-    /**
-     * InvS1 - { 5, 8, 2,14,15, 6,12, 3,11, 4, 7, 9, 1,13,10, 0 } - 14 steps.
-     */
-    protected final void ib1(int a, int b, int c, int d)
-    {
-        int    t1 = b ^ d;
-        int    t3 = a ^ (b & t1);
-        int    t4 = t1 ^ t3;
-        X3 = c ^ t4;
-        int    t7 = b ^ (t1 & t3);
-        int    t8 = X3 | t7;
-        X1 = t3 ^ t8;
-        int    t10 = ~X1;
-        int    t11 = X3 ^ t7;
-        X0 = t10 ^ t11;
-        X2 = t4 ^ (t10 | t11);
-    }
-
-    /**
-     * S2 - { 8, 6, 7, 9, 3,12,10,15,13, 1,14, 4, 0,11, 5, 2 } - 16 terms.
-     */
-    protected final void sb2(int a, int b, int c, int d)
-    {
-        int    t1 = ~a;
-        int    t2 = b ^ d;
-        int    t3 = c & t1;
-        X0 = t2 ^ t3;
-        int    t5 = c ^ t1;
-        int    t6 = c ^ X0;
-        int    t7 = b & t6;
-        X3 = t5 ^ t7;
-        X2 = a ^ ((d | t7) & (X0 | t5));
-        X1 = (t2 ^ X3) ^ (X2 ^ (d | t1));
-    }
-
-    /**
-     * InvS2 - {12, 9,15, 4,11,14, 1, 2, 0, 3, 6,13, 5, 8,10, 7 } - 16 steps.
-     */
-    protected final void ib2(int a, int b, int c, int d)
-    {
-        int    t1 = b ^ d;
-        int    t2 = ~t1;
-        int    t3 = a ^ c;
-        int    t4 = c ^ t1;
-        int    t5 = b & t4;
-        X0 = t3 ^ t5;
-        int    t7 = a | t2;
-        int    t8 = d ^ t7;
-        int    t9 = t3 | t8;
-        X3 = t1 ^ t9;
-        int    t11 = ~t4;
-        int    t12 = X0 | X3;
-        X1 = t11 ^ t12;
-        X2 = (d & t11) ^ (t3 ^ t12);
-    }
-
-    /**
-     * S3 - { 0,15,11, 8,12, 9, 6, 3,13, 1, 2, 4,10, 7, 5,14 } - 16 terms.
-     */
-    protected final void sb3(int a, int b, int c, int d)
-    {
-        int    t1 = a ^ b;
-        int    t2 = a & c;
-        int    t3 = a | d;
-        int    t4 = c ^ d;
-        int    t5 = t1 & t3;
-        int    t6 = t2 | t5;
-        X2 = t4 ^ t6;
-        int    t8 = b ^ t3;
-        int    t9 = t6 ^ t8;
-        int    t10 = t4 & t9;
-        X0 = t1 ^ t10;
-        int    t12 = X2 & X0;
-        X1 = t9 ^ t12;
-        X3 = (b | d) ^ (t4 ^ t12);
-    }
-
-    /**
-     * InvS3 - { 0, 9,10, 7,11,14, 6,13, 3, 5,12, 2, 4, 8,15, 1 } - 15 terms
-     */
-    protected final void ib3(int a, int b, int c, int d)
-    {
-        int    t1 = a | b;
-        int    t2 = b ^ c;
-        int    t3 = b & t2;
-        int    t4 = a ^ t3;
-        int    t5 = c ^ t4;
-        int    t6 = d | t4;
-        X0 = t2 ^ t6;
-        int    t8 = t2 | t6;
-        int    t9 = d ^ t8;
-        X2 = t5 ^ t9;
-        int    t11 = t1 ^ t9;
-        int    t12 = X0 & t11;
-        X3 = t4 ^ t12;
-        X1 = X3 ^ (X0 ^ t11);
-    }
-
-    /**
-     * S4 - { 1,15, 8, 3,12, 0,11, 6, 2, 5, 4,10, 9,14, 7,13 } - 15 terms.
-     */
-    protected final void sb4(int a, int b, int c, int d)
-    {
-        int    t1 = a ^ d;
-        int    t2 = d & t1;
-        int    t3 = c ^ t2;
-        int    t4 = b | t3;
-        X3 = t1 ^ t4;
-        int    t6 = ~b;
-        int    t7 = t1 | t6;
-        X0 = t3 ^ t7;
-        int    t9 = a & X0;
-        int    t10 = t1 ^ t6;
-        int    t11 = t4 & t10;
-        X2 = t9 ^ t11;
-        X1 = (a ^ t3) ^ (t10 & X2);
-    }
-
-    /**
-     * InvS4 - { 5, 0, 8, 3,10, 9, 7,14, 2,12,11, 6, 4,15,13, 1 } - 15 terms.
-     */
-    protected final void ib4(int a, int b, int c, int d)
-    {
-        int    t1 = c | d;
-        int    t2 = a & t1;
-        int    t3 = b ^ t2;
-        int    t4 = a & t3;
-        int    t5 = c ^ t4;
-        X1 = d ^ t5;
-        int    t7 = ~a;
-        int    t8 = t5 & X1;
-        X3 = t3 ^ t8;
-        int    t10 = X1 | t7;
-        int    t11 = d ^ t10;
-        X0 = X3 ^ t11;
-        X2 = (t3 & t11) ^ (X1 ^ t7);
-    }
-
-    /**
-     * S5 - {15, 5, 2,11, 4,10, 9,12, 0, 3,14, 8,13, 6, 7, 1 } - 16 terms.
-     */
-    protected final void sb5(int a, int b, int c, int d)
-    {
-        int    t1 = ~a;
-        int    t2 = a ^ b;
-        int    t3 = a ^ d;
-        int    t4 = c ^ t1;
-        int    t5 = t2 | t3;
-        X0 = t4 ^ t5;
-        int    t7 = d & X0;
-        int    t8 = t2 ^ X0;
-        X1 = t7 ^ t8;
-        int    t10 = t1 | X0;
-        int    t11 = t2 | t7;
-        int    t12 = t3 ^ t10;
-        X2 = t11 ^ t12;
-        X3 = (b ^ t7) ^ (X1 & t12);
-    }
-
-    /**
-     * InvS5 - { 8,15, 2, 9, 4, 1,13,14,11, 6, 5, 3, 7,12,10, 0 } - 16 terms.
-     */
-    protected final void ib5(int a, int b, int c, int d)
-    {
-        int    t1 = ~c;
-        int    t2 = b & t1;
-        int    t3 = d ^ t2;
-        int    t4 = a & t3;
-        int    t5 = b ^ t1;
-        X3 = t4 ^ t5;
-        int    t7 = b | X3;
-        int    t8 = a & t7;
-        X1 = t3 ^ t8;
-        int    t10 = a | d;
-        int    t11 = t1 ^ t7;
-        X0 = t10 ^ t11;
-        X2 = (b & t10) ^ (t4 | (a ^ c));
-    }
-
-    /**
-     * S6 - { 7, 2,12, 5, 8, 4, 6,11,14, 9, 1,15,13, 3,10, 0 } - 15 terms.
-     */
-    protected final void sb6(int a, int b, int c, int d)
-    {
-        int    t1 = ~a;
-        int    t2 = a ^ d;
-        int    t3 = b ^ t2;
-        int    t4 = t1 | t2;
-        int    t5 = c ^ t4;
-        X1 = b ^ t5;
-        int    t7 = t2 | X1;
-        int    t8 = d ^ t7;
-        int    t9 = t5 & t8;
-        X2 = t3 ^ t9;
-        int    t11 = t5 ^ t8;
-        X0 = X2 ^ t11;
-        X3 = (~t5) ^ (t3 & t11);
-    }
-
-    /**
-     * InvS6 - {15,10, 1,13, 5, 3, 6, 0, 4, 9,14, 7, 2,12, 8,11 } - 15 terms.
-     */
-    protected final void ib6(int a, int b, int c, int d)
-    {
-        int    t1 = ~a;
-        int    t2 = a ^ b;
-        int    t3 = c ^ t2;
-        int    t4 = c | t1;
-        int    t5 = d ^ t4;
-        X1 = t3 ^ t5;
-        int    t7 = t3 & t5;
-        int    t8 = t2 ^ t7;
-        int    t9 = b | t8;
-        X3 = t5 ^ t9;
-        int    t11 = b | X3;
-        X0 = t8 ^ t11;
-        X2 = (d & t1) ^ (t3 ^ t11);
-    }
-
-    /**
-     * S7 - { 1,13,15, 0,14, 8, 2,11, 7, 4,12,10, 9, 3, 5, 6 } - 16 terms.
-     */
-    protected final void sb7(int a, int b, int c, int d)
-    {
-        int    t1 = b ^ c;
-        int    t2 = c & t1;
-        int    t3 = d ^ t2;
-        int    t4 = a ^ t3;
-        int    t5 = d | t1;
-        int    t6 = t4 & t5;
-        X1 = b ^ t6;
-        int    t8 = t3 | X1;
-        int    t9 = a & t4;
-        X3 = t1 ^ t9;
-        int    t11 = t4 ^ t8;
-        int    t12 = X3 & t11;
-        X2 = t3 ^ t12;
-        X0 = (~t11) ^ (X3 & X2);
-    }
-
-    /**
-     * InvS7 - { 3, 0, 6,13, 9,14,15, 8, 5,12,11, 7,10, 1, 4, 2 } - 17 terms.
-     */
-    protected final void ib7(int a, int b, int c, int d)
-    {
-        int t3 = c | (a & b);
-        int    t4 = d & (a | b);
-        X3 = t3 ^ t4;
-        int    t6 = ~d;
-        int    t7 = b ^ t4;
-        int    t9 = t7 | (X3 ^ t6);
-        X1 = a ^ t9;
-        X0 = (c ^ t7) ^ (d | X1);
-        X2 = (t3 ^ X1) ^ (X0 ^ (a & X3));
-    }
-
-    /**
-     * Apply the linear transformation to the register set.
-     */
-    protected final void LT()
-    {
-        int x0  = rotateLeft(X0, 13);
-        int x2  = rotateLeft(X2, 3);
-        int x1  = X1 ^ x0 ^ x2 ;
-        int x3  = X3 ^ x2 ^ x0 << 3;
-
-        X1  = rotateLeft(x1, 1);
-        X3  = rotateLeft(x3, 7);
-        X0  = rotateLeft(x0 ^ X1 ^ X3, 5);
-        X2  = rotateLeft(x2 ^ X3 ^ (X1 << 7), 22);
-    }
-
-    /**
-     * Apply the inverse of the linear transformation to the register set.
-     */
-    protected final void inverseLT()
-    {
-        int x2 = rotateRight(X2, 22) ^ X3 ^ (X1 << 7);
-        int x0 = rotateRight(X0, 5) ^ X1 ^ X3;
-        int x3 = rotateRight(X3, 7);
-        int x1 = rotateRight(X1, 1);
-        X3 = x3 ^ x2 ^ x0 << 3;
-        X1 = x1 ^ x0 ^ x2;
-        X2 = rotateRight(x2, 3);
-        X0 = rotateRight(x0, 13);
-    }
-
-    protected abstract int[] makeWorkingKey(byte[] key);
-
-    protected abstract void encryptBlock(byte[] input, int inOff, byte[] output, int outOff);
-
-    protected abstract void decryptBlock(byte[] input, int inOff, byte[] output, int outOff);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/Shacal2Engine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/Shacal2Engine.java
deleted file mode 100644
index 62e0510..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/Shacal2Engine.java
+++ /dev/null

@@ -1,213 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.encoders.Hex;
-
-/**
- * Block cipher Shacal2, designed by Helena Handschuh and David Naccache,
- * based on hash function SHA-256,
- * using SHA-256-Initialization-Values as data and SHA-256-Data as key.
- * <p>
- * A description of Shacal can be found at:
- *    http://citeseerx.ist.psu.edu/viewdoc/summary?doi=10.1.1.3.4066
- * Best known cryptanalytic (Wikipedia 11.2013):
- *    Related-key rectangle attack on 44-rounds (Jiqiang Lu, Jongsung Kim).
- * Comments are related to SHA-256-Naming as described in FIPS PUB 180-2
- * </p>
- */
-public class Shacal2Engine 
-	implements BlockCipher 
-{
-	private final static int[] K = { // SHA-256-Constants
-			0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5, 
-			0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174, 
-			0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da, 
-			0x983e5152,	0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967, 
-			0x27b70a85, 0x2e1b2138, 0x4d2c6dfc,	0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85, 
-			0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, 
-			0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3, 
-			0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208,	0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2 
-	}; 
-	
-	private static final int BLOCK_SIZE = 32;
-	private boolean forEncryption = false;
-	private static final int ROUNDS = 64;
-	
-	private int[] workingKey = null; // expanded key: corresponds to the message block W in FIPS PUB 180-2
-	
-	public Shacal2Engine()
-	{		
-	}
-	
-	public void reset()
-	{
-	}
-	
-	public String getAlgorithmName()
-	{
-		return "Shacal2";
-	}
-
-	public int getBlockSize()
-	{
-	    return BLOCK_SIZE;
-	}
-
-	public void init(boolean _forEncryption, CipherParameters  params)
-		throws IllegalArgumentException
-	{
-		if (!(params instanceof KeyParameter))
-		{
-			throw new IllegalArgumentException("only simple KeyParameter expected.");
-		}
-		this.forEncryption = _forEncryption;
-		workingKey = new int[64];
-		setKey( ((KeyParameter)params).getKey() );
-	}
-
-	public void setKey(byte[] kb) 
-	{
-		if (kb.length == 0 || kb.length > 64 || kb.length < 16 || kb.length % 8 != 0)
-		{
-			throw new IllegalArgumentException("Shacal2-key must be 16 - 64 bytes and multiple of 8");
-		}
-
-		bytes2ints(kb, workingKey, 0, 0);
-
-		for ( int i = 16; i < 64; i++) 
-		{ // Key-Expansion, implicitly Zero-Padding for 16 > i > kb.length/4
-			workingKey[i] = 
-									( (workingKey[i-2] >>> 17 | workingKey[i-2] << -17) // corresponds to ROTL n(x) of FIPS PUB 180-2
-										^ (workingKey[i-2] >>> 19 | workingKey[i-2] << -19)
-										^ (workingKey[i-2] >>> 10) ) // corresponds to sigma1(x)-Function of FIPS PUB 180-2	    	  
-									+ workingKey[i-7] 		    				
-									+ ( (workingKey[i-15] >>> 7 | workingKey[i-15] << -7) 
-										^ (workingKey[i-15] >>> 18 | workingKey[i-15] << -18) 
-										^ (workingKey[i-15] >>> 3) ) // corresponds to sigma0(x)-Function of FIPS PUB 180-2	    
-									+ workingKey[i-16];
-		}
-	}
-	
-	private void encryptBlock(byte[] in, int inOffset, byte[] out, int outOffset)
-	{
-		int[] block = new int[BLOCK_SIZE / 4];// corresponds to working variables a,b,c,d,e,f,g,h of FIPS PUB 180-2
-		byteBlockToInts(in, block, inOffset, 0);
-		
-		for (int i = 0; i < ROUNDS; i++) 
-		{			
-			int tmp =
-                (((block[4] >>> 6) | (block[4] << -6))
-                    ^ ((block[4] >>> 11) | (block[4] << -11))
-                    ^ ((block[4] >>> 25) | (block[4] << -25)))
-                    + ((block[4] & block[5]) ^ ((~block[4]) & block[6]))
-                    + block[7] + K[i] + workingKey[i];  // corresponds to T1 of FIPS PUB 180-2
-			block[7] = block[6];
-			block[6] = block[5];
-			block[5] = block[4];			
-			block[4] = block[3] + tmp;
-			block[3] = block[2];
-			block[2] = block[1];
-			block[1] = block[0];
-			block[0] = tmp
-                + (((block[0] >>> 2) | (block[0] << -2))
-                ^ ((block[0] >>> 13) | (block[0] << -13))
-                ^ ((block[0] >>> 22) | (block[0] << -22)))
-                + ((block[0] & block[2]) ^ (block[0] & block[3]) ^ (block[2] & block[3]));
-			//corresponds to T2 of FIPS PUB 180-2, block[1] and block[2] replaced
-		}		
-		ints2bytes(block, out, outOffset);
-	}
-	
-	private void decryptBlock(byte[] in, int inOffset, byte[] out, int outOffset)
-	{
-		int[] block = new int[BLOCK_SIZE / 4];
-		byteBlockToInts(in, block, inOffset, 0);
-		for (int i = ROUNDS - 1; i >-1; i--) 
-		{
-            int tmp = block[0] - (((block[1] >>> 2) | (block[1] << -2))
-                ^ ((block[1] >>> 13) | (block[1] << -13))
-                ^ ((block[1] >>> 22) | (block[1] << -22)))
-                - ((block[1] & block[2]) ^ (block[1] & block[3]) ^ (block[2] & block[3]));    // T2
-            block[0] = block[1];
-            block[1] = block[2];
-            block[2] = block[3];
-            block[3] = block[4] - tmp;
-            block[4] = block[5];
-            block[5] = block[6];
-            block[6] = block[7];
-            block[7] = tmp - K[i] - workingKey[i]
-                - (((block[4] >>> 6) | (block[4] << -6))
-                ^ ((block[4] >>> 11) | (block[4] << -11))
-                ^ ((block[4] >>> 25) | (block[4] << -25)))
-                - ((block[4] & block[5]) ^ ((~block[4]) & block[6])); // T1
-        }
-		ints2bytes(block, out, outOffset);
-	}
-
-	public int processBlock(byte[] in, int inOffset, byte[] out, int outOffset)	    
-			throws DataLengthException, IllegalStateException 
-	{
-		if (workingKey == null)
-		{
-			throw new IllegalStateException("Shacal2 not initialised");
-		}
-
-		if ((inOffset + BLOCK_SIZE) > in.length)
-		{
-			throw new DataLengthException("input buffer too short");
-		}
-
-		if ((outOffset + BLOCK_SIZE) > out.length)
-		{
-			throw new OutputLengthException("output buffer too short");
-		}
-
-		if (forEncryption)
-		{
-			encryptBlock(in, inOffset, out, outOffset);
-		}
-		else
-		{    
-			decryptBlock(in, inOffset, out, outOffset);
-		}
-
-		return BLOCK_SIZE;
-	}
-
-    private void byteBlockToInts(byte[] bytes, int[] block, int bytesPos, int blockPos)
-    {
-        for (int i = blockPos; i <  BLOCK_SIZE / 4; i++)
-        {
-            block[i] = ((bytes[bytesPos++] & 0xFF) << 24)
-                | ((bytes[bytesPos++] & 0xFF) << 16)
-                | ((bytes[bytesPos++] & 0xFF) << 8)
-                | (bytes[bytesPos++] & 0xFF);
-        }
-    }
-
-    private void bytes2ints(byte[] bytes, int[] block, int bytesPos, int blockPos)
-    {
-        for (int i = blockPos; i < bytes.length / 4; i++)
-        {
-            block[i] = ((bytes[bytesPos++] & 0xFF) << 24)
-                | ((bytes[bytesPos++] & 0xFF) << 16)
-                | ((bytes[bytesPos++] & 0xFF) << 8)
-                | (bytes[bytesPos++] & 0xFF);
-        }
-    }
-
-    private void ints2bytes(int[] block, byte[] out, int pos)
-    {
-        for (int i = 0; i < block.length; i++)
-        {
-            out[pos++] = (byte)(block[i] >>> 24);
-            out[pos++] = (byte)(block[i] >>> 16);
-            out[pos++] = (byte)(block[i] >>> 8);
-            out[pos++] = (byte)block[i];
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/SkipjackEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/SkipjackEngine.java
deleted file mode 100644
index 1fac536..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/SkipjackEngine.java
+++ /dev/null

@@ -1,260 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.KeyParameter;
-
-/**
- * a class that provides a basic SKIPJACK engine.
- */
-public class SkipjackEngine
-    implements BlockCipher
-{
-    static final int BLOCK_SIZE = 8;
-
-    static short ftable[] =
-    { 
-        0xa3, 0xd7, 0x09, 0x83, 0xf8, 0x48, 0xf6, 0xf4, 0xb3, 0x21, 0x15, 0x78, 0x99, 0xb1, 0xaf, 0xf9, 
-        0xe7, 0x2d, 0x4d, 0x8a, 0xce, 0x4c, 0xca, 0x2e, 0x52, 0x95, 0xd9, 0x1e, 0x4e, 0x38, 0x44, 0x28, 
-        0x0a, 0xdf, 0x02, 0xa0, 0x17, 0xf1, 0x60, 0x68, 0x12, 0xb7, 0x7a, 0xc3, 0xe9, 0xfa, 0x3d, 0x53, 
-        0x96, 0x84, 0x6b, 0xba, 0xf2, 0x63, 0x9a, 0x19, 0x7c, 0xae, 0xe5, 0xf5, 0xf7, 0x16, 0x6a, 0xa2, 
-        0x39, 0xb6, 0x7b, 0x0f, 0xc1, 0x93, 0x81, 0x1b, 0xee, 0xb4, 0x1a, 0xea, 0xd0, 0x91, 0x2f, 0xb8, 
-        0x55, 0xb9, 0xda, 0x85, 0x3f, 0x41, 0xbf, 0xe0, 0x5a, 0x58, 0x80, 0x5f, 0x66, 0x0b, 0xd8, 0x90, 
-        0x35, 0xd5, 0xc0, 0xa7, 0x33, 0x06, 0x65, 0x69, 0x45, 0x00, 0x94, 0x56, 0x6d, 0x98, 0x9b, 0x76, 
-        0x97, 0xfc, 0xb2, 0xc2, 0xb0, 0xfe, 0xdb, 0x20, 0xe1, 0xeb, 0xd6, 0xe4, 0xdd, 0x47, 0x4a, 0x1d, 
-        0x42, 0xed, 0x9e, 0x6e, 0x49, 0x3c, 0xcd, 0x43, 0x27, 0xd2, 0x07, 0xd4, 0xde, 0xc7, 0x67, 0x18, 
-        0x89, 0xcb, 0x30, 0x1f, 0x8d, 0xc6, 0x8f, 0xaa, 0xc8, 0x74, 0xdc, 0xc9, 0x5d, 0x5c, 0x31, 0xa4, 
-        0x70, 0x88, 0x61, 0x2c, 0x9f, 0x0d, 0x2b, 0x87, 0x50, 0x82, 0x54, 0x64, 0x26, 0x7d, 0x03, 0x40, 
-        0x34, 0x4b, 0x1c, 0x73, 0xd1, 0xc4, 0xfd, 0x3b, 0xcc, 0xfb, 0x7f, 0xab, 0xe6, 0x3e, 0x5b, 0xa5, 
-        0xad, 0x04, 0x23, 0x9c, 0x14, 0x51, 0x22, 0xf0, 0x29, 0x79, 0x71, 0x7e, 0xff, 0x8c, 0x0e, 0xe2, 
-        0x0c, 0xef, 0xbc, 0x72, 0x75, 0x6f, 0x37, 0xa1, 0xec, 0xd3, 0x8e, 0x62, 0x8b, 0x86, 0x10, 0xe8, 
-        0x08, 0x77, 0x11, 0xbe, 0x92, 0x4f, 0x24, 0xc5, 0x32, 0x36, 0x9d, 0xcf, 0xf3, 0xa6, 0xbb, 0xac, 
-        0x5e, 0x6c, 0xa9, 0x13, 0x57, 0x25, 0xb5, 0xe3, 0xbd, 0xa8, 0x3a, 0x01, 0x05, 0x59, 0x2a, 0x46
-    };
-
-    private int[]       key0, key1, key2, key3;
-    private boolean     encrypting;
-
-    /**
-     * initialise a SKIPJACK cipher.
-     *
-     * @param encrypting whether or not we are for encryption.
-     * @param params the parameters required to set up the cipher.
-     * @exception IllegalArgumentException if the params argument is
-     * inappropriate.
-     */
-    public void init(
-        boolean           encrypting,
-        CipherParameters  params)
-    {
-        if (!(params instanceof KeyParameter))
-        {
-        throw new IllegalArgumentException("invalid parameter passed to SKIPJACK init - " + params.getClass().getName());
-        }
-
-        byte[] keyBytes = ((KeyParameter)params).getKey();
-
-        this.encrypting = encrypting;
-        this.key0 = new int[32];
-        this.key1 = new int[32];
-        this.key2 = new int[32];
-        this.key3 = new int[32];
-
-        //
-        // expand the key to 128 bytes in 4 parts (saving us a modulo, multiply
-        // and an addition).
-        //
-        for (int i = 0; i < 32; i ++)
-        {
-            key0[i] = keyBytes[(i * 4) % 10] & 0xff;
-            key1[i] = keyBytes[(i * 4 + 1) % 10] & 0xff;
-            key2[i] = keyBytes[(i * 4 + 2) % 10] & 0xff;
-            key3[i] = keyBytes[(i * 4 + 3) % 10] & 0xff;
-        }
-    }
-
-    public String getAlgorithmName()
-    {
-        return "SKIPJACK";
-    }
-
-    public int getBlockSize()
-    {
-        return BLOCK_SIZE;
-    }
-
-    public int processBlock(
-        byte[] in,
-        int inOff,
-        byte[] out,
-        int outOff)
-    {
-        if (key1 == null)
-        {
-            throw new IllegalStateException("SKIPJACK engine not initialised");
-        }
-
-        if ((inOff + BLOCK_SIZE) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-
-        if ((outOff + BLOCK_SIZE) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-
-        if (encrypting)
-        {
-            encryptBlock(in, inOff, out, outOff);
-        }
-        else
-        {
-            decryptBlock(in, inOff, out, outOff);
-        }
-
-        return BLOCK_SIZE;
-    }
-
-    public void reset()
-    {
-    }
-
-    /**
-     * The G permutation
-     */
-    private int g(
-        int     k,
-        int     w)
-    {
-        int g1, g2, g3, g4, g5, g6;
-
-        g1 = (w >> 8) & 0xff;
-        g2 = w & 0xff;
-
-        g3 = ftable[g2 ^ key0[k]] ^ g1;
-        g4 = ftable[g3 ^ key1[k]] ^ g2;
-        g5 = ftable[g4 ^ key2[k]] ^ g3;
-        g6 = ftable[g5 ^ key3[k]] ^ g4;
-
-        return ((g5 << 8) + g6);
-    }
-
-    public int encryptBlock(
-        byte[]      in,
-        int         inOff,
-        byte[]      out,
-        int         outOff)
-    {
-        int w1 = (in[inOff + 0] << 8) + (in[inOff + 1] & 0xff);
-        int w2 = (in[inOff + 2] << 8) + (in[inOff + 3] & 0xff);
-        int w3 = (in[inOff + 4] << 8) + (in[inOff + 5] & 0xff);
-        int w4 = (in[inOff + 6] << 8) + (in[inOff + 7] & 0xff);
-
-        int k = 0;
-
-        for (int t = 0; t < 2; t++)
-        {
-            for(int i = 0; i < 8; i++)
-            {
-                int tmp = w4;
-                w4 = w3;
-                w3 = w2;
-                w2 = g(k, w1);
-                w1 = w2 ^ tmp ^ (k + 1);
-                k++;
-            }
-
-            for(int i = 0; i < 8; i++)
-            {
-                int tmp = w4;
-                w4 = w3;
-                w3 = w1 ^ w2 ^ (k + 1);
-                w2 = g(k, w1);
-                w1 = tmp;
-                k++;
-            }
-        }
-
-        out[outOff + 0] = (byte)((w1 >> 8));
-        out[outOff + 1] = (byte)(w1);
-        out[outOff + 2] = (byte)((w2 >> 8));
-        out[outOff + 3] = (byte)(w2);
-        out[outOff + 4] = (byte)((w3 >> 8));
-        out[outOff + 5] = (byte)(w3);
-        out[outOff + 6] = (byte)((w4 >> 8));
-        out[outOff + 7] = (byte)(w4);
-
-        return BLOCK_SIZE;
-    }
-
-    /**
-     * the inverse of the G permutation.
-     */
-    private int h(
-        int     k,
-        int     w)
-    {
-        int h1, h2, h3, h4, h5, h6;
-
-        h1 = w & 0xff;
-        h2 = (w >> 8) & 0xff;
-
-        h3 = ftable[h2 ^ key3[k]] ^ h1;
-        h4 = ftable[h3 ^ key2[k]] ^ h2;
-        h5 = ftable[h4 ^ key1[k]] ^ h3;
-        h6 = ftable[h5 ^ key0[k]] ^ h4;
-
-        return ((h6 << 8) + h5);
-    }
-
-    public int decryptBlock(
-        byte[]      in,
-        int         inOff,
-        byte[]      out,
-        int         outOff)
-    {
-        int w2 = (in[inOff + 0] << 8) + (in[inOff + 1] & 0xff);
-        int w1 = (in[inOff + 2] << 8) + (in[inOff + 3] & 0xff);
-        int w4 = (in[inOff + 4] << 8) + (in[inOff + 5] & 0xff);
-        int w3 = (in[inOff + 6] << 8) + (in[inOff + 7] & 0xff);
-
-        int k = 31;
-
-        for (int t = 0; t < 2; t++)
-        {
-            for(int i = 0; i < 8; i++)
-            {
-                int tmp = w4;
-                w4 = w3;
-                w3 = w2;
-                w2 = h(k, w1);
-                w1 = w2 ^ tmp ^ (k + 1);
-                k--;
-            }
-
-            for(int i = 0; i < 8; i++)
-            {
-                int tmp = w4;
-                w4 = w3;
-                w3 = w1 ^ w2 ^ (k + 1);
-                w2 = h(k, w1);
-                w1 = tmp;
-                k--;
-            }
-        }
-
-        out[outOff + 0] = (byte)((w2 >> 8));
-        out[outOff + 1] = (byte)(w2);
-        out[outOff + 2] = (byte)((w1 >> 8));
-        out[outOff + 3] = (byte)(w1);
-        out[outOff + 4] = (byte)((w4 >> 8));
-        out[outOff + 5] = (byte)(w4);
-        out[outOff + 6] = (byte)((w3 >> 8));
-        out[outOff + 7] = (byte)(w3);
-
-        return BLOCK_SIZE;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/TEAEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/TEAEngine.java
deleted file mode 100644
index ac65443..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/TEAEngine.java
+++ /dev/null

@@ -1,184 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.KeyParameter;
-
-/**
- * An TEA engine.
- */
-public class TEAEngine
-    implements BlockCipher
-{
-    private static final int rounds     = 32,
-                             block_size = 8,
-//                             key_size   = 16,
-                             delta      = 0x9E3779B9,
-                             d_sum      = 0xC6EF3720; // sum on decrypt
-    /*
-     * the expanded key array of 4 subkeys
-     */
-    private int _a, _b, _c, _d;
-    private boolean _initialised;
-    private boolean _forEncryption;
-
-    /**
-     * Create an instance of the TEA encryption algorithm
-     * and set some defaults
-     */
-    public TEAEngine()
-    {
-        _initialised = false;
-    }
-
-    public String getAlgorithmName()
-    {
-        return "TEA";
-    }
-
-    public int getBlockSize()
-    {
-        return block_size;
-    }
-
-    /**
-     * initialise
-     *
-     * @param forEncryption whether or not we are for encryption.
-     * @param params the parameters required to set up the cipher.
-     * @exception IllegalArgumentException if the params argument is
-     * inappropriate.
-     */
-    public void init(
-        boolean             forEncryption,
-        CipherParameters    params)
-    {
-        if (!(params instanceof KeyParameter))
-        {
-            throw new IllegalArgumentException("invalid parameter passed to TEA init - " + params.getClass().getName());
-        }
-
-        _forEncryption = forEncryption;
-        _initialised = true;
-
-        KeyParameter       p = (KeyParameter)params;
-
-        setKey(p.getKey());
-    }
-
-    public int processBlock(
-        byte[]  in,
-        int     inOff,
-        byte[]  out,
-        int     outOff)
-    {
-        if (!_initialised)
-        {
-            throw new IllegalStateException(getAlgorithmName()+" not initialised");
-        }
-        
-        if ((inOff + block_size) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-        
-        if ((outOff + block_size) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-        
-        return (_forEncryption) ? encryptBlock(in, inOff, out, outOff)
-                                    : decryptBlock(in, inOff, out, outOff);
-    }
-
-    public void reset()
-    {
-    }
-
-    /**
-     * Re-key the cipher.
-     * <p>
-     * @param  key  the key to be used
-     */
-    private void setKey(
-        byte[]      key)
-    {
-        if (key.length != 16) 
-        {
-            throw new IllegalArgumentException("Key size must be 128 bits.");
-        }
-
-        _a = bytesToInt(key, 0);
-        _b = bytesToInt(key, 4);
-        _c = bytesToInt(key, 8);
-        _d = bytesToInt(key, 12);
-    }
-
-    private int encryptBlock(
-        byte[]  in,
-        int     inOff,
-        byte[]  out,
-        int     outOff)
-    {
-        // Pack bytes into integers
-        int v0 = bytesToInt(in, inOff);
-        int v1 = bytesToInt(in, inOff + 4);
-        
-        int sum = 0;
-        
-        for (int i = 0; i != rounds; i++)
-        {
-            sum += delta;
-            v0  += ((v1 << 4) + _a) ^ (v1 + sum) ^ ((v1 >>> 5) + _b);
-            v1  += ((v0 << 4) + _c) ^ (v0 + sum) ^ ((v0 >>> 5) + _d);
-        }
-
-        unpackInt(v0, out, outOff);
-        unpackInt(v1, out, outOff + 4);
-        
-        return block_size;
-    }
-
-    private int decryptBlock(
-        byte[]  in,
-        int     inOff,
-        byte[]  out,
-        int     outOff)
-    {
-        // Pack bytes into integers
-        int v0 = bytesToInt(in, inOff);
-        int v1 = bytesToInt(in, inOff + 4);
-        
-        int sum = d_sum;
-        
-        for (int i = 0; i != rounds; i++)
-        {
-            v1  -= ((v0 << 4) + _c) ^ (v0 + sum) ^ ((v0 >>> 5) + _d);
-            v0  -= ((v1 << 4) + _a) ^ (v1 + sum) ^ ((v1 >>> 5) + _b);
-            sum -= delta;
-        }
-        
-        unpackInt(v0, out, outOff);
-        unpackInt(v1, out, outOff + 4);
-        
-        return block_size;
-    }
-
-    private int bytesToInt(byte[] in, int inOff)
-    {
-        return ((in[inOff++]) << 24) |
-                 ((in[inOff++] & 255) << 16) |
-                 ((in[inOff++] & 255) <<  8) |
-                 ((in[inOff] & 255));
-    }
-
-    private void unpackInt(int v, byte[] out, int outOff)
-    {
-        out[outOff++] = (byte)(v >>> 24);
-        out[outOff++] = (byte)(v >>> 16);
-        out[outOff++] = (byte)(v >>>  8);
-        out[outOff  ] = (byte)v;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/ThreefishEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/ThreefishEngine.java
deleted file mode 100644
index 1e4d61d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/ThreefishEngine.java
+++ /dev/null

@@ -1,1494 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.TweakableBlockCipherParameters;
-
-/**
- * Implementation of the Threefish tweakable large block cipher in 256, 512 and 1024 bit block
- * sizes.
- * <p>
- * This is the 1.3 version of Threefish defined in the Skein hash function submission to the NIST
- * SHA-3 competition in October 2010.
- * <p>
- * Threefish was designed by Niels Ferguson - Stefan Lucks - Bruce Schneier - Doug Whiting - Mihir
- * Bellare - Tadayoshi Kohno - Jon Callas - Jesse Walker.
- * <p>
- * This implementation inlines all round functions, unrolls 8 rounds, and uses 1.2k of static tables
- * to speed up key schedule injection. <br>
- * 2 x block size state is retained by each cipher instance.
- */
-public class ThreefishEngine
-    implements BlockCipher
-{
-    /**
-     * 256 bit block size - Threefish-256
-     */
-    public static final int BLOCKSIZE_256 = 256;
-    /**
-     * 512 bit block size - Threefish-512
-     */
-    public static final int BLOCKSIZE_512 = 512;
-    /**
-     * 1024 bit block size - Threefish-1024
-     */
-    public static final int BLOCKSIZE_1024 = 1024;
-
-    /**
-     * Size of the tweak in bytes (always 128 bit/16 bytes)
-     */
-    private static final int TWEAK_SIZE_BYTES = 16;
-    private static final int TWEAK_SIZE_WORDS = TWEAK_SIZE_BYTES / 8;
-
-    /**
-     * Rounds in Threefish-256
-     */
-    private static final int ROUNDS_256 = 72;
-    /**
-     * Rounds in Threefish-512
-     */
-    private static final int ROUNDS_512 = 72;
-    /**
-     * Rounds in Threefish-1024
-     */
-    private static final int ROUNDS_1024 = 80;
-
-    /**
-     * Max rounds of any of the variants
-     */
-    private static final int MAX_ROUNDS = ROUNDS_1024;
-
-    /**
-     * Key schedule parity constant
-     */
-    private static final long C_240 = 0x1BD11BDAA9FC1A22L;
-
-    /* Pre-calculated modulo arithmetic tables for key schedule lookups */
-    private static int[] MOD9 = new int[MAX_ROUNDS];
-    private static int[] MOD17 = new int[MOD9.length];
-    private static int[] MOD5 = new int[MOD9.length];
-    private static int[] MOD3 = new int[MOD9.length];
-
-    static
-    {
-        for (int i = 0; i < MOD9.length; i++)
-        {
-            MOD17[i] = i % 17;
-            MOD9[i] = i % 9;
-            MOD5[i] = i % 5;
-            MOD3[i] = i % 3;
-        }
-    }
-
-    /**
-     * Block size in bytes
-     */
-    private int blocksizeBytes;
-
-    /**
-     * Block size in 64 bit words
-     */
-    private int blocksizeWords;
-
-    /**
-     * Buffer for byte oriented processBytes to call internal word API
-     */
-    private long[] currentBlock;
-
-    /**
-     * Tweak bytes (2 byte t1,t2, calculated t3 and repeat of t1,t2 for modulo free lookup
-     */
-    private long[] t = new long[5];
-
-    /**
-     * Key schedule words
-     */
-    private long[] kw;
-
-    /**
-     * The internal cipher implementation (varies by blocksize)
-     */
-    private ThreefishCipher cipher;
-
-    private boolean forEncryption;
-
-    /**
-     * Constructs a new Threefish cipher, with a specified block size.
-     *
-     * @param blocksizeBits the block size in bits, one of {@link #BLOCKSIZE_256}, {@link #BLOCKSIZE_512},
-     *                      {@link #BLOCKSIZE_1024}.
-     */
-    public ThreefishEngine(final int blocksizeBits)
-    {
-        this.blocksizeBytes = (blocksizeBits / 8);
-        this.blocksizeWords = (this.blocksizeBytes / 8);
-        this.currentBlock = new long[blocksizeWords];
-
-        /*
-         * Provide room for original key words, extended key word and repeat of key words for modulo
-         * free lookup of key schedule words.
-         */
-        this.kw = new long[2 * blocksizeWords + 1];
-
-        switch (blocksizeBits)
-        {
-        case BLOCKSIZE_256:
-            cipher = new Threefish256Cipher(kw, t);
-            break;
-        case BLOCKSIZE_512:
-            cipher = new Threefish512Cipher(kw, t);
-            break;
-        case BLOCKSIZE_1024:
-            cipher = new Threefish1024Cipher(kw, t);
-            break;
-        default:
-            throw new IllegalArgumentException(
-                "Invalid blocksize - Threefish is defined with block size of 256, 512, or 1024 bits");
-        }
-    }
-
-    /**
-     * Initialise the engine.
-     *
-     * @param params an instance of {@link TweakableBlockCipherParameters}, or {@link KeyParameter} (to
-     *               use a 0 tweak)
-     */
-    public void init(boolean forEncryption, CipherParameters params)
-        throws IllegalArgumentException
-    {
-        final byte[] keyBytes;
-        final byte[] tweakBytes;
-
-        if (params instanceof TweakableBlockCipherParameters)
-        {
-            TweakableBlockCipherParameters tParams = (TweakableBlockCipherParameters)params;
-            keyBytes = tParams.getKey().getKey();
-            tweakBytes = tParams.getTweak();
-        }
-        else if (params instanceof KeyParameter)
-        {
-            keyBytes = ((KeyParameter)params).getKey();
-            tweakBytes = null;
-        }
-        else
-        {
-            throw new IllegalArgumentException("Invalid parameter passed to Threefish init - "
-                + params.getClass().getName());
-        }
-
-        long[] keyWords = null;
-        long[] tweakWords = null;
-
-        if (keyBytes != null)
-        {
-            if (keyBytes.length != this.blocksizeBytes)
-            {
-                throw new IllegalArgumentException("Threefish key must be same size as block (" + blocksizeBytes
-                    + " bytes)");
-            }
-            keyWords = new long[blocksizeWords];
-            for (int i = 0; i < keyWords.length; i++)
-            {
-                keyWords[i] = bytesToWord(keyBytes, i * 8);
-            }
-        }
-        if (tweakBytes != null)
-        {
-            if (tweakBytes.length != TWEAK_SIZE_BYTES)
-            {
-                throw new IllegalArgumentException("Threefish tweak must be " + TWEAK_SIZE_BYTES + " bytes");
-            }
-            tweakWords = new long[]{bytesToWord(tweakBytes, 0), bytesToWord(tweakBytes, 8)};
-        }
-        init(forEncryption, keyWords, tweakWords);
-    }
-
-    /**
-     * Initialise the engine, specifying the key and tweak directly.
-     *
-     * @param forEncryption the cipher mode.
-     * @param key           the words of the key, or <code>null</code> to use the current key.
-     * @param tweak         the 2 word (128 bit) tweak, or <code>null</code> to use the current tweak.
-     */
-    public void init(boolean forEncryption, final long[] key, final long[] tweak)
-    {
-        this.forEncryption = forEncryption;
-        if (key != null)
-        {
-            setKey(key);
-        }
-        if (tweak != null)
-        {
-            setTweak(tweak);
-        }
-    }
-
-    private void setKey(long[] key)
-    {
-        if (key.length != this.blocksizeWords)
-        {
-            throw new IllegalArgumentException("Threefish key must be same size as block (" + blocksizeWords
-                + " words)");
-        }
-
-        /*
-         * Full subkey schedule is deferred to execution to avoid per cipher overhead (10k for 512,
-         * 20k for 1024).
-         * 
-         * Key and tweak word sequences are repeated, and static MOD17/MOD9/MOD5/MOD3 calculations
-         * used, to avoid expensive mod computations during cipher operation.
-         */
-
-        long knw = C_240;
-        for (int i = 0; i < blocksizeWords; i++)
-        {
-            kw[i] = key[i];
-            knw = knw ^ kw[i];
-        }
-        kw[blocksizeWords] = knw;
-        System.arraycopy(kw, 0, kw, blocksizeWords + 1, blocksizeWords);
-    }
-
-    private void setTweak(long[] tweak)
-    {
-        if (tweak.length != TWEAK_SIZE_WORDS)
-        {
-            throw new IllegalArgumentException("Tweak must be " + TWEAK_SIZE_WORDS + " words.");
-        }
-
-        /*
-         * Tweak schedule partially repeated to avoid mod computations during cipher operation
-         */
-        t[0] = tweak[0];
-        t[1] = tweak[1];
-        t[2] = t[0] ^ t[1];
-        t[3] = t[0];
-        t[4] = t[1];
-    }
-
-    public String getAlgorithmName()
-    {
-        return "Threefish-" + (blocksizeBytes * 8);
-    }
-
-    public int getBlockSize()
-    {
-        return blocksizeBytes;
-    }
-
-    public void reset()
-    {
-    }
-
-    public int processBlock(byte[] in, int inOff, byte[] out, int outOff)
-        throws DataLengthException,
-        IllegalStateException
-    {
-        if ((inOff + blocksizeBytes) > in.length)
-        {
-            throw new DataLengthException("Input buffer too short");
-        }
-        if ((outOff + blocksizeBytes) > out.length)
-        {
-            throw new OutputLengthException("Output buffer too short");
-        }
-
-        for (int i = 0; i < blocksizeBytes; i += 8)
-        {
-            currentBlock[i >> 3] = bytesToWord(in, inOff + i);
-        }
-        processBlock(this.currentBlock, this.currentBlock);
-        for (int i = 0; i < blocksizeBytes; i += 8)
-        {
-            wordToBytes(this.currentBlock[i >> 3], out, outOff + i);
-        }
-
-        return blocksizeBytes;
-    }
-
-    /**
-     * Process a block of data represented as 64 bit words.
-     *
-     * @param in  a block sized buffer of words to process.
-     * @param out a block sized buffer of words to receive the output of the operation.
-     * @return the number of 8 byte words processed (which will be the same as the block size).
-     * @throws DataLengthException if either the input or output is not block sized.
-     * @throws IllegalStateException if this engine is not initialised.
-     */
-    public int processBlock(long[] in, long[] out)
-        throws DataLengthException, IllegalStateException
-    {
-        if (kw[blocksizeWords] == 0)
-        {
-            throw new IllegalStateException("Threefish engine not initialised");
-        }
-
-        if (in.length != blocksizeWords)
-        {
-            throw new DataLengthException("Input buffer too short");
-        }
-        if (out.length != blocksizeWords)
-        {
-            throw new OutputLengthException("Output buffer too short");
-        }
-
-        if (forEncryption)
-        {
-            cipher.encryptBlock(in, out);
-        }
-        else
-        {
-            cipher.decryptBlock(in, out);
-        }
-
-        return blocksizeWords;
-    }
-
-    /**
-     * Read a single 64 bit word from input in LSB first order.
-     */
-    // At least package protected for efficient access from inner class
-    public static long bytesToWord(final byte[] bytes, final int off)
-    {
-        if ((off + 8) > bytes.length)
-        {
-            // Help the JIT avoid index checks
-            throw new IllegalArgumentException();
-        }
-
-        long word = 0;
-        int index = off;
-
-        word = (bytes[index++] & 0xffL);
-        word |= (bytes[index++] & 0xffL) << 8;
-        word |= (bytes[index++] & 0xffL) << 16;
-        word |= (bytes[index++] & 0xffL) << 24;
-        word |= (bytes[index++] & 0xffL) << 32;
-        word |= (bytes[index++] & 0xffL) << 40;
-        word |= (bytes[index++] & 0xffL) << 48;
-        word |= (bytes[index++] & 0xffL) << 56;
-
-        return word;
-    }
-
-    /**
-     * Write a 64 bit word to output in LSB first order.
-     */
-    // At least package protected for efficient access from inner class
-    public static void wordToBytes(final long word, final byte[] bytes, final int off)
-    {
-        if ((off + 8) > bytes.length)
-        {
-            // Help the JIT avoid index checks
-            throw new IllegalArgumentException();
-        }
-        int index = off;
-
-        bytes[index++] = (byte)word;
-        bytes[index++] = (byte)(word >> 8);
-        bytes[index++] = (byte)(word >> 16);
-        bytes[index++] = (byte)(word >> 24);
-        bytes[index++] = (byte)(word >> 32);
-        bytes[index++] = (byte)(word >> 40);
-        bytes[index++] = (byte)(word >> 48);
-        bytes[index++] = (byte)(word >> 56);
-    }
-
-    /**
-     * Rotate left + xor part of the mix operation.
-     */
-    // Package protected for efficient access from inner class
-    static long rotlXor(long x, int n, long xor)
-    {
-        return ((x << n) | (x >>> -n)) ^ xor;
-    }
-
-    /**
-     * Rotate xor + rotate right part of the unmix operation.
-     */
-    // Package protected for efficient access from inner class
-    static long xorRotr(long x, int n, long xor)
-    {
-        long xored = x ^ xor;
-        return (xored >>> n) | (xored << -n);
-    }
-
-    private static abstract class ThreefishCipher
-    {
-        /**
-         * The extended + repeated tweak words
-         */
-        protected final long[] t;
-        /**
-         * The extended + repeated key words
-         */
-        protected final long[] kw;
-
-        protected ThreefishCipher(final long[] kw, final long[] t)
-        {
-            this.kw = kw;
-            this.t = t;
-        }
-
-        abstract void encryptBlock(long[] block, long[] out);
-
-        abstract void decryptBlock(long[] block, long[] out);
-
-    }
-
-    private static final class Threefish256Cipher
-        extends ThreefishCipher
-    {
-        /**
-         * Mix rotation constants defined in Skein 1.3 specification
-         */
-        private static final int ROTATION_0_0 = 14, ROTATION_0_1 = 16;
-        private static final int ROTATION_1_0 = 52, ROTATION_1_1 = 57;
-        private static final int ROTATION_2_0 = 23, ROTATION_2_1 = 40;
-        private static final int ROTATION_3_0 = 5, ROTATION_3_1 = 37;
-
-        private static final int ROTATION_4_0 = 25, ROTATION_4_1 = 33;
-        private static final int ROTATION_5_0 = 46, ROTATION_5_1 = 12;
-        private static final int ROTATION_6_0 = 58, ROTATION_6_1 = 22;
-        private static final int ROTATION_7_0 = 32, ROTATION_7_1 = 32;
-
-        public Threefish256Cipher(long[] kw, long[] t)
-        {
-            super(kw, t);
-        }
-
-        void encryptBlock(long[] block, long[] out)
-        {
-            final long[] kw = this.kw;
-            final long[] t = this.t;
-            final int[] mod5 = MOD5;
-            final int[] mod3 = MOD3;
-
-            /* Help the JIT avoid index bounds checks */
-            if (kw.length != 9)
-            {
-                throw new IllegalArgumentException();
-            }
-            if (t.length != 5)
-            {
-                throw new IllegalArgumentException();
-            }
-
-            /*
-             * Read 4 words of plaintext data, not using arrays for cipher state
-             */
-            long b0 = block[0];
-            long b1 = block[1];
-            long b2 = block[2];
-            long b3 = block[3];
-
-            /*
-             * First subkey injection.
-             */
-            b0 += kw[0];
-            b1 += kw[1] + t[0];
-            b2 += kw[2] + t[1];
-            b3 += kw[3];
-
-            /*
-             * Rounds loop, unrolled to 8 rounds per iteration.
-             * 
-             * Unrolling to multiples of 4 avoids the mod 4 check for key injection, and allows
-             * inlining of the permutations, which cycle every of 2 rounds (avoiding array
-             * index/lookup).
-             * 
-             * Unrolling to multiples of 8 avoids the mod 8 rotation constant lookup, and allows
-             * inlining constant rotation values (avoiding array index/lookup).
-             */
-
-            for (int d = 1; d < (ROUNDS_256 / 4); d += 2)
-            {
-                final int dm5 = mod5[d];
-                final int dm3 = mod3[d];
-
-                /*
-                 * 4 rounds of mix and permute.
-                 * 
-                 * Permute schedule has a 2 round cycle, so permutes are inlined in the mix
-                 * operations in each 4 round block.
-                 */
-                b1 = rotlXor(b1, ROTATION_0_0, b0 += b1);
-                b3 = rotlXor(b3, ROTATION_0_1, b2 += b3);
-
-                b3 = rotlXor(b3, ROTATION_1_0, b0 += b3);
-                b1 = rotlXor(b1, ROTATION_1_1, b2 += b1);
-
-                b1 = rotlXor(b1, ROTATION_2_0, b0 += b1);
-                b3 = rotlXor(b3, ROTATION_2_1, b2 += b3);
-
-                b3 = rotlXor(b3, ROTATION_3_0, b0 += b3);
-                b1 = rotlXor(b1, ROTATION_3_1, b2 += b1);
-
-                /*
-                 * Subkey injection for first 4 rounds.
-                 */
-                b0 += kw[dm5];
-                b1 += kw[dm5 + 1] + t[dm3];
-                b2 += kw[dm5 + 2] + t[dm3 + 1];
-                b3 += kw[dm5 + 3] + d;
-
-                /*
-                 * 4 more rounds of mix/permute
-                 */
-                b1 = rotlXor(b1, ROTATION_4_0, b0 += b1);
-                b3 = rotlXor(b3, ROTATION_4_1, b2 += b3);
-
-                b3 = rotlXor(b3, ROTATION_5_0, b0 += b3);
-                b1 = rotlXor(b1, ROTATION_5_1, b2 += b1);
-
-                b1 = rotlXor(b1, ROTATION_6_0, b0 += b1);
-                b3 = rotlXor(b3, ROTATION_6_1, b2 += b3);
-
-                b3 = rotlXor(b3, ROTATION_7_0, b0 += b3);
-                b1 = rotlXor(b1, ROTATION_7_1, b2 += b1);
-
-                /*
-                 * Subkey injection for next 4 rounds.
-                 */
-                b0 += kw[dm5 + 1];
-                b1 += kw[dm5 + 2] + t[dm3 + 1];
-                b2 += kw[dm5 + 3] + t[dm3 + 2];
-                b3 += kw[dm5 + 4] + d + 1;
-            }
-
-            /*
-             * Output cipher state.
-             */
-            out[0] = b0;
-            out[1] = b1;
-            out[2] = b2;
-            out[3] = b3;
-        }
-
-        void decryptBlock(long[] block, long[] state)
-        {
-            final long[] kw = this.kw;
-            final long[] t = this.t;
-            final int[] mod5 = MOD5;
-            final int[] mod3 = MOD3;
-
-            /* Help the JIT avoid index bounds checks */
-            if (kw.length != 9)
-            {
-                throw new IllegalArgumentException();
-            }
-            if (t.length != 5)
-            {
-                throw new IllegalArgumentException();
-            }
-
-            long b0 = block[0];
-            long b1 = block[1];
-            long b2 = block[2];
-            long b3 = block[3];
-
-            for (int d = (ROUNDS_256 / 4) - 1; d >= 1; d -= 2)
-            {
-                final int dm5 = mod5[d];
-                final int dm3 = mod3[d];
-
-                /* Reverse key injection for second 4 rounds */
-                b0 -= kw[dm5 + 1];
-                b1 -= kw[dm5 + 2] + t[dm3 + 1];
-                b2 -= kw[dm5 + 3] + t[dm3 + 2];
-                b3 -= kw[dm5 + 4] + d + 1;
-
-                /* Reverse second 4 mix/permute rounds */
-
-                b3 = xorRotr(b3, ROTATION_7_0, b0);
-                b0 -= b3;
-                b1 = xorRotr(b1, ROTATION_7_1, b2);
-                b2 -= b1;
-
-                b1 = xorRotr(b1, ROTATION_6_0, b0);
-                b0 -= b1;
-                b3 = xorRotr(b3, ROTATION_6_1, b2);
-                b2 -= b3;
-
-                b3 = xorRotr(b3, ROTATION_5_0, b0);
-                b0 -= b3;
-                b1 = xorRotr(b1, ROTATION_5_1, b2);
-                b2 -= b1;
-
-                b1 = xorRotr(b1, ROTATION_4_0, b0);
-                b0 -= b1;
-                b3 = xorRotr(b3, ROTATION_4_1, b2);
-                b2 -= b3;
-
-                /* Reverse key injection for first 4 rounds */
-                b0 -= kw[dm5];
-                b1 -= kw[dm5 + 1] + t[dm3];
-                b2 -= kw[dm5 + 2] + t[dm3 + 1];
-                b3 -= kw[dm5 + 3] + d;
-
-                /* Reverse first 4 mix/permute rounds */
-                b3 = xorRotr(b3, ROTATION_3_0, b0);
-                b0 -= b3;
-                b1 = xorRotr(b1, ROTATION_3_1, b2);
-                b2 -= b1;
-
-                b1 = xorRotr(b1, ROTATION_2_0, b0);
-                b0 -= b1;
-                b3 = xorRotr(b3, ROTATION_2_1, b2);
-                b2 -= b3;
-
-                b3 = xorRotr(b3, ROTATION_1_0, b0);
-                b0 -= b3;
-                b1 = xorRotr(b1, ROTATION_1_1, b2);
-                b2 -= b1;
-
-                b1 = xorRotr(b1, ROTATION_0_0, b0);
-                b0 -= b1;
-                b3 = xorRotr(b3, ROTATION_0_1, b2);
-                b2 -= b3;
-            }
-
-            /*
-             * First subkey uninjection.
-             */
-            b0 -= kw[0];
-            b1 -= kw[1] + t[0];
-            b2 -= kw[2] + t[1];
-            b3 -= kw[3];
-
-            /*
-             * Output cipher state.
-             */
-            state[0] = b0;
-            state[1] = b1;
-            state[2] = b2;
-            state[3] = b3;
-        }
-
-    }
-
-    private static final class Threefish512Cipher
-        extends ThreefishCipher
-    {
-        /**
-         * Mix rotation constants defined in Skein 1.3 specification
-         */
-        private static final int ROTATION_0_0 = 46, ROTATION_0_1 = 36, ROTATION_0_2 = 19, ROTATION_0_3 = 37;
-        private static final int ROTATION_1_0 = 33, ROTATION_1_1 = 27, ROTATION_1_2 = 14, ROTATION_1_3 = 42;
-        private static final int ROTATION_2_0 = 17, ROTATION_2_1 = 49, ROTATION_2_2 = 36, ROTATION_2_3 = 39;
-        private static final int ROTATION_3_0 = 44, ROTATION_3_1 = 9, ROTATION_3_2 = 54, ROTATION_3_3 = 56;
-
-        private static final int ROTATION_4_0 = 39, ROTATION_4_1 = 30, ROTATION_4_2 = 34, ROTATION_4_3 = 24;
-        private static final int ROTATION_5_0 = 13, ROTATION_5_1 = 50, ROTATION_5_2 = 10, ROTATION_5_3 = 17;
-        private static final int ROTATION_6_0 = 25, ROTATION_6_1 = 29, ROTATION_6_2 = 39, ROTATION_6_3 = 43;
-        private static final int ROTATION_7_0 = 8, ROTATION_7_1 = 35, ROTATION_7_2 = 56, ROTATION_7_3 = 22;
-
-        protected Threefish512Cipher(long[] kw, long[] t)
-        {
-            super(kw, t);
-        }
-
-        public void encryptBlock(long[] block, long[] out)
-        {
-            final long[] kw = this.kw;
-            final long[] t = this.t;
-            final int[] mod9 = MOD9;
-            final int[] mod3 = MOD3;
-
-            /* Help the JIT avoid index bounds checks */
-            if (kw.length != 17)
-            {
-                throw new IllegalArgumentException();
-            }
-            if (t.length != 5)
-            {
-                throw new IllegalArgumentException();
-            }
-
-            /*
-             * Read 8 words of plaintext data, not using arrays for cipher state
-             */
-            long b0 = block[0];
-            long b1 = block[1];
-            long b2 = block[2];
-            long b3 = block[3];
-            long b4 = block[4];
-            long b5 = block[5];
-            long b6 = block[6];
-            long b7 = block[7];
-
-            /*
-             * First subkey injection.
-             */
-            b0 += kw[0];
-            b1 += kw[1];
-            b2 += kw[2];
-            b3 += kw[3];
-            b4 += kw[4];
-            b5 += kw[5] + t[0];
-            b6 += kw[6] + t[1];
-            b7 += kw[7];
-
-            /*
-             * Rounds loop, unrolled to 8 rounds per iteration.
-             * 
-             * Unrolling to multiples of 4 avoids the mod 4 check for key injection, and allows
-             * inlining of the permutations, which cycle every of 4 rounds (avoiding array
-             * index/lookup).
-             * 
-             * Unrolling to multiples of 8 avoids the mod 8 rotation constant lookup, and allows
-             * inlining constant rotation values (avoiding array index/lookup).
-             */
-
-            for (int d = 1; d < (ROUNDS_512 / 4); d += 2)
-            {
-                final int dm9 = mod9[d];
-                final int dm3 = mod3[d];
-
-                /*
-                 * 4 rounds of mix and permute.
-                 * 
-                 * Permute schedule has a 4 round cycle, so permutes are inlined in the mix
-                 * operations in each 4 round block.
-                 */
-                b1 = rotlXor(b1, ROTATION_0_0, b0 += b1);
-                b3 = rotlXor(b3, ROTATION_0_1, b2 += b3);
-                b5 = rotlXor(b5, ROTATION_0_2, b4 += b5);
-                b7 = rotlXor(b7, ROTATION_0_3, b6 += b7);
-
-                b1 = rotlXor(b1, ROTATION_1_0, b2 += b1);
-                b7 = rotlXor(b7, ROTATION_1_1, b4 += b7);
-                b5 = rotlXor(b5, ROTATION_1_2, b6 += b5);
-                b3 = rotlXor(b3, ROTATION_1_3, b0 += b3);
-
-                b1 = rotlXor(b1, ROTATION_2_0, b4 += b1);
-                b3 = rotlXor(b3, ROTATION_2_1, b6 += b3);
-                b5 = rotlXor(b5, ROTATION_2_2, b0 += b5);
-                b7 = rotlXor(b7, ROTATION_2_3, b2 += b7);
-
-                b1 = rotlXor(b1, ROTATION_3_0, b6 += b1);
-                b7 = rotlXor(b7, ROTATION_3_1, b0 += b7);
-                b5 = rotlXor(b5, ROTATION_3_2, b2 += b5);
-                b3 = rotlXor(b3, ROTATION_3_3, b4 += b3);
-
-                /*
-                 * Subkey injection for first 4 rounds.
-                 */
-                b0 += kw[dm9];
-                b1 += kw[dm9 + 1];
-                b2 += kw[dm9 + 2];
-                b3 += kw[dm9 + 3];
-                b4 += kw[dm9 + 4];
-                b5 += kw[dm9 + 5] + t[dm3];
-                b6 += kw[dm9 + 6] + t[dm3 + 1];
-                b7 += kw[dm9 + 7] + d;
-
-                /*
-                 * 4 more rounds of mix/permute
-                 */
-                b1 = rotlXor(b1, ROTATION_4_0, b0 += b1);
-                b3 = rotlXor(b3, ROTATION_4_1, b2 += b3);
-                b5 = rotlXor(b5, ROTATION_4_2, b4 += b5);
-                b7 = rotlXor(b7, ROTATION_4_3, b6 += b7);
-
-                b1 = rotlXor(b1, ROTATION_5_0, b2 += b1);
-                b7 = rotlXor(b7, ROTATION_5_1, b4 += b7);
-                b5 = rotlXor(b5, ROTATION_5_2, b6 += b5);
-                b3 = rotlXor(b3, ROTATION_5_3, b0 += b3);
-
-                b1 = rotlXor(b1, ROTATION_6_0, b4 += b1);
-                b3 = rotlXor(b3, ROTATION_6_1, b6 += b3);
-                b5 = rotlXor(b5, ROTATION_6_2, b0 += b5);
-                b7 = rotlXor(b7, ROTATION_6_3, b2 += b7);
-
-                b1 = rotlXor(b1, ROTATION_7_0, b6 += b1);
-                b7 = rotlXor(b7, ROTATION_7_1, b0 += b7);
-                b5 = rotlXor(b5, ROTATION_7_2, b2 += b5);
-                b3 = rotlXor(b3, ROTATION_7_3, b4 += b3);
-
-                /*
-                 * Subkey injection for next 4 rounds.
-                 */
-                b0 += kw[dm9 + 1];
-                b1 += kw[dm9 + 2];
-                b2 += kw[dm9 + 3];
-                b3 += kw[dm9 + 4];
-                b4 += kw[dm9 + 5];
-                b5 += kw[dm9 + 6] + t[dm3 + 1];
-                b6 += kw[dm9 + 7] + t[dm3 + 2];
-                b7 += kw[dm9 + 8] + d + 1;
-            }
-
-            /*
-             * Output cipher state.
-             */
-            out[0] = b0;
-            out[1] = b1;
-            out[2] = b2;
-            out[3] = b3;
-            out[4] = b4;
-            out[5] = b5;
-            out[6] = b6;
-            out[7] = b7;
-        }
-
-        public void decryptBlock(long[] block, long[] state)
-        {
-            final long[] kw = this.kw;
-            final long[] t = this.t;
-            final int[] mod9 = MOD9;
-            final int[] mod3 = MOD3;
-
-            /* Help the JIT avoid index bounds checks */
-            if (kw.length != 17)
-            {
-                throw new IllegalArgumentException();
-            }
-            if (t.length != 5)
-            {
-                throw new IllegalArgumentException();
-            }
-
-            long b0 = block[0];
-            long b1 = block[1];
-            long b2 = block[2];
-            long b3 = block[3];
-            long b4 = block[4];
-            long b5 = block[5];
-            long b6 = block[6];
-            long b7 = block[7];
-
-            for (int d = (ROUNDS_512 / 4) - 1; d >= 1; d -= 2)
-            {
-                final int dm9 = mod9[d];
-                final int dm3 = mod3[d];
-
-                /* Reverse key injection for second 4 rounds */
-                b0 -= kw[dm9 + 1];
-                b1 -= kw[dm9 + 2];
-                b2 -= kw[dm9 + 3];
-                b3 -= kw[dm9 + 4];
-                b4 -= kw[dm9 + 5];
-                b5 -= kw[dm9 + 6] + t[dm3 + 1];
-                b6 -= kw[dm9 + 7] + t[dm3 + 2];
-                b7 -= kw[dm9 + 8] + d + 1;
-
-                /* Reverse second 4 mix/permute rounds */
-
-                b1 = xorRotr(b1, ROTATION_7_0, b6);
-                b6 -= b1;
-                b7 = xorRotr(b7, ROTATION_7_1, b0);
-                b0 -= b7;
-                b5 = xorRotr(b5, ROTATION_7_2, b2);
-                b2 -= b5;
-                b3 = xorRotr(b3, ROTATION_7_3, b4);
-                b4 -= b3;
-
-                b1 = xorRotr(b1, ROTATION_6_0, b4);
-                b4 -= b1;
-                b3 = xorRotr(b3, ROTATION_6_1, b6);
-                b6 -= b3;
-                b5 = xorRotr(b5, ROTATION_6_2, b0);
-                b0 -= b5;
-                b7 = xorRotr(b7, ROTATION_6_3, b2);
-                b2 -= b7;
-
-                b1 = xorRotr(b1, ROTATION_5_0, b2);
-                b2 -= b1;
-                b7 = xorRotr(b7, ROTATION_5_1, b4);
-                b4 -= b7;
-                b5 = xorRotr(b5, ROTATION_5_2, b6);
-                b6 -= b5;
-                b3 = xorRotr(b3, ROTATION_5_3, b0);
-                b0 -= b3;
-
-                b1 = xorRotr(b1, ROTATION_4_0, b0);
-                b0 -= b1;
-                b3 = xorRotr(b3, ROTATION_4_1, b2);
-                b2 -= b3;
-                b5 = xorRotr(b5, ROTATION_4_2, b4);
-                b4 -= b5;
-                b7 = xorRotr(b7, ROTATION_4_3, b6);
-                b6 -= b7;
-
-                /* Reverse key injection for first 4 rounds */
-                b0 -= kw[dm9];
-                b1 -= kw[dm9 + 1];
-                b2 -= kw[dm9 + 2];
-                b3 -= kw[dm9 + 3];
-                b4 -= kw[dm9 + 4];
-                b5 -= kw[dm9 + 5] + t[dm3];
-                b6 -= kw[dm9 + 6] + t[dm3 + 1];
-                b7 -= kw[dm9 + 7] + d;
-
-                /* Reverse first 4 mix/permute rounds */
-                b1 = xorRotr(b1, ROTATION_3_0, b6);
-                b6 -= b1;
-                b7 = xorRotr(b7, ROTATION_3_1, b0);
-                b0 -= b7;
-                b5 = xorRotr(b5, ROTATION_3_2, b2);
-                b2 -= b5;
-                b3 = xorRotr(b3, ROTATION_3_3, b4);
-                b4 -= b3;
-
-                b1 = xorRotr(b1, ROTATION_2_0, b4);
-                b4 -= b1;
-                b3 = xorRotr(b3, ROTATION_2_1, b6);
-                b6 -= b3;
-                b5 = xorRotr(b5, ROTATION_2_2, b0);
-                b0 -= b5;
-                b7 = xorRotr(b7, ROTATION_2_3, b2);
-                b2 -= b7;
-
-                b1 = xorRotr(b1, ROTATION_1_0, b2);
-                b2 -= b1;
-                b7 = xorRotr(b7, ROTATION_1_1, b4);
-                b4 -= b7;
-                b5 = xorRotr(b5, ROTATION_1_2, b6);
-                b6 -= b5;
-                b3 = xorRotr(b3, ROTATION_1_3, b0);
-                b0 -= b3;
-
-                b1 = xorRotr(b1, ROTATION_0_0, b0);
-                b0 -= b1;
-                b3 = xorRotr(b3, ROTATION_0_1, b2);
-                b2 -= b3;
-                b5 = xorRotr(b5, ROTATION_0_2, b4);
-                b4 -= b5;
-                b7 = xorRotr(b7, ROTATION_0_3, b6);
-                b6 -= b7;
-            }
-
-            /*
-             * First subkey uninjection.
-             */
-            b0 -= kw[0];
-            b1 -= kw[1];
-            b2 -= kw[2];
-            b3 -= kw[3];
-            b4 -= kw[4];
-            b5 -= kw[5] + t[0];
-            b6 -= kw[6] + t[1];
-            b7 -= kw[7];
-
-            /*
-             * Output cipher state.
-             */
-            state[0] = b0;
-            state[1] = b1;
-            state[2] = b2;
-            state[3] = b3;
-            state[4] = b4;
-            state[5] = b5;
-            state[6] = b6;
-            state[7] = b7;
-        }
-    }
-
-    private static final class Threefish1024Cipher
-        extends ThreefishCipher
-    {
-        /**
-         * Mix rotation constants defined in Skein 1.3 specification
-         */
-        private static final int ROTATION_0_0 = 24, ROTATION_0_1 = 13, ROTATION_0_2 = 8, ROTATION_0_3 = 47;
-        private static final int ROTATION_0_4 = 8, ROTATION_0_5 = 17, ROTATION_0_6 = 22, ROTATION_0_7 = 37;
-        private static final int ROTATION_1_0 = 38, ROTATION_1_1 = 19, ROTATION_1_2 = 10, ROTATION_1_3 = 55;
-        private static final int ROTATION_1_4 = 49, ROTATION_1_5 = 18, ROTATION_1_6 = 23, ROTATION_1_7 = 52;
-        private static final int ROTATION_2_0 = 33, ROTATION_2_1 = 4, ROTATION_2_2 = 51, ROTATION_2_3 = 13;
-        private static final int ROTATION_2_4 = 34, ROTATION_2_5 = 41, ROTATION_2_6 = 59, ROTATION_2_7 = 17;
-        private static final int ROTATION_3_0 = 5, ROTATION_3_1 = 20, ROTATION_3_2 = 48, ROTATION_3_3 = 41;
-        private static final int ROTATION_3_4 = 47, ROTATION_3_5 = 28, ROTATION_3_6 = 16, ROTATION_3_7 = 25;
-
-        private static final int ROTATION_4_0 = 41, ROTATION_4_1 = 9, ROTATION_4_2 = 37, ROTATION_4_3 = 31;
-        private static final int ROTATION_4_4 = 12, ROTATION_4_5 = 47, ROTATION_4_6 = 44, ROTATION_4_7 = 30;
-        private static final int ROTATION_5_0 = 16, ROTATION_5_1 = 34, ROTATION_5_2 = 56, ROTATION_5_3 = 51;
-        private static final int ROTATION_5_4 = 4, ROTATION_5_5 = 53, ROTATION_5_6 = 42, ROTATION_5_7 = 41;
-        private static final int ROTATION_6_0 = 31, ROTATION_6_1 = 44, ROTATION_6_2 = 47, ROTATION_6_3 = 46;
-        private static final int ROTATION_6_4 = 19, ROTATION_6_5 = 42, ROTATION_6_6 = 44, ROTATION_6_7 = 25;
-        private static final int ROTATION_7_0 = 9, ROTATION_7_1 = 48, ROTATION_7_2 = 35, ROTATION_7_3 = 52;
-        private static final int ROTATION_7_4 = 23, ROTATION_7_5 = 31, ROTATION_7_6 = 37, ROTATION_7_7 = 20;
-
-        public Threefish1024Cipher(long[] kw, long[] t)
-        {
-            super(kw, t);
-        }
-
-        void encryptBlock(long[] block, long[] out)
-        {
-            final long[] kw = this.kw;
-            final long[] t = this.t;
-            final int[] mod17 = MOD17;
-            final int[] mod3 = MOD3;
-
-            /* Help the JIT avoid index bounds checks */
-            if (kw.length != 33)
-            {
-                throw new IllegalArgumentException();
-            }
-            if (t.length != 5)
-            {
-                throw new IllegalArgumentException();
-            }
-
-            /*
-             * Read 16 words of plaintext data, not using arrays for cipher state
-             */
-            long b0 = block[0];
-            long b1 = block[1];
-            long b2 = block[2];
-            long b3 = block[3];
-            long b4 = block[4];
-            long b5 = block[5];
-            long b6 = block[6];
-            long b7 = block[7];
-            long b8 = block[8];
-            long b9 = block[9];
-            long b10 = block[10];
-            long b11 = block[11];
-            long b12 = block[12];
-            long b13 = block[13];
-            long b14 = block[14];
-            long b15 = block[15];
-
-            /*
-             * First subkey injection.
-             */
-            b0 += kw[0];
-            b1 += kw[1];
-            b2 += kw[2];
-            b3 += kw[3];
-            b4 += kw[4];
-            b5 += kw[5];
-            b6 += kw[6];
-            b7 += kw[7];
-            b8 += kw[8];
-            b9 += kw[9];
-            b10 += kw[10];
-            b11 += kw[11];
-            b12 += kw[12];
-            b13 += kw[13] + t[0];
-            b14 += kw[14] + t[1];
-            b15 += kw[15];
-
-            /*
-             * Rounds loop, unrolled to 8 rounds per iteration.
-             * 
-             * Unrolling to multiples of 4 avoids the mod 4 check for key injection, and allows
-             * inlining of the permutations, which cycle every of 4 rounds (avoiding array
-             * index/lookup).
-             * 
-             * Unrolling to multiples of 8 avoids the mod 8 rotation constant lookup, and allows
-             * inlining constant rotation values (avoiding array index/lookup).
-             */
-
-            for (int d = 1; d < (ROUNDS_1024 / 4); d += 2)
-            {
-                final int dm17 = mod17[d];
-                final int dm3 = mod3[d];
-
-                /*
-                 * 4 rounds of mix and permute.
-                 * 
-                 * Permute schedule has a 4 round cycle, so permutes are inlined in the mix
-                 * operations in each 4 round block.
-                 */
-                b1 = rotlXor(b1, ROTATION_0_0, b0 += b1);
-                b3 = rotlXor(b3, ROTATION_0_1, b2 += b3);
-                b5 = rotlXor(b5, ROTATION_0_2, b4 += b5);
-                b7 = rotlXor(b7, ROTATION_0_3, b6 += b7);
-                b9 = rotlXor(b9, ROTATION_0_4, b8 += b9);
-                b11 = rotlXor(b11, ROTATION_0_5, b10 += b11);
-                b13 = rotlXor(b13, ROTATION_0_6, b12 += b13);
-                b15 = rotlXor(b15, ROTATION_0_7, b14 += b15);
-
-                b9 = rotlXor(b9, ROTATION_1_0, b0 += b9);
-                b13 = rotlXor(b13, ROTATION_1_1, b2 += b13);
-                b11 = rotlXor(b11, ROTATION_1_2, b6 += b11);
-                b15 = rotlXor(b15, ROTATION_1_3, b4 += b15);
-                b7 = rotlXor(b7, ROTATION_1_4, b10 += b7);
-                b3 = rotlXor(b3, ROTATION_1_5, b12 += b3);
-                b5 = rotlXor(b5, ROTATION_1_6, b14 += b5);
-                b1 = rotlXor(b1, ROTATION_1_7, b8 += b1);
-
-                b7 = rotlXor(b7, ROTATION_2_0, b0 += b7);
-                b5 = rotlXor(b5, ROTATION_2_1, b2 += b5);
-                b3 = rotlXor(b3, ROTATION_2_2, b4 += b3);
-                b1 = rotlXor(b1, ROTATION_2_3, b6 += b1);
-                b15 = rotlXor(b15, ROTATION_2_4, b12 += b15);
-                b13 = rotlXor(b13, ROTATION_2_5, b14 += b13);
-                b11 = rotlXor(b11, ROTATION_2_6, b8 += b11);
-                b9 = rotlXor(b9, ROTATION_2_7, b10 += b9);
-
-                b15 = rotlXor(b15, ROTATION_3_0, b0 += b15);
-                b11 = rotlXor(b11, ROTATION_3_1, b2 += b11);
-                b13 = rotlXor(b13, ROTATION_3_2, b6 += b13);
-                b9 = rotlXor(b9, ROTATION_3_3, b4 += b9);
-                b1 = rotlXor(b1, ROTATION_3_4, b14 += b1);
-                b5 = rotlXor(b5, ROTATION_3_5, b8 += b5);
-                b3 = rotlXor(b3, ROTATION_3_6, b10 += b3);
-                b7 = rotlXor(b7, ROTATION_3_7, b12 += b7);
-
-                /*
-                 * Subkey injection for first 4 rounds.
-                 */
-                b0 += kw[dm17];
-                b1 += kw[dm17 + 1];
-                b2 += kw[dm17 + 2];
-                b3 += kw[dm17 + 3];
-                b4 += kw[dm17 + 4];
-                b5 += kw[dm17 + 5];
-                b6 += kw[dm17 + 6];
-                b7 += kw[dm17 + 7];
-                b8 += kw[dm17 + 8];
-                b9 += kw[dm17 + 9];
-                b10 += kw[dm17 + 10];
-                b11 += kw[dm17 + 11];
-                b12 += kw[dm17 + 12];
-                b13 += kw[dm17 + 13] + t[dm3];
-                b14 += kw[dm17 + 14] + t[dm3 + 1];
-                b15 += kw[dm17 + 15] + d;
-
-                /*
-                 * 4 more rounds of mix/permute
-                 */
-                b1 = rotlXor(b1, ROTATION_4_0, b0 += b1);
-                b3 = rotlXor(b3, ROTATION_4_1, b2 += b3);
-                b5 = rotlXor(b5, ROTATION_4_2, b4 += b5);
-                b7 = rotlXor(b7, ROTATION_4_3, b6 += b7);
-                b9 = rotlXor(b9, ROTATION_4_4, b8 += b9);
-                b11 = rotlXor(b11, ROTATION_4_5, b10 += b11);
-                b13 = rotlXor(b13, ROTATION_4_6, b12 += b13);
-                b15 = rotlXor(b15, ROTATION_4_7, b14 += b15);
-
-                b9 = rotlXor(b9, ROTATION_5_0, b0 += b9);
-                b13 = rotlXor(b13, ROTATION_5_1, b2 += b13);
-                b11 = rotlXor(b11, ROTATION_5_2, b6 += b11);
-                b15 = rotlXor(b15, ROTATION_5_3, b4 += b15);
-                b7 = rotlXor(b7, ROTATION_5_4, b10 += b7);
-                b3 = rotlXor(b3, ROTATION_5_5, b12 += b3);
-                b5 = rotlXor(b5, ROTATION_5_6, b14 += b5);
-                b1 = rotlXor(b1, ROTATION_5_7, b8 += b1);
-
-                b7 = rotlXor(b7, ROTATION_6_0, b0 += b7);
-                b5 = rotlXor(b5, ROTATION_6_1, b2 += b5);
-                b3 = rotlXor(b3, ROTATION_6_2, b4 += b3);
-                b1 = rotlXor(b1, ROTATION_6_3, b6 += b1);
-                b15 = rotlXor(b15, ROTATION_6_4, b12 += b15);
-                b13 = rotlXor(b13, ROTATION_6_5, b14 += b13);
-                b11 = rotlXor(b11, ROTATION_6_6, b8 += b11);
-                b9 = rotlXor(b9, ROTATION_6_7, b10 += b9);
-
-                b15 = rotlXor(b15, ROTATION_7_0, b0 += b15);
-                b11 = rotlXor(b11, ROTATION_7_1, b2 += b11);
-                b13 = rotlXor(b13, ROTATION_7_2, b6 += b13);
-                b9 = rotlXor(b9, ROTATION_7_3, b4 += b9);
-                b1 = rotlXor(b1, ROTATION_7_4, b14 += b1);
-                b5 = rotlXor(b5, ROTATION_7_5, b8 += b5);
-                b3 = rotlXor(b3, ROTATION_7_6, b10 += b3);
-                b7 = rotlXor(b7, ROTATION_7_7, b12 += b7);
-
-                /*
-                 * Subkey injection for next 4 rounds.
-                 */
-                b0 += kw[dm17 + 1];
-                b1 += kw[dm17 + 2];
-                b2 += kw[dm17 + 3];
-                b3 += kw[dm17 + 4];
-                b4 += kw[dm17 + 5];
-                b5 += kw[dm17 + 6];
-                b6 += kw[dm17 + 7];
-                b7 += kw[dm17 + 8];
-                b8 += kw[dm17 + 9];
-                b9 += kw[dm17 + 10];
-                b10 += kw[dm17 + 11];
-                b11 += kw[dm17 + 12];
-                b12 += kw[dm17 + 13];
-                b13 += kw[dm17 + 14] + t[dm3 + 1];
-                b14 += kw[dm17 + 15] + t[dm3 + 2];
-                b15 += kw[dm17 + 16] + d + 1;
-
-            }
-
-            /*
-             * Output cipher state.
-             */
-            out[0] = b0;
-            out[1] = b1;
-            out[2] = b2;
-            out[3] = b3;
-            out[4] = b4;
-            out[5] = b5;
-            out[6] = b6;
-            out[7] = b7;
-            out[8] = b8;
-            out[9] = b9;
-            out[10] = b10;
-            out[11] = b11;
-            out[12] = b12;
-            out[13] = b13;
-            out[14] = b14;
-            out[15] = b15;
-        }
-
-        void decryptBlock(long[] block, long[] state)
-        {
-            final long[] kw = this.kw;
-            final long[] t = this.t;
-            final int[] mod17 = MOD17;
-            final int[] mod3 = MOD3;
-
-            /* Help the JIT avoid index bounds checks */
-            if (kw.length != 33)
-            {
-                throw new IllegalArgumentException();
-            }
-            if (t.length != 5)
-            {
-                throw new IllegalArgumentException();
-            }
-
-            long b0 = block[0];
-            long b1 = block[1];
-            long b2 = block[2];
-            long b3 = block[3];
-            long b4 = block[4];
-            long b5 = block[5];
-            long b6 = block[6];
-            long b7 = block[7];
-            long b8 = block[8];
-            long b9 = block[9];
-            long b10 = block[10];
-            long b11 = block[11];
-            long b12 = block[12];
-            long b13 = block[13];
-            long b14 = block[14];
-            long b15 = block[15];
-
-            for (int d = (ROUNDS_1024 / 4) - 1; d >= 1; d -= 2)
-            {
-                final int dm17 = mod17[d];
-                final int dm3 = mod3[d];
-
-                /* Reverse key injection for second 4 rounds */
-                b0 -= kw[dm17 + 1];
-                b1 -= kw[dm17 + 2];
-                b2 -= kw[dm17 + 3];
-                b3 -= kw[dm17 + 4];
-                b4 -= kw[dm17 + 5];
-                b5 -= kw[dm17 + 6];
-                b6 -= kw[dm17 + 7];
-                b7 -= kw[dm17 + 8];
-                b8 -= kw[dm17 + 9];
-                b9 -= kw[dm17 + 10];
-                b10 -= kw[dm17 + 11];
-                b11 -= kw[dm17 + 12];
-                b12 -= kw[dm17 + 13];
-                b13 -= kw[dm17 + 14] + t[dm3 + 1];
-                b14 -= kw[dm17 + 15] + t[dm3 + 2];
-                b15 -= kw[dm17 + 16] + d + 1;
-
-                /* Reverse second 4 mix/permute rounds */
-                b15 = xorRotr(b15, ROTATION_7_0, b0);
-                b0 -= b15;
-                b11 = xorRotr(b11, ROTATION_7_1, b2);
-                b2 -= b11;
-                b13 = xorRotr(b13, ROTATION_7_2, b6);
-                b6 -= b13;
-                b9 = xorRotr(b9, ROTATION_7_3, b4);
-                b4 -= b9;
-                b1 = xorRotr(b1, ROTATION_7_4, b14);
-                b14 -= b1;
-                b5 = xorRotr(b5, ROTATION_7_5, b8);
-                b8 -= b5;
-                b3 = xorRotr(b3, ROTATION_7_6, b10);
-                b10 -= b3;
-                b7 = xorRotr(b7, ROTATION_7_7, b12);
-                b12 -= b7;
-
-                b7 = xorRotr(b7, ROTATION_6_0, b0);
-                b0 -= b7;
-                b5 = xorRotr(b5, ROTATION_6_1, b2);
-                b2 -= b5;
-                b3 = xorRotr(b3, ROTATION_6_2, b4);
-                b4 -= b3;
-                b1 = xorRotr(b1, ROTATION_6_3, b6);
-                b6 -= b1;
-                b15 = xorRotr(b15, ROTATION_6_4, b12);
-                b12 -= b15;
-                b13 = xorRotr(b13, ROTATION_6_5, b14);
-                b14 -= b13;
-                b11 = xorRotr(b11, ROTATION_6_6, b8);
-                b8 -= b11;
-                b9 = xorRotr(b9, ROTATION_6_7, b10);
-                b10 -= b9;
-
-                b9 = xorRotr(b9, ROTATION_5_0, b0);
-                b0 -= b9;
-                b13 = xorRotr(b13, ROTATION_5_1, b2);
-                b2 -= b13;
-                b11 = xorRotr(b11, ROTATION_5_2, b6);
-                b6 -= b11;
-                b15 = xorRotr(b15, ROTATION_5_3, b4);
-                b4 -= b15;
-                b7 = xorRotr(b7, ROTATION_5_4, b10);
-                b10 -= b7;
-                b3 = xorRotr(b3, ROTATION_5_5, b12);
-                b12 -= b3;
-                b5 = xorRotr(b5, ROTATION_5_6, b14);
-                b14 -= b5;
-                b1 = xorRotr(b1, ROTATION_5_7, b8);
-                b8 -= b1;
-
-                b1 = xorRotr(b1, ROTATION_4_0, b0);
-                b0 -= b1;
-                b3 = xorRotr(b3, ROTATION_4_1, b2);
-                b2 -= b3;
-                b5 = xorRotr(b5, ROTATION_4_2, b4);
-                b4 -= b5;
-                b7 = xorRotr(b7, ROTATION_4_3, b6);
-                b6 -= b7;
-                b9 = xorRotr(b9, ROTATION_4_4, b8);
-                b8 -= b9;
-                b11 = xorRotr(b11, ROTATION_4_5, b10);
-                b10 -= b11;
-                b13 = xorRotr(b13, ROTATION_4_6, b12);
-                b12 -= b13;
-                b15 = xorRotr(b15, ROTATION_4_7, b14);
-                b14 -= b15;
-
-                /* Reverse key injection for first 4 rounds */
-                b0 -= kw[dm17];
-                b1 -= kw[dm17 + 1];
-                b2 -= kw[dm17 + 2];
-                b3 -= kw[dm17 + 3];
-                b4 -= kw[dm17 + 4];
-                b5 -= kw[dm17 + 5];
-                b6 -= kw[dm17 + 6];
-                b7 -= kw[dm17 + 7];
-                b8 -= kw[dm17 + 8];
-                b9 -= kw[dm17 + 9];
-                b10 -= kw[dm17 + 10];
-                b11 -= kw[dm17 + 11];
-                b12 -= kw[dm17 + 12];
-                b13 -= kw[dm17 + 13] + t[dm3];
-                b14 -= kw[dm17 + 14] + t[dm3 + 1];
-                b15 -= kw[dm17 + 15] + d;
-
-                /* Reverse first 4 mix/permute rounds */
-                b15 = xorRotr(b15, ROTATION_3_0, b0);
-                b0 -= b15;
-                b11 = xorRotr(b11, ROTATION_3_1, b2);
-                b2 -= b11;
-                b13 = xorRotr(b13, ROTATION_3_2, b6);
-                b6 -= b13;
-                b9 = xorRotr(b9, ROTATION_3_3, b4);
-                b4 -= b9;
-                b1 = xorRotr(b1, ROTATION_3_4, b14);
-                b14 -= b1;
-                b5 = xorRotr(b5, ROTATION_3_5, b8);
-                b8 -= b5;
-                b3 = xorRotr(b3, ROTATION_3_6, b10);
-                b10 -= b3;
-                b7 = xorRotr(b7, ROTATION_3_7, b12);
-                b12 -= b7;
-
-                b7 = xorRotr(b7, ROTATION_2_0, b0);
-                b0 -= b7;
-                b5 = xorRotr(b5, ROTATION_2_1, b2);
-                b2 -= b5;
-                b3 = xorRotr(b3, ROTATION_2_2, b4);
-                b4 -= b3;
-                b1 = xorRotr(b1, ROTATION_2_3, b6);
-                b6 -= b1;
-                b15 = xorRotr(b15, ROTATION_2_4, b12);
-                b12 -= b15;
-                b13 = xorRotr(b13, ROTATION_2_5, b14);
-                b14 -= b13;
-                b11 = xorRotr(b11, ROTATION_2_6, b8);
-                b8 -= b11;
-                b9 = xorRotr(b9, ROTATION_2_7, b10);
-                b10 -= b9;
-
-                b9 = xorRotr(b9, ROTATION_1_0, b0);
-                b0 -= b9;
-                b13 = xorRotr(b13, ROTATION_1_1, b2);
-                b2 -= b13;
-                b11 = xorRotr(b11, ROTATION_1_2, b6);
-                b6 -= b11;
-                b15 = xorRotr(b15, ROTATION_1_3, b4);
-                b4 -= b15;
-                b7 = xorRotr(b7, ROTATION_1_4, b10);
-                b10 -= b7;
-                b3 = xorRotr(b3, ROTATION_1_5, b12);
-                b12 -= b3;
-                b5 = xorRotr(b5, ROTATION_1_6, b14);
-                b14 -= b5;
-                b1 = xorRotr(b1, ROTATION_1_7, b8);
-                b8 -= b1;
-
-                b1 = xorRotr(b1, ROTATION_0_0, b0);
-                b0 -= b1;
-                b3 = xorRotr(b3, ROTATION_0_1, b2);
-                b2 -= b3;
-                b5 = xorRotr(b5, ROTATION_0_2, b4);
-                b4 -= b5;
-                b7 = xorRotr(b7, ROTATION_0_3, b6);
-                b6 -= b7;
-                b9 = xorRotr(b9, ROTATION_0_4, b8);
-                b8 -= b9;
-                b11 = xorRotr(b11, ROTATION_0_5, b10);
-                b10 -= b11;
-                b13 = xorRotr(b13, ROTATION_0_6, b12);
-                b12 -= b13;
-                b15 = xorRotr(b15, ROTATION_0_7, b14);
-                b14 -= b15;
-            }
-
-            /*
-             * First subkey uninjection.
-             */
-            b0 -= kw[0];
-            b1 -= kw[1];
-            b2 -= kw[2];
-            b3 -= kw[3];
-            b4 -= kw[4];
-            b5 -= kw[5];
-            b6 -= kw[6];
-            b7 -= kw[7];
-            b8 -= kw[8];
-            b9 -= kw[9];
-            b10 -= kw[10];
-            b11 -= kw[11];
-            b12 -= kw[12];
-            b13 -= kw[13] + t[0];
-            b14 -= kw[14] + t[1];
-            b15 -= kw[15];
-
-            /*
-             * Output cipher state.
-             */
-            state[0] = b0;
-            state[1] = b1;
-            state[2] = b2;
-            state[3] = b3;
-            state[4] = b4;
-            state[5] = b5;
-            state[6] = b6;
-            state[7] = b7;
-            state[8] = b8;
-            state[9] = b9;
-            state[10] = b10;
-            state[11] = b11;
-            state[12] = b12;
-            state[13] = b13;
-            state[14] = b14;
-            state[15] = b15;
-        }
-
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/TnepresEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/TnepresEngine.java
deleted file mode 100644
index a34e016..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/TnepresEngine.java
+++ /dev/null

@@ -1,303 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.util.Pack;
-
-/**
- * Tnepres is a 128-bit 32-round block cipher with variable key lengths,
- * including 128, 192 and 256 bit keys conjectured to be at least as
- * secure as three-key triple-DES.
- * <p>
- * Tnepres is based on Serpent which was designed by Ross Anderson, Eli Biham and Lars Knudsen as a
- * candidate algorithm for the NIST AES Quest. Unfortunately there was an endianness issue
- * with test vectors in the AES submission and the resulting confusion lead to the Tnepres cipher
- * as well, which is a byte swapped version of Serpent.
- * <p>
- * For full details see <a href="http://www.cl.cam.ac.uk/~rja14/serpent.html">The Serpent home page</a>
- */
-public final class TnepresEngine
-    extends SerpentEngineBase
-{
-    public String getAlgorithmName()
-    {
-        return "Tnepres";
-    }
-
-    /**
-     * Expand a user-supplied key material into a session key.
-     *
-     * @param key  The user-key bytes (multiples of 4) to use.
-     * @exception IllegalArgumentException
-     */
-    protected int[] makeWorkingKey(
-        byte[] key)
-    throws  IllegalArgumentException
-    {
-        //
-        // pad key to 256 bits
-        //
-        int[]   kPad = new int[16];
-        int     off = 0;
-        int     length = 0;
-
-        for (off = key.length - 4; off > 0; off -= 4)
-        {
-            kPad[length++] = Pack.bigEndianToInt(key, off);
-        }
-
-        if (off == 0)
-        {
-            kPad[length++] = Pack.bigEndianToInt(key, 0);
-            if (length < 8)
-            {
-                kPad[length] = 1;
-            }
-        }
-        else
-        {
-            throw new IllegalArgumentException("key must be a multiple of 4 bytes");
-        }
-
-        //
-        // expand the padded key up to 33 x 128 bits of key material
-        //
-        int     amount = (ROUNDS + 1) * 4;
-        int[]   w = new int[amount];
-
-        //
-        // compute w0 to w7 from w-8 to w-1
-        //
-        for (int i = 8; i < 16; i++)
-        {
-            kPad[i] = rotateLeft(kPad[i - 8] ^ kPad[i - 5] ^ kPad[i - 3] ^ kPad[i - 1] ^ PHI ^ (i - 8), 11);
-        }
-
-        System.arraycopy(kPad, 8, w, 0, 8);
-
-        //
-        // compute w8 to w136
-        //
-        for (int i = 8; i < amount; i++)
-        {
-            w[i] = rotateLeft(w[i - 8] ^ w[i - 5] ^ w[i - 3] ^ w[i - 1] ^ PHI ^ i, 11);
-        }
-
-        //
-        // create the working keys by processing w with the Sbox and IP
-        //
-        sb3(w[0], w[1], w[2], w[3]);
-        w[0] = X0; w[1] = X1; w[2] = X2; w[3] = X3; 
-        sb2(w[4], w[5], w[6], w[7]);
-        w[4] = X0; w[5] = X1; w[6] = X2; w[7] = X3; 
-        sb1(w[8], w[9], w[10], w[11]);
-        w[8] = X0; w[9] = X1; w[10] = X2; w[11] = X3; 
-        sb0(w[12], w[13], w[14], w[15]);
-        w[12] = X0; w[13] = X1; w[14] = X2; w[15] = X3; 
-        sb7(w[16], w[17], w[18], w[19]);
-        w[16] = X0; w[17] = X1; w[18] = X2; w[19] = X3; 
-        sb6(w[20], w[21], w[22], w[23]);
-        w[20] = X0; w[21] = X1; w[22] = X2; w[23] = X3; 
-        sb5(w[24], w[25], w[26], w[27]);
-        w[24] = X0; w[25] = X1; w[26] = X2; w[27] = X3; 
-        sb4(w[28], w[29], w[30], w[31]);
-        w[28] = X0; w[29] = X1; w[30] = X2; w[31] = X3; 
-        sb3(w[32], w[33], w[34], w[35]);
-        w[32] = X0; w[33] = X1; w[34] = X2; w[35] = X3; 
-        sb2(w[36], w[37], w[38], w[39]);
-        w[36] = X0; w[37] = X1; w[38] = X2; w[39] = X3; 
-        sb1(w[40], w[41], w[42], w[43]);
-        w[40] = X0; w[41] = X1; w[42] = X2; w[43] = X3; 
-        sb0(w[44], w[45], w[46], w[47]);
-        w[44] = X0; w[45] = X1; w[46] = X2; w[47] = X3; 
-        sb7(w[48], w[49], w[50], w[51]);
-        w[48] = X0; w[49] = X1; w[50] = X2; w[51] = X3; 
-        sb6(w[52], w[53], w[54], w[55]);
-        w[52] = X0; w[53] = X1; w[54] = X2; w[55] = X3; 
-        sb5(w[56], w[57], w[58], w[59]);
-        w[56] = X0; w[57] = X1; w[58] = X2; w[59] = X3; 
-        sb4(w[60], w[61], w[62], w[63]);
-        w[60] = X0; w[61] = X1; w[62] = X2; w[63] = X3; 
-        sb3(w[64], w[65], w[66], w[67]);
-        w[64] = X0; w[65] = X1; w[66] = X2; w[67] = X3; 
-        sb2(w[68], w[69], w[70], w[71]);
-        w[68] = X0; w[69] = X1; w[70] = X2; w[71] = X3; 
-        sb1(w[72], w[73], w[74], w[75]);
-        w[72] = X0; w[73] = X1; w[74] = X2; w[75] = X3; 
-        sb0(w[76], w[77], w[78], w[79]);
-        w[76] = X0; w[77] = X1; w[78] = X2; w[79] = X3; 
-        sb7(w[80], w[81], w[82], w[83]);
-        w[80] = X0; w[81] = X1; w[82] = X2; w[83] = X3; 
-        sb6(w[84], w[85], w[86], w[87]);
-        w[84] = X0; w[85] = X1; w[86] = X2; w[87] = X3; 
-        sb5(w[88], w[89], w[90], w[91]);
-        w[88] = X0; w[89] = X1; w[90] = X2; w[91] = X3; 
-        sb4(w[92], w[93], w[94], w[95]);
-        w[92] = X0; w[93] = X1; w[94] = X2; w[95] = X3; 
-        sb3(w[96], w[97], w[98], w[99]);
-        w[96] = X0; w[97] = X1; w[98] = X2; w[99] = X3; 
-        sb2(w[100], w[101], w[102], w[103]);
-        w[100] = X0; w[101] = X1; w[102] = X2; w[103] = X3; 
-        sb1(w[104], w[105], w[106], w[107]);
-        w[104] = X0; w[105] = X1; w[106] = X2; w[107] = X3; 
-        sb0(w[108], w[109], w[110], w[111]);
-        w[108] = X0; w[109] = X1; w[110] = X2; w[111] = X3; 
-        sb7(w[112], w[113], w[114], w[115]);
-        w[112] = X0; w[113] = X1; w[114] = X2; w[115] = X3; 
-        sb6(w[116], w[117], w[118], w[119]);
-        w[116] = X0; w[117] = X1; w[118] = X2; w[119] = X3; 
-        sb5(w[120], w[121], w[122], w[123]);
-        w[120] = X0; w[121] = X1; w[122] = X2; w[123] = X3; 
-        sb4(w[124], w[125], w[126], w[127]);
-        w[124] = X0; w[125] = X1; w[126] = X2; w[127] = X3; 
-        sb3(w[128], w[129], w[130], w[131]);
-        w[128] = X0; w[129] = X1; w[130] = X2; w[131] = X3; 
-
-        return w;
-    }
-
-    /**
-     * Encrypt one block of plaintext.
-     *
-     * @param input the array containing the input data.
-     * @param inOff offset into the in array the data starts at.
-     * @param output the array the output data will be copied into.
-     * @param outOff the offset into the out array the output will start at.
-     */
-    protected void encryptBlock(
-        byte[]  input,
-        int     inOff,
-        byte[]  output,
-        int     outOff)
-    {
-        X3 = Pack.bigEndianToInt(input, inOff);
-        X2 = Pack.bigEndianToInt(input, inOff + 4);
-        X1 = Pack.bigEndianToInt(input, inOff + 8);
-        X0 = Pack.bigEndianToInt(input, inOff + 12);
-
-        sb0(wKey[0] ^ X0, wKey[1] ^ X1, wKey[2] ^ X2, wKey[3] ^ X3); LT();
-        sb1(wKey[4] ^ X0, wKey[5] ^ X1, wKey[6] ^ X2, wKey[7] ^ X3); LT();
-        sb2(wKey[8] ^ X0, wKey[9] ^ X1, wKey[10] ^ X2, wKey[11] ^ X3); LT();
-        sb3(wKey[12] ^ X0, wKey[13] ^ X1, wKey[14] ^ X2, wKey[15] ^ X3); LT();
-        sb4(wKey[16] ^ X0, wKey[17] ^ X1, wKey[18] ^ X2, wKey[19] ^ X3); LT();
-        sb5(wKey[20] ^ X0, wKey[21] ^ X1, wKey[22] ^ X2, wKey[23] ^ X3); LT();
-        sb6(wKey[24] ^ X0, wKey[25] ^ X1, wKey[26] ^ X2, wKey[27] ^ X3); LT();
-        sb7(wKey[28] ^ X0, wKey[29] ^ X1, wKey[30] ^ X2, wKey[31] ^ X3); LT();
-        sb0(wKey[32] ^ X0, wKey[33] ^ X1, wKey[34] ^ X2, wKey[35] ^ X3); LT();
-        sb1(wKey[36] ^ X0, wKey[37] ^ X1, wKey[38] ^ X2, wKey[39] ^ X3); LT();
-        sb2(wKey[40] ^ X0, wKey[41] ^ X1, wKey[42] ^ X2, wKey[43] ^ X3); LT();
-        sb3(wKey[44] ^ X0, wKey[45] ^ X1, wKey[46] ^ X2, wKey[47] ^ X3); LT();
-        sb4(wKey[48] ^ X0, wKey[49] ^ X1, wKey[50] ^ X2, wKey[51] ^ X3); LT();
-        sb5(wKey[52] ^ X0, wKey[53] ^ X1, wKey[54] ^ X2, wKey[55] ^ X3); LT();
-        sb6(wKey[56] ^ X0, wKey[57] ^ X1, wKey[58] ^ X2, wKey[59] ^ X3); LT();
-        sb7(wKey[60] ^ X0, wKey[61] ^ X1, wKey[62] ^ X2, wKey[63] ^ X3); LT();
-        sb0(wKey[64] ^ X0, wKey[65] ^ X1, wKey[66] ^ X2, wKey[67] ^ X3); LT();
-        sb1(wKey[68] ^ X0, wKey[69] ^ X1, wKey[70] ^ X2, wKey[71] ^ X3); LT();
-        sb2(wKey[72] ^ X0, wKey[73] ^ X1, wKey[74] ^ X2, wKey[75] ^ X3); LT();
-        sb3(wKey[76] ^ X0, wKey[77] ^ X1, wKey[78] ^ X2, wKey[79] ^ X3); LT();
-        sb4(wKey[80] ^ X0, wKey[81] ^ X1, wKey[82] ^ X2, wKey[83] ^ X3); LT();
-        sb5(wKey[84] ^ X0, wKey[85] ^ X1, wKey[86] ^ X2, wKey[87] ^ X3); LT();
-        sb6(wKey[88] ^ X0, wKey[89] ^ X1, wKey[90] ^ X2, wKey[91] ^ X3); LT();
-        sb7(wKey[92] ^ X0, wKey[93] ^ X1, wKey[94] ^ X2, wKey[95] ^ X3); LT();
-        sb0(wKey[96] ^ X0, wKey[97] ^ X1, wKey[98] ^ X2, wKey[99] ^ X3); LT();
-        sb1(wKey[100] ^ X0, wKey[101] ^ X1, wKey[102] ^ X2, wKey[103] ^ X3); LT();
-        sb2(wKey[104] ^ X0, wKey[105] ^ X1, wKey[106] ^ X2, wKey[107] ^ X3); LT();
-        sb3(wKey[108] ^ X0, wKey[109] ^ X1, wKey[110] ^ X2, wKey[111] ^ X3); LT();
-        sb4(wKey[112] ^ X0, wKey[113] ^ X1, wKey[114] ^ X2, wKey[115] ^ X3); LT();
-        sb5(wKey[116] ^ X0, wKey[117] ^ X1, wKey[118] ^ X2, wKey[119] ^ X3); LT();
-        sb6(wKey[120] ^ X0, wKey[121] ^ X1, wKey[122] ^ X2, wKey[123] ^ X3); LT();
-        sb7(wKey[124] ^ X0, wKey[125] ^ X1, wKey[126] ^ X2, wKey[127] ^ X3);
-
-        Pack.intToBigEndian(wKey[131] ^ X3, output, outOff);
-        Pack.intToBigEndian(wKey[130] ^ X2, output, outOff + 4);
-        Pack.intToBigEndian(wKey[129] ^ X1, output, outOff + 8);
-        Pack.intToBigEndian(wKey[128] ^ X0, output, outOff + 12);
-    }
-
-    /**
-     * Decrypt one block of ciphertext.
-     *
-     * @param input the array containing the input data.
-     * @param inOff offset into the in array the data starts at.
-     * @param output the array the output data will be copied into.
-     * @param outOff the offset into the out array the output will start at.
-     */
-    protected void decryptBlock(
-        byte[]  input,
-        int     inOff,
-        byte[]  output,
-        int     outOff)
-    {
-        X3 = wKey[131] ^ Pack.bigEndianToInt(input, inOff);
-        X2 = wKey[130] ^ Pack.bigEndianToInt(input, inOff + 4);
-        X1 = wKey[129] ^ Pack.bigEndianToInt(input, inOff + 8);
-        X0 = wKey[128] ^ Pack.bigEndianToInt(input, inOff + 12);
-
-        ib7(X0, X1, X2, X3);
-        X0 ^= wKey[124]; X1 ^= wKey[125]; X2 ^= wKey[126]; X3 ^= wKey[127];
-        inverseLT(); ib6(X0, X1, X2, X3);
-        X0 ^= wKey[120]; X1 ^= wKey[121]; X2 ^= wKey[122]; X3 ^= wKey[123];
-        inverseLT(); ib5(X0, X1, X2, X3);
-        X0 ^= wKey[116]; X1 ^= wKey[117]; X2 ^= wKey[118]; X3 ^= wKey[119];
-        inverseLT(); ib4(X0, X1, X2, X3);
-        X0 ^= wKey[112]; X1 ^= wKey[113]; X2 ^= wKey[114]; X3 ^= wKey[115];
-        inverseLT(); ib3(X0, X1, X2, X3);
-        X0 ^= wKey[108]; X1 ^= wKey[109]; X2 ^= wKey[110]; X3 ^= wKey[111];
-        inverseLT(); ib2(X0, X1, X2, X3);
-        X0 ^= wKey[104]; X1 ^= wKey[105]; X2 ^= wKey[106]; X3 ^= wKey[107];
-        inverseLT(); ib1(X0, X1, X2, X3);
-        X0 ^= wKey[100]; X1 ^= wKey[101]; X2 ^= wKey[102]; X3 ^= wKey[103];
-        inverseLT(); ib0(X0, X1, X2, X3);
-        X0 ^= wKey[96]; X1 ^= wKey[97]; X2 ^= wKey[98]; X3 ^= wKey[99];
-        inverseLT(); ib7(X0, X1, X2, X3);
-        X0 ^= wKey[92]; X1 ^= wKey[93]; X2 ^= wKey[94]; X3 ^= wKey[95];
-        inverseLT(); ib6(X0, X1, X2, X3);
-        X0 ^= wKey[88]; X1 ^= wKey[89]; X2 ^= wKey[90]; X3 ^= wKey[91];
-        inverseLT(); ib5(X0, X1, X2, X3);
-        X0 ^= wKey[84]; X1 ^= wKey[85]; X2 ^= wKey[86]; X3 ^= wKey[87];
-        inverseLT(); ib4(X0, X1, X2, X3);
-        X0 ^= wKey[80]; X1 ^= wKey[81]; X2 ^= wKey[82]; X3 ^= wKey[83];
-        inverseLT(); ib3(X0, X1, X2, X3);
-        X0 ^= wKey[76]; X1 ^= wKey[77]; X2 ^= wKey[78]; X3 ^= wKey[79];
-        inverseLT(); ib2(X0, X1, X2, X3);
-        X0 ^= wKey[72]; X1 ^= wKey[73]; X2 ^= wKey[74]; X3 ^= wKey[75];
-        inverseLT(); ib1(X0, X1, X2, X3);
-        X0 ^= wKey[68]; X1 ^= wKey[69]; X2 ^= wKey[70]; X3 ^= wKey[71];
-        inverseLT(); ib0(X0, X1, X2, X3);
-        X0 ^= wKey[64]; X1 ^= wKey[65]; X2 ^= wKey[66]; X3 ^= wKey[67];
-        inverseLT(); ib7(X0, X1, X2, X3);
-        X0 ^= wKey[60]; X1 ^= wKey[61]; X2 ^= wKey[62]; X3 ^= wKey[63];
-        inverseLT(); ib6(X0, X1, X2, X3);
-        X0 ^= wKey[56]; X1 ^= wKey[57]; X2 ^= wKey[58]; X3 ^= wKey[59];
-        inverseLT(); ib5(X0, X1, X2, X3);
-        X0 ^= wKey[52]; X1 ^= wKey[53]; X2 ^= wKey[54]; X3 ^= wKey[55];
-        inverseLT(); ib4(X0, X1, X2, X3);
-        X0 ^= wKey[48]; X1 ^= wKey[49]; X2 ^= wKey[50]; X3 ^= wKey[51];
-        inverseLT(); ib3(X0, X1, X2, X3);
-        X0 ^= wKey[44]; X1 ^= wKey[45]; X2 ^= wKey[46]; X3 ^= wKey[47];
-        inverseLT(); ib2(X0, X1, X2, X3);
-        X0 ^= wKey[40]; X1 ^= wKey[41]; X2 ^= wKey[42]; X3 ^= wKey[43];
-        inverseLT(); ib1(X0, X1, X2, X3);
-        X0 ^= wKey[36]; X1 ^= wKey[37]; X2 ^= wKey[38]; X3 ^= wKey[39];
-        inverseLT(); ib0(X0, X1, X2, X3);
-        X0 ^= wKey[32]; X1 ^= wKey[33]; X2 ^= wKey[34]; X3 ^= wKey[35];
-        inverseLT(); ib7(X0, X1, X2, X3);
-        X0 ^= wKey[28]; X1 ^= wKey[29]; X2 ^= wKey[30]; X3 ^= wKey[31];
-        inverseLT(); ib6(X0, X1, X2, X3);
-        X0 ^= wKey[24]; X1 ^= wKey[25]; X2 ^= wKey[26]; X3 ^= wKey[27];
-        inverseLT(); ib5(X0, X1, X2, X3);
-        X0 ^= wKey[20]; X1 ^= wKey[21]; X2 ^= wKey[22]; X3 ^= wKey[23];
-        inverseLT(); ib4(X0, X1, X2, X3);
-        X0 ^= wKey[16]; X1 ^= wKey[17]; X2 ^= wKey[18]; X3 ^= wKey[19];
-        inverseLT(); ib3(X0, X1, X2, X3);
-        X0 ^= wKey[12]; X1 ^= wKey[13]; X2 ^= wKey[14]; X3 ^= wKey[15];
-        inverseLT(); ib2(X0, X1, X2, X3);
-        X0 ^= wKey[8]; X1 ^= wKey[9]; X2 ^= wKey[10]; X3 ^= wKey[11];
-        inverseLT(); ib1(X0, X1, X2, X3);
-        X0 ^= wKey[4]; X1 ^= wKey[5]; X2 ^= wKey[6]; X3 ^= wKey[7];
-        inverseLT(); ib0(X0, X1, X2, X3);
-
-        Pack.intToBigEndian(X3 ^ wKey[3], output, outOff);
-        Pack.intToBigEndian(X2 ^ wKey[2], output, outOff + 4);
-        Pack.intToBigEndian(X1 ^ wKey[1], output, outOff + 8);
-        Pack.intToBigEndian(X0 ^ wKey[0], output, outOff + 12);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/VMPCEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/VMPCEngine.java
deleted file mode 100644
index 364c5d8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/VMPCEngine.java
+++ /dev/null

@@ -1,142 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.StreamCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-
-public class VMPCEngine implements StreamCipher
-{
-    /*
-     * variables to hold the state of the VMPC engine during encryption and
-     * decryption
-     */
-    protected byte n = 0;
-    protected byte[] P = null;
-    protected byte s = 0;
-
-    protected byte[] workingIV;
-    protected byte[] workingKey;
-
-    public String getAlgorithmName()
-    {
-        return "VMPC";
-    }
-
-    /**
-     * initialise a VMPC cipher.
-     * 
-     * @param forEncryption
-     *    whether or not we are for encryption.
-     * @param params
-     *    the parameters required to set up the cipher.
-     * @exception IllegalArgumentException
-     *    if the params argument is inappropriate.
-     */
-    public void init(boolean forEncryption, CipherParameters params)
-    {
-        if (!(params instanceof ParametersWithIV))
-        {
-            throw new IllegalArgumentException(
-                "VMPC init parameters must include an IV");
-        }
-
-        ParametersWithIV ivParams = (ParametersWithIV) params;
-
-        if (!(ivParams.getParameters() instanceof KeyParameter))
-        {
-            throw new IllegalArgumentException(
-                "VMPC init parameters must include a key");
-        }
-
-        KeyParameter key = (KeyParameter) ivParams.getParameters();
-
-        this.workingIV = ivParams.getIV();
-
-        if (workingIV == null || workingIV.length < 1 || workingIV.length > 768)
-        {
-            throw new IllegalArgumentException("VMPC requires 1 to 768 bytes of IV");
-        }
-
-        this.workingKey = key.getKey();
-
-        initKey(this.workingKey, this.workingIV);
-    }
-
-    protected void initKey(byte[] keyBytes, byte[] ivBytes)
-    {
-        s = 0;
-        P = new byte[256];
-        for (int i = 0; i < 256; i++)
-        {
-            P[i] = (byte) i;
-        }
-
-        for (int m = 0; m < 768; m++)
-        {
-            s = P[(s + P[m & 0xff] + keyBytes[m % keyBytes.length]) & 0xff];
-            byte temp = P[m & 0xff];
-            P[m & 0xff] = P[s & 0xff];
-            P[s & 0xff] = temp;
-        }
-        for (int m = 0; m < 768; m++)
-        {
-            s = P[(s + P[m & 0xff] + ivBytes[m % ivBytes.length]) & 0xff];
-            byte temp = P[m & 0xff];
-            P[m & 0xff] = P[s & 0xff];
-            P[s & 0xff] = temp;
-        }
-        n = 0;
-    }
-
-    public int processBytes(byte[] in, int inOff, int len, byte[] out,
-        int outOff)
-    {
-        if ((inOff + len) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-
-        if ((outOff + len) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-
-        for (int i = 0; i < len; i++)
-        {
-            s = P[(s + P[n & 0xff]) & 0xff];
-            byte z = P[(P[(P[s & 0xff]) & 0xff] + 1) & 0xff];
-            // encryption
-            byte temp = P[n & 0xff];
-            P[n & 0xff] = P[s & 0xff];
-            P[s & 0xff] = temp;
-            n = (byte) ((n + 1) & 0xff);
-
-            // xor
-            out[i + outOff] = (byte) (in[i + inOff] ^ z);
-        }
-
-        return len;
-    }
-
-    public void reset()
-    {
-        initKey(this.workingKey, this.workingIV);
-    }
-
-    public byte returnByte(byte in)
-    {
-        s = P[(s + P[n & 0xff]) & 0xff];
-        byte z = P[(P[(P[s & 0xff]) & 0xff] + 1) & 0xff];
-        // encryption
-        byte temp = P[n & 0xff];
-        P[n & 0xff] = P[s & 0xff];
-        P[s & 0xff] = temp;
-        n = (byte) ((n + 1) & 0xff);
-
-        // xor
-        return (byte) (in ^ z);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/VMPCKSA3Engine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/VMPCKSA3Engine.java
deleted file mode 100644
index 9e40272..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/VMPCKSA3Engine.java
+++ /dev/null

@@ -1,45 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-public class VMPCKSA3Engine extends VMPCEngine
-{
-    public String getAlgorithmName()
-    {
-        return "VMPC-KSA3";
-    }
-
-    protected void initKey(byte[] keyBytes, byte[] ivBytes)
-    {
-        s = 0;
-        P = new byte[256];
-        for (int i = 0; i < 256; i++)
-        {
-            P[i] = (byte) i;
-        }
-
-        for (int m = 0; m < 768; m++)
-        {
-            s = P[(s + P[m & 0xff] + keyBytes[m % keyBytes.length]) & 0xff];
-            byte temp = P[m & 0xff];
-            P[m & 0xff] = P[s & 0xff];
-            P[s & 0xff] = temp;
-        }
-
-        for (int m = 0; m < 768; m++)
-        {
-            s = P[(s + P[m & 0xff] + ivBytes[m % ivBytes.length]) & 0xff];
-            byte temp = P[m & 0xff];
-            P[m & 0xff] = P[s & 0xff];
-            P[s & 0xff] = temp;
-        }
-
-        for (int m = 0; m < 768; m++)
-        {
-            s = P[(s + P[m & 0xff] + keyBytes[m % keyBytes.length]) & 0xff];
-            byte temp = P[m & 0xff];
-            P[m & 0xff] = P[s & 0xff];
-            P[s & 0xff] = temp;
-        }
-
-        n = 0;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/XSalsa20Engine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/XSalsa20Engine.java
deleted file mode 100644
index 4b0a5ed..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/XSalsa20Engine.java
+++ /dev/null

@@ -1,63 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.util.Pack;
-
-/**
- * Implementation of Daniel J. Bernstein's XSalsa20 stream cipher - Salsa20 with an extended nonce.
- * <p>
- * XSalsa20 requires a 256 bit key, and a 192 bit nonce.
- */
-public class XSalsa20Engine extends Salsa20Engine
-{
-    public String getAlgorithmName()
-    {
-        return "XSalsa20";
-    }
-
-    protected int getNonceSize()
-    {
-        return 24;
-    }
-
-    /**
-     * XSalsa20 key generation: process 256 bit input key and 128 bits of the input nonce
-     * using a core Salsa20 function without input addition to produce 256 bit working key
-     * and use that with the remaining 64 bits of nonce to initialize a standard Salsa20 engine state.
-     */
-    protected void setKey(byte[] keyBytes, byte[] ivBytes)
-    {
-        if (keyBytes == null)
-        {
-            throw new IllegalArgumentException(getAlgorithmName() + " doesn't support re-init with null key");
-        }
-
-        if (keyBytes.length != 32)
-        {
-            throw new IllegalArgumentException(getAlgorithmName() + " requires a 256 bit key");
-        }
-
-        // Set key for HSalsa20
-        super.setKey(keyBytes, ivBytes);
-
-        // Pack next 64 bits of IV into engine state instead of counter
-        Pack.littleEndianToInt(ivBytes, 8, engineState, 8, 2);
-
-        // Process engine state to generate Salsa20 key
-        int[] hsalsa20Out = new int[engineState.length];
-        salsaCore(20, engineState, hsalsa20Out);
-
-        // Set new key, removing addition in last round of salsaCore
-        engineState[1] = hsalsa20Out[0] - engineState[0];
-        engineState[2] = hsalsa20Out[5] - engineState[5];
-        engineState[3] = hsalsa20Out[10] - engineState[10];
-        engineState[4] = hsalsa20Out[15] - engineState[15];
-
-        engineState[11] = hsalsa20Out[6] - engineState[6];
-        engineState[12] = hsalsa20Out[7] - engineState[7];
-        engineState[13] = hsalsa20Out[8] - engineState[8];
-        engineState[14] = hsalsa20Out[9] - engineState[9];
-
-        // Last 64 bits of input IV
-        Pack.littleEndianToInt(ivBytes, 16, engineState, 6, 2);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/XTEAEngine.java b/bcprov/src/main/java/org/bouncycastle/crypto/engines/XTEAEngine.java
deleted file mode 100644
index fb21bbc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/XTEAEngine.java
+++ /dev/null

@@ -1,188 +0,0 @@
-package org.bouncycastle.crypto.engines;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.KeyParameter;
-
-/**
- * An XTEA engine.
- */
-public class XTEAEngine
-    implements BlockCipher
-{
-    private static final int rounds     = 32,
-                             block_size = 8,
-//                             key_size   = 16,
-                             delta      = 0x9E3779B9;
-
-    /*
-     * the expanded key array of 4 subkeys
-     */
-    private int[]   _S    = new int[4],
-                    _sum0 = new int[32],
-                    _sum1 = new int[32];
-    private boolean _initialised,
-                    _forEncryption;
-
-    /**
-     * Create an instance of the TEA encryption algorithm
-     * and set some defaults
-     */
-    public XTEAEngine()
-    {
-        _initialised = false;
-    }
-
-    public String getAlgorithmName()
-    {
-        return "XTEA";
-    }
-
-    public int getBlockSize()
-    {
-        return block_size;
-    }
-
-    /**
-     * initialise
-     *
-     * @param forEncryption whether or not we are for encryption.
-     * @param params the parameters required to set up the cipher.
-     * @exception IllegalArgumentException if the params argument is
-     * inappropriate.
-     */
-    public void init(
-        boolean             forEncryption,
-        CipherParameters    params)
-    {
-        if (!(params instanceof KeyParameter))
-        {
-            throw new IllegalArgumentException("invalid parameter passed to TEA init - " + params.getClass().getName());
-        }
-
-        _forEncryption = forEncryption;
-        _initialised = true;
-
-        KeyParameter       p = (KeyParameter)params;
-
-        setKey(p.getKey());
-    }
-
-    public int processBlock(
-        byte[]  in,
-        int     inOff,
-        byte[]  out,
-        int     outOff)
-    {
-        if (!_initialised)
-        {
-            throw new IllegalStateException(getAlgorithmName()+" not initialised");
-        }
-
-        if ((inOff + block_size) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-
-        if ((outOff + block_size) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-
-        return (_forEncryption) ? encryptBlock(in, inOff, out, outOff)
-                                    : decryptBlock(in, inOff, out, outOff);
-    }
-
-    public void reset()
-    {
-    }
-
-    /**
-     * Re-key the cipher.
-     * <p>
-     * @param  key  the key to be used
-     */
-    private void setKey(
-        byte[]      key)
-    {
-        if (key.length != 16) 
-        {
-            throw new IllegalArgumentException("Key size must be 128 bits.");
-        }
-
-        int i, j;
-        for (i = j = 0; i < 4; i++,j+=4)
-        {
-            _S[i] = bytesToInt(key, j);
-        }
-            
-        for (i = j = 0; i < rounds; i++)
-        {
-                _sum0[i] = (j + _S[j & 3]);
-                j += delta;
-                _sum1[i] = (j + _S[j >>> 11 & 3]);
-        }
-    }
-
-    private int encryptBlock(
-        byte[]  in,
-        int     inOff,
-        byte[]  out,
-        int     outOff)
-    {
-        // Pack bytes into integers
-        int v0 = bytesToInt(in, inOff);
-        int v1 = bytesToInt(in, inOff + 4);
-
-        for (int i = 0; i < rounds; i++)
-        {
-            v0    += ((v1 << 4 ^ v1 >>> 5) + v1) ^ _sum0[i];
-            v1    += ((v0 << 4 ^ v0 >>> 5) + v0) ^ _sum1[i];
-        }
-
-        unpackInt(v0, out, outOff);
-        unpackInt(v1, out, outOff + 4);
-
-        return block_size;
-    }
-
-    private int decryptBlock(
-        byte[]  in,
-        int     inOff,
-        byte[]  out,
-        int     outOff)
-    {
-        // Pack bytes into integers
-        int v0 = bytesToInt(in, inOff);
-        int v1 = bytesToInt(in, inOff + 4);
-
-        for (int i = rounds-1; i >= 0; i--)
-        {
-            v1  -= ((v0 << 4 ^ v0 >>> 5) + v0) ^ _sum1[i];
-            v0  -= ((v1 << 4 ^ v1 >>> 5) + v1) ^ _sum0[i];
-        }
-
-        unpackInt(v0, out, outOff);
-        unpackInt(v1, out, outOff + 4);
-
-        return block_size;
-    }
-
-    private int bytesToInt(byte[] in, int inOff)
-    {
-        return ((in[inOff++]) << 24) |
-                 ((in[inOff++] & 255) << 16) |
-                 ((in[inOff++] & 255) <<  8) |
-                 ((in[inOff] & 255));
-    }
-
-    private void unpackInt(int v, byte[] out, int outOff)
-    {
-        out[outOff++] = (byte)(v >>> 24);
-        out[outOff++] = (byte)(v >>> 16);
-        out[outOff++] = (byte)(v >>>  8);
-        out[outOff  ] = (byte)v;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/engines/package.html b/bcprov/src/main/java/org/bouncycastle/crypto/engines/package.html
deleted file mode 100644
index e945dac..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/engines/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Basic cipher classes.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/examples/DESExample.java b/bcprov/src/main/java/org/bouncycastle/crypto/examples/DESExample.java
deleted file mode 100644
index 4841211..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/examples/DESExample.java
+++ /dev/null

@@ -1,421 +0,0 @@
-package org.bouncycastle.crypto.examples;
-
-import java.io.BufferedInputStream;
-import java.io.BufferedOutputStream;
-import java.io.BufferedReader;
-import java.io.FileInputStream;
-import java.io.FileNotFoundException;
-import java.io.FileOutputStream;
-import java.io.IOException;
-import java.io.InputStreamReader;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.crypto.engines.DESedeEngine;
-import org.bouncycastle.crypto.generators.DESedeKeyGenerator;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
-import org.bouncycastle.crypto.params.DESedeParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.encoders.Hex;
-
-/**
- * DESExample is a simple DES based encryptor/decryptor.
- * <p>
- * The program is command line driven, with the input
- * and output files specified on the command line.
- * <pre>
- * java org.bouncycastle.crypto.examples.DESExample infile outfile [keyfile]
- * </pre>
- * A new key is generated for each encryption, if key is not specified,
- * then the example will assume encryption is required, and as output
- * create deskey.dat in the current directory.  This key is a hex
- * encoded byte-stream that is used for the decryption.  The output
- * file is Hex encoded, 60 characters wide text file.
- * <p>
- * When encrypting;
- * <ul>
- *  <li>the infile is expected to be a byte stream (text or binary)
- *  <li>there is no keyfile specified on the input line
- * </ul>
- * <p>
- * When decrypting;
- * <ul>
- *  <li>the infile is expected to be the 60 character wide base64 
- *    encoded file
- *  <li>the keyfile is expected to be a base64 encoded file
- * </ul>
- * <p>
- * This example shows how to use the light-weight API, DES and
- * the filesystem for message encryption and decryption.
- *
- */
-public class DESExample extends Object
-{
-    // Encrypting or decrypting ?
-    private boolean encrypt = true;
-
-    // To hold the initialised DESede cipher
-    private PaddedBufferedBlockCipher cipher = null;
-
-    // The input stream of bytes to be processed for encryption
-    private BufferedInputStream in = null;
-
-    // The output stream of bytes to be procssed
-    private BufferedOutputStream out = null;
-
-    // The key
-    private byte[] key = null;
-
-    /*
-     * start the application
-     */
-    public static void main(String[] args)
-    {
-        boolean encrypt = true;
-        String infile = null;
-        String outfile = null;
-        String keyfile = null;
-
-        if (args.length < 2)
-        {
-            DESExample de = new DESExample();
-            System.err.println("Usage: java "+de.getClass().getName()+
-                                " infile outfile [keyfile]");
-            System.exit(1);
-        }
-
-        keyfile = "deskey.dat";
-        infile = args[0];
-        outfile = args[1];
-
-        if (args.length > 2)
-        {
-            encrypt = false;
-            keyfile = args[2];
-        }
-
-        DESExample de = new DESExample(infile, outfile, keyfile, encrypt);
-        de.process();
-    }
-
-    // Default constructor, used for the usage message
-    public DESExample()
-    {
-    }
-
-    /*
-     * Constructor, that takes the arguments appropriate for
-     * processing the command line directives.
-     */
-    public DESExample(
-                String infile,
-                String outfile,
-                String keyfile,
-                boolean encrypt)
-    {
-        /* 
-         * First, determine that infile & keyfile exist as appropriate.
-         *
-         * This will also create the BufferedInputStream as required
-         * for reading the input file.  All input files are treated
-         * as if they are binary, even if they contain text, it's the
-         * bytes that are encrypted.
-         */
-        this.encrypt = encrypt;
-        try
-        {
-            in = new BufferedInputStream(new FileInputStream(infile));
-        }
-        catch (FileNotFoundException fnf)
-        {
-            System.err.println("Input file not found ["+infile+"]");
-            System.exit(1);
-        }
-
-        try
-        {
-            out = new BufferedOutputStream(new FileOutputStream(outfile));
-        }
-        catch (IOException fnf)
-        {
-            System.err.println("Output file not created ["+outfile+"]");
-            System.exit(1);
-        }
-
-        if (encrypt)
-        {
-            try
-            {
-                /*
-                 * The process of creating a new key requires a 
-                 * number of steps.
-                 *
-                 * First, create the parameters for the key generator
-                 * which are a secure random number generator, and
-                 * the length of the key (in bits).
-                 */
-                SecureRandom sr = null;
-                try
-                {
-                    sr = new SecureRandom();
-                    /*
-                     * This following call to setSeed() makes the
-                     * initialisation of the SecureRandom object
-                     * _very_ fast, but not secure AT ALL.  
-                     *
-                     * Remove the line, recreate the class file and 
-                     * then run DESExample again to see the difference.
-                     *
-                     * The initialisation of a SecureRandom object
-                     * can take 5 or more seconds depending on the
-                     * CPU that the program is running on.  That can
-                     * be annoying during unit testing.
-                     *     -- jon
-                     */
-                    sr.setSeed("www.bouncycastle.org".getBytes());
-                }
-                catch (Exception nsa)
-                {
-                    System.err.println("Hmmm, no SHA1PRNG, you need the "+
-                                        "Sun implementation");
-                    System.exit(1);
-                }
-                KeyGenerationParameters kgp = new KeyGenerationParameters(
-                                    sr, 
-                                    DESedeParameters.DES_EDE_KEY_LENGTH*8);
-
-                /*
-                 * Second, initialise the key generator with the parameters
-                 */
-                DESedeKeyGenerator kg = new DESedeKeyGenerator();
-                kg.init(kgp);
-
-                /*
-                 * Third, and finally, generate the key
-                 */
-                key = kg.generateKey();
-
-                /*
-                 * We can now output the key to the file, but first
-                 * hex encode the key so that we can have a look
-                 * at it with a text editor if we so desire
-                 */
-                BufferedOutputStream keystream = 
-                    new BufferedOutputStream(new FileOutputStream(keyfile));
-                byte[] keyhex = Hex.encode(key);
-                keystream.write(keyhex, 0, keyhex.length);
-                keystream.flush();
-                keystream.close();
-            }
-            catch (IOException createKey)
-            {
-                System.err.println("Could not decryption create key file "+
-                                    "["+keyfile+"]");
-                System.exit(1);
-            }
-        }
-        else
-        {
-            try
-            {
-                // read the key, and decode from hex encoding
-                BufferedInputStream keystream = 
-                    new BufferedInputStream(new FileInputStream(keyfile));
-                int len = keystream.available();
-                byte[] keyhex = new byte[len];
-                keystream.read(keyhex, 0, len);
-                key = Hex.decode(keyhex);
-            }
-            catch (IOException ioe)
-            {
-                System.err.println("Decryption key file not found, "+
-                                    "or not valid ["+keyfile+"]");
-                System.exit(1);
-            }
-        }
-    }
-
-    private void process()
-    {
-        /* 
-         * Setup the DESede cipher engine, create a PaddedBufferedBlockCipher
-         * in CBC mode.
-         */
-        cipher = new PaddedBufferedBlockCipher(
-                                    new CBCBlockCipher(new DESedeEngine()));
-
-        /*
-         * The input and output streams are currently set up
-         * appropriately, and the key bytes are ready to be
-         * used.
-         *
-         */
-
-        if (encrypt)
-        {
-            performEncrypt(key);
-        }
-        else
-        {
-            performDecrypt(key);
-        }
-
-        // after processing clean up the files
-        try
-        {
-            in.close();
-            out.flush();
-            out.close();
-        }
-        catch (IOException closing)
-        {
-            System.err.println("exception closing resources: " + closing.getMessage());
-        }
-    }
-        
-    /*
-     * This method performs all the encryption and writes
-     * the cipher text to the buffered output stream created
-     * previously.
-     */
-    private void performEncrypt(byte[] key)
-    {
-        // initialise the cipher with the key bytes, for encryption
-        cipher.init(true, new KeyParameter(key));
-
-        /*
-         * Create some temporary byte arrays for use in
-         * encryption, make them a reasonable size so that
-         * we don't spend forever reading small chunks from
-         * a file.
-         *
-         * There is no particular reason for using getBlockSize()
-         * to determine the size of the input chunk.  It just
-         * was a convenient number for the example.  
-         */
-        // int inBlockSize = cipher.getBlockSize() * 5;
-        int inBlockSize = 47;
-        int outBlockSize = cipher.getOutputSize(inBlockSize);
-
-        byte[] inblock = new byte[inBlockSize];
-        byte[] outblock = new byte[outBlockSize];
-
-        /* 
-         * now, read the file, and output the chunks
-         */
-        try
-        {
-            int inL;
-            int outL;
-            byte[] rv = null;
-            while ((inL=in.read(inblock, 0, inBlockSize)) > 0)
-            {
-                outL = cipher.processBytes(inblock, 0, inL, outblock, 0);
-                /*
-                 * Before we write anything out, we need to make sure
-                 * that we've got something to write out. 
-                 */
-                if (outL > 0)
-                {
-                    rv = Hex.encode(outblock, 0, outL);
-                    out.write(rv, 0, rv.length);
-                    out.write('\n');
-                }
-            }
-
-            try
-            {
-                /*
-                 * Now, process the bytes that are still buffered
-                 * within the cipher.
-                 */
-                outL = cipher.doFinal(outblock, 0);
-                if (outL > 0)
-                {
-                    rv = Hex.encode(outblock, 0, outL);
-                    out.write(rv, 0, rv.length);
-                    out.write('\n');
-                }
-            }
-            catch (CryptoException ce)
-            {
-
-            }
-        }
-        catch (IOException ioeread)
-        {
-            ioeread.printStackTrace();
-        }
-    }
-
-    /*
-     * This method performs all the decryption and writes
-     * the plain text to the buffered output stream created
-     * previously.
-     */
-    private void performDecrypt(byte[] key)
-    {    
-        // initialise the cipher for decryption
-        cipher.init(false, new KeyParameter(key));
-
-        /* 
-         * As the decryption is from our preformatted file,
-         * and we know that it's a hex encoded format, then
-         * we wrap the InputStream with a BufferedReader
-         * so that we can read it easily.
-         */
-        BufferedReader br = new BufferedReader(new InputStreamReader(in));
-
-        /* 
-         * now, read the file, and output the chunks
-         */
-        try
-        {
-            int outL;
-            byte[] inblock = null;
-            byte[] outblock = null;
-            String rv = null;
-            while ((rv = br.readLine()) != null)
-            {
-                inblock = Hex.decode(rv);
-                outblock = new byte[cipher.getOutputSize(inblock.length)];
-
-                outL = cipher.processBytes(inblock, 0, inblock.length, 
-                                            outblock, 0);
-                /*
-                 * Before we write anything out, we need to make sure
-                 * that we've got something to write out. 
-                 */
-                if (outL > 0)
-                {
-                    out.write(outblock, 0, outL);
-                }
-            }
-
-            try
-            {
-                /*
-                 * Now, process the bytes that are still buffered
-                 * within the cipher.
-                 */
-                outL = cipher.doFinal(outblock, 0);
-                if (outL > 0)
-                {
-                    out.write(outblock, 0, outL);
-                }
-            }
-            catch (CryptoException ce)
-            {
-
-            }
-        }
-        catch (IOException ioeread)
-        {
-            ioeread.printStackTrace();
-        }
-    }
-
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/examples/JPAKEExample.java b/bcprov/src/main/java/org/bouncycastle/crypto/examples/JPAKEExample.java
deleted file mode 100644
index f0065f4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/examples/JPAKEExample.java
+++ /dev/null

@@ -1,214 +0,0 @@
-package org.bouncycastle.crypto.examples;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.agreement.jpake.JPAKEPrimeOrderGroup;
-import org.bouncycastle.crypto.agreement.jpake.JPAKEPrimeOrderGroups;
-import org.bouncycastle.crypto.agreement.jpake.JPAKEParticipant;
-import org.bouncycastle.crypto.agreement.jpake.JPAKERound1Payload;
-import org.bouncycastle.crypto.agreement.jpake.JPAKERound2Payload;
-import org.bouncycastle.crypto.agreement.jpake.JPAKERound3Payload;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-
-/**
- * An example of a J-PAKE exchange.
- * <p>
- * 
- * In this example, both Alice and Bob are on the same computer (in the same JVM, in fact).
- * In reality, Alice and Bob would be in different locations,
- * and would be sending their generated payloads to each other.
- */
-public class JPAKEExample
-{
-
-    public static void main(String args[]) throws CryptoException
-    {
-        /*
-         * Initialization
-         * 
-         * Pick an appropriate prime order group to use throughout the exchange.
-         * Note that both participants must use the same group.
-         */
-        JPAKEPrimeOrderGroup group = JPAKEPrimeOrderGroups.NIST_3072;
-
-        BigInteger p = group.getP();
-        BigInteger q = group.getQ();
-        BigInteger g = group.getG();
-
-        String alicePassword = "password";
-        String bobPassword = "password";
-
-        System.out.println("********* Initialization **********");
-        System.out.println("Public parameters for the cyclic group:");
-        System.out.println("p (" + p.bitLength() + " bits): " + p.toString(16));
-        System.out.println("q (" + q.bitLength() + " bits): " + q.toString(16));
-        System.out.println("g (" + p.bitLength() + " bits): " + g.toString(16));
-        System.out.println("p mod q = " + p.mod(q).toString(16));
-        System.out.println("g^{q} mod p = " + g.modPow(q, p).toString(16));
-        System.out.println("");
-
-        System.out.println("(Secret passwords used by Alice and Bob: " +
-                "\"" + alicePassword + "\" and \"" + bobPassword + "\")\n");
-
-        /*
-         * Both participants must use the same hashing algorithm.
-         */
-        Digest digest = new SHA256Digest();
-        SecureRandom random = new SecureRandom();
-
-        JPAKEParticipant alice = new JPAKEParticipant("alice", alicePassword.toCharArray(), group, digest, random);
-        JPAKEParticipant bob = new JPAKEParticipant("bob", bobPassword.toCharArray(), group, digest, random);
-
-        /*
-         * Round 1
-         * 
-         * Alice and Bob each generate a round 1 payload, and send it to each other.
-         */
-
-        JPAKERound1Payload aliceRound1Payload = alice.createRound1PayloadToSend();
-        JPAKERound1Payload bobRound1Payload = bob.createRound1PayloadToSend();
-
-        System.out.println("************ Round 1 **************");
-        System.out.println("Alice sends to Bob: ");
-        System.out.println("g^{x1}=" + aliceRound1Payload.getGx1().toString(16));
-        System.out.println("g^{x2}=" + aliceRound1Payload.getGx2().toString(16));
-        System.out.println("KP{x1}={" + aliceRound1Payload.getKnowledgeProofForX1()[0].toString(16) + "};{" + aliceRound1Payload.getKnowledgeProofForX1()[1].toString(16) + "}");
-        System.out.println("KP{x2}={" + aliceRound1Payload.getKnowledgeProofForX2()[0].toString(16) + "};{" + aliceRound1Payload.getKnowledgeProofForX2()[1].toString(16) + "}");
-        System.out.println("");
-
-        System.out.println("Bob sends to Alice: ");
-        System.out.println("g^{x3}=" + bobRound1Payload.getGx1().toString(16));
-        System.out.println("g^{x4}=" + bobRound1Payload.getGx2().toString(16));
-        System.out.println("KP{x3}={" + bobRound1Payload.getKnowledgeProofForX1()[0].toString(16) + "};{" + bobRound1Payload.getKnowledgeProofForX1()[1].toString(16) + "}");
-        System.out.println("KP{x4}={" + bobRound1Payload.getKnowledgeProofForX2()[0].toString(16) + "};{" + bobRound1Payload.getKnowledgeProofForX2()[1].toString(16) + "}");
-        System.out.println("");
-
-        /*
-         * Each participant must then validate the received payload for round 1
-         */
-
-        alice.validateRound1PayloadReceived(bobRound1Payload);
-        System.out.println("Alice checks g^{x4}!=1: OK");
-        System.out.println("Alice checks KP{x3}: OK");
-        System.out.println("Alice checks KP{x4}: OK");
-        System.out.println("");
-
-        bob.validateRound1PayloadReceived(aliceRound1Payload);
-        System.out.println("Bob checks g^{x2}!=1: OK");
-        System.out.println("Bob checks KP{x1},: OK");
-        System.out.println("Bob checks KP{x2},: OK");
-        System.out.println("");
-
-        /*
-         * Round 2
-         * 
-         * Alice and Bob each generate a round 2 payload, and send it to each other.
-         */
-
-        JPAKERound2Payload aliceRound2Payload = alice.createRound2PayloadToSend();
-        JPAKERound2Payload bobRound2Payload = bob.createRound2PayloadToSend();
-
-        System.out.println("************ Round 2 **************");
-        System.out.println("Alice sends to Bob: ");
-        System.out.println("A=" + aliceRound2Payload.getA().toString(16));
-        System.out.println("KP{x2*s}={" + aliceRound2Payload.getKnowledgeProofForX2s()[0].toString(16) + "},{" + aliceRound2Payload.getKnowledgeProofForX2s()[1].toString(16) + "}");
-        System.out.println("");
-
-        System.out.println("Bob sends to Alice");
-        System.out.println("B=" + bobRound2Payload.getA().toString(16));
-        System.out.println("KP{x4*s}={" + bobRound2Payload.getKnowledgeProofForX2s()[0].toString(16) + "},{" + bobRound2Payload.getKnowledgeProofForX2s()[1].toString(16) + "}");
-        System.out.println("");
-
-        /*
-         * Each participant must then validate the received payload for round 2
-         */
-
-        alice.validateRound2PayloadReceived(bobRound2Payload);
-        System.out.println("Alice checks KP{x4*s}: OK\n");
-
-        bob.validateRound2PayloadReceived(aliceRound2Payload);
-        System.out.println("Bob checks KP{x2*s}: OK\n");
-
-        /*
-         * After round 2, each participant computes the keying material.
-         */
-
-        BigInteger aliceKeyingMaterial = alice.calculateKeyingMaterial();
-        BigInteger bobKeyingMaterial = bob.calculateKeyingMaterial();
-
-        System.out.println("********* After round 2 ***********");
-        System.out.println("Alice computes key material \t K=" + aliceKeyingMaterial.toString(16));
-        System.out.println("Bob computes key material \t K=" + bobKeyingMaterial.toString(16));
-        System.out.println();
-        
-        
-        /*
-         * You must derive a session key from the keying material applicable
-         * to whatever encryption algorithm you want to use.
-         */
-        
-        BigInteger aliceKey = deriveSessionKey(aliceKeyingMaterial);
-        BigInteger bobKey = deriveSessionKey(bobKeyingMaterial);
-        
-        /*
-         * At this point, you can stop and use the session keys if you want.
-         * This is implicit key confirmation.
-         * 
-         * If you want to explicitly confirm that the key material matches,
-         * you can continue on and perform round 3.
-         */
-        
-        /*
-         * Round 3
-         * 
-         * Alice and Bob each generate a round 3 payload, and send it to each other.
-         */
-
-        JPAKERound3Payload aliceRound3Payload = alice.createRound3PayloadToSend(aliceKeyingMaterial);
-        JPAKERound3Payload bobRound3Payload = bob.createRound3PayloadToSend(bobKeyingMaterial);
-
-        System.out.println("************ Round 3 **************");
-        System.out.println("Alice sends to Bob: ");
-        System.out.println("MacTag=" + aliceRound3Payload.getMacTag().toString(16));
-        System.out.println("");
-        System.out.println("Bob sends to Alice: ");
-        System.out.println("MacTag=" + bobRound3Payload.getMacTag().toString(16));
-        System.out.println("");
-
-        /*
-         * Each participant must then validate the received payload for round 3
-         */
-
-        alice.validateRound3PayloadReceived(bobRound3Payload, aliceKeyingMaterial);
-        System.out.println("Alice checks MacTag: OK\n");
-
-        bob.validateRound3PayloadReceived(aliceRound3Payload, bobKeyingMaterial);
-        System.out.println("Bob checks MacTag: OK\n");
-
-        System.out.println();
-        System.out.println("MacTags validated, therefore the keying material matches.");
-    }
-
-    private static BigInteger deriveSessionKey(BigInteger keyingMaterial)
-    {
-        /*
-         * You should use a secure key derivation function (KDF) to derive the session key.
-         * 
-         * For the purposes of this example, I'm just going to use a hash of the keying material.
-         */
-        SHA256Digest digest = new SHA256Digest();
-        
-        byte[] keyByteArray = keyingMaterial.toByteArray();
-        
-        byte[] output = new byte[digest.getDigestSize()];
-        
-        digest.update(keyByteArray, 0, keyByteArray.length);
-
-        digest.doFinal(output, 0);
-
-        return new BigInteger(output);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/examples/package.html b/bcprov/src/main/java/org/bouncycastle/crypto/examples/package.html
deleted file mode 100644
index 390a540..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/examples/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Simple examples of light weight API usage.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/Argon2BytesGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/Argon2BytesGenerator.java
deleted file mode 100644
index c5d04d9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/Argon2BytesGenerator.java
+++ /dev/null

@@ -1,722 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.Blake2bDigest;
-import org.bouncycastle.crypto.params.Argon2Parameters;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Pack;
-import org.bouncycastle.util.encoders.Hex;
-
-
-/**
- * Argon2 PBKDF - Based on the results of https://password-hashing.net/ and https://www.ietf.org/archive/id/draft-irtf-cfrg-argon2-03.txt
- */
-public class Argon2BytesGenerator
-{
-
-    private static final int ARGON2_BLOCK_SIZE = 1024;
-    private static final int ARGON2_QWORDS_IN_BLOCK = ARGON2_BLOCK_SIZE / 8;
-
-    private static final int ARGON2_ADDRESSES_IN_BLOCK = 128;
-
-    private static final int ARGON2_PREHASH_DIGEST_LENGTH = 64;
-    private static final int ARGON2_PREHASH_SEED_LENGTH = 72;
-
-    private static final int ARGON2_SYNC_POINTS = 4;
-
-    /* Minimum and maximum number of lanes (degree of parallelism) */
-    private static final int MIN_PARALLELISM = 1;
-    private static final int MAX_PARALLELISM = 16777216;
-
-    /* Minimum and maximum digest size in bytes */
-    private static final int MIN_OUTLEN = 4;
-    
-    /* Minimum and maximum number of passes */
-    private static final int MIN_ITERATIONS = 1;
-
-    private Block[] memory;
-
-
-    private int segmentLength;
-    private int laneLength;
-
-
-    private Argon2Parameters parameters;
-
-    private byte[] result;
-
-    public Argon2BytesGenerator()
-    {
-
-    }
-
-    /**
-     * Initialise the Argon2BytesGenerator from the parameters.
-     *
-     * @param parameters Argon2 configuration.
-     */
-    public void init(Argon2Parameters parameters)
-    {
-        this.parameters = parameters;
-
-
-        if (parameters.getLanes() < Argon2BytesGenerator.MIN_PARALLELISM)
-        {
-            throw new IllegalStateException("lanes must be greater than " + Argon2BytesGenerator.MIN_PARALLELISM);
-        }
-        else if (parameters.getLanes() > Argon2BytesGenerator.MAX_PARALLELISM)
-        {
-            throw new IllegalStateException("lanes must be less than " + Argon2BytesGenerator.MAX_PARALLELISM);
-        }
-        else if (parameters.getMemory() < 2 * parameters.getLanes())
-        {
-            throw new IllegalStateException("memory is less than: " + (2 * parameters.getLanes()) + " expected " + (2 * parameters.getLanes()));
-        }
-        else if (parameters.getIterations() < Argon2BytesGenerator.MIN_ITERATIONS)
-        {
-            throw new IllegalStateException("iterations is less than: " + Argon2BytesGenerator.MIN_ITERATIONS);
-        }
-
-        doInit(parameters);
-    }
-
-    public int generateBytes(char[] password, byte[] out)
-    {
-        return generateBytes(parameters.getCharToByteConverter().convert(password), out);
-    }
-
-    public int generateBytes(char[] password, byte[] out, int outOff, int outLen)
-    {
-        return generateBytes(parameters.getCharToByteConverter().convert(password), out, outOff, outLen);
-    }
-
-    public int generateBytes(byte[] password, byte[] out)
-    {
-        return generateBytes(password, out, 0, out.length);
-    }
-
-    public int generateBytes(byte[] password, byte[] out, int outOff, int outLen)
-    {
-        if (outLen < Argon2BytesGenerator.MIN_OUTLEN)
-        {
-            throw new IllegalStateException("output length less than " + Argon2BytesGenerator.MIN_OUTLEN);
-        }
-
-        initialize(password, outLen);
-        fillMemoryBlocks();
-        digest(outLen);
-
-        System.arraycopy(result, 0, out, outOff, outLen);
-
-        reset();
-
-        return outLen;
-    }
-
-    // Clear memory.
-    private void reset()
-    {
-        // Reset memory.
-        for (int i = 0; i < memory.length; i++)
-        {
-            Block b = memory[i];
-
-            b.clear();
-        }
-        memory = null;
-        Arrays.fill(result, (byte)0);
-        doInit(parameters);
-    }
-
-    private void doInit(Argon2Parameters parameters)
-    {
-        /* 2. Align memory size */
-        /* Minimum memoryBlocks = 8L blocks, where L is the number of lanes */
-        int memoryBlocks = parameters.getMemory();
-
-        if (memoryBlocks < 2 * Argon2BytesGenerator.ARGON2_SYNC_POINTS * parameters.getLanes())
-        {
-            memoryBlocks = 2 * Argon2BytesGenerator.ARGON2_SYNC_POINTS * parameters.getLanes();
-        }
-
-        this.segmentLength = memoryBlocks / (parameters.getLanes() * Argon2BytesGenerator.ARGON2_SYNC_POINTS);
-        this.laneLength = segmentLength * Argon2BytesGenerator.ARGON2_SYNC_POINTS;
-
-        /* Ensure that all segments have equal length */
-        memoryBlocks = segmentLength * (parameters.getLanes() * Argon2BytesGenerator.ARGON2_SYNC_POINTS);
-
-        initMemory(memoryBlocks);
-    }
-
-
-    private void initMemory(int memoryBlocks)
-    {
-        this.memory = new Block[memoryBlocks];
-
-        for (int i = 0; i < memory.length; i++)
-        {
-            memory[i] = new Block();
-        }
-    }
-
-    private void fillBlock(Block X, Block Y, Block currentBlock, boolean withXor)
-    {
-        Block R = new Block();
-        Block Z = new Block();
-
-        R.xor(X, Y);
-        Z.copyBlock(R);
-
-        /* Apply Blake2 on columns of 64-bit words: (0,1,...,15) , then
-        (16,17,..31)... finally (112,113,...127) */
-        for (int i = 0; i < 8; i++)
-        {
-
-            roundFunction(Z,
-                16 * i, 16 * i + 1, 16 * i + 2,
-                16 * i + 3, 16 * i + 4, 16 * i + 5,
-                16 * i + 6, 16 * i + 7, 16 * i + 8,
-                16 * i + 9, 16 * i + 10, 16 * i + 11,
-                16 * i + 12, 16 * i + 13, 16 * i + 14,
-                16 * i + 15
-            );
-        }
-
-        /* Apply Blake2 on rows of 64-bit words: (0,1,16,17,...112,113), then
-        (2,3,18,19,...,114,115).. finally (14,15,30,31,...,126,127) */
-        for (int i = 0; i < 8; i++)
-        {
-
-            roundFunction(Z,
-                2 * i, 2 * i + 1, 2 * i + 16,
-                2 * i + 17, 2 * i + 32, 2 * i + 33,
-                2 * i + 48, 2 * i + 49, 2 * i + 64,
-                2 * i + 65, 2 * i + 80, 2 * i + 81,
-                2 * i + 96, 2 * i + 97, 2 * i + 112,
-                2 * i + 113
-            );
-
-        }
-
-        if (withXor)
-        {
-            currentBlock.xor(R, Z, currentBlock);
-        }
-        else
-        {
-            currentBlock.xor(R, Z);
-        }
-    }
-
-    private void fillMemoryBlocks()
-    {
-        for (int i = 0; i < parameters.getIterations(); i++)
-        {
-            for (int j = 0; j < ARGON2_SYNC_POINTS; j++)
-            {
-                for (int k = 0; k < parameters.getLanes(); k++)
-                {
-                    Position position = new Position(i, k, j, 0);
-                    fillSegment(position);
-                }
-            }
-        }
-    }
-
-    private void fillSegment(Position position)
-    {
-
-        Block addressBlock = null, inputBlock = null, zeroBlock = null;
-
-        boolean dataIndependentAddressing = isDataIndependentAddressing(position);
-        int startingIndex = getStartingIndex(position);
-        int currentOffset = position.lane * laneLength + position.slice * segmentLength + startingIndex;
-        int prevOffset = getPrevOffset(currentOffset);
-
-        if (dataIndependentAddressing)
-        {
-            addressBlock = new Block();
-            zeroBlock = new Block();
-            inputBlock = new Block();
-
-            initAddressBlocks(position, zeroBlock, inputBlock, addressBlock);
-        }
-
-        for (position.index = startingIndex; position.index < segmentLength; position.index++, currentOffset++, prevOffset++)
-        {
-            prevOffset = rotatePrevOffset(currentOffset, prevOffset);
-
-            long pseudoRandom = getPseudoRandom(position, addressBlock, inputBlock, zeroBlock, prevOffset, dataIndependentAddressing);
-            int refLane = getRefLane(position, pseudoRandom);
-            int refColumn = getRefColumn(position, pseudoRandom, refLane == position.lane);
-
-            /* 2 Creating a new block */
-            Block prevBlock = memory[prevOffset];
-            Block refBlock = memory[((laneLength) * refLane + refColumn)];
-            Block currentBlock = memory[currentOffset];
-
-            boolean withXor = isWithXor(position);
-            fillBlock(prevBlock, refBlock, currentBlock, withXor);
-        }
-    }
-
-    private boolean isDataIndependentAddressing(Position position)
-    {
-        return (parameters.getType() == Argon2Parameters.ARGON2_i) ||
-            (parameters.getType() == Argon2Parameters.ARGON2_id
-                && (position.pass == 0)
-                && (position.slice < ARGON2_SYNC_POINTS / 2)
-            );
-    }
-
-    private void initAddressBlocks(Position position, Block zeroBlock, Block inputBlock, Block addressBlock)
-    {
-        inputBlock.v[0] = intToLong(position.pass);
-        inputBlock.v[1] = intToLong(position.lane);
-        inputBlock.v[2] = intToLong(position.slice);
-        inputBlock.v[3] = intToLong(memory.length);
-        inputBlock.v[4] = intToLong(parameters.getIterations());
-        inputBlock.v[5] = intToLong(parameters.getType());
-
-        if ((position.pass == 0) && (position.slice == 0))
-        {
-            /* Don't forget to generate the first block of addresses: */
-            nextAddresses(zeroBlock, inputBlock, addressBlock);
-        }
-    }
-
-    private boolean isWithXor(Position position)
-    {
-        return !(position.pass == 0 || parameters.getVersion() == Argon2Parameters.ARGON2_VERSION_10);
-    }
-
-    private int getPrevOffset(int currentOffset)
-    {
-        if (currentOffset % laneLength == 0)
-        {
-            /* Last block in this lane */
-            return currentOffset + laneLength - 1;
-        }
-        else
-        {
-            /* Previous block */
-            return currentOffset - 1;
-        }
-    }
-
-    private int rotatePrevOffset(int currentOffset, int prevOffset)
-    {
-        if (currentOffset % laneLength == 1)
-        {
-            prevOffset = currentOffset - 1;
-        }
-        return prevOffset;
-    }
-
-    private static int getStartingIndex(Position position)
-    {
-        if ((position.pass == 0) && (position.slice == 0))
-        {
-            return 2; /* we have already generated the first two blocks */
-        }
-        else
-        {
-            return 0;
-        }
-    }
-
-    private void nextAddresses(Block zeroBlock, Block inputBlock, Block addressBlock)
-    {
-        inputBlock.v[6]++;
-        fillBlock(zeroBlock, inputBlock, addressBlock, false);
-        fillBlock(zeroBlock, addressBlock, addressBlock, false);
-    }
-
-    /* 1.2 Computing the index of the reference block */
-    /* 1.2.1 Taking pseudo-random value from the previous block */
-    private long getPseudoRandom(Position position, Block addressBlock, Block inputBlock, Block zeroBlock, int prevOffset, boolean dataIndependentAddressing)
-    {
-        if (dataIndependentAddressing)
-        {
-            if (position.index % ARGON2_ADDRESSES_IN_BLOCK == 0)
-            {
-                nextAddresses(zeroBlock, inputBlock, addressBlock);
-            }
-            return addressBlock.v[position.index % ARGON2_ADDRESSES_IN_BLOCK];
-        }
-        else
-        {
-            return memory[prevOffset].v[0];
-        }
-    }
-
-    private int getRefLane(Position position, long pseudoRandom)
-    {
-        int refLane = (int)(((pseudoRandom >>> 32)) % parameters.getLanes());
-
-        if ((position.pass == 0) && (position.slice == 0))
-        {
-            /* Can not reference other lanes yet */
-            refLane = position.lane;
-        }
-        return refLane;
-    }
-
-    private int getRefColumn(Position position, long pseudoRandom,
-                             boolean sameLane)
-    {
-
-        int referenceAreaSize;
-        int startPosition;
-
-        if (position.pass == 0)
-        {
-            startPosition = 0;
-
-            if (sameLane)
-            {
-                /* The same lane => add current segment */
-                referenceAreaSize = position.slice * segmentLength + position.index - 1;
-            }
-            else
-            {
-                /* pass == 0 && !sameLane => position.slice > 0*/
-                referenceAreaSize = position.slice * segmentLength + ((position.index == 0) ? (-1) : 0);
-            }
-
-        }
-        else
-        {
-            startPosition = ((position.slice + 1) * segmentLength) % laneLength;
-
-            if (sameLane)
-            {
-                referenceAreaSize = laneLength - segmentLength + position.index - 1;
-            }
-            else
-            {
-                referenceAreaSize = laneLength - segmentLength + ((position.index == 0) ? (-1) : 0);
-            }
-        }
-
-        long relativePosition = pseudoRandom & 0xFFFFFFFFL;
-//        long relativePosition = pseudoRandom << 32 >>> 32;
-        relativePosition = (relativePosition * relativePosition) >>> 32;
-        relativePosition = referenceAreaSize - 1 - ((referenceAreaSize * relativePosition) >>> 32);
-
-        return (int)(startPosition + relativePosition) % laneLength;
-    }
-
-    private void digest(int outputLength)
-    {
-        Block finalBlock = memory[laneLength - 1];
-
-        /* XOR the last blocks */
-        for (int i = 1; i < parameters.getLanes(); i++)
-        {
-            int lastBlockInLane = i * laneLength + (laneLength - 1);
-            finalBlock.xorWith(memory[lastBlockInLane]);
-        }
-
-        byte[] finalBlockBytes = finalBlock.toBytes();
-
-        result = hash(finalBlockBytes, outputLength);
-    }
-
-    /**
-     * H0 = H64(p, τ, m, t, v, y, |P|, P, |S|, S, |L|, K, |X|, X)
-     * -> 64 byte (ARGON2_PREHASH_DIGEST_LENGTH)
-     */
-    private byte[] initialHash(Argon2Parameters parameters, int outputLength, byte[] password)
-    {
-        Blake2bDigest blake = new Blake2bDigest(ARGON2_PREHASH_DIGEST_LENGTH * 8);
-
-        addIntToLittleEndian(blake, parameters.getLanes());
-        addIntToLittleEndian(blake, outputLength);
-        addIntToLittleEndian(blake, parameters.getMemory());
-        addIntToLittleEndian(blake, parameters.getIterations());
-        addIntToLittleEndian(blake, parameters.getVersion());
-        addIntToLittleEndian(blake, parameters.getType());
-
-        addByteString(blake, password);
-        addByteString(blake, parameters.getSalt());
-        addByteString(blake, parameters.getSecret());
-        addByteString(blake, parameters.getAdditional());
-
-        byte[] blake2hash = new byte[blake.getDigestSize()];
-        blake.doFinal(blake2hash, 0);
-
-        return blake2hash;
-    }
-
-    /**
-     * H' - hash - variable length hash function
-     */
-    private byte[] hash(byte[] input, int outputLength)
-    {
-        byte[] result = new byte[outputLength];
-        byte[] outlenBytes = Pack.intToLittleEndian(outputLength);
-
-        int blake2bLength = 64;
-
-        if (outputLength <= blake2bLength)
-        {
-            Blake2bDigest blake = new Blake2bDigest(outputLength * 8);
-
-            blake.update(outlenBytes, 0, outlenBytes.length);
-            blake.update(input, 0, input.length);
-            blake.doFinal(result, 0);
-        }
-        else
-        {
-            Blake2bDigest digest = new Blake2bDigest(blake2bLength * 8);
-            byte[] outBuffer = new byte[blake2bLength];
-
-            /* V1 */
-            digest.update(outlenBytes, 0, outlenBytes.length);
-            digest.update(input, 0, input.length);
-            digest.doFinal(outBuffer, 0);
-
-            System.arraycopy(outBuffer, 0, result, 0, blake2bLength / 2);
-
-            int r = ((outputLength + 31) / 32) - 2;
-
-            int position = blake2bLength / 2;
-
-            for (int i = 2; i <= r; i++, position += blake2bLength / 2)
-            {
-                /* V2 to Vr */
-                digest.update(outBuffer, 0, outBuffer.length);
-                digest.doFinal(outBuffer, 0);
-
-                System.arraycopy(outBuffer, 0, result, position, blake2bLength / 2);
-            }
-
-            int lastLength = outputLength - 32 * r;
-
-            /* Vr+1 */
-            digest = new Blake2bDigest(lastLength * 8);
-
-            digest.update(outBuffer, 0, outBuffer.length);
-            digest.doFinal(result, position);
-        }
-
-        return result;
-    }
-
-    private void roundFunction(Block block,
-                               int v0, int v1, int v2, int v3,
-                               int v4, int v5, int v6, int v7,
-                               int v8, int v9, int v10, int v11,
-                               int v12, int v13, int v14, int v15)
-    {
-
-        F(block, v0, v4, v8, v12);
-        F(block, v1, v5, v9, v13);
-        F(block, v2, v6, v10, v14);
-        F(block, v3, v7, v11, v15);
-
-        F(block, v0, v5, v10, v15);
-        F(block, v1, v6, v11, v12);
-        F(block, v2, v7, v8, v13);
-        F(block, v3, v4, v9, v14);
-    }
-
-    private void F(Block block, int a, int b, int c, int d)
-    {
-        fBlaMka(block, a, b);
-        rotr64(block, d, a, 32);
-
-        fBlaMka(block, c, d);
-        rotr64(block, b, c, 24);
-
-        fBlaMka(block, a, b);
-        rotr64(block, d, a, 16);
-
-        fBlaMka(block, c, d);
-        rotr64(block, b, c, 63);
-    }
-
-    /*designed by the Lyra PHC team */
-    /* a <- a + b + 2*aL*bL
-     * + == addition modulo 2^64
-     * aL = least 32 bit */
-    private void fBlaMka(Block block, int x, int y)
-    {
-        final long m = 0xFFFFFFFFL;
-        final long xy = (block.v[x] & m) * (block.v[y] & m);
-
-        block.v[x] = block.v[x] + block.v[y] + 2 * xy;
-    }
-
-    private void rotr64(Block block, int v, int w, long c)
-    {
-        final long temp = block.v[v] ^ block.v[w];
-        block.v[v] = (temp >>> c) | (temp << (64 - c));
-    }
-
-    private void initialize(byte[] password, int outputLength)
-    {
-        byte[] initialHash = initialHash(parameters, outputLength, password);
-        
-        fillFirstBlocks(initialHash);
-    }
-
-    private static void addIntToLittleEndian(Digest digest, int n)
-    {
-        digest.update((byte)(n       ));
-        digest.update((byte)(n >>>  8));
-        digest.update((byte)(n >>> 16));
-        digest.update((byte)(n >>> 24));
-    }
-
-    private static void addByteString(Digest digest, byte[] octets)
-    {
-        if (octets != null)
-        {
-            addIntToLittleEndian(digest, octets.length);
-            digest.update(octets, 0, octets.length);
-        }
-        else
-        {
-            addIntToLittleEndian(digest, 0);
-        }
-    }
-
-    /**
-     * (H0 || 0 || i) 72 byte -> 1024 byte
-     * (H0 || 1 || i) 72 byte -> 1024 byte
-     */
-    private void fillFirstBlocks(byte[] initialHash)
-    {
-        final byte[] zeroBytes = {0, 0, 0, 0};
-        final byte[] oneBytes = {1, 0, 0, 0};
-
-        byte[] initialHashWithZeros = getInitialHashLong(initialHash, zeroBytes);
-        byte[] initialHashWithOnes = getInitialHashLong(initialHash, oneBytes);
-
-        for (int i = 0; i < parameters.getLanes(); i++)
-        {
-            Pack.intToLittleEndian(i, initialHashWithZeros, ARGON2_PREHASH_DIGEST_LENGTH + 4);
-            Pack.intToLittleEndian(i, initialHashWithOnes, ARGON2_PREHASH_DIGEST_LENGTH + 4);
-
-            byte[] blockhashBytes = hash(initialHashWithZeros, ARGON2_BLOCK_SIZE);
-            memory[i * laneLength + 0].fromBytes(blockhashBytes);
-
-            blockhashBytes = hash(initialHashWithOnes, ARGON2_BLOCK_SIZE);
-            memory[i * laneLength + 1].fromBytes(blockhashBytes);
-        }
-    }
-
-    private byte[] getInitialHashLong(byte[] initialHash, byte[] appendix)
-    {
-        byte[] initialHashLong = new byte[ARGON2_PREHASH_SEED_LENGTH];
-
-        System.arraycopy(initialHash, 0, initialHashLong, 0, ARGON2_PREHASH_DIGEST_LENGTH);
-        System.arraycopy(appendix, 0, initialHashLong, ARGON2_PREHASH_DIGEST_LENGTH, 4);
-
-        return initialHashLong;
-    }
-
-    private long intToLong(int x)
-    {
-        return (long)(x & 0xffffffffL);
-    }
-    
-    private static class Block
-    {
-        /* 128 * 8 Byte QWords */
-        private long[] v;
-
-        private Block()
-        {
-            v = new long[ARGON2_QWORDS_IN_BLOCK];
-        }
-
-        void fromBytes(byte[] input)
-        {
-            if (input.length != ARGON2_BLOCK_SIZE)
-            {
-                throw new IllegalArgumentException("input shorter than blocksize");
-            }
-
-            for (int i = 0; i < v.length; i++)
-            {
-                v[i] = Pack.littleEndianToLong(input, i * 8);
-            }
-        }
-
-        byte[] toBytes()
-        {
-            byte[] result = new byte[ARGON2_BLOCK_SIZE];
-
-            for (int i = 0; i < v.length; i++)
-            {
-                Pack.longToLittleEndian(v[i], result, i * 8);
-            }
-
-            return result;
-        }
-
-        private void copyBlock(Block other)
-        {
-            System.arraycopy(other.v, 0, v, 0, v.length);
-        }
-
-        private void xor(Block b1, Block b2)
-        {
-            for (int i = 0; i < v.length; i++)
-            {
-                v[i] = b1.v[i] ^ b2.v[i];
-            }
-        }
-
-        public void xor(Block b1, Block b2, Block b3)
-        {
-            for (int i = 0; i < v.length; i++)
-            {
-                v[i] = b1.v[i] ^ b2.v[i] ^ b3.v[i];
-            }
-        }
-
-        private void xorWith(Block other)
-        {
-            for (int i = 0; i < v.length; i++)
-            {
-                v[i] = v[i] ^ other.v[i];
-            }
-        }
-        
-        public String toString()
-        {
-            StringBuffer result = new StringBuffer();
-            for (int i = 0; i < v.length; i++)
-            {
-                result.append(Hex.toHexString(Pack.longToLittleEndian(v[i])));
-            }
-
-            return result.toString();
-        }
-
-        public void clear()
-        {
-            Arrays.fill(v, 0);
-        }
-    }
-
-    private static class Position
-    {
-        int pass;
-        int lane;
-        int slice;
-        int index;
-
-        Position(int pass, int lane, int slice, int index)
-        {
-            this.pass = pass;
-            this.lane = lane;
-            this.slice = slice;
-            this.index = index;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/BCrypt.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/BCrypt.java
deleted file mode 100644
index 80eab44..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/BCrypt.java
+++ /dev/null

@@ -1,649 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Pack;
-import org.bouncycastle.util.Strings;
-
-/**
- * Core of password hashing scheme Bcrypt,
- * designed by Niels Provos and David Mazières,
- * corresponds to the C reference implementation.
- * <p>
- * This implementation does not correspondent to the 1999 published paper
- * "A Future-Adaptable Password Scheme" of Niels Provos and David Mazières,
- * see: https://www.usenix.org/legacy/events/usenix99/provos/provos_html/node1.html.
- * In contrast to the paper, the order of key setup and salt setup is reversed:
- * state &lt;- ExpandKey(state, 0, key)
- * state &lt;- ExpandKey(state, 0, salt)
- * This corresponds to the OpenBSD reference implementation of Bcrypt. 
- * </p><p>
- * Note: 
- * There is no successful cryptanalysis (status 2015), but
- * the amount of memory and the band width of Bcrypt
- * may be insufficient to effectively prevent attacks 
- * with custom hardware like FPGAs, ASICs
- * </p><p>
- * This implementation uses some parts of Bouncy Castle's BlowfishEngine.
- * </p>
- */
-public final class BCrypt
-{
-    // magic String "OrpheanBeholderScryDoubt" is used as clear text for encryption
-    private static final int[] MAGIC_STRING =
-        {
-            0x4F727068, 0x65616E42, 0x65686F6C,
-            0x64657253, 0x63727944, 0x6F756274
-        };
-    final static int MAGIC_STRING_LENGTH = 6;
-
-
-    private final static int[]
-        KP = {
-        0x243F6A88, 0x85A308D3, 0x13198A2E, 0x03707344,
-        0xA4093822, 0x299F31D0, 0x082EFA98, 0xEC4E6C89,
-        0x452821E6, 0x38D01377, 0xBE5466CF, 0x34E90C6C,
-        0xC0AC29B7, 0xC97C50DD, 0x3F84D5B5, 0xB5470917,
-        0x9216D5D9, 0x8979FB1B
-    },
-
-    KS0 = {
-        0xD1310BA6, 0x98DFB5AC, 0x2FFD72DB, 0xD01ADFB7,
-        0xB8E1AFED, 0x6A267E96, 0xBA7C9045, 0xF12C7F99,
-        0x24A19947, 0xB3916CF7, 0x0801F2E2, 0x858EFC16,
-        0x636920D8, 0x71574E69, 0xA458FEA3, 0xF4933D7E,
-        0x0D95748F, 0x728EB658, 0x718BCD58, 0x82154AEE,
-        0x7B54A41D, 0xC25A59B5, 0x9C30D539, 0x2AF26013,
-        0xC5D1B023, 0x286085F0, 0xCA417918, 0xB8DB38EF,
-        0x8E79DCB0, 0x603A180E, 0x6C9E0E8B, 0xB01E8A3E,
-        0xD71577C1, 0xBD314B27, 0x78AF2FDA, 0x55605C60,
-        0xE65525F3, 0xAA55AB94, 0x57489862, 0x63E81440,
-        0x55CA396A, 0x2AAB10B6, 0xB4CC5C34, 0x1141E8CE,
-        0xA15486AF, 0x7C72E993, 0xB3EE1411, 0x636FBC2A,
-        0x2BA9C55D, 0x741831F6, 0xCE5C3E16, 0x9B87931E,
-        0xAFD6BA33, 0x6C24CF5C, 0x7A325381, 0x28958677,
-        0x3B8F4898, 0x6B4BB9AF, 0xC4BFE81B, 0x66282193,
-        0x61D809CC, 0xFB21A991, 0x487CAC60, 0x5DEC8032,
-        0xEF845D5D, 0xE98575B1, 0xDC262302, 0xEB651B88,
-        0x23893E81, 0xD396ACC5, 0x0F6D6FF3, 0x83F44239,
-        0x2E0B4482, 0xA4842004, 0x69C8F04A, 0x9E1F9B5E,
-        0x21C66842, 0xF6E96C9A, 0x670C9C61, 0xABD388F0,
-        0x6A51A0D2, 0xD8542F68, 0x960FA728, 0xAB5133A3,
-        0x6EEF0B6C, 0x137A3BE4, 0xBA3BF050, 0x7EFB2A98,
-        0xA1F1651D, 0x39AF0176, 0x66CA593E, 0x82430E88,
-        0x8CEE8619, 0x456F9FB4, 0x7D84A5C3, 0x3B8B5EBE,
-        0xE06F75D8, 0x85C12073, 0x401A449F, 0x56C16AA6,
-        0x4ED3AA62, 0x363F7706, 0x1BFEDF72, 0x429B023D,
-        0x37D0D724, 0xD00A1248, 0xDB0FEAD3, 0x49F1C09B,
-        0x075372C9, 0x80991B7B, 0x25D479D8, 0xF6E8DEF7,
-        0xE3FE501A, 0xB6794C3B, 0x976CE0BD, 0x04C006BA,
-        0xC1A94FB6, 0x409F60C4, 0x5E5C9EC2, 0x196A2463,
-        0x68FB6FAF, 0x3E6C53B5, 0x1339B2EB, 0x3B52EC6F,
-        0x6DFC511F, 0x9B30952C, 0xCC814544, 0xAF5EBD09,
-        0xBEE3D004, 0xDE334AFD, 0x660F2807, 0x192E4BB3,
-        0xC0CBA857, 0x45C8740F, 0xD20B5F39, 0xB9D3FBDB,
-        0x5579C0BD, 0x1A60320A, 0xD6A100C6, 0x402C7279,
-        0x679F25FE, 0xFB1FA3CC, 0x8EA5E9F8, 0xDB3222F8,
-        0x3C7516DF, 0xFD616B15, 0x2F501EC8, 0xAD0552AB,
-        0x323DB5FA, 0xFD238760, 0x53317B48, 0x3E00DF82,
-        0x9E5C57BB, 0xCA6F8CA0, 0x1A87562E, 0xDF1769DB,
-        0xD542A8F6, 0x287EFFC3, 0xAC6732C6, 0x8C4F5573,
-        0x695B27B0, 0xBBCA58C8, 0xE1FFA35D, 0xB8F011A0,
-        0x10FA3D98, 0xFD2183B8, 0x4AFCB56C, 0x2DD1D35B,
-        0x9A53E479, 0xB6F84565, 0xD28E49BC, 0x4BFB9790,
-        0xE1DDF2DA, 0xA4CB7E33, 0x62FB1341, 0xCEE4C6E8,
-        0xEF20CADA, 0x36774C01, 0xD07E9EFE, 0x2BF11FB4,
-        0x95DBDA4D, 0xAE909198, 0xEAAD8E71, 0x6B93D5A0,
-        0xD08ED1D0, 0xAFC725E0, 0x8E3C5B2F, 0x8E7594B7,
-        0x8FF6E2FB, 0xF2122B64, 0x8888B812, 0x900DF01C,
-        0x4FAD5EA0, 0x688FC31C, 0xD1CFF191, 0xB3A8C1AD,
-        0x2F2F2218, 0xBE0E1777, 0xEA752DFE, 0x8B021FA1,
-        0xE5A0CC0F, 0xB56F74E8, 0x18ACF3D6, 0xCE89E299,
-        0xB4A84FE0, 0xFD13E0B7, 0x7CC43B81, 0xD2ADA8D9,
-        0x165FA266, 0x80957705, 0x93CC7314, 0x211A1477,
-        0xE6AD2065, 0x77B5FA86, 0xC75442F5, 0xFB9D35CF,
-        0xEBCDAF0C, 0x7B3E89A0, 0xD6411BD3, 0xAE1E7E49,
-        0x00250E2D, 0x2071B35E, 0x226800BB, 0x57B8E0AF,
-        0x2464369B, 0xF009B91E, 0x5563911D, 0x59DFA6AA,
-        0x78C14389, 0xD95A537F, 0x207D5BA2, 0x02E5B9C5,
-        0x83260376, 0x6295CFA9, 0x11C81968, 0x4E734A41,
-        0xB3472DCA, 0x7B14A94A, 0x1B510052, 0x9A532915,
-        0xD60F573F, 0xBC9BC6E4, 0x2B60A476, 0x81E67400,
-        0x08BA6FB5, 0x571BE91F, 0xF296EC6B, 0x2A0DD915,
-        0xB6636521, 0xE7B9F9B6, 0xFF34052E, 0xC5855664,
-        0x53B02D5D, 0xA99F8FA1, 0x08BA4799, 0x6E85076A
-    },
-
-    KS1 = {
-        0x4B7A70E9, 0xB5B32944, 0xDB75092E, 0xC4192623,
-        0xAD6EA6B0, 0x49A7DF7D, 0x9CEE60B8, 0x8FEDB266,
-        0xECAA8C71, 0x699A17FF, 0x5664526C, 0xC2B19EE1,
-        0x193602A5, 0x75094C29, 0xA0591340, 0xE4183A3E,
-        0x3F54989A, 0x5B429D65, 0x6B8FE4D6, 0x99F73FD6,
-        0xA1D29C07, 0xEFE830F5, 0x4D2D38E6, 0xF0255DC1,
-        0x4CDD2086, 0x8470EB26, 0x6382E9C6, 0x021ECC5E,
-        0x09686B3F, 0x3EBAEFC9, 0x3C971814, 0x6B6A70A1,
-        0x687F3584, 0x52A0E286, 0xB79C5305, 0xAA500737,
-        0x3E07841C, 0x7FDEAE5C, 0x8E7D44EC, 0x5716F2B8,
-        0xB03ADA37, 0xF0500C0D, 0xF01C1F04, 0x0200B3FF,
-        0xAE0CF51A, 0x3CB574B2, 0x25837A58, 0xDC0921BD,
-        0xD19113F9, 0x7CA92FF6, 0x94324773, 0x22F54701,
-        0x3AE5E581, 0x37C2DADC, 0xC8B57634, 0x9AF3DDA7,
-        0xA9446146, 0x0FD0030E, 0xECC8C73E, 0xA4751E41,
-        0xE238CD99, 0x3BEA0E2F, 0x3280BBA1, 0x183EB331,
-        0x4E548B38, 0x4F6DB908, 0x6F420D03, 0xF60A04BF,
-        0x2CB81290, 0x24977C79, 0x5679B072, 0xBCAF89AF,
-        0xDE9A771F, 0xD9930810, 0xB38BAE12, 0xDCCF3F2E,
-        0x5512721F, 0x2E6B7124, 0x501ADDE6, 0x9F84CD87,
-        0x7A584718, 0x7408DA17, 0xBC9F9ABC, 0xE94B7D8C,
-        0xEC7AEC3A, 0xDB851DFA, 0x63094366, 0xC464C3D2,
-        0xEF1C1847, 0x3215D908, 0xDD433B37, 0x24C2BA16,
-        0x12A14D43, 0x2A65C451, 0x50940002, 0x133AE4DD,
-        0x71DFF89E, 0x10314E55, 0x81AC77D6, 0x5F11199B,
-        0x043556F1, 0xD7A3C76B, 0x3C11183B, 0x5924A509,
-        0xF28FE6ED, 0x97F1FBFA, 0x9EBABF2C, 0x1E153C6E,
-        0x86E34570, 0xEAE96FB1, 0x860E5E0A, 0x5A3E2AB3,
-        0x771FE71C, 0x4E3D06FA, 0x2965DCB9, 0x99E71D0F,
-        0x803E89D6, 0x5266C825, 0x2E4CC978, 0x9C10B36A,
-        0xC6150EBA, 0x94E2EA78, 0xA5FC3C53, 0x1E0A2DF4,
-        0xF2F74EA7, 0x361D2B3D, 0x1939260F, 0x19C27960,
-        0x5223A708, 0xF71312B6, 0xEBADFE6E, 0xEAC31F66,
-        0xE3BC4595, 0xA67BC883, 0xB17F37D1, 0x018CFF28,
-        0xC332DDEF, 0xBE6C5AA5, 0x65582185, 0x68AB9802,
-        0xEECEA50F, 0xDB2F953B, 0x2AEF7DAD, 0x5B6E2F84,
-        0x1521B628, 0x29076170, 0xECDD4775, 0x619F1510,
-        0x13CCA830, 0xEB61BD96, 0x0334FE1E, 0xAA0363CF,
-        0xB5735C90, 0x4C70A239, 0xD59E9E0B, 0xCBAADE14,
-        0xEECC86BC, 0x60622CA7, 0x9CAB5CAB, 0xB2F3846E,
-        0x648B1EAF, 0x19BDF0CA, 0xA02369B9, 0x655ABB50,
-        0x40685A32, 0x3C2AB4B3, 0x319EE9D5, 0xC021B8F7,
-        0x9B540B19, 0x875FA099, 0x95F7997E, 0x623D7DA8,
-        0xF837889A, 0x97E32D77, 0x11ED935F, 0x16681281,
-        0x0E358829, 0xC7E61FD6, 0x96DEDFA1, 0x7858BA99,
-        0x57F584A5, 0x1B227263, 0x9B83C3FF, 0x1AC24696,
-        0xCDB30AEB, 0x532E3054, 0x8FD948E4, 0x6DBC3128,
-        0x58EBF2EF, 0x34C6FFEA, 0xFE28ED61, 0xEE7C3C73,
-        0x5D4A14D9, 0xE864B7E3, 0x42105D14, 0x203E13E0,
-        0x45EEE2B6, 0xA3AAABEA, 0xDB6C4F15, 0xFACB4FD0,
-        0xC742F442, 0xEF6ABBB5, 0x654F3B1D, 0x41CD2105,
-        0xD81E799E, 0x86854DC7, 0xE44B476A, 0x3D816250,
-        0xCF62A1F2, 0x5B8D2646, 0xFC8883A0, 0xC1C7B6A3,
-        0x7F1524C3, 0x69CB7492, 0x47848A0B, 0x5692B285,
-        0x095BBF00, 0xAD19489D, 0x1462B174, 0x23820E00,
-        0x58428D2A, 0x0C55F5EA, 0x1DADF43E, 0x233F7061,
-        0x3372F092, 0x8D937E41, 0xD65FECF1, 0x6C223BDB,
-        0x7CDE3759, 0xCBEE7460, 0x4085F2A7, 0xCE77326E,
-        0xA6078084, 0x19F8509E, 0xE8EFD855, 0x61D99735,
-        0xA969A7AA, 0xC50C06C2, 0x5A04ABFC, 0x800BCADC,
-        0x9E447A2E, 0xC3453484, 0xFDD56705, 0x0E1E9EC9,
-        0xDB73DBD3, 0x105588CD, 0x675FDA79, 0xE3674340,
-        0xC5C43465, 0x713E38D8, 0x3D28F89E, 0xF16DFF20,
-        0x153E21E7, 0x8FB03D4A, 0xE6E39F2B, 0xDB83ADF7
-    },
-
-    KS2 = {
-        0xE93D5A68, 0x948140F7, 0xF64C261C, 0x94692934,
-        0x411520F7, 0x7602D4F7, 0xBCF46B2E, 0xD4A20068,
-        0xD4082471, 0x3320F46A, 0x43B7D4B7, 0x500061AF,
-        0x1E39F62E, 0x97244546, 0x14214F74, 0xBF8B8840,
-        0x4D95FC1D, 0x96B591AF, 0x70F4DDD3, 0x66A02F45,
-        0xBFBC09EC, 0x03BD9785, 0x7FAC6DD0, 0x31CB8504,
-        0x96EB27B3, 0x55FD3941, 0xDA2547E6, 0xABCA0A9A,
-        0x28507825, 0x530429F4, 0x0A2C86DA, 0xE9B66DFB,
-        0x68DC1462, 0xD7486900, 0x680EC0A4, 0x27A18DEE,
-        0x4F3FFEA2, 0xE887AD8C, 0xB58CE006, 0x7AF4D6B6,
-        0xAACE1E7C, 0xD3375FEC, 0xCE78A399, 0x406B2A42,
-        0x20FE9E35, 0xD9F385B9, 0xEE39D7AB, 0x3B124E8B,
-        0x1DC9FAF7, 0x4B6D1856, 0x26A36631, 0xEAE397B2,
-        0x3A6EFA74, 0xDD5B4332, 0x6841E7F7, 0xCA7820FB,
-        0xFB0AF54E, 0xD8FEB397, 0x454056AC, 0xBA489527,
-        0x55533A3A, 0x20838D87, 0xFE6BA9B7, 0xD096954B,
-        0x55A867BC, 0xA1159A58, 0xCCA92963, 0x99E1DB33,
-        0xA62A4A56, 0x3F3125F9, 0x5EF47E1C, 0x9029317C,
-        0xFDF8E802, 0x04272F70, 0x80BB155C, 0x05282CE3,
-        0x95C11548, 0xE4C66D22, 0x48C1133F, 0xC70F86DC,
-        0x07F9C9EE, 0x41041F0F, 0x404779A4, 0x5D886E17,
-        0x325F51EB, 0xD59BC0D1, 0xF2BCC18F, 0x41113564,
-        0x257B7834, 0x602A9C60, 0xDFF8E8A3, 0x1F636C1B,
-        0x0E12B4C2, 0x02E1329E, 0xAF664FD1, 0xCAD18115,
-        0x6B2395E0, 0x333E92E1, 0x3B240B62, 0xEEBEB922,
-        0x85B2A20E, 0xE6BA0D99, 0xDE720C8C, 0x2DA2F728,
-        0xD0127845, 0x95B794FD, 0x647D0862, 0xE7CCF5F0,
-        0x5449A36F, 0x877D48FA, 0xC39DFD27, 0xF33E8D1E,
-        0x0A476341, 0x992EFF74, 0x3A6F6EAB, 0xF4F8FD37,
-        0xA812DC60, 0xA1EBDDF8, 0x991BE14C, 0xDB6E6B0D,
-        0xC67B5510, 0x6D672C37, 0x2765D43B, 0xDCD0E804,
-        0xF1290DC7, 0xCC00FFA3, 0xB5390F92, 0x690FED0B,
-        0x667B9FFB, 0xCEDB7D9C, 0xA091CF0B, 0xD9155EA3,
-        0xBB132F88, 0x515BAD24, 0x7B9479BF, 0x763BD6EB,
-        0x37392EB3, 0xCC115979, 0x8026E297, 0xF42E312D,
-        0x6842ADA7, 0xC66A2B3B, 0x12754CCC, 0x782EF11C,
-        0x6A124237, 0xB79251E7, 0x06A1BBE6, 0x4BFB6350,
-        0x1A6B1018, 0x11CAEDFA, 0x3D25BDD8, 0xE2E1C3C9,
-        0x44421659, 0x0A121386, 0xD90CEC6E, 0xD5ABEA2A,
-        0x64AF674E, 0xDA86A85F, 0xBEBFE988, 0x64E4C3FE,
-        0x9DBC8057, 0xF0F7C086, 0x60787BF8, 0x6003604D,
-        0xD1FD8346, 0xF6381FB0, 0x7745AE04, 0xD736FCCC,
-        0x83426B33, 0xF01EAB71, 0xB0804187, 0x3C005E5F,
-        0x77A057BE, 0xBDE8AE24, 0x55464299, 0xBF582E61,
-        0x4E58F48F, 0xF2DDFDA2, 0xF474EF38, 0x8789BDC2,
-        0x5366F9C3, 0xC8B38E74, 0xB475F255, 0x46FCD9B9,
-        0x7AEB2661, 0x8B1DDF84, 0x846A0E79, 0x915F95E2,
-        0x466E598E, 0x20B45770, 0x8CD55591, 0xC902DE4C,
-        0xB90BACE1, 0xBB8205D0, 0x11A86248, 0x7574A99E,
-        0xB77F19B6, 0xE0A9DC09, 0x662D09A1, 0xC4324633,
-        0xE85A1F02, 0x09F0BE8C, 0x4A99A025, 0x1D6EFE10,
-        0x1AB93D1D, 0x0BA5A4DF, 0xA186F20F, 0x2868F169,
-        0xDCB7DA83, 0x573906FE, 0xA1E2CE9B, 0x4FCD7F52,
-        0x50115E01, 0xA70683FA, 0xA002B5C4, 0x0DE6D027,
-        0x9AF88C27, 0x773F8641, 0xC3604C06, 0x61A806B5,
-        0xF0177A28, 0xC0F586E0, 0x006058AA, 0x30DC7D62,
-        0x11E69ED7, 0x2338EA63, 0x53C2DD94, 0xC2C21634,
-        0xBBCBEE56, 0x90BCB6DE, 0xEBFC7DA1, 0xCE591D76,
-        0x6F05E409, 0x4B7C0188, 0x39720A3D, 0x7C927C24,
-        0x86E3725F, 0x724D9DB9, 0x1AC15BB4, 0xD39EB8FC,
-        0xED545578, 0x08FCA5B5, 0xD83D7CD3, 0x4DAD0FC4,
-        0x1E50EF5E, 0xB161E6F8, 0xA28514D9, 0x6C51133C,
-        0x6FD5C7E7, 0x56E14EC4, 0x362ABFCE, 0xDDC6C837,
-        0xD79A3234, 0x92638212, 0x670EFA8E, 0x406000E0
-    },
-
-    KS3 = {
-        0x3A39CE37, 0xD3FAF5CF, 0xABC27737, 0x5AC52D1B,
-        0x5CB0679E, 0x4FA33742, 0xD3822740, 0x99BC9BBE,
-        0xD5118E9D, 0xBF0F7315, 0xD62D1C7E, 0xC700C47B,
-        0xB78C1B6B, 0x21A19045, 0xB26EB1BE, 0x6A366EB4,
-        0x5748AB2F, 0xBC946E79, 0xC6A376D2, 0x6549C2C8,
-        0x530FF8EE, 0x468DDE7D, 0xD5730A1D, 0x4CD04DC6,
-        0x2939BBDB, 0xA9BA4650, 0xAC9526E8, 0xBE5EE304,
-        0xA1FAD5F0, 0x6A2D519A, 0x63EF8CE2, 0x9A86EE22,
-        0xC089C2B8, 0x43242EF6, 0xA51E03AA, 0x9CF2D0A4,
-        0x83C061BA, 0x9BE96A4D, 0x8FE51550, 0xBA645BD6,
-        0x2826A2F9, 0xA73A3AE1, 0x4BA99586, 0xEF5562E9,
-        0xC72FEFD3, 0xF752F7DA, 0x3F046F69, 0x77FA0A59,
-        0x80E4A915, 0x87B08601, 0x9B09E6AD, 0x3B3EE593,
-        0xE990FD5A, 0x9E34D797, 0x2CF0B7D9, 0x022B8B51,
-        0x96D5AC3A, 0x017DA67D, 0xD1CF3ED6, 0x7C7D2D28,
-        0x1F9F25CF, 0xADF2B89B, 0x5AD6B472, 0x5A88F54C,
-        0xE029AC71, 0xE019A5E6, 0x47B0ACFD, 0xED93FA9B,
-        0xE8D3C48D, 0x283B57CC, 0xF8D56629, 0x79132E28,
-        0x785F0191, 0xED756055, 0xF7960E44, 0xE3D35E8C,
-        0x15056DD4, 0x88F46DBA, 0x03A16125, 0x0564F0BD,
-        0xC3EB9E15, 0x3C9057A2, 0x97271AEC, 0xA93A072A,
-        0x1B3F6D9B, 0x1E6321F5, 0xF59C66FB, 0x26DCF319,
-        0x7533D928, 0xB155FDF5, 0x03563482, 0x8ABA3CBB,
-        0x28517711, 0xC20AD9F8, 0xABCC5167, 0xCCAD925F,
-        0x4DE81751, 0x3830DC8E, 0x379D5862, 0x9320F991,
-        0xEA7A90C2, 0xFB3E7BCE, 0x5121CE64, 0x774FBE32,
-        0xA8B6E37E, 0xC3293D46, 0x48DE5369, 0x6413E680,
-        0xA2AE0810, 0xDD6DB224, 0x69852DFD, 0x09072166,
-        0xB39A460A, 0x6445C0DD, 0x586CDECF, 0x1C20C8AE,
-        0x5BBEF7DD, 0x1B588D40, 0xCCD2017F, 0x6BB4E3BB,
-        0xDDA26A7E, 0x3A59FF45, 0x3E350A44, 0xBCB4CDD5,
-        0x72EACEA8, 0xFA6484BB, 0x8D6612AE, 0xBF3C6F47,
-        0xD29BE463, 0x542F5D9E, 0xAEC2771B, 0xF64E6370,
-        0x740E0D8D, 0xE75B1357, 0xF8721671, 0xAF537D5D,
-        0x4040CB08, 0x4EB4E2CC, 0x34D2466A, 0x0115AF84,
-        0xE1B00428, 0x95983A1D, 0x06B89FB4, 0xCE6EA048,
-        0x6F3F3B82, 0x3520AB82, 0x011A1D4B, 0x277227F8,
-        0x611560B1, 0xE7933FDC, 0xBB3A792B, 0x344525BD,
-        0xA08839E1, 0x51CE794B, 0x2F32C9B7, 0xA01FBAC9,
-        0xE01CC87E, 0xBCC7D1F6, 0xCF0111C3, 0xA1E8AAC7,
-        0x1A908749, 0xD44FBD9A, 0xD0DADECB, 0xD50ADA38,
-        0x0339C32A, 0xC6913667, 0x8DF9317C, 0xE0B12B4F,
-        0xF79E59B7, 0x43F5BB3A, 0xF2D519FF, 0x27D9459C,
-        0xBF97222C, 0x15E6FC2A, 0x0F91FC71, 0x9B941525,
-        0xFAE59361, 0xCEB69CEB, 0xC2A86459, 0x12BAA8D1,
-        0xB6C1075E, 0xE3056A0C, 0x10D25065, 0xCB03A442,
-        0xE0EC6E0E, 0x1698DB3B, 0x4C98A0BE, 0x3278E964,
-        0x9F1F9532, 0xE0D392DF, 0xD3A0342B, 0x8971F21E,
-        0x1B0A7441, 0x4BA3348C, 0xC5BE7120, 0xC37632D8,
-        0xDF359F8D, 0x9B992F2E, 0xE60B6F47, 0x0FE3F11D,
-        0xE54CDA54, 0x1EDAD891, 0xCE6279CF, 0xCD3E7E6F,
-        0x1618B166, 0xFD2C1D05, 0x848FD2C5, 0xF6FB2299,
-        0xF523F357, 0xA6327623, 0x93A83531, 0x56CCCD02,
-        0xACF08162, 0x5A75EBB5, 0x6E163697, 0x88D273CC,
-        0xDE966292, 0x81B949D0, 0x4C50901B, 0x71C65614,
-        0xE6C6C7BD, 0x327A140A, 0x45E1D006, 0xC3F27B9A,
-        0xC9AA53FD, 0x62A80F00, 0xBB25BFE2, 0x35BDD2F6,
-        0x71126905, 0xB2040222, 0xB6CBCF7C, 0xCD769C2B,
-        0x53113EC0, 0x1640E3D3, 0x38ABBD60, 0x2547ADF0,
-        0xBA38209C, 0xF746CE76, 0x77AFA1C5, 0x20756060,
-        0x85CBFE4E, 0x8AE88DD8, 0x7AAAF9B0, 0x4CF9AA7E,
-        0x1948C25C, 0x02FB8A8C, 0x01C36AE4, 0xD6EBE1F9,
-        0x90D4F869, 0xA65CDEA0, 0x3F09252D, 0xC208E69F,
-        0xB74E6132, 0xCE77E25B, 0x578FDFE3, 0x3AC372E6
-    };
-
-    //====================================
-    // Useful constants
-    //====================================
-
-    private static final int ROUNDS = 16;
-    private static final int SBOX_SK = 256;
-    private static final int SBOX_SK2 = SBOX_SK * 2;
-    private static final int SBOX_SK3 = SBOX_SK * 3;
-    private static final int P_SZ = ROUNDS + 2;
-
-
-    private final int[] S;    // the s-boxes
-    private final int[] P;    // the p-array
-
-    private BCrypt()
-    {
-        S = new int[SBOX_SK * 4];
-        P = new int[P_SZ];
-    }
-
-    //==================================
-    // Private Implementation
-    //==================================
-
-    private int F(int x)
-    {
-        return (((S[(x >>> 24)] + S[SBOX_SK + ((x >>> 16) & 0xff)])
-            ^ S[SBOX_SK2 + ((x >>> 8) & 0xff)]) + S[SBOX_SK3 + (x & 0xff)]);
-    }
-
-    /*
-     * apply the encryption cycle to each value pair in the table.
-     */
-    private void processTable(
-        int xl,
-        int xr,
-        int[] table)
-    {
-        int size = table.length;
-
-        for (int s = 0; s < size; s += 2)
-        {
-            xl ^= P[0];
-
-            for (int i = 1; i < ROUNDS; i += 2)
-            {
-                xr ^= F(xl) ^ P[i];
-                xl ^= F(xr) ^ P[i + 1];
-            }
-
-            xr ^= P[ROUNDS + 1];
-
-            table[s] = xr;
-            table[s + 1] = xl;
-
-            xr = xl;            // end of cycle swap
-            xl = table[s];
-        }
-    }
-
-    /*
-     * Initialize the S-boxes and the P-array, with a fixed string
-     * This string contains the hexadecimal digits of pi (3.141...)
-     */
-    private void initState()
-    {
-        System.arraycopy(KS0, 0, S, 0, SBOX_SK);
-        System.arraycopy(KS1, 0, S, SBOX_SK, SBOX_SK);
-        System.arraycopy(KS2, 0, S, SBOX_SK2, SBOX_SK);
-        System.arraycopy(KS3, 0, S, SBOX_SK3, SBOX_SK);
-
-        System.arraycopy(KP, 0, P, 0, P_SZ);
-
-    }
-
-    /*
-     * XOR P with key cyclic.
-     * This is the first part of ExpandKey function
-     */
-    private final void cyclicXorKey(byte[] key)
-    {
-        int keyLength = key.length;
-        int keyIndex = 0;
-
-        for (int i = 0; i < P_SZ; i++)
-        {
-            // get the 32 bits of the key, in 4 * 8 bit chunks
-            int data = 0x0000000;
-            for (int j = 0; j < 4; j++)
-            {
-                // create a 32 bit block
-                data = (data << 8) | (key[keyIndex++] & 0xff);
-
-                // wrap when we get to the end of the key
-                if (keyIndex >= keyLength)
-                {
-                    keyIndex = 0;
-                }
-            }
-            // XOR the newly created 32 bit chunk onto the P-array
-            P[i] ^= data;
-        }
-    }
-
-
-    /*
-     *  encrypt magic String 64 times in ECB
-     */
-    private byte[] encryptMagicString()
-    {
-        int[] text = {
-            MAGIC_STRING[0], MAGIC_STRING[1],
-            MAGIC_STRING[2], MAGIC_STRING[3],
-            MAGIC_STRING[4], MAGIC_STRING[5]
-        };
-        for (int i = 0; i < 64; i++)
-        {
-            for (int j = 0; j < MAGIC_STRING_LENGTH; j += 2)
-            {
-                int left = text[j];
-                int right = text[j + 1];
-
-                left ^= P[0];
-                for (int k = 1; k < ROUNDS; k += 2)
-                {
-                    right ^= F(left) ^ P[k];
-                    left ^= F(right) ^ P[k + 1];
-                }
-                right ^= P[ROUNDS + 1];
-                // swap values:
-                text[j] = right;
-                text[j + 1] = left;
-            }
-        }
-        byte[] result = new byte[24]; // holds 192 bit key
-        Pack.intToBigEndian(text, result, 0);
-        Arrays.fill(text, 0);
-        Arrays.fill(P, 0);
-        Arrays.fill(S, 0);
-
-        return result;
-    }
-
-    /*
-     * This is a part of Eksblowfish function
-     *
-     * @param 	table: sub-keys or working key
-     * @param 	salt32Bit: a 16 byte salt as two 32 bit words
-     * @param 	iv1: value from last proceeded table
-     * @param 	iv2: value from last proceeded table
-     */
-    private void processTableWithSalt(
-        int[] table,
-        int[] salt32Bit,
-        int iv1,
-        int iv2)
-    {
-        int xl = iv1 ^ salt32Bit[0];
-        int xr = iv2 ^ salt32Bit[1];
-
-        int yl;
-        int yr;
-        int size = table.length;
-
-        for (int s = 0; s < size; s += 4)
-        {
-            xl ^= P[0];
-            for (int i = 1; i < ROUNDS; i += 2)
-            {
-                xr ^= F(xl) ^ P[i];
-                xl ^= F(xr) ^ P[i + 1];
-            }
-            xr ^= P[ROUNDS + 1];
-
-            table[s] = xr;
-            table[s + 1] = xl;
-
-            yl = salt32Bit[2] ^ xr;
-            yr = salt32Bit[3] ^ xl;
-
-            if (s + 2 >= size) // P holds 18 values
-            {
-                break;
-            }
-
-            yl ^= P[0];
-            for (int i = 1; i < ROUNDS; i += 2)
-            {
-                yr ^= F(yl) ^ P[i];
-                yl ^= F(yr) ^ P[i + 1];
-            }
-            yr ^= P[ROUNDS + 1];
-
-            table[s + 2] = yr;
-            table[s + 3] = yl;
-
-            xl = salt32Bit[0] ^ yr;
-            xr = salt32Bit[1] ^ yl;
-        }
-    }
-
-    /**
-     * Derives a raw 192 bit Bcrypt key
-     *
-     * @param cost the cost factor, treated as an exponent of 2
-     * @param salt a 16 byte salt
-     * @param psw  the password
-     * @return a 192 bit key
-     */
-    private final byte[] deriveRawKey(
-        int cost,
-        byte[] salt,
-        byte[] psw)
-    {
-        if (salt.length != 16)
-        {
-            throw new DataLengthException("Invalid salt size: 16 bytes expected.");
-        }
-        if (cost < 4 || cost > 31)
-        {
-            throw new IllegalArgumentException("Illegal cost factor: 4 - 31 expected.");
-        }
-
-        if (psw.length == 0)
-        {
-            psw = new byte[4];
-        }
-
-        // state <- InitState()
-        initState();
-
-        int[] salt32Bit = new int[4]; // holds 16 byte salt
-        Pack.bigEndianToInt(salt, 0, salt32Bit);
-
-        int[] salt32Bit2 = new int[salt.length]; // swapped values
-        salt32Bit2[0] = salt32Bit[2];
-        salt32Bit2[1] = salt32Bit[3];
-        salt32Bit2[2] = salt32Bit[0];
-        salt32Bit2[3] = salt32Bit[1];
-
-        // ExpandKey( state, salt, key):
-        cyclicXorKey(psw);
-        processTableWithSalt(P, salt32Bit, 0, 0);
-        Arrays.fill(salt32Bit, 0);
-        processTableWithSalt(S, salt32Bit2, P[P.length - 2], P[P.length - 1]);
-        Arrays.fill(salt32Bit2, 0);
-
-        int rounds = 1 << cost;
-        for (int i = 0; i != rounds; i++)        // rounds may be negative if cost is 31
-        {
-            // state <- ExpandKey(state, 0, key);
-            cyclicXorKey(psw);
-            processTable(0, 0, P);
-            processTable(P[P_SZ - 2], P[P_SZ - 1], S);
-
-            // state <- ExpandKey(state, 0, salt);
-            cyclicXorKey(salt);
-            processTable(0, 0, P);
-            processTable(P[P_SZ - 2], P[P_SZ - 1], S);
-        }
-
-        // encrypt magicString 64 times
-        return encryptMagicString();
-    }
-
-    /**
-     * Size of the salt parameter in bytes
-     */
-    static final int SALT_SIZE_BYTES = 16;
-
-    /**
-     * Minimum value of cost parameter, equal to log2(bytes of salt)
-     */
-    static final int MIN_COST = 4;
-
-    /**
-     * Maximum value of cost parameter (31 == 2,147,483,648)
-     */
-    static final int MAX_COST = 31;
-
-    /**
-     * Maximum size of password == max (unrestricted) size of Blowfish key
-     */
-    // Blowfish spec limits keys to 448bit/56 bytes to ensure all bits of key affect all ciphertext
-    // bits, but technically algorithm handles 72 byte keys and most implementations support this.
-    static final int MAX_PASSWORD_BYTES = 72;
-
-    /**
-     * Converts a character password to bytes incorporating the required trailing zero byte.
-     *
-     * @param password the password to be encoded.
-     * @return a byte representation of the password in UTF8 + trailing zero.
-     */
-    public static byte[] passwordToByteArray(char[] password)
-    {
-        return Arrays.append(Strings.toUTF8ByteArray(password), (byte)0);
-    }
-
-    /**
-     * Calculates the <b>bcrypt</b> hash of a password.
-     * <p>
-     * This implements the raw <b>bcrypt</b> function as defined in the bcrypt specification, not
-     * the crypt encoded version implemented in OpenBSD.
-     * </p>
-     * @param password the password bytes (up to 72 bytes) to use for this invocation.
-     * @param salt     the 128 bit salt to use for this invocation.
-     * @param cost     the bcrypt cost parameter. The cost of the bcrypt function grows as
-     *                 <code>2^cost</code>. Legal values are 4..31 inclusive.
-     * @return the output of the raw bcrypt operation: a 192 bit (24 byte) hash.
-     */
-    public static byte[] generate(byte[] password, byte[] salt, int cost)
-    {
-        if (password == null || salt == null)
-        {
-            throw new IllegalArgumentException("Password and salt are required");
-        }
-        if (salt.length != SALT_SIZE_BYTES)
-        {
-            throw new IllegalArgumentException("BCrypt salt must be 128 bits");
-        }
-        if (password.length > MAX_PASSWORD_BYTES)
-        {
-            throw new IllegalArgumentException("BCrypt password must be <= 72 bytes");
-        }
-        if (cost < MIN_COST || cost > MAX_COST)
-        {
-            throw new IllegalArgumentException("BCrypt cost must be from 4..31");
-        }
-
-        return new BCrypt().deriveRawKey(cost, salt, password);
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/BaseKDFBytesGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/BaseKDFBytesGenerator.java
deleted file mode 100644
index bc09ab9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/BaseKDFBytesGenerator.java
+++ /dev/null

@@ -1,144 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.DerivationParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.DigestDerivationFunction;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.ISO18033KDFParameters;
-import org.bouncycastle.crypto.params.KDFParameters;
-import org.bouncycastle.util.Pack;
-
-/**
- * Basic KDF generator for derived keys and ivs as defined by IEEE P1363a/ISO
- * 18033 <br>
- * This implementation is based on ISO 18033/P1363a.
- */
-public class BaseKDFBytesGenerator
-    implements DigestDerivationFunction
-{
-    private int    counterStart;
-    private Digest digest;
-    private byte[] shared;
-    private byte[] iv;
-
-    /**
-     * Construct a KDF Parameters generator.
-     * <p>
-     * 
-     * @param counterStart
-     *            value of counter.
-     * @param digest
-     *            the digest to be used as the source of derived keys.
-     */
-    protected BaseKDFBytesGenerator(int counterStart, Digest digest)
-    {
-        this.counterStart = counterStart;
-        this.digest = digest;
-    }
-
-    public void init(DerivationParameters param)
-    {
-        if (param instanceof KDFParameters)
-        {
-            KDFParameters p = (KDFParameters)param;
-
-            shared = p.getSharedSecret();
-            iv = p.getIV();
-        }
-        else if (param instanceof ISO18033KDFParameters)
-        {
-            ISO18033KDFParameters p = (ISO18033KDFParameters)param;
-
-            shared = p.getSeed();
-            iv = null;
-        }
-        else
-        {
-            throw new IllegalArgumentException("KDF parameters required for generator");
-        }
-    }
-
-    /**
-     * return the underlying digest.
-     */
-    public Digest getDigest()
-    {
-        return digest;
-    }
-
-    /**
-     * fill len bytes of the output buffer with bytes generated from the
-     * derivation function.
-     * 
-     * @throws IllegalArgumentException
-     *             if the size of the request will cause an overflow.
-     * @throws DataLengthException
-     *             if the out buffer is too small.
-     */
-    public int generateBytes(byte[] out, int outOff, int len) throws DataLengthException,
-            IllegalArgumentException
-    {
-        if ((out.length - len) < outOff)
-        {
-            throw new OutputLengthException("output buffer too small");
-        }
-
-        long oBytes = len;
-        int outLen = digest.getDigestSize();
-
-        //
-        // this is at odds with the standard implementation, the
-        // maximum value should be hBits * (2^32 - 1) where hBits
-        // is the digest output size in bits. We can't have an
-        // array with a long index at the moment...
-        //
-        if (oBytes > ((2L << 32) - 1))
-        {
-            throw new IllegalArgumentException("Output length too large");
-        }
-
-        int cThreshold = (int)((oBytes + outLen - 1) / outLen);
-
-        byte[] dig = new byte[digest.getDigestSize()];
-
-        byte[] C = new byte[4];
-        Pack.intToBigEndian(counterStart, C, 0);
-
-        int counterBase = counterStart & ~0xFF;
-
-        for (int i = 0; i < cThreshold; i++)
-        {
-            digest.update(shared, 0, shared.length);
-            digest.update(C, 0, C.length);
-
-            if (iv != null)
-            {
-                digest.update(iv, 0, iv.length);
-            }
-
-            digest.doFinal(dig, 0);
-
-            if (len > outLen)
-            {
-                System.arraycopy(dig, 0, out, outOff, outLen);
-                outOff += outLen;
-                len -= outLen;
-            }
-            else
-            {
-                System.arraycopy(dig, 0, out, outOff, len);
-            }
-
-            if (++C[3] == 0)
-            {
-                counterBase += 0x100;
-                Pack.intToBigEndian(counterBase, C, 0);
-            }
-        }
-
-        digest.reset();
-
-        return (int)oBytes;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/CramerShoupKeyPairGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/CramerShoupKeyPairGenerator.java
deleted file mode 100644
index 8fcdf85..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/CramerShoupKeyPairGenerator.java
+++ /dev/null

@@ -1,63 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.crypto.params.CramerShoupKeyGenerationParameters;
-import org.bouncycastle.crypto.params.CramerShoupParameters;
-import org.bouncycastle.crypto.params.CramerShoupPrivateKeyParameters;
-import org.bouncycastle.crypto.params.CramerShoupPublicKeyParameters;
-import org.bouncycastle.util.BigIntegers;
-
-/**
- * a Cramer Shoup key pair generator
- * 
- */
-public class CramerShoupKeyPairGenerator implements AsymmetricCipherKeyPairGenerator {
-	
-	private static final BigInteger ONE = BigInteger.valueOf(1);
-
-	private CramerShoupKeyGenerationParameters param;
-
-	public void init(KeyGenerationParameters param) {
-		this.param = (CramerShoupKeyGenerationParameters) param;
-	}
-
-	public AsymmetricCipherKeyPair generateKeyPair() {
-		CramerShoupParameters csParams = param.getParameters();
-
-		CramerShoupPrivateKeyParameters sk = generatePrivateKey(param.getRandom(), csParams);
-		CramerShoupPublicKeyParameters pk = calculatePublicKey(csParams, sk);
-		sk.setPk(pk);
-
-		return new AsymmetricCipherKeyPair(pk, sk);
-	}
-
-	private BigInteger generateRandomElement(BigInteger p, SecureRandom random) {
-		return BigIntegers.createRandomInRange(ONE, p.subtract(ONE), random);
-	}
-	
-	private CramerShoupPrivateKeyParameters generatePrivateKey(SecureRandom random, CramerShoupParameters csParams){
-		BigInteger p = csParams.getP();
-		CramerShoupPrivateKeyParameters key = new CramerShoupPrivateKeyParameters(csParams,
-				generateRandomElement(p, random), generateRandomElement(p, random),
-				generateRandomElement(p, random), generateRandomElement(p, random),
-				generateRandomElement(p, random));
-		return key;
-	}
-
-	private CramerShoupPublicKeyParameters calculatePublicKey(CramerShoupParameters csParams, CramerShoupPrivateKeyParameters sk) {
-		BigInteger g1 = csParams.getG1();
-		BigInteger g2 = csParams.getG2();
-		BigInteger p = csParams.getP();
-		
-		BigInteger c = g1.modPow(sk.getX1(), p).multiply(g2.modPow(sk.getX2(), p));
-		BigInteger d = g1.modPow(sk.getY1(), p).multiply(g2.modPow(sk.getY2(), p));
-		BigInteger h = g1.modPow(sk.getZ(), p);
-		
-		return new CramerShoupPublicKeyParameters(csParams, c, d, h);
-	}
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/CramerShoupParametersGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/CramerShoupParametersGenerator.java
deleted file mode 100644
index bfe8d93..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/CramerShoupParametersGenerator.java
+++ /dev/null

@@ -1,125 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.params.CramerShoupParameters;
-import org.bouncycastle.crypto.params.DHParameters;
-import org.bouncycastle.util.BigIntegers;
-
-public class CramerShoupParametersGenerator
-{
-    private static final BigInteger ONE = BigInteger.valueOf(1);
-
-    private int size;
-    private int certainty;
-    private SecureRandom random;
-
-    /**
-     * Initialise the parameters generator.
-     *
-     * @param size      bit length for the prime p
-     * @param certainty a measure of the uncertainty that the caller is willing to tolerate:
-     *                  the probability that the generated modulus is prime exceeds (1 - 1/2^certainty).
-     *                  The execution time of this method is proportional to the value of this parameter.
-     * @param random    a source of randomness
-     */
-    public void init(int size, int certainty, SecureRandom random)
-    {
-        this.size = size;
-        this.certainty = certainty;
-        this.random = random;
-    }
-
-    /**
-     * which generates the p and g values from the given parameters, returning
-     * the CramerShoupParameters object.
-     * <p>
-     * Note: can take a while...
-     * </p>
-     * @return a generated CramerShoupParameters object.
-     */
-    public CramerShoupParameters generateParameters()
-    {
-        //
-        // find a safe prime p where p = 2*q + 1, where p and q are prime.
-        //
-        BigInteger[] safePrimes = ParametersHelper.generateSafePrimes(size, certainty, random);
-
-//		BigInteger p = safePrimes[0];
-        BigInteger q = safePrimes[1];
-        BigInteger g1 = ParametersHelper.selectGenerator(q, random);
-        BigInteger g2 = ParametersHelper.selectGenerator(q, random);
-        while (g1.equals(g2))
-        {
-            g2 = ParametersHelper.selectGenerator(q, random);
-        }
-
-        return new CramerShoupParameters(q, g1, g2, new SHA256Digest());
-    }
-
-    public CramerShoupParameters generateParameters(DHParameters dhParams)
-    {
-        BigInteger p = dhParams.getP();
-        BigInteger g1 = dhParams.getG();
-
-        // now we just need a second generator
-        BigInteger g2 = ParametersHelper.selectGenerator(p, random);
-        while (g1.equals(g2))
-        {
-            g2 = ParametersHelper.selectGenerator(p, random);
-        }
-
-        return new CramerShoupParameters(p, g1, g2, new SHA256Digest());
-    }
-
-    private static class ParametersHelper
-    {
-
-        private static final BigInteger TWO = BigInteger.valueOf(2);
-
-        /*
-         * Finds a pair of prime BigInteger's {p, q: p = 2q + 1}
-         *
-         * (see: Handbook of Applied Cryptography 4.86)
-         */
-        static BigInteger[] generateSafePrimes(int size, int certainty, SecureRandom random)
-        {
-            BigInteger p, q;
-            int qLength = size - 1;
-
-            for (; ; )
-            {
-                q = BigIntegers.createRandomPrime(qLength, 2, random);
-                p = q.shiftLeft(1).add(ONE);
-                if (p.isProbablePrime(certainty) && (certainty <= 2 || q.isProbablePrime(certainty)))
-                {
-                    break;
-                }
-            }
-
-            return new BigInteger[]{p, q};
-        }
-
-        static BigInteger selectGenerator(BigInteger p, SecureRandom random)
-        {
-            BigInteger pMinusTwo = p.subtract(TWO);
-            BigInteger g;
-
-			/*
-             * RFC 2631 2.2.1.2 (and see: Handbook of Applied Cryptography 4.81)
-			 */
-            do
-            {
-                BigInteger h = BigIntegers.createRandomInRange(TWO, pMinusTwo, random);
-
-                g = h.modPow(TWO, p);
-            }
-            while (g.equals(ONE));
-
-            return g;
-        }
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/DHKeyPairGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/DHKeyPairGenerator.java
deleted file mode 100644
index d07ca80..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/DHKeyPairGenerator.java
+++ /dev/null

@@ -1,42 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.crypto.params.DHKeyGenerationParameters;
-import org.bouncycastle.crypto.params.DHParameters;
-import org.bouncycastle.crypto.params.DHPrivateKeyParameters;
-import org.bouncycastle.crypto.params.DHPublicKeyParameters;
-
-import java.math.BigInteger;
-
-/**
- * a Diffie-Hellman key pair generator.
- *
- * This generates keys consistent for use in the MTI/A0 key agreement protocol
- * as described in "Handbook of Applied Cryptography", Pages 516-519.
- */
-public class DHKeyPairGenerator
-    implements AsymmetricCipherKeyPairGenerator
-{
-    private DHKeyGenerationParameters param;
-
-    public void init(
-        KeyGenerationParameters param)
-    {
-        this.param = (DHKeyGenerationParameters)param;
-    }
-
-    public AsymmetricCipherKeyPair generateKeyPair()
-    {
-        DHKeyGeneratorHelper helper = DHKeyGeneratorHelper.INSTANCE;
-        DHParameters dhp = param.getParameters();
-
-        BigInteger x = helper.calculatePrivate(dhp, param.getRandom()); 
-        BigInteger y = helper.calculatePublic(dhp, x);
-
-        return new AsymmetricCipherKeyPair(
-            new DHPublicKeyParameters(y, dhp),
-            new DHPrivateKeyParameters(x, dhp));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/DHParametersHelper.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/DHParametersHelper.java
index 2b5f87b..c857af1 100644
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/DHParametersHelper.java
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/generators/DHParametersHelper.java

@@ -3,11 +3,16 @@
 import java.math.BigInteger;
 import java.security.SecureRandom;
 
+// Android-added: Log long-running operation
+import java.util.logging.Logger;
 import org.bouncycastle.math.ec.WNafUtil;
 import org.bouncycastle.util.BigIntegers;
 
 class DHParametersHelper
 {
+    // Android-added: Log long-running operation
+    private static final Logger logger = Logger.getLogger(DHParametersHelper.class.getName());
+
     private static final BigInteger ONE = BigInteger.valueOf(1);
     private static final BigInteger TWO = BigInteger.valueOf(2);
 
@@ -18,12 +23,19 @@
      */
     static BigInteger[] generateSafePrimes(int size, int certainty, SecureRandom random)
     {
+        // BEGIN Android-added: Log long-running operation
+        logger.info("Generating safe primes. This may take a long time.");
+        long start = System.currentTimeMillis();
+        int tries = 0;
+        // END Android-added: Log long-running operation
         BigInteger p, q;
         int qLength = size - 1;
         int minWeight = size >>> 2;
 
         for (;;)
         {
+            // Android-added: Log long-running operation
+            tries++;
             q = BigIntegers.createRandomPrime(qLength, 2, random);
 
             // p <- 2q + 1
@@ -52,6 +64,11 @@
 
             break;
         }
+        // BEGIN Android-added: Log long-running operation
+        long end = System.currentTimeMillis();
+        long duration = end - start;
+        logger.info("Generated safe primes: " + tries + " tries took " + duration + "ms");
+        // END Android-added: Log long-running operation
 
         return new BigInteger[] { p, q };
     }

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/DSAParametersGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/DSAParametersGenerator.java
index fde0fa6..cb09f73 100644
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/DSAParametersGenerator.java
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/generators/DSAParametersGenerator.java

@@ -4,11 +4,12 @@
 import java.security.SecureRandom;
 
 import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
 import org.bouncycastle.crypto.params.DSAParameterGenerationParameters;
 import org.bouncycastle.crypto.params.DSAParameters;
 import org.bouncycastle.crypto.params.DSAValidationParameters;
-import org.bouncycastle.crypto.util.DigestFactory;
+// Android-changed: Use Android digests
+// import org.bouncycastle.crypto.util.DigestFactory;
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
 import org.bouncycastle.util.Arrays;
 import org.bouncycastle.util.BigIntegers;
 import org.bouncycastle.util.encoders.Hex;
@@ -32,7 +33,9 @@
 
     public DSAParametersGenerator()
     {
-        this(DigestFactory.createSHA1());
+        // Android-changed: Use Android digests
+        // this(DigestFactory.createSHA1());
+        this(AndroidDigestFactory.getSHA1());
     }
 
     public DSAParametersGenerator(Digest digest)
@@ -128,7 +131,9 @@
         int             n = (L - 1) / 160;
         byte[]          w = new byte[L / 8];
 
-        if (!(digest instanceof SHA1Digest))
+        // Android-changed: Use Android digests
+        // if (!(digest instanceof SHA1Digest))
+        if (!(digest.getAlgorithmName().equals("SHA-1")))
         {
             throw new IllegalStateException("can only use SHA-1 for generating FIPS 186-2 parameters");
         }

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/DSTU4145KeyPairGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/DSTU4145KeyPairGenerator.java
deleted file mode 100644
index 3f931b2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/DSTU4145KeyPairGenerator.java
+++ /dev/null

@@ -1,21 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-
-public class DSTU4145KeyPairGenerator
-    extends ECKeyPairGenerator
-{
-    public AsymmetricCipherKeyPair generateKeyPair()
-    {
-        AsymmetricCipherKeyPair pair = super.generateKeyPair();
-
-        ECPublicKeyParameters pub = (ECPublicKeyParameters)pair.getPublic();
-        ECPrivateKeyParameters priv = (ECPrivateKeyParameters)pair.getPrivate();
-
-        pub = new ECPublicKeyParameters(pub.getQ().negate(), pub.getParameters());
-
-        return new AsymmetricCipherKeyPair(pub, priv);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/Ed25519KeyPairGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/Ed25519KeyPairGenerator.java
deleted file mode 100644
index c8991b8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/Ed25519KeyPairGenerator.java
+++ /dev/null

@@ -1,27 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.crypto.params.Ed25519PrivateKeyParameters;
-import org.bouncycastle.crypto.params.Ed25519PublicKeyParameters;
-
-public class Ed25519KeyPairGenerator
-    implements AsymmetricCipherKeyPairGenerator
-{
-    private SecureRandom random;
-
-    public void init(KeyGenerationParameters parameters)
-    {
-        this.random = parameters.getRandom();
-    }
-
-    public AsymmetricCipherKeyPair generateKeyPair()
-    {
-        Ed25519PrivateKeyParameters privateKey = new Ed25519PrivateKeyParameters(random);
-        Ed25519PublicKeyParameters publicKey = privateKey.generatePublicKey();
-        return new AsymmetricCipherKeyPair(publicKey, privateKey);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/Ed448KeyPairGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/Ed448KeyPairGenerator.java
deleted file mode 100644
index f796095..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/Ed448KeyPairGenerator.java
+++ /dev/null

@@ -1,27 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.crypto.params.Ed448PrivateKeyParameters;
-import org.bouncycastle.crypto.params.Ed448PublicKeyParameters;
-
-public class Ed448KeyPairGenerator
-    implements AsymmetricCipherKeyPairGenerator
-{
-    private SecureRandom random;
-
-    public void init(KeyGenerationParameters parameters)
-    {
-        this.random = parameters.getRandom();
-    }
-
-    public AsymmetricCipherKeyPair generateKeyPair()
-    {
-        Ed448PrivateKeyParameters privateKey = new Ed448PrivateKeyParameters(random);
-        Ed448PublicKeyParameters publicKey = privateKey.generatePublicKey();
-        return new AsymmetricCipherKeyPair(publicKey, privateKey);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/ElGamalKeyPairGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/ElGamalKeyPairGenerator.java
deleted file mode 100644
index f23b697..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/ElGamalKeyPairGenerator.java
+++ /dev/null

@@ -1,44 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.crypto.params.DHParameters;
-import org.bouncycastle.crypto.params.ElGamalKeyGenerationParameters;
-import org.bouncycastle.crypto.params.ElGamalParameters;
-import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters;
-
-/**
- * a ElGamal key pair generator.
- * <p>
- * This generates keys consistent for use with ElGamal as described in
- * page 164 of "Handbook of Applied Cryptography".
- */
-public class ElGamalKeyPairGenerator
-    implements AsymmetricCipherKeyPairGenerator
-{
-    private ElGamalKeyGenerationParameters param;
-
-    public void init(
-        KeyGenerationParameters param)
-    {
-        this.param = (ElGamalKeyGenerationParameters)param;
-    }
-
-    public AsymmetricCipherKeyPair generateKeyPair()
-    {
-        DHKeyGeneratorHelper helper = DHKeyGeneratorHelper.INSTANCE;
-        ElGamalParameters egp = param.getParameters();
-        DHParameters dhp = new DHParameters(egp.getP(), egp.getG(), null, egp.getL());  
-
-        BigInteger x = helper.calculatePrivate(dhp, param.getRandom()); 
-        BigInteger y = helper.calculatePublic(dhp, x);
-
-        return new AsymmetricCipherKeyPair(
-            new ElGamalPublicKeyParameters(y, egp),
-            new ElGamalPrivateKeyParameters(x, egp));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/ElGamalParametersGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/ElGamalParametersGenerator.java
deleted file mode 100644
index 94875c4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/ElGamalParametersGenerator.java
+++ /dev/null

@@ -1,45 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.params.ElGamalParameters;
-
-public class ElGamalParametersGenerator
-{
-    private int             size;
-    private int             certainty;
-    private SecureRandom    random;
-
-    public void init(
-        int             size,
-        int             certainty,
-        SecureRandom    random)
-    {
-        this.size = size;
-        this.certainty = certainty;
-        this.random = random;
-    }
-
-    /**
-     * which generates the p and g values from the given parameters,
-     * returning the ElGamalParameters object.
-     * <p>
-     * Note: can take a while...
-     *
-     * @return a generated ElGamal parameters object.
-     */
-    public ElGamalParameters generateParameters()
-    {
-        //
-        // find a safe prime p where p = 2*q + 1, where p and q are prime.
-        //
-        BigInteger[] safePrimes = DHParametersHelper.generateSafePrimes(size, certainty, random);
-
-        BigInteger p = safePrimes[0];
-        BigInteger q = safePrimes[1];
-        BigInteger g = DHParametersHelper.selectGenerator(p, q, random);
-
-        return new ElGamalParameters(p, g);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/EphemeralKeyPairGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/EphemeralKeyPairGenerator.java
deleted file mode 100644
index 1004f23..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/EphemeralKeyPairGenerator.java
+++ /dev/null

@@ -1,26 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
-import org.bouncycastle.crypto.EphemeralKeyPair;
-import org.bouncycastle.crypto.KeyEncoder;
-
-public class EphemeralKeyPairGenerator
-{
-    private AsymmetricCipherKeyPairGenerator gen;
-    private KeyEncoder keyEncoder;
-
-    public EphemeralKeyPairGenerator(AsymmetricCipherKeyPairGenerator gen, KeyEncoder keyEncoder)
-    {
-        this.gen = gen;
-        this.keyEncoder = keyEncoder;
-    }
-
-    public EphemeralKeyPair generate()
-    {
-        AsymmetricCipherKeyPair eph = gen.generateKeyPair();
-
-        // Encode the ephemeral public key
-         return new EphemeralKeyPair(eph, keyEncoder);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/GOST3410KeyPairGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/GOST3410KeyPairGenerator.java
deleted file mode 100644
index 124edbf..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/GOST3410KeyPairGenerator.java
+++ /dev/null

@@ -1,69 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.crypto.params.GOST3410KeyGenerationParameters;
-import org.bouncycastle.crypto.params.GOST3410Parameters;
-import org.bouncycastle.crypto.params.GOST3410PrivateKeyParameters;
-import org.bouncycastle.crypto.params.GOST3410PublicKeyParameters;
-import org.bouncycastle.math.ec.WNafUtil;
-import org.bouncycastle.util.BigIntegers;
-
-/**
- * a GOST3410 key pair generator.
- * This generates GOST3410 keys in line with the method described
- * in GOST R 34.10-94.
- */
-public class GOST3410KeyPairGenerator
-        implements AsymmetricCipherKeyPairGenerator
-    {
-        private GOST3410KeyGenerationParameters param;
-
-        public void init(
-            KeyGenerationParameters param)
-        {
-            this.param = (GOST3410KeyGenerationParameters)param;
-        }
-
-        public AsymmetricCipherKeyPair generateKeyPair()
-        {
-            BigInteger      p, q, a, x, y;
-            GOST3410Parameters   GOST3410Params = param.getParameters();
-            SecureRandom    random = param.getRandom();
-
-            q = GOST3410Params.getQ();
-            p = GOST3410Params.getP();
-            a = GOST3410Params.getA();
-
-            int minWeight = 64;
-            for (;;)
-            {
-                x = BigIntegers.createRandomBigInteger(256, random);
-
-                if (x.signum() < 1 || x.compareTo(q) >= 0)
-                {
-                    continue;
-                }
-
-                if (WNafUtil.getNafWeight(x) < minWeight)
-                {
-                    continue;
-                }
-
-                break;
-            }
-
-            //
-            // calculate the public key.
-            //
-            y = a.modPow(x, p);
-
-            return new AsymmetricCipherKeyPair(
-                    new GOST3410PublicKeyParameters(y, GOST3410Params),
-                    new GOST3410PrivateKeyParameters(x, GOST3410Params));
-        }
-    }

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/GOST3410ParametersGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/GOST3410ParametersGenerator.java
deleted file mode 100644
index 8383175..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/GOST3410ParametersGenerator.java
+++ /dev/null

@@ -1,544 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.params.GOST3410Parameters;
-import org.bouncycastle.crypto.params.GOST3410ValidationParameters;
-import org.bouncycastle.util.BigIntegers;
-
-/**
- * generate suitable parameters for GOST3410.
- */
-public class GOST3410ParametersGenerator
-{
-    private int             size;
-    private int             typeproc;
-    private SecureRandom    init_random;
-
-    private static final BigInteger ONE = BigInteger.valueOf(1);
-    private static final BigInteger TWO = BigInteger.valueOf(2);
-
-    /**
-     * initialise the key generator.
-     *
-     * @param size size of the key
-     * @param typeproc type procedure A,B = 1;  A',B' - else
-     * @param random random byte source.
-     */
-    public void init(
-        int             size,
-        int             typeproc,
-        SecureRandom    random)
-    {
-        this.size = size;
-        this.typeproc = typeproc;
-        this.init_random = random;
-    }
-
-    //Procedure A
-    private int procedure_A(int x0, int c,  BigInteger[] pq, int size)
-    {
-        //Verify and perform condition: 0<x<2^16; 0<c<2^16; c - odd.
-        while(x0<0 || x0>65536)
-        {
-            x0 = init_random.nextInt()/32768;
-        }
-
-        while((c<0 || c>65536) || (c/2==0))
-        {
-            c = init_random.nextInt()/32768 + 1;
-        }
-
-        BigInteger C = new BigInteger(Integer.toString(c));
-        BigInteger constA16 = new BigInteger("19381");
-
-        //step1
-        BigInteger[] y = new BigInteger[1]; // begin length = 1
-        y[0] = new BigInteger(Integer.toString(x0));
-
-        //step 2
-        int[] t = new int[1]; // t - orders; begin length = 1
-        t[0] = size;
-        int s = 0;
-        for (int i=0; t[i]>=17; i++)
-        {
-            // extension array t
-            int tmp_t[] = new int[t.length + 1];             ///////////////
-            System.arraycopy(t,0,tmp_t,0,t.length);          //  extension
-            t = new int[tmp_t.length];                       //  array t
-            System.arraycopy(tmp_t, 0, t, 0, tmp_t.length);  ///////////////
-
-            t[i+1] = t[i]/2;
-            s = i+1;
-        }
-
-        //step3
-        BigInteger p[] = new BigInteger[s+1];
-        p[s] = new BigInteger("8003",16); //set min prime number length 16 bit
-
-        int m = s-1;  //step4
-
-        for (int i=0; i<s; i++)
-        {
-            int rm = t[m]/16;  //step5
-
-     step6: for(;;)
-            {
-                //step 6
-                BigInteger tmp_y[] = new BigInteger[y.length];  ////////////////
-                System.arraycopy(y,0,tmp_y,0,y.length);         //  extension
-                y = new BigInteger[rm+1];                       //  array y
-                System.arraycopy(tmp_y,0,y,0,tmp_y.length);     ////////////////
-
-                for (int j=0; j<rm; j++)
-                {
-                    y[j+1] = (y[j].multiply(constA16).add(C)).mod(TWO.pow(16));
-                }
-
-                //step 7
-                BigInteger Ym = new BigInteger("0");
-                for (int j=0; j<rm; j++)
-                {
-                    Ym = Ym.add(y[j].multiply(TWO.pow(16*j)));
-                }
-
-                y[0] = y[rm]; //step 8
-
-                //step 9
-                BigInteger N = TWO.pow(t[m]-1).divide(p[m+1]).
-                                   add((TWO.pow(t[m]-1).multiply(Ym)).
-                                       divide(p[m+1].multiply(TWO.pow(16*rm))));
-
-                if (N.mod(TWO).compareTo(ONE)==0) 
-                {
-                    N = N.add(ONE);
-                }
-
-                int k = 0; //step 10
-
-        step11: for(;;)
-                {
-                    //step 11
-                    p[m] = p[m+1].multiply(N.add(BigInteger.valueOf(k))).add(ONE);
-
-                    if (p[m].compareTo(TWO.pow(t[m]))==1)
-                    {
-                        continue step6; //step 12
-                    }
-
-                    //step13
-                    if ((TWO.modPow(p[m+1].multiply(N.add(BigInteger.valueOf(k))),p[m]).compareTo(ONE)==0) &&
-                        (TWO.modPow(N.add(BigInteger.valueOf(k)),p[m]).compareTo(ONE)!=0))
-                    {
-                        m -= 1;
-                        break;
-                    }
-                    else
-                    {
-                        k += 2;
-                        continue step11;
-                    }
-                }
-
-                if (m>=0) 
-                {
-                    break; //step 14
-                }
-                else
-                {
-                    pq[0] = p[0];
-                    pq[1] = p[1];
-                    return y[0].intValue(); //return for procedure B step 2
-                }
-            }
-        }
-        return y[0].intValue();
-    }
-
-    //Procedure A'
-    private long procedure_Aa(long x0, long c, BigInteger[] pq, int size)
-    {
-        //Verify and perform condition: 0<x<2^32; 0<c<2^32; c - odd.
-        while(x0<0 || x0>4294967296L)
-        {
-            x0 = init_random.nextInt()*2;
-        }
-
-        while((c<0 || c>4294967296L) || (c/2==0))
-        {
-            c = init_random.nextInt()*2+1;
-        }
-
-        BigInteger C = new BigInteger(Long.toString(c));
-        BigInteger constA32 = new BigInteger("97781173");
-
-        //step1
-        BigInteger[] y = new BigInteger[1]; // begin length = 1
-        y[0] = new BigInteger(Long.toString(x0));
-
-        //step 2
-        int[] t = new int[1]; // t - orders; begin length = 1
-        t[0] = size;
-        int s = 0;
-        for (int i=0; t[i]>=33; i++)
-        {
-            // extension array t
-            int tmp_t[] = new int[t.length + 1];             ///////////////
-            System.arraycopy(t,0,tmp_t,0,t.length);          //  extension
-            t = new int[tmp_t.length];                       //  array t
-            System.arraycopy(tmp_t, 0, t, 0, tmp_t.length);  ///////////////
-
-            t[i+1] = t[i]/2;
-            s = i+1;
-        }
-
-        //step3
-        BigInteger p[] = new BigInteger[s+1];
-        p[s] = new BigInteger("8000000B",16); //set min prime number length 32 bit
-
-        int m = s-1;  //step4
-
-        for (int i=0; i<s; i++)
-        {
-            int rm = t[m]/32;  //step5
-
-     step6: for(;;)
-            {
-                //step 6
-                BigInteger tmp_y[] = new BigInteger[y.length];  ////////////////
-                System.arraycopy(y,0,tmp_y,0,y.length);         //  extension
-                y = new BigInteger[rm+1];                       //  array y
-                System.arraycopy(tmp_y,0,y,0,tmp_y.length);     ////////////////
-
-                for (int j=0; j<rm; j++)
-                {
-                    y[j+1] = (y[j].multiply(constA32).add(C)).mod(TWO.pow(32));
-                }
-
-                //step 7
-                BigInteger Ym = new BigInteger("0");
-                for (int j=0; j<rm; j++)
-                {
-                    Ym = Ym.add(y[j].multiply(TWO.pow(32*j)));
-                }
-
-                y[0] = y[rm]; //step 8
-
-                //step 9
-                BigInteger N = TWO.pow(t[m]-1).divide(p[m+1]).
-                                   add((TWO.pow(t[m]-1).multiply(Ym)).
-                                       divide(p[m+1].multiply(TWO.pow(32*rm))));
-
-                if (N.mod(TWO).compareTo(ONE)==0) 
-                {
-                    N = N.add(ONE);
-                }
-
-                int k = 0; //step 10
-
-        step11: for(;;)
-                {
-                    //step 11
-                    p[m] = p[m+1].multiply(N.add(BigInteger.valueOf(k))).add(ONE);
-
-                    if (p[m].compareTo(TWO.pow(t[m]))==1)
-                    {
-                        continue step6; //step 12
-                    }
-
-                    //step13
-                    if ((TWO.modPow(p[m+1].multiply(N.add(BigInteger.valueOf(k))),p[m]).compareTo(ONE)==0) &&
-                        (TWO.modPow(N.add(BigInteger.valueOf(k)),p[m]).compareTo(ONE)!=0))
-                    {
-                        m -= 1;
-                        break;
-                    }
-                    else
-                    {
-                        k += 2;
-                        continue step11;
-                    }
-                }
-
-                if (m>=0)
-                {
-                    break; //step 14
-                }
-                else
-                {
-                    pq[0] = p[0];
-                    pq[1] = p[1];
-                    return y[0].longValue(); //return for procedure B' step 2
-                }
-            }
-        }
-        return y[0].longValue();
-    }
-
-    //Procedure B
-    private void procedure_B(int x0, int c, BigInteger[] pq)
-    {
-        //Verify and perform condition: 0<x<2^16; 0<c<2^16; c - odd.
-        while(x0<0 || x0>65536)
-        {
-            x0 = init_random.nextInt()/32768;
-        }
-
-        while((c<0 || c>65536) || (c/2==0))
-        {
-            c = init_random.nextInt()/32768 + 1;
-        }
-
-        BigInteger [] qp = new BigInteger[2];
-        BigInteger q = null, Q = null, p = null;
-        BigInteger C = new BigInteger(Integer.toString(c));
-        BigInteger constA16 = new BigInteger("19381");
-
-        //step1
-        x0 = procedure_A(x0, c, qp, 256);
-        q = qp[0];
-
-        //step2
-        x0 = procedure_A(x0, c, qp, 512);
-        Q = qp[0];
-
-        BigInteger[] y = new BigInteger[65];
-        y[0] = new BigInteger(Integer.toString(x0));
-
-        int tp = 1024;
-
- step3: for(;;)
-        {
-            //step 3
-            for (int j=0; j<64; j++)
-            {
-                y[j+1] = (y[j].multiply(constA16).add(C)).mod(TWO.pow(16));
-            }
-
-            //step 4
-            BigInteger Y = new BigInteger("0");
- 
-            for (int j=0; j<64; j++)
-            {
-                Y = Y.add(y[j].multiply(TWO.pow(16*j)));
-            }
-
-            y[0] = y[64]; //step 5
-
-            //step 6
-            BigInteger N = TWO.pow(tp-1).divide(q.multiply(Q)).
-                               add((TWO.pow(tp-1).multiply(Y)).
-                                   divide(q.multiply(Q).multiply(TWO.pow(1024))));
-
-            if (N.mod(TWO).compareTo(ONE)==0)
-            {
-                N = N.add(ONE);
-            }
-
-            int k = 0; //step 7
-
-     step8: for(;;)
-            {
-                //step 11
-                p = q.multiply(Q).multiply(N.add(BigInteger.valueOf(k))).add(ONE);
-
-                if (p.compareTo(TWO.pow(tp))==1)
-                {
-                    continue step3; //step 9
-                }
-
-                //step10
-                if ((TWO.modPow(q.multiply(Q).multiply(N.add(BigInteger.valueOf(k))),p).compareTo(ONE)==0) &&
-                    (TWO.modPow(q.multiply(N.add(BigInteger.valueOf(k))),p).compareTo(ONE)!=0))
-                {
-                    pq[0] = p;
-                    pq[1] = q;
-                    return;
-                }
-                else
-                {
-                    k += 2;
-                    continue step8;
-                }
-            }
-        }
-    }
-
-    //Procedure B'
-    private void procedure_Bb(long x0, long c, BigInteger[] pq)
-    {
-        //Verify and perform condition: 0<x<2^32; 0<c<2^32; c - odd.
-        while(x0<0 || x0>4294967296L)
-        {
-            x0 = init_random.nextInt()*2;
-        }
-
-        while((c<0 || c>4294967296L) || (c/2==0))
-        {
-            c = init_random.nextInt()*2+1;
-        }
-
-        BigInteger [] qp = new BigInteger[2];
-        BigInteger q = null, Q = null, p = null;
-        BigInteger C = new BigInteger(Long.toString(c));
-        BigInteger constA32 = new BigInteger("97781173");
-
-        //step1
-        x0 = procedure_Aa(x0, c, qp, 256);
-        q = qp[0];
-
-        //step2
-        x0 = procedure_Aa(x0, c, qp, 512);
-        Q = qp[0];
-
-        BigInteger[] y = new BigInteger[33];
-        y[0] = new BigInteger(Long.toString(x0));
-
-        int tp = 1024;
-
- step3: for(;;)
-        {
-            //step 3
-            for (int j=0; j<32; j++)
-            {
-                y[j+1] = (y[j].multiply(constA32).add(C)).mod(TWO.pow(32));
-            }
-
-            //step 4
-            BigInteger Y = new BigInteger("0");
-            for (int j=0; j<32; j++)
-            {
-                Y = Y.add(y[j].multiply(TWO.pow(32*j)));
-            }
-
-            y[0] = y[32]; //step 5
-
-            //step 6
-            BigInteger N = TWO.pow(tp-1).divide(q.multiply(Q)).
-                               add((TWO.pow(tp-1).multiply(Y)).
-                                   divide(q.multiply(Q).multiply(TWO.pow(1024))));
-
-            if (N.mod(TWO).compareTo(ONE)==0)
-            {
-                N = N.add(ONE);
-            }
-
-            int k = 0; //step 7
-
-     step8: for(;;)
-            {
-                //step 11
-                p = q.multiply(Q).multiply(N.add(BigInteger.valueOf(k))).add(ONE);
-
-                if (p.compareTo(TWO.pow(tp))==1)
-                {
-                    continue step3; //step 9
-                }
-
-                //step10
-                if ((TWO.modPow(q.multiply(Q).multiply(N.add(BigInteger.valueOf(k))),p).compareTo(ONE)==0) &&
-                    (TWO.modPow(q.multiply(N.add(BigInteger.valueOf(k))),p).compareTo(ONE)!=0))
-                {
-                    pq[0] = p;
-                    pq[1] = q;
-                    return;
-                }
-                else
-                {
-                    k += 2;
-                    continue step8;
-                }
-            }
-        }
-    }
-
-
-    /*
-     * Procedure C
-     * procedure generates the a value from the given p,q,
-     * returning the a value.
-     */
-    private BigInteger procedure_C(BigInteger p, BigInteger q)
-    {
-        BigInteger pSub1 = p.subtract(ONE);
-        BigInteger pSub1DivQ = pSub1.divide(q);
-        int length = p.bitLength();
-
-        for(;;)
-        {
-            BigInteger d = BigIntegers.createRandomBigInteger(length, init_random);
-
-            // 1 < d < p-1
-            if (d.compareTo(ONE) > 0 && d.compareTo(pSub1) < 0)
-            {
-                BigInteger a = d.modPow(pSub1DivQ, p);
-
-                if (a.compareTo(ONE) != 0)
-                {
-                    return a;
-                }
-            }
-        }
-    }
-
-    /**
-     * which generates the p , q and a values from the given parameters,
-     * returning the GOST3410Parameters object.
-     *
-     * @return a generated GOST3410 parameters object.
-     */
-    public GOST3410Parameters generateParameters()
-    {
-        BigInteger [] pq = new BigInteger[2];
-        BigInteger    q = null, p = null, a = null;
-
-        int  x0, c;
-        long  x0L, cL;
-
-        if (typeproc==1)
-        {
-            x0 = init_random.nextInt();
-            c  = init_random.nextInt();
-
-            switch(size)
-            {
-            case 512:  
-                procedure_A(x0, c, pq, 512); 
-                break;
-            case 1024: 
-                procedure_B(x0, c, pq); 
-                break;
-            default: 
-                throw new IllegalArgumentException("Ooops! key size 512 or 1024 bit.");
-            }
-            p = pq[0];  q = pq[1];
-            a = procedure_C(p, q);
-            //System.out.println("p:"+p.toString(16)+"\n"+"q:"+q.toString(16)+"\n"+"a:"+a.toString(16));
-            //System.out.println("p:"+p+"\n"+"q:"+q+"\n"+"a:"+a);
-            return new GOST3410Parameters(p, q, a, new GOST3410ValidationParameters(x0, c));
-        }
-        else
-        {
-            x0L = init_random.nextLong();
-            cL  = init_random.nextLong();
-
-            switch(size)
-            {
-            case 512:  
-                procedure_Aa(x0L, cL, pq, 512); 
-                break;
-            case 1024: 
-                procedure_Bb(x0L, cL, pq); 
-                break;
-            default: 
-                throw new IllegalStateException("Ooops! key size 512 or 1024 bit.");
-            }
-            p = pq[0];  q = pq[1];
-            a = procedure_C(p, q);
-            //System.out.println("p:"+p.toString(16)+"\n"+"q:"+q.toString(16)+"\n"+"a:"+a.toString(16));
-            //System.out.println("p:"+p+"\n"+"q:"+q+"\n"+"a:"+a);
-            return new GOST3410Parameters(p, q, a, new GOST3410ValidationParameters(x0L, cL));
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/HKDFBytesGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/HKDFBytesGenerator.java
deleted file mode 100644
index ada204f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/HKDFBytesGenerator.java
+++ /dev/null

@@ -1,160 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.DerivationFunction;
-import org.bouncycastle.crypto.DerivationParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.params.HKDFParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-
-/**
- * HMAC-based Extract-and-Expand Key Derivation Function (HKDF) implemented
- * according to IETF RFC 5869, May 2010 as specified by H. Krawczyk, IBM
- * Research &amp; P. Eronen, Nokia. It uses a HMac internally to compute de OKM
- * (output keying material) and is likely to have better security properties
- * than KDF's based on just a hash function.
- */
-public class HKDFBytesGenerator
-    implements DerivationFunction
-{
-
-    private HMac hMacHash;
-    private int hashLen;
-
-    private byte[] info;
-    private byte[] currentT;
-
-    private int generatedBytes;
-
-    /**
-     * Creates a HKDFBytesGenerator based on the given hash function.
-     *
-     * @param hash the digest to be used as the source of generatedBytes bytes
-     */
-    public HKDFBytesGenerator(Digest hash)
-    {
-        this.hMacHash = new HMac(hash);
-        this.hashLen = hash.getDigestSize();
-    }
-
-    public void init(DerivationParameters param)
-    {
-        if (!(param instanceof HKDFParameters))
-        {
-            throw new IllegalArgumentException(
-                "HKDF parameters required for HKDFBytesGenerator");
-        }
-
-        HKDFParameters params = (HKDFParameters)param;
-        if (params.skipExtract())
-        {
-            // use IKM directly as PRK
-            hMacHash.init(new KeyParameter(params.getIKM()));
-        }
-        else
-        {
-            hMacHash.init(extract(params.getSalt(), params.getIKM()));
-        }
-
-        info = params.getInfo();
-
-        generatedBytes = 0;
-        currentT = new byte[hashLen];
-    }
-
-    /**
-     * Performs the extract part of the key derivation function.
-     *
-     * @param salt the salt to use
-     * @param ikm  the input keying material
-     * @return the PRK as KeyParameter
-     */
-    private KeyParameter extract(byte[] salt, byte[] ikm)
-    {
-        if (salt == null)
-        {
-            // TODO check if hashLen is indeed same as HMAC size
-            hMacHash.init(new KeyParameter(new byte[hashLen]));
-        }
-        else
-        {
-            hMacHash.init(new KeyParameter(salt));
-        }
-
-        hMacHash.update(ikm, 0, ikm.length);
-
-        byte[] prk = new byte[hashLen];
-        hMacHash.doFinal(prk, 0);
-        return new KeyParameter(prk);
-    }
-
-    /**
-     * Performs the expand part of the key derivation function, using currentT
-     * as input and output buffer.
-     *
-     * @throws DataLengthException if the total number of bytes generated is larger than the one
-     * specified by RFC 5869 (255 * HashLen)
-     */
-    private void expandNext()
-        throws DataLengthException
-    {
-        int n = generatedBytes / hashLen + 1;
-        if (n >= 256)
-        {
-            throw new DataLengthException(
-                "HKDF cannot generate more than 255 blocks of HashLen size");
-        }
-        // special case for T(0): T(0) is empty, so no update
-        if (generatedBytes != 0)
-        {
-            hMacHash.update(currentT, 0, hashLen);
-        }
-        hMacHash.update(info, 0, info.length);
-        hMacHash.update((byte)n);
-        hMacHash.doFinal(currentT, 0);
-    }
-
-    public Digest getDigest()
-    {
-        return hMacHash.getUnderlyingDigest();
-    }
-
-    public int generateBytes(byte[] out, int outOff, int len)
-        throws DataLengthException, IllegalArgumentException
-    {
-
-        if (generatedBytes + len > 255 * hashLen)
-        {
-            throw new DataLengthException(
-                "HKDF may only be used for 255 * HashLen bytes of output");
-        }
-
-        if (generatedBytes % hashLen == 0)
-        {
-            expandNext();
-        }
-
-        // copy what is left in the currentT (1..hash
-        int toGenerate = len;
-        int posInT = generatedBytes % hashLen;
-        int leftInT = hashLen - generatedBytes % hashLen;
-        int toCopy = Math.min(leftInT, toGenerate);
-        System.arraycopy(currentT, posInT, out, outOff, toCopy);
-        generatedBytes += toCopy;
-        toGenerate -= toCopy;
-        outOff += toCopy;
-
-        while (toGenerate > 0)
-        {
-            expandNext();
-            toCopy = Math.min(hashLen, toGenerate);
-            System.arraycopy(currentT, 0, out, outOff, toCopy);
-            generatedBytes += toCopy;
-            toGenerate -= toCopy;
-            outOff += toCopy;
-        }
-
-        return len;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/KDF1BytesGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/KDF1BytesGenerator.java
deleted file mode 100644
index 7789b7b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/KDF1BytesGenerator.java
+++ /dev/null

@@ -1,23 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import org.bouncycastle.crypto.Digest;
-
-/**
- * KDF1 generator for derived keys and ivs as defined by IEEE P1363a/ISO 18033
- * <br>
- * This implementation is based on ISO 18033/IEEE P1363a.
- */
-public class KDF1BytesGenerator
-    extends BaseKDFBytesGenerator
-{
-    /**
-     * Construct a KDF1 byte generator.
-     * <p>
-     * @param digest the digest to be used as the source of derived keys.
-     */
-    public KDF1BytesGenerator(
-        Digest  digest)
-    {
-        super(0, digest);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/KDF2BytesGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/KDF2BytesGenerator.java
deleted file mode 100644
index ac0c64a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/KDF2BytesGenerator.java
+++ /dev/null

@@ -1,24 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import org.bouncycastle.crypto.Digest;
-
-/**
- * KDF2 generator for derived keys and ivs as defined by IEEE P1363a/ISO 18033
- * <br>
- * This implementation is based on IEEE P1363/ISO 18033.
- */
-public class KDF2BytesGenerator
-    extends BaseKDFBytesGenerator
-{
-    /**
-     * Construct a KDF2 bytes generator. Generates key material
-     * according to IEEE P1363 or ISO 18033 depending on the initialisation.
-     * <p>
-     * @param digest the digest to be used as the source of derived keys.
-     */
-    public KDF2BytesGenerator(
-        Digest  digest)
-    {
-        super(1, digest);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/KDFCounterBytesGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/KDFCounterBytesGenerator.java
deleted file mode 100644
index 6305db8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/KDFCounterBytesGenerator.java
+++ /dev/null

@@ -1,179 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.DerivationParameters;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.MacDerivationFunction;
-import org.bouncycastle.crypto.params.KDFCounterParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-
-/**
- * This KDF has been defined by the publicly available NIST SP 800-108 specification.
- * NIST SP800-108 allows for alternative orderings of the input fields, meaning that the input can be formated in multiple ways.
- * There are 3 supported formats:  - Below [i]_2 is a counter of r-bits length concatenated to the fixedInputData.
- * <ul>
- * <li>1: K(i) := PRF( KI, [i]_2 || Label || 0x00 || Context || [L]_2 ) with the counter at the very beginning of the fixedInputData (The default implementation has this format)</li>
- * <li>2: K(i) := PRF( KI, Label || 0x00 || Context || [L]_2 || [i]_2 ) with the counter at the very end of the fixedInputData</li>
- * <li>3a: K(i) := PRF( KI, Label || 0x00 || [i]_2 || Context || [L]_2 ) OR:</li>
- * <li>3b: K(i) := PRF( KI, Label || 0x00 || [i]_2 || [L]_2 || Context ) OR:</li>
- * <li>3c: K(i) := PRF( KI, Label || [i]_2 || 0x00 || Context || [L]_2 ) etc... with the counter somewhere in the 'middle' of the fixedInputData.</li>
- * </ul>
- * This function must be called with the following KDFCounterParameters():
- * <ul>
- *  <li>KI</li>
- *  <li>The part of the fixedInputData that comes BEFORE the counter OR null</li>
- *  <li>the part of the fixedInputData that comes AFTER the counter OR null </li>
- *  <li>the length of the counter in bits (not bytes)</li>
- * </ul>
- * Resulting function calls assuming an 8 bit counter.
- * <ul>
- * <li>1.  KDFCounterParameters(ki, 	null, 									"Label || 0x00 || Context || [L]_2]",	8);</li>
- * <li>2.  KDFCounterParameters(ki, 	"Label || 0x00 || Context || [L]_2]", 	null,									8);</li>
- * <li>3a. KDFCounterParameters(ki, 	"Label || 0x00",						"Context || [L]_2]",					8);</li>
- * <li>3b. KDFCounterParameters(ki, 	"Label || 0x00",						"[L]_2] || Context",					8);</li>
- * <li>3c. KDFCounterParameters(ki, 	"Label", 								"0x00 || Context || [L]_2]",			8);</li>
- * </ul>
- */
-public class KDFCounterBytesGenerator
-    implements MacDerivationFunction
-{
-
-    private static final BigInteger INTEGER_MAX = BigInteger.valueOf(Integer.MAX_VALUE);
-    private static final BigInteger TWO = BigInteger.valueOf(2);
-
-    // please refer to the standard for the meaning of the variable names
-    // all field lengths are in bytes, not in bits as specified by the standard
-
-    // fields set by the constructor
-    private final Mac prf;
-    private final int h;
-
-    // fields set by init
-    private byte[] fixedInputDataCtrPrefix;
-    private byte[] fixedInputData_afterCtr;
-    private int maxSizeExcl;
-    // ios is i defined as an octet string (the binary representation)
-    private byte[] ios;
-
-    // operational
-    private int generatedBytes;
-    // k is used as buffer for all K(i) values
-    private byte[] k;
-
-
-    public KDFCounterBytesGenerator(Mac prf)
-    {
-        this.prf = prf;
-        this.h = prf.getMacSize();
-        this.k = new byte[h];
-    }
-
-
-    public void init(DerivationParameters param)
-    {
-        if (!(param instanceof KDFCounterParameters))
-        {
-            throw new IllegalArgumentException("Wrong type of arguments given");
-        }
-
-        KDFCounterParameters kdfParams = (KDFCounterParameters)param;
-
-        // --- init mac based PRF ---
-
-        this.prf.init(new KeyParameter(kdfParams.getKI()));
-
-        // --- set arguments ---
-
-        this.fixedInputDataCtrPrefix = kdfParams.getFixedInputDataCounterPrefix();
-        this.fixedInputData_afterCtr = kdfParams.getFixedInputDataCounterSuffix();
-
-        int r = kdfParams.getR();
-        this.ios = new byte[r / 8];
-
-        BigInteger maxSize = TWO.pow(r).multiply(BigInteger.valueOf(h));
-        this.maxSizeExcl = maxSize.compareTo(INTEGER_MAX) == 1 ?
-            Integer.MAX_VALUE : maxSize.intValue();
-
-        // --- set operational state ---
-
-        generatedBytes = 0;
-    }
-
-
-    public Mac getMac()
-    {
-        return prf;
-    }
-
-    public int generateBytes(byte[] out, int outOff, int len)
-        throws DataLengthException, IllegalArgumentException
-    {
-
-        int generatedBytesAfter = generatedBytes + len;
-        if (generatedBytesAfter < 0 || generatedBytesAfter >= maxSizeExcl)
-        {
-            throw new DataLengthException(
-                "Current KDFCTR may only be used for " + maxSizeExcl + " bytes");
-        }
-
-        if (generatedBytes % h == 0)
-        {
-            generateNext();
-        }
-
-        // copy what is left in the currentT (1..hash
-        int toGenerate = len;
-        int posInK = generatedBytes % h;
-        int leftInK = h - generatedBytes % h;
-        int toCopy = Math.min(leftInK, toGenerate);
-        System.arraycopy(k, posInK, out, outOff, toCopy);
-        generatedBytes += toCopy;
-        toGenerate -= toCopy;
-        outOff += toCopy;
-
-        while (toGenerate > 0)
-        {
-            generateNext();
-            toCopy = Math.min(h, toGenerate);
-            System.arraycopy(k, 0, out, outOff, toCopy);
-            generatedBytes += toCopy;
-            toGenerate -= toCopy;
-            outOff += toCopy;
-        }
-
-        return len;
-    }
-
-    private void generateNext()
-    {
-        int i = generatedBytes / h + 1;
-
-        // encode i into counter buffer
-        switch (ios.length)
-        {
-        case 4:
-            ios[0] = (byte)(i >>> 24);
-            // fall through
-        case 3:
-            ios[ios.length - 3] = (byte)(i >>> 16);
-            // fall through
-        case 2:
-            ios[ios.length - 2] = (byte)(i >>> 8);
-            // fall through
-        case 1:
-            ios[ios.length - 1] = (byte)i;
-            break;
-        default:
-            throw new IllegalStateException("Unsupported size of counter i");
-        }
-
-
-        // special case for K(0): K(0) is empty, so no update
-        prf.update(fixedInputDataCtrPrefix, 0, fixedInputDataCtrPrefix.length);
-        prf.update(ios, 0, ios.length);
-        prf.update(fixedInputData_afterCtr, 0, fixedInputData_afterCtr.length);
-        prf.doFinal(k, 0);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/KDFDoublePipelineIterationBytesGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/KDFDoublePipelineIterationBytesGenerator.java
deleted file mode 100644
index 6115a1a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/KDFDoublePipelineIterationBytesGenerator.java
+++ /dev/null

@@ -1,181 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.DerivationParameters;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.MacDerivationFunction;
-import org.bouncycastle.crypto.params.KDFDoublePipelineIterationParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-
-/**
- * This KDF has been defined by the publicly available NIST SP 800-108 specification.
- */
-public class KDFDoublePipelineIterationBytesGenerator
-    implements MacDerivationFunction
-{
-
-    private static final BigInteger INTEGER_MAX = BigInteger.valueOf(Integer.MAX_VALUE);
-    private static final BigInteger TWO = BigInteger.valueOf(2);
-
-    // please refer to the standard for the meaning of the variable names
-    // all field lengths are in bytes, not in bits as specified by the standard
-
-    // fields set by the constructor
-    private final Mac prf;
-    private final int h;
-
-    // fields set by init
-    private byte[] fixedInputData;
-    private int maxSizeExcl;
-    // ios is i defined as an octet string (the binary representation)
-    private byte[] ios;
-    private boolean useCounter;
-
-    // operational
-    private int generatedBytes;
-    // k is used as buffer for all K(i) values
-    private byte[] a;
-    private byte[] k;
-
-
-    public KDFDoublePipelineIterationBytesGenerator(Mac prf)
-    {
-        this.prf = prf;
-        this.h = prf.getMacSize();
-        this.a = new byte[h];
-        this.k = new byte[h];
-    }
-
-    public void init(DerivationParameters params)
-    {
-        if (!(params instanceof KDFDoublePipelineIterationParameters))
-        {
-            throw new IllegalArgumentException("Wrong type of arguments given");
-        }
-
-        KDFDoublePipelineIterationParameters dpiParams = (KDFDoublePipelineIterationParameters)params;
-
-        // --- init mac based PRF ---
-
-        this.prf.init(new KeyParameter(dpiParams.getKI()));
-
-        // --- set arguments ---
-
-        this.fixedInputData = dpiParams.getFixedInputData();
-
-        int r = dpiParams.getR();
-        this.ios = new byte[r / 8];
-
-        if (dpiParams.useCounter())
-        {
-            // this is more conservative than the spec
-            BigInteger maxSize = TWO.pow(r).multiply(BigInteger.valueOf(h));
-            this.maxSizeExcl = maxSize.compareTo(INTEGER_MAX) == 1 ?
-                Integer.MAX_VALUE : maxSize.intValue();
-        }
-        else
-        {
-            this.maxSizeExcl = Integer.MAX_VALUE;
-        }
-
-        this.useCounter = dpiParams.useCounter();
-
-        // --- set operational state ---
-
-        generatedBytes = 0;
-    }
-
-    public Mac getMac()
-    {
-        return prf;
-    }
-
-    public int generateBytes(byte[] out, int outOff, int len)
-        throws DataLengthException, IllegalArgumentException
-    {
-
-        int generatedBytesAfter = generatedBytes + len;
-        if (generatedBytesAfter < 0 || generatedBytesAfter >= maxSizeExcl)
-        {
-            throw new DataLengthException(
-                "Current KDFCTR may only be used for " + maxSizeExcl + " bytes");
-        }
-
-        if (generatedBytes % h == 0)
-        {
-            generateNext();
-        }
-
-        // copy what is left in the currentT (1..hash
-        int toGenerate = len;
-        int posInK = generatedBytes % h;
-        int leftInK = h - generatedBytes % h;
-        int toCopy = Math.min(leftInK, toGenerate);
-        System.arraycopy(k, posInK, out, outOff, toCopy);
-        generatedBytes += toCopy;
-        toGenerate -= toCopy;
-        outOff += toCopy;
-
-        while (toGenerate > 0)
-        {
-            generateNext();
-            toCopy = Math.min(h, toGenerate);
-            System.arraycopy(k, 0, out, outOff, toCopy);
-            generatedBytes += toCopy;
-            toGenerate -= toCopy;
-            outOff += toCopy;
-        }
-
-        return len;
-    }
-
-    private void generateNext()
-    {
-
-        if (generatedBytes == 0)
-        {
-            // --- step 4 ---
-            prf.update(fixedInputData, 0, fixedInputData.length);
-            prf.doFinal(a, 0);
-        }
-        else
-        {
-            // --- step 5a ---
-            prf.update(a, 0, a.length);
-            prf.doFinal(a, 0);
-        }
-
-        // --- step 5b ---
-        prf.update(a, 0, a.length);
-
-        if (useCounter)
-        {
-            int i = generatedBytes / h + 1;
-
-            // encode i into counter buffer
-            switch (ios.length)
-            {
-            case 4:
-                ios[0] = (byte)(i >>> 24);
-                // fall through
-            case 3:
-                ios[ios.length - 3] = (byte)(i >>> 16);
-                // fall through
-            case 2:
-                ios[ios.length - 2] = (byte)(i >>> 8);
-                // fall through
-            case 1:
-                ios[ios.length - 1] = (byte)i;
-                break;
-            default:
-                throw new IllegalStateException("Unsupported size of counter i");
-            }
-            prf.update(ios, 0, ios.length);
-        }
-
-        prf.update(fixedInputData, 0, fixedInputData.length);
-        prf.doFinal(k, 0);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/KDFFeedbackBytesGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/KDFFeedbackBytesGenerator.java
deleted file mode 100644
index 6003037..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/KDFFeedbackBytesGenerator.java
+++ /dev/null

@@ -1,175 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.DerivationParameters;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.MacDerivationFunction;
-import org.bouncycastle.crypto.params.KDFFeedbackParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-
-/**
- * This KDF has been defined by the publicly available NIST SP 800-108 specification.
- */
-public class KDFFeedbackBytesGenerator
-    implements MacDerivationFunction
-{
-
-    private static final BigInteger INTEGER_MAX = BigInteger.valueOf(Integer.MAX_VALUE);
-    private static final BigInteger TWO = BigInteger.valueOf(2);
-
-    // please refer to the standard for the meaning of the variable names
-    // all field lengths are in bytes, not in bits as specified by the standard
-
-    // fields set by the constructor
-    private final Mac prf;
-    private final int h;
-
-    // fields set by init
-    private byte[] fixedInputData;
-    private int maxSizeExcl;
-    // ios is i defined as an octet string (the binary representation)
-    private byte[] ios;
-    private byte[] iv;
-    private boolean useCounter;
-
-    // operational
-    private int generatedBytes;
-    // k is used as buffer for all K(i) values
-    private byte[] k;
-
-
-    public KDFFeedbackBytesGenerator(Mac prf)
-    {
-        this.prf = prf;
-        this.h = prf.getMacSize();
-        this.k = new byte[h];
-    }
-
-    public void init(DerivationParameters params)
-    {
-        if (!(params instanceof KDFFeedbackParameters))
-        {
-            throw new IllegalArgumentException("Wrong type of arguments given");
-        }
-
-        KDFFeedbackParameters feedbackParams = (KDFFeedbackParameters)params;
-
-        // --- init mac based PRF ---
-
-        this.prf.init(new KeyParameter(feedbackParams.getKI()));
-
-        // --- set arguments ---
-
-        this.fixedInputData = feedbackParams.getFixedInputData();
-
-        int r = feedbackParams.getR();
-        this.ios = new byte[r / 8];
-
-        if (feedbackParams.useCounter())
-        {
-            // this is more conservative than the spec
-            BigInteger maxSize = TWO.pow(r).multiply(BigInteger.valueOf(h));
-            this.maxSizeExcl = maxSize.compareTo(INTEGER_MAX) == 1 ?
-                Integer.MAX_VALUE : maxSize.intValue();
-        }
-        else
-        {
-            this.maxSizeExcl = Integer.MAX_VALUE;
-        }
-
-        this.iv = feedbackParams.getIV();
-        this.useCounter = feedbackParams.useCounter();
-
-        // --- set operational state ---
-
-        generatedBytes = 0;
-    }
-
-    public Mac getMac()
-    {
-        return prf;
-    }
-
-    public int generateBytes(byte[] out, int outOff, int len)
-        throws DataLengthException, IllegalArgumentException
-    {
-
-        int generatedBytesAfter = generatedBytes + len;
-        if (generatedBytesAfter < 0 || generatedBytesAfter >= maxSizeExcl)
-        {
-            throw new DataLengthException(
-                "Current KDFCTR may only be used for " + maxSizeExcl + " bytes");
-        }
-
-        if (generatedBytes % h == 0)
-        {
-            generateNext();
-        }
-
-        // copy what is left in the currentT (1..hash
-        int toGenerate = len;
-        int posInK = generatedBytes % h;
-        int leftInK = h - generatedBytes % h;
-        int toCopy = Math.min(leftInK, toGenerate);
-        System.arraycopy(k, posInK, out, outOff, toCopy);
-        generatedBytes += toCopy;
-        toGenerate -= toCopy;
-        outOff += toCopy;
-
-        while (toGenerate > 0)
-        {
-            generateNext();
-            toCopy = Math.min(h, toGenerate);
-            System.arraycopy(k, 0, out, outOff, toCopy);
-            generatedBytes += toCopy;
-            toGenerate -= toCopy;
-            outOff += toCopy;
-        }
-
-        return len;
-    }
-
-    private void generateNext()
-    {
-
-        // TODO enable IV
-        if (generatedBytes == 0)
-        {
-            prf.update(iv, 0, iv.length);
-        }
-        else
-        {
-            prf.update(k, 0, k.length);
-        }
-
-        if (useCounter)
-        {
-            int i = generatedBytes / h + 1;
-
-            // encode i into counter buffer
-            switch (ios.length)
-            {
-            case 4:
-                ios[0] = (byte)(i >>> 24);
-                // fall through
-            case 3:
-                ios[ios.length - 3] = (byte)(i >>> 16);
-                // fall through
-            case 2:
-                ios[ios.length - 2] = (byte)(i >>> 8);
-                // fall through
-            case 1:
-                ios[ios.length - 1] = (byte)i;
-                break;
-            default:
-                throw new IllegalStateException("Unsupported size of counter i");
-            }
-            prf.update(ios, 0, ios.length);
-        }
-
-        prf.update(fixedInputData, 0, fixedInputData.length);
-        prf.doFinal(k, 0);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/MGF1BytesGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/MGF1BytesGenerator.java
deleted file mode 100644
index 5eda85a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/MGF1BytesGenerator.java
+++ /dev/null

@@ -1,115 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.DerivationFunction;
-import org.bouncycastle.crypto.DerivationParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.MGFParameters;
-
-/**
- * Generator for MGF1 as defined in PKCS 1v2
- */
-public class MGF1BytesGenerator
-    implements DerivationFunction
-{
-    private Digest  digest;
-    private byte[]  seed;
-    private int     hLen;
-
-    /**
-     * @param digest the digest to be used as the source of generated bytes
-     */
-    public MGF1BytesGenerator(
-        Digest  digest)
-    {
-        this.digest = digest;
-        this.hLen = digest.getDigestSize();
-    }
-
-    public void init(
-        DerivationParameters    param)
-    {
-        if (!(param instanceof MGFParameters))
-        {
-            throw new IllegalArgumentException("MGF parameters required for MGF1Generator");
-        }
-
-        MGFParameters   p = (MGFParameters)param;
-
-        seed = p.getSeed();
-    }
-
-    /**
-     * return the underlying digest.
-     */
-    public Digest getDigest()
-    {
-        return digest;
-    }
-
-    /**
-     * int to octet string.
-     */
-    private void ItoOSP(
-        int     i,
-        byte[]  sp)
-    {
-        sp[0] = (byte)(i >>> 24);
-        sp[1] = (byte)(i >>> 16);
-        sp[2] = (byte)(i >>> 8);
-        sp[3] = (byte)(i >>> 0);
-    }
-
-    /**
-     * fill len bytes of the output buffer with bytes generated from
-     * the derivation function.
-     *
-     * @throws DataLengthException if the out buffer is too small.
-     */
-    public int generateBytes(
-        byte[]  out,
-        int     outOff,
-        int     len)
-        throws DataLengthException, IllegalArgumentException
-    {
-        if ((out.length - len) < outOff)
-        {
-            throw new OutputLengthException("output buffer too small");
-        }
-        
-        byte[]  hashBuf = new byte[hLen];
-        byte[]  C = new byte[4];
-        int     counter = 0;
-
-        digest.reset();
-
-        if (len > hLen)
-        {
-            do
-            {
-                ItoOSP(counter, C);
-    
-                digest.update(seed, 0, seed.length);
-                digest.update(C, 0, C.length);
-                digest.doFinal(hashBuf, 0);
-    
-                System.arraycopy(hashBuf, 0, out, outOff + counter * hLen, hLen);
-            }
-            while (++counter < (len / hLen));
-        }
-
-        if ((counter * hLen) < len)
-        {
-            ItoOSP(counter, C);
-
-            digest.update(seed, 0, seed.length);
-            digest.update(C, 0, C.length);
-            digest.doFinal(hashBuf, 0);
-
-            System.arraycopy(hashBuf, 0, out, outOff + counter * hLen, len - (counter * hLen));
-        }
-
-        return len;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/NaccacheSternKeyPairGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/NaccacheSternKeyPairGenerator.java
deleted file mode 100644
index 7d4b90b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/NaccacheSternKeyPairGenerator.java
+++ /dev/null

@@ -1,366 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-import java.util.Vector;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.crypto.params.NaccacheSternKeyGenerationParameters;
-import org.bouncycastle.crypto.params.NaccacheSternKeyParameters;
-import org.bouncycastle.crypto.params.NaccacheSternPrivateKeyParameters;
-import org.bouncycastle.util.BigIntegers;
-
-/**
- * Key generation parameters for NaccacheStern cipher. For details on this cipher, please see
- * 
- * http://www.gemplus.com/smart/rd/publications/pdf/NS98pkcs.pdf
- */
-public class NaccacheSternKeyPairGenerator 
-    implements AsymmetricCipherKeyPairGenerator 
-{
-
-    private static int[] smallPrimes =
-    {
-        3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, 61, 67,
-        71, 73, 79, 83, 89, 97, 101, 103, 107, 109, 113, 127, 131, 137, 139, 149,
-        151, 157, 163, 167, 173, 179, 181, 191, 193, 197, 199, 211, 223, 227, 229, 233,
-        239, 241, 251, 257, 263, 269, 271, 277, 281, 283, 293, 307, 311, 313, 317, 331,
-        337, 347, 349, 353, 359, 367, 373, 379, 383, 389, 397, 401, 409, 419, 421, 431,
-        433, 439, 443, 449, 457, 461, 463, 467, 479, 487, 491, 499, 503, 509, 521, 523,
-        541, 547, 557
-    };
-    
-    private NaccacheSternKeyGenerationParameters param;
-
-    private static final BigInteger ONE = BigInteger.valueOf(1); // JDK 1.1 compatibility
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator#init(org.bouncycastle.crypto.KeyGenerationParameters)
-     */
-    public void init(KeyGenerationParameters param)
-    {
-        this.param = (NaccacheSternKeyGenerationParameters)param;
-    }
-
-    /*
-     * (non-Javadoc)
-     * 
-     * @see org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator#generateKeyPair()
-     */
-    public AsymmetricCipherKeyPair generateKeyPair()
-    {
-        int strength = param.getStrength();
-        SecureRandom rand = param.getRandom();
-        int certainty = param.getCertainty();
-        boolean debug = param.isDebug();
-
-        if (debug)
-        {
-            System.out.println("Fetching first " + param.getCntSmallPrimes() + " primes.");
-        }
-
-        Vector smallPrimes = findFirstPrimes(param.getCntSmallPrimes());
-        smallPrimes = permuteList(smallPrimes, rand);
-
-        BigInteger u = ONE;
-        BigInteger v = ONE;
-
-        for (int i = 0; i < smallPrimes.size() / 2; i++)
-        {
-            u = u.multiply((BigInteger)smallPrimes.elementAt(i));
-        }
-        for (int i = smallPrimes.size() / 2; i < smallPrimes.size(); i++)
-        {
-            v = v.multiply((BigInteger)smallPrimes.elementAt(i));
-        }
-
-        BigInteger sigma = u.multiply(v);
-
-        // n = (2 a u p_ + 1 ) ( 2 b v q_ + 1)
-        // -> |n| = strength
-        // |2| = 1 in bits
-        // -> |a| * |b| = |n| - |u| - |v| - |p_| - |q_| - |2| -|2|
-        // remainingStrength = strength - sigma.bitLength() - p_.bitLength() -
-        // q_.bitLength() - 1 -1
-        int remainingStrength = strength - sigma.bitLength() - 48;
-        BigInteger a = generatePrime(remainingStrength / 2 + 1, certainty, rand);
-        BigInteger b = generatePrime(remainingStrength / 2 + 1, certainty, rand);
-
-        BigInteger p_;
-        BigInteger q_;
-        BigInteger p;
-        BigInteger q;
-        long tries = 0;
-        if (debug)
-        {
-            System.out.println("generating p and q");
-        }
-
-        BigInteger _2au = a.multiply(u).shiftLeft(1);
-        BigInteger _2bv = b.multiply(v).shiftLeft(1);
-
-        for (;;)
-        {
-            tries++;
-
-            p_ = generatePrime(24, certainty, rand);
-   
-            p = p_.multiply(_2au).add(ONE);
-
-            if (!p.isProbablePrime(certainty))
-            {
-                continue;
-            }
-
-            for (;;)
-            {
-                q_ = generatePrime(24, certainty, rand);
-
-                if (p_.equals(q_))
-                {
-                    continue;
-                }
-
-                q = q_.multiply(_2bv).add(ONE);
-
-                if (q.isProbablePrime(certainty))
-                {
-                    break;
-                }
-            }
-
-            if (!sigma.gcd(p_.multiply(q_)).equals(ONE))
-            {
-                // System.out.println("sigma.gcd(p_.mult(q_)) != 1!\n p_: " + p_
-                // +"\n q_: "+ q_ );
-                continue;
-            }
-
-            if (p.multiply(q).bitLength() < strength)
-            {
-                if (debug)
-                {
-                    System.out.println("key size too small. Should be " + strength + " but is actually "
-                                    + p.multiply(q).bitLength());
-                }
-                continue;
-            }
-            break;
-        }
-
-        if (debug)
-        {
-            System.out.println("needed " + tries + " tries to generate p and q.");
-        }
-
-        BigInteger n = p.multiply(q);
-        BigInteger phi_n = p.subtract(ONE).multiply(q.subtract(ONE));
-        BigInteger g;
-        tries = 0;
-        if (debug)
-        {
-            System.out.println("generating g");
-        }
-        for (;;)
-        {
-
-            Vector gParts = new Vector();
-            for (int ind = 0; ind != smallPrimes.size(); ind++)
-            {
-                BigInteger i = (BigInteger)smallPrimes.elementAt(ind);
-                BigInteger e = phi_n.divide(i);
-
-                for (;;)
-                {
-                    tries++;
-                    g = BigIntegers.createRandomPrime(strength, certainty, rand);
-                    if (g.modPow(e, n).equals(ONE))
-                    {
-                        continue;
-                    }
-                    gParts.addElement(g);
-                    break;
-                }
-            }
-            g = ONE;
-            for (int i = 0; i < smallPrimes.size(); i++)
-            {
-                g = g.multiply(((BigInteger)gParts.elementAt(i)).modPow(sigma.divide((BigInteger)smallPrimes.elementAt(i)), n)).mod(n);
-            }
-
-            // make sure that g is not divisible by p_i or q_i
-            boolean divisible = false;
-            for (int i = 0; i < smallPrimes.size(); i++)
-            {
-                if (g.modPow(phi_n.divide((BigInteger)smallPrimes.elementAt(i)), n).equals(ONE))
-                {
-                    if (debug)
-                    {
-                        System.out.println("g has order phi(n)/" + smallPrimes.elementAt(i) + "\n g: " + g);
-                    }
-                    divisible = true;
-                    break;
-                }
-            }
-            
-            if (divisible)
-            {
-                continue;
-            }
-
-            // make sure that g has order > phi_n/4
-
-            if (g.modPow(phi_n.divide(BigInteger.valueOf(4)), n).equals(ONE))
-            {
-                if (debug)
-                {
-                    System.out.println("g has order phi(n)/4\n g:" + g);
-                }
-                continue;
-            }
-
-            if (g.modPow(phi_n.divide(p_), n).equals(ONE))
-            {
-                if (debug)
-                {
-                    System.out.println("g has order phi(n)/p'\n g: " + g);
-                }
-                continue;
-            }
-            if (g.modPow(phi_n.divide(q_), n).equals(ONE))
-            {
-                if (debug)
-                {
-                    System.out.println("g has order phi(n)/q'\n g: " + g);
-                }
-                continue;
-            }
-            if (g.modPow(phi_n.divide(a), n).equals(ONE))
-            {
-                if (debug)
-                {
-                    System.out.println("g has order phi(n)/a\n g: " + g);
-                }
-                continue;
-            }
-            if (g.modPow(phi_n.divide(b), n).equals(ONE))
-            {
-                if (debug)
-                {
-                    System.out.println("g has order phi(n)/b\n g: " + g);
-                }
-                continue;
-            }
-            break;
-        }
-        if (debug)
-        {
-            System.out.println("needed " + tries + " tries to generate g");
-            System.out.println();
-            System.out.println("found new NaccacheStern cipher variables:");
-            System.out.println("smallPrimes: " + smallPrimes);
-            System.out.println("sigma:...... " + sigma + " (" + sigma.bitLength() + " bits)");
-            System.out.println("a:.......... " + a);
-            System.out.println("b:.......... " + b);
-            System.out.println("p':......... " + p_);
-            System.out.println("q':......... " + q_);
-            System.out.println("p:.......... " + p);
-            System.out.println("q:.......... " + q);
-            System.out.println("n:.......... " + n);
-            System.out.println("phi(n):..... " + phi_n);
-            System.out.println("g:.......... " + g);
-            System.out.println();
-        }
-
-        return new AsymmetricCipherKeyPair(new NaccacheSternKeyParameters(false, g, n, sigma.bitLength()),
-                        new NaccacheSternPrivateKeyParameters(g, n, sigma.bitLength(), smallPrimes, phi_n));
-    }
-
-    private static BigInteger generatePrime(
-            int bitLength, 
-            int certainty,
-            SecureRandom rand)
-    {
-        BigInteger p_ = BigIntegers.createRandomPrime(bitLength, certainty, rand);
-        while (p_.bitLength() != bitLength)
-        {
-            p_ = BigIntegers.createRandomPrime(bitLength, certainty, rand);
-        }
-        return p_;
-    }
-
-    /**
-     * Generates a permuted ArrayList from the original one. The original List
-     * is not modified
-     * 
-     * @param arr
-     *            the ArrayList to be permuted
-     * @param rand
-     *            the source of Randomness for permutation
-     * @return a new ArrayList with the permuted elements.
-     */
-    private static Vector permuteList(
-        Vector arr, 
-        SecureRandom rand) 
-    {
-        Vector retval = new Vector();
-        Vector tmp = new Vector();
-        for (int i = 0; i < arr.size(); i++) 
-        {
-            tmp.addElement(arr.elementAt(i));
-        }
-        retval.addElement(tmp.elementAt(0));
-        tmp.removeElementAt(0);
-        while (tmp.size() != 0) 
-        {
-            retval.insertElementAt(tmp.elementAt(0), getInt(rand, retval.size() + 1));
-            tmp.removeElementAt(0);
-        }
-        return retval;
-    }
-
-    private static int getInt(
-        SecureRandom rand,
-        int n)
-    {
-        if ((n & -n) == n) 
-        {
-            return (int)((n * (long)(rand.nextInt() & 0x7fffffff)) >> 31);
-        }
-
-        int bits, val;
-        do
-        {
-            bits = rand.nextInt() & 0x7fffffff;
-            val = bits % n;
-        }
-        while (bits - val + (n-1) < 0);
-
-        return val;
-    }
-
-    /**
-     * Finds the first 'count' primes starting with 3
-     * 
-     * @param count
-     *            the number of primes to find
-     * @return a vector containing the found primes as Integer
-     */
-    private static Vector findFirstPrimes(
-        int count) 
-    {
-        Vector primes = new Vector(count);
-
-        for (int i = 0; i != count; i++)
-        {
-            primes.addElement(BigInteger.valueOf(smallPrimes[i]));
-        }
-        
-        return primes;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/OpenBSDBCrypt.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/OpenBSDBCrypt.java
deleted file mode 100644
index 1c30065..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/OpenBSDBCrypt.java
+++ /dev/null

@@ -1,359 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import java.io.ByteArrayOutputStream;
-import java.util.HashSet;
-import java.util.Set;
-
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-
-/**
- * Password hashing scheme BCrypt,
- * designed by Niels Provos and David Mazières, using the
- * String format and the Base64 encoding
- * of the reference implementation on OpenBSD
- */
-public class OpenBSDBCrypt
-{
-    private static final byte[] encodingTable = // the Bcrypts encoding table for OpenBSD
-        {
-            (byte)'.', (byte)'/', (byte)'A', (byte)'B', (byte)'C', (byte)'D',
-            (byte)'E', (byte)'F', (byte)'G', (byte)'H', (byte)'I', (byte)'J',
-            (byte)'K', (byte)'L', (byte)'M', (byte)'N', (byte)'O', (byte)'P',
-            (byte)'Q', (byte)'R', (byte)'S', (byte)'T', (byte)'U', (byte)'V',
-            (byte)'W', (byte)'X', (byte)'Y', (byte)'Z', (byte)'a', (byte)'b',
-            (byte)'c', (byte)'d', (byte)'e', (byte)'f', (byte)'g', (byte)'h',
-            (byte)'i', (byte)'j', (byte)'k', (byte)'l', (byte)'m', (byte)'n',
-            (byte)'o', (byte)'p', (byte)'q', (byte)'r', (byte)'s', (byte)'t',
-            (byte)'u', (byte)'v', (byte)'w', (byte)'x', (byte)'y', (byte)'z',
-            (byte)'0', (byte)'1', (byte)'2', (byte)'3', (byte)'4', (byte)'5',
-            (byte)'6', (byte)'7', (byte)'8', (byte)'9'
-        };
-    /*
-     * set up the decoding table.
-     */
-    private static final byte[] decodingTable = new byte[128];
-    private static final String defaultVersion = "2y";
-    private static final Set<String> allowedVersions = new HashSet<String>();
-
-    static
-    {
-        // Presently just the Bcrypt versions.
-        allowedVersions.add("2a");
-        allowedVersions.add("2y");
-        allowedVersions.add("2b");
-
-        for (int i = 0; i < decodingTable.length; i++)
-        {
-            decodingTable[i] = (byte)0xff;
-        }
-
-        for (int i = 0; i < encodingTable.length; i++)
-        {
-            decodingTable[encodingTable[i]] = (byte)i;
-        }
-    }
-
-    public OpenBSDBCrypt()
-    {
-
-    }
-
-    /**
-     * Creates a 60 character Bcrypt String, including
-     * version, cost factor, salt and hash, separated by '$'
-     *
-     * @param version  the version, 2y,2b or 2a. (2a is not backwards compatible.)
-     * @param cost     the cost factor, treated as an exponent of 2
-     * @param salt     a 16 byte salt
-     * @param password the password
-     * @return a 60 character Bcrypt String
-     */
-    private static String createBcryptString(String version,
-                                             byte[] password,
-                                             byte[] salt,
-                                             int cost)
-    {
-        if (!allowedVersions.contains(version))
-        {
-            throw new IllegalArgumentException("Version " + version + " is not accepted by this implementation.");
-        }
-
-        StringBuffer sb = new StringBuffer(60);
-        sb.append('$');
-        sb.append(version);
-        sb.append('$');
-        sb.append(cost < 10 ? ("0" + cost) : Integer.toString(cost));
-        sb.append('$');
-        sb.append(encodeData(salt));
-
-        byte[] key = BCrypt.generate(password, salt, cost);
-
-        sb.append(encodeData(key));
-
-        return sb.toString();
-    }
-
-    /**
-     * Creates a 60 character Bcrypt String, including
-     * version, cost factor, salt and hash, separated by '$' using version
-     * '2y'.
-     *
-     * @param cost     the cost factor, treated as an exponent of 2
-     * @param salt     a 16 byte salt
-     * @param password the password
-     * @return a 60 character Bcrypt String
-     */
-    public static String generate(
-        char[] password,
-        byte[] salt,
-        int cost)
-    {
-        return generate(defaultVersion, password, salt, cost);
-    }
-
-
-    /**
-     * Creates a 60 character Bcrypt String, including
-     * version, cost factor, salt and hash, separated by '$'
-     *
-     * @param version  the version, may be 2b, 2y or 2a. (2a is not backwards compatible.)
-     * @param cost     the cost factor, treated as an exponent of 2
-     * @param salt     a 16 byte salt
-     * @param password the password
-     * @return a 60 character Bcrypt String
-     */
-    public static String generate(
-        String version,
-        char[] password,
-        byte[] salt,
-        int cost)
-    {
-        if (!allowedVersions.contains(version))
-        {
-            throw new IllegalArgumentException("Version " + version + " is not accepted by this implementation.");
-        }
-
-        if (password == null)
-        {
-            throw new IllegalArgumentException("Password required.");
-        }
-        if (salt == null)
-        {
-            throw new IllegalArgumentException("Salt required.");
-        }
-        else if (salt.length != 16)
-        {
-            throw new DataLengthException("16 byte salt required: " + salt.length);
-        }
-        if (cost < 4 || cost > 31) // Minimum rounds: 16, maximum 2^31
-        {
-            throw new IllegalArgumentException("Invalid cost factor.");
-        }
-
-        byte[] psw = Strings.toUTF8ByteArray(password);
-
-        // 0 termination:
-
-        byte[] tmp = new byte[psw.length >= 72 ? 72 : psw.length + 1];
-
-        if (tmp.length > psw.length)
-        {
-            System.arraycopy(psw, 0, tmp, 0, psw.length);
-        }
-        else
-        {
-            System.arraycopy(psw, 0, tmp, 0, tmp.length);
-        }
-
-        Arrays.fill(psw, (byte)0);
-
-        String rv = createBcryptString(version, tmp, salt, cost);
-
-        Arrays.fill(tmp, (byte)0);
-
-        return rv;
-    }
-
-    /**
-     * Checks if a password corresponds to a 60 character Bcrypt String
-     *
-     * @param bcryptString a 60 character Bcrypt String, including
-     *                     version, cost factor, salt and hash,
-     *                     separated by '$'
-     * @param password     the password as an array of chars
-     * @return true if the password corresponds to the
-     * Bcrypt String, otherwise false
-     */
-    public static boolean checkPassword(
-        String bcryptString,
-        char[] password)
-    {
-        // validate bcryptString:
-        if (bcryptString.length() != 60)
-        {
-            throw new DataLengthException("Bcrypt String length: "
-                + bcryptString.length() + ", 60 required.");
-        }
-
-        if (bcryptString.charAt(0) != '$'
-            || bcryptString.charAt(3) != '$'
-            || bcryptString.charAt(6) != '$')
-        {
-            throw new IllegalArgumentException("Invalid Bcrypt String format.");
-        }
-
-        String version = bcryptString.substring(1, 3);
-
-        if (!allowedVersions.contains(version))
-        {
-            throw new IllegalArgumentException("Bcrypt version '" + version + "' is not supported by this implementation");
-        }
-
-        int cost = 0;
-        String costStr = bcryptString.substring(4, 6);
-        try
-        {
-            cost = Integer.parseInt(costStr);
-        }
-        catch (NumberFormatException nfe)
-        {
-            throw new IllegalArgumentException("Invalid cost factor: " + costStr);
-        }
-        if (cost < 4 || cost > 31)
-        {
-            throw new IllegalArgumentException("Invalid cost factor: " + cost + ", 4 < cost < 31 expected.");
-        }
-        // check password:
-        if (password == null)
-        {
-            throw new IllegalArgumentException("Missing password.");
-        }
-        byte[] salt = decodeSaltString(
-            bcryptString.substring(bcryptString.lastIndexOf('$') + 1,
-                bcryptString.length() - 31));
-
-        String newBcryptString = generate(version, password, salt, cost);
-
-        return bcryptString.equals(newBcryptString);
-    }
-
-    /*
-     * encode the input data producing a Bcrypt base 64 String.
-     *
-     * @param 	a byte representation of the salt or the password
-     * @return 	the Bcrypt base64 String
-     */
-    private static String encodeData(
-        byte[] data)
-
-    {
-        if (data.length != 24 && data.length != 16) // 192 bit key or 128 bit salt expected
-        {
-            throw new DataLengthException("Invalid length: " + data.length + ", 24 for key or 16 for salt expected");
-        }
-        boolean salt = false;
-        if (data.length == 16)//salt
-        {
-            salt = true;
-            byte[] tmp = new byte[18];// zero padding
-            System.arraycopy(data, 0, tmp, 0, data.length);
-            data = tmp;
-        }
-        else // key
-        {
-            data[data.length - 1] = (byte)0;
-        }
-
-        ByteArrayOutputStream out = new ByteArrayOutputStream();
-        int len = data.length;
-
-        int a1, a2, a3;
-        int i;
-        for (i = 0; i < len; i += 3)
-        {
-            a1 = data[i] & 0xff;
-            a2 = data[i + 1] & 0xff;
-            a3 = data[i + 2] & 0xff;
-
-            out.write(encodingTable[(a1 >>> 2) & 0x3f]);
-            out.write(encodingTable[((a1 << 4) | (a2 >>> 4)) & 0x3f]);
-            out.write(encodingTable[((a2 << 2) | (a3 >>> 6)) & 0x3f]);
-            out.write(encodingTable[a3 & 0x3f]);
-        }
-
-        String result = Strings.fromByteArray(out.toByteArray());
-        if (salt == true)// truncate padding
-        {
-            return result.substring(0, 22);
-        }
-        else
-        {
-            return result.substring(0, result.length() - 1);
-        }
-    }
-
-
-    /*
-     * decodes the bcrypt base 64 encoded SaltString
-     *
-     * @param 		a 22 character Bcrypt base 64 encoded String 
-     * @return 		the 16 byte salt
-     * @exception 	DataLengthException if the length 
-     * 				of parameter is not 22
-     * @exception 	InvalidArgumentException if the parameter
-     * 				contains a value other than from Bcrypts base 64 encoding table
-     */
-    private static byte[] decodeSaltString(
-        String saltString)
-    {
-        char[] saltChars = saltString.toCharArray();
-
-        ByteArrayOutputStream out = new ByteArrayOutputStream(16);
-        byte b1, b2, b3, b4;
-
-        if (saltChars.length != 22)// bcrypt salt must be 22 (16 bytes)
-        {
-            throw new DataLengthException("Invalid base64 salt length: " + saltChars.length + " , 22 required.");
-        }
-
-        // check String for invalid characters:
-        for (int i = 0; i < saltChars.length; i++)
-        {
-            int value = saltChars[i];
-            if (value > 122 || value < 46 || (value > 57 && value < 65))
-            {
-                throw new IllegalArgumentException("Salt string contains invalid character: " + value);
-            }
-        }
-
-        // Padding: add two '\u0000'
-        char[] tmp = new char[22 + 2];
-        System.arraycopy(saltChars, 0, tmp, 0, saltChars.length);
-        saltChars = tmp;
-
-        int len = saltChars.length;
-
-        for (int i = 0; i < len; i += 4)
-        {
-            b1 = decodingTable[saltChars[i]];
-            b2 = decodingTable[saltChars[i + 1]];
-            b3 = decodingTable[saltChars[i + 2]];
-            b4 = decodingTable[saltChars[i + 3]];
-
-            out.write((b1 << 2) | (b2 >> 4));
-            out.write((b2 << 4) | (b3 >> 2));
-            out.write((b3 << 6) | b4);
-        }
-
-        byte[] saltBytes = out.toByteArray();
-
-        // truncate:
-        byte[] tmpSalt = new byte[16];
-        System.arraycopy(saltBytes, 0, tmpSalt, 0, tmpSalt.length);
-        saltBytes = tmpSalt;
-
-        return saltBytes;
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java
index dd8e589..3e850c1 100644
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java

@@ -5,7 +5,9 @@
 import org.bouncycastle.crypto.PBEParametersGenerator;
 import org.bouncycastle.crypto.params.KeyParameter;
 import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.crypto.util.DigestFactory;
+// Android-changed: Use Android digests
+// import org.bouncycastle.crypto.util.DigestFactory;
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
 
 /**
  * Generator for PBE derived keys and ivs as usd by OpenSSL.
@@ -17,7 +19,9 @@
 public class OpenSSLPBEParametersGenerator
     extends PBEParametersGenerator
 {
-    private Digest  digest = DigestFactory.createMD5();
+    // Android-changed: Use Android digests
+    // private Digest  digest = DigestFactory.createMD5();
+    private Digest  digest = AndroidDigestFactory.getMD5();
 
     /**
      * Construct a OpenSSL Parameters generator. 

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java
index 94e70e7..c45c84f 100644
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java

@@ -7,7 +7,9 @@
 import org.bouncycastle.crypto.macs.HMac;
 import org.bouncycastle.crypto.params.KeyParameter;
 import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.crypto.util.DigestFactory;
+// Android-changed: Use Android digests
+// import org.bouncycastle.crypto.util.DigestFactory;
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
 import org.bouncycastle.util.Arrays;
 
 /**
@@ -29,7 +31,9 @@
      */
     public PKCS5S2ParametersGenerator()
     {
-        this(DigestFactory.createSHA1());
+        // Android-changed: Use Android digests
+        // this(DigestFactory.createSHA1());
+        this(AndroidDigestFactory.getSHA1());
     }
 
     public PKCS5S2ParametersGenerator(Digest digest)

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/Poly1305KeyGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/Poly1305KeyGenerator.java
deleted file mode 100644
index ea4e774..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/Poly1305KeyGenerator.java
+++ /dev/null

@@ -1,117 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.crypto.macs.Poly1305;
-
-/**
- * Generates keys for the Poly1305 MAC.
- * <p>
- * Poly1305 keys are 256 bit keys consisting of a 128 bit secret key used for the underlying block
- * cipher followed by a 128 bit {@code r} value used for the polynomial portion of the Mac. <br>
- * The {@code r} value has a specific format with some bits required to be cleared, resulting in an
- * effective 106 bit key. <br>
- * A separately generated 256 bit key can be modified to fit the Poly1305 key format by using the
- * {@link #clamp(byte[])} method to clear the required bits.
- *
- * @see Poly1305
- */
-public class Poly1305KeyGenerator
-    extends CipherKeyGenerator
-{
-    private static final byte R_MASK_LOW_2 = (byte)0xFC;
-    private static final byte R_MASK_HIGH_4 = (byte)0x0F;
-
-    /**
-     * Initialises the key generator.<br>
-     * Poly1305 keys are always 256 bits, so the key length in the provided parameters is ignored.
-     */
-    public void init(KeyGenerationParameters param)
-    {
-        // Poly1305 keys are always 256 bits
-        super.init(new KeyGenerationParameters(param.getRandom(), 256));
-    }
-
-    /**
-     * Generates a 256 bit key in the format required for Poly1305 - e.g.
-     * <code>k[0] ... k[15], r[0] ... r[15]</code> with the required bits in <code>r</code> cleared
-     * as per {@link #clamp(byte[])}.
-     */
-    public byte[] generateKey()
-    {
-        final byte[] key = super.generateKey();
-        clamp(key);
-        return key;
-    }
-
-    /**
-     * Modifies an existing 32 byte key value to comply with the requirements of the Poly1305 key by
-     * clearing required bits in the <code>r</code> (second 16 bytes) portion of the key.<br>
-     * Specifically:
-     * <ul>
-     * <li>r[3], r[7], r[11], r[15] have top four bits clear (i.e., are {0, 1, . . . , 15})</li>
-     * <li>r[4], r[8], r[12] have bottom two bits clear (i.e., are in {0, 4, 8, . . . , 252})</li>
-     * </ul>
-     *
-     * @param key a 32 byte key value <code>k[0] ... k[15], r[0] ... r[15]</code>
-     */
-    public static void clamp(byte[] key)
-    {
-        /*
-         * Key is k[0] ... k[15], r[0] ... r[15] as per poly1305_aes_clamp in ref impl.
-         */
-        if (key.length != 32)
-        {
-            throw new IllegalArgumentException("Poly1305 key must be 256 bits.");
-        }
-
-        /*
-         * r[3], r[7], r[11], r[15] have top four bits clear (i.e., are {0, 1, . . . , 15})
-         */
-        key[3] &= R_MASK_HIGH_4;
-        key[7] &= R_MASK_HIGH_4;
-        key[11] &= R_MASK_HIGH_4;
-        key[15] &= R_MASK_HIGH_4;
-
-        /*
-         * r[4], r[8], r[12] have bottom two bits clear (i.e., are in {0, 4, 8, . . . , 252}).
-         */
-        key[4] &= R_MASK_LOW_2;
-        key[8] &= R_MASK_LOW_2;
-        key[12] &= R_MASK_LOW_2;
-    }
-
-    /**
-     * Checks a 32 byte key for compliance with the Poly1305 key requirements, e.g.
-     * <code>k[0] ... k[15], r[0] ... r[15]</code> with the required bits in <code>r</code> cleared
-     * as per {@link #clamp(byte[])}.
-     *
-     * @throws IllegalArgumentException if the key is of the wrong length, or has invalid bits set
-     *             in the <code>r</code> portion of the key.
-     */
-    public static void checkKey(byte[] key)
-    {
-        if (key.length != 32)
-        {
-            throw new IllegalArgumentException("Poly1305 key must be 256 bits.");
-        }
-
-        checkMask(key[3], R_MASK_HIGH_4);
-        checkMask(key[7], R_MASK_HIGH_4);
-        checkMask(key[11], R_MASK_HIGH_4);
-        checkMask(key[15], R_MASK_HIGH_4);
-
-        checkMask(key[4], R_MASK_LOW_2);
-        checkMask(key[8], R_MASK_LOW_2);
-        checkMask(key[12], R_MASK_LOW_2);
-    }
-
-    private static void checkMask(byte b, byte mask)
-    {
-        if ((b & (~mask)) != 0)
-        {
-            throw new IllegalArgumentException("Invalid format for r portion of Poly1305 key.");
-        }
-    }
-
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/RSABlindingFactorGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/RSABlindingFactorGenerator.java
deleted file mode 100644
index 9e2df35..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/RSABlindingFactorGenerator.java
+++ /dev/null

@@ -1,79 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
-import org.bouncycastle.util.BigIntegers;
-
-/**
- * Generate a random factor suitable for use with RSA blind signatures
- * as outlined in Chaum's blinding and unblinding as outlined in
- * "Handbook of Applied Cryptography", page 475.
- */
-public class RSABlindingFactorGenerator
-{
-    private static BigInteger ZERO = BigInteger.valueOf(0);
-    private static BigInteger ONE = BigInteger.valueOf(1);
-
-    private RSAKeyParameters key;
-    private SecureRandom random;
-
-    /**
-     * Initialise the factor generator
-     *
-     * @param param the necessary RSA key parameters.
-     */
-    public void init(
-        CipherParameters param)
-    {
-        if (param instanceof ParametersWithRandom)
-        {
-            ParametersWithRandom rParam = (ParametersWithRandom)param;
-
-            key = (RSAKeyParameters)rParam.getParameters();
-            random = rParam.getRandom();
-        }
-        else
-        {
-            key = (RSAKeyParameters)param;
-            random = CryptoServicesRegistrar.getSecureRandom();
-        }
-
-        if (key instanceof RSAPrivateCrtKeyParameters)
-        {
-            throw new IllegalArgumentException("generator requires RSA public key");
-        }
-    }
-
-    /**
-     * Generate a suitable blind factor for the public key the generator was initialised with.
-     *
-     * @return a random blind factor
-     */
-    public BigInteger generateBlindingFactor()
-    {
-        if (key == null)
-        {
-            throw new IllegalStateException("generator not initialised");
-        }
-
-        BigInteger m = key.getModulus();
-        int length = m.bitLength() - 1; // must be less than m.bitLength()
-        BigInteger factor;
-        BigInteger gcd;
-
-        do
-        {
-            factor = BigIntegers.createRandomBigInteger(length, random);
-            gcd = factor.gcd(m);
-        }
-        while (factor.equals(ZERO) || factor.equals(ONE) || !gcd.equals(ONE));
-
-        return factor;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/SCrypt.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/SCrypt.java
deleted file mode 100644
index 3fdc3d3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/SCrypt.java
+++ /dev/null

@@ -1,207 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import org.bouncycastle.crypto.PBEParametersGenerator;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.engines.Salsa20Engine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Pack;
-
-/**
- * Implementation of the scrypt a password-based key derivation function.
- * <p>
- * Scrypt was created by Colin Percival and is specified in <a
- * href="https://tools.ietf.org/html/rfc7914">RFC 7914 - The scrypt Password-Based Key Derivation Function</a>
- */
-public class SCrypt
-{
-    private SCrypt()
-    {
-         // not used.
-    }
-
-    /**
-     * Generate a key using the scrypt key derivation function.
-     *
-     * @param P     the bytes of the pass phrase.
-     * @param S     the salt to use for this invocation.
-     * @param N     CPU/Memory cost parameter. Must be larger than 1, a power of 2 and less than
-     *              <code>2^(128 * r / 8)</code>.
-     * @param r     the block size, must be &gt;= 1.
-     * @param p     Parallelization parameter. Must be a positive integer less than or equal to
-     *              <code>Integer.MAX_VALUE / (128 * r * 8)</code>.
-     * @param dkLen the length of the key to generate.
-     * @return the generated key.
-     */
-    public static byte[] generate(byte[] P, byte[] S, int N, int r, int p, int dkLen)
-    {
-        if (P == null)
-        {
-            throw new IllegalArgumentException("Passphrase P must be provided.");
-        }
-        if (S == null)
-        {
-            throw new IllegalArgumentException("Salt S must be provided.");
-        }
-        if (N <= 1 || !isPowerOf2(N))
-        {
-            throw new IllegalArgumentException("Cost parameter N must be > 1 and a power of 2");
-        }
-        // Only value of r that cost (as an int) could be exceeded for is 1
-        if (r == 1 && N >= 65536)
-        {
-            throw new IllegalArgumentException("Cost parameter N must be > 1 and < 65536.");
-        }
-        if (r < 1)
-        {
-            throw new IllegalArgumentException("Block size r must be >= 1.");
-        }
-        int maxParallel = Integer.MAX_VALUE / (128 * r * 8);
-        if (p < 1 || p > maxParallel)
-        {
-            throw new IllegalArgumentException("Parallelisation parameter p must be >= 1 and <= " + maxParallel
-                + " (based on block size r of " + r + ")");
-        }
-        if (dkLen < 1)
-        {
-            throw new IllegalArgumentException("Generated key length dkLen must be >= 1.");
-        }
-        return MFcrypt(P, S, N, r, p, dkLen);
-    }
-
-    private static byte[] MFcrypt(byte[] P, byte[] S, int N, int r, int p, int dkLen)
-    {
-        int MFLenBytes = r * 128;
-        byte[] bytes = SingleIterationPBKDF2(P, S, p * MFLenBytes);
-
-        int[] B = null;
-
-        try
-        {
-            int BLen = bytes.length >>> 2;
-            B = new int[BLen];
-
-            Pack.littleEndianToInt(bytes, 0, B);
-
-            int MFLenWords = MFLenBytes >>> 2;
-            for (int BOff = 0; BOff < BLen; BOff += MFLenWords)
-            {
-                // TODO These can be done in parallel threads
-                SMix(B, BOff, N, r);
-            }
-
-            Pack.intToLittleEndian(B, bytes, 0);
-
-            return SingleIterationPBKDF2(P, bytes, dkLen);
-        }
-        finally
-        {
-            Clear(bytes);
-            Clear(B);
-        }
-    }
-
-    private static byte[] SingleIterationPBKDF2(byte[] P, byte[] S, int dkLen)
-    {
-        PBEParametersGenerator pGen = new PKCS5S2ParametersGenerator(new SHA256Digest());
-        pGen.init(P, S, 1);
-        KeyParameter key = (KeyParameter)pGen.generateDerivedMacParameters(dkLen * 8);
-        return key.getKey();
-    }
-
-    private static void SMix(int[] B, int BOff, int N, int r)
-    {
-        int BCount = r * 32;
-
-        int[] blockX1 = new int[16];
-        int[] blockX2 = new int[16];
-        int[] blockY = new int[BCount];
-
-        int[] X = new int[BCount];
-        int[][] V = new int[N][];
-
-        try
-        {
-            System.arraycopy(B, BOff, X, 0, BCount);
-
-            for (int i = 0; i < N; ++i)
-            {
-                V[i] = Arrays.clone(X);
-                BlockMix(X, blockX1, blockX2, blockY, r);
-            }
-
-            int mask = N - 1;
-            for (int i = 0; i < N; ++i)
-            {
-                int j = X[BCount - 16] & mask;
-                Xor(X, V[j], 0, X);
-                BlockMix(X, blockX1, blockX2, blockY, r);
-            }
-
-            System.arraycopy(X, 0, B, BOff, BCount);
-        }
-        finally
-        {
-            ClearAll(V);
-            ClearAll(new int[][]{X, blockX1, blockX2, blockY});
-        }
-    }
-
-    private static void BlockMix(int[] B, int[] X1, int[] X2, int[] Y, int r)
-    {
-        System.arraycopy(B, B.length - 16, X1, 0, 16);
-
-        int BOff = 0, YOff = 0, halfLen = B.length >>> 1;
-
-        for (int i = 2 * r; i > 0; --i)
-        {
-            Xor(X1, B, BOff, X2);
-
-            Salsa20Engine.salsaCore(8, X2, X1);
-            System.arraycopy(X1, 0, Y, YOff, 16);
-
-            YOff = halfLen + BOff - YOff;
-            BOff += 16;
-        }
-
-        System.arraycopy(Y, 0, B, 0, Y.length);
-    }
-
-    private static void Xor(int[] a, int[] b, int bOff, int[] output)
-    {
-        for (int i = output.length - 1; i >= 0; --i)
-        {
-            output[i] = a[i] ^ b[bOff + i];
-        }
-    }
-
-    private static void Clear(byte[] array)
-    {
-        if (array != null)
-        {
-            Arrays.fill(array, (byte)0);
-        }
-    }
-
-    private static void Clear(int[] array)
-    {
-        if (array != null)
-        {
-            Arrays.fill(array, 0);
-        }
-    }
-
-    private static void ClearAll(int[][] arrays)
-    {
-        for (int i = 0; i < arrays.length; ++i)
-        {
-            Clear(arrays[i]);
-        }
-    }
-
-    // note: we know X is non-zero
-    private static boolean isPowerOf2(int x)
-    {
-        return ((x & (x - 1)) == 0);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/X25519KeyPairGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/X25519KeyPairGenerator.java
deleted file mode 100644
index 2d622df..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/X25519KeyPairGenerator.java
+++ /dev/null

@@ -1,27 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.crypto.params.X25519PrivateKeyParameters;
-import org.bouncycastle.crypto.params.X25519PublicKeyParameters;
-
-public class X25519KeyPairGenerator
-    implements AsymmetricCipherKeyPairGenerator
-{
-    private SecureRandom random;
-
-    public void init(KeyGenerationParameters parameters)
-    {
-        this.random = parameters.getRandom();
-    }
-
-    public AsymmetricCipherKeyPair generateKeyPair()
-    {
-        X25519PrivateKeyParameters privateKey = new X25519PrivateKeyParameters(random);
-        X25519PublicKeyParameters publicKey = privateKey.generatePublicKey();
-        return new AsymmetricCipherKeyPair(publicKey, privateKey);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/X448KeyPairGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/generators/X448KeyPairGenerator.java
deleted file mode 100644
index 7b311ec..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/X448KeyPairGenerator.java
+++ /dev/null

@@ -1,27 +0,0 @@
-package org.bouncycastle.crypto.generators;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.crypto.params.X448PrivateKeyParameters;
-import org.bouncycastle.crypto.params.X448PublicKeyParameters;
-
-public class X448KeyPairGenerator
-    implements AsymmetricCipherKeyPairGenerator
-{
-    private SecureRandom random;
-
-    public void init(KeyGenerationParameters parameters)
-    {
-        this.random = parameters.getRandom();
-    }
-
-    public AsymmetricCipherKeyPair generateKeyPair()
-    {
-        X448PrivateKeyParameters privateKey = new X448PrivateKeyParameters(random);
-        X448PublicKeyParameters publicKey = privateKey.generatePublicKey();
-        return new AsymmetricCipherKeyPair(publicKey, privateKey);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/generators/package.html b/bcprov/src/main/java/org/bouncycastle/crypto/generators/package.html
deleted file mode 100644
index 9d73ce3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/generators/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Generators for keys, key pairs and password based encryption algorithms.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/io/CipherIOException.java b/bcprov/src/main/java/org/bouncycastle/crypto/io/CipherIOException.java
deleted file mode 100644
index beeb60b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/io/CipherIOException.java
+++ /dev/null

@@ -1,26 +0,0 @@
-package org.bouncycastle.crypto.io;
-
-import java.io.IOException;
-
-/**
- * {@link IOException} wrapper around an exception indicating a problem with the use of a cipher.
- */
-public class CipherIOException
-    extends IOException
-{
-    private static final long serialVersionUID = 1L;
-
-    private final Throwable cause;
-
-    public CipherIOException(String message, Throwable cause)
-    {
-        super(message);
-
-        this.cause = cause;
-    }
-
-    public Throwable getCause()
-    {
-        return cause;
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/io/CipherInputStream.java b/bcprov/src/main/java/org/bouncycastle/crypto/io/CipherInputStream.java
deleted file mode 100644
index b06d1f5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/io/CipherInputStream.java
+++ /dev/null

@@ -1,477 +0,0 @@
-package org.bouncycastle.crypto.io;
-
-import java.io.FilterInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.SkippingCipher;
-import org.bouncycastle.crypto.StreamCipher;
-import org.bouncycastle.crypto.modes.AEADBlockCipher;
-import org.bouncycastle.util.Arrays;
-
-/**
- * A CipherInputStream is composed of an InputStream and a cipher so that read() methods return data
- * that are read in from the underlying InputStream but have been additionally processed by the
- * Cipher. The cipher must be fully initialized before being used by a CipherInputStream.
- * <p>
- * For example, if the Cipher is initialized for decryption, the
- * CipherInputStream will attempt to read in data and decrypt them,
- * before returning the decrypted data.
- */
-public class CipherInputStream
-    extends FilterInputStream
-{
-    private static final int INPUT_BUF_SIZE = 2048;
-
-    private SkippingCipher skippingCipher;
-    private byte[] inBuf;
-
-    private BufferedBlockCipher bufferedBlockCipher;
-    private StreamCipher streamCipher;
-    private AEADBlockCipher aeadBlockCipher;
-
-    private byte[] buf;
-    private byte[] markBuf;
-
-
-    private int bufOff;
-    private int maxBuf;
-    private boolean finalized;
-    private long markPosition;
-    private int markBufOff;
-
-    /**
-     * Constructs a CipherInputStream from an InputStream and a
-     * BufferedBlockCipher.
-     */
-    public CipherInputStream(
-        InputStream is,
-        BufferedBlockCipher cipher)
-    {
-        this(is, cipher, INPUT_BUF_SIZE);
-    }
-
-    /**
-     * Constructs a CipherInputStream from an InputStream and a StreamCipher.
-     */
-    public CipherInputStream(
-        InputStream is,
-        StreamCipher cipher)
-    {
-        this(is, cipher, INPUT_BUF_SIZE);
-    }
-
-    /**
-     * Constructs a CipherInputStream from an InputStream and an AEADBlockCipher.
-     */
-    public CipherInputStream(
-        InputStream is,
-        AEADBlockCipher cipher)
-    {
-        this(is, cipher, INPUT_BUF_SIZE);
-    }
-
-    /**
-     * Constructs a CipherInputStream from an InputStream, a
-     * BufferedBlockCipher, and a specified internal buffer size.
-     */
-    public CipherInputStream(
-        InputStream is,
-        BufferedBlockCipher cipher,
-        int bufSize)
-    {
-        super(is);
-
-        this.bufferedBlockCipher = cipher;
-        this.inBuf = new byte[bufSize];
-        this.skippingCipher = (cipher instanceof SkippingCipher) ? (SkippingCipher)cipher : null;
-    }
-
-    /**
-     * Constructs a CipherInputStream from an InputStream, a StreamCipher, and a specified internal buffer size.
-     */
-    public CipherInputStream(
-        InputStream is,
-        StreamCipher cipher,
-        int bufSize)
-    {
-        super(is);
-
-        this.streamCipher = cipher;
-        this.inBuf = new byte[bufSize];
-        this.skippingCipher = (cipher instanceof SkippingCipher) ? (SkippingCipher)cipher : null;
-    }
-
-    /**
-     * Constructs a CipherInputStream from an InputStream, an AEADBlockCipher, and a specified internal buffer size.
-     */
-    public CipherInputStream(
-        InputStream is,
-        AEADBlockCipher cipher,
-        int bufSize)
-    {
-        super(is);
-
-        this.aeadBlockCipher = cipher;
-        this.inBuf = new byte[bufSize];
-        this.skippingCipher = (cipher instanceof SkippingCipher) ? (SkippingCipher)cipher : null;
-    }
-
-    /**
-     * Read data from underlying stream and process with cipher until end of stream or some data is
-     * available after cipher processing.
-     *
-     * @return -1 to indicate end of stream, or the number of bytes (> 0) available.
-     */
-    private int nextChunk()
-        throws IOException
-    {
-        if (finalized)
-        {
-            return -1;
-        }
-
-        bufOff = 0;
-        maxBuf = 0;
-
-        // Keep reading until EOF or cipher processing produces data
-        while (maxBuf == 0)
-        {
-            int read = in.read(inBuf);
-            if (read == -1)
-            {
-                finaliseCipher();
-                if (maxBuf == 0)
-                {
-                    return -1;
-                }
-                return maxBuf;
-            }
-
-            try
-            {
-                ensureCapacity(read, false);
-                if (bufferedBlockCipher != null)
-                {
-                    maxBuf = bufferedBlockCipher.processBytes(inBuf, 0, read, buf, 0);
-                }
-                else if (aeadBlockCipher != null)
-                {
-                    maxBuf = aeadBlockCipher.processBytes(inBuf, 0, read, buf, 0);
-                }
-                else
-                {
-                    streamCipher.processBytes(inBuf, 0, read, buf, 0);
-                    maxBuf = read;
-                }
-            }
-            catch (Exception e)
-            {
-                throw new CipherIOException("Error processing stream ", e);
-            }
-        }
-        return maxBuf;
-    }
-
-    private void finaliseCipher()
-        throws IOException
-    {
-        try
-        {
-            finalized = true;
-            ensureCapacity(0, true);
-            if (bufferedBlockCipher != null)
-            {
-                maxBuf = bufferedBlockCipher.doFinal(buf, 0);
-            }
-            else if (aeadBlockCipher != null)
-            {
-                maxBuf = aeadBlockCipher.doFinal(buf, 0);
-            }
-            else
-            {
-                maxBuf = 0; // a stream cipher
-            }
-        }
-        catch (final InvalidCipherTextException e)
-        {
-            throw new InvalidCipherTextIOException("Error finalising cipher", e);
-        }
-        catch (Exception e)
-        {
-            throw new IOException("Error finalising cipher " + e);
-        }
-    }
-
-    /**
-     * Reads data from the underlying stream and processes it with the cipher until the cipher
-     * outputs data, and returns the next available byte.
-     * <p>
-     * If the underlying stream is exhausted by this call, the cipher will be finalised.
-     * </p>
-     * @throws IOException if there was an error closing the input stream.
-     * @throws InvalidCipherTextIOException if the data read from the stream was invalid ciphertext
-     * (e.g. the cipher is an AEAD cipher and the ciphertext tag check fails).
-     */
-    public int read()
-        throws IOException
-    {
-        if (bufOff >= maxBuf)
-        {
-            if (nextChunk() < 0)
-            {
-                return -1;
-            }
-        }
-
-        return buf[bufOff++] & 0xff;
-    }
-
-    /**
-     * Reads data from the underlying stream and processes it with the cipher until the cipher
-     * outputs data, and then returns up to <code>b.length</code> bytes in the provided array.
-     * <p>
-     * If the underlying stream is exhausted by this call, the cipher will be finalised.
-     * </p>
-     * @param b the buffer into which the data is read.
-     * @return the total number of bytes read into the buffer, or <code>-1</code> if there is no
-     *         more data because the end of the stream has been reached.
-     * @throws IOException if there was an error closing the input stream.
-     * @throws InvalidCipherTextIOException if the data read from the stream was invalid ciphertext
-     * (e.g. the cipher is an AEAD cipher and the ciphertext tag check fails).
-     */
-    public int read(
-        byte[] b)
-        throws IOException
-    {
-        return read(b, 0, b.length);
-    }
-
-    /**
-     * Reads data from the underlying stream and processes it with the cipher until the cipher
-     * outputs data, and then returns up to <code>len</code> bytes in the provided array.
-     * <p>
-     * If the underlying stream is exhausted by this call, the cipher will be finalised.
-     * </p>
-     * @param b   the buffer into which the data is read.
-     * @param off the start offset in the destination array <code>b</code>
-     * @param len the maximum number of bytes read.
-     * @return the total number of bytes read into the buffer, or <code>-1</code> if there is no
-     *         more data because the end of the stream has been reached.
-     * @throws IOException if there was an error closing the input stream.
-     * @throws InvalidCipherTextIOException if the data read from the stream was invalid ciphertext
-     * (e.g. the cipher is an AEAD cipher and the ciphertext tag check fails).
-     */
-    public int read(
-        byte[] b,
-        int off,
-        int len)
-        throws IOException
-    {
-        if (bufOff >= maxBuf)
-        {
-            if (nextChunk() < 0)
-            {
-                return -1;
-            }
-        }
-
-        int toSupply = Math.min(len, available());
-        System.arraycopy(buf, bufOff, b, off, toSupply);
-        bufOff += toSupply;
-        return toSupply;
-    }
-
-    public long skip(
-        long n)
-        throws IOException
-    {
-        if (n <= 0)
-        {
-            return 0;
-        }
-
-        if (skippingCipher != null)
-        {
-            int avail = available();
-            if (n <= avail)
-            {
-                bufOff += n;
-
-                return n;
-            }
-
-            bufOff = maxBuf;
-
-            long skip = in.skip(n - avail);
-
-            long cSkip = skippingCipher.skip(skip);
-
-            if (skip != cSkip)
-            {
-                throw new IOException("Unable to skip cipher " + skip + " bytes.");
-            }
-
-            return skip + avail;
-        }
-        else
-        {
-            int skip = (int)Math.min(n, available());
-            bufOff += skip;
-
-            return skip;
-        }
-    }
-
-    public int available()
-        throws IOException
-    {
-        return maxBuf - bufOff;
-    }
-
-    /**
-     * Ensure the cipher text buffer has space sufficient to accept an upcoming output.
-     *
-     * @param updateSize the size of the pending update.
-     * @param finalOutput <code>true</code> iff this the cipher is to be finalised.
-     */
-    private void ensureCapacity(int updateSize, boolean finalOutput)
-    {
-        int bufLen = updateSize;
-        if (finalOutput)
-        {
-            if (bufferedBlockCipher != null)
-            {
-                bufLen = bufferedBlockCipher.getOutputSize(updateSize);
-            }
-            else if (aeadBlockCipher != null)
-            {
-                bufLen = aeadBlockCipher.getOutputSize(updateSize);
-            }
-        }
-        else
-        {
-            if (bufferedBlockCipher != null)
-            {
-                bufLen = bufferedBlockCipher.getUpdateOutputSize(updateSize);
-            }
-            else if (aeadBlockCipher != null)
-            {
-                bufLen = aeadBlockCipher.getUpdateOutputSize(updateSize);
-            }
-        }
-
-        if ((buf == null) || (buf.length < bufLen))
-        {
-            buf = new byte[bufLen];
-        }
-    }
-
-    /**
-     * Closes the underlying input stream and finalises the processing of the data by the cipher.
-     *
-     * @throws IOException if there was an error closing the input stream.
-     * @throws InvalidCipherTextIOException if the data read from the stream was invalid ciphertext
-     *             (e.g. the cipher is an AEAD cipher and the ciphertext tag check fails).
-     */
-    public void close()
-        throws IOException
-    {
-        try
-        {
-            in.close();
-        }
-        finally
-        {
-            if (!finalized)
-            {
-                // Reset the cipher, discarding any data buffered in it
-                // Errors in cipher finalisation trump I/O error closing input
-                finaliseCipher();
-            }
-        }
-        maxBuf = bufOff = 0;
-        markBufOff = 0;
-        markPosition = 0;
-        if (markBuf != null)
-        {
-            Arrays.fill(markBuf, (byte)0);
-            markBuf = null;
-        }
-        if (buf != null)
-        {
-            Arrays.fill(buf, (byte)0);
-            buf = null;
-        }
-        Arrays.fill(inBuf, (byte)0);
-    }
-
-    /**
-     * Mark the current position.
-     * <p>
-     * This method only works if markSupported() returns true - which means the underlying stream supports marking, and the cipher passed
-     * in to this stream's constructor is a SkippingCipher (so capable of being reset to an arbitrary point easily).
-     * </p>
-     * @param readlimit the maximum read ahead required before a reset() may be called.
-     */
-    public void mark(int readlimit)
-    {
-        in.mark(readlimit);
-        if (skippingCipher != null)
-        {
-            markPosition = skippingCipher.getPosition();
-        }
-
-        if (buf != null)
-        {
-            markBuf = new byte[buf.length];
-            System.arraycopy(buf, 0, markBuf, 0, buf.length);
-        }
-
-        markBufOff = bufOff;
-    }
-
-    /**
-     * Reset to the last marked position, if supported.
-     *
-     * @throws IOException if marking not supported by the cipher used, or the underlying stream.
-     */
-    public void reset()
-        throws IOException
-    {
-        if (skippingCipher == null)
-        {
-            throw new IOException("cipher must implement SkippingCipher to be used with reset()");
-        }
-
-        in.reset();
-
-        skippingCipher.seekTo(markPosition);
-
-        if (markBuf != null)
-        {
-            buf = markBuf;
-        }
-
-        bufOff = markBufOff;
-     }
-
-    /**
-     * Return true if mark(readlimit) is supported. This will be true if the underlying stream supports marking and the
-     * cipher used is a SkippingCipher,
-     *
-     * @return true if mark(readlimit) supported, false otherwise.
-     */
-    public boolean markSupported()
-    {
-        if (skippingCipher != null)
-        {
-            return in.markSupported();
-        }
-
-        return false;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/io/CipherOutputStream.java b/bcprov/src/main/java/org/bouncycastle/crypto/io/CipherOutputStream.java
deleted file mode 100644
index 9a7ada2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/io/CipherOutputStream.java
+++ /dev/null

@@ -1,280 +0,0 @@
-package org.bouncycastle.crypto.io;
-
-import java.io.FilterOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.StreamCipher;
-import org.bouncycastle.crypto.modes.AEADBlockCipher;
-
-/**
- * A CipherOutputStream is composed of an OutputStream and a cipher so that write() methods process
- * the written data with the cipher, and the output of the cipher is in turn written to the
- * underlying OutputStream. The cipher must be fully initialized before being used by a
- * CipherInputStream.
- * <p>
- * For example, if the cipher is initialized for encryption, the CipherOutputStream will encrypt the
- * data before writing the encrypted data to the underlying stream.
- */
-public class CipherOutputStream
-    extends FilterOutputStream
-{
-    private BufferedBlockCipher bufferedBlockCipher;
-    private StreamCipher streamCipher;
-    private AEADBlockCipher aeadBlockCipher;
-
-    private final byte[] oneByte = new byte[1];
-    private byte[] buf;
-
-    /**
-     * Constructs a CipherOutputStream from an OutputStream and a
-     * BufferedBlockCipher.
-     */
-    public CipherOutputStream(
-        OutputStream os,
-        BufferedBlockCipher cipher)
-    {
-        super(os);
-        this.bufferedBlockCipher = cipher;
-    }
-
-    /**
-     * Constructs a CipherOutputStream from an OutputStream and a
-     * BufferedBlockCipher.
-     */
-    public CipherOutputStream(
-        OutputStream os,
-        StreamCipher cipher)
-    {
-        super(os);
-        this.streamCipher = cipher;
-    }
-
-    /**
-     * Constructs a CipherOutputStream from an OutputStream and a AEADBlockCipher.
-     */
-    public CipherOutputStream(OutputStream os, AEADBlockCipher cipher)
-    {
-        super(os);
-        this.aeadBlockCipher = cipher;
-    }
-
-    /**
-     * Writes the specified byte to this output stream.
-     *
-     * @param b the <code>byte</code>.
-     * @throws java.io.IOException if an I/O error occurs.
-     */
-    public void write(
-        int b)
-        throws IOException
-    {
-        oneByte[0] = (byte)b;
-
-        if (streamCipher != null)
-        {
-            out.write(streamCipher.returnByte((byte)b));
-        }
-        else
-        {
-            write(oneByte, 0, 1);
-        }
-    }
-
-    /**
-     * Writes <code>b.length</code> bytes from the specified byte array
-     * to this output stream.
-     * <p>
-     * The <code>write</code> method of
-     * <code>CipherOutputStream</code> calls the <code>write</code>
-     * method of three arguments with the three arguments
-     * <code>b</code>, <code>0</code>, and <code>b.length</code>.
-     *
-     * @param b the data.
-     * @throws java.io.IOException if an I/O error occurs.
-     * @see #write(byte[], int, int)
-     */
-    public void write(
-        byte[] b)
-        throws IOException
-    {
-        write(b, 0, b.length);
-    }
-
-    /**
-     * Writes <code>len</code> bytes from the specified byte array
-     * starting at offset <code>off</code> to this output stream.
-     *
-     * @param b   the data.
-     * @param off the start offset in the data.
-     * @param len the number of bytes to write.
-     * @throws java.io.IOException if an I/O error occurs.
-     */
-    public void write(
-        byte[] b,
-        int off,
-        int len)
-        throws IOException
-    {
-        ensureCapacity(len, false);
-
-        if (bufferedBlockCipher != null)
-        {
-            int outLen = bufferedBlockCipher.processBytes(b, off, len, buf, 0);
-
-            if (outLen != 0)
-            {
-                out.write(buf, 0, outLen);
-            }
-        }
-        else if (aeadBlockCipher != null)
-        {
-            int outLen = aeadBlockCipher.processBytes(b, off, len, buf, 0);
-
-            if (outLen != 0)
-            {
-                out.write(buf, 0, outLen);
-            }
-        }
-        else
-        {
-            streamCipher.processBytes(b, off, len, buf, 0);
-
-            out.write(buf, 0, len);
-        }
-    }
-
-    /**
-     * Ensure the ciphertext buffer has space sufficient to accept an upcoming output.
-     *
-     * @param updateSize the size of the pending update.
-     * @param finalOutput <code>true</code> iff this the cipher is to be finalised.
-     */
-    private void ensureCapacity(int updateSize, boolean finalOutput)
-    {
-        int bufLen = updateSize;
-        if (finalOutput)
-        {
-            if (bufferedBlockCipher != null)
-            {
-                bufLen = bufferedBlockCipher.getOutputSize(updateSize);
-            }
-            else if (aeadBlockCipher != null)
-            {
-                bufLen = aeadBlockCipher.getOutputSize(updateSize);
-            }
-        }
-        else
-        {
-            if (bufferedBlockCipher != null)
-            {
-                bufLen = bufferedBlockCipher.getUpdateOutputSize(updateSize);
-            }
-            else if (aeadBlockCipher != null)
-            {
-                bufLen = aeadBlockCipher.getUpdateOutputSize(updateSize);
-            }
-        }
-
-        if ((buf == null) || (buf.length < bufLen))
-        {
-            buf = new byte[bufLen];
-        }
-    }
-
-    /**
-     * Flushes this output stream by forcing any buffered output bytes
-     * that have already been processed by the encapsulated cipher object
-     * to be written out.
-     * <p>
-     * Any bytes buffered by the encapsulated cipher
-     * and waiting to be processed by it will not be written out. For example,
-     * if the encapsulated cipher is a block cipher, and the total number of
-     * bytes written using one of the <code>write</code> methods is less than
-     * the cipher's block size, no bytes will be written out.
-     *
-     * @throws java.io.IOException if an I/O error occurs.
-     */
-    public void flush()
-        throws IOException
-    {
-        out.flush();
-    }
-
-    /**
-     * Closes this output stream and releases any system resources
-     * associated with this stream.
-     * <p>
-     * This method invokes the <code>doFinal</code> method of the encapsulated
-     * cipher object, which causes any bytes buffered by the encapsulated
-     * cipher to be processed. The result is written out by calling the
-     * <code>flush</code> method of this output stream.
-     * <p>
-     * This method resets the encapsulated cipher object to its initial state
-     * and calls the <code>close</code> method of the underlying output
-     * stream.
-     *
-     * @throws java.io.IOException if an I/O error occurs.
-     * @throws InvalidCipherTextIOException if the data written to this stream was invalid ciphertext
-     * (e.g. the cipher is an AEAD cipher and the ciphertext tag check fails).
-     */
-    public void close()
-        throws IOException
-    {
-        ensureCapacity(0, true);
-        IOException error = null;
-        try
-        {
-            if (bufferedBlockCipher != null)
-            {
-                int outLen = bufferedBlockCipher.doFinal(buf, 0);
-
-                if (outLen != 0)
-                {
-                    out.write(buf, 0, outLen);
-                }
-            }
-            else if (aeadBlockCipher != null)
-            {
-                int outLen = aeadBlockCipher.doFinal(buf, 0);
-
-                if (outLen != 0)
-                {
-                    out.write(buf, 0, outLen);
-                }
-            }
-            else if (streamCipher != null)
-            {
-                streamCipher.reset();
-            }
-        }
-        catch (final InvalidCipherTextException e)
-        {
-            error = new InvalidCipherTextIOException("Error finalising cipher data", e);
-        }
-        catch (Exception e)
-        {
-            error = new CipherIOException("Error closing stream: ", e);
-        }
-
-        try
-        {
-            flush();
-            out.close();
-        }
-        catch (IOException e)
-        {
-            // Invalid ciphertext takes precedence over close error
-            if (error == null)
-            {
-                error = e;
-            }
-        }
-        if (error != null)
-        {
-            throw error;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/io/InvalidCipherTextIOException.java b/bcprov/src/main/java/org/bouncycastle/crypto/io/InvalidCipherTextIOException.java
deleted file mode 100644
index 46561c6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/io/InvalidCipherTextIOException.java
+++ /dev/null

@@ -1,19 +0,0 @@
-package org.bouncycastle.crypto.io;
-
-import java.io.IOException;
-
-/**
- * {@link IOException} wrapper around an exception indicating an invalid ciphertext, such as in
- * authentication failure during finalisation of an AEAD cipher. For use in streams that need to
- * expose invalid ciphertext errors.
- */
-public class InvalidCipherTextIOException
-    extends CipherIOException
-{
-    private static final long serialVersionUID = 1L;
-
-    public InvalidCipherTextIOException(String message, Throwable cause)
-    {
-        super(message, cause);
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/io/SignerInputStream.java b/bcprov/src/main/java/org/bouncycastle/crypto/io/SignerInputStream.java
deleted file mode 100644
index 9583e4c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/io/SignerInputStream.java
+++ /dev/null

@@ -1,52 +0,0 @@
-package org.bouncycastle.crypto.io;
-
-import java.io.FilterInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.bouncycastle.crypto.Signer;
-
-public class SignerInputStream
-    extends FilterInputStream
-{
-    protected Signer signer;
-
-    public SignerInputStream(
-        InputStream stream,
-        Signer      signer)
-    {
-        super(stream);
-        this.signer = signer;
-    }
-
-    public int read()
-        throws IOException
-    {
-        int b = in.read();
-
-        if (b >= 0)
-        {
-            signer.update((byte)b);
-        }
-        return b;
-    }
-
-    public int read(
-        byte[] b,
-        int off,
-        int len)
-        throws IOException
-    {
-        int n = in.read(b, off, len);
-        if (n > 0)
-        {
-            signer.update(b, off, n);
-        }
-        return n;
-    }
-
-    public Signer getSigner()
-    {
-        return signer;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/io/SignerOutputStream.java b/bcprov/src/main/java/org/bouncycastle/crypto/io/SignerOutputStream.java
deleted file mode 100644
index 1c21b5d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/io/SignerOutputStream.java
+++ /dev/null

@@ -1,38 +0,0 @@
-package org.bouncycastle.crypto.io;
-
-import java.io.IOException;
-import java.io.OutputStream;
-
-import org.bouncycastle.crypto.Signer;
-
-public class SignerOutputStream
-    extends OutputStream
-{
-    protected Signer signer;
-
-    public SignerOutputStream(
-        Signer          Signer)
-    {
-        this.signer = Signer;
-    }
-
-    public void write(int b)
-        throws IOException
-    {
-        signer.update((byte)b);
-    }
-
-    public void write(
-        byte[] b,
-        int off,
-        int len)
-        throws IOException
-    {
-        signer.update(b, off, len);
-    }
-
-    public Signer getSigner()
-    {
-        return signer;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/io/package.html b/bcprov/src/main/java/org/bouncycastle/crypto/io/package.html
deleted file mode 100644
index f2c9e40..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/io/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Classes for doing "enhanced" I/O with Digests and MACs.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/kems/ECIESKeyEncapsulation.java b/bcprov/src/main/java/org/bouncycastle/crypto/kems/ECIESKeyEncapsulation.java
deleted file mode 100644
index 71b29a3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/kems/ECIESKeyEncapsulation.java
+++ /dev/null

@@ -1,262 +0,0 @@
-package org.bouncycastle.crypto.kems;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DerivationFunction;
-import org.bouncycastle.crypto.KeyEncapsulation;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECKeyParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.KDFParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECMultiplier;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.FixedPointCombMultiplier;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.BigIntegers;
-
-/**
- * The ECIES Key Encapsulation Mechanism (ECIES-KEM) from ISO 18033-2.
- */
-public class ECIESKeyEncapsulation
-    implements KeyEncapsulation
-{
-    private static final BigInteger ONE = BigInteger.valueOf(1);
-
-    private DerivationFunction kdf;
-    private SecureRandom rnd;
-    private ECKeyParameters key;
-    private boolean CofactorMode;
-    private boolean OldCofactorMode;
-    private boolean SingleHashMode;
-
-    /**
-     * Set up the ECIES-KEM.
-     *
-     * @param kdf the key derivation function to be used.
-     * @param rnd the random source for the session key.
-     */
-    public ECIESKeyEncapsulation(
-        DerivationFunction kdf,
-        SecureRandom rnd)
-    {
-        this.kdf = kdf;
-        this.rnd = rnd;
-        this.CofactorMode = false;
-        this.OldCofactorMode = false;
-        this.SingleHashMode = false;
-    }
-
-    /**
-     * Set up the ECIES-KEM.
-     *
-     * @param kdf             the key derivation function to be used.
-     * @param rnd             the random source for the session key.
-     * @param cofactorMode    if true use the new cofactor ECDH.
-     * @param oldCofactorMode if true use the old cofactor ECDH.
-     * @param singleHashMode  if true use single hash mode.
-     */
-    public ECIESKeyEncapsulation(
-        DerivationFunction kdf,
-        SecureRandom rnd,
-        boolean cofactorMode,
-        boolean oldCofactorMode,
-        boolean singleHashMode)
-    {
-        this.kdf = kdf;
-        this.rnd = rnd;
-
-        // If both cofactorMode and oldCofactorMode are set to true
-        // then the implementation will use the new cofactor ECDH 
-        this.CofactorMode = cofactorMode;
-        // https://www.shoup.net/iso/std4.pdf, Page 34.
-        if (cofactorMode)
-        {
-            this.OldCofactorMode = false;
-        }
-        else
-        {
-            this.OldCofactorMode = oldCofactorMode;
-        }
-        this.SingleHashMode = singleHashMode;
-    }
-
-    /**
-     * Initialise the ECIES-KEM.
-     *
-     * @param key the recipient's public (for encryption) or private (for decryption) key.
-     */
-    public void init(CipherParameters key)
-        throws IllegalArgumentException
-    {
-        if (!(key instanceof ECKeyParameters))
-        {
-            throw new IllegalArgumentException("EC key required");
-        }
-        else
-        {
-            this.key = (ECKeyParameters)key;
-        }
-    }
-
-    /**
-     * Generate and encapsulate a random session key.
-     *
-     * @param out    the output buffer for the encapsulated key.
-     * @param outOff the offset for the output buffer.
-     * @param keyLen the length of the session key.
-     * @return the random session key.
-     */
-    public CipherParameters encrypt(byte[] out, int outOff, int keyLen)
-        throws IllegalArgumentException
-    {
-        if (!(key instanceof ECPublicKeyParameters))
-        {
-            throw new IllegalArgumentException("Public key required for encryption");
-        }
-
-        ECPublicKeyParameters ecPubKey = (ECPublicKeyParameters)key;
-        ECDomainParameters ecParams = ecPubKey.getParameters();
-        ECCurve curve = ecParams.getCurve();
-        BigInteger n = ecParams.getN();
-        BigInteger h = ecParams.getH();
-
-        // Generate the ephemeral key pair    
-        BigInteger r = BigIntegers.createRandomInRange(ONE, n, rnd);
-
-        // Compute the static-ephemeral key agreement
-        BigInteger rPrime = OldCofactorMode ? r.multiply(h).mod(n) : r;
-
-        ECMultiplier basePointMultiplier = createBasePointMultiplier();
-
-        ECPoint[] ghTilde = new ECPoint[]{ 
-            basePointMultiplier.multiply(ecParams.getG(), r),
-            ecPubKey.getQ().multiply(rPrime)
-        };
-
-        // NOTE: More efficient than normalizing each individually
-        curve.normalizeAll(ghTilde);
-
-        ECPoint gTilde = ghTilde[0], hTilde = ghTilde[1];
-
-        // Encode the ephemeral public key
-        byte[] C = gTilde.getEncoded(false);
-        System.arraycopy(C, 0, out, outOff, C.length);
-
-        // Encode the shared secret value
-        byte[] PEH = hTilde.getAffineXCoord().getEncoded();
-
-        return deriveKey(keyLen, C, PEH);
-    }
-
-    /**
-     * Generate and encapsulate a random session key.
-     *
-     * @param out    the output buffer for the encapsulated key.
-     * @param keyLen the length of the session key.
-     * @return the random session key.
-     */
-    public CipherParameters encrypt(byte[] out, int keyLen)
-    {
-        return encrypt(out, 0, keyLen);
-    }
-
-    /**
-     * Decrypt an encapsulated session key.
-     *
-     * @param in     the input buffer for the encapsulated key.
-     * @param inOff  the offset for the input buffer.
-     * @param inLen  the length of the encapsulated key.
-     * @param keyLen the length of the session key.
-     * @return the session key.
-     */
-    public CipherParameters decrypt(byte[] in, int inOff, int inLen, int keyLen)
-        throws IllegalArgumentException
-    {
-        if (!(key instanceof ECPrivateKeyParameters))
-        {
-            throw new IllegalArgumentException("Private key required for encryption");
-        }
-
-        ECPrivateKeyParameters ecPrivKey = (ECPrivateKeyParameters)key;
-        ECDomainParameters ecParams = ecPrivKey.getParameters();
-        ECCurve curve = ecParams.getCurve();
-        BigInteger n = ecParams.getN();
-        BigInteger h = ecParams.getH();
-
-        // Decode the ephemeral public key
-        byte[] C = new byte[inLen];
-        System.arraycopy(in, inOff, C, 0, inLen);
-
-        // NOTE: Decoded points are already normalized (i.e in affine form)
-        ECPoint gTilde = curve.decodePoint(C);
-
-        // Compute the static-ephemeral key agreement
-        ECPoint gHat = gTilde;
-        if ((CofactorMode) || (OldCofactorMode))
-        {
-            gHat = gHat.multiply(h);
-        }
-
-        BigInteger xHat = ecPrivKey.getD();
-        if (CofactorMode)
-        {
-            xHat = xHat.multiply(h.modInverse(n)).mod(n);
-        }
-
-        ECPoint hTilde = gHat.multiply(xHat).normalize();
-
-        // Encode the shared secret value
-        byte[] PEH = hTilde.getAffineXCoord().getEncoded();
-
-        return deriveKey(keyLen, C, PEH);
-    }
-
-    /**
-     * Decrypt an encapsulated session key.
-     *
-     * @param in     the input buffer for the encapsulated key.
-     * @param keyLen the length of the session key.
-     * @return the session key.
-     */
-    public CipherParameters decrypt(byte[] in, int keyLen)
-    {
-        return decrypt(in, 0, in.length, keyLen);
-    }
-
-    protected ECMultiplier createBasePointMultiplier()
-    {
-        return new FixedPointCombMultiplier();
-    }
-
-    protected KeyParameter deriveKey(int keyLen, byte[] C, byte[] PEH)
-    {
-        byte[] kdfInput = PEH;
-        if (!SingleHashMode)
-        {
-            kdfInput = Arrays.concatenate(C, PEH);
-            Arrays.fill(PEH, (byte)0);
-        }
-
-        try
-        {
-            // Initialise the KDF
-            kdf.init(new KDFParameters(kdfInput, null));
-    
-            // Generate the secret key
-            byte[] K = new byte[keyLen];
-            kdf.generateBytes(K, 0, K.length);
-
-            // Return the ciphertext
-            return new KeyParameter(K);
-        }
-        finally
-        {
-            Arrays.fill(kdfInput, (byte)0);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/kems/RSAKeyEncapsulation.java b/bcprov/src/main/java/org/bouncycastle/crypto/kems/RSAKeyEncapsulation.java
deleted file mode 100644
index 42fc235..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/kems/RSAKeyEncapsulation.java
+++ /dev/null

@@ -1,155 +0,0 @@
-package org.bouncycastle.crypto.kems;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DerivationFunction;
-import org.bouncycastle.crypto.KeyEncapsulation;
-import org.bouncycastle.crypto.params.KDFParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.util.BigIntegers;
-
-/**
- * The RSA Key Encapsulation Mechanism (RSA-KEM) from ISO 18033-2.
- */
-public class RSAKeyEncapsulation
-    implements KeyEncapsulation
-{
-    private static final BigInteger ZERO = BigInteger.valueOf(0);
-    private static final BigInteger ONE = BigInteger.valueOf(1);
-
-    private DerivationFunction kdf;
-    private SecureRandom rnd;
-    private RSAKeyParameters key;
-
-    /**
-     * Set up the RSA-KEM.
-     *
-     * @param kdf the key derivation function to be used.
-     * @param rnd the random source for the session key.
-     */
-    public RSAKeyEncapsulation(
-        DerivationFunction kdf,
-        SecureRandom rnd)
-    {
-        this.kdf = kdf;
-        this.rnd = rnd;
-    }
-
-    /**
-     * Initialise the RSA-KEM.
-     *
-     * @param key the recipient's public (for encryption) or private (for decryption) key.
-     */
-    public void init(CipherParameters key)
-        throws IllegalArgumentException
-    {
-        if (!(key instanceof RSAKeyParameters))
-        {
-            throw new IllegalArgumentException("RSA key required");
-        }
-
-        this.key = (RSAKeyParameters)key;
-    }
-
-    /**
-     * Generate and encapsulate a random session key.
-     *
-     * @param out    the output buffer for the encapsulated key.
-     * @param outOff the offset for the output buffer.
-     * @param keyLen the length of the random session key.
-     * @return the random session key.
-     */
-    public CipherParameters encrypt(byte[] out, int outOff, int keyLen)
-        throws IllegalArgumentException
-    {
-        if (key.isPrivate())
-        {
-            throw new IllegalArgumentException("Public key required for encryption");
-        }
-
-        BigInteger n = key.getModulus();
-        BigInteger e = key.getExponent();
-
-        // Generate the ephemeral random and encode it    
-        BigInteger r = BigIntegers.createRandomInRange(ZERO, n.subtract(ONE), rnd);
-
-        // Encrypt the random and encode it     
-        BigInteger c = r.modPow(e, n);
-        byte[] C = BigIntegers.asUnsignedByteArray((n.bitLength() + 7) / 8, c);
-        System.arraycopy(C, 0, out, outOff, C.length);
-
-        return generateKey(n, r, keyLen);
-    }
-
-    /**
-     * Generate and encapsulate a random session key.
-     *
-     * @param out    the output buffer for the encapsulated key.
-     * @param keyLen the length of the random session key.
-     * @return the random session key.
-     */
-    public CipherParameters encrypt(byte[] out, int keyLen)
-    {
-        return encrypt(out, 0, keyLen);
-    }
-
-    /**
-     * Decrypt an encapsulated session key.
-     *
-     * @param in     the input buffer for the encapsulated key.
-     * @param inOff  the offset for the input buffer.
-     * @param inLen  the length of the encapsulated key.
-     * @param keyLen the length of the session key.
-     * @return the session key.
-     */
-    public CipherParameters decrypt(byte[] in, int inOff, int inLen, int keyLen)
-        throws IllegalArgumentException
-    {
-        if (!key.isPrivate())
-        {
-            throw new IllegalArgumentException("Private key required for decryption");
-        }
-
-        BigInteger n = key.getModulus();
-        BigInteger d = key.getExponent();
-
-        // Decode the input
-        byte[] C = new byte[inLen];
-        System.arraycopy(in, inOff, C, 0, C.length);
-        BigInteger c = new BigInteger(1, C);
-
-        // Decrypt the ephemeral random and encode it
-        BigInteger r = c.modPow(d, n);
-
-        return generateKey(n, r, keyLen);
-    }
-
-    /**
-     * Decrypt an encapsulated session key.
-     *
-     * @param in     the input buffer for the encapsulated key.
-     * @param keyLen the length of the session key.
-     * @return the session key.
-     */
-    public CipherParameters decrypt(byte[] in, int keyLen)
-    {
-        return decrypt(in, 0, in.length, keyLen);
-    }
-
-    protected KeyParameter generateKey(BigInteger n, BigInteger r, int keyLen)
-    {
-        byte[] R = BigIntegers.asUnsignedByteArray((n.bitLength() + 7) / 8, r);
-
-        // Initialise the KDF
-        kdf.init(new KDFParameters(R, null));
-
-        // Generate the secret key
-        byte[] K = new byte[keyLen];
-        kdf.generateBytes(K, 0, K.length);
-
-        return new KeyParameter(K);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/kems/package.html b/bcprov/src/main/java/org/bouncycastle/crypto/kems/package.html
deleted file mode 100644
index 88fddd0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/kems/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Key Encapsulation Mechanisms.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/macs/BlockCipherMac.java b/bcprov/src/main/java/org/bouncycastle/crypto/macs/BlockCipherMac.java
deleted file mode 100644
index 6de39a8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/macs/BlockCipherMac.java
+++ /dev/null

@@ -1,174 +0,0 @@
-package org.bouncycastle.crypto.macs;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-
-public class BlockCipherMac
-    implements Mac
-{
-    private byte[]          mac;
-
-    private byte[]          buf;
-    private int             bufOff;
-    private BlockCipher     cipher;
-
-    private int             macSize;
-
-    /**
-     * create a standard MAC based on a block cipher. This will produce an
-     * authentication code half the length of the block size of the cipher.
-     *
-     * @param cipher the cipher to be used as the basis of the MAC generation.
-     * @deprecated use CBCBlockCipherMac
-     */
-    public BlockCipherMac(
-        BlockCipher     cipher)
-    {
-        this(cipher, (cipher.getBlockSize() * 8) / 2);
-    }
-
-    /**
-     * create a standard MAC based on a block cipher with the size of the
-     * MAC been given in bits.
-     * <p>
-     * Note: the size of the MAC must be at least 16 bits (FIPS Publication 113),
-     * and in general should be less than the size of the block cipher as it reduces
-     * the chance of an exhaustive attack (see Handbook of Applied Cryptography).
-     *
-     * @param cipher the cipher to be used as the basis of the MAC generation.
-     * @param macSizeInBits the size of the MAC in bits, must be a multiple of 8.
-     * @deprecated use CBCBlockCipherMac
-     */
-    public BlockCipherMac(
-        BlockCipher     cipher,
-        int             macSizeInBits)
-    {
-        if ((macSizeInBits % 8) != 0)
-        {
-            throw new IllegalArgumentException("MAC size must be multiple of 8");
-        }
-
-        this.cipher = new CBCBlockCipher(cipher);
-        this.macSize = macSizeInBits / 8;
-
-        mac = new byte[cipher.getBlockSize()];
-
-        buf = new byte[cipher.getBlockSize()];
-        bufOff = 0;
-    }
-
-    public String getAlgorithmName()
-    {
-        return cipher.getAlgorithmName();
-    }
-
-    public void init(
-        CipherParameters    params)
-    {
-        reset();
-
-        cipher.init(true, params);
-    }
-
-    public int getMacSize()
-    {
-        return macSize;
-    }
-
-    public void update(
-        byte        in)
-    {
-        if (bufOff == buf.length)
-        {
-            cipher.processBlock(buf, 0, mac, 0);
-            bufOff = 0;
-        }
-
-        buf[bufOff++] = in;
-    }
-
-    public void update(
-        byte[]      in,
-        int         inOff,
-        int         len)
-    {
-        if (len < 0)
-        {
-            throw new IllegalArgumentException("Can't have a negative input length!");
-        }
-
-        int blockSize = cipher.getBlockSize();
-        int resultLen = 0;
-        int gapLen = blockSize - bufOff;
-
-        if (len > gapLen)
-        {
-            System.arraycopy(in, inOff, buf, bufOff, gapLen);
-
-            resultLen += cipher.processBlock(buf, 0, mac, 0);
-
-            bufOff = 0;
-            len -= gapLen;
-            inOff += gapLen;
-
-            while (len > blockSize)
-            {
-                resultLen += cipher.processBlock(in, inOff, mac, 0);
-
-                len -= blockSize;
-                inOff += blockSize;
-            }
-        }
-
-        System.arraycopy(in, inOff, buf, bufOff, len);
-
-        bufOff += len;
-    }
-
-    public int doFinal(
-        byte[]  out,
-        int     outOff)
-    {
-        int blockSize = cipher.getBlockSize();
-
-        //
-        // pad with zeroes
-        //
-        while (bufOff < blockSize)
-        {
-            buf[bufOff] = 0;
-            bufOff++;
-        }
-
-        cipher.processBlock(buf, 0, mac, 0);
-
-        System.arraycopy(mac, 0, out, outOff, macSize);
-
-        reset();
-
-        return macSize;
-    }
-
-    /**
-     * Reset the mac generator.
-     */
-    public void reset()
-    {
-        /*
-         * clean the buffer.
-         */
-        for (int i = 0; i < buf.length; i++)
-        {
-            buf[i] = 0;
-        }
-
-        bufOff = 0;
-
-        /*
-         * reset the underlying cipher.
-         */
-        cipher.reset();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/macs/CFBBlockCipherMac.java b/bcprov/src/main/java/org/bouncycastle/crypto/macs/CFBBlockCipherMac.java
deleted file mode 100644
index d700fd8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/macs/CFBBlockCipherMac.java
+++ /dev/null

@@ -1,389 +0,0 @@
-package org.bouncycastle.crypto.macs;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.paddings.BlockCipherPadding;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-
-/**
- * implements a Cipher-FeedBack (CFB) mode on top of a simple cipher.
- */
-class MacCFBBlockCipher
-{
-    private byte[]          IV;
-    private byte[]          cfbV;
-    private byte[]          cfbOutV;
-
-    private int                 blockSize;
-    private BlockCipher         cipher = null;
-
-    /**
-     * Basic constructor.
-     *
-     * @param cipher the block cipher to be used as the basis of the
-     * feedback mode.
-     * @param blockSize the block size in bits (note: a multiple of 8)
-     */
-    public MacCFBBlockCipher(
-        BlockCipher         cipher,
-        int                 bitBlockSize)
-    {
-        this.cipher = cipher;
-        this.blockSize = bitBlockSize / 8;
-
-        this.IV = new byte[cipher.getBlockSize()];
-        this.cfbV = new byte[cipher.getBlockSize()];
-        this.cfbOutV = new byte[cipher.getBlockSize()];
-    }
-
-    /**
-     * Initialise the cipher and, possibly, the initialisation vector (IV).
-     * If an IV isn't passed as part of the parameter, the IV will be all zeros.
-     * An IV which is too short is handled in FIPS compliant fashion.
-     *
-     * @param param the key and other data required by the cipher.
-     * @exception IllegalArgumentException if the params argument is
-     * inappropriate.
-     */
-    public void init(
-        CipherParameters    params)
-        throws IllegalArgumentException
-    {
-        if (params instanceof ParametersWithIV)
-        {
-                ParametersWithIV ivParam = (ParametersWithIV)params;
-                byte[]      iv = ivParam.getIV();
-
-                if (iv.length < IV.length)
-                {
-                    System.arraycopy(iv, 0, IV, IV.length - iv.length, iv.length);
-                }
-                else
-                {
-                    System.arraycopy(iv, 0, IV, 0, IV.length);
-                }
-
-                reset();
-
-                cipher.init(true, ivParam.getParameters());
-        }
-        else
-        {
-                reset();
-
-                cipher.init(true, params);
-        }
-    }
-
-    /**
-     * return the algorithm name and mode.
-     *
-     * @return the name of the underlying algorithm followed by "/CFB"
-     * and the block size in bits.
-     */
-    public String getAlgorithmName()
-    {
-        return cipher.getAlgorithmName() + "/CFB" + (blockSize * 8);
-    }
-
-    /**
-     * return the block size we are operating at.
-     *
-     * @return the block size we are operating at (in bytes).
-     */
-    public int getBlockSize()
-    {
-        return blockSize;
-    }
-
-    /**
-     * Process one block of input from the array in and write it to
-     * the out array.
-     *
-     * @param in the array containing the input data.
-     * @param inOff offset into the in array the data starts at.
-     * @param out the array the output data will be copied into.
-     * @param outOff the offset into the out array the output will start at.
-     * @exception DataLengthException if there isn't enough data in in, or
-     * space in out.
-     * @exception IllegalStateException if the cipher isn't initialised.
-     * @return the number of bytes processed and produced.
-     */
-    public int processBlock(
-        byte[]      in,
-        int         inOff,
-        byte[]      out,
-        int         outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        if ((inOff + blockSize) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-
-        if ((outOff + blockSize) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-
-        cipher.processBlock(cfbV, 0, cfbOutV, 0);
-
-        //
-        // XOR the cfbV with the plaintext producing the cipher text
-        //
-        for (int i = 0; i < blockSize; i++)
-        {
-            out[outOff + i] = (byte)(cfbOutV[i] ^ in[inOff + i]);
-        }
-
-        //
-        // change over the input block.
-        //
-        System.arraycopy(cfbV, blockSize, cfbV, 0, cfbV.length - blockSize);
-        System.arraycopy(out, outOff, cfbV, cfbV.length - blockSize, blockSize);
-
-        return blockSize;
-    }
-
-    /**
-     * reset the chaining vector back to the IV and reset the underlying
-     * cipher.
-     */
-    public void reset()
-    {
-        System.arraycopy(IV, 0, cfbV, 0, IV.length);
-
-        cipher.reset();
-    }
-
-    void getMacBlock(
-        byte[]  mac)
-    {
-        cipher.processBlock(cfbV, 0, mac, 0);
-    }
-}
-
-public class CFBBlockCipherMac
-    implements Mac
-{
-    private byte[]              mac;
-
-    private byte[]              buf;
-    private int                 bufOff;
-    private MacCFBBlockCipher   cipher;
-    private BlockCipherPadding  padding = null;
-
-
-    private int                 macSize;
-
-    /**
-     * create a standard MAC based on a CFB block cipher. This will produce an
-     * authentication code half the length of the block size of the cipher, with
-     * the CFB mode set to 8 bits.
-     *
-     * @param cipher the cipher to be used as the basis of the MAC generation.
-     */
-    public CFBBlockCipherMac(
-        BlockCipher     cipher)
-    {
-        this(cipher, 8, (cipher.getBlockSize() * 8) / 2, null);
-    }
-
-    /**
-     * create a standard MAC based on a CFB block cipher. This will produce an
-     * authentication code half the length of the block size of the cipher, with
-     * the CFB mode set to 8 bits.
-     *
-     * @param cipher the cipher to be used as the basis of the MAC generation.
-     * @param padding the padding to be used.
-     */
-    public CFBBlockCipherMac(
-        BlockCipher         cipher,
-        BlockCipherPadding  padding)
-    {
-        this(cipher, 8, (cipher.getBlockSize() * 8) / 2, padding);
-    }
-
-    /**
-     * create a standard MAC based on a block cipher with the size of the
-     * MAC been given in bits. This class uses CFB mode as the basis for the
-     * MAC generation.
-     * <p>
-     * Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
-     * or 16 bits if being used as a data authenticator (FIPS Publication 113),
-     * and in general should be less than the size of the block cipher as it reduces
-     * the chance of an exhaustive attack (see Handbook of Applied Cryptography).
-     *
-     * @param cipher the cipher to be used as the basis of the MAC generation.
-     * @param cfbBitSize the size of an output block produced by the CFB mode.
-     * @param macSizeInBits the size of the MAC in bits, must be a multiple of 8.
-     */
-    public CFBBlockCipherMac(
-        BlockCipher         cipher,
-        int                 cfbBitSize,
-        int                 macSizeInBits)
-    {
-        this(cipher, cfbBitSize, macSizeInBits, null);
-    }
-
-    /**
-     * create a standard MAC based on a block cipher with the size of the
-     * MAC been given in bits. This class uses CFB mode as the basis for the
-     * MAC generation.
-     * <p>
-     * Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
-     * or 16 bits if being used as a data authenticator (FIPS Publication 113),
-     * and in general should be less than the size of the block cipher as it reduces
-     * the chance of an exhaustive attack (see Handbook of Applied Cryptography).
-     *
-     * @param cipher the cipher to be used as the basis of the MAC generation.
-     * @param cfbBitSize the size of an output block produced by the CFB mode.
-     * @param macSizeInBits the size of the MAC in bits, must be a multiple of 8.
-     * @param padding a padding to be used.
-     */
-    public CFBBlockCipherMac(
-        BlockCipher         cipher,
-        int                 cfbBitSize,
-        int                 macSizeInBits,
-        BlockCipherPadding  padding)
-    {
-        if ((macSizeInBits % 8) != 0)
-        {
-            throw new IllegalArgumentException("MAC size must be multiple of 8");
-        }
-
-        mac = new byte[cipher.getBlockSize()];
-
-        this.cipher = new MacCFBBlockCipher(cipher, cfbBitSize);
-        this.padding = padding;
-        this.macSize = macSizeInBits / 8;
-
-        buf = new byte[this.cipher.getBlockSize()];
-        bufOff = 0;
-    }
-
-    public String getAlgorithmName()
-    {
-        return cipher.getAlgorithmName();
-    }
-
-    public void init(
-        CipherParameters    params)
-    {
-        reset();
-
-        cipher.init(params);
-    }
-
-    public int getMacSize()
-    {
-        return macSize;
-    }
-
-    public void update(
-        byte        in)
-    {
-        if (bufOff == buf.length)
-        {
-            cipher.processBlock(buf, 0, mac, 0);
-            bufOff = 0;
-        }
-
-        buf[bufOff++] = in;
-    }
-
-    public void update(
-        byte[]      in,
-        int         inOff,
-        int         len)
-    {
-        if (len < 0)
-        {
-            throw new IllegalArgumentException("Can't have a negative input length!");
-        }
-
-        int blockSize = cipher.getBlockSize();
-        int resultLen = 0;
-        int gapLen = blockSize - bufOff;
-
-        if (len > gapLen)
-        {
-            System.arraycopy(in, inOff, buf, bufOff, gapLen);
-
-            resultLen += cipher.processBlock(buf, 0, mac, 0);
-
-            bufOff = 0;
-            len -= gapLen;
-            inOff += gapLen;
-
-            while (len > blockSize)
-            {
-                resultLen += cipher.processBlock(in, inOff, mac, 0);
-
-                len -= blockSize;
-                inOff += blockSize;
-            }
-        }
-
-        System.arraycopy(in, inOff, buf, bufOff, len);
-
-        bufOff += len;
-    }
-
-    public int doFinal(
-        byte[]  out,
-        int     outOff)
-    {
-        int blockSize = cipher.getBlockSize();
-
-        //
-        // pad with zeroes
-        //
-        if (this.padding == null)
-        {
-            while (bufOff < blockSize)
-            {
-                buf[bufOff] = 0;
-                bufOff++;
-            }
-        }
-        else
-        {
-            padding.addPadding(buf, bufOff);
-        }
-
-        cipher.processBlock(buf, 0, mac, 0);
-
-        cipher.getMacBlock(mac);
-
-        System.arraycopy(mac, 0, out, outOff, macSize);
-
-        reset();
-
-        return macSize;
-    }
-
-    /**
-     * Reset the mac generator.
-     */
-    public void reset()
-    {
-        /*
-         * clean the buffer.
-         */
-        for (int i = 0; i < buf.length; i++)
-        {
-            buf[i] = 0;
-        }
-
-        bufOff = 0;
-
-        /*
-         * reset the underlying cipher.
-         */
-        cipher.reset();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/macs/CMac.java b/bcprov/src/main/java/org/bouncycastle/crypto/macs/CMac.java
deleted file mode 100644
index def64de..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/macs/CMac.java
+++ /dev/null

@@ -1,308 +0,0 @@
-package org.bouncycastle.crypto.macs;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.paddings.ISO7816d4Padding;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Pack;
-
-/**
- * CMAC - as specified at www.nuee.nagoya-u.ac.jp/labs/tiwata/omac/omac.html
- * <p>
- * CMAC is analogous to OMAC1 - see also en.wikipedia.org/wiki/CMAC
- * </p><p>
- * CMAC is a NIST recomendation - see 
- * csrc.nist.gov/CryptoToolkit/modes/800-38_Series_Publications/SP800-38B.pdf
- * </p><p>
- * CMAC/OMAC1 is a blockcipher-based message authentication code designed and
- * analyzed by Tetsu Iwata and Kaoru Kurosawa.
- * </p><p>
- * CMAC/OMAC1 is a simple variant of the CBC MAC (Cipher Block Chaining Message 
- * Authentication Code). OMAC stands for One-Key CBC MAC.
- * </p><p>
- * It supports 128- or 64-bits block ciphers, with any key size, and returns
- * a MAC with dimension less or equal to the block size of the underlying 
- * cipher.
- * </p>
- */
-public class CMac implements Mac
-{
-    private byte[] poly;
-    private byte[] ZEROES;
-
-    private byte[] mac;
-
-    private byte[] buf;
-    private int bufOff;
-    private BlockCipher cipher;
-
-    private int macSize;
-
-    private byte[] Lu, Lu2;
-
-    /**
-     * create a standard MAC based on a CBC block cipher (64 or 128 bit block).
-     * This will produce an authentication code the length of the block size
-     * of the cipher.
-     *
-     * @param cipher the cipher to be used as the basis of the MAC generation.
-     */
-    public CMac(BlockCipher cipher)
-    {
-        this(cipher, cipher.getBlockSize() * 8);
-    }
-
-    /**
-     * create a standard MAC based on a block cipher with the size of the
-     * MAC been given in bits.
-     * <p>
-     * Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
-     * or 16 bits if being used as a data authenticator (FIPS Publication 113),
-     * and in general should be less than the size of the block cipher as it reduces
-     * the chance of an exhaustive attack (see Handbook of Applied Cryptography).
-     *
-     * @param cipher        the cipher to be used as the basis of the MAC generation.
-     * @param macSizeInBits the size of the MAC in bits, must be a multiple of 8 and &lt;= 128.
-     */
-    public CMac(BlockCipher cipher, int macSizeInBits)
-    {
-        if ((macSizeInBits % 8) != 0)
-        {
-            throw new IllegalArgumentException("MAC size must be multiple of 8");
-        }
-
-        if (macSizeInBits > (cipher.getBlockSize() * 8))
-        {
-            throw new IllegalArgumentException(
-                "MAC size must be less or equal to "
-                    + (cipher.getBlockSize() * 8));
-        }
-
-        this.cipher = new CBCBlockCipher(cipher);
-        this.macSize = macSizeInBits / 8;
-        this.poly = lookupPoly(cipher.getBlockSize());
-
-        mac = new byte[cipher.getBlockSize()];
-
-        buf = new byte[cipher.getBlockSize()];
-
-        ZEROES = new byte[cipher.getBlockSize()];
-
-        bufOff = 0;
-    }
-
-    public String getAlgorithmName()
-    {
-        return cipher.getAlgorithmName();
-    }
-
-    private static int shiftLeft(byte[] block, byte[] output)
-    {
-        int i = block.length;
-        int bit = 0;
-        while (--i >= 0)
-        {
-            int b = block[i] & 0xff;
-            output[i] = (byte)((b << 1) | bit);
-            bit = (b >>> 7) & 1;
-        }
-        return bit;
-    }
-
-    private byte[] doubleLu(byte[] in)
-    {
-        byte[] ret = new byte[in.length];
-        int carry = shiftLeft(in, ret);
-
-        /*
-         * NOTE: This construction is an attempt at a constant-time implementation.
-         */
-        int mask = (-carry) & 0xff;
-        ret[in.length - 3] ^= poly[1] & mask;
-        ret[in.length - 2] ^= poly[2] & mask;
-        ret[in.length - 1] ^= poly[3] & mask;
-
-        return ret;
-    }
-
-    private static byte[] lookupPoly(int blockSizeLength)
-    {
-        int xor;
-        switch (blockSizeLength * 8)
-        {
-        case 64:
-            xor = 0x1B;
-            break;
-        case 128:
-            xor = 0x87;
-            break;
-        case 160:
-            xor = 0x2D;
-            break;
-        case 192:
-            xor = 0x87;
-            break;
-        case 224:
-            xor = 0x309;
-            break;
-        case 256:
-            xor = 0x425;
-            break;
-        case 320:
-            xor = 0x1B;
-            break;
-        case 384:
-            xor = 0x100D;
-            break;
-        case 448:
-            xor = 0x851;
-            break;
-        case 512:
-            xor = 0x125;
-            break;
-        case 768:
-            xor = 0xA0011;
-            break;
-        case 1024:
-            xor = 0x80043;
-            break;
-        case 2048:
-            xor = 0x86001;
-            break;
-        default:
-            throw new IllegalArgumentException("Unknown block size for CMAC: " + (blockSizeLength * 8));
-        }
-
-        return Pack.intToBigEndian(xor);
-    }
-
-    public void init(CipherParameters params)
-    {
-        validate(params);
-
-        cipher.init(true, params);
-
-        //initializes the L, Lu, Lu2 numbers
-        byte[] L = new byte[ZEROES.length];
-        cipher.processBlock(ZEROES, 0, L, 0);
-        Lu = doubleLu(L);
-        Lu2 = doubleLu(Lu);
-
-        reset();
-    }
-
-    void validate(CipherParameters params)
-    {
-        if (params != null)
-        {
-            if (!(params instanceof KeyParameter))
-            {
-                // CMAC mode does not permit IV to underlying CBC mode
-                throw new IllegalArgumentException("CMac mode only permits key to be set.");
-            }
-        }
-    }
-
-    public int getMacSize()
-    {
-        return macSize;
-    }
-
-    public void update(byte in)
-    {
-        if (bufOff == buf.length)
-        {
-            cipher.processBlock(buf, 0, mac, 0);
-            bufOff = 0;
-        }
-
-        buf[bufOff++] = in;
-    }
-
-    public void update(byte[] in, int inOff, int len)
-    {
-        if (len < 0)
-        {
-            throw new IllegalArgumentException(
-                "Can't have a negative input length!");
-        }
-
-        int blockSize = cipher.getBlockSize();
-        int gapLen = blockSize - bufOff;
-
-        if (len > gapLen)
-        {
-            System.arraycopy(in, inOff, buf, bufOff, gapLen);
-
-            cipher.processBlock(buf, 0, mac, 0);
-
-            bufOff = 0;
-            len -= gapLen;
-            inOff += gapLen;
-
-            while (len > blockSize)
-            {
-                cipher.processBlock(in, inOff, mac, 0);
-
-                len -= blockSize;
-                inOff += blockSize;
-            }
-        }
-
-        System.arraycopy(in, inOff, buf, bufOff, len);
-
-        bufOff += len;
-    }
-
-    public int doFinal(byte[] out, int outOff)
-    {
-        int blockSize = cipher.getBlockSize();
-
-        byte[] lu;
-        if (bufOff == blockSize)
-        {
-            lu = Lu;
-        }
-        else
-        {
-            new ISO7816d4Padding().addPadding(buf, bufOff);
-            lu = Lu2;
-        }
-
-        for (int i = 0; i < mac.length; i++)
-        {
-            buf[i] ^= lu[i];
-        }
-
-        cipher.processBlock(buf, 0, mac, 0);
-
-        System.arraycopy(mac, 0, out, outOff, macSize);
-
-        reset();
-
-        return macSize;
-    }
-
-    /**
-     * Reset the mac generator.
-     */
-    public void reset()
-    {
-        /*
-         * clean the buffer.
-         */
-        for (int i = 0; i < buf.length; i++)
-        {
-            buf[i] = 0;
-        }
-
-        bufOff = 0;
-
-        /*
-         * reset the underlying cipher.
-         */
-        cipher.reset();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/macs/CMacWithIV.java b/bcprov/src/main/java/org/bouncycastle/crypto/macs/CMacWithIV.java
deleted file mode 100644
index a0371d9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/macs/CMacWithIV.java
+++ /dev/null

@@ -1,27 +0,0 @@
-package org.bouncycastle.crypto.macs;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-
-/**
- * A non-NIST variant which allows passing of an IV to the underlying CBC cipher.
- * <p>Note: there isn't really a good reason to use an IV here, use the regular CMac where possible.</p>
- */
-public class CMacWithIV
-    extends CMac
-{
-    public CMacWithIV(BlockCipher cipher)
-    {
-        super(cipher);
-    }
-
-    public CMacWithIV(BlockCipher cipher, int macSizeInBits)
-    {
-        super(cipher, macSizeInBits);
-    }
-
-    void validate(CipherParameters params)
-    {
-        // accept all
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/macs/DSTU7564Mac.java b/bcprov/src/main/java/org/bouncycastle/crypto/macs/DSTU7564Mac.java
deleted file mode 100644
index cdadc43..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/macs/DSTU7564Mac.java
+++ /dev/null

@@ -1,164 +0,0 @@
-package org.bouncycastle.crypto.macs;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.digests.DSTU7564Digest;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Pack;
-
-/**
- * Implementation of DSTU7564 MAC mode
- */
-public class DSTU7564Mac
-    implements Mac
-{
-    private static final int BITS_IN_BYTE = 8;
-
-    private DSTU7564Digest engine;
-
-    private int macSize;
-
-    private byte[] paddedKey;
-    private byte[] invertedKey;
-
-    private long inputLength;
-
-    public DSTU7564Mac(int macBitSize)
-    {
-        /* Mac size can be only 256 / 384 / 512. Same as hash size for DSTU7654Digest */
-        this.engine = new DSTU7564Digest(macBitSize);
-        this.macSize = macBitSize / BITS_IN_BYTE;
-
-        this.paddedKey = null;
-        this.invertedKey = null;
-    }
-
-    public void init(CipherParameters params)
-        throws IllegalArgumentException
-    {
-        if (params instanceof KeyParameter)
-        {
-            byte[] key = ((KeyParameter)params).getKey();
-
-            invertedKey = new byte[key.length];
-
-            paddedKey = padKey(key);
-
-            for (int byteIndex = 0; byteIndex < invertedKey.length; byteIndex++)
-            {
-                invertedKey[byteIndex] = (byte)(key[byteIndex] ^ (byte)0xFF);
-            }
-        }
-        else
-        {
-            throw new IllegalArgumentException("Bad parameter passed");
-        }
-
-        engine.update(paddedKey, 0, paddedKey.length);
-    }
-
-    public String getAlgorithmName()
-    {
-        return "DSTU7564Mac";
-    }
-
-    public int getMacSize()
-    {
-        return macSize;
-    }
-
-    public void update(byte in)
-        throws IllegalStateException
-    {
-        engine.update(in);
-        inputLength++;
-    }
-
-    public void update(byte[] in, int inOff, int len)
-        throws DataLengthException, IllegalStateException
-    {
-        if (in.length - inOff < len)
-        {
-            throw new DataLengthException("Input buffer too short");
-        }
-
-        if (paddedKey == null)
-        {
-            throw new IllegalStateException(getAlgorithmName() + " not initialised");
-        }
-
-        engine.update(in, inOff, len);
-        inputLength += len;
-    }
-
-    public int doFinal(byte[] out, int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        if (paddedKey == null)
-        {
-            throw new IllegalStateException(getAlgorithmName() + " not initialised");
-        }
-        if (out.length - outOff < macSize)
-        {
-            throw new OutputLengthException("Output buffer too short");
-        }
-
-        pad();
-
-        engine.update(invertedKey, 0, invertedKey.length);
-
-        inputLength = 0;
-
-        return engine.doFinal(out, outOff);
-    }
-
-    public void reset()
-    {
-        inputLength = 0;
-        engine.reset();
-        if (paddedKey != null)
-        {
-            engine.update(paddedKey, 0, paddedKey.length);
-        }
-    }
-
-    private void pad()
-    {
-        int extra = engine.getByteLength() - (int)(inputLength % engine.getByteLength());
-        if (extra < 13)  // terminator byte + 96 bits of length
-        {
-            extra += engine.getByteLength();
-        }
-
-        byte[] padded = new byte[extra];
-           
-        padded[0] = (byte)0x80; // Defined in standard;
-
-        // Defined in standard;
-        Pack.longToLittleEndian(inputLength * BITS_IN_BYTE, padded, padded.length - 12);
-
-        engine.update(padded, 0, padded.length);
-    }
-
-    private byte[] padKey(byte[] in)
-    {
-        int paddedLen = ((in.length + engine.getByteLength() - 1) / engine.getByteLength()) * engine.getByteLength();
-
-        int extra = engine.getByteLength() - (int)(in.length % engine.getByteLength());
-        if (extra < 13)  // terminator byte + 96 bits of length
-        {
-            paddedLen += engine.getByteLength();
-        }
-
-        byte[] padded = new byte[paddedLen];
-
-        System.arraycopy(in, 0, padded, 0, in.length);
-  
-        padded[in.length] = (byte)0x80; // Defined in standard;
-        Pack.intToLittleEndian(in.length * BITS_IN_BYTE, padded, padded.length - 12); // Defined in standard;
-
-        return padded;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/macs/DSTU7624Mac.java b/bcprov/src/main/java/org/bouncycastle/crypto/macs/DSTU7624Mac.java
deleted file mode 100644
index 01c46f1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/macs/DSTU7624Mac.java
+++ /dev/null

@@ -1,163 +0,0 @@
-package org.bouncycastle.crypto.macs;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.engines.DSTU7624Engine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Implementation of DSTU7624 MAC mode
- */
-public class DSTU7624Mac
-    implements Mac
-{
-    private final static int BITS_IN_BYTE = 8;
-
-    private byte[]              buf;
-    private int                 bufOff;
-
-    private int macSize;
-    private int blockSize;
-    private DSTU7624Engine engine;
-
-    private byte[] c, cTemp, kDelta;
-
-    public DSTU7624Mac(int blockBitLength, int q)
-    {
-        this.engine = new DSTU7624Engine(blockBitLength);
-        this.blockSize = blockBitLength / BITS_IN_BYTE;
-        this.macSize = q / BITS_IN_BYTE;
-        this.c = new byte[blockSize];
-        this.kDelta = new byte[blockSize];
-        this.cTemp = new byte[blockSize];
-        this.buf = new byte[blockSize];
-    }
-
-    public void init(CipherParameters params)
-        throws IllegalArgumentException
-    {
-        if (params instanceof KeyParameter)
-        {
-            engine.init(true, params);
-            engine.processBlock(kDelta, 0, kDelta, 0);
-        }
-        else
-        {
-            throw new IllegalArgumentException("Invalid parameter passed to DSTU7624Mac");
-        }
-    }
-
-    public String getAlgorithmName()
-    {
-        return "DSTU7624Mac";
-    }
-
-    public int getMacSize()
-    {
-        return macSize;
-    }
-
-    public void update(byte in)
-    {
-        if (bufOff == buf.length)
-        {
-            processBlock(buf, 0);
-            bufOff = 0;
-        }
-
-        buf[bufOff++] = in;
-    }
-
-    public void update(byte[] in, int inOff, int len)
-    {
-        if (len < 0)
-        {
-            throw new IllegalArgumentException(
-                "can't have a negative input length!");
-        }
-
-        int blockSize = engine.getBlockSize();
-        int gapLen = blockSize - bufOff;
-
-        if (len > gapLen)
-        {
-            System.arraycopy(in, inOff, buf, bufOff, gapLen);
-
-            processBlock(buf, 0);
-
-            bufOff = 0;
-            len -= gapLen;
-            inOff += gapLen;
-
-            while (len > blockSize)
-            {
-                processBlock(in, inOff);
-
-                len -= blockSize;
-                inOff += blockSize;
-            }
-        }
-
-        System.arraycopy(in, inOff, buf, bufOff, len);
-
-        bufOff += len;
-    }
-
-    private void processBlock(byte[] in, int inOff)
-    {
-        xor(c, 0, in, inOff, cTemp);
-
-        engine.processBlock(cTemp, 0, c, 0);
-    }
-
-    public int doFinal(byte[] out, int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        if (bufOff % buf.length != 0)
-        {
-            throw new DataLengthException("input must be a multiple of blocksize");
-        }
-
-        //Last block
-        xor(c, 0, buf, 0, cTemp);
-        xor(cTemp, 0, kDelta, 0, c);
-        engine.processBlock(c, 0, c, 0);
-
-        if (macSize + outOff > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-
-        System.arraycopy(c, 0, out, outOff, macSize);
-
-        return macSize;
-    }
-
-    public void reset()
-    {
-        Arrays.fill(c, (byte)0x00);
-        Arrays.fill(cTemp, (byte)0x00);
-        Arrays.fill(kDelta, (byte)0x00);
-        Arrays.fill(buf, (byte)0x00);
-        engine.reset();
-        engine.processBlock(kDelta, 0, kDelta, 0);
-        bufOff = 0;
-    }
-
-    private void xor(byte[] x, int xOff, byte[] y, int yOff, byte[] x_xor_y)
-    {
-
-        if (x.length - xOff < blockSize || y.length - yOff < blockSize || x_xor_y.length < blockSize)
-        {
-            throw new IllegalArgumentException("some of input buffers too short");
-        }
-        for (int byteIndex = 0; byteIndex < blockSize; byteIndex++)
-        {
-            x_xor_y[byteIndex] = (byte)(x[byteIndex + xOff] ^ y[byteIndex + yOff]);
-        }
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/macs/GMac.java b/bcprov/src/main/java/org/bouncycastle/crypto/macs/GMac.java
deleted file mode 100644
index b34f9ea..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/macs/GMac.java
+++ /dev/null

@@ -1,115 +0,0 @@
-package org.bouncycastle.crypto.macs;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.modes.GCMBlockCipher;
-import org.bouncycastle.crypto.params.AEADParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-
-/**
- * The GMAC specialisation of Galois/Counter mode (GCM) detailed in NIST Special Publication
- * 800-38D.
- * <p>
- * GMac is an invocation of the GCM mode where no data is encrypted (i.e. all input data to the Mac
- * is processed as additional authenticated data with the underlying GCM block cipher).
- */
-public class GMac implements Mac
-{
-    private final GCMBlockCipher cipher;
-    private final int macSizeBits;
-
-    /**
-     * Creates a GMAC based on the operation of a block cipher in GCM mode.
-     * <p>
-     * This will produce an authentication code the length of the block size of the cipher.
-     * 
-     * @param cipher
-     *            the cipher to be used in GCM mode to generate the MAC.
-     */
-    public GMac(final GCMBlockCipher cipher)
-    {
-        // use of this confused flow analyser in some earlier JDKs
-        this.cipher = cipher;
-        this.macSizeBits = 128;
-    }
-
-    /**
-     * Creates a GMAC based on the operation of a 128 bit block cipher in GCM mode.
-     * 
-     * @param macSizeBits
-     *            the mac size to generate, in bits. Must be a multiple of 8 and &gt;= 32 and &lt;= 128.
-     *            Sizes less than 96 are not recommended, but are supported for specialized applications.
-     * @param cipher
-     *            the cipher to be used in GCM mode to generate the MAC.
-     */
-    public GMac(final GCMBlockCipher cipher, final int macSizeBits)
-    {
-        this.cipher = cipher;
-        this.macSizeBits = macSizeBits;
-    }
-
-    /**
-     * Initialises the GMAC - requires a {@link ParametersWithIV} providing a {@link KeyParameter}
-     * and a nonce.
-     */
-    public void init(final CipherParameters params) throws IllegalArgumentException
-    {
-        if (params instanceof ParametersWithIV)
-        {
-            final ParametersWithIV param = (ParametersWithIV)params;
-
-            final byte[] iv = param.getIV();
-            final KeyParameter keyParam = (KeyParameter)param.getParameters();
-
-            // GCM is always operated in encrypt mode to calculate MAC
-            cipher.init(true, new AEADParameters(keyParam, macSizeBits, iv));
-        }
-        else
-        {
-            throw new IllegalArgumentException("GMAC requires ParametersWithIV");
-        }
-    }
-
-    public String getAlgorithmName()
-    {
-        return cipher.getUnderlyingCipher().getAlgorithmName() + "-GMAC";
-    }
-
-    public int getMacSize()
-    {
-        return macSizeBits / 8;
-    }
-
-    public void update(byte in) throws IllegalStateException
-    {
-        cipher.processAADByte(in);
-    }
-
-    public void update(byte[] in, int inOff, int len)
-        throws DataLengthException, IllegalStateException
-    {
-        cipher.processAADBytes(in, inOff, len);
-    }
-
-    public int doFinal(byte[] out, int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        try
-        {
-            return cipher.doFinal(out, outOff);
-        }
-        catch (InvalidCipherTextException e)
-        {
-            // Impossible in encrypt mode
-            throw new IllegalStateException(e.toString());
-        }
-    }
-
-    public void reset()
-    {
-        cipher.reset();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/macs/GOST28147Mac.java b/bcprov/src/main/java/org/bouncycastle/crypto/macs/GOST28147Mac.java
deleted file mode 100644
index 28e8d89..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/macs/GOST28147Mac.java
+++ /dev/null

@@ -1,317 +0,0 @@
-package org.bouncycastle.crypto.macs;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.crypto.params.ParametersWithSBox;
-
-/**
- * implementation of GOST 28147-89 MAC
- */
-public class GOST28147Mac
-    implements Mac
-{
-    private int                 blockSize = 8;
-    private int                 macSize = 4;
-    private int                 bufOff;
-    private byte[]              buf;
-    private byte[]              mac;
-    private boolean             firstStep = true;
-    private int[]               workingKey = null;
-    private byte[]              macIV = null;
-
-    //
-    // This is default S-box - E_A.
-    private byte S[] = {
-            0x9,0x6,0x3,0x2,0x8,0xB,0x1,0x7,0xA,0x4,0xE,0xF,0xC,0x0,0xD,0x5,
-            0x3,0x7,0xE,0x9,0x8,0xA,0xF,0x0,0x5,0x2,0x6,0xC,0xB,0x4,0xD,0x1,
-            0xE,0x4,0x6,0x2,0xB,0x3,0xD,0x8,0xC,0xF,0x5,0xA,0x0,0x7,0x1,0x9,
-            0xE,0x7,0xA,0xC,0xD,0x1,0x3,0x9,0x0,0x2,0xB,0x4,0xF,0x8,0x5,0x6,
-            0xB,0x5,0x1,0x9,0x8,0xD,0xF,0x0,0xE,0x4,0x2,0x3,0xC,0x7,0xA,0x6,
-            0x3,0xA,0xD,0xC,0x1,0x2,0x0,0xB,0x7,0x5,0x9,0x4,0x8,0xF,0xE,0x6,
-            0x1,0xD,0x2,0x9,0x7,0xA,0x6,0x0,0x8,0xC,0x4,0x5,0xF,0x3,0xB,0xE,
-            0xB,0xA,0xF,0x5,0x0,0xC,0xE,0x8,0x6,0x2,0x3,0x9,0x1,0x7,0xD,0x4
-    };
-    
-    public GOST28147Mac()
-    {
-        mac = new byte[blockSize];
-
-        buf = new byte[blockSize];
-        bufOff = 0;
-    }
-
-    private int[] generateWorkingKey(
-        byte[]  userKey)
-    {
-        if (userKey.length != 32)
-        {
-            throw new IllegalArgumentException("Key length invalid. Key needs to be 32 byte - 256 bit!!!");
-        }
-
-        int key[] = new int[8];
-        for(int i=0; i!=8; i++)
-        {
-            key[i] = bytesToint(userKey,i*4);
-        }
-
-        return key;
-    }
-    
-    public void init(
-        CipherParameters params)
-        throws IllegalArgumentException
-    {
-        reset();
-        buf = new byte[blockSize];
-        macIV = null;
-        if (params instanceof ParametersWithSBox)
-        {
-            ParametersWithSBox   param = (ParametersWithSBox)params;
-
-            //
-            // Set the S-Box
-            //
-            System.arraycopy(param.getSBox(), 0, this.S, 0, param.getSBox().length);
-
-            //
-            // set key if there is one
-            //
-            if (param.getParameters() != null)
-            {
-                workingKey = generateWorkingKey(((KeyParameter)param.getParameters()).getKey());
-            }
-        }
-        else if (params instanceof KeyParameter)
-        {
-            workingKey = generateWorkingKey(((KeyParameter)params).getKey());
-        }
-        else if (params instanceof ParametersWithIV)
-        {
-            ParametersWithIV p = (ParametersWithIV)params;
-
-            workingKey = generateWorkingKey(((KeyParameter)p.getParameters()).getKey());
-            System.arraycopy(p.getIV(), 0, mac, 0, mac.length);
-            macIV = p.getIV(); // don't skip the initial CM5Func
-        }
-        else
-        {
-           throw new IllegalArgumentException("invalid parameter passed to GOST28147 init - " + params.getClass().getName());
-        }
-    }
-
-    public String getAlgorithmName()
-    {
-        return "GOST28147Mac";
-    }
-
-    public int getMacSize()
-    {
-        return macSize;
-    }
-
-    private int gost28147_mainStep(int n1, int key)
-    {
-        int cm = (key + n1); // CM1
-        
-        // S-box replacing
-        
-        int om = S[  0 + ((cm >> (0 * 4)) & 0xF)] << (0 * 4);
-        om += S[ 16 + ((cm >> (1 * 4)) & 0xF)] << (1 * 4);
-        om += S[ 32 + ((cm >> (2 * 4)) & 0xF)] << (2 * 4);
-        om += S[ 48 + ((cm >> (3 * 4)) & 0xF)] << (3 * 4);
-        om += S[ 64 + ((cm >> (4 * 4)) & 0xF)] << (4 * 4);
-        om += S[ 80 + ((cm >> (5 * 4)) & 0xF)] << (5 * 4);
-        om += S[ 96 + ((cm >> (6 * 4)) & 0xF)] << (6 * 4);
-        om += S[112 + ((cm >> (7 * 4)) & 0xF)] << (7 * 4);
-        
-        return om << 11 | om >>> (32-11); // 11-leftshift
-    }
-    
-    private void gost28147MacFunc(
-            int[]   workingKey,
-            byte[]  in,
-            int     inOff,
-            byte[]  out,
-            int     outOff)
-    {
-        int N1, N2, tmp;  //tmp -> for saving N1
-        N1 = bytesToint(in, inOff);
-        N2 = bytesToint(in, inOff + 4);
-        
-        for(int k = 0; k < 2; k++)  // 1-16 steps
-        {
-            for(int j = 0; j < 8; j++)
-            {
-                tmp = N1;
-                N1 = N2 ^ gost28147_mainStep(N1, workingKey[j]); // CM2
-                N2 = tmp;
-            }
-        }
-        
-        intTobytes(N1, out, outOff);
-        intTobytes(N2, out, outOff + 4);
-    }
-    
-    //array of bytes to type int
-    private int bytesToint(
-            byte[]  in,
-            int     inOff)
-    {
-        return  ((in[inOff + 3] << 24) & 0xff000000) + ((in[inOff + 2] << 16) & 0xff0000) +
-        ((in[inOff + 1] << 8) & 0xff00) + (in[inOff] & 0xff);
-    }
-    
-    //int to array of bytes
-    private void intTobytes(
-            int     num,
-            byte[]  out,
-            int     outOff)
-    {
-        out[outOff + 3] = (byte)(num >>> 24);
-        out[outOff + 2] = (byte)(num >>> 16);
-        out[outOff + 1] = (byte)(num >>> 8);
-        out[outOff] =     (byte)num;
-    }
-        
-    private byte[] CM5func(byte[] buf, int bufOff, byte[] mac)
-    {
-        byte[] sum = new byte[buf.length - bufOff];
-
-        System.arraycopy(buf, bufOff, sum, 0, mac.length);
-
-        for (int i = 0; i != mac.length; i++)
-        {
-            sum[i] = (byte)(sum[i] ^ mac[i]);
-        }
-
-        return sum;
-    }
-
-    public void update(byte in)
-            throws IllegalStateException
-    {
-        if (bufOff == buf.length)
-        {
-            byte[] sumbuf = new byte[buf.length];
-            System.arraycopy(buf, 0, sumbuf, 0, mac.length);
-
-            if (firstStep)
-            {
-                firstStep = false;
-                if (macIV != null)
-                {
-                    sumbuf = CM5func(buf, 0, macIV);
-                }
-            }
-            else
-            {
-                sumbuf = CM5func(buf, 0, mac);
-            }
-
-            gost28147MacFunc(workingKey, sumbuf, 0, mac, 0);
-            bufOff = 0;
-        }
-
-        buf[bufOff++] = in;
-    }
-
-    public void update(byte[] in, int inOff, int len)
-        throws DataLengthException, IllegalStateException
-    {
-            if (len < 0)
-            {
-                throw new IllegalArgumentException("Can't have a negative input length!");
-            }
-
-            int gapLen = blockSize - bufOff;
-
-            if (len > gapLen)
-            {
-                System.arraycopy(in, inOff, buf, bufOff, gapLen);
-
-                byte[] sumbuf = new byte[buf.length];
-                System.arraycopy(buf, 0, sumbuf, 0, mac.length);
-
-                if (firstStep)
-                {
-                    firstStep = false;
-                    if (macIV != null)
-                    {
-                        sumbuf = CM5func(buf, 0, macIV);
-                    }
-                }
-                else
-                {
-                    sumbuf = CM5func(buf, 0, mac);
-                }
-
-                gost28147MacFunc(workingKey, sumbuf, 0, mac, 0);
-
-                bufOff = 0;
-                len -= gapLen;
-                inOff += gapLen;
-
-                while (len > blockSize)
-                {
-                    sumbuf = CM5func(in, inOff, mac);
-                    gost28147MacFunc(workingKey, sumbuf, 0, mac, 0);
-
-                    len -= blockSize;
-                    inOff += blockSize;
-                }
-            }
-
-            System.arraycopy(in, inOff, buf, bufOff, len);
-
-            bufOff += len;    
-    }     
-
-    public int doFinal(byte[] out, int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        //padding with zero
-        while (bufOff < blockSize)
-        {
-            buf[bufOff] = 0;
-            bufOff++;
-        }
-
-        byte[] sumbuf = new byte[buf.length];
-        System.arraycopy(buf, 0, sumbuf, 0, mac.length);
-
-        if (firstStep)
-        {
-            firstStep = false;
-        }
-        else
-        {
-            sumbuf = CM5func(buf, 0, mac);
-        }
-
-        gost28147MacFunc(workingKey, sumbuf, 0, mac, 0);
-
-        System.arraycopy(mac, (mac.length/2)-macSize, out, outOff, macSize);
-
-        reset();
-
-        return macSize;
-    }
-
-    public void reset()
-    {
-        /*
-         * clean the buffer.
-         */
-        for (int i = 0; i < buf.length; i++)
-        {
-            buf[i] = 0;
-        }
-
-        bufOff = 0;
-
-        firstStep = true;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/macs/HMac.java b/bcprov/src/main/java/org/bouncycastle/crypto/macs/HMac.java
index d4345d9..5868262 100644
--- a/bcprov/src/main/java/org/bouncycastle/crypto/macs/HMac.java
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/macs/HMac.java

@@ -36,23 +36,29 @@
     {
         blockLengths = new Hashtable();
         
-        blockLengths.put("GOST3411", Integers.valueOf(32));
-        
-        blockLengths.put("MD2", Integers.valueOf(16));
-        blockLengths.put("MD4", Integers.valueOf(64));
+        // BEGIN Android-removed: Unsupported algorithms
+        // blockLengths.put("GOST3411", Integers.valueOf(32));
+        //
+        // blockLengths.put("MD2", Integers.valueOf(16));
+        // blockLengths.put("MD4", Integers.valueOf(64));
+        // END Android-removed: Unsupported algorithms
         blockLengths.put("MD5", Integers.valueOf(64));
-        
-        blockLengths.put("RIPEMD128", Integers.valueOf(64));
-        blockLengths.put("RIPEMD160", Integers.valueOf(64));
+
+        // BEGIN Android-removed: Unsupported algorithms
+        // blockLengths.put("RIPEMD128", Integers.valueOf(64));
+        // blockLengths.put("RIPEMD160", Integers.valueOf(64));
+        // END Android-removed: Unsupported algorithms
         
         blockLengths.put("SHA-1", Integers.valueOf(64));
         blockLengths.put("SHA-224", Integers.valueOf(64));
         blockLengths.put("SHA-256", Integers.valueOf(64));
         blockLengths.put("SHA-384", Integers.valueOf(128));
         blockLengths.put("SHA-512", Integers.valueOf(128));
-        
-        blockLengths.put("Tiger", Integers.valueOf(64));
-        blockLengths.put("Whirlpool", Integers.valueOf(64));
+
+        // BEGIN Android-removed: Unsupported algorithms
+        // blockLengths.put("Tiger", Integers.valueOf(64));
+        // blockLengths.put("Whirlpool", Integers.valueOf(64));
+        // END Android-removed: Unsupported algorithms
     }
     
     private static int getByteLength(

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/macs/ISO9797Alg3Mac.java b/bcprov/src/main/java/org/bouncycastle/crypto/macs/ISO9797Alg3Mac.java
deleted file mode 100644
index 330b39e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/macs/ISO9797Alg3Mac.java
+++ /dev/null

@@ -1,305 +0,0 @@
-package org.bouncycastle.crypto.macs;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.engines.DESEngine;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.paddings.BlockCipherPadding;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-
-/**
- * DES based CBC Block Cipher MAC according to ISO9797, algorithm 3 (ANSI X9.19 Retail MAC)
- *
- * This could as well be derived from CBCBlockCipherMac, but then the property mac in the base
- * class must be changed to protected  
- */
-
-public class ISO9797Alg3Mac 
-    implements Mac 
-{
-    private byte[]              mac;
-    
-    private byte[]              buf;
-    private int                 bufOff;
-    private BlockCipher         cipher;
-    private BlockCipherPadding  padding;
-    
-    private int                 macSize;
-    private KeyParameter        lastKey2;
-    private KeyParameter        lastKey3;
-    
-    /**
-     * create a Retail-MAC based on a CBC block cipher. This will produce an
-     * authentication code of the length of the block size of the cipher.
-     *
-     * @param cipher the cipher to be used as the basis of the MAC generation. This must
-     * be DESEngine.
-     */
-    public ISO9797Alg3Mac(
-            BlockCipher     cipher)
-    {
-        this(cipher, cipher.getBlockSize() * 8, null);
-    }
-    
-    /**
-     * create a Retail-MAC based on a CBC block cipher. This will produce an
-     * authentication code of the length of the block size of the cipher.
-     *
-     * @param cipher the cipher to be used as the basis of the MAC generation.
-     * @param padding the padding to be used to complete the last block.
-     */
-    public ISO9797Alg3Mac(
-        BlockCipher         cipher,
-        BlockCipherPadding  padding)
-    {
-        this(cipher, cipher.getBlockSize() * 8, padding);
-    }
-
-    /**
-     * create a Retail-MAC based on a block cipher with the size of the
-     * MAC been given in bits. This class uses single DES CBC mode as the basis for the
-     * MAC generation.
-     * <p>
-     * Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
-     * or 16 bits if being used as a data authenticator (FIPS Publication 113),
-     * and in general should be less than the size of the block cipher as it reduces
-     * the chance of an exhaustive attack (see Handbook of Applied Cryptography).
-     *
-     * @param cipher the cipher to be used as the basis of the MAC generation.
-     * @param macSizeInBits the size of the MAC in bits, must be a multiple of 8.
-     */
-    public ISO9797Alg3Mac(
-        BlockCipher     cipher,
-        int             macSizeInBits)
-    {
-        this(cipher, macSizeInBits, null);
-    }
-
-    /**
-     * create a standard MAC based on a block cipher with the size of the
-     * MAC been given in bits. This class uses single DES CBC mode as the basis for the
-     * MAC generation. The final block is decrypted and then encrypted using the
-     * middle and right part of the key.
-     * <p>
-     * Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
-     * or 16 bits if being used as a data authenticator (FIPS Publication 113),
-     * and in general should be less than the size of the block cipher as it reduces
-     * the chance of an exhaustive attack (see Handbook of Applied Cryptography).
-     *
-     * @param cipher the cipher to be used as the basis of the MAC generation.
-     * @param macSizeInBits the size of the MAC in bits, must be a multiple of 8.
-     * @param padding the padding to be used to complete the last block.
-     */
-    public ISO9797Alg3Mac(
-        BlockCipher         cipher,
-        int                 macSizeInBits,
-        BlockCipherPadding  padding)
-    {
-        if ((macSizeInBits % 8) != 0)
-        {
-            throw new IllegalArgumentException("MAC size must be multiple of 8");
-        }
-
-        if (!(cipher instanceof DESEngine))
-        {
-            throw new IllegalArgumentException("cipher must be instance of DESEngine");
-        }
-
-        this.cipher = new CBCBlockCipher(cipher);
-        this.padding = padding;
-        this.macSize = macSizeInBits / 8;
-
-        mac = new byte[cipher.getBlockSize()];
-
-        buf = new byte[cipher.getBlockSize()];
-        bufOff = 0;
-    }
-    
-    public String getAlgorithmName()
-    {
-        return "ISO9797Alg3";
-    }
-
-    public void init(CipherParameters params)
-    {
-        reset();
-
-        if (!(params instanceof KeyParameter || params instanceof ParametersWithIV))
-        {
-            throw new IllegalArgumentException(
-                    "params must be an instance of KeyParameter or ParametersWithIV");
-        }
-
-        // KeyParameter must contain a double or triple length DES key,
-        // however the underlying cipher is a single DES. The middle and
-        // right key are used only in the final step.
-
-        KeyParameter kp;
-
-        if (params instanceof KeyParameter)
-        {
-            kp = (KeyParameter)params;
-        }
-        else
-        {
-            kp = (KeyParameter)((ParametersWithIV)params).getParameters();
-        }
-
-        KeyParameter key1;
-        byte[] keyvalue = kp.getKey();
-
-        if (keyvalue.length == 16)
-        { // Double length DES key
-            key1 = new KeyParameter(keyvalue, 0, 8);
-            this.lastKey2 = new KeyParameter(keyvalue, 8, 8);
-            this.lastKey3 = key1;
-        }
-        else if (keyvalue.length == 24)
-        { // Triple length DES key
-            key1 = new KeyParameter(keyvalue, 0, 8);
-            this.lastKey2 = new KeyParameter(keyvalue, 8, 8);
-            this.lastKey3 = new KeyParameter(keyvalue, 16, 8);
-        }
-        else
-        {
-            throw new IllegalArgumentException(
-                    "Key must be either 112 or 168 bit long");
-        }
-
-        if (params instanceof ParametersWithIV)
-        {
-            cipher.init(true, new ParametersWithIV(key1, ((ParametersWithIV)params).getIV()));
-        }
-        else
-        {
-            cipher.init(true, key1);
-        }
-    }
-    
-    public int getMacSize()
-    {
-        return macSize;
-    }
-    
-    public void update(
-            byte        in)
-    {
-        if (bufOff == buf.length)
-        {
-            cipher.processBlock(buf, 0, mac, 0);
-            bufOff = 0;
-        }
-        
-        buf[bufOff++] = in;
-    }
-    
-    
-    public void update(
-            byte[]      in,
-            int         inOff,
-            int         len)
-    {
-        if (len < 0)
-        {
-            throw new IllegalArgumentException("Can't have a negative input length!");
-        }
-        
-        int blockSize = cipher.getBlockSize();
-        int resultLen = 0;
-        int gapLen = blockSize - bufOff;
-        
-        if (len > gapLen)
-        {
-            System.arraycopy(in, inOff, buf, bufOff, gapLen);
-            
-            resultLen += cipher.processBlock(buf, 0, mac, 0);
-            
-            bufOff = 0;
-            len -= gapLen;
-            inOff += gapLen;
-            
-            while (len > blockSize)
-            {
-                resultLen += cipher.processBlock(in, inOff, mac, 0);
-                
-                len -= blockSize;
-                inOff += blockSize;
-            }
-        }
-        
-        System.arraycopy(in, inOff, buf, bufOff, len);
-        
-        bufOff += len;
-    }
-    
-    public int doFinal(
-            byte[]  out,
-            int     outOff)
-    {
-        int blockSize = cipher.getBlockSize();
-        
-        if (padding == null)
-        {
-            //
-            // pad with zeroes
-            //
-            while (bufOff < blockSize)
-            {
-                buf[bufOff] = 0;
-                bufOff++;
-            }
-        }
-        else
-        {
-            if (bufOff == blockSize)
-            {
-                cipher.processBlock(buf, 0, mac, 0);
-                bufOff = 0;
-            }
-            
-            padding.addPadding(buf, bufOff);
-        }
-        
-        cipher.processBlock(buf, 0, mac, 0);
-
-        // Added to code from base class
-        DESEngine deseng = new DESEngine();
-        
-        deseng.init(false, this.lastKey2);
-        deseng.processBlock(mac, 0, mac, 0);
-        
-        deseng.init(true, this.lastKey3);
-        deseng.processBlock(mac, 0, mac, 0);
-        // ****
-        
-        System.arraycopy(mac, 0, out, outOff, macSize);
-        
-        reset();
-        
-        return macSize;
-    }
-
-    
-    /**
-     * Reset the mac generator.
-     */
-    public void reset()
-    {
-        /*
-         * clean the buffer.
-         */
-        for (int i = 0; i < buf.length; i++)
-        {
-            buf[i] = 0;
-        }
-        
-        bufOff = 0;
-        
-        /*
-         * reset the underlying cipher.
-         */
-        cipher.reset();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/macs/KGMac.java b/bcprov/src/main/java/org/bouncycastle/crypto/macs/KGMac.java
deleted file mode 100644
index 7b6b308..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/macs/KGMac.java
+++ /dev/null

@@ -1,116 +0,0 @@
-package org.bouncycastle.crypto.macs;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.modes.KGCMBlockCipher;
-import org.bouncycastle.crypto.params.AEADParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-
-/**
- * The GMAC specialisation of Galois/Counter mode (GCM) detailed in NIST Special Publication
- * 800-38D as adapted for the Kalyna version of GCM.
- * <p>
- * KGMac is an invocation of the KGCM mode where no data is encrypted (i.e. all input data to the Mac
- * is processed as additional authenticated data with the underlying KGCM block cipher).
- */
-public class KGMac
-    implements Mac
-{
-    private final KGCMBlockCipher cipher;
-    private final int macSizeBits;
-
-    /**
-     * Creates a KGMAC based on the operation of a block cipher in GCM mode.
-     * <p>
-     * This will produce an authentication code the length of the block size of the cipher.
-     *
-     * @param cipher
-     *            the cipher to be used in GCM mode to generate the MAC.
-     */
-    public KGMac(final KGCMBlockCipher cipher)
-    {
-        // use of this confused flow analyser in some earlier JDKs
-        this.cipher = cipher;
-        this.macSizeBits = cipher.getUnderlyingCipher().getBlockSize() * 8;
-    }
-
-    /**
-     * Creates a GMAC based on the operation of a 128 bit block cipher in GCM mode.
-     *
-     * @param macSizeBits
-     *            the mac size to generate, in bits. Must be a multiple of 8 and &gt;= 32 and &lt;= 128.
-     *            Sizes less than 96 are not recommended, but are supported for specialized applications.
-     * @param cipher
-     *            the cipher to be used in GCM mode to generate the MAC.
-     */
-    public KGMac(final KGCMBlockCipher cipher, final int macSizeBits)
-    {
-        this.cipher = cipher;
-        this.macSizeBits = macSizeBits;
-    }
-
-    /**
-     * Initialises the GMAC - requires a {@link ParametersWithIV} providing a {@link KeyParameter}
-     * and a nonce.
-     */
-    public void init(final CipherParameters params) throws IllegalArgumentException
-    {
-        if (params instanceof ParametersWithIV)
-        {
-            final ParametersWithIV param = (ParametersWithIV)params;
-
-            final byte[] iv = param.getIV();
-            final KeyParameter keyParam = (KeyParameter)param.getParameters();
-
-            // GCM is always operated in encrypt mode to calculate MAC
-            cipher.init(true, new AEADParameters(keyParam, macSizeBits, iv));
-        }
-        else
-        {
-            throw new IllegalArgumentException("KGMAC requires ParametersWithIV");
-        }
-    }
-
-    public String getAlgorithmName()
-    {
-        return cipher.getUnderlyingCipher().getAlgorithmName() + "-KGMAC";
-    }
-
-    public int getMacSize()
-    {
-        return macSizeBits / 8;
-    }
-
-    public void update(byte in) throws IllegalStateException
-    {
-        cipher.processAADByte(in);
-    }
-
-    public void update(byte[] in, int inOff, int len)
-        throws DataLengthException, IllegalStateException
-    {
-        cipher.processAADBytes(in, inOff, len);
-    }
-
-    public int doFinal(byte[] out, int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        try
-        {
-            return cipher.doFinal(out, outOff);
-        }
-        catch (InvalidCipherTextException e)
-        {
-            // Impossible in encrypt mode
-            throw new IllegalStateException(e.toString());
-        }
-    }
-
-    public void reset()
-    {
-        cipher.reset();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/macs/OldHMac.java b/bcprov/src/main/java/org/bouncycastle/crypto/macs/OldHMac.java
deleted file mode 100644
index 7463afd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/macs/OldHMac.java
+++ /dev/null

@@ -1,138 +0,0 @@
-package org.bouncycastle.crypto.macs;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.params.KeyParameter;
-
-/**
- * HMAC implementation based on RFC2104
- *
- * H(K XOR opad, H(K XOR ipad, text))
- */
-public class OldHMac
-implements Mac
-{
-    private final static int BLOCK_LENGTH = 64;
-
-    private final static byte IPAD = (byte)0x36;
-    private final static byte OPAD = (byte)0x5C;
-
-    private Digest digest;
-    private int digestSize;
-    private byte[] inputPad = new byte[BLOCK_LENGTH];
-    private byte[] outputPad = new byte[BLOCK_LENGTH];
-
-    /**
-     * @deprecated uses incorrect pad for SHA-512 and SHA-384 use HMac.
-     */
-    public OldHMac(
-        Digest digest)
-    {
-        this.digest = digest;
-        digestSize = digest.getDigestSize();
-    }
-
-    public String getAlgorithmName()
-    {
-        return digest.getAlgorithmName() + "/HMAC";
-    }
-
-    public Digest getUnderlyingDigest()
-    {
-        return digest;
-    }
-
-    public void init(
-        CipherParameters params)
-    {
-        digest.reset();
-
-        byte[] key = ((KeyParameter)params).getKey();
-
-        if (key.length > BLOCK_LENGTH)
-        {
-            digest.update(key, 0, key.length);
-            digest.doFinal(inputPad, 0);
-            for (int i = digestSize; i < inputPad.length; i++)
-            {
-                inputPad[i] = 0;
-            }
-        }
-        else
-        {
-            System.arraycopy(key, 0, inputPad, 0, key.length);
-            for (int i = key.length; i < inputPad.length; i++)
-            {
-                inputPad[i] = 0;
-            }
-        }
-
-        outputPad = new byte[inputPad.length];
-        System.arraycopy(inputPad, 0, outputPad, 0, inputPad.length);
-
-        for (int i = 0; i < inputPad.length; i++)
-        {
-            inputPad[i] ^= IPAD;
-        }
-
-        for (int i = 0; i < outputPad.length; i++)
-        {
-            outputPad[i] ^= OPAD;
-        }
-
-        digest.update(inputPad, 0, inputPad.length);
-    }
-
-    public int getMacSize()
-    {
-        return digestSize;
-    }
-
-    public void update(
-        byte in)
-    {
-        digest.update(in);
-    }
-
-    public void update(
-        byte[] in,
-        int inOff,
-        int len)
-    {
-        digest.update(in, inOff, len);
-    }
-
-    public int doFinal(
-        byte[] out,
-        int outOff)
-    {
-        byte[] tmp = new byte[digestSize];
-        digest.doFinal(tmp, 0);
-
-        digest.update(outputPad, 0, outputPad.length);
-        digest.update(tmp, 0, tmp.length);
-
-        int     len = digest.doFinal(out, outOff);
-
-        reset();
-
-        return len;
-    }
-
-    /**
-     * Reset the mac generator.
-     */
-    public void reset()
-    {
-        /*
-         * reset the underlying digest.
-         */
-        digest.reset();
-
-        /*
-         * reinitialize the digest.
-         */
-        digest.update(inputPad, 0, inputPad.length);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/macs/Poly1305.java b/bcprov/src/main/java/org/bouncycastle/crypto/macs/Poly1305.java
deleted file mode 100644
index 382b6fa..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/macs/Poly1305.java
+++ /dev/null

@@ -1,313 +0,0 @@
-package org.bouncycastle.crypto.macs;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Pack;
-
-/**
- * Poly1305 message authentication code, designed by D. J. Bernstein.
- * <p>
- * Poly1305 computes a 128-bit (16 bytes) authenticator, using a 128 bit nonce and a 256 bit key
- * consisting of a 128 bit key applied to an underlying cipher, and a 128 bit key (with 106
- * effective key bits) used in the authenticator.
- * <p>
- * The polynomial calculation in this implementation is adapted from the public domain <a
- * href="https://github.com/floodyberry/poly1305-donna">poly1305-donna-unrolled</a> C implementation
- * by Andrew M (@floodyberry).
- * @see Poly1305KeyGenerator
- */
-public class Poly1305
-    implements Mac
-{
-    private static final int BLOCK_SIZE = 16;
-
-    private final BlockCipher cipher;
-
-    private final byte[] singleByte = new byte[1];
-
-    // Initialised state
-
-    /** Polynomial key */
-    private int r0, r1, r2, r3, r4;
-
-    /** Precomputed 5 * r[1..4] */
-    private int s1, s2, s3, s4;
-
-    /** Encrypted nonce */
-    private int k0, k1, k2, k3;
-
-    // Accumulating state
-
-    /** Current block of buffered input */
-    private final byte[] currentBlock = new byte[BLOCK_SIZE];
-
-    /** Current offset in input buffer */
-    private int currentBlockOffset = 0;
-
-    /** Polynomial accumulator */
-    private int h0, h1, h2, h3, h4;
-
-    /**
-     * Constructs a Poly1305 MAC, where the key passed to init() will be used directly.
-     */
-    public Poly1305()
-    {
-        this.cipher = null;
-    }
-
-    /**
-     * Constructs a Poly1305 MAC, using a 128 bit block cipher.
-     */
-    public Poly1305(final BlockCipher cipher)
-    {
-        if (cipher.getBlockSize() != BLOCK_SIZE)
-        {
-            throw new IllegalArgumentException("Poly1305 requires a 128 bit block cipher.");
-        }
-        this.cipher = cipher;
-    }
-
-    /**
-     * Initialises the Poly1305 MAC.
-     * 
-     * @param params if used with a block cipher, then a {@link ParametersWithIV} containing a 128 bit
-     *        nonce and a {@link KeyParameter} with a 256 bit key complying to the
-     *        {@link Poly1305KeyGenerator Poly1305 key format}, otherwise just the
-     *        {@link KeyParameter}.
-     */
-    public void init(CipherParameters params)
-        throws IllegalArgumentException
-    {
-        byte[] nonce = null;
-
-        if (cipher != null)
-        {
-            if (!(params instanceof ParametersWithIV))
-            {
-                throw new IllegalArgumentException("Poly1305 requires an IV when used with a block cipher.");
-            }
-            
-            ParametersWithIV ivParams = (ParametersWithIV)params;
-            nonce = ivParams.getIV();
-            params = ivParams.getParameters();
-        }
-
-        if (!(params instanceof KeyParameter))
-        {
-            throw new IllegalArgumentException("Poly1305 requires a key.");
-        }
-
-        KeyParameter keyParams = (KeyParameter)params;
-
-        setKey(keyParams.getKey(), nonce);
-
-        reset();
-    }
-
-    private void setKey(final byte[] key, final byte[] nonce)
-    {
-        if (key.length != 32)
-        {
-            throw new IllegalArgumentException("Poly1305 key must be 256 bits.");
-        }
-        if (cipher != null && (nonce == null || nonce.length != BLOCK_SIZE))
-        {
-            throw new IllegalArgumentException("Poly1305 requires a 128 bit IV.");
-        }
-
-        // Extract r portion of key (and "clamp" the values)
-        int t0 = Pack.littleEndianToInt(key, 0);
-        int t1 = Pack.littleEndianToInt(key, 4);
-        int t2 = Pack.littleEndianToInt(key, 8);
-        int t3 = Pack.littleEndianToInt(key, 12);
-
-        // NOTE: The masks perform the key "clamping" implicitly
-        r0 =   t0                       & 0x03FFFFFF;
-        r1 = ((t0 >>> 26) | (t1 <<  6)) & 0x03FFFF03;
-        r2 = ((t1 >>> 20) | (t2 << 12)) & 0x03FFC0FF;
-        r3 = ((t2 >>> 14) | (t3 << 18)) & 0x03F03FFF;
-        r4 =  (t3 >>>  8)               & 0x000FFFFF;
-
-        // Precompute multipliers
-        s1 = r1 * 5;
-        s2 = r2 * 5;
-        s3 = r3 * 5;
-        s4 = r4 * 5;
-
-        final byte[] kBytes;
-        final int kOff;
-
-        if (cipher == null)
-        {
-            kBytes = key;
-            kOff = BLOCK_SIZE;
-        }
-        else
-        {
-            // Compute encrypted nonce
-            kBytes = new byte[BLOCK_SIZE];
-            kOff = 0;
-
-            cipher.init(true, new KeyParameter(key, BLOCK_SIZE, BLOCK_SIZE));
-            cipher.processBlock(nonce, 0, kBytes, 0);
-        }
-
-        k0 = Pack.littleEndianToInt(kBytes, kOff + 0);
-        k1 = Pack.littleEndianToInt(kBytes, kOff + 4);
-        k2 = Pack.littleEndianToInt(kBytes, kOff + 8);
-        k3 = Pack.littleEndianToInt(kBytes, kOff + 12);
-    }
-
-    public String getAlgorithmName()
-    {
-        return cipher == null ? "Poly1305" : "Poly1305-" + cipher.getAlgorithmName();
-    }
-
-    public int getMacSize()
-    {
-        return BLOCK_SIZE;
-    }
-
-    public void update(final byte in)
-        throws IllegalStateException
-    {
-        singleByte[0] = in;
-        update(singleByte, 0, 1);
-    }
-
-    public void update(final byte[] in, final int inOff, final int len)
-        throws DataLengthException,
-        IllegalStateException
-    {
-        int copied = 0;
-        while (len > copied)
-        {
-            if (currentBlockOffset == BLOCK_SIZE)
-            {
-                processBlock();
-                currentBlockOffset = 0;
-            }
-
-            int toCopy = Math.min((len - copied), BLOCK_SIZE - currentBlockOffset);
-            System.arraycopy(in, copied + inOff, currentBlock, currentBlockOffset, toCopy);
-            copied += toCopy;
-            currentBlockOffset += toCopy;
-        }
-
-    }
-
-    private void processBlock()
-    {
-        if (currentBlockOffset < BLOCK_SIZE)
-        {
-            currentBlock[currentBlockOffset] = 1;
-            for (int i = currentBlockOffset + 1; i < BLOCK_SIZE; i++)
-            {
-                currentBlock[i] = 0;
-            }
-        }
-
-        final long t0 = 0xffffffffL & Pack.littleEndianToInt(currentBlock, 0);
-        final long t1 = 0xffffffffL & Pack.littleEndianToInt(currentBlock, 4);
-        final long t2 = 0xffffffffL & Pack.littleEndianToInt(currentBlock, 8);
-        final long t3 = 0xffffffffL & Pack.littleEndianToInt(currentBlock, 12);
-
-        h0 += t0 & 0x3ffffff;
-        h1 += (((t1 << 32) | t0) >>> 26) & 0x3ffffff;
-        h2 += (((t2 << 32) | t1) >>> 20) & 0x3ffffff;
-        h3 += (((t3 << 32) | t2) >>> 14) & 0x3ffffff;
-        h4 += (t3 >>> 8);
-
-        if (currentBlockOffset == BLOCK_SIZE)
-        {
-            h4 += (1 << 24);
-        }
-
-        long tp0 = mul32x32_64(h0,r0) + mul32x32_64(h1,s4) + mul32x32_64(h2,s3) + mul32x32_64(h3,s2) + mul32x32_64(h4,s1);
-        long tp1 = mul32x32_64(h0,r1) + mul32x32_64(h1,r0) + mul32x32_64(h2,s4) + mul32x32_64(h3,s3) + mul32x32_64(h4,s2);
-        long tp2 = mul32x32_64(h0,r2) + mul32x32_64(h1,r1) + mul32x32_64(h2,r0) + mul32x32_64(h3,s4) + mul32x32_64(h4,s3);
-        long tp3 = mul32x32_64(h0,r3) + mul32x32_64(h1,r2) + mul32x32_64(h2,r1) + mul32x32_64(h3,r0) + mul32x32_64(h4,s4);
-        long tp4 = mul32x32_64(h0,r4) + mul32x32_64(h1,r3) + mul32x32_64(h2,r2) + mul32x32_64(h3,r1) + mul32x32_64(h4,r0);
-
-        h0 = (int)tp0 & 0x3ffffff; tp1 += (tp0 >>> 26);
-        h1 = (int)tp1 & 0x3ffffff; tp2 += (tp1 >>> 26);
-        h2 = (int)tp2 & 0x3ffffff; tp3 += (tp2 >>> 26);
-        h3 = (int)tp3 & 0x3ffffff; tp4 += (tp3 >>> 26);
-        h4 = (int)tp4 & 0x3ffffff;
-        h0 += (int)(tp4 >>> 26) * 5;
-        h1 += (h0 >>> 26); h0 &= 0x3ffffff;
-    }
-
-    public int doFinal(final byte[] out, final int outOff)
-        throws DataLengthException,
-        IllegalStateException
-    {
-        if (outOff + BLOCK_SIZE > out.length)
-        {
-            throw new OutputLengthException("Output buffer is too short.");
-        }
-
-        if (currentBlockOffset > 0)
-        {
-            // Process padded final block
-            processBlock();
-        }
-
-        h1 += (h0 >>> 26); h0 &= 0x3ffffff;
-        h2 += (h1 >>> 26); h1 &= 0x3ffffff;
-        h3 += (h2 >>> 26); h2 &= 0x3ffffff;
-        h4 += (h3 >>> 26); h3 &= 0x3ffffff;
-        h0 += (h4 >>> 26) * 5; h4 &= 0x3ffffff;
-        h1 += (h0 >>> 26); h0 &= 0x3ffffff;
-
-        int g0, g1, g2, g3, g4, b;
-        g0 = h0 + 5; b = g0 >>> 26; g0 &= 0x3ffffff;
-        g1 = h1 + b; b = g1 >>> 26; g1 &= 0x3ffffff;
-        g2 = h2 + b; b = g2 >>> 26; g2 &= 0x3ffffff;
-        g3 = h3 + b; b = g3 >>> 26; g3 &= 0x3ffffff;
-        g4 = h4 + b - (1 << 26);
-
-        b = (g4 >>> 31) - 1;
-        int nb = ~b;
-        h0 = (h0 & nb) | (g0 & b);
-        h1 = (h1 & nb) | (g1 & b);
-        h2 = (h2 & nb) | (g2 & b);
-        h3 = (h3 & nb) | (g3 & b);
-        h4 = (h4 & nb) | (g4 & b);
-
-        long f0, f1, f2, f3;
-        f0 = (((h0       ) | (h1 << 26)) & 0xffffffffl) + (0xffffffffL & k0);
-        f1 = (((h1 >>> 6 ) | (h2 << 20)) & 0xffffffffl) + (0xffffffffL & k1);
-        f2 = (((h2 >>> 12) | (h3 << 14)) & 0xffffffffl) + (0xffffffffL & k2);
-        f3 = (((h3 >>> 18) | (h4 << 8 )) & 0xffffffffl) + (0xffffffffL & k3);
-
-        Pack.intToLittleEndian((int)f0, out, outOff);
-        f1 += (f0 >>> 32);
-        Pack.intToLittleEndian((int)f1, out, outOff + 4);
-        f2 += (f1 >>> 32);
-        Pack.intToLittleEndian((int)f2, out, outOff + 8);
-        f3 += (f2 >>> 32);
-        Pack.intToLittleEndian((int)f3, out, outOff + 12);
-
-        reset();
-        return BLOCK_SIZE;
-    }
-
-    public void reset()
-    {
-        currentBlockOffset = 0;
-
-        h0 = h1 = h2 = h3 = h4 = 0;
-    }
-
-    private static final long mul32x32_64(int i1, int i2)
-    {
-        return (i1 & 0xFFFFFFFFL) * i2;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/macs/SipHash.java b/bcprov/src/main/java/org/bouncycastle/crypto/macs/SipHash.java
deleted file mode 100644
index d6b9dbb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/macs/SipHash.java
+++ /dev/null

@@ -1,216 +0,0 @@
-package org.bouncycastle.crypto.macs;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Pack;
-
-/**
- * Implementation of SipHash as specified in "SipHash: a fast short-input PRF", by Jean-Philippe
- * Aumasson and Daniel J. Bernstein (https://131002.net/siphash/siphash.pdf).
- * <p>
- * "SipHash is a family of PRFs SipHash-c-d where the integer parameters c and d are the number of
- * compression rounds and the number of finalization rounds. A compression round is identical to a
- * finalization round and this round function is called SipRound. Given a 128-bit key k and a
- * (possibly empty) byte string m, SipHash-c-d returns a 64-bit value..."
- */
-public class SipHash
-    implements Mac
-{
-    protected final int c, d;
-
-    protected long k0, k1;
-    protected long v0, v1, v2, v3;
-
-    protected long m = 0;
-    protected int wordPos = 0;
-    protected int wordCount = 0;
-
-    /**
-     * SipHash-2-4
-     */
-    public SipHash()
-    {
-        // use of 'this' confuses the flow analyser on earlier JDKs.
-        this.c = 2;
-        this.d = 4;
-    }
-
-    /**
-     * SipHash-c-d
-     *
-     * @param c the number of compression rounds
-     * @param d the number of finalization rounds
-     */
-    public SipHash(int c, int d)
-    {
-        this.c = c;
-        this.d = d;
-    }
-
-    public String getAlgorithmName()
-    {
-        return "SipHash-" + c + "-" + d;
-    }
-
-    public int getMacSize()
-    {
-        return 8;
-    }
-
-    public void init(CipherParameters params)
-        throws IllegalArgumentException
-    {
-        if (!(params instanceof KeyParameter))
-        {
-            throw new IllegalArgumentException("'params' must be an instance of KeyParameter");
-        }
-        KeyParameter keyParameter = (KeyParameter)params;
-        byte[] key = keyParameter.getKey();
-        if (key.length != 16)
-        {
-            throw new IllegalArgumentException("'params' must be a 128-bit key");
-        }
-
-        this.k0 = Pack.littleEndianToLong(key, 0);
-        this.k1 = Pack.littleEndianToLong(key, 8);
-
-        reset();
-    }
-
-    public void update(byte input)
-        throws IllegalStateException
-    {
-        m >>>= 8;
-        m |= (input & 0xffL) << 56;
-
-        if (++wordPos == 8)
-        {
-            processMessageWord();
-            wordPos = 0;
-        }
-    }
-
-    public void update(byte[] input, int offset, int length)
-        throws DataLengthException,
-        IllegalStateException
-    {
-        int i = 0, fullWords = length & ~7;
-        if (wordPos == 0)
-        {
-            for (; i < fullWords; i += 8)
-            {
-                m = Pack.littleEndianToLong(input, offset + i);
-                processMessageWord();
-            }
-            for (; i < length; ++i)
-            {
-                m >>>= 8;
-                m |= (input[offset + i] & 0xffL) << 56;
-            }
-            wordPos = length - fullWords;
-        }
-        else
-        {
-            int bits = wordPos << 3;
-            for (; i < fullWords; i += 8)
-            {
-                long n = Pack.littleEndianToLong(input, offset + i);
-                m = (n << bits) | (m >>> -bits);
-                processMessageWord();
-                m = n;
-            }
-            for (; i < length; ++i)
-            {
-                m >>>= 8;
-                m |= (input[offset + i] & 0xffL) << 56;
-
-                if (++wordPos == 8)
-                {
-                    processMessageWord();
-                    wordPos = 0;
-                }
-            }
-        }
-    }
-
-    public long doFinal()
-        throws DataLengthException, IllegalStateException
-    {
-        // NOTE: 2 distinct shifts to avoid "64-bit shift" when wordPos == 0
-        m >>>= ((7 - wordPos) << 3);
-        m >>>= 8;
-        m |= (((wordCount << 3) + wordPos) & 0xffL) << 56;
-
-        processMessageWord();
-
-        v2 ^= 0xffL;
-
-        applySipRounds(d);
-
-        long result = v0 ^ v1 ^ v2 ^ v3;
-
-        reset();
-
-        return result;
-    }
-
-    public int doFinal(byte[] out, int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        long result = doFinal();
-        Pack.longToLittleEndian(result, out, outOff);
-        return 8;
-    }
-
-    public void reset()
-    {
-        v0 = k0 ^ 0x736f6d6570736575L;
-        v1 = k1 ^ 0x646f72616e646f6dL;
-        v2 = k0 ^ 0x6c7967656e657261L;
-        v3 = k1 ^ 0x7465646279746573L;
-
-        m = 0;
-        wordPos = 0;
-        wordCount = 0;
-    }
-
-    protected void processMessageWord()
-    {
-        ++wordCount;
-        v3 ^= m;
-        applySipRounds(c);
-        v0 ^= m;
-    }
-
-    protected void applySipRounds(int n)
-    {
-        long r0 = v0, r1 = v1, r2 = v2, r3 = v3;
-
-        for (int r = 0; r < n; ++r)
-        {
-            r0 += r1;
-            r2 += r3;
-            r1 = rotateLeft(r1, 13);
-            r3 = rotateLeft(r3, 16);
-            r1 ^= r0;
-            r3 ^= r2;
-            r0 = rotateLeft(r0, 32);
-            r2 += r1;
-            r0 += r3;
-            r1 = rotateLeft(r1, 17);
-            r3 = rotateLeft(r3, 21);
-            r1 ^= r2;
-            r3 ^= r0;
-            r2 = rotateLeft(r2, 32);
-        }
-
-        v0 = r0; v1 = r1; v2 = r2; v3 = r3;
-    }
-
-    protected static long rotateLeft(long x, int n)
-    {
-        return (x << n) | (x >>> -n);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/macs/SkeinMac.java b/bcprov/src/main/java/org/bouncycastle/crypto/macs/SkeinMac.java
deleted file mode 100644
index 7115b51..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/macs/SkeinMac.java
+++ /dev/null

@@ -1,118 +0,0 @@
-package org.bouncycastle.crypto.macs;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.digests.SkeinEngine;
-import org.bouncycastle.crypto.engines.ThreefishEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.SkeinParameters;
-
-/**
- * Implementation of the Skein parameterised MAC function in 256, 512 and 1024 bit block sizes,
- * based on the {@link ThreefishEngine Threefish} tweakable block cipher.
- * <p>
- * This is the 1.3 version of Skein defined in the Skein hash function submission to the NIST SHA-3
- * competition in October 2010.
- * <p>
- * Skein was designed by Niels Ferguson - Stefan Lucks - Bruce Schneier - Doug Whiting - Mihir
- * Bellare - Tadayoshi Kohno - Jon Callas - Jesse Walker.
- *
- * @see SkeinEngine
- * @see SkeinParameters
- */
-public class SkeinMac
-    implements Mac
-{
-    /**
-     * 256 bit block size - Skein MAC-256
-     */
-    public static final int SKEIN_256 = SkeinEngine.SKEIN_256;
-    /**
-     * 512 bit block size - Skein MAC-512
-     */
-    public static final int SKEIN_512 = SkeinEngine.SKEIN_512;
-    /**
-     * 1024 bit block size - Skein MAC-1024
-     */
-    public static final int SKEIN_1024 = SkeinEngine.SKEIN_1024;
-
-    private SkeinEngine engine;
-
-    /**
-     * Constructs a Skein MAC with an internal state size and output size.
-     *
-     * @param stateSizeBits  the internal state size in bits - one of {@link #SKEIN_256}, {@link #SKEIN_512} or
-     *                       {@link #SKEIN_1024}.
-     * @param digestSizeBits the output/MAC size to produce in bits, which must be an integral number of bytes.
-     */
-    public SkeinMac(int stateSizeBits, int digestSizeBits)
-    {
-        this.engine = new SkeinEngine(stateSizeBits, digestSizeBits);
-    }
-
-    public SkeinMac(SkeinMac mac)
-    {
-        this.engine = new SkeinEngine(mac.engine);
-    }
-
-    public String getAlgorithmName()
-    {
-        return "Skein-MAC-" + (engine.getBlockSize() * 8) + "-" + (engine.getOutputSize() * 8);
-    }
-
-    /**
-     * Initialises the Skein digest with the provided parameters.<br>
-     * See {@link SkeinParameters} for details on the parameterisation of the Skein hash function.
-     *
-     * @param params an instance of {@link SkeinParameters} or {@link KeyParameter}.
-     */
-    public void init(CipherParameters params)
-        throws IllegalArgumentException
-    {
-        SkeinParameters skeinParameters;
-        if (params instanceof SkeinParameters)
-        {
-            skeinParameters = (SkeinParameters)params;
-        }
-        else if (params instanceof KeyParameter)
-        {
-            skeinParameters = new SkeinParameters.Builder().setKey(((KeyParameter)params).getKey()).build();
-        }
-        else
-        {
-            throw new IllegalArgumentException("Invalid parameter passed to Skein MAC init - "
-                + params.getClass().getName());
-        }
-        if (skeinParameters.getKey() == null)
-        {
-            throw new IllegalArgumentException("Skein MAC requires a key parameter.");
-        }
-        engine.init(skeinParameters);
-    }
-
-    public int getMacSize()
-    {
-        return engine.getOutputSize();
-    }
-
-    public void reset()
-    {
-        engine.reset();
-    }
-
-    public void update(byte in)
-    {
-        engine.update(in);
-    }
-
-    public void update(byte[] in, int inOff, int len)
-    {
-        engine.update(in, inOff, len);
-    }
-
-    public int doFinal(byte[] out, int outOff)
-    {
-        return engine.doFinal(out, outOff);
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/macs/VMPCMac.java b/bcprov/src/main/java/org/bouncycastle/crypto/macs/VMPCMac.java
deleted file mode 100644
index b859b74..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/macs/VMPCMac.java
+++ /dev/null

@@ -1,186 +0,0 @@
-package org.bouncycastle.crypto.macs;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-
-public class VMPCMac implements Mac
-{
-    private byte g;
-
-    private byte n = 0;
-    private byte[] P = null;
-    private byte s = 0;
-
-    private byte[] T;
-    private byte[] workingIV;
-
-    private byte[] workingKey;
-
-    private byte x1, x2, x3, x4;
-
-    public int doFinal(byte[] out, int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        // Execute the Post-Processing Phase
-        for (int r = 1; r < 25; r++)
-        {
-            s = P[(s + P[n & 0xff]) & 0xff];
-
-            x4 = P[(x4 + x3 + r) & 0xff];
-            x3 = P[(x3 + x2 + r) & 0xff];
-            x2 = P[(x2 + x1 + r) & 0xff];
-            x1 = P[(x1 + s + r) & 0xff];
-            T[g & 0x1f] = (byte) (T[g & 0x1f] ^ x1);
-            T[(g + 1) & 0x1f] = (byte) (T[(g + 1) & 0x1f] ^ x2);
-            T[(g + 2) & 0x1f] = (byte) (T[(g + 2) & 0x1f] ^ x3);
-            T[(g + 3) & 0x1f] = (byte) (T[(g + 3) & 0x1f] ^ x4);
-            g = (byte) ((g + 4) & 0x1f);
-
-            byte temp = P[n & 0xff];
-            P[n & 0xff] = P[s & 0xff];
-            P[s & 0xff] = temp;
-            n = (byte) ((n + 1) & 0xff);
-        }
-
-        // Input T to the IV-phase of the VMPC KSA
-        for (int m = 0; m < 768; m++)
-        {
-            s = P[(s + P[m & 0xff] + T[m & 0x1f]) & 0xff];
-            byte temp = P[m & 0xff];
-            P[m & 0xff] = P[s & 0xff];
-            P[s & 0xff] = temp;
-        }
-
-        // Store 20 new outputs of the VMPC Stream Cipher in table M
-        byte[] M = new byte[20];
-        for (int i = 0; i < 20; i++)
-        {
-            s = P[(s + P[i & 0xff]) & 0xff];
-            M[i] = P[(P[(P[s & 0xff]) & 0xff] + 1) & 0xff];
-
-            byte temp = P[i & 0xff];
-            P[i & 0xff] = P[s & 0xff];
-            P[s & 0xff] = temp;
-        }
-
-        System.arraycopy(M, 0, out, outOff, M.length);
-        reset();
-
-        return M.length;
-    }
-
-    public String getAlgorithmName()
-    {
-        return "VMPC-MAC";
-    }
-
-    public int getMacSize()
-    {
-        return 20;
-    }
-
-    public void init(CipherParameters params) throws IllegalArgumentException
-    {
-        if (!(params instanceof ParametersWithIV))
-        {
-            throw new IllegalArgumentException(
-                "VMPC-MAC Init parameters must include an IV");
-        }
-
-        ParametersWithIV ivParams = (ParametersWithIV) params;
-        KeyParameter key = (KeyParameter) ivParams.getParameters();
-
-        if (!(ivParams.getParameters() instanceof KeyParameter))
-        {
-            throw new IllegalArgumentException(
-                "VMPC-MAC Init parameters must include a key");
-        }
-
-        this.workingIV = ivParams.getIV();
-
-        if (workingIV == null || workingIV.length < 1 || workingIV.length > 768)
-        {
-            throw new IllegalArgumentException(
-                "VMPC-MAC requires 1 to 768 bytes of IV");
-        }
-
-        this.workingKey = key.getKey();
-
-        reset();
-
-    }
-
-    private void initKey(byte[] keyBytes, byte[] ivBytes)
-    {
-        s = 0;
-        P = new byte[256];
-        for (int i = 0; i < 256; i++)
-        {
-            P[i] = (byte) i;
-        }
-        for (int m = 0; m < 768; m++)
-        {
-            s = P[(s + P[m & 0xff] + keyBytes[m % keyBytes.length]) & 0xff];
-            byte temp = P[m & 0xff];
-            P[m & 0xff] = P[s & 0xff];
-            P[s & 0xff] = temp;
-        }
-        for (int m = 0; m < 768; m++)
-        {
-            s = P[(s + P[m & 0xff] + ivBytes[m % ivBytes.length]) & 0xff];
-            byte temp = P[m & 0xff];
-            P[m & 0xff] = P[s & 0xff];
-            P[s & 0xff] = temp;
-        }
-        n = 0;
-    }
-
-    public void reset()
-    {
-        initKey(this.workingKey, this.workingIV);
-        g = x1 = x2 = x3 = x4 = n = 0;
-        T = new byte[32];
-        for (int i = 0; i < 32; i++)
-        {
-            T[i] = 0;
-        }
-    }
-
-    public void update(byte in) throws IllegalStateException
-    {
-        s = P[(s + P[n & 0xff]) & 0xff];
-        byte c = (byte) (in ^ P[(P[(P[s & 0xff]) & 0xff] + 1) & 0xff]);
-
-        x4 = P[(x4 + x3) & 0xff];
-        x3 = P[(x3 + x2) & 0xff];
-        x2 = P[(x2 + x1) & 0xff];
-        x1 = P[(x1 + s + c) & 0xff];
-        T[g & 0x1f] = (byte) (T[g & 0x1f] ^ x1);
-        T[(g + 1) & 0x1f] = (byte) (T[(g + 1) & 0x1f] ^ x2);
-        T[(g + 2) & 0x1f] = (byte) (T[(g + 2) & 0x1f] ^ x3);
-        T[(g + 3) & 0x1f] = (byte) (T[(g + 3) & 0x1f] ^ x4);
-        g = (byte) ((g + 4) & 0x1f);
-
-        byte temp = P[n & 0xff];
-        P[n & 0xff] = P[s & 0xff];
-        P[s & 0xff] = temp;
-        n = (byte) ((n + 1) & 0xff);
-    }
-
-    public void update(byte[] in, int inOff, int len)
-        throws DataLengthException, IllegalStateException
-    {
-        if ((inOff + len) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-
-        for (int i = 0; i < len; i++)
-        {
-            update(in[inOff + i]);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/macs/package.html b/bcprov/src/main/java/org/bouncycastle/crypto/macs/package.html
deleted file mode 100644
index 0b1f86d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/macs/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Classes for creating MACs and HMACs.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/EAXBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/EAXBlockCipher.java
deleted file mode 100644
index 3bb275b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/EAXBlockCipher.java
+++ /dev/null

@@ -1,387 +0,0 @@
-package org.bouncycastle.crypto.modes;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.macs.CMac;
-import org.bouncycastle.crypto.params.AEADParameters;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Arrays;
-
-/**
- * A Two-Pass Authenticated-Encryption Scheme Optimized for Simplicity and
- * Efficiency - by M. Bellare, P. Rogaway, D. Wagner.
- *
- * http://www.cs.ucdavis.edu/~rogaway/papers/eax.pdf
- *
- * EAX is an AEAD scheme based on CTR and OMAC1/CMAC, that uses a single block
- * cipher to encrypt and authenticate data. It's on-line (the length of a
- * message isn't needed to begin processing it), has good performances, it's
- * simple and provably secure (provided the underlying block cipher is secure).
- *
- * Of course, this implementations is NOT thread-safe.
- */
-public class EAXBlockCipher
-    implements AEADBlockCipher
-{
-    private static final byte nTAG = 0x0;
-
-    private static final byte hTAG = 0x1;
-
-    private static final byte cTAG = 0x2;
-
-    private SICBlockCipher cipher;
-
-    private boolean forEncryption;
-
-    private int blockSize;
-
-    private Mac mac;
-
-    private byte[] nonceMac;
-    private byte[] associatedTextMac;
-    private byte[] macBlock;
-
-    private int macSize;
-    private byte[] bufBlock;
-    private int bufOff;
-
-    private boolean cipherInitialized;
-    private byte[] initialAssociatedText;
-
-    /**
-     * Constructor that accepts an instance of a block cipher engine.
-     *
-     * @param cipher the engine to use
-     */
-    public EAXBlockCipher(BlockCipher cipher)
-    {
-        blockSize = cipher.getBlockSize();
-        mac = new CMac(cipher);
-        macBlock = new byte[blockSize];
-        associatedTextMac = new byte[mac.getMacSize()];
-        nonceMac = new byte[mac.getMacSize()];
-        this.cipher = new SICBlockCipher(cipher);
-    }
-
-    public String getAlgorithmName()
-    {
-        return cipher.getUnderlyingCipher().getAlgorithmName() + "/EAX";
-    }
-
-    public BlockCipher getUnderlyingCipher()
-    {
-        return cipher.getUnderlyingCipher();
-    }
-
-    public int getBlockSize()
-    {
-        return cipher.getBlockSize();
-    }
-
-    public void init(boolean forEncryption, CipherParameters params)
-        throws IllegalArgumentException
-    {
-        this.forEncryption = forEncryption;
-
-        byte[] nonce;
-        CipherParameters keyParam;
-
-        if (params instanceof AEADParameters)
-        {
-            AEADParameters param = (AEADParameters)params;
-
-            nonce = param.getNonce();
-            initialAssociatedText = param.getAssociatedText();
-            macSize = param.getMacSize() / 8;
-            keyParam = param.getKey();
-        }
-        else if (params instanceof ParametersWithIV)
-        {
-            ParametersWithIV param = (ParametersWithIV)params;
-
-            nonce = param.getIV();
-            initialAssociatedText = null;
-            macSize = mac.getMacSize() / 2;
-            keyParam = param.getParameters();
-        }
-        else
-        {
-            throw new IllegalArgumentException("invalid parameters passed to EAX");
-        }
-
-        bufBlock = new byte[forEncryption ? blockSize : (blockSize + macSize)];
-
-        byte[] tag = new byte[blockSize];
-
-        // Key reuse implemented in CBC mode of underlying CMac
-        mac.init(keyParam);
-
-        tag[blockSize - 1] = nTAG;
-        mac.update(tag, 0, blockSize);
-        mac.update(nonce, 0, nonce.length);
-        mac.doFinal(nonceMac, 0);
-
-        // Same BlockCipher underlies this and the mac, so reuse last key on cipher
-        cipher.init(true, new ParametersWithIV(null, nonceMac));
-
-        reset();
-    }
-
-    private void initCipher()
-    {
-        if (cipherInitialized)
-        {
-            return;
-        }
-
-        cipherInitialized = true;
-
-        mac.doFinal(associatedTextMac, 0);
-
-        byte[] tag = new byte[blockSize];
-        tag[blockSize - 1] = cTAG;
-        mac.update(tag, 0, blockSize);
-    }
-
-    private void calculateMac()
-    {
-        byte[] outC = new byte[blockSize];
-        mac.doFinal(outC, 0);
-
-        for (int i = 0; i < macBlock.length; i++)
-        {
-            macBlock[i] = (byte)(nonceMac[i] ^ associatedTextMac[i] ^ outC[i]);
-        }
-    }
-
-    public void reset()
-    {
-        reset(true);
-    }
-
-    private void reset(
-        boolean clearMac)
-    {
-        cipher.reset(); // TODO Redundant since the mac will reset it?
-        mac.reset();
-
-        bufOff = 0;
-        Arrays.fill(bufBlock, (byte)0);
-
-        if (clearMac)
-        {
-            Arrays.fill(macBlock, (byte)0);
-        }
-
-        byte[] tag = new byte[blockSize];
-        tag[blockSize - 1] = hTAG;
-        mac.update(tag, 0, blockSize);
-
-        cipherInitialized = false;
-
-        if (initialAssociatedText != null)
-        {
-           processAADBytes(initialAssociatedText, 0, initialAssociatedText.length);
-        }
-    }
-
-    public void processAADByte(byte in)
-    {
-        if (cipherInitialized)
-        {
-            throw new IllegalStateException("AAD data cannot be added after encryption/decryption processing has begun.");
-        }
-        mac.update(in);
-    }
-
-    public void processAADBytes(byte[] in, int inOff, int len)
-    {
-        if (cipherInitialized)
-        {
-            throw new IllegalStateException("AAD data cannot be added after encryption/decryption processing has begun.");
-        }
-        mac.update(in, inOff, len);
-    }
-
-    public int processByte(byte in, byte[] out, int outOff)
-        throws DataLengthException
-    {
-        initCipher();
-
-        return process(in, out, outOff);
-    }
-
-    public int processBytes(byte[] in, int inOff, int len, byte[] out, int outOff)
-        throws DataLengthException
-    {
-        initCipher();
-
-        if (in.length < (inOff + len))
-        {
-            throw new DataLengthException("Input buffer too short");
-        }
-
-        int resultLen = 0;
-
-        for (int i = 0; i != len; i++)
-        {
-            resultLen += process(in[inOff + i], out, outOff + resultLen);
-        }
-
-        return resultLen;
-    }
-
-    public int doFinal(byte[] out, int outOff)
-        throws IllegalStateException, InvalidCipherTextException
-    {
-        initCipher();
-
-        int extra = bufOff;
-        byte[] tmp = new byte[bufBlock.length];
-
-        bufOff = 0;
-
-        if (forEncryption)
-        {
-            if (out.length < (outOff + extra + macSize))
-            {
-                throw new OutputLengthException("Output buffer too short");
-            }
-            cipher.processBlock(bufBlock, 0, tmp, 0);
-
-            System.arraycopy(tmp, 0, out, outOff, extra);
-
-            mac.update(tmp, 0, extra);
-
-            calculateMac();
-
-            System.arraycopy(macBlock, 0, out, outOff + extra, macSize);
-
-            reset(false);
-
-            return extra + macSize;
-        }
-        else
-        {
-            if (extra < macSize)
-            {
-                throw new InvalidCipherTextException("data too short");
-            }
-            if (out.length < (outOff + extra - macSize))
-            {
-                throw new OutputLengthException("Output buffer too short");
-            }
-            if (extra > macSize)
-            {
-                mac.update(bufBlock, 0, extra - macSize);
-
-                cipher.processBlock(bufBlock, 0, tmp, 0);
-
-                System.arraycopy(tmp, 0, out, outOff, extra - macSize);
-            }
-
-            calculateMac();
-
-            if (!verifyMac(bufBlock, extra - macSize))
-            {
-                throw new InvalidCipherTextException("mac check in EAX failed");
-            }
-
-            reset(false);
-
-            return extra - macSize;
-        }
-    }
-
-    public byte[] getMac()
-    {
-        byte[] mac = new byte[macSize];
-
-        System.arraycopy(macBlock, 0, mac, 0, macSize);
-
-        return mac;
-    }
-
-    public int getUpdateOutputSize(int len)
-    {
-        int totalData = len + bufOff;
-        if (!forEncryption)
-        {
-            if (totalData < macSize)
-            {
-                return 0;
-            }
-            totalData -= macSize;
-        }
-        return totalData - totalData % blockSize;
-    }
-
-    public int getOutputSize(int len)
-    {
-        int totalData = len + bufOff;
-
-        if (forEncryption)
-        {
-            return totalData + macSize;
-        }
-
-        return totalData < macSize ? 0 : totalData - macSize;
-    }
-
-    private int process(byte b, byte[] out, int outOff)
-    {
-        bufBlock[bufOff++] = b;
-
-        if (bufOff == bufBlock.length)
-        {
-            if (out.length < (outOff + blockSize))
-            {
-                throw new OutputLengthException("Output buffer is too short");
-            }
-            // TODO Could move the processByte(s) calls to here
-//            initCipher();
-
-            int size;
-
-            if (forEncryption)
-            {
-                size = cipher.processBlock(bufBlock, 0, out, outOff);
-
-                mac.update(out, outOff, blockSize);
-            }
-            else
-            {
-                mac.update(bufBlock, 0, blockSize);
-
-                size = cipher.processBlock(bufBlock, 0, out, outOff);
-            }
-
-            bufOff = 0;
-            if (!forEncryption)
-            {
-                System.arraycopy(bufBlock, blockSize, bufBlock, 0, macSize);
-                bufOff = macSize;
-            }
-
-            return size;
-        }
-
-        return 0;
-    }
-
-    private boolean verifyMac(byte[] mac, int off)
-    {
-        int nonEqual = 0;
-
-        for (int i = 0; i < macSize; i++)
-        {
-            nonEqual |= (macBlock[i] ^ mac[off + i]);
-        }
-
-        return nonEqual == 0;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/G3413CBCBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/G3413CBCBlockCipher.java
deleted file mode 100644
index 97ba1f9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/G3413CBCBlockCipher.java
+++ /dev/null

@@ -1,177 +0,0 @@
-package org.bouncycastle.crypto.modes;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Arrays;
-
-/**
- * An implementation of the CBC mode for GOST 3412 2015 cipher.
- * See  <a href="http://www.tc26.ru/standard/gost/GOST_R_3413-2015.pdf">GOST R 3413 2015</a>
- */
-public class G3413CBCBlockCipher
-    implements BlockCipher
-{
-
-    private int m;
-    private int blockSize;
-    private byte[] R;
-    private byte[] R_init;
-    private BlockCipher cipher;
-    private boolean initialized = false;
-    private boolean forEncryption;
-
-    /**
-     * @param cipher base cipher
-     */
-    public G3413CBCBlockCipher(BlockCipher cipher)
-    {
-        this.blockSize = cipher.getBlockSize();
-        this.cipher = cipher;
-    }
-
-    public void init(boolean forEncryption, CipherParameters params)
-        throws IllegalArgumentException
-    {
-        this.forEncryption = forEncryption;
-        if (params instanceof ParametersWithIV)
-        {
-            ParametersWithIV ivParam = (ParametersWithIV)params;
-
-            byte[] iv = ivParam.getIV();
-
-            if (iv.length < blockSize)
-            {
-                throw new IllegalArgumentException("Parameter m must blockSize <= m");
-            }
-            this.m = iv.length;
-
-            initArrays();
-
-            R_init = Arrays.clone(iv);
-            System.arraycopy(R_init, 0, R, 0, R_init.length);
-
-            // if null it's an IV changed only.
-            if (ivParam.getParameters() != null)
-            {
-                cipher.init(forEncryption, ivParam.getParameters());
-            }
-        }
-        else
-        {
-            setupDefaultParams();
-
-            initArrays();
-            System.arraycopy(R_init, 0, R, 0, R_init.length);
-
-            // if it's null, key is to be reused.
-            if (params != null)
-            {
-                cipher.init(forEncryption, params);
-            }
-        }
-
-        initialized = true;
-    }
-    
-    /**
-     * allocate memory for R and R_init arrays
-     */
-    private void initArrays()
-    {
-        R = new byte[m];
-        R_init = new byte[m];
-    }
-
-    /**
-     * this method sets default values to <b>m</b> parameter:<br>
-     * m = <b>blockSize</b>
-     */
-    private void setupDefaultParams()
-    {
-        this.m = blockSize;
-    }
-
-    public String getAlgorithmName()
-    {
-        return cipher.getAlgorithmName() + "/CBC";
-    }
-
-    public int getBlockSize()
-    {
-        return blockSize;
-    }
-
-    public int processBlock(byte[] in, int inOff, byte[] out, int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-
-        return (forEncryption) ? encrypt(in, inOff, out, outOff) : decrypt(in, inOff, out, outOff);
-    }
-
-
-    private int encrypt(byte[] in, int inOff, byte[] out, int outOff)
-    {
-
-        byte[] msb = GOST3413CipherUtil.MSB(R, blockSize);
-        byte[] input = GOST3413CipherUtil.copyFromInput(in, blockSize, inOff);
-        byte[] sum = GOST3413CipherUtil.sum(input, msb);
-        byte[] c = new byte[sum.length];
-        cipher.processBlock(sum, 0, c, 0);
-
-        System.arraycopy(c, 0, out, outOff, c.length);
-
-        if (out.length > (outOff + sum.length))
-        {
-            generateR(c);
-        }
-
-        return c.length;
-    }
-
-
-    private int decrypt(byte[] in, int inOff, byte[] out, int outOff)
-    {
-
-        byte[] msb = GOST3413CipherUtil.MSB(R, blockSize);
-        byte[] input = GOST3413CipherUtil.copyFromInput(in, blockSize, inOff);
-
-        byte[] c = new byte[input.length];
-        cipher.processBlock(input, 0, c, 0);
-
-        byte[] sum = GOST3413CipherUtil.sum(c, msb);
-
-        System.arraycopy(sum, 0, out, outOff, sum.length);
-
-
-        if (out.length > (outOff + sum.length))
-        {
-            generateR(input);
-        }
-
-        return sum.length;
-    }
-
-    /**
-     * generate new R value
-     *
-     * @param C processed block
-     */
-    private void generateR(byte[] C)
-    {
-        byte[] buf = GOST3413CipherUtil.LSB(R, m - blockSize);
-        System.arraycopy(buf, 0, R, 0, buf.length);
-        System.arraycopy(C, 0, R, buf.length, m - buf.length);
-    }
-
-
-    public void reset()
-    {
-        if (initialized)
-        {
-            System.arraycopy(R_init, 0, R, 0, R_init.length);
-            cipher.reset();
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/G3413CFBBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/G3413CFBBlockCipher.java
deleted file mode 100644
index 34afce2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/G3413CFBBlockCipher.java
+++ /dev/null

@@ -1,219 +0,0 @@
-package org.bouncycastle.crypto.modes;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.StreamBlockCipher;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Arrays;
-
-/**
- * An implementation of the CFB mode for GOST 3412 2015 cipher.
- * See  <a href="http://www.tc26.ru/standard/gost/GOST_R_3413-2015.pdf">GOST R 3413 2015</a>
- */
-public class G3413CFBBlockCipher
-    extends StreamBlockCipher
-{
-    private final int s;
-    private int m;
-    private int blockSize;
-    private byte[] R;
-    private byte[] R_init;
-    private BlockCipher cipher;
-    private boolean forEncryption;
-    private boolean initialized = false;
-
-    private byte[] gamma;
-    private byte[] inBuf;
-    private int byteCount;
-
-    /**
-     * Base constructor.
-     *
-     * @param cipher base cipher
-     */
-    public G3413CFBBlockCipher(BlockCipher cipher)
-    {
-        this(cipher, cipher.getBlockSize() * 8);
-    }
-
-    /**
-     * Base constructor with specific block size.
-     *
-     * @param cipher base cipher
-     * @param bitBlockSize basic unit (defined as s)
-     */
-    public G3413CFBBlockCipher(BlockCipher cipher, int bitBlockSize)
-    {
-        super(cipher);
-
-        if (bitBlockSize < 0 || bitBlockSize > cipher.getBlockSize() * 8)
-        {
-            throw new IllegalArgumentException("Parameter bitBlockSize must be in range 0 < bitBlockSize <= "
-                            + cipher.getBlockSize() * 8);
-        }
-
-        this.blockSize = cipher.getBlockSize();
-        this.cipher = cipher;
-        this.s = bitBlockSize / 8;
-        inBuf = new byte[getBlockSize()];
-    }
-
-    /**
-     * Initialise the cipher and initialisation vector R.
-     * If an IV isn't passed as part of the parameter, the IV will be all zeros.
-     * An IV which is too short is handled in FIPS compliant fashion.
-     * R_init = IV, and R1 = R_init
-     *
-     * @param forEncryption ignored because encryption and decryption are same
-     * @param params        the key and other data required by the cipher.
-     * @throws IllegalArgumentException
-     */
-    public void init(boolean forEncryption, CipherParameters params)
-        throws IllegalArgumentException
-    {
-        this.forEncryption = forEncryption;
-        if (params instanceof ParametersWithIV)
-        {
-            ParametersWithIV ivParam = (ParametersWithIV)params;
-
-            byte[] iv = ivParam.getIV();
-
-            if (iv.length < blockSize)
-            {
-                throw new IllegalArgumentException("Parameter m must blockSize <= m");
-            }
-            m = iv.length;
-
-            initArrays();
-
-            R_init = Arrays.clone(iv);
-            System.arraycopy(R_init, 0, R, 0, R_init.length);
-
-
-            // if null it's an IV changed only.
-            if (ivParam.getParameters() != null)
-            {
-                cipher.init(true, ivParam.getParameters());
-            }
-        }
-        else
-        {
-            setupDefaultParams();
-
-            initArrays();
-            System.arraycopy(R_init, 0, R, 0, R_init.length);
-
-
-            // if it's null, key is to be reused.
-            if (params != null)
-            {
-                cipher.init(true, params);
-            }
-        }
-
-        initialized = true;
-    }
-
-    /**
-     * allocate memory for R and R_init arrays
-     */
-    private void initArrays()
-    {
-        R = new byte[m];
-        R_init = new byte[m];
-    }
-
-    /**
-     * this method sets default values to <b>s</b> and <b>m</b> parameters:<br>
-     * s = <b>blockSize</b>; <br>
-     * m = <b>2 * blockSize</b>
-     */
-    private void setupDefaultParams()
-    {
-        this.m = 2 * blockSize;
-    }
-
-
-    public String getAlgorithmName()
-    {
-        return cipher.getAlgorithmName() + "/CFB" + (blockSize * 8);
-    }
-
-    public int getBlockSize()
-    {
-        return s;
-    }
-
-    public int processBlock(byte[] in, int inOff, byte[] out, int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        this.processBytes(in, inOff, getBlockSize(), out, outOff);
-
-        return getBlockSize();
-    }
-
-    protected byte calculateByte(byte in)
-    {
-        if (byteCount == 0)
-        {
-            gamma = createGamma();
-        }
-
-        byte rv = (byte)(gamma[byteCount] ^ in);
-        inBuf[byteCount++] = (forEncryption) ? rv : in;
-
-        if (byteCount == getBlockSize())
-        {
-            byteCount = 0;
-            generateR(inBuf);
-        }
-
-        return rv;
-    }
-
-    /**
-     * creating gamma value
-     *
-     * @return gamma
-     */
-    byte[] createGamma()
-    {
-        byte[] msb = GOST3413CipherUtil.MSB(R, blockSize);
-        byte[] encryptedMsb = new byte[msb.length];
-        cipher.processBlock(msb, 0, encryptedMsb, 0);
-        return GOST3413CipherUtil.MSB(encryptedMsb, s);
-    }
-
-    /**
-     * generate new R value
-     *
-     * @param C processed block
-     */
-    void generateR(byte[] C)
-    {
-
-        byte[] buf = GOST3413CipherUtil.LSB(R, m - s);
-        System.arraycopy(buf, 0, R, 0, buf.length);
-        System.arraycopy(C, 0, R, buf.length, m - buf.length);
-    }
-
-    /**
-     * copy R_init into R and reset the underlying
-     * cipher.
-     */
-    public void reset()
-    {
-
-        byteCount = 0;
-        Arrays.clear(inBuf);
-        Arrays.clear(gamma);
-
-        if (initialized)
-        {
-            System.arraycopy(R_init, 0, R, 0, R_init.length);
-
-            cipher.reset();
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/G3413CTRBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/G3413CTRBlockCipher.java
deleted file mode 100644
index 9e4a677..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/G3413CTRBlockCipher.java
+++ /dev/null

@@ -1,228 +0,0 @@
-package org.bouncycastle.crypto.modes;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.StreamBlockCipher;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Arrays;
-
-/**
- * implements the GOST 3412 2015 CTR counter mode (GCTR).
- */
-public class G3413CTRBlockCipher
-    extends StreamBlockCipher
-{
-
-
-    private final int s;
-    private byte[] CTR;
-    private byte[] IV;
-    private byte[] buf;
-    private final int blockSize;
-    private final BlockCipher cipher;
-    private int byteCount = 0;
-    private boolean initialized;
-
-
-    /**
-     * Basic constructor.
-     *
-     * @param cipher the block cipher to be used as the basis of the
-     *               counter mode (must have a 64 bit block size).
-     */
-    public G3413CTRBlockCipher(
-        BlockCipher cipher)
-    {
-        this(cipher, cipher.getBlockSize() * 8);
-    }
-
-    /**
-     * Basic constructor.
-     *
-     * @param cipher       the block cipher to be used as the basis of the
-     *                     counter mode (must have a 64 bit block size).
-     * @param bitBlockSize basic unit (defined as s)
-     */
-    public G3413CTRBlockCipher(BlockCipher cipher, int bitBlockSize)
-    {
-        super(cipher);
-
-        if (bitBlockSize < 0 || bitBlockSize > cipher.getBlockSize() * 8)
-        {
-            throw new IllegalArgumentException("Parameter bitBlockSize must be in range 0 < bitBlockSize <= "
-                            + cipher.getBlockSize() * 8);
-        }
-
-        this.cipher = cipher;
-        this.blockSize = cipher.getBlockSize();
-        this.s = bitBlockSize / 8;
-        CTR = new byte[blockSize];
-    }
-
-    /**
-     * Initialise the cipher and, possibly, the initialisation vector (IV).
-     * If an IV isn't passed as part of the parameter, the IV will be all zeros.
-     * An IV which is too short is handled in FIPS compliant fashion.
-     *
-     * @param encrypting if true the cipher is initialised for
-     *                   encryption, if false for decryption.
-     * @param params     the key and other data required by the cipher.
-     * @throws IllegalArgumentException if the params argument is
-     * inappropriate.
-     */
-    public void init(
-        boolean encrypting, //ignored by this CTR mode
-        CipherParameters params)
-        throws IllegalArgumentException
-    {
-
-        if (params instanceof ParametersWithIV)
-        {
-            ParametersWithIV ivParam = (ParametersWithIV)params;
-
-            initArrays();
-
-            IV = Arrays.clone(ivParam.getIV());
-
-            if (IV.length != blockSize / 2)
-            {
-                throw new IllegalArgumentException("Parameter IV length must be == blockSize/2");
-            }
-
-            System.arraycopy(IV, 0, CTR, 0, IV.length);
-            for (int i = IV.length; i < blockSize; i++)
-            {
-                CTR[i] = 0;
-            }
-
-            // if null it's an IV changed only.
-            if (ivParam.getParameters() != null)
-            {
-                cipher.init(true, ivParam.getParameters());
-            }
-        }
-        else
-        {
-            initArrays();
-
-            // if it's null, key is to be reused.
-            if (params != null)
-            {
-                cipher.init(true, params);
-            }
-        }
-
-        initialized = true;
-    }
-    
-    private void initArrays()
-    {
-        IV = new byte[blockSize / 2];
-        CTR = new byte[blockSize];
-        buf = new byte[s];
-    }
-
-    /**
-     * return the algorithm name and mode.
-     *
-     * @return the name of the underlying algorithm followed by "/GCTR"
-     * and the block size in bits
-     */
-    public String getAlgorithmName()
-    {
-        return cipher.getAlgorithmName() + "/GCTR";
-    }
-
-    /**
-     * return the block size we are operating at (in bytes).
-     *
-     * @return the block size we are operating at (in bytes).
-     */
-    public int getBlockSize()
-    {
-        return s;
-    }
-
-    /**
-     * Process one block of input from the array in and write it to
-     * the out array.
-     *
-     * @param in     the array containing the input data.
-     * @param inOff  offset into the in array the data starts at.
-     * @param out    the array the output data will be copied into.
-     * @param outOff the offset into the out array the output will start at.
-     * @return the number of bytes processed and produced.
-     * @throws DataLengthException if there isn't enough data in in, or
-     * space in out.
-     * @throws IllegalStateException if the cipher isn't initialised.
-     */
-    public int processBlock(
-        byte[] in,
-        int inOff,
-        byte[] out,
-        int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-
-        processBytes(in, inOff, s, out, outOff);
-
-        return s;
-    }
-
-    protected byte calculateByte(byte in)
-    {
-
-        if (byteCount == 0)
-        {
-            buf = generateBuf();
-        }
-
-        byte rv = (byte)(buf[byteCount] ^ in);
-        byteCount++;
-
-        if (byteCount == s)
-        {
-            byteCount = 0;
-            generateCRT();
-        }
-
-        return rv;
-
-    }
-
-    private void generateCRT()
-    {
-        CTR[CTR.length - 1]++;
-    }
-
-
-    private byte[] generateBuf()
-    {
-
-        byte[] encryptedCTR = new byte[CTR.length];
-        cipher.processBlock(CTR, 0, encryptedCTR, 0);
-
-        return GOST3413CipherUtil.MSB(encryptedCTR, s);
-
-    }
-
-
-    /**
-     * reset the feedback vector back to the IV and reset the underlying
-     * cipher.
-     */
-    public void reset()
-    {
-        if (initialized)
-        {
-            System.arraycopy(IV, 0, CTR, 0, IV.length);
-            for (int i = IV.length; i < blockSize; i++)
-            {
-                CTR[i] = 0;
-            }
-            byteCount = 0;
-            cipher.reset();
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/G3413OFBBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/G3413OFBBlockCipher.java
deleted file mode 100644
index 148f382..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/G3413OFBBlockCipher.java
+++ /dev/null

@@ -1,173 +0,0 @@
-package org.bouncycastle.crypto.modes;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.StreamBlockCipher;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Arrays;
-
-/**
- * An implementation of the OFB mode for GOST 3412 2015 cipher.
- * See  <a href="http://www.tc26.ru/standard/gost/GOST_R_3413-2015.pdf">GOST R 3413 2015</a>
- */
-public class G3413OFBBlockCipher
-    extends StreamBlockCipher
-{
-    //    private int s;
-    private int m;
-    private int blockSize;
-    private byte[] R;
-    private byte[] R_init;
-    private byte[] Y;
-    private BlockCipher cipher;
-    private int byteCount;
-    private boolean initialized = false;
-
-    /**
-     * @param cipher base cipher
-     */
-    public G3413OFBBlockCipher(BlockCipher cipher)
-    {
-        super(cipher);
-        this.blockSize = cipher.getBlockSize();
-        this.cipher = cipher;
-        Y = new byte[blockSize];
-    }
-
-    public void init(boolean forEncryption, CipherParameters params)
-        throws IllegalArgumentException
-    {
-        if (params instanceof ParametersWithIV)
-        {
-            ParametersWithIV ivParam = (ParametersWithIV)params;
-
-            byte[] iv = ivParam.getIV();
-
-            if (iv.length < blockSize)
-            {
-                throw new IllegalArgumentException("Parameter m must blockSize <= m");
-            }
-            this.m = iv.length;
-
-            initArrays();
-
-            R_init = Arrays.clone(iv);
-            System.arraycopy(R_init, 0, R, 0, R_init.length);
-
-
-            // if null it's an IV changed only.
-            if (ivParam.getParameters() != null)
-            {
-                cipher.init(true, ivParam.getParameters());
-            }
-
-
-        }
-        else
-        {
-
-            setupDefaultParams();
-
-            initArrays();
-            System.arraycopy(R_init, 0, R, 0, R_init.length);
-
-            // if it's null, key is to be reused.
-            if (params != null)
-            {
-                cipher.init(true, params);
-            }
-        }
-
-        initialized = true;
-    }
-
-    /**
-     * allocate memory for R and R_init arrays
-     */
-    private void initArrays()
-    {
-        R = new byte[m];
-        R_init = new byte[m];
-    }
-
-    /**
-     * this method sets default values to <b>s</b> and <b>m</b> parameters:<br>
-     * s = <b>blockSize</b>; <br>
-     * m = <b>2 * blockSize</b>
-     */
-    private void setupDefaultParams()
-    {
-        this.m = 2 * blockSize;
-    }
-
-    public String getAlgorithmName()
-    {
-        return cipher.getAlgorithmName() + "/OFB";
-    }
-
-    public int getBlockSize()
-    {
-        return blockSize;
-    }
-
-    public int processBlock(byte[] in, int inOff, byte[] out, int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-
-        processBytes(in, inOff, blockSize, out, outOff);
-        return blockSize;
-    }
-
-
-    protected byte calculateByte(byte in)
-    {
-        if (byteCount == 0)
-        {
-            generateY();
-        }
-
-        byte rv = (byte)(Y[byteCount] ^ in);
-        byteCount++;
-
-        if (byteCount == getBlockSize())
-        {
-            byteCount = 0;
-            generateR();
-        }
-
-        return rv;
-    }
-
-    /**
-     * generate new Y value
-     */
-    private void generateY()
-    {
-        byte[] msb = GOST3413CipherUtil.MSB(R, blockSize);
-        cipher.processBlock(msb, 0, Y, 0);
-    }
-
-
-    /**
-     * generate new R value
-     */
-    private void generateR()
-    {
-        byte[] buf = GOST3413CipherUtil.LSB(R, m - blockSize);
-        System.arraycopy(buf, 0, R, 0, buf.length);
-        System.arraycopy(Y, 0, R, buf.length, m - buf.length);
-    }
-
-
-    public void reset()
-    {
-        if (initialized)
-        {
-            System.arraycopy(R_init, 0, R, 0, R_init.length);
-            Arrays.clear(Y);
-            byteCount = 0;
-            cipher.reset();
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/GCFBBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/GCFBBlockCipher.java
deleted file mode 100644
index 0851d2e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/GCFBBlockCipher.java
+++ /dev/null

@@ -1,120 +0,0 @@
-package org.bouncycastle.crypto.modes;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.StreamBlockCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.params.ParametersWithSBox;
-
-/**
- * An implementation of the GOST CFB mode with CryptoPro key meshing as described in RFC 4357.
- */
-public class GCFBBlockCipher
-    extends StreamBlockCipher
-{
-    private static final byte[] C =
-        {
-            0x69, 0x00, 0x72, 0x22, 0x64, (byte)0xC9, 0x04, 0x23,
-            (byte)0x8D, 0x3A, (byte)0xDB, (byte)0x96, 0x46, (byte)0xE9, 0x2A, (byte)0xC4,
-            0x18, (byte)0xFE, (byte)0xAC, (byte)0x94, 0x00, (byte)0xED, 0x07, 0x12,
-            (byte)0xC0, (byte)0x86, (byte)0xDC, (byte)0xC2, (byte)0xEF, 0x4C, (byte)0xA9, 0x2B
-        };
-
-    private final CFBBlockCipher cfbEngine;
-
-    private KeyParameter key;
-    private long         counter = 0;
-    private boolean      forEncryption;
-
-    public GCFBBlockCipher(BlockCipher engine)
-    {
-        super(engine);
-
-        this.cfbEngine = new CFBBlockCipher(engine, engine.getBlockSize() * 8);
-    }
-
-    public void init(boolean forEncryption, CipherParameters params)
-        throws IllegalArgumentException
-    {
-        counter = 0;
-        cfbEngine.init(forEncryption, params);
-
-        this.forEncryption = forEncryption;
-
-        if (params instanceof ParametersWithIV)
-        {
-            params = ((ParametersWithIV)params).getParameters();
-        }
-
-        if (params instanceof ParametersWithRandom)
-        {
-            params = ((ParametersWithRandom)params).getParameters();
-        }
-
-        if (params instanceof ParametersWithSBox)
-        {
-            params = ((ParametersWithSBox)params).getParameters();
-        }
-
-        key = (KeyParameter)params;
-    }
-
-    public String getAlgorithmName()
-    {
-        String name = cfbEngine.getAlgorithmName();
-        return name.substring(0, name.indexOf('/')) + "/G" + name.substring(name.indexOf('/') + 1);
-    }
-
-    public int getBlockSize()
-    {
-        return cfbEngine.getBlockSize();
-    }
-
-    public int processBlock(byte[] in, int inOff, byte[] out, int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        this.processBytes(in, inOff, cfbEngine.getBlockSize(), out, outOff);
-
-        return cfbEngine.getBlockSize();
-    }
-
-    protected byte calculateByte(byte b)
-    {
-        if (counter > 0 && counter % 1024 == 0)
-        {
-            BlockCipher  base = cfbEngine.getUnderlyingCipher();
-
-            base.init(false, key);
-
-            byte[] nextKey = new byte[32];
-
-            base.processBlock(C, 0, nextKey, 0);
-            base.processBlock(C, 8, nextKey, 8);
-            base.processBlock(C, 16, nextKey, 16);
-            base.processBlock(C, 24, nextKey, 24);
-
-            key = new KeyParameter(nextKey);
-
-            base.init(true, key);
-
-            byte[] iv = cfbEngine.getCurrentIV();
-
-            base.processBlock(iv, 0, iv, 0);
-
-            cfbEngine.init(forEncryption, new ParametersWithIV(key, iv));
-        }
-
-        counter++;
-
-        return cfbEngine.calculateByte(b);
-    }
-
-    public void reset()
-    {
-        counter = 0;
-        cfbEngine.reset();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/GCMBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/GCMBlockCipher.java
index 3a11e9b..75343d8 100644
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/GCMBlockCipher.java
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/modes/GCMBlockCipher.java

@@ -24,6 +24,11 @@
     implements AEADBlockCipher
 {
     private static final int BLOCK_SIZE = 16;
+    // BEGIN Android-added: Max input size limitation from NIST.
+    // 2^36-32 : limitation imposed by NIST GCM as otherwise the counter is wrapped and it can leak
+    // plaintext and authentication key
+    private static final long MAX_INPUT_SIZE = 68719476704L;
+    // END Android-added: Max input size limitation from NIST.
 
     // not final due to a compiler bug
     private BlockCipher   cipher;
@@ -232,6 +237,14 @@
         return totalData < macSize ? 0 : totalData - macSize;
     }
 
+    // BEGIN Android-added: Max input size limitation from NIST.
+    /** Helper used to ensure that {@link #MAX_INPUT_SIZE} is not exceeded. */
+    private long getTotalInputSizeAfterNewInput(int newInputLen)
+    {
+        return totalLength + newInputLen + bufOff;
+    }
+    // END Android-added: Max input size limitation from NIST.
+
     public int getUpdateOutputSize(int len)
     {
         int totalData = len + bufOff;
@@ -249,6 +262,11 @@
     public void processAADByte(byte in)
     {
         checkStatus();
+        // BEGIN Android-added: Max input size limitation from NIST.
+        if (getTotalInputSizeAfterNewInput(1) > MAX_INPUT_SIZE) {
+            throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes");
+        }
+        // END Android-added: Max input size limitation from NIST.
 
         atBlock[atBlockPos] = in;
         if (++atBlockPos == BLOCK_SIZE)
@@ -263,6 +281,11 @@
     public void processAADBytes(byte[] in, int inOff, int len)
     {
         checkStatus();
+        // BEGIN Android-added: Max input size limitation from NIST.
+        if (getTotalInputSizeAfterNewInput(len) > MAX_INPUT_SIZE) {
+            throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes");
+        }
+        // END Android-added: Max input size limitation from NIST.
 
         for (int i = 0; i < len; ++i)
         {
@@ -302,6 +325,11 @@
         throws DataLengthException
     {
         checkStatus();
+        // BEGIN Android-added: Max input size limitation from NIST.
+        if (getTotalInputSizeAfterNewInput(1) > MAX_INPUT_SIZE) {
+            throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes");
+        }
+        // END Android-added: Max input size limitation from NIST.
 
         bufBlock[bufOff] = in;
         if (++bufOff == bufBlock.length)
@@ -325,6 +353,11 @@
         throws DataLengthException
     {
         checkStatus();
+        // BEGIN Android-added: Max input size limitation from NIST.
+        if (getTotalInputSizeAfterNewInput(len) > MAX_INPUT_SIZE) {
+            throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes");
+        }
+        // END Android-added: Max input size limitation from NIST.
 
         if ((in.length - inOff) < len)
         {

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/GOFBBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/GOFBBlockCipher.java
deleted file mode 100644
index 0e0e1dc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/GOFBBlockCipher.java
+++ /dev/null

@@ -1,235 +0,0 @@
-package org.bouncycastle.crypto.modes;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.StreamBlockCipher;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-
-/**
- * implements the GOST 28147 OFB counter mode (GCTR).
- */
-public class GOFBBlockCipher
-    extends StreamBlockCipher
-{
-    private byte[]          IV;
-    private byte[]          ofbV;
-    private byte[]          ofbOutV;
-    private int             byteCount;
-
-    private final int             blockSize;
-    private final BlockCipher     cipher;
-
-    boolean firstStep = true;
-    int N3;
-    int N4;
-    static final int C1 = 16843012; //00000001000000010000000100000100
-    static final int C2 = 16843009; //00000001000000010000000100000001
-
-
-    /**
-     * Basic constructor.
-     *
-     * @param cipher the block cipher to be used as the basis of the
-     * counter mode (must have a 64 bit block size).
-     */
-    public GOFBBlockCipher(
-        BlockCipher cipher)
-    {
-        super(cipher);
-
-        this.cipher = cipher;
-        this.blockSize = cipher.getBlockSize();
-        
-        if (blockSize != 8)
-        {
-            throw new IllegalArgumentException("GCTR only for 64 bit block ciphers");
-        }
-
-        this.IV = new byte[cipher.getBlockSize()];
-        this.ofbV = new byte[cipher.getBlockSize()];
-        this.ofbOutV = new byte[cipher.getBlockSize()];
-    }
-
-    /**
-     * Initialise the cipher and, possibly, the initialisation vector (IV).
-     * If an IV isn't passed as part of the parameter, the IV will be all zeros.
-     * An IV which is too short is handled in FIPS compliant fashion.
-     *
-     * @param encrypting if true the cipher is initialised for
-     *  encryption, if false for decryption.
-     * @param params the key and other data required by the cipher.
-     * @exception IllegalArgumentException if the params argument is
-     * inappropriate.
-     */
-    public void init(
-        boolean             encrypting, //ignored by this CTR mode
-        CipherParameters    params)
-        throws IllegalArgumentException
-    {
-        firstStep = true;
-        N3 = 0;
-        N4 = 0;
-
-        if (params instanceof ParametersWithIV)
-        {
-            ParametersWithIV ivParam = (ParametersWithIV)params;
-            byte[] iv = ivParam.getIV();
-
-            if (iv.length < IV.length)
-            {
-                // prepend the supplied IV with zeros (per FIPS PUB 81)
-                System.arraycopy(iv, 0, IV, IV.length - iv.length, iv.length);
-                for (int i = 0; i < IV.length - iv.length; i++)
-                {
-                    IV[i] = 0;
-                }
-            }
-            else
-            {
-                System.arraycopy(iv, 0, IV, 0, IV.length);
-            }
-
-            reset();
-
-            // if params is null we reuse the current working key.
-            if (ivParam.getParameters() != null)
-            {
-                cipher.init(true, ivParam.getParameters());
-            }
-        }
-        else
-        {
-            reset();
-
-            // if params is null we reuse the current working key.
-            if (params != null)
-            {
-                cipher.init(true, params);
-            }
-        }
-    }
-
-    /**
-     * return the algorithm name and mode.
-     *
-     * @return the name of the underlying algorithm followed by "/GCTR"
-     * and the block size in bits
-     */
-    public String getAlgorithmName()
-    {
-        return cipher.getAlgorithmName() + "/GCTR";
-    }
-
-    /**
-     * return the block size we are operating at (in bytes).
-     *
-     * @return the block size we are operating at (in bytes).
-     */
-    public int getBlockSize()
-    {
-        return blockSize;
-    }
-
-    /**
-     * Process one block of input from the array in and write it to
-     * the out array.
-     *
-     * @param in the array containing the input data.
-     * @param inOff offset into the in array the data starts at.
-     * @param out the array the output data will be copied into.
-     * @param outOff the offset into the out array the output will start at.
-     * @exception DataLengthException if there isn't enough data in in, or
-     * space in out.
-     * @exception IllegalStateException if the cipher isn't initialised.
-     * @return the number of bytes processed and produced.
-     */
-    public int processBlock(
-        byte[]      in,
-        int         inOff,
-        byte[]      out,
-        int         outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        processBytes(in, inOff, blockSize, out, outOff);
-
-        return blockSize;
-    }
-
-    /**
-     * reset the feedback vector back to the IV and reset the underlying
-     * cipher.
-     */
-    public void reset()
-    {
-        firstStep = true;
-        N3 = 0;
-        N4 = 0;
-        System.arraycopy(IV, 0, ofbV, 0, IV.length);
-        byteCount = 0;
-        cipher.reset();
-    }
-
-    //array of bytes to type int
-    private int bytesToint(
-        byte[]  in,
-        int     inOff)
-    {
-        return  ((in[inOff + 3] << 24) & 0xff000000) + ((in[inOff + 2] << 16) & 0xff0000) +
-                ((in[inOff + 1] << 8) & 0xff00) + (in[inOff] & 0xff);
-    }
-
-    //int to array of bytes
-    private void intTobytes(
-            int     num,
-            byte[]  out,
-            int     outOff)
-    {
-            out[outOff + 3] = (byte)(num >>> 24);
-            out[outOff + 2] = (byte)(num >>> 16);
-            out[outOff + 1] = (byte)(num >>> 8);
-            out[outOff] =     (byte)num;
-    }
-
-    protected byte calculateByte(byte b)
-    {
-        if (byteCount == 0)
-        {
-            if (firstStep)
-            {
-                firstStep = false;
-                cipher.processBlock(ofbV, 0, ofbOutV, 0);
-                N3 = bytesToint(ofbOutV, 0);
-                N4 = bytesToint(ofbOutV, 4);
-            }
-            N3 += C2;
-            N4 += C1;
-            if (N4 < C1)  // addition is mod (2**32 - 1)
-            {
-                if (N4 > 0)
-                {
-                    N4++;
-                }
-            }
-            intTobytes(N3, ofbV, 0);
-            intTobytes(N4, ofbV, 4);
-
-            cipher.processBlock(ofbV, 0, ofbOutV, 0);
-        }
-
-        byte rv = (byte)(ofbOutV[byteCount++] ^ b);
-
-        if (byteCount == blockSize)
-        {
-            byteCount = 0;
-
-            //
-            // change over the input block.
-            //
-            System.arraycopy(ofbV, blockSize, ofbV, 0, ofbV.length - blockSize);
-            System.arraycopy(ofbOutV, 0, ofbV, ofbV.length - blockSize, blockSize);
-        }
-
-        return rv;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/GOST3413CipherUtil.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/GOST3413CipherUtil.java
deleted file mode 100644
index cfcb7d0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/GOST3413CipherUtil.java
+++ /dev/null

@@ -1,77 +0,0 @@
-package org.bouncycastle.crypto.modes;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * Some methods for GOST 3412 cipher algorithm
- */
-class GOST3413CipherUtil
-{
-    /**
-     * copy first <b>size</b> elements from <b>from</b>
-     *
-     * @param from source array
-     * @param size size of new array
-     * @return
-     */
-    public static byte[] MSB(byte[] from, int size)
-    {
-        return Arrays.copyOf(from, size);
-    }
-
-
-    /**
-     * copy last <b>size</b> elements from <b>from</b>
-     *
-     * @param from source array
-     * @param size size of new array
-     * @return
-     */
-    public static byte[] LSB(byte[] from, int size)
-    {
-        byte[] result = new byte[size];
-        System.arraycopy(from, from.length - size, result, 0, size);
-        return result;
-    }
-
-
-    /**
-     * componentwise addition modulo 2 (XOR)
-     *
-     * @param in    clear text
-     * @param gamma gamma parameter
-     * @return
-     */
-    public static byte[] sum(byte[] in, byte[] gamma)
-    {
-
-        byte[] out = new byte[in.length];
-        for (int i = 0; i < in.length; i++)
-        {
-            out[i] = (byte)(in[i] ^ gamma[i]);
-        }
-        return out;
-    }
-
-
-    /**
-     * copy from <b>input</b> array <b>size</b> bytes with <b>offset</b>
-     *
-     * @param input  input byte array
-     * @param size   count bytes to copy
-     * @param offset <b>inputs</b> offset
-     * @return
-     */
-    public static byte[] copyFromInput(byte[] input, int size, int offset)
-    {
-
-        if (input.length < (size + offset))
-        {
-            size = input.length - offset;
-        }
-
-        byte[] newIn = new byte[size];
-        System.arraycopy(input, offset, newIn, 0, size);
-        return newIn;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/KCCMBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/KCCMBlockCipher.java
deleted file mode 100644
index 430f30b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/KCCMBlockCipher.java
+++ /dev/null

@@ -1,514 +0,0 @@
-package org.bouncycastle.crypto.modes;
-
-import java.io.ByteArrayOutputStream;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.AEADParameters;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Implementation of DSTU7624 CCM mode
- */
-public class KCCMBlockCipher
-    implements AEADBlockCipher
-{
-
-    private static final int BYTES_IN_INT = 4;
-    private static final int BITS_IN_BYTE = 8;
-
-    private static final int MAX_MAC_BIT_LENGTH = 512;
-    private static final int MIN_MAC_BIT_LENGTH = 64;
-
-    private BlockCipher engine;
-
-    private int macSize;
-    private boolean forEncryption;
-
-    private byte[] initialAssociatedText;
-    private byte[] mac;
-    private byte[] macBlock;
-
-    private byte[] nonce;
-
-    private byte[] G1;
-    private byte[] buffer;
-
-    private byte[] s;
-    private byte[] counter;
-
-
-    private ExposedByteArrayOutputStream associatedText = new ExposedByteArrayOutputStream();
-    private ExposedByteArrayOutputStream data = new ExposedByteArrayOutputStream();
-
-
-    private int Nb_ = 4;
-
-    private void setNb(int Nb)
-    {
-        if (Nb == 4 || Nb == 6 || Nb == 8)
-        {
-            Nb_ = Nb;
-        }
-        else
-        {
-            throw new IllegalArgumentException("Nb = 4 is recommended by DSTU7624 but can be changed to only 6 or 8 in this implementation");
-        }
-    }
-
-    /**
-     * Base constructor. Nb value is set to 4.
-     *
-     * @param engine base cipher to use under CCM.
-     */
-    public KCCMBlockCipher(BlockCipher engine)
-    {
-        this(engine, 4);
-    }
-
-    /**
-     * Constructor allowing Nb configuration.
-     * <p>
-     * Nb is a parameter specified in CCM mode of DSTU7624 standard.
-     * This parameter specifies maximum possible length of input. It should
-     * be calculated as follows: Nb = 1/8 * (-3 + log[2]Nmax) + 1,
-     * where Nmax - length of input message in bits. For practical reasons
-     * Nmax usually less than 4Gb, e.g. for Nmax = 2^32 - 1, Nb = 4.
-     * </p>
-     * @param engine base cipher to use under CCM.
-     * @param nB Nb value to use.
-     */
-    public KCCMBlockCipher(BlockCipher engine, int nB)
-    {
-        this.engine = engine;
-        this.macSize = engine.getBlockSize();
-        this.nonce = new byte[engine.getBlockSize()];
-        this.initialAssociatedText = new byte[engine.getBlockSize()];
-        this.mac = new byte[engine.getBlockSize()];
-        this.macBlock = new byte[engine.getBlockSize()];
-        this.G1 = new byte[engine.getBlockSize()];
-        this.buffer = new byte[engine.getBlockSize()];
-        this.s = new byte[engine.getBlockSize()];
-        this.counter = new byte[engine.getBlockSize()];
-        setNb(nB);
-    }
-
-    public void init(boolean forEncryption, CipherParameters params)
-        throws IllegalArgumentException
-    {
-
-        CipherParameters cipherParameters;
-        if (params instanceof AEADParameters)
-        {
-
-            AEADParameters parameters = (AEADParameters)params;
-
-            if (parameters.getMacSize() > MAX_MAC_BIT_LENGTH || parameters.getMacSize() < MIN_MAC_BIT_LENGTH || parameters.getMacSize() % 8 != 0)
-            {
-                throw new IllegalArgumentException("Invalid mac size specified");
-            }
-
-            nonce = parameters.getNonce();
-            macSize = parameters.getMacSize() / BITS_IN_BYTE;
-            initialAssociatedText = parameters.getAssociatedText();
-            cipherParameters = parameters.getKey();
-        }
-        else if (params instanceof ParametersWithIV)
-        {
-            nonce = ((ParametersWithIV)params).getIV();
-            macSize = engine.getBlockSize(); // use default blockSize for MAC if it is not specified
-            initialAssociatedText = null;
-            cipherParameters = ((ParametersWithIV)params).getParameters();
-        }
-        else
-        {
-            throw new IllegalArgumentException("Invalid parameters specified");
-        }
-
-        this.mac = new byte[macSize];
-        this.forEncryption = forEncryption;
-        engine.init(true, cipherParameters);
-
-        counter[0] = 0x01; // defined in standard
-
-        if (initialAssociatedText != null)
-        {
-            processAADBytes(initialAssociatedText, 0, initialAssociatedText.length);
-        }
-    }
-
-    public String getAlgorithmName()
-    {
-        return engine.getAlgorithmName() + "/KCCM";
-    }
-
-    public BlockCipher getUnderlyingCipher()
-    {
-        return engine;
-    }
-
-    public void processAADByte(byte in)
-    {
-        associatedText.write(in);
-    }
-
-    public void processAADBytes(byte[] in, int inOff, int len)
-    {
-        associatedText.write(in, inOff, len);
-    }
-
-    private void processAAD(byte[] assocText, int assocOff, int assocLen, int dataLen)
-    {
-        if (assocLen - assocOff < engine.getBlockSize())
-        {
-            throw new IllegalArgumentException("authText buffer too short");
-        }
-        if (assocLen % engine.getBlockSize() != 0)
-        {
-            throw new IllegalArgumentException("padding not supported");
-        }
-
-        System.arraycopy(nonce, 0, G1, 0, nonce.length - Nb_ - 1);
-
-        intToBytes(dataLen, buffer, 0); // for G1
-
-        System.arraycopy(buffer, 0, G1, nonce.length - Nb_ - 1, BYTES_IN_INT);
-
-        G1[G1.length - 1] = getFlag(true, macSize);
-
-        engine.processBlock(G1, 0, macBlock, 0);
-
-        intToBytes(assocLen, buffer, 0); // for G2
-
-        if (assocLen <= engine.getBlockSize() - Nb_)
-        {
-            for (int byteIndex = 0; byteIndex < assocLen; byteIndex++)
-            {
-                buffer[byteIndex + Nb_] ^= assocText[assocOff + byteIndex];
-            }
-
-            for (int byteIndex = 0; byteIndex < engine.getBlockSize(); byteIndex++)
-            {
-                macBlock[byteIndex] ^= buffer[byteIndex];
-            }
-
-            engine.processBlock(macBlock, 0, macBlock, 0);
-
-            return;
-        }
-
-        for (int byteIndex = 0; byteIndex < engine.getBlockSize(); byteIndex++)
-        {
-            macBlock[byteIndex] ^= buffer[byteIndex];
-        }
-
-        engine.processBlock(macBlock, 0, macBlock, 0);
-
-        int authLen = assocLen;
-        while (authLen != 0)
-        {
-            for (int byteIndex = 0; byteIndex < engine.getBlockSize(); byteIndex++)
-            {
-                macBlock[byteIndex] ^= assocText[byteIndex + assocOff];
-            }
-
-            engine.processBlock(macBlock, 0, macBlock, 0);
-
-            assocOff += engine.getBlockSize();
-            authLen -= engine.getBlockSize();
-        }
-    }
-
-    public int processByte(byte in, byte[] out, int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        data.write(in);
-
-        return 0;
-    }
-
-    public int processBytes(byte[] in, int inOff, int inLen, byte[] out, int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        if (in.length < (inOff + inLen))
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-        data.write(in, inOff, inLen);
-
-        return 0;
-    }
-
-    public int processPacket(byte[] in, int inOff, int len, byte[] out, int outOff)
-        throws IllegalStateException, InvalidCipherTextException
-    {
-        if (in.length - inOff < len)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-        if (out.length - outOff < len)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-
-        if (associatedText.size() > 0)
-        {
-            if (forEncryption)
-            {
-                processAAD(associatedText.getBuffer(), 0, associatedText.size(), data.size());
-            }
-            else
-            {
-                processAAD(associatedText.getBuffer(), 0, associatedText.size(), data.size() - macSize);
-            }
-        }
-
-        if (forEncryption)
-        {
-            if ((len % engine.getBlockSize()) != 0)
-            {
-                throw new DataLengthException("partial blocks not supported");
-            }
-
-            CalculateMac(in, inOff, len);
-            engine.processBlock(nonce, 0, s, 0);
-
-            int totalLength = len;
-            while (totalLength > 0)
-            {
-                ProcessBlock(in, inOff, len, out, outOff);
-                totalLength -= engine.getBlockSize();
-                inOff += engine.getBlockSize();
-                outOff += engine.getBlockSize();
-            }
-
-            for (int byteIndex = 0; byteIndex < counter.length; byteIndex++)
-            {
-                s[byteIndex] += counter[byteIndex];
-            }
-
-            engine.processBlock(s, 0, buffer, 0);
-
-            for (int byteIndex = 0; byteIndex < macSize; byteIndex++)
-            {
-                out[outOff + byteIndex] = (byte)(buffer[byteIndex] ^ macBlock[byteIndex]);
-            }
-
-            System.arraycopy(macBlock, 0, mac, 0, macSize);
-            
-            reset();
-
-            return len + macSize;
-        }
-        else
-        {
-            if ((len - macSize) % engine.getBlockSize() != 0)
-            {
-                throw new DataLengthException("partial blocks not supported");
-            }
-
-            engine.processBlock(nonce, 0, s, 0);
-
-            int blocks = len / engine.getBlockSize();
-
-            for (int blockNum = 0; blockNum < blocks; blockNum++)
-            {
-                ProcessBlock(in, inOff, len, out, outOff);
-
-                inOff += engine.getBlockSize();
-                outOff += engine.getBlockSize();
-            }
-
-            if (len > inOff)
-            {
-                for (int byteIndex = 0; byteIndex < counter.length; byteIndex++)
-                {
-                    s[byteIndex] += counter[byteIndex];
-                }
-
-                engine.processBlock(s, 0, buffer, 0);
-
-                for (int byteIndex = 0; byteIndex < macSize; byteIndex++)
-                {
-                    out[outOff + byteIndex] = (byte)(buffer[byteIndex] ^ in[inOff + byteIndex]);
-                }
-                outOff += macSize;
-            }
-
-            for (int byteIndex = 0; byteIndex < counter.length; byteIndex++)
-            {
-                s[byteIndex] += counter[byteIndex];
-            }
-
-            engine.processBlock(s, 0, buffer, 0);
-
-            System.arraycopy(out, outOff - macSize, buffer, 0, macSize);
-
-            CalculateMac(out, 0, outOff - macSize);
-
-            System.arraycopy(macBlock, 0, mac, 0, macSize);
-
-            byte[] calculatedMac = new byte[macSize];
-
-            System.arraycopy(buffer, 0, calculatedMac, 0, macSize);
-
-            if (!Arrays.constantTimeAreEqual(mac, calculatedMac))
-            {
-                throw new InvalidCipherTextException("mac check failed");
-            }
-
-            reset();
-
-            return len - macSize;
-        }
-    }
-
-    private void ProcessBlock(byte[] input, int inOff, int len, byte[] output, int outOff)
-    {
-
-        for (int byteIndex = 0; byteIndex < counter.length; byteIndex++)
-        {
-            s[byteIndex] += counter[byteIndex];
-        }
-
-        engine.processBlock(s, 0, buffer, 0);
-
-        for (int byteIndex = 0; byteIndex < engine.getBlockSize(); byteIndex++)
-        {
-            output[outOff + byteIndex] = (byte)(buffer[byteIndex] ^ input[inOff + byteIndex]);
-        }
-    }
-
-    private void CalculateMac(byte[] authText, int authOff, int len)
-    {
-        int totalLen = len;
-        while (totalLen > 0)
-        {
-            for (int byteIndex = 0; byteIndex < engine.getBlockSize(); byteIndex++)
-            {
-                macBlock[byteIndex] ^= authText[authOff + byteIndex];
-            }
-
-            engine.processBlock(macBlock, 0, macBlock, 0);
-
-            totalLen -= engine.getBlockSize();
-            authOff += engine.getBlockSize();
-        }
-    }
-
-    public int doFinal(byte[] out, int outOff)
-        throws IllegalStateException, InvalidCipherTextException
-    {
-        int len = processPacket(data.getBuffer(), 0, data.size(), out, outOff);
-
-        reset();
-
-        return len;
-    }
-
-    public byte[] getMac()
-    {
-        return Arrays.clone(mac);
-    }
-
-    public int getUpdateOutputSize(int len)
-    {
-        return len;
-    }
-
-    public int getOutputSize(int len)
-    {
-        return len + macSize;
-    }
-
-    public void reset()
-    {
-        Arrays.fill(G1, (byte)0);
-        Arrays.fill(buffer, (byte)0);
-        Arrays.fill(counter, (byte)0);
-        Arrays.fill(macBlock, (byte)0);
-        counter[0] = 0x01;
-        data.reset();
-        associatedText.reset();
-
-        if (initialAssociatedText != null)
-        {
-            processAADBytes(initialAssociatedText, 0, initialAssociatedText.length);
-        }
-    }
-
-
-    private void intToBytes(
-        int num,
-        byte[] outBytes,
-        int outOff)
-    {
-        outBytes[outOff + 3] = (byte)(num >> 24);
-        outBytes[outOff + 2] = (byte)(num >> 16);
-        outBytes[outOff + 1] = (byte)(num >> 8);
-        outBytes[outOff] = (byte)num;
-    }
-
-    private byte getFlag(boolean authTextPresents, int macSize)
-    {
-        StringBuffer flagByte = new StringBuffer();
-
-        if (authTextPresents)
-        {
-            flagByte.append("1");
-        }
-        else
-        {
-            flagByte.append("0");
-        }
-
-
-        switch (macSize)
-        {
-        case 8:
-            flagByte.append("010"); // binary 2
-            break;
-        case 16:
-            flagByte.append("011"); // binary 3
-            break;
-        case 32:
-            flagByte.append("100"); // binary 4
-            break;
-        case 48:
-            flagByte.append("101"); // binary 5
-            break;
-        case 64:
-            flagByte.append("110"); // binary 6
-            break;
-        }
-
-        String binaryNb = Integer.toBinaryString(Nb_ - 1);
-        while (binaryNb.length() < 4)
-        {
-            binaryNb = new StringBuffer(binaryNb).insert(0, "0").toString();
-        }
-
-        flagByte.append(binaryNb);
-
-        return (byte)Integer.parseInt(flagByte.toString(), 2);
-
-    }
-
-    private class ExposedByteArrayOutputStream
-        extends ByteArrayOutputStream
-    {
-        public ExposedByteArrayOutputStream()
-        {
-        }
-
-        public byte[] getBuffer()
-        {
-            return this.buf;
-        }
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/KCTRBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/KCTRBlockCipher.java
deleted file mode 100644
index 2fbea7a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/KCTRBlockCipher.java
+++ /dev/null

@@ -1,151 +0,0 @@
-package org.bouncycastle.crypto.modes;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.StreamBlockCipher;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Implementation of DSTU7624 CTR mode
- */
-public class KCTRBlockCipher
-    extends StreamBlockCipher
-{
-    private byte[] iv;
-    private byte[] ofbV;
-    private byte[] ofbOutV;
-
-    private int             byteCount;
-
-    private boolean initialised;
-    private BlockCipher engine;
-
-    public KCTRBlockCipher(BlockCipher engine)
-    {
-        super(engine);
-
-        this.engine = engine;
-        this.iv = new byte[engine.getBlockSize()];
-        this.ofbV = new byte[engine.getBlockSize()];
-        this.ofbOutV = new byte[engine.getBlockSize()];
-    }
-
-    public void init(boolean forEncryption, CipherParameters params)
-        throws IllegalArgumentException
-    {
-        this.initialised = true;
-
-        if (params instanceof ParametersWithIV)
-        {
-            ParametersWithIV ivParam = (ParametersWithIV)params;
-            byte[] iv = ivParam.getIV();
-            int diff = this.iv.length - iv.length;
-
-            Arrays.fill(this.iv, (byte)0);
-            System.arraycopy(iv, 0, this.iv, diff, iv.length);
-            params = ivParam.getParameters();
-        }
-        else
-        {
-            throw new IllegalArgumentException("invalid parameter passed");
-        }
- 
-        if (params != null)
-        {
-            engine.init(true, params);
-        }
-
-        reset();
-    }
-
-    public String getAlgorithmName()
-    {
-        return engine.getAlgorithmName() + "/KCTR";
-    }
-
-    public int getBlockSize()
-    {
-        return engine.getBlockSize();
-    }
-
-    protected byte calculateByte(byte b)
-    {
-        if (byteCount == 0)
-        {
-            incrementCounterAt(0);
-
-            checkCounter();
-
-            engine.processBlock(ofbV, 0, ofbOutV, 0);
-
-            return (byte)(ofbOutV[byteCount++] ^ b);
-        }
-
-        byte rv = (byte)(ofbOutV[byteCount++] ^ b);
-
-        if (byteCount == ofbV.length)
-        {
-            byteCount = 0;
-        }
-
-        return rv;
-    }
-
-    public int processBlock(byte[] in, int inOff, byte[] out, int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        if (in.length - inOff < getBlockSize())
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-        if (out.length - outOff < getBlockSize())
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-        
-        processBytes(in, inOff, getBlockSize(), out, outOff);
-
-        return getBlockSize();
-    }
-
-    public void reset()
-    {
-        if (initialised)
-        {
-            engine.processBlock(this.iv, 0, ofbV, 0);
-        }
-        engine.reset();
-        byteCount = 0;
-    }
-
-    private void incrementCounterAt(int pos)
-    {
-        int i = pos;
-        while (i < ofbV.length)
-        {
-            if (++ofbV[i++] != 0)
-            {
-                break;
-            }
-        }
-    }
-
-    private void checkCounter()
-    {
-        // TODO:
-        // if the IV is the same as the blocksize we assume the user knows what they are doing
-//        if (IV.length < ofbV.length)
-//        {
-//            for (int i = 0; i != IV.length; i++)
-//            {
-//                if (ofbV[i] != IV[i])
-//                {
-//                    throw new IllegalStateException("Counter in KCTR mode out of range.");
-//                }
-//            }
-//        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/KGCMBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/KGCMBlockCipher.java
deleted file mode 100644
index f39aba5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/KGCMBlockCipher.java
+++ /dev/null

@@ -1,372 +0,0 @@
-package org.bouncycastle.crypto.modes;
-
-import java.io.ByteArrayOutputStream;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.modes.kgcm.KGCMMultiplier;
-import org.bouncycastle.crypto.modes.kgcm.Tables16kKGCMMultiplier_512;
-import org.bouncycastle.crypto.modes.kgcm.Tables4kKGCMMultiplier_128;
-import org.bouncycastle.crypto.modes.kgcm.Tables8kKGCMMultiplier_256;
-import org.bouncycastle.crypto.params.AEADParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Pack;
-
-/**
- * Implementation of DSTU7624 GCM mode
- */
-public class KGCMBlockCipher
-    implements AEADBlockCipher
-{
-    private static final int MIN_MAC_BITS = 64;
-
-    private static KGCMMultiplier createDefaultMultiplier(int blockSize)
-    {
-        switch (blockSize)
-        {
-        case 16:    return new Tables4kKGCMMultiplier_128();
-        case 32:    return new Tables8kKGCMMultiplier_256();
-        case 64:    return new Tables16kKGCMMultiplier_512();
-        default:    throw new IllegalArgumentException("Only 128, 256, and 512 -bit block sizes supported");
-        }
-    }
-
-    private BlockCipher engine;
-    private BufferedBlockCipher ctrEngine;
-
-    private int macSize;
-    private boolean forEncryption;
-
-    private byte[] initialAssociatedText;
-    private byte[] macBlock;
-    private byte[] iv;
-
-    private KGCMMultiplier multiplier;
-    private long[] b;
-
-    private final int blockSize;
-
-    private ExposedByteArrayOutputStream associatedText = new ExposedByteArrayOutputStream();
-    private ExposedByteArrayOutputStream data = new ExposedByteArrayOutputStream();
-
-    public KGCMBlockCipher(BlockCipher dstu7624Engine)
-    {
-        this.engine = dstu7624Engine;
-        this.ctrEngine = new BufferedBlockCipher(new KCTRBlockCipher(this.engine));
-        this.macSize = -1;
-        this.blockSize = engine.getBlockSize();
-
-        this.initialAssociatedText = new byte[blockSize];
-        this.iv = new byte[blockSize];
-        this.multiplier = createDefaultMultiplier(blockSize);
-        this.b = new long[blockSize >>> 3];
-
-        this.macBlock = null;
-    }
-
-    public void init(boolean forEncryption, CipherParameters params)
-        throws IllegalArgumentException
-    {
-        this.forEncryption = forEncryption;
-
-        KeyParameter engineParam;
-        if (params instanceof AEADParameters)
-        {
-            AEADParameters param = (AEADParameters)params;
-
-            byte[] iv = param.getNonce();
-            int diff = this.iv.length - iv.length;
-            Arrays.fill(this.iv, (byte)0);
-            System.arraycopy(iv, 0, this.iv, diff, iv.length);
-
-            initialAssociatedText = param.getAssociatedText();
-
-            int macSizeBits = param.getMacSize();
-            if (macSizeBits < MIN_MAC_BITS || macSizeBits > (blockSize << 3) || (macSizeBits & 7) != 0)
-            {
-                throw new IllegalArgumentException("Invalid value for MAC size: " + macSizeBits);
-            }
-
-            macSize = macSizeBits >>> 3;
-            engineParam = param.getKey();
-
-            if (initialAssociatedText != null)
-            {
-                processAADBytes(initialAssociatedText, 0, initialAssociatedText.length);
-            }
-        }
-        else if (params instanceof ParametersWithIV)
-        {
-            ParametersWithIV param = (ParametersWithIV)params;
-
-            byte[] iv = param.getIV();
-            int diff = this.iv.length - iv.length;
-            Arrays.fill(this.iv, (byte)0);
-            System.arraycopy(iv, 0, this.iv, diff, iv.length);
-
-            initialAssociatedText = null;
-
-            macSize = blockSize; // Set default mac size
-
-            engineParam = (KeyParameter)param.getParameters();
-        }
-        else
-        {
-            throw new IllegalArgumentException("Invalid parameter passed");
-        }
-
-        // TODO Nonce re-use check (sample code from GCMBlockCipher)
-//        if (forEncryption)
-//        {
-//            if (nonce != null && Arrays.areEqual(nonce, newNonce))
-//            {
-//                if (keyParam == null)
-//                {
-//                    throw new IllegalArgumentException("cannot reuse nonce for GCM encryption");
-//                }
-//                if (lastKey != null && Arrays.areEqual(lastKey, keyParam.getKey()))
-//                {
-//                    throw new IllegalArgumentException("cannot reuse nonce for GCM encryption");
-//                }
-//            }
-//        }
-
-        this.macBlock = new byte[blockSize];
-        ctrEngine.init(true, new ParametersWithIV(engineParam, this.iv));
-        engine.init(true, engineParam);
-    }
-
-    public String getAlgorithmName()
-    {
-        return engine.getAlgorithmName() + "/KGCM";
-    }
-
-    public BlockCipher getUnderlyingCipher()
-    {
-        return engine;
-    }
-
-    public void processAADByte(byte in)
-    {
-        associatedText.write(in);
-    }
-
-    public void processAADBytes(byte[] in, int inOff, int len)
-    {
-        associatedText.write(in, inOff, len);
-    }
-
-    private void processAAD(byte[] authText, int authOff, int len)
-    {
-        int pos = authOff, end = authOff + len;
-        while (pos < end)
-        {
-            xorWithInput(b, authText, pos);
-            multiplier.multiplyH(b);
-            pos += blockSize;
-        }
-    }
-
-    public int processByte(byte in, byte[] out, int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        data.write(in);
-
-        return 0;
-    }
-
-    public int processBytes(byte[] in, int inOff, int inLen, byte[] out, int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        if (in.length < (inOff + inLen))
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-
-        data.write(in, inOff, inLen);
-
-        return 0;
-    }
-
-    public int doFinal(byte[] out, int outOff)
-        throws IllegalStateException, InvalidCipherTextException
-    {
-        int len = data.size();
-        if (!forEncryption && len < macSize)
-        {
-            throw new InvalidCipherTextException("data too short");
-        }
-
-        // TODO Total blocks restriction in GCM mode (extend limit naturally for larger block sizes?)
-
-        // Set up the multiplier
-        {
-            byte[] temp = new byte[blockSize];
-            engine.processBlock(temp, 0, temp, 0);
-            long[] H = new long[blockSize >>> 3];
-            Pack.littleEndianToLong(temp, 0, H);
-            multiplier.init(H);
-            Arrays.fill(temp, (byte)0);
-            Arrays.fill(H, 0L);
-        }
-
-        int lenAAD = associatedText.size();
-        if (lenAAD > 0)
-        {
-            processAAD(associatedText.getBuffer(), 0, lenAAD);
-        }
-        
-        //use alternative cipher to produce output
-        int resultLen;
-        if (forEncryption)
-        {
-            if (out.length - outOff - macSize < len)
-            {
-                throw new OutputLengthException("Output buffer too short");
-            }
-
-            resultLen = ctrEngine.processBytes(data.getBuffer(), 0, len, out, outOff);
-            resultLen += ctrEngine.doFinal(out, outOff + resultLen);
-
-            calculateMac(out, outOff, len, lenAAD);
-        }
-        else
-        {
-            int ctLen = len - macSize; 
-            if (out.length - outOff < ctLen)
-            {
-                throw new OutputLengthException("Output buffer too short");
-            }
-
-            calculateMac(data.getBuffer(), 0, ctLen, lenAAD);
-
-            resultLen = ctrEngine.processBytes(data.getBuffer(), 0, ctLen, out, outOff);
-            resultLen += ctrEngine.doFinal(out, outOff + resultLen);
-        }
-
-        if (macBlock == null)
-        {
-            throw new IllegalStateException("mac is not calculated");
-        }
-
-        if (forEncryption)
-        {
-            System.arraycopy(macBlock, 0, out, outOff + resultLen, macSize);
-
-            reset();
-
-            return resultLen + macSize;
-        }
-        else
-        {
-            byte[] mac = new byte[macSize];
-            System.arraycopy(data.getBuffer(), len - macSize, mac, 0, macSize);
-
-            byte[] calculatedMac = new byte[macSize];
-            System.arraycopy(macBlock, 0, calculatedMac, 0, macSize);
-
-            if (!Arrays.constantTimeAreEqual(mac, calculatedMac))
-            {
-                throw new InvalidCipherTextException("mac verification failed");
-            }
-
-            reset();
-
-            return resultLen;
-        }
-    }
-
-    public byte[] getMac()
-    {
-        byte[] mac = new byte[macSize];
-
-        System.arraycopy(macBlock, 0, mac, 0, macSize);
-
-        return mac;
-    }
-
-    public int getUpdateOutputSize(int len)
-    {
-        return 0;
-    }
-
-    public int getOutputSize(int len)
-    {
-        int totalData = len + data.size();
-
-        if (forEncryption)
-        {
-            return totalData + macSize;
-        }
-
-        return totalData < macSize ? 0 : totalData - macSize;
-    }
-
-    public void reset()
-    {
-        Arrays.fill(b, 0L);
-
-        engine.reset();
-
-        data.reset();
-        associatedText.reset();
-
-        if (initialAssociatedText != null)
-        {
-            processAADBytes(initialAssociatedText, 0, initialAssociatedText.length);
-        }
-    }
-
-    private void calculateMac(byte[] input, int inOff, int len, int lenAAD)
-    {
-        int pos = inOff, end = inOff + len;
-        while (pos < end)
-        {
-            xorWithInput(b, input, pos);
-            multiplier.multiplyH(b);
-            pos += blockSize;
-        }
-
-        long lambda_o = (lenAAD & 0xFFFFFFFFL) << 3;
-        long lambda_c = (len & 0xFFFFFFFFL) << 3;
-
-//        byte[] temp = new byte[blockSize];
-//        Pack.longToLittleEndian(lambda_o, temp, 0);
-//        Pack.longToLittleEndian(lambda_c, temp, blockSize / 2);
-//
-//        xorWithInput(b, temp, 0);
-        b[0] ^= lambda_o;
-        b[blockSize >>> 4] ^= lambda_c;
-
-        macBlock = Pack.longToLittleEndian(b);
-        engine.processBlock(macBlock, 0, macBlock, 0);
-    }
-
-    private static void xorWithInput(long[] z, byte[] buf, int off)
-    {
-        for (int i = 0; i < z.length; ++i)
-        {
-            z[i] ^= Pack.littleEndianToLong(buf, off);
-            off += 8;
-        }
-    }
-
-    private class ExposedByteArrayOutputStream
-        extends ByteArrayOutputStream
-    {
-        public ExposedByteArrayOutputStream()
-        {
-        }
-
-        public byte[] getBuffer()
-        {
-            return this.buf;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/KXTSBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/KXTSBlockCipher.java
deleted file mode 100644
index 81c9424..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/KXTSBlockCipher.java
+++ /dev/null

@@ -1,200 +0,0 @@
-package org.bouncycastle.crypto.modes;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Pack;
-
-/**
- * Implementation of DSTU7624 XTS mode
- */
-public class KXTSBlockCipher
-    extends BufferedBlockCipher
-{
-    /*
-     * Constants for GF(2^m) operations
-     *
-     * GF(2 ^ 128) -> x^128 + x^7 + x^2 + x + 1
-     * GF(2 ^ 256) -> x^256 + x^10 + x^5 + x^2 + 1
-     * GF(2 ^ 512) -> x^512 + x^8 + x^5 + x^2 + 1
-     */
-    private static final long RED_POLY_128 = 0x0087L;
-    private static final long RED_POLY_256 = 0x0425L;
-    private static final long RED_POLY_512 = 0x0125L;
-
-    protected static long getReductionPolynomial(int blockSize)
-    {
-        switch (blockSize)
-        {
-        case 16:
-            return RED_POLY_128;
-        case 32:
-            return RED_POLY_256;
-        case 64:
-            return RED_POLY_512;
-        default:
-            throw new IllegalArgumentException("Only 128, 256, and 512 -bit block sizes supported"); 
-        }
-    }
-
-    private final int blockSize;
-    private final long reductionPolynomial;
-    private final long[] tw_init, tw_current;
-    private int counter;
-
-    public KXTSBlockCipher(BlockCipher cipher)
-    {
-//        super(cipher);
-        this.cipher = cipher;
-
-        this.blockSize = cipher.getBlockSize();
-        this.reductionPolynomial = getReductionPolynomial(blockSize);
-        this.tw_init = new long[blockSize >>> 3];
-        this.tw_current = new long[blockSize >>> 3];
-        this.counter = -1;
-    }
-
-    public int getOutputSize(int length)
-    {
-        return length;
-    }
-
-    public int getUpdateOutputSize(int len)
-    {
-        return len;
-    }
-
-    public void init(boolean forEncryption, CipherParameters parameters)
-    {
-        if (!(parameters instanceof ParametersWithIV))
-        {
-            throw new IllegalArgumentException("Invalid parameters passed");
-        }
-
-        ParametersWithIV ivParam = (ParametersWithIV)parameters;
-        parameters = ivParam.getParameters();
-
-        byte[] iv = ivParam.getIV();
-
-        /*
-         * TODO We need to check what the rule is supposed to be for IVs that aren't exactly one block.
-         * 
-         * Given general little-endianness, presumably a short IV should be right-padded with zeroes.
-         */
-        if (iv.length != blockSize)
-        {
-            throw new IllegalArgumentException("Currently only support IVs of exactly one block");
-        }
-
-        byte[] tweak = new byte[blockSize];
-        System.arraycopy(iv, 0, tweak, 0, blockSize);
-
-        cipher.init(true, parameters);
-        cipher.processBlock(tweak, 0, tweak, 0);
-
-        cipher.init(forEncryption, parameters);
-        Pack.littleEndianToLong(tweak, 0, tw_init);
-        System.arraycopy(tw_init, 0, tw_current, 0, tw_init.length);
-        counter = 0;
-    }
-
-    public int processByte(byte in, byte[] out, int outOff)
-    {
-        /*
-         * TODO This class isn't really behaving like a BufferedBlockCipher yet
-         */
-        throw new IllegalStateException("unsupported operation");
-    }
-
-    public int processBytes(byte[] input, int inOff, int len, byte[] output, int outOff)
-    {
-        if (input.length - inOff < len)
-        {
-            throw new DataLengthException("Input buffer too short");
-        }
-        if (output.length - inOff < len)
-        {
-            throw new OutputLengthException("Output buffer too short");
-        }
-        if (len % blockSize != 0)
-        {
-            throw new IllegalArgumentException("Partial blocks not supported");
-        }
-
-        for (int pos = 0; pos < len; pos += blockSize)
-        {
-            processBlock(input, inOff + pos, output, outOff + pos);
-        }
-
-        return len;
-    }
-
-    private void processBlock(byte[] input, int inOff, byte[] output, int outOff)
-    {
-        /*
-         * A somewhat arbitrary limit of 2^32 - 1 blocks
-         */
-        if (counter == -1)
-        {
-            throw new IllegalStateException("Attempt to process too many blocks");
-        }
-
-        ++counter;
-
-        /*
-         * Multiply tweak by 'alpha', which is just 2
-         */
-        GF_double(reductionPolynomial, tw_current);
-
-        byte[] tweak = new byte[blockSize];
-        Pack.longToLittleEndian(tw_current, tweak, 0);
-
-        byte[] buffer = new byte[blockSize];
-        System.arraycopy(tweak, 0, buffer, 0, blockSize);
-
-        for (int i = 0; i < blockSize; ++i)
-        {
-            buffer[i] ^= input[inOff + i];
-        }
-
-        cipher.processBlock(buffer, 0, buffer, 0);
-
-        for (int i = 0; i < blockSize; ++i)
-        {
-            output[outOff + i] = (byte)(buffer[i] ^ tweak[i]);
-        }
-    }
-
-    public int doFinal(byte[] output, int outOff)
-    {
-        reset();
-
-        return 0;
-    }
-
-    public void reset()
-    {
-//        super.reset();
-        cipher.reset();
-
-        System.arraycopy(tw_init, 0, tw_current, 0, tw_init.length);
-        counter = 0;
-    }
-
-    private static void GF_double(long redPoly, long[] z)
-    {
-        long c = 0;
-        for (int i = 0; i < z.length; ++i)
-        {
-            long zVal = z[i];
-            long bit = zVal >>> 63;
-            z[i] = (zVal << 1) ^ c;
-            c = bit;
-        }
-
-        z[0] ^= redPoly & -c;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/NISTCTSBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/NISTCTSBlockCipher.java
deleted file mode 100644
index e15cbd4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/NISTCTSBlockCipher.java
+++ /dev/null

@@ -1,335 +0,0 @@
-/**
- * A Cipher Text Stealing (CTS) mode cipher. CTS allows block ciphers to
- * be used to produce cipher text which is the same length as the plain text.
- */
-package org.bouncycastle.crypto.modes;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.OutputLengthException;
-
-/**
- * A Cipher Text Stealing (CTS) mode cipher. CTS allows block ciphers to
- * be used to produce cipher text which is the same length as the plain text.
- * <p>
- *     This class implements the NIST version as documented in "Addendum to NIST SP 800-38A, Recommendation for Block Cipher Modes of Operation: Three Variants of Ciphertext Stealing for CBC Mode"
- * </p>
- */
-public class NISTCTSBlockCipher
-    extends BufferedBlockCipher
-{
-    public static final int CS1 = 1;
-    public static final int CS2 = 2;
-    public static final int CS3 = 3;
-
-    private final int type;
-    private final int blockSize;
-
-    /**
-     * Create a buffered block cipher that uses NIST Cipher Text Stealing
-     *
-     * @param type type of CTS mode (CS1, CS2, or CS3)
-     * @param cipher the underlying block cipher used to create the CBC block cipher this cipher uses..
-     */
-    public NISTCTSBlockCipher(
-        int type,
-        BlockCipher cipher)
-    {
-        this.type = type;
-        this.cipher = new CBCBlockCipher(cipher);
-
-        blockSize = cipher.getBlockSize();
-
-        buf = new byte[blockSize * 2];
-        bufOff = 0;
-    }
-
-    /**
-     * return the size of the output buffer required for an update
-     * an input of len bytes.
-     *
-     * @param len the length of the input.
-     * @return the space required to accommodate a call to update
-     * with len bytes of input.
-     */
-    public int getUpdateOutputSize(
-        int len)
-    {
-        int total       = len + bufOff;
-        int leftOver    = total % buf.length;
-
-        if (leftOver == 0)
-        {
-            return total - buf.length;
-        }
-
-        return total - leftOver;
-    }
-
-    /**
-     * return the size of the output buffer required for an update plus a
-     * doFinal with an input of len bytes.
-     *
-     * @param len the length of the input.
-     * @return the space required to accommodate a call to update and doFinal
-     * with len bytes of input.
-     */
-    public int getOutputSize(
-        int len)
-    {
-        return len + bufOff;
-    }
-
-    /**
-     * process a single byte, producing an output block if necessary.
-     *
-     * @param in the input byte.
-     * @param out the space for any output that might be produced.
-     * @param outOff the offset from which the output will be copied.
-     * @return the number of output bytes copied to out.
-     * @exception org.bouncycastle.crypto.DataLengthException if there isn't enough space in out.
-     * @exception IllegalStateException if the cipher isn't initialised.
-     */
-    public int processByte(
-        byte        in,
-        byte[]      out,
-        int         outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        int         resultLen = 0;
-
-        if (bufOff == buf.length)
-        {
-            resultLen = cipher.processBlock(buf, 0, out, outOff);
-            System.arraycopy(buf, blockSize, buf, 0, blockSize);
-
-            bufOff = blockSize;
-        }
-
-        buf[bufOff++] = in;
-
-        return resultLen;
-    }
-
-    /**
-     * process an array of bytes, producing output if necessary.
-     *
-     * @param in the input byte array.
-     * @param inOff the offset at which the input data starts.
-     * @param len the number of bytes to be copied out of the input array.
-     * @param out the space for any output that might be produced.
-     * @param outOff the offset from which the output will be copied.
-     * @return the number of output bytes copied to out.
-     * @exception org.bouncycastle.crypto.DataLengthException if there isn't enough space in out.
-     * @exception IllegalStateException if the cipher isn't initialised.
-     */
-    public int processBytes(
-        byte[]      in,
-        int         inOff,
-        int         len,
-        byte[]      out,
-        int         outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        if (len < 0)
-        {
-            throw new IllegalArgumentException("Can't have a negative input length!");
-        }
-
-        int blockSize   = getBlockSize();
-        int length      = getUpdateOutputSize(len);
-
-        if (length > 0)
-        {
-            if ((outOff + length) > out.length)
-            {
-                throw new OutputLengthException("output buffer too short");
-            }
-        }
-
-        int resultLen = 0;
-        int gapLen = buf.length - bufOff;
-
-        if (len > gapLen)
-        {
-            System.arraycopy(in, inOff, buf, bufOff, gapLen);
-
-            resultLen += cipher.processBlock(buf, 0, out, outOff);
-            System.arraycopy(buf, blockSize, buf, 0, blockSize);
-
-            bufOff = blockSize;
-
-            len -= gapLen;
-            inOff += gapLen;
-
-            while (len > blockSize)
-            {
-                System.arraycopy(in, inOff, buf, bufOff, blockSize);
-                resultLen += cipher.processBlock(buf, 0, out, outOff + resultLen);
-                System.arraycopy(buf, blockSize, buf, 0, blockSize);
-
-                len -= blockSize;
-                inOff += blockSize;
-            }
-        }
-
-        System.arraycopy(in, inOff, buf, bufOff, len);
-
-        bufOff += len;
-
-        return resultLen;
-    }
-
-    /**
-     * Process the last block in the buffer.
-     *
-     * @param out the array the block currently being held is copied into.
-     * @param outOff the offset at which the copying starts.
-     * @return the number of output bytes copied to out.
-     * @exception org.bouncycastle.crypto.DataLengthException if there is insufficient space in out for
-     * the output.
-     * @exception IllegalStateException if the underlying cipher is not
-     * initialised.
-     * @exception org.bouncycastle.crypto.InvalidCipherTextException if cipher text decrypts wrongly (in
-     * case the exception will never get thrown).
-     */
-    public int doFinal(
-        byte[]  out,
-        int     outOff)
-        throws DataLengthException, IllegalStateException, InvalidCipherTextException
-    {
-        if (bufOff + outOff > out.length)
-        {
-            throw new OutputLengthException("output buffer to small in doFinal");
-        }
-
-        int     blockSize = cipher.getBlockSize();
-        int     len = bufOff - blockSize;
-        byte[]  block = new byte[blockSize];
-
-        if (forEncryption)
-        {
-            if (bufOff < blockSize)
-            {
-                throw new DataLengthException("need at least one block of input for NISTCTS");
-            }
-
-            if (bufOff > blockSize)
-            {
-                byte[]  lastBlock = new byte[blockSize];
-
-                if (this.type == CS2 || this.type == CS3)
-                {
-                    cipher.processBlock(buf, 0, block, 0);
-
-                    System.arraycopy(buf, blockSize, lastBlock, 0, len);
-
-                    cipher.processBlock(lastBlock, 0, lastBlock, 0);
-
-                    if (this.type == CS2 && len == blockSize)
-                    {
-                        System.arraycopy(block, 0, out, outOff, blockSize);
-
-                        System.arraycopy(lastBlock, 0, out, outOff + blockSize, len);
-                    }
-                    else
-                    {
-                        System.arraycopy(lastBlock, 0, out, outOff, blockSize);
-
-                        System.arraycopy(block, 0, out, outOff + blockSize, len);
-                    }
-                }
-                else
-                {
-                    System.arraycopy(buf, 0, block, 0, blockSize);
-                    cipher.processBlock(block, 0, block, 0);
-                    System.arraycopy(block, 0, out, outOff, len);
-
-                    System.arraycopy(buf, bufOff - len, lastBlock, 0, len);
-                    cipher.processBlock(lastBlock, 0, lastBlock, 0);
-                    System.arraycopy(lastBlock, 0, out, outOff + len, blockSize);
-                }
-            }
-            else
-            {
-                cipher.processBlock(buf, 0, block, 0);
-
-                System.arraycopy(block, 0, out, outOff, blockSize);
-            }
-        }
-        else
-        {
-            if (bufOff < blockSize)
-            {
-                throw new DataLengthException("need at least one block of input for CTS");
-            }
-
-            byte[]  lastBlock = new byte[blockSize];
-
-            if (bufOff > blockSize)
-            {
-                if (this.type == CS3 || (this.type == CS2 && ((buf.length - bufOff) % blockSize) != 0))
-                {
-                    if (cipher instanceof CBCBlockCipher)
-                    {
-                        BlockCipher c = ((CBCBlockCipher)cipher).getUnderlyingCipher();
-
-                        c.processBlock(buf, 0, block, 0);
-                    }
-                    else
-                    {
-                        cipher.processBlock(buf, 0, block, 0);
-                    }
-
-                    for (int i = blockSize; i != bufOff; i++)
-                    {
-                        lastBlock[i - blockSize] = (byte)(block[i - blockSize] ^ buf[i]);
-                    }
-
-                    System.arraycopy(buf, blockSize, block, 0, len);
-
-                    cipher.processBlock(block, 0, out, outOff);
-                    System.arraycopy(lastBlock, 0, out, outOff + blockSize, len);
-                }
-                else
-                {
-                    BlockCipher c = ((CBCBlockCipher)cipher).getUnderlyingCipher();
-
-                    c.processBlock(buf, bufOff - blockSize, lastBlock, 0);
-
-                    System.arraycopy(buf, 0, block, 0, blockSize);
-
-                    if (len != blockSize)
-                    {
-                        System.arraycopy(lastBlock, len, block, len, blockSize - len);
-                    }
-
-                    cipher.processBlock(block, 0, block, 0);
-
-                    System.arraycopy(block, 0, out, outOff, blockSize);
-
-                    for (int i = 0; i != len; i++)
-                    {
-                        lastBlock[i] ^= buf[i];
-                    }
-
-                    System.arraycopy(lastBlock, 0, out, outOff + blockSize, len);
-                }
-            }
-            else
-            {
-                cipher.processBlock(buf, 0, block, 0);
-
-                System.arraycopy(block, 0, out, outOff, blockSize);
-            }
-        }
-
-        int offset = bufOff;
-
-        reset();
-
-        return offset;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/OCBBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/OCBBlockCipher.java
deleted file mode 100644
index 7865380..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/OCBBlockCipher.java
+++ /dev/null

@@ -1,602 +0,0 @@
-package org.bouncycastle.crypto.modes;
-
-import java.util.Vector;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.AEADParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Arrays;
-
-/**
- * An implementation of <a href="http://tools.ietf.org/html/rfc7253">RFC 7253 on The OCB
- * Authenticated-Encryption Algorithm</a>, licensed per:
- * <p>
- * <blockquote> <a href="http://www.cs.ucdavis.edu/~rogaway/ocb/license1.pdf">License for
- * Open-Source Software Implementations of OCB</a> (Jan 9, 2013) &mdash; &ldquo;License 1&rdquo; <br>
- * Under this license, you are authorized to make, use, and distribute open-source software
- * implementations of OCB. This license terminates for you if you sue someone over their open-source
- * software implementation of OCB claiming that you have a patent covering their implementation.
- * <p>
- * This is a non-binding summary of a legal document (the link above). The parameters of the license
- * are specified in the license document and that document is controlling. </blockquote>
- */
-public class OCBBlockCipher
-    implements AEADBlockCipher
-{
-    private static final int BLOCK_SIZE = 16;
-
-    private BlockCipher hashCipher;
-    private BlockCipher mainCipher;
-
-    /*
-     * CONFIGURATION
-     */
-    private boolean forEncryption;
-    private int macSize;
-    private byte[] initialAssociatedText;
-
-    /*
-     * KEY-DEPENDENT
-     */
-    // NOTE: elements are lazily calculated
-    private Vector L;
-    private byte[] L_Asterisk, L_Dollar;
-
-    /*
-     * NONCE-DEPENDENT
-     */
-    private byte[] KtopInput = null;
-    private byte[] Stretch = new byte[24];
-    private byte[] OffsetMAIN_0 = new byte[16];
-
-    /*
-     * PER-ENCRYPTION/DECRYPTION
-     */
-    private byte[] hashBlock, mainBlock;
-    private int hashBlockPos, mainBlockPos;
-    private long hashBlockCount, mainBlockCount;
-    private byte[] OffsetHASH;
-    private byte[] Sum;
-    private byte[] OffsetMAIN = new byte[16];
-    private byte[] Checksum;
-
-    // NOTE: The MAC value is preserved after doFinal
-    private byte[] macBlock;
-
-    public OCBBlockCipher(BlockCipher hashCipher, BlockCipher mainCipher)
-    {
-        if (hashCipher == null)
-        {
-            throw new IllegalArgumentException("'hashCipher' cannot be null");
-        }
-        if (hashCipher.getBlockSize() != BLOCK_SIZE)
-        {
-            throw new IllegalArgumentException("'hashCipher' must have a block size of "
-                + BLOCK_SIZE);
-        }
-        if (mainCipher == null)
-        {
-            throw new IllegalArgumentException("'mainCipher' cannot be null");
-        }
-        if (mainCipher.getBlockSize() != BLOCK_SIZE)
-        {
-            throw new IllegalArgumentException("'mainCipher' must have a block size of "
-                + BLOCK_SIZE);
-        }
-
-        if (!hashCipher.getAlgorithmName().equals(mainCipher.getAlgorithmName()))
-        {
-            throw new IllegalArgumentException(
-                "'hashCipher' and 'mainCipher' must be the same algorithm");
-        }
-
-        this.hashCipher = hashCipher;
-        this.mainCipher = mainCipher;
-    }
-
-    public BlockCipher getUnderlyingCipher()
-    {
-        return mainCipher;
-    }
-
-    public String getAlgorithmName()
-    {
-        return mainCipher.getAlgorithmName() + "/OCB";
-    }
-
-    public void init(boolean forEncryption, CipherParameters parameters)
-        throws IllegalArgumentException
-    {
-        boolean oldForEncryption = this.forEncryption;
-        this.forEncryption = forEncryption;
-        this.macBlock = null;
-
-        KeyParameter keyParameter;
-
-        byte[] N;
-        if (parameters instanceof AEADParameters)
-        {
-            AEADParameters aeadParameters = (AEADParameters)parameters;
-
-            N = aeadParameters.getNonce();
-            initialAssociatedText = aeadParameters.getAssociatedText();
-
-            int macSizeBits = aeadParameters.getMacSize();
-            if (macSizeBits < 64 || macSizeBits > 128 || macSizeBits % 8 != 0)
-            {
-                throw new IllegalArgumentException("Invalid value for MAC size: " + macSizeBits);
-            }
-
-            macSize = macSizeBits / 8;
-            keyParameter = aeadParameters.getKey();
-        }
-        else if (parameters instanceof ParametersWithIV)
-        {
-            ParametersWithIV parametersWithIV = (ParametersWithIV)parameters;
-
-            N = parametersWithIV.getIV();
-            initialAssociatedText = null;
-            macSize = 16;
-            keyParameter = (KeyParameter)parametersWithIV.getParameters();
-        }
-        else
-        {
-            throw new IllegalArgumentException("invalid parameters passed to OCB");
-        }
-
-        this.hashBlock = new byte[16];
-        this.mainBlock = new byte[forEncryption ? BLOCK_SIZE : (BLOCK_SIZE + macSize)];
-
-        if (N == null)
-        {
-            N = new byte[0];
-        }
-
-        if (N.length > 15)
-        {
-            throw new IllegalArgumentException("IV must be no more than 15 bytes");
-        }
-
-        /*
-         * KEY-DEPENDENT INITIALISATION
-         */
-
-        if (keyParameter != null)
-        {
-            // hashCipher always used in forward mode
-            hashCipher.init(true, keyParameter);
-            mainCipher.init(forEncryption, keyParameter);
-            KtopInput = null;
-        }
-        else if (oldForEncryption != forEncryption)
-        {
-            throw new IllegalArgumentException("cannot change encrypting state without providing key.");
-        }
-
-        this.L_Asterisk = new byte[16];
-        hashCipher.processBlock(L_Asterisk, 0, L_Asterisk, 0);
-
-        this.L_Dollar = OCB_double(L_Asterisk);
-
-        this.L = new Vector();
-        this.L.addElement(OCB_double(L_Dollar));
-
-        /*
-         * NONCE-DEPENDENT AND PER-ENCRYPTION/DECRYPTION INITIALISATION
-         */
-
-        int bottom = processNonce(N);
-
-        int bits = bottom % 8, bytes = bottom / 8;
-        if (bits == 0)
-        {
-            System.arraycopy(Stretch, bytes, OffsetMAIN_0, 0, 16);
-        }
-        else
-        {
-            for (int i = 0; i < 16; ++i)
-            {
-                int b1 = Stretch[bytes] & 0xff;
-                int b2 = Stretch[++bytes] & 0xff;
-                this.OffsetMAIN_0[i] = (byte)((b1 << bits) | (b2 >>> (8 - bits)));
-            }
-        }
-
-        this.hashBlockPos = 0;
-        this.mainBlockPos = 0;
-
-        this.hashBlockCount = 0;
-        this.mainBlockCount = 0;
-
-        this.OffsetHASH = new byte[16];
-        this.Sum = new byte[16];
-        System.arraycopy(this.OffsetMAIN_0, 0, this.OffsetMAIN, 0, 16);
-        this.Checksum = new byte[16];
-
-        if (initialAssociatedText != null)
-        {
-            processAADBytes(initialAssociatedText, 0, initialAssociatedText.length);
-        }
-    }
-
-    protected int processNonce(byte[] N)
-    {
-        byte[] nonce = new byte[16];
-        System.arraycopy(N, 0, nonce, nonce.length - N.length, N.length);
-        nonce[0] = (byte)(macSize << 4);
-        nonce[15 - N.length] |= 1;
-
-        int bottom = nonce[15] & 0x3F;
-        nonce[15] &= 0xC0;
-
-        /*
-         * When used with incrementing nonces, the cipher is only applied once every 64 inits.
-         */
-        if (KtopInput == null || !Arrays.areEqual(nonce, KtopInput))
-        {
-            byte[] Ktop = new byte[16];
-            KtopInput = nonce;
-            hashCipher.processBlock(KtopInput, 0, Ktop, 0);
-            System.arraycopy(Ktop, 0, Stretch, 0, 16);
-            for (int i = 0; i < 8; ++i)
-            {
-                Stretch[16 + i] = (byte)(Ktop[i] ^ Ktop[i + 1]);
-            }
-        }
-
-        return bottom;
-    }
-
-    public byte[] getMac()
-    {
-        if (macBlock == null)
-        {
-            return new byte[macSize];
-        }
-        return Arrays.clone(macBlock);
-    }
-
-    public int getOutputSize(int len)
-    {
-        int totalData = len + mainBlockPos;
-        if (forEncryption)
-        {
-            return totalData + macSize;
-        }
-        return totalData < macSize ? 0 : totalData - macSize;
-    }
-
-    public int getUpdateOutputSize(int len)
-    {
-        int totalData = len + mainBlockPos;
-        if (!forEncryption)
-        {
-            if (totalData < macSize)
-            {
-                return 0;
-            }
-            totalData -= macSize;
-        }
-        return totalData - totalData % BLOCK_SIZE;
-    }
-
-    public void processAADByte(byte input)
-    {
-        hashBlock[hashBlockPos] = input;
-        if (++hashBlockPos == hashBlock.length)
-        {
-            processHashBlock();
-        }
-    }
-
-    public void processAADBytes(byte[] input, int off, int len)
-    {
-        for (int i = 0; i < len; ++i)
-        {
-            hashBlock[hashBlockPos] = input[off + i];
-            if (++hashBlockPos == hashBlock.length)
-            {
-                processHashBlock();
-            }
-        }
-    }
-
-    public int processByte(byte input, byte[] output, int outOff)
-        throws DataLengthException
-    {
-        mainBlock[mainBlockPos] = input;
-        if (++mainBlockPos == mainBlock.length)
-        {
-            processMainBlock(output, outOff);
-            return BLOCK_SIZE;
-        }
-        return 0;
-    }
-
-    public int processBytes(byte[] input, int inOff, int len, byte[] output, int outOff)
-        throws DataLengthException
-    {
-        if (input.length < (inOff + len))
-        {
-            throw new DataLengthException("Input buffer too short");
-        }
-        int resultLen = 0;
-
-        for (int i = 0; i < len; ++i)
-        {
-            mainBlock[mainBlockPos] = input[inOff + i];
-            if (++mainBlockPos == mainBlock.length)
-            {
-                processMainBlock(output, outOff + resultLen);
-                resultLen += BLOCK_SIZE;
-            }
-        }
-
-        return resultLen;
-    }
-
-    public int doFinal(byte[] output, int outOff)
-        throws IllegalStateException,
-        InvalidCipherTextException
-    {
-        /*
-         * For decryption, get the tag from the end of the message
-         */
-        byte[] tag = null;
-        if (!forEncryption)
-        {
-            if (mainBlockPos < macSize)
-            {
-                throw new InvalidCipherTextException("data too short");
-            }
-            mainBlockPos -= macSize;
-            tag = new byte[macSize];
-            System.arraycopy(mainBlock, mainBlockPos, tag, 0, macSize);
-        }
-
-        /*
-         * HASH: Process any final partial block; compute final hash value
-         */
-        if (hashBlockPos > 0)
-        {
-            OCB_extend(hashBlock, hashBlockPos);
-            updateHASH(L_Asterisk);
-        }
-
-        /*
-         * OCB-ENCRYPT/OCB-DECRYPT: Process any final partial block
-         */
-        if (mainBlockPos > 0)
-        {
-            if (forEncryption)
-            {
-                OCB_extend(mainBlock, mainBlockPos);
-                xor(Checksum, mainBlock);
-            }
-
-            xor(OffsetMAIN, L_Asterisk);
-
-            byte[] Pad = new byte[16];
-            hashCipher.processBlock(OffsetMAIN, 0, Pad, 0);
-
-            xor(mainBlock, Pad);
-
-            if (output.length < (outOff + mainBlockPos))
-            {
-                throw new OutputLengthException("Output buffer too short");
-            }
-            System.arraycopy(mainBlock, 0, output, outOff, mainBlockPos);
-
-            if (!forEncryption)
-            {
-                OCB_extend(mainBlock, mainBlockPos);
-                xor(Checksum, mainBlock);
-            }
-        }
-
-        /*
-         * OCB-ENCRYPT/OCB-DECRYPT: Compute raw tag
-         */
-        xor(Checksum, OffsetMAIN);
-        xor(Checksum, L_Dollar);
-        hashCipher.processBlock(Checksum, 0, Checksum, 0);
-        xor(Checksum, Sum);
-
-        this.macBlock = new byte[macSize];
-        System.arraycopy(Checksum, 0, macBlock, 0, macSize);
-
-        /*
-         * Validate or append tag and reset this cipher for the next run
-         */
-        int resultLen = mainBlockPos;
-
-        if (forEncryption)
-        {
-            if (output.length < (outOff + resultLen + macSize))
-            {
-                throw new OutputLengthException("Output buffer too short");
-            }
-            // Append tag to the message
-            System.arraycopy(macBlock, 0, output, outOff + resultLen, macSize);
-            resultLen += macSize;
-        }
-        else
-        {
-            // Compare the tag from the message with the calculated one
-            if (!Arrays.constantTimeAreEqual(macBlock, tag))
-            {
-                throw new InvalidCipherTextException("mac check in OCB failed");
-            }
-        }
-
-        reset(false);
-
-        return resultLen;
-    }
-
-    public void reset()
-    {
-        reset(true);
-    }
-
-    protected void clear(byte[] bs)
-    {
-        if (bs != null)
-        {
-            Arrays.fill(bs, (byte)0);
-        }
-    }
-
-    protected byte[] getLSub(int n)
-    {
-        while (n >= L.size())
-        {
-            L.addElement(OCB_double((byte[])L.lastElement()));
-        }
-        return (byte[])L.elementAt(n);
-    }
-
-    protected void processHashBlock()
-    {
-        /*
-         * HASH: Process any whole blocks
-         */
-        updateHASH(getLSub(OCB_ntz(++hashBlockCount)));
-        hashBlockPos = 0;
-    }
-
-    protected void processMainBlock(byte[] output, int outOff)
-    {
-        if (output.length < (outOff + BLOCK_SIZE))
-        {
-            throw new OutputLengthException("Output buffer too short");
-        }
-
-        /*
-         * OCB-ENCRYPT/OCB-DECRYPT: Process any whole blocks
-         */
-
-        if (forEncryption)
-        {
-            xor(Checksum, mainBlock);
-            mainBlockPos = 0;
-        }
-
-        xor(OffsetMAIN, getLSub(OCB_ntz(++mainBlockCount)));
-
-        xor(mainBlock, OffsetMAIN);
-        mainCipher.processBlock(mainBlock, 0, mainBlock, 0);
-        xor(mainBlock, OffsetMAIN);
-
-        System.arraycopy(mainBlock, 0, output, outOff, 16);
-
-        if (!forEncryption)
-        {
-            xor(Checksum, mainBlock);
-            System.arraycopy(mainBlock, BLOCK_SIZE, mainBlock, 0, macSize);
-            mainBlockPos = macSize;
-        }
-    }
-
-    protected void reset(boolean clearMac)
-    {
-        hashCipher.reset();
-        mainCipher.reset();
-
-        clear(hashBlock);
-        clear(mainBlock);
-
-        hashBlockPos = 0;
-        mainBlockPos = 0;
-
-        hashBlockCount = 0;
-        mainBlockCount = 0;
-
-        clear(OffsetHASH);
-        clear(Sum);
-        System.arraycopy(OffsetMAIN_0, 0, OffsetMAIN, 0, 16);
-        clear(Checksum);
-
-        if (clearMac)
-        {
-            macBlock = null;
-        }
-
-        if (initialAssociatedText != null)
-        {
-            processAADBytes(initialAssociatedText, 0, initialAssociatedText.length);
-        }
-    }
-
-    protected void updateHASH(byte[] LSub)
-    {
-        xor(OffsetHASH, LSub);
-        xor(hashBlock, OffsetHASH);
-        hashCipher.processBlock(hashBlock, 0, hashBlock, 0);
-        xor(Sum, hashBlock);
-    }
-
-    protected static byte[] OCB_double(byte[] block)
-    {
-        byte[] result = new byte[16];
-        int carry = shiftLeft(block, result);
-
-        /*
-         * NOTE: This construction is an attempt at a constant-time implementation.
-         */
-        result[15] ^= (0x87 >>> ((1 - carry) << 3));
-
-        return result;
-    }
-
-    protected static void OCB_extend(byte[] block, int pos)
-    {
-        block[pos] = (byte)0x80;
-        while (++pos < 16)
-        {
-            block[pos] = 0;
-        }
-    }
-
-    protected static int OCB_ntz(long x)
-    {
-        if (x == 0)
-        {
-            return 64;
-        }
-
-        int n = 0;
-        while ((x & 1L) == 0L)
-        {
-            ++n;
-            x >>>= 1;
-        }
-        return n;
-    }
-
-    protected static int shiftLeft(byte[] block, byte[] output)
-    {
-        int i = 16;
-        int bit = 0;
-        while (--i >= 0)
-        {
-            int b = block[i] & 0xff;
-            output[i] = (byte)((b << 1) | bit);
-            bit = (b >>> 7) & 1;
-        }
-        return bit;
-    }
-
-    protected static void xor(byte[] block, byte[] val)
-    {
-        for (int i = 15; i >= 0; --i)
-        {
-            block[i] ^= val[i];
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/OldCTSBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/OldCTSBlockCipher.java
deleted file mode 100644
index 30aed5b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/OldCTSBlockCipher.java
+++ /dev/null

@@ -1,270 +0,0 @@
-package org.bouncycastle.crypto.modes;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.OutputLengthException;
-
-/**
- * A Cipher Text Stealing (CTS) mode cipher. CTS allows block ciphers to
- * be used to produce cipher text which is the same length as the plain text.
- * <p>
- * This version applies the CTS algorithm from one block up, rather than following the errata update issued in 2004, where CTS mode is applied
- * from greater than 1 block up and the first block is processed using CBC mode.
- * </p>
- */
-public class OldCTSBlockCipher
-    extends BufferedBlockCipher
-{
-    private int     blockSize;
-
-    /**
-     * Create a buffered block cipher that uses Cipher Text Stealing
-     *
-     * @param cipher the underlying block cipher this buffering object wraps.
-     */
-    public OldCTSBlockCipher(
-        BlockCipher cipher)
-    {
-        if ((cipher instanceof OFBBlockCipher) || (cipher instanceof CFBBlockCipher))
-        {
-            throw new IllegalArgumentException("CTSBlockCipher can only accept ECB, or CBC ciphers");
-        }
-
-        this.cipher = cipher;
-
-        blockSize = cipher.getBlockSize();
-
-        buf = new byte[blockSize * 2];
-        bufOff = 0;
-    }
-
-    /**
-     * return the size of the output buffer required for an update
-     * an input of len bytes.
-     *
-     * @param len the length of the input.
-     * @return the space required to accommodate a call to update
-     * with len bytes of input.
-     */
-    public int getUpdateOutputSize(
-        int len)
-    {
-        int total       = len + bufOff;
-        int leftOver    = total % buf.length;
-
-        if (leftOver == 0)
-        {
-            return total - buf.length;
-        }
-
-        return total - leftOver;
-    }
-
-    /**
-     * return the size of the output buffer required for an update plus a
-     * doFinal with an input of len bytes.
-     *
-     * @param len the length of the input.
-     * @return the space required to accommodate a call to update and doFinal
-     * with len bytes of input.
-     */
-    public int getOutputSize(
-        int len)
-    {
-        return len + bufOff;
-    }
-
-    /**
-     * process a single byte, producing an output block if necessary.
-     *
-     * @param in the input byte.
-     * @param out the space for any output that might be produced.
-     * @param outOff the offset from which the output will be copied.
-     * @return the number of output bytes copied to out.
-     * @exception org.bouncycastle.crypto.DataLengthException if there isn't enough space in out.
-     * @exception IllegalStateException if the cipher isn't initialised.
-     */
-    public int processByte(
-        byte        in,
-        byte[]      out,
-        int         outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        int         resultLen = 0;
-
-        if (bufOff == buf.length)
-        {
-            resultLen = cipher.processBlock(buf, 0, out, outOff);
-            System.arraycopy(buf, blockSize, buf, 0, blockSize);
-
-            bufOff = blockSize;
-        }
-
-        buf[bufOff++] = in;
-
-        return resultLen;
-    }
-
-    /**
-     * process an array of bytes, producing output if necessary.
-     *
-     * @param in the input byte array.
-     * @param inOff the offset at which the input data starts.
-     * @param len the number of bytes to be copied out of the input array.
-     * @param out the space for any output that might be produced.
-     * @param outOff the offset from which the output will be copied.
-     * @return the number of output bytes copied to out.
-     * @exception org.bouncycastle.crypto.DataLengthException if there isn't enough space in out.
-     * @exception IllegalStateException if the cipher isn't initialised.
-     */
-    public int processBytes(
-        byte[]      in,
-        int         inOff,
-        int         len,
-        byte[]      out,
-        int         outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        if (len < 0)
-        {
-            throw new IllegalArgumentException("Can't have a negative input length!");
-        }
-
-        int blockSize   = getBlockSize();
-        int length      = getUpdateOutputSize(len);
-
-        if (length > 0)
-        {
-            if ((outOff + length) > out.length)
-            {
-                throw new OutputLengthException("output buffer too short");
-            }
-        }
-
-        int resultLen = 0;
-        int gapLen = buf.length - bufOff;
-
-        if (len > gapLen)
-        {
-            System.arraycopy(in, inOff, buf, bufOff, gapLen);
-
-            resultLen += cipher.processBlock(buf, 0, out, outOff);
-            System.arraycopy(buf, blockSize, buf, 0, blockSize);
-
-            bufOff = blockSize;
-
-            len -= gapLen;
-            inOff += gapLen;
-
-            while (len > blockSize)
-            {
-                System.arraycopy(in, inOff, buf, bufOff, blockSize);
-                resultLen += cipher.processBlock(buf, 0, out, outOff + resultLen);
-                System.arraycopy(buf, blockSize, buf, 0, blockSize);
-
-                len -= blockSize;
-                inOff += blockSize;
-            }
-        }
-
-        System.arraycopy(in, inOff, buf, bufOff, len);
-
-        bufOff += len;
-
-        return resultLen;
-    }
-
-    /**
-     * Process the last block in the buffer.
-     *
-     * @param out the array the block currently being held is copied into.
-     * @param outOff the offset at which the copying starts.
-     * @return the number of output bytes copied to out.
-     * @exception org.bouncycastle.crypto.DataLengthException if there is insufficient space in out for
-     * the output.
-     * @exception IllegalStateException if the underlying cipher is not
-     * initialised.
-     * @exception org.bouncycastle.crypto.InvalidCipherTextException if cipher text decrypts wrongly (in
-     * case the exception will never get thrown).
-     */
-    public int doFinal(
-        byte[]  out,
-        int     outOff)
-        throws DataLengthException, IllegalStateException, InvalidCipherTextException
-    {
-        if (bufOff + outOff > out.length)
-        {
-            throw new OutputLengthException("output buffer to small in doFinal");
-        }
-
-        int     blockSize = cipher.getBlockSize();
-        int     len = bufOff - blockSize;
-        byte[]  block = new byte[blockSize];
-
-        if (forEncryption)
-        {
-            cipher.processBlock(buf, 0, block, 0);
-            
-            if (bufOff < blockSize)
-            {
-                throw new DataLengthException("need at least one block of input for CTS");
-            }
-
-            for (int i = bufOff; i != buf.length; i++)
-            {
-                buf[i] = block[i - blockSize];
-            }
-
-            for (int i = blockSize; i != bufOff; i++)
-            {
-                buf[i] ^= block[i - blockSize];
-            }
-
-            if (cipher instanceof CBCBlockCipher)
-            {
-                BlockCipher c = ((CBCBlockCipher)cipher).getUnderlyingCipher();
-
-                c.processBlock(buf, blockSize, out, outOff);
-            }
-            else
-            {
-                cipher.processBlock(buf, blockSize, out, outOff);
-            }
-
-            System.arraycopy(block, 0, out, outOff + blockSize, len);
-        }
-        else
-        {
-            byte[]  lastBlock = new byte[blockSize];
-
-            if (cipher instanceof CBCBlockCipher)
-            {
-                BlockCipher c = ((CBCBlockCipher)cipher).getUnderlyingCipher();
-
-                c.processBlock(buf, 0, block, 0);
-            }
-            else
-            {
-                cipher.processBlock(buf, 0, block, 0);
-            }
-
-            for (int i = blockSize; i != bufOff; i++)
-            {
-                lastBlock[i - blockSize] = (byte)(block[i - blockSize] ^ buf[i]);
-            }
-
-            System.arraycopy(buf, blockSize, block, 0, len);
-
-            cipher.processBlock(block, 0, out, outOff);
-            System.arraycopy(lastBlock, 0, out, outOff + blockSize, len);
-        }
-
-        int offset = bufOff;
-
-        reset();
-
-        return offset;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/OpenPGPCFBBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/OpenPGPCFBBlockCipher.java
deleted file mode 100644
index 8ae1588..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/OpenPGPCFBBlockCipher.java
+++ /dev/null

@@ -1,311 +0,0 @@
-package org.bouncycastle.crypto.modes;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-
-/**
- * Implements OpenPGP's rather strange version of Cipher-FeedBack (CFB) mode
- * on top of a simple cipher. This class assumes the IV has been prepended
- * to the data stream already, and just accomodates the reset after
- * (blockSize + 2) bytes have been read.
- * <p>
- * For further info see <a href="http://www.ietf.org/rfc/rfc2440.html">RFC 2440</a>.
- */
-public class OpenPGPCFBBlockCipher
-    implements BlockCipher
-{
-    private byte[] IV;
-    private byte[] FR;
-    private byte[] FRE;
-
-    private BlockCipher cipher;
-
-    private int count;
-    private int blockSize;
-    private boolean forEncryption;
-    
-    /**
-     * Basic constructor.
-     *
-     * @param cipher the block cipher to be used as the basis of the
-     * feedback mode.
-     */
-    public OpenPGPCFBBlockCipher(
-        BlockCipher cipher)
-    {
-        this.cipher = cipher;
-
-        this.blockSize = cipher.getBlockSize();
-        this.IV = new byte[blockSize];
-        this.FR = new byte[blockSize];
-        this.FRE = new byte[blockSize];
-    }
-
-    /**
-     * return the underlying block cipher that we are wrapping.
-     *
-     * @return the underlying block cipher that we are wrapping.
-     */
-    public BlockCipher getUnderlyingCipher()
-    {
-        return cipher;
-    }
-    
-    /**
-     * return the algorithm name and mode.
-     *
-     * @return the name of the underlying algorithm followed by "/OpenPGPCFB"
-     * and the block size in bits.
-     */
-    public String getAlgorithmName()
-    {
-        return cipher.getAlgorithmName() + "/OpenPGPCFB";
-    }
-    
-    /**
-     * return the block size we are operating at.
-     *
-     * @return the block size we are operating at (in bytes).
-     */
-    public int getBlockSize()
-    {
-        return cipher.getBlockSize();
-    }
-
-    /**
-     * Process one block of input from the array in and write it to
-     * the out array.
-     *
-     * @param in the array containing the input data.
-     * @param inOff offset into the in array the data starts at.
-     * @param out the array the output data will be copied into.
-     * @param outOff the offset into the out array the output will start at.
-     * @exception DataLengthException if there isn't enough data in in, or
-     * space in out.
-     * @exception IllegalStateException if the cipher isn't initialised.
-     * @return the number of bytes processed and produced.
-     */
-    public int processBlock(
-        byte[] in,
-        int inOff,
-        byte[] out,
-        int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        return (forEncryption) ? encryptBlock(in, inOff, out, outOff) : decryptBlock(in, inOff, out, outOff);
-    }
-    
-    /**
-     * reset the chaining vector back to the IV and reset the underlying
-     * cipher.
-     */
-    public void reset()
-    {
-        count = 0;
-
-        System.arraycopy(IV, 0, FR, 0, FR.length);
-
-        cipher.reset();
-    }
-
-    /**
-     * Initialise the cipher and, possibly, the initialisation vector (IV).
-     * If an IV isn't passed as part of the parameter, the IV will be all zeros.
-     * An IV which is too short is handled in FIPS compliant fashion.
-     *
-     * @param forEncryption if true the cipher is initialised for
-     *  encryption, if false for decryption.
-     * @param params the key and other data required by the cipher.
-     * @exception IllegalArgumentException if the params argument is
-     * inappropriate.
-     */
-    public void init(
-        boolean forEncryption,
-        CipherParameters params)
-        throws IllegalArgumentException
-    {
-        this.forEncryption = forEncryption;
-     
-        reset();
-
-        cipher.init(true, params);
-    }
-    
-    /**
-     * Encrypt one byte of data according to CFB mode.
-     * @param data the byte to encrypt
-     * @param blockOff offset in the current block
-     * @return the encrypted byte
-     */
-    private byte encryptByte(byte data, int blockOff)
-    {
-        return (byte)(FRE[blockOff] ^ data);
-    }
-    
-    /**
-     * Do the appropriate processing for CFB IV mode encryption.
-     *
-     * @param in the array containing the data to be encrypted.
-     * @param inOff offset into the in array the data starts at.
-     * @param out the array the encrypted data will be copied into.
-     * @param outOff the offset into the out array the output will start at.
-     * @exception DataLengthException if there isn't enough data in in, or
-     * space in out.
-     * @exception IllegalStateException if the cipher isn't initialised.
-     * @return the number of bytes processed and produced.
-     */
-    private int encryptBlock(
-        byte[] in,
-        int inOff,
-        byte[] out,
-        int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        if ((inOff + blockSize) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-        if ((outOff + blockSize) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-        
-        if (count > blockSize)
-        {
-            FR[blockSize - 2] = out[outOff] = encryptByte(in[inOff], blockSize - 2);
-            FR[blockSize - 1] = out[outOff + 1] = encryptByte(in[inOff + 1], blockSize - 1);
-
-            cipher.processBlock(FR, 0, FRE, 0);
-
-            for (int n = 2; n < blockSize; n++) 
-            {
-                FR[n - 2] = out[outOff + n] = encryptByte(in[inOff + n], n - 2);
-            }
-        }
-        else if (count == 0)
-        {
-            cipher.processBlock(FR, 0, FRE, 0);
-
-            for (int n = 0; n < blockSize; n++) 
-            {
-                FR[n] = out[outOff + n] = encryptByte(in[inOff + n], n);
-            }
-            
-            count += blockSize;
-        }
-        else if (count == blockSize)
-        {
-            cipher.processBlock(FR, 0, FRE, 0);
-
-            out[outOff] = encryptByte(in[inOff], 0);
-            out[outOff + 1] = encryptByte(in[inOff + 1], 1);
-
-            //
-            // do reset
-            //
-            System.arraycopy(FR, 2, FR, 0, blockSize - 2);
-            System.arraycopy(out, outOff, FR, blockSize - 2, 2);
-
-            cipher.processBlock(FR, 0, FRE, 0);
-
-            for (int n = 2; n < blockSize; n++) 
-            {
-                FR[n - 2] = out[outOff + n] = encryptByte(in[inOff + n], n - 2);
-            }
-
-            count += blockSize;
-        }
-        
-        return blockSize;
-    }
-
-    /**
-     * Do the appropriate processing for CFB IV mode decryption.
-     *
-     * @param in the array containing the data to be decrypted.
-     * @param inOff offset into the in array the data starts at.
-     * @param out the array the encrypted data will be copied into.
-     * @param outOff the offset into the out array the output will start at.
-     * @exception DataLengthException if there isn't enough data in in, or
-     * space in out.
-     * @exception IllegalStateException if the cipher isn't initialised.
-     * @return the number of bytes processed and produced.
-     */
-    private int decryptBlock(
-        byte[] in,
-        int inOff,
-        byte[] out,
-        int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        if ((inOff + blockSize) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-        if ((outOff + blockSize) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-        
-        if (count > blockSize)
-        {
-            byte inVal = in[inOff];
-            FR[blockSize - 2] = inVal;
-            out[outOff] = encryptByte(inVal, blockSize - 2);
-
-            inVal = in[inOff + 1];
-            FR[blockSize - 1] = inVal;
-            out[outOff + 1] = encryptByte(inVal, blockSize - 1);
-
-            cipher.processBlock(FR, 0, FRE, 0);
-            
-            for (int n = 2; n < blockSize; n++) 
-            {
-                inVal = in[inOff + n];
-                FR[n - 2] = inVal;
-                out[outOff + n] = encryptByte(inVal, n - 2);
-            }
-        } 
-        else if (count == 0)
-        {
-            cipher.processBlock(FR, 0, FRE, 0);
-            
-            for (int n = 0; n < blockSize; n++) 
-            {
-                FR[n] = in[inOff + n];
-                out[n] = encryptByte(in[inOff + n], n);
-            }
-            
-            count += blockSize;
-        }
-        else if (count == blockSize)
-        {
-            cipher.processBlock(FR, 0, FRE, 0);
-
-            byte inVal1 = in[inOff];
-            byte inVal2 = in[inOff + 1];
-            out[outOff    ] = encryptByte(inVal1, 0);
-            out[outOff + 1] = encryptByte(inVal2, 1);
-            
-            System.arraycopy(FR, 2, FR, 0, blockSize - 2);
-
-            FR[blockSize - 2] = inVal1;
-            FR[blockSize - 1] = inVal2;
-
-            cipher.processBlock(FR, 0, FRE, 0);
-
-            for (int n = 2; n < blockSize; n++) 
-            {
-                byte inVal = in[inOff + n];
-                FR[n - 2] = inVal;
-                out[outOff + n] = encryptByte(inVal, n - 2);
-            }
-
-            count += blockSize;
-        }
-        
-        return blockSize;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/PGPCFBBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/PGPCFBBlockCipher.java
deleted file mode 100644
index 72f68ca..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/PGPCFBBlockCipher.java
+++ /dev/null

@@ -1,453 +0,0 @@
-package org.bouncycastle.crypto.modes;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-
-/**
- * Implements OpenPGP's rather strange version of Cipher-FeedBack (CFB) mode on top of a simple cipher. For further info see <a href="http://www.ietf.org/rfc/rfc2440.html">RFC 2440</a>.
- */
-public class PGPCFBBlockCipher
-    implements BlockCipher
-{
-    private byte[] IV;
-    private byte[] FR;
-    private byte[] FRE;
-    private byte[] tmp;
-
-    private BlockCipher cipher;
-
-    private int count;
-    private int blockSize;
-    private boolean forEncryption;
-    
-    private boolean inlineIv; // if false we don't need to prepend an IV
-
-    /**
-     * Basic constructor.
-     *
-     * @param cipher the block cipher to be used as the basis of the
-     * feedback mode.
-     * @param inlineIv if true this is for PGP CFB with a prepended iv.
-     */
-    public PGPCFBBlockCipher(
-        BlockCipher cipher,
-        boolean     inlineIv)
-    {
-        this.cipher = cipher;
-        this.inlineIv = inlineIv;
-
-        this.blockSize = cipher.getBlockSize();
-        this.IV = new byte[blockSize];
-        this.FR = new byte[blockSize];
-        this.FRE = new byte[blockSize];
-        this.tmp = new byte[blockSize];
-    }
-
-    /**
-     * return the underlying block cipher that we are wrapping.
-     *
-     * @return the underlying block cipher that we are wrapping.
-     */
-    public BlockCipher getUnderlyingCipher()
-    {
-        return cipher;
-    }
-    
-    /**
-     * return the algorithm name and mode.
-     *
-     * @return the name of the underlying algorithm followed by "/PGPCFB"
-     * and the block size in bits.
-     */
-    public String getAlgorithmName()
-    {
-        if (inlineIv)
-        {
-            return cipher.getAlgorithmName() + "/PGPCFBwithIV";
-        }
-        else
-        {
-            return cipher.getAlgorithmName() + "/PGPCFB";
-        }
-    }
-    
-    /**
-     * return the block size we are operating at.
-     *
-     * @return the block size we are operating at (in bytes).
-     */
-    public int getBlockSize()
-    {
-        return cipher.getBlockSize();
-    }
-
-    /**
-     * Process one block of input from the array in and write it to
-     * the out array.
-     *
-     * @param in the array containing the input data.
-     * @param inOff offset into the in array the data starts at.
-     * @param out the array the output data will be copied into.
-     * @param outOff the offset into the out array the output will start at.
-     * @exception DataLengthException if there isn't enough data in in, or
-     * space in out.
-     * @exception IllegalStateException if the cipher isn't initialised.
-     * @return the number of bytes processed and produced.
-     */
-    public int processBlock(
-        byte[] in,
-        int inOff,
-        byte[] out,
-        int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        if (inlineIv)
-        {
-            return (forEncryption) ? encryptBlockWithIV(in, inOff, out, outOff) : decryptBlockWithIV(in, inOff, out, outOff);
-        }
-        else
-        {
-            return (forEncryption) ? encryptBlock(in, inOff, out, outOff) : decryptBlock(in, inOff, out, outOff);
-        }
-    }
-    
-    /**
-     * reset the chaining vector back to the IV and reset the underlying
-     * cipher.
-     */
-    public void reset()
-    {
-        count = 0;
-
-        for (int i = 0; i != FR.length; i++)
-        {
-            if (inlineIv)
-            {
-                FR[i] = 0;
-            }
-            else
-            {
-                FR[i] = IV[i]; // if simple mode, key is IV (even if this is zero)
-            }
-        }
-
-        cipher.reset();
-    }
-
-    /**
-     * Initialise the cipher and, possibly, the initialisation vector (IV).
-     * If an IV isn't passed as part of the parameter, the IV will be all zeros.
-     * An IV which is too short is handled in FIPS compliant fashion.
-     *
-     * @param forEncryption if true the cipher is initialised for
-     *  encryption, if false for decryption.
-     * @param params the key and other data required by the cipher.
-     * @exception IllegalArgumentException if the params argument is
-     * inappropriate.
-     */
-    public void init(
-        boolean forEncryption,
-        CipherParameters params)
-        throws IllegalArgumentException
-    {
-        this.forEncryption = forEncryption;
-     
-        if (params instanceof ParametersWithIV)
-        {
-                ParametersWithIV ivParam = (ParametersWithIV)params;
-                byte[]      iv = ivParam.getIV();
-
-                if (iv.length < IV.length)
-                {
-                    // prepend the supplied IV with zeros (per FIPS PUB 81)
-                    System.arraycopy(iv, 0, IV, IV.length - iv.length, iv.length);
-                    for (int i = 0; i < IV.length - iv.length; i++)
-                    {
-                            IV[i] = 0;
-                    }
-                }
-                else
-                {
-                    System.arraycopy(iv, 0, IV, 0, IV.length);
-                }
-
-                reset();
-
-                cipher.init(true, ivParam.getParameters());
-        }
-        else
-        {
-                reset();
-
-                cipher.init(true, params);
-        }
-    }
-    
-    /**
-     * Encrypt one byte of data according to CFB mode.
-     * @param data the byte to encrypt
-     * @param blockOff where am i in the current block, determines when to resync the block
-     * @returns the encrypted byte
-     */
-    private byte encryptByte(byte data, int blockOff)
-    {
-        return (byte)(FRE[blockOff] ^ data);
-    }
-    
-    /**
-     * Do the appropriate processing for CFB IV mode encryption.
-     *
-     * @param in the array containing the data to be encrypted.
-     * @param inOff offset into the in array the data starts at.
-     * @param out the array the encrypted data will be copied into.
-     * @param outOff the offset into the out array the output will start at.
-     * @exception DataLengthException if there isn't enough data in in, or
-     * space in out.
-     * @exception IllegalStateException if the cipher isn't initialised.
-     * @return the number of bytes processed and produced.
-     */
-    private int encryptBlockWithIV(
-        byte[] in,
-        int inOff,
-        byte[] out,
-        int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        if ((inOff + blockSize) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-
-        if (count == 0)
-        {
-            if ((outOff + 2 * blockSize + 2) > out.length)
-            {
-                throw new OutputLengthException("output buffer too short");
-            }
-
-            cipher.processBlock(FR, 0, FRE, 0);
-
-            for (int n = 0; n < blockSize; n++) 
-            {
-                out[outOff + n] = encryptByte(IV[n], n);
-            }
-            
-            System.arraycopy(out, outOff, FR, 0, blockSize);
-
-            cipher.processBlock(FR, 0, FRE, 0);
-
-            out[outOff + blockSize] = encryptByte(IV[blockSize - 2], 0);
-            out[outOff + blockSize + 1] = encryptByte(IV[blockSize - 1], 1);
-
-            System.arraycopy(out, outOff + 2, FR, 0, blockSize);
-            
-            cipher.processBlock(FR, 0, FRE, 0);
-
-            for (int n = 0; n < blockSize; n++) 
-            {
-                out[outOff + blockSize + 2 + n] = encryptByte(in[inOff + n], n);
-            }
-
-            System.arraycopy(out, outOff + blockSize + 2, FR, 0, blockSize);
-
-            count += 2 * blockSize + 2;
-
-            return 2 * blockSize + 2;
-        }
-        else if (count >= blockSize + 2)
-        {
-            if ((outOff + blockSize) > out.length)
-            {
-                throw new OutputLengthException("output buffer too short");
-            }
-
-            cipher.processBlock(FR, 0, FRE, 0);
-
-            for (int n = 0; n < blockSize; n++) 
-            {
-                out[outOff + n] = encryptByte(in[inOff + n], n);
-            }
-            
-            System.arraycopy(out, outOff, FR, 0, blockSize);
-        }
-        
-        return blockSize;
-    }
-
-    /**
-     * Do the appropriate processing for CFB IV mode decryption.
-     *
-     * @param in the array containing the data to be decrypted.
-     * @param inOff offset into the in array the data starts at.
-     * @param out the array the encrypted data will be copied into.
-     * @param outOff the offset into the out array the output will start at.
-     * @exception DataLengthException if there isn't enough data in in, or
-     * space in out.
-     * @exception IllegalStateException if the cipher isn't initialised.
-     * @return the number of bytes processed and produced.
-     */
-    private int decryptBlockWithIV(
-        byte[] in,
-        int inOff,
-        byte[] out,
-        int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        if ((inOff + blockSize) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-        if ((outOff + blockSize) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-        
-        if (count == 0)
-        {
-            for (int n = 0; n < blockSize; n++) 
-            {
-                FR[n] = in[inOff + n];
-            }
-            
-            cipher.processBlock(FR, 0, FRE, 0);
-
-            count += blockSize;
-
-            return 0;
-        }
-        else if (count == blockSize)
-        {
-            // copy in buffer so that this mode works if in and out are the same 
-            System.arraycopy(in, inOff, tmp, 0, blockSize);
-        
-            System.arraycopy(FR, 2, FR, 0, blockSize - 2);
-            
-            FR[blockSize - 2] = tmp[0];
-            FR[blockSize - 1] = tmp[1];
-
-            cipher.processBlock(FR, 0, FRE, 0);
-
-            for (int n = 0; n < blockSize - 2; n++) 
-            {
-                out[outOff + n] = encryptByte(tmp[n + 2], n);
-            }
-
-            System.arraycopy(tmp, 2, FR, 0, blockSize - 2);
-
-            count += 2;
-
-            return blockSize - 2;
-        }
-        else if (count >= blockSize + 2)
-        {
-            // copy in buffer so that this mode works if in and out are the same 
-            System.arraycopy(in, inOff, tmp, 0, blockSize);
-
-            out[outOff + 0] = encryptByte(tmp[0], blockSize - 2);
-            out[outOff + 1] = encryptByte(tmp[1], blockSize - 1);
-
-            System.arraycopy(tmp, 0, FR, blockSize - 2, 2);
-
-            cipher.processBlock(FR, 0, FRE, 0);
-            
-            for (int n = 0; n < blockSize - 2; n++) 
-            {
-                out[outOff + n + 2] = encryptByte(tmp[n + 2], n);
-            }
-            
-            System.arraycopy(tmp, 2, FR, 0, blockSize - 2);
-            
-        } 
-        
-        return blockSize;
-    }
-    
-    /**
-     * Do the appropriate processing for CFB mode encryption.
-     *
-     * @param in the array containing the data to be encrypted.
-     * @param inOff offset into the in array the data starts at.
-     * @param out the array the encrypted data will be copied into.
-     * @param outOff the offset into the out array the output will start at.
-     * @exception DataLengthException if there isn't enough data in in, or
-     * space in out.
-     * @exception IllegalStateException if the cipher isn't initialised.
-     * @return the number of bytes processed and produced.
-     */
-    private int encryptBlock(
-        byte[] in,
-        int inOff,
-        byte[] out,
-        int outOff)
-        throws DataLengthException, IllegalStateException
-    {        
-        if ((inOff + blockSize) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-        if ((outOff + blockSize) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-        
-        cipher.processBlock(FR, 0, FRE, 0);
-        for (int n = 0; n < blockSize; n++) 
-        {
-            out[outOff + n] = encryptByte(in[inOff + n], n);
-        }
-        
-        for (int n = 0; n < blockSize; n++) 
-        {
-            FR[n] = out[outOff + n];
-        }
-        
-        return blockSize;
-        
-    }
-    
-    /**
-     * Do the appropriate processing for CFB mode decryption.
-     *
-     * @param in the array containing the data to be decrypted.
-     * @param inOff offset into the in array the data starts at.
-     * @param out the array the encrypted data will be copied into.
-     * @param outOff the offset into the out array the output will start at.
-     * @exception DataLengthException if there isn't enough data in in, or
-     * space in out.
-     * @exception IllegalStateException if the cipher isn't initialised.
-     * @return the number of bytes processed and produced.
-     */
-    private int decryptBlock(
-        byte[] in,
-        int inOff,
-        byte[] out,
-        int outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        if ((inOff + blockSize) > in.length)
-        {
-            throw new DataLengthException("input buffer too short");
-        }
-        if ((outOff + blockSize) > out.length)
-        {
-            throw new OutputLengthException("output buffer too short");
-        }
-        
-        cipher.processBlock(FR, 0, FRE, 0);
-        for (int n = 0; n < blockSize; n++) 
-        {
-            out[outOff + n] = encryptByte(in[inOff + n], n);
-        }
-        
-        for (int n = 0; n < blockSize; n++) 
-        {
-            FR[n] = in[inOff + n];
-        }
-        
-        return blockSize;
-        
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/PaddedBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/PaddedBlockCipher.java
deleted file mode 100644
index 9406808..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/PaddedBlockCipher.java
+++ /dev/null

@@ -1,254 +0,0 @@
-package org.bouncycastle.crypto.modes;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.OutputLengthException;
-
-/**
- * A wrapper class that allows block ciphers to be used to process data in
- * a piecemeal fashion with PKCS5/PKCS7 padding. The PaddedBlockCipher
- * outputs a block only when the buffer is full and more data is being added,
- * or on a doFinal (unless the current block in the buffer is a pad block).
- * The padding mechanism used is the one outlined in PKCS5/PKCS7.
- *
- * @deprecated use org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher instead.
- */
-public class PaddedBlockCipher
-    extends BufferedBlockCipher
-{
-    /**
-     * Create a buffered block cipher with, or without, padding.
-     *
-     * @param cipher the underlying block cipher this buffering object wraps.
-     */
-    public PaddedBlockCipher(
-        BlockCipher     cipher)
-    {
-        this.cipher = cipher;
-
-        buf = new byte[cipher.getBlockSize()];
-        bufOff = 0;
-    }
-
-    /**
-     * return the size of the output buffer required for an update plus a
-     * doFinal with an input of len bytes.
-     *
-     * @param len the length of the input.
-     * @return the space required to accommodate a call to update and doFinal
-     * with len bytes of input.
-     */
-    public int getOutputSize(
-        int len)
-    {
-        int total       = len + bufOff;
-        int leftOver    = total % buf.length;
-
-        if (leftOver == 0)
-        {
-            if (forEncryption)
-            {
-                return total + buf.length;
-            }
-
-            return total;
-        }
-
-        return total - leftOver + buf.length;
-    }
-
-    /**
-     * return the size of the output buffer required for an update 
-     * an input of len bytes.
-     *
-     * @param len the length of the input.
-     * @return the space required to accommodate a call to update
-     * with len bytes of input.
-     */
-    public int getUpdateOutputSize(
-        int len)
-    {
-        int total       = len + bufOff;
-        int leftOver    = total % buf.length;
-
-        if (leftOver == 0)
-        {
-            return total - buf.length;
-        }
-
-        return total - leftOver;
-    }
-
-    /**
-     * process a single byte, producing an output block if neccessary.
-     *
-     * @param in the input byte.
-     * @param out the space for any output that might be produced.
-     * @param outOff the offset from which the output will be copied.
-     * @exception DataLengthException if there isn't enough space in out.
-     * @exception IllegalStateException if the cipher isn't initialised.
-     */
-    public int processByte(
-        byte        in,
-        byte[]      out,
-        int         outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        int         resultLen = 0;
-
-        if (bufOff == buf.length)
-        {
-            resultLen = cipher.processBlock(buf, 0, out, outOff);
-            bufOff = 0;
-        }
-
-        buf[bufOff++] = in;
-
-        return resultLen;
-    }
-
-    /**
-     * process an array of bytes, producing output if necessary.
-     *
-     * @param in the input byte array.
-     * @param inOff the offset at which the input data starts.
-     * @param len the number of bytes to be copied out of the input array.
-     * @param out the space for any output that might be produced.
-     * @param outOff the offset from which the output will be copied.
-     * @exception DataLengthException if there isn't enough space in out.
-     * @exception IllegalStateException if the cipher isn't initialised.
-     */
-    public int processBytes(
-        byte[]      in,
-        int         inOff,
-        int         len,
-        byte[]      out,
-        int         outOff)
-        throws DataLengthException, IllegalStateException
-    {
-        if (len < 0)
-        {
-            throw new IllegalArgumentException("Can't have a negative input length!");
-        }
-
-        int blockSize   = getBlockSize();
-        int length      = getUpdateOutputSize(len);
-        
-        if (length > 0)
-        {
-            if ((outOff + length) > out.length)
-            {
-                throw new OutputLengthException("output buffer too short");
-            }
-        }
-
-        int resultLen = 0;
-        int gapLen = buf.length - bufOff;
-
-        if (len > gapLen)
-        {
-            System.arraycopy(in, inOff, buf, bufOff, gapLen);
-
-            resultLen += cipher.processBlock(buf, 0, out, outOff);
-
-            bufOff = 0;
-            len -= gapLen;
-            inOff += gapLen;
-
-            while (len > buf.length)
-            {
-                resultLen += cipher.processBlock(in, inOff, out, outOff + resultLen);
-
-                len -= blockSize;
-                inOff += blockSize;
-            }
-        }
-
-        System.arraycopy(in, inOff, buf, bufOff, len);
-
-        bufOff += len;
-
-        return resultLen;
-    }
-
-    /**
-     * Process the last block in the buffer. If the buffer is currently
-     * full and padding needs to be added a call to doFinal will produce
-     * 2 * getBlockSize() bytes.
-     *
-     * @param out the array the block currently being held is copied into.
-     * @param outOff the offset at which the copying starts.
-     * @exception DataLengthException if there is insufficient space in out for
-     * the output or we are decrypting and the input is not block size aligned.
-     * @exception IllegalStateException if the underlying cipher is not
-     * initialised.
-     * @exception InvalidCipherTextException if padding is expected and not found.
-     */
-    public int doFinal(
-        byte[]  out,
-        int     outOff)
-        throws DataLengthException, IllegalStateException, InvalidCipherTextException
-    {
-        int blockSize = cipher.getBlockSize();
-        int resultLen = 0;
-
-        if (forEncryption)
-        {
-            if (bufOff == blockSize)
-            {
-                if ((outOff + 2 * blockSize) > out.length)
-                {
-                    throw new OutputLengthException("output buffer too short");
-                }
-
-                resultLen = cipher.processBlock(buf, 0, out, outOff);
-                bufOff = 0;
-            }
-
-            //
-            // add PKCS7 padding
-            //
-            byte code = (byte)(blockSize - bufOff);
-
-            while (bufOff < blockSize)
-            {
-                buf[bufOff] = code;
-                bufOff++;
-            }
-
-            resultLen += cipher.processBlock(buf, 0, out, outOff + resultLen);
-        }
-        else
-        {
-            if (bufOff == blockSize)
-            {
-                resultLen = cipher.processBlock(buf, 0, buf, 0);
-                bufOff = 0;
-            }
-            else
-            {
-                throw new DataLengthException("last block incomplete in decryption");
-            }
-
-            //
-            // remove PKCS7 padding
-            //
-            int count = buf[blockSize - 1] & 0xff;
-
-            if (count > blockSize)
-            {
-                throw new InvalidCipherTextException("pad block corrupted");
-            }
-
-            resultLen -= count;
-
-            System.arraycopy(buf, 0, out, outOff, resultLen);
-        }
-
-        reset();
-
-        return resultLen;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/gcm/BasicGCMMultiplier.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/gcm/BasicGCMMultiplier.java
deleted file mode 100644
index 22b43a6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/gcm/BasicGCMMultiplier.java
+++ /dev/null

@@ -1,19 +0,0 @@
-package org.bouncycastle.crypto.modes.gcm;
-
-public class BasicGCMMultiplier
-    implements GCMMultiplier
-{
-    private long[] H;
-
-    public void init(byte[] H)
-    {
-        this.H = GCMUtil.asLongs(H);
-    }
-
-    public void multiplyH(byte[] x)
-    {
-        long[] t = GCMUtil.asLongs(x);
-        GCMUtil.multiply(t, H);
-        GCMUtil.asBytes(t, x);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/gcm/Tables64kGCMMultiplier.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/gcm/Tables64kGCMMultiplier.java
deleted file mode 100644
index 6a63fad..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/gcm/Tables64kGCMMultiplier.java
+++ /dev/null

@@ -1,76 +0,0 @@
-package org.bouncycastle.crypto.modes.gcm;
-
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Pack;
-
-public class Tables64kGCMMultiplier
-    implements GCMMultiplier
-{
-    private byte[] H;
-    private long[][][] T;
-
-    public void init(byte[] H)
-    {
-        if (T == null)
-        {
-            T = new long[16][256][2];
-        }
-        else if (Arrays.areEqual(this.H, H))
-        {
-            return;
-        }
-
-        this.H = Arrays.clone(H);
-
-        for (int i = 0; i < 16; ++i)
-        {
-            long[][] t = T[i];
-
-            // t[0] = 0
-
-            if (i == 0)
-            {
-                // t[1] = H.p^7
-                GCMUtil.asLongs(this.H, t[1]);
-                GCMUtil.multiplyP7(t[1], t[1]);
-            }
-            else
-            {
-                // t[1] = T[i-1][1].p^8
-                GCMUtil.multiplyP8(T[i - 1][1], t[1]);
-            }
-
-            for (int n = 2; n < 256; n += 2)
-            {
-                // t[2.n] = t[n].p^-1
-                GCMUtil.divideP(t[n >> 1], t[n]);
-
-                // t[2.n + 1] = t[2.n] + t[1]
-                GCMUtil.xor(t[n], t[1], t[n + 1]);
-            }
-        }
-    }
-
-    public void multiplyH(byte[] x)
-    {
-//        long[] z = new long[2];
-//        for (int i = 15; i >= 0; --i)
-//        {
-//            GCMUtil.xor(z, T[i][x[i] & 0xFF]);
-//        }
-//        Pack.longToBigEndian(z, x, 0);
-
-        long[] t = T[15][x[15] & 0xFF];
-        long z0 = t[0], z1 = t[1];
-
-        for (int i = 14; i >= 0; --i)
-        {
-            t = T[i][x[i] & 0xFF];
-            z0 ^= t[0];
-            z1 ^= t[1];
-        }
-
-        Pack.longToBigEndian(z0, x, 0);
-        Pack.longToBigEndian(z1, x, 8);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/gcm/package.html b/bcprov/src/main/java/org/bouncycastle/crypto/modes/gcm/package.html
deleted file mode 100644
index 09c42f0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/gcm/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-GCM mode support classes.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/BasicKGCMMultiplier_128.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/BasicKGCMMultiplier_128.java
deleted file mode 100644
index 17d28bb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/BasicKGCMMultiplier_128.java
+++ /dev/null

@@ -1,17 +0,0 @@
-package org.bouncycastle.crypto.modes.kgcm;
-
-public class BasicKGCMMultiplier_128
-    implements KGCMMultiplier
-{
-    private final long[] H = new long[KGCMUtil_128.SIZE];
-
-    public void init(long[] H)
-    {
-        KGCMUtil_128.copy(H,  this.H);
-    }
-
-    public void multiplyH(long[] z)
-    {
-        KGCMUtil_128.multiply(z, H, z);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/BasicKGCMMultiplier_256.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/BasicKGCMMultiplier_256.java
deleted file mode 100644
index f14f920..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/BasicKGCMMultiplier_256.java
+++ /dev/null

@@ -1,17 +0,0 @@
-package org.bouncycastle.crypto.modes.kgcm;
-
-public class BasicKGCMMultiplier_256
-    implements KGCMMultiplier
-{
-    private final long[] H = new long[KGCMUtil_256.SIZE];
-
-    public void init(long[] H)
-    {
-        KGCMUtil_256.copy(H,  this.H);
-    }
-
-    public void multiplyH(long[] z)
-    {
-        KGCMUtil_256.multiply(z, H, z);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/BasicKGCMMultiplier_512.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/BasicKGCMMultiplier_512.java
deleted file mode 100644
index f2ad971..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/BasicKGCMMultiplier_512.java
+++ /dev/null

@@ -1,17 +0,0 @@
-package org.bouncycastle.crypto.modes.kgcm;
-
-public class BasicKGCMMultiplier_512
-    implements KGCMMultiplier
-{
-    private final long[] H = new long[KGCMUtil_512.SIZE];
-
-    public void init(long[] H)
-    {
-        KGCMUtil_512.copy(H,  this.H);
-    }
-
-    public void multiplyH(long[] z)
-    {
-        KGCMUtil_512.multiply(z, H, z);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/KGCMMultiplier.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/KGCMMultiplier.java
deleted file mode 100644
index d3b6673..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/KGCMMultiplier.java
+++ /dev/null

@@ -1,7 +0,0 @@
-package org.bouncycastle.crypto.modes.kgcm;
-
-public interface KGCMMultiplier
-{
-    void init(long[] H);
-    void multiplyH(long[] z);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/KGCMUtil_128.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/KGCMUtil_128.java
deleted file mode 100644
index 6a7befd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/KGCMUtil_128.java
+++ /dev/null

@@ -1,114 +0,0 @@
-package org.bouncycastle.crypto.modes.kgcm;
-
-import org.bouncycastle.math.raw.Interleave;
-
-/**
- * Utilities for the GF(2^m) field with corresponding extension polynomial:
- *
- * GF (2^128) -> x^128 + x^7 + x^2 + x + 1
- * 
- * The representation is little-endian arrays of 64-bit words
-*/
-public class KGCMUtil_128
-{
-    public static final int SIZE = 2;
-
-    public static void add(long[] x, long[] y, long[] z)
-    {
-        z[0] = x[0] ^ y[0];
-        z[1] = x[1] ^ y[1];
-    }
-
-    public static void copy(long[] x, long[] z)
-    {
-        z[0] = x[0];
-        z[1] = x[1];
-    }
-
-    public static boolean equal(long[] x, long[] y)
-    {
-        long d = 0L;
-        d |= x[0] ^ y[0];
-        d |= x[1] ^ y[1];
-        return d == 0L;
-    }
-
-    public static void multiply(long[] x, long[] y, long[] z)
-    {
-        long x0 = x[0], x1 = x[1];
-        long y0 = y[0], y1 = y[1];
-        long z0 = 0, z1 = 0, z2 = 0;
-
-        for (int j = 0; j < 64; ++j)
-        {
-            long m0 = -(x0 & 1L); x0 >>>= 1;
-            z0 ^= (y0 & m0);
-            z1 ^= (y1 & m0);
-
-            long m1 = -(x1 & 1L); x1 >>>= 1;
-            z1 ^= (y0 & m1);
-            z2 ^= (y1 & m1);
-
-            long c = y1 >> 63;
-            y1 = (y1 << 1) | (y0 >>> 63);
-            y0 = (y0 << 1) ^ (c & 0x87L);
-        }
-
-        z0 ^= z2 ^ (z2 <<   1) ^ (z2 <<   2) ^ (z2 <<   7);
-        z1 ^=      (z2 >>> 63) ^ (z2 >>> 62) ^ (z2 >>> 57);      
-
-        z[0] = z0; z[1] = z1;
-    }
-
-    public static void multiplyX(long[] x, long[] z)
-    {
-        long x0 = x[0], x1 = x[1];
-        long m = x1 >> 63;
-        z[0] = (x0 << 1) ^ (m & 0x87L);
-        z[1] = (x1 << 1) | (x0 >>> 63);
-    }
-
-    public static void multiplyX8(long[] x, long[] z)
-    {
-        long x0 = x[0], x1 = x[1];
-        long c = x1 >>> 56;
-        z[0] = (x0 << 8) ^ c ^ (c << 1) ^ (c << 2) ^ (c << 7);
-        z[1] = (x1 << 8) | (x0 >>> 56);
-    }
-
-    public static void one(long[] z)
-    {
-        z[0] = 1;
-        z[1] = 0;
-    }
-
-    public static void square(long[] x, long[] z)
-    {
-        long[] t  = new long[4];
-        Interleave.expand64To128(x[0], t, 0);
-        Interleave.expand64To128(x[1], t, 2);
-
-        long z0 = t[0], z1 = t[1], z2 = t[2], z3 = t[3];
-
-        z1 ^= z3 ^ (z3 <<   1) ^ (z3 <<   2) ^ (z3 <<   7);
-        z2 ^=      (z3 >>> 63) ^ (z3 >>> 62) ^ (z3 >>> 57);      
-
-        z0 ^= z2 ^ (z2 <<   1) ^ (z2 <<   2) ^ (z2 <<   7);
-        z1 ^=      (z2 >>> 63) ^ (z2 >>> 62) ^ (z2 >>> 57);      
-
-        z[0] = z0;
-        z[1] = z1;
-    }
-
-    public static void x(long[] z)
-    {
-        z[0] = 2;
-        z[1] = 0;
-    }
-
-    public static void zero(long[] z)
-    {
-        z[0] = 0;
-        z[1] = 0;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/KGCMUtil_256.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/KGCMUtil_256.java
deleted file mode 100644
index fffd204..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/KGCMUtil_256.java
+++ /dev/null

@@ -1,164 +0,0 @@
-package org.bouncycastle.crypto.modes.kgcm;
-
-import org.bouncycastle.math.raw.Interleave;
-
-/**
- * Utilities for the GF(2^m) field with corresponding extension polynomial:
- *
- * GF (2^256) -> x^256 + x^10 + x^5 + x^2 + 1
- * 
- * The representation is little-endian arrays of 64-bit words
-*/
-public class KGCMUtil_256
-{
-    public static final int SIZE = 4;
-
-    public static void add(long[] x, long[] y, long[] z)
-    {
-        z[0] = x[0] ^ y[0];
-        z[1] = x[1] ^ y[1];
-        z[2] = x[2] ^ y[2];
-        z[3] = x[3] ^ y[3];
-    }
-
-    public static void copy(long[] x, long[] z)
-    {
-        z[0] = x[0];
-        z[1] = x[1];
-        z[2] = x[2];
-        z[3] = x[3];
-    }
-
-    public static boolean equal(long[] x, long[] y)
-    {
-        long d = 0L;
-        d |= x[0] ^ y[0];
-        d |= x[1] ^ y[1];
-        d |= x[2] ^ y[2];
-        d |= x[3] ^ y[3];
-        return d == 0L;
-    }
-
-    public static void multiply(long[] x, long[] y, long[] z)
-    {
-        long x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3];
-        long y0 = y[0], y1 = y[1], y2 = y[2], y3 = y[3];
-        long z0 = 0, z1 = 0, z2 = 0, z3 = 0, z4 = 0;
-
-        for (int j = 0; j < 64; ++j)
-        {
-            long m0 = -(x0 & 1L); x0 >>>= 1;
-            z0 ^= (y0 & m0);
-            z1 ^= (y1 & m0);
-            z2 ^= (y2 & m0);
-            z3 ^= (y3 & m0);
-
-            long m1 = -(x1 & 1L); x1 >>>= 1;
-            z1 ^= (y0 & m1);
-            z2 ^= (y1 & m1);
-            z3 ^= (y2 & m1);
-            z4 ^= (y3 & m1);
-
-            long c = y3 >> 63;
-            y3 = (y3 << 1) | (y2 >>> 63);
-            y2 = (y2 << 1) | (y1 >>> 63);
-            y1 = (y1 << 1) | (y0 >>> 63);
-            y0 = (y0 << 1) ^ (c & 0x425L);
-        }
-
-        long y4 = y3;
-        y3 = y2;
-        y2 = y1;
-        y1 = y0 ^ (y4 >>> 62) ^ (y4 >>> 59) ^ (y4 >>> 54);
-        y0 = y4 ^ (y4 <<   2) ^ (y4 <<   5) ^ (y4 <<  10);
-
-        for (int j = 0; j < 64; ++j)
-        {
-            long m2 = -(x2 & 1L); x2 >>>= 1;
-            z0 ^= (y0 & m2);
-            z1 ^= (y1 & m2);
-            z2 ^= (y2 & m2);
-            z3 ^= (y3 & m2);
-
-            long m3 = -(x3 & 1L); x3 >>>= 1;
-            z1 ^= (y0 & m3);
-            z2 ^= (y1 & m3);
-            z3 ^= (y2 & m3);
-            z4 ^= (y3 & m3);
-
-            long c = y3 >> 63;
-            y3 = (y3 << 1) | (y2 >>> 63);
-            y2 = (y2 << 1) | (y1 >>> 63);
-            y1 = (y1 << 1) | (y0 >>> 63);
-            y0 = (y0 << 1) ^ (c & 0x425L);
-        }
-
-        z0 ^= z4 ^ (z4 <<   2) ^ (z4 <<   5) ^ (z4 <<  10);
-        z1 ^=      (z4 >>> 62) ^ (z4 >>> 59) ^ (z4 >>> 54);      
-
-        z[0] = z0; z[1] = z1; z[2] = z2; z[3] = z3;
-    }
-
-    public static void multiplyX(long[] x, long[] z)
-    {
-        long x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3];
-        long m = x3 >> 63;
-        z[0] = (x0 << 1) ^ (m & 0x425L);
-        z[1] = (x1 << 1) | (x0 >>> 63);
-        z[2] = (x2 << 1) | (x1 >>> 63);
-        z[3] = (x3 << 1) | (x2 >>> 63);
-    }
-
-    public static void multiplyX8(long[] x, long[] z)
-    {
-        long x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3];
-        long c = x3 >>> 56;
-        z[0] = (x0 << 8) ^ c ^ (c << 2) ^ (c << 5) ^ (c << 10);
-        z[1] = (x1 << 8) | (x0 >>> 56);
-        z[2] = (x2 << 8) | (x1 >>> 56);
-        z[3] = (x3 << 8) | (x2 >>> 56);
-    }
-
-    public static void one(long[] z)
-    {
-        z[0] = 1;
-        z[1] = 0;
-        z[2] = 0;
-        z[3] = 0;
-    }
-
-    public static void square(long[] x, long[] z)
-    {
-        long[] t  = new long[SIZE << 1];
-        for (int i = 0; i < SIZE; ++i)
-        {
-            Interleave.expand64To128(x[i], t, i << 1);
-        }
-
-        int j = SIZE << 1;
-        while (--j >= SIZE)
-        {
-            long n = t[j];
-            t[j - SIZE    ] ^= n ^ (n <<   2) ^ (n <<   5) ^ (n <<  10);
-            t[j - SIZE + 1] ^=     (n >>> 62) ^ (n >>> 59) ^ (n >>> 54);      
-        }
-
-        copy(t, z);
-    }
-
-    public static void x(long[] z)
-    {
-        z[0] = 2;
-        z[1] = 0;
-        z[2] = 0;
-        z[3] = 0;
-    }
-
-    public static void zero(long[] z)
-    {
-        z[0] = 0;
-        z[1] = 0;
-        z[2] = 0;
-        z[3] = 0;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/KGCMUtil_512.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/KGCMUtil_512.java
deleted file mode 100644
index 1a25908..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/KGCMUtil_512.java
+++ /dev/null

@@ -1,201 +0,0 @@
-package org.bouncycastle.crypto.modes.kgcm;
-
-import org.bouncycastle.math.raw.Interleave;
-
-/**
- * Utilities for the GF(2^m) field with corresponding extension polynomial:
- *
- * GF (2^512) -> x^512 + x^8 + x^5 + x^2 + 1
- * 
- * The representation is little-endian arrays of 64-bit words
- */
-public class KGCMUtil_512
-{
-    public static final int SIZE = 8;
-
-    public static void add(long[] x, long[] y, long[] z)
-    {
-        z[0] = x[0] ^ y[0];
-        z[1] = x[1] ^ y[1];
-        z[2] = x[2] ^ y[2];
-        z[3] = x[3] ^ y[3];
-        z[4] = x[4] ^ y[4];
-        z[5] = x[5] ^ y[5];
-        z[6] = x[6] ^ y[6];
-        z[7] = x[7] ^ y[7];
-    }
-
-    public static void copy(long[] x, long[] z)
-    {
-        z[0] = x[0];
-        z[1] = x[1];
-        z[2] = x[2];
-        z[3] = x[3];
-        z[4] = x[4];
-        z[5] = x[5];
-        z[6] = x[6];
-        z[7] = x[7];
-    }
-
-    public static boolean equal(long[] x, long[] y)
-    {
-        long d = 0L;
-        d |= x[0] ^ y[0];
-        d |= x[1] ^ y[1];
-        d |= x[2] ^ y[2];
-        d |= x[3] ^ y[3];
-        d |= x[4] ^ y[4];
-        d |= x[5] ^ y[5];
-        d |= x[6] ^ y[6];
-        d |= x[7] ^ y[7];
-        return d == 0L;
-    }
-
-    public static void multiply(long[] x, long[] y, long[] z)
-    {
-        long y0 = y[0], y1 = y[1], y2 = y[2], y3 = y[3];
-        long y4 = y[4], y5 = y[5], y6 = y[6], y7 = y[7];
-        long z0 = 0, z1 = 0, z2 = 0, z3 = 0;
-        long z4 = 0, z5 = 0, z6 = 0, z7 = 0;
-        long z8 = 0;
-
-        for (int i = 0; i < 8; i += 2)
-        {
-            long x0 = x[i], x1 = x[i + 1];
-
-            for (int j = 0; j < 64; ++j)
-            {
-                long m0 = -(x0 & 1L); x0 >>>= 1;
-                z0 ^= (y0 & m0);
-                z1 ^= (y1 & m0);
-                z2 ^= (y2 & m0);
-                z3 ^= (y3 & m0);
-                z4 ^= (y4 & m0);
-                z5 ^= (y5 & m0);
-                z6 ^= (y6 & m0);
-                z7 ^= (y7 & m0);
-
-                long m1 = -(x1 & 1L); x1 >>>= 1;
-                z1 ^= (y0 & m1);
-                z2 ^= (y1 & m1);
-                z3 ^= (y2 & m1);
-                z4 ^= (y3 & m1);
-                z5 ^= (y4 & m1);
-                z6 ^= (y5 & m1);
-                z7 ^= (y6 & m1);
-                z8 ^= (y7 & m1);
-
-                long c = y7 >> 63;
-                y7 = (y7 << 1) | (y6 >>> 63);
-                y6 = (y6 << 1) | (y5 >>> 63);
-                y5 = (y5 << 1) | (y4 >>> 63);
-                y4 = (y4 << 1) | (y3 >>> 63);
-                y3 = (y3 << 1) | (y2 >>> 63);
-                y2 = (y2 << 1) | (y1 >>> 63);
-                y1 = (y1 << 1) | (y0 >>> 63);
-                y0 = (y0 << 1) ^ (c & 0x125L);
-            }
-
-            long y8 = y7;
-            y7 = y6;
-            y6 = y5;
-            y5 = y4;
-            y4 = y3;
-            y3 = y2;
-            y2 = y1;
-            y1 = y0 ^ (y8 >>> 62) ^ (y8 >>> 59) ^ (y8 >>> 56);
-            y0 = y8 ^ (y8 <<   2) ^ (y8 <<   5) ^ (y8 <<   8);
-        }
-
-        z0 ^= z8 ^ (z8 <<   2) ^ (z8 <<   5) ^ (z8 <<   8);
-        z1 ^=      (z8 >>> 62) ^ (z8 >>> 59) ^ (z8 >>> 56);
-
-        z[0] = z0; z[1] = z1; z[2] = z2; z[3] = z3;
-        z[4] = z4; z[5] = z5; z[6] = z6; z[7] = z7;
-    }
-
-    public static void multiplyX(long[] x, long[] z)
-    {
-        long x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3];
-        long x4 = x[4], x5 = x[5], x6 = x[6], x7 = x[7];
-        long m = x7 >> 63;
-        z[0] = (x0 << 1) ^ (m & 0x125L);
-        z[1] = (x1 << 1) | (x0 >>> 63);
-        z[2] = (x2 << 1) | (x1 >>> 63);
-        z[3] = (x3 << 1) | (x2 >>> 63);
-        z[4] = (x4 << 1) | (x3 >>> 63);
-        z[5] = (x5 << 1) | (x4 >>> 63);
-        z[6] = (x6 << 1) | (x5 >>> 63);
-        z[7] = (x7 << 1) | (x6 >>> 63);
-    }
-
-    public static void multiplyX8(long[] x, long[] z)
-    {
-        long x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3];
-        long x4 = x[4], x5 = x[5], x6 = x[6], x7 = x[7];
-        long c = x7 >>> 56;
-        z[0] = (x0 << 8) ^ c ^ (c << 2) ^ (c << 5) ^ (c << 8);
-        z[1] = (x1 << 8) | (x0 >>> 56);
-        z[2] = (x2 << 8) | (x1 >>> 56);
-        z[3] = (x3 << 8) | (x2 >>> 56);
-        z[4] = (x4 << 8) | (x3 >>> 56);
-        z[5] = (x5 << 8) | (x4 >>> 56);
-        z[6] = (x6 << 8) | (x5 >>> 56);
-        z[7] = (x7 << 8) | (x6 >>> 56);
-    }
-
-    public static void one(long[] z)
-    {
-        z[0] = 1;
-        z[1] = 0;
-        z[2] = 0;
-        z[3] = 0;
-        z[4] = 0;
-        z[5] = 0;
-        z[6] = 0;
-        z[7] = 0;
-    }
-
-    public static void square(long[] x, long[] z)
-    {
-        long[] t  = new long[SIZE << 1];
-        for (int i = 0; i < SIZE; ++i)
-        {
-            Interleave.expand64To128(x[i], t, i << 1);
-        }
-
-        int j = SIZE << 1;
-        while (--j >= SIZE)
-        {
-            long n = t[j];
-            t[j - SIZE    ] ^= n ^ (n <<   2) ^ (n <<   5) ^ (n <<   8);
-            t[j - SIZE + 1] ^=     (n >>> 62) ^ (n >>> 59) ^ (n >>> 56);      
-        }
-
-        copy(t, z);
-    }
-
-    public static void x(long[] z)
-    {
-        z[0] = 2;
-        z[1] = 0;
-        z[2] = 0;
-        z[3] = 0;
-        z[4] = 0;
-        z[5] = 0;
-        z[6] = 0;
-        z[7] = 0;
-    }
-
-    public static void zero(long[] z)
-    {
-        z[0] = 0;
-        z[1] = 0;
-        z[2] = 0;
-        z[3] = 0;
-        z[4] = 0;
-        z[5] = 0;
-        z[6] = 0;
-        z[7] = 0;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/Tables16kKGCMMultiplier_512.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/Tables16kKGCMMultiplier_512.java
deleted file mode 100644
index 7c9aff7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/Tables16kKGCMMultiplier_512.java
+++ /dev/null

@@ -1,45 +0,0 @@
-package org.bouncycastle.crypto.modes.kgcm;
-
-public class Tables16kKGCMMultiplier_512
-    implements KGCMMultiplier
-{
-    private long[][] T;
-
-    public void init(long[] H)
-    {
-        if (T == null)
-        {
-            T = new long[256][KGCMUtil_512.SIZE];
-        }
-        else if (KGCMUtil_512.equal(H, T[1]))
-        {
-            return;
-        }
-
-        // T[0] = 0
-
-        // T[1] = H
-        KGCMUtil_512.copy(H, T[1]);
-
-        for (int n = 2; n < 256; n += 2)
-        {
-            // T[2.n] = x.T[n]
-            KGCMUtil_512.multiplyX(T[n >> 1], T[n]);
-
-            // T[2.n + 1] = T[2.n] + T[1]
-            KGCMUtil_512.add(T[n], T[1], T[n + 1]);
-        }
-    }
-
-    public void multiplyH(long[] z)
-    {
-        long[] r = new long[KGCMUtil_512.SIZE];
-        KGCMUtil_512.copy(T[(int)(z[KGCMUtil_512.SIZE - 1] >>> 56) & 0xFF], r);
-        for (int i = (KGCMUtil_512.SIZE << 3) - 2; i >= 0; --i)
-        {
-            KGCMUtil_512.multiplyX8(r, r);
-            KGCMUtil_512.add(T[(int)(z[i >>> 3] >>> ((i & 7) << 3)) & 0xFF], r, r);
-        }
-        KGCMUtil_512.copy(r, z);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/Tables4kKGCMMultiplier_128.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/Tables4kKGCMMultiplier_128.java
deleted file mode 100644
index 3502b4a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/Tables4kKGCMMultiplier_128.java
+++ /dev/null

@@ -1,45 +0,0 @@
-package org.bouncycastle.crypto.modes.kgcm;
-
-public class Tables4kKGCMMultiplier_128
-    implements KGCMMultiplier
-{
-    private long[][] T;
-
-    public void init(long[] H)
-    {
-        if (T == null)
-        {
-            T = new long[256][KGCMUtil_128.SIZE];
-        }
-        else if (KGCMUtil_128.equal(H, T[1]))
-        {
-            return;
-        }
-
-        // T[0] = 0
-
-        // T[1] = H
-        KGCMUtil_128.copy(H, T[1]);
-
-        for (int n = 2; n < 256; n += 2)
-        {
-            // T[2.n] = x.T[n]
-            KGCMUtil_128.multiplyX(T[n >> 1], T[n]);
-
-            // T[2.n + 1] = T[2.n] + T[1]
-            KGCMUtil_128.add(T[n], T[1], T[n + 1]);
-        }
-    }
-
-    public void multiplyH(long[] z)
-    {
-        long[] r = new long[KGCMUtil_128.SIZE];
-        KGCMUtil_128.copy(T[(int)(z[KGCMUtil_128.SIZE - 1] >>> 56) & 0xFF], r);
-        for (int i = (KGCMUtil_128.SIZE << 3) - 2; i >= 0; --i)
-        {
-            KGCMUtil_128.multiplyX8(r, r);
-            KGCMUtil_128.add(T[(int)(z[i >>> 3] >>> ((i & 7) << 3)) & 0xFF], r, r);
-        }
-        KGCMUtil_128.copy(r, z);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/Tables8kKGCMMultiplier_256.java b/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/Tables8kKGCMMultiplier_256.java
deleted file mode 100644
index 42ec9c0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/kgcm/Tables8kKGCMMultiplier_256.java
+++ /dev/null

@@ -1,45 +0,0 @@
-package org.bouncycastle.crypto.modes.kgcm;
-
-public class Tables8kKGCMMultiplier_256
-    implements KGCMMultiplier
-{
-    private long[][] T;
-
-    public void init(long[] H)
-    {
-        if (T == null)
-        {
-            T = new long[256][KGCMUtil_256.SIZE];
-        }
-        else if (KGCMUtil_256.equal(H, T[1]))
-        {
-            return;
-        }
-
-        // T[0] = 0
-
-        // T[1] = H
-        KGCMUtil_256.copy(H, T[1]);
-
-        for (int n = 2; n < 256; n += 2)
-        {
-            // T[2.n] = x.T[n]
-            KGCMUtil_256.multiplyX(T[n >> 1], T[n]);
-
-            // T[2.n + 1] = T[2.n] + T[1]
-            KGCMUtil_256.add(T[n], T[1], T[n + 1]);
-        }
-    }
-
-    public void multiplyH(long[] z)
-    {
-        long[] r = new long[KGCMUtil_256.SIZE];
-        KGCMUtil_256.copy(T[(int)(z[KGCMUtil_256.SIZE - 1] >>> 56) & 0xFF], r);
-        for (int i = (KGCMUtil_256.SIZE << 3) - 2; i >= 0; --i)
-        {
-            KGCMUtil_256.multiplyX8(r, r);
-            KGCMUtil_256.add(T[(int)(z[i >>> 3] >>> ((i & 7) << 3)) & 0xFF], r, r);
-        }
-        KGCMUtil_256.copy(r, z);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/modes/package.html b/bcprov/src/main/java/org/bouncycastle/crypto/modes/package.html
deleted file mode 100644
index 5402df4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/modes/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Modes for symmetric ciphers.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/package.html b/bcprov/src/main/java/org/bouncycastle/crypto/package.html
deleted file mode 100644
index ee5487f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Base classes for the lightweight API.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/paddings/package.html b/bcprov/src/main/java/org/bouncycastle/crypto/paddings/package.html
deleted file mode 100644
index 2b82e60..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/paddings/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Paddings for symmetric ciphers.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/Argon2Parameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/Argon2Parameters.java
deleted file mode 100644
index 89bef26..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/Argon2Parameters.java
+++ /dev/null

@@ -1,206 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.CharToByteConverter;
-import org.bouncycastle.crypto.PasswordConverter;
-import org.bouncycastle.util.Arrays;
-
-public class Argon2Parameters
-{
-    public static final int ARGON2_d = 0x00;
-    public static final int ARGON2_i = 0x01;
-    public static final int ARGON2_id = 0x02;
-
-    public static final int ARGON2_VERSION_10 = 0x10;
-    public static final int ARGON2_VERSION_13 = 0x13;
-
-    private static final int DEFAULT_ITERATIONS = 3;
-    private static final int DEFAULT_MEMORY_COST = 12;
-    private static final int DEFAULT_LANES = 1;
-    private static final int DEFAULT_TYPE = ARGON2_i;
-    private static final int DEFAULT_VERSION = ARGON2_VERSION_13;
-
-    public static class Builder
-    {
-        private byte[] salt;
-        private byte[] secret;
-        private byte[] additional;
-
-        private int iterations;
-        private int memory;
-        private int lanes;
-
-        private int version;
-        private final int type;
-        
-        private CharToByteConverter converter = PasswordConverter.UTF8;
-
-        public Builder()
-        {
-            this(DEFAULT_TYPE);
-        }
-
-        public Builder(int type)
-        {
-            this.type = type;
-            this.lanes = DEFAULT_LANES;
-            this.memory = 1 << DEFAULT_MEMORY_COST;
-            this.iterations = DEFAULT_ITERATIONS;
-            this.version = DEFAULT_VERSION;
-        }
-
-        public Builder withParallelism(int parallelism)
-        {
-            this.lanes = parallelism;
-            return this;
-        }
-
-        public Builder withSalt(byte[] salt)
-        {
-            this.salt = Arrays.clone(salt);
-            return this;
-        }
-
-        public Builder withSecret(byte[] secret)
-        {
-            this.secret = Arrays.clone(secret);
-            return this;
-        }
-
-        public Builder withAdditional(byte[] additional)
-        {
-            this.additional = Arrays.clone(additional);
-            return this;
-        }
-
-        public Builder withIterations(int iterations)
-        {
-            this.iterations = iterations;
-            return this;
-        }
-
-
-        public Builder withMemoryAsKB(int memory)
-        {
-            this.memory = memory;
-            return this;
-        }
-
-
-        public Builder withMemoryPowOfTwo(int memory)
-        {
-            this.memory = 1 << memory;
-            return this;
-        }
-
-        public Builder withVersion(int version)
-        {
-            this.version = version;
-            return this;
-        }
-        
-        public Builder withCharToByteConverter(CharToByteConverter converter)
-        {
-            this.converter = converter;
-            return this;
-        }
-
-        public Argon2Parameters build()
-        {
-            return new Argon2Parameters(type, salt, secret, additional, iterations, memory, lanes, version, converter);
-        }
-
-        public void clear()
-        {
-            Arrays.clear(salt);
-            Arrays.clear(secret);
-            Arrays.clear(additional);
-        }
-    }
-
-    private final byte[] salt;
-    private final byte[] secret;
-    private final byte[] additional;
-
-    private final int iterations;
-    private final int memory;
-    private final int lanes;
-
-    private final int version;
-    private final int type;
-    private final CharToByteConverter converter;
-
-    private Argon2Parameters(
-        int type,
-        byte[] salt,
-        byte[] secret,
-        byte[] additional,
-        int iterations,
-        int memory,
-        int lanes,
-        int version,
-        CharToByteConverter converter)
-    {
-
-        this.salt = Arrays.clone(salt);
-        this.secret = Arrays.clone(secret);
-        this.additional = Arrays.clone(additional);
-        this.iterations = iterations;
-        this.memory = memory;
-        this.lanes = lanes;
-        this.version = version;
-        this.type = type;
-        this.converter = converter;
-    }
-
-    public byte[] getSalt()
-    {
-        return Arrays.clone(salt);
-    }
-
-    public byte[] getSecret()
-    {
-        return Arrays.clone(secret);
-    }
-
-    public byte[] getAdditional()
-    {
-        return Arrays.clone(additional);
-    }
-
-    public int getIterations()
-    {
-        return iterations;
-    }
-
-    public int getMemory()
-    {
-        return memory;
-    }
-
-    public int getLanes()
-    {
-        return lanes;
-    }
-
-    public int getVersion()
-    {
-        return version;
-    }
-
-    public int getType()
-    {
-        return type;
-    }
-
-    public CharToByteConverter getCharToByteConverter()
-    {
-        return converter;
-    }
-
-    public void clear()
-    {
-        Arrays.clear(salt);
-        Arrays.clear(secret);
-        Arrays.clear(additional);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/CCMParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/CCMParameters.java
deleted file mode 100644
index 4924dcc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/CCMParameters.java
+++ /dev/null

@@ -1,21 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-/**
- * @deprecated use AEADParameters
- */
-public class CCMParameters
-    extends AEADParameters
-{
-    /**
-     * Base constructor.
-     * 
-     * @param key key to be used by underlying cipher
-     * @param macSize macSize in bits
-     * @param nonce nonce to be used
-     * @param associatedText associated text, if any
-     */
-    public CCMParameters(KeyParameter key, int macSize, byte[] nonce, byte[] associatedText)
-    {
-        super(key, macSize, nonce, associatedText);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/CramerShoupKeyGenerationParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/CramerShoupKeyGenerationParameters.java
deleted file mode 100644
index 001cd59..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/CramerShoupKeyGenerationParameters.java
+++ /dev/null

@@ -1,29 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.KeyGenerationParameters;
-
-public class CramerShoupKeyGenerationParameters
-	extends KeyGenerationParameters
-{
-
-	private CramerShoupParameters params;
-
-	public CramerShoupKeyGenerationParameters(SecureRandom random, CramerShoupParameters params)
-	{
-		super(random, getStrength(params));
-
-		this.params = params;
-	}
-
-	public CramerShoupParameters getParameters()
-	{
-		return params;
-	}
-
-	static int getStrength(CramerShoupParameters params)
-	{
-		return params.getP().bitLength();
-	}
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/CramerShoupKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/CramerShoupKeyParameters.java
deleted file mode 100644
index 9e4219c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/CramerShoupKeyParameters.java
+++ /dev/null

@@ -1,40 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-public class CramerShoupKeyParameters extends AsymmetricKeyParameter {
-	
-	private CramerShoupParameters params;
-
-	protected CramerShoupKeyParameters(boolean isPrivate, CramerShoupParameters params) {
-		super(isPrivate);
-
-		this.params = params;
-	}
-
-	public CramerShoupParameters getParameters() {
-		return params;
-	}
-
-	public boolean equals(Object obj) {
-		if (!(obj instanceof CramerShoupKeyParameters)) {
-			return false;
-		}
-
-		CramerShoupKeyParameters csKey = (CramerShoupKeyParameters) obj;
-
-		if (params == null) {
-			return csKey.getParameters() == null;
-		} else {
-			return params.equals(csKey.getParameters());
-		}
-	}
-
-	public int hashCode() {
-		int code = isPrivate() ? 0 : 1;
-
-		if (params != null) {
-			code ^= params.hashCode();
-		}
-
-		return code;
-	}
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/CramerShoupParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/CramerShoupParameters.java
deleted file mode 100644
index 1e9e90b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/CramerShoupParameters.java
+++ /dev/null

@@ -1,64 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.util.Memoable;
-
-public class CramerShoupParameters
-    implements CipherParameters
-{
-
-    private BigInteger p; // prime order of G
-    private BigInteger g1, g2; // generate G
-
-    private Digest H; // hash function
-
-    public CramerShoupParameters(BigInteger p, BigInteger g1, BigInteger g2, Digest H)
-    {
-        this.p = p;
-        this.g1 = g1;
-        this.g2 = g2;
-        this.H = (Digest)((Memoable)H).copy();
-        this.H.reset();
-    }
-
-    public boolean equals(Object obj)
-    {
-        if (!(obj instanceof CramerShoupParameters))
-        {
-            return false;
-        }
-
-        CramerShoupParameters pm = (CramerShoupParameters)obj;
-
-        return (pm.getP().equals(p) && pm.getG1().equals(g1) && pm.getG2().equals(g2));
-    }
-
-    public int hashCode()
-    {
-        return getP().hashCode() ^ getG1().hashCode() ^ getG2().hashCode();
-    }
-
-    public BigInteger getG1()
-    {
-        return g1;
-    }
-
-    public BigInteger getG2()
-    {
-        return g2;
-    }
-
-    public BigInteger getP()
-    {
-        return p;
-    }
-
-    public Digest getH()
-    {
-        return (Digest)((Memoable)H).copy();
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/CramerShoupPrivateKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/CramerShoupPrivateKeyParameters.java
deleted file mode 100644
index 79de46a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/CramerShoupPrivateKeyParameters.java
+++ /dev/null

@@ -1,61 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import java.math.BigInteger;
-
-public class CramerShoupPrivateKeyParameters extends CramerShoupKeyParameters {
-	
-	private BigInteger x1, x2, y1, y2, z; // Z_p
-	private CramerShoupPublicKeyParameters pk; // public key
-
-	public CramerShoupPrivateKeyParameters(CramerShoupParameters params, BigInteger x1, BigInteger x2, BigInteger y1, BigInteger y2, BigInteger z) {
-		super(true, params);
-
-		this.x1 = x1;
-		this.x2 = x2;
-		this.y1 = y1;
-		this.y2 = y2;
-		this.z = z;
-	}
-
-	public BigInteger getX1() {
-		return x1;
-	}
-	
-	public BigInteger getX2() {
-		return x2;
-	}
-	
-	public BigInteger getY1() {
-		return y1;
-	}
-	
-	public BigInteger getY2() {
-		return y2;
-	}
-	
-	public BigInteger getZ() {
-		return z;
-	}
-	
-	public void setPk(CramerShoupPublicKeyParameters pk) {
-		this.pk = pk;
-	}
-	
-	public CramerShoupPublicKeyParameters getPk() {
-		return pk;
-	}
-
-	public int hashCode() {
-		return x1.hashCode() ^ x2.hashCode() ^ y1.hashCode() ^ y2.hashCode() ^ z.hashCode() ^ super.hashCode();
-	}
-
-	public boolean equals(Object obj) {
-		if (!(obj instanceof CramerShoupPrivateKeyParameters)) {
-			return false;
-		}
-
-		CramerShoupPrivateKeyParameters other = (CramerShoupPrivateKeyParameters) obj;
-
-		return other.getX1().equals(this.x1) && other.getX2().equals(this.x2) && other.getY1().equals(this.y1) && other.getY2().equals(this.y2) && other.getZ().equals(this.z) && super.equals(obj);
-	}
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/CramerShoupPublicKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/CramerShoupPublicKeyParameters.java
deleted file mode 100644
index 341149c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/CramerShoupPublicKeyParameters.java
+++ /dev/null

@@ -1,42 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import java.math.BigInteger;
-
-public class CramerShoupPublicKeyParameters extends CramerShoupKeyParameters {
-	
-	private BigInteger c, d, h; // public key group elements
-
-	public CramerShoupPublicKeyParameters(CramerShoupParameters params, BigInteger c, BigInteger d, BigInteger h) {
-		super(false, params);
-
-		this.c = c;
-		this.d = d;
-		this.h = h;
-	}
-
-	public BigInteger getC() {
-		return c;
-	}
-	
-	public BigInteger getD() {
-		return d;
-	}
-	
-	public BigInteger getH() {
-		return h;
-	}
-
-	public int hashCode() {
-		return c.hashCode() ^ d.hashCode() ^ h.hashCode() ^ super.hashCode();
-	}
-
-	public boolean equals(Object obj) {
-		if (!(obj instanceof CramerShoupPublicKeyParameters)) {
-			return false;
-		}
-
-		CramerShoupPublicKeyParameters other = (CramerShoupPublicKeyParameters) obj;
-
-		return other.getC().equals(c) && other.getD().equals(d) && other.getH().equals(h) && super.equals(obj);
-	}
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/DHMQVPrivateParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/DHMQVPrivateParameters.java
deleted file mode 100644
index 9f5d73a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/DHMQVPrivateParameters.java
+++ /dev/null

@@ -1,69 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.CipherParameters;
-
-public class DHMQVPrivateParameters
-    implements CipherParameters
-{
-    private DHPrivateKeyParameters staticPrivateKey;
-    private DHPrivateKeyParameters ephemeralPrivateKey;
-    private DHPublicKeyParameters ephemeralPublicKey;
-
-    public DHMQVPrivateParameters(
-        DHPrivateKeyParameters  staticPrivateKey,
-        DHPrivateKeyParameters  ephemeralPrivateKey)
-    {
-        this(staticPrivateKey, ephemeralPrivateKey, null);
-    }
-
-    public DHMQVPrivateParameters(
-        DHPrivateKeyParameters  staticPrivateKey,
-        DHPrivateKeyParameters  ephemeralPrivateKey,
-        DHPublicKeyParameters   ephemeralPublicKey)
-    {
-        if (staticPrivateKey == null)
-        {
-            throw new NullPointerException("staticPrivateKey cannot be null");
-        }
-        if (ephemeralPrivateKey == null)
-        {
-            throw new NullPointerException("ephemeralPrivateKey cannot be null");
-        }
-
-        DHParameters parameters = staticPrivateKey.getParameters();
-        if (!parameters.equals(ephemeralPrivateKey.getParameters()))
-        {
-            throw new IllegalArgumentException("Static and ephemeral private keys have different domain parameters");
-        }
-
-        if (ephemeralPublicKey == null)
-        {
-            ephemeralPublicKey = new DHPublicKeyParameters(
-                parameters.getG().multiply(ephemeralPrivateKey.getX()),
-                parameters);
-        }
-        else if (!parameters.equals(ephemeralPublicKey.getParameters()))
-        {
-            throw new IllegalArgumentException("Ephemeral public key has different domain parameters");
-        }
-
-        this.staticPrivateKey = staticPrivateKey;
-        this.ephemeralPrivateKey = ephemeralPrivateKey;
-        this.ephemeralPublicKey = ephemeralPublicKey;
-    }
-
-    public DHPrivateKeyParameters getStaticPrivateKey()
-    {
-        return staticPrivateKey;
-    }
-
-    public DHPrivateKeyParameters getEphemeralPrivateKey()
-    {
-        return ephemeralPrivateKey;
-    }
-
-    public DHPublicKeyParameters getEphemeralPublicKey()
-    {
-        return ephemeralPublicKey;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/DHMQVPublicParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/DHMQVPublicParameters.java
deleted file mode 100644
index ca21a67..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/DHMQVPublicParameters.java
+++ /dev/null

@@ -1,41 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.CipherParameters;
-
-public class DHMQVPublicParameters
-    implements CipherParameters
-{
-    private DHPublicKeyParameters staticPublicKey;
-    private DHPublicKeyParameters ephemeralPublicKey;
-
-    public DHMQVPublicParameters(
-        DHPublicKeyParameters   staticPublicKey,
-        DHPublicKeyParameters   ephemeralPublicKey)
-    {
-        if (staticPublicKey == null)
-        {
-            throw new NullPointerException("staticPublicKey cannot be null");
-        }
-        if (ephemeralPublicKey == null)
-        {
-            throw new NullPointerException("ephemeralPublicKey cannot be null");
-        }
-        if (!staticPublicKey.getParameters().equals(ephemeralPublicKey.getParameters()))
-        {
-            throw new IllegalArgumentException("Static and ephemeral public keys have different domain parameters");
-        }
-
-        this.staticPublicKey = staticPublicKey;
-        this.ephemeralPublicKey = ephemeralPublicKey;
-    }
-
-    public DHPublicKeyParameters getStaticPublicKey()
-    {
-        return staticPublicKey;
-    }
-
-    public DHPublicKeyParameters getEphemeralPublicKey()
-    {
-        return ephemeralPublicKey;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/DHUPrivateParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/DHUPrivateParameters.java
deleted file mode 100644
index 31836ce..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/DHUPrivateParameters.java
+++ /dev/null

@@ -1,72 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.CipherParameters;
-
-/**
- * Parameters holder for private unified static/ephemeral agreement as described in NIST SP 800-56A.
- */
-public class DHUPrivateParameters
-    implements CipherParameters
-{
-    private DHPrivateKeyParameters staticPrivateKey;
-    private DHPrivateKeyParameters ephemeralPrivateKey;
-    private DHPublicKeyParameters ephemeralPublicKey;
-
-    public DHUPrivateParameters(
-        DHPrivateKeyParameters  staticPrivateKey,
-        DHPrivateKeyParameters  ephemeralPrivateKey)
-    {
-        this(staticPrivateKey, ephemeralPrivateKey, null);
-    }
-
-    public DHUPrivateParameters(
-        DHPrivateKeyParameters  staticPrivateKey,
-        DHPrivateKeyParameters  ephemeralPrivateKey,
-        DHPublicKeyParameters   ephemeralPublicKey)
-    {
-        if (staticPrivateKey == null)
-        {
-            throw new NullPointerException("staticPrivateKey cannot be null");
-        }
-        if (ephemeralPrivateKey == null)
-        {
-            throw new NullPointerException("ephemeralPrivateKey cannot be null");
-        }
-
-        DHParameters parameters = staticPrivateKey.getParameters();
-        if (!parameters.equals(ephemeralPrivateKey.getParameters()))
-        {
-            throw new IllegalArgumentException("static and ephemeral private keys have different domain parameters");
-        }
-
-        if (ephemeralPublicKey == null)
-        {
-            ephemeralPublicKey = new DHPublicKeyParameters(
-                parameters.getG().modPow(ephemeralPrivateKey.getX(), parameters.getP()),
-                parameters);
-        }
-        else if (!parameters.equals(ephemeralPublicKey.getParameters()))
-        {
-            throw new IllegalArgumentException("ephemeral public key has different domain parameters");
-        }
-
-        this.staticPrivateKey = staticPrivateKey;
-        this.ephemeralPrivateKey = ephemeralPrivateKey;
-        this.ephemeralPublicKey = ephemeralPublicKey;
-    }
-
-    public DHPrivateKeyParameters getStaticPrivateKey()
-    {
-        return staticPrivateKey;
-    }
-
-    public DHPrivateKeyParameters getEphemeralPrivateKey()
-    {
-        return ephemeralPrivateKey;
-    }
-
-    public DHPublicKeyParameters getEphemeralPublicKey()
-    {
-        return ephemeralPublicKey;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/DHUPublicParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/DHUPublicParameters.java
deleted file mode 100644
index 7b2a14d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/DHUPublicParameters.java
+++ /dev/null

@@ -1,44 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.CipherParameters;
-
-/**
- * Parameters holder for static/ephemeral agreement as described in NIST SP 800-56A.
- */
-public class DHUPublicParameters
-    implements CipherParameters
-{
-    private DHPublicKeyParameters staticPublicKey;
-    private DHPublicKeyParameters ephemeralPublicKey;
-
-    public DHUPublicParameters(
-        DHPublicKeyParameters   staticPublicKey,
-        DHPublicKeyParameters   ephemeralPublicKey)
-    {
-        if (staticPublicKey == null)
-        {
-            throw new NullPointerException("staticPublicKey cannot be null");
-        }
-        if (ephemeralPublicKey == null)
-        {
-            throw new NullPointerException("ephemeralPublicKey cannot be null");
-        }
-        if (!staticPublicKey.getParameters().equals(ephemeralPublicKey.getParameters()))
-        {
-            throw new IllegalArgumentException("Static and ephemeral public keys have different domain parameters");
-        }
-
-        this.staticPublicKey = staticPublicKey;
-        this.ephemeralPublicKey = ephemeralPublicKey;
-    }
-
-    public DHPublicKeyParameters getStaticPublicKey()
-    {
-        return staticPublicKey;
-    }
-
-    public DHPublicKeyParameters getEphemeralPublicKey()
-    {
-        return ephemeralPublicKey;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/DSTU4145Parameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/DSTU4145Parameters.java
deleted file mode 100644
index 8afd2b3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/DSTU4145Parameters.java
+++ /dev/null

@@ -1,21 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.util.Arrays;
-
-public class DSTU4145Parameters
-    extends ECDomainParameters
-{
-    private final byte[] dke;
-
-    public DSTU4145Parameters(ECDomainParameters ecParameters, byte[] dke)
-    {
-        super(ecParameters.getCurve(), ecParameters.getG(), ecParameters.getN(), ecParameters.getH(), ecParameters.getSeed());
-
-        this.dke = Arrays.clone(dke);
-    }
-
-    public byte[] getDKE()
-    {
-        return Arrays.clone(dke);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/ECDHUPrivateParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/ECDHUPrivateParameters.java
deleted file mode 100644
index ca9deaf..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/ECDHUPrivateParameters.java
+++ /dev/null

@@ -1,72 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.CipherParameters;
-
-/**
- * Parameters holder for private unified static/ephemeral agreement as described in NIST SP 800-56A.
- */
-public class ECDHUPrivateParameters
-    implements CipherParameters
-{
-    private ECPrivateKeyParameters staticPrivateKey;
-    private ECPrivateKeyParameters ephemeralPrivateKey;
-    private ECPublicKeyParameters ephemeralPublicKey;
-
-    public ECDHUPrivateParameters(
-        ECPrivateKeyParameters  staticPrivateKey,
-        ECPrivateKeyParameters  ephemeralPrivateKey)
-    {
-        this(staticPrivateKey, ephemeralPrivateKey, null);
-    }
-
-    public ECDHUPrivateParameters(
-        ECPrivateKeyParameters  staticPrivateKey,
-        ECPrivateKeyParameters  ephemeralPrivateKey,
-        ECPublicKeyParameters   ephemeralPublicKey)
-    {
-        if (staticPrivateKey == null)
-        {
-            throw new NullPointerException("staticPrivateKey cannot be null");
-        }
-        if (ephemeralPrivateKey == null)
-        {
-            throw new NullPointerException("ephemeralPrivateKey cannot be null");
-        }
-
-        ECDomainParameters parameters = staticPrivateKey.getParameters();
-        if (!parameters.equals(ephemeralPrivateKey.getParameters()))
-        {
-            throw new IllegalArgumentException("static and ephemeral private keys have different domain parameters");
-        }
-
-        if (ephemeralPublicKey == null)
-        {
-            ephemeralPublicKey = new ECPublicKeyParameters(
-                parameters.getG().multiply(ephemeralPrivateKey.getD()),
-                parameters);
-        }
-        else if (!parameters.equals(ephemeralPublicKey.getParameters()))
-        {
-            throw new IllegalArgumentException("ephemeral public key has different domain parameters");
-        }
-
-        this.staticPrivateKey = staticPrivateKey;
-        this.ephemeralPrivateKey = ephemeralPrivateKey;
-        this.ephemeralPublicKey = ephemeralPublicKey;
-    }
-
-    public ECPrivateKeyParameters getStaticPrivateKey()
-    {
-        return staticPrivateKey;
-    }
-
-    public ECPrivateKeyParameters getEphemeralPrivateKey()
-    {
-        return ephemeralPrivateKey;
-    }
-
-    public ECPublicKeyParameters getEphemeralPublicKey()
-    {
-        return ephemeralPublicKey;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/ECDHUPublicParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/ECDHUPublicParameters.java
deleted file mode 100644
index f7754e1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/ECDHUPublicParameters.java
+++ /dev/null

@@ -1,44 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.CipherParameters;
-
-/**
- * Parameters holder for public unified static/ephemeral agreement as described in NIST SP 800-56A using EC DH/CDH.
- */
-public class ECDHUPublicParameters
-    implements CipherParameters
-{
-    private ECPublicKeyParameters staticPublicKey;
-    private ECPublicKeyParameters ephemeralPublicKey;
-
-    public ECDHUPublicParameters(
-        ECPublicKeyParameters   staticPublicKey,
-        ECPublicKeyParameters   ephemeralPublicKey)
-    {
-        if (staticPublicKey == null)
-        {
-            throw new NullPointerException("staticPublicKey cannot be null");
-        }
-        if (ephemeralPublicKey == null)
-        {
-            throw new NullPointerException("ephemeralPublicKey cannot be null");
-        }
-        if (!staticPublicKey.getParameters().equals(ephemeralPublicKey.getParameters()))
-        {
-            throw new IllegalArgumentException("static and ephemeral public keys have different domain parameters");
-        }
-
-        this.staticPublicKey = staticPublicKey;
-        this.ephemeralPublicKey = ephemeralPublicKey;
-    }
-
-    public ECPublicKeyParameters getStaticPublicKey()
-    {
-        return staticPublicKey;
-    }
-
-    public ECPublicKeyParameters getEphemeralPublicKey()
-    {
-        return ephemeralPublicKey;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/ECGOST3410Parameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/ECGOST3410Parameters.java
deleted file mode 100644
index e90d30f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/ECGOST3410Parameters.java
+++ /dev/null

@@ -1,47 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-
-public class ECGOST3410Parameters
-    extends ECNamedDomainParameters
-{
-    private final ASN1ObjectIdentifier  publicKeyParamSet;
-    private final ASN1ObjectIdentifier  digestParamSet;
-    private final ASN1ObjectIdentifier  encryptionParamSet;
-
-    public ECGOST3410Parameters(ECDomainParameters ecParameters, ASN1ObjectIdentifier publicKeyParamSet, ASN1ObjectIdentifier digestParamSet)
-    {
-        this(ecParameters, publicKeyParamSet, digestParamSet, null);
-    }
-
-    public ECGOST3410Parameters(ECDomainParameters ecParameters, ASN1ObjectIdentifier publicKeyParamSet, ASN1ObjectIdentifier digestParamSet, ASN1ObjectIdentifier encryptionParamSet)
-    {
-        super(publicKeyParamSet, ecParameters.getCurve(), ecParameters.getG(), ecParameters.getN(), ecParameters.getH(), ecParameters.getSeed());
-
-        if (ecParameters instanceof ECNamedDomainParameters)
-        {
-            if (!publicKeyParamSet.equals(((ECNamedDomainParameters)ecParameters).getName()))
-            {
-                throw new IllegalArgumentException("named parameters do not match publicKeyParamSet value");
-            }
-        }
-        this.publicKeyParamSet = publicKeyParamSet;
-        this.digestParamSet = digestParamSet;
-        this.encryptionParamSet = encryptionParamSet;
-    }
-
-    public ASN1ObjectIdentifier getPublicKeyParamSet()
-    {
-        return publicKeyParamSet;
-    }
-
-    public ASN1ObjectIdentifier getDigestParamSet()
-    {
-        return digestParamSet;
-    }
-
-    public ASN1ObjectIdentifier getEncryptionParamSet()
-    {
-        return encryptionParamSet;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/Ed25519KeyGenerationParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/Ed25519KeyGenerationParameters.java
deleted file mode 100644
index 593bff0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/Ed25519KeyGenerationParameters.java
+++ /dev/null

@@ -1,14 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.KeyGenerationParameters;
-
-public class Ed25519KeyGenerationParameters
-    extends KeyGenerationParameters
-{
-    public Ed25519KeyGenerationParameters(SecureRandom random)
-    {
-        super(random, 256);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/Ed25519PrivateKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/Ed25519PrivateKeyParameters.java
deleted file mode 100644
index d5d3ed5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/Ed25519PrivateKeyParameters.java
+++ /dev/null

@@ -1,106 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import java.io.EOFException;
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.SecureRandom;
-
-import org.bouncycastle.math.ec.rfc8032.Ed25519;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.io.Streams;
-
-public final class Ed25519PrivateKeyParameters
-    extends AsymmetricKeyParameter
-{
-    public static final int KEY_SIZE = Ed25519.SECRET_KEY_SIZE;
-    public static final int SIGNATURE_SIZE = Ed25519.SIGNATURE_SIZE;
-
-    private final byte[] data = new byte[KEY_SIZE];
-
-    public Ed25519PrivateKeyParameters(SecureRandom random)
-    {
-        super(true);
-
-        Ed25519.generatePrivateKey(random, data);
-    }
-
-    public Ed25519PrivateKeyParameters(byte[] buf, int off)
-    {
-        super(true);
-
-        System.arraycopy(buf, off, data, 0, KEY_SIZE);
-    }
-
-    public Ed25519PrivateKeyParameters(InputStream input) throws IOException
-    {
-        super(true);
-
-        if (KEY_SIZE != Streams.readFully(input, data))
-        {
-            throw new EOFException("EOF encountered in middle of Ed25519 private key");
-        }
-    }
-
-    public void encode(byte[] buf, int off)
-    {
-        System.arraycopy(data, 0, buf, off, KEY_SIZE);
-    }
-
-    public byte[] getEncoded()
-    {
-        return Arrays.clone(data);
-    }
-
-    public Ed25519PublicKeyParameters generatePublicKey()
-    {
-        byte[] publicKey = new byte[Ed25519.PUBLIC_KEY_SIZE];
-        Ed25519.generatePublicKey(data, 0, publicKey, 0);
-        return new Ed25519PublicKeyParameters(publicKey, 0);
-    }
-
-    public void sign(int algorithm, Ed25519PublicKeyParameters publicKey, byte[] ctx, byte[] msg, int msgOff, int msgLen, byte[] sig, int sigOff)
-    {
-        byte[] pk = new byte[Ed25519.PUBLIC_KEY_SIZE];
-        if (null == publicKey)
-        {
-            Ed25519.generatePublicKey(data, 0, pk, 0);
-        }
-        else
-        {
-            publicKey.encode(pk, 0);
-        }
-
-        switch (algorithm)
-        {
-        case Ed25519.Algorithm.Ed25519:
-        {
-            if (null != ctx)
-            {
-                throw new IllegalArgumentException("ctx");
-            }
-
-            Ed25519.sign(data, 0, pk, 0, msg, msgOff, msgLen, sig, sigOff);
-            break;
-        }
-        case Ed25519.Algorithm.Ed25519ctx:
-        {
-            Ed25519.sign(data, 0, pk, 0, ctx, msg, msgOff, msgLen, sig, sigOff);
-            break;
-        }
-        case Ed25519.Algorithm.Ed25519ph:
-        {
-            if (Ed25519.PREHASH_SIZE != msgLen)
-            {
-                throw new IllegalArgumentException("msgLen");
-            }
-
-            Ed25519.signPrehash(data, 0, pk, 0, ctx, msg, msgOff, sig, sigOff);
-            break;
-        }
-        default:
-        {
-            throw new IllegalArgumentException("algorithm");
-        }
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/Ed25519PublicKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/Ed25519PublicKeyParameters.java
deleted file mode 100644
index 783382f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/Ed25519PublicKeyParameters.java
+++ /dev/null

@@ -1,44 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import java.io.EOFException;
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.bouncycastle.math.ec.rfc8032.Ed25519;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.io.Streams;
-
-public final class Ed25519PublicKeyParameters
-    extends AsymmetricKeyParameter
-{
-    public static final int KEY_SIZE = Ed25519.PUBLIC_KEY_SIZE;
-
-    private final byte[] data = new byte[KEY_SIZE];
-
-    public Ed25519PublicKeyParameters(byte[] buf, int off)
-    {
-        super(false);
-
-        System.arraycopy(buf, off, data, 0, KEY_SIZE);
-    }
-
-    public Ed25519PublicKeyParameters(InputStream input) throws IOException
-    {
-        super(false);
-
-        if (KEY_SIZE != Streams.readFully(input, data))
-        {
-            throw new EOFException("EOF encountered in middle of Ed25519 public key");
-        }
-    }
-
-    public void encode(byte[] buf, int off)
-    {
-        System.arraycopy(data, 0, buf, off, KEY_SIZE);
-    }
-
-    public byte[] getEncoded()
-    {
-        return Arrays.clone(data);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/Ed448KeyGenerationParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/Ed448KeyGenerationParameters.java
deleted file mode 100644
index 34de47b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/Ed448KeyGenerationParameters.java
+++ /dev/null

@@ -1,14 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.KeyGenerationParameters;
-
-public class Ed448KeyGenerationParameters
-    extends KeyGenerationParameters
-{
-    public Ed448KeyGenerationParameters(SecureRandom random)
-    {
-        super(random, 448);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/Ed448PrivateKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/Ed448PrivateKeyParameters.java
deleted file mode 100644
index be50146..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/Ed448PrivateKeyParameters.java
+++ /dev/null

@@ -1,96 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import java.io.EOFException;
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.SecureRandom;
-
-import org.bouncycastle.math.ec.rfc8032.Ed448;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.io.Streams;
-
-public final class Ed448PrivateKeyParameters
-    extends AsymmetricKeyParameter
-{
-    public static final int KEY_SIZE = Ed448.SECRET_KEY_SIZE;
-    public static final int SIGNATURE_SIZE = Ed448.SIGNATURE_SIZE;
-
-    private final byte[] data = new byte[KEY_SIZE];
-
-    public Ed448PrivateKeyParameters(SecureRandom random)
-    {
-        super(true);
-
-        Ed448.generatePrivateKey(random, data);
-    }
-
-    public Ed448PrivateKeyParameters(byte[] buf, int off)
-    {
-        super(true);
-
-        System.arraycopy(buf, off, data, 0, KEY_SIZE);
-    }
-
-    public Ed448PrivateKeyParameters(InputStream input) throws IOException
-    {
-        super(true);
-
-        if (KEY_SIZE != Streams.readFully(input, data))
-        {
-            throw new EOFException("EOF encountered in middle of Ed448 private key");
-        }
-    }
-
-    public void encode(byte[] buf, int off)
-    {
-        System.arraycopy(data, 0, buf, off, KEY_SIZE);
-    }
-
-    public byte[] getEncoded()
-    {
-        return Arrays.clone(data);
-    }
-
-    public Ed448PublicKeyParameters generatePublicKey()
-    {
-        byte[] publicKey = new byte[Ed448.PUBLIC_KEY_SIZE];
-        Ed448.generatePublicKey(data, 0, publicKey, 0);
-        return new Ed448PublicKeyParameters(publicKey, 0);
-    }
-
-    public void sign(int algorithm, Ed448PublicKeyParameters publicKey, byte[] ctx, byte[] msg, int msgOff, int msgLen, byte[] sig, int sigOff)
-    {
-        byte[] pk = new byte[Ed448.PUBLIC_KEY_SIZE];
-        if (null == publicKey)
-        {
-            Ed448.generatePublicKey(data, 0, pk, 0);
-        }
-        else
-        {
-            publicKey.encode(pk, 0);
-        }
-
-        switch (algorithm)
-        {
-        case Ed448.Algorithm.Ed448:
-        {
-            Ed448.sign(data, 0, pk, 0, ctx, msg, msgOff, msgLen, sig, sigOff);
-            break;
-        }
-        case Ed448.Algorithm.Ed448ph:
-        {
-            if (Ed448.PREHASH_SIZE != msgLen)
-            {
-                throw new IllegalArgumentException("msgLen");
-            }
-
-            Ed448.signPrehash(data, 0, pk, 0, ctx, msg, msgOff, sig, sigOff);
-            break;
-        }
-        default:
-        {
-            throw new IllegalArgumentException("algorithm");
-        }
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/Ed448PublicKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/Ed448PublicKeyParameters.java
deleted file mode 100644
index 44cbf87..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/Ed448PublicKeyParameters.java
+++ /dev/null

@@ -1,44 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import java.io.EOFException;
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.bouncycastle.math.ec.rfc8032.Ed448;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.io.Streams;
-
-public final class Ed448PublicKeyParameters
-    extends AsymmetricKeyParameter
-{
-    public static final int KEY_SIZE = Ed448.PUBLIC_KEY_SIZE;
-
-    private final byte[] data = new byte[KEY_SIZE];
-
-    public Ed448PublicKeyParameters(byte[] buf, int off)
-    {
-        super(false);
-
-        System.arraycopy(buf, off, data, 0, KEY_SIZE);
-    }
-
-    public Ed448PublicKeyParameters(InputStream input) throws IOException
-    {
-        super(false);
-
-        if (KEY_SIZE != Streams.readFully(input, data))
-        {
-            throw new EOFException("EOF encountered in middle of Ed448 public key");
-        }
-    }
-
-    public void encode(byte[] buf, int off)
-    {
-        System.arraycopy(data, 0, buf, off, KEY_SIZE);
-    }
-
-    public byte[] getEncoded()
-    {
-        return Arrays.clone(data);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/ElGamalKeyGenerationParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/ElGamalKeyGenerationParameters.java
deleted file mode 100644
index f5fbabd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/ElGamalKeyGenerationParameters.java
+++ /dev/null

@@ -1,30 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.KeyGenerationParameters;
-
-public class ElGamalKeyGenerationParameters
-    extends KeyGenerationParameters
-{
-    private ElGamalParameters    params;
-
-    public ElGamalKeyGenerationParameters(
-        SecureRandom        random,
-        ElGamalParameters   params)
-    {
-        super(random, getStrength(params));
-
-        this.params = params;
-    }
-
-    public ElGamalParameters getParameters()
-    {
-        return params;
-    }
-
-    static int getStrength(ElGamalParameters params)
-    {
-        return params.getL() != 0 ? params.getL() : params.getP().bitLength();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/ElGamalKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/ElGamalKeyParameters.java
deleted file mode 100644
index 7250693..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/ElGamalKeyParameters.java
+++ /dev/null

@@ -1,47 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-
-public class ElGamalKeyParameters
-    extends AsymmetricKeyParameter
-{
-    private ElGamalParameters    params;
-
-    protected ElGamalKeyParameters(
-        boolean         isPrivate,
-        ElGamalParameters    params)
-    {
-        super(isPrivate);
-
-        this.params = params;
-    }   
-
-    public ElGamalParameters getParameters()
-    {
-        return params;
-    }
-
-    public int hashCode()
-    {
-        return (params != null) ? params.hashCode() : 0;
-    }
-
-    public boolean equals(
-        Object  obj)
-    {
-        if (!(obj instanceof ElGamalKeyParameters))
-        {
-            return false;
-        }
-
-        ElGamalKeyParameters    dhKey = (ElGamalKeyParameters)obj;
-
-        if (params == null)
-        {
-            return dhKey.getParameters() == null;
-        }
-        else
-        { 
-            return params.equals(dhKey.getParameters());
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/ElGamalParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/ElGamalParameters.java
deleted file mode 100644
index 166eff3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/ElGamalParameters.java
+++ /dev/null

@@ -1,69 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.CipherParameters;
-
-public class ElGamalParameters
-    implements CipherParameters
-{
-    private BigInteger              g;
-    private BigInteger              p;
-    private int                     l;
-
-    public ElGamalParameters(
-        BigInteger  p,
-        BigInteger  g)
-    {
-        this(p, g, 0);
-    }
-
-    public ElGamalParameters(
-        BigInteger  p,
-        BigInteger  g,
-        int         l)
-    {
-        this.g = g;
-        this.p = p;
-        this.l = l;
-    }
-
-    public BigInteger getP()
-    {
-        return p;
-    }
-
-    /**
-     * return the generator - g
-     */
-    public BigInteger getG()
-    {
-        return g;
-    }
-
-    /**
-     * return private value limit - l
-     */
-    public int getL()
-    {
-        return l;
-    }
-
-    public boolean equals(
-        Object  obj)
-    {
-        if (!(obj instanceof ElGamalParameters))
-        {
-            return false;
-        }
-
-        ElGamalParameters    pm = (ElGamalParameters)obj;
-
-        return pm.getP().equals(p) && pm.getG().equals(g) && pm.getL() == l;
-    }
-    
-    public int hashCode()
-    {
-        return (getP().hashCode() ^ getG().hashCode()) + l;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/ElGamalPrivateKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/ElGamalPrivateKeyParameters.java
deleted file mode 100644
index b8fb529..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/ElGamalPrivateKeyParameters.java
+++ /dev/null

@@ -1,46 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import java.math.BigInteger;
-
-public class ElGamalPrivateKeyParameters
-    extends ElGamalKeyParameters
-{
-    private BigInteger      x;
-
-    public ElGamalPrivateKeyParameters(
-        BigInteger      x,
-        ElGamalParameters    params)
-    {
-        super(true, params);
-
-        this.x = x;
-    }   
-
-    public BigInteger getX()
-    {
-        return x;
-    }
-
-    public boolean equals(
-        Object  obj)
-    {
-        if (!(obj instanceof ElGamalPrivateKeyParameters))
-        {
-            return false;
-        }
-
-        ElGamalPrivateKeyParameters  pKey = (ElGamalPrivateKeyParameters)obj;
-
-        if (!pKey.getX().equals(x))
-        {
-            return false;
-        }
-
-        return super.equals(obj);
-    }
-    
-    public int hashCode()
-    {
-        return getX().hashCode();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/ElGamalPublicKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/ElGamalPublicKeyParameters.java
deleted file mode 100644
index d7da7a9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/ElGamalPublicKeyParameters.java
+++ /dev/null

@@ -1,41 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import java.math.BigInteger;
-
-public class ElGamalPublicKeyParameters
-    extends ElGamalKeyParameters
-{
-    private BigInteger      y;
-
-    public ElGamalPublicKeyParameters(
-        BigInteger      y,
-        ElGamalParameters    params)
-    {
-        super(false, params);
-
-        this.y = y;
-    }   
-
-    public BigInteger getY()
-    {
-        return y;
-    }
-
-    public int hashCode()
-    {
-        return y.hashCode() ^ super.hashCode();
-    }
-
-    public boolean equals(
-        Object  obj)
-    {
-        if (!(obj instanceof ElGamalPublicKeyParameters))
-        {
-            return false;
-        }
-
-        ElGamalPublicKeyParameters   other = (ElGamalPublicKeyParameters)obj;
-
-        return other.getY().equals(y) && super.equals(obj);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/GOST3410KeyGenerationParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/GOST3410KeyGenerationParameters.java
deleted file mode 100644
index 74e05a9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/GOST3410KeyGenerationParameters.java
+++ /dev/null

@@ -1,25 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.KeyGenerationParameters;
-
-import java.security.SecureRandom;
-
-public class GOST3410KeyGenerationParameters
-        extends KeyGenerationParameters
-{
-        private GOST3410Parameters    params;
-
-        public GOST3410KeyGenerationParameters(
-            SecureRandom    random,
-            GOST3410Parameters   params)
-        {
-            super(random, params.getP().bitLength() - 1);
-
-            this.params = params;
-        }
-
-        public GOST3410Parameters getParameters()
-        {
-            return params;
-        }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/GOST3410KeyParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/GOST3410KeyParameters.java
deleted file mode 100644
index 6716924..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/GOST3410KeyParameters.java
+++ /dev/null

@@ -1,21 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-public class GOST3410KeyParameters
-        extends AsymmetricKeyParameter
-{
-    private GOST3410Parameters    params;
-
-    public GOST3410KeyParameters(
-        boolean         isPrivate,
-        GOST3410Parameters   params)
-    {
-        super(isPrivate);
-
-        this.params = params;
-    }
-
-    public GOST3410Parameters getParameters()
-    {
-        return params;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/GOST3410Parameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/GOST3410Parameters.java
deleted file mode 100644
index 07450f6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/GOST3410Parameters.java
+++ /dev/null

@@ -1,74 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.CipherParameters;
-
-import java.math.BigInteger;
-
-public class GOST3410Parameters
-   implements CipherParameters
-{
-    private BigInteger              p;
-    private BigInteger              q;
-    private BigInteger              a;
-    private GOST3410ValidationParameters validation;
-
-    public GOST3410Parameters(
-        BigInteger  p,
-        BigInteger  q,
-        BigInteger  a)
-    {
-        this.p = p;
-        this.q = q;
-        this.a = a;
-    }
-
-    public GOST3410Parameters(
-        BigInteger              p,
-        BigInteger              q,
-        BigInteger              a,
-        GOST3410ValidationParameters params)
-    {
-        this.a = a;
-        this.p = p;
-        this.q = q;
-        this.validation = params;
-    }
-
-    public BigInteger getP()
-    {
-        return p;
-    }
-
-    public BigInteger getQ()
-    {
-        return q;
-    }
-
-    public BigInteger getA()
-    {
-        return a;
-    }
-
-    public GOST3410ValidationParameters getValidationParameters()
-    {
-        return validation;
-    }
-
-    public int hashCode()
-    {
-        return p.hashCode() ^ q.hashCode() ^ a.hashCode();
-    }
-
-    public boolean equals(
-        Object  obj)
-    {
-        if (!(obj instanceof GOST3410Parameters))
-        {
-            return false;
-        }
-
-        GOST3410Parameters    pm = (GOST3410Parameters)obj;
-
-        return (pm.getP().equals(p) && pm.getQ().equals(q) && pm.getA().equals(a));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/GOST3410PrivateKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/GOST3410PrivateKeyParameters.java
deleted file mode 100644
index 408e065..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/GOST3410PrivateKeyParameters.java
+++ /dev/null

@@ -1,23 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import java.math.BigInteger;
-
-public class GOST3410PrivateKeyParameters
-        extends GOST3410KeyParameters
-{
-    private BigInteger      x;
-
-    public GOST3410PrivateKeyParameters(
-        BigInteger      x,
-        GOST3410Parameters   params)
-    {
-        super(true, params);
-
-        this.x = x;
-    }
-
-    public BigInteger getX()
-    {
-        return x;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/GOST3410PublicKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/GOST3410PublicKeyParameters.java
deleted file mode 100644
index 9dfd2d9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/GOST3410PublicKeyParameters.java
+++ /dev/null

@@ -1,23 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import java.math.BigInteger;
-
-public class GOST3410PublicKeyParameters
-        extends GOST3410KeyParameters
-{
-    private BigInteger      y;
-
-    public GOST3410PublicKeyParameters(
-        BigInteger      y,
-        GOST3410Parameters   params)
-    {
-        super(false, params);
-
-        this.y = y;
-    }
-
-    public BigInteger getY()
-    {
-        return y;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/GOST3410ValidationParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/GOST3410ValidationParameters.java
deleted file mode 100644
index c2a4fb5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/GOST3410ValidationParameters.java
+++ /dev/null

@@ -1,84 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-public class GOST3410ValidationParameters
-{
-    private int x0;
-    private int c;
-    private long x0L;
-    private long cL;
-
-
-    public GOST3410ValidationParameters(
-        int  x0,
-        int  c)
-    {
-        this.x0 = x0;
-        this.c = c;
-    }
-
-    public GOST3410ValidationParameters(
-        long  x0L,
-        long  cL)
-    {
-        this.x0L = x0L;
-        this.cL = cL;
-    }
-
-    public int getC()
-    {
-        return c;
-    }
-
-    public int getX0()
-    {
-        return x0;
-    }
-
-    public long getCL()
-    {
-        return cL;
-    }
-
-    public long getX0L()
-    {
-        return x0L;
-    }
-
-    public boolean equals(
-        Object o)
-    {
-        if (!(o instanceof GOST3410ValidationParameters))
-        {
-            return false;
-        }
-
-        GOST3410ValidationParameters  other = (GOST3410ValidationParameters)o;
-
-        if (other.c != this.c)
-        {
-            return false;
-        }
-
-        if (other.x0 != this.x0)
-        {
-            return false;
-        }
-
-        if (other.cL != this.cL)
-        {
-            return false;
-        }
-
-        if (other.x0L != this.x0L)
-        {
-            return false;
-        }
-
-        return true;
-    }
-
-    public int hashCode()
-    {
-        return x0 ^ c ^ (int) x0L ^ (int)(x0L >> 32) ^ (int) cL ^ (int)(cL >> 32);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/HKDFParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/HKDFParameters.java
deleted file mode 100644
index 2db3ce6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/HKDFParameters.java
+++ /dev/null

@@ -1,123 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.DerivationParameters;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Parameter class for the HKDFBytesGenerator class.
- */
-public class HKDFParameters
-    implements DerivationParameters
-{
-    private final byte[] ikm;
-    private final boolean skipExpand;
-    private final byte[] salt;
-    private final byte[] info;
-
-    private HKDFParameters(final byte[] ikm, final boolean skip,
-                           final byte[] salt, final byte[] info)
-    {
-        if (ikm == null)
-        {
-            throw new IllegalArgumentException(
-                "IKM (input keying material) should not be null");
-        }
-
-        this.ikm = Arrays.clone(ikm);
-
-        this.skipExpand = skip;
-
-        if (salt == null || salt.length == 0)
-        {
-            this.salt = null;
-        }
-        else
-        {
-            this.salt = Arrays.clone(salt);
-        }
-
-        if (info == null)
-        {
-            this.info = new byte[0];
-        }
-        else
-        {
-            this.info = Arrays.clone(info);
-        }
-    }
-
-    /**
-     * Generates parameters for HKDF, specifying both the optional salt and
-     * optional info. Step 1: Extract won't be skipped.
-     *
-     * @param ikm  the input keying material or seed
-     * @param salt the salt to use, may be null for a salt for hashLen zeros
-     * @param info the info to use, may be null for an info field of zero bytes
-     */
-    public HKDFParameters(final byte[] ikm, final byte[] salt, final byte[] info)
-    {
-        this(ikm, false, salt, info);
-    }
-
-    /**
-     * Factory method that makes the HKDF skip the extract part of the key
-     * derivation function.
-     *
-     * @param ikm  the input keying material or seed, directly used for step 2:
-     *             Expand
-     * @param info the info to use, may be null for an info field of zero bytes
-     * @return HKDFParameters that makes the implementation skip step 1
-     */
-    public static HKDFParameters skipExtractParameters(final byte[] ikm,
-                                                       final byte[] info)
-    {
-
-        return new HKDFParameters(ikm, true, null, info);
-    }
-
-    public static HKDFParameters defaultParameters(final byte[] ikm)
-    {
-        return new HKDFParameters(ikm, false, null, null);
-    }
-
-    /**
-     * Returns the input keying material or seed.
-     *
-     * @return the keying material
-     */
-    public byte[] getIKM()
-    {
-        return Arrays.clone(ikm);
-    }
-
-    /**
-     * Returns if step 1: extract has to be skipped or not
-     *
-     * @return true for skipping, false for no skipping of step 1
-     */
-    public boolean skipExtract()
-    {
-        return skipExpand;
-    }
-
-    /**
-     * Returns the salt, or null if the salt should be generated as a byte array
-     * of HashLen zeros.
-     *
-     * @return the salt, or null
-     */
-    public byte[] getSalt()
-    {
-        return Arrays.clone(salt);
-    }
-
-    /**
-     * Returns the info field, which may be empty (null is converted to empty).
-     *
-     * @return the info field, never null
-     */
-    public byte[] getInfo()
-    {
-        return Arrays.clone(info);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/IESParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/IESParameters.java
deleted file mode 100644
index f0940f8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/IESParameters.java
+++ /dev/null

@@ -1,45 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.util.Arrays;
-
-/**
- * parameters for using an integrated cipher in stream mode.
- */
-public class IESParameters
-    implements CipherParameters
-{
-    private byte[]  derivation;
-    private byte[]  encoding;
-    private int     macKeySize;
-
-    /**
-     * @param derivation the derivation parameter for the KDF function.
-     * @param encoding the encoding parameter for the KDF function.
-     * @param macKeySize the size of the MAC key (in bits).
-     */
-    public IESParameters(
-        byte[]  derivation,
-        byte[]  encoding,
-        int     macKeySize)
-    {
-        this.derivation = Arrays.clone(derivation);
-        this.encoding = Arrays.clone(encoding);
-        this.macKeySize = macKeySize;
-    }
-
-    public byte[] getDerivationV()
-    {
-        return Arrays.clone(derivation);
-    }
-
-    public byte[] getEncodingV()
-    {
-        return Arrays.clone(encoding);
-    }
-
-    public int getMacKeySize()
-    {
-        return macKeySize;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/IESWithCipherParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/IESWithCipherParameters.java
deleted file mode 100644
index ef61b2c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/IESWithCipherParameters.java
+++ /dev/null

@@ -1,30 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-
-public class IESWithCipherParameters
-    extends IESParameters
-{
-    private int cipherKeySize;
-
-    /**
-     * @param derivation the derivation parameter for the KDF function.
-     * @param encoding the encoding parameter for the KDF function.
-     * @param macKeySize the size of the MAC key (in bits).
-     * @param cipherKeySize the size of the associated Cipher key (in bits).
-     */
-    public IESWithCipherParameters(
-        byte[]  derivation,
-        byte[]  encoding,
-        int     macKeySize,
-        int     cipherKeySize)
-    {
-        super(derivation, encoding, macKeySize);
-
-        this.cipherKeySize = cipherKeySize;
-    }
-
-    public int getCipherKeySize()
-    {
-        return cipherKeySize;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/ISO18033KDFParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/ISO18033KDFParameters.java
deleted file mode 100644
index 8dffe2e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/ISO18033KDFParameters.java
+++ /dev/null

@@ -1,23 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.DerivationParameters;
-
-/**
- * parameters for Key derivation functions for ISO-18033
- */
-public class ISO18033KDFParameters
-    implements DerivationParameters
-{
-    byte[]  seed;
-
-    public ISO18033KDFParameters(
-        byte[]  seed)
-    {
-        this.seed = seed;
-    }
-
-    public byte[] getSeed()
-    {
-        return seed;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/KDFCounterParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/KDFCounterParameters.java
deleted file mode 100644
index 6b5e150..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/KDFCounterParameters.java
+++ /dev/null

@@ -1,120 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.DerivationParameters;
-import org.bouncycastle.util.Arrays;
-
-/**
- * This KDF has been defined by the publicly available NIST SP 800-108 specification.
- * NIST SP800-108 allows for alternative orderings of the input fields, meaning that the input can be formated in multiple ways.
- * There are 3 supported formats:  - Below [i]_2 is a counter of r-bits length concatenated to the fixedInputData.
- * <ul>
- * <li>1: K(i) := PRF( KI, [i]_2 || Label || 0x00 || Context || [L]_2 ) with the counter at the very beginning of the fixedInputData (The default implementation has this format)</li>
- * <li>2: K(i) := PRF( KI, Label || 0x00 || Context || [L]_2 || [i]_2 ) with the counter at the very end of the fixedInputData</li>
- * <li>3a: K(i) := PRF( KI, Label || 0x00 || [i]_2 || Context || [L]_2 ) OR:</li>
- * <li>3b: K(i) := PRF( KI, Label || 0x00 || [i]_2 || [L]_2 || Context ) OR:</li>
- * <li>3c: K(i) := PRF( KI, Label || [i]_2 || 0x00 || Context || [L]_2 ) etc... with the counter somewhere in the 'middle' of the fixedInputData.</li>
- * </ul>
- * This function must be called with the following KDFCounterParameters():
- * <ul>
- *  <li>KI</li>
- *  <li>The part of the fixedInputData that comes BEFORE the counter OR null</li>
- *  <li>the part of the fixedInputData that comes AFTER the counter OR null</li>
- *  <li>the length of the counter in bits (not bytes)</li>
- *  </ul>
- * Resulting function calls assuming an 8 bit counter.
- * <ul>
- * <li>1.  KDFCounterParameters(ki, 	null, 									"Label || 0x00 || Context || [L]_2]",	8); </li>
- * <li>2.  KDFCounterParameters(ki, 	"Label || 0x00 || Context || [L]_2]", 	null,									8); </li>
- * <li>3a. KDFCounterParameters(ki, 	"Label || 0x00",						"Context || [L]_2]",					8);  </li>
- * <li>3b. KDFCounterParameters(ki, 	"Label || 0x00",						"[L]_2] || Context",					8);</li>
- * <li>3c. KDFCounterParameters(ki, 	"Label", 								"0x00 || Context || [L]_2]",			8); </li>
- * </ul>
- */
-public final class KDFCounterParameters
-    implements DerivationParameters
-{
-
-    private byte[] ki;
-    private byte[] fixedInputDataCounterPrefix;
-    private byte[] fixedInputDataCounterSuffix;
-    private int r;
-
-    /**
-     * Base constructor - suffix fixed input data only.
-     *
-     * @param ki the KDF seed
-     * @param fixedInputDataCounterSuffix  fixed input data to follow counter.
-     * @param r length of the counter in bits.
-     */
-    public KDFCounterParameters(byte[] ki, byte[] fixedInputDataCounterSuffix, int r)
-    {
-    	this(ki, null, fixedInputDataCounterSuffix, r);
-    }
-
-    /**
-     * Base constructor - prefix and suffix fixed input data.
-     *
-     * @param ki the KDF seed
-     * @param fixedInputDataCounterPrefix fixed input data to precede counter
-     * @param fixedInputDataCounterSuffix fixed input data to follow counter.
-     * @param r length of the counter in bits.
-     */
-    public KDFCounterParameters(byte[] ki, byte[] fixedInputDataCounterPrefix, byte[] fixedInputDataCounterSuffix, int r)
-    {
-        if (ki == null)
-        {
-            throw new IllegalArgumentException("A KDF requires Ki (a seed) as input");
-        }
-        this.ki = Arrays.clone(ki);
-
-        if (fixedInputDataCounterPrefix == null)
-        {
-            this.fixedInputDataCounterPrefix = new byte[0];
-        }
-        else
-        {
-            this.fixedInputDataCounterPrefix = Arrays.clone(fixedInputDataCounterPrefix);
-        }
-        
-        if (fixedInputDataCounterSuffix == null)
-        {
-            this.fixedInputDataCounterSuffix = new byte[0];
-        }
-        else
-        {
-            this.fixedInputDataCounterSuffix = Arrays.clone(fixedInputDataCounterSuffix);
-        }
-
-        if (r != 8 && r != 16 && r != 24 && r != 32)
-        {
-            throw new IllegalArgumentException("Length of counter should be 8, 16, 24 or 32");
-        }
-        this.r = r;
-    }
-    
-    public byte[] getKI()
-    {
-        return ki;
-    }
-
-    public byte[] getFixedInputData()
-    {
-    	//Retained for backwards compatibility
-        return Arrays.clone(fixedInputDataCounterSuffix);
-    }
-
-    public byte[] getFixedInputDataCounterPrefix()
-    {
-        return Arrays.clone(fixedInputDataCounterPrefix);
-    }
-    
-    public byte[] getFixedInputDataCounterSuffix()
-    {
-        return Arrays.clone(fixedInputDataCounterSuffix);
-    }
-
-    public int getR()
-    {
-        return r;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/KDFDoublePipelineIterationParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/KDFDoublePipelineIterationParameters.java
deleted file mode 100644
index 383678a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/KDFDoublePipelineIterationParameters.java
+++ /dev/null

@@ -1,80 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.DerivationParameters;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Note that counter is only supported at the location presented in the
- * NIST SP 800-108 specification, not in the additional locations present
- * in the CAVP test vectors.
- */
-public final class KDFDoublePipelineIterationParameters
-    implements DerivationParameters
-{
-
-    // could be any valid value, using 32, don't know why
-    private static final int UNUSED_R = 32;
-
-    private final byte[] ki;
-    private final boolean useCounter;
-    private final int r;
-    private final byte[] fixedInputData;
-
-    private KDFDoublePipelineIterationParameters(byte[] ki, byte[] fixedInputData, int r, boolean useCounter)
-    {
-        if (ki == null)
-        {
-            throw new IllegalArgumentException("A KDF requires Ki (a seed) as input");
-        }
-        this.ki = Arrays.clone(ki);
-
-        if (fixedInputData == null)
-        {
-            this.fixedInputData = new byte[0];
-        }
-        else
-        {
-            this.fixedInputData = Arrays.clone(fixedInputData);
-        }
-
-        if (r != 8 && r != 16 && r != 24 && r != 32)
-        {
-            throw new IllegalArgumentException("Length of counter should be 8, 16, 24 or 32");
-        }
-        this.r = r;
-
-        this.useCounter = useCounter;
-    }
-
-    public static KDFDoublePipelineIterationParameters createWithCounter(
-        byte[] ki, byte[] fixedInputData, int r)
-    {
-        return new KDFDoublePipelineIterationParameters(ki, fixedInputData, r, true);
-    }
-
-    public static KDFDoublePipelineIterationParameters createWithoutCounter(
-        byte[] ki, byte[] fixedInputData)
-    {
-        return new KDFDoublePipelineIterationParameters(ki, fixedInputData, UNUSED_R, false);
-    }
-
-    public byte[] getKI()
-    {
-        return ki;
-    }
-
-    public boolean useCounter()
-    {
-        return useCounter;
-    }
-
-    public int getR()
-    {
-        return r;
-    }
-
-    public byte[] getFixedInputData()
-    {
-        return Arrays.clone(fixedInputData);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/KDFFeedbackParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/KDFFeedbackParameters.java
deleted file mode 100644
index 8a6e7f5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/KDFFeedbackParameters.java
+++ /dev/null

@@ -1,96 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.DerivationParameters;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Note that counter is only supported at the location presented in the
- * NIST SP 800-108 specification, not in the additional locations present
- * in the CAVP test vectors.
- */
-public final class KDFFeedbackParameters
-    implements DerivationParameters
-{
-
-    // could be any valid value, using 32, don't know why
-    private static final int UNUSED_R = -1;
-
-    private final byte[] ki;
-    private final byte[] iv;
-    private final boolean useCounter;
-    private final int r;
-    private final byte[] fixedInputData;
-
-    private KDFFeedbackParameters(byte[] ki, byte[] iv, byte[] fixedInputData, int r, boolean useCounter)
-    {
-        if (ki == null)
-        {
-            throw new IllegalArgumentException("A KDF requires Ki (a seed) as input");
-        }
-        this.ki = Arrays.clone(ki);
-
-        if (fixedInputData == null)
-        {
-            this.fixedInputData = new byte[0];
-        }
-        else
-        {
-            this.fixedInputData = Arrays.clone(fixedInputData);
-        }
-
-        this.r = r;
-
-        if (iv == null)
-        {
-            this.iv = new byte[0];
-        }
-        else
-        {
-            this.iv = Arrays.clone(iv);
-        }
-
-        this.useCounter = useCounter;
-    }
-
-    public static KDFFeedbackParameters createWithCounter(
-        byte[] ki, final byte[] iv, byte[] fixedInputData, int r)
-    {
-        if (r != 8 && r != 16 && r != 24 && r != 32)
-        {
-            throw new IllegalArgumentException("Length of counter should be 8, 16, 24 or 32");
-        }
-
-        return new KDFFeedbackParameters(ki, iv, fixedInputData, r, true);
-    }
-
-    public static KDFFeedbackParameters createWithoutCounter(
-        byte[] ki, final byte[] iv, byte[] fixedInputData)
-    {
-        return new KDFFeedbackParameters(ki, iv, fixedInputData, UNUSED_R, false);
-    }
-
-    public byte[] getKI()
-    {
-        return ki;
-    }
-
-    public byte[] getIV()
-    {
-        return iv;
-    }
-
-    public boolean useCounter()
-    {
-        return useCounter;
-    }
-
-    public int getR()
-    {
-        return r;
-    }
-
-    public byte[] getFixedInputData()
-    {
-        return Arrays.clone(fixedInputData);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/MGFParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/MGFParameters.java
deleted file mode 100644
index 847bd98..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/MGFParameters.java
+++ /dev/null

@@ -1,32 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.DerivationParameters;
-
-/**
- * parameters for mask derivation functions.
- */
-public class MGFParameters
-    implements DerivationParameters
-{
-    byte[]  seed;
-
-    public MGFParameters(
-        byte[]  seed)
-    {
-        this(seed, 0, seed.length);
-    }
-
-    public MGFParameters(
-        byte[]  seed,
-        int     off,
-        int     len)
-    {
-        this.seed = new byte[len];
-        System.arraycopy(seed, off, this.seed, 0, len);
-    }
-
-    public byte[] getSeed()
-    {
-        return seed;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/MQVPrivateParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/MQVPrivateParameters.java
deleted file mode 100644
index 8be6f0e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/MQVPrivateParameters.java
+++ /dev/null

@@ -1,69 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.CipherParameters;
-
-public class MQVPrivateParameters
-    implements CipherParameters
-{
-    private ECPrivateKeyParameters staticPrivateKey;
-    private ECPrivateKeyParameters ephemeralPrivateKey;
-    private ECPublicKeyParameters ephemeralPublicKey;
-
-    public MQVPrivateParameters(
-        ECPrivateKeyParameters  staticPrivateKey,
-        ECPrivateKeyParameters  ephemeralPrivateKey)
-    {
-        this(staticPrivateKey, ephemeralPrivateKey, null);
-    }
-
-    public MQVPrivateParameters(
-        ECPrivateKeyParameters  staticPrivateKey,
-        ECPrivateKeyParameters  ephemeralPrivateKey,
-        ECPublicKeyParameters   ephemeralPublicKey)
-    {
-        if (staticPrivateKey == null)
-        {
-            throw new NullPointerException("staticPrivateKey cannot be null");
-        }
-        if (ephemeralPrivateKey == null)
-        {
-            throw new NullPointerException("ephemeralPrivateKey cannot be null");
-        }
-
-        ECDomainParameters parameters = staticPrivateKey.getParameters();
-        if (!parameters.equals(ephemeralPrivateKey.getParameters()))
-        {
-            throw new IllegalArgumentException("Static and ephemeral private keys have different domain parameters");
-        }
-
-        if (ephemeralPublicKey == null)
-        {
-            ephemeralPublicKey = new ECPublicKeyParameters(
-                parameters.getG().multiply(ephemeralPrivateKey.getD()),
-                parameters);
-        }
-        else if (!parameters.equals(ephemeralPublicKey.getParameters()))
-        {
-            throw new IllegalArgumentException("Ephemeral public key has different domain parameters");
-        }
-
-        this.staticPrivateKey = staticPrivateKey;
-        this.ephemeralPrivateKey = ephemeralPrivateKey;
-        this.ephemeralPublicKey = ephemeralPublicKey;
-    }
-
-    public ECPrivateKeyParameters getStaticPrivateKey()
-    {
-        return staticPrivateKey;
-    }
-
-    public ECPrivateKeyParameters getEphemeralPrivateKey()
-    {
-        return ephemeralPrivateKey;
-    }
-
-    public ECPublicKeyParameters getEphemeralPublicKey()
-    {
-        return ephemeralPublicKey;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/MQVPublicParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/MQVPublicParameters.java
deleted file mode 100644
index 0b3ac7d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/MQVPublicParameters.java
+++ /dev/null

@@ -1,41 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.CipherParameters;
-
-public class MQVPublicParameters
-    implements CipherParameters
-{
-    private ECPublicKeyParameters staticPublicKey;
-    private ECPublicKeyParameters ephemeralPublicKey;
-
-    public MQVPublicParameters(
-        ECPublicKeyParameters   staticPublicKey,
-        ECPublicKeyParameters   ephemeralPublicKey)
-    {
-        if (staticPublicKey == null)
-        {
-            throw new NullPointerException("staticPublicKey cannot be null");
-        }
-        if (ephemeralPublicKey == null)
-        {
-            throw new NullPointerException("ephemeralPublicKey cannot be null");
-        }
-        if (!staticPublicKey.getParameters().equals(ephemeralPublicKey.getParameters()))
-        {
-            throw new IllegalArgumentException("Static and ephemeral public keys have different domain parameters");
-        }
-
-        this.staticPublicKey = staticPublicKey;
-        this.ephemeralPublicKey = ephemeralPublicKey;
-    }
-
-    public ECPublicKeyParameters getStaticPublicKey()
-    {
-        return staticPublicKey;
-    }
-
-    public ECPublicKeyParameters getEphemeralPublicKey()
-    {
-        return ephemeralPublicKey;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/NaccacheSternKeyGenerationParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/NaccacheSternKeyGenerationParameters.java
deleted file mode 100644
index 758fcd7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/NaccacheSternKeyGenerationParameters.java
+++ /dev/null

@@ -1,97 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.KeyGenerationParameters;
-
-/**
- * Parameters for NaccacheStern public private key generation. For details on
- * this cipher, please see
- * 
- * http://www.gemplus.com/smart/rd/publications/pdf/NS98pkcs.pdf
- */
-public class NaccacheSternKeyGenerationParameters extends KeyGenerationParameters
-{
-
-    // private BigInteger publicExponent;
-    private int certainty;
-
-    private int cntSmallPrimes;
-
-    private boolean debug = false;
-
-    /**
-     * Parameters for generating a NaccacheStern KeyPair.
-     * 
-     * @param random
-     *            The source of randomness
-     * @param strength
-     *            The desired strength of the Key in Bits
-     * @param certainty
-     *            the probability that the generated primes are not really prime
-     *            as integer: 2^(-certainty) is then the probability
-     * @param cntSmallPrimes
-     *            How many small key factors are desired
-     */
-    public NaccacheSternKeyGenerationParameters(SecureRandom random, int strength, int certainty, int cntSmallPrimes)
-    {
-        this(random, strength, certainty, cntSmallPrimes, false);
-    }
-
-    /**
-     * Parameters for a NaccacheStern KeyPair.
-     * 
-     * @param random
-     *            The source of randomness
-     * @param strength
-     *            The desired strength of the Key in Bits
-     * @param certainty
-     *            the probability that the generated primes are not really prime
-     *            as integer: 2^(-certainty) is then the probability
-     * @param cntSmallPrimes
-     *            How many small key factors are desired
-     * @param debug
-     *            Turn debugging on or off (reveals secret information, use with
-     *            caution)
-     */
-    public NaccacheSternKeyGenerationParameters(SecureRandom random,
-            int strength, int certainty, int cntSmallPrimes, boolean debug)
-    {
-        super(random, strength);
-
-        this.certainty = certainty;
-        if (cntSmallPrimes % 2 == 1)
-        {
-            throw new IllegalArgumentException("cntSmallPrimes must be a multiple of 2");
-        }
-        if (cntSmallPrimes < 30)
-        {
-            throw new IllegalArgumentException("cntSmallPrimes must be >= 30 for security reasons");
-        }
-        this.cntSmallPrimes = cntSmallPrimes;
-
-        this.debug = debug;
-    }
-
-    /**
-     * @return Returns the certainty.
-     */
-    public int getCertainty()
-    {
-        return certainty;
-    }
-
-    /**
-     * @return Returns the cntSmallPrimes.
-     */
-    public int getCntSmallPrimes()
-    {
-        return cntSmallPrimes;
-    }
-
-    public boolean isDebug()
-    {
-        return debug;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/NaccacheSternKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/NaccacheSternKeyParameters.java
deleted file mode 100644
index 21b6a28..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/NaccacheSternKeyParameters.java
+++ /dev/null

@@ -1,53 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import java.math.BigInteger;
-
-/**
- * Public key parameters for NaccacheStern cipher. For details on this cipher,
- * please see
- * 
- * http://www.gemplus.com/smart/rd/publications/pdf/NS98pkcs.pdf
- */
-public class NaccacheSternKeyParameters extends AsymmetricKeyParameter
-{
-
-    private BigInteger g, n;
-
-    int lowerSigmaBound;
-
-    /**
-     * @param privateKey
-     */
-    public NaccacheSternKeyParameters(boolean privateKey, BigInteger g, BigInteger n, int lowerSigmaBound)
-    {
-        super(privateKey);
-        this.g = g;
-        this.n = n;
-        this.lowerSigmaBound = lowerSigmaBound;
-    }
-
-    /**
-     * @return Returns the g.
-     */
-    public BigInteger getG()
-    {
-        return g;
-    }
-
-    /**
-     * @return Returns the lowerSigmaBound.
-     */
-    public int getLowerSigmaBound()
-    {
-        return lowerSigmaBound;
-    }
-
-    /**
-     * @return Returns the n.
-     */
-    public BigInteger getModulus()
-    {
-        return n;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/NaccacheSternPrivateKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/NaccacheSternPrivateKeyParameters.java
deleted file mode 100644
index 6d0ec48..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/NaccacheSternPrivateKeyParameters.java
+++ /dev/null

@@ -1,50 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import java.math.BigInteger;
-import java.util.Vector;
-
-/**
- * Private key parameters for NaccacheStern cipher. For details on this cipher,
- * please see
- * 
- * http://www.gemplus.com/smart/rd/publications/pdf/NS98pkcs.pdf
- */
-public class NaccacheSternPrivateKeyParameters extends NaccacheSternKeyParameters 
-{
-    private BigInteger phi_n;
-    private Vector     smallPrimes;
-
-    /**
-     * Constructs a NaccacheSternPrivateKey
-     * 
-     * @param g
-     *            the public enryption parameter g
-     * @param n
-     *            the public modulus n = p*q
-     * @param lowerSigmaBound
-     *            the public lower sigma bound up to which data can be encrypted
-     * @param smallPrimes
-     *            the small primes, of which sigma is constructed in the right
-     *            order
-     * @param phi_n
-     *            the private modulus phi(n) = (p-1)(q-1)
-     */
-    public NaccacheSternPrivateKeyParameters(BigInteger g, BigInteger n,
-            int lowerSigmaBound, Vector smallPrimes,
-            BigInteger phi_n)
-    {
-        super(true, g, n, lowerSigmaBound);
-        this.smallPrimes = smallPrimes;
-        this.phi_n = phi_n;
-    }
-
-    public BigInteger getPhi_n()
-    {
-        return phi_n;
-    }
-
-    public Vector getSmallPrimes()
-    {
-        return smallPrimes;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/ParametersWithSBox.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/ParametersWithSBox.java
deleted file mode 100644
index b226a9d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/ParametersWithSBox.java
+++ /dev/null

@@ -1,28 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.CipherParameters;
-
-public class ParametersWithSBox
-    implements CipherParameters
-{
-    private CipherParameters  parameters;
-    private byte[]            sBox;
-
-    public ParametersWithSBox(
-        CipherParameters parameters,
-        byte[]           sBox)
-    {
-        this.parameters = parameters;
-        this.sBox = sBox;
-    }
-
-    public byte[] getSBox()
-    {
-        return sBox;
-    }
-
-    public CipherParameters getParameters()
-    {
-        return parameters;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/ParametersWithSalt.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/ParametersWithSalt.java
deleted file mode 100644
index 73765dd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/ParametersWithSalt.java
+++ /dev/null

@@ -1,42 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.CipherParameters;
-
-/**
- * Cipher parameters with a fixed salt value associated with them.
- */
-public class ParametersWithSalt
-    implements CipherParameters
-{
-    private byte[]              salt;
-    private CipherParameters    parameters;
-
-    public ParametersWithSalt(
-        CipherParameters    parameters,
-        byte[]              salt)
-    {
-        this(parameters, salt, 0, salt.length);
-    }
-
-    public ParametersWithSalt(
-        CipherParameters    parameters,
-        byte[]              salt,
-        int                 saltOff,
-        int                 saltLen)
-    {
-        this.salt = new byte[saltLen];
-        this.parameters = parameters;
-
-        System.arraycopy(salt, saltOff, this.salt, 0, saltLen);
-    }
-
-    public byte[] getSalt()
-    {
-        return salt;
-    }
-
-    public CipherParameters getParameters()
-    {
-        return parameters;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/ParametersWithUKM.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/ParametersWithUKM.java
deleted file mode 100644
index 55001e3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/ParametersWithUKM.java
+++ /dev/null

@@ -1,39 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.CipherParameters;
-
-public class ParametersWithUKM
-    implements CipherParameters
-{
-    private byte[] ukm;
-    private CipherParameters    parameters;
-
-    public ParametersWithUKM(
-        CipherParameters    parameters,
-        byte[] ukm)
-    {
-        this(parameters, ukm, 0, ukm.length);
-    }
-
-    public ParametersWithUKM(
-        CipherParameters    parameters,
-        byte[] ukm,
-        int                 ivOff,
-        int                 ivLen)
-    {
-        this.ukm = new byte[ivLen];
-        this.parameters = parameters;
-
-        System.arraycopy(ukm, ivOff, this.ukm, 0, ivLen);
-    }
-
-    public byte[] getUKM()
-    {
-        return ukm;
-    }
-
-    public CipherParameters getParameters()
-    {
-        return parameters;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/RC5Parameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/RC5Parameters.java
deleted file mode 100644
index 6cbd57f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/RC5Parameters.java
+++ /dev/null

@@ -1,35 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.CipherParameters;
-
-public class RC5Parameters
-    implements CipherParameters
-{
-    private byte[]  key;
-    private int     rounds;
-
-    public RC5Parameters(
-        byte[]  key,
-        int     rounds)
-    {
-        if (key.length > 255)
-        {
-            throw new IllegalArgumentException("RC5 key length can be no greater than 255");
-        }
-
-        this.key = new byte[key.length];
-        this.rounds = rounds;
-
-        System.arraycopy(key, 0, this.key, 0, key.length);
-    }
-
-    public byte[] getKey()
-    {
-        return key;
-    }
-
-    public int getRounds()
-    {
-        return rounds;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/RSABlindingParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/RSABlindingParameters.java
deleted file mode 100644
index c7fa6ba..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/RSABlindingParameters.java
+++ /dev/null

@@ -1,35 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.CipherParameters;
-
-import java.math.BigInteger;
-
-public class RSABlindingParameters
-    implements CipherParameters
-{
-    private RSAKeyParameters publicKey;
-    private BigInteger       blindingFactor;
-
-    public RSABlindingParameters(
-        RSAKeyParameters publicKey,
-        BigInteger       blindingFactor)
-    {
-        if (publicKey instanceof RSAPrivateCrtKeyParameters)
-        {
-            throw new IllegalArgumentException("RSA parameters should be for a public key");
-        }
-        
-        this.publicKey = publicKey;
-        this.blindingFactor = blindingFactor;
-    }
-
-    public RSAKeyParameters getPublicKey()
-    {
-        return publicKey;
-    }
-
-    public BigInteger getBlindingFactor()
-    {
-        return blindingFactor;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/SM2KeyExchangePrivateParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/SM2KeyExchangePrivateParameters.java
deleted file mode 100644
index 860cf6d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/SM2KeyExchangePrivateParameters.java
+++ /dev/null

@@ -1,68 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.math.ec.ECPoint;
-
-/**
- * Private parameters for an SM2 key exchange. The ephemeralPrivateKey is used to calculate the random point used in the algorithm.
- */
-public class SM2KeyExchangePrivateParameters
-    implements CipherParameters
-{
-    private final boolean initiator;
-    private final ECPrivateKeyParameters staticPrivateKey;
-    private final ECPoint staticPublicPoint;
-    private final ECPrivateKeyParameters ephemeralPrivateKey;
-    private final ECPoint ephemeralPublicPoint;
-
-    public SM2KeyExchangePrivateParameters(
-        boolean initiator,
-        ECPrivateKeyParameters staticPrivateKey,
-        ECPrivateKeyParameters ephemeralPrivateKey)
-    {
-        if (staticPrivateKey == null)
-        {
-            throw new NullPointerException("staticPrivateKey cannot be null");
-        }
-        if (ephemeralPrivateKey == null)
-        {
-            throw new NullPointerException("ephemeralPrivateKey cannot be null");
-        }
-
-        ECDomainParameters parameters = staticPrivateKey.getParameters();
-        if (!parameters.equals(ephemeralPrivateKey.getParameters()))
-        {
-            throw new IllegalArgumentException("Static and ephemeral private keys have different domain parameters");
-        }
-
-        this.initiator = initiator;
-        this.staticPrivateKey = staticPrivateKey;
-        this.staticPublicPoint = parameters.getG().multiply(staticPrivateKey.getD()).normalize();
-        this.ephemeralPrivateKey = ephemeralPrivateKey;
-        this.ephemeralPublicPoint = parameters.getG().multiply(ephemeralPrivateKey.getD()).normalize();
-    }
-
-    public boolean isInitiator()
-    {
-        return initiator;
-    }
-    public ECPrivateKeyParameters getStaticPrivateKey()
-    {
-        return staticPrivateKey;
-    }
-
-    public ECPoint getStaticPublicPoint()
-    {
-        return staticPublicPoint;
-    }
-
-    public ECPrivateKeyParameters getEphemeralPrivateKey()
-    {
-        return ephemeralPrivateKey;
-    }
-
-    public ECPoint getEphemeralPublicPoint()
-    {
-        return ephemeralPublicPoint;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/SM2KeyExchangePublicParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/SM2KeyExchangePublicParameters.java
deleted file mode 100644
index fa5dc00..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/SM2KeyExchangePublicParameters.java
+++ /dev/null

@@ -1,44 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.CipherParameters;
-
-/**
- * Public parameters for an SM2 key exchange. In this case the ephemeralPublicKey provides the random point used in the algorithm.
- */
-public class SM2KeyExchangePublicParameters
-    implements CipherParameters
-{
-    private final ECPublicKeyParameters staticPublicKey;
-    private final ECPublicKeyParameters ephemeralPublicKey;
-
-    public SM2KeyExchangePublicParameters(
-        ECPublicKeyParameters   staticPublicKey,
-        ECPublicKeyParameters   ephemeralPublicKey)
-    {
-        if (staticPublicKey == null)
-        {
-            throw new NullPointerException("staticPublicKey cannot be null");
-        }
-        if (ephemeralPublicKey == null)
-        {
-            throw new NullPointerException("ephemeralPublicKey cannot be null");
-        }
-        if (!staticPublicKey.getParameters().equals(ephemeralPublicKey.getParameters()))
-        {
-            throw new IllegalArgumentException("Static and ephemeral public keys have different domain parameters");
-        }
-
-        this.staticPublicKey = staticPublicKey;
-        this.ephemeralPublicKey = ephemeralPublicKey;
-    }
-
-    public ECPublicKeyParameters getStaticPublicKey()
-    {
-        return staticPublicKey;
-    }
-
-    public ECPublicKeyParameters getEphemeralPublicKey()
-    {
-        return ephemeralPublicKey;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/SRP6GroupParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/SRP6GroupParameters.java
deleted file mode 100644
index 506560e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/SRP6GroupParameters.java
+++ /dev/null

@@ -1,24 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import java.math.BigInteger;
-
-public class SRP6GroupParameters
-{
-    private BigInteger N, g;
-
-    public SRP6GroupParameters(BigInteger N, BigInteger g)
-    {
-        this.N = N;
-        this.g = g;
-    }
-
-    public BigInteger getG()
-    {
-        return g;
-    }
-
-    public BigInteger getN()
-    {
-        return N;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/SkeinParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/SkeinParameters.java
deleted file mode 100644
index 6451b96..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/SkeinParameters.java
+++ /dev/null

@@ -1,329 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.OutputStreamWriter;
-import java.text.DateFormat;
-import java.text.SimpleDateFormat;
-import java.util.Date;
-import java.util.Enumeration;
-import java.util.Hashtable;
-import java.util.Locale;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.digests.SkeinDigest;
-import org.bouncycastle.crypto.digests.SkeinEngine;
-import org.bouncycastle.crypto.macs.SkeinMac;
-import org.bouncycastle.util.Integers;
-
-/**
- * Parameters for the Skein hash function - a series of byte[] strings identified by integer tags.
- * <p>
- * Parameterised Skein can be used for:
- * <ul>
- * <li>MAC generation, by providing a {@link SkeinParameters.Builder#setKey(byte[]) key}.</li>
- * <li>Randomised hashing, by providing a {@link SkeinParameters.Builder#setNonce(byte[]) nonce}.</li>
- * <li>A hash function for digital signatures, associating a
- * {@link SkeinParameters.Builder#setPublicKey(byte[]) public key} with the message digest.</li>
- * <li>A key derivation function, by providing a
- * {@link SkeinParameters.Builder#setKeyIdentifier(byte[]) key identifier}.</li>
- * <li>Personalised hashing, by providing a
- * {@link SkeinParameters.Builder#setPersonalisation(Date, String, String) recommended format} or
- * {@link SkeinParameters.Builder#setPersonalisation(byte[]) arbitrary} personalisation string.</li>
- * </ul>
- *
- * @see SkeinEngine
- * @see SkeinDigest
- * @see SkeinMac
- */
-public class SkeinParameters
-    implements CipherParameters
-{
-    /**
-     * The parameter type for a secret key, supporting MAC or KDF functions: {@value
-     * #PARAM_TYPE_KEY}.
-     */
-    public static final int PARAM_TYPE_KEY = 0;
-
-    /**
-     * The parameter type for the Skein configuration block: {@value #PARAM_TYPE_CONFIG}.
-     */
-    public static final int PARAM_TYPE_CONFIG = 4;
-
-    /**
-     * The parameter type for a personalisation string: {@value #PARAM_TYPE_PERSONALISATION}.
-     */
-    public static final int PARAM_TYPE_PERSONALISATION = 8;
-
-    /**
-     * The parameter type for a public key: {@value #PARAM_TYPE_PUBLIC_KEY}.
-     */
-    public static final int PARAM_TYPE_PUBLIC_KEY = 12;
-
-    /**
-     * The parameter type for a key identifier string: {@value #PARAM_TYPE_KEY_IDENTIFIER}.
-     */
-    public static final int PARAM_TYPE_KEY_IDENTIFIER = 16;
-
-    /**
-     * The parameter type for a nonce: {@value #PARAM_TYPE_NONCE}.
-     */
-    public static final int PARAM_TYPE_NONCE = 20;
-
-    /**
-     * The parameter type for the message: {@value #PARAM_TYPE_MESSAGE}.
-     */
-    public static final int PARAM_TYPE_MESSAGE = 48;
-
-    /**
-     * The parameter type for the output transformation: {@value #PARAM_TYPE_OUTPUT}.
-     */
-    public static final int PARAM_TYPE_OUTPUT = 63;
-
-    private Hashtable parameters;
-
-    public SkeinParameters()
-    {
-        this(new Hashtable());
-    }
-
-    private SkeinParameters(final Hashtable parameters)
-    {
-        this.parameters = parameters;
-    }
-
-    /**
-     * Obtains a map of type (Integer) to value (byte[]) for the parameters tracked in this object.
-     */
-    public Hashtable getParameters()
-    {
-        return parameters;
-    }
-
-    /**
-     * Obtains the value of the {@link #PARAM_TYPE_KEY key parameter}, or <code>null</code> if not
-     * set.
-     */
-    public byte[] getKey()
-    {
-        return (byte[])parameters.get(Integers.valueOf(PARAM_TYPE_KEY));
-    }
-
-    /**
-     * Obtains the value of the {@link #PARAM_TYPE_PERSONALISATION personalisation parameter}, or
-     * <code>null</code> if not set.
-     */
-    public byte[] getPersonalisation()
-    {
-        return (byte[])parameters.get(Integers.valueOf(PARAM_TYPE_PERSONALISATION));
-    }
-
-    /**
-     * Obtains the value of the {@link #PARAM_TYPE_PUBLIC_KEY public key parameter}, or
-     * <code>null</code> if not set.
-     */
-    public byte[] getPublicKey()
-    {
-        return (byte[])parameters.get(Integers.valueOf(PARAM_TYPE_PUBLIC_KEY));
-    }
-
-    /**
-     * Obtains the value of the {@link #PARAM_TYPE_KEY_IDENTIFIER key identifier parameter}, or
-     * <code>null</code> if not set.
-     */
-    public byte[] getKeyIdentifier()
-    {
-        return (byte[])parameters.get(Integers.valueOf(PARAM_TYPE_KEY_IDENTIFIER));
-    }
-
-    /**
-     * Obtains the value of the {@link #PARAM_TYPE_NONCE nonce parameter}, or <code>null</code> if
-     * not set.
-     */
-    public byte[] getNonce()
-    {
-        return (byte[])parameters.get(Integers.valueOf(PARAM_TYPE_NONCE));
-    }
-
-    /**
-     * A builder for {@link SkeinParameters}.
-     */
-    public static class Builder
-    {
-        private Hashtable parameters = new Hashtable();
-
-        public Builder()
-        {
-        }
-
-        public Builder(Hashtable paramsMap)
-        {
-            Enumeration keys = paramsMap.keys();
-            while (keys.hasMoreElements())
-            {
-                Integer key = (Integer)keys.nextElement();
-                parameters.put(key, paramsMap.get(key));
-            }
-        }
-
-        public Builder(SkeinParameters params)
-        {
-            Enumeration keys = params.parameters.keys();
-            while (keys.hasMoreElements())
-            {
-                Integer key = (Integer)keys.nextElement();
-                parameters.put(key, params.parameters.get(key));
-            }
-        }
-
-        /**
-         * Sets a parameters to apply to the Skein hash function.<br>
-         * Parameter types must be in the range 0,5..62, and cannot use the value {@link
-         * #PARAM_TYPE_MESSAGE} (reserved for message body).
-         * <p>
-         * Parameters with type &lt; {@link #PARAM_TYPE_MESSAGE} are processed before
-         * the message content, parameters with type &gt; {@link #PARAM_TYPE_MESSAGE}
-         * are processed after the message and prior to output.
-         *
-         * @param type  the type of the parameter, in the range 5..62.
-         * @param value the byte sequence of the parameter.
-         * @return the current builder instance.
-         */
-        public Builder set(int type, byte[] value)
-        {
-            if (value == null)
-            {
-                throw new IllegalArgumentException("Parameter value must not be null.");
-            }
-            if ((type != PARAM_TYPE_KEY)
-                && (type < PARAM_TYPE_CONFIG || type >= PARAM_TYPE_OUTPUT || type == PARAM_TYPE_MESSAGE))
-            {
-                throw new IllegalArgumentException("Parameter types must be in the range 0,5..47,49..62.");
-            }
-            if (type == PARAM_TYPE_CONFIG)
-            {
-                throw new IllegalArgumentException("Parameter type " + PARAM_TYPE_CONFIG
-                    + " is reserved for internal use.");
-            }
-            this.parameters.put(Integers.valueOf(type), value);
-            return this;
-        }
-
-        /**
-         * Sets the {@link #PARAM_TYPE_KEY} parameter.
-         */
-        public Builder setKey(byte[] key)
-        {
-            return set(PARAM_TYPE_KEY, key);
-        }
-
-        /**
-         * Sets the {@link #PARAM_TYPE_PERSONALISATION} parameter.
-         */
-        public Builder setPersonalisation(byte[] personalisation)
-        {
-            return set(PARAM_TYPE_PERSONALISATION, personalisation);
-        }
-
-        /**
-         * Implements the recommended personalisation format for Skein defined in Section 4.11 of
-         * the Skein 1.3 specification.
-         * <p>
-         * The format is <code>YYYYMMDD email@address distinguisher</code>, encoded to a byte
-         * sequence using UTF-8 encoding.
-         *
-         * @param date          the date the personalised application of the Skein was defined.
-         * @param emailAddress  the email address of the creation of the personalised application.
-         * @param distinguisher an arbitrary personalisation string distinguishing the application.
-         * @return the current builder.
-         */
-        public Builder setPersonalisation(Date date, String emailAddress, String distinguisher)
-        {
-            try
-            {
-                final ByteArrayOutputStream bout = new ByteArrayOutputStream();
-                final OutputStreamWriter out = new OutputStreamWriter(bout, "UTF-8");
-                final DateFormat format = new SimpleDateFormat("YYYYMMDD");
-                out.write(format.format(date));
-                out.write(" ");
-                out.write(emailAddress);
-                out.write(" ");
-                out.write(distinguisher);
-                out.close();
-                return set(PARAM_TYPE_PERSONALISATION, bout.toByteArray());
-            }
-            catch (IOException e)
-            {
-                throw new IllegalStateException("Byte I/O failed: " + e);
-            }
-        }
-
-        /**
-          * Implements the recommended personalisation format for Skein defined in Section 4.11 of
-          * the Skein 1.3 specification. You may need to use this method if the default locale
-          * doesn't use a Gregorian calender so that the GeneralizedTime produced is compatible implementations.
-          * <p>
-          * The format is <code>YYYYMMDD email@address distinguisher</code>, encoded to a byte
-          * sequence using UTF-8 encoding.
-          *
-          * @param date          the date the personalised application of the Skein was defined.
-          * @param dateLocale    locale to be used for date interpretation.
-          * @param emailAddress  the email address of the creation of the personalised application.
-          * @param distinguisher an arbitrary personalisation string distinguishing the application.
-          * @return the current builder.
-          */
-         public Builder setPersonalisation(Date date, Locale dateLocale, String emailAddress, String distinguisher)
-         {
-             try
-             {
-                 final ByteArrayOutputStream bout = new ByteArrayOutputStream();
-                 final OutputStreamWriter out = new OutputStreamWriter(bout, "UTF-8");
-                 final DateFormat format = new SimpleDateFormat("YYYYMMDD", dateLocale);
-                 out.write(format.format(date));
-                 out.write(" ");
-                 out.write(emailAddress);
-                 out.write(" ");
-                 out.write(distinguisher);
-                 out.close();
-                 return set(PARAM_TYPE_PERSONALISATION, bout.toByteArray());
-             }
-             catch (IOException e)
-             {
-                 throw new IllegalStateException("Byte I/O failed: " + e);
-             }
-         }
-
-        /**
-         * Sets the {@link SkeinParameters#PARAM_TYPE_KEY_IDENTIFIER} parameter.
-         */
-        public Builder setPublicKey(byte[] publicKey)
-        {
-            return set(PARAM_TYPE_PUBLIC_KEY, publicKey);
-        }
-
-        /**
-         * Sets the {@link SkeinParameters#PARAM_TYPE_KEY_IDENTIFIER} parameter.
-         */
-        public Builder setKeyIdentifier(byte[] keyIdentifier)
-        {
-            return set(PARAM_TYPE_KEY_IDENTIFIER, keyIdentifier);
-        }
-
-        /**
-         * Sets the {@link SkeinParameters#PARAM_TYPE_NONCE} parameter.
-         */
-        public Builder setNonce(byte[] nonce)
-        {
-            return set(PARAM_TYPE_NONCE, nonce);
-        }
-
-        /**
-         * Constructs a new {@link SkeinParameters} instance with the parameters provided to this
-         * builder.
-         */
-        public SkeinParameters build()
-        {
-            return new SkeinParameters(parameters);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/TweakableBlockCipherParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/TweakableBlockCipherParameters.java
deleted file mode 100644
index fa16fac..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/TweakableBlockCipherParameters.java
+++ /dev/null

@@ -1,40 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Parameters for tweakable block ciphers.
- */
-public class TweakableBlockCipherParameters
-    implements CipherParameters
-{
-    private final byte[] tweak;
-    private final KeyParameter key;
-
-    public TweakableBlockCipherParameters(final KeyParameter key, final byte[] tweak)
-    {
-        this.key = key;
-        this.tweak = Arrays.clone(tweak);
-    }
-
-    /**
-     * Gets the key.
-     *
-     * @return the key to use, or <code>null</code> to use the current key.
-     */
-    public KeyParameter getKey()
-    {
-        return key;
-    }
-
-    /**
-     * Gets the tweak value.
-     *
-     * @return the tweak to use, or <code>null</code> to use the current tweak.
-     */
-    public byte[] getTweak()
-    {
-        return tweak;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/X25519KeyGenerationParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/X25519KeyGenerationParameters.java
deleted file mode 100644
index ac6ea70..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/X25519KeyGenerationParameters.java
+++ /dev/null

@@ -1,14 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.KeyGenerationParameters;
-
-public class X25519KeyGenerationParameters
-    extends KeyGenerationParameters
-{
-    public X25519KeyGenerationParameters(SecureRandom random)
-    {
-        super(random, 255);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/X25519PrivateKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/X25519PrivateKeyParameters.java
deleted file mode 100644
index 7535ca9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/X25519PrivateKeyParameters.java
+++ /dev/null

@@ -1,70 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import java.io.EOFException;
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.SecureRandom;
-
-import org.bouncycastle.math.ec.rfc7748.X25519;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.io.Streams;
-
-public final class X25519PrivateKeyParameters
-    extends AsymmetricKeyParameter
-{
-    public static final int KEY_SIZE = X25519.SCALAR_SIZE;
-    public static final int SECRET_SIZE = X25519.POINT_SIZE;
-
-    private final byte[] data = new byte[KEY_SIZE];
-
-    public X25519PrivateKeyParameters(SecureRandom random)
-    {
-        super(true);
-
-        X25519.generatePrivateKey(random, data);
-    }
-
-    public X25519PrivateKeyParameters(byte[] buf, int off)
-    {
-        super(true);
-
-        System.arraycopy(buf, off, data, 0, KEY_SIZE);
-    }
-
-    public X25519PrivateKeyParameters(InputStream input) throws IOException
-    {
-        super(true);
-
-        if (KEY_SIZE != Streams.readFully(input, data))
-        {
-            throw new EOFException("EOF encountered in middle of X25519 private key");
-        }
-    }
-
-    public void encode(byte[] buf, int off)
-    {
-        System.arraycopy(data, 0, buf, off, KEY_SIZE);
-    }
-
-    public byte[] getEncoded()
-    {
-        return Arrays.clone(data);
-    }
-
-    public X25519PublicKeyParameters generatePublicKey()
-    {
-        byte[] publicKey = new byte[X25519.POINT_SIZE];
-        X25519.generatePublicKey(data, 0, publicKey, 0);
-        return new X25519PublicKeyParameters(publicKey, 0);
-    }
-
-    public void generateSecret(X25519PublicKeyParameters publicKey, byte[] buf, int off)
-    {
-        byte[] encoded = new byte[X25519.POINT_SIZE];
-        publicKey.encode(encoded, 0);
-        if (!X25519.calculateAgreement(data, 0, encoded, 0, buf, off))
-        {
-            throw new IllegalStateException("X25519 agreement failed");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/X25519PublicKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/X25519PublicKeyParameters.java
deleted file mode 100644
index 33d1701..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/X25519PublicKeyParameters.java
+++ /dev/null

@@ -1,44 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import java.io.EOFException;
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.bouncycastle.math.ec.rfc7748.X25519;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.io.Streams;
-
-public final class X25519PublicKeyParameters
-    extends AsymmetricKeyParameter
-{
-    public static final int KEY_SIZE = X25519.POINT_SIZE;
-
-    private final byte[] data = new byte[KEY_SIZE];
-
-    public X25519PublicKeyParameters(byte[] buf, int off)
-    {
-        super(false);
-
-        System.arraycopy(buf, off, data, 0, KEY_SIZE);
-    }
-
-    public X25519PublicKeyParameters(InputStream input) throws IOException
-    {
-        super(false);
-
-        if (KEY_SIZE != Streams.readFully(input, data))
-        {
-            throw new EOFException("EOF encountered in middle of X25519 public key");
-        }
-    }
-
-    public void encode(byte[] buf, int off)
-    {
-        System.arraycopy(data, 0, buf, off, KEY_SIZE);
-    }
-
-    public byte[] getEncoded()
-    {
-        return Arrays.clone(data);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/X448KeyGenerationParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/X448KeyGenerationParameters.java
deleted file mode 100644
index 9472244..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/X448KeyGenerationParameters.java
+++ /dev/null

@@ -1,14 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.KeyGenerationParameters;
-
-public class X448KeyGenerationParameters
-    extends KeyGenerationParameters
-{
-    public X448KeyGenerationParameters(SecureRandom random)
-    {
-        super(random, 448);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/X448PrivateKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/X448PrivateKeyParameters.java
deleted file mode 100644
index c4e0195..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/X448PrivateKeyParameters.java
+++ /dev/null

@@ -1,70 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import java.io.EOFException;
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.SecureRandom;
-
-import org.bouncycastle.math.ec.rfc7748.X448;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.io.Streams;
-
-public final class X448PrivateKeyParameters
-    extends AsymmetricKeyParameter
-{
-    public static final int KEY_SIZE = X448.SCALAR_SIZE;
-    public static final int SECRET_SIZE = X448.POINT_SIZE;
-
-    private final byte[] data = new byte[KEY_SIZE];
-
-    public X448PrivateKeyParameters(SecureRandom random)
-    {
-        super(true);
-
-        X448.generatePrivateKey(random, data);
-    }
-
-    public X448PrivateKeyParameters(byte[] buf, int off)
-    {
-        super(true);
-
-        System.arraycopy(buf, off, data, 0, KEY_SIZE);
-    }
-
-    public X448PrivateKeyParameters(InputStream input) throws IOException
-    {
-        super(true);
-
-        if (KEY_SIZE != Streams.readFully(input, data))
-        {
-            throw new EOFException("EOF encountered in middle of X448 private key");
-        }
-    }
-
-    public void encode(byte[] buf, int off)
-    {
-        System.arraycopy(data, 0, buf, off, KEY_SIZE);
-    }
-
-    public byte[] getEncoded()
-    {
-        return Arrays.clone(data);
-    }
-
-    public X448PublicKeyParameters generatePublicKey()
-    {
-        byte[] publicKey = new byte[X448.POINT_SIZE];
-        X448.generatePublicKey(data, 0, publicKey, 0);
-        return new X448PublicKeyParameters(publicKey, 0);
-    }
-
-    public void generateSecret(X448PublicKeyParameters publicKey, byte[] buf, int off)
-    {
-        byte[] encoded = new byte[X448.POINT_SIZE];
-        publicKey.encode(encoded, 0);
-        if (!X448.calculateAgreement(data, 0, encoded, 0, buf, off))
-        {
-            throw new IllegalStateException("X448 agreement failed");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/X448PublicKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/X448PublicKeyParameters.java
deleted file mode 100644
index a0da720..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/X448PublicKeyParameters.java
+++ /dev/null

@@ -1,44 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import java.io.EOFException;
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.bouncycastle.math.ec.rfc7748.X448;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.io.Streams;
-
-public final class X448PublicKeyParameters
-    extends AsymmetricKeyParameter
-{
-    public static final int KEY_SIZE = X448.POINT_SIZE;
-
-    private final byte[] data = new byte[KEY_SIZE];
-
-    public X448PublicKeyParameters(byte[] buf, int off)
-    {
-        super(false);
-
-        System.arraycopy(buf, off, data, 0, KEY_SIZE);
-    }
-
-    public X448PublicKeyParameters(InputStream input) throws IOException
-    {
-        super(false);
-
-        if (KEY_SIZE != Streams.readFully(input, data))
-        {
-            throw new EOFException("EOF encountered in middle of X448 public key");
-        }
-    }
-
-    public void encode(byte[] buf, int off)
-    {
-        System.arraycopy(data, 0, buf, off, KEY_SIZE);
-    }
-
-    public byte[] getEncoded()
-    {
-        return Arrays.clone(data);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/XDHUPrivateParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/XDHUPrivateParameters.java
deleted file mode 100644
index 7b991ea..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/XDHUPrivateParameters.java
+++ /dev/null

@@ -1,87 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.CipherParameters;
-
-/**
- * Parameters holder for private unified static/ephemeral agreement using Edwards Curves.
- */
-public class XDHUPrivateParameters
-    implements CipherParameters
-{
-    private AsymmetricKeyParameter staticPrivateKey;
-    private AsymmetricKeyParameter ephemeralPrivateKey;
-    private AsymmetricKeyParameter ephemeralPublicKey;
-
-    public XDHUPrivateParameters(
-        AsymmetricKeyParameter  staticPrivateKey,
-        AsymmetricKeyParameter  ephemeralPrivateKey)
-    {
-        this(staticPrivateKey, ephemeralPrivateKey, null);
-    }
-
-    public XDHUPrivateParameters(
-        AsymmetricKeyParameter  staticPrivateKey,
-        AsymmetricKeyParameter  ephemeralPrivateKey,
-        AsymmetricKeyParameter  ephemeralPublicKey)
-    {
-        if (staticPrivateKey == null)
-        {
-            throw new NullPointerException("staticPrivateKey cannot be null");
-        }
-        if (!(staticPrivateKey instanceof X448PrivateKeyParameters || staticPrivateKey instanceof X25519PrivateKeyParameters))
-        {
-            throw new IllegalArgumentException("only X25519 and X448 paramaters can be used");
-        }
-        if (ephemeralPrivateKey == null)
-        {
-            throw new NullPointerException("ephemeralPrivateKey cannot be null");
-        }
-
-        if (!staticPrivateKey.getClass().isAssignableFrom(ephemeralPrivateKey.getClass()))
-        {
-            throw new IllegalArgumentException("static and ephemeral private keys have different domain parameters");
-        }
-
-        if (ephemeralPublicKey == null)
-        {
-            if (ephemeralPrivateKey instanceof X448PrivateKeyParameters)
-            {
-                ephemeralPublicKey = ((X448PrivateKeyParameters)ephemeralPrivateKey).generatePublicKey();
-            }
-            else
-            {
-                ephemeralPublicKey = ((X25519PrivateKeyParameters)ephemeralPrivateKey).generatePublicKey();
-            }
-        }
-        else
-        {
-            if (ephemeralPublicKey instanceof X448PublicKeyParameters && !(staticPrivateKey instanceof X448PrivateKeyParameters))
-            {
-                throw new IllegalArgumentException("ephemeral public key has different domain parameters");
-            }
-            if (ephemeralPublicKey instanceof X25519PublicKeyParameters && !(staticPrivateKey instanceof X25519PrivateKeyParameters))
-            {
-                throw new IllegalArgumentException("ephemeral public key has different domain parameters");
-            }
-        }
-
-        this.staticPrivateKey = staticPrivateKey;
-        this.ephemeralPrivateKey = ephemeralPrivateKey;
-        this.ephemeralPublicKey = ephemeralPublicKey;
-    }
-
-    public AsymmetricKeyParameter getStaticPrivateKey()
-    {
-        return staticPrivateKey;
-    }
-
-    public AsymmetricKeyParameter getEphemeralPrivateKey()
-    {
-        return ephemeralPrivateKey;
-    }
-
-    public AsymmetricKeyParameter getEphemeralPublicKey()
-    {
-        return ephemeralPublicKey;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/XDHUPublicParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/params/XDHUPublicParameters.java
deleted file mode 100644
index ac6c063..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/XDHUPublicParameters.java
+++ /dev/null

@@ -1,48 +0,0 @@
-package org.bouncycastle.crypto.params;
-
-import org.bouncycastle.crypto.CipherParameters;
-
-/**
- * Parameters holder for public unified static/ephemeral agreement using Edwards Curves.
- */
-public class XDHUPublicParameters
-    implements CipherParameters
-{
-    private AsymmetricKeyParameter staticPublicKey;
-    private AsymmetricKeyParameter ephemeralPublicKey;
-
-    public XDHUPublicParameters(
-        AsymmetricKeyParameter   staticPublicKey,
-        AsymmetricKeyParameter   ephemeralPublicKey)
-    {
-        if (staticPublicKey == null)
-        {
-            throw new NullPointerException("staticPublicKey cannot be null");
-        }
-        if (!(staticPublicKey instanceof X448PublicKeyParameters || staticPublicKey instanceof X25519PublicKeyParameters))
-        {
-            throw new IllegalArgumentException("only X25519 and X448 paramaters can be used");
-        }
-        if (ephemeralPublicKey == null)
-        {
-            throw new NullPointerException("ephemeralPublicKey cannot be null");
-        }
-        if (!staticPublicKey.getClass().isAssignableFrom(ephemeralPublicKey.getClass()))
-        {
-            throw new IllegalArgumentException("static and ephemeral public keys have different domain parameters");
-        }
-
-        this.staticPublicKey = staticPublicKey;
-        this.ephemeralPublicKey = ephemeralPublicKey;
-    }
-
-    public AsymmetricKeyParameter getStaticPublicKey()
-    {
-        return staticPublicKey;
-    }
-
-    public AsymmetricKeyParameter getEphemeralPublicKey()
-    {
-        return ephemeralPublicKey;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/params/package.html b/bcprov/src/main/java/org/bouncycastle/crypto/params/package.html
deleted file mode 100644
index 4e00a75..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/params/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Classes for parameter objects for ciphers and generators.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/parsers/DHIESPublicKeyParser.java b/bcprov/src/main/java/org/bouncycastle/crypto/parsers/DHIESPublicKeyParser.java
deleted file mode 100644
index 54cdee0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/parsers/DHIESPublicKeyParser.java
+++ /dev/null

@@ -1,32 +0,0 @@
-package org.bouncycastle.crypto.parsers;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.KeyParser;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.DHParameters;
-import org.bouncycastle.crypto.params.DHPublicKeyParameters;
-import org.bouncycastle.util.io.Streams;
-
-public class DHIESPublicKeyParser
-    implements KeyParser
-{
-    private DHParameters dhParams;
-
-    public DHIESPublicKeyParser(DHParameters dhParams)
-    {
-        this.dhParams = dhParams;
-    }
-
-    public AsymmetricKeyParameter readKey(InputStream stream)
-        throws IOException
-    {
-        byte[] V = new byte[(dhParams.getP().bitLength() + 7) / 8];
-
-        Streams.readFully(stream, V, 0, V.length);
-
-        return new DHPublicKeyParameters(new BigInteger(1, V), dhParams);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/parsers/ECIESPublicKeyParser.java b/bcprov/src/main/java/org/bouncycastle/crypto/parsers/ECIESPublicKeyParser.java
deleted file mode 100644
index b6b6e85..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/parsers/ECIESPublicKeyParser.java
+++ /dev/null

@@ -1,54 +0,0 @@
-package org.bouncycastle.crypto.parsers;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.bouncycastle.crypto.KeyParser;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.util.io.Streams;
-
-public class ECIESPublicKeyParser
-    implements KeyParser
-{
-    private ECDomainParameters ecParams;
-
-    public ECIESPublicKeyParser(ECDomainParameters ecParams)
-    {
-        this.ecParams = ecParams;
-    }
-
-    public AsymmetricKeyParameter readKey(InputStream stream)
-        throws IOException
-    {
-        byte[] V;
-        int    first = stream.read();
-
-        // Decode the public ephemeral key
-        switch (first)
-        {
-        case 0x00: // infinity
-            throw new IOException("Sender's public key invalid.");
-
-        case 0x02: // compressed
-        case 0x03: // Byte length calculated as in ECPoint.getEncoded();
-            V = new byte[1 + (ecParams.getCurve().getFieldSize()+7)/8];
-            break;
-
-        case 0x04: // uncompressed or
-        case 0x06: // hybrid
-        case 0x07: // Byte length calculated as in ECPoint.getEncoded();
-            V = new byte[1 + 2*((ecParams.getCurve().getFieldSize()+7)/8)];
-            break;
-
-        default:
-            throw new IOException("Sender's public key has invalid point encoding 0x" + Integer.toString(first, 16));
-        }
-
-        V[0] = (byte)first;
-        Streams.readFully(stream, V, 1, V.length - 1);
-
-        return new ECPublicKeyParameters(ecParams.getCurve().decodePoint(V), ecParams);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/parsers/package.html b/bcprov/src/main/java/org/bouncycastle/crypto/parsers/package.html
deleted file mode 100644
index 03d05c7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/parsers/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Helper classes for parsing "on the wire" public keys.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/BasicEntropySourceProvider.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/BasicEntropySourceProvider.java
deleted file mode 100644
index 6842d82..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/BasicEntropySourceProvider.java
+++ /dev/null

@@ -1,62 +0,0 @@
-package org.bouncycastle.crypto.prng;
-
-import java.security.SecureRandom;
-
-/**
- * An EntropySourceProvider where entropy generation is based on a SecureRandom output using SecureRandom.generateSeed().
- */
-public class BasicEntropySourceProvider
-    implements EntropySourceProvider
-{
-    private final SecureRandom _sr;
-    private final boolean      _predictionResistant;
-
-    /**
-     * Create a entropy source provider based on the passed in SecureRandom.
-     *
-     * @param random the SecureRandom to base EntropySource construction on.
-     * @param isPredictionResistant boolean indicating if the SecureRandom is based on prediction resistant entropy or not (true if it is).
-     */
-    public BasicEntropySourceProvider(SecureRandom random, boolean isPredictionResistant)
-    {
-        _sr = random;
-        _predictionResistant = isPredictionResistant;
-    }
-
-    /**
-     * Return an entropy source that will create bitsRequired bits of entropy on
-     * each invocation of getEntropy().
-     *
-     * @param bitsRequired size (in bits) of entropy to be created by the provided source.
-     * @return an EntropySource that generates bitsRequired bits of entropy on each call to its getEntropy() method.
-     */
-    public EntropySource get(final int bitsRequired)
-    {
-        return new EntropySource()
-        {
-            public boolean isPredictionResistant()
-            {
-                return _predictionResistant;
-            }
-
-            public byte[] getEntropy()
-            {
-                // is the RNG regarded as useful for seeding?
-                if (_sr instanceof SP800SecureRandom || _sr instanceof X931SecureRandom)
-                {
-                    byte[] rv = new byte[(bitsRequired + 7) / 8];
-
-                    _sr.nextBytes(rv);
-
-                    return rv;
-                }
-                return _sr.generateSeed((bitsRequired + 7) / 8);
-            }
-
-            public int entropySize()
-            {
-                return bitsRequired;
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/DRBGProvider.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/DRBGProvider.java
deleted file mode 100644
index c39760c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/DRBGProvider.java
+++ /dev/null

@@ -1,8 +0,0 @@
-package org.bouncycastle.crypto.prng;
-
-import org.bouncycastle.crypto.prng.drbg.SP80090DRBG;
-
-interface DRBGProvider
-{
-    SP80090DRBG get(EntropySource entropySource);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/DigestRandomGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/DigestRandomGenerator.java
deleted file mode 100644
index f36b62c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/DigestRandomGenerator.java
+++ /dev/null

@@ -1,123 +0,0 @@
-package org.bouncycastle.crypto.prng;
-
-import org.bouncycastle.crypto.Digest;
-
-/**
- * Random generation based on the digest with counter. Calling addSeedMaterial will
- * always increase the entropy of the hash.
- * <p>
- * Internal access to the digest is synchronized so a single one of these can be shared.
- * </p>
- */
-public class DigestRandomGenerator
-    implements RandomGenerator
-{
-    private static long         CYCLE_COUNT = 10;
-
-    private long                stateCounter;
-    private long                seedCounter;
-    private Digest              digest;
-    private byte[]              state;
-    private byte[]              seed;
-
-    // public constructors
-    public DigestRandomGenerator(
-        Digest digest)
-    {
-        this.digest = digest;
-
-        this.seed = new byte[digest.getDigestSize()];
-        this.seedCounter = 1;
-
-        this.state = new byte[digest.getDigestSize()];
-        this.stateCounter = 1;
-    }
-
-    public void addSeedMaterial(byte[] inSeed)
-    {
-        synchronized (this)
-        {
-            digestUpdate(inSeed);
-            digestUpdate(seed);
-            digestDoFinal(seed);
-        }
-    }
-
-    public void addSeedMaterial(long rSeed)
-    {
-        synchronized (this)
-        {
-            digestAddCounter(rSeed);
-            digestUpdate(seed);
-
-            digestDoFinal(seed);
-        }
-    }
-
-    public void nextBytes(byte[] bytes)
-    {
-        nextBytes(bytes, 0, bytes.length);
-    }
-
-    public void nextBytes(byte[] bytes, int start, int len)
-    {
-        synchronized (this)
-        {
-            int stateOff = 0;
-
-            generateState();
-
-            int end = start + len;
-            for (int i = start; i != end; i++)
-            {
-                if (stateOff == state.length)
-                {
-                    generateState();
-                    stateOff = 0;
-                }
-                bytes[i] = state[stateOff++];
-            }
-        }
-    }
-
-    private void cycleSeed()
-    {
-        digestUpdate(seed);
-        digestAddCounter(seedCounter++);
-
-        digestDoFinal(seed);
-    }
-
-    private void generateState()
-    {
-        digestAddCounter(stateCounter++);
-        digestUpdate(state);
-        digestUpdate(seed);
-
-        digestDoFinal(state);
-
-        if ((stateCounter % CYCLE_COUNT) == 0)
-        {
-            cycleSeed();
-        }
-    }
-
-    private void digestAddCounter(long seed)
-    {
-        for (int i = 0; i != 8; i++)
-        {
-            digest.update((byte)seed);
-            seed >>>= 8;
-        }
-    }
-
-    private void digestUpdate(byte[] inSeed)
-    {
-        digest.update(inSeed, 0, inSeed.length);
-    }
-
-    private void digestDoFinal(byte[] result)
-    {
-        digest.doFinal(result, 0);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/EntropySource.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/EntropySource.java
deleted file mode 100644
index 4261625..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/EntropySource.java
+++ /dev/null

@@ -1,28 +0,0 @@
-package org.bouncycastle.crypto.prng;
-
-/**
- * Base interface describing an entropy source for a DRBG.
- */
-public interface EntropySource
-{
-    /**
-     * Return whether or not this entropy source is regarded as prediction resistant.
-     *
-     * @return true if it is, false otherwise.
-     */
-    boolean isPredictionResistant();
-
-    /**
-     * Return a byte array of entropy.
-     *
-     * @return  entropy bytes.
-     */
-    byte[] getEntropy();
-
-    /**
-     * Return the number of bits of entropy this source can produce.
-     *
-     * @return size in bits of the return value of getEntropy.
-     */
-    int entropySize();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/EntropySourceProvider.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/EntropySourceProvider.java
deleted file mode 100644
index 190bf62..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/EntropySourceProvider.java
+++ /dev/null

@@ -1,6 +0,0 @@
-package org.bouncycastle.crypto.prng;
-
-public interface EntropySourceProvider
-{
-    EntropySource get(final int bitsRequired);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/EntropyUtil.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/EntropyUtil.java
deleted file mode 100644
index b34e993..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/EntropyUtil.java
+++ /dev/null

@@ -1,46 +0,0 @@
-package org.bouncycastle.crypto.prng;
-
-/**
- * Utility methods for making use of EntropySources.
- */
-public class EntropyUtil
-{
-    /**
-     * Generate numBytes worth of entropy from the passed in entropy source.
-     *
-     * @param entropySource the entropy source to request the data from.
-     * @param numBytes the number of bytes of entropy requested.
-     * @return a byte array populated with the random data.
-     */
-    public static byte[] generateSeed(EntropySource entropySource, int numBytes)
-    {
-        byte[] bytes = new byte[numBytes];
-
-        if (numBytes * 8 <= entropySource.entropySize())
-        {
-            byte[] ent = entropySource.getEntropy();
-
-            System.arraycopy(ent, 0, bytes, 0, bytes.length);
-        }
-        else
-        {
-            int entSize = entropySource.entropySize() / 8;
-
-            for (int i = 0; i < bytes.length; i += entSize)
-            {
-                byte[] ent = entropySource.getEntropy();
-
-                if (ent.length <= bytes.length - i)
-                {
-                    System.arraycopy(ent, 0, bytes, i, ent.length);
-                }
-                else
-                {
-                    System.arraycopy(ent, 0, bytes, i, bytes.length - i);
-                }
-            }
-        }
-
-        return bytes;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/FixedSecureRandom.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/FixedSecureRandom.java
deleted file mode 100644
index 3245eab..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/FixedSecureRandom.java
+++ /dev/null

@@ -1,147 +0,0 @@
-package org.bouncycastle.crypto.prng;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.security.SecureRandom;
-
-/**
- * A secure random that returns pre-seeded data to calls of nextBytes() or generateSeed().
- */
-public class FixedSecureRandom
-    extends SecureRandom
-{
-    private byte[]       _data;
-    
-    private int          _index;
-    private int          _intPad;
-    
-    public FixedSecureRandom(byte[] value)
-    {
-        this(false, new byte[][] { value });
-    }
-    
-    public FixedSecureRandom(
-        byte[][] values)
-    {
-        this(false, values);
-    }
-    
-    /**
-     * Pad the data on integer boundaries. This is necessary for the classpath project's BigInteger
-     * implementation.
-     */
-    public FixedSecureRandom(
-        boolean intPad,
-        byte[] value)
-    {
-        this(intPad, new byte[][] { value });
-    }
-    
-    /**
-     * Pad the data on integer boundaries. This is necessary for the classpath project's BigInteger
-     * implementation.
-     */
-    public FixedSecureRandom(
-        boolean intPad,
-        byte[][] values)
-    {
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        
-        for (int i = 0; i != values.length; i++)
-        {
-            try
-            {
-                bOut.write(values[i]);
-            }
-            catch (IOException e)
-            {
-                throw new IllegalArgumentException("can't save value array.");
-            }
-        }
-        
-        _data = bOut.toByteArray();
-        
-        if (intPad)
-        {
-            _intPad = _data.length % 4;
-        }
-    }
-
-    public void nextBytes(byte[] bytes)
-    {
-        System.arraycopy(_data, _index, bytes, 0, bytes.length);
-        
-        _index += bytes.length;
-    }
-
-    public byte[] generateSeed(int numBytes)
-    {
-        byte[] bytes = new byte[numBytes];
-
-        this.nextBytes(bytes);
-
-        return bytes;
-    }
-
-    //
-    // classpath's implementation of SecureRandom doesn't currently go back to nextBytes
-    // when next is called. We can't override next as it's a final method.
-    //
-    public int nextInt()
-    {
-        int val = 0;
-        
-        val |= nextValue() << 24;
-        val |= nextValue() << 16;
-        
-        if (_intPad == 2)
-        {
-            _intPad--;
-        }
-        else
-        {
-            val |= nextValue() << 8;
-        }
-        
-        if (_intPad == 1)
-        {
-            _intPad--;
-        }
-        else
-        {
-            val |= nextValue();
-        }
-        
-        return val;
-    }
-    
-    //
-    // classpath's implementation of SecureRandom doesn't currently go back to nextBytes
-    // when next is called. We can't override next as it's a final method.
-    //
-    public long nextLong()
-    {
-        long val = 0;
-        
-        val |= (long)nextValue() << 56;
-        val |= (long)nextValue() << 48;
-        val |= (long)nextValue() << 40;
-        val |= (long)nextValue() << 32;
-        val |= (long)nextValue() << 24;
-        val |= (long)nextValue() << 16;
-        val |= (long)nextValue() << 8;
-        val |= (long)nextValue();
-        
-        return val;
-    }
-
-    public boolean isExhausted()
-    {
-        return _index == _data.length;
-    }
-
-    private int nextValue()
-    {
-        return _data[_index++] & 0xff;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/RandomGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/RandomGenerator.java
deleted file mode 100644
index 47ff68e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/RandomGenerator.java
+++ /dev/null

@@ -1,38 +0,0 @@
-package org.bouncycastle.crypto.prng;
-
-/**
- * Generic interface for objects generating random bytes.
- */
-public interface RandomGenerator
-{
-    /**
-     * Add more seed material to the generator.
-     *
-     * @param seed a byte array to be mixed into the generator's state.
-     */
-    void addSeedMaterial(byte[] seed);
-
-    /**
-     * Add more seed material to the generator.
-     *
-     * @param seed a long value to be mixed into the generator's state.
-     */
-    void addSeedMaterial(long seed);
-
-    /**
-     * Fill bytes with random values.
-     *
-     * @param bytes byte array to be filled.
-     */
-    void nextBytes(byte[] bytes);
-
-    /**
-     * Fill part of bytes with random values.
-     *
-     * @param bytes byte array to be filled.
-     * @param start index to start filling at.
-     * @param len length of segment to fill.
-     */
-    void nextBytes(byte[] bytes, int start, int len);
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/ReversedWindowGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/ReversedWindowGenerator.java
deleted file mode 100644
index fbb2639..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/ReversedWindowGenerator.java
+++ /dev/null

@@ -1,111 +0,0 @@
-package org.bouncycastle.crypto.prng;
-
-/**
- * Takes bytes generated by an underling RandomGenerator and reverses the order in
- * each small window (of configurable size).
- * <p>
- * Access to internals is synchronized so a single one of these can be shared.
- * </p>
- */
-public class ReversedWindowGenerator
-    implements RandomGenerator
-{
-    private final RandomGenerator generator;
-
-    private byte[] window;
-    private int windowCount;
-
-    public ReversedWindowGenerator(
-        RandomGenerator generator,
-        int             windowSize)
-    {
-        if (generator == null)
-        {
-            throw new IllegalArgumentException("generator cannot be null");
-        }
-        if (windowSize < 2)
-        {
-            throw new IllegalArgumentException("windowSize must be at least 2");
-        }
-
-        this.generator = generator;
-        this.window = new byte[windowSize];
-    }
-
-    /**
-     * Add more seed material to the generator.
-     *
-     * @param seed a byte array to be mixed into the generator's state.
-     */
-    public void addSeedMaterial(
-        byte[] seed)
-    {
-        synchronized (this)
-        {
-            windowCount = 0;
-            generator.addSeedMaterial(seed);
-        }
-    }
-
-    /**
-     * Add more seed material to the generator.
-     *
-     * @param seed a long value to be mixed into the generator's state.
-     */
-    public void addSeedMaterial(
-        long seed)
-    {
-        synchronized (this)
-        {
-            windowCount = 0;
-            generator.addSeedMaterial(seed);
-        }
-    }
-
-    /**
-     * Fill bytes with random values.
-     *
-     * @param bytes byte array to be filled.
-     */
-    public void nextBytes(
-        byte[] bytes)
-    {
-        doNextBytes(bytes, 0, bytes.length);
-    }
-
-    /**
-     * Fill part of bytes with random values.
-     *
-     * @param bytes byte array to be filled.
-     * @param start index to start filling at.
-     * @param len length of segment to fill.
-     */
-    public void nextBytes(
-        byte[]  bytes,
-        int     start,
-        int     len)
-    {
-        doNextBytes(bytes, start, len);
-    }
-
-    private void doNextBytes(
-        byte[]  bytes,
-        int     start,
-        int     len)
-    {
-        synchronized (this)
-        {
-            int done = 0;
-            while (done < len)
-            {
-                if (windowCount < 1)
-                {
-                    generator.nextBytes(window, 0, window.length);
-                    windowCount = window.length;
-                }
-
-                bytes[start + done++] = window[--windowCount];
-            }
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/SP800SecureRandom.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/SP800SecureRandom.java
deleted file mode 100644
index 000b0c4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/SP800SecureRandom.java
+++ /dev/null

@@ -1,88 +0,0 @@
-package org.bouncycastle.crypto.prng;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.prng.drbg.SP80090DRBG;
-
-public class SP800SecureRandom
-    extends SecureRandom
-{
-    private final DRBGProvider drbgProvider;
-    private final boolean predictionResistant;
-    private final SecureRandom randomSource;
-    private final EntropySource entropySource;
-
-    private SP80090DRBG drbg;
-
-    SP800SecureRandom(SecureRandom randomSource, EntropySource entropySource, DRBGProvider drbgProvider, boolean predictionResistant)
-    {
-        this.randomSource = randomSource;
-        this.entropySource = entropySource;
-        this.drbgProvider = drbgProvider;
-        this.predictionResistant = predictionResistant;
-    }
-
-    public void setSeed(byte[] seed)
-    {
-        synchronized (this)
-        {
-            if (randomSource != null)
-            {
-                this.randomSource.setSeed(seed);
-            }
-        }
-    }
-
-    public void setSeed(long seed)
-    {
-        synchronized (this)
-        {
-            // this will happen when SecureRandom() is created
-            if (randomSource != null)
-            {
-                this.randomSource.setSeed(seed);
-            }
-        }
-    }
-
-    public void nextBytes(byte[] bytes)
-    {
-        synchronized (this)
-        {
-            if (drbg == null)
-            {
-                drbg = drbgProvider.get(entropySource);
-            }
-
-            // check if a reseed is required...
-            if (drbg.generate(bytes, null, predictionResistant) < 0)
-            {
-                drbg.reseed(null);
-                drbg.generate(bytes, null, predictionResistant);
-            }
-        }
-    }
-
-    public byte[] generateSeed(int numBytes)
-    {
-        return EntropyUtil.generateSeed(entropySource, numBytes);
-    }
-
-    /**
-     * Force a reseed of the DRBG
-     *
-     * @param additionalInput optional additional input
-     */
-    public void reseed(byte[] additionalInput)
-    {
-        synchronized (this)
-        {
-            if (drbg == null)
-            {
-                drbg = drbgProvider.get(entropySource);
-            }
-
-            drbg.reseed(additionalInput);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/SP800SecureRandomBuilder.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/SP800SecureRandomBuilder.java
deleted file mode 100644
index 420cf12..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/SP800SecureRandomBuilder.java
+++ /dev/null

@@ -1,215 +0,0 @@
-package org.bouncycastle.crypto.prng;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.prng.drbg.CTRSP800DRBG;
-import org.bouncycastle.crypto.prng.drbg.HMacSP800DRBG;
-import org.bouncycastle.crypto.prng.drbg.HashSP800DRBG;
-import org.bouncycastle.crypto.prng.drbg.SP80090DRBG;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Builder class for making SecureRandom objects based on SP 800-90A Deterministic Random Bit Generators (DRBG).
- */
-public class SP800SecureRandomBuilder
-{
-    private final SecureRandom random;
-    private final EntropySourceProvider entropySourceProvider;
-
-    private byte[] personalizationString;
-    private int securityStrength = 256;
-    private int entropyBitsRequired = 256;
-
-    /**
-     * Basic constructor, creates a builder using an EntropySourceProvider based on the default SecureRandom with
-     * predictionResistant set to false.
-     * <p>
-     * Any SecureRandom created from a builder constructed like this will make use of input passed to SecureRandom.setSeed() if
-     * the default SecureRandom does for its generateSeed() call.
-     * </p>
-     */
-    public SP800SecureRandomBuilder()
-    {
-        this(CryptoServicesRegistrar.getSecureRandom(), false);
-    }
-
-    /**
-     * Construct a builder with an EntropySourceProvider based on the passed in SecureRandom and the passed in value
-     * for prediction resistance.
-     * <p>
-     * Any SecureRandom created from a builder constructed like this will make use of input passed to SecureRandom.setSeed() if
-     * the passed in SecureRandom does for its generateSeed() call.
-     * </p>
-     * @param entropySource the SecureRandom acting as a source of entropy for DRBGs made by this builder.
-     * @param predictionResistant true if the SecureRandom seeder can be regarded as predictionResistant.
-     */
-    public SP800SecureRandomBuilder(SecureRandom entropySource, boolean predictionResistant)
-    {
-        this.random = entropySource;
-        this.entropySourceProvider = new BasicEntropySourceProvider(random, predictionResistant);
-    }
-
-    /**
-     * Create a builder which makes creates the SecureRandom objects from a specified entropy source provider.
-     * <p>
-     * <b>Note:</b> If this constructor is used any calls to setSeed() in the resulting SecureRandom will be ignored.
-     * </p>
-     * @param entropySourceProvider a provider of EntropySource objects.
-     */
-    public SP800SecureRandomBuilder(EntropySourceProvider entropySourceProvider)
-    {
-        this.random = null;
-        this.entropySourceProvider = entropySourceProvider;
-    }
-
-    /**
-     * Set the personalization string for DRBG SecureRandoms created by this builder
-     * @param personalizationString  the personalisation string for the underlying DRBG.
-     * @return the current builder.
-     */
-    public SP800SecureRandomBuilder setPersonalizationString(byte[] personalizationString)
-    {
-        this.personalizationString = Arrays.clone(personalizationString);
-
-        return this;
-    }
-
-    /**
-     * Set the security strength required for DRBGs used in building SecureRandom objects.
-     *
-     * @param securityStrength the security strength (in bits)
-     * @return the current builder.
-     */
-    public SP800SecureRandomBuilder setSecurityStrength(int securityStrength)
-    {
-        this.securityStrength = securityStrength;
-
-        return this;
-    }
-
-    /**
-     * Set the amount of entropy bits required for seeding and reseeding DRBGs used in building SecureRandom objects.
-     *
-     * @param entropyBitsRequired the number of bits of entropy to be requested from the entropy source on each seed/reseed.
-     * @return the current builder.
-     */
-    public SP800SecureRandomBuilder setEntropyBitsRequired(int entropyBitsRequired)
-    {
-        this.entropyBitsRequired = entropyBitsRequired;
-
-        return this;
-    }
-
-    /**
-     * Build a SecureRandom based on a SP 800-90A Hash DRBG.
-     *
-     * @param digest digest algorithm to use in the DRBG underneath the SecureRandom.
-     * @param nonce  nonce value to use in DRBG construction.
-     * @param predictionResistant specify whether the underlying DRBG in the resulting SecureRandom should reseed on each request for bytes.
-     * @return a SecureRandom supported by a Hash DRBG.
-     */
-    public SP800SecureRandom buildHash(Digest digest, byte[] nonce, boolean predictionResistant)
-    {
-        return new SP800SecureRandom(random, entropySourceProvider.get(entropyBitsRequired), new HashDRBGProvider(digest, nonce, personalizationString, securityStrength), predictionResistant);
-    }
-
-    /**
-     * Build a SecureRandom based on a SP 800-90A CTR DRBG.
-     *
-     * @param cipher the block cipher to base the DRBG on.
-     * @param keySizeInBits key size in bits to be used with the block cipher.
-     * @param nonce nonce value to use in DRBG construction.
-     * @param predictionResistant  specify whether the underlying DRBG in the resulting SecureRandom should reseed on each request for bytes.
-     * @return  a SecureRandom supported by a CTR DRBG.
-     */
-    public SP800SecureRandom buildCTR(BlockCipher cipher, int keySizeInBits, byte[] nonce, boolean predictionResistant)
-    {
-        return new SP800SecureRandom(random, entropySourceProvider.get(entropyBitsRequired), new CTRDRBGProvider(cipher, keySizeInBits, nonce, personalizationString, securityStrength), predictionResistant);
-    }
-
-    /**
-     * Build a SecureRandom based on a SP 800-90A HMAC DRBG.
-     *
-     * @param hMac HMAC algorithm to use in the DRBG underneath the SecureRandom.
-     * @param nonce  nonce value to use in DRBG construction.
-     * @param predictionResistant specify whether the underlying DRBG in the resulting SecureRandom should reseed on each request for bytes.
-     * @return a SecureRandom supported by a HMAC DRBG.
-     */
-    public SP800SecureRandom buildHMAC(Mac hMac, byte[] nonce, boolean predictionResistant)
-    {
-        return new SP800SecureRandom(random, entropySourceProvider.get(entropyBitsRequired), new HMacDRBGProvider(hMac, nonce, personalizationString, securityStrength), predictionResistant);
-    }
-
-    private static class HashDRBGProvider
-        implements DRBGProvider
-    {
-        private final Digest digest;
-        private final byte[] nonce;
-        private final byte[] personalizationString;
-        private final int securityStrength;
-
-        public HashDRBGProvider(Digest digest, byte[] nonce, byte[] personalizationString, int securityStrength)
-        {
-            this.digest = digest;
-            this.nonce = nonce;
-            this.personalizationString = personalizationString;
-            this.securityStrength = securityStrength;
-        }
-
-        public SP80090DRBG get(EntropySource entropySource)
-        {
-            return new HashSP800DRBG(digest, securityStrength, entropySource, personalizationString, nonce);
-        }
-    }
-
-    private static class HMacDRBGProvider
-        implements DRBGProvider
-    {
-        private final Mac hMac;
-        private final byte[] nonce;
-        private final byte[] personalizationString;
-        private final int securityStrength;
-
-        public HMacDRBGProvider(Mac hMac, byte[] nonce, byte[] personalizationString, int securityStrength)
-        {
-            this.hMac = hMac;
-            this.nonce = nonce;
-            this.personalizationString = personalizationString;
-            this.securityStrength = securityStrength;
-        }
-
-        public SP80090DRBG get(EntropySource entropySource)
-        {
-            return new HMacSP800DRBG(hMac, securityStrength, entropySource, personalizationString, nonce);
-        }
-    }
-
-    private static class CTRDRBGProvider
-        implements DRBGProvider
-    {
-
-        private final BlockCipher blockCipher;
-        private final int keySizeInBits;
-        private final byte[] nonce;
-        private final byte[] personalizationString;
-        private final int securityStrength;
-
-        public CTRDRBGProvider(BlockCipher blockCipher, int keySizeInBits, byte[] nonce, byte[] personalizationString, int securityStrength)
-        {
-            this.blockCipher = blockCipher;
-            this.keySizeInBits = keySizeInBits;
-            this.nonce = nonce;
-            this.personalizationString = personalizationString;
-            this.securityStrength = securityStrength;
-        }
-
-        public SP80090DRBG get(EntropySource entropySource)
-        {
-            return new CTRSP800DRBG(blockCipher, keySizeInBits, securityStrength, entropySource, personalizationString, nonce);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/ThreadedSeedGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/ThreadedSeedGenerator.java
deleted file mode 100644
index 6b2d5ec..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/ThreadedSeedGenerator.java
+++ /dev/null

@@ -1,95 +0,0 @@
-package org.bouncycastle.crypto.prng;
-
-/**
- * A thread based seed generator - one source of randomness.
- * <p>
- * Based on an idea from Marcus Lippert.
- * </p>
- */
-public class ThreadedSeedGenerator
-{
-    private class SeedGenerator
-        implements Runnable
-    {
-        private volatile int counter = 0;
-        private volatile boolean stop = false;
-
-        public void run()
-        {
-            while (!this.stop)
-            {
-                this.counter++;
-            }
-
-        }
-
-        public byte[] generateSeed(
-            int numbytes,
-            boolean fast)
-        {
-            Thread t = new Thread(this);
-            byte[] result = new byte[numbytes];
-            this.counter = 0;
-            this.stop = false;
-            int last = 0;
-            int end;
-
-            t.start();
-            if(fast)
-            {
-                end = numbytes;
-            }
-            else
-            {
-                end = numbytes * 8;
-            }
-            for (int i = 0; i < end; i++)
-            {
-                while (this.counter == last)
-                {
-                    try
-                    {
-                        Thread.sleep(1);
-                    }
-                    catch (InterruptedException e)
-                    {
-                        // ignore
-                    }
-                }
-                last = this.counter;
-                if (fast)
-                {
-                    result[i] = (byte) (last & 0xff);
-                }
-                else
-                {
-                    int bytepos = i/8;
-                    result[bytepos] = (byte) ((result[bytepos] << 1) | (last & 1));
-                }
-
-            }
-            stop = true;
-            return result;
-        }
-    }
-
-    /**
-     * Generate seed bytes. Set fast to false for best quality.
-     * <p>
-     * If fast is set to true, the code should be round about 8 times faster when
-     * generating a long sequence of random bytes. 20 bytes of random values using
-     * the fast mode take less than half a second on a Nokia e70. If fast is set to false,
-     * it takes round about 2500 ms.
-     * </p>
-     * @param numBytes the number of bytes to generate
-     * @param fast true if fast mode should be used
-     */
-    public byte[] generateSeed(
-        int numBytes,
-        boolean fast)
-    {
-        SeedGenerator gen = new SeedGenerator();
-
-        return gen.generateSeed(numBytes, fast);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/VMPCRandomGenerator.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/VMPCRandomGenerator.java
deleted file mode 100644
index c7e420d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/VMPCRandomGenerator.java
+++ /dev/null

@@ -1,127 +0,0 @@
-package org.bouncycastle.crypto.prng;
-
-import org.bouncycastle.util.Pack;
-
-public class VMPCRandomGenerator implements RandomGenerator
-{
-    private byte n = 0;
-
-    /**
-     * Permutation generated by code: <code>
-     * // First 1850 fractional digit of Pi number. 
-     * byte[] key = new BigInteger("14159265358979323846...5068006422512520511").toByteArray();
-     * s = 0;
-     * P = new byte[256];
-     * for (int i = 0; i < 256; i++) {
-     *     P[i] = (byte) i;
-     * }
-     * for (int m = 0; m < 768; m++) {
-     *     s = P[(s + P[m & 0xff] + key[m % key.length]) & 0xff];
-     *     byte temp = P[m & 0xff];
-     *     P[m & 0xff] = P[s & 0xff];
-     *     P[s & 0xff] = temp;
-     * } </code>
-     */
-    private byte[] P =
-    {
-        (byte) 0xbb, (byte) 0x2c, (byte) 0x62, (byte) 0x7f,
-        (byte) 0xb5, (byte) 0xaa, (byte) 0xd4, (byte) 0x0d, (byte) 0x81,
-        (byte) 0xfe, (byte) 0xb2, (byte) 0x82, (byte) 0xcb, (byte) 0xa0,
-        (byte) 0xa1, (byte) 0x08, (byte) 0x18, (byte) 0x71, (byte) 0x56,
-        (byte) 0xe8, (byte) 0x49, (byte) 0x02, (byte) 0x10, (byte) 0xc4,
-        (byte) 0xde, (byte) 0x35, (byte) 0xa5, (byte) 0xec, (byte) 0x80,
-        (byte) 0x12, (byte) 0xb8, (byte) 0x69, (byte) 0xda, (byte) 0x2f,
-        (byte) 0x75, (byte) 0xcc, (byte) 0xa2, (byte) 0x09, (byte) 0x36,
-        (byte) 0x03, (byte) 0x61, (byte) 0x2d, (byte) 0xfd, (byte) 0xe0,
-        (byte) 0xdd, (byte) 0x05, (byte) 0x43, (byte) 0x90, (byte) 0xad,
-        (byte) 0xc8, (byte) 0xe1, (byte) 0xaf, (byte) 0x57, (byte) 0x9b,
-        (byte) 0x4c, (byte) 0xd8, (byte) 0x51, (byte) 0xae, (byte) 0x50,
-        (byte) 0x85, (byte) 0x3c, (byte) 0x0a, (byte) 0xe4, (byte) 0xf3,
-        (byte) 0x9c, (byte) 0x26, (byte) 0x23, (byte) 0x53, (byte) 0xc9,
-        (byte) 0x83, (byte) 0x97, (byte) 0x46, (byte) 0xb1, (byte) 0x99,
-        (byte) 0x64, (byte) 0x31, (byte) 0x77, (byte) 0xd5, (byte) 0x1d,
-        (byte) 0xd6, (byte) 0x78, (byte) 0xbd, (byte) 0x5e, (byte) 0xb0,
-        (byte) 0x8a, (byte) 0x22, (byte) 0x38, (byte) 0xf8, (byte) 0x68,
-        (byte) 0x2b, (byte) 0x2a, (byte) 0xc5, (byte) 0xd3, (byte) 0xf7,
-        (byte) 0xbc, (byte) 0x6f, (byte) 0xdf, (byte) 0x04, (byte) 0xe5,
-        (byte) 0x95, (byte) 0x3e, (byte) 0x25, (byte) 0x86, (byte) 0xa6,
-        (byte) 0x0b, (byte) 0x8f, (byte) 0xf1, (byte) 0x24, (byte) 0x0e,
-        (byte) 0xd7, (byte) 0x40, (byte) 0xb3, (byte) 0xcf, (byte) 0x7e,
-        (byte) 0x06, (byte) 0x15, (byte) 0x9a, (byte) 0x4d, (byte) 0x1c,
-        (byte) 0xa3, (byte) 0xdb, (byte) 0x32, (byte) 0x92, (byte) 0x58,
-        (byte) 0x11, (byte) 0x27, (byte) 0xf4, (byte) 0x59, (byte) 0xd0,
-        (byte) 0x4e, (byte) 0x6a, (byte) 0x17, (byte) 0x5b, (byte) 0xac,
-        (byte) 0xff, (byte) 0x07, (byte) 0xc0, (byte) 0x65, (byte) 0x79,
-        (byte) 0xfc, (byte) 0xc7, (byte) 0xcd, (byte) 0x76, (byte) 0x42,
-        (byte) 0x5d, (byte) 0xe7, (byte) 0x3a, (byte) 0x34, (byte) 0x7a,
-        (byte) 0x30, (byte) 0x28, (byte) 0x0f, (byte) 0x73, (byte) 0x01,
-        (byte) 0xf9, (byte) 0xd1, (byte) 0xd2, (byte) 0x19, (byte) 0xe9,
-        (byte) 0x91, (byte) 0xb9, (byte) 0x5a, (byte) 0xed, (byte) 0x41,
-        (byte) 0x6d, (byte) 0xb4, (byte) 0xc3, (byte) 0x9e, (byte) 0xbf,
-        (byte) 0x63, (byte) 0xfa, (byte) 0x1f, (byte) 0x33, (byte) 0x60,
-        (byte) 0x47, (byte) 0x89, (byte) 0xf0, (byte) 0x96, (byte) 0x1a,
-        (byte) 0x5f, (byte) 0x93, (byte) 0x3d, (byte) 0x37, (byte) 0x4b,
-        (byte) 0xd9, (byte) 0xa8, (byte) 0xc1, (byte) 0x1b, (byte) 0xf6,
-        (byte) 0x39, (byte) 0x8b, (byte) 0xb7, (byte) 0x0c, (byte) 0x20,
-        (byte) 0xce, (byte) 0x88, (byte) 0x6e, (byte) 0xb6, (byte) 0x74,
-        (byte) 0x8e, (byte) 0x8d, (byte) 0x16, (byte) 0x29, (byte) 0xf2,
-        (byte) 0x87, (byte) 0xf5, (byte) 0xeb, (byte) 0x70, (byte) 0xe3,
-        (byte) 0xfb, (byte) 0x55, (byte) 0x9f, (byte) 0xc6, (byte) 0x44,
-        (byte) 0x4a, (byte) 0x45, (byte) 0x7d, (byte) 0xe2, (byte) 0x6b,
-        (byte) 0x5c, (byte) 0x6c, (byte) 0x66, (byte) 0xa9, (byte) 0x8c,
-        (byte) 0xee, (byte) 0x84, (byte) 0x13, (byte) 0xa7, (byte) 0x1e,
-        (byte) 0x9d, (byte) 0xdc, (byte) 0x67, (byte) 0x48, (byte) 0xba,
-        (byte) 0x2e, (byte) 0xe6, (byte) 0xa4, (byte) 0xab, (byte) 0x7c,
-        (byte) 0x94, (byte) 0x00, (byte) 0x21, (byte) 0xef, (byte) 0xea,
-        (byte) 0xbe, (byte) 0xca, (byte) 0x72, (byte) 0x4f, (byte) 0x52,
-        (byte) 0x98, (byte) 0x3f, (byte) 0xc2, (byte) 0x14, (byte) 0x7b,
-        (byte) 0x3b, (byte) 0x54 };
-
-    /**
-     * Value generated in the same way as {@link VMPCRandomGenerator#P};
-     */
-    private byte s = (byte) 0xbe;
-
-    public VMPCRandomGenerator()
-    {
-    }
-
-    public void addSeedMaterial(byte[] seed)
-    {
-        for (int m = 0; m < seed.length; m++)
-        {
-            s = P[(s + P[n & 0xff] + seed[m]) & 0xff];
-            byte temp = P[n & 0xff];
-            P[n & 0xff] = P[s & 0xff];
-            P[s & 0xff] = temp;
-            n = (byte) ((n + 1) & 0xff);
-        }
-    }
-
-    public void addSeedMaterial(long seed)
-    {
-        addSeedMaterial(Pack.longToBigEndian(seed));
-    }
-
-    public void nextBytes(byte[] bytes)
-    {
-        nextBytes(bytes, 0, bytes.length);
-    }
-
-    public void nextBytes(byte[] bytes, int start, int len)
-    {
-        synchronized (P)
-        {
-            int end = start + len;
-            for (int i = start; i != end; i++)
-            {
-                s = P[(s + P[n & 0xff]) & 0xff];
-                bytes[i] = P[(P[(P[s & 0xff]) & 0xff] + 1) & 0xff];
-                byte temp = P[n & 0xff];
-                P[n & 0xff] = P[s & 0xff];
-                P[s & 0xff] = temp;
-                n = (byte) ((n + 1) & 0xff);
-            }
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/X931RNG.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/X931RNG.java
deleted file mode 100644
index e47c5af..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/X931RNG.java
+++ /dev/null

@@ -1,159 +0,0 @@
-package org.bouncycastle.crypto.prng;
-
-import org.bouncycastle.crypto.BlockCipher;
-
-public class X931RNG
-{
-    private static final long       BLOCK64_RESEED_MAX = 1L << (16 - 1);
-    private static final long       BLOCK128_RESEED_MAX = 1L << (24 - 1);
-    private static final int        BLOCK64_MAX_BITS_REQUEST = 1 << (13 - 1);
-    private static final int        BLOCK128_MAX_BITS_REQUEST = 1 << (19 - 1);
-    
-    private final BlockCipher engine;
-    private final EntropySource entropySource;
-
-    private final byte[] DT;
-    private final byte[] I;
-    private final byte[] R;;
-
-    private byte[] V;
-
-    private long reseedCounter = 1;
-
-    /**
-     *
-     * @param engine
-     * @param entropySource
-     */
-    public X931RNG(BlockCipher engine, byte[] dateTimeVector, EntropySource entropySource)
-    {
-        this.engine = engine;
-        this.entropySource = entropySource;
-
-        this.DT = new byte[engine.getBlockSize()];
-
-        System.arraycopy(dateTimeVector, 0, DT, 0, DT.length);
-
-        this.I = new byte[engine.getBlockSize()];
-        this.R = new byte[engine.getBlockSize()];
-    }
-
-    /**
-     * Populate a passed in array with random data.
-     *
-     * @param output output array for generated bits.
-     * @param predictionResistant true if a reseed should be forced, false otherwise.
-     *
-     * @return number of bits generated, -1 if a reseed required.
-     */
-    int generate(byte[] output, boolean predictionResistant)
-    {
-        if (R.length == 8) // 64 bit block size
-        {
-            if (reseedCounter > BLOCK64_RESEED_MAX)
-            {
-                return -1;
-            }
-
-            if (isTooLarge(output, BLOCK64_MAX_BITS_REQUEST / 8))
-            {
-                throw new IllegalArgumentException("Number of bits per request limited to " + BLOCK64_MAX_BITS_REQUEST);
-            }
-        }
-        else
-        {
-            if (reseedCounter > BLOCK128_RESEED_MAX)
-            {
-                return -1;
-            }
-
-            if (isTooLarge(output, BLOCK128_MAX_BITS_REQUEST / 8))
-            {
-                throw new IllegalArgumentException("Number of bits per request limited to " + BLOCK128_MAX_BITS_REQUEST);
-            }
-        }
-        
-        if (predictionResistant || V == null)
-        {
-            V = entropySource.getEntropy();
-            if (V.length != engine.getBlockSize())
-            {
-                throw new IllegalStateException("Insufficient entropy returned");
-            }
-        }
-
-        int m = output.length / R.length;
-
-        for (int i = 0; i < m; i++)
-        {
-            engine.processBlock(DT, 0, I, 0);
-            process(R, I, V);
-            process(V, R, I);
-
-            System.arraycopy(R, 0, output, i * R.length, R.length);
-
-            increment(DT);
-        }
-
-        int bytesToCopy = (output.length - m * R.length);
-
-        if (bytesToCopy > 0)
-        {
-            engine.processBlock(DT, 0, I, 0);
-            process(R, I, V);
-            process(V, R, I);
-
-            System.arraycopy(R, 0, output, m * R.length, bytesToCopy);
-
-            increment(DT);
-        }
-
-        reseedCounter++;
-
-        return output.length;
-    }
-
-    /**
-     * Reseed the RNG.
-     */
-    void reseed()
-    {
-        V = entropySource.getEntropy();
-        if (V.length != engine.getBlockSize())
-        {
-            throw new IllegalStateException("Insufficient entropy returned");
-        }
-        reseedCounter = 1;
-    }
-
-    EntropySource getEntropySource()
-    {
-        return entropySource;
-    }
-
-    private void process(byte[] res, byte[] a, byte[] b)
-    {
-        for (int i = 0; i != res.length; i++)
-        {
-            res[i] = (byte)(a[i] ^ b[i]);
-        }
-
-        engine.processBlock(res, 0, res, 0);
-    }
-
-    private void increment(byte[] val)
-    {
-        for (int i = val.length - 1; i >= 0; i--)
-        {
-            if (++val[i] != 0)
-            {
-                break;
-            }
-        }
-    }
-    
-    private static boolean isTooLarge(byte[] bytes, int maxBytes)
-    {
-        return bytes != null && bytes.length > maxBytes;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/X931SecureRandom.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/X931SecureRandom.java
deleted file mode 100644
index 02d6122..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/X931SecureRandom.java
+++ /dev/null

@@ -1,59 +0,0 @@
-package org.bouncycastle.crypto.prng;
-
-import java.security.SecureRandom;
-
-public class X931SecureRandom
-    extends SecureRandom
-{
-    private final boolean predictionResistant;
-    private final SecureRandom randomSource;
-    private final X931RNG drbg;
-
-    X931SecureRandom(SecureRandom randomSource, X931RNG drbg, boolean predictionResistant)
-    {
-        this.randomSource = randomSource;
-        this.drbg = drbg;
-        this.predictionResistant = predictionResistant;
-    }
-
-    public void setSeed(byte[] seed)
-    {
-        synchronized (this)
-        {
-            if (randomSource != null)
-            {
-                this.randomSource.setSeed(seed);
-            }
-        }
-    }
-
-    public void setSeed(long seed)
-    {
-        synchronized (this)
-        {
-            // this will happen when SecureRandom() is created
-            if (randomSource != null)
-            {
-                this.randomSource.setSeed(seed);
-            }
-        }
-    }
-
-    public void nextBytes(byte[] bytes)
-    {
-        synchronized (this)
-        {
-            // check if a reseed is required...
-            if (drbg.generate(bytes, predictionResistant) < 0)
-            {
-                drbg.reseed();
-                drbg.generate(bytes, predictionResistant);
-            }
-        }
-    }
-
-    public byte[] generateSeed(int numBytes)
-    {
-        return EntropyUtil.generateSeed(drbg.getEntropySource(), numBytes);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/X931SecureRandomBuilder.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/X931SecureRandomBuilder.java
deleted file mode 100644
index 9764b6b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/X931SecureRandomBuilder.java
+++ /dev/null

@@ -1,88 +0,0 @@
-package org.bouncycastle.crypto.prng;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Pack;
-
-public class X931SecureRandomBuilder
-{
-    private SecureRandom random;          // JDK 1.1 complains on final.
-    private EntropySourceProvider entropySourceProvider;
-
-    private byte[] dateTimeVector;
-
-    /**
-     * Basic constructor, creates a builder using an EntropySourceProvider based on the default SecureRandom with
-     * predictionResistant set to false.
-     * <p>
-     * Any SecureRandom created from a builder constructed like this will make use of input passed to SecureRandom.setSeed() if
-     * the default SecureRandom does for its generateSeed() call.
-     * </p>
-     */
-    public X931SecureRandomBuilder()
-    {
-        this(CryptoServicesRegistrar.getSecureRandom(), false);
-    }
-
-    /**
-     * Construct a builder with an EntropySourceProvider based on the passed in SecureRandom and the passed in value
-     * for prediction resistance.
-     * <p>
-     * Any SecureRandom created from a builder constructed like this will make use of input passed to SecureRandom.setSeed() if
-     * the passed in SecureRandom does for its generateSeed() call.
-     * </p>
-     * @param entropySource
-     * @param predictionResistant
-     */
-    public X931SecureRandomBuilder(SecureRandom entropySource, boolean predictionResistant)
-    {
-        this.random = entropySource;
-        this.entropySourceProvider = new BasicEntropySourceProvider(random, predictionResistant);
-    }
-
-    /**
-     * Create a builder which makes creates the SecureRandom objects from a specified entropy source provider.
-     * <p>
-     * <b>Note:</b> If this constructor is used any calls to setSeed() in the resulting SecureRandom will be ignored.
-     * </p>
-     * @param entropySourceProvider a provider of EntropySource objects.
-     */
-    public X931SecureRandomBuilder(EntropySourceProvider entropySourceProvider)
-    {
-        this.random = null;
-        this.entropySourceProvider = entropySourceProvider;
-    }
-
-    public X931SecureRandomBuilder setDateTimeVector(byte[] dateTimeVector)
-    {
-        this.dateTimeVector = Arrays.clone(dateTimeVector);
-
-        return this;
-    }
-
-    /**
-     * Construct a X9.31 secure random generator using the passed in engine and key. If predictionResistant is true the
-     * generator will be reseeded on each request.
-     *
-     * @param engine a block cipher to use as the operator.
-     * @param key the block cipher key to initialise engine with.
-     * @param predictionResistant true if engine to be reseeded on each use, false otherwise.
-     * @return a SecureRandom.
-     */
-    public X931SecureRandom build(BlockCipher engine, KeyParameter key, boolean predictionResistant)
-    {
-        if (dateTimeVector == null)
-        {
-            dateTimeVector = new byte[engine.getBlockSize()];
-            Pack.longToBigEndian(System.currentTimeMillis(), dateTimeVector, 0);
-        }
-
-        engine.init(true, key);
-
-        return new X931SecureRandom(random, new X931RNG(engine, dateTimeVector, entropySourceProvider.get(engine.getBlockSize() * 8)), predictionResistant);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/drbg/CTRSP800DRBG.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/drbg/CTRSP800DRBG.java
deleted file mode 100644
index db0cffd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/drbg/CTRSP800DRBG.java
+++ /dev/null

@@ -1,493 +0,0 @@
-package org.bouncycastle.crypto.prng.drbg;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.prng.EntropySource;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-
-/**
- * A SP800-90A CTR DRBG.
- */
-public class CTRSP800DRBG
-    implements SP80090DRBG
-{
-    private static final long       TDEA_RESEED_MAX = 1L << (32 - 1);
-    private static final long       AES_RESEED_MAX = 1L << (48 - 1);
-    private static final int        TDEA_MAX_BITS_REQUEST = 1 << (13 - 1);
-    private static final int        AES_MAX_BITS_REQUEST = 1 << (19 - 1);
-
-    private EntropySource          _entropySource;
-    private BlockCipher           _engine;
-    private int                   _keySizeInBits;
-    private int                   _seedLength;
-    private int                   _securityStrength;
-
-    // internal state
-    private byte[]                _Key;
-    private byte[]                _V;
-    private long                  _reseedCounter = 0;
-    private boolean               _isTDEA = false;
-
-    /**
-     * Construct a SP800-90A CTR DRBG.
-     * <p>
-     * Minimum entropy requirement is the security strength requested.
-     * </p>
-     * @param engine underlying block cipher to use to support DRBG
-     * @param keySizeInBits size of the key to use with the block cipher.
-     * @param securityStrength security strength required (in bits)
-     * @param entropySource source of entropy to use for seeding/reseeding.
-     * @param personalizationString personalization string to distinguish this DRBG (may be null).
-     * @param nonce nonce to further distinguish this DRBG (may be null).
-     */
-    public CTRSP800DRBG(BlockCipher engine, int keySizeInBits, int securityStrength, EntropySource entropySource, byte[] personalizationString, byte[] nonce)
-    {
-        _entropySource = entropySource;
-        _engine = engine;     
-        
-        _keySizeInBits = keySizeInBits;
-        _securityStrength = securityStrength;
-        _seedLength = keySizeInBits + engine.getBlockSize() * 8;
-        _isTDEA = isTDEA(engine);
-
-        if (securityStrength > 256)
-        {
-            throw new IllegalArgumentException("Requested security strength is not supported by the derivation function");
-        }
-
-        if (getMaxSecurityStrength(engine, keySizeInBits) < securityStrength)
-        {
-            throw new IllegalArgumentException("Requested security strength is not supported by block cipher and key size");
-        }
-
-        if (entropySource.entropySize() < securityStrength)
-        {
-            throw new IllegalArgumentException("Not enough entropy for security strength required");
-        }
-
-        byte[] entropy = getEntropy();  // Get_entropy_input
-
-        CTR_DRBG_Instantiate_algorithm(entropy, nonce, personalizationString);
-    }
-
-    private void CTR_DRBG_Instantiate_algorithm(byte[] entropy, byte[] nonce,
-            byte[] personalisationString)
-    {
-        byte[] seedMaterial = Arrays.concatenate(entropy, nonce, personalisationString);
-        byte[] seed = Block_Cipher_df(seedMaterial, _seedLength);
-
-        int outlen = _engine.getBlockSize();
-
-        _Key = new byte[(_keySizeInBits + 7) / 8];
-        _V = new byte[outlen];
-
-         // _Key & _V are modified by this call
-        CTR_DRBG_Update(seed, _Key, _V); 
-
-        _reseedCounter = 1;
-    }
-
-    private void CTR_DRBG_Update(byte[] seed, byte[] key, byte[] v)
-    {
-        byte[] temp = new byte[seed.length];
-        byte[] outputBlock = new byte[_engine.getBlockSize()];
-        
-        int i=0;
-        int outLen = _engine.getBlockSize();
-
-        _engine.init(true, new KeyParameter(expandKey(key)));
-        while (i*outLen < seed.length)
-        {
-            addOneTo(v);
-            _engine.processBlock(v, 0, outputBlock, 0);
-
-            int bytesToCopy = ((temp.length - i * outLen) > outLen)
-                    ? outLen : (temp.length - i * outLen);
-            
-            System.arraycopy(outputBlock, 0, temp, i * outLen, bytesToCopy);
-            ++i;
-        }
-
-        XOR(temp, seed, temp, 0);
-
-        System.arraycopy(temp, 0, key, 0, key.length);
-        System.arraycopy(temp, key.length, v, 0, v.length);
-    }
-    
-    private void CTR_DRBG_Reseed_algorithm(byte[] additionalInput)
-    {
-        byte[] seedMaterial = Arrays.concatenate(getEntropy(), additionalInput);
-
-        seedMaterial = Block_Cipher_df(seedMaterial, _seedLength);
-
-        CTR_DRBG_Update(seedMaterial, _Key, _V);
-
-        _reseedCounter = 1;
-    }
-
-    private void XOR(byte[] out, byte[] a, byte[] b, int bOff)
-    {
-        for (int i=0; i< out.length; i++) 
-        {
-            out[i] = (byte)(a[i] ^ b[i+bOff]);
-        }
-    }
-    
-    private void addOneTo(byte[] longer)
-    {
-        int carry = 1;
-        for (int i = 1; i <= longer.length; i++) // warning
-        {
-            int res = (longer[longer.length - i] & 0xff) + carry;
-            carry = (res > 0xff) ? 1 : 0;
-            longer[longer.length - i] = (byte)res;
-        }
-    } 
-
-    private byte[] getEntropy()
-    {
-        byte[] entropy = _entropySource.getEntropy();
-        if (entropy.length < (_securityStrength + 7) / 8)
-        {
-            throw new IllegalStateException("Insufficient entropy provided by entropy source");
-        }
-        return entropy;
-    }
-
-    // -- Internal state migration ---
-    
-    private static final byte[] K_BITS = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F");
-
-    // 1. If (number_of_bits_to_return > max_number_of_bits), then return an
-    // ERROR_FLAG.
-    // 2. L = len (input_string)/8.
-    // 3. N = number_of_bits_to_return/8.
-    // Comment: L is the bitstring represention of
-    // the integer resulting from len (input_string)/8.
-    // L shall be represented as a 32-bit integer.
-    //
-    // Comment : N is the bitstring represention of
-    // the integer resulting from
-    // number_of_bits_to_return/8. N shall be
-    // represented as a 32-bit integer.
-    //
-    // 4. S = L || N || input_string || 0x80.
-    // 5. While (len (S) mod outlen)
-    // Comment : Pad S with zeros, if necessary.
-    // 0, S = S || 0x00.
-    //
-    // Comment : Compute the starting value.
-    // 6. temp = the Null string.
-    // 7. i = 0.
-    // 8. K = Leftmost keylen bits of 0x00010203...1D1E1F.
-    // 9. While len (temp) < keylen + outlen, do
-    //
-    // IV = i || 0outlen - len (i).
-    //
-    // 9.1
-    //
-    // temp = temp || BCC (K, (IV || S)).
-    //
-    // 9.2
-    //
-    // i = i + 1.
-    //
-    // 9.3
-    //
-    // Comment : i shall be represented as a 32-bit
-    // integer, i.e., len (i) = 32.
-    //
-    // Comment: The 32-bit integer represenation of
-    // i is padded with zeros to outlen bits.
-    //
-    // Comment: Compute the requested number of
-    // bits.
-    //
-    // 10. K = Leftmost keylen bits of temp.
-    //
-    // 11. X = Next outlen bits of temp.
-    //
-    // 12. temp = the Null string.
-    //
-    // 13. While len (temp) < number_of_bits_to_return, do
-    //
-    // 13.1 X = Block_Encrypt (K, X).
-    //
-    // 13.2 temp = temp || X.
-    //
-    // 14. requested_bits = Leftmost number_of_bits_to_return of temp.
-    //
-    // 15. Return SUCCESS and requested_bits.
-    private byte[] Block_Cipher_df(byte[] inputString, int bitLength)
-    {
-        int outLen = _engine.getBlockSize();
-        int L = inputString.length; // already in bytes
-        int N = bitLength / 8;
-        // 4 S = L || N || inputstring || 0x80
-        int sLen = 4 + 4 + L + 1;
-        int blockLen = ((sLen + outLen - 1) / outLen) * outLen;
-        byte[] S = new byte[blockLen];
-        copyIntToByteArray(S, L, 0);
-        copyIntToByteArray(S, N, 4);
-        System.arraycopy(inputString, 0, S, 8, L);
-        S[8 + L] = (byte)0x80;
-        // S already padded with zeros
-
-        byte[] temp = new byte[_keySizeInBits / 8 + outLen];
-        byte[] bccOut = new byte[outLen];
-
-        byte[] IV = new byte[outLen]; 
-        
-        int i = 0;
-        byte[] K = new byte[_keySizeInBits / 8];
-        System.arraycopy(K_BITS, 0, K, 0, K.length);
-
-        while (i*outLen*8 < _keySizeInBits + outLen *8)
-        {
-            copyIntToByteArray(IV, i, 0);
-            BCC(bccOut, K, IV, S);
-
-            int bytesToCopy = ((temp.length - i * outLen) > outLen)
-                    ? outLen
-                    : (temp.length - i * outLen);
-            
-            System.arraycopy(bccOut, 0, temp, i * outLen, bytesToCopy);
-            ++i;
-        }
-
-        byte[] X = new byte[outLen];
-        System.arraycopy(temp, 0, K, 0, K.length);
-        System.arraycopy(temp, K.length, X, 0, X.length);
-
-        temp = new byte[bitLength / 8];
-
-        i = 0;
-        _engine.init(true, new KeyParameter(expandKey(K)));
-
-        while (i * outLen < temp.length)
-        {
-            _engine.processBlock(X, 0, X, 0);
-
-            int bytesToCopy = ((temp.length - i * outLen) > outLen)
-                    ? outLen
-                    : (temp.length - i * outLen);
-
-            System.arraycopy(X, 0, temp, i * outLen, bytesToCopy);
-            i++;
-        }
-
-        return temp;
-    }
-
-    /*
-    * 1. chaining_value = 0^outlen    
-    *    . Comment: Set the first chaining value to outlen zeros.
-    * 2. n = len (data)/outlen.
-    * 3. Starting with the leftmost bits of data, split the data into n blocks of outlen bits 
-    *    each, forming block(1) to block(n). 
-    * 4. For i = 1 to n do
-    * 4.1 input_block = chaining_value ^ block(i) .
-    * 4.2 chaining_value = Block_Encrypt (Key, input_block).
-    * 5. output_block = chaining_value.
-    * 6. Return output_block. 
-     */
-    private void BCC(byte[] bccOut, byte[] k, byte[] iV, byte[] data)
-    {
-        int outlen = _engine.getBlockSize();
-        byte[] chainingValue = new byte[outlen]; // initial values = 0
-        int n = data.length / outlen;
-
-        byte[] inputBlock = new byte[outlen];
-
-        _engine.init(true, new KeyParameter(expandKey(k)));
-
-        _engine.processBlock(iV, 0, chainingValue, 0);
-
-        for (int i = 0; i < n; i++)
-        {
-            XOR(inputBlock, chainingValue, data, i*outlen);
-            _engine.processBlock(inputBlock, 0, chainingValue, 0);
-        }
-
-        System.arraycopy(chainingValue, 0, bccOut, 0, bccOut.length);
-    }
-
-    private void copyIntToByteArray(byte[] buf, int value, int offSet)
-    {
-        buf[offSet + 0] = ((byte)(value >> 24));
-        buf[offSet + 1] = ((byte)(value >> 16));
-        buf[offSet + 2] = ((byte)(value >> 8));
-        buf[offSet + 3] = ((byte)(value));
-    }
-
-    /**
-     * Return the block size (in bits) of the DRBG.
-     *
-     * @return the number of bits produced on each internal round of the DRBG.
-     */
-    public int getBlockSize()
-    {
-        return _V.length * 8;
-    }
-
-    /**
-     * Populate a passed in array with random data.
-     *
-     * @param output output array for generated bits.
-     * @param additionalInput additional input to be added to the DRBG in this step.
-     * @param predictionResistant true if a reseed should be forced, false otherwise.
-     *
-     * @return number of bits generated, -1 if a reseed required.
-     */
-    public int generate(byte[] output, byte[] additionalInput, boolean predictionResistant)
-    {
-        if (_isTDEA)
-        {
-            if (_reseedCounter > TDEA_RESEED_MAX)
-            {
-                return -1;
-            }
-
-            if (Utils.isTooLarge(output, TDEA_MAX_BITS_REQUEST / 8))
-            {
-                throw new IllegalArgumentException("Number of bits per request limited to " + TDEA_MAX_BITS_REQUEST);
-            }
-        }
-        else
-        {
-            if (_reseedCounter > AES_RESEED_MAX)
-            {
-                return -1;
-            }
-
-            if (Utils.isTooLarge(output, AES_MAX_BITS_REQUEST / 8))
-            {
-                throw new IllegalArgumentException("Number of bits per request limited to " + AES_MAX_BITS_REQUEST);
-            }
-        }
-
-        if (predictionResistant)
-        {
-            CTR_DRBG_Reseed_algorithm(additionalInput);
-            additionalInput = null;
-        }
-
-        if (additionalInput != null)
-        {
-            additionalInput = Block_Cipher_df(additionalInput, _seedLength);
-            CTR_DRBG_Update(additionalInput, _Key, _V);
-        }
-        else
-        {
-            additionalInput = new byte[_seedLength / 8];
-        }
-
-        byte[] out = new byte[_V.length];
-
-        _engine.init(true, new KeyParameter(expandKey(_Key)));
-
-        for (int i = 0; i <= output.length / out.length; i++)
-        {
-            int bytesToCopy = ((output.length - i * out.length) > out.length)
-                    ? out.length
-                    : (output.length - i * _V.length);
-
-            if (bytesToCopy != 0)
-            {
-                addOneTo(_V);
-
-                _engine.processBlock(_V, 0, out, 0);
-
-                System.arraycopy(out, 0, output, i * out.length, bytesToCopy);
-            }
-        }
-
-        CTR_DRBG_Update(additionalInput, _Key, _V);
-
-        _reseedCounter++;
-
-        return output.length * 8;
-    }
-
-    /**
-      * Reseed the DRBG.
-      *
-      * @param additionalInput additional input to be added to the DRBG in this step.
-      */
-    public void reseed(byte[] additionalInput)
-    {
-        CTR_DRBG_Reseed_algorithm(additionalInput);
-    }
-
-    private boolean isTDEA(BlockCipher cipher)
-    {
-        return cipher.getAlgorithmName().equals("DESede") || cipher.getAlgorithmName().equals("TDEA");
-    }
-
-    private int getMaxSecurityStrength(BlockCipher cipher, int keySizeInBits)
-    {
-        if (isTDEA(cipher) && keySizeInBits == 168)
-        {
-            return 112;
-        }
-        if (cipher.getAlgorithmName().equals("AES"))
-        {
-            return keySizeInBits;
-        }
-
-        return -1;
-    }
-
-    byte[] expandKey(byte[] key)
-    {
-        if (_isTDEA)
-        {
-            // expand key to 192 bits.
-            byte[] tmp = new byte[24];
-
-            padKey(key, 0, tmp, 0);
-            padKey(key, 7, tmp, 8);
-            padKey(key, 14, tmp, 16);
-
-            return tmp;
-        }
-        else
-        {
-            return key;
-        }
-    }
-
-    /**
-     * Pad out a key for TDEA, setting odd parity for each byte.
-     *
-     * @param keyMaster
-     * @param keyOff
-     * @param tmp
-     * @param tmpOff
-     */
-    private void padKey(byte[] keyMaster, int keyOff, byte[] tmp, int tmpOff)
-    {
-        tmp[tmpOff + 0] = (byte)(keyMaster[keyOff + 0] & 0xfe);
-        tmp[tmpOff + 1] = (byte)((keyMaster[keyOff + 0] << 7) | ((keyMaster[keyOff + 1] & 0xfc) >>> 1));
-        tmp[tmpOff + 2] = (byte)((keyMaster[keyOff + 1] << 6) | ((keyMaster[keyOff + 2] & 0xf8) >>> 2));
-        tmp[tmpOff + 3] = (byte)((keyMaster[keyOff + 2] << 5) | ((keyMaster[keyOff + 3] & 0xf0) >>> 3));
-        tmp[tmpOff + 4] = (byte)((keyMaster[keyOff + 3] << 4) | ((keyMaster[keyOff + 4] & 0xe0) >>> 4));
-        tmp[tmpOff + 5] = (byte)((keyMaster[keyOff + 4] << 3) | ((keyMaster[keyOff + 5] & 0xc0) >>> 5));
-        tmp[tmpOff + 6] = (byte)((keyMaster[keyOff + 5] << 2) | ((keyMaster[keyOff + 6] & 0x80) >>> 6));
-        tmp[tmpOff + 7] = (byte)(keyMaster[keyOff + 6] << 1);
-
-        for (int i = tmpOff; i <= tmpOff + 7; i++)
-        {
-            int b = tmp[i];
-            tmp[i] = (byte)((b & 0xfe) |
-                            ((((b >> 1) ^
-                            (b >> 2) ^
-                            (b >> 3) ^
-                            (b >> 4) ^
-                            (b >> 5) ^
-                            (b >> 6) ^
-                            (b >> 7)) ^ 0x01) & 0x01));
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/drbg/DualECPoints.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/drbg/DualECPoints.java
deleted file mode 100644
index 7dcfa94..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/drbg/DualECPoints.java
+++ /dev/null

@@ -1,82 +0,0 @@
-package org.bouncycastle.crypto.prng.drbg;
-
-import org.bouncycastle.math.ec.ECPoint;
-
-/**
- * General class for providing point pairs for use with DualEC DRBG. See NIST SP 800-90A for further details.
- */
-public class DualECPoints
-{
-    private final ECPoint p;
-    private final ECPoint q;
-    private final int securityStrength;
-    private final int cofactor;
-
-    /**
-     * Base Constructor.
-     * <p>
-     * The cofactor is used to calculate the output block length (maxOutlen) according to
-     * <pre>
-     *     max_outlen = largest multiple of 8 less than ((field size in bits) - (13 + log2(cofactor))
-     * </pre>
-     *
-     * @param securityStrength maximum security strength to be associated with these parameters
-     * @param p the P point.
-     * @param q the Q point.
-     * @param cofactor cofactor associated with the domain parameters for the point generation.
-     */
-    public DualECPoints(int securityStrength, ECPoint p, ECPoint q, int cofactor)
-    {
-        if (!p.getCurve().equals(q.getCurve()))
-        {
-            throw new IllegalArgumentException("points need to be on the same curve");
-        }
-
-        this.securityStrength = securityStrength;
-        this.p = p;
-        this.q = q;
-        this.cofactor = cofactor;
-    }
-
-    public int getSeedLen()
-    {
-        return p.getCurve().getFieldSize();
-    }
-
-    public int getMaxOutlen()
-    {
-        return ((p.getCurve().getFieldSize() - (13 + log2(cofactor))) / 8) * 8;
-    }
-
-    public ECPoint getP()
-    {
-        return p;
-    }
-
-    public ECPoint getQ()
-    {
-        return q;
-    }
-
-    public int getSecurityStrength()
-    {
-        return securityStrength;
-    }
-
-    public int getCofactor()
-    {
-        return cofactor;
-    }
-
-    private static int log2(int value)
-    {
-        int log = 0;
-
-        while ((value >>= 1) != 0)
-        {
-            log++;
-        }
-
-        return log;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/drbg/DualECSP800DRBG.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/drbg/DualECSP800DRBG.java
deleted file mode 100644
index 35ce91a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/drbg/DualECSP800DRBG.java
+++ /dev/null

@@ -1,330 +0,0 @@
-package org.bouncycastle.crypto.prng.drbg;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.nist.NISTNamedCurves;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.prng.EntropySource;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECMultiplier;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.FixedPointCombMultiplier;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.BigIntegers;
-
-/**
- * A SP800-90A Dual EC DRBG.
- */
-public class DualECSP800DRBG
-    implements SP80090DRBG
-{
-    /*
-     * Default P, Q values for each curve
-     */
-    private static final BigInteger p256_Px = new BigInteger("6b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296", 16);
-    private static final BigInteger p256_Py = new BigInteger("4fe342e2fe1a7f9b8ee7eb4a7c0f9e162bce33576b315ececbb6406837bf51f5", 16);
-    private static final BigInteger p256_Qx = new BigInteger("c97445f45cdef9f0d3e05e1e585fc297235b82b5be8ff3efca67c59852018192", 16);
-    private static final BigInteger p256_Qy = new BigInteger("b28ef557ba31dfcbdd21ac46e2a91e3c304f44cb87058ada2cb815151e610046", 16);
-
-    private static final BigInteger p384_Px = new BigInteger("aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab7", 16);
-    private static final BigInteger p384_Py = new BigInteger("3617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f", 16);
-    private static final BigInteger p384_Qx = new BigInteger("8e722de3125bddb05580164bfe20b8b432216a62926c57502ceede31c47816edd1e89769124179d0b695106428815065", 16);
-    private static final BigInteger p384_Qy = new BigInteger("023b1660dd701d0839fd45eec36f9ee7b32e13b315dc02610aa1b636e346df671f790f84c5e09b05674dbb7e45c803dd", 16);
-
-    private static final BigInteger p521_Px = new BigInteger("c6858e06b70404e9cd9e3ecb662395b4429c648139053fb521f828af606b4d3dbaa14b5e77efe75928fe1dc127a2ffa8de3348b3c1856a429bf97e7e31c2e5bd66", 16);
-    private static final BigInteger p521_Py = new BigInteger("11839296a789a3bc0045c8a5fb42c7d1bd998f54449579b446817afbd17273e662c97ee72995ef42640c550b9013fad0761353c7086a272c24088be94769fd16650", 16);
-    private static final BigInteger p521_Qx = new BigInteger("1b9fa3e518d683c6b65763694ac8efbaec6fab44f2276171a42726507dd08add4c3b3f4c1ebc5b1222ddba077f722943b24c3edfa0f85fe24d0c8c01591f0be6f63", 16);
-    private static final BigInteger p521_Qy = new BigInteger("1f3bdba585295d9a1110d1df1f9430ef8442c5018976ff3437ef91b81dc0b8132c8d5c39c32d0e004a3092b7d327c0e7a4d26d2c7b69b58f9066652911e457779de", 16);
-
-    private static final DualECPoints[] nistPoints;
-
-    static
-    {
-        nistPoints = new DualECPoints[3];
-
-        ECCurve.Fp curve = (ECCurve.Fp)NISTNamedCurves.getByName("P-256").getCurve();
-
-        nistPoints[0] = new DualECPoints(128, curve.createPoint(p256_Px, p256_Py), curve.createPoint(p256_Qx, p256_Qy), 1);
-
-        curve = (ECCurve.Fp)NISTNamedCurves.getByName("P-384").getCurve();
-
-        nistPoints[1] = new DualECPoints(192, curve.createPoint(p384_Px, p384_Py), curve.createPoint(p384_Qx, p384_Qy), 1);
-
-        curve = (ECCurve.Fp)NISTNamedCurves.getByName("P-521").getCurve();
-
-        nistPoints[2] = new DualECPoints(256, curve.createPoint(p521_Px, p521_Py), curve.createPoint(p521_Qx, p521_Qy), 1);
-    }
-
-
-    private static final long       RESEED_MAX = 1L << (32 - 1);
-    private static final int        MAX_ADDITIONAL_INPUT = 1 << (13 - 1);
-    private static final int        MAX_ENTROPY_LENGTH = 1 << (13 - 1);
-    private static final int        MAX_PERSONALIZATION_STRING = 1 << (13 -1);
-
-    private Digest                 _digest;
-    private long                   _reseedCounter;
-    private EntropySource          _entropySource;
-    private int                    _securityStrength;
-    private int                    _seedlen;
-    private int                    _outlen;
-    private ECCurve.Fp             _curve;
-    private ECPoint                _P;
-    private ECPoint                _Q;
-    private byte[]                 _s;
-    private int                    _sLength;
-    private ECMultiplier           _fixedPointMultiplier = new FixedPointCombMultiplier();
-
-    /**
-     * Construct a SP800-90A Dual EC DRBG.
-     * <p>
-     * Minimum entropy requirement is the security strength requested.
-     * </p>
-     * @param digest source digest to use with the DRB stream.
-     * @param securityStrength security strength required (in bits)
-     * @param entropySource source of entropy to use for seeding/reseeding.
-     * @param personalizationString personalization string to distinguish this DRBG (may be null).
-     * @param nonce nonce to further distinguish this DRBG (may be null).
-     */
-    public DualECSP800DRBG(Digest digest, int securityStrength, EntropySource entropySource, byte[] personalizationString, byte[] nonce)
-    {
-        this(nistPoints, digest, securityStrength, entropySource, personalizationString, nonce);
-    }
-
-    /**
-     * Construct a SP800-90A Dual EC DRBG.
-     * <p>
-     * Minimum entropy requirement is the security strength requested.
-     * </p>
-     * @param pointSet an array of points to choose from, in order of increasing security strength
-     * @param digest source digest to use with the DRB stream.
-     * @param securityStrength security strength required (in bits)
-     * @param entropySource source of entropy to use for seeding/reseeding.
-     * @param personalizationString personalization string to distinguish this DRBG (may be null).
-     * @param nonce nonce to further distinguish this DRBG (may be null).
-     */
-    public DualECSP800DRBG(DualECPoints[] pointSet, Digest digest, int securityStrength, EntropySource entropySource, byte[] personalizationString, byte[] nonce)
-    {
-        _digest = digest;
-        _entropySource = entropySource;
-        _securityStrength = securityStrength;
-
-        if (Utils.isTooLarge(personalizationString, MAX_PERSONALIZATION_STRING / 8))
-        {
-            throw new IllegalArgumentException("Personalization string too large");
-        }
-
-        if (entropySource.entropySize() < securityStrength || entropySource.entropySize() > MAX_ENTROPY_LENGTH)
-        {
-            throw new IllegalArgumentException("EntropySource must provide between " + securityStrength + " and " + MAX_ENTROPY_LENGTH + " bits");
-        }
-
-        byte[] entropy = getEntropy();
-        byte[] seedMaterial = Arrays.concatenate(entropy, nonce, personalizationString);
-
-        for (int i = 0; i != pointSet.length; i++)
-        {
-            if (securityStrength <= pointSet[i].getSecurityStrength())
-            {
-                if (Utils.getMaxSecurityStrength(digest) < pointSet[i].getSecurityStrength())
-                {
-                    throw new IllegalArgumentException("Requested security strength is not supported by digest");
-                }
-                _seedlen = pointSet[i].getSeedLen();
-                _outlen =  pointSet[i].getMaxOutlen() / 8;
-                _P = pointSet[i].getP();
-                _Q = pointSet[i].getQ();
-                break;
-            }
-        }
-
-        if (_P == null)
-        {
-            throw new IllegalArgumentException("security strength cannot be greater than 256 bits");
-        }
-
-        _s = Utils.hash_df(_digest, seedMaterial, _seedlen);
-        _sLength = _s.length;
-
-        _reseedCounter = 0;
-    }
-
-    /**
-     * Return the block size (in bits) of the DRBG.
-     *
-     * @return the number of bits produced on each internal round of the DRBG.
-     */
-    public int getBlockSize()
-    {
-        return _outlen * 8;
-    }
-
-    /**
-     * Populate a passed in array with random data.
-     *
-     * @param output output array for generated bits.
-     * @param additionalInput additional input to be added to the DRBG in this step.
-     * @param predictionResistant true if a reseed should be forced, false otherwise.
-     *
-     * @return number of bits generated, -1 if a reseed required.
-     */
-    public int generate(byte[] output, byte[] additionalInput, boolean predictionResistant)
-    {
-        int numberOfBits = output.length*8;
-        int m = output.length / _outlen;
-
-        if (Utils.isTooLarge(additionalInput, MAX_ADDITIONAL_INPUT / 8))
-        {
-            throw new IllegalArgumentException("Additional input too large");
-        }
-
-        if (_reseedCounter + m > RESEED_MAX)
-        {
-            return -1;
-        }
-
-        if (predictionResistant)
-        {   
-            reseed(additionalInput);
-            additionalInput = null;
-        }
-
-        BigInteger s;
-
-        if (additionalInput != null)
-        {
-            // Note: we ignore the use of pad8 on the additional input as we mandate byte arrays for it.
-            additionalInput = Utils.hash_df(_digest, additionalInput, _seedlen);
-            s = new BigInteger(1, xor(_s, additionalInput));
-        }
-        else
-        {
-            s = new BigInteger(1, _s);
-        }
-
-        // make sure we start with a clean output array.
-        Arrays.fill(output, (byte)0);
-
-        int outOffset = 0;
-
-        for (int i = 0; i < m; i++)
-        {
-            s = getScalarMultipleXCoord(_P, s);
-
-            //System.err.println("S: " + new String(Hex.encode(_s)));
-
-            byte[] r = getScalarMultipleXCoord(_Q, s).toByteArray();
-
-            if (r.length > _outlen)
-            {
-                System.arraycopy(r, r.length - _outlen, output, outOffset, _outlen);
-            }
-            else
-            {
-                System.arraycopy(r, 0, output, outOffset + (_outlen - r.length), r.length);
-            }
-
-            //System.err.println("R: " + new String(Hex.encode(r)));
-            outOffset += _outlen;
-
-            _reseedCounter++;
-        }
-
-        if (outOffset < output.length)
-        {
-            s = getScalarMultipleXCoord(_P, s);
-
-            byte[] r = getScalarMultipleXCoord(_Q, s).toByteArray();
-
-            int required = output.length - outOffset;
-
-            if (r.length > _outlen)
-            {
-                System.arraycopy(r, r.length - _outlen, output, outOffset, required);
-            }
-            else
-            {
-                System.arraycopy(r, 0, output, outOffset + (_outlen - r.length), required);
-            }
-
-            _reseedCounter++;
-        }
-
-        // Need to preserve length of S as unsigned int.
-        _s = BigIntegers.asUnsignedByteArray(_sLength, getScalarMultipleXCoord(_P, s));
-
-        return numberOfBits;
-    }
-
-    /**
-      * Reseed the DRBG.
-      *
-      * @param additionalInput additional input to be added to the DRBG in this step.
-      */
-    public void reseed(byte[] additionalInput)
-    {
-        if (Utils.isTooLarge(additionalInput, MAX_ADDITIONAL_INPUT / 8))
-        {
-            throw new IllegalArgumentException("Additional input string too large");
-        }
-
-        byte[] entropy = getEntropy();
-        byte[] seedMaterial = Arrays.concatenate(pad8(_s, _seedlen), entropy, additionalInput);
-
-        _s = Utils.hash_df(_digest, seedMaterial, _seedlen);
-
-        _reseedCounter = 0;
-    }
-
-    private byte[] getEntropy()
-    {
-        byte[] entropy = _entropySource.getEntropy();
-        if (entropy.length < (_securityStrength + 7) / 8)
-        {
-            throw new IllegalStateException("Insufficient entropy provided by entropy source");
-        }
-        return entropy;
-    }
-
-    private byte[] xor(byte[] a, byte[] b)
-    {
-        if (b == null)
-        {
-            return a;
-        }
-
-        byte[] rv = new byte[a.length];
-
-        for (int i = 0; i != rv.length; i++)
-        {
-            rv[i] = (byte)(a[i] ^ b[i]);
-        }
-
-        return rv;
-    }
-
-    // Note: works in place
-    private byte[] pad8(byte[] s, int seedlen)
-    {
-        if (seedlen % 8 == 0)
-        {
-            return s;
-        }
-
-        int shift = 8 - (seedlen % 8);
-        int carry = 0;
-
-        for (int i = s.length - 1; i >= 0; i--)
-        {
-            int b = s[i] & 0xff;
-            s[i] = (byte)((b << shift) | (carry >> (8 - shift)));
-            carry = b;
-        }
-
-        return s;
-    }
-
-    private BigInteger getScalarMultipleXCoord(ECPoint p, BigInteger s)
-    {
-        return _fixedPointMultiplier.multiply(p, s).normalize().getAffineXCoord().toBigInteger();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/drbg/HMacSP800DRBG.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/drbg/HMacSP800DRBG.java
deleted file mode 100644
index 04762c4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/drbg/HMacSP800DRBG.java
+++ /dev/null

@@ -1,194 +0,0 @@
-package org.bouncycastle.crypto.prng.drbg;
-
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.prng.EntropySource;
-import org.bouncycastle.util.Arrays;
-
-/**
- * A SP800-90A HMAC DRBG.
- */
-public class HMacSP800DRBG
-    implements SP80090DRBG
-{
-    private final static long       RESEED_MAX = 1L << (48 - 1);
-    private final static int        MAX_BITS_REQUEST = 1 << (19 - 1);
-
-    private byte[] _K;
-    private byte[] _V;
-    private long   _reseedCounter;
-    private EntropySource _entropySource;
-    private Mac _hMac;
-    private int _securityStrength;
-
-    /**
-     * Construct a SP800-90A Hash DRBG.
-     * <p>
-     * Minimum entropy requirement is the security strength requested.
-     * </p>
-     * @param hMac Hash MAC to base the DRBG on.
-     * @param securityStrength security strength required (in bits)
-     * @param entropySource source of entropy to use for seeding/reseeding.
-     * @param personalizationString personalization string to distinguish this DRBG (may be null).
-     * @param nonce nonce to further distinguish this DRBG (may be null).
-     */
-    public HMacSP800DRBG(Mac hMac, int securityStrength, EntropySource entropySource, byte[] personalizationString, byte[] nonce)
-    {
-        if (securityStrength > Utils.getMaxSecurityStrength(hMac))
-        {
-            throw new IllegalArgumentException("Requested security strength is not supported by the derivation function");
-        }
-
-        if (entropySource.entropySize() < securityStrength)
-        {
-            throw new IllegalArgumentException("Not enough entropy for security strength required");
-        }
-
-        _securityStrength = securityStrength;
-        _entropySource = entropySource;
-        _hMac = hMac;
-
-        byte[] entropy = getEntropy();
-        byte[] seedMaterial = Arrays.concatenate(entropy, nonce, personalizationString);
-
-        _K = new byte[hMac.getMacSize()];
-        _V = new byte[_K.length];
-        Arrays.fill(_V, (byte)1);
-
-        hmac_DRBG_Update(seedMaterial);
-
-        _reseedCounter = 1;
-    }
-
-    private void hmac_DRBG_Update(byte[] seedMaterial)
-    {
-        hmac_DRBG_Update_Func(seedMaterial, (byte)0x00);
-        if (seedMaterial != null)
-        {
-            hmac_DRBG_Update_Func(seedMaterial, (byte)0x01);
-        }
-    }
-
-    private void hmac_DRBG_Update_Func(byte[] seedMaterial, byte vValue)
-    {
-        _hMac.init(new KeyParameter(_K));
-
-        _hMac.update(_V, 0, _V.length);
-        _hMac.update(vValue);
-
-        if (seedMaterial != null)
-        {
-            _hMac.update(seedMaterial, 0, seedMaterial.length);
-        }
-
-        _hMac.doFinal(_K, 0);
-
-        _hMac.init(new KeyParameter(_K));
-        _hMac.update(_V, 0, _V.length);
-
-        _hMac.doFinal(_V, 0);
-    }
-
-    /**
-     * Return the block size (in bits) of the DRBG.
-     *
-     * @return the number of bits produced on each round of the DRBG.
-     */
-    public int getBlockSize()
-    {
-        return _V.length * 8;
-    }
-
-    /**
-     * Populate a passed in array with random data.
-     *
-     * @param output output array for generated bits.
-     * @param additionalInput additional input to be added to the DRBG in this step.
-     * @param predictionResistant true if a reseed should be forced, false otherwise.
-     *
-     * @return number of bits generated, -1 if a reseed required.
-     */
-    public int generate(byte[] output, byte[] additionalInput, boolean predictionResistant)
-    {
-        int numberOfBits = output.length * 8;
-
-        if (numberOfBits > MAX_BITS_REQUEST)
-        {
-            throw new IllegalArgumentException("Number of bits per request limited to " + MAX_BITS_REQUEST);
-        }
-
-        if (_reseedCounter > RESEED_MAX)
-        {
-            return -1;
-        }
-
-        if (predictionResistant)
-        {
-            reseed(additionalInput);
-            additionalInput = null;
-        }
-
-        // 2.
-        if (additionalInput != null)
-        {
-            hmac_DRBG_Update(additionalInput);
-        }
-
-        // 3.
-        byte[] rv = new byte[output.length];
-
-        int m = output.length / _V.length;
-
-        _hMac.init(new KeyParameter(_K));
-
-        for (int i = 0; i < m; i++)
-        {
-            _hMac.update(_V, 0, _V.length);
-            _hMac.doFinal(_V, 0);
-
-            System.arraycopy(_V, 0, rv, i * _V.length, _V.length);
-        }
-
-        if (m * _V.length < rv.length)
-        {
-            _hMac.update(_V, 0, _V.length);
-            _hMac.doFinal(_V, 0);
-
-            System.arraycopy(_V, 0, rv, m * _V.length, rv.length - (m * _V.length));
-        }
-
-        hmac_DRBG_Update(additionalInput);
-
-        _reseedCounter++;
-
-        System.arraycopy(rv, 0, output, 0, output.length);
-
-        return numberOfBits;
-    }
-
-    /**
-      * Reseed the DRBG.
-      *
-      * @param additionalInput additional input to be added to the DRBG in this step.
-      */
-    public void reseed(byte[] additionalInput)
-    {
-        byte[] entropy = getEntropy();
-        byte[] seedMaterial = Arrays.concatenate(entropy, additionalInput);
-
-        hmac_DRBG_Update(seedMaterial);
-
-        _reseedCounter = 1;
-    }
-
-    private byte[] getEntropy()
-    {
-        byte[] entropy = _entropySource.getEntropy();
-
-        if (entropy.length < (_securityStrength + 7) / 8)
-        {
-            throw new IllegalStateException("Insufficient entropy provided by entropy source");
-        }
-        return entropy;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/drbg/HashSP800DRBG.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/drbg/HashSP800DRBG.java
deleted file mode 100644
index c399559..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/drbg/HashSP800DRBG.java
+++ /dev/null

@@ -1,294 +0,0 @@
-package org.bouncycastle.crypto.prng.drbg;
-
-import java.util.Hashtable;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.prng.EntropySource;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Integers;
-
-/**
- * A SP800-90A Hash DRBG.
- */
-public class HashSP800DRBG
-    implements SP80090DRBG
-{
-    private final static byte[]     ONE = { 0x01 };
-
-    private final static long       RESEED_MAX = 1L << (48 - 1);
-    private final static int        MAX_BITS_REQUEST = 1 << (19 - 1);
-
-    private final static Hashtable  seedlens = new Hashtable();
-
-    static
-    {
-        seedlens.put("SHA-1", Integers.valueOf(440));
-        seedlens.put("SHA-224", Integers.valueOf(440));
-        seedlens.put("SHA-256", Integers.valueOf(440));
-        seedlens.put("SHA-512/256", Integers.valueOf(440));
-        seedlens.put("SHA-512/224", Integers.valueOf(440));
-        seedlens.put("SHA-384", Integers.valueOf(888));
-        seedlens.put("SHA-512", Integers.valueOf(888));
-    }
-
-    private Digest        _digest;
-    private byte[]        _V;
-    private byte[]        _C;
-    private long          _reseedCounter;
-    private EntropySource _entropySource;
-    private int           _securityStrength;
-    private int           _seedLength;
-
-    /**
-     * Construct a SP800-90A Hash DRBG.
-     * <p>
-     * Minimum entropy requirement is the security strength requested.
-     * </p>
-     * @param digest  source digest to use for DRB stream.
-     * @param securityStrength security strength required (in bits)
-     * @param entropySource source of entropy to use for seeding/reseeding.
-     * @param personalizationString personalization string to distinguish this DRBG (may be null).
-     * @param nonce nonce to further distinguish this DRBG (may be null).
-     */
-    public HashSP800DRBG(Digest digest, int securityStrength, EntropySource entropySource, byte[] personalizationString, byte[] nonce)
-    {
-        if (securityStrength > Utils.getMaxSecurityStrength(digest))
-        {
-            throw new IllegalArgumentException("Requested security strength is not supported by the derivation function");
-        }
-
-        if (entropySource.entropySize() < securityStrength)
-        {
-            throw new IllegalArgumentException("Not enough entropy for security strength required");
-        }
-
-        _digest = digest;
-        _entropySource = entropySource;
-        _securityStrength = securityStrength;
-        _seedLength = ((Integer)seedlens.get(digest.getAlgorithmName())).intValue();
-
-        // 1. seed_material = entropy_input || nonce || personalization_string.
-        // 2. seed = Hash_df (seed_material, seedlen).
-        // 3. V = seed.
-        // 4. C = Hash_df ((0x00 || V), seedlen). Comment: Preceed V with a byte
-        // of zeros.
-        // 5. reseed_counter = 1.
-        // 6. Return V, C, and reseed_counter as the initial_working_state
-
-        byte[] entropy = getEntropy();
-        byte[] seedMaterial = Arrays.concatenate(entropy, nonce, personalizationString);
-        byte[] seed = Utils.hash_df(_digest, seedMaterial, _seedLength);
-
-        _V = seed;
-        byte[] subV = new byte[_V.length + 1];
-        System.arraycopy(_V, 0, subV, 1, _V.length);
-        _C = Utils.hash_df(_digest, subV, _seedLength);
-
-        _reseedCounter = 1;
-    }
-
-    /**
-     * Return the block size (in bits) of the DRBG.
-     *
-     * @return the number of bits produced on each internal round of the DRBG.
-     */
-    public int getBlockSize()
-    {
-        return _digest.getDigestSize() * 8;
-    }
-
-    /**
-     * Populate a passed in array with random data.
-     *
-     * @param output output array for generated bits.
-     * @param additionalInput additional input to be added to the DRBG in this step.
-     * @param predictionResistant true if a reseed should be forced, false otherwise.
-     *
-     * @return number of bits generated, -1 if a reseed required.
-     */
-    public int generate(byte[] output, byte[] additionalInput, boolean predictionResistant)
-    {
-        // 1. If reseed_counter > reseed_interval, then return an indication that a
-        // reseed is required.
-        // 2. If (additional_input != Null), then do
-        // 2.1 w = Hash (0x02 || V || additional_input).
-        // 2.2 V = (V + w) mod 2^seedlen
-        // .
-        // 3. (returned_bits) = Hashgen (requested_number_of_bits, V).
-        // 4. H = Hash (0x03 || V).
-        // 5. V = (V + H + C + reseed_counter) mod 2^seedlen
-        // .
-        // 6. reseed_counter = reseed_counter + 1.
-        // 7. Return SUCCESS, returned_bits, and the new values of V, C, and
-        // reseed_counter for the new_working_state.
-        int numberOfBits = output.length*8;
-
-        if (numberOfBits > MAX_BITS_REQUEST)
-        {
-            throw new IllegalArgumentException("Number of bits per request limited to " + MAX_BITS_REQUEST);
-        }
-
-        if (_reseedCounter > RESEED_MAX)
-        {
-            return -1;
-        }
-
-        if (predictionResistant)
-        {   
-            reseed(additionalInput);
-            additionalInput = null;
-        }
-
-        // 2.
-        if (additionalInput != null)
-        {
-            byte[] newInput = new byte[1 + _V.length + additionalInput.length];
-            newInput[0] = 0x02;
-            System.arraycopy(_V, 0, newInput, 1, _V.length);
-            // TODO: inOff / inLength
-            System.arraycopy(additionalInput, 0, newInput, 1 + _V.length, additionalInput.length);
-            byte[] w = hash(newInput);
-
-            addTo(_V, w);
-        }
-        
-        // 3.
-        byte[] rv = hashgen(_V, numberOfBits);
-        
-        // 4.
-        byte[] subH = new byte[_V.length + 1];
-        System.arraycopy(_V, 0, subH, 1, _V.length);
-        subH[0] = 0x03;
-        
-        byte[] H = hash(subH);
-        
-        // 5.
-        addTo(_V, H);
-        addTo(_V, _C);
-        byte[] c = new byte[4];
-        c[0] = (byte)(_reseedCounter >> 24);
-        c[1] = (byte)(_reseedCounter >> 16);
-        c[2] = (byte)(_reseedCounter >> 8);
-        c[3] = (byte)_reseedCounter;
-        
-        addTo(_V, c);
-
-        _reseedCounter++;
-
-        System.arraycopy(rv, 0, output, 0, output.length);
-
-        return numberOfBits;
-    }
-
-    private byte[] getEntropy()
-    {
-        byte[] entropy = _entropySource.getEntropy();
-        if (entropy.length < (_securityStrength + 7) / 8)
-        {
-            throw new IllegalStateException("Insufficient entropy provided by entropy source");
-        }
-        return entropy;
-    }
-
-    // this will always add the shorter length byte array mathematically to the
-    // longer length byte array.
-    // be careful....
-    private void addTo(byte[] longer, byte[] shorter)
-    {
-        int carry = 0;
-        for (int i=1;i <= shorter.length; i++) // warning
-        {
-            int res = (longer[longer.length-i] & 0xff) + (shorter[shorter.length-i] & 0xff) + carry;
-            carry = (res > 0xff) ? 1 : 0;
-            longer[longer.length-i] = (byte)res;
-        }
-        
-        for (int i=shorter.length+1;i <= longer.length; i++) // warning
-        {
-            int res = (longer[longer.length-i] & 0xff) + carry;
-            carry = (res > 0xff) ? 1 : 0;
-            longer[longer.length-i] = (byte)res;
-        }
-    }
-
-    /**
-      * Reseed the DRBG.
-      *
-      * @param additionalInput additional input to be added to the DRBG in this step.
-      */
-    public void reseed(byte[] additionalInput)
-    {
-        // 1. seed_material = 0x01 || V || entropy_input || additional_input.
-        //
-        // 2. seed = Hash_df (seed_material, seedlen).
-        //
-        // 3. V = seed.
-        //
-        // 4. C = Hash_df ((0x00 || V), seedlen).
-        //
-        // 5. reseed_counter = 1.
-        //
-        // 6. Return V, C, and reseed_counter for the new_working_state.
-        //
-        // Comment: Precede with a byte of all zeros.
-        byte[] entropy = getEntropy();
-        byte[] seedMaterial = Arrays.concatenate(ONE, _V, entropy, additionalInput);
-        byte[] seed = Utils.hash_df(_digest, seedMaterial, _seedLength);
-
-        _V = seed;
-        byte[] subV = new byte[_V.length + 1];
-        subV[0] = 0x00;
-        System.arraycopy(_V, 0, subV, 1, _V.length);
-        _C = Utils.hash_df(_digest, subV, _seedLength);
-
-        _reseedCounter = 1;
-    }
-    
-    private byte[] hash(byte[] input)
-    {
-        byte[] hash = new byte[_digest.getDigestSize()];
-        doHash(input, hash);
-        return hash;
-    }
-
-    private void doHash(byte[] input, byte[] output)
-    {
-        _digest.update(input, 0, input.length);
-        _digest.doFinal(output, 0);
-    }
-
-    // 1. m = [requested_number_of_bits / outlen]
-    // 2. data = V.
-    // 3. W = the Null string.
-    // 4. For i = 1 to m
-    // 4.1 wi = Hash (data).
-    // 4.2 W = W || wi.
-    // 4.3 data = (data + 1) mod 2^seedlen
-    // .
-    // 5. returned_bits = Leftmost (requested_no_of_bits) bits of W.
-    private byte[] hashgen(byte[] input, int lengthInBits)
-    {
-        int digestSize = _digest.getDigestSize();
-        int m = (lengthInBits / 8) / digestSize;
-
-        byte[] data = new byte[input.length];
-        System.arraycopy(input, 0, data, 0, input.length);
-
-        byte[] W = new byte[lengthInBits / 8];
-
-        byte[] dig = new byte[_digest.getDigestSize()];
-        for (int i = 0; i <= m; i++)
-        {
-            doHash(data, dig);
-
-            int bytesToCopy = ((W.length - i * dig.length) > dig.length)
-                    ? dig.length
-                    : (W.length - i * dig.length);
-            System.arraycopy(dig, 0, W, i * dig.length, bytesToCopy);
-
-            addTo(data, ONE);
-        }
-
-        return W;
-    }    
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/drbg/SP80090DRBG.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/drbg/SP80090DRBG.java
deleted file mode 100644
index 7a919f3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/drbg/SP80090DRBG.java
+++ /dev/null

@@ -1,32 +0,0 @@
-package org.bouncycastle.crypto.prng.drbg;
-
-/**
- * Interface to SP800-90A deterministic random bit generators.
- */
-public interface SP80090DRBG
-{
-    /**
-     * Return the block size of the DRBG.
-     *
-     * @return the block size (in bits) produced by each round of the DRBG.
-     */
-    int getBlockSize();
-
-    /**
-     * Populate a passed in array with random data.
-     *
-     * @param output output array for generated bits.
-     * @param additionalInput additional input to be added to the DRBG in this step.
-     * @param predictionResistant true if a reseed should be forced, false otherwise.
-     *
-     * @return number of bits generated, -1 if a reseed required.
-     */
-    int generate(byte[] output, byte[] additionalInput, boolean predictionResistant);
-
-    /**
-     * Reseed the DRBG.
-     *
-     * @param additionalInput additional input to be added to the DRBG in this step.
-     */
-    void reseed(byte[] additionalInput);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/drbg/Utils.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/drbg/Utils.java
deleted file mode 100644
index f7a4117..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/drbg/Utils.java
+++ /dev/null

@@ -1,103 +0,0 @@
-package org.bouncycastle.crypto.prng.drbg;
-
-import java.util.Hashtable;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.util.Integers;
-
-class Utils
-{
-    static final Hashtable maxSecurityStrengths = new Hashtable();
-
-    static
-    {
-        maxSecurityStrengths.put("SHA-1", Integers.valueOf(128));
-
-        maxSecurityStrengths.put("SHA-224", Integers.valueOf(192));
-        maxSecurityStrengths.put("SHA-256", Integers.valueOf(256));
-        maxSecurityStrengths.put("SHA-384", Integers.valueOf(256));
-        maxSecurityStrengths.put("SHA-512", Integers.valueOf(256));
-
-        maxSecurityStrengths.put("SHA-512/224", Integers.valueOf(192));
-        maxSecurityStrengths.put("SHA-512/256", Integers.valueOf(256));
-    }
-
-    static int getMaxSecurityStrength(Digest d)
-    {
-        return ((Integer)maxSecurityStrengths.get(d.getAlgorithmName())).intValue();
-    }
-
-    static int getMaxSecurityStrength(Mac m)
-    {
-        String name = m.getAlgorithmName();
-
-        return ((Integer)maxSecurityStrengths.get(name.substring(0, name.indexOf("/")))).intValue();
-    }
-
-    /**
-     * Used by both Dual EC and Hash.
-     */
-    static byte[] hash_df(Digest digest, byte[] seedMaterial, int seedLength)
-    {
-         // 1. temp = the Null string.
-        // 2. .
-        // 3. counter = an 8-bit binary value representing the integer "1".
-        // 4. For i = 1 to len do
-        // Comment : In step 4.1, no_of_bits_to_return
-        // is used as a 32-bit string.
-        // 4.1 temp = temp || Hash (counter || no_of_bits_to_return ||
-        // input_string).
-        // 4.2 counter = counter + 1.
-        // 5. requested_bits = Leftmost (no_of_bits_to_return) of temp.
-        // 6. Return SUCCESS and requested_bits.
-        byte[] temp = new byte[(seedLength + 7) / 8];
-
-        int len = temp.length / digest.getDigestSize();
-        int counter = 1;
-
-        byte[] dig = new byte[digest.getDigestSize()];
-
-        for (int i = 0; i <= len; i++)
-        {
-            digest.update((byte)counter);
-
-            digest.update((byte)(seedLength >> 24));
-            digest.update((byte)(seedLength >> 16));
-            digest.update((byte)(seedLength >> 8));
-            digest.update((byte)seedLength);
-
-            digest.update(seedMaterial, 0, seedMaterial.length);
-
-            digest.doFinal(dig, 0);
-
-            int bytesToCopy = ((temp.length - i * dig.length) > dig.length)
-                    ? dig.length
-                    : (temp.length - i * dig.length);
-            System.arraycopy(dig, 0, temp, i * dig.length, bytesToCopy);
-
-            counter++;
-        }
-
-        // do a left shift to get rid of excess bits.
-        if (seedLength % 8 != 0)
-        {
-            int shift = 8 - (seedLength % 8);
-            int carry = 0;
-
-            for (int i = 0; i != temp.length; i++)
-            {
-                int b = temp[i] & 0xff;
-                temp[i] = (byte)((b >>> shift) | (carry << (8 - shift)));
-                carry = b;
-            }
-        }
-
-        return temp;
-    }
-
-    static boolean isTooLarge(byte[] bytes, int maxBytes)
-    {
-        return bytes != null && bytes.length > maxBytes;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/drbg/package.html b/bcprov/src/main/java/org/bouncycastle/crypto/prng/drbg/package.html
deleted file mode 100644
index c006166..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/drbg/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-SP800-90A deterministic random bit generators, can be used stand alone or in conjunction with SP800SecureRandomBuilder class.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/package.html b/bcprov/src/main/java/org/bouncycastle/crypto/prng/package.html
deleted file mode 100644
index bb583ab..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Lightweight psuedo-random number generators and SecureRandom builders.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/AllTests.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/AllTests.java
deleted file mode 100644
index 5680d81..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/AllTests.java
+++ /dev/null

@@ -1,59 +0,0 @@
-package org.bouncycastle.crypto.prng.test;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.util.test.SimpleTestResult;
-
-public class AllTests
-    extends TestCase
-{   
-    public void testCrypto()
-    {   
-        org.bouncycastle.util.test.Test[] tests = RegressionTest.tests;
-        
-        for (int i = 0; i != tests.length; i++)
-        {
-            SimpleTestResult  result = (SimpleTestResult)tests[i].perform();
-  
-            if (!result.isSuccessful())
-            {
-                fail(result.toString());
-            }
-        }
-    }
-    
-    public static void main (String[] args)
-    {
-        junit.textui.TestRunner.run(suite());
-    }
-    
-    public static Test suite()
-    {
-        TestSuite suite = new TestSuite("Lightweight Crypto PRNG Tests");
-        
-        suite.addTestSuite(AllTests.class);
-        
-        return new BCTestSetup(suite);
-    }
-
-    static class BCTestSetup
-        extends TestSetup
-    {
-        public BCTestSetup(Test test)
-        {
-            super(test);
-        }
-
-        protected void setUp()
-        {
-
-        }
-
-        protected void tearDown()
-        {
-
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/CTRDRBGTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/CTRDRBGTest.java
deleted file mode 100644
index 3d37a78..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/CTRDRBGTest.java
+++ /dev/null

@@ -1,528 +0,0 @@
-package org.bouncycastle.crypto.prng.test;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.engines.AESEngine;
-import org.bouncycastle.crypto.engines.AESFastEngine;
-import org.bouncycastle.crypto.engines.DESedeEngine;
-import org.bouncycastle.crypto.params.DESedeParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.prng.drbg.CTRSP800DRBG;
-import org.bouncycastle.crypto.prng.drbg.SP80090DRBG;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * CTR DRBG Test
- */
-public class CTRDRBGTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "CTRDRBGTest";
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new CTRDRBGTest());
-    }
-    
-    private DRBGTestVector[] createTestVectorData()
-    {
-        return new DRBGTestVector[]
-            {
-                new DRBGTestVector(
-                            new DESedeEngine(), 168,
-                            new Bit232EntropyProvider().get(232),
-                            false,
-                            "20212223242526",
-                            112,
-                            new String[]
-                                {
-                                    "ABC88224514D0316EA3D48AEE3C9A2B4",
-                                    "D3D3F372E43E7ABDC4FA293743EED076"
-                                }
-                        ),
-                new DRBGTestVector(
-                            new DESedeEngine(), 168,
-                            new Bit232EntropyProvider().get(232),
-                            false,
-                            "20212223242526",
-                            112,
-                            new String[]
-                                {
-                                    "D4564EE072ACA5BD279536E14F94CB12",
-                                    "1CCD9AFEF15A9679BA75E35225585DEA"
-                                }
-                        )
-                .addAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C")
-                .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBC"),
-                new DRBGTestVector(
-                            new DESedeEngine(), 168,
-                            new Bit232EntropyProvider().get(232),
-                            false,
-                            "20212223242526",
-                            112,
-                            new String[]
-                                {
-                                    "760BED7D92B083B10AF31CF0656081EB",
-                                    "FD1AC41482384D823CF3FD6F0E6C88B3"
-                                }
-                        )
-                .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C"),
-                new DRBGTestVector(
-                            new DESedeEngine(), 168,
-                            new Bit232EntropyProvider().get(232),
-                            false,
-                            "20212223242526",
-                            112,
-                            new String[]
-                                {
-                                    "7A4C1D7ADC8A67FDB50100ED23583A2C",
-                                    "43044D311C0E07541CA5C8B0916976B2"
-                                }
-                        )
-                .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C")
-                .addAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C")
-                .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBC"),
-                new DRBGTestVector(
-                            new DESedeEngine(), 168,
-                            new Bit232EntropyProvider().get(232),
-                            true,
-                            "20212223242526",
-                            112,
-                            new String[]
-                                {
-                                    "8FB78ABCA75C9F284E974E36141866BC",
-                                    "9D9745FF31C42A4488CBB771B13B5D86"
-                                }
-                        ),
-                new DRBGTestVector(
-                            new DESedeEngine(), 168,
-                            new Bit232EntropyProvider().get(232),
-                            true,
-                            "20212223242526",
-                            112,
-                            new String[]
-                                {
-                                    "0E389920A09B485AA4ABD0CA7E60D89C",
-                                    "F4478EC6659A0D3577625B0C73A211DD"
-                                }
-                        )
-                .addAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C")
-                .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBC"),
-                new DRBGTestVector(
-                            new DESedeEngine(), 168,
-                            new Bit232EntropyProvider().get(232),
-                            true,
-                            "20212223242526",
-                            112,
-                            new String[]
-                                {
-                                    "64983055D014550B39DE699E43130B64",
-                                    "035FDDA8582A2214EC722C410A8D95D3"
-                                }
-                        )
-                .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C"),
-                new DRBGTestVector(
-                            new DESedeEngine(), 168,
-                            new Bit232EntropyProvider().get(232),
-                            true,
-                            "20212223242526",
-                            112,
-                            new String[]
-                                {
-                                    "A29C1A8C42FBC562D7D1DBA7DC541FFE",
-                                    "0BDA66B049429061C013E4228C2F44C6"
-                                }
-                        )
-                .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C")
-                .addAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C")
-                .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBC"),
-                new DRBGTestVector(
-                            new AESFastEngine(), 128,
-                            new Bit256EntropyProvider().get(256),
-                            false,
-                            "2021222324252627",
-                            128,
-                            new String[]
-                                {
-                                    "8CF59C8CF6888B96EB1C1E3E79D82387AF08A9E5FF75E23F1FBCD4559B6B997E",
-                                    "69CDEF912C692D61B1DA4C05146B52EB7B8849BD87937835328254EC25A9180E"
-                                }
-                        ),
-                new DRBGTestVector(
-                            new AESFastEngine(), 128,
-                            new Bit256EntropyProvider().get(256),
-                            false,
-                            "2021222324252627",
-                            128,
-                            new String[]
-                                {
-                                    "E8C74A4B7BFFB53BEB80E78CA86BB6DF70E2032AEB473E0DD54D2339CEFCE9D0",
-                                    "26B3F823B4DBAFC23B141375E10B3AEB7A0B5DEF1C7D760B6F827D01ECD17AC7"
-                                }
-                        )
-                .addAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F")
-                .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF"),
-                new DRBGTestVector(
-                           new AESFastEngine(), 128,
-                           new Bit256EntropyProvider().get(256),
-                           false,
-                           "2021222324252627",
-                           128,
-                           new String[]
-                               {
-                                   "18FDEFBDC43D7A36D5D6D862205765D1D701C9F237007030DF1B8E70EE4EEE29",
-                                   "9888F1D38BB1CCE31B363AA1BD9B39616876C30DEE1FF0B7BD8C4C441715C833"
-                               }
-                       )
-               .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F"),
-                new DRBGTestVector(
-                            new AESFastEngine(), 128,
-                            new Bit256EntropyProvider().get(256),
-                            true,
-                            "2021222324252627",
-                            128,
-                            new String[]
-                                {
-                                    "BFF4B85D68C84529F24F69F9ACF1756E29BA648DDEB825C225FA32BA490EF4A9",
-                                    "9BD2635137A52AF7D0FCBEFEFB97EA93A0F4C438BD98956C0DACB04F15EE25B3"
-                                }
-                        ),
-                new DRBGTestVector(
-                            new AESFastEngine(), 128,
-                            new Bit256EntropyProvider().get(256),
-                            true,
-                            "2021222324252627",
-                            128,
-                            new String[]
-                                {
-                                    "4573AC8BBB33D7CC4DBEF3EEDF6EAE748B536C3A1082CEE4948CDB51C83A7F9C",
-                                    "99C628CDD87BD8C2F1FE443AA7F761DA16886436326323354DA6311FFF5BC678"
-                                }
-                        )
-                .addAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F")
-                .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF"),
-                new DRBGTestVector(
-                           new AESFastEngine(), 128,
-                           new Bit256EntropyProvider().get(256),
-                           true,
-                           "2021222324252627",
-                           128,
-                           new String[]
-                               {
-                                   "F324104E2FA14F79D8AA60DF06B93B3BC157324958F0A7EE1E193677A70E0250",
-                                   "78F4C840134F40DC001BFAD3A90B5EF4DEBDBFAC3CFDF0CD69A89DC4FD34713F"
-                               }
-                       )
-               .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F"),
-                new DRBGTestVector(
-                            new AESFastEngine(), 192,
-                            new Bit320EntropyProvider().get(320),
-                            false,
-                            "202122232425262728292A2B",
-                            192,
-                            new String[]
-                                {
-                                    "E231244B3235B085C81604424357E85201E3828B5C45568679A5555F867AAC8C",
-                                    "DDD0F7BCCADADAA31A67652259CE569A271DD85CF66C3D6A7E9FAED61F38D219"
-                                }
-                        )
-                .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F6061626364656667"),
-                new DRBGTestVector(
-                        new AESFastEngine(), 192,
-                        new Bit320EntropyProvider().get(320),
-                        true,
-                        "202122232425262728292A2B",
-                        192,
-                        new String[]
-                            {
-                                "F780D4A2C25CF8EE7407D948EC0B724A4235D8B20E65081392755CA7912AD7C0",
-                                "BA14617F915BA964CB79276BDADC840C14B631BBD1A59097054FA6DFF863B238"
-                            }
-                    )
-            .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F6061626364656667"),
-                new DRBGTestVector(
-                            new AESFastEngine(), 256,
-                            new Bit384EntropyProvider().get(384),
-                            false,
-                            "202122232425262728292A2B2C2D2E2F",
-                            256,
-                            new String[]
-                                {
-                                    "47111E146562E9AA2FB2A1B095D37A8165AF8FC7CA611D632BE7D4C145C83900",
-                                    "98A28E3B1BA363C9DAF0F6887A1CF52B833D3354D77A7C10837DD63DD2E645F8"
-                                }
-                        )
-                .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F")
-                .addAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F")
-                .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECF"),
-                new DRBGTestVector(
-                            new AESFastEngine(), 256,
-                            new Bit384EntropyProvider().get(384),
-                            true,
-                            "202122232425262728292A2B2C2D2E2F",
-                            256,
-                            new String[]
-                                {
-                                    "71BB3F9C9CEAF4E6C92A83EB4C7225010EE150AC75E23F5F77AD5073EF24D88A",
-                                    "386DEBBBF091BBF0502957B0329938FB836B82E594A2F5FDD5EB28D4E35528F4"
-                                }
-                        )
-                .addAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F")
-                .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECF"),
-                new DRBGTestVector(
-                            new AESFastEngine(), 256,
-                            new Bit384EntropyProvider().get(384),
-                            true,
-                            "202122232425262728292A2B2C2D2E2F",
-                            256,
-                            new String[]
-                                {
-                                    "1A2E3FEE9056E98D375525FDC2B63B95B47CE51FCF594D804BD5A17F2E01139B",
-                                    "601F95384F0D85946301D1EACE8F645A825CE38F1E2565B0C0C439448E9CA8AC"
-                                }
-                        )
-                .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F"),
-                new DRBGTestVector(
-                            new AESFastEngine(), 256,
-                            new Bit384EntropyProvider().get(384),
-                            true,
-                            "202122232425262728292A2B2C2D2E2F",
-                            256,
-                            new String[]
-                                {
-                                    "EAE6BCE781807E524D26605EA198077932D01EEB445B9AC6C5D99C101D29F46E",
-                                    "738E99C95AF59519AAD37FF3D5180986ADEBAB6E95836725097E50A8D1D0BD28"
-                                }
-                        )
-                .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F")
-                .addAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F")
-                .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECF"),
-                new DRBGTestVector(
-                            new AESFastEngine(), 256,
-                            new Bit384EntropyProvider().get(384),
-                            true,
-                            "202122232425262728292A2B2C2D2E2F",
-                            256,
-                            new String[]
-                                {
-                                    "eae6bce781807e524d26605ea198077932d01eeb445b9ac6c5d99c101d29f46e30b27377",
-                                    "ec51b55b49904c3ff9e13939f1cf27398993e1b3acb2b0be0be8761261428f0aa8ba2657"
-                                }
-                        )
-                .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F")
-                .addAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F")
-                .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECF")
-            };
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        DRBGTestVector[] tests = createTestVectorData();
-
-        for (int i = 0; i != tests.length; i++)
-        {
-            DRBGTestVector tv = tests[i];
-
-            byte[] nonce = tv.nonce();
-            byte[] personalisationString = tv.personalizationString();
-
-            SP80090DRBG d = new CTRSP800DRBG(tv.getCipher(), tv.keySizeInBits(), tv.securityStrength(), tv.entropySource(), personalisationString, nonce);
-
-            byte[] output = new byte[tv.expectedValue(0).length];
-
-            d.generate(output, tv.additionalInput(0), tv.predictionResistance());
-
-            byte[] expected = tv.expectedValue(0);
-
-            if (!areEqual(expected, output))
-            {
-                fail("Test #" + (i + 1) + ".1 failed, expected " + new String(Hex.encode(tv.expectedValue(0))) + " got " + new String(Hex.encode(output)));
-            }
-
-            output = new byte[tv.expectedValue(0).length];
-
-            d.generate(output, tv.additionalInput(1), tv.predictionResistance());
-
-            expected = tv.expectedValue(1);
-            if (!areEqual(expected, output))
-            {
-                fail("Test #" + (i + 1) + ".2 failed, expected " + new String(Hex.encode(tv.expectedValue(1))) + " got " + new String(Hex.encode(output)));
-            }
-        }
-
-        // DESede/TDEA key parity test
-        DRBGTestVector tv = tests[0];
-
-        SP80090DRBG drbg = new CTRSP800DRBG(new KeyParityCipher(tv.getCipher()), tv.keySizeInBits(), tv.securityStrength(), tv.entropySource(), tv.personalizationString(), tv.nonce());
-
-        byte[] output = new byte[tv.expectedValue(0).length];
-
-        drbg.generate(output, tv.additionalInput(0), tv.predictionResistance());
-
-        // Exception tests
-        SP80090DRBG d;
-        try
-        {
-            d = new CTRSP800DRBG(new AESEngine(), 256, 256, new Bit232EntropyProvider().get(128), null, null);
-            fail("no exception thrown");
-        }
-        catch (IllegalArgumentException e)
-        {
-            if (!e.getMessage().equals("Not enough entropy for security strength required"))
-            {
-                fail("Wrong exception", e);
-            }
-        }
-
-        try
-        {
-            d = new CTRSP800DRBG(new DESedeEngine(), 256, 256, new Bit232EntropyProvider().get(232), null, null);
-            fail("no exception thrown");
-        }
-        catch (IllegalArgumentException e)
-        {
-            if (!e.getMessage().equals("Requested security strength is not supported by block cipher and key size"))
-            {
-                fail("Wrong exception", e);
-            }
-        }
-
-        try
-        {
-            d = new CTRSP800DRBG(new DESedeEngine(), 168, 256, new Bit232EntropyProvider().get(232), null, null);
-            fail("no exception thrown");
-        }
-        catch (IllegalArgumentException e)
-        {
-            if (!e.getMessage().equals("Requested security strength is not supported by block cipher and key size"))
-            {
-                fail("Wrong exception", e);
-            }
-        }
-
-        try
-        {
-            d = new CTRSP800DRBG(new AESEngine(), 192, 256, new Bit232EntropyProvider().get(232), null, null);
-            fail("no exception thrown");
-        }
-        catch (IllegalArgumentException e)
-        {
-            if (!e.getMessage().equals("Requested security strength is not supported by block cipher and key size"))
-            {
-                fail("Wrong exception", e);
-            }
-        }
-    }
-
-    private class Bit232EntropyProvider
-        extends TestEntropySourceProvider
-    {
-        Bit232EntropyProvider()
-        {
-            super(Hex.decode(
-               "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C" +
-               "808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C" +
-               "C0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDC"), true);
-        }
-    }
-
-    private class Bit256EntropyProvider
-        extends TestEntropySourceProvider
-    {
-        Bit256EntropyProvider()
-        {
-            super(Hex.decode(
-                "0001020304050607"+
-                "08090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"+
-                "8081828384858687"+
-                "88898A8B8C8D8E8F909192939495969798999A9B9C9D9E9F"+
-                "C0C1C2C3C4C5C6C7"+
-                "C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDF"), true);
-        }
-    }
-
-    private class Bit320EntropyProvider
-        extends TestEntropySourceProvider
-    {
-        Bit320EntropyProvider()
-        {
-            super(Hex.decode(
-            "000102030405060708090A0B0C0D0E0F"+
-            "101112131415161718191A1B1C1D1E1F2021222324252627"+
-            "808182838485868788898A8B8C8D8E8F"+
-            "909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7"+
-            "C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF"+
-            "D0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7"), true);
-        }
-    }
-
-    private class Bit384EntropyProvider
-        extends TestEntropySourceProvider
-    {
-        Bit384EntropyProvider()
-        {
-            super(Hex.decode(
-            "000102030405060708090A0B0C0D0E0F1011121314151617" +
-            "18191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F" +
-            "808182838485868788898A8B8C8D8E8F9091929394959697" +
-            "98999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAF" +
-            "C0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7" +
-            "D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEF"), true);
-        }
-    }
-
-    private class KeyParityCipher
-        implements BlockCipher
-    {
-        private BlockCipher cipher;
-
-        KeyParityCipher(BlockCipher cipher)
-        {
-            this.cipher = cipher;
-        }
-
-        public void init(boolean forEncryption, CipherParameters params)
-            throws IllegalArgumentException
-        {
-            byte[] k = Arrays.clone(((KeyParameter)params).getKey());
-
-            DESedeParameters.setOddParity(k);
-
-            if (!Arrays.areEqual(((KeyParameter)params).getKey(), k))
-            {
-                fail("key not odd parity");
-            }
-
-            cipher.init(forEncryption, params);
-        }
-
-        public String getAlgorithmName()
-        {
-            return cipher.getAlgorithmName();
-        }
-
-        public int getBlockSize()
-        {
-            return cipher.getBlockSize();
-        }
-
-        public int processBlock(byte[] in, int inOff, byte[] out, int outOff)
-            throws DataLengthException, IllegalStateException
-        {
-            return cipher.processBlock(in, inOff, out, outOff);
-        }
-
-        public void reset()
-        {
-            cipher.reset();
-        }
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/DRBGTestVector.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/DRBGTestVector.java
deleted file mode 100644
index dd6801c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/DRBGTestVector.java
+++ /dev/null

@@ -1,131 +0,0 @@
-package org.bouncycastle.crypto.prng.test;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.prng.EntropySource;
-import org.bouncycastle.util.encoders.Hex;
-
-public class DRBGTestVector
-{
-        private Digest _digest;
-        private BlockCipher _cipher;
-        private int _keySizeInBits;
-        private EntropySource _eSource;
-        private boolean _pr;
-        private String _nonce;
-        private String _personalisation;
-        private int _ss;
-        private String[] _ev;
-        private List _ai = new ArrayList();
-
-        public DRBGTestVector(Digest digest, EntropySource eSource, boolean predictionResistance, String nonce, int securityStrength, String[] expected)
-        {
-            _digest = digest;
-            _eSource = eSource;
-            _pr = predictionResistance;
-            _nonce = nonce;
-            _ss = securityStrength;
-            _ev = expected;
-            _personalisation = null;
-        }
-
-        public DRBGTestVector(BlockCipher cipher, int keySizeInBits, EntropySource eSource, boolean predictionResistance, String nonce, int securityStrength, String[] expected)
-        {
-            _cipher = cipher;
-            _keySizeInBits = keySizeInBits;
-            _eSource = eSource;
-            _pr = predictionResistance;
-            _nonce = nonce;
-            _ss = securityStrength;
-            _ev = expected;
-            _personalisation = null;
-        }
-
-        public Digest getDigest()
-        {
-            return _digest;
-        }
-
-        public BlockCipher getCipher()
-        {
-            return _cipher;
-        }
-
-        public int keySizeInBits()
-        {
-            return _keySizeInBits;
-        }
-
-        public DRBGTestVector addAdditionalInput(String input)
-        {
-            _ai.add(input);
-
-            return this;
-        }
-
-        public DRBGTestVector setPersonalizationString(String p)
-        {
-            _personalisation = p;
-
-            return this;
-        }
-
-        public EntropySource entropySource()
-        {
-            return _eSource;
-        }
-
-        public boolean predictionResistance()
-        {
-            return _pr;
-        }
-
-        public byte[] nonce()
-        {
-            if (_nonce == null)
-            {
-                return null;
-            }
-
-            return Hex.decode(_nonce);
-        }
-
-        public byte[] personalizationString()
-        {
-            if (_personalisation == null)
-            {
-                return null;
-            }
-
-            return Hex.decode(_personalisation);
-        }
-
-        public int securityStrength()
-        {
-            return _ss;
-        }
-
-        public byte[] expectedValue(int index)
-        {
-            return Hex.decode(_ev[index]);
-        }
-
-        public byte[] additionalInput(int position)
-        {
-            int len = _ai.size();
-            byte[] rv;
-            if (position >= len)
-            {
-                rv = null;
-            }
-            else
-            {
-                rv = Hex.decode((String)(_ai.get(position)));
-            }
-            return rv;
-        }
-
-    }

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/DualECDRBGTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/DualECDRBGTest.java
deleted file mode 100644
index d6c2630..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/DualECDRBGTest.java
+++ /dev/null

@@ -1,415 +0,0 @@
-package org.bouncycastle.crypto.prng.test;
-
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA384Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.prng.drbg.DualECSP800DRBG;
-import org.bouncycastle.crypto.prng.drbg.SP80090DRBG;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Dual EC SP800-90 DRBG test
- */
-public class DualECDRBGTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "DualECDRBG";
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new DualECDRBGTest());
-    }
-
-    private DRBGTestVector[] createTestVectorData()
-    {
-        return new DRBGTestVector[]
-            {
-                new DRBGTestVector(
-                    new SHA256Digest(),
-                    new SHA256EntropyProvider().get(128),
-                    false,
-                    "2021222324252627",
-                    128,
-                    new String[]
-                        {
-                            "FF5163C388F791E96F1052D5C8F0BD6FBF7144839C4890FF85487C5C12702E4C9849AF518AE68DEB14D3A62702BBDE4B98AB211765FD87ACA12FC2A6",
-                            "9A0A11F2DFB88F7260559DD8DA6134EB2B34CC0415FA8FD0474DB6B85E1A08385F41B435DF81296B1B4EDF66E0107C0844E3D28A89B05046B89177F2"
-                        }),
-                new DRBGTestVector(
-                    new SHA256Digest(),
-                    new SHA256EntropyProvider().get(128),
-                    false,
-                    "2021222324252627",
-                    128,
-                    new String[]
-                        {
-                            "C08E954FCD486D0B0934A0236692AC705A835D1A3C94D2ACD4684AB26E978D7D42E73CC06D6EC1472C63E51BED7F71518395836E2052BBD73A20CABB",
-                            "1D76DEE36FCC5F9478C112EAFA1C4CCD0635435A6F3A247A3BA3849790B5245070E95C1A67BE7A39BFB213F2C0EFCC171A3253DA6D54DA4362EA2099"
-                        })
-                .addAdditionalInput("606162636465666768696A6B6C6D6E6F")
-                .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAF"),
-                new DRBGTestVector(
-                    new SHA256Digest(),
-                    new SHA256EntropyProvider().get(128),
-                    false,
-                    "2021222324252627",
-                    128,
-                    new String[]
-                        {
-                            "3AB095CC493A8730D70DE923108B2E4710799044FFC27D0A1156250DDF97E8B05ACE055E49F3E3F5B928CCD18317A3E68FCB0B6F0459ADF9ECF79C87",
-                            "7B902FC35B0AF50F57F8822936D08A96E41B16967C6B1AA0BC05032F0D53919DC587B664C883E2FE8F3948002FCD8BCBFC4706BCAA2075EF6BF41167"
-                        })
-                .setPersonalizationString("404142434445464748494A4B4C4D4E4F"),
-                new DRBGTestVector(
-                    new SHA256Digest(),
-                    new SHA256EntropyProvider().get(128),
-                    false,
-                    "2021222324252627",
-                    128,
-                    new String[]
-                        {
-                            "3B68A1D95ED0312150AC1991189780F37EC50E75249F915CD806BBA0C44F9E3A919B2390805E1E90C1D2D1C823B17B96DB44535B72E0CFB62723529D",
-                            "250B933475E3BD4FC85D97FD797834B599DEDEDF8B6F15474E1F31B4AF215CFA7A8C0A0296A2E374B3886BB0CC7E49DBB19324564B451E64F12864F9"
-                        })
-                .setPersonalizationString("404142434445464748494A4B4C4D4E4F")
-                .addAdditionalInput("606162636465666768696A6B6C6D6E6F")
-                .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAF"),
-                new DRBGTestVector(
-                    new SHA256Digest(),
-                    new SHA256EntropyProvider().get(128),
-                    true,
-                    "2021222324252627",
-                    128,
-                    new String[]
-                        {
-                            "8C77288EDBEA9A742464F78D55E33593C1BF5F9D8CD8609D6D53BAC4E4B42252A227A99BAD0F2358B05955CD35723B549401C71C9C1F32F8A2018E24",
-                            "56ECA61C64F69C1C232E992623C71418BD0B96D783118FAAD94A09E3A9DB74D15E805BA7F14625995CA77612B2EF7A05863699ECBABF70D3D422C014"
-                        }),
-                new DRBGTestVector(
-                    new SHA256Digest(),
-                    new SHA256EntropyProvider().get(128),
-                    true,
-                    "2021222324252627",
-                    128,
-                    new String[]
-                        {
-                            "A5C397DFEB540E86F0470E9625D5C5AC2D50016FB201E8DF574F2201DFBB42A799FEB9E238AAD301A493382250EEE60D2E2927E500E848E57535ABD1",
-                            "BF9894630BEBAF0A0EDFE726285EB055FD2ED678B76673803DD327F49DBEDE87D3E447A6EB73B5D5C52A40078132677F412E9E7DE32B9B1CB32421B9"
-                        })
-                    .addAdditionalInput("606162636465666768696A6B6C6D6E6F")
-                    .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAF"),
-                new DRBGTestVector(
-                    new SHA384Digest(),
-                    new SHA384EntropyProvider().get(192),
-                    false,
-                    "202122232425262728292A2B",
-                    192,
-                    new String[]
-                        {
-                            "1F858858B65357D6360E1ED8F8475767B08DAB30718CCA01C6FAE77A4BDCE2702C76D0FB4758EA1ED6AA587CFD26B9011DC8A75D0B4154193BB2C1798FFA52BCAB208310" +
-                            "3CD2AAD44BEED56D042FC2B8915D7D9BED6437EFEB1582EE",
-                            "6E4AAB63938212C870F24BB067A32CA9E7FC2343" +
-                            "5D411729268C8BA6F90E87074D04888CE2CC5A916B7AC93F" +
-                            "EDE85E2995645DFCC4CE44B9FB41F1BFCC5E9F59EE3A8E1B" +
-                            "8F85247F741B7C480521EE6BF8BA319B59048E65F08FAA76"
-                        }),
-                new DRBGTestVector(
-                    new SHA384Digest(),
-                    new SHA384EntropyProvider().get(192),
-                    false,
-                    "202122232425262728292A2B",
-                    192,
-                    new String[]
-                        {
-                            "E6A30AB0C9AFCBA673E4F1C94B3DB1F0C7D78B3D" +
-                            "87B967281BE1E7B3CAF5200AED502C26B84FC169FE8336BD" +
-                            "23271CB299812F2CF1955AA63FC362044ABA246EF1610F9E" +
-                            "DC613924A84A00F8DB3FC65C13373F3171EB20848FA9A70E",
-                            "8585764DF1C86EA12ACCB882525BF6217B447486" +
-                            "5EBFDA367B8657FA80471139BAC626172B9F219DF2CE9099" +
-                            "F65833E07CD1A8DD80468779EA3C26620A2C9C9F5C7EFCDD" +
-                            "C036E6F6C8BF70316D3C37FC246A4CC79B3F1DB971D72ED0"
-                        })
-                .setPersonalizationString("404142434445464748494A4B4C4D4E4F5051525354555657"),
-                new DRBGTestVector(
-                    new SHA384Digest(),
-                    new SHA384EntropyProvider().get(192),
-                    false,
-                    "202122232425262728292A2B",
-                    192,
-                    new String[]
-                        {
-                            "13F6EA9BBA7BABDC2A52A3B9FD73D65ECAA638A0" +
-                            "4C74BCCA2ACDE6FD29FEA4B5D884E095E87D1B7C0DEB9D37" +
-                            "7AD81FBFEEA2D5EF82C0F6F52B9FCC359E769AC9DF2A876C" +
-                            "58BAF21657814F3E66D1680B1D4EBD65581E42534F85197D",
-                            "FC0A36F4D20F8F83BE3430AA3C36A49191821A82" +
-                            "072BBC3D5AFF8D7EC39484D646277CE87599B6FE8CCA9862" +
-                            "559703A10F4DE1066BFD30B80C325E774B512525BC6D3734" +
-                            "4C93906368243D31F89E99C4D2A6E9BEB24D5F7267360DCA"
-                        })
-                .setPersonalizationString("404142434445464748494A4B4C4D4E4F5051525354555657")
-                .addAdditionalInput("606162636465666768696A6B6C6D6E6F7071727374757677")
-                .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7"),
-                new DRBGTestVector(
-                    new SHA384Digest(),
-                    new SHA384EntropyProvider().get(192),
-                    true,
-                    "202122232425262728292A2B",
-                    192,
-                    new String[]
-                        {
-                            "FE55601BF734493013705CCEB76E44AAD48373F7" +
-                            "42E72B83D4701FA6549255F1CDE6217953522FF973BA4F6E" +
-                            "C96D2BDCF14A76BE7DEB61781E34B99335BD714F17C91739" +
-                            "B4E2AB57E36E9C3116E215D3D94FCFAD532636874875CAC7",
-                            "F5E59D0ABADE81F62FFAB9D4A6A26FF200016608" +
-                            "A7215E389858FFED83FBC75CFD33DBA6688C89AA32AD22E4" +
-                            "80EA3D04EADFB35567B67564207E64B77844E8E4A87502D5" +
-                            "02DBBB6D8277F1CACDB7CF8D293D09DB7DD59A950821507A"
-                        })
-                .addAdditionalInput("606162636465666768696A6B6C6D6E6F7071727374757677")
-                .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7"),
-                new DRBGTestVector(
-                    new SHA384Digest(),
-                    new SHA384EntropyProvider().get(192),
-                    true,
-                    "202122232425262728292A2B",
-                    192,
-                    new String[]
-                        {
-                            "CC788F70FB08F256D9604333630D85936D400F45" +
-                            "718DC3F939A8B9F6F75D3E4EC17D68FBB924AEACB7021295" +
-                            "48FA63CE9BCB82176639B64DE890A47025B5582312FE934E" +
-                            "F0D0A12697C0F05D2DA108CCADB511BA0EB62F4051BB2354",
-                            "2C922EA620D76E4137B315EBC29E518F80951B3F" +
-                            "0E6173FA2BFD94A230EE513EE2E4EB330D802F620DD24911" +
-                            "534EC0F95A1F1D44A2125F5D57476A666FC372092B55D0D6" +
-                            "8B49738F5BC466EC206AB3CF6A972B38BCFAE5FCD53C7E21 "
-                        }),
-                new DRBGTestVector(
-                    new SHA512Digest(),
-                    new SHA512EntropyProvider().get(256),
-                    false,
-                    "202122232425262728292A2B2C2D2E2F",
-                    256,
-                    new String[]
-                        {
-                            "7A8313798EE1" +
-                            "D1898712683F2D0B0DEE5804146ABA64FDA8DB4E539CC8D1" +
-                            "E59C74EE5AA48E73E958C8EC85DD529D42E68B4F7E02FFAF" +
-                            "3E3EF8312AEA68BC08A414885E60A7DF0B55F9D90210B319" +
-                            "E9B8FD23E078A4153636F29AA3CAC8198CB1D5D846151653" +
-                            "ECE275A591089261238014E5058410065AB8229EB9115E8E",
-                            "918B5D79E646" +
-                            "64966D954BC5E2946BF48F061BF0C2701C3C2D1F75EA821E" +
-                            "1DA05D5B3C2C4EEA246E806B53BF6BDB3F3D53A3AE756C2A" +
-                            "45C72603973A3DE1BC367C283CA124A5589CEAB30E5D2D74" +
-                            "8A40DD874FF15B032CF4F4B2AAD590B0DB91A0D38FCE93C5" +
-                            "AAD4E55AC482F86FF06FAE66B7C7CCA7E45557E1A5A3B85D"
-                        }),
-                new DRBGTestVector(
-                    new SHA512Digest(),
-                    new SHA512EntropyProvider().get(256),
-                    true,
-                    "202122232425262728292A2B2C2D2E2F",
-                    256,
-                    new String[]
-                        {
-                            "C7ED88A2C690" +
-                            "1C04802BA2BB04262921B19664835A4A3C002CB9F13E35E3" +
-                            "DEB3698A436BF1C85B070E9E6977CA78A5130905AA0C01A9" +
-                            "4130F5133DF904A4ACF59A7DD01227E8FCA1C8D51F093839" +
-                            "46ECD950113104760D7E216CAF581FE9D3AACE6FC4CDDC4C" +
-                            "CD736D26A60BE8BE2A6A78CD752D1EC7CCC802638B177307",
-                            "83B78B206785" +
-                            "4412EEB24AEA86064D510C68FD96DBF94EAC1BC2022752D7" +
-                            "558AEB9F97B9CBC1B9648FE4D88E2C82A6F530675E1DB92D" +
-                            "396D6D85BDAD2A23CBD10AD808ECCCFBFC811EB68AE835E4" +
-                            "912E011DD10A4399C8DE2D9D88F81B6168B05D282B9DAC1E" +
-                            "65E0A45F61043E1FA047870DD582295E6C50DD1185B13594 "
-                        })
-                .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F")
-                .addAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F")
-                .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF"),
-                new DRBGTestVector(
-                    new SHA512Digest(),
-                    new SHA512EntropyProvider().get(256),
-                    true,
-                    "202122232425262728292A2B2C2D2E2F",
-                    256,
-                    new String[]
-                        {
-                            "CC7035C73040" +
-                            "5CF5DF7137ED9E10744B75B540AFFC68EB564B71C0F737E8" +
-                            "F656B6171940497FA90D8F383EFB6FC6717BA14AAA164EF5" +
-                            "6641C0F513312551DCD21D0A5B0DBDCD97F627E968DFD752" +
-                            "56C11CF2BCCA5822EAACE796A34CB7D2F8CD8CC6DBE76274" +
-                            "498289BBC4C2F1CADA6185D82605CF992EC285BC4945EE9E",
-                            "0E6C329AD1BE" +
-                            "681EB1E6F5E03A89E3D80153D6CCDD5A3ECF865003EE4A2D" +
-                            "E5A23B7F43681361CFAFC3A3FEF17777E75CF9D6685573C8" +
-                            "87A3962CB955076D45D6F1E45EE4B8CB31A4731CDA031FA2" +
-                            "815B6D34E29F2603526CE186576F4CCA3FEDF7F8ACDB37C9" +
-                            "9D762706ABE4967D44739C8CFCFCC76C58B1ED243AC394C0"
-                        }),
-                // From http://csrc.nist.gov/groups/STM/cavp/documents/drbg/drbgtestvectors.zip
-                // modified to test partial block processing.
-                new DRBGTestVector(
-                    new SHA256Digest(),
-                    new TestEntropySourceProvider(Hex.decode("a826f1cd3fa24b9e71c316e5bf2bafff"), false).get(128),
-                    false,
-                    "82bc3bf050614b34",
-                    128,
-                    new String[]
-                        {
-                            "14949b876e30f832331f59f2e687350bea9ba22b78549521a70748ca916c74ebff0b638266aa" +
-                            "d81e089545eb60bfe332f7d134d91ed3c104f975fae0f71391add71e3380a725251ed5552a84" +
-                            "650637eddfc88b5ab26311277cbc429aa152b2cfac61c67846512d7564114177a622f25e870a" +
-                            "acec37c0977d",
-                            "7050bf74a887809673ecd295071f7a457d1e2e227f68ef4b4445e34f3904b95d4833180ee522" +
-                            "104bfc996234063e2c76173937b883c66b0e64a56643877228cad5212cddbf839270ef80889b" +
-                            "c83424c141c2419f2231004c8860f8fd95435e2c9f8ac7409fcbfb6a74851fadc7d99bf5d68b" +
-                            "591892f0e3a1"
-                        }),
-                new DRBGTestVector(
-                    new SHA256Digest(),
-                    new TestEntropySourceProvider(Hex.decode("a826f1cd3fa24b9e71c316e5bf2bafff"), false).get(128),
-                    false,
-                    "82bc3bf050614b34",
-                    128,
-                    new String[]
-                        {
-                            "14949b876e30f832331f59f2e687350bea9ba22b78549521a70748ca916c74ebff0b638266aa" +
-                            "d81e089545eb60bfe332f7d134d91ed3c104f975fae0f71391add71e3380a725251ed5552a84" +
-                            "650637eddfc88b5ab26311277cbc429aa152b2cfac61c67846512d7564114177a622f25e870a" +
-                            "acec37c0977d",
-                            "7050bf74a887809673ecd295071f7a457d1e2e227f68ef4b4445e34f3904b95d4833180ee522" +
-                            "104bfc996234063e2c76173937b883c66b0e64a56643877228cad5212cddbf839270ef80889b" +
-                            "c83424c141c2419f2231004c8860f8fd95435e2c9f8ac7409fcbfb6a74851fadc7d99bf5d68b" +
-                            "591892f0e3"
-                        })
-            };
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        DRBGTestVector[] tests = createTestVectorData();
-
-        for (int i = 0; i != tests.length; i++)
-        {
-            DRBGTestVector tv = tests[i];
-
-            byte[] nonce = tv.nonce();
-            byte[] personalisationString = tv.personalizationString();
-
-            SP80090DRBG d = new DualECSP800DRBG(tv.getDigest(), tv.securityStrength(), tv.entropySource(), personalisationString, nonce);
-
-            byte[] output = new byte[tv.expectedValue(0).length];
-
-            d.generate(output, tv.additionalInput(0), tv.predictionResistance());
-
-            byte[] expected = tv.expectedValue(0);
-
-            if (!areEqual(expected, output))
-            {
-                fail("Test #" + (i + 1) + ".1 failed, expected " + new String(Hex.encode(tv.expectedValue(0))) + " got " + new String(Hex.encode(output)));
-            }
-
-            output = new byte[tv.expectedValue(1).length];
-
-            d.generate(output, tv.additionalInput(1), tv.predictionResistance());
-
-            expected = tv.expectedValue(1);
-            if (!areEqual(expected, output))
-            {
-                fail("Test #" + (i + 1) + ".2 failed, expected " + new String(Hex.encode(tv.expectedValue(1))) + " got " + new String(Hex.encode(output)));
-            }
-        }
-
-        // Exception tests
-        //
-        SP80090DRBG d;
-
-        try
-        {
-            d = new DualECSP800DRBG(new SHA256Digest(), 256, new SHA256EntropyProvider().get(128), null, null);
-            fail("no exception thrown");
-        }
-        catch (IllegalArgumentException e)
-        {
-            if (!e.getMessage().equals("EntropySource must provide between 256 and 4096 bits"))
-            {
-                fail("Wrong exception", e);
-            }
-        }
-
-        try
-        {
-            d = new DualECSP800DRBG(new SHA256Digest(), 256, new SHA256EntropyProvider().get(1 << (13 - 1) + 1), null, null);
-            fail("no exception thrown");
-        }
-        catch (IllegalArgumentException e)
-        {
-            if (!e.getMessage().equals("EntropySource must provide between 256 and 4096 bits"))
-            {
-                fail("Wrong exception", e);
-            }
-        }
-
-        try
-        {
-            d = new DualECSP800DRBG(new SHA1Digest(), 256, new SHA256EntropyProvider().get(256), null, null);
-            fail("no exception thrown");
-        }
-        catch (IllegalArgumentException e)
-        {
-            if (!e.getMessage().equals("Requested security strength is not supported by digest"))
-            {
-                fail("Wrong exception", e);
-            }
-        }
-    }
-
-    private class SHA256EntropyProvider
-        extends TestEntropySourceProvider
-    {
-        SHA256EntropyProvider()
-        {
-            super(Hex.decode(
-                "000102030405060708090A0B0C0D0E0F " +
-                    "808182838485868788898A8B8C8D8E8F" +
-                    "C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF"), true);
-        }
-    }
-
-    private class SHA384EntropyProvider
-        extends TestEntropySourceProvider
-    {
-        SHA384EntropyProvider()
-        {
-            super(Hex.decode(
-                "000102030405060708090A0B0C0D0E0F1011121314151617" +
-                "808182838485868788898A8B8C8D8E8F9091929394959697" +
-                "C0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7"), true);
-        }
-    }
-
-    private class SHA512EntropyProvider
-        extends TestEntropySourceProvider
-    {
-        SHA512EntropyProvider()
-        {
-            super(Hex.decode(
-                "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F" +
-                "808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9F" +
-                "C0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDF"), true);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/FixedSecureRandomTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/FixedSecureRandomTest.java
deleted file mode 100644
index 24fc238..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/FixedSecureRandomTest.java
+++ /dev/null

@@ -1,68 +0,0 @@
-package org.bouncycastle.crypto.prng.test;
-
-import org.bouncycastle.crypto.prng.FixedSecureRandom;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class FixedSecureRandomTest
-    extends SimpleTest
-{
-    byte[]  base = Hex.decode("deadbeefdeadbeef");
-    byte[]  r1 = Hex.decode("cafebabecafebabe");
-    byte[]  r2 = Hex.decode("ffffffffcafebabedeadbeef");
-
-    public String getName()
-    {
-        return "FixedSecureRandom";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        FixedSecureRandom fixed = new FixedSecureRandom(base);
-        byte[]       buf = new byte[8];
-
-        fixed.nextBytes(buf);
-
-        if (!Arrays.areEqual(buf, base))
-        {
-            fail("wrong data returned");
-        }
-
-        fixed = new FixedSecureRandom(base);
-
-        byte[] seed = fixed.generateSeed(8);
-
-        if (!Arrays.areEqual(seed, base))
-        {
-            fail("wrong seed data returned");
-        }
-
-        if (!fixed.isExhausted())
-        {
-            fail("not exhausted");
-        }
-
-        fixed = new FixedSecureRandom(new byte[][] { r1, r2 });
-
-        seed = fixed.generateSeed(12);
-
-        if (!Arrays.areEqual(seed, Hex.decode("cafebabecafebabeffffffff")))
-        {
-            fail("wrong seed data returned - composite");
-        }
-
-        fixed.nextBytes(buf);
-
-        if (!Arrays.areEqual(buf, Hex.decode("cafebabedeadbeef")))
-        {
-            fail("wrong data returned");
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new FixedSecureRandomTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/HMacDRBGTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/HMacDRBGTest.java
deleted file mode 100644
index add77d5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/HMacDRBGTest.java
+++ /dev/null

@@ -1,508 +0,0 @@
-package org.bouncycastle.crypto.prng.test;
-
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA384Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.prng.drbg.HMacSP800DRBG;
-import org.bouncycastle.crypto.prng.drbg.SP80090DRBG;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * HMAC SP800-90 DRBG
- */
-public class HMacDRBGTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "HMacDRBG";
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new HMacDRBGTest());
-    }
-
-    private DRBGTestVector[] createTestVectorData()
-    {
-        return new DRBGTestVector[]
-            {
-                new DRBGTestVector(
-                    new SHA1Digest(),
-                    new SHA1EntropyProvider().get(440),
-                    false,
-                    "2021222324",
-                    80,
-                    new String[]
-                        {
-                            "5A7D3B449F481CB38DF79AD2B1FCC01E57F8135E8C0B22CD0630BFB0127FB5408C8EFC17A929896E",
-                            "82cf772ec3e84b00fc74f5df104efbfb2428554e9ce367d03aeade37827fa8e9cb6a08196115d948"
-                        }),
-                new DRBGTestVector(
-                    new SHA1Digest(),
-                    new SHA1EntropyProvider().get(440),
-                    false,
-                    "2021222324",
-                    80,
-                    new String[]
-                        {
-                            "B3BD05246CBA12A64735A4E3FDE599BC1BE30F439BD060208EEA7D71F9D123DF47B3CE069D98EDE6",
-                            "B5DADA380E2872DF935BCA55B882C8C9376902AB639765472B71ACEBE2EA8B1B6B49629CB67317E0"
-                        })
-                .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F70717273747576"),
-                new DRBGTestVector(
-                    new SHA1Digest(),
-                    new SHA1EntropyProvider().get(440),
-                    false,
-                    "2021222324",
-                    80,
-                    new String[]
-                        {
-                            "C7AAAC583C6EF6300714C2CC5D06C148CFFB40449AD0BB26FAC0497B5C57E161E36681BCC930CE80",
-                            "6EBD2B7B5E0A2AD7A24B1BF9A1DBA47D43271719B9C37B7FE81BA94045A14A7CB514B446666EA5A7"
-                        })
-                .addAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F90919293949596")
-                .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6"),
-                new DRBGTestVector(
-                    new SHA1Digest(),
-                    new SHA1EntropyProvider().get(440),
-                    true,
-                    "2021222324",
-                    80,
-                    new String[]
-                        {
-                            "FEC4597F06A3A8CC8529D59557B9E661053809C0BC0EFC282ABD87605CC90CBA9B8633DCB1DAE02E",
-                            "84ADD5E2D2041C01723A4DE4335B13EFDF16B0E51A0AD39BD15E862E644F31E4A2D7D843E57C5968"
-                        }),
-                new DRBGTestVector(
-                    new SHA1Digest(),
-                    new SHA1EntropyProvider().get(440),
-                    true,
-                    "2021222324",
-                    80,
-                    new String[]
-                        {
-                            "6C37FDD729AA40F80BC6AB08CA7CC649794F6998B57081E4220F22C5C283E2C91B8E305AB869C625",
-                            "CAF57DCFEA393B9236BF691FA456FEA7FDF1DF8361482CA54D5FA723F4C88B4FA504BF03277FA783"
-                        })
-                .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F70717273747576"),
-                new DRBGTestVector(
-                    new SHA1Digest(),
-                    new SHA1EntropyProvider().get(440),
-                    true,
-                    "2021222324",
-                    80,
-                    new String[]
-                        {
-                            "A1BA8FA58BB5013F43F7B6ED52B4539FA16DC77957AEE815B9C07004C7E992EB8C7E591964AFEEA2",
-                            "84264A73A818C95C2F424B37D3CC990B046FB50C2DC64A164211889A010F2471A0912FFEA1BF0195"
-                        })
-                    .addAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F90919293949596")
-                    .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6"),
-                new DRBGTestVector(
-                    new SHA256Digest(),
-                    new SHA256EntropyProvider().get(440),
-                    false,
-                    "2021222324252627",
-                    128,
-                    new String[]
-                        {
-                            "D67B8C1734F46FA3F763CF57C6F9F4F2" +
-                                "DC1089BD8BC1F6F023950BFC5617635208C8501238AD7A44" +
-                                "00DEFEE46C640B61AF77C2D1A3BFAA90EDE5D207406E5403",
-                            "8FDAEC20F8B421407059E3588920DA7E" +
-                                "DA9DCE3CF8274DFA1C59C108C1D0AA9B0FA38DA5C792037C" +
-                                "4D33CD070CA7CD0C5608DBA8B885654639DE2187B74CB263"
-                        }),
-                new DRBGTestVector(
-                    new SHA256Digest(),
-                    new SHA256EntropyProvider().get(440),
-                    true,
-                    "2021222324252627",
-                    128,
-                    new String[]
-                        {
-                            "FABD0AE25C69DC2EFDEFB7F20C5A31B5" +
-                            "7AC938AB771AA19BF8F5F1468F665C938C9A1A5DF0628A56" +
-                            "90F15A1AD8A613F31BBD65EEAD5457D5D26947F29FE91AA7",
-                            "6BD925B0E1C232EFD67CCD84F722E927" +
-                            "ECB46AB2B740014777AF14BA0BBF53A45BDBB62B3F7D0B9C" +
-                            "8EEAD057C0EC754EF8B53E60A1F434F05946A8B686AFBC7A"
-                        }),
-                new DRBGTestVector(
-                    new SHA384Digest(),
-                    new SHA384EntropyProvider().get(888),
-                    false,
-                    "202122232425262728292A2B",
-                    192,
-                    new String[]{
-                        "03AB8BCE4D1DBBB636C5C5B7E1C58499FEB1C619CDD11D35" +
-                        "CD6CF6BB8F20EF27B6F5F9054FF900DB9EBF7BF30ED4DCBB" +
-                        "BC8D5B51C965EA226FFEE2CA5AB2EFD00754DC32F357BF7A" +
-                        "E42275E0F7704DC44E50A5220AD05AB698A22640AC634829",
-                        "B907E77144FD55A54E9BA1A6A0EED0AAC780020C41A15DD8" +
-                        "9A6C163830BA1D094E6A17100FF71EE30A96E1EE04D2A966" +
-                        "03832A4E404F1966C2B5F4CB61B9927E8D12AC1E1A24CF23" +
-                        "88C14E8EC96C35181EAEE32AAA46330DEAAFE5E7CE783C74"})
-                    .setPersonalizationString(
-                        "404142434445464748494A4B4C4D4E" +
-                        "4F505152535455565758595A5B5C5D5E5F60616263646566" +
-                        "6768696A6B6C6D6E6F707172737475767778797A7B7C7D7E" +
-                        "7F808182838485868788898A8B8C8D8E8F90919293949596" +
-                        "9798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAE"),
-                new DRBGTestVector(
-                    new SHA384Digest(),
-                    new SHA384EntropyProvider().get(888),
-                    true,
-                    "202122232425262728292A2B",
-                    192,
-                    new String[]{
-                        "804A3AD720F4FCE8738D0632514FEF16430CB7D63A8DF1A5" +
-                        "F02A3CE3BD7ED6A668B69E63E2BB93F096EE753D6194A0F1" +
-                        "A32711063653009636337D22167CC4402D019AC216FA574F" +
-                        "091CF6EA283568D737A77BE38E8F09382C69E76B142ABC3A",
-                        "73B8E55C753202176A17B9B9754A9FE6F23B01861FCD4059" +
-                        "6AEAA301AF1AEF8AF0EAF22FBF34541EFFAB1431666ACACC" +
-                        "759338C7E28672819D53CFEF10A3E19DAFBD53295F1980A9" +
-                        "F491504A2725506784B7AC826D92C838A8668171CAAA86E7"})
-                    .setPersonalizationString(
-                        "404142434445464748494A4B4C4D4E" +
-                            "4F505152535455565758595A5B5C5D5E5F60616263646566" +
-                            "6768696A6B6C6D6E6F707172737475767778797A7B7C7D7E" +
-                            "7F808182838485868788898A8B8C8D8E8F90919293949596" +
-                            "9798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAE"),
-                new DRBGTestVector(
-                    new SHA512Digest(),
-                    new SHA512EntropyProvider().get(888),
-                    false,
-                    "202122232425262728292A2B2C2D2E2F",
-                    256,
-                    new String[]{
-                        "2A5FF6520C20F66E" +
-                            "D5EA431BD4AEAC58F975EEC9A015137D5C94B73AA09CB8B5" +
-                            "9D611DDEECEB34A52BB999424009EB9EAC5353F92A6699D2" +
-                            "0A02164EEBBC6492941E10426323898465DFD731C7E04730" +
-                            "60A5AA8973841FDF3446FB6E72A58DA8BDA2A57A36F3DD98" +
-                            "6DF85C8A5C6FF31CDE660BF8A841B21DD6AA9D3AC356B87B",
-                        "0EDC8D7D7CEEC7FE" +
-                            "36333FB30C0A9A4B27AA0BECBF075568B006C1C3693B1C29" +
-                            "0F84769C213F98EB5880909EDF068FDA6BFC43503987BBBD" +
-                            "4FC23AFBE982FE4B4B007910CC4874EEC217405421C8D8A1" +
-                            "BA87EC684D0AF9A6101D9DB787AE82C3A6A25ED478DF1B12" +
-                            "212CEC325466F3AC7C48A56166DD0B119C8673A1A9D54F67"})
-                    .setPersonalizationString(
-                        "404142434445464748494A4B4C4D4E" +
-                            "4F505152535455565758595A5B5C5D5E5F60616263646566" +
-                            "6768696A6B6C6D6E6F707172737475767778797A7B7C7D7E" +
-                            "7F808182838485868788898A8B8C8D8E8F90919293949596" +
-                            "9798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAE"),
-                new DRBGTestVector(
-                    new SHA512Digest(),
-                    new SHA512EntropyProvider().get(888),
-                    true,
-                    "202122232425262728292A2B2C2D2E2F",
-                    256,
-                    new String[]{
-                        "AAE4DC3C9ECC74D9" +
-                        "061DD527117EF3D29E1E52B26853C539D6CA797E8DA3D0BB" +
-                        "171D8E30B8B194D8C28F7F6BE3B986B88506DC6A01B294A7" +
-                        "165DD1C3470F7BE7B396AA0DB7D50C4051E7C7E1C8A7D21A" +
-                        "2B5878C0BCB163CAA79366E7A1162FDC88429616CD3E6977" +
-                        "8D327520A6BBBF71D8AA2E03EC4A9DAA0E77CF93E1EE30D2 ",
-                        "129FF6D31A23FFBC" +
-                        "870632B35EE477C2280DDD2ECDABEDB900C78418BE2D243B" +
-                        "B9D8E5093ECE7B6BF48638D8F704D134ADDEB7F4E9D5C142" +
-                        "CD05683E72B516486AF24AEC15D61E81E270DD4EBED91B62" +
-                        "12EB8896A6250D5C8BC3A4A12F7E3068FBDF856F47EB23D3" +
-                        "79F82C1EBCD1585FB260B9C0C42625FBCEE68CAD773CD5B1"})
-                .setPersonalizationString(
-                    "404142434445464748494A4B4C4D4E" +
-                        "4F505152535455565758595A5B5C5D5E5F60616263646566" +
-                        "6768696A6B6C6D6E6F707172737475767778797A7B7C7D7E" +
-                        "7F808182838485868788898A8B8C8D8E8F90919293949596" +
-                        "9798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAE"),
-                new DRBGTestVector(
-                    new SHA512Digest(),
-                    new SHA512EntropyProvider().get(888),
-                    false,
-                    "202122232425262728292A2B2C2D2E2F",
-                    256,
-                    new String[]{
-                        "7AE31A2DEC31075F" +
-                        "E5972660C16D22ECC0D415C5693001BE5A468B590BC1AE2C" +
-                        "43F647F8D681AEEA0D87B79B0B4E5D089CA2C9D327534234" +
-                        "0254E6B04690D77A71A294DA9568479EEF8BB2A2110F18B6" +
-                        "22F60F35235DE0E8F9D7E98105D84AA24AF0757AF005DFD5" +
-                        "2FA51DE3F44FCE0C5F3A27FCE8B0F6E4A3F7C7B53CE34A3D",
-                        "D83A8084630F286D" +
-                        "A4DB49B9F6F608C8993F7F1397EA0D6F4A72CF3EF2733A11" +
-                        "AB823C29F2EBDEC3EDE962F93D920A1DB59C84E1E879C29F" +
-                        "5F9995FC3A6A3AF9B587CA7C13EA197D423E81E1D6469942" +
-                        "B6E2CA83A97E91F6B298266AC148A1809776C26AF5E239A5" +
-                        "5A2BEB9E752203A694E1F3FE2B3E6A0C9C314421CDB55FBD "})
-                .setPersonalizationString(
-                    "404142434445464748494A4B4C4D4E" +
-                    "4F505152535455565758595A5B5C5D5E5F60616263646566" +
-                    "6768696A6B6C6D6E6F707172737475767778797A7B7C7D7E" +
-                    "7F808182838485868788898A8B8C8D8E8F90919293949596" +
-                    "9798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAE")
-                .addAdditionalInput(
-                    "606162636465666768696A6B6C6D6E" +
-                    "6F707172737475767778797A7B7C7D7E7F80818283848586" +
-                    "8788898A8B8C8D8E8F909192939495969798999A9B9C9D9E" +
-                    "9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6" +
-                    "B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCE")
-                .addAdditionalInput(
-                    "A0A1A2A3A4A5A6A7A8A9AAABACADAE" +
-                    "AFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6" +
-                    "C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDE" +
-                    "DFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6" +
-                    "F7F8F9FAFBFCFDFEFF000102030405060708090A0B0C0D0E"),
-                new DRBGTestVector(
-                    new SHA512Digest(),
-                    new SHA512EntropyProvider().get(888),
-                    true,
-                    "202122232425262728292A2B2C2D2E2F",
-                    256,
-                    new String[]{
-                        "28FD6060C4F35F4D" +
-                            "317AB2060EE32019E0DAA330F3F5650BBCA57CB67EE6AF1C" +
-                            "6F25D1B01F3601EDA85DC2ED29A9B2BA4C85CF491CE7185F" +
-                            "1A2BD9378AE3C655BD1CEC2EE108AE7FC382989F6D4FEA8A" +
-                            "B01499697C2F07945CE02C5ED617D04287FEAF3BA638A4CE" +
-                            "F3BB6B827E40AF16279580FCF1FDAD830930F7FDE341E2AF",
-                        "C0B1601AFE39338B" +
-                            "58DC2BE7C256AEBE3C21C5A939BEEC7E97B3528AC420F0C6" +
-                            "341847187666E0FF578A8EB0A37809F877365A28DF2FA0F0" +
-                            "6354A6F02496747369375B9A9D6B756FDC4A8FB308E08256" +
-                            "9D79A85BB960F747256626389A3B45B0ABE7ECBC39D5CD7B" +
-                            "2C18DF2E5FDE8C9B8D43474C54B6F9839468445929B438C7"}),
-                new DRBGTestVector(
-                    new SHA512Digest(),
-                    new SHA512EntropyProvider().get(888),
-                    true,
-                    "202122232425262728292A2B2C2D2E2F",
-                    256,
-                    new String[]{
-                        "72691D2103FB567C" +
-                        "CD30370715B36666F63430087B1C688281CA0974DB456BDB" +
-                        "A7EB5C48CFF62EA05F9508F3B530CE995A272B11EC079C13" +
-                        "923EEF8E011A93C19B58CC6716BC7CB8BD886CAA60C14D85" +
-                        "C023348BD77738C475D6C7E1D9BFF4B12C43D8CC73F838DC" +
-                        "4F8BD476CF8328EEB71B3D873D6B7B859C9B21065638FF95",
-                        "8570DA3D47E1E160" +
-                        "5CF3E44B8D328B995EFC64107B6292D1B1036B5F88CE3160" +
-                        "2F12BEB71D801C0942E7C0864B3DB67A9356DB203490D881" +
-                        "24FE86BCE38AC2269B4FDA6ABAA884039DF80A0336A24D79" +
-                        "1EB3067C8F5F0CF0F18DD73B66A7B316FB19E02835CC6293" +
-                        "65FCD1D3BE640178ED9093B91B36E1D68135F2785BFF505C"})
-                .addAdditionalInput(
-                    "606162636465666768696A6B6C6D6E" +
-                    "6F707172737475767778797A7B7C7D7E7F80818283848586" +
-                    "8788898A8B8C8D8E8F909192939495969798999A9B9C9D9E" +
-                    "9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6" +
-                    "B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCE")
-                .addAdditionalInput(
-                    "A0A1A2A3A4A5A6A7A8A9AAABACADAE" +
-                    "AFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6" +
-                    "C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDE" +
-                    "DFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6" +
-                    "F7F8F9FAFBFCFDFEFF000102030405060708090A0B0C0D0E"),
-                new DRBGTestVector(
-                    new SHA512Digest(),
-                    new SHA512EntropyProvider().get(888),
-                    true,
-                    "202122232425262728292A2B2C2D2E2F",
-                    256,
-                    new String[]{
-                        "AAE4DC3C9ECC74D9" +
-                        "061DD527117EF3D29E1E52B26853C539D6CA797E8DA3D0BB" +
-                        "171D8E30B8B194D8C28F7F6BE3B986B88506DC6A01B294A7" +
-                        "165DD1C3470F7BE7B396AA0DB7D50C4051E7C7E1C8A7D21A" +
-                        "2B5878C0BCB163CAA79366E7A1162FDC88429616CD3E6977" +
-                        "8D327520A6BBBF71D8AA2E03EC4A9DAA0E77CF93E1EE30D2 ",
-                        "129FF6D31A23FFBC" +
-                        "870632B35EE477C2280DDD2ECDABEDB900C78418BE2D243B" +
-                        "B9D8E5093ECE7B6BF48638D8F704D134ADDEB7F4E9D5C142" +
-                        "CD05683E72B516486AF24AEC15D61E81E270DD4EBED91B62" +
-                        "12EB8896A6250D5C8BC3A4A12F7E3068FBDF856F47EB23D3" +
-                        "79F82C1EBCD1585FB260B9C0C42625FBCEE68CAD773CD5B1"})
-                .setPersonalizationString(
-                    "404142434445464748494A4B4C4D4E" +
-                        "4F505152535455565758595A5B5C5D5E5F60616263646566" +
-                        "6768696A6B6C6D6E6F707172737475767778797A7B7C7D7E" +
-                        "7F808182838485868788898A8B8C8D8E8F90919293949596" +
-                        "9798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAE"),
-                new DRBGTestVector(
-                    new SHA512Digest(),
-                    new SHA512EntropyProvider().get(888),
-                    true,
-                    "202122232425262728292A2B2C2D2E2F",
-                    256,
-                    new String[]{
-                        "B8E827652175E6E0" +
-                        "6E513C7BE94B5810C14ED94AD903647940CAEB7EE014C848" +
-                        "8DCBBE6D4D6616D06656A3DC707CDAC4F02EE6D8408C065F" +
-                        "CB068C0760DA47C5D60E5D70D09DC3929B6979615D117F7B" +
-                        "EDCC661A98514B3A1F55B2CBABDCA59F11823E4838065F1F" +
-                        "8431CBF28A577738234AF3F188C7190CC19739E72E9BBFFF",
-                        "7ED41B9CFDC8C256" +
-                        "83BBB4C553CC2DC61F690E62ABC9F038A16B8C519690CABE" +
-                        "BD1B5C196C57CF759BB9871BE0C163A57315EA96F615136D" +
-                        "064572F09F26D659D24211F9610FFCDFFDA8CE23FFA96735" +
-                        "7595182660877766035EED800B05364CE324A75EB63FD9B3" +
-                        "EED956D147480B1D0A42DF8AA990BB628666F6F61D60CBE2"})
-                .setPersonalizationString(
-                    "404142434445464748494A4B4C4D4E" +
-                        "4F505152535455565758595A5B5C5D5E5F60616263646566" +
-                        "6768696A6B6C6D6E6F707172737475767778797A7B7C7D7E" +
-                        "7F808182838485868788898A8B8C8D8E8F90919293949596" +
-                        "9798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAE")
-                .addAdditionalInput(
-                    "606162636465666768696A6B6C6D6E" +
-                        "6F707172737475767778797A7B7C7D7E7F80818283848586" +
-                        "8788898A8B8C8D8E8F909192939495969798999A9B9C9D9E" +
-                        "9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6" +
-                        "B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCE")
-                .addAdditionalInput(
-                    "A0A1A2A3A4A5A6A7A8A9AAABACADAE" +
-                    "AFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6" +
-                    "C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDE" +
-                    "DFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6" +
-                    "F7F8F9FAFBFCFDFEFF000102030405060708090A0B0C0D0E")
-            };
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        DRBGTestVector[] tests = createTestVectorData();
-
-        for (int i = 0; i != tests.length; i++)
-        {
-            DRBGTestVector tv = tests[i];
-
-            byte[] nonce = tv.nonce();
-            byte[] personalisationString = tv.personalizationString();
-
-            SP80090DRBG d = new HMacSP800DRBG(new HMac(tv.getDigest()), tv.securityStrength(), tv.entropySource(), personalisationString, nonce);
-
-            byte[] output = new byte[tv.expectedValue(0).length];
-
-            d.generate(output, tv.additionalInput(0), tv.predictionResistance());
-
-            byte[] expected = tv.expectedValue(0);
-
-            if (!areEqual(expected, output))
-            {
-                fail("Test #" + (i + 1) + ".1 failed, expected " + new String(Hex.encode(tv.expectedValue(0))) + " got " + new String(Hex.encode(output)));
-            }
-
-            output = new byte[tv.expectedValue(0).length];
-
-            d.generate(output, tv.additionalInput(1), tv.predictionResistance());
-
-            expected = tv.expectedValue(1);
-            if (!areEqual(expected, output))
-            {
-                fail("Test #" + (i + 1) + ".2 failed, expected " + new String(Hex.encode(tv.expectedValue(1))) + " got " + new String(Hex.encode(output)));
-            }
-        }
-
-        // Exception tests
-        //
-        SP80090DRBG d;
-        try
-        {
-            d = new HMacSP800DRBG(new HMac(new SHA256Digest()), 256, new SHA256EntropyProvider().get(128), null, null);
-            fail("no exception thrown");
-        }
-        catch (IllegalArgumentException e)
-        {
-            if (!e.getMessage().equals("Not enough entropy for security strength required"))
-            {
-                fail("Wrong exception", e);
-            }
-        }
-    }
-
-    private class SHA1EntropyProvider
-        extends TestEntropySourceProvider
-    {
-        SHA1EntropyProvider()
-        {
-            super(
-                Hex.decode(
-                    "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F30313233343536"
-                        + "808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6"
-                        + "C0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6"), true);
-        }
-    }
-
-    private class SHA256EntropyProvider
-        extends TestEntropySourceProvider
-    {
-        SHA256EntropyProvider()
-        {
-            super(Hex.decode(
-                "00010203040506" +
-                    "0708090A0B0C0D0E0F101112131415161718191A1B1C1D1E" +
-                    "1F202122232425262728292A2B2C2D2E2F30313233343536" +
-                    "80818283848586" +
-                    "8788898A8B8C8D8E8F909192939495969798999A9B9C9D9E" +
-                    "9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6" +
-                    "C0C1C2C3C4C5C6" +
-                    "C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDE" +
-                    "DFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6"), true);
-        }
-    }
-
-    private class SHA384EntropyProvider
-        extends TestEntropySourceProvider
-    {
-        SHA384EntropyProvider()
-        {
-            super(Hex.decode(
-                "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223242526"
-                    + "2728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F50515253545556"
-                    + "5758595A5B5C5D5E5F606162636465666768696A6B6C6D6E" +
-                    "808182838485868788898A8B8C8D8E" +
-                    "8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6" +
-                    "A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBE" +
-                    "BFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6" +
-                    "D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEE" +
-                    "C0C1C2C3C4C5C6C7C8C9CACBCCCDCE" +
-                    "CFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6" +
-                    "E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFE" +
-                    "FF000102030405060708090A0B0C0D0E0F10111213141516" +
-                    "1718191A1B1C1D1E1F202122232425262728292A2B2C2D2E"), true);
-        }
-    }
-
-    private class SHA512EntropyProvider
-        extends TestEntropySourceProvider
-    {
-        SHA512EntropyProvider()
-        {
-            super(Hex.decode(
-                "000102030405060708090A0B0C0D0E" +
-                    "0F101112131415161718191A1B1C1D1E1F20212223242526" +
-                    "2728292A2B2C2D2E2F303132333435363738393A3B3C3D3E" +
-                    "3F404142434445464748494A4B4C4D4E4F50515253545556" +
-                    "5758595A5B5C5D5E5F606162636465666768696A6B6C6D6E" +
-                    "808182838485868788898A8B8C8D8E" +
-                    "8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6" +
-                    "A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBE" +
-                    "BFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6" +
-                    "D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEE" +
-                    "C0C1C2C3C4C5C6C7C8C9CACBCCCDCE" +
-                    "CFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6" +
-                    "E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFE" +
-                    "FF000102030405060708090A0B0C0D0E0F10111213141516" +
-                    "1718191A1B1C1D1E1F202122232425262728292A2B2C2D2E"), true);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/HashDRBGTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/HashDRBGTest.java
deleted file mode 100644
index ee63203..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/HashDRBGTest.java
+++ /dev/null

@@ -1,481 +0,0 @@
-package org.bouncycastle.crypto.prng.test;
-
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA384Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.prng.drbg.HashSP800DRBG;
-import org.bouncycastle.crypto.prng.drbg.SP80090DRBG;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * DRBG Test
- */
-public class HashDRBGTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "HashDRBG";
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new HashDRBGTest());
-    }
-
-    private DRBGTestVector[] createTestVectorData()
-    {
-        return new DRBGTestVector[]
-            {
-                new DRBGTestVector(
-                            new SHA1Digest(),
-                            new SHA1EntropyProvider().get(440),
-                            false,
-                            "2021222324",
-                            80,
-                            new String[]
-                                {
-                                    "9F7CFF1ECA23E750F66326969F11800F12088BA68E441D15D888B3FE12BF66FE057494F4546DE2F1",
-                                    "B77AA5C0CD55BBCEED7574AF223AFD988C7EEC8EFF4A94E5E89D26A04F58FA79F5E0D3702D7A9A6A"
-                                }
-                        ),
-                new DRBGTestVector(
-                    new SHA1Digest(),
-                    new SHA1EntropyProvider().get(440),
-                    false,
-                    "2021222324",
-                    80,
-                    new String[]
-                        {
-                            "AB438BD3B01A0AF85CFEE29F7D7B71621C4908B909124D430E7B406FB1086EA994C582E0D656D989",
-                            "29D9098F987E7005314A0F51B3DD2B8122F4AED706735DE6AD5DDBF223177C1E5F3AEBC52FAB90B9"
-                        })
-                    .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F70717273747576"),
-                new DRBGTestVector(
-                    new SHA1Digest(),
-                    new SHA1EntropyProvider().get(440),
-                    false,
-                    "2021222324",
-                    80,
-                    new String[]
-                        {
-                            "E76B4EDD5C865BC8AFD809A59B69B429AC7F4352A579BCF3F75E56249A3491F87C3CA6848B0FAB25",
-                            "6577B6B4F87A93240B199FE51A3B335313683103DECE171E3256FB7E803586CA4E45DD242EB01F70"
-                        })
-                    .addAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F90919293949596")
-                    .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6"),
-                new DRBGTestVector(
-                    new SHA1Digest(),
-                    new SHA1EntropyProvider().get(440),
-                    true,
-                    "2021222324",
-                    80,
-                    new String[]
-                        {
-                            "56EF4913373994D5539F4D7D17AFE7448CDF5E72416CC6A71A340059FA0D5AE526B23250C46C0944",
-                            "575B37A2739814F966C63B60A2C4F149CA9ACC84FC4B25493289B085C67B2E30F5F0B99A2C349E2A"
-                        }),
-                new DRBGTestVector(
-                    new SHA1Digest(),
-                    new SHA1EntropyProvider().get(440),
-                    true,
-                    "2021222324",
-                    80,
-                    new String[]
-                        {
-                            "532CA1165DCFF21C55592687639884AF4BC4B057DF8F41DE653AB44E2ADEC7C9303E75ABE277EDBF",
-                            "73C2C67C696D686D0C4DBCEB5C2AF7DDF6F020B6874FAE4390F102117ECAAFF54418529A367005A0"
-                        })
-                .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F70717273747576"),
-                new DRBGTestVector(
-                    new SHA1Digest(),
-                    new SHA1EntropyProvider().get(440),
-                    true,
-                    "2021222324",
-                    80,
-                    new String[]
-                        {
-                            "183C242A1430E46C4ED70B4DBE1BF9AB0AB8721CDCA2A2D1820AD6F6C956858543B2AA191D8D1287",
-                            "F196F9BD021C745CBD5AC7BFCE48EAAF0D0E7C091FBF436940E63A198EE770D9A4F0718669AF2BC9"
-                        })
-                    .addAdditionalInput("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F90919293949596")
-                    .addAdditionalInput("A0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6"),
-                new DRBGTestVector(
-                    new SHA256Digest(),
-                    new SHA256EntropyProvider().get(440),
-                    false,
-                    "2021222324252627",
-                    128,
-                    new String[]
-                        {
-                            "77E05A0E7DC78AB5D8934D5E93E82C06" +
-                            "A07C04CEE6C9C53045EEB485872777CF3B3E35C474F976B8" +
-                            "94BF301A86FA651F463970E89D4A0534B2ECAD29EC044E7E",
-                            "5FF4BA493C40CFFF3B01E472C575668C" +
-                            "CE3880B9290B05BFEDE5EC96ED5E9B2898508B09BC800EEE" +
-                            "099A3C90602ABD4B1D4F343D497C6055C87BB956D53BF351"
-                        }
-                ),
-                new DRBGTestVector(
-                    new SHA256Digest(),
-                    new SHA256EntropyProvider().get(440),
-                    true,
-                    "2021222324252627",
-                    128,
-                    new String[]
-                        {
-                            "92275523C70E567BCF9B35EC50B933F8" +
-                            "12616DF586B7F72EE1BC7735A5C2654373CBBC72316DFF84" +
-                            "20A33BF02B97AC8D1952583F270ACD7005CC027F4CF1187E",
-                            "681A46B2AA8694A0FE4DEEA720927A84" +
-                            "EAAA985E59C19F8BE0984D8CBEF8C69B754167641946E040" +
-                            "EE2043E1CCB29DCF063C0A50830E428E6DCA262ECD77C542"
-                        }),
-                new DRBGTestVector(
-                            new SHA384Digest(),
-                            new SHA384EntropyProvider().get(888),
-                            false,
-                            "202122232425262728292A2B",
-                            192,
-                            new String[]
-                                {
-                                    "04FF23AD15E78790ADD36B438BBC097C7A11747CC2CCEEDE" +
-                                    "2C978B23B3DC63B732C953061D7764990ABFEFC47A581B92" +
-                                    "1BC0428C4F12212460E406A0F0651E7F0CB9A90ABFDB07B5" +
-                                    "25565C74F0AA085082F6CF213AAFAD0C0646895078F1E1FE",
-                                    "4F35B85F95DEE3E873054905CFD02341653E18F529930CBE" +
-                                    "14D909F37FEAF2C790D22FAE7516B4590BE35D53E2FE1A35" +
-                                    "AFE4B6607CB358589C3B4D094A1D81FE0717F1DF5BDDEB3E" +
-                                    "114F130BB781E66C22B5B770E8AE115FF39F8ADAF66DEEDF"
-                                }
-                        ),
-                new DRBGTestVector(
-                        new SHA384Digest(),
-                        new SHA384EntropyProvider().get(888),
-                        true,
-                        "202122232425262728292A2B",
-                        192,
-                        new String[]
-                            {
-                                "97993B78F7C31C0E876DC92EB7D6C408E09D608AD6B99D0E" +
-                                "A2229B05A578C426334FCC8A1C7E676ED2D89A5B4CDF5B3F" +
-                                "4ADF11936BF14F4E10909DBA9C24F4FDFFDE72351DA8E2CC" +
-                                "3B135A395373899E5F1A5955B880CA9B9E9DD4C9CA7FA4D4",
-                                "F5983946320E36C64EF283CA1F65D197CF81624EC6778E77" +
-                                "0E78949D84EF21A45CDD62D1DB76920D4C2836FC6AE5299F" +
-                                "AF1357D9701FAD10FBD88D1E2832239436D76EB271BDC3CA" +
-                                "04425EC88BC0E89A4D5C37FFCE7C6C3ABDE9C413AE6D3FEA"
-                            }
-                    ),
-                new DRBGTestVector(
-                            new SHA512Digest(),
-                            new SHA512EntropyProvider().get(888),
-                            false,
-                            "202122232425262728292A2B2C2D2E2F",
-                            256,
-                            new String[]
-                            {
-                                "DA126CF95C6BF97E" +
-                                "2F731F2137A907ACC70FD7AC9EBACD1C6E31C74029B052E3" +
-                                "AABC48F3B00993F2B2381F7650A55322A968C86E05DE88E6" +
-                                "367F6EF89A601DB4342E9086C7AC13B5E56C32E9E668040B" +
-                                "73847893C5BFD38A1CF44F348B4EEE4CD68ADB7E7B8C837F" +
-                                "19BC4F902761F7CFF24AB1D704FD11C4E929D8553753B55D",
-                                "400B977CE8A2BB6A" +
-                                "84C6FD1CF901459685ABF5408CFF4588CEDF52E2D2DC300A" +
-                                "A9B4FAED8CD0161C2172B1FD269253195883D6EBF21020F2" +
-                                "C20E5F2C81AE60C8595B834A229B1F5B726C1125717E6207" +
-                                "8886EF38E61E32707AD5F8116C6393DFB6E7C7AE0E8E92BB" +
-                                "D7E0C3D04BBA02F5169F2F569A58158915FEE4C9D28D45DB"
-                            }
-                        )
-                    .setPersonalizationString(
-                        "404142434445464748494A4B4C4D4E" +
-                        "4F505152535455565758595A5B5C5D5E5F60616263646566" +
-                        "6768696A6B6C6D6E6F707172737475767778797A7B7C7D7E" +
-                        "7F808182838485868788898A8B8C8D8E8F90919293949596" +
-                        "9798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAE")
-                    .addAdditionalInput(
-                        "606162636465666768696A6B6C6D6E" +
-                        "6F707172737475767778797A7B7C7D7E7F80818283848586" +
-                        "8788898A8B8C8D8E8F909192939495969798999A9B9C9D9E" +
-                        "9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6" +
-                        "B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCE")
-                    .addAdditionalInput(
-                        "A0A1A2A3A4A5A6A7A8A9AAABACADAE" +
-                        "AFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6" +
-                        "C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDE" +
-                        "DFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6" +
-                        "F7F8F9FAFBFCFDFEFF000102030405060708090A0B0C0D0E"),
-                new DRBGTestVector(
-                        new SHA512Digest(),
-                        new SHA512EntropyProvider().get(888),
-                        true,
-                        "202122232425262728292A2B2C2D2E2F",
-                        256,
-                        new String[]
-                        {
-                            "F93CA6855590A77F" +
-                            "07354097E90E026648B6115DF008FFEDBD9D9811F54E8286" +
-                            "EF00FDD6BA1E58DF2535E3FBDD9A9BA3754A97F36EE83322" +
-                            "1582060A1F37FCE4EE8826636B28EAD589593F4CA8B64738" +
-                            "8F24EB3F0A34796968D21BDEE6F81FD5DF93536F935937B8" +
-                            "025EC8CBF57DDB0C61F2E41463CC1516D657DA2829C6BF90",
-                            "4817618F48C60FB1" +
-                            "CE5BFBDA0CAF4591882A31F6EE3FE0F78779992A06EC60F3" +
-                            "7FB9A8D6108C231F0A927754B0599FA4FA27A4E25E065EF0" +
-                            "3085B892979DC0E7A1080883CAEBFDFD3665A8F2D061C521" +
-                            "F7D6E3DA2AF8B97B6B43B6EC831AF515070A83BBB9AC95ED" +
-                            "4EF49B756A2377A5F0833D847E27A88DDB0C2CE4AD782E7B "
-                        }
-                    ),
-                new DRBGTestVector(
-                        new SHA512Digest(),
-                        new SHA512EntropyProvider().get(888),
-                        true,
-                        "202122232425262728292A2B2C2D2E2F",
-                        256,
-                        new String[]
-                        {
-                            "0455DD4AD7DBACB2" +
-                            "410BE58DF7248D765A4547ABAEE1743B0BCAD37EBD06DA7C" +
-                            "F7CE5E2216E525327E9E2005EBEF2CE53BD733B18128627D" +
-                            "3FD6153089373AF2606A1584646A0EA488BFEF45228699A0" +
-                            "89CEA8AEC44502D86D9591F3552C688B7F7B45FCB0C3C2B9" +
-                            "43C1CD8A6FC63DF4D81C3DA543C9CF2843855EA84E4F959C",
-                            "C047D46D7F614E4E" +
-                            "4A7952C79A451F8F7ACA379967E2977C401C626A2ED70D74" +
-                            "A63660579A354115BC8C8C8CC3AEA3050686A0CFCDB6FA9C" +
-                            "F78D4C2165BAF851C6F9B1CD16A2E14C15C6DAAC56C16E75" +
-                            "FC84A14D58B41622E88B0F1B1995587FD8BAA999CBA98025" +
-                            "4C8AB9A9691DF7B84D88B639A9A3106DEABEB63748B99C09"
-                        }
-                    )
-                .addAdditionalInput(
-                    "606162636465666768696A6B6C6D6E" +
-                    "6F707172737475767778797A7B7C7D7E7F80818283848586" +
-                    "8788898A8B8C8D8E8F909192939495969798999A9B9C9D9E" +
-                    "9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6" +
-                    "B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCE")
-                .addAdditionalInput(
-                    "A0A1A2A3A4A5A6A7A8A9AAABACADAE" +
-                    "AFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6" +
-                    "C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDE" +
-                    "DFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6" +
-                    "F7F8F9FAFBFCFDFEFF000102030405060708090A0B0C0D0E"),
-                new DRBGTestVector(
-                            new SHA512Digest(),
-                            new SHA512EntropyProvider().get(888),
-                            true,
-                            "202122232425262728292A2B2C2D2E2F",
-                            256,
-                            new String[]
-                            {
-                                "22EB93A67911DA73" +
-                                "85D9180C78127DE1A04FF713114C07C9C615F7CC5EF72744" +
-                                "A2DDCD7C3CB85E65DED8EF5F240FBDCBEBBDE2BAAC8ECF7D" +
-                                "CBC8AC333E54607AD41DC495D83DF72A05EF55B127C1441C" +
-                                "9A0EFFDA2C7954DB6C2D04342EB812E5E0B11D6C395F41ED" +
-                                "A2702ECE5BA479E2DFA18F953097492636C12FE30CE5C968",
-                                "E66698CFBF1B3F2E" +
-                                "919C03036E584EAA81CF1C6666240AF05F70637043733954" +
-                                "D8A1E5A66A04C53C6900FDC145D4A3A80A31F5868ACE9AC9" +
-                                "4E14E2051F624A05EEA1F8B684AA5410BCE315E76EA07C71" +
-                                "5D6F34731320FF0DCF78D795E6EFA2DF92B98BE636CDFBA2" +
-                                "9008DD392112AEC202F2E481CB9D83F987FEA69CD1B368BB"
-                            }
-                        )
-                    .setPersonalizationString(
-                        "404142434445464748494A4B4C4D4E" +
-                            "4F505152535455565758595A5B5C5D5E5F60616263646566" +
-                            "6768696A6B6C6D6E6F707172737475767778797A7B7C7D7E" +
-                            "7F808182838485868788898A8B8C8D8E8F90919293949596" +
-                            "9798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAE"),
-                new DRBGTestVector(
-                            new SHA512Digest(),
-                            new SHA512EntropyProvider().get(888),
-                            true,
-                            "202122232425262728292A2B2C2D2E2F",
-                            256,
-                            new String[]
-                            {
-                                "7596A76372308BD5" +
-                                "A5613439934678B35521A94D81ABFE63A21ACF61ABB88B61" +
-                                "E86A12C37F308F2BBBE32BE4B38D03AE808386494D70EF52" +
-                                "E9E1365DD18B7784CAB826F31D47579E4D57F69D8BF3152B" +
-                                "95741946CEBE58571DF58ED39980D9AF44E69F01E8989759" +
-                                "8E40171101A0E3302838E0AD9E849C01988993CF9F6E5263",
-                                "DBE5EE36FCD85301" +
-                                "303E1C3617C1AC5E23C08885D0BEFAAD0C85A0D89F85B9F1" +
-                                "6ECE3D88A24EB96504F2F13EFA7049621782F5DE2C416A0D" +
-                                "294CCFE53545C4E309C48E1E285A2B829A574B72B3C2FBE1" +
-                                "34D01E3706B486F2401B9820E17298A342666918E15B8462" +
-                                "87F8C5AF2D96B20FAF3D0BB392E15F4A06CDB0DECD1B6AD7"
-                            }
-                        )
-                    .setPersonalizationString(
-                        "404142434445464748494A4B4C4D4E" +
-                            "4F505152535455565758595A5B5C5D5E5F60616263646566" +
-                            "6768696A6B6C6D6E6F707172737475767778797A7B7C7D7E" +
-                            "7F808182838485868788898A8B8C8D8E8F90919293949596" +
-                            "9798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAE")
-                    .addAdditionalInput(
-                        "606162636465666768696A6B6C6D6E" +
-                            "6F707172737475767778797A7B7C7D7E7F80818283848586" +
-                            "8788898A8B8C8D8E8F909192939495969798999A9B9C9D9E" +
-                            "9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6" +
-                            "B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCE")
-                    .addAdditionalInput(
-                        "A0A1A2A3A4A5A6A7A8A9AAABACADAE" +
-                            "AFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6" +
-                            "C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDE" +
-                            "DFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6" +
-                            "F7F8F9FAFBFCFDFEFF000102030405060708090A0B0C0D0E")
-            };
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        DRBGTestVector[] tests = createTestVectorData();
-
-        for (int i = 0; i != tests.length; i++)
-        {
-            DRBGTestVector tv = tests[i];
-
-            byte[] nonce = tv.nonce();
-            byte[] personalisationString = tv.personalizationString();
-
-            SP80090DRBG d = new HashSP800DRBG(tv.getDigest(), tv.securityStrength(), tv.entropySource(), personalisationString, nonce);
-
-            byte[] output = new byte[tv.expectedValue(0).length];
-
-            d.generate(output, tv.additionalInput(0), tv.predictionResistance());
-
-            byte[] expected = tv.expectedValue(0);
-
-            if (!areEqual(expected, output))
-            {
-                fail("Test #" + (i + 1) + ".1 failed, expected " + new String(Hex.encode(tv.expectedValue(0))) + " got " + new String(Hex.encode(output)));
-            }
-
-            output = new byte[tv.expectedValue(0).length];
-
-            d.generate(output, tv.additionalInput(1), tv.predictionResistance());
-
-            expected = tv.expectedValue(1);
-            if (!areEqual(expected, output))
-            {
-                fail("Test #" + (i + 1) + ".2 failed, expected " + new String(Hex.encode(tv.expectedValue(1))) + " got " + new String(Hex.encode(output)));
-            }
-        }
-
-        // Exception tests
-        //
-        SP80090DRBG d;
-        try
-        {
-            d = new HashSP800DRBG(new SHA256Digest(), 256, new SHA256EntropyProvider().get(128), null, null);
-            fail("no exception thrown");
-        }
-        catch (IllegalArgumentException e)
-        {
-            if (!e.getMessage().equals("Not enough entropy for security strength required"))
-            {
-                fail("Wrong exception", e);
-            }
-        }
-
-        try
-        {
-            d = new HashSP800DRBG(new SHA1Digest(), 256, new SHA256EntropyProvider().get(256), null, null);
-            fail("no exception thrown");
-        }
-        catch (IllegalArgumentException e)
-        {
-            if (!e.getMessage().equals("Requested security strength is not supported by the derivation function"))
-            {
-                fail("Wrong exception", e);
-            }
-        }
-    }
-
-    private class SHA1EntropyProvider
-        extends TestEntropySourceProvider
-    {
-        SHA1EntropyProvider()
-        {
-            super(
-                Hex.decode(
-                    "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F30313233343536"
-                        + "808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6"
-                        + "C0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6"), true);
-        }
-    }
-
-    private class SHA256EntropyProvider
-        extends TestEntropySourceProvider
-    {
-        SHA256EntropyProvider()
-        {
-            super(Hex.decode(
-                "00010203040506" +
-                    "0708090A0B0C0D0E0F101112131415161718191A1B1C1D1E" +
-                    "1F202122232425262728292A2B2C2D2E2F30313233343536" +
-                    "80818283848586" +
-                    "8788898A8B8C8D8E8F909192939495969798999A9B9C9D9E" +
-                    "9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6" +
-                    "C0C1C2C3C4C5C6" +
-                    "C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDE" +
-                    "DFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6"), true);
-        }
-    }
-
-    private class SHA384EntropyProvider
-        extends TestEntropySourceProvider
-    {
-        SHA384EntropyProvider()
-        {
-            super(Hex.decode(
-                "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F20212223242526"
-                    + "2728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F50515253545556"
-                    + "5758595A5B5C5D5E5F606162636465666768696A6B6C6D6E" +
-                    "808182838485868788898A8B8C8D8E" +
-                    "8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6" +
-                    "A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBE" +
-                    "BFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6" +
-                    "D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEE" +
-                    "C0C1C2C3C4C5C6C7C8C9CACBCCCDCE" +
-                    "CFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6" +
-                    "E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFE" +
-                    "FF000102030405060708090A0B0C0D0E0F10111213141516" +
-                    "1718191A1B1C1D1E1F202122232425262728292A2B2C2D2E"), true);
-        }
-    }
-
-    private class SHA512EntropyProvider
-        extends TestEntropySourceProvider
-    {
-        SHA512EntropyProvider()
-        {
-            super(Hex.decode(
-                "000102030405060708090A0B0C0D0E" +
-                    "0F101112131415161718191A1B1C1D1E1F20212223242526" +
-                    "2728292A2B2C2D2E2F303132333435363738393A3B3C3D3E" +
-                    "3F404142434445464748494A4B4C4D4E4F50515253545556" +
-                    "5758595A5B5C5D5E5F606162636465666768696A6B6C6D6E" +
-                    "808182838485868788898A8B8C8D8E" +
-                    "8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6" +
-                    "A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBE" +
-                    "BFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6" +
-                    "D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEE" +
-                    "C0C1C2C3C4C5C6C7C8C9CACBCCCDCE" +
-                    "CFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6" +
-                    "E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFE" +
-                    "FF000102030405060708090A0B0C0D0E0F10111213141516" +
-                    "1718191A1B1C1D1E1F202122232425262728292A2B2C2D2E"), true);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/RegressionTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/RegressionTest.java
deleted file mode 100644
index 9b03637..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/RegressionTest.java
+++ /dev/null

@@ -1,34 +0,0 @@
-package org.bouncycastle.crypto.prng.test;
-
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-public class RegressionTest
-{
-    public static Test[]    tests = {
-        new CTRDRBGTest(),
-        new DualECDRBGTest(),
-        new HashDRBGTest(),
-        new HMacDRBGTest(),
-        new SP800RandomTest(),
-        new X931Test(),
-        new FixedSecureRandomTest()
-    };
-
-    public static void main(
-        String[]    args)
-    {
-        for (int i = 0; i != tests.length; i++)
-        {
-            TestResult  result = tests[i].perform();
-            
-            if (result.getException() != null)
-            {
-                result.getException().printStackTrace();
-            }
-            
-            System.out.println(result);
-        }
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/SP800RandomTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/SP800RandomTest.java
deleted file mode 100644
index 3dfe115..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/SP800RandomTest.java
+++ /dev/null

@@ -1,288 +0,0 @@
-package org.bouncycastle.crypto.prng.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.engines.DESedeEngine;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.prng.BasicEntropySourceProvider;
-import org.bouncycastle.crypto.prng.SP800SecureRandomBuilder;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class SP800RandomTest
-    extends SimpleTest
-{
-
-    public String getName()
-    {
-        return "SP800RandomTest";
-    }
-
-    private void testHashRandom()
-    {
-        DRBGTestVector tv = new DRBGTestVector(
-                            new SHA1Digest(),
-                            new SHA1EntropyProvider().get(440),
-                            true,
-                            "2021222324",
-                            80,
-                            new String[]
-                                {
-                                    "532CA1165DCFF21C55592687639884AF4BC4B057DF8F41DE653AB44E2ADEC7C9303E75ABE277EDBF",
-                                    "73C2C67C696D686D0C4DBCEB5C2AF7DDF6F020B6874FAE4390F102117ECAAFF54418529A367005A0"
-                                })
-                        .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F70717273747576");
-
-        doHashTest(0, tv);
-
-        tv =  new DRBGTestVector(
-                            new SHA1Digest(),
-                            new SHA1EntropyProvider().get(440),
-                            false,
-                            "2021222324",
-                            80,
-                            new String[]
-                                {
-                                    "AB438BD3B01A0AF85CFEE29F7D7B71621C4908B909124D430E7B406FB1086EA994C582E0D656D989",
-                                    "29D9098F987E7005314A0F51B3DD2B8122F4AED706735DE6AD5DDBF223177C1E5F3AEBC52FAB90B9"
-                                })
-                            .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F70717273747576");
-
-        doHashTest(1, tv);
-    }
-
-    private void doHashTest(int index, DRBGTestVector tv)
-    {
-        SP800SecureRandomBuilder rBuild = new SP800SecureRandomBuilder(new SHA1EntropyProvider());
-
-        rBuild.setPersonalizationString(tv.personalizationString());
-        rBuild.setSecurityStrength(tv.securityStrength());
-        rBuild.setEntropyBitsRequired(tv.entropySource().getEntropy().length * 8);
-
-        SecureRandom random = rBuild.buildHash(tv.getDigest(), tv.nonce(), tv.predictionResistance());
-
-        byte[] expected = tv.expectedValue(0);
-        byte[] produced = new byte[expected.length];
-
-        random.nextBytes(produced);
-
-        if (!Arrays.areEqual(expected, produced))
-        {
-            fail(index + " SP800 Hash SecureRandom produced incorrect result (1)");
-        }
-
-        random.nextBytes(produced);
-        expected = tv.expectedValue(1);
-
-        if (!Arrays.areEqual(expected, produced))
-        {
-            fail(index + " SP800 Hash SecureRandom produced incorrect result (2)");
-        }
-    }
-
-    private void testHMACRandom()
-    {
-        DRBGTestVector tv = new DRBGTestVector(
-            new SHA1Digest(),
-            new SHA1EntropyProvider().get(440),
-            true,
-            "2021222324",
-            80,
-            new String[]
-                {
-                    "6C37FDD729AA40F80BC6AB08CA7CC649794F6998B57081E4220F22C5C283E2C91B8E305AB869C625",
-                    "CAF57DCFEA393B9236BF691FA456FEA7FDF1DF8361482CA54D5FA723F4C88B4FA504BF03277FA783"
-                })
-            .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F70717273747576");
-
-        doHMACTest(tv);
-
-        tv = new DRBGTestVector(
-                new SHA1Digest(),
-                new SHA1EntropyProvider().get(440),
-                false,
-                "2021222324",
-                80,
-                new String[]
-                    {
-                        "5A7D3B449F481CB38DF79AD2B1FCC01E57F8135E8C0B22CD0630BFB0127FB5408C8EFC17A929896E",
-                        "82cf772ec3e84b00fc74f5df104efbfb2428554e9ce367d03aeade37827fa8e9cb6a08196115d948"
-                    });
-
-        doHMACTest(tv);
-    }
-
-    private void doHMACTest(DRBGTestVector tv)
-    {
-        SP800SecureRandomBuilder rBuild = new SP800SecureRandomBuilder(new SHA1EntropyProvider());
-
-        rBuild.setPersonalizationString(tv.personalizationString());
-        rBuild.setSecurityStrength(tv.securityStrength());
-        rBuild.setEntropyBitsRequired(tv.entropySource().getEntropy().length * 8);
-
-        SecureRandom random = rBuild.buildHMAC(new HMac(tv.getDigest()), tv.nonce(), tv.predictionResistance());
-
-        byte[] expected = tv.expectedValue(0);
-        byte[] produced = new byte[expected.length];
-
-        random.nextBytes(produced);
-        if (!Arrays.areEqual(expected, produced))
-        {
-            fail("SP800 HMAC SecureRandom produced incorrect result (1)");
-        }
-
-        random.nextBytes(produced);
-        expected = tv.expectedValue(1);
-
-        if (!Arrays.areEqual(expected, produced))
-        {
-            fail("SP800 HMAC SecureRandom produced incorrect result (2)");
-        }
-    }
-
-    private void testCTRRandom()
-    {
-        DRBGTestVector tv = new DRBGTestVector(
-                                    new DESedeEngine(), 168,
-                                    new Bit232EntropyProvider().get(232),
-                                    false,
-                                    "20212223242526",
-                                    112,
-                                    new String[]
-                                        {
-                                            "ABC88224514D0316EA3D48AEE3C9A2B4",
-                                            "D3D3F372E43E7ABDC4FA293743EED076"
-                                        }
-                                );
-
-        doCTRTest(tv);
-
-        tv = new DRBGTestVector(
-                    new DESedeEngine(), 168,
-                    new Bit232EntropyProvider().get(232),
-                    true,
-                    "20212223242526",
-                    112,
-                    new String[]
-                        {
-                            "64983055D014550B39DE699E43130B64",
-                            "035FDDA8582A2214EC722C410A8D95D3"
-                        }
-                )
-        .setPersonalizationString("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C");
-
-        doCTRTest(tv);
-    }
-
-    private void doCTRTest(DRBGTestVector tv)
-    {
-        SP800SecureRandomBuilder rBuild = new SP800SecureRandomBuilder(new Bit232EntropyProvider());
-
-        rBuild.setPersonalizationString(tv.personalizationString());
-        rBuild.setSecurityStrength(tv.securityStrength());
-        rBuild.setEntropyBitsRequired(tv.entropySource().getEntropy().length * 8);
-
-        SecureRandom random = rBuild.buildCTR(tv.getCipher(), tv.keySizeInBits(), tv.nonce(), tv.predictionResistance());
-
-        byte[] expected = tv.expectedValue(0);
-        byte[] produced = new byte[expected.length];
-
-        random.nextBytes(produced);
-        if (!Arrays.areEqual(expected, produced))
-        {
-            fail("SP800 CTR SecureRandom produced incorrect result (1)");
-        }
-
-        random.nextBytes(produced);
-        expected = tv.expectedValue(1);
-
-        if (!Arrays.areEqual(expected, produced))
-        {
-            fail("SP800 CTR SecureRandom produced incorrect result (2)");
-        }
-    }
-
-    private void testGenerateSeed()
-    {
-        SP800SecureRandomBuilder rBuild = new SP800SecureRandomBuilder(new Bit232EntropyProvider());
-
-        rBuild.setPersonalizationString(Hex.decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C"));
-        rBuild.setSecurityStrength(112);
-        rBuild.setEntropyBitsRequired(232);
-
-        SecureRandom random = rBuild.buildCTR(new DESedeEngine(), 168, Hex.decode("20212223242526"), false);
-
-        rBuild = new SP800SecureRandomBuilder(new BasicEntropySourceProvider(random, false));
-
-        rBuild.setPersonalizationString(Hex.decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C"));
-        rBuild.setSecurityStrength(112);
-        rBuild.setEntropyBitsRequired(232);
-
-        random = rBuild.buildCTR(new DESedeEngine(), 168, Hex.decode("20212223242526"), false);
-
-        byte[] expected = Hex.decode("760bed7d92b083b10af31cf0656081eb51d241f0");
-
-        byte[] produced = random.generateSeed(20);
-
-        if (!Arrays.areEqual(expected, produced))
-        {
-            fail("SP800 CTR SecureRandom.generateSeed() produced incorrect result (1)");
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        testHashRandom();
-        testHMACRandom();
-        testCTRRandom();
-        testGenerateSeed();
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new SP800RandomTest());
-    }
-
-    // for HMAC/Hash
-    private class SHA1EntropyProvider
-        extends TestEntropySourceProvider
-    {
-        SHA1EntropyProvider()
-        {
-            super(
-                Hex.decode(
-                    "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F30313233343536"
-                        + "808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6"
-                        + "C0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6"), true);
-        }
-    }
-
-    // for Dual EC
-    private class SHA256EntropyProvider
-        extends TestEntropySourceProvider
-    {
-        SHA256EntropyProvider()
-        {
-            super(Hex.decode(
-                "000102030405060708090A0B0C0D0E0F " +
-                    "808182838485868788898A8B8C8D8E8F" +
-                    "C0C1C2C3C4C5C6C7C8C9CACBCCCDCECF"), true);
-        }
-    }
-
-    private class Bit232EntropyProvider
-        extends TestEntropySourceProvider
-    {
-        Bit232EntropyProvider()
-        {
-            super(Hex.decode(
-               "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C" +
-               "808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C" +
-               "C0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDC"), true);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/TestEntropySourceProvider.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/TestEntropySourceProvider.java
deleted file mode 100644
index 64e7595..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/TestEntropySourceProvider.java
+++ /dev/null

@@ -1,46 +0,0 @@
-package org.bouncycastle.crypto.prng.test;
-
-import org.bouncycastle.crypto.prng.EntropySource;
-import org.bouncycastle.crypto.prng.EntropySourceProvider;
-
-public class TestEntropySourceProvider
-    implements EntropySourceProvider
-{
-    private final byte[] data;
-    private final boolean isPredictionResistant;
-
-    protected TestEntropySourceProvider(byte[] data, boolean isPredictionResistant)
-    {
-        this.data = data;
-        this.isPredictionResistant = isPredictionResistant;
-    }
-
-    public EntropySource get(final int bitsRequired)
-    {
-        return new EntropySource()
-        {
-            int index = 0;
-
-            public boolean isPredictionResistant()
-            {
-                return isPredictionResistant;
-            }
-
-            public byte[] getEntropy()
-            {
-                byte[] rv = new byte[bitsRequired / 8];
-
-                System.arraycopy(data, index, rv, 0, rv.length);
-
-                index += bitsRequired / 8;
-
-                return rv;
-            }
-
-            public int entropySize()
-            {
-                return bitsRequired;
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/X931Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/X931Test.java
deleted file mode 100644
index 26ed67f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/X931Test.java
+++ /dev/null

@@ -1,124 +0,0 @@
-package org.bouncycastle.crypto.prng.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.engines.AESEngine;
-import org.bouncycastle.crypto.engines.DESedeEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.prng.X931SecureRandomBuilder;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * HMAC SP800-90 DRBG
- */
-public class X931Test
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "X931";
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new X931Test());
-    }
-
-    private X931TestVector[] createTestVectorData()
-    {
-        return new X931TestVector[]
-            {
-                new X931TestVector(
-                    new AESEngine(),
-                    new AES128EntropyProvider(),
-                    "f7d36762b9915f1ed585eb8e91700eb2",
-                    "259e67249288597a4d61e7c0e690afae",
-                    false,
-                    new String[] {
-                        "15f013af5a8e9df9a8e37500edaeac43",
-                        "a9d74bb1c90a222adc398546d64879cf",
-                        "0379e404042d58180764fb9e6c5d94bb",
-                        "3c74603e036d28c79947ffb56fee4e51",
-                        "e872101a4df81ebbe1e632fc87195d52",
-                        "26a6b3d33b8e7e68b75d9630ec036314" }),
-                new X931TestVector(
-                    new DESedeEngine(),
-                    new TDESEntropyProvider(),
-                    "ef16ec643e5db5892cbc6eabba310b3410e6f8759e3e382c",
-                    "55df103deaf68dc4",
-                    false,
-                    new String[] {
-                        "9c960bb9662ce6de",
-                        "d9d0e527fd0931da",
-                        "3e2db9994e9e6995",
-                        "0e3868aef8218cf7",
-                        "7b0b0ca137f8fd81",
-                        "f657df270ad12265" })
-            };
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        X931TestVector[] vectors = createTestVectorData();
-
-        for (int i = 0; i != vectors.length; i++)
-        {
-            X931TestVector tv = vectors[i];
-            X931SecureRandomBuilder bld = new X931SecureRandomBuilder(tv.getEntropyProvider());
-
-            bld.setDateTimeVector(Hex.decode(tv.getDateTimeVector()));
-
-            SecureRandom rand = bld.build(tv.getEngine(), new KeyParameter(Hex.decode(tv.getKey())), tv.isPredictionResistant());
-
-            for (int j = 0; j != tv.getExpected().length - 1; j++)
-            {
-                byte[] expected = Hex.decode(tv.getExpected()[j]);
-                byte[] res = new byte[expected.length];
-
-                rand.nextBytes(res);
-
-                if (!Arrays.areEqual(expected, res))
-                {
-                    fail("expected output wrong [" + j + "] got : " + Strings.fromByteArray(Hex.encode(res)));
-                }
-            }
-
-            byte[] expected = Hex.decode(tv.getExpected()[tv.getExpected().length - 1]);
-            byte[] res = new byte[expected.length];
-
-            for (int j = tv.getExpected().length - 1; j != 10000; j++)
-            {
-                rand.nextBytes(res);
-            }
-
-            if (!Arrays.areEqual(expected, res))
-            {
-                fail("expected output wrong [" + 10000 + "] got : " + Strings.fromByteArray(Hex.encode(res)));
-            }
-        }
-    }
-
-    private class AES128EntropyProvider
-        extends TestEntropySourceProvider
-    {
-        AES128EntropyProvider()
-        {
-            super(Hex.decode(
-                "35cc0ea481fc8a4f5f05c7d4667233b2"), true);
-        }
-    }
-
-    private class TDESEntropyProvider
-        extends TestEntropySourceProvider
-    {
-        TDESEntropyProvider()
-        {
-            super(Hex.decode(
-                "96d872b9122c5e74"), true);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/X931TestVector.java b/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/X931TestVector.java
deleted file mode 100644
index ce57a96..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/prng/test/X931TestVector.java
+++ /dev/null

@@ -1,56 +0,0 @@
-package org.bouncycastle.crypto.prng.test;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.prng.EntropySourceProvider;
-
-public class X931TestVector
-{
-    private final BlockCipher engine;
-    private final EntropySourceProvider entropyProvider;
-    private final String key;
-    private final String dateTimeVector;
-    private final boolean predictionResistant;
-    private final String[] expected;
-
-    public X931TestVector(BlockCipher engine, EntropySourceProvider entropyProvider, String key, String dateTimeVector, boolean predictionResistant, String[] expected)
-    {
-        this.engine = engine;
-        this.entropyProvider = entropyProvider;
-        this.key = key;
-
-
-        this.dateTimeVector = dateTimeVector;
-        this.predictionResistant = predictionResistant;
-        this.expected = expected;
-    }
-
-    public String getDateTimeVector()
-    {
-        return dateTimeVector;
-    }
-
-    public BlockCipher getEngine()
-    {
-        return engine;
-    }
-
-    public EntropySourceProvider getEntropyProvider()
-    {
-        return entropyProvider;
-    }
-
-    public String[] getExpected()
-    {
-        return expected;
-    }
-
-    public String getKey()
-    {
-        return key;
-    }
-
-    public boolean isPredictionResistant()
-    {
-        return predictionResistant;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/signers/DSADigestSigner.java b/bcprov/src/main/java/org/bouncycastle/crypto/signers/DSADigestSigner.java
deleted file mode 100644
index b9343db..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/signers/DSADigestSigner.java
+++ /dev/null

@@ -1,150 +0,0 @@
-package org.bouncycastle.crypto.signers;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DSA;
-import org.bouncycastle.crypto.DSAExt;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-
-public class DSADigestSigner
-    implements Signer
-{
-    private final DSA dsa;
-    private final Digest digest;
-    private final DSAEncoding encoding;
-    private boolean forSigning;
-
-    public DSADigestSigner(
-        DSA     dsa,
-        Digest  digest)
-    {
-        this.dsa = dsa;
-        this.digest = digest;
-        this.encoding = StandardDSAEncoding.INSTANCE;
-    }
-
-    public DSADigestSigner(
-        DSAExt      dsa,
-        Digest      digest,
-        DSAEncoding encoding)
-    {
-        this.dsa = dsa;
-        this.digest = digest;
-        this.encoding = encoding;
-    }
-
-    public void init(
-        boolean           forSigning,
-        CipherParameters   parameters)
-    {
-        this.forSigning = forSigning;
-
-        AsymmetricKeyParameter k;
-
-        if (parameters instanceof ParametersWithRandom)
-        {
-            k = (AsymmetricKeyParameter)((ParametersWithRandom)parameters).getParameters();
-        }
-        else
-        {
-            k = (AsymmetricKeyParameter)parameters;
-        }
-
-        if (forSigning && !k.isPrivate())
-        {
-            throw new IllegalArgumentException("Signing Requires Private Key.");
-        }
-
-        if (!forSigning && k.isPrivate())
-        {
-            throw new IllegalArgumentException("Verification Requires Public Key.");
-        }
-
-        reset();
-
-        dsa.init(forSigning, parameters);
-    }
-
-    /**
-     * update the internal digest with the byte b
-     */
-    public void update(
-        byte input)
-    {
-        digest.update(input);
-    }
-
-    /**
-     * update the internal digest with the byte array in
-     */
-    public void update(
-        byte[]  input,
-        int     inOff,
-        int     length)
-    {
-        digest.update(input, inOff, length);
-    }
-
-    /**
-     * Generate a signature for the message we've been loaded with using
-     * the key we were initialised with.
-     */
-    public byte[] generateSignature()
-    {
-        if (!forSigning)
-        {
-            throw new IllegalStateException("DSADigestSigner not initialised for signature generation.");
-        }
-
-        byte[] hash = new byte[digest.getDigestSize()];
-        digest.doFinal(hash, 0);
-
-        BigInteger[] sig = dsa.generateSignature(hash);
-
-        try
-        {
-            return encoding.encode(getOrder(), sig[0], sig[1]);
-        }
-        catch (Exception e)
-        {
-            throw new IllegalStateException("unable to encode signature");
-        }
-    }
-
-    public boolean verifySignature(
-        byte[] signature)
-    {
-        if (forSigning)
-        {
-            throw new IllegalStateException("DSADigestSigner not initialised for verification");
-        }
-
-        byte[] hash = new byte[digest.getDigestSize()];
-        digest.doFinal(hash, 0);
-
-        try
-        {
-            BigInteger[] sig = encoding.decode(getOrder(), signature);
-
-            return dsa.verifySignature(hash, sig[0], sig[1]);
-        }
-        catch (Exception e)
-        {
-            return false;
-        }
-    }
-
-    public void reset()
-    {
-        digest.reset();
-    }
-
-    protected BigInteger getOrder()
-    {
-        return dsa instanceof DSAExt ? ((DSAExt)dsa).getOrder() : null;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/signers/DSTU4145Signer.java b/bcprov/src/main/java/org/bouncycastle/crypto/signers/DSTU4145Signer.java
deleted file mode 100644
index 34f6718..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/signers/DSTU4145Signer.java
+++ /dev/null

@@ -1,177 +0,0 @@
-package org.bouncycastle.crypto.signers;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.DSAExt;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECKeyParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.math.ec.ECAlgorithms;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECMultiplier;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.FixedPointCombMultiplier;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.BigIntegers;
-
-/**
- * DSTU 4145-2002
- * <p>
- * National Ukrainian standard of digital signature based on elliptic curves (DSTU 4145-2002).
- * </p>
- */
-public class DSTU4145Signer
-    implements DSAExt
-{
-    private static final BigInteger ONE = BigInteger.valueOf(1);
-
-    private ECKeyParameters key;
-    private SecureRandom random;
-
-    public void init(boolean forSigning, CipherParameters param)
-    {
-        if (forSigning)
-        {
-            if (param instanceof ParametersWithRandom)
-            {
-                ParametersWithRandom rParam = (ParametersWithRandom)param;
-
-                this.random = rParam.getRandom();
-                param = rParam.getParameters();
-            }
-            else
-            {
-                this.random = CryptoServicesRegistrar.getSecureRandom();
-            }
-
-            this.key = (ECPrivateKeyParameters)param;
-        }
-        else
-        {
-            this.key = (ECPublicKeyParameters)param;
-        }
-
-    }
-
-    public BigInteger getOrder()
-    {
-        return key.getParameters().getN();
-    }
-
-    public BigInteger[] generateSignature(byte[] message)
-    {
-        ECDomainParameters ec = key.getParameters();
-
-        ECCurve curve = ec.getCurve();
-
-        ECFieldElement h = hash2FieldElement(curve, message);
-        if (h.isZero())
-        {
-            h = curve.fromBigInteger(ONE);
-        }
-
-        BigInteger n = ec.getN();
-        BigInteger e, r, s;
-        ECFieldElement Fe, y;
-
-        BigInteger d = ((ECPrivateKeyParameters)key).getD();
-
-        ECMultiplier basePointMultiplier = createBasePointMultiplier();
-
-        do
-        {
-            do
-            {
-                do
-                {
-                    e = generateRandomInteger(n, random);
-                    Fe = basePointMultiplier.multiply(ec.getG(), e).normalize().getAffineXCoord();
-                }
-                while (Fe.isZero());
-
-                y = h.multiply(Fe);
-                r = fieldElement2Integer(n, y);
-            }
-            while (r.signum() == 0);
-
-            s = r.multiply(d).add(e).mod(n);
-        }
-        while (s.signum() == 0);
-
-        return new BigInteger[]{r, s};
-    }
-
-    public boolean verifySignature(byte[] message, BigInteger r, BigInteger s)
-    {
-        if (r.signum() <= 0 || s.signum() <= 0)
-        {
-            return false;
-        }
-
-        ECDomainParameters parameters = key.getParameters();
-
-        BigInteger n = parameters.getN();
-        if (r.compareTo(n) >= 0 || s.compareTo(n) >= 0)
-        {
-            return false;
-        }
-
-        ECCurve curve = parameters.getCurve();
-
-        ECFieldElement h = hash2FieldElement(curve, message);
-        if (h.isZero())
-        {
-            h = curve.fromBigInteger(ONE);
-        }
-
-        ECPoint R = ECAlgorithms.sumOfTwoMultiplies(parameters.getG(), s, ((ECPublicKeyParameters)key).getQ(), r).normalize();
-
-        // components must be bogus.
-        if (R.isInfinity())
-        {
-            return false;
-        }
-
-        ECFieldElement y = h.multiply(R.getAffineXCoord());
-        return fieldElement2Integer(n, y).compareTo(r) == 0;
-    }
-
-    protected ECMultiplier createBasePointMultiplier()
-    {
-        return new FixedPointCombMultiplier();
-    }
-
-    /**
-     * Generates random integer such, than its bit length is less than that of n
-     */
-    private static BigInteger generateRandomInteger(BigInteger n, SecureRandom random)
-    {
-        return BigIntegers.createRandomBigInteger(n.bitLength() - 1, random);
-    }
-
-    private static ECFieldElement hash2FieldElement(ECCurve curve, byte[] hash)
-    {
-        byte[] data = Arrays.reverse(hash);
-        return curve.fromBigInteger(truncate(new BigInteger(1, data), curve.getFieldSize()));
-    }
-
-    private static BigInteger fieldElement2Integer(BigInteger n, ECFieldElement fe)
-    {
-        return truncate(fe.toBigInteger(), n.bitLength() - 1);
-    }
-
-    private static BigInteger truncate(BigInteger x, int bitLength)
-    {
-        if (x.bitLength() > bitLength)
-        {
-            x = x.mod(ONE.shiftLeft(bitLength));
-        }
-        return x;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/signers/ECGOST3410Signer.java b/bcprov/src/main/java/org/bouncycastle/crypto/signers/ECGOST3410Signer.java
deleted file mode 100644
index 1a7d59f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/signers/ECGOST3410Signer.java
+++ /dev/null

@@ -1,167 +0,0 @@
-package org.bouncycastle.crypto.signers;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.DSAExt;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECKeyParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.math.ec.ECAlgorithms;
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECMultiplier;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.FixedPointCombMultiplier;
-import org.bouncycastle.util.BigIntegers;
-
-/**
- * GOST R 34.10-2001 Signature Algorithm
- */
-public class ECGOST3410Signer
-    implements DSAExt
-{
-    ECKeyParameters key;
-
-    SecureRandom    random;
-
-    public void init(
-        boolean                 forSigning,
-        CipherParameters        param)
-    {
-        if (forSigning)
-        {
-            if (param instanceof ParametersWithRandom)
-            {
-                ParametersWithRandom    rParam = (ParametersWithRandom)param;
-
-                this.random = rParam.getRandom();
-                this.key = (ECPrivateKeyParameters)rParam.getParameters();
-            }
-            else
-            {
-                this.random = CryptoServicesRegistrar.getSecureRandom();
-                this.key = (ECPrivateKeyParameters)param;
-            }
-        }
-        else
-        {
-            this.key = (ECPublicKeyParameters)param;
-        }
-    }
-
-    public BigInteger getOrder()
-    {
-        return key.getParameters().getN();
-    }
-
-    /**
-     * generate a signature for the given message using the key we were
-     * initialised with. For conventional GOST3410 the message should be a GOST3411
-     * hash of the message of interest.
-     *
-     * @param message the message that will be verified later.
-     */
-    public BigInteger[] generateSignature(
-        byte[] message)
-    {
-        byte[] mRev = new byte[message.length]; // conversion is little-endian
-        for (int i = 0; i != mRev.length; i++)
-        {
-            mRev[i] = message[mRev.length - 1 - i];
-        }
-
-        BigInteger e = new BigInteger(1, mRev);
-
-        ECDomainParameters ec = key.getParameters();
-        BigInteger n = ec.getN();
-        BigInteger d = ((ECPrivateKeyParameters)key).getD();
-
-        BigInteger r, s;
-
-        ECMultiplier basePointMultiplier = createBasePointMultiplier();
-
-        do // generate s
-        {
-            BigInteger k;
-            do // generate r
-            {
-                do
-                {
-                    k = BigIntegers.createRandomBigInteger(n.bitLength(), random);
-                }
-                while (k.equals(ECConstants.ZERO));
-
-                ECPoint p = basePointMultiplier.multiply(ec.getG(), k).normalize();
-
-                r = p.getAffineXCoord().toBigInteger().mod(n);
-            }
-            while (r.equals(ECConstants.ZERO));
-
-            s = (k.multiply(e)).add(d.multiply(r)).mod(n);
-        }
-        while (s.equals(ECConstants.ZERO));
-
-        return new BigInteger[]{ r, s };
-    }
-
-    /**
-     * return true if the value r and s represent a GOST3410 signature for
-     * the passed in message (for standard GOST3410 the message should be
-     * a GOST3411 hash of the real message to be verified).
-     */
-    public boolean verifySignature(
-        byte[]      message,
-        BigInteger  r,
-        BigInteger  s)
-    {
-        byte[] mRev = new byte[message.length]; // conversion is little-endian
-        for (int i = 0; i != mRev.length; i++)
-        {
-            mRev[i] = message[mRev.length - 1 - i];
-        }
-        
-        BigInteger e = new BigInteger(1, mRev);
-        BigInteger n = key.getParameters().getN();
-
-        // r in the range [1,n-1]
-        if (r.compareTo(ECConstants.ONE) < 0 || r.compareTo(n) >= 0)
-        {
-            return false;
-        }
-
-        // s in the range [1,n-1]
-        if (s.compareTo(ECConstants.ONE) < 0 || s.compareTo(n) >= 0)
-        {
-            return false;
-        }
-
-        BigInteger v = e.modInverse(n);
-
-        BigInteger z1 = s.multiply(v).mod(n);
-        BigInteger z2 = (n.subtract(r)).multiply(v).mod(n);
-
-        ECPoint G = key.getParameters().getG(); // P
-        ECPoint Q = ((ECPublicKeyParameters)key).getQ();
-
-        ECPoint point = ECAlgorithms.sumOfTwoMultiplies(G, z1, Q, z2).normalize();
-
-        // components must be bogus.
-        if (point.isInfinity())
-        {
-            return false;
-        }
-
-        BigInteger R = point.getAffineXCoord().toBigInteger().mod(n);
-
-        return R.equals(r);
-    }
-
-    protected ECMultiplier createBasePointMultiplier()
-    {
-        return new FixedPointCombMultiplier();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/signers/ECGOST3410_2012Signer.java b/bcprov/src/main/java/org/bouncycastle/crypto/signers/ECGOST3410_2012Signer.java
deleted file mode 100644
index 8efe9ad..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/signers/ECGOST3410_2012Signer.java
+++ /dev/null

@@ -1,167 +0,0 @@
-package org.bouncycastle.crypto.signers;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.DSAExt;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECKeyParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.math.ec.ECAlgorithms;
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECMultiplier;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.FixedPointCombMultiplier;
-import org.bouncycastle.util.BigIntegers;
-
-/**
- * GOST R 34.10-2012 Signature Algorithm
- */
-public class ECGOST3410_2012Signer
-    implements DSAExt
-{
-    ECKeyParameters key;
-
-    SecureRandom    random;
-
-    public void init(
-        boolean                 forSigning,
-        CipherParameters        param)
-    {
-        if (forSigning)
-        {
-            if (param instanceof ParametersWithRandom)
-            {
-                ParametersWithRandom    rParam = (ParametersWithRandom)param;
-
-                this.random = rParam.getRandom();
-                this.key = (ECPrivateKeyParameters)rParam.getParameters();
-            }
-            else
-            {
-                this.random = CryptoServicesRegistrar.getSecureRandom();
-                this.key = (ECPrivateKeyParameters)param;
-            }
-        }
-        else
-        {
-            this.key = (ECPublicKeyParameters)param;
-        }
-    }
-
-    public BigInteger getOrder()
-    {
-        return key.getParameters().getN();
-    }
-
-    /**
-     * generate a signature for the given message using the key we were
-     * initialised with. For conventional GOST3410 2012 the message should be a GOST3411 2012
-     * hash of the message of interest.
-     *
-     * @param message the message that will be verified later.
-     */
-    public BigInteger[] generateSignature(
-        byte[] message)
-    {
-        byte[] mRev = new byte[message.length]; // conversion is little-endian
-        for (int i = 0; i != mRev.length; i++)
-        {
-            mRev[i] = message[mRev.length - 1 - i];
-        }
-        BigInteger e = new BigInteger(1, mRev);
-
-        ECDomainParameters ec = key.getParameters();
-        BigInteger n = ec.getN();
-        BigInteger d = ((ECPrivateKeyParameters)key).getD();
-
-        BigInteger r, s;
-
-        ECMultiplier basePointMultiplier = createBasePointMultiplier();
-
-        do // generate s
-        {
-            BigInteger k;
-            do // generate r
-            {
-                do
-                {
-                    k = BigIntegers.createRandomBigInteger(n.bitLength(), random);
-                }
-                while (k.equals(ECConstants.ZERO));
-
-                ECPoint p = basePointMultiplier.multiply(ec.getG(), k).normalize();
-
-                r = p.getAffineXCoord().toBigInteger().mod(n);
-            }
-            while (r.equals(ECConstants.ZERO));
-
-            s = (k.multiply(e)).add(d.multiply(r)).mod(n);
-        }
-        while (s.equals(ECConstants.ZERO));
-
-        return new BigInteger[]{ r, s };
-    }
-
-    /**
-     * return true if the value r and s represent a GOST3410 2012 signature for
-     * the passed in message (for standard GOST3410 2012 the message should be
-     * a GOST3411 2012 hash of the real message to be verified).
-     */
-    public boolean verifySignature(
-        byte[]      message,
-        BigInteger  r,
-        BigInteger  s)
-    {
-
-
-        byte[] mRev = new byte[message.length]; // conversion is little-endian
-        for (int i = 0; i != mRev.length; i++)
-        {
-            mRev[i] = message[mRev.length - 1 - i];
-        }
-        BigInteger e = new BigInteger(1, mRev);
-        BigInteger n = key.getParameters().getN();
-
-        // r in the range [1,n-1]
-        if (r.compareTo(ECConstants.ONE) < 0 || r.compareTo(n) >= 0)
-        {
-            return false;
-        }
-
-        // s in the range [1,n-1]
-        if (s.compareTo(ECConstants.ONE) < 0 || s.compareTo(n) >= 0)
-        {
-            return false;
-        }
-
-        BigInteger v = e.modInverse(n);
-
-        BigInteger z1 = s.multiply(v).mod(n);
-        BigInteger z2 = (n.subtract(r)).multiply(v).mod(n);
-
-        ECPoint G = key.getParameters().getG(); // P
-        ECPoint Q = ((ECPublicKeyParameters)key).getQ();
-
-        ECPoint point = ECAlgorithms.sumOfTwoMultiplies(G, z1, Q, z2).normalize();
-
-        // components must be bogus.
-        if (point.isInfinity())
-        {
-            return false;
-        }
-
-        BigInteger R = point.getAffineXCoord().toBigInteger().mod(n);
-
-        return R.equals(r);
-    }
-
-    protected ECMultiplier createBasePointMultiplier()
-    {
-        return new FixedPointCombMultiplier();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/signers/ECNRSigner.java b/bcprov/src/main/java/org/bouncycastle/crypto/signers/ECNRSigner.java
deleted file mode 100644
index f7d1b55..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/signers/ECNRSigner.java
+++ /dev/null

@@ -1,194 +0,0 @@
-package org.bouncycastle.crypto.signers;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.DSAExt;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.generators.ECKeyPairGenerator;
-import org.bouncycastle.crypto.params.ECKeyGenerationParameters;
-import org.bouncycastle.crypto.params.ECKeyParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.math.ec.ECAlgorithms;
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECPoint;
-
-/**
- * EC-NR as described in IEEE 1363-2000
- */
-public class ECNRSigner
-    implements DSAExt
-{
-    private boolean             forSigning;
-    private ECKeyParameters     key;
-    private SecureRandom        random;
-
-    public void init(
-        boolean          forSigning, 
-        CipherParameters param) 
-    {
-        this.forSigning = forSigning;
-        
-        if (forSigning)
-        {
-            if (param instanceof ParametersWithRandom)
-            {
-                ParametersWithRandom    rParam = (ParametersWithRandom)param;
-
-                this.random = rParam.getRandom();
-                this.key = (ECPrivateKeyParameters)rParam.getParameters();
-            }
-            else
-            {
-                this.random = CryptoServicesRegistrar.getSecureRandom();
-                this.key = (ECPrivateKeyParameters)param;
-            }
-        }
-        else
-        {
-            this.key = (ECPublicKeyParameters)param;
-        }
-    }
-
-    public BigInteger getOrder()
-    {
-        return key.getParameters().getN();
-    }
-
-    // Section 7.2.5 ECSP-NR, pg 34
-    /**
-     * generate a signature for the given message using the key we were
-     * initialised with.  Generally, the order of the curve should be at 
-     * least as long as the hash of the message of interest, and with 
-     * ECNR it *must* be at least as long.  
-     *
-     * @param digest  the digest to be signed.
-     * @exception DataLengthException if the digest is longer than the key allows
-     */
-    public BigInteger[] generateSignature(
-        byte[] digest)
-    {
-        if (!this.forSigning) 
-        {
-            throw new IllegalStateException("not initialised for signing");
-        }
-        
-        BigInteger n = getOrder();
-        int nBitLength = n.bitLength();
-        
-        BigInteger e = new BigInteger(1, digest);
-        int eBitLength = e.bitLength();
-        
-        ECPrivateKeyParameters  privKey = (ECPrivateKeyParameters)key;
-               
-        if (eBitLength > nBitLength) 
-        {
-            throw new DataLengthException("input too large for ECNR key.");
-        }
-
-        BigInteger r = null;
-        BigInteger s = null;
-
-        AsymmetricCipherKeyPair tempPair;
-        do // generate r
-        {
-            // generate another, but very temporary, key pair using 
-            // the same EC parameters
-            ECKeyPairGenerator keyGen = new ECKeyPairGenerator();
-            
-            keyGen.init(new ECKeyGenerationParameters(privKey.getParameters(), this.random));
-            
-            tempPair = keyGen.generateKeyPair();
-
-            //    BigInteger Vx = tempPair.getPublic().getW().getAffineX();
-            ECPublicKeyParameters V = (ECPublicKeyParameters)tempPair.getPublic();        // get temp's public key
-            BigInteger Vx = V.getQ().getAffineXCoord().toBigInteger();                    // get the point's x coordinate
-
-            r = Vx.add(e).mod(n);
-        }
-        while (r.equals(ECConstants.ZERO));
-
-        // generate s
-        BigInteger x = privKey.getD();                // private key value
-        BigInteger u = ((ECPrivateKeyParameters)tempPair.getPrivate()).getD();    // temp's private key value
-        s = u.subtract(r.multiply(x)).mod(n);
-
-        BigInteger[]  res = new BigInteger[2];
-        res[0] = r;
-        res[1] = s;
-
-        return res;
-    }
-
-    // Section 7.2.6 ECVP-NR, pg 35
-    /**
-     * return true if the value r and s represent a signature for the 
-     * message passed in. Generally, the order of the curve should be at 
-     * least as long as the hash of the message of interest, and with 
-     * ECNR, it *must* be at least as long.  But just in case the signer
-     * applied mod(n) to the longer digest, this implementation will
-     * apply mod(n) during verification.
-     *
-     * @param digest  the digest to be verified.
-     * @param r       the r value of the signature.
-     * @param s       the s value of the signature.
-     * @exception DataLengthException if the digest is longer than the key allows
-     */
-    public boolean verifySignature(
-        byte[]      digest,
-        BigInteger  r,
-        BigInteger  s)
-    {
-        if (this.forSigning) 
-        {
-            throw new IllegalStateException("not initialised for verifying");
-        }
-
-        ECPublicKeyParameters pubKey = (ECPublicKeyParameters)key;
-        BigInteger n = pubKey.getParameters().getN();
-        int nBitLength = n.bitLength();
-        
-        BigInteger e = new BigInteger(1, digest);
-        int eBitLength = e.bitLength();
-        
-        if (eBitLength > nBitLength) 
-        {
-            throw new DataLengthException("input too large for ECNR key.");
-        }
-        
-        // r in the range [1,n-1]
-        if (r.compareTo(ECConstants.ONE) < 0 || r.compareTo(n) >= 0) 
-        {
-            return false;
-        }
-
-        // s in the range [0,n-1]           NB: ECNR spec says 0
-        if (s.compareTo(ECConstants.ZERO) < 0 || s.compareTo(n) >= 0) 
-        {
-            return false;
-        }
-
-        // compute P = sG + rW
-
-        ECPoint G = pubKey.getParameters().getG();
-        ECPoint W = pubKey.getQ();
-        // calculate P using Bouncy math
-        ECPoint P = ECAlgorithms.sumOfTwoMultiplies(G, s, W, r).normalize();
-
-        // components must be bogus.
-        if (P.isInfinity())
-        {
-            return false;
-        }
-
-        BigInteger x = P.getAffineXCoord().toBigInteger();
-        BigInteger t = r.subtract(x).mod(n);
-
-        return t.equals(e);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/signers/Ed25519Signer.java b/bcprov/src/main/java/org/bouncycastle/crypto/signers/Ed25519Signer.java
deleted file mode 100644
index 966b626..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/signers/Ed25519Signer.java
+++ /dev/null

@@ -1,104 +0,0 @@
-package org.bouncycastle.crypto.signers;
-
-import java.io.ByteArrayOutputStream;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.params.Ed25519PrivateKeyParameters;
-import org.bouncycastle.crypto.params.Ed25519PublicKeyParameters;
-import org.bouncycastle.math.ec.rfc8032.Ed25519;
-import org.bouncycastle.util.Arrays;
-
-public class Ed25519Signer
-    implements Signer
-{
-    private final Buffer buffer = new Buffer();
-
-    private boolean forSigning;
-    private Ed25519PrivateKeyParameters privateKey;
-    private Ed25519PublicKeyParameters publicKey;
-
-    public Ed25519Signer()
-    {
-    }
-
-    public void init(boolean forSigning, CipherParameters parameters)
-    {
-        this.forSigning = forSigning;
-
-        if (forSigning)
-        {
-            // TODO Allow AsymmetricCipherKeyPair to be a CipherParameters?
-
-            this.privateKey = (Ed25519PrivateKeyParameters)parameters;
-            this.publicKey = privateKey.generatePublicKey();
-        }
-        else
-        {
-            this.privateKey = null;
-            this.publicKey = (Ed25519PublicKeyParameters)parameters;
-        }
-
-        reset();
-    }
-
-    public void update(byte b)
-    {
-        buffer.write(b);
-    }
-
-    public void update(byte[] buf, int off, int len)
-    {
-        buffer.write(buf, off, len);
-    }
-
-    public byte[] generateSignature()
-    {
-        if (!forSigning || null == privateKey)
-        {
-            throw new IllegalStateException("Ed25519Signer not initialised for signature generation.");
-        }
-
-        return buffer.generateSignature(privateKey, publicKey);
-    }
-
-    public boolean verifySignature(byte[] signature)
-    {
-        if (forSigning || null == publicKey)
-        {
-            throw new IllegalStateException("Ed25519Signer not initialised for verification");
-        }
-
-        return buffer.verifySignature(publicKey, signature);
-    }
-
-    public void reset()
-    {
-        buffer.reset();
-    }
-
-    private static class Buffer extends ByteArrayOutputStream
-    {
-        synchronized byte[] generateSignature(Ed25519PrivateKeyParameters privateKey, Ed25519PublicKeyParameters publicKey)
-        {
-            byte[] signature = new byte[Ed25519PrivateKeyParameters.SIGNATURE_SIZE];
-            privateKey.sign(Ed25519.Algorithm.Ed25519, publicKey, null, buf, 0, count, signature, 0);
-            reset();
-            return signature;
-        }
-
-        synchronized boolean verifySignature(Ed25519PublicKeyParameters publicKey, byte[] signature)
-        {
-            byte[] pk = publicKey.getEncoded();
-            boolean result = Ed25519.verify(signature, 0, pk, 0, buf, 0, count);
-            reset();
-            return result;
-        }
-
-        public synchronized void reset()
-        {
-            Arrays.fill(buf, 0, count, (byte)0);
-            this.count = 0;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/signers/Ed25519ctxSigner.java b/bcprov/src/main/java/org/bouncycastle/crypto/signers/Ed25519ctxSigner.java
deleted file mode 100644
index 959ddf0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/signers/Ed25519ctxSigner.java
+++ /dev/null

@@ -1,106 +0,0 @@
-package org.bouncycastle.crypto.signers;
-
-import java.io.ByteArrayOutputStream;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.params.Ed25519PrivateKeyParameters;
-import org.bouncycastle.crypto.params.Ed25519PublicKeyParameters;
-import org.bouncycastle.math.ec.rfc8032.Ed25519;
-import org.bouncycastle.util.Arrays;
-
-public class Ed25519ctxSigner
-    implements Signer
-{
-    private final Buffer buffer = new Buffer();
-    private final byte[] context;
-
-    private boolean forSigning;
-    private Ed25519PrivateKeyParameters privateKey;
-    private Ed25519PublicKeyParameters publicKey;
-
-    public Ed25519ctxSigner(byte[] context)
-    {
-        this.context = Arrays.clone(context);
-    }
-
-    public void init(boolean forSigning, CipherParameters parameters)
-    {
-        this.forSigning = forSigning;
-
-        if (forSigning)
-        {
-            // TODO Allow AsymmetricCipherKeyPair to be a CipherParameters?
-
-            this.privateKey = (Ed25519PrivateKeyParameters)parameters;
-            this.publicKey = privateKey.generatePublicKey();
-        }
-        else
-        {
-            this.privateKey = null;
-            this.publicKey = (Ed25519PublicKeyParameters)parameters;
-        }
-
-        reset();
-    }
-
-    public void update(byte b)
-    {
-        buffer.write(b);
-    }
-
-    public void update(byte[] buf, int off, int len)
-    {
-        buffer.write(buf, off, len);
-    }
-
-    public byte[] generateSignature()
-    {
-        if (!forSigning || null == privateKey)
-        {
-            throw new IllegalStateException("Ed25519ctxSigner not initialised for signature generation.");
-        }
-
-        return buffer.generateSignature(privateKey, publicKey, context);
-    }
-
-    public boolean verifySignature(byte[] signature)
-    {
-        if (forSigning || null == publicKey)
-        {
-            throw new IllegalStateException("Ed25519ctxSigner not initialised for verification");
-        }
-
-        return buffer.verifySignature(publicKey, context, signature);
-    }
-
-    public void reset()
-    {
-        buffer.reset();
-    }
-
-    private static class Buffer extends ByteArrayOutputStream
-    {
-        synchronized byte[] generateSignature(Ed25519PrivateKeyParameters privateKey, Ed25519PublicKeyParameters publicKey, byte[] ctx)
-        {
-            byte[] signature = new byte[Ed25519PrivateKeyParameters.SIGNATURE_SIZE];
-            privateKey.sign(Ed25519.Algorithm.Ed25519ctx, publicKey, ctx, buf, 0, count, signature, 0);
-            reset();
-            return signature;
-        }
-
-        synchronized boolean verifySignature(Ed25519PublicKeyParameters publicKey, byte[] ctx, byte[] signature)
-        {
-            byte[] pk = publicKey.getEncoded();
-            boolean result = Ed25519.verify(signature, 0, pk, 0, ctx, buf, 0, count);
-            reset();
-            return result;
-        }
-
-        public synchronized void reset()
-        {
-            Arrays.fill(buf, 0, count, (byte)0);
-            this.count = 0;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/signers/Ed25519phSigner.java b/bcprov/src/main/java/org/bouncycastle/crypto/signers/Ed25519phSigner.java
deleted file mode 100644
index eec7d1c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/signers/Ed25519phSigner.java
+++ /dev/null

@@ -1,89 +0,0 @@
-package org.bouncycastle.crypto.signers;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.params.Ed25519PrivateKeyParameters;
-import org.bouncycastle.crypto.params.Ed25519PublicKeyParameters;
-import org.bouncycastle.math.ec.rfc8032.Ed25519;
-import org.bouncycastle.util.Arrays;
-
-public class Ed25519phSigner
-    implements Signer
-{
-    private final Digest prehash = Ed25519.createPrehash();
-    private final byte[] context;
-
-    private boolean forSigning;
-    private Ed25519PrivateKeyParameters privateKey;
-    private Ed25519PublicKeyParameters publicKey;
-
-    public Ed25519phSigner(byte[] context)
-    {
-        this.context = Arrays.clone(context);
-    }
-
-    public void init(boolean forSigning, CipherParameters parameters)
-    {
-        this.forSigning = forSigning;
-
-        if (forSigning)
-        {
-            // TODO Allow AsymmetricCipherKeyPair to be a CipherParameters?
-
-            this.privateKey = (Ed25519PrivateKeyParameters)parameters;
-            this.publicKey = privateKey.generatePublicKey();
-        }
-        else
-        {
-            this.privateKey = null;
-            this.publicKey = (Ed25519PublicKeyParameters)parameters;
-        }
-
-        reset();
-    }
-
-    public void update(byte b)
-    {
-        prehash.update(b);
-    }
-
-    public void update(byte[] buf, int off, int len)
-    {
-        prehash.update(buf, off, len);
-    }
-
-    public byte[] generateSignature()
-    {
-        if (!forSigning || null == privateKey)
-        {
-            throw new IllegalStateException("Ed25519phSigner not initialised for signature generation.");
-        }
-
-        byte[] msg = new byte[Ed25519.PREHASH_SIZE];
-        if (Ed25519.PREHASH_SIZE != prehash.doFinal(msg, 0))
-        {
-            throw new IllegalStateException("Prehash digest failed");
-        }
-
-        byte[] signature = new byte[Ed25519PrivateKeyParameters.SIGNATURE_SIZE];
-        privateKey.sign(Ed25519.Algorithm.Ed25519ph, publicKey, context, msg, 0, Ed25519.PREHASH_SIZE, signature, 0);
-        return signature;
-    }
-
-    public boolean verifySignature(byte[] signature)
-    {
-        if (forSigning || null == publicKey)
-        {
-            throw new IllegalStateException("Ed25519phSigner not initialised for verification");
-        }
-
-        byte[] pk = publicKey.getEncoded();
-        return Ed25519.verifyPrehash(signature, 0, pk, 0, context, prehash);
-    }
-
-    public void reset()
-    {
-        prehash.reset();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/signers/Ed448Signer.java b/bcprov/src/main/java/org/bouncycastle/crypto/signers/Ed448Signer.java
deleted file mode 100644
index f5122d0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/signers/Ed448Signer.java
+++ /dev/null

@@ -1,107 +0,0 @@
-package org.bouncycastle.crypto.signers;
-
-import java.io.ByteArrayOutputStream;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.params.Ed448PrivateKeyParameters;
-import org.bouncycastle.crypto.params.Ed448PublicKeyParameters;
-import org.bouncycastle.math.ec.rfc8032.Ed448;
-import org.bouncycastle.util.Arrays;
-
-
-public class Ed448Signer
-    implements Signer
-{
-    private final Buffer buffer = new Buffer();
-    private final byte[] context;
-
-    private boolean forSigning;
-    private Ed448PrivateKeyParameters privateKey;
-    private Ed448PublicKeyParameters publicKey;
-
-    public Ed448Signer(byte[] context)
-    {
-        this.context = Arrays.clone(context);
-    }
-
-    public void init(boolean forSigning, CipherParameters parameters)
-    {
-        this.forSigning = forSigning;
-
-        if (forSigning)
-        {
-            // TODO Allow AsymmetricCipherKeyPair to be a CipherParameters?
-
-            this.privateKey = (Ed448PrivateKeyParameters)parameters;
-            this.publicKey = privateKey.generatePublicKey();
-        }
-        else
-        {
-            this.privateKey = null;
-            this.publicKey = (Ed448PublicKeyParameters)parameters;
-        }
-
-        reset();
-    }
-
-    public void update(byte b)
-    {
-        buffer.write(b);
-    }
-
-    public void update(byte[] buf, int off, int len)
-    {
-        buffer.write(buf, off, len);
-    }
-
-    public byte[] generateSignature()
-    {
-        if (!forSigning || null == privateKey)
-        {
-            throw new IllegalStateException("Ed448Signer not initialised for signature generation.");
-        }
-
-        return buffer.generateSignature(privateKey, publicKey, context);
-    }
-
-    public boolean verifySignature(byte[] signature)
-    {
-        if (forSigning || null == publicKey)
-        {
-            throw new IllegalStateException("Ed448Signer not initialised for verification");
-        }
-
-        return buffer.verifySignature(publicKey, context, signature);
-    }
-
-    public void reset()
-    {
-        buffer.reset();
-    }
-
-    private static class Buffer extends ByteArrayOutputStream
-    {
-        synchronized byte[] generateSignature(Ed448PrivateKeyParameters privateKey, Ed448PublicKeyParameters publicKey, byte[] ctx)
-        {
-            byte[] signature = new byte[Ed448PrivateKeyParameters.SIGNATURE_SIZE];
-            privateKey.sign(Ed448.Algorithm.Ed448, publicKey, ctx, buf, 0, count, signature, 0);
-            reset();
-            return signature;
-        }
-
-        synchronized boolean verifySignature(Ed448PublicKeyParameters publicKey, byte[] ctx, byte[] signature)
-        {
-            byte[] pk = publicKey.getEncoded();
-            boolean result = Ed448.verify(signature, 0, pk, 0, ctx, buf, 0, count);
-            reset();
-            return result;
-        }
-
-        public synchronized void reset()
-        {
-            Arrays.fill(buf, 0, count, (byte)0);
-            this.count = 0;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/signers/Ed448phSigner.java b/bcprov/src/main/java/org/bouncycastle/crypto/signers/Ed448phSigner.java
deleted file mode 100644
index 2db2465..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/signers/Ed448phSigner.java
+++ /dev/null

@@ -1,89 +0,0 @@
-package org.bouncycastle.crypto.signers;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.Xof;
-import org.bouncycastle.crypto.params.Ed448PrivateKeyParameters;
-import org.bouncycastle.crypto.params.Ed448PublicKeyParameters;
-import org.bouncycastle.math.ec.rfc8032.Ed448;
-import org.bouncycastle.util.Arrays;
-
-public class Ed448phSigner
-    implements Signer
-{
-    private final Xof prehash = Ed448.createPrehash();
-    private final byte[] context;
-
-    private boolean forSigning;
-    private Ed448PrivateKeyParameters privateKey;
-    private Ed448PublicKeyParameters publicKey;
-
-    public Ed448phSigner(byte[] context)
-    {
-        this.context = Arrays.clone(context);
-    }
-
-    public void init(boolean forSigning, CipherParameters parameters)
-    {
-        this.forSigning = forSigning;
-
-        if (forSigning)
-        {
-            // TODO Allow AsymmetricCipherKeyPair to be a CipherParameters?
-
-            this.privateKey = (Ed448PrivateKeyParameters)parameters;
-            this.publicKey = privateKey.generatePublicKey();
-        }
-        else
-        {
-            this.privateKey = null;
-            this.publicKey = (Ed448PublicKeyParameters)parameters;
-        }
-
-        reset();
-    }
-
-    public void update(byte b)
-    {
-        prehash.update(b);
-    }
-
-    public void update(byte[] buf, int off, int len)
-    {
-        prehash.update(buf, off, len);
-    }
-
-    public byte[] generateSignature()
-    {
-        if (!forSigning || null == privateKey)
-        {
-            throw new IllegalStateException("Ed448phSigner not initialised for signature generation.");
-        }
-
-        byte[] msg = new byte[Ed448.PREHASH_SIZE];
-        if (Ed448.PREHASH_SIZE != prehash.doFinal(msg, 0, Ed448.PREHASH_SIZE))
-        {
-            throw new IllegalStateException("Prehash digest failed");
-        }
-
-        byte[] signature = new byte[Ed448PrivateKeyParameters.SIGNATURE_SIZE];
-        privateKey.sign(Ed448.Algorithm.Ed448ph, publicKey, context, msg, 0, Ed448.PREHASH_SIZE, signature, 0);
-        return signature;
-    }
-
-    public boolean verifySignature(byte[] signature)
-    {
-        if (forSigning || null == publicKey)
-        {
-            throw new IllegalStateException("Ed448phSigner not initialised for verification");
-        }
-
-        byte[] pk = publicKey.getEncoded();
-        return Ed448.verifyPrehash(signature, 0, pk, 0, context, prehash);
-    }
-
-    public void reset()
-    {
-        prehash.reset();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/signers/GOST3410Signer.java b/bcprov/src/main/java/org/bouncycastle/crypto/signers/GOST3410Signer.java
deleted file mode 100644
index 6719448..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/signers/GOST3410Signer.java
+++ /dev/null

@@ -1,138 +0,0 @@
-package org.bouncycastle.crypto.signers;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.DSAExt;
-import org.bouncycastle.crypto.params.GOST3410KeyParameters;
-import org.bouncycastle.crypto.params.GOST3410Parameters;
-import org.bouncycastle.crypto.params.GOST3410PrivateKeyParameters;
-import org.bouncycastle.crypto.params.GOST3410PublicKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.util.BigIntegers;
-
-/**
- * GOST R 34.10-94 Signature Algorithm
- */
-public class GOST3410Signer
-        implements DSAExt
-{
-        GOST3410KeyParameters key;
-
-        SecureRandom    random;
-
-        public void init(
-            boolean                 forSigning,
-            CipherParameters        param)
-        {
-            if (forSigning)
-            {
-                if (param instanceof ParametersWithRandom)
-                {
-                    ParametersWithRandom rParam = (ParametersWithRandom)param;
-
-                    this.random = rParam.getRandom();
-                    this.key = (GOST3410PrivateKeyParameters)rParam.getParameters();
-                }
-                else
-                {
-                    this.random = CryptoServicesRegistrar.getSecureRandom();
-                    this.key = (GOST3410PrivateKeyParameters)param;
-                }
-            }
-            else
-            {
-                this.key = (GOST3410PublicKeyParameters)param;
-            }
-        }
-
-        public BigInteger getOrder()
-        {
-            return key.getParameters().getQ();
-        }
-
-        /**
-         * generate a signature for the given message using the key we were
-         * initialised with. For conventional GOST3410 the message should be a GOST3411
-         * hash of the message of interest.
-         *
-         * @param message the message that will be verified later.
-         */
-        public BigInteger[] generateSignature(
-            byte[] message)
-        {
-            byte[] mRev = new byte[message.length]; // conversion is little-endian
-            for (int i = 0; i != mRev.length; i++)
-            {
-                mRev[i] = message[mRev.length - 1 - i];
-            }
-            
-            BigInteger      m = new BigInteger(1, mRev);
-            GOST3410Parameters   params = key.getParameters();
-            BigInteger      k;
-
-            do
-            {
-                k = BigIntegers.createRandomBigInteger(params.getQ().bitLength(), random);
-            }
-            while (k.compareTo(params.getQ()) >= 0);
-
-            BigInteger  r = params.getA().modPow(k, params.getP()).mod(params.getQ());
-
-            BigInteger  s = k.multiply(m).
-                                add(((GOST3410PrivateKeyParameters)key).getX().multiply(r)).
-                                    mod(params.getQ());
-
-            BigInteger[]  res = new BigInteger[2];
-
-            res[0] = r;
-            res[1] = s;
-
-            return res;
-        }
-
-        /**
-         * return true if the value r and s represent a GOST3410 signature for
-         * the passed in message for standard GOST3410 the message should be a
-         * GOST3411 hash of the real message to be verified.
-         */
-        public boolean verifySignature(
-            byte[]      message,
-            BigInteger  r,
-            BigInteger  s)
-        {
-            byte[] mRev = new byte[message.length]; // conversion is little-endian
-            for (int i = 0; i != mRev.length; i++)
-            {
-                mRev[i] = message[mRev.length - 1 - i];
-            }
-            
-            BigInteger           m = new BigInteger(1, mRev);
-            GOST3410Parameters params = key.getParameters();
-            BigInteger           zero = BigInteger.valueOf(0);
-
-            if (zero.compareTo(r) >= 0 || params.getQ().compareTo(r) <= 0)
-            {
-                return false;
-            }
-
-            if (zero.compareTo(s) >= 0 || params.getQ().compareTo(s) <= 0)
-            {
-                return false;
-            }
-
-            BigInteger  v = m.modPow(params.getQ().subtract(new BigInteger("2")),params.getQ());
-
-            BigInteger  z1 = s.multiply(v).mod(params.getQ());
-            BigInteger  z2 = (params.getQ().subtract(r)).multiply(v).mod(params.getQ());
-            
-            z1 = params.getA().modPow(z1, params.getP());
-            z2 = ((GOST3410PublicKeyParameters)key).getY().modPow(z2, params.getP());
-
-            BigInteger  u = z1.multiply(z2).mod(params.getP()).mod(params.getQ());
-
-            return u.equals(r);
-        }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/signers/GenericSigner.java b/bcprov/src/main/java/org/bouncycastle/crypto/signers/GenericSigner.java
deleted file mode 100644
index add087e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/signers/GenericSigner.java
+++ /dev/null

@@ -1,144 +0,0 @@
-package org.bouncycastle.crypto.signers;
-
-import org.bouncycastle.crypto.AsymmetricBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.util.Arrays;
-
-public class GenericSigner
-    implements Signer
-{
-    private final AsymmetricBlockCipher engine;
-    private final Digest digest;
-    private boolean forSigning;
-
-    public GenericSigner(
-        AsymmetricBlockCipher engine,
-        Digest                digest)
-    {
-        this.engine = engine;
-        this.digest = digest;
-    }
-
-    /**
-     * initialise the signer for signing or verification.
-     *
-     * @param forSigning
-     *            true if for signing, false otherwise
-     * @param parameters
-     *            necessary parameters.
-     */
-    public void init(
-        boolean          forSigning,
-        CipherParameters parameters)
-    {
-        this.forSigning = forSigning;
-        AsymmetricKeyParameter k;
-
-        if (parameters instanceof ParametersWithRandom)
-        {
-            k = (AsymmetricKeyParameter)((ParametersWithRandom)parameters).getParameters();
-        }
-        else
-        {
-            k = (AsymmetricKeyParameter)parameters;
-        }
-
-        if (forSigning && !k.isPrivate())
-        {
-            throw new IllegalArgumentException("signing requires private key");
-        }
-
-        if (!forSigning && k.isPrivate())
-        {
-            throw new IllegalArgumentException("verification requires public key");
-        }
-
-        reset();
-
-        engine.init(forSigning, parameters);
-    }
-
-    /**
-     * update the internal digest with the byte b
-     */
-    public void update(
-        byte input)
-    {
-        digest.update(input);
-    }
-
-    /**
-     * update the internal digest with the byte array in
-     */
-    public void update(
-        byte[]  input,
-        int     inOff,
-        int     length)
-    {
-        digest.update(input, inOff, length);
-    }
-
-    /**
-     * Generate a signature for the message we've been loaded with using the key
-     * we were initialised with.
-     */
-    public byte[] generateSignature()
-        throws CryptoException, DataLengthException
-    {
-        if (!forSigning)
-        {
-            throw new IllegalStateException("GenericSigner not initialised for signature generation.");
-        }
-
-        byte[] hash = new byte[digest.getDigestSize()];
-        digest.doFinal(hash, 0);
-
-        return engine.processBlock(hash, 0, hash.length);
-    }
-
-    /**
-     * return true if the internal state represents the signature described in
-     * the passed in array.
-     */
-    public boolean verifySignature(
-        byte[] signature)
-    {
-        if (forSigning)
-        {
-            throw new IllegalStateException("GenericSigner not initialised for verification");
-        }
-
-        byte[] hash = new byte[digest.getDigestSize()];
-        digest.doFinal(hash, 0);
-
-        try
-        {
-            byte[] sig = engine.processBlock(signature, 0, signature.length);
-
-            // Extend with leading zeroes to match the digest size, if necessary.
-            if (sig.length < hash.length)
-            {
-                byte[] tmp = new byte[hash.length];
-                System.arraycopy(sig, 0, tmp, tmp.length - sig.length, sig.length);
-                sig = tmp;
-            }
-
-            return Arrays.constantTimeAreEqual(sig, hash);
-        }
-        catch (Exception e)
-        {
-            return false;
-        }
-    }
-
-    public void reset()
-    {
-        digest.reset();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/signers/HMacDSAKCalculator.java b/bcprov/src/main/java/org/bouncycastle/crypto/signers/HMacDSAKCalculator.java
deleted file mode 100644
index f5cabd9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/signers/HMacDSAKCalculator.java
+++ /dev/null

@@ -1,153 +0,0 @@
-package org.bouncycastle.crypto.signers;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.BigIntegers;
-
-/**
- * A deterministic K calculator based on the algorithm in section 3.2 of RFC 6979.
- */
-public class HMacDSAKCalculator
-    implements DSAKCalculator
-{
-    private static final BigInteger ZERO = BigInteger.valueOf(0);
-
-    private final HMac hMac;
-    private final byte[] K;
-    private final byte[] V;
-
-    private BigInteger n;
-
-    /**
-     * Base constructor.
-     *
-     * @param digest digest to build the HMAC on.
-     */
-    public HMacDSAKCalculator(Digest digest)
-    {
-        this.hMac = new HMac(digest);
-        this.V = new byte[hMac.getMacSize()];
-        this.K = new byte[hMac.getMacSize()];
-    }
-
-    public boolean isDeterministic()
-    {
-        return true;
-    }
-
-    public void init(BigInteger n, SecureRandom random)
-    {
-        throw new IllegalStateException("Operation not supported");
-    }
-
-    public void init(BigInteger n, BigInteger d, byte[] message)
-    {
-        this.n = n;
-
-        Arrays.fill(V, (byte)0x01);
-        Arrays.fill(K, (byte)0);
-
-        int size = BigIntegers.getUnsignedByteLength(n);
-        byte[] x = new byte[size];
-        byte[] dVal = BigIntegers.asUnsignedByteArray(d);
-
-        System.arraycopy(dVal, 0, x, x.length - dVal.length, dVal.length);
-
-        byte[] m = new byte[size];
-
-        BigInteger mInt = bitsToInt(message);
-
-        if (mInt.compareTo(n) >= 0)
-        {
-            mInt = mInt.subtract(n);
-        }
-
-        byte[] mVal = BigIntegers.asUnsignedByteArray(mInt);
-
-        System.arraycopy(mVal, 0, m, m.length - mVal.length, mVal.length);
-
-        hMac.init(new KeyParameter(K));
-
-        hMac.update(V, 0, V.length);
-        hMac.update((byte)0x00);
-        hMac.update(x, 0, x.length);
-        hMac.update(m, 0, m.length);
-
-        hMac.doFinal(K, 0);
-
-        hMac.init(new KeyParameter(K));
-
-        hMac.update(V, 0, V.length);
-
-        hMac.doFinal(V, 0);
-
-        hMac.update(V, 0, V.length);
-        hMac.update((byte)0x01);
-        hMac.update(x, 0, x.length);
-        hMac.update(m, 0, m.length);
-
-        hMac.doFinal(K, 0);
-
-        hMac.init(new KeyParameter(K));
-
-        hMac.update(V, 0, V.length);
-
-        hMac.doFinal(V, 0);
-    }
-
-    public BigInteger nextK()
-    {
-        byte[] t = new byte[BigIntegers.getUnsignedByteLength(n)];
-
-        for (;;)
-        {
-            int tOff = 0;
-
-            while (tOff < t.length)
-            {
-                hMac.update(V, 0, V.length);
-
-                hMac.doFinal(V, 0);
-
-                int len = Math.min(t.length - tOff, V.length);
-                System.arraycopy(V, 0, t, tOff, len);
-                tOff += len;
-            }
-
-            BigInteger k = bitsToInt(t);
-
-            if (k.compareTo(ZERO) > 0 && k.compareTo(n) < 0)
-            {
-                return k;
-            }
-
-            hMac.update(V, 0, V.length);
-            hMac.update((byte)0x00);
-
-            hMac.doFinal(K, 0);
-
-            hMac.init(new KeyParameter(K));
-
-            hMac.update(V, 0, V.length);
-
-            hMac.doFinal(V, 0);
-        }
-    }
-
-    private BigInteger bitsToInt(byte[] t)
-    {
-        BigInteger v = new BigInteger(1, t);
-
-        if (t.length * 8 > n.bitLength())
-        {
-            v = v.shiftRight(t.length * 8 - n.bitLength());
-        }
-
-        return v;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/signers/ISO9796d2PSSSigner.java b/bcprov/src/main/java/org/bouncycastle/crypto/signers/ISO9796d2PSSSigner.java
deleted file mode 100644
index 2ee1808..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/signers/ISO9796d2PSSSigner.java
+++ /dev/null

@@ -1,681 +0,0 @@
-package org.bouncycastle.crypto.signers;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.SignerWithRecovery;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.params.ParametersWithSalt;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.util.Arrays;
-
-/**
- * ISO9796-2 - mechanism using a hash function with recovery (scheme 2 and 3).
- * <p>
- * Note: the usual length for the salt is the length of the hash
- * function used in bytes.
- */
-public class ISO9796d2PSSSigner
-    implements SignerWithRecovery
-{
-    /** @deprecated use ISOTrailers */
-    static final public int   TRAILER_IMPLICIT    = 0xBC;
-    /** @deprecated use ISOTrailers */
-    static final public int   TRAILER_RIPEMD160   = 0x31CC;
-    /** @deprecated use ISOTrailers */
-    static final public int   TRAILER_RIPEMD128   = 0x32CC;
-    /** @deprecated use ISOTrailers */
-    static final public int   TRAILER_SHA1        = 0x33CC;
-    /** @deprecated use ISOTrailers */
-    static final public int   TRAILER_SHA256      = 0x34CC;
-    /** @deprecated use ISOTrailers */
-    static final public int   TRAILER_SHA512      = 0x35CC;
-    /** @deprecated use ISOTrailers */
-    static final public int   TRAILER_SHA384      = 0x36CC;
-    /** @deprecated use ISOTrailers */
-    static final public int   TRAILER_WHIRLPOOL   = 0x37CC;
-
-    private Digest digest;
-    private AsymmetricBlockCipher cipher;
-
-    private SecureRandom random;
-    private byte[] standardSalt;
-
-    private int hLen;
-    private int trailer;
-    private int keyBits;
-    private byte[] block;
-    private byte[] mBuf;
-    private int messageLength;
-    private int saltLength;
-    private boolean fullMessage;
-    private byte[] recoveredMessage;
-
-    private byte[] preSig;
-    private byte[] preBlock;
-    private int preMStart;
-    private int preTLength;
-
-    /**
-     * Generate a signer with either implicit or explicit trailers for ISO9796-2, scheme 2 or 3.
-     *
-     * @param cipher     base cipher to use for signature creation/verification
-     * @param digest     digest to use.
-     * @param saltLength length of salt in bytes.
-     * @param implicit   whether or not the trailer is implicit or gives the hash.
-     */
-    public ISO9796d2PSSSigner(
-        AsymmetricBlockCipher cipher,
-        Digest digest,
-        int saltLength,
-        boolean implicit)
-    {
-        this.cipher = cipher;
-        this.digest = digest;
-        this.hLen = digest.getDigestSize();
-        this.saltLength = saltLength;
-
-        if (implicit)
-        {
-            trailer = ISOTrailers.TRAILER_IMPLICIT;
-        }
-        else
-        {
-            Integer trailerObj = ISOTrailers.getTrailer(digest);
-
-            if (trailerObj != null)
-            {
-                trailer = trailerObj.intValue();
-            }
-            else
-            {
-                throw new IllegalArgumentException("no valid trailer for digest: " + digest.getAlgorithmName());
-            }
-        }
-    }
-
-    /**
-     * Constructor for a signer with an explicit digest trailer.
-     *
-     * @param cipher     cipher to use.
-     * @param digest     digest to sign with.
-     * @param saltLength length of salt in bytes.
-     */
-    public ISO9796d2PSSSigner(
-        AsymmetricBlockCipher cipher,
-        Digest digest,
-        int saltLength)
-    {
-        this(cipher, digest, saltLength, false);
-    }
-
-    /**
-     * Initialise the signer.
-     *
-     * @param forSigning true if for signing, false if for verification.
-     * @param param      parameters for signature generation/verification. If the
-     *                   parameters are for generation they should be a ParametersWithRandom,
-     *                   a ParametersWithSalt, or just an RSAKeyParameters object. If RSAKeyParameters
-     *                   are passed in a SecureRandom will be created.
-     * @throws IllegalArgumentException if wrong parameter type or a fixed
-     * salt is passed in which is the wrong length.
-     */
-    public void init(
-        boolean forSigning,
-        CipherParameters param)
-    {
-        RSAKeyParameters kParam;
-        int lengthOfSalt = saltLength;
-
-        if (param instanceof ParametersWithRandom)
-        {
-            ParametersWithRandom p = (ParametersWithRandom)param;
-
-            kParam = (RSAKeyParameters)p.getParameters();
-            if (forSigning)
-            {
-                random = p.getRandom();
-            }
-        }
-        else if (param instanceof ParametersWithSalt)
-        {
-            ParametersWithSalt p = (ParametersWithSalt)param;
-
-            kParam = (RSAKeyParameters)p.getParameters();
-            standardSalt = p.getSalt();
-            lengthOfSalt = standardSalt.length;
-            if (standardSalt.length != saltLength)
-            {
-                throw new IllegalArgumentException("Fixed salt is of wrong length");
-            }
-        }
-        else
-        {
-            kParam = (RSAKeyParameters)param;
-            if (forSigning)
-            {
-                random = CryptoServicesRegistrar.getSecureRandom();
-            }
-        }
-
-        cipher.init(forSigning, kParam);
-
-        keyBits = kParam.getModulus().bitLength();
-
-        block = new byte[(keyBits + 7) / 8];
-
-        if (trailer == ISOTrailers.TRAILER_IMPLICIT)
-        {
-            mBuf = new byte[block.length - digest.getDigestSize() - lengthOfSalt - 1 - 1];
-        }
-        else
-        {
-            mBuf = new byte[block.length - digest.getDigestSize() - lengthOfSalt - 1 - 2];
-        }
-
-        reset();
-    }
-
-    /**
-     * compare two byte arrays - constant time
-     */
-    private boolean isSameAs(
-        byte[] a,
-        byte[] b)
-    {
-        boolean isOkay = true;
-
-        if (messageLength != b.length)
-        {
-            isOkay = false;
-        }
-
-        for (int i = 0; i != b.length; i++)
-        {
-            if (a[i] != b[i])
-            {
-                isOkay = false;
-            }
-        }
-
-        return isOkay;
-    }
-
-    /**
-     * clear possible sensitive data
-     */
-    private void clearBlock(
-        byte[] block)
-    {
-        for (int i = 0; i != block.length; i++)
-        {
-            block[i] = 0;
-        }
-    }
-
-    public void updateWithRecoveredMessage(byte[] signature)
-        throws InvalidCipherTextException
-    {
-        byte[] block = cipher.processBlock(signature, 0, signature.length);
-
-        //
-        // adjust block size for leading zeroes if necessary
-        //
-        if (block.length < (keyBits + 7) / 8)
-        {
-            byte[] tmp = new byte[(keyBits + 7) / 8];
-
-            System.arraycopy(block, 0, tmp, tmp.length - block.length, block.length);
-            clearBlock(block);
-            block = tmp;
-        }
-
-        int tLength;
-
-        if (((block[block.length - 1] & 0xFF) ^ 0xBC) == 0)
-        {
-            tLength = 1;
-        }
-        else
-        {
-            int sigTrail = ((block[block.length - 2] & 0xFF) << 8) | (block[block.length - 1] & 0xFF);
-
-            Integer trailerObj = ISOTrailers.getTrailer(digest);
-
-            if (trailerObj != null)
-            {
-                int trailer = trailerObj.intValue();
-                if (sigTrail != trailer)
-                {
-                    if (!(trailer == ISOTrailers.TRAILER_SHA512_256 && sigTrail == 0x40CC))
-                    {
-                        throw new IllegalStateException("signer initialised with wrong digest for trailer " + sigTrail);
-                    }
-                }
-            }
-            else
-            {
-                throw new IllegalArgumentException("unrecognised hash in signature");
-            }
-
-            tLength = 2;
-        }
-
-        //
-        // calculate H(m2)
-        //
-        byte[] m2Hash = new byte[hLen];
-        digest.doFinal(m2Hash, 0);
-
-        //
-        // remove the mask
-        //
-        byte[] dbMask = maskGeneratorFunction1(block, block.length - hLen - tLength, hLen, block.length - hLen - tLength);
-        for (int i = 0; i != dbMask.length; i++)
-        {
-            block[i] ^= dbMask[i];
-        }
-
-        block[0] &= 0x7f;
-
-        //
-        // find out how much padding we've got
-        //
-        int mStart = 0;
-        for (; mStart != block.length; mStart++)
-        {
-            if (block[mStart] == 0x01)
-            {
-                break;
-            }
-        }
-
-        mStart++;
-
-        if (mStart >= block.length)
-        {
-            clearBlock(block);
-        }
-
-        fullMessage = (mStart > 1);
-
-        recoveredMessage = new byte[dbMask.length - mStart - saltLength];
-
-        System.arraycopy(block, mStart, recoveredMessage, 0, recoveredMessage.length);
-        System.arraycopy(recoveredMessage, 0, mBuf, 0, recoveredMessage.length);
-
-        preSig = signature;
-        preBlock = block;
-        preMStart = mStart;
-        preTLength = tLength;
-    }
-
-    /**
-     * update the internal digest with the byte b
-     */
-    public void update(
-        byte b)
-    {
-        if (preSig == null && messageLength < mBuf.length)
-        {
-            mBuf[messageLength++] = b;
-        }
-        else
-        {
-            digest.update(b);
-        }
-    }
-
-    /**
-     * update the internal digest with the byte array in
-     */
-    public void update(
-        byte[] in,
-        int off,
-        int len)
-    {
-        if (preSig == null)
-        {
-            while (len > 0 && messageLength < mBuf.length)
-            {
-                this.update(in[off]);
-                off++;
-                len--;
-            }
-        }
-
-        if (len > 0)
-        {
-            digest.update(in, off, len);
-        }
-    }
-
-    /**
-     * reset the internal state
-     */
-    public void reset()
-    {
-        digest.reset();
-        messageLength = 0;
-        if (mBuf != null)
-        {
-            clearBlock(mBuf);
-        }
-        if (recoveredMessage != null)
-        {
-            clearBlock(recoveredMessage);
-            recoveredMessage = null;
-        }
-        fullMessage = false;
-        if (preSig != null)
-        {
-            preSig = null;
-            clearBlock(preBlock);
-            preBlock = null;
-        }
-    }
-
-    /**
-     * generate a signature for the loaded message using the key we were
-     * initialised with.
-     */
-    public byte[] generateSignature()
-        throws CryptoException
-    {
-        int digSize = digest.getDigestSize();
-
-        byte[] m2Hash = new byte[digSize];
-
-        digest.doFinal(m2Hash, 0);
-
-        byte[] C = new byte[8];
-        LtoOSP(messageLength * 8, C);
-
-        digest.update(C, 0, C.length);
-
-        digest.update(mBuf, 0, messageLength);
-
-        digest.update(m2Hash, 0, m2Hash.length);
-
-        byte[] salt;
-
-        if (standardSalt != null)
-        {
-            salt = standardSalt;
-        }
-        else
-        {
-            salt = new byte[saltLength];
-            random.nextBytes(salt);
-        }
-
-        digest.update(salt, 0, salt.length);
-
-        byte[] hash = new byte[digest.getDigestSize()];
-
-        digest.doFinal(hash, 0);
-
-        int tLength = 2;
-        if (trailer == ISOTrailers.TRAILER_IMPLICIT)
-        {
-            tLength = 1;
-        }
-
-        int off = block.length - messageLength - salt.length - hLen - tLength - 1;
-
-        block[off] = 0x01;
-
-        System.arraycopy(mBuf, 0, block, off + 1, messageLength);
-        System.arraycopy(salt, 0, block, off + 1 + messageLength, salt.length);
-
-        byte[] dbMask = maskGeneratorFunction1(hash, 0, hash.length, block.length - hLen - tLength);
-        for (int i = 0; i != dbMask.length; i++)
-        {
-            block[i] ^= dbMask[i];
-        }
-
-        System.arraycopy(hash, 0, block, block.length - hLen - tLength, hLen);
-
-        if (trailer == ISOTrailers.TRAILER_IMPLICIT)
-        {
-            block[block.length - 1] = (byte)ISOTrailers.TRAILER_IMPLICIT;
-        }
-        else
-        {
-            block[block.length - 2] = (byte)(trailer >>> 8);
-            block[block.length - 1] = (byte)trailer;
-        }
-
-        block[0] &= 0x7f;
-
-        byte[] b = cipher.processBlock(block, 0, block.length);
-
-        recoveredMessage = new byte[messageLength];
-
-        fullMessage = (messageLength <= mBuf.length);
-        System.arraycopy(mBuf, 0, recoveredMessage, 0, recoveredMessage.length);
-
-        clearBlock(mBuf);
-        clearBlock(block);
-        messageLength = 0;
-
-        return b;
-    }
-
-    /**
-     * return true if the signature represents a ISO9796-2 signature
-     * for the passed in message.
-     */
-    public boolean verifySignature(
-        byte[] signature)
-    {
-        //
-        // calculate H(m2)
-        //
-        byte[] m2Hash = new byte[hLen];
-        digest.doFinal(m2Hash, 0);
-
-        byte[] block;
-        int tLength;
-        int mStart = 0;
-
-        if (preSig == null)
-        {
-            try
-            {
-                updateWithRecoveredMessage(signature);
-            }
-            catch (Exception e)
-            {
-                return false;
-            }
-        }
-        else
-        {
-            if (!Arrays.areEqual(preSig, signature))
-            {
-                throw new IllegalStateException("updateWithRecoveredMessage called on different signature");
-            }
-        }
-
-        block = preBlock;
-        mStart = preMStart;
-        tLength = preTLength;
-
-        preSig = null;
-        preBlock = null;
-
-        //
-        // check the hashes
-        //
-        byte[] C = new byte[8];
-        LtoOSP(recoveredMessage.length * 8, C);
-
-        digest.update(C, 0, C.length);
-
-        if (recoveredMessage.length != 0)
-        {
-            digest.update(recoveredMessage, 0, recoveredMessage.length);
-        }
-
-        digest.update(m2Hash, 0, m2Hash.length);
-
-        // Update for the salt
-        if (standardSalt != null)
-        {
-            digest.update(standardSalt, 0, standardSalt.length);
-        }
-        else
-        {
-            digest.update(block, mStart + recoveredMessage.length, saltLength);
-        }
-
-        byte[] hash = new byte[digest.getDigestSize()];
-        digest.doFinal(hash, 0);
-
-        int off = block.length - tLength - hash.length;
-
-        boolean isOkay = true;
-
-        for (int i = 0; i != hash.length; i++)
-        {
-            if (hash[i] != block[off + i])
-            {
-                isOkay = false;
-            }
-        }
-
-        clearBlock(block);
-        clearBlock(hash);
-
-        if (!isOkay)
-        {
-            fullMessage = false;
-            messageLength = 0;
-            clearBlock(recoveredMessage);
-            return false;
-        }
-
-        //
-        // if they've input a message check what we've recovered against
-        // what was input.
-        //
-        if (messageLength != 0)
-        {
-            if (!isSameAs(mBuf, recoveredMessage))
-            {
-                messageLength = 0;
-                clearBlock(mBuf);
-                return false;
-            }
-
-        }
-        
-        messageLength = 0;
-
-        clearBlock(mBuf);
-        return true;
-    }
-
-    /**
-     * Return true if the full message was recoveredMessage.
-     *
-     * @return true on full message recovery, false otherwise, or if not sure.
-     * @see org.bouncycastle.crypto.SignerWithRecovery#hasFullMessage()
-     */
-    public boolean hasFullMessage()
-    {
-        return fullMessage;
-    }
-
-
-    /**
-     * Return a reference to the recoveredMessage message, either as it was added
-     * to a just generated signature, or extracted from a verified one.
-     *
-     * @return the full/partial recoveredMessage message.
-     * @see org.bouncycastle.crypto.SignerWithRecovery#getRecoveredMessage()
-     */
-    public byte[] getRecoveredMessage()
-    {
-        return recoveredMessage;
-    }
-
-    /**
-     * int to octet string.
-     */
-    private void ItoOSP(
-        int i,
-        byte[] sp)
-    {
-        sp[0] = (byte)(i >>> 24);
-        sp[1] = (byte)(i >>> 16);
-        sp[2] = (byte)(i >>> 8);
-        sp[3] = (byte)(i >>> 0);
-    }
-
-    /**
-     * long to octet string.
-     */
-    private void LtoOSP(
-        long l,
-        byte[] sp)
-    {
-        sp[0] = (byte)(l >>> 56);
-        sp[1] = (byte)(l >>> 48);
-        sp[2] = (byte)(l >>> 40);
-        sp[3] = (byte)(l >>> 32);
-        sp[4] = (byte)(l >>> 24);
-        sp[5] = (byte)(l >>> 16);
-        sp[6] = (byte)(l >>> 8);
-        sp[7] = (byte)(l >>> 0);
-    }
-
-    /**
-     * mask generator function, as described in PKCS1v2.
-     */
-    private byte[] maskGeneratorFunction1(
-        byte[] Z,
-        int zOff,
-        int zLen,
-        int length)
-    {
-        byte[] mask = new byte[length];
-        byte[] hashBuf = new byte[hLen];
-        byte[] C = new byte[4];
-        int counter = 0;
-
-        digest.reset();
-
-        while (counter < (length / hLen))
-        {
-            ItoOSP(counter, C);
-
-            digest.update(Z, zOff, zLen);
-            digest.update(C, 0, C.length);
-            digest.doFinal(hashBuf, 0);
-
-            System.arraycopy(hashBuf, 0, mask, counter * hLen, hLen);
-
-            counter++;
-        }
-
-        if ((counter * hLen) < length)
-        {
-            ItoOSP(counter, C);
-
-            digest.update(Z, zOff, zLen);
-            digest.update(C, 0, C.length);
-            digest.doFinal(hashBuf, 0);
-
-            System.arraycopy(hashBuf, 0, mask, counter * hLen, mask.length - (counter * hLen));
-        }
-
-        return mask;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/signers/ISO9796d2Signer.java b/bcprov/src/main/java/org/bouncycastle/crypto/signers/ISO9796d2Signer.java
deleted file mode 100644
index 1e046d5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/signers/ISO9796d2Signer.java
+++ /dev/null

@@ -1,629 +0,0 @@
-package org.bouncycastle.crypto.signers;
-
-import org.bouncycastle.crypto.AsymmetricBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.SignerWithRecovery;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.util.Arrays;
-
-/**
- * ISO9796-2 - mechanism using a hash function with recovery (scheme 1)
- */
-public class ISO9796d2Signer
-    implements SignerWithRecovery
-{
-    /** @deprecated use ISOTrailers */
-    static final public int   TRAILER_IMPLICIT    = 0xBC;
-    /** @deprecated use ISOTrailers */
-    static final public int   TRAILER_RIPEMD160   = 0x31CC;
-    /** @deprecated use ISOTrailers */
-    static final public int   TRAILER_RIPEMD128   = 0x32CC;
-    /** @deprecated use ISOTrailers */
-    static final public int   TRAILER_SHA1        = 0x33CC;
-    /** @deprecated use ISOTrailers */
-    static final public int   TRAILER_SHA256      = 0x34CC;
-    /** @deprecated use ISOTrailers */
-    static final public int   TRAILER_SHA512      = 0x35CC;
-    /** @deprecated use ISOTrailers */
-    static final public int   TRAILER_SHA384      = 0x36CC;
-    /** @deprecated use ISOTrailers */
-    static final public int   TRAILER_WHIRLPOOL   = 0x37CC;
-
-    private Digest                      digest;
-    private AsymmetricBlockCipher       cipher;
-
-    private int         trailer;
-    private int         keyBits;
-    private byte[]      block;
-    private byte[]      mBuf;
-    private int         messageLength;
-    private boolean     fullMessage;
-    private byte[]      recoveredMessage;
-
-    private byte[]      preSig;
-    private byte[]      preBlock;
-
-    /**
-     * Generate a signer with either implicit or explicit trailers for ISO9796-2.
-     * 
-     * @param cipher base cipher to use for signature creation/verification
-     * @param digest digest to use.
-     * @param implicit whether or not the trailer is implicit or gives the hash.
-     */
-    public ISO9796d2Signer(
-        AsymmetricBlockCipher   cipher,
-        Digest                  digest,
-        boolean                 implicit)
-    {
-        this.cipher = cipher;
-        this.digest = digest;
-
-        if (implicit)
-        {
-            trailer = ISOTrailers.TRAILER_IMPLICIT;
-        }
-        else
-        {
-            Integer trailerObj = ISOTrailers.getTrailer(digest);
-
-            if (trailerObj != null)
-            {
-                trailer = trailerObj.intValue();
-            }
-            else
-            {
-                throw new IllegalArgumentException("no valid trailer for digest: " + digest.getAlgorithmName());
-            }
-        }
-    }
-
-    /**
-     * Constructor for a signer with an explicit digest trailer.
-     * 
-     * @param cipher cipher to use.
-     * @param digest digest to sign with.
-     */
-    public ISO9796d2Signer(
-        AsymmetricBlockCipher   cipher,
-        Digest                  digest)
-    {
-        this(cipher, digest, false);
-    }
-    
-    public void init(
-        boolean                 forSigning,
-        CipherParameters        param)
-    {
-        RSAKeyParameters  kParam = (RSAKeyParameters)param;
-
-        cipher.init(forSigning, kParam);
-
-        keyBits = kParam.getModulus().bitLength();
-
-        block = new byte[(keyBits + 7) / 8];
-        
-        if (trailer == ISOTrailers.TRAILER_IMPLICIT)
-        {
-            mBuf = new byte[block.length - digest.getDigestSize() - 2];
-        }
-        else
-        {
-            mBuf = new byte[block.length - digest.getDigestSize() - 3];
-        }
-
-        reset();
-    }
-
-    /**
-     * compare two byte arrays - constant time
-     */
-    private boolean isSameAs(
-        byte[]    a,
-        byte[]    b)
-    {
-        boolean isOkay = true;
-
-        if (messageLength > mBuf.length)
-        {
-            if (mBuf.length > b.length)
-            {
-                isOkay = false;
-            }
-            
-            for (int i = 0; i != mBuf.length; i++)
-            {
-                if (a[i] != b[i])
-                {
-                    isOkay = false;
-                }
-            }
-        }
-        else
-        {
-            if (messageLength != b.length)
-            {
-                isOkay = false;
-            }
-            
-            for (int i = 0; i != b.length; i++)
-            {
-                if (a[i] != b[i])
-                {
-                    isOkay = false;
-                }
-            }
-        }
-        
-        return isOkay;
-    }
-    
-    /**
-     * clear possible sensitive data
-     */
-    private void clearBlock(
-        byte[]  block)
-    {
-        for (int i = 0; i != block.length; i++)
-        {
-            block[i] = 0;
-        }
-    }
-
-    public void updateWithRecoveredMessage(byte[] signature)
-        throws InvalidCipherTextException
-    {
-        byte[]      block = cipher.processBlock(signature, 0, signature.length);
-
-        if (((block[0] & 0xC0) ^ 0x40) != 0)
-        {
-            throw new InvalidCipherTextException("malformed signature");
-        }
-
-        if (((block[block.length - 1] & 0xF) ^ 0xC) != 0)
-        {
-            throw new InvalidCipherTextException("malformed signature");
-        }
-
-        int     delta = 0;
-
-        if (((block[block.length - 1] & 0xFF) ^ 0xBC) == 0)
-        {
-            delta = 1;
-        }
-        else
-        {
-            int sigTrail = ((block[block.length - 2] & 0xFF) << 8) | (block[block.length - 1] & 0xFF);
-            Integer trailerObj = ISOTrailers.getTrailer(digest);
-
-            if (trailerObj != null)
-            {
-                int trailer = trailerObj.intValue();
-                if (sigTrail != trailer)
-                {
-                    if (!(trailer == ISOTrailers.TRAILER_SHA512_256 && sigTrail == 0x40CC))
-                    {
-                        throw new IllegalStateException("signer initialised with wrong digest for trailer " + sigTrail);
-                    }
-                }
-            }
-            else
-            {
-                throw new IllegalArgumentException("unrecognised hash in signature");
-            }
-
-            delta = 2;
-        }
-
-        //
-        // find out how much padding we've got
-        //
-        int mStart = 0;
-
-        for (mStart = 0; mStart != block.length; mStart++)
-        {
-            if (((block[mStart] & 0x0f) ^ 0x0a) == 0)
-            {
-                break;
-            }
-        }
-
-        mStart++;
-
-        int off = block.length - delta - digest.getDigestSize();
-
-        //
-        // there must be at least one byte of message string
-        //
-        if ((off - mStart) <= 0)
-        {
-            throw new InvalidCipherTextException("malformed block");
-        }
-
-        //
-        // if we contain the whole message as well, check the hash of that.
-        //
-        if ((block[0] & 0x20) == 0)
-        {
-            fullMessage = true;
-
-            recoveredMessage = new byte[off - mStart];
-            System.arraycopy(block, mStart, recoveredMessage, 0, recoveredMessage.length);
-        }
-        else
-        {
-            fullMessage = false;
-
-            recoveredMessage = new byte[off - mStart];
-            System.arraycopy(block, mStart, recoveredMessage, 0, recoveredMessage.length);
-        }
-
-        preSig = signature;
-        preBlock = block;
-
-        digest.update(recoveredMessage, 0, recoveredMessage.length);
-        messageLength = recoveredMessage.length;
-        System.arraycopy(recoveredMessage, 0, mBuf, 0, recoveredMessage.length);
-    }
-    
-    /**
-     * update the internal digest with the byte b
-     */
-    public void update(
-        byte    b)
-    {
-        digest.update(b);
-
-        if (messageLength < mBuf.length)
-        {
-            mBuf[messageLength] = b;
-        }
-
-        messageLength++;
-    }
-
-    /**
-     * update the internal digest with the byte array in
-     */
-    public void update(
-        byte[]  in,
-        int     off,
-        int     len)
-    {
-        while (len > 0 && messageLength < mBuf.length)
-        {
-            this.update(in[off]);
-            off++;
-            len--;
-        }
-
-        digest.update(in, off, len);
-        messageLength += len;
-    }
-
-    /**
-     * reset the internal state
-     */
-    public void reset()
-    {
-        digest.reset();
-        messageLength = 0;
-        clearBlock(mBuf);
-        
-        if (recoveredMessage != null)
-        {
-            clearBlock(recoveredMessage);
-        }
-        
-        recoveredMessage = null;
-        fullMessage = false;
-
-        if (preSig != null)
-        {
-            preSig = null;
-            clearBlock(preBlock);
-            preBlock = null;
-        }
-    }
-
-    /**
-     * generate a signature for the loaded message using the key we were
-     * initialised with.
-     */
-    public byte[] generateSignature()
-        throws CryptoException
-    {
-        int     digSize = digest.getDigestSize();
-
-        int t = 0;
-        int delta = 0;
-
-        if (trailer == ISOTrailers.TRAILER_IMPLICIT)
-        {
-            t = 8;
-            delta = block.length - digSize - 1;
-            digest.doFinal(block, delta);
-            block[block.length - 1] = (byte)ISOTrailers.TRAILER_IMPLICIT;
-        }
-        else
-        {
-            t = 16;
-            delta = block.length - digSize - 2;
-            digest.doFinal(block, delta);
-            block[block.length - 2] = (byte)(trailer >>> 8);
-            block[block.length - 1] = (byte)trailer;
-        }
-
-        byte    header = 0;
-        int     x = (digSize + messageLength) * 8 + t + 4 - keyBits;
-
-        if (x > 0)
-        {
-            int mR = messageLength - ((x + 7) / 8);
-            header = 0x60;
-
-            delta -= mR;
-            
-            System.arraycopy(mBuf, 0, block, delta, mR);
-
-            recoveredMessage = new byte[mR];
-        }
-        else
-        {
-            header = 0x40;
-            delta -= messageLength;
-            
-            System.arraycopy(mBuf, 0, block, delta, messageLength);
-
-            recoveredMessage = new byte[messageLength];
-        }
-        
-        if ((delta - 1) > 0)
-        {
-            for (int i = delta - 1; i != 0; i--)
-            {
-                block[i] = (byte)0xbb;
-            }
-            block[delta - 1] ^= (byte)0x01;
-            block[0] = (byte)0x0b;
-            block[0] |= header;
-        }
-        else
-        {
-            block[0] = (byte)0x0a;
-            block[0] |= header;
-        }
-
-        byte[]  b = cipher.processBlock(block, 0, block.length);
-
-        fullMessage = (header & 0x20) == 0;
-        System.arraycopy(mBuf, 0, recoveredMessage, 0, recoveredMessage.length);
-
-        messageLength = 0;
-        
-        clearBlock(mBuf);
-        clearBlock(block);
-
-        return b;
-    }
-
-    /**
-     * return true if the signature represents a ISO9796-2 signature
-     * for the passed in message.
-     */
-    public boolean verifySignature(
-        byte[]      signature)
-    {
-        byte[]      block = null;
-
-        if (preSig == null)
-        {
-            try
-            {
-                block = cipher.processBlock(signature, 0, signature.length);
-            }
-            catch (Exception e)
-            {
-                return false;
-            }
-        }
-        else
-        {
-            if (!Arrays.areEqual(preSig, signature))
-            {
-                throw new IllegalStateException("updateWithRecoveredMessage called on different signature");
-            }
-
-            block = preBlock;
-
-            preSig = null;
-            preBlock = null;
-        }
-
-        if (((block[0] & 0xC0) ^ 0x40) != 0)
-        {
-            return returnFalse(block);
-        }
-
-        if (((block[block.length - 1] & 0xF) ^ 0xC) != 0)
-        {
-            return returnFalse(block);
-        }
-
-        int     delta = 0;
-
-        if (((block[block.length - 1] & 0xFF) ^ 0xBC) == 0)
-        {
-            delta = 1;
-        }
-        else
-        {
-            int sigTrail = ((block[block.length - 2] & 0xFF) << 8) | (block[block.length - 1] & 0xFF);
-            Integer trailerObj = ISOTrailers.getTrailer(digest);
-
-            if (trailerObj != null)
-            {
-                int trailer = trailerObj.intValue();
-                if (sigTrail != trailer)
-                {
-                    if (!(trailer == ISOTrailers.TRAILER_SHA512_256 && sigTrail == 0x40CC))
-                    {
-                        throw new IllegalStateException("signer initialised with wrong digest for trailer " + sigTrail);
-                    }
-                }
-            }
-            else
-            {
-                throw new IllegalArgumentException("unrecognised hash in signature");
-            }
-
-            delta = 2;
-        }
-
-        //
-        // find out how much padding we've got
-        //
-        int mStart = 0;
-
-        for (mStart = 0; mStart != block.length; mStart++)
-        {
-            if (((block[mStart] & 0x0f) ^ 0x0a) == 0)
-            {
-                break;
-            }
-        }
-
-        mStart++;
-
-        //
-        // check the hashes
-        //
-        byte[]  hash = new byte[digest.getDigestSize()];
-
-        int off = block.length - delta - hash.length;
-
-        //
-        // there must be at least one byte of message string
-        //
-        if ((off - mStart) <= 0)
-        {
-            return returnFalse(block);
-        }
-
-        //
-        // if we contain the whole message as well, check the hash of that.
-        //
-        if ((block[0] & 0x20) == 0)
-        {
-            fullMessage = true;
-
-            // check right number of bytes passed in.
-            if (messageLength > off - mStart)
-            {
-                return returnFalse(block);
-            }
-            
-            digest.reset();
-            digest.update(block, mStart, off - mStart);
-            digest.doFinal(hash, 0);
-
-            boolean isOkay = true;
-
-            for (int i = 0; i != hash.length; i++)
-            {
-                block[off + i] ^= hash[i];
-                if (block[off + i] != 0)
-                {
-                    isOkay = false;
-                }
-            }
-
-            if (!isOkay)
-            {
-                return returnFalse(block);
-            }
-
-            recoveredMessage = new byte[off - mStart];
-            System.arraycopy(block, mStart, recoveredMessage, 0, recoveredMessage.length);
-        }
-        else
-        {
-            fullMessage = false;
-            
-            digest.doFinal(hash, 0);
-
-            boolean isOkay = true;
-
-            for (int i = 0; i != hash.length; i++)
-            {
-                block[off + i] ^= hash[i];
-                if (block[off + i] != 0)
-                {
-                    isOkay = false;
-                }
-            }
-
-            if (!isOkay)
-            {
-                return returnFalse(block);
-            }
-
-            recoveredMessage = new byte[off - mStart];
-            System.arraycopy(block, mStart, recoveredMessage, 0, recoveredMessage.length);
-        }
-
-        //
-        // if they've input a message check what we've recovered against
-        // what was input.
-        //
-        if (messageLength != 0)
-        {
-            if (!isSameAs(mBuf, recoveredMessage))
-            {
-                return returnFalse(block);
-            }
-        }
-        
-        clearBlock(mBuf);
-        clearBlock(block);
-
-        messageLength = 0;
-
-        return true;
-    }
-
-    private boolean returnFalse(byte[] block)
-    {
-        messageLength = 0;
-
-        clearBlock(mBuf);
-        clearBlock(block);
-
-        return false;
-    }
-
-    /**
-     * Return true if the full message was recoveredMessage.
-     * 
-     * @return true on full message recovery, false otherwise.
-     * @see org.bouncycastle.crypto.SignerWithRecovery#hasFullMessage()
-     */
-    public boolean hasFullMessage()
-    {
-        return fullMessage;
-    }
-
-    /**
-     * Return a reference to the recoveredMessage message, either as it was added
-     * to a just generated signature, or extracted from a verified one.
-     * 
-     * @return the full/partial recoveredMessage message.
-     * @see org.bouncycastle.crypto.SignerWithRecovery#getRecoveredMessage()
-     */
-    public byte[] getRecoveredMessage()
-    {
-        return recoveredMessage;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/signers/ISOTrailers.java b/bcprov/src/main/java/org/bouncycastle/crypto/signers/ISOTrailers.java
deleted file mode 100644
index acc5863..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/signers/ISOTrailers.java
+++ /dev/null

@@ -1,56 +0,0 @@
-package org.bouncycastle.crypto.signers;
-
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.util.Integers;
-
-public class ISOTrailers
-{
-    private static final Map<String, Integer> trailerMap;
-
-    static final public int   TRAILER_IMPLICIT    = 0xBC;
-
-    static final public int   TRAILER_RIPEMD160   = 0x31CC;
-    static final public int   TRAILER_RIPEMD128   = 0x32CC;
-    static final public int   TRAILER_SHA1        = 0x33CC;
-    static final public int   TRAILER_SHA256      = 0x34CC;
-    static final public int   TRAILER_SHA512      = 0x35CC;
-    static final public int   TRAILER_SHA384      = 0x36CC;
-    static final public int   TRAILER_WHIRLPOOL   = 0x37CC;
-    static final public int   TRAILER_SHA224      = 0x38CC;
-    static final public int   TRAILER_SHA512_224  = 0x39CC;
-    static final public int   TRAILER_SHA512_256  = 0x3aCC;
-
-    static
-    {
-        Map<String, Integer> trailers = new HashMap<String, Integer>();
-
-        trailers.put("RIPEMD128", Integers.valueOf(TRAILER_RIPEMD128));
-        trailers.put("RIPEMD160", Integers.valueOf(TRAILER_RIPEMD160));
-
-        trailers.put("SHA-1", Integers.valueOf(TRAILER_SHA1));
-        trailers.put("SHA-224", Integers.valueOf(TRAILER_SHA224));
-        trailers.put("SHA-256", Integers.valueOf(TRAILER_SHA256));
-        trailers.put("SHA-384", Integers.valueOf(TRAILER_SHA384));
-        trailers.put("SHA-512", Integers.valueOf(TRAILER_SHA512));
-        trailers.put("SHA-512/224", Integers.valueOf(TRAILER_SHA512_224));
-        trailers.put("SHA-512/256", Integers.valueOf(TRAILER_SHA512_256));
-
-        trailers.put("Whirlpool", Integers.valueOf(TRAILER_WHIRLPOOL));
-
-        trailerMap = Collections.unmodifiableMap(trailers);
-    }
-
-    public static Integer getTrailer(Digest digest)
-    {
-        return (Integer)trailerMap.get(digest.getAlgorithmName());  // JDK 1.4 compatibility
-    }
-
-    public static boolean noTrailerAvailable(Digest digest)
-    {
-        return !trailerMap.containsKey(digest.getAlgorithmName());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/signers/PSSSigner.java b/bcprov/src/main/java/org/bouncycastle/crypto/signers/PSSSigner.java
deleted file mode 100644
index 7e155a8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/signers/PSSSigner.java
+++ /dev/null

@@ -1,399 +0,0 @@
-package org.bouncycastle.crypto.signers;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.params.RSABlindingParameters;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-
-/**
- * RSA-PSS as described in PKCS# 1 v 2.1.
- * <p>
- * Note: the usual value for the salt length is the number of
- * bytes in the hash function.
- */
-public class PSSSigner
-    implements Signer
-{
-    static final public byte   TRAILER_IMPLICIT    = (byte)0xBC;
-
-    private Digest                      contentDigest;
-    private Digest                      mgfDigest;
-    private AsymmetricBlockCipher       cipher;
-    private SecureRandom                random;
-
-    private int                         hLen;
-    private int                         mgfhLen;
-    private boolean                     sSet;
-    private int                         sLen;
-    private int                         emBits;
-    private byte[]                      salt;
-    private byte[]                      mDash;
-    private byte[]                      block;
-    private byte                        trailer;
-
-    /**
-     * basic constructor
-     *
-     * @param cipher the asymmetric cipher to use.
-     * @param digest the digest to use.
-     * @param sLen the length of the salt to use (in bytes).
-     */
-    public PSSSigner(
-        AsymmetricBlockCipher   cipher,
-        Digest                  digest,
-        int                     sLen)
-    {
-        this(cipher, digest, sLen, TRAILER_IMPLICIT);
-    }
-
-    public PSSSigner(
-        AsymmetricBlockCipher   cipher,
-        Digest                  contentDigest,
-        Digest                  mgfDigest,
-        int                     sLen)
-    {
-        this(cipher, contentDigest, mgfDigest, sLen, TRAILER_IMPLICIT);
-    }
-
-    public PSSSigner(
-            AsymmetricBlockCipher   cipher,
-            Digest                  digest,
-            int                     sLen,
-            byte                    trailer)
-    {
-        this(cipher, digest, digest, sLen, trailer);
-    }
-
-    public PSSSigner(
-        AsymmetricBlockCipher   cipher,
-        Digest                  contentDigest,
-        Digest                  mgfDigest,
-        int                     sLen,
-        byte                    trailer)
-    {
-        this.cipher = cipher;
-        this.contentDigest = contentDigest;
-        this.mgfDigest = mgfDigest;
-        this.hLen = contentDigest.getDigestSize();
-        this.mgfhLen = mgfDigest.getDigestSize();
-        this.sSet = false;
-        this.sLen = sLen;
-        this.salt = new byte[sLen];
-        this.mDash = new byte[8 + sLen + hLen];
-        this.trailer = trailer;
-    }
-
-    public PSSSigner(
-        AsymmetricBlockCipher   cipher,
-        Digest                  digest,
-        byte[]                  salt)
-    {
-        this(cipher, digest, digest, salt, TRAILER_IMPLICIT);
-    }
-
-    public PSSSigner(
-        AsymmetricBlockCipher   cipher,
-        Digest                  contentDigest,
-        Digest                  mgfDigest,
-        byte[]                  salt)
-    {
-        this(cipher, contentDigest, mgfDigest, salt, TRAILER_IMPLICIT);
-    }
-
-    public PSSSigner(
-        AsymmetricBlockCipher   cipher,
-        Digest                  contentDigest,
-        Digest                  mgfDigest,
-        byte[]                  salt,
-        byte                    trailer)
-    {
-        this.cipher = cipher;
-        this.contentDigest = contentDigest;
-        this.mgfDigest = mgfDigest;
-        this.hLen = contentDigest.getDigestSize();
-        this.mgfhLen = mgfDigest.getDigestSize();
-        this.sSet = true;
-        this.sLen = salt.length;
-        this.salt = salt;
-        this.mDash = new byte[8 + sLen + hLen];
-        this.trailer = trailer;
-    }
-
-    public void init(
-        boolean                 forSigning,
-        CipherParameters        param)
-    {
-        CipherParameters  params;
-
-        if (param instanceof ParametersWithRandom)
-        {
-            ParametersWithRandom    p = (ParametersWithRandom)param;
-
-            params = p.getParameters();
-            random = p.getRandom();
-        }
-        else
-        {
-            params = param;
-            if (forSigning)
-            {
-                random = CryptoServicesRegistrar.getSecureRandom();
-            }
-        }
-
-        RSAKeyParameters kParam;
-
-        if (params instanceof RSABlindingParameters)
-        {
-            kParam = ((RSABlindingParameters)params).getPublicKey();
-
-            cipher.init(forSigning, param);   // pass on random
-        }
-        else
-        {
-            kParam = (RSAKeyParameters)params;
-
-            cipher.init(forSigning, params);
-        }
-        
-        emBits = kParam.getModulus().bitLength() - 1;
-
-        if (emBits < (8 * hLen + 8 * sLen + 9))
-        {
-            throw new IllegalArgumentException("key too small for specified hash and salt lengths");
-        }
-
-        block = new byte[(emBits + 7) / 8];
-
-        reset();
-    }
-
-    /**
-     * clear possible sensitive data
-     */
-    private void clearBlock(
-        byte[]  block)
-    {
-        for (int i = 0; i != block.length; i++)
-        {
-            block[i] = 0;
-        }
-    }
-
-    /**
-     * update the internal digest with the byte b
-     */
-    public void update(
-        byte    b)
-    {
-        contentDigest.update(b);
-    }
-
-    /**
-     * update the internal digest with the byte array in
-     */
-    public void update(
-        byte[]  in,
-        int     off,
-        int     len)
-    {
-        contentDigest.update(in, off, len);
-    }
-
-    /**
-     * reset the internal state
-     */
-    public void reset()
-    {
-        contentDigest.reset();
-    }
-
-    /**
-     * generate a signature for the message we've been loaded with using
-     * the key we were initialised with.
-     */
-    public byte[] generateSignature()
-        throws CryptoException, DataLengthException
-    {
-        contentDigest.doFinal(mDash, mDash.length - hLen - sLen);
-
-        if (sLen != 0)
-        {
-            if (!sSet)
-            {
-                random.nextBytes(salt);
-            }
-
-            System.arraycopy(salt, 0, mDash, mDash.length - sLen, sLen);
-        }
-
-        byte[]  h = new byte[hLen];
-
-        contentDigest.update(mDash, 0, mDash.length);
-
-        contentDigest.doFinal(h, 0);
-
-        block[block.length - sLen - 1 - hLen - 1] = 0x01;
-        System.arraycopy(salt, 0, block, block.length - sLen - hLen - 1, sLen);
-
-        byte[] dbMask = maskGeneratorFunction1(h, 0, h.length, block.length - hLen - 1);
-        for (int i = 0; i != dbMask.length; i++)
-        {
-            block[i] ^= dbMask[i];
-        }
-
-        block[0] &= (0xff >> ((block.length * 8) - emBits));
-
-        System.arraycopy(h, 0, block, block.length - hLen - 1, hLen);
-
-        block[block.length - 1] = trailer;
-
-        byte[]  b = cipher.processBlock(block, 0, block.length);
-
-        clearBlock(block);
-
-        return b;
-    }
-
-    /**
-     * return true if the internal state represents the signature described
-     * in the passed in array.
-     */
-    public boolean verifySignature(
-        byte[]      signature)
-    {
-        contentDigest.doFinal(mDash, mDash.length - hLen - sLen);
-
-        try
-        {
-            byte[] b = cipher.processBlock(signature, 0, signature.length);
-            System.arraycopy(b, 0, block, block.length - b.length, b.length);
-        }
-        catch (Exception e)
-        {
-            return false;
-        }
-
-        if (block[block.length - 1] != trailer)
-        {
-            clearBlock(block);
-            return false;
-        }
-
-        byte[] dbMask = maskGeneratorFunction1(block, block.length - hLen - 1, hLen, block.length - hLen - 1);
-
-        for (int i = 0; i != dbMask.length; i++)
-        {
-            block[i] ^= dbMask[i];
-        }
-
-        block[0] &= (0xff >> ((block.length * 8) - emBits));
-
-        for (int i = 0; i != block.length - hLen - sLen - 2; i++)
-        {
-            if (block[i] != 0)
-            {
-                clearBlock(block);
-                return false;
-            }
-        }
-
-        if (block[block.length - hLen - sLen - 2] != 0x01)
-        {
-            clearBlock(block);
-            return false;
-        }
-
-        if (sSet)
-        {
-            System.arraycopy(salt, 0, mDash, mDash.length - sLen, sLen);
-        }
-        else
-        {
-            System.arraycopy(block, block.length - sLen - hLen - 1, mDash, mDash.length - sLen, sLen);
-        }
-
-        contentDigest.update(mDash, 0, mDash.length);
-        contentDigest.doFinal(mDash, mDash.length - hLen);
-
-        for (int i = block.length - hLen - 1, j = mDash.length - hLen;
-                                                 j != mDash.length; i++, j++)
-        {
-            if ((block[i] ^ mDash[j]) != 0)
-            {
-                clearBlock(mDash);
-                clearBlock(block);
-                return false;
-            }
-        }
-
-        clearBlock(mDash);
-        clearBlock(block);
-
-        return true;
-    }
-
-    /**
-     * int to octet string.
-     */
-    private void ItoOSP(
-        int     i,
-        byte[]  sp)
-    {
-        sp[0] = (byte)(i >>> 24);
-        sp[1] = (byte)(i >>> 16);
-        sp[2] = (byte)(i >>> 8);
-        sp[3] = (byte)(i >>> 0);
-    }
-
-    /**
-     * mask generator function, as described in PKCS1v2.
-     */
-    private byte[] maskGeneratorFunction1(
-        byte[]  Z,
-        int     zOff,
-        int     zLen,
-        int     length)
-    {
-        byte[]  mask = new byte[length];
-        byte[]  hashBuf = new byte[mgfhLen];
-        byte[]  C = new byte[4];
-        int     counter = 0;
-
-        mgfDigest.reset();
-
-        while (counter < (length / mgfhLen))
-        {
-            ItoOSP(counter, C);
-
-            mgfDigest.update(Z, zOff, zLen);
-            mgfDigest.update(C, 0, C.length);
-            mgfDigest.doFinal(hashBuf, 0);
-
-            System.arraycopy(hashBuf, 0, mask, counter * mgfhLen, mgfhLen);
-
-            counter++;
-        }
-
-        if ((counter * mgfhLen) < length)
-        {
-            ItoOSP(counter, C);
-
-            mgfDigest.update(Z, zOff, zLen);
-            mgfDigest.update(C, 0, C.length);
-            mgfDigest.doFinal(hashBuf, 0);
-
-            System.arraycopy(hashBuf, 0, mask, counter * mgfhLen, mask.length - (counter * mgfhLen));
-        }
-
-        return mask;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/signers/RSADigestSigner.java b/bcprov/src/main/java/org/bouncycastle/crypto/signers/RSADigestSigner.java
index 3db7958..45c8b57 100644
--- a/bcprov/src/main/java/org/bouncycastle/crypto/signers/RSADigestSigner.java
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/signers/RSADigestSigner.java

@@ -39,9 +39,11 @@
      */
     static
     {
-        oidMap.put("RIPEMD128", TeleTrusTObjectIdentifiers.ripemd128);
-        oidMap.put("RIPEMD160", TeleTrusTObjectIdentifiers.ripemd160);
-        oidMap.put("RIPEMD256", TeleTrusTObjectIdentifiers.ripemd256);
+        // BEGIN Android-removed: Unsupported algorithms
+        // oidMap.put("RIPEMD128", TeleTrusTObjectIdentifiers.ripemd128);
+        // oidMap.put("RIPEMD160", TeleTrusTObjectIdentifiers.ripemd160);
+        // oidMap.put("RIPEMD256", TeleTrusTObjectIdentifiers.ripemd256);
+        // END Android-removed: Unsupported algorithms
 
         oidMap.put("SHA-1", X509ObjectIdentifiers.id_SHA1);
         oidMap.put("SHA-224", NISTObjectIdentifiers.id_sha224);
@@ -51,6 +53,8 @@
         oidMap.put("SHA-512/224", NISTObjectIdentifiers.id_sha512_224);
         oidMap.put("SHA-512/256", NISTObjectIdentifiers.id_sha512_256);
 
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         oidMap.put("SHA3-224", NISTObjectIdentifiers.id_sha3_224);
         oidMap.put("SHA3-256", NISTObjectIdentifiers.id_sha3_256);
         oidMap.put("SHA3-384", NISTObjectIdentifiers.id_sha3_384);
@@ -58,6 +62,8 @@
 
         oidMap.put("MD2", PKCSObjectIdentifiers.md2);
         oidMap.put("MD4", PKCSObjectIdentifiers.md4);
+        */
+        // END Android-removed: Unsupported algorithms
         oidMap.put("MD5", PKCSObjectIdentifiers.md5);
     }
 

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/signers/SM2Signer.java b/bcprov/src/main/java/org/bouncycastle/crypto/signers/SM2Signer.java
deleted file mode 100644
index 97f9dbc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/signers/SM2Signer.java
+++ /dev/null

@@ -1,277 +0,0 @@
-package org.bouncycastle.crypto.signers;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.digests.SM3Digest;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECKeyParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithID;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.math.ec.ECAlgorithms;
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECMultiplier;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.FixedPointCombMultiplier;
-import org.bouncycastle.util.encoders.Hex;
-
-/**
- * The SM2 Digital Signature algorithm.
- */
-public class SM2Signer
-    implements Signer, ECConstants
-{
-    private final DSAKCalculator kCalculator = new RandomDSAKCalculator();
-    private final SM3Digest digest = new SM3Digest();
-    private final DSAEncoding encoding;
-
-    private ECDomainParameters ecParams;
-    private ECPoint pubPoint;
-    private ECKeyParameters ecKey;
-    private byte[] z;
-
-    public SM2Signer()
-    {
-        this(StandardDSAEncoding.INSTANCE);
-    }
-
-    public SM2Signer(DSAEncoding encoding)
-    {
-        this.encoding = encoding;
-    }
-
-    public void init(boolean forSigning, CipherParameters param)
-    {
-        CipherParameters baseParam;
-        byte[] userID;
-
-        if (param instanceof ParametersWithID)
-        {
-            baseParam = ((ParametersWithID)param).getParameters();
-            userID = ((ParametersWithID)param).getID();
-        }
-        else
-        {
-            baseParam = param;
-            userID = Hex.decode("31323334353637383132333435363738"); // the default value
-        }
-
-        if (forSigning)
-        {
-            if (baseParam instanceof ParametersWithRandom)
-            {
-                ParametersWithRandom rParam = (ParametersWithRandom)baseParam;
-
-                ecKey = (ECKeyParameters)rParam.getParameters();
-                ecParams = ecKey.getParameters();
-                kCalculator.init(ecParams.getN(), rParam.getRandom());
-            }
-            else
-            {
-                ecKey = (ECKeyParameters)baseParam;
-                ecParams = ecKey.getParameters();
-                kCalculator.init(ecParams.getN(), CryptoServicesRegistrar.getSecureRandom());
-            }
-            pubPoint = createBasePointMultiplier().multiply(ecParams.getG(), ((ECPrivateKeyParameters)ecKey).getD()).normalize();
-        }
-        else
-        {
-            ecKey = (ECKeyParameters)baseParam;
-            ecParams = ecKey.getParameters();
-            pubPoint = ((ECPublicKeyParameters)ecKey).getQ();
-        }
-
-        z = getZ(userID);
-        
-        digest.update(z, 0, z.length);
-    }
-
-    public void update(byte b)
-    {
-        digest.update(b);
-    }
-
-    public void update(byte[] in, int off, int len)
-    {
-        digest.update(in, off, len);
-    }
-
-    public boolean verifySignature(byte[] signature)
-    {
-        try
-        {
-            BigInteger[] rs = encoding.decode(ecParams.getN(), signature);
-
-            return verifySignature(rs[0], rs[1]);
-        }
-        catch (Exception e)
-        {
-        }
-
-        return false;
-    }
-
-    public void reset()
-    {
-        digest.reset();
-
-        if (z != null)
-        {
-            digest.update(z, 0, z.length);
-        }
-    }
-
-    public byte[] generateSignature()
-        throws CryptoException
-    {
-        byte[] eHash = digestDoFinal();
-
-        BigInteger n = ecParams.getN();
-        BigInteger e = calculateE(eHash);
-        BigInteger d = ((ECPrivateKeyParameters)ecKey).getD();
-
-        BigInteger r, s;
-
-        ECMultiplier basePointMultiplier = createBasePointMultiplier();
-
-        // 5.2.1 Draft RFC:  SM2 Public Key Algorithms
-        do // generate s
-        {
-            BigInteger k;
-            do // generate r
-            {
-                // A3
-                k = kCalculator.nextK();
-
-                // A4
-                ECPoint p = basePointMultiplier.multiply(ecParams.getG(), k).normalize();
-
-                // A5
-                r = e.add(p.getAffineXCoord().toBigInteger()).mod(n);
-            }
-            while (r.equals(ZERO) || r.add(k).equals(n));
-
-            // A6
-            BigInteger dPlus1ModN = d.add(ONE).modInverse(n);
-
-            s = k.subtract(r.multiply(d)).mod(n);
-            s = dPlus1ModN.multiply(s).mod(n);
-        }
-        while (s.equals(ZERO));
-
-        // A7
-        try
-        {
-            return encoding.encode(ecParams.getN(), r, s);
-        }
-        catch (Exception ex)
-        {
-            throw new CryptoException("unable to encode signature: " + ex.getMessage(), ex);
-        }
-    }
-
-    private boolean verifySignature(BigInteger r, BigInteger s)
-    {
-        BigInteger n = ecParams.getN();
-
-        // 5.3.1 Draft RFC:  SM2 Public Key Algorithms
-        // B1
-        if (r.compareTo(ONE) < 0 || r.compareTo(n) >= 0)
-        {
-            return false;
-        }
-
-        // B2
-        if (s.compareTo(ONE) < 0 || s.compareTo(n) >= 0)
-        {
-            return false;
-        }
-
-        // B3
-        byte[] eHash = digestDoFinal();
-
-        // B4
-        BigInteger e = calculateE(eHash);
-
-        // B5
-        BigInteger t = r.add(s).mod(n);
-        if (t.equals(ZERO))
-        {
-            return false;
-        }
-
-        // B6
-        ECPoint q = ((ECPublicKeyParameters)ecKey).getQ();
-        ECPoint x1y1 = ECAlgorithms.sumOfTwoMultiplies(ecParams.getG(), s, q, t).normalize();
-        if (x1y1.isInfinity())
-        {
-            return false;
-        }
-
-        // B7
-        BigInteger expectedR = e.add(x1y1.getAffineXCoord().toBigInteger()).mod(n);
-
-        return expectedR.equals(r);
-    }
-
-    private byte[] digestDoFinal()
-    {
-        byte[] result = new byte[digest.getDigestSize()];
-        digest.doFinal(result, 0);
-
-        reset();
-        
-        return result;
-    }
-
-    private byte[] getZ(byte[] userID)
-    {
-        digest.reset();
-
-        addUserID(digest, userID);
-
-        addFieldElement(digest, ecParams.getCurve().getA());
-        addFieldElement(digest, ecParams.getCurve().getB());
-        addFieldElement(digest, ecParams.getG().getAffineXCoord());
-        addFieldElement(digest, ecParams.getG().getAffineYCoord());
-        addFieldElement(digest, pubPoint.getAffineXCoord());
-        addFieldElement(digest, pubPoint.getAffineYCoord());
-
-        byte[] result = new byte[digest.getDigestSize()];
-
-        digest.doFinal(result, 0);
-
-        return result;
-    }
-
-    private void addUserID(Digest digest, byte[] userID)
-    {
-        int len = userID.length * 8;
-        digest.update((byte)(len >> 8 & 0xFF));
-        digest.update((byte)(len & 0xFF));
-        digest.update(userID, 0, userID.length);
-    }
-
-    private void addFieldElement(Digest digest, ECFieldElement v)
-    {
-        byte[] p = v.getEncoded();
-        digest.update(p, 0, p.length);
-    }
-
-    protected ECMultiplier createBasePointMultiplier()
-    {
-        return new FixedPointCombMultiplier();
-    }
-
-    protected BigInteger calculateE(byte[] message)
-    {
-        return new BigInteger(1, message);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/signers/X931Signer.java b/bcprov/src/main/java/org/bouncycastle/crypto/signers/X931Signer.java
deleted file mode 100644
index eaba04a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/signers/X931Signer.java
+++ /dev/null

@@ -1,255 +0,0 @@
-package org.bouncycastle.crypto.signers;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.AsymmetricBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.BigIntegers;
-
-/**
- * X9.31-1998 - signing using a hash.
- * <p>
- * The message digest hash, H, is encapsulated to form a byte string as follows
- * <pre>
- * EB = 06 || PS || 0xBA || H || TRAILER
- * </pre>
- * where PS is a string of bytes all of value 0xBB of length such that |EB|=|n|, and TRAILER is the ISO/IEC 10118 part number† for the digest. The byte string, EB, is converted to an integer value, the message representative, f.
- */
-public class X931Signer
-    implements Signer
-{
-    /** @deprecated use ISOTrailers */
-    static final public int   TRAILER_IMPLICIT    = 0xBC;
-    /** @deprecated use ISOTrailers */
-    static final public int   TRAILER_RIPEMD160   = 0x31CC;
-    /** @deprecated use ISOTrailers */
-    static final public int   TRAILER_RIPEMD128   = 0x32CC;
-    /** @deprecated use ISOTrailers */
-    static final public int   TRAILER_SHA1        = 0x33CC;
-    /** @deprecated use ISOTrailers */
-    static final public int   TRAILER_SHA256      = 0x34CC;
-    /** @deprecated use ISOTrailers */
-    static final public int   TRAILER_SHA512      = 0x35CC;
-    /** @deprecated use ISOTrailers */
-    static final public int   TRAILER_SHA384      = 0x36CC;
-    /** @deprecated use ISOTrailers */
-    static final public int   TRAILER_WHIRLPOOL   = 0x37CC;
-    /** @deprecated use ISOTrailers */
-    static final public int   TRAILER_SHA224      = 0x38CC;
-
-    private Digest                      digest;
-    private AsymmetricBlockCipher       cipher;
-    private RSAKeyParameters            kParam;
-
-    private int         trailer;
-    private int         keyBits;
-    private byte[]      block;
-
-    /**
-     * Generate a signer with either implicit or explicit trailers for X9.31
-     *
-     * @param cipher base cipher to use for signature creation/verification
-     * @param digest digest to use.
-     * @param implicit whether or not the trailer is implicit or gives the hash.
-     */
-    public X931Signer(
-        AsymmetricBlockCipher cipher,
-        Digest digest,
-        boolean implicit)
-    {
-        this.cipher = cipher;
-        this.digest = digest;
-
-        if (implicit)
-        {
-            trailer = ISOTrailers.TRAILER_IMPLICIT;
-        }
-        else
-        {
-            Integer trailerObj = ISOTrailers.getTrailer(digest);
-
-            if (trailerObj != null)
-            {
-                trailer = trailerObj.intValue();
-            }
-            else
-            {
-                throw new IllegalArgumentException("no valid trailer for digest: " + digest.getAlgorithmName());
-            }
-        }
-    }
-
-    /**
-     * Constructor for a signer with an explicit digest trailer.
-     *
-     * @param cipher cipher to use.
-     * @param digest digest to sign with.
-     */
-    public X931Signer(
-        AsymmetricBlockCipher cipher,
-        Digest digest)
-    {
-        this(cipher, digest, false);
-    }
-    
-    public void init(
-        boolean                 forSigning,
-        CipherParameters        param)
-    {
-        kParam = (RSAKeyParameters)param;
-
-        cipher.init(forSigning, kParam);
-
-        keyBits = kParam.getModulus().bitLength();
-
-        block = new byte[(keyBits + 7) / 8];
-
-        reset();
-    }
-    
-    /**
-     * clear possible sensitive data
-     */
-    private void clearBlock(
-        byte[]  block)
-    {
-        for (int i = 0; i != block.length; i++)
-        {
-            block[i] = 0;
-        }
-    }
-
-    /**
-     * update the internal digest with the byte b
-     */
-    public void update(
-        byte    b)
-    {
-        digest.update(b);
-    }
-
-    /**
-     * update the internal digest with the byte array in
-     */
-    public void update(
-        byte[]  in,
-        int     off,
-        int     len)
-    {
-        digest.update(in, off, len);
-    }
-
-    /**
-     * reset the internal state
-     */
-    public void reset()
-    {
-        digest.reset();
-    }
-
-    /**
-     * generate a signature for the loaded message using the key we were
-     * initialised with.
-     */
-    public byte[] generateSignature()
-        throws CryptoException
-    {
-        createSignatureBlock(trailer);
-
-        BigInteger t = new BigInteger(1, cipher.processBlock(block, 0, block.length));
-        clearBlock(block);
-
-        t = t.min(kParam.getModulus().subtract(t));
-
-        int size = BigIntegers.getUnsignedByteLength(kParam.getModulus());
-        return BigIntegers.asUnsignedByteArray(size, t);
-    }
-
-    private void createSignatureBlock(int trailer)
-    {
-        int     digSize = digest.getDigestSize();
-
-        int delta;
-
-        if (trailer == ISOTrailers.TRAILER_IMPLICIT)
-        {
-            delta = block.length - digSize - 1;
-            digest.doFinal(block, delta);
-            block[block.length - 1] = (byte)ISOTrailers.TRAILER_IMPLICIT;
-        }
-        else
-        {
-            delta = block.length - digSize - 2;
-            digest.doFinal(block, delta);
-            block[block.length - 2] = (byte)(trailer >>> 8);
-            block[block.length - 1] = (byte)trailer;
-        }
-
-        block[0] = 0x6b;
-        for (int i = delta - 2; i != 0; i--)
-        {
-            block[i] = (byte)0xbb;
-        }
-        block[delta - 1] = (byte)0xba;
-    }
-
-    /**
-     * return true if the signature represents a X9.31 signature
-     * for the passed in message.
-     */
-    public boolean verifySignature(
-        byte[]      signature)
-    {
-        try
-        {
-            block = cipher.processBlock(signature, 0, signature.length);
-        }
-        catch (Exception e)
-        {
-            return false;
-        }
-
-        BigInteger t = new BigInteger(1, block);
-        BigInteger f;
-
-        if ((t.intValue() & 15) == 12)
-        {
-             f = t;
-        }
-        else
-        {
-            t = kParam.getModulus().subtract(t);
-            if ((t.intValue() & 15) == 12)
-            {
-                 f = t;
-            }
-            else
-            {
-                return false;
-            }
-        }
-
-        createSignatureBlock(trailer);
-
-        byte[] fBlock = BigIntegers.asUnsignedByteArray(block.length, f);
-
-        boolean rv = Arrays.constantTimeAreEqual(block, fBlock);
-
-        // check for old NIST tool value
-        if (trailer == ISOTrailers.TRAILER_SHA512_256 && !rv)
-        {
-            block[block.length - 2] = (byte)0x40;   // old NIST CAVP tool value
-            rv = Arrays.constantTimeAreEqual(block, fBlock);
-        }
-        
-        clearBlock(block);
-        clearBlock(fBlock);
-
-        return rv;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/signers/package.html b/bcprov/src/main/java/org/bouncycastle/crypto/signers/package.html
deleted file mode 100644
index 151d3d5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/signers/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Basic signers.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/AEADTestUtil.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/AEADTestUtil.java
deleted file mode 100644
index 5ffa72a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/AEADTestUtil.java
+++ /dev/null

@@ -1,474 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.modes.AEADBlockCipher;
-import org.bouncycastle.crypto.params.AEADParameters;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestFailedException;
-
-public class AEADTestUtil
-{
-    public static void testTampering(Test test, AEADBlockCipher cipher, CipherParameters params)
-        throws InvalidCipherTextException
-    {
-        byte[] plaintext = new byte[1000];
-        for (int i = 0; i < plaintext.length; i++)
-        {
-            plaintext[i] = (byte)i;
-        }
-        cipher.init(true, params);
-
-        byte[] ciphertext = new byte[cipher.getOutputSize(plaintext.length)];
-        int len = cipher.processBytes(plaintext, 0, plaintext.length, ciphertext, 0);
-        cipher.doFinal(ciphertext, len);
-
-        int macLength = cipher.getMac().length;
-
-        // Test tampering with a single byte
-        cipher.init(false, params);
-        byte[] tampered = new byte[ciphertext.length];
-        byte[] output = new byte[plaintext.length];
-        System.arraycopy(ciphertext, 0, tampered, 0, tampered.length);
-        tampered[0] += 1;
-
-        cipher.processBytes(tampered, 0, tampered.length, output, 0);
-        try
-        {
-            cipher.doFinal(output, 0);
-            throw new TestFailedException(
-                new SimpleTestResult(false, test + " : tampering of ciphertext not detected."));
-        }
-        catch (InvalidCipherTextException e)
-        {
-            // Expected
-        }
-
-        // Test truncation of ciphertext to < tag length
-        cipher.init(false, params);
-        byte[] truncated = new byte[macLength - 1];
-        System.arraycopy(ciphertext, 0, truncated, 0, truncated.length);
-
-        cipher.processBytes(truncated, 0, truncated.length, output, 0);
-        try
-        {
-            cipher.doFinal(output, 0);
-            fail(test, "tampering of ciphertext not detected.");
-        }
-        catch (InvalidCipherTextException e)
-        {
-            // Expected
-        }
-    }
-
-    private static void fail(Test test, String message)
-    {
-        throw new TestFailedException(SimpleTestResult.failed(test, message));
-    }
-
-    private static void fail(Test test, String message, String expected, String result)
-    {
-        throw new TestFailedException(SimpleTestResult.failed(test, message, expected, result));
-    }
-
-    public static void testReset(Test test, AEADBlockCipher cipher1, AEADBlockCipher cipher2, CipherParameters params)
-        throws InvalidCipherTextException
-    {
-        cipher1.init(true, params);
-
-        byte[] plaintext = new byte[1000];
-        byte[] ciphertext = new byte[cipher1.getOutputSize(plaintext.length)];
-
-        // Establish baseline answer
-        crypt(cipher1, plaintext, ciphertext);
-
-        // Test encryption resets
-        checkReset(test, cipher1, params, true, plaintext, ciphertext);
-
-        // Test decryption resets with fresh instance
-        cipher2.init(false, params);
-        checkReset(test, cipher2, params, false, ciphertext, plaintext);
-    }
-
-    private static void checkReset(Test test,
-                                   AEADBlockCipher cipher,
-                                   CipherParameters params,
-                                   boolean encrypt,
-                                   byte[] pretext,
-                                   byte[] posttext)
-        throws InvalidCipherTextException
-    {
-        // Do initial run
-        byte[] output = new byte[posttext.length];
-        crypt(cipher, pretext, output);
-
-        // Check encrypt resets cipher
-        crypt(cipher, pretext, output);
-        if (!Arrays.areEqual(output, posttext))
-        {
-            fail(test, (encrypt ? "Encrypt" : "Decrypt") + " did not reset cipher.");
-        }
-
-        // Check init resets data
-        cipher.processBytes(pretext, 0, 100, output, 0);
-        cipher.init(encrypt, params);
-
-        try
-        {
-            crypt(cipher, pretext, output);
-        }
-        catch (DataLengthException e)
-        {
-            fail(test, "Init did not reset data.");
-        }
-        if (!Arrays.areEqual(output, posttext))
-        {
-            fail(test, "Init did not reset data.", new String(Hex.encode(posttext)), new String(Hex.encode(output)));
-        }
-
-        // Check init resets AD
-        cipher.processAADBytes(pretext, 0, 100);
-        cipher.init(encrypt, params);
-
-        try
-        {
-            crypt(cipher, pretext, output);
-        }
-        catch (DataLengthException e)
-        {
-            fail(test, "Init did not reset additional data.");
-        }
-        if (!Arrays.areEqual(output, posttext))
-        {
-            fail(test, "Init did not reset additional data.");
-        }
-
-        // Check reset resets data
-        cipher.processBytes(pretext, 0, 100, output, 0);
-        cipher.reset();
-
-        try
-        {
-            crypt(cipher, pretext, output);
-        }
-        catch (DataLengthException e)
-        {
-            fail(test, "Init did not reset data.");
-        }
-        if (!Arrays.areEqual(output, posttext))
-        {
-            fail(test, "Reset did not reset data.");
-        }
-
-        // Check reset resets AD
-        cipher.processAADBytes(pretext, 0, 100);
-        cipher.reset();
-
-        try
-        {
-            crypt(cipher, pretext, output);
-        }
-        catch (DataLengthException e)
-        {
-            fail(test, "Init did not reset data.");
-        }
-        if (!Arrays.areEqual(output, posttext))
-        {
-            fail(test, "Reset did not reset additional data.");
-        }
-    }
-
-    private static void crypt(AEADBlockCipher cipher, byte[] plaintext, byte[] output)
-        throws InvalidCipherTextException
-    {
-        int len = cipher.processBytes(plaintext, 0, plaintext.length, output, 0);
-        cipher.doFinal(output, len);
-    }
-
-    public static void testOutputSizes(Test test, AEADBlockCipher cipher, AEADParameters params)
-        throws IllegalStateException,
-        InvalidCipherTextException
-    {
-        int maxPlaintext = cipher.getUnderlyingCipher().getBlockSize() * 10;
-        byte[] plaintext = new byte[maxPlaintext];
-        byte[] ciphertext = new byte[maxPlaintext * 2];
-
-        // Check output size calculations for truncated ciphertext lengths
-        cipher.init(true, params);
-        cipher.doFinal(ciphertext, 0);
-        int macLength = cipher.getMac().length;
-
-        cipher.init(false, params);
-        for (int i = 0; i < macLength; i++)
-        {
-            cipher.reset();
-            if (cipher.getUpdateOutputSize(i) != 0)
-            {
-                fail(test, "AE cipher should not produce update output with ciphertext length <= macSize");
-            }
-            if (cipher.getOutputSize(i) != 0)
-            {
-                fail(test, "AE cipher should not produce output with ciphertext length <= macSize");
-            }
-        }
-
-        for (int i = 0; i < plaintext.length; i++)
-        {
-            cipher.init(true, params);
-            int expectedCTUpdateSize = cipher.getUpdateOutputSize(i);
-            int expectedCTOutputSize = cipher.getOutputSize(i);
-
-            if (expectedCTUpdateSize < 0)
-            {
-                fail(test, "Encryption update output size should not be < 0 for size " + i);
-            }
-
-            if (expectedCTOutputSize < 0)
-            {
-                fail(test, "Encryption update output size should not be < 0 for size " + i);
-            }
-
-            int actualCTSize = cipher.processBytes(plaintext, 0, i, ciphertext, 0);
-
-            if (expectedCTUpdateSize != actualCTSize)
-            {
-                fail(test, "Encryption update output size did not match calculated for plaintext length " + i,
-                        String.valueOf(expectedCTUpdateSize), String.valueOf(actualCTSize));
-            }
-
-            actualCTSize += cipher.doFinal(ciphertext, actualCTSize);
-
-            if (expectedCTOutputSize != actualCTSize)
-            {
-                fail(test, "Encryption actual final output size did not match calculated for plaintext length " + i,
-                        String.valueOf(expectedCTOutputSize), String.valueOf(actualCTSize));
-            }
-
-            cipher.init(false, params);
-            int expectedPTUpdateSize = cipher.getUpdateOutputSize(actualCTSize);
-            int expectedPTOutputSize = cipher.getOutputSize(actualCTSize);
-
-            if (expectedPTOutputSize != i)
-            {
-                fail(test, "Decryption update output size did not original plaintext length " + i,
-                        String.valueOf(expectedPTUpdateSize), String.valueOf(i));
-            }
-
-            int actualPTSize = cipher.processBytes(ciphertext, 0, actualCTSize, plaintext, 0);
-
-            if (expectedPTUpdateSize != actualPTSize)
-            {
-                fail(test, "Decryption update output size did not match calculated for plaintext length " + i,
-                        String.valueOf(expectedPTUpdateSize), String.valueOf(actualPTSize));
-            }
-
-            actualPTSize += cipher.doFinal(plaintext, actualPTSize);
-
-            if (expectedPTOutputSize != actualPTSize)
-            {
-                fail(test, "Decryption update output size did not match calculated for plaintext length " + i,
-                        String.valueOf(expectedPTOutputSize), String.valueOf(actualPTSize));
-            }
-
-        }
-    }
-
-    public static void testBufferSizeChecks(Test test, AEADBlockCipher cipher, AEADParameters params)
-        throws IllegalStateException,
-        InvalidCipherTextException
-    {
-        int blockSize = cipher.getUnderlyingCipher().getBlockSize();
-        int maxPlaintext = (blockSize * 10);
-        byte[] plaintext = new byte[maxPlaintext];
-
-
-        cipher.init(true, params);
-
-        int expectedUpdateOutputSize = cipher.getUpdateOutputSize(plaintext.length);
-        byte[] ciphertext = new byte[cipher.getOutputSize(plaintext.length)];
-
-        try
-        {
-            cipher.processBytes(new byte[maxPlaintext - 1], 0, maxPlaintext, new byte[expectedUpdateOutputSize], 0);
-            fail(test, "processBytes should validate input buffer length");
-        }
-        catch (DataLengthException e)
-        {
-            // Expected
-        }
-        cipher.reset();
-
-        if (expectedUpdateOutputSize > 0)
-        {
-            int outputTrigger = 0;
-            // Process bytes until output would be produced
-            for(int i = 0; i < plaintext.length; i++) {
-                if (cipher.getUpdateOutputSize(1) != 0)
-                {
-                    outputTrigger = i + 1;
-                    break;
-                }
-                cipher.processByte(plaintext[i], ciphertext, 0);
-            }
-            if (outputTrigger == 0)
-            {
-                fail(test, "Failed to find output trigger size");
-            }
-            try
-            {
-                cipher.processByte(plaintext[0], new byte[cipher.getUpdateOutputSize(1) - 1], 0);
-                fail(test, "Encrypt processByte should validate output buffer length");
-            }
-            catch (OutputLengthException e)
-            {
-                // Expected
-            }
-            cipher.reset();
-
-            // Repeat checking with entire input at once
-            try
-            {
-                cipher.processBytes(plaintext, 0, outputTrigger,
-                        new byte[cipher.getUpdateOutputSize(outputTrigger) - 1], 0);
-                fail(test, "Encrypt processBytes should validate output buffer length");
-            }
-            catch (OutputLengthException e)
-            {
-                // Expected
-            }
-            cipher.reset();
-
-        }
-
-        // Remember the actual ciphertext for later
-        int actualOutputSize = cipher.processBytes(plaintext, 0, plaintext.length, ciphertext, 0);
-        actualOutputSize += cipher.doFinal(ciphertext, actualOutputSize);
-        int macSize = cipher.getMac().length;
-
-        cipher.reset();
-        try
-        {
-            cipher.processBytes(plaintext, 0, plaintext.length, ciphertext, 0);
-            cipher.doFinal(new byte[cipher.getOutputSize(0) - 1], 0);
-            fail(test, "Encrypt doFinal should validate output buffer length");
-        }
-        catch (OutputLengthException e)
-        {
-            // Expected
-        }
-
-        // Decryption tests
-
-        cipher.init(false, params);
-        expectedUpdateOutputSize = cipher.getUpdateOutputSize(actualOutputSize);
-
-        if (expectedUpdateOutputSize > 0)
-        {
-            // Process bytes until output would be produced
-            int outputTrigger = 0;
-            for (int i = 0; i < plaintext.length; i++)
-            {
-                if (cipher.getUpdateOutputSize(1) != 0)
-                {
-                    outputTrigger = i + 1;
-                    break;
-                }
-                cipher.processByte(ciphertext[i], plaintext, 0);
-            }
-            if (outputTrigger == 0)
-            {
-                fail(test, "Failed to find output trigger size");
-            }
-
-            try
-            {
-                cipher.processByte(ciphertext[0], new byte[cipher.getUpdateOutputSize(1) - 1], 0);
-                fail(test, "Decrypt processByte should validate output buffer length");
-            }
-            catch (OutputLengthException e)
-            {
-                // Expected
-            }
-            cipher.reset();
-
-            // Repeat test with processBytes
-            try
-            {
-                cipher.processBytes(ciphertext, 0, outputTrigger,
-                        new byte[cipher.getUpdateOutputSize(outputTrigger) - 1], 0);
-                fail(test, "Decrypt processBytes should validate output buffer length");
-            }
-            catch (OutputLengthException e)
-            {
-                // Expected
-            }
-        }
-
-        cipher.reset();
-        // Data less than mac length should fail before output length check
-        try
-        {
-            // Assumes AE cipher on decrypt can't return any data until macSize bytes are received
-            if (cipher.processBytes(ciphertext, 0, macSize - 1, plaintext, 0) != 0)
-            {
-                fail(test, "AE cipher unexpectedly produced output");
-            }
-            cipher.doFinal(new byte[0], 0);
-            fail(test, "Decrypt doFinal should check ciphertext length");
-        }
-        catch (InvalidCipherTextException e)
-        {
-            // Expected
-        }
-
-        try
-        {
-            // Search through plaintext lengths until one is found that creates >= 1 buffered byte
-            // during decryption of ciphertext for doFinal to handle
-            for (int i = 2; i < plaintext.length; i++)
-            {
-                cipher.init(true, params);
-                int encrypted = cipher.processBytes(plaintext, 0, i, ciphertext, 0);
-                encrypted += cipher.doFinal(ciphertext, encrypted);
-
-                cipher.init(false, params);
-                cipher.processBytes(ciphertext, 0, encrypted - 1, plaintext, 0);
-                if (cipher.processByte(ciphertext[encrypted - 1], plaintext, 0) == 0)
-                {
-                    cipher.doFinal(new byte[cipher.getOutputSize(0) - 1], 0);
-                    fail(test, "Decrypt doFinal should check output length");
-                    cipher.reset();
-
-                    // Truncated Mac should be reported in preference to inability to output
-                    // buffered plaintext byte
-                    try
-                    {
-                        cipher.processBytes(ciphertext, 0, actualOutputSize - 1, plaintext, 0);
-                        cipher.doFinal(new byte[cipher.getOutputSize(0) - 1], 0);
-                        fail(test, "Decrypt doFinal should check ciphertext length");
-                    }
-                    catch (InvalidCipherTextException e)
-                    {
-                        // Expected
-                    }
-                    cipher.reset();
-                }
-            }
-            fail(test, "Decrypt doFinal test couldn't find a ciphertext length that buffered for doFinal");
-        }
-        catch (OutputLengthException e)
-        {
-            // Expected
-        }
-    }
-
-    static AEADParameters reuseKey(AEADParameters p)
-    {
-        return new AEADParameters(null, p.getMacSize(), p.getNonce(), p.getAssociatedText());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/AESFastTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/AESFastTest.java
deleted file mode 100644
index c94b118..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/AESFastTest.java
+++ /dev/null

@@ -1,150 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.engines.AESFastEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Test vectors from the NIST standard tests and Brian Gladman's vector set
- * <a href="http://fp.gladman.plus.com/cryptography_technology/rijndael/">
- * http://fp.gladman.plus.com/cryptography_technology/rijndael/</a>
- */
-public class AESFastTest
-    extends CipherTest
-{
-    static SimpleTest[]  tests = 
-            {
-                new BlockCipherVectorTest(0, new AESFastEngine(),
-                        new KeyParameter(Hex.decode("80000000000000000000000000000000")),
-                        "00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"),
-                new BlockCipherVectorTest(1, new AESFastEngine(),
-                        new KeyParameter(Hex.decode("00000000000000000000000000000080")),
-                        "00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"),
-                new BlockCipherMonteCarloTest(2, 10000, new AESFastEngine(),
-                        new KeyParameter(Hex.decode("00000000000000000000000000000000")),
-                        "00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"),
-                new BlockCipherMonteCarloTest(3, 10000, new AESFastEngine(),
-                        new KeyParameter(Hex.decode("5F060D3716B345C253F6749ABAC10917")),
-                        "355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"),
-                new BlockCipherVectorTest(4, new AESFastEngine(),
-                        new KeyParameter(Hex.decode("000000000000000000000000000000000000000000000000")),
-                        "80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"),
-                new BlockCipherMonteCarloTest(5, 10000, new AESFastEngine(),
-                        new KeyParameter(Hex.decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")),
-                        "F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"),
-                new BlockCipherVectorTest(6, new AESFastEngine(),
-                        new KeyParameter(Hex.decode("0000000000000000000000000000000000000000000000000000000000000000")),
-                        "80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"),
-                new BlockCipherMonteCarloTest(7, 10000, new AESFastEngine(),
-                        new KeyParameter(Hex.decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")),
-                        "C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168"),
-                new BlockCipherVectorTest(8, new AESFastEngine(),
-                        new KeyParameter(Hex.decode("80000000000000000000000000000000")),
-                        "00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"),
-                new BlockCipherVectorTest(9, new AESFastEngine(),
-                        new KeyParameter(Hex.decode("00000000000000000000000000000080")),
-                        "00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"),
-                new BlockCipherMonteCarloTest(10, 10000, new AESFastEngine(),
-                        new KeyParameter(Hex.decode("00000000000000000000000000000000")),
-                        "00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"),
-                new BlockCipherMonteCarloTest(11, 10000, new AESFastEngine(),
-                        new KeyParameter(Hex.decode("5F060D3716B345C253F6749ABAC10917")),
-                        "355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"),
-                new BlockCipherVectorTest(12, new AESFastEngine(),
-                        new KeyParameter(Hex.decode("000000000000000000000000000000000000000000000000")),
-                        "80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"),
-                new BlockCipherMonteCarloTest(13, 10000, new AESFastEngine(),
-                        new KeyParameter(Hex.decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")),
-                        "F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"),
-                new BlockCipherVectorTest(14, new AESFastEngine(),
-                        new KeyParameter(Hex.decode("0000000000000000000000000000000000000000000000000000000000000000")),
-                        "80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"),
-                new BlockCipherMonteCarloTest(15, 10000, new AESFastEngine(),
-                        new KeyParameter(Hex.decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")),
-                        "C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168"),
-                new BlockCipherVectorTest(16, new AESFastEngine(),
-                        new KeyParameter(Hex.decode("80000000000000000000000000000000")),
-                        "00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"),
-                new BlockCipherVectorTest(17, new AESFastEngine(),
-                        new KeyParameter(Hex.decode("00000000000000000000000000000080")),
-                        "00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"),
-                new BlockCipherMonteCarloTest(18, 10000, new AESFastEngine(),
-                        new KeyParameter(Hex.decode("00000000000000000000000000000000")),
-                        "00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"),
-                new BlockCipherMonteCarloTest(19, 10000, new AESFastEngine(),
-                        new KeyParameter(Hex.decode("5F060D3716B345C253F6749ABAC10917")),
-                        "355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"),
-                new BlockCipherVectorTest(20, new AESFastEngine(),
-                        new KeyParameter(Hex.decode("000000000000000000000000000000000000000000000000")),
-                        "80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"),
-                new BlockCipherMonteCarloTest(21, 10000, new AESFastEngine(),
-                        new KeyParameter(Hex.decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")),
-                        "F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"),
-                new BlockCipherVectorTest(22, new AESFastEngine(),
-                        new KeyParameter(Hex.decode("0000000000000000000000000000000000000000000000000000000000000000")),
-                        "80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"),
-                new BlockCipherMonteCarloTest(23, 10000, new AESFastEngine(),
-                        new KeyParameter(Hex.decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")),
-                        "C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168")
-            };
-    
-    private BlockCipher _engine = new AESFastEngine();
-
-    AESFastTest()
-    {
-        super(tests, new AESFastEngine(), new KeyParameter(new byte[16]));
-    }
-
-    public String getName()
-    {
-        return "AESFast";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        super.performTest();
-
-        byte[] keyBytes = new byte[16];
-        
-        _engine.init(true, new KeyParameter(keyBytes));
-        
-        //
-        // init tests
-        //
-        try
-        {
-            byte[]      dudKey = new byte[6];
-            
-            _engine.init(true, new KeyParameter(dudKey));
-            
-            fail("failed key length check");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected 
-        }
-        
-        try
-        {
-            byte[]      iv = new byte[16];
-
-            _engine.init(true, new ParametersWithIV(null, iv));
-            
-            fail("failed parameter check");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected 
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new AESFastTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/AESLightTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/AESLightTest.java
deleted file mode 100644
index 5e989f4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/AESLightTest.java
+++ /dev/null

@@ -1,150 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.engines.AESLightEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Test vectors from the NIST standard tests and Brian Gladman's vector set
- * <a href="http://fp.gladman.plus.com/cryptography_technology/rijndael/">
- * http://fp.gladman.plus.com/cryptography_technology/rijndael/</a>
- */
-public class AESLightTest
-    extends CipherTest
-{
-    static SimpleTest[]  tests = 
-            {
-                new BlockCipherVectorTest(0, new AESLightEngine(),
-                        new KeyParameter(Hex.decode("80000000000000000000000000000000")),
-                        "00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"),
-                new BlockCipherVectorTest(1, new AESLightEngine(),
-                        new KeyParameter(Hex.decode("00000000000000000000000000000080")),
-                        "00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"),
-                new BlockCipherMonteCarloTest(2, 10000, new AESLightEngine(),
-                        new KeyParameter(Hex.decode("00000000000000000000000000000000")),
-                        "00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"),
-                new BlockCipherMonteCarloTest(3, 10000, new AESLightEngine(),
-                        new KeyParameter(Hex.decode("5F060D3716B345C253F6749ABAC10917")),
-                        "355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"),
-                new BlockCipherVectorTest(4, new AESLightEngine(),
-                        new KeyParameter(Hex.decode("000000000000000000000000000000000000000000000000")),
-                        "80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"),
-                new BlockCipherMonteCarloTest(5, 10000, new AESLightEngine(),
-                        new KeyParameter(Hex.decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")),
-                        "F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"),
-                new BlockCipherVectorTest(6, new AESLightEngine(),
-                        new KeyParameter(Hex.decode("0000000000000000000000000000000000000000000000000000000000000000")),
-                        "80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"),
-                new BlockCipherMonteCarloTest(7, 10000, new AESLightEngine(),
-                        new KeyParameter(Hex.decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")),
-                        "C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168"),
-                new BlockCipherVectorTest(8, new AESLightEngine(),
-                        new KeyParameter(Hex.decode("80000000000000000000000000000000")),
-                        "00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"),
-                new BlockCipherVectorTest(9, new AESLightEngine(),
-                        new KeyParameter(Hex.decode("00000000000000000000000000000080")),
-                        "00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"),
-                new BlockCipherMonteCarloTest(10, 10000, new AESLightEngine(),
-                        new KeyParameter(Hex.decode("00000000000000000000000000000000")),
-                        "00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"),
-                new BlockCipherMonteCarloTest(11, 10000, new AESLightEngine(),
-                        new KeyParameter(Hex.decode("5F060D3716B345C253F6749ABAC10917")),
-                        "355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"),
-                new BlockCipherVectorTest(12, new AESLightEngine(),
-                        new KeyParameter(Hex.decode("000000000000000000000000000000000000000000000000")),
-                        "80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"),
-                new BlockCipherMonteCarloTest(13, 10000, new AESLightEngine(),
-                        new KeyParameter(Hex.decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")),
-                        "F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"),
-                new BlockCipherVectorTest(14, new AESLightEngine(),
-                        new KeyParameter(Hex.decode("0000000000000000000000000000000000000000000000000000000000000000")),
-                        "80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"),
-                new BlockCipherMonteCarloTest(15, 10000, new AESLightEngine(),
-                        new KeyParameter(Hex.decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")),
-                        "C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168"),
-                new BlockCipherVectorTest(16, new AESLightEngine(),
-                        new KeyParameter(Hex.decode("80000000000000000000000000000000")),
-                        "00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"),
-                new BlockCipherVectorTest(17, new AESLightEngine(),
-                        new KeyParameter(Hex.decode("00000000000000000000000000000080")),
-                        "00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"),
-                new BlockCipherMonteCarloTest(18, 10000, new AESLightEngine(),
-                        new KeyParameter(Hex.decode("00000000000000000000000000000000")),
-                        "00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"),
-                new BlockCipherMonteCarloTest(19, 10000, new AESLightEngine(),
-                        new KeyParameter(Hex.decode("5F060D3716B345C253F6749ABAC10917")),
-                        "355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"),
-                new BlockCipherVectorTest(20, new AESLightEngine(),
-                        new KeyParameter(Hex.decode("000000000000000000000000000000000000000000000000")),
-                        "80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"),
-                new BlockCipherMonteCarloTest(21, 10000, new AESLightEngine(),
-                        new KeyParameter(Hex.decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")),
-                        "F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"),
-                new BlockCipherVectorTest(22, new AESLightEngine(),
-                        new KeyParameter(Hex.decode("0000000000000000000000000000000000000000000000000000000000000000")),
-                        "80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"),
-                new BlockCipherMonteCarloTest(23, 10000, new AESLightEngine(),
-                        new KeyParameter(Hex.decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")),
-                        "C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168")
-            };
-    
-    private BlockCipher _engine = new AESLightEngine();
-
-    AESLightTest()
-    {
-        super(tests, new AESLightEngine(), new KeyParameter(new byte[16]));
-    }
-
-    public String getName()
-    {
-        return "AESLight";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        super.performTest();
-
-        byte[] keyBytes = new byte[16];
-        
-        _engine.init(true, new KeyParameter(keyBytes));
-        
-        //
-        // init tests
-        //
-        try
-        {
-            byte[]      dudKey = new byte[6];
-            
-            _engine.init(true, new KeyParameter(dudKey));
-            
-            fail("failed key length check");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected 
-        }
-        
-        try
-        {
-            byte[]      iv = new byte[16];
-
-            _engine.init(true, new ParametersWithIV(null, iv));
-            
-            fail("failed parameter check");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected 
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new AESLightTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/AESTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/AESTest.java
deleted file mode 100644
index 1b45445..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/AESTest.java
+++ /dev/null

@@ -1,478 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.engines.AESEngine;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.modes.CFBBlockCipher;
-import org.bouncycastle.crypto.modes.OFBBlockCipher;
-import org.bouncycastle.crypto.modes.SICBlockCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Test vectors from the NIST standard tests and Brian Gladman's vector set
- * <a href="http://fp.gladman.plus.com/cryptography_technology/rijndael/">
- * http://fp.gladman.plus.com/cryptography_technology/rijndael/</a>
- */
-public class AESTest
-    extends CipherTest
-{
-    private static final byte[] tData   = Hex.decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114F3F6752AE8D7831138F041560631B1145A01020304050607");
-    private static final byte[] outCBC1 = Hex.decode("a444a9a4d46eb30cb7ed34d62873a89f8fdf2bf8a54e1aeadd06fd85c9cb46f021ee7cd4f418fa0bb72e9d07c70d5d20");
-    private static final byte[] outCBC2 = Hex.decode("585681354f0e01a86b32f94ebb6a675045d923cf201263c2aaecca2b4de82da0edd74ca5efd654c688f8a58e61955b11");
-    private static final byte[] outSIC1 = Hex.decode("82a1744e8ebbd053ca72362d5e570326e0b6fdaf824ab673fbf029042886b23c75129a015852913790f81f94447475a0");
-    private static final byte[] outSIC2 = Hex.decode("146cbb581d9e12c3333dd9c736fbb93043c92019f78580da48f81f80b3f551d58ea836fed480fc6912fefa9c5c89cc24");
-    private static final byte[] outCFB1 = Hex.decode("82a1744e8ebbd053ca72362d5e5703264b4182de3208c374b8ac4fa36af9c5e5f4f87d1e3b67963d06acf5eb13914c90");
-    private static final byte[] outCFB2 = Hex.decode("146cbb581d9e12c3333dd9c736fbb9303c8a3eb5185e2809e9d3c28e25cc2d2b6f5c11ee28d6530f72c412b1438a816a");
-    private static final byte[] outOFB1 = Hex.decode("82a1744e8ebbd053ca72362d5e5703261ebf1fdbec05e57b3465b583132f84b43bf95b2c89040ad1677b22d42db69a7a");
-    private static final byte[] outOFB2 = Hex.decode("146cbb581d9e12c3333dd9c736fbb9309ea4c2a7696c84959a2dada49f2f1c5905db1f0cec3a31acbc4701e74ab05e1f");
-
-    static SimpleTest[]  tests = 
-            {
-                new BlockCipherVectorTest(0, new AESEngine(),
-                        new KeyParameter(Hex.decode("80000000000000000000000000000000")),
-                        "00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"),
-                new BlockCipherVectorTest(1, new AESEngine(),
-                        new KeyParameter(Hex.decode("00000000000000000000000000000080")),
-                        "00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"),
-                new BlockCipherMonteCarloTest(2, 10000, new AESEngine(),
-                        new KeyParameter(Hex.decode("00000000000000000000000000000000")),
-                        "00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"),
-                new BlockCipherMonteCarloTest(3, 10000, new AESEngine(),
-                        new KeyParameter(Hex.decode("5F060D3716B345C253F6749ABAC10917")),
-                        "355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"),
-                new BlockCipherVectorTest(4, new AESEngine(),
-                        new KeyParameter(Hex.decode("000000000000000000000000000000000000000000000000")),
-                        "80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"),
-                new BlockCipherMonteCarloTest(5, 10000, new AESEngine(),
-                        new KeyParameter(Hex.decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")),
-                        "F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"),
-                new BlockCipherVectorTest(6, new AESEngine(),
-                        new KeyParameter(Hex.decode("0000000000000000000000000000000000000000000000000000000000000000")),
-                        "80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"),
-                new BlockCipherMonteCarloTest(7, 10000, new AESEngine(),
-                        new KeyParameter(Hex.decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")),
-                        "C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168"),
-                new BlockCipherVectorTest(8, new AESEngine(),
-                        new KeyParameter(Hex.decode("80000000000000000000000000000000")),
-                        "00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"),
-                new BlockCipherVectorTest(9, new AESEngine(),
-                        new KeyParameter(Hex.decode("00000000000000000000000000000080")),
-                        "00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"),
-                new BlockCipherMonteCarloTest(10, 10000, new AESEngine(),
-                        new KeyParameter(Hex.decode("00000000000000000000000000000000")),
-                        "00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"),
-                new BlockCipherMonteCarloTest(11, 10000, new AESEngine(),
-                        new KeyParameter(Hex.decode("5F060D3716B345C253F6749ABAC10917")),
-                        "355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"),
-                new BlockCipherVectorTest(12, new AESEngine(),
-                        new KeyParameter(Hex.decode("000000000000000000000000000000000000000000000000")),
-                        "80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"),
-                new BlockCipherMonteCarloTest(13, 10000, new AESEngine(),
-                        new KeyParameter(Hex.decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")),
-                        "F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"),
-                new BlockCipherVectorTest(14, new AESEngine(),
-                        new KeyParameter(Hex.decode("0000000000000000000000000000000000000000000000000000000000000000")),
-                        "80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"),
-                new BlockCipherMonteCarloTest(15, 10000, new AESEngine(),
-                        new KeyParameter(Hex.decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")),
-                        "C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168"),
-                new BlockCipherVectorTest(16, new AESEngine(),
-                        new KeyParameter(Hex.decode("80000000000000000000000000000000")),
-                        "00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"),
-                new BlockCipherVectorTest(17, new AESEngine(),
-                        new KeyParameter(Hex.decode("00000000000000000000000000000080")),
-                        "00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"),
-                new BlockCipherMonteCarloTest(18, 10000, new AESEngine(),
-                        new KeyParameter(Hex.decode("00000000000000000000000000000000")),
-                        "00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"),
-                new BlockCipherMonteCarloTest(19, 10000, new AESEngine(),
-                        new KeyParameter(Hex.decode("5F060D3716B345C253F6749ABAC10917")),
-                        "355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"),
-                new BlockCipherVectorTest(20, new AESEngine(),
-                        new KeyParameter(Hex.decode("000000000000000000000000000000000000000000000000")),
-                        "80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"),
-                new BlockCipherMonteCarloTest(21, 10000, new AESEngine(),
-                        new KeyParameter(Hex.decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")),
-                        "F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"),
-                new BlockCipherVectorTest(22, new AESEngine(),
-                        new KeyParameter(Hex.decode("0000000000000000000000000000000000000000000000000000000000000000")),
-                        "80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"),
-                new BlockCipherMonteCarloTest(23, 10000, new AESEngine(),
-                        new KeyParameter(Hex.decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")),
-                        "C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168")
-            };
-    
-    private BlockCipher _engine = new AESEngine();
-
-    public AESTest()
-    {
-        super(tests, new AESEngine(), new KeyParameter(new byte[16]));
-    }
-
-    public String getName()
-    {
-        return "AES";
-    }
-
-    private void testNullSIC()
-        throws InvalidCipherTextException
-    {
-        BufferedBlockCipher b = new BufferedBlockCipher(new SICBlockCipher(new AESEngine()));
-        KeyParameter kp = new KeyParameter(Hex.decode("5F060D3716B345C253F6749ABAC10917"));
-
-        b.init(true, new ParametersWithIV(kp, new byte[16]));
-
-        byte[] out = new byte[b.getOutputSize(tData.length)];
-
-        int len = b.processBytes(tData, 0, tData.length, out, 0);
-
-        len += b.doFinal(out, len);
-
-        if (!areEqual(outSIC1, out))
-        {
-            fail("no match on first nullSIC check");
-        }
-
-        b.init(true, new ParametersWithIV(null, Hex.decode("000102030405060708090a0b0c0d0e0f")));
-
-        len = b.processBytes(tData, 0, tData.length, out, 0);
-
-        len += b.doFinal(out, len);
-
-        if (!areEqual(outSIC2, out))
-        {
-            fail("no match on second nullSIC check");
-        }
-    }
-
-    private void testNullCBC()
-        throws InvalidCipherTextException
-    {
-        BufferedBlockCipher b = new BufferedBlockCipher(new CBCBlockCipher(new AESEngine()));
-        KeyParameter kp = new KeyParameter(Hex.decode("5F060D3716B345C253F6749ABAC10917"));
-
-        b.init(true, new ParametersWithIV(kp, new byte[16]));
-
-        byte[] out = new byte[b.getOutputSize(tData.length)];
-
-        int len = b.processBytes(tData, 0, tData.length, out, 0);
-
-        len += b.doFinal(out, len);
-
-        if (!areEqual(outCBC1, out))
-        {
-            fail("no match on first nullCBC check");
-        }
-
-        b.init(true, new ParametersWithIV(null, Hex.decode("000102030405060708090a0b0c0d0e0f")));
-
-        len = b.processBytes(tData, 0, tData.length, out, 0);
-
-        len += b.doFinal(out, len);
-
-        if (!areEqual(outCBC2, out))
-        {
-            fail("no match on second nullCBC check");
-        }
-    }
-
-    private void testNullOFB()
-        throws InvalidCipherTextException
-    {
-        BufferedBlockCipher b = new BufferedBlockCipher(new OFBBlockCipher(new AESEngine(), 128));
-        KeyParameter kp = new KeyParameter(Hex.decode("5F060D3716B345C253F6749ABAC10917"));
-
-        b.init(true, new ParametersWithIV(kp, new byte[16]));
-
-        byte[] out = new byte[b.getOutputSize(tData.length)];
-
-        int len = b.processBytes(tData, 0, tData.length, out, 0);
-
-        len += b.doFinal(out, len);
-
-        if (!areEqual(outOFB1, out))
-        {
-            fail("no match on first nullOFB check");
-        }
-
-        b.init(true, new ParametersWithIV(null, Hex.decode("000102030405060708090a0b0c0d0e0f")));
-
-        len = b.processBytes(tData, 0, tData.length, out, 0);
-
-        len += b.doFinal(out, len);
-
-        if (!areEqual(outOFB2, out))
-        {
-            fail("no match on second nullOFB check");
-        }
-    }
-
-    private void testNullCFB()
-        throws InvalidCipherTextException
-    {
-        BufferedBlockCipher b = new BufferedBlockCipher(new CFBBlockCipher(new AESEngine(), 128));
-        KeyParameter kp = new KeyParameter(Hex.decode("5F060D3716B345C253F6749ABAC10917"));
-
-        b.init(true, new ParametersWithIV(kp, new byte[16]));
-
-        byte[] out = new byte[b.getOutputSize(tData.length)];
-
-        int len = b.processBytes(tData, 0, tData.length, out, 0);
-
-        len += b.doFinal(out, len);
-
-        if (!areEqual(outCFB1, out))
-        {
-            fail("no match on first nullCFB check");
-        }
-
-        b.init(true, new ParametersWithIV(null, Hex.decode("000102030405060708090a0b0c0d0e0f")));
-
-        len = b.processBytes(tData, 0, tData.length, out, 0);
-
-        len += b.doFinal(out, len);
-
-        if (!areEqual(outCFB2, out))
-        {
-            fail("no match on second nullCFB check");
-        }
-    }
-
-    private boolean areEqual(byte[] a, int aOff, byte[] b, int bOff)
-    {
-        for (int i = bOff; i != b.length; i++)
-        {
-            if (a[aOff + i - bOff] != b[i])
-            {
-                return false;
-            }
-        }
-
-        return true;
-    }
-
-    private void skipTest()
-    {
-        CipherParameters params = new ParametersWithIV(new KeyParameter(Hex.decode("5F060D3716B345C253F6749ABAC10917")), Hex.decode("00000000000000000000000000000000"));
-        SICBlockCipher engine = new SICBlockCipher(new AESEngine());
-
-        engine.init(true, params);
-
-        SecureRandom rand = new SecureRandom();
-        byte[]       plain = new byte[50000];
-        byte[]       cipher = new byte[50000];
-
-        rand.nextBytes(plain);
-        engine.processBytes(plain, 0, plain.length, cipher, 0);
-
-        byte[]      fragment = new byte[20];
-
-        engine.init(true, params);
-
-        engine.skip(10);
-
-        if (engine.getPosition() != 10)
-        {
-            fail("skip position incorrect - 10 got " + engine.getPosition());
-        }
-
-        engine.processBytes(plain, 10, fragment.length, fragment, 0);
-
-        if (!areEqual(cipher, 10, fragment, 0))
-        {
-            fail("skip forward 10 failed");
-        }
-
-        engine.skip(1000);
-
-        if (engine.getPosition() != 1010 + fragment.length)
-        {
-            fail("skip position incorrect - " + (1010 + fragment.length) + " got " + engine.getPosition());
-        }
-
-        engine.processBytes(plain, 1010 + fragment.length, fragment.length, fragment, 0);
-
-        if (!areEqual(cipher, 1010 + fragment.length, fragment, 0))
-        {
-            fail("skip forward 1000 failed");
-        }
-
-        engine.skip(-10);
-
-        if (engine.getPosition() != 1010 + 2 * fragment.length - 10)
-        {
-            fail("skip position incorrect - " + (1010 + 2 * fragment.length - 10) + " got " + engine.getPosition());
-        }
-
-        engine.processBytes(plain, 1010 + 2 * fragment.length - 10, fragment.length, fragment, 0);
-
-        if (!areEqual(cipher, 1010 + 2 * fragment.length - 10, fragment, 0))
-        {
-            fail("skip back 10 failed");
-        }
-
-        engine.skip(-1000);
-
-        if (engine.getPosition() != 60)
-        {
-            fail("skip position incorrect - " + 60 + " got " + engine.getPosition());
-        }
-
-        engine.processBytes(plain, 60, fragment.length, fragment, 0);
-
-        if (!areEqual(cipher, 60, fragment, 0))
-        {
-            fail("skip back 1000 failed");
-        }
-
-        long pos = engine.seekTo(1010);
-
-        if (pos != 1010)
-        {
-            fail("position incorrect - " + 1010 + " got " + pos);
-        }
-
-        engine.processBytes(plain, 1010, fragment.length, fragment, 0);
-
-        if (!areEqual(cipher, 1010, fragment, 0))
-        {
-            fail("seek to 1010 failed");
-        }
-
-        engine.reset();
-
-        for (int i = 0; i != 5000; i++)
-        {
-            engine.skip(i);
-
-            if (engine.getPosition() != i)
-            {
-                fail("skip forward at wrong position");
-            }
-
-            engine.processBytes(plain, i, fragment.length, fragment, 0);
-
-            if (!areEqual(cipher, i, fragment, 0))
-            {
-                fail("skip forward i failed: " + i);
-            }
-
-            if (engine.getPosition() != i + fragment.length)
-            {
-                fail("cipher at wrong position: " + engine.getPosition() + " [" + i + "]");
-            }
-
-            engine.skip(-fragment.length);
-
-            if (engine.getPosition() != i)
-            {
-                fail("skip back at wrong position");
-            }
-
-            engine.processBytes(plain, i, fragment.length, fragment, 0);
-
-            if (!areEqual(cipher, i, fragment, 0))
-            {
-                fail("skip back i failed: " + i);
-            }
-
-            engine.reset();
-        }
-    }
-
-    private void ctrCounterTest()
-    {
-        CipherParameters params = new ParametersWithIV(new KeyParameter(Hex.decode("5F060D3716B345C253F6749ABAC10917")), Hex.decode("000000000000000000000000000000"));
-        SICBlockCipher engine = new SICBlockCipher(new AESEngine());
-
-        engine.init(true, params);
-
-        SecureRandom rand = new SecureRandom();
-        byte[]       cipher = new byte[256 * 16];
-        byte[]       plain = new byte[255 * 16];
-
-        rand.nextBytes(plain);
-        engine.processBytes(plain, 0, plain.length, cipher, 0);
-
-        engine.init(true, params);
-
-        byte[]      fragment = new byte[20];
-
-        plain = new byte[256 * 16];
-        engine.init(true, params);
-
-        try
-        {
-            engine.processBytes(plain, 0, plain.length, cipher, 0);
-            fail("out of range data not caught");
-        }
-        catch (IllegalStateException e)
-        {
-            if (!"Counter in CTR/SIC mode out of range.".equals(e.getMessage()))
-            {
-                fail("wrong exception");
-            }
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        super.performTest();
-
-        byte[] keyBytes = new byte[16];
-        
-        _engine.init(true, new KeyParameter(keyBytes));
-        
-        //
-        // init tests
-        //
-        try
-        {
-            byte[]      dudKey = new byte[6];
-            
-            _engine.init(true, new KeyParameter(dudKey));
-            
-            fail("failed key length check");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected 
-        }
-        
-        try
-        {
-            byte[]      iv = new byte[16];
-
-            _engine.init(true, new ParametersWithIV(null, iv));
-            
-            fail("failed parameter check");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected 
-        }
-
-        testNullCBC();
-        testNullSIC();
-        testNullOFB();
-        testNullCFB();
-
-        skipTest();
-        ctrCounterTest();
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new AESTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/AESVectorFileTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/AESVectorFileTest.java
deleted file mode 100644
index cfd4843..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/AESVectorFileTest.java
+++ /dev/null

@@ -1,258 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.io.BufferedReader;
-import java.io.File;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.util.ArrayList;
-import java.util.Enumeration;
-import java.util.List;
-import java.util.zip.ZipEntry;
-import java.util.zip.ZipFile;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.engines.AESEngine;
-import org.bouncycastle.crypto.engines.AESFastEngine;
-import org.bouncycastle.crypto.engines.AESLightEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-/**
- * Test vectors from the NIST standard tests and Brian Gladman's vector set
- * <a href="http://fp.gladman.plus.com/cryptography_technology/rijndael/">
- * http://fp.gladman.plus.com/cryptography_technology/rijndael/</a>
- */
-public class AESVectorFileTest
-    implements Test
-{
-
-    private int countOfTests = 0;
-    private int testNum = 0;
-
-    protected BlockCipher createNewEngineForTest()
-    {
-        return new AESEngine();
-    }
-
-    private Test[] readTestVectors(InputStream inStream)
-    {
-        // initialize key, plaintext, ciphertext = null
-        // read until find BLOCKSIZE=
-        // return if not 128
-        // read KEYSIZE= or ignore
-        // loop
-        // read a line
-        // if starts with BLOCKSIZE=
-        // parse the rest. return if not 128
-        // if starts with KEY=
-        // parse the rest and set KEY
-        // if starts with PT=
-        // parse the rest and set plaintext
-        // if starts with CT=
-        // parse the rest and set ciphertext
-        // if starts with TEST= or end of file
-        // if key, plaintext, ciphertext are all not null
-        // save away their values as the next test
-        // until end of file
-        List   tests = new ArrayList();
-        String key = null;
-        String plaintext = null;
-        String ciphertext = null;
-
-        BufferedReader in = new BufferedReader(new InputStreamReader(inStream));
-
-        try
-        {
-            String line = in.readLine();
-
-            while (line != null)
-            {
-                line = line.trim().toLowerCase();
-                if (line.startsWith("blocksize="))
-                {
-                    int i = 0;
-                    try
-                    {
-                        i = Integer.parseInt(line.substring(10).trim());
-                    }
-                    catch (Exception e)
-                    {
-                    }
-                    if (i != 128)
-                    {
-                        return null;
-                    }
-                }
-                else if (line.startsWith("keysize="))
-                {
-                    int i = 0;
-                    try
-                    {
-                        i = Integer.parseInt(line.substring(10).trim());
-                    }
-                    catch (Exception e)
-                    {
-                    }
-                    if ((i != 128) && (i != 192) && (i != 256))
-                    {
-                        return null;
-                    }
-                }
-                else if (line.startsWith("key="))
-                {
-                    key = line.substring(4).trim();
-                }
-                else if (line.startsWith("pt="))
-                {
-                    plaintext = line.substring(3).trim();
-                }
-                else if (line.startsWith("ct="))
-                {
-                    ciphertext = line.substring(3).trim();
-                }
-                else if (line.startsWith("test="))
-                {
-                    if ((key != null) && (plaintext != null)
-                            && (ciphertext != null))
-                    {
-                        tests.add(new BlockCipherVectorTest(testNum++,
-                                createNewEngineForTest(), new KeyParameter(Hex
-                                        .decode(key)), plaintext, ciphertext));
-                    }
-                }
-
-                line = in.readLine();
-            }
-            try
-            {
-                in.close();
-            }
-            catch (IOException e)
-            {
-            }
-        }
-        catch (IOException e)
-        {
-        }
-        if ((key != null) && (plaintext != null) && (ciphertext != null))
-        {
-            tests.add(new BlockCipherVectorTest(testNum++,
-                    createNewEngineForTest(),
-                    new KeyParameter(Hex.decode(key)), plaintext, ciphertext));
-        }
-        return (Test[])(tests.toArray(new Test[tests.size()]));
-    }
-
-    public String getName()
-    {
-        return "AES";
-    }
-
-    private TestResult performTestsFromZipFile(File zfile)
-    {
-        try
-        {
-            ZipFile inZip = new ZipFile(zfile);
-            for (Enumeration files = inZip.entries(); files.hasMoreElements();)
-            {
-                Test[] tests = null;
-                try
-                {
-                    tests = readTestVectors(inZip
-                            .getInputStream((ZipEntry)(files.nextElement())));
-                }
-                catch (Exception e)
-                {
-                    return new SimpleTestResult(false, getName() + ": threw "
-                            + e);
-                }
-                if (tests != null)
-                {
-                    for (int i = 0; i != tests.length; i++)
-                    {
-                        TestResult res = tests[i].perform();
-                        countOfTests++;
-
-                        if (!res.isSuccessful())
-                        {
-                            return res;
-                        }
-                    }
-                }
-            }
-            inZip.close();
-            return new SimpleTestResult(true, getName() + ": Okay");
-        }
-        catch (Exception e)
-        {
-            return new SimpleTestResult(false, getName() + ": threw " + e);
-        }
-    }
-
-    private static final String[] zipFileNames = { "rijn.tv.ecbnk.zip",
-            "rijn.tv.ecbnt.zip", "rijn.tv.ecbvk.zip", "rijn.tv.ecbvt.zip" };
-
-    public TestResult perform()
-    {
-        countOfTests = 0;
-        for (int i = 0; i < zipFileNames.length; i++)
-        {
-            File inf = new File(zipFileNames[i]);
-            TestResult res = performTestsFromZipFile(inf);
-            if (!res.isSuccessful())
-            {
-                return res;
-            }
-        }
-        return new SimpleTestResult(true, getName() + ": " + countOfTests
-                + " performed Okay");
-    }
-
-    public static void main(String[] args)
-    {
-        AESVectorFileTest test = new AESVectorFileTest();
-        TestResult result = test.perform();
-        System.out.println(result);
-
-        test = new AESLightVectorFileTest();
-        result = test.perform();
-        System.out.println(result);
-
-        test = new AESFastVectorFileTest();
-        result = test.perform();
-        System.out.println(result);
-
-    }
-
-    private static class AESLightVectorFileTest extends AESVectorFileTest
-    {
-        protected BlockCipher createNewEngineForTest()
-        {
-            return new AESLightEngine();
-        }
-
-        public String getName()
-        {
-            return "AESLight";
-        }
-
-    }
-
-    private static class AESFastVectorFileTest extends AESVectorFileTest
-    {
-        protected BlockCipher createNewEngineForTest()
-        {
-            return new AESFastEngine();
-        }
-
-        public String getName()
-        {
-            return "AESFast";
-        }
-
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/AESWrapPadTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/AESWrapPadTest.java
deleted file mode 100644
index 93342cb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/AESWrapPadTest.java
+++ /dev/null

@@ -1,173 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.Wrapper;
-import org.bouncycastle.crypto.engines.AESWrapPadEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * This is a test harness I use because I cannot modify the BC test harness without
- * invalidating the signature on their signed provider library. The code here is not
- * high quality but it does test the RFC vectors as well as randomly generated values.
- * The RFC test vectors are tested by making sure both the ciphertext and decrypted
- * values match the expected values whereas the random values are just checked to make
- * sure that:
- * <p>unwrap(wrap(random_value, random_kek), random_kek) == random_value.</p>
- */
-
-public class AESWrapPadTest
-    extends SimpleTest
-{
-
-    private final int numOfRandomIterations = 100;
-
-    public AESWrapPadTest()
-    {
-
-    }
-
-    private void wrapAndUnwrap(byte[] kek, byte[] key, byte[] expected)
-        throws Exception
-    {
-        Wrapper wrapper = new AESWrapPadEngine();
-
-        wrapper.init(true, new KeyParameter(kek));
-
-        byte[] cipherText = wrapper.wrap(key, 0, key.length);
-        if (!areEqual(cipherText, expected))
-        {
-            fail("Wrapped value does not match expected.");
-        }
-        wrapper.init(false, new KeyParameter(kek));
-        byte[] plainText = wrapper.unwrap(cipherText, 0, cipherText.length);
-
-        if (!areEqual(key, plainText))
-        {
-            fail("Unwrapped value does not match original.");
-        }
-    }
-
-    private void wrapAndUnwrap(byte[] kek, byte[] key)
-        throws Exception
-    {
-        Wrapper wrapper = new AESWrapPadEngine();
-
-        wrapper.init(true, new KeyParameter(kek));
-
-        byte[] cipherText = wrapper.wrap(key, 0, key.length);
-
-        wrapper.init(false, new KeyParameter(kek));
-        byte[] plainText = wrapper.unwrap(cipherText, 0, cipherText.length);
-
-        if (!areEqual(key, plainText))
-        {
-            fail("Unwrapped value does not match original.");
-        }
-    }
-
-    private void wrapWithIVTest()
-        throws Exception
-    {
-        byte[] kek = Hex.decode("5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8");
-        byte[] key = Hex.decode("c37b7e6492584340bed12207808941155068f738");
-        byte[] expected = Hex.decode("5cbdb3fb71351d0e628b85dbcba1a1890d4db26d1335e11d1aabea11124caad0");
-
-        Wrapper wrapper = new AESWrapPadEngine();
-
-        wrapper.init(true, new ParametersWithIV(new KeyParameter(kek), Hex.decode("33333333")));
-
-        byte[] cipherText = wrapper.wrap(key, 0, key.length);
-        if (!areEqual(cipherText, expected))
-        {
-            fail("Wrapped value does not match expected.");
-        }
-        wrapper.init(false, new ParametersWithIV(new KeyParameter(kek), Hex.decode("33333333")));
-        byte[] plainText = wrapper.unwrap(cipherText, 0, cipherText.length);
-
-        if (!areEqual(key, plainText))
-        {
-            fail("Unwrapped value does not match original.");
-        }
-    }
-
-    public String getName()
-    {
-        return "AESWrapPad";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        // test RFC 5649 test vectors
-        byte[] kek = Hex.decode("5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8");
-        byte[] key = Hex.decode("c37b7e6492584340bed12207808941155068f738");
-        byte[] wrap = Hex.decode("138bdeaa9b8fa7fc61f97742e72248ee5ae6ae5360d1ae6a5f54f373fa543b6a");
-
-        wrapAndUnwrap(kek, key, wrap);
-
-        wrap = Hex.decode("afbeb0f07dfbf5419200f2ccb50bb24f");
-        key = Hex.decode("466f7250617369");
-        wrapAndUnwrap(kek, key, wrap);
-
-        wrapWithIVTest();
-
-        //
-        // offset test
-        //
-        Wrapper wrapper = new AESWrapPadEngine();
-
-        byte[] pText = new byte[5 + key.length];
-        byte[]  cText;
-
-        System.arraycopy(key, 0, pText, 5, key.length);
-
-        wrapper.init(true, new KeyParameter(kek));
-
-        cText = wrapper.wrap(pText, 5, key.length);
-        if (!Arrays.areEqual(cText, wrap))
-        {
-            fail("failed offset wrap test expected " + new String(Hex.encode(wrap)) + " got " + new String(Hex.encode(cText)));
-        }
-
-        wrapper.init(false, new KeyParameter(kek));
-
-        cText = new byte[6 + wrap.length];
-        System.arraycopy(wrap, 0, cText, 6, wrap.length);
-
-        pText = wrapper.unwrap(cText, 6, wrap.length);
-        if (!Arrays.areEqual(pText, key))
-        {
-            fail("failed offset unwrap test expected " + new String(Hex.encode(key)) + " got " + new String(Hex.encode(pText)));
-        }
-
-        // test random values
-        SecureRandom rnd = new SecureRandom();
-        for (int i = 0; i < numOfRandomIterations; i++)
-        {
-            int kekLength = 128;
-            boolean shouldIncrease = (rnd.nextInt() & 0x01) != 0;
-            if (shouldIncrease)
-            {
-                kekLength = 256;
-            }
-            kek = new byte[kekLength / 8];
-            rnd.nextBytes(kek);
-            int keyToWrapSize = RNGUtils.nextInt(rnd, 256 / 8 - 8) + 8;
-            byte[] keyToWrap = new byte[keyToWrapSize];
-            rnd.nextBytes(keyToWrap);
-            wrapAndUnwrap(kek, keyToWrap);
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new AESWrapPadTest());
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/AESWrapTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/AESWrapTest.java
deleted file mode 100644
index 7bd1e4b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/AESWrapTest.java
+++ /dev/null

@@ -1,260 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.Wrapper;
-import org.bouncycastle.crypto.engines.AESWrapEngine;
-import org.bouncycastle.crypto.engines.AESWrapPadEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestFailedException;
-import org.bouncycastle.util.test.TestResult;
-
-/**
- * Wrap Test
- */
-public class AESWrapTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "AESWrap";
-    }
-
-    private void wrapTest(
-        int     id,
-        byte[]  kek,
-        byte[]  in,
-        byte[]  out)
-    {
-        wrapTest(id, kek, in, out, false);
-    }
-
-    private void wrapTest(
-        int     id,
-        byte[]  kek,
-        byte[]  in,
-        byte[]  out,
-        boolean useReverseDirection)
-    {
-        Wrapper wrapper = new AESWrapEngine(useReverseDirection);
-
-        wrapper.init(true, new KeyParameter(kek));
-
-        try
-        {
-            byte[]  cText = wrapper.wrap(in, 0, in.length);
-            if (!Arrays.areEqual(cText, out))
-            {
-                fail("failed wrap test " + id  + " expected " + new String(Hex.encode(out)) + " got " + new String(Hex.encode(cText)));
-            }
-        }
-        catch (TestFailedException e)
-        {
-            throw e;
-        }
-        catch (Exception e)
-        {
-            fail("failed wrap test exception " + e.toString());
-        }
-
-        wrapper.init(false, new KeyParameter(kek));
-
-        try
-        {
-            byte[]  pText = wrapper.unwrap(out, 0, out.length);
-            if (!Arrays.areEqual(pText, in))
-            {
-                fail("failed unwrap test " + id  + " expected " + new String(Hex.encode(in)) + " got " + new String(Hex.encode(pText)));
-            }
-        }
-        catch (TestFailedException e)
-        {
-            throw e;
-        }
-        catch (Exception e)
-        {
-            fail("failed unwrap test exception.", e);
-        }
-
-        //
-        // offset test
-        //
-        byte[] pText = new byte[5 + in.length];
-        byte[]  cText;
-
-        System.arraycopy(in, 0, pText, 5, in.length);
-
-        wrapper.init(true, new KeyParameter(kek));
-
-        try
-        {
-            cText = wrapper.wrap(pText, 5, in.length);
-            if (!Arrays.areEqual(cText, out))
-            {
-                fail("failed wrap test " + id  + " expected " + new String(Hex.encode(out)) + " got " + new String(Hex.encode(cText)));
-            }
-        }
-        catch (Exception e)
-        {
-            fail("failed wrap test exception " + e.toString());
-        }
-
-        wrapper.init(false, new KeyParameter(kek));
-
-        cText = new byte[6 + out.length];
-        System.arraycopy(out, 0, cText, 6, out.length);
-
-        try
-        {
-            pText = wrapper.unwrap(cText, 6, out.length);
-            if (!Arrays.areEqual(pText, in))
-            {
-                fail("failed unwrap test " + id  + " expected " + new String(Hex.encode(in)) + " got " + new String(Hex.encode(pText)));
-            }
-        }
-        catch (Exception e)
-        {
-            fail("failed unwrap test exception.", e);
-        }
-    }
-
-    private void heapIssueTest()
-    {
-   		byte[] key = Hex.decode("d305ef52a6b9e72c810b821261d2d678");
-   		byte[] ciphertext = Hex.decode("d2b2906d209a46261d8f6794eca3179d");
-
-   		Wrapper aes = new AESWrapPadEngine();
-   		aes.init(false, new KeyParameter(key));
-        try
-        {
-            byte[] result = aes.unwrap(ciphertext, 0, ciphertext.length);
-
-            fail("incorrect pad not detected");
-        }
-        catch (InvalidCipherTextException e)
-        {
-            // ignore
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        byte[]  kek1 = Hex.decode("000102030405060708090a0b0c0d0e0f");
-        byte[]  in1 = Hex.decode("00112233445566778899aabbccddeeff");
-        byte[]  out1 = Hex.decode("1fa68b0a8112b447aef34bd8fb5a7b829d3e862371d2cfe5");
-
-        wrapTest(1, kek1, in1, out1);
-
-        byte[]  kek2 = Hex.decode("000102030405060708090a0b0c0d0e0f1011121314151617");
-        byte[]  in2 = Hex.decode("00112233445566778899aabbccddeeff");
-        byte[]  out2 = Hex.decode("96778b25ae6ca435f92b5b97c050aed2468ab8a17ad84e5d");
-
-        wrapTest(2, kek2, in2, out2);
-
-        byte[]  kek3 = Hex.decode("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f");
-        byte[]  in3 = Hex.decode("00112233445566778899aabbccddeeff");
-        byte[]  out3 = Hex.decode("64e8c3f9ce0f5ba263e9777905818a2a93c8191e7d6e8ae7");
-
-        wrapTest(3, kek3, in3, out3);
-
-        byte[]  kek4 = Hex.decode("000102030405060708090a0b0c0d0e0f1011121314151617");
-        byte[]  in4 = Hex.decode("00112233445566778899aabbccddeeff0001020304050607");
-        byte[]  out4 = Hex.decode("031d33264e15d33268f24ec260743edce1c6c7ddee725a936ba814915c6762d2");
-        wrapTest(4, kek4, in4, out4);
-
-        byte[]  kek5 = Hex.decode("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f");
-        byte[]  in5 = Hex.decode("00112233445566778899aabbccddeeff0001020304050607");
-        byte[]  out5 = Hex.decode("a8f9bc1612c68b3ff6e6f4fbe30e71e4769c8b80a32cb8958cd5d17d6b254da1");
-        wrapTest(5, kek5, in5, out5);
-
-        byte[]  kek6 = Hex.decode("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f");
-        byte[]  in6 = Hex.decode("00112233445566778899aabbccddeeff000102030405060708090a0b0c0d0e0f");
-        byte[]  out6 = Hex.decode("28c9f404c4b810f4cbccb35cfb87f8263f5786e2d80ed326cbc7f0e71a99f43bfb988b9b7a02dd21");
-        wrapTest(6, kek6, in6, out6);
-
-        byte[]  kek7 = Hex.decode("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f");
-        byte[]  in7 = Hex.decode("00112233445566778899aabbccddeeff000102030405060708090a0b0c0d0e0f");
-        byte[]  out7 = Hex.decode("cba01acbdb4c7c39fa59babb383c485f318837208731a81c735b5be6ba710375a1159e26a9b57228");
-        wrapTest(7, kek7, in7, out7, true);
-
-        Wrapper      wrapper = new AESWrapEngine();
-        KeyParameter key = new KeyParameter(new byte[16]);
-        byte[]       buf = new byte[16];
-
-        try
-        {
-            wrapper.init(true, key);
-
-            wrapper.unwrap(buf, 0, buf.length);
-
-            fail("failed unwrap state test.");
-        }
-        catch (IllegalStateException e)
-        {
-            // expected
-        }
-        catch (InvalidCipherTextException e)
-        {
-            fail("unexpected exception: " + e, e);
-        }
-
-        try
-        {
-            wrapper.init(false, key);
-
-            wrapper.wrap(buf, 0, buf.length);
-
-            fail("failed unwrap state test.");
-        }
-        catch (IllegalStateException e)
-        {
-            // expected
-        }
-
-        //
-        // short test
-        //
-        try
-        {
-            wrapper.init(false, key);
-
-            wrapper.unwrap(buf, 0, buf.length / 2);
-
-            fail("failed unwrap short test.");
-        }
-        catch (InvalidCipherTextException e)
-        {
-            // expected
-        }
-
-        try
-        {
-            wrapper.init(true, key);
-
-            wrapper.wrap(buf, 0, 15);
-
-            fail("ailed wrap length test.");
-        }
-        catch (DataLengthException e)
-        {
-            // expected
-        }
-
-        heapIssueTest();
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        AESWrapTest     test = new AESWrapTest();
-        TestResult      result = test.perform();
-
-        System.out.println(result);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/ARIATest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/ARIATest.java
deleted file mode 100644
index 6d8f27d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/ARIATest.java
+++ /dev/null

@@ -1,167 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.engines.ARIAEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class ARIATest
-    extends SimpleTest
-{
-    private static SecureRandom R = new SecureRandom();
-
-    private static final String[][] TEST_VECTORS_RFC5794 = {
-        {
-            "128-Bit Key",
-            "000102030405060708090a0b0c0d0e0f",
-            "00112233445566778899aabbccddeeff",
-            "d718fbd6ab644c739da95f3be6451778"
-        },
-        {
-            "192-Bit Key",
-            "000102030405060708090a0b0c0d0e0f1011121314151617",
-            "00112233445566778899aabbccddeeff",
-            "26449c1805dbe7aa25a468ce263a9e79"
-        },
-        {
-            "256-Bit Key",
-            "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
-            "00112233445566778899aabbccddeeff",
-            "f92bd7c79fb72e2f2b8f80c1972d24fc"
-        },
-    };
-
-    public String getName()
-    {
-        return "ARIA";
-    }
-
-    public void performTest() throws Exception
-    {
-        checkTestVectors_RFC5794();
-
-        for (int i = 0; i < 100; ++i)
-        {
-            checkRandomRoundtrips();
-        }
-
-        new MyARIAEngine().checkImplementation();
-    }
-
-    private void checkRandomRoundtrips()
-    {
-        ARIAEngine ce = new ARIAEngine();
-        ARIAEngine cd = new ARIAEngine();
-
-        byte[] txt = new byte[ce.getBlockSize()];
-        byte[] enc = new byte[ce.getBlockSize()];
-        byte[] dec = new byte[ce.getBlockSize()];
-
-        for (int keyLen = 16; keyLen <= 32; keyLen += 8)
-        {
-            byte[] K = new byte[keyLen];
-
-            R.nextBytes(K);
-
-            KeyParameter key = new KeyParameter(K);
-            ce.init(true, key);
-            cd.init(false, key);
-
-            R.nextBytes(txt);
-
-            for (int i = 0; i < 100; ++i)
-            {
-                ce.processBlock(txt, 0, enc, 0);
-                cd.processBlock(enc, 0, dec, 0);
-
-                isTrue(Arrays.areEqual(txt, dec));
-
-                System.arraycopy(enc, 0, txt, 0, enc.length);
-            }
-        }
-    }
-
-    private void checkTestVector_RFC5794(String[] tv)
-    {
-        String name = "'" + tv[0] + "'";
-
-        BlockCipher c = new ARIAEngine();
-        int blockSize = c.getBlockSize();
-        isTrue("Wrong block size returned from getBlockSize() for " + name, 16 == blockSize);
-
-        KeyParameter key = new KeyParameter(Hex.decode(tv[1]));
-        byte[] plaintext = Hex.decode(tv[2]);
-        byte[] ciphertext = Hex.decode(tv[3]);
-
-        isTrue("Unexpected plaintext length for " + name, blockSize == plaintext.length);
-        isTrue("Unexpected ciphertext length for " + name, blockSize == ciphertext.length);
-
-        c.init(true, key);
-
-        byte[] actual = new byte[blockSize];
-        int num = c.processBlock(plaintext, 0, actual, 0);
-
-        isTrue("Wrong length returned from processBlock() (encryption) for " + name, blockSize == num);
-        isTrue("Incorrect ciphertext computed for " + name, Arrays.areEqual(ciphertext, actual));
-
-        c.init(false, key);
-        num = c.processBlock(ciphertext, 0, actual, 0);
-
-        isTrue("Wrong length returned from processBlock() (decryption) for " + name, blockSize == num);
-        isTrue("Incorrect plaintext computed for " + name, Arrays.areEqual(plaintext, actual));
-    }
-
-    private void checkTestVectors_RFC5794()
-    {
-        for (int i = 0; i < TEST_VECTORS_RFC5794.length; ++i)
-        {
-            checkTestVector_RFC5794(TEST_VECTORS_RFC5794[i]);
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new ARIATest());
-    }
-
-    private class MyARIAEngine extends ARIAEngine
-    {
-        public void checkImplementation()
-        {
-            checkInvolution();
-            checkSBoxes();
-        }
-
-        private void checkInvolution()
-        {
-            byte[] x = new byte[16], y = new byte[16];
-
-            for (int i = 0; i < 100; ++i)
-            {
-                R.nextBytes(x);
-                System.arraycopy(x, 0, y, 0, 16);
-                A(y);
-                A(y);
-                ARIATest.this.isTrue(Arrays.areEqual(x, y));
-            }
-        }
-
-        private void checkSBoxes()
-        {
-            for (int i = 0; i < 256; ++i)
-            {
-                byte x = (byte)i;
-
-                ARIATest.this.isTrue(x == SB1(SB3(x)));
-                ARIATest.this.isTrue(x == SB3(SB1(x)));
-
-                ARIATest.this.isTrue(x == SB2(SB4(x)));
-                ARIATest.this.isTrue(x == SB4(SB2(x)));
-            }
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/AllTests.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/AllTests.java
deleted file mode 100644
index 0478488..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/AllTests.java
+++ /dev/null

@@ -1,68 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.util.test.SimpleTestResult;
-
-public class AllTests
-    extends TestCase
-{
-    public static void main (String[] args)
-    {
-        junit.textui.TestRunner.run(suite());
-    }
-    
-    public static Test suite()
-    {
-        TestSuite suite = new TestSuite("Lightweight Crypto Tests");
-        
-        suite.addTestSuite(SimpleTestTest.class);
-        suite.addTestSuite(GCMReorderTest.class);
-        
-        return new BCTestSetup(suite);
-    }
-
-    public static class SimpleTestTest
-       extends TestCase
-    {
-        public void testCrypto()
-        {
-            org.bouncycastle.util.test.Test[] tests = RegressionTest.tests;
-
-            for (int i = 0; i != tests.length; i++)
-            {
-                SimpleTestResult  result = (SimpleTestResult)tests[i].perform();
-
-                if (!result.isSuccessful())
-                {
-                    if (result.getException() != null)
-                    {
-                        result.getException().printStackTrace();
-                    }
-                    fail(result.toString());
-                }
-            }
-        }
-    }
-
-    static class BCTestSetup
-        extends TestSetup
-    {
-        public BCTestSetup(Test test)
-        {
-            super(test);
-        }
-
-        protected void setUp()
-        {
-
-        }
-
-        protected void tearDown()
-        {
-
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/Argon2Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/Argon2Test.java
deleted file mode 100644
index 6fa1eab..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/Argon2Test.java
+++ /dev/null

@@ -1,227 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-
-import org.bouncycastle.crypto.generators.Argon2BytesGenerator;
-import org.bouncycastle.crypto.params.Argon2Parameters;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Tests from https://tools.ietf.org/html/draft-irtf-cfrg-argon2-03
- *
- */
-public class Argon2Test
-    extends SimpleTest
-{
-    private static final int DEFAULT_OUTPUTLEN = 32;
-
-    public String getName()
-    {
-        return "ArgonTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        if (getJvmVersion() < 7)
-        {
-            return;
-        }
-
-        testVectorsFromInternetDraft();
-
-        int version = Argon2Parameters.ARGON2_VERSION_10;
-
-
-        /* Multiple test cases for various input values */
-        hashTest(version, 2, 16, 1, "password", "somesalt",
-            "f6c4db4a54e2a370627aff3db6176b94a2a209a62c8e36152711802f7b30c694", DEFAULT_OUTPUTLEN);
-
-        hashTest(version, 2, 20, 1, "password", "somesalt",
-            "9690ec55d28d3ed32562f2e73ea62b02b018757643a2ae6e79528459de8106e9",
-            DEFAULT_OUTPUTLEN);
-
-        hashTest(version, 2, 18, 1, "password", "somesalt",
-            "3e689aaa3d28a77cf2bc72a51ac53166761751182f1ee292e3f677a7da4c2467",
-            DEFAULT_OUTPUTLEN);
-
-        hashTest(version, 2, 8, 1, "password", "somesalt",
-            "fd4dd83d762c49bdeaf57c47bdcd0c2f1babf863fdeb490df63ede9975fccf06",
-            DEFAULT_OUTPUTLEN);
-        hashTest(version, 2, 8, 2, "password", "somesalt",
-            "b6c11560a6a9d61eac706b79a2f97d68b4463aa3ad87e00c07e2b01e90c564fb", DEFAULT_OUTPUTLEN);
-        hashTest(version, 1, 16, 1, "password", "somesalt",
-            "81630552b8f3b1f48cdb1992c4c678643d490b2b5eb4ff6c4b3438b5621724b2", DEFAULT_OUTPUTLEN);
-        hashTest(version, 4, 16, 1, "password", "somesalt",
-            "f212f01615e6eb5d74734dc3ef40ade2d51d052468d8c69440a3a1f2c1c2847b", DEFAULT_OUTPUTLEN);
-        hashTest(version, 2, 16, 1, "differentpassword", "somesalt",
-            "e9c902074b6754531a3a0be519e5baf404b30ce69b3f01ac3bf21229960109a3", DEFAULT_OUTPUTLEN);
-        hashTest(version, 2, 16, 1, "password", "diffsalt",
-            "79a103b90fe8aef8570cb31fc8b22259778916f8336b7bdac3892569d4f1c497", DEFAULT_OUTPUTLEN);
-
-        hashTest(version, 2, 16, 1, "password", "diffsalt",
-            "1a097a5d1c80e579583f6e19c7e4763ccb7c522ca85b7d58143738e12ca39f8e6e42734c950ff2463675b97c37ba" +
-                "39feba4a9cd9cc5b4c798f2aaf70eb4bd044c8d148decb569870dbd923430b82a083f284beae777812cce18cdac68ee8ccef" +
-                "c6ec9789f30a6b5a034591f51af830f4",
-            112);
-
-
-        version = Argon2Parameters.ARGON2_VERSION_13;
-
-
-        /* Multiple test cases for various input values */
-        hashTest(version, 2, 16, 1, "password", "somesalt",
-            "c1628832147d9720c5bd1cfd61367078729f6dfb6f8fea9ff98158e0d7816ed0",
-            DEFAULT_OUTPUTLEN);
-
-        hashTest(version, 2, 20, 1, "password", "somesalt",
-            "d1587aca0922c3b5d6a83edab31bee3c4ebaef342ed6127a55d19b2351ad1f41", DEFAULT_OUTPUTLEN);
-
-        hashTest(version, 2, 18, 1, "password", "somesalt",
-            "296dbae80b807cdceaad44ae741b506f14db0959267b183b118f9b24229bc7cb", DEFAULT_OUTPUTLEN);
-
-        hashTest(version, 2, 8, 1, "password", "somesalt",
-            "89e9029f4637b295beb027056a7336c414fadd43f6b208645281cb214a56452f", DEFAULT_OUTPUTLEN);
-
-        hashTest(version, 2, 8, 2, "password", "somesalt",
-            "4ff5ce2769a1d7f4c8a491df09d41a9fbe90e5eb02155a13e4c01e20cd4eab61", DEFAULT_OUTPUTLEN);
-        hashTest(version, 1, 16, 1, "password", "somesalt",
-            "d168075c4d985e13ebeae560cf8b94c3b5d8a16c51916b6f4ac2da3ac11bbecf", DEFAULT_OUTPUTLEN);
-        hashTest(version, 4, 16, 1, "password", "somesalt",
-            "aaa953d58af3706ce3df1aefd4a64a84e31d7f54175231f1285259f88174ce5b", DEFAULT_OUTPUTLEN);
-        hashTest(version, 2, 16, 1, "differentpassword", "somesalt",
-            "14ae8da01afea8700c2358dcef7c5358d9021282bd88663a4562f59fb74d22ee", DEFAULT_OUTPUTLEN);
-        hashTest(version, 2, 16, 1, "password", "diffsalt",
-            "b0357cccfbef91f3860b0dba447b2348cbefecadaf990abfe9cc40726c521271", DEFAULT_OUTPUTLEN);
-
-    }
-
-
-    private void hashTest(int version, int iterations, int memory, int parallelism,
-                          String password, String salt, String passwordRef, int outputLength)
-    {
-        Argon2Parameters.Builder builder = new Argon2Parameters.Builder(Argon2Parameters.ARGON2_i)
-            .withVersion(version)
-            .withIterations(iterations)
-            .withMemoryPowOfTwo(memory)
-            .withParallelism(parallelism)
-            .withSalt(Strings.toByteArray(salt));
-
-        //
-        // Set the password.
-        //
-        Argon2BytesGenerator gen = new Argon2BytesGenerator();
-
-        gen.init(builder.build());
-
-        byte[] result = new byte[outputLength];
-        gen.generateBytes(password.toCharArray(), result, 0, result.length);
-
-
-        isTrue(passwordRef + " Failed", areEqual(result, Hex.decode(passwordRef)));
-    }
-
-
-    /**
-     * Tests from https://tools.ietf.org/html/draft-irtf-cfrg-argon2-03
-     *
-     * @throws Exception
-     */
-    private void testVectorsFromInternetDraft()
-        throws Exception
-    {
-        byte[] ad = Hex.decode("040404040404040404040404");
-        byte[] secret = Hex.decode("0303030303030303");
-        byte[] salt = Hex.decode("02020202020202020202020202020202");
-        byte[] password = Hex.decode("0101010101010101010101010101010101010101010101010101010101010101");
-
-        Argon2Parameters.Builder builder = new Argon2Parameters.Builder(Argon2Parameters.ARGON2_d)
-            .withVersion(Argon2Parameters.ARGON2_VERSION_13) // 19
-            .withIterations(3)
-            .withMemoryAsKB(32)
-            .withParallelism(4)
-            .withAdditional(ad)
-            .withSecret(secret)
-            .withSalt(salt);
-
-        Argon2BytesGenerator dig = new Argon2BytesGenerator();
-
-        dig.init(builder.build());
-
-        byte[] result = new byte[32];
-        dig.generateBytes(password, result);
-        isTrue("Argon 2d Failed", areEqual(result, Hex.decode("512b391b6f1162975371d30919734294f" +
-            "868e3be3984f3c1a13a4db9fabe4acb")));
-
-
-        builder = new Argon2Parameters.Builder(Argon2Parameters.ARGON2_i)
-            .withVersion(Argon2Parameters.ARGON2_VERSION_13) // 19
-            .withIterations(3)
-            .withMemoryAsKB(32)
-            .withParallelism(4)
-            .withAdditional(ad)
-            .withSecret(secret)
-            .withSalt(salt);
-
-        dig = new Argon2BytesGenerator();
-
-        dig.init(builder.build());
-
-        result = new byte[32];
-        dig.generateBytes(password, result);
-        isTrue("Argon 2i Failed", areEqual(result, Hex.decode("c814d9d1dc7f37aa13f0d77f2494bda1c8de6b016" +
-            "dd388d29952a4c4672b6ce8")));
-
-
-        builder = new Argon2Parameters.Builder(Argon2Parameters.ARGON2_id)
-            .withVersion(Argon2Parameters.ARGON2_VERSION_13) // 19
-            .withIterations(3)
-            .withMemoryAsKB(32)
-            .withParallelism(4)
-            .withAdditional(ad)
-            .withSecret(secret)
-            .withSalt(salt);
-        
-        dig = new Argon2BytesGenerator();
-
-        dig.init(builder.build());
-
-        result = new byte[32];
-        dig.generateBytes(password, result);
-        isTrue("Argon 2id Failed", areEqual(result, Hex.decode("0d640df58d78766c08c037a34a8b53c9d01ef0452" +
-            "d75b65eb52520e96b01e659")));
-
-    }
-
-    private static int getJvmVersion()
-    {
-        String version = System.getProperty("java.version");
-
-        if (version.startsWith("1.7"))
-        {
-            return 7;
-        }
-        if (version.startsWith("1.8"))
-        {
-            return 8;
-        }
-        if (version.startsWith("1.9"))
-        {
-            return 9;
-        }
-        if (version.startsWith("1.1"))
-        {
-            return 10;
-        }
-
-        return -1;
-    }
-
-    public static void main(String[] args)
-        throws Exception
-    {
-        runTest(new Argon2Test());
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/BCryptTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/BCryptTest.java
deleted file mode 100644
index 521cde8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/BCryptTest.java
+++ /dev/null

@@ -1,153 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.generators.BCrypt;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Integers;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/*
- * bcrypt test vectors
- */
-public class BCryptTest
-    extends SimpleTest
-{
-    // Raw test vectors based on crypt style test vectors
-    // Cross checked with JBCrypt
-    private static final Object[][] testVectors = {
-        {"", "144b3d691a7b4ecf39cf735c7fa7a79c", Integers.valueOf(6), "557e94f34bf286e8719a26be94ac1e16d95ef9f819dee092"},
-        {"00", "144b3d691a7b4ecf39cf735c7fa7a79c", Integers.valueOf(6), "557e94f34bf286e8719a26be94ac1e16d95ef9f819dee092"},
-        {"00", "26c63033c04f8bcba2fe24b574db6274", Integers.valueOf(8), "56701b26164d8f1bc15225f46234ac8ac79bf5bc16bf48ba"},
-        {"00", "9b7c9d2ada0fd07091c915d1517701d6", Integers.valueOf(10), "7b2e03106a43c9753821db688b5cc7590b18fdf9ba544632"},
-        {"6100", "a3612d8c9a37dac2f99d94da03bd4521", Integers.valueOf(6), "e6d53831f82060dc08a2e8489ce850ce48fbf976978738f3"},
-        {"6100", "7a17b15dfe1c4be10ec6a3ab47818386", Integers.valueOf(8), "a9f3469a61cbff0a0f1a1445dfe023587f38b2c9c40570e1"},
-        {"6100", "9bef4d04e1f8f92f3de57323f8179190", Integers.valueOf(10), "5169fd39606d630524285147734b4c981def0ee512c3ace1"},
-        {"61626300", "2a1f1dc70a3d147956a46febe3016017", Integers.valueOf(6), "d9a275b493bcbe1024b0ff80d330253cfdca34687d8f69e5"},
-        {"61626300", "4ead845a142c9bc79918c8797f470ef5", Integers.valueOf(8), "8d4131a723bfbbac8a67f2e035cae08cc33b69f37331ea91"},
-        {"61626300", "631c554493327c32f9c26d9be7d18e4c", Integers.valueOf(10), "8cd0b863c3ff0860e31a2b42427974e0283b3af7142969a6"},
-        {"6162636465666768696a6b6c6d6e6f707172737475767778797a00", "02d1176d74158ee29cffdac6150cf123", Integers.valueOf(6), "4d38b523ce9dc6f2f6ff9fb3c2cd71dfe7f96eb4a3baf19f"},
-        {"6162636465666768696a6b6c6d6e6f707172737475767778797a00", "715b96caed2ac92c354ed16c1e19e38a", Integers.valueOf(8), "98bf9ffc1f5be485f959e8b1d526392fbd4ed2d5719f506b"},
-        {"6162636465666768696a6b6c6d6e6f707172737475767778797a00", "85727e838f9049397fbec90566ede0df", Integers.valueOf(10), "cebba53f67bd28af5a44c6707383c231ac4ef244a6f5fb2b"},
-        {"7e21402324255e262a28292020202020207e21402324255e262a2829504e4246524400", "8512ae0d0fac4ec9a5978f79b6171028", Integers.valueOf(6), "26f517fe5345ad575ba7dfb8144f01bfdb15f3d47c1e146a"},
-        {"7e21402324255e262a28292020202020207e21402324255e262a2829504e4246524400", "1ace2de8807df18c79fced54678f388f", Integers.valueOf(8), "d51d7cdf839b91a25758b80141e42c9f896ae80fd6cd561f"},
-        {"7e21402324255e262a28292020202020207e21402324255e262a2829504e4246524400", "36285a6267751b14ba2dc989f6d43126", Integers.valueOf(10), "db4fab24c1ff41c1e2c966f8b3d6381c76e86f52da9e15a9"},
-        {"c2a300", "144b3d691a7b4ecf39cf735c7fa7a79c", Integers.valueOf(6), "5a6c4fedb23980a7da9217e0442565ac6145b687c7313339"},
-    };
-
-    public String getName()
-    {
-        return "BCrypt";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        testParameters();
-        testShortKeys();
-        testVectors();
-    }
-
-    private void testShortKeys()
-    {
-        byte[] salt = new byte[16];
-
-        // Check BCrypt with empty key pads to zero byte key
-        byte[] hashEmpty = BCrypt.generate(new byte[0], salt, 4);
-        byte[] hashZero1 = BCrypt.generate(new byte[1], salt, 4);
-
-        if (!Arrays.areEqual(hashEmpty, hashZero1))
-        {
-            fail("Hash for empty password should equal zeroed key", new String(Hex.encode(hashEmpty)),
-                new String(Hex.encode(hashZero1)));
-        }
-
-        // Check zeroed byte key of min Blowfish length is equivalent
-        byte[] hashZero4 = BCrypt.generate(new byte[4], salt, 4);
-        if (!Arrays.areEqual(hashEmpty, hashZero4))
-        {
-            fail("Hash for empty password should equal zeroed key[4]", new String(Hex.encode(hashEmpty)), new String(
-                Hex.encode(hashZero4)));
-        }
-
-        // Check BCrypt isn't padding too small (32 bit) keys
-        byte[] hashA = BCrypt.generate(new byte[]{(byte)'a'}, salt, 4);
-        byte[] hashA0 = BCrypt.generate(new byte[]{(byte)'a', (byte)0}, salt, 4);
-        if (Arrays.areEqual(hashA, hashA0))
-        {
-            fail("Small keys should not be 0 padded.");
-        }
-    }
-
-    public void testParameters()
-    {
-        checkOK("Empty key", new byte[0], new byte[16], 4);
-        checkOK("Minimal values", new byte[1], new byte[16], 4);
-        // checkOK("Max cost", new byte[1], new byte[16], 31);
-        checkOK("Max passcode", new byte[72], new byte[16], 4);
-        checkIllegal("Null password", null, new byte[16], 4);
-        checkIllegal("Null salt", new byte[1], null, 4);
-        checkIllegal("Salt too small", new byte[1], new byte[15], 4);
-        checkIllegal("Salt too big", new byte[1], new byte[17], 4);
-        checkIllegal("Cost too low", new byte[16], new byte[16], 3);
-        checkIllegal("Cost too high", new byte[16], new byte[16], 32);
-        checkIllegal("Passcode too long", new byte[73], new byte[16], 32);
-    }
-
-    private void checkOK(String msg, byte[] pass, byte[] salt, int cost)
-    {
-        try
-        {
-            BCrypt.generate(pass, salt, cost);
-        }
-        catch (IllegalArgumentException e)
-        {
-            e.printStackTrace();
-            fail(msg);
-        }
-    }
-
-    private void checkIllegal(String msg, byte[] pass, byte[] salt, int cost)
-    {
-        try
-        {
-            BCrypt.generate(pass, salt, cost);
-            fail(msg);
-        }
-        catch (IllegalArgumentException e)
-        {
-            // e.printStackTrace();
-        }
-    }
-
-    public void testVectors()
-        throws Exception
-    {
-        for (int i = 0; i < testVectors.length; i++)
-        {
-            byte[] password = Hex.decode((String)testVectors[i][0]);
-            byte[] salt = Hex.decode((String)testVectors[i][1]);
-            int cost = ((Integer)testVectors[i][2]).intValue();
-            byte[] expected = Hex.decode((String)testVectors[i][3]);
-
-            test(password, salt, cost, expected);
-        }
-
-        isTrue(areEqual(BCrypt.generate(BCrypt.passwordToByteArray("12341234".toCharArray()), Hex.decode("01020304050607080102030405060708"), 5), Hex.decode("cdd19088721c50e5cb49a7b743d93b5a6e67bef0f700cd78")));
-        isTrue(areEqual(BCrypt.generate(BCrypt.passwordToByteArray("1234".toCharArray()), Hex.decode("01020304050607080102030405060708"), 5), Hex.decode("02a3269aca2732484057b40c614204814cbfc2becd8e093e")));
-    }
-
-    private void test(byte[] password, byte[] salt, int cost, byte[] expected)
-    {
-        byte[] hash = BCrypt.generate(password, salt, cost);
-        if (!Arrays.areEqual(hash, expected))
-        {
-            fail("Hash for " + new String(Hex.encode(password)), new String(Hex.encode(expected)),
-                new String(Hex.encode(hash)));
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new BCryptTest());
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/BigSkippingCipherTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/BigSkippingCipherTest.java
deleted file mode 100644
index c63b539..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/BigSkippingCipherTest.java
+++ /dev/null

@@ -1,224 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.util.Random;
-
-import junit.framework.TestCase;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.SkippingStreamCipher;
-import org.bouncycastle.crypto.engines.AESEngine;
-import org.bouncycastle.crypto.engines.ChaChaEngine;
-import org.bouncycastle.crypto.engines.Salsa20Engine;
-import org.bouncycastle.crypto.modes.SICBlockCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-
-public class BigSkippingCipherTest
-    extends TestCase
-{
-    public void testAESCTR()
-        throws Exception
-    {
-        CipherParameters externalCounterParams = new ParametersWithIV(new KeyParameter(Hex.decode("5F060D3716B345C253F6749ABAC10917")), Hex.decode("00000000000000000000000000000000"));
-        CipherParameters internalCounterParams = new ParametersWithIV(new KeyParameter(Hex.decode("5F060D3716B345C253F6749ABAC10917")), Hex.decode("00000000000000000000"));
-        SICBlockCipher linearEngine = new SICBlockCipher(new AESEngine());
-        SICBlockCipher skippingEngine = new SICBlockCipher(new AESEngine());
-        Random random = new Random();
-
-        linearEngine.init(true, externalCounterParams);
-        skippingEngine.init(false, internalCounterParams);
-
-        testCipher(random, linearEngine, skippingEngine);
-
-        byte[] in = Base64.decode("pzVbCyj5JntIYN2Kvzf64/po+gTu/jvnZwU33F7UsfxpWRUDEGIQbArxqCQzEkGAwa4omXJ28WJveJNUQbQ5cBxS2aTt3sV0mrP+cneJ3OZkzo5Lhz0vuXs7Mav9uUzQFrU0DuMyGr1QJnKO0BUal0gLJ0v6YAo2SObDS5A4CTrsAgo0C2UXQmnuGzyYlhm4VoSNotD8auqyQXUrT8c2B/tLIcjyyl8ug1BabL2gAxN7oKbpvW5j2z3IZNZh+AKR4OR47RfjtYglOfgGQB1L5yiL9reuWEsRjbZmcEFfLmAAK0gtcP+0KDXV/DS4NxRx0sC7NkBzSC3uq2RbQOdjygFZ5qrmvwQZgLqlXs2cGiNzqx5CRjAvl83aAWAAerR5T2sHadRckW01oE2ivQixpgdPCGFHLeXoPMlkZ/r1cECYFAGPjMGSG2qnQZ/ZJbStEAZye/11r/dyoUgP+XTc6FDCCQHSdmyQljPHDQm7ioMTTkCf15YWv0kSuKOd4nBlLrGjSl9dsJsVU9TDRCqNExmk+lN3f0p8vr8TVNnir+OtEabOXzjOv6i3PHQZP27ML3Hy9TU1MHx1Q0bLdgi6yIw8lmzzBzok8j5VrCpNf2HmBqtRm1WDeTO9R62OWyaMT/dCT7AzEzP8ClBSq57p69OrlEDoaLXrYvNS3hEw1Lo=");
-        byte[] exp = Base64.decode("JD0KPwMaKvqYZnDgI0rFTCbexg+RRj3UbEPtsf5IDeM3lb5OJ5EMLHXrfknu//XNLE6dV/Jaoz3LuylkfRlMg2/Vvgo6KwXNV3VsUgkEmTpy74NAd9DCh+1EgJYCNbHkT/haaKpPWLqHEIp1/LVKZZgRXc+C4kH02GzqwYkjUZCSrE8GBpiILlHhN+2A14Ltmxe7XZrlnOQx62sBoh+QR2ZCSAhQjMayhnkrIC1qpM8S4vcZbAYOGuVRcmBhGZdvQg+YXUKrx3FS6XS+xF3yMld5iVx2aEzjkmXuDoULLzrppD/5Ed0I2CCFZigBZ3ZFsOGIZw1yTBXLRVroM/xksYaGgQs9arKB3rEBpUV4yUMuYokqz9A4k7jg/6loTFU8SntBzXptrPuKPbEMT/FvJqEsI3yKCndYiRAkTRmHWhNmdjLH9Pw32VYlpbjYzQjPP6Iy055VujucBofsP3/ENK32XNs1I6PzcVrjjRJaBy3dbAB0e7/P7cqnUvKu+dSR7N92VnuDtCaS5ksVMWJOlfLhqLq8umz8+3aIsTj20bfNGzf4aeqkUzv+AezQedVY3gmYBgwv/1ZR3Y9bUATE4ieIwK+gkZBgtANOs2abY+8+of5sQhyfYiWpUrSb+L/7MjaFgBz+b69bD5xl0kes/ySVGBqaqG4jcOr01qGfaLw=");
-        byte[] buf = new byte[512];
-
-        skippingEngine.seekTo(1L << 38);
-
-        skippingEngine.processBytes(in, 0, in.length, buf, 0);
-
-        if (!Arrays.areEqual(buf, exp))
-        {
-            fail("long seek failed");
-        }
-
-        skippingEngine.skip(-(1L << 38) - 512);
-
-        if (skippingEngine.getPosition() != 0)
-        {
-            fail("zero position came back as: " + skippingEngine.getPosition());
-        }
-
-        random.nextBytes(buf);
-
-        byte[] linOut = new byte[512];
-        byte[] skipOut = new byte[512];
-
-        linearEngine.init(true, internalCounterParams);
-
-        linearEngine.processBytes(buf, 0, buf.length, linOut, 0);
-        skippingEngine.processBytes(buf, 0, buf.length, skipOut, 0);
-
-        if (!Arrays.areEqual(linOut, skipOut))
-        {
-            fail("long output mismatch");
-        }
-    }
-
-    public void testSalsa20()
-        throws Exception
-    {
-        CipherParameters params = new ParametersWithIV(new KeyParameter(Hex.decode("0053A6F94C9FF24598EB3E91E4378ADD3083D6297CCF2275C81B6EC11467BA0D")), Hex.decode("0D74DB42A91077DE"));
-        Salsa20Engine linearEngine = new Salsa20Engine();
-        Salsa20Engine skippingEngine = new Salsa20Engine();
-        Random random = new Random();
-
-        linearEngine.init(true, params);
-        skippingEngine.init(false, params);
-
-        testCipher(random, linearEngine, skippingEngine);
-
-        byte[] in = Base64.decode("pzVbCyj5JntIYN2Kvzf64/po+gTu/jvnZwU33F7UsfxpWRUDEGIQbArxqCQzEkGAwa4omXJ28WJveJNUQbQ5cBxS2aTt3sV0mrP+cneJ3OZkzo5Lhz0vuXs7Mav9uUzQFrU0DuMyGr1QJnKO0BUal0gLJ0v6YAo2SObDS5A4CTrsAgo0C2UXQmnuGzyYlhm4VoSNotD8auqyQXUrT8c2B/tLIcjyyl8ug1BabL2gAxN7oKbpvW5j2z3IZNZh+AKR4OR47RfjtYglOfgGQB1L5yiL9reuWEsRjbZmcEFfLmAAK0gtcP+0KDXV/DS4NxRx0sC7NkBzSC3uq2RbQOdjygFZ5qrmvwQZgLqlXs2cGiNzqx5CRjAvl83aAWAAerR5T2sHadRckW01oE2ivQixpgdPCGFHLeXoPMlkZ/r1cECYFAGPjMGSG2qnQZ/ZJbStEAZye/11r/dyoUgP+XTc6FDCCQHSdmyQljPHDQm7ioMTTkCf15YWv0kSuKOd4nBlLrGjSl9dsJsVU9TDRCqNExmk+lN3f0p8vr8TVNnir+OtEabOXzjOv6i3PHQZP27ML3Hy9TU1MHx1Q0bLdgi6yIw8lmzzBzok8j5VrCpNf2HmBqtRm1WDeTO9R62OWyaMT/dCT7AzEzP8ClBSq57p69OrlEDoaLXrYvNS3hEw1Lo=");
-        byte[] exp = Base64.decode("e0bdyXVHsxzA9pZ/htVVPAsAgief6pEyLmdayG09N3GkBZFulTze/He524ETzTGtV7c1yGypTwjwVr+rNWmZs9YeXtYljySAQUbv1il5spmn7+iiwN6H21Keg6r4ciwzR7jhm7Wc0A1GGkh8OLmb2ZAh/fNDXHyL8mbEmLYh5C9n+DCTruTEjtS5TwueaRsUSNkexUgemqOVHxeOD0nZcVARr2AzMW6btNrQycol3+WTvLmbCeAZwcZnfPvZeU3r2UF73o8lP0vOUrOi095H2WZkJIVrAiV/+i4Sb76XXRgFlvWP6RbX9mYApIBhs69+yxp8lmVI0AABAwwV7PNXo+1UK6kzNi5spa32MRDMogP+wDHMyu8nHzLpIv9OTx0CmkZ0XO4Lla3d3UsPGq8g50a6gfrSOa9JHYFjfMzqIY/6SdZxr39Z8jVYiCfWGYplMTSDvfj3whk2J0DnSSdf6k6JstCjIXeMagKjwpcf9r0kq1Q9mAGhdJLqkM2LYHz3CP6GiWbGy5477GKnrhFDOeG1PtLv4YaTLrrjnNngIeeMK0tgkwBhsobVCD1hSs26I9/V+rdFhFb3/a/ob37cfnPmflbC0oOpSKoY6tZEaDp9u2ulNCpLYV6zrn3k9soP4q+sfsmXKMuWU2+rJGvBOEPh9Jo8Z+u7r+1PG+8VgAs=");
-        byte[] buf = new byte[512];
-
-        skippingEngine.seekTo(1L << 38);
-
-        skippingEngine.processBytes(in, 0, in.length, buf, 0);
-
-        if (!Arrays.areEqual(buf, exp))
-        {
-            fail("long seek failed");
-        }
-
-        skippingEngine.skip(-(1L << 38) - 512);
-
-        if (skippingEngine.getPosition() != 0)
-        {
-            fail("zero position came back as: " + skippingEngine.getPosition());
-        }
-
-        random.nextBytes(buf);
-
-        byte[] linOut = new byte[512];
-        byte[] skipOut = new byte[512];
-
-        linearEngine.init(true, params);
-
-        linearEngine.processBytes(buf, 0, buf.length, linOut, 0);
-        skippingEngine.processBytes(buf, 0, buf.length, skipOut, 0);
-
-        if (!Arrays.areEqual(linOut, skipOut))
-        {
-            fail("long output mismatch");
-        }
-    }
-
-    public void testChaCha()
-        throws Exception
-    {
-        CipherParameters params = new ParametersWithIV(new KeyParameter(Hex.decode("0053A6F94C9FF24598EB3E91E4378ADD3083D6297CCF2275C81B6EC11467BA0D")), Hex.decode("0D74DB42A91077DE"));
-        ChaChaEngine linearEngine = new ChaChaEngine();
-        ChaChaEngine skippingEngine = new ChaChaEngine();
-        Random random = new Random();
-
-        linearEngine.init(true, params);
-        skippingEngine.init(false, params);
-
-        testCipher(random, linearEngine, skippingEngine);
-
-        byte[] in = Base64.decode("pzVbCyj5JntIYN2Kvzf64/po+gTu/jvnZwU33F7UsfxpWRUDEGIQbArxqCQzEkGAwa4omXJ28WJveJNUQbQ5cBxS2aTt3sV0mrP+cneJ3OZkzo5Lhz0vuXs7Mav9uUzQFrU0DuMyGr1QJnKO0BUal0gLJ0v6YAo2SObDS5A4CTrsAgo0C2UXQmnuGzyYlhm4VoSNotD8auqyQXUrT8c2B/tLIcjyyl8ug1BabL2gAxN7oKbpvW5j2z3IZNZh+AKR4OR47RfjtYglOfgGQB1L5yiL9reuWEsRjbZmcEFfLmAAK0gtcP+0KDXV/DS4NxRx0sC7NkBzSC3uq2RbQOdjygFZ5qrmvwQZgLqlXs2cGiNzqx5CRjAvl83aAWAAerR5T2sHadRckW01oE2ivQixpgdPCGFHLeXoPMlkZ/r1cECYFAGPjMGSG2qnQZ/ZJbStEAZye/11r/dyoUgP+XTc6FDCCQHSdmyQljPHDQm7ioMTTkCf15YWv0kSuKOd4nBlLrGjSl9dsJsVU9TDRCqNExmk+lN3f0p8vr8TVNnir+OtEabOXzjOv6i3PHQZP27ML3Hy9TU1MHx1Q0bLdgi6yIw8lmzzBzok8j5VrCpNf2HmBqtRm1WDeTO9R62OWyaMT/dCT7AzEzP8ClBSq57p69OrlEDoaLXrYvNS3hEw1Lo=");
-        byte[] exp = Base64.decode("FACFDKSYxFYEOknCBPdfy5elbrDu8FzOImwpczlIk1HWlcbBPHXwHEnVaKrGtmthC7gA1DQJSeobO83KW3YZVkT8fcGnMFbeee6ISs9R4KqekE+Fs8uNWYlqsgT5xrErOC/cmz4B5envQx7EZK5h+fJupYO3vHqVk5/Q6c/v8ndDeBKSDTKA6eyybOwFVIjwJKPfuliu4mJGHphUIsp/OgRPs+VhlMrWXMVwsGzGHy9xZvTz6Xv6GJvrIoONMHh24YGOSt+83cFTepU7ur8anyDaoWzMz/n04eopnQd9TlREwYOZWdF0ZAJ0VZQYEixopmH+mlEZ/Nyw6IDswvyX3Zf/7lyDsM8bv2kz1gXvmQgUMqr6wXrOuJtxaH8aUvLVswCeNZEGFl17FHgwdD2MRzkmhfPRFlTgicd02D/ateBs5B0ORu5CKu3p/RGjU4YE68ONPNEkwkBRm5uGzdezTJmUzdJAEtoIxv1XfE1tytP7U+BpWdP5LY5NlEUo6sNR4O2nlSQJkAOzhoz821hnn1IL6r9DLDHIW40IhStDqc5Hy/8rEZgnnFhIE6pAD1PAGV5oJk/Z/V64bFvGkpD7xuhN5U2Eic7UheB8D227JtQQWTc8GhynlOWbmkYm/koKw+ieraN5IWE/KD2HFqJhxasB9lb3lMGh3zfgBKck5Lo=");
-        byte[] buf = new byte[512];
-
-        skippingEngine.seekTo(1L << 38);
-
-        skippingEngine.processBytes(in, 0, in.length, buf, 0);
-
-        if (!Arrays.areEqual(buf, exp))
-        {
-            fail("long seek failed");
-        }
-
-        skippingEngine.skip(-(1L << 38) - 512);
-
-        if (skippingEngine.getPosition() != 0)
-        {
-            fail("zero position came back as: " + skippingEngine.getPosition());
-        }
-
-        random.nextBytes(buf);
-
-        byte[] linOut = new byte[512];
-        byte[] skipOut = new byte[512];
-
-        linearEngine.init(true, params);
-
-        linearEngine.processBytes(buf, 0, buf.length, linOut, 0);
-        skippingEngine.processBytes(buf, 0, buf.length, skipOut, 0);
-
-        if (!Arrays.areEqual(linOut, skipOut))
-        {
-            fail("long output mismatch");
-        }
-    }
-
-    public void testCipher(Random random, SkippingStreamCipher linearEngine, SkippingStreamCipher skippingEngine)
-        throws Exception
-    {
-        byte[] startDataBuf = new byte[1 << 16];
-        byte[] startEncBuf = new byte[1 << 16];
-        byte[] startSeekBuf = new byte[1 << 16];
-
-        random.nextBytes(startDataBuf);
-
-        linearEngine.processBytes(startDataBuf, 0, startDataBuf.length, startEncBuf, 0);
-
-        byte[] incBuf = new byte[1 << 12];
-        byte[] linearOutBuf = new byte[1 << 12];
-        byte[] seekOutBuf = new byte[1 << 12];
-
-        for (long i = 0; i != 1L << 20; i++)
-        {
-            random.nextBytes(incBuf);
-
-            linearEngine.processBytes(incBuf, 0, incBuf.length, linearOutBuf, 0);
-
-            skippingEngine.seekTo(startDataBuf.length + i * incBuf.length);
-
-            if (skippingEngine.getPosition() != startDataBuf.length + i * incBuf.length)
-            {
-                fail(i + "th position came back as: " + skippingEngine.getPosition());
-            }
-
-            skippingEngine.processBytes(incBuf, 0, incBuf.length, seekOutBuf, 0);
-
-            if (!Arrays.areEqual(linearOutBuf, seekOutBuf))
-            {
-                fail("output mismatch");
-            }
-
-            if (skippingEngine.getPosition() != startDataBuf.length + (i + 1) * incBuf.length)
-            {
-                fail(i + "th + 1 position came back as: " + skippingEngine.getPosition());
-            }
-
-            skippingEngine.skip(-skippingEngine.getPosition());
-
-            if (skippingEngine.getPosition() != 0)
-            {
-                fail("zero position came back as: " + skippingEngine.getPosition());
-            }
-
-            skippingEngine.processBytes(startEncBuf, 0, startEncBuf.length, startSeekBuf, 0);
-
-            if (!Arrays.areEqual(startDataBuf, startSeekBuf))
-            {
-                fail("output mismatch");
-            }
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/Blake2bDigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/Blake2bDigestTest.java
deleted file mode 100644
index f940131..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/Blake2bDigestTest.java
+++ /dev/null

@@ -1,328 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.io.UnsupportedEncodingException;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.Blake2bDigest;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class Blake2bDigestTest
-    extends SimpleTest
-{
-
-    private static final String[][] keyedTestVectors =
-        { // input/message, key, hash
-
-            // Vectors from BLAKE2 web site: https://blake2.net/blake2b-test.txt
-            {
-                "",
-                "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f",
-                "10ebb67700b1868efb4417987acf4690ae9d972fb7a590c2f02871799aaa4786b5e996e8f0f4eb981fc214b005f42d2ff4233499391653df7aefcbc13fc51568"},
-
-            {
-                "00",
-                "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f",
-                "961f6dd1e4dd30f63901690c512e78e4b45e4742ed197c3c5e45c549fd25f2e4187b0bc9fe30492b16b0d0bc4ef9b0f34c7003fac09a5ef1532e69430234cebd"},
-
-            {
-                "0001",
-                "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f",
-                "da2cfbe2d8409a0f38026113884f84b50156371ae304c4430173d08a99d9fb1b983164a3770706d537f49e0c916d9f32b95cc37a95b99d857436f0232c88a965"},
-
-            {
-                "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d",
-                "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f",
-                "f1aa2b044f8f0c638a3f362e677b5d891d6fd2ab0765f6ee1e4987de057ead357883d9b405b9d609eea1b869d97fb16d9b51017c553f3b93c0a1e0f1296fedcd"},
-
-            {
-                "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3",
-                "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f",
-                "c230f0802679cb33822ef8b3b21bf7a9a28942092901d7dac3760300831026cf354c9232df3e084d9903130c601f63c1f4a4a4b8106e468cd443bbe5a734f45f"},
-
-            {
-                "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfe",
-                "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f",
-                "142709d62e28fcccd0af97fad0f8465b971e82201dc51070faa0372aa43e92484be1c1e73ba10906d5d1853db6a4106e0a7bf9800d373d6dee2d46d62ef2a461"}};
-
-    private final static String[][] unkeyedTestVectors =
-        { // from: http://fossies.org/linux/john/src/rawBLAKE2_512_fmt_plug.c
-            // hash, input/message
-            // digests without leading $BLAKE2$
-            {
-                "4245af08b46fbb290222ab8a68613621d92ce78577152d712467742417ebc1153668f1c9e1ec1e152a32a9c242dc686d175e087906377f0c483c5be2cb68953e",
-                "blake2"},
-            {
-                "021ced8799296ceca557832ab941a50b4a11f83478cf141f51f933f653ab9fbcc05a037cddbed06e309bf334942c4e58cdf1a46e237911ccd7fcf9787cbc7fd0",
-                "hello world"},
-            {
-                "1f7d9b7c9a90f7bfc66e52b69f3b6c3befbd6aee11aac860e99347a495526f30c9e51f6b0db01c24825092a09dd1a15740f0ade8def87e60c15da487571bcef7",
-                "verystrongandlongpassword"},
-            {
-                "a8add4bdddfd93e4877d2746e62817b116364a1fa7bc148d95090bc7333b3673f82401cf7aa2e4cb1ecd90296e3f14cb5413f8ed77be73045b13914cdcd6a918",
-                "The quick brown fox jumps over the lazy dog"},
-            {
-                "786a02f742015903c6c6fd852552d272912f4740e15847618a86e217f71f5419d25e1031afee585313896444934eb04b903a685b1448b755d56f701afe9be2ce",
-                ""},
-            {
-                "ba80a53f981c4d0d6a2797b69f12f6e94c212f14685ac4b74b12bb6fdbffa2d17d87c5392aab792dc252d5de4533cc9518d38aa8dbf1925ab92386edd4009923",
-                "abc"},
-        };
-
-    public String getName()
-    {
-        return "BLAKE2b";
-    }
-
-    private void offsetTest(
-        Digest digest,
-        byte[] input,
-        byte[] expected)
-    {
-        byte[] resBuf = new byte[expected.length + 11];
-
-        digest.update(input, 0, input.length);
-
-        digest.doFinal(resBuf, 11);
-
-        if (!areEqual(Arrays.copyOfRange(resBuf, 11, resBuf.length), expected))
-        {
-            fail("Offset failed got " + new String(Hex.encode(resBuf)));
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        // test keyed test vectors:
-
-        Blake2bDigest blake2bkeyed = new Blake2bDigest(Hex.decode(keyedTestVectors[0][1]));
-        for (int tv = 0; tv < keyedTestVectors.length; tv++)
-        {
-
-            byte[] input = Hex.decode(keyedTestVectors[tv][0]);
-            blake2bkeyed.reset();
-
-            blake2bkeyed.update(input, 0, input.length);
-            byte[] keyedHash = new byte[64];
-            blake2bkeyed.doFinal(keyedHash, 0);
-
-            if (!Arrays.areEqual(Hex.decode(keyedTestVectors[tv][2]), keyedHash))
-            {
-                fail("BLAKE2b mismatch on test vector ",
-                    keyedTestVectors[tv][2],
-                    new String(Hex.encode(keyedHash)));
-            }
-
-            offsetTest(blake2bkeyed, input, keyedHash);
-        }
-
-        Blake2bDigest blake2bunkeyed = new Blake2bDigest();
-        // test unkeyed test vectors:
-        for (int i = 0; i < unkeyedTestVectors.length; i++)
-        {
-
-            try
-            {
-                // blake2bunkeyed.update(
-                // unkeyedTestVectors[i][1].getBytes("UTF-8"));
-                // test update(byte b)
-                byte[] unkeyedInput = unkeyedTestVectors[i][1]
-                    .getBytes("UTF-8");
-                for (int j = 0; j < unkeyedInput.length; j++)
-                {
-                    blake2bunkeyed.update(unkeyedInput[j]);
-                }
-            }
-            catch (UnsupportedEncodingException e)
-            {
-                // TODO Auto-generated catch block
-                e.printStackTrace();
-            }
-            byte[] unkeyedHash = new byte[64];
-            blake2bunkeyed.doFinal(unkeyedHash, 0);
-            blake2bunkeyed.reset();
-
-            if (!Arrays.areEqual(Hex.decode(unkeyedTestVectors[i][0]),
-                unkeyedHash))
-            {
-                fail("BLAKE2b mismatch on test vector ",
-                    unkeyedTestVectors[i][0],
-                    new String(Hex.encode(unkeyedHash)));
-            }
-        }
-
-        cloneTest();
-        resetTest();
-        testNullKeyVsUnkeyed();
-        testLengthConstruction();
-    }
-
-    private void cloneTest()
-    {
-        Blake2bDigest blake2bCloneSource = new Blake2bDigest(Hex.decode(keyedTestVectors[3][1]), 16, Hex.decode("000102030405060708090a0b0c0d0e0f"), Hex.decode("101112131415161718191a1b1c1d1e1f"));
-        byte[] expected = Hex.decode("b6d48ed5771b17414c4e08bd8d8a3bc4");
-
-        checkClone(blake2bCloneSource, expected);
-
-        // just digest size
-        blake2bCloneSource = new Blake2bDigest(160);
-        expected = Hex.decode("64202454e538279b21cea0f5a7688be656f8f484");
-        checkClone(blake2bCloneSource, expected);
-
-        // null salt and personalisation
-        blake2bCloneSource = new Blake2bDigest(Hex.decode(keyedTestVectors[3][1]), 16, null, null);
-        expected = Hex.decode("2b4a081fae2d7b488f5eed7e83e42a20");
-        checkClone(blake2bCloneSource, expected);
-
-        // null personalisation
-        blake2bCloneSource = new Blake2bDigest(Hex.decode(keyedTestVectors[3][1]), 16, Hex.decode("000102030405060708090a0b0c0d0e0f"), null);
-        expected = Hex.decode("00c3a2a02fcb9f389857626e19d706f6");
-        checkClone(blake2bCloneSource, expected);
-
-        // null salt
-        blake2bCloneSource = new Blake2bDigest(Hex.decode(keyedTestVectors[3][1]), 16, null, Hex.decode("101112131415161718191a1b1c1d1e1f"));
-        expected = Hex.decode("f445ec9c062a3c724f8fdef824417abb");
-        checkClone(blake2bCloneSource, expected);
-    }
-
-    private void checkClone(Blake2bDigest blake2bCloneSource, byte[] expected)
-    {
-        byte[] message = Hex.decode(keyedTestVectors[3][0]);
-
-        blake2bCloneSource.update(message, 0, message.length);
-
-        byte[] hash = new byte[blake2bCloneSource.getDigestSize()];
-
-        Blake2bDigest digClone = new Blake2bDigest(blake2bCloneSource);
-
-        blake2bCloneSource.doFinal(hash, 0);
-        if (!areEqual(expected, hash))
-        {
-            fail("clone source not correct");
-        }
-
-        digClone.doFinal(hash, 0);
-        if (!areEqual(expected, hash))
-        {
-            fail("clone not correct");
-        }
-    }
-
-    private void testLengthConstruction()
-    {
-        try
-        {
-            new Blake2bDigest(-1);
-            fail("no exception");
-        }
-        catch (IllegalArgumentException e)
-        {
-            isEquals("BLAKE2b digest bit length must be a multiple of 8 and not greater than 512", e.getMessage());
-        }
-
-        try
-        {
-            new Blake2bDigest(9);
-            fail("no exception");
-        }
-        catch (IllegalArgumentException e)
-        {
-            isEquals("BLAKE2b digest bit length must be a multiple of 8 and not greater than 512", e.getMessage());
-        }
-
-        try
-        {
-            new Blake2bDigest(520);
-            fail("no exception");
-        }
-        catch (IllegalArgumentException e)
-        {
-            isEquals("BLAKE2b digest bit length must be a multiple of 8 and not greater than 512", e.getMessage());
-        }
-
-        try
-        {
-            new Blake2bDigest(null, -1, null, null);
-            fail("no exception");
-        }
-        catch (IllegalArgumentException e)
-        {
-            isEquals("Invalid digest length (required: 1 - 64)", e.getMessage());
-        }
-
-        try
-        {
-            new Blake2bDigest(null, 65, null, null);
-            fail("no exception");
-        }
-        catch (IllegalArgumentException e)
-        {
-            isEquals("Invalid digest length (required: 1 - 64)", e.getMessage());
-        }
-    }
-
-    private void testNullKeyVsUnkeyed()
-    {
-        byte[] abc = Strings.toByteArray("abc");
-
-        for (int i = 1; i != 64; i++)
-        {
-            Blake2bDigest dig1 = new Blake2bDigest(i * 8);
-            Blake2bDigest dig2 = new Blake2bDigest(null, i, null, null);
-
-            byte[] out1 = new byte[i];
-            byte[] out2 = new byte[i];
-
-            dig1.update(abc, 0, abc.length);
-            dig2.update(abc, 0, abc.length);
-
-            dig1.doFinal(out1, 0);
-            dig2.doFinal(out2, 0);
-
-            isTrue(Arrays.areEqual(out1, out2));
-        }
-    }
-
-    private void resetTest()
-    {
-        // Generate a non-zero key
-        byte[] key = new byte[32];
-        for (byte i = 0; i < key.length; i++)
-        {
-            key[i] = i;
-        }
-        // Generate some non-zero input longer than the key
-        byte[] input = new byte[key.length + 1];
-        for (byte i = 0; i < input.length; i++)
-        {
-            input[i] = i;
-        }
-        // Hash the input
-        Blake2bDigest digest = new Blake2bDigest(key);
-        digest.update(input, 0, input.length);
-        byte[] hash = new byte[digest.getDigestSize()];
-        digest.doFinal(hash, 0);
-        // Using a second instance, hash the input without calling doFinal()
-        Blake2bDigest digest1 = new Blake2bDigest(key);
-        digest1.update(input, 0, input.length);
-        // Reset the second instance and hash the input again
-        digest1.reset();
-        digest1.update(input, 0, input.length);
-        byte[] hash1 = new byte[digest.getDigestSize()];
-        digest1.doFinal(hash1, 0);
-        // The hashes should be identical
-        if (!Arrays.areEqual(hash, hash1))
-        {
-            fail("state was not reset");
-        }
-    }
-
-    public static void main(String[] args)
-        throws Exception
-    {
-        runTest(new Blake2bDigestTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/Blake2sDigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/Blake2sDigestTest.java
deleted file mode 100644
index 583eb47..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/Blake2sDigestTest.java
+++ /dev/null

@@ -1,311 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.util.Random;
-
-import org.bouncycastle.crypto.digests.Blake2sDigest;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class Blake2sDigestTest
-    extends SimpleTest
-{
-
-    // Vectors from BLAKE2 web site: https://blake2.net/blake2s-test.txt
-    private static final String[][] keyedTestVectors = {
-        // input/message, key, hash
-        {
-            "",
-            "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
-            "48a8997da407876b3d79c0d92325ad3b89cbb754d86ab71aee047ad345fd2c49",
-        },
-        {
-            "00",
-            "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
-            "40d15fee7c328830166ac3f918650f807e7e01e177258cdc0a39b11f598066f1",
-        },
-        {
-            "0001",
-            "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
-            "6bb71300644cd3991b26ccd4d274acd1adeab8b1d7914546c1198bbe9fc9d803",
-        },
-        {
-            "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d",
-            "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
-            "172ffc67153d12e0ca76a8b6cd5d4731885b39ce0cac93a8972a18006c8b8baf",
-        },
-        {
-            "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3",
-            "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
-            "4f8ce1e51d2fe7f24043a904d898ebfc91975418753413aa099b795ecb35cedb",
-        },
-        {
-            "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfe",
-            "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
-            "3fb735061abc519dfe979e54c1ee5bfad0a9d858b3315bad34bde999efd724dd",
-        },
-    };
-
-    public String getName()
-    {
-        return "BLAKE2s";
-    }
-
-    public void testDigestWithKeyedTestVectors()
-    {
-        Blake2sDigest digest = new Blake2sDigest(Hex.decode(
-            keyedTestVectors[0][1]));
-        for (int i = 0; i != keyedTestVectors.length; i++)
-        {
-            String[] keyedTestVector = keyedTestVectors[i];
-            byte[] input = Hex.decode(keyedTestVector[0]);
-            digest.reset();
-
-            digest.update(input, 0, input.length);
-            byte[] hash = new byte[32];
-            digest.doFinal(hash, 0);
-
-            if (!areEqual(Hex.decode(keyedTestVector[2]), hash))
-            {
-                fail("BLAKE2s mismatch on test vector ",
-                    keyedTestVector[2],
-                    new String(Hex.encode(hash)));
-            }
-        }
-    }
-
-    public void testDigestWithKeyedTestVectorsAndRandomUpdate()
-    {
-        Blake2sDigest digest = new Blake2sDigest(Hex.decode(
-            keyedTestVectors[0][1]));
-        Random random = new Random();
-        for (int i = 0; i < 100; i++)
-        {
-            for (int j = 0; j != keyedTestVectors.length; j++)
-            {
-                String[] keyedTestVector = keyedTestVectors[j];
-                byte[] input = Hex.decode(keyedTestVector[0]);
-                if (input.length < 3)
-                {
-                    continue;
-                }
-                digest.reset();
-
-                int pos = (random.nextInt() & 0xffff) % input.length;
-                if (pos > 0)
-                {
-                    digest.update(input, 0, pos);
-                }
-                digest.update(input[pos]);
-                if (pos < (input.length - 1))
-                {
-                    digest.update(input, pos + 1, input.length - (pos + 1));
-                }
-
-                byte[] hash = new byte[32];
-                digest.doFinal(hash, 0);
-
-                if (!areEqual(Hex.decode(keyedTestVector[2]), hash))
-                {
-                    fail("BLAKE2s mismatch on test vector ",
-                        keyedTestVector[2],
-                        new String(Hex.encode(hash)));
-                }
-            }
-        }
-    }
-
-    private void testLengthConstruction()
-    {
-        try
-        {
-            new Blake2sDigest(-1);
-            fail("no exception");
-        }
-        catch (IllegalArgumentException e)
-        {
-            isEquals("BLAKE2s digest bit length must be a multiple of 8 and not greater than 256", e.getMessage());
-        }
-
-        try
-        {
-            new Blake2sDigest(9);
-            fail("no exception");
-        }
-        catch (IllegalArgumentException e)
-        {
-            isEquals("BLAKE2s digest bit length must be a multiple of 8 and not greater than 256", e.getMessage());
-        }
-        
-        try
-        {
-            new Blake2sDigest(512);
-            fail("no exception");
-        }
-        catch (IllegalArgumentException e)
-        {
-            isEquals("BLAKE2s digest bit length must be a multiple of 8 and not greater than 256", e.getMessage());
-        }
-
-        try
-        {
-            new Blake2sDigest(null, -1, null, null);
-            fail("no exception");
-        }
-        catch (IllegalArgumentException e)
-        {
-            isEquals("Invalid digest length (required: 1 - 32)", e.getMessage());
-        }
-
-        try
-        {
-            new Blake2sDigest(null, 33, null, null);
-            fail("no exception");
-        }
-        catch (IllegalArgumentException e)
-        {
-            isEquals("Invalid digest length (required: 1 - 32)", e.getMessage());
-        }
-    }
-
-    private void testNullKeyVsUnkeyed()
-    {
-        byte[] abc = Strings.toByteArray("abc");
-
-        for (int i = 1; i != 32; i++)
-        {
-            Blake2sDigest dig1 = new Blake2sDigest(i * 8);
-            Blake2sDigest dig2 = new Blake2sDigest(null, i, null, null);
-
-            byte[] out1 = new byte[i];
-            byte[] out2 = new byte[i];
-
-            dig1.update(abc, 0, abc.length);
-            dig2.update(abc, 0, abc.length);
-
-            dig1.doFinal(out1, 0);
-            dig2.doFinal(out2, 0);
-
-            isTrue(Arrays.areEqual(out1, out2));
-        }
-    }
-
-    public void testReset()
-    {
-        // Generate a non-zero key
-        byte[] key = new byte[32];
-        for (byte i = 0; i < key.length; i++)
-        {
-            key[i] = i;
-        }
-        // Generate some non-zero input longer than the key
-        byte[] input = new byte[key.length + 1];
-        for (byte i = 0; i < input.length; i++)
-        {
-            input[i] = i;
-        }
-        // Hash the input
-        Blake2sDigest digest = new Blake2sDigest(key);
-        digest.update(input, 0, input.length);
-        byte[] hash = new byte[digest.getDigestSize()];
-        digest.doFinal(hash, 0);
-        // Create a second instance, hash the input without calling doFinal()
-        Blake2sDigest digest1 = new Blake2sDigest(key);
-        digest1.update(input, 0, input.length);
-        // Reset the second instance and hash the input again
-        digest1.reset();
-        digest1.update(input, 0, input.length);
-        byte[] hash1 = new byte[digest.getDigestSize()];
-        digest1.doFinal(hash1, 0);
-        // The hashes should be identical
-        if (!areEqual(hash, hash1))
-        {
-            fail("BLAKE2s mismatch on test vector ",
-                new String(Hex.encode(hash)),
-                new String(Hex.encode(hash1)));
-        }
-    }
-
-    // Self-test routine from https://tools.ietf.org/html/rfc7693#appendix-E
-    private static final String SELF_TEST_RESULT =
-        "6A411F08CE25ADCDFB02ABA641451CEC53C598B24F4FC787FBDC88797F4C1DFE";
-    private static final int[] SELF_TEST_DIGEST_LEN = {16, 20, 28, 32};
-    private static final int[] SELF_TEST_INPUT_LEN = {0, 3, 64, 65, 255, 1024};
-
-    private static byte[] selfTestSequence(int len, int seed)
-    {
-        int a = 0xDEAD4BAD * seed;
-        int b = 1;
-        int t;
-        byte[] out = new byte[len];
-
-        for (int i = 0; i < len; i++)
-        {
-            t = a + b;
-            a = b;
-            b = t;
-            out[i] = (byte)((t >> 24) & 0xFF);
-        }
-
-        return out;
-    }
-
-    public void runSelfTest()
-    {
-        Blake2sDigest testDigest = new Blake2sDigest();
-        byte[] md = new byte[32];
-
-        for (int i = 0; i < 4; i++)
-        {
-            int outlen = SELF_TEST_DIGEST_LEN[i];
-            for (int j = 0; j < 6; j++)
-            {
-                int inlen = SELF_TEST_INPUT_LEN[j];
-
-                // unkeyed hash
-                byte[] in = selfTestSequence(inlen, inlen);
-                Blake2sDigest unkeyedDigest = new Blake2sDigest(outlen * 8);
-                unkeyedDigest.update(in, 0, inlen);
-                unkeyedDigest.doFinal(md, 0);
-                // hash the hash
-                testDigest.update(md, 0, outlen);
-
-                // keyed hash
-                byte[] key = selfTestSequence(outlen, outlen);
-                Blake2sDigest keyedDigest = new Blake2sDigest(key, outlen, null,
-                    null);
-                keyedDigest.update(in, 0, inlen);
-                keyedDigest.doFinal(md, 0);
-                // hash the hash
-                testDigest.update(md, 0, outlen);
-            }
-        }
-
-        byte[] hash = new byte[32];
-        testDigest.doFinal(hash, 0);
-        if (!areEqual(Hex.decode(SELF_TEST_RESULT), hash))
-        {
-            fail("BLAKE2s mismatch on test vector ",
-                SELF_TEST_RESULT,
-                new String(Hex.encode(hash)));
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        testDigestWithKeyedTestVectors();
-        testDigestWithKeyedTestVectorsAndRandomUpdate();
-        testReset();
-        runSelfTest();
-        testNullKeyVsUnkeyed();
-        testLengthConstruction();
-    }
-
-    public static void main(String[] args)
-        throws Exception
-    {
-        runTest(new Blake2sDigestTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/BlockCipherMonteCarloTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/BlockCipherMonteCarloTest.java
deleted file mode 100644
index 72242c5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/BlockCipherMonteCarloTest.java
+++ /dev/null

@@ -1,82 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * a basic test that takes a cipher, key parameter, and an input
- * and output string. This test wraps the engine in a buffered block
- * cipher with padding disabled.
- */
-public class BlockCipherMonteCarloTest
-    extends SimpleTest
-{
-    int                 id;
-    int                 iterations;
-    BlockCipher         engine;
-    CipherParameters    param;
-    byte[]              input;
-    byte[]              output;
-
-    public BlockCipherMonteCarloTest(
-        int                 id,
-        int                 iterations,
-        BlockCipher         engine,
-        CipherParameters    param,
-        String              input,
-        String              output)
-    {
-        this.id = id;
-        this.iterations = iterations;
-        this.engine = engine;
-        this.param = param;
-        this.input = Hex.decode(input);
-        this.output = Hex.decode(output);
-    }
-
-    public String getName()
-    {
-        return engine.getAlgorithmName() + " Monte Carlo Test " + id;
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        BufferedBlockCipher cipher = new BufferedBlockCipher(engine);
-
-        cipher.init(true, param);
-
-        byte[]  out = new byte[input.length];
-
-        System.arraycopy(input, 0, out, 0, out.length);
-
-        for (int i = 0; i != iterations; i++)
-        {
-            int len1 = cipher.processBytes(out, 0, out.length, out, 0);
-
-            cipher.doFinal(out, len1);
-        }
-
-        if (!areEqual(out, output))
-        {
-            fail("failed - " + "expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(out)));
-        }
-
-        cipher.init(false, param);
-
-        for (int i = 0; i != iterations; i++)
-        {
-            int len1 = cipher.processBytes(out, 0, out.length, out, 0);
-
-            cipher.doFinal(out, len1);
-        }
-
-        if (!areEqual(input, out))
-        {
-            fail("failed reversal");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/BlockCipherResetTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/BlockCipherResetTest.java
deleted file mode 100644
index a35835b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/BlockCipherResetTest.java
+++ /dev/null

@@ -1,206 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.engines.AESEngine;
-import org.bouncycastle.crypto.engines.AESFastEngine;
-import org.bouncycastle.crypto.engines.AESLightEngine;
-import org.bouncycastle.crypto.engines.BlowfishEngine;
-import org.bouncycastle.crypto.engines.CAST5Engine;
-import org.bouncycastle.crypto.engines.CAST6Engine;
-import org.bouncycastle.crypto.engines.DESEngine;
-import org.bouncycastle.crypto.engines.DESedeEngine;
-import org.bouncycastle.crypto.engines.NoekeonEngine;
-import org.bouncycastle.crypto.engines.RC6Engine;
-import org.bouncycastle.crypto.engines.SEEDEngine;
-import org.bouncycastle.crypto.engines.SerpentEngine;
-import org.bouncycastle.crypto.engines.TEAEngine;
-import org.bouncycastle.crypto.engines.TwofishEngine;
-import org.bouncycastle.crypto.engines.XTEAEngine;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.modes.CFBBlockCipher;
-import org.bouncycastle.crypto.modes.GOFBBlockCipher;
-import org.bouncycastle.crypto.modes.OFBBlockCipher;
-import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher;
-import org.bouncycastle.crypto.modes.PGPCFBBlockCipher;
-import org.bouncycastle.crypto.modes.SICBlockCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Test whether block ciphers implement reset contract on init, encrypt/decrypt and reset.
- */
-public class BlockCipherResetTest
-    extends SimpleTest
-{
-
-    public String getName()
-    {
-        return "Block Cipher Reset";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        // 128 bit block ciphers
-        testReset("AESFastEngine", new AESFastEngine(), new AESFastEngine(), new KeyParameter(new byte[16]));
-        testReset("AESEngine", new AESEngine(), new AESEngine(), new KeyParameter(new byte[16]));
-        testReset("AESLightEngine", new AESLightEngine(), new AESLightEngine(), new KeyParameter(new byte[16]));
-        testReset("Twofish", new TwofishEngine(), new TwofishEngine(), new KeyParameter(new byte[16]));
-        testReset("NoekeonEngine", new NoekeonEngine(), new NoekeonEngine(), new KeyParameter(new byte[16]));
-        testReset("SerpentEngine", new SerpentEngine(), new SerpentEngine(), new KeyParameter(new byte[16]));
-        testReset("SEEDEngine", new SEEDEngine(), new SEEDEngine(), new KeyParameter(new byte[16]));
-        testReset("CAST6Engine", new CAST6Engine(), new CAST6Engine(), new KeyParameter(new byte[16]));
-        testReset("RC6Engine", new RC6Engine(), new RC6Engine(), new KeyParameter(new byte[16]));
-
-        // 64 bit block ciphers
-        testReset("DESEngine", new DESEngine(), new DESEngine(), new KeyParameter(new byte[8]));
-        testReset("BlowfishEngine", new BlowfishEngine(), new BlowfishEngine(), new KeyParameter(new byte[8]));
-        testReset("CAST5Engine", new CAST5Engine(), new CAST5Engine(), new KeyParameter(new byte[8]));
-        testReset("DESedeEngine", new DESedeEngine(), new DESedeEngine(), new KeyParameter(new byte[24]));
-        testReset("TEAEngine", new TEAEngine(), new TEAEngine(), new KeyParameter(new byte[16]));
-        testReset("XTEAEngine", new XTEAEngine(), new XTEAEngine(), new KeyParameter(new byte[16]));
-
-        // primitive block cipher modes (don't reset on processBlock)
-        testModeReset("AES/CBC", new CBCBlockCipher(new AESEngine()), new CBCBlockCipher(new AESEngine()),
-            new ParametersWithIV(new KeyParameter(new byte[16]), new byte[16]));
-        testModeReset("AES/SIC", new SICBlockCipher(new AESEngine()), new SICBlockCipher(new AESEngine()),
-            new ParametersWithIV(new KeyParameter(new byte[16]), new byte[16]));
-        testModeReset("AES/CFB", new CFBBlockCipher(new AESEngine(), 128), new CFBBlockCipher(new AESEngine(), 128),
-            new ParametersWithIV(new KeyParameter(new byte[16]), new byte[16]));
-        testModeReset("AES/OFB", new OFBBlockCipher(new AESEngine(), 128), new OFBBlockCipher(new AESEngine(), 128),
-            new ParametersWithIV(new KeyParameter(new byte[16]), new byte[16]));
-        testModeReset("AES/GCTR", new GOFBBlockCipher(new DESEngine()), new GOFBBlockCipher(new DESEngine()),
-            new ParametersWithIV(new KeyParameter(new byte[8]), new byte[8]));
-        testModeReset("AES/OpenPGPCFB", new OpenPGPCFBBlockCipher(new AESEngine()), new OpenPGPCFBBlockCipher(
-            new AESEngine()), new KeyParameter(new byte[16]));
-        testModeReset("AES/PGPCFB", new PGPCFBBlockCipher(new AESEngine(), false), new PGPCFBBlockCipher(
-            new AESEngine(), false), new KeyParameter(new byte[16]));
-
-        // PGPCFB with IV is broken (it's also not a PRP, so probably shouldn't be a BlockCipher)
-        // testModeReset("AES/PGPCFBwithIV", new PGPCFBBlockCipher(new AESEngine(), true), new
-        // PGPCFBBlockCipher(
-        // new AESEngine(), true), new ParametersWithIV(new KeyParameter(new byte[16]), new
-        // byte[16]));
-        // testModeReset("AES/PGPCFBwithIV_NoIV", new PGPCFBBlockCipher(new AESEngine(), true), new
-        // PGPCFBBlockCipher(
-        // new AESEngine(), true), new KeyParameter(new byte[16]));
-
-    }
-
-    private void testModeReset(String test, BlockCipher cipher1, BlockCipher cipher2, CipherParameters params)
-        throws InvalidCipherTextException
-    {
-        testReset(test, false, cipher1, cipher2, params);
-    }
-
-    private void testReset(String test, BlockCipher cipher1, BlockCipher cipher2, CipherParameters params)
-        throws InvalidCipherTextException
-    {
-        testReset(test, true, cipher1, cipher2, params);
-    }
-
-    private void testReset(String test,
-                           boolean testCryptReset,
-                           BlockCipher cipher1,
-                           BlockCipher cipher2,
-                           CipherParameters params)
-        throws InvalidCipherTextException
-    {
-        cipher1.init(true, params);
-
-        byte[] plaintext = new byte[cipher1.getBlockSize()];
-        byte[] ciphertext = new byte[(cipher1.getAlgorithmName().indexOf("PGPCFBwithIV")) > -1 ? 2 * cipher1.getBlockSize() + 2
-            : cipher1.getBlockSize()];
-
-        // Establish baseline answer
-        crypt(cipher1, true, plaintext, ciphertext);
-
-        // Test encryption resets
-        checkReset(test, testCryptReset, cipher1, params, true, plaintext, ciphertext);
-
-        // Test decryption resets with fresh instance
-        cipher2.init(false, params);
-        checkReset(test, testCryptReset, cipher2, params, false, ciphertext, plaintext);
-    }
-
-    private void checkReset(String test,
-                            boolean testCryptReset,
-                            BlockCipher cipher,
-                            CipherParameters params,
-                            boolean encrypt,
-                            byte[] pretext,
-                            byte[] posttext)
-        throws InvalidCipherTextException
-    {
-        // Do initial run
-        byte[] output = new byte[posttext.length];
-        crypt(cipher, encrypt, pretext, output);
-
-        // Check encrypt resets cipher
-        if (testCryptReset)
-        {
-            crypt(cipher, encrypt, pretext, output);
-            if (!Arrays.areEqual(output, posttext))
-            {
-                fail(test + (encrypt ? " encrypt" : " decrypt") + " did not reset cipher.");
-            }
-        }
-
-        // Check init resets data
-        cipher.processBlock(pretext, 0, output, 0);
-        cipher.init(encrypt, params);
-
-        try
-        {
-            crypt(cipher, encrypt, pretext, output);
-        }
-        catch (DataLengthException e)
-        {
-            fail(test + " init did not reset data.");
-        }
-        if (!Arrays.areEqual(output, posttext))
-        {
-            fail(test + " init did not reset data.", new String(Hex.encode(posttext)), new String(Hex.encode(output)));
-        }
-
-        // Check reset resets data
-        cipher.processBlock(pretext, 0, output, 0);
-        cipher.reset();
-
-        try
-        {
-            crypt(cipher, encrypt, pretext, output);
-        }
-        catch (DataLengthException e)
-        {
-            fail(test + " reset did not reset data.");
-        }
-        if (!Arrays.areEqual(output, posttext))
-        {
-            fail(test + " reset did not reset data.");
-        }
-    }
-
-    private static void crypt(BlockCipher cipher1, boolean encrypt, byte[] plaintext, byte[] output)
-        throws InvalidCipherTextException
-    {
-        cipher1.processBlock(plaintext, 0, output, 0);
-        if ((cipher1.getAlgorithmName().indexOf("PGPCFBwithIV") > -1) && !encrypt)
-        {
-            // Process past IV in first block
-            cipher1.processBlock(plaintext, cipher1.getBlockSize(), output, 0);
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new BlockCipherResetTest());
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/BlockCipherVectorTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/BlockCipherVectorTest.java
deleted file mode 100644
index 3eced59..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/BlockCipherVectorTest.java
+++ /dev/null

@@ -1,73 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * a basic test that takes a cipher, key parameter, and an input
- * and output string. This test wraps the engine in a buffered block
- * cipher with padding disabled.
- */
-public class BlockCipherVectorTest
-    extends SimpleTest
-{
-    int                 id;
-    BlockCipher         engine;
-    CipherParameters    param;
-    byte[]              input;
-    byte[]              output;
-
-    public BlockCipherVectorTest(
-        int                 id,
-        BlockCipher         engine,
-        CipherParameters    param,
-        String              input,
-        String              output)
-    {
-        this.id = id;
-        this.engine = engine;
-        this.param = param;
-        this.input = Hex.decode(input);
-        this.output = Hex.decode(output);
-    }
-
-    public String getName()
-    {
-        return engine.getAlgorithmName() + " Vector Test " + id;
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        BufferedBlockCipher cipher = new BufferedBlockCipher(engine);
-
-        cipher.init(true, param);
-
-        byte[]  out = new byte[input.length];
-
-        int len1 = cipher.processBytes(input, 0, input.length, out, 0);
-
-        cipher.doFinal(out, len1);
-
-        if (!areEqual(out, output))
-        {
-            fail("failed - " + "expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(out)));
-        }
-
-        cipher.init(false, param);
-
-        int len2 = cipher.processBytes(output, 0, output.length, out, 0);
-
-        cipher.doFinal(out, len2);
-
-        if (!areEqual(input, out))
-        {
-            System.out.println(" got " + new String(Hex.encode(out)));
-
-            fail("failed reversal - " + "expected " + new String(Hex.encode(input)));
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/BlowfishTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/BlowfishTest.java
deleted file mode 100644
index 757788e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/BlowfishTest.java
+++ /dev/null

@@ -1,57 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.engines.BlowfishEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * blowfish tester - vectors from http://www.counterpane.com/vectors.txt
- */
-public class BlowfishTest
-    extends CipherTest
-{
-    static SimpleTest[]  tests = 
-            {
-                new BlockCipherVectorTest(0, new BlowfishEngine(),
-                        new KeyParameter(Hex.decode("0000000000000000")),
-                        "0000000000000000", "4EF997456198DD78"),
-                new BlockCipherVectorTest(1, new BlowfishEngine(),
-                        new KeyParameter(Hex.decode("FFFFFFFFFFFFFFFF")),
-                        "FFFFFFFFFFFFFFFF", "51866FD5B85ECB8A"),
-                new BlockCipherVectorTest(2, new BlowfishEngine(),
-                        new KeyParameter(Hex.decode("3000000000000000")),
-                        "1000000000000001", "7D856F9A613063F2"),
-                new BlockCipherVectorTest(3, new BlowfishEngine(),
-                        new KeyParameter(Hex.decode("1111111111111111")),
-                        "1111111111111111", "2466DD878B963C9D"),
-                new BlockCipherVectorTest(4, new BlowfishEngine(),
-                        new KeyParameter(Hex.decode("0123456789ABCDEF")),
-                        "1111111111111111", "61F9C3802281B096"),
-                new BlockCipherVectorTest(5, new BlowfishEngine(),
-                        new KeyParameter(Hex.decode("FEDCBA9876543210")),
-                        "0123456789ABCDEF", "0ACEAB0FC6A0A28D"),
-                new BlockCipherVectorTest(6, new BlowfishEngine(),
-                        new KeyParameter(Hex.decode("7CA110454A1A6E57")),
-                        "01A1D6D039776742", "59C68245EB05282B"),
-                new BlockCipherVectorTest(7, new BlowfishEngine(),
-                        new KeyParameter(Hex.decode("0131D9619DC1376E")),
-                        "5CD54CA83DEF57DA", "B1B8CC0B250F09A0"),
-            };
-
-    BlowfishTest()
-    {
-        super(tests, new BlowfishEngine(), new KeyParameter(new byte[16]));
-    }
-
-    public String getName()
-    {
-        return "Blowfish";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new BlowfishTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/CAST5Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/CAST5Test.java
deleted file mode 100644
index c651d87..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/CAST5Test.java
+++ /dev/null

@@ -1,44 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.engines.CAST5Engine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * cast tester - vectors from http://www.ietf.org/rfc/rfc2144.txt
- */
-public class CAST5Test
-    extends CipherTest
-{
-    static SimpleTest[]  tests = {
-        new BlockCipherVectorTest(0, new CAST5Engine(),
-            new KeyParameter(Hex.decode("0123456712345678234567893456789A")),
-            "0123456789ABCDEF", 
-            "238B4FE5847E44B2"),
-        new BlockCipherVectorTest(0, new CAST5Engine(),
-            new KeyParameter(Hex.decode("01234567123456782345")),
-            "0123456789ABCDEF", 
-            "EB6A711A2C02271B"),
-        new BlockCipherVectorTest(0, new CAST5Engine(),
-            new KeyParameter(Hex.decode("0123456712")),
-            "0123456789ABCDEF", 
-            "7Ac816d16E9B302E"),
-            };
-
-    CAST5Test()
-    {
-        super(tests, new CAST5Engine(), new KeyParameter(new byte[16]));
-    }
-
-    public String getName()
-    {
-        return "CAST5";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new CAST5Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/CAST6Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/CAST6Test.java
deleted file mode 100644
index ef035a5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/CAST6Test.java
+++ /dev/null

@@ -1,44 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.engines.CAST6Engine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * cast6 tester - vectors from http://www.ietf.org/rfc/rfc2612.txt
- */
-public class CAST6Test
-    extends CipherTest
-{
-    static SimpleTest[]  tests = {
-        new BlockCipherVectorTest(0, new CAST6Engine(),
-            new KeyParameter(Hex.decode("2342bb9efa38542c0af75647f29f615d")),
-            "00000000000000000000000000000000", 
-            "c842a08972b43d20836c91d1b7530f6b"),
-        new BlockCipherVectorTest(0, new CAST6Engine(),
-            new KeyParameter(Hex.decode("2342bb9efa38542cbed0ac83940ac298bac77a7717942863")),
-            "00000000000000000000000000000000", 
-            "1b386c0210dcadcbdd0e41aa08a7a7e8"),
-        new BlockCipherVectorTest(0, new CAST6Engine(),
-            new KeyParameter(Hex.decode("2342bb9efa38542cbed0ac83940ac2988d7c47ce264908461cc1b5137ae6b604")),
-            "00000000000000000000000000000000", 
-            "4f6a2038286897b9c9870136553317fa")
-            };
-
-    CAST6Test()
-    {
-        super(tests, new CAST6Engine(), new KeyParameter(new byte[16]));
-    }
-
-    public String getName()
-    {
-        return "CAST6";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new CAST6Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/CCMTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/CCMTest.java
deleted file mode 100644
index 2bbfe2a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/CCMTest.java
+++ /dev/null

@@ -1,305 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.engines.AESEngine;
-import org.bouncycastle.crypto.engines.DESEngine;
-import org.bouncycastle.crypto.modes.CCMBlockCipher;
-import org.bouncycastle.crypto.params.AEADParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * First four test vectors from
- * NIST Special Publication 800-38C.
- */
-public class CCMTest
-    extends SimpleTest
-{
-    private byte[] K1 = Hex.decode("404142434445464748494a4b4c4d4e4f");
-    private byte[] N1 = Hex.decode("10111213141516");
-    private byte[] A1 = Hex.decode("0001020304050607");
-    private byte[] P1 = Hex.decode("20212223");
-    private byte[] C1 = Hex.decode("7162015b4dac255d");
-    private byte[] T1 = Hex.decode("6084341b");
-
-    private byte[] K2 = Hex.decode("404142434445464748494a4b4c4d4e4f");
-    private byte[] N2 = Hex.decode("1011121314151617");
-    private byte[] A2 = Hex.decode("000102030405060708090a0b0c0d0e0f");
-    private byte[] P2 = Hex.decode("202122232425262728292a2b2c2d2e2f");
-    private byte[] C2 = Hex.decode("d2a1f0e051ea5f62081a7792073d593d1fc64fbfaccd");
-    private byte[] T2 = Hex.decode("7f479ffca464");
-
-    private byte[] K3 = Hex.decode("404142434445464748494a4b4c4d4e4f");
-    private byte[] N3 = Hex.decode("101112131415161718191a1b");
-    private byte[] A3 = Hex.decode("000102030405060708090a0b0c0d0e0f10111213");
-    private byte[] P3 = Hex.decode("202122232425262728292a2b2c2d2e2f3031323334353637");
-    private byte[] C3 = Hex.decode("e3b201a9f5b71a7a9b1ceaeccd97e70b6176aad9a4428aa5484392fbc1b09951");
-    private byte[] T3 = Hex.decode("67c99240c7d51048");
-
-    private byte[] K4 = Hex.decode("404142434445464748494a4b4c4d4e4f");
-    private byte[] N4 = Hex.decode("101112131415161718191a1b1c");
-    private byte[] A4 = Hex.decode("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f909192939495969798999a9b9c9d9e9fa0a1a2a3a4a5a6a7a8a9aaabacadaeafb0b1b2b3b4b5b6b7b8b9babbbcbdbebfc0c1c2c3c4c5c6c7c8c9cacbcccdcecfd0d1d2d3d4d5d6d7d8d9dadbdcdddedfe0e1e2e3e4e5e6e7e8e9eaebecedeeeff0f1f2f3f4f5f6f7f8f9fafbfcfdfeff");
-    private byte[] P4 = Hex.decode("202122232425262728292a2b2c2d2e2f303132333435363738393a3b3c3d3e3f");
-    private byte[] C4 = Hex.decode("69915dad1e84c6376a68c2967e4dab615ae0fd1faec44cc484828529463ccf72b4ac6bec93e8598e7f0dadbcea5b");
-    private byte[] T4 = Hex.decode("f4dd5d0ee404617225ffe34fce91");
-
-    //
-    // long data vector
-    //
-    private byte[] C5 = Hex.decode("49b17d8d3ea4e6174a48e2b65e6d8b417ac0dd3f8ee46ce4a4a2a509661cef52528c1cd9805333a5cfd482fa3f095a3c2fdd1cc47771c5e55fddd60b5c8d6d3fa5c8dd79d08b16242b6642106e7c0c28bd1064b31e6d7c9800c8397dbc3fa8071e6a38278b386c18d65d39c6ad1ef9501a5c8f68d38eb6474799f3cc898b4b9b97e87f9c95ce5c51bc9d758f17119586663a5684e0a0daf6520ec572b87473eb141d10471e4799ded9e607655402eca5176bbf792ef39dd135ac8d710da8e9e854fd3b95c681023f36b5ebe2fb213d0b62dd6e9e3cfe190b792ccb20c53423b2dca128f861a61d306910e1af418839467e466f0ec361d2539eedd99d4724f1b51c07beb40e875a87491ec8b27cd1");
-    private byte[] T5 = Hex.decode("5c768856796b627b13ec8641581b");
-
-    public void performTest()
-        throws Exception
-    {
-        CCMBlockCipher ccm = new CCMBlockCipher(new AESEngine());
-
-        checkVectors(0, ccm, K1, 32, N1, A1, P1, T1, C1);
-        checkVectors(1, ccm, K2, 48, N2, A2, P2, T2, C2);
-        checkVectors(2, ccm, K3, 64, N3, A3, P3, T3, C3);
-
-        ivParamTest(0, ccm, K1, N1);
-
-        //
-        // 4 has a reduced associated text which needs to be replicated
-        //
-        byte[] a4 = new byte[65536]; // 524288 / 8
-
-        for (int i = 0; i < a4.length; i += A4.length)
-        {
-            System.arraycopy(A4, 0, a4, i, A4.length);
-        }
-
-        checkVectors(3, ccm, K4, 112, N4, a4, P4, T4, C4);
-
-        //
-        // long data test
-        //
-        checkVectors(4, ccm, K4, 112, N4, A4, A4, T5, C5);
-
-        // decryption with output specified, non-zero offset.
-        ccm.init(false, new AEADParameters(new KeyParameter(K2), 48, N2, A2));
-
-        byte[] inBuf = new byte[C2.length + 10];
-        byte[] outBuf = new byte[ccm.getOutputSize(C2.length) + 10];
-
-        System.arraycopy(C2, 0, inBuf, 10, C2.length);
-
-        int len = ccm.processPacket(inBuf, 10, C2.length, outBuf, 10);
-        byte[] out = ccm.processPacket(C2, 0, C2.length);
-
-        if (len != out.length || !isEqual(out, outBuf, 10))
-        {
-            fail("decryption output incorrect");
-        }
-
-        // encryption with output specified, non-zero offset.
-        ccm.init(true, new AEADParameters(new KeyParameter(K2), 48, N2, A2));
-
-        int inLen = len;
-        inBuf = outBuf;
-        outBuf = new byte[ccm.getOutputSize(inLen) + 10];
-
-        len = ccm.processPacket(inBuf, 10, inLen, outBuf, 10);
-        out = ccm.processPacket(inBuf, 10, inLen);
-
-        if (len != out.length || !isEqual(out, outBuf, 10))
-        {
-            fail("encryption output incorrect");
-        }
-
-        //
-        // exception tests
-        //
-
-        try
-        {
-            ccm.init(false, new AEADParameters(new KeyParameter(K1), 32, N2, A2));
-
-            ccm.processPacket(C2, 0, C2.length);
-
-            fail("invalid cipher text not picked up");
-        }
-        catch (InvalidCipherTextException e)
-        {
-            // expected
-        }
-
-        try
-        {
-            ccm = new CCMBlockCipher(new DESEngine());
-
-            fail("incorrect block size not picked up");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-
-        try
-        {
-            ccm.init(false, new KeyParameter(K1));
-
-            fail("illegal argument not picked up");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-
-        AEADTestUtil.testReset(this, new CCMBlockCipher(new AESEngine()), new CCMBlockCipher(new AESEngine()), new AEADParameters(new KeyParameter(K1), 32, N2));
-        AEADTestUtil.testTampering(this, ccm, new AEADParameters(new KeyParameter(K1), 32, N2));
-        AEADTestUtil.testOutputSizes(this, new CCMBlockCipher(new AESEngine()), new AEADParameters(
-                new KeyParameter(K1), 32, N2));
-        AEADTestUtil.testBufferSizeChecks(this, new CCMBlockCipher(new AESEngine()), new AEADParameters(
-                new KeyParameter(K1), 32, N2));
-    }
-
-    private boolean isEqual(byte[] exp, byte[] other, int off)
-    {
-        for (int i = 0; i != exp.length; i++)
-        {
-            if (exp[i] != other[off + i])
-            {
-                return false;
-            }
-        }
-
-        return true;
-    }
-
-    private void checkVectors(
-        int count,
-        CCMBlockCipher ccm,
-        byte[] k,
-        int macSize,
-        byte[] n,
-        byte[] a,
-        byte[] p,
-        byte[] t,
-        byte[] c)
-        throws InvalidCipherTextException
-    {
-        byte[] fa = new byte[a.length / 2];
-        byte[] la = new byte[a.length - (a.length / 2)];
-        System.arraycopy(a, 0, fa, 0, fa.length);
-        System.arraycopy(a, fa.length, la, 0, la.length);
-
-        checkVectors(count, ccm, "all initial associated data", k, macSize, n, a, null, p, t, c);
-        checkVectors(count, ccm, "subsequent associated data", k, macSize, n, null, a, p, t, c);
-        checkVectors(count, ccm, "split associated data", k, macSize, n, fa, la, p, t, c);
-        checkVectors(count, ccm, "reuse key", null, macSize, n, fa, la, p, t, c);
-    }
-
-    private void checkVectors(
-        int count,
-        CCMBlockCipher ccm,
-        String additionalDataType,
-        byte[] k,
-        int macSize,
-        byte[] n,
-        byte[] a,
-        byte[] sa,
-        byte[] p,
-        byte[] t,
-        byte[] c)
-        throws InvalidCipherTextException
-    {
-        KeyParameter keyParam = (k == null) ? null : new KeyParameter(k);
-
-        ccm.init(true, new AEADParameters(keyParam, macSize, n, a));
-
-        byte[] enc = new byte[c.length];
-
-        if (sa != null)
-        {
-            ccm.processAADBytes(sa, 0, sa.length);
-        }
-
-        int len = ccm.processBytes(p, 0, p.length, enc, 0);
-
-        len += ccm.doFinal(enc, len);
-
-        if (!areEqual(c, enc))
-        {
-            fail("encrypted stream fails to match in test " + count + " with " + additionalDataType);
-        }
-
-        ccm.init(false, new AEADParameters(keyParam, macSize, n, a));
-
-        byte[] tmp = new byte[enc.length];
-
-        if (sa != null)
-        {
-            ccm.processAADBytes(sa, 0, sa.length);
-        }
-
-        len = ccm.processBytes(enc, 0, enc.length, tmp, 0);
-
-        len += ccm.doFinal(tmp, len);
-
-        byte[] dec = new byte[len];
-
-        System.arraycopy(tmp, 0, dec, 0, len);
-
-        if (!areEqual(p, dec))
-        {
-            fail("decrypted stream fails to match in test " + count + " with " + additionalDataType,
-                    new String(Hex.encode(p)), new String(Hex.encode(dec)));
-        }
-
-        if (!areEqual(t, ccm.getMac()))
-        {
-            fail("MAC fails to match in test " + count + " with " + additionalDataType);
-        }
-    }
-
-    private void ivParamTest(
-        int count,
-        CCMBlockCipher ccm,
-        byte[] k,
-        byte[] n)
-        throws InvalidCipherTextException
-    {
-        byte[] p = Strings.toByteArray("hello world!!");
-
-        ccm.init(true, new ParametersWithIV(new KeyParameter(k), n));
-
-        byte[] enc = new byte[p.length + 8];
-
-        int len = ccm.processBytes(p, 0, p.length, enc, 0);
-
-        len += ccm.doFinal(enc, len);
-
-        ccm.init(false, new ParametersWithIV(new KeyParameter(k), n));
-
-        byte[] tmp = new byte[enc.length];
-
-        len = ccm.processBytes(enc, 0, enc.length, tmp, 0);
-
-        len += ccm.doFinal(tmp, len);
-
-        byte[] dec = new byte[len];
-
-        System.arraycopy(tmp, 0, dec, 0, len);
-
-        if (!areEqual(p, dec))
-        {
-            fail("decrypted stream fails to match in test " + count);
-        }
-    }
-
-    public String getName()
-    {
-        return "CCM";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new CCMTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/CMacTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/CMacTest.java
deleted file mode 100644
index 47160e7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/CMacTest.java
+++ /dev/null

@@ -1,365 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.engines.AESEngine;
-import org.bouncycastle.crypto.engines.AESFastEngine;
-import org.bouncycastle.crypto.engines.BlowfishEngine;
-import org.bouncycastle.crypto.engines.DESEngine;
-import org.bouncycastle.crypto.engines.DESedeEngine;
-import org.bouncycastle.crypto.engines.RijndaelEngine;
-import org.bouncycastle.crypto.engines.Shacal2Engine;
-import org.bouncycastle.crypto.macs.CMac;
-import org.bouncycastle.crypto.macs.CMacWithIV;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * CMAC tester - <a href="http://www.nuee.nagoya-u.ac.jp/labs/tiwata/omac/tv/omac1-tv.txt">Official Test Vectors</a>.
- */
-public class CMacTest
-    extends SimpleTest
-{
-    private static final byte[] keyBytes128 = Hex.decode("2b7e151628aed2a6abf7158809cf4f3c");
-    private static final byte[] keyBytes192 = Hex.decode(
-              "8e73b0f7da0e6452c810f32b809079e5"
-            + "62f8ead2522c6b7b");
-    private static final byte[] keyBytes256 = Hex.decode(
-              "603deb1015ca71be2b73aef0857d7781"
-            + "1f352c073b6108d72d9810a30914dff4");
-
-    private static final byte[] input0 = Hex.decode("");
-    private static final byte[] input16 = Hex.decode("6bc1bee22e409f96e93d7e117393172a");
-    private static final byte[] input40 = Hex.decode(
-              "6bc1bee22e409f96e93d7e117393172a"
-            + "ae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411");
-    private static final byte[] input64 = Hex.decode(
-              "6bc1bee22e409f96e93d7e117393172a"
-            + "ae2d8a571e03ac9c9eb76fac45af8e51"
-            + "30c81c46a35ce411e5fbc1191a0a52ef"
-            + "f69f2445df4f9b17ad2b417be66c3710");
-
-    private static final byte[] output_k128_m0 = Hex.decode("bb1d6929e95937287fa37d129b756746");
-    private static final byte[] output_k128_m16 = Hex.decode("070a16b46b4d4144f79bdd9dd04a287c");
-    private static final byte[] output_k128_m40 = Hex.decode("dfa66747de9ae63030ca32611497c827");
-    private static final byte[] output_k128_m64 = Hex.decode("51f0bebf7e3b9d92fc49741779363cfe");
-
-    private static final byte[] output_k192_m0 = Hex.decode("d17ddf46adaacde531cac483de7a9367");
-    private static final byte[] output_k192_m16 = Hex.decode("9e99a7bf31e710900662f65e617c5184");
-    private static final byte[] output_k192_m40 = Hex.decode("8a1de5be2eb31aad089a82e6ee908b0e");
-    private static final byte[] output_k192_m64 = Hex.decode("a1d5df0eed790f794d77589659f39a11");
-
-    private static final byte[] output_k256_m0 = Hex.decode("028962f61b7bf89efc6b551f4667d983");
-    private static final byte[] output_k256_m16 = Hex.decode("28a7023f452e8f82bd4bf28d8c37c35c");
-    private static final byte[] output_k256_m40 = Hex.decode("aaf3d8f1de5640c232f5b169b9c911e6");
-    private static final byte[] output_k256_m64 = Hex.decode("e1992190549f6ed5696a2c056c315410");
-
-    private static final byte[] output_des_ede = Hex.decode("1ca670dea381d37c");
-
-    private static final byte[] general_input = Strings.toByteArray("The quick brown fox jumps over the lazy dog.");
-
-    public CMacTest()
-    {
-    }
-
-    public void performTest()
-    {
-        BlockCipher cipher = new AESFastEngine();
-        Mac mac = new CMac(cipher, 128);
-
-        //128 bytes key
-
-        KeyParameter key = new KeyParameter(keyBytes128);
-
-        // 0 bytes message - 128 bytes key
-        mac.init(key);
-
-        mac.update(input0, 0, input0.length);
-
-        byte[] out = new byte[16];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output_k128_m0))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output_k128_m0))
-                + " got " + new String(Hex.encode(out)));
-        }
-
-        // 16 bytes message - 128 bytes key
-        mac.init(key);
-
-        mac.update(input16, 0, input16.length);
-
-        out = new byte[16];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output_k128_m16))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output_k128_m16))
-                + " got " + new String(Hex.encode(out)));
-        }
-
-        // 40 bytes message - 128 bytes key
-        mac.init(key);
-
-        mac.update(input40, 0, input40.length);
-
-        out = new byte[16];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output_k128_m40))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output_k128_m40))
-                + " got " + new String(Hex.encode(out)));
-        }
-
-        // 64 bytes message - 128 bytes key
-        mac.init(key);
-
-        mac.update(input64, 0, input64.length);
-
-        out = new byte[16];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output_k128_m64))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output_k128_m64))
-                + " got " + new String(Hex.encode(out)));
-        }
-
-        //192 bytes key
-
-        key = new KeyParameter(keyBytes192);
-
-        // 0 bytes message - 192 bytes key
-        mac.init(key);
-
-        mac.update(input0, 0, input0.length);
-
-        out = new byte[16];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output_k192_m0))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output_k192_m0))
-                + " got " + new String(Hex.encode(out)));
-        }
-
-        // 16 bytes message - 192 bytes key
-        mac.init(key);
-
-        mac.update(input16, 0, input16.length);
-
-        out = new byte[16];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output_k192_m16))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output_k192_m16))
-                + " got " + new String(Hex.encode(out)));
-        }
-
-        // 40 bytes message - 192 bytes key
-        mac.init(key);
-
-        mac.update(input40, 0, input40.length);
-
-        out = new byte[16];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output_k192_m40))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output_k192_m40))
-                + " got " + new String(Hex.encode(out)));
-        }
-
-        // 64 bytes message - 192 bytes key
-        mac.init(key);
-
-        mac.update(input64, 0, input64.length);
-
-        out = new byte[16];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output_k192_m64))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output_k192_m64))
-                + " got " + new String(Hex.encode(out)));
-        }
-
-        //256 bytes key
-
-        key = new KeyParameter(keyBytes256);
-
-        // 0 bytes message - 256 bytes key
-        mac.init(key);
-
-        mac.update(input0, 0, input0.length);
-
-        out = new byte[16];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output_k256_m0))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output_k256_m0))
-                + " got " + new String(Hex.encode(out)));
-        }
-
-        // 16 bytes message - 256 bytes key
-        mac.init(key);
-
-        mac.update(input16, 0, input16.length);
-
-        out = new byte[16];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output_k256_m16))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output_k256_m16))
-                + " got " + new String(Hex.encode(out)));
-        }
-
-        // 40 bytes message - 256 bytes key
-        mac.init(key);
-
-        mac.update(input40, 0, input40.length);
-
-        out = new byte[16];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output_k256_m40))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output_k256_m40))
-                + " got " + new String(Hex.encode(out)));
-        }
-
-        // 64 bytes message - 256 bytes key
-        mac.init(key);
-
-        mac.update(input64, 0, input64.length);
-
-        out = new byte[16];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output_k256_m64))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output_k256_m64))
-                + " got " + new String(Hex.encode(out)));
-        }
-
-        // CMAC with IV
-        // 16 bytes message - 256 bytes key
-        mac = new CMacWithIV(new AESFastEngine());
-
-        mac.init(key);
-
-        mac.update(input16, 0, input16.length);
-
-        out = new byte[16];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output_k256_m16))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output_k256_m16))
-                + " got " + new String(Hex.encode(out)));
-        }
-
-                // CMAC with IV
-        // 16 bytes message - 256 bytes key
-        mac = new CMacWithIV(new AESFastEngine());
-
-        mac.init(new ParametersWithIV(key, Hex.decode("000102030405060708090a0b0c0d0e0f")));
-
-        mac.update(input16, 0, input16.length);
-
-        out = new byte[16];
-
-        mac.doFinal(out, 0);
-
-        if (areEqual(out, output_k256_m16))
-        {
-            fail("Failed - got " + new String(Hex.encode(output_k256_m16)));
-        }
-
-        if (!areEqual(out, Hex.decode("9347a60c64061b9ff2a92522ca8e08fc")))
-        {
-            fail("Failed - expected " + "9347a60c64061b9ff2a92522ca8e08fc"
-                + " got " + new String(Hex.encode(out)));
-        }
-
-        testCMac(new DESedeEngine(), keyBytes128, input0, output_des_ede);
-
-        testCMac(new RijndaelEngine(), "2b7e151628aed2a6abf7158809cf4f3c", "682b9b57e769cc63231cf778c5c76646");
-        testCMac(new RijndaelEngine(192), "2b7e151628aed2a6abf7158809cf4f3c", "2a11b6bdd1e4f8b6127c2960859ae73ede59c7200d77ff45");
-        testCMac(new RijndaelEngine(256), "2b7e151628aed2a6abf7158809cf4f3c", "316d1df4084ada3e10b26266ae1fdae170a9d824ab37e981f06227c80c80fddd");
-        testCMac(new BlowfishEngine(), "2b7e151628aed2a6abf7158809cf4f3c", "875d73b9bc3de78a");
-        testCMac(new DESEngine(), "2b7e151628aed2a6", "3cc3a242585e49f9");
-        testCMac(new Shacal2Engine(), "2b7e151628aed2a6abf7158809cf4f3c", "794b2766cd0d550877f1ded48ab74f9ddff20f32e6d69fae8a1ede4205e7d640");
-
-        testExceptions();
-    }
-
-    private void testCMac(BlockCipher cipher, String keyBytes, String expected)
-    {
-        testCMac(cipher, Hex.decode(keyBytes), general_input, Hex.decode(expected));
-    }
-
-    private void testCMac(BlockCipher cipher, byte[] keyBytes, byte[] input, byte[] expected)
-    {
-        Mac mac = new CMac(cipher, cipher.getBlockSize() * 8);
-
-        KeyParameter key = new KeyParameter(keyBytes);
-
-        mac.init(key);
-
-        mac.update(input, 0, input.length);
-
-        byte[] out = new byte[mac.getMacSize()];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, expected))
-        {
-            fail("Failed - expected " + Strings.fromByteArray(Hex.encode(expected)) + " got " + new String(Hex.encode(out)));
-        }
-    }
-
-    private void testExceptions()
-    {
-        try 
-        {
-            CMac mac = new CMac(new AESEngine());
-            mac.init(new ParametersWithIV(new KeyParameter(new byte[16]), new byte[16]));
-            fail("CMac does not accept IV");
-        } catch(IllegalArgumentException e)
-        {
-            // Expected
-        }
-    }
-
-    public String getName()
-    {
-        return "CMac";
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new CMacTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/CSHAKETest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/CSHAKETest.java
deleted file mode 100644
index 72ba40d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/CSHAKETest.java
+++ /dev/null

@@ -1,193 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.digests.CSHAKEDigest;
-import org.bouncycastle.crypto.digests.SHAKEDigest;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * CSHAKE test vectors from:
- *
- * https://csrc.nist.gov/CSRC/media/Projects/Cryptographic-Standards-and-Guidelines/documents/examples/cSHAKE_samples.pdf
- */
-public class CSHAKETest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "CSHAKE";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        CSHAKEDigest cshake = new CSHAKEDigest(128, new byte[0], Strings.toByteArray("Email Signature"));
-
-        cshake.update(Hex.decode("00010203"), 0, 4);
-
-        byte[] res = new byte[32];
-
-        cshake.doOutput(res, 0, res.length);
-
-        isTrue("oops!", Arrays.areEqual(Hex.decode("c1c36925b6409a04f1b504fcbca9d82b4017277cb5ed2b2065fc1d3814d5aaf5"), res));
-
-        cshake = new CSHAKEDigest(128, new byte[0], Strings.toByteArray("Email Signature"));
-
-        cshake.update(Hex.decode(
-            "000102030405060708090A0B0C0D0E0F" +
-                "101112131415161718191A1B1C1D1E1F" +
-                "202122232425262728292A2B2C2D2E2F" +
-                "303132333435363738393A3B3C3D3E3F" +
-                "404142434445464748494A4B4C4D4E4F" +
-                "505152535455565758595A5B5C5D5E5F" +
-                "606162636465666768696A6B6C6D6E6F" +
-                "707172737475767778797A7B7C7D7E7F" +
-                "808182838485868788898A8B8C8D8E8F" +
-                "909192939495969798999A9B9C9D9E9F" +
-                "A0A1A2A3A4A5A6A7A8A9AAABACADAEAF" +
-                "B0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF" +
-                "C0C1C2C3C4C5C6C7"), 0, 1600 / 8);
-
-        res = new byte[32];
-
-        cshake.doOutput(res, 0, res.length);
-
-        isTrue(Arrays.areEqual(Hex.decode("C5221D50E4F822D96A2E8881A961420F294B7B24FE3D2094BAED2C6524CC166B "), res));
-
-        cshake = new CSHAKEDigest(256, new byte[0], Strings.toByteArray("Email Signature"));
-
-        cshake.update(Hex.decode("00010203"), 0, 4);
-
-        res = new byte[64];
-
-        cshake.doOutput(res, 0, res.length);
-
-        isTrue(Arrays.areEqual(Hex.decode(
-        "D008828E2B80AC9D2218FFEE1D070C48"+
-            "B8E4C87BFF32C9699D5B6896EEE0EDD1"+
-            "64020E2BE0560858D9C00C037E34A969"+
-            "37C561A74C412BB4C746469527281C8C"),res));
-
-        cshake = new CSHAKEDigest(256, new byte[0], Strings.toByteArray("Email Signature"));
-
-        cshake.update(Hex.decode(
-            "000102030405060708090A0B0C0D0E0F" +
-                "101112131415161718191A1B1C1D1E1F" +
-                "202122232425262728292A2B2C2D2E2F" +
-                "303132333435363738393A3B3C3D3E3F" +
-                "404142434445464748494A4B4C4D4E4F" +
-                "505152535455565758595A5B5C5D5E5F" +
-                "606162636465666768696A6B6C6D6E6F" +
-                "707172737475767778797A7B7C7D7E7F" +
-                "808182838485868788898A8B8C8D8E8F" +
-                "909192939495969798999A9B9C9D9E9F" +
-                "A0A1A2A3A4A5A6A7A8A9AAABACADAEAF" +
-                "B0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF" +
-                "C0C1C2C3C4C5C6C7"), 0, 1600 / 8);
-
-        res = new byte[64];
-
-        cshake.doOutput(res, 0, res.length);
-
-        isTrue(Arrays.areEqual(Hex.decode(
-                "07DC27B11E51FBAC75BC7B3C1D983E8B"+
-                    "4B85FB1DEFAF218912AC864302730917"+
-                    "27F42B17ED1DF63E8EC118F04B23633C"+
-                    "1DFB1574C8FB55CB45DA8E25AFB092BB"), res));
-
-        doFinalTest();
-        longBlockTest();
-        
-        checkSHAKE(128, new CSHAKEDigest(128, new byte[0], new byte[0]), Hex.decode("eeaabeef"));
-        checkSHAKE(256, new CSHAKEDigest(256, new byte[0], null), Hex.decode("eeaabeef"));
-        checkSHAKE(128, new CSHAKEDigest(128, null, new byte[0]), Hex.decode("eeaabeef"));
-        checkSHAKE(128, new CSHAKEDigest(128, null, null), Hex.decode("eeaabeef"));
-        checkSHAKE(256, new CSHAKEDigest(256, null, null), Hex.decode("eeaabeef"));
-    }
-
-    private void doFinalTest()
-    {
-        CSHAKEDigest cshake = new CSHAKEDigest(128, new byte[0], Strings.toByteArray("Email Signature"));
-
-        cshake.update(Hex.decode("00010203"), 0, 4);
-
-        byte[] res = new byte[32];
-
-        cshake.doOutput(res, 0, res.length);
-
-        isTrue(Arrays.areEqual(Hex.decode("c1c36925b6409a04f1b504fcbca9d82b4017277cb5ed2b2065fc1d3814d5aaf5"), res));
-
-        cshake.doOutput(res, 0, res.length);
-
-        isTrue(!Arrays.areEqual(Hex.decode("c1c36925b6409a04f1b504fcbca9d82b4017277cb5ed2b2065fc1d3814d5aaf5"), res));
-
-        cshake.doFinal(res, 0, res.length);
-
-        cshake.update(Hex.decode("00010203"), 0, 4);
-
-        cshake.doFinal(res, 0, res.length);
-
-        isTrue(Arrays.areEqual(Hex.decode("c1c36925b6409a04f1b504fcbca9d82b4017277cb5ed2b2065fc1d3814d5aaf5"), res));
-
-        cshake.update(Hex.decode("00010203"), 0, 4);
-
-        cshake.doOutput(res, 0, res.length);
-
-        isTrue(Arrays.areEqual(Hex.decode("c1c36925b6409a04f1b504fcbca9d82b4017277cb5ed2b2065fc1d3814d5aaf5"), res));
-        
-        cshake.doFinal(res, 0, res.length);
-
-        isTrue(Arrays.areEqual(Hex.decode("9cbce830079c452abdeb875366a49ebfe75b89ef17396e34898e904830b0e136"), res));
-    }
-
-    private void longBlockTest()
-    {
-        byte[] data = new byte[16000];
-        byte[] res = new byte[32];
-
-        for (int i = 0; i != data.length; i++)
-        {
-            data[i] = (byte)i;
-        }
-
-        for (int i = 10000; i != data.length; i++)
-        {
-            CSHAKEDigest cshake = new CSHAKEDigest(128, new byte[0], Arrays.copyOfRange(data, 0, i));
-
-            cshake.update(Hex.decode("00010203"), 0, 4);
-
-            cshake.doFinal(res, 0);
-        }
-
-        CSHAKEDigest cshake = new CSHAKEDigest(256, new byte[0], new byte[200]);
-
-        cshake.update(Arrays.copyOfRange(data, 0, 200), 0, 200);
-
-        cshake.doFinal(res, 0);
-
-        isTrue(Arrays.areEqual(Hex.decode("4a899b5be460d85a9789215bc17f88b8f8ac049bd3b519f561e7b5d3870dafa3"), res));
-    }
-
-    private void checkSHAKE(int bitSize, CSHAKEDigest cshake, byte[] msg)
-    {
-        SHAKEDigest ref = new SHAKEDigest(bitSize);
-
-        ref.update(msg, 0, msg.length);
-        cshake.update(msg, 0, msg.length);
-
-        byte[] res1 = new byte[32];
-        byte[] res2 = new byte[32];
-
-        ref.doFinal(res1, 0, res1.length);
-        cshake.doFinal(res2, 0, res2.length);
-
-        isTrue(Arrays.areEqual(res1, res2));
-    }
-    public static void main(
-        String[] args)
-    {
-        runTest(new CSHAKETest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/CTSTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/CTSTest.java
deleted file mode 100644
index 9af56fc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/CTSTest.java
+++ /dev/null

@@ -1,218 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.engines.AESEngine;
-import org.bouncycastle.crypto.engines.DESEngine;
-import org.bouncycastle.crypto.engines.SkipjackEngine;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.modes.CTSBlockCipher;
-import org.bouncycastle.crypto.modes.OldCTSBlockCipher;
-import org.bouncycastle.crypto.modes.SICBlockCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * CTS tester
- */
-public class CTSTest
-    extends SimpleTest
-{
-    static byte[]   in1 = Hex.decode("4e6f7720697320746865207420");
-    static byte[]   in2 = Hex.decode("000102030405060708090a0b0c0d0e0fff0102030405060708090a0b0c0d0e0f0aaa");
-    static byte[]   out1 = Hex.decode("9952f131588465033fa40e8a98");
-    static byte[]   out2 = Hex.decode("358f84d01eb42988dc34efb994");
-    static byte[]   out3 = Hex.decode("170171cfad3f04530c509b0c1f0be0aefbd45a8e3755a873bff5ea198504b71683c6");
-    
-    private void testCTS(
-        int                 id,
-        BlockCipher         cipher,
-        CipherParameters    params,
-        byte[]              input,
-        byte[]              output)
-        throws Exception
-    {
-        byte[]                  out = new byte[input.length];
-        BufferedBlockCipher     engine = new CTSBlockCipher(cipher);
-
-        engine.init(true, params);
-
-        int len = engine.processBytes(input, 0, input.length, out, 0);
-
-        engine.doFinal(out, len);
-
-        if (!areEqual(output, out))
-        {
-            fail("failed encryption expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(out)));
-        }
-
-        engine.init(false, params);
-
-        len = engine.processBytes(output, 0, output.length, out, 0);
-
-        engine.doFinal(out, len);
-
-        if (!areEqual(input, out))
-        {
-            fail("failed decryption expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
-        }
-    }
-
-    private void testOldCTS(
-            int                 id,
-            BlockCipher         cipher,
-            CipherParameters    params,
-            byte[]              input,
-            byte[]              output)
-    throws Exception
-    {
-        byte[]                  out = new byte[input.length];
-        BufferedBlockCipher     engine = new OldCTSBlockCipher(cipher);
-
-        engine.init(true, params);
-
-        int len = engine.processBytes(input, 0, input.length, out, 0);
-
-        engine.doFinal(out, len);
-
-        if (!areEqual(output, out))
-        {
-            fail("failed encryption expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(out)));
-        }
-
-        engine.init(false, params);
-
-        len = engine.processBytes(output, 0, output.length, out, 0);
-
-        engine.doFinal(out, len);
-
-        if (!areEqual(input, out))
-        {
-            fail("failed decryption expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
-        }
-    }
-
-    private void testExceptions() throws InvalidCipherTextException
-    {
-        BufferedBlockCipher engine = new CTSBlockCipher(new DESEngine());
-        CipherParameters params = new KeyParameter(new byte[engine.getBlockSize()]);
-        engine.init(true, params);
-
-        byte[] out = new byte[engine.getOutputSize(engine.getBlockSize())];
-        
-        engine.processBytes(new byte[engine.getBlockSize() - 1], 0, engine.getBlockSize() - 1, out, 0);
-        try 
-        {
-            engine.doFinal(out, 0);
-            fail("Expected CTS encrypt error on < 1 block input");
-        } catch(DataLengthException e)
-        {
-            // Expected
-        }
-
-        engine.init(true, params);
-        engine.processBytes(new byte[engine.getBlockSize()], 0, engine.getBlockSize(), out, 0);
-        try 
-        {
-            engine.doFinal(out, 0);
-        } catch(DataLengthException e)
-        {
-            fail("Unexpected CTS encrypt error on == 1 block input");
-        }
-
-        engine.init(false, params);
-        engine.processBytes(new byte[engine.getBlockSize() - 1], 0, engine.getBlockSize() - 1, out, 0);
-        try 
-        {
-            engine.doFinal(out, 0);
-            fail("Expected CTS decrypt error on < 1 block input");
-        } catch(DataLengthException e)
-        {
-            // Expected
-        }
-
-        engine.init(false, params);
-        engine.processBytes(new byte[engine.getBlockSize()], 0, engine.getBlockSize(), out, 0);
-        try 
-        {
-            engine.doFinal(out, 0);
-        } catch(DataLengthException e)
-        {
-            fail("Unexpected CTS decrypt error on == 1 block input");
-        }
-
-        try 
-        {
-            new CTSBlockCipher(new SICBlockCipher(new AESEngine()));
-            fail("Expected CTS construction error - only ECB/CBC supported.");
-        } catch(IllegalArgumentException e)
-        {
-            // Expected
-        }
-
-    }
-
-    public String getName()
-    {
-        return "CTS";
-    }
-
-    public void performTest() 
-        throws Exception
-    {
-        byte[]  key1 = { (byte)0x01, (byte)0x23, (byte)0x45, (byte)0x67, (byte)0x89, (byte)0xAB, (byte)0xCD, (byte)0xEF };
-        byte[]  key2 = { (byte)0x01, (byte)0x23, (byte)0x45, (byte)0x67, (byte)0x89, (byte)0xAB, (byte)0xCD, (byte)0xEF, (byte)0xee, (byte)0xff  };
-        byte[]  iv = { 1, 2, 3, 4, 5, 6, 7, 8 };
-
-        testCTS(1, new DESEngine(), new KeyParameter(key1), in1, out1);
-        testCTS(2, new CBCBlockCipher(new DESEngine()), new ParametersWithIV(new KeyParameter(key1), iv), in1, out2);
-        testCTS(3, new CBCBlockCipher(new SkipjackEngine()), new ParametersWithIV(new KeyParameter(key2), iv), in2, out3);
-
-        //
-        // test vectors from rfc3962
-        //
-        byte[] aes128 = Hex.decode("636869636b656e207465726979616b69");
-        byte[] aesIn1  = Hex.decode("4920776f756c64206c696b652074686520");
-        byte[] aesOut1 = Hex.decode("c6353568f2bf8cb4d8a580362da7ff7f97");
-        byte[] aesIn2  = Hex.decode("4920776f756c64206c696b65207468652047656e6572616c20476175277320");
-        byte[] aesOut2 = Hex.decode("fc00783e0efdb2c1d445d4c8eff7ed2297687268d6ecccc0c07b25e25ecfe5");
-        byte[] aesIn3  = Hex.decode("4920776f756c64206c696b65207468652047656e6572616c2047617527732043");
-        byte[] aesOut3 = Hex.decode("39312523a78662d5be7fcbcc98ebf5a897687268d6ecccc0c07b25e25ecfe584");
-
-        testCTS(4, new CBCBlockCipher(new AESEngine()), new ParametersWithIV(new KeyParameter(aes128), new byte[16]), aesIn1, aesOut1);
-        testCTS(5, new CBCBlockCipher(new AESEngine()), new ParametersWithIV(new KeyParameter(aes128), new byte[16]), aesIn2, aesOut2);
-        testCTS(6, new CBCBlockCipher(new AESEngine()), new ParametersWithIV(new KeyParameter(aes128), new byte[16]), aesIn3, aesOut3);
-
-        testOldCTS(4, new CBCBlockCipher(new AESEngine()), new ParametersWithIV(new KeyParameter(aes128), new byte[16]), aesIn1, aesOut1);
-        testOldCTS(5, new CBCBlockCipher(new AESEngine()), new ParametersWithIV(new KeyParameter(aes128), new byte[16]), aesIn2, aesOut2);
-        testOldCTS(6, new CBCBlockCipher(new AESEngine()), new ParametersWithIV(new KeyParameter(aes128), new byte[16]), aesIn3, aesOut3);
-
-        byte[] aes1Block = Hex.decode("4920776f756c64206c696b6520746865");
-        byte[] preErrata = Hex.decode("e7664c13ff28c965b0d2a0e7ec353706");   // CTS style one block
-        byte[] pstErrata = Hex.decode("97687268d6ecccc0c07b25e25ecfe584");   // CBC style one block
-        byte[] pstErrataNonZeroIV = Hex.decode("571f5108c53fe95ab52df783df933fa3");
-
-        testCTS(7, new CBCBlockCipher(new AESEngine()), new ParametersWithIV(new KeyParameter(aes128), new byte[16]), aes1Block, pstErrata);
-        testCTS(8, new CBCBlockCipher(new AESEngine()), new ParametersWithIV(new KeyParameter(aes128), aes1Block), aes1Block, pstErrataNonZeroIV);
-        testOldCTS(9, new CBCBlockCipher(new AESEngine()), new ParametersWithIV(new KeyParameter(aes128), new byte[16]), aes1Block, preErrata);
-
-        byte[] aes128b = Hex.decode("aafd12f659cae63489b479e5076ddec2f06cb58faafd12f6");
-        byte[] aesIn1b  = Hex.decode("000102030405060708090a0b0c0d0e0fff0102030405060708090a0b0c0d0e0f");
-        byte[] aesOut1b = Hex.decode("6db2f802d99e1ef0a5940f306079e083cf87f4d8bb9d1abb36cdd9f44ead7d04");
-
-        testCTS(10, new CBCBlockCipher(new AESEngine()), new ParametersWithIV(new KeyParameter(aes128b), Hex.decode("aafd12f659cae63489b479e5076ddec2")), aesIn1b, aesOut1b);
-
-        testExceptions();
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new CTSTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/CamelliaLightTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/CamelliaLightTest.java
deleted file mode 100644
index 6198ce6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/CamelliaLightTest.java
+++ /dev/null

@@ -1,66 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.engines.CamelliaLightEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Camellia tester - vectors from https://www.cosic.esat.kuleuven.be/nessie/testvectors/ and RFC 3713
- */
-public class CamelliaLightTest
-    extends CipherTest
-{
-    static SimpleTest[] tests =
-        {
-            new BlockCipherVectorTest(0, new CamelliaLightEngine(),
-                new KeyParameter(Hex.decode("00000000000000000000000000000000")),
-                "80000000000000000000000000000000", "07923A39EB0A817D1C4D87BDB82D1F1C"),
-            new BlockCipherVectorTest(1, new CamelliaLightEngine(),
-                new KeyParameter(Hex.decode("80000000000000000000000000000000")),
-                "00000000000000000000000000000000", "6C227F749319A3AA7DA235A9BBA05A2C"),
-            new BlockCipherVectorTest(2, new CamelliaLightEngine(),
-                new KeyParameter(Hex.decode("0123456789abcdeffedcba9876543210")),
-                "0123456789abcdeffedcba9876543210", "67673138549669730857065648eabe43"),
-            //
-            // 192 bit
-            //
-            new BlockCipherVectorTest(3, new CamelliaLightEngine(),
-                new KeyParameter(Hex.decode("0123456789abcdeffedcba98765432100011223344556677")),
-                "0123456789abcdeffedcba9876543210", "b4993401b3e996f84ee5cee7d79b09b9"),
-            new BlockCipherVectorTest(4, new CamelliaLightEngine(),
-                new KeyParameter(Hex.decode("000000000000000000000000000000000000000000000000")),
-                "00040000000000000000000000000000", "9BCA6C88B928C1B0F57F99866583A9BC"),
-            new BlockCipherVectorTest(5, new CamelliaLightEngine(),
-                new KeyParameter(Hex.decode("949494949494949494949494949494949494949494949494")),
-                "636EB22D84B006381235641BCF0308D2", "94949494949494949494949494949494"),
-            //
-            // 256 bit
-            //
-            new BlockCipherVectorTest(6, new CamelliaLightEngine(),
-                new KeyParameter(Hex.decode("0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff")),
-                "0123456789abcdeffedcba9876543210", "9acc237dff16d76c20ef7c919e3a7509"),
-            new BlockCipherVectorTest(7, new CamelliaLightEngine(),
-                new KeyParameter(Hex.decode("4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A")),
-                "057764FE3A500EDBD988C5C3B56CBA9A", "4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A"),
-            new BlockCipherVectorTest(8, new CamelliaLightEngine(),
-                new KeyParameter(Hex.decode("0303030303030303030303030303030303030303030303030303030303030303")),
-                "7968B08ABA92193F2295121EF8D75C8A", "03030303030303030303030303030303"),
-        };
-
-    CamelliaLightTest()
-    {
-        super(tests, new CamelliaLightEngine(), new KeyParameter(new byte[32]));
-    }
-
-    public String getName()
-    {
-        return "CamelliaLight";
-    }
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new CamelliaLightTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/CamelliaTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/CamelliaTest.java
deleted file mode 100644
index e69a82a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/CamelliaTest.java
+++ /dev/null

@@ -1,70 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.engines.CamelliaEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestResult;
-
-/**
- * Camellia tester - vectors from https://www.cosic.esat.kuleuven.be/nessie/testvectors/ and RFC 3713
- */
-public class CamelliaTest
-    extends CipherTest
-{
-    static SimpleTest[]  tests = 
-            {
-                new BlockCipherVectorTest(0, new CamelliaEngine(),
-                    new KeyParameter(Hex.decode("00000000000000000000000000000000")),
-                    "80000000000000000000000000000000", "07923A39EB0A817D1C4D87BDB82D1F1C"),
-                new BlockCipherVectorTest(1, new CamelliaEngine(),
-                    new KeyParameter(Hex.decode("80000000000000000000000000000000")),
-                    "00000000000000000000000000000000", "6C227F749319A3AA7DA235A9BBA05A2C"),
-                new BlockCipherVectorTest(2, new CamelliaEngine(),
-                        new KeyParameter(Hex.decode("0123456789abcdeffedcba9876543210")),
-                        "0123456789abcdeffedcba9876543210", "67673138549669730857065648eabe43"),
-                //
-                // 192 bit
-                //
-                new BlockCipherVectorTest(3, new CamelliaEngine(),
-                        new KeyParameter(Hex.decode("0123456789abcdeffedcba98765432100011223344556677")),
-                        "0123456789abcdeffedcba9876543210", "b4993401b3e996f84ee5cee7d79b09b9"),
-                new BlockCipherVectorTest(4, new CamelliaEngine(),
-                        new KeyParameter(Hex.decode("000000000000000000000000000000000000000000000000")),
-                        "00040000000000000000000000000000", "9BCA6C88B928C1B0F57F99866583A9BC"),
-                new BlockCipherVectorTest(5, new CamelliaEngine(),
-                        new KeyParameter(Hex.decode("949494949494949494949494949494949494949494949494")),
-                        "636EB22D84B006381235641BCF0308D2", "94949494949494949494949494949494"),
-                //
-                // 256 bit
-                //
-                new BlockCipherVectorTest(6, new CamelliaEngine(),
-                    new KeyParameter(Hex.decode("0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff")),
-                    "0123456789abcdeffedcba9876543210", "9acc237dff16d76c20ef7c919e3a7509"),
-                new BlockCipherVectorTest(7, new CamelliaEngine(),
-                        new KeyParameter(Hex.decode("4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A")),
-                        "057764FE3A500EDBD988C5C3B56CBA9A", "4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A4A"),
-                new BlockCipherVectorTest(8, new CamelliaEngine(),
-                        new KeyParameter(Hex.decode("0303030303030303030303030303030303030303030303030303030303030303")),
-                        "7968B08ABA92193F2295121EF8D75C8A", "03030303030303030303030303030303"),
-            };
-
-    CamelliaTest()
-    {
-        super(tests, new CamelliaEngine(), new KeyParameter(new byte[32]));
-    }
-
-    public String getName()
-    {
-        return "Camellia";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        CamelliaTest    test = new CamelliaTest();
-        TestResult      result = test.perform();
-
-        System.out.println(result);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/ChaChaTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/ChaChaTest.java
deleted file mode 100644
index 45c063f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/ChaChaTest.java
+++ /dev/null

@@ -1,403 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.StreamCipher;
-import org.bouncycastle.crypto.engines.ChaChaEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * ChaCha Test
- * <p>
- * Test cases generated using ref version of ChaCha20 in estreambench-20080905.
- */
-public class ChaChaTest
-    extends SimpleTest
-{
-    byte[] zeroes = Hex.decode(
-          "00000000000000000000000000000000"
-        + "00000000000000000000000000000000"
-        + "00000000000000000000000000000000"
-        + "00000000000000000000000000000000");
-
-    String set1v0_0 = "FBB87FBB8395E05DAA3B1D683C422046"
-        + "F913985C2AD9B23CFC06C1D8D04FF213"
-        + "D44A7A7CDB84929F915420A8A3DC58BF"
-        + "0F7ECB4B1F167BB1A5E6153FDAF4493D";
-
-    String set1v0_192 = "D9485D55B8B82D792ED1EEA8E93E9BC1"
-        + "E2834AD0D9B11F3477F6E106A2F6A5F2"
-        + "EA8244D5B925B8050EAB038F58D4DF57"
-        + "7FAFD1B89359DAE508B2B10CBD6B488E";
-
-    String set1v0_256 = "08661A35D6F02D3D9ACA8087F421F7C8"
-        + "A42579047D6955D937925BA21396DDD4"
-        + "74B1FC4ACCDCAA33025B4BCE817A4FBF"
-        + "3E5D07D151D7E6FE04934ED466BA4779";
-
-    String set1v0_448 = "A7E16DD38BA48CCB130E5BE9740CE359"
-        + "D631E91600F85C8A5D0785A612D1D987"
-        + "90780ACDDC26B69AB106CCF6D866411D"
-        + "10637483DBF08CC5591FD8B3C87A3AE0";
-
-    String set1v9_0 = "A276339F99316A913885A0A4BE870F06"
-        + "91E72B00F1B3F2239F714FE81E88E00C"
-        + "BBE52B4EBBE1EA15894E29658C4CB145"
-        + "E6F89EE4ABB045A78514482CE75AFB7C";
-
-    String set1v9_192 = "0DFB9BD4F87F68DE54FBC1C6428FDEB0"
-        + "63E997BE8490C9B7A4694025D6EBA2B1"
-        + "5FE429DB82A7CAE6AAB22918E8D00449"
-        + "6FB6291467B5AE81D4E85E81D8795EBB";
-
-    String set1v9_256 = "546F5BB315E7F71A46E56D4580F90889"
-        + "639A2BA528F757CF3B048738BA141AF3"
-        + "B31607CB21561BAD94721048930364F4"
-        + "B1227CFEB7CDECBA881FB44903550E68";
-
-    String set1v9_448 = "6F813586E76691305A0CF048C0D8586D"
-        + "C89460207D8B230CD172398AA33D19E9"
-        + "2D24883C3A9B0BB7CD8C6B2668DB142E"
-        + "37A97948A7A01498A21110297984CD20";
-
-    String set6v0_0 = "57459975BC46799394788DE80B928387"
-        + "862985A269B9E8E77801DE9D874B3F51"
-        + "AC4610B9F9BEE8CF8CACD8B5AD0BF17D"
-        + "3DDF23FD7424887EB3F81405BD498CC3";
-
-    String set6v0_65472 = "EF9AEC58ACE7DB427DF012B2B91A0C1E"
-        + "8E4759DCE9CDB00A2BD59207357BA06C"
-        + "E02D327C7719E83D6348A6104B081DB0"
-        + "3908E5186986AE41E3AE95298BB7B713";
-
-    String set6v0_65536 = "17EF5FF454D85ABBBA280F3A94F1D26E"
-        + "950C7D5B05C4BB3A78326E0DC5731F83"
-        + "84205C32DB867D1B476CE121A0D7074B"
-        + "AA7EE90525D15300F48EC0A6624BD0AF";
-
-    String set6v1_0 = "92A2508E2C4084567195F2A1005E552B"
-        + "4874EC0504A9CD5E4DAF739AB553D2E7"
-        + "83D79C5BA11E0653BEBB5C116651302E"
-        + "8D381CB728CA627B0B246E83942A2B99";
-
-    String set6v1_65472 = "E1974EC3063F7BD0CBA58B1CE34BC874"
-        + "67AAF5759B05EA46682A5D4306E5A76B"
-        + "D99A448DB8DE73AF97A73F5FBAE2C776"
-        + "35040464524CF14D7F08D4CE1220FD84";
-
-    String set6v1_65536 = "BE3436141CFD62D12FF7D852F80C1344"
-        + "81F152AD0235ECF8CA172C55CA8C031B"
-        + "2E785D773A988CA8D4BDA6FAE0E493AA"
-        + "71DCCC4C894D1F106CAC62A9FC0A9607";
-
-    // ChaCha12
-    String chacha12_set1v0_0 = "36CF0D56E9F7FBF287BC5460D95FBA94"
-            + "AA6CBF17D74E7C784DDCF7E0E882DDAE"
-            + "3B5A58243EF32B79A04575A8E2C2B73D"
-            + "C64A52AA15B9F88305A8F0CA0B5A1A25";
-
-    String chacha12_set1v0_192 = "83496792AB68FEC75ADB16D3044420A4"
-        + "A00A6E9ADC41C3A63DBBF317A8258C85"
-        + "A9BC08B4F76B413A4837324AEDF8BC2A"
-        + "67D53C9AB9E1C5BC5F379D48DF9AF730";
-
-    String chacha12_set1v0_256 = "BAA28ED593690FD760ADA07C95E3B888"
-        + "4B4B64E488CA7A2D9BDC262243AB9251"
-        + "394C5037E255F8BCCDCD31306C508FFB"
-        + "C9E0161380F7911FCB137D46D9269250";
-
-    String chacha12_set1v0_448 = "B7ECFB6AE0B51915762FE1FD03A14D0C"
-        + "9E54DA5DC76EB16EBA5313BC535DE63D"
-        + "C72D7F9F1874E301E99C8531819F4E37"
-        + "75793F6A5D19C717FA5C78A39EB804A6";
-
-    // ChaCha8
-    String chacha8_set1v0_0 = "BEB1E81E0F747E43EE51922B3E87FB38"
-            + "D0163907B4ED49336032AB78B67C2457"
-            + "9FE28F751BD3703E51D876C017FAA435"
-            + "89E63593E03355A7D57B2366F30047C5";
-    
-    String chacha8_set1v0_192 = "33B8B7CA8F8E89F0095ACE75A379C651"
-            + "FD6BDD55703C90672E44C6BAB6AACDD8"
-            + "7C976A87FD264B906E749429284134C2"
-            + "38E3B88CF74A68245B860D119A8BDF43";
-    
-    String chacha8_set1v0_256 = "F7CA95BF08688BD3BE8A27724210F9DC"
-            + "16F32AF974FBFB09E9F757C577A245AB"
-            + "F35F824B70A4C02CB4A8D7191FA8A5AD"
-            + "6A84568743844703D353B7F00A8601F4";
-    
-    String chacha8_set1v0_448 = "7B4117E8BFFD595CD8482270B08920FB"
-            + "C9B97794E1809E07BB271BF07C861003"
-            + "4C38DBA6ECA04E5474F399A284CBF6E2"
-            + "7F70142E604D0977797DE5B58B6B25E0";
-    
-
-
-    public String getName()
-    {
-        return "ChaCha";
-    }
-
-    public void performTest()
-    {
-        chachaTest1(20, new ParametersWithIV(new KeyParameter(Hex.decode("80000000000000000000000000000000")), Hex.decode("0000000000000000")),
-                  set1v0_0, set1v0_192,  set1v0_256,  set1v0_448);
-        chachaTest1(20, new ParametersWithIV(new KeyParameter(Hex.decode("00400000000000000000000000000000")), Hex.decode("0000000000000000")),
-                  set1v9_0, set1v9_192,  set1v9_256,  set1v9_448);
-        chachaTest1(12, new ParametersWithIV(new KeyParameter(Hex.decode("80000000000000000000000000000000")), Hex.decode("0000000000000000")),
-                chacha12_set1v0_0, chacha12_set1v0_192,  chacha12_set1v0_256,  chacha12_set1v0_448);
-        chachaTest1(8, new ParametersWithIV(new KeyParameter(Hex.decode("80000000000000000000000000000000")), Hex.decode("0000000000000000")),
-                chacha8_set1v0_0, chacha8_set1v0_192,  chacha8_set1v0_256,  chacha8_set1v0_448);
-        chachaTest2(new ParametersWithIV(new KeyParameter(Hex.decode("0053A6F94C9FF24598EB3E91E4378ADD3083D6297CCF2275C81B6EC11467BA0D")), Hex.decode("0D74DB42A91077DE")),
-                  set6v0_0, set6v0_65472, set6v0_65536);
-        chachaTest2(new ParametersWithIV(new KeyParameter(Hex.decode("0558ABFE51A4F74A9DF04396E93C8FE23588DB2E81D4277ACD2073C6196CBF12")), Hex.decode("167DE44BB21980E7")),
-                  set6v1_0, set6v1_65472, set6v1_65536);
-        reinitBug();
-        skipTest();
-    }
-
-    private void chachaTest1(int rounds, CipherParameters params, String v0, String v192, String v256, String v448)
-    {
-        StreamCipher chaCha = new ChaChaEngine(rounds);
-        byte[]       buf = new byte[64];
-
-        chaCha.init(true, params);
-
-        for (int i = 0; i != 7; i++)
-        {
-            chaCha.processBytes(zeroes, 0, 64, buf, 0);
-            switch (i)
-            {
-            case 0:
-                if (!areEqual(buf, Hex.decode(v0)))
-                {
-                    mismatch("v0/" + rounds, v0, buf);
-                }
-                break;
-            case 3:
-                if (!areEqual(buf, Hex.decode(v192)))
-                {
-                    mismatch("v192/" + rounds, v192, buf);
-                }
-                break;
-            case 4:
-                if (!areEqual(buf, Hex.decode(v256)))
-                {
-                    mismatch("v256/" + rounds, v256, buf);
-                }
-                break;
-            default:
-                // ignore
-            }
-        }
-
-        for (int i = 0; i != 64; i++)
-        {
-            buf[i] = chaCha.returnByte(zeroes[i]);
-        }
-
-        if (!areEqual(buf, Hex.decode(v448)))
-        {
-            mismatch("v448", v448, buf);
-        }       
-    }
-
-    private void chachaTest2(CipherParameters params, String v0, String v65472, String v65536)
-    {
-        StreamCipher chaCha = new ChaChaEngine();
-        byte[]       buf = new byte[64];
-
-        chaCha.init(true, params);
-
-        for (int i = 0; i != 1025; i++)
-        {
-            chaCha.processBytes(zeroes, 0, 64, buf, 0);
-            switch (i)
-            {
-            case 0:
-                if (!areEqual(buf, Hex.decode(v0)))
-                {
-                    mismatch("v0", v0, buf);
-                }
-                break;
-            case 1023:
-                if (!areEqual(buf, Hex.decode(v65472)))
-                {
-                    mismatch("v65472", v65472, buf);
-                }
-                break;
-            case 1024:
-                if (!areEqual(buf, Hex.decode(v65536)))
-                {
-                    mismatch("v65536", v65536, buf);
-                }
-                break;
-            default:
-                // ignore
-            }
-        }
-    }
-
-    private void mismatch(String name, String expected, byte[] found)
-    {
-        fail("mismatch on " + name, expected, new String(Hex.encode(found)));
-    }
-
-
-    private void reinitBug()
-    {
-        KeyParameter key = new KeyParameter(Hex.decode("80000000000000000000000000000000"));
-        ParametersWithIV parameters = new ParametersWithIV(key, Hex.decode("0000000000000000"));
-
-        StreamCipher salsa = new ChaChaEngine();
-
-        salsa.init(true, parameters);
-
-        try
-        {
-            salsa.init(true, key);
-            fail("Salsa20 should throw exception if no IV in Init");
-        }
-        catch (IllegalArgumentException e)
-        {
-        }
-    }
-
-    private boolean areEqual(byte[] a, int aOff, byte[] b, int bOff)
-    {
-        for (int i = bOff; i != b.length; i++)
-        {
-            if (a[aOff + i - bOff] != b[i])
-            {
-                return false;
-            }
-        }
-
-        return true;
-    }
-
-    private void skipTest()
-    {
-        SecureRandom rand = new SecureRandom();
-        byte[]       plain = new byte[5000];
-        byte[]       cipher = new byte[5000];
-
-        rand.nextBytes(plain);
-
-        CipherParameters params = new ParametersWithIV(new KeyParameter(Hex.decode("0053A6F94C9FF24598EB3E91E4378ADD3083D6297CCF2275C81B6EC11467BA0D")), Hex.decode("0D74DB42A91077DE"));
-        ChaChaEngine    engine = new ChaChaEngine();
-
-        engine.init(true, params);
-
-        engine.processBytes(plain, 0, plain.length, cipher, 0);
-
-        byte[]      fragment = new byte[20];
-
-        engine.init(true, params);
-
-        engine.skip(10);
-
-        engine.processBytes(plain, 10, fragment.length, fragment, 0);
-
-        if (!areEqual(cipher, 10, fragment, 0))
-        {
-            fail("skip forward 10 failed");
-        }
-
-        engine.skip(1000);
-
-        engine.processBytes(plain, 1010 + fragment.length, fragment.length, fragment, 0);
-
-        if (!areEqual(cipher, 1010 + fragment.length, fragment, 0))
-        {
-            fail("skip forward 1000 failed");
-        }
-
-        engine.skip(-10);
-
-        engine.processBytes(plain, 1010 + 2 * fragment.length - 10, fragment.length, fragment, 0);
-
-        if (!areEqual(cipher, 1010 + 2 * fragment.length - 10, fragment, 0))
-        {
-            fail("skip back 10 failed");
-        }
-
-        engine.skip(-1000);
-
-        if (engine.getPosition() != 60)
-        {
-            fail("skip position incorrect - " + 60 + " got " + engine.getPosition());
-        }
-
-        engine.processBytes(plain, 60, fragment.length, fragment, 0);
-
-        if (!areEqual(cipher, 60, fragment, 0))
-        {
-            fail("skip back 1000 failed");
-        }
-
-        long pos = engine.seekTo(1010);
-        if (pos != 1010)
-        {
-            fail("position wrong");
-        }
-
-        engine.processBytes(plain, 1010, fragment.length, fragment, 0);
-
-        if (!areEqual(cipher, 1010, fragment, 0))
-        {
-            fail("seek to 1010 failed");
-        }
-
-        engine.reset();
-
-        for (int i = 0; i != 1000; i++)
-        {
-            engine.skip(i);
-
-            if (engine.getPosition() != i)
-            {
-                fail("skip forward at wrong position");
-            }
-
-            engine.processBytes(plain, i, fragment.length, fragment, 0);
-
-            if (!areEqual(cipher, i, fragment, 0))
-            {
-                fail("skip forward i failed: " + i);
-            }
-
-            if (engine.getPosition() != i + fragment.length)
-            {
-                fail("cipher at wrong position: " + engine.getPosition() + " [" + i + "]");
-            }
-
-            engine.skip(-fragment.length);
-
-            if (engine.getPosition() != i)
-            {
-                fail("skip back at wrong position");
-            }
-
-            engine.processBytes(plain, i, fragment.length, fragment, 0);
-
-            if (!areEqual(cipher, i, fragment, 0))
-            {
-                fail("skip back i failed: " + i);
-            }
-
-            engine.reset();
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new ChaChaTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/CipherStreamTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/CipherStreamTest.java
deleted file mode 100644
index 48c0d0c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/CipherStreamTest.java
+++ /dev/null

@@ -1,706 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.StreamCipher;
-import org.bouncycastle.crypto.engines.AESEngine;
-import org.bouncycastle.crypto.engines.BlowfishEngine;
-import org.bouncycastle.crypto.engines.CAST5Engine;
-import org.bouncycastle.crypto.engines.CAST6Engine;
-import org.bouncycastle.crypto.engines.CamelliaEngine;
-import org.bouncycastle.crypto.engines.ChaChaEngine;
-import org.bouncycastle.crypto.engines.DESEngine;
-import org.bouncycastle.crypto.engines.DESedeEngine;
-import org.bouncycastle.crypto.engines.Grain128Engine;
-import org.bouncycastle.crypto.engines.Grainv1Engine;
-import org.bouncycastle.crypto.engines.HC128Engine;
-import org.bouncycastle.crypto.engines.HC256Engine;
-import org.bouncycastle.crypto.engines.NoekeonEngine;
-import org.bouncycastle.crypto.engines.RC2Engine;
-import org.bouncycastle.crypto.engines.RC4Engine;
-import org.bouncycastle.crypto.engines.RC6Engine;
-import org.bouncycastle.crypto.engines.SEEDEngine;
-import org.bouncycastle.crypto.engines.Salsa20Engine;
-import org.bouncycastle.crypto.engines.SerpentEngine;
-import org.bouncycastle.crypto.engines.TEAEngine;
-import org.bouncycastle.crypto.engines.ThreefishEngine;
-import org.bouncycastle.crypto.engines.TwofishEngine;
-import org.bouncycastle.crypto.engines.XSalsa20Engine;
-import org.bouncycastle.crypto.engines.XTEAEngine;
-import org.bouncycastle.crypto.io.CipherInputStream;
-import org.bouncycastle.crypto.io.CipherOutputStream;
-import org.bouncycastle.crypto.io.InvalidCipherTextIOException;
-import org.bouncycastle.crypto.modes.AEADBlockCipher;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.modes.CCMBlockCipher;
-import org.bouncycastle.crypto.modes.CFBBlockCipher;
-import org.bouncycastle.crypto.modes.CTSBlockCipher;
-import org.bouncycastle.crypto.modes.EAXBlockCipher;
-import org.bouncycastle.crypto.modes.NISTCTSBlockCipher;
-import org.bouncycastle.crypto.modes.OCBBlockCipher;
-import org.bouncycastle.crypto.modes.OFBBlockCipher;
-import org.bouncycastle.crypto.modes.SICBlockCipher;
-import org.bouncycastle.crypto.paddings.PKCS7Padding;
-import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class CipherStreamTest
-    extends SimpleTest
-{
-    private int streamSize;
-
-    public String getName()
-    {
-        return "CipherStreamTest";
-    }
-
-    private void testMode(Object cipher, CipherParameters params)
-        throws Exception
-    {
-        testWriteRead(cipher, params, false);
-        testWriteRead(cipher, params, true);
-        testReadWrite(cipher, params, false);
-        testReadWrite(cipher, params, true);
-
-        if (!(cipher instanceof CTSBlockCipher || cipher instanceof NISTCTSBlockCipher))
-        {
-            testWriteReadEmpty(cipher, params, false);
-            testWriteReadEmpty(cipher, params, true);
-        }
-
-        if (cipher instanceof AEADBlockCipher)
-        {
-            testTamperedRead((AEADBlockCipher)cipher, params);
-            testTruncatedRead((AEADBlockCipher)cipher, params);
-            testTamperedWrite((AEADBlockCipher)cipher, params);
-        }
-    }
-
-    private OutputStream createCipherOutputStream(OutputStream output, Object cipher)
-    {
-        if (cipher instanceof BufferedBlockCipher)
-        {
-            return new CipherOutputStream(output, (BufferedBlockCipher)cipher);
-        }
-        else if (cipher instanceof AEADBlockCipher)
-        {
-            return new CipherOutputStream(output, (AEADBlockCipher)cipher);
-        }
-        else
-        {
-            return new CipherOutputStream(output, (StreamCipher)cipher);
-        }
-    }
-
-    private InputStream createCipherInputStream(byte[] data, Object cipher)
-    {
-        ByteArrayInputStream input = new ByteArrayInputStream(data);
-        if (cipher instanceof BufferedBlockCipher)
-        {
-            return new CipherInputStream(input, (BufferedBlockCipher)cipher);
-        }
-        else if (cipher instanceof AEADBlockCipher)
-        {
-            return new CipherInputStream(input, (AEADBlockCipher)cipher);
-        }
-        else
-        {
-            return new CipherInputStream(input, (StreamCipher)cipher);
-        }
-    }
-
-    /**
-     * Test tampering of ciphertext followed by read from decrypting CipherInputStream
-     */
-    private void testTamperedRead(AEADBlockCipher cipher, CipherParameters params)
-        throws Exception
-    {
-        cipher.init(true, params);
-
-        byte[] ciphertext = new byte[cipher.getOutputSize(streamSize)];
-        cipher.doFinal(ciphertext, cipher.processBytes(new byte[streamSize], 0, streamSize, ciphertext, 0));
-
-        // Tamper
-        ciphertext[0] += 1;
-
-        cipher.init(false, params);
-        InputStream input = createCipherInputStream(ciphertext, cipher);
-        try
-        {
-            while (input.read() >= 0)
-            {
-            }
-            fail("Expected invalid ciphertext after tamper and read : " + cipher.getAlgorithmName());
-        }
-        catch (InvalidCipherTextIOException e)
-        {
-            // Expected
-        }
-        try
-        {
-            input.close();
-        }
-        catch (Exception e)
-        {
-            fail("Unexpected exception after tamper and read : " + cipher.getAlgorithmName());
-        }
-    }
-
-    /**
-     * Test truncation of ciphertext to make tag calculation impossible, followed by read from
-     * decrypting CipherInputStream
-     */
-    private void testTruncatedRead(AEADBlockCipher cipher, CipherParameters params)
-        throws Exception
-    {
-        cipher.init(true, params);
-
-        byte[] ciphertext = new byte[cipher.getOutputSize(streamSize)];
-        cipher.doFinal(ciphertext, cipher.processBytes(new byte[streamSize], 0, streamSize, ciphertext, 0));
-
-        // Truncate to just smaller than complete tag
-        byte[] truncated = new byte[ciphertext.length - streamSize - 1];
-        System.arraycopy(ciphertext, 0, truncated, 0, truncated.length);
-
-        cipher.init(false, params);
-        InputStream input = createCipherInputStream(truncated, cipher);
-        while (true)
-        {
-            int read = 0;
-            try
-            {
-                read = input.read();
-            }
-            catch (InvalidCipherTextIOException e)
-            {
-                // Expected
-                break;
-            }
-            catch (Exception e)
-            {
-                fail("Unexpected exception  on truncated read : " + cipher.getAlgorithmName());
-                break;
-            }
-            if (read < 0)
-            {
-                fail("Expected invalid ciphertext after truncate and read : " + cipher.getAlgorithmName());
-                break;
-            }
-        }
-        try
-        {
-            input.close();
-        }
-        catch (Exception e)
-        {
-            fail("Unexpected exception after truncate and read : " + cipher.getAlgorithmName());
-        }
-    }
-
-    /**
-     * Test tampering of ciphertext followed by write to decrypting CipherOutputStream
-     */
-    private void testTamperedWrite(AEADBlockCipher cipher, CipherParameters params)
-        throws Exception
-    {
-        cipher.init(true, params);
-
-        byte[] ciphertext = new byte[cipher.getOutputSize(streamSize)];
-        cipher.doFinal(ciphertext, cipher.processBytes(new byte[streamSize], 0, streamSize, ciphertext, 0));
-
-        // Tamper
-        ciphertext[0] += 1;
-
-        cipher.init(false, params);
-        ByteArrayOutputStream plaintext = new ByteArrayOutputStream();
-        OutputStream output = createCipherOutputStream(plaintext, cipher);
-
-        for (int i = 0; i < ciphertext.length; i++)
-        {
-            output.write(ciphertext[i]);
-        }
-        try
-        {
-            output.close();
-            fail("Expected invalid ciphertext after tamper and write : " + cipher.getAlgorithmName());
-        }
-        catch (InvalidCipherTextIOException e)
-        {
-            // Expected
-        }
-    }
-
-    /**
-     * Test CipherOutputStream in ENCRYPT_MODE, CipherInputStream in DECRYPT_MODE
-     */
-    private void testWriteRead(Object cipher, CipherParameters params, boolean blocks)
-        throws Exception
-    {
-        byte[] data = new byte[streamSize];
-        for (int i = 0; i < data.length; i++)
-        {
-            data[i] = (byte)(i % 255);
-        }
-
-        testWriteRead(cipher, params, blocks, data);
-    }
-
-    /**
-     * Test CipherOutputStream in ENCRYPT_MODE, CipherInputStream in DECRYPT_MODE
-     */
-    private void testWriteReadEmpty(Object cipher, CipherParameters params, boolean blocks)
-        throws Exception
-    {
-        byte[] data = new byte[0];
-
-        testWriteRead(cipher, params, blocks, data);
-    }
-
-    private void testWriteRead(Object cipher, CipherParameters params, boolean blocks, byte[] data)
-    {
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        try
-        {
-            init(cipher, true, params);
-
-            OutputStream cOut = createCipherOutputStream(bOut, cipher);
-            if (blocks)
-            {
-                int chunkSize = Math.max(1, data.length / 8);
-                for (int i = 0; i < data.length; i += chunkSize)
-                {
-                    cOut.write(data, i, Math.min(chunkSize, data.length - i));
-                }
-            }
-            else
-            {
-                for (int i = 0; i < data.length; i++)
-                {
-                    cOut.write(data[i]);
-                }
-            }
-            cOut.close();
-
-            byte[] cipherText = bOut.toByteArray();
-            bOut.reset();
-            init(cipher, false, params);
-            InputStream cIn = createCipherInputStream(cipherText, cipher);
-
-            if (blocks)
-            {
-                byte[] block = new byte[getBlockSize(cipher) + 1];
-                int c;
-                while ((c = cIn.read(block)) >= 0)
-                {
-                    bOut.write(block, 0, c);
-                }
-            }
-            else
-            {
-                int c;
-                while ((c = cIn.read()) >= 0)
-                {
-                    bOut.write(c);
-                }
-
-            }
-            cIn.close();
-
-        }
-        catch (Exception e)
-        {
-            fail("Unexpected exception " + getName(cipher), e);
-        }
-
-        byte[] decrypted = bOut.toByteArray();
-        if (!Arrays.areEqual(data, decrypted))
-        {
-            fail("Failed - decrypted data doesn't match: " + getName(cipher));
-        }
-    }
-
-    private String getName(Object cipher)
-    {
-        if (cipher instanceof BufferedBlockCipher)
-        {
-            return ((BufferedBlockCipher)cipher).getUnderlyingCipher().getAlgorithmName();
-        }
-        else if (cipher instanceof AEADBlockCipher)
-        {
-            return ((AEADBlockCipher)cipher).getUnderlyingCipher().getAlgorithmName();
-        }
-        else if (cipher instanceof StreamCipher)
-        {
-            return ((StreamCipher)cipher).getAlgorithmName();
-        }
-        return null;
-    }
-
-    private int getBlockSize(Object cipher)
-    {
-        if (cipher instanceof BlockCipher)
-        {
-            return ((BlockCipher)cipher).getBlockSize();
-        }
-        else if (cipher instanceof BufferedBlockCipher)
-        {
-            return ((BufferedBlockCipher)cipher).getBlockSize();
-        }
-        else if (cipher instanceof AEADBlockCipher)
-        {
-            return ((AEADBlockCipher)cipher).getUnderlyingCipher().getBlockSize();
-        }
-        else if (cipher instanceof StreamCipher)
-        {
-            return 1;
-        }
-        return 0;
-    }
-
-    private void init(Object cipher, boolean forEncrypt, CipherParameters params)
-    {
-        if (cipher instanceof BufferedBlockCipher)
-        {
-            ((BufferedBlockCipher)cipher).init(forEncrypt, params);
-        }
-        else if (cipher instanceof AEADBlockCipher)
-        {
-            ((AEADBlockCipher)cipher).init(forEncrypt, params);
-        }
-        else if (cipher instanceof StreamCipher)
-        {
-            ((StreamCipher)cipher).init(forEncrypt, params);
-        }
-    }
-
-    protected void fail(String message, boolean authenticated, boolean bc)
-    {
-        if (bc || !authenticated)
-        {
-            super.fail(message);
-        }
-        else
-        {
-            // javax.crypto.CipherInputStream/CipherOutputStream
-            // are broken wrt handling AEAD failures
-            System.err.println("Broken JCE Streams: " + message);
-        }
-    }
-
-    /**
-     * Test CipherInputStream in ENCRYPT_MODE, CipherOutputStream in DECRYPT_MODE
-     */
-    private void testReadWrite(Object cipher, CipherParameters params, boolean blocks)
-        throws Exception
-    {
-        String lCode = "ABCDEFGHIJKLMNOPQRSTU";
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        try
-        {
-            init(cipher, true, params);
-
-            InputStream cIn = createCipherInputStream(lCode.getBytes(), cipher);
-            ByteArrayOutputStream ct = new ByteArrayOutputStream();
-
-            if (blocks)
-            {
-                byte[] block = new byte[getBlockSize(cipher) + 1];
-                int c;
-                while ((c = cIn.read(block)) >= 0)
-                {
-                    ct.write(block, 0, c);
-                }
-            }
-            else
-            {
-                int c;
-                while ((c = cIn.read()) >= 0)
-                {
-                    ct.write(c);
-                }
-            }
-            cIn.close();
-
-            init(cipher, false, params);
-            ByteArrayInputStream dataIn = new ByteArrayInputStream(ct.toByteArray());
-            OutputStream cOut = createCipherOutputStream(bOut, cipher);
-
-            if (blocks)
-            {
-                byte[] block = new byte[getBlockSize(cipher) + 1];
-                int c;
-                while ((c = dataIn.read(block)) >= 0)
-                {
-                    cOut.write(block, 0, c);
-                }
-            }
-            else
-            {
-                int c;
-                while ((c = dataIn.read()) >= 0)
-                {
-                    cOut.write(c);
-                }
-            }
-            cOut.flush();
-            cOut.close();
-
-        }
-        catch (Exception e)
-        {
-            fail("Unexpected exception " + getName(cipher), e);
-        }
-
-        String res = new String(bOut.toByteArray());
-        if (!res.equals(lCode))
-        {
-            fail("Failed read/write - decrypted data doesn't match: " + getName(cipher), lCode, res);
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        int[] testSizes = new int[]{0, 1, 7, 8, 9, 15, 16, 17, 1023, 1024, 1025, 2047, 2048, 2049, 4095, 4096, 4097};
-        for (int i = 0; i < testSizes.length; i++)
-        {
-            this.streamSize = testSizes[i];
-            performTests();
-        }
-    }
-
-    private void performTests()
-        throws Exception
-    {
-        testModes(new BlowfishEngine(), new BlowfishEngine(), 16);
-        testModes(new DESEngine(), new DESEngine(), 8);
-        testModes(new DESedeEngine(), new DESedeEngine(), 24);
-        testModes(new TEAEngine(), new TEAEngine(), 16);
-        testModes(new CAST5Engine(), new CAST5Engine(), 16);
-        testModes(new RC2Engine(), new RC2Engine(), 16);
-        testModes(new XTEAEngine(), new XTEAEngine(), 16);
-
-        testModes(new AESEngine(), new AESEngine(), 16);
-        testModes(new NoekeonEngine(), new NoekeonEngine(), 16);
-        testModes(new TwofishEngine(), new TwofishEngine(), 16);
-        testModes(new CAST6Engine(), new CAST6Engine(), 16);
-        testModes(new SEEDEngine(), new SEEDEngine(), 16);
-        testModes(new SerpentEngine(), new SerpentEngine(), 16);
-        testModes(new RC6Engine(), new RC6Engine(), 16);
-        testModes(new CamelliaEngine(), new CamelliaEngine(), 16);
-        testModes(new ThreefishEngine(ThreefishEngine.BLOCKSIZE_512),
-            new ThreefishEngine(ThreefishEngine.BLOCKSIZE_512), 64);
-
-        testMode(new RC4Engine(), new KeyParameter(new byte[16]));
-        testMode(new Salsa20Engine(), new ParametersWithIV(new KeyParameter(new byte[16]), new byte[8]));
-        testMode(new XSalsa20Engine(), new ParametersWithIV(new KeyParameter(new byte[32]), new byte[24]));
-        testMode(new ChaChaEngine(), new ParametersWithIV(new KeyParameter(new byte[16]), new byte[8]));
-        testMode(new Grainv1Engine(), new ParametersWithIV(new KeyParameter(new byte[16]), new byte[8]));
-        testMode(new Grain128Engine(), new ParametersWithIV(new KeyParameter(new byte[16]), new byte[12]));
-        testMode(new HC128Engine(), new KeyParameter(new byte[16]));
-        testMode(new HC256Engine(), new ParametersWithIV(new KeyParameter(new byte[16]), new byte[16]));
-
-        testSkipping(new Salsa20Engine(), new ParametersWithIV(new KeyParameter(new byte[16]), new byte[8]));
-        testSkipping(new SICBlockCipher(new AESEngine()), new ParametersWithIV(new KeyParameter(new byte[16]), new byte[16]));
-    }
-
-    private void testModes(BlockCipher cipher1, BlockCipher cipher2, int keySize)
-        throws Exception
-    {
-        final KeyParameter key = new KeyParameter(new byte[keySize]);
-        final int blockSize = getBlockSize(cipher1);
-        final CipherParameters withIv = new ParametersWithIV(key, new byte[blockSize]);
-
-        if (blockSize > 1)
-        {
-            testMode(new PaddedBufferedBlockCipher(cipher1, new PKCS7Padding()), key);
-
-            testMode(new PaddedBufferedBlockCipher(new CBCBlockCipher(cipher1), new PKCS7Padding()), withIv);
-
-            testMode(new BufferedBlockCipher(new OFBBlockCipher(cipher1, blockSize)), withIv);
-            testMode(new BufferedBlockCipher(new CFBBlockCipher(cipher1, blockSize)), withIv);
-            testMode(new BufferedBlockCipher(new SICBlockCipher(cipher1)), withIv);
-        }
-        // CTS requires at least one block
-        if (blockSize <= 16 && streamSize >= blockSize)
-        {
-            testMode(new CTSBlockCipher(cipher1), key);
-        }
-        if (blockSize <= 16 && streamSize >= blockSize)
-        {
-            testMode(new NISTCTSBlockCipher(NISTCTSBlockCipher.CS1, cipher1), key);
-            testMode(new NISTCTSBlockCipher(NISTCTSBlockCipher.CS2, cipher1), key);
-            testMode(new NISTCTSBlockCipher(NISTCTSBlockCipher.CS3, cipher1), key);
-        }
-        if (blockSize == 8 || blockSize == 16)
-        {
-            testMode(new EAXBlockCipher(cipher1), withIv);
-        }
-        if (blockSize == 16)
-        {
-            testMode(new CCMBlockCipher(cipher1), new ParametersWithIV(key, new byte[7]));
-            // TODO: need to have a GCM safe version of testMode.
-//            testMode(new GCMBlockCipher(cipher1), withIv);
-            testMode(new OCBBlockCipher(cipher1, cipher2), new ParametersWithIV(key, new byte[15]));
-        }
-    }
-
-    private void testSkipping(StreamCipher cipher, CipherParameters params)
-        throws Exception
-    {
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        init(cipher, true, params);
-
-        OutputStream cOut = createCipherOutputStream(bOut, cipher);
-        byte[] data = new byte[5000];
-
-        new SecureRandom().nextBytes(data);
-
-        cOut.write(data);
-
-        cOut.close();
-
-        init(cipher, false, params);
-
-        InputStream cIn = createCipherInputStream(bOut.toByteArray(), cipher);
-
-        long skip = cIn.skip(50);
-        if (skip != 50)
-        {
-            fail("wrong number of bytes skipped: " + skip);
-        }
-
-        byte[] block = new byte[50];
-
-        cIn.read(block);
-
-        if (!areEqual(data, 50, block, 0))
-        {
-            fail("initial skip mismatch");
-        }
-
-        skip = cIn.skip(3000);
-        if (skip != 3000)
-        {
-            fail("wrong number of bytes skipped: " + skip);
-        }
-
-        cIn.read(block);
-
-        if (!areEqual(data, 3100, block, 0))
-        {
-            fail("second skip mismatch");
-        }
-
-        cipher.reset();
-
-        cIn = createCipherInputStream(bOut.toByteArray(), cipher);
-        if (!cIn.markSupported())
-        {
-            fail("marking not supported");
-        }
-
-        cIn.mark(100);
-
-        cIn.read(block);
-
-        if (!areEqual(data, 0, block, 0))
-        {
-            fail("initial mark read failed");
-        }
-
-        cIn.reset();
-
-        cIn.read(block);
-
-        if (!areEqual(data, 0, block, 0))
-        {
-            fail(cipher.getAlgorithmName() + " initial reset read failed");
-        }
-
-        cIn.reset();
-
-        cIn.read(block);
-
-        cIn.mark(100);
-
-        cIn.read(block);
-
-        if (!areEqual(data, 50, block, 0))
-        {
-            fail("second mark read failed");
-        }
-
-        cIn.reset();
-
-        cIn.read(block);
-
-        if (!areEqual(data, 50, block, 0))
-        {
-            fail(cipher.getAlgorithmName() + " second reset read failed");
-        }
-
-        cIn.mark(3000);
-
-        skip = cIn.skip(2050);
-        if (skip != 2050)
-        {
-            fail("wrong number of bytes skipped: " + skip);
-        }
-
-        cIn.reset();
-
-        cIn.read(block);
-
-        if (!areEqual(data, 100, block, 0))
-        {
-            fail(cipher.getAlgorithmName() + " third reset read failed");
-        }
-
-        cIn.read(new byte[2150]);
-
-        cIn.reset();
-
-        cIn.read(block);
-
-        if (!areEqual(data, 100, block, 0))
-        {
-            fail(cipher.getAlgorithmName() + " fourth reset read failed");
-        }
-
-        cIn.close();
-    }
-
-    private boolean areEqual(byte[] a, int aOff, byte[] b, int bOff)
-    {
-        for (int i = bOff; i != b.length; i++)
-        {
-            if (a[aOff + i - bOff] != b[i])
-            {
-                return false;
-            }
-        }
-
-        return true;
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new CipherStreamTest());
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/CipherTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/CipherTest.java
deleted file mode 100644
index 407a044..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/CipherTest.java
+++ /dev/null

@@ -1,117 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.test.SimpleTest;
-
-public abstract class CipherTest
-    extends SimpleTest
-{
-    private SimpleTest[]      _tests;
-    private BlockCipher _engine;
-    private KeyParameter _validKey;
-
-//    protected CipherTest(
-//        SimpleTest[]  tests)
-//    {
-//        _tests = tests;
-//    }
-
-    protected CipherTest(
-        SimpleTest[]   tests,
-        BlockCipher  engine,
-        KeyParameter validKey)
-    {
-        _tests = tests;
-        _engine = engine;
-        _validKey = validKey;
-    }
-    
-    public abstract String getName();
-
-    public void performTest()
-        throws Exception
-    {
-        for (int i = 0; i != _tests.length; i++)
-        {
-            _tests[i].performTest();
-        }
-
-        if (_engine != null)
-        {
-            //
-            // state tests
-            //
-            byte[]      buf = new byte[128];
-            
-            try
-            {   
-                _engine.processBlock(buf, 0, buf, 0);
-                
-                fail("failed initialisation check");
-            }
-            catch (IllegalStateException e)
-            {
-                // expected 
-            }
-            
-            bufferSizeCheck((_engine));
-        }
-    }
-    
-    private void bufferSizeCheck(
-        BlockCipher engine)
-    {
-        byte[] correctBuf = new byte[engine.getBlockSize()];
-        byte[] shortBuf = new byte[correctBuf.length / 2];
-        
-        engine.init(true, _validKey);
-        
-        try
-        {   
-            engine.processBlock(shortBuf, 0, correctBuf, 0);
-            
-            fail("failed short input check");
-        }
-        catch (DataLengthException e)
-        {
-            // expected 
-        }
-        
-        try
-        {   
-            engine.processBlock(correctBuf, 0, shortBuf, 0);
-            
-            fail("failed short output check");
-        }
-        catch (DataLengthException e)
-        {
-            // expected 
-        }
-        
-        engine.init(false, _validKey);
-        
-        try
-        {   
-            engine.processBlock(shortBuf, 0, correctBuf, 0);
-            
-            fail("failed short input check");
-        }
-        catch (DataLengthException e)
-        {
-            // expected 
-        }
-        
-        try
-        {   
-            engine.processBlock(correctBuf, 0, shortBuf, 0);
-            
-            fail("failed short output check");
-        }
-        catch (DataLengthException e)
-        {
-            // expected 
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/CramerShoupTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/CramerShoupTest.java
deleted file mode 100644
index e963357..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/CramerShoupTest.java
+++ /dev/null

@@ -1,147 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.agreement.DHStandardGroups;
-import org.bouncycastle.crypto.engines.CramerShoupCiphertext;
-import org.bouncycastle.crypto.engines.CramerShoupCoreEngine;
-import org.bouncycastle.crypto.engines.CramerShoupCoreEngine.CramerShoupCiphertextException;
-import org.bouncycastle.crypto.generators.CramerShoupKeyPairGenerator;
-import org.bouncycastle.crypto.generators.CramerShoupParametersGenerator;
-import org.bouncycastle.crypto.params.CramerShoupKeyGenerationParameters;
-import org.bouncycastle.crypto.params.CramerShoupParameters;
-import org.bouncycastle.util.BigIntegers;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class CramerShoupTest
-    extends SimpleTest
-{
-    private static final BigInteger ONE = BigInteger.valueOf(1);
-
-    private static final SecureRandom RND = new SecureRandom();
-
-    private AsymmetricCipherKeyPair keyPair;
-
-    public static void main(String[] args)
-    {
-        runTest(new CramerShoupTest());
-    }
-
-    public String getName()
-    {
-        return "CramerShoup";
-    }
-
-
-    public void performTest()
-        throws Exception
-    {
-        BigInteger pSubOne = DHStandardGroups.rfc3526_2048.getP().subtract(ONE);
-        for (int i = 0; i < 10; ++i)
-        {
-            BigInteger message = BigIntegers.createRandomInRange(ONE, pSubOne, RND);
-
-            BigInteger m1 = encDecTest(message);
-            BigInteger m2 = labelledEncDecTest(message, "myRandomLabel");
-            BigInteger m3 = encDecEncodingTest(message);
-            BigInteger m4 = labelledEncDecEncodingTest(message, "myOtherCoolLabel");
-
-            if (!message.equals(m1) || !message.equals(m2) || !message.equals(m3) || !message.equals(m4))
-            {
-                fail("decrypted message != original message");
-            }
-        }
-    }
-
-    private BigInteger encDecEncodingTest(BigInteger m)
-    {
-        CramerShoupCiphertext ciphertext = encrypt(m);
-        byte[] c = ciphertext.toByteArray();
-        CramerShoupCiphertext decC = new CramerShoupCiphertext(c);
-        return decrypt(decC);
-    }
-
-    private BigInteger labelledEncDecEncodingTest(BigInteger m, String l)
-    {
-        byte[] c = encrypt(m, l).toByteArray();
-        return decrypt(new CramerShoupCiphertext(c), l);
-    }
-
-    private BigInteger encDecTest(BigInteger m)
-    {
-        CramerShoupCiphertext c = encrypt(m);
-        return decrypt(c);
-    }
-
-    private BigInteger labelledEncDecTest(BigInteger m, String l)
-    {
-        CramerShoupCiphertext c = encrypt(m, l);
-        return decrypt(c, l);
-    }
-
-
-    private BigInteger decrypt(CramerShoupCiphertext ciphertext)
-    {
-        return decrypt(ciphertext, null);
-    }
-
-    private BigInteger decrypt(CramerShoupCiphertext ciphertext, String label)
-    {
-
-        CramerShoupCoreEngine engine = new CramerShoupCoreEngine();
-        if (label != null)
-        {
-            engine.init(false, keyPair.getPrivate(), label);
-        }
-        else
-        {
-            engine.init(false, keyPair.getPrivate());
-        }
-        try
-        {
-            BigInteger m = engine.decryptBlock(ciphertext);
-
-            return m;
-        }
-        catch (CramerShoupCiphertextException e)
-        {
-            e.printStackTrace();
-        }
-
-        return null;
-    }
-
-    private CramerShoupCiphertext encrypt(BigInteger message)
-    {
-        return encrypt(message, null);
-    }
-
-    private CramerShoupCiphertext encrypt(BigInteger message, String label)
-    {
-        CramerShoupKeyPairGenerator kpGen = new CramerShoupKeyPairGenerator();
-        CramerShoupParametersGenerator pGen = new CramerShoupParametersGenerator();
-
-        pGen.init(2048, 1, RND);
-        CramerShoupParameters params = pGen.generateParameters(DHStandardGroups.rfc3526_2048);
-        CramerShoupKeyGenerationParameters param = new CramerShoupKeyGenerationParameters(RND, params);
-
-        kpGen.init(param);
-        keyPair = kpGen.generateKeyPair();
-
-        CramerShoupCoreEngine engine = new CramerShoupCoreEngine();
-        if (label != null)
-        {
-            engine.init(true, keyPair.getPublic(), label);
-        }
-        else
-        {
-            engine.init(true, keyPair.getPublic());
-        }
-
-        CramerShoupCiphertext ciphertext = engine.encryptBlock(message);
-
-        return ciphertext;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/DESTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/DESTest.java
deleted file mode 100644
index 08056fc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/DESTest.java
+++ /dev/null

@@ -1,206 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.crypto.engines.DESEngine;
-import org.bouncycastle.crypto.generators.DESKeyGenerator;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.modes.CFBBlockCipher;
-import org.bouncycastle.crypto.modes.OFBBlockCipher;
-import org.bouncycastle.crypto.params.DESParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-import java.security.SecureRandom;
-
-class DESParityTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "DESParityTest";
-    }
-
-    public void performTest()
-    {
-        byte[]  k1In = { (byte)0xff, (byte)0xff, (byte)0xff, (byte)0xff,
-                        (byte)0xff, (byte)0xff, (byte)0xff, (byte)0xff };
-        byte[]  k1Out = { (byte)0xfe, (byte)0xfe, (byte)0xfe, (byte)0xfe,
-                        (byte)0xfe, (byte)0xfe, (byte)0xfe, (byte)0xfe };
-
-        byte[]  k2In = { (byte)0xef, (byte)0xcb, (byte)0xda, (byte)0x4f,
-                        (byte)0xaa, (byte)0x99, (byte)0x7f, (byte)0x63 };
-        byte[]  k2Out = { (byte)0xef, (byte)0xcb, (byte)0xda, (byte)0x4f,
-                        (byte)0xab, (byte)0x98, (byte)0x7f, (byte)0x62 };
-
-        DESParameters.setOddParity(k1In);
-
-        for (int i = 0; i != k1In.length; i++)
-        {
-            if (k1In[i] != k1Out[i])
-            {
-                fail("Failed " 
-                    + "got " + new String(Hex.encode(k1In))
-                    + " expected " + new String(Hex.encode(k1Out)));
-            }
-        }
-
-        DESParameters.setOddParity(k2In);
-
-        for (int i = 0; i != k2In.length; i++)
-        {
-            if (k2In[i] != k2Out[i])
-            {
-                fail("Failed " 
-                    + "got " + new String(Hex.encode(k2In))
-                    + " expected " + new String(Hex.encode(k2Out)));
-            }
-        }
-    }
-}
-
-class KeyGenTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "KeyGenTest";
-    }
-
-    public void performTest()
-    {
-        DESKeyGenerator keyGen = new DESKeyGenerator();
-        
-        keyGen.init(new KeyGenerationParameters(new SecureRandom(), 56));
-        
-        byte[] kB = keyGen.generateKey();
-        
-        if (kB.length != 8)
-        {
-            fail("DES bit key wrong length.");
-        }
-    }
-}
-
-class DESParametersTest
-    extends SimpleTest
-{
-    static private byte[] weakKeys =
-     {
-         (byte)0x01,(byte)0x01,(byte)0x01,(byte)0x01, (byte)0x01,(byte)0x01,(byte)0x01,(byte)0x01,
-         (byte)0x1f,(byte)0x1f,(byte)0x1f,(byte)0x1f, (byte)0x0e,(byte)0x0e,(byte)0x0e,(byte)0x0e,
-         (byte)0xe0,(byte)0xe0,(byte)0xe0,(byte)0xe0, (byte)0xf1,(byte)0xf1,(byte)0xf1,(byte)0xf1,
-         (byte)0xfe,(byte)0xfe,(byte)0xfe,(byte)0xfe, (byte)0xfe,(byte)0xfe,(byte)0xfe,(byte)0xfe,
-         /* semi-weak keys */
-         (byte)0x01,(byte)0xfe,(byte)0x01,(byte)0xfe, (byte)0x01,(byte)0xfe,(byte)0x01,(byte)0xfe,
-         (byte)0x1f,(byte)0xe0,(byte)0x1f,(byte)0xe0, (byte)0x0e,(byte)0xf1,(byte)0x0e,(byte)0xf1,
-         (byte)0x01,(byte)0xe0,(byte)0x01,(byte)0xe0, (byte)0x01,(byte)0xf1,(byte)0x01,(byte)0xf1,
-         (byte)0x1f,(byte)0xfe,(byte)0x1f,(byte)0xfe, (byte)0x0e,(byte)0xfe,(byte)0x0e,(byte)0xfe,
-         (byte)0x01,(byte)0x1f,(byte)0x01,(byte)0x1f, (byte)0x01,(byte)0x0e,(byte)0x01,(byte)0x0e,
-         (byte)0xe0,(byte)0xfe,(byte)0xe0,(byte)0xfe, (byte)0xf1,(byte)0xfe,(byte)0xf1,(byte)0xfe,
-         (byte)0xfe,(byte)0x01,(byte)0xfe,(byte)0x01, (byte)0xfe,(byte)0x01,(byte)0xfe,(byte)0x01,
-         (byte)0xe0,(byte)0x1f,(byte)0xe0,(byte)0x1f, (byte)0xf1,(byte)0x0e,(byte)0xf1,(byte)0x0e,
-         (byte)0xe0,(byte)0x01,(byte)0xe0,(byte)0x01, (byte)0xf1,(byte)0x01,(byte)0xf1,(byte)0x01,
-         (byte)0xfe,(byte)0x1f,(byte)0xfe,(byte)0x1f, (byte)0xfe,(byte)0x0e,(byte)0xfe,(byte)0x0e,
-         (byte)0x1f,(byte)0x01,(byte)0x1f,(byte)0x01, (byte)0x0e,(byte)0x01,(byte)0x0e,(byte)0x01,
-         (byte)0xfe,(byte)0xe0,(byte)0xfe,(byte)0xe0, (byte)0xfe,(byte)0xf1,(byte)0xfe,(byte)0xf1
-     };
-
-    public String getName()
-    {
-        return "DESParameters";
-    }
-
-    public void performTest() throws Exception
-    {
-        try
-        {
-            DESParameters.isWeakKey(new byte[4], 0);
-            fail("no exception on small key");
-        }
-        catch (IllegalArgumentException e)
-        {
-            if (!e.getMessage().equals("key material too short."))
-            {
-                fail("wrong exception");
-            }
-        }
-
-        try
-        {
-            new DESParameters(weakKeys);
-            fail("no exception on weak key");
-        }
-        catch (IllegalArgumentException e)
-        {
-            if (!e.getMessage().equals("attempt to create weak DES key"))
-            {
-                fail("wrong exception");
-            }
-        }
-
-        for (int i = 0; i != weakKeys.length; i += 8)
-        {
-            if (!DESParameters.isWeakKey(weakKeys, i))
-            {
-                fail("weakKey test failed");
-            }
-        }
-    }
-}
-
-/**
- * DES tester - vectors from <a href=http://www.itl.nist.gov/fipspubs/fip81.htm>FIPS 81</a>
- */
-public class DESTest
-    extends CipherTest
-{
-    static String   input1 = "4e6f77206973207468652074696d6520666f7220616c6c20";
-    static String   input2 = "4e6f7720697320746865";
-    static String   input3 = "4e6f7720697320746865aabbcc";
-
-    static SimpleTest[]   tests = 
-            {
-                new BlockCipherVectorTest(0, new DESEngine(),
-                        new KeyParameter(Hex.decode("0123456789abcdef")),
-                        input1, "3fa40e8a984d48156a271787ab8883f9893d51ec4b563b53"),
-                new BlockCipherVectorTest(1, new CBCBlockCipher(new DESEngine()),
-                        new ParametersWithIV(new KeyParameter(Hex.decode("0123456789abcdef")), Hex.decode("1234567890abcdef")),
-                        input1, "e5c7cdde872bf27c43e934008c389c0f683788499a7c05f6"),
-                new BlockCipherVectorTest(2, new CFBBlockCipher(new DESEngine(), 8),
-                        new ParametersWithIV(new KeyParameter(Hex.decode("0123456789abcdef")), Hex.decode("1234567890abcdef")),
-                        input2, "f31fda07011462ee187f"),
-                new BlockCipherVectorTest(3, new CFBBlockCipher(new DESEngine(), 64),
-                        new ParametersWithIV(new KeyParameter(Hex.decode("0123456789abcdef")), Hex.decode("1234567890abcdef")),
-                        input1, "f3096249c7f46e51a69e839b1a92f78403467133898ea622"),
-                new BlockCipherVectorTest(4, new OFBBlockCipher(new DESEngine(), 8),
-                        new ParametersWithIV(new KeyParameter(Hex.decode("0123456789abcdef")), Hex.decode("1234567890abcdef")),
-                        input2, "f34a2850c9c64985d684"),
-                new BlockCipherVectorTest(5, new CFBBlockCipher(new DESEngine(), 64),
-                        new ParametersWithIV(new KeyParameter(Hex.decode("0123456789abcdef")), Hex.decode("1234567890abcdef")),
-                        input3, "f3096249c7f46e51a69e0954bf"),
-                new BlockCipherVectorTest(6, new OFBBlockCipher(new DESEngine(), 64),
-                        new ParametersWithIV(new KeyParameter(Hex.decode("0123456789abcdef")), Hex.decode("1234567890abcdef")),
-                        input3, "f3096249c7f46e5135f2c0eb8b"),
-                new DESParityTest(),
-                new DESParametersTest(),
-                new KeyGenTest()
-            };
-
-    public DESTest()
-    {
-        super(tests, new DESEngine(), new KeyParameter(new byte[8]));
-    }
-
-    public String getName()
-    {
-        return "DES";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new DESTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/DESedeTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/DESedeTest.java
deleted file mode 100644
index b14897f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/DESedeTest.java
+++ /dev/null

@@ -1,177 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.crypto.Wrapper;
-import org.bouncycastle.crypto.engines.DESedeEngine;
-import org.bouncycastle.crypto.engines.DESedeWrapEngine;
-import org.bouncycastle.crypto.generators.DESedeKeyGenerator;
-import org.bouncycastle.crypto.params.DESedeParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-import java.security.SecureRandom;
-
-/**
- * DESede tester
- */
-public class DESedeTest
-    extends CipherTest
-{
-    static private byte[] weakKey =     // first 8 bytes non-weak
-         {
-             (byte)0x06,(byte)0x01,(byte)0x01,(byte)0x01, (byte)0x01,(byte)0x01,(byte)0x01,(byte)0x01,
-             (byte)0x1f,(byte)0x1f,(byte)0x1f,(byte)0x1f, (byte)0x0e,(byte)0x0e,(byte)0x0e,(byte)0x0e,
-             (byte)0xe0,(byte)0xe0,(byte)0xe0,(byte)0xe0, (byte)0xf1,(byte)0xf1,(byte)0xf1,(byte)0xf1,
-         };
-
-    static String   input1 = "4e6f77206973207468652074696d6520666f7220616c6c20";
-    static String   input2 = "4e6f7720697320746865";
-
-    static SimpleTest[]  tests =
-            {
-                new BlockCipherVectorTest(0, new DESedeEngine(),
-                        new DESedeParameters(Hex.decode("0123456789abcdef0123456789abcdef")),
-                        input1, "3fa40e8a984d48156a271787ab8883f9893d51ec4b563b53"),
-                new BlockCipherVectorTest(1, new DESedeEngine(),
-                        new DESedeParameters(Hex.decode("0123456789abcdeffedcba9876543210")),
-                        input1, "d80a0d8b2bae5e4e6a0094171abcfc2775d2235a706e232c"),
-                new BlockCipherVectorTest(2, new DESedeEngine(),
-                        new DESedeParameters(Hex.decode("0123456789abcdef0123456789abcdef0123456789abcdef")),
-                        input1, "3fa40e8a984d48156a271787ab8883f9893d51ec4b563b53"),
-                new BlockCipherVectorTest(3, new DESedeEngine(),
-                        new DESedeParameters(Hex.decode("0123456789abcdeffedcba98765432100123456789abcdef")),
-                        input1, "d80a0d8b2bae5e4e6a0094171abcfc2775d2235a706e232c")
-            };
-
-    DESedeTest()
-    {
-        super(tests, new DESedeEngine(), new KeyParameter(new byte[16]));
-    }
-
-    private void wrapTest(
-        int     id,
-        byte[]  kek,
-        byte[]  iv,
-        byte[]  in,
-        byte[]  out)
-    {
-        Wrapper wrapper = new DESedeWrapEngine();
-
-        wrapper.init(true, new ParametersWithIV(new KeyParameter(kek), iv));
-
-        try
-        {
-            byte[]  cText = wrapper.wrap(in, 0, in.length);
-            if (!areEqual(cText, out))
-            {
-                fail(": failed wrap test " + id  + " expected " + new String(Hex.encode(out)) + " got " + new String(Hex.encode(cText)));
-            }
-        }
-        catch (Exception e)
-        {
-            fail("failed wrap test exception: " + e.toString(), e);
-        }
-
-        wrapper.init(false, new KeyParameter(kek));
-
-        try
-        {
-            byte[]  pText = wrapper.unwrap(out, 0, out.length);
-            if (!areEqual(pText, in))
-            {
-                fail("failed unwrap test " + id  + " expected " + new String(Hex.encode(in)) + " got " + new String(Hex.encode(pText)));
-            }
-        }
-        catch (Exception e)
-        {
-            fail("failed unwrap test exception: " + e.toString(), e);
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        super.performTest();
-
-        byte[]  kek1 = Hex.decode("255e0d1c07b646dfb3134cc843ba8aa71f025b7c0838251f");
-        byte[]  iv1 = Hex.decode("5dd4cbfc96f5453b");
-        byte[]  in1 = Hex.decode("2923bf85e06dd6ae529149f1f1bae9eab3a7da3d860d3e98");
-        byte[]  out1 = Hex.decode("690107618ef092b3b48ca1796b234ae9fa33ebb4159604037db5d6a84eb3aac2768c632775a467d4");
-        
-        wrapTest(1, kek1, iv1, in1, out1);
-
-        //
-        // key generation
-        //
-        SecureRandom       random = new SecureRandom();
-        DESedeKeyGenerator keyGen = new DESedeKeyGenerator();
-        
-        keyGen.init(new KeyGenerationParameters(random, 112));
-        
-        byte[] kB = keyGen.generateKey();
-        
-        if (kB.length != 16)
-        {
-            fail("112 bit key wrong length.");
-        }
-        
-        keyGen.init(new KeyGenerationParameters(random, 168));
-        
-        kB = keyGen.generateKey();
-        
-        if (kB.length != 24)
-        {
-            fail("168 bit key wrong length.");
-        }
-        
-        try
-        {
-            keyGen.init(new KeyGenerationParameters(random, 200));
-            
-            fail("invalid key length not detected.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-
-        try
-        {
-            DESedeParameters.isWeakKey(new byte[4], 0);
-            fail("no exception on small key");
-        }
-        catch (IllegalArgumentException e)
-        {
-            if (!e.getMessage().equals("key material too short."))
-            {
-                fail("wrong exception");
-            }
-        }
-
-        try
-        {
-            new DESedeParameters(weakKey);
-            fail("no exception on weak key");
-        }
-        catch (IllegalArgumentException e)
-        {
-            if (!e.getMessage().equals("attempt to create weak DESede key"))
-            {
-                fail("wrong exception");
-            }
-        }
-    }
-
-    public String getName()
-    {
-        return "DESede";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new DESedeTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/DHKEKGeneratorTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/DHKEKGeneratorTest.java
deleted file mode 100644
index 8a83d2a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/DHKEKGeneratorTest.java
+++ /dev/null

@@ -1,70 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.crypto.DerivationFunction;
-import org.bouncycastle.crypto.DerivationParameters;
-import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters;
-import org.bouncycastle.crypto.agreement.kdf.DHKEKGenerator;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * DHKEK Generator tests - from RFC 2631.
- */
-public class DHKEKGeneratorTest
-    extends SimpleTest
-{
-    private byte[] seed1 = Hex.decode("000102030405060708090a0b0c0d0e0f10111213");
-    private ASN1ObjectIdentifier alg1 = PKCSObjectIdentifiers.id_alg_CMS3DESwrap;
-    private byte[] result1 = Hex.decode("a09661392376f7044d9052a397883246b67f5f1ef63eb5fb");
-
-    private byte[] seed2 = Hex.decode("000102030405060708090a0b0c0d0e0f10111213");
-    private ASN1ObjectIdentifier alg2 = PKCSObjectIdentifiers.id_alg_CMSRC2wrap;
-    private byte[] partyAInfo = Hex.decode(
-                                     "0123456789abcdeffedcba9876543201"
-                                   + "0123456789abcdeffedcba9876543201"
-                                   + "0123456789abcdeffedcba9876543201"
-                                   + "0123456789abcdeffedcba9876543201");
-    private byte[] result2 = Hex.decode("48950c46e0530075403cce72889604e0");
-
-    public DHKEKGeneratorTest()
-    {
-    }
-
-    public void performTest()
-    {
-        checkMask(1, new DHKEKGenerator(new SHA1Digest()), new DHKDFParameters(alg1, 192, seed1), result1);
-        checkMask(2, new DHKEKGenerator(new SHA1Digest()), new DHKDFParameters(alg2, 128, seed2, partyAInfo), result2);
-    }
-
-    private void checkMask(
-        int                count,
-        DerivationFunction kdf,
-        DerivationParameters params,
-        byte[]             result)
-    {
-        byte[]             data = new byte[result.length];
-
-        kdf.init(params);
-
-        kdf.generateBytes(data, 0, data.length);
-
-        if (!areEqual(result, data))
-        {
-            fail("DHKEKGenerator failed generator test " + count);
-        }
-    }
-
-    public String getName()
-    {
-        return "DHKEKGenerator";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new DHKEKGeneratorTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/DHTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/DHTest.java
deleted file mode 100644
index 9c4413c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/DHTest.java
+++ /dev/null

@@ -1,540 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.agreement.DHAgreement;
-import org.bouncycastle.crypto.agreement.DHBasicAgreement;
-import org.bouncycastle.crypto.agreement.DHUnifiedAgreement;
-import org.bouncycastle.crypto.generators.DHBasicKeyPairGenerator;
-import org.bouncycastle.crypto.generators.DHKeyPairGenerator;
-import org.bouncycastle.crypto.generators.DHParametersGenerator;
-import org.bouncycastle.crypto.params.DHKeyGenerationParameters;
-import org.bouncycastle.crypto.params.DHParameters;
-import org.bouncycastle.crypto.params.DHPrivateKeyParameters;
-import org.bouncycastle.crypto.params.DHPublicKeyParameters;
-import org.bouncycastle.crypto.params.DHUPrivateParameters;
-import org.bouncycastle.crypto.params.DHUPublicParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class DHTest
-    extends SimpleTest
-{
-    private BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16);
-    private BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16);
-
-    private BigInteger g768 = new BigInteger("7c240073c1316c621df461b71ebb0cdcc90a6e5527e5e126633d131f87461c4dc4afc60c2cb0f053b6758871489a69613e2a8b4c8acde23954c08c81cbd36132cfd64d69e4ed9f8e51ed6e516297206672d5c0a69135df0a5dcf010d289a9ca1", 16);
-    private BigInteger p768 = new BigInteger("8c9dd223debed1b80103b8b309715be009d48860ed5ae9b9d5d8159508efd802e3ad4501a7f7e1cfec78844489148cd72da24b21eddd01aa624291c48393e277cfc529e37075eccef957f3616f962d15b44aeab4039d01b817fde9eaa12fd73f", 16);
-
-    private BigInteger  g1024 = new BigInteger("1db17639cdf96bc4eabba19454f0b7e5bd4e14862889a725c96eb61048dcd676ceb303d586e30f060dbafd8a571a39c4d823982117da5cc4e0f89c77388b7a08896362429b94a18a327604eb7ff227bffbc83459ade299e57b5f77b50fb045250934938efa145511166e3197373e1b5b1e52de713eb49792bedde722c6717abf", 16);
-    private BigInteger  p1024 = new BigInteger("a00e283b3c624e5b2b4d9fbc2653b5185d99499b00fd1bf244c6f0bb817b4d1c451b2958d62a0f8a38caef059fb5ecd25d75ed9af403f5b5bdab97a642902f824e3c13789fed95fa106ddfe0ff4a707c85e2eb77d49e68f2808bcea18ce128b178cd287c6bc00efa9a1ad2a673fe0dceace53166f75b81d6709d5f8af7c66bb7", 16);
-
-    public String getName()
-    {
-        return "DH";
-    }
-
-    private void testDH(
-        int         size,
-        BigInteger  g,
-        BigInteger  p)
-    {
-        DHKeyPairGenerator kpGen = getDHKeyPairGenerator(g, p);
-
-        //
-        // generate first pair
-        //
-        AsymmetricCipherKeyPair     pair = kpGen.generateKeyPair();
-
-        DHPublicKeyParameters       pu1 = (DHPublicKeyParameters)pair.getPublic();
-        DHPrivateKeyParameters      pv1 = (DHPrivateKeyParameters)pair.getPrivate();
-        //
-        // generate second pair
-        //
-        pair = kpGen.generateKeyPair();
-
-        DHPublicKeyParameters       pu2 = (DHPublicKeyParameters)pair.getPublic();
-        DHPrivateKeyParameters      pv2 = (DHPrivateKeyParameters)pair.getPrivate();
-
-        //
-        // two way
-        //
-        DHAgreement    e1 = new DHAgreement();
-        DHAgreement    e2 = new DHAgreement();
-
-        e1.init(pv1);
-        e2.init(pv2);
-
-        BigInteger  m1 = e1.calculateMessage();
-        BigInteger  m2 = e2.calculateMessage();
-
-        BigInteger   k1 = e1.calculateAgreement(pu2, m2);
-        BigInteger   k2 = e2.calculateAgreement(pu1, m1);
-
-        if (!k1.equals(k2))
-        {
-            fail(size + " bit 2-way test failed");
-        }
-    }
-
-    private void testDHBasic(
-        int         size,
-        int         privateValueSize,
-        BigInteger  g,
-        BigInteger  p)
-    {
-        DHBasicKeyPairGenerator kpGen = getDHBasicKeyPairGenerator(g, p, privateValueSize);
-
-        //
-        // generate first pair
-        //
-        AsymmetricCipherKeyPair     pair = kpGen.generateKeyPair();
-
-        DHPublicKeyParameters       pu1 = (DHPublicKeyParameters)pair.getPublic();
-        DHPrivateKeyParameters      pv1 = (DHPrivateKeyParameters)pair.getPrivate();
-
-        checkKeySize(privateValueSize, pv1);
-        //
-        // generate second pair
-        //
-        pair = kpGen.generateKeyPair();
-
-        DHPublicKeyParameters       pu2 = (DHPublicKeyParameters)pair.getPublic();
-        DHPrivateKeyParameters      pv2 = (DHPrivateKeyParameters)pair.getPrivate();
-
-        checkKeySize(privateValueSize, pv2);
-        //
-        // two way
-        //
-        DHBasicAgreement    e1 = new DHBasicAgreement();
-        DHBasicAgreement    e2 = new DHBasicAgreement();
-
-        e1.init(pv1);
-        e2.init(pv2);
-
-        BigInteger   k1 = e1.calculateAgreement(pu2);
-        BigInteger   k2 = e2.calculateAgreement(pu1);
-
-        if (!k1.equals(k2))
-        {
-            fail("basic " + size + " bit 2-way test failed");
-        }
-    }
-
-    private void checkKeySize(
-        int privateValueSize,
-        DHPrivateKeyParameters priv)
-    {
-        if (privateValueSize != 0)
-        {
-            if (priv.getX().bitLength() != privateValueSize)
-            {
-                fail("limited key check failed for key size " + privateValueSize);
-            }
-        }
-    }
-
-    private void testGPWithRandom(
-        DHKeyPairGenerator kpGen)
-    {
-        //
-        // generate first pair
-        //
-        AsymmetricCipherKeyPair     pair = kpGen.generateKeyPair();
-
-        DHPublicKeyParameters       pu1 = (DHPublicKeyParameters)pair.getPublic();
-        DHPrivateKeyParameters      pv1 = (DHPrivateKeyParameters)pair.getPrivate();
-        //
-        // generate second pair
-        //
-        pair = kpGen.generateKeyPair();
-
-        DHPublicKeyParameters       pu2 = (DHPublicKeyParameters)pair.getPublic();
-        DHPrivateKeyParameters      pv2 = (DHPrivateKeyParameters)pair.getPrivate();
-
-        //
-        // two way
-        //
-        DHAgreement    e1 = new DHAgreement();
-        DHAgreement    e2 = new DHAgreement();
-
-        e1.init(new ParametersWithRandom(pv1, new SecureRandom()));
-        e2.init(new ParametersWithRandom(pv2, new SecureRandom()));
-
-        BigInteger   m1 = e1.calculateMessage();
-        BigInteger   m2 = e2.calculateMessage();
-
-        BigInteger   k1 = e1.calculateAgreement(pu2, m2);
-        BigInteger   k2 = e2.calculateAgreement(pu1, m1);
-        
-        if (!k1.equals(k2))
-        {
-            fail("basic with random 2-way test failed");
-        }
-    }
-    
-    private void testSimpleWithRandom(
-        DHBasicKeyPairGenerator kpGen)
-    {
-        //
-        // generate first pair
-        //
-        AsymmetricCipherKeyPair     pair = kpGen.generateKeyPair();
-
-        DHPublicKeyParameters       pu1 = (DHPublicKeyParameters)pair.getPublic();
-        DHPrivateKeyParameters      pv1 = (DHPrivateKeyParameters)pair.getPrivate();
-        //
-        // generate second pair
-        //
-        pair = kpGen.generateKeyPair();
-
-        DHPublicKeyParameters       pu2 = (DHPublicKeyParameters)pair.getPublic();
-        DHPrivateKeyParameters      pv2 = (DHPrivateKeyParameters)pair.getPrivate();
-
-        //
-        // two way
-        //
-        DHBasicAgreement    e1 = new DHBasicAgreement();
-        DHBasicAgreement    e2 = new DHBasicAgreement();
-
-        e1.init(new ParametersWithRandom(pv1, new SecureRandom()));
-        e2.init(new ParametersWithRandom(pv2, new SecureRandom()));
-
-        BigInteger   k1 = e1.calculateAgreement(pu2);
-        BigInteger   k2 = e2.calculateAgreement(pu1);
-
-        if (!k1.equals(k2))
-        {
-            fail("basic with random 2-way test failed");
-        }
-    }
-
-    private DHBasicKeyPairGenerator getDHBasicKeyPairGenerator(
-        BigInteger g,
-        BigInteger p,
-        int        privateValueSize)
-    {
-        DHParameters                dhParams = new DHParameters(p, g, null, privateValueSize);
-        DHKeyGenerationParameters   params = new DHKeyGenerationParameters(new SecureRandom(), dhParams);
-        DHBasicKeyPairGenerator     kpGen = new DHBasicKeyPairGenerator();
-
-        kpGen.init(params);
-        
-        return kpGen;
-    }
-    
-    private DHKeyPairGenerator getDHKeyPairGenerator(
-        BigInteger g,
-        BigInteger p)
-    {
-        DHParameters                dhParams = new DHParameters(p, g);
-        DHKeyGenerationParameters   params = new DHKeyGenerationParameters(new SecureRandom(), dhParams);
-        DHKeyPairGenerator          kpGen = new DHKeyPairGenerator();
-
-        kpGen.init(params);
-        
-        return kpGen;
-    }
-    
-    /**
-     * this test is can take quiet a while
-     */
-    private void testGeneration(
-        int         size)
-    {
-        DHParametersGenerator       pGen = new DHParametersGenerator();
-
-        pGen.init(size, 10, new SecureRandom());
-
-        DHParameters                dhParams = pGen.generateParameters();
-
-        if (dhParams.getL() != 0)
-        {
-            fail("DHParametersGenerator failed to set J to 0 in generated DHParameters");
-        }
-
-        DHKeyGenerationParameters   params = new DHKeyGenerationParameters(new SecureRandom(), dhParams);
-
-        DHBasicKeyPairGenerator     kpGen = new DHBasicKeyPairGenerator();
-
-        kpGen.init(params);
-
-        //
-        // generate first pair
-        //
-        AsymmetricCipherKeyPair     pair = kpGen.generateKeyPair();
-
-        DHPublicKeyParameters       pu1 = (DHPublicKeyParameters)pair.getPublic();
-        DHPrivateKeyParameters      pv1 = (DHPrivateKeyParameters)pair.getPrivate();
-        
-        //
-        // generate second pair
-        //
-        params = new DHKeyGenerationParameters(new SecureRandom(), pu1.getParameters());
-
-        kpGen.init(params);
-
-        pair = kpGen.generateKeyPair();
-
-        DHPublicKeyParameters       pu2 = (DHPublicKeyParameters)pair.getPublic();
-        DHPrivateKeyParameters      pv2 = (DHPrivateKeyParameters)pair.getPrivate();
-
-        //
-        // two way
-        //
-        DHBasicAgreement    e1 = new DHBasicAgreement();
-        DHBasicAgreement    e2 = new DHBasicAgreement();
-
-        e1.init(new ParametersWithRandom(pv1, new SecureRandom()));
-        e2.init(new ParametersWithRandom(pv2, new SecureRandom()));
-
-        BigInteger   k1 = e1.calculateAgreement(pu2);
-        BigInteger   k2 = e2.calculateAgreement(pu1);
-
-        if (!k1.equals(k2))
-        {
-            fail("basic with " + size + " bit 2-way test failed");
-        }
-    }
-
-    private void testBounds()
-    {
-         BigInteger p1 = new BigInteger("00C8028E9151C6B51BCDB35C1F6B2527986A72D8546AE7A4BF41DC4289FF9837EE01592D36C324A0F066149B8B940C86C87D194206A39038AE3396F8E12435BB74449B70222D117B8A2BB77CB0D67A5D664DDE7B75E0FEC13CE0CAF258DAF3ADA0773F6FF0F2051D1859929AAA53B07809E496B582A89C3D7DA8B6E38305626621", 16);
-         BigInteger g1 = new BigInteger("1F869713181464577FE4026B47102FA0D7675503A4FCDA810881FAEC3524E6DBAEA9B96561EF7F8BEA76466DF11C2F3EB1A90CC5851735BF860606481257EECE6418C0204E61004E85D7131CE54BCBC7AD67E53C79DCB715E7C8D083DCD85D728283EC8F96839B4C9FA7C0727C472BEB94E4613CAFA8D580119C0AF4BF8AF252", 16);
-         int l1 = 1023;
-
-         BigInteger p2 = new BigInteger("00B333C98720220CC3946F494E25231B3E19F9AD5F6B19F4E7ABF80D8826C491C3224D4F7415A14A7C11D1BE584405FED12C3554F103E56A72D986CA5E325BB9DE07AC37D1EAE5E5AC724D32EF638F0E4462D4C1FC7A45B9FD3A5DF5EC36A1FA4DAA3FBB66AA42B1B71DF416AB547E987513426C7BB8634F5F4D37705514FDC1E1", 16);
-         BigInteger g2 = new BigInteger("2592F5A99FE46313650CCE66C94C15DBED9F4A45BD05C329986CF5D3E12139F0405A47C6385FEA27BFFEDC4CBABC5BB151F3BEE7CC3D51567F1E2B12A975AA9F48A70BDAAE7F5B87E70ADCF902490A3CBEFEDA41EBA8E12E02B56120B5FDEFBED07F5EAD3AE020DF3C8233216F8F0D35E13A7AE4DA5CBCC0D91EADBF20C281C6", 16);
-         int l2 = 1024;
-
-        DHKeyGenerationParameters   params1 = new DHKeyGenerationParameters(new SecureRandom(), new DHParameters(p1, g1, null, l1));
-        DHKeyGenerationParameters   params2 = new DHKeyGenerationParameters(new SecureRandom(), new DHParameters(p2, g2, null, l2));
-
-        DHBasicKeyPairGenerator     kpGen = new DHBasicKeyPairGenerator();
-
-        kpGen.init(params1);
-        kpGen.init(params2);
-    }
-
-    private void testCombinedTestVector1()
-    {
-        // Test Vector from NIST sample data
-
-        BigInteger P = new BigInteger("eedb3431b31d30851ddcd4dce57e1b8fc3b83cc7913bc049281d713d9f8fa91bfd0fde2e1ec5eb45a0d6483cfa6b5055ffa88622a1aa83b9f9c1df561e88b702866f17af2defea0b04cf3fbdd817140ad49c415909fc2bb2c5d160b77273e958a181bf73cf72118e1c8670d53d0e459d14d61ecb5b7c7f63a9cb019cd66aecb3a01d0402f1c18218f142653f4bc922e5baa35964b7432f311fa5a9b34e3b91582db366ad1493f25ea659540f87758ae34678dc864fb2c9d4aba18cb757285292c7d0bac73cc4632a2d54b89f2dc9656d1c50edd49dcbe2102510c70563a96f35dd8a21f0fdc5a1e23ce31fce0ee3023eafdca623508ffd2412fe4dc5b5dd0f75", 16);
-        BigInteger Q = new BigInteger("e90a78d5da01e926462e5c17a61ff97b09b6ac18f9137e7b99298705", 16);
-        BigInteger G = new BigInteger("9da3567e2f7396dd2ee4716d3477a53a47f811b2275a95ed07024d7231b739c79e88e5377479b23d460a41f981b1af619915e4d8b2dabf2cb716168d02dfb81e76048e23fff6c773f496b2ac3ae06e2eb12c39787a8244452aef404ce631aec9cf4027eefae492ce55517db0af3939354c5414e23205ae3bcd17faedecf80101fa75c619249a43b41aa15ee2d7699ee32e227b641129fe1c78b20c6655b09fa7fead338e179b4b4416c359b16e3773d141e1a876b7ee4281b61120607717f7edc8da8de42b16b54d0802d67d41fc173cd33227436f7c66bd2fe711b37fb0162543c268857414f4188f243fbf92e128388329c9f2df8db4e7808ab539891da798", 16);
-
-        DHParameters p = new DHParameters(P, G, Q);
-        
-        AsymmetricCipherKeyPair U1 = new AsymmetricCipherKeyPair(
-            new DHPublicKeyParameters(
-                new BigInteger("e485cd4b82e82dafd35f89d40361049e6100c16b17ca156d072832319a40bf7a3f5081182397b8fbd9d33391896bb35d9cc890d8c0a9e5b642b773ce0690f1bbd4596a9604708edb9c27f45117a7395b7407b43eebd8b82bef4a925e2a93185df21fbf012ec9059a9c9efc0b64afe0505aa1864d79a2a9833863c16163b48c9fcc26a9b9e2741097bdeabc2b7208589e4154e1de7ecf77e928668b28abb8113b322c6d426701df979d47ccd50d493b7fb6f20050c3e67cb876c1550d8c8677527600eab07196213252bd9a48d5023788fdb4b65f85144cf6654e092550646be4882125b286ced6578eedc981304ff88725e4138f90a7a4a07c94105d796b038f", 16), p),
-            new DHPrivateKeyParameters(
-                new BigInteger("8a10c0be8f4efaf3019b99698bc4c102f2dac93b993d52ab10ae93f0", 16), p));
-
-        AsymmetricCipherKeyPair U2 = new AsymmetricCipherKeyPair(
-            new DHPublicKeyParameters(
-                new BigInteger("3e84fbbb785bbdc43881b04ec6221b69a557b8b708d72cec8627a8342787554702d5021153ff1246ba5311553f740835c4b82ebc28c5fac05ad37f6c619649750e8dc41af9176af0099f18d36ee43535e7f35fb5f70a37b25dedd87cb6035bb938531c0430cee9c5c8f4321eae72590122bff1f636dcd6a32116ea3945d23a17acc1bfd1e7ad12390e6e13b456bc4a613b1356a7ca95c2660ac5c9f064a6b9c6d584c7e23bc1ff56745d92d0efc06384b3f59125f7c0918ae3a40074d229e22d8ca7573f9fbe89bc7afb344498d6a85b823e1fa20c3d6eccdd69abafe5e43273e71b6d32aa8dc3a349ec4ae41304e6e159c2e5c4b1555a538d58b46a4c8c87d9", 16), p),
-            new DHPrivateKeyParameters(
-                new BigInteger("5cb398bfbc3f69744de1f9611e03ab97aba0c5dbe1f6d74ac60fecdf", 16), p));
-
-        AsymmetricCipherKeyPair V1 = new AsymmetricCipherKeyPair(
-            new DHPublicKeyParameters(
-                new BigInteger("2d6e1bb1ed6cc967027f2eb76d069369ac26f38fc87110fe55cc6487988a7d7bf2525a1b65cd02e30fcaa12d626f3b18d9191e6dcbf9fbe4b1f421dd2cb8ca804a7ca535c05bcb850561edb477eafe0a1e1e2468e89bb58899293d65cde98db5200b5eb32b1d80d4489fbab14a68f74453513658bda56067e8b41add0f13f5980ceb77c52f205e3d8b36f436ff0b313860197972de0da8b554b47091b8a69cf6ce7efd6cae6e17f090e0f71fc5332a9999cf880ff5c031132463b0eb56083885cee842f85540418b68d0250b18181b0dfb9487e39aad1d0402dc910cf679fd87d765222812ec66cf0a981f950de94b0fd1f45370bc2176748d20fe099c1f498c", 16), p),
-            new DHPrivateKeyParameters(
-                new BigInteger("9b6038b952d3491d937a41e1bf8857bd79b80a96c99783a96ff1ef93", 16), p));
-
-        AsymmetricCipherKeyPair V2 = new AsymmetricCipherKeyPair(
-            new DHPublicKeyParameters(
-                new BigInteger("991805c775da39e0b92dc71f212e332cbab2b62a86114836bbe091c5ba2ce12cca5011483e220c0f24bba23f24a32c2c11b966064beba99b0b21eb19c7f46b328dc30af094ec116248e6f3f856aab622da4eb36b6056d7c5a3e0a0f1c45acc24321fccd1d0e0f4503e3e3aae3748ae6adeb1b85e0f708b4877b7a8d97acab093a57820b9d861da6d919126ae1c0b2d28dccca03a1808c03d5c5b6847d5e43a70b0a07190ced3ccf419e9f790281cf4676cad5dc6c7d3591a9fde2251850e072ffbc0411d8559460303c56738a1dbf76c8dd165b62a407e8cac9455c9257016fa0c7892cbcb978489a909f74d38d10746c1d5756329607ab0479c994c5d6f30e3", 16), p),
-            new DHPrivateKeyParameters(
-                new BigInteger("2775ab7578d5c0e18d12ed02f8c38ddfe272712902ee6a256270b041", 16), p));
-        
-        byte[] x = calculateUnifiedAgreement(U1, U2, V1, V2);
-
-        if (x == null
-            || !areEqual(Hex.decode("0f028c915a5ff77f5997791b66f08261995f7b459a574d66412f00afe5af4b838da0b9a4ed371077f1160f063844bca86ae83838cce0974d130f489532a8aeee5d55df17c13a15f79f27144aa3533665a47867f3eb43feb963ac2201d2766fb62a3979c19411c94cedf2c283b59fc616fbeeca585deb726fc7002900dc300e7b9bc055261708fee0f1f9b90de4f3720b7ec85d68745f41d495f1001dd7ccbbacf42ff2edc28e33454c5c59897d9782142db3f47972e2a79f16028f5fc6cdce4c729c57e9f63b55e25e80e3663528942b79749d7d66f7d84d4c8c4e877e221a8e06c7f001cd50b008086a4b0981e5fe000b7896dee152b24ed9cdb9907a5d64f0e4225b3cba8268c45c0846a60a697218a683e1b33843cb0153d8634769882a7fef5db4653d827bd75b54dda96666944b5d836b875d76936f73520e57be069f6aba7c36d42fc07be3e7ea49d0dabfad3177aa673553ba93a990cb79df9bcd8fa979f81c75b280cb99ff8e09713546cae8dbaea1021d2c29902793d483f29c1153f432e8b00e039286b085df0260d4949703a4a7a46492d1cb586d1845182c5b5461a432c5ebe60650de40e9e25502a0dfb931c4d5e5d9b624dcab3cbb5bf7cc51e5dbf35cd7029e724840c660dd4a6014de92a2bbb8a1b6ce28f6448d28cf1975017f66bc6904d244fe91ec39e509568d1c8256fa79931875b7ab69e29e432cce"), x))
-        {
-            fail("DH Combined Test Vector #1 agreement failed");
-        }
-    }
-
-    private void testCombinedTestVector2()
-    {
-        // Test Vector from NIST sample data
-
-        BigInteger P = new BigInteger("ea40cd647d0a1d3bcbdfa721a837e4d4dfd328340892a00aa2317f2fc532fe1e185d4ef0718281959943fc949964e542310deb687f7fcc45696c829a491b7dc5c46fff01673e71d92520465b4115dbb7edaeb32ec2688d0a5a9be93a322f3023b96d5f54e02d4a72dec479f68b40caff79f810f3a5cdaa3bda9eb87151b4c0663ceef4b50ca22ac63e4ab1343978e8ec148b5523734b23aa9ca92a21ca1cbe652c9a01b1724a1b10285778287cb5bf87c45e45dc54998e5e5308c00003131be4a62add4f5acbb0c4e2229e0fccd1633e4cf024f96dcbf012e5b629394500b1b5ceb6707957bde445671ba9a1d5b9a7d1dfe2f1419d1abf236b4b49bcfd7563df", 16);
-        BigInteger Q = new BigInteger("aa6b31da31408f637670a1fc36ca3625a5eebea9bdcc4398124bb9a006ac21f1", 16);
-        BigInteger G = new BigInteger("380ad19f75e5c666aa24daf545d74c51a4374f9002de09744bc338a33a3ab2017fdeb59f1f8552125ade4dceb7094d125ffad694662e3fe924d23c7a404806631e353887bbc4bf9f892f581880975918aca5b8a7d5108b791469f2e35f0a4095ce253bec246a8cdce190507018a4f844685eb2e0ba0146d5bb2d7ff7f1c5624fa2d7f6d20834c453457eb0227c26ae5d422cde461cfe1cd2f5ff909388dcd6ccdbfb8617b54d9038c1b9b1b2f15febbd5215db893f3a8f340bd18ac74d025a63b321ec537fa5d2c04c651f0431f75bc490ddd2a846595c6d10d0a085ab3835d025a334cdb0b25c3d993fa22aecaf5f87ca417a7aa278cb765344195f2a45201b", 16);
-
-        DHParameters p = new DHParameters(P, G, Q);
-
-        AsymmetricCipherKeyPair U1 = new AsymmetricCipherKeyPair(
-            new DHPublicKeyParameters(
-                new BigInteger("a2c43dc18321063dac3cd7793fb3a6cc3b38cbce99f233ba295660aa6cbba1449b0783acb7da1118bd0530f022336a2bb8845ac26bb71c3647369e8aa29ef7b5ddc4a3b4fe70291c9acf1bc1ce5666a3401b885fd7b1906ed27a985efdb643464398036ed79eb1a79cd7b88c5bfa4418df6439ac2297b946f125f7086537082f2144545da570835b23f27ebd400ceae6670168fece4ce3780a59d6eebb3a76f91de308d4aa9a1617b4005b6b089af5c5247af6a5dea1693861151e0a5aaa4b86884ab2969f5bc3008f19ac54118939b2efccf307dc2e3aa675aea0d80dcaec7160408d6e12b0b041544c831b9ae3d06b5d51e2e77035f0b5439fb375a9bd7664", 16), p),
-            new DHPrivateKeyParameters(
-                new BigInteger("7b4957b799a08816f9c48c2aff5dcc0aa6ad93a765a664e67899f09d1fa8949e", 16), p));
-
-        AsymmetricCipherKeyPair U2 = new AsymmetricCipherKeyPair(
-            new DHPublicKeyParameters(
-                new BigInteger("5ceca3f30cb6eb8bef123518d9b569fb9df47ac54944e381da3f69ab4a3f0484e49ea8e54d87b2bcad6f78c82f9a1969b72c7b1314ccf2ff7aa857e69ae24dbbce023f8d3cfcb2b5fe942750597b1ada12b685bb12c6ddfddf0a9d2b95e0692d431f5735b71d456fabc7362581cad88ca97b69cf185ec2d6097b07a1da80291c4d93285b21604540dc1da0807009b8f708e4eb4bdd40672b875076d5f4e712b54922c6506de4280f2cf8b34d78ea59a91dd45c7eee8cd77d8640af48342ea348abed040f7dd085181bda8f9ce88cc602407ae91b4fcb051cfcff7e7479fb6e24f6b7fb013d5b3d2ccc3dc3088c331fc9644b73e1b47e3f585f97e6f2c57e9983", 16), p),
-            new DHPrivateKeyParameters(
-                new BigInteger("8f9fe1ecd00b427a211f9d52b973aad9451b5985757a2204473f06de07eb39e2", 16), p));
-
-        AsymmetricCipherKeyPair V1 = new AsymmetricCipherKeyPair(
-            new DHPublicKeyParameters(
-                new BigInteger("b823ca4d470c714efb57420cc50acbb56eb4a4664abb3fe233496c2a0f70e52a0af08f87490724819d8bfc10203dc62b38ee032f5e14e612e1b23d5b014359ab4fe3584f49475c9d117f9ad89511d88c79dcc284d39d722939b0b5d24ad7374af70db712344755fc54502d0ae428860f63fcdcd9537c0f89f451ada1a30676481154129de022019e5a6ac1c117820896ebd97d06db887d6fd088ab71ad0fd2f3c87a015abe428aeadee7a8a65a7b823edcf4b7d9b2faf98691126b885e5804bac1a8fa1d05c186de218816e0aa75e939b731621a424b39d19e47a81d3638ff3d663e38a802361fb9bd1e79b2f3d1f4955b3d7d63bcb373f2ee70659a270f5087", 16), p),
-            new DHPrivateKeyParameters(
-                new BigInteger("2c8c6202bb519b17361418f48ef346328db6be65b4aa6a25561e165b6958682e", 16), p));
-
-        AsymmetricCipherKeyPair V2 = new AsymmetricCipherKeyPair(
-            new DHPublicKeyParameters(
-                new BigInteger("dae7f69a4a318f506181bd97320777e9256dcf992057eb951585fbd5b6e22e0a57255f316315e462ee38e15a0e5c5b9fc3f6f0611929bfe681f0d093cdcda18e35e13f09d5c73cbab5f659b2c55669410e5a772b621acbfa365db6046b08bce1bac4c379ad0f2bee10eddb040645ab75d5888c93e91efdc442053e5e935541b80afa911881daa91488bceab9585facbbdb010575387eac4f6657fbdc85a37dedbfccbd9b37d671861c5853de9078bdf905f15b191f2dcc1c93ee7258dc6854a8d3882ff4f03753373305fa4a00a839c3853e128f51004a17641f37ed9035665c4a6d6240cbeefb9c36b618a50e3b75d6128f732b34d81ce8b316ddefe8c0630d", 16), p),
-            new DHPrivateKeyParameters(
-                new BigInteger("35f5bf981241cff39e43b93bf31f5612a364595a881e75315de0b42b82f0d596", 16), p));
-
-        byte[] x = calculateUnifiedAgreement(U1, U2, V1, V2);
-
-        if (x == null
-            || !areEqual(Hex.decode("6d1eae28340c2095ab915b6655c96d23986c49e53f38de42a9c906eeeae3686744855b940de8377ad23053d923116f6dce7c91eea69714092a4e182cef01b362937c9bc66cc892948e79bac85bf0b9ee5c402c7725def46f754e5cd743e89247e84a4fe6e50b249c7aecf62114cb3beb6a0f8af8b0f3a19799c67372109fe0e01af6517d4108888cd3864b801a8566516b454219ee74b86a2e1a4cfbb2407198a1382858b947f9258404764fee9a0a99198c594fee426e04453b41051cfa22359d2b10d425142045b1a186056413203f4553ce0d7977012f1d3aa3df571f041f7422d4518da7abdf5a32bbbc86615cd2217b73719cb0b5ee5228a74ed0cb8202b862c68e46ab8282a482a9c94365e3dcb3b9b511bc65e7741f7d90f1180ef9c926ed9209cb10291d0ea472e675ac7704244723d788985aa6f5a73c83be4cdaba402453dfa572ac6d5bafb51b130556481e98a5ab5ede13364b886fbbf57f282b8f560f4ceafb2f29d953c8244aa3fea0c227a1a88e012e814267ecf36ac72793acf2ee02713d8980f30bc9231aae91a8181ed4645aa969625990cbdc7f4f646929132ef73354950c2490f91847a3350ece763a1869f6e446e4995296d4c024bf6998dd11aea59220e81e1aade984ba650150621f17e4bbca5f0f49fd21924c3a605d1e7e4fd3e32b93e1df6cd6a0d28cd9105537b513144e8ad1d3007bffbb15"), x))
-        {
-            fail("DH Combined Test Vector #2 agreement failed");
-        }
-    }
-
-    private byte[] calculateUnifiedAgreement(
-        AsymmetricCipherKeyPair U1,
-        AsymmetricCipherKeyPair U2,
-        AsymmetricCipherKeyPair V1,
-        AsymmetricCipherKeyPair V2)
-    {
-        DHUnifiedAgreement u = new DHUnifiedAgreement();
-        u.init(new DHUPrivateParameters(
-            (DHPrivateKeyParameters)U1.getPrivate(),
-            (DHPrivateKeyParameters)U2.getPrivate(),
-            (DHPublicKeyParameters)U2.getPublic()));
-        byte[] ux = u.calculateAgreement(new DHUPublicParameters(
-            (DHPublicKeyParameters)V1.getPublic(),
-            (DHPublicKeyParameters)V2.getPublic()));
-
-        DHUnifiedAgreement v = new DHUnifiedAgreement();
-        v.init(new DHUPrivateParameters(
-            (DHPrivateKeyParameters)V1.getPrivate(),
-            (DHPrivateKeyParameters)V2.getPrivate(),
-            (DHPublicKeyParameters)V2.getPublic()));
-        byte[] vx = v.calculateAgreement(new DHUPublicParameters(
-            (DHPublicKeyParameters)U1.getPublic(),
-            (DHPublicKeyParameters)U2.getPublic()));
-
-        if (areEqual(ux, vx))
-        {
-            return ux;
-        }
-
-        return null;
-    }
-    
-    public void performTest()
-    {
-        testDHBasic(512, 0, g512, p512);
-        testDHBasic(768, 0, g768, p768);
-        testDHBasic(1024, 0, g1024, p1024);
-
-        testDHBasic(512, 64, g512, p512);
-        testDHBasic(768, 128, g768, p768);
-        testDHBasic(1024, 256, g1024, p1024);
-
-        testDH(512, g512, p512);
-        testDH(768, g768, p768);
-        testDH(1024, g1024, p1024);
-
-        testBounds();
-
-        testCombinedTestVector1();
-        testCombinedTestVector2();
-        
-        //
-        // generation test.
-        //
-        testGeneration(256);
-        
-        //
-        // with random test
-        //
-        DHBasicKeyPairGenerator     kpBasicGen = getDHBasicKeyPairGenerator(g512, p512, 0);
-        
-        testSimpleWithRandom(kpBasicGen);
-        
-        DHKeyPairGenerator          kpGen = getDHKeyPairGenerator(g512, p512);
-        
-        testGPWithRandom(kpGen);
-        
-        //
-        // parameter tests
-        //
-        DHAgreement             dh = new DHAgreement();
-        AsymmetricCipherKeyPair dhPair = kpGen.generateKeyPair();
-        
-        try
-        {
-            dh.init(dhPair.getPublic());
-            fail("DHAgreement key check failed");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // ignore
-        }
-        
-        DHKeyPairGenerator      kpGen768 = getDHKeyPairGenerator(g768, p768);
-        
-        try
-        {
-            dh.init(dhPair.getPrivate());
-            
-            dh.calculateAgreement((DHPublicKeyParameters)kpGen768.generateKeyPair().getPublic(), BigInteger.valueOf(100));
-            
-            fail("DHAgreement agreement check failed");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // ignore
-        }
-        
-        DHBasicAgreement        dhBasic = new DHBasicAgreement();
-        AsymmetricCipherKeyPair dhBasicPair = kpBasicGen.generateKeyPair();
- 
-        try
-        {
-            dhBasic.init(dhBasicPair.getPublic());
-            fail("DHBasicAgreement key check failed");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-        
-        DHBasicKeyPairGenerator      kpBasicGen768 = getDHBasicKeyPairGenerator(g768, p768, 0);
-        
-        try
-        {
-            dhBasic.init(dhPair.getPrivate());
-            
-            dhBasic.calculateAgreement((DHPublicKeyParameters)kpBasicGen768.generateKeyPair().getPublic());
-            
-            fail("DHBasicAgreement agreement check failed");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new DHTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/DSATest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/DSATest.java
deleted file mode 100644
index 5f1a1f8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/DSATest.java
+++ /dev/null

@@ -1,725 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.digests.SHA224Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA3Digest;
-import org.bouncycastle.crypto.generators.DSAKeyPairGenerator;
-import org.bouncycastle.crypto.generators.DSAParametersGenerator;
-import org.bouncycastle.crypto.params.DSAKeyGenerationParameters;
-import org.bouncycastle.crypto.params.DSAParameterGenerationParameters;
-import org.bouncycastle.crypto.params.DSAParameters;
-import org.bouncycastle.crypto.params.DSAPrivateKeyParameters;
-import org.bouncycastle.crypto.params.DSAPublicKeyParameters;
-import org.bouncycastle.crypto.params.DSAValidationParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.signers.DSADigestSigner;
-import org.bouncycastle.crypto.signers.DSASigner;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.BigIntegers;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.FixedSecureRandom;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestRandomBigInteger;
-import org.bouncycastle.util.test.TestRandomData;
-
-/**
- * Test based on FIPS 186-2, Appendix 5, an example of DSA, and FIPS 168-3 test vectors.
- */
-public class DSATest
-    extends SimpleTest
-{
-    byte[] k1 = Hex.decode("d5014e4b60ef2ba8b6211b4062ba3224e0427dd3");
-    byte[] k2 = Hex.decode("345e8d05c075c3a508df729a1685690e68fcfb8c8117847e89063bca1f85d968fd281540b6e13bd1af989a1fbf17e06462bf511f9d0b140fb48ac1b1baa5bded");
-
-    SecureRandom    random = new FixedSecureRandom(
-        new FixedSecureRandom.Source[] { new FixedSecureRandom.Data(k1), new FixedSecureRandom.Data(k2) });
-
-    byte[] keyData = Hex.decode("b5014e4b60ef2ba8b6211b4062ba3224e0427dd3");
-    
-    SecureRandom    keyRandom = new FixedSecureRandom(
-                      new FixedSecureRandom.Source[] { new FixedSecureRandom.Data(keyData), new FixedSecureRandom.Data(keyData), new FixedSecureRandom.Data(Hex.decode("01020304"))});
-
-    BigInteger  pValue = new BigInteger("8df2a494492276aa3d25759bb06869cbeac0d83afb8d0cf7cbb8324f0d7882e5d0762fc5b7210eafc2e9adac32ab7aac49693dfbf83724c2ec0736ee31c80291", 16);
-    BigInteger  qValue = new BigInteger("c773218c737ec8ee993b4f2ded30f48edace915f", 16);
-
-    public String getName()
-    {
-        return "DSA";
-    }
-
-    public void performTest()
-    {
-        BigInteger              r = new BigInteger("68076202252361894315274692543577577550894681403");
-        BigInteger              s = new BigInteger("1089214853334067536215539335472893651470583479365");
-        DSAParametersGenerator  pGen = new DSAParametersGenerator();
-
-        pGen.init(512, 80, random);
-
-        DSAParameters           params = pGen.generateParameters();
-        DSAValidationParameters pValid = params.getValidationParameters();
-
-        if (pValid.getCounter() != 105)
-        {
-            fail("Counter wrong");
-        }
-
-        if (!pValue.equals(params.getP()) || !qValue.equals(params.getQ()))
-        {
-            fail("p or q wrong");
-        }
-
-        DSAKeyPairGenerator         dsaKeyGen = new DSAKeyPairGenerator();
-        DSAKeyGenerationParameters  genParam = new DSAKeyGenerationParameters(keyRandom, params);
-
-        dsaKeyGen.init(genParam);
-
-        AsymmetricCipherKeyPair  pair = dsaKeyGen.generateKeyPair();
-
-        ParametersWithRandom param = new ParametersWithRandom(pair.getPrivate(), keyRandom);
-
-        DSASigner dsa = new DSASigner();
-
-        dsa.init(true, param);
-
-        byte[] message = BigIntegers.asUnsignedByteArray(new BigInteger("968236873715988614170569073515315707566766479517"));
-        BigInteger[] sig = dsa.generateSignature(message);
-
-        if (!r.equals(sig[0]))
-        {
-            fail("r component wrong.", r, sig[0]);
-        }
-
-        if (!s.equals(sig[1]))
-        {
-            fail("s component wrong.", s, sig[1]);
-        }
-
-        dsa.init(false, pair.getPublic());
-
-        if (!dsa.verifySignature(message, sig[0], sig[1]))
-        {
-            fail("verification fails");
-        }
-
-        dsa2Test1();
-        dsa2Test2();
-        dsa2Test3();
-        dsa2Test4();
-
-        testDSAsha3(224, new BigInteger("613202af2a7f77e02b11b5c3a5311cf6b412192bc0032aac3ec127faebfc6bd0", 16));
-        testDSAsha3(256, new BigInteger("2450755c5e15a691b121bc833b97864e34a61ee025ecec89289c949c1858091e", 16));
-        testDSAsha3(384, new BigInteger("7aad97c0b71bb1e1a6483b6948a03bbe952e4780b0cee699a11731f90d84ddd1", 16));
-        testDSAsha3(512, new BigInteger("725ad64d923c668e64e7c3898b5efde484cab49ce7f98c2885d2a13a9e355ad4", 16));
-    }
-
-    private void testDSAsha3(int size, BigInteger s)
-    {
-        DSAParameters dsaParams = new DSAParameters(
-            new BigInteger(
-                        "F56C2A7D366E3EBDEAA1891FD2A0D099" +
-                        "436438A673FED4D75F594959CFFEBCA7BE0FC72E4FE67D91" +
-                        "D801CBA0693AC4ED9E411B41D19E2FD1699C4390AD27D94C" +
-                        "69C0B143F1DC88932CFE2310C886412047BD9B1C7A67F8A2" +
-                        "5909132627F51A0C866877E672E555342BDF9355347DBD43" +
-                        "B47156B2C20BAD9D2B071BC2FDCF9757F75C168C5D9FC431" +
-                        "31BE162A0756D1BDEC2CA0EB0E3B018A8B38D3EF2487782A" +
-                        "EB9FBF99D8B30499C55E4F61E5C7DCEE2A2BB55BD7F75FCD" +
-                        "F00E48F2E8356BDB59D86114028F67B8E07B127744778AFF" +
-                        "1CF1399A4D679D92FDE7D941C5C85C5D7BFF91BA69F9489D" +
-                        "531D1EBFA727CFDA651390F8021719FA9F7216CEB177BD75", 16),
-            new BigInteger("C24ED361870B61E0D367F008F99F8A1F75525889C89DB1B673C45AF5867CB467", 16),
-            new BigInteger(
-                        "8DC6CC814CAE4A1C05A3E186A6FE27EA" +
-                        "BA8CDB133FDCE14A963A92E809790CBA096EAA26140550C1" +
-                        "29FA2B98C16E84236AA33BF919CD6F587E048C52666576DB" +
-                        "6E925C6CBE9B9EC5C16020F9A44C9F1C8F7A8E611C1F6EC2" +
-                        "513EA6AA0B8D0F72FED73CA37DF240DB57BBB27431D61869" +
-                        "7B9E771B0B301D5DF05955425061A30DC6D33BB6D2A32BD0" +
-                        "A75A0A71D2184F506372ABF84A56AEEEA8EB693BF29A6403" +
-                        "45FA1298A16E85421B2208D00068A5A42915F82CF0B858C8" +
-                        "FA39D43D704B6927E0B2F916304E86FB6A1B487F07D8139E" +
-                        "428BB096C6D67A76EC0B8D4EF274B8A2CF556D279AD267CC" +
-                        "EF5AF477AFED029F485B5597739F5D0240F67C2D948A6279", 16)
-        );
-
-        BigInteger x = new BigInteger("0CAF2EF547EC49C4F3A6FE6DF4223A174D01F2C115D49A6F73437C29A2A8458C", 16);
-
-        BigInteger y = new BigInteger(
-                    "2828003D7C747199143C370FDD07A286" +
-                    "1524514ACC57F63F80C38C2087C6B795B62DE1C224BF8D1D" +
-                    "1424E60CE3F5AE3F76C754A2464AF292286D873A7A30B7EA" +
-                    "CBBC75AAFDE7191D9157598CDB0B60E0C5AA3F6EBE425500" +
-                    "C611957DBF5ED35490714A42811FDCDEB19AF2AB30BEADFF" +
-                    "2907931CEE7F3B55532CFFAEB371F84F01347630EB227A41" +
-                    "9B1F3F558BC8A509D64A765D8987D493B007C4412C297CAF" +
-                    "41566E26FAEE475137EC781A0DC088A26C8804A98C23140E" +
-                    "7C936281864B99571EE95C416AA38CEEBB41FDBFF1EB1D1D" +
-                    "C97B63CE1355257627C8B0FD840DDB20ED35BE92F08C49AE" +
-                    "A5613957D7E5C7A6D5A5834B4CB069E0831753ECF65BA02B", 16);
-
-        DSAPrivateKeyParameters priKey = new DSAPrivateKeyParameters(x, dsaParams);
-        SecureRandom k = new FixedSecureRandom(
-            new FixedSecureRandom.Source[] {
-                new FixedSecureRandom.BigInteger(BigIntegers.asUnsignedByteArray(new BigInteger("72546832179840998877302529996971396893172522460793442785601695562409154906335"))),
-                new FixedSecureRandom.Data(Hex.decode("01020304"))
-            });
-
-        byte[] M = Hex.decode("1BD4ED430B0F384B4E8D458EFF1A8A553286D7AC21CB2F6806172EF5F94A06AD");
-
-        DSADigestSigner dsa = new DSADigestSigner(new DSASigner(), new SHA3Digest(size));
-
-        dsa.init(true, new ParametersWithRandom(priKey, k));
-
-        dsa.update(M, 0, M.length);
-
-        byte[] encSig = dsa.generateSignature();
-
-        ASN1Sequence sig = ASN1Sequence.getInstance(encSig);
-
-        BigInteger r = new BigInteger("4864074fe30e6601268ee663440e4d9b703f62673419864e91e9edb0338ce510", 16);
-
-        BigInteger sigR = ASN1Integer.getInstance(sig.getObjectAt(0)).getValue();
-        if (!r.equals(sigR))
-        {
-            fail("r component wrong." + Strings.lineSeparator()
-                + " expecting: " + r.toString(16) + Strings.lineSeparator()
-                + " got      : " + sigR.toString(16));
-        }
-
-        BigInteger sigS = ASN1Integer.getInstance(sig.getObjectAt(1)).getValue();
-        if (!s.equals(sigS))
-        {
-            fail("s component wrong." + Strings.lineSeparator()
-                + " expecting: " + s.toString(16) + Strings.lineSeparator()
-                + " got      : " + sigS.toString(16));
-        }
-
-        // Verify the signature
-        DSAPublicKeyParameters pubKey = new DSAPublicKeyParameters(y, dsaParams);
-
-        dsa.init(false, pubKey);
-
-        dsa.update(M, 0, M.length);
-
-        if (!dsa.verifySignature(encSig))
-        {
-            fail("signature fails");
-        }
-    }
-
-    private void dsa2Test1()
-    {
-        byte[] seed = Hex.decode("ED8BEE8D1CB89229D2903CBF0E51EE7377F48698");
-
-        DSAParametersGenerator pGen = new DSAParametersGenerator();
-
-        pGen.init(new DSAParameterGenerationParameters(1024, 160, 80, new DSATestSecureRandom(seed)));
-
-        DSAParameters params = pGen.generateParameters();
-
-        DSAValidationParameters pv = params.getValidationParameters();
-
-        if (pv.getCounter() != 5)
-        {
-            fail("counter incorrect");
-        }
-
-        if (!Arrays.areEqual(seed, pv.getSeed()))
-        {
-            fail("seed incorrect");
-        }
-
-        if (!params.getQ().equals(new BigInteger("E950511EAB424B9A19A2AEB4E159B7844C589C4F", 16)))
-        {
-            fail("Q incorrect");
-        }
-
-        if (!params.getP().equals(new BigInteger(
-            "E0A67598CD1B763B" +
-            "C98C8ABB333E5DDA0CD3AA0E5E1FB5BA8A7B4EABC10BA338" +
-            "FAE06DD4B90FDA70D7CF0CB0C638BE3341BEC0AF8A7330A3" +
-            "307DED2299A0EE606DF035177A239C34A912C202AA5F83B9" +
-            "C4A7CF0235B5316BFC6EFB9A248411258B30B839AF172440" +
-            "F32563056CB67A861158DDD90E6A894C72A5BBEF9E286C6B", 16)))
-        {
-            fail("P incorrect");
-        }
-
-        if (!params.getG().equals(new BigInteger(
-            "D29D5121B0423C27" +
-            "69AB21843E5A3240FF19CACC792264E3BB6BE4F78EDD1B15" +
-            "C4DFF7F1D905431F0AB16790E1F773B5CE01C804E509066A" +
-            "9919F5195F4ABC58189FD9FF987389CB5BEDF21B4DAB4F8B" +
-            "76A055FFE2770988FE2EC2DE11AD92219F0B351869AC24DA" +
-            "3D7BA87011A701CE8EE7BFE49486ED4527B7186CA4610A75", 16)))
-        {
-            fail("G incorrect");
-        }
-
-        DSAKeyPairGenerator kpGen = new DSAKeyPairGenerator();
-
-        kpGen.init(new DSAKeyGenerationParameters(new TestRandomBigInteger("D0EC4E50BB290A42E9E355C73D8809345DE2E139", 16), params));
-
-        AsymmetricCipherKeyPair kp = kpGen.generateKeyPair();
-
-        DSAPublicKeyParameters pub = (DSAPublicKeyParameters)kp.getPublic();
-        DSAPrivateKeyParameters priv = (DSAPrivateKeyParameters)kp.getPrivate();
-
-        if (!pub.getY().equals(new BigInteger(
-            "25282217F5730501" +
-            "DD8DBA3EDFCF349AAFFEC20921128D70FAC44110332201BB" +
-            "A3F10986140CBB97C726938060473C8EC97B4731DB004293" +
-            "B5E730363609DF9780F8D883D8C4D41DED6A2F1E1BBBDC97" +
-            "9E1B9D6D3C940301F4E978D65B19041FCF1E8B518F5C0576" +
-            "C770FE5A7A485D8329EE2914A2DE1B5DA4A6128CEAB70F79", 16)))
-        {
-            fail("Y value incorrect");
-        }
-
-        if (!priv.getX().equals(
-            new BigInteger("D0EC4E50BB290A42E9E355C73D8809345DE2E139", 16)))
-        {
-            fail("X value incorrect");
-        }
-
-        DSASigner signer = new DSASigner();
-
-        signer.init(true, new ParametersWithRandom(kp.getPrivate(), new FixedSecureRandom(
-            new FixedSecureRandom.Source[] {
-                new FixedSecureRandom.BigInteger("349C55648DCF992F3F33E8026CFAC87C1D2BA075"),
-                new FixedSecureRandom.Data(Hex.decode("01020304")) })));
-
-        byte[] msg = Hex.decode("A9993E364706816ABA3E25717850C26C9CD0D89D");
-
-        BigInteger[] sig = signer.generateSignature(msg);
-
-        if (!sig[0].equals(new BigInteger("636155AC9A4633B4665D179F9E4117DF68601F34", 16)))
-        {
-            fail("R value incorrect");
-        }
-
-        if (!sig[1].equals(new BigInteger("6C540B02D9D4852F89DF8CFC99963204F4347704", 16)))
-        {
-            fail("S value incorrect");
-        }
-
-        signer.init(false, kp.getPublic());
-
-        if (!signer.verifySignature(msg, sig[0], sig[1]))
-        {
-            fail("signature not verified");
-        }
-
-    }
-
-    private void dsa2Test2()
-        {
-            byte[] seed = Hex.decode("5AFCC1EFFC079A9CCA6ECA86D6E3CC3B18642D9BE1CC6207C84002A9");
-
-            DSAParametersGenerator pGen = new DSAParametersGenerator(new SHA224Digest());
-
-            pGen.init(new DSAParameterGenerationParameters(2048, 224, 80, new DSATestSecureRandom(seed)));
-
-            DSAParameters params = pGen.generateParameters();
-
-            DSAValidationParameters pv = params.getValidationParameters();
-
-            if (pv.getCounter() != 21)
-            {
-                fail("counter incorrect");
-            }
-
-            if (!Arrays.areEqual(seed, pv.getSeed()))
-            {
-                fail("seed incorrect");
-            }
-
-            if (!params.getQ().equals(new BigInteger("90EAF4D1AF0708B1B612FF35E0A2997EB9E9D263C9CE659528945C0D", 16)))
-            {
-                fail("Q incorrect");
-            }
-
-            if (!params.getP().equals(new BigInteger(
-                "C196BA05AC29E1F9C3C72D56DFFC6154" +
-                "A033F1477AC88EC37F09BE6C5BB95F51C296DD20D1A28A06" +
-                "7CCC4D4316A4BD1DCA55ED1066D438C35AEBAABF57E7DAE4" +
-                "28782A95ECA1C143DB701FD48533A3C18F0FE23557EA7AE6" +
-                "19ECACC7E0B51652A8776D02A425567DED36EABD90CA33A1" +
-                "E8D988F0BBB92D02D1D20290113BB562CE1FC856EEB7CDD9" +
-                "2D33EEA6F410859B179E7E789A8F75F645FAE2E136D252BF" +
-                "FAFF89528945C1ABE705A38DBC2D364AADE99BE0D0AAD82E" +
-                "5320121496DC65B3930E38047294FF877831A16D5228418D" +
-                "E8AB275D7D75651CEFED65F78AFC3EA7FE4D79B35F62A040" +
-                "2A1117599ADAC7B269A59F353CF450E6982D3B1702D9CA83", 16)))
-            {
-                fail("P incorrect");
-            }
-
-            if (!params.getG().equals(new BigInteger(
-                "A59A749A11242C58C894E9E5A91804E8"+
-                "FA0AC64B56288F8D47D51B1EDC4D65444FECA0111D78F35F"+
-                "C9FDD4CB1F1B79A3BA9CBEE83A3F811012503C8117F98E50"+
-                "48B089E387AF6949BF8784EBD9EF45876F2E6A5A495BE64B"+
-                "6E770409494B7FEE1DBB1E4B2BC2A53D4F893D418B715959"+
-                "2E4FFFDF6969E91D770DAEBD0B5CB14C00AD68EC7DC1E574"+
-                "5EA55C706C4A1C5C88964E34D09DEB753AD418C1AD0F4FDF"+
-                "D049A955E5D78491C0B7A2F1575A008CCD727AB376DB6E69"+
-                "5515B05BD412F5B8C2F4C77EE10DA48ABD53F5DD498927EE"+
-                "7B692BBBCDA2FB23A516C5B4533D73980B2A3B60E384ED20"+
-                "0AE21B40D273651AD6060C13D97FD69AA13C5611A51B9085", 16)))
-            {
-                fail("G incorrect");
-            }
-
-            DSAKeyPairGenerator kpGen = new DSAKeyPairGenerator();
-
-            kpGen.init(new DSAKeyGenerationParameters(new TestRandomData(Hex.decode("00D0F09ED3E2568F6CADF9224117DA2AEC5A4300E009DE1366023E17")), params));
-
-            AsymmetricCipherKeyPair kp = kpGen.generateKeyPair();
-
-            DSAPublicKeyParameters pub = (DSAPublicKeyParameters)kp.getPublic();
-            DSAPrivateKeyParameters priv = (DSAPrivateKeyParameters)kp.getPrivate();
-
-            if (!pub.getY().equals(new BigInteger(
-                "70035C9A3B225B258F16741F3941FBF0" +
-                "6F3D056CD7BD864604CBB5EE9DD85304EE8E8E4ABD5E9032" +
-                "11DDF25CE149075510ACE166970AFDC7DF552B7244F342FA" +
-                "02F7A621405B754909D757F97290E1FE5036E904CF593446" +
-                "0C046D95659821E1597ED9F2B1F0E20863A6BBD0CE74DACB" +
-                "A5D8C68A90B29C2157CDEDB82EC12B81EE3068F9BF5F7F34" +
-                "6ECA41ED174CCCD7D154FA4F42F80FFE1BF46AE9D8125DEB" +
-                "5B4BA08A72BDD86596DBEDDC9550FDD650C58F5AE5133509" +
-                "A702F79A31ECB490F7A3C5581631F7C5BE4FF7F9E9F27FA3" +
-                "90E47347AD1183509FED6FCF198BA9A71AB3335B4F38BE8D" +
-                "15496A00B6DC2263E20A5F6B662320A3A1EC033AA61E3B68", 16)))
-            {
-                fail("Y value incorrect");
-            }
-
-            if (!priv.getX().equals(
-                new BigInteger("00D0F09ED3E2568F6CADF9224117DA2AEC5A4300E009DE1366023E17", 16)))
-            {
-                fail("X value incorrect");
-            }
-
-            DSASigner signer = new DSASigner();
-
-            signer.init(true, new ParametersWithRandom(kp.getPrivate(), new FixedSecureRandom(
-                new FixedSecureRandom.Source[] {
-                    new FixedSecureRandom.BigInteger(Hex.decode("735959CC4463B8B440E407EECA8A473BF6A6D1FE657546F67D401F05")),
-                    new FixedSecureRandom.Data(Hex.decode("01020304"))
-                })));
-
-            byte[] msg = Hex.decode("23097D223405D8228642A477BDA255B32AADBCE4BDA0B3F7E36C9DA7");
-
-            BigInteger[] sig = signer.generateSignature(msg);
-
-            if (!sig[0].equals(new BigInteger("4400138D05F9639CAF54A583CAAF25D2B76D0C3EAD752CE17DBC85FE", 16)))
-            {
-                fail("R value incorrect");
-            }
-
-            if (!sig[1].equals(new BigInteger("874D4F12CB13B61732D398445698CFA9D92381D938AA57EE2C9327B3", 16)))
-            {
-                fail("S value incorrect");
-            }
-
-            signer.init(false, kp.getPublic());
-
-            if (!signer.verifySignature(msg, sig[0], sig[1]))
-            {
-                fail("signature not verified");
-            }
-        }
-
-    private void dsa2Test3()
-    {
-        byte[] seed = Hex.decode("4783081972865EA95D43318AB2EAF9C61A2FC7BBF1B772A09017BDF5A58F4FF0");
-
-        DSAParametersGenerator pGen = new DSAParametersGenerator(new SHA256Digest());
-
-        pGen.init(new DSAParameterGenerationParameters(2048, 256, 80, new DSATestSecureRandom(seed)));
-
-        DSAParameters params = pGen.generateParameters();
-
-        DSAValidationParameters pv = params.getValidationParameters();
-
-        if (pv.getCounter() != 12)
-        {
-            fail("counter incorrect");
-        }
-
-        if (!Arrays.areEqual(seed, pv.getSeed()))
-        {
-            fail("seed incorrect");
-        }
-
-        if (!params.getQ().equals(new BigInteger("C24ED361870B61E0D367F008F99F8A1F75525889C89DB1B673C45AF5867CB467", 16)))
-        {
-            fail("Q incorrect");
-        }
-
-        if (!params.getP().equals(new BigInteger(
-            "F56C2A7D366E3EBDEAA1891FD2A0D099" +
-            "436438A673FED4D75F594959CFFEBCA7BE0FC72E4FE67D91" +
-            "D801CBA0693AC4ED9E411B41D19E2FD1699C4390AD27D94C" +
-            "69C0B143F1DC88932CFE2310C886412047BD9B1C7A67F8A2" +
-            "5909132627F51A0C866877E672E555342BDF9355347DBD43" +
-            "B47156B2C20BAD9D2B071BC2FDCF9757F75C168C5D9FC431" +
-            "31BE162A0756D1BDEC2CA0EB0E3B018A8B38D3EF2487782A" +
-            "EB9FBF99D8B30499C55E4F61E5C7DCEE2A2BB55BD7F75FCD" +
-            "F00E48F2E8356BDB59D86114028F67B8E07B127744778AFF" +
-            "1CF1399A4D679D92FDE7D941C5C85C5D7BFF91BA69F9489D" +
-            "531D1EBFA727CFDA651390F8021719FA9F7216CEB177BD75", 16)))
-        {
-            fail("P incorrect");
-        }
-
-        if (!params.getG().equals(new BigInteger(
-            "8DC6CC814CAE4A1C05A3E186A6FE27EA" +
-            "BA8CDB133FDCE14A963A92E809790CBA096EAA26140550C1" +
-            "29FA2B98C16E84236AA33BF919CD6F587E048C52666576DB" +
-            "6E925C6CBE9B9EC5C16020F9A44C9F1C8F7A8E611C1F6EC2" +
-            "513EA6AA0B8D0F72FED73CA37DF240DB57BBB27431D61869" +
-            "7B9E771B0B301D5DF05955425061A30DC6D33BB6D2A32BD0" +
-            "A75A0A71D2184F506372ABF84A56AEEEA8EB693BF29A6403" +
-            "45FA1298A16E85421B2208D00068A5A42915F82CF0B858C8" +
-            "FA39D43D704B6927E0B2F916304E86FB6A1B487F07D8139E" +
-            "428BB096C6D67A76EC0B8D4EF274B8A2CF556D279AD267CC" +
-            "EF5AF477AFED029F485B5597739F5D0240F67C2D948A6279", 16)))
-        {
-            fail("G incorrect");
-        }
-
-        DSAKeyPairGenerator kpGen = new DSAKeyPairGenerator();
-
-        kpGen.init(new DSAKeyGenerationParameters(new TestRandomData(Hex.decode("0CAF2EF547EC49C4F3A6FE6DF4223A174D01F2C115D49A6F73437C29A2A8458C")), params));
-
-        AsymmetricCipherKeyPair kp = kpGen.generateKeyPair();
-
-        DSAPublicKeyParameters pub = (DSAPublicKeyParameters)kp.getPublic();
-        DSAPrivateKeyParameters priv = (DSAPrivateKeyParameters)kp.getPrivate();
-
-        if (!pub.getY().equals(new BigInteger(
-            "2828003D7C747199143C370FDD07A286" +
-            "1524514ACC57F63F80C38C2087C6B795B62DE1C224BF8D1D" +
-            "1424E60CE3F5AE3F76C754A2464AF292286D873A7A30B7EA" +
-            "CBBC75AAFDE7191D9157598CDB0B60E0C5AA3F6EBE425500" +
-            "C611957DBF5ED35490714A42811FDCDEB19AF2AB30BEADFF" +
-            "2907931CEE7F3B55532CFFAEB371F84F01347630EB227A41" +
-            "9B1F3F558BC8A509D64A765D8987D493B007C4412C297CAF" +
-            "41566E26FAEE475137EC781A0DC088A26C8804A98C23140E" +
-            "7C936281864B99571EE95C416AA38CEEBB41FDBFF1EB1D1D" +
-            "C97B63CE1355257627C8B0FD840DDB20ED35BE92F08C49AE" +
-            "A5613957D7E5C7A6D5A5834B4CB069E0831753ECF65BA02B", 16)))
-        {
-            fail("Y value incorrect");
-        }
-
-        if (!priv.getX().equals(
-            new BigInteger("0CAF2EF547EC49C4F3A6FE6DF4223A174D01F2C115D49A6F73437C29A2A8458C", 16)))
-        {
-            fail("X value incorrect");
-        }
-
-        DSASigner signer = new DSASigner();
-
-        signer.init(true, new ParametersWithRandom(kp.getPrivate(), new FixedSecureRandom(
-            new FixedSecureRandom.Source[] {
-                new FixedSecureRandom.BigInteger(Hex.decode("0CAF2EF547EC49C4F3A6FE6DF4223A174D01F2C115D49A6F73437C29A2A8458C")),
-                new FixedSecureRandom.Data(Hex.decode("01020304"))
-            })));
-
-        byte[] msg = Hex.decode("BA7816BF8F01CFEA414140DE5DAE2223B00361A396177A9CB410FF61F20015AD");
-
-        BigInteger[] sig = signer.generateSignature(msg);
-
-        if (!sig[0].equals(new BigInteger("315C875DCD4850E948B8AC42824E9483A32D5BA5ABE0681B9B9448D444F2BE3C", 16)))
-        {
-            fail("R value incorrect");
-        }
-
-        if (!sig[1].equals(new BigInteger("89718D12E54A8D9ED066E4A55F7ED5A2229CD23B9A3CEE78F83ED6AA61F6BCB9", 16)))
-        {
-            fail("S value incorrect");
-        }
-
-        signer.init(false, kp.getPublic());
-
-        if (!signer.verifySignature(msg, sig[0], sig[1]))
-        {
-            fail("signature not verified");
-        }
-    }
-
-    private void dsa2Test4()
-    {
-        byte[] seed = Hex.decode("193AFCA7C1E77B3C1ECC618C81322E47B8B8B997C9C83515C59CC446C2D9BD47");
-
-        DSAParametersGenerator pGen = new DSAParametersGenerator(new SHA256Digest());
-
-        pGen.init(new DSAParameterGenerationParameters(3072, 256, 80, new DSATestSecureRandom(seed)));
-
-        DSAParameters params = pGen.generateParameters();
-
-        DSAValidationParameters pv = params.getValidationParameters();
-
-        if (pv.getCounter() != 20)
-        {
-            fail("counter incorrect");
-        }
-
-        if (!Arrays.areEqual(seed, pv.getSeed()))
-        {
-            fail("seed incorrect");
-        }
-
-        if (!params.getQ().equals(new BigInteger("CFA0478A54717B08CE64805B76E5B14249A77A4838469DF7F7DC987EFCCFB11D", 16)))
-        {
-            fail("Q incorrect");
-        }
-
-        if (!params.getP().equals(new BigInteger(
-            "90066455B5CFC38F9CAA4A48B4281F292C260FEEF01FD610" +
-            "37E56258A7795A1C7AD46076982CE6BB956936C6AB4DCFE0" +
-            "5E6784586940CA544B9B2140E1EB523F009D20A7E7880E4E" +
-            "5BFA690F1B9004A27811CD9904AF70420EEFD6EA11EF7DA1" +
-            "29F58835FF56B89FAA637BC9AC2EFAAB903402229F491D8D" +
-            "3485261CD068699B6BA58A1DDBBEF6DB51E8FE34E8A78E54" +
-            "2D7BA351C21EA8D8F1D29F5D5D15939487E27F4416B0CA63" +
-            "2C59EFD1B1EB66511A5A0FBF615B766C5862D0BD8A3FE7A0" +
-            "E0DA0FB2FE1FCB19E8F9996A8EA0FCCDE538175238FC8B0E" +
-            "E6F29AF7F642773EBE8CD5402415A01451A840476B2FCEB0" +
-            "E388D30D4B376C37FE401C2A2C2F941DAD179C540C1C8CE0" +
-            "30D460C4D983BE9AB0B20F69144C1AE13F9383EA1C08504F" +
-            "B0BF321503EFE43488310DD8DC77EC5B8349B8BFE97C2C56" +
-            "0EA878DE87C11E3D597F1FEA742D73EEC7F37BE43949EF1A" +
-            "0D15C3F3E3FC0A8335617055AC91328EC22B50FC15B941D3" +
-            "D1624CD88BC25F3E941FDDC6200689581BFEC416B4B2CB73", 16)))
-        {
-            fail("P incorrect");
-        }
-
-        if (!params.getG().equals(new BigInteger(
-            "5E5CBA992E0A680D885EB903AEA78E4A45A469103D448EDE" +
-            "3B7ACCC54D521E37F84A4BDD5B06B0970CC2D2BBB715F7B8" +
-            "2846F9A0C393914C792E6A923E2117AB805276A975AADB52" +
-            "61D91673EA9AAFFEECBFA6183DFCB5D3B7332AA19275AFA1" +
-            "F8EC0B60FB6F66CC23AE4870791D5982AAD1AA9485FD8F4A" +
-            "60126FEB2CF05DB8A7F0F09B3397F3937F2E90B9E5B9C9B6" +
-            "EFEF642BC48351C46FB171B9BFA9EF17A961CE96C7E7A7CC" +
-            "3D3D03DFAD1078BA21DA425198F07D2481622BCE45969D9C" +
-            "4D6063D72AB7A0F08B2F49A7CC6AF335E08C4720E31476B6" +
-            "7299E231F8BD90B39AC3AE3BE0C6B6CACEF8289A2E2873D5" +
-            "8E51E029CAFBD55E6841489AB66B5B4B9BA6E2F784660896" +
-            "AFF387D92844CCB8B69475496DE19DA2E58259B090489AC8" +
-            "E62363CDF82CFD8EF2A427ABCD65750B506F56DDE3B98856" +
-            "7A88126B914D7828E2B63A6D7ED0747EC59E0E0A23CE7D8A" +
-            "74C1D2C2A7AFB6A29799620F00E11C33787F7DED3B30E1A2" +
-            "2D09F1FBDA1ABBBFBF25CAE05A13F812E34563F99410E73B", 16)))
-        {
-            fail("G incorrect");
-        }
-
-        DSAKeyPairGenerator kpGen = new DSAKeyPairGenerator();
-
-        kpGen.init(new DSAKeyGenerationParameters(new TestRandomData(Hex.decode("3ABC1587297CE7B9EA1AD6651CF2BC4D7F92ED25CABC8553F567D1B40EBB8764")), params));
-
-        AsymmetricCipherKeyPair kp = kpGen.generateKeyPair();
-
-        DSAPublicKeyParameters pub = (DSAPublicKeyParameters)kp.getPublic();
-        DSAPrivateKeyParameters priv = (DSAPrivateKeyParameters)kp.getPrivate();
-
-        if (!pub.getY().equals(new BigInteger(
-            "8B891C8692D3DE875879390F2698B26FBECCA6B075535DCE" +
-            "6B0C862577F9FA0DEF6074E7A7624121224A595896ABD4CD" +
-            "A56B2CEFB942E025D2A4282FFAA98A48CDB47E1A6FCB5CFB" +
-            "393EF35AF9DF913102BB303C2B5C36C3F8FC04ED7B8B69FE" +
-            "FE0CF3E1FC05CFA713B3435B2656E913BA8874AEA9F93600" +
-            "6AEB448BCD005D18EC3562A33D04CF25C8D3D69844343442" +
-            "FA3DB7DE618C5E2DA064573E61E6D5581BFB694A23AC87FD" +
-            "5B52D62E954E1376DB8DDB524FFC0D469DF978792EE44173" +
-            "8E5DB05A7DC43E94C11A2E7A4FBE383071FA36D2A7EC8A93" +
-            "88FE1C4F79888A99D3B6105697C2556B79BB4D7E781CEBB3" +
-            "D4866AD825A5E830846072289FDBC941FA679CA82F5F78B7" +
-            "461B2404DB883D215F4E0676CF5493950AC5591697BFEA8D" +
-            "1EE6EC016B89BA51CAFB5F9C84C989FA117375E94578F28B" +
-            "E0B34CE0545DA46266FD77F62D8F2CEE92AB77012AFEBC11" +
-            "008985A821CD2D978C7E6FE7499D1AAF8DE632C21BB48CA5" +
-            "CBF9F31098FD3FD3854C49A65D9201744AACE540354974F9", 16)))
-        {
-            fail("Y value incorrect");
-        }
-
-        if (!priv.getX().equals(
-            new BigInteger("3ABC1587297CE7B9EA1AD6651CF2BC4D7F92ED25CABC8553F567D1B40EBB8764", 16)))
-        {
-            fail("X value incorrect");
-        }
-
-        DSASigner signer = new DSASigner();
-
-        signer.init(true, new ParametersWithRandom(kp.getPrivate(), new FixedSecureRandom(
-            new FixedSecureRandom.Source[]
-                { new FixedSecureRandom.BigInteger("A6902C1E6E3943C5628061588A8B007BCCEA91DBF12915483F04B24AB0678BEE"),
-                  new FixedSecureRandom.Data(Hex.decode("01020304")) })));
-
-        byte[] msg = Hex.decode("BA7816BF8F01CFEA414140DE5DAE2223B00361A396177A9CB410FF61F20015AD");
-
-        BigInteger[] sig = signer.generateSignature(msg);
-
-        if (!sig[0].equals(new BigInteger("5F184E645A38BE8FB4A6871B6503A9D12924C7ABE04B71410066C2ECA6E3BE3E", 16)))
-        {
-            fail("R value incorrect");
-        }
-
-        if (!sig[1].equals(new BigInteger("91EB0C7BA3D4B9B60B825C3D9F2CADA8A2C9D7723267B033CBCDCF8803DB9C18", 16)))
-        {
-            fail("S value incorrect");
-        }
-
-        signer.init(false, kp.getPublic());
-
-        if (!signer.verifySignature(msg, sig[0], sig[1]))
-        {
-            fail("signature not verified");
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new DSATest());
-    }
-
-    private class DSATestSecureRandom
-        extends TestRandomData
-    {
-        private boolean first = true;
-
-        public DSATestSecureRandom(byte[] value)
-        {
-            super(value);
-        }
-
-       public void nextBytes(byte[] bytes)
-       {
-           if (first)
-           {
-               super.nextBytes(bytes);
-               first = false;
-           }
-           else
-           {
-               bytes[bytes.length - 1] = 2;
-           }
-       }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/DSTU4145Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/DSTU4145Test.java
deleted file mode 100644
index d26e325..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/DSTU4145Test.java
+++ /dev/null

@@ -1,278 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.signers.DSTU4145Signer;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestRandomData;
-
-public class DSTU4145Test
-    extends SimpleTest
-{
-    private static final BigInteger ZERO = BigInteger.valueOf(0);
-    private static final BigInteger ONE = BigInteger.valueOf(1);
-
-    public static void main(String[] args)
-    {
-        runTest(new DSTU4145Test());
-    }
-
-    public String getName()
-    {
-        return "DSTU4145";
-    }
-
-    private void test163()
-        throws Exception
-    {
-        SecureRandom random = new TestRandomData(Hex.decode("01025e40bd97db012b7a1d79de8e12932d247f61c6"));
-
-        byte[] hash = Hex.decode("09c9c44277910c9aaee486883a2eb95b7180166ddf73532eeb76edaef52247ff");
-        for (int i = 0; i < hash.length / 2; i++)
-        {
-            byte tmp = hash[i];
-            hash[i] = hash[hash.length - 1 - i];
-            hash[hash.length - 1 - i] = tmp;
-        }
-
-        BigInteger r = new BigInteger("274ea2c0caa014a0d80a424f59ade7a93068d08a7", 16);
-        BigInteger s = new BigInteger("2100d86957331832b8e8c230f5bd6a332b3615aca", 16);
-
-        ECCurve.F2m curve = new ECCurve.F2m(163, 3, 6, 7, ONE, new BigInteger("5FF6108462A2DC8210AB403925E638A19C1455D21", 16));
-        ECPoint P = curve.createPoint(new BigInteger("72d867f93a93ac27df9ff01affe74885c8c540420", 16), new BigInteger("0224a9c3947852b97c5599d5f4ab81122adc3fd9b", 16));
-        BigInteger n = new BigInteger("400000000000000000002BEC12BE2262D39BCF14D", 16);
-
-        BigInteger d = new BigInteger("183f60fdf7951ff47d67193f8d073790c1c9b5a3e", 16);
-        ECPoint Q = P.multiply(d).negate();
-
-        ECDomainParameters domain = new ECDomainParameters(curve, P, n);
-        CipherParameters privKey = new ParametersWithRandom(new ECPrivateKeyParameters(d, domain), random);
-        ECPublicKeyParameters pubKey = new ECPublicKeyParameters(Q, domain);
-
-        DSTU4145Signer dstuSigner = new DSTU4145Signer();
-        dstuSigner.init(true, privKey);
-        BigInteger[] rs = dstuSigner.generateSignature(hash);
-
-        if (rs[0].compareTo(r) != 0)
-        {
-            fail("r component wrong");
-        }
-
-        if (rs[1].compareTo(s) != 0)
-        {
-            fail("s component wrong");
-        }
-
-        dstuSigner.init(false, pubKey);
-        if (!dstuSigner.verifySignature(hash, r, s))
-        {
-            fail("verification fails");
-        }
-    }
-
-    private void test173()
-        throws Exception
-    {
-        SecureRandom random = new TestRandomData(Hex.decode("0000137449348C1249971759D99C252FFE1E14D8B31F"));
-
-        byte[] hash = Hex.decode("0137187EA862117EF1484289470ECAC802C5A651FDA8");
-        for (int i = 0; i < hash.length / 2; i++)
-        {
-            byte tmp = hash[i];
-            hash[i] = hash[hash.length - 1 - i];
-            hash[hash.length - 1 - i] = tmp;
-        }
-
-        BigInteger r = new BigInteger("13ae89746386709cdbd237cc5ec20ca30004a82ead8", 16);
-        BigInteger s = new BigInteger("3597912cdd093b3e711ccb74a79d3c4ab4c7cccdc60", 16);
-
-        ECCurve.F2m curve = new ECCurve.F2m(173, 1, 2, 10, ZERO, new BigInteger("108576C80499DB2FC16EDDF6853BBB278F6B6FB437D9", 16));
-        ECPoint P = curve.createPoint(new BigInteger("BE6628EC3E67A91A4E470894FBA72B52C515F8AEE9", 16), new BigInteger("D9DEEDF655CF5412313C11CA566CDC71F4DA57DB45C", 16));
-        BigInteger n = new BigInteger("800000000000000000000189B4E67606E3825BB2831", 16);
-
-        BigInteger d = new BigInteger("955CD7E344303D1034E66933DC21C8044D42ADB8", 16);
-        ECPoint Q = P.multiply(d).negate();
-
-        ECDomainParameters domain = new ECDomainParameters(curve, P, n);
-        CipherParameters privKey = new ParametersWithRandom(new ECPrivateKeyParameters(d, domain), random);
-        ECPublicKeyParameters pubKey = new ECPublicKeyParameters(Q, domain);
-
-        DSTU4145Signer dstuSigner = new DSTU4145Signer();
-        dstuSigner.init(true, privKey);
-        BigInteger[] rs = dstuSigner.generateSignature(hash);
-
-        if (rs[0].compareTo(r) != 0)
-        {
-            fail("r component wrong");
-        }
-
-        if (rs[1].compareTo(s) != 0)
-        {
-            fail("s component wrong");
-        }
-
-        dstuSigner.init(false, pubKey);
-        if (!dstuSigner.verifySignature(hash, r, s))
-        {
-            fail("verification fails");
-        }
-    }
-
-    private void test283()
-        throws Exception
-    {
-        SecureRandom random = new TestRandomData(Hex.decode("00000000245383CB3AD41BF30F5F7E8FBA858509B2D5558C92D539A6D994BFA98BC6940E"));
-
-        byte[] hash = Hex.decode("0137187EA862117EF1484289470ECAC802C5A651FDA8");
-        for (int i = 0; i < hash.length / 2; i++)
-        {
-            byte tmp = hash[i];
-            hash[i] = hash[hash.length - 1 - i];
-            hash[hash.length - 1 - i] = tmp;
-        }
-
-        BigInteger r = new BigInteger("12a5edcc38d92208ff23036d75b000c7e4bc0f9af2d40b35f15d6fd15e01234e67781a8", 16);
-        BigInteger s = new BigInteger("2de0775577f75b643cf5afc80d4fe10b21100690f17e2cab7bdc9b50ec87c5727aeb515", 16);
-
-        ECCurve.F2m curve = new ECCurve.F2m(283, 5, 7, 12, ONE, new BigInteger("27B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5", 16));
-        ECPoint P = curve.createPoint(new BigInteger("4D95820ACE761110824CE425C8089129487389B7F0E0A9D043DDC0BB0A4CC9EB25", 16), new BigInteger("954C9C4029B2C62DE35C2B9C2A164984BF1101951E3A68ED03DF234DDE5BB2013152F2", 16));
-        BigInteger n = new BigInteger("3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307", 16);
-
-        BigInteger d = new BigInteger("B844EEAF15213E4BAD4FB84796D68F2448DB8EB7B4621EC0D51929874892C43E", 16);
-        ECPoint Q = P.multiply(d).negate();
-
-        ECDomainParameters domain = new ECDomainParameters(curve, P, n);
-        CipherParameters privKey = new ParametersWithRandom(new ECPrivateKeyParameters(d, domain), random);
-        ECPublicKeyParameters pubKey = new ECPublicKeyParameters(Q, domain);
-
-        DSTU4145Signer dstuSigner = new DSTU4145Signer();
-        dstuSigner.init(true, privKey);
-        BigInteger[] rs = dstuSigner.generateSignature(hash);
-
-        if (rs[0].compareTo(r) != 0)
-        {
-            fail("r component wrong");
-        }
-
-        if (rs[1].compareTo(s) != 0)
-        {
-            fail("s component wrong");
-        }
-
-        dstuSigner.init(false, pubKey);
-        if (!dstuSigner.verifySignature(hash, r, s))
-        {
-            fail("verification fails");
-        }
-    }
-
-    private void test431()
-        throws Exception
-    {
-        SecureRandom random = new TestRandomData(Hex.decode("0000C4224DBBD800988DBAA39DE838294C345CDA5F5929D1174AA8D9340A5E79D10ACADE6B53CF873E7301A3871C2073AD75AB530457"));
-
-        byte[] hash = Hex.decode("0137187EA862117EF1484289470ECAC802C5A651FDA8");
-        for (int i = 0; i < hash.length / 2; i++)
-        {
-            byte tmp = hash[i];
-            hash[i] = hash[hash.length - 1 - i];
-            hash[hash.length - 1 - i] = tmp;
-        }
-
-        BigInteger r = new BigInteger("1911fefb1f494bebcf8dffdf5276946ff9c9f662192ee18c718db47310a439c784fe07577b16e1edbe16179876e0792a634f1c9c3a2e", 16);
-        BigInteger s = new BigInteger("3852170ee801c2083c52f1ea77b987a5432acecd9c654f064e87bf179e0a397151edbca430082e43bd38a67b55424b5bbc7f2713f620", 16);
-
-        ECCurve.F2m curve = new ECCurve.F2m(431, 1, 3, 5, ONE, new BigInteger("3CE10490F6A708FC26DFE8C3D27C4F94E690134D5BFF988D8D28AAEAEDE975936C66BAC536B18AE2DC312CA493117DAA469C640CAF3", 16));
-        ECPoint P = curve.createPoint(new BigInteger("9548BCDF314CEEEAF099C780FFEFBF93F9FE5B5F55547603C9C8FC1A2774170882B3BE35E892C6D4296B8DEA282EC30FB344272791", 16), new BigInteger("4C6CBD7C62A8EEEFDE17A8B5E196E49A22CE6DE128ABD9FBD81FA4411AD5A38E2A810BEDE09A7C6226BCDCB4A4A5DA37B4725E00AA74", 16));
-        BigInteger n = new BigInteger("3FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFBA3175458009A8C0A724F02F81AA8A1FCBAF80D90C7A95110504CF", 16);
-
-        BigInteger d = new BigInteger("D0F97354E314191FD773E2404F478C8AEE0FF5109F39E6F37D1FEEC8B2ED1691D84C9882CC729E716A71CC013F66CAC60E29E22C", 16);
-        ECPoint Q = P.multiply(d).negate();
-
-        ECDomainParameters domain = new ECDomainParameters(curve, P, n);
-        CipherParameters privKey = new ParametersWithRandom(new ECPrivateKeyParameters(d, domain), random);
-        ECPublicKeyParameters pubKey = new ECPublicKeyParameters(Q, domain);
-
-        DSTU4145Signer dstuSigner = new DSTU4145Signer();
-        dstuSigner.init(true, privKey);
-        BigInteger[] rs = dstuSigner.generateSignature(hash);
-
-        if (rs[0].compareTo(r) != 0)
-        {
-            fail("r component wrong");
-        }
-
-        if (rs[1].compareTo(s) != 0)
-        {
-            fail("s component wrong");
-        }
-
-        dstuSigner.init(false, pubKey);
-        if (!dstuSigner.verifySignature(hash, r, s))
-        {
-            fail("verification fails");
-        }
-    }
-
-    private void testTruncation()
-    {
-        SecureRandom random = new TestRandomData(Hex.decode("0000C4224DBBD800988DBAA39DE838294C345CDA5F5929D1174AA8D9340A5E79D10ACADE6B53CF873E7301A3871C2073AD75AB530457"));
-
-        // use extra long "hash" with set bits...
-        byte[] hash = Hex.decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF");
-
-        ECCurve.F2m curve = new ECCurve.F2m(173, 1, 2, 10, ZERO, new BigInteger("108576C80499DB2FC16EDDF6853BBB278F6B6FB437D9", 16));
-        ECPoint P = curve.createPoint(new BigInteger("BE6628EC3E67A91A4E470894FBA72B52C515F8AEE9", 16), new BigInteger("D9DEEDF655CF5412313C11CA566CDC71F4DA57DB45C", 16));
-        BigInteger n = new BigInteger("800000000000000000000189B4E67606E3825BB2831", 16);
-
-        BigInteger d = new BigInteger("955CD7E344303D1034E66933DC21C8044D42ADB8", 16);
-        ECPoint Q = P.multiply(d).negate();
-
-        ECDomainParameters domain = new ECDomainParameters(curve, P, n);
-        CipherParameters privKey = new ParametersWithRandom(new ECPrivateKeyParameters(d, domain), random);
-        ECPublicKeyParameters pubKey = new ECPublicKeyParameters(Q, domain);
-
-        DSTU4145Signer dstuSigner = new DSTU4145Signer();
-        dstuSigner.init(true, privKey);
-        BigInteger[] rs = dstuSigner.generateSignature(hash);
-
-        BigInteger r = new BigInteger("6bb5c0cb82e5067485458ebfe81025f03b687c63a27", 16);
-        BigInteger s = new BigInteger("34d6b1868969b86ecf934167c8fe352c63d1074bd", 16);
-
-        if (rs[0].compareTo(r) != 0)
-        {
-            fail("r component wrong");
-        }
-
-        if (rs[1].compareTo(s) != 0)
-        {
-            fail("s component wrong");
-        }
-
-        dstuSigner.init(false, pubKey);
-        if (!dstuSigner.verifySignature(hash, rs[0], rs[1]))
-        {
-            fail("verification fails");
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        test163();
-        test173();
-        test283();
-        test431();
-        testTruncation();
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/DSTU7564Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/DSTU7564Test.java
deleted file mode 100644
index 3589b3b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/DSTU7564Test.java
+++ /dev/null

@@ -1,624 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.DSTU7564Digest;
-import org.bouncycastle.crypto.macs.DSTU7564Mac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-
-public class DSTU7564Test
-    extends DigestTest
-{
-
-    private static String[] messages =
-        {
-            "",
-            "a",
-            "abc",
-            "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
-        };
-
-    private static String[] digests =
-        {
-            "cd5101d1ccdf0d1d1f4ada56e888cd724ca1a0838a3521e7131d4fb78d0f5eb6",
-            "c51a1d639596fb613d86557314a150c40f8fff3de48bc93a3b03c161f4105ee4",
-            "0bd1b36109f1318411a0517315aa46b8839df06622a278676f5487996c9cfc04",
-            "02621dbb53f2c7001be64d7308ecb80d21ba7797c92e98d1efc240d41e4c414b"
-        };
-
-    protected Digest cloneDigest(Digest digest)
-    {
-        return new DSTU7564Digest((DSTU7564Digest)digest);
-    }
-
-    public DSTU7564Test()
-    {
-        super(new DSTU7564Digest(256), messages, digests);
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new DSTU7564Test());
-    }
-
-    public void performTest()
-    {
-        super.performTest();
-
-        hash256Tests();
-        hash384Tests();
-        hash512Tests();
-        macTests();
-        overflowTest();
-    }
-
-    private void overflowTest()
-    {
-        int macBitSize = 256;
-        byte[] input = new byte[1024];
-        for (int i = 0; i != input.length; i++)
-        {
-            input[i] = (byte)(i & 0xff);
-        }
-        byte[] key = Hex.decode("1F1E1D1C1B1A191817161514131211100F0E0D0C0B0A09080706050403020100");
-
-        byte[] expectedMac = Hex.decode("165382df70adcb040b17c1aced117d26d598b239ab631271a05f6d0f875ae9ea");
-        byte[] mac = new byte[macBitSize / 8];
-
-        DSTU7564Mac dstu7564mac = new DSTU7564Mac(macBitSize);
-
-        dstu7564mac.init(new KeyParameter(key));
-        dstu7564mac.update(input, 0, input.length);
-        dstu7564mac.doFinal(mac, 0);
-
-        if (!Arrays.areEqual(expectedMac, mac))
-        {
-            fail("Failed overflow test 1 - expected "
-                + Hex.toHexString(expectedMac)
-                + " got " + Hex.toHexString(mac));
-        }
-
-        macBitSize = 256;
-        input = new byte[1023];
-        for (int i = 0; i != input.length; i++)
-        {
-            input[i] = (byte)(i & 0xff);
-        }
-        key = Hex.decode("1F1E1D1C1B1A191817161514131211100F0E0D0C0B0A09080706050403020100");
-
-        expectedMac = Hex.decode("ed45f163e694d990d2d835dca2f3f869a55a31396c8138161b190d5914d50686");
-        mac = new byte[macBitSize / 8];
-
-        dstu7564mac = new DSTU7564Mac(macBitSize);
-
-        dstu7564mac.init(new KeyParameter(key));
-        dstu7564mac.update(input, 0, input.length);
-        dstu7564mac.doFinal(mac, 0);
-
-        if (!Arrays.areEqual(expectedMac, mac))
-        {
-            fail("Failed overflow test 2 - expected "
-                + Hex.toHexString(expectedMac)
-                + " got " + Hex.toHexString(mac));
-        }
-
-        DSTU7564Digest digest = new DSTU7564Digest(macBitSize);
-        byte[] expectedDigest = Hex.decode("6bfc5ec8c1f5963fbed89da115d86e9330634eca341dd42fd94a7007e4af7942");
-        byte[] digestBuf = new byte[macBitSize / 8];
-
-        digest.update(input, 0, input.length);
-        digest.doFinal(digestBuf, 0);
-
-        if (!Arrays.areEqual(expectedDigest, digestBuf))
-        {
-            fail("Failed overflow test 3 - expected "
-                + Hex.toHexString(expectedDigest)
-                + " got " + Hex.toHexString(digestBuf));
-        }
-
-        expectedDigest = Hex.decode("6f8f0a3f8261af77581ab01cb89d4cb5ed87ca1d9954f11d5586e94b45c82fb8");
-
-        input = new byte[51];
-        for (int i = 0; i != input.length; i++)
-        {
-            input[i] = (byte)(i & 0xff);
-        }
-
-        digest.update(input, 0, input.length);
-        digest.doFinal(digestBuf, 0);
-
-        if (!Arrays.areEqual(expectedDigest, digestBuf))
-        {
-            fail("Failed overflow test 4 - expected "
-                + Hex.toHexString(expectedDigest)
-                + " got " + Hex.toHexString(digestBuf));
-        }
-
-        input = new byte[52];
-        for (int i = 0; i != input.length; i++)
-        {
-            input[i] = (byte)(i & 0xff);
-        }
-
-        expectedDigest = Hex.decode("8b6fe2ba77e684b2a1ac82232f4efc49f681cd18c82a0cfff530186a2fc642d2");
-
-        digest.update(input, 0, input.length);
-        digest.doFinal(digestBuf, 0);
-
-        if (!Arrays.areEqual(expectedDigest, digestBuf))
-        {
-            fail("Failed overflow test 5 - expected "
-                + Hex.toHexString(expectedDigest)
-                + " got " + Hex.toHexString(digestBuf));
-        }
-
-
-        input = new byte[53];
-        for (int i = 0; i != input.length; i++)
-        {
-            input[i] = (byte)(i & 0xff);
-        }
-
-        expectedDigest = Hex.decode("837f2b0cbe39a4defdfcb44272288d4091cab850161c70695d7831fc5f00e171");
-
-        digest.update(input, 0, input.length);
-        digest.doFinal(digestBuf, 0);
-
-        if (!Arrays.areEqual(expectedDigest, digestBuf))
-        {
-            fail("Failed overflow test 6 - expected "
-                + Hex.toHexString(expectedDigest)
-                + " got " + Hex.toHexString(digestBuf));
-        }
-
-        input = new byte[54];
-        for (int i = 0; i != input.length; i++)
-        {
-            input[i] = (byte)(i & 0xff);
-        }
-
-        expectedDigest = Hex.decode("21d423d5b8c7f18a0da42cdd95b36b66344125e2adc6edeab5899926442113bc");
-
-        digest.update(input, 0, input.length);
-        digest.doFinal(digestBuf, 0);
-
-        if (!Arrays.areEqual(expectedDigest, digestBuf))
-        {
-            fail("Failed overflow test 7 - expected "
-                + Hex.toHexString(expectedDigest)
-                + " got " + Hex.toHexString(digestBuf));
-        }
-
-        input = new byte[55];
-        for (int i = 0; i != input.length; i++)
-        {
-            input[i] = (byte)(i & 0xff);
-        }
-
-        expectedDigest = Hex.decode("0e7bf74464b81b3ae7d904170776d29f4b02a7227da578dd562d01027af7fd0e");
-
-        digest.update(input, 0, input.length);
-        digest.doFinal(digestBuf, 0);
-
-        if (!Arrays.areEqual(expectedDigest, digestBuf))
-        {
-            fail("Failed overflow test 8 - expected "
-                + Hex.toHexString(expectedDigest)
-                + " got " + Hex.toHexString(digestBuf));
-        }
-
-        input = new byte[56];
-        for (int i = 0; i != input.length; i++)
-        {
-            input[i] = (byte)(i & 0xff);
-        }
-
-        expectedDigest = Hex.decode("badea1f49cbcec94acec52b4c695acdddd786cca5a6763929f341a58c5134b3b");
-
-        digest.update(input, 0, input.length);
-        digest.doFinal(digestBuf, 0);
-
-        if (!Arrays.areEqual(expectedDigest, digestBuf))
-        {
-            fail("Failed overflow test 9 - expected "
-                + Hex.toHexString(expectedDigest)
-                + " got " + Hex.toHexString(digestBuf));
-        }
-
-        input = new byte[57];
-        for (int i = 0; i != input.length; i++)
-        {
-            input[i] = (byte)(i & 0xff);
-        }
-
-        expectedDigest = Hex.decode("a13b5f6f53ee043292ed65b66c1d49759be4d2fe0c2f6148f2416487965f7bde");
-
-        digest.update(input, 0, input.length);
-        digest.doFinal(digestBuf, 0);
-
-        if (!Arrays.areEqual(expectedDigest, digestBuf))
-        {
-            fail("Failed overflow test 10 - expected "
-                + Hex.toHexString(expectedDigest)
-                + " got " + Hex.toHexString(digestBuf));
-        }
-
-        input = new byte[63];
-        for (int i = 0; i != input.length; i++)
-        {
-            input[i] = (byte)(i & 0xff);
-        }
-
-        expectedDigest = Hex.decode("03a44a02c9ffafb43addb290bbcf3b8168f624e8cbd332dc6a9dc7df9d39cbc2");
-
-        digest.update(input, 0, input.length);
-        digest.doFinal(digestBuf, 0);
-
-        if (!Arrays.areEqual(expectedDigest, digestBuf))
-        {
-            fail("Failed overflow test 11 - expected "
-                + Hex.toHexString(expectedDigest)
-                + " got " + Hex.toHexString(digestBuf));
-        }
-
-        input = new byte[64];
-        for (int i = 0; i != input.length; i++)
-        {
-            input[i] = (byte)(i & 0xff);
-        }
-
-        expectedDigest = Hex.decode("08f4ee6f1be6903b324c4e27990cb24ef69dd58dbe84813ee0a52f6631239875");
-
-        digest.update(input, 0, input.length);
-        digest.doFinal(digestBuf, 0);
-
-        if (!Arrays.areEqual(expectedDigest, digestBuf))
-        {
-            fail("Failed overflow test 12 - expected "
-                + Hex.toHexString(expectedDigest)
-                + " got " + Hex.toHexString(digestBuf));
-        }
-
-        input = new byte[65];
-        for (int i = 0; i != input.length; i++)
-        {
-            input[i] = (byte)(i & 0xff);
-        }
-
-        expectedDigest = Hex.decode("a81c2fb92351f370050b7c36cd51736d5603a50ec1106cbd5fe1c9be2e5c77a6");
-
-        digest.update(input, 0, input.length);
-        digest.doFinal(digestBuf, 0);
-
-        if (!Arrays.areEqual(expectedDigest, digestBuf))
-        {
-            fail("Failed overflow test 13 - expected "
-                + Hex.toHexString(expectedDigest)
-                + " got " + Hex.toHexString(digestBuf));
-        }
-    }
-
-    private void macTests()
-    {
-
-        //test1
-        int macBitSize = 256;
-        byte[] input = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E");
-        byte[] key = Hex.decode("1F1E1D1C1B1A191817161514131211100F0E0D0C0B0A09080706050403020100");
-
-        byte[] expectedMac = Hex.decode("B60594D56FA79BA210314C72C2495087CCD0A99FC04ACFE2A39EF669925D98EE");
-        byte[] mac = new byte[macBitSize / 8];
-
-        DSTU7564Mac dstu7564mac = new DSTU7564Mac(macBitSize);
-
-        dstu7564mac.init(new KeyParameter(key));
-        dstu7564mac.update(input, 0, input.length);
-        dstu7564mac.doFinal(mac, 0);
-
-        if (!Arrays.areEqual(expectedMac, mac))
-        {
-            fail("Failed mac test 1 - expected "
-                + Hex.toHexString(expectedMac)
-                + " got " + Hex.toHexString(mac));
-        }
-
-        //test1a
-        input = Hex.decode("0001020304050607");
-        key = Hex.decode("08F4EE6F1BE6903B324C4E27990CB24EF69DD58DBE84813EE0A52F6631239875");
-
-        expectedMac = Hex.decode("383A0B11989ABF61B2CF3EB489351EB7C9AEF70CF5A9D6DBD90F340FF151BA2D");
-        mac = new byte[macBitSize / 8];
-
-        dstu7564mac = new DSTU7564Mac(macBitSize);
-
-        dstu7564mac.init(new KeyParameter(key));
-        dstu7564mac.update(input, 0, input.length);
-        dstu7564mac.doFinal(mac, 0);
-
-        if (!Arrays.areEqual(expectedMac, mac))
-        {
-            fail("Failed mac test 1a - expected "
-                + Hex.toHexString(expectedMac)
-                + " got " + Hex.toHexString(mac));
-        }
-
-        //test 2
-        macBitSize = 384;
-        input = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E");
-        key = Hex.decode("2F2E2D2C2B2A292827262524232221201F1E1D1C1B1A191817161514131211100F0E0D0C0B0A09080706050403020100");
-
-        expectedMac = Hex.decode("BEBFD8D730336F043ABACB41829E79A4D320AEDDD8D14024D5B805DA70C396FA295C281A38B30AE728A304B3F5AE490E");
-        mac = new byte[macBitSize / 8];
-
-        dstu7564mac = new DSTU7564Mac(macBitSize);
-
-        dstu7564mac.init(new KeyParameter(key));
-        dstu7564mac.update(input, 0, input.length);
-        dstu7564mac.doFinal(mac, 0);
-
-        if (!Arrays.areEqual(expectedMac, mac))
-        {
-            fail("Failed mac test 2 - expected "
-                + Hex.toHexString(expectedMac)
-                + " got " + Hex.toHexString(mac));
-        }
-
-        //test 3
-        macBitSize = 512;
-        input = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E");
-        key = Hex.decode("3F3E3D3C3B3A393837363534333231302F2E2D2C2B2A292827262524232221201F1E1D1C1B1A191817161514131211100F0E0D0C0B0A09080706050403020100");
-
-        expectedMac = Hex.decode("F270043C06A5C37E65D9D791C5FBFB966E5EE709F8F54019C9A55B76CA40B70100579F269CEC24E347A9D864614CF3ABBF6610742E4DB3BD2ABC000387C49D24");
-        mac = new byte[macBitSize / 8];
-
-        dstu7564mac = new DSTU7564Mac(macBitSize);
-
-        dstu7564mac.init(new KeyParameter(key));
-        dstu7564mac.update(input, 0, input.length);
-        dstu7564mac.doFinal(mac, 0);
-
-        if (!Arrays.areEqual(expectedMac, mac))
-        {
-            fail("Failed mac test 3 - expected "
-                + Hex.toHexString(expectedMac)
-                + " got " + Hex.toHexString(mac));
-        }
-    }
-
-    private void hash512Tests()
-    {
-
-        int hashBitSize = 512;
-
-        //test 1
-        byte[] input = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F");
-        byte[] expectedHash = Hex.decode("3813E2109118CDFB5A6D5E72F7208DCCC80A2DFB3AFDFB02F46992B5EDBE536B3560DD1D7E29C6F53978AF58B444E37BA685C0DD910533BA5D78EFFFC13DE62A");
-        byte[] hash = new byte[hashBitSize / 8];
-
-
-        DSTU7564Digest dstu7564 = new DSTU7564Digest(hashBitSize);
-        dstu7564.update(input, 0, input.length);
-        dstu7564.doFinal(hash, 0);
-
-        if (!Arrays.areEqual(expectedHash, hash))
-        {
-            fail("Failed hash-512 test 1 - expected "
-                + Hex.toHexString(expectedHash)
-                + " got " + Hex.toHexString(hash));
-        }
-
-        //test 2
-        input = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F");
-        expectedHash = Hex.decode("76ED1AC28B1D0143013FFA87213B4090B356441263C13E03FA060A8CADA32B979635657F256B15D5FCA4A174DE029F0B1B4387C878FCC1C00E8705D783FD7FFE");
-        hash = new byte[hashBitSize / 8];
-
-
-        dstu7564 = new DSTU7564Digest(hashBitSize);
-        dstu7564.update(input, 0, input.length);
-        dstu7564.doFinal(hash, 0);
-
-        if (!Arrays.areEqual(expectedHash, hash))
-        {
-            fail("Failed hash-512 test 2 - expected "
-                + Hex.toHexString(expectedHash)
-                + " got " + Hex.toHexString(hash));
-        }
-
-        //test 3
-        input = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF");
-        expectedHash = Hex.decode("0DD03D7350C409CB3C29C25893A0724F6B133FA8B9EB90A64D1A8FA93B56556611EB187D715A956B107E3BFC76482298133A9CE8CBC0BD5E1436A5B197284F7E");
-        hash = new byte[hashBitSize / 8];
-
-
-        dstu7564 = new DSTU7564Digest(hashBitSize);
-        dstu7564.update(input, 0, input.length);
-        dstu7564.doFinal(hash, 0);
-
-        if (!Arrays.areEqual(expectedHash, hash))
-        {
-            fail("Failed hash-512 test 3 - expected "
-                + Hex.toHexString(expectedHash)
-                + " got " + Hex.toHexString(hash));
-        }
-
-        //test 4
-        input = Hex.decode("FF");
-        expectedHash = Hex.decode("871B18CF754B72740307A97B449ABEB32B64444CC0D5A4D65830AE5456837A72D8458F12C8F06C98C616ABE11897F86263B5CB77C420FB375374BEC52B6D0292");
-        hash = new byte[hashBitSize / 8];
-
-
-        dstu7564 = new DSTU7564Digest(hashBitSize);
-        dstu7564.update(input, 0, input.length);
-        dstu7564.doFinal(hash, 0);
-
-        if (!Arrays.areEqual(expectedHash, hash))
-        {
-            fail("Failed hash-512 test 4 - expected "
-                + Hex.toHexString(expectedHash)
-                + " got " + Hex.toHexString(hash));
-        }
-
-        //test 5
-        input = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF");
-        expectedHash = Hex.decode("B189BFE987F682F5F167F0D7FA565330E126B6E592B1C55D44299064EF95B1A57F3C2D0ECF17869D1D199EBBD02E8857FB8ADD67A8C31F56CD82C016CF743121");
-        hash = new byte[hashBitSize / 8];
-
-
-        dstu7564 = new DSTU7564Digest(hashBitSize);
-        dstu7564.update(input, 0, input.length);
-        dstu7564.doFinal(hash, 0);
-
-        if (!Arrays.areEqual(expectedHash, hash))
-        {
-            fail("Failed hash-512 test 5 - expected "
-                + Hex.toHexString(expectedHash)
-                + " got " + Hex.toHexString(hash));
-        }
-
-
-        //test 6
-        input = Hex.decode("");
-        expectedHash = Hex.decode("656B2F4CD71462388B64A37043EA55DBE445D452AECD46C3298343314EF04019BCFA3F04265A9857F91BE91FCE197096187CEDA78C9C1C021C294A0689198538");
-        hash = new byte[hashBitSize / 8];
-
-
-        dstu7564 = new DSTU7564Digest(hashBitSize);
-        dstu7564.update(input, 0, input.length);
-        dstu7564.doFinal(hash, 0);
-
-        if (!Arrays.areEqual(expectedHash, hash))
-        {
-            fail("Failed hash-512 test 6 - expected "
-                + Hex.toHexString(expectedHash)
-                + " got " + Hex.toHexString(hash));
-        }
-    }
-
-    private void hash384Tests()
-    {
-
-        int hashBitSize = 384;
-
-        //test 1
-        byte[] input = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E");
-        byte[] expectedHash = Hex.decode("D9021692D84E5175735654846BA751E6D0ED0FAC36DFBC0841287DCB0B5584C75016C3DECC2A6E47C50B2F3811E351B8");
-        byte[] hash = new byte[hashBitSize / 8];
-
-
-        DSTU7564Digest dstu7564 = new DSTU7564Digest(hashBitSize);
-        dstu7564.update(input, 0, input.length);
-        dstu7564.doFinal(hash, 0);
-
-        if (!Arrays.areEqual(expectedHash, hash))
-        {
-            fail("Failed hash-384 test 1 - expected "
-                + Hex.toHexString(expectedHash)
-                + " got " + Hex.toHexString(hash));
-        }
-    }
-
-    private void hash256Tests()
-    {
-
-        int hashBitSize = 256;
-
-        //test 1
-        byte[] input = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F");
-        byte[] expectedHash = Hex.decode("08F4EE6F1BE6903B324C4E27990CB24EF69DD58DBE84813EE0A52F6631239875");
-        byte[] hash = new byte[hashBitSize / 8];
-
-
-        DSTU7564Digest dstu7564 = new DSTU7564Digest(hashBitSize);
-        dstu7564.update(input, 0, input.length);
-        dstu7564.doFinal(hash, 0);
-
-        if (!Arrays.areEqual(expectedHash, hash))
-        {
-            fail("Failed hash-256 test 1 - expected "
-                + Hex.toHexString(expectedHash)
-                + " got " + Hex.toHexString(hash));
-        }
-
-        //test 2
-        input = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F");
-        expectedHash = Hex.decode("0A9474E645A7D25E255E9E89FFF42EC7EB31349007059284F0B182E452BDA882");
-        hash = new byte[hashBitSize / 8];
-
-
-        dstu7564 = new DSTU7564Digest(hashBitSize);
-        dstu7564.update(input, 0, input.length);
-        dstu7564.doFinal(hash, 0);
-
-        if (!Arrays.areEqual(expectedHash, hash))
-        {
-            fail("Failed hash-256 test 2 - expected "
-                + Hex.toHexString(expectedHash)
-                + " got " + Hex.toHexString(hash));
-        }
-
-        //test 3
-        input = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF");
-        expectedHash = Hex.decode("D305A32B963D149DC765F68594505D4077024F836C1BF03806E1624CE176C08F");
-        hash = new byte[hashBitSize / 8];
-
-        dstu7564 = new DSTU7564Digest(hashBitSize);
-        dstu7564.update(input, 0, input.length);
-        dstu7564.doFinal(hash, 0);
-
-        if (!Arrays.areEqual(expectedHash, hash))
-        {
-            fail("Failed hash-256 test 3 - expected "
-                + Hex.toHexString(expectedHash)
-                + " got " + Hex.toHexString(hash));
-        }
-
-        //test 4
-        input = Hex.decode("FF");
-        expectedHash = Hex.decode("EA7677CA4526555680441C117982EA14059EA6D0D7124D6ECDB3DEEC49E890F4");
-        hash = new byte[hashBitSize / 8];
-
-        dstu7564 = new DSTU7564Digest(hashBitSize);
-        dstu7564.update(input, 0, input.length);
-        dstu7564.doFinal(hash, 0);
-
-        if (!Arrays.areEqual(expectedHash, hash))
-        {
-            fail("Failed hash-256 test 4 - expected "
-                + Hex.toHexString(expectedHash)
-                + " got " + Hex.toHexString(hash));
-        }
-
-        //test 5
-        input = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E");
-        expectedHash = Hex.decode("1075C8B0CB910F116BDA5FA1F19C29CF8ECC75CAFF7208BA2994B68FC56E8D16");
-        hash = new byte[hashBitSize / 8];
-
-        dstu7564 = new DSTU7564Digest(hashBitSize);
-        dstu7564.update(input, 0, input.length);
-        dstu7564.doFinal(hash, 0);
-
-        if (!Arrays.areEqual(expectedHash, hash))
-        {
-            fail("Failed hash-256 test 5 - expected "
-                + Hex.toHexString(expectedHash)
-                + " got " + Hex.toHexString(hash));
-        }
-
-        //test 6
-        input = Hex.decode("");
-        expectedHash = Hex.decode("CD5101D1CCDF0D1D1F4ADA56E888CD724CA1A0838A3521E7131D4FB78D0F5EB6");
-        hash = new byte[hashBitSize / 8];
-
-        dstu7564 = new DSTU7564Digest(hashBitSize);
-        dstu7564.update(input, 0, input.length);
-        dstu7564.doFinal(hash, 0);
-
-        if (!Arrays.areEqual(expectedHash, hash))
-        {
-            fail("Failed hash-256 test 6 - expected "
-                + Hex.toHexString(expectedHash)
-                + " got " + Hex.toHexString(hash));
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/DSTU7624Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/DSTU7624Test.java
deleted file mode 100644
index b8b73aa..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/DSTU7624Test.java
+++ /dev/null

@@ -1,1439 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.engines.DSTU7624Engine;
-import org.bouncycastle.crypto.engines.DSTU7624WrapEngine;
-import org.bouncycastle.crypto.macs.DSTU7624Mac;
-import org.bouncycastle.crypto.macs.KGMac;
-import org.bouncycastle.crypto.modes.AEADBlockCipher;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.modes.CFBBlockCipher;
-import org.bouncycastle.crypto.modes.KCCMBlockCipher;
-import org.bouncycastle.crypto.modes.KCTRBlockCipher;
-import org.bouncycastle.crypto.modes.KGCMBlockCipher;
-import org.bouncycastle.crypto.modes.KXTSBlockCipher;
-import org.bouncycastle.crypto.modes.OFBBlockCipher;
-import org.bouncycastle.crypto.params.AEADParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class DSTU7624Test
-    extends CipherTest
-{
-    private static final SecureRandom RANDOM = new SecureRandom();
-    
-    private static byte[] randomBytes(int min, int max)
-    {
-        int count = min + RNGUtils.nextInt(RANDOM,max - min);
-        byte[] result = new byte[count];
-        RANDOM.nextBytes(result);
-        return result;
-    }
-
-    static SimpleTest[] tests =
-        {
-            //ECB mode
-            new BlockCipherVectorTest(0, new DSTU7624Engine(128), new KeyParameter(Hex.decode("000102030405060708090A0B0C0D0E0F")), "101112131415161718191A1B1C1D1E1F", "81BF1C7D779BAC20E1C9EA39B4D2AD06"),
-            new BlockCipherVectorTest(1, new DSTU7624Engine(128), new KeyParameter(Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F")), "202122232425262728292A2B2C2D2E2F", "58EC3E091000158A1148F7166F334F14"),
-            new BlockCipherVectorTest(2, new DSTU7624Engine(256), new KeyParameter(Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F")), "202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F", "F66E3D570EC92135AEDAE323DCBD2A8CA03963EC206A0D5A88385C24617FD92C"),
-            new BlockCipherVectorTest(3, new DSTU7624Engine(256), new KeyParameter(Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F")), "404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F", "606990E9E6B7B67A4BD6D893D72268B78E02C83C3CD7E102FD2E74A8FDFE5DD9"),
-            new BlockCipherVectorTest(4, new DSTU7624Engine(512), new KeyParameter(Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F")), "404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F", "4A26E31B811C356AA61DD6CA0596231A67BA8354AA47F3A13E1DEEC320EB56B895D0F417175BAB662FD6F134BB15C86CCB906A26856EFEB7C5BC6472940DD9D9"),
-
-            //CBC mode
-            new BlockCipherVectorTest(5, new CBCBlockCipher(new DSTU7624Engine(128)), new ParametersWithIV(new KeyParameter(Hex.decode("000102030405060708090A0B0C0D0E0F")), Hex.decode("101112131415161718191A1B1C1D1E1F")), "202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F", "A73625D7BE994E85469A9FAABCEDAAB6DBC5F65DD77BB35E06BD7D1D8EAFC8624D6CB31CE189C82B8979F2936DE9BF14"),
-            new BlockCipherVectorTest(6, new CBCBlockCipher(new DSTU7624Engine(128)), new ParametersWithIV(new KeyParameter(Hex.decode("0F0E0D0C0B0A09080706050403020100")), Hex.decode("1F1E1D1C1B1A19181716151413121110")), "88F2F048BA696170E3818915E0DBC0AFA6F141FEBC2F817138DA4AAB2DBF9CE490A488C9C82AC83FB0A6C0EEB64CFD22", "4F4E4D4C4B4A494847464544434241403F3E3D3C3B3A393837363534333231302F2E2D2C2B2A29282726252423222120"),
-            new BlockCipherVectorTest(7, new CBCBlockCipher(new DSTU7624Engine(128)), new ParametersWithIV(new KeyParameter(Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F")), Hex.decode("202122232425262728292A2B2C2D2E2F")), "303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D8000", "13EA15843AD14C50BC03ECEF1F43E398E4217752D3EB046AC393DACC5CA1D6FA0EB9FCEB229362B4F1565527EE3D8433"),
-            new BlockCipherVectorTest(8, new CBCBlockCipher(new DSTU7624Engine(128)), new ParametersWithIV(new KeyParameter(Hex.decode("1F1E1D1C1B1A191817161514131211100F0E0D0C0B0A09080706050403020100")), Hex.decode("2F2E2D2C2B2A29282726252423222120")), "BC8F026FC603ECE05C24FDE87542730999B381870882AC0535D4368C4BABD81B884E96E853EE7E055262D9D204FBE212", "5F5E5D5C5B5A595857565554535251504F4E4D4C4B4A494847464544434241403F3E3D3C3B3A39383736353433323130"),
-            new BlockCipherVectorTest(9, new CBCBlockCipher(new DSTU7624Engine(256)), new ParametersWithIV(new KeyParameter(Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F")), Hex.decode("202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F")), "404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9F", "9CDFDAA75929E7C2A5CFC1BF16B42C5AE3886D0258E8C577DC01DAF62D185FB999B9867736B87110F5F1BC7481912C593F48FF79E2AFDFAB9F704A277EC3E557B1B0A9F223DAE6ED5AF591C4F2D6FB22E48334F5E9B96B1A2EA5200F30A406CE"),
-            new BlockCipherVectorTest(10, new CBCBlockCipher(new DSTU7624Engine(256)), new ParametersWithIV(new KeyParameter(Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F")), Hex.decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F")), "606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF", "B8A2474578C2FEBF3F94703587BD5FDC3F4A4D2F43575B6144A1E1031FB3D1452B7FD52F5E3411461DAC506869FF8D2FAEF4FEE60379AE00B33AA3EAF911645AF8091CD8A45D141D1FB150E5A01C1F26FF3DBD26AC4225EC7577B2CE57A5B0FF"),
-            new BlockCipherVectorTest(11, new CBCBlockCipher(new DSTU7624Engine(256)), new ParametersWithIV(new KeyParameter(Hex.decode("3F3E3D3C3B3A393837363534333231302F2E2D2C2B2A292827262524232221201F1E1D1C1B1A191817161514131211100F0E0D0C0B0A09080706050403020100")), Hex.decode("5F5E5D5C5B5A595857565554535251504F4E4D4C4B4A49484746454443424140")), "C69A59E10D00F087319B62288A57417C074EAD07C732A87055F0A5AD2BB288105705C45E091A9A6726E9672DC7D8C76FC45C782BCFEF7C39D94DEB84B17035BC8651255A0D34373451B6E1A2C827DB97566C9FF5506C5579F982A0EFC5BA7C28", "BFBEBDBCBBBAB9B8B7B6B5B4B3B2B1B0AFAEADACABAAA9A8A7A6A5A4A3A2A1A09F9E9D9C9B9A999897969594939291908F8E8D8C8B8A898887868584838281807F7E7D7C7B7A797877767574737271706F6E6D6C6B6A69686766656463626160"),
-            new BlockCipherVectorTest(12, new CBCBlockCipher(new DSTU7624Engine(512)), new ParametersWithIV(new KeyParameter(Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F")), Hex.decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F")), "808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF", "D4739B829EF901B24C1162AE4FDEF897EDA41FAC7F5770CDC90E1D1CDF124E8D7831E06B4498A4B6F6EC815DF2461DC99BB0449B0F09FCAA2C84090534BCC9329626FD74EF8F0A0BCB5765184629C3CBF53B0FB134F6D0421174B1C4E884D1CD1069A7AD19752DCEBF655842E79B7858BDE01390A760D85E88925BFE38B0FA57"),
-            new BlockCipherVectorTest(13, new CBCBlockCipher(new DSTU7624Engine(512)), new ParametersWithIV(new KeyParameter(Hex.decode("3F3E3D3C3B3A393837363534333231302F2E2D2C2B2A292827262524232221201F1E1D1C1B1A191817161514131211100F0E0D0C0B0A09080706050403020100")), Hex.decode("7F7E7D7C7B7A797877767574737271706F6E6D6C6B6A696867666564636261605F5E5D5C5B5A595857565554535251504F4E4D4C4B4A49484746454443424140")), "5D5B3E3DE5BAA70E0A0684D458856CE759C6018D0B3F087FC1DAC101D380236DD934F2880B02D56A575BCA35A0CE4B0D9BA1F4A39C16CA7D80D59956630F09E54EC91E32B6830FE08323ED393F8028D150BF03CAD0629A5AFEEFF6E44257980618DB2F32B7B2B65B96E8451F1090829D2FFFC615CC1581E9221438DCEAD1FD12", "FFFEFDFCFBFAF9F8F7F6F5F4F3F2F1F0EFEEEDECEBEAE9E8E7E6E5E4E3E2E1E0DFDEDDDCDBDAD9D8D7D6D5D4D3D2D1D0CFCECDCCCBCAC9C8C7C6C5C4C3C2C1C0BFBEBDBCBBBAB9B8B7B6B5B4B3B2B1B0AFAEADACABAAA9A8A7A6A5A4A3A2A1A09F9E9D9C9B9A999897969594939291908F8E8D8C8B8A89888786858483828180"),
-
-            //CFB mode
-            new BlockCipherVectorTest(14, new CFBBlockCipher(new DSTU7624Engine(128), 128), new ParametersWithIV(new KeyParameter(Hex.decode("000102030405060708090A0B0C0D0E0F")), Hex.decode("101112131415161718191A1B1C1D1E1F")), "202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F", "A19E3E5E53BE8A07C9E0C01298FF83291F8EE6212110BE3FA5C72C88A082520B265570FE28680719D9B4465E169BC37A"),
-
-            //OFB mode
-            new BlockCipherVectorTest(15, new OFBBlockCipher(new DSTU7624Engine(128), 128), new ParametersWithIV(new KeyParameter(Hex.decode("000102030405060708090A0B0C0D0E0F")), Hex.decode("101112131415161718191A1B1C1D1E1F")), "202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F", "A19E3E5E53BE8A07C9E0C01298FF832953205C661BD85A51F3A94113BC785CAB634B36E89A8FDD16A12E4467F5CC5A26"),
-            new BlockCipherVectorTest(16, new OFBBlockCipher(new DSTU7624Engine(128), 128), new ParametersWithIV(new KeyParameter(Hex.decode("0F0E0D0C0B0A09080706050403020100")), Hex.decode("1F1E1D1C1B1A19181716151413121110")), "649A1EAAE160AF20F5B3EF2F58D66C1178B82E00D26F30689C8EC22E8E86E9CBB0BD4FFEE39EB13C2311276A906DD636", "4F4E4D4C4B4A494847464544434241403F3E3D3C3B3A393837363534333231302F2E2D2C2B2A29282726252423222120"),
-            new BlockCipherVectorTest(17, new OFBBlockCipher(new DSTU7624Engine(128), 128), new ParametersWithIV(new KeyParameter(Hex.decode("1F1E1D1C1B1A191817161514131211100F0E0D0C0B0A09080706050403020100")), Hex.decode("2F2E2D2C2B2A29282726252423222120")), "1A66CFBFEC00C6D52E39923E858DD64B214AB787798D3D5059A6B498AD66B34EAC48C4074BEC0D98C6", "5F5E5D5C5B5A595857565554535251504F4E4D4C4B4A494847464544434241403F3E3D3C3B3A393837"),
-            new BlockCipherVectorTest(18, new OFBBlockCipher(new DSTU7624Engine(256), 256), new ParametersWithIV(new KeyParameter(Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F")), Hex.decode("202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F")), "404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F90", "B62F7F144A8C6772E693A96890F064C3F06831BF743F5B0DD061067F3D22877331AA6A99D939F05B7550E9402BD1615CC7B2D4A167E83EC0D8A894F92C72E176F3880B61C311D69CE1210C59184E818E19"),
-            new BlockCipherVectorTest(19, new OFBBlockCipher(new DSTU7624Engine(256), 256), new ParametersWithIV(new KeyParameter(Hex.decode("1F1E1D1C1B1A191817161514131211100F0E0D0C0B0A09080706050403020100")), Hex.decode("3F3E3D3C3B3A393837363534333231302F2E2D2C2B2A29282726252423222120")), "7758A939DD6BD00CAF9153E5A5D5A66129105CA1EA54A97C06FA4A40960A068F55E34F9339A14436216948F92FA2FB5286D3AB1E81543FC0018A0C4E8C493475F4D35DCFB0A7A5377F6669B857CDC978E4", "9F9E9D9C9B9A999897969594939291908F8E8D8C8B8A898887868584838281807F7E7D7C7B7A797877767574737271706F6E6D6C6B6A696867666564636261605F5E5D5C5B5A595857565554535251504F"),
-            new BlockCipherVectorTest(20, new OFBBlockCipher(new DSTU7624Engine(256), 256), new ParametersWithIV(new KeyParameter(Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F")), Hex.decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F")), "606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0", "0008F28A82D2D01D23BFB2F8BB4F06D8FE73BA4F48A2977585570ED3818323A668883C9DCFF610CC7E3EA5C025FBBC5CA6520F8F11CA35CEB9B07031E6DBFABE39001E9A3CC0A24BBC565939592B4DEDBD"),
-            new BlockCipherVectorTest(21, new OFBBlockCipher(new DSTU7624Engine(256), 256), new ParametersWithIV(new KeyParameter(Hex.decode("3F3E3D3C3B3A393837363534333231302F2E2D2C2B2A292827262524232221201F1E1D1C1B1A191817161514131211100F0E0D0C0B0A09080706050403020100")), Hex.decode("5F5E5D5C5B5A595857565554535251504F4E4D4C4B4A49484746454443424140")), "98E122708FDABB1B1A5765C396DC79D7573221EC486ADDABD1770B147A6DD00B5FBC4F1EC68C59775B7AAA4D43C4CCE4F396D982DF64D30B03EF6C3B997BA0ED940BBC590BD30D64B5AE207147D71086B5", "BFBEBDBCBBBAB9B8B7B6B5B4B3B2B1B0AFAEADACABAAA9A8A7A6A5A4A3A2A1A09F9E9D9C9B9A999897969594939291908F8E8D8C8B8A898887868584838281807F7E7D7C7B7A797877767574737271706F"),
-            new BlockCipherVectorTest(22, new OFBBlockCipher(new DSTU7624Engine(512), 512), new ParametersWithIV(new KeyParameter(Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F")), Hex.decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F")), "808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0", "CAA761980599B3ED2E945C41891BAD95F72B11C73ED26536A6847458BC76C827357156B4B3FE0DC1877F5B9F17B866C37B21D89531DB48007D05DEC928B06766C014BB9080385EDF0677E48A0A39B5E7489E28E82FFFD1F84694F17296CB701656"),
-            new BlockCipherVectorTest(23, new OFBBlockCipher(new DSTU7624Engine(512), 512), new ParametersWithIV(new KeyParameter(Hex.decode("3F3E3D3C3B3A393837363534333231302F2E2D2C2B2A292827262524232221201F1E1D1C1B1A191817161514131211100F0E0D0C0B0A09080706050403020100")), Hex.decode("7F7E7D7C7B7A797877767574737271706F6E6D6C6B6A696867666564636261605F5E5D5C5B5A595857565554535251504F4E4D4C4B4A49484746454443424140")), "06C061A4A66DFC0910034B3CFBDC4206D8908241C56BF41C4103CFD6DF322210B87F57EAE9F9AD815E606A7D1E8E6BD7CB1EBFBDBCB085C2D06BF3CC1586CB2EE1D81D38437F425131321647E42F5DE309D33F25B89DE37124683E4B44824FC56D", "EFEEEDECEBEAE9E8E7E6E5E4E3E2E1E0DFDEDDDCDBDAD9D8D7D6D5D4D3D2D1D0CFCECDCCCBCAC9C8C7C6C5C4C3C2C1C0BFBEBDBCBBBAB9B8B7B6B5B4B3B2B1B0AFAEADACABAAA9A8A7A6A5A4A3A2A1A09F9E9D9C9B9A999897969594939291908F"),
-
-            //CTR mode
-            new BlockCipherVectorTest(24, new KCTRBlockCipher(new DSTU7624Engine(128)), new ParametersWithIV(new KeyParameter(Hex.decode("000102030405060708090A0B0C0D0E0F")), Hex.decode("101112131415161718191A1B1C1D1E1F")), "202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748", "A90A6B9780ABDFDFF64D14F5439E88F266DC50EDD341528DD5E698E2F000CE21F872DAF9FE1811844A"),
-            new BlockCipherVectorTest(25, new KCTRBlockCipher(new DSTU7624Engine(128)), new ParametersWithIV(new KeyParameter(Hex.decode("000102030405060708090A0B0C0D0E0F")), Hex.decode("101112131415161718191A1B1C1D1E1F")), "303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F", "B91A7B8790BBCFCFE65D04E5538E98E216AC209DA33122FDA596E8928070BE51"),
-            new StreamCipherVectorTest(26, new KCTRBlockCipher(new DSTU7624Engine(128)), new ParametersWithIV(new KeyParameter(Hex.decode("000102030405060708090A0B0C0D0E0F")), Hex.decode("101112131415161718191A1B1C1D1E1F")), "202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748", "A90A6B9780ABDFDFF64D14F5439E88F266DC50EDD341528DD5E698E2F000CE21F872DAF9FE1811844A"),
-            new StreamCipherVectorTest(27, new KCTRBlockCipher(new DSTU7624Engine(128)), new ParametersWithIV(new KeyParameter(Hex.decode("000102030405060708090A0B0C0D0E0F")), Hex.decode("101112131415161718191A1B1C1D1E1F")), "303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F", "B91A7B8790BBCFCFE65D04E5538E98E216AC209DA33122FDA596E8928070BE51")
-        };
-
-
-    public DSTU7624Test()
-    {
-        super(tests, new DSTU7624Engine(128), new KeyParameter(new byte[16]));
-    }
-
-    public String getName()
-    {
-        return "DSTU7624";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        super.performTest();
-
-        MacTests();
-        KeyWrapTests();
-        CCMModeTests();
-        XTSModeTests();
-        GCMModeTests();
-    }
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new DSTU7624Test());
-    }
-
-
-    private void MacTests()
-    {
-
-        //test 1
-        byte[] key = Hex.decode("000102030405060708090A0B0C0D0E0F");
-
-        byte[] authtext = Hex.decode("202122232425262728292A2B2C2D2E2F" +
-            "303132333435363738393A3B3C3D3E3F" +
-            "404142434445464748494A4B4C4D4E4F");
-
-        byte[] expectedMac = Hex.decode("123B4EAB8E63ECF3E645A99C1115E241");
-
-        byte[] mac = new byte[expectedMac.length];
-
-        DSTU7624Mac dstu7624Mac = new DSTU7624Mac(128, 128);
-        dstu7624Mac.init(new KeyParameter(key));
-        dstu7624Mac.update(authtext, 0, authtext.length);
-        dstu7624Mac.doFinal(mac, 0);
-
-        if (!Arrays.areEqual(mac, expectedMac))
-        {
-            fail("Failed MAC test 1 - expected "
-                + Hex.toHexString(expectedMac)
-                + " got " + Hex.toHexString(mac));
-        }
-
-
-        //test 2
-        key = Hex.decode("000102030405060708090A0B0C0D0E0F" +
-            "101112131415161718191A1B1C1D1E1F" +
-            "202122232425262728292A2B2C2D2E2F" +
-            "303132333435363738393A3B3C3D3E3F");
-
-        authtext = Hex.decode("404142434445464748494A4B4C4D4E4F" +
-            "505152535455565758595A5B5C5D5E5F" +
-            "606162636465666768696A6B6C6D6E6F" +
-            "707172737475767778797A7B7C7D7E7F" +
-            "808182838485868788898A8B8C8D8E8F" +
-            "909192939495969798999A9B9C9D9E9F" +
-            "A0A1A2A3A4A5A6A7A8A9AAABACADAEAF" +
-            "B0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF");
-
-        expectedMac = Hex.decode("7279FA6BC8EF7525B2B35260D00A1743");
-
-        dstu7624Mac = new DSTU7624Mac(512, 128);
-        dstu7624Mac.init(new KeyParameter(key));
-        dstu7624Mac.update(authtext, 0, authtext.length);
-        dstu7624Mac.doFinal(mac, 0);
-
-        if (!Arrays.areEqual(mac, expectedMac))
-        {
-            fail("Failed MAC test 2 - expected "
-                + Hex.toHexString(expectedMac)
-                + " got " + Hex.toHexString(mac));
-        }
-    }
-
-    private void KeyWrapTests()
-        throws Exception
-    {
-        //test 1
-        /*
-         * Initial implementation had bugs handling offset and length correctly, so for
-         * this first test case we embed the input inside a larger buffer.
-         */
-        byte[] textA = randomBytes(1, 64);
-        byte[] textB = randomBytes(1, 64);
-        byte[] textToWrap = Arrays.concatenate(new byte[][]{ textA, Hex.decode("101112131415161718191A1B1C1D1E1F"), textB });
-
-        byte[] key = Hex.decode("000102030405060708090A0B0C0D0E0F");
-        byte[] expectedWrappedText = Hex.decode("1DC91DC6E52575F6DBED25ADDA95A1B6AD3E15056E489738972C199FB9EE2913");
-        byte[] output = new byte[expectedWrappedText.length];
-
-        DSTU7624WrapEngine wrapper = new DSTU7624WrapEngine(128);
-        wrapper.init(true, new KeyParameter(key));
-        output = wrapper.wrap(textToWrap, textA.length, textToWrap.length - textA.length - textB.length);
-
-        if (!Arrays.areEqual(output, expectedWrappedText))
-        {
-            fail("Failed KW (wrapping) test 1 - expected "
-                + Hex.toHexString(expectedWrappedText)
-                + " got " + Hex.toHexString(output));
-        }
-
-        output = Arrays.concatenate(new byte[][]{ textB, output, textA });
-
-        wrapper.init(false, new KeyParameter(key));
-        output = wrapper.unwrap(output, textB.length, output.length - textB.length - textA.length);
-
-        byte[] expected = Arrays.copyOfRange(textToWrap, textA.length, textToWrap.length - textB.length);
-        if (!Arrays.areEqual(output, expected))
-        {
-            fail("Failed KW (unwrapping) test 1 - expected "
-                + Hex.toHexString(expected)
-                + " got " + Hex.toHexString(output));
-        }
-
-        //test 2
-        key = Hex.decode("000102030405060708090A0B0C0D0E0F");
-        textToWrap = Hex.decode("101112131415161718191A1B1C1D1E1F20219000000000000000800000000000");
-        expectedWrappedText = Hex.decode("0EA983D6CE48484D51462C32CC61672210FCC44196ABE635BAF878FDB83E1A63114128585D49DB355C5819FD38039169");
-
-        output = new byte[expectedWrappedText.length];
-
-        wrapper.init(true, new KeyParameter(key));
-        output = wrapper.wrap(textToWrap, 0, textToWrap.length);
-
-
-        if (!Arrays.areEqual(output, expectedWrappedText))
-        {
-            fail("Failed KW (wrapping) test 2 - expected "
-                + Hex.toHexString(expectedWrappedText)
-                + " got " + Hex.toHexString(output));
-        }
-
-
-        wrapper.init(false, new KeyParameter(key));
-
-        output = wrapper.unwrap(expectedWrappedText, 0, expectedWrappedText.length);
-        if (!Arrays.areEqual(output, textToWrap))
-        {
-            fail("Failed KW (unwrapping) test 2 - expected "
-                + Hex.toHexString(textToWrap)
-                + " got " + Hex.toHexString(output));
-        }
-
-        //test 3
-        key = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F");
-        textToWrap = Hex.decode("202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F");
-        expectedWrappedText = Hex.decode("2D09A7C18E6A5A0816331EC27CEA596903F77EC8D63F3BDB73299DE7FD9F4558E05992B0B24B39E02EA496368E0841CC1E3FA44556A3048C5A6E9E335717D17D");
-
-        output = new byte[expectedWrappedText.length];
-
-        wrapper = new DSTU7624WrapEngine(128);
-        wrapper.init(true, new KeyParameter(key));
-        output = wrapper.wrap(textToWrap, 0, textToWrap.length);
-
-
-        if (!Arrays.areEqual(output, expectedWrappedText))
-        {
-            fail("Failed KW (wrapping) test 3 - expected "
-                + Hex.toHexString(expectedWrappedText)
-                + " got " + Hex.toHexString(output));
-        }
-
-        wrapper.init(false, new KeyParameter(key));
-
-        output = wrapper.unwrap(expectedWrappedText, 0, expectedWrappedText.length);
-
-        if (!Arrays.areEqual(output, textToWrap))
-        {
-            fail("Failed KW (unwrapping) test 3 - expected "
-                + Hex.toHexString(textToWrap)
-                + " got " + Hex.toHexString(output));
-        }
-
-        //test 4
-        key = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F");
-        textToWrap = Hex.decode("202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464E8040000000000020");
-        expectedWrappedText = Hex.decode("37E3EECB91150C6FA04CFD19D6FC57B7168C9FA5C5ED18601C68EE4AFD7301F8C8C51D7A0A5CD34F6FAB0D8AF11845CC1E4B16E0489FDA1D76BA4EFCFD161F76");
-
-        output = new byte[expectedWrappedText.length];
-
-        wrapper = new DSTU7624WrapEngine(128);
-        wrapper.init(true, new KeyParameter(key));
-        output = wrapper.wrap(textToWrap, 0, textToWrap.length);
-
-
-        if (!Arrays.areEqual(output, expectedWrappedText))
-        {
-            fail("Failed KW (wrapping) test 4 - expected "
-                + Hex.toHexString(expectedWrappedText)
-                + " got " + Hex.toHexString(output));
-        }
-
-        wrapper.init(false, new KeyParameter(key));
-
-        output = wrapper.unwrap(expectedWrappedText, 0, expectedWrappedText.length);
-
-        if (!Arrays.areEqual(output, textToWrap))
-        {
-            fail("Failed KW (unwrapping) test 4 - expected "
-                + Hex.toHexString(textToWrap)
-                + " got " + Hex.toHexString(output));
-        }
-
-        //test 5
-        key = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F");
-        textToWrap = Hex.decode("202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F");
-        expectedWrappedText = Hex.decode("BE59D3C3C31B2685A8FA57CD000727F16AF303F0D87BC2D7ABD80DC2796BBC4CDBC4E0408943AF4DAF7DE9084DC81BFEF15FDCDD0DF399983DF69BF730D7AE2A199CA4F878E4723B7171DD4D1E8DF59C0F25FA0C20946BA64F9037D724BB1D50B6C2BD9788B2AF83EF6163087CD2D4488BC19F3A858D813E3A8947A529B6D65D");
-
-        output = new byte[expectedWrappedText.length];
-
-        wrapper = new DSTU7624WrapEngine(256);
-        wrapper.init(true, new KeyParameter(key));
-        output = wrapper.wrap(textToWrap, 0, textToWrap.length);
-
-
-        if (!Arrays.areEqual(output, expectedWrappedText))
-        {
-            fail("Failed KW (wrapping) test 5 - expected "
-                + Hex.toHexString(expectedWrappedText)
-                + " got " + Hex.toHexString(output));
-        }
-
-        wrapper.init(false, new KeyParameter(key));
-
-        output = wrapper.unwrap(expectedWrappedText, 0, expectedWrappedText.length);
-
-        if (!Arrays.areEqual(output, textToWrap))
-        {
-            fail("Failed KW (unwrapping) test 5 - expected "
-                + Hex.toHexString(textToWrap)
-                + " got " + Hex.toHexString(output));
-        }
-    }
-
-    private void CCMModeTests()
-        throws Exception
-    {
-        //test 1
-        byte[] key = Hex.decode("000102030405060708090a0b0c0d0e0f");
-        byte[] iv = Hex.decode("101112131415161718191a1b1c1d1e1f");
-        byte[] input = Hex.decode("303132333435363738393a3b3c3d3e3f");
-        byte[] authText = Hex.decode("202122232425262728292a2b2c2d2e2f");
-
-        byte[] expectedMac = Hex.decode("26a936173a4dc9160d6e3fda3a974060");
-        byte[] expectedEncrypted = Hex.decode("b91a7b8790bbcfcfe65d04e5538e98e2704454c9dd39adace0b19d03f6aab07e");
-
-        byte[] mac;
-        byte[] encrypted = new byte[expectedEncrypted.length];
-
-        byte[] decrypted = new byte[encrypted.length];
-        byte[] expectedDecrypted = new byte[input.length + expectedMac.length];
-        System.arraycopy(input, 0, expectedDecrypted, 0, input.length);
-        System.arraycopy(expectedMac, 0, expectedDecrypted, input.length, expectedMac.length);
-        int len;
-
-
-        AEADParameters param = new AEADParameters(new KeyParameter(key), 128, iv);
-
-        KCCMBlockCipher dstu7624ccm = new KCCMBlockCipher(new DSTU7624Engine(128));
-
-        dstu7624ccm.init(true, param);
-
-        dstu7624ccm.processAADBytes(authText, 0, authText.length);
-
-        len = dstu7624ccm.processBytes(input, 0, input.length, encrypted, 0);
-
-
-        dstu7624ccm.doFinal(encrypted, len);
-
-        mac = dstu7624ccm.getMac();
-
-        if (!Arrays.areEqual(mac, expectedMac))
-        {
-            fail("Failed CCM mac test 1 - expected "
-                + Hex.toHexString(expectedMac)
-                + " got " + Hex.toHexString(mac));
-        }
-
-        if (!Arrays.areEqual(encrypted, expectedEncrypted))
-        {
-            fail("Failed CCM encrypt test 1 - expected "
-                + Hex.toHexString(expectedEncrypted)
-                + " got " + Hex.toHexString(encrypted));
-        }
-
-        dstu7624ccm.init(false, param);
-
-        dstu7624ccm.processAADBytes(authText, 0, authText.length);
-
-        len = dstu7624ccm.processBytes(expectedEncrypted, 0, expectedEncrypted.length, decrypted, 0);
-
-        dstu7624ccm.doFinal(decrypted, len);
-
-        if (!Arrays.areEqual(decrypted, expectedDecrypted))
-        {
-            fail("Failed CCM decrypt/verify mac test 1 - expected "
-                + Hex.toHexString(expectedDecrypted)
-                + " got " + Hex.toHexString(decrypted));
-        }
-
-        //test 2
-        key = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F");
-        iv = Hex.decode("202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F");
-        input = Hex.decode("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9F");
-        authText = Hex.decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F");
-
-        expectedMac = Hex.decode("9AB831B4B0BF0FDBC36E4B4FD58F0F00");
-        expectedEncrypted = Hex.decode("7EC15C54BB553CB1437BE0EFDD2E810F6058497EBCE4408A08A73FADF3F459D56B0103702D13AB73ACD2EB33A8B5E9CFFF5EB21865A6B499C10C810C4BAEBE809C48AD90A9E12A68380EF1C1B7C83EE1");
-
-        mac = new byte[expectedMac.length];
-        encrypted = new byte[expectedEncrypted.length];
-
-        decrypted = new byte[encrypted.length];
-        expectedDecrypted = new byte[input.length + expectedMac.length];
-        System.arraycopy(input, 0, expectedDecrypted, 0, input.length);
-        System.arraycopy(expectedMac, 0, expectedDecrypted, input.length, expectedMac.length);
-
-
-        param = new AEADParameters(new KeyParameter(key), 128, iv);
-
-        dstu7624ccm = new KCCMBlockCipher(new DSTU7624Engine(256));
-
-        dstu7624ccm.init(true, param);
-
-        dstu7624ccm.processAADBytes(authText, 0, authText.length);
-
-        len = dstu7624ccm.processBytes(input, 0, input.length, encrypted, 0);
-
-        dstu7624ccm.doFinal(encrypted, len);
-
-        mac = dstu7624ccm.getMac();
-
-        if (!Arrays.areEqual(mac, expectedMac))
-        {
-            fail("Failed CCM mac test 2 - expected "
-                + Hex.toHexString(expectedMac)
-                + " got " + Hex.toHexString(mac));
-        }
-
-        if (!Arrays.areEqual(encrypted, expectedEncrypted))
-        {
-            fail("Failed CCM encrypt test 2 - expected "
-                + Hex.toHexString(expectedEncrypted)
-                + " got " + Hex.toHexString(encrypted));
-        }
-
-        dstu7624ccm.init(false, param);
-
-        dstu7624ccm.processAADBytes(authText, 0, authText.length);
-
-        len = dstu7624ccm.processBytes(expectedEncrypted, 0, expectedEncrypted.length, decrypted, 0);
-
-        dstu7624ccm.doFinal(decrypted, len);
-
-        if (!Arrays.areEqual(decrypted, expectedDecrypted))
-        {
-            fail("Failed CCM decrypt/verify mac test 2 - expected "
-                + Hex.toHexString(expectedDecrypted)
-                + " got " + Hex.toHexString(decrypted));
-        }
-
-        //test 3
-        key = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F");
-        iv = Hex.decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F");
-        input = Hex.decode("808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF");
-        authText = Hex.decode("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F");
-
-        expectedMac = Hex.decode("924FA0326824355595C98028E84D86279CEA9135FAB35F22054AE3203E68AE46");
-        expectedEncrypted = Hex.decode("3EBDB4584B5169A26FBEBA0295B4223F58D5D8A031F2950A1D7764FAB97BA058E9E2DAB90FF0C519AA88435155A71B7B53BB100F5D20AFFAC0552F5F2813DEE8DD3653491737B9615A5CCD83DB32F1E479BF227C050325BBBFF60BCA9558D7FE");
-
-        mac = new byte[expectedMac.length];
-        encrypted = new byte[expectedEncrypted.length];
-
-        decrypted = new byte[encrypted.length];
-        expectedDecrypted = new byte[input.length + expectedMac.length];
-        System.arraycopy(input, 0, expectedDecrypted, 0, input.length);
-        System.arraycopy(expectedMac, 0, expectedDecrypted, input.length, expectedMac.length);
-
-
-        param = new AEADParameters(new KeyParameter(key), 256, iv);
-
-        dstu7624ccm = new KCCMBlockCipher(new DSTU7624Engine(256), 6);
-
-        dstu7624ccm.init(true, param);
-
-        dstu7624ccm.processAADBytes(authText, 0, authText.length);
-
-        len = dstu7624ccm.processBytes(input, 0, input.length, encrypted, 0);
-
-        dstu7624ccm.doFinal(encrypted, len);
-
-        mac = dstu7624ccm.getMac();
-
-        if (!Arrays.areEqual(mac, expectedMac))
-        {
-            fail("Failed CCM mac test 3 - expected "
-                + Hex.toHexString(expectedMac)
-                + " got " + Hex.toHexString(mac));
-        }
-
-        if (!Arrays.areEqual(encrypted, expectedEncrypted))
-        {
-            fail("Failed CCM encrypt test 3 - expected "
-                + Hex.toHexString(expectedEncrypted)
-                + " got " + Hex.toHexString(encrypted));
-        }
-
-        dstu7624ccm.init(false, param);
-
-        dstu7624ccm.processAADBytes(authText, 0, authText.length);
-
-        len = dstu7624ccm.processBytes(expectedEncrypted, 0, expectedEncrypted.length, decrypted, 0);
-
-        dstu7624ccm.doFinal(decrypted, len);
-
-        if (!Arrays.areEqual(decrypted, expectedDecrypted))
-        {
-            fail("Failed CCM decrypt/verify mac test 3 - expected "
-                + Hex.toHexString(expectedDecrypted)
-                + " got " + Hex.toHexString(decrypted));
-        }
-
-        //test 4
-        key = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F");
-        iv = Hex.decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F");
-        input = Hex.decode("C0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF");
-        authText = Hex.decode("808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF");
-
-        expectedMac = Hex.decode("D4155EC3D888C8D32FE184AC260FD60F567705E1DF362A6F1F9C287156AA96D91BC4C56F9709E72F3D79CF0A9AC8BDC2BA836BE50E823AB50FB1B39080390923");
-        expectedEncrypted = Hex.decode("220642D7277D104788CF97B10210984F506435512F7BF153C5CDABFECC10AFB4A2E2FC51F616AF80FFDD0607FAD4F542B8EF0667717CE3EAAA8FBC303CE76C99BD8F80CE149143C04FC2490272A31B029DDADA82F055FE4ABEF452A7D438B21E59C1D8B3DD4606BAD66A6F36300EF3CE0E5F3BB59F11416E80B7FC5A8E8B057A");
-
-        mac = new byte[expectedMac.length];
-        encrypted = new byte[expectedEncrypted.length];
-
-        decrypted = new byte[encrypted.length];
-        expectedDecrypted = new byte[input.length + expectedMac.length];
-        System.arraycopy(input, 0, expectedDecrypted, 0, input.length);
-        System.arraycopy(expectedMac, 0, expectedDecrypted, input.length, expectedMac.length);
-
-
-        param = new AEADParameters(new KeyParameter(key), 512, iv);
-
-        dstu7624ccm = new KCCMBlockCipher(new DSTU7624Engine(512), 8);
-
-        dstu7624ccm.init(true, param);
-
-        dstu7624ccm.processAADBytes(authText, 0, authText.length);
-
-        len = dstu7624ccm.processBytes(input, 0, input.length, encrypted, 0);
-
-        dstu7624ccm.doFinal(encrypted, len);
-
-        mac = dstu7624ccm.getMac();
-
-        if (!Arrays.areEqual(mac, expectedMac))
-        {
-            fail("Failed CCM mac test 4 - expected "
-                + Hex.toHexString(expectedMac)
-                + " got " + Hex.toHexString(mac));
-        }
-
-        if (!Arrays.areEqual(encrypted, expectedEncrypted))
-        {
-            fail("Failed CCM encrypt test 4 - expected "
-                + Hex.toHexString(expectedEncrypted)
-                + " got " + Hex.toHexString(encrypted));
-        }
-
-        dstu7624ccm.init(false, param);
-
-        dstu7624ccm.processAADBytes(authText, 0, authText.length);
-
-        len = dstu7624ccm.processBytes(expectedEncrypted, 0, expectedEncrypted.length, decrypted, 0);
-
-        dstu7624ccm.doFinal(decrypted, len);
-
-        if (!Arrays.areEqual(decrypted, expectedDecrypted))
-        {
-            fail("Failed CCM decrypt/verify mac test 4 - expected "
-                + Hex.toHexString(expectedDecrypted)
-                + " got " + Hex.toHexString(decrypted));
-        }
-
-        doFinalTest(new KCCMBlockCipher(new DSTU7624Engine(512), 8), key, iv, authText, input, expectedEncrypted);
-    }
-
-    private void XTSModeTests()
-        throws Exception
-    {
-
-        //test 1
-        byte[] key = Hex.decode("000102030405060708090A0B0C0D0E0F");
-        byte[] iv = Hex.decode("101112131415161718191A1B1C1D1E1F");
-        byte[] plainText = Hex.decode("202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F");
-
-        byte[] output = new byte[plainText.length];
-        byte[] expectedCipherText = Hex.decode("B3E431B3FBAF31108C302669EE7116D1CF518B6D329D30618DF5628E426BDEF1");
-
-        byte[] decrypted = new byte[plainText.length];
-
-
-        int len;
-
-        KXTSBlockCipher dstu7624xts = new KXTSBlockCipher(new DSTU7624Engine(128));
-        ParametersWithIV param = new ParametersWithIV(new KeyParameter(key), iv);
-
-        dstu7624xts.init(true, param);
-        len = dstu7624xts.processBytes(plainText, 0, plainText.length, output, 0);
-
-        dstu7624xts.doFinal(output, len);
-
-        if (!Arrays.areEqual(output, expectedCipherText))
-        {
-            fail("Failed XTS encrypt test 1 - expected "
-                + Hex.toHexString(expectedCipherText)
-                + " got " + Hex.toHexString(output));
-        }
-
-
-        dstu7624xts.init(false, param);
-        len = dstu7624xts.processBytes(expectedCipherText, 0, expectedCipherText.length, decrypted, 0);
-        dstu7624xts.doFinal(decrypted, len);
-
-        if (!Arrays.areEqual(decrypted, plainText))
-        {
-            fail("Failed XTS decrypt test 1 - expected "
-                + Hex.toHexString(plainText)
-                + " got " + Hex.toHexString(decrypted));
-        }
-
-        //test 2
-        key = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F");
-        iv = Hex.decode("202122232425262728292A2B2C2D2E2F");
-        plainText = Hex.decode("303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F");
-
-        output = new byte[plainText.length];
-        expectedCipherText = Hex.decode("830AC78A6F629CB4C7D5D156FD84955BD0998CA1E0BC1FF135676BF2A2598FA1");
-
-        decrypted = new byte[plainText.length];
-
-
-        dstu7624xts = new KXTSBlockCipher(new DSTU7624Engine(128));
-        param = new ParametersWithIV(new KeyParameter(key), iv);
-
-        dstu7624xts.init(true, param);
-        len = dstu7624xts.processBytes(plainText, 0, plainText.length, output, 0);
-        dstu7624xts.doFinal(output, len);
-
-        if (!Arrays.areEqual(output, expectedCipherText))
-        {
-            fail("Failed XTS encrypt test 2 - expected "
-                + Hex.toHexString(expectedCipherText)
-                + " got " + Hex.toHexString(output));
-        }
-
-
-        dstu7624xts.init(false, param);
-        len = dstu7624xts.processBytes(expectedCipherText, 0, expectedCipherText.length, decrypted, 0);
-        dstu7624xts.doFinal(decrypted, len);
-
-        if (!Arrays.areEqual(decrypted, plainText))
-        {
-            fail("Failed XTS decrypt test 2 - expected "
-                + Hex.toHexString(plainText)
-                + " got " + Hex.toHexString(decrypted));
-        }
-
-
-        //test 3
-        key = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F");
-        iv = Hex.decode("202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F");
-        plainText = Hex.decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9F");
-
-        output = new byte[plainText.length];
-        expectedCipherText = Hex.decode("E0E51EAEA6A3134600758EA7F87E88025D8B82897C8DB099B843054C3A51883756913571530BA8FA23003E337627E698674B807E847EC6B2292627736562F9F62B2DE9E6AAC5DF74C09A0C5CF80280174AEC9BDD4E73F7D63EDBC29A6922637A");
-
-        decrypted = new byte[plainText.length];
-
-        dstu7624xts = new KXTSBlockCipher(new DSTU7624Engine(256));
-        param = new ParametersWithIV(new KeyParameter(key), iv);
-
-        dstu7624xts.init(true, param);
-        len = dstu7624xts.processBytes(plainText, 0, plainText.length, output, 0);
-        dstu7624xts.doFinal(output, len);
-
-        if (!Arrays.areEqual(output, expectedCipherText))
-        {
-            fail("Failed XTS encrypt test 3 - expected "
-                + Hex.toHexString(expectedCipherText)
-                + " got " + Hex.toHexString(output));
-        }
-
-        dstu7624xts.init(false, param);
-        len = dstu7624xts.processBytes(expectedCipherText, 0, expectedCipherText.length, decrypted, 0);
-        dstu7624xts.doFinal(decrypted, len);
-
-        if (!Arrays.areEqual(decrypted, plainText))
-        {
-            fail("Failed XTS decrypt test 3 - expected "
-                + Hex.toHexString(plainText)
-                + " got " + Hex.toHexString(decrypted));
-        }
-
-        //test 4
-        key = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F");
-        iv = Hex.decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F");
-        plainText = Hex.decode("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF");
-
-        output = new byte[plainText.length];
-        expectedCipherText = Hex.decode("30663E4686574B343A1898E46973CD37DB9D775D356512EB59E723397F2A333CE2C0E96538781FF48EA1D93BDF88FFF8BB7BC4FB80A609881220C7FE21881C7374F65B232A8F94CD0E3DDC7614830C23CFCE98ADC5113496F9E106E8C8BFF3AB");
-
-        decrypted = new byte[plainText.length];
-
-        dstu7624xts = new KXTSBlockCipher(new DSTU7624Engine(256));
-        param = new ParametersWithIV(new KeyParameter(key), iv);
-
-        dstu7624xts.init(true, param);
-        len = dstu7624xts.processBytes(plainText, 0, plainText.length, output, 0);
-        dstu7624xts.doFinal(output, len);
-
-        if (!Arrays.areEqual(output, expectedCipherText))
-        {
-            fail("Failed XTS encrypt test 4 - expected "
-                + Hex.toHexString(expectedCipherText)
-                + " got " + Hex.toHexString(output));
-        }
-
-
-        dstu7624xts.init(false, param);
-        len = dstu7624xts.processBytes(expectedCipherText, 0, expectedCipherText.length, decrypted, 0);
-        dstu7624xts.doFinal(decrypted, len);
-
-        if (!Arrays.areEqual(decrypted, plainText))
-        {
-            fail("Failed XTS decrypt test 4 - expected "
-                + Hex.toHexString(plainText)
-                + " got " + Hex.toHexString(decrypted));
-        }
-
-        //test 5
-        key = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F");
-        iv = Hex.decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F");
-        plainText = Hex.decode("808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBFC0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF");
-
-        output = new byte[plainText.length];
-        expectedCipherText = Hex.decode("5C6250BD2E40AAE27E1E57512CD38E6A51D0C2B04F0D6A50E0CB43358B8C4E8BA361331436C6FFD38D77BBBBF5FEC56A234108A6CC8CB298360943E849E5BD64D26ECA2FA8AEAD070656C3777BA412BCAF3D2F08C26CF86CA8F0921043A15D709AE1112611E22D4396E582CCB661E0F778B6F38561BC338AFD5D1036ED8B322D");
-
-        decrypted = new byte[plainText.length];
-
-        dstu7624xts = new KXTSBlockCipher(new DSTU7624Engine(512));
-        param = new ParametersWithIV(new KeyParameter(key), iv);
-
-        dstu7624xts.init(true, param);
-        len = dstu7624xts.processBytes(plainText, 0, plainText.length, output, 0);
-        dstu7624xts.doFinal(output, len);
-
-        if (!Arrays.areEqual(output, expectedCipherText))
-        {
-            fail("Failed XTS encrypt test 5 - expected "
-                + Hex.toHexString(expectedCipherText)
-                + " got " + Hex.toHexString(output));
-        }
-
-
-        dstu7624xts.init(false, param);
-        len = dstu7624xts.processBytes(expectedCipherText, 0, expectedCipherText.length, decrypted, 0);
-        dstu7624xts.doFinal(decrypted, len);
-
-        if (!Arrays.areEqual(decrypted, plainText))
-        {
-            fail("Failed XTS decrypt test 5 - expected "
-                + Hex.toHexString(plainText)
-                + " got " + Hex.toHexString(decrypted));
-        }
-    }
-
-    private void GCMModeTests()
-        throws Exception
-    {
-        //test 1
-        byte[] key = Hex.decode("000102030405060708090A0B0C0D0E0F");
-
-        byte[] iv = Hex.decode("101112131415161718191A1B1C1D1E1F");
-
-        byte[] authText = Hex.decode("202122232425262728292A2B2C2D2E2F");
-
-        byte[] plainText = Hex.decode("303132333435363738393A3B3C3D3E3F404142434445464748494A4B4C4D4E4F");
-
-        byte[] expectedEncrypted = Hex.decode("B91A7B8790BBCFCFE65D04E5538E98E216AC209DA33122FDA596E8928070BE51");
-
-        byte[] expectedMac = Hex.decode("C8310571CD60F9584B45C1B4ECE179AF");
-
-        byte[] expectedOutput = new byte[expectedEncrypted.length + expectedMac.length];
-        System.arraycopy(expectedEncrypted, 0, expectedOutput, 0, expectedEncrypted.length);
-        System.arraycopy(expectedMac, 0, expectedOutput, expectedEncrypted.length, expectedMac.length);
-
-        byte[] mac = new byte[expectedMac.length];
-
-        byte[] encrypted = new byte[expectedEncrypted.length + mac.length];
-
-        byte[] decrypted = new byte[plainText.length + mac.length];
-
-        System.arraycopy(expectedMac, 0, decrypted, plainText.length, mac.length);
-
-        int len;
-
-        AEADParameters parameters = new AEADParameters(new KeyParameter(key), 128, iv);
-
-        KGCMBlockCipher dstu7624gcm = new KGCMBlockCipher(new DSTU7624Engine(128));
-
-        dstu7624gcm.init(true, parameters);
-        dstu7624gcm.processAADBytes(authText, 0, authText.length);
-
-        len = dstu7624gcm.processBytes(plainText, 0, plainText.length, encrypted, 0);
-        dstu7624gcm.doFinal(encrypted, len);
-
-        mac = dstu7624gcm.getMac();
-
-        if (!Arrays.areEqual(mac, expectedMac))
-        {
-            fail("Failed GCM/GMAC test 1 - expected mac: "
-                + Hex.toHexString(expectedMac)
-                + " got mac: " + Hex.toHexString(mac));
-        }
-
-        if (!Arrays.areEqual(encrypted, expectedOutput))
-        {
-            fail("Failed GCM/GMAC test 1 - expected encrypted: "
-                + Hex.toHexString(expectedOutput)
-                + " got encrypted: " + Hex.toHexString(encrypted));
-        }
-
-
-        dstu7624gcm.init(false, parameters);
-        dstu7624gcm.processAADBytes(authText, 0, authText.length);
-
-        len = dstu7624gcm.processBytes(expectedOutput, 0, expectedOutput.length, decrypted, 0);
-        dstu7624gcm.doFinal(decrypted, len);
-
-
-        mac = dstu7624gcm.getMac();
-        if (!Arrays.areEqual(mac, expectedMac))
-        {
-            fail("Failed GCM/GMAC test 1 - expected mac: "
-                + Hex.toHexString(expectedMac)
-                + " got mac: " + Hex.toHexString(mac));
-        }
-
-        //remove mac at the end of decrypted data
-        byte[] tempDecrypted = new byte[plainText.length];
-        System.arraycopy(decrypted, 0, tempDecrypted, 0, plainText.length);
-        decrypted = tempDecrypted;
-
-
-        if (!Arrays.areEqual(decrypted, plainText))
-        {
-            fail("Failed GCM/GMAC test 1 - expected decrypted: "
-                + Hex.toHexString(plainText)
-                + " got decrypted: " + Hex.toHexString(decrypted));
-        }
-
-        //test 2
-        key = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F");
-
-        iv = Hex.decode("202122232425262728292A2B2C2D2E2F");
-
-        authText = Hex.decode("303132333435363738393A3B3C3D3E3F");
-
-        plainText = Hex.decode("505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F");
-
-        expectedEncrypted = Hex.decode("FF83F27C6D4EA26101B1986235831406A297940D6C0E695596D612623E0E7CDC");
-
-        expectedMac = Hex.decode("3C474281AFEAE4FD6D61E995258747AB");
-
-        expectedOutput = new byte[expectedEncrypted.length + expectedMac.length];
-        System.arraycopy(expectedEncrypted, 0, expectedOutput, 0, expectedEncrypted.length);
-        System.arraycopy(expectedMac, 0, expectedOutput, expectedEncrypted.length, expectedMac.length);
-
-
-        mac = new byte[expectedMac.length];
-
-        encrypted = new byte[expectedEncrypted.length + mac.length];
-
-        decrypted = new byte[plainText.length + mac.length];
-
-        System.arraycopy(expectedMac, 0, decrypted, plainText.length, mac.length);
-
-        parameters = new AEADParameters(new KeyParameter(key), 128, iv);
-
-        dstu7624gcm = new KGCMBlockCipher(new DSTU7624Engine(128));
-
-        dstu7624gcm.init(true, parameters);
-        dstu7624gcm.processAADBytes(authText, 0, authText.length);
-        len = dstu7624gcm.processBytes(plainText, 0, plainText.length, encrypted, 0);
-
-        dstu7624gcm.doFinal(encrypted, len);
-
-        mac = dstu7624gcm.getMac();
-
-        if (!Arrays.areEqual(mac, expectedMac))
-        {
-            fail("Failed GCM/GMAC test 2 - expected mac: "
-                + Hex.toHexString(expectedMac)
-                + " got mac: " + Hex.toHexString(mac));
-        }
-
-        if (!Arrays.areEqual(encrypted, expectedOutput))
-        {
-            fail("Failed GCM/GMAC test 2 - expected encrypted: "
-                + Hex.toHexString(expectedOutput)
-                + " got encrypted: " + Hex.toHexString(encrypted));
-        }
-
-
-        dstu7624gcm.init(false, parameters);
-        dstu7624gcm.processAADBytes(authText, 0, authText.length);
-        len = dstu7624gcm.processBytes(expectedOutput, 0, expectedOutput.length, decrypted, 0);
-
-        dstu7624gcm.doFinal(decrypted, len);
-
-        mac = dstu7624gcm.getMac();
-
-        if (!Arrays.areEqual(mac, expectedMac))
-        {
-            fail("Failed GCM/GMAC test 2 - expected mac: "
-                + Hex.toHexString(expectedMac)
-                + " got mac: " + Hex.toHexString(mac));
-        }
-
-        //remove mac at the end of decrypted data
-        tempDecrypted = new byte[plainText.length];
-        System.arraycopy(decrypted, 0, tempDecrypted, 0, plainText.length);
-        decrypted = tempDecrypted;
-
-        if (!Arrays.areEqual(decrypted, plainText))
-        {
-            fail("Failed GCM/GMAC test 2 - expected decrypted: "
-                + Hex.toHexString(plainText)
-                + " got decrypted: " + Hex.toHexString(decrypted));
-        }
-
-        //test 3
-        key = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F");
-
-        iv = Hex.decode("202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F");
-
-        authText = Hex.decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F");
-
-        plainText = Hex.decode("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9F");
-
-        expectedEncrypted = Hex.decode("7EC15C54BB553CB1437BE0EFDD2E810F6058497EBCE4408A08A73FADF3F459D56B0103702D13AB73ACD2EB33A8B5E9CFFF5EB21865A6B499C10C810C4BAEBE80");
-
-        expectedMac = Hex.decode("1D61B0A3018F6B849CBA20AF1DDDA245");
-
-        expectedOutput = new byte[expectedEncrypted.length + expectedMac.length];
-        System.arraycopy(expectedEncrypted, 0, expectedOutput, 0, expectedEncrypted.length);
-        System.arraycopy(expectedMac, 0, expectedOutput, expectedEncrypted.length, expectedMac.length);
-
-
-        mac = new byte[expectedMac.length];
-
-        encrypted = new byte[expectedEncrypted.length + mac.length];
-
-        decrypted = new byte[plainText.length + mac.length];
-
-        System.arraycopy(expectedMac, 0, decrypted, plainText.length, mac.length);
-
-
-        parameters = new AEADParameters(new KeyParameter(key), 128, iv);
-
-        dstu7624gcm = new KGCMBlockCipher(new DSTU7624Engine(256));
-
-        dstu7624gcm.init(true, parameters);
-        dstu7624gcm.processAADBytes(authText, 0, authText.length);
-        len = dstu7624gcm.processBytes(plainText, 0, plainText.length, encrypted, 0);
-
-        dstu7624gcm.doFinal(encrypted, len);
-
-        mac = dstu7624gcm.getMac();
-
-        if (!Arrays.areEqual(mac, expectedMac))
-        {
-            fail("Failed GCM/GMAC test 3 - expected mac: "
-                + Hex.toHexString(expectedMac)
-                + " got mac: " + Hex.toHexString(mac));
-        }
-
-        if (!Arrays.areEqual(encrypted, expectedOutput))
-        {
-            fail("Failed GCM/GMAC test 3 - expected encrypted: "
-                + Hex.toHexString(expectedOutput)
-                + " got encrypted: " + Hex.toHexString(encrypted));
-        }
-
-        dstu7624gcm.init(false, parameters);
-        dstu7624gcm.processAADBytes(authText, 0, authText.length);
-        len = dstu7624gcm.processBytes(expectedOutput, 0, expectedOutput.length, decrypted, 0);
-
-        dstu7624gcm.doFinal(decrypted, len);
-
-        mac = dstu7624gcm.getMac();
-
-        if (!Arrays.areEqual(mac, expectedMac))
-        {
-            fail("Failed GCM/GMAC test 3 - expected mac: "
-                + Hex.toHexString(expectedMac)
-                + " got mac: " + Hex.toHexString(mac));
-        }
-
-        //remove mac at the end of decrypted data
-        tempDecrypted = new byte[plainText.length];
-        System.arraycopy(decrypted, 0, tempDecrypted, 0, plainText.length);
-        decrypted = tempDecrypted;
-
-        if (!Arrays.areEqual(decrypted, plainText))
-        {
-            fail("Failed GCM/GMAC test 3 - expected decrypted: "
-                + Hex.toHexString(plainText)
-                + " got decrypted: " + Hex.toHexString(decrypted));
-        }
-
-        //test 4
-        key = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F");
-
-        iv = Hex.decode("202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F");
-
-        authText = Hex.decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F");
-
-        plainText = Hex.decode("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9F");
-
-        expectedEncrypted = Hex.decode("7EC15C54BB553CB1437BE0EFDD2E810F6058497EBCE4408A08A73FADF3F459D56B0103702D13AB73ACD2EB33A8B5E9CFFF5EB21865A6B499C10C810C4BAEBE80");
-
-        expectedMac = Hex.decode("1D61B0A3018F6B849CBA20AF1DDDA245B1B296258AC0352A52D3F372E72224CE");
-
-        expectedOutput = new byte[expectedEncrypted.length + expectedMac.length];
-        System.arraycopy(expectedEncrypted, 0, expectedOutput, 0, expectedEncrypted.length);
-        System.arraycopy(expectedMac, 0, expectedOutput, expectedEncrypted.length, expectedMac.length);
-
-
-        mac = new byte[expectedMac.length];
-
-        encrypted = new byte[expectedEncrypted.length + mac.length];
-
-        decrypted = new byte[plainText.length + mac.length];
-
-        System.arraycopy(expectedMac, 0, decrypted, plainText.length, mac.length);
-
-        parameters = new AEADParameters(new KeyParameter(key), 256, iv);
-
-        dstu7624gcm = new KGCMBlockCipher(new DSTU7624Engine(256));
-
-        dstu7624gcm.init(true, parameters);
-        dstu7624gcm.processAADBytes(authText, 0, authText.length);
-        len = dstu7624gcm.processBytes(plainText, 0, plainText.length, encrypted, 0);
-
-        dstu7624gcm.doFinal(encrypted, len);
-
-        mac = dstu7624gcm.getMac();
-
-        if (!Arrays.areEqual(mac, expectedMac))
-        {
-            fail("Failed GCM/GMAC test 4 - expected mac: "
-                + Hex.toHexString(expectedMac)
-                + " got mac: " + Hex.toHexString(mac));
-        }
-
-        if (!Arrays.areEqual(encrypted, expectedOutput))
-        {
-            fail("Failed GCM/GMAC test 4 - expected encrypted: "
-                + Hex.toHexString(expectedOutput)
-                + " got encrypted: " + Hex.toHexString(encrypted));
-        }
-
-
-        dstu7624gcm.init(false, parameters);
-        dstu7624gcm.processAADBytes(authText, 0, authText.length);
-        len = dstu7624gcm.processBytes(expectedOutput, 0, expectedOutput.length, decrypted, 0);
-
-        dstu7624gcm.doFinal(decrypted, len);
-
-        mac = dstu7624gcm.getMac();
-
-        if (!Arrays.areEqual(mac, expectedMac))
-        {
-            fail("Failed GCM/GMAC test 4 - expected mac: "
-                + Hex.toHexString(expectedMac)
-                + " got mac: " + Hex.toHexString(mac));
-        }
-
-        //remove mac at the end of decrypted data
-        tempDecrypted = new byte[plainText.length];
-        System.arraycopy(decrypted, 0, tempDecrypted, 0, plainText.length);
-        decrypted = tempDecrypted;
-
-        if (!Arrays.areEqual(decrypted, plainText))
-        {
-            fail("Failed GCM/GMAC test 4 - expected decrypted: "
-                + Hex.toHexString(plainText)
-                + " got decrypted: " + Hex.toHexString(decrypted));
-        }
-
-        //test 5
-        key = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F");
-
-        iv = Hex.decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F");
-
-        authText = Hex.decode("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F");
-
-        plainText = Hex.decode("808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF");
-
-        expectedEncrypted = Hex.decode("3EBDB4584B5169A26FBEBA0295B4223F58D5D8A031F2950A1D7764FAB97BA058E9E2DAB90FF0C519AA88435155A71B7B53BB100F5D20AFFAC0552F5F2813DEE8");
-
-        expectedMac = Hex.decode("8555FD3D9B02C2325ACA3CC9309D6B4B9AFC697D13BBBFF067198D5D86CB9820");
-
-        expectedOutput = new byte[expectedEncrypted.length + expectedMac.length];
-        System.arraycopy(expectedEncrypted, 0, expectedOutput, 0, expectedEncrypted.length);
-        System.arraycopy(expectedMac, 0, expectedOutput, expectedEncrypted.length, expectedMac.length);
-
-
-        mac = new byte[expectedMac.length];
-
-        encrypted = new byte[expectedEncrypted.length + mac.length];
-
-        decrypted = new byte[plainText.length + mac.length];
-
-        System.arraycopy(expectedMac, 0, decrypted, plainText.length, mac.length);
-
-
-        parameters = new AEADParameters(new KeyParameter(key), 256, iv);
-
-        dstu7624gcm = new KGCMBlockCipher(new DSTU7624Engine(256));
-        dstu7624gcm.init(true, parameters);
-        dstu7624gcm.processAADBytes(authText, 0, authText.length);
-        len = dstu7624gcm.processBytes(plainText, 0, plainText.length, encrypted, 0);
-
-        dstu7624gcm.doFinal(encrypted, len);
-
-        mac = dstu7624gcm.getMac();
-
-        if (!Arrays.areEqual(mac, expectedMac))
-        {
-            fail("Failed GCM/GMAC test 5 - expected mac: "
-                + Hex.toHexString(expectedMac)
-                + " got mac: " + Hex.toHexString(mac));
-        }
-
-        if (!Arrays.areEqual(encrypted, expectedOutput))
-        {
-            fail("Failed GCM/GMAC test 5 - expected encrypted: "
-                + Hex.toHexString(expectedOutput)
-                + " got encrypted: " + Hex.toHexString(encrypted));
-        }
-
-
-        dstu7624gcm.init(false, parameters);
-        dstu7624gcm.processAADBytes(authText, 0, authText.length);
-        len = dstu7624gcm.processBytes(expectedOutput, 0, expectedOutput.length, decrypted, 0);
-
-        dstu7624gcm.doFinal(decrypted, len);
-
-        mac = dstu7624gcm.getMac();
-
-        if (!Arrays.areEqual(mac, expectedMac))
-        {
-            fail("Failed GCM/GMAC test 5 - expected mac: "
-                + Hex.toHexString(expectedMac)
-                + " got mac: " + Hex.toHexString(mac));
-        }
-
-        //remove mac at the end of decrypted data
-        tempDecrypted = new byte[plainText.length];
-        System.arraycopy(decrypted, 0, tempDecrypted, 0, plainText.length);
-        decrypted = tempDecrypted;
-
-        if (!Arrays.areEqual(decrypted, plainText))
-        {
-            fail("Failed GCM/GMAC test 5 - expected decrypted: "
-                + Hex.toHexString(plainText)
-                + " got decrypted: " + Hex.toHexString(decrypted));
-        }
-
-        //test 6
-        key = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F");
-
-        iv = Hex.decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F");
-
-        authText = Hex.decode("808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF");
-
-        plainText = Hex.decode("C0C1C2C3C4C5C6C7C8C9CACBCCCDCECFD0D1D2D3D4D5D6D7D8D9DADBDCDDDEDFE0E1E2E3E4E5E6E7E8E9EAEBECEDEEEFF0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF");
-
-        expectedEncrypted = Hex.decode("220642D7277D104788CF97B10210984F506435512F7BF153C5CDABFECC10AFB4A2E2FC51F616AF80FFDD0607FAD4F542B8EF0667717CE3EAAA8FBC303CE76C99");
-
-        expectedMac = Hex.decode("78A77E5948F5DC05F551486FDBB44898C9AB1BD439D7519841AE31007C09E1B312E5EA5929F952F6A3EEF5CBEAEF262B8EC1884DFCF4BAAF7B5C9291A22489E1");
-
-        expectedOutput = new byte[expectedEncrypted.length + expectedMac.length];
-        System.arraycopy(expectedEncrypted, 0, expectedOutput, 0, expectedEncrypted.length);
-        System.arraycopy(expectedMac, 0, expectedOutput, expectedEncrypted.length, expectedMac.length);
-
-
-        mac = new byte[expectedMac.length];
-
-        encrypted = new byte[expectedEncrypted.length + mac.length];
-
-        decrypted = new byte[plainText.length + mac.length];
-
-        System.arraycopy(expectedMac, 0, decrypted, plainText.length, mac.length);
-
-        parameters = new AEADParameters(new KeyParameter(key), 512, iv);
-
-        dstu7624gcm = new KGCMBlockCipher(new DSTU7624Engine(512));
-
-        dstu7624gcm.init(true, parameters);
-        dstu7624gcm.processAADBytes(authText, 0, authText.length);
-        len = dstu7624gcm.processBytes(plainText, 0, plainText.length, encrypted, 0);
-
-        dstu7624gcm.doFinal(encrypted, len);
-
-        mac = dstu7624gcm.getMac();
-
-        if (!Arrays.areEqual(mac, expectedMac))
-        {
-            fail("Failed GCM/GMAC test 6 - expected mac: "
-                + Hex.toHexString(expectedMac)
-                + " got mac: " + Hex.toHexString(mac));
-        }
-
-        if (!Arrays.areEqual(encrypted, expectedOutput))
-        {
-            fail("Failed GCM/GMAC test 6 - expected encrypted: "
-                + Hex.toHexString(expectedOutput)
-                + " got encrypted: " + Hex.toHexString(encrypted));
-        }
-
-        dstu7624gcm.init(false, parameters);
-        dstu7624gcm.processAADBytes(authText, 0, authText.length);
-        len = dstu7624gcm.processBytes(expectedOutput, 0, expectedOutput.length, decrypted, 0);
-
-        dstu7624gcm.doFinal(decrypted, len);
-
-        mac = dstu7624gcm.getMac();
-
-        if (!Arrays.areEqual(mac, expectedMac))
-        {
-            fail("Failed GCM/GMAC test 6 - expected mac: "
-                + Hex.toHexString(expectedMac)
-                + " got mac: " + Hex.toHexString(mac));
-        }
-
-        //remove mac at the end of decrypted data
-        tempDecrypted = new byte[plainText.length];
-        System.arraycopy(decrypted, 0, tempDecrypted, 0, plainText.length);
-        decrypted = tempDecrypted;
-
-        if (!Arrays.areEqual(decrypted, plainText))
-        {
-            fail("Failed GCM/GMAC test 6 - expected decrypted: "
-                + Hex.toHexString(plainText)
-                + " got decrypted: " + Hex.toHexString(decrypted));
-        }
-
-        /* Testing mac producing without encryption */
-        //test 7
-        key = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F");
-
-        authText = Hex.decode("303132333435363738393A3B3C3D3E3F");
-
-        expectedMac = Hex.decode("5AE309EE80B583C6523397ADCB5704C4");
-
-        mac = new byte[expectedMac.length];
-
-        parameters = new AEADParameters(new KeyParameter(key), 128, new byte[16]);
-
-        dstu7624gcm = new KGCMBlockCipher(new DSTU7624Engine(128));
-
-        dstu7624gcm.init(true, parameters);
-        dstu7624gcm.processAADBytes(authText, 0, authText.length);
-        dstu7624gcm.doFinal(mac, 0);
-
-        if (!Arrays.areEqual(mac, expectedMac))
-        {
-            fail("Failed GCM/GMAC test 7 - expected mac: "
-                + Hex.toHexString(expectedMac)
-                + " got mac: " + Hex.toHexString(mac));
-        }
-
-        //test 8
-        key = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F");
-
-        authText = Hex.decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F");
-
-        expectedMac = Hex.decode("FF48B56F2C26CC484B8F5952D7B3E1FE");
-
-        mac = new byte[expectedMac.length];
-
-        parameters = new AEADParameters(new KeyParameter(key), 128, new byte[16]);
-
-        dstu7624gcm = new KGCMBlockCipher(new DSTU7624Engine(256));
-
-        dstu7624gcm.init(true, parameters);
-        dstu7624gcm.processAADBytes(authText, 0, authText.length);
-        dstu7624gcm.doFinal(mac, 0);
-
-        if (!Arrays.areEqual(mac, expectedMac))
-        {
-            fail("Failed GCM/GMAC test 8 - expected mac: "
-                + Hex.toHexString(expectedMac)
-                + " got mac: " + Hex.toHexString(mac));
-        }
-
-        //test 9
-        key = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F");
-
-        authText = Hex.decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F");
-
-        expectedMac = Hex.decode("FF48B56F2C26CC484B8F5952D7B3E1FE69577701C50BE96517B33921E44634CD");
-
-        mac = new byte[expectedMac.length];
-
-        parameters = new AEADParameters(new KeyParameter(key), 256, new byte[32]);
-
-        dstu7624gcm = new KGCMBlockCipher(new DSTU7624Engine(256));
-
-        dstu7624gcm.init(true, parameters);
-        dstu7624gcm.processAADBytes(authText, 0, authText.length);
-        dstu7624gcm.doFinal(mac, 0);
-
-        if (!Arrays.areEqual(mac, expectedMac))
-        {
-            fail("Failed GCM/GMAC test 9 - expected mac: "
-                + Hex.toHexString(expectedMac)
-                + " got mac: " + Hex.toHexString(mac));
-        }
-
-        //test 10
-        key = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F");
-
-        authText = Hex.decode("606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F");
-
-        expectedMac = Hex.decode("96F61FA0FDE92883C5041D748F9AE91F3A0A50415BFA1466855340A5714DC01F");
-
-        mac = new byte[expectedMac.length];
-
-        parameters = new AEADParameters(new KeyParameter(key), 256, new byte[32]);
-
-        dstu7624gcm = new KGCMBlockCipher(new DSTU7624Engine(256));
-
-        dstu7624gcm.init(true, parameters);
-        dstu7624gcm.processAADBytes(authText, 0, authText.length);
-        dstu7624gcm.doFinal(mac, 0);
-
-        if (!Arrays.areEqual(mac, expectedMac))
-        {
-            fail("Failed GCM/GMAC test 10 - expected mac: "
-                + Hex.toHexString(expectedMac)
-                + " got mac: " + Hex.toHexString(mac));
-        }
-
-        //test 11
-        key = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F");
-
-        authText = Hex.decode("808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF");
-
-        expectedMac = Hex.decode("897C32E05E776FD988C5171FE70BB72949172E514E3308A871BA5BD898FB6EBD6E3897D2D55697D90D6428216C08052E3A5E7D4626F4DBBF1546CE21637357A3");
-
-        mac = new byte[expectedMac.length];
-
-        parameters = new AEADParameters(new KeyParameter(key), 512, new byte[32]);
-
-        dstu7624gcm = new KGCMBlockCipher(new DSTU7624Engine(512));
-
-        dstu7624gcm.init(true, parameters);
-        dstu7624gcm.processAADBytes(authText, 0, authText.length);
-        dstu7624gcm.doFinal(mac, 0);
-
-        if (!Arrays.areEqual(mac, expectedMac))
-        {
-            fail("Failed GCM/GMAC test 11 - expected mac: "
-                + Hex.toHexString(expectedMac)
-                + " got mac: " + Hex.toHexString(mac));
-        }
-
-        doFinalTest(new KGCMBlockCipher(new DSTU7624Engine(512)), key, new byte[32], authText, null, expectedMac);
-
-        //test 11 - as KGMac
-        key = Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F");
-
-        authText = Hex.decode("808182838485868788898A8B8C8D8E8F909192939495969798999A9B9C9D9E9FA0A1A2A3A4A5A6A7A8A9AAABACADAEAFB0B1B2B3B4B5B6B7B8B9BABBBCBDBEBF");
-
-        expectedMac = Hex.decode("897C32E05E776FD988C5171FE70BB72949172E514E3308A871BA5BD898FB6EBD6E3897D2D55697D90D6428216C08052E3A5E7D4626F4DBBF1546CE21637357A3");
-
-        mac = new byte[expectedMac.length];
-
-        KGMac dstuGmac = new KGMac(new KGCMBlockCipher(new DSTU7624Engine(512)));
-
-        dstuGmac.init(new ParametersWithIV(new KeyParameter(key), new byte[32]));
-
-        dstuGmac.update(authText, 0, authText.length);
-
-        dstuGmac.doFinal(mac, 0);
-
-        if (!Arrays.areEqual(mac, expectedMac))
-        {
-            fail("Failed GCM/GMAC test 11 (mac) - expected mac: "
-                + Hex.toHexString(expectedMac)
-                + " got mac: " + Hex.toHexString(mac));
-        }
-    }
-
-    private void doFinalTest(AEADBlockCipher cipher, byte[] key, byte[] iv, byte[] authText, byte[] input, byte[] expected)
-        throws Exception
-    {
-        byte[] output = new byte[expected.length];
-
-        AEADParameters parameters = new AEADParameters(new KeyParameter(key), cipher.getUnderlyingCipher().getBlockSize() * 8, iv);
-
-        cipher.init(true, parameters);
-        cipher.processAADBytes(authText, 0, authText.length);
-
-        int off = 0;
-        if (input != null)
-        {
-            off = cipher.processBytes(input, 0, input.length, output, 0);
-        }
-
-        cipher.doFinal(output, off);
-
-        if (!Arrays.areEqual(output, expected))
-        {
-            System.err.println(Hex.toHexString(output));
-            System.err.println(Hex.toHexString(expected));
-            fail("Failed doFinal test - init: " + cipher.getAlgorithmName());
-        }
-
-        cipher.processAADBytes(authText, 0, authText.length);
-
-        off = 0;
-        if (input != null)
-        {
-            off = cipher.processBytes(input, 0, input.length, output, 0);
-        }
-
-        cipher.doFinal(output, off);
-
-        if (!Arrays.areEqual(output, expected))
-        {
-            fail("Failed doFinal test - after: " + cipher.getAlgorithmName());
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/DeterministicDSATest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/DeterministicDSATest.java
deleted file mode 100644
index ed54332..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/DeterministicDSATest.java
+++ /dev/null

@@ -1,524 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.nist.NISTNamedCurves;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DSA;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA224Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA384Digest;
-import org.bouncycastle.crypto.digests.SHA3Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.params.DSAParameters;
-import org.bouncycastle.crypto.params.DSAPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.signers.DSASigner;
-import org.bouncycastle.crypto.signers.ECDSASigner;
-import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Tests are taken from RFC 6979 - "Deterministic Usage of the Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA)"
- */
-public class DeterministicDSATest
-    extends SimpleTest
-{
-
-    public static final byte[] SAMPLE = Hex.decode("73616d706c65"); // "sample"
-    public static final byte[] TEST = Hex.decode("74657374"); // "test"
-
-    // test vectors from appendix in RFC 6979
-    private void testHMacDeterministic()
-    {
-        DSAParameters dsaParameters = new DSAParameters(
-            new BigInteger("86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447" +
-                           "E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88" +
-                           "73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C" +
-                           "881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779", 16),
-            new BigInteger("996F967F6C8E388D9E28D01E205FBA957A5698B1", 16),
-            new BigInteger("07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D" +
-                           "89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD" +
-                           "87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4" +
-                           "17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD", 16));
-
-        DSAPrivateKeyParameters privKey = new DSAPrivateKeyParameters(new BigInteger("411602CB19A6CCC34494D79D98EF1E7ED5AF25F7", 16), dsaParameters);
-
-        doTestHMACDetDSASample(new SHA1Digest(), privKey, new BigInteger("2E1A0C2562B2912CAAF89186FB0F42001585DA55", 16), new BigInteger("29EFB6B0AFF2D7A68EB70CA313022253B9A88DF5", 16));
-        doTestHMACDetDSASample(new SHA224Digest(), privKey, new BigInteger("4BC3B686AEA70145856814A6F1BB53346F02101E", 16), new BigInteger("410697B92295D994D21EDD2F4ADA85566F6F94C1", 16));
-        doTestHMACDetDSASample(new SHA256Digest(), privKey, new BigInteger("81F2F5850BE5BC123C43F71A3033E9384611C545", 16), new BigInteger("4CDD914B65EB6C66A8AAAD27299BEE6B035F5E89", 16));
-        doTestHMACDetDSASample(new SHA384Digest(), privKey, new BigInteger("07F2108557EE0E3921BC1774F1CA9B410B4CE65A", 16), new BigInteger("54DF70456C86FAC10FAB47C1949AB83F2C6F7595", 16));
-        doTestHMACDetDSASample(new SHA512Digest(), privKey, new BigInteger("16C3491F9B8C3FBBDD5E7A7B667057F0D8EE8E1B", 16), new BigInteger("02C36A127A7B89EDBB72E4FFBC71DABC7D4FC69C", 16));
-
-        doTestHMACDetDSATest(new SHA1Digest(), privKey, new BigInteger("42AB2052FD43E123F0607F115052A67DCD9C5C77", 16), new BigInteger("183916B0230D45B9931491D4C6B0BD2FB4AAF088", 16));
-        doTestHMACDetDSATest(new SHA224Digest(), privKey, new BigInteger("6868E9964E36C1689F6037F91F28D5F2C30610F2", 16), new BigInteger("49CEC3ACDC83018C5BD2674ECAAD35B8CD22940F", 16));
-        doTestHMACDetDSATest(new SHA256Digest(), privKey, new BigInteger("22518C127299B0F6FDC9872B282B9E70D0790812", 16), new BigInteger("6837EC18F150D55DE95B5E29BE7AF5D01E4FE160", 16));
-        doTestHMACDetDSATest(new SHA384Digest(), privKey, new BigInteger("854CF929B58D73C3CBFDC421E8D5430CD6DB5E66", 16), new BigInteger("91D0E0F53E22F898D158380676A871A157CDA622", 16));
-        doTestHMACDetDSATest(new SHA512Digest(), privKey, new BigInteger("8EA47E475BA8AC6F2D821DA3BD212D11A3DEB9A0", 16), new BigInteger("7C670C7AD72B6C050C109E1790008097125433E8", 16));
-
-        doTestHMACDetDSATest(new SHA3Digest(224), privKey, new BigInteger("58748b6ca41d25e41f7bfa51fed204a10a1bd1d3", 16), new BigInteger("86de2fdad0bc848dd20ddd9dc6253fc6d7553268", 16));
-        doTestHMACDetDSATest(new SHA3Digest(256), privKey, new BigInteger("98c7a7906ada494285b3ab15cf9188a425f26bd4", 16), new BigInteger("21c5ed876037470d3959fa12f918674a4bf190e9", 16));
-        doTestHMACDetDSATest(new SHA3Digest(384), privKey, new BigInteger("445ec584ec15c14abc67c99886a30a286cc83b33", 16), new BigInteger("21f564d5bb4b175e89a1a6fb2f27cd34c861142d", 16));
-        doTestHMACDetDSATest(new SHA3Digest(512), privKey, new BigInteger("16918083f4c3ff4fc9b327e9e120a30ec39faaf6", 16), new BigInteger("1e9183a1dc7c20dbb596920cd94da3844a087203", 16));
-
-        dsaParameters = new DSAParameters(
-                                new BigInteger("9DB6FB5951B66BB6FE1E140F1D2CE5502374161FD6538DF1648218642F0B5C48" +
-                                    "C8F7A41AADFA187324B87674FA1822B00F1ECF8136943D7C55757264E5A1A44F" +
-                                    "FE012E9936E00C1D3E9310B01C7D179805D3058B2A9F4BB6F9716BFE6117C6B5" +
-                                    "B3CC4D9BE341104AD4A80AD6C94E005F4B993E14F091EB51743BF33050C38DE2" +
-                                    "35567E1B34C3D6A5C0CEAA1A0F368213C3D19843D0B4B09DCB9FC72D39C8DE41" +
-                                    "F1BF14D4BB4563CA28371621CAD3324B6A2D392145BEBFAC748805236F5CA2FE" +
-                                    "92B871CD8F9C36D3292B5509CA8CAA77A2ADFC7BFD77DDA6F71125A7456FEA15" +
-                                    "3E433256A2261C6A06ED3693797E7995FAD5AABBCFBE3EDA2741E375404AE25B", 16),
-                                new BigInteger("F2C3119374CE76C9356990B465374A17F23F9ED35089BD969F61C6DDE9998C1F", 16),
-                                new BigInteger("5C7FF6B06F8F143FE8288433493E4769C4D988ACE5BE25A0E24809670716C613" +
-                                    "D7B0CEE6932F8FAA7C44D2CB24523DA53FBE4F6EC3595892D1AA58C4328A06C4" +
-                                    "6A15662E7EAA703A1DECF8BBB2D05DBE2EB956C142A338661D10461C0D135472" +
-                                    "085057F3494309FFA73C611F78B32ADBB5740C361C9F35BE90997DB2014E2EF5" +
-                                    "AA61782F52ABEB8BD6432C4DD097BC5423B285DAFB60DC364E8161F4A2A35ACA" +
-                                    "3A10B1C4D203CC76A470A33AFDCBDD92959859ABD8B56E1725252D78EAC66E71" +
-                                    "BA9AE3F1DD2487199874393CD4D832186800654760E1E34C09E4D155179F9EC0" +
-                                    "DC4473F996BDCE6EED1CABED8B6F116F7AD9CF505DF0F998E34AB27514B0FFE7", 16));
-
-        privKey = new DSAPrivateKeyParameters(new BigInteger("69C7548C21D0DFEA6B9A51C9EAD4E27C33D3B3F180316E5BCAB92C933F0E4DBC", 16), dsaParameters);
-
-        doTestHMACDetDSASample(new SHA1Digest(), privKey, new BigInteger("3A1B2DBD7489D6ED7E608FD036C83AF396E290DBD602408E8677DAABD6E7445A", 16), new BigInteger("D26FCBA19FA3E3058FFC02CA1596CDBB6E0D20CB37B06054F7E36DED0CDBBCCF", 16));
-        doTestHMACDetDSASample(new SHA224Digest(), privKey, new BigInteger("DC9F4DEADA8D8FF588E98FED0AB690FFCE858DC8C79376450EB6B76C24537E2C", 16), new BigInteger("A65A9C3BC7BABE286B195D5DA68616DA8D47FA0097F36DD19F517327DC848CEC", 16));
-        doTestHMACDetDSASample(new SHA256Digest(), privKey, new BigInteger("EACE8BDBBE353C432A795D9EC556C6D021F7A03F42C36E9BC87E4AC7932CC809", 16), new BigInteger("7081E175455F9247B812B74583E9E94F9EA79BD640DC962533B0680793A38D53", 16));
-        doTestHMACDetDSASample(new SHA384Digest(), privKey, new BigInteger("B2DA945E91858834FD9BF616EBAC151EDBC4B45D27D0DD4A7F6A22739F45C00B", 16), new BigInteger("19048B63D9FD6BCA1D9BAE3664E1BCB97F7276C306130969F63F38FA8319021B", 16));
-        doTestHMACDetDSASample(new SHA512Digest(), privKey, new BigInteger("2016ED092DC5FB669B8EFB3D1F31A91EECB199879BE0CF78F02BA062CB4C942E", 16), new BigInteger("D0C76F84B5F091E141572A639A4FB8C230807EEA7D55C8A154A224400AFF2351", 16));
-
-        doTestHMACDetDSATest(new SHA1Digest(), privKey, new BigInteger("C18270A93CFC6063F57A4DFA86024F700D980E4CF4E2CB65A504397273D98EA0", 16), new BigInteger("414F22E5F31A8B6D33295C7539C1C1BA3A6160D7D68D50AC0D3A5BEAC2884FAA", 16));
-        doTestHMACDetDSATest(new SHA224Digest(), privKey, new BigInteger("272ABA31572F6CC55E30BF616B7A265312018DD325BE031BE0CC82AA17870EA3", 16), new BigInteger("E9CC286A52CCE201586722D36D1E917EB96A4EBDB47932F9576AC645B3A60806", 16));
-        doTestHMACDetDSATest(new SHA256Digest(), privKey, new BigInteger("8190012A1969F9957D56FCCAAD223186F423398D58EF5B3CEFD5A4146A4476F0", 16), new BigInteger("7452A53F7075D417B4B013B278D1BB8BBD21863F5E7B1CEE679CF2188E1AB19E", 16));
-        doTestHMACDetDSATest(new SHA384Digest(), privKey, new BigInteger("239E66DDBE8F8C230A3D071D601B6FFBDFB5901F94D444C6AF56F732BEB954BE", 16), new BigInteger("6BD737513D5E72FE85D1C750E0F73921FE299B945AAD1C802F15C26A43D34961", 16));
-        doTestHMACDetDSATest(new SHA512Digest(), privKey, new BigInteger("89EC4BB1400ECCFF8E7D9AA515CD1DE7803F2DAFF09693EE7FD1353E90A68307", 16), new BigInteger("C9F0BDABCC0D880BB137A994CC7F3980CE91CC10FAF529FC46565B15CEA854E1", 16));
-    }
-
-    private void doTestHMACDetDSASample(Digest digest, DSAPrivateKeyParameters privKey, BigInteger r, BigInteger s)
-    {
-        doTestHMACDetECDSA(new DSASigner(new HMacDSAKCalculator(digest)), digest, SAMPLE, privKey, r, s);
-    }
-
-    private void doTestHMACDetDSATest(Digest digest, DSAPrivateKeyParameters privKey, BigInteger r, BigInteger s)
-    {
-        doTestHMACDetECDSA(new DSASigner(new HMacDSAKCalculator(digest)), digest, TEST, privKey, r, s);
-    }
-
-    // test vectors from appendix in RFC 6979
-    private void testECHMacDeterministic()
-    {
-        X9ECParameters x9ECParameters = NISTNamedCurves.getByName("P-192");
-        ECDomainParameters ecDomainParameters = new ECDomainParameters(x9ECParameters.getCurve(), x9ECParameters.getG(), x9ECParameters.getN());
-
-        ECPrivateKeyParameters privKey = new ECPrivateKeyParameters(new BigInteger("6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4", 16), ecDomainParameters);
-
-        doTestHMACDetECDSASample(new SHA1Digest(), privKey,   new BigInteger("98C6BD12B23EAF5E2A2045132086BE3EB8EBD62ABF6698FF", 16), new BigInteger("57A22B07DEA9530F8DE9471B1DC6624472E8E2844BC25B64", 16));
-        doTestHMACDetECDSASample(new SHA224Digest(), privKey, new BigInteger("A1F00DAD97AEEC91C95585F36200C65F3C01812AA60378F5", 16), new BigInteger("E07EC1304C7C6C9DEBBE980B9692668F81D4DE7922A0F97A", 16));
-        doTestHMACDetECDSASample(new SHA256Digest(), privKey, new BigInteger("4B0B8CE98A92866A2820E20AA6B75B56382E0F9BFD5ECB55", 16), new BigInteger("CCDB006926EA9565CBADC840829D8C384E06DE1F1E381B85", 16));
-        doTestHMACDetECDSASample(new SHA384Digest(), privKey, new BigInteger("DA63BF0B9ABCF948FBB1E9167F136145F7A20426DCC287D5", 16), new BigInteger("C3AA2C960972BD7A2003A57E1C4C77F0578F8AE95E31EC5E", 16));
-        doTestHMACDetECDSASample(new SHA512Digest(), privKey, new BigInteger("4D60C5AB1996BD848343B31C00850205E2EA6922DAC2E4B8", 16), new BigInteger("3F6E837448F027A1BF4B34E796E32A811CBB4050908D8F67", 16));
-
-        doTestHMACDetECDSATest(new SHA1Digest(), privKey,   new BigInteger("0F2141A0EBBC44D2E1AF90A50EBCFCE5E197B3B7D4DE036D", 16), new BigInteger("EB18BC9E1F3D7387500CB99CF5F7C157070A8961E38700B7", 16));
-        doTestHMACDetECDSATest(new SHA224Digest(), privKey, new BigInteger("6945A1C1D1B2206B8145548F633BB61CEF04891BAF26ED34", 16), new BigInteger("B7FB7FDFC339C0B9BD61A9F5A8EAF9BE58FC5CBA2CB15293", 16));
-        doTestHMACDetECDSATest(new SHA256Digest(), privKey, new BigInteger("3A718BD8B4926C3B52EE6BBE67EF79B18CB6EB62B1AD97AE", 16), new BigInteger("5662E6848A4A19B1F1AE2F72ACD4B8BBE50F1EAC65D9124F", 16));
-        doTestHMACDetECDSATest(new SHA384Digest(), privKey, new BigInteger("B234B60B4DB75A733E19280A7A6034BD6B1EE88AF5332367", 16), new BigInteger("7994090B2D59BB782BE57E74A44C9A1C700413F8ABEFE77A", 16));
-        doTestHMACDetECDSATest(new SHA512Digest(), privKey, new BigInteger("FE4F4AE86A58B6507946715934FE2D8FF9D95B6B098FE739", 16), new BigInteger("74CF5605C98FBA0E1EF34D4B5A1577A7DCF59457CAE52290", 16));
-
-        doTestHMACDetECDSATest(new SHA3Digest(224), privKey, new BigInteger("abfcb817d04cc223f0d9c02c6db9230a91f955bf4556e0c6", 16), new BigInteger("ec2c29065a50d8ea39533d49472ccf538a5388cb31900e8f", 16));
-        doTestHMACDetECDSATest(new SHA3Digest(256), privKey, new BigInteger("a2c2d5362d3cea77191edb239bf22a14dcc59d6500a744fc", 16), new BigInteger("6c63f3012353082026be7e2c6f37e6d7811066ddc9b9ee47", 16));
-        doTestHMACDetECDSATest(new SHA3Digest(384), privKey, new BigInteger("2ff2c37d48cd6691c8adb9d2b1c1af203a1a6b8769c588dd", 16), new BigInteger("79c8171097f845c608dafd218ba096a51e0e4882faf2c08d", 16));
-        doTestHMACDetECDSATest(new SHA3Digest(512), privKey, new BigInteger("384619b82461f4cc852dfa1e87cd87105e8eb3cfd0fb6461", 16), new BigInteger("d0aac03f72e90942821e3af1f77fd8a6ae82d1ed31b8ed06", 16));
-
-        x9ECParameters = NISTNamedCurves.getByName("P-224");
-        ecDomainParameters = new ECDomainParameters(x9ECParameters.getCurve(), x9ECParameters.getG(), x9ECParameters.getN());
-
-        privKey = new ECPrivateKeyParameters(new BigInteger("F220266E1105BFE3083E03EC7A3A654651F45E37167E88600BF257C1", 16), ecDomainParameters);
-
-        doTestHMACDetECDSASample(new SHA1Digest(), privKey,   new BigInteger("22226F9D40A96E19C4A301CE5B74B115303C0F3A4FD30FC257FB57AC", 16), new BigInteger("66D1CDD83E3AF75605DD6E2FEFF196D30AA7ED7A2EDF7AF475403D69", 16));
-        doTestHMACDetECDSASample(new SHA224Digest(), privKey, new BigInteger("1CDFE6662DDE1E4A1EC4CDEDF6A1F5A2FB7FBD9145C12113E6ABFD3E", 16), new BigInteger("A6694FD7718A21053F225D3F46197CA699D45006C06F871808F43EBC", 16));
-        doTestHMACDetECDSASample(new SHA256Digest(), privKey, new BigInteger("61AA3DA010E8E8406C656BC477A7A7189895E7E840CDFE8FF42307BA", 16), new BigInteger("BC814050DAB5D23770879494F9E0A680DC1AF7161991BDE692B10101", 16));
-        doTestHMACDetECDSASample(new SHA384Digest(), privKey, new BigInteger("0B115E5E36F0F9EC81F1325A5952878D745E19D7BB3EABFABA77E953", 16), new BigInteger("830F34CCDFE826CCFDC81EB4129772E20E122348A2BBD889A1B1AF1D", 16));
-        doTestHMACDetECDSASample(new SHA512Digest(), privKey, new BigInteger("074BD1D979D5F32BF958DDC61E4FB4872ADCAFEB2256497CDAC30397", 16), new BigInteger("A4CECA196C3D5A1FF31027B33185DC8EE43F288B21AB342E5D8EB084", 16));
-
-        doTestHMACDetECDSATest(new SHA1Digest(), privKey,   new BigInteger("DEAA646EC2AF2EA8AD53ED66B2E2DDAA49A12EFD8356561451F3E21C", 16), new BigInteger("95987796F6CF2062AB8135271DE56AE55366C045F6D9593F53787BD2", 16));
-        doTestHMACDetECDSATest(new SHA224Digest(), privKey, new BigInteger("C441CE8E261DED634E4CF84910E4C5D1D22C5CF3B732BB204DBEF019", 16), new BigInteger("902F42847A63BDC5F6046ADA114953120F99442D76510150F372A3F4", 16));
-        doTestHMACDetECDSATest(new SHA256Digest(), privKey, new BigInteger("AD04DDE87B84747A243A631EA47A1BA6D1FAA059149AD2440DE6FBA6", 16), new BigInteger("178D49B1AE90E3D8B629BE3DB5683915F4E8C99FDF6E666CF37ADCFD", 16));
-        doTestHMACDetECDSATest(new SHA384Digest(), privKey, new BigInteger("389B92682E399B26518A95506B52C03BC9379A9DADF3391A21FB0EA4", 16), new BigInteger("414A718ED3249FF6DBC5B50C27F71F01F070944DA22AB1F78F559AAB", 16));
-        doTestHMACDetECDSATest(new SHA512Digest(), privKey, new BigInteger("049F050477C5ADD858CAC56208394B5A55BAEBBE887FDF765047C17C", 16), new BigInteger("077EB13E7005929CEFA3CD0403C7CDCC077ADF4E44F3C41B2F60ECFF", 16));
-
-        x9ECParameters = NISTNamedCurves.getByName("P-256");
-        ecDomainParameters = new ECDomainParameters(x9ECParameters.getCurve(), x9ECParameters.getG(), x9ECParameters.getN());
-
-        privKey = new ECPrivateKeyParameters(new BigInteger("C9AFA9D845BA75166B5C215767B1D6934E50C3DB36E89B127B8A622B120F6721", 16), ecDomainParameters);
-
-        doTestHMACDetECDSASample(new SHA1Digest(), privKey,   new BigInteger("61340C88C3AAEBEB4F6D667F672CA9759A6CCAA9FA8811313039EE4A35471D32", 16), new BigInteger("6D7F147DAC089441BB2E2FE8F7A3FA264B9C475098FDCF6E00D7C996E1B8B7EB", 16));
-        doTestHMACDetECDSASample(new SHA224Digest(), privKey, new BigInteger("53B2FFF5D1752B2C689DF257C04C40A587FABABB3F6FC2702F1343AF7CA9AA3F", 16), new BigInteger("B9AFB64FDC03DC1A131C7D2386D11E349F070AA432A4ACC918BEA988BF75C74C", 16));
-        doTestHMACDetECDSASample(new SHA256Digest(), privKey, new BigInteger("EFD48B2AACB6A8FD1140DD9CD45E81D69D2C877B56AAF991C34D0EA84EAF3716", 16), new BigInteger("F7CB1C942D657C41D436C7A1B6E29F65F3E900DBB9AFF4064DC4AB2F843ACDA8", 16));
-        doTestHMACDetECDSASample(new SHA384Digest(), privKey, new BigInteger("0EAFEA039B20E9B42309FB1D89E213057CBF973DC0CFC8F129EDDDC800EF7719", 16), new BigInteger("4861F0491E6998B9455193E34E7B0D284DDD7149A74B95B9261F13ABDE940954", 16));
-        doTestHMACDetECDSASample(new SHA512Digest(), privKey, new BigInteger("8496A60B5E9B47C825488827E0495B0E3FA109EC4568FD3F8D1097678EB97F00", 16), new BigInteger("2362AB1ADBE2B8ADF9CB9EDAB740EA6049C028114F2460F96554F61FAE3302FE", 16));
-
-        doTestHMACDetECDSATest(new SHA1Digest(), privKey,   new BigInteger("0CBCC86FD6ABD1D99E703E1EC50069EE5C0B4BA4B9AC60E409E8EC5910D81A89", 16), new BigInteger("01B9D7B73DFAA60D5651EC4591A0136F87653E0FD780C3B1BC872FFDEAE479B1", 16));
-        doTestHMACDetECDSATest(new SHA224Digest(), privKey, new BigInteger("C37EDB6F0AE79D47C3C27E962FA269BB4F441770357E114EE511F662EC34A692", 16), new BigInteger("C820053A05791E521FCAAD6042D40AEA1D6B1A540138558F47D0719800E18F2D", 16));
-        doTestHMACDetECDSATest(new SHA256Digest(), privKey, new BigInteger("F1ABB023518351CD71D881567B1EA663ED3EFCF6C5132B354F28D3B0B7D38367", 16), new BigInteger("019F4113742A2B14BD25926B49C649155F267E60D3814B4C0CC84250E46F0083", 16));
-        doTestHMACDetECDSATest(new SHA384Digest(), privKey, new BigInteger("83910E8B48BB0C74244EBDF7F07A1C5413D61472BD941EF3920E623FBCCEBEB6", 16), new BigInteger("8DDBEC54CF8CD5874883841D712142A56A8D0F218F5003CB0296B6B509619F2C", 16));
-        doTestHMACDetECDSATest(new SHA512Digest(), privKey, new BigInteger("461D93F31B6540894788FD206C07CFA0CC35F46FA3C91816FFF1040AD1581A04", 16), new BigInteger("39AF9F15DE0DB8D97E72719C74820D304CE5226E32DEDAE67519E840D1194E55", 16));
-
-        x9ECParameters = NISTNamedCurves.getByName("P-384");
-        ecDomainParameters = new ECDomainParameters(x9ECParameters.getCurve(), x9ECParameters.getG(), x9ECParameters.getN());
-
-        privKey = new ECPrivateKeyParameters(new BigInteger("6B9D3DAD2E1B8C1C05B19875B6659F4DE23C3B667BF297BA9AA47740787137D8" +
-                                                            "96D5724E4C70A825F872C9EA60D2EDF5", 16), ecDomainParameters);
-
-        doTestHMACDetECDSASample(new SHA1Digest(), privKey, new BigInteger("EC748D839243D6FBEF4FC5C4859A7DFFD7F3ABDDF72014540C16D73309834FA3" +
-                                                                    "7B9BA002899F6FDA3A4A9386790D4EB2", 16),
-                                                            new BigInteger("A3BCFA947BEEF4732BF247AC17F71676CB31A847B9FF0CBC9C9ED4C1A5B3FACF" +
-                                                                    "26F49CA031D4857570CCB5CA4424A443", 16));
-        doTestHMACDetECDSASample(new SHA224Digest(), privKey, new BigInteger("42356E76B55A6D9B4631C865445DBE54E056D3B3431766D0509244793C3F9366" +
-                                                                        "450F76EE3DE43F5A125333A6BE060122", 16),
-                                                              new BigInteger("9DA0C81787064021E78DF658F2FBB0B042BF304665DB721F077A4298B095E483" +
-                                                                        "4C082C03D83028EFBF93A3C23940CA8D", 16));
-        doTestHMACDetECDSASample(new SHA256Digest(), privKey, new BigInteger("21B13D1E013C7FA1392D03C5F99AF8B30C570C6F98D4EA8E354B63A21D3DAA33" +
-                                                                        "BDE1E888E63355D92FA2B3C36D8FB2CD", 16),
-                                                                new BigInteger("F3AA443FB107745BF4BD77CB3891674632068A10CA67E3D45DB2266FA7D1FEEB" +
-                                                                        "EFDC63ECCD1AC42EC0CB8668A4FA0AB0", 16));
-        doTestHMACDetECDSASample(new SHA384Digest(), privKey, new BigInteger("94EDBB92A5ECB8AAD4736E56C691916B3F88140666CE9FA73D64C4EA95AD133C" +
-                                                                        "81A648152E44ACF96E36DD1E80FABE46", 16),
-                                                                new BigInteger("99EF4AEB15F178CEA1FE40DB2603138F130E740A19624526203B6351D0A3A94F" +
-                                                                        "A329C145786E679E7B82C71A38628AC8", 16));
-        doTestHMACDetECDSASample(new SHA512Digest(), privKey, new BigInteger("ED0959D5880AB2D869AE7F6C2915C6D60F96507F9CB3E047C0046861DA4A799C" +
-                                                                        "FE30F35CC900056D7C99CD7882433709", 16),
-                                                                new BigInteger("512C8CCEEE3890A84058CE1E22DBC2198F42323CE8ACA9135329F03C068E5112" +
-                                                                        "DC7CC3EF3446DEFCEB01A45C2667FDD5", 16));
-
-        doTestHMACDetECDSATest(new SHA1Digest(), privKey, new BigInteger("4BC35D3A50EF4E30576F58CD96CE6BF638025EE624004A1F7789A8B8E43D0678" +
-                                                                    "ACD9D29876DAF46638645F7F404B11C7", 16),
-                                                            new BigInteger("D5A6326C494ED3FF614703878961C0FDE7B2C278F9A65FD8C4B7186201A29916" +
-                                                                    "95BA1C84541327E966FA7B50F7382282", 16));
-        doTestHMACDetECDSATest(new SHA224Digest(), privKey, new BigInteger("E8C9D0B6EA72A0E7837FEA1D14A1A9557F29FAA45D3E7EE888FC5BF954B5E624" +
-                                                                    "64A9A817C47FF78B8C11066B24080E72", 16),
-                                                            new BigInteger("07041D4A7A0379AC7232FF72E6F77B6DDB8F09B16CCE0EC3286B2BD43FA8C614" +
-                                                                    "1C53EA5ABEF0D8231077A04540A96B66", 16));
-        doTestHMACDetECDSATest(new SHA256Digest(), privKey, new BigInteger("6D6DEFAC9AB64DABAFE36C6BF510352A4CC27001263638E5B16D9BB51D451559" +
-                                                                    "F918EEDAF2293BE5B475CC8F0188636B", 16),
-                                                            new BigInteger("2D46F3BECBCC523D5F1A1256BF0C9B024D879BA9E838144C8BA6BAEB4B53B47D" +
-                                                                    "51AB373F9845C0514EEFB14024787265", 16));
-        doTestHMACDetECDSATest(new SHA384Digest(), privKey, new BigInteger("8203B63D3C853E8D77227FB377BCF7B7B772E97892A80F36AB775D509D7A5FEB" +
-                                                                    "0542A7F0812998DA8F1DD3CA3CF023DB", 16),
-                                                            new BigInteger("DDD0760448D42D8A43AF45AF836FCE4DE8BE06B485E9B61B827C2F13173923E0" +
-                                                                    "6A739F040649A667BF3B828246BAA5A5", 16));
-        doTestHMACDetECDSATest(new SHA512Digest(), privKey, new BigInteger("A0D5D090C9980FAF3C2CE57B7AE951D31977DD11C775D314AF55F76C676447D0" +
-                                                                    "6FB6495CD21B4B6E340FC236584FB277", 16),
-                                                            new BigInteger("976984E59B4C77B0E8E4460DCA3D9F20E07B9BB1F63BEEFAF576F6B2E8B22463" +
-                                                                    "4A2092CD3792E0159AD9CEE37659C736", 16));
-
-        x9ECParameters = NISTNamedCurves.getByName("P-521");
-        ecDomainParameters = new ECDomainParameters(x9ECParameters.getCurve(), x9ECParameters.getG(), x9ECParameters.getN());
-
-        privKey = new ECPrivateKeyParameters(new BigInteger("0FAD06DAA62BA3B25D2FB40133DA757205DE67F5BB0018FEE8C86E1B68C7E75C" +
-                                                            "AA896EB32F1F47C70855836A6D16FCC1466F6D8FBEC67DB89EC0C08B0E996B83" +
-                                                            "538", 16), ecDomainParameters);
-
-        doTestHMACDetECDSASample(new SHA1Digest(), privKey,   new BigInteger("0343B6EC45728975EA5CBA6659BBB6062A5FF89EEA58BE3C80B619F322C87910" +
-                                                                             "FE092F7D45BB0F8EEE01ED3F20BABEC079D202AE677B243AB40B5431D497C55D" +
-                                                                             "75D", 16),
-                                                              new BigInteger("0E7B0E675A9B24413D448B8CC119D2BF7B2D2DF032741C096634D6D65D0DBE3D" +
-                                                                             "5694625FB9E8104D3B842C1B0E2D0B98BEA19341E8676AEF66AE4EBA3D5475D5" +
-                                                                             "D16", 16));
-        doTestHMACDetECDSASample(new SHA224Digest(), privKey, new BigInteger("1776331CFCDF927D666E032E00CF776187BC9FDD8E69D0DABB4109FFE1B5E2A3" +
-                                                                            "0715F4CC923A4A5E94D2503E9ACFED92857B7F31D7152E0F8C00C15FF3D87E2E" +
-                                                                            "D2E", 16),
-                                                              new BigInteger("050CB5265417FE2320BBB5A122B8E1A32BD699089851128E360E620A30C7E17B" +
-                                                                            "A41A666AF126CE100E5799B153B60528D5300D08489CA9178FB610A2006C254B" +
-                                                                            "41F", 16));
-        doTestHMACDetECDSASample(new SHA256Digest(), privKey, new BigInteger("1511BB4D675114FE266FC4372B87682BAECC01D3CC62CF2303C92B3526012659" +
-                                                                             "D16876E25C7C1E57648F23B73564D67F61C6F14D527D54972810421E7D87589E" +
-                                                                             "1A7", 16),
-                                                              new BigInteger("04A171143A83163D6DF460AAF61522695F207A58B95C0644D87E52AA1A347916" +
-                                                                              "E4F7A72930B1BC06DBE22CE3F58264AFD23704CBB63B29B931F7DE6C9D949A7E" +
-                                                                              "CFC", 16));
-        doTestHMACDetECDSASample(new SHA384Digest(), privKey, new BigInteger("1EA842A0E17D2DE4F92C15315C63DDF72685C18195C2BB95E572B9C5136CA4B4" +
-                                                                            "B576AD712A52BE9730627D16054BA40CC0B8D3FF035B12AE75168397F5D50C67" +
-                                                                            "451", 16),
-                                                              new BigInteger("1F21A3CEE066E1961025FB048BD5FE2B7924D0CD797BABE0A83B66F1E35EEAF5" +
-                                                                              "FDE143FA85DC394A7DEE766523393784484BDF3E00114A1C857CDE1AA203DB65" +
-                                                                              "D61", 16));
-        doTestHMACDetECDSASample(new SHA512Digest(), privKey, new BigInteger("0C328FAFCBD79DD77850370C46325D987CB525569FB63C5D3BC53950E6D4C5F1" +
-                                                                            "74E25A1EE9017B5D450606ADD152B534931D7D4E8455CC91F9B15BF05EC36E37" +
-                                                                            "7FA", 16),
-                                                              new BigInteger("0617CCE7CF5064806C467F678D3B4080D6F1CC50AF26CA209417308281B68AF2" +
-                                                                              "82623EAA63E5B5C0723D8B8C37FF0777B1A20F8CCB1DCCC43997F1EE0E44DA4A" +
-                                                                              "67A", 16));
-
-        doTestHMACDetECDSATest(new SHA1Digest(), privKey,   new BigInteger("13BAD9F29ABE20DE37EBEB823C252CA0F63361284015A3BF430A46AAA80B87B0" +
-                                                                    "693F0694BD88AFE4E661FC33B094CD3B7963BED5A727ED8BD6A3A202ABE009D0" +
-                                                                    "367", 16),
-                                                              new BigInteger("1E9BB81FF7944CA409AD138DBBEE228E1AFCC0C890FC78EC8604639CB0DBDC90" +
-                                                                  "F717A99EAD9D272855D00162EE9527567DD6A92CBD629805C0445282BBC91679" +
-                                                                  "7FF", 16));
-        doTestHMACDetECDSATest(new SHA224Digest(), privKey, new BigInteger("1C7ED902E123E6815546065A2C4AF977B22AA8EADDB68B2C1110E7EA44D42086" +
-                                                                    "BFE4A34B67DDC0E17E96536E358219B23A706C6A6E16BA77B65E1C595D43CAE1" +
-                                                                    "7FB", 16),
-                                                              new BigInteger("177336676304FCB343CE028B38E7B4FBA76C1C1B277DA18CAD2A8478B2A9A9F5" +
-                                                                  "BEC0F3BA04F35DB3E4263569EC6AADE8C92746E4C82F8299AE1B8F1739F8FD51" +
-                                                                  "9A4", 16));
-        doTestHMACDetECDSATest(new SHA256Digest(), privKey, new BigInteger("00E871C4A14F993C6C7369501900C4BC1E9C7B0B4BA44E04868B30B41D807104" +
-                                                                    "2EB28C4C250411D0CE08CD197E4188EA4876F279F90B3D8D74A3C76E6F1E4656" +
-                                                                    "AA8", 16),
-                                                              new BigInteger("0CD52DBAA33B063C3A6CD8058A1FB0A46A4754B034FCC644766CA14DA8CA5CA9" +
-                                                                  "FDE00E88C1AD60CCBA759025299079D7A427EC3CC5B619BFBC828E7769BCD694" +
-                                                                  "E86", 16));
-        doTestHMACDetECDSATest(new SHA384Digest(), privKey, new BigInteger("14BEE21A18B6D8B3C93FAB08D43E739707953244FDBE924FA926D76669E7AC8C" +
-                                                                    "89DF62ED8975C2D8397A65A49DCC09F6B0AC62272741924D479354D74FF60755" +
-                                                                    "78C", 16),
-                                                              new BigInteger("133330865C067A0EAF72362A65E2D7BC4E461E8C8995C3B6226A21BD1AA78F0E" +
-                                                                  "D94FE536A0DCA35534F0CD1510C41525D163FE9D74D134881E35141ED5E8E95B" +
-                                                                  "979", 16));
-        doTestHMACDetECDSATest(new SHA512Digest(), privKey, new BigInteger("13E99020ABF5CEE7525D16B69B229652AB6BDF2AFFCAEF38773B4B7D08725F10" +
-                                                                    "CDB93482FDCC54EDCEE91ECA4166B2A7C6265EF0CE2BD7051B7CEF945BABD47E" +
-                                                                    "E6D", 16),
-                                                              new BigInteger("1FBD0013C674AA79CB39849527916CE301C66EA7CE8B80682786AD60F98F7E78" +
-                                                                  "A19CA69EFF5C57400E3B3A0AD66CE0978214D13BAF4E9AC60752F7B155E2DE4D" +
-                                                                  "CE3", 16));
-
-        x9ECParameters = NISTNamedCurves.getByName("B-163");
-        ecDomainParameters = new ECDomainParameters(x9ECParameters.getCurve(), x9ECParameters.getG(), x9ECParameters.getN());
-
-        privKey = new ECPrivateKeyParameters(new BigInteger("35318FC447D48D7E6BC93B48617DDDEDF26AA658F", 16), ecDomainParameters);
-
-        doTestHMACDetECDSASample(new SHA1Digest(), privKey,   new BigInteger("153FEBD179A69B6122DEBF5BC61EB947B24C93526", 16), new BigInteger("37AC9C670F8CF18045049BAE7DD35553545C19E49", 16));
-        doTestHMACDetECDSASample(new SHA224Digest(), privKey, new BigInteger("0A379E69C44F9C16EA3215EA39EB1A9B5D58CC955", 16), new BigInteger("04BAFF5308DA2A7FE2C1742769265AD3ED1D24E74", 16));
-        doTestHMACDetECDSASample(new SHA256Digest(), privKey, new BigInteger("134E00F78FC1CB9501675D91C401DE20DDF228CDC", 16), new BigInteger("373273AEC6C36CB7BAFBB1903A5F5EA6A1D50B624", 16));
-        doTestHMACDetECDSASample(new SHA384Digest(), privKey, new BigInteger("29430B935AF8E77519B0CA4F6903B0B82E6A21A66", 16), new BigInteger("1EA1415306E9353FA5AA54BC7C2581DFBB888440D", 16));
-        doTestHMACDetECDSASample(new SHA512Digest(), privKey, new BigInteger("0B2F177A99F9DF2D51CCAF55F015F326E4B65E7A0", 16), new BigInteger("0DF1FB4487E9B120C5E970EFE48F55E406306C3A1", 16));
-
-        doTestHMACDetECDSATest(new SHA1Digest(), privKey,   new BigInteger("256D4079C6C7169B8BC92529D701776A269D56308", 16), new BigInteger("341D3FFEC9F1EB6A6ACBE88E3C86A1C8FDEB8B8E1", 16));
-        doTestHMACDetECDSATest(new SHA224Digest(), privKey, new BigInteger("28ECC6F1272CE80EA59DCF32F7AC2D861BA803393", 16), new BigInteger("0AD4AE2C06E60183C1567D2B82F19421FE3053CE2", 16));
-        doTestHMACDetECDSATest(new SHA256Digest(), privKey, new BigInteger("227DF377B3FA50F90C1CB3CDCBBDBA552C1D35104", 16), new BigInteger("1F7BEAD92583FE920D353F368C1960D0E88B46A56", 16));
-        doTestHMACDetECDSATest(new SHA384Digest(), privKey, new BigInteger("11811DAFEEA441845B6118A0DFEE8A0061231337D", 16), new BigInteger("36258301865EE48C5C6F91D63F62695002AB55B57", 16));
-        doTestHMACDetECDSATest(new SHA512Digest(), privKey, new BigInteger("3B6BB95CA823BE2ED8E3972FF516EB8972D765571", 16), new BigInteger("13DC6F420628969DF900C3FCC48220B38BE24A541", 16));
-
-        x9ECParameters = NISTNamedCurves.getByName("B-233");
-        ecDomainParameters = new ECDomainParameters(x9ECParameters.getCurve(), x9ECParameters.getG(), x9ECParameters.getN());
-
-        privKey = new ECPrivateKeyParameters(new BigInteger("07ADC13DD5BF34D1DDEEB50B2CE23B5F5E6D18067306D60C5F6FF11E5D3", 16), ecDomainParameters);
-
-        doTestHMACDetECDSASample(new SHA1Digest(), privKey,   new BigInteger("015CC6FD78BB06E0878E71465515EA5A21A2C18E6FC77B4B158DBEB3944", 16), new BigInteger("0822A4A6C2EB2DF213A5E90BF40377956365EE8C4B4A5A4E2EB9270CB6A", 16));
-        doTestHMACDetECDSASample(new SHA224Digest(), privKey, new BigInteger("05D9920B53471148E10502AB49AB7A3F11084820A074FD89883CF51BC1A", 16), new BigInteger("04D3938900C0A9AAA7080D1DFEB56CFB0FADABE4214536C7ED5117ED13A", 16));
-        doTestHMACDetECDSASample(new SHA256Digest(), privKey, new BigInteger("0A797F3B8AEFCE7456202DF1E46CCC291EA5A49DA3D4BDDA9A4B62D5E0D", 16), new BigInteger("01F6F81DA55C22DA4152134C661588F4BD6F82FDBAF0C5877096B070DC2", 16));
-        doTestHMACDetECDSASample(new SHA384Digest(), privKey, new BigInteger("015E85A8D46225DD7E314A1C4289731FC14DECE949349FE535D11043B85", 16), new BigInteger("03F189D37F50493EFD5111A129443A662AB3C6B289129AD8C0CAC85119C", 16));
-        doTestHMACDetECDSASample(new SHA512Digest(), privKey, new BigInteger("03B62A4BF783919098B1E42F496E65F7621F01D1D466C46940F0F132A95", 16), new BigInteger("0F4BE031C6E5239E7DAA014CBBF1ED19425E49DAEB426EC9DF4C28A2E30", 16));
-
-        doTestHMACDetECDSATest(new SHA1Digest(), privKey,   new BigInteger("02F1FEDC57BE203E4C8C6B8C1CEB35E13C1FCD956AB41E3BD4C8A6EFB1F", 16), new BigInteger("05738EC8A8EDEA8E435EE7266AD3EDE1EEFC2CEBE2BE1D614008D5D2951", 16));
-        doTestHMACDetECDSATest(new SHA224Digest(), privKey, new BigInteger("0CCE175124D3586BA7486F7146894C65C2A4A5A1904658E5C7F9DF5FA5D", 16), new BigInteger("08804B456D847ACE5CA86D97BF79FD6335E5B17F6C0D964B5D0036C867E", 16));
-        doTestHMACDetECDSATest(new SHA256Digest(), privKey, new BigInteger("035C3D6DFEEA1CFB29B93BE3FDB91A7B130951770C2690C16833A159677", 16), new BigInteger("0600F7301D12AB376B56D4459774159ADB51F97E282FF384406AFD53A02", 16));
-        doTestHMACDetECDSATest(new SHA384Digest(), privKey, new BigInteger("061602FC8068BFD5FB86027B97455D200EC603057446CCE4D76DB8EF42C", 16), new BigInteger("03396DD0D59C067BB999B422D9883736CF9311DFD6951F91033BD03CA8D", 16));
-        doTestHMACDetECDSATest(new SHA512Digest(), privKey, new BigInteger("07E12CB60FDD614958E8E34B3C12DDFF35D85A9C5800E31EA2CC2EF63B1", 16), new BigInteger("0E8970FD99D836F3CC1C807A2C58760DE6EDAA23705A82B9CB1CE93FECC", 16));
-
-        x9ECParameters = NISTNamedCurves.getByName("B-283");
-        ecDomainParameters = new ECDomainParameters(x9ECParameters.getCurve(), x9ECParameters.getG(), x9ECParameters.getN());
-
-        privKey = new ECPrivateKeyParameters(new BigInteger("14510D4BC44F2D26F4553942C98073C1BD35545CEABB5CC138853C5158D2729EA408836", 16), ecDomainParameters);
-
-        doTestHMACDetECDSASample(new SHA1Digest(), privKey,   new BigInteger("201E18D48C6DB3D5D097C4DCE1E25587E1501FC3CF47BDB5B4289D79E273D6A9" +
-            "ACB8285", 16), new BigInteger("151AE05712B024CE617358260774C8CA8B0E7A7E72EF8229BF2ACE7609560CB3" +
-            "0322C4F", 16));
-        doTestHMACDetECDSASample(new SHA224Digest(), privKey, new BigInteger("143E878DDFD4DF40D97B8CD638B3C4706501C2201CF7108F2FB91478C11D6947" +
-            "3246925", 16), new BigInteger("0CBF1B9717FEEA3AABB09D9654110144267098E0E1E8D0289A6211BE0EEDFDD8" +
-            "6A3DB79", 16));
-        doTestHMACDetECDSASample(new SHA256Digest(), privKey, new BigInteger("29FD82497FB3E5CEF65579272138DE59E2B666B8689466572B3B69A172CEE83B" +
-            "E145659", 16), new BigInteger("05A89D9166B40795AF0FE5958201B9C0523E500013CA12B4840EA2BC53F25F9B" +
-            "3CE87C0", 16));
-        doTestHMACDetECDSASample(new SHA384Digest(), privKey, new BigInteger("2F00689C1BFCD2A8C7A41E0DE55AE182E6463A152828EF89FE3525139B660329" +
-            "4E69353", 16), new BigInteger("1744514FE0A37447250C8A329EAAADA81572226CABA16F39270EE5DD03F27B1F" +
-            "665EB5D", 16));
-        doTestHMACDetECDSASample(new SHA512Digest(), privKey, new BigInteger("0DA43A9ADFAA6AD767998A054C6A8F1CF77A562924628D73C62761847AD8286E" +
-            "0D91B47", 16), new BigInteger("1D118733AE2C88357827CAFC6F68ABC25C80C640532925E95CFE66D40F8792F3" +
-            "AC44C42", 16));
-
-        doTestHMACDetECDSATest(new SHA1Digest(), privKey,   new BigInteger("05A408133919F2CDCDBE5E4C14FBC706C1F71BADAFEF41F5DE4EC27272FC1CA9" +
-            "366FBB2", 16), new BigInteger("012966272872C097FEA7BCE64FAB1A81982A773E26F6E4EF7C99969846E67CA9" +
-            "CBE1692", 16));
-        doTestHMACDetECDSATest(new SHA224Digest(), privKey, new BigInteger("08F3824E40C16FF1DDA8DC992776D26F4A5981AB5092956C4FDBB4F1AE0A711E" +
-            "EAA10E5", 16), new BigInteger("0A64B91EFADB213E11483FB61C73E3EF63D3B44EEFC56EA401B99DCC60CC28E9" +
-            "9F0F1FA", 16));
-        doTestHMACDetECDSATest(new SHA256Digest(), privKey, new BigInteger("3597B406F5329D11A79E887847E5EC60861CCBB19EC61F252DB7BD549C699951" +
-            "C182796", 16), new BigInteger("0A6A100B997BC622D91701D9F5C6F6D3815517E577622DA69D3A0E8917C1CBE6" +
-            "3ACD345", 16));
-        doTestHMACDetECDSATest(new SHA384Digest(), privKey, new BigInteger("1BB490926E5A1FDC7C5AA86D0835F9B994EDA315CA408002AF54A298728D422E" +
-            "BF59E4C", 16), new BigInteger("36C682CFC9E2C89A782BFD3A191609D1F0C1910D5FD6981442070393159D65FB" +
-            "CC0A8BA", 16));
-        doTestHMACDetECDSATest(new SHA512Digest(), privKey, new BigInteger("19944AA68F9778C2E3D6E240947613E6DA60EFCE9B9B2C063FF5466D72745B5A" +
-            "0B25BA2", 16), new BigInteger("03F1567B3C5B02DF15C874F0EE22850824693D5ADC4663BAA19E384E550B1DD4" +
-            "1F31EE6", 16));
-
-        x9ECParameters = NISTNamedCurves.getByName("B-409");
-        ecDomainParameters = new ECDomainParameters(x9ECParameters.getCurve(), x9ECParameters.getG(), x9ECParameters.getN());
-
-        privKey = new ECPrivateKeyParameters(new BigInteger("0494994CC325B08E7B4CE038BD9436F90B5E59A2C13C3140CD3AE07C04A01FC489F572CE0569A6DB7B8060393DE76330C624177", 16), ecDomainParameters);
-
-        doTestHMACDetECDSASample(new SHA1Digest(), privKey,   new BigInteger("0D8783188E1A540E2022D389E1D35B32F56F8C2BB5636B8ABF7718806B27A713" +
-            "EBAE37F63ECD4B61445CEF5801B62594EF3E982", 16), new BigInteger("03A6B4A80E204DB0DE12E7415C13C9EC091C52935658316B4A0C591216A38791" +
-            "54BEB1712560E346E7EF26517707435B55C3141", 16));
-        doTestHMACDetECDSASample(new SHA224Digest(), privKey, new BigInteger("0EE4F39ACC2E03CE96C3D9FCBAFA5C22C89053662F8D4117752A9B10F09ADFDA" +
-            "59DB061E247FE5321D6B170EE758ACE1BE4D157", 16), new BigInteger("00A2B83265B456A430A8BF27DCC8A9488B3F126C10F0D6D64BF7B8A218FAAF20" +
-            "E51A295A3AE78F205E5A4A6AE224C3639F1BB34", 16));
-        doTestHMACDetECDSASample(new SHA256Digest(), privKey, new BigInteger("02D8B1B31E33E74D7EB46C30FDE5AD2CA04EC8FE08FBA0E73BA5E568953AC5EA" +
-            "307C072942238DFC07F4A4D7C7C6A9F86436D17", 16), new BigInteger("079F7D471E6CB73234AF7F7C381D2CE15DE35BAF8BB68393B73235B3A26EC2DF" +
-            "4842CE433FB492D6E074E604D4870024D42189A", 16));
-        doTestHMACDetECDSASample(new SHA384Digest(), privKey, new BigInteger("07BC638B7E7CE6FEE5E9C64A0F966D722D01BB4BC3F3A35F30D4CDDA92DFC5F7" +
-            "F0B4BBFE8065D9AD452FD77A1914BE3A2440C18", 16), new BigInteger("06D904429850521B28A32CBF55C7C0FDF35DC4E0BDA2552C7BF68A171E970E67" +
-            "88ACC0B9521EACB4796E057C70DD9B95FED5BFB", 16));
-        doTestHMACDetECDSASample(new SHA512Digest(), privKey, new BigInteger("05D178DECAFD2D02A3DA0D8BA1C4C1D95EE083C760DF782193A9F7B4A8BE6FC5" +
-            "C21FD60613BCA65C063A61226E050A680B3ABD4", 16), new BigInteger("013B7581E98F6A63FBBCB3E49BCDA60F816DB230B888506D105DC229600497C3" +
-            "B46588C784BE3AA9343BEF82F7C9C80AEB63C3B", 16));
-
-        doTestHMACDetECDSATest(new SHA1Digest(), privKey, new BigInteger("049F54E7C10D2732B4638473053782C6919218BBEFCEC8B51640FC193E832291" +
-            "F05FA12371E9B448417B3290193F08EE9319195", 16), new BigInteger("0499E267DEC84E02F6F108B10E82172C414F15B1B7364BE8BFD66ADC0C5DE23F" +
-            "EE3DF0D811134C25AFE0E05A6672F98889F28F1", 16));
-        doTestHMACDetECDSATest(new SHA224Digest(), privKey, new BigInteger("0B1527FFAA7DD7C7E46B628587A5BEC0539A2D04D3CF27C54841C2544E1BBDB4" +
-            "2FDBDAAF8671A4CA86DFD619B1E3732D7BB56F2", 16), new BigInteger("0442C68C044868DF4832C807F1EDDEBF7F5052A64B826FD03451440794063F52" +
-            "B022DF304F47403D4069234CA9EB4C964B37C02", 16));
-        doTestHMACDetECDSATest(new SHA256Digest(), privKey, new BigInteger("0BB27755B991D6D31757BCBF68CB01225A38E1CFA20F775E861055DD108ED7EA" +
-            "455E4B96B2F6F7CD6C6EC2B3C70C3EDDEB9743B", 16), new BigInteger("0C5BE90980E7F444B5F7A12C9E9AC7A04CA81412822DD5AD1BE7C45D5032555E" +
-            "A070864245CF69266871FEB8CD1B7EDC30EF6D5", 16));
-        doTestHMACDetECDSATest(new SHA384Digest(), privKey, new BigInteger("04EFEB7098772187907C87B33E0FBBA4584226C50C11E98CA7AAC6986F8D3BE0" +
-            "44E5B52D201A410B852536527724CA5F8CE6549", 16), new BigInteger("09574102FEB3EF87E6D66B94119F5A6062950FF4F902EA1E6BD9E2037F33FF99" +
-            "1E31F5956C23AFE48FCDC557FD6F088C7C9B2B3", 16));
-        doTestHMACDetECDSATest(new SHA512Digest(), privKey, new BigInteger("07E0249C68536AE2AEC2EC30090340DA49E6DC9E9EEC8F85E5AABFB234B6DA7D" +
-            "2E9524028CF821F21C6019770474CC40B01FAF6", 16), new BigInteger("08125B5A03FB44AE81EA46D446130C2A415ECCA265910CA69D55F2453E16CD7B" +
-            "2DFA4E28C50FA8137F9C0C6CEE4CD37ABCCF6D8", 16));
-
-        x9ECParameters = NISTNamedCurves.getByName("B-571");
-        ecDomainParameters = new ECDomainParameters(x9ECParameters.getCurve(), x9ECParameters.getG(), x9ECParameters.getN());
-
-        privKey = new ECPrivateKeyParameters(new BigInteger("028A04857F24C1C082DF0D909C0E72F453F2E2340CCB071F0E389BCA2575DA19" +
-                                                            "124198C57174929AD26E348CF63F78D28021EF5A9BF2D5CBEAF6B7CCB6C4DA82" +
-                                                            "4DD5C82CFB24E11", 16), ecDomainParameters);
-
-        doTestHMACDetECDSASample(new SHA1Digest(), privKey, new BigInteger("147D3EB0EDA9F2152DFD014363D6A9CE816D7A1467D326A625FC4AB0C786E1B7" +
-                                                                            "4DDF7CD4D0E99541391B266C704BB6B6E8DCCD27B460802E0867143727AA4155" +
-                                                                            "55454321EFE5CB6", 16),
-                                                              new BigInteger("17319571CAF533D90D2E78A64060B9C53169AB7FC908947B3EDADC54C79CCF0A" +
-                                                                              "7920B4C64A4EAB6282AFE9A459677CDA37FD6DD50BEF18709590FE18B923BDF7" +
-                                                                              "4A66B189A850819", 16));
-
-        doTestHMACDetECDSASample(new SHA224Digest(), privKey, new BigInteger("10F4B63E79B2E54E4F4F6A2DBC786D8F4A143ECA7B2AD97810F6472AC6AE2085" +
-                                                                            "3222854553BE1D44A7974599DB7061AE8560DF57F2675BE5F9DD94ABAF3D47F1" +
-                                                                            "582B318E459748B", 16),
-                                                              new BigInteger("3BBEA07C6B269C2B7FE9AE4DDB118338D0C2F0022920A7F9DCFCB7489594C03B" +
-                                                                              "536A9900C4EA6A10410007222D3DAE1A96F291C4C9275D75D98EB290DC0EEF17" +
-                                                                              "6037B2C7A7A39A3", 16));
-
-        doTestHMACDetECDSASample(new SHA256Digest(), privKey, new BigInteger("213EF9F3B0CFC4BF996B8AF3A7E1F6CACD2B87C8C63820000800AC787F17EC99" +
-                                                                            "C04BCEDF29A8413CFF83142BB88A50EF8D9A086AF4EB03E97C567500C21D8657" +
-                                                                            "14D832E03C6D054", 16),
-                                                              new BigInteger("3D32322559B094E20D8935E250B6EC139AC4AAB77920812C119AF419FB62B332" +
-                                                                              "C8D226C6C9362AE3C1E4AABE19359B8428EA74EC8FBE83C8618C2BCCB6B43FBA" +
-                                                                              "A0F2CCB7D303945", 16));
-
-        doTestHMACDetECDSASample(new SHA384Digest(), privKey, new BigInteger("375D8F49C656A0BBD21D3F54CDA287D853C4BB1849983CD891EF6CD6BB56A62B" +
-                                                                            "687807C16685C2C9BCA2663C33696ACCE344C45F3910B1DF806204FF731ECB28" +
-                                                                            "9C100EF4D1805EC", 16),
-                                                              new BigInteger("1CDEC6F46DFEEE44BCE71D41C60550DC67CF98D6C91363625AC2553E4368D2DF" +
-                                                                            "B734A8E8C72E118A76ACDB0E58697940A0F3DF49E72894BD799450FC9E550CC0" +
-                                                                            "4B9FF9B0380021C", 16));
-        doTestHMACDetECDSASample(new SHA512Digest(), privKey, new BigInteger("1C26F40D940A7EAA0EB1E62991028057D91FEDA0366B606F6C434C361F04E545" +
-                                                                            "A6A51A435E26416F6838FFA260C617E798E946B57215284182BE55F29A355E60" +
-                                                                            "24FE32A47289CF0", 16),
-                                                              new BigInteger("3691DE4369D921FE94EDDA67CB71FBBEC9A436787478063EB1CC778B3DCDC1C4" +
-                                                                            "162662752D28DEEDF6F32A269C82D1DB80C87CE4D3B662E03AC347806E3F19D1" +
-                                                                            "8D6D4DE7358DF7E", 16));
-
-        doTestHMACDetECDSATest(new SHA1Digest(), privKey, new BigInteger("133F5414F2A9BC41466D339B79376038A64D045E5B0F792A98E5A7AA87E0AD01" +
-            "6419E5F8D176007D5C9C10B5FD9E2E0AB8331B195797C0358BA05ECBF24ACE59" +
-            "C5F368A6C0997CC", 16),
-            new BigInteger("3D16743AE9F00F0B1A500F738719C5582550FEB64689DA241665C4CE4F328BA0" +
-                "E34A7EF527ED13BFA5889FD2D1D214C11EB17D6BC338E05A56F41CAFF1AF7B8D" +
-                "574DB62EF0D0F21", 16));
-
-        doTestHMACDetECDSATest(new SHA224Digest(), privKey, new BigInteger("3048E76506C5C43D92B2E33F62B33E3111CEEB87F6C7DF7C7C01E3CDA28FA5E8" +
-            "BE04B5B23AA03C0C70FEF8F723CBCEBFF0B7A52A3F5C8B84B741B4F6157E69A5" +
-            "FB0524B48F31828", 16),
-            new BigInteger("2C99078CCFE5C82102B8D006E3703E020C46C87C75163A2CD839C885550BA5CB" +
-                "501AC282D29A1C26D26773B60FBE05AAB62BFA0BA32127563D42F7669C97784C" +
-                "8897C22CFB4B8FA", 16));
-
-        doTestHMACDetECDSATest(new SHA256Digest(), privKey, new BigInteger("184BC808506E11A65D628B457FDA60952803C604CC7181B59BD25AEE1411A66D" +
-                                                                    "12A777F3A0DC99E1190C58D0037807A95E5080FA1B2E5CCAA37B50D401CFFC34" +
-                                                                    "17C005AEE963469", 16),
-                                                              new BigInteger("27280D45F81B19334DBDB07B7E63FE8F39AC7E9AE14DE1D2A6884D2101850289" +
-                                                                  "D70EE400F26ACA5E7D73F534A14568478E59D00594981ABE6A1BA18554C13EB5" +
-                                                                  "E03921E4DC98333", 16));
-
-        doTestHMACDetECDSATest(new SHA384Digest(), privKey, new BigInteger("319EE57912E7B0FAA1FBB145B0505849A89C6DB1EC06EA20A6A7EDE072A6268A" +
-            "F6FD9C809C7E422A5F33C6C3326EAD7402467DF3272A1B2726C1C20975950F0F" +
-            "50D8324578F13EC", 16),
-            new BigInteger("2CF3EA27EADD0612DD2F96F46E89AB894B01A10DF985C5FC099CFFE0EA083EB4" +
-                "4BE682B08BFE405DAD5F37D0A2C59015BA41027E24B99F8F75A70B6B7385BF39" +
-                "BBEA02513EB880C", 16));
-        doTestHMACDetECDSATest(new SHA512Digest(), privKey, new BigInteger("2AA1888EAB05F7B00B6A784C4F7081D2C833D50794D9FEAF6E22B8BE728A2A90" +
-            "BFCABDC803162020AA629718295A1489EE7ED0ECB8AAA197B9BDFC49D18DDD78" +
-            "FC85A48F9715544", 16),
-            new BigInteger("0AA5371FE5CA671D6ED9665849C37F394FED85D51FEF72DA2B5F28EDFB2C6479" +
-                "CA63320C19596F5E1101988E2C619E302DD05112F47E8823040CE540CD3E90DC" +
-                "F41DBC461744EE9", 16));
-
-    }
-
-    private void doTestHMACDetECDSASample(Digest digest, ECPrivateKeyParameters privKey, BigInteger r, BigInteger s)
-    {
-        doTestHMACDetECDSA(new ECDSASigner(new HMacDSAKCalculator(digest)), digest, SAMPLE, privKey, r, s);
-    }
-
-    private void doTestHMACDetECDSATest(Digest digest, ECPrivateKeyParameters privKey, BigInteger r, BigInteger s)
-    {
-        doTestHMACDetECDSA(new ECDSASigner(new HMacDSAKCalculator(digest)), digest, TEST, privKey, r, s);
-    }
-
-    private void doTestHMACDetECDSA(DSA detSigner, Digest digest, byte[] data, CipherParameters privKey, BigInteger r, BigInteger s)
-    {
-        byte[] m = new byte[digest.getDigestSize()];
-
-        digest.update(data, 0, data.length);
-
-        digest.doFinal(m, 0);
-
-        detSigner.init(true, privKey);
-
-        BigInteger[] rs = detSigner.generateSignature(m);
-
-        if (!r.equals(rs[0]))
-        {
-            fail("r value wrong, got " + rs[0].toString(16));
-        }
-        if (!s.equals(rs[1]))
-        {
-            fail("s value wrong, got " + rs[1].toString(16));
-        }
-    }
-
-    public String getName()
-    {
-        return "DeterministicDSA";
-    }
-
-    public void performTest()
-    {
-        testHMacDeterministic();
-        testECHMacDeterministic();
-    }
-
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new DeterministicDSATest());
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/DigestRandomNumberTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/DigestRandomNumberTest.java
deleted file mode 100644
index 7bcaea8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/DigestRandomNumberTest.java
+++ /dev/null

@@ -1,152 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.crypto.prng.DigestRandomGenerator;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.Digest;
-
-public class DigestRandomNumberTest
-    extends SimpleTest
-{
-    private static final byte[] ZERO_SEED = { 0, 0, 0, 0, 0, 0, 0, 0 };
-
-    private static final byte[] TEST_SEED = Hex.decode("81dcfafc885914057876");
-
-    private static final byte[] expected0SHA1 = Hex.decode("95bca677b3d4ff793213c00892d2356ec729ee02");
-    private static final byte[] noCycle0SHA1 = Hex.decode("d57ccd0eb12c3938d59226412bc1268037b6b846");
-    private static final byte[] expected0SHA256 = Hex.decode("587e2dfd597d086e47ddcd343eac983a5c913bef8c6a1a560a5c1bc3a74b0991");
-    private static final byte[] noCycle0SHA256 = Hex.decode("e5776c4483486ba7be081f4e1b9dafbab25c8fae290fd5474c1ceda2c16f9509");
-    private static final byte[] expected100SHA1 = Hex.decode("b9d924092546e0876cafd4937d7364ebf9efa4be");
-    private static final byte[] expected100SHA256 = Hex.decode("fbc4aa54b948b99de104c44563a552899d718bb75d1941cc62a2444b0506abaf");
-    private static final byte[] expectedTestSHA1 = Hex.decode("e9ecef9f5306daf1ac51a89a211a64cb24415649");
-    private static final byte[] expectedTestSHA256 = Hex.decode("bdab3ca831b472a2fa09bd1bade541ef16c96640a91fcec553679a136061de98");
-
-    private static final byte[] sha1Xors = Hex.decode("7edcc1216934f3891b03ffa65821611a3e2b1f79");
-    private static final byte[] sha256Xors = Hex.decode("5ec48189cc0aa71e79c707bc3c33ffd47bbba368a83d6cfebf3cd3969d7f3eed");
-
-    public String getName()
-    {
-        return "DigestRandomNumber";
-    }
-
-    private void doExpectedTest(Digest digest, int seed, byte[] expected)
-    {
-        doExpectedTest(digest, seed, expected, null);
-    }
-    
-    private void doExpectedTest(Digest digest, int seed, byte[] expected, byte[] noCycle)
-    {
-        DigestRandomGenerator rGen = new DigestRandomGenerator(digest);
-        byte[] output = new byte[digest.getDigestSize()];
-
-        rGen.addSeedMaterial(seed);
-
-        for (int i = 0; i != 1024; i++)
-        {
-             rGen.nextBytes(output);
-        }
-
-        if (noCycle != null)
-        {
-            if (Arrays.areEqual(noCycle, output))
-            {
-                fail("seed not being cycled!");
-            }
-        }
-
-        if (!Arrays.areEqual(expected, output))
-        {
-            fail("expected output doesn't match");
-        }
-    }
-
-    private void doExpectedTest(Digest digest, byte[] seed, byte[] expected)
-    {
-        DigestRandomGenerator rGen = new DigestRandomGenerator(digest);
-        byte[] output = new byte[digest.getDigestSize()];
-
-        rGen.addSeedMaterial(seed);
-
-        for (int i = 0; i != 1024; i++)
-        {
-             rGen.nextBytes(output);
-        }
-
-        if (!Arrays.areEqual(expected, output))
-        {
-            fail("expected output doesn't match");
-        }
-    }
-
-    private void doCountTest(Digest digest, byte[] seed, byte[] expectedXors)
-    {
-        DigestRandomGenerator rGen = new DigestRandomGenerator(digest);
-        byte[] output = new byte[digest.getDigestSize()];
-        int[] averages = new int[digest.getDigestSize()];
-        byte[] ands = new byte[digest.getDigestSize()];
-        byte[] xors = new byte[digest.getDigestSize()];
-        byte[] ors = new byte[digest.getDigestSize()];
-
-        rGen.addSeedMaterial(seed);
-
-        for (int i = 0; i != 1000000; i++)
-        {
-             rGen.nextBytes(output);
-             for (int j = 0; j != output.length; j++)
-             {
-                 averages[j] += output[j] & 0xff;
-                 ands[j] &= output[j];
-                 xors[j] ^= output[j];
-                 ors[j] |= output[j];
-             }
-        }
-               
-        for (int i = 0; i != output.length; i++)
-        {
-            if ((averages[i] / 1000000) != 127)
-            {
-                fail("average test failed for " + digest.getAlgorithmName());
-            }
-            if (ands[i] != 0)
-            {
-                fail("and test failed for " + digest.getAlgorithmName());
-            }
-            if ((ors[i] & 0xff) != 0xff)
-            {
-                fail("or test failed for " + digest.getAlgorithmName());
-            }
-            if (xors[i] != expectedXors[i])
-            {
-                fail("xor test failed for " + digest.getAlgorithmName());
-            }
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        doExpectedTest(new SHA1Digest(), 0, expected0SHA1, noCycle0SHA1);
-        doExpectedTest(new SHA256Digest(), 0, expected0SHA256, noCycle0SHA256);
-
-        doExpectedTest(new SHA1Digest(), 100, expected100SHA1);
-        doExpectedTest(new SHA256Digest(), 100, expected100SHA256);
-
-        doExpectedTest(new SHA1Digest(), ZERO_SEED, expected0SHA1);
-        doExpectedTest(new SHA256Digest(), ZERO_SEED, expected0SHA256);
-
-        doExpectedTest(new SHA1Digest(), TEST_SEED, expectedTestSHA1);
-        doExpectedTest(new SHA256Digest(), TEST_SEED, expectedTestSHA256);
-
-        doCountTest(new SHA1Digest(), TEST_SEED, sha1Xors);
-        doCountTest(new SHA256Digest(), TEST_SEED, sha256Xors);
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new DigestRandomNumberTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/DigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/DigestTest.java
deleted file mode 100644
index f284351..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/DigestTest.java
+++ /dev/null

@@ -1,246 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.EncodableDigest;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Memoable;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public abstract class DigestTest
-    extends SimpleTest
-{
-    private Digest digest;
-    private String[] input;
-    private String[] results;
-
-    DigestTest(
-        Digest digest,
-        String[] input,
-        String[] results)
-    {
-        this.digest = digest;
-        this.input = input;
-        this.results = results;
-    }
-    
-    public String getName()
-    {
-        return digest.getAlgorithmName();
-    }
-    
-    public void performTest()
-    {
-        byte[] resBuf = new byte[digest.getDigestSize()];
-    
-        for (int i = 0; i < input.length - 1; i++)
-        {
-            byte[] m = toByteArray(input[i]);
-
-            vectorTest(digest, i, resBuf, m, Hex.decode(results[i]));
-        }
-
-        offsetTest(digest, 0, toByteArray(input[0]), Hex.decode(results[0]));
-
-        byte[] lastV = toByteArray(input[input.length - 1]);
-        byte[] lastDigest = Hex.decode(results[input.length - 1]);
-        
-        vectorTest(digest, input.length - 1, resBuf, lastV, Hex.decode(results[input.length - 1]));
-
-        testClone(resBuf, lastV, lastDigest);
-        testMemo(resBuf, lastV, lastDigest);
-        if (digest instanceof EncodableDigest)
-        {
-            testEncodedState(resBuf, lastV, lastDigest);
-        }
-    }
-
-    private void testEncodedState(byte[] resBuf, byte[] input, byte[] expected)
-    {
-        // test state encoding;
-        digest.update(input, 0, input.length / 2);
-
-        // copy the Digest
-        Digest copy1 = cloneDigest(((EncodableDigest)digest).getEncodedState());
-        Digest copy2 = cloneDigest(((EncodableDigest)copy1).getEncodedState());
-
-        digest.update(input, input.length / 2, input.length - input.length / 2);
-
-        digest.doFinal(resBuf, 0);
-
-        if (!areEqual(expected, resBuf))
-        {
-            fail("failing state vector test", expected, new String(Hex.encode(resBuf)));
-        }
-
-        copy1.update(input, input.length / 2, input.length - input.length / 2);
-        copy1.doFinal(resBuf, 0);
-
-        if (!areEqual(expected, resBuf))
-        {
-            fail("failing state copy1 vector test", expected, new String(Hex.encode(resBuf)));
-        }
-
-        copy2.update(input, input.length / 2, input.length - input.length / 2);
-        copy2.doFinal(resBuf, 0);
-
-        if (!areEqual(expected, resBuf))
-        {
-            fail("failing state copy2 vector test", expected, new String(Hex.encode(resBuf)));
-        }
-    }
-
-    private void testMemo(byte[] resBuf, byte[] input, byte[] expected)
-    {
-        Memoable m = (Memoable)digest;
-
-        digest.update(input, 0, input.length/2);
-
-        // copy the Digest
-        Memoable copy1 = m.copy();
-        Memoable copy2 = copy1.copy();
-
-        digest.update(input, input.length/2, input.length - input.length/2);
-        digest.doFinal(resBuf, 0);
-
-        if (!areEqual(expected, resBuf))
-        {
-            fail("failing memo vector test", results[results.length - 1], new String(Hex.encode(resBuf)));
-        }
-
-        m.reset(copy1);
-
-        digest.update(input, input.length/2, input.length - input.length/2);
-        digest.doFinal(resBuf, 0);
-
-        if (!areEqual(expected, resBuf))
-        {
-            fail("failing memo reset vector test", results[results.length - 1], new String(Hex.encode(resBuf)));
-        }
-
-        Digest md = (Digest)copy2;
-
-        md.update(input, input.length/2, input.length - input.length/2);
-        md.doFinal(resBuf, 0);
-
-        if (!areEqual(expected, resBuf))
-        {
-            fail("failing memo copy vector test", results[results.length - 1], new String(Hex.encode(resBuf)));
-        }
-    }
-
-    private void testClone(byte[] resBuf, byte[] input, byte[] expected)
-    {
-        digest.update(input, 0, input.length / 2);
-
-        // clone the Digest
-        Digest d = cloneDigest(digest);
-
-        digest.update(input, input.length/2, input.length - input.length/2);
-        digest.doFinal(resBuf, 0);
-
-        if (!areEqual(expected, resBuf))
-        {
-            fail("failing clone vector test", results[results.length - 1], new String(Hex.encode(resBuf)));
-        }
-
-        d.update(input, input.length/2, input.length - input.length/2);
-        d.doFinal(resBuf, 0);
-
-        if (!areEqual(expected, resBuf))
-        {
-            fail("failing second clone vector test", results[results.length - 1], new String(Hex.encode(resBuf)));
-        }
-    }
-
-    protected byte[] toByteArray(String input)
-    {
-        byte[] bytes = new byte[input.length()];
-        
-        for (int i = 0; i != bytes.length; i++)
-        {
-            bytes[i] = (byte)input.charAt(i);
-        }
-        
-        return bytes;
-    }
-    
-    private void vectorTest(
-        Digest digest,
-        int count,
-        byte[] resBuf,
-        byte[] input,
-        byte[] expected)
-    {
-        digest.update(input, 0, input.length);
-        digest.doFinal(resBuf, 0);
-
-        if (!areEqual(resBuf, expected))
-        {
-            fail("Vector " + count + " failed got " + new String(Hex.encode(resBuf)));
-        }
-    }
-
-    private void offsetTest(
-        Digest digest,
-        int count,
-        byte[] input,
-        byte[] expected)
-    {
-        byte[] resBuf = new byte[expected.length + 11];
-
-        digest.update(input, 0, input.length);
-        digest.doFinal(resBuf, 11);
-
-        if (!areEqual(Arrays.copyOfRange(resBuf, 11, resBuf.length), expected))
-        {
-            fail("Offset " + count + " failed got " + new String(Hex.encode(resBuf)));
-        }
-    }
-
-    protected abstract Digest cloneDigest(Digest digest);
-
-    protected Digest cloneDigest(byte[] encodedState)
-    {
-        throw new IllegalStateException("Unsupported");
-    }
-
-    //
-    // optional tests
-    //
-    protected void millionATest(
-        String expected)
-    {
-        byte[] resBuf = new byte[digest.getDigestSize()];
-        
-        for (int i = 0; i < 1000000; i++)
-        {
-            digest.update((byte)'a');
-        }
-        
-        digest.doFinal(resBuf, 0);
-
-        if (!areEqual(resBuf, Hex.decode(expected)))
-        {
-            fail("Million a's failed", expected, new String(Hex.encode(resBuf)));
-        }
-    }
-    
-    protected void sixtyFourKTest(
-        String expected)
-    {
-        byte[] resBuf = new byte[digest.getDigestSize()];
-        
-        for (int i = 0; i < 65536; i++)
-        {
-            digest.update((byte)(i & 0xff));
-        }
-        
-        digest.doFinal(resBuf, 0);
-
-        if (!areEqual(resBuf, Hex.decode(expected)))
-        {
-            fail("64k test failed", expected, new String(Hex.encode(resBuf)));
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/EAXTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/EAXTest.java
deleted file mode 100644
index 7eb8582..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/EAXTest.java
+++ /dev/null

@@ -1,354 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.engines.AESEngine;
-import org.bouncycastle.crypto.modes.AEADBlockCipher;
-import org.bouncycastle.crypto.modes.EAXBlockCipher;
-import org.bouncycastle.crypto.params.AEADParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class EAXTest
-    extends SimpleTest
-{
-    private byte[] K1 = Hex.decode("233952DEE4D5ED5F9B9C6D6FF80FF478");
-    private byte[] N1 = Hex.decode("62EC67F9C3A4A407FCB2A8C49031A8B3");
-    private byte[] A1 = Hex.decode("6BFB914FD07EAE6B");
-    private byte[] P1 = Hex.decode("");
-    private byte[] C1 = Hex.decode("E037830E8389F27B025A2D6527E79D01");
-    private byte[] T1 = Hex.decode("E037830E8389F27B025A2D6527E79D01");
-
-    private byte[] K2 = Hex.decode("91945D3F4DCBEE0BF45EF52255F095A4");
-    private byte[] N2 = Hex.decode("BECAF043B0A23D843194BA972C66DEBD");
-    private byte[] A2 = Hex.decode("FA3BFD4806EB53FA");
-    private byte[] P2 = Hex.decode("F7FB");
-    private byte[] C2 = Hex.decode("19DD5C4C9331049D0BDAB0277408F67967E5");
-    private byte[] T2 = Hex.decode("5C4C9331049D0BDAB0277408F67967E5");
-
-    private byte[] K3 = Hex.decode("01F74AD64077F2E704C0F60ADA3DD523");
-    private byte[] N3 = Hex.decode("70C3DB4F0D26368400A10ED05D2BFF5E");
-    private byte[] A3 = Hex.decode("234A3463C1264AC6");
-    private byte[] P3 = Hex.decode("1A47CB4933");
-    private byte[] C3 = Hex.decode("D851D5BAE03A59F238A23E39199DC9266626C40F80");
-    private byte[] T3 = Hex.decode("3A59F238A23E39199DC9266626C40F80");
-
-    private byte[] K4 = Hex.decode("D07CF6CBB7F313BDDE66B727AFD3C5E8");
-    private byte[] N4 = Hex.decode("8408DFFF3C1A2B1292DC199E46B7D617");
-    private byte[] A4 = Hex.decode("33CCE2EABFF5A79D");
-    private byte[] P4 = Hex.decode("481C9E39B1");
-    private byte[] C4 = Hex.decode("632A9D131AD4C168A4225D8E1FF755939974A7BEDE");
-    private byte[] T4 = Hex.decode("D4C168A4225D8E1FF755939974A7BEDE");
-
-    private byte[] K5 = Hex.decode("35B6D0580005BBC12B0587124557D2C2");
-    private byte[] N5 = Hex.decode("FDB6B06676EEDC5C61D74276E1F8E816");
-    private byte[] A5 = Hex.decode("AEB96EAEBE2970E9");
-    private byte[] P5 = Hex.decode("40D0C07DA5E4");
-    private byte[] C5 = Hex.decode("071DFE16C675CB0677E536F73AFE6A14B74EE49844DD");
-    private byte[] T5 = Hex.decode("CB0677E536F73AFE6A14B74EE49844DD");
-
-    private byte[] K6 = Hex.decode("BD8E6E11475E60B268784C38C62FEB22");
-    private byte[] N6 = Hex.decode("6EAC5C93072D8E8513F750935E46DA1B");
-    private byte[] A6 = Hex.decode("D4482D1CA78DCE0F");
-    private byte[] P6 = Hex.decode("4DE3B35C3FC039245BD1FB7D");
-    private byte[] C6 = Hex.decode("835BB4F15D743E350E728414ABB8644FD6CCB86947C5E10590210A4F");
-    private byte[] T6 = Hex.decode("ABB8644FD6CCB86947C5E10590210A4F");
-
-    private byte[] K7 = Hex.decode("7C77D6E813BED5AC98BAA417477A2E7D");
-    private byte[] N7 = Hex.decode("1A8C98DCD73D38393B2BF1569DEEFC19");
-    private byte[] A7 = Hex.decode("65D2017990D62528");
-    private byte[] P7 = Hex.decode("8B0A79306C9CE7ED99DAE4F87F8DD61636");
-    private byte[] C7 = Hex.decode("02083E3979DA014812F59F11D52630DA30137327D10649B0AA6E1C181DB617D7F2");
-    private byte[] T7 = Hex.decode("137327D10649B0AA6E1C181DB617D7F2");
-
-    private byte[] K8 = Hex.decode("5FFF20CAFAB119CA2FC73549E20F5B0D");
-    private byte[] N8 = Hex.decode("DDE59B97D722156D4D9AFF2BC7559826");
-    private byte[] A8 = Hex.decode("54B9F04E6A09189A");
-    private byte[] P8 = Hex.decode("1BDA122BCE8A8DBAF1877D962B8592DD2D56");
-    private byte[] C8 = Hex.decode("2EC47B2C4954A489AFC7BA4897EDCDAE8CC33B60450599BD02C96382902AEF7F832A");
-    private byte[] T8 = Hex.decode("3B60450599BD02C96382902AEF7F832A");
-
-    private byte[] K9 = Hex.decode("A4A4782BCFFD3EC5E7EF6D8C34A56123");
-    private byte[] N9 = Hex.decode("B781FCF2F75FA5A8DE97A9CA48E522EC");
-    private byte[] A9 = Hex.decode("899A175897561D7E");
-    private byte[] P9 = Hex.decode("6CF36720872B8513F6EAB1A8A44438D5EF11");
-    private byte[] C9 = Hex.decode("0DE18FD0FDD91E7AF19F1D8EE8733938B1E8E7F6D2231618102FDB7FE55FF1991700");
-    private byte[] T9 = Hex.decode("E7F6D2231618102FDB7FE55FF1991700");
-
-    private byte[] K10 = Hex.decode("8395FCF1E95BEBD697BD010BC766AAC3");
-    private byte[] N10 = Hex.decode("22E7ADD93CFC6393C57EC0B3C17D6B44");
-    private byte[] A10 = Hex.decode("126735FCC320D25A");
-    private byte[] P10 = Hex.decode("CA40D7446E545FFAED3BD12A740A659FFBBB3CEAB7");
-    private byte[] C10 = Hex.decode("CB8920F87A6C75CFF39627B56E3ED197C552D295A7CFC46AFC253B4652B1AF3795B124AB6E");
-    private byte[] T10 = Hex.decode("CFC46AFC253B4652B1AF3795B124AB6E");
-
-    private byte[] K11 = Hex.decode("8395FCF1E95BEBD697BD010BC766AAC3");
-    private byte[] N11 = Hex.decode("22E7ADD93CFC6393C57EC0B3C17D6B44");
-    private byte[] A11 = Hex.decode("126735FCC320D25A");
-    private byte[] P11 = Hex.decode("CA40D7446E545FFAED3BD12A740A659FFBBB3CEAB7");
-    private byte[] C11 = Hex.decode("CB8920F87A6C75CFF39627B56E3ED197C552D295A7CFC46AFC");
-    private byte[] T11 = Hex.decode("CFC46AFC");
-
-    private static final int NONCE_LEN = 8;
-    private static final int MAC_LEN = 8;
-    private static final int AUTHEN_LEN = 20;
-
-    public String getName()
-    {
-        return "EAX";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        checkVectors(1, K1, 128, N1, A1, P1, T1, C1);
-        checkVectors(2, K2, 128, N2, A2, P2, T2, C2);
-        checkVectors(3, K3, 128, N3, A3, P3, T3, C3);
-        checkVectors(4, K4, 128, N4, A4, P4, T4, C4);
-        checkVectors(5, K5, 128, N5, A5, P5, T5, C5);
-        checkVectors(6, K6, 128, N6, A6, P6, T6, C6);
-        checkVectors(7, K7, 128, N7, A7, P7, T7, C7);
-        checkVectors(8, K8, 128, N8, A8, P8, T8, C8);
-        checkVectors(9, K9, 128, N9, A9, P9, T9, C9);
-        checkVectors(10, K10, 128, N10, A10, P10, T10, C10);
-        checkVectors(11, K11, 32, N11, A11, P11, T11, C11);
-
-        EAXBlockCipher eax = new EAXBlockCipher(new AESEngine());
-        ivParamTest(1, eax, K1, N1);
-
-        //
-        // exception tests
-        //
-
-        try
-        {
-            eax.init(false, new AEADParameters(new KeyParameter(K1), 32, N2, A2));
-
-            byte[] enc = new byte[C2.length];
-            int len = eax.processBytes(C2, 0, C2.length, enc, 0);
-
-            len += eax.doFinal(enc, len);
-
-            fail("invalid cipher text not picked up");
-        }
-        catch (InvalidCipherTextException e)
-        {
-            // expected
-        }
-
-        try
-        {
-            eax.init(false, new KeyParameter(K1));
-
-            fail("illegal argument not picked up");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-
-        randomTests();
-        AEADTestUtil.testReset(this, new EAXBlockCipher(new AESEngine()), new EAXBlockCipher(new AESEngine()), new AEADParameters(new KeyParameter(K1), 32, N2));
-        AEADTestUtil.testTampering(this, eax, new AEADParameters(new KeyParameter(K1), 32, N2));
-        AEADTestUtil.testOutputSizes(this, new EAXBlockCipher(new AESEngine()), new AEADParameters(
-                new KeyParameter(K1), 32, N2));
-        AEADTestUtil.testBufferSizeChecks(this, new EAXBlockCipher(new AESEngine()), new AEADParameters(
-                new KeyParameter(K1), 32, N2));
-    }
-
-    private void checkVectors(
-        int count,
-        byte[] k,
-        int macSize,
-        byte[] n,
-        byte[] a,
-        byte[] p,
-        byte[] t,
-        byte[] c)
-        throws InvalidCipherTextException
-    {
-        byte[] fa = new byte[a.length / 2];
-        byte[] la = new byte[a.length - (a.length / 2)];
-        System.arraycopy(a, 0, fa, 0, fa.length);
-        System.arraycopy(a, fa.length, la, 0, la.length);
-
-        checkVectors(count, "all initial associated data", k, macSize, n, a, null, p, t, c);
-        checkVectors(count, "subsequent associated data", k, macSize, n, null, a, p, t, c);
-        checkVectors(count, "split associated data", k, macSize, n, fa, la, p, t, c);
-    }
-
-    private void checkVectors(
-        int count,
-        String additionalDataType,
-        byte[] k,
-        int macSize,
-        byte[] n,
-        byte[] a,
-        byte[] sa,
-        byte[] p,
-        byte[] t,
-        byte[] c)
-        throws InvalidCipherTextException
-    {
-        EAXBlockCipher encEax = new EAXBlockCipher(new AESEngine());
-        EAXBlockCipher decEax = new EAXBlockCipher(new AESEngine());
-
-        AEADParameters parameters = new AEADParameters(new KeyParameter(k), macSize, n, a);
-        encEax.init(true, parameters);
-        decEax.init(false, parameters);
-
-        runCheckVectors(count, encEax, decEax, additionalDataType, sa, p, t, c);
-        runCheckVectors(count, encEax, decEax, additionalDataType, sa, p, t, c);
-
-        // key reuse test
-        parameters = new AEADParameters(null, macSize, n, a);
-        encEax.init(true, parameters);
-        decEax.init(false, parameters);
-
-        runCheckVectors(count, encEax, decEax, additionalDataType, sa, p, t, c);
-        runCheckVectors(count, encEax, decEax, additionalDataType, sa, p, t, c);
-    }
-
-    private void runCheckVectors(
-        int count,
-        EAXBlockCipher encEax,
-        EAXBlockCipher decEax,
-        String additionalDataType,
-        byte[] sa,
-        byte[] p,
-        byte[] t,
-        byte[] c)
-        throws InvalidCipherTextException
-    {
-        byte[] enc = new byte[c.length];
-
-        if (sa != null)
-        {
-            encEax.processAADBytes(sa, 0, sa.length);
-        }
-
-        int len = encEax.processBytes(p, 0, p.length, enc, 0);
-
-        len += encEax.doFinal(enc, len);
-
-        if (!areEqual(c, enc))
-        {
-            fail("encrypted stream fails to match in test " + count + " with " + additionalDataType);
-        }
-
-        byte[] tmp = new byte[enc.length];
-
-        if (sa != null)
-        {
-            decEax.processAADBytes(sa, 0, sa.length);
-        }
-
-        len = decEax.processBytes(enc, 0, enc.length, tmp, 0);
-
-        len += decEax.doFinal(tmp, len);
-
-        byte[] dec = new byte[len];
-
-        System.arraycopy(tmp, 0, dec, 0, len);
-
-        if (!areEqual(p, dec))
-        {
-            fail("decrypted stream fails to match in test " + count + " with " + additionalDataType);
-        }
-
-        if (!areEqual(t, decEax.getMac()))
-        {
-            fail("MAC fails to match in test " + count + " with " + additionalDataType);
-        }
-    }
-
-    private void ivParamTest(
-        int count,
-        AEADBlockCipher eax,
-        byte[] k,
-        byte[] n)
-        throws InvalidCipherTextException
-    {
-        byte[] p = Strings.toByteArray("hello world!!");
-
-        eax.init(true, new ParametersWithIV(new KeyParameter(k), n));
-
-        byte[] enc = new byte[p.length + 8];
-
-        int len = eax.processBytes(p, 0, p.length, enc, 0);
-
-        len += eax.doFinal(enc, len);
-
-        eax.init(false, new ParametersWithIV(new KeyParameter(k), n));
-
-        byte[] tmp = new byte[enc.length];
-
-        len = eax.processBytes(enc, 0, enc.length, tmp, 0);
-
-        len += eax.doFinal(tmp, len);
-
-        byte[] dec = new byte[len];
-
-        System.arraycopy(tmp, 0, dec, 0, len);
-
-        if (!areEqual(p, dec))
-        {
-            fail("decrypted stream fails to match in test " + count);
-        }
-    }
-
-    private void randomTests()
-        throws InvalidCipherTextException
-    {
-        SecureRandom srng = new SecureRandom();
-        for (int i = 0; i < 10; ++i)
-        {
-            randomTest(srng);
-        }
-    }
-
-    private void randomTest(
-        SecureRandom srng)
-        throws InvalidCipherTextException
-    {
-        int DAT_LEN = srng.nextInt() >>> 22; // Note: JDK1.0 compatibility
-        byte[] nonce = new byte[NONCE_LEN];
-        byte[] authen = new byte[AUTHEN_LEN];
-        byte[] datIn = new byte[DAT_LEN];
-        byte[] key = new byte[16];
-        srng.nextBytes(nonce);
-        srng.nextBytes(authen);
-        srng.nextBytes(datIn);
-        srng.nextBytes(key);
-
-        AESEngine engine = new AESEngine();
-        KeyParameter sessKey = new KeyParameter(key);
-        EAXBlockCipher eaxCipher = new EAXBlockCipher(engine);
-
-        AEADParameters params = new AEADParameters(sessKey, MAC_LEN * 8, nonce, authen);
-        eaxCipher.init(true, params);
-
-        byte[] intrDat = new byte[eaxCipher.getOutputSize(datIn.length)];
-        int outOff = eaxCipher.processBytes(datIn, 0, DAT_LEN, intrDat, 0);
-        outOff += eaxCipher.doFinal(intrDat, outOff);
-
-        eaxCipher.init(false, params);
-        byte[] datOut = new byte[eaxCipher.getOutputSize(outOff)];
-        int resultLen = eaxCipher.processBytes(intrDat, 0, outOff, datOut, 0);
-        eaxCipher.doFinal(datOut, resultLen);
-
-        if (!areEqual(datIn, datOut))
-        {
-            fail("EAX roundtrip failed to match");
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new EAXTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/ECDHKEKGeneratorTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/ECDHKEKGeneratorTest.java
deleted file mode 100644
index d75b139..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/ECDHKEKGeneratorTest.java
+++ /dev/null

@@ -1,71 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.crypto.DerivationFunction;
-import org.bouncycastle.crypto.DerivationParameters;
-import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters;
-import org.bouncycastle.crypto.agreement.kdf.ECDHKEKGenerator;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * ECDHKEK Generator tests.
- */
-public class ECDHKEKGeneratorTest
-    extends SimpleTest
-{
-    private byte[] seed1 = Hex.decode("db4a8daba1f98791d54e940175dd1a5f3a0826a1066aa9b668d4dc1e1e0790158dcad1533c03b44214d1b61fefa8b579");
-    private ASN1ObjectIdentifier alg1 = NISTObjectIdentifiers.id_aes256_wrap;
-    private byte[] result1 = Hex.decode("8ecc6d85caf25eaba823a7d620d4ab0d33e4c645f2");
-
-    private byte[] seed2 = Hex.decode("75d7487b5d3d2bfb3c69ce0365fe64e3bfab5d0d63731628a9f47eb8fddfa28c65decaf228a0b38f0c51c6a3356d7c56");
-    private ASN1ObjectIdentifier alg2 = NISTObjectIdentifiers.id_aes128_wrap;
-    private byte[] result2 = Hex.decode("042be1faca3a4a8fc859241bfb87ba35");
-
-    private byte[] seed3 = Hex.decode("fdeb6d809f997e8ac174d638734dc36d37aaf7e876e39967cd82b1cada3de772449788461ee7f856bad9305627f8e48b");
-    private ASN1ObjectIdentifier alg3 = PKCSObjectIdentifiers.id_alg_CMS3DESwrap;
-    private byte[] result3 = Hex.decode("bcd701fc92109b1b9d6f3b6497ad5ca9627fa8a597010305");
-
-    public ECDHKEKGeneratorTest()
-    {
-    }
-
-    public void performTest()
-    {
-        checkMask(1, new ECDHKEKGenerator(new SHA1Digest()), new DHKDFParameters(alg1, 256, seed1), result1);
-        checkMask(2, new ECDHKEKGenerator(new SHA1Digest()), new DHKDFParameters(alg2, 128, seed2), result2);
-        checkMask(3, new ECDHKEKGenerator(new SHA1Digest()), new DHKDFParameters(alg3, 192, seed3), result3);
-    }
-
-    private void checkMask(
-        int                count,
-        DerivationFunction kdf,
-        DerivationParameters params,
-        byte[]             result)
-    {
-        byte[]             data = new byte[result.length];
-
-        kdf.init(params);
-
-        kdf.generateBytes(data, 0, data.length);
-
-        if (!areEqual(result, data))
-        {
-            fail("ECDHKEKGenerator failed generator test " + count);
-        }
-    }
-
-    public String getName()
-    {
-        return "ECDHKEKGenerator";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new ECDHKEKGeneratorTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/ECGOST3410Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/ECGOST3410Test.java
deleted file mode 100644
index 291c305..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/ECGOST3410Test.java
+++ /dev/null

@@ -1,327 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.digests.GOST3411Digest;
-import org.bouncycastle.crypto.generators.ECKeyPairGenerator;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECKeyGenerationParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.signers.ECGOST3410Signer;
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestRandomData;
-
-/**
- *  ECGOST3410 tests are taken from GOST R 34.10-2001.
- */
-public class ECGOST3410Test
-    extends SimpleTest
- {
-    byte[] hashmessage = Hex.decode("3042453136414534424341374533364339313734453431443642453241453435");
-    
-     /**
-     * ECGOST3410 over the field Fp<br>
-     */
-    BigInteger r = new BigInteger("29700980915817952874371204983938256990422752107994319651632687982059210933395");
-    BigInteger s = new BigInteger("574973400270084654178925310019147038455227042649098563933718999175515839552");
-
-    byte[] kData = new BigInteger("53854137677348463731403841147996619241504003434302020712960838528893196233395").toByteArray();
-
-    SecureRandom    k = new TestRandomData(kData);
-
-    private void ecGOST3410_TEST()
-    {
-        BigInteger mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564821041"); //p
-        BigInteger mod_q = new BigInteger("57896044618658097711785492504343953927082934583725450622380973592137631069619");
-
-        ECCurve.Fp curve = new ECCurve.Fp(
-            mod_p, // p
-            new BigInteger("7"), // a
-            new BigInteger("43308876546767276905765904595650931995942111794451039583252968842033849580414"), // b
-            mod_q, ECConstants.ONE);
-
-        ECDomainParameters params = new ECDomainParameters(
-            curve,
-            curve.createPoint(
-                new BigInteger("2"), // x
-                new BigInteger("4018974056539037503335449422937059775635739389905545080690979365213431566280")), // y
-            mod_q);
-
-        ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
-            new BigInteger("55441196065363246126355624130324183196576709222340016572108097750006097525544"), // d
-            params);
-
-        ParametersWithRandom param = new ParametersWithRandom(priKey, k);
-
-        ECGOST3410Signer ecgost3410 = new ECGOST3410Signer();
-
-        ecgost3410.init(true, param);
-
-        byte[] mVal = new BigInteger("20798893674476452017134061561508270130637142515379653289952617252661468872421").toByteArray();
-        byte[] message = new byte[mVal.length];
-        
-        for (int i = 0; i != mVal.length; i++)
-        {
-            message[i] = mVal[mVal.length - 1 - i];
-        }
-        
-        BigInteger[] sig = ecgost3410.generateSignature(message);
-
-        if (!r.equals(sig[0]))
-        {
-            fail("r component wrong.", r, sig[0]);
-        }
-
-        if (!s.equals(sig[1]))
-        {
-            fail("s component wrong.", s, sig[1]);
-        }
-
-        // Verify the signature
-        ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
-            curve.createPoint(
-                new BigInteger("57520216126176808443631405023338071176630104906313632182896741342206604859403"), // x
-                new BigInteger("17614944419213781543809391949654080031942662045363639260709847859438286763994")), // y
-            params);
-
-        ecgost3410.init(false, pubKey);
-        if (!ecgost3410.verifySignature(message, sig[0], sig[1]))
-        {
-            fail("verification fails");
-        }
-    }
-
-    /**
-     * Test Sign & Verify with test parameters
-     * see: http://www.ietf.org/internet-drafts/draft-popov-cryptopro-cpalgs-01.txt
-     * gostR3410-2001-TestParamSet  P.46
-     */
-    private void ecGOST3410_TestParam()
-    {
-        SecureRandom    random = new SecureRandom();
-
-        BigInteger mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564821041"); //p
-        BigInteger mod_q = new BigInteger("57896044618658097711785492504343953927082934583725450622380973592137631069619");
-
-        ECCurve.Fp curve = new ECCurve.Fp(
-            mod_p, // p
-            new BigInteger("7"), // a
-            new BigInteger("43308876546767276905765904595650931995942111794451039583252968842033849580414"), // b
-            mod_q, ECConstants.ONE);
-
-        ECDomainParameters params = new ECDomainParameters(
-            curve,
-            curve.createPoint(
-                new BigInteger("2"), // x
-                new BigInteger("4018974056539037503335449422937059775635739389905545080690979365213431566280")), // y
-            mod_q);
-
-        ECKeyPairGenerator          pGen = new ECKeyPairGenerator();
-        ECKeyGenerationParameters   genParam = new ECKeyGenerationParameters(
-                                        params,
-                                        random);
-
-        pGen.init(genParam);
-
-        AsymmetricCipherKeyPair  pair = pGen.generateKeyPair();
-
-        ParametersWithRandom param = new ParametersWithRandom(pair.getPrivate(), random);
-
-        ECGOST3410Signer ecgost3410 = new ECGOST3410Signer();
-
-        ecgost3410.init(true, param);
-
-        //get hash message using the digest GOST3411.
-        byte[] message = "Message for sign".getBytes();
-        GOST3411Digest  gost3411 = new GOST3411Digest();
-        gost3411.update(message, 0, message.length);
-        byte[] hashmessage = new byte[gost3411.getDigestSize()];
-        gost3411.doFinal(hashmessage, 0);
-
-        BigInteger[] sig = ecgost3410.generateSignature(hashmessage);
-
-        ecgost3410.init(false, pair.getPublic());
-
-        if (!ecgost3410.verifySignature(hashmessage, sig[0], sig[1]))
-        {
-            fail("signature fails");
-        }
-    }
-
-    /**
-     * Test Sign & Verify with A parameters
-     * see: http://www.ietf.org/internet-drafts/draft-popov-cryptopro-cpalgs-01.txt
-     * gostR3410-2001-CryptoPro-A-ParamSet  P.47
-     */
-    public void ecGOST3410_AParam()
-    {
-        SecureRandom random = new SecureRandom();
-
-        BigInteger mod_p = new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639319"); //p
-        BigInteger mod_q = new BigInteger("115792089237316195423570985008687907853073762908499243225378155805079068850323");
-
-        ECCurve.Fp curve = new ECCurve.Fp(
-            mod_p, // p
-            new BigInteger("115792089237316195423570985008687907853269984665640564039457584007913129639316"), // a
-            new BigInteger("166"), // b
-            mod_q, ECConstants.ONE);
-
-        ECDomainParameters params = new ECDomainParameters(
-            curve,
-            curve.createPoint(
-                new BigInteger("1"), // x
-                new BigInteger("64033881142927202683649881450433473985931760268884941288852745803908878638612")), // y
-            mod_q);
-
-        ECKeyPairGenerator          pGen = new ECKeyPairGenerator();
-        ECKeyGenerationParameters   genParam = new ECKeyGenerationParameters(
-                                        params,
-                                        random);
-
-        pGen.init(genParam);
-
-        AsymmetricCipherKeyPair  pair = pGen.generateKeyPair();
-
-        ParametersWithRandom param = new ParametersWithRandom(pair.getPrivate(), random);
-
-        ECGOST3410Signer ecgost3410 = new ECGOST3410Signer();
-
-        ecgost3410.init(true, param);
-
-        BigInteger[] sig = ecgost3410.generateSignature(hashmessage);
-
-        ecgost3410.init(false, pair.getPublic());
-
-        if (!ecgost3410.verifySignature(hashmessage, sig[0], sig[1]))
-        {
-            fail("signature fails");
-        }
-    }
-
-    /**
-     * Test Sign & Verify with B parameters
-     * see: http://www.ietf.org/internet-drafts/draft-popov-cryptopro-cpalgs-01.txt
-     * gostR3410-2001-CryptoPro-B-ParamSet  P.47-48
-     */
-    private void ecGOST3410_BParam()
-    {
-        SecureRandom    random = new SecureRandom();
-
-        BigInteger mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564823193"); //p
-        BigInteger mod_q = new BigInteger("57896044618658097711785492504343953927102133160255826820068844496087732066703");
-
-        ECCurve.Fp curve = new ECCurve.Fp(
-            mod_p, // p
-            new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564823190"), // a
-            new BigInteger("28091019353058090096996979000309560759124368558014865957655842872397301267595"), // b
-            mod_q, ECConstants.ONE);
-
-        ECDomainParameters params = new ECDomainParameters(
-            curve,
-            curve.createPoint(
-                new BigInteger("1"), // x
-                new BigInteger("28792665814854611296992347458380284135028636778229113005756334730996303888124")), // y
-            mod_q);
-
-        ECKeyPairGenerator          pGen = new ECKeyPairGenerator();
-        ECKeyGenerationParameters   genParam = new ECKeyGenerationParameters(
-                                        params,
-                                        random);
-
-        pGen.init(genParam);
-
-        AsymmetricCipherKeyPair  pair = pGen.generateKeyPair();
-
-        ParametersWithRandom param = new ParametersWithRandom(pair.getPrivate(), random);
-
-        ECGOST3410Signer ecgost3410 = new ECGOST3410Signer();
-
-        ecgost3410.init(true, param);
-
-        BigInteger[] sig = ecgost3410.generateSignature(hashmessage);
-
-        ecgost3410.init(false, pair.getPublic());
-
-        if (!ecgost3410.verifySignature(hashmessage, sig[0], sig[1]))
-        {
-            fail("signature fails");
-        }
-    }
-
-    /**
-     * Test Sign & Verify with C parameters
-     * see: http://www.ietf.org/internet-drafts/draft-popov-cryptopro-cpalgs-01.txt
-     * gostR3410-2001-CryptoPro-C-ParamSet  P.48
-     */
-    private void ecGOST3410_CParam()
-    {
-        SecureRandom    random = new SecureRandom();
-
-        BigInteger mod_p = new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502619"); //p
-        BigInteger mod_q = new BigInteger("70390085352083305199547718019018437840920882647164081035322601458352298396601");
-
-        ECCurve.Fp curve = new ECCurve.Fp(
-            mod_p, // p
-            new BigInteger("70390085352083305199547718019018437841079516630045180471284346843705633502616"), // a
-            new BigInteger("32858"), // b
-            mod_q, ECConstants.ONE);
-
-        ECDomainParameters params = new ECDomainParameters(
-            curve,
-            curve.createPoint(
-                new BigInteger("0"), // x
-                new BigInteger("29818893917731240733471273240314769927240550812383695689146495261604565990247")), // y
-            mod_q);
-
-        ECKeyPairGenerator          pGen = new ECKeyPairGenerator();
-        ECKeyGenerationParameters   genParam = new ECKeyGenerationParameters(
-                                        params,
-                                        random);
-
-        pGen.init(genParam);
-
-        AsymmetricCipherKeyPair  pair = pGen.generateKeyPair();
-
-        ParametersWithRandom param = new ParametersWithRandom(pair.getPrivate(), random);
-
-        ECGOST3410Signer ecgost3410 = new ECGOST3410Signer();
-
-        ecgost3410.init(true, param);
-
-        BigInteger[] sig = ecgost3410.generateSignature(hashmessage);
-
-        ecgost3410.init(false, pair.getPublic());
-
-        if (!ecgost3410.verifySignature(hashmessage, sig[0], sig[1]))
-        {
-            fail("signature fails");
-        }
-    }
-
-    public String getName()
-    {
-        return "ECGOST3410";
-    }
-
-    public void performTest()
-    {
-        ecGOST3410_TEST();
-        ecGOST3410_TestParam();
-        ecGOST3410_AParam();
-        ecGOST3410_BParam();
-        ecGOST3410_CParam();
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new ECGOST3410Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/ECIESKeyEncapsulationTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/ECIESKeyEncapsulationTest.java
deleted file mode 100644
index 64d19f5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/ECIESKeyEncapsulationTest.java
+++ /dev/null

@@ -1,138 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.asn1.sec.SECNamedCurves;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.generators.ECKeyPairGenerator;
-import org.bouncycastle.crypto.generators.KDF2BytesGenerator;
-import org.bouncycastle.crypto.kems.ECIESKeyEncapsulation;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECKeyGenerationParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Tests for the ECIES Key Encapsulation Mechanism
- */
-public class ECIESKeyEncapsulationTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "ECIESKeyEncapsulation";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        
-        // Set EC domain parameters and generate key pair
-        X9ECParameters            spec     = SECNamedCurves.getByName("secp224r1");
-        ECDomainParameters        ecDomain = new ECDomainParameters(spec.getCurve(), spec.getG(), spec.getN());
-        ECKeyPairGenerator        ecGen    = new ECKeyPairGenerator();
-
-        ecGen.init(new ECKeyGenerationParameters(ecDomain, new SecureRandom()));
-
-        AsymmetricCipherKeyPair    keys      = ecGen.generateKeyPair();
-        
-        // Set ECIES-KEM parameters
-        ECIESKeyEncapsulation     kem;
-        KDF2BytesGenerator        kdf = new KDF2BytesGenerator(new SHA1Digest());
-        SecureRandom            rnd = new SecureRandom();
-        byte[]                    out = new byte[57];
-        KeyParameter            key1, key2;
-        
-        // Test basic ECIES-KEM
-        kem = new ECIESKeyEncapsulation(kdf, rnd);
-        
-        kem.init(keys.getPublic());
-        key1 = (KeyParameter)kem.encrypt(out, 128);
-        
-        kem.init(keys.getPrivate());
-        key2 = (KeyParameter)kem.decrypt(out, 128);
-
-        if (!areEqual(key1.getKey(), key2.getKey()))
-        {
-            fail("failed basic test");
-        }
-
-        // Test ECIES-KEM using new cofactor mode
-        kem = new ECIESKeyEncapsulation(kdf, rnd, true, false, false);
-        
-        kem.init(keys.getPublic());
-        key1 = (KeyParameter)kem.encrypt(out, 128);
-        
-        kem.init(keys.getPrivate());
-        key2 = (KeyParameter)kem.decrypt(out, 128);
-
-        if (!areEqual(key1.getKey(), key2.getKey()))
-        {
-            fail("failed cofactor test");
-        }
-
-        // Test ECIES-KEM using old cofactor mode
-        kem = new ECIESKeyEncapsulation(kdf, rnd, false, true, false);
-        
-        kem.init(keys.getPublic());
-        key1 = (KeyParameter)kem.encrypt(out, 128);
-    
-        kem.init(keys.getPrivate());
-        key2 = (KeyParameter)kem.decrypt(out, 128);
-
-        if (!areEqual(key1.getKey(), key2.getKey()))
-        {
-            fail("failed old cofactor test");
-        }
-
-        // Test ECIES-KEM using single hash mode
-        kem = new ECIESKeyEncapsulation(kdf, rnd, false, false, true);
-        
-        kem.init(keys.getPublic());
-        key1 = (KeyParameter)kem.encrypt(out, 128);
-        
-        kem.init(keys.getPrivate());
-        key2 = (KeyParameter)kem.decrypt(out, 128);
-
-        if (!areEqual(key1.getKey(), key2.getKey()))
-        {
-            fail("failed single hash test");
-        }
-
-        // Test ECIES-KEM using new cofactor mode and single hash mode
-        kem = new ECIESKeyEncapsulation(kdf, rnd, true, false, true);
-        
-        kem.init(keys.getPublic());
-        key1 = (KeyParameter)kem.encrypt(out, 128);
-        
-        kem.init(keys.getPrivate());
-        key2 = (KeyParameter)kem.decrypt(out, 128);
-
-        if (!areEqual(key1.getKey(), key2.getKey()))
-        {
-            fail("failed cofactor and single hash test");
-        }
-
-        // Test ECIES-KEM using old cofactor mode and single hash mode
-        kem = new ECIESKeyEncapsulation(kdf, rnd, false, true, true);
-        
-        kem.init(keys.getPublic());
-        key1 = (KeyParameter)kem.encrypt(out, 128);
-        
-        kem.init(keys.getPrivate());
-        key2 = (KeyParameter)kem.decrypt(out, 128);
-
-        if (!areEqual(key1.getKey(), key2.getKey()))
-        {
-            fail("failed old cofactor and single hash test");
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new ECIESKeyEncapsulationTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/ECIESTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/ECIESTest.java
deleted file mode 100644
index 738aa58..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/ECIESTest.java
+++ /dev/null

@@ -1,545 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.x9.ECNamedCurveTable;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.KeyEncoder;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.crypto.agreement.ECDHBasicAgreement;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.engines.IESEngine;
-import org.bouncycastle.crypto.engines.TwofishEngine;
-import org.bouncycastle.crypto.generators.ECKeyPairGenerator;
-import org.bouncycastle.crypto.generators.EphemeralKeyPairGenerator;
-import org.bouncycastle.crypto.generators.KDF2BytesGenerator;
-import org.bouncycastle.crypto.kems.ECIESKeyEncapsulation;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECKeyGenerationParameters;
-import org.bouncycastle.crypto.params.ECNamedDomainParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.IESParameters;
-import org.bouncycastle.crypto.params.IESWithCipherParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.crypto.parsers.ECIESPublicKeyParser;
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * test for ECIES - Elliptic Curve Integrated Encryption Scheme
- */
-public class ECIESTest
-    extends SimpleTest
-{
-    private static byte[] TWOFISH_IV = Hex.decode("000102030405060708090a0b0c0d0e0f");
-
-    ECIESTest()
-    {
-    }
-
-    public String getName()
-    {
-        return "ECIES";
-    }
-
-    private void doStaticTest(byte[] iv)
-        throws Exception
-    {
-        BigInteger n = new BigInteger("6277101735386680763835789423176059013767194773182842284081");
-
-        ECCurve.Fp curve = new ECCurve.Fp(
-            new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q
-            new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a
-            new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16), // b
-            n, ECConstants.ONE);
-
-        ECDomainParameters params = new ECDomainParameters(
-                curve,
-                curve.decodePoint(Hex.decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")), // G
-                n);
-
-        ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
-            new BigInteger("651056770906015076056810763456358567190100156695615665659"), // d
-            params);
-
-        ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
-            curve.decodePoint(Hex.decode("0262b12d60690cdcf330babab6e69763b471f994dd702d16a5")), // Q
-            params);
-
-        AsymmetricCipherKeyPair  p1 = new AsymmetricCipherKeyPair(pubKey, priKey);
-        AsymmetricCipherKeyPair  p2 = new AsymmetricCipherKeyPair(pubKey, priKey);
-
-        //
-        // stream test
-        //
-        IESEngine i1 = new IESEngine(
-                                   new ECDHBasicAgreement(),
-                                   new KDF2BytesGenerator(new SHA1Digest()),
-                                   new HMac(new SHA1Digest()));
-        IESEngine i2 = new IESEngine(
-                                   new ECDHBasicAgreement(),
-                                   new KDF2BytesGenerator(new SHA1Digest()),
-                                   new HMac(new SHA1Digest()));
-        byte[]         d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
-        byte[]         e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 };
-        CipherParameters p = new IESParameters(d, e, 64);
-
-        i1.init(true, p1.getPrivate(), p2.getPublic(), p);
-        i2.init(false, p2.getPrivate(), p1.getPublic(), p);
-
-        byte[] message = Hex.decode("1234567890abcdef");
-
-        byte[]   out1 = i1.processBlock(message, 0, message.length);
-
-        if (!areEqual(out1, Hex.decode("468d89877e8238802403ec4cb6b329faeccfa6f3a730f2cdb3c0a8e8")))
-        {
-            fail("stream cipher test failed on enc");
-        }
-
-        byte[]   out2 = i2.processBlock(out1, 0, out1.length);
-
-        if (!areEqual(out2, message))
-        {
-            fail("stream cipher test failed");
-        }
-
-        //
-        // twofish with CBC
-        //
-        BufferedBlockCipher c1 = new PaddedBufferedBlockCipher(
-                                    new CBCBlockCipher(new TwofishEngine()));
-        BufferedBlockCipher c2 = new PaddedBufferedBlockCipher(
-                                    new CBCBlockCipher(new TwofishEngine()));
-        i1 = new IESEngine(
-                       new ECDHBasicAgreement(),
-                       new KDF2BytesGenerator(new SHA1Digest()),
-                       new HMac(new SHA1Digest()),
-                       c1);
-        i2 = new IESEngine(
-                       new ECDHBasicAgreement(),
-                       new KDF2BytesGenerator(new SHA1Digest()),
-                       new HMac(new SHA1Digest()),
-                       c2);
-        d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
-        e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 };
-        p = new IESWithCipherParameters(d, e, 64, 128);
-
-        if (iv != null)
-        {
-            p = new ParametersWithIV(p, iv);
-        }
-
-        i1.init(true, p1.getPrivate(), p2.getPublic(), p);
-        i2.init(false, p2.getPrivate(), p1.getPublic(), p);
-
-        message = Hex.decode("1234567890abcdef");
-
-        out1 = i1.processBlock(message, 0, message.length);
-
-        if (!areEqual(out1, (iv == null) ?
-                                  Hex.decode("b8a06ea5c2b9df28b58a0a90a734cde8c9c02903e5c220021fe4417410d1e53a32a71696")
-                                : Hex.decode("f246b0e26a2711992cac9c590d08e45c5e730b7c0f4218bb064e27b7dd7c8a3bd8bf01c3")))
-        {
-            fail("twofish cipher test failed on enc");
-        }
-
-        out2 = i2.processBlock(out1, 0, out1.length);
-
-        if (!areEqual(out2, message))
-        {
-            fail("twofish cipher test failed");
-        }
-    }
-
-    private void doShortTest(byte[] iv)
-        throws Exception
-    {
-        BigInteger n = new BigInteger("6277101735386680763835789423176059013767194773182842284081");
-
-        ECCurve.Fp curve = new ECCurve.Fp(
-            new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q
-            new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a
-            new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16), // b
-            n, ECConstants.ONE);
-
-        ECDomainParameters params = new ECDomainParameters(
-                curve,
-                curve.decodePoint(Hex.decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")), // G
-                n);
-
-        ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
-            new BigInteger("651056770906015076056810763456358567190100156695615665659"), // d
-            params);
-
-        ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
-            curve.decodePoint(Hex.decode("0262b12d60690cdcf330babab6e69763b471f994dd702d16a5")), // Q
-            params);
-
-        AsymmetricCipherKeyPair  p1 = new AsymmetricCipherKeyPair(pubKey, priKey);
-        AsymmetricCipherKeyPair  p2 = new AsymmetricCipherKeyPair(pubKey, priKey);
-
-        //
-        // stream test - V 0
-        //
-        IESEngine i1 = new IESEngine(
-                                   new ECDHBasicAgreement(),
-                                   new KDF2BytesGenerator(new SHA1Digest()),
-                                   new HMac(new SHA1Digest()));
-        IESEngine i2 = new IESEngine(
-                                   new ECDHBasicAgreement(),
-                                   new KDF2BytesGenerator(new SHA1Digest()),
-                                   new HMac(new SHA1Digest()));
-        byte[]         d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
-        byte[]         e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 };
-        CipherParameters p = new IESParameters(d, e, 64);
-
-        i1.init(true, p1.getPrivate(), p2.getPublic(), p);
-        i2.init(false, p2.getPrivate(), p1.getPublic(), p);
-
-        byte[] message = new byte[0];
-
-        byte[]   out1 = i1.processBlock(message, 0, message.length);
-
-        byte[]   out2 = i2.processBlock(out1, 0, out1.length);
-
-        if (!areEqual(out2, message))
-        {
-            fail("stream cipher test failed");
-        }
-
-        try
-        {
-            i2.processBlock(out1, 0, out1.length - 1);
-            fail("no exception");
-        }
-        catch (InvalidCipherTextException ex)
-        {
-            if (!"Length of input must be greater than the MAC and V combined".equals(ex.getMessage()))
-            {
-                fail("wrong exception");
-            }
-        }
-
-        // with ephemeral key pair
-
-        // Generate the ephemeral key pair
-        ECKeyPairGenerator gen = new ECKeyPairGenerator();
-        gen.init(new ECKeyGenerationParameters(params, new SecureRandom()));
-
-        EphemeralKeyPairGenerator ephKeyGen = new EphemeralKeyPairGenerator(gen, new KeyEncoder()
-        {
-            public byte[] getEncoded(AsymmetricKeyParameter keyParameter)
-            {
-                return ((ECPublicKeyParameters)keyParameter).getQ().getEncoded(false);
-            }
-        });
-
-        i1.init(p2.getPublic(), p, ephKeyGen);
-        i2.init(p2.getPrivate(), p, new ECIESPublicKeyParser(params));
-
-        out1 = i1.processBlock(message, 0, message.length);
-
-        out2 = i2.processBlock(out1, 0, out1.length);
-
-        if (!areEqual(out2, message))
-        {
-            fail("V cipher test failed");
-        }
-
-        try
-        {
-            i2.processBlock(out1, 0, out1.length - 1);
-            fail("no exception");
-        }
-        catch (InvalidCipherTextException ex)
-        {
-            if (!"Length of input must be greater than the MAC and V combined".equals(ex.getMessage()))
-            {
-                fail("wrong exception");
-            }
-        }
-    }
-
-    private void doEphemeralTest(byte[] iv, final boolean usePointCompression)
-        throws Exception
-    {
-        BigInteger n = new BigInteger("6277101735386680763835789423176059013767194773182842284081");
-
-        ECCurve.Fp curve = new ECCurve.Fp(
-            new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q
-            new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a
-            new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16), // b
-            n, ECConstants.ONE);
-
-        ECDomainParameters params = new ECDomainParameters(
-                curve,
-                curve.decodePoint(Hex.decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")), // G
-                n);
-
-        ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
-            new BigInteger("651056770906015076056810763456358567190100156695615665659"), // d
-            params);
-
-        ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
-            curve.decodePoint(Hex.decode("0262b12d60690cdcf330babab6e69763b471f994dd702d16a5")), // Q
-            params);
-
-        AsymmetricCipherKeyPair  p1 = new AsymmetricCipherKeyPair(pubKey, priKey);
-        AsymmetricCipherKeyPair  p2 = new AsymmetricCipherKeyPair(pubKey, priKey);
-
-        // Generate the ephemeral key pair
-        ECKeyPairGenerator gen = new ECKeyPairGenerator();
-        gen.init(new ECKeyGenerationParameters(params, new SecureRandom()));
-
-        EphemeralKeyPairGenerator ephKeyGen = new EphemeralKeyPairGenerator(gen, new KeyEncoder()
-        {
-            public byte[] getEncoded(AsymmetricKeyParameter keyParameter)
-            {
-                return ((ECPublicKeyParameters)keyParameter).getQ().getEncoded(usePointCompression);
-            }
-        });
-
-        //
-        // stream test
-        //
-        IESEngine i1 = new IESEngine(
-                                   new ECDHBasicAgreement(),
-                                   new KDF2BytesGenerator(new SHA1Digest()),
-                                   new HMac(new SHA1Digest()));
-        IESEngine i2 = new IESEngine(
-                                   new ECDHBasicAgreement(),
-                                   new KDF2BytesGenerator(new SHA1Digest()),
-                                   new HMac(new SHA1Digest()));
-
-        byte[]            d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
-        byte[]            e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 };
-        CipherParameters  p = new IESParameters(d, e, 64);
-
-        i1.init(p2.getPublic(), p, ephKeyGen);
-        i2.init(p2.getPrivate(), p, new ECIESPublicKeyParser(params));
-
-        byte[] message = Hex.decode("1234567890abcdef");
-
-        byte[]   out1 = i1.processBlock(message, 0, message.length);
-
-        byte[]   out2 = i2.processBlock(out1, 0, out1.length);
-
-        if (!areEqual(out2, message))
-        {
-            fail("stream cipher test failed");
-        }
-
-        //
-        // twofish with CBC
-        //
-        BufferedBlockCipher c1 = new PaddedBufferedBlockCipher(
-                                    new CBCBlockCipher(new TwofishEngine()));
-        BufferedBlockCipher c2 = new PaddedBufferedBlockCipher(
-                                    new CBCBlockCipher(new TwofishEngine()));
-        i1 = new IESEngine(
-                       new ECDHBasicAgreement(),
-                       new KDF2BytesGenerator(new SHA1Digest()),
-                       new HMac(new SHA1Digest()),
-                       c1);
-        i2 = new IESEngine(
-                       new ECDHBasicAgreement(),
-                       new KDF2BytesGenerator(new SHA1Digest()),
-                       new HMac(new SHA1Digest()),
-                       c2);
-        d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
-        e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 };
-        p = new IESWithCipherParameters(d, e, 64, 128);
-
-        if (iv != null)
-        {
-            p = new ParametersWithIV(p, iv);
-        }
-
-        i1.init(p2.getPublic(), p, ephKeyGen);
-        i2.init(p2.getPrivate(), p, new ECIESPublicKeyParser(params));
-
-        message = Hex.decode("1234567890abcdef");
-
-        out1 = i1.processBlock(message, 0, message.length);
-
-        out2 = i2.processBlock(out1, 0, out1.length);
-
-        if (!areEqual(out2, message))
-        {
-            fail("twofish cipher test failed");
-        }
-    }
-
-    private void doTest(AsymmetricCipherKeyPair p1, AsymmetricCipherKeyPair p2)
-        throws Exception
-    {
-        //
-        // stream test
-        //
-        IESEngine i1 = new IESEngine(
-                                   new ECDHBasicAgreement(),
-                                   new KDF2BytesGenerator(new SHA1Digest()),
-                                   new HMac(new SHA1Digest()));
-        IESEngine i2 = new IESEngine(
-                                   new ECDHBasicAgreement(),
-                                   new KDF2BytesGenerator(new SHA1Digest()),
-                                   new HMac(new SHA1Digest()));
-        byte[]         d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
-        byte[]         e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 };
-        IESParameters  p = new IESParameters(d, e, 64);
-
-        i1.init(true, p1.getPrivate(), p2.getPublic(), p);
-        i2.init(false, p2.getPrivate(), p1.getPublic(), p);
-
-        byte[] message = Hex.decode("1234567890abcdef");
-
-        byte[]   out1 = i1.processBlock(message, 0, message.length);
- 
-        byte[]   out2 = i2.processBlock(out1, 0, out1.length);
-
-        if (!areEqual(out2, message))
-        {
-            fail("stream cipher test failed");
-        }
-
-        //
-        // twofish with CBC
-        //
-        BufferedBlockCipher c1 = new PaddedBufferedBlockCipher(
-                                    new CBCBlockCipher(new TwofishEngine()));
-        BufferedBlockCipher c2 = new PaddedBufferedBlockCipher(
-                                    new CBCBlockCipher(new TwofishEngine()));
-        i1 = new IESEngine(
-                       new ECDHBasicAgreement(),
-                       new KDF2BytesGenerator(new SHA1Digest()),
-                       new HMac(new SHA1Digest()),
-                       c1);
-        i2 = new IESEngine(
-                       new ECDHBasicAgreement(),
-                       new KDF2BytesGenerator(new SHA1Digest()),
-                       new HMac(new SHA1Digest()),
-                       c2);
-        d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
-        e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 };
-        p = new IESWithCipherParameters(d, e, 64, 128);
-
-        i1.init(true, p1.getPrivate(), p2.getPublic(), p);
-        i2.init(false, p2.getPrivate(), p1.getPublic(), p);
-
-        message = Hex.decode("1234567890abcdef");
-
-        out1 = i1.processBlock(message, 0, message.length);
-
-        out2 = i2.processBlock(out1, 0, out1.length);
-
-        if (!areEqual(out2, message))
-        {
-            fail("twofish cipher test failed");
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        doStaticTest(null);
-        doStaticTest(TWOFISH_IV);
-        doShortTest(null);
-
-        BigInteger n = new BigInteger("6277101735386680763835789423176059013767194773182842284081");
-
-        ECCurve.Fp curve = new ECCurve.Fp(
-            new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q
-            new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a
-            new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16), // b
-            n, ECConstants.ONE);
-
-        ECDomainParameters params = new ECDomainParameters(
-                curve,
-                curve.decodePoint(Hex.decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")), // G
-                n);
-
-        ECKeyPairGenerator eGen = new ECKeyPairGenerator();
-        KeyGenerationParameters gParam = new ECKeyGenerationParameters(params, new SecureRandom());
-
-        eGen.init(gParam);
-
-        AsymmetricCipherKeyPair p1 = eGen.generateKeyPair();
-        AsymmetricCipherKeyPair p2 = eGen.generateKeyPair();
-
-        doTest(p1, p2);
-
-        doEphemeralTest(null, false);
-        doEphemeralTest(null, true);
-        doEphemeralTest(TWOFISH_IV, false);
-        doEphemeralTest(TWOFISH_IV, true);
-
-        doCofactorTest(true, false);
-        doCofactorTest(false, false);
-        doCofactorTest(false, true);
-        doCofactorTest(true, true);
-    }
-
-    private void doCofactorTest(boolean newCofactorMode, boolean oldCofactorMode)
-    {
-
-        /* Create the generator */
-        ECKeyPairGenerator myGenerator = new ECKeyPairGenerator();
-        SecureRandom myRandom = new SecureRandom();
-        String myCurve = "sect571k1"; /* Any curve will do */
-
-        /* Lookup the parameters */
-        X9ECParameters x9 = ECNamedCurveTable.getByName(myCurve);
-
-        /* Initialise the generator */
-        ASN1ObjectIdentifier myOid = ECNamedCurveTable.getOID(myCurve);
-        ECNamedDomainParameters myDomain = new ECNamedDomainParameters(myOid, x9.getCurve(), x9.getG(), x9.getN(), x9.getH(), x9.getSeed());
-        ECKeyGenerationParameters myParams = new ECKeyGenerationParameters(myDomain, myRandom);
-        myGenerator.init(myParams);
-
-        /* Create the key Pair */
-        AsymmetricCipherKeyPair myPair = myGenerator.generateKeyPair();
-
-        /* Determine message length */
-        int myFieldSize = x9.getCurve().getFieldSize();
-        myFieldSize = (myFieldSize + 8 - 1) / 8;
-        int myLen = 2 * myFieldSize + 1;
-        byte[] myMessage = new byte[myLen];
-        int myKeyLen = 256 / 8;
-
-        /* Create agreement */
-        ECIESKeyEncapsulation myAgreement = new ECIESKeyEncapsulation(new KDF2BytesGenerator(new SHA512Digest()), myRandom, newCofactorMode, oldCofactorMode, false);
-        myAgreement.init(myPair.getPublic());
-        KeyParameter mySender = (KeyParameter) myAgreement.encrypt(myMessage, myKeyLen);
-        byte[] mySenderKey = mySender.getKey();
-
-        /* Accept agreement */
-        myAgreement.init(myPair.getPrivate());
-        KeyParameter myReceiver = (KeyParameter) myAgreement.decrypt(myMessage, myKeyLen);
-        byte[] myReceiverKey = myReceiver.getKey();
-
-        /* Check that keys match  */
-        isTrue("new " + newCofactorMode + " old " + oldCofactorMode, Arrays.areEqual(mySenderKey, myReceiverKey));
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new ECIESTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/ECNRTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/ECNRTest.java
deleted file mode 100644
index 7c1b238..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/ECNRTest.java
+++ /dev/null

@@ -1,99 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.signers.ECNRSigner;
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.util.BigIntegers;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestRandomBigInteger;
-
-/**
- * ECNR tests.
- */
-public class ECNRTest
-    extends SimpleTest
-{
-    /**
-     * a basic regression test with 239 bit prime
-     */
-    BigInteger r = new BigInteger("308636143175167811492623515537541734843573549327605293463169625072911693");
-    BigInteger s = new BigInteger("852401710738814635664888632022555967400445256405412579597015412971797143");
-
-    byte[] kData = BigIntegers.asUnsignedByteArray(new BigInteger("700000017569056646655505781757157107570501575775705779575555657156756655"));
-
-    SecureRandom    k = new TestRandomBigInteger(kData);
-
-    private void ecNR239bitPrime()
-    {
-        BigInteger n = new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307");
-
-        ECCurve.Fp curve = new ECCurve.Fp(
-            new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
-            new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
-            new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16), // b
-            n, ECConstants.ONE);
-
-        ECDomainParameters params = new ECDomainParameters(
-            curve,
-            curve.decodePoint(Hex.decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
-            n);
-
-        ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
-            new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d
-            params);
-
-        ECNRSigner ecnr = new ECNRSigner();
-        ParametersWithRandom param = new ParametersWithRandom(priKey, k);
-
-        ecnr.init(true, param);
-
-        byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").toByteArray();
-        BigInteger[] sig = ecnr.generateSignature(message);
-
-        if (!r.equals(sig[0]))
-        {
-            fail("r component wrong.", r, sig[0]);
-        }
-
-        if (!s.equals(sig[1]))
-        {
-            fail("s component wrong.", s, sig[1]);
-        }
-
-        // Verify the signature
-        ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
-            curve.decodePoint(Hex.decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q
-            params);
-
-        ecnr.init(false, pubKey);
-        if (!ecnr.verifySignature(message, sig[0], sig[1]))
-        {
-            fail("signature fails");
-        }
-    }
-
-    public String getName()
-    {
-        return "ECNR";
-    }
-
-    public void performTest()
-    {
-        ecNR239bitPrime();
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new ECNRTest());
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/ECTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/ECTest.java
deleted file mode 100644
index 2e733ce..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/ECTest.java
+++ /dev/null

@@ -1,1137 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.nist.NISTNamedCurves;
-import org.bouncycastle.asn1.sec.SECNamedCurves;
-import org.bouncycastle.asn1.x9.ECNamedCurveTable;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.BasicAgreement;
-import org.bouncycastle.crypto.agreement.ECDHBasicAgreement;
-import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement;
-import org.bouncycastle.crypto.agreement.ECDHCUnifiedAgreement;
-import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement;
-import org.bouncycastle.crypto.digests.SHA3Digest;
-import org.bouncycastle.crypto.ec.CustomNamedCurves;
-import org.bouncycastle.crypto.generators.ECKeyPairGenerator;
-import org.bouncycastle.crypto.params.ECDHUPrivateParameters;
-import org.bouncycastle.crypto.params.ECDHUPublicParameters;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECKeyGenerationParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.MQVPrivateParameters;
-import org.bouncycastle.crypto.params.MQVPublicParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.signers.DSADigestSigner;
-import org.bouncycastle.crypto.signers.ECDSASigner;
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.util.BigIntegers;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestRandomBigInteger;
-
-/**
- * ECDSA tests are taken from X9.62.
- */
-public class ECTest
-    extends SimpleTest
-{
-    /**
-     * X9.62 - 1998,<br>
-     * J.3.1, Page 152, ECDSA over the field Fp<br>
-     * an example with 192 bit prime
-     */
-    private void testECDSA192bitPrime()
-    {
-        BigInteger r = new BigInteger("3342403536405981729393488334694600415596881826869351677613");
-        BigInteger s = new BigInteger("5735822328888155254683894997897571951568553642892029982342");
-
-        byte[] kData = BigIntegers.asUnsignedByteArray(new BigInteger("6140507067065001063065065565667405560006161556565665656654"));
-
-        SecureRandom k = new TestRandomBigInteger(kData);
-
-        BigInteger n = new BigInteger("6277101735386680763835789423176059013767194773182842284081");
-
-        ECCurve.Fp curve = new ECCurve.Fp(
-            new BigInteger("6277101735386680763835789423207666416083908700390324961279"), // q
-            new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a
-            new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16), // b
-            n, ECConstants.ONE);
-
-        ECDomainParameters params = new ECDomainParameters(
-            curve,
-            curve.decodePoint(Hex.decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")), // G
-            n);
-
-        ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
-            new BigInteger("651056770906015076056810763456358567190100156695615665659"), // d
-            params);
-
-        ParametersWithRandom param = new ParametersWithRandom(priKey, k);
-
-        ECDSASigner ecdsa = new ECDSASigner();
-
-        ecdsa.init(true, param);
-
-        byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").toByteArray();
-        BigInteger[] sig = ecdsa.generateSignature(message);
-
-        if (!r.equals(sig[0]))
-        {
-            fail("r component wrong." + Strings.lineSeparator()
-                + " expecting: " + r + Strings.lineSeparator()
-                + " got      : " + sig[0]);
-        }
-
-        if (!s.equals(sig[1]))
-        {
-            fail("s component wrong." + Strings.lineSeparator()
-                + " expecting: " + s + Strings.lineSeparator()
-                + " got      : " + sig[1]);
-        }
-
-        // Verify the signature
-        ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
-            curve.decodePoint(Hex.decode("0262b12d60690cdcf330babab6e69763b471f994dd702d16a5")), // Q
-            params);
-
-        ecdsa.init(false, pubKey);
-        if (!ecdsa.verifySignature(message, sig[0], sig[1]))
-        {
-            fail("verification fails");
-        }
-    }
-
-    private void decodeTest()
-    {
-        X9ECParameters x9 = ECNamedCurveTable.getByName("prime192v1");
-        ECPoint p = x9.getG();
-
-        if (!p.getAffineXCoord().toBigInteger().equals(new BigInteger("188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012", 16)))
-        {
-            fail("x uncompressed incorrectly");
-        }
-
-        if (!p.getAffineYCoord().toBigInteger().equals(new BigInteger("7192b95ffc8da78631011ed6b24cdd573f977a11e794811", 16)))
-        {
-            fail("y uncompressed incorrectly");
-        }
-
-        byte[] encoding = p.getEncoded(true);
-
-        if (!areEqual(encoding, Hex.decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")))
-        {
-            fail("point compressed incorrectly");
-        }
-    }
-
-    /**
-     * X9.62 - 1998,<br>
-     * J.3.2, Page 155, ECDSA over the field Fp<br>
-     * an example with 239 bit prime
-     */
-    private void testECDSA239bitPrime()
-    {
-        BigInteger r = new BigInteger("308636143175167811492622547300668018854959378758531778147462058306432176");
-        BigInteger s = new BigInteger("323813553209797357708078776831250505931891051755007842781978505179448783");
-
-        byte[] kData = BigIntegers.asUnsignedByteArray(new BigInteger("700000017569056646655505781757157107570501575775705779575555657156756655"));
-
-        SecureRandom k = new TestRandomBigInteger(kData);
-
-        BigInteger n = new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307");
-
-        ECCurve.Fp curve = new ECCurve.Fp(
-            new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
-            new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
-            new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16), // b
-            n, ECConstants.ONE);
-
-        ECDomainParameters params = new ECDomainParameters(
-            curve,
-            curve.decodePoint(Hex.decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
-            n);
-
-        ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
-            new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d
-            params);
-
-        ECDSASigner ecdsa = new ECDSASigner();
-        ParametersWithRandom param = new ParametersWithRandom(priKey, k);
-
-        ecdsa.init(true, param);
-
-        byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").toByteArray();
-        BigInteger[] sig = ecdsa.generateSignature(message);
-
-        if (!r.equals(sig[0]))
-        {
-            fail("r component wrong." + Strings.lineSeparator()
-                + " expecting: " + r + Strings.lineSeparator()
-                + " got      : " + sig[0]);
-        }
-
-        if (!s.equals(sig[1]))
-        {
-            fail("s component wrong." + Strings.lineSeparator()
-                + " expecting: " + s + Strings.lineSeparator()
-                + " got      : " + sig[1]);
-        }
-
-        // Verify the signature
-        ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
-            curve.decodePoint(Hex.decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q
-            params);
-
-        ecdsa.init(false, pubKey);
-        if (!ecdsa.verifySignature(message, sig[0], sig[1]))
-        {
-            fail("signature fails");
-        }
-    }
-
-
-    /**
-     * X9.62 - 1998,<br>
-     * J.2.1, Page 100, ECDSA over the field F2m<br>
-     * an example with 191 bit binary field
-     */
-    private void testECDSA191bitBinary()
-    {
-        BigInteger r = new BigInteger("87194383164871543355722284926904419997237591535066528048");
-        BigInteger s = new BigInteger("308992691965804947361541664549085895292153777025772063598");
-
-        byte[] kData = BigIntegers.asUnsignedByteArray(new BigInteger("1542725565216523985789236956265265265235675811949404040041"));
-
-        SecureRandom k = new TestRandomBigInteger(kData);
-
-        BigInteger n = new BigInteger("1569275433846670190958947355803350458831205595451630533029");
-        BigInteger h = BigInteger.valueOf(2);
-
-        ECCurve.F2m curve = new ECCurve.F2m(
-            191, // m
-            9, //k
-            new BigInteger("2866537B676752636A68F56554E12640276B649EF7526267", 16), // a
-            new BigInteger("2E45EF571F00786F67B0081B9495A3D95462F5DE0AA185EC", 16), // b
-            n, h);
-
-        ECDomainParameters params = new ECDomainParameters(
-            curve,
-            curve.decodePoint(Hex.decode("0436B3DAF8A23206F9C4F299D7B21A9C369137F2C84AE1AA0D765BE73433B3F95E332932E70EA245CA2418EA0EF98018FB")), // G
-            n, h);
-
-        ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
-            new BigInteger("1275552191113212300012030439187146164646146646466749494799"), // d
-            params);
-
-        ECDSASigner ecdsa = new ECDSASigner();
-        ParametersWithRandom param = new ParametersWithRandom(priKey, k);
-
-        ecdsa.init(true, param);
-
-        byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").toByteArray();
-        BigInteger[] sig = ecdsa.generateSignature(message);
-
-        if (!r.equals(sig[0]))
-        {
-            fail("r component wrong." + Strings.lineSeparator()
-                + " expecting: " + r + Strings.lineSeparator()
-                + " got      : " + sig[0]);
-        }
-
-        if (!s.equals(sig[1]))
-        {
-            fail("s component wrong." + Strings.lineSeparator()
-                + " expecting: " + s + Strings.lineSeparator()
-                + " got      : " + sig[1]);
-        }
-
-        // Verify the signature
-        ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
-            curve.decodePoint(Hex.decode("045DE37E756BD55D72E3768CB396FFEB962614DEA4CE28A2E755C0E0E02F5FB132CAF416EF85B229BBB8E1352003125BA1")), // Q
-            params);
-
-        ecdsa.init(false, pubKey);
-        if (!ecdsa.verifySignature(message, sig[0], sig[1]))
-        {
-            fail("signature fails");
-        }
-    }
-
-
-    /**
-     * X9.62 - 1998,<br>
-     * J.2.1, Page 100, ECDSA over the field F2m<br>
-     * an example with 191 bit binary field
-     */
-    private void testECDSA239bitBinary()
-    {
-        BigInteger r = new BigInteger("21596333210419611985018340039034612628818151486841789642455876922391552");
-        BigInteger s = new BigInteger("197030374000731686738334997654997227052849804072198819102649413465737174");
-
-        byte[] kData = BigIntegers.asUnsignedByteArray(new BigInteger("171278725565216523967285789236956265265265235675811949404040041670216363"));
-
-        SecureRandom k = new TestRandomBigInteger(kData);
-
-        BigInteger n = new BigInteger("220855883097298041197912187592864814557886993776713230936715041207411783");
-        BigInteger h = BigInteger.valueOf(4);
-
-        ECCurve.F2m curve = new ECCurve.F2m(
-            239, // m
-            36, //k
-            new BigInteger("32010857077C5431123A46B808906756F543423E8D27877578125778AC76", 16), // a
-            new BigInteger("790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16", 16), // b
-            n, h);
-
-        ECDomainParameters params = new ECDomainParameters(
-            curve,
-            curve.decodePoint(Hex.decode("0457927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305")), // G
-            n, h);
-
-        ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
-            new BigInteger("145642755521911534651321230007534120304391871461646461466464667494947990"), // d
-            params);
-
-        ECDSASigner ecdsa = new ECDSASigner();
-        ParametersWithRandom param = new ParametersWithRandom(priKey, k);
-
-        ecdsa.init(true, param);
-
-        byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").toByteArray();
-        BigInteger[] sig = ecdsa.generateSignature(message);
-
-        if (!r.equals(sig[0]))
-        {
-            fail("r component wrong." + Strings.lineSeparator()
-                + " expecting: " + r + Strings.lineSeparator()
-                + " got      : " + sig[0]);
-        }
-
-        if (!s.equals(sig[1]))
-        {
-            fail("s component wrong." + Strings.lineSeparator()
-                + " expecting: " + s + Strings.lineSeparator()
-                + " got      : " + sig[1]);
-        }
-
-        // Verify the signature
-        ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
-            curve.decodePoint(Hex.decode("045894609CCECF9A92533F630DE713A958E96C97CCB8F5ABB5A688A238DEED6DC2D9D0C94EBFB7D526BA6A61764175B99CB6011E2047F9F067293F57F5")), // Q
-            params);
-
-        ecdsa.init(false, pubKey);
-        if (!ecdsa.verifySignature(message, sig[0], sig[1]))
-        {
-            fail("signature fails");
-        }
-    }
-
-    // L 4.1  X9.62 2005
-    private void testECDSAP224sha224()
-    {
-        X9ECParameters p = NISTNamedCurves.getByName("P-224");
-        ECDomainParameters params = new ECDomainParameters(p.getCurve(), p.getG(), p.getN(), p.getH());
-        ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
-            new BigInteger("6081831502424510080126737029209236539191290354021104541805484120491"), // d
-            params);
-        SecureRandom k = new TestRandomBigInteger(BigIntegers.asUnsignedByteArray(new BigInteger("15456715103636396133226117016818339719732885723579037388121116732601")));
-
-        byte[] M = Hex.decode("8797A3C693CC292441039A4E6BAB7387F3B4F2A63D00ED384B378C79");
-
-        ECDSASigner dsa = new ECDSASigner();
-
-        dsa.init(true, new ParametersWithRandom(priKey, k));
-
-        BigInteger[] sig = dsa.generateSignature(M);
-
-        BigInteger r = new BigInteger("26477406756127720855365980332052585411804331993436302005017227573742");
-        BigInteger s = new BigInteger("17694958233103667059888193972742186995283044672015112738919822429978");
-
-        if (!r.equals(sig[0]))
-        {
-            fail("r component wrong." + Strings.lineSeparator()
-                + " expecting: " + r + Strings.lineSeparator()
-                + " got      : " + sig[0]);
-        }
-
-        if (!s.equals(sig[1]))
-        {
-            fail("s component wrong." + Strings.lineSeparator()
-                + " expecting: " + s + Strings.lineSeparator()
-                + " got      : " + sig[1]);
-        }
-
-        // Verify the signature
-        ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
-            params.getCurve().decodePoint(Hex.decode("03FD44EC11F9D43D9D23B1E1D1C9ED6519B40ECF0C79F48CF476CC43F1")), // Q
-            params);
-
-        dsa.init(false, pubKey);
-        if (!dsa.verifySignature(M, sig[0], sig[1]))
-        {
-            fail("signature fails");
-        }
-    }
-
-    private void testECDSASecP224k1sha256()
-    {
-        X9ECParameters p = SECNamedCurves.getByName("secp224k1");
-        ECDomainParameters params = new ECDomainParameters(p.getCurve(), p.getG(), p.getN(), p.getH());
-        ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
-            new BigInteger("BE6F6E91FE96840A6518B56F3FE21689903A64FA729057AB872A9F51", 16), // d
-            params);
-        SecureRandom k = new TestRandomBigInteger(Hex.decode("00c39beac93db21c3266084429eb9b846b787c094f23a4de66447efbb3"));
-
-        byte[] M = Hex.decode("E5D5A7ADF73C5476FAEE93A2C76CE94DC0557DB04CDC189504779117920B896D");
-
-        ECDSASigner dsa = new ECDSASigner();
-
-        dsa.init(true, new ParametersWithRandom(priKey, k));
-
-        BigInteger[] sig = dsa.generateSignature(M);
-
-        BigInteger r = new BigInteger("8163E5941BED41DA441B33E653C632A55A110893133351E20CE7CB75", 16);
-        BigInteger s = new BigInteger("D12C3FC289DDD5F6890DCE26B65792C8C50E68BF551D617D47DF15A8", 16);
-
-        if (!r.equals(sig[0]))
-        {
-            fail("r component wrong." + Strings.lineSeparator()
-                + " expecting: " + r + Strings.lineSeparator()
-                + " got      : " + sig[0]);
-        }
-
-        if (!s.equals(sig[1]))
-        {
-            fail("s component wrong." + Strings.lineSeparator()
-                + " expecting: " + s + Strings.lineSeparator()
-                + " got      : " + sig[1]);
-        }
-
-        // Verify the signature
-        ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
-            params.getCurve().decodePoint(Hex.decode("04C5C9B38D3603FCCD6994CBB9594E152B658721E483669BB42728520F484B537647EC816E58A8284D3B89DFEDB173AFDC214ECA95A836FA7C")), // Q
-            params);
-
-        dsa.init(false, pubKey);
-        if (!dsa.verifySignature(M, sig[0], sig[1]))
-        {
-            fail("signature fails");
-        }
-    }
-
-    // L4.2  X9.62 2005
-    private void testECDSAP256sha256()
-    {
-        X9ECParameters p = NISTNamedCurves.getByName("P-256");
-        ECDomainParameters params = new ECDomainParameters(p.getCurve(), p.getG(), p.getN(), p.getH());
-        ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
-            new BigInteger("20186677036482506117540275567393538695075300175221296989956723148347484984008"), // d
-            params);
-        SecureRandom k = new TestRandomBigInteger(BigIntegers.asUnsignedByteArray(new BigInteger("72546832179840998877302529996971396893172522460793442785601695562409154906335")));
-
-        byte[] M = Hex.decode("1BD4ED430B0F384B4E8D458EFF1A8A553286D7AC21CB2F6806172EF5F94A06AD");
-
-        ECDSASigner dsa = new ECDSASigner();
-
-        dsa.init(true, new ParametersWithRandom(priKey, k));
-
-        BigInteger[] sig = dsa.generateSignature(M);
-
-        BigInteger r = new BigInteger("97354732615802252173078420023658453040116611318111190383344590814578738210384");
-        BigInteger s = new BigInteger("98506158880355671805367324764306888225238061309262649376965428126566081727535");
-
-        if (!r.equals(sig[0]))
-        {
-            fail("r component wrong." + Strings.lineSeparator()
-                + " expecting: " + r + Strings.lineSeparator()
-                + " got      : " + sig[0]);
-        }
-
-        if (!s.equals(sig[1]))
-        {
-            fail("s component wrong." + Strings.lineSeparator()
-                + " expecting: " + s + Strings.lineSeparator()
-                + " got      : " + sig[1]);
-        }
-
-        // Verify the signature
-        ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
-            params.getCurve().decodePoint(Hex.decode("03596375E6CE57E0F20294FC46BDFCFD19A39F8161B58695B3EC5B3D16427C274D")), // Q
-            params);
-
-        dsa.init(false, pubKey);
-        if (!dsa.verifySignature(M, sig[0], sig[1]))
-        {
-            fail("signature fails");
-        }
-    }
-
-    private void testECDSAP256sha3(int size, BigInteger s)
-    {
-        X9ECParameters p = NISTNamedCurves.getByName("P-256");
-        ECDomainParameters params = new ECDomainParameters(p.getCurve(), p.getG(), p.getN(), p.getH());
-        ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
-            new BigInteger("20186677036482506117540275567393538695075300175221296989956723148347484984008"), // d
-            params);
-        SecureRandom k = new TestRandomBigInteger(BigIntegers.asUnsignedByteArray(new BigInteger("72546832179840998877302529996971396893172522460793442785601695562409154906335")));
-
-        byte[] M = Hex.decode("1BD4ED430B0F384B4E8D458EFF1A8A553286D7AC21CB2F6806172EF5F94A06AD");
-
-        DSADigestSigner dsa = new DSADigestSigner(new ECDSASigner(), new SHA3Digest(size));
-
-        dsa.init(true, new ParametersWithRandom(priKey, k));
-
-        dsa.update(M, 0, M.length);
-
-        byte[] encSig = dsa.generateSignature();
-
-        ASN1Sequence sig = ASN1Sequence.getInstance(encSig);
-
-        BigInteger r = new BigInteger("97354732615802252173078420023658453040116611318111190383344590814578738210384");
-
-        BigInteger sigR = ASN1Integer.getInstance(sig.getObjectAt(0)).getValue();
-        if (!r.equals(sigR))
-        {
-            fail("r component wrong." + Strings.lineSeparator()
-                + " expecting: " + r.toString(16) + Strings.lineSeparator()
-                + " got      : " + sigR.toString(16));
-        }
-
-        BigInteger sigS = ASN1Integer.getInstance(sig.getObjectAt(1)).getValue();
-        if (!s.equals(sigS))
-        {
-            fail("s component wrong." + Strings.lineSeparator()
-                + " expecting: " + s.toString(16) + Strings.lineSeparator()
-                + " got      : " + sigS.toString(16));
-        }
-
-        // Verify the signature
-        ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
-            params.getCurve().decodePoint(Hex.decode("03596375E6CE57E0F20294FC46BDFCFD19A39F8161B58695B3EC5B3D16427C274D")), // Q
-            params);
-
-        dsa.init(false, pubKey);
-
-        dsa.update(M, 0, M.length);
-
-        if (!dsa.verifySignature(encSig))
-        {
-            fail("signature fails");
-        }
-    }
-
-    private void testECDSAP224OneByteOver()
-    {
-        X9ECParameters p = NISTNamedCurves.getByName("P-224");
-        ECDomainParameters params = new ECDomainParameters(p.getCurve(), p.getG(), p.getN(), p.getH());
-        ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
-            new BigInteger("6081831502424510080126737029209236539191290354021104541805484120491"), // d
-            params);
-        SecureRandom k = new TestRandomBigInteger(BigIntegers.asUnsignedByteArray(new BigInteger("15456715103636396133226117016818339719732885723579037388121116732601")));
-
-        byte[] M = Hex.decode("8797A3C693CC292441039A4E6BAB7387F3B4F2A63D00ED384B378C79FF");
-
-        ECDSASigner dsa = new ECDSASigner();
-
-        dsa.init(true, new ParametersWithRandom(priKey, k));
-
-        BigInteger[] sig = dsa.generateSignature(M);
-
-        BigInteger r = new BigInteger("26477406756127720855365980332052585411804331993436302005017227573742");
-        BigInteger s = new BigInteger("17694958233103667059888193972742186995283044672015112738919822429978");
-
-        if (!r.equals(sig[0]))
-        {
-            fail("r component wrong." + Strings.lineSeparator()
-                + " expecting: " + r + Strings.lineSeparator()
-                + " got      : " + sig[0]);
-        }
-
-        if (!s.equals(sig[1]))
-        {
-            fail("s component wrong." + Strings.lineSeparator()
-                + " expecting: " + s + Strings.lineSeparator()
-                + " got      : " + sig[1]);
-        }
-
-        // Verify the signature
-        ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
-            params.getCurve().decodePoint(Hex.decode("03FD44EC11F9D43D9D23B1E1D1C9ED6519B40ECF0C79F48CF476CC43F1")), // Q
-            params);
-
-        dsa.init(false, pubKey);
-        if (!dsa.verifySignature(M, sig[0], sig[1]))
-        {
-            fail("signature fails");
-        }
-    }
-
-    // L4.3  X9.62 2005
-    private void testECDSAP521sha512()
-    {
-        X9ECParameters p = NISTNamedCurves.getByName("P-521");
-        ECDomainParameters params = new ECDomainParameters(p.getCurve(), p.getG(), p.getN(), p.getH());
-        ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
-            new BigInteger("617573726813476282316253885608633222275541026607493641741273231656161177732180358888434629562647985511298272498852936680947729040673640492310550142822667389"), // d
-            params);
-        SecureRandom k = new TestRandomBigInteger(BigIntegers.asUnsignedByteArray(new BigInteger("6806532878215503520845109818432174847616958675335397773700324097584974639728725689481598054743894544060040710846048585856076812050552869216017728862957612913")));
-
-        byte[] M = Hex.decode("6893B64BD3A9615C39C3E62DDD269C2BAAF1D85915526083183CE14C2E883B48B193607C1ED871852C9DF9C3147B574DC1526C55DE1FE263A676346A20028A66");
-
-        ECDSASigner dsa = new ECDSASigner();
-
-        dsa.init(true, new ParametersWithRandom(priKey, k));
-
-        BigInteger[] sig = dsa.generateSignature(M);
-
-        BigInteger r = new BigInteger("1368926195812127407956140744722257403535864168182534321188553460365652865686040549247096155740756318290773648848859639978618869784291633651685766829574104630");
-        BigInteger s = new BigInteger("1624754720348883715608122151214003032398685415003935734485445999065609979304811509538477657407457976246218976767156629169821116579317401249024208611945405790");
-
-        if (!r.equals(sig[0]))
-        {
-            fail("r component wrong." + Strings.lineSeparator()
-                + " expecting: " + r + Strings.lineSeparator()
-                + " got      : " + sig[0]);
-        }
-
-        if (!s.equals(sig[1]))
-        {
-            fail("s component wrong." + Strings.lineSeparator()
-                + " expecting: " + s + Strings.lineSeparator()
-                + " got      : " + sig[1]);
-        }
-
-        // Verify the signature
-        ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
-            params.getCurve().decodePoint(Hex.decode("020145E221AB9F71C5FE740D8D2B94939A09E2816E2167A7D058125A06A80C014F553E8D6764B048FB6F2B687CEC72F39738F223D4CE6AFCBFF2E34774AA5D3C342CB3")), // Q
-            params);
-
-        dsa.init(false, pubKey);
-        if (!dsa.verifySignature(M, sig[0], sig[1]))
-        {
-            fail("signature fails");
-        }
-    }
-
-    /**
-     * General test for long digest.
-     */
-    private void testECDSA239bitBinaryAndLargeDigest()
-    {
-        BigInteger r = new BigInteger("21596333210419611985018340039034612628818151486841789642455876922391552");
-        BigInteger s = new BigInteger("144940322424411242416373536877786566515839911620497068645600824084578597");
-
-        byte[] kData = BigIntegers.asUnsignedByteArray(new BigInteger("171278725565216523967285789236956265265265235675811949404040041670216363"));
-
-        SecureRandom k = new TestRandomBigInteger(kData);
-
-        BigInteger n = new BigInteger("220855883097298041197912187592864814557886993776713230936715041207411783");
-        BigInteger h = BigInteger.valueOf(4);
-
-        ECCurve.F2m curve = new ECCurve.F2m(
-            239, // m
-            36, //k
-            new BigInteger("32010857077C5431123A46B808906756F543423E8D27877578125778AC76", 16), // a
-            new BigInteger("790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16", 16), // b
-            n, h);
-
-        ECDomainParameters params = new ECDomainParameters(
-            curve,
-            curve.decodePoint(Hex.decode("0457927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305")), // G
-            n, h);
-
-        ECPrivateKeyParameters priKey = new ECPrivateKeyParameters(
-            new BigInteger("145642755521911534651321230007534120304391871461646461466464667494947990"), // d
-            params);
-
-        ECDSASigner ecdsa = new ECDSASigner();
-        ParametersWithRandom param = new ParametersWithRandom(priKey, k);
-
-        ecdsa.init(true, param);
-
-        byte[] message = new BigInteger("968236873715988614170569073515315707566766479517968236873715988614170569073515315707566766479517968236873715988614170569073515315707566766479517").toByteArray();
-        BigInteger[] sig = ecdsa.generateSignature(message);
-
-        if (!r.equals(sig[0]))
-        {
-            fail("r component wrong." + Strings.lineSeparator()
-                + " expecting: " + r + Strings.lineSeparator()
-                + " got      : " + sig[0]);
-        }
-
-        if (!s.equals(sig[1]))
-        {
-            fail("s component wrong." + Strings.lineSeparator()
-                + " expecting: " + s + Strings.lineSeparator()
-                + " got      : " + sig[1]);
-        }
-
-        // Verify the signature
-        ECPublicKeyParameters pubKey = new ECPublicKeyParameters(
-            curve.decodePoint(Hex.decode("045894609CCECF9A92533F630DE713A958E96C97CCB8F5ABB5A688A238DEED6DC2D9D0C94EBFB7D526BA6A61764175B99CB6011E2047F9F067293F57F5")), // Q
-            params);
-
-        ecdsa.init(false, pubKey);
-        if (!ecdsa.verifySignature(message, sig[0], sig[1]))
-        {
-            fail("signature fails");
-        }
-    }
-
-    /**
-     * key generation test
-     */
-    private void testECDSAKeyGenTest()
-    {
-        SecureRandom random = new SecureRandom();
-
-        BigInteger n = new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307");
-
-        ECCurve.Fp curve = new ECCurve.Fp(
-            new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
-            new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
-            new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16), // b
-            n, ECConstants.ONE);
-
-        ECDomainParameters params = new ECDomainParameters(
-            curve,
-            curve.decodePoint(Hex.decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
-            n);
-
-        ECKeyPairGenerator pGen = new ECKeyPairGenerator();
-        ECKeyGenerationParameters genParam = new ECKeyGenerationParameters(
-            params,
-            random);
-
-        pGen.init(genParam);
-
-        AsymmetricCipherKeyPair pair = pGen.generateKeyPair();
-
-        ParametersWithRandom param = new ParametersWithRandom(pair.getPrivate(), random);
-
-        ECDSASigner ecdsa = new ECDSASigner();
-
-        ecdsa.init(true, param);
-
-        byte[] message = new BigInteger("968236873715988614170569073515315707566766479517").toByteArray();
-        BigInteger[] sig = ecdsa.generateSignature(message);
-
-        ecdsa.init(false, pair.getPublic());
-
-        if (!ecdsa.verifySignature(message, sig[0], sig[1]))
-        {
-            fail("signature fails");
-        }
-    }
-
-    /**
-     * Basic Key Agreement Test
-     */
-    private void testECDHBasicAgreement()
-    {
-        SecureRandom random = new SecureRandom();
-
-        BigInteger n = new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307");
-
-        ECCurve.Fp curve = new ECCurve.Fp(
-            new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
-            new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
-            new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16), // b
-            n, ECConstants.ONE);
-
-        ECDomainParameters params = new ECDomainParameters(
-            curve,
-            curve.decodePoint(Hex.decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
-            n);
-
-        ECKeyPairGenerator pGen = new ECKeyPairGenerator();
-        ECKeyGenerationParameters genParam = new ECKeyGenerationParameters(
-            params,
-            random);
-
-        pGen.init(genParam);
-
-        AsymmetricCipherKeyPair p1 = pGen.generateKeyPair();
-        AsymmetricCipherKeyPair p2 = pGen.generateKeyPair();
-
-        //
-        // two way
-        //
-        BasicAgreement e1 = new ECDHBasicAgreement();
-        BasicAgreement e2 = new ECDHBasicAgreement();
-
-        e1.init(p1.getPrivate());
-        e2.init(p2.getPrivate());
-
-        BigInteger k1 = e1.calculateAgreement(p2.getPublic());
-        BigInteger k2 = e2.calculateAgreement(p1.getPublic());
-
-        if (!k1.equals(k2))
-        {
-            fail("calculated agreement test failed");
-        }
-
-        //
-        // two way
-        //
-        e1 = new ECDHCBasicAgreement();
-        e2 = new ECDHCBasicAgreement();
-
-        e1.init(p1.getPrivate());
-        e2.init(p2.getPrivate());
-
-        k1 = e1.calculateAgreement(p2.getPublic());
-        k2 = e2.calculateAgreement(p1.getPublic());
-
-        if (!k1.equals(k2))
-        {
-            fail("calculated agreement test failed");
-        }
-    }
-
-    private void testECDHBasicAgreementCofactor()
-    {
-        SecureRandom random = new SecureRandom();
-
-        X9ECParameters x9 = CustomNamedCurves.getByName("curve25519");
-        ECDomainParameters ec = new ECDomainParameters(x9.getCurve(), x9.getG(), x9.getN(), x9.getH(), x9.getSeed());
-
-        ECKeyPairGenerator kpg = new ECKeyPairGenerator();
-        kpg.init(new ECKeyGenerationParameters(ec, random));
-
-        AsymmetricCipherKeyPair p1 = kpg.generateKeyPair();
-        AsymmetricCipherKeyPair p2 = kpg.generateKeyPair();
-
-        BasicAgreement e1 = new ECDHBasicAgreement();
-        BasicAgreement e2 = new ECDHBasicAgreement();
-
-        e1.init(p1.getPrivate());
-        e2.init(p2.getPrivate());
-
-        BigInteger k1 = e1.calculateAgreement(p2.getPublic());
-        BigInteger k2 = e2.calculateAgreement(p1.getPublic());
-
-        if (!k1.equals(k2))
-        {
-            fail("calculated agreement test failed");
-        }
-    }
-
-    private void testECMQVTestVector1()
-    {
-        // Test Vector from GEC-2
-
-        X9ECParameters x9 = SECNamedCurves.getByName("secp160r1");
-        ECDomainParameters p = new ECDomainParameters(
-            x9.getCurve(), x9.getG(), x9.getN(), x9.getH(), x9.getSeed());
-
-        AsymmetricCipherKeyPair U1 = new AsymmetricCipherKeyPair(
-            new ECPublicKeyParameters(
-                p.getCurve().decodePoint(Hex.decode("0251B4496FECC406ED0E75A24A3C03206251419DC0")), p),
-            new ECPrivateKeyParameters(
-                new BigInteger("AA374FFC3CE144E6B073307972CB6D57B2A4E982", 16), p));
-
-        AsymmetricCipherKeyPair U2 = new AsymmetricCipherKeyPair(
-            new ECPublicKeyParameters(
-                p.getCurve().decodePoint(Hex.decode("03D99CE4D8BF52FA20BD21A962C6556B0F71F4CA1F")), p),
-            new ECPrivateKeyParameters(
-                new BigInteger("149EC7EA3A220A887619B3F9E5B4CA51C7D1779C", 16), p));
-
-        AsymmetricCipherKeyPair V1 = new AsymmetricCipherKeyPair(
-            new ECPublicKeyParameters(
-                p.getCurve().decodePoint(Hex.decode("0349B41E0E9C0369C2328739D90F63D56707C6E5BC")), p),
-            new ECPrivateKeyParameters(
-                new BigInteger("45FB58A92A17AD4B15101C66E74F277E2B460866", 16), p));
-
-        AsymmetricCipherKeyPair V2 = new AsymmetricCipherKeyPair(
-            new ECPublicKeyParameters(
-                p.getCurve().decodePoint(Hex.decode("02706E5D6E1F640C6E9C804E75DBC14521B1E5F3B5")), p),
-            new ECPrivateKeyParameters(
-                new BigInteger("18C13FCED9EADF884F7C595C8CB565DEFD0CB41E", 16), p));
-
-        BigInteger x = calculateAgreement(U1, U2, V1, V2);
-
-        if (x == null
-            || !x.equals(new BigInteger("5A6955CEFDB4E43255FB7FCF718611E4DF8E05AC", 16)))
-        {
-            fail("MQV Test Vector #1 agreement failed");
-        }
-    }
-
-    private void testECMQVTestVector2()
-    {
-        // Test Vector from GEC-2
-
-        X9ECParameters x9 = SECNamedCurves.getByName("sect163k1");
-        ECDomainParameters p = new ECDomainParameters(
-            x9.getCurve(), x9.getG(), x9.getN(), x9.getH(), x9.getSeed());
-
-        AsymmetricCipherKeyPair U1 = new AsymmetricCipherKeyPair(
-            new ECPublicKeyParameters(
-                p.getCurve().decodePoint(Hex.decode("03037D529FA37E42195F10111127FFB2BB38644806BC")), p),
-            new ECPrivateKeyParameters(
-                new BigInteger("03A41434AA99C2EF40C8495B2ED9739CB2155A1E0D", 16), p));
-
-        AsymmetricCipherKeyPair U2 = new AsymmetricCipherKeyPair(
-            new ECPublicKeyParameters(
-                p.getCurve().decodePoint(Hex.decode("02015198E74BC2F1E5C9A62B80248DF0D62B9ADF8429")), p),
-            new ECPrivateKeyParameters(
-                new BigInteger("032FC4C61A8211E6A7C4B8B0C03CF35F7CF20DBD52", 16), p));
-
-        AsymmetricCipherKeyPair V1 = new AsymmetricCipherKeyPair(
-            new ECPublicKeyParameters(
-                p.getCurve().decodePoint(Hex.decode("03072783FAAB9549002B4F13140B88132D1C75B3886C")), p),
-            new ECPrivateKeyParameters(
-                new BigInteger("57E8A78E842BF4ACD5C315AA0569DB1703541D96", 16), p));
-
-        AsymmetricCipherKeyPair V2 = new AsymmetricCipherKeyPair(
-            new ECPublicKeyParameters(
-                p.getCurve().decodePoint(Hex.decode("03067E3AEA3510D69E8EDD19CB2A703DDC6CF5E56E32")), p),
-            new ECPrivateKeyParameters(
-                new BigInteger("02BD198B83A667A8D908EA1E6F90FD5C6D695DE94F", 16), p));
-
-        BigInteger x = calculateAgreement(U1, U2, V1, V2);
-
-        if (x == null
-            || !x.equals(new BigInteger("038359FFD30C0D5FC1E6154F483B73D43E5CF2B503", 16)))
-        {
-            fail("MQV Test Vector #2 agreement failed");
-        }
-    }
-
-    private void testECMQVRandom()
-    {
-        SecureRandom random = new SecureRandom();
-
-        BigInteger n = new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307");
-
-        ECCurve.Fp curve = new ECCurve.Fp(
-            new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"), // q
-            new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
-            new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16), // b
-            n, ECConstants.ONE);
-
-        ECDomainParameters parameters = new ECDomainParameters(
-            curve,
-            curve.decodePoint(Hex.decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
-            n);
-
-        ECKeyPairGenerator pGen = new ECKeyPairGenerator();
-
-        pGen.init(new ECKeyGenerationParameters(parameters, random));
-
-
-        // Pre-established key pairs
-        AsymmetricCipherKeyPair U1 = pGen.generateKeyPair();
-        AsymmetricCipherKeyPair V1 = pGen.generateKeyPair();
-
-        // Ephemeral key pairs
-        AsymmetricCipherKeyPair U2 = pGen.generateKeyPair();
-        AsymmetricCipherKeyPair V2 = pGen.generateKeyPair();
-
-        BigInteger x = calculateAgreement(U1, U2, V1, V2);
-
-        if (x == null)
-        {
-            fail("MQV Test Vector (random) agreement failed");
-        }
-    }
-
-    private static BigInteger calculateAgreement(
-        AsymmetricCipherKeyPair U1,
-        AsymmetricCipherKeyPair U2,
-        AsymmetricCipherKeyPair V1,
-        AsymmetricCipherKeyPair V2)
-    {
-        ECMQVBasicAgreement u = new ECMQVBasicAgreement();
-        u.init(new MQVPrivateParameters(
-            (ECPrivateKeyParameters)U1.getPrivate(),
-            (ECPrivateKeyParameters)U2.getPrivate(),
-            (ECPublicKeyParameters)U2.getPublic()));
-        BigInteger ux = u.calculateAgreement(new MQVPublicParameters(
-            (ECPublicKeyParameters)V1.getPublic(),
-            (ECPublicKeyParameters)V2.getPublic()));
-
-        ECMQVBasicAgreement v = new ECMQVBasicAgreement();
-        v.init(new MQVPrivateParameters(
-            (ECPrivateKeyParameters)V1.getPrivate(),
-            (ECPrivateKeyParameters)V2.getPrivate(),
-            (ECPublicKeyParameters)V2.getPublic()));
-        BigInteger vx = v.calculateAgreement(new MQVPublicParameters(
-            (ECPublicKeyParameters)U1.getPublic(),
-            (ECPublicKeyParameters)U2.getPublic()));
-
-        if (ux.equals(vx))
-        {
-            return ux;
-        }
-
-        return null;
-    }
-
-    private void testECUnifiedTestVector1()
-    {
-        // Test Vector from NIST sample data
-
-        X9ECParameters x9 = NISTNamedCurves.getByName("P-224");
-        ECDomainParameters p = new ECDomainParameters(
-            x9.getCurve(), x9.getG(), x9.getN(), x9.getH(), x9.getSeed());
-
-        AsymmetricCipherKeyPair U1 = new AsymmetricCipherKeyPair(
-            new ECPublicKeyParameters(
-                p.getCurve().decodePoint(Hex.decode("040784e946ef1fae0cfe127042a310a018ba639d3f6b41f265904f0a7b21b7953efe638b45e6c0c0d34a883a510ce836d143d831daa9ce8a12")), p),
-            new ECPrivateKeyParameters(
-                new BigInteger("86d1735ca357890aeec8eccb4859275151356ecee9f1b2effb76b092", 16), p));
-
-        AsymmetricCipherKeyPair U2 = new AsymmetricCipherKeyPair(
-            new ECPublicKeyParameters(
-                p.getCurve().decodePoint(Hex.decode("04b33713dc0d56215be26ee6c5e60ad36d12e02e78529ae3ff07873c6b39598bda41c1cf86ee3981f40e102333c15fef214bda034291c1aca6")), p),
-            new ECPrivateKeyParameters(
-                new BigInteger("764010b3137ef8d34a3552955ada572a4fa1bb1f5289f27c1bf18344", 16), p));
-
-        AsymmetricCipherKeyPair V1 = new AsymmetricCipherKeyPair(
-            new ECPublicKeyParameters(
-                p.getCurve().decodePoint(Hex.decode("0484c22d9575d09e280613c8758467f84869c6eede4f6c1b644517d6a72c4fc5c68fa12b4c259032fc5949c630259948fca38fb3342d9cb0a8")), p),
-            new ECPrivateKeyParameters(
-                new BigInteger("e37964e391f5058fb43435352a9913438a1ec10831f755273285230a", 16), p));
-
-        AsymmetricCipherKeyPair V2 = new AsymmetricCipherKeyPair(
-            new ECPublicKeyParameters(
-                p.getCurve().decodePoint(Hex.decode("044b917e9ce693b277c8095e535ea81c2dea089446a8c55438eda750fb6170c85b86390481fff2dff94b7dff3e42d35ff623921cb558967b48")), p),
-            new ECPrivateKeyParameters(
-                new BigInteger("ab40d67f59ba7265d8ad33ade8f704d13a7ba2298b69172a7cd02515", 16), p));
-
-        byte[] x = calculateUnifiedAgreement(U1, U2, V1, V2);
-
-        if (x == null
-            || !areEqual(Hex.decode("80315a208b1cd6119264e5c03242b7db96379986fdc4c2f06bf88d0655cda75d4dc7e94a8df9f03239d5da9a18d364cebc6c63f01b6f4378"), x))
-        {
-            fail("EC combined Test Vector #1 agreement failed");
-        }
-    }
-
-    private void testECUnifiedTestVector2()
-    {
-        // Test Vector from NIST sample data
-
-        X9ECParameters x9 = NISTNamedCurves.getByName("P-256");
-        ECDomainParameters p = new ECDomainParameters(
-            x9.getCurve(), x9.getG(), x9.getN(), x9.getH(), x9.getSeed());
-
-        AsymmetricCipherKeyPair U1 = new AsymmetricCipherKeyPair(
-            new ECPublicKeyParameters(
-                p.getCurve().decodePoint(Hex.decode("047581b35964a983414ebdd56f4ebb1ddcad10881b200666a51ae41306e1ecf1db368468a5e8a65ca10ccea526472c8982db68316c468800e171c11f4ee694fce4")), p),
-            new ECPrivateKeyParameters(
-                new BigInteger("2eb7ef76d4936123b6f13035045aedf45c1c7731f35d529d25941926b5bb38bb", 16), p));
-
-        AsymmetricCipherKeyPair U2 = new AsymmetricCipherKeyPair(
-            new ECPublicKeyParameters(
-                p.getCurve().decodePoint(Hex.decode("045b1e4cdeb0728333c0a51631b1a75269e4878d10732f4cb94d600483db4bd9ee625c374592c3db7e9f8b4f2c91a0098a158bc37b922e4243bd9cbdefe67d6ab0")), p),
-            new ECPrivateKeyParameters(
-                new BigInteger("78acde388a022261767e6b3dd6dd016c53b70a084260ec87d395aec761c082de", 16), p));
-
-        AsymmetricCipherKeyPair V1 = new AsymmetricCipherKeyPair(
-            new ECPublicKeyParameters(
-                p.getCurve().decodePoint(Hex.decode("04e4916d616803ff1bd9569f35b7d06f792f19c1fb4e6fa916d686c027a17d8dffd570193d8e101624ac2ea0bcb762d5613f05452670f09af66ef70861fb528868")), p),
-            new ECPrivateKeyParameters(
-                new BigInteger("9c85898640a1b1de8ce7f557492dc1460530b9e17afaaf742eb953bb644e9c5a", 16), p));
-
-        AsymmetricCipherKeyPair V2 = new AsymmetricCipherKeyPair(
-            new ECPublicKeyParameters(
-                p.getCurve().decodePoint(Hex.decode("04d1cd23c29d0fc865c316d44a1fd5adb6605ee47c9ddfec3a9b0a5e532d52704e74ff5d149aeb50856fefb38d5907b6dbb580fe6dc166bcfcbee4eb376d77e95c")), p),
-            new ECPrivateKeyParameters(
-                new BigInteger("d6e11d5d3b85b201b8f4c12dadfad3000e267961a806a0658a2b859d44389599", 16), p));
-
-        byte[] x = calculateUnifiedAgreement(U1, U2, V1, V2);
-
-        if (x == null
-            || !areEqual(Hex.decode("02886e53998b06d92f04e4579cbfa5f35c96334d3890298264e7f956da70966af07bf1b3abbaa8d76fbaf435508bdabbbbbdae1a191d91480ed88374c3552233"), x))
-        {
-            fail("EC combined Test Vector #2 agreement failed");
-        }
-    }
-
-    private byte[] calculateUnifiedAgreement(
-        AsymmetricCipherKeyPair U1,
-        AsymmetricCipherKeyPair U2,
-        AsymmetricCipherKeyPair V1,
-        AsymmetricCipherKeyPair V2)
-    {
-        ECDHCUnifiedAgreement u = new ECDHCUnifiedAgreement();
-        u.init(new ECDHUPrivateParameters(
-            (ECPrivateKeyParameters)U1.getPrivate(),
-            (ECPrivateKeyParameters)U2.getPrivate(),
-            (ECPublicKeyParameters)U2.getPublic()));
-        byte[] ux = u.calculateAgreement(new ECDHUPublicParameters(
-            (ECPublicKeyParameters)V1.getPublic(),
-            (ECPublicKeyParameters)V2.getPublic()));
-
-        ECDHCUnifiedAgreement v = new ECDHCUnifiedAgreement();
-        v.init(new ECDHUPrivateParameters(
-            (ECPrivateKeyParameters)V1.getPrivate(),
-            (ECPrivateKeyParameters)V2.getPrivate(),
-            (ECPublicKeyParameters)V2.getPublic()));
-        byte[] vx = v.calculateAgreement(new ECDHUPublicParameters(
-            (ECPublicKeyParameters)U1.getPublic(),
-            (ECPublicKeyParameters)U2.getPublic()));
-
-        if (areEqual(ux, vx))
-        {
-            return ux;
-        }
-
-        return null;
-    }
-
-    public String getName()
-    {
-        return "EC";
-    }
-
-    public void performTest()
-    {
-        decodeTest();
-        testECDSA192bitPrime();
-        testECDSA239bitPrime();
-        testECDSA191bitBinary();
-        testECDSA239bitBinary();
-        testECDSAKeyGenTest();
-        testECDHBasicAgreement();
-        testECDHBasicAgreementCofactor();
-
-        testECDSAP224sha224();
-        testECDSAP224OneByteOver();
-        testECDSAP256sha256();
-        testECDSAP521sha512();
-        testECDSASecP224k1sha256();
-        testECDSA239bitBinaryAndLargeDigest();
-
-        testECDSAP256sha3(224, new BigInteger("84d7d8e68e405064109cd9fc3e3026d74d278aada14ce6b7a9dd0380c154dc94", 16));
-        testECDSAP256sha3(256, new BigInteger("99a43bdab4af989aaf2899079375642f2bae2dce05bcd8b72ec8c4a8d9a143f", 16));
-        testECDSAP256sha3(384, new BigInteger("aa27726509c37aaf601de6f7e01e11c19add99530c9848381c23365dc505b11a", 16));
-        testECDSAP256sha3(512, new BigInteger("f8306b57a1f5068bf12e53aabaae39e2658db39bc56747eaefb479995130ad16", 16));
-
-        testECMQVTestVector1();
-        testECMQVTestVector2();
-        testECMQVRandom();
-
-        testECUnifiedTestVector1();
-        testECUnifiedTestVector2();
-    }
-
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new ECTest());
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/Ed25519Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/Ed25519Test.java
deleted file mode 100644
index c040d9c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/Ed25519Test.java
+++ /dev/null

@@ -1,128 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.generators.Ed25519KeyPairGenerator;
-import org.bouncycastle.crypto.params.Ed25519KeyGenerationParameters;
-import org.bouncycastle.crypto.params.Ed25519PrivateKeyParameters;
-import org.bouncycastle.crypto.params.Ed25519PublicKeyParameters;
-import org.bouncycastle.crypto.signers.Ed25519Signer;
-import org.bouncycastle.crypto.signers.Ed25519ctxSigner;
-import org.bouncycastle.crypto.signers.Ed25519phSigner;
-import org.bouncycastle.math.ec.rfc8032.Ed25519;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class Ed25519Test
-    extends SimpleTest
-{
-    private static final SecureRandom RANDOM = new SecureRandom();
-
-    public String getName()
-    {
-        return "Ed25519";
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new Ed25519Test());
-    }
-
-    public void performTest() throws Exception
-    {
-        for (int i = 0; i < 10; ++i)
-        {
-            testConsistency(Ed25519.Algorithm.Ed25519, null);
-
-            byte[] context = randomContext(RANDOM.nextInt() & 255);
-            testConsistency(Ed25519.Algorithm.Ed25519ctx, context);
-            testConsistency(Ed25519.Algorithm.Ed25519ph, context);
-        }
-
-        basicSigTest();
-    }
-
-    private void basicSigTest()
-        throws Exception
-    {
-        Ed25519PrivateKeyParameters privateKey = new Ed25519PrivateKeyParameters(
-            Hex.decode("9d61b19deffd5a60ba844af492ec2cc44449c5697b326919703bac031cae7f60"), 0);
-        Ed25519PublicKeyParameters publicKey = new Ed25519PublicKeyParameters(
-            Hex.decode("d75a980182b10ab7d54bfed3c964073a0ee172f3daa62325af021a68f707511a"), 0);
-
-        byte[] sig = Hex.decode("e5564300c360ac729086e2cc806e828a84877f1eb8e5d974d873e065224901555fb8821590a33bacc61e39701cf9b46bd25bf5f0595bbe24655141438e7a100b");
-
-        Signer signer = new Ed25519Signer();
-
-        signer.init(true, privateKey);
-
-        areEqual(sig, signer.generateSignature());
-
-        signer.init(false, publicKey);
-
-        isTrue(signer.verifySignature(sig));
-    }
-
-    private Signer createSigner(int algorithm, byte[] context)
-    {
-        switch (algorithm)
-        {
-        case Ed25519.Algorithm.Ed25519:
-            return new Ed25519Signer();
-        case Ed25519.Algorithm.Ed25519ctx:
-            return new Ed25519ctxSigner(context);
-        case Ed25519.Algorithm.Ed25519ph:
-            return new Ed25519phSigner(context);
-        default:
-            throw new IllegalArgumentException("algorithm");
-        }
-    }
-
-    private byte[] randomContext(int length)
-    {
-        byte[] context = new byte[length];
-        RANDOM.nextBytes(context);
-        return context;
-    }
-
-    private void testConsistency(int algorithm, byte[] context) throws Exception
-    {
-        Ed25519KeyPairGenerator kpg = new Ed25519KeyPairGenerator();
-        kpg.init(new Ed25519KeyGenerationParameters(RANDOM));
-
-        AsymmetricCipherKeyPair kp = kpg.generateKeyPair();
-        Ed25519PrivateKeyParameters privateKey = (Ed25519PrivateKeyParameters)kp.getPrivate();
-        Ed25519PublicKeyParameters publicKey = (Ed25519PublicKeyParameters)kp.getPublic();
-
-        byte[] msg = new byte[RANDOM.nextInt() & 255];
-        RANDOM.nextBytes(msg);
-
-        Signer signer = createSigner(algorithm, context);
-        signer.init(true, privateKey);
-        signer.update(msg, 0, msg.length);
-        byte[] signature = signer.generateSignature();
-
-        Signer verifier = createSigner(algorithm, context);
-        verifier.init(false, publicKey);
-        verifier.update(msg, 0, msg.length);
-        boolean shouldVerify = verifier.verifySignature(signature);
-
-        if (!shouldVerify)
-        {
-            fail("Ed25519(" + algorithm + ") signature failed to verify");
-        }
-
-        signature[(RANDOM.nextInt() >>> 1) % signature.length] ^= 1 << (RANDOM.nextInt() & 7);
-
-        verifier.init(false, publicKey);
-        verifier.update(msg, 0, msg.length);
-        boolean shouldNotVerify = verifier.verifySignature(signature);
-
-        if (shouldNotVerify)
-        {
-            fail("Ed25519(" + algorithm + ") bad signature incorrectly verified");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/Ed448Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/Ed448Test.java
deleted file mode 100644
index 123b373..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/Ed448Test.java
+++ /dev/null

@@ -1,137 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.generators.Ed448KeyPairGenerator;
-import org.bouncycastle.crypto.params.Ed448KeyGenerationParameters;
-import org.bouncycastle.crypto.params.Ed448PrivateKeyParameters;
-import org.bouncycastle.crypto.params.Ed448PublicKeyParameters;
-import org.bouncycastle.crypto.signers.Ed448Signer;
-import org.bouncycastle.crypto.signers.Ed448phSigner;
-import org.bouncycastle.math.ec.rfc8032.Ed448;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class Ed448Test
-    extends SimpleTest
-{
-    private static final SecureRandom RANDOM = new SecureRandom();
-
-    public String getName()
-    {
-        return "Ed448";
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new Ed448Test());
-    }
-
-    public void performTest() throws Exception
-    {
-        basicSigTest();
-
-        for (int i = 0; i < 10; ++i)
-        {
-            byte[] context = randomContext(RANDOM.nextInt() & 255);
-            testConsistency(Ed448.Algorithm.Ed448, context);
-            testConsistency(Ed448.Algorithm.Ed448ph, context);
-        }
-    }
-
-    private void basicSigTest()
-        throws Exception
-    {
-        Ed448PrivateKeyParameters privateKey = new Ed448PrivateKeyParameters(
-            Hex.decode(
-                "6c82a562cb808d10d632be89c8513ebf" +
-                "6c929f34ddfa8c9f63c9960ef6e348a3" +
-                "528c8a3fcc2f044e39a3fc5b94492f8f" +
-                "032e7549a20098f95b"), 0);
-        Ed448PublicKeyParameters publicKey = new Ed448PublicKeyParameters(
-            Hex.decode("5fd7449b59b461fd2ce787ec616ad46a" +
-                "1da1342485a70e1f8a0ea75d80e96778" +
-                "edf124769b46c7061bd6783df1e50f6c" +
-                "d1fa1abeafe8256180"), 0);
-
-        byte[] sig = Hex.decode("533a37f6bbe457251f023c0d88f976ae" +
-            "2dfb504a843e34d2074fd823d41a591f" +
-            "2b233f034f628281f2fd7a22ddd47d78" +
-            "28c59bd0a21bfd3980ff0d2028d4b18a" +
-            "9df63e006c5d1c2d345b925d8dc00b41" +
-            "04852db99ac5c7cdda8530a113a0f4db" +
-            "b61149f05a7363268c71d95808ff2e65" +
-            "2600");
-
-        Signer signer = new Ed448Signer(new byte[0]);
-
-        signer.init(true, privateKey);
-
-        areEqual(sig, signer.generateSignature());
-
-        signer.init(false, publicKey);
-
-        isTrue(signer.verifySignature(sig));
-    }
-    
-    private Signer createSigner(int algorithm, byte[] context)
-    {
-        switch (algorithm)
-        {
-        case Ed448.Algorithm.Ed448:
-            return new Ed448Signer(context);
-        case Ed448.Algorithm.Ed448ph:
-            return new Ed448phSigner(context);
-        default:
-            throw new IllegalArgumentException("algorithm");
-        }
-    }
-
-    private byte[] randomContext(int length)
-    {
-        byte[] context = new byte[length];
-        RANDOM.nextBytes(context);
-        return context;
-    }
-
-    private void testConsistency(int algorithm, byte[] context) throws Exception
-    {
-        Ed448KeyPairGenerator kpg = new Ed448KeyPairGenerator();
-        kpg.init(new Ed448KeyGenerationParameters(RANDOM));
-
-        AsymmetricCipherKeyPair kp = kpg.generateKeyPair();
-        Ed448PrivateKeyParameters privateKey = (Ed448PrivateKeyParameters)kp.getPrivate();
-        Ed448PublicKeyParameters publicKey = (Ed448PublicKeyParameters)kp.getPublic();
-
-        byte[] msg = new byte[RANDOM.nextInt() & 255];
-        RANDOM.nextBytes(msg);
-
-        Signer signer = createSigner(algorithm, context);
-        signer.init(true, privateKey);
-        signer.update(msg, 0, msg.length);
-        byte[] signature = signer.generateSignature();
-
-        Signer verifier = createSigner(algorithm, context);
-        verifier.init(false, publicKey);
-        verifier.update(msg, 0, msg.length);
-        boolean shouldVerify = verifier.verifySignature(signature);
-
-        if (!shouldVerify)
-        {
-            fail("Ed448(" + algorithm + ") signature failed to verify");
-        }
-
-        signature[(RANDOM.nextInt() >>> 1) % signature.length] ^= 1 << (RANDOM.nextInt() & 7);
-
-        verifier.init(false, publicKey);
-        verifier.update(msg, 0, msg.length);
-        boolean shouldNotVerify = verifier.verifySignature(signature);
-
-        if (shouldNotVerify)
-        {
-            fail("Ed448(" + algorithm + ") bad signature incorrectly verified");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/ElGamalTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/ElGamalTest.java
deleted file mode 100644
index fb93699..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/ElGamalTest.java
+++ /dev/null

@@ -1,285 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.engines.ElGamalEngine;
-import org.bouncycastle.crypto.generators.ElGamalKeyPairGenerator;
-import org.bouncycastle.crypto.generators.ElGamalParametersGenerator;
-import org.bouncycastle.crypto.params.ElGamalKeyGenerationParameters;
-import org.bouncycastle.crypto.params.ElGamalParameters;
-import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.BigIntegers;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class ElGamalTest
-    extends SimpleTest
-{
-    private BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16);
-    private BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16);
-
-    private BigInteger g768 = new BigInteger("7c240073c1316c621df461b71ebb0cdcc90a6e5527e5e126633d131f87461c4dc4afc60c2cb0f053b6758871489a69613e2a8b4c8acde23954c08c81cbd36132cfd64d69e4ed9f8e51ed6e516297206672d5c0a69135df0a5dcf010d289a9ca1", 16);
-    private BigInteger p768 = new BigInteger("8c9dd223debed1b80103b8b309715be009d48860ed5ae9b9d5d8159508efd802e3ad4501a7f7e1cfec78844489148cd72da24b21eddd01aa624291c48393e277cfc529e37075eccef957f3616f962d15b44aeab4039d01b817fde9eaa12fd73f", 16);
-
-    private BigInteger  g1024 = new BigInteger("1db17639cdf96bc4eabba19454f0b7e5bd4e14862889a725c96eb61048dcd676ceb303d586e30f060dbafd8a571a39c4d823982117da5cc4e0f89c77388b7a08896362429b94a18a327604eb7ff227bffbc83459ade299e57b5f77b50fb045250934938efa145511166e3197373e1b5b1e52de713eb49792bedde722c6717abf", 16);
-    private BigInteger  p1024 = new BigInteger("a00e283b3c624e5b2b4d9fbc2653b5185d99499b00fd1bf244c6f0bb817b4d1c451b2958d62a0f8a38caef059fb5ecd25d75ed9af403f5b5bdab97a642902f824e3c13789fed95fa106ddfe0ff4a707c85e2eb77d49e68f2808bcea18ce128b178cd287c6bc00efa9a1ad2a673fe0dceace53166f75b81d6709d5f8af7c66bb7", 16);
-
-    private BigInteger yPgpBogusPSamp = new BigInteger("de4688497cc05b45fe8559bc9918c45afcad69b74123a7236eba409fd9de8ea34c7869839ee9df35e3d97576145d089841aa65b5b4e061fae52c37e430354269a02496b8ed8456f2d0d7c9b0db985fbcb21ae9f78507ed6e3a29db595b201b1a4f931c7d791eede65ccf918e8a61cf146859151c78c41ad48853694623467d78", 16);
-    private BigInteger xPgpBogusPSamp = new BigInteger("cbaf780f2cfe4f987bbc5fcb0738bbd7912060ccfdf37cbfeea65c0fd857e74a8df6cc359375f28cf5725d081813c614410a78cbe4b06d677beea9ff0fa10b1dbc47a6ed8c5b8466d6a95d6574029dbdf72596392e1b6b230faf9916dc8455821c10527a375a4d1c8a54947d1fe714d321aca25ad486b4b456506999fd2fd11a", 16);
-    private BigInteger gPgpBogusPSamp = new BigInteger("153ffe9522076d1cbd6e75f0816a0fc2ebd8b0e0091406587387a1763022088a03b411eed07ff50efb82b21f1608c352d10f63ba7e7e981a2f3387cec8af2915953d00493857663ae8919f517fe90f1d2abe7af4305a344b10d1a25d75f65902cd7fd775853d3ac43d7c5253ad666e1e63ee98cdcb10af81273d4ff053ff07d51", 16);
-    private BigInteger pPgpBogusPSamp = new BigInteger("15061b26cdab4e865098a01c86f13b03220104c5443e950658b36b85245aa0c616a0c0d8d99c454bea087c172315e45b3bc9b925443948a2b6ba47608a6035b9a79a4ef34a78d7274a12ede8364f02d5030db864988643d7e92753df603bd69fbd2682ab0af64d1a866d1131a2cb13333cedb0a9e6eefddd9fff8154d34c2daab", 16);
-    private int lPgpBogusPSamp = 0;
-
-    public String getName()
-    {
-        return "ElGamal";
-    }
-
-    private void testEnc(
-        int         size,
-        int         privateValueSize,
-        BigInteger  g,
-        BigInteger  p)
-    {
-        ElGamalParameters                dhParams = new ElGamalParameters(p, g, privateValueSize);
-        ElGamalKeyGenerationParameters   params = new ElGamalKeyGenerationParameters(new SecureRandom(), dhParams);
-        ElGamalKeyPairGenerator          kpGen = new ElGamalKeyPairGenerator();
-
-        kpGen.init(params);
-
-        //
-        // generate pair
-        //
-        AsymmetricCipherKeyPair         pair = kpGen.generateKeyPair();
-
-        ElGamalPublicKeyParameters      pu = (ElGamalPublicKeyParameters)pair.getPublic();
-        ElGamalPrivateKeyParameters     pv = (ElGamalPrivateKeyParameters)pair.getPrivate();
-
-        checkKeySize(privateValueSize, pv);
-
-        ElGamalEngine    e = new ElGamalEngine();
-
-        e.init(true, pu);
-        
-        if (e.getOutputBlockSize() != size / 4)
-        {
-            fail(size + " getOutputBlockSize() on encryption failed.");
-        }
-
-        byte[]  message = Hex.decode("5468697320697320612074657374");
-
-        byte[]  pText = message;
-        byte[]  cText = e.processBlock(pText, 0, pText.length);
-
-        e.init(false, pv);
-
-        if (e.getOutputBlockSize() != (size / 8) - 1)
-        {
-            fail(size + " getOutputBlockSize() on decryption failed.");
-        }
-        
-        pText = e.processBlock(cText, 0, cText.length);
-
-        if (!Arrays.areEqual(message, pText))
-        {
-            fail(size + " bit test failed");
-        }
-        
-        e.init(true, pu);
-
-        byte[] bytes = new byte[e.getInputBlockSize() + 2];
-        
-        try
-        {
-            e.processBlock(bytes, 0, bytes.length);
-            
-            fail("out of range block not detected");
-        }
-        catch (DataLengthException ex)
-        {
-            // expected
-        }
-        
-        try
-        {
-            bytes[0] = (byte)0xff;
-            
-            e.processBlock(bytes, 0, bytes.length - 1);
-            
-            fail("out of range block not detected");
-        }
-        catch (DataLengthException ex)
-        {
-            // expected
-        }
-        
-        try
-        {
-            bytes[0] = (byte)0x7f;
-
-            e.processBlock(bytes, 0, bytes.length - 1);
-        }
-        catch (DataLengthException ex)
-        {
-            fail("in range block failed");
-        }
-
-        try
-        {
-            bytes = BigIntegers.asUnsignedByteArray(p);
-
-            e.processBlock(bytes, 0, bytes.length);
-
-            fail("out of range block not detected");
-        }
-        catch (DataLengthException ex)
-        {
-            // expected
-        }
-
-        try
-        {
-            bytes = BigIntegers.asUnsignedByteArray(p.subtract(BigInteger.valueOf(1)));
-
-            e.processBlock(bytes, 0, bytes.length);
-        }
-        catch (DataLengthException ex)
-        {
-            fail("boundary block rejected");
-        }
-    }
-
-    private void checkKeySize(
-        int privateValueSize,
-        ElGamalPrivateKeyParameters priv)
-    {
-        if (privateValueSize != 0)
-        {
-            if (priv.getX().bitLength() != privateValueSize)
-            {
-                fail("limited key check failed for key size " + privateValueSize);
-            }
-        }
-    }
-
-    /**
-     * this test is can take quiet a while
-     *
-     * @param size size of key in bits.
-     */
-    private void testGeneration(
-        int         size)
-    {
-        ElGamalParametersGenerator       pGen = new ElGamalParametersGenerator();
-
-        pGen.init(size, 10, new SecureRandom());
-
-        ElGamalParameters                elParams = pGen.generateParameters();
-
-        if (elParams.getL() != 0)
-        {
-            fail("ElGamalParametersGenerator failed to set L to 0 in generated ElGamalParameters");
-        }
-
-        ElGamalKeyGenerationParameters   params = new ElGamalKeyGenerationParameters(new SecureRandom(), elParams);
-
-        ElGamalKeyPairGenerator          kpGen = new ElGamalKeyPairGenerator();
-
-        kpGen.init(params);
-
-        //
-        // generate first pair
-        //
-        AsymmetricCipherKeyPair         pair = kpGen.generateKeyPair();
-
-        ElGamalPublicKeyParameters      pu = (ElGamalPublicKeyParameters)pair.getPublic();
-        ElGamalPrivateKeyParameters     pv = (ElGamalPrivateKeyParameters)pair.getPrivate();
-
-        ElGamalEngine    e = new ElGamalEngine();
-
-        e.init(true, new ParametersWithRandom(pu, new SecureRandom()));
-
-        byte[]  message = Hex.decode("5468697320697320612074657374");
-
-        byte[]  pText = message;
-        byte[]  cText = e.processBlock(pText, 0, pText.length);
-
-        e.init(false, pv);
-
-        pText = e.processBlock(cText, 0, cText.length);
-
-        if (!Arrays.areEqual(message, pText))
-        {
-            fail("generation test failed");
-        }
-    }
-
-    private void testInitCheck()
-    {
-        try
-        {
-            new ElGamalEngine().processBlock(new byte[]{ 1 }, 0, 1);
-            fail("failed initialisation check");
-        }
-        catch (IllegalStateException e)
-        {
-            // expected
-        }
-    }
-
-    private void testInvalidP()
-    {
-        ElGamalParameters               dhParams = new ElGamalParameters(pPgpBogusPSamp, gPgpBogusPSamp, lPgpBogusPSamp);
-        ElGamalPublicKeyParameters      pu = new ElGamalPublicKeyParameters(yPgpBogusPSamp, dhParams);
-        ElGamalPrivateKeyParameters     pv = new ElGamalPrivateKeyParameters(xPgpBogusPSamp, dhParams);
-
-        ElGamalEngine    e = new ElGamalEngine();
-
-        e.init(true, pu);
-
-        byte[]  message = Hex.decode("5468697320697320612074657374");
-
-        byte[]  pText = message;
-        byte[]  cText = e.processBlock(pText, 0, pText.length);
-
-        e.init(false, pv);
-
-        pText = e.processBlock(cText, 0, cText.length);
-
-        if (Arrays.areEqual(message, pText))
-        {
-            fail("invalid test failed");
-        }
-    }
-
-    public void performTest()
-    {
-        testInvalidP();
-
-        testEnc(512, 0, g512, p512);
-        testEnc(768, 0, g768, p768);
-        testEnc(1024, 0, g1024, p1024);
-
-        testEnc(512, 64, g512, p512);
-        testEnc(768, 128, g768, p768);
-
-        //
-        // generation test.
-        //
-        testGeneration(258);
-
-        testInitCheck();
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new ElGamalTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/EqualsHashCodeTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/EqualsHashCodeTest.java
deleted file mode 100644
index 1ab7cc4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/EqualsHashCodeTest.java
+++ /dev/null

@@ -1,261 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.generators.DHKeyPairGenerator;
-import org.bouncycastle.crypto.generators.ElGamalKeyPairGenerator;
-import org.bouncycastle.crypto.params.DHKeyGenerationParameters;
-import org.bouncycastle.crypto.params.DHKeyParameters;
-import org.bouncycastle.crypto.params.DHParameters;
-import org.bouncycastle.crypto.params.DHPrivateKeyParameters;
-import org.bouncycastle.crypto.params.DHPublicKeyParameters;
-import org.bouncycastle.crypto.params.DHValidationParameters;
-import org.bouncycastle.crypto.params.DSAParameters;
-import org.bouncycastle.crypto.params.DSAValidationParameters;
-import org.bouncycastle.crypto.params.ElGamalKeyGenerationParameters;
-import org.bouncycastle.crypto.params.ElGamalKeyParameters;
-import org.bouncycastle.crypto.params.ElGamalParameters;
-import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters;
-import org.bouncycastle.crypto.params.GOST3410Parameters;
-import org.bouncycastle.crypto.params.GOST3410ValidationParameters;
-import org.bouncycastle.util.test.SimpleTest;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-class DHTestKeyParameters
-    extends DHKeyParameters
-{
-    protected DHTestKeyParameters(boolean isPrivate, DHParameters params)
-    {
-        super(isPrivate, params);
-    }
-}
-
-class ElGamalTestKeyParameters
-    extends ElGamalKeyParameters
-{
-    protected ElGamalTestKeyParameters(boolean isPrivate, ElGamalParameters params)
-    {
-        super(isPrivate, params);
-    }
-}
-
-public class EqualsHashCodeTest
-        extends SimpleTest
-{
-    private static Object OTHER = new Object();
-
-    public String getName()
-    {
-        return "EqualsHashCode";
-    }
-
-    private void doTest(Object a, Object equalsA, Object notEqualsA)
-    {
-        if (a.equals(null))
-        {
-            fail("a equaled null");
-        }
-
-        if (!a.equals(equalsA) || !equalsA.equals(a))
-        {
-            fail("equality failed");
-        }
-
-        if (a.equals(OTHER))
-        {
-            fail("other inequality failed");
-        }
-
-        if (a.equals(notEqualsA) || notEqualsA.equals(a))
-        {
-            fail("inequality failed");
-        }
-
-        if (a.hashCode() != equalsA.hashCode())
-        {
-            fail("hashCode equality failed");
-        }
-    }
-
-    private void dhTest()
-    {
-        BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16);
-        BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16);
-
-        DHParameters                dhParams = new DHParameters(p512, g512);
-        DHKeyGenerationParameters   params = new DHKeyGenerationParameters(new SecureRandom(), dhParams);         DHKeyPairGenerator          kpGen = new DHKeyPairGenerator();
-
-        kpGen.init(params);
-
-        AsymmetricCipherKeyPair     pair = kpGen.generateKeyPair();
-        DHPublicKeyParameters       pu1 = (DHPublicKeyParameters)pair.getPublic();
-        DHPrivateKeyParameters      pv1 = (DHPrivateKeyParameters)pair.getPrivate();
-
-        DHPublicKeyParameters       pu2 = new DHPublicKeyParameters(pu1.getY(), pu1.getParameters());
-        DHPrivateKeyParameters      pv2 = new DHPrivateKeyParameters(pv1.getX(), pv1.getParameters());
-        DHPublicKeyParameters       pu3 = new DHPublicKeyParameters(pv1.getX(), pu1.getParameters());
-        DHPrivateKeyParameters      pv3 = new DHPrivateKeyParameters(pu1.getY(), pu1.getParameters());
-
-        doTest(pu1, pu2, pu3);
-        doTest(pv1, pv2, pv3);
-
-        DHParameters                pr1 = pu1.getParameters();
-        DHParameters                pr2 = new DHParameters(pr1.getP(), pr1.getG(), pr1.getQ(), pr1.getM(), pr1.getL(), pr1.getJ(), pr1.getValidationParameters());
-        DHParameters                pr3 = new DHParameters(pr1.getG(), pr1.getP(), pr1.getQ(), pr1.getM(), pr1.getL(), pr1.getJ(), pr1.getValidationParameters());
-
-        doTest(pr1, pr2, pr3);
-
-        pr3 = new DHParameters(pr1.getG(), pr1.getP(), null, pr1.getM(), pr1.getL(), pr1.getJ(), pr1.getValidationParameters());
-
-        doTest(pr1, pr2, pr3);        
-
-        pu2 = new DHPublicKeyParameters(pu1.getY(), pr2);
-        pv2 = new DHPrivateKeyParameters(pv1.getX(), pr2);
-
-        doTest(pu1, pu2, pu3);
-        doTest(pv1, pv2, pv3);
-
-        DHValidationParameters vp1 = new DHValidationParameters(new byte[20], 1024);
-        DHValidationParameters vp2 = new DHValidationParameters(new byte[20], 1024);
-        DHValidationParameters vp3 = new DHValidationParameters(new byte[24], 1024);
-
-        doTest(vp1, vp1, vp3);
-        doTest(vp1, vp2, vp3);
-
-        byte[] bytes = new byte[20];
-        bytes[0] = 1;
-
-        vp3 = new DHValidationParameters(bytes, 1024);
-
-        doTest(vp1, vp2, vp3);
-
-        vp3 = new DHValidationParameters(new byte[20], 2048);
-
-        doTest(vp1, vp2, vp3);
-
-        DHTestKeyParameters k1 = new DHTestKeyParameters(false, null);
-        DHTestKeyParameters k2 = new DHTestKeyParameters(false, null);
-        DHTestKeyParameters k3 = new DHTestKeyParameters(false, pu1.getParameters());
-
-        doTest(k1, k2, k3);
-    }
-
-    private void elGamalTest()
-    {
-        BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16);
-        BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16);
-
-        ElGamalParameters dhParams = new ElGamalParameters(p512, g512);
-        ElGamalKeyGenerationParameters params = new ElGamalKeyGenerationParameters(new SecureRandom(), dhParams);         ElGamalKeyPairGenerator kpGen = new ElGamalKeyPairGenerator();
-
-        kpGen.init(params);
-
-        AsymmetricCipherKeyPair     pair = kpGen.generateKeyPair();
-        ElGamalPublicKeyParameters       pu1 = (ElGamalPublicKeyParameters)pair.getPublic();
-        ElGamalPrivateKeyParameters      pv1 = (ElGamalPrivateKeyParameters)pair.getPrivate();
-
-        ElGamalPublicKeyParameters       pu2 = new ElGamalPublicKeyParameters(pu1.getY(), pu1.getParameters());
-        ElGamalPrivateKeyParameters      pv2 = new ElGamalPrivateKeyParameters(pv1.getX(), pv1.getParameters());
-        ElGamalPublicKeyParameters       pu3 = new ElGamalPublicKeyParameters(pv1.getX(), pu1.getParameters());
-        ElGamalPrivateKeyParameters      pv3 = new ElGamalPrivateKeyParameters(pu1.getY(), pu1.getParameters());
-
-        doTest(pu1, pu2, pu3);
-        doTest(pv1, pv2, pv3);
-
-        ElGamalParameters                pr1 = pu1.getParameters();
-        ElGamalParameters                pr2 = new ElGamalParameters(pr1.getP(), pr1.getG());
-        ElGamalParameters                pr3 = new ElGamalParameters(pr1.getG(), pr1.getP());
-
-        doTest(pr1, pr2, pr3);
-
-        pu2 = new ElGamalPublicKeyParameters(pu1.getY(), pr2);
-        pv2 = new ElGamalPrivateKeyParameters(pv1.getX(), pr2);
-
-        doTest(pu1, pu2, pu3);
-        doTest(pv1, pv2, pv3);
-
-        ElGamalTestKeyParameters k1 = new ElGamalTestKeyParameters(false, null);
-        ElGamalTestKeyParameters k2 = new ElGamalTestKeyParameters(false, null);
-        ElGamalTestKeyParameters k3 = new ElGamalTestKeyParameters(false, pu1.getParameters());
-
-        doTest(k1, k2, k3);
-    }
-
-    private void dsaTest()
-    {
-        BigInteger a = BigInteger.valueOf(1), b = BigInteger.valueOf(2), c = BigInteger.valueOf(3);
-
-        DSAParameters dsaP1 = new DSAParameters(a, b, c);
-        DSAParameters dsaP2 = new DSAParameters(a, b, c);
-        DSAParameters dsaP3 = new DSAParameters(b, c, a);
-
-        doTest(dsaP1, dsaP2, dsaP3);
-
-        DSAValidationParameters vp1 = new DSAValidationParameters(new byte[20], 1024);
-        DSAValidationParameters vp2 = new DSAValidationParameters(new byte[20], 1024);
-        DSAValidationParameters vp3 = new DSAValidationParameters(new byte[24], 1024);
-
-        doTest(vp1, vp1, vp3);
-        doTest(vp1, vp2, vp3);
-
-        byte[] bytes = new byte[20];
-        bytes[0] = 1;
-
-        vp3 = new DSAValidationParameters(bytes, 1024);
-
-        doTest(vp1, vp2, vp3);
-
-        vp3 = new DSAValidationParameters(new byte[20], 2048);
-
-        doTest(vp1, vp2, vp3);
-    }
-
-    private void gost3410Test()
-    {
-        BigInteger a = BigInteger.valueOf(1), b = BigInteger.valueOf(2), c = BigInteger.valueOf(3);
-
-        GOST3410Parameters g1 = new GOST3410Parameters(a, b, c);
-        GOST3410Parameters g2 = new GOST3410Parameters(a, b, c);
-        GOST3410Parameters g3 = new GOST3410Parameters(a, c, c);
-
-        doTest(g1, g2, g3);
-
-        GOST3410ValidationParameters v1 = new GOST3410ValidationParameters(100, 1);
-        GOST3410ValidationParameters v2 = new GOST3410ValidationParameters(100, 1);
-        GOST3410ValidationParameters v3 = new GOST3410ValidationParameters(101, 1);
-
-        doTest(v1, v2, v3);
-
-        v3 = new GOST3410ValidationParameters(100, 2);
-
-        doTest(v1, v2, v3);
-
-        v1 = new GOST3410ValidationParameters(100L, 1L);
-        v2 = new GOST3410ValidationParameters(100L, 1L);
-        v3 = new GOST3410ValidationParameters(101L, 1L);
-
-        doTest(v1, v2, v3);
-
-        v3 = new GOST3410ValidationParameters(100L, 2L);
-
-        doTest(v1, v2, v3);
-
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        dhTest();
-        elGamalTest();
-        gost3410Test();
-        dsaTest();
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new EqualsHashCodeTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/GCMReorderTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/GCMReorderTest.java
deleted file mode 100644
index 23e3692..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/GCMReorderTest.java
+++ /dev/null

@@ -1,348 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.io.IOException;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.modes.gcm.GCMExponentiator;
-import org.bouncycastle.crypto.modes.gcm.GCMMultiplier;
-import org.bouncycastle.crypto.modes.gcm.Tables1kGCMExponentiator;
-import org.bouncycastle.crypto.modes.gcm.Tables4kGCMMultiplier;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Pack;
-import org.bouncycastle.util.encoders.Hex;
-
-import junit.framework.TestCase;
-
-public class GCMReorderTest
-    extends TestCase
-{
-    private static final byte[] H;
-    private static final SecureRandom random = new SecureRandom(); 
-    private static final GCMMultiplier mul = new Tables4kGCMMultiplier();
-    private static final GCMExponentiator exp = new Tables1kGCMExponentiator();
-    private static final byte[] EMPTY = new byte[0];
-
-    static
-    {
-        H = new byte[16];
-        random.nextBytes(H);
-        mul.init(Arrays.clone(H));
-        exp.init(Arrays.clone(H));
-    }
-
-    public void testCombine() throws Exception
-    {
-        for (int count = 0; count < 10; ++count)
-        {
-            byte[] A = randomBytes(1000);
-            byte[] C = randomBytes(1000);
-
-            byte[] ghashA_ = GHASH(A, EMPTY);
-            byte[] ghash_C = GHASH(EMPTY, C);
-            byte[] ghashAC = GHASH(A, C);
-
-            byte[] ghashCombine = combine_GHASH(ghashA_, (long)A.length * 8, ghash_C, (long)C.length * 8);
-
-            assertTrue(Arrays.areEqual(ghashAC, ghashCombine));
-        }
-    }
-
-    public void testConcatAuth() throws Exception
-    {
-        for (int count = 0; count < 10; ++count)
-        {
-            byte[] P = randomBlocks(100);
-            byte[] A = randomBytes(1000);
-            byte[] PA = concatArrays(P, A);
-
-            byte[] ghashP_ = GHASH(P, EMPTY);
-            byte[] ghashA_ = GHASH(A, EMPTY);
-            byte[] ghashPA_ = GHASH(PA, EMPTY);
-            byte[] ghashConcat = concatAuth_GHASH(ghashP_, (long)P.length * 8, ghashA_, (long)A.length * 8);
-
-            assertTrue(Arrays.areEqual(ghashPA_, ghashConcat));
-        }
-    }
-
-    public void testConcatCrypt() throws Exception
-    {
-        for (int count = 0; count < 10; ++count)
-        {
-            byte[] P = randomBlocks(100);
-            byte[] A = randomBytes(1000);
-            byte[] PA = concatArrays(P, A);
-    
-            byte[] ghash_P = GHASH(EMPTY, P);
-            byte[] ghash_A = GHASH(EMPTY, A);
-            byte[] ghash_PA = GHASH(EMPTY, PA);
-            byte[] ghashConcat = concatCrypt_GHASH(ghash_P, (long)P.length * 8, ghash_A, (long)A.length * 8);
-
-            assertTrue(Arrays.areEqual(ghash_PA, ghashConcat));
-        }
-    }
-
-    public void testExp()
-    {
-        {
-            byte[] buf1 = new byte[16];
-            buf1[0] = (byte)0x80;
-    
-            byte[] buf2 = new byte[16];
-    
-            for (int pow = 0; pow != 100; ++pow)
-            {
-                exp.exponentiateX(pow, buf2);
-    
-                assertTrue(Arrays.areEqual(buf1, buf2));
-
-                mul.multiplyH(buf1);
-            }
-        }
-
-        long[] testPow = new long[]{ 10, 1, 8, 17, 24, 13, 2, 13, 2, 3 };
-        byte[][] testData = new byte[][]{
-            Hex.decode("9185848a877bd87ba071e281f476e8e7"),
-            Hex.decode("697ce3052137d80745d524474fb6b290"),
-            Hex.decode("2696fc47198bb23b11296e4f88720a17"),
-            Hex.decode("01f2f0ead011a4ae0cf3572f1b76dd8e"),
-            Hex.decode("a53060694a044e4b7fa1e661c5a7bb6b"),
-            Hex.decode("39c0392e8b6b0e04a7565c85394c2c4c"),
-            Hex.decode("519c362d502e07f2d8b7597a359a5214"),
-            Hex.decode("5a527a393675705e19b2117f67695af4"),
-            Hex.decode("27fc0901d1d332a53ba4d4386c2109d2"),
-            Hex.decode("93ca9b57174aabedf8220e83366d7df6"),
-        };
-
-        for (int i = 0; i != 10; ++i)
-        {
-            long pow = testPow[i];
-            byte[] data = Arrays.clone(testData[i]);
-
-            byte[] expected = Arrays.clone(data);
-            for (int j = 0; j < pow; ++j)
-            {
-                mul.multiplyH(expected);
-            }
-
-            byte[] H_a = new byte[16];
-            exp.exponentiateX(pow, H_a);
-            byte[] actual = multiply(data, H_a);
-
-            assertTrue(Arrays.areEqual(expected, actual));
-        }
-    }
-
-    public void testMultiply()
-    {
-        byte[] expected = Arrays.clone(H);
-        mul.multiplyH(expected);
-
-        assertTrue(Arrays.areEqual(expected, multiply(H, H)));
-
-        for (int count = 0; count < 10; ++count)
-        {
-            byte[] a = new byte[16];
-            random.nextBytes(a);
-
-            byte[] b = new byte[16];
-            random.nextBytes(b);
-
-            expected = Arrays.clone(a);
-            mul.multiplyH(expected);
-            assertTrue(Arrays.areEqual(expected, multiply(a, H)));
-            assertTrue(Arrays.areEqual(expected, multiply(H, a)));
-
-            expected = Arrays.clone(b);
-            mul.multiplyH(expected);
-            assertTrue(Arrays.areEqual(expected, multiply(b, H)));
-            assertTrue(Arrays.areEqual(expected, multiply(H, b)));
-
-            assertTrue(Arrays.areEqual(multiply(a, b), multiply(b, a)));
-        }
-    }
-
-    private byte[] randomBlocks(int upper)
-    {
-        byte[] bs = new byte[16 * random.nextInt(upper)];
-        random.nextBytes(bs);
-        return bs;
-    }
-
-    private byte[] randomBytes(int upper)
-    {
-        byte[] bs = new byte[random.nextInt(upper)];
-        random.nextBytes(bs);
-        return bs;
-    }
-
-    private byte[] concatArrays(byte[] a, byte[] b) throws IOException
-    {
-        byte[] ab = new byte[a.length + b.length];
-        System.arraycopy(a, 0, ab, 0, a.length);
-        System.arraycopy(b, 0, ab, a.length, b.length);
-        return ab;
-    }
-
-    private byte[] combine_GHASH(byte[] ghashA_, long bitlenA, byte[] ghash_C, long bitlenC)
-    {
-        // Note: bitlenA must be aligned to the block size
-
-        long c = (bitlenC + 127) >>> 7;
-
-        byte[] H_c = new byte[16];
-        exp.exponentiateX(c, H_c);
-
-        byte[] tmp1 = lengthBlock(bitlenA, 0);
-        mul.multiplyH(tmp1);
-
-        byte[] ghashAC = Arrays.clone(ghashA_);
-        xor(ghashAC, tmp1);
-        ghashAC = multiply(ghashAC, H_c);
-        // No need to touch the len(C) part (second 8 bytes)
-        xor(ghashAC, tmp1);
-        xor(ghashAC, ghash_C);
-
-        return ghashAC;
-    }
-
-    private byte[] concatAuth_GHASH(byte[] ghashP, long bitlenP, byte[] ghashA, long bitlenA)
-    {
-        // Note: bitlenP must be aligned to the block size
-
-        long a = (bitlenA + 127) >>> 7;
-
-        byte[] tmp1 = lengthBlock(bitlenP, 0);
-        mul.multiplyH(tmp1);
-
-        byte[] tmp2 = lengthBlock(bitlenA ^ (bitlenP + bitlenA), 0);
-        mul.multiplyH(tmp2);
-
-        byte[] H_a = new byte[16];
-        exp.exponentiateX(a, H_a);
-        
-        byte[] ghashC = Arrays.clone(ghashP);
-        xor(ghashC, tmp1);
-        ghashC = multiply(ghashC, H_a);
-        xor(ghashC, tmp2);
-        xor(ghashC, ghashA);
-        return ghashC;
-    }
-
-    private byte[] concatCrypt_GHASH(byte[] ghashP, long bitlenP, byte[] ghashA, long bitlenA)
-    {
-        // Note: bitlenP must be aligned to the block size
-
-        long a = (bitlenA + 127) >>> 7;
-
-        byte[] tmp1 = lengthBlock(0, bitlenP);
-        mul.multiplyH(tmp1);
-
-        byte[] tmp2 = lengthBlock(0, bitlenA ^ (bitlenP + bitlenA));
-        mul.multiplyH(tmp2);
-
-        byte[] H_a = new byte[16];
-        exp.exponentiateX(a, H_a);
-        
-        byte[] ghashC = Arrays.clone(ghashP);
-        xor(ghashC, tmp1);
-        ghashC = multiply(ghashC, H_a);
-        xor(ghashC, tmp2);
-        xor(ghashC, ghashA);
-        return ghashC;
-    }
-
-    private byte[] GHASH(byte[] A, byte[] C)
-    {
-        byte[] X = new byte[16];
-
-        {
-            for (int pos = 0; pos < A.length; pos += 16)
-            {
-                byte[] tmp = new byte[16];
-                int num = Math.min(A.length - pos, 16);
-                System.arraycopy(A, pos, tmp, 0, num);
-                xor(X, tmp);
-                mul.multiplyH(X);
-            }
-        }
-
-        {
-            for (int pos = 0; pos < C.length; pos += 16)
-            {
-                byte[] tmp = new byte[16];
-                int num = Math.min(C.length - pos, 16);
-                System.arraycopy(C, pos, tmp, 0, num);
-                xor(X, tmp);
-                mul.multiplyH(X);
-            }
-        }
-
-        {
-            xor(X, lengthBlock((long)A.length * 8, (long)C.length * 8));
-            mul.multiplyH(X);
-        }
-
-        return X;
-    }
-
-    private static byte[] lengthBlock(long bitlenA, long bitlenC)
-    {
-        byte[] tmp = new byte[16];
-        Pack.longToBigEndian(bitlenA, tmp, 0);
-        Pack.longToBigEndian(bitlenC, tmp, 8);
-        return tmp;
-    }
-
-    private static void xor(byte[] block, byte[] val)
-    {
-        for (int i = 15; i >= 0; --i)
-        {
-            block[i] ^= val[i];
-        }
-    }
-
-    private static byte[] multiply(byte[] a, byte[] b)
-    {
-        byte[] c = new byte[16];
-        byte[] tmp = Arrays.clone(b);
-
-        for (int i = 0; i < 16; ++i)
-        {
-            byte bits = a[i];
-            for (int j = 7; j >= 0; --j)
-            {
-                if ((bits & (1 << j)) != 0)
-                {
-                    xor(c, tmp);
-                }
-
-                boolean lsb = (tmp[15] & 1) != 0;
-                shiftRight(tmp);
-                if (lsb)
-                {
-                    // R = new byte[]{ 0xe1, ... };
-//                    GCMUtil.xor(v, R);
-                    tmp[0] ^= (byte)0xe1;
-                }
-            }
-        }
-
-        return c;
-    }
-
-    private static void shiftRight(byte[] block)
-    {
-        int i = 0;
-        int bit = 0;
-        for (;;)
-        {
-            int b = block[i] & 0xff;
-            block[i] = (byte) ((b >>> 1) | bit);
-            if (++i == 16)
-            {
-                break;
-            }
-            bit = (b & 1) << 7;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/GCMTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/GCMTest.java
deleted file mode 100644
index f13456c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/GCMTest.java
+++ /dev/null

@@ -1,725 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.engines.AESEngine;
-import org.bouncycastle.crypto.engines.DESEngine;
-import org.bouncycastle.crypto.modes.GCMBlockCipher;
-import org.bouncycastle.crypto.modes.gcm.BasicGCMMultiplier;
-import org.bouncycastle.crypto.modes.gcm.GCMMultiplier;
-import org.bouncycastle.crypto.modes.gcm.Tables4kGCMMultiplier;
-import org.bouncycastle.crypto.modes.gcm.Tables64kGCMMultiplier;
-import org.bouncycastle.crypto.modes.gcm.Tables8kGCMMultiplier;
-import org.bouncycastle.crypto.params.AEADParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.Times;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Test vectors from "The Galois/Counter Mode of Operation (GCM)", McGrew/Viega, Appendix B
- */
-public class GCMTest
-    extends SimpleTest
-{
-    private static final String[][] TEST_VECTORS = new String[][] {
-        {
-            "Test Case 1",
-            "00000000000000000000000000000000",
-            "",
-            "",
-            "000000000000000000000000",
-            "",
-            "58e2fccefa7e3061367f1d57a4e7455a",
-        },
-        {
-            "Test Case 2",
-            "00000000000000000000000000000000",
-            "00000000000000000000000000000000",
-            "",
-            "000000000000000000000000",
-            "0388dace60b6a392f328c2b971b2fe78",
-            "ab6e47d42cec13bdf53a67b21257bddf",
-        },
-        {
-            "Test Case 3",
-            "feffe9928665731c6d6a8f9467308308",
-            "d9313225f88406e5a55909c5aff5269a"
-            + "86a7a9531534f7da2e4c303d8a318a72"
-            + "1c3c0c95956809532fcf0e2449a6b525"
-            + "b16aedf5aa0de657ba637b391aafd255",
-            "",
-            "cafebabefacedbaddecaf888",
-            "42831ec2217774244b7221b784d0d49c"
-            + "e3aa212f2c02a4e035c17e2329aca12e"
-            + "21d514b25466931c7d8f6a5aac84aa05"
-            + "1ba30b396a0aac973d58e091473f5985",
-            "4d5c2af327cd64a62cf35abd2ba6fab4",
-        },
-        {
-            "Test Case 4",
-            "feffe9928665731c6d6a8f9467308308",
-            "d9313225f88406e5a55909c5aff5269a"
-            + "86a7a9531534f7da2e4c303d8a318a72"
-            + "1c3c0c95956809532fcf0e2449a6b525"
-            + "b16aedf5aa0de657ba637b39",
-            "feedfacedeadbeeffeedfacedeadbeef"
-            + "abaddad2",
-            "cafebabefacedbaddecaf888",
-            "42831ec2217774244b7221b784d0d49c"
-            + "e3aa212f2c02a4e035c17e2329aca12e"
-            + "21d514b25466931c7d8f6a5aac84aa05"
-            + "1ba30b396a0aac973d58e091",
-            "5bc94fbc3221a5db94fae95ae7121a47",
-        },
-        {
-            "Test Case 5",
-            "feffe9928665731c6d6a8f9467308308",
-            "d9313225f88406e5a55909c5aff5269a"
-            + "86a7a9531534f7da2e4c303d8a318a72"
-            + "1c3c0c95956809532fcf0e2449a6b525"
-            + "b16aedf5aa0de657ba637b39",
-            "feedfacedeadbeeffeedfacedeadbeef"
-            + "abaddad2",
-            "cafebabefacedbad",
-            "61353b4c2806934a777ff51fa22a4755"
-            + "699b2a714fcdc6f83766e5f97b6c7423"
-            + "73806900e49f24b22b097544d4896b42"
-            + "4989b5e1ebac0f07c23f4598",
-            "3612d2e79e3b0785561be14aaca2fccb",
-        },
-        {
-            "Test Case 6",
-            "feffe9928665731c6d6a8f9467308308",
-            "d9313225f88406e5a55909c5aff5269a"
-            + "86a7a9531534f7da2e4c303d8a318a72"
-            + "1c3c0c95956809532fcf0e2449a6b525"
-            + "b16aedf5aa0de657ba637b39",
-            "feedfacedeadbeeffeedfacedeadbeef"
-            + "abaddad2",
-            "9313225df88406e555909c5aff5269aa"
-            + "6a7a9538534f7da1e4c303d2a318a728"
-            + "c3c0c95156809539fcf0e2429a6b5254"
-            + "16aedbf5a0de6a57a637b39b",
-            "8ce24998625615b603a033aca13fb894"
-            + "be9112a5c3a211a8ba262a3cca7e2ca7"
-            + "01e4a9a4fba43c90ccdcb281d48c7c6f"
-            + "d62875d2aca417034c34aee5",
-            "619cc5aefffe0bfa462af43c1699d050",
-        },
-        {
-            "Test Case 7",
-            "00000000000000000000000000000000"
-            + "0000000000000000",
-            "",
-            "",
-            "000000000000000000000000",
-            "",
-            "cd33b28ac773f74ba00ed1f312572435",
-        },
-        {
-            "Test Case 8",
-            "00000000000000000000000000000000"
-            + "0000000000000000",
-            "00000000000000000000000000000000",
-            "",
-            "000000000000000000000000",
-            "98e7247c07f0fe411c267e4384b0f600",
-            "2ff58d80033927ab8ef4d4587514f0fb",
-        },
-        {
-            "Test Case 9",
-            "feffe9928665731c6d6a8f9467308308"
-            + "feffe9928665731c",
-            "d9313225f88406e5a55909c5aff5269a"
-            + "86a7a9531534f7da2e4c303d8a318a72"
-            + "1c3c0c95956809532fcf0e2449a6b525"
-            + "b16aedf5aa0de657ba637b391aafd255",
-            "",
-            "cafebabefacedbaddecaf888",
-            "3980ca0b3c00e841eb06fac4872a2757"
-            + "859e1ceaa6efd984628593b40ca1e19c"
-            + "7d773d00c144c525ac619d18c84a3f47"
-            + "18e2448b2fe324d9ccda2710acade256",
-            "9924a7c8587336bfb118024db8674a14",
-        },
-        {
-            "Test Case 10",
-            "feffe9928665731c6d6a8f9467308308"
-            + "feffe9928665731c",
-            "d9313225f88406e5a55909c5aff5269a"
-            + "86a7a9531534f7da2e4c303d8a318a72"
-            + "1c3c0c95956809532fcf0e2449a6b525"
-            + "b16aedf5aa0de657ba637b39",
-            "feedfacedeadbeeffeedfacedeadbeef"
-            + "abaddad2",
-            "cafebabefacedbaddecaf888",
-            "3980ca0b3c00e841eb06fac4872a2757"
-            + "859e1ceaa6efd984628593b40ca1e19c"
-            + "7d773d00c144c525ac619d18c84a3f47"
-            + "18e2448b2fe324d9ccda2710",
-            "2519498e80f1478f37ba55bd6d27618c",
-        },
-        {
-            "Test Case 11",
-            "feffe9928665731c6d6a8f9467308308"
-            + "feffe9928665731c",
-            "d9313225f88406e5a55909c5aff5269a"
-            + "86a7a9531534f7da2e4c303d8a318a72"
-            + "1c3c0c95956809532fcf0e2449a6b525"
-            + "b16aedf5aa0de657ba637b39",
-            "feedfacedeadbeeffeedfacedeadbeef"
-            + "abaddad2",
-            "cafebabefacedbad",
-            "0f10f599ae14a154ed24b36e25324db8"
-            + "c566632ef2bbb34f8347280fc4507057"
-            + "fddc29df9a471f75c66541d4d4dad1c9"
-            + "e93a19a58e8b473fa0f062f7",
-            "65dcc57fcf623a24094fcca40d3533f8",
-        },
-        {
-            "Test Case 12",
-            "feffe9928665731c6d6a8f9467308308"
-            + "feffe9928665731c",
-            "d9313225f88406e5a55909c5aff5269a"
-            + "86a7a9531534f7da2e4c303d8a318a72"
-            + "1c3c0c95956809532fcf0e2449a6b525"
-            + "b16aedf5aa0de657ba637b39",
-            "feedfacedeadbeeffeedfacedeadbeef"
-            + "abaddad2",
-            "9313225df88406e555909c5aff5269aa"
-            + "6a7a9538534f7da1e4c303d2a318a728"
-            + "c3c0c95156809539fcf0e2429a6b5254"
-            + "16aedbf5a0de6a57a637b39b",
-            "d27e88681ce3243c4830165a8fdcf9ff"
-            + "1de9a1d8e6b447ef6ef7b79828666e45"
-            + "81e79012af34ddd9e2f037589b292db3"
-            + "e67c036745fa22e7e9b7373b",
-            "dcf566ff291c25bbb8568fc3d376a6d9",
-        },
-        {
-            "Test Case 13",
-            "00000000000000000000000000000000"
-            + "00000000000000000000000000000000",
-            "",
-            "",
-            "000000000000000000000000",
-            "",
-            "530f8afbc74536b9a963b4f1c4cb738b",
-        },
-        {
-            "Test Case 14",
-            "00000000000000000000000000000000"
-            + "00000000000000000000000000000000",
-            "00000000000000000000000000000000",
-            "",
-            "000000000000000000000000",
-            "cea7403d4d606b6e074ec5d3baf39d18",
-            "d0d1c8a799996bf0265b98b5d48ab919",
-        },
-        {
-            "Test Case 15",
-            "feffe9928665731c6d6a8f9467308308"
-            + "feffe9928665731c6d6a8f9467308308",
-            "d9313225f88406e5a55909c5aff5269a"
-            + "86a7a9531534f7da2e4c303d8a318a72"
-            + "1c3c0c95956809532fcf0e2449a6b525"
-            + "b16aedf5aa0de657ba637b391aafd255",
-            "",
-            "cafebabefacedbaddecaf888",
-            "522dc1f099567d07f47f37a32a84427d"
-            + "643a8cdcbfe5c0c97598a2bd2555d1aa"
-            + "8cb08e48590dbb3da7b08b1056828838"
-            + "c5f61e6393ba7a0abcc9f662898015ad",
-            "b094dac5d93471bdec1a502270e3cc6c",
-        },
-        {
-            "Test Case 16",
-            "feffe9928665731c6d6a8f9467308308"
-            + "feffe9928665731c6d6a8f9467308308",
-            "d9313225f88406e5a55909c5aff5269a"
-            + "86a7a9531534f7da2e4c303d8a318a72"
-            + "1c3c0c95956809532fcf0e2449a6b525"
-            + "b16aedf5aa0de657ba637b39",
-            "feedfacedeadbeeffeedfacedeadbeef"
-            + "abaddad2",
-            "cafebabefacedbaddecaf888",
-            "522dc1f099567d07f47f37a32a84427d"
-            + "643a8cdcbfe5c0c97598a2bd2555d1aa"
-            + "8cb08e48590dbb3da7b08b1056828838"
-            + "c5f61e6393ba7a0abcc9f662",
-            "76fc6ece0f4e1768cddf8853bb2d551b",
-        },
-        {
-            "Test Case 17",
-            "feffe9928665731c6d6a8f9467308308"
-            + "feffe9928665731c6d6a8f9467308308",
-            "d9313225f88406e5a55909c5aff5269a"
-            + "86a7a9531534f7da2e4c303d8a318a72"
-            + "1c3c0c95956809532fcf0e2449a6b525"
-            + "b16aedf5aa0de657ba637b39",
-            "feedfacedeadbeeffeedfacedeadbeef"
-            + "abaddad2",
-            "cafebabefacedbad",
-            "c3762df1ca787d32ae47c13bf19844cb"
-            + "af1ae14d0b976afac52ff7d79bba9de0"
-            + "feb582d33934a4f0954cc2363bc73f78"
-            + "62ac430e64abe499f47c9b1f",
-            "3a337dbf46a792c45e454913fe2ea8f2",
-        },
-        {
-            "Test Case 18",
-            "feffe9928665731c6d6a8f9467308308"
-            + "feffe9928665731c6d6a8f9467308308",
-            "d9313225f88406e5a55909c5aff5269a"
-            + "86a7a9531534f7da2e4c303d8a318a72"
-            + "1c3c0c95956809532fcf0e2449a6b525"
-            + "b16aedf5aa0de657ba637b39",
-            "feedfacedeadbeeffeedfacedeadbeef"
-            + "abaddad2",
-            "9313225df88406e555909c5aff5269aa"
-            + "6a7a9538534f7da1e4c303d2a318a728"
-            + "c3c0c95156809539fcf0e2429a6b5254"
-            + "16aedbf5a0de6a57a637b39b",
-            "5a8def2f0c9e53f1f75d7853659e2a20"
-            + "eeb2b22aafde6419a058ab4f6f746bf4"
-            + "0fc0c3b780f244452da3ebf1c5d82cde"
-            + "a2418997200ef82e44ae7e3f",
-            "a44a8266ee1c8eb0c8b5d4cf5ae9f19a",
-        },
-    };
-
-    public String getName()
-    {
-        return "GCM";
-    }
-
-    public void performTest() throws Exception
-    {
-        for (int i = 0; i < TEST_VECTORS.length; ++i)
-        {
-            runTestCase(TEST_VECTORS[i]);
-        }
-
-        randomTests();
-        outputSizeTests();
-        testExceptions();
-    }
-
-    protected BlockCipher createAESEngine()
-    {
-        return new AESEngine();
-    }
-
-    private void testExceptions() throws InvalidCipherTextException
-    {
-        GCMBlockCipher gcm = new GCMBlockCipher(createAESEngine());
-
-        try
-        {
-            gcm = new GCMBlockCipher(new DESEngine());
-
-            fail("incorrect block size not picked up");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-
-        try
-        {
-            gcm.init(false, new KeyParameter(new byte[16]));
-
-            fail("illegal argument not picked up");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-
-        AEADTestUtil.testTampering(this, gcm, new AEADParameters(new KeyParameter(new byte[16]), 128, new byte[16]));
-
-        byte[] P = Strings.toByteArray("Hello world!");
-        byte[] buf = new byte[100];
-
-        GCMBlockCipher c = new GCMBlockCipher(createAESEngine());
-        AEADParameters aeadParameters = new AEADParameters(new KeyParameter(new byte[16]), 128, new byte[16]);
-        c.init(true, aeadParameters);
-
-        c.processBytes(P, 0, P.length, buf, 0);
-
-        c.doFinal(buf, 0);
-        
-        try
-        {
-            c.doFinal(buf, 0);
-            fail("no exception on reuse");
-        }
-        catch (IllegalStateException e)
-        {
-            isTrue("wrong message", e.getMessage().equals("GCM cipher cannot be reused for encryption"));
-        }
-
-        try
-        {
-            c.init(true, aeadParameters);
-            fail("no exception on reuse");
-        }
-        catch (IllegalArgumentException e)
-        {
-            isTrue("wrong message", e.getMessage().equals("cannot reuse nonce for GCM encryption"));
-        }
-    }
-
-    private void runTestCase(String[] testVector)
-        throws InvalidCipherTextException
-    {
-        for (int macLength = 12; macLength <= 16; ++macLength)
-        {
-            runTestCase(testVector, macLength);
-        }
-    }
-
-    private void runTestCase(String[] testVector, int macLength)
-        throws InvalidCipherTextException
-    {
-        int pos = 0;
-        String testName = testVector[pos++];
-        byte[] K = Hex.decode(testVector[pos++]);
-        byte[] P = Hex.decode(testVector[pos++]);
-        byte[] A = Hex.decode(testVector[pos++]);
-        byte[] IV = Hex.decode(testVector[pos++]);
-        byte[] C = Hex.decode(testVector[pos++]);
-
-        // For short MAC, take leading bytes
-        byte[] t = Hex.decode(testVector[pos++]);
-        byte[] T = new byte[macLength];
-        System.arraycopy(t, 0, T, 0, T.length);
-
-        // Default multiplier
-        runTestCase(null, null, testName, K, IV, A, P, C, T);
-
-        runTestCase(new BasicGCMMultiplier(), new BasicGCMMultiplier(), testName, K, IV, A, P, C, T);
-        runTestCase(new Tables4kGCMMultiplier(), new Tables4kGCMMultiplier(), testName, K, IV, A, P, C, T);
-        runTestCase(new Tables8kGCMMultiplier(), new Tables8kGCMMultiplier(), testName, K, IV, A, P, C, T);
-        runTestCase(new Tables64kGCMMultiplier(), new Tables64kGCMMultiplier(), testName, K, IV, A, P, C, T);
-    }
-
-    private void runTestCase(
-        GCMMultiplier   encM,
-        GCMMultiplier   decM,
-        String          testName,
-        byte[]          K,
-        byte[]          IV,
-        byte[]          A,
-        byte[]          P,
-        byte[]          C,
-        byte[]          T)
-        throws InvalidCipherTextException
-    {
-        byte[] fa = new byte[A.length / 2];
-        byte[] la = new byte[A.length - (A.length / 2)];
-        System.arraycopy(A, 0, fa, 0, fa.length);
-        System.arraycopy(A, fa.length, la, 0, la.length);
-
-        runTestCase(encM, decM, testName + " all initial associated data", K, IV, A, null, P, C, T);
-        runTestCase(encM, decM, testName + " all subsequent associated data", K, IV, null, A, P, C, T);
-        runTestCase(encM, decM, testName + " split associated data", K, IV, fa, la, P, C, T);
-    }
-
-    private void runTestCase(
-        GCMMultiplier   encM,
-        GCMMultiplier   decM,
-        String          testName,
-        byte[]          K,
-        byte[]          IV,
-        byte[]          A,
-        byte[]          SA,
-        byte[]          P,
-        byte[]          C,
-        byte[]          T)
-        throws InvalidCipherTextException
-    {
-        AEADParameters parameters = new AEADParameters(new KeyParameter(K), T.length * 8, IV, A);
-        GCMBlockCipher encCipher = initCipher(encM, true, parameters);
-        GCMBlockCipher decCipher = initCipher(decM, false, parameters);
-        checkTestCase(encCipher, decCipher, testName, SA, P, C, T);
-        encCipher = initCipher(encM, true, parameters);
-        checkTestCase(encCipher, decCipher, testName + " (reused)", SA, P, C, T);
-
-        // Key reuse
-        AEADParameters keyReuseParams = AEADTestUtil.reuseKey(parameters);
-
-        try
-        {
-            encCipher.init(true, keyReuseParams);
-            fail("no exception");
-        }
-        catch (IllegalArgumentException e)
-        {
-            isTrue("wrong message", "cannot reuse nonce for GCM encryption".equals(e.getMessage()));
-        }
-    }
-
-    private GCMBlockCipher initCipher(GCMMultiplier m, boolean forEncryption, AEADParameters parameters)
-    {
-        GCMBlockCipher c = new GCMBlockCipher(createAESEngine(), m);
-        c.init(forEncryption, parameters);
-        return c;
-    }
-
-    private void checkTestCase(
-        GCMBlockCipher  encCipher,
-        GCMBlockCipher  decCipher,
-        String          testName,
-        byte[]          SA,
-        byte[]          P,
-        byte[]          C,
-        byte[]          T)
-        throws InvalidCipherTextException
-    {
-        byte[] enc = new byte[encCipher.getOutputSize(P.length)];
-        if (SA != null)
-        {
-            encCipher.processAADBytes(SA, 0, SA.length);
-        }
-        int len = encCipher.processBytes(P, 0, P.length, enc, 0);
-        len += encCipher.doFinal(enc, len);
-
-        if (enc.length != len)
-        {
-//            System.out.println("" + enc.length + "/" + len);
-            fail("encryption reported incorrect length: " + testName);
-        }
-
-        byte[] mac = encCipher.getMac();
-
-        byte[] data = new byte[P.length];
-        System.arraycopy(enc, 0, data, 0, data.length);
-        byte[] tail = new byte[enc.length - P.length];
-        System.arraycopy(enc, P.length, tail, 0, tail.length);
-
-        if (!areEqual(C, data))
-        {
-            fail("incorrect encrypt in: " + testName);
-        }
-
-        if (!areEqual(T, mac))
-        {
-            fail("getMac() returned wrong mac in: " + testName);
-        }
-
-        if (!areEqual(T, tail))
-        {
-            fail("stream contained wrong mac in: " + testName);
-        }
-
-        byte[] dec = new byte[decCipher.getOutputSize(enc.length)];
-        if (SA != null)
-        {
-            decCipher.processAADBytes(SA, 0, SA.length);
-        }
-        len = decCipher.processBytes(enc, 0, enc.length, dec, 0);
-        len += decCipher.doFinal(dec, len);
-        mac = decCipher.getMac();
-
-        data = new byte[C.length];
-        System.arraycopy(dec, 0, data, 0, data.length);
-
-        if (!areEqual(P, data))
-        {
-            fail("incorrect decrypt in: " + testName);
-        }
-    }
-
-    private void randomTests()
-        throws InvalidCipherTextException
-    {
-        SecureRandom srng = new SecureRandom();
-        srng.setSeed(Times.nanoTime());
-        randomTests(srng, null);
-        randomTests(srng, new BasicGCMMultiplier());
-        randomTests(srng, new Tables4kGCMMultiplier());
-        randomTests(srng, new Tables8kGCMMultiplier());
-        randomTests(srng, new Tables64kGCMMultiplier());
-    }
-
-    private void randomTests(SecureRandom srng, GCMMultiplier m)
-        throws InvalidCipherTextException
-    {
-        for (int i = 0; i < 10; ++i)
-        {
-            randomTest(srng, m);
-        }
-    }
-
-    private void randomTest(SecureRandom srng, GCMMultiplier m)
-        throws InvalidCipherTextException
-    {
-        int kLength = 16 + 8 * (Math.abs(srng.nextInt()) % 3);
-        byte[] K = new byte[kLength];
-        srng.nextBytes(K);
-
-        int pLength = srng.nextInt() >>> 16;
-        byte[] P = new byte[pLength];
-        srng.nextBytes(P);
-
-        int aLength = srng.nextInt() >>> 24;
-        byte[] A = new byte[aLength];
-        srng.nextBytes(A);
-
-        int saLength = srng.nextInt() >>> 24;
-        byte[] SA = new byte[saLength];
-        srng.nextBytes(SA);
-
-        int ivLength = 1 + (srng.nextInt() >>> 24);
-        byte[] IV = new byte[ivLength];
-        srng.nextBytes(IV);
-
-        AEADParameters parameters = new AEADParameters(new KeyParameter(K), 16 * 8, IV, A);
-        GCMBlockCipher cipher = initCipher(m, true, parameters);
-        byte[] C = new byte[cipher.getOutputSize(P.length)];
-        int predicted = cipher.getUpdateOutputSize(P.length);
-
-        int split = nextInt(srng, SA.length + 1);
-        cipher.processAADBytes(SA, 0, split);
-        int len = cipher.processBytes(P, 0, P.length, C, 0);
-        cipher.processAADBytes(SA, split, SA.length - split);
-
-        if (predicted != len)
-        {
-            fail("encryption reported incorrect update length in randomised test");
-        }
-
-        len += cipher.doFinal(C, len);
-
-        if (C.length != len)
-        {
-            fail("encryption reported incorrect length in randomised test");
-        }
-
-        byte[] encT = cipher.getMac();
-        byte[] tail = new byte[C.length - P.length];
-        System.arraycopy(C, P.length, tail, 0, tail.length);
-
-        if (!areEqual(encT, tail))
-        {
-            fail("stream contained wrong mac in randomised test");
-        }
-
-        cipher.init(false, parameters);
-        byte[] decP = new byte[cipher.getOutputSize(C.length)];
-        predicted = cipher.getUpdateOutputSize(C.length);
-
-        split = nextInt(srng, SA.length + 1);
-        cipher.processAADBytes(SA, 0, split);
-        len = cipher.processBytes(C, 0, C.length, decP, 0);
-        cipher.processAADBytes(SA, split, SA.length - split);
-
-        if (predicted != len)
-        {
-            fail("decryption reported incorrect update length in randomised test");
-        }
-
-        len += cipher.doFinal(decP, len);
-
-        if (!areEqual(P, decP))
-        {
-            fail("incorrect decrypt in randomised test");
-        }
-
-        byte[] decT = cipher.getMac();
-        if (!areEqual(encT, decT))
-        {
-            fail("decryption produced different mac from encryption");
-        }
-
-        //
-        // key reuse test
-        //
-        cipher.init(false, AEADTestUtil.reuseKey(parameters));
-        decP = new byte[cipher.getOutputSize(C.length)];
-
-        split = nextInt(srng, SA.length + 1);
-        cipher.processAADBytes(SA, 0, split);
-        len = cipher.processBytes(C, 0, C.length, decP, 0);
-        cipher.processAADBytes(SA, split, SA.length - split);
-
-        len += cipher.doFinal(decP, len);
-
-        if (!areEqual(P, decP))
-        {
-            fail("incorrect decrypt in randomised test");
-        }
-
-        decT = cipher.getMac();
-        if (!areEqual(encT, decT))
-        {
-            fail("decryption produced different mac from encryption");
-        }
-    }
-
-    private void outputSizeTests()
-    {
-        byte[] K = new byte[16];
-        byte[] A = null;
-        byte[] IV = new byte[16];
-
-        AEADParameters parameters = new AEADParameters(new KeyParameter(K), 16 * 8, IV, A);
-        GCMBlockCipher cipher = initCipher(null, true, parameters);
-
-        if (cipher.getUpdateOutputSize(0) != 0)
-        {
-            fail("incorrect getUpdateOutputSize for initial 0 bytes encryption");
-        }
-
-        if (cipher.getOutputSize(0) != 16)
-        {
-            fail("incorrect getOutputSize for initial 0 bytes encryption");
-        }
-
-        cipher.init(false, parameters);
-
-        if (cipher.getUpdateOutputSize(0) != 0)
-        {
-            fail("incorrect getUpdateOutputSize for initial 0 bytes decryption");
-        }
-
-        // NOTE: 0 bytes would be truncated data, but we want it to fail in the doFinal, not here
-        if (cipher.getOutputSize(0) != 0)
-        {
-            fail("fragile getOutputSize for initial 0 bytes decryption");
-        }
-
-        if (cipher.getOutputSize(16) != 0)
-        {
-            fail("incorrect getOutputSize for initial MAC-size bytes decryption");
-        }
-    }
-
-    private static int nextInt(SecureRandom rand, int n)
-    {
-        if ((n & -n) == n)  // i.e., n is a power of 2
-        {
-            return (int)((n * (long)(rand.nextInt() >>> 1)) >> 31);
-        }
-
-        int bits, value;
-        do
-        {
-            bits = rand.nextInt() >>> 1;
-            value = bits % n;
-        }
-        while (bits - value + (n - 1) < 0);
-
-        return value;
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new GCMTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/GMacTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/GMacTest.java
deleted file mode 100644
index 5c5b515..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/GMacTest.java
+++ /dev/null

@@ -1,177 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.engines.AESEngine;
-import org.bouncycastle.crypto.macs.GMac;
-import org.bouncycastle.crypto.modes.GCMBlockCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Test vectors for AES-GMAC, extracted from <a
- * href="http://csrc.nist.gov/groups/STM/cavp/documents/mac/gcmtestvectors.zip">NIST CAVP GCM test
- * vectors</a>.
- *
- */
-public class GMacTest extends SimpleTest
-{
-    private static class TestCase
-    {
-        private byte[] key;
-        private byte[] iv;
-        private byte[] ad;
-        private byte[] tag;
-        private String name;
-
-        private TestCase(final String name, final String key, final String iv, final String ad, final String tag)
-        {
-            this.name = name;
-            this.key = Hex.decode(key);
-            this.iv = Hex.decode(iv);
-            this.ad = Hex.decode(ad);
-            this.tag = Hex.decode(tag);
-        }
-
-        public String getName()
-        {
-            return name;
-        }
-
-        public byte[] getKey()
-        {
-            return key;
-        }
-
-        public byte[] getIv()
-        {
-            return iv;
-        }
-
-        public byte[] getAd()
-        {
-            return ad;
-        }
-
-        public byte[] getTag()
-        {
-            return tag;
-        }
-    }
-
-    private static TestCase[] TEST_VECTORS = new TestCase[] {
-            // Count = 0, from each of the PTlen = 0 test vector sequences
-            new TestCase("128/96/0/128", "11754cd72aec309bf52f7687212e8957", "3c819d9a9bed087615030b65", "",
-                    "250327c674aaf477aef2675748cf6971"),
-            new TestCase("128/96/0/120", "272f16edb81a7abbea887357a58c1917", "794ec588176c703d3d2a7a07", "",
-                    "b6e6f197168f5049aeda32dafbdaeb"),
-            new TestCase("128/96/0/112", "81b6844aab6a568c4556a2eb7eae752f", "ce600f59618315a6829bef4d", "",
-                    "89b43e9dbc1b4f597dbbc7655bb5"),
-            new TestCase("128/96/0/104", "cde2f9a9b1a004165ef9dc981f18651b", "29512c29566c7322e1e33e8e", "",
-                    "2e58ce7dabd107c82759c66a75"),
-            new TestCase("128/96/0/96", "b01e45cc3088aaba9fa43d81d481823f", "5a2c4a66468713456a4bd5e1", "",
-                    "014280f944f53c681164b2ff"),
-
-            new TestCase("128/96/128/128", "77be63708971c4e240d1cb79e8d77feb", "e0e00f19fed7ba0136a797f3",
-                    "7a43ec1d9c0a5a78a0b16533a6213cab", "209fcc8d3675ed938e9c7166709dd946"),
-            new TestCase("128/96/128/96", "bea48ae4980d27f357611014d4486625", "32bddb5c3aa998a08556454c",
-                    "8a50b0b8c7654bced884f7f3afda2ead", "8e0f6d8bf05ffebe6f500eb1"),
-
-            new TestCase("128/96/384/128", "99e3e8793e686e571d8285c564f75e2b", "c2dd0ab868da6aa8ad9c0d23",
-                    "b668e42d4e444ca8b23cfdd95a9fedd5178aa521144890b093733cf5cf22526c5917ee476541809ac6867a8c399309fc",
-                    "3f4fba100eaf1f34b0baadaae9995d85"),
-            new TestCase("128/96/384/96", "c77acd1b0918e87053cb3e51651e7013", "39ff857a81745d10f718ac00",
-                    "407992f82ea23b56875d9a3cb843ceb83fd27cb954f7c5534d58539fe96fb534502a1b38ea4fac134db0a42de4be1137",
-                    "2a5dc173285375dc82835876"),
-
-            new TestCase(
-                    "128/1024/0/128",
-                    "d0f1f4defa1e8c08b4b26d576392027c",
-                    "42b4f01eb9f5a1ea5b1eb73b0fb0baed54f387ecaa0393c7d7dffc6af50146ecc021abf7eb9038d4303d91f8d741a11743166c0860208bcc02c6258fd9511a2fa626f96d60b72fcff773af4e88e7a923506e4916ecbd814651e9f445adef4ad6a6b6c7290cc13b956130eef5b837c939fcac0cbbcc9656cd75b13823ee5acdac",
-                    "", "7ab49b57ddf5f62c427950111c5c4f0d"),
-            new TestCase(
-                    "128/1024/384/96",
-                    "3cce72d37933394a8cac8a82deada8f0",
-                    "aa2f0d676d705d9733c434e481972d4888129cf7ea55c66511b9c0d25a92a174b1e28aa072f27d4de82302828955aadcb817c4907361869bd657b45ff4a6f323871987fcf9413b0702d46667380cd493ed24331a28b9ce5bbfa82d3a6e7679fcce81254ba64abcad14fd18b22c560a9d2c1cd1d3c42dac44c683edf92aced894",
-                    "5686b458e9c176f4de8428d9ebd8e12f569d1c7595cf49a4b0654ab194409f86c0dd3fdb8eb18033bb4338c70f0b97d1",
-                    "a3a9444b21f330c3df64c8b6"), };
-
-    public void performTest()
-    {
-        for (int i = 0; i < TEST_VECTORS.length; i++)
-        {
-            TestCase testCase = TEST_VECTORS[i];
-
-            Mac mac = new GMac(new GCMBlockCipher(new AESEngine()), testCase.getTag().length * 8);
-            CipherParameters key = new KeyParameter(testCase.getKey());
-            mac.init(new ParametersWithIV(key, testCase.getIv()));
-
-            testSingleByte(mac, testCase);
-
-            mac = new GMac(new GCMBlockCipher(new AESEngine()), testCase.getTag().length * 8);
-            mac.init(new ParametersWithIV(key, testCase.getIv()));
-            testMultibyte(mac, testCase);
-        }
-
-        // Invalid mac size
-        testInvalidMacSize(97);
-        testInvalidMacSize(136);
-        testInvalidMacSize(24);
-    }
-
-    private void testInvalidMacSize(int size)
-    {
-        try
-        {
-            GMac mac = new GMac(new GCMBlockCipher(new AESEngine()), size);
-            mac.init(new ParametersWithIV(null, new byte[16]));
-            fail("Expected failure for illegal mac size " + size);
-        }
-        catch (IllegalArgumentException e)
-        {
-            if (!e.getMessage().startsWith("Invalid value for MAC size"))
-            {
-                fail("Illegal mac size failed with unexpected message");
-            }
-        }
-    }
-
-    private void testMultibyte(Mac mac, TestCase testCase)
-    {
-        mac.update(testCase.getAd(), 0, testCase.getAd().length);
-        checkMac(mac, testCase);
-    }
-
-    private void testSingleByte(Mac mac, TestCase testCase)
-    {
-        final byte[] ad = testCase.getAd();
-        for (int i = 0; i < ad.length; i++)
-        {
-            mac.update(ad[i]);
-        }
-        checkMac(mac, testCase);
-    }
-
-    private void checkMac(Mac mac, TestCase testCase)
-    {
-        final byte[] generatedMac = new byte[mac.getMacSize()];
-        mac.doFinal(generatedMac, 0);
-        if (!areEqual(testCase.getTag(), generatedMac))
-        {
-            fail("Failed " + testCase.getName() + " - expected " + new String(Hex.encode(testCase.getTag())) + " got "
-                + new String(Hex.encode(generatedMac)));
-        }
-    }
-
-    public String getName()
-    {
-        return "GMac";
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new GMacTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/GOST28147MacTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/GOST28147MacTest.java
deleted file mode 100644
index 8faaca1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/GOST28147MacTest.java
+++ /dev/null

@@ -1,89 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.engines.GOST28147Engine;
-import org.bouncycastle.crypto.macs.GOST28147Mac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithSBox;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-/**
- * GOST 28147 MAC tester 
- */
-public class GOST28147MacTest
-    implements Test
-{
-    //
-    // these GOSTMac for testing.
-    //
-    static byte[]   gkeyBytes1 = Hex.decode("6d145dc993f4019e104280df6fcd8cd8e01e101e4c113d7ec4f469ce6dcd9e49");
-    static byte[]   gkeyBytes2 = Hex.decode("6d145dc993f4019e104280df6fcd8cd8e01e101e4c113d7ec4f469ce6dcd9e49");
-
-    static byte[]   input3 = Hex.decode("7768617420646f2079612077616e7420666f72206e6f7468696e673f");
-    static byte[]   input4 = Hex.decode("7768617420646f2079612077616e7420666f72206e6f7468696e673f");
-
-    static byte[]   output7 = Hex.decode("93468a46");
-    static byte[]   output8 = Hex.decode("93468a46");
-
-    public GOST28147MacTest()
-    {
-    }
-
-    public TestResult perform()
-    {
-        // test1
-        Mac          mac = new GOST28147Mac();
-        KeyParameter key = new KeyParameter(gkeyBytes1);
-
-        mac.init(key);
-
-        mac.update(input3, 0, input3.length);
-
-        byte[] out = new byte[4];
-
-        mac.doFinal(out, 0);
-
-        if (!Arrays.areEqual(out, output7))
-        {
-            return new SimpleTestResult(false, getName() + ": Failed test 1 - expected " + new String(Hex.encode(output7)) + " got " + new String(Hex.encode(out)));
-        }
-
-        // test2
-        key = new KeyParameter(gkeyBytes2);
-
-        ParametersWithSBox gparam = new ParametersWithSBox(key, GOST28147Engine.getSBox("E-A"));
-
-        mac.init(gparam);
-
-        mac.update(input4, 0, input4.length);
-
-        out = new byte[4];
-
-        mac.doFinal(out, 0);
-
-        if (!Arrays.areEqual(out, output8))
-        {
-            return new SimpleTestResult(false, getName() + ": Failed test 2 - expected " + new String(Hex.encode(output8)) + " got " + new String(Hex.encode(out)));
-        }
-
-        return new SimpleTestResult(true, getName() + ": Okay");
-    }
-
-    public String getName()
-    {
-        return "GOST28147Mac";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        GOST28147MacTest    test = new GOST28147MacTest();
-        TestResult result = test.perform();
-
-        System.out.println(result);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/GOST28147Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/GOST28147Test.java
deleted file mode 100644
index 74e7861..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/GOST28147Test.java
+++ /dev/null

@@ -1,371 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.digests.GOST3411Digest;
-import org.bouncycastle.crypto.engines.GOST28147Engine;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.modes.CFBBlockCipher;
-import org.bouncycastle.crypto.modes.GOFBBlockCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.crypto.params.ParametersWithSBox;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class GOST28147Test
-     extends CipherTest
-{
-    static String   input1 =  "0000000000000000";
-    static String   output1 = "1b0bbc32cebcab42";
-    static String   input2 =  "bc350e71aac5f5c2";
-    static String   output2 = "d35ab653493b49f5";
-    static String   input3 =  "bc350e71aa11345709acde";
-    static String   output3 = "8824c124c4fd14301fb1e8";
-    static String   input4 =  "000102030405060708090a0b0c0d0e0fff0102030405060708090a0b0c0d0e0f";
-    static String   output4 = "29b7083e0a6d955ca0ec5b04fdb4ea41949f1dd2efdf17baffc1780b031f3934";
-
-    static byte TestSBox[] = {
-            0x0,0x1,0x2,0x3,0x4,0x5,0x6,0x7,0x8,0x9,0xA,0xB,0xC,0xD,0xE,0xF,
-            0xF,0xE,0xD,0xC,0xB,0xA,0x9,0x8,0x7,0x6,0x5,0x4,0x3,0x2,0x1,0x0,
-            0x0,0x1,0x2,0x3,0x4,0x5,0x6,0x7,0x8,0x9,0xA,0xB,0xC,0xD,0xE,0xF,
-            0xF,0xE,0xD,0xC,0xB,0xA,0x9,0x8,0x7,0x6,0x5,0x4,0x3,0x2,0x1,0x0,
-            0x0,0x1,0x2,0x3,0x4,0x5,0x6,0x7,0x8,0x9,0xA,0xB,0xC,0xD,0xE,0xF,
-            0xF,0xE,0xD,0xC,0xB,0xA,0x9,0x8,0x7,0x6,0x5,0x4,0x3,0x2,0x1,0x0,
-            0x0,0x1,0x2,0x3,0x4,0x5,0x6,0x7,0x8,0x9,0xA,0xB,0xC,0xD,0xE,0xF,
-            0xF,0xE,0xD,0xC,0xB,0xA,0x9,0x8,0x7,0x6,0x5,0x4,0x3,0x2,0x1,0x0
-    };
-
-    static byte[] TestSBox_1 =
-    {
-         0xE, 0x3, 0xC, 0xD, 0x1, 0xF, 0xA, 0x9, 0xB, 0x6, 0x2, 0x7, 0x5, 0x0, 0x8, 0x4,
-         0xD, 0x9, 0x0, 0x4, 0x7, 0x1, 0x3, 0xB, 0x6, 0xC, 0x2, 0xA, 0xF, 0xE, 0x5, 0x8,
-         0x8, 0xB, 0xA, 0x7, 0x1, 0xD, 0x5, 0xC, 0x6, 0x3, 0x9, 0x0, 0xF, 0xE, 0x2, 0x4,
-         0xD, 0x7, 0xC, 0x9, 0xF, 0x0, 0x5, 0x8, 0xA, 0x2, 0xB, 0x6, 0x4, 0x3, 0x1, 0xE,
-         0xB, 0x4, 0x6, 0x5, 0x0, 0xF, 0x1, 0xC, 0x9, 0xE, 0xD, 0x8, 0x3, 0x7, 0xA, 0x2,
-         0xD, 0xF, 0x9, 0x4, 0x2, 0xC, 0x5, 0xA, 0x6, 0x0, 0x3, 0x8, 0x7, 0xE, 0x1, 0xB,
-         0xF, 0xE, 0x9, 0x5, 0xB, 0x2, 0x1, 0x8, 0x6, 0x0, 0xD, 0x3, 0x4, 0x7, 0xC, 0xA,
-         0xA, 0x3, 0xE, 0x2, 0x0, 0x1, 0x4, 0x6, 0xB, 0x8, 0xC, 0x7, 0xD, 0x5, 0xF, 0x9
-    };
-
-    static SimpleTest[]   tests =
-    {   new BlockCipherVectorTest(1, new GOST28147Engine(),
-            new KeyParameter(Hex.decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")),
-                input1, output1),
-        new BlockCipherVectorTest(2, new CBCBlockCipher(new GOST28147Engine()),
-            new ParametersWithIV(new KeyParameter(Hex.decode("00112233445566778899AABBCCDDEEFF00112233445566778899AABBCCDDEEFF")),
-                                 Hex.decode("1234567890abcdef")), input2, output2),
-        new BlockCipherVectorTest(3, new GOFBBlockCipher(new GOST28147Engine()),
-            new ParametersWithIV(new KeyParameter(Hex.decode("0011223344556677889900112233445566778899001122334455667788990011")),
-                                     Hex.decode("1234567890abcdef")), //IV
-                                     input3, output3),
-        new BlockCipherVectorTest(4, new CFBBlockCipher(new GOST28147Engine(), 64),
-            new ParametersWithIV(new KeyParameter(Hex.decode("aafd12f659cae63489b479e5076ddec2f06cb58faafd12f659cae63489b479e5")),
-                                 Hex.decode("aafd12f659cae634")), input4, output4),
-
-        //tests with parameters, set S-box.
-        new BlockCipherVectorTest(5, new GOST28147Engine(),
-            new KeyParameter(Hex.decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")),//key , default parameter S-box set to D-Test
-                input1, output1),
-        new BlockCipherVectorTest(6, new CFBBlockCipher(new GOST28147Engine(), 64),
-            new ParametersWithIV(
-                new ParametersWithSBox(
-                       new KeyParameter(Hex.decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")), //key
-                       GOST28147Engine.getSBox("D-Test")), //type S-box
-                Hex.decode("1234567890abcdef")), //IV
-                "0000000000000000", //input message
-                "b587f7a0814c911d"), //encrypt message
-        new BlockCipherVectorTest(7, new CFBBlockCipher(new GOST28147Engine(), 64),
-            new ParametersWithIV(
-                new ParametersWithSBox(
-                       new KeyParameter(Hex.decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")), //key
-                       GOST28147Engine.getSBox("E-Test")), //type S-box
-                Hex.decode("1234567890abcdef")), //IV
-                "0000000000000000", //input message
-                "e8287f53f991d52b"), //encrypt message
-        new BlockCipherVectorTest(8, new CFBBlockCipher(new GOST28147Engine(), 64),
-            new ParametersWithIV(
-                new ParametersWithSBox(
-                       new KeyParameter(Hex.decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")), //key
-                       GOST28147Engine.getSBox("E-A")), //type S-box
-                Hex.decode("1234567890abcdef")), //IV
-                "0000000000000000", //input message
-                "c41009dba22ebe35"), //encrypt message
-        new BlockCipherVectorTest(9, new CFBBlockCipher(new GOST28147Engine(), 8),
-            new ParametersWithIV(
-                new ParametersWithSBox(
-                       new KeyParameter(Hex.decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")), //key
-                       GOST28147Engine.getSBox("E-B")), //type S-box
-                Hex.decode("1234567890abcdef")), //IV
-                "0000000000000000", //input message
-                "80d8723fcd3aba28"), //encrypt message
-        new BlockCipherVectorTest(10, new CFBBlockCipher(new GOST28147Engine(), 8),
-            new ParametersWithIV(
-                new ParametersWithSBox(
-                       new KeyParameter(Hex.decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")), //key
-                       GOST28147Engine.getSBox("E-C")), //type S-box
-                Hex.decode("1234567890abcdef")), //IV
-                "0000000000000000", //input message
-                "739f6f95068499b5"), //encrypt message
-        new BlockCipherVectorTest(11, new CFBBlockCipher(new GOST28147Engine(), 8),
-            new ParametersWithIV(
-                new ParametersWithSBox(
-                       new KeyParameter(Hex.decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")), //key
-                       GOST28147Engine.getSBox("E-D")), //type S-box
-                Hex.decode("1234567890abcdef")), //IV
-                "0000000000000000", //input message
-                "4663f720f4340f57"), //encrypt message
-        new BlockCipherVectorTest(12, new CFBBlockCipher(new GOST28147Engine(), 8),
-            new ParametersWithIV(
-                new ParametersWithSBox(
-                       new KeyParameter(Hex.decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")), //key
-                       GOST28147Engine.getSBox("D-A")), //type S-box
-                Hex.decode("1234567890abcdef")), //IV
-                "0000000000000000", //input message
-                "5bb0a31d218ed564"), //encrypt message
-        new BlockCipherVectorTest(13, new CFBBlockCipher(new GOST28147Engine(), 8),
-            new ParametersWithIV(
-                new ParametersWithSBox(
-                       new KeyParameter(Hex.decode("546d203368656c326973652073736e62206167796967747473656865202c3d73")), //key
-                       TestSBox), //set own S-box
-                Hex.decode("1234567890abcdef")), //IV
-                "0000000000000000", //input message
-                "c3af96ef788667c5"), //encrypt message
-        new BlockCipherVectorTest(14, new GOFBBlockCipher(new GOST28147Engine()),
-            new ParametersWithIV(
-                new ParametersWithSBox(
-                        new KeyParameter(Hex.decode("4ef72b778f0b0bebeef4f077551cb74a927b470ad7d7f2513454569a247e989d")), //key
-                        GOST28147Engine.getSBox("E-A")), //type S-box
-                Hex.decode("1234567890abcdef")), //IV
-                "bc350e71aa11345709acde",  //input message
-                "1bcc2282707c676fb656dc"), //encrypt message
-        new BlockCipherVectorTest(15, new GOFBBlockCipher(new GOST28147Engine()),
-            new ParametersWithIV(
-                new ParametersWithSBox(
-                    new KeyParameter(Hex.decode("0A43145BA8B9E9FF0AEA67D3F26AD87854CED8D9017B3D33ED81301F90FDF993")), //key
-                    TestSBox_1), //type, IV, S-box
-                Hex.decode("8001069080010690")),
-            "094C912C5EFDD703D42118971694580B", //input message
-            "2707B58DF039D1A64460735FFE76D55F"), //encrypt message
-        new BlockCipherVectorTest(16, new GOFBBlockCipher(new GOST28147Engine()),
-            new ParametersWithIV(
-                new ParametersWithSBox(
-                    new KeyParameter(Hex.decode("0A43145BA8B9E9FF0AEA67D3F26AD87854CED8D9017B3D33ED81301F90FDF993")), //key
-                    TestSBox_1), //type, S-box
-                    Hex.decode("800107A0800107A0")),
-            "FE780800E0690083F20C010CF00C0329", //input message
-            "9AF623DFF948B413B53171E8D546188D"), //encrypt message
-        new BlockCipherVectorTest(17, new GOFBBlockCipher(new GOST28147Engine()),
-            new ParametersWithIV(
-                new ParametersWithSBox(
-                    new KeyParameter(Hex.decode("0A43145BA8B9E9FF0AEA67D3F26AD87854CED8D9017B3D33ED81301F90FDF993")), //key
-                    TestSBox_1), //type, S-box
-                    Hex.decode("8001114080011140")),
-            "D1088FD8C0A86EE8F1DCD1088FE8C058", //input message
-            "62A6B64D12253BCD8241A4BB0CFD3E7C"), //encrypt message
-        new BlockCipherVectorTest(18, new GOFBBlockCipher(new GOST28147Engine()),
-            new ParametersWithIV(
-                new ParametersWithSBox(
-                    new KeyParameter(Hex.decode("0A43145BA8B9E9FF0AEA67D3F26AD87854CED8D9017B3D33ED81301F90FDF993")), //key
-                    TestSBox_1), //type, IV, S-box
-                    Hex.decode("80011A3080011A30")),
-            "D431FACD011C502C501B500A12921090", //input message
-            "07313C89D302FF73234B4A0506AB00F3"), //encrypt message
-    };
-
-    static private final int GOST28147_KEY_LENGTH = 32;
-    
-    private byte[] generateKey(byte[] startkey)
-    {
-        byte[]  newKey = new byte[GOST28147_KEY_LENGTH];
-
-        GOST3411Digest digest = new GOST3411Digest();
-        
-        digest.update(startkey, 0, startkey.length);
-        digest.doFinal(newKey, 0);
-
-        return newKey;
-    }
-    
-    GOST28147Test()
-    {
-        super(tests, new GOST28147Engine(), new KeyParameter(new byte[32]));
-    }
-    
-    public void performTest()
-        throws Exception
-    {
-        super.performTest();
-
-        //advanced tests with GOST28147KeyGenerator:
-        //encrypt on hesh message; ECB mode:
-        byte[] in     = Hex.decode("4e6f77206973207468652074696d6520666f7220616c6c20");
-        byte[] output = Hex.decode("8ad3c8f56b27ff1fbd46409359bdc796bc350e71aac5f5c0");
-        byte[] out    = new byte[in.length];
-
-        byte[] key = generateKey(Hex.decode("0123456789abcdef"));  //!!! heshing start_key - get 256 bits !!!
-//        System.out.println(new String(Hex.encode(key)));
-        CipherParameters  param = new ParametersWithSBox(new KeyParameter(key), GOST28147Engine.getSBox("E-A"));
-        //CipherParameters  param = new GOST28147Parameters(key,"D-Test");
-        BufferedBlockCipher cipher = new BufferedBlockCipher(new GOST28147Engine());
-
-        cipher.init(true, param);
-        int len1 = cipher.processBytes(in, 0, in.length, out, 0);
-        try
-        {
-            cipher.doFinal(out, len1);
-        }
-        catch (CryptoException e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-        if (out.length != output.length)
-        {
-            fail("failed - "
-                    + "expected " + new String(Hex.encode(output)) + " got "
-                    + new String(Hex.encode(out)));
-        }
-        for (int i = 0; i != out.length; i++)
-        {
-            if (out[i] != output[i])
-            {
-                fail("failed - " + "expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(out)));
-            }
-        }
-
-
-        //encrypt on hesh message; CFB mode:
-        in     = Hex.decode("bc350e71aac5f5c2");
-        output = Hex.decode("0ebbbafcf38f14a5");
-        out    = new byte[in.length];
-
-        key = generateKey(Hex.decode("0123456789abcdef"));  //!!! heshing start_key - get 256 bits !!!
-        param = new ParametersWithIV(new ParametersWithSBox(
-                                                             new KeyParameter(key), //key
-                                                             GOST28147Engine.getSBox("E-A")), //type S-box
-                                     Hex.decode("1234567890abcdef")); //IV
-
-        cipher = new BufferedBlockCipher(new CFBBlockCipher(new GOST28147Engine(), 64));
-
-        cipher.init(true, param);
-        len1 = cipher.processBytes(in, 0, in.length, out, 0);
-        try
-        {
-            cipher.doFinal(out, len1);
-        }
-        catch (CryptoException e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-        if (out.length != output.length)
-        {
-            fail("failed - " + "expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(out)));
-        }
-        for (int i = 0; i != out.length; i++)
-        {
-            if (out[i] != output[i])
-            {
-                fail("failed - " + "expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(out)));
-            }
-        }
-
-
-        //encrypt on hesh message; CFB mode:
-        in     = Hex.decode("000102030405060708090a0b0c0d0e0fff0102030405060708090a0b0c0d0e0f");
-        output = Hex.decode("64988982819f0a1655e226e19ecad79d10cc73bac95c5d7da034786c12294225");
-        out    = new byte[in.length];
-
-        key = generateKey(Hex.decode("aafd12f659cae63489b479e5076ddec2f06cb58faafd12f659cae63489b479e5"));  //!!! heshing start_key - get 256 bits !!!
-        param = new ParametersWithIV(new ParametersWithSBox(
-                                                             new KeyParameter(key), //key
-                                                             GOST28147Engine.getSBox("E-A")), //type S-box
-                                     Hex.decode("aafd12f659cae634")); //IV
-
-        cipher = new BufferedBlockCipher(new CFBBlockCipher(new GOST28147Engine(), 64));
-
-        cipher.init(true, param);
-        len1 = cipher.processBytes(in, 0, in.length, out, 0);
-
-        cipher.doFinal(out, len1);
-
-        if (out.length != output.length)
-        {
-            fail("failed - " + "expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(out)));
-        }
-        
-        for (int i = 0; i != out.length; i++)
-        {
-            if (out[i] != output[i])
-            {
-                fail("failed - " + "expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(out)));
-            }
-        }
-
-        //encrypt on hesh message; OFB mode:
-        in     = Hex.decode("bc350e71aa11345709acde");
-        output = Hex.decode("1bcc2282707c676fb656dc");
-        out    = new byte[in.length];
-
-        key = generateKey(Hex.decode("0123456789abcdef"));  //!!! heshing start_key - get 256 bits !!!
-        param = new ParametersWithIV(new ParametersWithSBox(
-                                                             new KeyParameter(key), //key
-                                                             GOST28147Engine.getSBox("E-A")), //type S-box
-                                     Hex.decode("1234567890abcdef")); //IV
-
-        cipher = new BufferedBlockCipher(new GOFBBlockCipher(new GOST28147Engine()));
-
-        cipher.init(true, param);
-        len1 = cipher.processBytes(in, 0, in.length, out, 0);
-
-        cipher.doFinal(out, len1);
-
-        if (out.length != output.length)
-        {
-            fail("failed - " + "expected "
-                    + new String(Hex.encode(output)) + " got "
-                    + new String(Hex.encode(out)));
-        }
-        for (int i = 0; i != out.length; i++)
-        {
-            if (out[i] != output[i])
-            {
-                fail("failed - " + "expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(out)));
-            }
-        }
-
-        // key reuse test
-        param = new ParametersWithIV(null, // key and sbox reused
-                           Hex.decode("1234567890abcdef")); //IV
-
-        cipher.init(true, param);
-        len1 = cipher.processBytes(in, 0, in.length, out, 0);
-
-        cipher.doFinal(out, len1);
-
-        if (out.length != output.length)
-        {
-            fail("failed - " + "expected "
-                    + new String(Hex.encode(output)) + " got "
-                    + new String(Hex.encode(out)));
-        }
-        for (int i = 0; i != out.length; i++)
-        {
-            if (out[i] != output[i])
-            {
-                fail("failed - " + "expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(out)));
-            }
-        }
-    }
-
-    public String getName()
-    {
-        return "GOST28147";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new GOST28147Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/GOST3410Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/GOST3410Test.java
deleted file mode 100644
index d1cc6e2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/GOST3410Test.java
+++ /dev/null

@@ -1,2428 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.generators.ECKeyPairGenerator;
-import org.bouncycastle.crypto.generators.GOST3410KeyPairGenerator;
-import org.bouncycastle.crypto.generators.GOST3410ParametersGenerator;
-import org.bouncycastle.crypto.params.ECGOST3410Parameters;
-import org.bouncycastle.crypto.params.ECKeyGenerationParameters;
-import org.bouncycastle.crypto.params.ECNamedDomainParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.GOST3410KeyGenerationParameters;
-import org.bouncycastle.crypto.params.GOST3410Parameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.signers.GOST3410Signer;
-import org.bouncycastle.crypto.util.PrivateKeyFactory;
-import org.bouncycastle.crypto.util.PrivateKeyInfoFactory;
-import org.bouncycastle.crypto.util.PublicKeyFactory;
-import org.bouncycastle.crypto.util.SubjectPublicKeyInfoFactory;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.FixedSecureRandom;
-import org.bouncycastle.util.test.NumberParsing;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestRandomData;
-import org.bouncycastle.util.test.TestResult;
-
-public class GOST3410Test
-    implements Test
-{
-    byte[] hashmessage = Hex.decode("3042453136414534424341374533364339313734453431443642453241453435");
-
-    private byte[] zeroTwo(int length)
-    {
-        byte[] data = new byte[length];
-        data[data.length - 1] = 0x02;
-        return data;
-    }
-
-
-    Test tests[] =
-        {
-            new GOST3410EncodingDecoding(),
-            new GOST3410_TEST1_512(),
-            new GOST3410_TEST2_512(),
-            new GOST3410_TEST1_1024(),
-            new GOST3410_TEST2_1024(),
-            new GOST3410_AParam(),
-            new GOST3410_BParam(),
-            new GOST3410_CParam(),
-            new GOST3410_DParam(),
-            new GOST3410_AExParam(),
-            new GOST3410_BExParam(),
-            new GOST3410_CExParam()
-        };
-
-    public static void main(
-        String[] args)
-    {
-        GOST3410Test test = new GOST3410Test();
-        TestResult result = test.perform();
-
-        System.out.println(result);
-    }
-
-    public TestResult perform()
-    {
-        for (int i = 0; i != tests.length; i++)
-        {
-            TestResult result = tests[i].perform();
-
-            if (!result.isSuccessful())
-            {
-                return result;
-            }
-        }
-
-        return new SimpleTestResult(true, "GOST3410: Okay");
-    }
-
-    private class GOST3410EncodingDecoding
-        implements Test
-    {
-
-        public String getName()
-        {
-            return "GOST3410ParameterEncodeDecode";
-        }
-
-
-        private SimpleTestResult encodeRecodePrivateKeyGost2006()
-        {
-            try
-            {
-                ASN1ObjectIdentifier oid = ECGOST3410NamedCurves.getOID("GostR3410-2001-CryptoPro-A");
-                ECNamedDomainParameters ecp = new ECNamedDomainParameters(oid, ECGOST3410NamedCurves.getByOID(oid));
-                ECGOST3410Parameters gostParams = new ECGOST3410Parameters(ecp, oid, CryptoProObjectIdentifiers.gostR3411);
-                ECKeyGenerationParameters params = new ECKeyGenerationParameters(gostParams, new SecureRandom());
-                ECKeyPairGenerator engine = new ECKeyPairGenerator();
-                engine.init(params);
-                AsymmetricCipherKeyPair pair = engine.generateKeyPair();
-
-                ECPrivateKeyParameters generatedKeyParameters = (ECPrivateKeyParameters)pair.getPrivate();
-                ECPrivateKeyParameters keyParameters = generatedKeyParameters;
-
-
-                //
-                // Continuously encode/decode the key and check for loss of information.
-                //
-
-
-                for (int t = 0; t < 3; t++)
-                {
-                    PrivateKeyInfo info = PrivateKeyInfoFactory.createPrivateKeyInfo(keyParameters);
-                    keyParameters = (ECPrivateKeyParameters)PrivateKeyFactory.createKey(info);
-
-                    { // Specifically cast and test gost parameters.
-                        ECGOST3410Parameters gParam = (ECGOST3410Parameters)generatedKeyParameters.getParameters();
-                        ECGOST3410Parameters rParam = (ECGOST3410Parameters)keyParameters.getParameters();
-
-                        boolean ok = safeEquals(gParam.getDigestParamSet(), rParam.getDigestParamSet()) &&
-                            safeEquals(gParam.getEncryptionParamSet(), rParam.getEncryptionParamSet()) &&
-                            safeEquals(gParam.getPublicKeyParamSet(), rParam.getPublicKeyParamSet());
-
-                        if (!ok)
-                        {
-                            return new SimpleTestResult(false, "GOST parameters does not match");
-                        }
-
-                    }
-
-                    if (keyParameters.isPrivate() != generatedKeyParameters.isPrivate())
-                    {
-                        return new SimpleTestResult(false, "isPrivate does not match");
-                    }
-
-                    if (!keyParameters.getD().equals(generatedKeyParameters.getD()))
-                    {
-                        return new SimpleTestResult(false, "D does not match");
-                    }
-
-                    if (!((ECGOST3410Parameters)keyParameters.getParameters()).getName().equals(
-                        ((ECGOST3410Parameters)generatedKeyParameters.getParameters()).getName()))
-                    {
-                        return new SimpleTestResult(false, "Name does not match");
-                    }
-
-                    if (!keyParameters.getParameters().getCurve().equals(generatedKeyParameters.getParameters().getCurve()))
-                    {
-                        return new SimpleTestResult(false, "Curve does not match");
-                    }
-
-                    if (!Arrays.areEqual(
-                        keyParameters.getParameters().getG().getEncoded(true),
-                        generatedKeyParameters.getParameters().getG().getEncoded(true)))
-                    {
-                        return new SimpleTestResult(false, "G does not match");
-                    }
-
-                    if (!keyParameters.getParameters().getH().equals(generatedKeyParameters.getParameters().getH()))
-                    {
-                        return new SimpleTestResult(false, "H does not match");
-                    }
-
-                    if (!keyParameters.getParameters().getHInv().equals(generatedKeyParameters.getParameters().getHInv()))
-                    {
-                        return new SimpleTestResult(false, "Hinv does not match");
-                    }
-
-                    if (!keyParameters.getParameters().getN().equals(generatedKeyParameters.getParameters().getN()))
-                    {
-                        return new SimpleTestResult(false, "N does not match");
-                    }
-
-                    if (!Arrays.areEqual(keyParameters.getParameters().getSeed(), generatedKeyParameters.getParameters().getSeed()))
-                    {
-                        return new SimpleTestResult(false, "Seed does not match");
-                    }
-                }
-
-
-            }
-            catch (Exception ex)
-            {
-                return new SimpleTestResult(false, ex.getMessage(), ex);
-            }
-
-            return new SimpleTestResult(true, null);
-        }
-
-
-        public SimpleTestResult encodeRecodePublicKeyGost2006()
-        {
-            ASN1ObjectIdentifier oid = ECGOST3410NamedCurves.getOID("GostR3410-2001-CryptoPro-A");
-            ECNamedDomainParameters ecp = new ECNamedDomainParameters(oid, ECGOST3410NamedCurves.getByOID(oid));
-            ECGOST3410Parameters gostParams = new ECGOST3410Parameters(ecp, oid, CryptoProObjectIdentifiers.gostR3411);
-            ECKeyGenerationParameters params = new ECKeyGenerationParameters(gostParams, new SecureRandom());
-            ECKeyPairGenerator engine = new ECKeyPairGenerator();
-            engine.init(params);
-            AsymmetricCipherKeyPair pair = engine.generateKeyPair();
-
-            ECPublicKeyParameters generatedKeyParameters = (ECPublicKeyParameters)pair.getPublic();
-            ECPublicKeyParameters keyParameters = generatedKeyParameters;
-
-            try
-            {
-                for (int t = 0; t < 3; t++)
-                {
-
-                    SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(keyParameters);
-                    keyParameters = (ECPublicKeyParameters)PublicKeyFactory.createKey(info);
-
-                    { // Specifically cast and test gost parameters.
-                        ECGOST3410Parameters gParam = (ECGOST3410Parameters)generatedKeyParameters.getParameters();
-                        ECGOST3410Parameters rParam = (ECGOST3410Parameters)keyParameters.getParameters();
-
-
-                        boolean ok = safeEquals(gParam.getDigestParamSet(), rParam.getDigestParamSet()) &&
-                            safeEquals(gParam.getEncryptionParamSet(), rParam.getEncryptionParamSet()) &&
-                            safeEquals(gParam.getPublicKeyParamSet(), rParam.getPublicKeyParamSet());
-
-                        if (!ok)
-                        {
-                            return new SimpleTestResult(false, "GOST parameters does not match");
-                        }
-
-                    }
-
-                    if (!((ECGOST3410Parameters)keyParameters.getParameters()).getName().equals(
-                        ((ECGOST3410Parameters)generatedKeyParameters.getParameters()).getName()))
-                    {
-                        return new SimpleTestResult(false, "Name does not match");
-                    }
-
-
-                    if (keyParameters.isPrivate() != generatedKeyParameters.isPrivate())
-                    {
-                        return new SimpleTestResult(false, "isPrivate does not match");
-                    }
-
-                    if (!Arrays.areEqual(keyParameters.getQ().getEncoded(true), generatedKeyParameters.getQ().getEncoded(true)))
-                    {
-                        return new SimpleTestResult(false, "Q does not match");
-                    }
-
-                    if (!keyParameters.getParameters().getCurve().equals(generatedKeyParameters.getParameters().getCurve()))
-                    {
-                        return new SimpleTestResult(false, "Curve does not match");
-                    }
-
-                    if (!Arrays.areEqual(
-                        keyParameters.getParameters().getG().getEncoded(true),
-                        generatedKeyParameters.getParameters().getG().getEncoded(true)))
-                    {
-                        return new SimpleTestResult(false, "G does not match");
-                    }
-
-                    if (!keyParameters.getParameters().getH().equals(generatedKeyParameters.getParameters().getH()))
-                    {
-                        return new SimpleTestResult(false, "H does not match");
-                    }
-
-                    if (!keyParameters.getParameters().getHInv().equals(generatedKeyParameters.getParameters().getHInv()))
-                    {
-                        return new SimpleTestResult(false, "Hinv does not match");
-                    }
-
-                    if (!keyParameters.getParameters().getN().equals(generatedKeyParameters.getParameters().getN()))
-                    {
-                        return new SimpleTestResult(false, "N does not match");
-                    }
-
-                    if (!Arrays.areEqual(keyParameters.getParameters().getSeed(), generatedKeyParameters.getParameters().getSeed()))
-                    {
-                        return new SimpleTestResult(false, "Seed does not match");
-                    }
-                }
-                return new SimpleTestResult(true, null);
-            }
-            catch (Exception ex)
-            {
-                return new SimpleTestResult(false, ex.getMessage(), ex);
-            }
-
-
-        }
-
-
-        public SimpleTestResult encodeRecodePublicKey()
-        {
-
-            ASN1ObjectIdentifier oid = ECGOST3410NamedCurves.getOID("Tc26-Gost-3410-12-512-paramSetA");
-            ECNamedDomainParameters ecp = new ECNamedDomainParameters(oid, ECGOST3410NamedCurves.getByOID(oid));
-            ECGOST3410Parameters gostParams = new ECGOST3410Parameters(ecp, oid, RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512);
-            ECKeyGenerationParameters params = new ECKeyGenerationParameters(gostParams, new SecureRandom());
-            ECKeyPairGenerator engine = new ECKeyPairGenerator();
-            engine.init(params);
-            AsymmetricCipherKeyPair pair = engine.generateKeyPair();
-
-            ECPublicKeyParameters generatedKeyParameters = (ECPublicKeyParameters)pair.getPublic();
-            ECPublicKeyParameters keyParameters = generatedKeyParameters;
-
-
-            //
-            // Continuously encode/decode the key and check for loss of information.
-            //
-            try
-            {
-                for (int t = 0; t < 3; t++)
-                {
-
-                    SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(keyParameters);
-                    keyParameters = (ECPublicKeyParameters)PublicKeyFactory.createKey(info);
-
-                    { // Specifically cast and test gost parameters.
-                        ECGOST3410Parameters gParam = (ECGOST3410Parameters)generatedKeyParameters.getParameters();
-                        ECGOST3410Parameters rParam = (ECGOST3410Parameters)keyParameters.getParameters();
-
-
-                        boolean ok = safeEquals(gParam.getDigestParamSet(), rParam.getDigestParamSet()) &&
-                            safeEquals(gParam.getEncryptionParamSet(), rParam.getEncryptionParamSet()) &&
-                            safeEquals(gParam.getPublicKeyParamSet(), rParam.getPublicKeyParamSet());
-
-                        if (!ok)
-                        {
-                            return new SimpleTestResult(false, "GOST parameters does not match");
-                        }
-
-                    }
-
-                    if (!((ECGOST3410Parameters)keyParameters.getParameters()).getName().equals(
-                        ((ECGOST3410Parameters)generatedKeyParameters.getParameters()).getName()))
-                    {
-                        return new SimpleTestResult(false, "Name does not match");
-                    }
-
-
-                    if (keyParameters.isPrivate() != generatedKeyParameters.isPrivate())
-                    {
-                        return new SimpleTestResult(false, "isPrivate does not match");
-                    }
-
-                    if (!Arrays.areEqual(keyParameters.getQ().getEncoded(true), generatedKeyParameters.getQ().getEncoded(true)))
-                    {
-                        return new SimpleTestResult(false, "Q does not match");
-                    }
-
-                    if (!keyParameters.getParameters().getCurve().equals(generatedKeyParameters.getParameters().getCurve()))
-                    {
-                        return new SimpleTestResult(false, "Curve does not match");
-                    }
-
-                    if (!Arrays.areEqual(
-                        keyParameters.getParameters().getG().getEncoded(true),
-                        generatedKeyParameters.getParameters().getG().getEncoded(true)))
-                    {
-                        return new SimpleTestResult(false, "G does not match");
-                    }
-
-                    if (!keyParameters.getParameters().getH().equals(generatedKeyParameters.getParameters().getH()))
-                    {
-                        return new SimpleTestResult(false, "H does not match");
-                    }
-
-                    if (!keyParameters.getParameters().getHInv().equals(generatedKeyParameters.getParameters().getHInv()))
-                    {
-                        return new SimpleTestResult(false, "Hinv does not match");
-                    }
-
-                    if (!keyParameters.getParameters().getN().equals(generatedKeyParameters.getParameters().getN()))
-                    {
-                        return new SimpleTestResult(false, "N does not match");
-                    }
-
-                    if (!Arrays.areEqual(keyParameters.getParameters().getSeed(), generatedKeyParameters.getParameters().getSeed()))
-                    {
-                        return new SimpleTestResult(false, "Seed does not match");
-                    }
-                }
-                return new SimpleTestResult(true, null);
-            }
-            catch (Exception ex)
-            {
-                return new SimpleTestResult(false, ex.getMessage(), ex);
-            }
-
-
-        }
-
-
-        private SimpleTestResult encodeRecodePrivateKey()
-        {
-            try
-            {
-                ASN1ObjectIdentifier oid = ECGOST3410NamedCurves.getOID("Tc26-Gost-3410-12-512-paramSetA");
-                ECNamedDomainParameters ecp = new ECNamedDomainParameters(oid, ECGOST3410NamedCurves.getByOID(oid));
-                ECGOST3410Parameters gostParams = new ECGOST3410Parameters(ecp, oid, RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512);
-                ECKeyGenerationParameters params = new ECKeyGenerationParameters(gostParams, new SecureRandom());
-                ECKeyPairGenerator engine = new ECKeyPairGenerator();
-                engine.init(params);
-                AsymmetricCipherKeyPair pair = engine.generateKeyPair();
-
-                ECPrivateKeyParameters generatedKeyParameters = (ECPrivateKeyParameters)pair.getPrivate();
-                ECPrivateKeyParameters keyParameters = generatedKeyParameters;
-
-
-                //
-                // Continuously encode/decode the key and check for loss of information.
-                //
-
-
-                for (int t = 0; t < 3; t++)
-                {
-                    PrivateKeyInfo info = PrivateKeyInfoFactory.createPrivateKeyInfo(keyParameters);
-                    keyParameters = (ECPrivateKeyParameters)PrivateKeyFactory.createKey(info);
-
-                    { // Specifically cast and test gost parameters.
-                        ECGOST3410Parameters gParam = (ECGOST3410Parameters)generatedKeyParameters.getParameters();
-                        ECGOST3410Parameters rParam = (ECGOST3410Parameters)keyParameters.getParameters();
-
-                        boolean ok = safeEquals(gParam.getDigestParamSet(), rParam.getDigestParamSet()) &&
-                            safeEquals(gParam.getEncryptionParamSet(), rParam.getEncryptionParamSet()) &&
-                            safeEquals(gParam.getPublicKeyParamSet(), rParam.getPublicKeyParamSet());
-
-                        if (!ok)
-                        {
-                            return new SimpleTestResult(false, "GOST parameters does not match");
-                        }
-
-                    }
-
-                    if (keyParameters.isPrivate() != generatedKeyParameters.isPrivate())
-                    {
-                        return new SimpleTestResult(false, "isPrivate does not match");
-                    }
-
-                    if (!keyParameters.getD().equals(generatedKeyParameters.getD()))
-                    {
-                        return new SimpleTestResult(false, "D does not match");
-                    }
-
-                    if (!((ECGOST3410Parameters)keyParameters.getParameters()).getName().equals(
-                        ((ECGOST3410Parameters)generatedKeyParameters.getParameters()).getName()))
-                    {
-                        return new SimpleTestResult(false, "Name does not match");
-                    }
-
-                    if (!keyParameters.getParameters().getCurve().equals(generatedKeyParameters.getParameters().getCurve()))
-                    {
-                        return new SimpleTestResult(false, "Curve does not match");
-                    }
-
-                    if (!Arrays.areEqual(
-                        keyParameters.getParameters().getG().getEncoded(true),
-                        generatedKeyParameters.getParameters().getG().getEncoded(true)))
-                    {
-                        return new SimpleTestResult(false, "G does not match");
-                    }
-
-                    if (!keyParameters.getParameters().getH().equals(generatedKeyParameters.getParameters().getH()))
-                    {
-                        return new SimpleTestResult(false, "H does not match");
-                    }
-
-                    if (!keyParameters.getParameters().getHInv().equals(generatedKeyParameters.getParameters().getHInv()))
-                    {
-                        return new SimpleTestResult(false, "Hinv does not match");
-                    }
-
-                    if (!keyParameters.getParameters().getN().equals(generatedKeyParameters.getParameters().getN()))
-                    {
-                        return new SimpleTestResult(false, "N does not match");
-                    }
-
-                    if (!Arrays.areEqual(keyParameters.getParameters().getSeed(), generatedKeyParameters.getParameters().getSeed()))
-                    {
-                        return new SimpleTestResult(false, "Seed does not match");
-                    }
-                }
-
-
-            }
-            catch (Exception ex)
-            {
-                return new SimpleTestResult(false, ex.getMessage(), ex);
-            }
-
-            return new SimpleTestResult(true, null);
-        }
-
-
-        private SimpleTestResult decodeJCEPublic()
-        {
-            byte[] pub256 = Hex.decode("3068302106082a85030701010101301506092a850307010201010106082a850307010102020343000440292335c87d892510c35a033819a13e2b0dc606d911676af2bad8872d74a4b7bae6c729e98ace04c3dee626343f794731e1489edb7bc26f1c8c56e1448c96501a");
-
-            try
-            {
-                ECPublicKeyParameters pkInfo = (ECPublicKeyParameters)PublicKeyFactory.createKey(pub256);
-
-                if (pkInfo.isPrivate())
-                {
-                    return new SimpleTestResult(false, "isPrivate should be false");
-                }
-
-                if (
-                    !Arrays.areEqual(
-                        pkInfo.getQ().getEncoded(true),
-                        Hex.decode("02bab7a4742d87d8baf26a6711d906c60d2b3ea11938035ac31025897dc8352329")))
-                {
-                    return new SimpleTestResult(false, "Q does not match");
-                }
-
-                if (!((ECGOST3410Parameters)pkInfo.getParameters()).getPublicKeyParamSet().toString().equals("1.2.643.7.1.2.1.1.1"))
-                {
-                    return new SimpleTestResult(false, "PublicKeyParamSet does not match");
-                }
-
-                if (!((ECGOST3410Parameters)pkInfo.getParameters()).getDigestParamSet().toString().equals("1.2.643.7.1.1.2.2"))
-                {
-                    return new SimpleTestResult(false, "DigestParamSet does not match");
-                }
-
-                if (((ECGOST3410Parameters)pkInfo.getParameters()).getEncryptionParamSet() != null)
-                {
-                    return new SimpleTestResult(false, "EncryptionParamSet is not null");
-                }
-
-
-                byte[] pub512 = Hex.decode("3081aa302106082a85030701010102301506092a850307010201020106082a850307010102030381840004818043ccc22692ee8a1870c7c9de0566d7e3a494cf0e3c80f9e8852a3d1ec10d2a829d357253e0864aee2eaacd5e2d327578dee771f62f24decfd6358e06199efe540e7912db43c4c80fe0fd31f7f67a862f9d44fd0075cfee6e3d638c7520063d26311ef962547e8129fb8c5b194e129370cd30313884b4a60872254a10772fe595");
-
-                pkInfo = (ECPublicKeyParameters)PublicKeyFactory.createKey(pub512);
-
-                if (pkInfo.isPrivate())
-                {
-                    return new SimpleTestResult(false, "isPrivate should be true");
-                }
-
-                if (
-                    !Arrays.areEqual(
-                        pkInfo.getQ().getEncoded(true),
-                        Hex.decode("0254fe9e19068e35d6cfde242ff671e7de7875322d5ecdaa2eee4a86e05372359d822a0dc11e3d2a85e8f9803c0ecf94a4e3d76605dec9c770188aee9226c2cc43")))
-                {
-                    return new SimpleTestResult(false, "Q does not match");
-                }
-
-
-                if (!((ECGOST3410Parameters)pkInfo.getParameters()).getPublicKeyParamSet().toString().equals("1.2.643.7.1.2.1.2.1"))
-                {
-                    return new SimpleTestResult(false, "PublicKeyParamSet does not match");
-                }
-
-                if (!((ECGOST3410Parameters)pkInfo.getParameters()).getDigestParamSet().toString().equals("1.2.643.7.1.1.2.3"))
-                {
-                    return new SimpleTestResult(false, "DigestParamSet does not match");
-                }
-
-                if (((ECGOST3410Parameters)pkInfo.getParameters()).getEncryptionParamSet() != null)
-                {
-                    return new SimpleTestResult(false, "EncryptionParamSet is not null");
-                }
-
-            }
-            catch (Exception ex)
-            {
-                return new SimpleTestResult(false, ex.getMessage(), ex);
-            }
-
-            return new SimpleTestResult(true, null);
-        }
-
-
-        private SimpleTestResult decodeJCEPrivate()
-        {
-            byte[] priv256 = Hex.decode("304a020100302106082a85030701010101301506092a850307010201010106082a8503070101020204220420fe75ba328d5439ed4859e6dc7e6ca2e9aab0818f094eddeb0d57d1c16a90762b");
-
-            try
-            {
-                ECPrivateKeyParameters pkInfo = (ECPrivateKeyParameters)PrivateKeyFactory.createKey(priv256);
-
-                if (!pkInfo.isPrivate())
-                {
-                    return new SimpleTestResult(false, "isPrivate should be true");
-                }
-
-                if (
-                    !Arrays.areEqual(
-                        Hex.decode("2b76906ac1d1570debdd4e098f81b0aae9a26c7edce65948ed39548d32ba75fe"),
-                        pkInfo.getD().toByteArray()))
-                {
-                    return new SimpleTestResult(false, "D does not match");
-                }
-
-                if (!((ECGOST3410Parameters)pkInfo.getParameters()).getPublicKeyParamSet().toString().equals("1.2.643.7.1.2.1.1.1"))
-                {
-                    return new SimpleTestResult(false, "PublicKeyParamSet does not match");
-                }
-
-                if (!((ECGOST3410Parameters)pkInfo.getParameters()).getDigestParamSet().toString().equals("1.2.643.7.1.1.2.2"))
-                {
-                    return new SimpleTestResult(false, "DigestParamSet does not match");
-                }
-
-                if (((ECGOST3410Parameters)pkInfo.getParameters()).getEncryptionParamSet() != null)
-                {
-                    return new SimpleTestResult(false, "EncryptionParamSet is not null");
-                }
-
-
-                byte[] priv512 = Hex.decode("306a020100302106082a85030701010102301506092a850307010201020106082a85030701010203044204402fc35576152f6e873236608b592b4b98d0793bf5184f8dc4a99512be703716991a96061ef46aceeae5319b5c69e6fcbfa7e339207878597ce50f9b7cbf857ff1");
-
-                pkInfo = (ECPrivateKeyParameters)PrivateKeyFactory.createKey(priv512);
-
-                if (!pkInfo.isPrivate())
-                {
-                    return new SimpleTestResult(false, "isPrivate should be true");
-                }
-
-                if (
-                    !Arrays.areEqual(
-                        Hex.decode("00f17f85bf7c9b0fe57c5978782039e3a7bffce6695c9b31e5eace6af41e06961a99163770be1295a9c48d4f18f53b79d0984b2b598b603632876e2f157655c32f"),
-                        pkInfo.getD().toByteArray()))
-                {
-                    return new SimpleTestResult(false, "D does not match");
-                }
-
-                if (!((ECGOST3410Parameters)pkInfo.getParameters()).getPublicKeyParamSet().toString().equals("1.2.643.7.1.2.1.2.1"))
-                {
-                    return new SimpleTestResult(false, "PublicKeyParamSet does not match");
-                }
-
-                if (!((ECGOST3410Parameters)pkInfo.getParameters()).getDigestParamSet().toString().equals("1.2.643.7.1.1.2.3"))
-                {
-                    return new SimpleTestResult(false, "DigestParamSet does not match");
-                }
-
-                if (((ECGOST3410Parameters)pkInfo.getParameters()).getEncryptionParamSet() != null)
-                {
-                    return new SimpleTestResult(false, "EncryptionParamSet is not null");
-                }
-
-            }
-            catch (Exception ex)
-            {
-                return new SimpleTestResult(false, ex.getMessage(), ex);
-            }
-
-            return new SimpleTestResult(true, null);
-        }
-
-
-        private SimpleTestResult encodeDecodePrivateLW(String oidStr, ASN1ObjectIdentifier digest)
-        {
-            try
-            {
-                ASN1ObjectIdentifier oid = ECGOST3410NamedCurves.getOID(oidStr);
-                ECNamedDomainParameters ecp = new ECNamedDomainParameters(oid, ECGOST3410NamedCurves.getByOID(oid));
-                ECGOST3410Parameters gostParams = new ECGOST3410Parameters(ecp, oid, digest);
-                ECKeyGenerationParameters params = new ECKeyGenerationParameters(gostParams, new SecureRandom());
-                ECKeyPairGenerator engine = new ECKeyPairGenerator();
-                engine.init(params);
-                AsymmetricCipherKeyPair pair = engine.generateKeyPair();
-
-                ECPrivateKeyParameters generatedKeyParameters = (ECPrivateKeyParameters)pair.getPrivate();
-
-                PrivateKeyInfo info = PrivateKeyInfoFactory.createPrivateKeyInfo(generatedKeyParameters);
-
-                ECPrivateKeyParameters recoveredKeyParameters = (ECPrivateKeyParameters)PrivateKeyFactory.createKey(info);
-
-                { // Specifically cast and test gost parameters.
-                    ECGOST3410Parameters gParam = (ECGOST3410Parameters)generatedKeyParameters.getParameters();
-                    ECGOST3410Parameters rParam = (ECGOST3410Parameters)recoveredKeyParameters.getParameters();
-
-                    boolean ok = safeEquals(gParam.getDigestParamSet(), rParam.getDigestParamSet()) &&
-                        safeEquals(gParam.getEncryptionParamSet(), rParam.getEncryptionParamSet()) &&
-                        safeEquals(gParam.getPublicKeyParamSet(), rParam.getPublicKeyParamSet());
-
-                    if (!ok)
-                    {
-                        return new SimpleTestResult(false, "GOST parameters does not match");
-                    }
-
-                }
-
-
-                if (recoveredKeyParameters.isPrivate() != generatedKeyParameters.isPrivate())
-                {
-                    return new SimpleTestResult(false, "isPrivate does not match");
-                }
-
-                if (!((ECGOST3410Parameters)recoveredKeyParameters.getParameters()).getName().equals(
-                    ((ECGOST3410Parameters)generatedKeyParameters.getParameters()).getName()))
-                {
-                    return new SimpleTestResult(false, "Name does not match");
-                }
-
-
-                if (!recoveredKeyParameters.getD().equals(generatedKeyParameters.getD()))
-                {
-                    return new SimpleTestResult(false, "D does not match");
-                }
-
-                if (!recoveredKeyParameters.getParameters().getCurve().equals(generatedKeyParameters.getParameters().getCurve()))
-                {
-                    return new SimpleTestResult(false, "Curve does not match");
-                }
-
-                if (!Arrays.areEqual(
-                    recoveredKeyParameters.getParameters().getG().getEncoded(true),
-                    generatedKeyParameters.getParameters().getG().getEncoded(true)))
-                {
-                    return new SimpleTestResult(false, "G does not match");
-                }
-
-                if (!recoveredKeyParameters.getParameters().getH().equals(generatedKeyParameters.getParameters().getH()))
-                {
-                    return new SimpleTestResult(false, "H does not match");
-                }
-
-                if (!recoveredKeyParameters.getParameters().getHInv().equals(generatedKeyParameters.getParameters().getHInv()))
-                {
-                    return new SimpleTestResult(false, "Hinv does not match");
-                }
-
-                if (!recoveredKeyParameters.getParameters().getN().equals(generatedKeyParameters.getParameters().getN()))
-                {
-                    return new SimpleTestResult(false, "N does not match");
-                }
-
-                if (!Arrays.areEqual(recoveredKeyParameters.getParameters().getSeed(), generatedKeyParameters.getParameters().getSeed()))
-                {
-                    return new SimpleTestResult(false, "Seed does not match");
-                }
-
-                return new SimpleTestResult(true, null);
-            }
-            catch (Exception t)
-            {
-                // Any exception is bad.
-                return new SimpleTestResult(false, t.getMessage(), t);
-            }
-        }
-
-
-        private SimpleTestResult encodeDecodePublicLW(String oidStr, ASN1ObjectIdentifier digest)
-        {
-            try
-            {
-                ASN1ObjectIdentifier oid = ECGOST3410NamedCurves.getOID(oidStr);
-                ECNamedDomainParameters ecp = new ECNamedDomainParameters(oid, ECGOST3410NamedCurves.getByOID(oid));
-                ECGOST3410Parameters gostParams = new ECGOST3410Parameters(ecp, oid, digest);
-                ECKeyGenerationParameters params = new ECKeyGenerationParameters(gostParams, new SecureRandom());
-                ECKeyPairGenerator engine = new ECKeyPairGenerator();
-                engine.init(params);
-                AsymmetricCipherKeyPair pair = engine.generateKeyPair();
-
-                ECPublicKeyParameters generatedKeyParameters = (ECPublicKeyParameters)pair.getPublic();
-
-                SubjectPublicKeyInfo info = SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(generatedKeyParameters);
-
-                ECPublicKeyParameters recoveredKeyParameters = (ECPublicKeyParameters)PublicKeyFactory.createKey(info);
-
-                { // Specifically cast and test gost parameters.
-                    ECGOST3410Parameters gParam = (ECGOST3410Parameters)generatedKeyParameters.getParameters();
-                    ECGOST3410Parameters rParam = (ECGOST3410Parameters)recoveredKeyParameters.getParameters();
-
-
-                    boolean ok = safeEquals(gParam.getDigestParamSet(), rParam.getDigestParamSet()) &&
-                        safeEquals(gParam.getEncryptionParamSet(), rParam.getEncryptionParamSet()) &&
-                        safeEquals(gParam.getPublicKeyParamSet(), rParam.getPublicKeyParamSet());
-
-                    if (!ok)
-                    {
-                        return new SimpleTestResult(false, "GOST parameters does not match");
-                    }
-
-                }
-
-                if (!((ECGOST3410Parameters)recoveredKeyParameters.getParameters()).getName().equals(
-                    ((ECGOST3410Parameters)generatedKeyParameters.getParameters()).getName()))
-                {
-                    return new SimpleTestResult(false, "Name does not match");
-                }
-
-
-                if (recoveredKeyParameters.isPrivate() != generatedKeyParameters.isPrivate())
-                {
-                    return new SimpleTestResult(false, "isPrivate does not match");
-                }
-
-                if (!Arrays.areEqual(recoveredKeyParameters.getQ().getEncoded(true), generatedKeyParameters.getQ().getEncoded(true)))
-                {
-                    return new SimpleTestResult(false, "Q does not match");
-                }
-
-                if (!recoveredKeyParameters.getParameters().getCurve().equals(generatedKeyParameters.getParameters().getCurve()))
-                {
-                    return new SimpleTestResult(false, "Curve does not match");
-                }
-
-                if (!Arrays.areEqual(
-                    recoveredKeyParameters.getParameters().getG().getEncoded(true),
-                    generatedKeyParameters.getParameters().getG().getEncoded(true)))
-                {
-                    return new SimpleTestResult(false, "G does not match");
-                }
-
-                if (!recoveredKeyParameters.getParameters().getH().equals(generatedKeyParameters.getParameters().getH()))
-                {
-                    return new SimpleTestResult(false, "H does not match");
-                }
-
-                if (!recoveredKeyParameters.getParameters().getHInv().equals(generatedKeyParameters.getParameters().getHInv()))
-                {
-                    return new SimpleTestResult(false, "Hinv does not match");
-                }
-
-                if (!recoveredKeyParameters.getParameters().getN().equals(generatedKeyParameters.getParameters().getN()))
-                {
-                    return new SimpleTestResult(false, "N does not match");
-                }
-
-                if (!Arrays.areEqual(recoveredKeyParameters.getParameters().getSeed(), generatedKeyParameters.getParameters().getSeed()))
-                {
-                    return new SimpleTestResult(false, "Seed does not match");
-                }
-
-                return new SimpleTestResult(true, null);
-            }
-            catch (Exception t)
-            {
-                // Any exception is bad.
-                return new SimpleTestResult(false, t.getMessage(), t);
-            }
-        }
-
-
-        private boolean safeEquals(Object left, Object right)
-        {
-            if (left == null || right == null)
-            {
-                return left == null && right == null;
-            }
-
-            return left.equals(right);
-        }
-
-        public TestResult perform()
-        {
-
-            SimpleTestResult str = encodeDecodePublicLW("Tc26-Gost-3410-12-512-paramSetA", RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512);
-            if (!str.isSuccessful())
-            {
-                return str;
-            }
-
-            str = encodeDecodePrivateLW("Tc26-Gost-3410-12-512-paramSetA", RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512);
-            if (!str.isSuccessful())
-            {
-                return str;
-            }
-
-
-            str = encodeDecodePublicLW("Tc26-Gost-3410-12-256-paramSetA", RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256);
-            if (!str.isSuccessful())
-            {
-                return str;
-            }
-
-            str = encodeDecodePrivateLW("Tc26-Gost-3410-12-256-paramSetA", RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256);
-            if (!str.isSuccessful())
-            {
-                return str;
-            }
-
-            str = decodeJCEPrivate();
-            if (!str.isSuccessful())
-            {
-                return str;
-            }
-
-            str = decodeJCEPublic();
-            if (!str.isSuccessful())
-            {
-                return str;
-            }
-
-            str = encodeRecodePrivateKey();
-            if (!str.isSuccessful())
-            {
-                return str;
-            }
-
-            str = encodeRecodePublicKey();
-            if (!str.isSuccessful())
-            {
-                return str;
-            }
-
-
-            str = encodeRecodePublicKeyGost2006();
-            if (!str.isSuccessful())
-            {
-                return str;
-            }
-
-            str = encodeRecodePrivateKeyGost2006();
-            if (!str.isSuccessful())
-            {
-                return str;
-            }
-
-            return new SimpleTestResult(true, getName() + ": Okay");
-        }
-    }
-
-    private class GOST3410_TEST1_512
-        implements Test
-    {
-        public String getName()
-        {
-            return "GOST3410-TEST1-512";
-        }
-
-        FixedSecureRandom init_random = new FixedSecureRandom(
-            new FixedSecureRandom.Source[]{new FixedSecureRandom.Data(Hex.decode("00005EC900007341")), new FixedSecureRandom.Data(zeroTwo(64))});
-        FixedSecureRandom random = new TestRandomData(Hex.decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A"));
-        FixedSecureRandom keyRandom = new TestRandomData(Hex.decode("3036314538303830343630454235324435324234314132373832433138443046"));
-
-        BigInteger pValue = new BigInteger("EE8172AE8996608FB69359B89EB82A69854510E2977A4D63BC97322CE5DC3386EA0A12B343E9190F23177539845839786BB0C345D165976EF2195EC9B1C379E3", 16);
-        BigInteger qValue = new BigInteger("98915E7EC8265EDFCDA31E88F24809DDB064BDC7285DD50D7289F0AC6F49DD2D", 16);
-
-        public TestResult perform()
-        {
-            BigInteger r = new BigInteger("3e5f895e276d81d2d52c0763270a458157b784c57abdbd807bc44fd43a32ac06", 16);
-            BigInteger s = new BigInteger("3f0dd5d4400d47c08e4ce505ff7434b6dbf729592e37c74856dab85115a60955", 16);
-            GOST3410ParametersGenerator pGen = new GOST3410ParametersGenerator();
-
-            pGen.init(512, 1, init_random);
-
-            GOST3410Parameters params = pGen.generateParameters();
-
-            if (params.getValidationParameters() == null)
-            {
-                return new SimpleTestResult(false, getName() + "validation parameters wrong");
-            }
-            if (params.getValidationParameters().getC() != 29505
-                || params.getValidationParameters().getX0() != 24265)
-            {
-                return new SimpleTestResult(false, getName() + "validation parameters values wrong");
-            }
-            if (!init_random.isExhausted())
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": unexpected number of bytes used from 'init_random'.");
-            }
-
-            if (!pValue.equals(params.getP()) || !qValue.equals(params.getQ()))
-            {
-                return new SimpleTestResult(false, getName() + ": p or q wrong");
-            }
-
-            GOST3410KeyPairGenerator GOST3410KeyGen = new GOST3410KeyPairGenerator();
-            GOST3410KeyGenerationParameters genParam = new GOST3410KeyGenerationParameters(keyRandom, params);
-
-            GOST3410KeyGen.init(genParam);
-
-            AsymmetricCipherKeyPair pair = GOST3410KeyGen.generateKeyPair();
-
-            if (!keyRandom.isExhausted())
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": unexpected number of bytes used from 'keyRandom'.");
-            }
-
-            ParametersWithRandom param = new ParametersWithRandom(pair.getPrivate(), random);
-
-            GOST3410Signer gost3410 = new GOST3410Signer();
-
-            gost3410.init(true, param);
-
-            BigInteger[] sig = gost3410.generateSignature(hashmessage);
-
-            if (!random.isExhausted())
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": unexpected number of bytes used from 'random'.");
-            }
-
-            if (!r.equals(sig[0]))
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": r component wrong." + Strings.lineSeparator()
-                    + " expecting: " + r.toString(16) + Strings.lineSeparator()
-                    + " got      : " + sig[0].toString(16));
-            }
-
-            if (!s.equals(sig[1]))
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": s component wrong." + Strings.lineSeparator()
-                    + " expecting: " + s.toString(16) + Strings.lineSeparator()
-                    + " got      : " + sig[1].toString(16));
-            }
-
-            gost3410.init(false, pair.getPublic());
-
-            if (gost3410.verifySignature(hashmessage, sig[0], sig[1]))
-            {
-                return new SimpleTestResult(true, getName() + ": Okay");
-            }
-            else
-            {
-                return new SimpleTestResult(false, getName() + ": verification fails");
-            }
-        }
-    }
-
-    private class GOST3410_TEST2_512
-        implements Test
-    {
-        public String getName()
-        {
-            return "GOST3410-TEST2-512";
-        }
-
-        FixedSecureRandom init_random = new FixedSecureRandom(
-            new FixedSecureRandom.Source[]{new FixedSecureRandom.Data(Hex.decode("000000003DFC46F1000000000000000D")), new FixedSecureRandom.Data(zeroTwo(64))});
-        FixedSecureRandom random = new TestRandomData(Hex.decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A"));
-        FixedSecureRandom keyRandom = new TestRandomData(Hex.decode("3036314538303830343630454235324435324234314132373832433138443046"));
-
-        BigInteger pValue = new BigInteger("8b08eb135af966aab39df294538580c7da26765d6d38d30cf1c06aae0d1228c3316a0e29198460fad2b19dc381c15c888c6dfd0fc2c565abb0bf1faff9518f85", 16);
-        BigInteger qValue = new BigInteger("931a58fb6f0dcdf2fe7549bc3f19f4724b56898f7f921a076601edb18c93dc75", 16);
-
-        public TestResult perform()
-        {
-            BigInteger r = new BigInteger("7c07c8cf035c2a1cb2b7fae5807ac7cd623dfca7a1a68f6d858317822f1ea00d", 16);
-            BigInteger s = new BigInteger("7e9e036a6ff87dbf9b004818252b1f6fc310bdd4d17cb8c37d9c36c7884de60c", 16);
-            GOST3410ParametersGenerator pGen = new GOST3410ParametersGenerator();
-
-            pGen.init(512, 2, init_random);
-
-            GOST3410Parameters params = pGen.generateParameters();
-
-            if (!init_random.isExhausted())
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": unexpected number of bytes used from 'init_random'.");
-            }
-
-            if (params.getValidationParameters() == null)
-            {
-                return new SimpleTestResult(false, getName() + ": validation parameters wrong");
-            }
-
-            if (params.getValidationParameters().getCL() != 13
-                || params.getValidationParameters().getX0L() != 1039943409)
-            {
-                return new SimpleTestResult(false, getName() + ": validation parameters values wrong");
-            }
-
-            if (!pValue.equals(params.getP()) || !qValue.equals(params.getQ()))
-            {
-                return new SimpleTestResult(false, getName() + ": p or q wrong");
-            }
-
-            GOST3410KeyPairGenerator GOST3410KeyGen = new GOST3410KeyPairGenerator();
-            GOST3410KeyGenerationParameters genParam = new GOST3410KeyGenerationParameters(keyRandom, params);
-
-            GOST3410KeyGen.init(genParam);
-
-            AsymmetricCipherKeyPair pair = GOST3410KeyGen.generateKeyPair();
-
-            if (!keyRandom.isExhausted())
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": unexpected number of bytes used from 'keyRandom'.");
-            }
-
-            ParametersWithRandom param = new ParametersWithRandom(pair.getPrivate(), random);
-
-            GOST3410Signer GOST3410 = new GOST3410Signer();
-
-            GOST3410.init(true, param);
-
-            BigInteger[] sig = GOST3410.generateSignature(hashmessage);
-
-            if (!random.isExhausted())
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": unexpected number of bytes used from 'random'.");
-            }
-
-            if (!r.equals(sig[0]))
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": r component wrong." + Strings.lineSeparator()
-                    + " expecting: " + r.toString(16) + Strings.lineSeparator()
-                    + " got      : " + sig[0].toString(16));
-            }
-
-            if (!s.equals(sig[1]))
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": s component wrong." + Strings.lineSeparator()
-                    + " expecting: " + s.toString(16) + Strings.lineSeparator()
-                    + " got      : " + sig[1].toString(16));
-            }
-
-            GOST3410.init(false, pair.getPublic());
-
-            if (GOST3410.verifySignature(hashmessage, sig[0], sig[1]))
-            {
-                return new SimpleTestResult(true, getName() + ": Okay");
-            }
-            else
-            {
-                return new SimpleTestResult(false, getName() + ": verification fails");
-            }
-        }
-    }
-
-    private class GOST3410_TEST1_1024
-        implements Test
-    {
-        public String getName()
-        {
-            return "GOST3410-TEST1-1024";
-        }
-
-        SecureRandom init_random = new SecureRandom()
-        {
-            boolean firstInt = true;
-
-            public int nextInt()
-            {
-                String x0 = "0xA565";
-                String c = "0x538B";
-
-                if (firstInt)
-                {
-                    firstInt = false;
-                    return NumberParsing.decodeIntFromHex(x0);
-                }
-                return NumberParsing.decodeIntFromHex(c);
-            }
-
-            public void nextBytes(byte[] bytes)
-            {
-
-                byte[] d = Hex.decode("02");
-
-                System.arraycopy(d, 0, bytes, bytes.length - d.length, d.length);
-            }
-        };
-
-        SecureRandom random = new SecureRandom()
-        {
-            public void nextBytes(byte[] bytes)
-            {
-                byte[] k = Hex.decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A");
-
-                int i;
-
-                for (i = 0; i < (bytes.length - k.length); i += k.length)
-                {
-                    System.arraycopy(k, 0, bytes, i, k.length);
-                }
-
-                if (i > bytes.length)
-                {
-                    System.arraycopy(k, 0, bytes, i - k.length, bytes.length - (i - k.length));
-                }
-                else
-                {
-                    System.arraycopy(k, 0, bytes, i, bytes.length - i);
-                }
-            }
-        };
-
-        SecureRandom keyRandom = new SecureRandom()
-        {
-            public void nextBytes(byte[] bytes)
-            {
-                byte[] x = Hex.decode("3036314538303830343630454235324435324234314132373832433138443046");
-
-                int i;
-
-                for (i = 0; i < (bytes.length - x.length); i += x.length)
-                {
-                    System.arraycopy(x, 0, bytes, i, x.length);
-                }
-
-                if (i > bytes.length)
-                {
-                    System.arraycopy(x, 0, bytes, i - x.length, bytes.length - (i - x.length));
-                }
-                else
-                {
-                    System.arraycopy(x, 0, bytes, i, bytes.length - i);
-                }
-            }
-        };
-
-        BigInteger pValue = new BigInteger("ab8f37938356529e871514c1f48c5cbce77b2f4fc9a2673ac2c1653da8984090c0ac73775159a26bef59909d4c9846631270e16653a6234668f2a52a01a39b921490e694c0f104b58d2e14970fccb478f98d01e975a1028b9536d912de5236d2dd2fc396b77153594d4178780e5f16f718471e2111c8ce64a7d7e196fa57142d", 16);
-        BigInteger qValue = new BigInteger("bcc02ca0ce4f0753ec16105ee5d530aa00d39f3171842ab2c334a26b5f576e0f", 16);
-
-        public TestResult perform()
-        {
-            BigInteger r = new BigInteger("a8790aabbd5a998ff524bad048ac69cd1faff2dab048265c8d60d1471c44a9ee", 16);
-            BigInteger s = new BigInteger("30df5ba32ac77170b9632559bef7d37620017756dff3fea1088b4267db0944b8", 16);
-            GOST3410ParametersGenerator pGen = new GOST3410ParametersGenerator();
-
-            pGen.init(1024, 1, init_random);
-
-            GOST3410Parameters params = pGen.generateParameters();
-
-            if (!pValue.equals(params.getP()) || !qValue.equals(params.getQ()))
-            {
-                return new SimpleTestResult(false, getName() + ": p or q wrong");
-            }
-
-            GOST3410KeyPairGenerator GOST3410KeyGen = new GOST3410KeyPairGenerator();
-            GOST3410KeyGenerationParameters genParam = new GOST3410KeyGenerationParameters(keyRandom, params);
-
-            GOST3410KeyGen.init(genParam);
-
-            AsymmetricCipherKeyPair pair = GOST3410KeyGen.generateKeyPair();
-
-            ParametersWithRandom param = new ParametersWithRandom(pair.getPrivate(), random);
-
-            GOST3410Signer GOST3410 = new GOST3410Signer();
-
-            GOST3410.init(true, param);
-
-            BigInteger[] sig = GOST3410.generateSignature(hashmessage);
-
-            if (!r.equals(sig[0]))
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": r component wrong." + Strings.lineSeparator()
-                    + " expecting: " + r.toString(16) + Strings.lineSeparator()
-                    + " got      : " + sig[0].toString(16));
-            }
-
-            if (!s.equals(sig[1]))
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": s component wrong." + Strings.lineSeparator()
-                    + " expecting: " + s.toString(16) + Strings.lineSeparator()
-                    + " got      : " + sig[1].toString(16));
-            }
-
-            GOST3410.init(false, pair.getPublic());
-
-            if (GOST3410.verifySignature(hashmessage, sig[0], sig[1]))
-            {
-                return new SimpleTestResult(true, getName() + ": Okay");
-            }
-            else
-            {
-                return new SimpleTestResult(false, getName() + ": verification fails");
-            }
-        }
-    }
-
-    private class GOST3410_TEST2_1024
-        implements Test
-    {
-        public String getName()
-        {
-            return "GOST3410-TEST2-1024";
-        }
-
-        SecureRandom init_random = new SecureRandom()
-        {
-            boolean firstLong = true;
-
-            public long nextLong()
-            {
-                String x0 = "0x3DFC46F1";
-                String c = "0xD";
-
-                if (firstLong)
-                {
-                    firstLong = false;
-                    return NumberParsing.decodeLongFromHex(x0);
-                }
-                return NumberParsing.decodeLongFromHex(c);
-            }
-
-            public void nextBytes(byte[] bytes)
-            {
-
-                byte[] d = Hex.decode("02");
-
-                System.arraycopy(d, 0, bytes, bytes.length - d.length, d.length);
-            }
-        };
-
-        SecureRandom random = new SecureRandom()
-        {
-            public void nextBytes(byte[] bytes)
-            {
-                byte[] k = Hex.decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A");
-
-                int i;
-
-                for (i = 0; i < (bytes.length - k.length); i += k.length)
-                {
-                    System.arraycopy(k, 0, bytes, i, k.length);
-                }
-
-                if (i > bytes.length)
-                {
-                    System.arraycopy(k, 0, bytes, i - k.length, bytes.length - (i - k.length));
-                }
-                else
-                {
-                    System.arraycopy(k, 0, bytes, i, bytes.length - i);
-                }
-            }
-        };
-
-        SecureRandom keyRandom = new SecureRandom()
-        {
-            public void nextBytes(byte[] bytes)
-            {
-                byte[] x = Hex.decode("3036314538303830343630454235324435324234314132373832433138443046");
-
-                int i;
-
-                for (i = 0; i < (bytes.length - x.length); i += x.length)
-                {
-                    System.arraycopy(x, 0, bytes, i, x.length);
-                }
-
-                if (i > bytes.length)
-                {
-                    System.arraycopy(x, 0, bytes, i - x.length, bytes.length - (i - x.length));
-                }
-                else
-                {
-                    System.arraycopy(x, 0, bytes, i, bytes.length - i);
-                }
-            }
-        };
-
-        BigInteger pValue = new BigInteger("e2c4191c4b5f222f9ac2732562f6d9b4f18e7fb67a290ea1e03d750f0b9806755fc730d975bf3faa606d05c218b35a6c3706919aab92e0c58b1de4531c8fa8e7af43c2bff016251e21b2870897f6a27ac4450bca235a5b748ad386e4a0e4dfcb09152435abcfe48bd0b126a8122c7382f285a9864615c66decddf6afd355dfb7", 16);
-        BigInteger qValue = new BigInteger("931a58fb6f0dcdf2fe7549bc3f19f4724b56898f7f921a076601edb18c93dc75", 16);
-
-        public TestResult perform()
-        {
-            BigInteger r = new BigInteger("81d69a192e9c7ac21fc07da41bd07e230ba6a94eb9f3c1fd104c7bd976733ca5", 16);
-            BigInteger s = new BigInteger("315c879c8414f35feb4deb15e7cc0278c48e6ca1596325d6959338d860b0c47a", 16);
-            GOST3410ParametersGenerator pGen = new GOST3410ParametersGenerator();
-
-            pGen.init(1024, 2, init_random);
-
-            GOST3410Parameters params = pGen.generateParameters();
-
-            if (!pValue.equals(params.getP()) || !qValue.equals(params.getQ()))
-            {
-                return new SimpleTestResult(false, getName() + ": p or q wrong");
-            }
-
-            GOST3410KeyPairGenerator GOST3410KeyGen = new GOST3410KeyPairGenerator();
-            GOST3410KeyGenerationParameters genParam = new GOST3410KeyGenerationParameters(keyRandom, params);
-
-            GOST3410KeyGen.init(genParam);
-
-            AsymmetricCipherKeyPair pair = GOST3410KeyGen.generateKeyPair();
-
-            ParametersWithRandom param = new ParametersWithRandom(pair.getPrivate(), random);
-
-            GOST3410Signer GOST3410 = new GOST3410Signer();
-
-            GOST3410.init(true, param);
-
-            BigInteger[] sig = GOST3410.generateSignature(hashmessage);
-
-            if (!r.equals(sig[0]))
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": r component wrong." + Strings.lineSeparator()
-                    + " expecting: " + r.toString(16) + Strings.lineSeparator()
-                    + " got      : " + sig[0].toString(16));
-            }
-
-            if (!s.equals(sig[1]))
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": s component wrong." + Strings.lineSeparator()
-                    + " expecting: " + s.toString(16) + Strings.lineSeparator()
-                    + " got      : " + sig[1].toString(16));
-            }
-
-            GOST3410.init(false, pair.getPublic());
-
-            if (GOST3410.verifySignature(hashmessage, sig[0], sig[1]))
-            {
-                return new SimpleTestResult(true, getName() + ": Okay");
-            }
-            else
-            {
-                return new SimpleTestResult(false, getName() + ": verification fails");
-            }
-        }
-    }
-
-    private class GOST3410_AParam
-        implements Test
-    {
-        public String getName()
-        {
-            return "GOST3410-AParam";
-        }
-
-        SecureRandom init_random = new SecureRandom()
-        {
-            boolean firstLong = true;
-
-            public long nextLong()
-            {
-                String x0 = "0x520874F5";
-                String c = "0xEE39ADB3";
-
-                if (firstLong)
-                {
-                    firstLong = false;
-                    return NumberParsing.decodeLongFromHex(x0);
-                }
-                return NumberParsing.decodeLongFromHex(c);
-            }
-
-            public void nextBytes(byte[] bytes)
-            {
-
-                byte[] d = Hex.decode("02");
-
-                System.arraycopy(d, 0, bytes, bytes.length - d.length, d.length);
-            }
-        };
-
-        SecureRandom random = new SecureRandom()
-        {
-            public void nextBytes(byte[] bytes)
-            {
-                byte[] k = Hex.decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A");
-
-                int i;
-
-                for (i = 0; i < (bytes.length - k.length); i += k.length)
-                {
-                    System.arraycopy(k, 0, bytes, i, k.length);
-                }
-
-                if (i > bytes.length)
-                {
-                    System.arraycopy(k, 0, bytes, i - k.length, bytes.length - (i - k.length));
-                }
-                else
-                {
-                    System.arraycopy(k, 0, bytes, i, bytes.length - i);
-                }
-            }
-        };
-
-        SecureRandom keyRandom = new SecureRandom()
-        {
-            public void nextBytes(byte[] bytes)
-            {
-                byte[] x = Hex.decode("3036314538303830343630454235324435324234314132373832433138443046");
-
-                int i;
-
-                for (i = 0; i < (bytes.length - x.length); i += x.length)
-                {
-                    System.arraycopy(x, 0, bytes, i, x.length);
-                }
-
-                if (i > bytes.length)
-                {
-                    System.arraycopy(x, 0, bytes, i - x.length, bytes.length - (i - x.length));
-                }
-                else
-                {
-                    System.arraycopy(x, 0, bytes, i, bytes.length - i);
-                }
-            }
-        };
-
-        BigInteger pValue = new BigInteger("b4e25efb018e3c8b87505e2a67553c5edc56c2914b7e4f89d23f03f03377e70a2903489dd60e78418d3d851edb5317c4871e40b04228c3b7902963c4b7d85d52b9aa88f2afdbeb28da8869d6df846a1d98924e925561bd69300b9ddd05d247b5922d967cbb02671881c57d10e5ef72d3e6dad4223dc82aa1f7d0294651a480df", 16);
-        BigInteger qValue = new BigInteger("972432a437178b30bd96195b773789ab2fff15594b176dd175b63256ee5af2cf", 16);
-
-        public TestResult perform()
-        {
-            BigInteger r = new BigInteger("64a8856628e5669d85f62cd763dd4a99bc56d33dc0e1859122855d141e9e4774", 16);
-            BigInteger s = new BigInteger("319ebac97092b288d469a4b988248794f60c865bc97858d9a3135c6d1a1bf2dd", 16);
-            GOST3410ParametersGenerator pGen = new GOST3410ParametersGenerator();
-
-            pGen.init(1024, 2, init_random);
-
-            GOST3410Parameters params = pGen.generateParameters();
-
-            if (!pValue.equals(params.getP()) || !qValue.equals(params.getQ()))
-            {
-                return new SimpleTestResult(false, getName() + ": p or q wrong");
-            }
-
-            GOST3410KeyPairGenerator GOST3410KeyGen = new GOST3410KeyPairGenerator();
-            GOST3410KeyGenerationParameters genParam = new GOST3410KeyGenerationParameters(keyRandom, params);
-
-            GOST3410KeyGen.init(genParam);
-
-            AsymmetricCipherKeyPair pair = GOST3410KeyGen.generateKeyPair();
-
-            ParametersWithRandom param = new ParametersWithRandom(pair.getPrivate(), random);
-
-            GOST3410Signer GOST3410 = new GOST3410Signer();
-
-            GOST3410.init(true, param);
-
-            BigInteger[] sig = GOST3410.generateSignature(hashmessage);
-
-            if (!r.equals(sig[0]))
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": r component wrong." + Strings.lineSeparator()
-                    + " expecting: " + r.toString(16) + Strings.lineSeparator()
-                    + " got      : " + sig[0].toString(16));
-            }
-
-            if (!s.equals(sig[1]))
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": s component wrong." + Strings.lineSeparator()
-                    + " expecting: " + s.toString(16) + Strings.lineSeparator()
-                    + " got      : " + sig[1].toString(16));
-            }
-
-            GOST3410.init(false, pair.getPublic());
-
-            if (GOST3410.verifySignature(hashmessage, sig[0], sig[1]))
-            {
-                return new SimpleTestResult(true, getName() + ": Okay");
-            }
-            else
-            {
-                return new SimpleTestResult(false, getName() + ": verification fails");
-            }
-        }
-    }
-
-    private class GOST3410_BParam
-        implements Test
-    {
-        public String getName()
-        {
-            return "GOST3410-BParam";
-        }
-
-        SecureRandom init_random = new SecureRandom()
-        {
-            boolean firstLong = true;
-
-            public long nextLong()
-            {
-                String x0 = "0x5B977CDB";
-                String c = "0x6E9692DD";
-
-                if (firstLong)
-                {
-                    firstLong = false;
-                    return NumberParsing.decodeLongFromHex(x0);
-                }
-                return NumberParsing.decodeLongFromHex(c);
-            }
-
-            public void nextBytes(byte[] bytes)
-            {
-                byte[] d = Hex.decode("bc3cbbdb7e6f848286e19ad9a27a8e297e5b71c53dd974cdf60f937356df69cbc97a300ccc71685c553046147f11568c4fddf363d9d886438345a62c3b75963d6546adfabf31b31290d12cae65ecb8309ef66782");
-
-                System.arraycopy(d, 0, bytes, bytes.length - d.length, d.length);
-            }
-        };
-
-        SecureRandom random = new SecureRandom()
-        {
-            public void nextBytes(byte[] bytes)
-            {
-                byte[] k = Hex.decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A");
-
-                int i;
-
-                for (i = 0; i < (bytes.length - k.length); i += k.length)
-                {
-                    System.arraycopy(k, 0, bytes, i, k.length);
-                }
-
-                if (i > bytes.length)
-                {
-                    System.arraycopy(k, 0, bytes, i - k.length, bytes.length - (i - k.length));
-                }
-                else
-                {
-                    System.arraycopy(k, 0, bytes, i, bytes.length - i);
-                }
-            }
-        };
-
-        SecureRandom keyRandom = new SecureRandom()
-        {
-            public void nextBytes(byte[] bytes)
-            {
-                byte[] x = Hex.decode("3036314538303830343630454235324435324234314132373832433138443046");
-
-                int i;
-
-                for (i = 0; i < (bytes.length - x.length); i += x.length)
-                {
-                    System.arraycopy(x, 0, bytes, i, x.length);
-                }
-
-                if (i > bytes.length)
-                {
-                    System.arraycopy(x, 0, bytes, i - x.length, bytes.length - (i - x.length));
-                }
-                else
-                {
-                    System.arraycopy(x, 0, bytes, i, bytes.length - i);
-                }
-            }
-        };
-
-        BigInteger pValue = new BigInteger("c6971fc57524b30c9018c5e621de15499736854f56a6f8aee65a7a404632b3540f09020f67f04dc2e6783b141dceffd21a703035b7d0187c6e12cb4229922bafdb2225b73e6b23a0de36e20047065aea000c1a374283d0ad8dc1981e3995f0bb8c72526041fcb98ae6163e1e71a669d8364e9c4c3188f673c5f8ee6fadb41abf", 16);
-        BigInteger qValue = new BigInteger("b09d634c10899cd7d4c3a7657403e05810b07c61a688bab2c37f475e308b0607", 16);
-
-        public TestResult perform()
-        {
-            BigInteger r = new BigInteger("860d82c60e9502cd00c0e9e1f6563feafec304801974d745c5e02079946f729e", 16);
-            BigInteger s = new BigInteger("7ef49264ef022801aaa03033cd97915235fbab4c823ed936b0f360c22114688a", 16);
-            GOST3410ParametersGenerator pGen = new GOST3410ParametersGenerator();
-
-            pGen.init(1024, 2, init_random);
-
-            GOST3410Parameters params = pGen.generateParameters();
-
-            if (!pValue.equals(params.getP()) || !qValue.equals(params.getQ()))
-            {
-                return new SimpleTestResult(false, getName() + ": p or q wrong");
-            }
-
-            GOST3410KeyPairGenerator GOST3410KeyGen = new GOST3410KeyPairGenerator();
-            GOST3410KeyGenerationParameters genParam = new GOST3410KeyGenerationParameters(keyRandom, params);
-
-            GOST3410KeyGen.init(genParam);
-
-            AsymmetricCipherKeyPair pair = GOST3410KeyGen.generateKeyPair();
-
-            ParametersWithRandom param = new ParametersWithRandom(pair.getPrivate(), random);
-
-            GOST3410Signer GOST3410 = new GOST3410Signer();
-
-            GOST3410.init(true, param);
-
-            BigInteger[] sig = GOST3410.generateSignature(hashmessage);
-
-            if (!r.equals(sig[0]))
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": r component wrong." + Strings.lineSeparator()
-                    + " expecting: " + r.toString(16) + Strings.lineSeparator()
-                    + " got      : " + sig[0].toString(16));
-            }
-
-            if (!s.equals(sig[1]))
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": s component wrong." + Strings.lineSeparator()
-                    + " expecting: " + s.toString(16) + Strings.lineSeparator()
-                    + " got      : " + sig[1].toString(16));
-            }
-
-            GOST3410.init(false, pair.getPublic());
-
-            if (GOST3410.verifySignature(hashmessage, sig[0], sig[1]))
-            {
-                return new SimpleTestResult(true, getName() + ": Okay");
-            }
-            else
-            {
-                return new SimpleTestResult(false, getName() + ": verification fails");
-            }
-        }
-    }
-
-    private class GOST3410_CParam
-        implements Test
-    {
-        public String getName()
-        {
-            return "GOST3410-CParam";
-        }
-
-        SecureRandom init_random = new SecureRandom()
-        {
-            boolean firstLong = true;
-
-            public long nextLong()
-            {
-                String x0 = "0x43848744";
-                String c = "0xB50A826D";
-
-                if (firstLong)
-                {
-                    firstLong = false;
-                    return NumberParsing.decodeLongFromHex(x0);
-                }
-                return NumberParsing.decodeLongFromHex(c);
-            }
-
-            public void nextBytes(byte[] bytes)
-            {
-                byte[] d = Hex.decode("7F575E8194BC5BDF");
-
-                System.arraycopy(d, 0, bytes, bytes.length - d.length, d.length);
-            }
-        };
-
-        SecureRandom random = new SecureRandom()
-        {
-            public void nextBytes(byte[] bytes)
-            {
-                byte[] k = Hex.decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A");
-
-                int i;
-
-                for (i = 0; i < (bytes.length - k.length); i += k.length)
-                {
-                    System.arraycopy(k, 0, bytes, i, k.length);
-                }
-
-                if (i > bytes.length)
-                {
-                    System.arraycopy(k, 0, bytes, i - k.length, bytes.length - (i - k.length));
-                }
-                else
-                {
-                    System.arraycopy(k, 0, bytes, i, bytes.length - i);
-                }
-            }
-        };
-
-        SecureRandom keyRandom = new SecureRandom()
-        {
-            public void nextBytes(byte[] bytes)
-            {
-                byte[] x = Hex.decode("3036314538303830343630454235324435324234314132373832433138443046");
-
-                int i;
-
-                for (i = 0; i < (bytes.length - x.length); i += x.length)
-                {
-                    System.arraycopy(x, 0, bytes, i, x.length);
-                }
-
-                if (i > bytes.length)
-                {
-                    System.arraycopy(x, 0, bytes, i - x.length, bytes.length - (i - x.length));
-                }
-                else
-                {
-                    System.arraycopy(x, 0, bytes, i, bytes.length - i);
-                }
-            }
-        };
-
-        BigInteger pValue = new BigInteger("9d88e6d7fe3313bd2e745c7cdd2ab9ee4af3c8899e847de74a33783ea68bc30588ba1f738c6aaf8ab350531f1854c3837cc3c860ffd7e2e106c3f63b3d8a4c034ce73942a6c3d585b599cf695ed7a3c4a93b2b947b7157bb1a1c043ab41ec8566c6145e938a611906de0d32e562494569d7e999a0dda5c879bdd91fe124df1e9", 16);
-        BigInteger qValue = new BigInteger("fadd197abd19a1b4653eecf7eca4d6a22b1f7f893b641f901641fbb555354faf", 16);
-
-        public TestResult perform()
-        {
-            BigInteger r = new BigInteger("4deb95a0b35e7ed7edebe9bef5a0f93739e16b7ff27fe794d989d0c13159cfbc", 16);
-            BigInteger s = new BigInteger("e1d0d30345c24cfeb33efde3deee5fbbda78ddc822b719d860cd0ba1fb6bd43b", 16);
-            GOST3410ParametersGenerator pGen = new GOST3410ParametersGenerator();
-
-            pGen.init(1024, 2, init_random);
-
-            GOST3410Parameters params = pGen.generateParameters();
-
-            if (!pValue.equals(params.getP()) || !qValue.equals(params.getQ()))
-            {
-                return new SimpleTestResult(false, getName() + ": p or q wrong");
-            }
-
-            GOST3410KeyPairGenerator GOST3410KeyGen = new GOST3410KeyPairGenerator();
-            GOST3410KeyGenerationParameters genParam = new GOST3410KeyGenerationParameters(keyRandom, params);
-
-            GOST3410KeyGen.init(genParam);
-
-            AsymmetricCipherKeyPair pair = GOST3410KeyGen.generateKeyPair();
-
-            ParametersWithRandom param = new ParametersWithRandom(pair.getPrivate(), random);
-
-            GOST3410Signer GOST3410 = new GOST3410Signer();
-
-            GOST3410.init(true, param);
-
-            BigInteger[] sig = GOST3410.generateSignature(hashmessage);
-
-            if (!r.equals(sig[0]))
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": r component wrong." + Strings.lineSeparator()
-                    + " expecting: " + r.toString(16) + Strings.lineSeparator()
-                    + " got      : " + sig[0].toString(16));
-            }
-
-            if (!s.equals(sig[1]))
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": s component wrong." + Strings.lineSeparator()
-                    + " expecting: " + s.toString(16) + Strings.lineSeparator()
-                    + " got      : " + sig[1].toString(16));
-            }
-
-            GOST3410.init(false, pair.getPublic());
-
-            if (GOST3410.verifySignature(hashmessage, sig[0], sig[1]))
-            {
-                return new SimpleTestResult(true, getName() + ": Okay");
-            }
-            else
-            {
-                return new SimpleTestResult(false, getName() + ": verification fails");
-            }
-        }
-    }
-
-    private class GOST3410_DParam
-        implements Test
-    {
-        public String getName()
-        {
-            return "GOST3410-DParam";
-        }
-
-        SecureRandom init_random = new SecureRandom()
-        {
-            boolean firstLong = true;
-
-            public long nextLong()
-            {
-                String x0 = "0x13DA8B9D";
-                String c = "0xA0E9DE4B";
-
-                if (firstLong)
-                {
-                    firstLong = false;
-                    return NumberParsing.decodeLongFromHex(x0);
-                }
-                return NumberParsing.decodeLongFromHex(c);
-            }
-
-            public void nextBytes(byte[] bytes)
-            {
-
-                byte[] d = Hex.decode("41ab97857f42614355d32db0b1069f109a4da283676c7c53a68185b4");
-
-                System.arraycopy(d, 0, bytes, bytes.length - d.length, d.length);
-            }
-        };
-
-        SecureRandom random = new SecureRandom()
-        {
-            public void nextBytes(byte[] bytes)
-            {
-                byte[] k = Hex.decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A");
-
-                int i;
-
-                for (i = 0; i < (bytes.length - k.length); i += k.length)
-                {
-                    System.arraycopy(k, 0, bytes, i, k.length);
-                }
-
-                if (i > bytes.length)
-                {
-                    System.arraycopy(k, 0, bytes, i - k.length, bytes.length - (i - k.length));
-                }
-                else
-                {
-                    System.arraycopy(k, 0, bytes, i, bytes.length - i);
-                }
-            }
-        };
-
-        SecureRandom keyRandom = new SecureRandom()
-        {
-            public void nextBytes(byte[] bytes)
-            {
-                byte[] x = Hex.decode("3036314538303830343630454235324435324234314132373832433138443046");
-
-                int i;
-
-                for (i = 0; i < (bytes.length - x.length); i += x.length)
-                {
-                    System.arraycopy(x, 0, bytes, i, x.length);
-                }
-
-                if (i > bytes.length)
-                {
-                    System.arraycopy(x, 0, bytes, i - x.length, bytes.length - (i - x.length));
-                }
-                else
-                {
-                    System.arraycopy(x, 0, bytes, i, bytes.length - i);
-                }
-            }
-        };
-
-        BigInteger pValue = new BigInteger("80f102d32b0fd167d069c27a307adad2c466091904dbaa55d5b8cc7026f2f7a1919b890cb652c40e054e1e9306735b43d7b279eddf9102001cd9e1a831fe8a163eed89ab07cf2abe8242ac9dedddbf98d62cddd1ea4f5f15d3a42a6677bdd293b24260c0f27c0f1d15948614d567b66fa902baa11a69ae3bceadbb83e399c9b5", 16);
-        BigInteger qValue = new BigInteger("f0f544c418aac234f683f033511b65c21651a6078bda2d69bb9f732867502149", 16);
-
-        public TestResult perform()
-        {
-            BigInteger r = new BigInteger("712592d285b792e33b8a9a11e8e6c4f512ddf0042972bbfd1abb0a93e8fc6f54", 16);
-            BigInteger s = new BigInteger("2cf26758321258b130d5612111339f09ceb8668241f3482e38baa56529963f07", 16);
-            GOST3410ParametersGenerator pGen = new GOST3410ParametersGenerator();
-
-            pGen.init(1024, 2, init_random);
-
-            GOST3410Parameters params = pGen.generateParameters();
-
-            if (!pValue.equals(params.getP()) || !qValue.equals(params.getQ()))
-            {
-                return new SimpleTestResult(false, getName() + ": p or q wrong");
-            }
-
-            GOST3410KeyPairGenerator GOST3410KeyGen = new GOST3410KeyPairGenerator();
-            GOST3410KeyGenerationParameters genParam = new GOST3410KeyGenerationParameters(keyRandom, params);
-
-            GOST3410KeyGen.init(genParam);
-
-            AsymmetricCipherKeyPair pair = GOST3410KeyGen.generateKeyPair();
-
-            ParametersWithRandom param = new ParametersWithRandom(pair.getPrivate(), random);
-
-            GOST3410Signer GOST3410 = new GOST3410Signer();
-
-            GOST3410.init(true, param);
-
-            BigInteger[] sig = GOST3410.generateSignature(hashmessage);
-
-            if (!r.equals(sig[0]))
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": r component wrong." + Strings.lineSeparator()
-                    + " expecting: " + r.toString(16) + Strings.lineSeparator()
-                    + " got      : " + sig[0].toString(16));
-            }
-
-            if (!s.equals(sig[1]))
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": s component wrong." + Strings.lineSeparator()
-                    + " expecting: " + s.toString(16) + Strings.lineSeparator()
-                    + " got      : " + sig[1].toString(16));
-            }
-
-            GOST3410.init(false, pair.getPublic());
-
-            if (GOST3410.verifySignature(hashmessage, sig[0], sig[1]))
-            {
-                return new SimpleTestResult(true, getName() + ": Okay");
-            }
-            else
-            {
-                return new SimpleTestResult(false, getName() + ": verification fails");
-            }
-        }
-    }
-
-    private class GOST3410_AExParam
-        implements Test
-    {
-        public String getName()
-        {
-            return "GOST3410-AExParam";
-        }
-
-        SecureRandom init_random = new SecureRandom()
-        {
-            boolean firstLong = true;
-
-            public long nextLong()
-            {
-                String x0 = "0xD05E9F14";
-                String c = "0x46304C5F";
-
-                if (firstLong)
-                {
-                    firstLong = false;
-                    return NumberParsing.decodeLongFromHex(x0);
-                }
-                return NumberParsing.decodeLongFromHex(c);
-            }
-
-            public void nextBytes(byte[] bytes)
-            {
-                byte[] d = Hex.decode("35ab875399cda33c146ca629660e5a5e5c07714ca326db032dd6751995cdb90a612b9228932d8302704ec24a5def7739c5813d83");
-
-                System.arraycopy(d, 0, bytes, bytes.length - d.length, d.length);
-            }
-        };
-
-        SecureRandom random = new SecureRandom()
-        {
-            public void nextBytes(byte[] bytes)
-            {
-                byte[] k = Hex.decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A");
-
-                int i;
-
-                for (i = 0; i < (bytes.length - k.length); i += k.length)
-                {
-                    System.arraycopy(k, 0, bytes, i, k.length);
-                }
-
-                if (i > bytes.length)
-                {
-                    System.arraycopy(k, 0, bytes, i - k.length, bytes.length - (i - k.length));
-                }
-                else
-                {
-                    System.arraycopy(k, 0, bytes, i, bytes.length - i);
-                }
-            }
-        };
-
-        SecureRandom keyRandom = new SecureRandom()
-        {
-            public void nextBytes(byte[] bytes)
-            {
-                byte[] x = Hex.decode("3036314538303830343630454235324435324234314132373832433138443046");
-
-                int i;
-
-                for (i = 0; i < (bytes.length - x.length); i += x.length)
-                {
-                    System.arraycopy(x, 0, bytes, i, x.length);
-                }
-
-                if (i > bytes.length)
-                {
-                    System.arraycopy(x, 0, bytes, i - x.length, bytes.length - (i - x.length));
-                }
-                else
-                {
-                    System.arraycopy(x, 0, bytes, i, bytes.length - i);
-                }
-            }
-        };
-
-        BigInteger pValue = new BigInteger("ca3b3f2eee9fd46317d49595a9e7518e6c63d8f4eb4d22d10d28af0b8839f079f8289e603b03530784b9bb5a1e76859e4850c670c7b71c0df84ca3e0d6c177fe9f78a9d8433230a883cd82a2b2b5c7a3306980278570cdb79bf01074a69c9623348824b0c53791d53c6a78cab69e1cfb28368611a397f50f541e16db348dbe5f", 16);
-        BigInteger qValue = new BigInteger("cae4d85f80c147704b0ca48e85fb00a9057aa4acc44668e17f1996d7152690d9", 16);
-
-        public TestResult perform()
-        {
-            BigInteger r = new BigInteger("90892707282f433398488f19d31ac48523a8e2ded68944e0da91c6895ee7045e", 16);
-            BigInteger s = new BigInteger("3be4620ee88f1ee8f9dd63c7d145b7e554839feeca125049118262ea4651e9de", 16);
-            GOST3410ParametersGenerator pGen = new GOST3410ParametersGenerator();
-
-            pGen.init(1024, 2, init_random);
-
-            GOST3410Parameters params = pGen.generateParameters();
-
-            if (!pValue.equals(params.getP()) || !qValue.equals(params.getQ()))
-            {
-                return new SimpleTestResult(false, getName() + ": p or q wrong");
-            }
-
-            GOST3410KeyPairGenerator GOST3410KeyGen = new GOST3410KeyPairGenerator();
-            GOST3410KeyGenerationParameters genParam = new GOST3410KeyGenerationParameters(keyRandom, params);
-
-            GOST3410KeyGen.init(genParam);
-
-            AsymmetricCipherKeyPair pair = GOST3410KeyGen.generateKeyPair();
-
-            ParametersWithRandom param = new ParametersWithRandom(pair.getPrivate(), random);
-
-            GOST3410Signer GOST3410 = new GOST3410Signer();
-
-            GOST3410.init(true, param);
-
-            BigInteger[] sig = GOST3410.generateSignature(hashmessage);
-
-            if (!r.equals(sig[0]))
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": r component wrong." + Strings.lineSeparator()
-                    + " expecting: " + r.toString(16) + Strings.lineSeparator()
-                    + " got      : " + sig[0].toString(16));
-            }
-
-            if (!s.equals(sig[1]))
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": s component wrong." + Strings.lineSeparator()
-                    + " expecting: " + s.toString(16) + Strings.lineSeparator()
-                    + " got      : " + sig[1].toString(16));
-            }
-
-            GOST3410.init(false, pair.getPublic());
-
-            if (GOST3410.verifySignature(hashmessage, sig[0], sig[1]))
-            {
-                return new SimpleTestResult(true, getName() + ": Okay");
-            }
-            else
-            {
-                return new SimpleTestResult(false, getName() + ": verification fails");
-            }
-        }
-    }
-
-    public String getName()
-    {
-        return "GOST3410";
-    }
-
-    private class GOST3410_BExParam
-        implements Test
-    {
-        public String getName()
-        {
-            return "GOST3410-BExParam";
-        }
-
-        SecureRandom init_random = new SecureRandom()
-        {
-            boolean firstLong = true;
-
-            public long nextLong()
-            {
-                String x0 = "0x7A007804";
-                String c = "0xD31A4FF7";
-
-                if (firstLong)
-                {
-                    firstLong = false;
-                    return NumberParsing.decodeLongFromHex(x0);
-                }
-                return NumberParsing.decodeLongFromHex(c);
-            }
-
-            public void nextBytes(byte[] bytes)
-            {
-                byte[] d = Hex.decode("7ec123d161477762838c2bea9dbdf33074af6d41d108a066a1e7a07ab3048de2");
-
-                System.arraycopy(d, 0, bytes, bytes.length - d.length, d.length);
-            }
-        };
-
-        SecureRandom random = new SecureRandom()
-        {
-            public void nextBytes(byte[] bytes)
-            {
-                byte[] k = Hex.decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A");
-
-                int i;
-
-                for (i = 0; i < (bytes.length - k.length); i += k.length)
-                {
-                    System.arraycopy(k, 0, bytes, i, k.length);
-                }
-
-                if (i > bytes.length)
-                {
-                    System.arraycopy(k, 0, bytes, i - k.length, bytes.length - (i - k.length));
-                }
-                else
-                {
-                    System.arraycopy(k, 0, bytes, i, bytes.length - i);
-                }
-            }
-        };
-
-        SecureRandom keyRandom = new SecureRandom()
-        {
-            public void nextBytes(byte[] bytes)
-            {
-                byte[] x = Hex.decode("3036314538303830343630454235324435324234314132373832433138443046");
-
-                int i;
-
-                for (i = 0; i < (bytes.length - x.length); i += x.length)
-                {
-                    System.arraycopy(x, 0, bytes, i, x.length);
-                }
-
-                if (i > bytes.length)
-                {
-                    System.arraycopy(x, 0, bytes, i - x.length, bytes.length - (i - x.length));
-                }
-                else
-                {
-                    System.arraycopy(x, 0, bytes, i, bytes.length - i);
-                }
-            }
-        };
-
-        BigInteger pValue = new BigInteger("9286dbda91eccfc3060aa5598318e2a639f5ba90a4ca656157b2673fb191cd0589ee05f4cef1bd13508408271458c30851ce7a4ef534742bfb11f4743c8f787b11193ba304c0e6bca25701bf88af1cb9b8fd4711d89f88e32b37d95316541bf1e5dbb4989b3df13659b88c0f97a3c1087b9f2d5317d557dcd4afc6d0a754e279", 16);
-        BigInteger qValue = new BigInteger("c966e9b3b8b7cdd82ff0f83af87036c38f42238ec50a876cd390e43d67b6013f", 16);
-
-        public TestResult perform()
-        {
-            BigInteger r = new BigInteger("8f79a582513df84dc247bcb624340cc0e5a34c4324a20ce7fe3ab8ff38a9db71", 16);
-            BigInteger s = new BigInteger("7508d22fd6cbb45efd438cb875e43f137247088d0f54b29a7c91f68a65b5fa85", 16);
-            GOST3410ParametersGenerator pGen = new GOST3410ParametersGenerator();
-
-            pGen.init(1024, 2, init_random);
-
-            GOST3410Parameters params = pGen.generateParameters();
-
-            if (!pValue.equals(params.getP()) || !qValue.equals(params.getQ()))
-            {
-                return new SimpleTestResult(false, getName() + ": p or q wrong");
-            }
-
-            GOST3410KeyPairGenerator GOST3410KeyGen = new GOST3410KeyPairGenerator();
-            GOST3410KeyGenerationParameters genParam = new GOST3410KeyGenerationParameters(keyRandom, params);
-
-            GOST3410KeyGen.init(genParam);
-
-            AsymmetricCipherKeyPair pair = GOST3410KeyGen.generateKeyPair();
-
-            ParametersWithRandom param = new ParametersWithRandom(pair.getPrivate(), random);
-
-            GOST3410Signer GOST3410 = new GOST3410Signer();
-
-            GOST3410.init(true, param);
-
-            BigInteger[] sig = GOST3410.generateSignature(hashmessage);
-
-            if (!r.equals(sig[0]))
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": r component wrong." + Strings.lineSeparator()
-                    + " expecting: " + r.toString(16) + Strings.lineSeparator()
-                    + " got      : " + sig[0].toString(16));
-            }
-
-            if (!s.equals(sig[1]))
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": s component wrong." + Strings.lineSeparator()
-                    + " expecting: " + s.toString(16) + Strings.lineSeparator()
-                    + " got      : " + sig[1].toString(16));
-            }
-
-            GOST3410.init(false, pair.getPublic());
-
-            if (GOST3410.verifySignature(hashmessage, sig[0], sig[1]))
-            {
-                return new SimpleTestResult(true, getName() + ": Okay");
-            }
-            else
-            {
-                return new SimpleTestResult(false, getName() + ": verification fails");
-            }
-        }
-    }
-
-    private class GOST3410_CExParam
-        implements Test
-    {
-        public String getName()
-        {
-            return "GOST3410-CExParam";
-        }
-
-        SecureRandom init_random = new SecureRandom()
-        {
-            boolean firstLong = true;
-
-            public long nextLong()
-            {
-                String x0 = "0x162AB910";
-                String c = "0x93F828D3";
-
-                if (firstLong)
-                {
-                    firstLong = false;
-                    return NumberParsing.decodeLongFromHex(x0);
-                }
-                return NumberParsing.decodeLongFromHex(c);
-            }
-
-            public void nextBytes(byte[] bytes)
-            {
-                byte[] d = Hex.decode("ca82cce78a738bc46f103d53b9bf809745ec845e4f6da462606c51f60ecf302e31204b81");
-
-                System.arraycopy(d, 0, bytes, bytes.length - d.length, d.length);
-            }
-        };
-
-        SecureRandom random = new SecureRandom()
-        {
-            public void nextBytes(byte[] bytes)
-            {
-                byte[] k = Hex.decode("90F3A564439242F5186EBB224C8E223811B7105C64E4F5390807E6362DF4C72A");
-
-                int i;
-
-                for (i = 0; i < (bytes.length - k.length); i += k.length)
-                {
-                    System.arraycopy(k, 0, bytes, i, k.length);
-                }
-
-                if (i > bytes.length)
-                {
-                    System.arraycopy(k, 0, bytes, i - k.length, bytes.length - (i - k.length));
-                }
-                else
-                {
-                    System.arraycopy(k, 0, bytes, i, bytes.length - i);
-                }
-            }
-        };
-
-        SecureRandom keyRandom = new SecureRandom()
-        {
-            public void nextBytes(byte[] bytes)
-            {
-                byte[] x = Hex.decode("3036314538303830343630454235324435324234314132373832433138443046");
-
-                int i;
-
-                for (i = 0; i < (bytes.length - x.length); i += x.length)
-                {
-                    System.arraycopy(x, 0, bytes, i, x.length);
-                }
-
-                if (i > bytes.length)
-                {
-                    System.arraycopy(x, 0, bytes, i - x.length, bytes.length - (i - x.length));
-                }
-                else
-                {
-                    System.arraycopy(x, 0, bytes, i, bytes.length - i);
-                }
-            }
-        };
-
-        BigInteger pValue = new BigInteger("b194036ace14139d36d64295ae6c50fc4b7d65d8b340711366ca93f383653908ee637be428051d86612670ad7b402c09b820fa77d9da29c8111a8496da6c261a53ed252e4d8a69a20376e6addb3bdcd331749a491a184b8fda6d84c31cf05f9119b5ed35246ea4562d85928ba1136a8d0e5a7e5c764ba8902029a1336c631a1d", 16);
-        BigInteger qValue = new BigInteger("96120477df0f3896628e6f4a88d83c93204c210ff262bccb7dae450355125259", 16);
-
-        public TestResult perform()
-        {
-            BigInteger r = new BigInteger("169fdb2dc09f690b71332432bfec806042e258fa9a21dafe73c6abfbc71407d9", 16);
-            BigInteger s = new BigInteger("9002551808ae40d19f6f31fb67e4563101243cf07cffd5f2f8ff4c537b0c9866", 16);
-            GOST3410ParametersGenerator pGen = new GOST3410ParametersGenerator();
-
-            pGen.init(1024, 2, init_random);
-
-            GOST3410Parameters params = pGen.generateParameters();
-
-            if (!pValue.equals(params.getP()) || !qValue.equals(params.getQ()))
-            {
-                return new SimpleTestResult(false, getName() + ": p or q wrong");
-            }
-
-            GOST3410KeyPairGenerator GOST3410KeyGen = new GOST3410KeyPairGenerator();
-            GOST3410KeyGenerationParameters genParam = new GOST3410KeyGenerationParameters(keyRandom, params);
-
-            GOST3410KeyGen.init(genParam);
-
-            AsymmetricCipherKeyPair pair = GOST3410KeyGen.generateKeyPair();
-
-            ParametersWithRandom param = new ParametersWithRandom(pair.getPrivate(), random);
-
-            GOST3410Signer GOST3410 = new GOST3410Signer();
-
-            GOST3410.init(true, param);
-
-            BigInteger[] sig = GOST3410.generateSignature(hashmessage);
-
-            if (!r.equals(sig[0]))
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": r component wrong." + Strings.lineSeparator()
-                    + " expecting: " + r.toString(16) + Strings.lineSeparator()
-                    + " got      : " + sig[0].toString(16));
-            }
-
-            if (!s.equals(sig[1]))
-            {
-                return new SimpleTestResult(false, getName()
-                    + ": s component wrong." + Strings.lineSeparator()
-                    + " expecting: " + s.toString(16) + Strings.lineSeparator()
-                    + " got      : " + sig[1].toString(16));
-            }
-
-            GOST3410.init(false, pair.getPublic());
-
-            if (GOST3410.verifySignature(hashmessage, sig[0], sig[1]))
-            {
-                return new SimpleTestResult(true, getName() + ": Okay");
-            }
-            else
-            {
-                return new SimpleTestResult(false, getName() + ": verification fails");
-            }
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/GOST3411DigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/GOST3411DigestTest.java
deleted file mode 100644
index d7928c5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/GOST3411DigestTest.java
+++ /dev/null

@@ -1,82 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.GOST3411Digest;
-import org.bouncycastle.crypto.generators.PKCS5S1ParametersGenerator;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-
-public class GOST3411DigestTest
-    extends DigestTest
-{
-    private static final String[] messages =
-    {
-        "",
-        "This is message, length=32 bytes",
-        "Suppose the original message has length = 50 bytes",
-        "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789"
-    };
-    
-//  If S-box = D-A (see: digest/GOST3411Digest.java; function: E(byte[] in, byte[] key); string: CipherParameters  param = new GOST28147Parameters(key,"D-A");)
-    private static final String[] digests =
-    {
-        "981e5f3ca30c841487830f84fb433e13ac1101569b9c13584ac483234cd656c0",
-        "2cefc2f7b7bdc514e18ea57fa74ff357e7fa17d652c75f69cb1be7893ede48eb",
-        "c3730c5cbccacf915ac292676f21e8bd4ef75331d9405e5f1a61dc3130a65011",
-        "73b70a39497de53a6e08c67b6d4db853540f03e9389299d9b0156ef7e85d0f61"
-    };
-
-//  If S-box = D-Test (see: digest/GOST3411Digest.java; function:E(byte[] in, byte[] key); string: CipherParameters  param = new GOST28147Parameters(key,"D-Test");)
-//    private static final String[] digests =
-//    {
-//        "ce85b99cc46752fffee35cab9a7b0278abb4c2d2055cff685af4912c49490f8d",
-//        "b1c466d37519b82e8319819ff32595e047a28cb6f83eff1c6916a815a637fffa",
-//        "471aba57a60a770d3a76130635c1fbea4ef14de51f78b4ae57dd893b62f55208",
-//        "95c1af627c356496d80274330b2cff6a10c67b5f597087202f94d06d2338cf8e"
-//    };
-    
-    // 1 million 'a'
-    static private String  million_a_digest = "8693287aa62f9478f7cb312ec0866b6c4e4a0f11160441e8f4ffcd2715dd554f";
-
-    GOST3411DigestTest()
-    {
-        super(new GOST3411Digest(), messages, digests);
-    }
-
-    public void performTest()
-    {
-        super.performTest();
-
-        millionATest(million_a_digest);
-
-        HMac gMac = new HMac(new GOST3411Digest());
-
-        gMac.init(new KeyParameter(PKCS5S1ParametersGenerator.PKCS5PasswordToUTF8Bytes("1".toCharArray())));
-
-        byte[] data = Strings.toByteArray("fred");
-
-        gMac.update(data, 0, data.length);
-        byte[] mac = new byte[gMac.getMacSize()];
-
-        gMac.doFinal(mac, 0);
-
-        if (!Arrays.areEqual(Hex.decode("e9f98610cfc80084462b175a15d2b4ec10b2ab892eae5a6179d572d9b1db6b72"), mac))
-        {
-            fail("mac calculation failed.");
-        }
-    }
-
-    protected Digest cloneDigest(Digest digest)
-    {
-        return new GOST3411Digest((GOST3411Digest)digest);
-    }
-    
-    public static void main(
-        String[]    args)
-    {
-        runTest(new GOST3411DigestTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/GOST3411_2012_256DigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/GOST3411_2012_256DigestTest.java
deleted file mode 100644
index c96de7d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/GOST3411_2012_256DigestTest.java
+++ /dev/null

@@ -1,90 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.util.ArrayList;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.GOST3411_2012_256Digest;
-import org.bouncycastle.crypto.digests.GOST3411_2012_512Digest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-
-public class GOST3411_2012_256DigestTest
-    extends DigestTest
-{
-    private static final String[] messages;
-
-    private static char[] M1 =
-        {
-            0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39,
-            0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39,
-            0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39,
-            0x30, 0x31, 0x32
-        };
-
-    private static char[] M2=
-        {
-            0xd1,0xe5,0x20,0xe2,0xe5,0xf2,0xf0,0xe8,0x2c,0x20,0xd1,0xf2,0xf0,0xe8,0xe1,0xee,0xe6,0xe8,0x20,0xe2,
-            0xed,0xf3,0xf6,0xe8,0x2c,0x20,0xe2,0xe5,0xfe,0xf2,0xfa,0x20,0xf1,0x20,0xec,0xee,0xf0,0xff,0x20,0xf1,
-            0xf2,0xf0,0xe5,0xeb,0xe0,0xec,0xe8,0x20,0xed,0xe0,0x20,0xf5,0xf0,0xe0,0xe1,0xf0,0xfb,0xff,0x20,0xef,
-            0xeb,0xfa,0xea,0xfb,0x20,0xc8,0xe3,0xee,0xf0,0xe5,0xe2,0xfb
-        };
-
-    static
-    {
-
-        ArrayList<String> strList = new ArrayList<String>();
-
-        strList.add(new String(M1));
-        strList.add(new String(M2));
-
-        messages = new String[strList.size()];
-        for (int i = 0; i < strList.size(); i++)
-        {
-            messages[i] = (String)strList.get(i);
-        }
-    }
-
-    private static final String[] digests = {
-        "9d151eefd8590b89daa6ba6cb74af9275dd051026bb149a452fd84e5e57b5500",
-        "9dd2fe4e90409e5da87f53976d7405b0c0cac628fc669a741d50063c557e8f50"
-    };
-
-    GOST3411_2012_256DigestTest()
-    {
-        super(new GOST3411_2012_256Digest(), messages, digests);
-    }
-
-    public void performTest()
-    {
-        super.performTest();
-
-        HMac gMac = new HMac(new GOST3411_2012_256Digest());
-
-        gMac.init(new KeyParameter(Hex.decode("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f")));
-
-        byte[] data = Hex.decode("0126bdb87800af214341456563780100");
-
-        gMac.update(data, 0, data.length);
-        byte[] mac = new byte[gMac.getMacSize()];
-
-        gMac.doFinal(mac, 0);
-
-        if (!Arrays.areEqual(Hex.decode("a1aa5f7de402d7b3d323f2991c8d4534013137010a83754fd0af6d7cd4922ed9"), mac))
-        {
-            fail("mac calculation failed.");
-        }
-    }
-
-    protected Digest cloneDigest(Digest digest)
-    {
-        return new GOST3411_2012_256Digest((GOST3411_2012_256Digest)digest);
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new GOST3411_2012_256DigestTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/GOST3411_2012_512DigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/GOST3411_2012_512DigestTest.java
deleted file mode 100644
index 7701cf8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/GOST3411_2012_512DigestTest.java
+++ /dev/null

@@ -1,89 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.util.ArrayList;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.GOST3411Digest;
-import org.bouncycastle.crypto.digests.GOST3411_2012_512Digest;
-import org.bouncycastle.crypto.generators.PKCS5S1ParametersGenerator;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-
-public class GOST3411_2012_512DigestTest
-    extends DigestTest
-{
-    private static final String[] messages;
-
-    private static char[] M1 =
-        {
-            0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39,
-            0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39,
-            0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39, 0x30, 0x31, 0x32, 0x33, 0x34, 0x35, 0x36, 0x37, 0x38, 0x39,
-            0x30, 0x31, 0x32
-        };
-
-    private static char[] M2=
-        {
-            0xd1,0xe5,0x20,0xe2,0xe5,0xf2,0xf0,0xe8,0x2c,0x20,0xd1,0xf2,0xf0,0xe8,0xe1,0xee,0xe6,0xe8,0x20,0xe2,
-            0xed,0xf3,0xf6,0xe8,0x2c,0x20,0xe2,0xe5,0xfe,0xf2,0xfa,0x20,0xf1,0x20,0xec,0xee,0xf0,0xff,0x20,0xf1,
-            0xf2,0xf0,0xe5,0xeb,0xe0,0xec,0xe8,0x20,0xed,0xe0,0x20,0xf5,0xf0,0xe0,0xe1,0xf0,0xfb,0xff,0x20,0xef,
-            0xeb,0xfa,0xea,0xfb,0x20,0xc8,0xe3,0xee,0xf0,0xe5,0xe2,0xfb
-        };
-
-    static
-    {
-        ArrayList<String> strList = new ArrayList<String>();
-
-        strList.add(new String(M1));
-        strList.add(new String(M2));
-        messages = new String[strList.size()];
-        for (int i = 0; i < strList.size(); i++)
-        {
-            messages[i] = (String)strList.get(i);
-        }
-    }
-
-    private static final String[] digests = {
-        "1b54d01a4af5b9d5cc3d86d68d285462b19abc2475222f35c085122be4ba1ffa00ad30f8767b3a82384c6574f024c311e2a481332b08ef7f41797891c1646f48",
-        "1e88e62226bfca6f9994f1f2d51569e0daf8475a3b0fe61a5300eee46d961376035fe83549ada2b8620fcd7c496ce5b33f0cb9dddc2b6460143b03dabac9fb28",
-    };
-
-    public GOST3411_2012_512DigestTest()
-    {
-        super(new GOST3411_2012_512Digest(), messages, digests);
-    }
-
-    public void performTest()
-    {
-        super.performTest();
-
-        HMac gMac = new HMac(new GOST3411_2012_512Digest());
-
-        gMac.init(new KeyParameter(Hex.decode("000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f")));
-
-        byte[] data = Hex.decode("0126bdb87800af214341456563780100");
-
-        gMac.update(data, 0, data.length);
-        byte[] mac = new byte[gMac.getMacSize()];
-
-        gMac.doFinal(mac, 0);
-
-        if (!Arrays.areEqual(Hex.decode("a59bab22ecae19c65fbde6e5f4e9f5d8549d31f037f9df9b905500e171923a773d5f1530f2ed7e964cb2eedc29e9ad2f3afe93b2814f79f5000ffc0366c251e6"), mac))
-        {
-            fail("mac calculation failed.");
-        }
-    }
-
-    protected Digest cloneDigest(Digest digest)
-    {
-        return new GOST3411_2012_512Digest((GOST3411_2012_512Digest)digest);
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new GOST3411_2012_512DigestTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/GOST3412MacTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/GOST3412MacTest.java
deleted file mode 100644
index 3c4fe3b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/GOST3412MacTest.java
+++ /dev/null

@@ -1,71 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.engines.GOST3412_2015Engine;
-import org.bouncycastle.crypto.macs.CMac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-/**
- * see GOST_R_3413-2015
- */
-public class GOST3412MacTest
-    implements Test
-{
-
-    public String getName()
-    {
-        return "GOST 3412 2015 MAC test";
-    }
-
-    public TestResult perform()
-    {
-
-
-        byte[][] inputs = new byte[][]{
-            Hex.decode("1122334455667700ffeeddccbbaa9988"),
-            Hex.decode("00112233445566778899aabbcceeff0a"),
-            Hex.decode("112233445566778899aabbcceeff0a00"),
-            Hex.decode("2233445566778899aabbcceeff0a0011"),
-        };
-        Mac mac = new CMac(new GOST3412_2015Engine(), 64);
-
-        byte[] output = Hex.decode("336f4d296059fbe3");
-
-        KeyParameter key =
-            new KeyParameter(Hex.decode("8899aabbccddeeff0011223344556677fedcba98765432100123456789abcdef"));
-        mac.init(key);
-
-        for (int i = 0; i != inputs.length; i++)
-        {
-            mac.update(inputs[i], 0, inputs[i].length);
-        }
-
-        byte[] out = new byte[8];
-
-        mac.doFinal(out, 0);
-
-        if (!Arrays.areEqual(out, output))
-        {
-            return new SimpleTestResult(false, getName() + ": Failed test 1 - expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(out)));
-        }
-
-        return new SimpleTestResult(true, getName() + ": Okay");
-
-    }
-
-
-    public static void main(String[] args)
-    {
-        GOST3412MacTest test = new GOST3412MacTest();
-        TestResult result = test.perform();
-
-        System.out.println(result);
-    }
-
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/GOST3412Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/GOST3412Test.java
deleted file mode 100644
index 48a78e1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/GOST3412Test.java
+++ /dev/null

@@ -1,99 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.engines.GOST3412_2015Engine;
-import org.bouncycastle.crypto.modes.G3413CBCBlockCipher;
-import org.bouncycastle.crypto.modes.G3413CFBBlockCipher;
-import org.bouncycastle.crypto.modes.G3413CTRBlockCipher;
-import org.bouncycastle.crypto.modes.G3413OFBBlockCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class GOST3412Test
-    extends CipherTest
-{
-
-    private byte[][] inputs = new byte[][]{
-        Hex.decode("1122334455667700ffeeddccbbaa9988"),
-        Hex.decode("00112233445566778899aabbcceeff0a"),
-        Hex.decode("112233445566778899aabbcceeff0a00"),
-        Hex.decode("2233445566778899aabbcceeff0a0011")
-    };
-
-
-    static SimpleTest[] tests = {
-
-//         ECB
-        new BlockCipherVectorTest(1, new GOST3412_2015Engine(),
-            new KeyParameter(Hex.decode("8899aabbccddeeff0011223344556677fedcba98765432100123456789abcdef")),
-            "1122334455667700ffeeddccbbaa9988", "7f679d90bebc24305a468d42b9d4edcd"),
-
-        // CFB
-        new BlockCipherVectorTest(2, new G3413CFBBlockCipher(new GOST3412_2015Engine()),
-            new ParametersWithIV(new KeyParameter(Hex.decode("8899aabbccddeeff0011223344556677fedcba98765432100123456789abcdef")),
-                Hex.decode("1234567890abcef0a1b2c3d4e5f0011223344556677889901213141516171819")),
-            "1122334455667700ffeeddccbbaa998800112233445566778899aabbcceeff0a112233445566778899aabbcceeff0a002233445566778899aabbcceeff0a0011",
-            "81800a59b1842b24ff1f795e897abd95ed5b47a7048cfab48fb521369d9326bf79f2a8eb5cc68d38842d264e97a238b54ffebecd4e922de6c75bd9dd44fbf4d1"),
-
-        new BlockCipherVectorTest(3, new G3413CFBBlockCipher(new GOST3412_2015Engine(), 8),
-            new ParametersWithIV(
-                new KeyParameter(Hex.decode("8899aabbccddeeff0011223344556677fedcba98765432100123456789abcdef")),
-                Hex.decode("1234567890abcef0a1b2c3d4e5f0011223344556677889901213141516171819")),
-            "1122334455667700ffeeddccbbaa998800112233445566778899aabbcceeff0a112233445566778899aabbcceeff0a002233445566778899aabbcceeff0a0011",
-            "819b19c5867e61f1cf1b16f664f66e46ed8fcb82b1110b1e7ec03bfa6611f2eabd7a32363691cbdc3bbe403bc80552d822c2cdf483981cd71d5595453d7f057d"),
-
-        // OFB
-        new BlockCipherVectorTest(4, new G3413OFBBlockCipher(new GOST3412_2015Engine()),
-            new ParametersWithIV(
-                new KeyParameter(Hex.decode("8899aabbccddeeff0011223344556677fedcba98765432100123456789abcdef")),
-                Hex.decode("1234567890abcef0a1b2c3d4e5f0011223344556677889901213141516171819")),
-            "1122334455667700ffeeddccbbaa998800112233445566778899aabbcceeff0a112233445566778899aabbcceeff0a002233445566778899aabbcceeff0a0011",
-            "81800a59b1842b24ff1f795e897abd95ed5b47a7048cfab48fb521369d9326bf66a257ac3ca0b8b1c80fe7fc10288a13203ebbc066138660a0292243f6903150"),
-
-//CBC
-        new BlockCipherVectorTest(5, new G3413CBCBlockCipher(new GOST3412_2015Engine()),
-            new ParametersWithIV(new KeyParameter(Hex.decode("8899aabbccddeeff0011223344556677fedcba98765432100123456789abcdef")), Hex.decode("1234567890abcef0a1b2c3d4e5f0011223344556677889901213141516171819")),
-            "1122334455667700ffeeddccbbaa998800112233445566778899aabbcceeff0a112233445566778899aabbcceeff0a002233445566778899aabbcceeff0a0011",
-            "689972d4a085fa4d90e52e3d6d7dcc272826e661b478eca6af1e8e448d5ea5acfe7babf1e91999e85640e8b0f49d90d0167688065a895c631a2d9a1560b63970"),
-//CTR
-        new BlockCipherVectorTest(6, new G3413CTRBlockCipher(new GOST3412_2015Engine()),
-            new ParametersWithIV(new KeyParameter(Hex.decode("8899aabbccddeeff0011223344556677fedcba98765432100123456789abcdef")),
-                Hex.decode("1234567890abcef0")),
-            "1122334455667700ffeeddccbbaa998800112233445566778899aabbcceeff0a112233445566778899aabbcceeff0a002233445566778899aabbcceeff0a0011",
-            "f195d8bec10ed1dbd57b5fa240bda1b885eee733f6a13e5df33ce4b33c45dee4a5eae88be6356ed3d5e877f13564a3a5cb91fab1f20cbab6d1c6d15820bdba73"),
-        new BlockCipherVectorTest(7, new G3413CTRBlockCipher(new GOST3412_2015Engine(), 8),
-            new ParametersWithIV(new KeyParameter(Hex.decode("8899aabbccddeeff0011223344556677fedcba98765432100123456789abcdef")),
-                Hex.decode("1234567890abcef0")),
-            "1122334455667700ffeeddccbbaa998800112233445566778899aabbcceeff0a112233445566778899aabbcceeff0a002233445566778899aabbcceeff0a0011",
-            "f1a787ad3a88f9a0bc735293f98c12c3eb31621b9b2e6461c7ef73a2e6a6b1793ddf722f7b1d22a722ec4d3edbc313bcd356b313d37af9e5ef934fa223c13fe2")
-
-
-    };
-
-
-    protected GOST3412Test()
-    {
-        super(tests, new GOST3412_2015Engine(), new KeyParameter(new byte[32]));
-    }
-
-    public String getName()
-    {
-        return "GOST 34.12 2015";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        super.performTest();
-
-//        cfbTest();
-//        ofbTest();
-    }
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new GOST3412Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/GSKKDFTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/GSKKDFTest.java
deleted file mode 100644
index 30264ff..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/GSKKDFTest.java
+++ /dev/null

@@ -1,63 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.agreement.kdf.GSKKDFParameters;
-import org.bouncycastle.crypto.agreement.kdf.GSKKFDGenerator;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class GSKKDFTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "GSKKDFTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        GSKKFDGenerator gen = new GSKKFDGenerator(new SHA256Digest());
-
-        byte[] key = new byte[16];
-
-        gen.init(new GSKKDFParameters(Hex.decode("0102030405060708090a"), 1, Hex.decode("27252622")));
-
-        gen.generateBytes(key, 0, key.length);
-        areEqual(Hex.decode("bd9ff24b9cc4d91b70af951989b4d719"), key);
-        
-        gen.generateBytes(key, 0, key.length);
-        areEqual(Hex.decode("d5934f681ad1e860981eb1792af68e20"), key);
-
-        gen = new GSKKFDGenerator(new SHA256Digest());
-        
-        gen.init(new GSKKDFParameters(Hex.decode("0102030405060708090a"), 2, Hex.decode("27252622")));
-
-        gen.generateBytes(key, 0, key.length);
-        areEqual(Hex.decode("d5934f681ad1e860981eb1792af68e20"), key);
-
-        gen.init(new GSKKDFParameters(Hex.decode("0102030405060708090a"), 1));
-
-        gen.generateBytes(key, 0, key.length);
-        areEqual(Hex.decode("3c6e999b2cb08d8d8dd261cd23f15ed6"), key);
-
-        gen.generateBytes(key, 0, key.length);
-        areEqual(Hex.decode("019ce1fcf81b94602f2f8678be905e0e"), key);
-
-        try
-        {
-            gen.generateBytes(key, 1, key.length);
-        }
-        catch (DataLengthException e)
-        {
-            isEquals("output buffer too small", e.getMessage());
-        }
-    }
-    
-    public static void main(
-        String[]    args)
-    {
-        runTest(new GSKKDFTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/Grain128Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/Grain128Test.java
deleted file mode 100644
index afac2e0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/Grain128Test.java
+++ /dev/null

@@ -1,117 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.StreamCipher;
-import org.bouncycastle.crypto.engines.Grain128Engine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Grain-128 Test
- */
-public class Grain128Test
-    extends SimpleTest
-{
-
-    String keyStream1 = "f09b7bf7d7f6b5c2de2ffc73ac21397f";
-    String keyStream2 = "afb5babfa8de896b4b9c6acaf7c4fbfd";
-
-    public String getName()
-    {
-        return "Grain-128";
-    }
-
-    public void performTest()
-    {
-        Grain128Test1(new ParametersWithIV(new KeyParameter(Hex
-            .decode("00000000000000000000000000000000")), Hex
-            .decode("000000000000000000000000")));
-        Grain128Test2(new ParametersWithIV(new KeyParameter(Hex
-            .decode("0123456789abcdef123456789abcdef0")), Hex
-            .decode("0123456789abcdef12345678")));
-        Grain128Test3(new ParametersWithIV(new KeyParameter(Hex
-            .decode("0123456789abcdef123456789abcdef0")), Hex
-            .decode("0123456789abcdef12345678")));
-    }
-
-    private void Grain128Test1(CipherParameters params)
-    {
-        StreamCipher grain = new Grain128Engine();
-        byte[] in = new byte[16];
-        byte[] out = new byte[16];
-
-        grain.init(true, params);
-
-        grain.processBytes(in, 0, in.length, out, 0);
-
-        if (!areEqual(out, Hex.decode(keyStream1)))
-        {
-            mismatch("Keystream 1", keyStream1, out);
-        }
-
-        grain.reset();
-
-        grain.processBytes(in, 0, in.length, out, 0);
-
-        if (!areEqual(out, Hex.decode(keyStream1)))
-        {
-            mismatch("Keystream 1", keyStream1, out);
-        }
-    }
-
-    private void Grain128Test2(CipherParameters params)
-    {
-        StreamCipher grain = new Grain128Engine();
-        byte[] in = new byte[16];
-        byte[] out = new byte[16];
-
-        grain.init(true, params);
-
-        grain.processBytes(in, 0, in.length, out, 0);
-
-        if (!areEqual(out, Hex.decode(keyStream2)))
-        {
-            mismatch("Keystream 2", keyStream2, out);
-        }
-
-        grain.reset();
-
-        grain.processBytes(in, 0, in.length, out, 0);
-
-        if (!areEqual(out, Hex.decode(keyStream2)))
-        {
-            mismatch("Keystream 2", keyStream2, out);
-        }
-    }
-
-    private void Grain128Test3(CipherParameters params)
-    {
-        StreamCipher grain = new Grain128Engine();
-        byte[] in = "Encrypt me!".getBytes();
-        byte[] cipher = new byte[in.length];
-        byte[] clear = new byte[in.length];
-
-        grain.init(true, params);
-
-        grain.processBytes(in, 0, in.length, cipher, 0);
-        grain.reset();
-        grain.processBytes(cipher, 0, cipher.length, clear, 0);
-
-        if (!areEqual(in, clear))
-        {
-            mismatch("Test 3", new String(Hex.encode(in)), clear);
-        }
-    }
-
-    private void mismatch(String name, String expected, byte[] found)
-    {
-        fail("mismatch on " + name, expected, new String(Hex.encode(found)));
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new Grain128Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/Grainv1Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/Grainv1Test.java
deleted file mode 100644
index b76c1f2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/Grainv1Test.java
+++ /dev/null

@@ -1,140 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.StreamCipher;
-import org.bouncycastle.crypto.engines.Grainv1Engine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Grain v1 Test
- */
-public class Grainv1Test
-    extends SimpleTest
-{
-
-    String keyStream1 = "dee931cf1662a72f77d0";
-    String keyStream2 = "7f362bd3f7abae203664";
-    String keyStream4 = "017D13ECB20AE0C9ACF784CB06525F72"
-        + "CE6D52BEBB948F124668C35064559024"
-        + "49EEA505C19F3EE4D052C3D19DA9C4D1"
-        + "B92DBC7F07AFEA6A3D845DE60D8471FD";
-
-    public String getName()
-    {
-        return "Grain v1";
-    }
-
-    public void performTest()
-    {
-        Grainv1Test1(new ParametersWithIV(new KeyParameter(Hex
-            .decode("00000000000000000000")), Hex
-            .decode("0000000000000000")));
-        Grainv1Test2(new ParametersWithIV(new KeyParameter(Hex
-            .decode("0123456789abcdef1234")), Hex
-            .decode("0123456789abcdef")));
-        Grainv1Test3(new ParametersWithIV(new KeyParameter(Hex
-            .decode("0123456789abcdef1234")), Hex
-            .decode("0123456789abcdef")));
-        Grainv1Test4(new ParametersWithIV(new KeyParameter(Hex
-            .decode("0F62B5085BAE0154A7FA")), Hex
-            .decode("288FF65DC42B92F9")));
-    }
-
-    private void Grainv1Test1(CipherParameters params)
-    {
-        StreamCipher grain = new Grainv1Engine();
-        byte[] in = new byte[10];
-        byte[] out = new byte[10];
-
-        grain.init(true, params);
-
-        grain.processBytes(in, 0, in.length, out, 0);
-
-        if (!areEqual(out, Hex.decode(keyStream1)))
-        {
-            mismatch("Keystream 1", keyStream1, out);
-        }
-
-        grain.reset();
-
-        grain.processBytes(in, 0, in.length, out, 0);
-
-        if (!areEqual(out, Hex.decode(keyStream1)))
-        {
-            mismatch("Keystream 1", keyStream1, out);
-        }
-    }
-
-    private void Grainv1Test2(CipherParameters params)
-    {
-        StreamCipher grain = new Grainv1Engine();
-        byte[] in = new byte[10];
-        byte[] out = new byte[10];
-
-        grain.init(true, params);
-
-        grain.processBytes(in, 0, in.length, out, 0);
-
-        if (!areEqual(out, Hex.decode(keyStream2)))
-        {
-            mismatch("Keystream 2", keyStream2, out);
-        }
-
-        grain.reset();
-
-        grain.processBytes(in, 0, in.length, out, 0);
-
-        if (!areEqual(out, Hex.decode(keyStream2)))
-        {
-            mismatch("Keystream 2", keyStream2, out);
-        }
-    }
-
-    private void Grainv1Test3(CipherParameters params)
-    {
-        StreamCipher grain = new Grainv1Engine();
-        byte[] in = "Encrypt me!".getBytes();
-        byte[] cipher = new byte[in.length];
-        byte[] clear = new byte[in.length];
-
-        grain.init(true, params);
-
-        grain.processBytes(in, 0, in.length, cipher, 0);
-        grain.reset();
-        grain.processBytes(cipher, 0, cipher.length, clear, 0);
-
-        if (!areEqual(in, clear))
-        {
-            mismatch("Test 3", new String(Hex.encode(in)), clear);
-        }
-    }
-
-    private void Grainv1Test4(CipherParameters params)
-    {
-        StreamCipher grain = new Grainv1Engine();
-        byte[] in = new byte[keyStream4.length() / 2];
-        byte[] out = new byte[in.length];
-
-        grain.init(true, params);
-
-        grain.processBytes(in, 0, in.length, out, 0);
-
-        if (!areEqual(out, Hex.decode(keyStream4)))
-        {
-            mismatch("Keystream 4", keyStream4, out);
-        }
-    }
-
-    private void mismatch(String name, String expected, byte[] found)
-    {
-        fail("mismatch on " + name, expected, new String(Hex.encode(found)));
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new Grainv1Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/HCFamilyTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/HCFamilyTest.java
deleted file mode 100644
index 5604d9c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/HCFamilyTest.java
+++ /dev/null

@@ -1,192 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.StreamCipher;
-import org.bouncycastle.crypto.engines.HC128Engine;
-import org.bouncycastle.crypto.engines.HC256Engine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * HC-128 and HC-256 Tests. Based on the test vectors in the official reference
- * papers, respectively:
- * <pre>
- * http://www.ecrypt.eu.org/stream/p3ciphers/hc/hc128_p3.pdf
- * http://www.ecrypt.eu.org/stream/p3ciphers/hc/hc256_p3.pdf
- * </pre>
- * See HCFamilyVecTest for a more exhaustive test based on the ecrypt vectors.
- */
-public class HCFamilyTest
-    extends SimpleTest
-{
-    private static final byte[] MSG = new byte[64];
-
-    private static String[][] HC128_VerifiedTest =
-        {
-            {
-                "Set 2, vector#  0",
-                "00000000000000000000000000000000",
-                "00000000000000000000000000000000",
-                "82001573A003FD3B7FD72FFB0EAF63AA" +
-                "C62F12DEB629DCA72785A66268EC758B" +
-                "1EDB36900560898178E0AD009ABF1F49" +
-                "1330DC1C246E3D6CB264F6900271D59C"
-            },
-            {
-                "Set 6, vector#  0",
-                "0053A6F94C9FF24598EB3E91E4378ADD",
-                "0D74DB42A91077DE45AC137AE148AF16",
-                "2E1ED12A8551C05AF41FF39D8F9DF933" +
-                "122B5235D48FC2A6F20037E69BDBBCE8" +
-                "05782EFC16C455A4B3FF06142317535E" +
-                "F876104C32445138CB26EBC2F88A684C"
-            },
-            {
-                "Set 6, vector#  1",
-                "0558ABFE51A4F74A9DF04396E93C8FE2",
-                "167DE44BB21980E74EB51C83EA51B81F",
-                "4F864BF3C96D0363B1903F0739189138" +
-                "F6ED2BC0AF583FEEA0CEA66BA7E06E63" +
-                "FB28BF8B3CA0031D24ABB511C57DD17B" +
-                "FC2861C32400072CB680DF2E58A5CECC"
-            },
-            {
-                "Set 6, vector#  2",
-                "0A5DB00356A9FC4FA2F5489BEE4194E7",
-                "1F86ED54BB2289F057BE258CF35AC128",
-                "82168AB0023B79AAF1E6B4D823855E14" +
-                "A7084378036A951B1CFEF35173875ED8" +
-                "6CB66AB8410491A08582BE40080C3102" +
-                "193BA567F9E95D096C3CC60927DD7901"
-            },
-            {
-                "Set 6, vector#  3",
-                "0F62B5085BAE0154A7FA4DA0F34699EC",
-                "288FF65DC42B92F960C72E95FC63CA31",
-                "1CD8AEDDFE52E217E835D0B7E84E2922" +
-                "D04B1ADBCA53C4522B1AA604C42856A9" +
-                "0AF83E2614BCE65C0AECABDD8975B557" +
-                "00D6A26D52FFF0888DA38F1DE20B77B7"
-            }
-        };
-
-    private static String[][] HC256_VerifiedTest =
-        {
-            {
-                "Set 2, vector#  0",
-                "00000000000000000000000000000000",
-                "00000000000000000000000000000000",
-                "5B078985D8F6F30D42C5C02FA6B67951" +
-                "53F06534801F89F24E74248B720B4818" +
-                "CD9227ECEBCF4DBF8DBF6977E4AE14FA" +
-                "E8504C7BC8A9F3EA6C0106F5327E6981"
-            },
-            {
-                "Set 2, vector#  9",
-                "09090909090909090909090909090909",
-                "00000000000000000000000000000000",
-                "F5C2926651AEED9AF1A9C2F04C03D081" +
-                "2145B56AEA46EB283A25A4C9E3D8BEB4" +
-                "821B418F06F2B9DCDF1A85AB8C02CD14" +
-                "62E1BBCAEC9AB0E99AA6AFF918BA627C"
-            },
-            {
-                "Set 2, vector#135",
-                "87878787878787878787878787878787",
-                "00000000000000000000000000000000",
-                "CEC0C3852E3B98233EBCB975C10B1191" +
-                "3C69F2275EB97A1402EDF16C6FBE19BE" +
-                "79D65360445BCB63676E6553B609A065" +
-                "0155C3B22DD1975AC0F3F65063A2E16E"
-            },
-            {
-                "Set 6, vector#  0",
-                "0053A6F94C9FF24598EB3E91E4378ADD" +
-                "3083D6297CCF2275C81B6EC11467BA0D",
-                "0D74DB42A91077DE45AC137AE148AF16" +
-                "7DE44BB21980E74EB51C83EA51B81F86",
-                "23D9E70A45EB0127884D66D9F6F23C01" +
-                "D1F88AFD629270127247256C1FFF91E9" +
-                "1A797BD98ADD23AE15BEE6EEA3CEFDBF" +
-                "A3ED6D22D9C4F459DB10C40CDF4F4DFF"
-            },
-            {
-                "Set 6, vector#  1",
-                "0558ABFE51A4F74A9DF04396E93C8FE2" +
-                "3588DB2E81D4277ACD2073C6196CBF12",
-                "167DE44BB21980E74EB51C83EA51B81F" +
-                "86ED54BB2289F057BE258CF35AC1288F",
-                "C44B5262F2EAD9C018213127686DB742" +
-                "A72D3F2D61D18F0F4E7DE5B4F7ADABE0" +
-                "7E0C82033B139F02BAACB4E2F2D0BE30" +
-                "110C3A8A2B621523756692877C905DD0"
-            },
-            {
-                "Set 6, vector#  2",
-                "0A5DB00356A9FC4FA2F5489BEE4194E7" +
-                "3A8DE03386D92C7FD22578CB1E71C417",
-                "1F86ED54BB2289F057BE258CF35AC128" +
-                "8FF65DC42B92F960C72E95FC63CA3198",
-                "9D13AA06122F4F03AE60D507701F1ED0" +
-                "63D7530FF35EE76CAEDCBFB01D8A239E" +
-                "FA4A44B272DE9B4092E2AD56E87C3A60" +
-                "89F5A074D1F6E5B8FC6FABEE0C936F06"
-            },
-            {
-                "Set 6, vector#  3",
-                "0F62B5085BAE0154A7FA4DA0F34699EC" +
-                "3F92E5388BDE3184D72A7DD02376C91C",
-                "288FF65DC42B92F960C72E95FC63CA31" +
-                "98FF66CD349B0269D0379E056CD33AA1",
-                "C8632038DA61679C4685288B37D3E232" +
-                "7BC2D28C266B041FE0CA0D3CFEED8FD5" +
-                "753259BAB757168F85EA96ADABD823CA" +
-                "4684E918423E091565713FEDDE2CCFE0"
-            }
-        };
-
-    public String getName()
-    {
-        return "HC-128 and HC-256";
-    }
-
-    public void performTest()
-    {
-        StreamCipher hc = new HC256Engine();
-
-        for (int i = 0; i != HC256_VerifiedTest.length; i++)
-        {
-            String[] test = HC256_VerifiedTest[i];
-            HCTest(hc, "HC-256 - " + test[0], Hex.decode(test[1]), Hex.decode(test[2]), Hex.decode(test[3]));
-        }
-
-        hc = new HC128Engine();
-
-        for (int i = 0; i != HC128_VerifiedTest.length; i++)
-        {
-            String[] test = HC128_VerifiedTest[i];
-            HCTest(hc, "HC-128 - " + test[0], Hex.decode(test[1]), Hex.decode(test[2]), Hex.decode(test[3]));
-        }
-    }
-
-    private void HCTest(StreamCipher hc, String test, byte[] key, byte[] IV, byte[] expected)
-    {
-        KeyParameter kp = new KeyParameter(key);
-        ParametersWithIV ivp = new ParametersWithIV(kp, IV);
-
-        hc.init(true, ivp);
-        for (int i = 0; i < 64; i++)
-        {
-            if (hc.returnByte(MSG[i]) != expected[i])
-            {
-                fail(test + " failure at byte " + i);
-            }
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new HCFamilyTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/HCFamilyVecTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/HCFamilyVecTest.java
deleted file mode 100644
index 51247e6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/HCFamilyVecTest.java
+++ /dev/null

@@ -1,199 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.io.BufferedReader;
-import java.io.IOException;
-import java.io.InputStreamReader;
-import java.io.Reader;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.StreamCipher;
-import org.bouncycastle.crypto.engines.HC128Engine;
-import org.bouncycastle.crypto.engines.HC256Engine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * HC-128 and HC-256 Tests. Based on the test vectors in the official reference
- * papers, respectively:
- * 
- * http://www.ecrypt.eu.org/stream/p3ciphers/hc/hc128_p3.pdf
- * http://www.ecrypt.eu.org/stream/p3ciphers/hc/hc256_p3.pdf
- */
-public class HCFamilyVecTest
-    extends SimpleTest
-{
-    private static class PeekableLineReader extends BufferedReader
-    {
-        public PeekableLineReader(Reader r) throws IOException
-        {
-            super(r);
-
-            peek = super.readLine();
-        }
-
-        public String peekLine()
-        {
-            return peek;
-        }
-
-        public String readLine() throws IOException
-        {
-            String tmp = peek;
-            peek = super.readLine();
-            return tmp;
-        }
-
-        private String peek; 
-    }
-
-    public String getName()
-    {
-        return "HC-128 and HC-256 (ecrypt)";
-    }
-
-    public void performTest() throws Exception
-    {
-        runTests(new HC128Engine(), "ecrypt_HC-128.txt");
-        runTests(new HC256Engine(), "ecrypt_HC-256_128K_128IV.txt");
-        runTests(new HC256Engine(), "ecrypt_HC-256_256K_128IV.txt");
-        runTests(new HC256Engine(), "ecrypt_HC-256_128K_256IV.txt");
-        runTests(new HC256Engine(), "ecrypt_HC-256_256K_256IV.txt");
-    }
-
-    private void runTests(StreamCipher hc, String fileName) throws IOException
-    {
-        Reader resource = new InputStreamReader(getClass().getResourceAsStream(fileName));
-        PeekableLineReader r = new PeekableLineReader(resource);
-        runAllVectors(hc, fileName, r);
-    }
-
-    private void runAllVectors(StreamCipher hc, String fileName, PeekableLineReader r)
-        throws IOException
-    {
-        for (;;)
-        {
-            String line = r.readLine();
-            if (line == null)
-            {
-                break;
-            }
-
-            line = line.trim();
-
-            if (line.startsWith("Set "))
-            {
-                runVector(hc, fileName, r, dellChar(line, ':'));
-            }
-        }
-    }
-
-    private String dellChar(String s, char c)
-    {
-        StringBuffer b = new StringBuffer();
-
-        for (int i = 0; i != s.length(); i++)
-        {
-            if (s.charAt(i) != c)
-            {
-                b.append(s.charAt(i));
-            }
-        }
-
-        return b.toString();
-    }
-
-    private void runVector(StreamCipher hc, String fileName, PeekableLineReader r, String vectorName)
-        throws IOException
-    {
-//        System.out.println(fileName + " => " + vectorName);
-        String hexKey = readBlock(r);
-        String hexIV = readBlock(r);
-
-        CipherParameters cp = new KeyParameter(Hex.decode(hexKey));
-        cp = new ParametersWithIV(cp, Hex.decode(hexIV));
-        hc.init(true, cp);
-
-        byte[] input = new byte[64];
-        byte[] output = new byte[64];
-        byte[] digest = new byte[64];
-        int pos = 0;
-
-        for (;;)
-        {
-            String line1 = r.peekLine().trim();
-            int equalsPos = line1.indexOf('=');
-            String lead = line1.substring(0, equalsPos - 1);
-
-            String hexData = readBlock(r);
-            byte[] data = Hex.decode(hexData);
-
-            if (lead.equals("xor-digest"))
-            {
-                if (!Arrays.areEqual(data, digest))
-                {
-                    fail("Failed in " + fileName + " for test vector: " + vectorName + " at " + lead);
-//                  System.out.println(fileName + " => " + vectorName + " failed at " + lead); return;
-                }
-                break;
-            }
-
-            int posA = lead.indexOf('[');
-            int posB = lead.indexOf("..");
-            int posC = lead.indexOf(']');
-            int start = Integer.parseInt(lead.substring(posA + 1, posB));
-            int end = Integer.parseInt(lead.substring(posB + 2, posC));
-
-            if (start % 64 != 0 || (end - start != 63))
-            {
-                throw new IllegalStateException(vectorName + ": " + lead + " not on 64 byte boundaries");
-            }
-
-            while (pos < end)
-            {
-                hc.processBytes(input, 0, input.length, output, 0);
-                xor(digest, output);
-                pos += 64;
-            }
-
-            if (!Arrays.areEqual(data, output))
-            {
-                fail("Failed in " + fileName + " for test vector: " + vectorName + " at " + lead);
-//              System.out.println(fileName + " => " + vectorName + " failed at " + lead); return;
-            }
-        }
-    }
-
-    private static String readBlock(PeekableLineReader r) throws IOException
-    {
-        String first = r.readLine().trim();
-        String result = first.substring(first.lastIndexOf(' ') + 1);
-
-        for (;;)
-        {
-            String peek = r.peekLine().trim();
-            if (peek.length() < 1 || peek.indexOf('=') >= 0)
-            {
-                break;
-            }
-            result += r.readLine().trim();
-        }
-
-        return result;
-    }
-
-    private static void xor(byte[] digest, byte[] block)
-    {
-        for (int i = 0; i < digest.length; ++i)
-        {
-            digest[i] ^= block[i];
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new HCFamilyVecTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/HKDFGeneratorTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/HKDFGeneratorTest.java
deleted file mode 100644
index 9513517..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/HKDFGeneratorTest.java
+++ /dev/null

@@ -1,304 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.generators.HKDFBytesGenerator;
-import org.bouncycastle.crypto.params.HKDFParameters;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * HKDF tests - vectors from RFC 5869, + 2 more, 101 and 102
- */
-public class HKDFGeneratorTest
-    extends SimpleTest
-{
-
-    public HKDFGeneratorTest()
-    {
-    }
-
-    private void compareOKM(int test, byte[] calculatedOKM, byte[] testOKM)
-    {
-
-        if (!areEqual(calculatedOKM, testOKM))
-        {
-            fail("HKDF failed generator test " + test);
-        }
-    }
-
-    public void performTest()
-    {
-        {
-            // === A.1. Test Case 1 - Basic test case with SHA-256 ===
-
-            Digest hash = new SHA256Digest();
-            byte[] ikm = Hex
-                .decode("0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b");
-            byte[] salt = Hex.decode("000102030405060708090a0b0c");
-            byte[] info = Hex.decode("f0f1f2f3f4f5f6f7f8f9");
-            int l = 42;
-            byte[] okm = new byte[l];
-
-            HKDFParameters params = new HKDFParameters(ikm, salt, info);
-
-            HKDFBytesGenerator hkdf = new HKDFBytesGenerator(hash);
-            hkdf.init(params);
-            hkdf.generateBytes(okm, 0, l);
-
-            compareOKM(1, okm, Hex.decode(
-                "3cb25f25faacd57a90434f64d0362f2a" +
-                    "2d2d0a90cf1a5a4c5db02d56ecc4c5bf" +
-                    "34007208d5b887185865"));
-        }
-
-        // === A.2. Test Case 2 - Test with SHA-256 and longer inputs/outputs
-        // ===
-        {
-            Digest hash = new SHA256Digest();
-            byte[] ikm = Hex.decode("000102030405060708090a0b0c0d0e0f"
-                + "101112131415161718191a1b1c1d1e1f"
-                + "202122232425262728292a2b2c2d2e2f"
-                + "303132333435363738393a3b3c3d3e3f"
-                + "404142434445464748494a4b4c4d4e4f");
-            byte[] salt = Hex.decode("606162636465666768696a6b6c6d6e6f"
-                + "707172737475767778797a7b7c7d7e7f"
-                + "808182838485868788898a8b8c8d8e8f"
-                + "909192939495969798999a9b9c9d9e9f"
-                + "a0a1a2a3a4a5a6a7a8a9aaabacadaeaf");
-            byte[] info = Hex.decode("b0b1b2b3b4b5b6b7b8b9babbbcbdbebf"
-                + "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf"
-                + "d0d1d2d3d4d5d6d7d8d9dadbdcdddedf"
-                + "e0e1e2e3e4e5e6e7e8e9eaebecedeeef"
-                + "f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff");
-            int l = 82;
-            byte[] okm = new byte[l];
-
-            HKDFParameters params = new HKDFParameters(ikm, salt, info);
-
-            HKDFBytesGenerator hkdf = new HKDFBytesGenerator(hash);
-            hkdf.init(params);
-            hkdf.generateBytes(okm, 0, l);
-
-            compareOKM(2, okm, Hex.decode(
-                "b11e398dc80327a1c8e7f78c596a4934" +
-                    "4f012eda2d4efad8a050cc4c19afa97c" +
-                    "59045a99cac7827271cb41c65e590e09" +
-                    "da3275600c2f09b8367793a9aca3db71" +
-                    "cc30c58179ec3e87c14c01d5c1f3434f" +
-                    "1d87"));
-        }
-
-        {
-            // === A.3. Test Case 3 - Test with SHA-256 and zero-length
-            // salt/info ===
-
-            // setting salt to an empty byte array means that the salt is set to
-            // HashLen zero valued bytes
-            // setting info to null generates an empty byte array as info
-            // structure
-
-            Digest hash = new SHA256Digest();
-            byte[] ikm = Hex
-                .decode("0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b");
-            byte[] salt = new byte[0];
-            byte[] info = null;
-            int l = 42;
-            byte[] okm = new byte[l];
-
-            HKDFParameters params = new HKDFParameters(ikm, salt, info);
-
-            HKDFBytesGenerator hkdf = new HKDFBytesGenerator(hash);
-            hkdf.init(params);
-            hkdf.generateBytes(okm, 0, l);
-
-            compareOKM(3, okm, Hex.decode(
-                "8da4e775a563c18f715f802a063c5a31" +
-                    "b8a11f5c5ee1879ec3454e5f3c738d2d" +
-                    "9d201395faa4b61a96c8"));
-        }
-
-        {
-            // === A.4. Test Case 4 - Basic test case with SHA-1 ===
-
-            Digest hash = new SHA1Digest();
-            byte[] ikm = Hex.decode("0b0b0b0b0b0b0b0b0b0b0b");
-            byte[] salt = Hex.decode("000102030405060708090a0b0c");
-            byte[] info = Hex.decode("f0f1f2f3f4f5f6f7f8f9");
-            int l = 42;
-            byte[] okm = new byte[l];
-
-            HKDFParameters params = new HKDFParameters(ikm, salt, info);
-
-            HKDFBytesGenerator hkdf = new HKDFBytesGenerator(hash);
-            hkdf.init(params);
-            hkdf.generateBytes(okm, 0, l);
-
-            compareOKM(4, okm, Hex.decode(
-                "085a01ea1b10f36933068b56efa5ad81" +
-                    "a4f14b822f5b091568a9cdd4f155fda2" +
-                    "c22e422478d305f3f896"));
-        }
-
-        // === A.5. Test Case 5 - Test with SHA-1 and longer inputs/outputs ===
-        {
-            Digest hash = new SHA1Digest();
-            byte[] ikm = Hex.decode("000102030405060708090a0b0c0d0e0f"
-                + "101112131415161718191a1b1c1d1e1f"
-                + "202122232425262728292a2b2c2d2e2f"
-                + "303132333435363738393a3b3c3d3e3f"
-                + "404142434445464748494a4b4c4d4e4f");
-            byte[] salt = Hex.decode("606162636465666768696a6b6c6d6e6f"
-                + "707172737475767778797a7b7c7d7e7f"
-                + "808182838485868788898a8b8c8d8e8f"
-                + "909192939495969798999a9b9c9d9e9f"
-                + "a0a1a2a3a4a5a6a7a8a9aaabacadaeaf");
-            byte[] info = Hex.decode("b0b1b2b3b4b5b6b7b8b9babbbcbdbebf"
-                + "c0c1c2c3c4c5c6c7c8c9cacbcccdcecf"
-                + "d0d1d2d3d4d5d6d7d8d9dadbdcdddedf"
-                + "e0e1e2e3e4e5e6e7e8e9eaebecedeeef"
-                + "f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff");
-            int l = 82;
-            byte[] okm = new byte[l];
-
-            HKDFParameters params = new HKDFParameters(ikm, salt, info);
-
-            HKDFBytesGenerator hkdf = new HKDFBytesGenerator(hash);
-            hkdf.init(params);
-            hkdf.generateBytes(okm, 0, l);
-
-            compareOKM(5, okm, Hex.decode(
-                "0bd770a74d1160f7c9f12cd5912a06eb" +
-                    "ff6adcae899d92191fe4305673ba2ffe" +
-                    "8fa3f1a4e5ad79f3f334b3b202b2173c" +
-                    "486ea37ce3d397ed034c7f9dfeb15c5e" +
-                    "927336d0441f4c4300e2cff0d0900b52" +
-                    "d3b4"));
-        }
-
-        {
-            // === A.6. Test Case 6 - Test with SHA-1 and zero-length salt/info
-            // ===
-
-            // setting salt to null should generate a new salt of HashLen zero
-            // valued bytes
-
-            Digest hash = new SHA1Digest();
-            byte[] ikm = Hex
-                .decode("0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b");
-            byte[] salt = null;
-            byte[] info = new byte[0];
-            int l = 42;
-            byte[] okm = new byte[l];
-
-            HKDFParameters params = new HKDFParameters(ikm, salt, info);
-
-            HKDFBytesGenerator hkdf = new HKDFBytesGenerator(hash);
-            hkdf.init(params);
-            hkdf.generateBytes(okm, 0, l);
-
-            compareOKM(6, okm, Hex.decode(
-                "0ac1af7002b3d761d1e55298da9d0506" +
-                    "b9ae52057220a306e07b6b87e8df21d0" +
-                    "ea00033de03984d34918"));
-        }
-
-        {
-            // === A.7. Test Case 7 - Test with SHA-1, salt not provided,
-            // zero-length info ===
-            // (salt defaults to HashLen zero octets)
-
-            // this test is identical to test 6 in all ways bar the IKM value
-
-            Digest hash = new SHA1Digest();
-            byte[] ikm = Hex
-                .decode("0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c");
-            byte[] salt = null;
-            byte[] info = new byte[0];
-            int l = 42;
-            byte[] okm = new byte[l];
-
-            HKDFParameters params = new HKDFParameters(ikm, salt, info);
-
-            HKDFBytesGenerator hkdf = new HKDFBytesGenerator(hash);
-            hkdf.init(params);
-            hkdf.generateBytes(okm, 0, l);
-
-            compareOKM(7, okm, Hex.decode(
-                "2c91117204d745f3500d636a62f64f0a" +
-                    "b3bae548aa53d423b0d1f27ebba6f5e5" +
-                    "673a081d70cce7acfc48"));
-        }
-
-        {
-            // === A.101. Additional Test Case - Test with SHA-1, skipping extract
-            // zero-length info ===
-            // (salt defaults to HashLen zero octets)
-
-            // this test is identical to test 7 in all ways bar the IKM value
-            // which is set to the PRK value
-
-            Digest hash = new SHA1Digest();
-            byte[] ikm = Hex
-                .decode("2adccada18779e7c2077ad2eb19d3f3e731385dd");
-            byte[] info = new byte[0];
-            int l = 42;
-            byte[] okm = new byte[l];
-
-            HKDFParameters params = HKDFParameters.skipExtractParameters(ikm, info);
-
-            HKDFBytesGenerator hkdf = new HKDFBytesGenerator(hash);
-            hkdf.init(params);
-            hkdf.generateBytes(okm, 0, l);
-
-            compareOKM(101, okm, Hex.decode(
-                "2c91117204d745f3500d636a62f64f0a" +
-                    "b3bae548aa53d423b0d1f27ebba6f5e5" +
-                    "673a081d70cce7acfc48"));
-        }
-
-        // === A.102. Additional Test Case - Test with SHA-1, maximum output ===
-        // (salt defaults to HashLen zero octets)
-
-        // this test is identical to test 7 in all ways bar the IKM value
-
-        Digest hash = new SHA1Digest();
-        byte[] ikm = Hex
-            .decode("2adccada18779e7c2077ad2eb19d3f3e731385dd");
-        byte[] info = new byte[0];
-        int l = 255 * hash.getDigestSize();
-        byte[] okm = new byte[l];
-
-        HKDFParameters params = HKDFParameters.skipExtractParameters(ikm, info);
-
-        HKDFBytesGenerator hkdf = new HKDFBytesGenerator(hash);
-        hkdf.init(params);
-        hkdf.generateBytes(okm, 0, l);
-
-        int zeros = 0;
-        for (int i = 0; i < hash.getDigestSize(); i++)
-        {
-            if (okm[i] == 0)
-            {
-                zeros++;
-            }
-        }
-
-        if (zeros == hash.getDigestSize())
-        {
-            fail("HKDF failed generator test " + 102);
-        }
-    }
-
-    public String getName()
-    {
-        return "HKDF";
-    }
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new HKDFGeneratorTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/HashCommitmentTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/HashCommitmentTest.java
deleted file mode 100644
index ed83c64..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/HashCommitmentTest.java
+++ /dev/null

@@ -1,152 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.Commitment;
-import org.bouncycastle.crypto.Committer;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.commitments.GeneralHashCommitter;
-import org.bouncycastle.crypto.commitments.HashCommitter;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class HashCommitmentTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "HashCommitmentTest";
-    }
-
-    public void performBasicTest()
-        throws Exception
-    {
-        byte[] data = Hex.decode("4e6f77206973207468652074696d6520666f7220616c6c20");
-
-        Committer committer = new HashCommitter(new SHA256Digest(), new SecureRandom());
-
-        Commitment c = committer.commit(data);
-
-        committer = new HashCommitter(new SHA256Digest(), new SecureRandom());
-
-        if (!committer.isRevealed(c, data))
-        {
-            fail("commitment failed to validate");
-        }
-
-        committer = new HashCommitter(new SHA1Digest(), new SecureRandom());
-
-        if (committer.isRevealed(c, data))
-        {
-            fail("commitment validated!!");
-        }
-
-        try
-        {
-            committer.isRevealed(c, new byte[data.length + 1]);
-        }
-        catch (Exception e)
-        {
-            if (!e.getMessage().equals("Message and witness secret lengths do not match."))
-            {
-                fail("exception thrown but wrong message");
-            }
-        }
-
-        // SHA1 has a block size of 512 bits, try a message that's too big
-
-        try
-        {
-            c = committer.commit(new byte[33]);
-        }
-        catch (DataLengthException e)
-        {
-            if (!e.getMessage().equals("Message to be committed to too large for digest."))
-            {
-                fail("exception thrown but wrong message");
-            }
-        }
-    }
-
-    public void performGeneralTest()
-        throws Exception
-    {
-        byte[] data = Hex.decode("4e6f77206973207468652074696d6520666f7220616c6c20");
-
-        Committer committer = new GeneralHashCommitter(new SHA256Digest(), new SecureRandom());
-
-        Commitment c = committer.commit(data);
-
-        committer = new GeneralHashCommitter(new SHA256Digest(), new SecureRandom());
-
-        if (!committer.isRevealed(c, data))
-        {
-            fail("general commitment failed to validate");
-        }
-
-        committer = new GeneralHashCommitter(new SHA1Digest(), new SecureRandom());
-
-        if (committer.isRevealed(c, data))
-        {
-            fail("general commitment validated!!");
-        }
-
-        c = committer.commit(data);
-
-        // try and fool it.
-        byte[] s = c.getSecret();
-        byte[] newS = Arrays.copyOfRange(s, 0, s.length - 1);
-        byte[] newData = new byte[data.length + 1];
-
-        newData[0] = s[s.length - 1];
-        System.arraycopy(data, 0, newData, 1, data.length);
-
-        c = new Commitment(newS, c.getCommitment());
-
-        if (committer.isRevealed(c, newData))
-        {
-            fail("general commitment validated!!");
-        }
-
-        try
-        {
-            committer.isRevealed(c, new byte[data.length + 1]);
-        }
-        catch (Exception e)
-        {
-            if (!e.getMessage().equals("Message and witness secret lengths do not match."))
-            {
-                fail("exception thrown but wrong message");
-            }
-        }
-
-        // SHA1 has a block size of 512 bits, try a message that's too big
-
-        try
-        {
-            c = committer.commit(new byte[33]);
-        }
-        catch (DataLengthException e)
-        {
-            if (!e.getMessage().equals("Message to be committed to too large for digest."))
-            {
-                fail("exception thrown but wrong message");
-            }
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        performBasicTest();
-        performGeneralTest();
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new HashCommitmentTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/IDEATest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/IDEATest.java
deleted file mode 100644
index 64c673e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/IDEATest.java
+++ /dev/null

@@ -1,38 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.engines.IDEAEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- */
-public class IDEATest
-    extends CipherTest
-{
-    static SimpleTest[] tests =
-            {
-                new BlockCipherVectorTest(0, new IDEAEngine(),
-                        new KeyParameter(Hex.decode("00112233445566778899AABBCCDDEEFF")),
-                        "000102030405060708090a0b0c0d0e0f", "ed732271a7b39f475b4b2b6719f194bf"),
-                new BlockCipherVectorTest(0, new IDEAEngine(),
-                        new KeyParameter(Hex.decode("00112233445566778899AABBCCDDEEFF")),
-                        "f0f1f2f3f4f5f6f7f8f9fafbfcfdfeff", "b8bc6ed5c899265d2bcfad1fc6d4287d")
-            };
-
-    IDEATest()
-    {
-        super(tests, new IDEAEngine(), new KeyParameter(new byte[32]));
-    }
-
-    public String getName()
-    {
-        return "IDEA";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new IDEATest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/ISAACTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/ISAACTest.java
deleted file mode 100644
index 02319a3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/ISAACTest.java
+++ /dev/null

@@ -1,180 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.engines.ISAACEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * ISAAC Test - see http://www.burtleburtle.net/bob/rand/isaacafa.html
- */
-public class ISAACTest
-    extends SimpleTest
-{
-    byte[] out = Hex.decode(
-        "f650e4c8e448e96d98db2fb4f5fad54f433f1afbedec154ad837048746ca4f9a" +
-        "5de3743e88381097f1d444eb823cedb66a83e1e04a5f6355c744243325890e2e" +
-        "7452e31957161df638a824f3002ed71329f5544951c08d83d78cb99ea0cc74f3" +
-        "8f651659cbc8b7c2f5f71c6912ad6419e5792e1b860536b809b3ce98d45d6d81" +
-        "f3b2612917e38f8529cf72ce349947b0c998f9ffb5e13dae32ae2a2bf7cf814c" +
-        "8ebfa303cf22e0640b923200eca4d58aef53cec4d0f7b37d9c411a2affdf8a80" +
-        "b40e27bcb4d2f97644b89b08f37c71d51a70e7e90bdb9c3060dc5207b3c3f24b" +
-        "d7386806229749b54e232cd091dabc65a70e11018b87437e5781414fcdbc62e2" +
-        "8107c9ff69d2e4ae3b18e752b143b6886f4e077295138769943c3c74afc17a97" +
-        "0fd439636a529b0bd8c58a6aa8bcc22d2db35dfea7a2f4026cb167db538e1f4e" +
-        "7275e2771d3b8e97ecc5dc9115e3a5b90369661430ab93ecac9fe69d7bc76811" +
-        "60eda8da28833522d5295ebc5adb60e7f7e1cdd097166d14b67ec13a210f3925" +
-        "64af0fef0d0286843aea3decb058bafbb8b0ccfcf2b5cc05e3a662d9814bc24c" +
-        "2364a1aa37c0ed052b36505c451e7ec85d2a542fe43d0fbb91c8d92560d4d5f8" +
-        "12a0594b9e8a51dacd49ebdb1b0dcdc1cd57c7f7e63444517ded386f2f36fa86" +
-        "a6d1210133bc405db388d96cdb6dbe96fe29661c13edc0cbcb0eee4a70cc94ae" +
-        "de11ed340606cf9f3a6ce38923d74f4ea37f63ff917bdec2d73f72d40e7e0e67" +
-        "3d77d9a213add9228891b3db01a9bd7056a001e3d51f093dcc033ce35ad0d3b0" +
-        "34105a8c6a123f57bd2e50247364944be89b1a3b21835c4d9f39e2d9d405ded8" +
-        "294d37e5bccaaeed35a124b56708a2bcb00960ba2a98121a4d8fae820bb3263f" +
-        "12595a196a1075890809e49421c171ec884d682514c8009bb0b84e7b03fb88f4" +
-        "28e7cb789388b13bdd2dc1d5848f520a07c28cd168a3935872c9137d127dd430" +
-        "c613f1578c2f0d55f7d3f39f309bfb788406b13746c0a6f53718d59708607f04" +
-        "76904b6d04db4e13cd7411a7b510ce0ebfc7f7ccb83f957afdfef62dc35e4580" +
-        "3ff1e5244112d96c02c9b944d5990dfbe7e265810d9c7e7e826dfa8966f1e0ab" +
-        "30bcc764eadebeaced35e5ee0c571a7de4f3a26af7f58f7badf6bc235d023e65" +
-        "1ed3ff4eec46b0b6d2a93b51e75b41c97e315aeb61119a5a53245b7933f6d7b1" +
-        "cae8deba50fc8194afa92a6dc87c80064188bfcd8bace62e78ffa5685597ec0f" +
-        "b4415f7d08294766ad56764309c36f903dde9f394a0a283c18080c8e080c79ec" +
-        "79ae4c10cb9e15637cdd662f62d31911a4ca0cf15cf824cd3b708f991e16614c" +
-        "b6b9d7665de87abb7229ea81d5b2d75056e6cd21fe1e42d596da2655c2b9aa36" +
-        "b8f6fd4a6a158d1001913fd3af7d1fb80b5e435f90c107576554abda7a68710f" +
-        "82ac484fd7e1c7be95c85eaa94a302f44d3cfbda786b29081010b27582d53d12" +
-        "21e2a51c3d1e9150b059261dd0638e1a31860f0581f2864dff4cfc350451516d" +
-        "bd086f26bc5654c165dfa427a82427f5582e3014b8d2486dc79a17499a1d7745" +
-        "8766bb541e04a7f73d3dff8ad5ec6bf4dbef7d9f36ec0ea31feb2e4f15cfcc5c" +
-        "d8c423fbd0ef3cc9eb244925ba5590c8a5f48ac433c5321c613b67b2479c3a22" +
-        "e21339cc10d210aa931dd7e2ef05ee06b82f2703a385cb2c5d67133c877eb7b4" +
-        "1e3437f75afb43ae53c078f394d904811d96458908063a85e13222281956b1e5" +
-        "31860f132e7b022f21182ca396f703ac46819e2e0d28fe523724d4dca0eabe6b" +
-        "c66699fdc6112fdd19c1e69c04d3658a4b55dd9931907d62f854b5224d678f26" +
-        "22ae0582eafed133e4a51d2184bd6dd6c1a513753f28ee63fb737b1a70a1660e" +
-        "8a8dfaa31be79937f7476978513c1764531ac6bf12c06908001cdb951a4b6a53" +
-        "d067fce512b2cfb69ddb477f740e006639ddf25acc8bfa2df1b20eaf64f2632c" +
-        "9783cdee63bfd4d80084cfe575f4e9e219b48fd06c48ddd87a36af9371865c4c" +
-        "9ce0199d867027d72cb7b77f84ef01da72f5972f040f7074df9afa29c921f94e" +
-        "75c08a3618c1ef9ad649a428c5b719378a30738ad97cd348858129a6239e3b0a" +
-        "bbb8abc480fac4c2ecfcf20bd9d711f9e2a4ef71b5fe87c0be8b06b2aafef5a7" +
-        "9c15db3b0aeb81654389a84a253b1d7a19047c797cdc78a2d20adf0356f55a71" +
-        "3e730fa8fd8650d8959e234eb7546681dad1b22a142a6e858ef4bce668235b9d" +
-        "85a13f8574096ae7a949bea229322d0dd568385882846526403dae086dd1943a" +
-        "e1279bff9e7e4f041c3a4524484525e481d4cc5fe24124c0037464c0bf1bd691" +
-        "26ceb003275ead3ac5bde90826414ff3a30519add7b43abe2ce5d3d588412761" +
-        "97ca2070e5fbb9c7276df0b4308f751f37a97df6c9cd808cfe4cb3803d469303" +
-        "aee19096c0d5d42a4e823ad3f5f9cc3b4286619c9ca45e1c66c97340891aec49" +
-        "45bae606c798f04752649d6cce86fdfc80c6e402d6ec2f2b27c822821fe26ce0" +
-        "92f57ea7de462f4d07497cae5a48755c721502dd6cbe7935836d80039ead7f70" +
-        "9ab3a42f4c8652d632e39273e8fa38601da4f25a0cd6ef8102503f7d8854a0a1" +
-        "9a30c4e88815715305efe29457c4c9252887d96fc1a71e3ce9f841632d0985de" +
-        "d21e796c6fb5ce5602614abfc3c7be2cb54fed6fa617a083c3142d8f6079e4ce" +
-        "ceffc1471d0cb81bdc153e5fe36ef5bbd531161a165b10157aa114ed3f7579b3" +
-        "f7f395f1bc6172c7a86f875e0e6c51b3cdfec2af73c0e762824c2009c5a87748" +
-        "94d401258aba3ffbd32be0608c17eff021e2547e07cffad905340e15f3310c92" +
-        "9d8d190886ba527ff943f672ef73fbf046d95ca5c54cd95b9d855e894bb5af29");
-
-        byte[] outFFFFFFFF = Hex.decode(
-            "de3b3f3c19e0629c1fc8b7836695d523e7804edd86ff7ce9b106f52caebae9d9" +
-            "72f845d49ce17d7da44e49bae954aac0d0b1284b98a88eec1524fb6bc91a16b5" +
-            "1192ac5334131446ac2442de9ff3d5867b9b9148881ee30a6e87dd88e5d1f7cd" +
-            "98db31ff36f70d9850cfefaef42abb00ecc39ed308bf4b8030cdc2b6b7e42f0e" +
-            "908030dd282f96edacc888b3a986e109c129998f89baa1b5da8970b07a6ab012" +
-            "f10264f23c315c9c8e0c164955c68517b6a4f982b2626db70787f869ac6d551b" +
-            "e34931627c7058e965c502e18d2cd370e6db3b70d947d61aa9717cf8394f48c6" +
-            "3c796f3a154950846badb28b70d982f29bc670254e3e5e0f8e36b0a5f6da0a04" +
-            "6b235ed6a42988c012bde74d879fa8eb5d59f5f40ed5e76601c9847b3edb2690");
-
-        byte[] outFFFF0000 = Hex.decode(
-            "26c54b1f8c4e3fc582e9e8180f7aba5380463dcf58b03cbeda0ecc8ba90ccff8" +
-            "5bd50896313d7efed44015faeac6964b241a7fb8a2e37127a7cbea0fd7c020f2" +
-            "406371b87ef5185089504751e5e44352eff63e00e5c28f5dff0616a9a3a00f1f" +
-            "4a1350e3a17be9abddfc2c94571450a0dc4c3c0c7c7f98e80c95f607d50c676a" +
-            "9a3006f9d279a79a4d66b2ab0c52930c9ee84bc09895e70fa041b1a3a2966f11" +
-            "6a47fd09705124b1f5c7ae055e54536e66584b1608f3612d81b72f109a385831" +
-            "121945b207b90ac72437a248f27a121c2801f4153a8699fb047e193f7ba69e1b" +
-            "b117869675d4c963e6070c2ca3d332ce830cb5e3d9ed2eee7faf0acc20fbe154" +
-            "188ae789e95bd5c1f459dbd150aab6eb833170257084bc5d44e9df09f5624f9d" +
-            "afecd0c9340ac8587f8625d343f7efd1cc8abcf7a6f90eabd4e8e2d906278d6e" +
-            "431fcade165c8c467887fbf5c26d341557b064b98c60dd40ab262dc046d69647" +
-            "56f3ddc1a07ae5f87be878b9334fcde40add68d2ca1dc05fb1670f998c7c4607" +
-            "9a6e48bdb330ad8d30b61b5cc8dc156f5733905931949783f89ac396b65aa4b8" +
-            "51f746b53ed8ea66130e1d75e8eab136e60450e3e600226bc8e17d03744ce94c" +
-            "0eec9234fea5f18eef65d81f2f10cfbc0b112b8cde17c32eb33ed81d7356eac3" +
-            "eb1cb9cefa6604c2d707949b6e5a83e60705bf6aae76dcc7d35d68ff149c1ac5" +
-            "424bb4a39e2f496f886637fce3db4ba4ad12c1a32d25e1606f6635ff636486f6" +
-            "714997b45477f38813c02afce4bebf196b813332f0decd567c745f441e736364");
-
-       byte[] out0000FFFF = Hex.decode(
-        "bc31712f2a2f467a5abc737c57ce0f8d49d2f775eb850fc8f856daf19310fee2"+
-        "5bab40e78403c9ef4ccd971418992faf4e85ca643fa6b482f30c4659066158a6"+
-        "5bc3e620ba7ea5c34dd0eac5aabb2cf078d915fd1f8c437ed00423076c10f701"+
-        "eefa7fc7c461aca5db8a87be29d925c4212d4adcfa71ff5b06af15c048aa0dfd"+
-        "f0e645bc09fea200c430a88eb38c466ff358b836f1159656a078f6fc752f6db1"+
-        "6680bb30fc771a6a785bbb2298e947d7b3500e557775962248bedf4e82c16e66"+
-        "f39283ccb95e5399061056a11c4a280f00f7487888199487905273c7aa13012b"+
-        "4849eca626cbf071c782e084f9fded57de92313e5f61a6e81117fb1115eff275"+
-        "66fd5c755bb3b01bba69aeb8f1b1b1cc9709734be31b35bc707d372ba6fe70d1"+
-        "e2c3b0e5e74a7058faff6b11d3a168f19fecc9fcb36b3e6a5f828c01c22ac0c2"+
-        "5da2a3a9eec7e0ebbbf51472e430ed4cf1c7ab57ef9aea511e40250846d260b6"+
-        "17a3fdeba16cf4afaf700144d3296b58b22a3c79ed96f3e2fc8d9e3c660ae153"+
-        "8e0c285ccdc48b59117e80413bd0ad24c6a8d4f133fe1496f14351bb89904fa5"+
-        "e10c4b8d50e0604578389c336a9ab3d292beb90ce640fc028e697cf54e021e2f"+
-        "c0ca3fe0471fde5e5462f221739a74f5a13ae0621fe2a82e752bc294f63de48d"+
-        "e85430af71307a30441b861ab5380e6a6dbe1251c9baa567da14e38e5a0ccddf"+
-        "0127205c38fc3b77065e98101d219246103438d223ec7f8f533d4bb3a3d3407a"+
-        "944910f11e8e5492e86de7a0471250eca32f0838b3db02fffe71898712af3261");
-
-    public String getName()
-    {
-        return "ISAAC";
-    }
-
-    public void performTest()
-    {
-        ISAACEngine engine = new ISAACEngine();
-
-        doTest(engine, Hex.decode("00000000"), out);
-        doTest(engine, Hex.decode("ffffffff"), outFFFFFFFF);
-
-        byte[] k = new byte[256 * 4];
-        for (int i = 0; i != k.length; i++)
-        {
-            k[i] = (byte)((i % 4 == 0 || i % 4 == 1) ? 0xff : 0x00);
-        }
-        doTest(engine, k, outFFFF0000);
-        k = new byte[256 * 4];
-        for (int i = 0; i != k.length; i++)
-        {
-            k[i] = (byte)((i % 4 == 2 || i % 4 == 3) ? 0xff : 0x00);
-        }
-        doTest(engine, k, out0000FFFF);
-    }
-
-    private void doTest(ISAACEngine engine, byte[] key, byte[] output)
-    {
-        byte[] in = new byte[output.length];
-        byte[] enc = new byte[output.length];
-        engine.init(true, new KeyParameter(key));
-        engine.processBytes(in, 0, in.length, enc, 0);
-        if (!areEqual(enc, output))
-        {
-            fail("ciphertext mismatch");
-        }
-        engine.init(false, new KeyParameter(key));
-        engine.processBytes(enc, 0, enc.length, enc, 0);
-        if (!areEqual(enc, in))
-        {
-            fail("plaintext mismatch");
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new ISAACTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/ISO9796Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/ISO9796Test.java
deleted file mode 100644
index cb21207..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/ISO9796Test.java
+++ /dev/null

@@ -1,1028 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricBlockCipher;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.RIPEMD128Digest;
-import org.bouncycastle.crypto.digests.RIPEMD160Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.encodings.ISO9796d1Encoding;
-import org.bouncycastle.crypto.engines.RSABlindedEngine;
-import org.bouncycastle.crypto.engines.RSAEngine;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithSalt;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.crypto.signers.ISO9796d2PSSSigner;
-import org.bouncycastle.crypto.signers.ISO9796d2Signer;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * test vectors from ISO 9796-1 and ISO 9796-2 edition 1.
- */
-public class ISO9796Test
-    extends SimpleTest
-{
-    static BigInteger mod1 = new BigInteger("0100000000000000000000000000000000bba2d15dbb303c8a21c5ebbcbae52b7125087920dd7cdf358ea119fd66fb064012ec8ce692f0a0b8e8321b041acd40b7", 16);
-
-    static BigInteger pub1 = new BigInteger("03", 16);
-
-    static BigInteger pri1 = new BigInteger("2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaac9f0783a49dd5f6c5af651f4c9d0dc9281c96a3f16a85f9572d7cc3f2d0f25a9dbf1149e4cdc32273faadd3fda5dcda7", 16);
-
-    static BigInteger mod2 = new BigInteger("ffffff7fa27087c35ebead78412d2bdffe0301edd494df13458974ea89b364708f7d0f5a00a50779ddf9f7d4cb80b8891324da251a860c4ec9ef288104b3858d", 16);
-
-    static BigInteger pub2 = new BigInteger("03", 16);
-
-    static BigInteger pri2 = new BigInteger("2aaaaa9545bd6bf5e51fc7940adcdca5550080524e18cfd88b96e8d1c19de6121b13fac0eb0495d47928e047724d91d1740f6968457ce53ec8e24c9362ce84b5", 16);
-
-    static byte msg1[] = Hex.decode("0cbbaa99887766554433221100");
-
-    //
-    // you'll need to see the ISO 9796 to make sense of this
-    //
-    static byte sig1[] = mod1.subtract(new BigInteger("309f873d8ded8379490f6097eaafdabc137d3ebfd8f25ab5f138d56a719cdc526bdd022ea65dabab920a81013a85d092e04d3e421caab717c90d89ea45a8d23a", 16)).toByteArray();
-
-    static byte msg2[] = Hex.decode("fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210");
-
-    static byte sig2[] = new BigInteger("319bb9becb49f3ed1bca26d0fcf09b0b0a508e4d0bd43b350f959b72cd25b3af47d608fdcd248eada74fbe19990dbeb9bf0da4b4e1200243a14e5cab3f7e610c", 16).toByteArray();
-
-    static byte msg3[] = Hex.decode("0112233445566778899aabbccd");
-
-    static byte sig3[] = mod2.subtract(new BigInteger("58e59ffb4b1fb1bcdbf8d1fe9afa3730c78a318a1134f5791b7313d480ff07ac319b068edf8f212945cb09cf33df30ace54f4a063fcca0b732f4b662dc4e2454", 16)).toByteArray();
-
-    //
-    // ISO 9796-2
-    //
-    static BigInteger mod3 = new BigInteger("ffffffff78f6c55506c59785e871211ee120b0b5dd644aa796d82413a47b24573f1be5745b5cd9950f6b389b52350d4e01e90009669a8720bf265a2865994190a661dea3c7828e2e7ca1b19651adc2d5", 16);
-
-    static BigInteger pub3 = new BigInteger("03", 16);
-
-    static BigInteger pri3 = new BigInteger("2aaaaaaa942920e38120ee965168302fd0301d73a4e60c7143ceb0adf0bf30b9352f50e8b9e4ceedd65343b2179005b2f099915e4b0c37e41314bb0821ad8330d23cba7f589e0f129b04c46b67dfce9d", 16);
-
-    static BigInteger mod4 = new BigInteger("FFFFFFFF45f1903ebb83d4d363f70dc647b839f2a84e119b8830b2dec424a1ce0c9fd667966b81407e89278283f27ca8857d40979407fc6da4cc8a20ecb4b8913b5813332409bc1f391a94c9c328dfe46695daf922259174544e2bfbe45cc5cd", 16);
-    static BigInteger pub4 = new BigInteger("02", 16);
-    static BigInteger pri4 = new BigInteger("1fffffffe8be3207d7707a9a6c7ee1b8c8f7073e5509c2337106165bd8849439c193faccf2cd70280fd124f0507e4f94cb66447680c6b87b6599d1b61c8f3600854a618262e9c1cb1438e485e47437be036d94b906087a61ee74ab0d9a1accd8", 16);
-
-    static byte msg4[] = Hex.decode("6162636462636465636465666465666765666768666768696768696a68696a6b696a6b6c6a6b6c6d6b6c6d6e6c6d6e6f6d6e6f706e6f7071");
-    static byte sig4[] = Hex.decode("374695b7ee8b273925b4656cc2e008d41463996534aa5aa5afe72a52ffd84e118085f8558f36631471d043ad342de268b94b080bee18a068c10965f581e7f32899ad378835477064abed8ef3bd530fce");
-
-    static byte msg5[] = Hex.decode("fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210");
-    static byte sig5[] = Hex.decode("5cf9a01854dbacaec83aae8efc563d74538192e95466babacd361d7c86000fe42dcb4581e48e4feb862d04698da9203b1803b262105104d510b365ee9c660857ba1c001aa57abfd1c8de92e47c275cae");
-
-    //
-    // scheme 2 data
-    //
-    static BigInteger mod6 = new BigInteger("b259d2d6e627a768c94be36164c2d9fc79d97aab9253140e5bf17751197731d6f7540d2509e7b9ffee0a70a6e26d56e92d2edd7f85aba85600b69089f35f6bdbf3c298e05842535d9f064e6b0391cb7d306e0a2d20c4dfb4e7b49a9640bdea26c10ad69c3f05007ce2513cee44cfe01998e62b6c3637d3fc0391079b26ee36d5", 16);
-    static BigInteger pub6 = new BigInteger("11", 16);
-    static BigInteger pri6 = new BigInteger("92e08f83cc9920746989ca5034dcb384a094fb9c5a6288fcc4304424ab8f56388f72652d8fafc65a4b9020896f2cde297080f2a540e7b7ce5af0b3446e1258d1dd7f245cf54124b4c6e17da21b90a0ebd22605e6f45c9f136d7a13eaac1c0f7487de8bd6d924972408ebb58af71e76fd7b012a8d0e165f3ae2e5077a8648e619", 16);
-
-    static byte sig6[] = new BigInteger("0073FEAF13EB12914A43FE635022BB4AB8188A8F3ABD8D8A9E4AD6C355EE920359C7F237AE36B1212FE947F676C68FE362247D27D1F298CA9302EB21F4A64C26CE44471EF8C0DFE1A54606F0BA8E63E87CDACA993BFA62973B567473B4D38FAE73AB228600934A9CC1D3263E632E21FD52D2B95C5F7023DA63DE9509C01F6C7BBC", 16).modPow(pri6, mod6).toByteArray();
-
-    static byte msg7[] = Hex.decode("6162636462636465636465666465666765666768666768696768696A68696A6B696A6B6C6A6B6C6D6B6C6D6E6C6D6E6F6D6E6F706E6F70716F70717270717273");
-    static byte sig7[] = new BigInteger("296B06224010E1EC230D4560A5F88F03550AAFCE31C805CE81E811E5E53E5F71AE64FC2A2A486B193E87972D90C54B807A862F21A21919A43ECF067240A8C8C641DE8DCDF1942CF790D136728FFC0D98FB906E7939C1EC0E64C0E067F0A7443D6170E411DF91F797D1FFD74009C4638462E69D5923E7433AEC028B9A90E633CC", 16).modPow(pri6, mod6).toByteArray();
-
-    static byte msg8[] = Hex.decode("FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA9876543210FEDCBA98");
-    static byte sig8[] = new BigInteger("01402B29ABA104079677CE7FC3D5A84DB24494D6F9508B4596484F5B3CC7E8AFCC4DDE7081F21CAE9D4F94D6D2CCCB43FCEDA0988FFD4EF2EAE72CFDEB4A2638F0A34A0C49664CD9DB723315759D758836C8BA26AC4348B66958AC94AE0B5A75195B57ABFB9971E21337A4B517F2E820B81F26BCE7C66F48A2DB12A8F3D731CC", 16).modPow(pri6, mod6).toByteArray();
-
-    static byte msg9[] = Hex.decode("6162636462636465636465666465666765666768666768696768696A68696A6B696A6B6C6A6B6C6D6B6C6D6E6C6D6E6F6D6E6F706E6F70716F707172707172737172737472737475737475767475767775767778767778797778797A78797A61797A61627A6162636162636462636465");
-    static byte sig9[] = new BigInteger("6F2BB97571FE2EF205B66000E9DD06656655C1977F374E8666D636556A5FEEEEAF645555B25F45567C4EE5341F96FED86508C90A9E3F11B26E8D496139ED3E55ECE42860A6FB3A0817DAFBF13019D93E1D382DA07264FE99D9797D2F0B7779357CA7E74EE440D8855B7DDF15F000AC58EE3FFF144845E771907C0C83324A6FBC", 16).modPow(pri6, mod6).toByteArray();
-
-    public String getName()
-    {
-        return "ISO9796";
-    }
-
-    private boolean isSameAs(
-        byte[] a,
-        int off,
-        byte[] b)
-    {
-        if ((a.length - off) != b.length)
-        {
-            return false;
-        }
-
-        for (int i = 0; i != b.length; i++)
-        {
-            if (a[i + off] != b[i])
-            {
-                return false;
-            }
-        }
-
-        return true;
-    }
-
-    private boolean startsWith(
-        byte[] a,
-        byte[] b)
-    {
-        if (a.length < b.length)
-        {
-            return false;
-        }
-
-        for (int i = 0; i != b.length; i++)
-        {
-            if (a[i] != b[i])
-            {
-                return false;
-            }
-        }
-
-        return true;
-    }
-
-    private void doTest1()
-        throws Exception
-    {
-        RSAKeyParameters pubParameters = new RSAKeyParameters(false, mod1, pub1);
-        RSAKeyParameters privParameters = new RSAKeyParameters(true, mod1, pri1);
-        RSAEngine rsa = new RSAEngine();
-        byte[] data;
-
-        //
-        // ISO 9796-1 - public encrypt, private decrypt
-        //
-        ISO9796d1Encoding eng = new ISO9796d1Encoding(rsa);
-
-        eng.init(true, privParameters);
-
-        eng.setPadBits(4);
-
-        data = eng.processBlock(msg1, 0, msg1.length);
-
-        eng.init(false, pubParameters);
-
-        if (!areEqual(sig1, data))
-        {
-            fail("failed ISO9796-1 generation Test 1");
-        }
-
-        data = eng.processBlock(data, 0, data.length);
-
-        if (!areEqual(msg1, data))
-        {
-            fail("failed ISO9796-1 retrieve Test 1");
-        }
-    }
-
-    private void doTest2()
-        throws Exception
-    {
-        RSAKeyParameters pubParameters = new RSAKeyParameters(false, mod1, pub1);
-        RSAKeyParameters privParameters = new RSAKeyParameters(true, mod1, pri1);
-        RSAEngine rsa = new RSAEngine();
-        byte[] data;
-
-        //
-        // ISO 9796-1 - public encrypt, private decrypt
-        //
-        ISO9796d1Encoding eng = new ISO9796d1Encoding(rsa);
-
-        eng.init(true, privParameters);
-
-        data = eng.processBlock(msg2, 0, msg2.length);
-
-        eng.init(false, pubParameters);
-
-        if (!isSameAs(data, 1, sig2))
-        {
-            fail("failed ISO9796-1 generation Test 2");
-        }
-
-        data = eng.processBlock(data, 0, data.length);
-
-
-        if (!areEqual(msg2, data))
-        {
-            fail("failed ISO9796-1 retrieve Test 2");
-        }
-    }
-
-    public void doTest3()
-        throws Exception
-    {
-        RSAKeyParameters pubParameters = new RSAKeyParameters(false, mod2, pub2);
-        RSAKeyParameters privParameters = new RSAKeyParameters(true, mod2, pri2);
-        RSAEngine rsa = new RSAEngine();
-        byte[] data;
-
-        //
-        // ISO 9796-1 - public encrypt, private decrypt
-        //
-        ISO9796d1Encoding eng = new ISO9796d1Encoding(rsa);
-
-        eng.init(true, privParameters);
-
-        eng.setPadBits(4);
-
-        data = eng.processBlock(msg3, 0, msg3.length);
-
-        eng.init(false, pubParameters);
-
-        if (!isSameAs(sig3, 1, data))
-        {
-            fail("failed ISO9796-1 generation Test 3");
-        }
-
-        data = eng.processBlock(data, 0, data.length);
-
-        if (!isSameAs(msg3, 0, data))
-        {
-            fail("failed ISO9796-1 retrieve Test 3");
-        }
-    }
-
-    public void doTest4()
-        throws Exception
-    {
-        RSAKeyParameters pubParameters = new RSAKeyParameters(false, mod3, pub3);
-        RSAKeyParameters privParameters = new RSAKeyParameters(true, mod3, pri3);
-        RSAEngine rsa = new RSAEngine();
-        byte[] data;
-
-        //
-        // ISO 9796-2 - Signing
-        //
-        ISO9796d2Signer eng = new ISO9796d2Signer(rsa, new RIPEMD128Digest());
-
-        eng.init(true, privParameters);
-
-        eng.update(msg4[0]);
-        eng.update(msg4, 1, msg4.length - 1);
-
-        data = eng.generateSignature();
-
-        byte[] recovered = new byte[eng.getRecoveredMessage().length];
-
-        if (!eng.hasFullMessage())
-        {
-            fail("full message not detected");
-        }
-
-        System.arraycopy(eng.getRecoveredMessage(), 0, recovered, 0, recovered.length);
-
-        eng.init(false, pubParameters);
-
-        if (!isSameAs(sig4, 0, data))
-        {
-            fail("failed ISO9796-2 generation Test 4");
-        }
-
-        eng.update(msg4[0]);
-        eng.update(msg4, 1, msg4.length - 1);
-
-        if (!eng.verifySignature(sig4))
-        {
-            fail("failed ISO9796-2 verify Test 4");
-        }
-
-        if (eng.hasFullMessage())
-        {
-            eng = new ISO9796d2Signer(rsa, new RIPEMD128Digest());
-
-            eng.init(false, pubParameters);
-
-            if (!eng.verifySignature(sig4))
-            {
-                fail("failed ISO9796-2 verify and recover Test 4");
-            }
-
-            if (!isSameAs(eng.getRecoveredMessage(), 0, msg4))
-            {
-                fail("failed ISO9796-2 recovered message Test 4");
-            }
-
-            // try update with recovered
-            eng.updateWithRecoveredMessage(sig4);
-
-            if (!isSameAs(eng.getRecoveredMessage(), 0, msg4))
-            {
-                fail("failed ISO9796-2 updateWithRecovered recovered message Test 4");
-            }
-
-            if (!eng.verifySignature(sig4))
-            {
-                fail("failed ISO9796-2 updateWithRecovered verify and recover Test 4");
-            }
-
-            if (!isSameAs(eng.getRecoveredMessage(), 0, msg4))
-            {
-                fail("failed ISO9796-2 updateWithRecovered recovered verify message Test 4");
-            }
-
-            if (!isSameAs(eng.getRecoveredMessage(), 0, recovered))
-            {
-                fail("failed ISO9796-2 updateWithRecovered recovered verify message Test 4 generate check");
-            }
-
-            // should fail
-            eng.updateWithRecoveredMessage(sig4);
-
-            eng.update(msg4, 0, msg4.length);
-
-            if (eng.verifySignature(sig4))
-            {
-                fail("failed ISO9796-2 updateWithRecovered verify and recover Test 4");
-            }
-        }
-        else
-        {
-            fail("full message flag false - Test 4");
-        }
-    }
-
-    public void doTest5()
-        throws Exception
-    {
-        RSAKeyParameters pubParameters = new RSAKeyParameters(false, mod3, pub3);
-        RSAKeyParameters privParameters = new RSAKeyParameters(true, mod3, pri3);
-        RSAEngine rsa = new RSAEngine();
-        byte[] data;
-
-        //
-        // ISO 9796-2 - Signing
-        //
-        ISO9796d2Signer eng = new ISO9796d2Signer(rsa, new RIPEMD160Digest(), true);
-
-        eng.init(true, privParameters);
-
-        eng.update(msg5[0]);
-        eng.update(msg5, 1, msg5.length - 1);
-
-        data = eng.generateSignature();
-
-        byte[] recovered = new byte[eng.getRecoveredMessage().length];
-
-        System.arraycopy(eng.getRecoveredMessage(), 0, recovered, 0, recovered.length);
-
-        eng.init(false, pubParameters);
-
-        if (!isSameAs(sig5, 0, data))
-        {
-            fail("failed ISO9796-2 generation Test 5");
-        }
-
-        eng.update(msg5[0]);
-        eng.update(msg5, 1, msg5.length - 1);
-
-        if (!eng.verifySignature(sig5))
-        {
-            fail("failed ISO9796-2 verify Test 5");
-        }
-
-        if (eng.hasFullMessage())
-        {
-            fail("fullMessage true - Test 5");
-        }
-
-        if (!startsWith(msg5, eng.getRecoveredMessage()))
-        {
-            fail("failed ISO9796-2 partial recovered message Test 5");
-        }
-
-        int length = eng.getRecoveredMessage().length;
-
-        if (length >= msg5.length)
-        {
-            fail("Test 5 recovered message too long");
-        }
-
-        eng = new ISO9796d2Signer(rsa, new RIPEMD160Digest(), true);
-
-        eng.init(false, pubParameters);
-
-        eng.updateWithRecoveredMessage(sig5);
-
-        if (!startsWith(msg5, eng.getRecoveredMessage()))
-        {
-            fail("failed ISO9796-2 updateWithRecovered partial recovered message Test 5");
-        }
-
-        if (!isSameAs(recovered, 0, eng.getRecoveredMessage()))
-        {
-            fail("failed ISO9796-2 updateWithRecovered partial recovered message Test 5 recovery check");
-        }
-
-        if (eng.hasFullMessage())
-        {
-            fail("fullMessage updateWithRecovered true - Test 5");
-        }
-
-        for (int i = length; i != msg5.length; i++)
-        {
-            eng.update(msg5[i]);
-        }
-
-        if (!eng.verifySignature(sig5))
-        {
-            fail("failed ISO9796-2 verify Test 5");
-        }
-
-        if (eng.hasFullMessage())
-        {
-            fail("fullMessage updateWithRecovered true - Test 5");
-        }
-
-        // should fail
-        eng.updateWithRecoveredMessage(sig5);
-
-        eng.update(msg5, 0, msg5.length);
-
-        if (eng.verifySignature(sig5))
-        {
-            fail("failed ISO9796-2 updateWithRecovered verify fail Test 5");
-        }
-    }
-
-    //
-    // against a zero length string
-    //
-
-    public void doTest6()
-        throws Exception
-    {
-        byte[] salt = Hex.decode("61DF870C4890FE85D6E3DD87C3DCE3723F91DB49");
-        RSAKeyParameters pubParameters = new RSAKeyParameters(false, mod6, pub6);
-        RSAKeyParameters privParameters = new RSAKeyParameters(true, mod6, pri6);
-        ParametersWithSalt sigParameters = new ParametersWithSalt(privParameters, salt);
-        RSAEngine rsa = new RSAEngine();
-        byte[] data;
-
-        //
-        // ISO 9796-2 - PSS Signing
-        //
-        ISO9796d2PSSSigner eng = new ISO9796d2PSSSigner(rsa, new RIPEMD160Digest(), 20, true);
-
-        eng.init(true, sigParameters);
-
-        data = eng.generateSignature();
-
-        if (eng.getRecoveredMessage().length != 0)
-        {
-            fail("failed zero check");
-        }
-
-        eng.init(false, pubParameters);
-
-        if (!isSameAs(sig6, 1, data))
-        {
-            fail("failed ISO9796-2 generation Test 6");
-        }
-
-        if (!eng.verifySignature(data))
-        {
-            fail("failed ISO9796-2 verify Test 6");
-        }
-    }
-
-    public void doTest7()
-        throws Exception
-    {
-        byte[] salt = new byte[0];
-        RSAKeyParameters pubParameters = new RSAKeyParameters(false, mod6, pub6);
-        RSAKeyParameters privParameters = new RSAKeyParameters(true, mod6, pri6);
-        ParametersWithSalt sigParameters = new ParametersWithSalt(privParameters, salt);
-        RSAEngine rsa = new RSAEngine();
-        byte[] data;
-
-        //
-        // ISO 9796-2 - PSS Signing
-        //
-        ISO9796d2PSSSigner eng = new ISO9796d2PSSSigner(rsa, new SHA1Digest(), 0, false);
-
-        eng.init(true, sigParameters);
-
-        eng.update(msg7[0]);
-        eng.update(msg7, 1, msg7.length - 1);
-
-        data = eng.generateSignature();
-
-        if (!eng.hasFullMessage())
-        {
-            fail("full message not detected");
-        }
-
-        byte[] recovered = new byte[eng.getRecoveredMessage().length];
-
-        System.arraycopy(eng.getRecoveredMessage(), 0, recovered, 0, recovered.length);
-
-        eng.init(false, pubParameters);
-
-        if (!isSameAs(sig7, 0, data))
-        {
-            fail("failed ISO9796-2 generation Test 7");
-        }
-
-        eng.update(msg7[0]);
-        eng.update(msg7, 1, msg7.length - 1);
-
-        if (!eng.verifySignature(sig7))
-        {
-            fail("failed ISO9796-2 verify Test 7");
-        }
-
-        if (!eng.hasFullMessage())
-        {
-            fail("full message not detected");
-        }
-
-        if (!isSameAs(msg7, 0, eng.getRecoveredMessage()))
-        {
-            fail("failed ISO9796-2 recovery Test 7");
-        }
-
-        if (!isSameAs(recovered, 0, eng.getRecoveredMessage()))
-        {
-            fail("failed ISO9796-2 recovery Test 7 recover");
-        }
-    }
-
-    public void doTest8()
-        throws Exception
-    {
-        byte[] salt = Hex.decode("78E293203CBA1B7F92F05F4D171FF8CA3E738FF8");
-        RSAKeyParameters pubParameters = new RSAKeyParameters(false, mod6, pub6);
-        RSAKeyParameters privParameters = new RSAKeyParameters(true, mod6, pri6);
-        ParametersWithSalt sigParameters = new ParametersWithSalt(privParameters, salt);
-        RSAEngine rsa = new RSAEngine();
-        byte[] data;
-
-        //
-        // ISO 9796-2 - PSS Signing
-        //
-        ISO9796d2PSSSigner eng = new ISO9796d2PSSSigner(rsa, new RIPEMD160Digest(), 20, false);
-
-        eng.init(true, sigParameters);
-
-        eng.update(msg8[0]);
-        eng.update(msg8, 1, msg8.length - 1);
-
-        data = eng.generateSignature();
-
-        eng.init(false, pubParameters);
-
-        if (!isSameAs(sig8, 0, data))
-        {
-            fail("failed ISO9796-2 generation Test 8");
-        }
-
-        eng.update(msg8[0]);
-        eng.update(msg8, 1, msg8.length - 1);
-
-        if (!eng.verifySignature(sig8))
-        {
-            fail("failed ISO9796-2 verify Test 8");
-        }
-    }
-
-    public void doTest9()
-        throws Exception
-    {
-        RSAKeyParameters pubParameters = new RSAKeyParameters(false, mod6, pub6);
-        RSAKeyParameters privParameters = new RSAKeyParameters(true, mod6, pri6);
-        RSAEngine rsa = new RSAEngine();
-        byte[] data;
-
-        //
-        // ISO 9796-2 - PSS Signing
-        //
-        ISO9796d2PSSSigner eng = new ISO9796d2PSSSigner(rsa, new RIPEMD160Digest(), 0, true);
-
-        eng.init(true, privParameters);
-
-        eng.update(msg9[0]);
-        eng.update(msg9, 1, msg9.length - 1);
-
-        data = eng.generateSignature();
-
-        byte[] recovered = new byte[eng.getRecoveredMessage().length];
-
-        System.arraycopy(eng.getRecoveredMessage(), 0, recovered, 0, recovered.length);
-
-        eng.init(false, pubParameters);
-
-        if (!isSameAs(sig9, 0, data))
-        {
-            fail("failed ISO9796-2 generation Test 9");
-        }
-
-        eng.update(msg9[0]);
-        eng.update(msg9, 1, msg9.length - 1);
-
-        if (!eng.verifySignature(sig9))
-        {
-            fail("failed ISO9796-2 verify Test 9");
-        }
-
-        if (!isSameAs(recovered, 0, eng.getRecoveredMessage()))
-        {
-            fail("failed ISO9796-2 recovery Test 7 recover");
-        }
-    }
-
-    public void doTest10()
-        throws Exception
-    {
-        BigInteger mod = new BigInteger("B3ABE6D91A4020920F8B3847764ECB34C4EB64151A96FDE7B614DC986C810FF2FD73575BDF8532C06004C8B4C8B64F700A50AEC68C0701ED10E8D211A4EA554D", 16);
-        BigInteger pubExp = new BigInteger("65537", 10);
-        BigInteger priExp = new BigInteger("AEE76AE4716F77C5782838F328327012C097BD67E5E892E75C1356E372CCF8EE1AA2D2CBDFB4DA19F703743F7C0BA42B2D69202BA7338C294D1F8B6A5771FF41", 16);
-        RSAKeyParameters pubParameters = new RSAKeyParameters(false, mod, pubExp);
-        RSAKeyParameters privParameters = new RSAKeyParameters(true, mod, priExp);
-        RSAEngine rsa = new RSAEngine();
-        byte[] data;
-
-        //
-        // ISO 9796-2 - PSS Signing
-        //
-        Digest dig = new SHA1Digest();
-        ISO9796d2PSSSigner eng = new ISO9796d2PSSSigner(rsa, dig, dig.getDigestSize());
-
-        //
-        // as the padding is random this test needs to repeat a few times to
-        // make sure
-        //
-        for (int i = 0; i != 500; i++)
-        {
-            eng.init(true, privParameters);
-
-            eng.update(msg9[0]);
-            eng.update(msg9, 1, msg9.length - 1);
-
-            data = eng.generateSignature();
-
-            eng.init(false, pubParameters);
-
-            eng.update(msg9[0]);
-            eng.update(msg9, 1, msg9.length - 1);
-
-            if (!eng.verifySignature(data))
-            {
-                fail("failed ISO9796-2 verify Test 10");
-            }
-        }
-    }
-
-    public void doTest11()
-        throws Exception
-    {
-        BigInteger mod = new BigInteger("B3ABE6D91A4020920F8B3847764ECB34C4EB64151A96FDE7B614DC986C810FF2FD73575BDF8532C06004C8B4C8B64F700A50AEC68C0701ED10E8D211A4EA554D", 16);
-        BigInteger pubExp = new BigInteger("65537", 10);
-        BigInteger priExp = new BigInteger("AEE76AE4716F77C5782838F328327012C097BD67E5E892E75C1356E372CCF8EE1AA2D2CBDFB4DA19F703743F7C0BA42B2D69202BA7338C294D1F8B6A5771FF41", 16);
-        RSAKeyParameters pubParameters = new RSAKeyParameters(false, mod, pubExp);
-        RSAKeyParameters privParameters = new RSAKeyParameters(true, mod, priExp);
-        RSAEngine rsa = new RSAEngine();
-        byte[] data;
-        byte[] m1 = {1, 2, 3, 4, 5, 6, 7, 8, 9};
-        byte[] m2 = {1, 2, 3, 4, 5, 6, 7, 8, 9, 0};
-        byte[] m3 = {1, 2, 3, 4, 5, 6, 7, 8};
-
-        //
-        // ISO 9796-2 - PSS Signing
-        //
-        Digest dig = new SHA1Digest();
-        ISO9796d2PSSSigner eng = new ISO9796d2PSSSigner(rsa, dig, dig.getDigestSize());
-
-        //
-        // check message bounds
-        //
-        eng.init(true, privParameters);
-
-        eng.update(m1, 0, m1.length);
-
-        data = eng.generateSignature();
-
-        eng.init(false, pubParameters);
-
-        eng.update(m2, 0, m2.length);
-
-        if (eng.verifySignature(data))
-        {
-            fail("failed ISO9796-2 m2 verify Test 11");
-        }
-
-        eng.init(false, pubParameters);
-
-        eng.update(m3, 0, m3.length);
-
-        if (eng.verifySignature(data))
-        {
-            fail("failed ISO9796-2 m3 verify Test 11");
-        }
-
-        eng.init(false, pubParameters);
-
-        eng.update(m1, 0, m1.length);
-
-        if (!eng.verifySignature(data))
-        {
-            fail("failed ISO9796-2 verify Test 11");
-        }
-    }
-
-    public void doTest12()
-        throws Exception
-    {
-        BigInteger mod = new BigInteger("B3ABE6D91A4020920F8B3847764ECB34C4EB64151A96FDE7B614DC986C810FF2FD73575BDF8532C06004C8B4C8B64F700A50AEC68C0701ED10E8D211A4EA554D", 16);
-        BigInteger pubExp = new BigInteger("65537", 10);
-        BigInteger priExp = new BigInteger("AEE76AE4716F77C5782838F328327012C097BD67E5E892E75C1356E372CCF8EE1AA2D2CBDFB4DA19F703743F7C0BA42B2D69202BA7338C294D1F8B6A5771FF41", 16);
-        RSAKeyParameters pubParameters = new RSAKeyParameters(false, mod, pubExp);
-        RSAKeyParameters privParameters = new RSAKeyParameters(true, mod, priExp);
-        RSAEngine rsa = new RSAEngine();
-        byte[] data;
-        byte[] m1 = {1, 2, 3, 4, 5, 6, 7, 8, 9};
-        byte[] m2 = {1, 2, 3, 4, 5, 6, 7, 8, 9, 0};
-        byte[] m3 = {1, 2, 3, 4, 5, 6, 7, 8};
-
-        //
-        // ISO 9796-2 - Signing
-        //
-        Digest dig = new SHA1Digest();
-        ISO9796d2Signer eng = new ISO9796d2Signer(rsa, dig);
-
-        //
-        // check message bounds
-        //
-        eng.init(true, privParameters);
-
-        eng.update(m1, 0, m1.length);
-
-        data = eng.generateSignature();
-
-        eng.init(false, pubParameters);
-
-        eng.update(m2, 0, m2.length);
-
-        if (eng.verifySignature(data))
-        {
-            fail("failed ISO9796-2 m2 verify Test 12");
-        }
-
-        eng.init(false, pubParameters);
-
-        eng.update(m3, 0, m3.length);
-
-        if (eng.verifySignature(data))
-        {
-            fail("failed ISO9796-2 m3 verify Test 12");
-        }
-
-        eng.init(false, pubParameters);
-
-        eng.update(m1, 0, m1.length);
-
-        if (!eng.verifySignature(data))
-        {
-            fail("failed ISO9796-2 verify Test 12");
-        }
-    }
-
-    private void doTest13()
-        throws Exception
-    {
-        BigInteger modulus = new BigInteger(1, Hex.decode("CDCBDABBF93BE8E8294E32B055256BBD0397735189BF75816341BB0D488D05D627991221DF7D59835C76A4BB4808ADEEB779E7794504E956ADC2A661B46904CDC71337DD29DDDD454124EF79CFDD7BC2C21952573CEFBA485CC38C6BD2428809B5A31A898A6B5648CAA4ED678D9743B589134B7187478996300EDBA16271A861"));
-        BigInteger pubExp = new BigInteger(1, Hex.decode("010001"));
-        BigInteger privExp = new BigInteger(1, Hex.decode("4BA6432AD42C74AA5AFCB6DF60FD57846CBC909489994ABD9C59FE439CC6D23D6DE2F3EA65B8335E796FD7904CA37C248367997257AFBD82B26F1A30525C447A236C65E6ADE43ECAAF7283584B2570FA07B340D9C9380D88EAACFFAEEFE7F472DBC9735C3FF3A3211E8A6BBFD94456B6A33C17A2C4EC18CE6335150548ED126D"));
-
-        RSAKeyParameters pubParams = new RSAKeyParameters(false, modulus, pubExp);
-        RSAKeyParameters privParams = new RSAKeyParameters(true, modulus, privExp);
-
-        AsymmetricBlockCipher rsaEngine = new RSABlindedEngine();
-        Digest digest = new SHA256Digest();
-
-        // set challenge to all zero's for verification
-        byte[] challenge = new byte[8];
-
-        // DOES NOT USE FINAL BOOLEAN TO INDICATE RECOVERY
-        ISO9796d2Signer signer = new ISO9796d2Signer(rsaEngine, digest, false);
-
-        // sign
-        signer.init(true, privParams);
-        signer.update(challenge, 0, challenge.length);
-
-        byte[]  sig = signer.generateSignature();
-
-        // verify
-        signer.init(false, pubParams);
-        signer.update(challenge, 0, challenge.length);
-
-        if (!signer.verifySignature(sig))
-        {
-            fail("basic verification failed");
-        }
-
-        // === LETS ACTUALLY DO SOME RECOVERY, USING INPUT FROM INTERNAL AUTHENTICATE ===
-
-        signer.reset();
-
-        final String args0 = "482E20D1EDDED34359C38F5E7C01203F9D6B2641CDCA5C404D49ADAEDE034C7481D781D043722587761C90468DE69C6585A1E8B9C322F90E1B580EEDAB3F6007D0C366CF92B4DB8B41C8314929DCE2BE889C0129123484D2FD3D12763D2EBFD12AC8E51D7061AFCA1A53DEDEC7B9A617472A78C952CCC72467AE008E5F132994";
-
-        digest = new SHA1Digest();
-
-        signer = new ISO9796d2Signer(rsaEngine, digest, true);
-
-
-        signer.init(false, pubParams);
-        final byte[] signature = Hex.decode(args0);
-        signer.updateWithRecoveredMessage(signature);
-        signer.update(challenge, 0, challenge.length);
-
-        if (!signer.verifySignature(signature))
-        {
-            fail("recovered + challenge signature failed");
-        }
-
-        // === FINALLY, USING SHA-256 ===
-
-        signer.reset();
-
-        digest = new SHA256Digest();
-
-        // NOTE setting implit to false does not actually do anything for verification !!!
-        signer = new ISO9796d2Signer(rsaEngine, digest, false);
-
-
-        signer.init(true, privParams);
-        // generate NONCE of correct length using some inner knowledge
-        int nonceLength = modulus.bitLength() / 8 - 1 - digest.getDigestSize() - 2;
-        final byte[] nonce = new byte[nonceLength];
-        SecureRandom rnd = new SecureRandom();
-
-        rnd.nextBytes(nonce);
-
-        signer.update(nonce, 0, nonce.length);
-        signer.update(challenge, 0, challenge.length);
-        byte[] sig3 = signer.generateSignature();
-
-        signer.init(false, pubParams);
-        signer.updateWithRecoveredMessage(sig3);
-        signer.update(challenge, 0, challenge.length);
-        if (signer.verifySignature(sig3))
-        {
-            if (signer.hasFullMessage())
-            {
-                fail("signer indicates full message");
-            }
-            byte[] recoverableMessage = signer.getRecoveredMessage();
-
-            // sanity check, normally the nonce is ignored in eMRTD specs (PKI Technical Report)
-            if (!Arrays.areEqual(nonce, recoverableMessage))
-            {
-                fail("Nonce compare with recoverable part of message failed");
-            }
-        }
-        else
-        {
-            fail("recoverable + nonce failed.");
-        }
-    }
-
-    private static final byte[] longMessage = Base64.decode(
-        "VVNIKzErU0U2ODAxNTMyOTcxOSsyKzErNisyKzErMTo6OTk5OTk5OTk5OTk5"
-      + "OTo6OSsyOjo3Nzc3Nzc3Nzc3Nzc3Ojo5Kys1OjIwMTMwNDA1OjExMzUyMCdV"
-      + "U0ErMTo6OjE2OjEnVVNDKzRmYjk3YzFhNDI5ZGIyZDYnVVNBKzY6MTY6MTox"
-      + "MDoxKzE0OjIwNDgrMTI6/vn3S0h96eNhfmPN6OZUxXhd815h0tP871Hl+V1r"
-      + "fHHUXvrPXmjHV0vdb8fYY1zxwvnQUcFBWXT43PFi7Xbow0/9e9l6/mhs1UJq"
-      + "VPvp+ELbeXfn4Nj02ttk0e3H5Hfa69NYRuHv1WBO6lfizNnM9m9XYmh9TOrg"
-      + "f9rDRtd+ZNbf4lz9fPTt9OXyxOJWRPr/0FLzxUVsddplfHxM3ndETFD7ffjI"
-      + "/mhRYuL8WXZ733LeWFRCeOzKzmDz/HvT3GZx/XJMbFpqyOZjedzh6vZr1vrD"
-      + "615TQfN7wtJJ29bN2Hvzb2f1xGHaXl7af0/w9dpR2dr7/HzuZEJKYc7JSkv4"
-      + "/k37yERIbcrfbVTeVtR+dcVoeeRT41fmzMfzf8RnWOX4YMNifl0rMTM68EFA"
-      + "QSdCR00rMzgwKzk5OTk5OTk5J0RUTSsxMzc6MjAxMzA0MDU6MTAyJ0ZUWCtB"
-      + "QUkrKytJTlZPSUNFIFRFU1QnUkZGK09OOjEyMzQ1NidSRkYrRFE6MjIyMjIy"
-      + "MjIyJ0RUTSsxNzE6MjAxMzA0MDE6MTAyJ05BRCtTVSs5OTk5OTk5OTk5OTk5"
-      + "Ojo5KytURVNUIFNVUFBMSUVSOjpUcmFzZSByZWdpc3RlciBYWFhYWFhYK1Rl"
-      + "c3QgYWRkcmVzcyBzdXBwbGllcitDaXR5KysxMjM0NStERSdSRkYrVkE6QTEy"
-      + "MzQ1Njc4J05BRCtTQ08rOTk5OTk5OTk5OTk5OTo6OSsrVEVTVCBTVVBQTElF"
-      + "Ujo6VHJhc2UgcmVnaXN0ZXIgWFhYWFhYWCtUZXN0IGFkZHJlc3Mgc3VwcGxp"
-      + "ZXIrQ2l0eSsrMTIzNDUrREUnUkZGK1ZBOkExMjM0NTY3OCdOQUQrQlkrODg4"
-      + "ODg4ODg4ODg4ODo6OSdOQUQrSVYrNzc3Nzc3Nzc3Nzc3Nzo6OSsrVEVTVCBC"
-      + "VVlFUitUZXN0IGFkZHJlc3MgYnV5ZXIrQ2l0eTIrKzU0MzIxK0RFJ1JGRitW"
-      + "QTpKODc2NTQzMjEnTkFEK0JDTys3Nzc3Nzc3Nzc3Nzc3Ojo5KytURVNUIEJV"
-      + "WUVSK1Rlc3QgYWRkcmVzcyBidXllcitDaXR5MisrNTQzMjErREUnUkZGK1ZB"
-      + "Oko4NzY1NDMyMSdOQUQrRFArODg4ODg4ODg4ODg4ODo6OSdOQUQrUFIrNzc3"
-      + "Nzc3Nzc3Nzc3Nzo6OSdDVVgrMjpFVVI6NCdQQVQrMzUnRFRNKzEzOjIwMTMw"
-      + "NjI0OjEwMidMSU4rMSsrMTExMTExMTExMTExMTpFTidQSUErMStBQUFBQUFB"
-      + "OlNBJ0lNRCtGK00rOjo6UFJPRFVDVCBURVNUIDEnUVRZKzQ3OjEwLjAwMCdN"
-      + "T0ErNjY6Ny4wMCdQUkkrQUFCOjEuMDAnUFJJK0FBQTowLjcwJ1JGRitPTjox"
-      + "MjM0NTYnUkZGK0RROjIyMjIyMjIyMidUQVgrNytWQVQrKys6OjoyMS4wMDAn"
-      + "QUxDK0ErKysxK1REJ1BDRCsxOjMwLjAwMCdNT0ErMjA0OjMuMDAnTElOKzIr"
-      + "KzIyMjIyMjIyMjIyMjI6RU4nUElBKzErQkJCQkJCQjpTQSdJTUQrRitNKzo6"
-      + "OlBST0RVQ1QgVEVTVCAyJ1FUWSs0NzoyMC4wMDAnTU9BKzY2OjgwLjAwJ1BS"
-      + "SStBQUI6NS4wMCdQUkkrQUFBOjQuMDAnUkZGK09OOjEyMzQ1NidSRkYrRFE6"
-      + "MjIyMjIyMjIyJ1RBWCs3K1ZBVCsrKzo6OjIxLjAwMCdBTEMrQSsrKzErVEQn"
-      + "UENEKzE6MjAuMDAwJ01PQSsyMDQ6MjAuMDAnVU5TK1MnQ05UKzI6MidNT0Er"
-      + "Nzk6ODcuMDAnTU9BKzEzOToxMDUuMjcnTU9BKzEyNTo4Ny4wMCdNT0ErMjYw"
-      + "OjAuMDAnTU9BKzI1OTowLjAwJ01PQSsxNzY6MTguMjcnVEFYKzcrVkFUKysr"
-      + "Ojo6MjEuMDAwJ01PQSsxNzY6MTguMjcnTU9BKzEyNTo4Ny4wMCc=");
-
-    private static final byte[] shortPartialSig = Base64.decode(
-        "sb8yyKk6HM1cJhICScMx7QRQunRyrZ1fbI42+T+TBGNjOknvzKuvG7aftGX7"
-      + "O/RXuYgk6LTxpXv7+O5noUhMBsR2PKaHveuylU1WSPmDxDCui3kp4frqVH0w"
-      + "8Vjpl5CsKqBsmKkbGCKE+smM0xFXhYxV8QUTB2XsWNCQiFiHPgwbpfWzZUNY"
-      + "QPWd0A99P64EuUIYz1tkkDnLFmwQ19/PJu1a8orIQInmkVYWSsBsZ/7Ks6lx"
-      + "nDHpAvgiRe+OXmJ/yuQy1O3FJYdyoqvjYRPBu3qYeBK9+9L3lExLilImH5aD"
-      + "nJznaXcO8QFOxVPbrF2s4GdPIMDonEyAHdrnzoghlg==");
-
-    private void doShortPartialTest()
-        throws Exception
-    {
-        byte[]     recovered = Hex.decode("5553482b312b534536383031353332393731392b322b312b362b322b312b313a3a393939393939393939393939393a3a392b323a3a373737373737373737373737373a3a392b2b353a32303133303430353a313133");
-        BigInteger exp = new BigInteger("10001", 16);
-        BigInteger mod = new BigInteger("b9b70b083da9e37e23cde8e654855db31e21d2d3fc11a5f91d2b3c311efa8f5e28c757dd6fc798631cb1b9d051c14119749cb122ad76e8c3fd7bd93abe282c026a14fba9f8023977a7a0d8b49a24d1ad87e4379a931846a1ef9520ea57e28c998cf65722683d0caaa0da8306973e2496a25cbd3cb4adb4b284e25604fabf12f385456c75da7c3c4cde37440cfb7db8c8fe6851e2bc59767b9f7218540238ac8acef3bc7bd3dc6671320c2c1a2ac8a6799ce1eaf62b9683ab1e1341b37b9249dbd6cd987b2f27b5c4619a1eda7f0fb0b59a519afbbc3cee640261cec90a4bb8fefbc844082dca9f549e56943e758579a453a357e6ccb37fc46718a5b8c3227e5d", 16);
-
-        AsymmetricKeyParameter pubKey = new RSAKeyParameters(false, mod, exp);
-
-        ISO9796d2PSSSigner pssSign = new ISO9796d2PSSSigner(new RSAEngine(), new SHA1Digest(), 20);
-
-        pssSign.init(false, pubKey);
-
-        pssSign.updateWithRecoveredMessage(shortPartialSig);
-
-        pssSign.update(longMessage, pssSign.getRecoveredMessage().length, longMessage.length - pssSign.getRecoveredMessage().length);
-
-        if (!pssSign.verifySignature(shortPartialSig))
-        {
-            fail("short partial PSS sig verification failed.");
-        }
-
-        byte[] mm = pssSign.getRecoveredMessage();
-
-        if (!Arrays.areEqual(recovered, mm))
-        {
-            fail("short partial PSS recovery failed");
-        }
-    }
-
-    private void doFullMessageTest()
-        throws Exception
-    {
-        BigInteger modulus = new BigInteger(1, Hex.decode("CDCBDABBF93BE8E8294E32B055256BBD0397735189BF75816341BB0D488D05D627991221DF7D59835C76A4BB4808ADEEB779E7794504E956ADC2A661B46904CDC71337DD29DDDD454124EF79CFDD7BC2C21952573CEFBA485CC38C6BD2428809B5A31A898A6B5648CAA4ED678D9743B589134B7187478996300EDBA16271A861"));
-        BigInteger pubExp = new BigInteger(1, Hex.decode("010001"));
-        BigInteger privExp = new BigInteger(1, Hex.decode("4BA6432AD42C74AA5AFCB6DF60FD57846CBC909489994ABD9C59FE439CC6D23D6DE2F3EA65B8335E796FD7904CA37C248367997257AFBD82B26F1A30525C447A236C65E6ADE43ECAAF7283584B2570FA07B340D9C9380D88EAACFFAEEFE7F472DBC9735C3FF3A3211E8A6BBFD94456B6A33C17A2C4EC18CE6335150548ED126D"));
-
-        RSAKeyParameters pubParams = new RSAKeyParameters(false, modulus, pubExp);
-        RSAKeyParameters privParams = new RSAKeyParameters(true, modulus, privExp);
-
-        AsymmetricBlockCipher rsaEngine = new RSABlindedEngine();
-
-        // set challenge to all zero's for verification
-        byte[] challenge = new byte[8];
-
-        ISO9796d2PSSSigner pssSign = new ISO9796d2PSSSigner(new RSAEngine(), new SHA256Digest(), 20, true);
-
-        pssSign.init(true, privParams);
-
-        pssSign.update(challenge, 0, challenge.length);
-
-        byte[] sig = pssSign.generateSignature();
-
-        pssSign.init(false, pubParams);
-
-        pssSign.updateWithRecoveredMessage(sig);
-
-        if (!pssSign.verifySignature(sig))
-        {
-            fail("challenge PSS sig verification failed.");
-        }
-
-        byte[] mm = pssSign.getRecoveredMessage();
-
-        if (!Arrays.areEqual(challenge, mm))
-        {
-            fail("challenge partial PSS recovery failed");
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        doTest1();
-        doTest2();
-        doTest3();
-        doTest4();
-        doTest5();
-        doTest6();
-        doTest7();
-        doTest8();
-        doTest9();
-        doTest10();
-        doTest11();
-        doTest12();
-        doTest13();
-        doShortPartialTest();
-        doFullMessageTest();
-    }
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new ISO9796Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/ISO9797Alg3MacTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/ISO9797Alg3MacTest.java
deleted file mode 100644
index 96b5fc4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/ISO9797Alg3MacTest.java
+++ /dev/null

@@ -1,126 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.engines.DESEngine;
-import org.bouncycastle.crypto.macs.ISO9797Alg3Mac;
-import org.bouncycastle.crypto.paddings.ISO7816d4Padding;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class ISO9797Alg3MacTest
-    extends SimpleTest
-{
-    static byte[] keyBytes = Hex.decode("7CA110454A1A6E570131D9619DC1376E");
-
-    static byte[] input1 = "Hello World !!!!".getBytes();
-
-    static byte[] output1 = Hex.decode("F09B856213BAB83B");
-
-    public ISO9797Alg3MacTest()
-    {
-    }
-
-    public void performTest()
-    {
-        KeyParameter key = new KeyParameter(keyBytes);
-        BlockCipher cipher = new DESEngine();
-        Mac mac = new ISO9797Alg3Mac(cipher);
-
-        //
-        // standard DAC - zero IV
-        //
-        mac.init(key);
-
-        mac.update(input1, 0, input1.length);
-
-        byte[] out = new byte[8];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output1))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output1)) + " got " + new String(Hex.encode(out)));
-        }
-
-        //
-        //  reset
-        //
-        mac.reset();
-
-        mac.init(key);
-
-        for (int i = 0; i != input1.length / 2; i++)
-        {
-            mac.update(input1[i]);
-        }
-
-        mac.update(input1, input1.length / 2, input1.length - (input1.length / 2));
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output1))
-        {
-            fail("Reset failed - expected " + new String(Hex.encode(output1)) + " got " + new String(Hex.encode(out)));
-        }
-
-        testMacWithIv();
-    }
-
-    private void testMacWithIv()
-    {
-        byte[] inputData = new byte[]{0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8};
-        byte[] key = new byte[]{0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8, 0x1, 0x2, 0x3, 0x4, 0x5, 0x6, 0x7, 0x8};
-        byte[] zeroIv = new byte[8];
-        byte[] nonZeroIv = new byte[]{0x5, 0x6, 0x7, 0x8, 0x1, 0x2, 0x3, 0x4};
-
-        KeyParameter simpleParameter = new KeyParameter(key);
-        ParametersWithIV zeroIvParameter = new ParametersWithIV(new KeyParameter(key), zeroIv);
-
-        ISO9797Alg3Mac mac1 = new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding());
-
-        // we calculate a reference MAC with a null IV
-        mac1.init(simpleParameter);
-        mac1.update(inputData, 0, inputData.length);
-        byte[] output1 = new byte[mac1.getMacSize()];
-        mac1.doFinal(output1, 0);
-
-        // we then check that passing a vector of 0s is the same as not using any IV
-        ISO9797Alg3Mac mac2 = new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding());
-        mac2.init(zeroIvParameter);
-        mac2.update(inputData, 0, inputData.length);
-        byte[] output2 = new byte[mac2.getMacSize()];
-        mac2.doFinal(output2, 0);
-        if (!Arrays.areEqual(output1, output2))
-        {
-            fail("zero IV test failed");
-        }
-
-        // and then check that a non zero IV parameter produces a different results.
-        ParametersWithIV nonZeroIvParameter = new ParametersWithIV(new KeyParameter(key), nonZeroIv);
-        mac2 = new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding());
-        mac2.init(nonZeroIvParameter);
-        mac2.update(inputData, 0, inputData.length);
-        output2 = new byte[mac2.getMacSize()];
-        mac2.doFinal(output2, 0);
-        if (Arrays.areEqual(output1, output2))
-        {
-            fail("non-zero IV test failed");
-        }
-    }
-
-    public String getName()
-    {
-        return "ISO9797Alg3Mac";
-    }
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new ISO9797Alg3MacTest());
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/IsoTrailerTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/IsoTrailerTest.java
deleted file mode 100644
index 6815af5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/IsoTrailerTest.java
+++ /dev/null

@@ -1,122 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.digests.SHA512tDigest;
-import org.bouncycastle.crypto.engines.RSAEngine;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.crypto.signers.ISO9796d2PSSSigner;
-import org.bouncycastle.crypto.signers.ISO9796d2Signer;
-import org.bouncycastle.crypto.signers.X931Signer;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class IsoTrailerTest
-    extends SimpleTest
-{
-    private static final byte[] x931SigOld = Hex.decode("33156b44e30640d14940d5f4534de6a91c945fe8355b01f66a896c41c78482ba02457d079327bd7015a875c353c6a0db356d6c568edb07dbbdb0500705e3f8aff9269f8535c1ed27edb09a1c246a366c4f638fd224389bcaebeb2dedc400990b91cddfda4ee0abc67ae1e39b139183dd6193aee9aa3616285ba928af20f89d5c");
-    private static final byte[] x931SigCorrect =  Hex.decode("3ff8d8c371503a153bb99edb1064984680ef7f70f73d08d28205b8e1ae90d7a00d78d6f16994b872bf613aafb41dd7b60fc9e964d280bde07637ec278b9491ddeeecae53e2b55302801577b20cda4ef2d4a42868de579fa5a50f2f2feb50688d893d9210469bb47134475515a7745744ba99e23d4490400e7a734e00ef2c5476");
-
-    private static final byte[] iso9796d2Old = Hex.decode("07f7c6a8726aeed821ce7af09b5eb260ade66913c5548438f5f7a613f5e96e1638c36d22d968c24abfa7b5879cbdf55985e7928553fe33a9c7e53b85daab87cc661e33cc1290832c3cfda59256f9501657efead29ee45cc06df1e1c0f3e06110e46377c6ed5ec78327d1c7787af79287e50c810ed17a2b43c56d27ec695b4dbf");
-    private static final byte[] iso9796d2Correct = Hex.decode("530c8949deb24d138b175db5be846481f8b22598fcc44476caf87fe4f5f8c9b71f9456791bf47aaafa20650fedc000251f4eee1bcaed57bd5d1b1e64b5d0e460df88e4a5266eb3969577d29a80d7d0038044247ae6fe7705f9d20d0ef42f525445de0560c9c3972c6443be779c762cfb08e403fc2f06bc8e2d7b8f3bf022160a");
-
-    private static final byte[] iso9796d2PSSOld = Hex.decode("274dbd6e3d93672ee5121022843e37f66b1ff12bb7f04cff059d76932ce9116e8b12efcd19d98a78f8c9d3f262fd3ce7c3bca0edc223f3af54e1401b37f807ef5b6d71591a22a40a34ce8abc10164138835bb63ac8eeb0223d1e1d8c5d18da2acac7f7061023597aa338c4af96bebe6c7935e0b5603cb87977b9e345f697ff98");
-    private static final byte[] iso9796d2PSSCorrect = Hex.decode("3a5c1248652cd6fd4419064b894379ad48c8596a3a5a0bdf98b6d6a9d25f5df164591beddff9e2ae88100dd165053f0edd2e4154834ea7b7c1f56312c4fe23a5407cf73a2c4540c8c19e91187f709529ebb779db2f8fa39f6bef923c392abecf9e7596927a71f62990dafd8bf00d298863d07680e75b1bb9bb655ba25ff48d1e");
-    
-    public String getName()
-    {
-        return "IsoTrailerTest";
-    }
-
-    private void x931Sha512_256Test()
-    {
-        BigInteger rsaPubMod = new BigInteger(Base64.decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt"));
-        BigInteger rsaPubExp = new BigInteger(Base64.decode("EQ=="));
-
-        RSAKeyParameters rsaPublic = new RSAKeyParameters(false, rsaPubMod, rsaPubExp);
-
-        byte[] msg = new byte[] { 1, 6, 3, 32, 7, 43, 2, 5, 7, 78, 4, 23 };
-
-        X931Signer signer = new X931Signer(new RSAEngine(), new SHA512tDigest(256));
-        signer.init(false, rsaPublic);
-        signer.update(msg, 0, msg.length);
-        if (!signer.verifySignature(x931SigCorrect))
-        {
-            fail("X9.31 Signer failed.");
-        }
-
-        signer.init(false, rsaPublic);
-        signer.update(msg, 0, msg.length);
-        if (!signer.verifySignature(x931SigOld))
-        {
-            fail("X9.31 old Signer failed.");
-        }
-    }
-
-    private void iso9796_2Sha512_256Test()
-    {
-        BigInteger rsaPubMod = new BigInteger(Base64.decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt"));
-        BigInteger rsaPubExp = new BigInteger(Base64.decode("EQ=="));
-
-        RSAKeyParameters rsaPublic = new RSAKeyParameters(false, rsaPubMod, rsaPubExp);
-
-        byte[] msg = new byte[] { 1, 6, 3, 32, 7, 43, 2, 5, 7, 78, 4, 23 };
-
-        ISO9796d2Signer signer = new ISO9796d2Signer(new RSAEngine(), new SHA512tDigest(256));
-
-        signer.init(false, rsaPublic);
-        signer.update(msg, 0, msg.length);
-        if (!signer.verifySignature(iso9796d2Correct))
-        {
-            fail("ISO9796-2 Signer failed.");
-        }
-
-        signer.init(false, rsaPublic);
-        signer.update(msg, 0, msg.length);
-        if (!signer.verifySignature(iso9796d2Old))
-        {
-            fail("ISO9796-2 old Signer failed.");
-        }
-    }
-
-    private void iso9796_2PSSSha512_256Test()
-    {
-        BigInteger rsaPubMod = new BigInteger(Base64.decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt"));
-        BigInteger rsaPubExp = new BigInteger(Base64.decode("EQ=="));
-
-        RSAKeyParameters rsaPublic = new RSAKeyParameters(false, rsaPubMod, rsaPubExp);
-
-        byte[] msg = new byte[] { 1, 6, 3, 32, 7, 43, 2, 5, 7, 78, 4, 23 };
-
-        ISO9796d2PSSSigner signer = new ISO9796d2PSSSigner(new RSAEngine(), new SHA512tDigest(256), 32);
-
-        signer.init(false, rsaPublic);
-        signer.update(msg, 0, msg.length);
-        if (!signer.verifySignature(iso9796d2PSSCorrect))
-        {
-            fail("ISO9796-2PSS Signer failed.");
-        }
-
-        signer.init(false, rsaPublic);
-        signer.update(msg, 0, msg.length);
-        if (!signer.verifySignature(iso9796d2PSSOld))
-        {
-            fail("ISO9796-2PSS old Signer failed.");
-        }
-    }
-    
-    public void performTest()
-        throws Exception
-    {
-        x931Sha512_256Test();
-        iso9796_2Sha512_256Test();
-        iso9796_2PSSSha512_256Test();
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new IsoTrailerTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/JournalingSecureRandomTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/JournalingSecureRandomTest.java
deleted file mode 100644
index a0623e0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/JournalingSecureRandomTest.java
+++ /dev/null

@@ -1,53 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.util.JournalingSecureRandom;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class JournalingSecureRandomTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "JournalingSecureRandom";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        SecureRandom rand = new SecureRandom();
-
-        JournalingSecureRandom jRandom1 = new JournalingSecureRandom(rand);
-
-        byte[] base = new byte[1024];
-
-        jRandom1.nextBytes(base);
-
-        byte[] transcript = jRandom1.getTranscript();
-
-        byte[] block = new byte[512];
-
-        JournalingSecureRandom jRandom2 = new JournalingSecureRandom(transcript, rand);
-
-        jRandom2.nextBytes(block);
-
-        areEqual(Arrays.copyOfRange(base, 0, 512), block);
-
-        jRandom2.nextBytes(block);
-
-        areEqual(Arrays.copyOfRange(base, 512, 1024), block);
-
-        jRandom2.nextBytes(block);
-
-        isTrue(!Arrays.areEqual(Arrays.copyOfRange(base, 0, 512), block));
-
-    }
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new JournalingSecureRandomTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/KDF1GeneratorTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/KDF1GeneratorTest.java
deleted file mode 100644
index 62f9997..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/KDF1GeneratorTest.java
+++ /dev/null

@@ -1,93 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.DerivationFunction;
-import org.bouncycastle.crypto.digests.ShortenedDigest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.generators.KDF1BytesGenerator;
-import org.bouncycastle.crypto.params.ISO18033KDFParameters;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * KDF1 tests - vectors from ISO 18033.
- */
-public class KDF1GeneratorTest
-    extends SimpleTest
-{
-    private byte[] seed1 = Hex.decode("d6e168c5f256a2dcff7ef12facd390f393c7a88d");
-    private byte[] mask1 = Hex.decode(
-            "0742ba966813af75536bb6149cc44fc256fd6406df79665bc31dc5"
-          + "a62f70535e52c53015b9d37d412ff3c1193439599e1b628774c50d9c"
-          + "cb78d82c425e4521ee47b8c36a4bcffe8b8112a89312fc04420a39de"
-          + "99223890e74ce10378bc515a212b97b8a6447ba6a8870278");
-
-    private byte[] seed2 = Hex.decode(
-             "032e45326fa859a72ec235acff929b15d1372e30b207255f0611b8f785d7643741" 
-           + "52e0ac009e509e7ba30cd2f1778e113b64e135cf4e2292c75efe5288edfda4");
-    private byte[] mask2 = Hex.decode(
-             "5f8de105b5e96b2e490ddecbd147dd1def7e3b8e0e6a26eb7b956ccb8b3bdc1ca9" 
-           + "75bc57c3989e8fbad31a224655d800c46954840ff32052cdf0d640562bdfadfa263c" 
-           + "fccf3c52b29f2af4a1869959bc77f854cf15bd7a25192985a842dbff8e13efee5b7e" 
-           + "7e55bbe4d389647c686a9a9ab3fb889b2d7767d3837eea4e0a2f04");
-    
-    private byte[] seed3 = seed2;
-    private byte[] mask3= Hex.decode(
-             "09e2decf2a6e1666c2f6071ff4298305e2643fd510a2403db42a8743cb989de86e"
-           + "668d168cbe604611ac179f819a3d18412e9eb45668f2923c087c12fee0c5a0d2a8aa"
-           + "70185401fbbd99379ec76c663e875a60b4aacb1319fa11c3365a8b79a44669f26fb5"
-           + "55c80391847b05eca1cb5cf8c2d531448d33fbaca19f6410ee1fcb");
-
-
-    public KDF1GeneratorTest()
-    {
-    }
-    
-    public void performTest()
-    {
-        checkMask(1, new KDF1BytesGenerator(new ShortenedDigest(new SHA256Digest(), 20)), seed1, mask1);
-        checkMask(2, new KDF1BytesGenerator(new SHA1Digest()), seed2, mask2);
-        checkMask(3, new KDF1BytesGenerator(new ShortenedDigest(new SHA256Digest(), 20)), seed3, mask3);
-        
-        try
-        {
-            new KDF1BytesGenerator(new SHA1Digest()).generateBytes(new byte[10], 0, 20);
-            
-            fail("short input array not caught");
-        }
-        catch (DataLengthException e)
-        {
-            // expected 
-        }
-    }
-    
-    private void checkMask(
-        int                count,
-        DerivationFunction kdf,
-        byte[]             seed,
-        byte[]             result)
-    {
-        byte[]             data = new byte[result.length];
-        
-        kdf.init(new ISO18033KDFParameters(seed));
-        
-        kdf.generateBytes(data, 0, data.length);
-        
-        if (!areEqual(result, data))
-        {
-            fail("KDF1 failed generator test " + count);
-        }
-    }
-
-    public String getName()
-    {
-        return "KDF1";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new KDF1GeneratorTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/KDF2GeneratorTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/KDF2GeneratorTest.java
deleted file mode 100644
index 84a435a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/KDF2GeneratorTest.java
+++ /dev/null

@@ -1,105 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.DerivationFunction;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.ShortenedDigest;
-import org.bouncycastle.crypto.generators.KDF2BytesGenerator;
-import org.bouncycastle.crypto.params.KDFParameters;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * KDF2 tests - vectors from ISO 18033.
- */
-public class KDF2GeneratorTest
-    extends SimpleTest
-{
-    private byte[] seed1 = Hex.decode("d6e168c5f256a2dcff7ef12facd390f393c7a88d");
-    private byte[] mask1 = Hex.decode(
-            "df79665bc31dc5a62f70535e52c53015b9d37d412ff3c119343959"
-          + "9e1b628774c50d9ccb78d82c425e4521ee47b8c36a4bcffe8b8112a8"
-          + "9312fc04420a39de99223890e74ce10378bc515a212b97b8a6447ba6"
-          + "a8870278f0262727ca041fa1aa9f7b5d1cf7f308232fe861");
-    
-    private byte[] seed2 = Hex.decode(
-             "032e45326fa859a72ec235acff929b15d1372e30b207255f0611b8f785d7643741" 
-           + "52e0ac009e509e7ba30cd2f1778e113b64e135cf4e2292c75efe5288edfda4");
-    private byte[] mask2 = Hex.decode(
-             "10a2403db42a8743cb989de86e668d168cbe604611ac179f819a3d18412e9eb456" 
-           + "68f2923c087c12fee0c5a0d2a8aa70185401fbbd99379ec76c663e875a60b4aacb13"
-           + "19fa11c3365a8b79a44669f26fb555c80391847b05eca1cb5cf8c2d531448d33fbac"
-           + "a19f6410ee1fcb260892670e0814c348664f6a7248aaf998a3acc6");
-    private byte[] adjustedMask2 = Hex.decode(
-             "10a2403db42a8743cb989de86e668d168cbe6046e23ff26f741e87949a3bba1311ac1"
-           + "79f819a3d18412e9eb45668f2923c087c1299005f8d5fd42ca257bc93e8fee0c5a0d2"
-           + "a8aa70185401fbbd99379ec76c663e9a29d0b70f3fe261a59cdc24875a60b4aacb131"
-           + "9fa11c3365a8b79a44669f26fba933d012db213d7e3b16349");
-
-    private byte[] sha1Mask = Hex.decode(
-             "0e6a26eb7b956ccb8b3bdc1ca975bc57c3989e8fbad31a224655d800c46954840ff32"
-           + "052cdf0d640562bdfadfa263cfccf3c52b29f2af4a1869959bc77f854cf15bd7a2519"
-           + "2985a842dbff8e13efee5b7e7e55bbe4d389647c686a9a9ab3fb889b2d7767d3837ee"
-           + "a4e0a2f04b53ca8f50fb31225c1be2d0126c8c7a4753b0807");
-
-    private byte[] seed3 = Hex.decode("CA7C0F8C3FFA87A96E1B74AC8E6AF594347BB40A");
-    private byte[] mask3 = Hex.decode("744AB703F5BC082E59185F6D049D2D367DB245C2");
-
-    private byte[] seed4 = Hex.decode("0499B502FC8B5BAFB0F4047E731D1F9FD8CD0D8881");
-    private byte[] mask4 = Hex.decode("03C62280C894E103C680B13CD4B4AE740A5EF0C72547292F82DC6B1777F47D63BA9D1EA732DBF386");
-
-    public KDF2GeneratorTest()
-    {
-    }
-    
-    public void performTest()
-    {
-        checkMask(1, new KDF2BytesGenerator(new ShortenedDigest(new SHA256Digest(), 20)), seed1, mask1);
-        checkMask(2, new KDF2BytesGenerator(new ShortenedDigest(new SHA256Digest(), 20)), seed2, mask2);
-        checkMask(3, new KDF2BytesGenerator(new SHA256Digest()), seed2, adjustedMask2);
-        checkMask(4, new KDF2BytesGenerator(new SHA1Digest()), seed2, sha1Mask);
-        checkMask(5, new KDF2BytesGenerator(new SHA1Digest()), seed3, mask3);
-        checkMask(6, new KDF2BytesGenerator(new SHA1Digest()), seed4, mask4);
-        
-        try
-        {
-            new KDF2BytesGenerator(new SHA1Digest()).generateBytes(new byte[10], 0, 20);
-            
-            fail("short input array not caught");
-        }
-        catch (DataLengthException e)
-        {
-            // expected 
-        }
-    }
-    
-    private void checkMask(
-        int                count,
-        DerivationFunction kdf,
-        byte[]             seed,
-        byte[]             result)
-    {
-        byte[]             data = new byte[result.length];
-        
-        kdf.init(new KDFParameters(seed, new byte[0]));
-        
-        kdf.generateBytes(data, 0, data.length);
-        
-        if (!areEqual(result, data))
-        {
-            fail("KDF2 failed generator test " + count);
-        }
-    }
-
-    public String getName()
-    {
-        return "KDF2";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new KDF2GeneratorTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/KDFCounterGeneratorTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/KDFCounterGeneratorTest.java
deleted file mode 100644
index 7078da2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/KDFCounterGeneratorTest.java
+++ /dev/null

@@ -1,51 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.io.Reader;
-import java.nio.charset.Charset;
-
-import org.bouncycastle.crypto.test.cavp.CAVPReader;
-import org.bouncycastle.crypto.test.cavp.KDFCounterTests;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class KDFCounterGeneratorTest
-    extends SimpleTest
-{
-
-    private static void testCounter()
-    {
-
-        CAVPReader cavpReader = new CAVPReader(new KDFCounterTests());
-
-        final InputStream stream = CAVPReader.class.getResourceAsStream("KDFCTR_gen.rsp");
-        final Reader reader = new InputStreamReader(stream, Charset.forName("UTF-8"));
-        cavpReader.setInput("KDFCounter", reader);
-
-        try
-        {
-            cavpReader.readAll();
-        }
-        catch (IOException e)
-        {
-            throw new IllegalStateException("Something is rotten in the state of Denmark", e);
-        }
-    }
-
-    public String getName()
-    {
-        return this.getClass().getSimpleName();
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        testCounter();
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new KDFCounterGeneratorTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/KDFDoublePipelineIteratorGeneratorTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/KDFDoublePipelineIteratorGeneratorTest.java
deleted file mode 100644
index 37aaf66..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/KDFDoublePipelineIteratorGeneratorTest.java
+++ /dev/null

@@ -1,72 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.io.Reader;
-import java.nio.charset.Charset;
-
-import org.bouncycastle.crypto.test.cavp.CAVPReader;
-import org.bouncycastle.crypto.test.cavp.KDFDoublePipelineCounterTests;
-import org.bouncycastle.crypto.test.cavp.KDFDoublePipelineIterationNoCounterTests;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class KDFDoublePipelineIteratorGeneratorTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return this.getClass().getSimpleName();
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        testDoublePipelineIterationCounter();
-        testDoublePipelineIterationNoCounter();
-    }
-
-    private static void testDoublePipelineIterationCounter()
-    {
-
-        CAVPReader cavpReader = new CAVPReader(new KDFDoublePipelineCounterTests());
-
-        final InputStream stream = CAVPReader.class.getResourceAsStream("KDFDblPipelineCounter_gen.rsp");
-        final Reader reader = new InputStreamReader(stream, Charset.forName("UTF-8"));
-        cavpReader.setInput("KDFDoublePipelineIterationCounter", reader);
-
-        try
-        {
-            cavpReader.readAll();
-        }
-        catch (IOException e)
-        {
-            throw new IllegalStateException("Something is rotten in the state of Denmark", e);
-        }
-    }
-
-    private static void testDoublePipelineIterationNoCounter()
-    {
-
-        CAVPReader cavpReader = new CAVPReader(new KDFDoublePipelineIterationNoCounterTests());
-
-        final InputStream stream = CAVPReader.class.getResourceAsStream("KDFDblPipelineNoCounter_gen.rsp");
-        final Reader reader = new InputStreamReader(stream, Charset.forName("UTF-8"));
-        cavpReader.setInput("KDFDblPipelineIterationNoCounter", reader);
-
-        try
-        {
-            cavpReader.readAll();
-        }
-        catch (IOException e)
-        {
-            throw new IllegalStateException("Something is rotten in the state of Denmark", e);
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new KDFDoublePipelineIteratorGeneratorTest());
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/KDFFeedbackGeneratorTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/KDFFeedbackGeneratorTest.java
deleted file mode 100644
index 0eba706..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/KDFFeedbackGeneratorTest.java
+++ /dev/null

@@ -1,71 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.io.Reader;
-import java.nio.charset.Charset;
-
-import org.bouncycastle.crypto.test.cavp.CAVPReader;
-import org.bouncycastle.crypto.test.cavp.KDFFeedbackCounterTests;
-import org.bouncycastle.crypto.test.cavp.KDFFeedbackNoCounterTests;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class KDFFeedbackGeneratorTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return this.getClass().getSimpleName();
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        testFeedbackCounter();
-        testFeedbackNoCounter();
-    }
-
-    private static void testFeedbackCounter()
-    {
-
-        CAVPReader cavpReader = new CAVPReader(new KDFFeedbackCounterTests());
-
-        final InputStream stream = CAVPReader.class.getResourceAsStream("KDFFeedbackCounter_gen.rsp");
-        final Reader reader = new InputStreamReader(stream, Charset.forName("UTF-8"));
-        cavpReader.setInput("KDFFeedbackCounter", reader);
-
-        try
-        {
-            cavpReader.readAll();
-        }
-        catch (IOException e)
-        {
-            throw new IllegalStateException("Something is rotten in the state of Denmark ", e);
-        }
-    }
-
-    private static void testFeedbackNoCounter()
-    {
-
-        CAVPReader cavpReader = new CAVPReader(new KDFFeedbackNoCounterTests());
-
-        final InputStream stream = CAVPReader.class.getResourceAsStream("KDFFeedbackNoCounter_gen.rsp");
-        final Reader reader = new InputStreamReader(stream, Charset.forName("UTF-8"));
-        cavpReader.setInput("KDFFeedbackNoCounter", reader);
-
-        try
-        {
-            cavpReader.readAll();
-        }
-        catch (IOException e)
-        {
-            throw new IllegalStateException("Something is rotten in the state of Denmark", e);
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new KDFDoublePipelineIteratorGeneratorTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/KeccakDigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/KeccakDigestTest.java
deleted file mode 100644
index fc566d3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/KeccakDigestTest.java
+++ /dev/null

@@ -1,364 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.digests.KeccakDigest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Keccak Digest Test
- */
-public class KeccakDigestTest
-    extends SimpleTest
-{
-    final static String[] messages = {
-        "",
-        "54686520717569636b2062726f776e20666f78206a756d7073206f76657220746865206c617a7920646f67",
-        "54686520717569636b2062726f776e20666f78206a756d7073206f76657220746865206c617a7920646f672e"
-    };
-
-    final static String[] digests288 = { // the default settings
-        "6753e3380c09e385d0339eb6b050a68f66cfd60a73476e6fd6adeb72f5edd7c6f04a5d01",  // message[0]    
-        "0bbe6afae0d7e89054085c1cc47b1689772c89a41796891e197d1ca1b76f288154933ded",  // message[1]
-        "82558a209b960ddeb531e6dcb281885b2400ca160472462486e79f071e88a3330a8a303d",  // message[2]
-        "94049e1ad7ef5d5b0df2b880489e7ab09ec937c3bfc1b04470e503e1ac7b1133c18f86da",  // 64k a-test
-        "a9cb5a75b5b81b7528301e72553ed6770214fa963956e790528afe420de33c074e6f4220",  // random alphabet test
-        "eadaf5ba2ad6a2f6f338fce0e1efdad2a61bb38f6be6068b01093977acf99e97a5d5827c"   // extremely long data test
-    };
-
-    final static String[] digests224 = {
-        "f71837502ba8e10837bdd8d365adb85591895602fc552b48b7390abd",
-        "310aee6b30c47350576ac2873fa89fd190cdc488442f3ef654cf23fe",
-        "c59d4eaeac728671c635ff645014e2afa935bebffdb5fbd207ffdeab",
-        "f621e11c142fbf35fa8c22841c3a812ba1e0151be4f38d80b9f1ff53",
-        "68b5fc8c87193155bba68a2485377e809ee4f81a85ef023b9e64add0",
-        "c42e4aee858e1a8ad2976896b9d23dd187f64436ee15969afdbc68c5"
-    };
-
-    final static String[] digests256 = {
-        "c5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470",
-        "4d741b6f1eb29cb2a9b9911c82f56fa8d73b04959d3d9d222895df6c0b28aa15",
-        "578951e24efd62a3d63a86f7cd19aaa53c898fe287d2552133220370240b572d",
-        "0047a916daa1f92130d870b542e22d3108444f5a7e4429f05762fb647e6ed9ed",
-        "db368762253ede6d4f1db87e0b799b96e554eae005747a2ea687456ca8bcbd03",
-        "5f313c39963dcf792b5470d4ade9f3a356a3e4021748690a958372e2b06f82a4"
-    };
-
-    final static String[] digests384 = {
-        "2c23146a63a29acf99e73b88f8c24eaa7dc60aa771780ccc006afbfa8fe2479b2dd2b21362337441ac12b515911957ff",
-        "283990fa9d5fb731d786c5bbee94ea4db4910f18c62c03d173fc0a5e494422e8a0b3da7574dae7fa0baf005e504063b3",
-        "9ad8e17325408eddb6edee6147f13856ad819bb7532668b605a24a2d958f88bd5c169e56dc4b2f89ffd325f6006d820b",
-        "c704cfe7a1a53208ca9526cd24251e0acdc252ecd978eee05acd16425cfb404ea81f5a9e2e5e97784d63ee6a0618a398",
-        "d4fe8586fd8f858dd2e4dee0bafc19b4c12b4e2a856054abc4b14927354931675cdcaf942267f204ea706c19f7beefc4",
-        "9b7168b4494a80a86408e6b9dc4e5a1837c85dd8ff452ed410f2832959c08c8c0d040a892eb9a755776372d4a8732315"
-    };
-
-    final static String[] digests512 = {
-        "0eab42de4c3ceb9235fc91acffe746b29c29a8c366b7c60e4e67c466f36a4304c00fa9caf9d87976ba469bcbe06713b435f091ef2769fb160cdab33d3670680e",
-        "d135bb84d0439dbac432247ee573a23ea7d3c9deb2a968eb31d47c4fb45f1ef4422d6c531b5b9bd6f449ebcc449ea94d0a8f05f62130fda612da53c79659f609",
-        "ab7192d2b11f51c7dd744e7b3441febf397ca07bf812cceae122ca4ded6387889064f8db9230f173f6d1ab6e24b6e50f065b039f799f5592360a6558eb52d760",
-        "34341ead153aa1d1fdcf6cf624c2b4f6894b6fd16dc38bd4ec971ac0385ad54fafcb2e0ed86a1e509456f4246fdcb02c3172824cd649d9ad54c51f7fb49ea67c",
-        "dc44d4f4d36b07ab5fc04016cbe53548e5a7778671c58a43cb379fd00c06719b8073141fc22191ffc3db5f8b8983ae8341fa37f18c1c969664393aa5ceade64e",
-        "3e122edaf37398231cfaca4c7c216c9d66d5b899ec1d7ac617c40c7261906a45fc01617a021e5da3bd8d4182695b5cb785a28237cbb167590e34718e56d8aab8"
-    };
-
-    // test vectors from  http://www.di-mgt.com.au/hmac_sha3_testvectors.html
-    final static byte[][] macKeys =
-    {
-        Hex.decode("0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b"),
-        Hex.decode("4a656665"),
-        Hex.decode("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"),
-        Hex.decode("0102030405060708090a0b0c0d0e0f10111213141516171819"),
-        Hex.decode("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +
-                   "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +
-                   "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +
-                   "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +
-                   "aaaaaa"),
-        Hex.decode("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +
-                   "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +
-                   "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +
-                   "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +
-                   "aaaaaa"),
-        Hex.decode("aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +
-                   "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +
-                   "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +
-                   "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa" +
-                   "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa")
-    };
-
-    final static String[] macData =
-    {
-        "4869205468657265",
-        "7768617420646f2079612077616e7420666f72206e6f7468696e673f",
-        "dddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd" +
-            "dddddddddddddddddddddddddddddddddddd",
-        "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd" +
-            "cdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd",
-        "54657374205573696e67204c6172676572205468616e20426c6f636b2d53697a" +
-            "65204b6579202d2048617368204b6579204669727374",
-        "5468697320697320612074657374207573696e672061206c6172676572207468" +
-            "616e20626c6f636b2d73697a65206b657920616e642061206c61726765722074" +
-            "68616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565" +
-            "647320746f20626520686173686564206265666f7265206265696e6720757365" +
-            "642062792074686520484d414320616c676f726974686d2e",
-        "5468697320697320612074657374207573696e672061206c6172676572207468" +
-            "616e20626c6f636b2d73697a65206b657920616e642061206c61726765722074" +
-            "68616e20626c6f636b2d73697a6520646174612e20546865206b6579206e6565" +
-            "647320746f20626520686173686564206265666f7265206265696e6720757365\n" +
-            "642062792074686520484d414320616c676f726974686d2e"
-    };
-
-    final static String[] mac224 =
-    {
-        "b73d595a2ba9af815e9f2b4e53e78581ebd34a80b3bbaac4e702c4cc",
-        "e824fec96c074f22f99235bb942da1982664ab692ca8501053cbd414",
-        "770df38c99d6e2bacd68056dcfe07d4c89ae20b2686a6185e1faa449",
-        "305a8f2dfb94bad28861a03cbc4d590febe775c58cb4961c28428a0b",
-        "e7a52dfa45f95a217c100066b239aa8ad519be9b35d667268b1b57ff",
-        "ba13009405a929f398b348885caa5419191bb948ada32194afc84104",
-        "92649468be236c3c72c189909c063b13f994be05749dc91310db639e"
-    };
-
-    final static String[] mac256 =
-    {
-        "9663d10c73ee294054dc9faf95647cb99731d12210ff7075fb3d3395abfb9821",
-        "aa9aed448c7abc8b5e326ffa6a01cdedf7b4b831881468c044ba8dd4566369a1",
-        "95f43e50f8df80a21977d51a8db3ba572dcd71db24687e6f86f47c1139b26260",
-        "6331ba9b4af5804a68725b3663eb74814494b63c6093e35fb320a85d507936fd",
-        "b4d0cdee7ec2ba81a88b86918958312300a15622377929a054a9ce3ae1fac2b6",
-        "1fdc8cb4e27d07c10d897dec39c217792a6e64fa9c63a77ce42ad106ef284e02",
-        "fdaa10a0299aecff9bb411cf2d7748a4022e4a26be3fb5b11b33d8c2b7ef5484"
-    };
-
-    final static String[] mac384 =
-    {
-        "892dfdf5d51e4679bf320cd16d4c9dc6f749744608e003add7fba894acff87361efa4e5799be06b6461f43b60ae97048",
-        "5af5c9a77a23a6a93d80649e562ab77f4f3552e3c5caffd93bdf8b3cfc6920e3023fc26775d9df1f3c94613146ad2c9d",
-        "4243c29f2201992ff96441e3b91ff81d8c601d706fbc83252684a4bc51101ca9b2c06ddd03677303c502ac5331752a3c",
-        "b730724d3d4090cda1be799f63acbbe389fef7792fc18676fa5453aab398664650ed029c3498bbe8056f06c658e1e693",
-        "d62482ef601d7847439b55236e9679388ffcd53c62cd126f39be6ea63de762e26cd5974cb9a8de401b786b5555040f6f",
-        "4860ea191ac34994cf88957afe5a836ef36e4cc1a66d75bf77defb7576122d75f60660e4cf731c6effac06402787e2b9",
-        "fe9357e3cfa538eb0373a2ce8f1e26ad6590afdaf266f1300522e8896d27e73f654d0631c8fa598d4bb82af6b744f4f5"
-    };
-
-    final static String[] mac512 =
-    {
-        "8852c63be8cfc21541a4ee5e5a9a852fc2f7a9adec2ff3a13718ab4ed81aaea0b87b7eb397323548e261a64e7fc75198f6663a11b22cd957f7c8ec858a1c7755",
-        "c2962e5bbe1238007852f79d814dbbecd4682e6f097d37a363587c03bfa2eb0859d8d9c701e04cececfd3dd7bfd438f20b8b648e01bf8c11d26824b96cebbdcb",
-        "eb0ed9580e0ec11fc66cbb646b1be904eaff6da4556d9334f65ee4b2c85739157bae9027c51505e49d1bb81cfa55e6822db55262d5a252c088a29a5e95b84a66",
-        "b46193bb59f4f696bf702597616da91e2a4558a593f4b015e69141ba81e1e50ea580834c2b87f87baa25a3a03bfc9bb389847f2dc820beae69d30c4bb75369cb",
-        "d05888a6ebf8460423ea7bc85ea4ffda847b32df32291d2ce115fd187707325c7ce4f71880d91008084ce24a38795d20e6a28328a0f0712dc38253370da3ebb5",
-        "2c6b9748d35c4c8db0b4407dd2ed2381f133bdbd1dfaa69e30051eb6badfcca64299b88ae05fdbd3dd3dd7fe627e42e39e48b0fe8c7f1e85f2dbd52c2d753572",
-        "6adc502f14e27812402fc81a807b28bf8a53c87bea7a1df6256bf66f5de1a4cb741407ad15ab8abc136846057f881969fbb159c321c904bfb557b77afb7778c8"
-    };
-
-    final static KeyParameter truncKey = new KeyParameter(Hex.decode("0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c"));
-    final static byte[]       truncData = Hex.decode("546573742057697468205472756e636174696f6e");
-
-    final static byte[]       trunc224 = Hex.decode("f52bbcfd654264e7133085c5e69b72c3");
-    final static byte[]       trunc256 = Hex.decode("745e7e687f8335280d54202ef13cecc6");
-    final static byte[]       trunc384 = Hex.decode("fa9aea2bc1e181e47cbb8c3df243814d");
-    final static byte[]       trunc512 = Hex.decode("04c929fead434bba190dacfa554ce3f5");
-
-    final static byte[]       xtremeData = Hex.decode("61626364656667686263646566676869636465666768696a6465666768696a6b65666768696a6b6c666768696a6b6c6d6768696a6b6c6d6e68696a6b6c6d6e6f");
-
-    KeccakDigestTest()
-    {
-    }
-
-    public String getName()
-    {
-        return "Keccak";
-    }
-
-    private void testDigest(Digest digest, String[] expected)
-    {
-        byte[] hash = new byte[digest.getDigestSize()];
-
-        for (int i = 0; i != messages.length; i++)
-        {
-            if (messages.length != 0)
-            {
-                byte[] data = Hex.decode(messages[i]);
-
-                digest.update(data, 0, data.length);
-            }
-
-            digest.doFinal(hash, 0);
-
-            if (!Arrays.areEqual(Hex.decode(expected[i]), hash))
-            {
-                fail("Keccak mismatch on " + digest.getAlgorithmName() + " index " + i);
-            }
-        }
-
-        byte[] k64 = new byte[1024 * 64];
-
-        for (int i = 0; i != k64.length; i++)
-        {
-            k64[i] = (byte)'a';
-        }
-
-        digest.update(k64, 0, k64.length);
-
-        digest.doFinal(hash, 0);
-
-        if (!Arrays.areEqual(Hex.decode(expected[messages.length]), hash))
-        {
-            fail("Keccak mismatch on " + digest.getAlgorithmName() + " 64k a");
-        }
-
-        for (int i = 0; i != k64.length; i++)
-        {
-            digest.update((byte)'a');
-        }
-
-        digest.doFinal(hash, 0);
-
-        if (!Arrays.areEqual(Hex.decode(expected[messages.length]), hash))
-        {
-            fail("Keccak mismatch on " + digest.getAlgorithmName() + " 64k a single");
-        }
-
-
-        for (int i = 0; i != k64.length; i++)
-        {
-            k64[i] = (byte)('a' + (i % 26));
-        }
-
-        digest.update(k64, 0, k64.length);
-
-        digest.doFinal(hash, 0);
-
-        if (!Arrays.areEqual(Hex.decode(expected[messages.length + 1]), hash))
-        {
-            fail("Keccak mismatch on " + digest.getAlgorithmName() + " 64k alpha");
-        }
-
-        for (int i = 0; i != 64; i++)
-        {
-            digest.update(k64[i * 1024]);
-            digest.update(k64, i * 1024 + 1, 1023);
-        }
-
-        digest.doFinal(hash, 0);
-
-        if (!Arrays.areEqual(Hex.decode(expected[messages.length + 1]), hash))
-        {
-            fail("Keccak mismatch on " + digest.getAlgorithmName() + " 64k chunked alpha");
-        }
-
-        testDigestDoFinal(digest);
-        
-        //
-        // extremely long data test
-        //
-//        long start = System.currentTimeMillis();
-//        System.out.println("Starting very long");
-//        for (int i = 0; i != 16384; i++)
-//        {
-//            for (int j = 0; j != 1024; j++)
-//            {
-//                digest.update(xtremeData, 0, xtremeData.length);
-//            }
-//        }
-//
-//        digest.doFinal(hash, 0);
-//
-//        if (!Arrays.areEqual(Hex.decode(expected[messages.length + 2]), hash))
-//        {
-//            fail("Keccak mismatch on " + digest.getAlgorithmName() + " extreme data test");
-//        }
-//        System.out.println("Done " + (System.currentTimeMillis() - start));
-    }
-
-    private void testDigestDoFinal(Digest digest)
-    {
-        byte[] hash = new byte[digest.getDigestSize()];
-        digest.doFinal(hash, 0);
-
-        for (int i = 0; i <= digest.getDigestSize(); ++i)
-        {
-            byte[] cmp = new byte[2 * digest.getDigestSize()];
-            System.arraycopy(hash, 0, cmp, i, hash.length);
-
-            byte[] buf = new byte[2 * digest.getDigestSize()];
-            digest.doFinal(buf, i);
-
-            if (!Arrays.areEqual(cmp, buf))
-            {
-                fail("Keccak offset doFinal on " + digest.getAlgorithmName());
-            }
-        }
-    }
-
-    private void testMac(Digest digest, byte[][] keys, String[] data, String[] expected, byte[] truncExpected)
-    {
-        Mac mac = new HMac(digest);
-
-        for (int i = 0; i != keys.length; i++)
-        {
-            mac.init(new KeyParameter(keys[i]));
-
-            byte[] mData = Hex.decode(data[i]);
-
-            mac.update(mData, 0, mData.length);
-
-            byte[] macV = new byte[mac.getMacSize()];
-
-            mac.doFinal(macV, 0);
-
-            if (!Arrays.areEqual(Hex.decode(expected[i]), macV))
-            {
-                fail("Keccak HMAC mismatch on " + digest.getAlgorithmName());
-            }
-        }
-
-        mac = new HMac(digest);
-
-        mac.init(truncKey);
-
-        mac.update(truncData, 0, truncData.length);
-
-        byte[] macV = new byte[mac.getMacSize()];
-
-        mac.doFinal(macV, 0);
-
-        for (int i = 0; i != truncExpected.length; i++)
-        {
-            if (macV[i] != truncExpected[i])
-            {
-                fail("mismatch on truncated HMAC for " + digest.getAlgorithmName());
-            }
-        }
-    }
-
-    public void performTest() throws Exception
-    {
-        testDigest(new KeccakDigest(), digests288);
-        testDigest(new KeccakDigest(224), digests224);
-        testDigest(new KeccakDigest(256), digests256);
-        testDigest(new KeccakDigest(384), digests384);
-        testDigest(new KeccakDigest(512), digests512);
-
-        testMac(new KeccakDigest(224), macKeys, macData, mac224, trunc224);
-        testMac(new KeccakDigest(256), macKeys, macData, mac256, trunc256);
-        testMac(new KeccakDigest(384), macKeys, macData, mac384, trunc384);
-        testMac(new KeccakDigest(512), macKeys, macData, mac512, trunc512);
-    }
-
-    protected Digest cloneDigest(Digest digest)
-    {
-        return new KeccakDigest((KeccakDigest)digest);
-    }
-    
-    public static void main(
-        String[]    args)
-    {
-        runTest(new KeccakDigestTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/MD2DigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/MD2DigestTest.java
deleted file mode 100644
index 443ec2e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/MD2DigestTest.java
+++ /dev/null

@@ -1,52 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.MD2Digest;
-
-/**
- * standard vector test for MD2
- * from RFC1319 by B.Kaliski of RSA Laboratories April 1992
- *
- */
-public class MD2DigestTest
-    extends DigestTest
-{
-    static final String messages[] =
-    {
-        "",
-        "a",
-        "abc",
-        "message digest",
-        "abcdefghijklmnopqrstuvwxyz",
-        "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
-        "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
-    };
-    
-    static final String digests[] =
-    { 
-        "8350e5a3e24c153df2275c9f80692773",
-        "32ec01ec4a6dac72c0ab96fb34c0b5d1",
-        "da853b0d3f88d99b30283a69e6ded6bb",
-        "ab4f496bfb2a530b219ff33031fe06b0",
-        "4e8ddff3650292ab5a4108c3aa47940b",
-        "da33def2a42df13975352846c30338cd",
-        "d5976f79d83d3a0dc9806c3c66f3efd8" 
-    };
-    
-    MD2DigestTest()
-    {
-        super(new MD2Digest(), messages, digests);
-    }
- 
-    protected Digest cloneDigest(
-        Digest digest)
-    {
-        return new MD2Digest((MD2Digest)digest);
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new MD2DigestTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/MD4DigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/MD4DigestTest.java
deleted file mode 100644
index d57a29c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/MD4DigestTest.java
+++ /dev/null

@@ -1,43 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.MD4Digest;
-
-/**
- * standard vector test for MD4 from RFC 1320.
- */
-public class MD4DigestTest
-    extends DigestTest
-{
-    static private String[] messages =
-    {
-        "",
-        "a",
-        "abc",
-        "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
-    };
-    
-    static private String[] digests =
-    {
-        "31d6cfe0d16ae931b73c59d7e0c089c0",
-        "bde52cb31de33e46245e05fbdbd6fb24",
-        "a448017aaf21d8525fc10ae87aa6729d",
-        "e33b4ddc9c38f2199c3e7b164fcc0536"
-    };
-
-    MD4DigestTest()
-    {
-        super(new MD4Digest(), messages, digests);
-    }
-
-    protected Digest cloneDigest(Digest digest)
-    {
-        return new MD4Digest((MD4Digest)digest);
-    }
-    
-    public static void main(
-        String[]    args)
-    {
-        runTest(new MD4DigestTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/MD5DigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/MD5DigestTest.java
deleted file mode 100644
index 19d3735..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/MD5DigestTest.java
+++ /dev/null

@@ -1,48 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.MD5Digest;
-
-/**
- * standard vector test for MD5 from "Handbook of Applied Cryptography", page 345.
- */
-public class MD5DigestTest
-    extends DigestTest
-{
-    static final String[] messages =
-    {
-        "",
-        "a",
-        "abc",
-        "abcdefghijklmnopqrstuvwxyz"
-    };
-    
-    static final String[] digests =
-    {
-        "d41d8cd98f00b204e9800998ecf8427e",
-        "0cc175b9c0f1b6a831c399e269772661",
-        "900150983cd24fb0d6963f7d28e17f72",
-        "c3fcd3d76192e4007dfb496cca67e13b"
-    };
-
-    MD5DigestTest()
-    {
-        super(new MD5Digest(), messages, digests);
-    }
-
-    protected Digest cloneDigest(Digest digest)
-    {
-        return new MD5Digest((MD5Digest)digest);
-    }
-
-    protected Digest cloneDigest(byte[] encodedState)
-    {
-        return new MD5Digest(encodedState);
-    }
-    
-    public static void main(
-        String[]    args)
-    {
-        runTest(new MD5DigestTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/MD5HMacTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/MD5HMacTest.java
deleted file mode 100644
index cfce1d9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/MD5HMacTest.java
+++ /dev/null

@@ -1,98 +0,0 @@
-
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.digests.MD5Digest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * MD5 HMac Test, test vectors from RFC 2202
- */
-public class MD5HMacTest
-    extends SimpleTest
-{
-    final static String[] keys = {
-        "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
-        "4a656665",
-        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
-        "0102030405060708090a0b0c0d0e0f10111213141516171819",
-        "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
-        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
-        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-    };
-
-    final static String[] digests = {
-        "9294727a3638bb1c13f48ef8158bfc9d",
-        "750c783e6ab0b503eaa86e310a5db738",
-        "56be34521d144c88dbb8c733f0e8b3f6",
-        "697eaf0aca3a3aea3a75164746ffaa79",
-        "56461ef2342edc00f9bab995690efd4c",
-        "6b1ab7fe4bd7bf8f0b62e6ce61b9d0cd",
-        "6f630fad67cda0ee1fb1f562db3aa53e"
-    };
-
-    final static String[] messages = {
-        "Hi There",
-        "what do ya want for nothing?",
-        "0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd",
-        "0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd",
-        "Test With Truncation",
-        "Test Using Larger Than Block-Size Key - Hash Key First",
-        "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data"
-    };
-        
-    public String getName()
-    {
-        return "MD5HMac";
-    }
-
-    public void performTest()
-    {
-        HMac hmac = new HMac(new MD5Digest());
-        byte[] resBuf = new byte[hmac.getMacSize()];
-
-        for (int i = 0; i < messages.length; i++)
-        {
-            byte[] m = messages[i].getBytes();
-            if (messages[i].startsWith("0x"))
-            {
-                m = Hex.decode(messages[i].substring(2));
-            }
-            hmac.init(new KeyParameter(Hex.decode(keys[i])));
-            hmac.update(m, 0, m.length);
-            hmac.doFinal(resBuf, 0);
-
-            if (!areEqual(resBuf, Hex.decode(digests[i])))
-            {
-                fail("Vector " + i + " failed");
-            }
-        }
-
-        // test reset
-        int vector = 0; // vector used for test
-        byte[] m = messages[vector].getBytes();
-        if (messages[vector].startsWith("0x"))
-        {
-            m = Hex.decode(messages[vector].substring(2));
-        }
-        hmac.init(new KeyParameter(Hex.decode(keys[vector])));
-        hmac.update(m, 0, m.length);
-        hmac.doFinal(resBuf, 0);
-        hmac.reset();
-        hmac.update(m, 0, m.length);
-        hmac.doFinal(resBuf, 0);
-
-        if (!areEqual(resBuf, Hex.decode(digests[vector])))
-        {
-            fail("Reset with vector " + vector + " failed");
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new MD5HMacTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/MGF1GeneratorTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/MGF1GeneratorTest.java
deleted file mode 100644
index e7e99fe..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/MGF1GeneratorTest.java
+++ /dev/null

@@ -1,88 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.DerivationFunction;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.ShortenedDigest;
-import org.bouncycastle.crypto.generators.MGF1BytesGenerator;
-import org.bouncycastle.crypto.params.MGFParameters;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * MGF1 tests - vectors from ISO 18033 for KDF1 (equivalent).
- */
-public class MGF1GeneratorTest
-    extends SimpleTest
-{
-    private byte[] seed1 = Hex.decode("d6e168c5f256a2dcff7ef12facd390f393c7a88d");
-    private byte[] mask1 = Hex.decode(
-            "0742ba966813af75536bb6149cc44fc256fd6406df79665bc31dc5"
-          + "a62f70535e52c53015b9d37d412ff3c1193439599e1b628774c50d9c"
-          + "cb78d82c425e4521ee47b8c36a4bcffe8b8112a89312fc04420a39de"
-          + "99223890e74ce10378bc515a212b97b8a6447ba6a8870278");
-
-    private byte[] seed2 = Hex.decode(
-             "032e45326fa859a72ec235acff929b15d1372e30b207255f0611b8f785d7643741" 
-           + "52e0ac009e509e7ba30cd2f1778e113b64e135cf4e2292c75efe5288edfda4");
-    private byte[] mask2 = Hex.decode(
-             "5f8de105b5e96b2e490ddecbd147dd1def7e3b8e0e6a26eb7b956ccb8b3bdc1ca9" 
-           + "75bc57c3989e8fbad31a224655d800c46954840ff32052cdf0d640562bdfadfa263c" 
-           + "fccf3c52b29f2af4a1869959bc77f854cf15bd7a25192985a842dbff8e13efee5b7e" 
-           + "7e55bbe4d389647c686a9a9ab3fb889b2d7767d3837eea4e0a2f04");
-    
-    private byte[] seed3 = seed2;
-    private byte[] mask3= Hex.decode(
-             "09e2decf2a6e1666c2f6071ff4298305e2643fd510a2403db42a8743cb989de86e"
-           + "668d168cbe604611ac179f819a3d18412e9eb45668f2923c087c12fee0c5a0d2a8aa"
-           + "70185401fbbd99379ec76c663e875a60b4aacb1319fa11c3365a8b79a44669f26fb5"
-           + "55c80391847b05eca1cb5cf8c2d531448d33fbaca19f6410ee1fcb");
-    
-    public void performTest()
-    {
-        checkMask(1, new MGF1BytesGenerator(new ShortenedDigest(new SHA256Digest(), 20)), seed1, mask1);
-        checkMask(2, new MGF1BytesGenerator(new SHA1Digest()), seed2, mask2);
-        checkMask(3, new MGF1BytesGenerator(new ShortenedDigest(new SHA256Digest(), 20)), seed3, mask3);
-        
-        try
-        {
-            new MGF1BytesGenerator(new SHA1Digest()).generateBytes(new byte[10], 0, 20);
-            
-            fail("short input array not caught");
-        }
-        catch (DataLengthException e)
-        {
-            // expected 
-        }
-    }
-    
-    private void checkMask(
-        int                count,
-        DerivationFunction kdf,
-        byte[]             seed,
-        byte[]             result)
-    {
-        byte[]             data = new byte[result.length];
-        
-        kdf.init(new MGFParameters(seed));
-        
-        kdf.generateBytes(data, 0, data.length);
-        
-        if (!areEqual(result, data))
-        {
-            fail("MGF1 failed generator test " + count);
-        }
-    }
-
-    public String getName()
-    {
-        return "MGF1";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new MGF1GeneratorTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/MacTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/MacTest.java
deleted file mode 100644
index 5b05a60..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/MacTest.java
+++ /dev/null

@@ -1,181 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.engines.DESEngine;
-import org.bouncycastle.crypto.macs.CBCBlockCipherMac;
-import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.crypto.paddings.PKCS7Padding;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * MAC tester - vectors from 
- * <a href=http://www.itl.nist.gov/fipspubs/fip81.htm>FIP 81</a> and 
- * <a href=http://www.itl.nist.gov/fipspubs/fip113.htm>FIP 113</a>.
- */
-public class MacTest
-    extends SimpleTest
-{
-    static byte[]   keyBytes = Hex.decode("0123456789abcdef");
-    static byte[]   ivBytes = Hex.decode("1234567890abcdef");
-
-    static byte[]   input1 = Hex.decode("37363534333231204e6f77206973207468652074696d6520666f7220");
-
-    static byte[]   output1 = Hex.decode("f1d30f68");
-    static byte[]   output2 = Hex.decode("58d2e77e");
-    static byte[]   output3 = Hex.decode("cd647403");
-
-    //
-    // these aren't NIST vectors, just for regression testing.
-    //
-    static byte[]   input2 = Hex.decode("3736353433323120");
-
-    static byte[]   output4 = Hex.decode("3af549c9");
-    static byte[]   output5 = Hex.decode("188fbdd5");
-    static byte[]   output6 = Hex.decode("7045eecd");
-
-    public MacTest()
-    {
-    }
-
-    public void performTest()
-    {
-        KeyParameter        key = new KeyParameter(keyBytes);
-        BlockCipher         cipher = new DESEngine();
-        Mac                 mac = new CBCBlockCipherMac(cipher);
-
-        //
-        // standard DAC - zero IV
-        //
-        mac.init(key);
-
-        mac.update(input1, 0, input1.length);
-
-        byte[]  out = new byte[4];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output1))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output1)) + " got " + new String(Hex.encode(out)));
-        }
-        
-        //
-        // mac with IV.
-        //
-        ParametersWithIV    param = new ParametersWithIV(key, ivBytes);
-
-        mac.init(param);
-
-        mac.update(input1, 0, input1.length);
-
-        out = new byte[4];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output2))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output2)) + " got " + new String(Hex.encode(out)));
-        }
-        
-        //
-        // CFB mac with IV - 8 bit CFB mode
-        //
-        param = new ParametersWithIV(key, ivBytes);
-
-        mac = new CFBBlockCipherMac(cipher);
-
-        mac.init(param);
-
-        mac.update(input1, 0, input1.length);
-
-        out = new byte[4];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output3))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output3)) + " got " + new String(Hex.encode(out)));
-        }
-
-        //
-        // word aligned data - zero IV
-        //
-        mac.init(key);
-
-        mac.update(input2, 0, input2.length);
-
-        out = new byte[4];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output4))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output4)) + " got " + new String(Hex.encode(out)));
-        }
-
-        //
-        // word aligned data - zero IV - CBC padding
-        //
-        mac = new CBCBlockCipherMac(cipher, new PKCS7Padding());
-
-        mac.init(key);
-
-        mac.update(input2, 0, input2.length);
-
-        out = new byte[4];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output5))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output5)) + " got " + new String(Hex.encode(out)));
-        }
-
-        //
-        // non-word aligned data - zero IV - CBC padding
-        //
-        mac.reset();
-
-        mac.update(input1, 0, input1.length);
-
-        out = new byte[4];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output6))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output6)) + " got " + new String(Hex.encode(out)));
-        }
-
-        //
-        // non-word aligned data - zero IV - CBC padding
-        //
-        mac.init(key);
-
-        mac.update(input1, 0, input1.length);
-
-        out = new byte[4];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output6))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output6)) + " got " + new String(Hex.encode(out)));
-        }
-    }
-
-    public String getName()
-    {
-        return "Mac";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new MacTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/ModeTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/ModeTest.java
deleted file mode 100644
index 6619b65..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/ModeTest.java
+++ /dev/null

@@ -1,115 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.engines.DESEngine;
-import org.bouncycastle.crypto.modes.CFBBlockCipher;
-import org.bouncycastle.crypto.modes.OFBBlockCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-/**
- * CFB/OFB Mode test of IV padding.
- */
-public class ModeTest
-    implements Test
-{
-    public ModeTest()
-    {
-    }
-
-    private boolean isEqualTo(
-        byte[]  a,
-        byte[]  b)
-    {
-        for (int i = 0; i != a.length; i++)
-        {
-            if (a[i] != b[i])
-            {
-                return false;
-            }
-        }
-
-        return true;
-    }
-
-    public TestResult perform()
-    {
-        KeyParameter    key = new KeyParameter(Hex.decode("0011223344556677"));
-        byte[]          input = Hex.decode("4e6f7720");
-        byte[]          out1 = new byte[4];
-        byte[]          out2 = new byte[4];
-
-
-        BlockCipher ofb = new OFBBlockCipher(new DESEngine(), 32);
-
-        ofb.init(true, new ParametersWithIV(key, Hex.decode("1122334455667788")));
-
-        ofb.processBlock(input, 0, out1, 0);
-
-        ofb.init(false, new ParametersWithIV(key, Hex.decode("1122334455667788")));
-        ofb.processBlock(out1, 0, out2, 0);
-
-        if (!isEqualTo(out2, input))
-        {
-            return new SimpleTestResult(false, getName() + ": test 1 - in != out");
-        }
-
-        ofb.init(true, new ParametersWithIV(key, Hex.decode("11223344")));
-
-        ofb.processBlock(input, 0, out1, 0);
-
-        ofb.init(false, new ParametersWithIV(key, Hex.decode("0000000011223344")));
-        ofb.processBlock(out1, 0, out2, 0);
-
-        if (!isEqualTo(out2, input))
-        {
-            return new SimpleTestResult(false, getName() + ": test 2 - in != out");
-        }
-
-        BlockCipher cfb = new CFBBlockCipher(new DESEngine(), 32);
-
-        cfb.init(true, new ParametersWithIV(key, Hex.decode("1122334455667788")));
-
-        cfb.processBlock(input, 0, out1, 0);
-
-        cfb.init(false, new ParametersWithIV(key, Hex.decode("1122334455667788")));
-        cfb.processBlock(out1, 0, out2, 0);
-
-        if (!isEqualTo(out2, input))
-        {
-            return new SimpleTestResult(false, getName() + ": test 3 - in != out");
-        }
-
-        cfb.init(true, new ParametersWithIV(key, Hex.decode("11223344")));
-
-        cfb.processBlock(input, 0, out1, 0);
-
-        cfb.init(false, new ParametersWithIV(key, Hex.decode("0000000011223344")));
-        cfb.processBlock(out1, 0, out2, 0);
-
-        if (!isEqualTo(out2, input))
-        {
-            return new SimpleTestResult(false, getName() + ": test 4 - in != out");
-        }
-
-        return new SimpleTestResult(true, getName() + ": Okay");
-    }
-
-    public String getName()
-    {
-        return "ModeTest";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        ModeTest    test = new ModeTest();
-        TestResult result = test.perform();
-
-        System.out.println(result);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/NISTCTSTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/NISTCTSTest.java
deleted file mode 100644
index 567d676..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/NISTCTSTest.java
+++ /dev/null

@@ -1,170 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.engines.AESEngine;
-import org.bouncycastle.crypto.modes.NISTCTSBlockCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * CTS tester
- */
-public class NISTCTSTest
-    extends SimpleTest
-{
-    private static KeyParameter key = new KeyParameter(Hex.decode("000102030405060708090a0b0c0d0e0f"));
-    private static byte[] iv = Hex.decode("101112131415161718191a1b1c1d1e1f");
-
-    private static byte[] singleBlock = Hex.decode("4920616d206f6e6520626c6f636b2e2e");
-    private static byte[] singleOut = Hex.decode("8aad2098847a2d74ac87de22745d2537");
-
-    private static byte[] twoBlock = Hex.decode("4920616d206174206c656173742074776f20626c6f636b73206c6f6e672e2e2e");
-
-    private static byte[] cs1TwoBlockOut = Hex.decode("3f07fd5816c3b96349eb9f6a074909d67237eb8aa9a7467b8a388c61d0e8f35a");
-    private static byte[] cs2TwoBlockOut = Hex.decode("3f07fd5816c3b96349eb9f6a074909d67237eb8aa9a7467b8a388c61d0e8f35a");
-    private static byte[] cs3TwoBlockOut = Hex.decode("7237eb8aa9a7467b8a388c61d0e8f35a3f07fd5816c3b96349eb9f6a074909d6");
-
-    private static byte[] notQuiteTwo = Hex.decode("4920616d206e6f742071756974652074776f2e2e2e");
-
-    private static byte[] cs1NotQuiteTwoBlockOut = Hex.decode("22ecf2ac77f098097ca69b72e3a46e9ca21bb5ebbc");
-    private static byte[] cs2NotQuiteTwoBlockOut = Hex.decode("f098097ca69b72e3a46e9ca21bb5ebbc22ecf2ac77");
-    private static byte[] cs3NotQuiteTwoBlockOut = Hex.decode("f098097ca69b72e3a46e9ca21bb5ebbc22ecf2ac77");
-
-    static byte[]   in1 = Hex.decode("4e6f7720697320746865207420");
-    static byte[]   in2 = Hex.decode("000102030405060708090a0b0c0d0e0fff0102030405060708090a0b0c0d0e0f0aaa");
-    static byte[]   out1 = Hex.decode("9952f131588465033fa40e8a98");
-    static byte[]   out2 = Hex.decode("358f84d01eb42988dc34efb994");
-    static byte[]   out3 = Hex.decode("170171cfad3f04530c509b0c1f0be0aefbd45a8e3755a873bff5ea198504b71683c6");
-    
-    private void testCTS(
-        int                 id,
-        int                 type,
-        BlockCipher         cipher,
-        CipherParameters    params,
-        byte[]              input,
-        byte[]              output)
-        throws Exception
-    {
-        byte[]                  out = new byte[input.length];
-        BufferedBlockCipher     engine = new NISTCTSBlockCipher(type, cipher);
-
-        engine.init(true, params);
-
-        int len = engine.processBytes(input, 0, input.length, out, 0);
-
-        engine.doFinal(out, len);
-
-        if (!areEqual(output, out))
-        {
-            fail(id + " failed encryption expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(out)));
-        }
-
-        engine.init(false, params);
-
-        len = engine.processBytes(output, 0, output.length, out, 0);
-
-        engine.doFinal(out, len);
-
-        if (!areEqual(input, out))
-        {
-            fail(id + " failed decryption expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
-        }
-    }
-
-    private void testExceptions() throws InvalidCipherTextException
-    {
-        BufferedBlockCipher engine = new NISTCTSBlockCipher(NISTCTSBlockCipher.CS1, new AESEngine());
-        CipherParameters params = new KeyParameter(new byte[engine.getBlockSize()]);
-        engine.init(true, params);
-
-        byte[] out = new byte[engine.getOutputSize(engine.getBlockSize())];
-        
-        engine.processBytes(new byte[engine.getBlockSize() - 1], 0, engine.getBlockSize() - 1, out, 0);
-        try 
-        {
-            engine.doFinal(out, 0);
-            fail("Expected CTS encrypt error on < 1 block input");
-        } catch(DataLengthException e)
-        {
-            // Expected
-        }
-
-        engine.init(true, params);
-        engine.processBytes(new byte[engine.getBlockSize()], 0, engine.getBlockSize(), out, 0);
-        try 
-        {
-            engine.doFinal(out, 0);
-        } catch(DataLengthException e)
-        {
-            fail("Unexpected CTS encrypt error on == 1 block input");
-        }
-
-        engine.init(false, params);
-        engine.processBytes(new byte[engine.getBlockSize() - 1], 0, engine.getBlockSize() - 1, out, 0);
-        try 
-        {
-            engine.doFinal(out, 0);
-            fail("Expected CTS decrypt error on < 1 block input");
-        } catch(DataLengthException e)
-        {
-            // Expected
-        }
-
-        engine.init(false, params);
-        engine.processBytes(new byte[engine.getBlockSize()], 0, engine.getBlockSize(), out, 0);
-        try 
-        {
-            engine.doFinal(out, 0);
-        } catch(DataLengthException e)
-        {
-            fail("Unexpected CTS decrypt error on == 1 block input");
-        }
-
-    }
-
-    public String getName()
-    {
-        return "NISTCTS";
-    }
-
-    public void performTest() 
-        throws Exception
-    {
-        testCTS(1, NISTCTSBlockCipher.CS1, new AESEngine(), new ParametersWithIV(key, iv), singleBlock, singleOut);
-        testCTS(2, NISTCTSBlockCipher.CS2, new AESEngine(), new ParametersWithIV(key, iv), singleBlock, singleOut);
-        testCTS(3, NISTCTSBlockCipher.CS3, new AESEngine(), new ParametersWithIV(key, iv), singleBlock, singleOut);
-
-        testCTS(4, NISTCTSBlockCipher.CS1, new AESEngine(), new ParametersWithIV(key, iv), twoBlock, cs1TwoBlockOut);
-        testCTS(5, NISTCTSBlockCipher.CS2, new AESEngine(), new ParametersWithIV(key, iv), twoBlock, cs2TwoBlockOut);
-        testCTS(6, NISTCTSBlockCipher.CS3, new AESEngine(), new ParametersWithIV(key, iv), twoBlock, cs3TwoBlockOut);
-
-        testCTS(7, NISTCTSBlockCipher.CS1, new AESEngine(), new ParametersWithIV(key, iv), notQuiteTwo, cs1NotQuiteTwoBlockOut);
-        testCTS(8, NISTCTSBlockCipher.CS2, new AESEngine(), new ParametersWithIV(key, iv), notQuiteTwo, cs2NotQuiteTwoBlockOut);
-        testCTS(9, NISTCTSBlockCipher.CS3, new AESEngine(), new ParametersWithIV(key, iv), notQuiteTwo, cs3NotQuiteTwoBlockOut);
-
-        byte[] aes128b = Hex.decode("aafd12f659cae63489b479e5076ddec2f06cb58faafd12f6");
-        byte[] aesIn1b  = Hex.decode("000102030405060708090a0b0c0d0e0fff0102030405060708090a0b0c0d0e0f");
-        byte[] aesOut1b = Hex.decode("6db2f802d99e1ef0a5940f306079e083cf87f4d8bb9d1abb36cdd9f44ead7d04");
-
-        testCTS(10, NISTCTSBlockCipher.CS3, new AESEngine(), new ParametersWithIV(new KeyParameter(aes128b), Hex.decode("aafd12f659cae63489b479e5076ddec2")), aesIn1b, aesOut1b);
-
-        byte[] aes128c = Hex.decode("aafd12f659cae63489b479e5076ddec2");
-        byte[] aesOut1c = Hex.decode("0af33c005a337af55a5149effc5108eaa1ea87de8a8556e8786b8f230da64e56");
-
-        testCTS(11, NISTCTSBlockCipher.CS3, new AESEngine(), new ParametersWithIV(new KeyParameter(aes128c), Hex.decode("aafd12f659cae63489b479e5076ddec2")), aesIn1b, aesOut1c);
-
-        testExceptions();
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new NISTCTSTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/NaccacheSternTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/NaccacheSternTest.java
deleted file mode 100644
index 56e0e30..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/NaccacheSternTest.java
+++ /dev/null

@@ -1,354 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-import java.util.Vector;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.engines.NaccacheSternEngine;
-import org.bouncycastle.crypto.generators.NaccacheSternKeyPairGenerator;
-import org.bouncycastle.crypto.params.NaccacheSternKeyGenerationParameters;
-import org.bouncycastle.crypto.params.NaccacheSternKeyParameters;
-import org.bouncycastle.crypto.params.NaccacheSternPrivateKeyParameters;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Test case for NaccacheStern cipher. For details on this cipher, please see
- * 
- * http://www.gemplus.com/smart/rd/publications/pdf/NS98pkcs.pdf
- *
- * Performs the following tests: 
- *  <ul>
- *  <li> Toy example from the NaccacheSternPaper </li>
- *  <li> 768 bit test with text "Now is the time for all good men." (ripped from RSA test) and
- *     the same test with the first byte replaced by 0xFF </li>
- *  <li> 1024 bit test analog to 768 bit test </li>
- *  </ul>
- */
-public class NaccacheSternTest
-    extends SimpleTest
-{
-    static final boolean debug = false;
-
-    static final NaccacheSternEngine cryptEng = new NaccacheSternEngine();
-
-    static final NaccacheSternEngine decryptEng = new NaccacheSternEngine();
-
-    // Values from NaccacheStern paper
-    static final BigInteger a = BigInteger.valueOf(101);
-
-    static final BigInteger u1 = BigInteger.valueOf(3);
-
-    static final BigInteger u2 = BigInteger.valueOf(5);
-
-    static final BigInteger u3 = BigInteger.valueOf(7);
-
-    static final BigInteger b = BigInteger.valueOf(191);
-
-    static final BigInteger v1 = BigInteger.valueOf(11);
-
-    static final BigInteger v2 = BigInteger.valueOf(13);
-
-    static final BigInteger v3 = BigInteger.valueOf(17);
-
-    static final BigInteger ONE = BigInteger.valueOf(1);
-
-    static final BigInteger TWO = BigInteger.valueOf(2);
-
-    static final BigInteger sigma = u1.multiply(u2).multiply(u3).multiply(v1)
-            .multiply(v2).multiply(v3);
-
-    static final BigInteger p = TWO.multiply(a).multiply(u1).multiply(u2)
-            .multiply(u3).add(ONE);
-
-    static final BigInteger q = TWO.multiply(b).multiply(v1).multiply(v2)
-            .multiply(v3).add(ONE);
-
-    static final BigInteger n = p.multiply(q);
-
-    static final BigInteger phi_n = p.subtract(ONE).multiply(q.subtract(ONE));
-
-    static final BigInteger g = BigInteger.valueOf(131);
-
-    static final Vector smallPrimes = new Vector();
-
-    // static final BigInteger paperTest = BigInteger.valueOf(202);
-
-    static final String input = "4e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e";
-
-    static final BigInteger paperTest = BigInteger.valueOf(202);
-
-    //
-    // to check that we handling byte extension by big number correctly.
-    //
-    static final String edgeInput = "ff6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e";
-
-    static
-    {
-        cryptEng.setDebug(debug);
-        decryptEng.setDebug(debug);
-
-        // First the Parameters from the NaccacheStern Paper
-        // (see http://www.gemplus.com/smart/rd/publications/pdf/NS98pkcs.pdf )
-
-        smallPrimes.addElement(u1);
-        smallPrimes.addElement(u2);
-        smallPrimes.addElement(u3);
-        smallPrimes.addElement(v1);
-        smallPrimes.addElement(v2);
-        smallPrimes.addElement(v3);
-    }
-
-    public String getName()
-    {
-        return "NaccacheStern";
-    }
-
-    public void performTest()
-    {
-        // Test with given key from NaccacheSternPaper (totally insecure)
-
-        NaccacheSternKeyParameters pubParameters = new NaccacheSternKeyParameters(false, g, n, sigma.bitLength());
-
-        NaccacheSternPrivateKeyParameters privParameters = new NaccacheSternPrivateKeyParameters(g, n, sigma.bitLength(), smallPrimes, phi_n);
-
-        AsymmetricCipherKeyPair pair = new AsymmetricCipherKeyPair(pubParameters, privParameters);
-
-        // Initialize Engines with KeyPair
-
-        if (debug)
-        {
-            System.out.println("initializing encryption engine");
-        }
-        cryptEng.init(true, pair.getPublic());
-
-        if (debug)
-        {
-            System.out.println("initializing decryption engine");
-        }
-        decryptEng.init(false, pair.getPrivate());
-
-        byte[] data = paperTest.toByteArray();
-
-        if (!new BigInteger(data).equals(new BigInteger(enDeCrypt(data))))
-        {
-            fail("failed NaccacheStern paper test");
-        }
-
-        //
-        // key generation test
-        //
-
-        // 
-        // 768 Bit test
-        //
-
-        if (debug)
-        {
-            System.out.println();
-            System.out.println("768 Bit TEST");
-        }
-
-        // specify key generation parameters
-        NaccacheSternKeyGenerationParameters genParam
-            = new NaccacheSternKeyGenerationParameters(new SecureRandom(), 768, 8, 30, debug);
-
-        // Initialize Key generator and generate key pair
-        NaccacheSternKeyPairGenerator pGen = new NaccacheSternKeyPairGenerator();
-        pGen.init(genParam);
-
-        pair = pGen.generateKeyPair();
-
-        if (((NaccacheSternKeyParameters)pair.getPublic()).getModulus().bitLength() < 768)
-        {
-            System.out.println("FAILED: key size is <786 bit, exactly "
-                            + ((NaccacheSternKeyParameters)pair.getPublic()).getModulus().bitLength() + " bit");
-            fail("failed key generation (768) length test");
-        }
-
-        // Initialize Engines with KeyPair
-
-        if (debug)
-        {
-            System.out.println("initializing " + genParam.getStrength() + " bit encryption engine");
-        }
-        cryptEng.init(true, pair.getPublic());
-
-        if (debug)
-        {
-            System.out.println("initializing " + genParam.getStrength() + " bit decryption engine");
-        }
-        decryptEng.init(false, pair.getPrivate());
-
-        // Basic data input
-        data = Hex.decode(input);
-
-        if (!new BigInteger(1, data).equals(new BigInteger(1, enDeCrypt(data))))
-        {
-            fail("failed encryption decryption (" + genParam.getStrength() + ") basic test");
-        }
-
-        // Data starting with FF byte (would be interpreted as negative
-        // BigInteger)
-
-        data = Hex.decode(edgeInput);
-
-        if (!new BigInteger(1, data).equals(new BigInteger(1, enDeCrypt(data))))
-        {
-            fail("failed encryption decryption (" + genParam.getStrength() + ") edgeInput test");
-        }
-
-        // 
-        // 1024 Bit Test
-        // 
-/*
-        if (debug)
-        {
-            System.out.println();
-            System.out.println("1024 Bit TEST");
-        }
-
-        // specify key generation parameters
-        genParam = new NaccacheSternKeyGenerationParameters(new SecureRandom(), 1024, 8, 40);
-
-        pGen.init(genParam);
-        pair = pGen.generateKeyPair();
-
-        if (((NaccacheSternKeyParameters)pair.getPublic()).getModulus().bitLength() < 1024)
-        {
-            if (debug)
-            {
-                System.out.println("FAILED: key size is <1024 bit, exactly "
-                                + ((NaccacheSternKeyParameters)pair.getPublic()).getModulus().bitLength() + " bit");
-            }
-            fail("failed key generation (1024) length test");
-        }
-
-        // Initialize Engines with KeyPair
-
-        if (debug)
-        {
-            System.out.println("initializing " + genParam.getStrength() + " bit encryption engine");
-        }
-        cryptEng.init(true, pair.getPublic());
-
-        if (debug)
-        {
-            System.out.println("initializing " + genParam.getStrength() + " bit decryption engine");
-        }
-        decryptEng.init(false, pair.getPrivate());
-
-        if (debug)
-        {
-            System.out.println("Data is           " + new BigInteger(1, data));
-        }
-
-        // Basic data input
-        data = Hex.decode(input);
-
-        if (!new BigInteger(1, data).equals(new BigInteger(1, enDeCrypt(data))))
-        {
-            fail("failed encryption decryption (" + genParam.getStrength() + ") basic test");
-        }
-
-        // Data starting with FF byte (would be interpreted as negative
-        // BigInteger)
-
-        data = Hex.decode(edgeInput);
-
-        if (!new BigInteger(1, data).equals(new BigInteger(1, enDeCrypt(data))))
-        {
-            fail("failed encryption decryption (" + genParam.getStrength() + ") edgeInput test");
-        }
-*/
-        // END OF TEST CASE
-
-        try
-        {
-            new NaccacheSternEngine().processBlock(new byte[]{ 1 }, 0, 1);
-            fail("failed initialisation check");
-        }
-        catch (IllegalStateException e)
-        {
-            // expected
-        }
-        catch (InvalidCipherTextException e)
-        {
-            fail("failed initialisation check");
-        }
-
-        if (debug)
-        {
-            System.out.println("All tests successful");
-        }
-    }
-
-    private byte[] enDeCrypt(byte[] input)
-    {
-
-        // create work array
-        byte[] data = new byte[input.length];
-        System.arraycopy(input, 0, data, 0, data.length);
-
-        // Perform encryption like in the paper from Naccache-Stern
-        if (debug)
-        {
-            System.out.println("encrypting data. Data representation\n"
-            //                    + "As String:.... " + new String(data) + "\n"
-                            + "As BigInteger: " + new BigInteger(1, data));
-            System.out.println("data length is " + data.length);
-        }
-
-        try
-        {
-            data = cryptEng.processData(data);
-        }
-        catch (InvalidCipherTextException e)
-        {
-            if (debug)
-            {
-                System.out.println("failed - exception " + e.toString() + "\n" + e.getMessage());
-            }
-            fail("failed - exception " + e.toString() + "\n" + e.getMessage());
-        }
-
-        if (debug)
-        {
-            System.out.println("enrypted data representation\n"
-            //                    + "As String:.... " + new String(data) + "\n"
-                            + "As BigInteger: " + new BigInteger(1, data));
-            System.out.println("data length is " + data.length);
-        }
-
-        try
-        {
-            data = decryptEng.processData(data);
-        }
-        catch (InvalidCipherTextException e)
-        {
-            if (debug)
-            {
-                System.out.println("failed - exception " + e.toString() + "\n" + e.getMessage());
-            }
-            fail("failed - exception " + e.toString() + "\n" + e.getMessage());
-        }
-
-        if (debug)
-        {
-            System.out.println("decrypted data representation\n"
-            //                    + "As String:.... " + new String(data) + "\n"
-                            + "As BigInteger: " + new BigInteger(1, data));
-            System.out.println("data length is " + data.length);
-        }
-
-        return data;
-
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new NaccacheSternTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/NoekeonTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/NoekeonTest.java
deleted file mode 100644
index ebebbd6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/NoekeonTest.java
+++ /dev/null

@@ -1,45 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.engines.NoekeonEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Noekeon tester
- */
-public class NoekeonTest
-    extends CipherTest
-{
-    static SimpleTest[]  tests =
-    {
-        new BlockCipherVectorTest(0, new NoekeonEngine(),
-            new KeyParameter(Hex.decode("00000000000000000000000000000000")),
-            "00000000000000000000000000000000",
-            "b1656851699e29fa24b70148503d2dfc"),
-        new BlockCipherVectorTest(1, new NoekeonEngine(),
-            new KeyParameter(Hex.decode("ffffffffffffffffffffffffffffffff")),
-            "ffffffffffffffffffffffffffffffff",
-            "2a78421b87c7d0924f26113f1d1349b2"),
-        new BlockCipherVectorTest(2, new NoekeonEngine(),
-            new KeyParameter(Hex.decode("b1656851699e29fa24b70148503d2dfc")),
-            "2a78421b87c7d0924f26113f1d1349b2",
-            "e2f687e07b75660ffc372233bc47532c")
-    };
-
-    NoekeonTest()
-    {
-        super(tests, new NoekeonEngine(), new KeyParameter(new byte[16]));
-    }
-
-    public String getName()
-    {
-        return "Noekeon";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new NoekeonTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/NonMemoableDigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/NonMemoableDigestTest.java
deleted file mode 100644
index b8c9b60..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/NonMemoableDigestTest.java
+++ /dev/null

@@ -1,113 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.digests.NonMemoableDigest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-/**
- * SHA1 HMac Test, test vectors from RFC 2202
- */
-public class NonMemoableDigestTest
-    implements Test
-{
-    final static String[] keys = {
-        "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
-        "4a656665",
-        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
-        "0102030405060708090a0b0c0d0e0f10111213141516171819",
-        "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
-        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
-        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-    };
-
-    final static String[] digests = {
-        "b617318655057264e28bc0b6fb378c8ef146be00",
-        "effcdf6ae5eb2fa2d27416d5f184df9c259a7c79",
-        "125d7342b9ac11cd91a39af48aa17b4f63f175d3",
-        "4c9007f4026250c6bc8414f9bf50c86c2d7235da",
-        "4c1a03424b55e07fe7f27be1d58bb9324a9a5a04",
-        "aa4ae5e15272d00e95705637ce8a3b55ed402112",
-        "e8e99d0f45237d786d6bbaa7965c7808bbff1a91",
-        "4c1a03424b55e07fe7f27be1d58bb9324a9a5a04",
-        "aa4ae5e15272d00e95705637ce8a3b55ed402112",
-        "e8e99d0f45237d786d6bbaa7965c7808bbff1a91"
-    };
-
-    final static String[] messages = {
-        "Hi There",
-        "what do ya want for nothing?",
-        "0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd",
-        "0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd",
-        "Test With Truncation",
-        "Test Using Larger Than Block-Size Key - Hash Key First",
-        "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data"
-    };
-        
-    public String getName()
-    {
-        return "NonMemoableDigest";
-    }
-
-    public TestResult perform()
-    {
-        HMac hmac = new HMac(new NonMemoableDigest(new SHA1Digest()));
-        byte[] resBuf = new byte[hmac.getMacSize()];
-
-        for (int i = 0; i < messages.length; i++)
-        {
-            byte[] m = Strings.toByteArray(messages[i]);
-            if (messages[i].startsWith("0x"))
-            {
-                m = Hex.decode(messages[i].substring(2));
-            }
-            hmac.init(new KeyParameter(Hex.decode(keys[i])));
-            hmac.update(m, 0, m.length);
-            hmac.doFinal(resBuf, 0);
-
-            if (!Arrays.areEqual(resBuf, Hex.decode(digests[i])))
-            {
-                return new SimpleTestResult(false, getName() + ": Vector " + i + " failed");
-            }
-        }
-
-        //
-        // test reset
-        //
-        int vector = 0; // vector used for test
-        byte[] m = Strings.toByteArray(messages[vector]);
-        if (messages[vector].startsWith("0x"))
-        {
-            m = Hex.decode(messages[vector].substring(2));
-        }
-        hmac.init(new KeyParameter(Hex.decode(keys[vector])));
-        hmac.update(m, 0, m.length);
-        hmac.doFinal(resBuf, 0);
-        hmac.reset();
-        hmac.update(m, 0, m.length);
-        hmac.doFinal(resBuf, 0);
-
-        if (!Arrays.areEqual(resBuf, Hex.decode(digests[vector])))
-        {
-            return new SimpleTestResult(false, getName() +
-                    ": Reset with vector " + vector + " failed");
-        }
-
-        return new SimpleTestResult(true, getName() + ": Okay");
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        NonMemoableDigestTest test = new NonMemoableDigestTest();
-        TestResult      result = test.perform();
-
-        System.out.println(result);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/NullTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/NullTest.java
deleted file mode 100644
index ef8ff4b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/NullTest.java
+++ /dev/null

@@ -1,77 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.engines.NullEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class NullTest 
-    extends CipherTest
-{
-    static SimpleTest[]  tests = 
-    {
-        new BlockCipherVectorTest(0, new NullEngine(),
-                new KeyParameter(Hex.decode("00")), "00", "00")
-    };
-    
-    NullTest()
-    {
-        super(tests, new NullEngine(), new KeyParameter(new byte[2]));
-    }
-
-    public String getName()
-    {
-        return "Null";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        super.performTest();
-        
-        BlockCipher engine = new NullEngine();
-        
-        engine.init(true, null);
-        
-        byte[] buf = new byte[1];
-        
-        engine.processBlock(buf, 0, buf, 0);
-        
-        if (buf[0] != 0)
-        {
-            fail("NullCipher changed data!");
-        }
-        
-        byte[] shortBuf = new byte[0];
-        
-        try
-        {   
-            engine.processBlock(shortBuf, 0, buf, 0);
-            
-            fail("failed short input check");
-        }
-        catch (DataLengthException e)
-        {
-            // expected 
-        }
-        
-        try
-        {   
-            engine.processBlock(buf, 0, shortBuf, 0);
-            
-            fail("failed short output check");
-        }
-        catch (DataLengthException e)
-        {
-            // expected 
-        }
-    }
-    
-    public static void main(
-        String[]    args)
-    {
-        runTest(new NullTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/OAEPTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/OAEPTest.java
deleted file mode 100644
index 010a8cd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/OAEPTest.java
+++ /dev/null

@@ -1,907 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.io.ByteArrayInputStream;
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.pkcs.RSAPrivateKey;
-import org.bouncycastle.asn1.pkcs.RSAPublicKey;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.AsymmetricBlockCipher;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.encodings.OAEPEncoding;
-import org.bouncycastle.crypto.engines.RSAEngine;
-import org.bouncycastle.crypto.generators.RSAKeyPairGenerator;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.params.RSAKeyGenerationParameters;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
-import org.bouncycastle.util.BigIntegers;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class OAEPTest
-    extends SimpleTest
-{
-    static byte[] pubKeyEnc1 =
-        {
-          (byte)0x30, (byte)0x5a, (byte)0x30, (byte)0x0d, (byte)0x06, (byte)0x09, (byte)0x2a, (byte)0x86,
-          (byte)0x48, (byte)0x86, (byte)0xf7, (byte)0x0d, (byte)0x01, (byte)0x01, (byte)0x01, (byte)0x05,
-          (byte)0x00, (byte)0x03, (byte)0x49, (byte)0x00, (byte)0x30, (byte)0x46, (byte)0x02, (byte)0x41,
-          (byte)0x00, (byte)0xaa, (byte)0x36, (byte)0xab, (byte)0xce, (byte)0x88, (byte)0xac, (byte)0xfd,
-          (byte)0xff, (byte)0x55, (byte)0x52, (byte)0x3c, (byte)0x7f, (byte)0xc4, (byte)0x52, (byte)0x3f,
-          (byte)0x90, (byte)0xef, (byte)0xa0, (byte)0x0d, (byte)0xf3, (byte)0x77, (byte)0x4a, (byte)0x25,
-          (byte)0x9f, (byte)0x2e, (byte)0x62, (byte)0xb4, (byte)0xc5, (byte)0xd9, (byte)0x9c, (byte)0xb5,
-          (byte)0xad, (byte)0xb3, (byte)0x00, (byte)0xa0, (byte)0x28, (byte)0x5e, (byte)0x53, (byte)0x01,
-          (byte)0x93, (byte)0x0e, (byte)0x0c, (byte)0x70, (byte)0xfb, (byte)0x68, (byte)0x76, (byte)0x93,
-          (byte)0x9c, (byte)0xe6, (byte)0x16, (byte)0xce, (byte)0x62, (byte)0x4a, (byte)0x11, (byte)0xe0,
-          (byte)0x08, (byte)0x6d, (byte)0x34, (byte)0x1e, (byte)0xbc, (byte)0xac, (byte)0xa0, (byte)0xa1,
-          (byte)0xf5, (byte)0x02, (byte)0x01, (byte)0x11
-        };
-
-    static byte[] privKeyEnc1 =
-        {
-          (byte)0x30, (byte)0x82, (byte)0x01, (byte)0x52, (byte)0x02, (byte)0x01, (byte)0x00, (byte)0x30,
-          (byte)0x0d, (byte)0x06, (byte)0x09, (byte)0x2a, (byte)0x86, (byte)0x48, (byte)0x86, (byte)0xf7,
-          (byte)0x0d, (byte)0x01, (byte)0x01, (byte)0x01, (byte)0x05, (byte)0x00, (byte)0x04, (byte)0x82,
-          (byte)0x01, (byte)0x3c, (byte)0x30, (byte)0x82, (byte)0x01, (byte)0x38, (byte)0x02, (byte)0x01,
-          (byte)0x00, (byte)0x02, (byte)0x41, (byte)0x00, (byte)0xaa, (byte)0x36, (byte)0xab, (byte)0xce,
-          (byte)0x88, (byte)0xac, (byte)0xfd, (byte)0xff, (byte)0x55, (byte)0x52, (byte)0x3c, (byte)0x7f,
-          (byte)0xc4, (byte)0x52, (byte)0x3f, (byte)0x90, (byte)0xef, (byte)0xa0, (byte)0x0d, (byte)0xf3,
-          (byte)0x77, (byte)0x4a, (byte)0x25, (byte)0x9f, (byte)0x2e, (byte)0x62, (byte)0xb4, (byte)0xc5,
-          (byte)0xd9, (byte)0x9c, (byte)0xb5, (byte)0xad, (byte)0xb3, (byte)0x00, (byte)0xa0, (byte)0x28,
-          (byte)0x5e, (byte)0x53, (byte)0x01, (byte)0x93, (byte)0x0e, (byte)0x0c, (byte)0x70, (byte)0xfb,
-          (byte)0x68, (byte)0x76, (byte)0x93, (byte)0x9c, (byte)0xe6, (byte)0x16, (byte)0xce, (byte)0x62,
-          (byte)0x4a, (byte)0x11, (byte)0xe0, (byte)0x08, (byte)0x6d, (byte)0x34, (byte)0x1e, (byte)0xbc,
-          (byte)0xac, (byte)0xa0, (byte)0xa1, (byte)0xf5, (byte)0x02, (byte)0x01, (byte)0x11, (byte)0x02,
-          (byte)0x40, (byte)0x0a, (byte)0x03, (byte)0x37, (byte)0x48, (byte)0x62, (byte)0x64, (byte)0x87,
-          (byte)0x69, (byte)0x5f, (byte)0x5f, (byte)0x30, (byte)0xbc, (byte)0x38, (byte)0xb9, (byte)0x8b,
-          (byte)0x44, (byte)0xc2, (byte)0xcd, (byte)0x2d, (byte)0xff, (byte)0x43, (byte)0x40, (byte)0x98,
-          (byte)0xcd, (byte)0x20, (byte)0xd8, (byte)0xa1, (byte)0x38, (byte)0xd0, (byte)0x90, (byte)0xbf,
-          (byte)0x64, (byte)0x79, (byte)0x7c, (byte)0x3f, (byte)0xa7, (byte)0xa2, (byte)0xcd, (byte)0xcb,
-          (byte)0x3c, (byte)0xd1, (byte)0xe0, (byte)0xbd, (byte)0xba, (byte)0x26, (byte)0x54, (byte)0xb4,
-          (byte)0xf9, (byte)0xdf, (byte)0x8e, (byte)0x8a, (byte)0xe5, (byte)0x9d, (byte)0x73, (byte)0x3d,
-          (byte)0x9f, (byte)0x33, (byte)0xb3, (byte)0x01, (byte)0x62, (byte)0x4a, (byte)0xfd, (byte)0x1d,
-          (byte)0x51, (byte)0x02, (byte)0x21, (byte)0x00, (byte)0xd8, (byte)0x40, (byte)0xb4, (byte)0x16,
-          (byte)0x66, (byte)0xb4, (byte)0x2e, (byte)0x92, (byte)0xea, (byte)0x0d, (byte)0xa3, (byte)0xb4,
-          (byte)0x32, (byte)0x04, (byte)0xb5, (byte)0xcf, (byte)0xce, (byte)0x33, (byte)0x52, (byte)0x52,
-          (byte)0x4d, (byte)0x04, (byte)0x16, (byte)0xa5, (byte)0xa4, (byte)0x41, (byte)0xe7, (byte)0x00,
-          (byte)0xaf, (byte)0x46, (byte)0x12, (byte)0x0d, (byte)0x02, (byte)0x21, (byte)0x00, (byte)0xc9,
-          (byte)0x7f, (byte)0xb1, (byte)0xf0, (byte)0x27, (byte)0xf4, (byte)0x53, (byte)0xf6, (byte)0x34,
-          (byte)0x12, (byte)0x33, (byte)0xea, (byte)0xaa, (byte)0xd1, (byte)0xd9, (byte)0x35, (byte)0x3f,
-          (byte)0x6c, (byte)0x42, (byte)0xd0, (byte)0x88, (byte)0x66, (byte)0xb1, (byte)0xd0, (byte)0x5a,
-          (byte)0x0f, (byte)0x20, (byte)0x35, (byte)0x02, (byte)0x8b, (byte)0x9d, (byte)0x89, (byte)0x02,
-          (byte)0x20, (byte)0x59, (byte)0x0b, (byte)0x95, (byte)0x72, (byte)0xa2, (byte)0xc2, (byte)0xa9,
-          (byte)0xc4, (byte)0x06, (byte)0x05, (byte)0x9d, (byte)0xc2, (byte)0xab, (byte)0x2f, (byte)0x1d,
-          (byte)0xaf, (byte)0xeb, (byte)0x7e, (byte)0x8b, (byte)0x4f, (byte)0x10, (byte)0xa7, (byte)0x54,
-          (byte)0x9e, (byte)0x8e, (byte)0xed, (byte)0xf5, (byte)0xb4, (byte)0xfc, (byte)0xe0, (byte)0x9e,
-          (byte)0x05, (byte)0x02, (byte)0x21, (byte)0x00, (byte)0x8e, (byte)0x3c, (byte)0x05, (byte)0x21,
-          (byte)0xfe, (byte)0x15, (byte)0xe0, (byte)0xea, (byte)0x06, (byte)0xa3, (byte)0x6f, (byte)0xf0,
-          (byte)0xf1, (byte)0x0c, (byte)0x99, (byte)0x52, (byte)0xc3, (byte)0x5b, (byte)0x7a, (byte)0x75,
-          (byte)0x14, (byte)0xfd, (byte)0x32, (byte)0x38, (byte)0xb8, (byte)0x0a, (byte)0xad, (byte)0x52,
-          (byte)0x98, (byte)0x62, (byte)0x8d, (byte)0x51, (byte)0x02, (byte)0x20, (byte)0x36, (byte)0x3f,
-          (byte)0xf7, (byte)0x18, (byte)0x9d, (byte)0xa8, (byte)0xe9, (byte)0x0b, (byte)0x1d, (byte)0x34,
-          (byte)0x1f, (byte)0x71, (byte)0xd0, (byte)0x9b, (byte)0x76, (byte)0xa8, (byte)0xa9, (byte)0x43,
-          (byte)0xe1, (byte)0x1d, (byte)0x10, (byte)0xb2, (byte)0x4d, (byte)0x24, (byte)0x9f, (byte)0x2d,
-          (byte)0xea, (byte)0xfe, (byte)0xf8, (byte)0x0c, (byte)0x18, (byte)0x26
-        };
-
-    static byte[] output1 = 
-    { 
-        (byte)0x1b, (byte)0x8f, (byte)0x05, (byte)0xf9, (byte)0xca, (byte)0x1a, (byte)0x79, (byte)0x52,
-        (byte)0x6e, (byte)0x53, (byte)0xf3, (byte)0xcc, (byte)0x51, (byte)0x4f, (byte)0xdb, (byte)0x89,
-        (byte)0x2b, (byte)0xfb, (byte)0x91, (byte)0x93, (byte)0x23, (byte)0x1e, (byte)0x78, (byte)0xb9,
-        (byte)0x92, (byte)0xe6, (byte)0x8d, (byte)0x50, (byte)0xa4, (byte)0x80, (byte)0xcb, (byte)0x52,
-        (byte)0x33, (byte)0x89, (byte)0x5c, (byte)0x74, (byte)0x95, (byte)0x8d, (byte)0x5d, (byte)0x02,
-        (byte)0xab, (byte)0x8c, (byte)0x0f, (byte)0xd0, (byte)0x40, (byte)0xeb, (byte)0x58, (byte)0x44,
-        (byte)0xb0, (byte)0x05, (byte)0xc3, (byte)0x9e, (byte)0xd8, (byte)0x27, (byte)0x4a, (byte)0x9d,
-        (byte)0xbf, (byte)0xa8, (byte)0x06, (byte)0x71, (byte)0x40, (byte)0x94, (byte)0x39, (byte)0xd2
-    };
-
-    static byte[] pubKeyEnc2 =
-        {
-        (byte)0x30, (byte)0x4c, (byte)0x30, (byte)0x0d, (byte)0x06, (byte)0x09, (byte)0x2a, (byte)0x86,
-        (byte)0x48, (byte)0x86, (byte)0xf7, (byte)0x0d, (byte)0x01, (byte)0x01, (byte)0x01, (byte)0x05,
-        (byte)0x00, (byte)0x03, (byte)0x3b, (byte)0x00, (byte)0x30, (byte)0x38, (byte)0x02, (byte)0x33,
-        (byte)0x00, (byte)0xa3, (byte)0x07, (byte)0x9a, (byte)0x90, (byte)0xdf, (byte)0x0d, (byte)0xfd,
-        (byte)0x72, (byte)0xac, (byte)0x09, (byte)0x0c, (byte)0xcc, (byte)0x2a, (byte)0x78, (byte)0xb8,
-        (byte)0x74, (byte)0x13, (byte)0x13, (byte)0x3e, (byte)0x40, (byte)0x75, (byte)0x9c, (byte)0x98,
-        (byte)0xfa, (byte)0xf8, (byte)0x20, (byte)0x4f, (byte)0x35, (byte)0x8a, (byte)0x0b, (byte)0x26,
-        (byte)0x3c, (byte)0x67, (byte)0x70, (byte)0xe7, (byte)0x83, (byte)0xa9, (byte)0x3b, (byte)0x69,
-        (byte)0x71, (byte)0xb7, (byte)0x37, (byte)0x79, (byte)0xd2, (byte)0x71, (byte)0x7b, (byte)0xe8,
-        (byte)0x34, (byte)0x77, (byte)0xcf, (byte)0x02, (byte)0x01, (byte)0x03
-        };
-
-    static byte[] privKeyEnc2 =
-        {
-        (byte)0x30, (byte)0x82, (byte)0x01, (byte)0x13, (byte)0x02, (byte)0x01, (byte)0x00, (byte)0x30,
-        (byte)0x0d, (byte)0x06, (byte)0x09, (byte)0x2a, (byte)0x86, (byte)0x48, (byte)0x86, (byte)0xf7,
-        (byte)0x0d, (byte)0x01, (byte)0x01, (byte)0x01, (byte)0x05, (byte)0x00, (byte)0x04, (byte)0x81,
-        (byte)0xfe, (byte)0x30, (byte)0x81, (byte)0xfb, (byte)0x02, (byte)0x01, (byte)0x00, (byte)0x02,
-        (byte)0x33, (byte)0x00, (byte)0xa3, (byte)0x07, (byte)0x9a, (byte)0x90, (byte)0xdf, (byte)0x0d,
-        (byte)0xfd, (byte)0x72, (byte)0xac, (byte)0x09, (byte)0x0c, (byte)0xcc, (byte)0x2a, (byte)0x78,
-        (byte)0xb8, (byte)0x74, (byte)0x13, (byte)0x13, (byte)0x3e, (byte)0x40, (byte)0x75, (byte)0x9c,
-        (byte)0x98, (byte)0xfa, (byte)0xf8, (byte)0x20, (byte)0x4f, (byte)0x35, (byte)0x8a, (byte)0x0b,
-        (byte)0x26, (byte)0x3c, (byte)0x67, (byte)0x70, (byte)0xe7, (byte)0x83, (byte)0xa9, (byte)0x3b,
-        (byte)0x69, (byte)0x71, (byte)0xb7, (byte)0x37, (byte)0x79, (byte)0xd2, (byte)0x71, (byte)0x7b,
-        (byte)0xe8, (byte)0x34, (byte)0x77, (byte)0xcf, (byte)0x02, (byte)0x01, (byte)0x03, (byte)0x02,
-        (byte)0x32, (byte)0x6c, (byte)0xaf, (byte)0xbc, (byte)0x60, (byte)0x94, (byte)0xb3, (byte)0xfe,
-        (byte)0x4c, (byte)0x72, (byte)0xb0, (byte)0xb3, (byte)0x32, (byte)0xc6, (byte)0xfb, (byte)0x25,
-        (byte)0xa2, (byte)0xb7, (byte)0x62, (byte)0x29, (byte)0x80, (byte)0x4e, (byte)0x68, (byte)0x65,
-        (byte)0xfc, (byte)0xa4, (byte)0x5a, (byte)0x74, (byte)0xdf, (byte)0x0f, (byte)0x8f, (byte)0xb8,
-        (byte)0x41, (byte)0x3b, (byte)0x52, (byte)0xc0, (byte)0xd0, (byte)0xe5, (byte)0x3d, (byte)0x9b,
-        (byte)0x59, (byte)0x0f, (byte)0xf1, (byte)0x9b, (byte)0xe7, (byte)0x9f, (byte)0x49, (byte)0xdd,
-        (byte)0x21, (byte)0xe5, (byte)0xeb, (byte)0x02, (byte)0x1a, (byte)0x00, (byte)0xcf, (byte)0x20,
-        (byte)0x35, (byte)0x02, (byte)0x8b, (byte)0x9d, (byte)0x86, (byte)0x98, (byte)0x40, (byte)0xb4,
-        (byte)0x16, (byte)0x66, (byte)0xb4, (byte)0x2e, (byte)0x92, (byte)0xea, (byte)0x0d, (byte)0xa3,
-        (byte)0xb4, (byte)0x32, (byte)0x04, (byte)0xb5, (byte)0xcf, (byte)0xce, (byte)0x91, (byte)0x02,
-        (byte)0x1a, (byte)0x00, (byte)0xc9, (byte)0x7f, (byte)0xb1, (byte)0xf0, (byte)0x27, (byte)0xf4,
-        (byte)0x53, (byte)0xf6, (byte)0x34, (byte)0x12, (byte)0x33, (byte)0xea, (byte)0xaa, (byte)0xd1,
-        (byte)0xd9, (byte)0x35, (byte)0x3f, (byte)0x6c, (byte)0x42, (byte)0xd0, (byte)0x88, (byte)0x66,
-        (byte)0xb1, (byte)0xd0, (byte)0x5f, (byte)0x02, (byte)0x1a, (byte)0x00, (byte)0x8a, (byte)0x15,
-        (byte)0x78, (byte)0xac, (byte)0x5d, (byte)0x13, (byte)0xaf, (byte)0x10, (byte)0x2b, (byte)0x22,
-        (byte)0xb9, (byte)0x99, (byte)0xcd, (byte)0x74, (byte)0x61, (byte)0xf1, (byte)0x5e, (byte)0x6d,
-        (byte)0x22, (byte)0xcc, (byte)0x03, (byte)0x23, (byte)0xdf, (byte)0xdf, (byte)0x0b, (byte)0x02,
-        (byte)0x1a, (byte)0x00, (byte)0x86, (byte)0x55, (byte)0x21, (byte)0x4a, (byte)0xc5, (byte)0x4d,
-        (byte)0x8d, (byte)0x4e, (byte)0xcd, (byte)0x61, (byte)0x77, (byte)0xf1, (byte)0xc7, (byte)0x36,
-        (byte)0x90, (byte)0xce, (byte)0x2a, (byte)0x48, (byte)0x2c, (byte)0x8b, (byte)0x05, (byte)0x99,
-        (byte)0xcb, (byte)0xe0, (byte)0x3f, (byte)0x02, (byte)0x1a, (byte)0x00, (byte)0x83, (byte)0xef,
-        (byte)0xef, (byte)0xb8, (byte)0xa9, (byte)0xa4, (byte)0x0d, (byte)0x1d, (byte)0xb6, (byte)0xed,
-        (byte)0x98, (byte)0xad, (byte)0x84, (byte)0xed, (byte)0x13, (byte)0x35, (byte)0xdc, (byte)0xc1,
-        (byte)0x08, (byte)0xf3, (byte)0x22, (byte)0xd0, (byte)0x57, (byte)0xcf, (byte)0x8d
-        };
-
-    static byte[] output2 =
-    {
-          (byte)0x14, (byte)0xbd, (byte)0xdd, (byte)0x28, (byte)0xc9, (byte)0x83, (byte)0x35, (byte)0x19,
-          (byte)0x23, (byte)0x80, (byte)0xe8, (byte)0xe5, (byte)0x49, (byte)0xb1, (byte)0x58, (byte)0x2a,
-          (byte)0x8b, (byte)0x40, (byte)0xb4, (byte)0x48, (byte)0x6d, (byte)0x03, (byte)0xa6, (byte)0xa5,
-          (byte)0x31, (byte)0x1f, (byte)0x1f, (byte)0xd5, (byte)0xf0, (byte)0xa1, (byte)0x80, (byte)0xe4,
-          (byte)0x17, (byte)0x53, (byte)0x03, (byte)0x29, (byte)0xa9, (byte)0x34, (byte)0x90, (byte)0x74,
-          (byte)0xb1, (byte)0x52, (byte)0x13, (byte)0x54, (byte)0x29, (byte)0x08, (byte)0x24, (byte)0x52,
-          (byte)0x62, (byte)0x51
-    };
-
-    static byte[] pubKeyEnc3 =
-    {
-          (byte)0x30, (byte)0x81, (byte)0x9d, (byte)0x30, (byte)0x0d, (byte)0x06, (byte)0x09, (byte)0x2a,
-          (byte)0x86, (byte)0x48, (byte)0x86, (byte)0xf7, (byte)0x0d, (byte)0x01, (byte)0x01, (byte)0x01,
-          (byte)0x05, (byte)0x00, (byte)0x03, (byte)0x81, (byte)0x8b, (byte)0x00, (byte)0x30, (byte)0x81,
-          (byte)0x87, (byte)0x02, (byte)0x81, (byte)0x81, (byte)0x00, (byte)0xbb, (byte)0xf8, (byte)0x2f,
-          (byte)0x09, (byte)0x06, (byte)0x82, (byte)0xce, (byte)0x9c, (byte)0x23, (byte)0x38, (byte)0xac,
-          (byte)0x2b, (byte)0x9d, (byte)0xa8, (byte)0x71, (byte)0xf7, (byte)0x36, (byte)0x8d, (byte)0x07,
-          (byte)0xee, (byte)0xd4, (byte)0x10, (byte)0x43, (byte)0xa4, (byte)0x40, (byte)0xd6, (byte)0xb6,
-          (byte)0xf0, (byte)0x74, (byte)0x54, (byte)0xf5, (byte)0x1f, (byte)0xb8, (byte)0xdf, (byte)0xba,
-          (byte)0xaf, (byte)0x03, (byte)0x5c, (byte)0x02, (byte)0xab, (byte)0x61, (byte)0xea, (byte)0x48,
-          (byte)0xce, (byte)0xeb, (byte)0x6f, (byte)0xcd, (byte)0x48, (byte)0x76, (byte)0xed, (byte)0x52,
-          (byte)0x0d, (byte)0x60, (byte)0xe1, (byte)0xec, (byte)0x46, (byte)0x19, (byte)0x71, (byte)0x9d,
-          (byte)0x8a, (byte)0x5b, (byte)0x8b, (byte)0x80, (byte)0x7f, (byte)0xaf, (byte)0xb8, (byte)0xe0,
-          (byte)0xa3, (byte)0xdf, (byte)0xc7, (byte)0x37, (byte)0x72, (byte)0x3e, (byte)0xe6, (byte)0xb4,
-          (byte)0xb7, (byte)0xd9, (byte)0x3a, (byte)0x25, (byte)0x84, (byte)0xee, (byte)0x6a, (byte)0x64,
-          (byte)0x9d, (byte)0x06, (byte)0x09, (byte)0x53, (byte)0x74, (byte)0x88, (byte)0x34, (byte)0xb2,
-          (byte)0x45, (byte)0x45, (byte)0x98, (byte)0x39, (byte)0x4e, (byte)0xe0, (byte)0xaa, (byte)0xb1,
-          (byte)0x2d, (byte)0x7b, (byte)0x61, (byte)0xa5, (byte)0x1f, (byte)0x52, (byte)0x7a, (byte)0x9a,
-          (byte)0x41, (byte)0xf6, (byte)0xc1, (byte)0x68, (byte)0x7f, (byte)0xe2, (byte)0x53, (byte)0x72,
-          (byte)0x98, (byte)0xca, (byte)0x2a, (byte)0x8f, (byte)0x59, (byte)0x46, (byte)0xf8, (byte)0xe5,
-          (byte)0xfd, (byte)0x09, (byte)0x1d, (byte)0xbd, (byte)0xcb, (byte)0x02, (byte)0x01, (byte)0x11
-    };
-
-    static byte[] privKeyEnc3 =
-    {
-        (byte)0x30, (byte)0x82, (byte)0x02, (byte)0x75, (byte)0x02, (byte)0x01, (byte)0x00, (byte)0x30,
-        (byte)0x0d, (byte)0x06, (byte)0x09, (byte)0x2a, (byte)0x86, (byte)0x48, (byte)0x86, (byte)0xf7,
-        (byte)0x0d, (byte)0x01, (byte)0x01, (byte)0x01, (byte)0x05, (byte)0x00, (byte)0x04, (byte)0x82,
-        (byte)0x02, (byte)0x5f, (byte)0x30, (byte)0x82, (byte)0x02, (byte)0x5b, (byte)0x02, (byte)0x01,
-        (byte)0x00, (byte)0x02, (byte)0x81, (byte)0x81, (byte)0x00, (byte)0xbb, (byte)0xf8, (byte)0x2f,
-        (byte)0x09, (byte)0x06, (byte)0x82, (byte)0xce, (byte)0x9c, (byte)0x23, (byte)0x38, (byte)0xac,
-        (byte)0x2b, (byte)0x9d, (byte)0xa8, (byte)0x71, (byte)0xf7, (byte)0x36, (byte)0x8d, (byte)0x07,
-        (byte)0xee, (byte)0xd4, (byte)0x10, (byte)0x43, (byte)0xa4, (byte)0x40, (byte)0xd6, (byte)0xb6,
-        (byte)0xf0, (byte)0x74, (byte)0x54, (byte)0xf5, (byte)0x1f, (byte)0xb8, (byte)0xdf, (byte)0xba,
-        (byte)0xaf, (byte)0x03, (byte)0x5c, (byte)0x02, (byte)0xab, (byte)0x61, (byte)0xea, (byte)0x48,
-        (byte)0xce, (byte)0xeb, (byte)0x6f, (byte)0xcd, (byte)0x48, (byte)0x76, (byte)0xed, (byte)0x52,
-        (byte)0x0d, (byte)0x60, (byte)0xe1, (byte)0xec, (byte)0x46, (byte)0x19, (byte)0x71, (byte)0x9d,
-        (byte)0x8a, (byte)0x5b, (byte)0x8b, (byte)0x80, (byte)0x7f, (byte)0xaf, (byte)0xb8, (byte)0xe0,
-        (byte)0xa3, (byte)0xdf, (byte)0xc7, (byte)0x37, (byte)0x72, (byte)0x3e, (byte)0xe6, (byte)0xb4,
-        (byte)0xb7, (byte)0xd9, (byte)0x3a, (byte)0x25, (byte)0x84, (byte)0xee, (byte)0x6a, (byte)0x64,
-        (byte)0x9d, (byte)0x06, (byte)0x09, (byte)0x53, (byte)0x74, (byte)0x88, (byte)0x34, (byte)0xb2,
-        (byte)0x45, (byte)0x45, (byte)0x98, (byte)0x39, (byte)0x4e, (byte)0xe0, (byte)0xaa, (byte)0xb1,
-        (byte)0x2d, (byte)0x7b, (byte)0x61, (byte)0xa5, (byte)0x1f, (byte)0x52, (byte)0x7a, (byte)0x9a,
-        (byte)0x41, (byte)0xf6, (byte)0xc1, (byte)0x68, (byte)0x7f, (byte)0xe2, (byte)0x53, (byte)0x72,
-        (byte)0x98, (byte)0xca, (byte)0x2a, (byte)0x8f, (byte)0x59, (byte)0x46, (byte)0xf8, (byte)0xe5,
-        (byte)0xfd, (byte)0x09, (byte)0x1d, (byte)0xbd, (byte)0xcb, (byte)0x02, (byte)0x01, (byte)0x11,
-        (byte)0x02, (byte)0x81, (byte)0x81, (byte)0x00, (byte)0xa5, (byte)0xda, (byte)0xfc, (byte)0x53,
-        (byte)0x41, (byte)0xfa, (byte)0xf2, (byte)0x89, (byte)0xc4, (byte)0xb9, (byte)0x88, (byte)0xdb,
-        (byte)0x30, (byte)0xc1, (byte)0xcd, (byte)0xf8, (byte)0x3f, (byte)0x31, (byte)0x25, (byte)0x1e,
-        (byte)0x06, (byte)0x68, (byte)0xb4, (byte)0x27, (byte)0x84, (byte)0x81, (byte)0x38, (byte)0x01,
-        (byte)0x57, (byte)0x96, (byte)0x41, (byte)0xb2, (byte)0x94, (byte)0x10, (byte)0xb3, (byte)0xc7,
-        (byte)0x99, (byte)0x8d, (byte)0x6b, (byte)0xc4, (byte)0x65, (byte)0x74, (byte)0x5e, (byte)0x5c,
-        (byte)0x39, (byte)0x26, (byte)0x69, (byte)0xd6, (byte)0x87, (byte)0x0d, (byte)0xa2, (byte)0xc0,
-        (byte)0x82, (byte)0xa9, (byte)0x39, (byte)0xe3, (byte)0x7f, (byte)0xdc, (byte)0xb8, (byte)0x2e,
-        (byte)0xc9, (byte)0x3e, (byte)0xda, (byte)0xc9, (byte)0x7f, (byte)0xf3, (byte)0xad, (byte)0x59,
-        (byte)0x50, (byte)0xac, (byte)0xcf, (byte)0xbc, (byte)0x11, (byte)0x1c, (byte)0x76, (byte)0xf1,
-        (byte)0xa9, (byte)0x52, (byte)0x94, (byte)0x44, (byte)0xe5, (byte)0x6a, (byte)0xaf, (byte)0x68,
-        (byte)0xc5, (byte)0x6c, (byte)0x09, (byte)0x2c, (byte)0xd3, (byte)0x8d, (byte)0xc3, (byte)0xbe,
-        (byte)0xf5, (byte)0xd2, (byte)0x0a, (byte)0x93, (byte)0x99, (byte)0x26, (byte)0xed, (byte)0x4f,
-        (byte)0x74, (byte)0xa1, (byte)0x3e, (byte)0xdd, (byte)0xfb, (byte)0xe1, (byte)0xa1, (byte)0xce,
-        (byte)0xcc, (byte)0x48, (byte)0x94, (byte)0xaf, (byte)0x94, (byte)0x28, (byte)0xc2, (byte)0xb7,
-        (byte)0xb8, (byte)0x88, (byte)0x3f, (byte)0xe4, (byte)0x46, (byte)0x3a, (byte)0x4b, (byte)0xc8,
-        (byte)0x5b, (byte)0x1c, (byte)0xb3, (byte)0xc1, (byte)0x02, (byte)0x41, (byte)0x00, (byte)0xee,
-        (byte)0xcf, (byte)0xae, (byte)0x81, (byte)0xb1, (byte)0xb9, (byte)0xb3, (byte)0xc9, (byte)0x08,
-        (byte)0x81, (byte)0x0b, (byte)0x10, (byte)0xa1, (byte)0xb5, (byte)0x60, (byte)0x01, (byte)0x99,
-        (byte)0xeb, (byte)0x9f, (byte)0x44, (byte)0xae, (byte)0xf4, (byte)0xfd, (byte)0xa4, (byte)0x93,
-        (byte)0xb8, (byte)0x1a, (byte)0x9e, (byte)0x3d, (byte)0x84, (byte)0xf6, (byte)0x32, (byte)0x12,
-        (byte)0x4e, (byte)0xf0, (byte)0x23, (byte)0x6e, (byte)0x5d, (byte)0x1e, (byte)0x3b, (byte)0x7e,
-        (byte)0x28, (byte)0xfa, (byte)0xe7, (byte)0xaa, (byte)0x04, (byte)0x0a, (byte)0x2d, (byte)0x5b,
-        (byte)0x25, (byte)0x21, (byte)0x76, (byte)0x45, (byte)0x9d, (byte)0x1f, (byte)0x39, (byte)0x75,
-        (byte)0x41, (byte)0xba, (byte)0x2a, (byte)0x58, (byte)0xfb, (byte)0x65, (byte)0x99, (byte)0x02,
-        (byte)0x41, (byte)0x00, (byte)0xc9, (byte)0x7f, (byte)0xb1, (byte)0xf0, (byte)0x27, (byte)0xf4,
-        (byte)0x53, (byte)0xf6, (byte)0x34, (byte)0x12, (byte)0x33, (byte)0xea, (byte)0xaa, (byte)0xd1,
-        (byte)0xd9, (byte)0x35, (byte)0x3f, (byte)0x6c, (byte)0x42, (byte)0xd0, (byte)0x88, (byte)0x66,
-        (byte)0xb1, (byte)0xd0, (byte)0x5a, (byte)0x0f, (byte)0x20, (byte)0x35, (byte)0x02, (byte)0x8b,
-        (byte)0x9d, (byte)0x86, (byte)0x98, (byte)0x40, (byte)0xb4, (byte)0x16, (byte)0x66, (byte)0xb4,
-        (byte)0x2e, (byte)0x92, (byte)0xea, (byte)0x0d, (byte)0xa3, (byte)0xb4, (byte)0x32, (byte)0x04,
-        (byte)0xb5, (byte)0xcf, (byte)0xce, (byte)0x33, (byte)0x52, (byte)0x52, (byte)0x4d, (byte)0x04,
-        (byte)0x16, (byte)0xa5, (byte)0xa4, (byte)0x41, (byte)0xe7, (byte)0x00, (byte)0xaf, (byte)0x46,
-        (byte)0x15, (byte)0x03, (byte)0x02, (byte)0x40, (byte)0x54, (byte)0x49, (byte)0x4c, (byte)0xa6,
-        (byte)0x3e, (byte)0xba, (byte)0x03, (byte)0x37, (byte)0xe4, (byte)0xe2, (byte)0x40, (byte)0x23,
-        (byte)0xfc, (byte)0xd6, (byte)0x9a, (byte)0x5a, (byte)0xeb, (byte)0x07, (byte)0xdd, (byte)0xdc,
-        (byte)0x01, (byte)0x83, (byte)0xa4, (byte)0xd0, (byte)0xac, (byte)0x9b, (byte)0x54, (byte)0xb0,
-        (byte)0x51, (byte)0xf2, (byte)0xb1, (byte)0x3e, (byte)0xd9, (byte)0x49, (byte)0x09, (byte)0x75,
-        (byte)0xea, (byte)0xb7, (byte)0x74, (byte)0x14, (byte)0xff, (byte)0x59, (byte)0xc1, (byte)0xf7,
-        (byte)0x69, (byte)0x2e, (byte)0x9a, (byte)0x2e, (byte)0x20, (byte)0x2b, (byte)0x38, (byte)0xfc,
-        (byte)0x91, (byte)0x0a, (byte)0x47, (byte)0x41, (byte)0x74, (byte)0xad, (byte)0xc9, (byte)0x3c,
-        (byte)0x1f, (byte)0x67, (byte)0xc9, (byte)0x81, (byte)0x02, (byte)0x40, (byte)0x47, (byte)0x1e,
-        (byte)0x02, (byte)0x90, (byte)0xff, (byte)0x0a, (byte)0xf0, (byte)0x75, (byte)0x03, (byte)0x51,
-        (byte)0xb7, (byte)0xf8, (byte)0x78, (byte)0x86, (byte)0x4c, (byte)0xa9, (byte)0x61, (byte)0xad,
-        (byte)0xbd, (byte)0x3a, (byte)0x8a, (byte)0x7e, (byte)0x99, (byte)0x1c, (byte)0x5c, (byte)0x05,
-        (byte)0x56, (byte)0xa9, (byte)0x4c, (byte)0x31, (byte)0x46, (byte)0xa7, (byte)0xf9, (byte)0x80,
-        (byte)0x3f, (byte)0x8f, (byte)0x6f, (byte)0x8a, (byte)0xe3, (byte)0x42, (byte)0xe9, (byte)0x31,
-        (byte)0xfd, (byte)0x8a, (byte)0xe4, (byte)0x7a, (byte)0x22, (byte)0x0d, (byte)0x1b, (byte)0x99,
-        (byte)0xa4, (byte)0x95, (byte)0x84, (byte)0x98, (byte)0x07, (byte)0xfe, (byte)0x39, (byte)0xf9,
-        (byte)0x24, (byte)0x5a, (byte)0x98, (byte)0x36, (byte)0xda, (byte)0x3d, (byte)0x02, (byte)0x41,
-        (byte)0x00, (byte)0xb0, (byte)0x6c, (byte)0x4f, (byte)0xda, (byte)0xbb, (byte)0x63, (byte)0x01,
-        (byte)0x19, (byte)0x8d, (byte)0x26, (byte)0x5b, (byte)0xdb, (byte)0xae, (byte)0x94, (byte)0x23,
-        (byte)0xb3, (byte)0x80, (byte)0xf2, (byte)0x71, (byte)0xf7, (byte)0x34, (byte)0x53, (byte)0x88,
-        (byte)0x50, (byte)0x93, (byte)0x07, (byte)0x7f, (byte)0xcd, (byte)0x39, (byte)0xe2, (byte)0x11,
-        (byte)0x9f, (byte)0xc9, (byte)0x86, (byte)0x32, (byte)0x15, (byte)0x4f, (byte)0x58, (byte)0x83,
-        (byte)0xb1, (byte)0x67, (byte)0xa9, (byte)0x67, (byte)0xbf, (byte)0x40, (byte)0x2b, (byte)0x4e,
-        (byte)0x9e, (byte)0x2e, (byte)0x0f, (byte)0x96, (byte)0x56, (byte)0xe6, (byte)0x98, (byte)0xea,
-        (byte)0x36, (byte)0x66, (byte)0xed, (byte)0xfb, (byte)0x25, (byte)0x79, (byte)0x80, (byte)0x39,
-        (byte)0xf7
-    };
-
-    static byte[] output3 = Hex.decode(
-        "b8246b56a6ed5881aeb585d9a25b2ad790c417e080681bf1ac2bc3deb69d8bce"
-      + "f0c4366fec400af052a72e9b0effb5b3f2f192dbeaca03c12740057113bf1f06"
-      + "69ac22e9f3a7852e3c15d913cab0b8863a95c99294ce8674214954610346f4d4"
-      + "74b26f7c48b42ee68e1f572a1fc4026ac456b4f59f7b621ea1b9d88f64202fb1");
-
-    byte[]  seed = {
-                (byte)0xaa, (byte)0xfd, (byte)0x12, (byte)0xf6, (byte)0x59,
-                (byte)0xca, (byte)0xe6, (byte)0x34, (byte)0x89, (byte)0xb4,
-                (byte)0x79, (byte)0xe5, (byte)0x07, (byte)0x6d, (byte)0xde,
-                (byte)0xc2, (byte)0xf0, (byte)0x6c, (byte)0xb5, (byte)0x8f
-    };
-
-    private class VecRand extends SecureRandom
-    {
-        byte[] seed;
-
-        VecRand(byte[] seed)
-        {
-            this.seed = seed;
-        }
-
-        public void nextBytes(
-            byte[]  bytes)
-        {
-            System.arraycopy(seed, 0, bytes, 0, bytes.length);
-        }
-    }
-
-    private void baseOaepTest(
-        int     id,
-        byte[]  pubKeyEnc,
-        byte[]  privKeyEnc,
-        byte[]  output)
-        throws Exception
-    {
-        ByteArrayInputStream    bIn = new ByteArrayInputStream(pubKeyEnc);
-        ASN1InputStream         dIn = new ASN1InputStream(bIn);
-
-        //
-        // extract the public key info.
-        //
-        RSAPublicKey pubStruct;
-
-        pubStruct = RSAPublicKey.getInstance(SubjectPublicKeyInfo.getInstance(dIn.readObject()).parsePublicKey());
-
-
-        bIn = new ByteArrayInputStream(privKeyEnc);
-        dIn = new ASN1InputStream(bIn);
-
-        //
-        // extract the private key info.
-        //
-        RSAPrivateKey privStruct;
-
-        privStruct = RSAPrivateKey.getInstance(PrivateKeyInfo.getInstance(dIn.readObject()).parsePrivateKey());
-
-        RSAKeyParameters    pubParameters = new RSAKeyParameters(
-                                                    false,
-                                                    pubStruct.getModulus(),
-                                                    pubStruct.getPublicExponent());
-
-        RSAKeyParameters    privParameters = new RSAPrivateCrtKeyParameters(
-                                                    privStruct.getModulus(),
-                                                    privStruct.getPublicExponent(),
-                                                    privStruct.getPrivateExponent(),
-                                                    privStruct.getPrime1(),
-                                                    privStruct.getPrime2(),
-                                                    privStruct.getExponent1(),
-                                                    privStruct.getExponent2(),
-                                                    privStruct.getCoefficient());
-
-        byte[]  input = new byte[]
-                    { (byte)0x54, (byte)0x85, (byte)0x9b, (byte)0x34, (byte)0x2c, (byte)0x49, (byte)0xea, (byte)0x2a };
-
-        encDec("id(" + id + ")", pubParameters, privParameters, seed, input, output);
-
-    }
-
-    private void encDec(
-        String label,
-        RSAKeyParameters pubParameters,
-        RSAKeyParameters privParameters,
-        byte[] seed,
-        byte[] input,
-        byte[] output)
-        throws InvalidCipherTextException
-    {
-        AsymmetricBlockCipher cipher = new OAEPEncoding(new RSAEngine());
-
-        cipher.init(true, new ParametersWithRandom(pubParameters, new VecRand(seed)));
-
-        byte[]  out;
-
-        out = cipher.processBlock(input, 0, input.length);
-
-        for (int i = 0; i != output.length; i++)
-        {
-            if (out[i] != output[i])
-            {
-                fail(label + " failed encryption");
-            }
-        }
-
-        cipher.init(false, privParameters);
-
-        out = cipher.processBlock(output, 0, output.length);
-
-        for (int i = 0; i != input.length; i++)
-        {
-            if (out[i] != input[i])
-            {
-                fail(label + " failed decoding");
-            }
-        }
-    }
-
-    /*
-     * RSA vector tests from PKCS#1 page
-     */
-    byte[] modulus_1024 = Hex.decode(
-       "a8b3b284af8eb50b387034a860f146c4"
-     + "919f318763cd6c5598c8ae4811a1e0ab"
-     + "c4c7e0b082d693a5e7fced675cf46685"
-     + "12772c0cbc64a742c6c630f533c8cc72"
-     + "f62ae833c40bf25842e984bb78bdbf97"
-     + "c0107d55bdb662f5c4e0fab9845cb514"
-     + "8ef7392dd3aaff93ae1e6b667bb3d424"
-     + "7616d4f5ba10d4cfd226de88d39f16fb");
-
-    byte[] pubExp_1024 = Hex.decode(
-       "010001");
-
-    byte[] privExp_1024 = Hex.decode(
-       "53339cfdb79fc8466a655c7316aca85c"
-     + "55fd8f6dd898fdaf119517ef4f52e8fd"
-     + "8e258df93fee180fa0e4ab29693cd83b"
-     + "152a553d4ac4d1812b8b9fa5af0e7f55"
-     + "fe7304df41570926f3311f15c4d65a73"
-     + "2c483116ee3d3d2d0af3549ad9bf7cbf"
-     + "b78ad884f84d5beb04724dc7369b31de"
-     + "f37d0cf539e9cfcdd3de653729ead5d1");
-
-    byte[] prime1_1024 = Hex.decode(
-       "d32737e7267ffe1341b2d5c0d150a81b"
-     + "586fb3132bed2f8d5262864a9cb9f30a"
-     + "f38be448598d413a172efb802c21acf1"
-     + "c11c520c2f26a471dcad212eac7ca39d");
-
-    byte[] prime2_1024 = Hex.decode(
-       "cc8853d1d54da630fac004f471f281c7"
-     + "b8982d8224a490edbeb33d3e3d5cc93c"
-     + "4765703d1dd791642f1f116a0dd852be"
-     + "2419b2af72bfe9a030e860b0288b5d77");
-
-    byte[] primeExp1_1024 = Hex.decode(
-       "0e12bf1718e9cef5599ba1c3882fe804"
-     + "6a90874eefce8f2ccc20e4f2741fb0a3"
-     + "3a3848aec9c9305fbecbd2d76819967d"
-     + "4671acc6431e4037968db37878e695c1");
-
-    byte[] primeExp2_1024 = Hex.decode(
-        "95297b0f95a2fa67d00707d609dfd4fc"
-     +  "05c89dafc2ef6d6ea55bec771ea33373"
-     +  "4d9251e79082ecda866efef13c459e1a"
-     +  "631386b7e354c899f5f112ca85d71583");
-
-    byte[] crtCoef_1024 = Hex.decode(
-        "4f456c502493bdc0ed2ab756a3a6ed4d"
-     +  "67352a697d4216e93212b127a63d5411"
-     +  "ce6fa98d5dbefd73263e372814274381"
-     +  "8166ed7dd63687dd2a8ca1d2f4fbd8e1");
-
-    byte[] input_1024_1 = Hex.decode(
-        "6628194e12073db03ba94cda9ef95323"
-      + "97d50dba79b987004afefe34");
-
-    byte[] seed_1024_1 = Hex.decode(
-        "18b776ea21069d69776a33e96bad48e1"
-      + "dda0a5ef");
-
-    byte[] output_1024_1 = Hex.decode(
-        "354fe67b4a126d5d35fe36c777791a3f"
-      + "7ba13def484e2d3908aff722fad468fb"
-      + "21696de95d0be911c2d3174f8afcc201"
-      + "035f7b6d8e69402de5451618c21a535f"
-      + "a9d7bfc5b8dd9fc243f8cf927db31322"
-      + "d6e881eaa91a996170e657a05a266426"
-      + "d98c88003f8477c1227094a0d9fa1e8c"
-      + "4024309ce1ecccb5210035d47ac72e8a");
-
-    byte[] input_1024_2 = Hex.decode(
-        "750c4047f547e8e41411856523298ac9"
-      +  "bae245efaf1397fbe56f9dd5");
-
-    byte[] seed_1024_2 = Hex.decode(
-        "0cc742ce4a9b7f32f951bcb251efd925"
-      + "fe4fe35f");
-
-    byte[] output_1024_2 = Hex.decode(
-        "640db1acc58e0568fe5407e5f9b701df"
-      + "f8c3c91e716c536fc7fcec6cb5b71c11"
-      + "65988d4a279e1577d730fc7a29932e3f"
-      + "00c81515236d8d8e31017a7a09df4352"
-      + "d904cdeb79aa583adcc31ea698a4c052"
-      + "83daba9089be5491f67c1a4ee48dc74b"
-      + "bbe6643aef846679b4cb395a352d5ed1"
-      + "15912df696ffe0702932946d71492b44");
-
-    byte[] input_1024_3 = Hex.decode(
-        "d94ae0832e6445ce42331cb06d531a82"
-      + "b1db4baad30f746dc916df24d4e3c245"
-      + "1fff59a6423eb0e1d02d4fe646cf699d"
-      + "fd818c6e97b051");
-
-    byte[] seed_1024_3 = Hex.decode(
-        "2514df4695755a67b288eaf4905c36ee"
-      + "c66fd2fd");
-
-    byte[] output_1024_3 = Hex.decode(
-        "423736ed035f6026af276c35c0b3741b"
-      + "365e5f76ca091b4e8c29e2f0befee603"
-      + "595aa8322d602d2e625e95eb81b2f1c9"
-      + "724e822eca76db8618cf09c5343503a4"
-      + "360835b5903bc637e3879fb05e0ef326"
-      + "85d5aec5067cd7cc96fe4b2670b6eac3"
-      + "066b1fcf5686b68589aafb7d629b02d8"
-      + "f8625ca3833624d4800fb081b1cf94eb");
-
-    byte[] input_1024_4 = Hex.decode(
-        "52e650d98e7f2a048b4f86852153b97e"
-      + "01dd316f346a19f67a85");
-
-    byte[] seed_1024_4 = Hex.decode(
-        "c4435a3e1a18a68b6820436290a37cef"
-      + "b85db3fb");
-
-    byte[] output_1024_4 = Hex.decode(
-        "45ead4ca551e662c9800f1aca8283b05"
-      + "25e6abae30be4b4aba762fa40fd3d38e"
-      + "22abefc69794f6ebbbc05ddbb1121624"
-      + "7d2f412fd0fba87c6e3acd888813646f"
-      + "d0e48e785204f9c3f73d6d8239562722"
-      + "dddd8771fec48b83a31ee6f592c4cfd4"
-      + "bc88174f3b13a112aae3b9f7b80e0fc6"
-      + "f7255ba880dc7d8021e22ad6a85f0755");
-
-    byte[] input_1024_5 = Hex.decode(
-        "8da89fd9e5f974a29feffb462b49180f"
-      + "6cf9e802");
-
-    byte[] seed_1024_5 = Hex.decode(
-        "b318c42df3be0f83fea823f5a7b47ed5"
-      + "e425a3b5");
-
-    byte[] output_1024_5 = Hex.decode(
-        "36f6e34d94a8d34daacba33a2139d00a"
-      + "d85a9345a86051e73071620056b920e2"
-      + "19005855a213a0f23897cdcd731b4525"
-      + "7c777fe908202befdd0b58386b1244ea"
-      + "0cf539a05d5d10329da44e13030fd760"
-      + "dcd644cfef2094d1910d3f433e1c7c6d"
-      + "d18bc1f2df7f643d662fb9dd37ead905"
-      + "9190f4fa66ca39e869c4eb449cbdc439");
-
-    byte[] input_1024_6 = Hex.decode(
-        "26521050844271");
-
-    byte[] seed_1024_6 = Hex.decode(
-        "e4ec0982c2336f3a677f6a356174eb0c"
-      + "e887abc2");
-
-    byte[] output_1024_6 = Hex.decode(
-        "42cee2617b1ecea4db3f4829386fbd61"
-      + "dafbf038e180d837c96366df24c097b4"
-      + "ab0fac6bdf590d821c9f10642e681ad0"
-      + "5b8d78b378c0f46ce2fad63f74e0ad3d"
-      + "f06b075d7eb5f5636f8d403b9059ca76"
-      + "1b5c62bb52aa45002ea70baace08ded2"
-      + "43b9d8cbd62a68ade265832b56564e43"
-      + "a6fa42ed199a099769742df1539e8255");
-
-    byte[] modulus_1027 = Hex.decode(
-        "051240b6cc0004fa48d0134671c078c7"
-      + "c8dec3b3e2f25bc2564467339db38853"
-      + "d06b85eea5b2de353bff42ac2e46bc97"
-      + "fae6ac9618da9537a5c8f553c1e35762"
-      + "5991d6108dcd7885fb3a25413f53efca"
-      + "d948cb35cd9b9ae9c1c67626d113d57d"
-      + "de4c5bea76bb5bb7de96c00d07372e96"
-      + "85a6d75cf9d239fa148d70931b5f3fb0"
-      + "39");
-
-    byte[] pubExp_1027 = Hex.decode(
-        "010001");
-
-    byte[] privExp_1027 = Hex.decode(
-        "0411ffca3b7ca5e9e9be7fe38a85105e"
-      + "353896db05c5796aecd2a725161eb365"
-      + "1c8629a9b862b904d7b0c7b37f8cb5a1"
-      + "c2b54001018a00a1eb2cafe4ee4e9492"
-      + "c348bc2bedab4b9ebbf064e8eff322b9"
-      + "009f8eec653905f40df88a3cdc49d456"
-      + "7f75627d41aca624129b46a0b7c698e5"
-      + "e65f2b7ba102c749a10135b6540d0401");
-
-    byte[] prime1_1027 = Hex.decode(
-        "027458c19ec1636919e736c9af25d609"
-      + "a51b8f561d19c6bf6943dd1ee1ab8a4a"
-      + "3f232100bd40b88decc6ba235548b6ef"
-      + "792a11c9de823d0a7922c7095b6eba57"
-      + "01");
-
-    byte[] prime2_1027 = Hex.decode(
-        "0210ee9b33ab61716e27d251bd465f4b"
-      + "35a1a232e2da00901c294bf22350ce49"
-      + "0d099f642b5375612db63ba1f2038649"
-      + "2bf04d34b3c22bceb909d13441b53b51"
-      + "39");
-
-    byte[] primeExp1_1027 = Hex.decode(
-        "39fa028b826e88c1121b750a8b242fa9"
-      + "a35c5b66bdfd1fa637d3cc48a84a4f45"
-      + "7a194e7727e49f7bcc6e5a5a412657fc"
-      + "470c7322ebc37416ef458c307a8c0901");
-
-    byte[] primeExp2_1027 = Hex.decode(
-        "015d99a84195943979fa9e1be2c3c1b6"
-      + "9f432f46fd03e47d5befbbbfd6b1d137"
-      + "1d83efb330a3e020942b2fed115e5d02"
-      + "be24fd92c9019d1cecd6dd4cf1e54cc8"
-      + "99");
-
-    byte[] crtCoef_1027 = Hex.decode(
-        "01f0b7015170b3f5e42223ba30301c41"
-      + "a6d87cbb70e30cb7d3c67d25473db1f6"
-      + "cbf03e3f9126e3e97968279a865b2c2b"
-      + "426524cfc52a683d31ed30eb984be412"
-      + "ba");
-
-    byte[] input_1027_1 = Hex.decode(
-        "4a86609534ee434a6cbca3f7e962e76d"
-      + "455e3264c19f605f6e5ff6137c65c56d"
-      + "7fb344cd52bc93374f3d166c9f0c6f9c"
-      + "506bad19330972d2");
-
-    byte[] seed_1027_1 = Hex.decode(
-        "1cac19ce993def55f98203f6852896c9"
-      + "5ccca1f3");
-
-    byte[] output_1027_1 = Hex.decode(
-        "04cce19614845e094152a3fe18e54e33"
-      + "30c44e5efbc64ae16886cb1869014cc5"
-      + "781b1f8f9e045384d0112a135ca0d12e"
-      + "9c88a8e4063416deaae3844f60d6e96f"
-      + "e155145f4525b9a34431ca3766180f70"
-      + "e15a5e5d8e8b1a516ff870609f13f896"
-      + "935ced188279a58ed13d07114277d75c"
-      + "6568607e0ab092fd803a223e4a8ee0b1"
-      + "a8");
-
-    byte[] input_1027_2 = Hex.decode(
-        "b0adc4f3fe11da59ce992773d9059943"
-      + "c03046497ee9d9f9a06df1166db46d98"
-      + "f58d27ec074c02eee6cbe2449c8b9fc5"
-      + "080c5c3f4433092512ec46aa793743c8");
-
-    byte[] seed_1027_2 = Hex.decode(
-        "f545d5897585e3db71aa0cb8da76c51d"
-      + "032ae963");
-
-    byte[] output_1027_2 = Hex.decode(
-        "0097b698c6165645b303486fbf5a2a44"
-      + "79c0ee85889b541a6f0b858d6b6597b1"
-      + "3b854eb4f839af03399a80d79bda6578"
-      + "c841f90d645715b280d37143992dd186"
-      + "c80b949b775cae97370e4ec97443136c"
-      + "6da484e970ffdb1323a20847821d3b18"
-      + "381de13bb49aaea66530c4a4b8271f3e"
-      + "ae172cd366e07e6636f1019d2a28aed1"
-      + "5e");
-
-    byte[] input_1027_3 = Hex.decode(
-        "bf6d42e701707b1d0206b0c8b45a1c72"
-      + "641ff12889219a82bdea965b5e79a96b"
-      + "0d0163ed9d578ec9ada20f2fbcf1ea3c"
-      + "4089d83419ba81b0c60f3606da99");
-
-    byte[] seed_1027_3 = Hex.decode(
-        "ad997feef730d6ea7be60d0dc52e72ea"
-      + "cbfdd275");
-
-    byte[] output_1027_3 = Hex.decode(
-        "0301f935e9c47abcb48acbbe09895d9f"
-      + "5971af14839da4ff95417ee453d1fd77"
-      + "319072bb7297e1b55d7561cd9d1bb24c"
-      + "1a9a37c619864308242804879d86ebd0"
-      + "01dce5183975e1506989b70e5a834341"
-      + "54d5cbfd6a24787e60eb0c658d2ac193"
-      + "302d1192c6e622d4a12ad4b53923bca2"
-      + "46df31c6395e37702c6a78ae081fb9d0"
-      + "65");
-
-    byte[] input_1027_4 = Hex.decode(
-        "fb2ef112f5e766eb94019297934794f7"
-      + "be2f6fc1c58e");
-
-    byte[] seed_1027_4 = Hex.decode(
-        "136454df5730f73c807a7e40d8c1a312"
-      + "ac5b9dd3");
-
-    byte[] output_1027_4 = Hex.decode(
-        "02d110ad30afb727beb691dd0cf17d0a"
-      + "f1a1e7fa0cc040ec1a4ba26a42c59d0a"
-      + "796a2e22c8f357ccc98b6519aceb682e"
-      + "945e62cb734614a529407cd452bee3e4"
-      + "4fece8423cc19e55548b8b994b849c7e"
-      + "cde4933e76037e1d0ce44275b08710c6"
-      + "8e430130b929730ed77e09b015642c55"
-      + "93f04e4ffb9410798102a8e96ffdfe11"
-      + "e4");
-
-    byte[] input_1027_5 = Hex.decode(
-        "28ccd447bb9e85166dabb9e5b7d1adad"
-      + "c4b9d39f204e96d5e440ce9ad928bc1c"
-      + "2284");
-
-    byte[] seed_1027_5 = Hex.decode(
-        "bca8057f824b2ea257f2861407eef63d"
-      + "33208681");
-
-    byte[] output_1027_5 = Hex.decode(
-        "00dbb8a7439d90efd919a377c54fae8f"
-      + "e11ec58c3b858362e23ad1b8a4431079"
-      + "9066b99347aa525691d2adc58d9b06e3"
-      + "4f288c170390c5f0e11c0aa3645959f1"
-      + "8ee79e8f2be8d7ac5c23d061f18dd74b"
-      + "8c5f2a58fcb5eb0c54f99f01a8324756"
-      + "8292536583340948d7a8c97c4acd1e98"
-      + "d1e29dc320e97a260532a8aa7a758a1e"
-      + "c2");
-
-    byte[] input_1027_6 = Hex.decode(
-        "f22242751ec6b1");
-
-    byte[] seed_1027_6 = Hex.decode(
-        "2e7e1e17f647b5ddd033e15472f90f68"
-      + "12f3ac4e");
-
-    byte[] output_1027_6 = Hex.decode(
-        "00a5ffa4768c8bbecaee2db77e8f2eec"
-      + "99595933545520835e5ba7db9493d3e1"
-      + "7cddefe6a5f567624471908db4e2d83a"
-      + "0fbee60608fc84049503b2234a07dc83"
-      + "b27b22847ad8920ff42f674ef79b7628"
-      + "0b00233d2b51b8cb2703a9d42bfbc825"
-      + "0c96ec32c051e57f1b4ba528db89c37e"
-      + "4c54e27e6e64ac69635ae887d9541619"
-      + "a9");
-
-    private void oaepVecTest(
-        int keySize,
-        int no,
-        RSAKeyParameters pubParam,
-        RSAKeyParameters privParam,
-        byte[] seed,
-        byte[] input,
-        byte[] output)
-        throws Exception
-    {
-        encDec(keySize + " " + no, pubParam, privParam, seed, input, output);
-    }
-
-    public OAEPTest()
-    {
-    }
-
-    public String getName()
-    {
-        return "OAEP";
-    }
-
-    public void performTest() throws Exception
-    {
-        baseOaepTest(1, pubKeyEnc1, privKeyEnc1, output1);
-        baseOaepTest(2, pubKeyEnc2, privKeyEnc2, output2);
-        baseOaepTest(3, pubKeyEnc3, privKeyEnc3, output3);
-
-        RSAKeyParameters pubParam = new RSAKeyParameters(false, new BigInteger(1, modulus_1024), new BigInteger(1, pubExp_1024));
-        RSAKeyParameters privParam = new RSAPrivateCrtKeyParameters(pubParam.getModulus(), pubParam.getExponent(), new BigInteger(1, privExp_1024), new BigInteger(1, prime1_1024), new BigInteger(1, prime2_1024), new BigInteger(1, primeExp1_1024), new BigInteger(1, primeExp2_1024), new BigInteger(1, crtCoef_1024));
-
-        oaepVecTest(1024, 1, pubParam, privParam, seed_1024_1, input_1024_1, output_1024_1);
-        oaepVecTest(1024, 2, pubParam, privParam, seed_1024_2, input_1024_2, output_1024_2);
-        oaepVecTest(1024, 3, pubParam, privParam, seed_1024_3, input_1024_3, output_1024_3);
-        oaepVecTest(1024, 4, pubParam, privParam, seed_1024_4, input_1024_4, output_1024_4);
-        oaepVecTest(1024, 5, pubParam, privParam, seed_1024_5, input_1024_5, output_1024_5);
-        oaepVecTest(1024, 6, pubParam, privParam, seed_1024_6, input_1024_6, output_1024_6);
-
-        pubParam = new RSAKeyParameters(false, new BigInteger(1, modulus_1027), new BigInteger(1, pubExp_1027));
-        privParam = new RSAPrivateCrtKeyParameters(pubParam.getModulus(), pubParam.getExponent(), new BigInteger(1, privExp_1027), new BigInteger(1, prime1_1027), new BigInteger(1, prime2_1027), new BigInteger(1, primeExp1_1027), new BigInteger(1, primeExp2_1027), new BigInteger(1, crtCoef_1027));
-
-        oaepVecTest(1027, 1, pubParam, privParam, seed_1027_1, input_1027_1, output_1027_1);
-        oaepVecTest(1027, 2, pubParam, privParam, seed_1027_2, input_1027_2, output_1027_2);
-        oaepVecTest(1027, 3, pubParam, privParam, seed_1027_3, input_1027_3, output_1027_3);
-        oaepVecTest(1027, 4, pubParam, privParam, seed_1027_4, input_1027_4, output_1027_4);
-        oaepVecTest(1027, 5, pubParam, privParam, seed_1027_5, input_1027_5, output_1027_5);
-        oaepVecTest(1027, 6, pubParam, privParam, seed_1027_6, input_1027_6, output_1027_6);
-
-        testForHighByteError("invalidCiphertextOaepTest 1024", 1024);
-
-        //
-        // OAEP - public encrypt, private decrypt, differing hashes
-        //
-        AsymmetricBlockCipher cipher = new OAEPEncoding(new RSAEngine(), new SHA256Digest(), new SHA1Digest(), new byte[10]);
-
-        cipher.init(true, new ParametersWithRandom(pubParam, new SecureRandom()));
-
-        byte[] input = new byte[10];
-
-        byte[] out = cipher.processBlock(input, 0, input.length);
-
-        cipher.init(false, privParam);
-
-        out = cipher.processBlock(out, 0, out.length);
-
-        for (int i = 0; i != input.length; i++)
-        {
-            if (out[i] != input[i])
-            {
-                fail("mixed digest failed decoding");
-            }
-        }
-
-        cipher = new OAEPEncoding(new RSAEngine(), new SHA1Digest(), new SHA256Digest(), new byte[10]);
-
-        cipher.init(true, new ParametersWithRandom(pubParam, new SecureRandom()));
-
-        out = cipher.processBlock(input, 0, input.length);
-
-        cipher.init(false, privParam);
-
-        out = cipher.processBlock(out, 0, out.length);
-
-        for (int i = 0; i != input.length; i++)
-        {
-            if (out[i] != input[i])
-            {
-                fail("mixed digest failed decoding");
-            }
-        }
-    }
-
-    private void testForHighByteError(String label, int keySizeBits) throws Exception
-    {
-        // draw a key of the size asked
-        BigInteger e = BigIntegers.ONE.shiftLeft(16).add(BigIntegers.ONE);
-
-        AsymmetricCipherKeyPairGenerator kpGen = new RSAKeyPairGenerator();
-
-        kpGen.init(new RSAKeyGenerationParameters(e, new SecureRandom(), keySizeBits, 100));
-
-        AsymmetricCipherKeyPair kp = kpGen.generateKeyPair();
-
-        AsymmetricBlockCipher cipher = new OAEPEncoding(new RSAEngine());
-
-        // obtain a known good ciphertext
-        cipher.init(true, new ParametersWithRandom(kp.getPublic(), new VecRand(seed)));
-        byte[] m = { 42 };
-        byte[] c = cipher.processBlock(m, 0, m.length);
-        int keySizeBytes = (keySizeBits+7)>>>3;
-        if (c.length!=keySizeBytes)
-        {
-            fail(label + " failed ciphertext size");
-        }
-
-        BigInteger n  = ((RSAPrivateCrtKeyParameters)kp.getPrivate()).getModulus();
-
-        // decipher
-        cipher.init(false, kp.getPrivate());
-        byte[] r = cipher.processBlock(c, 0, keySizeBytes);
-        if (r.length!=1 || r[0]!=42)
-        {
-            fail(label + " failed first decryption of test message");
-        }
-
-        // decipher again
-        r = cipher.processBlock(c, 0, keySizeBytes);
-        if (r.length!=1 || r[0]!=42)
-        {
-            fail(label + " failed second decryption of test message");
-        }
-
-        // check hapazard incorrect ciphertexts
-        for(int i=keySizeBytes*8; --i>=0;)
-        {
-            c[i>>>3] ^= 1<<(i&7);
-            boolean ko = true;
-            try
-            {
-                BigInteger cV = new BigInteger(1, c);
-
-                // don't pass in c if it will be rejected trivially
-                if (cV.compareTo(n) < 0)
-                {
-                    r = cipher.processBlock(c, 0, keySizeBytes);
-                }
-                else
-                {
-                    ko = false; // size errors are picked up at start
-                }
-            }
-            catch (InvalidCipherTextException exception)
-            {
-                ko = false;
-            }
-            if (ko)
-            {
-                fail(label + " invalid ciphertext caused no exception");
-            }
-            c[i>>>3] ^= 1<<(i&7);
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new OAEPTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/OCBTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/OCBTest.java
deleted file mode 100644
index 26d7d12..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/OCBTest.java
+++ /dev/null

@@ -1,520 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.engines.AESEngine;
-import org.bouncycastle.crypto.engines.DESEngine;
-import org.bouncycastle.crypto.modes.AEADBlockCipher;
-import org.bouncycastle.crypto.modes.OCBBlockCipher;
-import org.bouncycastle.crypto.params.AEADParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Times;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Test vectors from <a href="http://tools.ietf.org/html/rfc7253">RFC 7253 on The OCB
- * Authenticated-Encryption Algorithm</a>
- */
-public class OCBTest
-    extends SimpleTest
-{
-    private static final String KEY_128 = "000102030405060708090A0B0C0D0E0F";
-    private static final String KEY_96 = "0F0E0D0C0B0A09080706050403020100";
-
-    /*
-     * Test vectors from Appendix A of the specification, containing the strings N, A, P, C in order
-     */
-
-    private static final String[][] TEST_VECTORS_128 = new String[][]{
-        { "BBAA99887766554433221100",
-          "",
-          "",
-          "785407BFFFC8AD9EDCC5520AC9111EE6" },
-        { "BBAA99887766554433221101",
-          "0001020304050607",
-          "0001020304050607",
-          "6820B3657B6F615A5725BDA0D3B4EB3A257C9AF1F8F03009" },
-        { "BBAA99887766554433221102",
-          "0001020304050607",
-          "",
-          "81017F8203F081277152FADE694A0A00" },
-        { "BBAA99887766554433221103",
-          "",
-          "0001020304050607",
-          "45DD69F8F5AAE72414054CD1F35D82760B2CD00D2F99BFA9" },
-        { "BBAA99887766554433221104",
-          "000102030405060708090A0B0C0D0E0F",
-          "000102030405060708090A0B0C0D0E0F",
-          "571D535B60B277188BE5147170A9A22C3AD7A4FF3835B8C5701C1CCEC8FC3358" },
-        { "BBAA99887766554433221105",
-          "000102030405060708090A0B0C0D0E0F",
-          "",
-          "8CF761B6902EF764462AD86498CA6B97" },
-        { "BBAA99887766554433221106",
-          "",
-          "000102030405060708090A0B0C0D0E0F",
-          "5CE88EC2E0692706A915C00AEB8B2396F40E1C743F52436BDF06D8FA1ECA343D" },
-        { "BBAA99887766554433221107",
-          "000102030405060708090A0B0C0D0E0F1011121314151617",
-          "000102030405060708090A0B0C0D0E0F1011121314151617",
-          "1CA2207308C87C010756104D8840CE1952F09673A448A122C92C62241051F57356D7F3C90BB0E07F" },
-        { "BBAA99887766554433221108",
-          "000102030405060708090A0B0C0D0E0F1011121314151617",
-          "",
-          "6DC225A071FC1B9F7C69F93B0F1E10DE" },
-        { "BBAA99887766554433221109",
-          "",
-          "000102030405060708090A0B0C0D0E0F1011121314151617",
-          "221BD0DE7FA6FE993ECCD769460A0AF2D6CDED0C395B1C3CE725F32494B9F914D85C0B1EB38357FF" },
-        { "BBAA9988776655443322110A",
-          "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
-          "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
-          "BD6F6C496201C69296C11EFD138A467ABD3C707924B964DEAFFC40319AF5A48540FBBA186C5553C68AD9F592A79A4240" },
-        { "BBAA9988776655443322110B",
-          "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
-          "",
-          "FE80690BEE8A485D11F32965BC9D2A32" },
-        { "BBAA9988776655443322110C",
-          "",
-          "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F",
-          "2942BFC773BDA23CABC6ACFD9BFD5835BD300F0973792EF46040C53F1432BCDFB5E1DDE3BC18A5F840B52E653444D5DF" },
-        { "BBAA9988776655443322110D",
-          "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627",
-          "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627",
-          "D5CA91748410C1751FF8A2F618255B68A0A12E093FF454606E59F9C1D0DDC54B65E8628E568BAD7AED07BA06A4A69483A7035490C5769E60" },
-        { "BBAA9988776655443322110E",
-          "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627",
-          "",
-          "C5CD9D1850C141E358649994EE701B68" },
-        { "BBAA9988776655443322110F",
-          "",
-          "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627",
-          "4412923493C57D5DE0D700F753CCE0D1D2D95060122E9F15A5DDBFC5787E50B5CC55EE507BCB084E479AD363AC366B95A98CA5F3000B1479" },
-    };
-
-    private static final String[][] TEST_VECTORS_96 = new String[][]{
-        { "BBAA9988776655443322110D",
-          "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627",
-          "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F2021222324252627",
-          "1792A4E31E0755FB03E31B22116E6C2DDF9EFD6E33D536F1A0124B0A55BAE884ED93481529C76B6AD0C515F4D1CDD4FDAC4F02AA" },
-    };
-
-    public String getName()
-    {
-        return "OCB";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        byte[] K128 = Hex.decode(KEY_128);
-        for (int i = 0; i < TEST_VECTORS_128.length; ++i)
-        {
-            runTestCase("Test Case " + i, TEST_VECTORS_128[i], 128, K128);
-        }
-
-        byte[] K96 = Hex.decode(KEY_96);
-        for (int i = 0; i < TEST_VECTORS_96.length; ++i)
-        {
-            runTestCase("Test Case " + i, TEST_VECTORS_96[i], 96, K96);
-        }
-
-        runLongerTestCase(128, 128, "67E944D23256C5E0B6C61FA22FDF1EA2");
-        runLongerTestCase(192, 128, "F673F2C3E7174AAE7BAE986CA9F29E17");
-        runLongerTestCase(256, 128, "D90EB8E9C977C88B79DD793D7FFA161C");
-        runLongerTestCase(128, 96, "77A3D8E73589158D25D01209");
-        runLongerTestCase(192, 96, "05D56EAD2752C86BE6932C5E");
-        runLongerTestCase(256, 96, "5458359AC23B0CBA9E6330DD");
-        runLongerTestCase(128, 64, "192C9B7BD90BA06A");
-        runLongerTestCase(192, 64, "0066BC6E0EF34E24");
-        runLongerTestCase(256, 64, "7D4EA5D445501CBE");
-
-        randomTests();
-        outputSizeTests();
-        testExceptions();
-    }
-
-    private void testExceptions() throws InvalidCipherTextException
-    {
-        AEADBlockCipher ocb = createOCBCipher();
-
-        try
-        {
-            ocb = new OCBBlockCipher(new DESEngine(), new DESEngine());
-
-            fail("incorrect block size not picked up");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-
-        try
-        {
-            ocb.init(false, new KeyParameter(new byte[16]));
-
-            fail("illegal argument not picked up");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-
-        AEADTestUtil.testReset(this, createOCBCipher(), createOCBCipher(), new AEADParameters(new KeyParameter(new byte[16]), 128, new byte[15]));
-        AEADTestUtil.testTampering(this, ocb, new AEADParameters(new KeyParameter(new byte[16]), 128, new byte[15]));
-        AEADTestUtil.testOutputSizes(this, createOCBCipher(), new AEADParameters(new KeyParameter(new byte[16]), 128,
-                new byte[15]));
-        AEADTestUtil.testBufferSizeChecks(this, createOCBCipher(), new AEADParameters(new KeyParameter(new byte[16]),
-                128, new byte[15]));
-    }
-
-    private void runTestCase(String testName, String[] testVector, int macLengthBits, byte[] K)
-        throws InvalidCipherTextException
-    {
-        int pos = 0;
-        byte[] N = Hex.decode(testVector[pos++]);
-        byte[] A = Hex.decode(testVector[pos++]);
-        byte[] P = Hex.decode(testVector[pos++]);
-        byte[] C = Hex.decode(testVector[pos++]);
-
-        int macLengthBytes = macLengthBits / 8;
-
-        KeyParameter keyParameter = new KeyParameter(K);
-        AEADParameters parameters = new AEADParameters(keyParameter, macLengthBits, N, A);
-
-        AEADBlockCipher encCipher = initOCBCipher(true, parameters);
-        AEADBlockCipher decCipher = initOCBCipher(false, parameters);
-
-        checkTestCase(encCipher, decCipher, testName, macLengthBytes, P, C);
-        checkTestCase(encCipher, decCipher, testName + " (reused)", macLengthBytes, P, C);
-
-        // Key reuse
-        AEADParameters keyReuseParams = AEADTestUtil.reuseKey(parameters);
-        encCipher.init(true, keyReuseParams);
-        decCipher.init(false, keyReuseParams);
-        checkTestCase(encCipher, decCipher, testName + " (key reuse)", macLengthBytes, P, C);
-    }
-
-    private BlockCipher createUnderlyingCipher()
-    {
-        return new AESEngine();
-    }
-
-    private AEADBlockCipher createOCBCipher()
-    {
-        return new OCBBlockCipher(createUnderlyingCipher(), createUnderlyingCipher());
-    }
-
-    private AEADBlockCipher initOCBCipher(boolean forEncryption, AEADParameters parameters)
-    {
-        AEADBlockCipher c = createOCBCipher();
-        c.init(forEncryption, parameters);
-        return c;
-    }
-
-    private void checkTestCase(AEADBlockCipher encCipher, AEADBlockCipher decCipher, String testName,
-        int macLengthBytes, byte[] P, byte[] C)
-        throws InvalidCipherTextException
-    {
-        byte[] tag = Arrays.copyOfRange(C, C.length - macLengthBytes, C.length);
-
-        {
-            byte[] enc = new byte[encCipher.getOutputSize(P.length)];
-            int len = encCipher.processBytes(P, 0, P.length, enc, 0);
-            len += encCipher.doFinal(enc, len);
-
-            if (enc.length != len)
-            {
-                fail("encryption reported incorrect length: " + testName);
-            }
-
-            if (!areEqual(C, enc))
-            {
-                fail("incorrect encrypt in: " + testName);
-            }
-
-            if (!areEqual(tag, encCipher.getMac()))
-            {
-                fail("getMac() not the same as the appended tag: " + testName);
-            }
-        }
-
-        {
-            byte[] dec = new byte[decCipher.getOutputSize(C.length)];
-            int len = decCipher.processBytes(C, 0, C.length, dec, 0);
-            len += decCipher.doFinal(dec, len);
-
-            if (dec.length != len)
-            {
-                fail("decryption reported incorrect length: " + testName);
-            }
-
-            if (!areEqual(P, dec))
-            {
-                fail("incorrect decrypt in: " + testName);
-            }
-
-            if (!areEqual(tag, decCipher.getMac()))
-            {
-                fail("getMac() not the same as the appended tag: " + testName);
-            }
-        }
-    }
-
-    private void runLongerTestCase(int keyLen, int tagLen, String expectedOutputHex)
-        throws InvalidCipherTextException
-    {
-        byte[] expectedOutput = Hex.decode(expectedOutputHex);
-        byte[] keyBytes = new byte[keyLen / 8];
-        keyBytes[keyBytes.length - 1] = (byte)tagLen;
-        KeyParameter key = new KeyParameter(keyBytes);
-
-        AEADBlockCipher c1 = initOCBCipher(true, new AEADParameters(key, tagLen, createNonce(385)));
-        AEADBlockCipher c2 = createOCBCipher();
-
-        long total = 0;
-
-        byte[] S = new byte[128];
-
-        int n = 0;
-        for (int i = 0; i < 128; ++i)
-        {
-            c2.init(true, new AEADParameters(key, tagLen, createNonce(++n)));
-            total += updateCiphers(c1, c2, S, i, true, true);
-            c2.init(true, new AEADParameters(key, tagLen, createNonce(++n)));
-            total += updateCiphers(c1, c2, S, i, false, true);
-            c2.init(true, new AEADParameters(key, tagLen, createNonce(++n)));
-            total += updateCiphers(c1, c2, S, i, true, false);
-        }
-
-        long expectedTotal = 16256 + (48 * tagLen);
-
-        if (total != expectedTotal)
-        {
-            fail("test generated the wrong amount of input: " + total);
-        }
-
-        byte[] output = new byte[c1.getOutputSize(0)];
-        c1.doFinal(output, 0);
-
-        if (!areEqual(expectedOutput, output))
-        {
-            fail("incorrect encrypt in long-form test");
-        }
-    }
-
-    private byte[] createNonce(int n)
-    {
-        return new byte[]{ 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, (byte)(n >>> 8), (byte)n };
-    }
-
-    private int updateCiphers(AEADBlockCipher c1, AEADBlockCipher c2, byte[] S, int i,
-        boolean includeAAD, boolean includePlaintext)
-        throws InvalidCipherTextException
-    {
-        int inputLen = includePlaintext ? i : 0;
-        int outputLen = c2.getOutputSize(inputLen);
-
-        byte[] output = new byte[outputLen];
-
-        int len = 0;
-
-        if (includeAAD)
-        {
-            c2.processAADBytes(S, 0, i);
-        }
-
-        if (includePlaintext)
-        {
-            len += c2.processBytes(S, 0, i, output, len);
-        }
-
-        len += c2.doFinal(output, len);
-
-        c1.processAADBytes(output, 0, len);
-
-        return len;
-    }
-
-    private void randomTests()
-        throws InvalidCipherTextException
-    {
-        SecureRandom srng = new SecureRandom();
-        srng.setSeed(Times.nanoTime());
-        for (int i = 0; i < 10; ++i)
-        {
-            randomTest(srng);
-        }
-    }
-
-    private void randomTest(SecureRandom srng)
-        throws InvalidCipherTextException
-    {
-        int kLength = 16 + 8 * (Math.abs(srng.nextInt()) % 3);
-        byte[] K = new byte[kLength];
-        srng.nextBytes(K);
-
-        int pLength = srng.nextInt() >>> 16;
-        byte[] P = new byte[pLength];
-        srng.nextBytes(P);
-
-        int aLength = srng.nextInt() >>> 24;
-        byte[] A = new byte[aLength];
-        srng.nextBytes(A);
-
-        int saLength = srng.nextInt() >>> 24;
-        byte[] SA = new byte[saLength];
-        srng.nextBytes(SA);
-
-        int ivLength = 1 + nextInt(srng, 15);
-        byte[] IV = new byte[ivLength];
-        srng.nextBytes(IV);
-
-        AEADParameters parameters = new AEADParameters(new KeyParameter(K), 16 * 8, IV, A);
-        AEADBlockCipher cipher = initOCBCipher(true, parameters);
-        byte[] C = new byte[cipher.getOutputSize(P.length)];
-        int predicted = cipher.getUpdateOutputSize(P.length);
-
-        int split = nextInt(srng, SA.length + 1);
-        cipher.processAADBytes(SA, 0, split);
-        int len = cipher.processBytes(P, 0, P.length, C, 0);
-        cipher.processAADBytes(SA, split, SA.length - split);
-
-        if (predicted != len)
-        {
-            fail("encryption reported incorrect update length in randomised test");
-        }
-
-        len += cipher.doFinal(C, len);
-
-        if (C.length != len)
-        {
-            fail("encryption reported incorrect length in randomised test");
-        }
-
-        byte[] encT = cipher.getMac();
-        byte[] tail = new byte[C.length - P.length];
-        System.arraycopy(C, P.length, tail, 0, tail.length);
-
-        if (!areEqual(encT, tail))
-        {
-            fail("stream contained wrong mac in randomised test");
-        }
-
-        cipher.init(false, parameters);
-        byte[] decP = new byte[cipher.getOutputSize(C.length)];
-        predicted = cipher.getUpdateOutputSize(C.length);
-
-        split = nextInt(srng, SA.length + 1);
-        cipher.processAADBytes(SA, 0, split);
-        len = cipher.processBytes(C, 0, C.length, decP, 0);
-        cipher.processAADBytes(SA, split, SA.length - split);
-
-        if (predicted != len)
-        {
-            fail("decryption reported incorrect update length in randomised test");
-        }
-
-        len += cipher.doFinal(decP, len);
-
-        if (!areEqual(P, decP))
-        {
-            fail("incorrect decrypt in randomised test");
-        }
-
-        byte[] decT = cipher.getMac();
-        if (!areEqual(encT, decT))
-        {
-            fail("decryption produced different mac from encryption");
-        }
-
-        //
-        // key reuse test
-        //
-        cipher.init(false, AEADTestUtil.reuseKey(parameters));
-        decP = new byte[cipher.getOutputSize(C.length)];
-
-        split = nextInt(srng, SA.length + 1);
-        cipher.processAADBytes(SA, 0, split);
-        len = cipher.processBytes(C, 0, C.length, decP, 0);
-        cipher.processAADBytes(SA, split, SA.length - split);
-
-        len += cipher.doFinal(decP, len);
-
-        if (!areEqual(P, decP))
-        {
-            fail("incorrect decrypt in randomised test");
-        }
-
-        decT = cipher.getMac();
-        if (!areEqual(encT, decT))
-        {
-            fail("decryption produced different mac from encryption");
-        }
-    }
-
-    private void outputSizeTests()
-    {
-        byte[] K = new byte[16];
-        byte[] A = null;
-        byte[] IV = new byte[15];
-
-        AEADParameters parameters = new AEADParameters(new KeyParameter(K), 16 * 8, IV, A);
-        AEADBlockCipher cipher = initOCBCipher(true, parameters);
-
-        if (cipher.getUpdateOutputSize(0) != 0)
-        {
-            fail("incorrect getUpdateOutputSize for initial 0 bytes encryption");
-        }
-
-        if (cipher.getOutputSize(0) != 16)
-        {
-            fail("incorrect getOutputSize for initial 0 bytes encryption");
-        }
-
-        cipher.init(false, parameters);
-
-        if (cipher.getUpdateOutputSize(0) != 0)
-        {
-            fail("incorrect getUpdateOutputSize for initial 0 bytes decryption");
-        }
-
-        // NOTE: 0 bytes would be truncated data, but we want it to fail in the doFinal, not here
-        if (cipher.getOutputSize(0) != 0)
-        {
-            fail("fragile getOutputSize for initial 0 bytes decryption");
-        }
-
-        if (cipher.getOutputSize(16) != 0)
-        {
-            fail("incorrect getOutputSize for initial MAC-size bytes decryption");
-        }
-    }
-
-    private static int nextInt(SecureRandom rand, int n)
-    {
-        if ((n & -n) == n)  // i.e., n is a power of 2
-        {
-            return (int)((n * (long)(rand.nextInt() >>> 1)) >> 31);
-        }
-
-        int bits, value;
-        do
-        {
-            bits = rand.nextInt() >>> 1;
-            value = bits % n;
-        }
-        while (bits - value + (n - 1) < 0);
-
-        return value;
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new OCBTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/OpenBSDBCryptTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/OpenBSDBCryptTest.java
deleted file mode 100644
index 679f4e5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/OpenBSDBCryptTest.java
+++ /dev/null

@@ -1,180 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.generators.OpenBSDBCrypt;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class OpenBSDBCryptTest
-    extends SimpleTest
-{
-
-    private final static String[][] bcryptTest1 = // vectors from http://cvsweb.openwall.com/cgi/cvsweb.cgi/Owl/packages/glibc/crypt_blowfish/wrapper.c?rev=HEAD
-        {
-            {"$2a$05$CCCCCCCCCCCCCCCCCCCCC.E5YPO9kmyuRGyh0XouQYb4YMJKvyOeW",
-                "U*U"},
-            {"$2a$05$CCCCCCCCCCCCCCCCCCCCC.VGOzA784oUp/Z0DY336zx7pLYAy0lwK",
-                "U*U*"},
-            {"$2a$05$XXXXXXXXXXXXXXXXXXXXXOAcXxm9kjPGEMsLznoKqmqw7tc8WCx4a",
-                "U*U*U"},
-            {"$2a$05$CCCCCCCCCCCCCCCCCCCCC.7uG0VCzI2bS7j6ymqJi9CdcdxiRTWNy",
-                ""},
-            {"$2a$05$abcdefghijklmnopqrstuu5s2v8.iXieOjg/.AySBTTZIIVFJeBui",
-                "0123456789abcdefghijklmnopqrstuvwxyz"
-                    + "ABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789"
-                    + "chars after 72 are ignored"},
-        };
-
-    private final static String[] bcryptTest2 = { // from: http://openwall.info/wiki/john/sample-hashes
-        "$2a$05$bvIG6Nmid91Mu9RcmmWZfO5HJIMCT8riNW0hEp8f6/FuA2/mHZFpe", "password"
-    };
-
-    private final static String[] bcryptTest2b = { // from: http://stackoverflow.com/questions/11654684/verifying-a-bcrypt-hash
-        "$2a$10$.TtQJ4Jr6isd4Hp.mVfZeuh6Gws4rOQ/vdBczhDx.19NFK0Y84Dle", "ππππππππ"
-    };
-
-    private final static String[][] bcryptTest3 = // from: https://bitbucket.org/vadim/bcrypt.net/src/464c41416dc9/BCrypt.Net.Test/TestBCrypt.cs - plain - salt - expected
-        {
-            {"", "$2a$06$DCq7YPn5Rq63x1Lad4cll.", "$2a$06$DCq7YPn5Rq63x1Lad4cll.TV4S6ytwfsfvkgY8jIucDrjc8deX1s."},
-            {"", "$2a$08$HqWuK6/Ng6sg9gQzbLrgb.", "$2a$08$HqWuK6/Ng6sg9gQzbLrgb.Tl.ZHfXLhvt/SgVyWhQqgqcZ7ZuUtye"},
-            {"", "$2a$10$k1wbIrmNyFAPwPVPSVa/ze", "$2a$10$k1wbIrmNyFAPwPVPSVa/zecw2BCEnBwVS2GbrmgzxFUOqW9dk4TCW"},
-            {"", "$2a$12$k42ZFHFWqBp3vWli.nIn8u", "$2a$12$k42ZFHFWqBp3vWli.nIn8uYyIkbvYRvodzbfbK18SSsY.CsIQPlxO"},
-            {"a", "$2a$06$m0CrhHm10qJ3lXRY.5zDGO", "$2a$06$m0CrhHm10qJ3lXRY.5zDGO3rS2KdeeWLuGmsfGlMfOxih58VYVfxe"},
-            {"a", "$2a$08$cfcvVd2aQ8CMvoMpP2EBfe", "$2a$08$cfcvVd2aQ8CMvoMpP2EBfeodLEkkFJ9umNEfPD18.hUF62qqlC/V."},
-            {"a", "$2a$10$k87L/MF28Q673VKh8/cPi.", "$2a$10$k87L/MF28Q673VKh8/cPi.SUl7MU/rWuSiIDDFayrKk/1tBsSQu4u"},
-            {"a", "$2a$12$8NJH3LsPrANStV6XtBakCe", "$2a$12$8NJH3LsPrANStV6XtBakCez0cKHXVxmvxIlcz785vxAIZrihHZpeS"},
-            {"abc", "$2a$06$If6bvum7DFjUnE9p2uDeDu", "$2a$06$If6bvum7DFjUnE9p2uDeDu0YHzrHM6tf.iqN8.yx.jNN1ILEf7h0i"},
-            {"abc", "$2a$08$Ro0CUfOqk6cXEKf3dyaM7O", "$2a$08$Ro0CUfOqk6cXEKf3dyaM7OhSCvnwM9s4wIX9JeLapehKK5YdLxKcm"},
-            {"abc", "$2a$10$WvvTPHKwdBJ3uk0Z37EMR.", "$2a$10$WvvTPHKwdBJ3uk0Z37EMR.hLA2W6N9AEBhEgrAOljy2Ae5MtaSIUi"},
-            {"abc", "$2a$12$EXRkfkdmXn2gzds2SSitu.", "$2a$12$EXRkfkdmXn2gzds2SSitu.MW9.gAVqa9eLS1//RYtYCmB1eLHg.9q"},
-            {"abcdefghijklmnopqrstuvwxyz", "$2a$06$.rCVZVOThsIa97pEDOxvGu", "$2a$06$.rCVZVOThsIa97pEDOxvGuRRgzG64bvtJ0938xuqzv18d3ZpQhstC"},
-            {"abcdefghijklmnopqrstuvwxyz", "$2a$08$aTsUwsyowQuzRrDqFflhge", "$2a$08$aTsUwsyowQuzRrDqFflhgekJ8d9/7Z3GV3UcgvzQW3J5zMyrTvlz."},
-            {"abcdefghijklmnopqrstuvwxyz", "$2a$10$fVH8e28OQRj9tqiDXs1e1u", "$2a$10$fVH8e28OQRj9tqiDXs1e1uxpsjN0c7II7YPKXua2NAKYvM6iQk7dq"},
-            {"abcdefghijklmnopqrstuvwxyz", "$2a$12$D4G5f18o7aMMfwasBL7Gpu", "$2a$12$D4G5f18o7aMMfwasBL7GpuQWuP3pkrZrOAnqP.bmezbMng.QwJ/pG"},
-            {"~!@#$%^&*()      ~!@#$%^&*()PNBFRD", "$2a$06$fPIsBO8qRqkjj273rfaOI.", "$2a$06$fPIsBO8qRqkjj273rfaOI.HtSV9jLDpTbZn782DC6/t7qT67P6FfO"},
-            {"~!@#$%^&*()      ~!@#$%^&*()PNBFRD", "$2a$08$Eq2r4G/76Wv39MzSX262hu", "$2a$08$Eq2r4G/76Wv39MzSX262huzPz612MZiYHVUJe/OcOql2jo4.9UxTW"},
-            {"~!@#$%^&*()      ~!@#$%^&*()PNBFRD", "$2a$10$LgfYWkbzEvQ4JakH7rOvHe", "$2a$10$LgfYWkbzEvQ4JakH7rOvHe0y8pHKF9OaFgwUZ2q7W2FFZmZzJYlfS"},
-            {"~!@#$%^&*()      ~!@#$%^&*()PNBFRD", "$2a$12$WApznUOJfkEGSmYRfnkrPO", "$2a$12$WApznUOJfkEGSmYRfnkrPOr466oFDCaj4b6HY3EXGvfxm43seyhgC"},
-        };
-
-    private static final String[][] bcryptTest4 = { // from: https://github.com/ChrisMcKee/cryptsharp/blob/master/Tests/vectors/BCrypt.txt
-        {"n6HyjrYTo/r4lgjvM7L<`iM", "$2a$07$XPrYfnqc5ankSHnRfmPVu.A0trKq3VdczdbJjKaWIksKF.GfFCxv."},
-        {"~s0quB/K8zRtRT:QtZr`s|^O", "$2a$07$5zzz8omiaStXwOetWwlmuePPRwUt0jhNBPYGGgAMcUDvqsGVqv9Cy"},
-        {"r>8y3uE}6<7nI34?Q2rR0JEw", "$2a$07$k5AH9bO9aplPYdZMZ155qOcY1FewMXcupWewW6fViUtsVQ2Umg6LS"},
-        {">l_7}xxH3|Cr{dCR[HTUN@k~", "$2a$05$24xz81ZZsMUMm940bbWMCeHsO.s6A3MG0JZzm4y3.Ti6P96bz6RN6"},
-        {"D`lCFYTe9_8IW6nEB:oPjEk/S", "$2a$05$bA1xkp4NqFvDmtQJtDO9CugW0INxQLpMZha8AaHmBj9Zg9HlfQtBa"},
-        {"UBGYU6|a|RpA:bp[;}p.ZY4f1", "$2a$08$gu4KBnkla.bEqHiwaJ8.z.0ixfzE1Q0/iPfmpfRmUA.NUhUdZboxa"},
-        {"O9X[kP6{63F3rXKtN>n?zh2_", "$2a$04$yRZW9xEsqN9DL19jveqFyO1bljZ0r5KNCYqQzMqYpDB7XHWqDWNGC"},
-        {":Sa:BknepsG}\\5dOj>kh0KAk", "$2a$04$KhDTFUlakUsPNuLQSgyr7.xQZxkTSIvo0nFw0XyjvrH6n5kZkYDLG"},// extra escape sequence added
-        {"2_9J6k:{z?SSjCzL/GT/5CMgc", "$2a$05$eN1jCXDxN9HmuIARJlwH4ewsEyYbAmq7Cw99gEHqGRXtWyrRNLScy"},
-
-        {"2KNy`Kodau14?s8XVru<IIw0eDw|.64MM^Wtv;3sfZt~3`2QN6/U]0^1HtETqWHt<lMfD-LX::zo7AcNLQ.Q.@.g5kX`j7hRi", "$2a$04$xUNE1aUuNlpNwSOuz1VpjuBgW95ImLccIquQxyGLeinucvokg2Ale"},
-        {"0yWE>E;h/kdCRd@T]fQiv`Vz]KC0zaIAIeyY4zcooQ0^DfP{hHsw9?atO}CxbkbnK-LxUe;|FiBEluVqO@ysHhXQDdXPt0p", "$2a$07$pNHi/IxrSUohtsD5/eIv4O324ZPGfJE7mUAaNpIPkpyxjW9kqIk76"},
-        {"ilWj~2mLBa1Pq`sxrW8fNNq:XF0@KP5RLW9u?[E_wwkROmCSWudYoS5I2HGI-1-?Pd0zVxTIeNbF;nLDUGtce{8dHmx90:;N<8", "$2a$07$ePVgkQl8QKSG2Xv6o0bnOe4SZp4ejag5CP44tjxfmY17F5VzRgwF6"},
-        {"dj~OsXmQGj6FXnPGgwg9]G@75~L@G[|e<hgh2vaNqIyYZPh@M;I1DTgZS/~Q:i[6d]oei:hBw4}{}y7k9K^4SoN}wb8mrg[", "$2a$04$BZT7YoAYAgtNkD0/BOl.jOi0dDni7WtmB8.wAebHeHkOs.TpRgml."},
-        {"7;PjW]RYJoZXf.r2M^Mm1jVIe0wJ=Kdd2iUBuu1v3HGI1-S[TB6yg{0~:nbpeA08dysS5d}@Oxbrpj[~i-60mpq1WZqQmSVpnR", "$2a$07$fa9NDzoPKiSWC67cP/tj2OqE0PqvGwzRoJiCKj.czyqKyvpdtVpKe"},
-        {"8nv;PAN~-FQ]Emh@.TKG=^.t8R0EQC0T?x9|9g4xzxYmSbBO1qDx8kv-ehh0IBv>3KWhz.Z~jUF0tt8[5U@8;5:=[v6pf.IEJ", "$2a$08$eXo9KDc1BZyybBgMurpcD.GA1/ch3XhgBnIH10Xvjc2ogZaGg3t/m"},
-    };
-
-
-    // 2y vectors generated from htpasswd -nB -C 12, nb leading username was removed.
-    private static final String[][] twoYVec = new String[][]{
-        {"a", "$2y$12$DB3BUbYa/SsEL7kCOVji0OauTkPkB5Y1OeyfxJHM7jvMrbml5sgD2"},
-        {"abc", "$2y$12$p.xODEbFcXUlHGbNxWZqAe6AA5FWupqXmN9tZea2ACDhwIx4EA2a6"},
-        {"hello world", "$2y$12$wfkxITYXjNLVpEi9nOjz7uXMhCXKSTY7O2y7X4bwY89aGSvRziguq"},
-        {"ABCDEFGHIJKLMNOPQRSTUVWXYABCDEFGHIJKLMNOPQRSTUVWXYABCDEFGHIJKLMNOPQRSTUVWXYABCDEFGHIJKLMNOPQRSTUVWXY", "$2y$12$QwAt5kuG68nW7v.87q0QPuwdki3romFc/RU/RV3Qqk4FPw6WdbQzu"}
-    };
-
-    // Same as 2y vectors only version changed to 2b to verify handling of that version.
-    private static final String[][] twoBVec = new String[][]{
-        {"a", "$2b$12$DB3BUbYa/SsEL7kCOVji0OauTkPkB5Y1OeyfxJHM7jvMrbml5sgD2"},
-        {"abc", "$2b$12$p.xODEbFcXUlHGbNxWZqAe6AA5FWupqXmN9tZea2ACDhwIx4EA2a6"},
-        {"hello world", "$2b$12$wfkxITYXjNLVpEi9nOjz7uXMhCXKSTY7O2y7X4bwY89aGSvRziguq"},
-        {"ABCDEFGHIJKLMNOPQRSTUVWXYABCDEFGHIJKLMNOPQRSTUVWXYABCDEFGHIJKLMNOPQRSTUVWXYABCDEFGHIJKLMNOPQRSTUVWXY", "$2b$12$QwAt5kuG68nW7v.87q0QPuwdki3romFc/RU/RV3Qqk4FPw6WdbQzu"}
-    };
-
-    public static void main(String[] args)
-    {
-        runTest(new OpenBSDBCryptTest());
-    }
-
-    public String getName()
-    {
-        return "OpenBSDBCrypt";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        for (int i = 0; i < bcryptTest1.length; i++)
-        {
-            String[] testString = bcryptTest1[i];
-            String encoded = testString[0];
-            String password = testString[1];
-            if (!OpenBSDBCrypt.checkPassword(encoded, password.toCharArray()))
-            {
-                fail("test1 mismatch: " + "[" + i + "] " + password);
-            }
-        }
-
-        String encoded = bcryptTest2[0];
-        String password = bcryptTest2[1];
-        if (!OpenBSDBCrypt.checkPassword(encoded, password.toCharArray()))
-        {
-            fail("bcryptTest2 mismatch: " + password);
-        }
-
-
-        encoded = bcryptTest2b[0];
-        password = bcryptTest2b[1];
-        if (!OpenBSDBCrypt.checkPassword(encoded, password.toCharArray()))
-        {
-            fail("bcryptTest2b mismatch: " + password);
-        }
-
-
-        for (int i = 0; i < bcryptTest3.length; i++)
-        {
-            String[] testString = bcryptTest3[i];
-            encoded = testString[2];
-            password = testString[0];
-            if (!OpenBSDBCrypt.checkPassword(encoded, password.toCharArray()))
-            {
-                fail("test3 mismatch: " + "[" + i + "] " + password);
-            }
-        }
-
-
-        for (int i = 0; i < bcryptTest4.length; i++)
-        {
-            String[] testString = bcryptTest4[i];
-            encoded = testString[1];
-            password = testString[0];
-            if (!OpenBSDBCrypt.checkPassword(encoded, password.toCharArray()))
-            {
-                fail("test4 mismatch: " + "[" + i + "] " + password);
-            }
-        }
-
-        for (int i = 0; i < twoYVec.length; i++)
-        {
-            password = twoYVec[i][0];
-            encoded = twoYVec[i][1];
-
-            if (!OpenBSDBCrypt.checkPassword(encoded, password.toCharArray()))
-            {
-                fail("twoYVec mismatch: " + "[" + i + "] " + password);
-            }
-        }
-
-        for (int i = 0; i < twoBVec.length; i++)
-        {
-            password = twoBVec[i][0];
-            encoded = twoBVec[i][1];
-
-            if (!OpenBSDBCrypt.checkPassword(encoded, password.toCharArray()))
-            {
-                fail("twoBVec mismatch: " + "[" + i + "] " + password);
-            }
-        }
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/OpenSSHKeyParsingTests.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/OpenSSHKeyParsingTests.java
deleted file mode 100644
index c4c9364..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/OpenSSHKeyParsingTests.java
+++ /dev/null

@@ -1,233 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.io.StringReader;
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.engines.RSAEngine;
-import org.bouncycastle.crypto.signers.DSASigner;
-import org.bouncycastle.crypto.signers.ECDSASigner;
-import org.bouncycastle.crypto.signers.Ed25519Signer;
-import org.bouncycastle.crypto.util.OpenSSHPrivateKeyUtil;
-import org.bouncycastle.crypto.util.OpenSSHPublicKeyUtil;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.io.pem.PemReader;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class OpenSSHKeyParsingTests
-    extends SimpleTest
-{
-    private static SecureRandom secureRandom = new SecureRandom();
-
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new OpenSSHKeyParsingTests());
-    }
-
-
-    public void testDSA()
-        throws Exception
-    {
-        CipherParameters pubSpec = OpenSSHPublicKeyUtil.parsePublicKey(Base64.decode("AAAAB3NzaC1kc3MAAACBAJBB5+S4kZZYZLswaQ/zm3GM7YWmHsumwo/Xxu+z6Cg2l5PUoiBBZ4ET9EhhQuL2ja/zrCMCi0ZwiSRuSp36ayPrHLbNJb3VdOuJg8xExRa6F3YfVZfcTPUEKh6FU72fI31HrQmi4rpyHnWxL/iDX496ZG2Hdq6UkPISQpQwj4TtAAAAFQCP9TXcVahR/2rpfEhvdXR0PfhbRwAAAIBdXzAVqoOtb9zog6lNF1cGS1S06W9W/clvuwq2xF1s3bkoI/xUbFSc0IAPsGl2kcB61PAZqcop50lgpvYzt8cq/tbqz3ypq1dCQ0xdmJHj975QsRFax+w6xQ0kgpBhwcS2EOizKb+C+tRzndGpcDSoSMuVXp9i4wn5pJSTZxAYFQAAAIEAhQZc687zYxrEDR/1q6m4hw5GFxuVvLsC+bSHtMF0c11Qy4IPg7mBeP7K5Kq4WyJPtmZhuc5Bb12bJQR6qgd1uLn692fe1UK2kM6eWXBzhlzZ54BslfSKHGNN4qH+ln3Zaf/4rpKE7fvoinkrgkOZmj0PMx9D6wlpHKkXMUxeXtc="));
-
-        CipherParameters privSpec = OpenSSHPrivateKeyUtil.parsePrivateKeyBlob(new PemReader(new StringReader("-----BEGIN DSA PRIVATE KEY-----\n" +
-            "MIIBuwIBAAKBgQCQQefkuJGWWGS7MGkP85txjO2Fph7LpsKP18bvs+goNpeT1KIg\n" +
-            "QWeBE/RIYULi9o2v86wjAotGcIkkbkqd+msj6xy2zSW91XTriYPMRMUWuhd2H1WX\n" +
-            "3Ez1BCoehVO9nyN9R60JouK6ch51sS/4g1+PemRth3aulJDyEkKUMI+E7QIVAI/1\n" +
-            "NdxVqFH/aul8SG91dHQ9+FtHAoGAXV8wFaqDrW/c6IOpTRdXBktUtOlvVv3Jb7sK\n" +
-            "tsRdbN25KCP8VGxUnNCAD7BpdpHAetTwGanKKedJYKb2M7fHKv7W6s98qatXQkNM\n" +
-            "XZiR4/e+ULERWsfsOsUNJIKQYcHEthDosym/gvrUc53RqXA0qEjLlV6fYuMJ+aSU\n" +
-            "k2cQGBUCgYEAhQZc687zYxrEDR/1q6m4hw5GFxuVvLsC+bSHtMF0c11Qy4IPg7mB\n" +
-            "eP7K5Kq4WyJPtmZhuc5Bb12bJQR6qgd1uLn692fe1UK2kM6eWXBzhlzZ54BslfSK\n" +
-            "HGNN4qH+ln3Zaf/4rpKE7fvoinkrgkOZmj0PMx9D6wlpHKkXMUxeXtcCFELnLOJ8\n" +
-            "D0akSCUFY/iDLo/KnOIH\n" +
-            "-----END DSA PRIVATE KEY-----\n")).readPemObject().getContent());
-
-        DSASigner signer = new DSASigner();
-        signer.init(true, privSpec);
-
-        byte[] originalMessage = new byte[10];
-        secureRandom.nextBytes(originalMessage);
-
-        BigInteger[] rs = signer.generateSignature(originalMessage);
-
-        signer.init(false, pubSpec);
-
-        isTrue("DSA test", signer.verifySignature(originalMessage, rs[0], rs[1]));
-
-    }
-
-
-    public void testECDSA()
-        throws Exception
-    {
-        CipherParameters pubSpec = OpenSSHPublicKeyUtil.parsePublicKey(Base64.decode("AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHq5qxGqnh93Gpbj2w1Avx1UwBl6z5bZC3Viog1yNHDZYcV6Da4YQ3i0/hN7xY7sUy9dNF6g16tJSYXQQ4tvO3g="));
-
-        CipherParameters privSpec = OpenSSHPrivateKeyUtil.parsePrivateKeyBlob(new PemReader(new StringReader("-----BEGIN EC PRIVATE KEY-----\n" +
-            "MHcCAQEEIHeg/+m02j6nr4bO8ubfbzhs0fqOjiuIoWbvGnVg+FmpoAoGCCqGSM49\n" +
-            "AwEHoUQDQgAEermrEaqeH3caluPbDUC/HVTAGXrPltkLdWKiDXI0cNlhxXoNrhhD\n" +
-            "eLT+E3vFjuxTL100XqDXq0lJhdBDi287eA==\n" +
-            "-----END EC PRIVATE KEY-----\n")).readPemObject().getContent());
-
-        ECDSASigner signer = new ECDSASigner();
-        signer.init(true, privSpec);
-
-        byte[] originalMessage = new byte[10];
-        secureRandom.nextBytes(originalMessage);
-
-        BigInteger[] rs = signer.generateSignature(originalMessage);
-
-        signer.init(false, pubSpec);
-
-        isTrue("ECDSA test", signer.verifySignature(originalMessage, rs[0], rs[1]));
-
-    }
-
-
-    public void testED25519()
-        throws Exception
-    {
-
-        CipherParameters pubSpec = OpenSSHPublicKeyUtil.parsePublicKey(Base64.decode("AAAAC3NzaC1lZDI1NTE5AAAAIM4CaV7WQcy0lht0hclgXf4Olyvzvv2fnUvQ3J8IYsWF"));
-
-        CipherParameters privSpec = OpenSSHPrivateKeyUtil.parsePrivateKeyBlob(new PemReader(new StringReader("-----BEGIN OPENSSH PRIVATE KEY-----\n" +
-            "b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW\n" +
-            "QyNTUxOQAAACDOAmle1kHMtJYbdIXJYF3+Dpcr8779n51L0NyfCGLFhQAAAKBTr4PvU6+D\n" +
-            "7wAAAAtzc2gtZWQyNTUxOQAAACDOAmle1kHMtJYbdIXJYF3+Dpcr8779n51L0NyfCGLFhQ\n" +
-            "AAAED4BTHeR3YD7CFQqusztfL5K+YSD4mRGLBwb7jHiXxIJM4CaV7WQcy0lht0hclgXf4O\n" +
-            "lyvzvv2fnUvQ3J8IYsWFAAAAG21lZ2Fud29vZHNAdHljaGUtMzI2NS5sb2NhbAEC\n" +
-            "-----END OPENSSH PRIVATE KEY-----\n")).readPemObject().getContent());
-
-        Ed25519Signer signer = new Ed25519Signer();
-        signer.init(true, privSpec);
-
-        byte[] originalMessage = new byte[10];
-        secureRandom.nextBytes(originalMessage);
-        signer.update(originalMessage, 0, originalMessage.length);
-
-        byte[] sig = signer.generateSignature();
-
-        signer.init(false, pubSpec);
-
-        signer.update(originalMessage, 0, originalMessage.length);
-
-
-        isTrue("ED25519Signer test", signer.verifySignature(sig));
-
-    }
-
-
-    public void testFailures()
-        throws Exception
-    {
-        byte[] blob = new PemReader(new StringReader("-----BEGIN OPENSSH PRIVATE KEY-----\n" +
-            "b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW\n" +
-            "QyNTUxOQAAACDOAmle1kHMtJYbdIXJYF3+Dpcr8779n51L0NyfCGLFhQAAAKBTr4PvU6+D\n" +
-            "7wAAAAtzc2gtZWQyNTUxOQAAACDOAmle1kHMtJYbdIXJYF3+Dpcr8779n51L0NyfCGLFhQ\n" +
-            "AAAED4BTHeR3YD7CFQqusztfL5K+YSD4mRGLBwb7jHiXxIJM4CaV7WQcy0lht0hclgXf4O\n" +
-            "lyvzvv2fnUvQ3J8IYsWFAAAAG21lZ2Fud29vZHNAdHljaGUtMzI2NS5sb2NhbAEC\n" +
-            "-----END OPENSSH PRIVATE KEY-----\n")).readPemObject().getContent();
-
-
-        //
-        // Altering the check value.
-        //
-
-        blob[98] ^= 1;
-
-        try
-        {
-            CipherParameters privSpec = OpenSSHPrivateKeyUtil.parsePrivateKeyBlob(blob);
-            fail("Change should trigger failure.");
-        }
-        catch (IllegalStateException iles)
-        {
-            isEquals("Check value mismatch ", iles.getMessage(), "private key check values are not the same");
-        }
-
-
-        //
-        // Altering the cipher name.
-        //
-
-
-        blob = new PemReader(new StringReader("-----BEGIN OPENSSH PRIVATE KEY-----\n" +
-            "b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW\n" +
-            "QyNTUxOQAAACDOAmle1kHMtJYbdIXJYF3+Dpcr8779n51L0NyfCGLFhQAAAKBTr4PvU6+D\n" +
-            "7wAAAAtzc2gtZWQyNTUxOQAAACDOAmle1kHMtJYbdIXJYF3+Dpcr8779n51L0NyfCGLFhQ\n" +
-            "AAAED4BTHeR3YD7CFQqusztfL5K+YSD4mRGLBwb7jHiXxIJM4CaV7WQcy0lht0hclgXf4O\n" +
-            "lyvzvv2fnUvQ3J8IYsWFAAAAG21lZ2Fud29vZHNAdHljaGUtMzI2NS5sb2NhbAEC\n" +
-            "-----END OPENSSH PRIVATE KEY-----\n")).readPemObject().getContent();
-
-
-        blob[19] = (byte)'C';
-
-        try
-        {
-            CipherParameters privSpec = OpenSSHPrivateKeyUtil.parsePrivateKeyBlob(blob);
-            fail("Change should trigger failure.");
-        }
-        catch (IllegalStateException iles)
-        {
-            isEquals("enc keys not supported ", iles.getMessage(), "encrypted keys not supported");
-        }
-    }
-
-    public String getName()
-    {
-        return "OpenSSHParsing";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        testDSA();
-        testECDSA();
-        testRSA();
-        testED25519();
-        testFailures();
-    }
-
-    public void testRSA()
-        throws Exception
-    {
-        CipherParameters pubSpec = OpenSSHPublicKeyUtil.parsePublicKey(Base64.decode("AAAAB3NzaC1yc2EAAAADAQABAAAAgQDvh2BophdIp8ojwGZQR0FQ/awowXnV24nAPm+/na8MOUrdySNhOnlek4LAZl82/+Eu2t21XD6hQUiHKAj6XaNFBthTuss7Cz/tA348DLEMHD9wUtT0FXVmsxqN4BfusunbcULxxVWG2z8FvqeaGgc/Unkp9y7/kyf54pPUCBcClw=="));
-
-        CipherParameters privSpec = OpenSSHPrivateKeyUtil.parsePrivateKeyBlob(new PemReader(new StringReader("-----BEGIN RSA PRIVATE KEY-----\n" +
-            "MIICXgIBAAKBgQDvh2BophdIp8ojwGZQR0FQ/awowXnV24nAPm+/na8MOUrdySNh\n" +
-            "Onlek4LAZl82/+Eu2t21XD6hQUiHKAj6XaNFBthTuss7Cz/tA348DLEMHD9wUtT0\n" +
-            "FXVmsxqN4BfusunbcULxxVWG2z8FvqeaGgc/Unkp9y7/kyf54pPUCBcClwIDAQAB\n" +
-            "AoGBAOMXYEoXHgAeREE9CkOWKtDUkEJbnF0rNSB0kZIDt5BJSTeYmNh3jdYi2FX9\n" +
-            "OMx2MFIx4v0tJZvQvyiUxl5IJJ9ZJsYUWF+6VbcTVwYYfdVzZzP2TNyGmF9/ADZW\n" +
-            "wBehqP04uRlYjt94kqb4HoOKF3gJ3LC4uW9xcEltTBeHWCfhAkEA/2biF5St9/Ya\n" +
-            "540E4zu/FKPsxLSaT8LWCo9+X7IqIzlBQCB4GjM+nZeTm7eZOkfAFZoxwfiNde/9\n" +
-            "qleXXf6B2QJBAPAW+jDBC3QF4/g8n9cDxm/A3ICmcOFSychLSrydk9ZyRPbTRyQC\n" +
-            "YlC2mf/pCrO/yO7h189BXyQ3PXOEhnujce8CQQD7gDy0K90EiH0F94AQpA0OLj5B\n" +
-            "lfc/BAXycEtpwPBtrzvqAg9C/aNzXIgmly10jqNAoo7NDA2BTcrlq0uLa8xBAkBl\n" +
-            "7Hs+I1XnZXDIO4Rn1VRysN9rRj15ipnbDAuoUwUl7tDUMBFteg2e0kZCW/6NHIgC\n" +
-            "0aG6fLgVOdY+qi4lYtfFAkEAqqiBgEgSrDmnJLTm6j/Pv1mBA6b9bJbjOqomrDtr\n" +
-            "AWTXe+/kSCv/jYYdpNA/tDgAwEmtkWWEie6+SwJB5cXXqg==\n" +
-            "-----END RSA PRIVATE KEY-----\n")).readPemObject().getContent());
-
-
-        byte[] originalMessage = new byte[10];
-        secureRandom.nextBytes(originalMessage);
-
-        originalMessage[0] |= 1;
-
-        RSAEngine rsaEngine = new RSAEngine();
-        rsaEngine.init(true, privSpec);
-
-        byte[] ct = rsaEngine.processBlock(originalMessage, 0, originalMessage.length);
-
-        rsaEngine.init(false, pubSpec);
-        byte[] result = rsaEngine.processBlock(ct, 0, ct.length);
-
-        isTrue("Result did not match original message", Arrays.areEqual(originalMessage, result));
-
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/PKCS12Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/PKCS12Test.java
deleted file mode 100644
index c5c7aa3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/PKCS12Test.java
+++ /dev/null

@@ -1,206 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.PBEParametersGenerator;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-/**
- * test for PKCS12 key generation - vectors from 
- * <a href=http://www.drh-consultancy.demon.co.uk/test.txt>
- * http://www.drh-consultancy.demon.co.uk/test.txt</a>
- */
-public class PKCS12Test
-    implements Test
-{
-    char[]  password1 = { 's', 'm', 'e', 'g' };
-    char[]  password2 = { 'q', 'u', 'e', 'e', 'g' };
-
-    private boolean isEqual(
-        byte[]  a,
-        byte[]  b)
-    {
-        if (a.length != b.length)
-        {
-            return false;
-        }
-
-        for (int i = 0; i != a.length; i++)
-        {
-            if (a[i] != b[i])
-            {
-                return false;
-            }
-        }
-
-        return true;
-    }
-
-    private TestResult run1(
-        int     id,
-        char[]  password,
-        byte[]  salt,
-        int     iCount,
-        byte[]  result)
-    {
-        PBEParametersGenerator  generator = new PKCS12ParametersGenerator(
-                                                    new SHA1Digest());
-
-        generator.init(
-                PBEParametersGenerator.PKCS12PasswordToBytes(password),
-                salt,
-                iCount);
-
-        CipherParameters  key = generator.generateDerivedParameters(24 * 8);
-
-        if (isEqual(result, ((KeyParameter)key).getKey()))
-        {
-            return new SimpleTestResult(true, "PKCS12Test: Okay");
-        }
-        else
-        {
-            return new SimpleTestResult(false, "PKCS12Test: id "
-                                                    + id + " Failed");
-        }
-    }
-
-    private TestResult run2(
-        int     id,
-        char[]  password,
-        byte[]  salt,
-        int     iCount,
-        byte[]  result)
-    {
-        PBEParametersGenerator  generator = new PKCS12ParametersGenerator(
-                                                    new SHA1Digest());
-
-        generator.init(
-                PBEParametersGenerator.PKCS12PasswordToBytes(password),
-                salt,
-                iCount);
-
-        ParametersWithIV params = (ParametersWithIV)generator.generateDerivedParameters(64, 64);
-
-        if (isEqual(result, params.getIV()))
-        {
-            return new SimpleTestResult(true, "PKCS12Test: Okay");
-        }
-        else
-        {
-            return new SimpleTestResult(false, "PKCS12Test: id "
-                                                    + id + " Failed");
-        }
-    }
-
-    private TestResult run3(
-        int     id,
-        char[]  password,
-        byte[]  salt,
-        int     iCount,
-        byte[]  result)
-    {
-        PBEParametersGenerator  generator = new PKCS12ParametersGenerator(
-                                                    new SHA1Digest());
-
-        generator.init(
-                PBEParametersGenerator.PKCS12PasswordToBytes(password),
-                salt,
-                iCount);
-
-        CipherParameters  key = generator.generateDerivedMacParameters(160);
-
-        if (isEqual(result, ((KeyParameter)key).getKey()))
-        {
-            return new SimpleTestResult(true, "PKCS12Test: Okay");
-        }
-        else
-        {
-            return new SimpleTestResult(false, "PKCS12Test: id "
-                                                    + id + " Failed");
-        }
-    }
-
-    public String getName()
-    {
-        return "PKCS12Test";
-    }
-
-    public TestResult perform()
-    {
-        TestResult  result;
-
-        result = run1(1, password1, Hex.decode("0A58CF64530D823F"), 1,
-                Hex.decode("8AAAE6297B6CB04642AB5B077851284EB7128F1A2A7FBCA3"));
-
-        if (result.isSuccessful())
-        {
-            result = run2(2, password1, Hex.decode("0A58CF64530D823F"), 1,
-                Hex.decode("79993DFE048D3B76"));
-        }
-
-        if (result.isSuccessful())
-        {
-            result = run1(3, password1, Hex.decode("642B99AB44FB4B1F"), 1,
-                Hex.decode("F3A95FEC48D7711E985CFE67908C5AB79FA3D7C5CAA5D966"));
-        }
-
-        if (result.isSuccessful())
-        {
-            result = run2(4, password1, Hex.decode("642B99AB44FB4B1F"), 1,
-                Hex.decode("C0A38D64A79BEA1D"));
-        }
-
-        if (result.isSuccessful())
-        {
-            result = run3(5, password1, Hex.decode("3D83C0E4546AC140"), 1,
-                Hex.decode("8D967D88F6CAA9D714800AB3D48051D63F73A312"));
-        }
-
-        if (result.isSuccessful())
-        {
-            result = run1(6, password2, Hex.decode("05DEC959ACFF72F7"), 1000,
-                Hex.decode("ED2034E36328830FF09DF1E1A07DD357185DAC0D4F9EB3D4"));
-        }
-
-        if (result.isSuccessful())
-        {
-            result = run2(7, password2, Hex.decode("05DEC959ACFF72F7"), 1000,
-                Hex.decode("11DEDAD7758D4860"));
-        }
-
-        if (result.isSuccessful())
-        {
-            result = run1(8, password2, Hex.decode("1682C0FC5B3F7EC5"), 1000,
-                Hex.decode("483DD6E919D7DE2E8E648BA8F862F3FBFBDC2BCB2C02957F"));
-        }
-
-        if (result.isSuccessful())
-        {
-            result = run2(9, password2, Hex.decode("1682C0FC5B3F7EC5"), 1000,
-                Hex.decode("9D461D1B00355C50"));
-        }
-
-        if (result.isSuccessful())
-        {
-            result = run3(10, password2, Hex.decode("263216FCC2FAB31C"), 1000,
-                Hex.decode("5EC4C7A80DF652294C3925B6489A7AB857C83476"));
-        }
-
-        return result;
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        PKCS12Test      test = new PKCS12Test();
-        TestResult      result = test.perform();
-
-        System.out.println(result);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/PKCS5Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/PKCS5Test.java
deleted file mode 100644
index 6145114..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/PKCS5Test.java
+++ /dev/null

@@ -1,265 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.io.ByteArrayInputStream;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo;
-import org.bouncycastle.asn1.pkcs.EncryptionScheme;
-import org.bouncycastle.asn1.pkcs.KeyDerivationFunc;
-import org.bouncycastle.asn1.pkcs.PBES2Parameters;
-import org.bouncycastle.asn1.pkcs.PBKDF2Params;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.RC2CBCParameter;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.PBEParametersGenerator;
-import org.bouncycastle.crypto.engines.DESEngine;
-import org.bouncycastle.crypto.engines.DESedeEngine;
-import org.bouncycastle.crypto.engines.RC2Engine;
-import org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * A test class for PKCS5 PBES2 with PBKDF2 (PKCS5 v2.0) using
- * test vectors provider at 
- * <a href=http://www.rsasecurity.com/rsalabs/pkcs/pkcs-5/index.html>
- * RSA's PKCS5 Page</a>
- * <br>
- * The vectors are Base 64 encoded and encrypted using the password "password"
- * (without quotes). They should all yield the same PrivateKeyInfo object.
- */
-public class PKCS5Test
-    extends SimpleTest
-{
-    /**
-     * encrypted using des-cbc.
-     */
-    static byte[] sample1 = Base64.decode(
-        "MIIBozA9BgkqhkiG9w0BBQ0wMDAbBgkqhkiG9w0BBQwwDgQIfWBDXwLp4K4CAggA"
-      + "MBEGBSsOAwIHBAiaCF/AvOgQ6QSCAWDWX4BdAzCRNSQSANSuNsT5X8mWYO27mr3Y"
-      + "9c9LoBVXGNmYWKA77MI4967f7SmjNcgXj3xNE/jmnVz6hhsjS8E5VPT3kfyVkpdZ"
-      + "0lr5e9Yk2m3JWpPU7++v5zBkZmC4V/MwV/XuIs6U+vykgzMgpxQg0oZKS9zgmiZo"
-      + "f/4dOCL0UtCDnyOSvqT7mCVIcMDIEKu8QbVlgZYBop08l60EuEU3gARUo8WsYQmO"
-      + "Dz/ldx0Z+znIT0SXVuOwc+RVItC5T/Qx+aijmmpt+9l14nmaGBrEkmuhmtdvU/4v"
-      + "aptewGRgmjOfD6cqK+zs0O5NrrJ3P/6ZSxXj91CQgrThGfOv72bUncXEMNtc8pks"
-      + "2jpHFjGMdKufnadAD7XuMgzkkaklEXZ4f5tU6heIIwr51g0GBEGF96gYPFnjnSQM"
-      + "75JE02Clo+DfcfXpcybPTwwFg2jd6JTTOfkdf6OdSlA/1XNK43FA");
-
-    /**
-     * encrypted using des-ede3-cbc.
-     */
-    static byte[] sample2 = Base64.decode(
-        "MIIBpjBABgkqhkiG9w0BBQ0wMzAbBgkqhkiG9w0BBQwwDgQIeFeOWl1jywYCAggA"
-      + "MBQGCCqGSIb3DQMHBAjUJ5eGBhQGtQSCAWBrHrRgqO8UUMLcWzZEtpk1l3mjxiF/"
-      + "koCMkHsFwowgyWhEbgIkTgbSViK54LVK8PskekcGNLph+rB6bGZ7pPbL5pbXASJ8"
-      + "+MkQcG3FZdlS4Ek9tTJDApj3O1UubZGFG4uvTlJJFbF1BOJ3MkY3XQ9Gl1qwv7j5"
-      + "6e103Da7Cq9+oIDKmznza78XXQYrUsPo8mJGjUxPskEYlzwvHjKubRnYm/K6RKhi"
-      + "5f4zX4BQ/Dt3H812ZjRXrsjAJP0KrD/jyD/jCT7zNBVPH1izBds+RwizyQAHwfNJ"
-      + "BFR78TH4cgzB619X47FDVOnT0LqQNVd0O3cSwnPrXE9XR3tPayE+iOB15llFSmi8"
-      + "z0ByOXldEpkezCn92Umk++suzIVj1qfsK+bv2phZWJPbLEIWPDRHUbYf76q5ArAr"
-      + "u4xtxT/hoK3krEs/IN3d70qjlUJ36SEw1UaZ82PWhakQbdtu39ZraMJB");
-
-    /**
-     * encrypted using rc2-cbc.
-     */
-    static byte[] sample3 = Base64.decode(
-        "MIIBrjBIBgkqhkiG9w0BBQ0wOzAeBgkqhkiG9w0BBQwwEQQIrHyQPBZqWLUCAggA"
-      + "AgEQMBkGCCqGSIb3DQMCMA0CAToECEhbh7YZKiPSBIIBYCT1zp6o5jpFlIkgwPop"
-      + "7bW1+8ACr4exqzkeb3WflQ8cWJ4cURxzVdvxUnXeW1VJdaQZtjS/QHs5GhPTG/0f"
-      + "wtvnaPfwrIJ3FeGaZfcg2CrYhalOFmEb4xrE4KyoEQmUN8tb/Cg94uzd16BOPw21"
-      + "RDnE8bnPdIGY7TyL95kbkqH23mK53pi7h+xWIgduW+atIqDyyt55f7WMZcvDvlj6"
-      + "VpN/V0h+qxBHL274WA4dj6GYgeyUFpi60HdGCK7By2TBy8h1ZvKGjmB9h8jZvkx1"
-      + "MkbRumXxyFsowTZawyYvO8Um6lbfEDP9zIEUq0IV8RqH2MRyblsPNSikyYhxX/cz"
-      + "tdDxRKhilySbSBg5Kr8OfcwKp9bpinN96nmG4xr3Tch1bnVvqJzOQ5+Vva2WwVvH"
-      + "2JkWvYm5WaANg4Q6bRxu9vz7DuhbJjQdZbxFezIAgrJdSe92B00jO/0Kny1WjiVO"
-      + "6DA=");
-
-    static byte[] result = Hex.decode(
-        "30820155020100300d06092a864886f70d01010105000482013f3082013b020100024100"
-      + "debbfc2c09d61bada2a9462f24224e54cc6b3cc0755f15ce318ef57e79df17026b6a85cc"
-      + "a12428027245045df2052a329a2f9ad3d17b78a10572ad9b22bf343b020301000102402d"
-      + "90a96adcec472743527bc023153d8f0d6e96b40c8ed228276d467d843306429f8670559b"
-      + "f376dd41857f6397c2fc8d95e0e53ed62de420b855430ee4a1b8a1022100ffcaf0838239"
-      + "31e073ff534f06a5d415b3d414bc614a4544a3dff7ed271817eb022100deea30242117db"
-      + "2d3b8837f58f1da530ff83cf9283680da33683ec4e583610f1022100e6026381adb0a683"
-      + "f16a8f4c096b462979b9e4277cc89f3ed8a905b46fa9ff9f02210097c146d4d1d2b3dbaf"
-      + "53a504ff51674c5c271800de84d003f4f10ac6ab36e38102202bfa141f10bda874e1017d"
-      + "845e82767c1c38e82745daf421f0c8cd09d7652387");
-
-    private class PBETest
-        extends SimpleTest
-    {
-        int                 id;
-        BufferedBlockCipher cipher;
-        byte[]              sample;
-        int                 keySize;
-
-        PBETest(
-            int                 id,
-            BufferedBlockCipher cipher,
-            byte[]              sample,
-            int                 keySize)
-        {
-            this.id = id;
-            this.cipher = cipher;
-            this.sample = sample;
-            this.keySize = keySize;
-        }
-
-        public String getName()
-        {
-            return cipher.getUnderlyingCipher().getAlgorithmName() + " PKCS5S2 Test " + id;
-        }
-
-        public void performTest()
-        {
-            char[]                  password = { 'p', 'a', 's', 's', 'w', 'o', 'r', 'd' };
-            PBEParametersGenerator  generator = new PKCS5S2ParametersGenerator();
-            ByteArrayInputStream    bIn = new ByteArrayInputStream(sample);
-            ASN1InputStream         dIn = new ASN1InputStream(bIn);
-            EncryptedPrivateKeyInfo info = null;
-
-            try
-            {
-                info = EncryptedPrivateKeyInfo.getInstance(dIn.readObject());
-            }
-            catch (Exception e)
-            {
-                fail("failed construction - exception " + e.toString(), e);
-            }
-
-            PBES2Parameters         alg = PBES2Parameters.getInstance(info.getEncryptionAlgorithm().getParameters());
-            PBKDF2Params            func = PBKDF2Params.getInstance(alg.getKeyDerivationFunc().getParameters());
-            EncryptionScheme        scheme = alg.getEncryptionScheme();
-    
-            if (func.getKeyLength() != null)
-            {
-                keySize = func.getKeyLength().intValue() * 8;
-            }
-    
-            int     iterationCount = func.getIterationCount().intValue();
-            byte[]  salt = func.getSalt();
-    
-            generator.init(
-                PBEParametersGenerator.PKCS5PasswordToBytes(password),
-                salt,
-                iterationCount);
-    
-            CipherParameters    param;
-    
-            if (scheme.getAlgorithm().equals(PKCSObjectIdentifiers.RC2_CBC))
-            {
-                RC2CBCParameter rc2Params = RC2CBCParameter.getInstance(scheme.getParameters());
-                byte[]  iv = rc2Params.getIV();
-    
-                param = new ParametersWithIV(generator.generateDerivedParameters(keySize), iv);
-            }
-            else
-            {
-                byte[]  iv = ASN1OctetString.getInstance(scheme.getParameters()).getOctets();
-
-                param = new ParametersWithIV(generator.generateDerivedParameters(keySize), iv);
-            }
-    
-            cipher.init(false, param);
-    
-            byte[]  data = info.getEncryptedData();
-            byte[]  out = new byte[cipher.getOutputSize(data.length)];
-            int     len = cipher.processBytes(data, 0, data.length, out, 0);
-        
-            try
-            {
-                len += cipher.doFinal(out, len);
-            }
-            catch (Exception e)
-            {
-                fail("failed doFinal - exception " + e.toString());
-            }
-
-            if (result.length != len)
-            {
-                fail("failed length");
-            }
-
-            for (int i = 0; i != len; i++)
-            {
-                if (out[i] != result[i])
-                {
-                    fail("failed comparison");
-                }
-            }
-        }
-    }
-
-    public String getName()
-    {
-        return "PKCS5S2";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        BufferedBlockCipher cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new DESEngine()));
-        SimpleTest          test = new PBETest(0, cipher, sample1, 64);
-
-        test.performTest();
-
-        cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new DESedeEngine()));
-        test = new PBETest(1, cipher, sample2, 192);
-
-        test.performTest();
-
-        cipher = new PaddedBufferedBlockCipher(new CBCBlockCipher(new RC2Engine()));
-        test = new PBETest(2, cipher, sample3, 0);
-        test.performTest();
-
-        //
-        // RFC 3211 tests
-        //
-        char[]                  password = { 'p', 'a', 's', 's', 'w', 'o', 'r', 'd' };
-        PBEParametersGenerator  generator = new PKCS5S2ParametersGenerator();
-
-        byte[]  salt = Hex.decode("1234567878563412");
-
-        generator.init(
-                PBEParametersGenerator.PKCS5PasswordToBytes(password),
-                salt,
-                5);
-
-        if (!areEqual(((KeyParameter)generator.generateDerivedParameters(64)).getKey(), Hex.decode("d1daa78615f287e6")))
-        {
-            fail("64 test failed");
-        }
-
-        password = "All n-entities must communicate with other n-entities via n-1 entiteeheehees".toCharArray();
-
-        generator.init(
-                PBEParametersGenerator.PKCS5PasswordToBytes(password),
-                salt,
-                500);
-
-        if (!areEqual(((KeyParameter)generator.generateDerivedParameters(192)).getKey(), Hex.decode("6a8970bf68c92caea84a8df28510858607126380cc47ab2d")))
-        {
-            fail("192 test failed");
-        }
-
-        generator.init(PBEParametersGenerator.PKCS5PasswordToBytes(password), salt, 60000);
-        if (!areEqual(((KeyParameter)generator.generateDerivedParameters(192)).getKey(), Hex.decode("29aaef810c12ecd2236bbcfb55407f9852b5573dc1c095bb")))
-        {
-            fail("192 (60000) test failed");
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new PKCS5Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/PSSBlindTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/PSSBlindTest.java
deleted file mode 100644
index 5e391ae..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/PSSBlindTest.java
+++ /dev/null

@@ -1,398 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.engines.RSABlindingEngine;
-import org.bouncycastle.crypto.engines.RSAEngine;
-import org.bouncycastle.crypto.generators.RSABlindingFactorGenerator;
-import org.bouncycastle.crypto.generators.RSAKeyPairGenerator;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.params.RSABlindingParameters;
-import org.bouncycastle.crypto.params.RSAKeyGenerationParameters;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
-import org.bouncycastle.crypto.signers.PSSSigner;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-/*
- * RSA PSS test vectors for PKCS#1 V2.1 with blinding
- */
-public class PSSBlindTest
-    extends SimpleTest
-{
-    private final int DATA_LENGTH = 1000;
-    private final int NUM_TESTS = 50;
-    private final int NUM_TESTS_WITH_KEY_GENERATION = 10;
-
-    private class FixedRandom
-        extends SecureRandom
-    {
-        byte[]  vals;
-
-        FixedRandom(
-            byte[]  vals)
-        {
-            this.vals = vals;
-        }
-
-        public void nextBytes(
-            byte[]  bytes)
-        {
-            System.arraycopy(vals, 0, bytes, 0, vals.length);
-        }
-    }
-
-    //
-    // Example 1: A 1024-bit RSA keypair
-    //
-    private RSAKeyParameters pub1 = new RSAKeyParameters(false,
-                new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
-                new BigInteger("010001",16));
-
-    private RSAKeyParameters prv1 = new RSAPrivateCrtKeyParameters(
-                new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
-                new BigInteger("010001",16),
-                new BigInteger("33a5042a90b27d4f5451ca9bbbd0b44771a101af884340aef9885f2a4bbe92e894a724ac3c568c8f97853ad07c0266c8c6a3ca0929f1e8f11231884429fc4d9ae55fee896a10ce707c3ed7e734e44727a39574501a532683109c2abacaba283c31b4bd2f53c3ee37e352cee34f9e503bd80c0622ad79c6dcee883547c6a3b325",16),
-                new BigInteger("e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443",16),
-                new BigInteger("b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd",16),
-                new BigInteger("28fa13938655be1f8a159cbaca5a72ea190c30089e19cd274a556f36c4f6e19f554b34c077790427bbdd8dd3ede2448328f385d81b30e8e43b2fffa027861979",16),
-                new BigInteger("1a8b38f398fa712049898d7fb79ee0a77668791299cdfa09efc0e507acb21ed74301ef5bfd48be455eaeb6e1678255827580a8e4e8e14151d1510a82a3f2e729",16),
-                new BigInteger("27156aba4126d24a81f3a528cbfb27f56886f840a9f6e86e17a44b94fe9319584b8e22fdde1e5a2e3bd8aa5ba8d8584194eb2190acf832b847f13a3d24a79f4d",16));
-
-    // PSSExample1.1
-
-    private byte[] msg1a = Hex.decode("cdc87da223d786df3b45e0bbbc721326d1ee2af806cc315475cc6f0d9c66e1b62371d45ce2392e1ac92844c310102f156a0d8d52c1f4c40ba3aa65095786cb769757a6563ba958fed0bcc984e8b517a3d5f515b23b8a41e74aa867693f90dfb061a6e86dfaaee64472c00e5f20945729cbebe77f06ce78e08f4098fba41f9d6193c0317e8b60d4b6084acb42d29e3808a3bc372d85e331170fcbf7cc72d0b71c296648b3a4d10f416295d0807aa625cab2744fd9ea8fd223c42537029828bd16be02546f130fd2e33b936d2676e08aed1b73318b750a0167d0");
-
-    private byte[] slt1a = Hex.decode("dee959c7e06411361420ff80185ed57f3e6776af");
-
-    private byte[] sig1a = Hex.decode("9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c");
-
-    // PSSExample1.2
-
-    private byte[] msg1b = Hex.decode("851384cdfe819c22ed6c4ccb30daeb5cf059bc8e1166b7e3530c4c233e2b5f8f71a1cca582d43ecc72b1bca16dfc7013226b9e");
-
-    private byte[] slt1b = Hex.decode("ef2869fa40c346cb183dab3d7bffc98fd56df42d");
-
-    private byte[] sig1b = Hex.decode("3ef7f46e831bf92b32274142a585ffcefbdca7b32ae90d10fb0f0c729984f04ef29a9df0780775ce43739b97838390db0a5505e63de927028d9d29b219ca2c4517832558a55d694a6d25b9dab66003c4cccd907802193be5170d26147d37b93590241be51c25055f47ef62752cfbe21418fafe98c22c4d4d47724fdb5669e843");
-
-    //
-    // Example 2: A 1025-bit RSA keypair
-    //
-
-    private RSAKeyParameters pub2 = new RSAKeyParameters(false,
-                new BigInteger("01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9", 16),
-                new BigInteger("010001", 16));
-
-    private RSAKeyParameters prv2 = new RSAPrivateCrtKeyParameters(
-                new BigInteger("01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9", 16),
-                new BigInteger("010001", 16),
-                new BigInteger("027d147e4673057377fd1ea201565772176a7dc38358d376045685a2e787c23c15576bc16b9f444402d6bfc5d98a3e88ea13ef67c353eca0c0ddba9255bd7b8bb50a644afdfd1dd51695b252d22e7318d1b6687a1c10ff75545f3db0fe602d5f2b7f294e3601eab7b9d1cecd767f64692e3e536ca2846cb0c2dd486a39fa75b1", 16),
-                new BigInteger("016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1", 16),
-                new BigInteger("014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079", 16),
-                new BigInteger("e247cce504939b8f0a36090de200938755e2444b29539a7da7a902f6056835c0db7b52559497cfe2c61a8086d0213c472c78851800b171f6401de2e9c2756f31", 16),
-                new BigInteger("b12fba757855e586e46f64c38a70c68b3f548d93d787b399999d4c8f0bbd2581c21e19ed0018a6d5d3df86424b3abcad40199d31495b61309f27c1bf55d487c1", 16),
-                new BigInteger("564b1e1fa003bda91e89090425aac05b91da9ee25061e7628d5f51304a84992fdc33762bd378a59f030a334d532bd0dae8f298ea9ed844636ad5fb8cbdc03cad", 16));
-
-    // PSS Example 2.1
-
-    private byte[] msg2a = Hex.decode("daba032066263faedb659848115278a52c44faa3a76f37515ed336321072c40a9d9b53bc05014078adf520875146aae70ff060226dcb7b1f1fc27e9360");
-    private byte[] slt2a = Hex.decode("57bf160bcb02bb1dc7280cf0458530b7d2832ff7");
-    private byte[] sig2a = Hex.decode("014c5ba5338328ccc6e7a90bf1c0ab3fd606ff4796d3c12e4b639ed9136a5fec6c16d8884bdd99cfdc521456b0742b736868cf90de099adb8d5ffd1deff39ba4007ab746cefdb22d7df0e225f54627dc65466131721b90af445363a8358b9f607642f78fab0ab0f43b7168d64bae70d8827848d8ef1e421c5754ddf42c2589b5b3");
-
-    // PSS Example 2.2
-
-    private byte[] msg2b = Hex.decode("e4f8601a8a6da1be34447c0959c058570c3668cfd51dd5f9ccd6ad4411fe8213486d78a6c49f93efc2ca2288cebc2b9b60bd04b1e220d86e3d4848d709d032d1e8c6a070c6af9a499fcf95354b14ba6127c739de1bb0fd16431e46938aec0cf8ad9eb72e832a7035de9b7807bdc0ed8b68eb0f5ac2216be40ce920c0db0eddd3860ed788efaccaca502d8f2bd6d1a7c1f41ff46f1681c8f1f818e9c4f6d91a0c7803ccc63d76a6544d843e084e363b8acc55aa531733edb5dee5b5196e9f03e8b731b3776428d9e457fe3fbcb3db7274442d785890e9cb0854b6444dace791d7273de1889719338a77fe");
-    private byte[] slt2b = Hex.decode("7f6dd359e604e60870e898e47b19bf2e5a7b2a90");
-    private byte[] sig2b = Hex.decode("010991656cca182b7f29d2dbc007e7ae0fec158eb6759cb9c45c5ff87c7635dd46d150882f4de1e9ae65e7f7d9018f6836954a47c0a81a8a6b6f83f2944d6081b1aa7c759b254b2c34b691da67cc0226e20b2f18b42212761dcd4b908a62b371b5918c5742af4b537e296917674fb914194761621cc19a41f6fb953fbcbb649dea");
-
-    //
-    //  Example 4: A 1027-bit RSA key pair
-    //
-
-    private RSAKeyParameters pub4 = new RSAKeyParameters(false,
-                new BigInteger("054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705", 16),
-                new BigInteger("010001", 16));
-
-    private RSAKeyParameters prv4 = new RSAPrivateCrtKeyParameters(
-                new BigInteger("054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705", 16),
-                new BigInteger("010001", 16),
-                new BigInteger("fa041f8cd9697ceed38ec8caa275523b4dd72b09a301d3541d72f5d31c05cbce2d6983b36183af10690bd46c46131e35789431a556771dd0049b57461bf060c1f68472e8a67c25f357e5b6b4738fa541a730346b4a07649a2dfa806a69c975b6aba64678acc7f5913e89c622f2d8abb1e3e32554e39df94ba60c002e387d9011", 16),
-                new BigInteger("029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995", 16),
-                new BigInteger("020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1", 16),
-                new BigInteger("026e7e28010ecf2412d9523ad704647fb4fe9b66b1a681581b0e15553a89b1542828898f27243ebab45ff5e1acb9d4df1b051fbc62824dbc6f6c93261a78b9a759", 16),
-                new BigInteger("012ddcc86ef655998c39ddae11718669e5e46cf1495b07e13b1014cd69b3af68304ad2a6b64321e78bf3bbca9bb494e91d451717e2d97564c6549465d0205cf421", 16),
-                new BigInteger("010600c4c21847459fe576703e2ebecae8a5094ee63f536bf4ac68d3c13e5e4f12ac5cc10ab6a2d05a199214d1824747d551909636b774c22cac0b837599abcc75", 16));
-
-    // PSS Example 4.1
-
-    private byte[] msg4a = Hex.decode("9fb03b827c8217d9");
-
-    private byte[] slt4a = Hex.decode("ed7c98c95f30974fbe4fbddcf0f28d6021c0e91d");
-
-    private byte[] sig4a = Hex.decode("0323d5b7bf20ba4539289ae452ae4297080feff4518423ff4811a817837e7d82f1836cdfab54514ff0887bddeebf40bf99b047abc3ecfa6a37a3ef00f4a0c4a88aae0904b745c846c4107e8797723e8ac810d9e3d95dfa30ff4966f4d75d13768d20857f2b1406f264cfe75e27d7652f4b5ed3575f28a702f8c4ed9cf9b2d44948");
-
-    // PSS Example 4.2
-
-    private byte[] msg4b = Hex.decode("0ca2ad77797ece86de5bf768750ddb5ed6a3116ad99bbd17edf7f782f0db1cd05b0f677468c5ea420dc116b10e80d110de2b0461ea14a38be68620392e7e893cb4ea9393fb886c20ff790642305bf302003892e54df9f667509dc53920df583f50a3dd61abb6fab75d600377e383e6aca6710eeea27156e06752c94ce25ae99fcbf8592dbe2d7e27453cb44de07100ebb1a2a19811a478adbeab270f94e8fe369d90b3ca612f9f");
-
-    private byte[] slt4b = Hex.decode("22d71d54363a4217aa55113f059b3384e3e57e44");
-
-    private byte[] sig4b = Hex.decode("049d0185845a264d28feb1e69edaec090609e8e46d93abb38371ce51f4aa65a599bdaaa81d24fba66a08a116cb644f3f1e653d95c89db8bbd5daac2709c8984000178410a7c6aa8667ddc38c741f710ec8665aa9052be929d4e3b16782c1662114c5414bb0353455c392fc28f3db59054b5f365c49e1d156f876ee10cb4fd70598");
-
-
-    //
-    // Example 8: A 1031-bit RSA key pair
-    //
-
-    private RSAKeyParameters pub8 = new RSAKeyParameters(false,
-                new BigInteger("495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f", 16),
-                new BigInteger("010001", 16));
-
-    private RSAKeyParameters prv8 = new RSAPrivateCrtKeyParameters(
-                new BigInteger("495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f", 16),
-                new BigInteger("010001", 16),
-                new BigInteger("6c66ffe98980c38fcdeab5159898836165f4b4b817c4f6a8d486ee4ea9130fe9b9092bd136d184f95f504a607eac565846d2fdd6597a8967c7396ef95a6eeebb4578a643966dca4d8ee3de842de63279c618159c1ab54a89437b6a6120e4930afb52a4ba6ced8a4947ac64b30a3497cbe701c2d6266d517219ad0ec6d347dbe9", 16),
-                new BigInteger("08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb", 16),
-                new BigInteger("0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d", 16),
-                new BigInteger("05c2a83c124b3621a2aa57ea2c3efe035eff4560f33ddebb7adab81fce69a0c8c2edc16520dda83d59a23be867963ac65f2cc710bbcfb96ee103deb771d105fd85", 16),
-                new BigInteger("04cae8aa0d9faa165c87b682ec140b8ed3b50b24594b7a3b2c220b3669bb819f984f55310a1ae7823651d4a02e99447972595139363434e5e30a7e7d241551e1b9", 16),
-                new BigInteger("07d3e47bf686600b11ac283ce88dbb3f6051e8efd04680e44c171ef531b80b2b7c39fc766320e2cf15d8d99820e96ff30dc69691839c4b40d7b06e45307dc91f3f", 16));
-
-    // PSS Example 8.1
-
-    private byte[] msg8a = Hex.decode("81332f4be62948415ea1d899792eeacf6c6e1db1da8be13b5cea41db2fed467092e1ff398914c714259775f595f8547f735692a575e6923af78f22c6997ddb90fb6f72d7bb0dd5744a31decd3dc3685849836ed34aec596304ad11843c4f88489f209735f5fb7fdaf7cec8addc5818168f880acbf490d51005b7a8e84e43e54287977571dd99eea4b161eb2df1f5108f12a4142a83322edb05a75487a3435c9a78ce53ed93bc550857d7a9fb");
-
-    private byte[] slt8a = Hex.decode("1d65491d79c864b373009be6f6f2467bac4c78fa");
-
-    private byte[] sig8a = Hex.decode("0262ac254bfa77f3c1aca22c5179f8f040422b3c5bafd40a8f21cf0fa5a667ccd5993d42dbafb409c520e25fce2b1ee1e716577f1efa17f3da28052f40f0419b23106d7845aaf01125b698e7a4dfe92d3967bb00c4d0d35ba3552ab9a8b3eef07c7fecdbc5424ac4db1e20cb37d0b2744769940ea907e17fbbca673b20522380c5");
-
-    // PSS Example 8.2
-
-    private byte[] msg8b = Hex.decode("e2f96eaf0e05e7ba326ecca0ba7fd2f7c02356f3cede9d0faabf4fcc8e60a973e5595fd9ea08");
-
-    private byte[] slt8b = Hex.decode("435c098aa9909eb2377f1248b091b68987ff1838");
-
-    private byte[] sig8b = Hex.decode("2707b9ad5115c58c94e932e8ec0a280f56339e44a1b58d4ddcff2f312e5f34dcfe39e89c6a94dcee86dbbdae5b79ba4e0819a9e7bfd9d982e7ee6c86ee68396e8b3a14c9c8f34b178eb741f9d3f121109bf5c8172fada2e768f9ea1433032c004a8aa07eb990000a48dc94c8bac8aabe2b09b1aa46c0a2aa0e12f63fbba775ba7e");
-
-    //
-    // Example 9: A 1536-bit RSA key pair
-    //
-
-    private RSAKeyParameters pub9 = new RSAKeyParameters(false,
-                new BigInteger("e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b", 16),
-                new BigInteger("010001", 16));
-
-    private RSAKeyParameters prv9 = new RSAPrivateCrtKeyParameters(
-                new BigInteger("e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b", 16),
-                new BigInteger("010001", 16),
-                new BigInteger("6a7fd84fb85fad073b34406db74f8d61a6abc12196a961dd79565e9da6e5187bce2d980250f7359575359270d91590bb0e427c71460b55d51410b191bcf309fea131a92c8e702738fa719f1e0041f52e40e91f229f4d96a1e6f172e15596b4510a6daec26105f2bebc53316b87bdf21311666070e8dfee69d52c71a976caae79c72b68d28580dc686d9f5129d225f82b3d615513a882b3db91416b48ce08888213e37eeb9af800d81cab328ce420689903c00c7b5fd31b75503a6d419684d629", 16),
-                new BigInteger("f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367", 16),
-                new BigInteger("ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d", 16),
-                new BigInteger("2bb68bddfb0c4f56c8558bffaf892d8043037841e7fa81cfa61a38c5e39b901c8ee71122a5da2227bd6cdeeb481452c12ad3d61d5e4f776a0ab556591befe3e59e5a7fddb8345e1f2f35b9f4cee57c32414c086aec993e9353e480d9eec6289f", 16),
-                new BigInteger("4ff897709fad079746494578e70fd8546130eeab5627c49b080f05ee4ad9f3e4b7cba9d6a5dff113a41c3409336833f190816d8a6bc42e9bec56b7567d0f3c9c696db619b245d901dd856db7c8092e77e9a1cccd56ee4dba42c5fdb61aec2669", 16),
-                new BigInteger("77b9d1137b50404a982729316efafc7dfe66d34e5a182600d5f30a0a8512051c560d081d4d0a1835ec3d25a60f4e4d6aa948b2bf3dbb5b124cbbc3489255a3a948372f6978496745f943e1db4f18382ceaa505dfc65757bb3f857a58dce52156", 16));
-
-    // PSS Example 9.1
-
-    private byte[] msg9a = Hex.decode("a88e265855e9d7ca36c68795f0b31b591cd6587c71d060a0b3f7f3eaef43795922028bc2b6ad467cfc2d7f659c5385aa70ba3672cdde4cfe4970cc7904601b278872bf51321c4a972f3c95570f3445d4f57980e0f20df54846e6a52c668f1288c03f95006ea32f562d40d52af9feb32f0fa06db65b588a237b34e592d55cf979f903a642ef64d2ed542aa8c77dc1dd762f45a59303ed75e541ca271e2b60ca709e44fa0661131e8d5d4163fd8d398566ce26de8730e72f9cca737641c244159420637028df0a18079d6208ea8b4711a2c750f5");
-
-    private byte[] slt9a = Hex.decode("c0a425313df8d7564bd2434d311523d5257eed80");
-
-    private byte[] sig9a = Hex.decode("586107226c3ce013a7c8f04d1a6a2959bb4b8e205ba43a27b50f124111bc35ef589b039f5932187cb696d7d9a32c0c38300a5cdda4834b62d2eb240af33f79d13dfbf095bf599e0d9686948c1964747b67e89c9aba5cd85016236f566cc5802cb13ead51bc7ca6bef3b94dcbdbb1d570469771df0e00b1a8a06777472d2316279edae86474668d4e1efff95f1de61c6020da32ae92bbf16520fef3cf4d88f61121f24bbd9fe91b59caf1235b2a93ff81fc403addf4ebdea84934a9cdaf8e1a9e");
-
-    // PSS Example 9.2
-
-    private byte[] msg9b = Hex.decode("c8c9c6af04acda414d227ef23e0820c3732c500dc87275e95b0d095413993c2658bc1d988581ba879c2d201f14cb88ced153a01969a7bf0a7be79c84c1486bc12b3fa6c59871b6827c8ce253ca5fefa8a8c690bf326e8e37cdb96d90a82ebab69f86350e1822e8bd536a2e");
-
-    private byte[] slt9b = Hex.decode("b307c43b4850a8dac2f15f32e37839ef8c5c0e91");
-
-    private byte[] sig9b = Hex.decode("80b6d643255209f0a456763897ac9ed259d459b49c2887e5882ecb4434cfd66dd7e1699375381e51cd7f554f2c271704b399d42b4be2540a0eca61951f55267f7c2878c122842dadb28b01bd5f8c025f7e228418a673c03d6bc0c736d0a29546bd67f786d9d692ccea778d71d98c2063b7a71092187a4d35af108111d83e83eae46c46aa34277e06044589903788f1d5e7cee25fb485e92949118814d6f2c3ee361489016f327fb5bc517eb50470bffa1afa5f4ce9aa0ce5b8ee19bf5501b958");
-
-
-    public String getName()
-    {
-        return "PSSBlindTest";
-    }
-
-    private void testSig(
-        int                 id,
-        RSAKeyParameters    pub,
-        RSAKeyParameters    prv,
-        byte[]              slt,
-        byte[]              msg,
-        byte[]              sig)
-        throws Exception
-    {
-        RSABlindingFactorGenerator blindFactorGen = new RSABlindingFactorGenerator();
-        RSABlindingEngine blindingEngine = new RSABlindingEngine();
-        PSSSigner blindSigner = new PSSSigner(blindingEngine, new SHA1Digest(), 20);
-        PSSSigner signer = new PSSSigner(new RSAEngine(), new SHA1Digest(), 20);
-
-        blindFactorGen.init(pub);
-
-        BigInteger blindFactor = blindFactorGen.generateBlindingFactor();
-        RSABlindingParameters params = new RSABlindingParameters(pub, blindFactor);
-
-        // generate a blind signature
-        blindSigner.init(true, new ParametersWithRandom(params, new FixedRandom(slt)));
-
-        blindSigner.update(msg, 0, msg.length);
-
-        byte[] blindedData = blindSigner.generateSignature();
-
-        RSAEngine signerEngine = new RSAEngine();
-
-        signerEngine.init(true, prv);
-
-        byte[] blindedSig = signerEngine.processBlock(blindedData, 0, blindedData.length);
-
-        // unblind the signature
-        blindingEngine.init(false, params);
-
-        byte[] s = blindingEngine.processBlock(blindedSig, 0, blindedSig.length);
-
-        //signature verification
-        if (!areEqual(s, sig))
-        {
-            fail("test " + id + " failed generation");
-        }
-        
-        //verify signature with PSSSigner
-        signer.init(false, pub);
-        signer.update(msg, 0, msg.length);
-
-        if (!signer.verifySignature(s))
-        {
-            fail("test " + id + " failed PSSSigner verification");
-        }
-    }
-
-    private boolean isProcessingOkay(
-        RSAKeyParameters    pub,
-        RSAKeyParameters    prv,
-        byte[]              data,
-        SecureRandom        random)
-        throws Exception
-    {
-        RSABlindingFactorGenerator blindFactorGen = new RSABlindingFactorGenerator();
-        RSABlindingEngine blindingEngine = new RSABlindingEngine();
-        PSSSigner blindSigner = new PSSSigner(blindingEngine, new SHA1Digest(), 20);
-        PSSSigner pssEng = new PSSSigner(new RSAEngine(), new SHA1Digest(), 20);
-
-        random.nextBytes(data);
-
-        blindFactorGen.init(pub);
-
-        BigInteger blindFactor = blindFactorGen.generateBlindingFactor();
-        RSABlindingParameters params = new RSABlindingParameters(pub, blindFactor);
-
-        // generate a blind signature
-        blindSigner.init(true, new ParametersWithRandom(params, random));
-
-        blindSigner.update(data, 0, data.length);
-
-        byte[] blindedData = blindSigner.generateSignature();
-
-        RSAEngine signerEngine = new RSAEngine();
-
-        signerEngine.init(true, prv);
-
-        byte[] blindedSig = signerEngine.processBlock(blindedData, 0, blindedData.length);
-
-        // unblind the signature
-        blindingEngine.init(false, params);
-
-        byte[] s = blindingEngine.processBlock(blindedSig, 0, blindedSig.length);
-
-        //verify signature with PSSSigner
-        pssEng.init(false, pub);
-        pssEng.update(data, 0, data.length);
-
-        return pssEng.verifySignature(s);
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        testSig(1, pub1, prv1, slt1a, msg1a, sig1a);
-        testSig(2, pub1, prv1, slt1b, msg1b, sig1b);
-        testSig(3, pub2, prv2, slt2a, msg2a, sig2a);
-        testSig(4, pub2, prv2, slt2b, msg2b, sig2b);
-        testSig(5, pub4, prv4, slt4a, msg4a, sig4a);
-        testSig(6, pub4, prv4, slt4b, msg4b, sig4b);
-        testSig(7, pub8, prv8, slt8a, msg8a, sig8a);
-        testSig(8, pub8, prv8, slt8b, msg8b, sig8b);
-        testSig(9, pub9, prv9, slt9a, msg9a, sig9a);
-        testSig(10, pub9, prv9, slt9b, msg9b, sig9b);
-        
-        //
-        // loop test
-        //
-        int failed = 0;
-        byte[] data = new byte[DATA_LENGTH];
-
-        SecureRandom    random = new SecureRandom();
-
-
-        RSAKeyParameters[] kprv ={prv1, prv2, prv4, prv8, prv9};
-        RSAKeyParameters[] kpub ={pub1, pub2, pub4, pub8, pub9};
-
-        int i = 0;
-        for (int j = 0; j < NUM_TESTS; j++, i++)
-        {
-            if (i == kprv.length)
-            {
-                i = 0;
-            }
-
-            if (!isProcessingOkay(kpub[i], kprv[i], data, random))
-            {
-                failed++;
-            }
-        }
-
-        if (failed != 0)
-        {
-            fail("loop test failed - failures: " + failed);
-        }
-
-        //
-        // key generation test
-        //
-        RSAKeyPairGenerator  pGen = new RSAKeyPairGenerator();
-        RSAKeyGenerationParameters  genParam = new RSAKeyGenerationParameters(
-                                            BigInteger.valueOf(0x11), new SecureRandom(), 1024, 25);
-
-        pGen.init(genParam);
-        failed = 0;
-
-        for (int k = 0; k < NUM_TESTS_WITH_KEY_GENERATION; k++)
-        {
-            AsymmetricCipherKeyPair pair = pGen.generateKeyPair();
-
-            for (int j = 0; j < NUM_TESTS; j++)
-            {
-                if (!isProcessingOkay((RSAKeyParameters)pair.getPublic(), (RSAKeyParameters)pair.getPrivate(), data, random))
-                {
-                    failed++;
-                }
-            }
-
-        }
-        
-        if (failed != 0)
-        {
-            fail("loop test with key generation failed - failures: " + failed);
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new PSSBlindTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/PSSTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/PSSTest.java
deleted file mode 100644
index c6fda89..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/PSSTest.java
+++ /dev/null

@@ -1,369 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.engines.RSAEngine;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
-import org.bouncycastle.crypto.signers.PSSSigner;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/*
- * RSA PSS test vectors for PKCS#1 V2.1
- */
-public class PSSTest
-    extends SimpleTest
-{
-    private final int DATA_LENGTH = 1000;
-    private final int NUM_TESTS = 500;
-
-    private class FixedRandom
-        extends SecureRandom
-    {
-        byte[]  vals;
-
-        FixedRandom(
-            byte[]  vals)
-        {
-            this.vals = vals;
-        }
-
-        public void nextBytes(
-            byte[]  bytes)
-        {
-            System.arraycopy(vals, 0, bytes, 0, vals.length);
-        }
-    }
-
-    //
-    // Example 1: A 1024-bit RSA keypair
-    //
-    private RSAKeyParameters pub1 = new RSAKeyParameters(false,
-                new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
-                new BigInteger("010001",16));
-
-    private RSAKeyParameters prv1 = new RSAPrivateCrtKeyParameters(
-                new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
-                new BigInteger("010001",16),
-                new BigInteger("33a5042a90b27d4f5451ca9bbbd0b44771a101af884340aef9885f2a4bbe92e894a724ac3c568c8f97853ad07c0266c8c6a3ca0929f1e8f11231884429fc4d9ae55fee896a10ce707c3ed7e734e44727a39574501a532683109c2abacaba283c31b4bd2f53c3ee37e352cee34f9e503bd80c0622ad79c6dcee883547c6a3b325",16),
-                new BigInteger("e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443",16),
-                new BigInteger("b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd",16),
-                new BigInteger("28fa13938655be1f8a159cbaca5a72ea190c30089e19cd274a556f36c4f6e19f554b34c077790427bbdd8dd3ede2448328f385d81b30e8e43b2fffa027861979",16),
-                new BigInteger("1a8b38f398fa712049898d7fb79ee0a77668791299cdfa09efc0e507acb21ed74301ef5bfd48be455eaeb6e1678255827580a8e4e8e14151d1510a82a3f2e729",16),
-                new BigInteger("27156aba4126d24a81f3a528cbfb27f56886f840a9f6e86e17a44b94fe9319584b8e22fdde1e5a2e3bd8aa5ba8d8584194eb2190acf832b847f13a3d24a79f4d",16));
-
-    // PSSExample1.1
-
-    private byte[] msg1a = Hex.decode("cdc87da223d786df3b45e0bbbc721326d1ee2af806cc315475cc6f0d9c66e1b62371d45ce2392e1ac92844c310102f156a0d8d52c1f4c40ba3aa65095786cb769757a6563ba958fed0bcc984e8b517a3d5f515b23b8a41e74aa867693f90dfb061a6e86dfaaee64472c00e5f20945729cbebe77f06ce78e08f4098fba41f9d6193c0317e8b60d4b6084acb42d29e3808a3bc372d85e331170fcbf7cc72d0b71c296648b3a4d10f416295d0807aa625cab2744fd9ea8fd223c42537029828bd16be02546f130fd2e33b936d2676e08aed1b73318b750a0167d0");
-
-    private byte[] slt1a = Hex.decode("dee959c7e06411361420ff80185ed57f3e6776af");
-
-    private byte[] sig1a = Hex.decode("9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c");
-
-    // PSSExample1.2
-
-    private byte[] msg1b = Hex.decode("851384cdfe819c22ed6c4ccb30daeb5cf059bc8e1166b7e3530c4c233e2b5f8f71a1cca582d43ecc72b1bca16dfc7013226b9e");
-
-    private byte[] slt1b = Hex.decode("ef2869fa40c346cb183dab3d7bffc98fd56df42d");
-
-    private byte[] sig1b = Hex.decode("3ef7f46e831bf92b32274142a585ffcefbdca7b32ae90d10fb0f0c729984f04ef29a9df0780775ce43739b97838390db0a5505e63de927028d9d29b219ca2c4517832558a55d694a6d25b9dab66003c4cccd907802193be5170d26147d37b93590241be51c25055f47ef62752cfbe21418fafe98c22c4d4d47724fdb5669e843");
-
-    //
-    // Example 2: A 1025-bit RSA keypair
-    //
-
-    private RSAKeyParameters pub2 = new RSAKeyParameters(false,
-                new BigInteger("01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9", 16),
-                new BigInteger("010001", 16));
-
-    private RSAKeyParameters prv2 = new RSAPrivateCrtKeyParameters(
-                new BigInteger("01d40c1bcf97a68ae7cdbd8a7bf3e34fa19dcca4ef75a47454375f94514d88fed006fb829f8419ff87d6315da68a1ff3a0938e9abb3464011c303ad99199cf0c7c7a8b477dce829e8844f625b115e5e9c4a59cf8f8113b6834336a2fd2689b472cbb5e5cabe674350c59b6c17e176874fb42f8fc3d176a017edc61fd326c4b33c9", 16),
-                new BigInteger("010001", 16),
-                new BigInteger("027d147e4673057377fd1ea201565772176a7dc38358d376045685a2e787c23c15576bc16b9f444402d6bfc5d98a3e88ea13ef67c353eca0c0ddba9255bd7b8bb50a644afdfd1dd51695b252d22e7318d1b6687a1c10ff75545f3db0fe602d5f2b7f294e3601eab7b9d1cecd767f64692e3e536ca2846cb0c2dd486a39fa75b1", 16),
-                new BigInteger("016601e926a0f8c9e26ecab769ea65a5e7c52cc9e080ef519457c644da6891c5a104d3ea7955929a22e7c68a7af9fcad777c3ccc2b9e3d3650bce404399b7e59d1", 16),
-                new BigInteger("014eafa1d4d0184da7e31f877d1281ddda625664869e8379e67ad3b75eae74a580e9827abd6eb7a002cb5411f5266797768fb8e95ae40e3e8a01f35ff89e56c079", 16),
-                new BigInteger("e247cce504939b8f0a36090de200938755e2444b29539a7da7a902f6056835c0db7b52559497cfe2c61a8086d0213c472c78851800b171f6401de2e9c2756f31", 16),
-                new BigInteger("b12fba757855e586e46f64c38a70c68b3f548d93d787b399999d4c8f0bbd2581c21e19ed0018a6d5d3df86424b3abcad40199d31495b61309f27c1bf55d487c1", 16),
-                new BigInteger("564b1e1fa003bda91e89090425aac05b91da9ee25061e7628d5f51304a84992fdc33762bd378a59f030a334d532bd0dae8f298ea9ed844636ad5fb8cbdc03cad", 16));
-
-    // PSS Example 2.1
-
-    private byte[] msg2a = Hex.decode("daba032066263faedb659848115278a52c44faa3a76f37515ed336321072c40a9d9b53bc05014078adf520875146aae70ff060226dcb7b1f1fc27e9360");
-    private byte[] slt2a = Hex.decode("57bf160bcb02bb1dc7280cf0458530b7d2832ff7");
-    private byte[] sig2a = Hex.decode("014c5ba5338328ccc6e7a90bf1c0ab3fd606ff4796d3c12e4b639ed9136a5fec6c16d8884bdd99cfdc521456b0742b736868cf90de099adb8d5ffd1deff39ba4007ab746cefdb22d7df0e225f54627dc65466131721b90af445363a8358b9f607642f78fab0ab0f43b7168d64bae70d8827848d8ef1e421c5754ddf42c2589b5b3");
-
-    // PSS Example 2.2
-
-    private byte[] msg2b = Hex.decode("e4f8601a8a6da1be34447c0959c058570c3668cfd51dd5f9ccd6ad4411fe8213486d78a6c49f93efc2ca2288cebc2b9b60bd04b1e220d86e3d4848d709d032d1e8c6a070c6af9a499fcf95354b14ba6127c739de1bb0fd16431e46938aec0cf8ad9eb72e832a7035de9b7807bdc0ed8b68eb0f5ac2216be40ce920c0db0eddd3860ed788efaccaca502d8f2bd6d1a7c1f41ff46f1681c8f1f818e9c4f6d91a0c7803ccc63d76a6544d843e084e363b8acc55aa531733edb5dee5b5196e9f03e8b731b3776428d9e457fe3fbcb3db7274442d785890e9cb0854b6444dace791d7273de1889719338a77fe");
-    private byte[] slt2b = Hex.decode("7f6dd359e604e60870e898e47b19bf2e5a7b2a90");
-    private byte[] sig2b = Hex.decode("010991656cca182b7f29d2dbc007e7ae0fec158eb6759cb9c45c5ff87c7635dd46d150882f4de1e9ae65e7f7d9018f6836954a47c0a81a8a6b6f83f2944d6081b1aa7c759b254b2c34b691da67cc0226e20b2f18b42212761dcd4b908a62b371b5918c5742af4b537e296917674fb914194761621cc19a41f6fb953fbcbb649dea");
-
-    //
-    //  Example 4: A 1027-bit RSA key pair
-    //
-
-    private RSAKeyParameters pub4 = new RSAKeyParameters(false,
-                new BigInteger("054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705", 16),
-                new BigInteger("010001", 16));
-
-    private RSAKeyParameters prv4 = new RSAPrivateCrtKeyParameters(
-                new BigInteger("054adb7886447efe6f57e0368f06cf52b0a3370760d161cef126b91be7f89c421b62a6ec1da3c311d75ed50e0ab5fff3fd338acc3aa8a4e77ee26369acb81ba900fa83f5300cf9bb6c53ad1dc8a178b815db4235a9a9da0c06de4e615ea1277ce559e9c108de58c14a81aa77f5a6f8d1335494498848c8b95940740be7bf7c3705", 16),
-                new BigInteger("010001", 16),
-                new BigInteger("fa041f8cd9697ceed38ec8caa275523b4dd72b09a301d3541d72f5d31c05cbce2d6983b36183af10690bd46c46131e35789431a556771dd0049b57461bf060c1f68472e8a67c25f357e5b6b4738fa541a730346b4a07649a2dfa806a69c975b6aba64678acc7f5913e89c622f2d8abb1e3e32554e39df94ba60c002e387d9011", 16),
-                new BigInteger("029232336d2838945dba9dd7723f4e624a05f7375b927a87abe6a893a1658fd49f47f6c7b0fa596c65fa68a23f0ab432962d18d4343bd6fd671a5ea8d148413995", 16),
-                new BigInteger("020ef5efe7c5394aed2272f7e81a74f4c02d145894cb1b3cab23a9a0710a2afc7e3329acbb743d01f680c4d02afb4c8fde7e20930811bb2b995788b5e872c20bb1", 16),
-                new BigInteger("026e7e28010ecf2412d9523ad704647fb4fe9b66b1a681581b0e15553a89b1542828898f27243ebab45ff5e1acb9d4df1b051fbc62824dbc6f6c93261a78b9a759", 16),
-                new BigInteger("012ddcc86ef655998c39ddae11718669e5e46cf1495b07e13b1014cd69b3af68304ad2a6b64321e78bf3bbca9bb494e91d451717e2d97564c6549465d0205cf421", 16),
-                new BigInteger("010600c4c21847459fe576703e2ebecae8a5094ee63f536bf4ac68d3c13e5e4f12ac5cc10ab6a2d05a199214d1824747d551909636b774c22cac0b837599abcc75", 16));
-
-    // PSS Example 4.1
-
-    private byte[] msg4a = Hex.decode("9fb03b827c8217d9");
-
-    private byte[] slt4a = Hex.decode("ed7c98c95f30974fbe4fbddcf0f28d6021c0e91d");
-
-    private byte[] sig4a = Hex.decode("0323d5b7bf20ba4539289ae452ae4297080feff4518423ff4811a817837e7d82f1836cdfab54514ff0887bddeebf40bf99b047abc3ecfa6a37a3ef00f4a0c4a88aae0904b745c846c4107e8797723e8ac810d9e3d95dfa30ff4966f4d75d13768d20857f2b1406f264cfe75e27d7652f4b5ed3575f28a702f8c4ed9cf9b2d44948");
-
-    // PSS Example 4.2
-
-    private byte[] msg4b = Hex.decode("0ca2ad77797ece86de5bf768750ddb5ed6a3116ad99bbd17edf7f782f0db1cd05b0f677468c5ea420dc116b10e80d110de2b0461ea14a38be68620392e7e893cb4ea9393fb886c20ff790642305bf302003892e54df9f667509dc53920df583f50a3dd61abb6fab75d600377e383e6aca6710eeea27156e06752c94ce25ae99fcbf8592dbe2d7e27453cb44de07100ebb1a2a19811a478adbeab270f94e8fe369d90b3ca612f9f");
-
-    private byte[] slt4b = Hex.decode("22d71d54363a4217aa55113f059b3384e3e57e44");
-
-    private byte[] sig4b = Hex.decode("049d0185845a264d28feb1e69edaec090609e8e46d93abb38371ce51f4aa65a599bdaaa81d24fba66a08a116cb644f3f1e653d95c89db8bbd5daac2709c8984000178410a7c6aa8667ddc38c741f710ec8665aa9052be929d4e3b16782c1662114c5414bb0353455c392fc28f3db59054b5f365c49e1d156f876ee10cb4fd70598");
-
-
-    //
-    // Example 8: A 1031-bit RSA key pair
-    //
-
-    private RSAKeyParameters pub8 = new RSAKeyParameters(false,
-                new BigInteger("495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f", 16),
-                new BigInteger("010001", 16));
-
-    private RSAKeyParameters prv8 = new RSAPrivateCrtKeyParameters(
-                new BigInteger("495370a1fb18543c16d3631e3163255df62be6eee890d5f25509e4f778a8ea6fbbbcdf85dff64e0d972003ab3681fbba6dd41fd541829b2e582de9f2a4a4e0a2d0900bef4753db3cee0ee06c7dfae8b1d53b5953218f9cceea695b08668edeaadced9463b1d790d5ebf27e9115b46cad4d9a2b8efab0561b0810344739ada0733f", 16),
-                new BigInteger("010001", 16),
-                new BigInteger("6c66ffe98980c38fcdeab5159898836165f4b4b817c4f6a8d486ee4ea9130fe9b9092bd136d184f95f504a607eac565846d2fdd6597a8967c7396ef95a6eeebb4578a643966dca4d8ee3de842de63279c618159c1ab54a89437b6a6120e4930afb52a4ba6ced8a4947ac64b30a3497cbe701c2d6266d517219ad0ec6d347dbe9", 16),
-                new BigInteger("08dad7f11363faa623d5d6d5e8a319328d82190d7127d2846c439b0ab72619b0a43a95320e4ec34fc3a9cea876422305bd76c5ba7be9e2f410c8060645a1d29edb", 16),
-                new BigInteger("0847e732376fc7900f898ea82eb2b0fc418565fdae62f7d9ec4ce2217b97990dd272db157f99f63c0dcbb9fbacdbd4c4dadb6df67756358ca4174825b48f49706d", 16),
-                new BigInteger("05c2a83c124b3621a2aa57ea2c3efe035eff4560f33ddebb7adab81fce69a0c8c2edc16520dda83d59a23be867963ac65f2cc710bbcfb96ee103deb771d105fd85", 16),
-                new BigInteger("04cae8aa0d9faa165c87b682ec140b8ed3b50b24594b7a3b2c220b3669bb819f984f55310a1ae7823651d4a02e99447972595139363434e5e30a7e7d241551e1b9", 16),
-                new BigInteger("07d3e47bf686600b11ac283ce88dbb3f6051e8efd04680e44c171ef531b80b2b7c39fc766320e2cf15d8d99820e96ff30dc69691839c4b40d7b06e45307dc91f3f", 16));
-
-    // PSS Example 8.1
-
-    private byte[] msg8a = Hex.decode("81332f4be62948415ea1d899792eeacf6c6e1db1da8be13b5cea41db2fed467092e1ff398914c714259775f595f8547f735692a575e6923af78f22c6997ddb90fb6f72d7bb0dd5744a31decd3dc3685849836ed34aec596304ad11843c4f88489f209735f5fb7fdaf7cec8addc5818168f880acbf490d51005b7a8e84e43e54287977571dd99eea4b161eb2df1f5108f12a4142a83322edb05a75487a3435c9a78ce53ed93bc550857d7a9fb");
-
-    private byte[] slt8a = Hex.decode("1d65491d79c864b373009be6f6f2467bac4c78fa");
-
-    private byte[] sig8a = Hex.decode("0262ac254bfa77f3c1aca22c5179f8f040422b3c5bafd40a8f21cf0fa5a667ccd5993d42dbafb409c520e25fce2b1ee1e716577f1efa17f3da28052f40f0419b23106d7845aaf01125b698e7a4dfe92d3967bb00c4d0d35ba3552ab9a8b3eef07c7fecdbc5424ac4db1e20cb37d0b2744769940ea907e17fbbca673b20522380c5");
-
-    // PSS Example 8.2
-
-    private byte[] msg8b = Hex.decode("e2f96eaf0e05e7ba326ecca0ba7fd2f7c02356f3cede9d0faabf4fcc8e60a973e5595fd9ea08");
-
-    private byte[] slt8b = Hex.decode("435c098aa9909eb2377f1248b091b68987ff1838");
-
-    private byte[] sig8b = Hex.decode("2707b9ad5115c58c94e932e8ec0a280f56339e44a1b58d4ddcff2f312e5f34dcfe39e89c6a94dcee86dbbdae5b79ba4e0819a9e7bfd9d982e7ee6c86ee68396e8b3a14c9c8f34b178eb741f9d3f121109bf5c8172fada2e768f9ea1433032c004a8aa07eb990000a48dc94c8bac8aabe2b09b1aa46c0a2aa0e12f63fbba775ba7e");
-
-    //
-    // Example 9: A 1536-bit RSA key pair
-    //
-
-    private RSAKeyParameters pub9 = new RSAKeyParameters(false,
-                new BigInteger("e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b", 16),
-                new BigInteger("010001", 16));
-
-    private RSAKeyParameters prv9 = new RSAPrivateCrtKeyParameters(
-                new BigInteger("e6bd692ac96645790403fdd0f5beb8b9bf92ed10007fc365046419dd06c05c5b5b2f48ecf989e4ce269109979cbb40b4a0ad24d22483d1ee315ad4ccb1534268352691c524f6dd8e6c29d224cf246973aec86c5bf6b1401a850d1b9ad1bb8cbcec47b06f0f8c7f45d3fc8f319299c5433ddbc2b3053b47ded2ecd4a4caefd614833dc8bb622f317ed076b8057fe8de3f84480ad5e83e4a61904a4f248fb397027357e1d30e463139815c6fd4fd5ac5b8172a45230ecb6318a04f1455d84e5a8b", 16),
-                new BigInteger("010001", 16),
-                new BigInteger("6a7fd84fb85fad073b34406db74f8d61a6abc12196a961dd79565e9da6e5187bce2d980250f7359575359270d91590bb0e427c71460b55d51410b191bcf309fea131a92c8e702738fa719f1e0041f52e40e91f229f4d96a1e6f172e15596b4510a6daec26105f2bebc53316b87bdf21311666070e8dfee69d52c71a976caae79c72b68d28580dc686d9f5129d225f82b3d615513a882b3db91416b48ce08888213e37eeb9af800d81cab328ce420689903c00c7b5fd31b75503a6d419684d629", 16),
-                new BigInteger("f8eb97e98df12664eefdb761596a69ddcd0e76daece6ed4bf5a1b50ac086f7928a4d2f8726a77e515b74da41988f220b1cc87aa1fc810ce99a82f2d1ce821edced794c6941f42c7a1a0b8c4d28c75ec60b652279f6154a762aed165d47dee367", 16),
-                new BigInteger("ed4d71d0a6e24b93c2e5f6b4bbe05f5fb0afa042d204fe3378d365c2f288b6a8dad7efe45d153eef40cacc7b81ff934002d108994b94a5e4728cd9c963375ae49965bda55cbf0efed8d6553b4027f2d86208a6e6b489c176128092d629e49d3d", 16),
-                new BigInteger("2bb68bddfb0c4f56c8558bffaf892d8043037841e7fa81cfa61a38c5e39b901c8ee71122a5da2227bd6cdeeb481452c12ad3d61d5e4f776a0ab556591befe3e59e5a7fddb8345e1f2f35b9f4cee57c32414c086aec993e9353e480d9eec6289f", 16),
-                new BigInteger("4ff897709fad079746494578e70fd8546130eeab5627c49b080f05ee4ad9f3e4b7cba9d6a5dff113a41c3409336833f190816d8a6bc42e9bec56b7567d0f3c9c696db619b245d901dd856db7c8092e77e9a1cccd56ee4dba42c5fdb61aec2669", 16),
-                new BigInteger("77b9d1137b50404a982729316efafc7dfe66d34e5a182600d5f30a0a8512051c560d081d4d0a1835ec3d25a60f4e4d6aa948b2bf3dbb5b124cbbc3489255a3a948372f6978496745f943e1db4f18382ceaa505dfc65757bb3f857a58dce52156", 16));
-
-    // PSS Example 9.1
-
-    private byte[] msg9a = Hex.decode("a88e265855e9d7ca36c68795f0b31b591cd6587c71d060a0b3f7f3eaef43795922028bc2b6ad467cfc2d7f659c5385aa70ba3672cdde4cfe4970cc7904601b278872bf51321c4a972f3c95570f3445d4f57980e0f20df54846e6a52c668f1288c03f95006ea32f562d40d52af9feb32f0fa06db65b588a237b34e592d55cf979f903a642ef64d2ed542aa8c77dc1dd762f45a59303ed75e541ca271e2b60ca709e44fa0661131e8d5d4163fd8d398566ce26de8730e72f9cca737641c244159420637028df0a18079d6208ea8b4711a2c750f5");
-
-    private byte[] slt9a = Hex.decode("c0a425313df8d7564bd2434d311523d5257eed80");
-
-    private byte[] sig9a = Hex.decode("586107226c3ce013a7c8f04d1a6a2959bb4b8e205ba43a27b50f124111bc35ef589b039f5932187cb696d7d9a32c0c38300a5cdda4834b62d2eb240af33f79d13dfbf095bf599e0d9686948c1964747b67e89c9aba5cd85016236f566cc5802cb13ead51bc7ca6bef3b94dcbdbb1d570469771df0e00b1a8a06777472d2316279edae86474668d4e1efff95f1de61c6020da32ae92bbf16520fef3cf4d88f61121f24bbd9fe91b59caf1235b2a93ff81fc403addf4ebdea84934a9cdaf8e1a9e");
-
-    // PSS Example 9.2
-
-    private byte[] msg9b = Hex.decode("c8c9c6af04acda414d227ef23e0820c3732c500dc87275e95b0d095413993c2658bc1d988581ba879c2d201f14cb88ced153a01969a7bf0a7be79c84c1486bc12b3fa6c59871b6827c8ce253ca5fefa8a8c690bf326e8e37cdb96d90a82ebab69f86350e1822e8bd536a2e");
-
-    private byte[] slt9b = Hex.decode("b307c43b4850a8dac2f15f32e37839ef8c5c0e91");
-
-    private byte[] sig9b = Hex.decode("80b6d643255209f0a456763897ac9ed259d459b49c2887e5882ecb4434cfd66dd7e1699375381e51cd7f554f2c271704b399d42b4be2540a0eca61951f55267f7c2878c122842dadb28b01bd5f8c025f7e228418a673c03d6bc0c736d0a29546bd67f786d9d692ccea778d71d98c2063b7a71092187a4d35af108111d83e83eae46c46aa34277e06044589903788f1d5e7cee25fb485e92949118814d6f2c3ee361489016f327fb5bc517eb50470bffa1afa5f4ce9aa0ce5b8ee19bf5501b958");
-
-
-    public String getName()
-    {
-        return "PSSTest";
-    }
-
-    private void testSig(
-        int                 id,
-        RSAKeyParameters    pub,
-        RSAKeyParameters    prv,
-        byte[]              slt,
-        byte[]              msg,
-        byte[]              sig)
-        throws Exception
-    {
-        PSSSigner           eng = new PSSSigner(new RSAEngine(), new SHA1Digest(), 20);
-
-        eng.init(true, new ParametersWithRandom(prv, new FixedRandom(slt)));
-
-        eng.update(msg, 0, msg.length);
-
-        byte[]  s = eng.generateSignature();
-
-        if (!areEqual(s, sig))
-        {
-            fail("test " + id + " failed generation");
-        }
-
-        eng.init(false, pub);
-
-        eng.update(msg, 0, msg.length);
-
-        if (!eng.verifySignature(s))
-        {
-            fail("test " + id + " failed verification");
-        }
-    }
-        
-    public void performTest()
-        throws Exception
-    {
-        testSig(1, pub1, prv1, slt1a, msg1a, sig1a);
-        testSig(2, pub1, prv1, slt1b, msg1b, sig1b);
-        testSig(3, pub2, prv2, slt2a, msg2a, sig2a);
-        testSig(4, pub2, prv2, slt2b, msg2b, sig2b);
-        testSig(5, pub4, prv4, slt4a, msg4a, sig4a);
-        testSig(6, pub4, prv4, slt4b, msg4b, sig4b);
-        testSig(7, pub8, prv8, slt8a, msg8a, sig8a);
-        testSig(8, pub8, prv8, slt8b, msg8b, sig8b);
-        testSig(9, pub9, prv9, slt9a, msg9a, sig9a);
-        testSig(10, pub9, prv9, slt9b, msg9b, sig9b);
-
-        //
-        // loop test  - sha-1 only
-        //
-        PSSSigner           eng = new PSSSigner(new RSAEngine(), new SHA1Digest(), 20);
-        int failed = 0;
-        byte[] data = new byte[DATA_LENGTH];
-
-        SecureRandom    random = new SecureRandom();
-        random.nextBytes(data);
-        
-        for (int j = 0; j < NUM_TESTS; j++)
-        {
-            eng.init(true, new ParametersWithRandom(prv8, random));
-
-            eng.update(data, 0, data.length);
-
-            byte[] s = eng.generateSignature();
-
-            eng.init(false, pub8);
-
-            eng.update(data, 0, data.length);
-
-            if (!eng.verifySignature(s))
-            {
-                failed++;
-            }
-        }
-        
-        if (failed != 0)
-        {
-            fail("loop test failed - failures: " + failed);
-        }
-
-         //
-        // loop test - sha-256 and sha-1
-        //
-        eng = new PSSSigner(new RSAEngine(), new SHA256Digest(), new SHA1Digest(), 20);
-        failed = 0;
-        data = new byte[DATA_LENGTH];
-
-        random.nextBytes(data);
-
-        for (int j = 0; j < NUM_TESTS; j++)
-        {
-            eng.init(true, new ParametersWithRandom(prv8, random));
-
-            eng.update(data, 0, data.length);
-
-            byte[] s = eng.generateSignature();
-
-            eng.init(false, pub8);
-
-            eng.update(data, 0, data.length);
-
-            if (!eng.verifySignature(s))
-            {
-                failed++;
-            }
-        }
-
-        if (failed != 0)
-        {
-            fail("loop test failed - failures: " + failed);
-        }
-
-        fixedSaltTest();
-    }
-
-    private void fixedSaltTest()
-        throws Exception
-    {
-        byte[] data = Hex.decode("010203040506070809101112131415");
-
-        PSSSigner eng = new PSSSigner(new RSAEngine(), new SHA256Digest(), new SHA1Digest(), Hex.decode("deadbeef"));
-
-        eng.init(true, prv8);
-
-        eng.update(data, 0, data.length);
-
-        byte[] s = eng.generateSignature();
-
-        eng.init(false, pub8);
-
-        eng.update(data, 0, data.length);
-
-        if (!eng.verifySignature(s))
-        {
-            fail("fixed salt failed");
-        }
-
-        // test failure
-        eng = new PSSSigner(new RSAEngine(), new SHA256Digest(), new SHA1Digest(), Hex.decode("beefbeef"));
-
-        eng.init(false, pub8);
-
-        eng.update(data, 0, data.length);
-
-        if (eng.verifySignature(s))
-        {
-            fail("fixed salt failure verfied");
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new PSSTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/PaddingTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/PaddingTest.java
deleted file mode 100644
index c963b26..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/PaddingTest.java
+++ /dev/null

@@ -1,200 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.engines.DESEngine;
-import org.bouncycastle.crypto.paddings.BlockCipherPadding;
-import org.bouncycastle.crypto.paddings.ISO10126d2Padding;
-import org.bouncycastle.crypto.paddings.ISO7816d4Padding;
-import org.bouncycastle.crypto.paddings.PKCS7Padding;
-import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
-import org.bouncycastle.crypto.paddings.TBCPadding;
-import org.bouncycastle.crypto.paddings.X923Padding;
-import org.bouncycastle.crypto.paddings.ZeroBytePadding;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * General Padding tests.
- */
-public class PaddingTest
-    extends SimpleTest
-{
-    public PaddingTest()
-    {
-    }
-
-    private void blockCheck(
-        PaddedBufferedBlockCipher   cipher,
-        BlockCipherPadding          padding,
-        KeyParameter                key,
-        byte[]                      data)
-    {
-        byte[]  out = new byte[data.length + 8];
-        byte[]  dec = new byte[data.length];
-        
-        try
-        {                
-            cipher.init(true, key);
-            
-            int    len = cipher.processBytes(data, 0, data.length, out, 0);
-            
-            len += cipher.doFinal(out, len);
-            
-            cipher.init(false, key);
-            
-            int    decLen = cipher.processBytes(out, 0, len, dec, 0);
-            
-            decLen += cipher.doFinal(dec, decLen);
-            
-            if (!areEqual(data, dec))
-            {
-                fail("failed to decrypt - i = " + data.length + ", padding = " + padding.getPaddingName());
-            }
-        }
-        catch (Exception e)
-        {
-            fail("Exception - " + e.toString(), e);
-        }
-    }
-    
-    public void testPadding(
-        BlockCipherPadding  padding,
-        SecureRandom        rand,
-        byte[]              ffVector,
-        byte[]              ZeroVector)
-    {
-        PaddedBufferedBlockCipher    cipher = new PaddedBufferedBlockCipher(new DESEngine(), padding);
-        KeyParameter                 key = new KeyParameter(Hex.decode("0011223344556677"));
-        
-        //
-        // ff test
-        //
-        byte[]    data = { (byte)0xff, (byte)0xff, (byte)0xff, (byte)0, (byte)0, (byte)0, (byte)0, (byte)0 };
-        
-        if (ffVector != null)
-        {
-            padding.addPadding(data, 3);
-            
-            if (!areEqual(data, ffVector))
-            {
-                fail("failed ff test for " + padding.getPaddingName());
-            }
-        }
-        
-        //
-        // zero test
-        //
-        if (ZeroVector != null)
-        {
-            data = new byte[8];
-            padding.addPadding(data, 4);
-            
-            if (!areEqual(data, ZeroVector))
-            {
-                fail("failed zero test for " + padding.getPaddingName());
-            }
-        }
-        
-        for (int i = 1; i != 200; i++)
-        {
-            data = new byte[i];
-            
-            rand.nextBytes(data);
-
-            blockCheck(cipher, padding, key, data);
-        }
-    }
-    
-    private void testOutputSizes()
-    {
-        PaddedBufferedBlockCipher bc = new PaddedBufferedBlockCipher(new DESEngine(), new PKCS7Padding());
-        KeyParameter key = new KeyParameter(Hex.decode("0011223344556677"));
-
-        for (int i = 0; i < bc.getBlockSize() * 2; i++)
-        {
-            bc.init(true, key);
-            if (bc.getUpdateOutputSize(i) < 0)
-            {
-                fail("Padded cipher encrypt negative update output size for input size " + i);
-            }
-            if (bc.getOutputSize(i) < 0)
-            {
-                fail("Padded cipher encrypt negative output size for input size " + i);
-            }
-
-            bc.init(false, key);
-            if (bc.getUpdateOutputSize(i) < 0)
-            {
-                fail("Padded cipher decrypt negative update output size for input size " + i);
-            }
-            if (bc.getOutputSize(i) < 0)
-            {
-                fail("Padded cipher decrypt negative output size for input size " + i);
-            }
-
-        }
-    }
-
-    public void performTest()
-    {
-        SecureRandom    rand = new SecureRandom(new byte[20]);
-        
-        rand.setSeed(System.currentTimeMillis());
-        
-        testPadding(new PKCS7Padding(), rand,
-                                    Hex.decode("ffffff0505050505"),
-                                    Hex.decode("0000000004040404"));
-
-        PKCS7Padding padder = new PKCS7Padding();
-        try
-        {
-            padder.padCount(new byte[8]);
-
-            fail("invalid padding not detected");
-        }
-        catch (InvalidCipherTextException e)
-        {
-            if (!"pad block corrupted".equals(e.getMessage()))
-            {
-                fail("wrong exception for corrupt padding: " + e);
-            }
-        } 
-
-        testPadding(new ISO10126d2Padding(), rand,
-                                    null,
-                                    null);
-        
-        testPadding(new X923Padding(), rand,
-                                    null,
-                                    null);
-
-        testPadding(new TBCPadding(), rand,
-                                    Hex.decode("ffffff0000000000"),
-                                    Hex.decode("00000000ffffffff"));
-
-        testPadding(new ZeroBytePadding(), rand,
-                                    Hex.decode("ffffff0000000000"),
-                                    null);
-        
-        testPadding(new ISO7816d4Padding(), rand,
-                                    Hex.decode("ffffff8000000000"),
-                                    Hex.decode("0000000080000000"));
-
-        testOutputSizes();
-
-    }
-
-    public String getName()
-    {
-        return "PaddingTest";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new PaddingTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/Poly1305Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/Poly1305Test.java
deleted file mode 100644
index f5f6869..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/Poly1305Test.java
+++ /dev/null

@@ -1,512 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.engines.AESEngine;
-import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
-import org.bouncycastle.crypto.macs.Poly1305;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/*
- */
-public class Poly1305Test
-    extends SimpleTest
-{
-    private static final int MAXLEN = 1000;
-
-    private static class TestCase
-    {
-        private final byte[] key;
-        private final byte[] nonce;
-        private final byte[] message;
-        private final byte[] expectedMac;
-
-        public TestCase(String key, String nonce, String message, String expectedMac)
-        {
-            this.key = Hex.decode(key);
-            // nacl test case keys are not pre-clamped
-            Poly1305KeyGenerator.clamp(this.key);
-            this.nonce = (nonce == null) ? null : Hex.decode(nonce);
-            this.message = Hex.decode(message);
-            this.expectedMac = Hex.decode(expectedMac);
-        }
-    }
-
-    private static TestCase[] CASES = {
-        // Raw Poly1305
-        // onetimeauth.c from nacl-20110221
-        new TestCase("eea6a7251c1e72916d11c2cb214d3c25" + "2539121d8e234e652d651fa4c8cff880", null,
-            "8e993b9f48681273c29650ba32fc76ce48332ea7164d96a4476fb8c531a1186a"
-                + "c0dfc17c98dce87b4da7f011ec48c97271d2c20f9b928fe2270d6fb863d51738"
-                + "b48eeee314a7cc8ab932164548e526ae90224368517acfeabd6bb3732bc0e9da"
-                + "99832b61ca01b6de56244a9e88d5f9b37973f622a43d14a6599b1f654cb45a74e355a5",
-            "f3ffc7703f9400e52a7dfb4b3d3305d9"),
-        // Poly1305-AES
-        // Loop 1 of test-poly1305aes from poly1305aes-20050218
-        new TestCase("0000000000000000000000000000000000000000000000000000000000000000",
-            "00000000000000000000000000000000", "", "66e94bd4ef8a2c3b884cfa59ca342b2e"),
-        new TestCase("f795bd0a50e29e0710d3130a20e98d0c" + "f795bd4a52e29ed713d313fa20e98dbc",
-            "917cf69ebd68b2ec9b9fe9a3eadda692", "66f7", "5ca585c75e8f8f025e710cabc9a1508b"),
-        new TestCase("3ef49901c8e11c000430d90ad45e7603" + "e69dae0aab9f91c03a325dcc9436fa90",
-            "166450152e2394835606a9d1dd2cdc8b", "66f75c0e0c7a406586", "2924f51b9c2eff5df09db61dd03a9ca1"),
-        new TestCase("da4afc035087d90e503f8f0ea08c3e0d" + "85a4ea91a7de0b0d96eed0d4bf6ecf1c",
-            "0b6ef7a0b8f8c738b0f8d5995415271f",
-            "66f75c0e0c7a40658629e3392f7f8e3349a02191ffd49f39879a8d9d1d0e23ea",
-            "3c5a13adb18d31c64cc29972030c917d"),
-        new TestCase(
-            "ca3c6a0da0a864024ca3090628c28e0d" + "25eb69bac5cdf7d6bfcee4d9d5507b82",
-            "046772a4f0a8de92e4f0d628cdb04484",
-            "66f75c0e0c7a40658629e3392f7f8e3349a02191ffd49f39879a8d9d1d0e23ea3caa4d240bd2ab8a8c4a6bb8d3288d9de4b793f05e97646dd4d98055de",
-            "fc5fb58dc65daf19b14d1d05da1064e8"),
-        // Specific test cases generated from test-poly1305aes from poly1305aes-20050218 that
-        // expose Java unsigned integer problems
-        new TestCase(
-            "01bcb20bfc8b6e03609ddd09f44b060f" + "95cc0e44d0b79a8856afcae1bec4fe3c",
-            null,
-            "66f75c0e0c7a40658629e3392f7f8e3349a02191ffd49f39879a8d9d1d0e23ea3caa4d240bd2ab8a8c4a6bb8d3288d9de4b793f05e97646dd4d98055de"
-                + "fc3e0677d956b4c62664bac15962ab15d93ccbbc03aafdbde779162ed93b55361f0f8acaa41d50ef5175927fe79ea316186516eef15001cd04d3524a55"
-                + "e4fa3c5ca479d3aaa8a897c21807f721b6270ffc68b6889d81a116799f6aaa35d8e04c7a7dd5e6da2519e8759f54e906696f5772fee093283bcef7b930"
-                + "aed50323bcbc8c820c67422c1e16bdc022a9c0277c9d95fef0ea4ee11e2b27276da811523c5acb80154989f8a67ee9e3fa30b73b0c1c34bf46e3464d97"
-                + "7cd7fcd0ac3b82721080bb0d9b982ee2c77feee983d7ba35da88ce86955002940652ab63bc56fb16f994da2b01d74356509d7d1b6d7956b0e5a557757b"
-                + "d1ced2eef8650bc5b6d426108c1518abcbd0befb6a0d5fd57a3e2dbf31458eab63df66613653d4beae73f5c40eb438fbcfdcf4a4ba46320184b9ca0da4"
-                + "dfae77de7ccc910356caea3243f33a3c81b064b3b7cedc7435c223f664227215715980e6e0bb570d459ba80d7512dbe458c8f0f3f52d659b6e8eef19ee"
-                + "71aea2ced85c7a42ffca6522a62db49a2a46eff72bd7f7e0883acd087183f0627f3537a4d558754ed63358e8182bee196735b361dc9bd64d5e34e1074a"
-                + "855655d2974cc6fa1653754cf40f561d8c7dc526aab2908ec2d2b977cde1a1fb1071e32f40e049ea20f30368ba1592b4fe57fb51595d23acbdace324cd"
-                + "d78060a17187c662368854e915402d9b52fb21e984663e41c26a109437e162cfaf071b53f77e50000a5388ff183b82ce7a1af476c416d7d204157b3633"
-                + "b2f4ec077b699b032816997e37bceded8d4a04976fd7d0c0b029f290794c3be504c5242287ea2f831f11ed5690d92775cd6e863d7731fd4da687ebfb13"
-                + "df4c41dc0fb8", "ae345d555eb04d6947bb95c0965237e2"),
-        new TestCase(
-            "cd07fd0ef8c0be0afcbdb30af4af0009" + "76fb3635a2dc92a1f768163ab12f2187",
-            null,
-            "f05204a74f0f88a7fa1a95b84ec3d8ffb36fcdc7723ea65dfe7cd464e86e0abf6b9d51db3220cfd8496ad6e6d36ebee8d990f9ce0d3bb7f72b7ab5b3ab0a73240d11efe772c857021ae859db4933cdde4387b471d2ce700fef4b81087f8f47c307881fd83017afcd15b8d21edf9b704677f46df97b07e5b83f87c8abd90af9b1d0f9e2710e8ebd0d4d1c6a055abea861f42368bed94d9373e909c1d3715b221c16bc524c55c31ec3eab204850bb2474a84f9917038eff9d921130951391b5c54f09b5e1de833ea2cd7d3b306740abb7096d1e173da83427da2adddd3631eda30b54dbf487f2b082e8646f07d6e0a87e97522ca38d4ace4954bf3db6dd3a93b06fa18eb56856627ed6cffcd7ae26374554ca18ab8905f26331d323fe10e6e70624c7bc07a70f06ecd804b48f8f7e75e910165e1beb554f1f0ec7949c9c8d429a206b4d5c0653102249b6098e6b45fac2a07ff0220b0b8ae8f4c6bcc0c813a7cd141fa8b398b42575fc395747c5a0257ac41d6c1f434cfbf5dfe8349f5347ef6b60e611f5d6c3cbc20ca2555274d1934325824cef4809da293ea13f181929e2af025bbd1c9abdc3af93afd4c50a2854ade3887f4d2c8c225168052c16e74d76d2dd3e9467a2c5b8e15c06ffbffa42b8536384139f07e195a8c9f70f514f31dca4eb2cf262c0dcbde53654b6250a29efe21d54e83c80e005a1cad36d5934ff01c32e4bc5fe06d03064ff4a268517df4a94c759289f323734318cfa5d859d4ce9c16e63d02dff0896976f521607638535d2ee8dd3312e1ddc80a55d34fe829ab954c1ebd54d929954770f1be9d32b4c05003c5c9e97943b6431e2afe820b1e967b19843e5985a131b1100517cdc363799104af91e2cf3f53cb8fd003653a6dd8a31a3f9d566a7124b0ffe9695bcb87c482eb60106f88198f766a40bc0f4873c23653c5f9e7a8e446f770beb8034cf01d21028ba15ccee21a8db918c4829d61c88bfa927bc5def831501796c5b401a60a6b1b433c9fb905c8cd40412fffee81ab",
-            "045be28cc52009f506bdbfabedacf0b4"),
-        // Test case from JIRA issue BJA-620
-        new TestCase(
-            "ffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffff",
-            null,
-              "ffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffff"
-            + "ffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffff"
-            + "ffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffff"
-            + "ffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffffff" + "ffffffffffffffffffffffffffffff",
-            "c80cb43844f387946e5aa6085bdf67da")
-        
-
-    };
-
-    public String getName()
-    {
-        return "Poly1305";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        testKeyGenerator();
-        testInit();
-        for (int i = 0; i < CASES.length; i++)
-        {
-            testCase(i);
-        }
-        testSequential();
-        testReset();
-        rfc7539Test();
-    }
-
-    private void testCase(int i)
-    {
-        byte[] out = new byte[16];
-        TestCase tc = CASES[i];
-
-        final Mac mac;
-        if (tc.nonce == null)
-        {
-            // Raw Poly1305 test - don't do any transform on AES key part
-            mac = new Poly1305();
-            mac.init(new KeyParameter(tc.key));
-        }
-        else
-        {
-            mac = new Poly1305(new AESEngine());
-            mac.init(new ParametersWithIV(new KeyParameter(tc.key), tc.nonce));
-        }
-        mac.update(tc.message, 0, tc.message.length);
-        mac.doFinal(out, 0);
-
-        if (!Arrays.areEqual(out, tc.expectedMac))
-        {
-            fail("Mismatched output " + i, new String(Hex.encode(tc.expectedMac)), new String(Hex.encode(out)));
-        }
-    }
-
-    private void testSequential()
-    {
-        // Sequential test, adapted from test-poly1305aes
-        int len;
-        byte[] kr = new byte[32];
-        byte[] m = new byte[MAXLEN];
-        byte[] n = new byte[16];
-        byte[] out = new byte[16];
-
-        int c = 0;
-        final Mac mac = new Poly1305(new AESEngine());
-        for (int loop = 0; loop < 13; loop++)
-        {
-            len = 0;
-            for (; ; )
-            {
-                c++;
-                mac.init(new ParametersWithIV(new KeyParameter(kr), n));
-                mac.update(m, 0, len);
-                mac.doFinal(out, 0);
-
-                // if (c == 678)
-                // {
-                // TestCase tc = CASES[0];
-                //
-                // if (!Arrays.areEqual(tc.key, kr))
-                // {
-                // System.err.println("Key bad");
-                // System.err.println(new String(Hex.encode(tc.key)));
-                // System.err.println(new String(Hex.encode(kr)));
-                // System.exit(1);
-                // }
-                // if (!Arrays.areEqual(tc.nonce, n))
-                // {
-                // System.err.println("Nonce bad");
-                // System.exit(1);
-                // }
-                // System.out.printf("[%d] m: %s\n", c, new String(Hex.encode(m, 0, len)));
-                // System.out.printf("[%d] K: %s\n", c, new String(Hex.encodje(kr)));
-                // System.out.printf("[%d] N: %s\n", c, new String(Hex.encode(n)));
-                // System.out.printf("[%d] M: ", c);
-                // }
-                // System.out.printf("%d/%s\n", c, new String(Hex.encode(out)));
-
-                if (len >= MAXLEN)
-                {
-                    break;
-                }
-                n[0] ^= loop;
-                for (int i = 0; i < 16; ++i)
-                {
-                    n[i] ^= out[i];
-                }
-                if (len % 2 != 0)
-                {
-                    for (int i = 0; i < 16; ++i)
-                    {
-                        kr[i] ^= out[i];
-                    }
-                }
-                if (len % 3 != 0)
-                {
-                    for (int i = 0; i < 16; ++i)
-                    {
-                        kr[i + 16] ^= out[i];
-                    }
-                }
-                Poly1305KeyGenerator.clamp(kr);
-                m[len++] ^= out[0];
-            }
-        }
-        // Output after 13 loops as generated by poly1305 ref
-        if (c != 13013 || !Arrays.areEqual(out, Hex.decode("89824ddf0816481051f4a82731cd56d5")))
-        {
-            fail("Sequential Poly1305 " + c, "89824ddf0816481051f4a82731cd56d5", new String(Hex.encode(out)));
-        }
-    }
-
-    private void testReset()
-    {
-        CipherKeyGenerator gen = new Poly1305KeyGenerator();
-        gen.init(new KeyGenerationParameters(new SecureRandom(), 256));
-        byte[] k = gen.generateKey();
-
-        byte[] m = new byte[10000];
-        byte[] check = new byte[16];
-        byte[] out = new byte[16];
-
-        // Generate baseline
-        Mac poly = new Poly1305(new AESEngine());
-        poly.init(new ParametersWithIV(new KeyParameter(k), new byte[16]));
-
-        poly.update(m, 0, m.length);
-        poly.doFinal(check, 0);
-
-        // Check reset after doFinal
-        poly.update(m, 0, m.length);
-        poly.doFinal(out, 0);
-
-        if (!Arrays.areEqual(check, out))
-        {
-            fail("Mac not reset after doFinal");
-        }
-
-        // Check reset
-        poly.update((byte)1);
-        poly.update((byte)2);
-        poly.reset();
-        poly.update(m, 0, m.length);
-        poly.doFinal(out, 0);
-
-        if (!Arrays.areEqual(check, out))
-        {
-            fail("Mac not reset after doFinal");
-        }
-
-        // Check init resets
-        poly.update((byte)1);
-        poly.update((byte)2);
-        poly.init(new ParametersWithIV(new KeyParameter(k), new byte[16]));
-        poly.update(m, 0, m.length);
-        poly.doFinal(out, 0);
-
-        if (!Arrays.areEqual(check, out))
-        {
-            fail("Mac not reset after doFinal");
-        }
-    }
-
-    private void testInit()
-    {
-        CipherKeyGenerator gen = new Poly1305KeyGenerator();
-        gen.init(new KeyGenerationParameters(new SecureRandom(), 256));
-        byte[] k = gen.generateKey();
-
-        Mac poly = new Poly1305(new AESEngine());
-        poly.init(new ParametersWithIV(new KeyParameter(k), new byte[16]));
-
-        try
-        {
-            poly.init(new ParametersWithIV(new KeyParameter(k), new byte[15]));
-            fail("16 byte nonce required");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // Expected
-        }
-
-        try
-        {
-            byte[] k2 = new byte[k.length - 1];
-            System.arraycopy(k, 0, k2, 0, k2.length);
-            poly.init(new ParametersWithIV(new KeyParameter(k2), new byte[16]));
-            fail("32 byte key required");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // Expected
-        }
-        /*
-        try
-        {
-            k[19] = (byte)0xFF;
-            poly.init(new ParametersWithIV(new KeyParameter(k), new byte[16]));
-            fail("Unclamped key should not be accepted.");
-        } catch (IllegalArgumentException e)
-        {
-            // Expected
-        }
-       */
-    }
-
-    private void testKeyGenerator()
-    {
-        CipherKeyGenerator gen = new Poly1305KeyGenerator();
-        gen.init(new KeyGenerationParameters(new SecureRandom(), 256));
-        byte[] k = gen.generateKey();
-
-        if (k.length != 32)
-        {
-            fail("Poly1305 key should be 256 bits.");
-        }
-
-        try
-        {
-            Poly1305KeyGenerator.checkKey(k);
-        }
-        catch (IllegalArgumentException e)
-        {
-            fail("Poly1305 key should be clamped on generation.");
-        }
-
-        byte[] k2 = new byte[k.length];
-        System.arraycopy(k, 0, k2, 0, k2.length);
-        Poly1305KeyGenerator.clamp(k);
-        if (!Arrays.areEqual(k, k2))
-        {
-            fail("Poly1305 key should be clamped on generation.");
-        }
-         /*
-        try
-        {
-            k2[19] = (byte)0xff;
-            Poly1305KeyGenerator.checkKey(k2);
-            fail("Unclamped key should fail check.");
-        } catch (IllegalArgumentException e)
-        {
-            // Expected
-        }
-        */
-    }
-
-    public void rfc7539Test()
-    {
-        // From RFC 7539
-        byte[] keyMaterial = Hex.decode("85d6be7857556d337f4452fe42d506a80103808afb0db2fd4abff6af4149f51b");
-        byte[] data = Hex.decode("43727970746f677261706869 63 20 46 6f 72 75 6d 20 52 65 73 65 61 72 63 68 20 47 72 6f7570");
-        byte[] expected = Hex.decode("a8061dc1305136c6c22b8baf0c0127a9");
-
-        checkVector(keyMaterial, data, expected);
-
-        data = Hex.decode("48656c6c6f20776f726c6421");
-        keyMaterial = Hex.decode(
-            "746869732069732033322d6279746520" +
-                "6b657920666f7220506f6c7931333035");
-
-        checkVector(keyMaterial, data, Hex.decode("a6f745008f81c916a20dcc74eef2b2f0"));
-
-        // A.3 #1
-        keyMaterial = Hex.decode("00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00");
-
-        data = Hex.decode(
-            "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00"
-                + "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00"
-                + "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00"
-                + "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00");
-
-        checkVector(keyMaterial, data, Hex.decode("00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00"));
-
-        // A.3 #2
-        keyMaterial = Hex.decode("00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0036 e5 f6 b5 c5 e0 60 70 f0 ef ca 96 22 7a 86 3e");
-
-        data = Hex.decode(
-            "41 6e 79 20 73 75 62 6d 69 73 73 69 6f 6e 20 74"
-                + "6f 20 74 68 65 20 49 45 54 46 20 69 6e 74 65 6e"
-                + "64 65 64 20 62 79 20 74 68 65 20 43 6f 6e 74 72"
-                + "69 62 75 74 6f 72 20 66 6f 72 20 70 75 62 6c 69"
-                + "63 61 74 69 6f 6e 20 61 73 20 61 6c 6c 20 6f 72"
-                + "20 70 61 72 74 20 6f 66 20 61 6e 20 49 45 54 46"
-                + "20 49 6e 74 65 72 6e 65 74 2d 44 72 61 66 74 20"
-                + "6f 72 20 52 46 43 20 61 6e 64 20 61 6e 79 20 73"
-                + "74 61 74 65 6d 65 6e 74 20 6d 61 64 65 20 77 69"
-                + "74 68 69 6e 20 74 68 65 20 63 6f 6e 74 65 78 74"
-                + "20 6f 66 20 61 6e 20 49 45 54 46 20 61 63 74 69"
-                + "76 69 74 79 20 69 73 20 63 6f 6e 73 69 64 65 72"
-                + "65 64 20 61 6e 20 22 49 45 54 46 20 43 6f 6e 74"
-                + "72 69 62 75 74 69 6f 6e 22 2e 20 53 75 63 68 20"
-                + "73 74 61 74 65 6d 65 6e 74 73 20 69 6e 63 6c 75"
-                + "64 65 20 6f 72 61 6c 20 73 74 61 74 65 6d 65 6e"
-                + "74 73 20 69 6e 20 49 45 54 46 20 73 65 73 73 69"
-                + "6f 6e 73 2c 20 61 73 20 77 65 6c 6c 20 61 73 20"
-                + "77 72 69 74 74 65 6e 20 61 6e 64 20 65 6c 65 63"
-                + "74 72 6f 6e 69 63 20 63 6f 6d 6d 75 6e 69 63 61"
-                + "74 69 6f 6e 73 20 6d 61 64 65 20 61 74 20 61 6e"
-                + "79 20 74 69 6d 65 20 6f 72 20 70 6c 61 63 65 2c"
-                + "20 77 68 69 63 68 20 61 72 65 20 61 64 64 72 65"
-                + "73 73 65 64 20 74 6f");
-
-        checkVector(keyMaterial, data, Hex.decode("36 e5 f6 b5 c5 e0 60 70 f0 ef ca 96 22 7a 86 3e"));
-
-        // A.3 #3
-        keyMaterial = Hex.decode("36 e5 f6 b5 c5 e0 60 70 f0 ef ca 96 22 7a 86 3e00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00");
-
-        checkVector(keyMaterial, data, Hex.decode("f3 47 7e 7c d9 54 17 af 89 a6 b8 79 4c 31 0c f0"));
-
-        // A.3 #4
-
-        keyMaterial = Hex.decode("1c 92 40 a5 eb 55 d3 8a f3 33 88 86 04 f6 b5 f0 47 39 17 c1 40 2b 80 09 9d ca 5c bc 20 70 75 c0");
-
-        data = Hex.decode(
-            "27 54 77 61 73 20 62 72 69 6c 6c 69 67 2c 20 61"
-                + "6e 64 20 74 68 65 20 73 6c 69 74 68 79 20 74 6f"
-                + "76 65 73 0a 44 69 64 20 67 79 72 65 20 61 6e 64"
-                + "20 67 69 6d 62 6c 65 20 69 6e 20 74 68 65 20 77"
-                + "61 62 65 3a 0a 41 6c 6c 20 6d 69 6d 73 79 20 77"
-                + "65 72 65 20 74 68 65 20 62 6f 72 6f 67 6f 76 65"
-                + "73 2c 0a 41 6e 64 20 74 68 65 20 6d 6f 6d 65 20"
-                + "72 61 74 68 73 20 6f 75 74 67 72 61 62 65 2e");
-
-        checkVector(keyMaterial, data, Hex.decode("45 41 66 9a 7e aa ee 61 e7 08 dc 7c bc c5 eb 62"));
-
-        // A.3 #5
-        keyMaterial = Hex.decode("02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00");
-        data = Hex.decode("FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF");
-
-        checkVector(keyMaterial, data, Hex.decode("03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00"));
-
-        // A.3 #6
-        keyMaterial = Hex.decode("02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF");
-        data = Hex.decode("02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00");
-
-        checkVector(keyMaterial, data, Hex.decode("03 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00"));
-
-        // A.3 #7
-        keyMaterial = Hex.decode("01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00");
-        data = Hex.decode("FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FFF0 FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF11 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00");
-
-        checkVector(keyMaterial, data, Hex.decode("05 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00"));
-
-        // A.3 #8
-        keyMaterial = Hex.decode("01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00");
-        data = Hex.decode("FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF FFFB FE FE FE FE FE FE FE FE FE FE FE FE FE FE FE01 01 01 01 01 01 01 01 01 01 01 01 01 01 01 01");
-
-        checkVector(keyMaterial, data, Hex.decode("00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00"));
-
-        // A.3 #9
-        keyMaterial = Hex.decode("02 00 00 00 00 00 00 00 00 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00");
-        data = Hex.decode("FD FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF");
-
-        checkVector(keyMaterial, data, Hex.decode("FA FF FF FF FF FF FF FF FF FF FF FF FF FF FF FF"));
-
-        // A.3 #10
-        keyMaterial = Hex.decode("01 00 00 00 00 00 00 00 04 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00");
-        data = Hex.decode(
-            "E3 35 94 D7 50 5E 43 B9 00 00 00 00 00 00 00 00"
-                + "33 94 D7 50 5E 43 79 CD 01 00 00 00 00 00 00 00"
-                + "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00"
-                + "01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00");
-
-        checkVector(keyMaterial, data, Hex.decode("14 00 00 00 00 00 00 00 55 00 00 00 00 00 00 00"));
-
-        // A.3 #11
-        keyMaterial = Hex.decode("01 00 00 00 00 00 00 00 04 00 00 00 00 00 00 0000 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00");
-        data = Hex.decode(
-            "E3 35 94 D7 50 5E 43 B9 00 00 00 00 00 00 00 00"
-                + "33 94 D7 50 5E 43 79 CD 01 00 00 00 00 00 00 00"
-                + "00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00");
-
-        checkVector(keyMaterial, data, Hex.decode("13 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00"));
-    }
-
-    private void checkVector(byte[] keyMaterial, byte[] input, byte[] tag)
-    {
-        Poly1305 poly1305 = new Poly1305();
-
-        poly1305.init(new KeyParameter(keyMaterial));
-
-        poly1305.update(input, 0, input.length);
-
-        byte[] mac = new byte[poly1305.getMacSize()];
-
-        poly1305.doFinal(mac, 0);
-
-        if (!Arrays.areEqual(tag, mac))
-        {
-            fail("rfc7539", Hex.toHexString(tag), Hex.toHexString(mac));
-        }
-    }
-
-    public static void main(String[] args)
-        throws Exception
-    {
-        runTest(new Poly1305Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/RC2Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/RC2Test.java
deleted file mode 100644
index 3c4e569..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/RC2Test.java
+++ /dev/null

@@ -1,66 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.engines.RC2Engine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.RC2Parameters;
-import org.bouncycastle.util.encoders.Hex;
-
-/**
- * RC2 tester - vectors from  ftp://ftp.isi.edu/in-notes/rfc2268.txt
- *
- * RFC 2268 "A Description of the RC2(r) Encryption Algorithm"
- */
-public class RC2Test
-    extends CipherTest
-{
-    static BlockCipherVectorTest[] tests =
-    {
-        new BlockCipherVectorTest(0, new RC2Engine(),
-                new RC2Parameters(Hex.decode("0000000000000000"), 63),
-                "0000000000000000", "ebb773f993278eff"),
-
-        new BlockCipherVectorTest(1, new RC2Engine(),
-                new RC2Parameters(Hex.decode("ffffffffffffffff"), 64),
-                "ffffffffffffffff", "278b27e42e2f0d49"),
-
-        new BlockCipherVectorTest(2, new RC2Engine(),
-                new RC2Parameters(Hex.decode("3000000000000000"), 64),
-                "1000000000000001", "30649edf9be7d2c2"),
-
-        new BlockCipherVectorTest(3, new RC2Engine(),
-                new RC2Parameters(Hex.decode("88"), 64),
-                "0000000000000000", "61a8a244adacccf0"),
-
-        new BlockCipherVectorTest(4, new RC2Engine(),
-                new RC2Parameters(Hex.decode("88bca90e90875a"), 64),
-                "0000000000000000", "6ccf4308974c267f"),
-
-        new BlockCipherVectorTest(5, new RC2Engine(),
-                new RC2Parameters(Hex.decode("88bca90e90875a7f0f79c384627bafb2"), 64),
-                "0000000000000000", "1a807d272bbe5db1"),
-
-        new BlockCipherVectorTest(6, new RC2Engine(),
-                new RC2Parameters(Hex.decode("88bca90e90875a7f0f79c384627bafb2"), 128),
-                "0000000000000000", "2269552ab0f85ca6"),
-
-        new BlockCipherVectorTest(7, new RC2Engine(),
-                new RC2Parameters(Hex.decode("88bca90e90875a7f0f79c384627bafb216f80a6f85920584c42fceb0be255daf1e"), 129),
-                "0000000000000000", "5b78d3a43dfff1f1")
-    };
-
-    RC2Test()
-    {
-        super(tests, new RC2Engine(), new KeyParameter(new byte[16]));
-    }
-
-    public String getName()
-    {
-        return "RC2";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new RC2Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/RC2WrapTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/RC2WrapTest.java
deleted file mode 100644
index 0b52a60..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/RC2WrapTest.java
+++ /dev/null

@@ -1,111 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Wrapper;
-import org.bouncycastle.crypto.engines.RC2WrapEngine;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.params.RC2Parameters;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-/**
- * RC2 wrap tester
- */
-public class RC2WrapTest
-    implements Test
-{
-    private class RFCRandom
-        extends SecureRandom
-    {
-        public void nextBytes(
-            byte[] nextBytes)
-        {
-            System.arraycopy(Hex.decode("4845cce7fd1250"), 0, nextBytes, 0, nextBytes.length);
-        }
-    }
-    
-    private TestResult wrapTest(
-        int     id,
-        CipherParameters paramsWrap,
-        CipherParameters paramsUnwrap,
-        byte[]  in,
-        byte[]  out)
-    {
-        Wrapper wrapper = new RC2WrapEngine();
-
-        wrapper.init(true, paramsWrap);
-
-        try
-        {
-            byte[]  cText = wrapper.wrap(in, 0, in.length);
-            if (!Arrays.areEqual(cText, out))
-            {
-                return new SimpleTestResult(false, getName() + ": failed wrap test " + id  + " expected " + new String(Hex.encode(out)) + " got " + new String(Hex.encode(cText)));
-            }
-        }
-        catch (Exception e)
-        {
-            return new SimpleTestResult(false, getName() + ": failed wrap test exception " + e.toString(), e);
-        }
-
-        wrapper.init(false, paramsUnwrap);
-
-        try
-        {
-            byte[]  pText = wrapper.unwrap(out, 0, out.length);
-            if (!Arrays.areEqual(pText, in))
-            {
-                return new SimpleTestResult(false, getName() + ": failed unwrap test " + id  + " expected " + new String(Hex.encode(in)) + " got " + new String(Hex.encode(pText)));
-            }
-        }
-        catch (Exception e)
-        {
-            return new SimpleTestResult(false, getName() + ": failed unwrap test exception " + e.toString(), e);
-        }
-
-        return new SimpleTestResult(true, getName() + ": Okay");
-    }
-
-    public TestResult perform()
-    {
-        byte[]  kek1 = Hex.decode("fd04fd08060707fb0003fefffd02fe05");
-        byte[]  iv1 = Hex.decode("c7d90059b29e97f7");
-        byte[]  in1 = Hex.decode("b70a25fbc9d86a86050ce0d711ead4d9");
-        byte[]  out1 = Hex.decode("70e699fb5701f7833330fb71e87c85a420bdc99af05d22af5a0e48d35f3138986cbaafb4b28d4f35");
-        // 
-        // note the RFC 3217 test specifies a key to be used with an effective key size of
-        // 40 bits which is why it is done here - in practice nothing less than 128 bits should be used.
-        //
-        CipherParameters paramWrap = new ParametersWithRandom(new ParametersWithIV(new RC2Parameters(kek1, 40), iv1), new RFCRandom());
-        CipherParameters paramUnwrap = new RC2Parameters(kek1, 40);
-        
-        TestResult result = wrapTest(1, paramWrap, paramUnwrap, in1, out1);
-        
-        if (!result.isSuccessful())
-        {
-            return result;
-        }
-
-        return new SimpleTestResult(true, getName() + ": Okay");
-    }
-
-    public String getName()
-    {
-        return "RC2Wrap";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        RC2WrapTest test = new RC2WrapTest();
-        TestResult result = test.perform();
-
-        System.out.println(result);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/RC4Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/RC4Test.java
deleted file mode 100644
index e4d3974..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/RC4Test.java
+++ /dev/null

@@ -1,45 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.engines.RC4Engine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * RC4 Test
- */
-public class RC4Test
-    extends SimpleTest
-{
-    StreamCipherVectorTest[] tests =
-    {
-        new StreamCipherVectorTest(0, new RC4Engine(),
-                new KeyParameter(Hex.decode("0123456789ABCDEF")),
-                "4e6f772069732074", "3afbb5c77938280d"),
-        new StreamCipherVectorTest(0, new RC4Engine(),
-                new KeyParameter(Hex.decode("0123456789ABCDEF")),
-                "68652074696d6520", "1cf1e29379266d59"),
-        new StreamCipherVectorTest(0, new RC4Engine(),
-                new KeyParameter(Hex.decode("0123456789ABCDEF")),
-                "666f7220616c6c20", "12fbb0c771276459")
-    };
-
-    public String getName()
-    {
-        return "RC4";
-    }
-
-    public void performTest()
-    {
-        for (int i = 0; i != tests.length; i++)
-        {
-            tests[i].performTest();
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new RC4Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/RC5Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/RC5Test.java
deleted file mode 100644
index 0ffdc89..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/RC5Test.java
+++ /dev/null

@@ -1,188 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.engines.RC532Engine;
-import org.bouncycastle.crypto.engines.RC564Engine;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.crypto.params.RC5Parameters;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-/**
- * RC5 tester - vectors from ftp://ftp.nordu.net/rfc/rfc2040.txt
- *
- * RFC 2040 "The RC5, RC5-CBC, RC5-CBC-Pad, and RC5-CTS Algorithms"
- */
-public class RC5Test
-    implements Test
-{
-    BlockCipherVectorTest[] tests =
-    {
-        new BlockCipherVectorTest(0, new CBCBlockCipher(new RC532Engine()),
-                new ParametersWithIV(
-                    new RC5Parameters(Hex.decode("00"), 0),
-                    Hex.decode("0000000000000000")),
-                "0000000000000000", "7a7bba4d79111d1e"), 
-        new BlockCipherVectorTest(1, new CBCBlockCipher(new RC532Engine()),
-                new ParametersWithIV(
-                    new RC5Parameters(Hex.decode("00"), 0),
-                    Hex.decode("0000000000000000")),
-                "ffffffffffffffff", "797bba4d78111d1e"), 
-        new BlockCipherVectorTest(2, new CBCBlockCipher(new RC532Engine()),
-                new ParametersWithIV(
-                    new RC5Parameters(Hex.decode("00"), 0),
-                    Hex.decode("0000000000000001")),
-                "0000000000000000", "7a7bba4d79111d1f"), 
-        new BlockCipherVectorTest(3, new CBCBlockCipher(new RC532Engine()),
-                new ParametersWithIV(
-                    new RC5Parameters(Hex.decode("00"), 0),
-                    Hex.decode("0000000000000000")),
-                "0000000000000001", "7a7bba4d79111d1f"), 
-        new BlockCipherVectorTest(4, new CBCBlockCipher(new RC532Engine()),
-                new ParametersWithIV(
-                    new RC5Parameters(Hex.decode("00"), 0),
-                    Hex.decode("0102030405060708")),
-                "1020304050607080", "8b9ded91ce7794a6"),
-        new BlockCipherVectorTest(5, new CBCBlockCipher(new RC532Engine()),
-                new ParametersWithIV(
-                    new RC5Parameters(Hex.decode("11"), 1),
-                    Hex.decode("0000000000000000")),
-                "0000000000000000", "2f759fe7ad86a378"),
-        new BlockCipherVectorTest(6, new CBCBlockCipher(new RC532Engine()),
-                new ParametersWithIV(
-                    new RC5Parameters(Hex.decode("00"), 2),
-                    Hex.decode("0000000000000000")),
-                "0000000000000000", "dca2694bf40e0788"),
-        new BlockCipherVectorTest(7, new CBCBlockCipher(new RC532Engine()),
-                new ParametersWithIV(
-                    new RC5Parameters(Hex.decode("00000000"), 2),
-                    Hex.decode("0000000000000000")),
-                "0000000000000000", "dca2694bf40e0788"),
-        new BlockCipherVectorTest(8, new CBCBlockCipher(new RC532Engine()),
-                new ParametersWithIV(
-                    new RC5Parameters(Hex.decode("00000000"), 8),
-                    Hex.decode("0000000000000000")),
-                "0000000000000000", "dcfe098577eca5ff"),
-        new BlockCipherVectorTest(9, new CBCBlockCipher(new RC532Engine()),
-                new ParametersWithIV(
-                    new RC5Parameters(Hex.decode("00"), 8),
-                    Hex.decode("0102030405060708")),
-                "1020304050607080", "9646fb77638f9ca8"),
-        new BlockCipherVectorTest(10, new CBCBlockCipher(new RC532Engine()),
-                new ParametersWithIV(
-                    new RC5Parameters(Hex.decode("00"), 12),
-                    Hex.decode("0102030405060708")),
-                "1020304050607080", "b2b3209db6594da4"),
-        new BlockCipherVectorTest(11, new CBCBlockCipher(new RC532Engine()),
-                new ParametersWithIV(
-                    new RC5Parameters(Hex.decode("00"), 16),
-                    Hex.decode("0102030405060708")),
-                "1020304050607080", "545f7f32a5fc3836"),
-        new BlockCipherVectorTest(12, new CBCBlockCipher(new RC532Engine()),
-                new ParametersWithIV(
-                    new RC5Parameters(Hex.decode("01020304"), 8),
-                    Hex.decode("0000000000000000")),
-                "ffffffffffffffff", "8285e7c1b5bc7402"),
-        new BlockCipherVectorTest(13, new CBCBlockCipher(new RC532Engine()),
-                new ParametersWithIV(
-                    new RC5Parameters(Hex.decode("01020304"), 12),
-                    Hex.decode("0000000000000000")),
-                "ffffffffffffffff", "fc586f92f7080934"),
-        new BlockCipherVectorTest(14, new CBCBlockCipher(new RC532Engine()),
-                new ParametersWithIV(
-                    new RC5Parameters(Hex.decode("01020304"), 16),
-                    Hex.decode("0000000000000000")),
-                "ffffffffffffffff", "cf270ef9717ff7c4"),
-        new BlockCipherVectorTest(15, new CBCBlockCipher(new RC532Engine()),
-                new ParametersWithIV(
-                    new RC5Parameters(Hex.decode("0102030405060708"), 12),
-                    Hex.decode("0000000000000000")),
-                "ffffffffffffffff", "e493f1c1bb4d6e8c"),
-        new BlockCipherVectorTest(16, new CBCBlockCipher(new RC532Engine()),
-                new ParametersWithIV(
-                    new RC5Parameters(Hex.decode("0102030405060708"), 8),
-                    Hex.decode("0102030405060708")),
-                "1020304050607080", "5c4c041e0f217ac3"),
-        new BlockCipherVectorTest(17, new CBCBlockCipher(new RC532Engine()),
-                new ParametersWithIV(
-                    new RC5Parameters(Hex.decode("0102030405060708"), 12),
-                    Hex.decode("0102030405060708")),
-                "1020304050607080", "921f12485373b4f7"),
-        new BlockCipherVectorTest(18, new CBCBlockCipher(new RC532Engine()),
-                new ParametersWithIV(
-                    new RC5Parameters(Hex.decode("0102030405060708"), 16),
-                    Hex.decode("0102030405060708")),
-                "1020304050607080", "5ba0ca6bbe7f5fad"),
-        new BlockCipherVectorTest(19, new CBCBlockCipher(new RC532Engine()),
-                new ParametersWithIV(
-                    new RC5Parameters(Hex.decode("01020304050607081020304050607080"), 8),
-                    Hex.decode("0102030405060708")),
-                "1020304050607080", "c533771cd0110e63"),
-        new BlockCipherVectorTest(20, new CBCBlockCipher(new RC532Engine()),
-                new ParametersWithIV(
-                    new RC5Parameters(Hex.decode("01020304050607081020304050607080"), 12),
-                    Hex.decode("0102030405060708")),
-                "1020304050607080", "294ddb46b3278d60"),
-        new BlockCipherVectorTest(21, new CBCBlockCipher(new RC532Engine()),
-                new ParametersWithIV(
-                    new RC5Parameters(Hex.decode("01020304050607081020304050607080"), 16),
-                    Hex.decode("0102030405060708")),
-                "1020304050607080", "dad6bda9dfe8f7e8"),
-        new BlockCipherVectorTest(22, new CBCBlockCipher(new RC532Engine()),
-                new ParametersWithIV(
-                    new RC5Parameters(Hex.decode("0102030405"), 12),
-                    Hex.decode("0000000000000000")),
-                "ffffffffffffffff", "97e0787837ed317f"),
-        new BlockCipherVectorTest(23, new CBCBlockCipher(new RC532Engine()),
-                new ParametersWithIV(
-                    new RC5Parameters(Hex.decode("0102030405"), 8),
-                    Hex.decode("0000000000000000")),
-                "ffffffffffffffff", "7875dbf6738c6478"),
-        new BlockCipherVectorTest(23, new CBCBlockCipher(new RC532Engine()),
-                new ParametersWithIV(
-                    new RC5Parameters(Hex.decode("0102030405"), 8),
-                    Hex.decode("7875dbf6738c6478")),
-                "0808080808080808", "8f34c3c681c99695"),
-        new BlockCipherVectorTest(640, new CBCBlockCipher(new RC564Engine()),
-                new ParametersWithIV(
-                    new RC5Parameters(Hex.decode("00"), 0),
-                    Hex.decode("00000000000000000000000000000000")),
-                "00000000000000000000000000000000", "9f09b98d3f6062d9d4d59973d00e0e63"),
-        new BlockCipherVectorTest(641, new CBCBlockCipher(new RC564Engine()),
-                new ParametersWithIV(
-                    new RC5Parameters(Hex.decode("00"), 0),
-                    Hex.decode("00000000000000000000000000000000")),
-                "ffffffffffffffffffffffffffffffff", "9e09b98d3f6062d9d3d59973d00e0e63")
-    };
-
-    public String getName()
-    {
-        return "RC5";
-    }
-
-    public TestResult perform()
-    {
-        for (int i = 0; i != tests.length; i++)
-        {
-            TestResult  res = tests[i].perform();
-
-            if (!res.isSuccessful())
-            {
-                return res;
-            }
-        }
-
-        return new SimpleTestResult(true, getName() + ": Okay");
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        RC5Test     test = new RC5Test();
-        TestResult  result = test.perform();
-
-        System.out.println(result);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/RC6Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/RC6Test.java
deleted file mode 100644
index 254c137..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/RC6Test.java
+++ /dev/null

@@ -1,64 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.engines.RC6Engine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * RC6 Test - test vectors from AES Submitted RSA Reference implementation.
- * ftp://ftp.funet.fi/pub/crypt/cryptography/symmetric/aes/rc6-unix-refc.tar
- */
-public class RC6Test
-    extends CipherTest
-{
-    static SimpleTest[]  tests = 
-            {
-                new BlockCipherVectorTest(0, new RC6Engine(),
-                        new KeyParameter(
-                            Hex.decode("00000000000000000000000000000000")),
-                        "80000000000000000000000000000000",
-                        "f71f65e7b80c0c6966fee607984b5cdf"),
-                new BlockCipherVectorTest(1, new RC6Engine(),
-                        new KeyParameter(
-                            Hex.decode("000000000000000000000000000000008000000000000000")),
-                        "00000000000000000000000000000000",
-                        "dd04c176440bbc6686c90aee775bd368"),
-                new BlockCipherVectorTest(2, new RC6Engine(),
-                        new KeyParameter(
-                            Hex.decode("000000000000000000000000000000000000001000000000")),
-                        "00000000000000000000000000000000",
-                        "937fe02d20fcb72f0f57201012b88ba4"),
-                new BlockCipherVectorTest(3, new RC6Engine(),
-                        new KeyParameter(
-                            Hex.decode("00000001000000000000000000000000")),
-                        "00000000000000000000000000000000",
-                        "8a380594d7396453771a1dfbe2914c8e"),
-                new BlockCipherVectorTest(4, new RC6Engine(),
-                        new KeyParameter(
-                            Hex.decode("1000000000000000000000000000000000000000000000000000000000000000")),
-                        "00000000000000000000000000000000",
-                        "11395d4bfe4c8258979ee2bf2d24dff4"),
-                new BlockCipherVectorTest(5, new RC6Engine(),
-                        new KeyParameter(
-                            Hex.decode("0000000000000000000000000000000000080000000000000000000000000000")),
-                        "00000000000000000000000000000000",
-                        "3d6f7e99f6512553bb983e8f75672b97")
-            };
-
-    RC6Test()
-    {
-        super(tests, new RC6Engine(), new KeyParameter(new byte[32]));
-    }
-
-    public String getName()
-    {
-        return "RC6";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new RC6Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/RFC3211WrapTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/RFC3211WrapTest.java
deleted file mode 100644
index b424e6e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/RFC3211WrapTest.java
+++ /dev/null

@@ -1,203 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.Wrapper;
-import org.bouncycastle.crypto.engines.DESEngine;
-import org.bouncycastle.crypto.engines.DESedeEngine;
-import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.prng.FixedSecureRandom;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Wrap Test based on RFC3211 test vectors
- */
-public class RFC3211WrapTest
-    extends SimpleTest
-{
-    SecureRandom r1 = new FixedSecureRandom(Hex.decode("C436F541"));
-
-    SecureRandom r2 = new FixedSecureRandom(Hex.decode("FA060A45"));
-
-    public String getName()
-    {
-        return "RFC3211Wrap";
-    }
-
-    private void wrapTest(
-        int          id,
-        BlockCipher  engine,
-        byte[]       kek,
-        byte[]       iv,
-        SecureRandom rand,
-        byte[]       in,
-        byte[]       out)
-        throws Exception
-    {
-        Wrapper wrapper = new RFC3211WrapEngine(engine);
-
-        wrapper.init(true, new ParametersWithRandom(new ParametersWithIV(new KeyParameter(kek), iv), rand));
-
-        byte[]  cText = wrapper.wrap(in, 0, in.length);
-        if (!Arrays.areEqual(cText, out))
-        {
-            fail("failed wrap test " + id  + " expected " + new String(Hex.encode(out)) + " got " + new String(Hex.encode(cText)));
-        }
-
-        wrapper.init(false, new ParametersWithIV(new KeyParameter(kek), iv));
-
-        byte[]  pText = wrapper.unwrap(out, 0, out.length);
-        if (!Arrays.areEqual(pText, in))
-        {
-            fail("rfailed unwrap test " + id  + " expected " + new String(Hex.encode(in)) + " got " + new String(Hex.encode(pText)));
-        }
-    }
-
-    private void testCorruption()
-        throws InvalidCipherTextException
-    {
-        byte[] kek = Hex.decode("D1DAA78615F287E6");
-        byte[] iv = Hex.decode("EFE598EF21B33D6D");
-
-        Wrapper wrapper = new RFC3211WrapEngine(new DESEngine());
-
-        wrapper.init(false, new ParametersWithIV(new KeyParameter(kek), iv));
-
-        byte[] block = Hex.decode("ff739D838C627C897323A2F8C436F541");
-        encryptBlock(kek, iv, block);
-
-        try
-        {
-            wrapper.unwrap(block, 0, block.length);
-
-            fail("bad length not detected");
-        }
-        catch (InvalidCipherTextException e)
-        {
-            if (!e.getMessage().equals("wrapped key corrupted"))
-            {
-                fail("wrong exception on length");
-            }
-        }
-
-        block = Hex.decode("08639D838C627C897323A2F8C436F541");
-        testChecksum(kek, iv, block, wrapper);
-
-        block = Hex.decode("08736D838C627C897323A2F8C436F541");
-        testChecksum(kek, iv, block, wrapper);
-        
-        block = Hex.decode("08739D638C627C897323A2F8C436F541");
-        testChecksum(kek, iv, block, wrapper);
-    }
-
-    private void testChecksum(byte[] kek, byte[] iv, byte[] block, Wrapper wrapper)
-    {
-        encryptBlock(kek, iv, block);
-
-        try
-        {
-            wrapper.unwrap(block, 0, block.length);
-
-            fail("bad checksum not detected");
-        }
-        catch (InvalidCipherTextException e)
-        {
-            if (!e.getMessage().equals("wrapped key corrupted"))
-            {
-                fail("wrong exception");
-            }
-        }
-    }
-
-    private void encryptBlock(byte[] key, byte[] iv, byte[] cekBlock)
-    {
-        BlockCipher engine = new CBCBlockCipher(new DESEngine());
-
-        engine.init(true, new ParametersWithIV(new KeyParameter(key), iv));
-
-        for (int i = 0; i < cekBlock.length; i += 8)
-        {
-            engine.processBlock(cekBlock, i, cekBlock, i);
-        }
-
-        for (int i = 0; i < cekBlock.length; i += 8)
-        {
-            engine.processBlock(cekBlock, i, cekBlock, i);
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        wrapTest(1, new DESEngine(), Hex.decode("D1DAA78615F287E6"), Hex.decode("EFE598EF21B33D6D"), r1, Hex.decode("8C627C897323A2F8"), Hex.decode("B81B2565EE373CA6DEDCA26A178B0C10"));
-        wrapTest(2, new DESedeEngine(), Hex.decode("6A8970BF68C92CAEA84A8DF28510858607126380CC47AB2D"), Hex.decode("BAF1CA7931213C4E"), r2,
-                    Hex.decode("8C637D887223A2F965B566EB014B0FA5D52300A3F7EA40FFFC577203C71BAF3B"),
-                    Hex.decode("C03C514ABDB9E2C5AAC038572B5E24553876B377AAFB82ECA5A9D73F8AB143D9EC74E6CAD7DB260C"));
-
-        testCorruption();
-        
-        Wrapper          wrapper = new RFC3211WrapEngine(new DESEngine());
-        ParametersWithIV params = new ParametersWithIV(new KeyParameter(new byte[16]), new byte[16]);
-        byte[]           buf = new byte[16];
-
-        try
-        {
-            wrapper.init(true, params);
-
-            wrapper.unwrap(buf, 0, buf.length);
-
-            fail("failed unwrap state test.");
-        }
-        catch (IllegalStateException e)
-        {
-            // expected
-        }
-        catch (InvalidCipherTextException e)
-        {
-            fail("unexpected exception: " + e, e);
-        }
-
-        try
-        {
-            wrapper.init(false, params);
-
-            wrapper.wrap(buf, 0, buf.length);
-
-            fail("failed unwrap state test.");
-        }
-        catch (IllegalStateException e)
-        {
-            // expected
-        }
-
-        //
-        // short test
-        //
-        try
-        {
-            wrapper.init(false, params);
-
-            wrapper.unwrap(buf, 0, buf.length / 2);
-
-            fail("failed unwrap short test.");
-        }
-        catch (InvalidCipherTextException e)
-        {
-            // expected
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new RFC3211WrapTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/RIPEMD128DigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/RIPEMD128DigestTest.java
deleted file mode 100644
index bdd622c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/RIPEMD128DigestTest.java
+++ /dev/null

@@ -1,58 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.RIPEMD128Digest;
-
-/**
- * RIPEMD128 Digest Test
- */
-public class RIPEMD128DigestTest
-    extends DigestTest
-{
-    final static String[] messages = {
-        "",
-        "a",
-        "abc",
-        "message digest",
-        "abcdefghijklmnopqrstuvwxyz",
-        "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
-        "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
-        "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
-    };
-
-    final static String[] digests = {
-        "cdf26213a150dc3ecb610f18f6b38b46",
-        "86be7afa339d0fc7cfc785e72f578d33",
-        "c14a12199c66e4ba84636b0f69144c77",
-        "9e327b3d6e523062afc1132d7df9d1b8",
-        "fd2aa607f71dc8f510714922b371834e",
-        "a1aa0689d0fafa2ddc22e88b49133a06",
-        "d1e959eb179c911faea4624c60c5c702",
-        "3f45ef194732c2dbb2c4a2c769795fa3"
-    };
-
-    final static String million_a_digest = "4a7f5723f954eba1216c9d8f6320431f";
-        
-    RIPEMD128DigestTest()
-    {
-        super(new RIPEMD128Digest(), messages, digests);
-    }
-
-    public void performTest()
-    {
-        super.performTest();
-        
-        millionATest(million_a_digest);
-    }
-
-    protected Digest cloneDigest(Digest digest)
-    {
-        return new RIPEMD128Digest((RIPEMD128Digest)digest);
-    }
-    
-    public static void main(
-        String[]    args)
-    {
-        runTest(new RIPEMD128DigestTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/RIPEMD128HMacTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/RIPEMD128HMacTest.java
deleted file mode 100644
index cc042c9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/RIPEMD128HMacTest.java
+++ /dev/null

@@ -1,86 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.digests.RIPEMD128Digest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-/**
- * RIPEMD128 HMac Test, test vectors from RFC 2286
- */
-public class RIPEMD128HMacTest
-    implements Test
-{
-    final static String[] keys = {
-        "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
-        "4a656665",
-        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
-        "0102030405060708090a0b0c0d0e0f10111213141516171819",
-        "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
-        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
-        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-    };
-
-    final static String[] digests = {
-        "fbf61f9492aa4bbf81c172e84e0734db",
-        "875f828862b6b334b427c55f9f7ff09b",
-        "09f0b2846d2f543da363cbec8d62a38d",
-        "bdbbd7cf03e44b5aa60af815be4d2294",
-        "e79808f24b25fd031c155f0d551d9a3a",
-        "dc732928de98104a1f59d373c150acbb",
-        "5c6bec96793e16d40690c237635f30c5"
-    };
-
-    final static String[] messages = {
-        "Hi There",
-        "what do ya want for nothing?",
-        "0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd",
-        "0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd",
-        "Test With Truncation",
-        "Test Using Larger Than Block-Size Key - Hash Key First",
-        "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data"
-    };
-        
-    public String getName()
-    {
-        return "RIPEMD128HMac";
-    }
-
-    public TestResult perform()
-    {
-        HMac hmac = new HMac(new RIPEMD128Digest());
-        byte[] resBuf = new byte[hmac.getMacSize()];
-
-        for (int i = 0; i < messages.length; i++)
-        {
-            byte[] m = messages[i].getBytes();
-            if (messages[i].startsWith("0x"))
-            {
-                m = Hex.decode(messages[i].substring(2));
-            }
-            hmac.init(new KeyParameter(Hex.decode(keys[i])));
-            hmac.update(m, 0, m.length);
-            hmac.doFinal(resBuf, 0);
-
-            if (!Arrays.areEqual(resBuf, Hex.decode(digests[i])))
-            {
-                return new SimpleTestResult(false, getName() + ": Vector " + i + " failed");
-            }
-        }
-
-        return new SimpleTestResult(true, getName() + ": Okay");
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        RIPEMD128HMacTest   test = new RIPEMD128HMacTest();
-        TestResult          result = test.perform();
-
-        System.out.println(result);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/RIPEMD160DigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/RIPEMD160DigestTest.java
deleted file mode 100644
index e92693d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/RIPEMD160DigestTest.java
+++ /dev/null

@@ -1,58 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.RIPEMD160Digest;
-
-/**
- * RIPEMD160 Digest Test
- */
-public class RIPEMD160DigestTest
-    extends DigestTest
-{
-    final static String[] messages = {
-        "",
-        "a",
-        "abc",
-        "message digest",
-        "abcdefghijklmnopqrstuvwxyz",
-        "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
-        "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
-        "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
-    };
-
-    final static String[] digests = {
-        "9c1185a5c5e9fc54612808977ee8f548b2258d31",
-        "0bdc9d2d256b3ee9daae347be6f4dc835a467ffe",
-        "8eb208f7e05d987a9b044a8e98c6b087f15a0bfc",
-        "5d0689ef49d2fae572b881b123a85ffa21595f36",
-        "f71c27109c692c1b56bbdceb5b9d2865b3708dbc",
-        "12a053384a9c0c88e405a06c27dcf49ada62eb2b",
-        "b0e20b6e3116640286ed3a87a5713079b21f5189",
-        "9b752e45573d4b39f4dbd3323cab82bf63326bfb"
-    };
-
-    final static String million_a_digest = "52783243c1697bdbe16d37f97f68f08325dc1528";
-
-    RIPEMD160DigestTest()
-    {
-        super(new RIPEMD160Digest(), messages, digests);
-    }
-
-    public void performTest()
-    {
-        super.performTest();
-        
-        millionATest(million_a_digest);
-    }
-
-    protected Digest cloneDigest(Digest digest)
-    {
-        return new RIPEMD160Digest((RIPEMD160Digest)digest);
-    }
-    
-    public static void main(
-        String[]    args)
-    {
-        runTest(new RIPEMD160DigestTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/RIPEMD160HMacTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/RIPEMD160HMacTest.java
deleted file mode 100644
index 7e6e813..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/RIPEMD160HMacTest.java
+++ /dev/null

@@ -1,86 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.digests.RIPEMD160Digest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-/**
- * RIPEMD160 HMac Test, test vectors from RFC 2286
- */
-public class RIPEMD160HMacTest
-    implements Test
-{
-    final static String[] keys = {
-        "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
-        "4a656665",
-        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
-        "0102030405060708090a0b0c0d0e0f10111213141516171819",
-        "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
-        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
-        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-    };
-
-    final static String[] digests = {
-        "24cb4bd67d20fc1a5d2ed7732dcc39377f0a5668",
-        "dda6c0213a485a9e24f4742064a7f033b43c4069",
-        "b0b105360de759960ab4f35298e116e295d8e7c1",
-        "d5ca862f4d21d5e610e18b4cf1beb97a4365ecf4",
-        "7619693978f91d90539ae786500ff3d8e0518e39",
-        "6466ca07ac5eac29e1bd523e5ada7605b791fd8b",
-        "69ea60798d71616cce5fd0871e23754cd75d5a0a"
-    };
-
-    final static String[] messages = {
-        "Hi There",
-        "what do ya want for nothing?",
-        "0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd",
-        "0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd",
-        "Test With Truncation",
-        "Test Using Larger Than Block-Size Key - Hash Key First",
-        "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data"
-    };
-
-    public String getName()
-    {
-        return "RIPEMD160HMac";
-    }
-
-    public TestResult perform()
-    {
-        HMac hmac = new HMac(new RIPEMD160Digest());
-        byte[] resBuf = new byte[hmac.getMacSize()];
-
-        for (int i = 0; i < messages.length; i++)
-        {
-            byte[] m = messages[i].getBytes();
-            if (messages[i].startsWith("0x"))
-            {
-                m = Hex.decode(messages[i].substring(2));
-            }
-            hmac.init(new KeyParameter(Hex.decode(keys[i])));
-            hmac.update(m, 0, m.length);
-            hmac.doFinal(resBuf, 0);
-
-            if (!Arrays.areEqual(resBuf, Hex.decode(digests[i])))
-            {
-                return new SimpleTestResult(false, getName() + ": Vector " + i + " failed");
-            }
-        }
-
-        return new SimpleTestResult(true, getName() + ": Okay");
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        RIPEMD160HMacTest   test = new RIPEMD160HMacTest();
-        TestResult          result = test.perform();
-
-        System.out.println(result);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/RIPEMD256DigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/RIPEMD256DigestTest.java
deleted file mode 100644
index 4de70d8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/RIPEMD256DigestTest.java
+++ /dev/null

@@ -1,58 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.RIPEMD256Digest;
-
-/**
- * RIPEMD128 Digest Test
- */
-public class RIPEMD256DigestTest
-    extends DigestTest
-{
-    final static String[] messages = {
-        "",
-        "a",
-        "abc",
-        "message digest",
-        "abcdefghijklmnopqrstuvwxyz",
-        "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
-        "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
-        "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
-    };
-
-    final static String[] digests = {
-        "02ba4c4e5f8ecd1877fc52d64d30e37a2d9774fb1e5d026380ae0168e3c5522d",
-        "f9333e45d857f5d90a91bab70a1eba0cfb1be4b0783c9acfcd883a9134692925",
-        "afbd6e228b9d8cbbcef5ca2d03e6dba10ac0bc7dcbe4680e1e42d2e975459b65",
-        "87e971759a1ce47a514d5c914c392c9018c7c46bc14465554afcdf54a5070c0e",
-        "649d3034751ea216776bf9a18acc81bc7896118a5197968782dd1fd97d8d5133",
-        "3843045583aac6c8c8d9128573e7a9809afb2a0f34ccc36ea9e72f16f6368e3f",
-        "5740a408ac16b720b84424ae931cbb1fe363d1d0bf4017f1a89f7ea6de77a0b8",
-        "06fdcc7a409548aaf91368c06a6275b553e3f099bf0ea4edfd6778df89a890dd"
-    };
-
-    final static String million_a_digest = "ac953744e10e31514c150d4d8d7b677342e33399788296e43ae4850ce4f97978";
-
-    RIPEMD256DigestTest()
-    {
-        super(new RIPEMD256Digest(), messages, digests);
-    }
-
-    public void performTest()
-    {
-        super.performTest();
-        
-        millionATest(million_a_digest);
-    }
-
-    protected Digest cloneDigest(Digest digest)
-    {
-        return new RIPEMD256Digest((RIPEMD256Digest)digest);
-    }
-    
-    public static void main(
-        String[]    args)
-    {
-        runTest(new RIPEMD256DigestTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/RIPEMD320DigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/RIPEMD320DigestTest.java
deleted file mode 100644
index 351b1b7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/RIPEMD320DigestTest.java
+++ /dev/null

@@ -1,58 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.RIPEMD320Digest;
-
-/**
- * RIPEMD320 Digest Test
- */
-public class RIPEMD320DigestTest
-    extends DigestTest
-{
-    final static String[] messages = {
-        "",
-        "a",
-        "abc",
-        "message digest",
-        "abcdefghijklmnopqrstuvwxyz",
-        "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq",
-        "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
-        "12345678901234567890123456789012345678901234567890123456789012345678901234567890"
-    };
-
-    final static String[] digests = {
-        "22d65d5661536cdc75c1fdf5c6de7b41b9f27325ebc61e8557177d705a0ec880151c3a32a00899b8",
-        "ce78850638f92658a5a585097579926dda667a5716562cfcf6fbe77f63542f99b04705d6970dff5d",
-        "de4c01b3054f8930a79d09ae738e92301e5a17085beffdc1b8d116713e74f82fa942d64cdbc4682d",
-        "3a8e28502ed45d422f68844f9dd316e7b98533fa3f2a91d29f84d425c88d6b4eff727df66a7c0197",
-        "cabdb1810b92470a2093aa6bce05952c28348cf43ff60841975166bb40ed234004b8824463e6b009",
-        "d034a7950cf722021ba4b84df769a5de2060e259df4c9bb4a4268c0e935bbc7470a969c9d072a1ac",
-        "ed544940c86d67f250d232c30b7b3e5770e0c60c8cb9a4cafe3b11388af9920e1b99230b843c86a4",
-        "557888af5f6d8ed62ab66945c6d2a0a47ecd5341e915eb8fea1d0524955f825dc717e4a008ab2d42"
-    };
-
-    final static String million_a_digest = "bdee37f4371e20646b8b0d862dda16292ae36f40965e8c8509e63d1dbddecc503e2b63eb9245bb66";
-        
-    RIPEMD320DigestTest()
-    {
-        super(new RIPEMD320Digest(), messages, digests);
-    }
-
-    public void performTest()
-    {
-        super.performTest();
-        
-        millionATest(million_a_digest);
-    }
-
-    protected Digest cloneDigest(Digest digest)
-    {
-        return new RIPEMD320Digest((RIPEMD320Digest)digest);
-    }
-    
-    public static void main(
-        String[]    args)
-    {
-        runTest(new RIPEMD320DigestTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/RNGUtils.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/RNGUtils.java
deleted file mode 100644
index 166c49d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/RNGUtils.java
+++ /dev/null

@@ -1,11 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.util.Random;
-
-class RNGUtils
-{
-    public static int nextInt(Random rng, int n)
-    {
-        return rng.nextInt(n);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/RSABlindedTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/RSABlindedTest.java
deleted file mode 100644
index c7efcae..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/RSABlindedTest.java
+++ /dev/null

@@ -1,437 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.AsymmetricBlockCipher;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.encodings.OAEPEncoding;
-import org.bouncycastle.crypto.encodings.PKCS1Encoding;
-import org.bouncycastle.crypto.engines.RSABlindedEngine;
-import org.bouncycastle.crypto.generators.RSAKeyPairGenerator;
-import org.bouncycastle.crypto.params.RSAKeyGenerationParameters;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-public class RSABlindedTest
-    extends SimpleTest
-{
-    static BigInteger mod = new BigInteger("b259d2d6e627a768c94be36164c2d9fc79d97aab9253140e5bf17751197731d6f7540d2509e7b9ffee0a70a6e26d56e92d2edd7f85aba85600b69089f35f6bdbf3c298e05842535d9f064e6b0391cb7d306e0a2d20c4dfb4e7b49a9640bdea26c10ad69c3f05007ce2513cee44cfe01998e62b6c3637d3fc0391079b26ee36d5", 16);
-    static BigInteger  pubExp = new BigInteger("11", 16);
-    static BigInteger  privExp = new BigInteger("92e08f83cc9920746989ca5034dcb384a094fb9c5a6288fcc4304424ab8f56388f72652d8fafc65a4b9020896f2cde297080f2a540e7b7ce5af0b3446e1258d1dd7f245cf54124b4c6e17da21b90a0ebd22605e6f45c9f136d7a13eaac1c0f7487de8bd6d924972408ebb58af71e76fd7b012a8d0e165f3ae2e5077a8648e619", 16);
-    static BigInteger  p = new BigInteger("f75e80839b9b9379f1cf1128f321639757dba514642c206bbbd99f9a4846208b3e93fbbe5e0527cc59b1d4b929d9555853004c7c8b30ee6a213c3d1bb7415d03", 16);
-    static BigInteger  q = new BigInteger("b892d9ebdbfc37e397256dd8a5d3123534d1f03726284743ddc6be3a709edb696fc40c7d902ed804c6eee730eee3d5b20bf6bd8d87a296813c87d3b3cc9d7947", 16);
-    static BigInteger  pExp = new BigInteger("1d1a2d3ca8e52068b3094d501c9a842fec37f54db16e9a67070a8b3f53cc03d4257ad252a1a640eadd603724d7bf3737914b544ae332eedf4f34436cac25ceb5", 16);
-    static BigInteger  qExp = new BigInteger("6c929e4e81672fef49d9c825163fec97c4b7ba7acb26c0824638ac22605d7201c94625770984f78a56e6e25904fe7db407099cad9b14588841b94f5ab498dded", 16);
-    static BigInteger  crtCoef = new BigInteger("dae7651ee69ad1d081ec5e7188ae126f6004ff39556bde90e0b870962fa7b926d070686d8244fe5a9aa709a95686a104614834b0ada4b10f53197a5cb4c97339", 16);
-
-    static String input = "4e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e";
-
-    //
-    // to check that we handling byte extension by big number correctly.
-    //
-    static String edgeInput = "ff6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e";
-
-    static byte[] oversizedSig = Hex.decode("01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff004e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e");
-    static byte[] dudBlock = Hex.decode("000fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff004e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e");
-    static byte[] truncatedDataBlock = Hex.decode("0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff004e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e");
-    static byte[] incorrectPadding = Hex.decode("0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff4e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e");
-    static byte[] missingDataBlock = Hex.decode("0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff");
-
-    public String getName()
-    {
-        return "RSABlinded";
-    }
-
-    private void testStrictPKCS1Length(RSAKeyParameters pubParameters, RSAKeyParameters privParameters)
-    {
-        AsymmetricBlockCipher eng = new RSABlindedEngine();
-
-        eng.init(true, privParameters);
-
-        byte[] data = null;
-
-        try
-        {
-            data = eng.processBlock(oversizedSig, 0, oversizedSig.length);
-        }
-        catch (Exception e)
-        {
-            fail("RSA: failed - exception " + e.toString(), e);
-        }
-
-        eng = new PKCS1Encoding(eng);
-
-        eng.init(false, pubParameters);
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-
-            fail("oversized signature block not recognised");
-        }
-        catch (InvalidCipherTextException e)
-        {
-            if (!e.getMessage().equals("block incorrect size"))
-            {
-                fail("RSA: failed - exception " + e.toString(), e);
-            }
-        }
-
-        //System.setProperty(PKCS1Encoding.STRICT_LENGTH_ENABLED_PROPERTY, "false");
-
-        System.getProperties().put(PKCS1Encoding.STRICT_LENGTH_ENABLED_PROPERTY, "false");
-        eng = new PKCS1Encoding(new RSABlindedEngine());
-
-        eng.init(false, pubParameters);
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (InvalidCipherTextException e)
-        {
-            fail("RSA: failed - exception " + e.toString(), e);
-        }
-
-        System.getProperties().remove(PKCS1Encoding.STRICT_LENGTH_ENABLED_PROPERTY);
-    }
-
-    private void testTruncatedPKCS1Block(RSAKeyParameters pubParameters, RSAKeyParameters privParameters)
-    {
-        checkForPKCS1Exception(pubParameters, privParameters, truncatedDataBlock, "block incorrect");
-    }
-
-    private void testDudPKCS1Block(RSAKeyParameters pubParameters, RSAKeyParameters privParameters)
-    {
-        checkForPKCS1Exception(pubParameters, privParameters, dudBlock, "block incorrect");
-    }
-
-    private void testWrongPaddingPKCS1Block(RSAKeyParameters pubParameters, RSAKeyParameters privParameters)
-    {
-        checkForPKCS1Exception(pubParameters, privParameters, incorrectPadding, "block incorrect");
-    }
-
-    private void testMissingDataPKCS1Block(RSAKeyParameters pubParameters, RSAKeyParameters privParameters)
-    {
-        checkForPKCS1Exception(pubParameters, privParameters, missingDataBlock, "block incorrect");
-    }
-
-    private void checkForPKCS1Exception(RSAKeyParameters pubParameters, RSAKeyParameters privParameters, byte[] inputData, String expectedMessage)
-    {
-        AsymmetricBlockCipher   eng = new RSABlindedEngine();
-
-        eng.init(true, privParameters);
-
-        byte[] data = null;
-
-        try
-        {
-            data = eng.processBlock(inputData, 0, inputData.length);
-        }
-        catch (Exception e)
-        {
-            fail("RSA: failed - exception " + e.toString(), e);
-        }
-
-        eng = new PKCS1Encoding(eng);
-
-        eng.init(false, pubParameters);
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-
-            fail("missing data block not recognised");
-        }
-        catch (InvalidCipherTextException e)
-        {
-            if (!e.getMessage().equals(expectedMessage))
-            {
-                fail("RSA: failed - exception " + e.toString(), e);
-            }
-        }
-    }
-
-    private void testOAEP(RSAKeyParameters pubParameters, RSAKeyParameters privParameters)
-    {
-        //
-        // OAEP - public encrypt, private decrypt
-        //
-        AsymmetricBlockCipher eng = new OAEPEncoding(new RSABlindedEngine());
-        byte[] data = Hex.decode(input);
-
-        eng.init(true, pubParameters);
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        eng.init(false, privParameters);
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        if (!input.equals(new String(Hex.encode(data))))
-        {
-            fail("failed OAEP Test");
-        }
-    }
-
-    public void performTest()
-    {
-        RSAKeyParameters    pubParameters = new RSAKeyParameters(false, mod, pubExp);
-        RSAKeyParameters    privParameters = new RSAPrivateCrtKeyParameters(mod, pubExp, privExp, p, q, pExp, qExp, crtCoef);
-        byte[]              data = Hex.decode(edgeInput);
-
-        //
-        // RAW
-        //
-        AsymmetricBlockCipher   eng = new RSABlindedEngine();
-
-        eng.init(true, pubParameters);
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("RSA: failed - exception " + e.toString(), e);
-        }
-
-        eng.init(false, privParameters);
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        if (!edgeInput.equals(new String(Hex.encode(data))))
-        {
-            fail("failed RAW edge Test");
-        }
-
-        data = Hex.decode(input);
-
-        eng.init(true, pubParameters);
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        eng.init(false, privParameters);
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        if (!input.equals(new String(Hex.encode(data))))
-        {
-            fail("failed RAW Test");
-        }
-
-        //
-        // PKCS1 - public encrypt, private decrypt
-        //
-        eng = new PKCS1Encoding(eng);
-
-        eng.init(true, pubParameters);
-
-        if (eng.getOutputBlockSize() != ((PKCS1Encoding)eng).getUnderlyingCipher().getOutputBlockSize())
-        {
-            fail("PKCS1 output block size incorrect");
-        }
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        eng.init(false, privParameters);
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        if (!input.equals(new String(Hex.encode(data))))
-        {
-            fail("failed PKCS1 public/private Test");
-        }
-
-        //
-        // PKCS1 - private encrypt, public decrypt
-        //
-        eng = new PKCS1Encoding(((PKCS1Encoding)eng).getUnderlyingCipher());
-
-        eng.init(true, privParameters);
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        eng.init(false, pubParameters);
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        if (!input.equals(new String(Hex.encode(data))))
-        {
-            fail("failed PKCS1 private/public Test");
-        }
-
-        //
-        // key generation test
-        //
-        RSAKeyPairGenerator pGen = new RSAKeyPairGenerator();
-        RSAKeyGenerationParameters genParam = new RSAKeyGenerationParameters(
-                                            BigInteger.valueOf(0x11), new SecureRandom(), 768, 25);
-
-        pGen.init(genParam);
-
-        AsymmetricCipherKeyPair pair = pGen.generateKeyPair();
-
-        eng = new RSABlindedEngine();
-
-        if (((RSAKeyParameters)pair.getPublic()).getModulus().bitLength() < 768)
-        {
-            fail("failed key generation (768) length test");
-        }
-
-        eng.init(true, pair.getPublic());
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        eng.init(false, pair.getPrivate());
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        if (!input.equals(new String(Hex.encode(data))))
-        {
-            fail("failed key generation (768) Test");
-        }
-
-        genParam = new RSAKeyGenerationParameters(BigInteger.valueOf(0x11), new SecureRandom(), 1024, 25);
-
-        pGen.init(genParam);
-        pair = pGen.generateKeyPair();
-
-        eng.init(true, pair.getPublic());
-
-        if (((RSAKeyParameters)pair.getPublic()).getModulus().bitLength() < 1024)
-        {
-            fail("failed key generation (1024) length test");
-        }
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        eng.init(false, pair.getPrivate());
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        if (!input.equals(new String(Hex.encode(data))))
-        {
-            fail("failed key generation (1024) test");
-        }
-
-        testOAEP(pubParameters, privParameters);
-        testStrictPKCS1Length(pubParameters, privParameters);
-        testDudPKCS1Block(pubParameters, privParameters);
-        testMissingDataPKCS1Block(pubParameters, privParameters);
-        testTruncatedPKCS1Block(pubParameters, privParameters);
-        testWrongPaddingPKCS1Block(pubParameters, privParameters);
-
-        try
-        {
-            new RSABlindedEngine().processBlock(new byte[]{ 1 }, 0, 1);
-            fail("failed initialisation check");
-        }
-        catch (IllegalStateException e)
-        {
-            // expected
-        }
-    }
-
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new RSABlindedTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/RSADigestSignerTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/RSADigestSignerTest.java
deleted file mode 100644
index ab1392d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/RSADigestSignerTest.java
+++ /dev/null

@@ -1,82 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA224Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA384Digest;
-import org.bouncycastle.crypto.digests.SHA3Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.digests.SHA512tDigest;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
-import org.bouncycastle.crypto.signers.RSADigestSigner;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class RSADigestSignerTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "RSADigestSigner";
-    }
-
-    public void performTest() throws Exception
-    {
-        BigInteger rsaPubMod = new BigInteger(Base64.decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt"));
-        BigInteger rsaPubExp = new BigInteger(Base64.decode("EQ=="));
-        BigInteger rsaPrivMod = new BigInteger(Base64.decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt"));
-        BigInteger rsaPrivDP = new BigInteger(Base64.decode("JXzfzG5v+HtLJIZqYMUefJfFLu8DPuJGaLD6lI3cZ0babWZ/oPGoJa5iHpX4Ul/7l3s1PFsuy1GhzCdOdlfRcQ=="));
-        BigInteger rsaPrivDQ = new BigInteger(Base64.decode("YNdJhw3cn0gBoVmMIFRZzflPDNthBiWy/dUMSRfJCxoZjSnr1gysZHK01HteV1YYNGcwPdr3j4FbOfri5c6DUQ=="));
-        BigInteger rsaPrivExp = new BigInteger(Base64.decode("DxFAOhDajr00rBjqX+7nyZ/9sHWRCCp9WEN5wCsFiWVRPtdB+NeLcou7mWXwf1Y+8xNgmmh//fPV45G2dsyBeZbXeJwB7bzx9NMEAfedchyOwjR8PYdjK3NpTLKtZlEJ6Jkh4QihrXpZMO4fKZWUm9bid3+lmiq43FwW+Hof8/E="));
-        BigInteger rsaPrivP = new BigInteger(Base64.decode("AJ9StyTVW+AL/1s7RBtFwZGFBgd3zctBqzzwKPda6LbtIFDznmwDCqAlIQH9X14X7UPLokCDhuAa76OnDXb1OiE="));
-        BigInteger rsaPrivQ = new BigInteger(Base64.decode("AM3JfD79dNJ5A3beScSzPtWxx/tSLi0QHFtkuhtSizeXdkv5FSba7lVzwEOGKHmW829bRoNxThDy4ds1IihW1w0="));
-        BigInteger rsaPrivQinv = new BigInteger(Base64.decode("Lt0g7wrsNsQxuDdB8q/rH8fSFeBXMGLtCIqfOec1j7FEIuYA/ACiRDgXkHa0WgN7nLXSjHoy630wC5Toq8vvUg=="));
-        RSAKeyParameters rsaPublic = new RSAKeyParameters(false, rsaPubMod, rsaPubExp);
-        RSAPrivateCrtKeyParameters rsaPrivate = new RSAPrivateCrtKeyParameters(rsaPrivMod, rsaPubExp, rsaPrivExp, rsaPrivP, rsaPrivQ, rsaPrivDP, rsaPrivDQ, rsaPrivQinv);
-
-        checkDigest(rsaPublic, rsaPrivate, new SHA1Digest(), X509ObjectIdentifiers.id_SHA1);
-
-        checkDigest(rsaPublic, rsaPrivate, new SHA224Digest(), NISTObjectIdentifiers.id_sha224);
-        checkDigest(rsaPublic, rsaPrivate, new SHA256Digest(), NISTObjectIdentifiers.id_sha256);
-        checkDigest(rsaPublic, rsaPrivate, new SHA384Digest(), NISTObjectIdentifiers.id_sha384);
-        checkDigest(rsaPublic, rsaPrivate, new SHA512Digest(), NISTObjectIdentifiers.id_sha512);
-        checkDigest(rsaPublic, rsaPrivate, new SHA512tDigest(224), NISTObjectIdentifiers.id_sha512_224);
-        checkDigest(rsaPublic, rsaPrivate, new SHA512tDigest(256), NISTObjectIdentifiers.id_sha512_256);
-
-        checkDigest(rsaPublic, rsaPrivate, new SHA3Digest(224), NISTObjectIdentifiers.id_sha3_224);
-        checkDigest(rsaPublic, rsaPrivate, new SHA3Digest(256), NISTObjectIdentifiers.id_sha3_256);
-        checkDigest(rsaPublic, rsaPrivate, new SHA3Digest(384), NISTObjectIdentifiers.id_sha3_384);
-        checkDigest(rsaPublic, rsaPrivate, new SHA3Digest(512), NISTObjectIdentifiers.id_sha3_512);
-    }
-
-    private void checkDigest(RSAKeyParameters rsaPublic, RSAPrivateCrtKeyParameters rsaPrivate, Digest digest, ASN1ObjectIdentifier digOid)
-        throws Exception
-    {
-        byte[] msg = new byte[] { 1, 6, 3, 32, 7, 43, 2, 5, 7, 78, 4, 23 };
-
-        RSADigestSigner signer = new RSADigestSigner(digest);
-        signer.init(true, rsaPrivate);
-        signer.update(msg, 0, msg.length);
-        byte[] sig = signer.generateSignature();
-
-        signer = new RSADigestSigner(digest, digOid);
-        signer.init(false, rsaPublic);
-        signer.update(msg, 0, msg.length);
-        if (!signer.verifySignature(sig))
-        {
-            fail("RSA Digest Signer failed.");
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new RSADigestSignerTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/RSAKeyEncapsulationTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/RSAKeyEncapsulationTest.java
deleted file mode 100644
index 058f468..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/RSAKeyEncapsulationTest.java
+++ /dev/null

@@ -1,61 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.generators.KDF2BytesGenerator;
-import org.bouncycastle.crypto.generators.RSAKeyPairGenerator;
-import org.bouncycastle.crypto.kems.RSAKeyEncapsulation;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.RSAKeyGenerationParameters;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Tests for the RSA Key Encapsulation Mechanism
- */
-public class RSAKeyEncapsulationTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "RSAKeyEncapsulation";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        // Generate RSA key pair
-        RSAKeyPairGenerator        rsaGen = new RSAKeyPairGenerator();
-        rsaGen.init(new RSAKeyGenerationParameters(BigInteger.valueOf(65537), new SecureRandom(), 1024, 5));
-        AsymmetricCipherKeyPair    keys   = rsaGen.generateKeyPair();
-        
-        // Set RSA-KEM parameters
-        RSAKeyEncapsulation     kem;
-        KDF2BytesGenerator        kdf = new KDF2BytesGenerator(new SHA1Digest());
-        SecureRandom            rnd = new SecureRandom();
-        byte[]                    out = new byte[128];
-        KeyParameter            key1, key2;
-        
-        // Test RSA-KEM
-        kem = new RSAKeyEncapsulation(kdf, rnd);
-        
-        kem.init(keys.getPublic());
-        key1 = (KeyParameter)kem.encrypt(out, 128);
-        
-        kem.init(keys.getPrivate());
-        key2 = (KeyParameter)kem.decrypt(out, 128);
-
-        if (!areEqual(key1.getKey(), key2.getKey()))
-        {
-            fail("failed test");
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new RSAKeyEncapsulationTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/RSATest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/RSATest.java
deleted file mode 100644
index bc62770..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/RSATest.java
+++ /dev/null

@@ -1,670 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricBlockCipher;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.encodings.OAEPEncoding;
-import org.bouncycastle.crypto.encodings.PKCS1Encoding;
-import org.bouncycastle.crypto.engines.RSAEngine;
-import org.bouncycastle.crypto.generators.RSAKeyPairGenerator;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.params.RSAKeyGenerationParameters;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class RSATest
-    extends SimpleTest
-{
-    /*
-     * Based on https://github.com/crocs-muni/roca/blob/master/java/BrokenKey.java
-     * Credits: ported to Java by Martin Paljak
-     */
-    static class BrokenKey_CVE_2017_15361
-    {
-        private static final int[] prims = new int[]{ 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37, 41, 43, 47, 53, 59, 61,
-            67, 71, 73, 79, 83, 89, 97, 101, 103, 107, 109, 113, 127, 131, 137, 139, 149, 151, 157, 163, 167 };
-        private static final BigInteger[] primes = new BigInteger[prims.length];
-
-        static
-        {
-            for (int i = 0; i < prims.length; i++)
-            {
-                primes[i] = BigInteger.valueOf(prims[i]);
-            }
-        }
-
-        private static final BigInteger[] markers = new BigInteger[]
-        {
-            new BigInteger("6"),
-            new BigInteger("30"),
-            new BigInteger("126"),
-            new BigInteger("1026"),
-            new BigInteger("5658"),
-            new BigInteger("107286"),
-            new BigInteger("199410"),
-            new BigInteger("8388606"),
-            new BigInteger("536870910"),
-            new BigInteger("2147483646"),
-            new BigInteger("67109890"),
-            new BigInteger("2199023255550"),
-            new BigInteger("8796093022206"),
-            new BigInteger("140737488355326"),
-            new BigInteger("5310023542746834"),
-            new BigInteger("576460752303423486"),
-            new BigInteger("1455791217086302986"),
-            new BigInteger("147573952589676412926"),
-            new BigInteger("20052041432995567486"),
-            new BigInteger("6041388139249378920330"),
-            new BigInteger("207530445072488465666"),
-            new BigInteger("9671406556917033397649406"),
-            new BigInteger("618970019642690137449562110"),
-            new BigInteger("79228162521181866724264247298"),
-            new BigInteger("2535301200456458802993406410750"),
-            new BigInteger("1760368345969468176824550810518"),
-            new BigInteger("50079290986288516948354744811034"),
-            new BigInteger("473022961816146413042658758988474"),
-            new BigInteger("10384593717069655257060992658440190"),
-            new BigInteger("144390480366845522447407333004847678774"),
-            new BigInteger("2722258935367507707706996859454145691646"),
-            new BigInteger("174224571863520493293247799005065324265470"),
-            new BigInteger("696898287454081973172991196020261297061886"),
-            new BigInteger("713623846352979940529142984724747568191373310"),
-            new BigInteger("1800793591454480341970779146165214289059119882"),
-            new BigInteger("126304807362733370595828809000324029340048915994"),
-            new BigInteger("11692013098647223345629478661730264157247460343806"),
-            new BigInteger("187072209578355573530071658587684226515959365500926")
-        };
-
-        public static boolean isAffected(RSAKeyParameters publicKey)
-        {
-            BigInteger modulus = publicKey.getModulus();
-
-            for (int i = 0; i < primes.length; i++)
-            {
-                int remainder = modulus.remainder(primes[i]).intValue();
-                if (!markers[i].testBit(remainder))
-                {
-                    return false;
-                }
-            }
-
-            return true;
-        }
-    }
-
-    static BigInteger mod = new BigInteger("b259d2d6e627a768c94be36164c2d9fc79d97aab9253140e5bf17751197731d6f7540d2509e7b9ffee0a70a6e26d56e92d2edd7f85aba85600b69089f35f6bdbf3c298e05842535d9f064e6b0391cb7d306e0a2d20c4dfb4e7b49a9640bdea26c10ad69c3f05007ce2513cee44cfe01998e62b6c3637d3fc0391079b26ee36d5", 16);
-    static BigInteger pubExp = new BigInteger("11", 16);
-    static BigInteger privExp = new BigInteger("92e08f83cc9920746989ca5034dcb384a094fb9c5a6288fcc4304424ab8f56388f72652d8fafc65a4b9020896f2cde297080f2a540e7b7ce5af0b3446e1258d1dd7f245cf54124b4c6e17da21b90a0ebd22605e6f45c9f136d7a13eaac1c0f7487de8bd6d924972408ebb58af71e76fd7b012a8d0e165f3ae2e5077a8648e619", 16);
-    static BigInteger p = new BigInteger("f75e80839b9b9379f1cf1128f321639757dba514642c206bbbd99f9a4846208b3e93fbbe5e0527cc59b1d4b929d9555853004c7c8b30ee6a213c3d1bb7415d03", 16);
-    static BigInteger q = new BigInteger("b892d9ebdbfc37e397256dd8a5d3123534d1f03726284743ddc6be3a709edb696fc40c7d902ed804c6eee730eee3d5b20bf6bd8d87a296813c87d3b3cc9d7947", 16);
-    static BigInteger pExp = new BigInteger("1d1a2d3ca8e52068b3094d501c9a842fec37f54db16e9a67070a8b3f53cc03d4257ad252a1a640eadd603724d7bf3737914b544ae332eedf4f34436cac25ceb5", 16);
-    static BigInteger qExp = new BigInteger("6c929e4e81672fef49d9c825163fec97c4b7ba7acb26c0824638ac22605d7201c94625770984f78a56e6e25904fe7db407099cad9b14588841b94f5ab498dded", 16);
-    static BigInteger crtCoef = new BigInteger("dae7651ee69ad1d081ec5e7188ae126f6004ff39556bde90e0b870962fa7b926d070686d8244fe5a9aa709a95686a104614834b0ada4b10f53197a5cb4c97339", 16);
-
-    static String input = "4e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e";
-
-    //
-    // to check that we handling byte extension by big number correctly.
-    //
-    static String edgeInput = "ff6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e";
-
-    static byte[] oversizedSig = Hex.decode("01ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff004e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e");
-    static byte[] dudBlock = Hex.decode("000fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff004e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e");
-    static byte[] truncatedDataBlock = Hex.decode("0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff004e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e");
-    static byte[] incorrectPadding = Hex.decode("0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff4e6f77206973207468652074696d6520666f7220616c6c20676f6f64206d656e");
-    static byte[] missingDataBlock = Hex.decode("0001ffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffff");
-
-    public String getName()
-    {
-        return "RSA";
-    }
-
-    private void testStrictPKCS1Length(RSAKeyParameters pubParameters, RSAKeyParameters privParameters)
-    {
-        AsymmetricBlockCipher eng = new RSAEngine();
-
-        eng.init(true, privParameters);
-
-        byte[] data = null;
-        byte[] overSized = null;
-
-        try
-        {
-            overSized = data = eng.processBlock(oversizedSig, 0, oversizedSig.length);
-        }
-        catch (Exception e)
-        {
-            fail("RSA: failed - exception " + e.toString(), e);
-        }
-
-        eng = new PKCS1Encoding(eng);
-
-        eng.init(false, pubParameters);
-
-        try
-        {
-            data = eng.processBlock(overSized, 0, overSized.length);
-
-            fail("oversized signature block not recognised");
-        }
-        catch (InvalidCipherTextException e)
-        {
-            if (!e.getMessage().equals("block incorrect size"))
-            {
-                fail("RSA: failed - exception " + e.toString(), e);
-            }
-        }
-
-        eng = new PKCS1Encoding(new RSAEngine(), Hex.decode("feedbeeffeedbeeffeedbeef"));
-        eng.init(false, new ParametersWithRandom(privParameters, new SecureRandom()));
-
-        try
-        {
-            data = eng.processBlock(overSized, 0, overSized.length);
-            isTrue("not fallback", Arrays.areEqual(Hex.decode("feedbeeffeedbeeffeedbeef"), data));
-        }
-        catch (InvalidCipherTextException e)
-        {
-            fail("RSA: failed - exception " + e.toString(), e);
-        }
-
-        //System.setProperty(PKCS1Encoding.STRICT_LENGTH_ENABLED_PROPERTY, "false");
-
-        System.getProperties().put(PKCS1Encoding.NOT_STRICT_LENGTH_ENABLED_PROPERTY, "true");
-        eng = new PKCS1Encoding(new RSAEngine());
-
-        eng.init(false, pubParameters);
-
-        try
-        {
-            data = eng.processBlock(overSized, 0, overSized.length);
-        }
-        catch (InvalidCipherTextException e)
-        {
-            fail("RSA: failed - exception " + e.toString(), e);
-        }
-
-        System.getProperties().remove(PKCS1Encoding.NOT_STRICT_LENGTH_ENABLED_PROPERTY);
-    }
-
-    private void testTruncatedPKCS1Block(RSAKeyParameters pubParameters, RSAKeyParameters privParameters)
-    {
-        checkForPKCS1Exception(pubParameters, privParameters, truncatedDataBlock, "block incorrect");
-    }
-
-    private void testDudPKCS1Block(RSAKeyParameters pubParameters, RSAKeyParameters privParameters)
-    {
-        checkForPKCS1Exception(pubParameters, privParameters, dudBlock, "block incorrect");
-    }
-
-    private void testWrongPaddingPKCS1Block(RSAKeyParameters pubParameters, RSAKeyParameters privParameters)
-    {
-        checkForPKCS1Exception(pubParameters, privParameters, incorrectPadding, "block incorrect");
-    }
-
-    private void testMissingDataPKCS1Block(RSAKeyParameters pubParameters, RSAKeyParameters privParameters)
-    {
-        checkForPKCS1Exception(pubParameters, privParameters, missingDataBlock, "block incorrect");
-    }
-
-    private void checkForPKCS1Exception(RSAKeyParameters pubParameters, RSAKeyParameters privParameters, byte[] inputData, String expectedMessage)
-    {
-        AsymmetricBlockCipher eng = new RSAEngine();
-
-        eng.init(true, privParameters);
-
-        byte[] data = null;
-
-        try
-        {
-            data = eng.processBlock(inputData, 0, inputData.length);
-        }
-        catch (Exception e)
-        {
-            fail("RSA: failed - exception " + e.toString(), e);
-        }
-
-        eng = new PKCS1Encoding(eng);
-
-        eng.init(false, pubParameters);
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-
-            fail("missing data block not recognised");
-        }
-        catch (InvalidCipherTextException e)
-        {
-            if (!e.getMessage().equals(expectedMessage))
-            {
-                fail("RSA: failed - exception " + e.toString(), e);
-            }
-        }
-    }
-
-    private void testOAEP(RSAKeyParameters pubParameters, RSAKeyParameters privParameters)
-    {
-        //
-        // OAEP - public encrypt, private decrypt
-        //
-        AsymmetricBlockCipher eng = new OAEPEncoding(new RSAEngine());
-        byte[] data = Hex.decode(input);
-
-        eng.init(true, pubParameters);
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        eng.init(false, privParameters);
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        if (!input.equals(new String(Hex.encode(data))))
-        {
-            fail("failed OAEP Test");
-        }
-
-        // check for oversized input
-        byte[] message = new byte[87];
-        RSAEngine rsaEngine = new RSAEngine();
-        AsymmetricBlockCipher cipher = new OAEPEncoding(rsaEngine, new SHA1Digest(), new SHA1Digest(), message);
-        cipher.init(true, new ParametersWithRandom(pubParameters, new SecureRandom()));
-
-        try
-        {
-            cipher.processBlock(message, 0, message.length);
-
-            fail("no exception thrown");
-        }
-        catch (DataLengthException e)
-        {
-            isTrue("message mismatch", "input data too long".equals(e.getMessage()));
-        }
-        catch (InvalidCipherTextException e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-    }
-
-    private void zeroBlockTest(CipherParameters encParameters, CipherParameters decParameters)
-    {
-        AsymmetricBlockCipher eng = new PKCS1Encoding(new RSAEngine());
-
-        eng.init(true, encParameters);
-
-        if (eng.getOutputBlockSize() != ((PKCS1Encoding)eng).getUnderlyingCipher().getOutputBlockSize())
-        {
-            fail("PKCS1 output block size incorrect");
-        }
-
-        byte[] zero = new byte[0];
-        byte[] data = null;
-
-        try
-        {
-            data = eng.processBlock(zero, 0, zero.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        eng.init(false, decParameters);
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        if (!Arrays.areEqual(zero, data))
-        {
-            fail("failed PKCS1 zero Test");
-        }
-    }
-
-    private void test_CVE_2017_15361()
-    {
-        SecureRandom random = new SecureRandom();
-        RSAKeyPairGenerator pGen = new RSAKeyPairGenerator();
-        BigInteger e = BigInteger.valueOf(0x11);
-
-        for (int strength = 512; strength <= 2048; strength += 32)
-        {
-            pGen.init(new RSAKeyGenerationParameters(
-                e, random, strength, 100));
-
-            RSAKeyParameters pubKey = (RSAKeyParameters)pGen.generateKeyPair().getPublic();
-
-            if (BrokenKey_CVE_2017_15361.isAffected(pubKey))
-            {
-                fail("failed CVE-2017-15361 vulnerability test for generated RSA key");
-            }
-        }
-    }
-
-    public void performTest()
-    {
-        RSAKeyParameters pubParameters = new RSAKeyParameters(false, mod, pubExp);
-        RSAKeyParameters privParameters = new RSAPrivateCrtKeyParameters(mod, pubExp, privExp, p, q, pExp, qExp, crtCoef);
-        byte[] data = Hex.decode(edgeInput);
-
-        //
-        // RAW
-        //
-        AsymmetricBlockCipher eng = new RSAEngine();
-
-        eng.init(true, pubParameters);
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("RSA: failed - exception " + e.toString(), e);
-        }
-
-        eng.init(false, privParameters);
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        if (!edgeInput.equals(new String(Hex.encode(data))))
-        {
-            fail("failed RAW edge Test");
-        }
-
-        data = Hex.decode(input);
-
-        eng.init(true, pubParameters);
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        eng.init(false, privParameters);
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        if (!input.equals(new String(Hex.encode(data))))
-        {
-            fail("failed RAW Test");
-        }
-
-        //
-        // PKCS1 - public encrypt, private decrypt
-        //
-        eng = new PKCS1Encoding(eng);
-
-        eng.init(true, pubParameters);
-
-        if (eng.getOutputBlockSize() != ((PKCS1Encoding)eng).getUnderlyingCipher().getOutputBlockSize())
-        {
-            fail("PKCS1 output block size incorrect");
-        }
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        eng.init(false, privParameters);
-
-        byte[] plainData = null;
-        try
-        {
-            plainData = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        if (!input.equals(Hex.toHexString(plainData)))
-        {
-            fail("failed PKCS1 public/private Test");
-        }
-
-        PKCS1Encoding fEng = new PKCS1Encoding(new RSAEngine(), input.length() / 2);
-        fEng.init(false, new ParametersWithRandom(privParameters, new SecureRandom()));
-        try
-        {
-            plainData = fEng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        if (!input.equals(Hex.toHexString(plainData)))
-        {
-            fail("failed PKCS1 public/private fixed Test");
-        }
-
-        fEng = new PKCS1Encoding(new RSAEngine(), input.length());
-        fEng.init(false, new ParametersWithRandom(privParameters, new SecureRandom()));
-        try
-        {
-            data = fEng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        if (input.equals(Hex.toHexString(data)))
-        {
-            fail("failed to recognise incorrect plaint text length");
-        }
-
-        data = plainData;
-
-        //
-        // PKCS1 - private encrypt, public decrypt
-        //
-        eng = new PKCS1Encoding(((PKCS1Encoding)eng).getUnderlyingCipher());
-
-        eng.init(true, privParameters);
-
-        try
-        {
-            data = eng.processBlock(plainData, 0, plainData.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        eng.init(false, pubParameters);
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        if (!input.equals(Hex.toHexString(data)))
-        {
-            fail("failed PKCS1 private/public Test");
-        }
-
-        zeroBlockTest(pubParameters, privParameters);
-        zeroBlockTest(privParameters, pubParameters);
-
-        //
-        // key generation test
-        //
-        RSAKeyPairGenerator pGen = new RSAKeyPairGenerator();
-        RSAKeyGenerationParameters genParam = new RSAKeyGenerationParameters(
-            BigInteger.valueOf(0x11), new SecureRandom(), 768, 25);
-
-        pGen.init(genParam);
-
-        AsymmetricCipherKeyPair pair = pGen.generateKeyPair();
-
-        eng = new RSAEngine();
-
-        if (((RSAKeyParameters)pair.getPublic()).getModulus().bitLength() < 768)
-        {
-            fail("failed key generation (768) length test");
-        }
-
-        eng.init(true, pair.getPublic());
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        eng.init(false, pair.getPrivate());
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        if (!input.equals(new String(Hex.encode(data))))
-        {
-            fail("failed key generation (768) Test");
-        }
-
-        genParam = new RSAKeyGenerationParameters(BigInteger.valueOf(0x11), new SecureRandom(), 1024, 25);
-
-        pGen.init(genParam);
-        pair = pGen.generateKeyPair();
-
-        eng.init(true, pair.getPublic());
-
-        if (((RSAKeyParameters)pair.getPublic()).getModulus().bitLength() < 1024)
-        {
-            fail("failed key generation (1024) length test");
-        }
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        eng.init(false, pair.getPrivate());
-
-        try
-        {
-            data = eng.processBlock(data, 0, data.length);
-        }
-        catch (Exception e)
-        {
-            fail("failed - exception " + e.toString(), e);
-        }
-
-        if (!input.equals(new String(Hex.encode(data))))
-        {
-            fail("failed key generation (1024) test");
-        }
-
-        genParam = new RSAKeyGenerationParameters(
-            BigInteger.valueOf(0x11), new SecureRandom(), 128, 25);
-        pGen.init(genParam);
-
-        for (int i = 0; i < 100; ++i)
-        {
-            pair = pGen.generateKeyPair();
-            RSAPrivateCrtKeyParameters privKey = (RSAPrivateCrtKeyParameters)pair.getPrivate();
-            BigInteger pqDiff = privKey.getP().subtract(privKey.getQ()).abs();
-
-            if (pqDiff.bitLength() < 42)
-            {
-                fail("P and Q too close in RSA key pair");
-            }
-        }
-
-        testOAEP(pubParameters, privParameters);
-        testStrictPKCS1Length(pubParameters, privParameters);
-        testDudPKCS1Block(pubParameters, privParameters);
-        testMissingDataPKCS1Block(pubParameters, privParameters);
-        testTruncatedPKCS1Block(pubParameters, privParameters);
-        testWrongPaddingPKCS1Block(pubParameters, privParameters);
-        test_CVE_2017_15361();
-
-        try
-        {
-            new RSAEngine().processBlock(new byte[]{1}, 0, 1);
-            fail("failed initialisation check");
-        }
-        catch (IllegalStateException e)
-        {
-            // expected
-        }
-    }
-
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new RSATest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/RegressionTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/RegressionTest.java
deleted file mode 100644
index 98a859e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/RegressionTest.java
+++ /dev/null

@@ -1,186 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-public class RegressionTest
-{
-    public static Test[] tests =
-        {
-            new AESTest(),
-            new AESLightTest(),
-            new AESFastTest(),
-            new AESWrapTest(),
-            new AESWrapPadTest(),
-            new ARIATest(),
-            new DESTest(),
-            new DESedeTest(),
-            new ModeTest(),
-            new PaddingTest(),
-            new DHTest(),
-            new ElGamalTest(),
-            new DSATest(),
-            new ECTest(),
-            new DeterministicDSATest(),
-            new GOST3410Test(),
-            new ECGOST3410Test(),
-            new ECIESTest(),
-            new ECNRTest(),
-            new MacTest(),
-            new GOST28147MacTest(),
-            new RC2Test(),
-            new RC2WrapTest(),
-            new RC4Test(),
-            new RC5Test(),
-            new RC6Test(),
-            new RijndaelTest(),
-            new SerpentTest(),
-            new TnepresTest(),
-            new CamelliaTest(),
-            new CamelliaLightTest(),
-            new DigestRandomNumberTest(),
-            new SkipjackTest(),
-            new BlowfishTest(),
-            new TwofishTest(),
-            new Threefish256Test(),
-            new Threefish512Test(),
-            new Threefish1024Test(),
-            new SkeinDigestTest(),
-            new SkeinMacTest(),
-            new CAST5Test(),
-            new CAST6Test(),
-            new GOST28147Test(),
-            new IDEATest(),
-            new RSATest(),
-            new RSABlindedTest(),
-            new RSADigestSignerTest(),
-            new PSSBlindTest(),
-            new ISO9796Test(),
-            new ISO9797Alg3MacTest(),
-            new MD2DigestTest(),
-            new MD4DigestTest(),
-            new MD5DigestTest(),
-            new SHA1DigestTest(),
-            new SHA224DigestTest(),
-            new SHA256DigestTest(),
-            new SHA384DigestTest(),
-            new SHA512DigestTest(),
-            new SHA512t224DigestTest(),
-            new SHA512t256DigestTest(),
-            new SHA3DigestTest(),
-            new RIPEMD128DigestTest(),
-            new RIPEMD160DigestTest(),
-            new RIPEMD256DigestTest(),
-            new RIPEMD320DigestTest(),
-            new TigerDigestTest(),
-            new GOST3411DigestTest(),
-            new GOST3411_2012_256DigestTest(),
-            new GOST3411_2012_512DigestTest(),
-            new WhirlpoolDigestTest(),
-            new MD5HMacTest(),
-            new SHA1HMacTest(),
-            new SHA224HMacTest(),
-            new SHA256HMacTest(),
-            new SHA384HMacTest(),
-            new SHA512HMacTest(),
-            new RIPEMD128HMacTest(),
-            new RIPEMD160HMacTest(),
-            new OAEPTest(),
-            new PSSTest(),
-            new CTSTest(),
-            new NISTCTSTest(),
-            new CCMTest(),
-            new PKCS5Test(),
-            new PKCS12Test(),
-            new KDF1GeneratorTest(),
-            new KDF2GeneratorTest(),
-            new MGF1GeneratorTest(),
-            new HKDFGeneratorTest(),
-            new DHKEKGeneratorTest(),
-            new ECDHKEKGeneratorTest(),
-            new ShortenedDigestTest(),
-            new EqualsHashCodeTest(),
-            new TEATest(),
-            new XTEATest(),
-            new RFC3211WrapTest(),
-            new SEEDTest(),
-            new Salsa20Test(),
-            new XSalsa20Test(),
-            new ChaChaTest(),
-            new CMacTest(),
-            new EAXTest(),
-            new GCMTest(),
-            new GMacTest(),
-            new HCFamilyTest(),
-            new HCFamilyVecTest(),
-            new ISAACTest(),
-            new NoekeonTest(),
-            new VMPCKSA3Test(),
-            new VMPCMacTest(),
-            new VMPCTest(),
-            new Grainv1Test(),
-            new Grain128Test(),
-            //new NaccacheSternTest(),
-            new SRP6Test(),
-            new SCryptTest(),
-            new ResetTest(),
-            new NullTest(),
-            new DSTU4145Test(),
-            new SipHashTest(),
-            new Poly1305Test(),
-            new OCBTest(),
-            new NonMemoableDigestTest(),
-            new RSAKeyEncapsulationTest(),
-            new ECIESKeyEncapsulationTest(),
-            new HashCommitmentTest(),
-            new CipherStreamTest(),
-            new BlockCipherResetTest(),
-            new StreamCipherResetTest(),
-            new SM3DigestTest(),
-            new Shacal2Test(),
-            new KDFCounterGeneratorTest(),
-            new KDFDoublePipelineIteratorGeneratorTest(),
-            new KDFFeedbackGeneratorTest(),
-            new CramerShoupTest(),
-            new BCryptTest(),
-            new OpenBSDBCryptTest(),
-            new X931SignerTest(),
-            new Blake2bDigestTest(),
-            new Blake2sDigestTest(),
-            new KeccakDigestTest(),
-            new SHAKEDigestTest(),
-            new SM2EngineTest(),
-            new SM2KeyExchangeTest(),
-            new SM2SignerTest(),
-            new SM4Test(),
-            new DSTU7624Test(),
-            new DSTU7564Test(),
-            new IsoTrailerTest(),
-            new GOST3412Test(),
-            new GOST3412MacTest(),
-            new GSKKDFTest(),
-            new X25519Test(),
-            new X448Test(),
-            new Ed25519Test(),
-            new Ed448Test(),
-            new CSHAKETest(),
-            new Argon2Test(),
-            new OpenSSHKeyParsingTests()
-        };
-
-    public static void main(
-        String[] args)
-    {
-        for (int i = 0; i != tests.length; i++)
-        {
-            TestResult result = tests[i].perform();
-
-            if (result.getException() != null)
-            {
-                result.getException().printStackTrace();
-            }
-
-            System.out.println(result);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/ResetTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/ResetTest.java
deleted file mode 100644
index efd0e06..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/ResetTest.java
+++ /dev/null

@@ -1,99 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.engines.DESEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class ResetTest
-    extends SimpleTest
-{
-    private static final byte[]   input = Hex.decode("4e6f77206973207468652074696d6520666f7220616c6c20");
-    private static final byte[]   output = Hex.decode("3fa40e8a984d48156a271787ab8883f9893d51ec4b563b53");
-    public String getName()
-    {
-        return "Reset";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        BufferedBlockCipher cipher = new BufferedBlockCipher(new DESEngine());
-
-        KeyParameter param = new KeyParameter(Hex.decode("0123456789abcdef"));
-
-        basicTrial(cipher, param);
-
-        cipher.init(false, param);
-
-        byte[] out = new byte[input.length];
-        
-        int len2 = cipher.processBytes(output, 0, output.length - 1, out, 0);
-
-        try
-        {
-            cipher.doFinal(out, len2);
-            fail("no DataLengthException - short input");
-        }
-        catch (DataLengthException e)
-        {
-            // ignore
-        }
-
-        len2 = cipher.processBytes(output, 0, output.length, out, 0);
-
-        cipher.doFinal(out, len2);
-
-        if (!areEqual(input, out))
-        {
-            fail("failed reversal one got " + new String(Hex.encode(out)));
-        }
-
-        len2 = cipher.processBytes(output, 0, output.length - 1, out, 0);
-
-        try
-        {
-            cipher.doFinal(out, len2);
-            fail("no DataLengthException - short output");
-        }
-        catch (DataLengthException e)
-        {
-            // ignore
-        }
-
-        len2 = cipher.processBytes(output, 0, output.length, out, 0);
-
-        cipher.doFinal(out, len2);
-
-        if (!areEqual(input, out))
-        {
-            fail("failed reversal two got " + new String(Hex.encode(out)));
-        }
-    }
-
-    private void basicTrial(BufferedBlockCipher cipher, KeyParameter param)
-        throws InvalidCipherTextException
-    {
-        cipher.init(true, param);
-
-        byte[]  out = new byte[input.length];
-
-        int len1 = cipher.processBytes(input, 0, input.length, out, 0);
-
-        cipher.doFinal(out, len1);
-
-        if (!areEqual(out, output))
-        {
-            fail("failed - " + "expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(out)));
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new ResetTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/RijndaelTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/RijndaelTest.java
deleted file mode 100644
index ca81dfb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/RijndaelTest.java
+++ /dev/null

@@ -1,116 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.engines.RijndaelEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Test vectors from the NIST standard tests and Brian Gladman's vector set
- * <a href="http://fp.gladman.plus.com/cryptography_technology/rijndael/">
- * http://fp.gladman.plus.com/cryptography_technology/rijndael/</a>
- */
-public class RijndaelTest
-    extends CipherTest
-{
-    static SimpleTest[]  tests = 
-            {
-                new BlockCipherVectorTest(0, new RijndaelEngine(128),
-                        new KeyParameter(Hex.decode("80000000000000000000000000000000")),
-                        "00000000000000000000000000000000", "0EDD33D3C621E546455BD8BA1418BEC8"),
-                new BlockCipherVectorTest(1, new RijndaelEngine(128),
-                        new KeyParameter(Hex.decode("00000000000000000000000000000080")),
-                        "00000000000000000000000000000000", "172AEAB3D507678ECAF455C12587ADB7"),
-                new BlockCipherMonteCarloTest(2, 10000, new RijndaelEngine(128),
-                        new KeyParameter(Hex.decode("00000000000000000000000000000000")),
-                        "00000000000000000000000000000000", "C34C052CC0DA8D73451AFE5F03BE297F"),
-                new BlockCipherMonteCarloTest(3, 10000, new RijndaelEngine(128),
-                        new KeyParameter(Hex.decode("5F060D3716B345C253F6749ABAC10917")),
-                        "355F697E8B868B65B25A04E18D782AFA", "ACC863637868E3E068D2FD6E3508454A"),
-                new BlockCipherVectorTest(4, new RijndaelEngine(128),
-                        new KeyParameter(Hex.decode("000000000000000000000000000000000000000000000000")),
-                        "80000000000000000000000000000000", "6CD02513E8D4DC986B4AFE087A60BD0C"),
-                new BlockCipherMonteCarloTest(5, 10000, new RijndaelEngine(128),
-                        new KeyParameter(Hex.decode("AAFE47EE82411A2BF3F6752AE8D7831138F041560631B114")),
-                        "F3F6752AE8D7831138F041560631B114", "77BA00ED5412DFF27C8ED91F3C376172"),
-                new BlockCipherVectorTest(6, new RijndaelEngine(128),
-                        new KeyParameter(Hex.decode("0000000000000000000000000000000000000000000000000000000000000000")),
-                        "80000000000000000000000000000000", "DDC6BF790C15760D8D9AEB6F9A75FD4E"),
-                new BlockCipherMonteCarloTest(7, 10000, new RijndaelEngine(128),
-                        new KeyParameter(Hex.decode("28E79E2AFC5F7745FCCABE2F6257C2EF4C4EDFB37324814ED4137C288711A386")),
-                        "C737317FE0846F132B23C8C2A672CE22", "E58B82BFBA53C0040DC610C642121168"),
-                new BlockCipherVectorTest(8, new RijndaelEngine(160),
-                        new KeyParameter(Hex.decode("2b7e151628aed2a6abf7158809cf4f3c")),
-                        "3243f6a8885a308d313198a2e03707344a409382", "16e73aec921314c29df905432bc8968ab64b1f51"),
-                new BlockCipherVectorTest(8, new RijndaelEngine(160),
-                        new KeyParameter(Hex.decode("2b7e151628aed2a6abf7158809cf4f3c762e7160")),
-                        "3243f6a8885a308d313198a2e03707344a409382", "0553eb691670dd8a5a5b5addf1aa7450f7a0e587"),
-                new BlockCipherVectorTest(8, new RijndaelEngine(160),
-                        new KeyParameter(Hex.decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da5")),
-                        "3243f6a8885a308d313198a2e03707344a409382", "73cd6f3423036790463aa9e19cfcde894ea16623"),
-                new BlockCipherVectorTest(8, new RijndaelEngine(160),
-                        new KeyParameter(Hex.decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da56a784d90")),
-                        "3243f6a8885a308d313198a2e03707344a409382", "601b5dcd1cf4ece954c740445340bf0afdc048df"),
-                new BlockCipherVectorTest(8, new RijndaelEngine(160),
-                        new KeyParameter(Hex.decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da56a784d9045190cfe")),
-                        "3243f6a8885a308d313198a2e03707344a409382", "579e930b36c1529aa3e86628bacfe146942882cf"),
-                new BlockCipherVectorTest(8, new RijndaelEngine(192),
-                        new KeyParameter(Hex.decode("2b7e151628aed2a6abf7158809cf4f3c")),
-                        "3243f6a8885a308d313198a2e03707344a4093822299f31d", "b24d275489e82bb8f7375e0d5fcdb1f481757c538b65148a"),
-                new BlockCipherVectorTest(9, new RijndaelEngine(192),
-                        new KeyParameter(Hex.decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da5")),
-                        "3243f6a8885a308d313198a2e03707344a4093822299f31d", "725ae43b5f3161de806a7c93e0bca93c967ec1ae1b71e1cf"),
-                new BlockCipherVectorTest(10, new RijndaelEngine(192),
-                        new KeyParameter(Hex.decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da56a784d90")),
-                        "3243f6a8885a308d313198a2e03707344a4093822299f31d", "bbfc14180afbf6a36382a061843f0b63e769acdc98769130"),
-                new BlockCipherVectorTest(11, new RijndaelEngine(192),
-                        new KeyParameter(Hex.decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da56a784d9045190cfe")),
-                        "3243f6a8885a308d313198a2e03707344a4093822299f31d", "0ebacf199e3315c2e34b24fcc7c46ef4388aa475d66c194c"),
-                new BlockCipherVectorTest(12, new RijndaelEngine(224),
-                        new KeyParameter(Hex.decode("2b7e151628aed2a6abf7158809cf4f3c")),
-                        "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa9", "b0a8f78f6b3c66213f792ffd2a61631f79331407a5e5c8d3793aceb1"),
-                new BlockCipherVectorTest(13, new RijndaelEngine(224),
-                        new KeyParameter(Hex.decode("2b7e151628aed2a6abf7158809cf4f3c762e7160")),
-                        "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa9", "08b99944edfce33a2acb131183ab0168446b2d15e958480010f545e3"),
-                new BlockCipherVectorTest(14, new RijndaelEngine(224),
-                        new KeyParameter(Hex.decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da5")),
-                        "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa9", "be4c597d8f7efe22a2f7e5b1938e2564d452a5bfe72399c7af1101e2"),
-                new BlockCipherVectorTest(15, new RijndaelEngine(224),
-                        new KeyParameter(Hex.decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da56a784d90")),
-                        "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa9", "ef529598ecbce297811b49bbed2c33bbe1241d6e1a833dbe119569e8"),
-                new BlockCipherVectorTest(16, new RijndaelEngine(224),
-                        new KeyParameter(Hex.decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da56a784d9045190cfe")),
-                        "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa9", "02fafc200176ed05deb8edb82a3555b0b10d47a388dfd59cab2f6c11"),
-                new BlockCipherVectorTest(17, new RijndaelEngine(256),
-                        new KeyParameter(Hex.decode("2b7e151628aed2a6abf7158809cf4f3c")),
-                        "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa98ec4e6c8", "7d15479076b69a46ffb3b3beae97ad8313f622f67fedb487de9f06b9ed9c8f19"),
-                new BlockCipherVectorTest(18, new RijndaelEngine(256),
-                        new KeyParameter(Hex.decode("2b7e151628aed2a6abf7158809cf4f3c762e7160")),
-                        "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa98ec4e6c8", "514f93fb296b5ad16aa7df8b577abcbd484decacccc7fb1f18dc567309ceeffd"),
-                new BlockCipherVectorTest(19, new RijndaelEngine(256),
-                        new KeyParameter(Hex.decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da5")),
-                        "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa98ec4e6c8", "5d7101727bb25781bf6715b0e6955282b9610e23a43c2eb062699f0ebf5887b2"),
-                new BlockCipherVectorTest(20, new RijndaelEngine(256),
-                        new KeyParameter(Hex.decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da56a784d90")),
-                        "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa98ec4e6c8", "d56c5a63627432579e1dd308b2c8f157b40a4bfb56fea1377b25d3ed3d6dbf80"),
-                new BlockCipherVectorTest(21, new RijndaelEngine(256),
-                        new KeyParameter(Hex.decode("2b7e151628aed2a6abf7158809cf4f3c762e7160f38b4da56a784d9045190cfe")),
-                        "3243f6a8885a308d313198a2e03707344a4093822299f31d0082efa98ec4e6c8", "a49406115dfb30a40418aafa4869b7c6a886ff31602a7dd19c889dc64f7e4e7a")
-            };
-
-    RijndaelTest()
-    {
-        super(tests, new RijndaelEngine(128), new KeyParameter(new byte[16]));
-    }
-
-    public String getName()
-    {
-        return "Rijndael";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new RijndaelTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SCryptTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SCryptTest.java
deleted file mode 100644
index 9e547e5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SCryptTest.java
+++ /dev/null

@@ -1,146 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.io.BufferedReader;
-import java.io.InputStreamReader;
-
-import org.bouncycastle.crypto.generators.SCrypt;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/*
- * scrypt test vectors from "Stronger Key Derivation Via Sequential Memory-hard Functions" Appendix B.
- * (http://www.tarsnap.com/scrypt/scrypt.pdf)
- */
-public class SCryptTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "SCrypt";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        testParameters();
-        testVectors();
-    }
-
-    public void testParameters()
-    {
-        checkOK("Minimal values", new byte[0], new byte[0], 2, 1, 1, 1);
-        checkIllegal("Cost parameter must be > 1", new byte[0], new byte[0], 1, 1, 1, 1);
-        checkOK("Cost parameter 32768 OK for r == 1", new byte[0], new byte[0], 32768, 1, 1, 1);
-        checkIllegal("Cost parameter must < 65536 for r == 1", new byte[0], new byte[0], 65536, 1, 1, 1);
-        checkIllegal("Block size must be >= 1", new byte[0], new byte[0], 2, 0, 2, 1);
-        checkIllegal("Parallelisation parameter must be >= 1", new byte[0], new byte[0], 2, 1, 0, 1);
-        // checkOK("Parallelisation parameter 65535 OK for r = 4", new byte[0], new byte[0], 2, 32,
-        // 65535, 1);
-        checkIllegal("Parallelisation parameter must be < 65535 for r = 4", new byte[0], new byte[0], 2, 32, 65536, 1);
-
-        checkIllegal("Len parameter must be > 1", new byte[0], new byte[0], 2, 1, 1, 0);
-    }
-
-    private void checkOK(String msg, byte[] pass, byte[] salt, int N, int r, int p, int len)
-    {
-        try
-        {
-            SCrypt.generate(pass, salt, N, r, p, len);
-        }
-        catch (IllegalArgumentException e)
-        {
-            e.printStackTrace();
-            fail(msg);
-        }
-    }
-
-    private void checkIllegal(String msg, byte[] pass, byte[] salt, int N, int r, int p, int len)
-    {
-        try
-        {
-            SCrypt.generate(pass, salt, N, r, p, len);
-            fail(msg);
-        }
-        catch (IllegalArgumentException e)
-        {
-            // e.printStackTrace();
-        }
-    }
-
-    public void testVectors()
-        throws Exception
-    {
-        BufferedReader br = new BufferedReader(new InputStreamReader(
-            getClass().getResourceAsStream("SCryptTestVectors.txt")));
-
-        int count = 0;
-        String line = br.readLine();
-
-        while (line != null)
-        {
-            ++count;
-            String header = line;
-            StringBuffer data = new StringBuffer();
-
-            while (!isEndData(line = br.readLine()))
-            {
-                for (int i = 0; i != line.length(); i++)
-                {
-                    if (line.charAt(i) != ' ')
-                    {
-                        data.append(line.charAt(i));
-                    }
-                }
-            }
-
-            int start = header.indexOf('(') + 1;
-            int limit = header.lastIndexOf(')');
-            String argStr = header.substring(start, limit);
-            String[] args = Strings.split(argStr, ',');
-
-            byte[] P = extractQuotedString(args[0]);
-            byte[] S = extractQuotedString(args[1]);
-            int N = extractInteger(args[2]);
-            int r = extractInteger(args[3]);
-            int p = extractInteger(args[4]);
-            int dkLen = extractInteger(args[5]);
-            byte[] expected = Hex.decode(data.toString());
-
-            // This skips very expensive test case(s), remove check to re-enable
-            if (N <= 16384)
-            {
-                byte[] result = SCrypt.generate(P, S, N, r, p, dkLen);
-
-                if (!areEqual(expected, result))
-                {
-                    fail("Result does not match expected value in test case " + count);
-                }
-            }
-        }
-
-        br.close();
-    }
-
-    private static boolean isEndData(String line)
-    {
-        return line == null || line.startsWith("scrypt");
-    }
-
-    private static byte[] extractQuotedString(String arg)
-    {
-        arg = arg.trim();
-        arg = arg.substring(1, arg.length() - 1);
-        return Strings.toByteArray(arg);
-    }
-
-    private static int extractInteger(String arg)
-    {
-        return Integer.parseInt(arg.trim());
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new SCryptTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SEEDTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SEEDTest.java
deleted file mode 100644
index 4aa955b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SEEDTest.java
+++ /dev/null

@@ -1,53 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.engines.SEEDEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * SEED tester - vectors http://www.ietf.org/rfc/rfc4009.txt
- */
-public class SEEDTest
-    extends CipherTest
-{
-    static SimpleTest[]  tests =
-    {
-        new BlockCipherVectorTest(0, new SEEDEngine(),
-            new KeyParameter(Hex.decode("00000000000000000000000000000000")),
-            "000102030405060708090a0b0c0d0e0f",
-            "5EBAC6E0054E166819AFF1CC6D346CDB"),
-        new BlockCipherVectorTest(0, new SEEDEngine(),
-            new KeyParameter(Hex.decode("000102030405060708090a0b0c0d0e0f")),
-            "00000000000000000000000000000000",
-            "c11f22f20140505084483597e4370f43"),
-        new BlockCipherVectorTest(0, new SEEDEngine(),
-            new KeyParameter(Hex.decode("4706480851E61BE85D74BFB3FD956185")),
-            "83A2F8A288641FB9A4E9A5CC2F131C7D",
-            "EE54D13EBCAE706D226BC3142CD40D4A"),
-        new BlockCipherVectorTest(0, new SEEDEngine(),
-            new KeyParameter(Hex.decode("28DBC3BC49FFD87DCFA509B11D422BE7")),
-            "B41E6BE2EBA84A148E2EED84593C5EC7",
-            "9B9B7BFCD1813CB95D0B3618F40F5122"),
-        new BlockCipherVectorTest(0, new SEEDEngine(),
-            new KeyParameter(Hex.decode("0E0E0E0E0E0E0E0E0E0E0E0E0E0E0E0E")),
-            "0E0E0E0E0E0E0E0E0E0E0E0E0E0E0E0E",
-            "8296F2F1B007AB9D533FDEE35A9AD850"),
-    };
-
-    SEEDTest()
-    {
-        super(tests, new SEEDEngine(), new KeyParameter(new byte[16]));
-    }
-
-    public String getName()
-    {
-        return "SEED";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new SEEDTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA1DigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA1DigestTest.java
deleted file mode 100644
index 38b9b80..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA1DigestTest.java
+++ /dev/null

@@ -1,48 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-
-/**
- * standard vector test for SHA-1 from "Handbook of Applied Cryptography", page 345.
- */
-public class SHA1DigestTest
-    extends DigestTest
-{
-    private static String[] messages =
-    {
-         "",
-         "a",
-         "abc",
-         "abcdefghijklmnopqrstuvwxyz"
-    };
-    
-    private static String[] digests =
-    {
-        "da39a3ee5e6b4b0d3255bfef95601890afd80709",
-        "86f7e437faa5a7fce15d1ddcb9eaeaea377667b8",
-        "a9993e364706816aba3e25717850c26c9cd0d89d",
-        "32d10c7b8cf96570ca04ce37f2a19d84240d3a89"
-    };
-    
-    SHA1DigestTest()
-    {
-        super(new SHA1Digest(), messages, digests);
-    }
-
-    protected Digest cloneDigest(Digest digest)
-    {
-        return new SHA1Digest((SHA1Digest)digest);
-    }
-
-    protected Digest cloneDigest(byte[] encodedState)
-    {
-        return new SHA1Digest(encodedState);
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new SHA1DigestTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA1HMacTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA1HMacTest.java
deleted file mode 100644
index 72a5fdc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA1HMacTest.java
+++ /dev/null

@@ -1,111 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-/**
- * SHA1 HMac Test, test vectors from RFC 2202
- */
-public class SHA1HMacTest
-    implements Test
-{
-    final static String[] keys = {
-        "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
-        "4a656665",
-        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
-        "0102030405060708090a0b0c0d0e0f10111213141516171819",
-        "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
-        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
-        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
-        "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F"
-    };
-
-    final static String[] digests = {
-        "b617318655057264e28bc0b6fb378c8ef146be00",
-        "effcdf6ae5eb2fa2d27416d5f184df9c259a7c79",
-        "125d7342b9ac11cd91a39af48aa17b4f63f175d3",
-        "4c9007f4026250c6bc8414f9bf50c86c2d7235da",
-        "4c1a03424b55e07fe7f27be1d58bb9324a9a5a04",
-        "aa4ae5e15272d00e95705637ce8a3b55ed402112",
-        "e8e99d0f45237d786d6bbaa7965c7808bbff1a91",
-        "5FD596EE78D5553C8FF4E72D266DFD192366DA29"
-    };
-
-    final static String[] messages = {
-        "Hi There",
-        "what do ya want for nothing?",
-        "0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd",
-        "0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd",
-        "Test With Truncation",
-        "Test Using Larger Than Block-Size Key - Hash Key First",
-        "Test Using Larger Than Block-Size Key and Larger Than One Block-Size Data",
-        "Sample message for keylen=blocklen"
-    };
-        
-    public String getName()
-    {
-        return "SHA1HMac";
-    }
-
-    public TestResult perform()
-    {
-        HMac hmac = new HMac(new SHA1Digest());
-        byte[] resBuf = new byte[hmac.getMacSize()];
-
-        for (int i = 0; i < messages.length; i++)
-        {
-            byte[] m = messages[i].getBytes();
-            if (messages[i].startsWith("0x"))
-            {
-                m = Hex.decode(messages[i].substring(2));
-            }
-            hmac.init(new KeyParameter(Hex.decode(keys[i])));
-            hmac.update(m, 0, m.length);
-            hmac.doFinal(resBuf, 0);
-
-            if (!Arrays.areEqual(resBuf, Hex.decode(digests[i])))
-            {
-                return new SimpleTestResult(false, getName() + ": Vector " + i + " failed");
-            }
-        }
-
-        //
-        // test reset
-        //
-        int vector = 0; // vector used for test
-        byte[] m = messages[vector].getBytes();
-        if (messages[vector].startsWith("0x"))
-        {
-            m = Hex.decode(messages[vector].substring(2));
-        }
-        hmac.init(new KeyParameter(Hex.decode(keys[vector])));
-        hmac.update(m, 0, m.length);
-        hmac.doFinal(resBuf, 0);
-        hmac.reset();
-        hmac.update(m, 0, m.length);
-        hmac.doFinal(resBuf, 0);
-
-        if (!Arrays.areEqual(resBuf, Hex.decode(digests[vector])))
-        {
-            return new SimpleTestResult(false, getName() +
-                    "Reset with vector " + vector + " failed");
-        }
-
-        return new SimpleTestResult(true, getName() + ": Okay");
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        SHA1HMacTest    test = new SHA1HMacTest();
-        TestResult      result = test.perform();
-
-        System.out.println(result);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA224DigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA224DigestTest.java
deleted file mode 100644
index d14f87d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA224DigestTest.java
+++ /dev/null

@@ -1,59 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA224Digest;
-
-/**
- * standard vector test for SHA-224 from RFC 3874 - only the last three are in
- * the RFC.
- */
-public class SHA224DigestTest
-    extends DigestTest
-{
-    private static String[] messages =
-    {
-        "",
-        "a",
-        "abc",
-        "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
-    };
-    
-    private static String[] digests =
-    {
-        "d14a028c2a3a2bc9476102bb288234c415a2b01f828ea62ac5b3e42f",
-        "abd37534c7d9a2efb9465de931cd7055ffdb8879563ae98078d6d6d5",
-        "23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7",
-        "75388b16512776cc5dba5da1fd890150b0c6455cb4f58b1952522525"
-    };
-    
-    // 1 million 'a'
-    static private String  million_a_digest = "20794655980c91d8bbb4c1ea97618a4bf03f42581948b2ee4ee7ad67";
-
-    SHA224DigestTest()
-    {
-        super(new SHA224Digest(), messages, digests);
-    }
-
-    public void performTest()
-    {
-        super.performTest();
-
-        millionATest(million_a_digest);
-    }
-
-    protected Digest cloneDigest(Digest digest)
-    {
-        return new SHA224Digest((SHA224Digest)digest);
-    }
-
-    protected Digest cloneDigest(byte[] encodedState)
-    {
-        return new SHA224Digest(encodedState);
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new SHA224DigestTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA224HMacTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA224HMacTest.java
deleted file mode 100644
index 52abb16..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA224HMacTest.java
+++ /dev/null

@@ -1,108 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.digests.SHA224Digest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-/**
- * SHA224 HMac Test
- */
-public class SHA224HMacTest
-    implements Test
-{
-    final static String[] keys = {
-        "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
-        "4a656665",
-        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
-        "0102030405060708090a0b0c0d0e0f10111213141516171819",
-        "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
-        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
-        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-    };
-
-    final static String[] digests = {
-        "896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22",
-        "a30e01098bc6dbbf45690f3a7e9e6d0f8bbea2a39e6148008fd05e44",
-        "7fb3cb3588c6c1f6ffa9694d7d6ad2649365b0c1f65d69d1ec8333ea",
-        "6c11506874013cac6a2abc1bb382627cec6a90d86efc012de7afec5a",
-        "0e2aea68a90c8d37c988bcdb9fca6fa8099cd857c7ec4a1815cac54c",
-        "95e9a0db962095adaebe9b2d6f0dbce2d499f112f2d2b7273fa6870e",
-        "3a854166ac5d9f023f54d517d0b39dbd946770db9c2b95c9f6f565d1"
-    };
-
-    final static String[] messages = {
-        "Hi There",
-        "what do ya want for nothing?",
-        "0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd",
-        "0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd",
-        "Test With Truncation",
-        "Test Using Larger Than Block-Size Key - Hash Key First",
-        "This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm."
-    };
-
-    public String getName()
-    {
-        return "SHA224HMac";
-    }
-
-    public TestResult perform()
-    {
-        HMac hmac = new HMac(new SHA224Digest());
-        byte[] resBuf = new byte[hmac.getMacSize()];
-
-        for (int i = 0; i < messages.length; i++)
-        {
-            byte[] m = messages[i].getBytes();
-            if (messages[i].startsWith("0x"))
-            {
-                m = Hex.decode(messages[i].substring(2));
-            }
-            hmac.init(new KeyParameter(Hex.decode(keys[i])));
-            hmac.update(m, 0, m.length);
-            hmac.doFinal(resBuf, 0);
-
-            if (!Arrays.areEqual(resBuf, Hex.decode(digests[i])))
-            {
-                return new SimpleTestResult(false, getName() + ": Vector " + i + " failed got -" + new String(Hex.encode(resBuf)));
-            }
-        }
-
-        //
-        // test reset
-        //
-        int vector = 0; // vector used for test
-        byte[] m = messages[vector].getBytes();
-        if (messages[vector].startsWith("0x"))
-        {
-            m = Hex.decode(messages[vector].substring(2));
-        }
-        hmac.init(new KeyParameter(Hex.decode(keys[vector])));
-        hmac.update(m, 0, m.length);
-        hmac.doFinal(resBuf, 0);
-        hmac.reset();
-        hmac.update(m, 0, m.length);
-        hmac.doFinal(resBuf, 0);
-
-        if (!Arrays.areEqual(resBuf, Hex.decode(digests[vector])))
-        {
-            return new SimpleTestResult(false, getName() +
-                    "Reset with vector " + vector + " failed");
-        }
-
-        return new SimpleTestResult(true, getName() + ": Okay");
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        SHA224HMacTest    test = new SHA224HMacTest();
-        TestResult      result = test.perform();
-
-        System.out.println(result);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA256DigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA256DigestTest.java
deleted file mode 100644
index 8a35ce4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA256DigestTest.java
+++ /dev/null

@@ -1,60 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-
-/**
- * standard vector test for SHA-256 from FIPS Draft 180-2.
- *
- * Note, the first two vectors are _not_ from the draft, the last three are.
- */
-public class SHA256DigestTest
-    extends DigestTest
-{
-    private static String[] messages =
-    {
-        "",
-        "a",
-        "abc",
-        "abcdbcdecdefdefgefghfghighijhijkijkljklmklmnlmnomnopnopq"
-    };
-    
-    private static String[] digests =
-    {
-        "e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855",
-        "ca978112ca1bbdcafac231b39a23dc4da786eff8147c4e72b9807785afee48bb",
-        "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad",
-        "248d6a61d20638b8e5c026930c3e6039a33ce45964ff2167f6ecedd419db06c1"
-    };
-    
-    // 1 million 'a'
-    static private String  million_a_digest = "cdc76e5c9914fb9281a1c7e284d73e67f1809a48a497200e046d39ccc7112cd0";
-
-    SHA256DigestTest()
-    {
-        super(new SHA256Digest(), messages, digests);
-    }
-
-    public void performTest()
-    {
-        super.performTest();
-
-        millionATest(million_a_digest);
-    }
-
-    protected Digest cloneDigest(Digest digest)
-    {
-        return new SHA256Digest((SHA256Digest)digest);
-    }
-
-    protected Digest cloneDigest(byte[] encodedState)
-    {
-        return new SHA256Digest(encodedState);
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new SHA256DigestTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA256HMacTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA256HMacTest.java
deleted file mode 100644
index 82ab1dc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA256HMacTest.java
+++ /dev/null

@@ -1,108 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-/**
- * SHA256 HMac Test
- */
-public class SHA256HMacTest
-    implements Test
-{
-    final static String[] keys = {
-        "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
-        "4a656665",
-        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
-        "0102030405060708090a0b0c0d0e0f10111213141516171819",
-        "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
-        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
-        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-    };
-
-    final static String[] digests = {
-        "b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7",
-        "5bdcc146bf60754e6a042426089575c75a003f089d2739839dec58b964ec3843",
-        "773ea91e36800e46854db8ebd09181a72959098b3ef8c122d9635514ced565fe",
-        "82558a389a443c0ea4cc819899f2083a85f0faa3e578f8077a2e3ff46729665b",
-        "a3b6167473100ee06e0c796c2955552bfa6f7c0a6a8aef8b93f860aab0cd20c5",
-        "60e431591ee0b67f0d8a26aacbf5b77f8e0bc6213728c5140546040f0ee37f54",
-        "9b09ffa71b942fcb27635fbcd5b0e944bfdc63644f0713938a7f51535c3a35e2"
-    };
-
-    final static String[] messages = {
-        "Hi There",
-        "what do ya want for nothing?",
-        "0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd",
-        "0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd",
-        "Test With Truncation",
-        "Test Using Larger Than Block-Size Key - Hash Key First",
-        "This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm."
-    };
-  
-    public String getName()
-    {
-        return "SHA256HMac";
-    }
-
-    public TestResult perform()
-    {
-        HMac hmac = new HMac(new SHA256Digest());
-        byte[] resBuf = new byte[hmac.getMacSize()];
-
-        for (int i = 0; i < messages.length; i++)
-        {
-            byte[] m = messages[i].getBytes();
-            if (messages[i].startsWith("0x"))
-            {
-                m = Hex.decode(messages[i].substring(2));
-            }
-            hmac.init(new KeyParameter(Hex.decode(keys[i])));
-            hmac.update(m, 0, m.length);
-            hmac.doFinal(resBuf, 0);
-
-            if (!Arrays.areEqual(resBuf, Hex.decode(digests[i])))
-            {
-                return new SimpleTestResult(false, getName() + ": Vector " + i + " failed got -" + new String(Hex.encode(resBuf)));
-            }
-        }
-
-        //
-        // test reset
-        //
-        int vector = 0; // vector used for test
-        byte[] m = messages[vector].getBytes();
-        if (messages[vector].startsWith("0x"))
-        {
-            m = Hex.decode(messages[vector].substring(2));
-        }
-        hmac.init(new KeyParameter(Hex.decode(keys[vector])));
-        hmac.update(m, 0, m.length);
-        hmac.doFinal(resBuf, 0);
-        hmac.reset();
-        hmac.update(m, 0, m.length);
-        hmac.doFinal(resBuf, 0);
-
-        if (!Arrays.areEqual(resBuf, Hex.decode(digests[vector])))
-        {
-            return new SimpleTestResult(false, getName() +
-                    "Reset with vector " + vector + " failed");
-        }
-
-        return new SimpleTestResult(true, getName() + ": Okay");
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        SHA256HMacTest    test = new SHA256HMacTest();
-        TestResult      result = test.perform();
-
-        System.out.println(result);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA384DigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA384DigestTest.java
deleted file mode 100644
index 7b5f149..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA384DigestTest.java
+++ /dev/null

@@ -1,59 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA384Digest;
-
-/**
- * standard vector test for SHA-384 from FIPS Draft 180-2.
- *
- * Note, the first two vectors are _not_ from the draft, the last three are.
- */
-public class SHA384DigestTest
-    extends DigestTest
-{
-    private static String[] messages =
-    {
-        "",
-        "a",
-        "abc",
-        "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
-    };
-
-    private static String[] digests =
-    {
-        "38b060a751ac96384cd9327eb1b1e36a21fdb71114be07434c0cc7bf63f6e1da274edebfe76f65fbd51ad2f14898b95b",
-        "54a59b9f22b0b80880d8427e548b7c23abd873486e1f035dce9cd697e85175033caa88e6d57bc35efae0b5afd3145f31",
-        "cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e7cc2358baeca134c825a7",
-        "09330c33f71147e83d192fc782cd1b4753111b173b3b05d22fa08086e3b0f712fcc7c71a557e2db966c3e9fa91746039"
-    };
-
-    static private String  million_a_digest = "9d0e1809716474cb086e834e310a4a1ced149e9c00f248527972cec5704c2a5b07b8b3dc38ecc4ebae97ddd87f3d8985";
-
-    SHA384DigestTest()
-    {
-        super(new SHA384Digest(), messages, digests);
-    }
-
-    public void performTest()
-    {
-        super.performTest();
-
-        millionATest(million_a_digest);
-    }
-
-    protected Digest cloneDigest(Digest digest)
-    {
-        return new SHA384Digest((SHA384Digest)digest);
-    }
-
-    protected Digest cloneDigest(byte[] encodedState)
-    {
-        return new SHA384Digest(encodedState);
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new SHA384DigestTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA384HMacTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA384HMacTest.java
deleted file mode 100644
index fe903a3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA384HMacTest.java
+++ /dev/null

@@ -1,108 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.digests.SHA384Digest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-/**
- * SHA384 HMac Test
- */
-public class SHA384HMacTest
-    implements Test
-{
-    final static String[] keys = {
-        "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
-        "4a656665",
-        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
-        "0102030405060708090a0b0c0d0e0f10111213141516171819",
-        "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
-        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
-        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-    };
-
-    final static String[] digests = {
-        "afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6",
-        "af45d2e376484031617f78d2b58a6b1b9c7ef464f5a01b47e42ec3736322445e8e2240ca5e69e2c78b3239ecfab21649",
-        "88062608d3e6ad8a0aa2ace014c8a86f0aa635d947ac9febe83ef4e55966144b2a5ab39dc13814b94e3ab6e101a34f27",
-        "3e8a69b7783c25851933ab6290af6ca77a9981480850009cc5577c6e1f573b4e6801dd23c4a7d679ccf8a386c674cffb",
-        "3abf34c3503b2a23a46efc619baef897f4c8e42c934ce55ccbae9740fcbc1af4ca62269e2a37cd88ba926341efe4aeea",
-        "4ece084485813e9088d2c63a041bc5b44f9ef1012a2b588f3cd11f05033ac4c60c2ef6ab4030fe8296248df163f44952",
-        "6617178e941f020d351e2f254e8fd32c602420feb0b8fb9adccebb82461e99c5a678cc31e799176d3860e6110c46523e"
-    };
-
-    final static String[] messages = {
-        "Hi There",
-        "what do ya want for nothing?",
-        "0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd",
-        "0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd",
-        "Test With Truncation",
-        "Test Using Larger Than Block-Size Key - Hash Key First",
-        "This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm."
-    };
-   
-    public String getName()
-    {
-        return "SHA384HMac";
-    }
-
-    public TestResult perform()
-    {
-        HMac hmac = new HMac(new SHA384Digest());
-        byte[] resBuf = new byte[hmac.getMacSize()];
-
-        for (int i = 0; i < messages.length; i++)
-        {
-            byte[] m = messages[i].getBytes();
-            if (messages[i].startsWith("0x"))
-            {
-                m = Hex.decode(messages[i].substring(2));
-            }
-            hmac.init(new KeyParameter(Hex.decode(keys[i])));
-            hmac.update(m, 0, m.length);
-            hmac.doFinal(resBuf, 0);
-
-            if (!Arrays.areEqual(resBuf, Hex.decode(digests[i])))
-            {
-                return new SimpleTestResult(false, getName() + ": Vector " + i + " failed got -" + new String(Hex.encode(resBuf)));
-            }
-        }
-
-        //
-        // test reset
-        //
-        int vector = 0; // vector used for test
-        byte[] m = messages[vector].getBytes();
-        if (messages[vector].startsWith("0x"))
-        {
-            m = Hex.decode(messages[vector].substring(2));
-        }
-        hmac.init(new KeyParameter(Hex.decode(keys[vector])));
-        hmac.update(m, 0, m.length);
-        hmac.doFinal(resBuf, 0);
-        hmac.reset();
-        hmac.update(m, 0, m.length);
-        hmac.doFinal(resBuf, 0);
-
-        if (!Arrays.areEqual(resBuf, Hex.decode(digests[vector])))
-        {
-            return new SimpleTestResult(false, getName() +
-                    "Reset with vector " + vector + " failed");
-        }
-
-        return new SimpleTestResult(true, getName() + ": Okay");
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        SHA384HMacTest    test = new SHA384HMacTest();
-        TestResult      result = test.perform();
-
-        System.out.println(result);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA3DigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA3DigestTest.java
deleted file mode 100644
index 91474cd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA3DigestTest.java
+++ /dev/null

@@ -1,301 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.io.BufferedReader;
-import java.io.EOFException;
-import java.io.IOException;
-import java.io.InputStreamReader;
-import java.util.ArrayList;
-import java.util.List;
-
-import org.bouncycastle.crypto.digests.SHA3Digest;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * SHA3 Digest Test
- */
-public class SHA3DigestTest
-    extends SimpleTest
-{
-    static class MySHA3Digest extends SHA3Digest
-    {
-        MySHA3Digest(int bitLength)
-        {
-            super(bitLength);
-        }
-
-        int myDoFinal(byte[] out, int outOff, byte partialByte, int partialBits)
-        {
-            return doFinal(out, outOff, partialByte, partialBits);
-        }
-    }
-
-    SHA3DigestTest()
-    {
-    }
-
-    public String getName()
-    {
-        return "SHA-3";
-    }
-
-    public void performTest() throws Exception
-    {
-        testVectors();
-    }
-
-    public void testVectors() throws Exception
-    {
-        BufferedReader r = new BufferedReader(new InputStreamReader(
-            getClass().getResourceAsStream("SHA3TestVectors.txt")));
-
-        String line;
-        while (null != (line = readLine(r)))
-        {
-            if (line.length() != 0)
-            {
-                TestVector v = readTestVector(r, line);
-                runTestVector(v);
-            }
-        }
-
-        r.close();
-    }
-
-    private MySHA3Digest createDigest(String algorithm) throws Exception
-    {
-        if (algorithm.startsWith("SHA3-"))
-        {
-            int bits = parseDecimal(algorithm.substring("SHA3-".length()));
-            return new MySHA3Digest(bits);
-        }
-        throw new IllegalArgumentException("Unknown algorithm: " + algorithm);
-    }
-
-    private byte[] decodeBinary(String block)
-    {
-        int bits = block.length();
-        int fullBytes = bits / 8;
-        int totalBytes = (bits + 7) / 8;
-        byte[] result = new byte[totalBytes];
-
-        for (int i = 0; i < fullBytes; ++i)
-        {
-            String byteStr = reverse(block.substring(i * 8, (i + 1) * 8));
-            result[i] = (byte)parseBinary(byteStr);
-        }
-
-        if (totalBytes > fullBytes)
-        {
-            String byteStr = reverse(block.substring(fullBytes * 8));
-            result[fullBytes] = (byte)parseBinary(byteStr);
-        }
-
-        return result;
-    }
-
-    private int parseBinary(String s)
-    {
-        return Integer.parseInt(s, 2);
-    }
-
-    private int parseDecimal(String s)
-    {
-        return Integer.parseInt(s);
-    }
-
-    private String readBlock(BufferedReader r) throws IOException
-    {
-        StringBuffer b = new StringBuffer();
-        String line;
-        while ((line = readBlockLine(r)) != null)
-        {
-            b.append(line);
-        }
-        return b.toString();
-    }
-
-    private String readBlockLine(BufferedReader r) throws IOException
-    {
-        String line = readLine(r);
-        if (line == null || line.length() == 0)
-        {
-            return null;
-        }
-
-        char[] chars = line.toCharArray();
-
-        int pos = 0;
-        for (int i = 0; i != chars.length; i++)
-        {
-            if (chars[i] != ' ')
-            {
-                chars[pos++] = chars[i];
-            }
-        }
-
-        return new String(chars, 0, pos);
-    }
-
-    private TestVector readTestVector(BufferedReader r, String header) throws IOException
-    {
-        String[] parts = splitAround(header, TestVector.SAMPLE_OF);
-
-        String algorithm = parts[0];
-        int bits = parseDecimal(stripFromChar(parts[1], '-'));
-
-        skipUntil(r, TestVector.MSG_HEADER);
-        String messageBlock = readBlock(r);
-        if (messageBlock.length() != bits)
-        {
-            throw new IllegalStateException("Test vector length mismatch");
-        }
-        byte[] message = decodeBinary(messageBlock);
-
-        skipUntil(r, TestVector.HASH_HEADER);
-        byte[] hash = Hex.decode(readBlock(r));
-
-        return new TestVector(algorithm, bits, message, hash);
-    }
-
-    private String readLine(BufferedReader r) throws IOException
-    {
-        String line = r.readLine();
-        return line == null ? null : stripFromChar(line, '#').trim();
-    }
-
-    private String requireLine(BufferedReader r) throws IOException
-    {
-        String line = readLine(r);
-        if (line == null)
-        {
-            throw new EOFException();
-        }
-        return line;
-    }
-
-    private String reverse(String s)
-    {
-        return new StringBuffer(s).reverse().toString();
-    }
-
-    private void runTestVector(TestVector v) throws Exception
-    {
-        int bits = v.getBits();
-        int partialBits = bits % 8;
-
-//        System.out.println(v.getAlgorithm() + " " + bits + "-bit");
-//        System.out.println(Hex.toHexString(v.getMessage()).toUpperCase());
-//        System.out.println(Hex.toHexString(v.getHash()).toUpperCase());
-
-        MySHA3Digest d = createDigest(v.getAlgorithm());
-        byte[] output = new byte[d.getDigestSize()];
-
-        byte[] m = v.getMessage();
-        if (partialBits == 0)
-        {
-            d.update(m, 0, m.length);
-            d.doFinal(output, 0);
-        }
-        else
-        {
-            d.update(m, 0, m.length - 1);
-            d.myDoFinal(output, 0, m[m.length - 1], partialBits);
-        }
-
-        if (!Arrays.areEqual(v.getHash(), output))
-        {
-            fail(v.getAlgorithm() + " " + v.getBits() + "-bit test vector hash mismatch");
-//            System.err.println(v.getAlgorithm() + " " + v.getBits() + "-bit test vector hash mismatch");
-//            System.err.println(Hex.toHexString(output).toUpperCase());
-        }
-    }
-
-    private void skipUntil(BufferedReader r, String header) throws IOException
-    {
-        String line;
-        do
-        {
-            line = requireLine(r);
-        }
-        while (line.length() == 0);
-        if (!line.equals(header))
-        {
-            throw new IOException("Expected: " + header);
-        }
-    }
-
-    private String[] splitAround(String s, String separator)
-    {
-        List strings = new ArrayList();
-
-        String remaining = s;
-        int index;
-
-        while ((index = remaining.indexOf(separator)) > 0)
-        {
-            strings.add(remaining.substring(0, index));
-            remaining = remaining.substring(index + separator.length());
-        }
-        strings.add(remaining);
-
-        return (String[])strings.toArray(new String[strings.size()]);
-    }
-
-    private String stripFromChar(String s, char c)
-    {
-        int i = s.indexOf(c);
-        if (i >= 0)
-        {
-            s = s.substring(0, i);
-        }
-        return s;
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new SHA3DigestTest());
-    }
-
-    private static class TestVector
-    {
-        private static String SAMPLE_OF = " sample of ";
-        private static String MSG_HEADER = "Msg as bit string";
-        private static String HASH_HEADER = "Hash val is";
-
-        private String algorithm;
-        private int bits;
-        private byte[] message;
-        private byte[] hash;
-
-        private TestVector(String algorithm, int bits, byte[] message, byte[] hash)
-        {
-            this.algorithm = algorithm;
-            this.bits = bits;
-            this.message = message;
-            this.hash = hash;
-        }
-
-        public String getAlgorithm()
-        {
-            return algorithm;
-        }
-
-        public int getBits()
-        {
-            return bits;
-        }
-        
-        public byte[] getMessage()
-        {
-            return message;
-        }
-
-        public byte[] getHash()
-        {
-            return hash;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA3HMacTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA3HMacTest.java
deleted file mode 100644
index 836cde3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA3HMacTest.java
+++ /dev/null

@@ -1,335 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.digests.SHA3Digest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestResult;
-
-/**
- * SHA224 HMac Test
- */
-public class SHA3HMacTest
-    extends SimpleTest
-{
-    final static String[][] sha3_224 =
-        {
-            {
-                "000102030405060708090a0b0c0d0e0f101112131415161718191a1b",
-                "53616d706c65206d65737361676520666f72206b65796c656e3c626c6f636b6c656e",
-                "332cfd59347fdb8e576e77260be4aba2d6dc53117b3bfb52c6d18c04"
-            },
-            {
-                "00010203 04050607 08090a0b 0c0d0e0f" +
-                    "10111213 14151617 18191a1b 1c1d1e1f" +
-                    "20212223 24252627 28292a2b 2c2d2e2f" +
-                    "30313233 34353637 38393a3b 3c3d3e3f" +
-                    "40414243 44454647 48494a4b 4c4d4e4f" +
-                    "50515253 54555657 58595a5b 5c5d5e5f" +
-                    "60616263 64656667 68696a6b 6c6d6e6f" +
-                    "70717273 74757677 78797a7b 7c7d7e7f" +
-                    "80818283 84858687 88898a8b 8c8d8e8f",
-                "53616d70 6c65206d 65737361 67652066" +
-                    "6f72206b 65796c65 6e3d626c 6f636b6c" +
-                    "656e",
-                "d8b733bc f66c644a 12323d56 4e24dcf3" +
-                    "fc75f231 f3b67968 359100c7"
-
-            },
-            {
-                "00010203 04050607 08090a0b 0c0d0e0f" +
-                    "10111213 14151617 18191a1b 1c1d1e1f" +
-                    "20212223 24252627 28292a2b 2c2d2e2f" +
-                    "30313233 34353637 38393a3b 3c3d3e3f" +
-                    "40414243 44454647 48494a4b 4c4d4e4f" +
-                    "50515253 54555657 58595a5b 5c5d5e5f" +
-                    "60616263 64656667 68696a6b 6c6d6e6f" +
-                    "70717273 74757677 78797a7b 7c7d7e7f" +
-                    "80818283 84858687 88898a8b 8c8d8e8f" +
-                    "90919293 94959697 98999a9b 9c9d9e9f" +
-                    "a0a1a2a3 a4a5a6a7 a8a9aaab",
-                "53616d70 6c65206d 65737361 67652066" +
-                    "6f72206b 65796c65 6e3e626c 6f636b6c" +
-                    "656e",
-                "078695ee cc227c63 6ad31d06 3a15dd05" +
-                    "a7e819a6 6ec6d8de 1e193e59"
-            },
-            {
-                "00010203 04050607 08090a0b 0c0d0e0f" +
-                    "10111213 14151617 18191a1b",
-                "53616d70 6c65206d 65737361 67652066" +
-                    "6f72206b 65796c65 6e3c626c 6f636b6c" +
-                    "656e2c20 77697468 20747275 6e636174" +
-                    "65642074 6167",
-                "8569c54c bb00a9b7 8ff1b391 b0e5"
-            },
-            {
-                "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
-                "4869205468657265",
-                "3b16546bbc7be2706a031dcafd56373d9884367641d8c59af3c860f7"
-            }
-        };
-
-    final static String[][] sha3_256 =
-        {
-            {
-                "00010203 04050607 08090a0b 0c0d0e0f" +
-                    "10111213 14151617 18191a1b 1c1d1e1f",
-                "53616d70 6c65206d 65737361 67652066" +
-                    "6f72206b 65796c65 6e3c626c 6f636b6c" +
-                    "656e",
-                "4fe8e202 c4f058e8 dddc23d8 c34e4673" +
-                    "43e23555 e24fc2f0 25d598f5 58f67205"
-            },
-            {
-               "00010203 04050607 08090a0b 0c0d0e0f" +
-                   "10111213 14151617 18191a1b 1c1d1e1f" +
-                   "20212223 24252627 28292a2b 2c2d2e2f" +
-                   "30313233 34353637 38393a3b 3c3d3e3f" +
-                   "40414243 44454647 48494a4b 4c4d4e4f" +
-                   "50515253 54555657 58595a5b 5c5d5e5f" +
-                   "60616263 64656667 68696a6b 6c6d6e6f" +
-                   "70717273 74757677 78797a7b 7c7d7e7f" +
-                   "80818283 84858687",
-                "53616d70 6c65206d 65737361 67652066" +
-                    "6f72206b 65796c65 6e3d626c 6f636b6c" +
-                    "656e",
-                "68b94e2e 538a9be4 103bebb5 aa016d47" +
-                    "961d4d1a a9060613 13b557f8 af2c3faa"
-            },
-            {
-                "00010203 04050607 08090a0b 0c0d0e0f" +
-                    "10111213 14151617 18191a1b 1c1d1e1f" +
-                    "20212223 24252627 28292a2b 2c2d2e2f" +
-                    "30313233 34353637 38393a3b 3c3d3e3f" +
-                    "40414243 44454647 48494a4b 4c4d4e4f" +
-                    "50515253 54555657 58595a5b 5c5d5e5f" +
-                    "60616263 64656667 68696a6b 6c6d6e6f" +
-                    "70717273 74757677 78797a7b 7c7d7e7f" +
-                    "80818283 84858687 88898a8b 8c8d8e8f" +
-                    "90919293 94959697 98999a9b 9c9d9e9f" +
-                    "a0a1a2a3 a4a5a6a7",
-                "53616d70 6c65206d 65737361 67652066" +
-                    "6f72206b 65796c65 6e3e626c 6f636b6c" +
-                    "656e",
-                "9bcf2c23 8e235c3c e88404e8 13bd2f3a" +
-                    "97185ac6 f238c63d 6229a00b 07974258"
-            },
-            {
-                "00010203 04050607 08090a0b 0c0d0e0f" +
-                    "10111213 14151617 18191a1b 1c1d1e1f",
-                "53616d70 6c65206d 65737361 67652066" +
-                    "6f72206b 65796c65 6e3c626c 6f636b6c" +
-                    "656e2c20 77697468 20747275 6e636174" +
-                    "65642074 6167",
-                "c8dc7148 d8c1423a a549105d afdf9cad"
-            },
-            {
-                "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
-                "4869205468657265",
-                "ba85192310dffa96e2a3a40e69774351140bb7185e1202cdcc917589f95e16bb"
-            }
-        };
-
-    final static String[][] sha3_384 = {
-        {
-              "00010203 04050607 08090a0b 0c0d0e0f" +
-                  "10111213 14151617 18191a1b 1c1d1e1f" +
-                  "20212223 24252627 28292a2b 2c2d2e2f",
-             "53616d70 6c65206d 65737361 67652066" +
-                 "6f72206b 65796c65 6e3c626c 6f636b6c" +
-                 "656e",
-            "d588a3c5 1f3f2d90 6e8298c1 199aa8ff" +
-                "62962181 27f6b38a 90b6afe2 c5617725" +
-                "bc99987f 79b22a55 7b6520db 710b7f42"
-        },
-        {
-            "00010203 04050607 08090a0b 0c0d0e0f" +
-                "10111213 14151617 18191a1b 1c1d1e1f" +
-                "20212223 24252627 28292a2b 2c2d2e2f" +
-                "30313233 34353637 38393a3b 3c3d3e3f" +
-                "40414243 44454647 48494a4b 4c4d4e4f" +
-                "50515253 54555657 58595a5b 5c5d5e5f" +
-                "60616263 64656667",
-            "53616d70 6c65206d 65737361 67652066" +
-                "6f72206b 65796c65 6e3d626c 6f636b6c" +
-                "656e",
-            "a27d24b5 92e8c8cb f6d4ce6f c5bf62d8" +
-                "fc98bf2d 486640d9 eb8099e2 4047837f" +
-                "5f3bffbe 92dcce90 b4ed5b1e 7e44fa90"
-        },
-        {
-            "00010203 04050607 08090a0b 0c0d0e0f" +
-                "10111213 14151617 18191a1b 1c1d1e1f" +
-                "20212223 24252627 28292a2b 2c2d2e2f" +
-                "30313233 34353637 38393a3b 3c3d3e3f" +
-                "40414243 44454647 48494a4b 4c4d4e4f" +
-                "50515253 54555657 58595a5b 5c5d5e5f" +
-                "60616263 64656667 68696a6b 6c6d6e6f" +
-                "70717273 74757677 78797a7b 7c7d7e7f" +
-                "80818283 84858687 88898a8b 8c8d8e8f" +
-                "90919293 94959697",
-            "53616d70 6c65206d 65737361 67652066" +
-                "6f72206b 65796c65 6e3e626c 6f636b6c" +
-                "656e",
-            "e5ae4c73 9f455279 368ebf36 d4f5354c" +
-                "95aa184c 899d3870 e460ebc2 88ef1f94" +
-                "70053f73 f7c6da2a 71bcaec3 8ce7d6ac"
-        },
-        {
-            "00010203 04050607 08090a0b 0c0d0e0f" +
-                "10111213 14151617 18191a1b 1c1d1e1f" +
-                "20212223 24252627 28292a2b 2c2d2e2f",
-            "53616d70 6c65206d 65737361 67652066" +
-                "6f72206b 65796c65 6e3c626c 6f636b6c" +
-                "656e2c20 77697468 20747275 6e636174" +
-                "65642074 6167",
-            "25f4bf53 606e91af 79d24a4b b1fd6aec" +
-                "d44414a3 0c8ebb0a"
-        },
-        {
-            "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
-            "4869205468657265",
-            "68d2dcf7fd4ddd0a2240c8a437305f61fb7334cfb5d0226e1bc27dc10a2e723a20d370b47743130e26ac7e3d532886bd"
-        }
-    };
-
-    final static String[][] sha3_512 = {
-        {
-            "00010203 04050607 08090a0b 0c0d0e0f" +
-                "10111213 14151617 18191a1b 1c1d1e1f" +
-                "20212223 24252627 28292a2b 2c2d2e2f" +
-                "30313233 34353637 38393a3b 3c3d3e3f",
-            "53616d70 6c65206d 65737361 67652066" +
-                "6f72206b 65796c65 6e3c626c 6f636b6c" +
-                "656e",
-            "4efd629d 6c71bf86 162658f2 9943b1c3" +
-                "08ce27cd fa6db0d9 c3ce8176 3f9cbce5" +
-                "f7ebe986 8031db1a 8f8eb7b6 b95e5c5e" +
-                "3f657a89 96c86a2f 6527e307 f0213196"
-        },
-        {
-            "00010203 04050607 08090a0b 0c0d0e0f" +
-                "10111213 14151617 18191a1b 1c1d1e1f" +
-                "20212223 24252627 28292a2b 2c2d2e2f" +
-                "30313233 34353637 38393a3b 3c3d3e3f" +
-                "40414243 44454647",
-            "53616d70 6c65206d 65737361 67652066" +
-                "6f72206b 65796c65 6e3d626c 6f636b6c" +
-                "656e",
-            "544e257e a2a3e5ea 19a590e6 a24b724c" +
-                "e6327757 723fe275 1b75bf00 7d80f6b3" +
-                "60744bf1 b7a88ea5 85f9765b 47911976" +
-                "d3191cf8 3c039f5f fab0d29c c9d9b6da"
-        },
-        {
-            "00010203 04050607 08090a0b 0c0d0e0f" +
-                "10111213 14151617 18191a1b 1c1d1e1f" +
-                "20212223 24252627 28292a2b 2c2d2e2f" +
-                "30313233 34353637 38393a3b 3c3d3e3f" +
-                "40414243 44454647 48494a4b 4c4d4e4f" +
-                "50515253 54555657 58595a5b 5c5d5e5f" +
-                "60616263 64656667 68696a6b 6c6d6e6f" +
-                "70717273 74757677 78797a7b 7c7d7e7f" +
-                "80818283 84858687",
-            "53616d70 6c65206d 65737361 67652066" +
-                "6f72206b 65796c65 6e3e626c 6f636b6c" +
-                "656e",
-            "5f464f5e 5b7848e3 885e49b2 c385f069" +
-                "4985d0e3 8966242d c4a5fe3f ea4b37d4" +
-                "6b65cece d5dcf594 38dd840b ab22269f" +
-                "0ba7febd b9fcf746 02a35666 b2a32915"
-        },
-        {
-            "00010203 04050607 08090a0b 0c0d0e0f" +
-                "10111213 14151617 18191a1b 1c1d1e1f" +
-                "20212223 24252627 28292a2b 2c2d2e2f" +
-                "30313233 34353637 38393a3b 3c3d3e3f",
-            "53616d70 6c65206d 65737361 67652066" +
-                "6f72206b 65796c65 6e3c626c 6f636b6c" +
-                "656e2c20 77697468 20747275 6e636174" +
-                "65642074 6167",
-            "7bb06d85 9257b25c e73ca700 df34c5cb" +
-                "ef5c898b ac91029e 0b27975d 4e526a08"
-        },
-        {
-            "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
-            "4869205468657265",
-            "eb3fbd4b2eaab8f5c504bd3a41465aacec15770a7cabac531e482f860b5ec7ba47ccb2c6f2afce8f88d22b6dc61380f23a668fd3888bb80537c0a0b86407689e"
-        }
-    };
-
-    public String getName()
-    {
-        return "SHA3HMac";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        doTest(new HMac(new SHA3Digest(224)), sha3_224);
-        doTest(new HMac(new SHA3Digest(256)), sha3_256);
-        doTest(new HMac(new SHA3Digest(384)), sha3_384);
-        doTest(new HMac(new SHA3Digest(512)), sha3_512);
-    }
-
-    public void doTest(HMac hmac, String[][] data)
-    {
-        byte[] resBuf = new byte[hmac.getMacSize()];
-
-        for (int i = 0; i < data.length; i++)
-        {
-            byte[] m = Hex.decode(data[i][1]);
-
-            hmac.init(new KeyParameter(Hex.decode(data[i][0])));
-            hmac.update(m, 0, m.length);
-            hmac.doFinal(resBuf, 0);
-
-            isTrue(hmac.getAlgorithmName() + " vector " + i + " failed got " + new String(Hex.encode(resBuf)), startsWith(resBuf, Hex.decode(data[i][2])));
-        }
-
-        //
-        // test reset
-        //
-        int vector = 0; // vector used for test
-        byte[] m = Hex.decode(data[vector][1]);
-
-        hmac.init(new KeyParameter(Hex.decode(data[vector][0])));
-        hmac.update(m, 0, m.length);
-        hmac.doFinal(resBuf, 0);
-        hmac.reset();
-        hmac.update(m, 0, m.length);
-        hmac.doFinal(resBuf, 0);
-
-        isTrue(hmac.getAlgorithmName() + " reset with vector " + vector + " failed", Arrays.areEqual(resBuf, Hex.decode(data[vector][2])));
-    }
-
-    private static boolean startsWith(byte[] a, byte[] b)
-    {
-        if (a.length == b.length)
-        {
-            return Arrays.areEqual(a, b);
-        }
-
-        for (int i = 0; i != b.length; i++)
-        {
-            if (a[i] != b[i])
-            {
-                return false;
-            }
-        }
-
-        return true;
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        SHA3HMacTest test = new SHA3HMacTest();
-        TestResult      result = test.perform();
-
-        System.out.println(result);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA512DigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA512DigestTest.java
deleted file mode 100644
index ffebaee..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA512DigestTest.java
+++ /dev/null

@@ -1,60 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-
-/**
- * standard vector test for SHA-512 from FIPS Draft 180-2.
- *
- * Note, the first two vectors are _not_ from the draft, the last three are.
- */
-public class SHA512DigestTest
-    extends DigestTest
-{
-    private static String[] messages =
-    {
-        "",
-        "a",
-        "abc",
-        "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
-    };
-
-    private static String[] digests =
-    {
-        "cf83e1357eefb8bdf1542850d66d8007d620e4050b5715dc83f4a921d36ce9ce47d0d13c5d85f2b0ff8318d2877eec2f63b931bd47417a81a538327af927da3e",
-        "1f40fc92da241694750979ee6cf582f2d5d7d28e18335de05abc54d0560e0f5302860c652bf08d560252aa5e74210546f369fbbbce8c12cfc7957b2652fe9a75",
-        "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f",
-        "8e959b75dae313da8cf4f72814fc143f8f7779c6eb9f7fa17299aeadb6889018501d289e4900f7e4331b99dec4b5433ac7d329eeb6dd26545e96e55b874be909"
-    };
-
-    // 1 million 'a'
-    static private String  million_a_digest = "e718483d0ce769644e2e42c7bc15b4638e1f98b13b2044285632a803afa973ebde0ff244877ea60a4cb0432ce577c31beb009c5c2c49aa2e4eadb217ad8cc09b";
-
-    SHA512DigestTest()
-    {
-        super(new SHA512Digest(), messages, digests);
-    }
-
-    public void performTest()
-    {
-        super.performTest();
-
-        millionATest(million_a_digest);
-    }
-
-    protected Digest cloneDigest(Digest digest)
-    {
-        return new SHA512Digest((SHA512Digest)digest);
-    }
-
-    protected Digest cloneDigest(byte[] encodedState)
-    {
-        return new SHA512Digest(encodedState);
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new SHA512DigestTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA512HMacTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA512HMacTest.java
deleted file mode 100644
index ee163eb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA512HMacTest.java
+++ /dev/null

@@ -1,108 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-/**
- * SHA512 HMac Test
- */
-public class SHA512HMacTest
-    implements Test
-{
-    final static String[] keys = {
-        "0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b",
-        "4a656665",
-        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
-        "0102030405060708090a0b0c0d0e0f10111213141516171819",
-        "0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c0c",
-        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa",
-        "aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa"
-    };
-
-    final static String[] digests = {
-        "87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854",
-        "164b7a7bfcf819e2e395fbe73b56e0a387bd64222e831fd610270cd7ea2505549758bf75c05a994a6d034f65f8f0e6fdcaeab1a34d4a6b4b636e070a38bce737",
-        "fa73b0089d56a284efb0f0756c890be9b1b5dbdd8ee81a3655f83e33b2279d39bf3e848279a722c806b485a47e67c807b946a337bee8942674278859e13292fb",
-        "b0ba465637458c6990e5a8c5f61d4af7e576d97ff94b872de76f8050361ee3dba91ca5c11aa25eb4d679275cc5788063a5f19741120c4f2de2adebeb10a298dd",
-        "415fad6271580a531d4179bc891d87a650188707922a4fbb36663a1eb16da008711c5b50ddd0fc235084eb9d3364a1454fb2ef67cd1d29fe6773068ea266e96b",
-        "80b24263c7c1a3ebb71493c1dd7be8b49b46d1f41b4aeec1121b013783f8f3526b56d037e05f2598bd0fd2215d6a1e5295e64f73f63f0aec8b915a985d786598",
-        "e37b6a775dc87dbaa4dfa9f96e5e3ffddebd71f8867289865df5a32d20cdc944b6022cac3c4982b10d5eeb55c3e4de15134676fb6de0446065c97440fa8c6a58"
-    };
-
-    final static String[] messages = {
-        "Hi There",
-        "what do ya want for nothing?",
-        "0xdddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddddd",
-        "0xcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcdcd",
-        "Test With Truncation",
-        "Test Using Larger Than Block-Size Key - Hash Key First",
-        "This is a test using a larger than block-size key and a larger than block-size data. The key needs to be hashed before being used by the HMAC algorithm."
-    };
-
-    public String getName()
-    {
-        return "SHA512HMac";
-    }
-
-    public TestResult perform()
-    {
-        HMac hmac = new HMac(new SHA512Digest());
-        byte[] resBuf = new byte[hmac.getMacSize()];
-
-        for (int i = 0; i < messages.length; i++)
-        {
-            byte[] m = messages[i].getBytes();
-            if (messages[i].startsWith("0x"))
-            {
-                m = Hex.decode(messages[i].substring(2));
-            }
-            hmac.init(new KeyParameter(Hex.decode(keys[i])));
-            hmac.update(m, 0, m.length);
-            hmac.doFinal(resBuf, 0);
-
-            if (!Arrays.areEqual(resBuf, Hex.decode(digests[i])))
-            {
-                return new SimpleTestResult(false, getName() + ": Vector " + i + " failed got -" + new String(Hex.encode(resBuf)));
-            }
-        }
-
-        //
-        // test reset
-        //
-        int vector = 0; // vector used for test
-        byte[] m = messages[vector].getBytes();
-        if (messages[vector].startsWith("0x"))
-        {
-            m = Hex.decode(messages[vector].substring(2));
-        }
-        hmac.init(new KeyParameter(Hex.decode(keys[vector])));
-        hmac.update(m, 0, m.length);
-        hmac.doFinal(resBuf, 0);
-        hmac.reset();
-        hmac.update(m, 0, m.length);
-        hmac.doFinal(resBuf, 0);
-
-        if (!Arrays.areEqual(resBuf, Hex.decode(digests[vector])))
-        {
-            return new SimpleTestResult(false, getName() +
-                    "Reset with vector " + vector + " failed");
-        }
-
-        return new SimpleTestResult(true, getName() + ": Okay");
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        SHA512HMacTest    test = new SHA512HMacTest();
-        TestResult      result = test.perform();
-
-        System.out.println(result);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA512t224DigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA512t224DigestTest.java
deleted file mode 100644
index 0c7bc95..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA512t224DigestTest.java
+++ /dev/null

@@ -1,60 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA512tDigest;
-
-/**
- * standard vector test for SHA-512/224 from FIPS 180-4.
- *
- * Note, only the last 2 message entries are FIPS originated..
- */
-public class SHA512t224DigestTest
-    extends DigestTest
-{
-    private static String[] messages =
-    {
-        "",
-        "a",
-        "abc",
-        "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
-    };
-
-    private static String[] digests =
-    {
-        "6ed0dd02806fa89e25de060c19d3ac86cabb87d6a0ddd05c333b84f4",
-        "d5cdb9ccc769a5121d4175f2bfdd13d6310e0d3d361ea75d82108327",
-        "4634270F707B6A54DAAE7530460842E20E37ED265CEEE9A43E8924AA",
-        "23FEC5BB94D60B23308192640B0C453335D664734FE40E7268674AF9"
-    };
-
-    // 1 million 'a'
-    static private String  million_a_digest = "37ab331d76f0d36de422bd0edeb22a28accd487b7a8453ae965dd287";
-
-    SHA512t224DigestTest()
-    {
-        super(new SHA512tDigest(224), messages, digests);
-    }
-
-    public void performTest()
-    {
-        super.performTest();
-
-        millionATest(million_a_digest);
-    }
-
-    protected Digest cloneDigest(Digest digest)
-    {
-        return new SHA512tDigest((SHA512tDigest)digest);
-    }
-
-    protected Digest cloneDigest(byte[] encodedState)
-    {
-        return new SHA512tDigest(encodedState);
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new SHA512t224DigestTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA512t256DigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA512t256DigestTest.java
deleted file mode 100644
index db019ae..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHA512t256DigestTest.java
+++ /dev/null

@@ -1,60 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA512tDigest;
-
-/**
- * standard vector test for SHA-512/256 from FIPS 180-4.
- *
- * Note, only the last 2 message entries are FIPS originated..
- */
-public class SHA512t256DigestTest
-    extends DigestTest
-{
-    private static String[] messages =
-    {
-        "",
-        "a",
-        "abc",
-        "abcdefghbcdefghicdefghijdefghijkefghijklfghijklmghijklmnhijklmnoijklmnopjklmnopqklmnopqrlmnopqrsmnopqrstnopqrstu"
-    };
-
-    private static String[] digests =
-    {
-        "c672b8d1ef56ed28ab87c3622c5114069bdd3ad7b8f9737498d0c01ecef0967a",
-        "455e518824bc0601f9fb858ff5c37d417d67c2f8e0df2babe4808858aea830f8",
-        "53048E2681941EF99B2E29B76B4C7DABE4C2D0C634FC6D46E0E2F13107E7AF23",
-        "3928E184FB8690F840DA3988121D31BE65CB9D3EF83EE6146FEAC861E19B563A"
-    };
-
-    // 1 million 'a'
-    static private String  million_a_digest = "9a59a052930187a97038cae692f30708aa6491923ef5194394dc68d56c74fb21";
-
-    SHA512t256DigestTest()
-    {
-        super(new SHA512tDigest(256), messages, digests);
-    }
-
-    public void performTest()
-    {
-        super.performTest();
-
-        millionATest(million_a_digest);
-    }
-
-    protected Digest cloneDigest(Digest digest)
-    {
-        return new SHA512tDigest((SHA512tDigest)digest);
-    }
-
-    protected Digest cloneDigest(byte[] encodedState)
-    {
-        return new SHA512tDigest(encodedState);
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new SHA512t256DigestTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHAKEDigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SHAKEDigestTest.java
deleted file mode 100644
index d24af31..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SHAKEDigestTest.java
+++ /dev/null

@@ -1,346 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.io.BufferedReader;
-import java.io.EOFException;
-import java.io.IOException;
-import java.io.InputStreamReader;
-import java.util.ArrayList;
-import java.util.List;
-
-import org.bouncycastle.crypto.digests.SHAKEDigest;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * SHAKE Digest Test
- */
-public class SHAKEDigestTest
-    extends SimpleTest
-{
-    static class MySHAKEDigest extends SHAKEDigest
-    {
-        MySHAKEDigest(int bitLength)
-        {
-            super(bitLength);
-        }
-
-        int myDoFinal(byte[] out, int outOff, int outLen, byte partialByte, int partialBits)
-        {
-            return doFinal(out, outOff, outLen, partialByte, partialBits);
-        }
-    }
-
-    SHAKEDigestTest()
-    {
-    }
-
-    public String getName()
-    {
-        return "SHAKE";
-    }
-
-    public void performTest() throws Exception
-    {
-        testVectors();
-    }
-
-    public void testVectors() throws Exception
-    {
-        BufferedReader r = new BufferedReader(new InputStreamReader(
-            getClass().getResourceAsStream("SHAKETestVectors.txt")));
-
-        String line;
-        while (null != (line = readLine(r)))
-        {
-            if (line.length() != 0)
-            {
-                TestVector v = readTestVector(r, line);
-                runTestVector(v);
-            }
-        }
-
-        r.close();
-    }
-
-    private MySHAKEDigest createDigest(String algorithm) throws Exception
-    {
-        if (algorithm.startsWith("SHAKE-"))
-        {
-            int bits = parseDecimal(algorithm.substring("SHAKE-".length()));
-            return new MySHAKEDigest(bits);
-        }
-        throw new IllegalArgumentException("Unknown algorithm: " + algorithm);
-    }
-
-    private byte[] decodeBinary(String block)
-    {
-        int bits = block.length();
-        int fullBytes = bits / 8;
-        int totalBytes = (bits + 7) / 8;
-        byte[] result = new byte[totalBytes];
-
-        for (int i = 0; i < fullBytes; ++i)
-        {
-            String byteStr = reverse(block.substring(i * 8, (i + 1) * 8));
-            result[i] = (byte)parseBinary(byteStr);
-        }
-
-        if (totalBytes > fullBytes)
-        {
-            String byteStr = reverse(block.substring(fullBytes * 8));
-            result[fullBytes] = (byte)parseBinary(byteStr);
-        }
-
-        return result;
-    }
-
-    private int parseBinary(String s)
-    {
-        return Integer.parseInt(s, 2);
-    }
-
-    private int parseDecimal(String s)
-    {
-        return Integer.parseInt(s);
-    }
-
-    private String readBlock(BufferedReader r) throws IOException
-    {
-        StringBuffer b = new StringBuffer();
-        String line;
-        while ((line = readBlockLine(r)) != null)
-        {
-            b.append(line);
-        }
-        return b.toString();
-    }
-
-    private String readBlockLine(BufferedReader r) throws IOException
-    {
-        String line = readLine(r);
-        if (line == null || line.length() == 0)
-        {
-            return null;
-        }
-
-        char[] chars = line.toCharArray();
-
-        int pos = 0;
-        for (int i = 0; i != chars.length; i++)
-        {
-            if (chars[i] != ' ')
-            {
-                chars[pos++] = chars[i];
-            }
-        }
-
-        return new String(chars, 0, pos);
-    }
-
-    private TestVector readTestVector(BufferedReader r, String header) throws IOException
-    {
-        String[] parts = splitAround(header, TestVector.SAMPLE_OF);
-
-        String algorithm = parts[0];
-        int bits = parseDecimal(stripFromChar(parts[1], '-'));
-
-        skipUntil(r, TestVector.MSG_HEADER);
-        String messageBlock = readBlock(r);
-        if (messageBlock.length() != bits)
-        {
-            throw new IllegalStateException("Test vector length mismatch");
-        }
-        byte[] message = decodeBinary(messageBlock);
-
-        skipUntil(r, TestVector.OUTPUT_HEADER);
-        byte[] output = Hex.decode(readBlock(r));
-
-        return new TestVector(algorithm, bits, message, output);
-    }
-
-    private String readLine(BufferedReader r) throws IOException
-    {
-        String line = r.readLine();
-        return line == null ? null : stripFromChar(line, '#').trim();
-    }
-
-    private String requireLine(BufferedReader r) throws IOException
-    {
-        String line = readLine(r);
-        if (line == null)
-        {
-            throw new EOFException();
-        }
-        return line;
-    }
-
-    private String reverse(String s)
-    {
-        return new StringBuffer(s).reverse().toString();
-    }
-
-    private void runTestVector(TestVector v) throws Exception
-    {
-        int bits = v.getBits();
-        int partialBits = bits % 8;
-
-        byte[] expected = v.getOutput();
-
-//        System.out.println(v.getAlgorithm() + " " + bits + "-bit");
-//        System.out.println(Hex.toHexString(v.getMessage()).toUpperCase());
-//        System.out.println(Hex.toHexString(expected).toUpperCase());
-
-        int outLen = expected.length;
-
-        MySHAKEDigest d = createDigest(v.getAlgorithm());
-        byte[] output = new byte[outLen];
-
-        byte[] m = v.getMessage();
-        if (partialBits == 0)
-        {
-            d.update(m, 0, m.length);
-            d.doFinal(output, 0, outLen);
-        }
-        else
-        {
-            d.update(m, 0, m.length - 1);
-            d.myDoFinal(output, 0, outLen, m[m.length - 1], partialBits);
-        }
-
-        if (!Arrays.areEqual(expected, output))
-        {
-            fail(v.getAlgorithm() + " " + v.getBits() + "-bit test vector hash mismatch");
-//            System.err.println(v.getAlgorithm() + " " + v.getBits() + "-bit test vector hash mismatch");
-//            System.err.println(Hex.toHexString(output).toUpperCase());
-        }
-
-        if (partialBits == 0)
-        {
-            d = createDigest(v.getAlgorithm());
-
-            m = v.getMessage();
-
-            d.update(m, 0, m.length);
-            d.doOutput(output, 0, outLen / 2);
-            d.doOutput(output, outLen / 2, output.length - outLen / 2);
-
-            if (!Arrays.areEqual(expected, output))
-            {
-                fail(v.getAlgorithm() + " " + v.getBits() + "-bit test vector extended hash mismatch");
-            }
-
-            try
-            {
-                d.update((byte)0x01);
-                fail("no exception");
-            }
-            catch (IllegalStateException e)
-            {
-                isTrue("wrong exception", "attempt to absorb while squeezing".equals(e.getMessage()));
-            }
-
-            d = createDigest(v.getAlgorithm());
-
-            m = v.getMessage();
-
-            d.update(m, 0, m.length);
-            d.doOutput(output, 0, outLen / 2);
-            d.doFinal(output, outLen / 2, output.length - outLen / 2);
-
-            if (!Arrays.areEqual(expected, output))
-            {
-                fail(v.getAlgorithm() + " " + v.getBits() + "-bit test vector extended doFinal hash mismatch");
-            }
-
-            d.update((byte)0x01); // this should be okay as we've reset on doFinal()
-        }
-    }
-
-    private void skipUntil(BufferedReader r, String header) throws IOException
-    {
-        String line;
-        do
-        {
-            line = requireLine(r);
-        }
-        while (line.length() == 0);
-        if (!line.equals(header))
-        {
-            throw new IOException("Expected: " + header);
-        }
-    }
-
-    private String[] splitAround(String s, String separator)
-    {
-        List strings = new ArrayList();
-
-        String remaining = s;
-        int index;
-
-        while ((index = remaining.indexOf(separator)) > 0)
-        {
-            strings.add(remaining.substring(0, index));
-            remaining = remaining.substring(index + separator.length());
-        }
-        strings.add(remaining);
-
-        return (String[])strings.toArray(new String[strings.size()]);
-    }
-
-    private String stripFromChar(String s, char c)
-    {
-        int i = s.indexOf(c);
-        if (i >= 0)
-        {
-            s = s.substring(0, i);
-        }
-        return s;
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new SHAKEDigestTest());
-    }
-
-    private static class TestVector
-    {
-        private static String SAMPLE_OF = " sample of ";
-        private static String MSG_HEADER = "Msg as bit string";
-        private static String OUTPUT_HEADER = "Output val is";
-
-        private String algorithm;
-        private int bits;
-        private byte[] message;
-        private byte[] output;
-
-        private TestVector(String algorithm, int bits, byte[] message, byte[] output)
-        {
-            this.algorithm = algorithm;
-            this.bits = bits;
-            this.message = message;
-            this.output = output;
-        }
-
-        public String getAlgorithm()
-        {
-            return algorithm;
-        }
-
-        public int getBits()
-        {
-            return bits;
-        }
-        
-        public byte[] getMessage()
-        {
-            return message;
-        }
-
-        public byte[] getOutput()
-        {
-            return output;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SM2EngineTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SM2EngineTest.java
deleted file mode 100644
index a9cbad0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SM2EngineTest.java
+++ /dev/null

@@ -1,168 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.engines.SM2Engine;
-import org.bouncycastle.crypto.generators.ECKeyPairGenerator;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECKeyGenerationParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestRandomBigInteger;
-
-public class SM2EngineTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "SM2Engine";
-    }
-
-    private void doEngineTestFp()
-        throws Exception
-    {
-        BigInteger SM2_ECC_P = new BigInteger("8542D69E4C044F18E8B92435BF6FF7DE457283915C45517D722EDB8B08F1DFC3", 16);
-        BigInteger SM2_ECC_A = new BigInteger("787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E498", 16);
-        BigInteger SM2_ECC_B = new BigInteger("63E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A", 16);
-        BigInteger SM2_ECC_N = new BigInteger("8542D69E4C044F18E8B92435BF6FF7DD297720630485628D5AE74EE7C32E79B7", 16);
-        BigInteger SM2_ECC_H = ECConstants.ONE;
-        BigInteger SM2_ECC_GX = new BigInteger("421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D", 16);
-        BigInteger SM2_ECC_GY = new BigInteger("0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2", 16);
-
-        ECCurve curve = new ECCurve.Fp(SM2_ECC_P, SM2_ECC_A, SM2_ECC_B, SM2_ECC_N, SM2_ECC_H);
-
-        ECPoint g = curve.createPoint(SM2_ECC_GX, SM2_ECC_GY);
-        ECDomainParameters domainParams = new ECDomainParameters(curve, g, SM2_ECC_N);
-
-        ECKeyPairGenerator keyPairGenerator = new ECKeyPairGenerator();
-
-        ECKeyGenerationParameters aKeyGenParams = new ECKeyGenerationParameters(domainParams, new TestRandomBigInteger("1649AB77A00637BD5E2EFE283FBF353534AA7F7CB89463F208DDBC2920BB0DA0", 16));
-
-        keyPairGenerator.init(aKeyGenParams);
-
-        AsymmetricCipherKeyPair aKp = keyPairGenerator.generateKeyPair();
-
-        ECPublicKeyParameters aPub = (ECPublicKeyParameters)aKp.getPublic();
-        ECPrivateKeyParameters aPriv = (ECPrivateKeyParameters)aKp.getPrivate();
-
-        SM2Engine sm2Engine = new SM2Engine();
-
-        byte[] m = Strings.toByteArray("encryption standard");
-
-        sm2Engine.init(true, new ParametersWithRandom(aPub, new TestRandomBigInteger("4C62EEFD6ECFC2B95B92FD6C3D9575148AFA17425546D49018E5388D49DD7B4F", 16)));
-
-        byte[] enc = sm2Engine.processBlock(m, 0, m.length);
-
-        isTrue("enc wrong", Arrays.areEqual(Hex.decode(
-            "04245C26 FB68B1DD DDB12C4B 6BF9F2B6 D5FE60A3 83B0D18D 1C4144AB F17F6252" +
-            "E776CB92 64C2A7E8 8E52B199 03FDC473 78F605E3 6811F5C0 7423A24B 84400F01" +
-            "B8650053 A89B41C4 18B0C3AA D00D886C 00286467 9C3D7360 C30156FA B7C80A02" +
-            "76712DA9 D8094A63 4B766D3A 285E0748 0653426D"), enc));
-
-        sm2Engine.init(false, aPriv);
-
-        byte[] dec = sm2Engine.processBlock(enc, 0, enc.length);
-
-        isTrue("dec wrong", Arrays.areEqual(m, dec));
-
-        enc[80] = (byte)(enc[80] + 1);
-
-        try
-        {
-            sm2Engine.processBlock(enc, 0, enc.length);
-            fail("no exception");
-        }
-        catch (InvalidCipherTextException e)
-        {
-            isTrue("wrong exception", "invalid cipher text".equals(e.getMessage()));
-        }
-
-        // long message
-        sm2Engine = new SM2Engine();
-
-        m = new byte[4097];
-        for (int i = 0; i != m.length; i++)
-        {
-            m[i] = (byte)i;
-        }
-
-        sm2Engine.init(true, new ParametersWithRandom(aPub, new TestRandomBigInteger("4C62EEFD6ECFC2B95B92FD6C3D9575148AFA17425546D49018E5388D49DD7B4F", 16)));
-
-        enc = sm2Engine.processBlock(m, 0, m.length);
-
-        sm2Engine.init(false, aPriv);
-
-        dec = sm2Engine.processBlock(enc, 0, enc.length);
-
-        isTrue("dec wrong", Arrays.areEqual(m, dec));
-    }
-
-    private void doEngineTestF2m()
-        throws Exception
-    {
-        BigInteger SM2_ECC_A = new BigInteger("00", 16);
-        BigInteger SM2_ECC_B = new BigInteger("E78BCD09746C202378A7E72B12BCE00266B9627ECB0B5A25367AD1AD4CC6242B", 16);
-        BigInteger SM2_ECC_N = new BigInteger("7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFBC972CF7E6B6F900945B3C6A0CF6161D", 16);
-        BigInteger SM2_ECC_H = BigInteger.valueOf(4);
-        BigInteger SM2_ECC_GX = new BigInteger("00CDB9CA7F1E6B0441F658343F4B10297C0EF9B6491082400A62E7A7485735FADD", 16);
-        BigInteger SM2_ECC_GY = new BigInteger("013DE74DA65951C4D76DC89220D5F7777A611B1C38BAE260B175951DC8060C2B3E", 16);
-
-        ECCurve curve = new ECCurve.F2m(257, 12, SM2_ECC_A, SM2_ECC_B, SM2_ECC_N, SM2_ECC_H);
-
-        ECPoint g = curve.createPoint(SM2_ECC_GX, SM2_ECC_GY);
-        ECDomainParameters domainParams = new ECDomainParameters(curve, g, SM2_ECC_N, SM2_ECC_H);
-
-        ECKeyPairGenerator keyPairGenerator = new ECKeyPairGenerator();
-
-        ECKeyGenerationParameters aKeyGenParams = new ECKeyGenerationParameters(domainParams, new TestRandomBigInteger("56A270D17377AA9A367CFA82E46FA5267713A9B91101D0777B07FCE018C757EB", 16));
-
-        keyPairGenerator.init(aKeyGenParams);
-
-        AsymmetricCipherKeyPair aKp = keyPairGenerator.generateKeyPair();
-
-        ECPublicKeyParameters aPub = (ECPublicKeyParameters)aKp.getPublic();
-        ECPrivateKeyParameters aPriv = (ECPrivateKeyParameters)aKp.getPrivate();
-
-        SM2Engine sm2Engine = new SM2Engine();
-
-        byte[] m = Strings.toByteArray("encryption standard");
-
-        sm2Engine.init(true, new ParametersWithRandom(aPub, new TestRandomBigInteger("6D3B497153E3E92524E5C122682DBDC8705062E20B917A5F8FCDB8EE4C66663D", 16)));
-
-        byte[] enc = sm2Engine.processBlock(m, 0, m.length);
-
-        isTrue("f2m enc wrong", Arrays.areEqual(Hex.decode(
-            "04019D23 6DDB3050 09AD52C5 1BB93270 9BD534D4 76FBB7B0 DF9542A8 A4D890A3" +
-                "F2E100B2 3B938DC0 A94D1DF8 F42CF45D 2D6601BF 638C3D7D E75A29F0 2AFB7E45" +
-                "E91771FD 55AC6213 C2A8A040 E4CAB5B2 6A9CFCDA 737373A4 8625D375 8FA37B3E" +
-                "AB80E9CF CABA665E 3199EA15 A1FA8189 D96F5791 25E4"), enc));
-
-        sm2Engine.init(false, aPriv);
-
-        byte[] dec = sm2Engine.processBlock(enc, 0, enc.length);
-
-        isTrue("f2m dec wrong", Arrays.areEqual(m, dec));
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        doEngineTestFp();
-        doEngineTestF2m();
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new SM2EngineTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SM2KeyExchangeTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SM2KeyExchangeTest.java
deleted file mode 100644
index c29ec72..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SM2KeyExchangeTest.java
+++ /dev/null

@@ -1,229 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.agreement.SM2KeyExchange;
-import org.bouncycastle.crypto.generators.ECKeyPairGenerator;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECKeyGenerationParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithID;
-import org.bouncycastle.crypto.params.SM2KeyExchangePrivateParameters;
-import org.bouncycastle.crypto.params.SM2KeyExchangePublicParameters;
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestRandomBigInteger;
-
-public class SM2KeyExchangeTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "SM2KeyExchange";
-    }
-
-    private void doKeyExchangeTestFp()
-        throws Exception
-    {
-        BigInteger SM2_ECC_P = new BigInteger("8542D69E4C044F18E8B92435BF6FF7DE457283915C45517D722EDB8B08F1DFC3", 16);
-        BigInteger SM2_ECC_A = new BigInteger("787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E498", 16);
-        BigInteger SM2_ECC_B = new BigInteger("63E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A", 16);
-        BigInteger SM2_ECC_N = new BigInteger("8542D69E4C044F18E8B92435BF6FF7DD297720630485628D5AE74EE7C32E79B7", 16);
-        BigInteger SM2_ECC_H = ECConstants.ONE;
-        BigInteger SM2_ECC_GX = new BigInteger("421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D", 16);
-        BigInteger SM2_ECC_GY = new BigInteger("0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2", 16);
-
-        ECCurve curve = new ECCurve.Fp(SM2_ECC_P, SM2_ECC_A, SM2_ECC_B, SM2_ECC_N, SM2_ECC_H);
-
-        ECPoint g = curve.createPoint(SM2_ECC_GX, SM2_ECC_GY);
-        ECDomainParameters domainParams = new ECDomainParameters(curve, g, SM2_ECC_N);
-
-        ECKeyPairGenerator keyPairGenerator = new ECKeyPairGenerator();
-
-        ECKeyGenerationParameters aKeyGenParams = new ECKeyGenerationParameters(domainParams, new TestRandomBigInteger("6FCBA2EF9AE0AB902BC3BDE3FF915D44BA4CC78F88E2F8E7F8996D3B8CCEEDEE", 16));
-
-        keyPairGenerator.init(aKeyGenParams);
-
-        AsymmetricCipherKeyPair aKp = keyPairGenerator.generateKeyPair();
-
-        ECPublicKeyParameters aPub = (ECPublicKeyParameters)aKp.getPublic();
-        ECPrivateKeyParameters aPriv = (ECPrivateKeyParameters)aKp.getPrivate();
-
-        ECKeyGenerationParameters aeKeyGenParams = new ECKeyGenerationParameters(domainParams, new TestRandomBigInteger("83A2C9C8B96E5AF70BD480B472409A9A327257F1EBB73F5B073354B248668563", 16));
-
-        keyPairGenerator.init(aeKeyGenParams);
-
-        AsymmetricCipherKeyPair aeKp = keyPairGenerator.generateKeyPair();
-
-        ECPublicKeyParameters aePub = (ECPublicKeyParameters)aeKp.getPublic();
-        ECPrivateKeyParameters aePriv = (ECPrivateKeyParameters)aeKp.getPrivate();
-
-        ECKeyGenerationParameters bKeyGenParams = new ECKeyGenerationParameters(domainParams, new TestRandomBigInteger("5E35D7D3F3C54DBAC72E61819E730B019A84208CA3A35E4C2E353DFCCB2A3B53", 16));
-
-        keyPairGenerator.init(bKeyGenParams);
-
-        AsymmetricCipherKeyPair bKp = keyPairGenerator.generateKeyPair();
-
-        ECPublicKeyParameters bPub = (ECPublicKeyParameters)bKp.getPublic();
-        ECPrivateKeyParameters bPriv = (ECPrivateKeyParameters)bKp.getPrivate();
-
-        ECKeyGenerationParameters beKeyGenParams = new ECKeyGenerationParameters(domainParams, new TestRandomBigInteger("33FE21940342161C55619C4A0C060293D543C80AF19748CE176D83477DE71C80", 16));
-
-        keyPairGenerator.init(beKeyGenParams);
-
-        AsymmetricCipherKeyPair beKp = keyPairGenerator.generateKeyPair();
-
-        ECPublicKeyParameters bePub = (ECPublicKeyParameters)beKp.getPublic();
-        ECPrivateKeyParameters bePriv = (ECPrivateKeyParameters)beKp.getPrivate();
-
-        SM2KeyExchange exch = new SM2KeyExchange();
-
-        exch.init(new ParametersWithID(new SM2KeyExchangePrivateParameters(true, aPriv, aePriv), Strings.toByteArray("ALICE123@YAHOO.COM")));
-
-        byte[] k1 = exch.calculateKey(128, new ParametersWithID(new SM2KeyExchangePublicParameters(bPub, bePub), Strings.toByteArray("BILL456@YAHOO.COM")));
-
-        isTrue("key 1 wrong", Arrays.areEqual(Hex.decode("55b0ac62a6b927ba23703832c853ded4"), k1));
-
-        exch = new SM2KeyExchange();
-
-        exch.init(new ParametersWithID(new SM2KeyExchangePrivateParameters(false, bPriv, bePriv), Strings.toByteArray("BILL456@YAHOO.COM")));
-
-        byte[] k2 = exch.calculateKey(128, new ParametersWithID(new SM2KeyExchangePublicParameters(aPub, aePub), Strings.toByteArray("ALICE123@YAHOO.COM")));
-
-        isTrue("key 2 wrong", Arrays.areEqual(Hex.decode("55b0ac62a6b927ba23703832c853ded4"), k2));
-
-        // with key confirmation
-        exch = new SM2KeyExchange();
-
-        exch.init(new ParametersWithID(new SM2KeyExchangePrivateParameters(false, bPriv, bePriv), Strings.toByteArray("BILL456@YAHOO.COM")));
-
-        byte[][] vals2 = exch.calculateKeyWithConfirmation(128, null, new ParametersWithID(new SM2KeyExchangePublicParameters(aPub, aePub), Strings.toByteArray("ALICE123@YAHOO.COM")));
-
-        isTrue("key 2 wrong", Arrays.areEqual(Hex.decode("55b0ac62a6b927ba23703832c853ded4"), k2));
-      
-        isTrue("conf a tag 2 wrong", Arrays.areEqual(Hex.decode("284C8F198F141B502E81250F1581C7E9EEB4CA6990F9E02DF388B45471F5BC5C"), vals2[1]));
-        isTrue("conf b tag 2 wrong", Arrays.areEqual(Hex.decode("23444DAF8ED7534366CB901C84B3BDBB63504F4065C1116C91A4C00697E6CF7A"), vals2[2]));
-
-        exch = new SM2KeyExchange();
-
-        exch.init(new ParametersWithID(new SM2KeyExchangePrivateParameters(true, aPriv, aePriv), Strings.toByteArray("ALICE123@YAHOO.COM")));
-
-        byte[][] vals1 = exch.calculateKeyWithConfirmation(128, vals2[1], new ParametersWithID(new SM2KeyExchangePublicParameters(bPub, bePub), Strings.toByteArray("BILL456@YAHOO.COM")));
-
-        isTrue("conf key 1 wrong", Arrays.areEqual(Hex.decode("55b0ac62a6b927ba23703832c853ded4"), vals1[0]));
-        isTrue("conf tag 1 wrong", Arrays.areEqual(Hex.decode("23444DAF8ED7534366CB901C84B3BDBB63504F4065C1116C91A4C00697E6CF7A"), vals1[1]));
-    }
-
-    private void doKeyExchangeTestF2m()
-        throws Exception
-    {
-        BigInteger SM2_ECC_A = new BigInteger("00", 16);
-        BigInteger SM2_ECC_B = new BigInteger("E78BCD09746C202378A7E72B12BCE00266B9627ECB0B5A25367AD1AD4CC6242B", 16);
-        BigInteger SM2_ECC_N = new BigInteger("7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFBC972CF7E6B6F900945B3C6A0CF6161D", 16);
-        BigInteger SM2_ECC_H = BigInteger.valueOf(4);
-        BigInteger SM2_ECC_GX = new BigInteger("00CDB9CA7F1E6B0441F658343F4B10297C0EF9B6491082400A62E7A7485735FADD", 16);
-        BigInteger SM2_ECC_GY = new BigInteger("013DE74DA65951C4D76DC89220D5F7777A611B1C38BAE260B175951DC8060C2B3E", 16);
-
-        ECCurve curve = new ECCurve.F2m(257, 12, SM2_ECC_A, SM2_ECC_B, SM2_ECC_N, SM2_ECC_H);
-
-        ECPoint g = curve.createPoint(SM2_ECC_GX, SM2_ECC_GY);
-        ECDomainParameters domainParams = new ECDomainParameters(curve, g, SM2_ECC_N, SM2_ECC_H);
-        
-        ECKeyPairGenerator keyPairGenerator = new ECKeyPairGenerator();
-
-        ECKeyGenerationParameters aKeyGenParams = new ECKeyGenerationParameters(domainParams, new TestRandomBigInteger("4813903D254F2C20A94BC5704238496954BB5279F861952EF2C5298E84D2CEAA", 16));
-
-        keyPairGenerator.init(aKeyGenParams);
-
-        AsymmetricCipherKeyPair aKp = keyPairGenerator.generateKeyPair();
-
-        ECPublicKeyParameters aPub = (ECPublicKeyParameters)aKp.getPublic();
-        ECPrivateKeyParameters aPriv = (ECPrivateKeyParameters)aKp.getPrivate();
-
-        ECKeyGenerationParameters aeKeyGenParams = new ECKeyGenerationParameters(domainParams, new TestRandomBigInteger("54A3D6673FF3A6BD6B02EBB164C2A3AF6D4A4906229D9BFCE68CC366A2E64BA4", 16));
-
-        keyPairGenerator.init(aeKeyGenParams);
-
-        AsymmetricCipherKeyPair aeKp = keyPairGenerator.generateKeyPair();
-
-        ECPublicKeyParameters aePub = (ECPublicKeyParameters)aeKp.getPublic();
-        ECPrivateKeyParameters aePriv = (ECPrivateKeyParameters)aeKp.getPrivate();
-
-        ECKeyGenerationParameters bKeyGenParams = new ECKeyGenerationParameters(domainParams, new TestRandomBigInteger("08F41BAE0922F47C212803FE681AD52B9BF28A35E1CD0EC273A2CF813E8FD1DC", 16));
-
-        keyPairGenerator.init(bKeyGenParams);
-
-        AsymmetricCipherKeyPair bKp = keyPairGenerator.generateKeyPair();
-
-        ECPublicKeyParameters bPub = (ECPublicKeyParameters)bKp.getPublic();
-        ECPrivateKeyParameters bPriv = (ECPrivateKeyParameters)bKp.getPrivate();
-
-        ECKeyGenerationParameters beKeyGenParams = new ECKeyGenerationParameters(domainParams, new TestRandomBigInteger("1F21933387BEF781D0A8F7FD708C5AE0A56EE3F423DBC2FE5BDF6F068C53F7AD", 16));
-
-        keyPairGenerator.init(beKeyGenParams);
-
-        AsymmetricCipherKeyPair beKp = keyPairGenerator.generateKeyPair();
-
-        ECPublicKeyParameters bePub = (ECPublicKeyParameters)beKp.getPublic();
-        ECPrivateKeyParameters bePriv = (ECPrivateKeyParameters)beKp.getPrivate();
-
-        SM2KeyExchange exch = new SM2KeyExchange();
-
-        exch.init(new ParametersWithID(new SM2KeyExchangePrivateParameters(true, aPriv, aePriv), Strings.toByteArray("ALICE123@YAHOO.COM")));
-
-        byte[] k1 = exch.calculateKey(128, new ParametersWithID(new SM2KeyExchangePublicParameters(bPub, bePub), Strings.toByteArray("BILL456@YAHOO.COM")));
-
-        // there appears to be typo for ZA in the draft
-        //isTrue("F2m key 1 wrong", Arrays.areEqual(Hex.decode("4E587E5C66634F22D973A7D98BF8BE23"), k1));
-        isTrue("F2m key 1 wrong", Arrays.areEqual(Hex.decode("8c2b03289aa7126555dc660cfc29fd74"), k1));
-
-        exch = new SM2KeyExchange();
-
-        exch.init(new ParametersWithID(new SM2KeyExchangePrivateParameters(false, bPriv, bePriv), Strings.toByteArray("BILL456@YAHOO.COM")));
-
-        byte[] k2 = exch.calculateKey(128, new ParametersWithID(new SM2KeyExchangePublicParameters(aPub, aePub), Strings.toByteArray("ALICE123@YAHOO.COM")));
-
-        //isTrue("F2m key 2 wrong", Arrays.areEqual(Hex.decode("4E587E5C66634F22D973A7D98BF8BE23"), k2));
-        isTrue("F2m key 2 wrong", Arrays.areEqual(Hex.decode("8c2b03289aa7126555dc660cfc29fd74"), k2));
-
-        // with key confirmation
-        exch = new SM2KeyExchange();
-
-        exch.init(new ParametersWithID(new SM2KeyExchangePrivateParameters(false, bPriv, bePriv), Strings.toByteArray("BILL456@YAHOO.COM")));
-
-        byte[][] vals2 = exch.calculateKeyWithConfirmation(128, null, new ParametersWithID(new SM2KeyExchangePublicParameters(aPub, aePub), Strings.toByteArray("ALICE123@YAHOO.COM")));
-
-        isTrue("key 2 wrong", Arrays.areEqual(Hex.decode("8c2b03289aa7126555dc660cfc29fd74"), k2));
-
-        isTrue("conf a tag 2 wrong", Arrays.areEqual(Hex.decode("d8294c4c0f0ac180feac95e8a0d786638c9e915b9a684b2348809af03a0de2a5"), vals2[1]));
-        isTrue("conf b tag 2 wrong", Arrays.areEqual(Hex.decode("52089e706911b58fd5e7c7b2ab5cf32bb61e481ef1e114a1e33d99eec84b5a4f"), vals2[2]));
-
-        exch = new SM2KeyExchange();
-
-        exch.init(new ParametersWithID(new SM2KeyExchangePrivateParameters(true, aPriv, aePriv), Strings.toByteArray("ALICE123@YAHOO.COM")));
-
-        byte[][] vals1 = exch.calculateKeyWithConfirmation(128, vals2[1], new ParametersWithID(new SM2KeyExchangePublicParameters(bPub, bePub), Strings.toByteArray("BILL456@YAHOO.COM")));
-
-        isTrue("conf key 1 wrong", Arrays.areEqual(Hex.decode("8c2b03289aa7126555dc660cfc29fd74"), vals1[0]));
-        isTrue("conf tag 1 wrong", Arrays.areEqual(Hex.decode("52089e706911b58fd5e7c7b2ab5cf32bb61e481ef1e114a1e33d99eec84b5a4f"), vals1[1]));
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        doKeyExchangeTestFp();
-        doKeyExchangeTestF2m();
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new SM2KeyExchangeTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SM2SignerTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SM2SignerTest.java
deleted file mode 100644
index 51c9bcb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SM2SignerTest.java
+++ /dev/null

@@ -1,201 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.io.IOException;
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.generators.ECKeyPairGenerator;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECKeyGenerationParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithID;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.signers.SM2Signer;
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestRandomBigInteger;
-
-public class SM2SignerTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "SM2Signer";
-    }
-
-    private void doSignerTestFp()
-        throws Exception
-    {
-        BigInteger SM2_ECC_P = new BigInteger("8542D69E4C044F18E8B92435BF6FF7DE457283915C45517D722EDB8B08F1DFC3", 16);
-        BigInteger SM2_ECC_A = new BigInteger("787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E498", 16);
-        BigInteger SM2_ECC_B = new BigInteger("63E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A", 16);
-        BigInteger SM2_ECC_N = new BigInteger("8542D69E4C044F18E8B92435BF6FF7DD297720630485628D5AE74EE7C32E79B7", 16);
-        BigInteger SM2_ECC_H = ECConstants.ONE;
-        BigInteger SM2_ECC_GX = new BigInteger("421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D", 16);
-        BigInteger SM2_ECC_GY = new BigInteger("0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2", 16);
-
-        ECCurve curve = new ECCurve.Fp(SM2_ECC_P, SM2_ECC_A, SM2_ECC_B, SM2_ECC_N, SM2_ECC_H);
-
-        ECPoint g = curve.createPoint(SM2_ECC_GX, SM2_ECC_GY);
-        ECDomainParameters domainParams = new ECDomainParameters(curve, g, SM2_ECC_N);
-
-        ECKeyGenerationParameters keyGenerationParams = new ECKeyGenerationParameters(domainParams, new TestRandomBigInteger("128B2FA8BD433C6C068C8D803DFF79792A519A55171B1B650C23661D15897263", 16));
-        ECKeyPairGenerator keyPairGenerator = new ECKeyPairGenerator();
-
-        keyPairGenerator.init(keyGenerationParams);
-        AsymmetricCipherKeyPair kp = keyPairGenerator.generateKeyPair();
-
-        ECPublicKeyParameters ecPub = (ECPublicKeyParameters)kp.getPublic();
-        ECPrivateKeyParameters ecPriv = (ECPrivateKeyParameters)kp.getPrivate();
-
-        SM2Signer signer = new SM2Signer();
-
-        signer.init(true,
-            new ParametersWithID(new ParametersWithRandom(ecPriv,
-                    new TestRandomBigInteger("6CB28D99385C175C94F94E934817663FC176D925DD72B727260DBAAE1FB2F96F", 16)),
-                Strings.toByteArray("ALICE123@YAHOO.COM")));
-
-        byte[] msg = Strings.toByteArray("message digest");
-
-        signer.update(msg, 0, msg.length);
-
-        byte[] sig = signer.generateSignature();
-
-        BigInteger[] rs = decode(sig);
-
-        isTrue("r wrong", rs[0].equals(new BigInteger("40F1EC59F793D9F49E09DCEF49130D4194F79FB1EED2CAA55BACDB49C4E755D1", 16)));
-        isTrue("s wrong", rs[1].equals(new BigInteger("6FC6DAC32C5D5CF10C77DFB20F7C2EB667A457872FB09EC56327A67EC7DEEBE7", 16)));
-
-        signer = new SM2Signer();
-
-        signer.init(false, new ParametersWithID(ecPub, Strings.toByteArray("ALICE123@YAHOO.COM")));
-
-        signer.update(msg, 0, msg.length);
-
-        isTrue("verification failed", signer.verifySignature(sig));
-    }
-
-    private void doSignerTestF2m()
-        throws Exception
-    {
-        BigInteger SM2_ECC_A = new BigInteger("00", 16);
-        BigInteger SM2_ECC_B = new BigInteger("E78BCD09746C202378A7E72B12BCE00266B9627ECB0B5A25367AD1AD4CC6242B", 16);
-        BigInteger SM2_ECC_N = new BigInteger("7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFBC972CF7E6B6F900945B3C6A0CF6161D", 16);
-        BigInteger SM2_ECC_H = BigInteger.valueOf(4);
-        BigInteger SM2_ECC_GX = new BigInteger("00CDB9CA7F1E6B0441F658343F4B10297C0EF9B6491082400A62E7A7485735FADD", 16);
-        BigInteger SM2_ECC_GY = new BigInteger("013DE74DA65951C4D76DC89220D5F7777A611B1C38BAE260B175951DC8060C2B3E", 16);
-
-        ECCurve curve = new ECCurve.F2m(257, 12, SM2_ECC_A, SM2_ECC_B, SM2_ECC_N, SM2_ECC_H);
-
-        ECPoint g = curve.createPoint(SM2_ECC_GX, SM2_ECC_GY);
-        ECDomainParameters domainParams = new ECDomainParameters(curve, g, SM2_ECC_N);
-
-        ECKeyGenerationParameters keyGenerationParams = new ECKeyGenerationParameters(domainParams, new TestRandomBigInteger("771EF3DBFF5F1CDC32B9C572930476191998B2BF7CB981D7F5B39202645F0931", 16));
-        ECKeyPairGenerator keyPairGenerator = new ECKeyPairGenerator();
-
-        keyPairGenerator.init(keyGenerationParams);
-        AsymmetricCipherKeyPair kp = keyPairGenerator.generateKeyPair();
-
-        ECPublicKeyParameters ecPub = (ECPublicKeyParameters)kp.getPublic();
-        ECPrivateKeyParameters ecPriv = (ECPrivateKeyParameters)kp.getPrivate();
-
-        SM2Signer signer = new SM2Signer();
-
-        signer.init(true,
-            new ParametersWithID(new ParametersWithRandom(ecPriv,
-                    new TestRandomBigInteger("36CD79FC8E24B7357A8A7B4A46D454C397703D6498158C605399B341ADA186D6", 16)),
-                Strings.toByteArray("ALICE123@YAHOO.COM")));
-
-        byte[] msg = Strings.toByteArray("message digest");
-
-        signer.update(msg, 0, msg.length);
-
-        byte[] sig = signer.generateSignature();
-
-        BigInteger[] rs = decode(sig);
-
-        isTrue("F2m r wrong", rs[0].equals(new BigInteger("6D3FBA26EAB2A1054F5D198332E335817C8AC453ED26D3391CD4439D825BF25B", 16)));
-        isTrue("F2m s wrong", rs[1].equals(new BigInteger("3124C5688D95F0A10252A9BED033BEC84439DA384621B6D6FAD77F94B74A9556", 16)));
-
-        signer.init(false, new ParametersWithID(ecPub, Strings.toByteArray("ALICE123@YAHOO.COM")));
-
-        signer.update(msg, 0, msg.length);
-
-        isTrue("verification failed", signer.verifySignature(sig));
-    }
-
-    private void doVerifyBoundsCheck()
-        throws IOException
-    {
-        BigInteger SM2_ECC_A = new BigInteger("00", 16);
-        BigInteger SM2_ECC_B = new BigInteger("E78BCD09746C202378A7E72B12BCE00266B9627ECB0B5A25367AD1AD4CC6242B", 16);
-        BigInteger SM2_ECC_N = new BigInteger("7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFBC972CF7E6B6F900945B3C6A0CF6161D", 16);
-        BigInteger SM2_ECC_H = BigInteger.valueOf(4);
-        BigInteger SM2_ECC_GX = new BigInteger("00CDB9CA7F1E6B0441F658343F4B10297C0EF9B6491082400A62E7A7485735FADD", 16);
-        BigInteger SM2_ECC_GY = new BigInteger("013DE74DA65951C4D76DC89220D5F7777A611B1C38BAE260B175951DC8060C2B3E", 16);
-
-        ECCurve curve = new ECCurve.F2m(257, 12, SM2_ECC_A, SM2_ECC_B, SM2_ECC_N, SM2_ECC_H);
-
-        ECPoint g = curve.createPoint(SM2_ECC_GX, SM2_ECC_GY);
-        ECDomainParameters domainParams = new ECDomainParameters(curve, g, SM2_ECC_N);
-
-        ECKeyGenerationParameters keyGenerationParams = new ECKeyGenerationParameters(domainParams, new TestRandomBigInteger("771EF3DBFF5F1CDC32B9C572930476191998B2BF7CB981D7F5B39202645F0931", 16));
-        ECKeyPairGenerator keyPairGenerator = new ECKeyPairGenerator();
-
-        keyPairGenerator.init(keyGenerationParams);
-        AsymmetricCipherKeyPair kp = keyPairGenerator.generateKeyPair();
-
-        ECPublicKeyParameters ecPub = (ECPublicKeyParameters)kp.getPublic();
-
-        SM2Signer signer = new SM2Signer();
-
-        signer.init(false, ecPub);
-
-        signer.update(new byte[20], 0, 20);
-        isTrue(!signer.verifySignature(encode(ECConstants.ZERO, ECConstants.EIGHT)));
-
-        signer.update(new byte[20], 0, 20);
-        isTrue(!signer.verifySignature(encode(ECConstants.EIGHT, ECConstants.ZERO)));
-
-        signer.update(new byte[20], 0, 20);
-        isTrue(!signer.verifySignature(encode(SM2_ECC_N, ECConstants.EIGHT)));
-
-        signer.update(new byte[20], 0, 20);
-        isTrue(!signer.verifySignature(encode(ECConstants.EIGHT, SM2_ECC_N)));
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        doSignerTestFp();
-        doSignerTestF2m();
-        doVerifyBoundsCheck();
-    }
-
-    private static BigInteger[] decode(byte[] sig)
-    {
-        ASN1Sequence s = ASN1Sequence.getInstance(sig);
-
-        return new BigInteger[] { ASN1Integer.getInstance(s.getObjectAt(0)).getValue(),
-            ASN1Integer.getInstance(s.getObjectAt(1)).getValue() };
-    }
-
-    private static byte[] encode(BigInteger r, BigInteger s)
-        throws IOException
-    {
-        return new DERSequence(new ASN1Encodable[] { new ASN1Integer(r), new ASN1Integer(s)}).getEncoded();
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new SM2SignerTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SM3DigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SM3DigestTest.java
deleted file mode 100644
index 83d0a9f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SM3DigestTest.java
+++ /dev/null

@@ -1,197 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SM3Digest;
-import org.bouncycastle.util.encoders.Hex;
-
-/**
- * standard vector test for SM3 digest from chinese specification
- */
-public class SM3DigestTest
-    extends DigestTest
-{
-    private static String[] messages = {
-        // Standard test vectors
-        "abc",
-        "abcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcdabcd",
-        // Non-standard test vectors
-        "",
-        "a",
-        "abcdefghijklmnopqrstuvwxyz",
-    };
-
-    private static String[] hexMessages = {
-        /* 2 p.57 ZA */
-        "0090" +
-        "414C494345313233405941484F4F2E434F4D" +
-        "787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E498" +
-        "63E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A" +
-        "421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D" +
-        "0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2" +
-        "0AE4C7798AA0F119471BEE11825BE46202BB79E2A5844495E97C04FF4DF2548A" +
-        "7C0240F88F1CD4E16352A73C17B7F16F07353E53A176D684A9FE0C6BB798E857",
-        /* 3 p.59 ZA */
-        "0090" +
-        "414C494345313233405941484F4F2E434F4D" +
-        "000000000000000000000000000000000000000000000000000000000000000000" +
-        "00E78BCD09746C202378A7E72B12BCE00266B9627ECB0B5A25367AD1AD4CC6242B" +
-        "00CDB9CA7F1E6B0441F658343F4B10297C0EF9B6491082400A62E7A7485735FADD" +
-        "013DE74DA65951C4D76DC89220D5F7777A611B1C38BAE260B175951DC8060C2B3E" +
-        "0165961645281A8626607B917F657D7E9382F1EA5CD931F40F6627F357542653B2" +
-        "01686522130D590FB8DE635D8FCA715CC6BF3D05BEF3F75DA5D543454448166612",
-        /* 4 p.72 ZA */
-        "0090" +
-        "414C494345313233405941484F4F2E434F4D" +
-        "787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E498" +
-        "63E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A" +
-        "421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D" +
-        "0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2" +
-        "3099093BF3C137D8FCBBCDF4A2AE50F3B0F216C3122D79425FE03A45DBFE1655" +
-        "3DF79E8DAC1CF0ECBAA2F2B49D51A4B387F2EFAF482339086A27A8E05BAED98B",
-        /* 5 p.72 ZB */
-        "0088" +
-        "42494C4C343536405941484F4F2E434F4D" +
-        "787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E498" +
-        "63E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A" +
-        "421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D" +
-        "0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2" +
-        "245493D446C38D8CC0F118374690E7DF633A8A4BFB3329B5ECE604B2B4F37F43" +
-        "53C0869F4B9E17773DE68FEC45E14904E0DEA45BF6CECF9918C85EA047C60A4C",
-        /* 6 p.75 ZA */
-        "0090" +
-        "414C494345313233405941484F4F2E434F4D" +
-        "000000000000000000000000000000000000000000000000000000000000000000" +
-        "00E78BCD09746C202378A7E72B12BCE00266B9627ECB0B5A25367AD1AD4CC6242B" +
-        "00CDB9CA7F1E6B0441F658343F4B10297C0EF9B6491082400A62E7A7485735FADD" +
-        "013DE74DA65951C4D76DC89220D5F7777A611B1C38BAE260B175951DC8060C2B3E" +
-        "008E3BDB2E11F9193388F1F901CCC857BF49CFC065FB38B9069CAAE6D5AFC3592F" +
-        "004555122AAC0075F42E0A8BBD2C0665C789120DF19D77B4E3EE4712F598040415",
-        /* 7 p.76 ZB */
-        "0088" +
-        "42494C4C343536405941484F4F2E434F4D" +
-        "000000000000000000000000000000000000000000000000000000000000000000" +
-        "00E78BCD09746C202378A7E72B12BCE00266B9627ECB0B5A25367AD1AD4CC6242B" +
-        "00CDB9CA7F1E6B0441F658343F4B10297C0EF9B6491082400A62E7A7485735FADD" +
-        "013DE74DA65951C4D76DC89220D5F7777A611B1C38BAE260B175951DC8060C2B3E" +
-        "0034297DD83AB14D5B393B6712F32B2F2E938D4690B095424B89DA880C52D4A7D9" +
-        "0199BBF11AC95A0EA34BBD00CA50B93EC24ACB68335D20BA5DCFE3B33BDBD2B62D",
-        /* 8 TopsecCA cert ZA */
-        "0080" +
-        "31323334353637383132333435363738" +
-        "FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC" +
-        "28E9FA9E9D9F5E344D5A9E4BCF6509A7F39789F515AB8F92DDBCBD414D940E93" +
-        "32C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7" +
-        "BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A0" +
-        "D69C2F1EEC3BFB6B95B30C28085C77B125D77A9C39525D8190768F37D6B205B5" +
-        "89DCD316BBE7D89A9DC21917F17799E698531F5E6E3E10BD31370B259C3F81C3",
-        /* 9 */
-        "4D38D2958CA7FD2CFAE3AF04486959CF92C8EF48E8B83A05C112E739D5F181D0" +
-        "3082020CA003020102020900" +
-        "AF28725D98D33143300C06082A811CCF" +
-        "550183750500307D310B300906035504" +
-        "060C02636E310B300906035504080C02" +
-        "626A310B300906035504070C02626A31" +
-        "0F300D060355040A0C06746F70736563" +
-        "310F300D060355040B0C06746F707365" +
-        "633111300F06035504030C08546F7073" +
-        "65634341311F301D06092A864886F70D" +
-        "0109010C10626A40746F707365632E63" +
-        "6F6D2E636E301E170D31323036323430" +
-        "37353433395A170D3332303632303037" +
-        "353433395A307D310B30090603550406" +
-        "0C02636E310B300906035504080C0262" +
-        "6A310B300906035504070C02626A310F" +
-        "300D060355040A0C06746F7073656331" +
-        "0F300D060355040B0C06746F70736563" +
-        "3111300F06035504030C08546F707365" +
-        "634341311F301D06092A864886F70D01" +
-        "09010C10626A40746F707365632E636F" +
-        "6D2E636E3059301306072A8648CE3D02" +
-        "0106082A811CCF5501822D03420004D6" +
-        "9C2F1EEC3BFB6B95B30C28085C77B125" +
-        "D77A9C39525D8190768F37D6B205B589" +
-        "DCD316BBE7D89A9DC21917F17799E698" +
-        "531F5E6E3E10BD31370B259C3F81C3A3" +
-        "733071300F0603551D130101FF040530" +
-        "030101FF301D0603551D0E041604148E" +
-        "5D90347858BAAAD870D8BDFBA6A85E7B" +
-        "563B64301F0603551D23041830168014" +
-        "8E5D90347858BAAAD870D8BDFBA6A85E" +
-        "7B563B64300B0603551D0F0404030201" +
-        "06301106096086480186F84201010404" +
-        "03020057",
-    };
-    
-    private static String[] digests = {
-        // Standard test vectors
-        "66c7f0f462eeedd9d1f2d46bdc10e4e24167c4875cf2f7a2297da02b8f4ba8e0",
-        "debe9ff92275b8a138604889c18e5a4d6fdb70e5387e5765293dcba39c0c5732",
-        // Non-standard test vectors
-        "1ab21d8355cfa17f8e61194831e81a8f22bec8c728fefb747ed035eb5082aa2b",
-        "623476ac18f65a2909e43c7fec61b49c7e764a91a18ccb82f1917a29c86c5e88",
-        "b80fe97a4da24afc277564f66a359ef440462ad28dcc6d63adb24d5c20a61595",
-        // Additional vectors for GMSSL
-        "F4A38489E32B45B6F876E3AC2168CA392362DC8F23459C1D1146FC3DBFB7BC9A",
-        "26352AF82EC19F207BBC6F9474E11E90CE0F7DDACE03B27F801817E897A81FD5",
-        "E4D1D0C3CA4C7F11BC8FF8CB3F4C02A78F108FA098E51A668487240F75E20F31",
-        "6B4B6D0E276691BD4A11BF72F4FB501AE309FDACB72FA6CC336E6656119ABD67",
-        "329c2f6030cc7e0ca3af6c97b76243ca250338ad3d3dc3a8b322d1cfdf98c2b7", // original appears wrong -> "ECF0080215977B2E5D6D61B98A99442F03E8803DC39E349F8DCA5621A9ACDF2B",
-        "557BAD30E183559AEEC3B2256E1C7C11F870D22B165D015ACF9465B09B87B527",
-        "4D38D2958CA7FD2CFAE3AF04486959CF92C8EF48E8B83A05C112E739D5F181D0",
-        "C3B02E500A8B60B77DEDCF6F4C11BEF8D56E5CDE708C72065654FD7B2167915A",
-    };
-
-    final static String sixtyFourKdigest = "97049bdc8f0736bc7300eafa9980aeb9cf00f24f7ec3a8f1f8884954d7655c1d";
-    final static String million_a_digest = "c8aaf89429554029e231941a2acc0ad61ff2a5acd8fadd25847a3a732b3b02c3";
-
-    SM3DigestTest()
-    {
-        super(new SM3Digest(), messages, digests);
-    }
-
-    public void performTest()
-    {
-        super.performTest();
-
-        SM3Digest dig = new SM3Digest();
-        byte[] resBuf = new byte[dig.getDigestSize()];
-        
-        vectorTest(dig, 10, resBuf, Hex.decode(hexMessages[0]), Hex.decode(digests[messages.length]));
-        vectorTest(dig, 11, resBuf, Hex.decode(hexMessages[1]), Hex.decode(digests[messages.length + 1]));
-        vectorTest(dig, 12, resBuf, Hex.decode(hexMessages[2]), Hex.decode(digests[messages.length + 2]));
-        vectorTest(dig, 13, resBuf, Hex.decode(hexMessages[3]), Hex.decode(digests[messages.length + 3]));
-        vectorTest(dig, 14, resBuf, Hex.decode(hexMessages[4]), Hex.decode(digests[messages.length + 4]));
-        vectorTest(dig, 15, resBuf, Hex.decode(hexMessages[5]), Hex.decode(digests[messages.length + 5]));
-        vectorTest(dig, 16, resBuf, Hex.decode(hexMessages[6]), Hex.decode(digests[messages.length + 6]));
-        vectorTest(dig, 17, resBuf, Hex.decode(hexMessages[7]), Hex.decode(digests[messages.length + 7]));
-
-        sixtyFourKTest(sixtyFourKdigest);
-        millionATest(million_a_digest);
-    }
-
-    private void vectorTest(
-        Digest digest,
-        int count,
-        byte[] resBuf,
-        byte[] input,
-        byte[] expected)
-    {
-        digest.update(input, 0, input.length);
-        digest.doFinal(resBuf, 0);
-
-        if (!areEqual(resBuf, expected))
-        {
-            fail("Vector " + count + " failed got " + new String(Hex.encode(resBuf)));
-        }
-    }
-
-    protected Digest cloneDigest(Digest digest)
-    {
-        return new SM3Digest((SM3Digest)digest);
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new SM3DigestTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SM4Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SM4Test.java
deleted file mode 100644
index 7c12e5b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SM4Test.java
+++ /dev/null

@@ -1,81 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.engines.SM4Engine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * SM4 tester, vectors from <a href="http://eprint.iacr.org/2008/329.pdf">http://eprint.iacr.org/2008/329.pdf</a>
- */
-public class SM4Test
-    extends CipherTest
-{
-    static SimpleTest[]  tests = {
-        new BlockCipherVectorTest(0, new SM4Engine(),
-            new KeyParameter(Hex.decode("0123456789abcdeffedcba9876543210")),
-            "0123456789abcdeffedcba9876543210",
-            "681edf34d206965e86b3e94f536e4246")
-            };
-
-    SM4Test()
-    {
-        super(tests, new SM4Engine(), new KeyParameter(new byte[16]));
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        super.performTest();
-
-        test1000000();
-    }
-
-    private void test1000000()
-    {
-        byte[] plain = Hex.decode("0123456789abcdeffedcba9876543210");
-        byte[] key = Hex.decode("0123456789abcdeffedcba9876543210");
-        byte[] cipher = Hex.decode("595298c7c6fd271f0402f804c33d3f66");
-        byte[] buf = new byte[16];
-
-        BlockCipher engine = new SM4Engine();
-
-        engine.init(true, new KeyParameter(key));
-
-        System.arraycopy(plain, 0, buf, 0, buf.length);
-
-        for (int i = 0; i != 1000000; i++)
-        {
-            engine.processBlock(buf, 0, buf, 0);
-        }
-
-        if (!areEqual(cipher, buf))
-        {
-            fail("1000000 encryption test failed");
-        }
-
-        engine.init(false, new KeyParameter(key));
-
-        for (int i = 0; i != 1000000; i++)
-        {
-            engine.processBlock(buf, 0, buf, 0);
-        }
-
-        if (!areEqual(plain, buf))
-        {
-            fail("1000000 decryption test failed");
-        }
-    }
-
-    public String getName()
-    {
-        return "SM4";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new SM4Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SRP6Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SRP6Test.java
deleted file mode 100644
index 2409faf..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SRP6Test.java
+++ /dev/null

@@ -1,267 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.agreement.srp.SRP6Client;
-import org.bouncycastle.crypto.agreement.srp.SRP6Server;
-import org.bouncycastle.crypto.agreement.srp.SRP6StandardGroups;
-import org.bouncycastle.crypto.agreement.srp.SRP6Util;
-import org.bouncycastle.crypto.agreement.srp.SRP6VerifierGenerator;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.generators.DHParametersGenerator;
-import org.bouncycastle.crypto.params.DHParameters;
-import org.bouncycastle.crypto.params.SRP6GroupParameters;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class SRP6Test extends SimpleTest
-{
-    private static final BigInteger ZERO = BigInteger.valueOf(0);
-
-    private static BigInteger fromHex(String hex)
-    {
-        return new BigInteger(1, Hex.decode(hex));
-    }
-
-    private final SecureRandom random = new SecureRandom();
-
-    public String getName()
-    {
-        return "SRP6";
-    }
-
-    public void performTest() throws Exception
-    {
-        rfc5054AppendixBTestVectors();
-
-        testMutualVerification(SRP6StandardGroups.rfc5054_1024);
-        testClientCatchesBadB(SRP6StandardGroups.rfc5054_1024);
-        testServerCatchesBadA(SRP6StandardGroups.rfc5054_1024);
-
-        testWithRandomParams(256);
-        testWithRandomParams(384);
-        testWithRandomParams(512);
-    }
-
-    private void rfc5054AppendixBTestVectors() throws Exception
-    {
-        byte[] I = "alice".getBytes("UTF8");
-        byte[] P = "password123".getBytes("UTF8");
-        byte[] s = Hex.decode("BEB25379D1A8581EB5A727673A2441EE");
-        BigInteger N = SRP6StandardGroups.rfc5054_1024.getN();
-        BigInteger g = SRP6StandardGroups.rfc5054_1024.getG();
-        BigInteger a = fromHex("60975527035CF2AD1989806F0407210BC81EDC04E2762A56AFD529DDDA2D4393");
-        BigInteger b = fromHex("E487CB59D31AC550471E81F00F6928E01DDA08E974A004F49E61F5D105284D20");
-
-        BigInteger expect_k = fromHex("7556AA045AEF2CDD07ABAF0F665C3E818913186F");
-        BigInteger expect_x = fromHex("94B7555AABE9127CC58CCF4993DB6CF84D16C124");
-        BigInteger expect_v = fromHex("7E273DE8696FFC4F4E337D05B4B375BEB0DDE1569E8FA00A9886D812"
-            + "9BADA1F1822223CA1A605B530E379BA4729FDC59F105B4787E5186F5"
-            + "C671085A1447B52A48CF1970B4FB6F8400BBF4CEBFBB168152E08AB5"
-            + "EA53D15C1AFF87B2B9DA6E04E058AD51CC72BFC9033B564E26480D78"
-            + "E955A5E29E7AB245DB2BE315E2099AFB");
-        BigInteger expect_A = fromHex("61D5E490F6F1B79547B0704C436F523DD0E560F0C64115BB72557EC4"
-            + "4352E8903211C04692272D8B2D1A5358A2CF1B6E0BFCF99F921530EC"
-            + "8E39356179EAE45E42BA92AEACED825171E1E8B9AF6D9C03E1327F44"
-            + "BE087EF06530E69F66615261EEF54073CA11CF5858F0EDFDFE15EFEA"
-            + "B349EF5D76988A3672FAC47B0769447B");
-        BigInteger expect_B = fromHex("BD0C61512C692C0CB6D041FA01BB152D4916A1E77AF46AE105393011"
-            + "BAF38964DC46A0670DD125B95A981652236F99D9B681CBF87837EC99"
-            + "6C6DA04453728610D0C6DDB58B318885D7D82C7F8DEB75CE7BD4FBAA"
-            + "37089E6F9C6059F388838E7A00030B331EB76840910440B1B27AAEAE"
-            + "EB4012B7D7665238A8E3FB004B117B58");
-        BigInteger expect_u = fromHex("CE38B9593487DA98554ED47D70A7AE5F462EF019");
-        BigInteger expect_S = fromHex("B0DC82BABCF30674AE450C0287745E7990A3381F63B387AAF271A10D"
-            + "233861E359B48220F7C4693C9AE12B0A6F67809F0876E2D013800D6C"
-            + "41BB59B6D5979B5C00A172B4A2A5903A0BDCAF8A709585EB2AFAFA8F"
-            + "3499B200210DCC1F10EB33943CD67FC88A2F39A4BE5BEC4EC0A3212D"
-            + "C346D7E474B29EDE8A469FFECA686E5A");
-
-        BigInteger k = SRP6Util.calculateK(new SHA1Digest(), N, g);
-        if (!k.equals(expect_k))
-        {
-            fail("wrong value of 'k'");
-        }
-
-        BigInteger x = SRP6Util.calculateX(new SHA1Digest(), N, s, I, P);
-        if (!x.equals(expect_x))
-        {
-            fail("wrong value of 'x'");
-        }
-
-        SRP6VerifierGenerator gen = new SRP6VerifierGenerator();
-        gen.init(N, g, new SHA1Digest());
-        BigInteger v = gen.generateVerifier(s, I, P);
-        if (!v.equals(expect_v))
-        {
-            fail("wrong value of 'v'");
-        }
-
-        final BigInteger aVal = a;
-        SRP6Client client = new SRP6Client()
-        {
-            protected BigInteger selectPrivateValue()
-            {
-                return aVal;
-            }
-        };
-        client.init(N, g, new SHA1Digest(), random);
-
-        BigInteger A = client.generateClientCredentials(s, I, P);
-        if (!A.equals(expect_A))
-        {
-            fail("wrong value of 'A'");
-        }
-
-        final BigInteger bVal = b;
-        SRP6Server server = new SRP6Server()
-        {
-            protected BigInteger selectPrivateValue()
-            {
-                return bVal;
-            }
-        };
-        server.init(N, g, v, new SHA1Digest(), random);
-
-        BigInteger B = server.generateServerCredentials();
-        if (!B.equals(expect_B))
-        {
-            fail("wrong value of 'B'");
-        }
-
-        BigInteger u = SRP6Util.calculateU(new SHA1Digest(), N, A, B);
-        if (!u.equals(expect_u))
-        {
-            fail("wrong value of 'u'");
-        }
-
-        BigInteger clientS = client.calculateSecret(B);
-        if (!clientS.equals(expect_S))
-        {
-            fail("wrong value of 'S' (client)");
-        }
-
-        BigInteger serverS = server.calculateSecret(A);
-        if (!serverS.equals(expect_S))
-        {
-            fail("wrong value of 'S' (server)");
-        }
-    }
-
-    private void testWithRandomParams(int bits) throws CryptoException
-    {
-        DHParametersGenerator paramGen = new DHParametersGenerator();
-        paramGen.init(bits, 25, random);
-        DHParameters parameters = paramGen.generateParameters();
-
-        testMutualVerification(new SRP6GroupParameters(parameters.getP(), parameters.getG()));
-    }
-
-    private void testMutualVerification(SRP6GroupParameters group) throws CryptoException
-    {
-        byte[] I = "username".getBytes();
-        byte[] P = "password".getBytes();
-        byte[] s = new byte[16];
-        random.nextBytes(s);
-
-        SRP6VerifierGenerator gen = new SRP6VerifierGenerator();
-        gen.init(group, new SHA256Digest());
-        BigInteger v = gen.generateVerifier(s, I, P);
-
-        SRP6Client client = new SRP6Client();
-        client.init(group, new SHA256Digest(), random);
-
-        SRP6Server server = new SRP6Server();
-        server.init(group, v, new SHA256Digest(), random);
-
-        BigInteger A = client.generateClientCredentials(s, I, P);
-        BigInteger B = server.generateServerCredentials();
-
-        BigInteger clientS = client.calculateSecret(B);
-        BigInteger serverS = server.calculateSecret(A);
-
-        if (!clientS.equals(serverS))
-        {
-            fail("SRP agreement failed - client/server calculated different secrets");
-        }
-    }
-
-    private void testClientCatchesBadB(SRP6GroupParameters group)
-    {
-        byte[] I = "username".getBytes();
-        byte[] P = "password".getBytes();
-        byte[] s = new byte[16];
-        random.nextBytes(s);
-
-        SRP6Client client = new SRP6Client();
-        client.init(group, new SHA256Digest(), random);
-
-        client.generateClientCredentials(s, I, P);
-
-        try
-        {
-            client.calculateSecret(ZERO);
-            fail("Client failed to detect invalid value for 'B'");
-        }
-        catch (CryptoException e)
-        {
-            // Expected
-        }
-
-        try
-        {
-            client.calculateSecret(group.getN());
-            fail("Client failed to detect invalid value for 'B'");
-        }
-        catch (CryptoException e)
-        {
-            // Expected
-        }
-    }
-
-    private void testServerCatchesBadA(SRP6GroupParameters group)
-    {
-        byte[] I = "username".getBytes();
-        byte[] P = "password".getBytes();
-        byte[] s = new byte[16];
-        random.nextBytes(s);
-
-        SRP6VerifierGenerator gen = new SRP6VerifierGenerator();
-        gen.init(group, new SHA256Digest());
-        BigInteger v = gen.generateVerifier(s, I, P);
-
-        SRP6Server server = new SRP6Server();
-        server.init(group, v, new SHA256Digest(), random);
-
-        server.generateServerCredentials();
-
-        try
-        {
-            server.calculateSecret(ZERO);
-            fail("Client failed to detect invalid value for 'A'");
-        }
-        catch (CryptoException e)
-        {
-            // Expected
-        }
-
-        try
-        {
-            server.calculateSecret(group.getN());
-            fail("Client failed to detect invalid value for 'A'");
-        }
-        catch (CryptoException e)
-        {
-            // Expected
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new SRP6Test());
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/Salsa20Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/Salsa20Test.java
deleted file mode 100644
index 2b73818..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/Salsa20Test.java
+++ /dev/null

@@ -1,400 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.StreamCipher;
-import org.bouncycastle.crypto.engines.Salsa20Engine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Salsa20 Test
- */
-public class Salsa20Test
-    extends SimpleTest
-{
-    byte[] zeroes = Hex.decode(
-                    "00000000000000000000000000000000"
-                  + "00000000000000000000000000000000"
-                  + "00000000000000000000000000000000"
-                  + "00000000000000000000000000000000");
-
-    String set1v0_0 = "4DFA5E481DA23EA09A31022050859936"
-        + "DA52FCEE218005164F267CB65F5CFD7F"
-        + "2B4F97E0FF16924A52DF269515110A07"
-        + "F9E460BC65EF95DA58F740B7D1DBB0AA";
-
-    String set1v0_192 = "DA9C1581F429E0A00F7D67E23B730676"
-        + "783B262E8EB43A25F55FB90B3E753AEF"
-        + "8C6713EC66C51881111593CCB3E8CB8F"
-        + "8DE124080501EEEB389C4BCB6977CF95";
-
-    String set1v0_256 = "7D5789631EB4554400E1E025935DFA7B"
-        + "3E9039D61BDC58A8697D36815BF1985C"
-        + "EFDF7AE112E5BB81E37ECF0616CE7147"
-        + "FC08A93A367E08631F23C03B00A8DA2F";
-
-    String set1v0_448 = "B375703739DACED4DD4059FD71C3C47F"
-        + "C2F9939670FAD4A46066ADCC6A564578"
-        + "3308B90FFB72BE04A6B147CBE38CC0C3"
-        + "B9267C296A92A7C69873F9F263BE9703";
-
-    String set1v9_0 = "0471076057830FB99202291177FBFE5D"
-        + "38C888944DF8917CAB82788B91B53D1C"
-        + "FB06D07A304B18BB763F888A61BB6B75"
-        + "5CD58BEC9C4CFB7569CB91862E79C459";
-
-    String set1v9_192 = "D1D7E97556426E6CFC21312AE3811425"
-        + "9E5A6FB10DACBD88E4354B0472556935"
-        + "2B6DA5ACAFACD5E266F9575C2ED8E6F2"
-        + "EFE4B4D36114C3A623DD49F4794F865B";
-
-    String set1v9_256 = "AF06FAA82C73291231E1BD916A773DE1"
-        + "52FD2126C40A10C3A6EB40F22834B8CC"
-        + "68BD5C6DBD7FC1EC8F34165C517C0B63"
-        + "9DB0C60506D3606906B8463AA0D0EC2F";
-
-    String set1v9_448 = "AB3216F1216379EFD5EC589510B8FD35"
-        + "014D0AA0B613040BAE63ECAB90A9AF79"
-        + "661F8DA2F853A5204B0F8E72E9D9EB4D"
-        + "BA5A4690E73A4D25F61EE7295215140C";
-
-    String set6v0_0 = "F5FAD53F79F9DF58C4AEA0D0ED9A9601"
-        + "F278112CA7180D565B420A48019670EA"
-        + "F24CE493A86263F677B46ACE1924773D"
-        + "2BB25571E1AA8593758FC382B1280B71";
-
-    String set6v0_65472 = "B70C50139C63332EF6E77AC54338A407"
-        + "9B82BEC9F9A403DFEA821B83F7860791"
-        + "650EF1B2489D0590B1DE772EEDA4E3BC"
-        + "D60FA7CE9CD623D9D2FD5758B8653E70";
-
-    String set6v0_65536 = "81582C65D7562B80AEC2F1A673A9D01C"
-        + "9F892A23D4919F6AB47B9154E08E699B"
-        + "4117D7C666477B60F8391481682F5D95"
-        + "D96623DBC489D88DAA6956B9F0646B6E";
-
-    String set6v1_0 = "3944F6DC9F85B128083879FDF190F7DE"
-        + "E4053A07BC09896D51D0690BD4DA4AC1"
-        + "062F1E47D3D0716F80A9B4D85E6D6085"
-        + "EE06947601C85F1A27A2F76E45A6AA87";
-
-    String set6v1_65472 = "36E03B4B54B0B2E04D069E690082C8C5"
-        + "92DF56E633F5D8C7682A02A65ECD1371"
-        + "8CA4352AACCB0DA20ED6BBBA62E177F2"
-        + "10E3560E63BB822C4158CAA806A88C82";
-
-    String set6v1_65536 = "1B779E7A917C8C26039FFB23CF0EF8E0"
-        + "8A1A13B43ACDD9402CF5DF38501098DF"
-        + "C945A6CC69A6A17367BC03431A86B3ED"
-        + "04B0245B56379BF997E25800AD837D7D";
-
-    // Salsa20/12
-    String salsa12_set1v0_0 = "FC207DBFC76C5E1774961E7A5AAD0906"
-            + "9B2225AC1CE0FE7A0CE77003E7E5BDF8"
-            + "B31AF821000813E6C56B8C1771D6EE70"
-            + "39B2FBD0A68E8AD70A3944B677937897";
-
-    String salsa12_set1v0_192 = "4B62A4881FA1AF9560586510D5527ED4"
-        + "8A51ECAFA4DECEEBBDDC10E9918D44AB"
-        + "26B10C0A31ED242F146C72940C6E9C37"
-        + "53F641DA84E9F68B4F9E76B6C48CA5AC";
-
-    String salsa12_set1v0_256 = "F52383D9DEFB20810325F7AEC9EADE34"
-        + "D9D883FEE37E05F74BF40875B2D0BE79"
-        + "ED8886E5BFF556CEA8D1D9E86B1F68A9"
-        + "64598C34F177F8163E271B8D2FEB5996";
-
-    String salsa12_set1v0_448 = "A52ED8C37014B10EC0AA8E05B5CEEE12"
-        + "3A1017557FB3B15C53E6C5EA8300BF74"
-        + "264A73B5315DC821AD2CAB0F3BB2F152"
-        + "BDAEA3AEE97BA04B8E72A7B40DCC6BA4";
-
-    // Salsa20/8
-    String salsa8_set1v0_0 = "A9C9F888AB552A2D1BBFF9F36BEBEB33"
-            + "7A8B4B107C75B63BAE26CB9A235BBA9D"
-            + "784F38BEFC3ADF4CD3E266687EA7B9F0"
-            + "9BA650AE81EAC6063AE31FF12218DDC5";
-    
-    String salsa8_set1v0_192 = "BB5B6BB2CC8B8A0222DCCC1753ED4AEB"
-            + "23377ACCBD5D4C0B69A8A03BB115EF71"
-            + "871BC10559080ACA7C68F0DEF32A80DD"
-            + "BAF497259BB76A3853A7183B51CC4B9F";
-    
-    String salsa8_set1v0_256 = "4436CDC0BE39559F5E5A6B79FBDB2CAE"
-            + "4782910F27FFC2391E05CFC78D601AD8"
-            + "CD7D87B074169361D997D1BED9729C0D"
-            + "EB23418E0646B7997C06AA84E7640CE3";
-    
-    String salsa8_set1v0_448 = "BEE85903BEA506B05FC04795836FAAAC"
-            + "7F93F785D473EB762576D96B4A65FFE4"
-            + "63B34AAE696777FC6351B67C3753B89B"
-            + "A6B197BD655D1D9CA86E067F4D770220";
-    
-
-    public String getName()
-    {
-        return "Salsa20";
-    }
-
-    public void performTest()
-    {
-        salsa20Test1(20, new ParametersWithIV(new KeyParameter(Hex.decode("80000000000000000000000000000000")), Hex.decode("0000000000000000")),
-                  set1v0_0, set1v0_192,  set1v0_256,  set1v0_448);
-        salsa20Test1(20, new ParametersWithIV(new KeyParameter(Hex.decode("00400000000000000000000000000000")), Hex.decode("0000000000000000")),
-                  set1v9_0, set1v9_192,  set1v9_256,  set1v9_448);
-        salsa20Test1(12, new ParametersWithIV(new KeyParameter(Hex.decode("80000000000000000000000000000000")), Hex.decode("0000000000000000")),
-                salsa12_set1v0_0, salsa12_set1v0_192,  salsa12_set1v0_256,  salsa12_set1v0_448);
-        salsa20Test1(8, new ParametersWithIV(new KeyParameter(Hex.decode("80000000000000000000000000000000")), Hex.decode("0000000000000000")),
-                salsa8_set1v0_0, salsa8_set1v0_192,  salsa8_set1v0_256,  salsa8_set1v0_448);
-        salsa20Test2(new ParametersWithIV(new KeyParameter(Hex.decode("0053A6F94C9FF24598EB3E91E4378ADD3083D6297CCF2275C81B6EC11467BA0D")), Hex.decode("0D74DB42A91077DE")),
-                  set6v0_0, set6v0_65472, set6v0_65536);
-        salsa20Test2(new ParametersWithIV(new KeyParameter(Hex.decode("0558ABFE51A4F74A9DF04396E93C8FE23588DB2E81D4277ACD2073C6196CBF12")), Hex.decode("167DE44BB21980E7")),
-                  set6v1_0, set6v1_65472, set6v1_65536);
-        reinitBug();
-        skipTest();
-    }
-
-    private void salsa20Test1(int rounds, CipherParameters params, String v0, String v192, String v256, String v448)
-    {
-        StreamCipher salsa = new Salsa20Engine(rounds);
-        byte[]       buf = new byte[64];
-
-        salsa.init(true, params);
-
-        for (int i = 0; i != 7; i++)
-        {
-            salsa.processBytes(zeroes, 0, 64, buf, 0);
-            switch (i)
-            {
-            case 0:
-                if (!areEqual(buf, Hex.decode(v0)))
-                {
-                    mismatch("v0/" + rounds, v0, buf);
-                }
-                break;
-            case 3:
-                if (!areEqual(buf, Hex.decode(v192)))
-                {
-                    mismatch("v192/" + rounds, v192, buf);
-                }
-                break;
-            case 4:
-                if (!areEqual(buf, Hex.decode(v256)))
-                {
-                    mismatch("v256/" + rounds, v256, buf);
-                }
-                break;
-            default:
-                // ignore
-            }
-        }
-
-        for (int i = 0; i != 64; i++)
-        {
-            buf[i] = salsa.returnByte(zeroes[i]);
-        }
-
-        if (!areEqual(buf, Hex.decode(v448)))
-        {
-            mismatch("v448", v448, buf);
-        }       
-    }
-
-    private void salsa20Test2(CipherParameters params, String v0, String v65472, String v65536)
-    {
-        StreamCipher salsa = new Salsa20Engine();
-        byte[]       buf = new byte[64];
-
-        salsa.init(true, params);
-
-        for (int i = 0; i != 1025; i++)
-        {
-            salsa.processBytes(zeroes, 0, 64, buf, 0);
-            switch (i)
-            {
-            case 0:
-                if (!areEqual(buf, Hex.decode(v0)))
-                {
-                    mismatch("v0", v0, buf);
-                }
-                break;
-            case 1023:
-                if (!areEqual(buf, Hex.decode(v65472)))
-                {
-                    mismatch("v65472", v65472, buf);
-                }
-                break;
-            case 1024:
-                if (!areEqual(buf, Hex.decode(v65536)))
-                {
-                    mismatch("v65536", v65536, buf);
-                }
-                break;
-            default:
-                // ignore
-            }
-        }
-    }
-
-    private void mismatch(String name, String expected, byte[] found)
-    {
-        fail("mismatch on " + name, expected, new String(Hex.encode(found)));
-    }
-
-
-    private void reinitBug()
-    {
-        KeyParameter key = new KeyParameter(Hex.decode("80000000000000000000000000000000"));
-        ParametersWithIV parameters = new ParametersWithIV(key, Hex.decode("0000000000000000"));
-
-        StreamCipher salsa = new Salsa20Engine();
-
-        salsa.init(true, parameters);
-
-        try
-        {
-            salsa.init(true, key);
-            fail("Salsa20 should throw exception if no IV in Init");
-        }
-        catch (IllegalArgumentException e)
-        {
-        }
-    }
-
-    private boolean areEqual(byte[] a, int aOff, byte[] b, int bOff)
-    {
-        for (int i = bOff; i != b.length; i++)
-        {
-            if (a[aOff + i - bOff] != b[i])
-            {
-                return false;
-            }
-        }
-
-        return true;
-    }
-
-    private void skipTest()
-    {
-        SecureRandom rand = new SecureRandom();
-        byte[]       plain = new byte[50000];
-        byte[]       cipher = new byte[50000];
-
-        rand.nextBytes(plain);
-
-        CipherParameters params = new ParametersWithIV(new KeyParameter(Hex.decode("0053A6F94C9FF24598EB3E91E4378ADD3083D6297CCF2275C81B6EC11467BA0D")), Hex.decode("0D74DB42A91077DE"));
-        Salsa20Engine    engine = new Salsa20Engine();
-
-        engine.init(true, params);
-
-        engine.processBytes(plain, 0, plain.length, cipher, 0);
-
-        byte[]      fragment = new byte[20];
-
-        engine.init(true, params);
-
-        engine.skip(10);
-
-        engine.processBytes(plain, 10, fragment.length, fragment, 0);
-
-        if (!areEqual(cipher, 10, fragment, 0))
-        {
-            fail("skip forward 10 failed");
-        }
-
-        engine.skip(1000);
-
-        engine.processBytes(plain, 1010 + fragment.length, fragment.length, fragment, 0);
-
-        if (!areEqual(cipher, 1010 + fragment.length, fragment, 0))
-        {
-            fail("skip forward 1000 failed");
-        }
-
-        engine.skip(-10);
-
-        engine.processBytes(plain, 1010 + 2 * fragment.length - 10, fragment.length, fragment, 0);
-
-        if (!areEqual(cipher, 1010 + 2 * fragment.length - 10, fragment, 0))
-        {
-            fail("skip back 10 failed");
-        }
-
-        engine.skip(-1000);
-
-        if (engine.getPosition() != 60)
-        {
-            fail("skip position incorrect - " + 60 + " got " + engine.getPosition());
-        }
-
-        engine.processBytes(plain, 60, fragment.length, fragment, 0);
-
-        if (!areEqual(cipher, 60, fragment, 0))
-        {
-            fail("skip back 1000 failed");
-        }
-
-        long pos = engine.seekTo(1010);
-        if (pos != 1010)
-        {
-            fail("position wrong");
-        }
-
-        engine.processBytes(plain, 1010, fragment.length, fragment, 0);
-
-        if (!areEqual(cipher, 1010, fragment, 0))
-        {
-            fail("seek to 1010 failed");
-        }
-
-        engine.reset();
-
-        for (int i = 0; i != 5000; i++)
-        {
-            engine.skip(i);
-
-            if (engine.getPosition() != i)
-            {
-                fail("skip forward at wrong position");
-            }
-
-            engine.processBytes(plain, i, fragment.length, fragment, 0);
-
-            if (!areEqual(cipher, i, fragment, 0))
-            {
-                fail("skip forward i failed: " + i);
-            }
-
-            if (engine.getPosition() != i + fragment.length)
-            {
-                fail("cipher at wrong position: " + engine.getPosition() + " [" + i + "]");
-            }
-
-            engine.skip(-fragment.length);
-
-            if (engine.getPosition() != i)
-            {
-                fail("skip back at wrong position");
-            }
-
-            engine.processBytes(plain, i, fragment.length, fragment, 0);
-
-            if (!areEqual(cipher, i, fragment, 0))
-            {
-                fail("skip back i failed: " + i);
-            }
-
-            engine.reset();
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new Salsa20Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SerpentTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SerpentTest.java
deleted file mode 100644
index a24a477..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SerpentTest.java
+++ /dev/null

@@ -1,140 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.engines.SerpentEngine;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.modes.EAXBlockCipher;
-import org.bouncycastle.crypto.paddings.PKCS7Padding;
-import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
-import org.bouncycastle.crypto.params.AEADParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Test vectors based on the NESSIE submission
- */
-public class SerpentTest
-    extends CipherTest
-{
-    static SimpleTest[]  tests = 
-            {
-                new BlockCipherVectorTest(0, new SerpentEngine(),
-                                    new KeyParameter(Hex.decode("00000000000000000000000000000000")),
-                                    "00000000000000000000000000000000", "3620b17ae6a993d09618b8768266bae9"),
-                new BlockCipherVectorTest(1, new SerpentEngine(),
-                                    new KeyParameter(Hex.decode("80000000000000000000000000000000")),
-                                    "00000000000000000000000000000000", "264E5481EFF42A4606ABDA06C0BFDA3D"),
-                new BlockCipherVectorTest(2, new SerpentEngine(),
-                                    new KeyParameter(Hex.decode("D9D9D9D9D9D9D9D9D9D9D9D9D9D9D9D9")),
-                                    "D9D9D9D9D9D9D9D9D9D9D9D9D9D9D9D9", "20EA07F19C8E93FDA30F6B822AD5D486"),
-                new BlockCipherVectorTest(3, new SerpentEngine(),
-                                    new KeyParameter(Hex.decode("000000000000000000000000000000000000000000008000")),
-                                   "00000000000000000000000000000000", "40520018C4AC2BBA285AEEB9BCB58755"),
-                new BlockCipherVectorTest(4, new SerpentEngine(),
-                                    new KeyParameter(Hex.decode("0000000000000000000000000000000000000000000000000000000000000000")),
-                                   "00000000000000000000000000000001", "AD86DE83231C3203A86AE33B721EAA9F"),
-                new BlockCipherVectorTest(5, new SerpentEngine(),
-                                    new KeyParameter(Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F")),
-                                   "3DA46FFA6F4D6F30CD258333E5A61369", "00112233445566778899AABBCCDDEEFF"),
-                new BlockCipherVectorTest(6, new SerpentEngine(),
-                                    new KeyParameter(Hex.decode("2BD6459F82C5B300952C49104881FF482BD6459F82C5B300952C49104881FF48")),
-                                   "677C8DFAA08071743FD2B415D1B28AF2", "EA024714AD5C4D84EA024714AD5C4D84"),
-                new BlockCipherVectorTest(7, new SerpentEngine(),
-                                    new KeyParameter(Hex.decode("000102030405060708090A0B0C0D0E0F1011121314151617")),
-                                   "4528CACCB954D450655E8CFD71CBFAC7", "00112233445566778899AABBCCDDEEFF"),
-                new BlockCipherVectorTest(8, new SerpentEngine(),
-                                    new KeyParameter(Hex.decode("2BD6459F82C5B300952C49104881FF482BD6459F82C5B300")),
-                                   "E0208BE278E21420C4B1B9747788A954", "EA024714AD5C4D84EA024714AD5C4D84"),
-                new BlockCipherVectorTest(9, new SerpentEngine(),
-                                    new KeyParameter(Hex.decode("000102030405060708090A0B0C0D0E0F")),
-                                   "33B3DC87EDDD9B0F6A1F407D14919365", "00112233445566778899AABBCCDDEEFF"),
-                new BlockCipherVectorTest(10, new SerpentEngine(),
-                                    new KeyParameter(Hex.decode("2BD6459F82C5B300952C49104881FF48")),
-                                   "BEB6C069393822D3BE73FF30525EC43E", "EA024714AD5C4D84EA024714AD5C4D84"),
-                new BlockCipherMonteCarloTest(20, 100, new SerpentEngine(),
-                        new KeyParameter(Hex.decode("F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3")),
-                        "F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3F3", "8FD0E58DB7A54B929FCA6A12F96F20AF"),
-                new BlockCipherMonteCarloTest(21, 100, new SerpentEngine(),
-                         new KeyParameter(Hex.decode("0004000000000000000000000000000000000000000000000000000000000000")),
-                         "00000000000000000000000000000000", "E7B681E8871FD05FEAE5FB64DA891EA2"),
-                new BlockCipherMonteCarloTest(22, 100, new SerpentEngine(),
-                         new KeyParameter(Hex.decode("0000000020000000000000000000000000000000000000000000000000000000")),
-                         "00000000000000000000000000000000", "C5545D516EEC73BFA3622A8194F95620"),
-                new BlockCipherMonteCarloTest(23, 100, new SerpentEngine(),
-                         new KeyParameter(Hex.decode("0000000000000000000000000000000000000000000000000000000002000000")),
-                         "00000000000000000000000000000000", "11FF5C9BE006F82C98BD4FAC1A19920E"),
-                new BlockCipherMonteCarloTest(24, 100, new SerpentEngine(),
-                         new KeyParameter(Hex.decode("0000000000000000000000000000000000000000000000000000000000000000")),
-                         "00000000000000000000000000010000", "47CA1CA404B6481CAD4C21C8A0415A0E"),
-                new BlockCipherMonteCarloTest(25, 100, new SerpentEngine(),
-                          new KeyParameter(Hex.decode("0000000000000000000000000000000000000000000000000000000000000000")),
-                          "00000000000000008000000000000000", "A0A2D5B07E27D539CA5BEE9DE1EAB3E6")
-            };
-
-    SerpentTest()
-    {
-        super(tests, new SerpentEngine(), new KeyParameter(new byte[32]));
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        super.performTest();
-
-        doCbc(Hex.decode("BE4295539F6BD1752FD0A80229EF8847"), Hex.decode("00963F59224794D5AD4252094358FBC3"), Strings.toByteArray("CBC Mode Test"), Hex.decode("CF2CF2547E02F6D34D97246E8042ED89"));
-        doEax(Hex.decode("7494A57648FB420043BFBFC5639EB82D"), Hex.decode("6DF94638B83E01458F3E30C9A1D6AF1C"), Strings.toByteArray("EAX Mode Test"), new byte[0], 128, Hex.decode("96C521F32DC5E9BBC369DDE4914CB13B710EEBBAB7D706D3ABE06A99DC"));
-    }
-
-    private void doEax(byte[] key, byte[] iv, byte[] pt, byte[] aad, int tagLength, byte[] expected)
-        throws InvalidCipherTextException
-    {
-        EAXBlockCipher c = new EAXBlockCipher(new SerpentEngine());
-
-        c.init(true, new AEADParameters(new KeyParameter(key), tagLength, iv, aad));
-
-        byte[] out = new byte[expected.length];
-
-        int len = c.processBytes(pt, 0, pt.length, out, 0);
-
-        c.doFinal(out, len);
-
-        if (!Arrays.areEqual(expected, out))
-        {
-            fail("EAX test failed");
-        }
-    }
-
-    private void doCbc(byte[] key, byte[] iv, byte[] pt, byte[] expected)
-        throws Exception
-    {
-        PaddedBufferedBlockCipher c = new PaddedBufferedBlockCipher(new CBCBlockCipher(new SerpentEngine()), new PKCS7Padding());
-
-        byte[] ct = new byte[expected.length];
-
-        c.init(true, new ParametersWithIV(new KeyParameter(key), iv));
-
-        int l = c.processBytes(pt, 0, pt.length, ct, 0);
-
-        c.doFinal(ct, l);
-
-        if (!Arrays.areEqual(expected, ct))
-        {
-            fail("CBC test failed");
-        }
-    }
-
-    public String getName()
-    {
-        return "Serpent";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new SerpentTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/Shacal2Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/Shacal2Test.java
deleted file mode 100644
index bd7a815..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/Shacal2Test.java
+++ /dev/null

@@ -1,200 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.engines.Shacal2Engine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Shacal2 tester - vectors from https://www.cosic.esat.kuleuven.be/nessie/testvectors/
- */
-public class Shacal2Test
-    extends CipherTest
-{
-    static SimpleTest[]  tests =
-            {
-                // set 8.0
-                new BlockCipherVectorTest(0, new Shacal2Engine(),
-                        new KeyParameter(Hex.decode("000102030405060708090A0B0C0D0E0F" +
-                            "101112131415161718191A1B1C1D1E1F" +
-                            "202122232425262728292A2B2C2D2E2F" +
-                            "303132333435363738393A3B3C3D3E3F")),
-                        "98BCC10405AB0BFC686BECECAAD01AC1" +
-                        "9B452511BCEB9CB094F905C51CA45430",
-                        "00112233445566778899AABBCCDDEEFF" +
-                        "102132435465768798A9BACBDCEDFE0F"),
-                // set 8.1
-                new BlockCipherVectorTest(1, new Shacal2Engine(),
-                        new KeyParameter(Hex.decode("2BD6459F82C5B300952C49104881FF48" +
-                            "2BD6459F82C5B300952C49104881FF48" +
-                            "2BD6459F82C5B300952C49104881FF48" +
-                            "2BD6459F82C5B300952C49104881FF48")),
-                            "481F122A75F2C4C3395140B5A951EBBA" +
-                            "06D96BDFD9D8FF4FB59CBD1287808D5A",
-                            "EA024714AD5C4D84EA024714AD5C4D84" +
-                            "EA024714AD5C4D84EA024714AD5C4D84"),
-                 // 7.255
-                new BlockCipherVectorTest(2, new Shacal2Engine(),
-                        new KeyParameter(Hex.decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" +
-                            "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" +
-                            "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" +
-                            "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF")),
-                            "94FEDFF2A0CFE3C983D340C88D73F8CF" +
-                            "4B79FC581797EC10B27D4DA1B51E1BC7",
-                            "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF" +
-                            "FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"),
-                // 7.100
-                new BlockCipherVectorTest(3, new Shacal2Engine(),
-                        new KeyParameter(Hex.decode("64646464646464646464646464646464" +
-                            "64646464646464646464646464646464" +
-                            "64646464646464646464646464646464" +
-                            "64646464646464646464646464646464")),
-                            "6643CB84B3B3F126F5E50959EF4CE73D" +
-                            "B8500918ABE1056368DB06CA8C1C0D45",
-                            "64646464646464646464646464646464" +
-                            "64646464646464646464646464646464"),
-                // 7.50
-                new BlockCipherVectorTest(4, new Shacal2Engine(),
-                        new KeyParameter(Hex.decode("32323232323232323232323232323232" +
-                            "32323232323232323232323232323232" +
-                            "32323232323232323232323232323232" +
-                            "32323232323232323232323232323232")),
-                            "92E937285AB11FE3561542C43C918966" +
-                            "971DE722E9B9D38BD69EAC77899DCF81",
-                            "32323232323232323232323232323232" +
-                            "32323232323232323232323232323232"),
-                // 7.0
-                new BlockCipherVectorTest(5, new Shacal2Engine(),
-                        new KeyParameter(Hex.decode("00000000000000000000000000000000" +
-                            "00000000000000000000000000000000" +
-                            "00000000000000000000000000000000" +
-                            "00000000000000000000000000000000")),
-                            "F8C9259FA4F5D787B570AFA9219166A6" +
-                            "3636FC5C30AC289155D0CC4FFCB4B03D",
-                            "00000000000000000000000000000000" +
-                            "00000000000000000000000000000000"),
-                // 6.255
-                new BlockCipherVectorTest(6, new Shacal2Engine(),
-                        new KeyParameter(Hex.decode("00000000000000000000000000000000" +
-                            "00000000000000000000000000000000" +
-                            "00000000000000000000000000000000" +
-                            "00000000000000000000000000000000")),
-                            "F4E976DF0172CD961D4C8D466A12F676" +
-                            "5B9089046E747CD2A41BF43C18A8328E",
-                            "00000000000000000000000000000000" +
-                            "00000000000000000000000000000001"),
-                // 6.100
-                new BlockCipherVectorTest(7, new Shacal2Engine(),
-                    new KeyParameter(Hex.decode("00000000000000000000000000000000" +
-                        "00000000000000000000000000000000" +
-                        "00000000000000000000000000000000" +
-                        "00000000000000000000000000000000")),
-                        "3B929F0597E21D0076EC399D21B67713" +
-                        "B40E3AD559704219A26A3380212D5AD6",
-                        "00000000000000000000000008000000" +
-                        "00000000000000000000000000000000"),
-
-                // 6.0
-                new BlockCipherVectorTest(8, new Shacal2Engine(),
-                    new KeyParameter(Hex.decode("00000000000000000000000000000000" +
-                        "00000000000000000000000000000000" +
-                        "00000000000000000000000000000000" +
-                        "00000000000000000000000000000000")),
-                        "43A0DAD8307F19FBBCF166FE20BAC075" +
-                        "C56FF14042550E472094B042BE5963EE",
-                        "80000000000000000000000000000000" +
-                        "00000000000000000000000000000000"),
-            };
-
-    Shacal2Test()
-    {
-        super(tests, new Shacal2Engine(), new KeyParameter(new byte[16]));
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        super.performTest();
-
-        // 1.0
-        iteratedTest(0,
-            Hex.decode("80000000000000000000000000000000" +
-            "00000000000000000000000000000000" +
-            "00000000000000000000000000000000" +
-            "00000000000000000000000000000000"),
-            Hex.decode("00000000000000000000000000000000" +
-            "00000000000000000000000000000000"),
-            Hex.decode("361AB6322FA9E7A7BB23818D839E01BD" +
-                "DAFDF47305426EDD297AEDB9F6202BAE"),
-            Hex.decode("226A582DE04383D0F3E7DE655DD848AC" +
-            "3E14CCFB4E76F7B7069879F67C4D5420"),
-            Hex.decode("B05D5A18C0712082CFF5BA9DBBCD7269" +
-            "114FC3DF83B42DAC306D95BBC473D839"));
-
-        // 1.100
-        iteratedTest(1,
-            Hex.decode("00000000000000000000000008000000" +
-                "00000000000000000000000000000000" +
-                "00000000000000000000000000000000" +
-                "00000000000000000000000000000000"),
-            Hex.decode("00000000000000000000000000000000" +
-            "00000000000000000000000000000000"),
-            Hex.decode("F703282E54592A5617E10618027BB67F" +
-                "639E43A90767150D8B7F5E83054B3CBD"),
-            Hex.decode("3B442692B579485B8BA2F92CE3B90DE7" +
-                "D2EA03D8B3C8E7BE7BF6415F798EED90"),
-            Hex.decode("331B9B65F06230380BBEECFBFBA94BCF" +
-                "92AF6341F815D7651F996144A5377263"));
-    }
-
-    private void iteratedTest(int index, byte[] key, byte[] plain, byte[] cipher, byte[] cipher100, byte[] cipher1000)
-    {
-        BlockCipher engine = new Shacal2Engine();
-
-        engine.init(true, new KeyParameter(key));
-
-        byte[] buf = new byte[plain.length];
-
-        System.arraycopy(plain, 0, buf, 0, plain.length);
-
-        engine.processBlock(buf, 0, buf, 0);
-
-        if (!Arrays.areEqual(cipher, buf))
-        {
-            fail(index + " single count failed");
-        }
-
-        for (int i = 1; i != 100; i++)
-        {
-            engine.processBlock(buf, 0, buf, 0);
-        }
-
-        if (!Arrays.areEqual(cipher100, buf))
-        {
-            fail(index + " 100 count failed");
-        }
-
-        for (int i = 100; i != 1000; i++)
-        {
-            engine.processBlock(buf, 0, buf, 0);
-        }
-
-        if (!Arrays.areEqual(cipher1000, buf))
-        {
-            fail(index + " 1000 count failed");
-        }
-    }
-
-    public String getName()
-    {
-        return "Shacal2";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new Shacal2Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/ShortenedDigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/ShortenedDigestTest.java
deleted file mode 100644
index 20510c9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/ShortenedDigestTest.java
+++ /dev/null

@@ -1,89 +0,0 @@
-/*
- * Created on 6/05/2006
- *
- * To change the template for this generated file go to
- * Window&gt;Preferences&gt;Java&gt;Code Generation&gt;Code and Comments
- */
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.ExtendedDigest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.digests.ShortenedDigest;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class ShortenedDigestTest
-    extends SimpleTest
-{
-    public void performTest()
-    {
-        ExtendedDigest  d = new SHA1Digest();
-        ShortenedDigest sd = new ShortenedDigest(new SHA1Digest(), 10);
-        
-        if (sd.getDigestSize() != 10)
-        {
-            fail("size check wrong for SHA-1");
-        }
-        
-        if (sd.getByteLength() != d.getByteLength())
-        {
-            fail("byte length check wrong for SHA-1");
-        }
-        
-        //
-        // check output fits
-        //
-        sd.doFinal(new byte[10], 0);
-        
-        d = new SHA512Digest();
-        sd = new ShortenedDigest(new SHA512Digest(), 20);
-        
-        if (sd.getDigestSize() != 20)
-        {
-            fail("size check wrong for SHA-512");
-        }
-        
-        if (sd.getByteLength() != d.getByteLength())
-        {
-            fail("byte length check wrong for SHA-512");
-        }
-        
-        //
-        // check output fits
-        //
-        sd.doFinal(new byte[20], 0);
-        
-        try
-        {
-            new ShortenedDigest(null, 20);
-            
-            fail("null parameter not caught");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-        
-        try
-        {
-            new ShortenedDigest(new SHA1Digest(), 50);
-            
-            fail("short digest not caught");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-    }
-    
-    public String getName()
-    {
-        return "ShortenedDigest";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new ShortenedDigestTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SipHashTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SipHashTest.java
deleted file mode 100644
index 2b63f6d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SipHashTest.java
+++ /dev/null

@@ -1,143 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.macs.SipHash;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Pack;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/*
- * SipHash test values from "SipHash: a fast short-input PRF", by Jean-Philippe
- * Aumasson and Daniel J. Bernstein (https://131002.net/siphash/siphash.pdf), Appendix A.
- */
-public class SipHashTest
-    extends SimpleTest
-{
-    private static final int UPDATE_BYTES = 0;
-    private static final int UPDATE_FULL = 1;
-    private static final int UPDATE_MIX = 2;
-
-    public String getName()
-    {
-        return "SipHash";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        byte[] key = Hex.decode("000102030405060708090a0b0c0d0e0f");
-        byte[] input = Hex.decode("000102030405060708090a0b0c0d0e");
-
-        runMAC(key, input, UPDATE_BYTES);
-        runMAC(key, input, UPDATE_FULL);
-        runMAC(key, input, UPDATE_MIX);
-        
-        SecureRandom random = new SecureRandom();
-        for (int i = 0; i < 100; ++i)
-        {
-            randomTest(random);
-        }
-    }
-
-    private void runMAC(byte[] key, byte[] input, int updateType)
-        throws Exception
-    {
-        long expected = 0xa129ca6149be45e5L;
-
-        SipHash mac = new SipHash();
-        mac.init(new KeyParameter(key));
-
-        updateMAC(mac, input, updateType);
-
-        long result = mac.doFinal();
-        if (expected != result)
-        {
-            fail("Result does not match expected value for doFinal()");
-        }
-
-        byte[] expectedBytes = new byte[8];
-        Pack.longToLittleEndian(expected, expectedBytes, 0);
-
-        updateMAC(mac, input, updateType);
-
-        byte[] output = new byte[mac.getMacSize()];
-        int len = mac.doFinal(output, 0);
-        if (len != output.length)
-        {
-            fail("Result length does not equal getMacSize() for doFinal(byte[],int)");
-        }
-        if (!areEqual(expectedBytes, output))
-        {
-            fail("Result does not match expected value for doFinal(byte[],int)");
-        }
-    }
-
-    private void randomTest(SecureRandom random)
-    {
-        byte[] key = new byte[16];
-        random.nextBytes(key);
-
-        int length = 1 + RNGUtils.nextInt(random, 1024);
-        byte[] input = new byte[length];
-        random.nextBytes(input);
-
-        SipHash mac = new SipHash();
-        mac.init(new KeyParameter(key));
-
-        updateMAC(mac, input, UPDATE_BYTES);
-        long result1 = mac.doFinal();
-
-        updateMAC(mac, input, UPDATE_FULL);
-        long result2 = mac.doFinal();
-
-        updateMAC(mac, input, UPDATE_MIX);
-        long result3 = mac.doFinal();
-
-        if (result1 != result2 || result1 != result3)
-        {
-            fail("Inconsistent results in random test");
-        }
-    }
-
-    private void updateMAC(SipHash mac, byte[] input, int updateType)
-    {
-        switch (updateType)
-        {
-        case UPDATE_BYTES:
-        {
-            for (int i = 0; i < input.length; ++i)
-            {
-                mac.update(input[i]);
-            }
-            break;
-        }
-        case UPDATE_FULL:
-        {
-            mac.update(input, 0, input.length);
-            break;
-        }
-        case UPDATE_MIX:
-        {
-            int step = Math.max(1, input.length / 3);
-            int pos = 0;
-            while (pos < input.length)
-            {
-                mac.update(input[pos++]);
-                int len = Math.min(input.length - pos, step);
-                mac.update(input, pos, len);
-                pos += len;
-            }
-            break;
-        }
-        default:
-            throw new IllegalStateException();
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new SipHashTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SkeinDigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SkeinDigestTest.java
deleted file mode 100644
index 1a7dff6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SkeinDigestTest.java
+++ /dev/null

@@ -1,294 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SkeinDigest;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Memoable;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class SkeinDigestTest
-    extends SimpleTest
-{
-    private static class Case
-    {
-        private byte[] message;
-        private byte[] digest;
-        private int blockSize;
-        private int outputSize;
-
-        public Case(int blockSize, int outputSize, String message, String digest)
-        {
-            this.blockSize = blockSize;
-            this.outputSize = outputSize;
-            this.message = Hex.decode(message);
-            this.digest = Hex.decode(digest);
-        }
-
-        public int getOutputSize()
-        {
-            return outputSize;
-        }
-
-        public int getBlockSize()
-        {
-            return blockSize;
-        }
-
-        public byte[] getMessage()
-        {
-            return message;
-        }
-
-        public byte[] getDigest()
-        {
-            return digest;
-        }
-
-    }
-
-    // Test cases from skein_golden_kat.txt and skein_golden_kat_short.txt in Skein 1.3 NIST CD
-    private static final Case[] TEST_CASES = {
-        new Case(256, 256, "", "c8877087da56e072870daa843f176e9453115929094c3a40c463a196c29bf7ba"),
-        new Case(256, 256, "fb", "088eb23cc2bccfb8171aa64e966d4af937325167dfcd170700ffd21f8a4cbdac"),
-        new Case(256, 256, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8",
-            "5c3002ff57a627089ea2f97a5000d5678416389019e80e45a3bbcab118315d26"),
-        new Case(256, 256, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8"
-            + "78bb393a1a5f79bef30995a85a129233",
-            "640c894a4bba6574c83e920ddf7dd2982fc634881bbbcb9d774eae0a285e89ce"),
-        new Case(256, 160, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8"
-            + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb"
-            + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a"
-            + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410",
-            "0cd491b7715704c3a15a45a1ca8d93f8f646d3a1"),
-        new Case(256, 224, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8"
-            + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb"
-            + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a"
-            + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410",
-            "afd1e2d0f5b6cd4e1f8b3935fa2497d27ee97e72060adac099543487"),
-        new Case(256, 256, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8"
-            + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb"
-            + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a"
-            + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410",
-            "4de6fe2bfdaa3717a4261030ef0e044ced9225d066354610842a24a3eafd1dcf"),
-        new Case(256, 384, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8"
-            + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb"
-            + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a"
-            + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410",
-            "954620fb31e8b782a2794c6542827026fe069d715df04261629fcbe81d7d529b"
-                + "95ba021fa4239fb00afaa75f5fd8e78b"),
-        new Case(256, 512, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8"
-            + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb"
-            + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a"
-            + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410",
-            "51347e27c7eabba514959f899a6715ef6ad5cf01c23170590e6a8af399470bf9"
-                + "0ea7409960a708c1dbaa90e86389df254abc763639bb8cdf7fb663b29d9557c3"),
-        new Case(256, 1024, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8"
-            + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb"
-            + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a"
-            + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410",
-            "6c9b6facbaf116b538aa655e0be0168084aa9f1be445f7e06714585e5999a6c9"
-                + "84fffa9d41a316028692d4aad18f573fbf27cf78e84de26da1928382b023987d"
-                + "cfe002b6201ea33713c54a8a5d9eb346f0365e04330d2faaf7bc8aba92a5d7fb"
-                + "6345c6fb26750bce65ab2045c233627679ac6e9acb33602e26fe3526063ecc8b"),
-
-        new Case(512, 512, "", "bc5b4c50925519c290cc634277ae3d6257212395cba733bbad37a4af0fa06af4"
-            + "1fca7903d06564fea7a2d3730dbdb80c1f85562dfcc070334ea4d1d9e72cba7a"),
-        new Case(512, 512, "fb", "c49e03d50b4b2cc46bd3b7ef7014c8a45b016399fd1714467b7596c86de98240"
-            + "e35bf7f9772b7d65465cd4cffab14e6bc154c54fc67b8bc340abf08eff572b9e"),
-        new Case(512, 512, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8",
-            "abefb179d52f68f86941acbbe014cc67ec66ad78b7ba9508eb1400ee2cbdb06f"
-                + "9fe7c2a260a0272d0d80e8ef5e8737c0c6a5f1c02ceb00fb2746f664b85fcef5"),
-        new Case(512, 512, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8"
-            + "78bb393a1a5f79bef30995a85a129233",
-            "5c5b7956f9d973c0989aa40a71aa9c48a65af2757590e9a758343c7e23ea2df4"
-                + "057ce0b49f9514987feff97f648e1dd065926e2c371a0211ca977c213f14149f"),
-        new Case(512, 160, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8"
-            + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb"
-            + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a"
-            + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410",
-            "ef03079d61b57c6047e15fa2b35b46fa24279539"),
-        new Case(512, 224, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8"
-            + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb"
-            + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a"
-            + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410",
-            "d9e3219b214e15246a2038f76a573e018ef69b385b3bd0576b558231"),
-        new Case(512, 256, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8"
-            + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb"
-            + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a"
-            + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410",
-            "809dd3f763a11af90912bbb92bc0d94361cbadab10142992000c88b4ceb88648"),
-        new Case(512, 384, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8"
-            + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb"
-            + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a"
-            + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410",
-            "825f5cbd5da8807a7b4d3e7bd9cd089ca3a256bcc064cd73a9355bf3ae67f2bf"
-                + "93ac7074b3b19907a0665ba3a878b262"),
-        new Case(512, 512, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8"
-            + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb"
-            + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a"
-            + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410",
-            "1a0d5abf4432e7c612d658f8dcfa35b0d1ab68b8d6bd4dd115c23cc57b5c5bcd"
-                + "de9bff0ece4208596e499f211bc07594d0cb6f3c12b0e110174b2a9b4b2cb6a9"),
-
-        new Case(1024, 1024, "", "0fff9563bb3279289227ac77d319b6fff8d7e9f09da1247b72a0a265cd6d2a62"
-            + "645ad547ed8193db48cff847c06494a03f55666d3b47eb4c20456c9373c86297"
-            + "d630d5578ebd34cb40991578f9f52b18003efa35d3da6553ff35db91b81ab890"
-            + "bec1b189b7f52cb2a783ebb7d823d725b0b4a71f6824e88f68f982eefc6d19c6"),
-        new Case(1024, 1024, "fb", "6426bdc57b2771a6ef1b0dd39f8096a9a07554565743ac3de851d28258fcff22"
-            + "9993e11c4e6bebc8b6ecb0ad1b140276081aa390ec3875960336119427827473"
-            + "4770671b79f076771e2cfdaaf5adc9b10cbae43d8e6cd2b1c1f5d6c82dc96618"
-            + "00ddc476f25865b8748253173187d81da971c027d91d32fb390301c2110d2db2"),
-        new Case(1024, 1024, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8",
-            "140e93726ab0b0467c0b8a834ad8cda4d1769d273661902b70db0dcb5ee692ac"
-                + "b3f852d03b11f857850f2428432811309c1dcbe5724f00267ea3667e89fadb4e"
-                + "4911da6b0ba8a7eddf87c1c67152ef0f07b7fead3557318478bdef5ad1e5926d"
-                + "7071fdd4bfa5076d4b3253f8de479ebdf5357676f1641b2f097e9b785e9e528e"),
-        new Case(1024, 1024, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8"
-            + "78bb393a1a5f79bef30995a85a129233",
-            "31105e1ef042c30b95b16e0f6e6a1a19172bb7d54a0597dd0c711194888efe1d"
-                + "bce82d47416df9577ca387219f06e45cd10964ff36f6711edbbea0e9595b0f66"
-                + "f72b755d70a46857e0aec98561a743d49370d8e572e212811273125f66cc30bf"
-                + "117d3221894c48012bf6e2219de91e064b01523517420a1e00f71c4cc04bab62"),
-        new Case(1024, 160, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8"
-            + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb"
-            + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a"
-            + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410",
-            "2e6a4cbf2ef05ea9c24b93e8d1de732ddf2739eb"),
-        new Case(1024, 224, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8"
-            + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb"
-            + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a"
-            + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410",
-            "1d6de19f37f7a3c265440eecb4b9fbd3300bb5ac60895cfc0d4d3c72"),
-        new Case(1024, 256, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8"
-            + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb"
-            + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a"
-            + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410",
-            "986a4d472b123e8148731a8eac9db23325f0058c4ccbc44a5bb6fe3a8db672d7"),
-        new Case(1024, 384, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8"
-            + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb"
-            + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a"
-            + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410",
-            "9c3d0648c11f31c18395d5e6c8ebd73f43d189843fc45235e2c35e345e12d62b"
-                + "c21a41f65896ddc6a04969654c2e2ce9"),
-        new Case(1024, 512, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8"
-            + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb"
-            + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a"
-            + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410",
-            "5d0416f49c2d08dfd40a1446169dc6a1d516e23b8b853be4933513051de8d5c2"
-                + "6baccffb08d3b16516ba3c6ccf3e9a6c78fff6ef955f2dbc56e1459a7cdba9a5"),
-        new Case(1024, 1024, "fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8"
-            + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb"
-            + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a"
-            + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410",
-            "96ca81f586c825d0360aef5acaec49ad55289e1797072eee198b64f349ce65b6"
-                + "e6ed804fe38f05135fe769cc56240ddda5098f620865ce4a4278c77fa2ec6bc3"
-                + "1c0f354ca78c7ca81665bfcc5dc54258c3b8310ed421d9157f36c093814d9b25"
-                + "103d83e0ddd89c52d0050e13a64c6140e6388431961685734b1f138fe2243086"),
-
-    };
-
-    public String getName()
-    {
-        return "SkeinDigest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        runTest(TEST_CASES[7]);
-        for (int i = 0; i < TEST_CASES.length; i++)
-        {
-            Case test = TEST_CASES[i];
-            runTest(test);
-        }
-    }
-
-    private void runTest(Case dc)
-    {
-        SkeinDigest digest = new SkeinDigest(dc.getBlockSize(), dc.getOutputSize());
-
-        byte[] message = dc.getMessage();
-        digest.update(message, 0, message.length);
-
-        byte[] output = new byte[digest.getDigestSize()];
-        digest.doFinal(output, 0);
-
-        if (!Arrays.areEqual(output, dc.getDigest()))
-        {
-            fail(digest.getAlgorithmName() + " message mismatch.\n Message " + new String(Hex.encode(dc.getMessage())),
-                new String(Hex.encode(dc.getDigest())), new String(Hex.encode(output)));
-        }
-
-        // Clone test
-        digest.update(message, 0, message.length / 2);
-
-        // clone the Digest
-        Digest d = new SkeinDigest(digest);
-
-        digest.update(message, message.length / 2, message.length - message.length / 2);
-        digest.doFinal(output, 0);
-
-        if (!areEqual(dc.getDigest(), output))
-        {
-            fail("failing clone vector test", new String(Hex.encode(dc.getDigest())), new String(Hex.encode(output)));
-        }
-
-        d.update(message, message.length / 2, message.length - message.length / 2);
-        d.doFinal(output, 0);
-
-        if (!areEqual(dc.getDigest(), output))
-        {
-            fail("failing second clone vector test", new String(Hex.encode(dc.getDigest())), new String(Hex.encode(output)));
-        }
-
-        //
-        // memo test
-        //
-        Memoable m = (Memoable)digest;
-
-        digest.update(message, 0, message.length / 2);
-
-        // copy the Digest
-        Memoable copy1 = m.copy();
-        Memoable copy2 = copy1.copy();
-
-        digest.update(message, message.length / 2, message.length - message.length / 2);
-        digest.doFinal(output, 0);
-
-        if (!areEqual(dc.getDigest(), output))
-        {
-            fail("failing memo vector test", new String(Hex.encode(dc.getDigest())), new String(Hex.encode(output)));
-        }
-
-        m.reset(copy1);
-
-        digest.update(message, message.length / 2, message.length - message.length / 2);
-        digest.doFinal(output, 0);
-
-        if (!areEqual(dc.getDigest(), output))
-        {
-            fail("failing memo reset vector test", new String(Hex.encode(dc.getDigest())), new String(Hex.encode(output)));
-        }
-
-        Digest md = (Digest)copy2;
-
-        md.update(message, message.length / 2, message.length - message.length / 2);
-        md.doFinal(output, 0);
-
-        if (!areEqual(dc.getDigest(), output))
-        {
-            fail("failing memo copy vector test", new String(Hex.encode(dc.getDigest())), new String(Hex.encode(output)));
-        }
-    }
-
-    public static void main(String[] args)
-        throws IOException
-    {
-        // generateTests();
-        runTest(new SkeinDigestTest());
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SkeinMacTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SkeinMacTest.java
deleted file mode 100644
index 68008b7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SkeinMacTest.java
+++ /dev/null

@@ -1,162 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.io.IOException;
-
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.macs.SkeinMac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class SkeinMacTest
-    extends SimpleTest
-{
-    private static class Case
-    {
-        private byte[] message;
-        private byte[] digest;
-        private byte[] key;
-        private int blockSize;
-        private int outputSize;
-
-        public Case(int blockSize, int outputSize, String message, String key, String digest)
-        {
-            this.blockSize = blockSize;
-            this.outputSize = outputSize;
-            this.message = Hex.decode(message);
-            this.key = Hex.decode(key);
-            this.digest = Hex.decode(digest);
-        }
-
-        public int getOutputSize()
-        {
-            return outputSize;
-        }
-
-        public int getBlockSize()
-        {
-            return blockSize;
-        }
-
-        public byte[] getMessage()
-        {
-            return message;
-        }
-
-        public byte[] getKey()
-        {
-            return key;
-        }
-
-        public byte[] getDigest()
-        {
-            return digest;
-        }
-
-        public String toString()
-        {
-            return "new Case(" + blockSize + ", " + outputSize + ", \"" + new String(Hex.encode(message)) + "\", \""
-                + new String(Hex.encode(key)) + "\", \"" + new String(Hex.encode(digest)) + "\"";
-        }
-
-    }
-
-    // Test cases from skein_golden_kat.txt in Skein 1.3 NIST CD
-    // Excludes empty '(none)' key 'random+MAC' tests, which are in effect digest 
-    private static final Case[] TEST_CASES = {
-        new Case(256, 256, "", "cb41f1706cde09651203c2d0efbaddf8", "886e4efefc15f06aa298963971d7a25398fffe5681c84db39bd00851f64ae29d"),
-        new Case(256, 256, "d3", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c193", "979422a94e3afaa46664124d4e5e8b9422b1d8baf11c6ae6725992ac72a112ca"),
-        new Case(256, 256, "d3090c72", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e", "1d658372cbea2f9928493cc47599d6f4ad8ce33536bedfa20b739f07516519d5"),
-        new Case(256, 256, "d3090c72167517f7", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e92", "41ef6b0f0fad81c040284f3b1a91e9c44e4c26a6d7207f3aac4362856ef12aca"),
-        new Case(256, 256, "d3090c72167517f7c7ad82a70c2fd3f6", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c193", "ca8208119b9e4e4057631ab31015cfd256f6763a0a34381633d97f640899b84f"),
-        new Case(256, 256, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e", "9e9980fcc16ee082cf164a5147d0e0692aeffe3dcb8d620e2bb542091162e2e9"),
-        new Case(256, 256, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc235", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c193", "c353a316558ec34f8245dd2f9c2c4961fbc7decc3b69053c103e4b8aaaf20394"),
-        new Case(256, 256, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdf", "cb41f1706cde09651203c2d0efbaddf8", "b1b8c18188e69a6ecae0b6018e6b638c6a91e6de6881e32a60858468c17b520d"),
-        new Case(256, 256, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e92", "1dfd2515a412e78852cd81a7f2167711b4ca19b2891c2ea36ba94f8451944793"),
-        new Case(256, 224, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf8", "a097340709b443ed2c0a921f5dcefef3ead65c4f0bcd5f13da54d7ed"),
-        new Case(256, 256, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e", "ac1b4fab6561c92d0c487e082daec53e0db4f505e08bf51cae4fd5375e37fc04"),
-        new Case(256, 384, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e92", "96e6cebb23573d0a70ce36a67aa05d2403148093f25c695e1254887cc97f9771d2518413af4286bf2a06b61a53f7fcec"),
-        new Case(256, 512, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c193", "0e95e597e71d6350f20b99c4179f54f43a4722705c06ba765a82cb0a314fe2fe87ef8090063b757e53182706ed18737dadc0da1e1c66518f08334052702c5ed7"),
-        new Case(256, 264, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf8", "064abd4896f460b1953f5a357e7f7c5256e29cdb62b8740d0b52295cfa2ef4c7a2"),
-        new Case(256, 520, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e", "edf220e43e048603bd16197d59b673b9974de5b8bcf7cb1558a4799f6fd3743eb5fb400cd6129afc0c60e7b741b7e5806f0e0b93eb8429fbc7efa222175a9c80fd"),
-        new Case(256, 1032, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e92", "f3f59fb07399c7b73aae02a8590883cb2fdfde75c55654e71846522301bde48d267169adcc559e038e8c2f28faa552b550d51874055384adea93c036c71a1f0af0c7bcc3bc923738d5307b9da7cb423d4e615c629c4aba71f70d4c9d1fa008176825e51bfa0203445a4083947ec19f6a0fbd082b5b970f2396fb67420639410447"),
-        new Case(256, 2056, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c193", "80eb80d9b8836b32fa576fc84ba08edfbdfd6979123d61914e610a70a372b37f560a10909484f9f4a377c93e29ba681dfe522c41dc83b5ee0567e5370007c7bbe4df0b2b4a25e088f80d72fc30734cdcd76d817b42fbd44dca881019afb25306f19d4e91848778af306517d2072cef72caa327e877c5b6554f83cec3d00877131b47c4d3b557f5a13541c4d5080ee3ce7a658993d083efd0db3496a8752060c3c8552f44b290cabdcc867f691ad605836c08dbd59c9528d885b600b85fdfc8a9d0e636ac3ad8b4295bcb0169e78dc358e77eacc8c4b61bddfa9e5f32d2268a006cfe05c57150fe8e68cabd21cf6cf6035aa1fe4db36c922b765aad0b64e82a2c37"),
-        new Case(256, 256, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed696e6c9db1e6abea026288954a9c2d5758d7c5db7c9e48aa3d21cae3d977a7c3926066aa393dbd538dd0c30da8916c8757f24c18488014668a2627163a37b261833dc2f8c3c56b1b2e0be21fd3fbdb507b2950b77a6cc02efb393e57419383a920767bca2c972107aa61384542d47cbfb82cfe5c415389d1b0a2d74e2c5da851", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e", "8f88de68f03cd2f396ccdd49c3a0f4ff15bcda7eb357da9753f6116b124de91d"),
-        new Case(512, 512, "", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc814631346c", "9bd43d2a2fcfa92becb9f69faab3936978f1b865b7e44338fc9c8f16aba949ba340291082834a1fc5aa81649e13d50cd98641a1d0883062bfe2c16d1faa7e3aa"),
-        new Case(512, 512, "d3", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1", "f0c0a10f031c8fc69cfabcd54154c318b5d6cd95d06b12cf20264402492211ee010d5cecc2dc37fd772afac0596b2bf71e6020ef2dee7c860628b6e643ed9ff6"),
-        new Case(512, 512, "d3090c72167517f7", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e", "0c1f1921253dd8e5c2d4c5f4099f851042d91147892705829161f5fc64d89785226eb6e187068493ee4c78a4b7c0f55a8cbbb1a5982c2daf638fc6a74b16b0d7"),
-        new Case(512, 512, "d3090c72167517f7c7ad82a70c2fd3f6", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1", "478d7b6c0cc6e35d9ebbdedf39128e5a36585db6222891692d1747d401de34ce3db6fcbab6c968b7f2620f4a844a2903b547775579993736d2493a75ff6752a1"),
-        new Case(512, 512, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e59", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c193", "13c170bac1de35e5fb843f65fabecf214a54a6e0458a4ff6ea5df91915468f4efcd371effa8965a9e82c5388d84730490dcf3976af157b8baf550655a5a6ab78"),
-        new Case(512, 512, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc235", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1", "a947812529a72fd3b8967ec391b298bee891babc8487a1ec4ea3d88f6b2b5be09ac6a780f30f8e8c3bbb4f18bc302a28f3e87d170ba0f858a8fefe3487478cca"),
-        new Case(512, 512, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdf", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc814631346c", "7690ba61f10e0bba312980b0212e6a9a51b0e9aadfde7ca535754a706e042335b29172aae29d8bad18efaf92d43e6406f3098e253f41f2931eda5911dc740352"),
-        new Case(512, 512, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e", "d10e3ba81855ac087fbf5a3bc1f99b27d05f98ba22441138026225d34a418b93fd9e8dfaf5120757451adabe050d0eb59d271b0fe1bbf04badbcf9ba25a8791b"),
-        new Case(512, 160, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c193", "5670b226156570dff3efe16661ab86eb24982cdf"),
-        new Case(512, 224, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc814631346c", "c41b9ff9753e6c0f8ed88866e320535e927fe4da552c289841a920db"),
-        new Case(512, 384, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e", "dfbf5c1319a1d9d70efb2f1600fbcf694f935907f31d24a16d6cd2fb2d7855a769681766c0a29da778eed346cd1d740f"),
-        new Case(512, 512, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1", "04d8cddb0ad931d54d195899a094684344e902286037272890bce98a41813edc37a3cee190a693fcca613ee30049ce7ec2bdff9613f56778a13f8c28a21d167a"),
-        new Case(512, 1024, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c193", "08fca368b3b14ac406676adf37ac9be2dbb8704e694055a0c6331184d4f0070098f23f0963ee29002495771bf56fb4d3d9ff3506abcd80be927379f7880d5d7703919fbf92184f498ac44f47f015ce676eded9165d47d53733f5a27abbc05f45acd98b97cc15ffdced641defd1a5119ef841b452a1b8f94ee69004466ccdc143"),
-        new Case(512, 264, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc814631346c", "669e770ebe7eacc2b64caaf049923ad297a5b37cfa61c283392d81ccfcb9bbbc09"),
-        new Case(512, 1032, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e", "acc2e03f07f33e9820a6038421089429adcd6a7a83f733beec048c05bf37531a170a5537fcb565c348a70a83217f8be768ff6f95fd2b3d89cb7d8a3dc849505e3710eb4e65a8e7134bbf580d92fe18c9aa987563669b1f014aa5e092519089355534eaa9f0bdc99f6839f54080ffe74623254c906ecb8896b4346c3178a0bc2898"),
-        new Case(512, 2056, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1", "9f3e082223c43090a4a3ffbdcd469cbabfe0c1399d1edf45a5dfc18f4db5428928a76e979b8d0d5dffec0e6a59ada448c1ffbc06cc80a2006f002adc0c6dbf458563762228dce4381944e460ebebfe06f1237093634625107469a22a189a47f8b025899265d8890a1b39df64552394377e88ba2ad44a8c8d174f884ac8c3ae24ddb0affca5fceb6aa76e09706881e8371774b9b050a69b96ef5e97e81043f8b7e9479e287ab441bacd62caf768a82c8c3e3107be70eb8799a39856fe29842a04e25de0ef9de1b7e65bd0f1f7306835287fc957388e2035b7d22d3aa9c06a9fefbca16f3f60e1c4def89038d918942152a069aa2e0be8ae7475d859031adec84583"),
-        new Case(1024, 1024, "", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc81463134", "bcf37b3459c88959d6b6b58b2bfe142cef60c6f4ec56b0702480d7893a2b0595aa354e87102a788b61996b9cbc1eade7dafbf6581135572c09666d844c90f066b800fc4f5fd1737644894ef7d588afc5c38f5d920bdbd3b738aea3a3267d161ed65284d1f57da73b68817e17e381ca169115152b869c66b812bb9a84275303f0"),
-        new Case(1024, 1024, "d3090c72", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc814631346c", "df0596e5808835a3e304aa27923db05f61dac57c0696a1d19abf188e70aa9dbcc659e9510f7c9a37fbc025bd4e5ea293e78ed7838dd0b08864e8ad40ddb3a88031ebefc21572a89960d1916107a7da7ac0c067e34ec46a86a29ca63fa250bd398eb32ec1ed0f8ac8329f26da018b029e41e2e58d1dfc44de81615e6c987ed9c9"),
-        new Case(1024, 1024, "d3090c72167517f7", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc814631346c042eb4187aa1c015a4767032c0bb28f076b66485f51531c12e948f47dbc2cb904a4b75d1e8a6d931dab4a07e0a54d1bb5b55e602141746bd09fb15e8f01a8d74e9e63959cb37336bc1b896ec78da734c15e362db04368fbba280f20a043e0d0941e9f5193e1b360a33c43b266524880125222e648f05f28be34ba3cabfc9c544", "3cfbb79cd88af8ee09c7670bcbab6907a31f80fa31d9d7c9d50826c9568f307a78bd254961398c76b6e338fd9ca5f351059350d30963c3320659b223b991fc46d1307686fe2b4763d9f593c57ad5adbc45caf2ea3dc6090f5a74fa5fa6d9e9838964ea0a2aa216831ab069b00629a1a9b037083403bdb25d3d06a21c430c87dd"),
-        new Case(1024, 1024, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e59", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1", "0a1b960099fc9d653b0fd1f5b6b972fb366907b772cbce5a59b6171d7935506f70c212bd169d68c5cfd8618343611b7eb2e686ff1dc7c03a57e1a55ed10726848161eea903d53b58459be42d95df989c66c2eea4e51cde272c2d8be67bf3bca2aee633777eb8486781eaa060d0f538abd6c93dbd2d1bf66e6f50bfdcac3725a4"),
-        new Case(1024, 1024, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc814631346c", "3e0cd7938d71c39ffbb08a6ba7995ade3ad140e2c0c45cdbafb099247e08e4c20b61c1f885ced5ed2f816680925034918236e5807f0eecf3f27e9cfca36675eb75873efa1fb41f17541dc2f7c2469eaecb35cc7ca58e489804caf56f09fb97c9f689c64ad49c6888f86c483e901bd3d25798b394ef93faf9154900f92f31f433"),
-        new Case(1024, 1024, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdf", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc81463134", "7266752f7e9aa04bd7d8a1b16030677de6021301f6a62473c76bae2b98bbf8aad73bd00a4b5035f741caf2317ab80e4e97f5c5bbe8acc0e8b424bcb13c7c6740a985801fba54addde8d4f13f69d2bfc98ae104d46a211145217e51d510ea846cec9581d14fda079f775c8b18d66cb31bf7060996ee8a69eee7f107909ce59a97"),
-        new Case(1024, 1024, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc814631346c042eb4187aa1c015a4767032c0bb28f076b66485f51531c12e948f47dbc2cb904a4b75d1e8a6d931dab4a07e0a54d1bb5b55e602141746bd09fb15e8f01a8d74e9e63959cb37336bc1b896ec78da734c15e362db04368fbba280f20a043e0d0941e9f5193e1b360a33c43b266524880125222e648f05f28be34ba3cabfc9c544", "71f40bf2aa635125ef83c8df0d4e9ea18b73b56be4f45e89b910a7c68d396b65b09d18abc7d1b6de3f53fd5de583e6f22e612dd17b292068af6027daaf8b4cd60acf5bc85044741e9f7a1f423f5827f5e360930a2e71912239af9fc6343604fdcf3f3569854f2bb8d25a81e3b3f5261a02fe8292aaaa50c324101ab2c7a2f349"),
-        new Case(1024, 160, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1", "17c3c533b27d666da556ae586e641b7a3a0bcc45"),
-        new Case(1024, 224, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc81463134", "6625df9801581009125ea4e5c94ad6f1a2d692c278822ccb6eb67235"),
-        new Case(1024, 256, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc814631346c", "6c5b671c1766f6eecea6d24b641d4a6bf84bba13a1976f8f80b3f30ee2f93de6"),
-        new Case(1024, 384, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc814631346c042eb4187aa1c015a4767032c0bb28f076b66485f51531c12e948f47dbc2cb904a4b75d1e8a6d931dab4a07e0a54d1bb5b55e602141746bd09fb15e8f01a8d74e9e63959cb37336bc1b896ec78da734c15e362db04368fbba280f20a043e0d0941e9f5193e1b360a33c43b266524880125222e648f05f28be34ba3cabfc9c544", "98af454d7fa3706dfaafbf58c3f9944868b57f68f493987347a69fce19865febba0407a16b4e82065035651f0b1e0327"),
-        new Case(1024, 1024, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1", "211ac479e9961141da3aac19d320a1dbbbfad55d2dce87e6a345fcd58e36827597378432b482d89bad44dddb13e6ad86e0ee1e0882b4eb0cd6a181e9685e18dd302ebb3aa74502c06254dcadfb2bd45d288f82366b7afc3bc0f6b1a3c2e8f84d37fbedd07a3f8fcff84faf24c53c11da600aaa118e76cfdcb366d0b3f7729dce"),
-        new Case(1024, 264, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc81463134", "dc1d253b7cadbdaef18503b1809a7f1d4f8c323b7f6f8ca50b76d3864649ce1c7d"),
-        new Case(1024, 520, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc814631346c", "decd79578d12bf6806530c382230a2c7836429c70cac941179e1dd982938bab91fb6f3638df1cc1ef615ecfc4249e5aca8a73c4c1eebef662a836d0be903b00146"),
-        new Case(1024, 1032, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc814631346c042eb4187aa1c015a4767032c0bb28f076b66485f51531c12e948f47dbc2cb904a4b75d1e8a6d931dab4a07e0a54d1bb5b55e602141746bd09fb15e8f01a8d74e9e63959cb37336bc1b896ec78da734c15e362db04368fbba280f20a043e0d0941e9f5193e1b360a33c43b266524880125222e648f05f28be34ba3cabfc9c544", "440fe691e04f1fed8c253d6c4670646156f33fffaea702de9445df5739eb960cecf85d56e2e6860a610211a5c909932ab774b978aa0b0d5bbce82775172ab12dceddd51d1eb030057ce61bea6c18f6bb368d26ae76a9e44a962eb132e6c42c25d9fecc4f13348300ca55c78e0990de96c1ae24eb3ee3324782c93dd628260a2c8d"),
-        new Case(1024, 1024, "d3090c72167517f7c7ad82a70c2fd3f6443f608301591e598eadb195e8357135ba26fede2ee187417f816048d00fc23512737a2113709a77e4170c49a94b7fdff45ff579a72287743102e7766c35ca5abc5dfe2f63a1e726ce5fbd2926db03a2dd18b03fc1508a9aac45eb362440203a323e09edee6324ee2e37b4432c1867ed696e6c9db1e6abea026288954a9c2d5758d7c5db7c9e48aa3d21cae3d977a7c3926066aa393dbd538dd0c30da8916c8757f24c18488014668a2627163a37b261833dc2f8c3c56b1b2e0be21fd3fbdb507b2950b77a6cc02efb393e57419383a920767bca2c972107aa61384542d47cbfb82cfe5c415389d1b0a2d74e2c5da851", "cb41f1706cde09651203c2d0efbaddf847a0d315cb2e53ff8bac41da0002672e920244c66e02d5f0dad3e94c42bb65f0d14157decf4105ef5609d5b0984457c1935df3061ff06e9f204192ba11e5bb2cac0430c1c370cb3d113fea5ec1021eb875e5946d7a96ac69a1626c6206b7252736f24253c9ee9b85eb852dfc814631346c", "46a42b0d7b8679f8fcea156c072cf9833c468a7d59ac5e5d326957d60dfe1cdfb27eb54c760b9e049fda47f0b847ac68d6b340c02c39d4a18c1bdfece3f405fae8aa848bdbefe3a4c277a095e921228618d3be8bd1999a071682810de748440ad416a97742cc9e8a9b85455b1d76472cf562f525116698d5cd0a35ddf86e7f8a"),
-
-    };
-
-    public String getName()
-    {
-        return "SkeinMac";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        for (int i = 0; i < TEST_CASES.length; i++)
-        {
-            Case test = TEST_CASES[i];
-            runTest(test);
-        }
-    }
-
-    private void runTest(Case dc)
-    {
-        Mac digest = new SkeinMac(dc.getBlockSize(), dc.getOutputSize());
-        digest.init(new KeyParameter(dc.getKey()));
-
-        byte[] message = dc.getMessage();
-        digest.update(message, 0, message.length);
-
-        byte[] output = new byte[digest.getMacSize()];
-        digest.doFinal(output, 0);
-
-        if (!Arrays.areEqual(output, dc.getDigest()))
-        {
-            fail(digest.getAlgorithmName() + " message " + (dc.getMessage().length * 8) + " mismatch.\n Message  " + new String(Hex.encode(dc.getMessage()))
-                + "\n Key      " + new String(Hex.encode(dc.getKey())) + "\n Expected "
-                + new String(Hex.encode(dc.getDigest())) + "\n Actual   " + new String(Hex.encode(output)));
-        }
-
-    }
-
-    public static void main(String[] args)
-        throws IOException
-    {
-        runTest(new SkeinMacTest());
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/SkipjackTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/SkipjackTest.java
deleted file mode 100644
index 455e10b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/SkipjackTest.java
+++ /dev/null

@@ -1,35 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.engines.SkipjackEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- */
-public class SkipjackTest
-    extends CipherTest
-{
-    static SimpleTest[]  tests = 
-            {
-                new BlockCipherVectorTest(0, new SkipjackEngine(),
-                        new KeyParameter(Hex.decode("00998877665544332211")),
-                        "33221100ddccbbaa", "2587cae27a12d300")
-            };
-
-    SkipjackTest()
-    {
-        super(tests, new SkipjackEngine(), new KeyParameter(Hex.decode("00998877665544332211")));
-    }
-
-    public String getName()
-    {
-        return "SKIPJACK";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new SkipjackTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/StreamCipherResetTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/StreamCipherResetTest.java
deleted file mode 100644
index 092de5f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/StreamCipherResetTest.java
+++ /dev/null

@@ -1,133 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.StreamCipher;
-import org.bouncycastle.crypto.engines.ChaChaEngine;
-import org.bouncycastle.crypto.engines.Grain128Engine;
-import org.bouncycastle.crypto.engines.Grainv1Engine;
-import org.bouncycastle.crypto.engines.HC128Engine;
-import org.bouncycastle.crypto.engines.HC256Engine;
-import org.bouncycastle.crypto.engines.ISAACEngine;
-import org.bouncycastle.crypto.engines.RC4Engine;
-import org.bouncycastle.crypto.engines.Salsa20Engine;
-import org.bouncycastle.crypto.engines.XSalsa20Engine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Test whether block ciphers implement reset contract on init, encrypt/decrypt and reset.
- */
-public class StreamCipherResetTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "Stream Cipher Reset";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        testReset(new Salsa20Engine(), new Salsa20Engine(), new ParametersWithIV(new KeyParameter(random(32)),
-            random(8)));
-        testReset(new Salsa20Engine(), new Salsa20Engine(), new ParametersWithIV(new KeyParameter(random(16)),
-            random(8)));
-        testReset(new XSalsa20Engine(), new XSalsa20Engine(), new ParametersWithIV(new KeyParameter(random(32)),
-            random(24)));
-        testReset(new ChaChaEngine(), new ChaChaEngine(), new ParametersWithIV(new KeyParameter(random(32)), random(8)));
-        testReset(new ChaChaEngine(), new ChaChaEngine(), new ParametersWithIV(new KeyParameter(random(16)), random(8)));
-        testReset(new RC4Engine(), new RC4Engine(), new KeyParameter(random(16)));
-        testReset(new ISAACEngine(), new ISAACEngine(), new KeyParameter(random(16)));
-        testReset(new HC128Engine(), new HC128Engine(), new ParametersWithIV(new KeyParameter(random(16)), random(16)));
-        testReset(new HC256Engine(), new HC256Engine(), new ParametersWithIV(new KeyParameter(random(16)), random(16)));
-        testReset(new Grainv1Engine(), new Grainv1Engine(), new ParametersWithIV(new KeyParameter(random(16)),
-            random(8)));
-        testReset(new Grain128Engine(), new Grain128Engine(), new ParametersWithIV(new KeyParameter(random(16)),
-            random(12)));
-    }
-
-    private static final SecureRandom RAND = new SecureRandom();
-
-    private byte[] random(int size)
-    {
-        final byte[] data = new byte[size];
-        RAND.nextBytes(data);
-        return data;
-    }
-
-    private void testReset(StreamCipher cipher1, StreamCipher cipher2, CipherParameters params)
-        throws InvalidCipherTextException
-    {
-        cipher1.init(true, params);
-
-        byte[] plaintext = new byte[1023];
-        byte[] ciphertext = new byte[plaintext.length];
-
-        // Establish baseline answer
-        cipher1.processBytes(plaintext, 0, plaintext.length, ciphertext, 0);
-
-        // Test encryption resets
-        checkReset(cipher1, params, true, plaintext, ciphertext);
-
-        // Test decryption resets with fresh instance
-        cipher2.init(false, params);
-        checkReset(cipher2, params, false, ciphertext, plaintext);
-    }
-
-    private void checkReset(StreamCipher cipher,
-                            CipherParameters params,
-                            boolean encrypt,
-                            byte[] pretext,
-                            byte[] posttext)
-        throws InvalidCipherTextException
-    {
-        // Do initial run
-        byte[] output = new byte[posttext.length];
-        cipher.processBytes(pretext, 0, pretext.length, output, 0);
-
-        // Check encrypt resets cipher
-        cipher.init(encrypt, params);
-
-        try
-        {
-            cipher.processBytes(pretext, 0, pretext.length, output, 0);
-        }
-        catch (Exception e)
-        {
-            fail(cipher.getAlgorithmName() + " init did not reset: " + e.getMessage());
-        }
-        if (!Arrays.areEqual(output, posttext))
-        {
-            fail(cipher.getAlgorithmName() + " init did not reset.", new String(Hex.encode(posttext)),
-                new String(Hex.encode(output)));
-        }
-
-        // Check reset resets data
-        cipher.reset();
-
-        try
-        {
-            cipher.processBytes(pretext, 0, pretext.length, output, 0);
-        }
-        catch (Exception e)
-        {
-            fail(cipher.getAlgorithmName() + " reset did not reset: " + e.getMessage());
-        }
-        if (!Arrays.areEqual(output, posttext))
-        {
-            fail(cipher.getAlgorithmName() + " reset did not reset.");
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new StreamCipherResetTest());
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/StreamCipherVectorTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/StreamCipherVectorTest.java
deleted file mode 100644
index 7b78828..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/StreamCipherVectorTest.java
+++ /dev/null

@@ -1,62 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.StreamCipher;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * a basic test that takes a stream cipher, key parameter, and an input
- * and output string.
- */
-public class StreamCipherVectorTest
-    extends SimpleTest
-{
-    int                 id;
-    StreamCipher        cipher;
-    CipherParameters    param;
-    byte[]              input;
-    byte[]              output;
-
-    public StreamCipherVectorTest(
-        int                 id,
-        StreamCipher        cipher,
-        CipherParameters    param,
-        String              input,
-        String              output)
-    {
-        this.id = id;
-        this.cipher = cipher;
-        this.param = param;
-        this.input = Hex.decode(input);
-        this.output = Hex.decode(output);
-    }
-
-    public String getName()
-    {
-        return cipher.getAlgorithmName() + " Vector Test " + id;
-    }
-
-    public void performTest()
-    {
-        cipher.init(true, param);
-
-        byte[]  out = new byte[input.length];
-
-        cipher.processBytes(input, 0, input.length, out, 0);
-
-        if (!areEqual(out, output))
-        {
-            fail("failed.", new String(Hex.encode(output)) , new String(Hex.encode(out)));
-        }
-
-        cipher.init(false, param);
-
-        cipher.processBytes(output, 0, output.length, out, 0);
-
-        if (!areEqual(input, out))
-        {
-            fail("failed reversal");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/TEATest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/TEATest.java
deleted file mode 100644
index 98b0ec9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/TEATest.java
+++ /dev/null

@@ -1,48 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.engines.TEAEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * TEA tester - based on C implementation results from http://www.simonshepherd.supanet.com/tea.htm
- */
-public class TEATest
-    extends CipherTest
-{
-    static SimpleTest[]  tests = {
-        new BlockCipherVectorTest(0, new TEAEngine(),
-            new KeyParameter(Hex.decode("00000000000000000000000000000000")),
-            "0000000000000000",
-            "41ea3a0a94baa940"),
-        new BlockCipherVectorTest(1, new TEAEngine(),
-            new KeyParameter(Hex.decode("00000000000000000000000000000000")),
-            "0102030405060708",
-            "6a2f9cf3fccf3c55"),
-        new BlockCipherVectorTest(2, new TEAEngine(),
-            new KeyParameter(Hex.decode("0123456712345678234567893456789A")),
-            "0000000000000000",
-            "34e943b0900f5dcb"),
-        new BlockCipherVectorTest(3, new TEAEngine(),
-            new KeyParameter(Hex.decode("0123456712345678234567893456789A")),
-            "0102030405060708",
-            "773dc179878a81c0"),
-            };
-
-    TEATest()
-    {
-        super(tests, new TEAEngine(), new KeyParameter(new byte[16]));
-    }
-
-    public String getName()
-    {
-        return "TEA";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new TEATest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/Threefish1024Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/Threefish1024Test.java
deleted file mode 100644
index a580a15..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/Threefish1024Test.java
+++ /dev/null

@@ -1,60 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.engines.ThreefishEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.TweakableBlockCipherParameters;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class Threefish1024Test
-    extends CipherTest
-{
-    // Test cases from skein_golden_kat_internals.txt in Skein 1.3 NIST CD
-    static SimpleTest[] tests =
-        {
-            new BlockCipherVectorTest(0, new ThreefishEngine(ThreefishEngine.BLOCKSIZE_1024),
-                new TweakableBlockCipherParameters(
-                    new KeyParameter(new byte[128]),
-                    new byte[16]),
-                "0000000000000000000000000000000000000000000000000000000000000000" +
-                    "0000000000000000000000000000000000000000000000000000000000000000" +
-                    "0000000000000000000000000000000000000000000000000000000000000000" +
-                    "0000000000000000000000000000000000000000000000000000000000000000",
-                "f05c3d0a3d05b304f785ddc7d1e036015c8aa76e2f217b06c6e1544c0bc1a90d" +
-                    "f0accb9473c24e0fd54fea68057f43329cb454761d6df5cf7b2e9b3614fbd5a2" +
-                    "0b2e4760b40603540d82eabc5482c171c832afbe68406bc39500367a592943fa" +
-                    "9a5b4a43286ca3c4cf46104b443143d560a4b230488311df4feef7e1dfe8391e"),
-            new BlockCipherVectorTest(1, new ThreefishEngine(ThreefishEngine.BLOCKSIZE_1024),
-                new TweakableBlockCipherParameters(
-                    new KeyParameter(Hex.decode(
-                        "101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f" +
-                            "303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f" +
-                            "505152535455565758595a5b5c5d5e5f606162636465666768696a6b6c6d6e6f" +
-                            "707172737475767778797a7b7c7d7e7f808182838485868788898a8b8c8d8e8f")),
-                    Hex.decode("000102030405060708090a0b0c0d0e0f")),
-                "fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0efeeedecebeae9e8e7e6e5e4e3e2e1e0" +
-                    "dfdedddcdbdad9d8d7d6d5d4d3d2d1d0cfcecdcccbcac9c8c7c6c5c4c3c2c1c0" +
-                    "bfbebdbcbbbab9b8b7b6b5b4b3b2b1b0afaeadacabaaa9a8a7a6a5a4a3a2a1a0" +
-                    "9f9e9d9c9b9a999897969594939291908f8e8d8c8b8a89888786858483828180",
-                "a6654ddbd73cc3b05dd777105aa849bce49372eaaffc5568d254771bab85531c" +
-                    "94f780e7ffaae430d5d8af8c70eebbe1760f3b42b737a89cb363490d670314bd" +
-                    "8aa41ee63c2e1f45fbd477922f8360b388d6125ea6c7af0ad7056d01796e90c8" +
-                    "3313f4150a5716b30ed5f569288ae974ce2b4347926fce57de44512177dd7cde")
-        };
-
-    Threefish1024Test()
-    {
-        super(tests, new ThreefishEngine(ThreefishEngine.BLOCKSIZE_1024), new KeyParameter(new byte[128]));
-    }
-
-    public String getName()
-    {
-        return "Threefish-1024";
-    }
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new Threefish1024Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/Threefish256Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/Threefish256Test.java
deleted file mode 100644
index 10bd608..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/Threefish256Test.java
+++ /dev/null

@@ -1,45 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.engines.ThreefishEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.TweakableBlockCipherParameters;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class Threefish256Test
-    extends CipherTest
-{
-    // Test cases from skein_golden_kat_internals.txt in Skein 1.3 NIST CD
-    static SimpleTest[] tests =
-        {
-            new BlockCipherVectorTest(0, new ThreefishEngine(ThreefishEngine.BLOCKSIZE_256),
-                new TweakableBlockCipherParameters(
-                    new KeyParameter(new byte[32]),
-                    new byte[16]),
-                "0000000000000000000000000000000000000000000000000000000000000000",
-                "84da2a1f8beaee947066ae3e3103f1ad536db1f4a1192495116b9f3ce6133fd8"),
-            new BlockCipherVectorTest(1, new ThreefishEngine(ThreefishEngine.BLOCKSIZE_256),
-                new TweakableBlockCipherParameters(
-                    new KeyParameter(Hex.decode(
-                        "101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f")),
-                    Hex.decode("000102030405060708090a0b0c0d0e0f")),
-                "FFFEFDFCFBFAF9F8F7F6F5F4F3F2F1F0EFEEEDECEBEAE9E8E7E6E5E4E3E2E1E0",
-                "e0d091ff0eea8fdfc98192e62ed80ad59d865d08588df476657056b5955e97df")
-        };
-
-    Threefish256Test()
-    {
-        super(tests, new ThreefishEngine(ThreefishEngine.BLOCKSIZE_256), new KeyParameter(new byte[32]));
-    }
-
-    public String getName()
-    {
-        return "Threefish-256";
-    }
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new Threefish256Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/Threefish512Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/Threefish512Test.java
deleted file mode 100644
index 1eb4e85..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/Threefish512Test.java
+++ /dev/null

@@ -1,50 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.engines.ThreefishEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.TweakableBlockCipherParameters;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class Threefish512Test
-    extends CipherTest
-{
-    // Test cases from skein_golden_kat_internals.txt in Skein 1.3 NIST CD
-    static SimpleTest[] tests =
-        {
-            new BlockCipherVectorTest(0, new ThreefishEngine(ThreefishEngine.BLOCKSIZE_512),
-                new TweakableBlockCipherParameters(
-                    new KeyParameter(new byte[64]),
-                    new byte[16]),
-                "0000000000000000000000000000000000000000000000000000000000000000" +
-                    "0000000000000000000000000000000000000000000000000000000000000000",
-                "b1a2bbc6ef6025bc40eb3822161f36e375d1bb0aee3186fbd19e47c5d479947b" +
-                    "7bc2f8586e35f0cff7e7f03084b0b7b1f1ab3961a580a3e97eb41ea14a6d7bbe"),
-            new BlockCipherVectorTest(1, new ThreefishEngine(ThreefishEngine.BLOCKSIZE_512),
-                new TweakableBlockCipherParameters(
-                    new KeyParameter(Hex.decode(
-                        "101112131415161718191a1b1c1d1e1f202122232425262728292a2b2c2d2e2f" +
-                            "303132333435363738393a3b3c3d3e3f404142434445464748494a4b4c4d4e4f")),
-                    Hex.decode("000102030405060708090a0b0c0d0e0f")),
-                "fffefdfcfbfaf9f8f7f6f5f4f3f2f1f0efeeedecebeae9e8e7e6e5e4e3e2e1e0" +
-                    "dfdedddcdbdad9d8d7d6d5d4d3d2d1d0cfcecdcccbcac9c8c7c6c5c4c3c2c1c0",
-                "e304439626d45a2cb401cad8d636249a6338330eb06d45dd8b36b90e97254779" +
-                    "272a0a8d99463504784420ea18c9a725af11dffea10162348927673d5c1caf3d")
-        };
-
-    Threefish512Test()
-    {
-        super(tests, new ThreefishEngine(ThreefishEngine.BLOCKSIZE_512), new KeyParameter(new byte[64]));
-    }
-
-    public String getName()
-    {
-        return "Threefish-512";
-    }
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new Threefish512Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/TigerDigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/TigerDigestTest.java
deleted file mode 100644
index deb838f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/TigerDigestTest.java
+++ /dev/null

@@ -1,59 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.TigerDigest;
-
-/**
- * Tiger Digest Test
- */
-public class TigerDigestTest
-    extends DigestTest
-{
-    final static String[] messages = {
-        "",
-        "abc",
-        "Tiger",
-        "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-",
-        "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvw",
-        "ABCDEFGHIJKLMNOPQRSTUVWXYZ=abcdefghijklmnopqrstuvwxyz+0123456789",
-        "Tiger - A Fast New Hash Function, by Ross Anderson and Eli Biham, proceedings of Fast Software Encryption 3, Cambridge, 1996.",
-        "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789+-"
-    };
-
-    final static String[] digests = {
-        "3293AC630C13F0245F92BBB1766E16167A4E58492DDE73F3",
-        "2AAB1484E8C158F2BFB8C5FF41B57A525129131C957B5F93",
-        "DD00230799F5009FEC6DEBC838BB6A27DF2B9D6F110C7937",
-        "F71C8583902AFB879EDFE610F82C0D4786A3A534504486B5",
-        "38F41D9D9A710A10C3727AC0DEEAA270727D9F926EC10139",
-        "48CEEB6308B87D46E95D656112CDF18D97915F9765658957",
-        "631ABDD103EB9A3D245B6DFD4D77B257FC7439501D1568DD",
-        "C54034E5B43EB8005848A7E0AE6AAC76E4FF590AE715FD25",
-        "C54034E5B43EB8005848A7E0AE6AAC76E4FF590AE715FD25"
-    };
-
-    final static String hash64k = "FDF4F5B35139F48E710E421BE5AF411DE1A8AAC333F26204";
-    
-    TigerDigestTest()
-    {
-        super(new TigerDigest(), messages, digests);
-    }
-
-    public void performTest()
-    {
-        super.performTest();
-        
-        sixtyFourKTest(hash64k);
-    }
-
-    protected Digest cloneDigest(Digest digest)
-    {
-        return new TigerDigest((TigerDigest)digest);
-    }
-    
-    public static void main(
-        String[]    args)
-    {
-        runTest(new TigerDigestTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/TnepresTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/TnepresTest.java
deleted file mode 100644
index 6b87358..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/TnepresTest.java
+++ /dev/null

@@ -1,144 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.engines.TnepresEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Test vectors based on Floppy 4 of the Serpent AES submission.
- */
-public class TnepresTest
-    extends CipherTest
-{
-    static SimpleTest[]  tests = 
-            {
-               new BlockCipherVectorTest(0, new TnepresEngine(),
-                       new KeyParameter(Hex.decode("0000000000000000000000000000000000000000000000000000000000000000")),
-                      "00000000000000000000000000000000", "8910494504181950f98dd998a82b6749"),
-                new BlockCipherVectorTest(1, new TnepresEngine(),
-                       new KeyParameter(Hex.decode("00000000000000000000000000000000")),
-                      "80000000000000000000000000000000", "10b5ffb720b8cb9002a1142b0ba2e94a"),
-                new BlockCipherVectorTest(2, new TnepresEngine(),
-                        new KeyParameter(Hex.decode("00000000000000000000000000000000")),
-                        "00000000008000000000000000000000", "4f057a42d8d5bd9746e434680ddcd5e5"),
-                new BlockCipherVectorTest(3, new TnepresEngine(),
-                        new KeyParameter(Hex.decode("00000000000000000000000000000000")),
-                        "00000000000000000000400000000000", "99407bf8582ef12550886ef5b6f169b9"),
-                new BlockCipherVectorTest(4, new TnepresEngine(),
-                        new KeyParameter(Hex.decode("000000000000000000000000000000000000000000000000")),
-                        "40000000000000000000000000000000", "d522a3b8d6d89d4d2a124fdd88f36896"),
-                new BlockCipherVectorTest(5, new TnepresEngine(),
-                        new KeyParameter(Hex.decode("000000000000000000000000000000000000000000000000")),
-                        "00000000000200000000000000000000", "189b8ec3470085b3da97e82ca8964e32"),
-                new BlockCipherVectorTest(6, new TnepresEngine(),
-                        new KeyParameter(Hex.decode("000000000000000000000000000000000000000000000000")),
-                        "00000000000000000000008000000000", "f77d868cf760b9143a89809510ccb099"),
-                new BlockCipherVectorTest(7, new TnepresEngine(),
-                        new KeyParameter(Hex.decode("0000000000000000000000000000000000000000000000000000000000000000")),
-                        "08000000000000000000000000000000", "d43b7b981b829342fce0e3ec6f5f4c82"),
-                new BlockCipherVectorTest(8, new TnepresEngine(),
-                        new KeyParameter(Hex.decode("0000000000000000000000000000000000000000000000000000000000000000")),
-                        "00000000000000000100000000000000", "0bf30e1a0c33ccf6d5293177886912a7"),
-                new BlockCipherVectorTest(9, new TnepresEngine(),
-                        new KeyParameter(Hex.decode("0000000000000000000000000000000000000000000000000000000000000000")),
-                        "00000000000000000000000000000001", "6a7f3b805d2ddcba49b89770ade5e507"),
-                new BlockCipherVectorTest(10, new TnepresEngine(),
-                        new KeyParameter(Hex.decode("80000000000000000000000000000000")),
-                        "00000000000000000000000000000000", "49afbfad9d5a34052cd8ffa5986bd2dd"),
-                new BlockCipherVectorTest(11, new TnepresEngine(),
-                        new KeyParameter(Hex.decode("000000000000000000000000004000000000000000000000")),
-                        "00000000000000000000000000000000", "ba8829b1de058c4b48615d851fc74f17"),
-                new BlockCipherVectorTest(12, new TnepresEngine(),
-                        new KeyParameter(Hex.decode("0000000000000000000000000000000000000000000000000000000100000000")),
-                        "00000000000000000000000000000000", "89f64377bf1e8a46c8247044e8056a98"),
-/*
-                new BlockCipherMonteCarloTest(13, 10000, new TnepresEngine(),
-                        new KeyParameter(Hex.decode("47f5f881daab9b67b43bd1342e339c19")),
-                        "7a4f7db38c52a8b711b778a38d203b6b", "003380e19f10065740394f48e2fe80b7"),
-*/
-                new BlockCipherMonteCarloTest(13, 100, new TnepresEngine(),
-                        new KeyParameter(Hex.decode("47f5f881daab9b67b43bd1342e339c19")),
-                        "7a4f7db38c52a8b711b778a38d203b6b", "4db75303d815c2f7cc6ca935d1c5a046"),
-/*
-                new BlockCipherMonteCarloTest(14, 10000, new TnepresEngine(),
-                        new KeyParameter(Hex.decode("31fba879ebc5e80df35e6fa33eaf92d6")),
-                        "70a05e12f74589009692a337f53ff614", "afb5425426906db26b70bdf842ac5400"),
-*/
-                new BlockCipherMonteCarloTest(14, 100, new TnepresEngine(),
-                        new KeyParameter(Hex.decode("31fba879ebc5e80df35e6fa33eaf92d6")),
-                        "70a05e12f74589009692a337f53ff614", "fc53a50f4d3bc9836001893d2f41742d"),
-/*
-                new BlockCipherMonteCarloTest(15, 10000, new TnepresEngine(),
-                        new KeyParameter(Hex.decode("bde6dd392307984695aee80e574f9977caae9aa78eda53e8")),
-                        "9cc523d034a93740a0aa4e2054bb34d8", "1949d506ada7de1f1344986e8ea049b2"),
-*/
-                new BlockCipherMonteCarloTest(15, 100, new TnepresEngine(),
-                        new KeyParameter(Hex.decode("bde6dd392307984695aee80e574f9977caae9aa78eda53e8")),
-                        "9cc523d034a93740a0aa4e2054bb34d8", "77117e6a9e80f40b2a36b7d755573c2d"),
-/*
-                new BlockCipherMonteCarloTest(16, 10000, new TnepresEngine(),
-                        new KeyParameter(Hex.decode("60f6f8ad4290699dc50921a1bbcca92da914e7d9cf01a9317c79c0af8f2487a1")),
-                        "ee1a61106fae2d381d686cbf854bab65", "e57f45559027cb1f2ed9603d814e1c34"),
-*/
-                new BlockCipherMonteCarloTest(16, 100, new TnepresEngine(),
-                        new KeyParameter(Hex.decode("60f6f8ad4290699dc50921a1bbcca92da914e7d9cf01a9317c79c0af8f2487a1")),
-                        "ee1a61106fae2d381d686cbf854bab65", "dcd7f13ea0dcdfd0139d1a42e2ffb84b")
-            };
-
-    TnepresTest()
-    {
-        super(tests, new TnepresEngine(), new KeyParameter(new byte[32]));
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        super.performTest();
-
-        doCbcMonte(new byte[16], new byte[16], new byte[16], Hex.decode("9ea101ecebaa41c712bcb0d9bab3e2e4"));
-        doCbcMonte(Hex.decode("9ea101ecebaa41c712bcb0d9bab3e2e4"), Hex.decode("9ea101ecebaa41c712bcb0d9bab3e2e4"), Hex.decode("b4813d8a66244188b9e92c75913fa2f4"), Hex.decode("f86b2c265b9c75869f31e2c684c13e9f"));
-    }
-
-    private void doCbcMonte(byte[] key, byte[] iv, byte[] pt, byte[] expected)
-    {
-        BlockCipher c = new TnepresEngine();
-
-        byte[] ct = new byte[16];
-
-        System.arraycopy(iv, 0, ct, 0, 16);
-
-        for (int i = 0; i < 10000; i++)
-        {
-            for (int k = 0; k != iv.length; k++)
-            {
-                iv[k] ^= pt[k];
-            }
-            System.arraycopy(ct, 0, pt, 0, 16);
-
-            c.init(true, new KeyParameter(key));
-
-            c.processBlock(iv, 0, ct, 0);
-
-            System.arraycopy(ct, 0, iv, 0, 16);
-        }
-
-        if (!Arrays.areEqual(expected, ct))
-        {
-            fail("CBC monte test failed");
-        }
-    }
-
-    public String getName()
-    {
-        return "Tnepres";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new TnepresTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/TwofishTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/TwofishTest.java
deleted file mode 100644
index 50a41c8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/TwofishTest.java
+++ /dev/null

@@ -1,45 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.engines.TwofishEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class TwofishTest
-    extends CipherTest
-{
-    static String key1 = "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f";
-    static String key2 = "000102030405060708090a0b0c0d0e0f1011121314151617";
-    static String key3 = "000102030405060708090a0b0c0d0e0f";
-
-    static String input = "000102030405060708090A0B0C0D0E0F";
-
-    static SimpleTest[]  tests =
-    {
-        new BlockCipherVectorTest(0, new TwofishEngine(),
-                new KeyParameter(Hex.decode(key1)),
-                input, "8ef0272c42db838bcf7b07af0ec30f38"),
-        new BlockCipherVectorTest(1, new TwofishEngine(),
-                new KeyParameter(Hex.decode(key2)),
-                input, "95accc625366547617f8be4373d10cd7"),
-        new BlockCipherVectorTest(2, new TwofishEngine(),
-                new KeyParameter(Hex.decode(key3)),
-                input, "9fb63337151be9c71306d159ea7afaa4")
-    };
-
-    TwofishTest()
-    {
-        super(tests, new TwofishEngine(), new KeyParameter(new byte[32]));
-    }
-    
-    public String getName()
-    {
-        return "Twofish";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new TwofishTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/VMPCKSA3Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/VMPCKSA3Test.java
deleted file mode 100644
index 65fdfc2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/VMPCKSA3Test.java
+++ /dev/null

@@ -1,97 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.engines.VMPCKSA3Engine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * VMPC Test
- */
-public class VMPCKSA3Test extends SimpleTest
-{
-    private static final byte[] input = new byte[1000000];
-
-    public String getName()
-    {
-        return "VMPC-KSA3";
-    }
-
-    private void checkByte(byte[] array, int position, byte b)
-    {
-        if (array[position] != b)
-        {
-            fail("Fail on position " + position,
-                new String(Hex.encode(new byte[] { b })),
-                new String(Hex.encode(new byte[] { array[position] })));
-        }
-    }
-
-    public void performTest()
-    {
-        byte[] key = Hex.decode("9661410AB797D8A9EB767C21172DF6C7");
-        byte[] iv = Hex.decode("4B5C2F003E67F39557A8D26F3DA2B155");
-        CipherParameters kp = new KeyParameter(key);
-        CipherParameters kpwiv = new ParametersWithIV(kp, iv);
-
-        VMPCKSA3Engine engine = new VMPCKSA3Engine();
-
-        try
-        {
-            engine.init(true, kp);
-            fail("init failed to throw expected exception");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // Expected
-        }
-
-        engine.init(true, kpwiv);
-        checkEngine(engine);
-
-        engine.reset();
-        byte[] output = checkEngine(engine);
-
-        engine.init(false, kpwiv);
-        byte[] recovered = new byte[output.length];
-        engine.processBytes(output, 0, output.length, recovered, 0);
-
-        if (!Arrays.areEqual(input, recovered))
-        {
-            fail("decrypted bytes differ from original bytes");
-        }
-    }
-
-    private byte[] checkEngine(VMPCKSA3Engine engine)
-    {
-        byte[] output = new byte[input.length];
-        engine.processBytes(input, 0, output.length, output, 0);
-
-        checkByte(output, 0, (byte) 0xB6);
-        checkByte(output, 1, (byte) 0xEB);
-        checkByte(output, 2, (byte) 0xAE);
-        checkByte(output, 3, (byte) 0xFE);
-        checkByte(output, 252, (byte) 0x48);
-        checkByte(output, 253, (byte) 0x17);
-        checkByte(output, 254, (byte) 0x24);
-        checkByte(output, 255, (byte) 0x73);
-        checkByte(output, 1020, (byte) 0x1D);
-        checkByte(output, 1021, (byte) 0xAE);
-        checkByte(output, 1022, (byte) 0xC3);
-        checkByte(output, 1023, (byte) 0x5A);
-        checkByte(output, 102396, (byte) 0x1D);
-        checkByte(output, 102397, (byte) 0xA7);
-        checkByte(output, 102398, (byte) 0xE1);
-        checkByte(output, 102399, (byte) 0xDC);
-
-        return output;
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new VMPCKSA3Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/VMPCMacTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/VMPCMacTest.java
deleted file mode 100644
index 1574416..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/VMPCMacTest.java
+++ /dev/null

@@ -1,53 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.macs.VMPCMac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class VMPCMacTest extends SimpleTest
-{
-    public String getName()
-    {
-        return "VMPC-MAC";
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new VMPCMacTest());
-    }
-
-    static byte[] output1 = Hex.decode("9BDA16E2AD0E284774A3ACBC8835A8326C11FAAD");
-
-    public void performTest() throws Exception
-    {
-        CipherParameters kp = new KeyParameter(
-            Hex.decode("9661410AB797D8A9EB767C21172DF6C7"));
-        CipherParameters kpwiv = new ParametersWithIV(kp,
-            Hex.decode("4B5C2F003E67F39557A8D26F3DA2B155"));
-
-        byte[] m = new byte[512];
-
-        int offset = 117;
-        for (int i = 0; i < 256; i++)
-        {
-            m[offset + i] = (byte) i;
-        }
-
-        VMPCMac mac = new VMPCMac();
-        mac.init(kpwiv);
-
-        mac.update(m, offset, 256);
-
-        byte[] out = new byte[20];
-        mac.doFinal(out, 0);
-
-        if (!Arrays.areEqual(out, output1))
-        {
-            fail("Fail", new String(Hex.encode(output1)), new String(Hex.encode(out)));
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/VMPCTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/VMPCTest.java
deleted file mode 100644
index cedffa4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/VMPCTest.java
+++ /dev/null

@@ -1,97 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.engines.VMPCEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * VMPC Test
- */
-public class VMPCTest extends SimpleTest
-{
-    private static final byte[] input = new byte[1000000];
-
-    public String getName()
-    {
-        return "VMPC";
-    }
-
-    private void checkByte(byte[] array, int position, byte b)
-    {
-        if (array[position] != b)
-        {
-            fail("Fail on position " + position,
-                new String(Hex.encode(new byte[] { b })),
-                new String(Hex.encode(new byte[] { array[position] })));
-        }
-    }
-
-    public void performTest()
-    {
-        byte[] key = Hex.decode("9661410AB797D8A9EB767C21172DF6C7");
-        byte[] iv = Hex.decode("4B5C2F003E67F39557A8D26F3DA2B155");
-        CipherParameters kp = new KeyParameter(key);
-        CipherParameters kpwiv = new ParametersWithIV(kp, iv);
-
-        VMPCEngine engine = new VMPCEngine();
-
-        try
-        {
-            engine.init(true, kp);
-            fail("init failed to throw expected exception");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // Expected
-        }
-
-        engine.init(true, kpwiv);
-        checkEngine(engine);
-
-        engine.reset();
-        byte[] output = checkEngine(engine);
-
-        engine.init(false, kpwiv);
-        byte[] recovered = new byte[output.length];
-        engine.processBytes(output, 0, output.length, recovered, 0);
-
-        if (!Arrays.areEqual(input, recovered))
-        {
-            fail("decrypted bytes differ from original bytes");
-        }
-    }
-
-    private byte[] checkEngine(VMPCEngine engine)
-    {
-        byte[] output = new byte[input.length];
-        engine.processBytes(input, 0, output.length, output, 0);
-
-        checkByte(output, 0, (byte) 0xA8);
-        checkByte(output, 1, (byte) 0x24);
-        checkByte(output, 2, (byte) 0x79);
-        checkByte(output, 3, (byte) 0xF5);
-        checkByte(output, 252, (byte) 0xB8);
-        checkByte(output, 253, (byte) 0xFC);
-        checkByte(output, 254, (byte) 0x66);
-        checkByte(output, 255, (byte) 0xA4);
-        checkByte(output, 1020, (byte) 0xE0);
-        checkByte(output, 1021, (byte) 0x56);
-        checkByte(output, 1022, (byte) 0x40);
-        checkByte(output, 1023, (byte) 0xA5);
-        checkByte(output, 102396, (byte) 0x81);
-        checkByte(output, 102397, (byte) 0xCA);
-        checkByte(output, 102398, (byte) 0x49);
-        checkByte(output, 102399, (byte) 0x9A);
-
-        return output;
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new VMPCTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/WhirlpoolDigestTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/WhirlpoolDigestTest.java
deleted file mode 100644
index 542e6e6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/WhirlpoolDigestTest.java
+++ /dev/null

@@ -1,105 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.WhirlpoolDigest;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * ISO vector test for Whirlpool
- *  
- */
-public class WhirlpoolDigestTest 
-    extends DigestTest
-{
-    private static String[] messages =
-    {
-         "",
-         "a",
-         "abc",
-         "message digest",
-         "abcdefghijklmnopqrstuvwxyz",
-        "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789",
-        "12345678901234567890123456789012345678901234567890123456789012345678901234567890",
-        "abcdbcdecdefdefgefghfghighijhijk"
-    };
-
-    private static String[] digests =
-    {
-        "19FA61D75522A4669B44E39C1D2E1726C530232130D407F89AFEE0964997F7A73E83BE698B288FEBCF88E3E03C4F0757EA8964E59B63D93708B138CC42A66EB3",
-        "8ACA2602792AEC6F11A67206531FB7D7F0DFF59413145E6973C45001D0087B42D11BC645413AEFF63A42391A39145A591A92200D560195E53B478584FDAE231A",
-        "4E2448A4C6F486BB16B6562C73B4020BF3043E3A731BCE721AE1B303D97E6D4C7181EEBDB6C57E277D0E34957114CBD6C797FC9D95D8B582D225292076D4EEF5",
-        "378C84A4126E2DC6E56DCC7458377AAC838D00032230F53CE1F5700C0FFB4D3B8421557659EF55C106B4B52AC5A4AAA692ED920052838F3362E86DBD37A8903E",
-        "F1D754662636FFE92C82EBB9212A484A8D38631EAD4238F5442EE13B8054E41B08BF2A9251C30B6A0B8AAE86177AB4A6F68F673E7207865D5D9819A3DBA4EB3B",
-        "DC37E008CF9EE69BF11F00ED9ABA26901DD7C28CDEC066CC6AF42E40F82F3A1E08EBA26629129D8FB7CB57211B9281A65517CC879D7B962142C65F5A7AF01467",
-        "466EF18BABB0154D25B9D38A6414F5C08784372BCCB204D6549C4AFADB6014294D5BD8DF2A6C44E538CD047B2681A51A2C60481E88C5A20B2C2A80CF3A9A083B",
-        "2A987EA40F917061F5D6F0A0E4644F488A7A5A52DEEE656207C562F988E95C6916BDC8031BC5BE1B7B947639FE050B56939BAAA0ADFF9AE6745B7B181C3BE3FD"
-    };
-
-    WhirlpoolDigestTest()
-    {
-        super(new WhirlpoolDigest(), messages, digests);
-    }
-
-    protected Digest cloneDigest(Digest digest)
-    {
-        return new WhirlpoolDigest((WhirlpoolDigest)digest);
-    }
-
-    private static String _millionAResultVector = "0C99005BEB57EFF50A7CF005560DDF5D29057FD86B20BFD62DECA0F1CCEA4AF51FC15490EDDC47AF32BB2B66C34FF9AD8C6008AD677F77126953B226E4ED8B01";
-    
-    private static String _thirtyOneZeros = "3E3F188F8FEBBEB17A933FEAF7FE53A4858D80C915AD6A1418F0318E68D49B4E459223CD414E0FBC8A57578FD755D86E827ABEF4070FC1503E25D99E382F72BA";
-
-    public String getName()
-    {
-        return "Whirlpool";
-    }
-
-    public void performTest()
-    {
-        super.performTest();
-
-        byte[] thirtyOneZeros = new byte[31];
-        performStandardVectorTest("31 zeroes test", 
-                    thirtyOneZeros, _thirtyOneZeros);
-
-        byte[] millionAInByteArray = new byte[1000000];
-        Arrays.fill(millionAInByteArray, (byte)'a');
-
-        performStandardVectorTest("Million 'a' test", 
-                    millionAInByteArray, _millionAResultVector);
-    }
-
-    private void performStandardVectorTest(String testTitle, byte[] inputBytes,
-            String resultsAsHex)
-    {
-        doPerformTest(testTitle, inputBytes, resultsAsHex);        
-    }
-
-    private void doPerformTest(String testTitle, byte[] inputBytes, String resultsAsHex)
-    {
-        String resStr = createHexOutputFromDigest(inputBytes);
-        if (!resultsAsHex.equals(resStr.toUpperCase()))
-        {
-            fail(testTitle, resultsAsHex, resStr);
-        }
-    }
-
-    private String createHexOutputFromDigest(byte[] digestBytes)
-    {
-        String resStr;
-        Digest digest = new WhirlpoolDigest();
-        byte[] resBuf = new byte[digest.getDigestSize()];
-        digest.update(digestBytes, 0, digestBytes.length);
-        digest.doFinal(resBuf, 0);
-        resStr = new String(Hex.encode(resBuf));
-        return resStr;
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new WhirlpoolDigestTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/X25519Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/X25519Test.java
deleted file mode 100644
index cdf6aaa..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/X25519Test.java
+++ /dev/null

@@ -1,58 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
-import org.bouncycastle.crypto.agreement.X25519Agreement;
-import org.bouncycastle.crypto.generators.X25519KeyPairGenerator;
-import org.bouncycastle.crypto.params.X25519KeyGenerationParameters;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class X25519Test
-    extends SimpleTest
-{
-    private static final SecureRandom RANDOM = new SecureRandom();
-
-    public String getName()
-    {
-        return "X25519";
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new X25519Test());
-    }
-
-    public void performTest()
-    {
-        for (int i = 0; i < 10; ++i)
-        {
-            testAgreement();
-        }
-    }
-
-    private void testAgreement()
-    {
-        AsymmetricCipherKeyPairGenerator kpGen = new X25519KeyPairGenerator();
-        kpGen.init(new X25519KeyGenerationParameters(RANDOM));
-
-        AsymmetricCipherKeyPair kpA = kpGen.generateKeyPair();
-        AsymmetricCipherKeyPair kpB = kpGen.generateKeyPair();
-
-        X25519Agreement agreeA = new X25519Agreement();
-        agreeA.init(kpA.getPrivate());
-        byte[] secretA = new byte[agreeA.getAgreementSize()];
-        agreeA.calculateAgreement(kpB.getPublic(), secretA, 0);
-
-        X25519Agreement agreeB = new X25519Agreement();
-        agreeB.init(kpB.getPrivate());
-        byte[] secretB = new byte[agreeB.getAgreementSize()];
-        agreeB.calculateAgreement(kpA.getPublic(), secretB, 0);
-
-        if (!areEqual(secretA, secretB))
-        {
-            fail("X25519 agreement failed");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/X448Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/X448Test.java
deleted file mode 100644
index 476a62f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/X448Test.java
+++ /dev/null

@@ -1,58 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
-import org.bouncycastle.crypto.agreement.X448Agreement;
-import org.bouncycastle.crypto.generators.X448KeyPairGenerator;
-import org.bouncycastle.crypto.params.X448KeyGenerationParameters;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class X448Test
-    extends SimpleTest
-{
-    private static final SecureRandom RANDOM = new SecureRandom();
-
-    public String getName()
-    {
-        return "X448";
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new X448Test());
-    }
-
-    public void performTest()
-    {
-        for (int i = 0; i < 10; ++i)
-        {
-            testAgreement();
-        }
-    }
-
-    private void testAgreement()
-    {
-        AsymmetricCipherKeyPairGenerator kpGen = new X448KeyPairGenerator();
-        kpGen.init(new X448KeyGenerationParameters(RANDOM));
-
-        AsymmetricCipherKeyPair kpA = kpGen.generateKeyPair();
-        AsymmetricCipherKeyPair kpB = kpGen.generateKeyPair();
-
-        X448Agreement agreeA = new X448Agreement();
-        agreeA.init(kpA.getPrivate());
-        byte[] secretA = new byte[agreeA.getAgreementSize()];
-        agreeA.calculateAgreement(kpB.getPublic(), secretA, 0);
-
-        X448Agreement agreeB = new X448Agreement();
-        agreeB.init(kpB.getPrivate());
-        byte[] secretB = new byte[agreeB.getAgreementSize()];
-        agreeB.calculateAgreement(kpA.getPublic(), secretB, 0);
-
-        if (!areEqual(secretA, secretB))
-        {
-            fail("X448 agreement failed");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/X931SignerTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/X931SignerTest.java
deleted file mode 100644
index a77e760..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/X931SignerTest.java
+++ /dev/null

@@ -1,138 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA224Digest;
-import org.bouncycastle.crypto.engines.RSAEngine;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
-import org.bouncycastle.crypto.signers.X931Signer;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class X931SignerTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "X931Signer";
-    }
-
-    public void performTest() throws Exception
-    {
-        BigInteger rsaPubMod = new BigInteger(Base64.decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt"));
-        BigInteger rsaPubExp = new BigInteger(Base64.decode("EQ=="));
-        BigInteger rsaPrivMod = new BigInteger(Base64.decode("AIASoe2PQb1IP7bTyC9usjHP7FvnUMVpKW49iuFtrw/dMpYlsMMoIU2jupfifDpdFxIktSB4P+6Ymg5WjvHKTIrvQ7SR4zV4jaPTu56Ys0pZ9EDA6gb3HLjtU+8Bb1mfWM+yjKxcPDuFjwEtjGlPHg1Vq+CA9HNcMSKNn2+tW6qt"));
-        BigInteger rsaPrivDP = new BigInteger(Base64.decode("JXzfzG5v+HtLJIZqYMUefJfFLu8DPuJGaLD6lI3cZ0babWZ/oPGoJa5iHpX4Ul/7l3s1PFsuy1GhzCdOdlfRcQ=="));
-        BigInteger rsaPrivDQ = new BigInteger(Base64.decode("YNdJhw3cn0gBoVmMIFRZzflPDNthBiWy/dUMSRfJCxoZjSnr1gysZHK01HteV1YYNGcwPdr3j4FbOfri5c6DUQ=="));
-        BigInteger rsaPrivExp = new BigInteger(Base64.decode("DxFAOhDajr00rBjqX+7nyZ/9sHWRCCp9WEN5wCsFiWVRPtdB+NeLcou7mWXwf1Y+8xNgmmh//fPV45G2dsyBeZbXeJwB7bzx9NMEAfedchyOwjR8PYdjK3NpTLKtZlEJ6Jkh4QihrXpZMO4fKZWUm9bid3+lmiq43FwW+Hof8/E="));
-        BigInteger rsaPrivP = new BigInteger(Base64.decode("AJ9StyTVW+AL/1s7RBtFwZGFBgd3zctBqzzwKPda6LbtIFDznmwDCqAlIQH9X14X7UPLokCDhuAa76OnDXb1OiE="));
-        BigInteger rsaPrivQ = new BigInteger(Base64.decode("AM3JfD79dNJ5A3beScSzPtWxx/tSLi0QHFtkuhtSizeXdkv5FSba7lVzwEOGKHmW829bRoNxThDy4ds1IihW1w0="));
-        BigInteger rsaPrivQinv = new BigInteger(Base64.decode("Lt0g7wrsNsQxuDdB8q/rH8fSFeBXMGLtCIqfOec1j7FEIuYA/ACiRDgXkHa0WgN7nLXSjHoy630wC5Toq8vvUg=="));
-        RSAKeyParameters rsaPublic = new RSAKeyParameters(false, rsaPubMod, rsaPubExp);
-        RSAPrivateCrtKeyParameters rsaPrivate = new RSAPrivateCrtKeyParameters(rsaPrivMod, rsaPubExp, rsaPrivExp, rsaPrivP, rsaPrivQ, rsaPrivDP, rsaPrivDQ, rsaPrivQinv);
-
-        byte[] msg = new byte[] { 1, 6, 3, 32, 7, 43, 2, 5, 7, 78, 4, 23 };
-
-        X931Signer signer = new X931Signer(new RSAEngine(), new SHA1Digest());
-        signer.init(true, rsaPrivate);
-        signer.update(msg, 0, msg.length);
-        byte[] sig = signer.generateSignature();
-
-        signer = new X931Signer(new RSAEngine(), new SHA1Digest());
-        signer.init(false, rsaPublic);
-        signer.update(msg, 0, msg.length);
-        if (!signer.verifySignature(sig))
-        {
-            fail("X9.31 Signer failed.");
-        }
-
-        shouldPassSignatureTest1();
-        shouldPassSignatureTest2();
-        shouldPassSignatureTest3();
-    }
-
-    private void shouldPassSignatureTest1()
-        throws Exception
-    {
-        BigInteger n = new BigInteger("c9be1b28f8caccca65d86cc3c9bbcc13eccc059df3b80bd2292b811eff3aa0dd75e1e85c333b8e3fa9bed53bb20f5359ff4e6900c5e9a388e3a4772a583a79e2299c76582c2b27694b65e9ba22e66bfb817f8b70b22206d7d8ae488c86dbb7137c26d5eff9b33c90e6cee640630313b7a715802e15142fef498c404a8de19674974785f0f852e2d470fe85a2e54ffca9f5851f672b71df691785a5cdabe8f14aa628942147de7593b2cf962414a5b59c632c4e14f1768c0ab2e9250824beea60a3529f11bf5e070ce90a47686eb0be1086fb21f0827f55295b4a48307db0b048c05a4aec3f488c576ca6f1879d354224c7e84cbcd8e76dd217a3de54dba73c35", 16);
-        BigInteger e = new BigInteger("e75b1b", 16);
-        byte[] msg = Hex.decode("5bb0d1c0ef9b5c7af2477fe08d45523d3842a4b2db943f7033126c2a7829bacb3d2cfc6497ec91688189e81b7f8742488224ba320ce983ce9480722f2cc5bc42611f00bb6311884f660ccc244788378673532edb05284fd92e83f6f6dab406209032e6af9a33c998677933e32d6fb95fd27408940d7728f9c9c40267ca1d20ce");
-        byte[] sig = Hex.decode("0fe8bb8e3109a1eb7489ef35bf4c1a0780071da789c8bd226a4170538eafefdd30b732d628f0e87a0b9450051feae9754d4fb61f57862d10f0bacc4f660d13281d0cd1141c006ade5186ff7d961a4c6cd0a4b352fc1295c5afd088f80ac1f8e192ef116a010a442655fe8ff5eeacea15807906fb0f0dfa86e680d4c005872357f7ece9aa4e20b15d5f709b30f08648ecaa34f2fbf54eb6b414fa2ff6f87561f70163235e69ccb4ac82a2e46d3be214cc2ef5263b569b2d8fd839b21a9e102665105ea762bda25bb446cfd831487a6b846100dee113ae95ae64f4af22c428c87bab809541c962bb3a56d4c86588e0af4ebc7fcc66dadced311051356d3ea745f7");
-
-        RSAKeyParameters rsaPublic = new RSAKeyParameters(false, n, e);
-        X931Signer signer = new X931Signer(new RSAEngine(), new SHA1Digest());
-
-        signer.init(false, rsaPublic);
-
-        signer.update(msg, 0, msg.length);
-
-        if (!signer.verifySignature(sig))
-        {
-            fail("RSA X931 verify test 1 failed.");
-        }
-    }
-
-    private void shouldPassSignatureTest2()
-        throws Exception
-    {
-        BigInteger n = new BigInteger("b746ba6c3c0be64bbe33aa55b2929b0af4e86d773d44bfe5914db9287788c4663984b61a418d2eecca30d752ff6b620a07ec72eeb2b422d2429da352407b99982800b9dd7697be6a7b1baa98ca5f4fc2fe33400f20b9dba337ac25c987804165d4a6e0ee4d18eabd6de5abdfe578cae6713ff91d16c80a5bb20217fe614d9509e75a43e1825327b9da8f0a9f6eeaa1c04b69fb4bacc073569fff4ab491becbe6d0441d437fc3fa823239c4a0f75321666b68dd3f66e2dd394089a15bcc288a68a4eb0a48e17d639743b9dea0a91cc35820544732aff253f8ca9967c609dc01c2f8cd0313a7a91cfa94ff74289a1d2b6f19d1811f4b9a65f4cce9e5759b4cc64f", 16);
-        BigInteger e = new BigInteger("dcbbdb", 16);
-        byte[] msg = Hex.decode("a5d3c8a060f897bbbc20ae0955052f37fbc70986b6e11c65075c9f457142bfa93856897c69020aa81a91b5e4f39e05cdeecc63395ab849c8262ca8bc5c96870aecb8edb0aba0024a9bdb71e06de6100344e5c318bc979ef32b8a49a8278ba99d4861bce42ebbc5c8c666aaa6cac39aff8779f2cae367620f9edd4cb1d80b6c8c");
-        byte[] sig = Hex.decode("39fbbd1804c689a533b0043f84da0f06081038c0fbf31e443e46a05e58f50de5198bbca40522afefaba3aed7082a6cb93b1da39f1f5a42246bf64930781948d300549bef0f8d554ecfca60a1b1ecba95a7014ee4545ad4f0c4e3a31942c6738b4ccd6244b6a21267dadf0826a5f713f13b1f5a9ab8501d957a26d4948278ac67851071a315674bdab173bfef2c2690c8373da6bf3d69f30c0e5da8883de872f59521b40793854085641adf98d13db991c5d0a8aaa0222934fa33332e90ef0b954e195cb267d6ffb36c96e14d1ec7b915a87598b4461a3146566354dc2ae748c84ee0cd46543b53ebff8cdf47725b280a1f799fb6ebb4a31ad2bdd5178250f83a");
-
-        RSAKeyParameters rsaPublic = new RSAKeyParameters(false, n, e);
-        X931Signer signer = new X931Signer(new RSAEngine(), new SHA224Digest());
-
-        signer.init(false, rsaPublic);
-
-        signer.update(msg, 0, msg.length);
-
-        if (!signer.verifySignature(sig))
-        {
-            fail("RSA X931 verify test 2 failed.");
-        }
-    }
-
-    private void shouldPassSignatureTest3()
-        throws Exception
-    {
-        BigInteger n = new BigInteger("dcb5686a3d2063a3f9cf7b9b32d2d3765b4c449b09b4960245a9111cd3b0cbd3260496885b8e1fa5db33b03efcc759d9c1afe29d93c6faebc7e0efada334b5b9a29655e2da2c8f11103d8203be311feab7ae88e9f1b2ec7d8fc655d77202b1681dd9717ec0f525b35584987e19539635a1ed23ca482a00149c609a23dc1645fd", 16);
-        BigInteger e = new BigInteger("00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc9f7", 16);
-        BigInteger d = new BigInteger("189d6345099098992e0c9ca5f281e1338092342fa0acc85cc2a111f30f9bd2fb4753cd1a48ef0ddca9bf1af33ec76fb2e23a9fb4896c26f2235b516f7c05ef7ae81e70f4b491a5fedba9b935e9c76d761a813ce7776ff8a1e5efe1166ff2eca26aa900da88c908d51af9de26977fe39719cc781df32216fa41b838f0c63803c3", 16);
-
-        byte[] msg = Hex.decode("911475c6e210ef4ac65b6fe8d2bfe5e01b959771b137c4ef69b88716e0d2ff9ebc1fad0f358c1dd7d50cc99a7b893ac9a6207076f08d8467d9e48c69c683bfe64a44dabaa3f7c243880f6ab7229bf7bb587822314fc5de5131983bfb2eef8b4bc1eac36f353724b567cd1ae8cddd64ddb7057549d5c81ad5fa3b5e751f00abf5");
-        byte[] sig = Hex.decode("02c50ec0ac8a7f38ef5630c396964d6a6daaa7e3083ab5b57fa2a2632f3b70e2e85c8456cd774d45d7e44fcb063f0f04fff9f1e3adfda11272535a92cb59320b190b5ee4261f23d6ceaa925df3a7bfa42e26bf61ea9645d9d64b3c90a820802768a6e209c9f83705375a3867afccc037e8242a98fa4c3db6b2d9877754d47289");
-
-        RSAKeyParameters rsaPublic = new RSAKeyParameters(false, n, e);
-        X931Signer signer = new X931Signer(new RSAEngine(), new SHA1Digest());
-
-        signer.init(true, new RSAKeyParameters(true, n, d));
-
-        signer.update(msg, 0, msg.length);
-
-        byte[] s = signer.generateSignature();
-
-        if (!Arrays.areEqual(sig, s))
-        {
-            fail("RSA X931 sig test 3 failed.");
-        }
-
-        signer.init(false, rsaPublic);
-
-        signer.update(msg, 0, msg.length);
-
-        if (!signer.verifySignature(sig))
-        {
-            fail("RSA X931 verify test 3 failed.");
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new X931SignerTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/XSalsa20Test.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/XSalsa20Test.java
deleted file mode 100644
index efbd5ec..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/XSalsa20Test.java
+++ /dev/null

@@ -1,166 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.engines.XSalsa20Engine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class XSalsa20Test extends SimpleTest
-{
-    private static class TestCase
-    {
-
-        private byte[] key;
-        private byte[] iv;
-        private byte[] plaintext;
-        private byte[] ciphertext;
-
-        public TestCase(String key, String iv, String plaintext, String ciphertext)
-        {
-            this.key = Hex.decode(key);
-            this.iv = Hex.decode(iv);
-            this.plaintext = Hex.decode(plaintext);
-            this.ciphertext = Hex.decode(ciphertext);
-        }
-
-        public byte[] getKey()
-        {
-            return key;
-        }
-
-        public byte[] getIv()
-        {
-            return iv;
-        }
-
-        public byte[] getPlaintext()
-        {
-            return plaintext;
-        }
-
-        public byte[] getCiphertext()
-        {
-            return ciphertext;
-        }
-    }
-
-    // Test cases generated by naclcrypto-20090308, as used by cryptopp
-    private static final TestCase[] TEST_CASES = new TestCase[] {
-            new TestCase(
-                    "a6a7251c1e72916d11c2cb214d3c252539121d8e234e652d651fa4c8cff88030",
-                    "9e645a74e9e0a60d8243acd9177ab51a1beb8d5a2f5d700c",
-                    "093c5e5585579625337bd3ab619d615760d8c5b224a85b1d0efe0eb8a7ee163abb0376529fcc09bab506c618e13ce777d82c3ae9d1a6f972d4160287cbfe60bf2130fc0a6ff6049d0a5c8a82f429231f008082e845d7e189d37f9ed2b464e6b919e6523a8c1210bd52a02a4c3fe406d3085f5068d1909eeeca6369abc981a42e87fe665583f0ab85ae71f6f84f528e6b397af86f6917d9754b7320dbdc2fea81496f2732f532ac78c4e9c6cfb18f8e9bdf74622eb126141416776971a84f94d156beaf67aecbf2ad412e76e66e8fad7633f5b6d7f3d64b5c6c69ce29003c6024465ae3b89be78e915d88b4b5621d",
-                    "b2af688e7d8fc4b508c05cc39dd583d6714322c64d7f3e63147aede2d9534934b04ff6f337b031815cd094bdbc6d7a92077dce709412286822ef0737ee47f6b7ffa22f9d53f11dd2b0a3bb9fc01d9a88f9d53c26e9365c2c3c063bc4840bfc812e4b80463e69d179530b25c158f543191cff993106511aa036043bbc75866ab7e34afc57e2cce4934a5faae6eabe4f221770183dd060467827c27a354159a081275a291f69d946d6fe28ed0b9ce08206cf484925a51b9498dbde178ddd3ae91a8581b91682d860f840782f6eea49dbb9bd721501d2c67122dea3b7283848c5f13e0c0de876bd227a856e4de593a3"),
-            new TestCase(
-                    "9e1da239d155f52ad37f75c7368a536668b051952923ad44f57e75ab588e475a",
-                    "af06f17859dffa799891c4288f6635b5c5a45eee9017fd72",
-                    "feac9d54fc8c115ae247d9a7e919dd76cfcbc72d32cae4944860817cbdfb8c04e6b1df76a16517cd33ccf1acda9206389e9e318f5966c093cfb3ec2d9ee2de856437ed581f552f26ac2907609df8c613b9e33d44bfc21ff79153e9ef81a9d66cc317857f752cc175fd8891fefebb7d041e6517c3162d197e2112837d3bc4104312ad35b75ea686e7c70d4ec04746b52ff09c421451459fb59f",
-                    "2c261a2f4e61a62e1b27689916bf03453fcbc97bb2af6f329391ef063b5a219bf984d07d70f602d85f6db61474e9d9f5a2deecb4fcd90184d16f3b5b5e168ee03ea8c93f3933a22bc3d1a5ae8c2d8b02757c87c073409052a2a8a41e7f487e041f9a49a0997b540e18621cad3a24f0a56d9b19227929057ab3ba950f6274b121f193e32e06e5388781a1cb57317c0ba6305e910961d01002f0"),
-            new TestCase("d5c7f6797b7e7e9c1d7fd2610b2abf2bc5a7885fb3ff78092fb3abe8986d35e2",
-                    "744e17312b27969d826444640e9c4a378ae334f185369c95",
-                    "7758298c628eb3a4b6963c5445ef66971222be5d1a4ad839715d1188071739b77cc6e05d5410f963a64167629757",
-                    "27b8cfe81416a76301fd1eec6a4d99675069b2da2776c360db1bdfea7c0aa613913e10f7a60fec04d11e65f2d64e"),
-            new TestCase(
-                    "737d7811ce96472efed12258b78122f11deaec8759ccbd71eac6bbefa627785c",
-                    "6fb2ee3dda6dbd12f1274f126701ec75c35c86607adb3edd",
-                    "501325fb2645264864df11faa17bbd58312b77cad3d94ac8fb8542f0eb653ad73d7fce932bb874cb89ac39fc47f8267cf0f0c209f204b2d8578a3bdf461cb6a271a468bebaccd9685014ccbc9a73618c6a5e778a21cc8416c60ad24ddc417a130d53eda6dfbfe47d09170a7be1a708b7b5f3ad464310be36d9a2a95dc39e83d38667e842eb6411e8a23712297b165f690c2d7ca1b1346e3c1fccf5cafd4f8be0",
-                    "6724c372d2e9074da5e27a6c54b2d703dc1d4c9b1f8d90f00c122e692ace7700eadca942544507f1375b6581d5a8fb39981c1c0e6e1ff2140b082e9ec016fce141d5199647d43b0b68bfd0fea5e00f468962c7384dd6129aea6a3fdfe75abb210ed5607cef8fa0e152833d5ac37d52e557b91098a322e76a45bbbcf4899e790618aa3f4c2e5e0fc3de93269a577d77a5502e8ea02f717b1dd2df1ec69d8b61ca"),
-            new TestCase(
-                    "760158da09f89bbab2c99e6997f9523a95fcef10239bcca2573b7105f6898d34",
-                    "43636b2cc346fc8b7c85a19bf507bdc3dafe953b88c69dba",
-                    "d30a6d42dff49f0ed039a306bae9dec8d9e88366cc19e8c3642fd58fa0794ebf8029d949730339b0823a51f0f49f0d2c71f1051c1e0e2c86941f172789cdb1b0107413e70f982ff9761877bb526ef1c3eb1106a948d60ef21bd35d32cfd64f89b79ed63ecc5cca56246af736766f285d8e6b0da9cb1cd21020223ffacc5a32",
-                    "c815b6b79b64f9369aec8dce8c753df8a50f2bc97c70ce2f014db33a65ac5816bac9e30ac08bdded308c65cb87e28e2e71b677dc25c5a6499c1553555daf1f55270a56959dffa0c66f24e0af00951ec4bb59ccc3a6c5f52e0981647e53e439313a52c40fa7004c855b6e6eb25b212a138e843a9ba46edb2a039ee82a263abe"),
-            new TestCase(
-                    "27ba7e81e7edd4e71be53c07ce8e633138f287e155c7fa9e84c4ad804b7fa1b9",
-                    "ea05f4ebcd2fb6b000da0612861ba54ff5c176fb601391aa",
-                    "e09ff5d2cb050d69b2d42494bde5825238c756d6991d99d7a20d1ef0b83c371c89872690b2fc11d5369f4fc4971b6d3d6c078aef9b0f05c0e61ab89c025168054defeb03fef633858700c58b1262ce011300012673e893e44901dc18eee3105699c44c805897bdaf776af1833162a21a",
-                    "a23e7ef93c5d0667c96d9e404dcbe6be62026fa98f7a3ff9ba5d458643a16a1cef7272dc6097a9b52f35983557c77a11b314b4f7d5dc2cca15ee47616f861873cbfed1d32372171a61e38e447f3cf362b3abbb2ed4170d89dcb28187b7bfd206a3e026f084a7e0ed63d319de6bc9afc0"),
-            new TestCase("6799d76e5ffb5b4920bc2768bafd3f8c16554e65efcf9a16f4683a7a06927c11",
-                    "61ab951921e54ff06d9b77f313a4e49df7a057d5fd627989", "472766", "8fd7df"),
-            new TestCase(
-                    "f68238c08365bb293d26980a606488d09c2f109edafa0bbae9937b5cc219a49c",
-                    "5190b51e9b708624820b5abdf4e40fad1fb950ad1adc2d26",
-                    "47ec6b1f73c4b7ff5274a0bfd7f45f864812c85a12fbcb3c2cf8a3e90cf66ccf2eacb521e748363c77f52eb426ae57a0c6c78f75af71284569e79d1a92f949a9d69c4efc0b69902f1e36d7562765543e2d3942d9f6ff5948d8a312cff72c1afd9ea3088aff7640bfd265f7a9946e606abc77bcedae6bddc75a0dba0bd917d73e3bd1268f727e0096345da1ed25cf553ea7a98fea6b6f285732de37431561ee1b3064887fbcbd71935e02",
-                    "36160e88d3500529ba4edba17bc24d8cfaca9a0680b3b1fc97cf03f3675b7ac301c883a68c071bc54acdd3b63af4a2d72f985e51f9d60a4c7fd481af10b2fc75e252fdee7ea6b6453190617dcc6e2fe1cd56585fc2f0b0e97c5c3f8ad7eb4f31bc4890c03882aac24cc53acc1982296526690a220271c2f6e326750d3fbda5d5b63512c831f67830f59ac49aae330b3e0e02c9ea0091d19841f1b0e13d69c9fbfe8a12d6f30bb734d9d2"),
-            new TestCase(
-                    "45b2bd0de4ed9293ec3e26c4840faaf64b7d619d51e9d7a2c7e36c83d584c3df",
-                    "546c8c5d6be8f90952cab3f36d7c1957baaa7a59abe3d7e5",
-                    "5007c8cd5b3c40e17d7fe423a87ae0ced86bec1c39dc07a25772f3e96dabd56cd3fd7319f6c9654925f2d87087a700e1b130da796895d1c9b9acd62b266144067d373ed51e787498b03c52faad16bb3826fa511b0ed2a19a8663f5ba2d6ea7c38e7212e9697d91486c49d8a000b9a1935d6a7ff7ef23e720a45855481440463b4ac8c4f6e7062adc1f1e1e25d3d65a31812f58a71160",
-                    "8eacfba568898b10c0957a7d44100685e8763a71a69a8d16bc7b3f88085bb9a2f09642e4d09a9f0ad09d0aad66b22610c8bd02ff6679bb92c2c026a216bf425c6be35fb8dae7ff0c72b0efd6a18037c70eed0ca90062a49a3c97fdc90a8f9c2ea536bfdc41918a7582c9927fae47efaa3dc87967b7887dee1bf071734c7665901d9105dae2fdf66b4918e51d8f4a48c60d19fbfbbcba"),
-            new TestCase(
-                    "fe559c9a282beb40814d016d6bfcb2c0c0d8bf077b1110b8703a3ce39d70e0e1",
-                    "b076200cc7011259805e18b304092754002723ebec5d6200",
-                    "6db65b9ec8b114a944137c821fd606be75478d928366d5284096cdef782fcff7e8f59cb8ffcda979757902c5ffa6bc477ceaa4cb5d5ea76f94d91e833f823a6bc78f1055dfa6a97bea8965c1cde67a668e001257334a585727d9e0f7c1a06e88d3d25a4e6d9096c968bf138e116a3ebeffd4bb4808adb1fd698164ba0a35c709a47f16f1f4435a2345a9194a00b95abd51851d505809a6077da9baca5831afff31578c487ee68f2767974a98a7e803aac788da98319c4ea8eaa3d394855651f484cef543f537e35158ee29",
-                    "4dce9c8f97a028051b0727f34e1b9ef21f06f0760f36e71713204027902090ba2bb6b13436ee778d9f50530efbd7a32b0d41443f58ccaee781c7b716d3a96fdec0e3764ed7959f34c3941278591ea033b5cbadc0f1916032e9bebbd1a8395b83fb63b1454bd775bd20b3a2a96f951246ac14daf68166ba62f6cbff8bd121ac9498ff8852fd2be975df52b5daef3829d18eda42e715022dcbf930d0a789ee6a146c2c7088c35773c63c06b4af4559856ac199ced86863e4294707825337c5857970eb7fddeb263781309011"),
-            new TestCase(
-                    "0ae10012d7e56614b03dcc89b14bae9242ffe630f3d7e35ce8bbb97bbc2c92c3",
-                    "f96b025d6cf46a8a12ac2af1e2aef1fb83590adadaa5c5ea",
-                    "ea0f354e96f12bc72bbaa3d12b4a8ed879b042f0689878f46b651cc4116d6f78409b11430b3aaa30b2076891e8e1fa528f2fd169ed93dc9f84e24409eec2101daf4d057be2492d11de640cbd7b355ad29fb70400fffd7cd6d425abeeb732a0eaa4330af4c656252c4173deab653eb85c58462d7ab0f35fd12b613d29d473d330310dc323d3c66348bbdbb68a326324657cae7b77a9e34358f2cec50c85609e73056856796e3be8d62b6e2fe9f953",
-                    "e8abd48924b54e5b80866be7d4ebe5cf4274cafff08b39cb2d40a8f0b472398aedc776e0793812fbf1f60078635d2ed86b15efcdba60411ee23b07233592a44ec31b1013ce8964236675f8f183aef885e864f2a72edf4215b5338fa2b54653dfa1a8c55ce5d95cc605b9b311527f2e3463ffbec78a9d1d65dabad2f338769c9f43f133a791a11c7eca9af0b771a4ac32963dc8f631a2c11217ac6e1b9430c1aae1ceebe22703f429998a8fb8c641"),
-            new TestCase(
-                    "082c539bc5b20f97d767cd3f229eda80b2adc4fe49c86329b5cd6250a9877450",
-                    "845543502e8b64912d8f2c8d9fffb3c69365686587c08d0c",
-                    "a96bb7e910281a6dfad7c8a9c370674f0ceec1ad8d4f0de32f9ae4a23ed329e3d6bc708f876640a229153ac0e7281a8188dd77695138f01cda5f41d5215fd5c6bdd46d982cb73b1efe2997970a9fdbdb1e768d7e5db712068d8ba1af6067b5753495e23e6e1963af012f9c7ce450bf2de619d3d59542fb55f3",
-                    "835da74fc6de08cbda277a7966a07c8dcd627e7b17adde6d930b6581e3124b8baad096f693991fedb1572930601fc7709541839b8e3ffd5f033d2060d999c6c6e3048276613e648000acb5212cc632a916afce290e20ebdf612d08a6aa4c79a74b070d3f872a861f8dc6bb07614db515d363349d3a8e3336a3"),
-            new TestCase("3d02bff3375d403027356b94f514203737ee9a85d2052db3e4e5a217c259d18a",
-                    "74216c95031895f48c1dba651555ebfa3ca326a755237025",
-                    "0d4b0f54fd09ae39baa5fa4baccf2e6682e61b257e01f42b8f",
-                    "16c4006c28365190411eb1593814cf15e74c22238f210afc3d"),
-            new TestCase(
-                    "ad1a5c47688874e6663a0f3fa16fa7efb7ecadc175c468e5432914bdb480ffc6",
-                    "e489eed440f1aae1fac8fb7a9825635454f8f8f1f52e2fcc",
-                    "aa6c1e53580f03a9abb73bfdadedfecada4c6b0ebe020ef10db745e54ba861caf65f0e40dfc520203bb54d29e0a8f78f16b3f1aa525d6bfa33c54726e59988cfbec78056",
-                    "02fe84ce81e178e7aabdd3ba925a766c3c24756eefae33942af75e8b464556b5997e616f3f2dfc7fce91848afd79912d9fb55201b5813a5a074d2c0d4292c1fd441807c5"),
-            new TestCase(
-                    "053a02bedd6368c1fb8afc7a1b199f7f7ea2220c9a4b642a6850091c9d20ab9c",
-                    "c713eea5c26dad75ad3f52451e003a9cb0d649f917c89dde",
-                    "8f0a8a164760426567e388840276de3f95cb5e3fadc6ed3f3e4fe8bc169d9388804dcb94b6587dbb66cb0bd5f87b8e98b52af37ba290629b858e0e2aa7378047a26602",
-                    "516710e59843e6fbd4f25d0d8ca0ec0d47d39d125e9dad987e0518d49107014cb0ae405e30c2eb3794750bca142ce95e290cf95abe15e822823e2e7d3ab21bc8fbd445"),
-            new TestCase(
-                    "5b14ab0fbed4c58952548a6cb1e0000cf4481421f41288ea0aa84add9f7deb96",
-                    "54bf52b911231b952ba1a6af8e45b1c5a29d97e2abad7c83",
-                    "37fb44a675978b560ff9a4a87011d6f3ad2d37a2c3815b45a3c0e6d1b1d8b1784cd468927c2ee39e1dccd4765e1c3d676a335be1ccd6900a45f5d41a317648315d8a8c24adc64eb285f6aeba05b9029586353d303f17a807658b9ff790474e1737bd5fdc604aeff8dfcaf1427dcc3aacbb0256badcd183ed75a2dc52452f87d3c1ed2aa583472b0ab91cda20614e9b6fdbda3b49b098c95823cc72d8e5b717f2314b0324e9ce",
-                    "ae6deb5d6ce43d4b09d0e6b1c0e9f46157bcd8ab50eaa3197ff9fa2bf7af649eb52c68544fd3adfe6b1eb316f1f23538d470c30dbfec7e57b60cbcd096c782e7736b669199c8253e70214cf2a098fda8eac5da79a9496a3aae754d03b17c6d70d1027f42bf7f95ce3d1d9c338854e158fcc803e4d6262fb639521e47116ef78a7a437ca9427ba645cd646832feab822a208278e45e93e118d780b988d65397eddfd7a819526e"),
-            new TestCase(
-                    "d74636e3413a88d85f322ca80fb0bd650bd0bf0134e2329160b69609cd58a4b0",
-                    "efb606aa1d9d9f0f465eaa7f8165f1ac09f5cb46fecf2a57",
-                    "f85471b75f6ec81abac2799ec09e98e280b2ffd64ca285e5a0109cfb31ffab2d617b2c2952a2a8a788fc0da2af7f530758f74f1ab56391ab5ff2adbcc5be2d6c7f49fbe8118104c6ff9a23c6dfe52f57954e6a69dcee5db06f514f4a0a572a9a8525d961dae72269b987189d465df6107119c7fa790853e063cba0fab7800ca932e258880fd74c33c784675bedad0e7c09e9cc4d63dd5e9713d5d4a0196e6b562226ac31b4f57c04f90a181973737ddc7e80f364112a9fbb435ebdbcabf7d490ce52",
-                    "b2b795fe6c1d4c83c1327e015a67d4465fd8e32813575cbab263e20ef05864d2dc17e0e4eb81436adfe9f638dcc1c8d78f6b0306baf938e5d2ab0b3e05e735cc6fff2d6e02e3d60484bea7c7a8e13e23197fea7b04d47d48f4a4e5944174539492800d3ef51e2ee5e4c8a0bdf050c2dd3dd74fce5e7e5c37364f7547a11480a3063b9a0a157b15b10a5a954de2731ced055aa2e2767f0891d4329c426f3808ee867bed0dc75b5922b7cfb895700fda016105a4c7b7f0bb90f029f6bbcb04ac36ac16") };
-
-    public String getName()
-    {
-        return "XSalsa20";
-    }
-
-    public void performTest() throws Exception
-    {
-        for (int i = 0; i < TEST_CASES.length; i++)
-        {
-            performTest(i, TEST_CASES[i]);
-        }
-    }
-
-    private void performTest(int number, TestCase testCase)
-    {
-        final byte[] plaintext = testCase.getPlaintext();
-        byte[] output = new byte[plaintext.length];
-
-        XSalsa20Engine engine = new XSalsa20Engine();
-        engine.init(false, new ParametersWithIV(new KeyParameter(testCase.getKey()), testCase.getIv()));
-
-        engine.processBytes(testCase.getPlaintext(), 0, testCase.getPlaintext().length, output, 0);
-
-        if (!Arrays.areEqual(testCase.getCiphertext(), output))
-        {
-            fail("mismatch on " + number, new String(Hex.encode(testCase.getCiphertext())),
-                    new String(Hex.encode(output)));
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new XSalsa20Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/XTEATest.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/XTEATest.java
deleted file mode 100644
index 2b5279e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/XTEATest.java
+++ /dev/null

@@ -1,48 +0,0 @@
-package org.bouncycastle.crypto.test;
-
-import org.bouncycastle.crypto.engines.XTEAEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * TEA tester - based on C implementation results from http://www.simonshepherd.supanet.com/tea.htm
- */
-public class XTEATest
-    extends CipherTest
-{
-    static SimpleTest[]  tests = {
-        new BlockCipherVectorTest(0, new XTEAEngine(),
-            new KeyParameter(Hex.decode("00000000000000000000000000000000")),
-            "0000000000000000",
-            "dee9d4d8f7131ed9"),
-        new BlockCipherVectorTest(1, new XTEAEngine(),
-            new KeyParameter(Hex.decode("00000000000000000000000000000000")),
-            "0102030405060708",
-            "065c1b8975c6a816"),
-        new BlockCipherVectorTest(2, new XTEAEngine(),
-            new KeyParameter(Hex.decode("0123456712345678234567893456789A")),
-            "0000000000000000",
-            "1ff9a0261ac64264"),
-        new BlockCipherVectorTest(3, new XTEAEngine(),
-            new KeyParameter(Hex.decode("0123456712345678234567893456789A")),
-            "0102030405060708",
-            "8c67155b2ef91ead"),
-            };
-
-    XTEATest()
-    {
-        super(tests, new XTEAEngine(), new KeyParameter(new byte[16]));
-    }
-
-    public String getName()
-    {
-        return "XTEA";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new XTEATest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/cavp/CAVPListener.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/cavp/CAVPListener.java
deleted file mode 100644
index 81f86e5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/cavp/CAVPListener.java
+++ /dev/null

@@ -1,18 +0,0 @@
-package org.bouncycastle.crypto.test.cavp;
-
-import java.util.Properties;
-
-public interface CAVPListener
-{
-    public void setup();
-
-    public void receiveStart(String name);
-
-    public void receiveCAVPVectors(String name, Properties config, Properties vectors);
-
-    public void receiveCommentLine(String commentLine);
-
-    public void receiveEnd();
-
-    public void tearDown();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/cavp/CAVPReader.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/cavp/CAVPReader.java
deleted file mode 100644
index 596c2d4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/cavp/CAVPReader.java
+++ /dev/null

@@ -1,152 +0,0 @@
-package org.bouncycastle.crypto.test.cavp;
-
-import java.io.BufferedReader;
-import java.io.IOException;
-import java.io.Reader;
-import java.util.Properties;
-import java.util.regex.Matcher;
-import java.util.regex.Pattern;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA224Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA384Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.engines.AESEngine;
-import org.bouncycastle.crypto.engines.DESedeEngine;
-import org.bouncycastle.crypto.macs.CMac;
-import org.bouncycastle.crypto.macs.HMac;
-
-public class CAVPReader
-{
-
-    private static final Pattern COMMENT_PATTERN = Pattern.compile("^\\s*\\#\\s*(.*)$");
-    private static final Pattern CONFIG_PATTERN = Pattern.compile("^\\s*+\\[\\s*+(.*?)\\s*+=\\s*+(.*?)\\s*+\\]\\s*+$");
-    private static final Pattern VECTOR_PATTERN = Pattern.compile("^\\s*+(.*?)\\s*+=\\s*+(.*?)\\s*+$");
-    private static final Pattern EMPTY_PATTERN = Pattern.compile("^\\s*+$");
-    static final Pattern PATTERN_FOR_R = Pattern.compile("(\\d+)_BITS");
-    private final CAVPListener listener;
-    private String name;
-    private BufferedReader lineReader;
-
-
-    public CAVPReader(CAVPListener listener)
-    {
-        this.listener = listener;
-    }
-
-    public void setInput(String name, Reader reader)
-    {
-        this.name = name;
-        this.lineReader = new BufferedReader(reader);
-    }
-
-    public void readAll()
-        throws IOException
-    {
-
-        listener.setup();
-
-        Properties config = new Properties();
-
-        boolean startNewVector = true;
-
-        Properties vectors = new Properties();
-
-        while (true)
-        {
-            final String line = lineReader.readLine();
-            if (line == null)
-            {
-                listener.receiveEnd();
-                break;
-            }
-
-            final Matcher commentMatcher = COMMENT_PATTERN.matcher(line);
-            if (commentMatcher.matches())
-            {
-                listener.receiveCommentLine(commentMatcher.group(1));
-                continue;
-            }
-
-            final Matcher configMatcher = CONFIG_PATTERN.matcher(line);
-            if (configMatcher.matches())
-            {
-                config.put(configMatcher.group(1), configMatcher.group(2));
-                continue;
-            }
-
-            final Matcher vectorMatcher = VECTOR_PATTERN.matcher(line);
-            if (vectorMatcher.matches())
-            {
-                vectors.put(vectorMatcher.group(1), vectorMatcher.group(2));
-                startNewVector = false;
-                continue;
-            }
-
-            final Matcher emptyMatcher = EMPTY_PATTERN.matcher(line);
-            if (emptyMatcher.matches())
-            {
-                if (startNewVector)
-                {
-                    continue;
-                }
-
-                listener.receiveCAVPVectors(name, config, vectors);
-                vectors = new Properties();
-                startNewVector = true;
-            }
-        }
-
-        listener.tearDown();
-    }
-
-    static Mac createPRF(Properties config)
-    {
-        final Mac prf;
-        if (config.getProperty("PRF").matches("CMAC_AES\\d\\d\\d"))
-        {
-            BlockCipher blockCipher = new AESEngine();
-            prf = new CMac(blockCipher);
-        }
-        else if (config.getProperty("PRF").matches("CMAC_TDES\\d"))
-        {
-            BlockCipher blockCipher = new DESedeEngine();
-            prf = new CMac(blockCipher);
-        }
-        else if (config.getProperty("PRF").matches("HMAC_SHA1"))
-        {
-            Digest digest = new SHA1Digest();
-            prf = new HMac(digest);
-        }
-        else if (config.getProperty("PRF").matches("HMAC_SHA224"))
-        {
-            Digest digest = new SHA224Digest();
-            prf = new HMac(digest);
-        }
-        else if (config.getProperty("PRF").matches("HMAC_SHA256"))
-        {
-            Digest digest = new SHA256Digest();
-            prf = new HMac(digest);
-        }
-        else if (config.getProperty("PRF").matches("HMAC_SHA384"))
-        {
-            Digest digest = new SHA384Digest();
-            prf = new HMac(digest);
-        }
-        else if (config.getProperty("PRF").matches("HMAC_SHA512"))
-        {
-            Digest digest = new SHA512Digest();
-            prf = new HMac(digest);
-        }
-        else
-        {
-            throw new IllegalStateException("Unknown Mac for PRF");
-        }
-        return prf;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/cavp/KDFCounterTests.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/cavp/KDFCounterTests.java
deleted file mode 100644
index 81f1082..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/cavp/KDFCounterTests.java
+++ /dev/null

@@ -1,119 +0,0 @@
-package org.bouncycastle.crypto.test.cavp;
-
-import java.io.FileWriter;
-import java.io.IOException;
-import java.io.PrintWriter;
-import java.util.Properties;
-import java.util.regex.Matcher;
-
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.generators.KDFCounterBytesGenerator;
-import org.bouncycastle.crypto.params.KDFCounterParameters;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.TestFailedException;
-
-public final class KDFCounterTests
-    implements CAVPListener
-{
-    private PrintWriter out;
-
-    public void receiveCAVPVectors(String name, Properties config,
-                                   Properties vectors)
-    {
-
-        // create Mac based PRF from PRF property, create the KDF
-        final Mac prf = CAVPReader.createPRF(config);
-        final KDFCounterBytesGenerator gen = new KDFCounterBytesGenerator(prf);
-
-
-        Matcher matcherForR = CAVPReader.PATTERN_FOR_R.matcher(config.getProperty("RLEN"));
-        if (!matcherForR.matches())
-        {
-            throw new IllegalStateException("RLEN value should always match");
-        }
-        final int r = Integer.parseInt(matcherForR.group(1));
-
-        final int count = Integer.parseInt(vectors.getProperty("COUNT"));
-        final int l = Integer.parseInt(vectors.getProperty("L"));
-        final byte[] ki = Hex.decode(vectors.getProperty("KI"));
-
-        //Three variants of this KDF are possible, with the counter before the fixed data, after the fixed data, or in the middle of the fixed data.
-        if (config.getProperty("CTRLOCATION").matches("BEFORE_FIXED"))
-        {
-            final byte[] fixedInputData = Hex.decode(vectors.getProperty("FixedInputData"));
-            final KDFCounterParameters params = new KDFCounterParameters(ki, null, fixedInputData, r);
-            gen.init(params);
-        } 
-        else if (config.getProperty("CTRLOCATION").matches("AFTER_FIXED"))
-        {
-            final byte[] fixedInputData = Hex.decode(vectors.getProperty("FixedInputData"));
-            final KDFCounterParameters params = new KDFCounterParameters(ki, fixedInputData, null, r);
-            gen.init(params);
-        }
-        else if (config.getProperty("CTRLOCATION").matches("MIDDLE_FIXED"))
-        {
-        	final byte[] DataBeforeCtrData = Hex.decode(vectors.getProperty("DataBeforeCtrData"));
-        	final byte[] DataAfterCtrData = Hex.decode(vectors.getProperty("DataAfterCtrData"));
-            final KDFCounterParameters params = new KDFCounterParameters(ki, DataBeforeCtrData, DataAfterCtrData, r);
-            gen.init(params);
-        }
-        else
-        {
-        	return; // Unknown CTRLOCATION
-        }
-    
-
-        final byte[] koGenerated = new byte[l / 8];
-        gen.generateBytes(koGenerated, 0, koGenerated.length);
-
-        final byte[] koVectors = Hex.decode(vectors.getProperty("KO"));
-
-        compareKO(name, config, count, koGenerated, koVectors);
-    }
-
-    private static void compareKO(
-        String name, Properties config, int test, byte[] calculatedOKM, byte[] testOKM)
-    {
-
-        if (!Arrays.areEqual(calculatedOKM, testOKM))
-        {
-            throw new TestFailedException(new SimpleTestResult(
-                false, name + " using " + config + " test " + test + " failed"));
-
-        }
-    }
-
-    public void receiveCommentLine(String commentLine)
-    {
-        //                out.println("# " + commentLine);
-    }
-
-    public void receiveStart(String name)
-    {
-        // do nothing
-    }
-
-    public void receiveEnd()
-    {
-        out.println(" *** *** *** ");
-    }
-
-    public void setup()
-    {
-        try
-        {
-            out = new PrintWriter(new FileWriter("KDFCTR.gen"));
-        }
-        catch (IOException e)
-        {
-            throw new IllegalStateException(e);
-        }
-    }
-
-    public void tearDown()
-    {
-        out.close();
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/cavp/KDFDoublePipelineCounterTests.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/cavp/KDFDoublePipelineCounterTests.java
deleted file mode 100644
index 5b3df02..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/cavp/KDFDoublePipelineCounterTests.java
+++ /dev/null

@@ -1,107 +0,0 @@
-package org.bouncycastle.crypto.test.cavp;
-
-import java.io.FileWriter;
-import java.io.IOException;
-import java.io.PrintWriter;
-import java.util.Properties;
-import java.util.regex.Matcher;
-
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.generators.KDFDoublePipelineIterationBytesGenerator;
-import org.bouncycastle.crypto.params.KDFDoublePipelineIterationParameters;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.TestFailedException;
-
-public final class KDFDoublePipelineCounterTests
-    implements CAVPListener
-{
-    private PrintWriter out;
-
-    public void receiveCAVPVectors(String name, Properties config,
-                                   Properties vectors)
-    {
-        //                out.println(" === " + name + " === ");
-        //                out.println(" --- config --- ");
-        //                out.println(config);
-        //                out.println(" --- vectors --- ");
-        //                out.println(vectors);
-
-        // always skip AFTER_FIXED
-        if (!config.getProperty("CTRLOCATION").matches("AFTER_ITER"))
-        {
-            return;
-        }
-
-        // create Mac based PRF from PRF property, create the KDF
-        final Mac prf = CAVPReader.createPRF(config);
-        final KDFDoublePipelineIterationBytesGenerator gen = new KDFDoublePipelineIterationBytesGenerator(prf);
-
-
-        Matcher matcherForR = CAVPReader.PATTERN_FOR_R.matcher(config.getProperty("RLEN"));
-        if (!matcherForR.matches())
-        {
-            throw new IllegalStateException("RLEN value should always match");
-        }
-        final int r = Integer.parseInt(matcherForR.group(1));
-
-        final int count = Integer.parseInt(vectors.getProperty("COUNT"));
-        final int l = Integer.parseInt(vectors.getProperty("L"));
-        final byte[] ki = Hex.decode(vectors.getProperty("KI"));
-        final byte[] fixedInputData = Hex.decode(vectors.getProperty("FixedInputData"));
-        final KDFDoublePipelineIterationParameters params = KDFDoublePipelineIterationParameters.createWithCounter(ki, fixedInputData, r);
-        gen.init(params);
-
-        final byte[] koGenerated = new byte[l / 8];
-        gen.generateBytes(koGenerated, 0, koGenerated.length);
-
-        final byte[] koVectors = Hex.decode(vectors.getProperty("KO"));
-
-        compareKO(name, config, count, koGenerated, koVectors);
-    }
-
-    private static void compareKO(
-        String name, Properties config, int test, byte[] calculatedOKM, byte[] testOKM)
-    {
-
-        if (!Arrays.areEqual(calculatedOKM, testOKM))
-        {
-            throw new TestFailedException(new SimpleTestResult(
-                false, name + " using " + config + " test " + test + " failed"));
-
-        }
-    }
-
-    public void receiveCommentLine(String commentLine)
-    {
-        //                out.println("# " + commentLine);
-    }
-
-    public void receiveStart(String name)
-    {
-        // do nothing
-    }
-
-    public void receiveEnd()
-    {
-        out.println(" *** *** *** ");
-    }
-
-    public void setup()
-    {
-        try
-        {
-            out = new PrintWriter(new FileWriter("KDFDblPipelineCounter.gen"));
-        }
-        catch (IOException e)
-        {
-            throw new IllegalStateException(e);
-        }
-    }
-
-    public void tearDown()
-    {
-        out.close();
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/cavp/KDFDoublePipelineIterationNoCounterTests.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/cavp/KDFDoublePipelineIterationNoCounterTests.java
deleted file mode 100644
index 3923f9a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/cavp/KDFDoublePipelineIterationNoCounterTests.java
+++ /dev/null

@@ -1,88 +0,0 @@
-package org.bouncycastle.crypto.test.cavp;
-
-import java.io.FileWriter;
-import java.io.IOException;
-import java.io.PrintWriter;
-import java.util.Properties;
-
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.generators.KDFDoublePipelineIterationBytesGenerator;
-import org.bouncycastle.crypto.params.KDFDoublePipelineIterationParameters;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.TestFailedException;
-
-public final class KDFDoublePipelineIterationNoCounterTests
-    implements CAVPListener
-{
-    private PrintWriter out;
-
-    public void receiveCAVPVectors(String name, Properties config,
-                                   Properties vectors)
-    {
-
-
-        // create Mac based PRF from PRF property, create the KDF
-        final Mac prf = CAVPReader.createPRF(config);
-        final KDFDoublePipelineIterationBytesGenerator gen = new KDFDoublePipelineIterationBytesGenerator(prf);
-
-        final int count = Integer.parseInt(vectors.getProperty("COUNT"));
-        final int l = Integer.parseInt(vectors.getProperty("L"));
-        final byte[] ki = Hex.decode(vectors.getProperty("KI"));
-        final byte[] fixedInputData = Hex.decode(vectors.getProperty("FixedInputData"));
-        final KDFDoublePipelineIterationParameters params = KDFDoublePipelineIterationParameters.createWithoutCounter(ki, fixedInputData);
-        gen.init(params);
-
-        final byte[] koGenerated = new byte[l / 8];
-        gen.generateBytes(koGenerated, 0, koGenerated.length);
-
-        final byte[] koVectors = Hex.decode(vectors.getProperty("KO"));
-
-        compareKO(name, config, count, koGenerated, koVectors);
-    }
-
-    private static void compareKO(
-        String name, Properties config, int test, byte[] calculatedOKM, byte[] testOKM)
-    {
-
-        if (!Arrays.areEqual(calculatedOKM, testOKM))
-        {
-            throw new TestFailedException(new SimpleTestResult(
-                false, name + " using " + config + " test " + test + " failed"));
-
-        }
-    }
-
-    public void receiveCommentLine(String commentLine)
-    {
-        //                out.println("# " + commentLine);
-    }
-
-    public void receiveStart(String name)
-    {
-        // do nothing
-    }
-
-    public void receiveEnd()
-    {
-        out.println(" *** *** *** ");
-    }
-
-    public void setup()
-    {
-        try
-        {
-            out = new PrintWriter(new FileWriter("KDFDblPipelineNoCounter.gen"));
-        }
-        catch (IOException e)
-        {
-            throw new IllegalStateException(e);
-        }
-    }
-
-    public void tearDown()
-    {
-        out.close();
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/cavp/KDFFeedbackCounterTests.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/cavp/KDFFeedbackCounterTests.java
deleted file mode 100644
index 6f8a0fd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/cavp/KDFFeedbackCounterTests.java
+++ /dev/null

@@ -1,108 +0,0 @@
-package org.bouncycastle.crypto.test.cavp;
-
-import java.io.FileWriter;
-import java.io.IOException;
-import java.io.PrintWriter;
-import java.util.Properties;
-import java.util.regex.Matcher;
-
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.generators.KDFFeedbackBytesGenerator;
-import org.bouncycastle.crypto.params.KDFFeedbackParameters;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.TestFailedException;
-
-public final class KDFFeedbackCounterTests
-    implements CAVPListener
-{
-    private PrintWriter out;
-
-    public void receiveCAVPVectors(String name, Properties config,
-                                   Properties vectors)
-    {
-        //                out.println(" === " + name + " === ");
-        //                out.println(" --- config --- ");
-        //                out.println(config);
-        //                out.println(" --- vectors --- ");
-        //                out.println(vectors);
-
-        // always skip AFTER_FIXED
-        if (!config.getProperty("CTRLOCATION").matches("AFTER_ITER"))
-        {
-            return;
-        }
-
-        // create Mac based PRF from PRF property, create the KDF
-        final Mac prf = CAVPReader.createPRF(config);
-        final KDFFeedbackBytesGenerator gen = new KDFFeedbackBytesGenerator(prf);
-
-
-        Matcher matcherForR = CAVPReader.PATTERN_FOR_R.matcher(config.getProperty("RLEN"));
-        if (!matcherForR.matches())
-        {
-            throw new IllegalStateException("RLEN value should always match");
-        }
-        final int r = Integer.parseInt(matcherForR.group(1));
-
-        final int count = Integer.parseInt(vectors.getProperty("COUNT"));
-        final int l = Integer.parseInt(vectors.getProperty("L"));
-        final byte[] ki = Hex.decode(vectors.getProperty("KI"));
-        final byte[] iv = Hex.decode(vectors.getProperty("IV"));
-        final byte[] fixedInputData = Hex.decode(vectors.getProperty("FixedInputData"));
-        final KDFFeedbackParameters params = KDFFeedbackParameters.createWithCounter(ki, iv, fixedInputData, r);
-        gen.init(params);
-
-        final byte[] koGenerated = new byte[l / 8];
-        gen.generateBytes(koGenerated, 0, koGenerated.length);
-
-        final byte[] koVectors = Hex.decode(vectors.getProperty("KO"));
-
-        compareKO(name, config, count, koGenerated, koVectors);
-    }
-
-    private static void compareKO(
-        String name, Properties config, int test, byte[] calculatedOKM, byte[] testOKM)
-    {
-
-        if (!Arrays.areEqual(calculatedOKM, testOKM))
-        {
-            throw new TestFailedException(new SimpleTestResult(
-                false, name + " using " + config + " test " + test + " failed"));
-
-        }
-    }
-
-    public void receiveCommentLine(String commentLine)
-    {
-        //                out.println("# " + commentLine);
-    }
-
-    public void receiveStart(String name)
-    {
-        // do nothing
-    }
-
-    public void receiveEnd()
-    {
-        out.println(" *** *** *** ");
-    }
-
-    public void setup()
-    {
-        try
-        {
-            out = new PrintWriter(new FileWriter("KDFFeedbackCounter.gen"));
-        }
-        catch (IOException e)
-        {
-            throw new IllegalStateException(e);
-        }
-    }
-
-    public void tearDown()
-    {
-        out.close();
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/cavp/KDFFeedbackNoCounterTests.java b/bcprov/src/main/java/org/bouncycastle/crypto/test/cavp/KDFFeedbackNoCounterTests.java
deleted file mode 100644
index cd7d8b8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/cavp/KDFFeedbackNoCounterTests.java
+++ /dev/null

@@ -1,89 +0,0 @@
-package org.bouncycastle.crypto.test.cavp;
-
-import java.io.FileWriter;
-import java.io.IOException;
-import java.io.PrintWriter;
-import java.util.Properties;
-
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.generators.KDFFeedbackBytesGenerator;
-import org.bouncycastle.crypto.params.KDFFeedbackParameters;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.TestFailedException;
-
-public final class KDFFeedbackNoCounterTests
-    implements CAVPListener
-{
-    private PrintWriter out;
-
-    public void receiveCAVPVectors(String name, Properties config,
-                                   Properties vectors)
-    {
-
-
-        // create Mac based PRF from PRF property, create the KDF
-        final Mac prf = CAVPReader.createPRF(config);
-        final KDFFeedbackBytesGenerator gen = new KDFFeedbackBytesGenerator(prf);
-
-        final int count = Integer.parseInt(vectors.getProperty("COUNT"));
-        final int l = Integer.parseInt(vectors.getProperty("L"));
-        final byte[] ki = Hex.decode(vectors.getProperty("KI"));
-        final byte[] iv = Hex.decode(vectors.getProperty("IV"));
-        final byte[] fixedInputData = Hex.decode(vectors.getProperty("FixedInputData"));
-        final KDFFeedbackParameters params = KDFFeedbackParameters.createWithoutCounter(ki, iv, fixedInputData);
-        gen.init(params);
-
-        final byte[] koGenerated = new byte[l / 8];
-        gen.generateBytes(koGenerated, 0, koGenerated.length);
-
-        final byte[] koVectors = Hex.decode(vectors.getProperty("KO"));
-
-        compareKO(name, config, count, koGenerated, koVectors);
-    }
-
-    private static void compareKO(
-        String name, Properties config, int test, byte[] calculatedOKM, byte[] testOKM)
-    {
-
-        if (!Arrays.areEqual(calculatedOKM, testOKM))
-        {
-            throw new TestFailedException(new SimpleTestResult(
-                false, name + " using " + config + " test " + test + " failed"));
-
-        }
-    }
-
-    public void receiveCommentLine(String commentLine)
-    {
-//                out.println("# " + commentLine);
-    }
-
-    public void receiveStart(String name)
-    {
-        // do nothing
-    }
-
-    public void receiveEnd()
-    {
-        out.println(" *** *** *** ");
-    }
-
-    public void setup()
-    {
-        try
-        {
-            out = new PrintWriter(new FileWriter("KDFFeedbackNoCounter.gen"));
-        }
-        catch (IOException e)
-        {
-            throw new IllegalStateException(e);
-        }
-    }
-
-    public void tearDown()
-    {
-        out.close();
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/test/package.html b/bcprov/src/main/java/org/bouncycastle/crypto/test/package.html
deleted file mode 100644
index 7bb5e6b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/test/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Example code and test classes for the lightweight API.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsAgreementCredentials.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsAgreementCredentials.java
deleted file mode 100644
index ef7f4fb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsAgreementCredentials.java
+++ /dev/null

@@ -1,7 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-public abstract class AbstractTlsAgreementCredentials
-    extends AbstractTlsCredentials
-    implements TlsAgreementCredentials
-{
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsCipherFactory.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsCipherFactory.java
deleted file mode 100644
index 71a2cab..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsCipherFactory.java
+++ /dev/null

@@ -1,13 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-
-public class AbstractTlsCipherFactory
-    implements TlsCipherFactory
-{
-    public TlsCipher createCipher(TlsContext context, int encryptionAlgorithm, int macAlgorithm)
-        throws IOException
-    {
-        throw new TlsFatalAlert(AlertDescription.internal_error);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsClient.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsClient.java
deleted file mode 100644
index 49a0b03..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsClient.java
+++ /dev/null

@@ -1,266 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-import java.util.Hashtable;
-import java.util.Vector;
-
-public abstract class AbstractTlsClient
-    extends AbstractTlsPeer
-    implements TlsClient
-{
-    protected TlsCipherFactory cipherFactory;
-
-    protected TlsClientContext context;
-
-    protected Vector supportedSignatureAlgorithms;
-    protected int[] namedCurves;
-    protected short[] clientECPointFormats, serverECPointFormats;
-
-    protected int selectedCipherSuite;
-    protected short selectedCompressionMethod;
-
-    public AbstractTlsClient()
-    {
-        this(new DefaultTlsCipherFactory());
-    }
-
-    public AbstractTlsClient(TlsCipherFactory cipherFactory)
-    {
-        this.cipherFactory = cipherFactory;
-    }
-
-    protected boolean allowUnexpectedServerExtension(Integer extensionType, byte[] extensionData)
-        throws IOException
-    {
-        switch (extensionType.intValue())
-        {
-        case ExtensionType.elliptic_curves:
-            /*
-             * Exception added based on field reports that some servers do send this, although the
-             * Supported Elliptic Curves Extension is clearly intended to be client-only. If
-             * present, we still require that it is a valid EllipticCurveList.
-             */
-            TlsECCUtils.readSupportedEllipticCurvesExtension(extensionData);
-            return true;
-
-        case ExtensionType.ec_point_formats:
-            /*
-             * Exception added based on field reports that some servers send this even when they
-             * didn't negotiate an ECC cipher suite. If present, we still require that it is a valid
-             * ECPointFormatList.
-             */
-            TlsECCUtils.readSupportedPointFormatsExtension(extensionData);
-            return true;
-
-        default:
-            return false;
-        }
-    }
-
-    protected void checkForUnexpectedServerExtension(Hashtable serverExtensions, Integer extensionType)
-        throws IOException
-    {
-        byte[] extensionData = TlsUtils.getExtensionData(serverExtensions, extensionType);
-        if (extensionData != null && !allowUnexpectedServerExtension(extensionType, extensionData))
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-    }
-
-    public void init(TlsClientContext context)
-    {
-        this.context = context;
-    }
-
-    public TlsSession getSessionToResume()
-    {
-        return null;
-    }
-
-    public ProtocolVersion getClientHelloRecordLayerVersion()
-    {
-        // "{03,00}"
-        // return ProtocolVersion.SSLv3;
-
-        // "the lowest version number supported by the client"
-        // return getMinimumVersion();
-
-        // "the value of ClientHello.client_version"
-        return getClientVersion();
-    }
-
-    public ProtocolVersion getClientVersion()
-    {
-        return ProtocolVersion.TLSv12;
-    }
-
-    public boolean isFallback()
-    {
-        /*
-         * RFC 7507 4. The TLS_FALLBACK_SCSV cipher suite value is meant for use by clients that
-         * repeat a connection attempt with a downgraded protocol (perform a "fallback retry") in
-         * order to work around interoperability problems with legacy servers.
-         */
-        return false;
-    }
-
-    public Hashtable getClientExtensions()
-        throws IOException
-    {
-        Hashtable clientExtensions = null;
-
-        ProtocolVersion clientVersion = context.getClientVersion();
-
-        /*
-         * RFC 5246 7.4.1.4.1. Note: this extension is not meaningful for TLS versions prior to 1.2.
-         * Clients MUST NOT offer it if they are offering prior versions.
-         */
-        if (TlsUtils.isSignatureAlgorithmsExtensionAllowed(clientVersion))
-        {
-            // TODO Provide a way for the user to specify the acceptable hash/signature algorithms.
-
-            this.supportedSignatureAlgorithms = TlsUtils.getDefaultSupportedSignatureAlgorithms();
-
-            clientExtensions = TlsExtensionsUtils.ensureExtensionsInitialised(clientExtensions);
-
-            TlsUtils.addSignatureAlgorithmsExtension(clientExtensions, supportedSignatureAlgorithms);
-        }
-
-        if (TlsECCUtils.containsECCCipherSuites(getCipherSuites()))
-        {
-            /*
-             * RFC 4492 5.1. A client that proposes ECC cipher suites in its ClientHello message
-             * appends these extensions (along with any others), enumerating the curves it supports
-             * and the point formats it can parse. Clients SHOULD send both the Supported Elliptic
-             * Curves Extension and the Supported Point Formats Extension.
-             */
-            /*
-             * TODO Could just add all the curves since we support them all, but users may not want
-             * to use unnecessarily large fields. Need configuration options.
-             */
-            this.namedCurves = new int[]{ NamedCurve.secp256r1, NamedCurve.secp384r1 };
-            this.clientECPointFormats = new short[]{ ECPointFormat.uncompressed,
-                ECPointFormat.ansiX962_compressed_prime, ECPointFormat.ansiX962_compressed_char2, };
-
-            clientExtensions = TlsExtensionsUtils.ensureExtensionsInitialised(clientExtensions);
-
-            TlsECCUtils.addSupportedEllipticCurvesExtension(clientExtensions, namedCurves);
-            TlsECCUtils.addSupportedPointFormatsExtension(clientExtensions, clientECPointFormats);
-        }
-
-        return clientExtensions;
-    }
-
-    public ProtocolVersion getMinimumVersion()
-    {
-        return ProtocolVersion.TLSv10;
-    }
-
-    public void notifyServerVersion(ProtocolVersion serverVersion)
-        throws IOException
-    {
-        if (!getMinimumVersion().isEqualOrEarlierVersionOf(serverVersion))
-        {
-            throw new TlsFatalAlert(AlertDescription.protocol_version);
-        }
-    }
-
-    public short[] getCompressionMethods()
-    {
-        return new short[]{CompressionMethod._null};
-    }
-
-    public void notifySessionID(byte[] sessionID)
-    {
-        // Currently ignored
-    }
-
-    public void notifySelectedCipherSuite(int selectedCipherSuite)
-    {
-        this.selectedCipherSuite = selectedCipherSuite;
-    }
-
-    public void notifySelectedCompressionMethod(short selectedCompressionMethod)
-    {
-        this.selectedCompressionMethod = selectedCompressionMethod;
-    }
-
-    public void processServerExtensions(Hashtable serverExtensions)
-        throws IOException
-    {
-        /*
-         * TlsProtocol implementation validates that any server extensions received correspond to
-         * client extensions sent. By default, we don't send any, and this method is not called.
-         */
-        if (serverExtensions != null)
-        {
-            /*
-             * RFC 5246 7.4.1.4.1. Servers MUST NOT send this extension.
-             */
-            checkForUnexpectedServerExtension(serverExtensions, TlsUtils.EXT_signature_algorithms);
-
-            checkForUnexpectedServerExtension(serverExtensions, TlsECCUtils.EXT_elliptic_curves);
-
-            if (TlsECCUtils.isECCCipherSuite(this.selectedCipherSuite))
-            {
-                this.serverECPointFormats = TlsECCUtils.getSupportedPointFormatsExtension(serverExtensions);
-            }
-            else
-            {
-                checkForUnexpectedServerExtension(serverExtensions, TlsECCUtils.EXT_ec_point_formats);
-            }
-
-            /*
-             * RFC 7685 3. The server MUST NOT echo the extension.
-             */
-            checkForUnexpectedServerExtension(serverExtensions, TlsExtensionsUtils.EXT_padding);
-        }
-    }
-
-    public void processServerSupplementalData(Vector serverSupplementalData)
-        throws IOException
-    {
-        if (serverSupplementalData != null)
-        {
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-    }
-
-    public Vector getClientSupplementalData()
-        throws IOException
-    {
-        return null;
-    }
-
-    public TlsCompression getCompression()
-        throws IOException
-    {
-        switch (selectedCompressionMethod)
-        {
-        case CompressionMethod._null:
-            return new TlsNullCompression();
-
-        default:
-            /*
-             * Note: internal error here; the TlsProtocol implementation verifies that the
-             * server-selected compression method was in the list of client-offered compression
-             * methods, so if we now can't produce an implementation, we shouldn't have offered it!
-             */
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    public TlsCipher getCipher()
-        throws IOException
-    {
-        int encryptionAlgorithm = TlsUtils.getEncryptionAlgorithm(selectedCipherSuite);
-        int macAlgorithm = TlsUtils.getMACAlgorithm(selectedCipherSuite);
-
-        return cipherFactory.createCipher(context, encryptionAlgorithm, macAlgorithm);
-    }
-
-    public void notifyNewSessionTicket(NewSessionTicket newSessionTicket)
-        throws IOException
-    {
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsContext.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsContext.java
deleted file mode 100644
index 31ee181..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsContext.java
+++ /dev/null

@@ -1,148 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.prng.DigestRandomGenerator;
-import org.bouncycastle.crypto.prng.RandomGenerator;
-import org.bouncycastle.util.Times;
-
-abstract class AbstractTlsContext
-    implements TlsContext
-{
-    private static long counter = Times.nanoTime();
-
-    private synchronized static long nextCounterValue()
-    {
-        return ++counter;
-    }
-
-    private RandomGenerator nonceRandom;
-    private SecureRandom secureRandom;
-    private SecurityParameters securityParameters;
-
-    private ProtocolVersion clientVersion = null;
-    private ProtocolVersion serverVersion = null;
-    private TlsSession session = null;
-    private Object userObject = null;
-
-    AbstractTlsContext(SecureRandom secureRandom, SecurityParameters securityParameters)
-    {
-        Digest d = TlsUtils.createHash(HashAlgorithm.sha256);
-        byte[] seed = new byte[d.getDigestSize()];
-        secureRandom.nextBytes(seed);
-
-        this.nonceRandom = new DigestRandomGenerator(d);
-        nonceRandom.addSeedMaterial(nextCounterValue());
-        nonceRandom.addSeedMaterial(Times.nanoTime());
-        nonceRandom.addSeedMaterial(seed);
-
-        this.secureRandom = secureRandom;
-        this.securityParameters = securityParameters;
-    }
-
-    public RandomGenerator getNonceRandomGenerator()
-    {
-        return nonceRandom;
-    }
-
-    public SecureRandom getSecureRandom()
-    {
-        return secureRandom;
-    }
-
-    public SecurityParameters getSecurityParameters()
-    {
-        return securityParameters;
-    }
-
-    public ProtocolVersion getClientVersion()
-    {
-        return clientVersion;
-    }
-
-    void setClientVersion(ProtocolVersion clientVersion)
-    {
-        this.clientVersion = clientVersion;
-    }
-
-    public ProtocolVersion getServerVersion()
-    {
-        return serverVersion;
-    }
-
-    void setServerVersion(ProtocolVersion serverVersion)
-    {
-        this.serverVersion = serverVersion;
-    }
-
-    public TlsSession getResumableSession()
-    {
-        return session;
-    }
-
-    void setResumableSession(TlsSession session)
-    {
-        this.session = session;
-    }
-
-    public Object getUserObject()
-    {
-        return userObject;
-    }
-
-    public void setUserObject(Object userObject)
-    {
-        this.userObject = userObject;
-    }
-
-    public byte[] exportKeyingMaterial(String asciiLabel, byte[] context_value, int length)
-    {
-        if (context_value != null && !TlsUtils.isValidUint16(context_value.length))
-        {
-            throw new IllegalArgumentException("'context_value' must have length less than 2^16 (or be null)");
-        }
-
-        SecurityParameters sp = getSecurityParameters();
-        if (!sp.isExtendedMasterSecret())
-        {
-            /*
-             * RFC 7627 5.4. If a client or server chooses to continue with a full handshake without
-             * the extended master secret extension, [..] the client or server MUST NOT export any
-             * key material based on the new master secret for any subsequent application-level
-             * authentication. In particular, it MUST disable [RFC5705] [..].
-             */
-            throw new IllegalStateException("cannot export keying material without extended_master_secret");
-        }
-
-        byte[] cr = sp.getClientRandom(), sr = sp.getServerRandom();
-
-        int seedLength = cr.length + sr.length;
-        if (context_value != null)
-        {
-            seedLength += (2 + context_value.length);
-        }
-
-        byte[] seed = new byte[seedLength];
-        int seedPos = 0;
-
-        System.arraycopy(cr, 0, seed, seedPos, cr.length);
-        seedPos += cr.length;
-        System.arraycopy(sr, 0, seed, seedPos, sr.length);
-        seedPos += sr.length;
-        if (context_value != null)
-        {
-            TlsUtils.writeUint16(context_value.length, seed, seedPos);
-            seedPos += 2;
-            System.arraycopy(context_value, 0, seed, seedPos, context_value.length);
-            seedPos += context_value.length;
-        }
-
-        if (seedPos != seedLength)
-        {
-            throw new IllegalStateException("error in calculation of seed for export");
-        }
-
-        return TlsUtils.PRF(this, sp.getMasterSecret(), asciiLabel, seed, length);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsCredentials.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsCredentials.java
deleted file mode 100644
index b98743f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsCredentials.java
+++ /dev/null

@@ -1,6 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-public abstract class AbstractTlsCredentials
-    implements TlsCredentials
-{
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsEncryptionCredentials.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsEncryptionCredentials.java
deleted file mode 100644
index e6ff39b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsEncryptionCredentials.java
+++ /dev/null

@@ -1,7 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-public abstract class AbstractTlsEncryptionCredentials
-    extends AbstractTlsCredentials
-    implements TlsEncryptionCredentials
-{
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsKeyExchange.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsKeyExchange.java
deleted file mode 100644
index 37f982c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsKeyExchange.java
+++ /dev/null

@@ -1,176 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.Vector;
-
-public abstract class AbstractTlsKeyExchange
-    implements TlsKeyExchange
-{
-    protected int keyExchange;
-    protected Vector supportedSignatureAlgorithms;
-
-    protected TlsContext context;
-
-    protected AbstractTlsKeyExchange(int keyExchange, Vector supportedSignatureAlgorithms)
-    {
-        this.keyExchange = keyExchange;
-        this.supportedSignatureAlgorithms = supportedSignatureAlgorithms;
-    }
-
-    protected DigitallySigned parseSignature(InputStream input) throws IOException
-    {
-        DigitallySigned signature = DigitallySigned.parse(context, input);
-        SignatureAndHashAlgorithm signatureAlgorithm = signature.getAlgorithm();
-        if (signatureAlgorithm != null)
-        {
-            TlsUtils.verifySupportedSignatureAlgorithm(supportedSignatureAlgorithms, signatureAlgorithm);
-        }
-        return signature;
-    }
-
-    public void init(TlsContext context)
-    {
-        this.context = context;
-
-        ProtocolVersion clientVersion = context.getClientVersion();
-
-        if (TlsUtils.isSignatureAlgorithmsExtensionAllowed(clientVersion))
-        {
-            /*
-             * RFC 5246 7.4.1.4.1. If the client does not send the signature_algorithms extension,
-             * the server MUST do the following:
-             * 
-             * - If the negotiated key exchange algorithm is one of (RSA, DHE_RSA, DH_RSA, RSA_PSK,
-             * ECDH_RSA, ECDHE_RSA), behave as if client had sent the value {sha1,rsa}.
-             * 
-             * - If the negotiated key exchange algorithm is one of (DHE_DSS, DH_DSS), behave as if
-             * the client had sent the value {sha1,dsa}.
-             * 
-             * - If the negotiated key exchange algorithm is one of (ECDH_ECDSA, ECDHE_ECDSA),
-             * behave as if the client had sent value {sha1,ecdsa}.
-             */
-            if (this.supportedSignatureAlgorithms == null)
-            {
-                switch (keyExchange)
-                {
-                case KeyExchangeAlgorithm.DH_DSS:
-                case KeyExchangeAlgorithm.DHE_DSS:
-                case KeyExchangeAlgorithm.SRP_DSS:
-                {
-                    this.supportedSignatureAlgorithms = TlsUtils.getDefaultDSSSignatureAlgorithms();
-                    break;
-                }
-
-                case KeyExchangeAlgorithm.ECDH_ECDSA:
-                case KeyExchangeAlgorithm.ECDHE_ECDSA:
-                {
-                    this.supportedSignatureAlgorithms = TlsUtils.getDefaultECDSASignatureAlgorithms();
-                    break;
-                }
-
-                case KeyExchangeAlgorithm.DH_RSA:
-                case KeyExchangeAlgorithm.DHE_RSA:
-                case KeyExchangeAlgorithm.ECDH_RSA:
-                case KeyExchangeAlgorithm.ECDHE_RSA:
-                case KeyExchangeAlgorithm.RSA:
-                case KeyExchangeAlgorithm.RSA_PSK:
-                case KeyExchangeAlgorithm.SRP_RSA:
-                {
-                    this.supportedSignatureAlgorithms = TlsUtils.getDefaultRSASignatureAlgorithms();
-                    break;
-                }
-
-                case KeyExchangeAlgorithm.DHE_PSK:
-                case KeyExchangeAlgorithm.ECDHE_PSK:
-                case KeyExchangeAlgorithm.PSK:
-                case KeyExchangeAlgorithm.SRP:
-                    break;
-
-                default:
-                    throw new IllegalStateException("unsupported key exchange algorithm");
-                }
-            }
-        }
-        else if (this.supportedSignatureAlgorithms != null)
-        {
-            throw new IllegalStateException("supported_signature_algorithms not allowed for " + clientVersion);
-        }
-    }
-
-    public void processServerCertificate(Certificate serverCertificate)
-        throws IOException
-    {
-        if (supportedSignatureAlgorithms == null)
-        {
-            /*
-             * TODO RFC 2246 7.4.2. Unless otherwise specified, the signing algorithm for the
-             * certificate must be the same as the algorithm for the certificate key.
-             */
-        }
-        else
-        {
-            /*
-             * TODO RFC 5246 7.4.2. If the client provided a "signature_algorithms" extension, then
-             * all certificates provided by the server MUST be signed by a hash/signature algorithm
-             * pair that appears in that extension.
-             */
-        }
-    }
-
-    public void processServerCredentials(TlsCredentials serverCredentials)
-        throws IOException
-    {
-        processServerCertificate(serverCredentials.getCertificate());
-    }
-
-    public boolean requiresServerKeyExchange()
-    {
-        return false;
-    }
-
-    public byte[] generateServerKeyExchange()
-        throws IOException
-    {
-        if (requiresServerKeyExchange())
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-        return null;
-    }
-
-    public void skipServerKeyExchange()
-        throws IOException
-    {
-        if (requiresServerKeyExchange())
-        {
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-    }
-
-    public void processServerKeyExchange(InputStream input)
-        throws IOException
-    {
-        if (!requiresServerKeyExchange())
-        {
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-    }
-
-    public void skipClientCredentials()
-        throws IOException
-    {
-    }
-
-    public void processClientCertificate(Certificate clientCertificate)
-        throws IOException
-    {
-    }
-
-    public void processClientKeyExchange(InputStream input)
-        throws IOException
-    {
-        // Key exchange implementation MUST support client key exchange
-        throw new TlsFatalAlert(AlertDescription.internal_error);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsPeer.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsPeer.java
deleted file mode 100644
index aa3fd69..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsPeer.java
+++ /dev/null

@@ -1,47 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-
-public abstract class AbstractTlsPeer
-    implements TlsPeer
-{
-    public boolean requiresExtendedMasterSecret()
-    {
-        return false;
-    }
-
-    public boolean shouldUseGMTUnixTime()
-    {
-        /*
-         * draft-mathewson-no-gmtunixtime-00 2. For the reasons we discuss above, we recommend that
-         * TLS implementors MUST by default set the entire value the ClientHello.Random and
-         * ServerHello.Random fields, including gmt_unix_time, to a cryptographically random
-         * sequence.
-         */
-        return false;
-    }
-
-    public void notifySecureRenegotiation(boolean secureRenegotiation) throws IOException
-    {
-        if (!secureRenegotiation)
-        {
-            /*
-             * RFC 5746 3.4/3.6. In this case, some clients/servers may want to terminate the handshake instead
-             * of continuing; see Section 4.1/4.3 for discussion.
-             */
-            throw new TlsFatalAlert(AlertDescription.handshake_failure);
-        }
-    }
-
-    public void notifyAlertRaised(short alertLevel, short alertDescription, String message, Throwable cause)
-    {
-    }
-
-    public void notifyAlertReceived(short alertLevel, short alertDescription)
-    {
-    }
-
-    public void notifyHandshakeComplete() throws IOException
-    {
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsServer.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsServer.java
deleted file mode 100644
index 0e22993..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsServer.java
+++ /dev/null

@@ -1,371 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-import java.util.Hashtable;
-import java.util.Vector;
-
-import org.bouncycastle.util.Arrays;
-
-public abstract class AbstractTlsServer
-    extends AbstractTlsPeer
-    implements TlsServer
-{
-    protected TlsCipherFactory cipherFactory;
-
-    protected TlsServerContext context;
-
-    protected ProtocolVersion clientVersion;
-    protected int[] offeredCipherSuites;
-    protected short[] offeredCompressionMethods;
-    protected Hashtable clientExtensions;
-
-    protected boolean encryptThenMACOffered;
-    protected short maxFragmentLengthOffered;
-    protected boolean truncatedHMacOffered;
-    protected Vector supportedSignatureAlgorithms;
-    protected boolean eccCipherSuitesOffered;
-    protected int[] namedCurves;
-    protected short[] clientECPointFormats, serverECPointFormats;
-
-    protected ProtocolVersion serverVersion;
-    protected int selectedCipherSuite;
-    protected short selectedCompressionMethod;
-    protected Hashtable serverExtensions;
-
-    public AbstractTlsServer()
-    {
-        this(new DefaultTlsCipherFactory());
-    }
-
-    public AbstractTlsServer(TlsCipherFactory cipherFactory)
-    {
-        this.cipherFactory = cipherFactory;
-    }
-
-    protected boolean allowEncryptThenMAC()
-    {
-        return true;
-    }
-
-    protected boolean allowTruncatedHMac()
-    {
-        return false;
-    }
-
-    protected Hashtable checkServerExtensions()
-    {
-        return this.serverExtensions = TlsExtensionsUtils.ensureExtensionsInitialised(this.serverExtensions);
-    }
-
-    protected abstract int[] getCipherSuites();
-
-    protected short[] getCompressionMethods()
-    {
-        return new short[]{CompressionMethod._null};
-    }
-
-    protected ProtocolVersion getMaximumVersion()
-    {
-        return ProtocolVersion.TLSv11;
-    }
-
-    protected ProtocolVersion getMinimumVersion()
-    {
-        return ProtocolVersion.TLSv10;
-    }
-
-    protected boolean supportsClientECCCapabilities(int[] namedCurves, short[] ecPointFormats)
-    {
-        // NOTE: BC supports all the current set of point formats so we don't check them here
-
-        if (namedCurves == null)
-        {
-            /*
-             * RFC 4492 4. A client that proposes ECC cipher suites may choose not to include these
-             * extensions. In this case, the server is free to choose any one of the elliptic curves
-             * or point formats [...].
-             */
-            return TlsECCUtils.hasAnySupportedNamedCurves();
-        }
-
-        for (int i = 0; i < namedCurves.length; ++i)
-        {
-            int namedCurve = namedCurves[i];
-            if (NamedCurve.isValid(namedCurve)
-                && (!NamedCurve.refersToASpecificNamedCurve(namedCurve) || TlsECCUtils.isSupportedNamedCurve(namedCurve)))
-            {
-                return true;
-            }
-        }
-
-        return false;
-    }
-
-    public void init(TlsServerContext context)
-    {
-        this.context = context;
-    }
-
-    public void notifyClientVersion(ProtocolVersion clientVersion)
-        throws IOException
-    {
-        this.clientVersion = clientVersion;
-    }
-
-    public void notifyFallback(boolean isFallback) throws IOException
-    {
-        /*
-         * RFC 7507 3. If TLS_FALLBACK_SCSV appears in ClientHello.cipher_suites and the highest
-         * protocol version supported by the server is higher than the version indicated in
-         * ClientHello.client_version, the server MUST respond with a fatal inappropriate_fallback
-         * alert [..].
-         */
-        if (isFallback && getMaximumVersion().isLaterVersionOf(clientVersion))
-        {
-            throw new TlsFatalAlert(AlertDescription.inappropriate_fallback);
-        }
-    }
-
-    public void notifyOfferedCipherSuites(int[] offeredCipherSuites)
-        throws IOException
-    {
-        this.offeredCipherSuites = offeredCipherSuites;
-        this.eccCipherSuitesOffered = TlsECCUtils.containsECCCipherSuites(this.offeredCipherSuites);
-    }
-
-    public void notifyOfferedCompressionMethods(short[] offeredCompressionMethods)
-        throws IOException
-    {
-        this.offeredCompressionMethods = offeredCompressionMethods;
-    }
-
-    public void processClientExtensions(Hashtable clientExtensions)
-        throws IOException
-    {
-        this.clientExtensions = clientExtensions;
-
-        if (clientExtensions != null)
-        {
-            this.encryptThenMACOffered = TlsExtensionsUtils.hasEncryptThenMACExtension(clientExtensions);
-
-            this.maxFragmentLengthOffered = TlsExtensionsUtils.getMaxFragmentLengthExtension(clientExtensions);
-            if (maxFragmentLengthOffered >= 0 && !MaxFragmentLength.isValid(maxFragmentLengthOffered))
-            {
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-            }
-
-            this.truncatedHMacOffered = TlsExtensionsUtils.hasTruncatedHMacExtension(clientExtensions);
-
-            this.supportedSignatureAlgorithms = TlsUtils.getSignatureAlgorithmsExtension(clientExtensions);
-            if (this.supportedSignatureAlgorithms != null)
-            {
-                /*
-                 * RFC 5246 7.4.1.4.1. Note: this extension is not meaningful for TLS versions prior
-                 * to 1.2. Clients MUST NOT offer it if they are offering prior versions.
-                 */
-                if (!TlsUtils.isSignatureAlgorithmsExtensionAllowed(clientVersion))
-                {
-                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-                }
-            }
-
-            this.namedCurves = TlsECCUtils.getSupportedEllipticCurvesExtension(clientExtensions);
-            this.clientECPointFormats = TlsECCUtils.getSupportedPointFormatsExtension(clientExtensions);
-        }
-
-        /*
-         * RFC 4429 4. The client MUST NOT include these extensions in the ClientHello message if it
-         * does not propose any ECC cipher suites.
-         * 
-         * NOTE: This was overly strict as there may be ECC cipher suites that we don't recognize.
-         * Also, draft-ietf-tls-negotiated-ff-dhe will be overloading the 'elliptic_curves'
-         * extension to explicitly allow FFDHE (i.e. non-ECC) groups.
-         */
-//        if (!this.eccCipherSuitesOffered && (this.namedCurves != null || this.clientECPointFormats != null))
-//        {
-//            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-//        }
-    }
-
-    public ProtocolVersion getServerVersion()
-        throws IOException
-    {
-        if (getMinimumVersion().isEqualOrEarlierVersionOf(clientVersion))
-        {
-            ProtocolVersion maximumVersion = getMaximumVersion();
-            if (clientVersion.isEqualOrEarlierVersionOf(maximumVersion))
-            {
-                return serverVersion = clientVersion;
-            }
-            if (clientVersion.isLaterVersionOf(maximumVersion))
-            {
-                return serverVersion = maximumVersion;
-            }
-        }
-        throw new TlsFatalAlert(AlertDescription.protocol_version);
-    }
-
-    public int getSelectedCipherSuite()
-        throws IOException
-    {
-        /*
-         * RFC 5246 7.4.3. In order to negotiate correctly, the server MUST check any candidate
-         * cipher suites against the "signature_algorithms" extension before selecting them. This is
-         * somewhat inelegant but is a compromise designed to minimize changes to the original
-         * cipher suite design.
-         */
-        Vector sigAlgs = TlsUtils.getUsableSignatureAlgorithms(supportedSignatureAlgorithms);
-
-        /*
-         * RFC 4429 5.1. A server that receives a ClientHello containing one or both of these
-         * extensions MUST use the client's enumerated capabilities to guide its selection of an
-         * appropriate cipher suite. One of the proposed ECC cipher suites must be negotiated only
-         * if the server can successfully complete the handshake while using the curves and point
-         * formats supported by the client [...].
-         */
-        boolean eccCipherSuitesEnabled = supportsClientECCCapabilities(this.namedCurves, this.clientECPointFormats);
-
-        int[] cipherSuites = getCipherSuites();
-        for (int i = 0; i < cipherSuites.length; ++i)
-        {
-            int cipherSuite = cipherSuites[i];
-
-            if (Arrays.contains(this.offeredCipherSuites, cipherSuite)
-                && (eccCipherSuitesEnabled || !TlsECCUtils.isECCCipherSuite(cipherSuite))
-                && TlsUtils.isValidCipherSuiteForVersion(cipherSuite, serverVersion)
-                && TlsUtils.isValidCipherSuiteForSignatureAlgorithms(cipherSuite, sigAlgs))
-            {
-                return this.selectedCipherSuite = cipherSuite;
-            }
-        }
-        throw new TlsFatalAlert(AlertDescription.handshake_failure);
-    }
-
-    public short getSelectedCompressionMethod()
-        throws IOException
-    {
-        short[] compressionMethods = getCompressionMethods();
-        for (int i = 0; i < compressionMethods.length; ++i)
-        {
-            if (Arrays.contains(offeredCompressionMethods, compressionMethods[i]))
-            {
-                return this.selectedCompressionMethod = compressionMethods[i];
-            }
-        }
-        throw new TlsFatalAlert(AlertDescription.handshake_failure);
-    }
-
-    // Hashtable is (Integer -> byte[])
-    public Hashtable getServerExtensions()
-        throws IOException
-    {
-        if (this.encryptThenMACOffered && allowEncryptThenMAC())
-        {
-            /*
-             * RFC 7366 3. If a server receives an encrypt-then-MAC request extension from a client
-             * and then selects a stream or Authenticated Encryption with Associated Data (AEAD)
-             * ciphersuite, it MUST NOT send an encrypt-then-MAC response extension back to the
-             * client.
-             */
-            if (TlsUtils.isBlockCipherSuite(this.selectedCipherSuite))
-            {
-                TlsExtensionsUtils.addEncryptThenMACExtension(checkServerExtensions());
-            }
-        }
-
-        if (this.maxFragmentLengthOffered >= 0 && MaxFragmentLength.isValid(maxFragmentLengthOffered))
-        {
-            TlsExtensionsUtils.addMaxFragmentLengthExtension(checkServerExtensions(), this.maxFragmentLengthOffered);
-        }
-
-        if (this.truncatedHMacOffered && allowTruncatedHMac())
-        {
-            TlsExtensionsUtils.addTruncatedHMacExtension(checkServerExtensions());
-        }
-
-        if (this.clientECPointFormats != null && TlsECCUtils.isECCCipherSuite(this.selectedCipherSuite))
-        {
-            /*
-             * RFC 4492 5.2. A server that selects an ECC cipher suite in response to a ClientHello
-             * message including a Supported Point Formats Extension appends this extension (along
-             * with others) to its ServerHello message, enumerating the point formats it can parse.
-             */
-            this.serverECPointFormats = new short[]{ ECPointFormat.uncompressed,
-                ECPointFormat.ansiX962_compressed_prime, ECPointFormat.ansiX962_compressed_char2, };
-
-            TlsECCUtils.addSupportedPointFormatsExtension(checkServerExtensions(), serverECPointFormats);
-        }
-
-        return serverExtensions;
-    }
-
-    public Vector getServerSupplementalData()
-        throws IOException
-    {
-        return null;
-    }
-
-    public CertificateStatus getCertificateStatus()
-        throws IOException
-    {
-        return null;
-    }
-
-    public CertificateRequest getCertificateRequest()
-        throws IOException
-    {
-        return null;
-    }
-
-    public void processClientSupplementalData(Vector clientSupplementalData)
-        throws IOException
-    {
-        if (clientSupplementalData != null)
-        {
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-    }
-
-    public void notifyClientCertificate(Certificate clientCertificate)
-        throws IOException
-    {
-        throw new TlsFatalAlert(AlertDescription.internal_error);
-    }
-
-    public TlsCompression getCompression()
-        throws IOException
-    {
-        switch (selectedCompressionMethod)
-        {
-        case CompressionMethod._null:
-            return new TlsNullCompression();
-
-        default:
-            /*
-             * Note: internal error here; we selected the compression method, so if we now can't
-             * produce an implementation, we shouldn't have chosen it!
-             */
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    public TlsCipher getCipher()
-        throws IOException
-    {
-        int encryptionAlgorithm = TlsUtils.getEncryptionAlgorithm(selectedCipherSuite);
-        int macAlgorithm = TlsUtils.getMACAlgorithm(selectedCipherSuite);
-
-        return cipherFactory.createCipher(context, encryptionAlgorithm, macAlgorithm);
-    }
-
-    public NewSessionTicket getNewSessionTicket()
-        throws IOException
-    {
-        /*
-         * RFC 5077 3.3. If the server determines that it does not want to include a ticket after it
-         * has included the SessionTicket extension in the ServerHello, then it sends a zero-length
-         * ticket in the NewSessionTicket handshake message.
-         */
-        return new NewSessionTicket(0L, TlsUtils.EMPTY_BYTES);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsSigner.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsSigner.java
deleted file mode 100644
index 3a1d631..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsSigner.java
+++ /dev/null

@@ -1,38 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-
-public abstract class AbstractTlsSigner
-    implements TlsSigner
-{
-    protected TlsContext context;
-
-    public void init(TlsContext context)
-    {
-        this.context = context;
-    }
-
-    public byte[] generateRawSignature(AsymmetricKeyParameter privateKey, byte[] md5AndSha1)
-        throws CryptoException
-    {
-        return generateRawSignature(null, privateKey, md5AndSha1);
-    }
-
-    public boolean verifyRawSignature(byte[] sigBytes, AsymmetricKeyParameter publicKey, byte[] md5AndSha1)
-        throws CryptoException
-    {
-        return verifyRawSignature(null, sigBytes, publicKey, md5AndSha1);
-    }
-
-    public Signer createSigner(AsymmetricKeyParameter privateKey)
-    {
-        return createSigner(null, privateKey);
-    }
-
-    public Signer createVerifyer(AsymmetricKeyParameter publicKey)
-    {
-        return createVerifyer(null, publicKey);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsSignerCredentials.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsSignerCredentials.java
deleted file mode 100644
index 3452f52..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/AbstractTlsSignerCredentials.java
+++ /dev/null

@@ -1,11 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-public abstract class AbstractTlsSignerCredentials
-    extends AbstractTlsCredentials
-    implements TlsSignerCredentials
-{
-    public SignatureAndHashAlgorithm getSignatureAndHashAlgorithm()
-    {
-        throw new IllegalStateException("TlsSignerCredentials implementation does not support (D)TLS 1.2+");
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/AlertDescription.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/AlertDescription.java
deleted file mode 100644
index 9c294a9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/AlertDescription.java
+++ /dev/null

@@ -1,303 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/**
- * RFC 5246 7.2.
- */
-public class AlertDescription
-{
-    /**
-     * This message notifies the recipient that the sender will not send any more messages on this
-     * connection. Note that as of TLS 1.1, failure to properly close a connection no longer
-     * requires that a session not be resumed. This is a change from TLS 1.0 ("The session becomes
-     * unresumable if any connection is terminated without proper close_notify messages with level
-     * equal to warning.") to conform with widespread implementation practice.
-     */
-    public static final short close_notify = 0;
-
-    /**
-     * An inappropriate message was received. This alert is always fatal and should never be
-     * observed in communication between proper implementations.
-     */
-    public static final short unexpected_message = 10;
-
-    /**
-     * This alert is returned if a record is received with an incorrect MAC. This alert also MUST be
-     * returned if an alert is sent because a TLSCiphertext decrypted in an invalid way: either it
-     * wasn't an even multiple of the block length, or its padding values, when checked, weren't
-     * correct. This message is always fatal and should never be observed in communication between
-     * proper implementations (except when messages were corrupted in the network).
-     */
-    public static final short bad_record_mac = 20;
-
-    /**
-     * This alert was used in some earlier versions of TLS, and may have permitted certain attacks
-     * against the CBC mode [CBCATT]. It MUST NOT be sent by compliant implementations.
-     */
-    public static final short decryption_failed = 21;
-
-    /**
-     * A TLSCiphertext record was received that had a length more than 2^14+2048 bytes, or a record
-     * decrypted to a TLSCompressed record with more than 2^14+1024 bytes. This message is always
-     * fatal and should never be observed in communication between proper implementations (except
-     * when messages were corrupted in the network).
-     */
-    public static final short record_overflow = 22;
-
-    /**
-     * The decompression function received improper input (e.g., data that would expand to excessive
-     * length). This message is always fatal and should never be observed in communication between
-     * proper implementations.
-     */
-    public static final short decompression_failure = 30;
-
-    /**
-     * Reception of a handshake_failure alert message indicates that the sender was unable to
-     * negotiate an acceptable set of security parameters given the options available. This is a
-     * fatal error.
-     */
-    public static final short handshake_failure = 40;
-
-    /**
-     * This alert was used in SSLv3 but not any version of TLS. It MUST NOT be sent by compliant
-     * implementations.
-     */
-    public static final short no_certificate = 41;
-
-    /**
-     * A certificate was corrupt, contained signatures that did not verify correctly, etc.
-     */
-    public static final short bad_certificate = 42;
-
-    /**
-     * A certificate was of an unsupported type.
-     */
-    public static final short unsupported_certificate = 43;
-
-    /**
-     * A certificate was revoked by its signer.
-     */
-    public static final short certificate_revoked = 44;
-
-    /**
-     * A certificate has expired or is not currently valid.
-     */
-    public static final short certificate_expired = 45;
-
-    /**
-     * Some other (unspecified) issue arose in processing the certificate, rendering it
-     * unacceptable.
-     */
-    public static final short certificate_unknown = 46;
-
-    /**
-     * A field in the handshake was out of range or inconsistent with other fields. This message is
-     * always fatal.
-     */
-    public static final short illegal_parameter = 47;
-
-    /**
-     * A valid certificate chain or partial chain was received, but the certificate was not accepted
-     * because the CA certificate could not be located or couldn't be matched with a known, trusted
-     * CA. This message is always fatal.
-     */
-    public static final short unknown_ca = 48;
-
-    /**
-     * A valid certificate was received, but when access control was applied, the sender decided not
-     * to proceed with negotiation. This message is always fatal.
-     */
-    public static final short access_denied = 49;
-
-    /**
-     * A message could not be decoded because some field was out of the specified range or the
-     * length of the message was incorrect. This message is always fatal and should never be
-     * observed in communication between proper implementations (except when messages were corrupted
-     * in the network).
-     */
-    public static final short decode_error = 50;
-
-    /**
-     * A handshake cryptographic operation failed, including being unable to correctly verify a
-     * signature or validate a Finished message. This message is always fatal.
-     */
-    public static final short decrypt_error = 51;
-
-    /**
-     * This alert was used in some earlier versions of TLS. It MUST NOT be sent by compliant
-     * implementations.
-     */
-    public static final short export_restriction = 60;
-
-    /**
-     * The protocol version the client has attempted to negotiate is recognized but not supported.
-     * (For example, old protocol versions might be avoided for security reasons.) This message is
-     * always fatal.
-     */
-    public static final short protocol_version = 70;
-
-    /**
-     * Returned instead of handshake_failure when a negotiation has failed specifically because the
-     * server requires ciphers more secure than those supported by the client. This message is
-     * always fatal.
-     */
-    public static final short insufficient_security = 71;
-
-    /**
-     * An internal error unrelated to the peer or the correctness of the protocol (such as a memory
-     * allocation failure) makes it impossible to continue. This message is always fatal.
-     */
-    public static final short internal_error = 80;
-
-    /**
-     * This handshake is being canceled for some reason unrelated to a protocol failure. If the user
-     * cancels an operation after the handshake is complete, just closing the connection by sending
-     * a close_notify is more appropriate. This alert should be followed by a close_notify. This
-     * message is generally a warning.
-     */
-    public static final short user_canceled = 90;
-
-    /**
-     * Sent by the client in response to a hello request or by the server in response to a client
-     * hello after initial handshaking. Either of these would normally lead to renegotiation; when
-     * that is not appropriate, the recipient should respond with this alert. At that point, the
-     * original requester can decide whether to proceed with the connection. One case where this
-     * would be appropriate is where a server has spawned a process to satisfy a request; the
-     * process might receive security parameters (key length, authentication, etc.) at startup, and
-     * it might be difficult to communicate changes to these parameters after that point. This
-     * message is always a warning.
-     */
-    public static final short no_renegotiation = 100;
-
-    /**
-     * Sent by clients that receive an extended server hello containing an extension that they did
-     * not put in the corresponding client hello. This message is always fatal.
-     */
-    public static final short unsupported_extension = 110;
-
-    /*
-     * RFC 3546
-     */
-
-    /**
-     * This alert is sent by servers who are unable to retrieve a certificate chain from the URL
-     * supplied by the client (see Section 3.3). This message MAY be fatal - for example if client
-     * authentication is required by the server for the handshake to continue and the server is
-     * unable to retrieve the certificate chain, it may send a fatal alert.
-     */
-    public static final short certificate_unobtainable = 111;
-
-    /**
-     * This alert is sent by servers that receive a server_name extension request, but do not
-     * recognize the server name. This message MAY be fatal.
-     */
-    public static final short unrecognized_name = 112;
-
-    /**
-     * This alert is sent by clients that receive an invalid certificate status response (see
-     * Section 3.6). This message is always fatal.
-     */
-    public static final short bad_certificate_status_response = 113;
-
-    /**
-     * This alert is sent by servers when a certificate hash does not match a client provided
-     * certificate_hash. This message is always fatal.
-     */
-    public static final short bad_certificate_hash_value = 114;
-
-    /*
-     * RFC 4279
-     */
-
-    /**
-     * If the server does not recognize the PSK identity, it MAY respond with an
-     * "unknown_psk_identity" alert message.
-     */
-    public static final short unknown_psk_identity = 115;
-
-    /*
-     * RFC 7507
-     */
-
-    /**
-     * If TLS_FALLBACK_SCSV appears in ClientHello.cipher_suites and the highest protocol version
-     * supported by the server is higher than the version indicated in ClientHello.client_version,
-     * the server MUST respond with a fatal inappropriate_fallback alert [..].
-     */
-    public static final short inappropriate_fallback = 86;
-
-    public static String getName(short alertDescription)
-    {
-        switch (alertDescription)
-        {
-        case close_notify:
-            return "close_notify";
-        case unexpected_message:
-            return "unexpected_message";
-        case bad_record_mac:
-            return "bad_record_mac";
-        case decryption_failed:
-            return "decryption_failed";
-        case record_overflow:
-            return "record_overflow";
-        case decompression_failure:
-            return "decompression_failure";
-        case handshake_failure:
-            return "handshake_failure";
-        case no_certificate:
-            return "no_certificate";
-        case bad_certificate:
-            return "bad_certificate";
-        case unsupported_certificate:
-            return "unsupported_certificate";
-        case certificate_revoked:
-            return "certificate_revoked";
-        case certificate_expired:
-            return "certificate_expired";
-        case certificate_unknown:
-            return "certificate_unknown";
-        case illegal_parameter:
-            return "illegal_parameter";
-        case unknown_ca:
-            return "unknown_ca";
-        case access_denied:
-            return "access_denied";
-        case decode_error:
-            return "decode_error";
-        case decrypt_error:
-            return "decrypt_error";
-        case export_restriction:
-            return "export_restriction";
-        case protocol_version:
-            return "protocol_version";
-        case insufficient_security:
-            return "insufficient_security";
-        case internal_error:
-            return "internal_error";
-        case user_canceled:
-            return "user_canceled";
-        case no_renegotiation:
-            return "no_renegotiation";
-        case unsupported_extension:
-            return "unsupported_extension";
-        case certificate_unobtainable:
-            return "certificate_unobtainable";
-        case unrecognized_name:
-            return "unrecognized_name";
-        case bad_certificate_status_response:
-            return "bad_certificate_status_response";
-        case bad_certificate_hash_value:
-            return "bad_certificate_hash_value";
-        case unknown_psk_identity:
-            return "unknown_psk_identity";
-        case inappropriate_fallback:
-            return "inappropriate_fallback";
-        default:
-            return "UNKNOWN";
-        }
-    }
-
-    public static String getText(short alertDescription)
-    {
-        return getName(alertDescription) + "(" + alertDescription + ")";
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/AlertLevel.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/AlertLevel.java
deleted file mode 100644
index cd46830..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/AlertLevel.java
+++ /dev/null

@@ -1,28 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/**
- * RFC 5246 7.2
- */
-public class AlertLevel
-{
-    public static final short warning = 1;
-    public static final short fatal = 2;
-
-    public static String getName(short alertDescription)
-    {
-        switch (alertDescription)
-        {
-        case warning:
-            return "warning";
-        case fatal:
-            return "fatal";
-        default:
-            return "UNKNOWN";
-        }
-    }
-
-    public static String getText(short alertDescription)
-    {
-        return getName(alertDescription) + "(" + alertDescription + ")";
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/BasicTlsPSKIdentity.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/BasicTlsPSKIdentity.java
deleted file mode 100644
index fa65d54..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/BasicTlsPSKIdentity.java
+++ /dev/null

@@ -1,42 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-
-public class BasicTlsPSKIdentity
-    implements TlsPSKIdentity
-{
-    protected byte[] identity;
-    protected byte[] psk;
-
-    public BasicTlsPSKIdentity(byte[] identity, byte[] psk)
-    {
-        this.identity = Arrays.clone(identity);
-        this.psk = Arrays.clone(psk);
-    }
-
-    public BasicTlsPSKIdentity(String identity, byte[] psk)
-    {
-        this.identity = Strings.toUTF8ByteArray(identity);
-        this.psk = Arrays.clone(psk);
-    }
-
-    public void skipIdentityHint()
-    {
-    }
-
-    public void notifyIdentityHint(byte[] psk_identity_hint)
-    {
-    }
-
-    public byte[] getPSKIdentity()
-    {
-        return identity;
-    }
-
-    public byte[] getPSK()
-    {
-        return psk;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/BulkCipherAlgorithm.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/BulkCipherAlgorithm.java
deleted file mode 100644
index 7f013b3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/BulkCipherAlgorithm.java
+++ /dev/null

@@ -1,23 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/**
- * RFC 2246
- * <p>
- * Note that the values here are implementation-specific and arbitrary. It is recommended not to
- * depend on the particular values (e.g. serialization).
- */
-public class BulkCipherAlgorithm
-{
-    public static final int _null = 0;
-    public static final int rc4 = 1;
-    public static final int rc2 = 2;
-    public static final int des = 3;
-    public static final int _3des = 4;
-    public static final int des40 = 5;
-
-    /*
-     * RFC 4346
-     */
-    public static final int aes = 6;
-    public static final int idea = 7;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ByteQueue.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/ByteQueue.java
deleted file mode 100644
index 2b18e60..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ByteQueue.java
+++ /dev/null

@@ -1,228 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-
-/**
- * A queue for bytes. This file could be more optimized.
- */
-public class ByteQueue
-{
-    /**
-     * @return The smallest number which can be written as 2^x which is bigger than i.
-     */
-    public static int nextTwoPow(int i)
-    {
-        /*
-         * This code is based of a lot of code I found on the Internet which mostly
-         * referenced a book called "Hacking delight".
-         */
-        i |= (i >> 1);
-        i |= (i >> 2);
-        i |= (i >> 4);
-        i |= (i >> 8);
-        i |= (i >> 16);
-        return i + 1;
-    }
-
-    /**
-     * The initial size for our buffer.
-     */
-    private static final int DEFAULT_CAPACITY = 1024;
-
-    /**
-     * The buffer where we store our data.
-     */
-    private byte[] databuf;
-
-    /**
-     * How many bytes at the beginning of the buffer are skipped.
-     */
-    private int skipped = 0;
-
-    /**
-     * How many bytes in the buffer are valid data.
-     */
-    private int available = 0;
-
-    private boolean readOnlyBuf = false;
-
-    public ByteQueue()
-    {
-        this(DEFAULT_CAPACITY);
-    }
-
-    public ByteQueue(int capacity)
-    {
-        databuf = capacity == 0 ? TlsUtils.EMPTY_BYTES : new byte[capacity];
-    }
-
-    public ByteQueue(byte[] buf, int off, int len)
-    {
-        this.databuf = buf;
-        this.skipped = off;
-        this.available = len;
-        this.readOnlyBuf = true;
-    }
-
-    /**
-     * Add some data to our buffer.
-     *
-     * @param buf A byte-array to read data from.
-     * @param off How many bytes to skip at the beginning of the array.
-     * @param len How many bytes to read from the array.
-     */
-    public void addData(byte[] buf, int off, int len)
-    {
-        if (readOnlyBuf)
-        {
-            throw new IllegalStateException("Cannot add data to read-only buffer");
-        }
-
-        if ((skipped + available + len) > databuf.length)
-        {
-            int desiredSize = ByteQueue.nextTwoPow(available + len);
-            if (desiredSize > databuf.length)
-            {
-                byte[] tmp = new byte[desiredSize];
-                System.arraycopy(databuf, skipped, tmp, 0, available);
-                databuf = tmp;
-            }
-            else
-            {
-                System.arraycopy(databuf, skipped, databuf, 0, available);
-            }
-            skipped = 0;
-        }
-
-        System.arraycopy(buf, off, databuf, skipped + available, len);
-        available += len;
-    }
-
-    /**
-     * @return The number of bytes which are available in this buffer.
-     */
-    public int available()
-    {
-        return available;
-    }
-
-    /**
-     * Copy some bytes from the beginning of the data to the provided {@link OutputStream}.
-     *
-     * @param output The {@link OutputStream} to copy the bytes to.
-     * @param length How many bytes to copy.
-     */
-    public void copyTo(OutputStream output, int length) throws IOException
-    {
-        if (length > available)
-        {
-            throw new IllegalStateException("Cannot copy " + length + " bytes, only got " + available);
-        }
-
-        output.write(databuf, skipped, length);
-    }
-
-    /**
-     * Read data from the buffer.
-     *
-     * @param buf    The buffer where the read data will be copied to.
-     * @param offset How many bytes to skip at the beginning of buf.
-     * @param len    How many bytes to read at all.
-     * @param skip   How many bytes from our data to skip.
-     */
-    public void read(byte[] buf, int offset, int len, int skip)
-    {
-        if ((buf.length - offset) < len)
-        {
-            throw new IllegalArgumentException("Buffer size of " + buf.length
-                + " is too small for a read of " + len + " bytes");
-        }
-        if ((available - skip) < len)
-        {
-            throw new IllegalStateException("Not enough data to read");
-        }
-        System.arraycopy(databuf, skipped + skip, buf, offset, len);
-    }
-
-    /**
-     * Return a {@link ByteArrayInputStream} over some bytes at the beginning of the data.
-     * @param length How many bytes will be readable.
-     * @return A {@link ByteArrayInputStream} over the data.
-     */
-    public ByteArrayInputStream readFrom(int length)
-    {
-        if (length > available)
-        {
-            throw new IllegalStateException("Cannot read " + length + " bytes, only got " + available);
-        }
-
-        int position = skipped;
-
-        available -= length;
-        skipped += length;
-
-        return new ByteArrayInputStream(databuf, position, length);
-    }
-
-    /**
-     * Remove some bytes from our data from the beginning.
-     *
-     * @param i How many bytes to remove.
-     */
-    public void removeData(int i)
-    {
-        if (i > available)
-        {
-            throw new IllegalStateException("Cannot remove " + i + " bytes, only got " + available);
-        }
-
-        /*
-         * Skip the data.
-         */
-        available -= i;
-        skipped += i;
-    }
-
-    /**
-     * Remove data from the buffer.
-     *
-     * @param buf The buffer where the removed data will be copied to.
-     * @param off How many bytes to skip at the beginning of buf.
-     * @param len How many bytes to read at all.
-     * @param skip How many bytes from our data to skip.
-     */
-    public void removeData(byte[] buf, int off, int len, int skip)
-    {
-        read(buf, off, len, skip);
-        removeData(skip + len);
-    }
-
-    public byte[] removeData(int len, int skip)
-    {
-        byte[] buf = new byte[len];
-        removeData(buf, 0, len, skip);
-        return buf;
-    }
-
-    public void shrink()
-    {
-        if (available == 0)
-        {
-            databuf = TlsUtils.EMPTY_BYTES;
-            skipped = 0;
-        }
-        else
-        {
-            int desiredSize = ByteQueue.nextTwoPow(available);
-            if (desiredSize < databuf.length)
-            {
-                byte[] tmp = new byte[desiredSize];
-                System.arraycopy(databuf, skipped, tmp, 0, available);
-                databuf = tmp;
-                skipped = 0;
-            }
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ByteQueueInputStream.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/ByteQueueInputStream.java
deleted file mode 100644
index 34bb035..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ByteQueueInputStream.java
+++ /dev/null

@@ -1,63 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.InputStream;
-
-public class ByteQueueInputStream
-    extends InputStream
-{
-    private ByteQueue buffer;
-
-    public ByteQueueInputStream()
-    {
-        buffer = new ByteQueue();
-    }
-
-    public void addBytes(byte[] bytes)
-    {
-        buffer.addData(bytes, 0, bytes.length);
-    }
-
-    public int peek(byte[] buf)
-    {
-        int bytesToRead = Math.min(buffer.available(), buf.length);
-        buffer.read(buf, 0, bytesToRead, 0);
-        return bytesToRead;
-    }
-
-    public int read()
-    {
-        if (buffer.available() == 0)
-        {
-            return -1;
-        }
-        return buffer.removeData(1, 0)[0] & 0xFF;
-    }
-
-    public int read(byte[] b)
-    {
-        return read(b, 0, b.length);
-    }
-
-    public int read(byte[] b, int off, int len)
-    {
-        int bytesToRead = Math.min(buffer.available(), len);
-        buffer.removeData(b, off, bytesToRead, 0);
-        return bytesToRead;
-    }
-
-    public long skip(long n)
-    {
-        int bytesToRemove = Math.min((int)n, buffer.available());
-        buffer.removeData(bytesToRemove);
-        return bytesToRemove;
-    }
-
-    public int available()
-    {
-        return buffer.available();
-    }
-
-    public void close()
-    {
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ByteQueueOutputStream.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/ByteQueueOutputStream.java
deleted file mode 100644
index 0624ddf..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ByteQueueOutputStream.java
+++ /dev/null

@@ -1,30 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-import java.io.OutputStream;
-
-public class ByteQueueOutputStream
-    extends OutputStream
-{
-    private ByteQueue buffer;
-
-    public ByteQueueOutputStream()
-    {
-        buffer = new ByteQueue();
-    }
-
-    public ByteQueue getBuffer()
-    {
-        return buffer;
-    }
-
-    public void write(int b) throws IOException
-    {
-        buffer.addData(new byte[]{ (byte)b }, 0, 1);
-    }
-
-    public void write(byte[] b, int off, int len) throws IOException
-    {
-        buffer.addData(b, off, len);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/CertChainType.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/CertChainType.java
deleted file mode 100644
index 8902ed7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/CertChainType.java
+++ /dev/null

@@ -1,15 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/*
- * RFC 3546 3.3.
- */
-public class CertChainType
-{
-    public static final short individual_certs = 0;
-    public static final short pkipath = 1;
-
-    public static boolean isValid(short certChainType)
-    {
-        return certChainType >= individual_certs && certChainType <= pkipath;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/Certificate.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/Certificate.java
deleted file mode 100644
index e88de6a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/Certificate.java
+++ /dev/null

@@ -1,140 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.util.Vector;
-
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1Primitive;
-
-/**
- * Parsing and encoding of a <i>Certificate</i> struct from RFC 4346.
- * <pre>
- * opaque ASN.1Cert&lt;2^24-1&gt;;
- *
- * struct {
- *     ASN.1Cert certificate_list&lt;0..2^24-1&gt;;
- * } Certificate;
- * </pre>
- *
- * @see org.bouncycastle.asn1.x509.Certificate
- */
-public class Certificate
-{
-    public static final Certificate EMPTY_CHAIN = new Certificate(
-        new org.bouncycastle.asn1.x509.Certificate[0]);
-
-    protected org.bouncycastle.asn1.x509.Certificate[] certificateList;
-
-    public Certificate(org.bouncycastle.asn1.x509.Certificate[] certificateList)
-    {
-        if (certificateList == null)
-        {
-            throw new IllegalArgumentException("'certificateList' cannot be null");
-        }
-
-        this.certificateList = certificateList;
-    }
-
-    /**
-     * @return an array of {@link org.bouncycastle.asn1.x509.Certificate} representing a certificate
-     *         chain.
-     */
-    public org.bouncycastle.asn1.x509.Certificate[] getCertificateList()
-    {
-        return cloneCertificateList();
-    }
-
-    public org.bouncycastle.asn1.x509.Certificate getCertificateAt(int index)
-    {
-        return certificateList[index];
-    }
-
-    public int getLength()
-    {
-        return certificateList.length;
-    }
-
-    /**
-     * @return <code>true</code> if this certificate chain contains no certificates, or
-     *         <code>false</code> otherwise.
-     */
-    public boolean isEmpty()
-    {
-        return certificateList.length == 0;
-    }
-
-    /**
-     * Encode this {@link Certificate} to an {@link OutputStream}.
-     *
-     * @param output the {@link OutputStream} to encode to.
-     * @throws IOException
-     */
-    public void encode(OutputStream output)
-        throws IOException
-    {
-        Vector derEncodings = new Vector(this.certificateList.length);
-
-        int totalLength = 0;
-        for (int i = 0; i < this.certificateList.length; ++i)
-        {
-            byte[] derEncoding = certificateList[i].getEncoded(ASN1Encoding.DER);
-            derEncodings.addElement(derEncoding);
-            totalLength += derEncoding.length + 3;
-        }
-
-        TlsUtils.checkUint24(totalLength);
-        TlsUtils.writeUint24(totalLength, output);
-
-        for (int i = 0; i < derEncodings.size(); ++i)
-        {
-            byte[] derEncoding = (byte[])derEncodings.elementAt(i);
-            TlsUtils.writeOpaque24(derEncoding, output);
-        }
-    }
-
-    /**
-     * Parse a {@link Certificate} from an {@link InputStream}.
-     *
-     * @param input the {@link InputStream} to parse from.
-     * @return a {@link Certificate} object.
-     * @throws IOException
-     */
-    public static Certificate parse(InputStream input)
-        throws IOException
-    {
-        int totalLength = TlsUtils.readUint24(input);
-        if (totalLength == 0)
-        {
-            return EMPTY_CHAIN;
-        }
-
-        byte[] certListData = TlsUtils.readFully(totalLength, input);
-
-        ByteArrayInputStream buf = new ByteArrayInputStream(certListData);
-
-        Vector certificate_list = new Vector();
-        while (buf.available() > 0)
-        {
-            byte[] berEncoding = TlsUtils.readOpaque24(buf);
-            ASN1Primitive asn1Cert = TlsUtils.readASN1Object(berEncoding);
-            certificate_list.addElement(org.bouncycastle.asn1.x509.Certificate.getInstance(asn1Cert));
-        }
-
-        org.bouncycastle.asn1.x509.Certificate[] certificateList = new org.bouncycastle.asn1.x509.Certificate[certificate_list.size()];
-        for (int i = 0; i < certificate_list.size(); i++)
-        {
-            certificateList[i] = (org.bouncycastle.asn1.x509.Certificate)certificate_list.elementAt(i);
-        }
-        return new Certificate(certificateList);
-    }
-
-    protected org.bouncycastle.asn1.x509.Certificate[] cloneCertificateList()
-    {
-        org.bouncycastle.asn1.x509.Certificate[] result = new org.bouncycastle.asn1.x509.Certificate[certificateList.length];
-        System.arraycopy(certificateList, 0, result, 0, result.length);
-        return result;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/CertificateRequest.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/CertificateRequest.java
deleted file mode 100644
index 68e051e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/CertificateRequest.java
+++ /dev/null

@@ -1,158 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.util.Vector;
-
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.x500.X500Name;
-
-/**
- * Parsing and encoding of a <i>CertificateRequest</i> struct from RFC 4346.
- * <pre>
- * struct {
- *     ClientCertificateType certificate_types&lt;1..2^8-1&gt;;
- *     DistinguishedName certificate_authorities&lt;3..2^16-1&gt;;
- * } CertificateRequest;
- * </pre>
- *
- * @see ClientCertificateType
- * @see X500Name
- */
-public class CertificateRequest
-{
-    protected short[] certificateTypes;
-    protected Vector supportedSignatureAlgorithms;
-    protected Vector certificateAuthorities;
-
-    /**
-     * @param certificateTypes       see {@link ClientCertificateType} for valid constants.
-     * @param certificateAuthorities a {@link Vector} of {@link X500Name}.
-     */
-    public CertificateRequest(short[] certificateTypes, Vector supportedSignatureAlgorithms, Vector certificateAuthorities)
-    {
-        this.certificateTypes = certificateTypes;
-        this.supportedSignatureAlgorithms = supportedSignatureAlgorithms;
-        this.certificateAuthorities = certificateAuthorities;
-    }
-
-    /**
-     * @return an array of certificate types
-     * @see ClientCertificateType
-     */
-    public short[] getCertificateTypes()
-    {
-        return certificateTypes;
-    }
-
-    /**
-     * @return a {@link Vector} of {@link SignatureAndHashAlgorithm} (or null before TLS 1.2).
-     */
-    public Vector getSupportedSignatureAlgorithms()
-    {
-        return supportedSignatureAlgorithms;
-    }
-
-    /**
-     * @return a {@link Vector} of {@link X500Name}
-     */
-    public Vector getCertificateAuthorities()
-    {
-        return certificateAuthorities;
-    }
-
-    /**
-     * Encode this {@link CertificateRequest} to an {@link OutputStream}.
-     *
-     * @param output the {@link OutputStream} to encode to.
-     * @throws IOException
-     */
-    public void encode(OutputStream output)
-        throws IOException
-    {
-        if (certificateTypes == null || certificateTypes.length == 0)
-        {
-            TlsUtils.writeUint8(0, output);
-        }
-        else
-        {
-            TlsUtils.writeUint8ArrayWithUint8Length(certificateTypes, output);
-        }
-
-        if (supportedSignatureAlgorithms != null)
-        {
-            // TODO Check whether SignatureAlgorithm.anonymous is allowed here
-            TlsUtils.encodeSupportedSignatureAlgorithms(supportedSignatureAlgorithms, false, output);
-        }
-
-        if (certificateAuthorities == null || certificateAuthorities.isEmpty())
-        {
-            TlsUtils.writeUint16(0, output);
-        }
-        else
-        {
-            Vector derEncodings = new Vector(certificateAuthorities.size());
-
-            int totalLength = 0;
-            for (int i = 0; i < certificateAuthorities.size(); ++i)
-            {
-                X500Name certificateAuthority = (X500Name)certificateAuthorities.elementAt(i);
-                byte[] derEncoding = certificateAuthority.getEncoded(ASN1Encoding.DER);
-                derEncodings.addElement(derEncoding);
-                totalLength += derEncoding.length + 2;
-            }
-
-            TlsUtils.checkUint16(totalLength);
-            TlsUtils.writeUint16(totalLength, output);
-
-            for (int i = 0; i < derEncodings.size(); ++i)
-            {
-                byte[] derEncoding = (byte[])derEncodings.elementAt(i);
-                TlsUtils.writeOpaque16(derEncoding, output);
-            }
-        }
-    }
-
-    /**
-     * Parse a {@link CertificateRequest} from an {@link InputStream}.
-     * 
-     * @param context
-     *            the {@link TlsContext} of the current connection.
-     * @param input
-     *            the {@link InputStream} to parse from.
-     * @return a {@link CertificateRequest} object.
-     * @throws IOException
-     */
-    public static CertificateRequest parse(TlsContext context, InputStream input)
-        throws IOException
-    {
-        int numTypes = TlsUtils.readUint8(input);
-        short[] certificateTypes = new short[numTypes];
-        for (int i = 0; i < numTypes; ++i)
-        {
-            certificateTypes[i] = TlsUtils.readUint8(input);
-        }
-
-        Vector supportedSignatureAlgorithms = null;
-        if (TlsUtils.isTLSv12(context))
-        {
-            // TODO Check whether SignatureAlgorithm.anonymous is allowed here
-            supportedSignatureAlgorithms = TlsUtils.parseSupportedSignatureAlgorithms(false, input);
-        }
-
-        Vector certificateAuthorities = new Vector();
-        byte[] certAuthData = TlsUtils.readOpaque16(input);
-        ByteArrayInputStream bis = new ByteArrayInputStream(certAuthData);
-        while (bis.available() > 0)
-        {
-            byte[] derEncoding = TlsUtils.readOpaque16(bis);
-            ASN1Primitive asn1 = TlsUtils.readDERObject(derEncoding);
-            certificateAuthorities.addElement(X500Name.getInstance(asn1));
-        }
-
-        return new CertificateRequest(certificateTypes, supportedSignatureAlgorithms, certificateAuthorities);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/CertificateStatus.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/CertificateStatus.java
deleted file mode 100644
index 7db6ee3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/CertificateStatus.java
+++ /dev/null

@@ -1,105 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ocsp.OCSPResponse;
-
-public class CertificateStatus
-{
-    protected short statusType;
-    protected Object response;
-
-    public CertificateStatus(short statusType, Object response)
-    {
-        if (!isCorrectType(statusType, response))
-        {
-            throw new IllegalArgumentException("'response' is not an instance of the correct type");
-        }
-        
-        this.statusType = statusType;
-        this.response = response;
-    }
-
-    public short getStatusType()
-    {
-        return statusType;
-    }
-
-    public Object getResponse()
-    {
-        return response;
-    }
-
-    public OCSPResponse getOCSPResponse()
-    {
-        if (!isCorrectType(CertificateStatusType.ocsp, response))
-        {
-            throw new IllegalStateException("'response' is not an OCSPResponse");
-        }
-        return (OCSPResponse)response;
-    }
-
-    /**
-     * Encode this {@link CertificateStatus} to an {@link OutputStream}.
-     * 
-     * @param output
-     *            the {@link OutputStream} to encode to.
-     * @throws IOException
-     */
-    public void encode(OutputStream output) throws IOException
-    {
-        TlsUtils.writeUint8(statusType, output);
-
-        switch (statusType)
-        {
-        case CertificateStatusType.ocsp:
-            byte[] derEncoding = ((OCSPResponse) response).getEncoded(ASN1Encoding.DER);
-            TlsUtils.writeOpaque24(derEncoding, output);
-            break;
-        default:
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    /**
-     * Parse a {@link CertificateStatus} from an {@link InputStream}.
-     * 
-     * @param input
-     *            the {@link InputStream} to parse from.
-     * @return a {@link CertificateStatus} object.
-     * @throws IOException
-     */
-    public static CertificateStatus parse(InputStream input) throws IOException
-    {
-        short status_type = TlsUtils.readUint8(input);
-        Object response;
-
-        switch (status_type)
-        {
-        case CertificateStatusType.ocsp:
-        {
-            byte[] derEncoding = TlsUtils.readOpaque24(input);
-            response = OCSPResponse.getInstance(TlsUtils.readDERObject(derEncoding));
-            break;
-        }
-        default:
-            throw new TlsFatalAlert(AlertDescription.decode_error);
-        }
-
-        return new CertificateStatus(status_type, response);
-    }
-
-    protected static boolean isCorrectType(short statusType, Object response)
-    {
-        switch (statusType)
-        {
-        case CertificateStatusType.ocsp:
-            return response instanceof OCSPResponse;
-        default:
-            throw new IllegalArgumentException("'statusType' is an unsupported CertificateStatusType");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/CertificateStatusRequest.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/CertificateStatusRequest.java
deleted file mode 100644
index 929348b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/CertificateStatusRequest.java
+++ /dev/null

@@ -1,98 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-
-public class CertificateStatusRequest
-{
-    protected short statusType;
-    protected Object request;
-
-    public CertificateStatusRequest(short statusType, Object request)
-    {
-        if (!isCorrectType(statusType, request))
-        {
-            throw new IllegalArgumentException("'request' is not an instance of the correct type");
-        }
-        
-        this.statusType = statusType;
-        this.request = request;
-    }
-
-    public short getStatusType()
-    {
-        return statusType;
-    }
-
-    public Object getRequest()
-    {
-        return request;
-    }
-
-    public OCSPStatusRequest getOCSPStatusRequest()
-    {
-        if (!isCorrectType(CertificateStatusType.ocsp, request))
-        {
-            throw new IllegalStateException("'request' is not an OCSPStatusRequest");
-        }
-        return (OCSPStatusRequest)request;
-    }
-
-    /**
-     * Encode this {@link CertificateStatusRequest} to an {@link OutputStream}.
-     * 
-     * @param output
-     *            the {@link OutputStream} to encode to.
-     * @throws IOException
-     */
-    public void encode(OutputStream output) throws IOException
-    {
-        TlsUtils.writeUint8(statusType, output);
-
-        switch (statusType)
-        {
-        case CertificateStatusType.ocsp:
-            ((OCSPStatusRequest) request).encode(output);
-            break;
-        default:
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    /**
-     * Parse a {@link CertificateStatusRequest} from an {@link InputStream}.
-     * 
-     * @param input
-     *            the {@link InputStream} to parse from.
-     * @return a {@link CertificateStatusRequest} object.
-     * @throws IOException
-     */
-    public static CertificateStatusRequest parse(InputStream input) throws IOException
-    {
-        short status_type = TlsUtils.readUint8(input);
-        Object result;
-
-        switch (status_type)
-        {
-        case CertificateStatusType.ocsp:
-            result = OCSPStatusRequest.parse(input);
-            break;
-        default:
-            throw new TlsFatalAlert(AlertDescription.decode_error);
-        }
-
-        return new CertificateStatusRequest(status_type, result);
-    }
-
-    protected static boolean isCorrectType(short statusType, Object request)
-    {
-        switch (statusType)
-        {
-        case CertificateStatusType.ocsp:
-            return request instanceof OCSPStatusRequest;
-        default:
-            throw new IllegalArgumentException("'statusType' is an unsupported CertificateStatusType");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/CertificateStatusType.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/CertificateStatusType.java
deleted file mode 100644
index bfe8298..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/CertificateStatusType.java
+++ /dev/null

@@ -1,9 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-public class CertificateStatusType
-{
-    /*
-     *  RFC 3546 3.6
-     */
-    public static final short ocsp = 1;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/CertificateURL.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/CertificateURL.java
deleted file mode 100644
index aab8908..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/CertificateURL.java
+++ /dev/null

@@ -1,133 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.util.Vector;
-
-/*
- * RFC 3546 3.3
- */
-public class CertificateURL
-{
-    protected short type;
-    protected Vector urlAndHashList;
-
-    /**
-     * @param type
-     *            see {@link CertChainType} for valid constants.
-     * @param urlAndHashList
-     *            a {@link Vector} of {@link URLAndHash}.
-     */
-    public CertificateURL(short type, Vector urlAndHashList)
-    {
-        if (!CertChainType.isValid(type))
-        {
-            throw new IllegalArgumentException("'type' is not a valid CertChainType value");
-        }
-        if (urlAndHashList == null || urlAndHashList.isEmpty())
-        {
-            throw new IllegalArgumentException("'urlAndHashList' must have length > 0");
-        }
-
-        this.type = type;
-        this.urlAndHashList = urlAndHashList;
-    }
-
-    /**
-     * @return {@link CertChainType}
-     */
-    public short getType()
-    {
-        return type;
-    }
-
-    /**
-     * @return a {@link Vector} of {@link URLAndHash} 
-     */
-    public Vector getURLAndHashList()
-    {
-        return urlAndHashList;
-    }
-
-    /**
-     * Encode this {@link CertificateURL} to an {@link OutputStream}.
-     *
-     * @param output the {@link OutputStream} to encode to.
-     * @throws IOException
-     */
-    public void encode(OutputStream output)
-        throws IOException
-    {
-        TlsUtils.writeUint8(this.type, output);
-
-        ListBuffer16 buf = new ListBuffer16();
-        for (int i = 0; i < this.urlAndHashList.size(); ++i)
-        {
-            URLAndHash urlAndHash = (URLAndHash)this.urlAndHashList.elementAt(i);
-            urlAndHash.encode(buf);
-        }
-        buf.encodeTo(output);
-    }
-
-    /**
-     * Parse a {@link CertificateURL} from an {@link InputStream}.
-     * 
-     * @param context
-     *            the {@link TlsContext} of the current connection.
-     * @param input
-     *            the {@link InputStream} to parse from.
-     * @return a {@link CertificateURL} object.
-     * @throws IOException
-     */
-    public static CertificateURL parse(TlsContext context, InputStream input)
-        throws IOException
-    {
-        short type = TlsUtils.readUint8(input);
-        if (!CertChainType.isValid(type))
-        {
-            throw new TlsFatalAlert(AlertDescription.decode_error);
-        }
-
-        int totalLength = TlsUtils.readUint16(input);
-        if (totalLength < 1)
-        {
-            throw new TlsFatalAlert(AlertDescription.decode_error);
-        }
-
-        byte[] urlAndHashListData = TlsUtils.readFully(totalLength, input);
-
-        ByteArrayInputStream buf = new ByteArrayInputStream(urlAndHashListData);
-
-        Vector url_and_hash_list = new Vector();
-        while (buf.available() > 0)
-        {
-            URLAndHash url_and_hash = URLAndHash.parse(context, buf);
-            url_and_hash_list.addElement(url_and_hash);
-        }
-
-        return new CertificateURL(type, url_and_hash_list);
-    }
-
-    // TODO Could be more generally useful
-    class ListBuffer16 extends ByteArrayOutputStream
-    {
-        ListBuffer16() throws IOException
-        {
-            // Reserve space for length
-            TlsUtils.writeUint16(0,  this);
-        }
-
-        void encodeTo(OutputStream output) throws IOException
-        {
-            // Patch actual length back in
-            int length = count - 2;
-            TlsUtils.checkUint16(length);
-            TlsUtils.writeUint16(length, buf, 0);
-            output.write(buf, 0, count);
-            buf = null;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/Chacha20Poly1305.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/Chacha20Poly1305.java
deleted file mode 100644
index ad07355..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/Chacha20Poly1305.java
+++ /dev/null

@@ -1,203 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.StreamCipher;
-import org.bouncycastle.crypto.engines.ChaCha7539Engine;
-import org.bouncycastle.crypto.macs.Poly1305;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Pack;
-
-/**
- * draft-ietf-tls-chacha20-poly1305-04
- */
-public class Chacha20Poly1305 implements TlsCipher
-{
-    private static final byte[] ZEROES = new byte[15];
-
-    protected TlsContext context;
-
-    protected ChaCha7539Engine encryptCipher, decryptCipher;
-    protected byte[] encryptIV, decryptIV;
-
-    public Chacha20Poly1305(TlsContext context) throws IOException
-    {
-        if (!TlsUtils.isTLSv12(context))
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        this.context = context;
-
-        int cipherKeySize = 32;
-        // TODO SecurityParameters.fixed_iv_length
-        int fixed_iv_length = 12;
-        // TODO SecurityParameters.record_iv_length = 0
-
-        int key_block_size = (2 * cipherKeySize) + (2 * fixed_iv_length);
-
-        byte[] key_block = TlsUtils.calculateKeyBlock(context, key_block_size);
-
-        int offset = 0;
-
-        KeyParameter client_write_key = new KeyParameter(key_block, offset, cipherKeySize);
-        offset += cipherKeySize;
-        KeyParameter server_write_key = new KeyParameter(key_block, offset, cipherKeySize);
-        offset += cipherKeySize;
-        byte[] client_write_IV = Arrays.copyOfRange(key_block, offset, offset + fixed_iv_length);
-        offset += fixed_iv_length;
-        byte[] server_write_IV = Arrays.copyOfRange(key_block, offset, offset + fixed_iv_length);
-        offset += fixed_iv_length;
-
-        if (offset != key_block_size)
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        this.encryptCipher = new ChaCha7539Engine();
-        this.decryptCipher = new ChaCha7539Engine();
-
-        KeyParameter encryptKey, decryptKey;
-        if (context.isServer())
-        {
-            encryptKey = server_write_key;
-            decryptKey = client_write_key;
-            this.encryptIV = server_write_IV;
-            this.decryptIV = client_write_IV;
-        }
-        else
-        {
-            encryptKey = client_write_key;
-            decryptKey = server_write_key;
-            this.encryptIV = client_write_IV;
-            this.decryptIV = server_write_IV;
-        }
-
-        this.encryptCipher.init(true, new ParametersWithIV(encryptKey, encryptIV));
-        this.decryptCipher.init(false, new ParametersWithIV(decryptKey, decryptIV));
-    }
-
-    public int getPlaintextLimit(int ciphertextLimit)
-    {
-        return ciphertextLimit - 16;
-    }
-
-    public byte[] encodePlaintext(long seqNo, short type, byte[] plaintext, int offset, int len) throws IOException
-    {
-        KeyParameter macKey = initRecord(encryptCipher, true, seqNo, encryptIV);
-
-        byte[] output = new byte[len + 16];
-        encryptCipher.processBytes(plaintext, offset, len, output, 0);
-
-        byte[] additionalData = getAdditionalData(seqNo, type, len);
-        byte[] mac = calculateRecordMAC(macKey, additionalData, output, 0, len);
-        System.arraycopy(mac, 0, output, len, mac.length);
-
-        return output;
-    }
-
-    public byte[] decodeCiphertext(long seqNo, short type, byte[] ciphertext, int offset, int len) throws IOException
-    {
-        if (getPlaintextLimit(len) < 0)
-        {
-            throw new TlsFatalAlert(AlertDescription.decode_error);
-        }
-
-        KeyParameter macKey = initRecord(decryptCipher, false, seqNo, decryptIV);
-
-        int plaintextLength = len - 16;
-
-        byte[] additionalData = getAdditionalData(seqNo, type, plaintextLength);
-        byte[] calculatedMAC = calculateRecordMAC(macKey, additionalData, ciphertext, offset, plaintextLength);
-        byte[] receivedMAC = Arrays.copyOfRange(ciphertext, offset + plaintextLength, offset + len);
-
-        if (!Arrays.constantTimeAreEqual(calculatedMAC, receivedMAC))
-        {
-            throw new TlsFatalAlert(AlertDescription.bad_record_mac);
-        }
-
-        byte[] output = new byte[plaintextLength];
-        decryptCipher.processBytes(ciphertext, offset, plaintextLength, output, 0);
-        return output;
-    }
-
-    protected KeyParameter initRecord(StreamCipher cipher, boolean forEncryption, long seqNo, byte[] iv)
-    {
-        byte[] nonce = calculateNonce(seqNo, iv);
-        cipher.init(forEncryption, new ParametersWithIV(null, nonce));
-        return generateRecordMACKey(cipher);
-    }
-
-    protected byte[] calculateNonce(long seqNo, byte[] iv)
-    {
-        byte[] nonce = new byte[12];
-        TlsUtils.writeUint64(seqNo, nonce, 4);
-
-        for (int i = 0; i < 12; ++i)
-        {
-            nonce[i] ^= iv[i];
-        }
-
-        return nonce;
-    }
-
-    protected KeyParameter generateRecordMACKey(StreamCipher cipher)
-    {
-        byte[] firstBlock = new byte[64];
-        cipher.processBytes(firstBlock, 0, firstBlock.length, firstBlock, 0);
-
-        KeyParameter macKey = new KeyParameter(firstBlock, 0, 32);
-        Arrays.fill(firstBlock, (byte)0);
-        return macKey;
-    }
-
-    protected byte[] calculateRecordMAC(KeyParameter macKey, byte[] additionalData, byte[] buf, int off, int len)
-    {
-        Mac mac = new Poly1305();
-        mac.init(macKey);
-
-        updateRecordMACText(mac, additionalData, 0, additionalData.length);
-        updateRecordMACText(mac, buf, off, len);
-        updateRecordMACLength(mac, additionalData.length);
-        updateRecordMACLength(mac, len);
-
-        byte[] output = new byte[mac.getMacSize()];
-        mac.doFinal(output, 0);
-        return output;
-    }
-
-    protected void updateRecordMACLength(Mac mac, int len)
-    {
-        byte[] longLen = Pack.longToLittleEndian(len & 0xFFFFFFFFL);
-        mac.update(longLen, 0, longLen.length);
-    }
-
-    protected void updateRecordMACText(Mac mac, byte[] buf, int off, int len)
-    {
-        mac.update(buf, off, len);
-
-        int partial = len % 16;
-        if (partial != 0)
-        {
-            mac.update(ZEROES, 0, 16 - partial);
-        }
-    }
-
-    protected byte[] getAdditionalData(long seqNo, short type, int len) throws IOException
-    {
-        /*
-         * additional_data = seq_num + TLSCompressed.type + TLSCompressed.version +
-         * TLSCompressed.length
-         */
-        byte[] additional_data = new byte[13];
-        TlsUtils.writeUint64(seqNo, additional_data, 0);
-        TlsUtils.writeUint8(type, additional_data, 8);
-        TlsUtils.writeVersion(context.getServerVersion(), additional_data, 9);
-        TlsUtils.writeUint16(len, additional_data, 11);
-
-        return additional_data;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ChangeCipherSpec.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/ChangeCipherSpec.java
deleted file mode 100644
index a858ded..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ChangeCipherSpec.java
+++ /dev/null

@@ -1,6 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-public class ChangeCipherSpec
-{
-    public static final short change_cipher_spec = 1;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/CipherSuite.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/CipherSuite.java
deleted file mode 100644
index 7a9cb65..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/CipherSuite.java
+++ /dev/null

@@ -1,376 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/**
- * RFC 2246 A.5
- */
-public class CipherSuite
-{
-    public static final int TLS_NULL_WITH_NULL_NULL = 0x0000;
-    public static final int TLS_RSA_WITH_NULL_MD5 = 0x0001;
-    public static final int TLS_RSA_WITH_NULL_SHA = 0x0002;
-    public static final int TLS_RSA_EXPORT_WITH_RC4_40_MD5 = 0x0003;
-    public static final int TLS_RSA_WITH_RC4_128_MD5 = 0x0004;
-    public static final int TLS_RSA_WITH_RC4_128_SHA = 0x0005;
-    public static final int TLS_RSA_EXPORT_WITH_RC2_CBC_40_MD5 = 0x0006;
-    public static final int TLS_RSA_WITH_IDEA_CBC_SHA = 0x0007;
-    public static final int TLS_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0008;
-    public static final int TLS_RSA_WITH_DES_CBC_SHA = 0x0009;
-    public static final int TLS_RSA_WITH_3DES_EDE_CBC_SHA = 0x000A;
-    public static final int TLS_DH_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x000B;
-    public static final int TLS_DH_DSS_WITH_DES_CBC_SHA = 0x000C;
-    public static final int TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA = 0x000D;
-    public static final int TLS_DH_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x000E;
-    public static final int TLS_DH_RSA_WITH_DES_CBC_SHA = 0x000F;
-    public static final int TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA = 0x0010;
-    public static final int TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA = 0x0011;
-    public static final int TLS_DHE_DSS_WITH_DES_CBC_SHA = 0x0012;
-    public static final int TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA = 0x0013;
-    public static final int TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA = 0x0014;
-    public static final int TLS_DHE_RSA_WITH_DES_CBC_SHA = 0x0015;
-    public static final int TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA = 0x0016;
-    public static final int TLS_DH_anon_EXPORT_WITH_RC4_40_MD5 = 0x0017;
-    public static final int TLS_DH_anon_WITH_RC4_128_MD5 = 0x0018;
-    public static final int TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA = 0x0019;
-    public static final int TLS_DH_anon_WITH_DES_CBC_SHA = 0x001A;
-    public static final int TLS_DH_anon_WITH_3DES_EDE_CBC_SHA = 0x001B;
-
-    /*
-     * Note: The cipher suite values { 0x00, 0x1C } and { 0x00, 0x1D } are reserved to avoid
-     * collision with Fortezza-based cipher suites in SSL 3.
-     */
-
-    /*
-     * RFC 3268
-     */
-    public static final int TLS_RSA_WITH_AES_128_CBC_SHA = 0x002F;
-    public static final int TLS_DH_DSS_WITH_AES_128_CBC_SHA = 0x0030;
-    public static final int TLS_DH_RSA_WITH_AES_128_CBC_SHA = 0x0031;
-    public static final int TLS_DHE_DSS_WITH_AES_128_CBC_SHA = 0x0032;
-    public static final int TLS_DHE_RSA_WITH_AES_128_CBC_SHA = 0x0033;
-    public static final int TLS_DH_anon_WITH_AES_128_CBC_SHA = 0x0034;
-    public static final int TLS_RSA_WITH_AES_256_CBC_SHA = 0x0035;
-    public static final int TLS_DH_DSS_WITH_AES_256_CBC_SHA = 0x0036;
-    public static final int TLS_DH_RSA_WITH_AES_256_CBC_SHA = 0x0037;
-    public static final int TLS_DHE_DSS_WITH_AES_256_CBC_SHA = 0x0038;
-    public static final int TLS_DHE_RSA_WITH_AES_256_CBC_SHA = 0x0039;
-    public static final int TLS_DH_anon_WITH_AES_256_CBC_SHA = 0x003A;
-
-    /*
-     * RFC 5932
-     */
-    public static final int TLS_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0041;
-    public static final int TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA = 0x0042;
-    public static final int TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0043;
-    public static final int TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA = 0x0044;
-    public static final int TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA = 0x0045;
-    public static final int TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA = 0x0046;
-
-    public static final int TLS_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0084;
-    public static final int TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA = 0x0085;
-    public static final int TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0086;
-    public static final int TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA = 0x0087;
-    public static final int TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA = 0x0088;
-    public static final int TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA = 0x0089;
-
-    public static final int TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BA;
-    public static final int TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BB;
-    public static final int TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BC;
-    public static final int TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BD;
-    public static final int TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BE;
-    public static final int TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256 = 0x00BF;
-
-    public static final int TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C0;
-    public static final int TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C1;
-    public static final int TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C2;
-    public static final int TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C3;
-    public static final int TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C4;
-    public static final int TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256 = 0x00C5;
-
-    /*
-     * RFC 4162
-     */
-    public static final int TLS_RSA_WITH_SEED_CBC_SHA = 0x0096;
-    public static final int TLS_DH_DSS_WITH_SEED_CBC_SHA = 0x0097;
-    public static final int TLS_DH_RSA_WITH_SEED_CBC_SHA = 0x0098;
-    public static final int TLS_DHE_DSS_WITH_SEED_CBC_SHA = 0x0099;
-    public static final int TLS_DHE_RSA_WITH_SEED_CBC_SHA = 0x009A;
-    public static final int TLS_DH_anon_WITH_SEED_CBC_SHA = 0x009B;
-
-    /*
-     * RFC 4279
-     */
-    public static final int TLS_PSK_WITH_RC4_128_SHA = 0x008A;
-    public static final int TLS_PSK_WITH_3DES_EDE_CBC_SHA = 0x008B;
-    public static final int TLS_PSK_WITH_AES_128_CBC_SHA = 0x008C;
-    public static final int TLS_PSK_WITH_AES_256_CBC_SHA = 0x008D;
-    public static final int TLS_DHE_PSK_WITH_RC4_128_SHA = 0x008E;
-    public static final int TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA = 0x008F;
-    public static final int TLS_DHE_PSK_WITH_AES_128_CBC_SHA = 0x0090;
-    public static final int TLS_DHE_PSK_WITH_AES_256_CBC_SHA = 0x0091;
-    public static final int TLS_RSA_PSK_WITH_RC4_128_SHA = 0x0092;
-    public static final int TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA = 0x0093;
-    public static final int TLS_RSA_PSK_WITH_AES_128_CBC_SHA = 0x0094;
-    public static final int TLS_RSA_PSK_WITH_AES_256_CBC_SHA = 0x0095;
-
-    /*
-     * RFC 4492
-     */
-    public static final int TLS_ECDH_ECDSA_WITH_NULL_SHA = 0xC001;
-    public static final int TLS_ECDH_ECDSA_WITH_RC4_128_SHA = 0xC002;
-    public static final int TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC003;
-    public static final int TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA = 0xC004;
-    public static final int TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA = 0xC005;
-    public static final int TLS_ECDHE_ECDSA_WITH_NULL_SHA = 0xC006;
-    public static final int TLS_ECDHE_ECDSA_WITH_RC4_128_SHA = 0xC007;
-    public static final int TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA = 0xC008;
-    public static final int TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA = 0xC009;
-    public static final int TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA = 0xC00A;
-    public static final int TLS_ECDH_RSA_WITH_NULL_SHA = 0xC00B;
-    public static final int TLS_ECDH_RSA_WITH_RC4_128_SHA = 0xC00C;
-    public static final int TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA = 0xC00D;
-    public static final int TLS_ECDH_RSA_WITH_AES_128_CBC_SHA = 0xC00E;
-    public static final int TLS_ECDH_RSA_WITH_AES_256_CBC_SHA = 0xC00F;
-    public static final int TLS_ECDHE_RSA_WITH_NULL_SHA = 0xC010;
-    public static final int TLS_ECDHE_RSA_WITH_RC4_128_SHA = 0xC011;
-    public static final int TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA = 0xC012;
-    public static final int TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA = 0xC013;
-    public static final int TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA = 0xC014;
-    public static final int TLS_ECDH_anon_WITH_NULL_SHA = 0xC015;
-    public static final int TLS_ECDH_anon_WITH_RC4_128_SHA = 0xC016;
-    public static final int TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA = 0xC017;
-    public static final int TLS_ECDH_anon_WITH_AES_128_CBC_SHA = 0xC018;
-    public static final int TLS_ECDH_anon_WITH_AES_256_CBC_SHA = 0xC019;
-
-    /*
-     * RFC 4785
-     */
-    public static final int TLS_PSK_WITH_NULL_SHA = 0x002C;
-    public static final int TLS_DHE_PSK_WITH_NULL_SHA = 0x002D;
-    public static final int TLS_RSA_PSK_WITH_NULL_SHA = 0x002E;
-
-    /*
-     * RFC 5054
-     */
-    public static final int TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA = 0xC01A;
-    public static final int TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA = 0xC01B;
-    public static final int TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA = 0xC01C;
-    public static final int TLS_SRP_SHA_WITH_AES_128_CBC_SHA = 0xC01D;
-    public static final int TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA = 0xC01E;
-    public static final int TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA = 0xC01F;
-    public static final int TLS_SRP_SHA_WITH_AES_256_CBC_SHA = 0xC020;
-    public static final int TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA = 0xC021;
-    public static final int TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA = 0xC022;
-
-    /*
-     * RFC 5246
-     */
-    public static final int TLS_RSA_WITH_NULL_SHA256 = 0x003B;
-    public static final int TLS_RSA_WITH_AES_128_CBC_SHA256 = 0x003C;
-    public static final int TLS_RSA_WITH_AES_256_CBC_SHA256 = 0x003D;
-    public static final int TLS_DH_DSS_WITH_AES_128_CBC_SHA256 = 0x003E;
-    public static final int TLS_DH_RSA_WITH_AES_128_CBC_SHA256 = 0x003F;
-    public static final int TLS_DHE_DSS_WITH_AES_128_CBC_SHA256 = 0x0040;
-    public static final int TLS_DHE_RSA_WITH_AES_128_CBC_SHA256 = 0x0067;
-    public static final int TLS_DH_DSS_WITH_AES_256_CBC_SHA256 = 0x0068;
-    public static final int TLS_DH_RSA_WITH_AES_256_CBC_SHA256 = 0x0069;
-    public static final int TLS_DHE_DSS_WITH_AES_256_CBC_SHA256 = 0x006A;
-    public static final int TLS_DHE_RSA_WITH_AES_256_CBC_SHA256 = 0x006B;
-    public static final int TLS_DH_anon_WITH_AES_128_CBC_SHA256 = 0x006C;
-    public static final int TLS_DH_anon_WITH_AES_256_CBC_SHA256 = 0x006D;
-
-    /*
-     * RFC 5288
-     */
-    public static final int TLS_RSA_WITH_AES_128_GCM_SHA256 = 0x009C;
-    public static final int TLS_RSA_WITH_AES_256_GCM_SHA384 = 0x009D;
-    public static final int TLS_DHE_RSA_WITH_AES_128_GCM_SHA256 = 0x009E;
-    public static final int TLS_DHE_RSA_WITH_AES_256_GCM_SHA384 = 0x009F;
-    public static final int TLS_DH_RSA_WITH_AES_128_GCM_SHA256 = 0x00A0;
-    public static final int TLS_DH_RSA_WITH_AES_256_GCM_SHA384 = 0x00A1;
-    public static final int TLS_DHE_DSS_WITH_AES_128_GCM_SHA256 = 0x00A2;
-    public static final int TLS_DHE_DSS_WITH_AES_256_GCM_SHA384 = 0x00A3;
-    public static final int TLS_DH_DSS_WITH_AES_128_GCM_SHA256 = 0x00A4;
-    public static final int TLS_DH_DSS_WITH_AES_256_GCM_SHA384 = 0x00A5;
-    public static final int TLS_DH_anon_WITH_AES_128_GCM_SHA256 = 0x00A6;
-    public static final int TLS_DH_anon_WITH_AES_256_GCM_SHA384 = 0x00A7;
-
-    /*
-     * RFC 5289
-     */
-    public static final int TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC023;
-    public static final int TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC024;
-    public static final int TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256 = 0xC025;
-    public static final int TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384 = 0xC026;
-    public static final int TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256 = 0xC027;
-    public static final int TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384 = 0xC028;
-    public static final int TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256 = 0xC029;
-    public static final int TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384 = 0xC02A;
-    public static final int TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02B;
-    public static final int TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02C;
-    public static final int TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256 = 0xC02D;
-    public static final int TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384 = 0xC02E;
-    public static final int TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256 = 0xC02F;
-    public static final int TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384 = 0xC030;
-    public static final int TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256 = 0xC031;
-    public static final int TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384 = 0xC032;
-
-    /*
-     * RFC 5487
-     */
-    public static final int TLS_PSK_WITH_AES_128_GCM_SHA256 = 0x00A8;
-    public static final int TLS_PSK_WITH_AES_256_GCM_SHA384 = 0x00A9;
-    public static final int TLS_DHE_PSK_WITH_AES_128_GCM_SHA256 = 0x00AA;
-    public static final int TLS_DHE_PSK_WITH_AES_256_GCM_SHA384 = 0x00AB;
-    public static final int TLS_RSA_PSK_WITH_AES_128_GCM_SHA256 = 0x00AC;
-    public static final int TLS_RSA_PSK_WITH_AES_256_GCM_SHA384 = 0x00AD;
-    public static final int TLS_PSK_WITH_AES_128_CBC_SHA256 = 0x00AE;
-    public static final int TLS_PSK_WITH_AES_256_CBC_SHA384 = 0x00AF;
-    public static final int TLS_PSK_WITH_NULL_SHA256 = 0x00B0;
-    public static final int TLS_PSK_WITH_NULL_SHA384 = 0x00B1;
-    public static final int TLS_DHE_PSK_WITH_AES_128_CBC_SHA256 = 0x00B2;
-    public static final int TLS_DHE_PSK_WITH_AES_256_CBC_SHA384 = 0x00B3;
-    public static final int TLS_DHE_PSK_WITH_NULL_SHA256 = 0x00B4;
-    public static final int TLS_DHE_PSK_WITH_NULL_SHA384 = 0x00B5;
-    public static final int TLS_RSA_PSK_WITH_AES_128_CBC_SHA256 = 0x00B6;
-    public static final int TLS_RSA_PSK_WITH_AES_256_CBC_SHA384 = 0x00B7;
-    public static final int TLS_RSA_PSK_WITH_NULL_SHA256 = 0x00B8;
-    public static final int TLS_RSA_PSK_WITH_NULL_SHA384 = 0x00B9;
-
-    /*
-     * RFC 5489
-     */
-    public static final int TLS_ECDHE_PSK_WITH_RC4_128_SHA = 0xC033;
-    public static final int TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA = 0xC034;
-    public static final int TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA = 0xC035;
-    public static final int TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA = 0xC036;
-    public static final int TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256 = 0xC037;
-    public static final int TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384 = 0xC038;
-    public static final int TLS_ECDHE_PSK_WITH_NULL_SHA = 0xC039;
-    public static final int TLS_ECDHE_PSK_WITH_NULL_SHA256 = 0xC03A;
-    public static final int TLS_ECDHE_PSK_WITH_NULL_SHA384 = 0xC03B;
-
-    /*
-     * RFC 5746
-     */
-    public static final int TLS_EMPTY_RENEGOTIATION_INFO_SCSV = 0x00FF;
-
-    /*
-     * RFC 6367
-     */
-    public static final int TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC072;
-    public static final int TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC073;
-    public static final int TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC074;
-    public static final int TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC075;
-    public static final int TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC076;
-    public static final int TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC077;
-    public static final int TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256 = 0xC078;
-    public static final int TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384 = 0xC079;
-
-    public static final int TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC07A;
-    public static final int TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC07B;
-    public static final int TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC07C;
-    public static final int TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC07D;
-    public static final int TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC07E;
-    public static final int TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC07F;
-    public static final int TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256 = 0xC080;
-    public static final int TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384 = 0xC081;
-    public static final int TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256 = 0xC082;
-    public static final int TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384 = 0xC083;
-    public static final int TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256 = 0xC084;
-    public static final int TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384 = 0xC085;
-    public static final int TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC086;
-    public static final int TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC087;
-    public static final int TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC088;
-    public static final int TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC089;
-    public static final int TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC08A;
-    public static final int TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC08B;
-    public static final int TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256 = 0xC08C;
-    public static final int TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384 = 0xC08D;
-
-    public static final int TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256 = 0xC08E;
-    public static final int TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384 = 0xC08F;
-    public static final int TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256 = 0xC090;
-    public static final int TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384 = 0xC091;
-    public static final int TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256 = 0xC092;
-    public static final int TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384 = 0xC093;
-    public static final int TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC094;
-    public static final int TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC095;
-    public static final int TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC096;
-    public static final int TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC097;
-    public static final int TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC098;
-    public static final int TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC099;
-    public static final int TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256 = 0xC09A;
-    public static final int TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384 = 0xC09B;
-
-    /*
-     * RFC 6655
-     */
-    public static final int TLS_RSA_WITH_AES_128_CCM = 0xC09C;
-    public static final int TLS_RSA_WITH_AES_256_CCM = 0xC09D;
-    public static final int TLS_DHE_RSA_WITH_AES_128_CCM = 0xC09E;
-    public static final int TLS_DHE_RSA_WITH_AES_256_CCM = 0xC09F;
-    public static final int TLS_RSA_WITH_AES_128_CCM_8 = 0xC0A0;
-    public static final int TLS_RSA_WITH_AES_256_CCM_8 = 0xC0A1;
-    public static final int TLS_DHE_RSA_WITH_AES_128_CCM_8 = 0xC0A2;
-    public static final int TLS_DHE_RSA_WITH_AES_256_CCM_8 = 0xC0A3;
-    public static final int TLS_PSK_WITH_AES_128_CCM = 0xC0A4;
-    public static final int TLS_PSK_WITH_AES_256_CCM = 0xC0A5;
-    public static final int TLS_DHE_PSK_WITH_AES_128_CCM = 0xC0A6;
-    public static final int TLS_DHE_PSK_WITH_AES_256_CCM = 0xC0A7;
-    public static final int TLS_PSK_WITH_AES_128_CCM_8 = 0xC0A8;
-    public static final int TLS_PSK_WITH_AES_256_CCM_8 = 0xC0A9;
-    public static final int TLS_PSK_DHE_WITH_AES_128_CCM_8 = 0xC0AA;
-    public static final int TLS_PSK_DHE_WITH_AES_256_CCM_8 = 0xC0AB;
-
-    /*
-     * RFC 7251
-     */
-    public static final int TLS_ECDHE_ECDSA_WITH_AES_128_CCM = 0xC0AC;
-    public static final int TLS_ECDHE_ECDSA_WITH_AES_256_CCM = 0xC0AD;
-    public static final int TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8 = 0xC0AE;
-    public static final int TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8 = 0xC0AF;
-
-    /*
-     * RFC 7507
-     */
-    public static final int TLS_FALLBACK_SCSV = 0x5600;
-
-    /*
-     * draft-ietf-tls-chacha20-poly1305-04
-     */
-    public static final int DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCA8;
-    public static final int DRAFT_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCA9;
-    public static final int DRAFT_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAA;
-    public static final int DRAFT_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAB;
-    public static final int DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAC;
-    public static final int DRAFT_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAD;
-    public static final int DRAFT_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256 = 0xCCAE;
-
-    /*
-     * draft-zauner-tls-aes-ocb-04 (code points TBD)
-     */
-    public static final int DRAFT_TLS_DHE_RSA_WITH_AES_128_OCB = 0xFF00;
-    public static final int DRAFT_TLS_DHE_RSA_WITH_AES_256_OCB = 0xFF01;
-    public static final int DRAFT_TLS_ECDHE_RSA_WITH_AES_128_OCB = 0xFF02;
-    public static final int DRAFT_TLS_ECDHE_RSA_WITH_AES_256_OCB = 0xFF03;
-    public static final int DRAFT_TLS_ECDHE_ECDSA_WITH_AES_128_OCB = 0xFF04;
-    public static final int DRAFT_TLS_ECDHE_ECDSA_WITH_AES_256_OCB = 0xFF05;
-    public static final int DRAFT_TLS_PSK_WITH_AES_128_OCB = 0xFF10;
-    public static final int DRAFT_TLS_PSK_WITH_AES_256_OCB = 0xFF11;
-    public static final int DRAFT_TLS_DHE_PSK_WITH_AES_128_OCB = 0xFF12;
-    public static final int DRAFT_TLS_DHE_PSK_WITH_AES_256_OCB = 0xFF13;
-    public static final int DRAFT_TLS_ECDHE_PSK_WITH_AES_128_OCB = 0xFF14;
-    public static final int DRAFT_TLS_ECDHE_PSK_WITH_AES_256_OCB = 0xFF15;
-
-    public static boolean isSCSV(int cipherSuite)
-    {
-        switch (cipherSuite)
-        {
-        case TLS_EMPTY_RENEGOTIATION_INFO_SCSV:
-        case TLS_FALLBACK_SCSV:
-            return true;
-        default:
-            return false;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/CipherType.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/CipherType.java
deleted file mode 100644
index c6d845a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/CipherType.java
+++ /dev/null

@@ -1,18 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/**
- * RFC 2246
- * <p>
- * Note that the values here are implementation-specific and arbitrary. It is recommended not to
- * depend on the particular values (e.g. serialization).
- */
-public class CipherType
-{
-    public static final int stream = 0;
-    public static final int block = 1;
-
-    /*
-     * RFC 5246
-     */
-    public static final int aead = 2;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ClientAuthenticationType.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/ClientAuthenticationType.java
deleted file mode 100644
index 77e6460..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ClientAuthenticationType.java
+++ /dev/null

@@ -1,11 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-public class ClientAuthenticationType
-{
-    /*
-     * RFC 5077 4
-     */
-    public static final short anonymous = 0;
-    public static final short certificate_based = 1;
-    public static final short psk = 2;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ClientCertificateType.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/ClientCertificateType.java
deleted file mode 100644
index 6bddfc0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ClientCertificateType.java
+++ /dev/null

@@ -1,22 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-public class ClientCertificateType
-{
-    /*
-     *  RFC 4346 7.4.4
-     */
-    public static final short rsa_sign = 1;
-    public static final short dss_sign = 2;
-    public static final short rsa_fixed_dh = 3;
-    public static final short dss_fixed_dh = 4;
-    public static final short rsa_ephemeral_dh_RESERVED = 5;
-    public static final short dss_ephemeral_dh_RESERVED = 6;
-    public static final short fortezza_dms_RESERVED = 20;
-
-    /*
-     * RFC 4492 5.5
-     */
-    public static final short ecdsa_sign = 64;
-    public static final short rsa_fixed_ecdh = 65;
-    public static final short ecdsa_fixed_ecdh = 66;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/CombinedHash.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/CombinedHash.java
deleted file mode 100644
index 70c81a0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/CombinedHash.java
+++ /dev/null

@@ -1,135 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import org.bouncycastle.crypto.Digest;
-
-/**
- * A combined hash, which implements md5(m) || sha1(m).
- */
-class CombinedHash
-    implements TlsHandshakeHash
-{
-    protected TlsContext context;
-    protected Digest md5;
-    protected Digest sha1;
-
-    CombinedHash()
-    {
-        this.md5 = TlsUtils.createHash(HashAlgorithm.md5);
-        this.sha1 = TlsUtils.createHash(HashAlgorithm.sha1);
-    }
-
-    CombinedHash(CombinedHash t)
-    {
-        this.context = t.context;
-        this.md5 = TlsUtils.cloneHash(HashAlgorithm.md5, t.md5);
-        this.sha1 = TlsUtils.cloneHash(HashAlgorithm.sha1, t.sha1);
-    }
-
-    public void init(TlsContext context)
-    {
-        this.context = context;
-    }
-
-    public TlsHandshakeHash notifyPRFDetermined()
-    {
-        return this;
-    }
-
-    public void trackHashAlgorithm(short hashAlgorithm)
-    {
-        throw new IllegalStateException("CombinedHash only supports calculating the legacy PRF for handshake hash");
-    }
-
-    public void sealHashAlgorithms()
-    {
-    }
-
-    public TlsHandshakeHash stopTracking()
-    {
-        return new CombinedHash(this);
-    }
-
-    public Digest forkPRFHash()
-    {
-        return new CombinedHash(this);
-    }
-
-    public byte[] getFinalHash(short hashAlgorithm)
-    {
-        throw new IllegalStateException("CombinedHash doesn't support multiple hashes");
-    }
-
-    /**
-     * @see org.bouncycastle.crypto.Digest#getAlgorithmName()
-     */
-    public String getAlgorithmName()
-    {
-        return md5.getAlgorithmName() + " and " + sha1.getAlgorithmName();
-    }
-
-    /**
-     * @see org.bouncycastle.crypto.Digest#getDigestSize()
-     */
-    public int getDigestSize()
-    {
-        return md5.getDigestSize() + sha1.getDigestSize();
-    }
-
-    /**
-     * @see org.bouncycastle.crypto.Digest#update(byte)
-     */
-    public void update(byte input)
-    {
-        md5.update(input);
-        sha1.update(input);
-    }
-
-    /**
-     * @see org.bouncycastle.crypto.Digest#update(byte[], int, int)
-     */
-    public void update(byte[] input, int inOff, int len)
-    {
-        md5.update(input, inOff, len);
-        sha1.update(input, inOff, len);
-    }
-
-    /**
-     * @see org.bouncycastle.crypto.Digest#doFinal(byte[], int)
-     */
-    public int doFinal(byte[] output, int outOff)
-    {
-        if (context != null && TlsUtils.isSSL(context))
-        {
-            ssl3Complete(md5, SSL3Mac.IPAD, SSL3Mac.OPAD, 48);
-            ssl3Complete(sha1, SSL3Mac.IPAD, SSL3Mac.OPAD, 40);
-        }
-
-        int i1 = md5.doFinal(output, outOff);
-        int i2 = sha1.doFinal(output, outOff + i1);
-        return i1 + i2;
-    }
-
-    /**
-     * @see org.bouncycastle.crypto.Digest#reset()
-     */
-    public void reset()
-    {
-        md5.reset();
-        sha1.reset();
-    }
-
-    protected void ssl3Complete(Digest d, byte[] ipad, byte[] opad, int padLength)
-    {
-        byte[] master_secret = context.getSecurityParameters().masterSecret;
-
-        d.update(master_secret, 0, master_secret.length);
-        d.update(ipad, 0, padLength);
-
-        byte[] tmp = new byte[d.getDigestSize()];
-        d.doFinal(tmp, 0);
-
-        d.update(master_secret, 0, master_secret.length);
-        d.update(opad, 0, padLength);
-        d.update(tmp, 0, tmp.length);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/CompressionMethod.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/CompressionMethod.java
deleted file mode 100644
index 5c3a4fb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/CompressionMethod.java
+++ /dev/null

@@ -1,19 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/**
- * RFC 2246 6.1
- */
-public class CompressionMethod
-{
-    public static final short _null = 0;
-
-    /*
-     * RFC 3749 2
-     */
-    public static final short DEFLATE = 1;
-
-    /*
-     * Values from 224 decimal (0xE0) through 255 decimal (0xFF)
-     * inclusive are reserved for private use.
-     */
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ConnectionEnd.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/ConnectionEnd.java
deleted file mode 100644
index bcbf607..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ConnectionEnd.java
+++ /dev/null

@@ -1,13 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/**
- * RFC 2246
- * <p>
- * Note that the values here are implementation-specific and arbitrary. It is recommended not to
- * depend on the particular values (e.g. serialization).
- */
-public class ConnectionEnd
-{
-    public static final int server = 0;
-    public static final int client = 1;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ContentType.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/ContentType.java
deleted file mode 100644
index 65ed9b6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ContentType.java
+++ /dev/null

@@ -1,13 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/**
- * RFC 2246 6.2.1
- */
-public class ContentType
-{
-    public static final short change_cipher_spec = 20;
-    public static final short alert = 21;
-    public static final short handshake = 22;
-    public static final short application_data = 23;
-    public static final short heartbeat = 24;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSClientProtocol.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSClientProtocol.java
deleted file mode 100644
index a12c0d1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSClientProtocol.java
+++ /dev/null

@@ -1,909 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.security.SecureRandom;
-import java.util.Enumeration;
-import java.util.Hashtable;
-import java.util.Vector;
-
-import org.bouncycastle.util.Arrays;
-
-public class DTLSClientProtocol
-    extends DTLSProtocol
-{
-    public DTLSClientProtocol(SecureRandom secureRandom)
-    {
-        super(secureRandom);
-    }
-
-    public DTLSTransport connect(TlsClient client, DatagramTransport transport)
-        throws IOException
-    {
-        if (client == null)
-        {
-            throw new IllegalArgumentException("'client' cannot be null");
-        }
-        if (transport == null)
-        {
-            throw new IllegalArgumentException("'transport' cannot be null");
-        }
-
-        SecurityParameters securityParameters = new SecurityParameters();
-        securityParameters.entity = ConnectionEnd.client;
-
-        ClientHandshakeState state = new ClientHandshakeState();
-        state.client = client;
-        state.clientContext = new TlsClientContextImpl(secureRandom, securityParameters);
-
-        securityParameters.clientRandom = TlsProtocol.createRandomBlock(client.shouldUseGMTUnixTime(),
-            state.clientContext.getNonceRandomGenerator());
-
-        client.init(state.clientContext);
-
-        DTLSRecordLayer recordLayer = new DTLSRecordLayer(transport, state.clientContext, client, ContentType.handshake);
-
-        TlsSession sessionToResume = state.client.getSessionToResume();
-        if (sessionToResume != null && sessionToResume.isResumable())
-        {
-            SessionParameters sessionParameters = sessionToResume.exportSessionParameters();
-            if (sessionParameters != null && sessionParameters.isExtendedMasterSecret())
-            {
-                state.tlsSession = sessionToResume;
-                state.sessionParameters = sessionParameters;
-            }
-        }
-
-        try
-        {
-            return clientHandshake(state, recordLayer);
-        }
-        catch (TlsFatalAlert fatalAlert)
-        {
-            abortClientHandshake(state, recordLayer, fatalAlert.getAlertDescription());
-            throw fatalAlert;
-        }
-        catch (IOException e)
-        {
-            abortClientHandshake(state, recordLayer, AlertDescription.internal_error);
-            throw e;
-        }
-        catch (RuntimeException e)
-        {
-            abortClientHandshake(state, recordLayer, AlertDescription.internal_error);
-            throw new TlsFatalAlert(AlertDescription.internal_error, e);
-        }
-        finally
-        {
-            securityParameters.clear();
-        }
-    }
-
-    protected void abortClientHandshake(ClientHandshakeState state, DTLSRecordLayer recordLayer, short alertDescription)
-    {
-        recordLayer.fail(alertDescription);
-        invalidateSession(state);
-    }
-
-    protected DTLSTransport clientHandshake(ClientHandshakeState state, DTLSRecordLayer recordLayer)
-        throws IOException
-    {
-        SecurityParameters securityParameters = state.clientContext.getSecurityParameters();
-        DTLSReliableHandshake handshake = new DTLSReliableHandshake(state.clientContext, recordLayer);
-
-        byte[] clientHelloBody = generateClientHello(state, state.client);
-
-        recordLayer.setWriteVersion(ProtocolVersion.DTLSv10);
-
-        handshake.sendMessage(HandshakeType.client_hello, clientHelloBody);
-
-        DTLSReliableHandshake.Message serverMessage = handshake.receiveMessage();
-
-        while (serverMessage.getType() == HandshakeType.hello_verify_request)
-        {
-            ProtocolVersion recordLayerVersion = recordLayer.getReadVersion();
-            ProtocolVersion client_version = state.clientContext.getClientVersion();
-
-            /*
-             * RFC 6347 4.2.1 DTLS 1.2 server implementations SHOULD use DTLS version 1.0 regardless of
-             * the version of TLS that is expected to be negotiated. DTLS 1.2 and 1.0 clients MUST use
-             * the version solely to indicate packet formatting (which is the same in both DTLS 1.2 and
-             * 1.0) and not as part of version negotiation.
-             */
-            if (!recordLayerVersion.isEqualOrEarlierVersionOf(client_version))
-            {
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-            }
-
-            recordLayer.setReadVersion(null);
-
-            byte[] cookie = processHelloVerifyRequest(state, serverMessage.getBody());
-            byte[] patched = patchClientHelloWithCookie(clientHelloBody, cookie);
-
-            handshake.resetHandshakeMessagesDigest();
-            handshake.sendMessage(HandshakeType.client_hello, patched);
-
-            serverMessage = handshake.receiveMessage();
-        }
-
-        if (serverMessage.getType() == HandshakeType.server_hello)
-        {
-            ProtocolVersion recordLayerVersion = recordLayer.getReadVersion();
-            reportServerVersion(state, recordLayerVersion);
-            recordLayer.setWriteVersion(recordLayerVersion);
-
-            processServerHello(state, serverMessage.getBody());
-        }
-        else
-        {
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-
-        handshake.notifyHelloComplete();
-
-        applyMaxFragmentLengthExtension(recordLayer, securityParameters.maxFragmentLength);
-
-        if (state.resumedSession)
-        {
-            securityParameters.masterSecret = Arrays.clone(state.sessionParameters.getMasterSecret());
-            recordLayer.initPendingEpoch(state.client.getCipher());
-
-            // NOTE: Calculated exclusive of the actual Finished message from the server
-            byte[] expectedServerVerifyData = TlsUtils.calculateVerifyData(state.clientContext, ExporterLabel.server_finished,
-                TlsProtocol.getCurrentPRFHash(state.clientContext, handshake.getHandshakeHash(), null));
-            processFinished(handshake.receiveMessageBody(HandshakeType.finished), expectedServerVerifyData);
-
-            // NOTE: Calculated exclusive of the Finished message itself
-            byte[] clientVerifyData = TlsUtils.calculateVerifyData(state.clientContext, ExporterLabel.client_finished,
-                TlsProtocol.getCurrentPRFHash(state.clientContext, handshake.getHandshakeHash(), null));
-            handshake.sendMessage(HandshakeType.finished, clientVerifyData);
-
-            handshake.finish();
-
-            state.clientContext.setResumableSession(state.tlsSession);
-
-            state.client.notifyHandshakeComplete();
-
-            return new DTLSTransport(recordLayer);
-        }
-
-        invalidateSession(state);
-
-        if (state.selectedSessionID.length > 0)
-        {
-            state.tlsSession = new TlsSessionImpl(state.selectedSessionID, null);
-        }
-
-        serverMessage = handshake.receiveMessage();
-
-        if (serverMessage.getType() == HandshakeType.supplemental_data)
-        {
-            processServerSupplementalData(state, serverMessage.getBody());
-            serverMessage = handshake.receiveMessage();
-        }
-        else
-        {
-            state.client.processServerSupplementalData(null);
-        }
-
-        state.keyExchange = state.client.getKeyExchange();
-        state.keyExchange.init(state.clientContext);
-
-        Certificate serverCertificate = null;
-
-        if (serverMessage.getType() == HandshakeType.certificate)
-        {
-            serverCertificate = processServerCertificate(state, serverMessage.getBody());
-            serverMessage = handshake.receiveMessage();
-        }
-        else
-        {
-            // Okay, Certificate is optional
-            state.keyExchange.skipServerCredentials();
-        }
-
-        // TODO[RFC 3546] Check whether empty certificates is possible, allowed, or excludes CertificateStatus
-        if (serverCertificate == null || serverCertificate.isEmpty())
-        {
-            state.allowCertificateStatus = false;
-        }
-
-        if (serverMessage.getType() == HandshakeType.certificate_status)
-        {
-            processCertificateStatus(state, serverMessage.getBody());
-            serverMessage = handshake.receiveMessage();
-        }
-        else
-        {
-            // Okay, CertificateStatus is optional
-        }
-
-        if (serverMessage.getType() == HandshakeType.server_key_exchange)
-        {
-            processServerKeyExchange(state, serverMessage.getBody());
-            serverMessage = handshake.receiveMessage();
-        }
-        else
-        {
-            // Okay, ServerKeyExchange is optional
-            state.keyExchange.skipServerKeyExchange();
-        }
-
-        if (serverMessage.getType() == HandshakeType.certificate_request)
-        {
-            processCertificateRequest(state, serverMessage.getBody());
-
-            /*
-             * TODO Give the client a chance to immediately select the CertificateVerify hash
-             * algorithm here to avoid tracking the other hash algorithms unnecessarily?
-             */
-            TlsUtils.trackHashAlgorithms(handshake.getHandshakeHash(),
-                state.certificateRequest.getSupportedSignatureAlgorithms());
-
-            serverMessage = handshake.receiveMessage();
-        }
-        else
-        {
-            // Okay, CertificateRequest is optional
-        }
-
-        if (serverMessage.getType() == HandshakeType.server_hello_done)
-        {
-            if (serverMessage.getBody().length != 0)
-            {
-                throw new TlsFatalAlert(AlertDescription.decode_error);
-            }
-        }
-        else
-        {
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-
-        handshake.getHandshakeHash().sealHashAlgorithms();
-
-        Vector clientSupplementalData = state.client.getClientSupplementalData();
-        if (clientSupplementalData != null)
-        {
-            byte[] supplementalDataBody = generateSupplementalData(clientSupplementalData);
-            handshake.sendMessage(HandshakeType.supplemental_data, supplementalDataBody);
-        }
-
-        if (state.certificateRequest != null)
-        {
-            state.clientCredentials = state.authentication.getClientCredentials(state.certificateRequest);
-
-            /*
-             * RFC 5246 If no suitable certificate is available, the client MUST send a certificate
-             * message containing no certificates.
-             * 
-             * NOTE: In previous RFCs, this was SHOULD instead of MUST.
-             */
-            Certificate clientCertificate = null;
-            if (state.clientCredentials != null)
-            {
-                clientCertificate = state.clientCredentials.getCertificate();
-            }
-            if (clientCertificate == null)
-            {
-                clientCertificate = Certificate.EMPTY_CHAIN;
-            }
-
-            byte[] certificateBody = generateCertificate(clientCertificate);
-            handshake.sendMessage(HandshakeType.certificate, certificateBody);
-        }
-
-        if (state.clientCredentials != null)
-        {
-            state.keyExchange.processClientCredentials(state.clientCredentials);
-        }
-        else
-        {
-            state.keyExchange.skipClientCredentials();
-        }
-
-        byte[] clientKeyExchangeBody = generateClientKeyExchange(state);
-        handshake.sendMessage(HandshakeType.client_key_exchange, clientKeyExchangeBody);
-
-        TlsHandshakeHash prepareFinishHash = handshake.prepareToFinish();
-        securityParameters.sessionHash = TlsProtocol.getCurrentPRFHash(state.clientContext, prepareFinishHash, null);
-
-        TlsProtocol.establishMasterSecret(state.clientContext, state.keyExchange);
-        recordLayer.initPendingEpoch(state.client.getCipher());
-
-        if (state.clientCredentials != null && state.clientCredentials instanceof TlsSignerCredentials)
-        {
-            TlsSignerCredentials signerCredentials = (TlsSignerCredentials)state.clientCredentials;
-
-            /*
-             * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
-             */
-            SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtils.getSignatureAndHashAlgorithm(
-                state.clientContext, signerCredentials);
-
-            byte[] hash;
-            if (signatureAndHashAlgorithm == null)
-            {
-                hash = securityParameters.getSessionHash();
-            }
-            else
-            {
-                hash = prepareFinishHash.getFinalHash(signatureAndHashAlgorithm.getHash());
-            }
-
-            byte[] signature = signerCredentials.generateCertificateSignature(hash);
-            DigitallySigned certificateVerify = new DigitallySigned(signatureAndHashAlgorithm, signature);
-            byte[] certificateVerifyBody = generateCertificateVerify(state, certificateVerify);
-            handshake.sendMessage(HandshakeType.certificate_verify, certificateVerifyBody);
-        }
-
-        // NOTE: Calculated exclusive of the Finished message itself
-        byte[] clientVerifyData = TlsUtils.calculateVerifyData(state.clientContext, ExporterLabel.client_finished,
-            TlsProtocol.getCurrentPRFHash(state.clientContext, handshake.getHandshakeHash(), null));
-        handshake.sendMessage(HandshakeType.finished, clientVerifyData);
-
-        if (state.expectSessionTicket)
-        {
-            serverMessage = handshake.receiveMessage();
-            if (serverMessage.getType() == HandshakeType.session_ticket)
-            {
-                processNewSessionTicket(state, serverMessage.getBody());
-            }
-            else
-            {
-                throw new TlsFatalAlert(AlertDescription.unexpected_message);
-            }
-        }
-
-        // NOTE: Calculated exclusive of the actual Finished message from the server
-        byte[] expectedServerVerifyData = TlsUtils.calculateVerifyData(state.clientContext, ExporterLabel.server_finished,
-            TlsProtocol.getCurrentPRFHash(state.clientContext, handshake.getHandshakeHash(), null));
-        processFinished(handshake.receiveMessageBody(HandshakeType.finished), expectedServerVerifyData);
-
-        handshake.finish();
-
-        if (state.tlsSession != null)
-        {
-            state.sessionParameters = new SessionParameters.Builder()
-                .setCipherSuite(securityParameters.getCipherSuite())
-                .setCompressionAlgorithm(securityParameters.getCompressionAlgorithm())
-                .setExtendedMasterSecret(securityParameters.isExtendedMasterSecret())
-                .setMasterSecret(securityParameters.getMasterSecret())
-                .setPeerCertificate(serverCertificate)
-                .setPSKIdentity(securityParameters.getPSKIdentity())
-                .setSRPIdentity(securityParameters.getSRPIdentity())
-                // TODO Consider filtering extensions that aren't relevant to resumed sessions
-                .setServerExtensions(state.serverExtensions)
-                .build();
-
-            state.tlsSession = TlsUtils.importSession(state.tlsSession.getSessionID(), state.sessionParameters);
-
-            state.clientContext.setResumableSession(state.tlsSession);
-        }
-
-        state.client.notifyHandshakeComplete();
-
-        return new DTLSTransport(recordLayer);
-    }
-
-    protected byte[] generateCertificateVerify(ClientHandshakeState state, DigitallySigned certificateVerify)
-        throws IOException
-    {
-        ByteArrayOutputStream buf = new ByteArrayOutputStream();
-        certificateVerify.encode(buf);
-        return buf.toByteArray();
-    }
-
-    protected byte[] generateClientHello(ClientHandshakeState state, TlsClient client)
-        throws IOException
-    {
-        ProtocolVersion client_version = client.getClientVersion();
-        if (!client_version.isDTLS())
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        TlsClientContextImpl context = state.clientContext;
-
-        context.setClientVersion(client_version);
-
-        SecurityParameters securityParameters = context.getSecurityParameters();
-
-        // Session ID
-        byte[] session_id = TlsUtils.EMPTY_BYTES;
-        if (state.tlsSession != null)
-        {
-            session_id = state.tlsSession.getSessionID();
-            if (session_id == null || session_id.length > 32)
-            {
-                session_id = TlsUtils.EMPTY_BYTES;
-            }
-        }
-
-        boolean fallback = client.isFallback();
-
-        state.offeredCipherSuites = client.getCipherSuites();
-
-        if (session_id.length > 0 && state.sessionParameters != null)
-        {
-            if (!state.sessionParameters.isExtendedMasterSecret()
-                || !Arrays.contains(state.offeredCipherSuites, state.sessionParameters.getCipherSuite())
-                || CompressionMethod._null != state.sessionParameters.getCompressionAlgorithm())
-            {
-                session_id = TlsUtils.EMPTY_BYTES;
-            }
-        }
-
-        state.clientExtensions = TlsExtensionsUtils.ensureExtensionsInitialised(client.getClientExtensions());
-
-        TlsExtensionsUtils.addExtendedMasterSecretExtension(state.clientExtensions);
-
-        ByteArrayOutputStream buf = new ByteArrayOutputStream();
-
-        TlsUtils.writeVersion(client_version, buf);
-
-        buf.write(securityParameters.getClientRandom());
-
-        TlsUtils.writeOpaque8(session_id, buf);
-
-        // Cookie
-        TlsUtils.writeOpaque8(TlsUtils.EMPTY_BYTES, buf);
-
-        // Cipher Suites (and SCSV)
-        {
-            /*
-             * RFC 5746 3.4. The client MUST include either an empty "renegotiation_info" extension,
-             * or the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling cipher suite value in the
-             * ClientHello. Including both is NOT RECOMMENDED.
-             */
-            byte[] renegExtData = TlsUtils.getExtensionData(state.clientExtensions, TlsProtocol.EXT_RenegotiationInfo);
-            boolean noRenegExt = (null == renegExtData);
-
-            boolean noRenegSCSV = !Arrays.contains(state.offeredCipherSuites, CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV);
-
-            if (noRenegExt && noRenegSCSV)
-            {
-                // TODO Consider whether to default to a client extension instead
-                state.offeredCipherSuites = Arrays.append(state.offeredCipherSuites, CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV);
-            }
-
-            /*
-             * RFC 7507 4. If a client sends a ClientHello.client_version containing a lower value
-             * than the latest (highest-valued) version supported by the client, it SHOULD include
-             * the TLS_FALLBACK_SCSV cipher suite value in ClientHello.cipher_suites [..]. (The
-             * client SHOULD put TLS_FALLBACK_SCSV after all cipher suites that it actually intends
-             * to negotiate.)
-             */
-            if (fallback && !Arrays.contains(state.offeredCipherSuites, CipherSuite.TLS_FALLBACK_SCSV))
-            {
-                state.offeredCipherSuites = Arrays.append(state.offeredCipherSuites, CipherSuite.TLS_FALLBACK_SCSV);
-            }
-
-            TlsUtils.writeUint16ArrayWithUint16Length(state.offeredCipherSuites, buf);
-        }
-
-        TlsUtils.writeUint8ArrayWithUint8Length(new short[]{ CompressionMethod._null }, buf);
-
-        // Extensions
-        TlsProtocol.writeExtensions(buf, state.clientExtensions);
-
-        return buf.toByteArray();
-    }
-
-    protected byte[] generateClientKeyExchange(ClientHandshakeState state)
-        throws IOException
-    {
-        ByteArrayOutputStream buf = new ByteArrayOutputStream();
-        state.keyExchange.generateClientKeyExchange(buf);
-        return buf.toByteArray();
-    }
-
-    protected void invalidateSession(ClientHandshakeState state)
-    {
-        if (state.sessionParameters != null)
-        {
-            state.sessionParameters.clear();
-            state.sessionParameters = null;
-        }
-
-        if (state.tlsSession != null)
-        {
-            state.tlsSession.invalidate();
-            state.tlsSession = null;
-        }
-    }
-
-    protected void processCertificateRequest(ClientHandshakeState state, byte[] body)
-        throws IOException
-    {
-        if (state.authentication == null)
-        {
-            /*
-             * RFC 2246 7.4.4. It is a fatal handshake_failure alert for an anonymous server to
-             * request client identification.
-             */
-            throw new TlsFatalAlert(AlertDescription.handshake_failure);
-        }
-
-        ByteArrayInputStream buf = new ByteArrayInputStream(body);
-
-        state.certificateRequest = CertificateRequest.parse(state.clientContext, buf);
-
-        TlsProtocol.assertEmpty(buf);
-
-        state.keyExchange.validateCertificateRequest(state.certificateRequest);
-    }
-
-    protected void processCertificateStatus(ClientHandshakeState state, byte[] body)
-        throws IOException
-    {
-        if (!state.allowCertificateStatus)
-        {
-            /*
-             * RFC 3546 3.6. If a server returns a "CertificateStatus" message, then the
-             * server MUST have included an extension of type "status_request" with empty
-             * "extension_data" in the extended server hello..
-             */
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-
-        ByteArrayInputStream buf = new ByteArrayInputStream(body);
-
-        state.certificateStatus = CertificateStatus.parse(buf);
-
-        TlsProtocol.assertEmpty(buf);
-
-        // TODO[RFC 3546] Figure out how to provide this to the client/authentication.
-    }
-
-    protected byte[] processHelloVerifyRequest(ClientHandshakeState state, byte[] body)
-        throws IOException
-    {
-        ByteArrayInputStream buf = new ByteArrayInputStream(body);
-
-        ProtocolVersion server_version = TlsUtils.readVersion(buf);
-        byte[] cookie = TlsUtils.readOpaque8(buf);
-
-        TlsProtocol.assertEmpty(buf);
-
-        // TODO Seems this behaviour is not yet in line with OpenSSL for DTLS 1.2
-//        reportServerVersion(state, server_version);
-        if (!server_version.isEqualOrEarlierVersionOf(state.clientContext.getClientVersion()))
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-
-        /*
-         * RFC 6347 This specification increases the cookie size limit to 255 bytes for greater
-         * future flexibility. The limit remains 32 for previous versions of DTLS.
-         */
-        if (!ProtocolVersion.DTLSv12.isEqualOrEarlierVersionOf(server_version) && cookie.length > 32)
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-
-        return cookie;
-    }
-
-    protected void processNewSessionTicket(ClientHandshakeState state, byte[] body)
-        throws IOException
-    {
-        ByteArrayInputStream buf = new ByteArrayInputStream(body);
-
-        NewSessionTicket newSessionTicket = NewSessionTicket.parse(buf);
-
-        TlsProtocol.assertEmpty(buf);
-
-        state.client.notifyNewSessionTicket(newSessionTicket);
-    }
-
-    protected Certificate processServerCertificate(ClientHandshakeState state, byte[] body)
-        throws IOException
-    {
-        ByteArrayInputStream buf = new ByteArrayInputStream(body);
-
-        Certificate serverCertificate = Certificate.parse(buf);
-
-        TlsProtocol.assertEmpty(buf);
-
-        state.keyExchange.processServerCertificate(serverCertificate);
-        state.authentication = state.client.getAuthentication();
-        state.authentication.notifyServerCertificate(serverCertificate);
-
-        return serverCertificate;
-    }
-
-    protected void processServerHello(ClientHandshakeState state, byte[] body)
-        throws IOException
-    {
-        SecurityParameters securityParameters = state.clientContext.getSecurityParameters();
-
-        ByteArrayInputStream buf = new ByteArrayInputStream(body);
-
-        {
-            ProtocolVersion server_version = TlsUtils.readVersion(buf);
-            reportServerVersion(state, server_version);
-        }
-
-        securityParameters.serverRandom = TlsUtils.readFully(32, buf);
-
-        state.selectedSessionID = TlsUtils.readOpaque8(buf);
-        if (state.selectedSessionID.length > 32)
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-        state.client.notifySessionID(state.selectedSessionID);
-        state.resumedSession = state.selectedSessionID.length > 0 && state.tlsSession != null
-            && Arrays.areEqual(state.selectedSessionID, state.tlsSession.getSessionID());
-
-        int selectedCipherSuite = TlsUtils.readUint16(buf);
-        if (!Arrays.contains(state.offeredCipherSuites, selectedCipherSuite)
-            || selectedCipherSuite == CipherSuite.TLS_NULL_WITH_NULL_NULL
-            || CipherSuite.isSCSV(selectedCipherSuite)
-            || !TlsUtils.isValidCipherSuiteForVersion(selectedCipherSuite, state.clientContext.getServerVersion()))
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-        validateSelectedCipherSuite(selectedCipherSuite, AlertDescription.illegal_parameter);
-        state.client.notifySelectedCipherSuite(selectedCipherSuite);
-
-        short selectedCompressionMethod = TlsUtils.readUint8(buf);
-        if (CompressionMethod._null != selectedCompressionMethod)
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-        state.client.notifySelectedCompressionMethod(selectedCompressionMethod);
-
-        /*
-         * RFC3546 2.2 The extended server hello message format MAY be sent in place of the server
-         * hello message when the client has requested extended functionality via the extended
-         * client hello message specified in Section 2.1. ... Note that the extended server hello
-         * message is only sent in response to an extended client hello message. This prevents the
-         * possibility that the extended server hello message could "break" existing TLS 1.0
-         * clients.
-         */
-
-        /*
-         * TODO RFC 3546 2.3 If [...] the older session is resumed, then the server MUST ignore
-         * extensions appearing in the client hello, and send a server hello containing no
-         * extensions.
-         */
-
-        // Integer -> byte[]
-        state.serverExtensions = TlsProtocol.readExtensions(buf);
-
-        /*
-         * RFC 7627 4. Clients and servers SHOULD NOT accept handshakes that do not use the extended
-         * master secret [..]. (and see 5.2, 5.3)
-         */
-        securityParameters.extendedMasterSecret = TlsExtensionsUtils.hasExtendedMasterSecretExtension(state.serverExtensions);
-
-        if (!securityParameters.isExtendedMasterSecret()
-            && (state.resumedSession || state.client.requiresExtendedMasterSecret()))
-        {
-            throw new TlsFatalAlert(AlertDescription.handshake_failure);
-        }
-
-        /*
-         * RFC 3546 2.2 Note that the extended server hello message is only sent in response to an
-         * extended client hello message. However, see RFC 5746 exception below. We always include
-         * the SCSV, so an Extended Server Hello is always allowed.
-         */
-        if (state.serverExtensions != null)
-        {
-            Enumeration e = state.serverExtensions.keys();
-            while (e.hasMoreElements())
-            {
-                Integer extType = (Integer)e.nextElement();
-
-                /*
-                 * RFC 5746 3.6. Note that sending a "renegotiation_info" extension in response to a
-                 * ClientHello containing only the SCSV is an explicit exception to the prohibition
-                 * in RFC 5246, Section 7.4.1.4, on the server sending unsolicited extensions and is
-                 * only allowed because the client is signaling its willingness to receive the
-                 * extension via the TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV.
-                 */
-                if (extType.equals(TlsProtocol.EXT_RenegotiationInfo))
-                {
-                    continue;
-                }
-
-                /*
-                 * RFC 5246 7.4.1.4 An extension type MUST NOT appear in the ServerHello unless the
-                 * same extension type appeared in the corresponding ClientHello. If a client
-                 * receives an extension type in ServerHello that it did not request in the
-                 * associated ClientHello, it MUST abort the handshake with an unsupported_extension
-                 * fatal alert.
-                 */
-                if (null == TlsUtils.getExtensionData(state.clientExtensions, extType))
-                {
-                    throw new TlsFatalAlert(AlertDescription.unsupported_extension);
-                }
-
-                /*
-                 * RFC 3546 2.3. If [...] the older session is resumed, then the server MUST ignore
-                 * extensions appearing in the client hello, and send a server hello containing no
-                 * extensions[.]
-                 */
-                if (state.resumedSession)
-                {
-                    // TODO[compat-gnutls] GnuTLS test server sends server extensions e.g. ec_point_formats
-                    // TODO[compat-openssl] OpenSSL test server sends server extensions e.g. ec_point_formats
-                    // TODO[compat-polarssl] PolarSSL test server sends server extensions e.g. ec_point_formats
-//                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-                }
-            }
-        }
-
-        /*
-         * RFC 5746 3.4. Client Behavior: Initial Handshake
-         */
-        {
-            /*
-             * When a ServerHello is received, the client MUST check if it includes the
-             * "renegotiation_info" extension:
-             */
-            byte[] renegExtData = TlsUtils.getExtensionData(state.serverExtensions, TlsProtocol.EXT_RenegotiationInfo);
-            if (renegExtData != null)
-            {
-                /*
-                 * If the extension is present, set the secure_renegotiation flag to TRUE. The
-                 * client MUST then verify that the length of the "renegotiated_connection"
-                 * field is zero, and if it is not, MUST abort the handshake (by sending a fatal
-                 * handshake_failure alert).
-                 */
-                state.secure_renegotiation = true;
-
-                if (!Arrays.constantTimeAreEqual(renegExtData,
-                    TlsProtocol.createRenegotiationInfo(TlsUtils.EMPTY_BYTES)))
-                {
-                    throw new TlsFatalAlert(AlertDescription.handshake_failure);
-                }
-            }
-        }
-
-        // TODO[compat-gnutls] GnuTLS test server fails to send renegotiation_info extension when resuming
-        state.client.notifySecureRenegotiation(state.secure_renegotiation);
-
-        Hashtable sessionClientExtensions = state.clientExtensions, sessionServerExtensions = state.serverExtensions;
-        if (state.resumedSession)
-        {
-            if (selectedCipherSuite != state.sessionParameters.getCipherSuite()
-                || selectedCompressionMethod != state.sessionParameters.getCompressionAlgorithm())
-            {
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-            }
-
-            sessionClientExtensions = null;
-            sessionServerExtensions = state.sessionParameters.readServerExtensions();
-        }
-
-        securityParameters.cipherSuite = selectedCipherSuite;
-        securityParameters.compressionAlgorithm = selectedCompressionMethod;
-
-        if (sessionServerExtensions != null && !sessionServerExtensions.isEmpty())
-        {
-            {
-                /*
-                 * RFC 7366 3. If a server receives an encrypt-then-MAC request extension from a client
-                 * and then selects a stream or Authenticated Encryption with Associated Data (AEAD)
-                 * ciphersuite, it MUST NOT send an encrypt-then-MAC response extension back to the
-                 * client.
-                 */
-                boolean serverSentEncryptThenMAC = TlsExtensionsUtils.hasEncryptThenMACExtension(sessionServerExtensions);
-                if (serverSentEncryptThenMAC && !TlsUtils.isBlockCipherSuite(securityParameters.getCipherSuite()))
-                {
-                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-                }
-                securityParameters.encryptThenMAC = serverSentEncryptThenMAC;
-            }
-
-            securityParameters.maxFragmentLength = evaluateMaxFragmentLengthExtension(state.resumedSession,
-                sessionClientExtensions, sessionServerExtensions, AlertDescription.illegal_parameter);
-
-            securityParameters.truncatedHMac = TlsExtensionsUtils.hasTruncatedHMacExtension(sessionServerExtensions);
-
-            /*
-             * TODO It's surprising that there's no provision to allow a 'fresh' CertificateStatus to be
-             * sent in a session resumption handshake.
-             */
-            state.allowCertificateStatus = !state.resumedSession
-                && TlsUtils.hasExpectedEmptyExtensionData(sessionServerExtensions, TlsExtensionsUtils.EXT_status_request,
-                    AlertDescription.illegal_parameter);
-
-            state.expectSessionTicket = !state.resumedSession
-                && TlsUtils.hasExpectedEmptyExtensionData(sessionServerExtensions, TlsProtocol.EXT_SessionTicket,
-                    AlertDescription.illegal_parameter);
-        }
-
-        if (sessionClientExtensions != null)
-        {
-            state.client.processServerExtensions(sessionServerExtensions);
-        }
-
-        securityParameters.prfAlgorithm = TlsProtocol.getPRFAlgorithm(state.clientContext,
-            securityParameters.getCipherSuite());
-
-        /*
-         * RFC 5246 7.4.9. Any cipher suite which does not explicitly specify verify_data_length has
-         * a verify_data_length equal to 12. This includes all existing cipher suites.
-         */
-        securityParameters.verifyDataLength = 12;
-    }
-
-    protected void processServerKeyExchange(ClientHandshakeState state, byte[] body)
-        throws IOException
-    {
-        ByteArrayInputStream buf = new ByteArrayInputStream(body);
-
-        state.keyExchange.processServerKeyExchange(buf);
-
-        TlsProtocol.assertEmpty(buf);
-    }
-
-    protected void processServerSupplementalData(ClientHandshakeState state, byte[] body)
-        throws IOException
-    {
-        ByteArrayInputStream buf = new ByteArrayInputStream(body);
-        Vector serverSupplementalData = TlsProtocol.readSupplementalDataMessage(buf);
-        state.client.processServerSupplementalData(serverSupplementalData);
-    }
-
-    protected void reportServerVersion(ClientHandshakeState state, ProtocolVersion server_version)
-        throws IOException
-    {
-        TlsClientContextImpl clientContext = state.clientContext;
-        ProtocolVersion currentServerVersion = clientContext.getServerVersion();
-        if (null == currentServerVersion)
-        {
-            clientContext.setServerVersion(server_version);
-            state.client.notifyServerVersion(server_version);
-        }
-        else if (!currentServerVersion.equals(server_version))
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-    }
-
-    protected static byte[] patchClientHelloWithCookie(byte[] clientHelloBody, byte[] cookie)
-        throws IOException
-    {
-        int sessionIDPos = 34;
-        int sessionIDLength = TlsUtils.readUint8(clientHelloBody, sessionIDPos);
-
-        int cookieLengthPos = sessionIDPos + 1 + sessionIDLength;
-        int cookiePos = cookieLengthPos + 1;
-
-        byte[] patched = new byte[clientHelloBody.length + cookie.length];
-        System.arraycopy(clientHelloBody, 0, patched, 0, cookieLengthPos);
-        TlsUtils.checkUint8(cookie.length);
-        TlsUtils.writeUint8(cookie.length, patched, cookieLengthPos);
-        System.arraycopy(cookie, 0, patched, cookiePos, cookie.length);
-        System.arraycopy(clientHelloBody, cookiePos, patched, cookiePos + cookie.length, clientHelloBody.length
-            - cookiePos);
-
-        return patched;
-    }
-
-    protected static class ClientHandshakeState
-    {
-        TlsClient client = null;
-        TlsClientContextImpl clientContext = null;
-        TlsSession tlsSession = null;
-        SessionParameters sessionParameters = null;
-        SessionParameters.Builder sessionParametersBuilder = null;
-        int[] offeredCipherSuites = null;
-        Hashtable clientExtensions = null;
-        Hashtable serverExtensions = null;
-        byte[] selectedSessionID = null;
-        boolean resumedSession = false;
-        boolean secure_renegotiation = false;
-        boolean allowCertificateStatus = false;
-        boolean expectSessionTicket = false;
-        TlsKeyExchange keyExchange = null;
-        TlsAuthentication authentication = null;
-        CertificateStatus certificateStatus = null;
-        CertificateRequest certificateRequest = null;
-        TlsCredentials clientCredentials = null;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSEpoch.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSEpoch.java
deleted file mode 100644
index aec96ce..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSEpoch.java
+++ /dev/null

@@ -1,52 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-class DTLSEpoch
-{
-    private final DTLSReplayWindow replayWindow = new DTLSReplayWindow();
-
-    private final int epoch;
-    private final TlsCipher cipher;
-
-    private long sequenceNumber = 0;
-
-    DTLSEpoch(int epoch, TlsCipher cipher)
-    {
-        if (epoch < 0)
-        {
-            throw new IllegalArgumentException("'epoch' must be >= 0");
-        }
-        if (cipher == null)
-        {
-            throw new IllegalArgumentException("'cipher' cannot be null");
-        }
-
-        this.epoch = epoch;
-        this.cipher = cipher;
-    }
-
-    long allocateSequenceNumber()
-    {
-        // TODO Check for overflow
-        return sequenceNumber++;
-    }
-
-    TlsCipher getCipher()
-    {
-        return cipher;
-    }
-
-    int getEpoch()
-    {
-        return epoch;
-    }
-
-    DTLSReplayWindow getReplayWindow()
-    {
-        return replayWindow;
-    }
-
-    long getSequenceNumber()
-    {
-        return sequenceNumber;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSHandshakeRetransmit.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSHandshakeRetransmit.java
deleted file mode 100644
index 251d3a2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSHandshakeRetransmit.java
+++ /dev/null

@@ -1,9 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-
-interface DTLSHandshakeRetransmit
-{
-    void receivedHandshakeRecord(int epoch, byte[] buf, int off, int len)
-        throws IOException;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSProtocol.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSProtocol.java
deleted file mode 100644
index 7978407..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSProtocol.java
+++ /dev/null

@@ -1,98 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.security.SecureRandom;
-import java.util.Hashtable;
-import java.util.Vector;
-
-import org.bouncycastle.util.Arrays;
-
-public abstract class DTLSProtocol
-{
-    protected final SecureRandom secureRandom;
-
-    protected DTLSProtocol(SecureRandom secureRandom)
-    {
-        if (secureRandom == null)
-        {
-            throw new IllegalArgumentException("'secureRandom' cannot be null");
-        }
-
-        this.secureRandom = secureRandom;
-    }
-
-    protected void processFinished(byte[] body, byte[] expected_verify_data)
-        throws IOException
-    {
-        ByteArrayInputStream buf = new ByteArrayInputStream(body);
-
-        byte[] verify_data = TlsUtils.readFully(expected_verify_data.length, buf);
-
-        TlsProtocol.assertEmpty(buf);
-
-        if (!Arrays.constantTimeAreEqual(expected_verify_data, verify_data))
-        {
-            throw new TlsFatalAlert(AlertDescription.handshake_failure);
-        }
-    }
-
-    protected static void applyMaxFragmentLengthExtension(DTLSRecordLayer recordLayer, short maxFragmentLength)
-        throws IOException
-    {
-        if (maxFragmentLength >= 0)
-        {
-            if (!MaxFragmentLength.isValid(maxFragmentLength))
-            {
-                throw new TlsFatalAlert(AlertDescription.internal_error); 
-            }
-
-            int plainTextLimit = 1 << (8 + maxFragmentLength);
-            recordLayer.setPlaintextLimit(plainTextLimit);
-        }
-    }
-
-    protected static short evaluateMaxFragmentLengthExtension(boolean resumedSession, Hashtable clientExtensions,
-        Hashtable serverExtensions, short alertDescription) throws IOException
-    {
-        short maxFragmentLength = TlsExtensionsUtils.getMaxFragmentLengthExtension(serverExtensions);
-        if (maxFragmentLength >= 0)
-        {
-            if (!MaxFragmentLength.isValid(maxFragmentLength)
-                || (!resumedSession && maxFragmentLength != TlsExtensionsUtils
-                    .getMaxFragmentLengthExtension(clientExtensions)))
-            {
-                throw new TlsFatalAlert(alertDescription);
-            }
-        }
-        return maxFragmentLength;
-    }
-
-    protected static byte[] generateCertificate(Certificate certificate)
-        throws IOException
-    {
-        ByteArrayOutputStream buf = new ByteArrayOutputStream();
-        certificate.encode(buf);
-        return buf.toByteArray();
-    }
-
-    protected static byte[] generateSupplementalData(Vector supplementalData)
-        throws IOException
-    {
-        ByteArrayOutputStream buf = new ByteArrayOutputStream();
-        TlsProtocol.writeSupplementalData(buf, supplementalData);
-        return buf.toByteArray();
-    }
-
-    protected static void validateSelectedCipherSuite(int selectedCipherSuite, short alertDescription)
-        throws IOException
-    {
-        switch (TlsUtils.getEncryptionAlgorithm(selectedCipherSuite))
-        {
-        case EncryptionAlgorithm.RC4_40:
-        case EncryptionAlgorithm.RC4_128:
-            throw new TlsFatalAlert(alertDescription);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSReassembler.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSReassembler.java
deleted file mode 100644
index 088dcd2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSReassembler.java
+++ /dev/null

@@ -1,132 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.util.Vector;
-
-class DTLSReassembler
-{
-    /*
-     * No 'final' modifiers so that it works in earlier JDKs
-     */
-    private short msg_type;
-    private byte[] body;
-
-    private Vector missing = new Vector();
-
-    DTLSReassembler(short msg_type, int length)
-    {
-        this.msg_type = msg_type;
-        this.body = new byte[length];
-        this.missing.addElement(new Range(0, length));
-    }
-
-    short getMsgType()
-    {
-        return msg_type;
-    }
-
-    byte[] getBodyIfComplete()
-    {
-        return missing.isEmpty() ? body : null;
-    }
-
-    void contributeFragment(short msg_type, int length, byte[] buf, int off, int fragment_offset,
-        int fragment_length)
-    {
-        int fragment_end = fragment_offset + fragment_length;
-
-        if (this.msg_type != msg_type || this.body.length != length || fragment_end > length)
-        {
-            return;
-        }
-
-        if (fragment_length == 0)
-        {
-            // NOTE: Empty messages still require an empty fragment to complete it
-            if (fragment_offset == 0 && !missing.isEmpty())
-            {
-                Range firstRange = (Range)missing.firstElement();
-                if (firstRange.getEnd() == 0)
-                {
-                    missing.removeElementAt(0);
-                }
-            }
-            return;
-        }
-
-        for (int i = 0; i < missing.size(); ++i)
-        {
-            Range range = (Range)missing.elementAt(i);
-            if (range.getStart() >= fragment_end)
-            {
-                break;
-            }
-            if (range.getEnd() > fragment_offset)
-            {
-
-                int copyStart = Math.max(range.getStart(), fragment_offset);
-                int copyEnd = Math.min(range.getEnd(), fragment_end);
-                int copyLength = copyEnd - copyStart;
-
-                System.arraycopy(buf, off + copyStart - fragment_offset, body, copyStart,
-                    copyLength);
-
-                if (copyStart == range.getStart())
-                {
-                    if (copyEnd == range.getEnd())
-                    {
-                        missing.removeElementAt(i--);
-                    }
-                    else
-                    {
-                        range.setStart(copyEnd);
-                    }
-                }
-                else
-                {
-                    if (copyEnd != range.getEnd())
-                    {
-                        missing.insertElementAt(new Range(copyEnd, range.getEnd()), ++i);
-                    }
-                    range.setEnd(copyStart);
-                }
-            }
-        }
-    }
-
-    void reset()
-    {
-        this.missing.removeAllElements();
-        this.missing.addElement(new Range(0, body.length));
-    }
-
-    private static class Range
-    {
-        private int start, end;
-
-        Range(int start, int end)
-        {
-            this.start = start;
-            this.end = end;
-        }
-
-        public int getStart()
-        {
-            return start;
-        }
-
-        public void setStart(int start)
-        {
-            this.start = start;
-        }
-
-        public int getEnd()
-        {
-            return end;
-        }
-
-        public void setEnd(int end)
-        {
-            this.end = end;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSRecordLayer.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSRecordLayer.java
deleted file mode 100644
index eea254b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSRecordLayer.java
+++ /dev/null

@@ -1,544 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-
-class DTLSRecordLayer
-    implements DatagramTransport
-{
-    private static final int RECORD_HEADER_LENGTH = 13;
-    private static final int MAX_FRAGMENT_LENGTH = 1 << 14;
-    private static final long TCP_MSL = 1000L * 60 * 2;
-    private static final long RETRANSMIT_TIMEOUT = TCP_MSL * 2;
-
-    private final DatagramTransport transport;
-    private final TlsContext context;
-    private final TlsPeer peer;
-
-    private final ByteQueue recordQueue = new ByteQueue();
-
-    private volatile boolean closed = false;
-    private volatile boolean failed = false;
-    private volatile ProtocolVersion readVersion = null, writeVersion = null;
-    private volatile boolean inHandshake;
-    private volatile int plaintextLimit;
-    private DTLSEpoch currentEpoch, pendingEpoch;
-    private DTLSEpoch readEpoch, writeEpoch;
-
-    private DTLSHandshakeRetransmit retransmit = null;
-    private DTLSEpoch retransmitEpoch = null;
-    private long retransmitExpiry = 0;
-
-    DTLSRecordLayer(DatagramTransport transport, TlsContext context, TlsPeer peer, short contentType)
-    {
-        this.transport = transport;
-        this.context = context;
-        this.peer = peer;
-
-        this.inHandshake = true;
-
-        this.currentEpoch = new DTLSEpoch(0, new TlsNullCipher(context));
-        this.pendingEpoch = null;
-        this.readEpoch = currentEpoch;
-        this.writeEpoch = currentEpoch;
-
-        setPlaintextLimit(MAX_FRAGMENT_LENGTH);
-    }
-
-    void setPlaintextLimit(int plaintextLimit)
-    {
-        this.plaintextLimit = plaintextLimit;
-    }
-
-    int getReadEpoch()
-    {
-        return readEpoch.getEpoch();
-    }
-
-    ProtocolVersion getReadVersion()
-    {
-        return readVersion;
-    }
-
-    void setReadVersion(ProtocolVersion readVersion)
-    {
-        this.readVersion = readVersion;
-    }
-
-    void setWriteVersion(ProtocolVersion writeVersion)
-    {
-        this.writeVersion = writeVersion;
-    }
-
-    void initPendingEpoch(TlsCipher pendingCipher)
-    {
-        if (pendingEpoch != null)
-        {
-            throw new IllegalStateException();
-        }
-
-        /*
-         * TODO "In order to ensure that any given sequence/epoch pair is unique, implementations
-         * MUST NOT allow the same epoch value to be reused within two times the TCP maximum segment
-         * lifetime."
-         */
-
-        // TODO Check for overflow
-        this.pendingEpoch = new DTLSEpoch(writeEpoch.getEpoch() + 1, pendingCipher);
-    }
-
-    void handshakeSuccessful(DTLSHandshakeRetransmit retransmit)
-    {
-        if (readEpoch == currentEpoch || writeEpoch == currentEpoch)
-        {
-            // TODO
-            throw new IllegalStateException();
-        }
-
-        if (retransmit != null)
-        {
-            this.retransmit = retransmit;
-            this.retransmitEpoch = currentEpoch;
-            this.retransmitExpiry = System.currentTimeMillis() + RETRANSMIT_TIMEOUT;
-        }
-
-        this.inHandshake = false;
-        this.currentEpoch = pendingEpoch;
-        this.pendingEpoch = null;
-    }
-
-    void resetWriteEpoch()
-    {
-        if (retransmitEpoch != null)
-        {
-            this.writeEpoch = retransmitEpoch;
-        }
-        else
-        {
-            this.writeEpoch = currentEpoch;
-        }
-    }
-
-    public int getReceiveLimit()
-        throws IOException
-    {
-        return Math.min(this.plaintextLimit,
-            readEpoch.getCipher().getPlaintextLimit(transport.getReceiveLimit() - RECORD_HEADER_LENGTH));
-    }
-
-    public int getSendLimit()
-        throws IOException
-    {
-        return Math.min(this.plaintextLimit,
-            writeEpoch.getCipher().getPlaintextLimit(transport.getSendLimit() - RECORD_HEADER_LENGTH));
-    }
-
-    public int receive(byte[] buf, int off, int len, int waitMillis)
-        throws IOException
-    {
-        byte[] record = null;
-
-        for (;;)
-        {
-            int receiveLimit = Math.min(len, getReceiveLimit()) + RECORD_HEADER_LENGTH;
-            if (record == null || record.length < receiveLimit)
-            {
-                record = new byte[receiveLimit];
-            }
-
-            try
-            {
-                if (retransmit != null && System.currentTimeMillis() > retransmitExpiry)
-                {
-                    retransmit = null;
-                    retransmitEpoch = null;
-                }
-
-                int received = receiveRecord(record, 0, receiveLimit, waitMillis);
-                if (received < 0)
-                {
-                    return received;
-                }
-                if (received < RECORD_HEADER_LENGTH)
-                {
-                    continue;
-                }
-                int length = TlsUtils.readUint16(record, 11);
-                if (received != (length + RECORD_HEADER_LENGTH))
-                {
-                    continue;
-                }
-
-                short type = TlsUtils.readUint8(record, 0);
-
-                // TODO Support user-specified custom protocols?
-                switch (type)
-                {
-                case ContentType.alert:
-                case ContentType.application_data:
-                case ContentType.change_cipher_spec:
-                case ContentType.handshake:
-                case ContentType.heartbeat:
-                    break;
-                default:
-                    // TODO Exception?
-                    continue;
-                }
-
-                int epoch = TlsUtils.readUint16(record, 3);
-
-                DTLSEpoch recordEpoch = null;
-                if (epoch == readEpoch.getEpoch())
-                {
-                    recordEpoch = readEpoch;
-                }
-                else if (type == ContentType.handshake && retransmitEpoch != null
-                    && epoch == retransmitEpoch.getEpoch())
-                {
-                    recordEpoch = retransmitEpoch;
-                }
-
-                if (recordEpoch == null)
-                {
-                    continue;
-                }
-
-                long seq = TlsUtils.readUint48(record, 5);
-                if (recordEpoch.getReplayWindow().shouldDiscard(seq))
-                {
-                    continue;
-                }
-
-                ProtocolVersion version = TlsUtils.readVersion(record, 1);
-                if (!version.isDTLS())
-                {
-                    continue;
-                }
-
-                if (readVersion != null && !readVersion.equals(version))
-                {
-                    continue;
-                }
-
-                byte[] plaintext = recordEpoch.getCipher().decodeCiphertext(
-                    getMacSequenceNumber(recordEpoch.getEpoch(), seq), type, record, RECORD_HEADER_LENGTH,
-                    received - RECORD_HEADER_LENGTH);
-
-                recordEpoch.getReplayWindow().reportAuthenticated(seq);
-
-                if (plaintext.length > this.plaintextLimit)
-                {
-                    continue;
-                }
-
-                if (readVersion == null)
-                {
-                    readVersion = version;
-                }
-
-                switch (type)
-                {
-                case ContentType.alert:
-                {
-                    if (plaintext.length == 2)
-                    {
-                        short alertLevel = plaintext[0];
-                        short alertDescription = plaintext[1];
-
-                        peer.notifyAlertReceived(alertLevel, alertDescription);
-
-                        if (alertLevel == AlertLevel.fatal)
-                        {
-                            failed();
-                            throw new TlsFatalAlert(alertDescription);
-                        }
-
-                        // TODO Can close_notify be a fatal alert?
-                        if (alertDescription == AlertDescription.close_notify)
-                        {
-                            closeTransport();
-                        }
-                    }
-
-                    continue;
-                }
-                case ContentType.application_data:
-                {
-                    if (inHandshake)
-                    {
-                        // TODO Consider buffering application data for new epoch that arrives
-                        // out-of-order with the Finished message
-                        continue;
-                    }
-                    break;
-                }
-                case ContentType.change_cipher_spec:
-                {
-                    // Implicitly receive change_cipher_spec and change to pending cipher state
-
-                    for (int i = 0; i < plaintext.length; ++i)
-                    {
-                        short message = TlsUtils.readUint8(plaintext, i);
-                        if (message != ChangeCipherSpec.change_cipher_spec)
-                        {
-                            continue;
-                        }
-
-                        if (pendingEpoch != null)
-                        {
-                            readEpoch = pendingEpoch;
-                        }
-                    }
-
-                    continue;
-                }
-                case ContentType.handshake:
-                {
-                    if (!inHandshake)
-                    {
-                        if (retransmit != null)
-                        {
-                            retransmit.receivedHandshakeRecord(epoch, plaintext, 0, plaintext.length);
-                        }
-
-                        // TODO Consider support for HelloRequest
-                        continue;
-                    }
-                    break;
-                }
-                case ContentType.heartbeat:
-                {
-                    // TODO[RFC 6520]
-                    continue;
-                }
-                }
-
-                /*
-                 * NOTE: If we receive any non-handshake data in the new epoch implies the peer has
-                 * received our final flight.
-                 */
-                if (!inHandshake && retransmit != null)
-                {
-                    this.retransmit = null;
-                    this.retransmitEpoch = null;
-                }
-
-                System.arraycopy(plaintext, 0, buf, off, plaintext.length);
-                return plaintext.length;
-            }
-            catch (IOException e)
-            {
-                // NOTE: Assume this is a timeout for the moment
-                throw e;
-            }
-        }
-    }
-
-    public void send(byte[] buf, int off, int len)
-        throws IOException
-    {
-        short contentType = ContentType.application_data;
-
-        if (this.inHandshake || this.writeEpoch == this.retransmitEpoch)
-        {
-            contentType = ContentType.handshake;
-
-            short handshakeType = TlsUtils.readUint8(buf, off);
-            if (handshakeType == HandshakeType.finished)
-            {
-                DTLSEpoch nextEpoch = null;
-                if (this.inHandshake)
-                {
-                    nextEpoch = pendingEpoch;
-                }
-                else if (this.writeEpoch == this.retransmitEpoch)
-                {
-                    nextEpoch = currentEpoch;
-                }
-
-                if (nextEpoch == null)
-                {
-                    // TODO
-                    throw new IllegalStateException();
-                }
-
-                // Implicitly send change_cipher_spec and change to pending cipher state
-
-                // TODO Send change_cipher_spec and finished records in single datagram?
-                byte[] data = new byte[]{ 1 };
-                sendRecord(ContentType.change_cipher_spec, data, 0, data.length);
-
-                writeEpoch = nextEpoch;
-            }
-        }
-
-        sendRecord(contentType, buf, off, len);
-    }
-
-    public void close()
-        throws IOException
-    {
-        if (!closed)
-        {
-            if (inHandshake)
-            {
-                warn(AlertDescription.user_canceled, "User canceled handshake");
-            }
-            closeTransport();
-        }
-    }
-
-    void fail(short alertDescription)
-    {
-        if (!closed)
-        {
-            try
-            {
-                raiseAlert(AlertLevel.fatal, alertDescription, null, null);
-            }
-            catch (Exception e)
-            {
-                // Ignore
-            }
-
-            failed = true;
-
-            closeTransport();
-        }
-    }
-
-    void failed()
-    {
-        if (!closed)
-        {
-            failed = true;
-
-            closeTransport();
-        }
-    }
-
-    void warn(short alertDescription, String message)
-        throws IOException
-    {
-        raiseAlert(AlertLevel.warning, alertDescription, message, null);
-    }
-
-    private void closeTransport()
-    {
-        if (!closed)
-        {
-            /*
-             * RFC 5246 7.2.1. Unless some other fatal alert has been transmitted, each party is
-             * required to send a close_notify alert before closing the write side of the
-             * connection. The other party MUST respond with a close_notify alert of its own and
-             * close down the connection immediately, discarding any pending writes.
-             */
-
-            try
-            {
-                if (!failed)
-                {
-                    warn(AlertDescription.close_notify, null);
-                }
-                transport.close();
-            }
-            catch (Exception e)
-            {
-                // Ignore
-            }
-
-            closed = true;
-        }
-    }
-
-    private void raiseAlert(short alertLevel, short alertDescription, String message, Throwable cause)
-        throws IOException
-    {
-        peer.notifyAlertRaised(alertLevel, alertDescription, message, cause);
-
-        byte[] error = new byte[2];
-        error[0] = (byte)alertLevel;
-        error[1] = (byte)alertDescription;
-
-        sendRecord(ContentType.alert, error, 0, 2);
-    }
-
-    private int receiveRecord(byte[] buf, int off, int len, int waitMillis)
-        throws IOException
-    {
-        if (recordQueue.available() > 0)
-        {
-            int length = 0;
-            if (recordQueue.available() >= RECORD_HEADER_LENGTH)
-            {
-                byte[] lengthBytes = new byte[2];
-                recordQueue.read(lengthBytes, 0, 2, 11);
-                length = TlsUtils.readUint16(lengthBytes, 0);
-            }
-
-            int received = Math.min(recordQueue.available(), RECORD_HEADER_LENGTH + length);
-            recordQueue.removeData(buf, off, received, 0);
-            return received;
-        }
-
-        int received = transport.receive(buf, off, len, waitMillis);
-        if (received >= RECORD_HEADER_LENGTH)
-        {
-            int fragmentLength = TlsUtils.readUint16(buf, off + 11);
-            int recordLength = RECORD_HEADER_LENGTH + fragmentLength;
-            if (received > recordLength)
-            {
-                recordQueue.addData(buf, off + recordLength, received - recordLength);
-                received = recordLength;
-            }
-        }
-
-        return received;
-    }
-
-    private void sendRecord(short contentType, byte[] buf, int off, int len)
-        throws IOException
-    {
-        // Never send anything until a valid ClientHello has been received
-        if (writeVersion == null)
-        {
-            return;
-        }
-
-        if (len > this.plaintextLimit)
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        /*
-         * RFC 5246 6.2.1 Implementations MUST NOT send zero-length fragments of Handshake, Alert,
-         * or ChangeCipherSpec content types.
-         */
-        if (len < 1 && contentType != ContentType.application_data)
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        int recordEpoch = writeEpoch.getEpoch();
-        long recordSequenceNumber = writeEpoch.allocateSequenceNumber();
-
-        byte[] ciphertext = writeEpoch.getCipher().encodePlaintext(
-            getMacSequenceNumber(recordEpoch, recordSequenceNumber), contentType, buf, off, len);
-
-        // TODO Check the ciphertext length?
-
-        byte[] record = new byte[ciphertext.length + RECORD_HEADER_LENGTH];
-        TlsUtils.writeUint8(contentType, record, 0);
-        TlsUtils.writeVersion(writeVersion, record, 1);
-        TlsUtils.writeUint16(recordEpoch, record, 3);
-        TlsUtils.writeUint48(recordSequenceNumber, record, 5);
-        TlsUtils.writeUint16(ciphertext.length, record, 11);
-        System.arraycopy(ciphertext, 0, record, RECORD_HEADER_LENGTH, ciphertext.length);
-
-        transport.send(record, 0, record.length);
-    }
-
-    private static long getMacSequenceNumber(int epoch, long sequence_number)
-    {
-        return ((epoch & 0xFFFFFFFFL) << 48) | sequence_number;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSReliableHandshake.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSReliableHandshake.java
deleted file mode 100644
index 1dfb4db..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSReliableHandshake.java
+++ /dev/null

@@ -1,437 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.util.Enumeration;
-import java.util.Hashtable;
-import java.util.Vector;
-
-import org.bouncycastle.util.Integers;
-
-class DTLSReliableHandshake
-{
-    private final static int MAX_RECEIVE_AHEAD = 16;
-    private static final int MESSAGE_HEADER_LENGTH = 12;
-
-    /*
-     * No 'final' modifiers so that it works in earlier JDKs
-     */
-    private DTLSRecordLayer recordLayer;
-
-    private TlsHandshakeHash handshakeHash;
-
-    private Hashtable currentInboundFlight = new Hashtable();
-    private Hashtable previousInboundFlight = null;
-    private Vector outboundFlight = new Vector();
-    private boolean sending = true;
-
-    private int message_seq = 0, next_receive_seq = 0;
-
-    DTLSReliableHandshake(TlsContext context, DTLSRecordLayer transport)
-    {
-        this.recordLayer = transport;
-        this.handshakeHash = new DeferredHash();
-        this.handshakeHash.init(context);
-    }
-
-    void notifyHelloComplete()
-    {
-        this.handshakeHash = handshakeHash.notifyPRFDetermined();
-    }
-
-    TlsHandshakeHash getHandshakeHash()
-    {
-        return handshakeHash;
-    }
-
-    TlsHandshakeHash prepareToFinish()
-    {
-        TlsHandshakeHash result = handshakeHash;
-        this.handshakeHash = handshakeHash.stopTracking();
-        return result;
-    }
-
-    void sendMessage(short msg_type, byte[] body)
-        throws IOException
-    {
-        TlsUtils.checkUint24(body.length);
-
-        if (!sending)
-        {
-            checkInboundFlight();
-            sending = true;
-            outboundFlight.removeAllElements();
-        }
-
-        Message message = new Message(message_seq++, msg_type, body);
-
-        outboundFlight.addElement(message);
-
-        writeMessage(message);
-        updateHandshakeMessagesDigest(message);
-    }
-
-    byte[] receiveMessageBody(short msg_type)
-        throws IOException
-    {
-        Message message = receiveMessage();
-        if (message.getType() != msg_type)
-        {
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-
-        return message.getBody();
-    }
-
-    Message receiveMessage()
-        throws IOException
-    {
-        if (sending)
-        {
-            sending = false;
-            prepareInboundFlight(new Hashtable());
-        }
-
-        byte[] buf = null;
-
-        // TODO Check the conditions under which we should reset this
-        int readTimeoutMillis = 1000;
-
-        for (;;)
-        {
-            try
-            {
-                for (;;)
-                {
-                    Message pending = getPendingMessage();
-                    if (pending != null)
-                    {
-                        return pending;
-                    }
-
-                    int receiveLimit = recordLayer.getReceiveLimit();
-                    if (buf == null || buf.length < receiveLimit)
-                    {
-                        buf = new byte[receiveLimit];
-                    }
-
-                    int received = recordLayer.receive(buf, 0, receiveLimit, readTimeoutMillis);
-                    if (received < 0)
-                    {
-                        break;
-                    }
-
-                    boolean resentOutbound = processRecord(MAX_RECEIVE_AHEAD, recordLayer.getReadEpoch(), buf, 0, received);
-                    if (resentOutbound)
-                    {
-                        readTimeoutMillis = backOff(readTimeoutMillis);
-                    }
-                }
-            }
-            catch (IOException e)
-            {
-                // NOTE: Assume this is a timeout for the moment
-            }
-
-            resendOutboundFlight();
-            readTimeoutMillis = backOff(readTimeoutMillis);
-        }
-    }
-
-    void finish()
-    {
-        DTLSHandshakeRetransmit retransmit = null;
-        if (!sending)
-        {
-            checkInboundFlight();
-        }
-        else
-        {
-            prepareInboundFlight(null);
-
-            if (previousInboundFlight != null)
-            {
-                /*
-                 * RFC 6347 4.2.4. In addition, for at least twice the default MSL defined for [TCP],
-                 * when in the FINISHED state, the node that transmits the last flight (the server in an
-                 * ordinary handshake or the client in a resumed handshake) MUST respond to a retransmit
-                 * of the peer's last flight with a retransmit of the last flight.
-                 */
-                retransmit = new DTLSHandshakeRetransmit()
-                {
-                    public void receivedHandshakeRecord(int epoch, byte[] buf, int off, int len)
-                        throws IOException
-                    {
-                        processRecord(0, epoch, buf, off, len);
-                    }
-                };
-            }
-        }
-
-        recordLayer.handshakeSuccessful(retransmit);
-    }
-
-    void resetHandshakeMessagesDigest()
-    {
-        handshakeHash.reset();
-    }
-
-    private int backOff(int timeoutMillis)
-    {
-        /*
-         * TODO[DTLS] implementations SHOULD back off handshake packet size during the
-         * retransmit backoff.
-         */
-        return Math.min(timeoutMillis * 2, 60000);
-    }
-
-    /**
-     * Check that there are no "extra" messages left in the current inbound flight
-     */
-    private void checkInboundFlight()
-    {
-        Enumeration e = currentInboundFlight.keys();
-        while (e.hasMoreElements())
-        {
-            Integer key = (Integer)e.nextElement();
-            if (key.intValue() >= next_receive_seq)
-            {
-                // TODO Should this be considered an error?
-            }
-        }
-    }
-
-    private Message getPendingMessage() throws IOException
-    {
-        DTLSReassembler next = (DTLSReassembler)currentInboundFlight.get(Integers.valueOf(next_receive_seq));
-        if (next != null)
-        {
-            byte[] body = next.getBodyIfComplete();
-            if (body != null)
-            {
-                previousInboundFlight = null;
-                return updateHandshakeMessagesDigest(new Message(next_receive_seq++, next.getMsgType(), body));
-            }
-        }
-        return null;
-    }
-
-    private void prepareInboundFlight(Hashtable nextFlight)
-    {
-        resetAll(currentInboundFlight);
-        previousInboundFlight = currentInboundFlight;
-        currentInboundFlight = nextFlight;
-    }
-
-    private boolean processRecord(int windowSize, int epoch, byte[] buf, int off, int len) throws IOException
-    {
-        boolean checkPreviousFlight = false;
-
-        while (len >= MESSAGE_HEADER_LENGTH)
-        {
-            int fragment_length = TlsUtils.readUint24(buf, off + 9);
-            int message_length = fragment_length + MESSAGE_HEADER_LENGTH;
-            if (len < message_length)
-            {
-                // NOTE: Truncated message - ignore it
-                break;
-            }
-
-            int length = TlsUtils.readUint24(buf, off + 1);
-            int fragment_offset = TlsUtils.readUint24(buf, off + 6);
-            if (fragment_offset + fragment_length > length)
-            {
-                // NOTE: Malformed fragment - ignore it and the rest of the record
-                break;
-            }
-
-            /*
-             * NOTE: This very simple epoch check will only work until we want to support
-             * renegotiation (and we're not likely to do that anyway).
-             */
-            short msg_type = TlsUtils.readUint8(buf, off + 0);
-            int expectedEpoch = msg_type == HandshakeType.finished ? 1 : 0;
-            if (epoch != expectedEpoch)
-            {
-                break;
-            }
-
-            int message_seq = TlsUtils.readUint16(buf, off + 4);
-            if (message_seq >= (next_receive_seq + windowSize))
-            {
-                // NOTE: Too far ahead - ignore
-            }
-            else if (message_seq >= next_receive_seq)
-            {
-                DTLSReassembler reassembler = (DTLSReassembler)currentInboundFlight.get(Integers.valueOf(message_seq));
-                if (reassembler == null)
-                {
-                    reassembler = new DTLSReassembler(msg_type, length);
-                    currentInboundFlight.put(Integers.valueOf(message_seq), reassembler);
-                }
-
-                reassembler.contributeFragment(msg_type, length, buf, off + MESSAGE_HEADER_LENGTH, fragment_offset,
-                    fragment_length);
-            }
-            else if (previousInboundFlight != null)
-            {
-                /*
-                 * NOTE: If we receive the previous flight of incoming messages in full again,
-                 * retransmit our last flight
-                 */
-
-                DTLSReassembler reassembler = (DTLSReassembler)previousInboundFlight.get(Integers.valueOf(message_seq));
-                if (reassembler != null)
-                {
-                    reassembler.contributeFragment(msg_type, length, buf, off + MESSAGE_HEADER_LENGTH, fragment_offset,
-                        fragment_length);
-                    checkPreviousFlight = true;
-                }
-            }
-
-            off += message_length;
-            len -= message_length;
-        }
-
-        boolean result = checkPreviousFlight && checkAll(previousInboundFlight);
-        if (result)
-        {
-            resendOutboundFlight();
-            resetAll(previousInboundFlight);
-        }
-        return result;
-    }
-
-    private void resendOutboundFlight()
-        throws IOException
-    {
-        recordLayer.resetWriteEpoch();
-        for (int i = 0; i < outboundFlight.size(); ++i)
-        {
-            writeMessage((Message)outboundFlight.elementAt(i));
-        }
-    }
-
-    private Message updateHandshakeMessagesDigest(Message message)
-        throws IOException
-    {
-        if (message.getType() != HandshakeType.hello_request)
-        {
-            byte[] body = message.getBody();
-            byte[] buf = new byte[MESSAGE_HEADER_LENGTH];
-            TlsUtils.writeUint8(message.getType(), buf, 0);
-            TlsUtils.writeUint24(body.length, buf, 1);
-            TlsUtils.writeUint16(message.getSeq(), buf, 4);
-            TlsUtils.writeUint24(0, buf, 6);
-            TlsUtils.writeUint24(body.length, buf, 9);
-            handshakeHash.update(buf, 0, buf.length);
-            handshakeHash.update(body, 0, body.length);
-        }
-        return message;
-    }
-
-    private void writeMessage(Message message)
-        throws IOException
-    {
-        int sendLimit = recordLayer.getSendLimit();
-        int fragmentLimit = sendLimit - MESSAGE_HEADER_LENGTH;
-
-        // TODO Support a higher minimum fragment size?
-        if (fragmentLimit < 1)
-        {
-            // TODO Should we be throwing an exception here?
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        int length = message.getBody().length;
-
-        // NOTE: Must still send a fragment if body is empty
-        int fragment_offset = 0;
-        do
-        {
-            int fragment_length = Math.min(length - fragment_offset, fragmentLimit);
-            writeHandshakeFragment(message, fragment_offset, fragment_length);
-            fragment_offset += fragment_length;
-        }
-        while (fragment_offset < length);
-    }
-
-    private void writeHandshakeFragment(Message message, int fragment_offset, int fragment_length)
-        throws IOException
-    {
-        RecordLayerBuffer fragment = new RecordLayerBuffer(MESSAGE_HEADER_LENGTH + fragment_length);
-        TlsUtils.writeUint8(message.getType(), fragment);
-        TlsUtils.writeUint24(message.getBody().length, fragment);
-        TlsUtils.writeUint16(message.getSeq(), fragment);
-        TlsUtils.writeUint24(fragment_offset, fragment);
-        TlsUtils.writeUint24(fragment_length, fragment);
-        fragment.write(message.getBody(), fragment_offset, fragment_length);
-
-        fragment.sendToRecordLayer(recordLayer);
-    }
-
-    private static boolean checkAll(Hashtable inboundFlight)
-    {
-        Enumeration e = inboundFlight.elements();
-        while (e.hasMoreElements())
-        {
-            if (((DTLSReassembler)e.nextElement()).getBodyIfComplete() == null)
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    private static void resetAll(Hashtable inboundFlight)
-    {
-        Enumeration e = inboundFlight.elements();
-        while (e.hasMoreElements())
-        {
-            ((DTLSReassembler)e.nextElement()).reset();
-        }
-    }
-
-    static class Message
-    {
-        private final int message_seq;
-        private final short msg_type;
-        private final byte[] body;
-
-        private Message(int message_seq, short msg_type, byte[] body)
-        {
-            this.message_seq = message_seq;
-            this.msg_type = msg_type;
-            this.body = body;
-        }
-
-        public int getSeq()
-        {
-            return message_seq;
-        }
-
-        public short getType()
-        {
-            return msg_type;
-        }
-
-        public byte[] getBody()
-        {
-            return body;
-        }
-    }
-
-    static class RecordLayerBuffer extends ByteArrayOutputStream
-    {
-        RecordLayerBuffer(int size)
-        {
-            super(size);
-        }
-
-        void sendToRecordLayer(DTLSRecordLayer recordLayer) throws IOException
-        {
-            recordLayer.send(buf, 0, count);
-            buf = null;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSReplayWindow.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSReplayWindow.java
deleted file mode 100644
index 06537aa..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSReplayWindow.java
+++ /dev/null

@@ -1,91 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/**
- * RFC 4347 4.1.2.5 Anti-replay
- * <p>
- * Support fast rejection of duplicate records by maintaining a sliding receive window
- * </p>
- */
-class DTLSReplayWindow
-{
-    private static final long VALID_SEQ_MASK = 0x0000FFFFFFFFFFFFL;
-
-    private static final long WINDOW_SIZE = 64L;
-
-    private long latestConfirmedSeq = -1;
-    private long bitmap = 0;
-
-    /**
-     * Check whether a received record with the given sequence number should be rejected as a duplicate.
-     *
-     * @param seq the 48-bit DTLSPlainText.sequence_number field of a received record.
-     * @return true if the record should be discarded without further processing.
-     */
-    boolean shouldDiscard(long seq)
-    {
-        if ((seq & VALID_SEQ_MASK) != seq)
-        {
-            return true;
-        }
-
-        if (seq <= latestConfirmedSeq)
-        {
-            long diff = latestConfirmedSeq - seq;
-            if (diff >= WINDOW_SIZE)
-            {
-                return true;
-            }
-            if ((bitmap & (1L << diff)) != 0)
-            {
-                return true;
-            }
-        }
-
-        return false;
-    }
-
-    /**
-     * Report that a received record with the given sequence number passed authentication checks.
-     *
-     * @param seq the 48-bit DTLSPlainText.sequence_number field of an authenticated record.
-     */
-    void reportAuthenticated(long seq)
-    {
-        if ((seq & VALID_SEQ_MASK) != seq)
-        {
-            throw new IllegalArgumentException("'seq' out of range");
-        }
-
-        if (seq <= latestConfirmedSeq)
-        {
-            long diff = latestConfirmedSeq - seq;
-            if (diff < WINDOW_SIZE)
-            {
-                bitmap |= (1L << diff);
-            }
-        }
-        else
-        {
-            long diff = seq - latestConfirmedSeq;
-            if (diff >= WINDOW_SIZE)
-            {
-                bitmap = 1;
-            }
-            else
-            {
-                bitmap <<= (int)diff;        // for earlier JDKs
-                bitmap |= 1;
-            }
-            latestConfirmedSeq = seq;
-        }
-    }
-
-    /**
-     * When a new epoch begins, sequence numbers begin again at 0
-     */
-    void reset()
-    {
-        latestConfirmedSeq = -1;
-        bitmap = 0;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java
deleted file mode 100644
index 6e3f79e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSServerProtocol.java
+++ /dev/null

@@ -1,761 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.security.SecureRandom;
-import java.util.Hashtable;
-import java.util.Vector;
-
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.util.PublicKeyFactory;
-import org.bouncycastle.util.Arrays;
-
-public class DTLSServerProtocol
-    extends DTLSProtocol
-{
-    protected boolean verifyRequests = true;
-
-    public DTLSServerProtocol(SecureRandom secureRandom)
-    {
-        super(secureRandom);
-    }
-
-    public boolean getVerifyRequests()
-    {
-        return verifyRequests;
-    }
-
-    public void setVerifyRequests(boolean verifyRequests)
-    {
-        this.verifyRequests = verifyRequests;
-    }
-
-    public DTLSTransport accept(TlsServer server, DatagramTransport transport)
-        throws IOException
-    {
-        if (server == null)
-        {
-            throw new IllegalArgumentException("'server' cannot be null");
-        }
-        if (transport == null)
-        {
-            throw new IllegalArgumentException("'transport' cannot be null");
-        }
-
-        SecurityParameters securityParameters = new SecurityParameters();
-        securityParameters.entity = ConnectionEnd.server;
-
-        ServerHandshakeState state = new ServerHandshakeState();
-        state.server = server;
-        state.serverContext = new TlsServerContextImpl(secureRandom, securityParameters);
-
-        securityParameters.serverRandom = TlsProtocol.createRandomBlock(server.shouldUseGMTUnixTime(),
-            state.serverContext.getNonceRandomGenerator());
-
-        server.init(state.serverContext);
-
-        DTLSRecordLayer recordLayer = new DTLSRecordLayer(transport, state.serverContext, server, ContentType.handshake);
-
-        // TODO Need to handle sending of HelloVerifyRequest without entering a full connection
-
-        try
-        {
-            return serverHandshake(state, recordLayer);
-        }
-        catch (TlsFatalAlert fatalAlert)
-        {
-            abortServerHandshake(state, recordLayer, fatalAlert.getAlertDescription());
-            throw fatalAlert;
-        }
-        catch (IOException e)
-        {
-            abortServerHandshake(state, recordLayer, AlertDescription.internal_error);
-            throw e;
-        }
-        catch (RuntimeException e)
-        {
-            abortServerHandshake(state, recordLayer, AlertDescription.internal_error);
-            throw new TlsFatalAlert(AlertDescription.internal_error, e);
-        }
-        finally
-        {
-            securityParameters.clear();
-        }
-    }
-
-    protected void abortServerHandshake(ServerHandshakeState state, DTLSRecordLayer recordLayer, short alertDescription)
-    {
-        recordLayer.fail(alertDescription);
-        invalidateSession(state);
-    }
-
-    protected DTLSTransport serverHandshake(ServerHandshakeState state, DTLSRecordLayer recordLayer)
-        throws IOException
-    {
-        SecurityParameters securityParameters = state.serverContext.getSecurityParameters();
-        DTLSReliableHandshake handshake = new DTLSReliableHandshake(state.serverContext, recordLayer);
-
-        DTLSReliableHandshake.Message clientMessage = handshake.receiveMessage();
-
-        // NOTE: DTLSRecordLayer requires any DTLS version, we don't otherwise constrain this
-//        ProtocolVersion recordLayerVersion = recordLayer.getReadVersion();
-
-        if (clientMessage.getType() == HandshakeType.client_hello)
-        {
-            processClientHello(state, clientMessage.getBody());
-        }
-        else
-        {
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-
-        {
-            byte[] serverHelloBody = generateServerHello(state);
-
-            applyMaxFragmentLengthExtension(recordLayer, securityParameters.maxFragmentLength);
-
-            ProtocolVersion recordLayerVersion = state.serverContext.getServerVersion();
-            recordLayer.setReadVersion(recordLayerVersion);
-            recordLayer.setWriteVersion(recordLayerVersion);
-
-            handshake.sendMessage(HandshakeType.server_hello, serverHelloBody);
-        }
-
-        handshake.notifyHelloComplete();
-
-        Vector serverSupplementalData = state.server.getServerSupplementalData();
-        if (serverSupplementalData != null)
-        {
-            byte[] supplementalDataBody = generateSupplementalData(serverSupplementalData);
-            handshake.sendMessage(HandshakeType.supplemental_data, supplementalDataBody);
-        }
-
-        state.keyExchange = state.server.getKeyExchange();
-        state.keyExchange.init(state.serverContext);
-
-        state.serverCredentials = state.server.getCredentials();
-
-        Certificate serverCertificate = null;
-
-        if (state.serverCredentials == null)
-        {
-            state.keyExchange.skipServerCredentials();
-        }
-        else
-        {
-            state.keyExchange.processServerCredentials(state.serverCredentials);
-
-            serverCertificate = state.serverCredentials.getCertificate();
-            byte[] certificateBody = generateCertificate(serverCertificate);
-            handshake.sendMessage(HandshakeType.certificate, certificateBody);
-        }
-
-        // TODO[RFC 3546] Check whether empty certificates is possible, allowed, or excludes CertificateStatus
-        if (serverCertificate == null || serverCertificate.isEmpty())
-        {
-            state.allowCertificateStatus = false;
-        }
-
-        if (state.allowCertificateStatus)
-        {
-            CertificateStatus certificateStatus = state.server.getCertificateStatus();
-            if (certificateStatus != null)
-            {
-                byte[] certificateStatusBody = generateCertificateStatus(state, certificateStatus);
-                handshake.sendMessage(HandshakeType.certificate_status, certificateStatusBody);
-            }
-        }
-
-        byte[] serverKeyExchange = state.keyExchange.generateServerKeyExchange();
-        if (serverKeyExchange != null)
-        {
-            handshake.sendMessage(HandshakeType.server_key_exchange, serverKeyExchange);
-        }
-
-        if (state.serverCredentials != null)
-        {
-            state.certificateRequest = state.server.getCertificateRequest();
-            if (state.certificateRequest != null)
-            {
-                if (TlsUtils.isTLSv12(state.serverContext) != (state.certificateRequest.getSupportedSignatureAlgorithms() != null))
-                {
-                    throw new TlsFatalAlert(AlertDescription.internal_error);
-                }
-
-                state.keyExchange.validateCertificateRequest(state.certificateRequest);
-
-                byte[] certificateRequestBody = generateCertificateRequest(state, state.certificateRequest);
-                handshake.sendMessage(HandshakeType.certificate_request, certificateRequestBody);
-
-                TlsUtils.trackHashAlgorithms(handshake.getHandshakeHash(),
-                    state.certificateRequest.getSupportedSignatureAlgorithms());
-            }
-        }
-
-        handshake.sendMessage(HandshakeType.server_hello_done, TlsUtils.EMPTY_BYTES);
-
-        handshake.getHandshakeHash().sealHashAlgorithms();
-
-        clientMessage = handshake.receiveMessage();
-
-        if (clientMessage.getType() == HandshakeType.supplemental_data)
-        {
-            processClientSupplementalData(state, clientMessage.getBody());
-            clientMessage = handshake.receiveMessage();
-        }
-        else
-        {
-            state.server.processClientSupplementalData(null);
-        }
-
-        if (state.certificateRequest == null)
-        {
-            state.keyExchange.skipClientCredentials();
-        }
-        else
-        {
-            if (clientMessage.getType() == HandshakeType.certificate)
-            {
-                processClientCertificate(state, clientMessage.getBody());
-                clientMessage = handshake.receiveMessage();
-            }
-            else
-            {
-                if (TlsUtils.isTLSv12(state.serverContext))
-                {
-                    /*
-                     * RFC 5246 If no suitable certificate is available, the client MUST send a
-                     * certificate message containing no certificates.
-                     * 
-                     * NOTE: In previous RFCs, this was SHOULD instead of MUST.
-                     */
-                    throw new TlsFatalAlert(AlertDescription.unexpected_message);
-                }
-
-                notifyClientCertificate(state, Certificate.EMPTY_CHAIN);
-            }
-        }
-
-        if (clientMessage.getType() == HandshakeType.client_key_exchange)
-        {
-            processClientKeyExchange(state, clientMessage.getBody());
-        }
-        else
-        {
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-
-        TlsHandshakeHash prepareFinishHash = handshake.prepareToFinish();
-        securityParameters.sessionHash = TlsProtocol.getCurrentPRFHash(state.serverContext, prepareFinishHash, null);
-
-        TlsProtocol.establishMasterSecret(state.serverContext, state.keyExchange);
-        recordLayer.initPendingEpoch(state.server.getCipher());
-
-        /*
-         * RFC 5246 7.4.8 This message is only sent following a client certificate that has signing
-         * capability (i.e., all certificates except those containing fixed Diffie-Hellman
-         * parameters).
-         */
-        if (expectCertificateVerifyMessage(state))
-        {
-            byte[] certificateVerifyBody = handshake.receiveMessageBody(HandshakeType.certificate_verify);
-            processCertificateVerify(state, certificateVerifyBody, prepareFinishHash);
-        }
-
-        // NOTE: Calculated exclusive of the actual Finished message from the client
-        byte[] expectedClientVerifyData = TlsUtils.calculateVerifyData(state.serverContext, ExporterLabel.client_finished,
-            TlsProtocol.getCurrentPRFHash(state.serverContext, handshake.getHandshakeHash(), null));
-        processFinished(handshake.receiveMessageBody(HandshakeType.finished), expectedClientVerifyData);
-
-        if (state.expectSessionTicket)
-        {
-            NewSessionTicket newSessionTicket = state.server.getNewSessionTicket();
-            byte[] newSessionTicketBody = generateNewSessionTicket(state, newSessionTicket);
-            handshake.sendMessage(HandshakeType.session_ticket, newSessionTicketBody);
-        }
-
-        // NOTE: Calculated exclusive of the Finished message itself
-        byte[] serverVerifyData = TlsUtils.calculateVerifyData(state.serverContext, ExporterLabel.server_finished,
-            TlsProtocol.getCurrentPRFHash(state.serverContext, handshake.getHandshakeHash(), null));
-        handshake.sendMessage(HandshakeType.finished, serverVerifyData);
-
-        handshake.finish();
-
-//        {
-//            state.sessionParameters = new SessionParameters.Builder()
-//                .setCipherSuite(securityParameters.getCipherSuite())
-//                .setCompressionAlgorithm(securityParameters.getCompressionAlgorithm())
-//                .setExtendedMasterSecret(securityParameters.isExtendedMasterSecret())
-//                .setMasterSecret(securityParameters.getMasterSecret())
-//                .setPeerCertificate(state.clientCertificate)
-//                .setPSKIdentity(securityParameters.getPSKIdentity())
-//                .setSRPIdentity(securityParameters.getSRPIdentity())
-//                // TODO Consider filtering extensions that aren't relevant to resumed sessions
-//                .setServerExtensions(state.serverExtensions)
-//                .build();
-//
-//            state.tlsSession = TlsUtils.importSession(state.tlsSession.getSessionID(), state.sessionParameters);
-//
-//            state.serverContext.setResumableSession(state.tlsSession);
-//        }
-
-        state.server.notifyHandshakeComplete();
-
-        return new DTLSTransport(recordLayer);
-    }
-
-    protected byte[] generateCertificateRequest(ServerHandshakeState state, CertificateRequest certificateRequest)
-        throws IOException
-    {
-        ByteArrayOutputStream buf = new ByteArrayOutputStream();
-        certificateRequest.encode(buf);
-        return buf.toByteArray();
-    }
-
-    protected byte[] generateCertificateStatus(ServerHandshakeState state, CertificateStatus certificateStatus)
-        throws IOException
-    {
-        ByteArrayOutputStream buf = new ByteArrayOutputStream();
-        certificateStatus.encode(buf);
-        return buf.toByteArray();
-    }
-
-    protected byte[] generateNewSessionTicket(ServerHandshakeState state, NewSessionTicket newSessionTicket)
-        throws IOException
-    {
-        ByteArrayOutputStream buf = new ByteArrayOutputStream();
-        newSessionTicket.encode(buf);
-        return buf.toByteArray();
-    }
-
-    protected byte[] generateServerHello(ServerHandshakeState state)
-        throws IOException
-    {
-        SecurityParameters securityParameters = state.serverContext.getSecurityParameters();
-
-        ByteArrayOutputStream buf = new ByteArrayOutputStream();
-
-        {
-            ProtocolVersion server_version = state.server.getServerVersion();
-            if (!server_version.isEqualOrEarlierVersionOf(state.serverContext.getClientVersion()))
-            {
-                throw new TlsFatalAlert(AlertDescription.internal_error);
-            }
-    
-            // TODO Read RFCs for guidance on the expected record layer version number
-            // recordStream.setReadVersion(server_version);
-            // recordStream.setWriteVersion(server_version);
-            // recordStream.setRestrictReadVersion(true);
-            state.serverContext.setServerVersion(server_version);
-    
-            TlsUtils.writeVersion(state.serverContext.getServerVersion(), buf);
-        }
-
-        buf.write(securityParameters.getServerRandom());
-
-        /*
-         * The server may return an empty session_id to indicate that the session will not be cached
-         * and therefore cannot be resumed.
-         */
-        TlsUtils.writeOpaque8(TlsUtils.EMPTY_BYTES, buf);
-
-        int selectedCipherSuite = state.server.getSelectedCipherSuite();
-        if (!Arrays.contains(state.offeredCipherSuites, selectedCipherSuite)
-            || selectedCipherSuite == CipherSuite.TLS_NULL_WITH_NULL_NULL
-            || CipherSuite.isSCSV(selectedCipherSuite)
-            || !TlsUtils.isValidCipherSuiteForVersion(selectedCipherSuite, state.serverContext.getServerVersion()))
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-        validateSelectedCipherSuite(selectedCipherSuite, AlertDescription.internal_error);
-        securityParameters.cipherSuite = selectedCipherSuite;
-
-        short selectedCompressionMethod = state.server.getSelectedCompressionMethod();
-        if (!Arrays.contains(state.offeredCompressionMethods, selectedCompressionMethod))
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-        securityParameters.compressionAlgorithm = selectedCompressionMethod;
-
-        TlsUtils.writeUint16(selectedCipherSuite, buf);
-        TlsUtils.writeUint8(selectedCompressionMethod, buf);
-
-        state.serverExtensions = TlsExtensionsUtils.ensureExtensionsInitialised(state.server.getServerExtensions());
-
-        /*
-         * RFC 5746 3.6. Server Behavior: Initial Handshake
-         */
-        if (state.secure_renegotiation)
-        {
-            byte[] renegExtData = TlsUtils.getExtensionData(state.serverExtensions, TlsProtocol.EXT_RenegotiationInfo);
-            boolean noRenegExt = (null == renegExtData);
-
-            if (noRenegExt)
-            {
-                /*
-                 * Note that sending a "renegotiation_info" extension in response to a ClientHello
-                 * containing only the SCSV is an explicit exception to the prohibition in RFC 5246,
-                 * Section 7.4.1.4, on the server sending unsolicited extensions and is only allowed
-                 * because the client is signaling its willingness to receive the extension via the
-                 * TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV.
-                 */
-
-                /*
-                 * If the secure_renegotiation flag is set to TRUE, the server MUST include an empty
-                 * "renegotiation_info" extension in the ServerHello message.
-                 */
-                state.serverExtensions.put(TlsProtocol.EXT_RenegotiationInfo,
-                    TlsProtocol.createRenegotiationInfo(TlsUtils.EMPTY_BYTES));
-            }
-        }
-
-        if (securityParameters.isExtendedMasterSecret())
-        {
-            TlsExtensionsUtils.addExtendedMasterSecretExtension(state.serverExtensions);
-        }
-
-        /*
-         * TODO RFC 3546 2.3 If [...] the older session is resumed, then the server MUST ignore
-         * extensions appearing in the client hello, and send a server hello containing no
-         * extensions.
-         */
-
-        if (!state.serverExtensions.isEmpty())
-        {
-            securityParameters.encryptThenMAC = TlsExtensionsUtils.hasEncryptThenMACExtension(state.serverExtensions);
-
-            securityParameters.maxFragmentLength = evaluateMaxFragmentLengthExtension(state.resumedSession,
-                state.clientExtensions, state.serverExtensions, AlertDescription.internal_error);
-
-            securityParameters.truncatedHMac = TlsExtensionsUtils.hasTruncatedHMacExtension(state.serverExtensions);
-
-            /*
-             * TODO It's surprising that there's no provision to allow a 'fresh' CertificateStatus to be sent in
-             * a session resumption handshake.
-             */
-            state.allowCertificateStatus = !state.resumedSession
-                && TlsUtils.hasExpectedEmptyExtensionData(state.serverExtensions,
-                    TlsExtensionsUtils.EXT_status_request, AlertDescription.internal_error);
-
-            state.expectSessionTicket = !state.resumedSession
-                && TlsUtils.hasExpectedEmptyExtensionData(state.serverExtensions, TlsProtocol.EXT_SessionTicket,
-                    AlertDescription.internal_error);
-
-            TlsProtocol.writeExtensions(buf, state.serverExtensions);
-        }
-
-        securityParameters.prfAlgorithm = TlsProtocol.getPRFAlgorithm(state.serverContext,
-            securityParameters.getCipherSuite());
-
-        /*
-         * RFC 5246 7.4.9. Any cipher suite which does not explicitly specify verify_data_length
-         * has a verify_data_length equal to 12. This includes all existing cipher suites.
-         */
-        securityParameters.verifyDataLength = 12;
-
-        return buf.toByteArray();
-    }
-
-    protected void invalidateSession(ServerHandshakeState state)
-    {
-        if (state.sessionParameters != null)
-        {
-            state.sessionParameters.clear();
-            state.sessionParameters = null;
-        }
-
-        if (state.tlsSession != null)
-        {
-            state.tlsSession.invalidate();
-            state.tlsSession = null;
-        }
-    }
-
-    protected void notifyClientCertificate(ServerHandshakeState state, Certificate clientCertificate)
-        throws IOException
-    {
-        if (state.certificateRequest == null)
-        {
-            throw new IllegalStateException();
-        }
-
-        if (state.clientCertificate != null)
-        {
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-
-        state.clientCertificate = clientCertificate;
-
-        if (clientCertificate.isEmpty())
-        {
-            state.keyExchange.skipClientCredentials();
-        }
-        else
-        {
-
-            /*
-             * TODO RFC 5246 7.4.6. If the certificate_authorities list in the certificate request
-             * message was non-empty, one of the certificates in the certificate chain SHOULD be
-             * issued by one of the listed CAs.
-             */
-
-            state.clientCertificateType = TlsUtils.getClientCertificateType(clientCertificate,
-                state.serverCredentials.getCertificate());
-
-            state.keyExchange.processClientCertificate(clientCertificate);
-        }
-
-        /*
-         * RFC 5246 7.4.6. If the client does not send any certificates, the server MAY at its
-         * discretion either continue the handshake without client authentication, or respond with a
-         * fatal handshake_failure alert. Also, if some aspect of the certificate chain was
-         * unacceptable (e.g., it was not signed by a known, trusted CA), the server MAY at its
-         * discretion either continue the handshake (considering the client unauthenticated) or send
-         * a fatal alert.
-         */
-        state.server.notifyClientCertificate(clientCertificate);
-    }
-
-    protected void processClientCertificate(ServerHandshakeState state, byte[] body)
-        throws IOException
-    {
-        ByteArrayInputStream buf = new ByteArrayInputStream(body);
-
-        Certificate clientCertificate = Certificate.parse(buf);
-
-        TlsProtocol.assertEmpty(buf);
-
-        notifyClientCertificate(state, clientCertificate);
-    }
-
-    protected void processCertificateVerify(ServerHandshakeState state, byte[] body, TlsHandshakeHash prepareFinishHash)
-        throws IOException
-    {
-        if (state.certificateRequest == null)
-        {
-            throw new IllegalStateException();
-        }
-
-        ByteArrayInputStream buf = new ByteArrayInputStream(body);
-
-        TlsServerContextImpl context = state.serverContext;
-        DigitallySigned clientCertificateVerify = DigitallySigned.parse(context, buf);
-
-        TlsProtocol.assertEmpty(buf);
-
-        // Verify the CertificateVerify message contains a correct signature.
-        try
-        {
-            SignatureAndHashAlgorithm signatureAlgorithm = clientCertificateVerify.getAlgorithm();
-
-            byte[] hash;
-            if (TlsUtils.isTLSv12(context))
-            {
-                TlsUtils.verifySupportedSignatureAlgorithm(state.certificateRequest.getSupportedSignatureAlgorithms(), signatureAlgorithm);
-                hash = prepareFinishHash.getFinalHash(signatureAlgorithm.getHash());
-            }
-            else
-            {
-                hash = context.getSecurityParameters().getSessionHash();
-            }
-
-            org.bouncycastle.asn1.x509.Certificate x509Cert = state.clientCertificate.getCertificateAt(0);
-            SubjectPublicKeyInfo keyInfo = x509Cert.getSubjectPublicKeyInfo();
-            AsymmetricKeyParameter publicKey = PublicKeyFactory.createKey(keyInfo);
-
-            TlsSigner tlsSigner = TlsUtils.createTlsSigner(state.clientCertificateType);
-            tlsSigner.init(context);
-            if (!tlsSigner.verifyRawSignature(signatureAlgorithm, clientCertificateVerify.getSignature(), publicKey, hash))
-            {
-                throw new TlsFatalAlert(AlertDescription.decrypt_error);
-            }
-        }
-        catch (TlsFatalAlert e)
-        {
-            throw e;
-        }
-        catch (Exception e)
-        {
-            throw new TlsFatalAlert(AlertDescription.decrypt_error, e);
-        }
-    }
-
-    protected void processClientHello(ServerHandshakeState state, byte[] body)
-        throws IOException
-    {
-        ByteArrayInputStream buf = new ByteArrayInputStream(body);
-
-        // TODO Read RFCs for guidance on the expected record layer version number
-        ProtocolVersion client_version = TlsUtils.readVersion(buf);
-        if (!client_version.isDTLS())
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-
-        /*
-         * Read the client random
-         */
-        byte[] client_random = TlsUtils.readFully(32, buf);
-
-        byte[] sessionID = TlsUtils.readOpaque8(buf);
-        if (sessionID.length > 32)
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-
-        // TODO RFC 4347 has the cookie length restricted to 32, but not in RFC 6347
-        byte[] cookie = TlsUtils.readOpaque8(buf);
-
-        int cipher_suites_length = TlsUtils.readUint16(buf);
-        if (cipher_suites_length < 2 || (cipher_suites_length & 1) != 0)
-        {
-            throw new TlsFatalAlert(AlertDescription.decode_error);
-        }
-
-        /*
-         * NOTE: "If the session_id field is not empty (implying a session resumption request) this
-         * vector must include at least the cipher_suite from that session."
-         */
-        state.offeredCipherSuites = TlsUtils.readUint16Array(cipher_suites_length / 2, buf);
-
-        int compression_methods_length = TlsUtils.readUint8(buf);
-        if (compression_methods_length < 1)
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-
-        state.offeredCompressionMethods = TlsUtils.readUint8Array(compression_methods_length, buf);
-
-        /*
-         * TODO RFC 3546 2.3 If [...] the older session is resumed, then the server MUST ignore
-         * extensions appearing in the client hello, and send a server hello containing no
-         * extensions.
-         */
-        state.clientExtensions = TlsProtocol.readExtensions(buf);
-
-        TlsServerContextImpl context = state.serverContext;
-        SecurityParameters securityParameters = context.getSecurityParameters();
-
-        /*
-         * TODO[resumption] Check RFC 7627 5.4. for required behaviour 
-         */
-
-        /*
-         * RFC 7627 4. Clients and servers SHOULD NOT accept handshakes that do not use the extended
-         * master secret [..]. (and see 5.2, 5.3)
-         */
-        securityParameters.extendedMasterSecret = TlsExtensionsUtils.hasExtendedMasterSecretExtension(state.clientExtensions);
-        if (!securityParameters.isExtendedMasterSecret() && state.server.requiresExtendedMasterSecret())
-        {
-            throw new TlsFatalAlert(AlertDescription.handshake_failure);
-        }
-
-        context.setClientVersion(client_version);
-
-        state.server.notifyClientVersion(client_version);
-        state.server.notifyFallback(Arrays.contains(state.offeredCipherSuites, CipherSuite.TLS_FALLBACK_SCSV));
-
-        securityParameters.clientRandom = client_random;
-
-        state.server.notifyOfferedCipherSuites(state.offeredCipherSuites);
-        state.server.notifyOfferedCompressionMethods(state.offeredCompressionMethods);
-
-        /*
-         * RFC 5746 3.6. Server Behavior: Initial Handshake
-         */
-        {
-            /*
-             * RFC 5746 3.4. The client MUST include either an empty "renegotiation_info" extension,
-             * or the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling cipher suite value in the
-             * ClientHello. Including both is NOT RECOMMENDED.
-             */
-
-            /*
-             * When a ClientHello is received, the server MUST check if it includes the
-             * TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV. If it does, set the secure_renegotiation flag
-             * to TRUE.
-             */
-            if (Arrays.contains(state.offeredCipherSuites, CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV))
-            {
-                state.secure_renegotiation = true;
-            }
-
-            /*
-             * The server MUST check if the "renegotiation_info" extension is included in the
-             * ClientHello.
-             */
-            byte[] renegExtData = TlsUtils.getExtensionData(state.clientExtensions, TlsProtocol.EXT_RenegotiationInfo);
-            if (renegExtData != null)
-            {
-                /*
-                 * If the extension is present, set secure_renegotiation flag to TRUE. The
-                 * server MUST then verify that the length of the "renegotiated_connection"
-                 * field is zero, and if it is not, MUST abort the handshake.
-                 */
-                state.secure_renegotiation = true;
-
-                if (!Arrays.constantTimeAreEqual(renegExtData, TlsProtocol.createRenegotiationInfo(TlsUtils.EMPTY_BYTES)))
-                {
-                    throw new TlsFatalAlert(AlertDescription.handshake_failure);
-                }
-            }
-        }
-
-        state.server.notifySecureRenegotiation(state.secure_renegotiation);
-
-        if (state.clientExtensions != null)
-        {
-            // NOTE: Validates the padding extension data, if present
-            TlsExtensionsUtils.getPaddingExtension(state.clientExtensions);
-
-            state.server.processClientExtensions(state.clientExtensions);
-        }
-    }
-
-    protected void processClientKeyExchange(ServerHandshakeState state, byte[] body)
-        throws IOException
-    {
-        ByteArrayInputStream buf = new ByteArrayInputStream(body);
-
-        state.keyExchange.processClientKeyExchange(buf);
-
-        TlsProtocol.assertEmpty(buf);
-    }
-
-    protected void processClientSupplementalData(ServerHandshakeState state, byte[] body)
-        throws IOException
-    {
-        ByteArrayInputStream buf = new ByteArrayInputStream(body);
-        Vector clientSupplementalData = TlsProtocol.readSupplementalDataMessage(buf);
-        state.server.processClientSupplementalData(clientSupplementalData);
-    }
-
-    protected boolean expectCertificateVerifyMessage(ServerHandshakeState state)
-    {
-        return state.clientCertificateType >= 0 && TlsUtils.hasSigningCapability(state.clientCertificateType);
-    }
-
-    protected static class ServerHandshakeState
-    {
-        TlsServer server = null;
-        TlsServerContextImpl serverContext = null;
-        TlsSession tlsSession = null;
-        SessionParameters sessionParameters = null;
-        SessionParameters.Builder sessionParametersBuilder = null;
-        int[] offeredCipherSuites = null;
-        short[] offeredCompressionMethods = null;
-        Hashtable clientExtensions = null;
-        Hashtable serverExtensions = null;
-        boolean resumedSession = false;
-        boolean secure_renegotiation = false;
-        boolean allowCertificateStatus = false;
-        boolean expectSessionTicket = false;
-        TlsKeyExchange keyExchange = null;
-        TlsCredentials serverCredentials = null;
-        CertificateRequest certificateRequest = null;
-        short clientCertificateType = -1;
-        Certificate clientCertificate = null;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSTransport.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSTransport.java
deleted file mode 100644
index ea790aa..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DTLSTransport.java
+++ /dev/null

@@ -1,80 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-
-public class DTLSTransport
-    implements DatagramTransport
-{
-    private final DTLSRecordLayer recordLayer;
-
-    DTLSTransport(DTLSRecordLayer recordLayer)
-    {
-        this.recordLayer = recordLayer;
-    }
-
-    public int getReceiveLimit()
-        throws IOException
-    {
-        return recordLayer.getReceiveLimit();
-    }
-
-    public int getSendLimit()
-        throws IOException
-    {
-        return recordLayer.getSendLimit();
-    }
-
-    public int receive(byte[] buf, int off, int len, int waitMillis)
-        throws IOException
-    {
-        try
-        {
-            return recordLayer.receive(buf, off, len, waitMillis);
-        }
-        catch (TlsFatalAlert fatalAlert)
-        {
-            recordLayer.fail(fatalAlert.getAlertDescription());
-            throw fatalAlert;
-        }
-        catch (IOException e)
-        {
-            recordLayer.fail(AlertDescription.internal_error);
-            throw e;
-        }
-        catch (RuntimeException e)
-        {
-            recordLayer.fail(AlertDescription.internal_error);
-            throw new TlsFatalAlert(AlertDescription.internal_error, e);
-        }
-    }
-
-    public void send(byte[] buf, int off, int len)
-        throws IOException
-    {
-        try
-        {
-            recordLayer.send(buf, off, len);
-        }
-        catch (TlsFatalAlert fatalAlert)
-        {
-            recordLayer.fail(fatalAlert.getAlertDescription());
-            throw fatalAlert;
-        }
-        catch (IOException e)
-        {
-            recordLayer.fail(AlertDescription.internal_error);
-            throw e;
-        }
-        catch (RuntimeException e)
-        {
-            recordLayer.fail(AlertDescription.internal_error);
-            throw new TlsFatalAlert(AlertDescription.internal_error, e);
-        }
-    }
-
-    public void close()
-        throws IOException
-    {
-        recordLayer.close();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DatagramTransport.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/DatagramTransport.java
deleted file mode 100644
index 3954cdb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DatagramTransport.java
+++ /dev/null

@@ -1,24 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-
-/**
- * Base interface for an object sending and receiving DTLS data.
- */
-public interface DatagramTransport
-{
-    int getReceiveLimit()
-        throws IOException;
-
-    int getSendLimit()
-        throws IOException;
-
-    int receive(byte[] buf, int off, int len, int waitMillis)
-        throws IOException;
-
-    void send(byte[] buf, int off, int len)
-        throws IOException;
-
-    void close()
-        throws IOException;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsAgreementCredentials.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsAgreementCredentials.java
deleted file mode 100644
index 78afb41..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsAgreementCredentials.java
+++ /dev/null

@@ -1,78 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.BasicAgreement;
-import org.bouncycastle.crypto.agreement.DHBasicAgreement;
-import org.bouncycastle.crypto.agreement.ECDHBasicAgreement;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.DHPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.util.BigIntegers;
-
-public class DefaultTlsAgreementCredentials
-    extends AbstractTlsAgreementCredentials
-{
-    protected Certificate certificate;
-    protected AsymmetricKeyParameter privateKey;
-
-    protected BasicAgreement basicAgreement;
-    protected boolean truncateAgreement;
-
-    public DefaultTlsAgreementCredentials(Certificate certificate, AsymmetricKeyParameter privateKey)
-    {
-        if (certificate == null)
-        {
-            throw new IllegalArgumentException("'certificate' cannot be null");
-        }
-        if (certificate.isEmpty())
-        {
-            throw new IllegalArgumentException("'certificate' cannot be empty");
-        }
-        if (privateKey == null)
-        {
-            throw new IllegalArgumentException("'privateKey' cannot be null");
-        }
-        if (!privateKey.isPrivate())
-        {
-            throw new IllegalArgumentException("'privateKey' must be private");
-        }
-
-        if (privateKey instanceof DHPrivateKeyParameters)
-        {
-            basicAgreement = new DHBasicAgreement();
-            truncateAgreement = true;
-        }
-        else if (privateKey instanceof ECPrivateKeyParameters)
-        {
-            basicAgreement = new ECDHBasicAgreement();
-            truncateAgreement = false;
-        }
-        else
-        {
-            throw new IllegalArgumentException("'privateKey' type not supported: "
-                + privateKey.getClass().getName());
-        }
-
-        this.certificate = certificate;
-        this.privateKey = privateKey;
-    }
-
-    public Certificate getCertificate()
-    {
-        return certificate;
-    }
-
-    public byte[] generateAgreement(AsymmetricKeyParameter peerPublicKey)
-    {
-        basicAgreement.init(privateKey);
-        BigInteger agreementValue = basicAgreement.calculateAgreement(peerPublicKey);
-
-        if (truncateAgreement)
-        {
-            return BigIntegers.asUnsignedByteArray(agreementValue);
-        }
-
-        return BigIntegers.asUnsignedByteArray(basicAgreement.getFieldSize(), agreementValue);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsCipherFactory.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsCipherFactory.java
deleted file mode 100644
index f8a7993..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsCipherFactory.java
+++ /dev/null

@@ -1,235 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.StreamCipher;
-import org.bouncycastle.crypto.engines.AESEngine;
-import org.bouncycastle.crypto.engines.CamelliaEngine;
-import org.bouncycastle.crypto.engines.DESedeEngine;
-import org.bouncycastle.crypto.engines.RC4Engine;
-import org.bouncycastle.crypto.engines.SEEDEngine;
-import org.bouncycastle.crypto.engines.Salsa20Engine;
-import org.bouncycastle.crypto.modes.AEADBlockCipher;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.modes.CCMBlockCipher;
-import org.bouncycastle.crypto.modes.GCMBlockCipher;
-import org.bouncycastle.crypto.modes.OCBBlockCipher;
-
-public class DefaultTlsCipherFactory
-    extends AbstractTlsCipherFactory
-{
-    public TlsCipher createCipher(TlsContext context, int encryptionAlgorithm, int macAlgorithm)
-        throws IOException
-    {
-        switch (encryptionAlgorithm)
-        {
-        case EncryptionAlgorithm._3DES_EDE_CBC:
-            return createDESedeCipher(context, macAlgorithm);
-        case EncryptionAlgorithm.AES_128_CBC:
-            return createAESCipher(context, 16, macAlgorithm);
-        case EncryptionAlgorithm.AES_128_CCM:
-            // NOTE: Ignores macAlgorithm
-            return createCipher_AES_CCM(context, 16, 16);
-        case EncryptionAlgorithm.AES_128_CCM_8:
-            // NOTE: Ignores macAlgorithm
-            return createCipher_AES_CCM(context, 16, 8);
-        case EncryptionAlgorithm.AES_128_GCM:
-            // NOTE: Ignores macAlgorithm
-            return createCipher_AES_GCM(context, 16, 16);
-        case EncryptionAlgorithm.AES_128_OCB_TAGLEN96:
-            // NOTE: Ignores macAlgorithm
-            return createCipher_AES_OCB(context, 16, 12);
-        case EncryptionAlgorithm.AES_256_CBC:
-            return createAESCipher(context, 32, macAlgorithm);
-        case EncryptionAlgorithm.AES_256_CCM:
-            // NOTE: Ignores macAlgorithm
-            return createCipher_AES_CCM(context, 32, 16);
-        case EncryptionAlgorithm.AES_256_CCM_8:
-            // NOTE: Ignores macAlgorithm
-            return createCipher_AES_CCM(context, 32, 8);
-        case EncryptionAlgorithm.AES_256_GCM:
-            // NOTE: Ignores macAlgorithm
-            return createCipher_AES_GCM(context, 32, 16);
-        case EncryptionAlgorithm.AES_256_OCB_TAGLEN96:
-            // NOTE: Ignores macAlgorithm
-            return createCipher_AES_OCB(context, 32, 12);
-        case EncryptionAlgorithm.CAMELLIA_128_CBC:
-            return createCamelliaCipher(context, 16, macAlgorithm);
-        case EncryptionAlgorithm.CAMELLIA_128_GCM:
-            // NOTE: Ignores macAlgorithm
-            return createCipher_Camellia_GCM(context, 16, 16);
-        case EncryptionAlgorithm.CAMELLIA_256_CBC:
-            return createCamelliaCipher(context, 32, macAlgorithm);
-        case EncryptionAlgorithm.CAMELLIA_256_GCM:
-            // NOTE: Ignores macAlgorithm
-            return createCipher_Camellia_GCM(context, 32, 16);
-        case EncryptionAlgorithm.CHACHA20_POLY1305:
-            // NOTE: Ignores macAlgorithm
-            return createChaCha20Poly1305(context);
-        case EncryptionAlgorithm.NULL:
-            return createNullCipher(context, macAlgorithm);
-        case EncryptionAlgorithm.RC4_128:
-            return createRC4Cipher(context, 16, macAlgorithm);
-        case EncryptionAlgorithm.SEED_CBC:
-            return createSEEDCipher(context, macAlgorithm);
-        default:
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    protected TlsBlockCipher createAESCipher(TlsContext context, int cipherKeySize, int macAlgorithm)
-        throws IOException
-    {
-        return new TlsBlockCipher(context, createAESBlockCipher(), createAESBlockCipher(),
-            createHMACDigest(macAlgorithm), createHMACDigest(macAlgorithm), cipherKeySize);
-    }
-
-    protected TlsBlockCipher createCamelliaCipher(TlsContext context, int cipherKeySize, int macAlgorithm)
-        throws IOException
-    {
-        return new TlsBlockCipher(context, createCamelliaBlockCipher(),
-            createCamelliaBlockCipher(), createHMACDigest(macAlgorithm),
-            createHMACDigest(macAlgorithm), cipherKeySize);
-    }
-
-    protected TlsCipher createChaCha20Poly1305(TlsContext context) throws IOException
-    {
-        return new Chacha20Poly1305(context);
-    }
-
-    protected TlsAEADCipher createCipher_AES_CCM(TlsContext context, int cipherKeySize, int macSize)
-        throws IOException
-    {
-        return new TlsAEADCipher(context, createAEADBlockCipher_AES_CCM(),
-            createAEADBlockCipher_AES_CCM(), cipherKeySize, macSize);
-    }
-
-    protected TlsAEADCipher createCipher_AES_GCM(TlsContext context, int cipherKeySize, int macSize)
-        throws IOException
-    {
-        return new TlsAEADCipher(context, createAEADBlockCipher_AES_GCM(),
-            createAEADBlockCipher_AES_GCM(), cipherKeySize, macSize);
-    }
-
-    protected TlsAEADCipher createCipher_AES_OCB(TlsContext context, int cipherKeySize, int macSize)
-        throws IOException
-    {
-        return new TlsAEADCipher(context, createAEADBlockCipher_AES_OCB(),
-            createAEADBlockCipher_AES_OCB(), cipherKeySize, macSize, TlsAEADCipher.NONCE_DRAFT_CHACHA20_POLY1305);
-    }
-
-    protected TlsAEADCipher createCipher_Camellia_GCM(TlsContext context, int cipherKeySize, int macSize)
-        throws IOException
-    {
-        return new TlsAEADCipher(context, createAEADBlockCipher_Camellia_GCM(),
-            createAEADBlockCipher_Camellia_GCM(), cipherKeySize, macSize);
-    }
-
-    protected TlsBlockCipher createDESedeCipher(TlsContext context, int macAlgorithm)
-        throws IOException
-    {
-        return new TlsBlockCipher(context, createDESedeBlockCipher(), createDESedeBlockCipher(),
-            createHMACDigest(macAlgorithm), createHMACDigest(macAlgorithm), 24);
-    }
-
-    protected TlsNullCipher createNullCipher(TlsContext context, int macAlgorithm)
-        throws IOException
-    {
-        return new TlsNullCipher(context, createHMACDigest(macAlgorithm),
-            createHMACDigest(macAlgorithm));
-    }
-
-    protected TlsStreamCipher createRC4Cipher(TlsContext context, int cipherKeySize, int macAlgorithm)
-        throws IOException
-    {
-        return new TlsStreamCipher(context, createRC4StreamCipher(), createRC4StreamCipher(),
-            createHMACDigest(macAlgorithm), createHMACDigest(macAlgorithm), cipherKeySize, false);
-    }
-
-    protected TlsBlockCipher createSEEDCipher(TlsContext context, int macAlgorithm)
-        throws IOException
-    {
-        return new TlsBlockCipher(context, createSEEDBlockCipher(), createSEEDBlockCipher(),
-            createHMACDigest(macAlgorithm), createHMACDigest(macAlgorithm), 16);
-    }
-
-    protected BlockCipher createAESEngine()
-    {
-        return new AESEngine();
-    }
-
-    protected BlockCipher createCamelliaEngine()
-    {
-        return new CamelliaEngine();
-    }
-
-    protected BlockCipher createAESBlockCipher()
-    {
-        return new CBCBlockCipher(createAESEngine());
-    }
-
-    protected AEADBlockCipher createAEADBlockCipher_AES_CCM()
-    {
-        return new CCMBlockCipher(createAESEngine());
-    }
-
-    protected AEADBlockCipher createAEADBlockCipher_AES_GCM()
-    {
-        // TODO Consider allowing custom configuration of multiplier
-        return new GCMBlockCipher(createAESEngine());
-    }
-
-    protected AEADBlockCipher createAEADBlockCipher_AES_OCB()
-    {
-        return new OCBBlockCipher(createAESEngine(), createAESEngine());
-    }
-
-    protected AEADBlockCipher createAEADBlockCipher_Camellia_GCM()
-    {
-        // TODO Consider allowing custom configuration of multiplier
-        return new GCMBlockCipher(createCamelliaEngine());
-    }
-
-    protected BlockCipher createCamelliaBlockCipher()
-    {
-        return new CBCBlockCipher(createCamelliaEngine());
-    }
-
-    protected BlockCipher createDESedeBlockCipher()
-    {
-        return new CBCBlockCipher(new DESedeEngine());
-    }
-
-    protected StreamCipher createRC4StreamCipher()
-    {
-        return new RC4Engine();
-    }
-
-    protected BlockCipher createSEEDBlockCipher()
-    {
-        return new CBCBlockCipher(new SEEDEngine());
-    }
-
-    protected Digest createHMACDigest(int macAlgorithm) throws IOException
-    {
-        switch (macAlgorithm)
-        {
-        case MACAlgorithm._null:
-            return null;
-        case MACAlgorithm.hmac_md5:
-            return TlsUtils.createHash(HashAlgorithm.md5);
-        case MACAlgorithm.hmac_sha1:
-            return TlsUtils.createHash(HashAlgorithm.sha1);
-        case MACAlgorithm.hmac_sha256:
-            return TlsUtils.createHash(HashAlgorithm.sha256);
-        case MACAlgorithm.hmac_sha384:
-            return TlsUtils.createHash(HashAlgorithm.sha384);
-        case MACAlgorithm.hmac_sha512:
-            return TlsUtils.createHash(HashAlgorithm.sha512);
-        default:
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsClient.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsClient.java
deleted file mode 100644
index 110531c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsClient.java
+++ /dev/null

@@ -1,107 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-
-public abstract class DefaultTlsClient
-    extends AbstractTlsClient
-{
-    protected TlsDHVerifier dhVerifier;
-
-    public DefaultTlsClient()
-    {
-        this(new DefaultTlsCipherFactory());
-    }
-
-    public DefaultTlsClient(TlsCipherFactory cipherFactory)
-    {
-        this(cipherFactory, new DefaultTlsDHVerifier());
-    }
-
-    public DefaultTlsClient(TlsCipherFactory cipherFactory, TlsDHVerifier dhVerifier)
-    {
-        super(cipherFactory);
-
-        this.dhVerifier = dhVerifier;
-    }
-
-    public int[] getCipherSuites()
-    {
-        return new int[]
-        {
-            CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256,
-            CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256,
-            CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA,
-            CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
-            CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
-            CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
-            CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256,
-            CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256,
-            CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA,
-        };
-    }
-
-    public TlsKeyExchange getKeyExchange()
-        throws IOException
-    {
-        int keyExchangeAlgorithm = TlsUtils.getKeyExchangeAlgorithm(selectedCipherSuite);
-
-        switch (keyExchangeAlgorithm)
-        {
-        case KeyExchangeAlgorithm.DH_anon:
-        case KeyExchangeAlgorithm.DH_DSS:
-        case KeyExchangeAlgorithm.DH_RSA:
-            return createDHKeyExchange(keyExchangeAlgorithm);
-
-        case KeyExchangeAlgorithm.DHE_DSS:
-        case KeyExchangeAlgorithm.DHE_RSA:
-            return createDHEKeyExchange(keyExchangeAlgorithm);
-
-        case KeyExchangeAlgorithm.ECDH_anon:
-        case KeyExchangeAlgorithm.ECDH_ECDSA:
-        case KeyExchangeAlgorithm.ECDH_RSA:
-            return createECDHKeyExchange(keyExchangeAlgorithm);
-
-        case KeyExchangeAlgorithm.ECDHE_ECDSA:
-        case KeyExchangeAlgorithm.ECDHE_RSA:
-            return createECDHEKeyExchange(keyExchangeAlgorithm);
-
-        case KeyExchangeAlgorithm.RSA:
-            return createRSAKeyExchange();
-
-        default:
-            /*
-             * Note: internal error here; the TlsProtocol implementation verifies that the
-             * server-selected cipher suite was in the list of client-offered cipher suites, so if
-             * we now can't produce an implementation, we shouldn't have offered it!
-             */
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    protected TlsKeyExchange createDHKeyExchange(int keyExchange)
-    {
-        return new TlsDHKeyExchange(keyExchange, supportedSignatureAlgorithms, dhVerifier, null);
-    }
-
-    protected TlsKeyExchange createDHEKeyExchange(int keyExchange)
-    {
-        return new TlsDHEKeyExchange(keyExchange, supportedSignatureAlgorithms, dhVerifier, null);
-    }
-
-    protected TlsKeyExchange createECDHKeyExchange(int keyExchange)
-    {
-        return new TlsECDHKeyExchange(keyExchange, supportedSignatureAlgorithms, namedCurves, clientECPointFormats,
-            serverECPointFormats);
-    }
-
-    protected TlsKeyExchange createECDHEKeyExchange(int keyExchange)
-    {
-        return new TlsECDHEKeyExchange(keyExchange, supportedSignatureAlgorithms, namedCurves, clientECPointFormats,
-            serverECPointFormats);
-    }
-
-    protected TlsKeyExchange createRSAKeyExchange()
-    {
-        return new TlsRSAKeyExchange(supportedSignatureAlgorithms);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsDHVerifier.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsDHVerifier.java
deleted file mode 100644
index 5994f4a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsDHVerifier.java
+++ /dev/null

@@ -1,104 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.math.BigInteger;
-import java.util.Vector;
-
-import org.bouncycastle.crypto.agreement.DHStandardGroups;
-import org.bouncycastle.crypto.params.DHParameters;
-
-public class DefaultTlsDHVerifier
-    implements TlsDHVerifier
-{
-    public static final int DEFAULT_MINIMUM_PRIME_BITS = 2048;
-
-    protected static final Vector DEFAULT_GROUPS = new Vector();
-
-    private static void addDefaultGroup(DHParameters dhParameters)
-    {
-        DEFAULT_GROUPS.addElement(dhParameters);
-    }
-
-    static
-    {
-        addDefaultGroup(DHStandardGroups.rfc7919_ffdhe2048);
-        addDefaultGroup(DHStandardGroups.rfc7919_ffdhe3072);
-        addDefaultGroup(DHStandardGroups.rfc7919_ffdhe4096);
-        addDefaultGroup(DHStandardGroups.rfc7919_ffdhe6144);
-        addDefaultGroup(DHStandardGroups.rfc7919_ffdhe8192);
-
-        addDefaultGroup(DHStandardGroups.rfc3526_1536);
-        addDefaultGroup(DHStandardGroups.rfc3526_2048);
-        addDefaultGroup(DHStandardGroups.rfc3526_3072);
-        addDefaultGroup(DHStandardGroups.rfc3526_4096);
-        addDefaultGroup(DHStandardGroups.rfc3526_6144);
-        addDefaultGroup(DHStandardGroups.rfc3526_8192);
-    }
-
-    // Vector is (DHParameters)
-    protected Vector groups;
-    protected int minimumPrimeBits;
-
-    /**
-     * Accept various standard DH groups with 'P' at least {@link #DEFAULT_MINIMUM_PRIME_BITS} bits.
-     */
-    public DefaultTlsDHVerifier()
-    {
-        this(DEFAULT_MINIMUM_PRIME_BITS);
-    }
-
-    /**
-     * Accept various standard DH groups with 'P' at least the specified number of bits.
-     */
-    public DefaultTlsDHVerifier(int minimumPrimeBits)
-    {
-        this(DEFAULT_GROUPS, minimumPrimeBits);
-    }
-
-    /**
-     * Accept a custom set of group parameters, subject to a minimum bitlength for 'P'.
-     * 
-     * @param groups a {@link Vector} of acceptable {@link DHParameters}.
-     */
-    public DefaultTlsDHVerifier(Vector groups, int minimumPrimeBits)
-    {
-        this.groups = groups;
-        this.minimumPrimeBits = minimumPrimeBits;
-    }
-
-    public boolean accept(DHParameters dhParameters)
-    {
-        return checkMinimumPrimeBits(dhParameters) && checkGroup(dhParameters);
-    }
-
-    public int getMinimumPrimeBits()
-    {
-        return minimumPrimeBits;
-    }
-
-    protected boolean areGroupsEqual(DHParameters a, DHParameters b)
-    {
-        return a == b || (areParametersEqual(a.getP(), b.getP()) && areParametersEqual(a.getG(), b.getG()));
-    }
-
-    protected boolean areParametersEqual(BigInteger a, BigInteger b)
-    {
-        return a == b || a.equals(b);
-    }
-
-    protected boolean checkGroup(DHParameters dhParameters)
-    {
-        for (int i = 0; i < groups.size(); ++i)
-        {
-            if (areGroupsEqual(dhParameters, (DHParameters)groups.elementAt(i)))
-            {
-                return true;
-            }
-        }
-        return false;
-    }
-
-    protected boolean checkMinimumPrimeBits(DHParameters dhParameters)
-    {
-        return dhParameters.getP().bitLength() >= getMinimumPrimeBits();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsEncryptionCredentials.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsEncryptionCredentials.java
deleted file mode 100644
index d5151bc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsEncryptionCredentials.java
+++ /dev/null

@@ -1,58 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-
-public class DefaultTlsEncryptionCredentials extends AbstractTlsEncryptionCredentials
-{
-    protected TlsContext context;
-    protected Certificate certificate;
-    protected AsymmetricKeyParameter privateKey;
-
-    public DefaultTlsEncryptionCredentials(TlsContext context, Certificate certificate,
-        AsymmetricKeyParameter privateKey)
-    {
-        if (certificate == null)
-        {
-            throw new IllegalArgumentException("'certificate' cannot be null");
-        }
-        if (certificate.isEmpty())
-        {
-            throw new IllegalArgumentException("'certificate' cannot be empty");
-        }
-        if (privateKey == null)
-        {
-            throw new IllegalArgumentException("'privateKey' cannot be null");
-        }
-        if (!privateKey.isPrivate())
-        {
-            throw new IllegalArgumentException("'privateKey' must be private");
-        }
-
-        if (privateKey instanceof RSAKeyParameters)
-        {
-        }
-        else
-        {
-            throw new IllegalArgumentException("'privateKey' type not supported: "
-                + privateKey.getClass().getName());
-        }
-
-        this.context = context;
-        this.certificate = certificate;
-        this.privateKey = privateKey;
-    }
-
-    public Certificate getCertificate()
-    {
-        return certificate;
-    }
-
-    public byte[] decryptPreMasterSecret(byte[] encryptedPreMasterSecret)
-        throws IOException
-    {
-        return TlsRSAUtils.safeDecryptPreMasterSecret(context, (RSAKeyParameters)privateKey, encryptedPreMasterSecret);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsSRPGroupVerifier.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsSRPGroupVerifier.java
deleted file mode 100644
index 8fb9baa..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsSRPGroupVerifier.java
+++ /dev/null

@@ -1,67 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.math.BigInteger;
-import java.util.Vector;
-
-import org.bouncycastle.crypto.agreement.srp.SRP6StandardGroups;
-import org.bouncycastle.crypto.params.SRP6GroupParameters;
-
-public class DefaultTlsSRPGroupVerifier
-    implements TlsSRPGroupVerifier
-{
-    protected static final Vector DEFAULT_GROUPS = new Vector();
-
-    static
-    {
-        DEFAULT_GROUPS.addElement(SRP6StandardGroups.rfc5054_1024);
-        DEFAULT_GROUPS.addElement(SRP6StandardGroups.rfc5054_1536);
-        DEFAULT_GROUPS.addElement(SRP6StandardGroups.rfc5054_2048);
-        DEFAULT_GROUPS.addElement(SRP6StandardGroups.rfc5054_3072);
-        DEFAULT_GROUPS.addElement(SRP6StandardGroups.rfc5054_4096);
-        DEFAULT_GROUPS.addElement(SRP6StandardGroups.rfc5054_6144);
-        DEFAULT_GROUPS.addElement(SRP6StandardGroups.rfc5054_8192);
-    }
-
-    // Vector is (SRP6GroupParameters)
-    protected Vector groups;
-
-    /**
-     * Accept only the group parameters specified in RFC 5054 Appendix A.
-     */
-    public DefaultTlsSRPGroupVerifier()
-    {
-        this(DEFAULT_GROUPS);
-    }
-
-    /**
-     * Specify a custom set of acceptable group parameters.
-     * 
-     * @param groups a {@link Vector} of acceptable {@link SRP6GroupParameters}
-     */
-    public DefaultTlsSRPGroupVerifier(Vector groups)
-    {
-        this.groups = groups;
-    }
-
-    public boolean accept(SRP6GroupParameters group)
-    {
-        for (int i = 0; i < groups.size(); ++i)
-        {
-            if (areGroupsEqual(group, (SRP6GroupParameters)groups.elementAt(i)))
-            {
-                return true;
-            }
-        }
-        return false;
-    }
-
-    protected boolean areGroupsEqual(SRP6GroupParameters a, SRP6GroupParameters b)
-    {
-        return a == b || (areParametersEqual(a.getN(), b.getN()) && areParametersEqual(a.getG(), b.getG()));
-    }
-    
-    protected boolean areParametersEqual(BigInteger a, BigInteger b)
-    {
-        return a == b || a.equals(b);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsServer.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsServer.java
deleted file mode 100644
index e9f76a2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsServer.java
+++ /dev/null

@@ -1,169 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-
-import org.bouncycastle.crypto.agreement.DHStandardGroups;
-import org.bouncycastle.crypto.params.DHParameters;
-
-public abstract class DefaultTlsServer
-    extends AbstractTlsServer
-{
-    public DefaultTlsServer()
-    {
-        super();
-    }
-
-    public DefaultTlsServer(TlsCipherFactory cipherFactory)
-    {
-        super(cipherFactory);
-    }
-
-    protected TlsSignerCredentials getDSASignerCredentials()
-        throws IOException
-    {
-        throw new TlsFatalAlert(AlertDescription.internal_error);
-    }
-
-    protected TlsSignerCredentials getECDSASignerCredentials()
-        throws IOException
-    {
-        throw new TlsFatalAlert(AlertDescription.internal_error);
-    }
-
-    protected TlsEncryptionCredentials getRSAEncryptionCredentials()
-        throws IOException
-    {
-        throw new TlsFatalAlert(AlertDescription.internal_error);
-    }
-
-    protected TlsSignerCredentials getRSASignerCredentials()
-        throws IOException
-    {
-        throw new TlsFatalAlert(AlertDescription.internal_error);
-    }
-
-    protected DHParameters getDHParameters()
-    {
-        return DHStandardGroups.rfc7919_ffdhe2048;
-    }
-
-    protected int[] getCipherSuites()
-    {
-        return new int[]
-        {
-            CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384,
-            CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256,
-            CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384,
-            CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256,
-            CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA,
-            CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA,
-            CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384,
-            CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256,
-            CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256,
-            CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256,
-            CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA,
-            CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA,
-            CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384,
-            CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256,
-            CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256,
-            CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256,
-            CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA,
-            CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA,
-        };
-    }
-
-    public TlsCredentials getCredentials()
-        throws IOException
-    {
-        int keyExchangeAlgorithm = TlsUtils.getKeyExchangeAlgorithm(selectedCipherSuite);
-
-        switch (keyExchangeAlgorithm)
-        {
-        case KeyExchangeAlgorithm.DHE_DSS:
-            return getDSASignerCredentials();
-
-        case KeyExchangeAlgorithm.DH_anon:
-        case KeyExchangeAlgorithm.ECDH_anon:
-            return null;
-
-        case KeyExchangeAlgorithm.ECDHE_ECDSA:
-            return getECDSASignerCredentials();
-
-        case KeyExchangeAlgorithm.DHE_RSA:
-        case KeyExchangeAlgorithm.ECDHE_RSA:
-            return getRSASignerCredentials();
-
-        case KeyExchangeAlgorithm.RSA:
-            return getRSAEncryptionCredentials();
-
-        default:
-            /* Note: internal error here; selected a key exchange we don't implement! */
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    public TlsKeyExchange getKeyExchange()
-        throws IOException
-    {
-        int keyExchangeAlgorithm = TlsUtils.getKeyExchangeAlgorithm(selectedCipherSuite);
-
-        switch (keyExchangeAlgorithm)
-        {
-        case KeyExchangeAlgorithm.DH_anon:
-        case KeyExchangeAlgorithm.DH_DSS:
-        case KeyExchangeAlgorithm.DH_RSA:
-            return createDHKeyExchange(keyExchangeAlgorithm);
-
-        case KeyExchangeAlgorithm.DHE_DSS:
-        case KeyExchangeAlgorithm.DHE_RSA:
-            return createDHEKeyExchange(keyExchangeAlgorithm);
-
-        case KeyExchangeAlgorithm.ECDH_anon:
-        case KeyExchangeAlgorithm.ECDH_ECDSA:
-        case KeyExchangeAlgorithm.ECDH_RSA:
-            return createECDHKeyExchange(keyExchangeAlgorithm);
-
-        case KeyExchangeAlgorithm.ECDHE_ECDSA:
-        case KeyExchangeAlgorithm.ECDHE_RSA:
-            return createECDHEKeyExchange(keyExchangeAlgorithm);
-
-        case KeyExchangeAlgorithm.RSA:
-            return createRSAKeyExchange();
-
-        default:
-            /*
-             * Note: internal error here; the TlsProtocol implementation verifies that the
-             * server-selected cipher suite was in the list of client-offered cipher suites, so if
-             * we now can't produce an implementation, we shouldn't have offered it!
-             */
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    protected TlsKeyExchange createDHKeyExchange(int keyExchange)
-    {
-        return new TlsDHKeyExchange(keyExchange, supportedSignatureAlgorithms, null, getDHParameters());
-    }
-
-    protected TlsKeyExchange createDHEKeyExchange(int keyExchange)
-    {
-        return new TlsDHEKeyExchange(keyExchange, supportedSignatureAlgorithms, null, getDHParameters());
-    }
-
-    protected TlsKeyExchange createECDHKeyExchange(int keyExchange)
-    {
-        return new TlsECDHKeyExchange(keyExchange, supportedSignatureAlgorithms, namedCurves, clientECPointFormats,
-            serverECPointFormats);
-    }
-
-    protected TlsKeyExchange createECDHEKeyExchange(int keyExchange)
-    {
-        return new TlsECDHEKeyExchange(keyExchange, supportedSignatureAlgorithms, namedCurves, clientECPointFormats,
-            serverECPointFormats);
-    }
-
-    protected TlsKeyExchange createRSAKeyExchange()
-    {
-        return new TlsRSAKeyExchange(supportedSignatureAlgorithms);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsSignerCredentials.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsSignerCredentials.java
deleted file mode 100644
index 3b3391e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DefaultTlsSignerCredentials.java
+++ /dev/null

@@ -1,104 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.DSAPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-
-public class DefaultTlsSignerCredentials
-    extends AbstractTlsSignerCredentials
-{
-    protected TlsContext context;
-    protected Certificate certificate;
-    protected AsymmetricKeyParameter privateKey;
-    protected SignatureAndHashAlgorithm signatureAndHashAlgorithm;
-
-    protected TlsSigner signer;
-
-    public DefaultTlsSignerCredentials(TlsContext context, Certificate certificate, AsymmetricKeyParameter privateKey)
-    {
-        this(context, certificate, privateKey, null);
-    }
-
-    public DefaultTlsSignerCredentials(TlsContext context, Certificate certificate, AsymmetricKeyParameter privateKey,
-        SignatureAndHashAlgorithm signatureAndHashAlgorithm)
-    {
-        if (certificate == null)
-        {
-            throw new IllegalArgumentException("'certificate' cannot be null");
-        }
-        if (certificate.isEmpty())
-        {
-            throw new IllegalArgumentException("'certificate' cannot be empty");
-        }
-        if (privateKey == null)
-        {
-            throw new IllegalArgumentException("'privateKey' cannot be null");
-        }
-        if (!privateKey.isPrivate())
-        {
-            throw new IllegalArgumentException("'privateKey' must be private");
-        }
-        if (TlsUtils.isTLSv12(context) && signatureAndHashAlgorithm == null)
-        {
-            throw new IllegalArgumentException("'signatureAndHashAlgorithm' cannot be null for (D)TLS 1.2+");
-        }
-
-        if (privateKey instanceof RSAKeyParameters)
-        {
-            this.signer = new TlsRSASigner();
-        }
-        else if (privateKey instanceof DSAPrivateKeyParameters)
-        {
-            this.signer = new TlsDSSSigner();
-        }
-        else if (privateKey instanceof ECPrivateKeyParameters)
-        {
-            this.signer = new TlsECDSASigner();
-        }
-        else
-        {
-            throw new IllegalArgumentException("'privateKey' type not supported: " + privateKey.getClass().getName());
-        }
-
-        this.signer.init(context);
-
-        this.context = context;
-        this.certificate = certificate;
-        this.privateKey = privateKey;
-        this.signatureAndHashAlgorithm = signatureAndHashAlgorithm;
-    }
-
-    public Certificate getCertificate()
-    {
-        return certificate;
-    }
-
-    public byte[] generateCertificateSignature(byte[] hash)
-        throws IOException
-    {
-        try
-        {
-            if (TlsUtils.isTLSv12(context))
-            {
-                return signer.generateRawSignature(signatureAndHashAlgorithm, privateKey, hash);
-            }
-            else
-            {
-                return signer.generateRawSignature(privateKey, hash);
-            }
-        }
-        catch (CryptoException e)
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error, e);
-        }
-    }
-
-    public SignatureAndHashAlgorithm getSignatureAndHashAlgorithm()
-    {
-        return signatureAndHashAlgorithm;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DeferredHash.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/DeferredHash.java
deleted file mode 100644
index 2193e0b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DeferredHash.java
+++ /dev/null

@@ -1,207 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.util.Enumeration;
-import java.util.Hashtable;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.util.Shorts;
-
-/**
- * Buffers input until the hash algorithm is determined.
- */
-class DeferredHash
-    implements TlsHandshakeHash
-{
-    protected static final int BUFFERING_HASH_LIMIT = 4;
-
-    protected TlsContext context;
-
-    private DigestInputBuffer buf;
-    private Hashtable hashes;
-    private Short prfHashAlgorithm;
-
-    DeferredHash()
-    {
-        this.buf = new DigestInputBuffer();
-        this.hashes = new Hashtable();
-        this.prfHashAlgorithm = null;
-    }
-
-    private DeferredHash(Short prfHashAlgorithm, Digest prfHash)
-    {
-        this.buf = null;
-        this.hashes = new Hashtable();
-        this.prfHashAlgorithm = prfHashAlgorithm;
-        hashes.put(prfHashAlgorithm, prfHash);
-    }
-
-    public void init(TlsContext context)
-    {
-        this.context = context;
-    }
-
-    public TlsHandshakeHash notifyPRFDetermined()
-    {
-        int prfAlgorithm = context.getSecurityParameters().getPrfAlgorithm();
-        if (prfAlgorithm == PRFAlgorithm.tls_prf_legacy)
-        {
-            CombinedHash legacyHash = new CombinedHash();
-            legacyHash.init(context);
-            buf.updateDigest(legacyHash);
-            return legacyHash.notifyPRFDetermined();
-        }
-
-        this.prfHashAlgorithm = Shorts.valueOf(TlsUtils.getHashAlgorithmForPRFAlgorithm(prfAlgorithm));
-
-        checkTrackingHash(prfHashAlgorithm);
-
-        return this;
-    }
-
-    public void trackHashAlgorithm(short hashAlgorithm)
-    {
-        if (buf == null)
-        {
-            throw new IllegalStateException("Too late to track more hash algorithms");
-        }
-
-        checkTrackingHash(Shorts.valueOf(hashAlgorithm));
-    }
-
-    public void sealHashAlgorithms()
-    {
-        checkStopBuffering();
-    }
-
-    public TlsHandshakeHash stopTracking()
-    {
-        Digest prfHash = TlsUtils.cloneHash(prfHashAlgorithm.shortValue(), (Digest)hashes.get(prfHashAlgorithm));
-        if (buf != null)
-        {
-            buf.updateDigest(prfHash);
-        }
-        DeferredHash result = new DeferredHash(prfHashAlgorithm, prfHash);
-        result.init(context);
-        return result;
-    }
-
-    public Digest forkPRFHash()
-    {
-        checkStopBuffering();
-
-        if (buf != null)
-        {
-            Digest prfHash = TlsUtils.createHash(prfHashAlgorithm.shortValue());
-            buf.updateDigest(prfHash);
-            return prfHash;
-        }
-
-        return TlsUtils.cloneHash(prfHashAlgorithm.shortValue(), (Digest)hashes.get(prfHashAlgorithm));
-    }
-
-    public byte[] getFinalHash(short hashAlgorithm)
-    {
-        Digest d = (Digest)hashes.get(Shorts.valueOf(hashAlgorithm));
-        if (d == null)
-        {
-            throw new IllegalStateException("HashAlgorithm." + HashAlgorithm.getText(hashAlgorithm) + " is not being tracked");
-        }
-
-        d = TlsUtils.cloneHash(hashAlgorithm, d);
-        if (buf != null)
-        {
-            buf.updateDigest(d);
-        }
-
-        byte[] bs = new byte[d.getDigestSize()];
-        d.doFinal(bs, 0);
-        return bs;
-    }
-
-    public String getAlgorithmName()
-    {
-        throw new IllegalStateException("Use fork() to get a definite Digest");
-    }
-
-    public int getDigestSize()
-    {
-        throw new IllegalStateException("Use fork() to get a definite Digest");
-    }
-
-    public void update(byte input)
-    {
-        if (buf != null)
-        {
-            buf.write(input);
-            return;
-        }
-
-        Enumeration e = hashes.elements();
-        while (e.hasMoreElements())
-        {
-            Digest hash = (Digest)e.nextElement();
-            hash.update(input);
-        }
-    }
-
-    public void update(byte[] input, int inOff, int len)
-    {
-        if (buf != null)
-        {
-            buf.write(input, inOff, len);
-            return;
-        }
-
-        Enumeration e = hashes.elements();
-        while (e.hasMoreElements())
-        {
-            Digest hash = (Digest)e.nextElement();
-            hash.update(input, inOff, len);
-        }
-    }
-
-    public int doFinal(byte[] output, int outOff)
-    {
-        throw new IllegalStateException("Use fork() to get a definite Digest");
-    }
-
-    public void reset()
-    {
-        if (buf != null)
-        {
-            buf.reset();
-            return;
-        }
-
-        Enumeration e = hashes.elements();
-        while (e.hasMoreElements())
-        {
-            Digest hash = (Digest)e.nextElement();
-            hash.reset();
-        }
-    }
-
-    protected void checkStopBuffering()
-    {
-        if (buf != null && hashes.size() <= BUFFERING_HASH_LIMIT)
-        {
-            Enumeration e = hashes.elements();
-            while (e.hasMoreElements())
-            {
-                Digest hash = (Digest)e.nextElement();
-                buf.updateDigest(hash);
-            }
-
-            this.buf = null;
-        }
-    }
-
-    protected void checkTrackingHash(Short hashAlgorithm)
-    {
-        if (!hashes.containsKey(hashAlgorithm))
-        {
-            Digest hash = TlsUtils.createHash(hashAlgorithm.shortValue());
-            hashes.put(hashAlgorithm, hash);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DigestInputBuffer.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/DigestInputBuffer.java
deleted file mode 100644
index 7cfa890..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DigestInputBuffer.java
+++ /dev/null

@@ -1,13 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.ByteArrayOutputStream;
-
-import org.bouncycastle.crypto.Digest;
-
-class DigestInputBuffer extends ByteArrayOutputStream
-{
-    void updateDigest(Digest d)
-    {
-        d.update(this.buf, 0, count);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DigitallySigned.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/DigitallySigned.java
deleted file mode 100644
index c366ca9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/DigitallySigned.java
+++ /dev/null

@@ -1,72 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-
-public class DigitallySigned
-{
-    protected SignatureAndHashAlgorithm algorithm;
-    protected byte[] signature;
-
-    public DigitallySigned(SignatureAndHashAlgorithm algorithm, byte[] signature)
-    {
-        if (signature == null)
-        {
-            throw new IllegalArgumentException("'signature' cannot be null");
-        }
-
-        this.algorithm = algorithm;
-        this.signature = signature;
-    }
-
-    /**
-     * @return a {@link SignatureAndHashAlgorithm} (or null before TLS 1.2).
-     */
-    public SignatureAndHashAlgorithm getAlgorithm()
-    {
-        return algorithm;
-    }
-
-    public byte[] getSignature()
-    {
-        return signature;
-    }
-
-    /**
-     * Encode this {@link DigitallySigned} to an {@link OutputStream}.
-     * 
-     * @param output
-     *            the {@link OutputStream} to encode to.
-     * @throws IOException
-     */
-    public void encode(OutputStream output) throws IOException
-    {
-        if (algorithm != null)
-        {
-            algorithm.encode(output);
-        }
-        TlsUtils.writeOpaque16(signature, output);
-    }
-
-    /**
-     * Parse a {@link DigitallySigned} from an {@link InputStream}.
-     * 
-     * @param context
-     *            the {@link TlsContext} of the current connection.
-     * @param input
-     *            the {@link InputStream} to parse from.
-     * @return a {@link DigitallySigned} object.
-     * @throws IOException
-     */
-    public static DigitallySigned parse(TlsContext context, InputStream input) throws IOException
-    {
-        SignatureAndHashAlgorithm algorithm = null;
-        if (TlsUtils.isTLSv12(context))
-        {
-            algorithm = SignatureAndHashAlgorithm.parse(input);
-        }
-        byte[] signature = TlsUtils.readOpaque16(input);
-        return new DigitallySigned(algorithm, signature);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ECBasisType.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/ECBasisType.java
deleted file mode 100644
index 630dfcd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ECBasisType.java
+++ /dev/null

@@ -1,15 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/**
- * RFC 4492 5.4. (Errata ID: 2389)
- */
-public class ECBasisType
-{
-    public static final short ec_basis_trinomial = 1;
-    public static final short ec_basis_pentanomial = 2;
-
-    public static boolean isValid(short ecBasisType)
-    {
-        return ecBasisType >= ec_basis_trinomial && ecBasisType <= ec_basis_pentanomial;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ECCurveType.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/ECCurveType.java
deleted file mode 100644
index 0b6542f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ECCurveType.java
+++ /dev/null

@@ -1,28 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/**
- * RFC 4492 5.4
- */
-public class ECCurveType
-{
-    /**
-     * Indicates the elliptic curve domain parameters are conveyed verbosely, and the
-     * underlying finite field is a prime field.
-     */
-    public static final short explicit_prime = 1;
-
-    /**
-     * Indicates the elliptic curve domain parameters are conveyed verbosely, and the
-     * underlying finite field is a characteristic-2 field.
-     */
-    public static final short explicit_char2 = 2;
-
-    /**
-     * Indicates that a named curve is used. This option SHOULD be used when applicable.
-     */
-    public static final short named_curve = 3;
-
-    /*
-     * Values 248 through 255 are reserved for private use.
-     */
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ECPointFormat.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/ECPointFormat.java
deleted file mode 100644
index 969d42e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ECPointFormat.java
+++ /dev/null

@@ -1,15 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/**
- * RFC 4492 5.1.2
- */
-public class ECPointFormat
-{
-    public static final short uncompressed = 0;
-    public static final short ansiX962_compressed_prime = 1;
-    public static final short ansiX962_compressed_char2 = 2;
-
-    /*
-     * reserved (248..255)
-     */
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/EncryptionAlgorithm.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/EncryptionAlgorithm.java
deleted file mode 100644
index a8df994..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/EncryptionAlgorithm.java
+++ /dev/null

@@ -1,67 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/**
- * RFC 2246
- * <p>
- * Note that the values here are implementation-specific and arbitrary. It is recommended not to
- * depend on the particular values (e.g. serialization).
- */
-public class EncryptionAlgorithm
-{
-    public static final int NULL = 0;
-    public static final int RC4_40 = 1;
-    public static final int RC4_128 = 2;
-    public static final int RC2_CBC_40 = 3;
-    public static final int IDEA_CBC = 4;
-    public static final int DES40_CBC = 5;
-    public static final int DES_CBC = 6;
-    public static final int _3DES_EDE_CBC = 7;
-
-    /*
-     * RFC 3268
-     */
-    public static final int AES_128_CBC = 8;
-    public static final int AES_256_CBC = 9;
-
-    /*
-     * RFC 5289
-     */
-    public static final int AES_128_GCM = 10;
-    public static final int AES_256_GCM = 11;
-
-    /*
-     * RFC 5932
-     */
-    public static final int CAMELLIA_128_CBC = 12;
-    public static final int CAMELLIA_256_CBC = 13;
-
-    /*
-     * RFC 4162
-     */
-    public static final int SEED_CBC = 14;
-
-    /*
-     * RFC 6655
-     */
-    public static final int AES_128_CCM = 15;
-    public static final int AES_128_CCM_8 = 16;
-    public static final int AES_256_CCM = 17;
-    public static final int AES_256_CCM_8 = 18;
-
-    /*
-     * RFC 6367
-     */
-    public static final int CAMELLIA_128_GCM = 19;
-    public static final int CAMELLIA_256_GCM = 20;
-
-    /*
-     * RFC 7905
-     */
-    public static final int CHACHA20_POLY1305 = 21;
-
-    /*
-     * draft-zauner-tls-aes-ocb-04
-     */
-    public static final int AES_128_OCB_TAGLEN96 = 103;
-    public static final int AES_256_OCB_TAGLEN96 = 104;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ExporterLabel.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/ExporterLabel.java
deleted file mode 100644
index a3d7d55..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ExporterLabel.java
+++ /dev/null

@@ -1,36 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/**
- * RFC 5705
- */
-public class ExporterLabel
-{
-    /*
-     * RFC 5246
-     */
-    public static final String client_finished = "client finished";
-    public static final String server_finished = "server finished";
-    public static final String master_secret = "master secret";
-    public static final String key_expansion = "key expansion";
-
-    /*
-     * RFC 5216
-     */
-    public static final String client_EAP_encryption = "client EAP encryption";
-
-    /*
-     * RFC 5281
-     */
-    public static final String ttls_keying_material = "ttls keying material";
-    public static final String ttls_challenge = "ttls challenge";
-
-    /*
-     * RFC 5764
-     */
-    public static final String dtls_srtp = "EXTRACTOR-dtls_srtp";
-
-    /*
-     * RFC 7627
-     */
-    public static final String extended_master_secret = "extended master secret";
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ExtensionType.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/ExtensionType.java
deleted file mode 100644
index fdf79eb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ExtensionType.java
+++ /dev/null

@@ -1,125 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-public class ExtensionType
-{
-    /*
-     * RFC 2546 2.3.
-     */
-    public static final int server_name = 0;
-    public static final int max_fragment_length = 1;
-    public static final int client_certificate_url = 2;
-    public static final int trusted_ca_keys = 3;
-    public static final int truncated_hmac = 4;
-    public static final int status_request = 5;
-
-    /*
-     * RFC 4681
-     */
-    public static final int user_mapping = 6;
-
-    /*
-     * RFC 5878
-     */
-    public static final int client_authz = 7;
-    public static final int server_authz = 8;
-
-    /*
-     * RFC RFC6091
-     */
-    public static final int cert_type = 9;
-
-    /*
-     * draft-ietf-tls-negotiated-ff-dhe-10
-     */
-    public static final int supported_groups = 10;
-
-    /*
-     * RFC 4492 5.1.
-     */
-    /** @deprecated Use {@link #supported_groups} instead */
-    public static final int elliptic_curves = supported_groups;
-    public static final int ec_point_formats = 11;
-
-    /*
-     * RFC 5054 2.8.1.
-     */
-    public static final int srp = 12;
-
-    /*
-     * RFC 5246 7.4.1.4.
-     */
-    public static final int signature_algorithms = 13;
-
-    /*
-     * RFC 5764 9.
-     */
-    public static final int use_srtp = 14;
-
-    /*
-     * RFC 6520 6.
-     */
-    public static final int heartbeat = 15;
-
-    /*
-     * RFC 7301
-     */
-    public static final int application_layer_protocol_negotiation = 16;
-
-    /*
-     * RFC 6961
-     */
-    public static final int status_request_v2 = 17;
-
-    /*
-     * RFC 6962
-     */
-    public static final int signed_certificate_timestamp = 18;
-
-    /*
-     * RFC 7250
-     */
-    public static final int client_certificate_type = 19;
-    public static final int server_certificate_type = 20;
-
-    /*
-     * RFC 7685
-     */
-    public static final int padding = 21;
-
-    /*
-     * RFC 7366
-     */
-    public static final int encrypt_then_mac = 22;
-
-    /*
-     * RFC 7627
-     */
-    public static final int extended_master_secret = 23;
-
-    /*
-     * draft-ietf-tokbind-negotiation-08
-     */
-    public static final int DRAFT_token_binding = 24;
-
-    /*
-     * RFC 7924
-     */
-    public static final int cached_info = 25;
-
-    /*
-     * RFC 5077 7.
-     */
-    public static final int session_ticket = 35;
-
-    /*
-     * draft-ietf-tls-negotiated-ff-dhe-01
-     * 
-     * WARNING: Placeholder value; the real value is TBA
-     */
-    public static final int negotiated_ff_dhe_groups = 101;
-
-    /*
-     * RFC 5746 3.2.
-     */
-    public static final int renegotiation_info = 0xff01;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/FiniteFieldDHEGroup.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/FiniteFieldDHEGroup.java
deleted file mode 100644
index a16ec9c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/FiniteFieldDHEGroup.java
+++ /dev/null

@@ -1,18 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/*
- * draft-ietf-tls-negotiated-ff-dhe-01
- */
-public class FiniteFieldDHEGroup
-{
-    public static final short ffdhe2432 = 0;
-    public static final short ffdhe3072 = 1;
-    public static final short ffdhe4096 = 2;
-    public static final short ffdhe6144 = 3;
-    public static final short ffdhe8192 = 4;
-
-    public static boolean isValid(short group)
-    {
-        return group >= ffdhe2432 && group <= ffdhe8192;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/HandshakeType.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/HandshakeType.java
deleted file mode 100644
index c81660a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/HandshakeType.java
+++ /dev/null

@@ -1,39 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-public class HandshakeType
-{
-    /*
-     * RFC 2246 7.4
-     */
-    public static final short hello_request = 0;
-    public static final short client_hello = 1;
-    public static final short server_hello = 2;
-    public static final short certificate = 11;
-    public static final short server_key_exchange = 12;
-    public static final short certificate_request = 13;
-    public static final short server_hello_done = 14;
-    public static final short certificate_verify = 15;
-    public static final short client_key_exchange = 16;
-    public static final short finished = 20;
-
-    /*
-     * RFC 3546 2.4
-     */
-    public static final short certificate_url = 21;
-    public static final short certificate_status = 22;
-
-    /*
-     *  (DTLS) RFC 4347 4.3.2
-     */
-    public static final short hello_verify_request = 3;
-
-    /*
-     * RFC 4680 
-     */
-    public static final short supplemental_data = 23;
-
-    /*
-     * RFC 5077 
-     */
-    public static final short session_ticket = 4;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/HashAlgorithm.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/HashAlgorithm.java
deleted file mode 100644
index ac1ae40..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/HashAlgorithm.java
+++ /dev/null

@@ -1,64 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/**
- * RFC 5246 7.4.1.4.1
- */
-public class HashAlgorithm
-{
-    public static final short none = 0;
-    public static final short md5 = 1;
-    public static final short sha1 = 2;
-    public static final short sha224 = 3;
-    public static final short sha256 = 4;
-    public static final short sha384 = 5;
-    public static final short sha512 = 6;
-
-    public static String getName(short hashAlgorithm)
-    {
-        switch (hashAlgorithm)
-        {
-        case none:
-            return "none";
-        case md5:
-            return "md5";
-        case sha1:
-            return "sha1";
-        case sha224:
-            return "sha224";
-        case sha256:
-            return "sha256";
-        case sha384:
-            return "sha384";
-        case sha512:
-            return "sha512";
-        default:
-            return "UNKNOWN";
-        }
-    }
-
-    public static String getText(short hashAlgorithm)
-    {
-        return getName(hashAlgorithm) + "(" + hashAlgorithm + ")";
-    }
-
-    public static boolean isPrivate(short hashAlgorithm)
-    {
-        return 224 <= hashAlgorithm && hashAlgorithm <= 255;
-    }
-
-    public static boolean isRecognized(short hashAlgorithm)
-    {
-        switch (hashAlgorithm)
-        {
-        case md5:
-        case sha1:
-        case sha224:
-        case sha256:
-        case sha384:
-        case sha512:
-            return true;
-        default:
-            return false;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/HeartbeatExtension.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/HeartbeatExtension.java
deleted file mode 100644
index f9f3670..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/HeartbeatExtension.java
+++ /dev/null

@@ -1,56 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-
-public class HeartbeatExtension
-{
-    protected short mode;
-
-    public HeartbeatExtension(short mode)
-    {
-        if (!HeartbeatMode.isValid(mode))
-        {
-            throw new IllegalArgumentException("'mode' is not a valid HeartbeatMode value");
-        }
-
-        this.mode = mode;
-    }
-
-    public short getMode()
-    {
-        return mode;
-    }
-
-    /**
-     * Encode this {@link HeartbeatExtension} to an {@link OutputStream}.
-     * 
-     * @param output
-     *            the {@link OutputStream} to encode to.
-     * @throws IOException
-     */
-    public void encode(OutputStream output) throws IOException
-    {
-        TlsUtils.writeUint8(mode, output);
-    }
-
-    /**
-     * Parse a {@link HeartbeatExtension} from an {@link InputStream}.
-     * 
-     * @param input
-     *            the {@link InputStream} to parse from.
-     * @return a {@link HeartbeatExtension} object.
-     * @throws IOException
-     */
-    public static HeartbeatExtension parse(InputStream input) throws IOException
-    {
-        short mode = TlsUtils.readUint8(input);
-        if (!HeartbeatMode.isValid(mode))
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-
-        return new HeartbeatExtension(mode);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/HeartbeatMessage.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/HeartbeatMessage.java
deleted file mode 100644
index c6a447f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/HeartbeatMessage.java
+++ /dev/null

@@ -1,111 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.io.Streams;
-
-public class HeartbeatMessage
-{
-    protected short type;
-    protected byte[] payload;
-    protected int paddingLength;
-
-    public HeartbeatMessage(short type, byte[] payload, int paddingLength)
-    {
-        if (!HeartbeatMessageType.isValid(type))
-        {
-            throw new IllegalArgumentException("'type' is not a valid HeartbeatMessageType value");
-        }
-        if (payload == null || payload.length >= (1 << 16))
-        {
-            throw new IllegalArgumentException("'payload' must have length < 2^16");
-        }
-        if (paddingLength < 16)
-        {
-            throw new IllegalArgumentException("'paddingLength' must be at least 16");
-        }
-
-        this.type = type;
-        this.payload = payload;
-        this.paddingLength = paddingLength;
-    }
-
-    /**
-     * Encode this {@link HeartbeatMessage} to an {@link OutputStream}.
-     * 
-     * @param output
-     *            the {@link OutputStream} to encode to.
-     * @throws IOException
-     */
-    public void encode(TlsContext context, OutputStream output) throws IOException
-    {
-        TlsUtils.writeUint8(type, output);
-
-        TlsUtils.checkUint16(payload.length);
-        TlsUtils.writeUint16(payload.length, output);
-        output.write(payload);
-
-        byte[] padding = new byte[paddingLength];
-        context.getNonceRandomGenerator().nextBytes(padding);
-        output.write(padding);
-    }
-
-    /**
-     * Parse a {@link HeartbeatMessage} from an {@link InputStream}.
-     * 
-     * @param input
-     *            the {@link InputStream} to parse from.
-     * @return a {@link HeartbeatMessage} object.
-     * @throws IOException
-     */
-    public static HeartbeatMessage parse(InputStream input) throws IOException
-    {
-        short type = TlsUtils.readUint8(input);
-        if (!HeartbeatMessageType.isValid(type))
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-
-        int payload_length = TlsUtils.readUint16(input);
-
-        PayloadBuffer buf = new PayloadBuffer();
-        Streams.pipeAll(input, buf);
-
-        byte[] payload = buf.toTruncatedByteArray(payload_length);
-        if (payload == null)
-        {
-            /*
-             * RFC 6520 4. If the payload_length of a received HeartbeatMessage is too large, the
-             * received HeartbeatMessage MUST be discarded silently.
-             */
-            return null;
-        }
-
-        int padding_length = buf.size() - payload.length;
-
-        /*
-         * RFC 6520 4. The padding of a received HeartbeatMessage message MUST be ignored
-         */
-        return new HeartbeatMessage(type, payload, padding_length);
-    }
-
-    static class PayloadBuffer extends ByteArrayOutputStream
-    {
-        byte[] toTruncatedByteArray(int payloadLength)
-        {
-            /*
-             * RFC 6520 4. The padding_length MUST be at least 16.
-             */
-            int minimumCount = payloadLength + 16;
-            if (count < minimumCount)
-            {
-                return null;
-            }
-            return Arrays.copyOf(buf, payloadLength);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/HeartbeatMessageType.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/HeartbeatMessageType.java
deleted file mode 100644
index f1a3b43..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/HeartbeatMessageType.java
+++ /dev/null

@@ -1,15 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/*
- * RFC 6520 3.
- */
-public class HeartbeatMessageType
-{
-    public static final short heartbeat_request = 1;
-    public static final short heartbeat_response = 2;
-
-    public static boolean isValid(short heartbeatMessageType)
-    {
-        return heartbeatMessageType >= heartbeat_request && heartbeatMessageType <= heartbeat_response;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/HeartbeatMode.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/HeartbeatMode.java
deleted file mode 100644
index 4024faa..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/HeartbeatMode.java
+++ /dev/null

@@ -1,15 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/*
- * RFC 6520
- */
-public class HeartbeatMode
-{
-    public static final short peer_allowed_to_send = 1;
-    public static final short peer_not_allowed_to_send = 2;
-
-    public static boolean isValid(short heartbeatMode)
-    {
-        return heartbeatMode >= peer_allowed_to_send && heartbeatMode <= peer_not_allowed_to_send;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/KeyExchangeAlgorithm.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/KeyExchangeAlgorithm.java
deleted file mode 100644
index d862d76..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/KeyExchangeAlgorithm.java
+++ /dev/null

@@ -1,52 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/**
- * RFC 2246
- * <p>
- * Note that the values here are implementation-specific and arbitrary. It is recommended not to
- * depend on the particular values (e.g. serialization).
- */
-public class KeyExchangeAlgorithm
-{
-    public static final int NULL = 0;
-    public static final int RSA = 1;
-    public static final int RSA_EXPORT = 2;
-    public static final int DHE_DSS = 3;
-    public static final int DHE_DSS_EXPORT = 4;
-    public static final int DHE_RSA = 5;
-    public static final int DHE_RSA_EXPORT = 6;
-    public static final int DH_DSS = 7;
-    public static final int DH_DSS_EXPORT = 8;
-    public static final int DH_RSA = 9;
-    public static final int DH_RSA_EXPORT = 10;
-    public static final int DH_anon = 11;
-    public static final int DH_anon_EXPORT = 12;
-
-    /*
-     * RFC 4279
-     */
-    public static final int PSK = 13;
-    public static final int DHE_PSK = 14;
-    public static final int RSA_PSK = 15;
-
-    /*
-     * RFC 4429
-     */
-    public static final int ECDH_ECDSA = 16;
-    public static final int ECDHE_ECDSA = 17;
-    public static final int ECDH_RSA = 18;
-    public static final int ECDHE_RSA = 19;
-    public static final int ECDH_anon = 20;
-
-    /*
-     * RFC 5054
-     */
-    public static final int SRP = 21;
-    public static final int SRP_DSS = 22;
-    public static final int SRP_RSA = 23;
-    
-    /*
-     * RFC 5489
-     */
-    public static final int ECDHE_PSK = 24;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/MACAlgorithm.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/MACAlgorithm.java
deleted file mode 100644
index bd13ab8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/MACAlgorithm.java
+++ /dev/null

@@ -1,23 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/**
- * RFC 2246
- * <p>
- * Note that the values here are implementation-specific and arbitrary. It is recommended not to
- * depend on the particular values (e.g. serialization).
- */
-public class MACAlgorithm
-{
-    public static final int _null = 0;
-    public static final int md5 = 1;
-    public static final int sha = 2;
-
-    /*
-     * RFC 5246
-     */
-    public static final int hmac_md5 = md5;
-    public static final int hmac_sha1 = sha;
-    public static final int hmac_sha256 = 3;
-    public static final int hmac_sha384 = 4;
-    public static final int hmac_sha512 = 5;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/MaxFragmentLength.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/MaxFragmentLength.java
deleted file mode 100644
index 6bc61b0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/MaxFragmentLength.java
+++ /dev/null

@@ -1,17 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-public class MaxFragmentLength
-{
-    /*
-     * RFC 3546 3.2.
-     */
-    public static final short pow2_9 = 1;
-    public static final short pow2_10 = 2;
-    public static final short pow2_11 = 3;
-    public static final short pow2_12 = 4;
-
-    public static boolean isValid(short maxFragmentLength)
-    {
-        return maxFragmentLength >= pow2_9 && maxFragmentLength <= pow2_12;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/NameType.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/NameType.java
deleted file mode 100644
index 2310dc7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/NameType.java
+++ /dev/null

@@ -1,14 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-public class NameType
-{
-    /*
-     * RFC 3546 3.1.
-     */
-    public static final short host_name = 0;
-
-    public static boolean isValid(short nameType)
-    {
-        return nameType == host_name;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/NamedCurve.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/NamedCurve.java
deleted file mode 100644
index 49fc923..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/NamedCurve.java
+++ /dev/null

@@ -1,71 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/**
- * RFC 4492 5.1.1
- * <p>
- * The named curves defined here are those specified in SEC 2 [13]. Note that many of these curves
- * are also recommended in ANSI X9.62 [7] and FIPS 186-2 [11]. Values 0xFE00 through 0xFEFF are
- * reserved for private use. Values 0xFF01 and 0xFF02 indicate that the client supports arbitrary
- * prime and characteristic-2 curves, respectively (the curve parameters must be encoded explicitly
- * in ECParameters).
- */
-public class NamedCurve
-{
-    public static final int sect163k1 = 1;
-    public static final int sect163r1 = 2;
-    public static final int sect163r2 = 3;
-    public static final int sect193r1 = 4;
-    public static final int sect193r2 = 5;
-    public static final int sect233k1 = 6;
-    public static final int sect233r1 = 7;
-    public static final int sect239k1 = 8;
-    public static final int sect283k1 = 9;
-    public static final int sect283r1 = 10;
-    public static final int sect409k1 = 11;
-    public static final int sect409r1 = 12;
-    public static final int sect571k1 = 13;
-    public static final int sect571r1 = 14;
-    public static final int secp160k1 = 15;
-    public static final int secp160r1 = 16;
-    public static final int secp160r2 = 17;
-    public static final int secp192k1 = 18;
-    public static final int secp192r1 = 19;
-    public static final int secp224k1 = 20;
-    public static final int secp224r1 = 21;
-    public static final int secp256k1 = 22;
-    public static final int secp256r1 = 23;
-    public static final int secp384r1 = 24;
-    public static final int secp521r1 = 25;
-    
-    /*
-     * RFC 7027
-     */
-    public static final int brainpoolP256r1 = 26;
-    public static final int brainpoolP384r1 = 27;
-    public static final int brainpoolP512r1 = 28;
-
-    /*
-     * reserved (0xFE00..0xFEFF)
-     */
-
-    public static final int arbitrary_explicit_prime_curves = 0xFF01;
-    public static final int arbitrary_explicit_char2_curves = 0xFF02;
-
-    public static boolean isValid(int namedCurve)
-    {
-        return (namedCurve >= sect163k1 && namedCurve <= brainpoolP512r1)
-            || (namedCurve >= arbitrary_explicit_prime_curves && namedCurve <= arbitrary_explicit_char2_curves);
-    }
-
-    public static boolean refersToASpecificNamedCurve(int namedCurve)
-    {
-        switch (namedCurve)
-        {
-        case arbitrary_explicit_prime_curves:
-        case arbitrary_explicit_char2_curves:
-            return false;
-        default:
-            return true;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/NewSessionTicket.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/NewSessionTicket.java
deleted file mode 100644
index 8f87a65..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/NewSessionTicket.java
+++ /dev/null

@@ -1,55 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-
-public class NewSessionTicket
-{
-    protected long ticketLifetimeHint;
-    protected byte[] ticket;
-
-    public NewSessionTicket(long ticketLifetimeHint, byte[] ticket)
-    {
-        this.ticketLifetimeHint = ticketLifetimeHint;
-        this.ticket = ticket;
-    }
-
-    public long getTicketLifetimeHint()
-    {
-        return ticketLifetimeHint;
-    }
-
-    public byte[] getTicket()
-    {
-        return ticket;
-    }
-
-    /**
-     * Encode this {@link NewSessionTicket} to an {@link OutputStream}.
-     *
-     * @param output the {@link OutputStream} to encode to.
-     * @throws IOException
-     */
-    public void encode(OutputStream output)
-        throws IOException
-    {
-        TlsUtils.writeUint32(ticketLifetimeHint, output);
-        TlsUtils.writeOpaque16(ticket, output);
-    }
-
-    /**
-     * Parse a {@link NewSessionTicket} from an {@link InputStream}.
-     *
-     * @param input the {@link InputStream} to parse from.
-     * @return a {@link NewSessionTicket} object.
-     * @throws IOException
-     */
-    public static NewSessionTicket parse(InputStream input)
-        throws IOException
-    {
-        long ticketLifetimeHint = TlsUtils.readUint32(input);
-        byte[] ticket = TlsUtils.readOpaque16(input);
-        return new NewSessionTicket(ticketLifetimeHint, ticket);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/OCSPStatusRequest.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/OCSPStatusRequest.java
deleted file mode 100644
index 8eedbd6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/OCSPStatusRequest.java
+++ /dev/null

@@ -1,132 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.util.Vector;
-
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ocsp.ResponderID;
-import org.bouncycastle.asn1.x509.Extensions;
-import org.bouncycastle.util.io.Streams;
-
-/**
- * RFC 3546 3.6
- */
-public class OCSPStatusRequest
-{
-    protected Vector responderIDList;
-    protected Extensions requestExtensions;
-
-    /**
-     * @param responderIDList
-     *            a {@link Vector} of {@link ResponderID}, specifying the list of trusted OCSP
-     *            responders. An empty list has the special meaning that the responders are
-     *            implicitly known to the server - e.g., by prior arrangement.
-     * @param requestExtensions
-     *            OCSP request extensions. A null value means that there are no extensions.
-     */
-    public OCSPStatusRequest(Vector responderIDList, Extensions requestExtensions)
-    {
-        this.responderIDList = responderIDList;
-        this.requestExtensions = requestExtensions;
-    }
-
-    /**
-     * @return a {@link Vector} of {@link ResponderID}
-     */
-    public Vector getResponderIDList()
-    {
-        return responderIDList;
-    }
-
-    /**
-     * @return OCSP request extensions
-     */
-    public Extensions getRequestExtensions()
-    {
-        return requestExtensions;
-    }
-
-    /**
-     * Encode this {@link OCSPStatusRequest} to an {@link OutputStream}.
-     * 
-     * @param output
-     *            the {@link OutputStream} to encode to.
-     * @throws IOException
-     */
-    public void encode(OutputStream output) throws IOException
-    {
-        if (responderIDList == null || responderIDList.isEmpty())
-        {
-            TlsUtils.writeUint16(0, output);
-        }
-        else
-        {
-            ByteArrayOutputStream buf = new ByteArrayOutputStream();
-            for (int i = 0; i < responderIDList.size(); ++i)
-            {
-                ResponderID responderID = (ResponderID) responderIDList.elementAt(i);
-                byte[] derEncoding = responderID.getEncoded(ASN1Encoding.DER);
-                TlsUtils.writeOpaque16(derEncoding, buf);
-            }
-            TlsUtils.checkUint16(buf.size());
-            TlsUtils.writeUint16(buf.size(), output);
-            Streams.writeBufTo(buf, output);
-        }
-
-        if (requestExtensions == null)
-        {
-            TlsUtils.writeUint16(0, output);
-        }
-        else
-        {
-            byte[] derEncoding = requestExtensions.getEncoded(ASN1Encoding.DER);
-            TlsUtils.checkUint16(derEncoding.length);
-            TlsUtils.writeUint16(derEncoding.length, output);
-            output.write(derEncoding);
-        }
-    }
-
-    /**
-     * Parse an {@link OCSPStatusRequest} from an {@link InputStream}.
-     * 
-     * @param input
-     *            the {@link InputStream} to parse from.
-     * @return an {@link OCSPStatusRequest} object.
-     * @throws IOException
-     */
-    public static OCSPStatusRequest parse(InputStream input) throws IOException
-    {
-        Vector responderIDList = new Vector();
-        {
-            int length = TlsUtils.readUint16(input);
-            if (length > 0)
-            {
-                byte[] data = TlsUtils.readFully(length, input);
-                ByteArrayInputStream buf = new ByteArrayInputStream(data);
-                do
-                {
-                    byte[] derEncoding = TlsUtils.readOpaque16(buf);
-                    ResponderID responderID = ResponderID.getInstance(TlsUtils.readDERObject(derEncoding));
-                    responderIDList.addElement(responderID);
-                }
-                while (buf.available() > 0);
-            }
-        }
-
-        Extensions requestExtensions = null;
-        {
-            int length = TlsUtils.readUint16(input);
-            if (length > 0)
-            {
-                byte[] derEncoding = TlsUtils.readFully(length, input);
-                requestExtensions = Extensions.getInstance(TlsUtils.readDERObject(derEncoding));
-            }
-        }
-
-        return new OCSPStatusRequest(responderIDList, requestExtensions);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/PRFAlgorithm.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/PRFAlgorithm.java
deleted file mode 100644
index 33c27c4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/PRFAlgorithm.java
+++ /dev/null

@@ -1,22 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/**
- * RFC 5246
- * <p>
- * Note that the values here are implementation-specific and arbitrary. It is recommended not to
- * depend on the particular values (e.g. serialization).
- */
-public class PRFAlgorithm
-{
-    /*
-     * Placeholder to refer to the legacy TLS algorithm
-     */
-    public static final int tls_prf_legacy = 0;
-
-    public static final int tls_prf_sha256 = 1;
-
-    /*
-     * Implied by RFC 5288
-     */
-    public static final int tls_prf_sha384 = 2;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/PSKTlsClient.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/PSKTlsClient.java
deleted file mode 100644
index a38035e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/PSKTlsClient.java
+++ /dev/null

@@ -1,74 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-
-public class PSKTlsClient
-    extends AbstractTlsClient
-{
-    protected TlsDHVerifier dhVerifier;
-    protected TlsPSKIdentity pskIdentity;
-
-    public PSKTlsClient(TlsPSKIdentity pskIdentity)
-    {
-        this(new DefaultTlsCipherFactory(), pskIdentity);
-    }
-
-    public PSKTlsClient(TlsCipherFactory cipherFactory, TlsPSKIdentity pskIdentity)
-    {
-        this(cipherFactory, new DefaultTlsDHVerifier(), pskIdentity);
-    }
-
-    public PSKTlsClient(TlsCipherFactory cipherFactory, TlsDHVerifier dhVerifier, TlsPSKIdentity pskIdentity)
-    {
-        super(cipherFactory);
-
-        this.dhVerifier = dhVerifier;
-        this.pskIdentity = pskIdentity;
-    }
-
-    public int[] getCipherSuites()
-    {
-        return new int[]
-        {
-            CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
-            CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
-        };
-    }
-
-    public TlsKeyExchange getKeyExchange() throws IOException
-    {
-        int keyExchangeAlgorithm = TlsUtils.getKeyExchangeAlgorithm(selectedCipherSuite);
-
-        switch (keyExchangeAlgorithm)
-        {
-        case KeyExchangeAlgorithm.DHE_PSK:
-        case KeyExchangeAlgorithm.ECDHE_PSK:
-        case KeyExchangeAlgorithm.PSK:
-        case KeyExchangeAlgorithm.RSA_PSK:
-            return createPSKKeyExchange(keyExchangeAlgorithm);
-
-        default:
-            /*
-             * Note: internal error here; the TlsProtocol implementation verifies that the
-             * server-selected cipher suite was in the list of client-offered cipher suites, so if
-             * we now can't produce an implementation, we shouldn't have offered it!
-             */
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    public TlsAuthentication getAuthentication() throws IOException
-    {
-        /*
-         * Note: This method is not called unless a server certificate is sent, which may be the
-         * case e.g. for RSA_PSK key exchange.
-         */
-        throw new TlsFatalAlert(AlertDescription.internal_error);
-    }
-
-    protected TlsKeyExchange createPSKKeyExchange(int keyExchange)
-    {
-        return new TlsPSKKeyExchange(keyExchange, supportedSignatureAlgorithms, pskIdentity, null, dhVerifier, null,
-            namedCurves, clientECPointFormats, serverECPointFormats);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/PSKTlsServer.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/PSKTlsServer.java
deleted file mode 100644
index 091e49d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/PSKTlsServer.java
+++ /dev/null

@@ -1,92 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-
-import org.bouncycastle.crypto.agreement.DHStandardGroups;
-import org.bouncycastle.crypto.params.DHParameters;
-
-public class PSKTlsServer
-    extends AbstractTlsServer
-{
-    protected TlsPSKIdentityManager pskIdentityManager;
-
-    public PSKTlsServer(TlsPSKIdentityManager pskIdentityManager)
-    {
-        this(new DefaultTlsCipherFactory(), pskIdentityManager);
-    }
-
-    public PSKTlsServer(TlsCipherFactory cipherFactory, TlsPSKIdentityManager pskIdentityManager)
-    {
-        super(cipherFactory);
-        this.pskIdentityManager = pskIdentityManager;
-    }
-
-    protected TlsEncryptionCredentials getRSAEncryptionCredentials() throws IOException
-    {
-        throw new TlsFatalAlert(AlertDescription.internal_error);
-    }
-
-    protected DHParameters getDHParameters()
-    {
-        return DHStandardGroups.rfc7919_ffdhe2048;
-    }
-
-    protected int[] getCipherSuites()
-    {
-        return new int[]
-        {
-            CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256,
-            CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA,
-            CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA256,
-            CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA
-        };
-    }
-
-    public TlsCredentials getCredentials() throws IOException
-    {
-        int keyExchangeAlgorithm = TlsUtils.getKeyExchangeAlgorithm(selectedCipherSuite);
-
-        switch (keyExchangeAlgorithm)
-        {
-        case KeyExchangeAlgorithm.DHE_PSK:
-        case KeyExchangeAlgorithm.ECDHE_PSK:
-        case KeyExchangeAlgorithm.PSK:
-            return null;
-
-        case KeyExchangeAlgorithm.RSA_PSK:
-            return getRSAEncryptionCredentials();
-
-        default:
-            /* Note: internal error here; selected a key exchange we don't implement! */
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    public TlsKeyExchange getKeyExchange() throws IOException
-    {
-        int keyExchangeAlgorithm = TlsUtils.getKeyExchangeAlgorithm(selectedCipherSuite);
-
-        switch (keyExchangeAlgorithm)
-        {
-        case KeyExchangeAlgorithm.DHE_PSK:
-        case KeyExchangeAlgorithm.ECDHE_PSK:
-        case KeyExchangeAlgorithm.PSK:
-        case KeyExchangeAlgorithm.RSA_PSK:
-            return createPSKKeyExchange(keyExchangeAlgorithm);
-
-        default:
-            /*
-             * Note: internal error here; the TlsProtocol implementation verifies that the
-             * server-selected cipher suite was in the list of client-offered cipher suites, so if
-             * we now can't produce an implementation, we shouldn't have offered it!
-             */
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    protected TlsKeyExchange createPSKKeyExchange(int keyExchange)
-    {
-        return new TlsPSKKeyExchange(keyExchange, supportedSignatureAlgorithms, null, pskIdentityManager,
-            null, getDHParameters(), namedCurves, clientECPointFormats, serverECPointFormats);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ProtocolVersion.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/ProtocolVersion.java
deleted file mode 100644
index 8be2bec..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ProtocolVersion.java
+++ /dev/null

@@ -1,158 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-
-import org.bouncycastle.util.Strings;
-
-public final class ProtocolVersion
-{
-    public static final ProtocolVersion SSLv3 = new ProtocolVersion(0x0300, "SSL 3.0");
-    public static final ProtocolVersion TLSv10 = new ProtocolVersion(0x0301, "TLS 1.0");
-    public static final ProtocolVersion TLSv11 = new ProtocolVersion(0x0302, "TLS 1.1");
-    public static final ProtocolVersion TLSv12 = new ProtocolVersion(0x0303, "TLS 1.2");
-    public static final ProtocolVersion DTLSv10 = new ProtocolVersion(0xFEFF, "DTLS 1.0");
-    public static final ProtocolVersion DTLSv12 = new ProtocolVersion(0xFEFD, "DTLS 1.2");
-
-    private int version;
-    private String name;
-
-    private ProtocolVersion(int v, String name)
-    {
-        this.version = v & 0xffff;
-        this.name = name;
-    }
-
-    public int getFullVersion()
-    {
-        return version;
-    }
-
-    public int getMajorVersion()
-    {
-        return version >> 8;
-    }
-
-    public int getMinorVersion()
-    {
-        return version & 0xff;
-    }
-
-    public boolean isDTLS()
-    {
-        return getMajorVersion() == 0xFE;
-    }
-
-    public boolean isSSL()
-    {
-        return this == SSLv3;
-    }
-
-    public boolean isTLS()
-    {
-        return getMajorVersion() == 0x03;
-    }
-
-    public ProtocolVersion getEquivalentTLSVersion()
-    {
-        if (!isDTLS())
-        {
-            return this;
-        }
-        if (this == DTLSv10)
-        {
-            return TLSv11;
-        }
-        return TLSv12;
-    }
-
-    public boolean isEqualOrEarlierVersionOf(ProtocolVersion version)
-    {
-        if (getMajorVersion() != version.getMajorVersion())
-        {
-            return false;
-        }
-        int diffMinorVersion = version.getMinorVersion() - getMinorVersion();
-        return isDTLS() ? diffMinorVersion <= 0 : diffMinorVersion >= 0;
-    }
-
-    public boolean isLaterVersionOf(ProtocolVersion version)
-    {
-        if (getMajorVersion() != version.getMajorVersion())
-        {
-            return false;
-        }
-        int diffMinorVersion = version.getMinorVersion() - getMinorVersion();
-        return isDTLS() ? diffMinorVersion > 0 : diffMinorVersion < 0;
-    }
-
-    public boolean equals(Object other)
-    {
-        return this == other || (other instanceof ProtocolVersion && equals((ProtocolVersion)other));
-    }
-
-    public boolean equals(ProtocolVersion other)
-    {
-        return other != null && this.version == other.version;
-    }
-
-    public int hashCode()
-    {
-        return version;
-    }
-
-    public static ProtocolVersion get(int major, int minor)
-        throws IOException
-    {
-        switch (major)
-        {
-        case 0x03:
-        {
-            switch (minor)
-            {
-            case 0x00:
-                return SSLv3;
-            case 0x01:
-                return TLSv10;
-            case 0x02:
-                return TLSv11;
-            case 0x03:
-                return TLSv12;
-            }
-            return getUnknownVersion(major, minor, "TLS");
-        }
-        case 0xFE:
-        {
-            switch (minor)
-            {
-            case 0xFF:
-                return DTLSv10;
-            case 0xFE:
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-            case 0xFD:
-                return DTLSv12;
-            }
-            return getUnknownVersion(major, minor, "DTLS");
-        }
-        default:
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-        }
-    }
-
-    public String toString()
-    {
-        return name;
-    }
-
-    private static ProtocolVersion getUnknownVersion(int major, int minor, String prefix)
-        throws IOException
-    {
-        TlsUtils.checkUint8(major);
-        TlsUtils.checkUint8(minor);
-
-        int v = (major << 8) | minor;
-        String hex = Strings.toUpperCase(Integer.toHexString(0x10000 | v).substring(1));
-        return new ProtocolVersion(v, prefix + " 0x" + hex);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/RecordStream.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/RecordStream.java
deleted file mode 100644
index 0250dcb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/RecordStream.java
+++ /dev/null

@@ -1,432 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-
-import org.bouncycastle.util.io.SimpleOutputStream;
-
-/**
- * An implementation of the TLS 1.0/1.1/1.2 record layer, allowing downgrade to SSLv3.
- */
-class RecordStream
-{
-    private static int DEFAULT_PLAINTEXT_LIMIT = (1 << 14);
-    static final int TLS_HEADER_SIZE = 5;
-    static final int TLS_HEADER_TYPE_OFFSET = 0;
-    static final int TLS_HEADER_VERSION_OFFSET = 1;
-    static final int TLS_HEADER_LENGTH_OFFSET = 3;
-
-    private TlsProtocol handler;
-    private InputStream input;
-    private OutputStream output;
-    private TlsCompression pendingCompression = null, readCompression = null, writeCompression = null;
-    private TlsCipher pendingCipher = null, readCipher = null, writeCipher = null;
-    private SequenceNumber readSeqNo = new SequenceNumber(), writeSeqNo = new SequenceNumber();
-    private ByteArrayOutputStream buffer = new ByteArrayOutputStream();
-
-    private TlsHandshakeHash handshakeHash = null;
-    private SimpleOutputStream handshakeHashUpdater = new SimpleOutputStream()
-    {
-        public void write(byte[] buf, int off, int len) throws IOException
-        {
-            handshakeHash.update(buf, off, len);
-        }
-    };
-
-    private ProtocolVersion readVersion = null, writeVersion = null;
-    private boolean restrictReadVersion = true;
-
-    private int plaintextLimit, compressedLimit, ciphertextLimit;
-
-    RecordStream(TlsProtocol handler, InputStream input, OutputStream output)
-    {
-        this.handler = handler;
-        this.input = input;
-        this.output = output;
-        this.readCompression = new TlsNullCompression();
-        this.writeCompression = this.readCompression;
-    }
-
-    void init(TlsContext context)
-    {
-        this.readCipher = new TlsNullCipher(context);
-        this.writeCipher = this.readCipher;
-        this.handshakeHash = new DeferredHash();
-        this.handshakeHash.init(context);
-
-        setPlaintextLimit(DEFAULT_PLAINTEXT_LIMIT);
-    }
-
-    int getPlaintextLimit()
-    {
-        return plaintextLimit;
-    }
-
-    void setPlaintextLimit(int plaintextLimit)
-    {
-        this.plaintextLimit = plaintextLimit;
-        this.compressedLimit = this.plaintextLimit + 1024;
-        this.ciphertextLimit = this.compressedLimit + 1024;
-    }
-
-    ProtocolVersion getReadVersion()
-    {
-        return readVersion;
-    }
-
-    void setReadVersion(ProtocolVersion readVersion)
-    {
-        this.readVersion = readVersion;
-    }
-
-    void setWriteVersion(ProtocolVersion writeVersion)
-    {
-        this.writeVersion = writeVersion;
-    }
-
-    /**
-     * RFC 5246 E.1. "Earlier versions of the TLS specification were not fully clear on what the
-     * record layer version number (TLSPlaintext.version) should contain when sending ClientHello
-     * (i.e., before it is known which version of the protocol will be employed). Thus, TLS servers
-     * compliant with this specification MUST accept any value {03,XX} as the record layer version
-     * number for ClientHello."
-     */
-    void setRestrictReadVersion(boolean enabled)
-    {
-        this.restrictReadVersion = enabled;
-    }
-
-    void setPendingConnectionState(TlsCompression tlsCompression, TlsCipher tlsCipher)
-    {
-        this.pendingCompression = tlsCompression;
-        this.pendingCipher = tlsCipher;
-    }
-
-    void sentWriteCipherSpec()
-        throws IOException
-    {
-        if (pendingCompression == null || pendingCipher == null)
-        {
-            throw new TlsFatalAlert(AlertDescription.handshake_failure);
-        }
-        this.writeCompression = this.pendingCompression;
-        this.writeCipher = this.pendingCipher;
-        this.writeSeqNo = new SequenceNumber();
-    }
-
-    void receivedReadCipherSpec()
-        throws IOException
-    {
-        if (pendingCompression == null || pendingCipher == null)
-        {
-            throw new TlsFatalAlert(AlertDescription.handshake_failure);
-        }
-        this.readCompression = this.pendingCompression;
-        this.readCipher = this.pendingCipher;
-        this.readSeqNo = new SequenceNumber();
-    }
-
-    void finaliseHandshake()
-        throws IOException
-    {
-        if (readCompression != pendingCompression || writeCompression != pendingCompression
-            || readCipher != pendingCipher || writeCipher != pendingCipher)
-        {
-            throw new TlsFatalAlert(AlertDescription.handshake_failure);
-        }
-        this.pendingCompression = null;
-        this.pendingCipher = null;
-    }
-
-    void checkRecordHeader(byte[] recordHeader) throws IOException
-    {
-        short type = TlsUtils.readUint8(recordHeader, TLS_HEADER_TYPE_OFFSET);
-
-        /*
-         * RFC 5246 6. If a TLS implementation receives an unexpected record type, it MUST send an
-         * unexpected_message alert.
-         */
-        checkType(type, AlertDescription.unexpected_message);
-
-        if (!restrictReadVersion)
-        {
-            int version = TlsUtils.readVersionRaw(recordHeader, TLS_HEADER_VERSION_OFFSET);
-            if ((version & 0xffffff00) != 0x0300)
-            {
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-            }
-        }
-        else
-        {
-            ProtocolVersion version = TlsUtils.readVersion(recordHeader, TLS_HEADER_VERSION_OFFSET);
-            if (readVersion == null)
-            {
-                // Will be set later in 'readRecord'
-            }
-            else if (!version.equals(readVersion))
-            {
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-            }
-        }
-
-        int length = TlsUtils.readUint16(recordHeader, TLS_HEADER_LENGTH_OFFSET);
-
-        checkLength(length, ciphertextLimit, AlertDescription.record_overflow);
-    }
-
-    boolean readRecord()
-        throws IOException
-    {
-        byte[] recordHeader = TlsUtils.readAllOrNothing(TLS_HEADER_SIZE, input);
-        if (recordHeader == null)
-        {
-            return false;
-        }
-
-        short type = TlsUtils.readUint8(recordHeader, TLS_HEADER_TYPE_OFFSET);
-
-        /*
-         * RFC 5246 6. If a TLS implementation receives an unexpected record type, it MUST send an
-         * unexpected_message alert.
-         */
-        checkType(type, AlertDescription.unexpected_message);
-
-        if (!restrictReadVersion)
-        {
-            int version = TlsUtils.readVersionRaw(recordHeader, TLS_HEADER_VERSION_OFFSET);
-            if ((version & 0xffffff00) != 0x0300)
-            {
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-            }
-        }
-        else
-        {
-            ProtocolVersion version = TlsUtils.readVersion(recordHeader, TLS_HEADER_VERSION_OFFSET);
-            if (readVersion == null)
-            {
-                readVersion = version;
-            }
-            else if (!version.equals(readVersion))
-            {
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-            }
-        }
-
-        int length = TlsUtils.readUint16(recordHeader, TLS_HEADER_LENGTH_OFFSET);
-
-        checkLength(length, ciphertextLimit, AlertDescription.record_overflow);
-
-        byte[] plaintext = decodeAndVerify(type, input, length);
-        handler.processRecord(type, plaintext, 0, plaintext.length);
-        return true;
-    }
-
-    byte[] decodeAndVerify(short type, InputStream input, int len)
-        throws IOException
-    {
-        byte[] buf = TlsUtils.readFully(len, input);
-
-        long seqNo = readSeqNo.nextValue(AlertDescription.unexpected_message);
-        byte[] decoded = readCipher.decodeCiphertext(seqNo, type, buf, 0, buf.length);
-
-        checkLength(decoded.length, compressedLimit, AlertDescription.record_overflow);
-
-        /*
-         * TODO RFC 5246 6.2.2. Implementation note: Decompression functions are responsible for
-         * ensuring that messages cannot cause internal buffer overflows.
-         */
-        OutputStream cOut = readCompression.decompress(buffer);
-        if (cOut != buffer)
-        {
-            cOut.write(decoded, 0, decoded.length);
-            cOut.flush();
-            decoded = getBufferContents();
-        }
-
-        /*
-         * RFC 5246 6.2.2. If the decompression function encounters a TLSCompressed.fragment that
-         * would decompress to a length in excess of 2^14 bytes, it should report a fatal
-         * decompression failure error.
-         */
-        checkLength(decoded.length, plaintextLimit, AlertDescription.decompression_failure);
-
-        /*
-         * RFC 5246 6.2.1 Implementations MUST NOT send zero-length fragments of Handshake, Alert,
-         * or ChangeCipherSpec content types.
-         */
-        if (decoded.length < 1 && type != ContentType.application_data)
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-
-        return decoded;
-    }
-
-    void writeRecord(short type, byte[] plaintext, int plaintextOffset, int plaintextLength)
-        throws IOException
-    {
-        // Never send anything until a valid ClientHello has been received
-        if (writeVersion == null)
-        {
-            return;
-        }
-
-        /*
-         * RFC 5246 6. Implementations MUST NOT send record types not defined in this document
-         * unless negotiated by some extension.
-         */
-        checkType(type, AlertDescription.internal_error);
-
-        /*
-         * RFC 5246 6.2.1 The length should not exceed 2^14.
-         */
-        checkLength(plaintextLength, plaintextLimit, AlertDescription.internal_error);
-
-        /*
-         * RFC 5246 6.2.1 Implementations MUST NOT send zero-length fragments of Handshake, Alert,
-         * or ChangeCipherSpec content types.
-         */
-        if (plaintextLength < 1 && type != ContentType.application_data)
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        OutputStream cOut = writeCompression.compress(buffer);
-
-        long seqNo = writeSeqNo.nextValue(AlertDescription.internal_error);
-
-        byte[] ciphertext;
-        if (cOut == buffer)
-        {
-            ciphertext = writeCipher.encodePlaintext(seqNo, type, plaintext, plaintextOffset, plaintextLength);
-        }
-        else
-        {
-            cOut.write(plaintext, plaintextOffset, plaintextLength);
-            cOut.flush();
-            byte[] compressed = getBufferContents();
-
-            /*
-             * RFC 5246 6.2.2. Compression must be lossless and may not increase the content length
-             * by more than 1024 bytes.
-             */
-            checkLength(compressed.length, plaintextLength + 1024, AlertDescription.internal_error);
-
-            ciphertext = writeCipher.encodePlaintext(seqNo, type, compressed, 0, compressed.length);
-        }
-
-        /*
-         * RFC 5246 6.2.3. The length may not exceed 2^14 + 2048.
-         */
-        checkLength(ciphertext.length, ciphertextLimit, AlertDescription.internal_error);
-
-        byte[] record = new byte[ciphertext.length + TLS_HEADER_SIZE];
-        TlsUtils.writeUint8(type, record, TLS_HEADER_TYPE_OFFSET);
-        TlsUtils.writeVersion(writeVersion, record, TLS_HEADER_VERSION_OFFSET);
-        TlsUtils.writeUint16(ciphertext.length, record, TLS_HEADER_LENGTH_OFFSET);
-        System.arraycopy(ciphertext, 0, record, TLS_HEADER_SIZE, ciphertext.length);
-        output.write(record);
-        output.flush();
-    }
-
-    void notifyHelloComplete()
-    {
-        this.handshakeHash = handshakeHash.notifyPRFDetermined();
-    }
-
-    TlsHandshakeHash getHandshakeHash()
-    {
-        return handshakeHash;
-    }
-
-    OutputStream getHandshakeHashUpdater()
-    {
-        return handshakeHashUpdater;
-    }
-
-    TlsHandshakeHash prepareToFinish()
-    {
-        TlsHandshakeHash result = handshakeHash;
-        this.handshakeHash = handshakeHash.stopTracking();
-        return result;
-    }
-
-    void safeClose()
-    {
-        try
-        {
-            input.close();
-        }
-        catch (IOException e)
-        {
-        }
-
-        try
-        {
-            output.close();
-        }
-        catch (IOException e)
-        {
-        }
-    }
-
-    void flush()
-        throws IOException
-    {
-        output.flush();
-    }
-
-    private byte[] getBufferContents()
-    {
-        byte[] contents = buffer.toByteArray();
-        buffer.reset();
-        return contents;
-    }
-
-    private static void checkType(short type, short alertDescription)
-        throws IOException
-    {
-        switch (type)
-        {
-        case ContentType.application_data:
-        case ContentType.alert:
-        case ContentType.change_cipher_spec:
-        case ContentType.handshake:
-//        case ContentType.heartbeat:
-            break;
-        default:
-            throw new TlsFatalAlert(alertDescription);
-        }
-    }
-
-    private static void checkLength(int length, int limit, short alertDescription)
-        throws IOException
-    {
-        if (length > limit)
-        {
-            throw new TlsFatalAlert(alertDescription);
-        }
-    }
-
-    private static class SequenceNumber
-    {
-        private long value = 0L;
-        private boolean exhausted = false;
-
-        synchronized long nextValue(short alertDescription) throws TlsFatalAlert
-        {
-            if (exhausted)
-            {
-                throw new TlsFatalAlert(alertDescription);
-            }
-            long result = value;
-            if (++value == 0)
-            {
-                exhausted = true;
-            }
-            return result;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/SRPTlsClient.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/SRPTlsClient.java
deleted file mode 100644
index 8ae6f4c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/SRPTlsClient.java
+++ /dev/null

@@ -1,107 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-import java.util.Hashtable;
-
-import org.bouncycastle.util.Arrays;
-
-public class SRPTlsClient
-    extends AbstractTlsClient
-{
-    protected TlsSRPGroupVerifier groupVerifier;
-
-    protected byte[] identity;
-    protected byte[] password;
-
-    public SRPTlsClient(byte[] identity, byte[] password)
-    {
-        this(new DefaultTlsCipherFactory(), new DefaultTlsSRPGroupVerifier(), identity, password);
-    }
-
-    public SRPTlsClient(TlsCipherFactory cipherFactory, byte[] identity, byte[] password)
-    {
-        this(cipherFactory, new DefaultTlsSRPGroupVerifier(), identity, password);
-    }
-
-    public SRPTlsClient(TlsCipherFactory cipherFactory, TlsSRPGroupVerifier groupVerifier,
-        byte[] identity, byte[] password)
-    {
-        super(cipherFactory);
-        this.groupVerifier = groupVerifier;
-        this.identity = Arrays.clone(identity);
-        this.password = Arrays.clone(password);
-    }
-
-    protected boolean requireSRPServerExtension()
-    {
-        // No explicit guidance in RFC 5054; by default an (empty) extension from server is optional
-        return false;
-    }
-
-    public int[] getCipherSuites()
-    {
-        return new int[]
-        {
-            CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA
-        };
-    }
-
-    public Hashtable getClientExtensions()
-        throws IOException
-    {
-        Hashtable clientExtensions = TlsExtensionsUtils.ensureExtensionsInitialised(super.getClientExtensions());
-        TlsSRPUtils.addSRPExtension(clientExtensions, this.identity);
-        return clientExtensions;
-    }
-
-    public void processServerExtensions(Hashtable serverExtensions)
-        throws IOException
-    {
-        if (!TlsUtils.hasExpectedEmptyExtensionData(serverExtensions, TlsSRPUtils.EXT_SRP,
-            AlertDescription.illegal_parameter))
-        {
-            if (requireSRPServerExtension())
-            {
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-            }
-        }
-
-        super.processServerExtensions(serverExtensions);
-    }
-
-    public TlsKeyExchange getKeyExchange()
-        throws IOException
-    {
-        int keyExchangeAlgorithm = TlsUtils.getKeyExchangeAlgorithm(selectedCipherSuite);
-
-        switch (keyExchangeAlgorithm)
-        {
-        case KeyExchangeAlgorithm.SRP:
-        case KeyExchangeAlgorithm.SRP_DSS:
-        case KeyExchangeAlgorithm.SRP_RSA:
-            return createSRPKeyExchange(keyExchangeAlgorithm);
-
-        default:
-            /*
-             * Note: internal error here; the TlsProtocol implementation verifies that the
-             * server-selected cipher suite was in the list of client-offered cipher suites, so if
-             * we now can't produce an implementation, we shouldn't have offered it!
-             */
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    public TlsAuthentication getAuthentication() throws IOException
-    {
-        /*
-         * Note: This method is not called unless a server certificate is sent, which may be the
-         * case e.g. for SRP_DSS or SRP_RSA key exchange.
-         */
-        throw new TlsFatalAlert(AlertDescription.internal_error);
-    }
-
-    protected TlsKeyExchange createSRPKeyExchange(int keyExchange)
-    {
-        return new TlsSRPKeyExchange(keyExchange, supportedSignatureAlgorithms, groupVerifier, identity, password);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/SRPTlsServer.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/SRPTlsServer.java
deleted file mode 100644
index b4f83a3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/SRPTlsServer.java
+++ /dev/null

@@ -1,124 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-import java.util.Hashtable;
-
-public class SRPTlsServer
-    extends AbstractTlsServer
-{
-    protected TlsSRPIdentityManager srpIdentityManager;
-
-    protected byte[] srpIdentity = null;
-    protected TlsSRPLoginParameters loginParameters = null;
-
-    public SRPTlsServer(TlsSRPIdentityManager srpIdentityManager)
-    {
-        this(new DefaultTlsCipherFactory(), srpIdentityManager);
-    }
-
-    public SRPTlsServer(TlsCipherFactory cipherFactory, TlsSRPIdentityManager srpIdentityManager)
-    {
-        super(cipherFactory);
-        this.srpIdentityManager = srpIdentityManager;
-    }
-
-    protected TlsSignerCredentials getDSASignerCredentials()
-        throws IOException
-    {
-        throw new TlsFatalAlert(AlertDescription.internal_error);
-    }
-
-    protected TlsSignerCredentials getRSASignerCredentials()
-        throws IOException
-    {
-        throw new TlsFatalAlert(AlertDescription.internal_error);
-    }
-
-    protected int[] getCipherSuites()
-    {
-        return new int[]
-        {
-            CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA,
-            CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA,
-            CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA,
-            CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA,
-            CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA,
-            CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA
-        };
-    }
-
-    public void processClientExtensions(Hashtable clientExtensions) throws IOException
-    {
-        super.processClientExtensions(clientExtensions);
-
-        this.srpIdentity = TlsSRPUtils.getSRPExtension(clientExtensions);
-    }
-
-    public int getSelectedCipherSuite() throws IOException
-    {
-        int cipherSuite = super.getSelectedCipherSuite();
-
-        if (TlsSRPUtils.isSRPCipherSuite(cipherSuite))
-        {
-            if (srpIdentity != null)
-            {
-                this.loginParameters = srpIdentityManager.getLoginParameters(srpIdentity);
-            }
-
-            if (loginParameters == null)
-            {
-                throw new TlsFatalAlert(AlertDescription.unknown_psk_identity);
-            }
-        }
-
-        return cipherSuite;
-    }
-
-    public TlsCredentials getCredentials() throws IOException
-    {
-        int keyExchangeAlgorithm = TlsUtils.getKeyExchangeAlgorithm(selectedCipherSuite);
-
-        switch (keyExchangeAlgorithm)
-        {
-        case KeyExchangeAlgorithm.SRP:
-            return null;
-
-        case KeyExchangeAlgorithm.SRP_DSS:
-            return getDSASignerCredentials();
-
-        case KeyExchangeAlgorithm.SRP_RSA:
-            return getRSASignerCredentials();
-
-        default:
-            /* Note: internal error here; selected a key exchange we don't implement! */
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    public TlsKeyExchange getKeyExchange()
-        throws IOException
-    {
-        int keyExchangeAlgorithm = TlsUtils.getKeyExchangeAlgorithm(selectedCipherSuite);
-
-        switch (keyExchangeAlgorithm)
-        {
-        case KeyExchangeAlgorithm.SRP:
-        case KeyExchangeAlgorithm.SRP_DSS:
-        case KeyExchangeAlgorithm.SRP_RSA:
-            return createSRPKeyExchange(keyExchangeAlgorithm);
-
-        default:
-            /*
-             * Note: internal error here; the TlsProtocol implementation verifies that the
-             * server-selected cipher suite was in the list of client-offered cipher suites, so if
-             * we now can't produce an implementation, we shouldn't have offered it!
-             */
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    protected TlsKeyExchange createSRPKeyExchange(int keyExchange)
-    {
-        return new TlsSRPKeyExchange(keyExchange, supportedSignatureAlgorithms, srpIdentity, loginParameters);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/SRTPProtectionProfile.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/SRTPProtectionProfile.java
deleted file mode 100644
index 1378d79..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/SRTPProtectionProfile.java
+++ /dev/null

@@ -1,18 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-public class SRTPProtectionProfile
-{
-    /*
-     * RFC 5764 4.1.2.
-     */
-    public static final int SRTP_AES128_CM_HMAC_SHA1_80 = 0x0001;
-    public static final int SRTP_AES128_CM_HMAC_SHA1_32 = 0x0002;
-    public static final int SRTP_NULL_HMAC_SHA1_80 = 0x0005;
-    public static final int SRTP_NULL_HMAC_SHA1_32 = 0x0006;
-
-    /*
-     * RFC 7714 14.2.
-     */
-    public static final int SRTP_AEAD_AES_128_GCM = 0x0007;
-    public static final int SRTP_AEAD_AES_256_GCM = 0x0008;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/SSL3Mac.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/SSL3Mac.java
deleted file mode 100644
index 28082d2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/SSL3Mac.java
+++ /dev/null

@@ -1,114 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-
-/**
- * HMAC implementation based on original internet draft for HMAC (RFC 2104)
- * <p>
- * The difference is that padding is concatenated versus XORed with the key
- * <p>
- * H(K + opad, H(K + ipad, text))
- */
-public class SSL3Mac
-    implements Mac
-{
-    private final static byte IPAD_BYTE = (byte)0x36;
-    private final static byte OPAD_BYTE = (byte)0x5C;
-
-    static final byte[] IPAD = genPad(IPAD_BYTE, 48);
-    static final byte[] OPAD = genPad(OPAD_BYTE, 48);
-
-    private Digest digest;
-    private int padLength;
-
-    private byte[] secret;
-
-    /**
-     * Base constructor for one of the standard digest algorithms that the byteLength of
-     * the algorithm is know for. Behaviour is undefined for digests other than MD5 or SHA1.
-     *
-     * @param digest the digest.
-     */
-    public SSL3Mac(Digest digest)
-    {
-        this.digest = digest;
-
-        if (digest.getDigestSize() == 20)
-        {
-            this.padLength = 40;
-        }
-        else
-        {
-            this.padLength = 48;
-        }
-    }
-
-    public String getAlgorithmName()
-    {
-        return digest.getAlgorithmName() + "/SSL3MAC";
-    }
-
-    public Digest getUnderlyingDigest()
-    {
-        return digest;
-    }
-
-    public void init(CipherParameters params)
-    {
-        secret = Arrays.clone(((KeyParameter)params).getKey());
-
-        reset();
-    }
-
-    public int getMacSize()
-    {
-        return digest.getDigestSize();
-    }
-
-    public void update(byte in)
-    {
-        digest.update(in);
-    }
-
-    public void update(byte[] in, int inOff, int len)
-    {
-        digest.update(in, inOff, len);
-    }
-
-    public int doFinal(byte[] out, int outOff)
-    {
-        byte[] tmp = new byte[digest.getDigestSize()];
-        digest.doFinal(tmp, 0);
-
-        digest.update(secret, 0, secret.length);
-        digest.update(OPAD, 0, padLength);
-        digest.update(tmp, 0, tmp.length);
-
-        int len = digest.doFinal(out, outOff);
-
-        reset();
-
-        return len;
-    }
-
-    /**
-     * Reset the mac generator.
-     */
-    public void reset()
-    {
-        digest.reset();
-        digest.update(secret, 0, secret.length);
-        digest.update(IPAD, 0, padLength);
-    }
-
-    private static byte[] genPad(byte b, int count)
-    {
-        byte[] padding = new byte[count];
-        Arrays.fill(padding, b);
-        return padding;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/SecurityParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/SecurityParameters.java
deleted file mode 100644
index b523c95..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/SecurityParameters.java
+++ /dev/null

@@ -1,113 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import org.bouncycastle.util.Arrays;
-
-public class SecurityParameters
-{
-    int entity = -1;
-    int cipherSuite = -1;
-    short compressionAlgorithm = CompressionMethod._null;
-    int prfAlgorithm = -1;
-    int verifyDataLength = -1;
-    byte[] masterSecret = null;
-    byte[] clientRandom = null;
-    byte[] serverRandom = null;
-    byte[] sessionHash = null;
-    byte[] pskIdentity = null;
-    byte[] srpIdentity = null;
-
-    // TODO Keep these internal, since it's maybe not the ideal place for them
-    short maxFragmentLength = -1;
-    boolean truncatedHMac = false;
-    boolean encryptThenMAC = false;
-    boolean extendedMasterSecret = false;
-
-    void clear()
-    {
-        if (this.masterSecret != null)
-        {
-            Arrays.fill(this.masterSecret, (byte)0);
-            this.masterSecret = null;
-        }
-    }
-
-    /**
-     * @return {@link ConnectionEnd}
-     */
-    public int getEntity()
-    {
-        return entity;
-    }
-
-    /**
-     * @return {@link CipherSuite}
-     */
-    public int getCipherSuite()
-    {
-        return cipherSuite;
-    }
-
-    /**
-     * @return {@link CompressionMethod}
-     */
-    public short getCompressionAlgorithm()
-    {
-        return compressionAlgorithm;
-    }
-
-    /**
-     * @return {@link PRFAlgorithm}
-     */
-    public int getPrfAlgorithm()
-    {
-        return prfAlgorithm;
-    }
-
-    public int getVerifyDataLength()
-    {
-        return verifyDataLength;
-    }
-
-    public byte[] getMasterSecret()
-    {
-        return masterSecret;
-    }
-
-    public byte[] getClientRandom()
-    {
-        return clientRandom;
-    }
-
-    public byte[] getServerRandom()
-    {
-        return serverRandom;
-    }
-
-    public byte[] getSessionHash()
-    {
-        return sessionHash;
-    }
-
-    /**
-     * @deprecated Use {@link SecurityParameters#getPSKIdentity()}
-     */
-    public byte[] getPskIdentity()
-    {
-        return pskIdentity;
-    }
-
-    public byte[] getPSKIdentity()
-    {
-        return pskIdentity;
-    }
-
-    public byte[] getSRPIdentity()
-    {
-        return srpIdentity;
-    }
-
-    public boolean isExtendedMasterSecret()
-    {
-        return extendedMasterSecret;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ServerName.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/ServerName.java
deleted file mode 100644
index 656214c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ServerName.java
+++ /dev/null

@@ -1,110 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-
-public class ServerName
-{
-    protected short nameType;
-    protected Object name;
-
-    public ServerName(short nameType, Object name)
-    {
-        if (!isCorrectType(nameType, name))
-        {
-            throw new IllegalArgumentException("'name' is not an instance of the correct type");
-        }
-
-        this.nameType = nameType;
-        this.name = name;
-    }
-
-    public short getNameType()
-    {
-        return nameType;
-    }
-
-    public Object getName()
-    {
-        return name;
-    }
-
-    public String getHostName()
-    {
-        if (!isCorrectType(NameType.host_name, name))
-        {
-            throw new IllegalStateException("'name' is not a HostName string");
-        }
-        return (String)name;
-    }
-
-    /**
-     * Encode this {@link ServerName} to an {@link OutputStream}.
-     * 
-     * @param output
-     *            the {@link OutputStream} to encode to.
-     * @throws IOException
-     */
-    public void encode(OutputStream output) throws IOException
-    {
-        TlsUtils.writeUint8(nameType, output);
-
-        switch (nameType)
-        {
-        case NameType.host_name:
-            byte[] asciiEncoding = ((String)name).getBytes("ASCII");
-            if (asciiEncoding.length < 1)
-            {
-                throw new TlsFatalAlert(AlertDescription.internal_error);
-            }
-            TlsUtils.writeOpaque16(asciiEncoding, output);
-            break;
-        default:
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    /**
-     * Parse a {@link ServerName} from an {@link InputStream}.
-     * 
-     * @param input
-     *            the {@link InputStream} to parse from.
-     * @return a {@link ServerName} object.
-     * @throws IOException
-     */
-    public static ServerName parse(InputStream input) throws IOException
-    {
-        short name_type = TlsUtils.readUint8(input);
-        Object name;
-
-        switch (name_type)
-        {
-        case NameType.host_name:
-        {
-            byte[] asciiEncoding = TlsUtils.readOpaque16(input);
-            if (asciiEncoding.length < 1)
-            {
-                throw new TlsFatalAlert(AlertDescription.decode_error);
-            }
-            name = new String(asciiEncoding, "ASCII");
-            break;
-        }
-        default:
-            throw new TlsFatalAlert(AlertDescription.decode_error);
-        }
-
-        return new ServerName(name_type, name);
-    }
-
-    protected static boolean isCorrectType(short nameType, Object name)
-    {
-        switch (nameType)
-        {
-        case NameType.host_name:
-            return name instanceof String;
-        default:
-            throw new IllegalArgumentException("'nameType' is an unsupported NameType");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ServerNameList.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/ServerNameList.java
deleted file mode 100644
index 7e0e3a9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ServerNameList.java
+++ /dev/null

@@ -1,118 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.util.Vector;
-
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.io.Streams;
-
-public class ServerNameList
-{
-    protected Vector serverNameList;
-
-    /**
-     * @param serverNameList a {@link Vector} of {@link ServerName}.
-     */
-    public ServerNameList(Vector serverNameList)
-    {
-        if (serverNameList == null)
-        {
-            throw new IllegalArgumentException("'serverNameList' must not be null");
-        }
-
-        this.serverNameList = serverNameList;
-    }
-
-    /**
-     * @return a {@link Vector} of {@link ServerName}.
-     */
-    public Vector getServerNameList()
-    {
-        return serverNameList;
-    }
-
-    /**
-     * Encode this {@link ServerNameList} to an {@link OutputStream}.
-     * 
-     * @param output
-     *            the {@link OutputStream} to encode to.
-     * @throws IOException
-     */
-    public void encode(OutputStream output) throws IOException
-    {
-        ByteArrayOutputStream buf = new ByteArrayOutputStream();
-
-        short[] nameTypesSeen = new short[0];
-        for (int i = 0; i < serverNameList.size(); ++i)
-        {
-            ServerName entry = (ServerName)serverNameList.elementAt(i);
-
-            nameTypesSeen = checkNameType(nameTypesSeen, entry.getNameType());
-            if (nameTypesSeen == null)
-            {
-                throw new TlsFatalAlert(AlertDescription.internal_error);
-            }
-
-            entry.encode(buf);
-        }
-
-        TlsUtils.checkUint16(buf.size());
-        TlsUtils.writeUint16(buf.size(), output);
-        Streams.writeBufTo(buf, output);
-    }
-
-    /**
-     * Parse a {@link ServerNameList} from an {@link InputStream}.
-     * 
-     * @param input
-     *            the {@link InputStream} to parse from.
-     * @return a {@link ServerNameList} object.
-     * @throws IOException
-     */
-    public static ServerNameList parse(InputStream input) throws IOException
-    {
-        int length = TlsUtils.readUint16(input);
-        if (length < 1)
-        {
-            throw new TlsFatalAlert(AlertDescription.decode_error);
-        }
-
-        byte[] data = TlsUtils.readFully(length, input);
-
-        ByteArrayInputStream buf = new ByteArrayInputStream(data);
-
-        short[] nameTypesSeen = new short[0];
-        Vector server_name_list = new Vector();
-        while (buf.available() > 0)
-        {
-            ServerName entry = ServerName.parse(buf);
-
-            nameTypesSeen = checkNameType(nameTypesSeen, entry.getNameType());
-            if (nameTypesSeen == null)
-            {
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-            }
-
-            server_name_list.addElement(entry);
-        }
-
-        return new ServerNameList(server_name_list);
-    }
-
-    private static short[] checkNameType(short[] nameTypesSeen, short nameType)
-    {
-        /*
-         * RFC 6066 3. The ServerNameList MUST NOT contain more than one name of the same
-         * name_type.
-         */
-        if (!NameType.isValid(nameType) || Arrays.contains(nameTypesSeen, nameType))
-        {
-            return null;
-        }
-        return Arrays.append(nameTypesSeen, nameType);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ServerOnlyTlsAuthentication.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/ServerOnlyTlsAuthentication.java
deleted file mode 100644
index eccbb3f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ServerOnlyTlsAuthentication.java
+++ /dev/null

@@ -1,10 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-public abstract class ServerOnlyTlsAuthentication
-    implements TlsAuthentication
-{
-    public final TlsCredentials getClientCredentials(CertificateRequest certificateRequest)
-    {
-        return null;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ServerSRPParams.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/ServerSRPParams.java
deleted file mode 100644
index 21ca7d0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/ServerSRPParams.java
+++ /dev/null

@@ -1,75 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.math.BigInteger;
-
-import org.bouncycastle.util.Arrays;
-
-public class ServerSRPParams
-{
-    protected BigInteger N, g, B;
-    protected byte[] s;
-
-    public ServerSRPParams(BigInteger N, BigInteger g, byte[] s, BigInteger B)
-    {
-        this.N = N;
-        this.g = g;
-        this.s = Arrays.clone(s);
-        this.B = B;
-    }
-
-    public BigInteger getB()
-    {
-        return B;
-    }
-    
-    public BigInteger getG()
-    {
-        return g;
-    }
-
-    public BigInteger getN()
-    {
-        return N;
-    }
-
-    public byte[] getS()
-    {
-        return s;
-    }
-
-    /**
-     * Encode this {@link ServerSRPParams} to an {@link OutputStream}.
-     * 
-     * @param output
-     *            the {@link OutputStream} to encode to.
-     * @throws IOException
-     */
-    public void encode(OutputStream output) throws IOException
-    {
-        TlsSRPUtils.writeSRPParameter(N, output);
-        TlsSRPUtils.writeSRPParameter(g, output);
-        TlsUtils.writeOpaque8(s, output);
-        TlsSRPUtils.writeSRPParameter(B, output);
-    }
-
-    /**
-     * Parse a {@link ServerSRPParams} from an {@link InputStream}.
-     * 
-     * @param input
-     *            the {@link InputStream} to parse from.
-     * @return a {@link ServerSRPParams} object.
-     * @throws IOException
-     */
-    public static ServerSRPParams parse(InputStream input) throws IOException
-    {
-        BigInteger N = TlsSRPUtils.readSRPParameter(input);
-        BigInteger g = TlsSRPUtils.readSRPParameter(input);
-        byte[] s = TlsUtils.readOpaque8(input);
-        BigInteger B = TlsSRPUtils.readSRPParameter(input);
-
-        return new ServerSRPParams(N, g, s, B);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/SessionParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/SessionParameters.java
deleted file mode 100644
index 4ed5993..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/SessionParameters.java
+++ /dev/null

@@ -1,201 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.util.Hashtable;
-
-import org.bouncycastle.util.Arrays;
-
-public final class SessionParameters
-{
-    public static final class Builder
-    {
-        private int cipherSuite = -1;
-        private short compressionAlgorithm = -1;
-        private byte[] masterSecret = null;
-        private Certificate peerCertificate = null;
-        private byte[] pskIdentity = null;
-        private byte[] srpIdentity = null;
-        private byte[] encodedServerExtensions = null;
-        private boolean extendedMasterSecret = false;
-
-        public Builder()
-        {
-        }
-
-        public SessionParameters build()
-        {
-            validate(this.cipherSuite >= 0, "cipherSuite");
-            validate(this.compressionAlgorithm >= 0, "compressionAlgorithm");
-            validate(this.masterSecret != null, "masterSecret");
-            return new SessionParameters(cipherSuite, compressionAlgorithm, masterSecret, peerCertificate, pskIdentity,
-                srpIdentity, encodedServerExtensions, extendedMasterSecret);
-        }
-
-        public Builder setCipherSuite(int cipherSuite)
-        {
-            this.cipherSuite = cipherSuite;
-            return this;
-        }
-
-        public Builder setCompressionAlgorithm(short compressionAlgorithm)
-        {
-            this.compressionAlgorithm = compressionAlgorithm;
-            return this;
-        }
-
-        public Builder setExtendedMasterSecret(boolean extendedMasterSecret)
-        {
-            this.extendedMasterSecret = extendedMasterSecret;
-            return this;
-        }
-
-        public Builder setMasterSecret(byte[] masterSecret)
-        {
-            this.masterSecret = masterSecret;
-            return this;
-        }
-
-        public Builder setPeerCertificate(Certificate peerCertificate)
-        {
-            this.peerCertificate = peerCertificate;
-            return this;
-        }
-
-        /**
-         * @deprecated Use {@link #setPSKIdentity(byte[])}
-         */
-        public Builder setPskIdentity(byte[] pskIdentity)
-        {
-            this.pskIdentity = pskIdentity;
-            return this;
-        }
-
-        public Builder setPSKIdentity(byte[] pskIdentity)
-        {
-            this.pskIdentity = pskIdentity;
-            return this;
-        }
-
-        public Builder setSRPIdentity(byte[] srpIdentity)
-        {
-            this.srpIdentity = srpIdentity;
-            return this;
-        }
-
-        public Builder setServerExtensions(Hashtable serverExtensions) throws IOException
-        {
-            if (serverExtensions == null)
-            {
-                encodedServerExtensions = null;
-            }
-            else
-            {
-                ByteArrayOutputStream buf = new ByteArrayOutputStream();
-                TlsProtocol.writeExtensions(buf, serverExtensions);
-                encodedServerExtensions = buf.toByteArray();
-            }
-            return this;
-        }
-
-        private void validate(boolean condition, String parameter)
-        {
-            if (!condition)
-            {
-                throw new IllegalStateException("Required session parameter '" + parameter + "' not configured");
-            }
-        }
-    }
-
-    private int cipherSuite;
-    private short compressionAlgorithm;
-    private byte[] masterSecret;
-    private Certificate peerCertificate;
-    private byte[] pskIdentity = null;
-    private byte[] srpIdentity = null;
-    private byte[] encodedServerExtensions;
-    private boolean extendedMasterSecret;
-
-    private SessionParameters(int cipherSuite, short compressionAlgorithm, byte[] masterSecret,
-        Certificate peerCertificate, byte[] pskIdentity, byte[] srpIdentity, byte[] encodedServerExtensions,
-        boolean extendedMasterSecret)
-    {
-        this.cipherSuite = cipherSuite;
-        this.compressionAlgorithm = compressionAlgorithm;
-        this.masterSecret = Arrays.clone(masterSecret);
-        this.peerCertificate = peerCertificate;
-        this.pskIdentity = Arrays.clone(pskIdentity);
-        this.srpIdentity = Arrays.clone(srpIdentity);
-        this.encodedServerExtensions = encodedServerExtensions;
-        this.extendedMasterSecret = extendedMasterSecret;
-    }
-
-    public void clear()
-    {
-        if (this.masterSecret != null)
-        {
-            Arrays.fill(this.masterSecret, (byte)0);
-        }
-    }
-
-    public SessionParameters copy()
-    {
-        return new SessionParameters(cipherSuite, compressionAlgorithm, masterSecret, peerCertificate, pskIdentity,
-            srpIdentity, encodedServerExtensions, extendedMasterSecret);
-    }
-
-    public int getCipherSuite()
-    {
-        return cipherSuite;
-    }
-
-    public short getCompressionAlgorithm()
-    {
-        return compressionAlgorithm;
-    }
-
-    public byte[] getMasterSecret()
-    {
-        return masterSecret;
-    }
-
-    public Certificate getPeerCertificate()
-    {
-        return peerCertificate;
-    }
-
-    /**
-     * @deprecated Use {@link #getPSKIdentity()}
-     */
-    public byte[] getPskIdentity()
-    {
-        return pskIdentity;
-    }
-
-    public byte[] getPSKIdentity()
-    {
-        return pskIdentity;
-    }
-
-    public byte[] getSRPIdentity()
-    {
-        return srpIdentity;
-    }
-
-    public boolean isExtendedMasterSecret()
-    {
-        return extendedMasterSecret;
-    }
-
-    public Hashtable readServerExtensions() throws IOException
-    {
-        if (encodedServerExtensions == null)
-        {
-            return null;
-        }
-
-        ByteArrayInputStream buf = new ByteArrayInputStream(encodedServerExtensions);
-        return TlsProtocol.readExtensions(buf);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/SignatureAlgorithm.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/SignatureAlgorithm.java
deleted file mode 100644
index 820c80c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/SignatureAlgorithm.java
+++ /dev/null

@@ -1,12 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/**
- * RFC 5246 7.4.1.4.1 (in RFC 2246, there were no specific values assigned)
- */
-public class SignatureAlgorithm
-{
-    public static final short anonymous = 0;
-    public static final short rsa = 1;
-    public static final short dsa = 2;
-    public static final short ecdsa = 3;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/SignatureAndHashAlgorithm.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/SignatureAndHashAlgorithm.java
deleted file mode 100644
index 9404a72..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/SignatureAndHashAlgorithm.java
+++ /dev/null

@@ -1,96 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-
-/**
- * RFC 5246 7.4.1.4.1
- */
-public class SignatureAndHashAlgorithm
-{
-    protected short hash;
-    protected short signature;
-
-    /**
-     * @param hash      {@link HashAlgorithm}
-     * @param signature {@link SignatureAlgorithm}
-     */
-    public SignatureAndHashAlgorithm(short hash, short signature)
-    {
-        if (!TlsUtils.isValidUint8(hash))
-        {
-            throw new IllegalArgumentException("'hash' should be a uint8");
-        }
-        if (!TlsUtils.isValidUint8(signature))
-        {
-            throw new IllegalArgumentException("'signature' should be a uint8");
-        }
-        if (signature == SignatureAlgorithm.anonymous)
-        {
-            throw new IllegalArgumentException("'signature' MUST NOT be \"anonymous\"");
-        }
-
-        this.hash = hash;
-        this.signature = signature;
-    }
-
-    /**
-     * @return {@link HashAlgorithm}
-     */
-    public short getHash()
-    {
-        return hash;
-    }
-
-    /**
-     * @return {@link SignatureAlgorithm}
-     */
-    public short getSignature()
-    {
-        return signature;
-    }
-
-    public boolean equals(Object obj)
-    {
-        if (!(obj instanceof SignatureAndHashAlgorithm))
-        {
-            return false;
-        }
-        SignatureAndHashAlgorithm other = (SignatureAndHashAlgorithm)obj;
-        return other.getHash() == getHash() && other.getSignature() == getSignature();
-    }
-
-    public int hashCode()
-    {
-        return (getHash() << 16) | getSignature();
-    }
-
-    /**
-     * Encode this {@link SignatureAndHashAlgorithm} to an {@link OutputStream}.
-     *
-     * @param output the {@link OutputStream} to encode to.
-     * @throws IOException
-     */
-    public void encode(OutputStream output)
-        throws IOException
-    {
-        TlsUtils.writeUint8(getHash(), output);
-        TlsUtils.writeUint8(getSignature(), output);
-    }
-
-    /**
-     * Parse a {@link SignatureAndHashAlgorithm} from an {@link InputStream}.
-     *
-     * @param input the {@link InputStream} to parse from.
-     * @return a {@link SignatureAndHashAlgorithm} object.
-     * @throws IOException
-     */
-    public static SignatureAndHashAlgorithm parse(InputStream input)
-        throws IOException
-    {
-        short hash = TlsUtils.readUint8(input);
-        short signature = TlsUtils.readUint8(input);
-        return new SignatureAndHashAlgorithm(hash, signature);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/SignerInputBuffer.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/SignerInputBuffer.java
deleted file mode 100644
index 8293135..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/SignerInputBuffer.java
+++ /dev/null

@@ -1,13 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.ByteArrayOutputStream;
-
-import org.bouncycastle.crypto.Signer;
-
-class SignerInputBuffer extends ByteArrayOutputStream
-{
-    void updateSigner(Signer s)
-    {
-        s.update(this.buf, 0, count);
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/SimulatedTlsSRPIdentityManager.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/SimulatedTlsSRPIdentityManager.java
deleted file mode 100644
index c48b4ad..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/SimulatedTlsSRPIdentityManager.java
+++ /dev/null

@@ -1,69 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.agreement.srp.SRP6VerifierGenerator;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.SRP6GroupParameters;
-import org.bouncycastle.util.Strings;
-
-/**
- * An implementation of {@link TlsSRPIdentityManager} that simulates the existence of "unknown" identities
- * to obscure the fact that there is no verifier for them. 
- */
-public class SimulatedTlsSRPIdentityManager
-    implements TlsSRPIdentityManager
-{
-    private static final byte[] PREFIX_PASSWORD = Strings.toByteArray("password");
-    private static final byte[] PREFIX_SALT = Strings.toByteArray("salt");
-
-    /**
-     * Create a {@link SimulatedTlsSRPIdentityManager} that implements the algorithm from RFC 5054 2.5.1.3
-     *
-     * @param group the {@link SRP6GroupParameters} defining the group that SRP is operating in
-     * @param seedKey the secret "seed key" referred to in RFC 5054 2.5.1.3
-     * @return an instance of {@link SimulatedTlsSRPIdentityManager}
-     */
-    public static SimulatedTlsSRPIdentityManager getRFC5054Default(SRP6GroupParameters group, byte[] seedKey)
-    {
-        SRP6VerifierGenerator verifierGenerator = new SRP6VerifierGenerator();
-        verifierGenerator.init(group, TlsUtils.createHash(HashAlgorithm.sha1));
-
-        HMac mac = new HMac(TlsUtils.createHash(HashAlgorithm.sha1));
-        mac.init(new KeyParameter(seedKey));
-
-        return new SimulatedTlsSRPIdentityManager(group, verifierGenerator, mac);
-    }
-
-    protected SRP6GroupParameters group;
-    protected SRP6VerifierGenerator verifierGenerator;
-    protected Mac mac;
-
-    public SimulatedTlsSRPIdentityManager(SRP6GroupParameters group, SRP6VerifierGenerator verifierGenerator, Mac mac)
-    {
-        this.group = group;
-        this.verifierGenerator = verifierGenerator;
-        this.mac = mac;
-    }
-
-    public TlsSRPLoginParameters getLoginParameters(byte[] identity)
-    {
-        mac.update(PREFIX_SALT, 0, PREFIX_SALT.length);
-        mac.update(identity, 0, identity.length);
-
-        byte[] salt = new byte[mac.getMacSize()];
-        mac.doFinal(salt, 0);
-
-        mac.update(PREFIX_PASSWORD, 0, PREFIX_PASSWORD.length);
-        mac.update(identity, 0, identity.length);
-
-        byte[] password = new byte[mac.getMacSize()];
-        mac.doFinal(password, 0);
-
-        BigInteger verifier = verifierGenerator.generateVerifier(salt, identity, password);
-
-        return new TlsSRPLoginParameters(group, verifier, salt);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/SupplementalDataEntry.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/SupplementalDataEntry.java
deleted file mode 100644
index 4080aaa..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/SupplementalDataEntry.java
+++ /dev/null

@@ -1,23 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-public class SupplementalDataEntry
-{
-    protected int dataType;
-    protected byte[] data;
-
-    public SupplementalDataEntry(int dataType, byte[] data)
-    {
-        this.dataType = dataType;
-        this.data = data;
-    }
-
-    public int getDataType()
-    {
-        return dataType;
-    }
-
-    public byte[] getData()
-    {
-        return data;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/SupplementalDataType.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/SupplementalDataType.java
deleted file mode 100644
index 218f36b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/SupplementalDataType.java
+++ /dev/null

@@ -1,12 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/**
- * RFC 4680
- */
-public class SupplementalDataType
-{
-    /*
-     * RFC 4681
-     */
-    public static final int user_mapping_data = 0;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsAEADCipher.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsAEADCipher.java
deleted file mode 100644
index 0341e59..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsAEADCipher.java
+++ /dev/null

@@ -1,252 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-
-import org.bouncycastle.crypto.modes.AEADBlockCipher;
-import org.bouncycastle.crypto.params.AEADParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-
-public class TlsAEADCipher
-    implements TlsCipher
-{
-    // TODO[draft-zauner-tls-aes-ocb-04] Apply data volume limit described in section 8.4
-
-    public static final int NONCE_RFC5288 = 1;
-    
-    /*
-     * draft-zauner-tls-aes-ocb-04 specifies the nonce construction from draft-ietf-tls-chacha20-poly1305-04
-     */
-    static final int NONCE_DRAFT_CHACHA20_POLY1305 = 2;
-
-    protected TlsContext context;
-    protected int macSize;
-    // TODO SecurityParameters.record_iv_length
-    protected int record_iv_length;
-
-    protected AEADBlockCipher encryptCipher;
-    protected AEADBlockCipher decryptCipher;
-
-    protected byte[] encryptImplicitNonce, decryptImplicitNonce;
-    
-    protected int nonceMode;
-
-    public TlsAEADCipher(TlsContext context, AEADBlockCipher clientWriteCipher, AEADBlockCipher serverWriteCipher,
-        int cipherKeySize, int macSize) throws IOException
-    {
-        this(context, clientWriteCipher, serverWriteCipher, cipherKeySize, macSize, NONCE_RFC5288);
-    }
-
-    TlsAEADCipher(TlsContext context, AEADBlockCipher clientWriteCipher, AEADBlockCipher serverWriteCipher,
-        int cipherKeySize, int macSize, int nonceMode) throws IOException
-    {
-        if (!TlsUtils.isTLSv12(context))
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        this.nonceMode = nonceMode;
-
-        // TODO SecurityParameters.fixed_iv_length
-        int fixed_iv_length;
-
-        switch (nonceMode)
-        {
-        case NONCE_RFC5288:
-            fixed_iv_length = 4;
-            this.record_iv_length = 8;
-            break;
-        case NONCE_DRAFT_CHACHA20_POLY1305:
-            fixed_iv_length = 12;
-            this.record_iv_length = 0;
-            break;
-        default:
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        this.context = context;
-        this.macSize = macSize;
-
-        int key_block_size = (2 * cipherKeySize) + (2 * fixed_iv_length);
-
-        byte[] key_block = TlsUtils.calculateKeyBlock(context, key_block_size);
-
-        int offset = 0;
-
-        KeyParameter client_write_key = new KeyParameter(key_block, offset, cipherKeySize);
-        offset += cipherKeySize;
-        KeyParameter server_write_key = new KeyParameter(key_block, offset, cipherKeySize);
-        offset += cipherKeySize;
-        byte[] client_write_IV = Arrays.copyOfRange(key_block, offset, offset + fixed_iv_length);
-        offset += fixed_iv_length;
-        byte[] server_write_IV = Arrays.copyOfRange(key_block, offset, offset + fixed_iv_length);
-        offset += fixed_iv_length;
-
-        if (offset != key_block_size)
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        KeyParameter encryptKey, decryptKey;
-        if (context.isServer())
-        {
-            this.encryptCipher = serverWriteCipher;
-            this.decryptCipher = clientWriteCipher;
-            this.encryptImplicitNonce = server_write_IV;
-            this.decryptImplicitNonce = client_write_IV;
-            encryptKey = server_write_key;
-            decryptKey = client_write_key;
-        }
-        else
-        {
-            this.encryptCipher = clientWriteCipher;
-            this.decryptCipher = serverWriteCipher;
-            this.encryptImplicitNonce = client_write_IV;
-            this.decryptImplicitNonce = server_write_IV;
-            encryptKey = client_write_key;
-            decryptKey = server_write_key;
-        }
-
-        byte[] dummyNonce = new byte[fixed_iv_length + record_iv_length];
-
-        this.encryptCipher.init(true, new AEADParameters(encryptKey, 8 * macSize, dummyNonce));
-        this.decryptCipher.init(false, new AEADParameters(decryptKey, 8 * macSize, dummyNonce));
-    }
-
-    public int getPlaintextLimit(int ciphertextLimit)
-    {
-        // TODO We ought to be able to ask the decryptCipher (independently of it's current state!)
-        return ciphertextLimit - macSize - record_iv_length;
-    }
-
-    public byte[] encodePlaintext(long seqNo, short type, byte[] plaintext, int offset, int len)
-        throws IOException
-    {
-        byte[] nonce = new byte[encryptImplicitNonce.length + record_iv_length];
-
-        switch (nonceMode)
-        {
-        case NONCE_RFC5288:
-            System.arraycopy(encryptImplicitNonce, 0, nonce, 0, encryptImplicitNonce.length);
-            // RFC 5288/6655: The nonce_explicit MAY be the 64-bit sequence number.
-            TlsUtils.writeUint64(seqNo, nonce, encryptImplicitNonce.length);
-            break;
-        case NONCE_DRAFT_CHACHA20_POLY1305:
-            TlsUtils.writeUint64(seqNo, nonce, nonce.length - 8);
-            for (int i = 0; i < encryptImplicitNonce.length; ++i)
-            {
-                nonce[i] ^= encryptImplicitNonce[i];
-            }
-            break;
-        default:
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        int plaintextOffset = offset;
-        int plaintextLength = len;
-        int ciphertextLength = encryptCipher.getOutputSize(plaintextLength);
-
-        byte[] output = new byte[record_iv_length + ciphertextLength];
-        if (record_iv_length != 0)
-        {
-            System.arraycopy(nonce, nonce.length - record_iv_length, output, 0, record_iv_length);
-        }
-        int outputPos = record_iv_length;
-
-        byte[] additionalData = getAdditionalData(seqNo, type, plaintextLength);
-        AEADParameters parameters = new AEADParameters(null, 8 * macSize, nonce, additionalData);
-
-        try
-        {
-            encryptCipher.init(true, parameters);
-            outputPos += encryptCipher.processBytes(plaintext, plaintextOffset, plaintextLength, output, outputPos);
-            outputPos += encryptCipher.doFinal(output, outputPos);
-        }
-        catch (Exception e)
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error, e);
-        }
-
-        if (outputPos != output.length)
-        {
-            // NOTE: Existing AEAD cipher implementations all give exact output lengths
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        return output;
-    }
-
-    public byte[] decodeCiphertext(long seqNo, short type, byte[] ciphertext, int offset, int len)
-        throws IOException
-    {
-        if (getPlaintextLimit(len) < 0)
-        {
-            throw new TlsFatalAlert(AlertDescription.decode_error);
-        }
-
-        byte[] nonce = new byte[decryptImplicitNonce.length + record_iv_length];
-
-        switch (nonceMode)
-        {
-        case NONCE_RFC5288:
-            System.arraycopy(decryptImplicitNonce, 0, nonce, 0, decryptImplicitNonce.length);
-            System.arraycopy(ciphertext, offset, nonce, nonce.length - record_iv_length, record_iv_length);
-            break;
-        case NONCE_DRAFT_CHACHA20_POLY1305:
-            TlsUtils.writeUint64(seqNo, nonce, nonce.length - 8);
-            for (int i = 0; i < decryptImplicitNonce.length; ++i)
-            {
-                nonce[i] ^= decryptImplicitNonce[i];
-            }
-            break;
-        default:
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        int ciphertextOffset = offset + record_iv_length;
-        int ciphertextLength = len - record_iv_length;
-        int plaintextLength = decryptCipher.getOutputSize(ciphertextLength);
-
-        byte[] output = new byte[plaintextLength];
-        int outputPos = 0;
-
-        byte[] additionalData = getAdditionalData(seqNo, type, plaintextLength);
-        AEADParameters parameters = new AEADParameters(null, 8 * macSize, nonce, additionalData);
-
-        try
-        {
-            decryptCipher.init(false, parameters);
-            outputPos += decryptCipher.processBytes(ciphertext, ciphertextOffset, ciphertextLength, output, outputPos);
-            outputPos += decryptCipher.doFinal(output, outputPos);
-        }
-        catch (Exception e)
-        {
-            throw new TlsFatalAlert(AlertDescription.bad_record_mac, e);
-        }
-
-        if (outputPos != output.length)
-        {
-            // NOTE: Existing AEAD cipher implementations all give exact output lengths
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        return output;
-    }
-
-    protected byte[] getAdditionalData(long seqNo, short type, int len)
-        throws IOException
-    {
-        /*
-         * additional_data = seq_num + TLSCompressed.type + TLSCompressed.version +
-         * TLSCompressed.length
-         */
-
-        byte[] additional_data = new byte[13];
-        TlsUtils.writeUint64(seqNo, additional_data, 0);
-        TlsUtils.writeUint8(type, additional_data, 8);
-        TlsUtils.writeVersion(context.getServerVersion(), additional_data, 9);
-        TlsUtils.writeUint16(len, additional_data, 11);
-
-        return additional_data;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsAgreementCredentials.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsAgreementCredentials.java
deleted file mode 100644
index 525cdb3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsAgreementCredentials.java
+++ /dev/null

@@ -1,12 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-
-public interface TlsAgreementCredentials
-    extends TlsCredentials
-{
-    byte[] generateAgreement(AsymmetricKeyParameter peerPublicKey)
-        throws IOException;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsAuthentication.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsAuthentication.java
deleted file mode 100644
index f3796e8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsAuthentication.java
+++ /dev/null

@@ -1,29 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-
-/**
- * Base interface to provide TLS authentication credentials.
- */
-public interface TlsAuthentication
-{
-    /**
-     * Called by the protocol handler to report the server certificate
-     * Note: this method is responsible for certificate verification and validation
-     *
-     * @param serverCertificate the server certificate received
-     * @throws IOException
-     */
-    void notifyServerCertificate(Certificate serverCertificate)
-        throws IOException;
-
-    /**
-     * Return client credentials in response to server's certificate request
-     *
-     * @param certificateRequest details of the certificate request
-     * @return a TlsCredentials object or null for no client authentication
-     * @throws IOException
-     */
-    TlsCredentials getClientCredentials(CertificateRequest certificateRequest)
-        throws IOException;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsBlockCipher.java
deleted file mode 100644
index 918b683..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsBlockCipher.java
+++ /dev/null

@@ -1,403 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Arrays;
-
-/**
- * A generic TLS 1.0-1.2 / SSLv3 block cipher. This can be used for AES or 3DES for example.
- */
-public class TlsBlockCipher
-    implements TlsCipher
-{
-    protected TlsContext context;
-    protected byte[] randomData;
-    protected boolean useExplicitIV;
-    protected boolean encryptThenMAC;
-
-    protected BlockCipher encryptCipher;
-    protected BlockCipher decryptCipher;
-
-    protected TlsMac writeMac;
-    protected TlsMac readMac;
-
-    public TlsMac getWriteMac()
-    {
-        return writeMac;
-    }
-
-    public TlsMac getReadMac()
-    {
-        return readMac;
-    }
-
-    public TlsBlockCipher(TlsContext context, BlockCipher clientWriteCipher, BlockCipher serverWriteCipher,
-        Digest clientWriteDigest, Digest serverWriteDigest, int cipherKeySize) throws IOException
-    {
-        this.context = context;
-
-        this.randomData = new byte[256];
-        context.getNonceRandomGenerator().nextBytes(randomData);
-
-        this.useExplicitIV = TlsUtils.isTLSv11(context);
-        this.encryptThenMAC = context.getSecurityParameters().encryptThenMAC;
-
-        int key_block_size = (2 * cipherKeySize) + clientWriteDigest.getDigestSize()
-            + serverWriteDigest.getDigestSize();
-
-        // From TLS 1.1 onwards, block ciphers don't need client_write_IV
-        if (!useExplicitIV)
-        {
-            key_block_size += clientWriteCipher.getBlockSize() + serverWriteCipher.getBlockSize();
-        }
-
-        byte[] key_block = TlsUtils.calculateKeyBlock(context, key_block_size);
-
-        int offset = 0;
-
-        TlsMac clientWriteMac = new TlsMac(context, clientWriteDigest, key_block, offset,
-            clientWriteDigest.getDigestSize());
-        offset += clientWriteDigest.getDigestSize();
-        TlsMac serverWriteMac = new TlsMac(context, serverWriteDigest, key_block, offset,
-            serverWriteDigest.getDigestSize());
-        offset += serverWriteDigest.getDigestSize();
-
-        KeyParameter client_write_key = new KeyParameter(key_block, offset, cipherKeySize);
-        offset += cipherKeySize;
-        KeyParameter server_write_key = new KeyParameter(key_block, offset, cipherKeySize);
-        offset += cipherKeySize;
-
-        byte[] client_write_IV, server_write_IV;
-        if (useExplicitIV)
-        {
-            client_write_IV = new byte[clientWriteCipher.getBlockSize()];
-            server_write_IV = new byte[serverWriteCipher.getBlockSize()];
-        }
-        else
-        {
-            client_write_IV = Arrays.copyOfRange(key_block, offset, offset + clientWriteCipher.getBlockSize());
-            offset += clientWriteCipher.getBlockSize();
-            server_write_IV = Arrays.copyOfRange(key_block, offset, offset + serverWriteCipher.getBlockSize());
-            offset += serverWriteCipher.getBlockSize();
-        }
-
-        if (offset != key_block_size)
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        CipherParameters encryptParams, decryptParams;
-        if (context.isServer())
-        {
-            this.writeMac = serverWriteMac;
-            this.readMac = clientWriteMac;
-            this.encryptCipher = serverWriteCipher;
-            this.decryptCipher = clientWriteCipher;
-            encryptParams = new ParametersWithIV(server_write_key, server_write_IV);
-            decryptParams = new ParametersWithIV(client_write_key, client_write_IV);
-        }
-        else
-        {
-            this.writeMac = clientWriteMac;
-            this.readMac = serverWriteMac;
-            this.encryptCipher = clientWriteCipher;
-            this.decryptCipher = serverWriteCipher;
-            encryptParams = new ParametersWithIV(client_write_key, client_write_IV);
-            decryptParams = new ParametersWithIV(server_write_key, server_write_IV);
-        }
-
-        this.encryptCipher.init(true, encryptParams);
-        this.decryptCipher.init(false, decryptParams);
-    }
-
-    public int getPlaintextLimit(int ciphertextLimit)
-    {
-        int blockSize = encryptCipher.getBlockSize();
-        int macSize = writeMac.getSize();
-
-        int plaintextLimit = ciphertextLimit;
-
-        // An explicit IV consumes 1 block
-        if (useExplicitIV)
-        {
-            plaintextLimit -= blockSize;
-        }
-
-        // Leave room for the MAC, and require block-alignment
-        if (encryptThenMAC)
-        {
-            plaintextLimit -= macSize;
-            plaintextLimit -= plaintextLimit % blockSize;
-        }
-        else
-        {
-            plaintextLimit -= plaintextLimit % blockSize;
-            plaintextLimit -= macSize;
-        }
-
-        // Minimum 1 byte of padding
-        --plaintextLimit;
-
-        return plaintextLimit;
-    }
-
-    public byte[] encodePlaintext(long seqNo, short type, byte[] plaintext, int offset, int len)
-    {
-        int blockSize = encryptCipher.getBlockSize();
-        int macSize = writeMac.getSize();
-
-        ProtocolVersion version = context.getServerVersion();
-
-        int enc_input_length = len;
-        if (!encryptThenMAC)
-        {
-            enc_input_length += macSize;
-        }
-
-        int padding_length = blockSize - 1 - (enc_input_length % blockSize);
-
-        /*
-         * Don't use variable-length padding with truncated MACs.
-         * 
-         * See "Tag Size Does Matter: Attacks and Proofs for the TLS Record Protocol", Paterson,
-         * Ristenpart, Shrimpton.
-         */
-        if (encryptThenMAC || !context.getSecurityParameters().truncatedHMac)
-        {
-            // TODO[DTLS] Consider supporting in DTLS (without exceeding send limit though)
-            if (!version.isDTLS() && !version.isSSL())
-            {
-                // Add a random number of extra blocks worth of padding
-                int maxExtraPadBlocks = (255 - padding_length) / blockSize;
-                int actualExtraPadBlocks = chooseExtraPadBlocks(context.getSecureRandom(), maxExtraPadBlocks);
-                padding_length += actualExtraPadBlocks * blockSize;
-            }
-        }
-
-        int totalSize = len + macSize + padding_length + 1;
-        if (useExplicitIV)
-        {
-            totalSize += blockSize;
-        }
-
-        byte[] outBuf = new byte[totalSize];
-        int outOff = 0;
-
-        if (useExplicitIV)
-        {
-            byte[] explicitIV = new byte[blockSize];
-            context.getNonceRandomGenerator().nextBytes(explicitIV);
-
-            encryptCipher.init(true, new ParametersWithIV(null, explicitIV));
-
-            System.arraycopy(explicitIV, 0, outBuf, outOff, blockSize);
-            outOff += blockSize;
-        }
-
-        int blocks_start = outOff;
-
-        System.arraycopy(plaintext, offset, outBuf, outOff, len);
-        outOff += len;
-
-        if (!encryptThenMAC)
-        {
-            byte[] mac = writeMac.calculateMac(seqNo, type, plaintext, offset, len);
-            System.arraycopy(mac, 0, outBuf, outOff, mac.length);
-            outOff += mac.length;
-        }
-
-        for (int i = 0; i <= padding_length; i++)
-        {
-            outBuf[outOff++] = (byte)padding_length;
-        }
-
-        for (int i = blocks_start; i < outOff; i += blockSize)
-        {
-            encryptCipher.processBlock(outBuf, i, outBuf, i);
-        }
-
-        if (encryptThenMAC)
-        {
-            byte[] mac = writeMac.calculateMac(seqNo, type, outBuf, 0, outOff);
-            System.arraycopy(mac, 0, outBuf, outOff, mac.length);
-            outOff += mac.length;
-        }
-
-//        assert outBuf.length == outOff;
-
-        return outBuf;
-    }
-
-    public byte[] decodeCiphertext(long seqNo, short type, byte[] ciphertext, int offset, int len)
-        throws IOException
-    {
-        int blockSize = decryptCipher.getBlockSize();
-        int macSize = readMac.getSize();
-
-        int minLen = blockSize;
-        if (encryptThenMAC)
-        {
-            minLen += macSize;
-        }
-        else
-        {
-            minLen = Math.max(minLen, macSize + 1);
-        }
-
-        if (useExplicitIV)
-        {
-            minLen += blockSize;
-        }
-
-        if (len < minLen)
-        {
-            throw new TlsFatalAlert(AlertDescription.decode_error);
-        }
-
-        int blocks_length = len;
-        if (encryptThenMAC)
-        {
-            blocks_length -= macSize;
-        }
-
-        if (blocks_length % blockSize != 0)
-        {
-            throw new TlsFatalAlert(AlertDescription.decryption_failed);
-        }
-
-        if (encryptThenMAC)
-        {
-            int end = offset + len;
-            byte[] receivedMac = Arrays.copyOfRange(ciphertext, end - macSize, end);
-            byte[] calculatedMac = readMac.calculateMac(seqNo, type, ciphertext, offset, len - macSize);
-
-            boolean badMac = !Arrays.constantTimeAreEqual(calculatedMac, receivedMac);
-            if (badMac)
-            {
-                /*
-                 * RFC 7366 3. The MAC SHALL be evaluated before any further processing such as
-                 * decryption is performed, and if the MAC verification fails, then processing SHALL
-                 * terminate immediately. For TLS, a fatal bad_record_mac MUST be generated [2]. For
-                 * DTLS, the record MUST be discarded, and a fatal bad_record_mac MAY be generated
-                 * [4]. This immediate response to a bad MAC eliminates any timing channels that may
-                 * be available through the use of manipulated packet data.
-                 */
-                throw new TlsFatalAlert(AlertDescription.bad_record_mac);
-            }
-        }
-
-        if (useExplicitIV)
-        {
-            decryptCipher.init(false, new ParametersWithIV(null, ciphertext, offset, blockSize));
-
-            offset += blockSize;
-            blocks_length -= blockSize;
-        }
-
-        for (int i = 0; i < blocks_length; i += blockSize)
-        {
-            decryptCipher.processBlock(ciphertext, offset + i, ciphertext, offset + i);
-        }
-
-        // If there's anything wrong with the padding, this will return zero
-        int totalPad = checkPaddingConstantTime(ciphertext, offset, blocks_length, blockSize, encryptThenMAC ? 0 : macSize);
-        boolean badMac = (totalPad == 0);
-
-        int dec_output_length = blocks_length - totalPad;
-
-        if (!encryptThenMAC)
-        {
-            dec_output_length -= macSize;
-            int macInputLen = dec_output_length;
-            int macOff = offset + macInputLen;
-            byte[] receivedMac = Arrays.copyOfRange(ciphertext, macOff, macOff + macSize);
-            byte[] calculatedMac = readMac.calculateMacConstantTime(seqNo, type, ciphertext, offset, macInputLen,
-                blocks_length - macSize, randomData);
-
-            badMac |= !Arrays.constantTimeAreEqual(calculatedMac, receivedMac);
-        }
-
-        if (badMac)
-        {
-            throw new TlsFatalAlert(AlertDescription.bad_record_mac);
-        }
-
-        return Arrays.copyOfRange(ciphertext, offset, offset + dec_output_length);
-    }
-
-    protected int checkPaddingConstantTime(byte[] buf, int off, int len, int blockSize, int macSize)
-    {
-        int end = off + len;
-        byte lastByte = buf[end - 1];
-        int padlen = lastByte & 0xff;
-        int totalPad = padlen + 1;
-
-        int dummyIndex = 0;
-        byte padDiff = 0;
-
-        if ((TlsUtils.isSSL(context) && totalPad > blockSize) || (macSize + totalPad > len))
-        {
-            totalPad = 0;
-        }
-        else
-        {
-            int padPos = end - totalPad;
-            do
-            {
-                padDiff |= (buf[padPos++] ^ lastByte);
-            }
-            while (padPos < end);
-
-            dummyIndex = totalPad;
-
-            if (padDiff != 0)
-            {
-                totalPad = 0;
-            }
-        }
-
-        // Run some extra dummy checks so the number of checks is always constant
-        {
-            byte[] dummyPad = randomData;
-            while (dummyIndex < 256)
-            {
-                padDiff |= (dummyPad[dummyIndex++] ^ lastByte);
-            }
-            // Ensure the above loop is not eliminated
-            dummyPad[0] ^= padDiff;
-        }
-
-        return totalPad;
-    }
-
-    protected int chooseExtraPadBlocks(SecureRandom r, int max)
-    {
-        // return r.nextInt(max + 1);
-
-        int x = r.nextInt();
-        int n = lowestBitSet(x);
-        return Math.min(n, max);
-    }
-
-    protected int lowestBitSet(int x)
-    {
-        if (x == 0)
-        {
-            return 32;
-        }
-
-        int n = 0;
-        while ((x & 1) == 0)
-        {
-            ++n;
-            x >>= 1;
-        }
-        return n;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsCipher.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsCipher.java
deleted file mode 100644
index 2f0af08..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsCipher.java
+++ /dev/null

@@ -1,14 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-
-public interface TlsCipher
-{
-    int getPlaintextLimit(int ciphertextLimit);
-
-    byte[] encodePlaintext(long seqNo, short type, byte[] plaintext, int offset, int len)
-        throws IOException;
-
-    byte[] decodeCiphertext(long seqNo, short type, byte[] ciphertext, int offset, int len)
-        throws IOException;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsCipherFactory.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsCipherFactory.java
deleted file mode 100644
index 7407474..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsCipherFactory.java
+++ /dev/null

@@ -1,12 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-
-public interface TlsCipherFactory
-{
-    /**
-     * See enumeration classes EncryptionAlgorithm, MACAlgorithm for appropriate argument values
-     */
-    TlsCipher createCipher(TlsContext context, int encryptionAlgorithm, int macAlgorithm)
-        throws IOException;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsClient.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsClient.java
deleted file mode 100644
index b96845b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsClient.java
+++ /dev/null

@@ -1,98 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-import java.util.Hashtable;
-import java.util.Vector;
-
-/**
- * Interface describing a TLS client endpoint.
- */
-public interface TlsClient
-    extends TlsPeer
-{
-    void init(TlsClientContext context);
-
-    /**
-     * Return the session this client wants to resume, if any. Note that the peer's certificate
-     * chain for the session (if any) may need to be periodically revalidated.
-     * 
-     * @return A {@link TlsSession} representing the resumable session to be used for this
-     *         connection, or null to use a new session.
-     * @see SessionParameters#getPeerCertificate()
-     */
-    TlsSession getSessionToResume();
-
-    /**
-     * Return the {@link ProtocolVersion} to use for the <code>TLSPlaintext.version</code> field prior to
-     * receiving the server version. NOTE: This method is <b>not</b> called for DTLS.
-     *
-     * <p>
-     * See RFC 5246 E.1.: "TLS clients that wish to negotiate with older servers MAY send any value
-     * {03,XX} as the record layer version number. Typical values would be {03,00}, the lowest
-     * version number supported by the client, and the value of ClientHello.client_version. No
-     * single value will guarantee interoperability with all old servers, but this is a complex
-     * topic beyond the scope of this document."
-     * </p>
-     *
-     * @return The {@link ProtocolVersion} to use.
-     */
-    ProtocolVersion getClientHelloRecordLayerVersion();
-
-    ProtocolVersion getClientVersion();
-
-    boolean isFallback();
-
-    int[] getCipherSuites();
-
-    short[] getCompressionMethods();
-
-    // Hashtable is (Integer -> byte[])
-    Hashtable getClientExtensions()
-        throws IOException;
-
-    void notifyServerVersion(ProtocolVersion selectedVersion)
-        throws IOException;
-
-    /**
-     * Notifies the client of the session_id sent in the ServerHello.
-     *
-     * @param sessionID
-     * @see TlsContext#getResumableSession()
-     */
-    void notifySessionID(byte[] sessionID);
-
-    void notifySelectedCipherSuite(int selectedCipherSuite);
-
-    void notifySelectedCompressionMethod(short selectedCompressionMethod);
-
-    // Hashtable is (Integer -> byte[])
-    void processServerExtensions(Hashtable serverExtensions)
-        throws IOException;
-
-    // Vector is (SupplementalDataEntry)
-    void processServerSupplementalData(Vector serverSupplementalData)
-        throws IOException;
-
-    TlsKeyExchange getKeyExchange()
-        throws IOException;
-
-    TlsAuthentication getAuthentication()
-        throws IOException;
-
-    // Vector is (SupplementalDataEntry)
-    Vector getClientSupplementalData()
-        throws IOException;
-
-    /**
-     * RFC 5077 3.3. NewSessionTicket Handshake Message
-     * <p>
-     * This method will be called (only) when a NewSessionTicket handshake message is received. The
-     * ticket is opaque to the client and clients MUST NOT examine the ticket under the assumption
-     * that it complies with e.g. <i>RFC 5077 4. Recommended Ticket Construction</i>.
-     *
-     * @param newSessionTicket The ticket.
-     * @throws IOException
-     */
-    void notifyNewSessionTicket(NewSessionTicket newSessionTicket)
-        throws IOException;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsClientContext.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsClientContext.java
deleted file mode 100644
index 3f48106..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsClientContext.java
+++ /dev/null

@@ -1,9 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/**
- * Marker interface to distinguish a TLS client context.
- */
-public interface TlsClientContext
-    extends TlsContext
-{
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsClientContextImpl.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsClientContextImpl.java
deleted file mode 100644
index b320144..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsClientContextImpl.java
+++ /dev/null

@@ -1,18 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.security.SecureRandom;
-
-class TlsClientContextImpl
-    extends AbstractTlsContext
-    implements TlsClientContext
-{
-    TlsClientContextImpl(SecureRandom secureRandom, SecurityParameters securityParameters)
-    {
-        super(secureRandom, securityParameters);
-    }
-
-    public boolean isServer()
-    {
-        return false;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsClientProtocol.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsClientProtocol.java
deleted file mode 100644
index 7680a8d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsClientProtocol.java
+++ /dev/null

@@ -1,943 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.security.SecureRandom;
-import java.util.Enumeration;
-import java.util.Hashtable;
-import java.util.Vector;
-
-import org.bouncycastle.util.Arrays;
-
-public class TlsClientProtocol
-    extends TlsProtocol
-{
-    protected TlsClient tlsClient = null;
-    TlsClientContextImpl tlsClientContext = null;
-
-    protected byte[] selectedSessionID = null;
-
-    protected TlsKeyExchange keyExchange = null;
-    protected TlsAuthentication authentication = null;
-
-    protected CertificateStatus certificateStatus = null;
-    protected CertificateRequest certificateRequest = null;
-
-    /**
-     * Constructor for blocking mode.
-     * @param input The stream of data from the server
-     * @param output The stream of data to the server
-     * @param secureRandom Random number generator for various cryptographic functions
-     */
-    public TlsClientProtocol(InputStream input, OutputStream output, SecureRandom secureRandom)
-    {
-        super(input, output, secureRandom);
-    }
-
-    /**
-     * Constructor for non-blocking mode.<br>
-     * <br>
-     * When data is received, use {@link #offerInput(byte[])} to provide the received ciphertext,
-     * then use {@link #readInput(byte[], int, int)} to read the corresponding cleartext.<br>
-     * <br>
-     * Similarly, when data needs to be sent, use {@link #offerOutput(byte[], int, int)} to provide
-     * the cleartext, then use {@link #readOutput(byte[], int, int)} to get the corresponding
-     * ciphertext.
-     *
-     * @param secureRandom
-     *            Random number generator for various cryptographic functions
-     */
-    public TlsClientProtocol(SecureRandom secureRandom)
-    {
-        super(secureRandom);
-    }
-
-    /**
-     * Initiates a TLS handshake in the role of client.<br>
-     * <br>
-     * In blocking mode, this will not return until the handshake is complete.
-     * In non-blocking mode, use {@link TlsPeer#notifyHandshakeComplete()} to
-     * receive a callback when the handshake is complete.
-     *
-     * @param tlsClient The {@link TlsClient} to use for the handshake.
-     * @throws IOException If in blocking mode and handshake was not successful.
-     */
-    public void connect(TlsClient tlsClient) throws IOException
-    {
-        if (tlsClient == null)
-        {
-            throw new IllegalArgumentException("'tlsClient' cannot be null");
-        }
-        if (this.tlsClient != null)
-        {
-            throw new IllegalStateException("'connect' can only be called once");
-        }
-
-        this.tlsClient = tlsClient;
-
-        this.securityParameters = new SecurityParameters();
-        this.securityParameters.entity = ConnectionEnd.client;
-
-        this.tlsClientContext = new TlsClientContextImpl(secureRandom, securityParameters);
-
-        this.securityParameters.clientRandom = createRandomBlock(tlsClient.shouldUseGMTUnixTime(),
-            tlsClientContext.getNonceRandomGenerator());
-
-        this.tlsClient.init(tlsClientContext);
-        this.recordStream.init(tlsClientContext);
-
-        TlsSession sessionToResume = tlsClient.getSessionToResume();
-        if (sessionToResume != null && sessionToResume.isResumable())
-        {
-            SessionParameters sessionParameters = sessionToResume.exportSessionParameters();
-            if (sessionParameters != null && sessionParameters.isExtendedMasterSecret())
-            {
-                this.tlsSession = sessionToResume;
-                this.sessionParameters = sessionParameters;
-            }
-        }
-
-        sendClientHelloMessage();
-        this.connection_state = CS_CLIENT_HELLO;
-
-        blockForHandshake();
-    }
-
-    protected void cleanupHandshake()
-    {
-        super.cleanupHandshake();
-
-        this.selectedSessionID = null;
-        this.keyExchange = null;
-        this.authentication = null;
-        this.certificateStatus = null;
-        this.certificateRequest = null;
-    }
-
-    protected TlsContext getContext()
-    {
-        return tlsClientContext;
-    }
-
-    AbstractTlsContext getContextAdmin()
-    {
-        return tlsClientContext;
-    }
-    
-    protected TlsPeer getPeer()
-    {
-        return tlsClient;
-    }
-
-    protected void handleHandshakeMessage(short type, ByteArrayInputStream buf)
-        throws IOException
-    {
-        if (this.resumedSession)
-        {
-            if (type != HandshakeType.finished || this.connection_state != CS_SERVER_HELLO)
-            {
-                throw new TlsFatalAlert(AlertDescription.unexpected_message);
-            }
-
-            processFinishedMessage(buf);
-            this.connection_state = CS_SERVER_FINISHED;
-
-            sendChangeCipherSpecMessage();
-            sendFinishedMessage();
-            this.connection_state = CS_CLIENT_FINISHED;
-
-            completeHandshake();
-            return;
-        }
-
-        switch (type)
-        {
-        case HandshakeType.certificate:
-        {
-            switch (this.connection_state)
-            {
-            case CS_SERVER_HELLO:
-            {
-                handleSupplementalData(null);
-                // NB: Fall through to next case label
-            }
-            case CS_SERVER_SUPPLEMENTAL_DATA:
-            {
-                // Parse the Certificate message and send to cipher suite
-
-                this.peerCertificate = Certificate.parse(buf);
-
-                assertEmpty(buf);
-
-                // TODO[RFC 3546] Check whether empty certificates is possible, allowed, or excludes CertificateStatus
-                if (this.peerCertificate == null || this.peerCertificate.isEmpty())
-                {
-                    this.allowCertificateStatus = false;
-                }
-
-                this.keyExchange.processServerCertificate(this.peerCertificate);
-
-                this.authentication = tlsClient.getAuthentication();
-                this.authentication.notifyServerCertificate(this.peerCertificate);
-
-                break;
-            }
-            default:
-                throw new TlsFatalAlert(AlertDescription.unexpected_message);
-            }
-
-            this.connection_state = CS_SERVER_CERTIFICATE;
-            break;
-        }
-        case HandshakeType.certificate_status:
-        {
-            switch (this.connection_state)
-            {
-            case CS_SERVER_CERTIFICATE:
-            {
-                if (!this.allowCertificateStatus)
-                {
-                    /*
-                     * RFC 3546 3.6. If a server returns a "CertificateStatus" message, then the
-                     * server MUST have included an extension of type "status_request" with empty
-                     * "extension_data" in the extended server hello..
-                     */
-                    throw new TlsFatalAlert(AlertDescription.unexpected_message);
-                }
-
-                this.certificateStatus = CertificateStatus.parse(buf);
-
-                assertEmpty(buf);
-
-                // TODO[RFC 3546] Figure out how to provide this to the client/authentication.
-
-                this.connection_state = CS_CERTIFICATE_STATUS;
-                break;
-            }
-            default:
-                throw new TlsFatalAlert(AlertDescription.unexpected_message);
-            }
-            break;
-        }
-        case HandshakeType.finished:
-        {
-            switch (this.connection_state)
-            {
-            case CS_CLIENT_FINISHED:
-            {
-                if (this.expectSessionTicket)
-                {
-                    /*
-                     * RFC 5077 3.3. This message MUST be sent if the server included a
-                     * SessionTicket extension in the ServerHello.
-                     */
-                    throw new TlsFatalAlert(AlertDescription.unexpected_message);
-                }
-
-                // NB: Fall through to next case label
-            }
-            case CS_SERVER_SESSION_TICKET:
-            {
-                processFinishedMessage(buf);
-                this.connection_state = CS_SERVER_FINISHED;
-
-                completeHandshake();
-                break;
-            }
-            default:
-                throw new TlsFatalAlert(AlertDescription.unexpected_message);
-            }
-            break;
-        }
-        case HandshakeType.server_hello:
-        {
-            switch (this.connection_state)
-            {
-            case CS_CLIENT_HELLO:
-            {
-                receiveServerHelloMessage(buf);
-                this.connection_state = CS_SERVER_HELLO;
-
-                this.recordStream.notifyHelloComplete();
-
-                applyMaxFragmentLengthExtension();
-
-                if (this.resumedSession)
-                {
-                    this.securityParameters.masterSecret = Arrays.clone(this.sessionParameters.getMasterSecret());
-                    this.recordStream.setPendingConnectionState(getPeer().getCompression(), getPeer().getCipher());
-                }
-                else
-                {
-                    invalidateSession();
-
-                    if (this.selectedSessionID.length > 0)
-                    {
-                        this.tlsSession = new TlsSessionImpl(this.selectedSessionID, null);
-                    }
-                }
-
-                break;
-            }
-            default:
-                throw new TlsFatalAlert(AlertDescription.unexpected_message);
-            }
-            break;
-        }
-        case HandshakeType.supplemental_data:
-        {
-            switch (this.connection_state)
-            {
-            case CS_SERVER_HELLO:
-            {
-                handleSupplementalData(readSupplementalDataMessage(buf));
-                break;
-            }
-            default:
-                throw new TlsFatalAlert(AlertDescription.unexpected_message);
-            }
-            break;
-        }
-        case HandshakeType.server_hello_done:
-        {
-            switch (this.connection_state)
-            {
-            case CS_SERVER_HELLO:
-            {
-                handleSupplementalData(null);
-                // NB: Fall through to next case label
-            }
-            case CS_SERVER_SUPPLEMENTAL_DATA:
-            {
-                // There was no server certificate message; check it's OK
-                this.keyExchange.skipServerCredentials();
-                this.authentication = null;
-
-                // NB: Fall through to next case label
-            }
-            case CS_SERVER_CERTIFICATE:
-            case CS_CERTIFICATE_STATUS:
-            {
-                // There was no server key exchange message; check it's OK
-                this.keyExchange.skipServerKeyExchange();
-
-                // NB: Fall through to next case label
-            }
-            case CS_SERVER_KEY_EXCHANGE:
-            case CS_CERTIFICATE_REQUEST:
-            {
-                assertEmpty(buf);
-
-                this.connection_state = CS_SERVER_HELLO_DONE;
-
-                this.recordStream.getHandshakeHash().sealHashAlgorithms();
-
-                Vector clientSupplementalData = tlsClient.getClientSupplementalData();
-                if (clientSupplementalData != null)
-                {
-                    sendSupplementalDataMessage(clientSupplementalData);
-                }
-                this.connection_state = CS_CLIENT_SUPPLEMENTAL_DATA;
-
-                TlsCredentials clientCreds = null;
-                if (certificateRequest == null)
-                {
-                    this.keyExchange.skipClientCredentials();
-                }
-                else
-                {
-                    clientCreds = this.authentication.getClientCredentials(certificateRequest);
-
-                    if (clientCreds == null)
-                    {
-                        this.keyExchange.skipClientCredentials();
-
-                        /*
-                         * RFC 5246 If no suitable certificate is available, the client MUST send a
-                         * certificate message containing no certificates.
-                         * 
-                         * NOTE: In previous RFCs, this was SHOULD instead of MUST.
-                         */
-                        sendCertificateMessage(Certificate.EMPTY_CHAIN);
-                    }
-                    else
-                    {
-                        this.keyExchange.processClientCredentials(clientCreds);
-
-                        sendCertificateMessage(clientCreds.getCertificate());
-                    }
-                }
-
-                this.connection_state = CS_CLIENT_CERTIFICATE;
-
-                /*
-                 * Send the client key exchange message, depending on the key exchange we are using
-                 * in our CipherSuite.
-                 */
-                sendClientKeyExchangeMessage();
-                this.connection_state = CS_CLIENT_KEY_EXCHANGE;
-
-                if (TlsUtils.isSSL(getContext()))
-                {
-                    establishMasterSecret(getContext(), keyExchange);
-                }
-
-                TlsHandshakeHash prepareFinishHash = recordStream.prepareToFinish();
-                this.securityParameters.sessionHash = getCurrentPRFHash(getContext(), prepareFinishHash, null);
-
-                if (!TlsUtils.isSSL(getContext()))
-                {
-                    establishMasterSecret(getContext(), keyExchange);
-                }
-
-                recordStream.setPendingConnectionState(getPeer().getCompression(), getPeer().getCipher());
-
-                if (clientCreds != null && clientCreds instanceof TlsSignerCredentials)
-                {
-                    TlsSignerCredentials signerCredentials = (TlsSignerCredentials)clientCreds;
-
-                    /*
-                     * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
-                     */
-                    SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtils.getSignatureAndHashAlgorithm(
-                        getContext(), signerCredentials);
-
-                    byte[] hash;
-                    if (signatureAndHashAlgorithm == null)
-                    {
-                        hash = securityParameters.getSessionHash();
-                    }
-                    else
-                    {
-                        hash = prepareFinishHash.getFinalHash(signatureAndHashAlgorithm.getHash());
-                    }
-
-                    byte[] signature = signerCredentials.generateCertificateSignature(hash);
-                    DigitallySigned certificateVerify = new DigitallySigned(signatureAndHashAlgorithm, signature);
-                    sendCertificateVerifyMessage(certificateVerify);
-
-                    this.connection_state = CS_CERTIFICATE_VERIFY;
-                }
-
-                sendChangeCipherSpecMessage();
-                sendFinishedMessage();
-                break;
-            }
-            default:
-                throw new TlsFatalAlert(AlertDescription.unexpected_message);
-            }
-
-            this.connection_state = CS_CLIENT_FINISHED;
-            break;
-        }
-        case HandshakeType.server_key_exchange:
-        {
-            switch (this.connection_state)
-            {
-            case CS_SERVER_HELLO:
-            {
-                handleSupplementalData(null);
-                // NB: Fall through to next case label
-            }
-            case CS_SERVER_SUPPLEMENTAL_DATA:
-            {
-                // There was no server certificate message; check it's OK
-                this.keyExchange.skipServerCredentials();
-                this.authentication = null;
-
-                // NB: Fall through to next case label
-            }
-            case CS_SERVER_CERTIFICATE:
-            case CS_CERTIFICATE_STATUS:
-            {
-                this.keyExchange.processServerKeyExchange(buf);
-
-                assertEmpty(buf);
-                break;
-            }
-            default:
-                throw new TlsFatalAlert(AlertDescription.unexpected_message);
-            }
-
-            this.connection_state = CS_SERVER_KEY_EXCHANGE;
-            break;
-        }
-        case HandshakeType.certificate_request:
-        {
-            switch (this.connection_state)
-            {
-            case CS_SERVER_CERTIFICATE:
-            case CS_CERTIFICATE_STATUS:
-            {
-                // There was no server key exchange message; check it's OK
-                this.keyExchange.skipServerKeyExchange();
-
-                // NB: Fall through to next case label
-            }
-            case CS_SERVER_KEY_EXCHANGE:
-            {
-                if (this.authentication == null)
-                {
-                    /*
-                     * RFC 2246 7.4.4. It is a fatal handshake_failure alert for an anonymous server
-                     * to request client identification.
-                     */
-                    throw new TlsFatalAlert(AlertDescription.handshake_failure);
-                }
-
-                this.certificateRequest = CertificateRequest.parse(getContext(), buf);
-
-                assertEmpty(buf);
-
-                this.keyExchange.validateCertificateRequest(this.certificateRequest);
-
-                /*
-                 * TODO Give the client a chance to immediately select the CertificateVerify hash
-                 * algorithm here to avoid tracking the other hash algorithms unnecessarily?
-                 */
-                TlsUtils.trackHashAlgorithms(this.recordStream.getHandshakeHash(),
-                    this.certificateRequest.getSupportedSignatureAlgorithms());
-
-                break;
-            }
-            default:
-                throw new TlsFatalAlert(AlertDescription.unexpected_message);
-            }
-
-            this.connection_state = CS_CERTIFICATE_REQUEST;
-            break;
-        }
-        case HandshakeType.session_ticket:
-        {
-            switch (this.connection_state)
-            {
-            case CS_CLIENT_FINISHED:
-            {
-                if (!this.expectSessionTicket)
-                {
-                    /*
-                     * RFC 5077 3.3. This message MUST NOT be sent if the server did not include a
-                     * SessionTicket extension in the ServerHello.
-                     */
-                    throw new TlsFatalAlert(AlertDescription.unexpected_message);
-                }
-
-                /*
-                 * RFC 5077 3.4. If the client receives a session ticket from the server, then it
-                 * discards any Session ID that was sent in the ServerHello.
-                 */
-                invalidateSession();
-
-                receiveNewSessionTicketMessage(buf);
-                break;
-            }
-            default:
-                throw new TlsFatalAlert(AlertDescription.unexpected_message);
-            }
-
-            this.connection_state = CS_SERVER_SESSION_TICKET;
-            break;
-        }
-        case HandshakeType.hello_request:
-        {
-            assertEmpty(buf);
-
-            /*
-             * RFC 2246 7.4.1.1 Hello request This message will be ignored by the client if the
-             * client is currently negotiating a session. This message may be ignored by the client
-             * if it does not wish to renegotiate a session, or the client may, if it wishes,
-             * respond with a no_renegotiation alert.
-             */
-            if (this.connection_state == CS_END)
-            {
-                refuseRenegotiation();
-            }
-            break;
-        }
-        case HandshakeType.client_hello:
-        case HandshakeType.client_key_exchange:
-        case HandshakeType.certificate_verify:
-        case HandshakeType.hello_verify_request:
-        default:
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-    }
-
-    protected void handleSupplementalData(Vector serverSupplementalData)
-        throws IOException
-    {
-        this.tlsClient.processServerSupplementalData(serverSupplementalData);
-        this.connection_state = CS_SERVER_SUPPLEMENTAL_DATA;
-
-        this.keyExchange = tlsClient.getKeyExchange();
-        this.keyExchange.init(getContext());
-    }
-
-    protected void receiveNewSessionTicketMessage(ByteArrayInputStream buf)
-        throws IOException
-    {
-        NewSessionTicket newSessionTicket = NewSessionTicket.parse(buf);
-
-        assertEmpty(buf);
-
-        tlsClient.notifyNewSessionTicket(newSessionTicket);
-    }
-
-    protected void receiveServerHelloMessage(ByteArrayInputStream buf)
-        throws IOException
-    {
-        {
-            ProtocolVersion server_version = TlsUtils.readVersion(buf);
-            if (server_version.isDTLS())
-            {
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-            }
-    
-            // Check that this matches what the server is sending in the record layer
-            if (!server_version.equals(this.recordStream.getReadVersion()))
-            {
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-            }
-    
-            ProtocolVersion client_version = getContext().getClientVersion();
-            if (!server_version.isEqualOrEarlierVersionOf(client_version))
-            {
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-            }
-    
-            this.recordStream.setWriteVersion(server_version);
-            getContextAdmin().setServerVersion(server_version);
-            this.tlsClient.notifyServerVersion(server_version);
-        }
-
-        /*
-         * Read the server random
-         */
-        this.securityParameters.serverRandom = TlsUtils.readFully(32, buf);
-
-        this.selectedSessionID = TlsUtils.readOpaque8(buf);
-        if (this.selectedSessionID.length > 32)
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-        this.tlsClient.notifySessionID(this.selectedSessionID);
-        this.resumedSession = this.selectedSessionID.length > 0 && this.tlsSession != null
-            && Arrays.areEqual(this.selectedSessionID, this.tlsSession.getSessionID());
-
-        /*
-         * Find out which CipherSuite the server has chosen and check that it was one of the offered
-         * ones, and is a valid selection for the negotiated version.
-         */
-        int selectedCipherSuite = TlsUtils.readUint16(buf);
-        if (!Arrays.contains(this.offeredCipherSuites, selectedCipherSuite)
-            || selectedCipherSuite == CipherSuite.TLS_NULL_WITH_NULL_NULL
-            || CipherSuite.isSCSV(selectedCipherSuite)
-            || !TlsUtils.isValidCipherSuiteForVersion(selectedCipherSuite, getContext().getServerVersion()))
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-        this.tlsClient.notifySelectedCipherSuite(selectedCipherSuite);
-
-        /*
-         * Find out which CompressionMethod the server has chosen and check that it was one of the
-         * offered ones.
-         */
-        short selectedCompressionMethod = TlsUtils.readUint8(buf);
-        if (!Arrays.contains(this.offeredCompressionMethods, selectedCompressionMethod))
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-        this.tlsClient.notifySelectedCompressionMethod(selectedCompressionMethod);
-
-        /*
-         * RFC 3546 2.2 The extended server hello message format MAY be sent in place of the server
-         * hello message when the client has requested extended functionality via the extended
-         * client hello message specified in Section 2.1. ... Note that the extended server hello
-         * message is only sent in response to an extended client hello message. This prevents the
-         * possibility that the extended server hello message could "break" existing TLS 1.0
-         * clients.
-         */
-        this.serverExtensions = readExtensions(buf);
-
-        /*
-         * RFC 7627 4. Clients and servers SHOULD NOT accept handshakes that do not use the extended
-         * master secret [..]. (and see 5.2, 5.3)
-         */
-        this.securityParameters.extendedMasterSecret = !TlsUtils.isSSL(tlsClientContext)
-            && TlsExtensionsUtils.hasExtendedMasterSecretExtension(serverExtensions);
-
-        if (!securityParameters.isExtendedMasterSecret()
-            && (resumedSession || tlsClient.requiresExtendedMasterSecret()))
-        {
-            throw new TlsFatalAlert(AlertDescription.handshake_failure);
-        }
-
-        /*
-         * RFC 3546 2.2 Note that the extended server hello message is only sent in response to an
-         * extended client hello message.
-         * 
-         * However, see RFC 5746 exception below. We always include the SCSV, so an Extended Server
-         * Hello is always allowed.
-         */
-        if (this.serverExtensions != null)
-        {
-            Enumeration e = this.serverExtensions.keys();
-            while (e.hasMoreElements())
-            {
-                Integer extType = (Integer)e.nextElement();
-
-                /*
-                 * RFC 5746 3.6. Note that sending a "renegotiation_info" extension in response to a
-                 * ClientHello containing only the SCSV is an explicit exception to the prohibition
-                 * in RFC 5246, Section 7.4.1.4, on the server sending unsolicited extensions and is
-                 * only allowed because the client is signaling its willingness to receive the
-                 * extension via the TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV.
-                 */
-                if (extType.equals(EXT_RenegotiationInfo))
-                {
-                    continue;
-                }
-
-                /*
-                 * RFC 5246 7.4.1.4 An extension type MUST NOT appear in the ServerHello unless the
-                 * same extension type appeared in the corresponding ClientHello. If a client
-                 * receives an extension type in ServerHello that it did not request in the
-                 * associated ClientHello, it MUST abort the handshake with an unsupported_extension
-                 * fatal alert.
-                 */
-                if (null == TlsUtils.getExtensionData(this.clientExtensions, extType))
-                {
-                    throw new TlsFatalAlert(AlertDescription.unsupported_extension);
-                }
-
-                /*
-                 * RFC 3546 2.3. If [...] the older session is resumed, then the server MUST ignore
-                 * extensions appearing in the client hello, and send a server hello containing no
-                 * extensions[.]
-                 */
-                if (this.resumedSession)
-                {
-                    // TODO[compat-gnutls] GnuTLS test server sends server extensions e.g. ec_point_formats
-                    // TODO[compat-openssl] OpenSSL test server sends server extensions e.g. ec_point_formats
-                    // TODO[compat-polarssl] PolarSSL test server sends server extensions e.g. ec_point_formats
-//                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-                }
-            }
-        }
-
-        /*
-         * RFC 5746 3.4. Client Behavior: Initial Handshake
-         */
-        {
-            /*
-             * When a ServerHello is received, the client MUST check if it includes the
-             * "renegotiation_info" extension:
-             */
-            byte[] renegExtData = TlsUtils.getExtensionData(this.serverExtensions, EXT_RenegotiationInfo);
-            if (renegExtData != null)
-            {
-                /*
-                 * If the extension is present, set the secure_renegotiation flag to TRUE. The
-                 * client MUST then verify that the length of the "renegotiated_connection"
-                 * field is zero, and if it is not, MUST abort the handshake (by sending a fatal
-                 * handshake_failure alert).
-                 */
-                this.secure_renegotiation = true;
-
-                if (!Arrays.constantTimeAreEqual(renegExtData, createRenegotiationInfo(TlsUtils.EMPTY_BYTES)))
-                {
-                    throw new TlsFatalAlert(AlertDescription.handshake_failure);
-                }
-            }
-        }
-
-        // TODO[compat-gnutls] GnuTLS test server fails to send renegotiation_info extension when resuming
-        this.tlsClient.notifySecureRenegotiation(this.secure_renegotiation);
-
-        Hashtable sessionClientExtensions = clientExtensions, sessionServerExtensions = serverExtensions;
-        if (this.resumedSession)
-        {
-            if (selectedCipherSuite != this.sessionParameters.getCipherSuite()
-                || selectedCompressionMethod != this.sessionParameters.getCompressionAlgorithm())
-            {
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-            }
-
-            sessionClientExtensions = null;
-            sessionServerExtensions = this.sessionParameters.readServerExtensions();
-        }
-
-        this.securityParameters.cipherSuite = selectedCipherSuite;
-        this.securityParameters.compressionAlgorithm = selectedCompressionMethod;
-
-        if (sessionServerExtensions != null && !sessionServerExtensions.isEmpty())
-        {
-            {
-                /*
-                 * RFC 7366 3. If a server receives an encrypt-then-MAC request extension from a client
-                 * and then selects a stream or Authenticated Encryption with Associated Data (AEAD)
-                 * ciphersuite, it MUST NOT send an encrypt-then-MAC response extension back to the
-                 * client.
-                 */
-                boolean serverSentEncryptThenMAC = TlsExtensionsUtils.hasEncryptThenMACExtension(sessionServerExtensions);
-                if (serverSentEncryptThenMAC && !TlsUtils.isBlockCipherSuite(selectedCipherSuite))
-                {
-                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-                }
-                this.securityParameters.encryptThenMAC = serverSentEncryptThenMAC;
-            }
-
-            this.securityParameters.maxFragmentLength = processMaxFragmentLengthExtension(sessionClientExtensions,
-                sessionServerExtensions, AlertDescription.illegal_parameter);
-
-            this.securityParameters.truncatedHMac = TlsExtensionsUtils.hasTruncatedHMacExtension(sessionServerExtensions);
-
-            /*
-             * TODO It's surprising that there's no provision to allow a 'fresh' CertificateStatus to be sent in
-             * a session resumption handshake.
-             */
-            this.allowCertificateStatus = !this.resumedSession
-                && TlsUtils.hasExpectedEmptyExtensionData(sessionServerExtensions,
-                    TlsExtensionsUtils.EXT_status_request, AlertDescription.illegal_parameter);
-
-            this.expectSessionTicket = !this.resumedSession
-                && TlsUtils.hasExpectedEmptyExtensionData(sessionServerExtensions, TlsProtocol.EXT_SessionTicket,
-                    AlertDescription.illegal_parameter);
-        }
-
-        if (sessionClientExtensions != null)
-        {
-            this.tlsClient.processServerExtensions(sessionServerExtensions);
-        }
-
-        this.securityParameters.prfAlgorithm = getPRFAlgorithm(getContext(),
-            this.securityParameters.getCipherSuite());
-
-        /*
-         * RFC 5246 7.4.9. Any cipher suite which does not explicitly specify
-         * verify_data_length has a verify_data_length equal to 12. This includes all
-         * existing cipher suites.
-         */
-        this.securityParameters.verifyDataLength = 12;
-    }
-
-    protected void sendCertificateVerifyMessage(DigitallySigned certificateVerify)
-        throws IOException
-    {
-        HandshakeMessage message = new HandshakeMessage(HandshakeType.certificate_verify);
-
-        certificateVerify.encode(message);
-
-        message.writeToRecordStream();
-    }
-
-    protected void sendClientHelloMessage()
-        throws IOException
-    {
-        this.recordStream.setWriteVersion(this.tlsClient.getClientHelloRecordLayerVersion());
-
-        ProtocolVersion client_version = this.tlsClient.getClientVersion();
-        if (client_version.isDTLS())
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        getContextAdmin().setClientVersion(client_version);
-
-        /*
-         * TODO RFC 5077 3.4. When presenting a ticket, the client MAY generate and include a
-         * Session ID in the TLS ClientHello.
-         */
-        byte[] session_id = TlsUtils.EMPTY_BYTES;
-        if (this.tlsSession != null)
-        {
-            session_id = this.tlsSession.getSessionID();
-            if (session_id == null || session_id.length > 32)
-            {
-                session_id = TlsUtils.EMPTY_BYTES;
-            }
-        }
-
-        boolean fallback = this.tlsClient.isFallback();
-
-        this.offeredCipherSuites = this.tlsClient.getCipherSuites();
-
-        this.offeredCompressionMethods = this.tlsClient.getCompressionMethods();
-
-        if (session_id.length > 0 && this.sessionParameters != null)
-        {
-            if (!sessionParameters.isExtendedMasterSecret()
-                || !Arrays.contains(this.offeredCipherSuites, sessionParameters.getCipherSuite())
-                || !Arrays.contains(this.offeredCompressionMethods, sessionParameters.getCompressionAlgorithm()))
-            {
-                session_id = TlsUtils.EMPTY_BYTES;
-            }
-        }
-
-        this.clientExtensions = TlsExtensionsUtils.ensureExtensionsInitialised(this.tlsClient.getClientExtensions());
-
-        if (!client_version.isSSL())
-        {
-            TlsExtensionsUtils.addExtendedMasterSecretExtension(this.clientExtensions);
-        }
-
-        HandshakeMessage message = new HandshakeMessage(HandshakeType.client_hello);
-
-        TlsUtils.writeVersion(client_version, message);
-
-        message.write(this.securityParameters.getClientRandom());
-
-        TlsUtils.writeOpaque8(session_id, message);
-
-        // Cipher Suites (and SCSV)
-        {
-            /*
-             * RFC 5746 3.4. The client MUST include either an empty "renegotiation_info" extension,
-             * or the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling cipher suite value in the
-             * ClientHello. Including both is NOT RECOMMENDED.
-             */
-            byte[] renegExtData = TlsUtils.getExtensionData(clientExtensions, EXT_RenegotiationInfo);
-            boolean noRenegExt = (null == renegExtData);
-
-            boolean noRenegSCSV = !Arrays.contains(offeredCipherSuites, CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV);
-
-            if (noRenegExt && noRenegSCSV)
-            {
-                // TODO Consider whether to default to a client extension instead
-                this.offeredCipherSuites = Arrays.append(offeredCipherSuites, CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV);
-            }
-
-            /*
-             * RFC 7507 4. If a client sends a ClientHello.client_version containing a lower value
-             * than the latest (highest-valued) version supported by the client, it SHOULD include
-             * the TLS_FALLBACK_SCSV cipher suite value in ClientHello.cipher_suites [..]. (The
-             * client SHOULD put TLS_FALLBACK_SCSV after all cipher suites that it actually intends
-             * to negotiate.)
-             */
-            if (fallback && !Arrays.contains(offeredCipherSuites, CipherSuite.TLS_FALLBACK_SCSV))
-            {
-                this.offeredCipherSuites = Arrays.append(offeredCipherSuites, CipherSuite.TLS_FALLBACK_SCSV);
-            }
-
-            TlsUtils.writeUint16ArrayWithUint16Length(offeredCipherSuites, message);
-        }
-
-        TlsUtils.writeUint8ArrayWithUint8Length(offeredCompressionMethods, message);
-
-        writeExtensions(message, clientExtensions);
-
-        message.writeToRecordStream();
-    }
-
-    protected void sendClientKeyExchangeMessage()
-        throws IOException
-    {
-        HandshakeMessage message = new HandshakeMessage(HandshakeType.client_key_exchange);
-
-        this.keyExchange.generateClientKeyExchange(message);
-
-        message.writeToRecordStream();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsCompression.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsCompression.java
deleted file mode 100644
index cdeb7e3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsCompression.java
+++ /dev/null

@@ -1,10 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.OutputStream;
-
-public interface TlsCompression
-{
-    OutputStream compress(OutputStream output);
-
-    OutputStream decompress(OutputStream output);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsContext.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsContext.java
deleted file mode 100644
index b3d7d98..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsContext.java
+++ /dev/null

@@ -1,45 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.prng.RandomGenerator;
-
-public interface TlsContext
-{
-    RandomGenerator getNonceRandomGenerator();
-
-    SecureRandom getSecureRandom();
-
-    SecurityParameters getSecurityParameters();
-
-    boolean isServer();
-
-    ProtocolVersion getClientVersion();
-
-    ProtocolVersion getServerVersion();
-
-    /**
-     * Used to get the resumable session, if any, used by this connection. Only available after the
-     * handshake has successfully completed.
-     * 
-     * @return A {@link TlsSession} representing the resumable session used by this connection, or
-     *         null if no resumable session available.
-     * @see TlsPeer#notifyHandshakeComplete()
-     */
-    TlsSession getResumableSession();
-
-    Object getUserObject();
-
-    void setUserObject(Object userObject);
-
-    /**
-     * Export keying material according to RFC 5705: "Keying Material Exporters for TLS".
-     *
-     * @param asciiLabel    indicates which application will use the exported keys.
-     * @param context_value allows the application using the exporter to mix its own data with the TLS PRF for
-     *                      the exporter output.
-     * @param length        the number of bytes to generate
-     * @return a pseudorandom bit string of 'length' bytes generated from the master_secret.
-     */
-    byte[] exportKeyingMaterial(String asciiLabel, byte[] context_value, int length);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsCredentials.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsCredentials.java
deleted file mode 100644
index b8a8747..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsCredentials.java
+++ /dev/null

@@ -1,6 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-public interface TlsCredentials
-{
-    Certificate getCertificate();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsDHEKeyExchange.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsDHEKeyExchange.java
deleted file mode 100644
index 6650cc4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsDHEKeyExchange.java
+++ /dev/null

@@ -1,109 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.Vector;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.params.DHParameters;
-import org.bouncycastle.crypto.params.DHPublicKeyParameters;
-import org.bouncycastle.util.io.TeeInputStream;
-
-public class TlsDHEKeyExchange
-    extends TlsDHKeyExchange
-{
-    protected TlsSignerCredentials serverCredentials = null;
-
-    /**
-     * @deprecated Use constructor that takes a TlsDHVerifier
-     */
-    public TlsDHEKeyExchange(int keyExchange, Vector supportedSignatureAlgorithms, DHParameters dhParameters)
-    {
-        this(keyExchange, supportedSignatureAlgorithms, new DefaultTlsDHVerifier(), dhParameters);
-    }
-
-    public TlsDHEKeyExchange(int keyExchange, Vector supportedSignatureAlgorithms, TlsDHVerifier dhVerifier, DHParameters dhParameters)
-    {
-        super(keyExchange, supportedSignatureAlgorithms, dhVerifier, dhParameters);
-    }
-
-    public void processServerCredentials(TlsCredentials serverCredentials)
-        throws IOException
-    {
-        if (!(serverCredentials instanceof TlsSignerCredentials))
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        processServerCertificate(serverCredentials.getCertificate());
-
-        this.serverCredentials = (TlsSignerCredentials)serverCredentials;
-    }
-
-    public byte[] generateServerKeyExchange()
-        throws IOException
-    {
-        if (this.dhParameters == null)
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        DigestInputBuffer buf = new DigestInputBuffer();
-
-        this.dhAgreePrivateKey = TlsDHUtils.generateEphemeralServerKeyExchange(context.getSecureRandom(),
-            this.dhParameters, buf);
-
-        /*
-         * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
-         */
-        SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtils.getSignatureAndHashAlgorithm(
-            context, serverCredentials);
-
-        Digest d = TlsUtils.createHash(signatureAndHashAlgorithm);
-
-        SecurityParameters securityParameters = context.getSecurityParameters();
-        d.update(securityParameters.clientRandom, 0, securityParameters.clientRandom.length);
-        d.update(securityParameters.serverRandom, 0, securityParameters.serverRandom.length);
-        buf.updateDigest(d);
-
-        byte[] hash = new byte[d.getDigestSize()];
-        d.doFinal(hash, 0);
-
-        byte[] signature = serverCredentials.generateCertificateSignature(hash);
-
-        DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);
-        signed_params.encode(buf);
-
-        return buf.toByteArray();
-    }
-
-    public void processServerKeyExchange(InputStream input)
-        throws IOException
-    {
-        SecurityParameters securityParameters = context.getSecurityParameters();
-
-        SignerInputBuffer buf = new SignerInputBuffer();
-        InputStream teeIn = new TeeInputStream(input, buf);
-
-        this.dhParameters = TlsDHUtils.receiveDHParameters(dhVerifier, teeIn);
-        this.dhAgreePublicKey = new DHPublicKeyParameters(TlsDHUtils.readDHParameter(teeIn), dhParameters);
-
-        DigitallySigned signed_params = parseSignature(input);
-
-        Signer signer = initVerifyer(tlsSigner, signed_params.getAlgorithm(), securityParameters);
-        buf.updateSigner(signer);
-        if (!signer.verifySignature(signed_params.getSignature()))
-        {
-            throw new TlsFatalAlert(AlertDescription.decrypt_error);
-        }
-    }
-
-    protected Signer initVerifyer(TlsSigner tlsSigner, SignatureAndHashAlgorithm algorithm, SecurityParameters securityParameters)
-    {
-        Signer signer = tlsSigner.createVerifyer(algorithm, this.serverPublicKey);
-        signer.update(securityParameters.clientRandom, 0, securityParameters.clientRandom.length);
-        signer.update(securityParameters.serverRandom, 0, securityParameters.serverRandom.length);
-        return signer;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsDHKeyExchange.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsDHKeyExchange.java
deleted file mode 100644
index 52c5e17..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsDHKeyExchange.java
+++ /dev/null

@@ -1,278 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.util.Vector;
-
-import org.bouncycastle.asn1.x509.KeyUsage;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.DHParameters;
-import org.bouncycastle.crypto.params.DHPrivateKeyParameters;
-import org.bouncycastle.crypto.params.DHPublicKeyParameters;
-import org.bouncycastle.crypto.util.PublicKeyFactory;
-
-/**
- * (D)TLS DH key exchange.
- */
-public class TlsDHKeyExchange
-    extends AbstractTlsKeyExchange
-{
-    protected TlsSigner tlsSigner;
-    protected TlsDHVerifier dhVerifier;
-    protected DHParameters dhParameters;
-
-    protected AsymmetricKeyParameter serverPublicKey;
-    protected TlsAgreementCredentials agreementCredentials;
-
-    protected DHPrivateKeyParameters dhAgreePrivateKey;
-    protected DHPublicKeyParameters dhAgreePublicKey;
-
-    /**
-     * @deprecated Use constructor that takes a TlsDHVerifier
-     */
-    public TlsDHKeyExchange(int keyExchange, Vector supportedSignatureAlgorithms, DHParameters dhParameters)
-    {
-        this(keyExchange, supportedSignatureAlgorithms, new DefaultTlsDHVerifier(), dhParameters);
-    }
-
-    public TlsDHKeyExchange(int keyExchange, Vector supportedSignatureAlgorithms, TlsDHVerifier dhVerifier, DHParameters dhParameters)
-    {
-        super(keyExchange, supportedSignatureAlgorithms);
-
-        switch (keyExchange)
-        {
-        case KeyExchangeAlgorithm.DH_anon:
-        case KeyExchangeAlgorithm.DH_RSA:
-        case KeyExchangeAlgorithm.DH_DSS:
-            this.tlsSigner = null;
-            break;
-        case KeyExchangeAlgorithm.DHE_RSA:
-            this.tlsSigner = new TlsRSASigner();
-            break;
-        case KeyExchangeAlgorithm.DHE_DSS:
-            this.tlsSigner = new TlsDSSSigner();
-            break;
-        default:
-            throw new IllegalArgumentException("unsupported key exchange algorithm");
-        }
-
-        this.dhVerifier = dhVerifier;
-        this.dhParameters = dhParameters;
-    }
-
-    public void init(TlsContext context)
-    {
-        super.init(context);
-
-        if (this.tlsSigner != null)
-        {
-            this.tlsSigner.init(context);
-        }
-    }
-
-    public void skipServerCredentials()
-        throws IOException
-    {
-        if (keyExchange != KeyExchangeAlgorithm.DH_anon)
-        {
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-    }
-
-    public void processServerCertificate(Certificate serverCertificate)
-        throws IOException
-    {
-        if (keyExchange == KeyExchangeAlgorithm.DH_anon)
-        {
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-        if (serverCertificate.isEmpty())
-        {
-            throw new TlsFatalAlert(AlertDescription.bad_certificate);
-        }
-
-        org.bouncycastle.asn1.x509.Certificate x509Cert = serverCertificate.getCertificateAt(0);
-
-        SubjectPublicKeyInfo keyInfo = x509Cert.getSubjectPublicKeyInfo();
-        try
-        {
-            this.serverPublicKey = PublicKeyFactory.createKey(keyInfo);
-        }
-        catch (RuntimeException e)
-        {
-            throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e);
-        }
-
-        if (tlsSigner == null)
-        {
-            try
-            {
-                this.dhAgreePublicKey = (DHPublicKeyParameters)this.serverPublicKey;
-                this.dhParameters = dhAgreePublicKey.getParameters();
-            }
-            catch (ClassCastException e)
-            {
-                throw new TlsFatalAlert(AlertDescription.certificate_unknown, e);
-            }
-
-            TlsUtils.validateKeyUsage(x509Cert, KeyUsage.keyAgreement);
-        }
-        else
-        {
-            if (!tlsSigner.isValidPublicKey(this.serverPublicKey))
-            {
-                throw new TlsFatalAlert(AlertDescription.certificate_unknown);
-            }
-
-            TlsUtils.validateKeyUsage(x509Cert, KeyUsage.digitalSignature);
-        }
-
-        super.processServerCertificate(serverCertificate);
-    }
-
-    public boolean requiresServerKeyExchange()
-    {
-        switch (keyExchange)
-        {
-        case KeyExchangeAlgorithm.DH_anon:
-        case KeyExchangeAlgorithm.DHE_DSS:
-        case KeyExchangeAlgorithm.DHE_RSA:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    public byte[] generateServerKeyExchange() throws IOException
-    {
-        if (!requiresServerKeyExchange())
-        {
-            return null;
-        }
-
-        // DH_anon is handled here, DHE_* in a subclass
-
-        ByteArrayOutputStream buf = new ByteArrayOutputStream();
-        this.dhAgreePrivateKey = TlsDHUtils.generateEphemeralServerKeyExchange(context.getSecureRandom(),
-            this.dhParameters, buf);
-        return buf.toByteArray();
-    }
-
-    public void processServerKeyExchange(InputStream input) throws IOException
-    {
-        if (!requiresServerKeyExchange())
-        {
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-
-        // DH_anon is handled here, DHE_* in a subclass
-
-        this.dhParameters = TlsDHUtils.receiveDHParameters(dhVerifier, input);
-        this.dhAgreePublicKey = new DHPublicKeyParameters(TlsDHUtils.readDHParameter(input), dhParameters);
-    }
-
-    public void validateCertificateRequest(CertificateRequest certificateRequest)
-        throws IOException
-    {
-        if (keyExchange == KeyExchangeAlgorithm.DH_anon)
-        {
-            throw new TlsFatalAlert(AlertDescription.handshake_failure);
-        }
-
-        short[] types = certificateRequest.getCertificateTypes();
-        for (int i = 0; i < types.length; ++i)
-        {
-            switch (types[i])
-            {
-            case ClientCertificateType.rsa_sign:
-            case ClientCertificateType.dss_sign:
-            case ClientCertificateType.rsa_fixed_dh:
-            case ClientCertificateType.dss_fixed_dh:
-            case ClientCertificateType.ecdsa_sign:
-                break;
-            default:
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-            }
-        }
-    }
-
-    public void processClientCredentials(TlsCredentials clientCredentials)
-        throws IOException
-    {
-        if (keyExchange == KeyExchangeAlgorithm.DH_anon)
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        if (clientCredentials instanceof TlsAgreementCredentials)
-        {
-            // TODO Validate client cert has matching parameters (see 'areCompatibleParameters')?
-
-            this.agreementCredentials = (TlsAgreementCredentials)clientCredentials;
-        }
-        else if (clientCredentials instanceof TlsSignerCredentials)
-        {
-            // OK
-        }
-        else
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    public void generateClientKeyExchange(OutputStream output)
-        throws IOException
-    {
-        /*
-         * RFC 2246 7.4.7.2 If the client certificate already contains a suitable Diffie-Hellman
-         * key, then Yc is implicit and does not need to be sent again. In this case, the Client Key
-         * Exchange message will be sent, but will be empty.
-         */
-        if (agreementCredentials == null)
-        {
-            this.dhAgreePrivateKey = TlsDHUtils.generateEphemeralClientKeyExchange(context.getSecureRandom(),
-                dhParameters, output);
-        }
-    }
-
-    public void processClientCertificate(Certificate clientCertificate) throws IOException
-    {
-        if (keyExchange == KeyExchangeAlgorithm.DH_anon)
-        {
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-
-        // TODO Extract the public key
-        // TODO If the certificate is 'fixed', take the public key as dhAgreePublicKey
-    }
-
-    public void processClientKeyExchange(InputStream input) throws IOException
-    {
-        if (dhAgreePublicKey != null)
-        {
-            // For dss_fixed_dh and rsa_fixed_dh, the key arrived in the client certificate
-            return;
-        }
-
-        this.dhAgreePublicKey = new DHPublicKeyParameters(TlsDHUtils.readDHParameter(input), dhParameters);
-    }
-
-    public byte[] generatePremasterSecret()
-        throws IOException
-    {
-        if (agreementCredentials != null)
-        {
-            return agreementCredentials.generateAgreement(dhAgreePublicKey);
-        }
-
-        if (dhAgreePrivateKey != null)
-        {
-            return TlsDHUtils.calculateDHBasicAgreement(dhAgreePublicKey, dhAgreePrivateKey);
-        }
-
-        throw new TlsFatalAlert(AlertDescription.internal_error);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsDHUtils.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsDHUtils.java
deleted file mode 100644
index 4523c32..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsDHUtils.java
+++ /dev/null

@@ -1,520 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.math.BigInteger;
-import java.security.SecureRandom;
-import java.util.Hashtable;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.agreement.DHBasicAgreement;
-import org.bouncycastle.crypto.generators.DHBasicKeyPairGenerator;
-import org.bouncycastle.crypto.params.DHKeyGenerationParameters;
-import org.bouncycastle.crypto.params.DHParameters;
-import org.bouncycastle.crypto.params.DHPrivateKeyParameters;
-import org.bouncycastle.crypto.params.DHPublicKeyParameters;
-import org.bouncycastle.util.BigIntegers;
-import org.bouncycastle.util.Integers;
-import org.bouncycastle.util.encoders.Hex;
-
-public class TlsDHUtils
-{
-    static final BigInteger TWO = BigInteger.valueOf(2);
-
-    public static final Integer EXT_negotiated_ff_dhe_groups = Integers.valueOf(ExtensionType.negotiated_ff_dhe_groups);
-
-    /*
-     * TODO[draft-ietf-tls-negotiated-ff-dhe-01] Move these groups to DHStandardGroups once reaches RFC
-     */
-    private static BigInteger fromHex(String hex)
-    {
-        return new BigInteger(1, Hex.decode(hex));
-    }
-
-    private static DHParameters fromSafeP(String hexP)
-    {
-        BigInteger p = fromHex(hexP), q = p.shiftRight(1);
-        return new DHParameters(p, TWO, q);
-    }
-
-    private static final String draft_ffdhe2432_p =
-          "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1"
-        + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9"
-        + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561"
-        + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935"
-        + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735"
-        + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB"
-        + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19"
-        + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61"
-        + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73"
-        + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA"
-        + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238"
-        + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C"
-        + "AEFE13098533C8B3FFFFFFFFFFFFFFFF";
-    static final DHParameters draft_ffdhe2432 = fromSafeP(draft_ffdhe2432_p);
-
-    private static final String draft_ffdhe3072_p =
-          "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1"
-        + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9"
-        + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561"
-        + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935"
-        + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735"
-        + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB"
-        + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19"
-        + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61"
-        + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73"
-        + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA"
-        + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238"
-        + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C"
-        + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3"
-        + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D"
-        + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF"
-        + "3C1B20EE3FD59D7C25E41D2B66C62E37FFFFFFFFFFFFFFFF";
-    static final DHParameters draft_ffdhe3072 = fromSafeP(draft_ffdhe3072_p);
-
-    private static final String draft_ffdhe4096_p =
-          "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1"
-        + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9"
-        + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561"
-        + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935"
-        + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735"
-        + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB"
-        + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19"
-        + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61"
-        + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73"
-        + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA"
-        + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238"
-        + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C"
-        + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3"
-        + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D"
-        + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF"
-        + "3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB"
-        + "7930E9E4E58857B6AC7D5F42D69F6D187763CF1D55034004"
-        + "87F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832"
-        + "A907600A918130C46DC778F971AD0038092999A333CB8B7A"
-        + "1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF"
-        + "8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E655F6A"
-        + "FFFFFFFFFFFFFFFF";
-    static final DHParameters draft_ffdhe4096 = fromSafeP(draft_ffdhe4096_p);
-
-    private static final String draft_ffdhe6144_p =
-          "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1"
-        + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9"
-        + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561"
-        + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935"
-        + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735"
-        + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB"
-        + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19"
-        + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61"
-        + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73"
-        + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA"
-        + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238"
-        + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C"
-        + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3"
-        + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D"
-        + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF"
-        + "3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB"
-        + "7930E9E4E58857B6AC7D5F42D69F6D187763CF1D55034004"
-        + "87F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832"
-        + "A907600A918130C46DC778F971AD0038092999A333CB8B7A"
-        + "1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF"
-        + "8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E0DD902"
-        + "0BFD64B645036C7A4E677D2C38532A3A23BA4442CAF53EA6"
-        + "3BB454329B7624C8917BDD64B1C0FD4CB38E8C334C701C3A"
-        + "CDAD0657FCCFEC719B1F5C3E4E46041F388147FB4CFDB477"
-        + "A52471F7A9A96910B855322EDB6340D8A00EF092350511E3"
-        + "0ABEC1FFF9E3A26E7FB29F8C183023C3587E38DA0077D9B4"
-        + "763E4E4B94B2BBC194C6651E77CAF992EEAAC0232A281BF6"
-        + "B3A739C1226116820AE8DB5847A67CBEF9C9091B462D538C"
-        + "D72B03746AE77F5E62292C311562A846505DC82DB854338A"
-        + "E49F5235C95B91178CCF2DD5CACEF403EC9D1810C6272B04"
-        + "5B3B71F9DC6B80D63FDD4A8E9ADB1E6962A69526D43161C1"
-        + "A41D570D7938DAD4A40E329CD0E40E65FFFFFFFFFFFFFFFF";
-    static final DHParameters draft_ffdhe6144 = fromSafeP(draft_ffdhe6144_p);
-
-    private static final String draft_ffdhe8192_p =
-          "FFFFFFFFFFFFFFFFADF85458A2BB4A9AAFDC5620273D3CF1"
-        + "D8B9C583CE2D3695A9E13641146433FBCC939DCE249B3EF9"
-        + "7D2FE363630C75D8F681B202AEC4617AD3DF1ED5D5FD6561"
-        + "2433F51F5F066ED0856365553DED1AF3B557135E7F57C935"
-        + "984F0C70E0E68B77E2A689DAF3EFE8721DF158A136ADE735"
-        + "30ACCA4F483A797ABC0AB182B324FB61D108A94BB2C8E3FB"
-        + "B96ADAB760D7F4681D4F42A3DE394DF4AE56EDE76372BB19"
-        + "0B07A7C8EE0A6D709E02FCE1CDF7E2ECC03404CD28342F61"
-        + "9172FE9CE98583FF8E4F1232EEF28183C3FE3B1B4C6FAD73"
-        + "3BB5FCBC2EC22005C58EF1837D1683B2C6F34A26C1B2EFFA"
-        + "886B4238611FCFDCDE355B3B6519035BBC34F4DEF99C0238"
-        + "61B46FC9D6E6C9077AD91D2691F7F7EE598CB0FAC186D91C"
-        + "AEFE130985139270B4130C93BC437944F4FD4452E2D74DD3"
-        + "64F2E21E71F54BFF5CAE82AB9C9DF69EE86D2BC522363A0D"
-        + "ABC521979B0DEADA1DBF9A42D5C4484E0ABCD06BFA53DDEF"
-        + "3C1B20EE3FD59D7C25E41D2B669E1EF16E6F52C3164DF4FB"
-        + "7930E9E4E58857B6AC7D5F42D69F6D187763CF1D55034004"
-        + "87F55BA57E31CC7A7135C886EFB4318AED6A1E012D9E6832"
-        + "A907600A918130C46DC778F971AD0038092999A333CB8B7A"
-        + "1A1DB93D7140003C2A4ECEA9F98D0ACC0A8291CDCEC97DCF"
-        + "8EC9B55A7F88A46B4DB5A851F44182E1C68A007E5E0DD902"
-        + "0BFD64B645036C7A4E677D2C38532A3A23BA4442CAF53EA6"
-        + "3BB454329B7624C8917BDD64B1C0FD4CB38E8C334C701C3A"
-        + "CDAD0657FCCFEC719B1F5C3E4E46041F388147FB4CFDB477"
-        + "A52471F7A9A96910B855322EDB6340D8A00EF092350511E3"
-        + "0ABEC1FFF9E3A26E7FB29F8C183023C3587E38DA0077D9B4"
-        + "763E4E4B94B2BBC194C6651E77CAF992EEAAC0232A281BF6"
-        + "B3A739C1226116820AE8DB5847A67CBEF9C9091B462D538C"
-        + "D72B03746AE77F5E62292C311562A846505DC82DB854338A"
-        + "E49F5235C95B91178CCF2DD5CACEF403EC9D1810C6272B04"
-        + "5B3B71F9DC6B80D63FDD4A8E9ADB1E6962A69526D43161C1"
-        + "A41D570D7938DAD4A40E329CCFF46AAA36AD004CF600C838"
-        + "1E425A31D951AE64FDB23FCEC9509D43687FEB69EDD1CC5E"
-        + "0B8CC3BDF64B10EF86B63142A3AB8829555B2F747C932665"
-        + "CB2C0F1CC01BD70229388839D2AF05E454504AC78B758282"
-        + "2846C0BA35C35F5C59160CC046FD8251541FC68C9C86B022"
-        + "BB7099876A460E7451A8A93109703FEE1C217E6C3826E52C"
-        + "51AA691E0E423CFC99E9E31650C1217B624816CDAD9A95F9"
-        + "D5B8019488D9C0A0A1FE3075A577E23183F81D4A3F2FA457"
-        + "1EFC8CE0BA8A4FE8B6855DFE72B0A66EDED2FBABFBE58A30"
-        + "FAFABE1C5D71A87E2F741EF8C1FE86FEA6BBFDE530677F0D"
-        + "97D11D49F7A8443D0822E506A9F4614E011E2A94838FF88C"
-        + "D68C8BB7C5C6424CFFFFFFFFFFFFFFFF";
-    static final DHParameters draft_ffdhe8192 = fromSafeP(draft_ffdhe8192_p);
-
-    
-    public static void addNegotiatedDHEGroupsClientExtension(Hashtable extensions, short[] dheGroups)
-        throws IOException
-    {
-        extensions.put(EXT_negotiated_ff_dhe_groups, createNegotiatedDHEGroupsClientExtension(dheGroups));
-    }
-
-    public static void addNegotiatedDHEGroupsServerExtension(Hashtable extensions, short dheGroup)
-        throws IOException
-    {
-        extensions.put(EXT_negotiated_ff_dhe_groups, createNegotiatedDHEGroupsServerExtension(dheGroup));
-    }
-
-    public static short[] getNegotiatedDHEGroupsClientExtension(Hashtable extensions) throws IOException
-    {
-        byte[] extensionData = TlsUtils.getExtensionData(extensions, EXT_negotiated_ff_dhe_groups);
-        return extensionData == null ? null : readNegotiatedDHEGroupsClientExtension(extensionData);
-    }
-
-    public static short getNegotiatedDHEGroupsServerExtension(Hashtable extensions) throws IOException
-    {
-        byte[] extensionData = TlsUtils.getExtensionData(extensions, EXT_negotiated_ff_dhe_groups);
-        return extensionData == null ? -1 : readNegotiatedDHEGroupsServerExtension(extensionData);
-    }
-
-    public static byte[] createNegotiatedDHEGroupsClientExtension(short[] dheGroups) throws IOException
-    {
-        if (dheGroups == null || dheGroups.length < 1 || dheGroups.length > 255)
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        return TlsUtils.encodeUint8ArrayWithUint8Length(dheGroups);
-    }
-
-    public static byte[] createNegotiatedDHEGroupsServerExtension(short dheGroup) throws IOException
-    {
-        TlsUtils.checkUint8(dheGroup);
-
-        byte[] extensionData = new byte[1];
-        TlsUtils.writeUint8(dheGroup, extensionData, 0);
-        return extensionData;
-    }
-
-    public static short[] readNegotiatedDHEGroupsClientExtension(byte[] extensionData) throws IOException
-    {
-        if (extensionData == null)
-        {
-            throw new IllegalArgumentException("'extensionData' cannot be null");
-        }
-
-        ByteArrayInputStream buf = new ByteArrayInputStream(extensionData);
-
-        short length = TlsUtils.readUint8(buf);
-        if (length < 1)
-        {
-            throw new TlsFatalAlert(AlertDescription.decode_error);
-        }
-
-        short[] dheGroups = TlsUtils.readUint8Array(length, buf);
-
-        TlsProtocol.assertEmpty(buf);
-
-        return dheGroups;
-    }
-
-    public static short readNegotiatedDHEGroupsServerExtension(byte[] extensionData) throws IOException
-    {
-        if (extensionData == null)
-        {
-            throw new IllegalArgumentException("'extensionData' cannot be null");
-        }
-
-        if (extensionData.length != 1)
-        {
-            throw new TlsFatalAlert(AlertDescription.decode_error);
-        }
-
-        return TlsUtils.readUint8(extensionData, 0);
-    }
-
-    public static DHParameters getParametersForDHEGroup(short dheGroup)
-    {
-        switch (dheGroup)
-        {
-        case FiniteFieldDHEGroup.ffdhe2432:
-            return draft_ffdhe2432;
-        case FiniteFieldDHEGroup.ffdhe3072:
-            return draft_ffdhe3072;
-        case FiniteFieldDHEGroup.ffdhe4096:
-            return draft_ffdhe4096;
-        case FiniteFieldDHEGroup.ffdhe6144:
-            return draft_ffdhe6144;
-        case FiniteFieldDHEGroup.ffdhe8192:
-            return draft_ffdhe8192;
-        default:
-            return null;
-        }
-    }
-
-    public static boolean containsDHECipherSuites(int[] cipherSuites)
-    {
-        for (int i = 0; i < cipherSuites.length; ++i)
-        {
-            if (isDHECipherSuite(cipherSuites[i]))
-            {
-                return true;
-            }
-        }
-        return false;
-    }
-
-    public static boolean isDHECipherSuite(int cipherSuite)
-    {
-        switch (cipherSuite)
-        {
-        /*
-         * RFC 2246
-         */
-        case CipherSuite.TLS_DHE_DSS_EXPORT_WITH_DES40_CBC_SHA:
-        case CipherSuite.TLS_DHE_DSS_WITH_DES_CBC_SHA:
-        case CipherSuite.TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_DHE_RSA_EXPORT_WITH_DES40_CBC_SHA:
-        case CipherSuite.TLS_DHE_RSA_WITH_DES_CBC_SHA:
-        case CipherSuite.TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
-
-        /*
-         * RFC 3268
-         */
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
-
-        /*
-         * RFC 5932
-         */
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256:
-
-        /*
-         * RFC 4162
-         */
-        case CipherSuite.TLS_DHE_DSS_WITH_SEED_CBC_SHA:
-        case CipherSuite.TLS_DHE_RSA_WITH_SEED_CBC_SHA:
-
-        /*
-         * RFC 4279
-         */
-        case CipherSuite.TLS_DHE_PSK_WITH_RC4_128_SHA:
-        case CipherSuite.TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA:
-
-        /*
-         * RFC 4785
-         */
-        case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA:
-
-        /*
-         * RFC 5246
-         */
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:
-
-        /*
-         * RFC 5288
-         */
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384:
-
-        /*
-         * RFC 5487
-         */
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA256:
-        case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA384:
-
-        /*
-         * RFC 6367
-         */
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
-
-        /*
-         * RFC 6655
-         */
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM_8:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM_8:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CCM:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CCM:
-        case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8:
-        case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8:
-
-        /*
-         * draft-ietf-tls-chacha20-poly1305-04
-         */
-        case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
-
-        /*
-         * draft-zauner-tls-aes-ocb-04
-         */
-        case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_128_OCB:
-        case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_256_OCB:
-        case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_128_OCB:
-        case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_256_OCB:
-
-        /*
-         * DH_anon cipher suites are consider ephemeral DH 
-         */
-        case CipherSuite.TLS_DH_anon_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_DH_anon_WITH_RC4_128_MD5:
-        case CipherSuite.TLS_DH_anon_WITH_SEED_CBC_SHA:
-
-            return true;
-
-        default:
-            return false;
-        }
-    }
-
-    public static boolean areCompatibleParameters(DHParameters a, DHParameters b)
-    {
-        return a.getP().equals(b.getP()) && a.getG().equals(b.getG())
-            && (a.getQ() == null || b.getQ() == null || a.getQ().equals(b.getQ()));
-    }
-
-    public static byte[] calculateDHBasicAgreement(DHPublicKeyParameters publicKey, DHPrivateKeyParameters privateKey)
-    {
-        DHBasicAgreement basicAgreement = new DHBasicAgreement();
-        basicAgreement.init(privateKey);
-        BigInteger agreementValue = basicAgreement.calculateAgreement(publicKey);
-
-        /*
-         * RFC 5246 8.1.2. Leading bytes of Z that contain all zero bits are stripped before it is
-         * used as the pre_master_secret.
-         */
-        return BigIntegers.asUnsignedByteArray(agreementValue);
-    }
-
-    public static AsymmetricCipherKeyPair generateDHKeyPair(SecureRandom random, DHParameters dhParams)
-    {
-        DHBasicKeyPairGenerator dhGen = new DHBasicKeyPairGenerator();
-        dhGen.init(new DHKeyGenerationParameters(random, dhParams));
-        return dhGen.generateKeyPair();
-    }
-
-    public static DHPrivateKeyParameters generateEphemeralClientKeyExchange(SecureRandom random, DHParameters dhParams,
-        OutputStream output) throws IOException
-    {
-        AsymmetricCipherKeyPair kp = generateDHKeyPair(random, dhParams);
-
-        DHPublicKeyParameters dhPublic = (DHPublicKeyParameters) kp.getPublic();
-        writeDHParameter(dhPublic.getY(), output);
-
-        return (DHPrivateKeyParameters) kp.getPrivate();
-    }
-
-    public static DHPrivateKeyParameters generateEphemeralServerKeyExchange(SecureRandom random, DHParameters dhParams,
-        OutputStream output) throws IOException
-    {
-        AsymmetricCipherKeyPair kp = generateDHKeyPair(random, dhParams);
-
-        DHPublicKeyParameters dhPublic = (DHPublicKeyParameters)kp.getPublic();
-        writeDHParameters(dhParams, output);
-        writeDHParameter(dhPublic.getY(), output);
-
-        return (DHPrivateKeyParameters)kp.getPrivate();
-    }
-
-    public static BigInteger readDHParameter(InputStream input) throws IOException
-    {
-        return new BigInteger(1, TlsUtils.readOpaque16(input));
-    }
-
-    public static DHParameters readDHParameters(InputStream input) throws IOException
-    {
-        BigInteger p = readDHParameter(input);
-        BigInteger g = readDHParameter(input);
-
-        return new DHParameters(p, g);
-    }
-
-    public static DHParameters receiveDHParameters(TlsDHVerifier dhVerifier, InputStream input) throws IOException
-    {
-        DHParameters dhParameters = readDHParameters(input);
-        if (!dhVerifier.accept(dhParameters))
-        {
-            throw new TlsFatalAlert(AlertDescription.insufficient_security);
-        }
-        return dhParameters;
-    }
-
-    public static void writeDHParameter(BigInteger x, OutputStream output) throws IOException
-    {
-        TlsUtils.writeOpaque16(BigIntegers.asUnsignedByteArray(x), output);
-    }
-
-    public static void writeDHParameters(DHParameters dhParameters, OutputStream output) throws IOException
-    {
-        writeDHParameter(dhParameters.getP(), output);
-        writeDHParameter(dhParameters.getG(), output);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsDHVerifier.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsDHVerifier.java
deleted file mode 100644
index 2140c0e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsDHVerifier.java
+++ /dev/null

@@ -1,17 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import org.bouncycastle.crypto.params.DHParameters;
-
-/**
- * Interface a class for verifying Diffie-Hellman parameters needs to conform to.
- */
-public interface TlsDHVerifier
-{
-    /**
-     * Check whether the given DH parameters are acceptable for use.
-     * 
-     * @param dhParameters the {@link DHParameters} to check
-     * @return true if (and only if) the specified parameters are acceptable
-     */
-    boolean accept(DHParameters dhParameters);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsDSASigner.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsDSASigner.java
deleted file mode 100644
index 7d068bf..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsDSASigner.java
+++ /dev/null

@@ -1,90 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.DSA;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.digests.NullDigest;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.signers.DSADigestSigner;
-
-public abstract class TlsDSASigner
-    extends AbstractTlsSigner
-{
-    public byte[] generateRawSignature(SignatureAndHashAlgorithm algorithm,
-        AsymmetricKeyParameter privateKey, byte[] hash)
-        throws CryptoException
-    {
-        Signer signer = makeSigner(algorithm, true, true,
-            new ParametersWithRandom(privateKey, this.context.getSecureRandom()));
-        if (algorithm == null)
-        {
-            // Note: Only use the SHA1 part of the (MD5/SHA1) hash
-            signer.update(hash, 16, 20);
-        }
-        else
-        {
-            signer.update(hash, 0, hash.length);
-        }
-        return signer.generateSignature();
-    }
-
-    public boolean verifyRawSignature(SignatureAndHashAlgorithm algorithm, byte[] sigBytes,
-        AsymmetricKeyParameter publicKey, byte[] hash)
-        throws CryptoException
-    {
-        Signer signer = makeSigner(algorithm, true, false, publicKey);
-        if (algorithm == null)
-        {
-            // Note: Only use the SHA1 part of the (MD5/SHA1) hash
-            signer.update(hash, 16, 20);
-        }
-        else
-        {
-            signer.update(hash, 0, hash.length);
-        }
-        return signer.verifySignature(sigBytes);
-    }
-
-    public Signer createSigner(SignatureAndHashAlgorithm algorithm, AsymmetricKeyParameter privateKey)
-    {
-        return makeSigner(algorithm, false, true, privateKey);
-    }
-
-    public Signer createVerifyer(SignatureAndHashAlgorithm algorithm, AsymmetricKeyParameter publicKey)
-    {
-        return makeSigner(algorithm, false, false, publicKey);
-    }
-
-    protected CipherParameters makeInitParameters(boolean forSigning, CipherParameters cp)
-    {
-        return cp;
-    }
-
-    protected Signer makeSigner(SignatureAndHashAlgorithm algorithm, boolean raw, boolean forSigning,
-        CipherParameters cp)
-    {
-        if ((algorithm != null) != TlsUtils.isTLSv12(context))
-        {
-            throw new IllegalStateException();
-        }
-
-        if (algorithm != null && algorithm.getSignature() != getSignatureAlgorithm())
-        {
-            throw new IllegalStateException();
-        }
-
-        short hashAlgorithm = algorithm == null ? HashAlgorithm.sha1 : algorithm.getHash();
-        Digest d = raw ? new NullDigest() : TlsUtils.createHash(hashAlgorithm);
-
-        Signer s = new DSADigestSigner(createDSAImpl(hashAlgorithm), d);
-        s.init(forSigning, makeInitParameters(forSigning, cp));
-        return s;
-    }
-
-    protected abstract short getSignatureAlgorithm();
-
-    protected abstract DSA createDSAImpl(short hashAlgorithm);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsDSSSigner.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsDSSSigner.java
deleted file mode 100644
index 2914b7e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsDSSSigner.java
+++ /dev/null

@@ -1,26 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import org.bouncycastle.crypto.DSA;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.DSAPublicKeyParameters;
-import org.bouncycastle.crypto.signers.DSASigner;
-import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
-
-public class TlsDSSSigner
-    extends TlsDSASigner
-{
-    public boolean isValidPublicKey(AsymmetricKeyParameter publicKey)
-    {
-        return publicKey instanceof DSAPublicKeyParameters;
-    }
-
-    protected DSA createDSAImpl(short hashAlgorithm)
-    {
-        return new DSASigner(new HMacDSAKCalculator(TlsUtils.createHash(hashAlgorithm)));
-    }
-
-    protected short getSignatureAlgorithm()
-    {
-        return SignatureAlgorithm.dsa;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsECCUtils.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsECCUtils.java
deleted file mode 100644
index 0bcf8cb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsECCUtils.java
+++ /dev/null

@@ -1,761 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.math.BigInteger;
-import java.security.SecureRandom;
-import java.util.Hashtable;
-
-import org.bouncycastle.asn1.x9.ECNamedCurveTable;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.agreement.ECDHBasicAgreement;
-import org.bouncycastle.crypto.ec.CustomNamedCurves;
-import org.bouncycastle.crypto.generators.ECKeyPairGenerator;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECKeyGenerationParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.math.ec.ECAlgorithms;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.field.PolynomialExtensionField;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.BigIntegers;
-import org.bouncycastle.util.Integers;
-
-public class TlsECCUtils
-{
-    public static final Integer EXT_elliptic_curves = Integers.valueOf(ExtensionType.elliptic_curves);
-    public static final Integer EXT_ec_point_formats = Integers.valueOf(ExtensionType.ec_point_formats);
-
-    private static final String[] CURVE_NAMES = new String[] { "sect163k1", "sect163r1", "sect163r2", "sect193r1",
-        "sect193r2", "sect233k1", "sect233r1", "sect239k1", "sect283k1", "sect283r1", "sect409k1", "sect409r1",
-        "sect571k1", "sect571r1", "secp160k1", "secp160r1", "secp160r2", "secp192k1", "secp192r1", "secp224k1",
-        "secp224r1", "secp256k1", "secp256r1", "secp384r1", "secp521r1",
-        "brainpoolP256r1", "brainpoolP384r1", "brainpoolP512r1"};
-
-    public static void addSupportedEllipticCurvesExtension(Hashtable extensions, int[] namedCurves) throws IOException
-    {
-        extensions.put(EXT_elliptic_curves, createSupportedEllipticCurvesExtension(namedCurves));
-    }
-
-    public static void addSupportedPointFormatsExtension(Hashtable extensions, short[] ecPointFormats)
-        throws IOException
-    {
-        extensions.put(EXT_ec_point_formats, createSupportedPointFormatsExtension(ecPointFormats));
-    }
-
-    public static int[] getSupportedEllipticCurvesExtension(Hashtable extensions) throws IOException
-    {
-        byte[] extensionData = TlsUtils.getExtensionData(extensions, EXT_elliptic_curves);
-        return extensionData == null ? null : readSupportedEllipticCurvesExtension(extensionData);
-    }
-
-    public static short[] getSupportedPointFormatsExtension(Hashtable extensions) throws IOException
-    {
-        byte[] extensionData = TlsUtils.getExtensionData(extensions, EXT_ec_point_formats);
-        return extensionData == null ? null : readSupportedPointFormatsExtension(extensionData);
-    }
-
-    public static byte[] createSupportedEllipticCurvesExtension(int[] namedCurves) throws IOException
-    {
-        if (namedCurves == null || namedCurves.length < 1)
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        return TlsUtils.encodeUint16ArrayWithUint16Length(namedCurves);
-    }
-
-    public static byte[] createSupportedPointFormatsExtension(short[] ecPointFormats) throws IOException
-    {
-        if (ecPointFormats == null || !Arrays.contains(ecPointFormats, ECPointFormat.uncompressed))
-        {
-            /*
-             * RFC 4492 5.1. If the Supported Point Formats Extension is indeed sent, it MUST
-             * contain the value 0 (uncompressed) as one of the items in the list of point formats.
-             */
-
-            // NOTE: We add it at the end (lowest preference)
-            ecPointFormats = Arrays.append(ecPointFormats, ECPointFormat.uncompressed);
-        }
-
-        return TlsUtils.encodeUint8ArrayWithUint8Length(ecPointFormats);
-    }
-
-    public static int[] readSupportedEllipticCurvesExtension(byte[] extensionData) throws IOException
-    {
-        if (extensionData == null)
-        {
-            throw new IllegalArgumentException("'extensionData' cannot be null");
-        }
-
-        ByteArrayInputStream buf = new ByteArrayInputStream(extensionData);
-
-        int length = TlsUtils.readUint16(buf);
-        if (length < 2 || (length & 1) != 0)
-        {
-            throw new TlsFatalAlert(AlertDescription.decode_error);
-        }
-
-        int[] namedCurves = TlsUtils.readUint16Array(length / 2, buf);
-
-        TlsProtocol.assertEmpty(buf);
-
-        return namedCurves;
-    }
-
-    public static short[] readSupportedPointFormatsExtension(byte[] extensionData) throws IOException
-    {
-        if (extensionData == null)
-        {
-            throw new IllegalArgumentException("'extensionData' cannot be null");
-        }
-
-        ByteArrayInputStream buf = new ByteArrayInputStream(extensionData);
-
-        short length = TlsUtils.readUint8(buf);
-        if (length < 1)
-        {
-            throw new TlsFatalAlert(AlertDescription.decode_error);
-        }
-
-        short[] ecPointFormats = TlsUtils.readUint8Array(length, buf);
-
-        TlsProtocol.assertEmpty(buf);
-
-        if (!Arrays.contains(ecPointFormats, ECPointFormat.uncompressed))
-        {
-            /*
-             * RFC 4492 5.1. If the Supported Point Formats Extension is indeed sent, it MUST
-             * contain the value 0 (uncompressed) as one of the items in the list of point formats.
-             */
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-
-        return ecPointFormats;
-    }
-
-    public static String getNameOfNamedCurve(int namedCurve)
-    {
-        return isSupportedNamedCurve(namedCurve) ? CURVE_NAMES[namedCurve - 1] : null;
-    }
-
-    public static ECDomainParameters getParametersForNamedCurve(int namedCurve)
-    {
-        String curveName = getNameOfNamedCurve(namedCurve);
-        if (curveName == null)
-        {
-            return null;
-        }
-
-        // Parameters are lazily created the first time a particular curve is accessed
-
-        X9ECParameters ecP = CustomNamedCurves.getByName(curveName);
-        if (ecP == null)
-        {
-            ecP = ECNamedCurveTable.getByName(curveName);
-            if (ecP == null)
-            {
-                return null;
-            }
-        }
-
-        // It's a bit inefficient to do this conversion every time
-        return new ECDomainParameters(ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH(), ecP.getSeed());
-    }
-
-    public static boolean hasAnySupportedNamedCurves()
-    {
-        return CURVE_NAMES.length > 0;
-    }
-
-    public static boolean containsECCCipherSuites(int[] cipherSuites)
-    {
-        for (int i = 0; i < cipherSuites.length; ++i)
-        {
-            if (isECCCipherSuite(cipherSuites[i]))
-            {
-                return true;
-            }
-        }
-        return false;
-    }
-
-    public static boolean isECCCipherSuite(int cipherSuite)
-    {
-        switch (cipherSuite)
-        {
-        /*
-         * RFC 4492
-         */
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_NULL_SHA:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_RC4_128_SHA:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_NULL_SHA:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_ECDH_RSA_WITH_NULL_SHA:
-        case CipherSuite.TLS_ECDH_RSA_WITH_RC4_128_SHA:
-        case CipherSuite.TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_NULL_SHA:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_RC4_128_SHA:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_ECDH_anon_WITH_NULL_SHA:
-        case CipherSuite.TLS_ECDH_anon_WITH_RC4_128_SHA:
-        case CipherSuite.TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_ECDH_anon_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_ECDH_anon_WITH_AES_256_CBC_SHA:
-
-        /*
-         * RFC 5289
-         */
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384:
-
-        /*
-         * RFC 5489
-         */
-        case CipherSuite.TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA256:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA384:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_RC4_128_SHA:
-
-        /*
-         * RFC 6367
-         */
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384:
-
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-
-        case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
-
-        /*
-         * RFC 7251
-         */
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8:
-
-        /*
-         * draft-ietf-tls-chacha20-poly1305-04
-         */
-        case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
-
-        /*
-         * draft-zauner-tls-aes-ocb-04
-         */
-        case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_128_OCB:
-        case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_256_OCB:
-        case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_128_OCB:
-        case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_256_OCB:
-        case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_128_OCB:
-        case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_256_OCB:
-
-            return true;
-
-        default:
-            return false;
-        }
-    }
-
-    public static boolean areOnSameCurve(ECDomainParameters a, ECDomainParameters b)
-    {
-        return a != null && a.equals(b);
-    }
-
-    public static boolean isSupportedNamedCurve(int namedCurve)
-    {
-        return (namedCurve > 0 && namedCurve <= CURVE_NAMES.length);
-    }
-
-    public static boolean isCompressionPreferred(short[] ecPointFormats, short compressionFormat)
-    {
-        if (ecPointFormats == null)
-        {
-            return false;
-        }
-        for (int i = 0; i < ecPointFormats.length; ++i)
-        {
-            short ecPointFormat = ecPointFormats[i];
-            if (ecPointFormat == ECPointFormat.uncompressed)
-            {
-                return false;
-            }
-            if (ecPointFormat == compressionFormat)
-            {
-                return true;
-            }
-        }
-        return false;
-    }
-
-    public static byte[] serializeECFieldElement(int fieldSize, BigInteger x) throws IOException
-    {
-        return BigIntegers.asUnsignedByteArray((fieldSize + 7) / 8, x);
-    }
-
-    public static byte[] serializeECPoint(short[] ecPointFormats, ECPoint point) throws IOException
-    {
-        ECCurve curve = point.getCurve();
-
-        /*
-         * RFC 4492 5.7. ...an elliptic curve point in uncompressed or compressed format. Here, the
-         * format MUST conform to what the server has requested through a Supported Point Formats
-         * Extension if this extension was used, and MUST be uncompressed if this extension was not
-         * used.
-         */
-        boolean compressed = false;
-        if (ECAlgorithms.isFpCurve(curve))
-        {
-            compressed = isCompressionPreferred(ecPointFormats, ECPointFormat.ansiX962_compressed_prime);
-        }
-        else if (ECAlgorithms.isF2mCurve(curve))
-        {
-            compressed = isCompressionPreferred(ecPointFormats, ECPointFormat.ansiX962_compressed_char2);
-        }
-        return point.getEncoded(compressed);
-    }
-
-    public static byte[] serializeECPublicKey(short[] ecPointFormats, ECPublicKeyParameters keyParameters)
-        throws IOException
-    {
-        return serializeECPoint(ecPointFormats, keyParameters.getQ());
-    }
-
-    public static BigInteger deserializeECFieldElement(int fieldSize, byte[] encoding) throws IOException
-    {
-        int requiredLength = (fieldSize + 7) / 8;
-        if (encoding.length != requiredLength)
-        {
-            throw new TlsFatalAlert(AlertDescription.decode_error);
-        }
-        return new BigInteger(1, encoding);
-    }
-
-    public static ECPoint deserializeECPoint(short[] ecPointFormats, ECCurve curve, byte[] encoding) throws IOException
-    {
-        if (encoding == null || encoding.length < 1)
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-
-        short actualFormat;
-        switch (encoding[0])
-        {
-        case 0x02: // compressed
-        case 0x03: // compressed
-        {
-            if (ECAlgorithms.isF2mCurve(curve))
-            {
-                actualFormat = ECPointFormat.ansiX962_compressed_char2;
-            }
-            else if (ECAlgorithms.isFpCurve(curve))
-            {
-                actualFormat = ECPointFormat.ansiX962_compressed_prime;
-            }
-            else
-            {
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-            }
-            break;
-        }
-        case 0x04: // uncompressed
-        {
-            actualFormat = ECPointFormat.uncompressed;
-            break;
-        }
-        case 0x00: // infinity
-        case 0x06: // hybrid
-        case 0x07: // hybrid
-        default:
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-
-        if (actualFormat != ECPointFormat.uncompressed
-            && (ecPointFormats == null || !Arrays.contains(ecPointFormats, actualFormat)))
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-
-        return curve.decodePoint(encoding);
-    }
-
-    public static ECPublicKeyParameters deserializeECPublicKey(short[] ecPointFormats, ECDomainParameters curve_params,
-        byte[] encoding) throws IOException
-    {
-        try
-        {
-            ECPoint Y = deserializeECPoint(ecPointFormats, curve_params.getCurve(), encoding);
-            return new ECPublicKeyParameters(Y, curve_params);
-        }
-        catch (RuntimeException e)
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter, e);
-        }
-    }
-
-    public static byte[] calculateECDHBasicAgreement(ECPublicKeyParameters publicKey, ECPrivateKeyParameters privateKey)
-    {
-        ECDHBasicAgreement basicAgreement = new ECDHBasicAgreement();
-        basicAgreement.init(privateKey);
-        BigInteger agreementValue = basicAgreement.calculateAgreement(publicKey);
-
-        /*
-         * RFC 4492 5.10. Note that this octet string (Z in IEEE 1363 terminology) as output by
-         * FE2OSP, the Field Element to Octet String Conversion Primitive, has constant length for
-         * any given field; leading zeros found in this octet string MUST NOT be truncated.
-         */
-        return BigIntegers.asUnsignedByteArray(basicAgreement.getFieldSize(), agreementValue);
-    }
-
-    public static AsymmetricCipherKeyPair generateECKeyPair(SecureRandom random, ECDomainParameters ecParams)
-    {
-        ECKeyPairGenerator keyPairGenerator = new ECKeyPairGenerator();
-        keyPairGenerator.init(new ECKeyGenerationParameters(ecParams, random));
-        return keyPairGenerator.generateKeyPair();
-    }
-
-    public static ECPrivateKeyParameters generateEphemeralClientKeyExchange(SecureRandom random, short[] ecPointFormats,
-        ECDomainParameters ecParams, OutputStream output) throws IOException
-    {
-        AsymmetricCipherKeyPair kp = generateECKeyPair(random, ecParams);
-
-        ECPublicKeyParameters ecPublicKey = (ECPublicKeyParameters) kp.getPublic();
-        writeECPoint(ecPointFormats, ecPublicKey.getQ(), output);
-
-        return (ECPrivateKeyParameters) kp.getPrivate();
-    }
-
-    // TODO Refactor around ServerECDHParams before making this public
-    static ECPrivateKeyParameters generateEphemeralServerKeyExchange(SecureRandom random, int[] namedCurves,
-        short[] ecPointFormats, OutputStream output) throws IOException
-    {
-        /* First we try to find a supported named curve from the client's list. */
-        int namedCurve = -1;
-        if (namedCurves == null)
-        {
-            // TODO Let the peer choose the default named curve
-            namedCurve = NamedCurve.secp256r1;
-        }
-        else
-        {
-            for (int i = 0; i < namedCurves.length; ++i)
-            {
-                int entry = namedCurves[i];
-                if (NamedCurve.isValid(entry) && isSupportedNamedCurve(entry))
-                {
-                    namedCurve = entry;
-                    break;
-                }
-            }
-        }
-
-        ECDomainParameters ecParams = null;
-        if (namedCurve >= 0)
-        {
-            ecParams = getParametersForNamedCurve(namedCurve);
-        }
-        else
-        {
-            /* If no named curves are suitable, check if the client supports explicit curves. */
-            if (Arrays.contains(namedCurves, NamedCurve.arbitrary_explicit_prime_curves))
-            {
-                ecParams = getParametersForNamedCurve(NamedCurve.secp256r1);
-            }
-            else if (Arrays.contains(namedCurves, NamedCurve.arbitrary_explicit_char2_curves))
-            {
-                ecParams = getParametersForNamedCurve(NamedCurve.sect283r1);
-            }
-        }
-
-        if (ecParams == null)
-        {
-            /*
-             * NOTE: We shouldn't have negotiated ECDHE key exchange since we apparently can't find
-             * a suitable curve.
-             */
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        if (namedCurve < 0)
-        {
-            writeExplicitECParameters(ecPointFormats, ecParams, output);
-        }
-        else
-        {
-            writeNamedECParameters(namedCurve, output);
-        }
-
-        return generateEphemeralClientKeyExchange(random, ecPointFormats, ecParams, output);
-    }
-
-    public static ECPublicKeyParameters validateECPublicKey(ECPublicKeyParameters key) throws IOException
-    {
-        // TODO Check RFC 4492 for validation
-        return key;
-    }
-
-    public static int readECExponent(int fieldSize, InputStream input) throws IOException
-    {
-        BigInteger K = readECParameter(input);
-        if (K.bitLength() < 32)
-        {
-            int k = K.intValue();
-            if (k > 0 && k < fieldSize)
-            {
-                return k;
-            }
-        }
-        throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-    }
-
-    public static BigInteger readECFieldElement(int fieldSize, InputStream input) throws IOException
-    {
-        return deserializeECFieldElement(fieldSize, TlsUtils.readOpaque8(input));
-    }
-
-    public static BigInteger readECParameter(InputStream input) throws IOException
-    {
-        // TODO Are leading zeroes okay here?
-        return new BigInteger(1, TlsUtils.readOpaque8(input));
-    }
-
-    public static ECDomainParameters readECParameters(int[] namedCurves, short[] ecPointFormats, InputStream input)
-        throws IOException
-    {
-        try
-        {
-            short curveType = TlsUtils.readUint8(input);
-
-            switch (curveType)
-            {
-            case ECCurveType.explicit_prime:
-            {
-                checkNamedCurve(namedCurves, NamedCurve.arbitrary_explicit_prime_curves);
-
-                BigInteger prime_p = readECParameter(input);
-                BigInteger a = readECFieldElement(prime_p.bitLength(), input);
-                BigInteger b = readECFieldElement(prime_p.bitLength(), input);
-                byte[] baseEncoding = TlsUtils.readOpaque8(input);
-                BigInteger order = readECParameter(input);
-                BigInteger cofactor = readECParameter(input);
-                ECCurve curve = new ECCurve.Fp(prime_p, a, b, order, cofactor);
-                ECPoint base = deserializeECPoint(ecPointFormats, curve, baseEncoding);
-                return new ECDomainParameters(curve, base, order, cofactor);
-            }
-            case ECCurveType.explicit_char2:
-            {
-                checkNamedCurve(namedCurves, NamedCurve.arbitrary_explicit_char2_curves);
-
-                int m = TlsUtils.readUint16(input);
-                short basis = TlsUtils.readUint8(input);
-                if (!ECBasisType.isValid(basis))
-                {
-                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-                }
-
-                int k1 = readECExponent(m, input), k2 = -1, k3 = -1;
-                if (basis == ECBasisType.ec_basis_pentanomial)
-                {
-                    k2 = readECExponent(m, input);
-                    k3 = readECExponent(m, input);
-                }
-
-                BigInteger a = readECFieldElement(m, input);
-                BigInteger b = readECFieldElement(m, input);
-                byte[] baseEncoding = TlsUtils.readOpaque8(input);
-                BigInteger order = readECParameter(input);
-                BigInteger cofactor = readECParameter(input);
-
-                ECCurve curve = (basis == ECBasisType.ec_basis_pentanomial)
-                    ? new ECCurve.F2m(m, k1, k2, k3, a, b, order, cofactor)
-                    : new ECCurve.F2m(m, k1, a, b, order, cofactor);
-
-                ECPoint base = deserializeECPoint(ecPointFormats, curve, baseEncoding);
-
-                return new ECDomainParameters(curve, base, order, cofactor);
-            }
-            case ECCurveType.named_curve:
-            {
-                int namedCurve = TlsUtils.readUint16(input);
-                if (!NamedCurve.refersToASpecificNamedCurve(namedCurve))
-                {
-                    /*
-                     * RFC 4492 5.4. All those values of NamedCurve are allowed that refer to a
-                     * specific curve. Values of NamedCurve that indicate support for a class of
-                     * explicitly defined curves are not allowed here [...].
-                     */
-                    throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-                }
-
-                checkNamedCurve(namedCurves, namedCurve);
-
-                return getParametersForNamedCurve(namedCurve);
-            }
-            default:
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-            }
-        }
-        catch (RuntimeException e)
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter, e);
-        }
-    }
-
-    private static void checkNamedCurve(int[] namedCurves, int namedCurve) throws IOException
-    {
-        if (namedCurves != null && !Arrays.contains(namedCurves, namedCurve))
-        {
-            /*
-             * RFC 4492 4. [...] servers MUST NOT negotiate the use of an ECC cipher suite
-             * unless they can complete the handshake while respecting the choice of curves
-             * and compression techniques specified by the client.
-             */
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-    }
-
-    public static void writeECExponent(int k, OutputStream output) throws IOException
-    {
-        BigInteger K = BigInteger.valueOf(k);
-        writeECParameter(K, output);
-    }
-
-    public static void writeECFieldElement(ECFieldElement x, OutputStream output) throws IOException
-    {
-        TlsUtils.writeOpaque8(x.getEncoded(), output);
-    }
-
-    public static void writeECFieldElement(int fieldSize, BigInteger x, OutputStream output) throws IOException
-    {
-        TlsUtils.writeOpaque8(serializeECFieldElement(fieldSize, x), output);
-    }
-
-    public static void writeECParameter(BigInteger x, OutputStream output) throws IOException
-    {
-        TlsUtils.writeOpaque8(BigIntegers.asUnsignedByteArray(x), output);
-    }
-
-    public static void writeExplicitECParameters(short[] ecPointFormats, ECDomainParameters ecParameters,
-        OutputStream output) throws IOException
-    {
-        ECCurve curve = ecParameters.getCurve();
-
-        if (ECAlgorithms.isFpCurve(curve))
-        {
-            TlsUtils.writeUint8(ECCurveType.explicit_prime, output);
-
-            writeECParameter(curve.getField().getCharacteristic(), output);
-        }
-        else if (ECAlgorithms.isF2mCurve(curve))
-        {
-            PolynomialExtensionField field = (PolynomialExtensionField)curve.getField();
-            int[] exponents = field.getMinimalPolynomial().getExponentsPresent();
-
-            TlsUtils.writeUint8(ECCurveType.explicit_char2, output);
-
-            int m = exponents[exponents.length - 1];
-            TlsUtils.checkUint16(m);
-            TlsUtils.writeUint16(m, output);
-
-            if (exponents.length == 3)
-            {
-                TlsUtils.writeUint8(ECBasisType.ec_basis_trinomial, output);
-                writeECExponent(exponents[1], output);
-            }
-            else if (exponents.length == 5)
-            {
-                TlsUtils.writeUint8(ECBasisType.ec_basis_pentanomial, output);
-                writeECExponent(exponents[1], output);
-                writeECExponent(exponents[2], output);
-                writeECExponent(exponents[3], output);
-            }
-            else
-            {
-                throw new IllegalArgumentException("Only trinomial and pentomial curves are supported");
-            }
-        }
-        else
-        {
-            throw new IllegalArgumentException("'ecParameters' not a known curve type");
-        }
-
-        writeECFieldElement(curve.getA(), output);
-        writeECFieldElement(curve.getB(), output);
-        TlsUtils.writeOpaque8(serializeECPoint(ecPointFormats, ecParameters.getG()), output);
-        writeECParameter(ecParameters.getN(), output);
-        writeECParameter(ecParameters.getH(), output);
-    }
-
-    public static void writeECPoint(short[] ecPointFormats, ECPoint point, OutputStream output) throws IOException
-    {
-        TlsUtils.writeOpaque8(serializeECPoint(ecPointFormats, point), output);
-    }
-
-    public static void writeNamedECParameters(int namedCurve, OutputStream output) throws IOException
-    {
-        if (!NamedCurve.refersToASpecificNamedCurve(namedCurve))
-        {
-            /*
-             * RFC 4492 5.4. All those values of NamedCurve are allowed that refer to a specific
-             * curve. Values of NamedCurve that indicate support for a class of explicitly defined
-             * curves are not allowed here [...].
-             */
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        TlsUtils.writeUint8(ECCurveType.named_curve, output);
-        TlsUtils.checkUint16(namedCurve);
-        TlsUtils.writeUint16(namedCurve, output);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsECDHEKeyExchange.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsECDHEKeyExchange.java
deleted file mode 100644
index 3a9a5f3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsECDHEKeyExchange.java
+++ /dev/null

@@ -1,140 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.Vector;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.util.io.TeeInputStream;
-
-/**
- * (D)TLS ECDHE key exchange (see RFC 4492).
- */
-public class TlsECDHEKeyExchange
-    extends TlsECDHKeyExchange
-{
-    protected TlsSignerCredentials serverCredentials = null;
-
-    public TlsECDHEKeyExchange(int keyExchange, Vector supportedSignatureAlgorithms, int[] namedCurves,
-        short[] clientECPointFormats, short[] serverECPointFormats)
-    {
-        super(keyExchange, supportedSignatureAlgorithms, namedCurves, clientECPointFormats, serverECPointFormats);
-    }
-
-    public void processServerCredentials(TlsCredentials serverCredentials)
-        throws IOException
-    {
-        if (!(serverCredentials instanceof TlsSignerCredentials))
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        processServerCertificate(serverCredentials.getCertificate());
-
-        this.serverCredentials = (TlsSignerCredentials)serverCredentials;
-    }
-
-    public byte[] generateServerKeyExchange()
-        throws IOException
-    {
-        DigestInputBuffer buf = new DigestInputBuffer();
-
-        this.ecAgreePrivateKey = TlsECCUtils.generateEphemeralServerKeyExchange(context.getSecureRandom(), namedCurves,
-            clientECPointFormats, buf);
-
-        /*
-         * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
-         */
-        SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtils.getSignatureAndHashAlgorithm(
-            context, serverCredentials);
-
-        Digest d = TlsUtils.createHash(signatureAndHashAlgorithm);
-
-        SecurityParameters securityParameters = context.getSecurityParameters();
-        d.update(securityParameters.clientRandom, 0, securityParameters.clientRandom.length);
-        d.update(securityParameters.serverRandom, 0, securityParameters.serverRandom.length);
-        buf.updateDigest(d);
-
-        byte[] hash = new byte[d.getDigestSize()];
-        d.doFinal(hash, 0);
-
-        byte[] signature = serverCredentials.generateCertificateSignature(hash);
-
-        DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);
-        signed_params.encode(buf);
-
-        return buf.toByteArray();
-    }
-
-    public void processServerKeyExchange(InputStream input)
-        throws IOException
-    {
-        SecurityParameters securityParameters = context.getSecurityParameters();
-
-        SignerInputBuffer buf = new SignerInputBuffer();
-        InputStream teeIn = new TeeInputStream(input, buf);
-
-        ECDomainParameters curve_params = TlsECCUtils.readECParameters(namedCurves, clientECPointFormats, teeIn);
-
-        byte[] point = TlsUtils.readOpaque8(teeIn);
-
-        DigitallySigned signed_params = parseSignature(input);
-
-        Signer signer = initVerifyer(tlsSigner, signed_params.getAlgorithm(), securityParameters);
-        buf.updateSigner(signer);
-        if (!signer.verifySignature(signed_params.getSignature()))
-        {
-            throw new TlsFatalAlert(AlertDescription.decrypt_error);
-        }
-
-        this.ecAgreePublicKey = TlsECCUtils.validateECPublicKey(TlsECCUtils.deserializeECPublicKey(
-            clientECPointFormats, curve_params, point));
-    }
-
-    public void validateCertificateRequest(CertificateRequest certificateRequest)
-        throws IOException
-    {
-        /*
-         * RFC 4492 3. [...] The ECDSA_fixed_ECDH and RSA_fixed_ECDH mechanisms are usable with
-         * ECDH_ECDSA and ECDH_RSA. Their use with ECDHE_ECDSA and ECDHE_RSA is prohibited because
-         * the use of a long-term ECDH client key would jeopardize the forward secrecy property of
-         * these algorithms.
-         */
-        short[] types = certificateRequest.getCertificateTypes();
-        for (int i = 0; i < types.length; ++i)
-        {
-            switch (types[i])
-            {
-            case ClientCertificateType.rsa_sign:
-            case ClientCertificateType.dss_sign:
-            case ClientCertificateType.ecdsa_sign:
-                break;
-            default:
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-            }
-        }
-    }
-
-    public void processClientCredentials(TlsCredentials clientCredentials)
-        throws IOException
-    {
-        if (clientCredentials instanceof TlsSignerCredentials)
-        {
-            // OK
-        }
-        else
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    protected Signer initVerifyer(TlsSigner tlsSigner, SignatureAndHashAlgorithm algorithm, SecurityParameters securityParameters)
-    {
-        Signer signer = tlsSigner.createVerifyer(algorithm, this.serverPublicKey);
-        signer.update(securityParameters.clientRandom, 0, securityParameters.clientRandom.length);
-        signer.update(securityParameters.serverRandom, 0, securityParameters.serverRandom.length);
-        return signer;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsECDHKeyExchange.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsECDHKeyExchange.java
deleted file mode 100644
index 50bf1c3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsECDHKeyExchange.java
+++ /dev/null

@@ -1,276 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.util.Vector;
-
-import org.bouncycastle.asn1.x509.KeyUsage;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.util.PublicKeyFactory;
-
-/**
- * (D)TLS ECDH key exchange (see RFC 4492).
- */
-public class TlsECDHKeyExchange extends AbstractTlsKeyExchange
-{
-    protected TlsSigner tlsSigner;
-    protected int[] namedCurves;
-    protected short[] clientECPointFormats, serverECPointFormats;
-
-    protected AsymmetricKeyParameter serverPublicKey;
-    protected TlsAgreementCredentials agreementCredentials;
-
-    protected ECPrivateKeyParameters ecAgreePrivateKey;
-    protected ECPublicKeyParameters ecAgreePublicKey;
-
-    public TlsECDHKeyExchange(int keyExchange, Vector supportedSignatureAlgorithms, int[] namedCurves,
-        short[] clientECPointFormats, short[] serverECPointFormats)
-    {
-        super(keyExchange, supportedSignatureAlgorithms);
-
-        switch (keyExchange)
-        {
-        case KeyExchangeAlgorithm.ECDHE_RSA:
-            this.tlsSigner = new TlsRSASigner();
-            break;
-        case KeyExchangeAlgorithm.ECDHE_ECDSA:
-            this.tlsSigner = new TlsECDSASigner();
-            break;
-        case KeyExchangeAlgorithm.ECDH_anon:
-        case KeyExchangeAlgorithm.ECDH_RSA:
-        case KeyExchangeAlgorithm.ECDH_ECDSA:
-            this.tlsSigner = null;
-            break;
-        default:
-            throw new IllegalArgumentException("unsupported key exchange algorithm");
-        }
-
-        this.namedCurves = namedCurves;
-        this.clientECPointFormats = clientECPointFormats;
-        this.serverECPointFormats = serverECPointFormats;
-    }
-
-    public void init(TlsContext context)
-    {
-        super.init(context);
-
-        if (this.tlsSigner != null)
-        {
-            this.tlsSigner.init(context);
-        }
-    }
-
-    public void skipServerCredentials() throws IOException
-    {
-        if (keyExchange != KeyExchangeAlgorithm.ECDH_anon)
-        {
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-    }
-
-    public void processServerCertificate(Certificate serverCertificate) throws IOException
-    {
-        if (keyExchange == KeyExchangeAlgorithm.ECDH_anon)
-        {
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-        if (serverCertificate.isEmpty())
-        {
-            throw new TlsFatalAlert(AlertDescription.bad_certificate);
-        }
-
-        org.bouncycastle.asn1.x509.Certificate x509Cert = serverCertificate.getCertificateAt(0);
-
-        SubjectPublicKeyInfo keyInfo = x509Cert.getSubjectPublicKeyInfo();
-        try
-        {
-            this.serverPublicKey = PublicKeyFactory.createKey(keyInfo);
-        }
-        catch (RuntimeException e)
-        {
-            throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e);
-        }
-
-        if (tlsSigner == null)
-        {
-            try
-            {
-                this.ecAgreePublicKey = TlsECCUtils.validateECPublicKey((ECPublicKeyParameters) this.serverPublicKey);
-            }
-            catch (ClassCastException e)
-            {
-                throw new TlsFatalAlert(AlertDescription.certificate_unknown, e);
-            }
-
-            TlsUtils.validateKeyUsage(x509Cert, KeyUsage.keyAgreement);
-        }
-        else
-        {
-            if (!tlsSigner.isValidPublicKey(this.serverPublicKey))
-            {
-                throw new TlsFatalAlert(AlertDescription.certificate_unknown);
-            }
-
-            TlsUtils.validateKeyUsage(x509Cert, KeyUsage.digitalSignature);
-        }
-
-        super.processServerCertificate(serverCertificate);
-    }
-
-    public boolean requiresServerKeyExchange()
-    {
-        switch (keyExchange)
-        {
-        case KeyExchangeAlgorithm.ECDH_anon:
-        case KeyExchangeAlgorithm.ECDHE_ECDSA:
-        case KeyExchangeAlgorithm.ECDHE_RSA:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    public byte[] generateServerKeyExchange()
-        throws IOException
-    {
-        if (!requiresServerKeyExchange())
-        {
-            return null;
-        }
-
-        // ECDH_anon is handled here, ECDHE_* in a subclass
-
-        ByteArrayOutputStream buf = new ByteArrayOutputStream();
-        this.ecAgreePrivateKey = TlsECCUtils.generateEphemeralServerKeyExchange(context.getSecureRandom(), namedCurves,
-            clientECPointFormats, buf);
-        return buf.toByteArray();
-    }
-
-    public void processServerKeyExchange(InputStream input)
-        throws IOException
-    {
-        if (!requiresServerKeyExchange())
-        {
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-
-        // ECDH_anon is handled here, ECDHE_* in a subclass
-
-        ECDomainParameters curve_params = TlsECCUtils.readECParameters(namedCurves, clientECPointFormats, input);
-
-        byte[] point = TlsUtils.readOpaque8(input);
-
-        this.ecAgreePublicKey = TlsECCUtils.validateECPublicKey(TlsECCUtils.deserializeECPublicKey(
-            clientECPointFormats, curve_params, point));
-    }
-
-    public void validateCertificateRequest(CertificateRequest certificateRequest) throws IOException
-    {
-        if (keyExchange == KeyExchangeAlgorithm.ECDH_anon)
-        {
-            throw new TlsFatalAlert(AlertDescription.handshake_failure);
-        }
-
-        /*
-         * RFC 4492 3. [...] The ECDSA_fixed_ECDH and RSA_fixed_ECDH mechanisms are usable with
-         * ECDH_ECDSA and ECDH_RSA. Their use with ECDHE_ECDSA and ECDHE_RSA is prohibited because
-         * the use of a long-term ECDH client key would jeopardize the forward secrecy property of
-         * these algorithms.
-         */
-        short[] types = certificateRequest.getCertificateTypes();
-        for (int i = 0; i < types.length; ++i)
-        {
-            switch (types[i])
-            {
-            case ClientCertificateType.rsa_sign:
-            case ClientCertificateType.dss_sign:
-            case ClientCertificateType.ecdsa_sign:
-            case ClientCertificateType.rsa_fixed_ecdh:
-            case ClientCertificateType.ecdsa_fixed_ecdh:
-                break;
-            default:
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-            }
-        }
-    }
-
-    public void processClientCredentials(TlsCredentials clientCredentials) throws IOException
-    {
-        if (keyExchange == KeyExchangeAlgorithm.ECDH_anon)
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        if (clientCredentials instanceof TlsAgreementCredentials)
-        {
-            // TODO Validate client cert has matching parameters (see 'TlsECCUtils.areOnSameCurve')?
-
-            this.agreementCredentials = (TlsAgreementCredentials)clientCredentials;
-        }
-        else if (clientCredentials instanceof TlsSignerCredentials)
-        {
-            // OK
-        }
-        else
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    public void generateClientKeyExchange(OutputStream output) throws IOException
-    {
-        if (agreementCredentials == null)
-        {
-            this.ecAgreePrivateKey = TlsECCUtils.generateEphemeralClientKeyExchange(context.getSecureRandom(),
-                serverECPointFormats, ecAgreePublicKey.getParameters(), output);
-        }
-    }
-
-    public void processClientCertificate(Certificate clientCertificate) throws IOException
-    {
-        if (keyExchange == KeyExchangeAlgorithm.ECDH_anon)
-        {
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-
-        // TODO Extract the public key
-        // TODO If the certificate is 'fixed', take the public key as ecAgreeClientPublicKey
-    }
-
-    public void processClientKeyExchange(InputStream input) throws IOException
-    {
-        if (ecAgreePublicKey != null)
-        {
-            // For ecdsa_fixed_ecdh and rsa_fixed_ecdh, the key arrived in the client certificate
-            return;
-        }
-
-        byte[] point = TlsUtils.readOpaque8(input);
-
-        ECDomainParameters curve_params = this.ecAgreePrivateKey.getParameters();
-
-        this.ecAgreePublicKey = TlsECCUtils.validateECPublicKey(TlsECCUtils.deserializeECPublicKey(
-            serverECPointFormats, curve_params, point));
-    }
-
-    public byte[] generatePremasterSecret() throws IOException
-    {
-        if (agreementCredentials != null)
-        {
-            return agreementCredentials.generateAgreement(ecAgreePublicKey);
-        }
-
-        if (ecAgreePrivateKey != null)
-        {
-            return TlsECCUtils.calculateECDHBasicAgreement(ecAgreePublicKey, ecAgreePrivateKey);
-        }
-
-        throw new TlsFatalAlert(AlertDescription.internal_error);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsECDSASigner.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsECDSASigner.java
deleted file mode 100644
index aa4c546..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsECDSASigner.java
+++ /dev/null

@@ -1,26 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import org.bouncycastle.crypto.DSA;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.signers.ECDSASigner;
-import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
-
-public class TlsECDSASigner
-    extends TlsDSASigner
-{
-    public boolean isValidPublicKey(AsymmetricKeyParameter publicKey)
-    {
-        return publicKey instanceof ECPublicKeyParameters;
-    }
-
-    protected DSA createDSAImpl(short hashAlgorithm)
-    {
-        return new ECDSASigner(new HMacDSAKCalculator(TlsUtils.createHash(hashAlgorithm)));
-    }
-
-    protected short getSignatureAlgorithm()
-    {
-        return SignatureAlgorithm.ecdsa;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsEncryptionCredentials.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsEncryptionCredentials.java
deleted file mode 100644
index f292896..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsEncryptionCredentials.java
+++ /dev/null

@@ -1,9 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-
-public interface TlsEncryptionCredentials extends TlsCredentials
-{
-    byte[] decryptPreMasterSecret(byte[] encryptedPreMasterSecret)
-        throws IOException;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsException.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsException.java
deleted file mode 100644
index 97b2831..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsException.java
+++ /dev/null

@@ -1,22 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-
-public class TlsException
-    extends IOException
-{
-    // TODO Some day we might be able to just pass this down to IOException (1.6+)
-    protected Throwable cause;
-
-    public TlsException(String message, Throwable cause)
-    {
-        super(message);
-
-        this.cause = cause;
-    }
-
-    public Throwable getCause()
-    {
-        return cause;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsExtensionsUtils.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsExtensionsUtils.java
deleted file mode 100644
index 28309c5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsExtensionsUtils.java
+++ /dev/null

@@ -1,319 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.util.Hashtable;
-
-import org.bouncycastle.util.Integers;
-
-public class TlsExtensionsUtils
-{
-    public static final Integer EXT_encrypt_then_mac = Integers.valueOf(ExtensionType.encrypt_then_mac);
-    public static final Integer EXT_extended_master_secret = Integers.valueOf(ExtensionType.extended_master_secret);
-    public static final Integer EXT_heartbeat = Integers.valueOf(ExtensionType.heartbeat);
-    public static final Integer EXT_max_fragment_length = Integers.valueOf(ExtensionType.max_fragment_length);
-    public static final Integer EXT_padding = Integers.valueOf(ExtensionType.padding);
-    public static final Integer EXT_server_name = Integers.valueOf(ExtensionType.server_name);
-    public static final Integer EXT_status_request = Integers.valueOf(ExtensionType.status_request);
-    public static final Integer EXT_truncated_hmac = Integers.valueOf(ExtensionType.truncated_hmac);
-
-    public static Hashtable ensureExtensionsInitialised(Hashtable extensions)
-    {
-        return extensions == null ? new Hashtable() : extensions;
-    }
-
-    public static void addEncryptThenMACExtension(Hashtable extensions)
-    {
-        extensions.put(EXT_encrypt_then_mac, createEncryptThenMACExtension());
-    }
-
-    public static void addExtendedMasterSecretExtension(Hashtable extensions)
-    {
-        extensions.put(EXT_extended_master_secret, createExtendedMasterSecretExtension());
-    }
-
-    public static void addHeartbeatExtension(Hashtable extensions, HeartbeatExtension heartbeatExtension)
-        throws IOException
-    {
-        extensions.put(EXT_heartbeat, createHeartbeatExtension(heartbeatExtension));
-    }
-
-    public static void addMaxFragmentLengthExtension(Hashtable extensions, short maxFragmentLength)
-        throws IOException
-    {
-        extensions.put(EXT_max_fragment_length, createMaxFragmentLengthExtension(maxFragmentLength));
-    }
-
-    public static void addPaddingExtension(Hashtable extensions, int dataLength)
-        throws IOException
-    {
-        extensions.put(EXT_padding, createPaddingExtension(dataLength));
-    }
-
-    public static void addServerNameExtension(Hashtable extensions, ServerNameList serverNameList)
-        throws IOException
-    {
-        extensions.put(EXT_server_name, createServerNameExtension(serverNameList));
-    }
-
-    public static void addStatusRequestExtension(Hashtable extensions, CertificateStatusRequest statusRequest)
-        throws IOException
-    {
-        extensions.put(EXT_status_request, createStatusRequestExtension(statusRequest));
-    }
-
-    public static void addTruncatedHMacExtension(Hashtable extensions)
-    {
-        extensions.put(EXT_truncated_hmac, createTruncatedHMacExtension());
-    }
-
-    public static HeartbeatExtension getHeartbeatExtension(Hashtable extensions)
-        throws IOException
-    {
-        byte[] extensionData = TlsUtils.getExtensionData(extensions, EXT_heartbeat);
-        return extensionData == null ? null : readHeartbeatExtension(extensionData);
-    }
-
-    public static short getMaxFragmentLengthExtension(Hashtable extensions)
-        throws IOException
-    {
-        byte[] extensionData = TlsUtils.getExtensionData(extensions, EXT_max_fragment_length);
-        return extensionData == null ? -1 : readMaxFragmentLengthExtension(extensionData);
-    }
-
-    public static int getPaddingExtension(Hashtable extensions)
-        throws IOException
-    {
-        byte[] extensionData = TlsUtils.getExtensionData(extensions, EXT_padding);
-        return extensionData == null ? -1 : readPaddingExtension(extensionData);
-    }
-
-    public static ServerNameList getServerNameExtension(Hashtable extensions)
-        throws IOException
-    {
-        byte[] extensionData = TlsUtils.getExtensionData(extensions, EXT_server_name);
-        return extensionData == null ? null : readServerNameExtension(extensionData);
-    }
-
-    public static CertificateStatusRequest getStatusRequestExtension(Hashtable extensions)
-        throws IOException
-    {
-        byte[] extensionData = TlsUtils.getExtensionData(extensions, EXT_status_request);
-        return extensionData == null ? null : readStatusRequestExtension(extensionData);
-    }
-
-    public static boolean hasEncryptThenMACExtension(Hashtable extensions) throws IOException
-    {
-        byte[] extensionData = TlsUtils.getExtensionData(extensions, EXT_encrypt_then_mac);
-        return extensionData == null ? false : readEncryptThenMACExtension(extensionData);
-    }
-
-    public static boolean hasExtendedMasterSecretExtension(Hashtable extensions) throws IOException
-    {
-        byte[] extensionData = TlsUtils.getExtensionData(extensions, EXT_extended_master_secret);
-        return extensionData == null ? false : readExtendedMasterSecretExtension(extensionData);
-    }
-
-    public static boolean hasTruncatedHMacExtension(Hashtable extensions) throws IOException
-    {
-        byte[] extensionData = TlsUtils.getExtensionData(extensions, EXT_truncated_hmac);
-        return extensionData == null ? false : readTruncatedHMacExtension(extensionData);
-    }
-
-    public static byte[] createEmptyExtensionData()
-    {
-        return TlsUtils.EMPTY_BYTES;
-    }
-
-    public static byte[] createEncryptThenMACExtension()
-    {
-        return createEmptyExtensionData();
-    }
-
-    public static byte[] createExtendedMasterSecretExtension()
-    {
-        return createEmptyExtensionData();
-    }
-
-    public static byte[] createHeartbeatExtension(HeartbeatExtension heartbeatExtension)
-        throws IOException
-    {
-        if (heartbeatExtension == null)
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        ByteArrayOutputStream buf = new ByteArrayOutputStream();
-
-        heartbeatExtension.encode(buf);
-
-        return buf.toByteArray();
-    }
-
-    public static byte[] createMaxFragmentLengthExtension(short maxFragmentLength)
-        throws IOException
-    {
-        TlsUtils.checkUint8(maxFragmentLength);
-
-        byte[] extensionData = new byte[1];
-        TlsUtils.writeUint8(maxFragmentLength, extensionData, 0);
-        return extensionData;
-    }
-
-    public static byte[] createPaddingExtension(int dataLength)
-        throws IOException
-    {
-        TlsUtils.checkUint16(dataLength);
-        return new byte[dataLength];
-    }
-
-    public static byte[] createServerNameExtension(ServerNameList serverNameList)
-        throws IOException
-    {
-        if (serverNameList == null)
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-        
-        ByteArrayOutputStream buf = new ByteArrayOutputStream();
-        
-        serverNameList.encode(buf);
-
-        return buf.toByteArray();
-    }
-
-    public static byte[] createStatusRequestExtension(CertificateStatusRequest statusRequest)
-        throws IOException
-    {
-        if (statusRequest == null)
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        ByteArrayOutputStream buf = new ByteArrayOutputStream();
-
-        statusRequest.encode(buf);
-
-        return buf.toByteArray();
-    }
-
-    public static byte[] createTruncatedHMacExtension()
-    {
-        return createEmptyExtensionData();
-    }
-
-    private static boolean readEmptyExtensionData(byte[] extensionData) throws IOException
-    {
-        if (extensionData == null)
-        {
-            throw new IllegalArgumentException("'extensionData' cannot be null");
-        }
-
-        if (extensionData.length != 0)
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-
-        return true;
-    }
-
-    public static boolean readEncryptThenMACExtension(byte[] extensionData) throws IOException
-    {
-        return readEmptyExtensionData(extensionData);
-    }
-
-    public static boolean readExtendedMasterSecretExtension(byte[] extensionData) throws IOException
-    {
-        return readEmptyExtensionData(extensionData);
-    }
-
-    public static HeartbeatExtension readHeartbeatExtension(byte[] extensionData)
-        throws IOException
-    {
-        if (extensionData == null)
-        {
-            throw new IllegalArgumentException("'extensionData' cannot be null");
-        }
-
-        ByteArrayInputStream buf = new ByteArrayInputStream(extensionData);
-
-        HeartbeatExtension heartbeatExtension = HeartbeatExtension.parse(buf);
-
-        TlsProtocol.assertEmpty(buf);
-
-        return heartbeatExtension;
-    }
-
-    public static short readMaxFragmentLengthExtension(byte[] extensionData)
-        throws IOException
-    {
-        if (extensionData == null)
-        {
-            throw new IllegalArgumentException("'extensionData' cannot be null");
-        }
-
-        if (extensionData.length != 1)
-        {
-            throw new TlsFatalAlert(AlertDescription.decode_error);
-        }
-
-        return TlsUtils.readUint8(extensionData, 0);
-    }
-
-    public static int readPaddingExtension(byte[] extensionData)
-        throws IOException
-    {
-        if (extensionData == null)
-        {
-            throw new IllegalArgumentException("'extensionData' cannot be null");
-        }
-        for (int i = 0; i < extensionData.length; ++i)
-        {
-            if (extensionData[i] != 0)
-            {
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-            }
-        }
-        return extensionData.length;
-    }
-
-    public static ServerNameList readServerNameExtension(byte[] extensionData)
-        throws IOException
-    {
-        if (extensionData == null)
-        {
-            throw new IllegalArgumentException("'extensionData' cannot be null");
-        }
-
-        ByteArrayInputStream buf = new ByteArrayInputStream(extensionData);
-
-        ServerNameList serverNameList = ServerNameList.parse(buf);
-
-        TlsProtocol.assertEmpty(buf);
-
-        return serverNameList;
-    }
-
-    public static CertificateStatusRequest readStatusRequestExtension(byte[] extensionData)
-        throws IOException
-    {
-        if (extensionData == null)
-        {
-            throw new IllegalArgumentException("'extensionData' cannot be null");
-        }
-
-        ByteArrayInputStream buf = new ByteArrayInputStream(extensionData);
-
-        CertificateStatusRequest statusRequest = CertificateStatusRequest.parse(buf);
-
-        TlsProtocol.assertEmpty(buf);
-
-        return statusRequest;
-    }
-
-    public static boolean readTruncatedHMacExtension(byte[] extensionData) throws IOException
-    {
-        return readEmptyExtensionData(extensionData);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsFatalAlert.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsFatalAlert.java
deleted file mode 100644
index 2aaed2b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsFatalAlert.java
+++ /dev/null

@@ -1,24 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-public class TlsFatalAlert
-    extends TlsException
-{
-    protected short alertDescription;
-
-    public TlsFatalAlert(short alertDescription)
-    {
-        this(alertDescription, null);
-    }
-
-    public TlsFatalAlert(short alertDescription, Throwable alertCause)
-    {
-        super(AlertDescription.getText(alertDescription), alertCause);
-
-        this.alertDescription = alertDescription;
-    }
-
-    public short getAlertDescription()
-    {
-        return alertDescription;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsFatalAlertReceived.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsFatalAlertReceived.java
deleted file mode 100644
index 964e0ea..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsFatalAlertReceived.java
+++ /dev/null

@@ -1,19 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-public class TlsFatalAlertReceived
-    extends TlsException
-{
-    protected short alertDescription;
-
-    public TlsFatalAlertReceived(short alertDescription)
-    {
-        super(AlertDescription.getText(alertDescription), null);
-
-        this.alertDescription = alertDescription;
-    }
-
-    public short getAlertDescription()
-    {
-        return alertDescription;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsHandshakeHash.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsHandshakeHash.java
deleted file mode 100644
index 4ccfe72..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsHandshakeHash.java
+++ /dev/null

@@ -1,21 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import org.bouncycastle.crypto.Digest;
-
-public interface TlsHandshakeHash
-    extends Digest
-{
-    void init(TlsContext context);
-
-    TlsHandshakeHash notifyPRFDetermined();
-
-    void trackHashAlgorithm(short hashAlgorithm);
-
-    void sealHashAlgorithms();
-
-    TlsHandshakeHash stopTracking();
-
-    Digest forkPRFHash();
-
-    byte[] getFinalHash(short hashAlgorithm);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsInputStream.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsInputStream.java
deleted file mode 100644
index a2cf74e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsInputStream.java
+++ /dev/null

@@ -1,47 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-/**
- * An InputStream for an TLS 1.0 connection.
- */
-class TlsInputStream
-    extends InputStream
-{
-    private byte[] buf = new byte[1];
-    private TlsProtocol handler = null;
-
-    TlsInputStream(TlsProtocol handler)
-    {
-        this.handler = handler;
-    }
-
-    public int available()
-        throws IOException
-    {
-        return this.handler.applicationDataAvailable();
-    }
-
-    public int read(byte[] buf, int offset, int len)
-        throws IOException
-    {
-        return this.handler.readApplicationData(buf, offset, len);
-    }
-
-    public int read()
-        throws IOException
-    {
-        if (this.read(buf) < 0)
-        {
-            return -1;
-        }
-        return buf[0] & 0xff;
-    }
-
-    public void close()
-        throws IOException
-    {
-        handler.close();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsKeyExchange.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsKeyExchange.java
deleted file mode 100644
index 83cd0b7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsKeyExchange.java
+++ /dev/null

@@ -1,54 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-
-/**
- * A generic interface for key exchange implementations in (D)TLS.
- */
-public interface TlsKeyExchange
-{
-    void init(TlsContext context);
-
-    void skipServerCredentials()
-        throws IOException;
-
-    void processServerCredentials(TlsCredentials serverCredentials)
-        throws IOException;
-
-    void processServerCertificate(Certificate serverCertificate)
-        throws IOException;
-
-    boolean requiresServerKeyExchange();
-
-    byte[] generateServerKeyExchange()
-        throws IOException;
-
-    void skipServerKeyExchange()
-        throws IOException;
-
-    void processServerKeyExchange(InputStream input)
-        throws IOException;
-
-    void validateCertificateRequest(CertificateRequest certificateRequest)
-        throws IOException;
-
-    void skipClientCredentials()
-        throws IOException;
-
-    void processClientCredentials(TlsCredentials clientCredentials)
-        throws IOException;
-
-    void processClientCertificate(Certificate clientCertificate)
-        throws IOException;
-
-    void generateClientKeyExchange(OutputStream output)
-        throws IOException;
-
-    void processClientKeyExchange(InputStream input)
-        throws IOException;
-
-    byte[] generatePremasterSecret()
-        throws IOException;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsMac.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsMac.java
deleted file mode 100644
index 00e0c79..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsMac.java
+++ /dev/null

@@ -1,172 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.digests.LongDigest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.util.Arrays;
-
-/**
- * A generic TLS MAC implementation, acting as an HMAC based on some underlying Digest.
- */
-public class TlsMac
-{
-    protected TlsContext context;
-    protected byte[] secret;
-    protected Mac mac;
-    protected int digestBlockSize;
-    protected int digestOverhead;
-    protected int macLength;
-
-    /**
-     * Generate a new instance of an TlsMac.
-     *
-     * @param context the TLS client context
-     * @param digest  The digest to use.
-     * @param key     A byte-array where the key for this MAC is located.
-     * @param keyOff  The number of bytes to skip, before the key starts in the buffer.
-     * @param keyLen  The length of the key.
-     */
-    public TlsMac(TlsContext context, Digest digest, byte[] key, int keyOff, int keyLen)
-    {
-        this.context = context;
-
-        KeyParameter keyParameter = new KeyParameter(key, keyOff, keyLen);
-
-        this.secret = Arrays.clone(keyParameter.getKey());
-
-        // TODO This should check the actual algorithm, not rely on the engine type
-        if (digest instanceof LongDigest)
-        {
-            this.digestBlockSize = 128;
-            this.digestOverhead = 16;
-        }
-        else
-        {
-            this.digestBlockSize = 64;
-            this.digestOverhead = 8;
-        }
-
-        if (TlsUtils.isSSL(context))
-        {
-            this.mac = new SSL3Mac(digest);
-
-            // TODO This should check the actual algorithm, not assume based on the digest size
-            if (digest.getDigestSize() == 20)
-            {
-                /*
-                 * NOTE: When SHA-1 is used with the SSL 3.0 MAC, the secret + input pad is not
-                 * digest block-aligned.
-                 */
-                this.digestOverhead = 4;
-            }
-        }
-        else
-        {
-            this.mac = new HMac(digest);
-
-            // NOTE: The input pad for HMAC is always a full digest block
-        }
-
-        this.mac.init(keyParameter);
-
-        this.macLength = mac.getMacSize();
-        if (context.getSecurityParameters().truncatedHMac)
-        {
-            this.macLength = Math.min(this.macLength, 10);
-        }
-    }
-
-    /**
-     * @return the MAC write secret
-     */
-    public byte[] getMACSecret()
-    {
-        return this.secret;
-    }
-
-    /**
-     * @return The output length of this MAC.
-     */
-    public int getSize()
-    {
-        return macLength;
-    }
-
-    /**
-     * Calculate the MAC for some given data.
-     *
-     * @param type    The message type of the message.
-     * @param message A byte-buffer containing the message.
-     * @param offset  The number of bytes to skip, before the message starts.
-     * @param length  The length of the message.
-     * @return A new byte-buffer containing the MAC value.
-     */
-    public byte[] calculateMac(long seqNo, short type, byte[] message, int offset, int length)
-    {
-        ProtocolVersion serverVersion = context.getServerVersion();
-        boolean isSSL = serverVersion.isSSL();
-
-        byte[] macHeader = new byte[isSSL ? 11 : 13];
-        TlsUtils.writeUint64(seqNo, macHeader, 0);
-        TlsUtils.writeUint8(type, macHeader, 8);
-        if (!isSSL)
-        {
-            TlsUtils.writeVersion(serverVersion, macHeader, 9);
-        }
-        TlsUtils.writeUint16(length, macHeader, macHeader.length - 2);
-
-        mac.update(macHeader, 0, macHeader.length);
-        mac.update(message, offset, length);
-
-        byte[] result = new byte[mac.getMacSize()];
-        mac.doFinal(result, 0);
-        return truncate(result);
-    }
-
-    public byte[] calculateMacConstantTime(long seqNo, short type, byte[] message, int offset, int length,
-        int fullLength, byte[] dummyData)
-    {
-        /*
-         * Actual MAC only calculated on 'length' bytes...
-         */
-        byte[] result = calculateMac(seqNo, type, message, offset, length);
-
-        /*
-         * ...but ensure a constant number of complete digest blocks are processed (as many as would
-         * be needed for 'fullLength' bytes of input).
-         */
-        int headerLength = TlsUtils.isSSL(context) ? 11 : 13;
-
-        // How many extra full blocks do we need to calculate?
-        int extra = getDigestBlockCount(headerLength + fullLength) - getDigestBlockCount(headerLength + length);
-
-        while (--extra >= 0)
-        {
-            mac.update(dummyData, 0, digestBlockSize);
-        }
-
-        // One more byte in case the implementation is "lazy" about processing blocks
-        mac.update(dummyData[0]);
-        mac.reset();
-
-        return result;
-    }
-
-    protected int getDigestBlockCount(int inputLength)
-    {
-        // NOTE: This calculation assumes a minimum of 1 pad byte
-        return (inputLength + digestOverhead) / digestBlockSize;
-    }
-
-    protected byte[] truncate(byte[] bs)
-    {
-        if (bs.length <= macLength)
-        {
-            return bs;
-        }
-
-        return Arrays.copyOf(bs, macLength);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsNullCipher.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsNullCipher.java
deleted file mode 100644
index d1f6986..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsNullCipher.java
+++ /dev/null

@@ -1,123 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.util.Arrays;
-
-/**
- * A NULL CipherSuite with optional MAC
- */
-public class TlsNullCipher
-    implements TlsCipher
-{
-    protected TlsContext context;
-
-    protected TlsMac writeMac;
-    protected TlsMac readMac;
-
-    public TlsNullCipher(TlsContext context)
-    {
-        this.context = context;
-        this.writeMac = null;
-        this.readMac = null;
-    }
-
-    public TlsNullCipher(TlsContext context, Digest clientWriteDigest, Digest serverWriteDigest)
-        throws IOException
-    {
-        if ((clientWriteDigest == null) != (serverWriteDigest == null))
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        this.context = context;
-
-        TlsMac clientWriteMac = null, serverWriteMac = null;
-
-        if (clientWriteDigest != null)
-        {
-            int key_block_size = clientWriteDigest.getDigestSize()
-                + serverWriteDigest.getDigestSize();
-            byte[] key_block = TlsUtils.calculateKeyBlock(context, key_block_size);
-
-            int offset = 0;
-
-            clientWriteMac = new TlsMac(context, clientWriteDigest, key_block, offset,
-                clientWriteDigest.getDigestSize());
-            offset += clientWriteDigest.getDigestSize();
-
-            serverWriteMac = new TlsMac(context, serverWriteDigest, key_block, offset,
-                serverWriteDigest.getDigestSize());
-            offset += serverWriteDigest.getDigestSize();
-
-            if (offset != key_block_size)
-            {
-                throw new TlsFatalAlert(AlertDescription.internal_error);
-            }
-        }
-
-        if (context.isServer())
-        {
-            writeMac = serverWriteMac;
-            readMac = clientWriteMac;
-        }
-        else
-        {
-            writeMac = clientWriteMac;
-            readMac = serverWriteMac;
-        }
-    }
-
-    public int getPlaintextLimit(int ciphertextLimit)
-    {
-        int result = ciphertextLimit;
-        if (writeMac != null)
-        {
-            result -= writeMac.getSize();
-        }
-        return result;
-    }
-
-    public byte[] encodePlaintext(long seqNo, short type, byte[] plaintext, int offset, int len)
-        throws IOException
-    {
-        if (writeMac == null)
-        {
-            return Arrays.copyOfRange(plaintext, offset, offset + len);
-        }
-
-        byte[] mac = writeMac.calculateMac(seqNo, type, plaintext, offset, len);
-        byte[] ciphertext = new byte[len + mac.length];
-        System.arraycopy(plaintext, offset, ciphertext, 0, len);
-        System.arraycopy(mac, 0, ciphertext, len, mac.length);
-        return ciphertext;
-    }
-
-    public byte[] decodeCiphertext(long seqNo, short type, byte[] ciphertext, int offset, int len)
-        throws IOException
-    {
-        if (readMac == null)
-        {
-            return Arrays.copyOfRange(ciphertext, offset, offset + len);
-        }
-
-        int macSize = readMac.getSize();
-        if (len < macSize)
-        {
-            throw new TlsFatalAlert(AlertDescription.decode_error);
-        }
-
-        int macInputLen = len - macSize;
-
-        byte[] receivedMac = Arrays.copyOfRange(ciphertext, offset + macInputLen, offset + len);
-        byte[] computedMac = readMac.calculateMac(seqNo, type, ciphertext, offset, macInputLen);
-
-        if (!Arrays.constantTimeAreEqual(receivedMac, computedMac))
-        {
-            throw new TlsFatalAlert(AlertDescription.bad_record_mac);
-        }
-
-        return Arrays.copyOfRange(ciphertext, offset, offset + macInputLen);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsNullCompression.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsNullCompression.java
deleted file mode 100644
index 13a85ab..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsNullCompression.java
+++ /dev/null

@@ -1,17 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.OutputStream;
-
-public class TlsNullCompression
-    implements TlsCompression
-{
-    public OutputStream compress(OutputStream output)
-    {
-        return output;
-    }
-
-    public OutputStream decompress(OutputStream output)
-    {
-        return output;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsOutputStream.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsOutputStream.java
deleted file mode 100644
index d953241..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsOutputStream.java
+++ /dev/null

@@ -1,44 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-import java.io.OutputStream;
-
-/**
- * An OutputStream for an TLS connection.
- */
-class TlsOutputStream
-    extends OutputStream
-{
-    private byte[] buf = new byte[1];
-    private TlsProtocol handler;
-
-    TlsOutputStream(TlsProtocol handler)
-    {
-        this.handler = handler;
-    }
-
-    public void write(byte buf[], int offset, int len)
-        throws IOException
-    {
-        this.handler.writeData(buf, offset, len);
-    }
-
-    public void write(int arg0)
-        throws IOException
-    {
-        buf[0] = (byte)arg0;
-        this.write(buf, 0, 1);
-    }
-
-    public void close()
-        throws IOException
-    {
-        handler.close();
-    }
-
-    public void flush()
-        throws IOException
-    {
-        handler.flush();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsPSKIdentity.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsPSKIdentity.java
deleted file mode 100644
index 2f6eea2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsPSKIdentity.java
+++ /dev/null

@@ -1,12 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-public interface TlsPSKIdentity
-{
-    void skipIdentityHint();
-
-    void notifyIdentityHint(byte[] psk_identity_hint);
-
-    byte[] getPSKIdentity();
-
-    byte[] getPSK();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsPSKIdentityManager.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsPSKIdentityManager.java
deleted file mode 100644
index c0ecf32..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsPSKIdentityManager.java
+++ /dev/null

@@ -1,8 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-public interface TlsPSKIdentityManager
-{
-    byte[] getHint();
-
-    byte[] getPSK(byte[] identity);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsPSKKeyExchange.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsPSKKeyExchange.java
deleted file mode 100644
index c2c3982..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsPSKKeyExchange.java
+++ /dev/null

@@ -1,368 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.math.BigInteger;
-import java.util.Vector;
-
-import org.bouncycastle.asn1.x509.KeyUsage;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.DHParameters;
-import org.bouncycastle.crypto.params.DHPrivateKeyParameters;
-import org.bouncycastle.crypto.params.DHPublicKeyParameters;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.crypto.util.PublicKeyFactory;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.io.Streams;
-
-/**
- * (D)TLS PSK key exchange (RFC 4279).
- */
-public class TlsPSKKeyExchange
-    extends AbstractTlsKeyExchange
-{
-    protected TlsPSKIdentity pskIdentity;
-    protected TlsPSKIdentityManager pskIdentityManager;
-
-    protected TlsDHVerifier dhVerifier;
-    protected DHParameters dhParameters;
-    protected int[] namedCurves;
-    protected short[] clientECPointFormats, serverECPointFormats;
-
-    protected byte[] psk_identity_hint = null;
-    protected byte[] psk = null;
-
-    protected DHPrivateKeyParameters dhAgreePrivateKey = null;
-    protected DHPublicKeyParameters dhAgreePublicKey = null;
-
-    protected ECPrivateKeyParameters ecAgreePrivateKey = null;
-    protected ECPublicKeyParameters ecAgreePublicKey = null;
-
-    protected AsymmetricKeyParameter serverPublicKey = null;
-    protected RSAKeyParameters rsaServerPublicKey = null;
-    protected TlsEncryptionCredentials serverCredentials = null;
-    protected byte[] premasterSecret;
-
-    /**
-     * @deprecated Use constructor that takes a TlsDHVerifier
-     */
-    public TlsPSKKeyExchange(int keyExchange, Vector supportedSignatureAlgorithms, TlsPSKIdentity pskIdentity,
-        TlsPSKIdentityManager pskIdentityManager, DHParameters dhParameters, int[] namedCurves,
-        short[] clientECPointFormats, short[] serverECPointFormats)
-    {
-        this(keyExchange, supportedSignatureAlgorithms, pskIdentity, pskIdentityManager, new DefaultTlsDHVerifier(),
-            dhParameters, namedCurves, clientECPointFormats, serverECPointFormats);
-    }
-
-    public TlsPSKKeyExchange(int keyExchange, Vector supportedSignatureAlgorithms, TlsPSKIdentity pskIdentity,
-        TlsPSKIdentityManager pskIdentityManager, TlsDHVerifier dhVerifier, DHParameters dhParameters, int[] namedCurves,
-        short[] clientECPointFormats, short[] serverECPointFormats)
-    {
-        super(keyExchange, supportedSignatureAlgorithms);
-
-        switch (keyExchange)
-        {
-        case KeyExchangeAlgorithm.DHE_PSK:
-        case KeyExchangeAlgorithm.ECDHE_PSK:
-        case KeyExchangeAlgorithm.PSK:
-        case KeyExchangeAlgorithm.RSA_PSK:
-            break;
-        default:
-            throw new IllegalArgumentException("unsupported key exchange algorithm");
-        }
-
-        this.pskIdentity = pskIdentity;
-        this.pskIdentityManager = pskIdentityManager;
-        this.dhVerifier = dhVerifier;
-        this.dhParameters = dhParameters;
-        this.namedCurves = namedCurves;
-        this.clientECPointFormats = clientECPointFormats;
-        this.serverECPointFormats = serverECPointFormats;
-    }
-
-    public void skipServerCredentials() throws IOException
-    {
-        if (keyExchange == KeyExchangeAlgorithm.RSA_PSK)
-        {
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-    }
-
-    public void processServerCredentials(TlsCredentials serverCredentials) throws IOException
-    {
-        if (!(serverCredentials instanceof TlsEncryptionCredentials))
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        processServerCertificate(serverCredentials.getCertificate());
-
-        this.serverCredentials = (TlsEncryptionCredentials)serverCredentials;
-    }
-
-    public byte[] generateServerKeyExchange() throws IOException
-    {
-        this.psk_identity_hint = pskIdentityManager.getHint();
-
-        if (this.psk_identity_hint == null && !requiresServerKeyExchange())
-        {
-            return null;
-        }
-
-        ByteArrayOutputStream buf = new ByteArrayOutputStream();
-
-        if (this.psk_identity_hint == null)
-        {
-            TlsUtils.writeOpaque16(TlsUtils.EMPTY_BYTES, buf);
-        }
-        else
-        {
-            TlsUtils.writeOpaque16(this.psk_identity_hint, buf);
-        }
-
-        if (this.keyExchange == KeyExchangeAlgorithm.DHE_PSK)
-        {
-            if (this.dhParameters == null)
-            {
-                throw new TlsFatalAlert(AlertDescription.internal_error);
-            }
-
-            this.dhAgreePrivateKey = TlsDHUtils.generateEphemeralServerKeyExchange(context.getSecureRandom(),
-                this.dhParameters, buf);
-        }
-        else if (this.keyExchange == KeyExchangeAlgorithm.ECDHE_PSK)
-        {
-            this.ecAgreePrivateKey = TlsECCUtils.generateEphemeralServerKeyExchange(context.getSecureRandom(),
-                namedCurves, clientECPointFormats, buf);
-        }
-
-        return buf.toByteArray();
-    }
-
-    public void processServerCertificate(Certificate serverCertificate) throws IOException
-    {
-        if (keyExchange != KeyExchangeAlgorithm.RSA_PSK)
-        {
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-        if (serverCertificate.isEmpty())
-        {
-            throw new TlsFatalAlert(AlertDescription.bad_certificate);
-        }
-
-        org.bouncycastle.asn1.x509.Certificate x509Cert = serverCertificate.getCertificateAt(0);
-
-        SubjectPublicKeyInfo keyInfo = x509Cert.getSubjectPublicKeyInfo();
-        try
-        {
-            this.serverPublicKey = PublicKeyFactory.createKey(keyInfo);
-        }
-        catch (RuntimeException e)
-        {
-            throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e);
-        }
-
-        // Sanity check the PublicKeyFactory
-        if (this.serverPublicKey.isPrivate())
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        this.rsaServerPublicKey = validateRSAPublicKey((RSAKeyParameters)this.serverPublicKey);
-
-        TlsUtils.validateKeyUsage(x509Cert, KeyUsage.keyEncipherment);
-
-        super.processServerCertificate(serverCertificate);
-    }
-
-    public boolean requiresServerKeyExchange()
-    {
-        switch (keyExchange)
-        {
-        case KeyExchangeAlgorithm.DHE_PSK:
-        case KeyExchangeAlgorithm.ECDHE_PSK:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    public void processServerKeyExchange(InputStream input) throws IOException
-    {
-        this.psk_identity_hint = TlsUtils.readOpaque16(input);
-
-        if (this.keyExchange == KeyExchangeAlgorithm.DHE_PSK)
-        {
-            this.dhParameters = TlsDHUtils.receiveDHParameters(dhVerifier, input);
-            this.dhAgreePublicKey = new DHPublicKeyParameters(TlsDHUtils.readDHParameter(input), dhParameters);
-        }
-        else if (this.keyExchange == KeyExchangeAlgorithm.ECDHE_PSK)
-        {
-            ECDomainParameters ecParams = TlsECCUtils.readECParameters(namedCurves, clientECPointFormats, input);
-
-            byte[] point = TlsUtils.readOpaque8(input);
-
-            this.ecAgreePublicKey = TlsECCUtils.validateECPublicKey(TlsECCUtils.deserializeECPublicKey(
-                clientECPointFormats, ecParams, point));
-        }
-    }
-
-    public void validateCertificateRequest(CertificateRequest certificateRequest) throws IOException
-    {
-        throw new TlsFatalAlert(AlertDescription.unexpected_message);
-    }
-
-    public void processClientCredentials(TlsCredentials clientCredentials) throws IOException
-    {
-        throw new TlsFatalAlert(AlertDescription.internal_error);
-    }
-
-    public void generateClientKeyExchange(OutputStream output) throws IOException
-    {
-        if (psk_identity_hint == null)
-        {
-            pskIdentity.skipIdentityHint();
-        }
-        else
-        {
-            pskIdentity.notifyIdentityHint(psk_identity_hint);
-        }
-
-        byte[] psk_identity = pskIdentity.getPSKIdentity();
-        if (psk_identity == null)
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        this.psk = pskIdentity.getPSK();
-        if (psk == null)
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        TlsUtils.writeOpaque16(psk_identity, output);
-
-        context.getSecurityParameters().pskIdentity = Arrays.clone(psk_identity);
-
-        if (this.keyExchange == KeyExchangeAlgorithm.DHE_PSK)
-        {
-            this.dhAgreePrivateKey = TlsDHUtils.generateEphemeralClientKeyExchange(context.getSecureRandom(),
-                dhParameters, output);
-        }
-        else if (this.keyExchange == KeyExchangeAlgorithm.ECDHE_PSK)
-        {
-            this.ecAgreePrivateKey = TlsECCUtils.generateEphemeralClientKeyExchange(context.getSecureRandom(),
-                serverECPointFormats, ecAgreePublicKey.getParameters(), output);
-        }
-        else if (this.keyExchange == KeyExchangeAlgorithm.RSA_PSK)
-        {
-            this.premasterSecret = TlsRSAUtils.generateEncryptedPreMasterSecret(context, this.rsaServerPublicKey,
-                output);
-        }
-    }
-
-    public void processClientKeyExchange(InputStream input) throws IOException
-    {
-        byte[] psk_identity = TlsUtils.readOpaque16(input);
-
-        this.psk = pskIdentityManager.getPSK(psk_identity);
-        if (psk == null)
-        {
-            throw new TlsFatalAlert(AlertDescription.unknown_psk_identity);
-        }
-
-        context.getSecurityParameters().pskIdentity = psk_identity;
-
-        if (this.keyExchange == KeyExchangeAlgorithm.DHE_PSK)
-        {
-            this.dhAgreePublicKey = new DHPublicKeyParameters(TlsDHUtils.readDHParameter(input), dhParameters);
-        }
-        else if (this.keyExchange == KeyExchangeAlgorithm.ECDHE_PSK)
-        {
-            byte[] point = TlsUtils.readOpaque8(input);
-
-            ECDomainParameters curve_params = this.ecAgreePrivateKey.getParameters();
-
-            this.ecAgreePublicKey = TlsECCUtils.validateECPublicKey(TlsECCUtils.deserializeECPublicKey(
-                serverECPointFormats, curve_params, point));
-        }
-        else if (this.keyExchange == KeyExchangeAlgorithm.RSA_PSK)
-        {
-            byte[] encryptedPreMasterSecret;
-            if (TlsUtils.isSSL(context))
-            {
-                // TODO Do any SSLv3 clients actually include the length?
-                encryptedPreMasterSecret = Streams.readAll(input);
-            }
-            else
-            {
-                encryptedPreMasterSecret = TlsUtils.readOpaque16(input);
-            }
-
-            this.premasterSecret = serverCredentials.decryptPreMasterSecret(encryptedPreMasterSecret);
-        }
-    }
-
-    public byte[] generatePremasterSecret() throws IOException
-    {
-        byte[] other_secret = generateOtherSecret(psk.length);
-
-        ByteArrayOutputStream buf = new ByteArrayOutputStream(4 + other_secret.length + psk.length);
-        TlsUtils.writeOpaque16(other_secret, buf);
-        TlsUtils.writeOpaque16(psk, buf);
-
-        Arrays.fill(psk, (byte)0);
-        this.psk = null;
-
-        return buf.toByteArray();
-    }
-
-    protected byte[] generateOtherSecret(int pskLength) throws IOException
-    {
-        if (this.keyExchange == KeyExchangeAlgorithm.DHE_PSK)
-        {
-            if (dhAgreePrivateKey != null)
-            {
-                return TlsDHUtils.calculateDHBasicAgreement(dhAgreePublicKey, dhAgreePrivateKey);
-            }
-
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        if (this.keyExchange == KeyExchangeAlgorithm.ECDHE_PSK)
-        {
-            if (ecAgreePrivateKey != null)
-            {
-                return TlsECCUtils.calculateECDHBasicAgreement(ecAgreePublicKey, ecAgreePrivateKey);
-            }
-
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        if (this.keyExchange == KeyExchangeAlgorithm.RSA_PSK)
-        {
-            return this.premasterSecret;
-        }
-
-        return new byte[pskLength];
-    }
-
-    protected RSAKeyParameters validateRSAPublicKey(RSAKeyParameters key) throws IOException
-    {
-        // TODO What is the minimum bit length required?
-        // key.getModulus().bitLength();
-
-        if (!key.getExponent().isProbablePrime(2))
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-
-        return key;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsPeer.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsPeer.java
deleted file mode 100644
index 0cddb2b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsPeer.java
+++ /dev/null

@@ -1,59 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-
-public interface TlsPeer
-{
-    /**
-     * This implementation supports RFC 7627 and will always negotiate the extended_master_secret
-     * extension where possible. When connecting to a peer that does not offer/accept this
-     * extension, it is recommended to abort the handshake. This option is provided for
-     * interoperability with legacy peers, although some TLS features will be disabled in that case
-     * (see RFC 7627 5.4).
-     * 
-     * @return <code>true</code> if the handshake should be aborted when the peer does not negotiate
-     *         the extended_master_secret extension, or <code>false</code> to support legacy
-     *         interoperability.
-     */
-    boolean requiresExtendedMasterSecret();
-
-    /**
-     * draft-mathewson-no-gmtunixtime-00 2. "If existing users of a TLS implementation may rely on
-     * gmt_unix_time containing the current time, we recommend that implementors MAY provide the
-     * ability to set gmt_unix_time as an option only, off by default."
-     * 
-     * @return <code>true</code> if the current time should be used in the gmt_unix_time field of
-     *         Random, or <code>false</code> if gmt_unix_time should contain a cryptographically
-     *         random value.
-     */
-    boolean shouldUseGMTUnixTime();
-
-    void notifySecureRenegotiation(boolean secureNegotiation) throws IOException;
-
-    TlsCompression getCompression() throws IOException;
-
-    TlsCipher getCipher() throws IOException;
-
-    /**
-     * This method will be called when an alert is raised by the protocol.
-     *
-     * @param alertLevel       {@link AlertLevel}
-     * @param alertDescription {@link AlertDescription}
-     * @param message          A human-readable message explaining what caused this alert. May be null.
-     * @param cause            The {@link Throwable} that caused this alert to be raised. May be null.
-     */
-    void notifyAlertRaised(short alertLevel, short alertDescription, String message, Throwable cause);
-
-    /**
-     * This method will be called when an alert is received from the remote peer.
-     *
-     * @param alertLevel       {@link AlertLevel}
-     * @param alertDescription {@link AlertDescription}
-     */
-    void notifyAlertReceived(short alertLevel, short alertDescription);
-
-    /**
-     * Notifies the peer that the handshake has been successfully completed.
-     */
-    void notifyHandshakeComplete() throws IOException;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsProtocol.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsProtocol.java
deleted file mode 100644
index bc65b27..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsProtocol.java
+++ /dev/null

@@ -1,1564 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.EOFException;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.security.SecureRandom;
-import java.util.Enumeration;
-import java.util.Hashtable;
-import java.util.Vector;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.prng.RandomGenerator;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Integers;
-
-public abstract class TlsProtocol
-{
-    protected static final Integer EXT_RenegotiationInfo = Integers.valueOf(ExtensionType.renegotiation_info);
-    protected static final Integer EXT_SessionTicket = Integers.valueOf(ExtensionType.session_ticket);
-
-    /*
-     * Our Connection states
-     */
-    protected static final short CS_START = 0;
-    protected static final short CS_CLIENT_HELLO = 1;
-    protected static final short CS_SERVER_HELLO = 2;
-    protected static final short CS_SERVER_SUPPLEMENTAL_DATA = 3;
-    protected static final short CS_SERVER_CERTIFICATE = 4;
-    protected static final short CS_CERTIFICATE_STATUS = 5;
-    protected static final short CS_SERVER_KEY_EXCHANGE = 6;
-    protected static final short CS_CERTIFICATE_REQUEST = 7;
-    protected static final short CS_SERVER_HELLO_DONE = 8;
-    protected static final short CS_CLIENT_SUPPLEMENTAL_DATA = 9;
-    protected static final short CS_CLIENT_CERTIFICATE = 10;
-    protected static final short CS_CLIENT_KEY_EXCHANGE = 11;
-    protected static final short CS_CERTIFICATE_VERIFY = 12;
-    protected static final short CS_CLIENT_FINISHED = 13;
-    protected static final short CS_SERVER_SESSION_TICKET = 14;
-    protected static final short CS_SERVER_FINISHED = 15;
-    protected static final short CS_END = 16;
-
-    /*
-     * Different modes to handle the known IV weakness
-     */
-    protected static final short ADS_MODE_1_Nsub1 = 0; // 1/n-1 record splitting
-    protected static final short ADS_MODE_0_N = 1; // 0/n record splitting
-    protected static final short ADS_MODE_0_N_FIRSTONLY = 2; // 0/n record splitting on first data fragment only
-
-    /*
-     * Queues for data from some protocols.
-     */
-    private ByteQueue applicationDataQueue = new ByteQueue(0);
-    private ByteQueue alertQueue = new ByteQueue(2);
-    private ByteQueue handshakeQueue = new ByteQueue(0);
-//    private ByteQueue heartbeatQueue = new ByteQueue();
-
-    /*
-     * The Record Stream we use
-     */
-    RecordStream recordStream;
-    protected SecureRandom secureRandom;
-
-    private TlsInputStream tlsInputStream = null;
-    private TlsOutputStream tlsOutputStream = null;
-
-    private volatile boolean closed = false;
-    private volatile boolean failedWithError = false;
-    private volatile boolean appDataReady = false;
-    private volatile boolean appDataSplitEnabled = true;
-    private volatile int appDataSplitMode = ADS_MODE_1_Nsub1;
-    private byte[] expected_verify_data = null;
-
-    protected TlsSession tlsSession = null;
-    protected SessionParameters sessionParameters = null;
-    protected SecurityParameters securityParameters = null;
-    protected Certificate peerCertificate = null;
-
-    protected int[] offeredCipherSuites = null;
-    protected short[] offeredCompressionMethods = null;
-    protected Hashtable clientExtensions = null;
-    protected Hashtable serverExtensions = null;
-
-    protected short connection_state = CS_START;
-    protected boolean resumedSession = false;
-    protected boolean receivedChangeCipherSpec = false;
-    protected boolean secure_renegotiation = false;
-    protected boolean allowCertificateStatus = false;
-    protected boolean expectSessionTicket = false;
-
-    protected boolean blocking;
-    protected ByteQueueInputStream inputBuffers;
-    protected ByteQueueOutputStream outputBuffer;
-    
-    public TlsProtocol(InputStream input, OutputStream output, SecureRandom secureRandom)
-    {
-        this.blocking = true;
-        this.recordStream = new RecordStream(this, input, output);
-        this.secureRandom = secureRandom;
-    }
-    
-    public TlsProtocol(SecureRandom secureRandom)
-    {
-        this.blocking = false;
-        this.inputBuffers = new ByteQueueInputStream();
-        this.outputBuffer = new ByteQueueOutputStream();
-        this.recordStream = new RecordStream(this, inputBuffers, outputBuffer);
-        this.secureRandom = secureRandom;
-    }
-
-    protected abstract TlsContext getContext();
-
-    abstract AbstractTlsContext getContextAdmin();
-
-    protected abstract TlsPeer getPeer();
-
-    protected void handleAlertMessage(short alertLevel, short alertDescription)
-        throws IOException
-    {
-        getPeer().notifyAlertReceived(alertLevel, alertDescription);
-
-        if (alertLevel == AlertLevel.warning)
-        {
-            handleAlertWarningMessage(alertDescription);
-        }
-        else
-        {
-            handleFailure();
-
-            throw new TlsFatalAlertReceived(alertDescription);
-        }
-    }
-
-    protected void handleAlertWarningMessage(short alertDescription)
-        throws IOException
-    {
-        /*
-         * RFC 5246 7.2.1. The other party MUST respond with a close_notify alert of its own
-         * and close down the connection immediately, discarding any pending writes.
-         */
-        if (alertDescription == AlertDescription.close_notify)
-        {
-            if (!appDataReady)
-            {
-                throw new TlsFatalAlert(AlertDescription.handshake_failure);
-            }
-            handleClose(false);
-        }
-    }
-
-    protected void handleChangeCipherSpecMessage() throws IOException
-    {
-    }
-
-    protected void handleClose(boolean user_canceled)
-        throws IOException
-    {
-        if (!closed)
-        {
-            this.closed = true;
-
-            if (user_canceled && !appDataReady)
-            {
-                raiseAlertWarning(AlertDescription.user_canceled, "User canceled handshake");
-            }
-
-            raiseAlertWarning(AlertDescription.close_notify, "Connection closed");
-
-            recordStream.safeClose();
-
-            if (!appDataReady)
-            {
-                cleanupHandshake();
-            }
-        }
-    }
-
-    protected void handleException(short alertDescription, String message, Throwable cause)
-        throws IOException
-    {
-        if (!closed)
-        {
-            raiseAlertFatal(alertDescription, message, cause);
-
-            handleFailure();
-        }
-    }
-
-    protected void handleFailure()
-    {
-        this.closed = true;
-        this.failedWithError = true;
-
-        /*
-         * RFC 2246 7.2.1. The session becomes unresumable if any connection is terminated
-         * without proper close_notify messages with level equal to warning.
-         */
-        // TODO This isn't quite in the right place. Also, as of TLS 1.1 the above is obsolete.
-        invalidateSession();
-
-        recordStream.safeClose();
-
-        if (!appDataReady)
-        {
-            cleanupHandshake();
-        }
-    }
-
-    protected abstract void handleHandshakeMessage(short type, ByteArrayInputStream buf)
-        throws IOException;
-
-    protected void applyMaxFragmentLengthExtension()
-        throws IOException
-    {
-        if (securityParameters.maxFragmentLength >= 0)
-        {
-            if (!MaxFragmentLength.isValid(securityParameters.maxFragmentLength))
-            {
-                throw new TlsFatalAlert(AlertDescription.internal_error); 
-            }
-    
-            int plainTextLimit = 1 << (8 + securityParameters.maxFragmentLength);
-            recordStream.setPlaintextLimit(plainTextLimit);
-        }
-    }
-
-    protected void checkReceivedChangeCipherSpec(boolean expected)
-        throws IOException
-    {
-        if (expected != receivedChangeCipherSpec)
-        {
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-    }
-
-    protected void cleanupHandshake()
-    {
-        if (this.expected_verify_data != null)
-        {
-            Arrays.fill(this.expected_verify_data, (byte)0);
-            this.expected_verify_data = null;
-        }
-
-        this.securityParameters.clear();
-        this.peerCertificate = null;
-
-        this.offeredCipherSuites = null;
-        this.offeredCompressionMethods = null;
-        this.clientExtensions = null;
-        this.serverExtensions = null;
-
-        this.resumedSession = false;
-        this.receivedChangeCipherSpec = false;
-        this.secure_renegotiation = false;
-        this.allowCertificateStatus = false;
-        this.expectSessionTicket = false;
-    }
-    
-    protected void blockForHandshake() throws IOException
-    {
-        if (blocking)
-        {
-            while (this.connection_state != CS_END)
-            {
-                if (this.closed)
-                {
-                    // NOTE: Any close during the handshake should have raised an exception.
-                    throw new TlsFatalAlert(AlertDescription.internal_error);
-                }
-
-                safeReadRecord();
-            }
-        }
-    }
-
-    protected void completeHandshake()
-        throws IOException
-    {
-        try
-        {
-            this.connection_state = CS_END;
-
-            this.alertQueue.shrink();
-            this.handshakeQueue.shrink();
-
-            this.recordStream.finaliseHandshake();
-
-            this.appDataSplitEnabled = !TlsUtils.isTLSv11(getContext());
-
-            /*
-             * If this was an initial handshake, we are now ready to send and receive application data.
-             */
-            if (!appDataReady)
-            {
-                this.appDataReady = true;
-
-                if (blocking)
-                {
-                    this.tlsInputStream = new TlsInputStream(this);
-                    this.tlsOutputStream = new TlsOutputStream(this);
-                }
-            }
-
-            if (this.tlsSession != null)
-            {
-                if (this.sessionParameters == null)
-                {
-                    this.sessionParameters = new SessionParameters.Builder()
-                        .setCipherSuite(this.securityParameters.getCipherSuite())
-                        .setCompressionAlgorithm(this.securityParameters.getCompressionAlgorithm())
-                        .setExtendedMasterSecret(securityParameters.isExtendedMasterSecret())
-                        .setMasterSecret(this.securityParameters.getMasterSecret())
-                        .setPeerCertificate(this.peerCertificate)
-                        .setPSKIdentity(this.securityParameters.getPSKIdentity())
-                        .setSRPIdentity(this.securityParameters.getSRPIdentity())
-                        // TODO Consider filtering extensions that aren't relevant to resumed sessions
-                        .setServerExtensions(this.serverExtensions)
-                        .build();
-
-                    this.tlsSession = new TlsSessionImpl(this.tlsSession.getSessionID(), this.sessionParameters);
-                }
-
-                getContextAdmin().setResumableSession(this.tlsSession);
-            }
-
-            getPeer().notifyHandshakeComplete();
-        }
-        finally
-        {
-            cleanupHandshake();
-        }
-    }
-
-    protected void processRecord(short protocol, byte[] buf, int off, int len)
-        throws IOException
-    {
-        /*
-         * Have a look at the protocol type, and add it to the correct queue.
-         */
-        switch (protocol)
-        {
-        case ContentType.alert:
-        {
-            alertQueue.addData(buf, off, len);
-            processAlertQueue();
-            break;
-        }
-        case ContentType.application_data:
-        {
-            if (!appDataReady)
-            {
-                throw new TlsFatalAlert(AlertDescription.unexpected_message);
-            }
-            applicationDataQueue.addData(buf, off, len);
-            processApplicationDataQueue();
-            break;
-        }
-        case ContentType.change_cipher_spec:
-        {
-            processChangeCipherSpec(buf, off, len);
-            break;
-        }
-        case ContentType.handshake:
-        {
-            if (handshakeQueue.available() > 0)
-            {
-                handshakeQueue.addData(buf, off, len);
-                processHandshakeQueue(handshakeQueue);
-            }
-            else
-            {
-                ByteQueue tmpQueue = new ByteQueue(buf, off, len);
-                processHandshakeQueue(tmpQueue);
-                int remaining = tmpQueue.available();
-                if (remaining > 0)
-                {
-                    handshakeQueue.addData(buf, off + len - remaining, remaining);
-                }
-            }
-            break;
-        }
-//        case ContentType.heartbeat:
-//        {
-//            if (!appDataReady)
-//            {
-//                throw new TlsFatalAlert(AlertDescription.unexpected_message);
-//            }
-//            // TODO[RFC 6520]
-////            heartbeatQueue.addData(buf, offset, len);
-////            processHeartbeat();
-//            break;
-//        }
-        default:
-            // Record type should already have been checked
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    private void processHandshakeQueue(ByteQueue queue)
-        throws IOException
-    {
-        while (queue.available() >= 4)
-        {
-            /*
-             * We need the first 4 bytes, they contain type and length of the message.
-             */
-            byte[] beginning = new byte[4];
-            queue.read(beginning, 0, 4, 0);
-            short type = TlsUtils.readUint8(beginning, 0);
-            int length = TlsUtils.readUint24(beginning, 1);
-            int totalLength = 4 + length;
-    
-            /*
-             * Check if we have enough bytes in the buffer to read the full message.
-             */
-            if (queue.available() < totalLength)
-            {
-                break;
-            }
-
-            /*
-             * RFC 2246 7.4.9. The value handshake_messages includes all handshake messages
-             * starting at client hello up to, but not including, this finished message.
-             * [..] Note: [Also,] Hello Request messages are omitted from handshake hashes.
-             */
-            if (HandshakeType.hello_request != type)
-            {
-                if (HandshakeType.finished == type)
-                {
-                    checkReceivedChangeCipherSpec(true);
-
-                    TlsContext ctx = getContext();
-                    if (this.expected_verify_data == null
-                        && ctx.getSecurityParameters().getMasterSecret() != null)
-                    {
-                        this.expected_verify_data = createVerifyData(!ctx.isServer());
-                    }
-                }
-                else
-                {
-                    checkReceivedChangeCipherSpec(connection_state == CS_END);
-                }
-
-                queue.copyTo(recordStream.getHandshakeHashUpdater(), totalLength);
-            }
-
-            queue.removeData(4);
-
-            ByteArrayInputStream buf = queue.readFrom(length);
-
-            /*
-             * Now, parse the message.
-             */
-            handleHandshakeMessage(type, buf);
-        }
-    }
-
-    private void processApplicationDataQueue()
-    {
-        /*
-         * There is nothing we need to do here.
-         * 
-         * This function could be used for callbacks when application data arrives in the future.
-         */
-    }
-
-    private void processAlertQueue()
-        throws IOException
-    {
-        while (alertQueue.available() >= 2)
-        {
-            /*
-             * An alert is always 2 bytes. Read the alert.
-             */
-            byte[] alert = alertQueue.removeData(2, 0);
-            short alertLevel = alert[0];
-            short alertDescription = alert[1];
-
-            handleAlertMessage(alertLevel, alertDescription);
-        }
-    }
-
-    /**
-     * This method is called, when a change cipher spec message is received.
-     *
-     * @throws IOException If the message has an invalid content or the handshake is not in the correct
-     * state.
-     */
-    private void processChangeCipherSpec(byte[] buf, int off, int len)
-        throws IOException
-    {
-        for (int i = 0; i < len; ++i)
-        {
-            short message = TlsUtils.readUint8(buf, off + i);
-
-            if (message != ChangeCipherSpec.change_cipher_spec)
-            {
-                throw new TlsFatalAlert(AlertDescription.decode_error);
-            }
-
-            if (this.receivedChangeCipherSpec
-                || alertQueue.available() > 0
-                || handshakeQueue.available() > 0)
-            {
-                throw new TlsFatalAlert(AlertDescription.unexpected_message);
-            }
-
-            recordStream.receivedReadCipherSpec();
-
-            this.receivedChangeCipherSpec = true;
-
-            handleChangeCipherSpecMessage();
-        }
-    }
-
-    protected int applicationDataAvailable()
-    {
-        return applicationDataQueue.available();
-    }
-
-    /**
-     * Read data from the network. The method will return immediately, if there is still some data
-     * left in the buffer, or block until some application data has been read from the network.
-     *
-     * @param buf    The buffer where the data will be copied to.
-     * @param offset The position where the data will be placed in the buffer.
-     * @param len    The maximum number of bytes to read.
-     * @return The number of bytes read.
-     * @throws IOException If something goes wrong during reading data.
-     */
-    protected int readApplicationData(byte[] buf, int offset, int len)
-        throws IOException
-    {
-        if (len < 1)
-        {
-            return 0;
-        }
-
-        while (applicationDataQueue.available() == 0)
-        {
-            if (this.closed)
-            {
-                if (this.failedWithError)
-                {
-                    throw new IOException("Cannot read application data on failed TLS connection");
-                }
-                if (!appDataReady)
-                {
-                    throw new IllegalStateException("Cannot read application data until initial handshake completed.");
-                }
-
-                return -1;
-            }
-
-            safeReadRecord();
-        }
-
-        len = Math.min(len, applicationDataQueue.available());
-        applicationDataQueue.removeData(buf, offset, len, 0);
-        return len;
-    }
-
-    protected void safeCheckRecordHeader(byte[] recordHeader)
-        throws IOException
-    {
-        try
-        {
-            recordStream.checkRecordHeader(recordHeader);
-        }
-        catch (TlsFatalAlert e)
-        {
-            handleException(e.getAlertDescription(), "Failed to read record", e);
-            throw e;
-        }
-        catch (IOException e)
-        {
-            handleException(AlertDescription.internal_error, "Failed to read record", e);
-            throw e;
-        }
-        catch (RuntimeException e)
-        {
-            handleException(AlertDescription.internal_error, "Failed to read record", e);
-            throw new TlsFatalAlert(AlertDescription.internal_error, e);
-        }
-    }
-
-    protected void safeReadRecord()
-        throws IOException
-    {
-        try
-        {
-            if (recordStream.readRecord())
-            {
-                return;
-            }
-
-            if (!appDataReady)
-            {
-                throw new TlsFatalAlert(AlertDescription.handshake_failure);
-            }
-        }
-        catch (TlsFatalAlertReceived e)
-        {
-            // Connection failure already handled at source
-            throw e;
-        }
-        catch (TlsFatalAlert e)
-        {
-            handleException(e.getAlertDescription(), "Failed to read record", e);
-            throw e;
-        }
-        catch (IOException e)
-        {
-            handleException(AlertDescription.internal_error, "Failed to read record", e);
-            throw e;
-        }
-        catch (RuntimeException e)
-        {
-            handleException(AlertDescription.internal_error, "Failed to read record", e);
-            throw new TlsFatalAlert(AlertDescription.internal_error, e);
-        }
-
-        handleFailure();
-
-        throw new TlsNoCloseNotifyException();
-    }
-
-    protected void safeWriteRecord(short type, byte[] buf, int offset, int len)
-        throws IOException
-    {
-        try
-        {
-            recordStream.writeRecord(type, buf, offset, len);
-        }
-        catch (TlsFatalAlert e)
-        {
-            handleException(e.getAlertDescription(), "Failed to write record", e);
-            throw e;
-        }
-        catch (IOException e)
-        {
-            handleException(AlertDescription.internal_error, "Failed to write record", e);
-            throw e;
-        }
-        catch (RuntimeException e)
-        {
-            handleException(AlertDescription.internal_error, "Failed to write record", e);
-            throw new TlsFatalAlert(AlertDescription.internal_error, e);
-        }
-    }
-
-    /**
-     * Send some application data to the remote system.
-     * <p>
-     * The method will handle fragmentation internally.
-     * </p>
-     * @param buf    The buffer with the data.
-     * @param offset The position in the buffer where the data is placed.
-     * @param len    The length of the data.
-     * @throws IOException If something goes wrong during sending.
-     */
-    protected void writeData(byte[] buf, int offset, int len)
-        throws IOException
-    {
-        if (this.closed)
-        {
-            throw new IOException("Cannot write application data on closed/failed TLS connection");
-        }
-
-        while (len > 0)
-        {
-            /*
-             * RFC 5246 6.2.1. Zero-length fragments of Application data MAY be sent as they are
-             * potentially useful as a traffic analysis countermeasure.
-             * 
-             * NOTE: Actually, implementations appear to have settled on 1/n-1 record splitting.
-             */
-
-            if (this.appDataSplitEnabled)
-            {
-                /*
-                 * Protect against known IV attack!
-                 * 
-                 * DO NOT REMOVE THIS CODE, EXCEPT YOU KNOW EXACTLY WHAT YOU ARE DOING HERE.
-                 */
-                switch (appDataSplitMode) {
-                    case ADS_MODE_0_N_FIRSTONLY:
-                        this.appDataSplitEnabled = false;
-                        // fall through intended!
-                    case ADS_MODE_0_N:
-                        safeWriteRecord(ContentType.application_data, TlsUtils.EMPTY_BYTES, 0, 0);
-                        break;
-                    case ADS_MODE_1_Nsub1:
-                    default:
-                        safeWriteRecord(ContentType.application_data, buf, offset, 1);
-                        ++offset;
-                        --len;
-                        break;
-                }
-            }
-
-            if (len > 0)
-            {
-                // Fragment data according to the current fragment limit.
-                int toWrite = Math.min(len, recordStream.getPlaintextLimit());
-                safeWriteRecord(ContentType.application_data, buf, offset, toWrite);
-                offset += toWrite;
-                len -= toWrite;
-            }
-        }
-    }
-
-    protected void setAppDataSplitMode(int appDataSplitMode) {
-        if (appDataSplitMode < ADS_MODE_1_Nsub1 ||
-            appDataSplitMode > ADS_MODE_0_N_FIRSTONLY)
-        {
-            throw new IllegalArgumentException("Illegal appDataSplitMode mode: " + appDataSplitMode);
-        }
-        this.appDataSplitMode = appDataSplitMode;
-	}
-
-    protected void writeHandshakeMessage(byte[] buf, int off, int len) throws IOException
-    {
-        if (len < 4)
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        short type = TlsUtils.readUint8(buf, off);
-        if (type != HandshakeType.hello_request)
-        {
-            recordStream.getHandshakeHashUpdater().write(buf, off, len);
-        }
-
-        int total = 0;
-        do
-        {
-            // Fragment data according to the current fragment limit.
-            int toWrite = Math.min(len - total, recordStream.getPlaintextLimit());
-            safeWriteRecord(ContentType.handshake, buf, off + total, toWrite);
-            total += toWrite;
-        }
-        while (total < len);
-    }
-
-    /**
-     * @return An OutputStream which can be used to send data. Only allowed in blocking mode.
-     */
-    public OutputStream getOutputStream()
-    {
-        if (!blocking)
-        {
-            throw new IllegalStateException("Cannot use OutputStream in non-blocking mode! Use offerOutput() instead.");
-        }
-        return this.tlsOutputStream;
-    }
-
-    /**
-     * @return An InputStream which can be used to read data. Only allowed in blocking mode.
-     */
-    public InputStream getInputStream()
-    {
-        if (!blocking)
-        {
-            throw new IllegalStateException("Cannot use InputStream in non-blocking mode! Use offerInput() instead.");
-        }
-        return this.tlsInputStream;
-    }
-
-    /**
-     * Should be called in non-blocking mode when the input data reaches EOF.
-     */
-    public void closeInput() throws IOException
-    {
-        if (blocking)
-        {
-            throw new IllegalStateException("Cannot use closeInput() in blocking mode!");
-        }
-
-        if (closed)
-        {
-            return;
-        }
-
-        if (inputBuffers.available() > 0)
-        {
-            throw new EOFException();
-        }
-
-        if (!appDataReady)
-        {
-            throw new TlsFatalAlert(AlertDescription.handshake_failure);
-        }
-
-        throw new TlsNoCloseNotifyException();
-    }
-
-    /**
-     * Offer input from an arbitrary source. Only allowed in non-blocking mode.<br>
-     * <br>
-     * After this method returns, the input buffer is "owned" by this object. Other code
-     * must not attempt to do anything with it.<br>
-     * <br>
-     * This method will decrypt and process all records that are fully available.
-     * If only part of a record is available, the buffer will be retained until the
-     * remainder of the record is offered.<br>
-     * <br>
-     * If any records containing application data were processed, the decrypted data
-     * can be obtained using {@link #readInput(byte[], int, int)}. If any records
-     * containing protocol data were processed, a response may have been generated.
-     * You should always check to see if there is any available output after calling
-     * this method by calling {@link #getAvailableOutputBytes()}.
-     * @param input The input buffer to offer
-     * @throws IOException If an error occurs while decrypting or processing a record
-     */
-    public void offerInput(byte[] input) throws IOException
-    {
-        if (blocking)
-        {
-            throw new IllegalStateException("Cannot use offerInput() in blocking mode! Use getInputStream() instead.");
-        }
-        
-        if (closed)
-        {
-            throw new IOException("Connection is closed, cannot accept any more input");
-        }
-        
-        inputBuffers.addBytes(input);
-
-        // loop while there are enough bytes to read the length of the next record
-        while (inputBuffers.available() >= RecordStream.TLS_HEADER_SIZE)
-        {
-            byte[] recordHeader = new byte[RecordStream.TLS_HEADER_SIZE];
-            inputBuffers.peek(recordHeader);
-
-            int totalLength = TlsUtils.readUint16(recordHeader, RecordStream.TLS_HEADER_LENGTH_OFFSET) + RecordStream.TLS_HEADER_SIZE;
-            if (inputBuffers.available() < totalLength)
-            {
-                // not enough bytes to read a whole record
-                safeCheckRecordHeader(recordHeader);
-                break;
-            }
-
-            safeReadRecord();
-
-            if (closed)
-            {
-                if (connection_state != CS_END)
-                {
-                    // NOTE: Any close during the handshake should have raised an exception.
-                    throw new TlsFatalAlert(AlertDescription.internal_error);
-                }
-                break;
-            }
-        }
-    }
-
-    /**
-     * Gets the amount of received application data. A call to {@link #readInput(byte[], int, int)}
-     * is guaranteed to be able to return at least this much data.<br>
-     * <br>
-     * Only allowed in non-blocking mode.
-     * @return The number of bytes of available application data
-     */
-    public int getAvailableInputBytes()
-    {
-        if (blocking)
-        {
-            throw new IllegalStateException("Cannot use getAvailableInputBytes() in blocking mode! Use getInputStream().available() instead.");
-        }
-        return applicationDataAvailable();
-    }
-
-    /**
-     * Retrieves received application data. Use {@link #getAvailableInputBytes()} to check
-     * how much application data is currently available. This method functions similarly to
-     * {@link InputStream#read(byte[], int, int)}, except that it never blocks. If no data
-     * is available, nothing will be copied and zero will be returned.<br>
-     * <br>
-     * Only allowed in non-blocking mode.
-     * @param buffer The buffer to hold the application data
-     * @param offset The start offset in the buffer at which the data is written
-     * @param length The maximum number of bytes to read
-     * @return The total number of bytes copied to the buffer. May be less than the
-     *          length specified if the length was greater than the amount of available data.
-     */
-    public int readInput(byte[] buffer, int offset, int length)
-    {
-        if (blocking)
-        {
-            throw new IllegalStateException("Cannot use readInput() in blocking mode! Use getInputStream() instead.");
-        }
-        
-        try
-        {
-            return readApplicationData(buffer, offset, Math.min(length, applicationDataAvailable()));
-        }
-        catch (IOException e)
-        {
-            // readApplicationData() only throws if there is no data available, so this should never happen
-            throw new RuntimeException(e.toString()); // early JDK fix.
-        }
-    }
-
-    /**
-     * Offer output from an arbitrary source. Only allowed in non-blocking mode.<br>
-     * <br>
-     * After this method returns, the specified section of the buffer will have been
-     * processed. Use {@link #readOutput(byte[], int, int)} to get the bytes to
-     * transmit to the other peer.<br>
-     * <br>
-     * This method must not be called until after the handshake is complete! Attempting
-     * to call it before the handshake is complete will result in an exception.
-     * @param buffer The buffer containing application data to encrypt
-     * @param offset The offset at which to begin reading data
-     * @param length The number of bytes of data to read
-     * @throws IOException If an error occurs encrypting the data, or the handshake is not complete
-     */
-    public void offerOutput(byte[] buffer, int offset, int length)
-            throws IOException
-    {
-        if (blocking)
-        {
-            throw new IllegalStateException("Cannot use offerOutput() in blocking mode! Use getOutputStream() instead.");
-        }
-        
-        if (!appDataReady)
-        {
-            throw new IOException("Application data cannot be sent until the handshake is complete!");
-        }
-        
-        writeData(buffer, offset, length);
-    }
-
-    /**
-     * Gets the amount of encrypted data available to be sent. A call to
-     * {@link #readOutput(byte[], int, int)} is guaranteed to be able to return at
-     * least this much data.<br>
-     * <br>
-     * Only allowed in non-blocking mode.
-     * @return The number of bytes of available encrypted data
-     */
-    public int getAvailableOutputBytes()
-    {
-        if (blocking)
-        {
-            throw new IllegalStateException("Cannot use getAvailableOutputBytes() in blocking mode! Use getOutputStream() instead.");
-        }
-        
-        return outputBuffer.getBuffer().available();
-    }
-
-    /**
-     * Retrieves encrypted data to be sent. Use {@link #getAvailableOutputBytes()} to check
-     * how much encrypted data is currently available. This method functions similarly to
-     * {@link InputStream#read(byte[], int, int)}, except that it never blocks. If no data
-     * is available, nothing will be copied and zero will be returned.<br>
-     * <br>
-     * Only allowed in non-blocking mode.
-     * @param buffer The buffer to hold the encrypted data
-     * @param offset The start offset in the buffer at which the data is written
-     * @param length The maximum number of bytes to read
-     * @return The total number of bytes copied to the buffer. May be less than the
-     *          length specified if the length was greater than the amount of available data.
-     */
-    public int readOutput(byte[] buffer, int offset, int length)
-    {
-        if (blocking)
-        {
-            throw new IllegalStateException("Cannot use readOutput() in blocking mode! Use getOutputStream() instead.");
-        }
-        
-        int bytesToRead = Math.min(getAvailableOutputBytes(), length);
-        outputBuffer.getBuffer().removeData(buffer, offset, bytesToRead, 0);
-        return bytesToRead;
-    }
-
-    protected void invalidateSession()
-    {
-        if (this.sessionParameters != null)
-        {
-            this.sessionParameters.clear();
-            this.sessionParameters = null;
-        }
-
-        if (this.tlsSession != null)
-        {
-            this.tlsSession.invalidate();
-            this.tlsSession = null;
-        }
-    }
-
-    protected void processFinishedMessage(ByteArrayInputStream buf)
-        throws IOException
-    {
-        if (expected_verify_data == null)
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        byte[] verify_data = TlsUtils.readFully(expected_verify_data.length, buf);
-
-        assertEmpty(buf);
-
-        /*
-         * Compare both checksums.
-         */
-        if (!Arrays.constantTimeAreEqual(expected_verify_data, verify_data))
-        {
-            /*
-             * Wrong checksum in the finished message.
-             */
-            throw new TlsFatalAlert(AlertDescription.decrypt_error);
-        }
-    }
-
-    protected void raiseAlertFatal(short alertDescription, String message, Throwable cause)
-        throws IOException
-    {
-        getPeer().notifyAlertRaised(AlertLevel.fatal, alertDescription, message, cause);
-
-        byte[] alert = new byte[]{ (byte)AlertLevel.fatal, (byte)alertDescription };
-
-        try
-        {
-            recordStream.writeRecord(ContentType.alert, alert, 0, 2);
-        }
-        catch (Exception e)
-        {
-            // We are already processing an exception, so just ignore this
-        }
-    }
-
-    protected void raiseAlertWarning(short alertDescription, String message)
-        throws IOException
-    {
-        getPeer().notifyAlertRaised(AlertLevel.warning, alertDescription, message, null);
-
-        byte[] alert = new byte[]{ (byte)AlertLevel.warning, (byte)alertDescription };
-
-        safeWriteRecord(ContentType.alert, alert, 0, 2);
-    }
-
-    protected void sendCertificateMessage(Certificate certificate)
-        throws IOException
-    {
-        if (certificate == null)
-        {
-            certificate = Certificate.EMPTY_CHAIN;
-        }
-
-        if (certificate.isEmpty())
-        {
-            TlsContext context = getContext();
-            if (!context.isServer())
-            {
-                ProtocolVersion serverVersion = getContext().getServerVersion();
-                if (serverVersion.isSSL())
-                {
-                    String errorMessage = serverVersion.toString() + " client didn't provide credentials";
-                    raiseAlertWarning(AlertDescription.no_certificate, errorMessage);
-                    return;
-                }
-            }
-        }
-
-        HandshakeMessage message = new HandshakeMessage(HandshakeType.certificate);
-
-        certificate.encode(message);
-
-        message.writeToRecordStream();
-    }
-
-    protected void sendChangeCipherSpecMessage()
-        throws IOException
-    {
-        byte[] message = new byte[]{ 1 };
-        safeWriteRecord(ContentType.change_cipher_spec, message, 0, message.length);
-        recordStream.sentWriteCipherSpec();
-    }
-
-    protected void sendFinishedMessage()
-        throws IOException
-    {
-        byte[] verify_data = createVerifyData(getContext().isServer());
-
-        HandshakeMessage message = new HandshakeMessage(HandshakeType.finished, verify_data.length);
-
-        message.write(verify_data);
-
-        message.writeToRecordStream();
-    }
-
-    protected void sendSupplementalDataMessage(Vector supplementalData)
-        throws IOException
-    {
-        HandshakeMessage message = new HandshakeMessage(HandshakeType.supplemental_data);
-
-        writeSupplementalData(message, supplementalData);
-
-        message.writeToRecordStream();
-    }
-
-    protected byte[] createVerifyData(boolean isServer)
-    {
-        TlsContext context = getContext();
-        String asciiLabel = isServer ? ExporterLabel.server_finished : ExporterLabel.client_finished;
-        byte[] sslSender = isServer ? TlsUtils.SSL_SERVER : TlsUtils.SSL_CLIENT;
-        byte[] hash = getCurrentPRFHash(context, recordStream.getHandshakeHash(), sslSender);
-        return TlsUtils.calculateVerifyData(context, asciiLabel, hash);
-    }
-
-    /**
-     * Closes this connection.
-     *
-     * @throws IOException If something goes wrong during closing.
-     */
-    public void close()
-        throws IOException
-    {
-        handleClose(true);
-    }
-
-    protected void flush()
-        throws IOException
-    {
-        recordStream.flush();
-    }
-
-    public boolean isClosed()
-    {
-        return closed;
-    }
-
-    protected short processMaxFragmentLengthExtension(Hashtable clientExtensions, Hashtable serverExtensions,
-        short alertDescription)
-        throws IOException
-    {
-        short maxFragmentLength = TlsExtensionsUtils.getMaxFragmentLengthExtension(serverExtensions);
-        if (maxFragmentLength >= 0)
-        {
-            if (!MaxFragmentLength.isValid(maxFragmentLength)
-                || (!this.resumedSession && maxFragmentLength != TlsExtensionsUtils
-                    .getMaxFragmentLengthExtension(clientExtensions)))
-            {
-                throw new TlsFatalAlert(alertDescription);
-            }
-        }
-        return maxFragmentLength;
-    }
-
-    protected void refuseRenegotiation() throws IOException
-    {
-        /*
-         * RFC 5746 4.5 SSLv3 clients that refuse renegotiation SHOULD use a fatal
-         * handshake_failure alert.
-         */
-        if (TlsUtils.isSSL(getContext()))
-        {
-            throw new TlsFatalAlert(AlertDescription.handshake_failure);
-        }
-
-        raiseAlertWarning(AlertDescription.no_renegotiation, "Renegotiation not supported");
-    }
-
-    /**
-     * Make sure the InputStream 'buf' now empty. Fail otherwise.
-     *
-     * @param buf The InputStream to check.
-     * @throws IOException If 'buf' is not empty.
-     */
-    protected static void assertEmpty(ByteArrayInputStream buf)
-        throws IOException
-    {
-        if (buf.available() > 0)
-        {
-            throw new TlsFatalAlert(AlertDescription.decode_error);
-        }
-    }
-
-    protected static byte[] createRandomBlock(boolean useGMTUnixTime, RandomGenerator randomGenerator)
-    {
-        byte[] result = new byte[32];
-        randomGenerator.nextBytes(result);
-
-        if (useGMTUnixTime)
-        {
-            TlsUtils.writeGMTUnixTime(result, 0);
-        }
-
-        return result;
-    }
-
-    protected static byte[] createRenegotiationInfo(byte[] renegotiated_connection)
-        throws IOException
-    {
-        return TlsUtils.encodeOpaque8(renegotiated_connection);
-    }
-
-    protected static void establishMasterSecret(TlsContext context, TlsKeyExchange keyExchange)
-        throws IOException
-    {
-        byte[] pre_master_secret = keyExchange.generatePremasterSecret();
-
-        try
-        {
-            context.getSecurityParameters().masterSecret = TlsUtils.calculateMasterSecret(context, pre_master_secret);
-        }
-        finally
-        {
-            // TODO Is there a way to ensure the data is really overwritten?
-            /*
-             * RFC 2246 8.1. The pre_master_secret should be deleted from memory once the
-             * master_secret has been computed.
-             */
-            if (pre_master_secret != null)
-            {
-                Arrays.fill(pre_master_secret, (byte)0);
-            }
-        }
-    }
-
-    /**
-     * 'sender' only relevant to SSLv3
-     */
-    protected static byte[] getCurrentPRFHash(TlsContext context, TlsHandshakeHash handshakeHash, byte[] sslSender)
-    {
-        Digest d = handshakeHash.forkPRFHash();
-
-        if (sslSender != null && TlsUtils.isSSL(context))
-        {
-            d.update(sslSender, 0, sslSender.length);
-        }
-
-        byte[] bs = new byte[d.getDigestSize()];
-        d.doFinal(bs, 0);
-        return bs;
-    }
-
-    protected static Hashtable readExtensions(ByteArrayInputStream input)
-        throws IOException
-    {
-        if (input.available() < 1)
-        {
-            return null;
-        }
-
-        byte[] extBytes = TlsUtils.readOpaque16(input);
-
-        assertEmpty(input);
-
-        ByteArrayInputStream buf = new ByteArrayInputStream(extBytes);
-
-        // Integer -> byte[]
-        Hashtable extensions = new Hashtable();
-
-        while (buf.available() > 0)
-        {
-            Integer extension_type = Integers.valueOf(TlsUtils.readUint16(buf));
-            byte[] extension_data = TlsUtils.readOpaque16(buf);
-
-            /*
-             * RFC 3546 2.3 There MUST NOT be more than one extension of the same type.
-             */
-            if (null != extensions.put(extension_type, extension_data))
-            {
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-            }
-        }
-
-        return extensions;
-    }
-
-    protected static Vector readSupplementalDataMessage(ByteArrayInputStream input)
-        throws IOException
-    {
-        byte[] supp_data = TlsUtils.readOpaque24(input);
-
-        assertEmpty(input);
-
-        ByteArrayInputStream buf = new ByteArrayInputStream(supp_data);
-
-        Vector supplementalData = new Vector();
-
-        while (buf.available() > 0)
-        {
-            int supp_data_type = TlsUtils.readUint16(buf);
-            byte[] data = TlsUtils.readOpaque16(buf);
-
-            supplementalData.addElement(new SupplementalDataEntry(supp_data_type, data));
-        }
-
-        return supplementalData;
-    }
-
-    protected static void writeExtensions(OutputStream output, Hashtable extensions)
-        throws IOException
-    {
-        ByteArrayOutputStream buf = new ByteArrayOutputStream();
-
-        /*
-         * NOTE: There are reports of servers that don't accept a zero-length extension as the last
-         * one, so we write out any zero-length ones first as a best-effort workaround.
-         */
-        writeSelectedExtensions(buf, extensions, true);
-        writeSelectedExtensions(buf, extensions, false);
-
-        byte[] extBytes = buf.toByteArray();
-
-        TlsUtils.writeOpaque16(extBytes, output);
-    }
-
-    protected static void writeSelectedExtensions(OutputStream output, Hashtable extensions, boolean selectEmpty)
-        throws IOException
-    {
-        Enumeration keys = extensions.keys();
-        while (keys.hasMoreElements())
-        {
-            Integer key = (Integer)keys.nextElement();
-            int extension_type = key.intValue();
-            byte[] extension_data = (byte[])extensions.get(key);
-
-            if (selectEmpty == (extension_data.length == 0))
-            {
-                TlsUtils.checkUint16(extension_type);
-                TlsUtils.writeUint16(extension_type, output);
-                TlsUtils.writeOpaque16(extension_data, output);
-            }
-        }
-    }
-
-    protected static void writeSupplementalData(OutputStream output, Vector supplementalData)
-        throws IOException
-    {
-        ByteArrayOutputStream buf = new ByteArrayOutputStream();
-
-        for (int i = 0; i < supplementalData.size(); ++i)
-        {
-            SupplementalDataEntry entry = (SupplementalDataEntry)supplementalData.elementAt(i);
-
-            int supp_data_type = entry.getDataType();
-            TlsUtils.checkUint16(supp_data_type);
-            TlsUtils.writeUint16(supp_data_type, buf);
-            TlsUtils.writeOpaque16(entry.getData(), buf);
-        }
-
-        byte[] supp_data = buf.toByteArray();
-
-        TlsUtils.writeOpaque24(supp_data, output);
-    }
-
-    protected static int getPRFAlgorithm(TlsContext context, int ciphersuite) throws IOException
-    {
-        boolean isTLSv12 = TlsUtils.isTLSv12(context);
-
-        switch (ciphersuite)
-        {
-        case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CCM:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_128_OCB:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CCM:
-        case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_256_OCB:
-        case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM_8:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_128_OCB:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM_8:
-        case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_256_OCB:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_128_OCB:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8:
-        case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_256_OCB:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_128_OCB:
-        case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_256_OCB:
-        case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_128_OCB:
-        case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_256_OCB:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8:
-        case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8:
-        case CipherSuite.TLS_PSK_WITH_AES_128_CCM:
-        case CipherSuite.TLS_PSK_WITH_AES_128_CCM_8:
-        case CipherSuite.TLS_PSK_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.DRAFT_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.DRAFT_TLS_PSK_WITH_AES_128_OCB:
-        case CipherSuite.TLS_PSK_WITH_AES_256_CCM:
-        case CipherSuite.TLS_PSK_WITH_AES_256_CCM_8:
-        case CipherSuite.DRAFT_TLS_PSK_WITH_AES_256_OCB:
-        case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_RSA_PSK_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.DRAFT_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_RSA_WITH_AES_128_CCM:
-        case CipherSuite.TLS_RSA_WITH_AES_128_CCM_8:
-        case CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_RSA_WITH_AES_256_CCM:
-        case CipherSuite.TLS_RSA_WITH_AES_256_CCM_8:
-        case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_RSA_WITH_NULL_SHA256:
-        {
-            if (isTLSv12)
-            {
-                return PRFAlgorithm.tls_prf_sha256;
-            }
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-
-        case CipherSuite.TLS_DH_anon_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_DH_DSS_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_DH_RSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_PSK_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_RSA_PSK_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-        {
-            if (isTLSv12)
-            {
-                return PRFAlgorithm.tls_prf_sha384;
-            }
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA384:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA384:
-        case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_PSK_WITH_NULL_SHA384:
-        case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA384:
-        {
-            if (isTLSv12)
-            {
-                return PRFAlgorithm.tls_prf_sha384;
-            }
-            return PRFAlgorithm.tls_prf_legacy;
-        }
-
-        default:
-        {
-            if (isTLSv12)
-            {
-                return PRFAlgorithm.tls_prf_sha256;
-            }
-            return PRFAlgorithm.tls_prf_legacy;
-        }
-        }
-    }
-
-    class HandshakeMessage extends ByteArrayOutputStream
-    {
-        HandshakeMessage(short handshakeType) throws IOException
-        {
-            this(handshakeType, 60);
-        }
-
-        HandshakeMessage(short handshakeType, int length) throws IOException
-        {
-            super(length + 4);
-            TlsUtils.writeUint8(handshakeType, this);
-            // Reserve space for length
-            count += 3;
-        }
-
-        void writeToRecordStream() throws IOException
-        {
-            // Patch actual length back in
-            int length = count - 4;
-            TlsUtils.checkUint24(length);
-            TlsUtils.writeUint24(length, buf, 1);
-            writeHandshakeMessage(buf, 0, count);
-            buf = null;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsRSAKeyExchange.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsRSAKeyExchange.java
deleted file mode 100644
index 3efdd6c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsRSAKeyExchange.java
+++ /dev/null

@@ -1,191 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.util.Vector;
-
-import org.bouncycastle.asn1.x509.KeyUsage;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.crypto.util.PublicKeyFactory;
-import org.bouncycastle.util.io.Streams;
-
-/**
- * (D)TLS and SSLv3 RSA key exchange.
- */
-public class TlsRSAKeyExchange
-    extends AbstractTlsKeyExchange
-{
-    protected AsymmetricKeyParameter serverPublicKey = null;
-
-    protected RSAKeyParameters rsaServerPublicKey = null;
-
-    protected TlsEncryptionCredentials serverCredentials = null;
-
-    protected byte[] premasterSecret;
-
-    public TlsRSAKeyExchange(Vector supportedSignatureAlgorithms)
-    {
-        super(KeyExchangeAlgorithm.RSA, supportedSignatureAlgorithms);
-    }
-
-    public void skipServerCredentials()
-        throws IOException
-    {
-        throw new TlsFatalAlert(AlertDescription.unexpected_message);
-    }
-
-    public void processServerCredentials(TlsCredentials serverCredentials)
-        throws IOException
-    {
-        if (!(serverCredentials instanceof TlsEncryptionCredentials))
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        processServerCertificate(serverCredentials.getCertificate());
-
-        this.serverCredentials = (TlsEncryptionCredentials)serverCredentials;
-    }
-
-    public void processServerCertificate(Certificate serverCertificate)
-        throws IOException
-    {
-        if (serverCertificate.isEmpty())
-        {
-            throw new TlsFatalAlert(AlertDescription.bad_certificate);
-        }
-
-        org.bouncycastle.asn1.x509.Certificate x509Cert = serverCertificate.getCertificateAt(0);
-
-        SubjectPublicKeyInfo keyInfo = x509Cert.getSubjectPublicKeyInfo();
-        try
-        {
-            this.serverPublicKey = PublicKeyFactory.createKey(keyInfo);
-        }
-        catch (RuntimeException e)
-        {
-            throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e);
-        }
-
-        // Sanity check the PublicKeyFactory
-        if (this.serverPublicKey.isPrivate())
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        this.rsaServerPublicKey = validateRSAPublicKey((RSAKeyParameters)this.serverPublicKey);
-
-        TlsUtils.validateKeyUsage(x509Cert, KeyUsage.keyEncipherment);
-
-        super.processServerCertificate(serverCertificate);
-    }
-
-    public void validateCertificateRequest(CertificateRequest certificateRequest)
-        throws IOException
-    {
-        short[] types = certificateRequest.getCertificateTypes();
-        for (int i = 0; i < types.length; ++i)
-        {
-            switch (types[i])
-            {
-            case ClientCertificateType.rsa_sign:
-            case ClientCertificateType.dss_sign:
-            case ClientCertificateType.ecdsa_sign:
-                break;
-            default:
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-            }
-        }
-    }
-
-    public void processClientCredentials(TlsCredentials clientCredentials)
-        throws IOException
-    {
-        if (!(clientCredentials instanceof TlsSignerCredentials))
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    public void generateClientKeyExchange(OutputStream output)
-        throws IOException
-    {
-        this.premasterSecret = TlsRSAUtils.generateEncryptedPreMasterSecret(context, rsaServerPublicKey, output);
-    }
-
-    public void processClientKeyExchange(InputStream input)
-        throws IOException
-    {
-        byte[] encryptedPreMasterSecret;
-        if (TlsUtils.isSSL(context))
-        {
-            // TODO Do any SSLv3 clients actually include the length?
-            encryptedPreMasterSecret = Streams.readAll(input);
-        }
-        else
-        {
-            encryptedPreMasterSecret = TlsUtils.readOpaque16(input);
-        }
-
-        this.premasterSecret = serverCredentials.decryptPreMasterSecret(encryptedPreMasterSecret);
-    }
-
-    public byte[] generatePremasterSecret()
-        throws IOException
-    {
-        if (this.premasterSecret == null)
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        byte[] tmp = this.premasterSecret;
-        this.premasterSecret = null;
-        return tmp;
-    }
-
-    // Would be needed to process RSA_EXPORT server key exchange
-    // protected void processRSAServerKeyExchange(InputStream is, Signer signer) throws IOException
-    // {
-    // InputStream sigIn = is;
-    // if (signer != null)
-    // {
-    // sigIn = new SignerInputStream(is, signer);
-    // }
-    //
-    // byte[] modulusBytes = TlsUtils.readOpaque16(sigIn);
-    // byte[] exponentBytes = TlsUtils.readOpaque16(sigIn);
-    //
-    // if (signer != null)
-    // {
-    // byte[] sigByte = TlsUtils.readOpaque16(is);
-    //
-    // if (!signer.verifySignature(sigByte))
-    // {
-    // handler.failWithError(AlertLevel.fatal, AlertDescription.bad_certificate);
-    // }
-    // }
-    //
-    // BigInteger modulus = new BigInteger(1, modulusBytes);
-    // BigInteger exponent = new BigInteger(1, exponentBytes);
-    //
-    // this.rsaServerPublicKey = validateRSAPublicKey(new RSAKeyParameters(false, modulus,
-    // exponent));
-    // }
-
-    protected RSAKeyParameters validateRSAPublicKey(RSAKeyParameters key)
-        throws IOException
-    {
-        // TODO What is the minimum bit length required?
-        // key.getModulus().bitLength();
-
-        if (!key.getExponent().isProbablePrime(2))
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-
-        return key;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsRSASigner.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsRSASigner.java
deleted file mode 100644
index 2bd955c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsRSASigner.java
+++ /dev/null

@@ -1,112 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import org.bouncycastle.crypto.AsymmetricBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.digests.NullDigest;
-import org.bouncycastle.crypto.encodings.PKCS1Encoding;
-import org.bouncycastle.crypto.engines.RSABlindedEngine;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.crypto.signers.GenericSigner;
-import org.bouncycastle.crypto.signers.RSADigestSigner;
-
-public class TlsRSASigner
-    extends AbstractTlsSigner
-{
-    public byte[] generateRawSignature(SignatureAndHashAlgorithm algorithm,
-        AsymmetricKeyParameter privateKey, byte[] hash)
-        throws CryptoException
-    {
-        Signer signer = makeSigner(algorithm, true, true,
-            new ParametersWithRandom(privateKey, this.context.getSecureRandom()));
-        signer.update(hash, 0, hash.length);
-        return signer.generateSignature();
-    }
-
-    public boolean verifyRawSignature(SignatureAndHashAlgorithm algorithm, byte[] sigBytes,
-        AsymmetricKeyParameter publicKey, byte[] hash)
-        throws CryptoException
-    {
-        Signer signer = makeSigner(algorithm, true, false, publicKey);
-        signer.update(hash, 0, hash.length);
-        return signer.verifySignature(sigBytes);
-    }
-
-    public Signer createSigner(SignatureAndHashAlgorithm algorithm, AsymmetricKeyParameter privateKey)
-    {
-        return makeSigner(algorithm, false, true, new ParametersWithRandom(privateKey, this.context.getSecureRandom()));
-    }
-
-    public Signer createVerifyer(SignatureAndHashAlgorithm algorithm, AsymmetricKeyParameter publicKey)
-    {
-        return makeSigner(algorithm, false, false, publicKey);
-    }
-
-    public boolean isValidPublicKey(AsymmetricKeyParameter publicKey)
-    {
-        return publicKey instanceof RSAKeyParameters && !publicKey.isPrivate();
-    }
-
-    protected Signer makeSigner(SignatureAndHashAlgorithm algorithm, boolean raw, boolean forSigning,
-        CipherParameters cp)
-    {
-        if ((algorithm != null) != TlsUtils.isTLSv12(context))
-        {
-            throw new IllegalStateException();
-        }
-
-        if (algorithm != null && algorithm.getSignature() != SignatureAlgorithm.rsa)
-        {
-            throw new IllegalStateException();
-        }
-
-        Digest d;
-        if (raw)
-        {
-            d = new NullDigest();
-        }
-        else if (algorithm == null)
-        {
-            d = new CombinedHash();
-        }
-        else
-        {
-            d = TlsUtils.createHash(algorithm.getHash());
-        }
-
-        Signer s;
-        if (algorithm != null)
-        {
-            /*
-             * RFC 5246 4.7. In RSA signing, the opaque vector contains the signature generated
-             * using the RSASSA-PKCS1-v1_5 signature scheme defined in [PKCS1].
-             */
-            s = new RSADigestSigner(d, TlsUtils.getOIDForHashAlgorithm(algorithm.getHash()));
-        }
-        else
-        {
-            /*
-             * RFC 5246 4.7. Note that earlier versions of TLS used a different RSA signature scheme
-             * that did not include a DigestInfo encoding.
-             */
-            s = new GenericSigner(createRSAImpl(), d);
-        }
-        s.init(forSigning, cp);
-        return s;
-    }
-
-    protected AsymmetricBlockCipher createRSAImpl()
-    {
-        /*
-         * RFC 5246 7.4.7.1. Implementation note: It is now known that remote timing-based attacks
-         * on TLS are possible, at least when the client and server are on the same LAN.
-         * Accordingly, implementations that use static RSA keys MUST use RSA blinding or some other
-         * anti-timing technique, as described in [TIMING].
-         */
-        return new PKCS1Encoding(new RSABlindedEngine());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsRSAUtils.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsRSAUtils.java
deleted file mode 100644
index 99f1fb3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsRSAUtils.java
+++ /dev/null

@@ -1,131 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-import java.io.OutputStream;
-
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.encodings.PKCS1Encoding;
-import org.bouncycastle.crypto.engines.RSABlindedEngine;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.util.Arrays;
-
-public class TlsRSAUtils
-{
-    public static byte[] generateEncryptedPreMasterSecret(TlsContext context, RSAKeyParameters rsaServerPublicKey,
-        OutputStream output) throws IOException
-    {
-        /*
-         * Choose a PremasterSecret and send it encrypted to the server
-         */
-        byte[] premasterSecret = new byte[48];
-        context.getSecureRandom().nextBytes(premasterSecret);
-        TlsUtils.writeVersion(context.getClientVersion(), premasterSecret, 0);
-
-        PKCS1Encoding encoding = new PKCS1Encoding(new RSABlindedEngine());
-        encoding.init(true, new ParametersWithRandom(rsaServerPublicKey, context.getSecureRandom()));
-
-        try
-        {
-            byte[] encryptedPreMasterSecret = encoding.processBlock(premasterSecret, 0, premasterSecret.length);
-
-            if (TlsUtils.isSSL(context))
-            {
-                // TODO Do any SSLv3 servers actually expect the length?
-                output.write(encryptedPreMasterSecret);
-            }
-            else
-            {
-                TlsUtils.writeOpaque16(encryptedPreMasterSecret, output);
-            }
-        }
-        catch (InvalidCipherTextException e)
-        {
-            /*
-             * This should never happen, only during decryption.
-             */
-            throw new TlsFatalAlert(AlertDescription.internal_error, e);
-        }
-
-        return premasterSecret;
-    }
-
-    public static byte[] safeDecryptPreMasterSecret(TlsContext context, RSAKeyParameters rsaServerPrivateKey,
-        byte[] encryptedPreMasterSecret)
-    {
-        /*
-         * RFC 5246 7.4.7.1.
-         */
-        ProtocolVersion clientVersion = context.getClientVersion();
-
-        // TODO Provide as configuration option?
-        boolean versionNumberCheckDisabled = false;
-
-        /*
-         * Generate 48 random bytes we can use as a Pre-Master-Secret, if the
-         * PKCS1 padding check should fail.
-         */
-        byte[] fallback = new byte[48];
-        context.getSecureRandom().nextBytes(fallback);
-
-        byte[] M = Arrays.clone(fallback);
-        try
-        {
-            PKCS1Encoding encoding = new PKCS1Encoding(new RSABlindedEngine(), fallback);
-            encoding.init(false,
-                new ParametersWithRandom(rsaServerPrivateKey, context.getSecureRandom()));
-
-            M = encoding.processBlock(encryptedPreMasterSecret, 0, encryptedPreMasterSecret.length);
-        }
-        catch (Exception e)
-        {
-            /*
-             * This should never happen since the decryption should never throw an exception
-             * and return a random value instead.
-             *
-             * In any case, a TLS server MUST NOT generate an alert if processing an
-             * RSA-encrypted premaster secret message fails, or the version number is not as
-             * expected. Instead, it MUST continue the handshake with a randomly generated
-             * premaster secret.
-             */
-        }
-
-        /*
-         * If ClientHello.client_version is TLS 1.1 or higher, server implementations MUST
-         * check the version number [..].
-         */
-        if (versionNumberCheckDisabled && clientVersion.isEqualOrEarlierVersionOf(ProtocolVersion.TLSv10))
-        {
-            /*
-             * If the version number is TLS 1.0 or earlier, server
-             * implementations SHOULD check the version number, but MAY have a
-             * configuration option to disable the check.
-             *
-             * So there is nothing to do here.
-             */
-        }
-        else
-        {
-            /*
-             * OK, we need to compare the version number in the decrypted Pre-Master-Secret with the
-             * clientVersion received during the handshake. If they don't match, we replace the
-             * decrypted Pre-Master-Secret with a random one.
-             */
-            int correct = (clientVersion.getMajorVersion() ^ (M[0] & 0xff))
-                | (clientVersion.getMinorVersion() ^ (M[1] & 0xff));
-            correct |= correct >> 1;
-            correct |= correct >> 2;
-            correct |= correct >> 4;
-            int mask = ~((correct & 1) - 1);
-
-            /*
-             * mask will be all bits set to 0xff if the version number differed.
-             */
-            for (int i = 0; i < 48; i++)
-            {
-                M[i] = (byte)((M[i] & (~mask)) | (fallback[i] & mask));
-            }
-        }
-        return M;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSRPGroupVerifier.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSRPGroupVerifier.java
deleted file mode 100644
index 81767d1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSRPGroupVerifier.java
+++ /dev/null

@@ -1,14 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import org.bouncycastle.crypto.params.SRP6GroupParameters;
-
-public interface TlsSRPGroupVerifier
-{
-    /**
-     * Check whether the given SRP group parameters are acceptable for use.
-     * 
-     * @param group the {@link SRP6GroupParameters} to check
-     * @return true if (and only if) the specified group parameters are acceptable
-     */
-    boolean accept(SRP6GroupParameters group);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSRPIdentityManager.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSRPIdentityManager.java
deleted file mode 100644
index fbf50b1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSRPIdentityManager.java
+++ /dev/null

@@ -1,18 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-public interface TlsSRPIdentityManager
-{
-    /**
-     * Lookup the {@link TlsSRPLoginParameters} corresponding to the specified identity.
-     * 
-     * NOTE: To avoid "identity probing", unknown identities SHOULD be handled as recommended in RFC
-     * 5054 2.5.1.3. {@link SimulatedTlsSRPIdentityManager} is provided for this purpose.
-     * 
-     * @param identity
-     *            the SRP identity sent by the connecting client
-     * @return the {@link TlsSRPLoginParameters} for the specified identity, or else 'simulated'
-     *         parameters if the identity is not recognized. A null value is also allowed, but not
-     *         recommended.
-     */
-    TlsSRPLoginParameters getLoginParameters(byte[] identity);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSRPKeyExchange.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSRPKeyExchange.java
deleted file mode 100644
index a026132..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSRPKeyExchange.java
+++ /dev/null

@@ -1,312 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.math.BigInteger;
-import java.util.Vector;
-
-import org.bouncycastle.asn1.x509.KeyUsage;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.agreement.srp.SRP6Client;
-import org.bouncycastle.crypto.agreement.srp.SRP6Server;
-import org.bouncycastle.crypto.agreement.srp.SRP6Util;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.SRP6GroupParameters;
-import org.bouncycastle.crypto.util.PublicKeyFactory;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.BigIntegers;
-import org.bouncycastle.util.io.TeeInputStream;
-
-/**
- * (D)TLS SRP key exchange (RFC 5054).
- */
-public class TlsSRPKeyExchange extends AbstractTlsKeyExchange
-{
-    protected static TlsSigner createSigner(int keyExchange)
-    {
-        switch (keyExchange)
-        {
-        case KeyExchangeAlgorithm.SRP:
-            return null;
-        case KeyExchangeAlgorithm.SRP_RSA:
-            return new TlsRSASigner();
-        case KeyExchangeAlgorithm.SRP_DSS:
-            return new TlsDSSSigner();
-        default:
-            throw new IllegalArgumentException("unsupported key exchange algorithm");
-        }
-    }
-    
-    protected TlsSigner tlsSigner;
-    protected TlsSRPGroupVerifier groupVerifier;
-    protected byte[] identity;
-    protected byte[] password;
-
-    protected AsymmetricKeyParameter serverPublicKey = null;
-
-    protected SRP6GroupParameters srpGroup = null;
-    protected SRP6Client srpClient = null;
-    protected SRP6Server srpServer = null;
-    protected BigInteger srpPeerCredentials = null;
-    protected BigInteger srpVerifier = null;
-    protected byte[] srpSalt = null;
-
-    protected TlsSignerCredentials serverCredentials = null;
-
-    /**
-     * @deprecated Use constructor taking an explicit 'groupVerifier' argument
-     */
-    public TlsSRPKeyExchange(int keyExchange, Vector supportedSignatureAlgorithms, byte[] identity, byte[] password)
-    {
-        this(keyExchange, supportedSignatureAlgorithms, new DefaultTlsSRPGroupVerifier(), identity, password);
-    }
-
-    public TlsSRPKeyExchange(int keyExchange, Vector supportedSignatureAlgorithms, TlsSRPGroupVerifier groupVerifier,
-        byte[] identity, byte[] password)
-    {
-        super(keyExchange, supportedSignatureAlgorithms);
-
-        this.tlsSigner = createSigner(keyExchange);
-        this.groupVerifier = groupVerifier;
-        this.identity = identity;
-        this.password = password;
-        this.srpClient = new SRP6Client();
-    }
-
-    public TlsSRPKeyExchange(int keyExchange, Vector supportedSignatureAlgorithms, byte[] identity,
-        TlsSRPLoginParameters loginParameters)
-    {
-        super(keyExchange, supportedSignatureAlgorithms);
-
-        this.tlsSigner = createSigner(keyExchange);
-        this.identity = identity;
-        this.srpServer = new SRP6Server();
-        this.srpGroup = loginParameters.getGroup();
-        this.srpVerifier = loginParameters.getVerifier();
-        this.srpSalt = loginParameters.getSalt();
-    }
-
-    public void init(TlsContext context)
-    {
-        super.init(context);
-
-        if (this.tlsSigner != null)
-        {
-            this.tlsSigner.init(context);
-        }
-    }
-
-    public void skipServerCredentials() throws IOException
-    {
-        if (tlsSigner != null)
-        {
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-    }
-
-    public void processServerCertificate(Certificate serverCertificate) throws IOException
-    {
-        if (tlsSigner == null)
-        {
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-        if (serverCertificate.isEmpty())
-        {
-            throw new TlsFatalAlert(AlertDescription.bad_certificate);
-        }
-
-        org.bouncycastle.asn1.x509.Certificate x509Cert = serverCertificate.getCertificateAt(0);
-
-        SubjectPublicKeyInfo keyInfo = x509Cert.getSubjectPublicKeyInfo();
-        try
-        {
-            this.serverPublicKey = PublicKeyFactory.createKey(keyInfo);
-        }
-        catch (RuntimeException e)
-        {
-            throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e);
-        }
-
-        if (!tlsSigner.isValidPublicKey(this.serverPublicKey))
-        {
-            throw new TlsFatalAlert(AlertDescription.certificate_unknown);
-        }
-
-        TlsUtils.validateKeyUsage(x509Cert, KeyUsage.digitalSignature);
-
-        super.processServerCertificate(serverCertificate);
-    }
-
-    public void processServerCredentials(TlsCredentials serverCredentials)
-        throws IOException
-    {
-        if ((keyExchange == KeyExchangeAlgorithm.SRP) || !(serverCredentials instanceof TlsSignerCredentials))
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        processServerCertificate(serverCredentials.getCertificate());
-
-        this.serverCredentials = (TlsSignerCredentials)serverCredentials;
-    }
-
-    public boolean requiresServerKeyExchange()
-    {
-        return true;
-    }
-
-    public byte[] generateServerKeyExchange() throws IOException
-    {
-        srpServer.init(srpGroup, srpVerifier, TlsUtils.createHash(HashAlgorithm.sha1), context.getSecureRandom());
-        BigInteger B = srpServer.generateServerCredentials();
-
-        ServerSRPParams srpParams = new ServerSRPParams(srpGroup.getN(), srpGroup.getG(), srpSalt, B);
-
-        DigestInputBuffer buf = new DigestInputBuffer();
-
-        srpParams.encode(buf);
-
-        if (serverCredentials != null)
-        {
-            /*
-             * RFC 5246 4.7. digitally-signed element needs SignatureAndHashAlgorithm from TLS 1.2
-             */
-            SignatureAndHashAlgorithm signatureAndHashAlgorithm = TlsUtils.getSignatureAndHashAlgorithm(
-                context, serverCredentials);
-
-            Digest d = TlsUtils.createHash(signatureAndHashAlgorithm);
-
-            SecurityParameters securityParameters = context.getSecurityParameters();
-            d.update(securityParameters.clientRandom, 0, securityParameters.clientRandom.length);
-            d.update(securityParameters.serverRandom, 0, securityParameters.serverRandom.length);
-            buf.updateDigest(d);
-
-            byte[] hash = new byte[d.getDigestSize()];
-            d.doFinal(hash, 0);
-
-            byte[] signature = serverCredentials.generateCertificateSignature(hash);
-
-            DigitallySigned signed_params = new DigitallySigned(signatureAndHashAlgorithm, signature);
-            signed_params.encode(buf);
-        }
-
-        return buf.toByteArray();
-    }
-
-    public void processServerKeyExchange(InputStream input) throws IOException
-    {
-        SecurityParameters securityParameters = context.getSecurityParameters();
-
-        SignerInputBuffer buf = null;
-        InputStream teeIn = input;
-
-        if (tlsSigner != null)
-        {
-            buf = new SignerInputBuffer();
-            teeIn = new TeeInputStream(input, buf);
-        }
-
-        ServerSRPParams srpParams = ServerSRPParams.parse(teeIn);
-
-        if (buf != null)
-        {
-            DigitallySigned signed_params = parseSignature(input);
-
-            Signer signer = initVerifyer(tlsSigner, signed_params.getAlgorithm(), securityParameters);
-            buf.updateSigner(signer);
-            if (!signer.verifySignature(signed_params.getSignature()))
-            {
-                throw new TlsFatalAlert(AlertDescription.decrypt_error);
-            }
-        }
-
-        this.srpGroup = new SRP6GroupParameters(srpParams.getN(), srpParams.getG());
-
-        if (!groupVerifier.accept(srpGroup))
-        {
-            throw new TlsFatalAlert(AlertDescription.insufficient_security);
-        }
-
-        this.srpSalt = srpParams.getS();
-
-        /*
-         * RFC 5054 2.5.3: The client MUST abort the handshake with an "illegal_parameter" alert if
-         * B % N = 0.
-         */
-        try
-        {
-            this.srpPeerCredentials = SRP6Util.validatePublicValue(srpGroup.getN(), srpParams.getB());
-        }
-        catch (CryptoException e)
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter, e);
-        }
-
-        this.srpClient.init(srpGroup, TlsUtils.createHash(HashAlgorithm.sha1), context.getSecureRandom());
-    }
-
-    public void validateCertificateRequest(CertificateRequest certificateRequest) throws IOException
-    {
-        throw new TlsFatalAlert(AlertDescription.unexpected_message);
-    }
-
-    public void processClientCredentials(TlsCredentials clientCredentials) throws IOException
-    {
-        throw new TlsFatalAlert(AlertDescription.internal_error);
-    }
-
-    public void generateClientKeyExchange(OutputStream output) throws IOException
-    {
-        BigInteger A = srpClient.generateClientCredentials(srpSalt, identity, password);
-        TlsSRPUtils.writeSRPParameter(A, output);
-
-        context.getSecurityParameters().srpIdentity = Arrays.clone(identity);
-    }
-
-    public void processClientKeyExchange(InputStream input) throws IOException
-    {
-        /*
-         * RFC 5054 2.5.4: The server MUST abort the handshake with an "illegal_parameter" alert if
-         * A % N = 0.
-         */
-        try
-        {
-            this.srpPeerCredentials = SRP6Util.validatePublicValue(srpGroup.getN(), TlsSRPUtils.readSRPParameter(input));
-        }
-        catch (CryptoException e)
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter, e);
-        }
-
-        context.getSecurityParameters().srpIdentity = Arrays.clone(identity);
-    }
-
-    public byte[] generatePremasterSecret() throws IOException
-    {
-        try
-        {
-            BigInteger S = srpServer != null
-                ?   srpServer.calculateSecret(srpPeerCredentials)
-                :   srpClient.calculateSecret(srpPeerCredentials);
-
-            // TODO Check if this needs to be a fixed size
-            return BigIntegers.asUnsignedByteArray(S);
-        }
-        catch (CryptoException e)
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter, e);
-        }
-    }
-
-    protected Signer initVerifyer(TlsSigner tlsSigner, SignatureAndHashAlgorithm algorithm, SecurityParameters securityParameters)
-    {
-        Signer signer = tlsSigner.createVerifyer(algorithm, this.serverPublicKey);
-        signer.update(securityParameters.clientRandom, 0, securityParameters.clientRandom.length);
-        signer.update(securityParameters.serverRandom, 0, securityParameters.serverRandom.length);
-        return signer;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSRPLoginParameters.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSRPLoginParameters.java
deleted file mode 100644
index 45ef192..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSRPLoginParameters.java
+++ /dev/null

@@ -1,34 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.params.SRP6GroupParameters;
-
-public class TlsSRPLoginParameters
-{
-    protected SRP6GroupParameters group;
-    protected BigInteger verifier;
-    protected byte[] salt;
-
-    public TlsSRPLoginParameters(SRP6GroupParameters group, BigInteger verifier, byte[] salt)
-    {
-        this.group = group;
-        this.verifier = verifier;
-        this.salt = salt;
-    }
-
-    public SRP6GroupParameters getGroup()
-    {
-        return group;
-    }
-
-    public byte[] getSalt()
-    {
-        return salt;
-    }
-
-    public BigInteger getVerifier()
-    {
-        return verifier;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSRPUtils.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSRPUtils.java
deleted file mode 100644
index 941d13b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSRPUtils.java
+++ /dev/null

@@ -1,82 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.math.BigInteger;
-import java.util.Hashtable;
-
-import org.bouncycastle.util.BigIntegers;
-import org.bouncycastle.util.Integers;
-
-public class TlsSRPUtils
-{
-    public static final Integer EXT_SRP = Integers.valueOf(ExtensionType.srp);
-
-    public static void addSRPExtension(Hashtable extensions, byte[] identity) throws IOException
-    {
-        extensions.put(EXT_SRP, createSRPExtension(identity));
-    }
-
-    public static byte[] getSRPExtension(Hashtable extensions) throws IOException
-    {
-        byte[] extensionData = TlsUtils.getExtensionData(extensions, EXT_SRP);
-        return extensionData == null ? null : readSRPExtension(extensionData);
-    }
-
-    public static byte[] createSRPExtension(byte[] identity) throws IOException
-    {
-        if (identity == null)
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        return TlsUtils.encodeOpaque8(identity);
-    }
-
-    public static byte[] readSRPExtension(byte[] extensionData) throws IOException
-    {
-        if (extensionData == null)
-        {
-            throw new IllegalArgumentException("'extensionData' cannot be null");
-        }
-
-        ByteArrayInputStream buf = new ByteArrayInputStream(extensionData);
-        byte[] identity = TlsUtils.readOpaque8(buf);
-
-        TlsProtocol.assertEmpty(buf);
-
-        return identity;
-    }
-
-    public static BigInteger readSRPParameter(InputStream input) throws IOException
-    {
-        return new BigInteger(1, TlsUtils.readOpaque16(input));
-    }
-
-    public static void writeSRPParameter(BigInteger x, OutputStream output) throws IOException
-    {
-        TlsUtils.writeOpaque16(BigIntegers.asUnsignedByteArray(x), output);
-    }
-
-    public static boolean isSRPCipherSuite(int cipherSuite)
-    {
-        switch (cipherSuite)
-        {
-        case CipherSuite.TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA:
-            return true;
-
-        default:
-            return false;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSRTPUtils.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSRTPUtils.java
deleted file mode 100644
index da98b7a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSRTPUtils.java
+++ /dev/null

@@ -1,74 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.util.Hashtable;
-
-import org.bouncycastle.util.Integers;
-
-/**
- * RFC 5764 DTLS Extension to Establish Keys for SRTP.
- */
-public class TlsSRTPUtils
-{
-    public static final Integer EXT_use_srtp = Integers.valueOf(ExtensionType.use_srtp);
-
-    public static void addUseSRTPExtension(Hashtable extensions, UseSRTPData useSRTPData)
-        throws IOException
-    {
-        extensions.put(EXT_use_srtp, createUseSRTPExtension(useSRTPData));
-    }
-
-    public static UseSRTPData getUseSRTPExtension(Hashtable extensions)
-        throws IOException
-    {
-        byte[] extensionData = TlsUtils.getExtensionData(extensions, EXT_use_srtp);
-        return extensionData == null ? null : readUseSRTPExtension(extensionData);
-    }
-
-    public static byte[] createUseSRTPExtension(UseSRTPData useSRTPData)
-        throws IOException
-    {
-        if (useSRTPData == null)
-        {
-            throw new IllegalArgumentException("'useSRTPData' cannot be null");
-        }
-
-        ByteArrayOutputStream buf = new ByteArrayOutputStream();
-
-        // SRTPProtectionProfiles
-        TlsUtils.writeUint16ArrayWithUint16Length(useSRTPData.getProtectionProfiles(), buf);
-
-        // srtp_mki
-        TlsUtils.writeOpaque8(useSRTPData.getMki(), buf);
-
-        return buf.toByteArray();
-    }
-
-    public static UseSRTPData readUseSRTPExtension(byte[] extensionData)
-        throws IOException
-    {
-        if (extensionData == null)
-        {
-            throw new IllegalArgumentException("'extensionData' cannot be null");
-        }
-
-        ByteArrayInputStream buf = new ByteArrayInputStream(extensionData);
-
-        // SRTPProtectionProfiles
-        int length = TlsUtils.readUint16(buf);
-        if (length < 2 || (length & 1) != 0)
-        {
-            throw new TlsFatalAlert(AlertDescription.decode_error);
-        }
-        int[] protectionProfiles = TlsUtils.readUint16Array(length / 2, buf);
-
-        // srtp_mki
-        byte[] mki = TlsUtils.readOpaque8(buf);
-
-        TlsProtocol.assertEmpty(buf);
-
-        return new UseSRTPData(protectionProfiles, mki);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsServer.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsServer.java
deleted file mode 100644
index 5e5883a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsServer.java
+++ /dev/null

@@ -1,95 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-import java.util.Hashtable;
-import java.util.Vector;
-
-/**
- * Interface describing a TLS server endpoint.
- */
-public interface TlsServer
-    extends TlsPeer
-{
-    void init(TlsServerContext context);
-
-    void notifyClientVersion(ProtocolVersion clientVersion) throws IOException;
-
-    void notifyFallback(boolean isFallback) throws IOException;
-
-    void notifyOfferedCipherSuites(int[] offeredCipherSuites)
-        throws IOException;
-
-    void notifyOfferedCompressionMethods(short[] offeredCompressionMethods)
-        throws IOException;
-
-    // Hashtable is (Integer -> byte[])
-    void processClientExtensions(Hashtable clientExtensions)
-        throws IOException;
-
-    ProtocolVersion getServerVersion()
-        throws IOException;
-
-    int getSelectedCipherSuite()
-        throws IOException;
-
-    short getSelectedCompressionMethod()
-        throws IOException;
-
-    // Hashtable is (Integer -> byte[])
-    Hashtable getServerExtensions()
-        throws IOException;
-
-    // Vector is (SupplementalDataEntry)
-    Vector getServerSupplementalData()
-        throws IOException;
-
-    TlsCredentials getCredentials()
-        throws IOException;
-
-    /**
-     * This method will be called (only) if the server included an extension of type
-     * "status_request" with empty "extension_data" in the extended server hello. See <i>RFC 3546
-     * 3.6. Certificate Status Request</i>. If a non-null {@link CertificateStatus} is returned, it
-     * is sent to the client as a handshake message of type "certificate_status".
-     * 
-     * @return A {@link CertificateStatus} to be sent to the client (or null for none).
-     * @throws IOException
-     */
-    CertificateStatus getCertificateStatus()
-        throws IOException;
-
-    TlsKeyExchange getKeyExchange()
-        throws IOException;
-
-    CertificateRequest getCertificateRequest()
-        throws IOException;
-
-    // Vector is (SupplementalDataEntry)
-    void processClientSupplementalData(Vector clientSupplementalData)
-        throws IOException;
-
-    /**
-     * Called by the protocol handler to report the client certificate, only if
-     * {@link #getCertificateRequest()} returned non-null.
-     * 
-     * Note: this method is responsible for certificate verification and validation.
-     * 
-     * @param clientCertificate
-     *            the effective client certificate (may be an empty chain).
-     * @throws IOException
-     */
-    void notifyClientCertificate(Certificate clientCertificate)
-        throws IOException;
-
-    /**
-     * RFC 5077 3.3. NewSessionTicket Handshake Message.
-     * <p>
-     * This method will be called (only) if a NewSessionTicket extension was sent by the server. See
-     * <i>RFC 5077 4. Recommended Ticket Construction</i> for recommended format and protection.
-     *
-     * @return The ticket.
-     * @throws IOException
-     */
-    NewSessionTicket getNewSessionTicket()
-        throws IOException;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsServerContext.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsServerContext.java
deleted file mode 100644
index 1698856..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsServerContext.java
+++ /dev/null

@@ -1,9 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/**
- * Marker interface to distinguish a TLS server context.
- */
-public interface TlsServerContext
-    extends TlsContext
-{
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsServerContextImpl.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsServerContextImpl.java
deleted file mode 100644
index 48f028a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsServerContextImpl.java
+++ /dev/null

@@ -1,18 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.security.SecureRandom;
-
-class TlsServerContextImpl
-    extends AbstractTlsContext
-    implements TlsServerContext
-{
-    TlsServerContextImpl(SecureRandom secureRandom, SecurityParameters securityParameters)
-    {
-        super(secureRandom, securityParameters);
-    }
-
-    public boolean isServer()
-    {
-        return true;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java
deleted file mode 100644
index ed98708..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsServerProtocol.java
+++ /dev/null

@@ -1,871 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.security.SecureRandom;
-import java.util.Vector;
-
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.util.PublicKeyFactory;
-import org.bouncycastle.util.Arrays;
-
-public class TlsServerProtocol
-    extends TlsProtocol
-{
-    protected TlsServer tlsServer = null;
-    TlsServerContextImpl tlsServerContext = null;
-
-    protected TlsKeyExchange keyExchange = null;
-    protected TlsCredentials serverCredentials = null;
-    protected CertificateRequest certificateRequest = null;
-
-    protected short clientCertificateType = -1;
-    protected TlsHandshakeHash prepareFinishHash = null;
-
-    /**
-     * Constructor for blocking mode.
-     * @param input The stream of data from the client
-     * @param output The stream of data to the client
-     * @param secureRandom Random number generator for various cryptographic functions
-     */
-    public TlsServerProtocol(InputStream input, OutputStream output, SecureRandom secureRandom)
-    {
-        super(input, output, secureRandom);
-    }
-
-    /**
-     * Constructor for non-blocking mode.<br>
-     * <br>
-     * When data is received, use {@link #offerInput(byte[])} to provide the received ciphertext,
-     * then use {@link #readInput(byte[], int, int)} to read the corresponding cleartext.<br>
-     * <br>
-     * Similarly, when data needs to be sent, use {@link #offerOutput(byte[], int, int)} to provide
-     * the cleartext, then use {@link #readOutput(byte[], int, int)} to get the corresponding
-     * ciphertext.
-     *
-     * @param secureRandom
-     *            Random number generator for various cryptographic functions
-     */
-    public TlsServerProtocol(SecureRandom secureRandom)
-    {
-        super(secureRandom);
-    }
-
-    /**
-     * Receives a TLS handshake in the role of server.<br>
-     * <br>
-     * In blocking mode, this will not return until the handshake is complete.
-     * In non-blocking mode, use {@link TlsPeer#notifyHandshakeComplete()} to
-     * receive a callback when the handshake is complete.
-     *
-     * @param tlsServer
-     * @throws IOException If in blocking mode and handshake was not successful.
-     */
-    public void accept(TlsServer tlsServer)
-        throws IOException
-    {
-        if (tlsServer == null)
-        {
-            throw new IllegalArgumentException("'tlsServer' cannot be null");
-        }
-        if (this.tlsServer != null)
-        {
-            throw new IllegalStateException("'accept' can only be called once");
-        }
-
-        this.tlsServer = tlsServer;
-
-        this.securityParameters = new SecurityParameters();
-        this.securityParameters.entity = ConnectionEnd.server;
-
-        this.tlsServerContext = new TlsServerContextImpl(secureRandom, securityParameters);
-
-        this.securityParameters.serverRandom = createRandomBlock(tlsServer.shouldUseGMTUnixTime(),
-            tlsServerContext.getNonceRandomGenerator());
-
-        this.tlsServer.init(tlsServerContext);
-        this.recordStream.init(tlsServerContext);
-
-        this.recordStream.setRestrictReadVersion(false);
-
-        blockForHandshake();
-    }
-
-    protected void cleanupHandshake()
-    {
-        super.cleanupHandshake();
-        
-        this.keyExchange = null;
-        this.serverCredentials = null;
-        this.certificateRequest = null;
-        this.prepareFinishHash = null;
-    }
-
-    protected TlsContext getContext()
-    {
-        return tlsServerContext;
-    }
-
-    AbstractTlsContext getContextAdmin()
-    {
-        return tlsServerContext;
-    }
-
-    protected TlsPeer getPeer()
-    {
-        return tlsServer;
-    }
-
-    protected void handleHandshakeMessage(short type, ByteArrayInputStream buf)
-        throws IOException
-    {
-        switch (type)
-        {
-        case HandshakeType.client_hello:
-        {
-            switch (this.connection_state)
-            {
-            case CS_START:
-            {
-                receiveClientHelloMessage(buf);
-                this.connection_state = CS_CLIENT_HELLO;
-
-                sendServerHelloMessage();
-                this.connection_state = CS_SERVER_HELLO;
-
-                recordStream.notifyHelloComplete();
-
-                Vector serverSupplementalData = tlsServer.getServerSupplementalData();
-                if (serverSupplementalData != null)
-                {
-                    sendSupplementalDataMessage(serverSupplementalData);
-                }
-                this.connection_state = CS_SERVER_SUPPLEMENTAL_DATA;
-
-                this.keyExchange = tlsServer.getKeyExchange();
-                this.keyExchange.init(getContext());
-
-                this.serverCredentials = tlsServer.getCredentials();
-
-                Certificate serverCertificate = null;
-
-                if (this.serverCredentials == null)
-                {
-                    this.keyExchange.skipServerCredentials();
-                }
-                else
-                {
-                    this.keyExchange.processServerCredentials(this.serverCredentials);
-
-                    serverCertificate = this.serverCredentials.getCertificate();
-                    sendCertificateMessage(serverCertificate);
-                }
-                this.connection_state = CS_SERVER_CERTIFICATE;
-
-                // TODO[RFC 3546] Check whether empty certificates is possible, allowed, or excludes CertificateStatus
-                if (serverCertificate == null || serverCertificate.isEmpty())
-                {
-                    this.allowCertificateStatus = false;
-                }
-
-                if (this.allowCertificateStatus)
-                {
-                    CertificateStatus certificateStatus = tlsServer.getCertificateStatus();
-                    if (certificateStatus != null)
-                    {
-                        sendCertificateStatusMessage(certificateStatus);
-                    }
-                }
-
-                this.connection_state = CS_CERTIFICATE_STATUS;
-
-                byte[] serverKeyExchange = this.keyExchange.generateServerKeyExchange();
-                if (serverKeyExchange != null)
-                {
-                    sendServerKeyExchangeMessage(serverKeyExchange);
-                }
-                this.connection_state = CS_SERVER_KEY_EXCHANGE;
-
-                if (this.serverCredentials != null)
-                {
-                    this.certificateRequest = tlsServer.getCertificateRequest();
-                    if (this.certificateRequest != null)
-                    {
-                        if (TlsUtils.isTLSv12(getContext()) != (certificateRequest.getSupportedSignatureAlgorithms() != null))
-                        {
-                            throw new TlsFatalAlert(AlertDescription.internal_error);
-                        }
-
-                        this.keyExchange.validateCertificateRequest(certificateRequest);
-
-                        sendCertificateRequestMessage(certificateRequest);
-
-                        TlsUtils.trackHashAlgorithms(this.recordStream.getHandshakeHash(),
-                            this.certificateRequest.getSupportedSignatureAlgorithms());
-                    }
-                }
-                this.connection_state = CS_CERTIFICATE_REQUEST;
-
-                sendServerHelloDoneMessage();
-                this.connection_state = CS_SERVER_HELLO_DONE;
-
-                this.recordStream.getHandshakeHash().sealHashAlgorithms();
-
-                break;
-            }
-            case CS_END:
-            {
-                refuseRenegotiation();
-                break;
-            }
-            default:
-                throw new TlsFatalAlert(AlertDescription.unexpected_message);
-            }
-            break;
-        }
-        case HandshakeType.supplemental_data:
-        {
-            switch (this.connection_state)
-            {
-            case CS_SERVER_HELLO_DONE:
-            {
-                tlsServer.processClientSupplementalData(readSupplementalDataMessage(buf));
-                this.connection_state = CS_CLIENT_SUPPLEMENTAL_DATA;
-                break;
-            }
-            default:
-                throw new TlsFatalAlert(AlertDescription.unexpected_message);
-            }
-            break;
-        }
-        case HandshakeType.certificate:
-        {
-            switch (this.connection_state)
-            {
-            case CS_SERVER_HELLO_DONE:
-            {
-                tlsServer.processClientSupplementalData(null);
-                // NB: Fall through to next case label
-            }
-            case CS_CLIENT_SUPPLEMENTAL_DATA:
-            {
-                if (this.certificateRequest == null)
-                {
-                    throw new TlsFatalAlert(AlertDescription.unexpected_message);
-                }
-                receiveCertificateMessage(buf);
-                this.connection_state = CS_CLIENT_CERTIFICATE;
-                break;
-            }
-            default:
-                throw new TlsFatalAlert(AlertDescription.unexpected_message);
-            }
-            break;
-        }
-        case HandshakeType.client_key_exchange:
-        {
-            switch (this.connection_state)
-            {
-            case CS_SERVER_HELLO_DONE:
-            {
-                tlsServer.processClientSupplementalData(null);
-                // NB: Fall through to next case label
-            }
-            case CS_CLIENT_SUPPLEMENTAL_DATA:
-            {
-                if (this.certificateRequest == null)
-                {
-                    this.keyExchange.skipClientCredentials();
-                }
-                else
-                {
-                    if (TlsUtils.isTLSv12(getContext()))
-                    {
-                        /*
-                         * RFC 5246 If no suitable certificate is available, the client MUST send a
-                         * certificate message containing no certificates.
-                         * 
-                         * NOTE: In previous RFCs, this was SHOULD instead of MUST.
-                         */
-                        throw new TlsFatalAlert(AlertDescription.unexpected_message);
-                    }
-                    else if (TlsUtils.isSSL(getContext()))
-                    {
-                        if (this.peerCertificate == null)
-                        {
-                            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-                        }
-                    }
-                    else
-                    {
-                        notifyClientCertificate(Certificate.EMPTY_CHAIN);
-                    }
-                }
-                // NB: Fall through to next case label
-            }
-            case CS_CLIENT_CERTIFICATE:
-            {
-                receiveClientKeyExchangeMessage(buf);
-                this.connection_state = CS_CLIENT_KEY_EXCHANGE;
-                break;
-            }
-            default:
-                throw new TlsFatalAlert(AlertDescription.unexpected_message);
-            }
-            break;
-        }
-        case HandshakeType.certificate_verify:
-        {
-            switch (this.connection_state)
-            {
-            case CS_CLIENT_KEY_EXCHANGE:
-            {
-                /*
-                 * RFC 5246 7.4.8 This message is only sent following a client certificate that has
-                 * signing capability (i.e., all certificates except those containing fixed
-                 * Diffie-Hellman parameters).
-                 */
-                if (!expectCertificateVerifyMessage())
-                {
-                    throw new TlsFatalAlert(AlertDescription.unexpected_message);
-                }
-
-                receiveCertificateVerifyMessage(buf);
-                this.connection_state = CS_CERTIFICATE_VERIFY;
-
-                break;
-            }
-            default:
-                throw new TlsFatalAlert(AlertDescription.unexpected_message);
-            }
-            break;
-        }
-        case HandshakeType.finished:
-        {
-            switch (this.connection_state)
-            {
-            case CS_CLIENT_KEY_EXCHANGE:
-            {
-                if (expectCertificateVerifyMessage())
-                {
-                    throw new TlsFatalAlert(AlertDescription.unexpected_message);
-                }
-                // NB: Fall through to next case label
-            }
-            case CS_CERTIFICATE_VERIFY:
-            {
-                processFinishedMessage(buf);
-                this.connection_state = CS_CLIENT_FINISHED;
-
-                if (this.expectSessionTicket)
-                {
-                    sendNewSessionTicketMessage(tlsServer.getNewSessionTicket());
-                }
-                this.connection_state = CS_SERVER_SESSION_TICKET;
-
-                sendChangeCipherSpecMessage();
-                sendFinishedMessage();
-                this.connection_state = CS_SERVER_FINISHED;
-
-                completeHandshake();
-                break;
-            }
-            default:
-                throw new TlsFatalAlert(AlertDescription.unexpected_message);
-            }
-            break;
-        }
-        case HandshakeType.hello_request:
-        case HandshakeType.hello_verify_request:
-        case HandshakeType.server_hello:
-        case HandshakeType.server_key_exchange:
-        case HandshakeType.certificate_request:
-        case HandshakeType.server_hello_done:
-        case HandshakeType.session_ticket:
-        default:
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-    }
-
-    protected void handleAlertWarningMessage(short alertDescription)
-        throws IOException
-    {
-        super.handleAlertWarningMessage(alertDescription);
-
-        switch (alertDescription)
-        {
-        case AlertDescription.no_certificate:
-        {
-            /*
-             * SSL 3.0 If the server has sent a certificate request Message, the client must send
-             * either the certificate message or a no_certificate alert.
-             */
-            if (TlsUtils.isSSL(getContext()) && this.certificateRequest != null)
-            {
-                switch (this.connection_state)
-                {
-                case CS_SERVER_HELLO_DONE:
-                {
-                    tlsServer.processClientSupplementalData(null);
-                    // NB: Fall through to next case label
-                }
-                case CS_CLIENT_SUPPLEMENTAL_DATA:
-                {
-                    notifyClientCertificate(Certificate.EMPTY_CHAIN);
-                    this.connection_state = CS_CLIENT_CERTIFICATE;
-                    return;
-                }
-                }
-            }
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-        }
-    }
-
-    protected void notifyClientCertificate(Certificate clientCertificate)
-        throws IOException
-    {
-        if (certificateRequest == null)
-        {
-            throw new IllegalStateException();
-        }
-
-        if (peerCertificate != null)
-        {
-            throw new TlsFatalAlert(AlertDescription.unexpected_message);
-        }
-
-        this.peerCertificate = clientCertificate;
-
-        if (clientCertificate.isEmpty())
-        {
-            this.keyExchange.skipClientCredentials();
-        }
-        else
-        {
-
-            /*
-             * TODO RFC 5246 7.4.6. If the certificate_authorities list in the certificate request
-             * message was non-empty, one of the certificates in the certificate chain SHOULD be
-             * issued by one of the listed CAs.
-             */
-
-            this.clientCertificateType = TlsUtils.getClientCertificateType(clientCertificate,
-                this.serverCredentials.getCertificate());
-
-            this.keyExchange.processClientCertificate(clientCertificate);
-        }
-
-        /*
-         * RFC 5246 7.4.6. If the client does not send any certificates, the server MAY at its
-         * discretion either continue the handshake without client authentication, or respond with a
-         * fatal handshake_failure alert. Also, if some aspect of the certificate chain was
-         * unacceptable (e.g., it was not signed by a known, trusted CA), the server MAY at its
-         * discretion either continue the handshake (considering the client unauthenticated) or send
-         * a fatal alert.
-         */
-        this.tlsServer.notifyClientCertificate(clientCertificate);
-    }
-
-    protected void receiveCertificateMessage(ByteArrayInputStream buf)
-        throws IOException
-    {
-        Certificate clientCertificate = Certificate.parse(buf);
-
-        assertEmpty(buf);
-
-        notifyClientCertificate(clientCertificate);
-    }
-
-    protected void receiveCertificateVerifyMessage(ByteArrayInputStream buf)
-        throws IOException
-    {
-        if (certificateRequest == null)
-        {
-            throw new IllegalStateException();
-        }
-
-        DigitallySigned clientCertificateVerify = DigitallySigned.parse(getContext(), buf);
-
-        assertEmpty(buf);
-
-        // Verify the CertificateVerify message contains a correct signature.
-        try
-        {
-            SignatureAndHashAlgorithm signatureAlgorithm = clientCertificateVerify.getAlgorithm();
-
-            byte[] hash;
-            if (TlsUtils.isTLSv12(getContext()))
-            {
-                TlsUtils.verifySupportedSignatureAlgorithm(certificateRequest.getSupportedSignatureAlgorithms(), signatureAlgorithm);
-                hash = prepareFinishHash.getFinalHash(signatureAlgorithm.getHash());
-            }
-            else
-            {
-                hash = securityParameters.getSessionHash();
-            }
-
-            org.bouncycastle.asn1.x509.Certificate x509Cert = peerCertificate.getCertificateAt(0);
-            SubjectPublicKeyInfo keyInfo = x509Cert.getSubjectPublicKeyInfo();
-            AsymmetricKeyParameter publicKey = PublicKeyFactory.createKey(keyInfo);
-
-            TlsSigner tlsSigner = TlsUtils.createTlsSigner(clientCertificateType);
-            tlsSigner.init(getContext());
-            if (!tlsSigner.verifyRawSignature(signatureAlgorithm, clientCertificateVerify.getSignature(), publicKey, hash))
-            {
-                throw new TlsFatalAlert(AlertDescription.decrypt_error);
-            }
-        }
-        catch (TlsFatalAlert e)
-        {
-            throw e;
-        }
-        catch (Exception e)
-        {
-            throw new TlsFatalAlert(AlertDescription.decrypt_error, e);
-        }
-    }
-
-    protected void receiveClientHelloMessage(ByteArrayInputStream buf)
-        throws IOException
-    {
-        ProtocolVersion client_version = TlsUtils.readVersion(buf);
-        recordStream.setWriteVersion(client_version);
-
-        if (client_version.isDTLS())
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-
-        byte[] client_random = TlsUtils.readFully(32, buf);
-
-        /*
-         * TODO RFC 5077 3.4. If a ticket is presented by the client, the server MUST NOT attempt to
-         * use the Session ID in the ClientHello for stateful session resumption.
-         */
-        byte[] sessionID = TlsUtils.readOpaque8(buf);
-        if (sessionID.length > 32)
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-
-        /*
-         * TODO RFC 5246 7.4.1.2. If the session_id field is not empty (implying a session
-         * resumption request), this vector MUST include at least the cipher_suite from that
-         * session.
-         */
-        int cipher_suites_length = TlsUtils.readUint16(buf);
-        if (cipher_suites_length < 2 || (cipher_suites_length & 1) != 0)
-        {
-            throw new TlsFatalAlert(AlertDescription.decode_error);
-        }
-        this.offeredCipherSuites = TlsUtils.readUint16Array(cipher_suites_length / 2, buf);
-
-        /*
-         * TODO RFC 5246 7.4.1.2. If the session_id field is not empty (implying a session
-         * resumption request), it MUST include the compression_method from that session.
-         */
-        int compression_methods_length = TlsUtils.readUint8(buf);
-        if (compression_methods_length < 1)
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-        this.offeredCompressionMethods = TlsUtils.readUint8Array(compression_methods_length, buf);
-
-        /*
-         * TODO RFC 3546 2.3 If [...] the older session is resumed, then the server MUST ignore
-         * extensions appearing in the client hello, and send a server hello containing no
-         * extensions.
-         */
-        this.clientExtensions = readExtensions(buf);
-
-        /*
-         * TODO[resumption] Check RFC 7627 5.4. for required behaviour 
-         */
-
-        /*
-         * RFC 7627 4. Clients and servers SHOULD NOT accept handshakes that do not use the extended
-         * master secret [..]. (and see 5.2, 5.3)
-         */
-        this.securityParameters.extendedMasterSecret = TlsExtensionsUtils.hasExtendedMasterSecretExtension(clientExtensions);
-        if (!securityParameters.isExtendedMasterSecret() && tlsServer.requiresExtendedMasterSecret())
-        {
-            throw new TlsFatalAlert(AlertDescription.handshake_failure);
-        }
-
-        getContextAdmin().setClientVersion(client_version);
-
-        tlsServer.notifyClientVersion(client_version);
-        tlsServer.notifyFallback(Arrays.contains(offeredCipherSuites, CipherSuite.TLS_FALLBACK_SCSV));
-
-        securityParameters.clientRandom = client_random;
-
-        tlsServer.notifyOfferedCipherSuites(offeredCipherSuites);
-        tlsServer.notifyOfferedCompressionMethods(offeredCompressionMethods);
-
-        /*
-         * RFC 5746 3.6. Server Behavior: Initial Handshake
-         */
-        {
-            /*
-             * RFC 5746 3.4. The client MUST include either an empty "renegotiation_info" extension,
-             * or the TLS_EMPTY_RENEGOTIATION_INFO_SCSV signaling cipher suite value in the
-             * ClientHello. Including both is NOT RECOMMENDED.
-             */
-
-            /*
-             * When a ClientHello is received, the server MUST check if it includes the
-             * TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV. If it does, set the secure_renegotiation flag
-             * to TRUE.
-             */
-            if (Arrays.contains(offeredCipherSuites, CipherSuite.TLS_EMPTY_RENEGOTIATION_INFO_SCSV))
-            {
-                this.secure_renegotiation = true;
-            }
-
-            /*
-             * The server MUST check if the "renegotiation_info" extension is included in the
-             * ClientHello.
-             */
-            byte[] renegExtData = TlsUtils.getExtensionData(clientExtensions, EXT_RenegotiationInfo);
-            if (renegExtData != null)
-            {
-                /*
-                 * If the extension is present, set secure_renegotiation flag to TRUE. The
-                 * server MUST then verify that the length of the "renegotiated_connection"
-                 * field is zero, and if it is not, MUST abort the handshake.
-                 */
-                this.secure_renegotiation = true;
-
-                if (!Arrays.constantTimeAreEqual(renegExtData, createRenegotiationInfo(TlsUtils.EMPTY_BYTES)))
-                {
-                    throw new TlsFatalAlert(AlertDescription.handshake_failure);
-                }
-            }
-        }
-
-        tlsServer.notifySecureRenegotiation(this.secure_renegotiation);
-
-        if (clientExtensions != null)
-        {
-            // NOTE: Validates the padding extension data, if present
-            TlsExtensionsUtils.getPaddingExtension(clientExtensions);
-
-            tlsServer.processClientExtensions(clientExtensions);
-        }
-    }
-
-    protected void receiveClientKeyExchangeMessage(ByteArrayInputStream buf)
-        throws IOException
-    {
-        keyExchange.processClientKeyExchange(buf);
-
-        assertEmpty(buf);
-
-        if (TlsUtils.isSSL(getContext()))
-        {
-            establishMasterSecret(getContext(), keyExchange);
-        }
-
-        this.prepareFinishHash = recordStream.prepareToFinish();
-        this.securityParameters.sessionHash = getCurrentPRFHash(getContext(), prepareFinishHash, null);
-
-        if (!TlsUtils.isSSL(getContext()))
-        {
-            establishMasterSecret(getContext(), keyExchange);
-        }
-
-        recordStream.setPendingConnectionState(getPeer().getCompression(), getPeer().getCipher());
-    }
-
-    protected void sendCertificateRequestMessage(CertificateRequest certificateRequest)
-        throws IOException
-    {
-        HandshakeMessage message = new HandshakeMessage(HandshakeType.certificate_request);
-
-        certificateRequest.encode(message);
-
-        message.writeToRecordStream();
-    }
-
-    protected void sendCertificateStatusMessage(CertificateStatus certificateStatus)
-        throws IOException
-    {
-        HandshakeMessage message = new HandshakeMessage(HandshakeType.certificate_status);
-
-        certificateStatus.encode(message);
-
-        message.writeToRecordStream();
-    }
-
-    protected void sendNewSessionTicketMessage(NewSessionTicket newSessionTicket)
-        throws IOException
-    {
-        if (newSessionTicket == null)
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        HandshakeMessage message = new HandshakeMessage(HandshakeType.session_ticket);
-
-        newSessionTicket.encode(message);
-
-        message.writeToRecordStream();
-    }
-
-    protected void sendServerHelloMessage()
-        throws IOException
-    {
-        HandshakeMessage message = new HandshakeMessage(HandshakeType.server_hello);
-
-        {
-            ProtocolVersion server_version = tlsServer.getServerVersion();
-            if (!server_version.isEqualOrEarlierVersionOf(getContext().getClientVersion()))
-            {
-                throw new TlsFatalAlert(AlertDescription.internal_error);
-            }
-    
-            recordStream.setReadVersion(server_version);
-            recordStream.setWriteVersion(server_version);
-            recordStream.setRestrictReadVersion(true);
-            getContextAdmin().setServerVersion(server_version);
-    
-            TlsUtils.writeVersion(server_version, message);
-        }
-
-        message.write(this.securityParameters.serverRandom);
-
-        /*
-         * The server may return an empty session_id to indicate that the session will not be cached
-         * and therefore cannot be resumed.
-         */
-        TlsUtils.writeOpaque8(TlsUtils.EMPTY_BYTES, message);
-
-        int selectedCipherSuite = tlsServer.getSelectedCipherSuite();
-        if (!Arrays.contains(offeredCipherSuites, selectedCipherSuite)
-            || selectedCipherSuite == CipherSuite.TLS_NULL_WITH_NULL_NULL
-            || CipherSuite.isSCSV(selectedCipherSuite)
-            || !TlsUtils.isValidCipherSuiteForVersion(selectedCipherSuite, getContext().getServerVersion()))
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-        securityParameters.cipherSuite = selectedCipherSuite;
-
-        short selectedCompressionMethod = tlsServer.getSelectedCompressionMethod();
-        if (!Arrays.contains(offeredCompressionMethods, selectedCompressionMethod))
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-        securityParameters.compressionAlgorithm = selectedCompressionMethod;
-
-        TlsUtils.writeUint16(selectedCipherSuite, message);
-        TlsUtils.writeUint8(selectedCompressionMethod, message);
-
-        this.serverExtensions = TlsExtensionsUtils.ensureExtensionsInitialised(tlsServer.getServerExtensions());
-
-        /*
-         * RFC 5746 3.6. Server Behavior: Initial Handshake
-         */
-        if (this.secure_renegotiation)
-        {
-            byte[] renegExtData = TlsUtils.getExtensionData(this.serverExtensions, EXT_RenegotiationInfo);
-            boolean noRenegExt = (null == renegExtData);
-
-            if (noRenegExt)
-            {
-                /*
-                 * Note that sending a "renegotiation_info" extension in response to a ClientHello
-                 * containing only the SCSV is an explicit exception to the prohibition in RFC 5246,
-                 * Section 7.4.1.4, on the server sending unsolicited extensions and is only allowed
-                 * because the client is signaling its willingness to receive the extension via the
-                 * TLS_EMPTY_RENEGOTIATION_INFO_SCSV SCSV.
-                 */
-
-                /*
-                 * If the secure_renegotiation flag is set to TRUE, the server MUST include an empty
-                 * "renegotiation_info" extension in the ServerHello message.
-                 */
-                this.serverExtensions.put(EXT_RenegotiationInfo, createRenegotiationInfo(TlsUtils.EMPTY_BYTES));
-            }
-        }
-
-        if (TlsUtils.isSSL(tlsServerContext))
-        {
-            securityParameters.extendedMasterSecret = false;
-        }
-        else if (securityParameters.isExtendedMasterSecret())
-        {
-            TlsExtensionsUtils.addExtendedMasterSecretExtension(serverExtensions);
-        }
-
-        /*
-         * TODO RFC 3546 2.3 If [...] the older session is resumed, then the server MUST ignore
-         * extensions appearing in the client hello, and send a server hello containing no
-         * extensions.
-         */
-
-        if (!this.serverExtensions.isEmpty())
-        {
-            this.securityParameters.encryptThenMAC = TlsExtensionsUtils.hasEncryptThenMACExtension(serverExtensions);
-
-            this.securityParameters.maxFragmentLength = processMaxFragmentLengthExtension(clientExtensions,
-                serverExtensions, AlertDescription.internal_error);
-
-            this.securityParameters.truncatedHMac = TlsExtensionsUtils.hasTruncatedHMacExtension(serverExtensions);
-
-            /*
-             * TODO It's surprising that there's no provision to allow a 'fresh' CertificateStatus to be sent in
-             * a session resumption handshake.
-             */
-            this.allowCertificateStatus = !resumedSession
-                && TlsUtils.hasExpectedEmptyExtensionData(serverExtensions, TlsExtensionsUtils.EXT_status_request,
-                    AlertDescription.internal_error);
-
-            this.expectSessionTicket = !resumedSession
-                && TlsUtils.hasExpectedEmptyExtensionData(serverExtensions, TlsProtocol.EXT_SessionTicket,
-                    AlertDescription.internal_error);
-
-            writeExtensions(message, serverExtensions);
-        }
-
-        securityParameters.prfAlgorithm = getPRFAlgorithm(getContext(), securityParameters.getCipherSuite());
-
-        /*
-         * RFC 5246 7.4.9. Any cipher suite which does not explicitly specify verify_data_length has
-         * a verify_data_length equal to 12. This includes all existing cipher suites.
-         */
-        securityParameters.verifyDataLength = 12;
-
-        applyMaxFragmentLengthExtension();
-
-        message.writeToRecordStream();
-    }
-
-    protected void sendServerHelloDoneMessage()
-        throws IOException
-    {
-        byte[] message = new byte[4];
-        TlsUtils.writeUint8(HandshakeType.server_hello_done, message, 0);
-        TlsUtils.writeUint24(0, message, 1);
-
-        writeHandshakeMessage(message, 0, message.length);
-    }
-
-    protected void sendServerKeyExchangeMessage(byte[] serverKeyExchange)
-        throws IOException
-    {
-        HandshakeMessage message = new HandshakeMessage(HandshakeType.server_key_exchange, serverKeyExchange.length);
-
-        message.write(serverKeyExchange);
-
-        message.writeToRecordStream();
-    }
-
-    protected boolean expectCertificateVerifyMessage()
-    {
-        return clientCertificateType >= 0 && TlsUtils.hasSigningCapability(clientCertificateType);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSession.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSession.java
deleted file mode 100644
index 9b5ad46..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSession.java
+++ /dev/null

@@ -1,12 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-public interface TlsSession
-{
-    SessionParameters exportSessionParameters();
-
-    byte[] getSessionID();
-
-    void invalidate();
-
-    boolean isResumable();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSessionImpl.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSessionImpl.java
deleted file mode 100644
index 2d07289..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSessionImpl.java
+++ /dev/null

@@ -1,48 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import org.bouncycastle.util.Arrays;
-
-class TlsSessionImpl implements TlsSession
-{
-    final byte[] sessionID;
-    final SessionParameters sessionParameters;
-    boolean resumable;
-
-    TlsSessionImpl(byte[] sessionID, SessionParameters sessionParameters)
-    {
-        if (sessionID == null)
-        {
-            throw new IllegalArgumentException("'sessionID' cannot be null");
-        }
-        if (sessionID.length > 32)
-        {
-            throw new IllegalArgumentException("'sessionID' cannot be longer than 32 bytes");
-        }
-
-        this.sessionID = Arrays.clone(sessionID);
-        this.sessionParameters = sessionParameters;
-        this.resumable = sessionID.length > 0
-            && null != sessionParameters
-            && sessionParameters.isExtendedMasterSecret();
-    }
-
-    public synchronized SessionParameters exportSessionParameters()
-    {
-        return this.sessionParameters == null ? null : this.sessionParameters.copy();
-    }
-
-    public synchronized byte[] getSessionID()
-    {
-        return sessionID;
-    }
-
-    public synchronized void invalidate()
-    {
-        this.resumable = false;
-    }
-
-    public synchronized boolean isResumable()
-    {
-        return resumable;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSigner.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSigner.java
deleted file mode 100644
index 68826d2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSigner.java
+++ /dev/null

@@ -1,34 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-
-public interface TlsSigner
-{
-    void init(TlsContext context);
-
-    byte[] generateRawSignature(AsymmetricKeyParameter privateKey, byte[] md5AndSha1)
-        throws CryptoException;
-
-    byte[] generateRawSignature(SignatureAndHashAlgorithm algorithm,
-        AsymmetricKeyParameter privateKey, byte[] hash)
-        throws CryptoException;
-
-    boolean verifyRawSignature(byte[] sigBytes, AsymmetricKeyParameter publicKey, byte[] md5AndSha1)
-        throws CryptoException;
-
-    boolean verifyRawSignature(SignatureAndHashAlgorithm algorithm, byte[] sigBytes,
-        AsymmetricKeyParameter publicKey, byte[] hash)
-        throws CryptoException;
-
-    Signer createSigner(AsymmetricKeyParameter privateKey);
-
-    Signer createSigner(SignatureAndHashAlgorithm algorithm, AsymmetricKeyParameter privateKey);
-
-    Signer createVerifyer(AsymmetricKeyParameter publicKey);
-
-    Signer createVerifyer(SignatureAndHashAlgorithm algorithm, AsymmetricKeyParameter publicKey);
-
-    boolean isValidPublicKey(AsymmetricKeyParameter publicKey);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSignerCredentials.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSignerCredentials.java
deleted file mode 100644
index 39ee99c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsSignerCredentials.java
+++ /dev/null

@@ -1,12 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-
-public interface TlsSignerCredentials
-    extends TlsCredentials
-{
-    byte[] generateCertificateSignature(byte[] hash)
-        throws IOException;
-
-    SignatureAndHashAlgorithm getSignatureAndHashAlgorithm();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsStreamCipher.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsStreamCipher.java
deleted file mode 100644
index c86b6b5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsStreamCipher.java
+++ /dev/null

@@ -1,156 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.StreamCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Arrays;
-
-public class TlsStreamCipher
-    implements TlsCipher
-{
-    protected TlsContext context;
-
-    protected StreamCipher encryptCipher;
-    protected StreamCipher decryptCipher;
-
-    protected TlsMac writeMac;
-    protected TlsMac readMac;
-
-    protected boolean usesNonce;
-
-    public TlsStreamCipher(TlsContext context, StreamCipher clientWriteCipher,
-        StreamCipher serverWriteCipher, Digest clientWriteDigest, Digest serverWriteDigest,
-        int cipherKeySize, boolean usesNonce) throws IOException
-    {
-        boolean isServer = context.isServer();
-
-        this.context = context;
-        this.usesNonce = usesNonce;
-
-        this.encryptCipher = clientWriteCipher;
-        this.decryptCipher = serverWriteCipher;
-
-        int key_block_size = (2 * cipherKeySize) + clientWriteDigest.getDigestSize()
-            + serverWriteDigest.getDigestSize();
-
-        byte[] key_block = TlsUtils.calculateKeyBlock(context, key_block_size);
-
-        int offset = 0;
-
-        // Init MACs
-        TlsMac clientWriteMac = new TlsMac(context, clientWriteDigest, key_block, offset,
-            clientWriteDigest.getDigestSize());
-        offset += clientWriteDigest.getDigestSize();
-        TlsMac serverWriteMac = new TlsMac(context, serverWriteDigest, key_block, offset,
-            serverWriteDigest.getDigestSize());
-        offset += serverWriteDigest.getDigestSize();
-
-        // Build keys
-        KeyParameter clientWriteKey = new KeyParameter(key_block, offset, cipherKeySize);
-        offset += cipherKeySize;
-        KeyParameter serverWriteKey = new KeyParameter(key_block, offset, cipherKeySize);
-        offset += cipherKeySize;
-
-        if (offset != key_block_size)
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        CipherParameters encryptParams, decryptParams;
-        if (isServer)
-        {
-            this.writeMac = serverWriteMac;
-            this.readMac = clientWriteMac;
-            this.encryptCipher = serverWriteCipher;
-            this.decryptCipher = clientWriteCipher;
-            encryptParams = serverWriteKey;
-            decryptParams = clientWriteKey;
-        }
-        else
-        {
-            this.writeMac = clientWriteMac;
-            this.readMac = serverWriteMac;
-            this.encryptCipher = clientWriteCipher;
-            this.decryptCipher = serverWriteCipher;
-            encryptParams = clientWriteKey;
-            decryptParams = serverWriteKey;
-        }
-
-        if (usesNonce)
-        {
-            byte[] dummyNonce = new byte[8];
-            encryptParams = new ParametersWithIV(encryptParams, dummyNonce);
-            decryptParams = new ParametersWithIV(decryptParams, dummyNonce);
-        }
-
-        this.encryptCipher.init(true, encryptParams);
-        this.decryptCipher.init(false, decryptParams);
-    }
-
-    public int getPlaintextLimit(int ciphertextLimit)
-    {
-        return ciphertextLimit - writeMac.getSize();
-    }
-
-    public byte[] encodePlaintext(long seqNo, short type, byte[] plaintext, int offset, int len)
-    {
-        if (usesNonce)
-        {
-            updateIV(encryptCipher, true, seqNo);
-        }
-
-        byte[] outBuf = new byte[len + writeMac.getSize()];
-
-        encryptCipher.processBytes(plaintext, offset, len, outBuf, 0);
-
-        byte[] mac = writeMac.calculateMac(seqNo, type, plaintext, offset, len);
-        encryptCipher.processBytes(mac, 0, mac.length, outBuf, len);
-
-        return outBuf;
-    }
-
-    public byte[] decodeCiphertext(long seqNo, short type, byte[] ciphertext, int offset, int len)
-        throws IOException
-    {
-        if (usesNonce)
-        {
-            updateIV(decryptCipher, false, seqNo);
-        }
-
-        int macSize = readMac.getSize();
-        if (len < macSize)
-        {
-            throw new TlsFatalAlert(AlertDescription.decode_error);
-        }
-
-        int plaintextLength = len - macSize;
-
-        byte[] deciphered = new byte[len];
-        decryptCipher.processBytes(ciphertext, offset, len, deciphered, 0);
-        checkMAC(seqNo, type, deciphered, plaintextLength, len, deciphered, 0, plaintextLength);
-        return Arrays.copyOfRange(deciphered, 0, plaintextLength);
-    }
-
-    protected void checkMAC(long seqNo, short type, byte[] recBuf, int recStart, int recEnd, byte[] calcBuf, int calcOff, int calcLen)
-        throws IOException
-    {
-        byte[] receivedMac = Arrays.copyOfRange(recBuf, recStart, recEnd);
-        byte[] computedMac = readMac.calculateMac(seqNo, type, calcBuf, calcOff, calcLen);
-
-        if (!Arrays.constantTimeAreEqual(receivedMac, computedMac))
-        {
-            throw new TlsFatalAlert(AlertDescription.bad_record_mac);
-        }
-    }
-
-    protected void updateIV(StreamCipher cipher, boolean forEncryption, long seqNo)
-    {
-        byte[] nonce = new byte[8];
-        TlsUtils.writeUint64(seqNo, nonce, 0);
-        cipher.init(forEncryption, new ParametersWithIV(null, nonce));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsUtils.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsUtils.java
deleted file mode 100644
index b803243..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/TlsUtils.java
+++ /dev/null

@@ -1,2556 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.EOFException;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.util.Hashtable;
-import java.util.Vector;
-
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.Extensions;
-import org.bouncycastle.asn1.x509.KeyUsage;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.MD5Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA224Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA384Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.DSAPublicKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.crypto.util.PublicKeyFactory;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Integers;
-import org.bouncycastle.util.Shorts;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.io.Streams;
-
-/**
- * Some helper functions for MicroTLS.
- */
-public class TlsUtils
-{
-    public static final byte[] EMPTY_BYTES = new byte[0];
-    public static final short[] EMPTY_SHORTS = new short[0];
-    public static final int[] EMPTY_INTS = new int[0];
-    public static final long[] EMPTY_LONGS = new long[0];
-
-    public static final Integer EXT_signature_algorithms = Integers.valueOf(ExtensionType.signature_algorithms);
-
-    public static void checkUint8(short i) throws IOException
-    {
-        if (!isValidUint8(i))
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    public static void checkUint8(int i) throws IOException
-    {
-        if (!isValidUint8(i))
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    public static void checkUint8(long i) throws IOException
-    {
-        if (!isValidUint8(i))
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    public static void checkUint16(int i) throws IOException
-    {
-        if (!isValidUint16(i))
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    public static void checkUint16(long i) throws IOException
-    {
-        if (!isValidUint16(i))
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    public static void checkUint24(int i) throws IOException
-    {
-        if (!isValidUint24(i))
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    public static void checkUint24(long i) throws IOException
-    {
-        if (!isValidUint24(i))
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    public static void checkUint32(long i) throws IOException
-    {
-        if (!isValidUint32(i))
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    public static void checkUint48(long i) throws IOException
-    {
-        if (!isValidUint48(i))
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    public static void checkUint64(long i) throws IOException
-    {
-        if (!isValidUint64(i))
-        {
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    public static boolean isValidUint8(short i)
-    {
-        return (i & 0xFF) == i;
-    }
-
-    public static boolean isValidUint8(int i)
-    {
-        return (i & 0xFF) == i;
-    }
-
-    public static boolean isValidUint8(long i)
-    {
-        return (i & 0xFFL) == i;
-    }
-
-    public static boolean isValidUint16(int i)
-    {
-        return (i & 0xFFFF) == i;
-    }
-
-    public static boolean isValidUint16(long i)
-    {
-        return (i & 0xFFFFL) == i;
-    }
-
-    public static boolean isValidUint24(int i)
-    {
-        return (i & 0xFFFFFF) == i;
-    }
-
-    public static boolean isValidUint24(long i)
-    {
-        return (i & 0xFFFFFFL) == i;
-    }
-
-    public static boolean isValidUint32(long i)
-    {
-        return (i & 0xFFFFFFFFL) == i;
-    }
-
-    public static boolean isValidUint48(long i)
-    {
-        return (i & 0xFFFFFFFFFFFFL) == i;
-    }
-
-    public static boolean isValidUint64(long i)
-    {
-        return true;
-    }
-
-    public static boolean isSSL(TlsContext context)
-    {
-        return context.getServerVersion().isSSL();
-    }
-
-    public static boolean isTLSv11(ProtocolVersion version)
-    {
-        return ProtocolVersion.TLSv11.isEqualOrEarlierVersionOf(version.getEquivalentTLSVersion());
-    }
-
-    public static boolean isTLSv11(TlsContext context)
-    {
-        return isTLSv11(context.getServerVersion());
-    }
-
-    public static boolean isTLSv12(ProtocolVersion version)
-    {
-        return ProtocolVersion.TLSv12.isEqualOrEarlierVersionOf(version.getEquivalentTLSVersion());
-    }
-
-    public static boolean isTLSv12(TlsContext context)
-    {
-        return isTLSv12(context.getServerVersion());
-    }
-
-    public static void writeUint8(short i, OutputStream output)
-        throws IOException
-    {
-        output.write(i);
-    }
-
-    public static void writeUint8(int i, OutputStream output)
-        throws IOException
-    {
-        output.write(i);
-    }
-
-    public static void writeUint8(short i, byte[] buf, int offset)
-    {
-        buf[offset] = (byte)i;
-    }
-
-    public static void writeUint8(int i, byte[] buf, int offset)
-    {
-        buf[offset] = (byte)i;
-    }
-
-    public static void writeUint16(int i, OutputStream output)
-        throws IOException
-    {
-        output.write(i >>> 8);
-        output.write(i);
-    }
-
-    public static void writeUint16(int i, byte[] buf, int offset)
-    {
-        buf[offset] = (byte)(i >>> 8);
-        buf[offset + 1] = (byte)i;
-    }
-
-    public static void writeUint24(int i, OutputStream output)
-        throws IOException
-    {
-        output.write((byte)(i >>> 16));
-        output.write((byte)(i >>> 8));
-        output.write((byte)i);
-    }
-
-    public static void writeUint24(int i, byte[] buf, int offset)
-    {
-        buf[offset] = (byte)(i >>> 16);
-        buf[offset + 1] = (byte)(i >>> 8);
-        buf[offset + 2] = (byte)i;
-    }
-
-    public static void writeUint32(long i, OutputStream output)
-        throws IOException
-    {
-        output.write((byte)(i >>> 24));
-        output.write((byte)(i >>> 16));
-        output.write((byte)(i >>> 8));
-        output.write((byte)i);
-    }
-
-    public static void writeUint32(long i, byte[] buf, int offset)
-    {
-        buf[offset] = (byte)(i >>> 24);
-        buf[offset + 1] = (byte)(i >>> 16);
-        buf[offset + 2] = (byte)(i >>> 8);
-        buf[offset + 3] = (byte)i;
-    }
-
-    public static void writeUint48(long i, OutputStream output)
-        throws IOException
-    {
-        output.write((byte)(i >>> 40));
-        output.write((byte)(i >>> 32));
-        output.write((byte)(i >>> 24));
-        output.write((byte)(i >>> 16));
-        output.write((byte)(i >>> 8));
-        output.write((byte)i);
-    }
-
-    public static void writeUint48(long i, byte[] buf, int offset)
-    {
-        buf[offset] = (byte)(i >>> 40);
-        buf[offset + 1] = (byte)(i >>> 32);
-        buf[offset + 2] = (byte)(i >>> 24);
-        buf[offset + 3] = (byte)(i >>> 16);
-        buf[offset + 4] = (byte)(i >>> 8);
-        buf[offset + 5] = (byte)i;
-    }
-
-    public static void writeUint64(long i, OutputStream output)
-        throws IOException
-    {
-        output.write((byte)(i >>> 56));
-        output.write((byte)(i >>> 48));
-        output.write((byte)(i >>> 40));
-        output.write((byte)(i >>> 32));
-        output.write((byte)(i >>> 24));
-        output.write((byte)(i >>> 16));
-        output.write((byte)(i >>> 8));
-        output.write((byte)i);
-    }
-
-    public static void writeUint64(long i, byte[] buf, int offset)
-    {
-        buf[offset] = (byte)(i >>> 56);
-        buf[offset + 1] = (byte)(i >>> 48);
-        buf[offset + 2] = (byte)(i >>> 40);
-        buf[offset + 3] = (byte)(i >>> 32);
-        buf[offset + 4] = (byte)(i >>> 24);
-        buf[offset + 5] = (byte)(i >>> 16);
-        buf[offset + 6] = (byte)(i >>> 8);
-        buf[offset + 7] = (byte)i;
-    }
-
-    public static void writeOpaque8(byte[] buf, OutputStream output)
-        throws IOException
-    {
-        checkUint8(buf.length);
-        writeUint8(buf.length, output);
-        output.write(buf);
-    }
-
-    public static void writeOpaque16(byte[] buf, OutputStream output)
-        throws IOException
-    {
-        checkUint16(buf.length);
-        writeUint16(buf.length, output);
-        output.write(buf);
-    }
-
-    public static void writeOpaque24(byte[] buf, OutputStream output)
-        throws IOException
-    {
-        checkUint24(buf.length);
-        writeUint24(buf.length, output);
-        output.write(buf);
-    }
-
-    public static void writeUint8Array(short[] uints, OutputStream output)
-        throws IOException
-    {
-        for (int i = 0; i < uints.length; ++i)
-        {
-            writeUint8(uints[i], output);
-        }
-    }
-
-    public static void writeUint8Array(short[] uints, byte[] buf, int offset)
-        throws IOException
-    {
-        for (int i = 0; i < uints.length; ++i)
-        {
-            writeUint8(uints[i], buf, offset);
-            ++offset;
-        }
-    }
-
-    public static void writeUint8ArrayWithUint8Length(short[] uints, OutputStream output)
-        throws IOException
-    {
-        checkUint8(uints.length);
-        writeUint8(uints.length, output);
-        writeUint8Array(uints, output);
-    }
-
-    public static void writeUint8ArrayWithUint8Length(short[] uints, byte[] buf, int offset)
-        throws IOException
-    {
-        checkUint8(uints.length);
-        writeUint8(uints.length, buf, offset);
-        writeUint8Array(uints, buf, offset + 1);
-    }
-
-    public static void writeUint16Array(int[] uints, OutputStream output)
-        throws IOException
-    {
-        for (int i = 0; i < uints.length; ++i)
-        {
-            writeUint16(uints[i], output);
-        }
-    }
-
-    public static void writeUint16Array(int[] uints, byte[] buf, int offset)
-        throws IOException
-    {
-        for (int i = 0; i < uints.length; ++i)
-        {
-            writeUint16(uints[i], buf, offset);
-            offset += 2;
-        }
-    }
-
-    public static void writeUint16ArrayWithUint16Length(int[] uints, OutputStream output)
-        throws IOException
-    {
-        int length = 2 * uints.length;
-        checkUint16(length);
-        writeUint16(length, output);
-        writeUint16Array(uints, output);
-    }
-
-    public static void writeUint16ArrayWithUint16Length(int[] uints, byte[] buf, int offset)
-        throws IOException
-    {
-        int length = 2 * uints.length;
-        checkUint16(length);
-        writeUint16(length, buf, offset);
-        writeUint16Array(uints, buf, offset + 2);
-    }
-
-    public static byte[] encodeOpaque8(byte[] buf)
-        throws IOException
-    {
-        checkUint8(buf.length);
-        return Arrays.prepend(buf, (byte)buf.length);
-    }
-
-    public static byte[] encodeUint8ArrayWithUint8Length(short[] uints) throws IOException
-    {
-        byte[] result = new byte[1 + uints.length];
-        writeUint8ArrayWithUint8Length(uints, result, 0);
-        return result;
-    }
-
-    public static byte[] encodeUint16ArrayWithUint16Length(int[] uints) throws IOException
-    {
-        int length = 2 * uints.length;
-        byte[] result = new byte[2 + length];
-        writeUint16ArrayWithUint16Length(uints, result, 0);
-        return result;
-    }
-
-    public static short readUint8(InputStream input)
-        throws IOException
-    {
-        int i = input.read();
-        if (i < 0)
-        {
-            throw new EOFException();
-        }
-        return (short)i;
-    }
-
-    public static short readUint8(byte[] buf, int offset)
-    {
-        return (short)(buf[offset] & 0xff);
-    }
-
-    public static int readUint16(InputStream input)
-        throws IOException
-    {
-        int i1 = input.read();
-        int i2 = input.read();
-        if (i2 < 0)
-        {
-            throw new EOFException();
-        }
-        return (i1 << 8) | i2;
-    }
-
-    public static int readUint16(byte[] buf, int offset)
-    {
-        int n = (buf[offset] & 0xff) << 8;
-        n |= (buf[++offset] & 0xff);
-        return n;
-    }
-
-    public static int readUint24(InputStream input)
-        throws IOException
-    {
-        int i1 = input.read();
-        int i2 = input.read();
-        int i3 = input.read();
-        if (i3 < 0)
-        {
-            throw new EOFException();
-        }
-        return (i1 << 16) | (i2 << 8) | i3;
-    }
-
-    public static int readUint24(byte[] buf, int offset)
-    {
-        int n = (buf[offset] & 0xff) << 16;
-        n |= (buf[++offset] & 0xff) << 8;
-        n |= (buf[++offset] & 0xff);
-        return n;
-    }
-
-    public static long readUint32(InputStream input)
-        throws IOException
-    {
-        int i1 = input.read();
-        int i2 = input.read();
-        int i3 = input.read();
-        int i4 = input.read();
-        if (i4 < 0)
-        {
-            throw new EOFException();
-        }
-        return ((i1 << 24) | (i2 << 16) | (i3 << 8) | i4) & 0xFFFFFFFFL;
-    }
-
-    public static long readUint32(byte[] buf, int offset)
-    {
-        int n = (buf[offset] & 0xff) << 24;
-        n |= (buf[++offset] & 0xff) << 16;
-        n |= (buf[++offset] & 0xff) << 8;
-        n |= (buf[++offset] & 0xff);
-        return n & 0xFFFFFFFFL;
-    }
-
-    public static long readUint48(InputStream input)
-        throws IOException
-    {
-        int hi = readUint24(input);
-        int lo = readUint24(input);
-        return ((long)(hi & 0xffffffffL) << 24) | (long)(lo & 0xffffffffL);
-    }
-
-    public static long readUint48(byte[] buf, int offset)
-    {
-        int hi = readUint24(buf, offset);
-        int lo = readUint24(buf, offset + 3);
-        return ((long)(hi & 0xffffffffL) << 24) | (long)(lo & 0xffffffffL);
-    }
-
-    public static byte[] readAllOrNothing(int length, InputStream input)
-        throws IOException
-    {
-        if (length < 1)
-        {
-            return EMPTY_BYTES;
-        }
-        byte[] buf = new byte[length];
-        int read = Streams.readFully(input, buf);
-        if (read == 0)
-        {
-            return null;
-        }
-        if (read != length)
-        {
-            throw new EOFException();
-        }
-        return buf;
-    }
-
-    public static byte[] readFully(int length, InputStream input)
-        throws IOException
-    {
-        if (length < 1)
-        {
-            return EMPTY_BYTES;
-        }
-        byte[] buf = new byte[length];
-        if (length != Streams.readFully(input, buf))
-        {
-            throw new EOFException();
-        }
-        return buf;
-    }
-
-    public static void readFully(byte[] buf, InputStream input)
-        throws IOException
-    {
-        int length = buf.length;
-        if (length > 0 && length != Streams.readFully(input, buf))
-        {
-            throw new EOFException();
-        }
-    }
-
-    public static byte[] readOpaque8(InputStream input)
-        throws IOException
-    {
-        short length = readUint8(input);
-        return readFully(length, input);
-    }
-
-    public static byte[] readOpaque16(InputStream input)
-        throws IOException
-    {
-        int length = readUint16(input);
-        return readFully(length, input);
-    }
-
-    public static byte[] readOpaque24(InputStream input)
-        throws IOException
-    {
-        int length = readUint24(input);
-        return readFully(length, input);
-    }
-
-    public static short[] readUint8Array(int count, InputStream input)
-        throws IOException
-    {
-        short[] uints = new short[count];
-        for (int i = 0; i < count; ++i)
-        {
-            uints[i] = readUint8(input);
-        }
-        return uints;
-    }
-
-    public static int[] readUint16Array(int count, InputStream input)
-        throws IOException
-    {
-        int[] uints = new int[count];
-        for (int i = 0; i < count; ++i)
-        {
-            uints[i] = readUint16(input);
-        }
-        return uints;
-    }
-
-    public static ProtocolVersion readVersion(byte[] buf, int offset)
-        throws IOException
-    {
-        return ProtocolVersion.get(buf[offset] & 0xFF, buf[offset + 1] & 0xFF);
-    }
-
-    public static ProtocolVersion readVersion(InputStream input)
-        throws IOException
-    {
-        int i1 = input.read();
-        int i2 = input.read();
-        if (i2 < 0)
-        {
-            throw new EOFException();
-        }
-        return ProtocolVersion.get(i1, i2);
-    }
-
-    public static int readVersionRaw(byte[] buf, int offset)
-        throws IOException
-    {
-        return (buf[offset] << 8) | buf[offset + 1];
-    }
-
-    public static int readVersionRaw(InputStream input)
-        throws IOException
-    {
-        int i1 = input.read();
-        int i2 = input.read();
-        if (i2 < 0)
-        {
-            throw new EOFException();
-        }
-        return (i1 << 8) | i2;
-    }
-
-    public static ASN1Primitive readASN1Object(byte[] encoding) throws IOException
-    {
-        ASN1InputStream asn1 = new ASN1InputStream(encoding);
-        ASN1Primitive result = asn1.readObject();
-        if (null == result)
-        {
-            throw new TlsFatalAlert(AlertDescription.decode_error);
-        }
-        if (null != asn1.readObject())
-        {
-            throw new TlsFatalAlert(AlertDescription.decode_error);
-        }
-        return result;
-    }
-
-    public static ASN1Primitive readDERObject(byte[] encoding) throws IOException
-    {
-        /*
-         * NOTE: The current ASN.1 parsing code can't enforce DER-only parsing, but since DER is
-         * canonical, we can check it by re-encoding the result and comparing to the original.
-         */
-        ASN1Primitive result = readASN1Object(encoding);
-        byte[] check = result.getEncoded(ASN1Encoding.DER);
-        if (!Arrays.areEqual(check, encoding))
-        {
-            throw new TlsFatalAlert(AlertDescription.decode_error);
-        }
-        return result;
-    }
-
-    public static void writeGMTUnixTime(byte[] buf, int offset)
-    {
-        int t = (int)(System.currentTimeMillis() / 1000L);
-        buf[offset] = (byte)(t >>> 24);
-        buf[offset + 1] = (byte)(t >>> 16);
-        buf[offset + 2] = (byte)(t >>> 8);
-        buf[offset + 3] = (byte)t;
-    }
-
-    public static void writeVersion(ProtocolVersion version, OutputStream output)
-        throws IOException
-    {
-        output.write(version.getMajorVersion());
-        output.write(version.getMinorVersion());
-    }
-
-    public static void writeVersion(ProtocolVersion version, byte[] buf, int offset)
-    {
-        buf[offset] = (byte)version.getMajorVersion();
-        buf[offset + 1] = (byte)version.getMinorVersion();
-    }
-
-    public static Vector getAllSignatureAlgorithms()
-    {
-        Vector v = new Vector(4);
-        v.addElement(Shorts.valueOf(SignatureAlgorithm.anonymous));
-        v.addElement(Shorts.valueOf(SignatureAlgorithm.rsa));
-        v.addElement(Shorts.valueOf(SignatureAlgorithm.dsa));
-        v.addElement(Shorts.valueOf(SignatureAlgorithm.ecdsa));
-        return v;
-    }
-
-    public static Vector getDefaultDSSSignatureAlgorithms()
-    {
-        return vectorOfOne(new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.dsa));
-    }
-
-    public static Vector getDefaultECDSASignatureAlgorithms()
-    {
-        return vectorOfOne(new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.ecdsa));
-    }
-
-    public static Vector getDefaultRSASignatureAlgorithms()
-    {
-        return vectorOfOne(new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.rsa));
-    }
-
-    public static Vector getDefaultSupportedSignatureAlgorithms()
-    {
-        short[] hashAlgorithms = new short[]{ HashAlgorithm.sha1, HashAlgorithm.sha224, HashAlgorithm.sha256,
-            HashAlgorithm.sha384, HashAlgorithm.sha512 };
-        short[] signatureAlgorithms = new short[]{ SignatureAlgorithm.rsa, SignatureAlgorithm.dsa,
-            SignatureAlgorithm.ecdsa };
-
-        Vector result = new Vector();
-        for (int i = 0; i < signatureAlgorithms.length; ++i)
-        {
-            for (int j = 0; j < hashAlgorithms.length; ++j)
-            {
-                result.addElement(new SignatureAndHashAlgorithm(hashAlgorithms[j], signatureAlgorithms[i]));
-            }
-        }
-        return result;
-    }
-
-    public static SignatureAndHashAlgorithm getSignatureAndHashAlgorithm(TlsContext context,
-        TlsSignerCredentials signerCredentials)
-        throws IOException
-    {
-        SignatureAndHashAlgorithm signatureAndHashAlgorithm = null;
-        if (isTLSv12(context))
-        {
-            signatureAndHashAlgorithm = signerCredentials.getSignatureAndHashAlgorithm();
-            if (signatureAndHashAlgorithm == null)
-            {
-                throw new TlsFatalAlert(AlertDescription.internal_error);
-            }
-        }
-        return signatureAndHashAlgorithm;
-    }
-
-    public static byte[] getExtensionData(Hashtable extensions, Integer extensionType)
-    {
-        return extensions == null ? null : (byte[])extensions.get(extensionType);
-    }
-
-    public static boolean hasExpectedEmptyExtensionData(Hashtable extensions, Integer extensionType,
-        short alertDescription) throws IOException
-    {
-        byte[] extension_data = getExtensionData(extensions, extensionType);
-        if (extension_data == null)
-        {
-            return false;
-        }
-        if (extension_data.length != 0)
-        {
-            throw new TlsFatalAlert(alertDescription);
-        }
-        return true;
-    }
-
-    public static TlsSession importSession(byte[] sessionID, SessionParameters sessionParameters)
-    {
-        return new TlsSessionImpl(sessionID, sessionParameters);
-    }
-
-    public static boolean isSignatureAlgorithmsExtensionAllowed(ProtocolVersion clientVersion)
-    {
-        return ProtocolVersion.TLSv12.isEqualOrEarlierVersionOf(clientVersion.getEquivalentTLSVersion());
-    }
-
-    /**
-     * Add a 'signature_algorithms' extension to existing extensions.
-     *
-     * @param extensions                   A {@link Hashtable} to add the extension to.
-     * @param supportedSignatureAlgorithms {@link Vector} containing at least 1 {@link SignatureAndHashAlgorithm}.
-     * @throws IOException
-     */
-    public static void addSignatureAlgorithmsExtension(Hashtable extensions, Vector supportedSignatureAlgorithms)
-        throws IOException
-    {
-        extensions.put(EXT_signature_algorithms, createSignatureAlgorithmsExtension(supportedSignatureAlgorithms));
-    }
-
-    /**
-     * Get a 'signature_algorithms' extension from extensions.
-     *
-     * @param extensions A {@link Hashtable} to get the extension from, if it is present.
-     * @return A {@link Vector} containing at least 1 {@link SignatureAndHashAlgorithm}, or null.
-     * @throws IOException
-     */
-    public static Vector getSignatureAlgorithmsExtension(Hashtable extensions)
-        throws IOException
-    {
-        byte[] extensionData = getExtensionData(extensions, EXT_signature_algorithms);
-        return extensionData == null ? null : readSignatureAlgorithmsExtension(extensionData);
-    }
-
-    /**
-     * Create a 'signature_algorithms' extension value.
-     *
-     * @param supportedSignatureAlgorithms A {@link Vector} containing at least 1 {@link SignatureAndHashAlgorithm}.
-     * @return A byte array suitable for use as an extension value.
-     * @throws IOException
-     */
-    public static byte[] createSignatureAlgorithmsExtension(Vector supportedSignatureAlgorithms)
-        throws IOException
-    {
-        ByteArrayOutputStream buf = new ByteArrayOutputStream();
-
-        // supported_signature_algorithms
-        encodeSupportedSignatureAlgorithms(supportedSignatureAlgorithms, false, buf);
-
-        return buf.toByteArray();
-    }
-
-    /**
-     * Read 'signature_algorithms' extension data.
-     *
-     * @param extensionData The extension data.
-     * @return A {@link Vector} containing at least 1 {@link SignatureAndHashAlgorithm}.
-     * @throws IOException
-     */
-    public static Vector readSignatureAlgorithmsExtension(byte[] extensionData)
-        throws IOException
-    {
-        if (extensionData == null)
-        {
-            throw new IllegalArgumentException("'extensionData' cannot be null");
-        }
-
-        ByteArrayInputStream buf = new ByteArrayInputStream(extensionData);
-
-        // supported_signature_algorithms
-        Vector supported_signature_algorithms = parseSupportedSignatureAlgorithms(false, buf);
-
-        TlsProtocol.assertEmpty(buf);
-
-        return supported_signature_algorithms;
-    }
-
-    public static void encodeSupportedSignatureAlgorithms(Vector supportedSignatureAlgorithms, boolean allowAnonymous,
-        OutputStream output) throws IOException
-    {
-        if (supportedSignatureAlgorithms == null || supportedSignatureAlgorithms.size() < 1
-            || supportedSignatureAlgorithms.size() >= (1 << 15))
-        {
-            throw new IllegalArgumentException(
-                "'supportedSignatureAlgorithms' must have length from 1 to (2^15 - 1)");
-        }
-
-        // supported_signature_algorithms
-        int length = 2 * supportedSignatureAlgorithms.size();
-        checkUint16(length);
-        writeUint16(length, output);
-        for (int i = 0; i < supportedSignatureAlgorithms.size(); ++i)
-        {
-            SignatureAndHashAlgorithm entry = (SignatureAndHashAlgorithm)supportedSignatureAlgorithms.elementAt(i);
-            if (!allowAnonymous && entry.getSignature() == SignatureAlgorithm.anonymous)
-            {
-                /*
-                 * RFC 5246 7.4.1.4.1 The "anonymous" value is meaningless in this context but used
-                 * in Section 7.4.3. It MUST NOT appear in this extension.
-                 */
-                throw new IllegalArgumentException(
-                    "SignatureAlgorithm.anonymous MUST NOT appear in the signature_algorithms extension");
-            }
-            entry.encode(output);
-        }
-    }
-
-    public static Vector parseSupportedSignatureAlgorithms(boolean allowAnonymous, InputStream input)
-        throws IOException
-    {
-        // supported_signature_algorithms
-        int length = readUint16(input);
-        if (length < 2 || (length & 1) != 0)
-        {
-            throw new TlsFatalAlert(AlertDescription.decode_error);
-        }
-        int count = length / 2;
-        Vector supportedSignatureAlgorithms = new Vector(count);
-        for (int i = 0; i < count; ++i)
-        {
-            SignatureAndHashAlgorithm entry = SignatureAndHashAlgorithm.parse(input);
-            if (!allowAnonymous && entry.getSignature() == SignatureAlgorithm.anonymous)
-            {
-                /*
-                 * RFC 5246 7.4.1.4.1 The "anonymous" value is meaningless in this context but used
-                 * in Section 7.4.3. It MUST NOT appear in this extension.
-                 */
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-            }
-            supportedSignatureAlgorithms.addElement(entry);
-        }
-        return supportedSignatureAlgorithms;
-    }
-
-    public static void verifySupportedSignatureAlgorithm(Vector supportedSignatureAlgorithms, SignatureAndHashAlgorithm signatureAlgorithm)
-        throws IOException
-    {
-        if (supportedSignatureAlgorithms == null || supportedSignatureAlgorithms.size() < 1
-            || supportedSignatureAlgorithms.size() >= (1 << 15))
-        {
-            throw new IllegalArgumentException(
-                "'supportedSignatureAlgorithms' must have length from 1 to (2^15 - 1)");
-        }
-        if (signatureAlgorithm == null)
-        {
-            throw new IllegalArgumentException("'signatureAlgorithm' cannot be null");
-        }
-
-        if (signatureAlgorithm.getSignature() != SignatureAlgorithm.anonymous)
-        {
-            for (int i = 0; i < supportedSignatureAlgorithms.size(); ++i)
-            {
-                SignatureAndHashAlgorithm entry = (SignatureAndHashAlgorithm)supportedSignatureAlgorithms.elementAt(i);
-                if (entry.getHash() == signatureAlgorithm.getHash() && entry.getSignature() == signatureAlgorithm.getSignature())
-                {
-                    return;
-                }
-            }
-        }
-
-        throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-    }
-
-    public static byte[] PRF(TlsContext context, byte[] secret, String asciiLabel, byte[] seed, int size)
-    {
-        ProtocolVersion version = context.getServerVersion();
-
-        if (version.isSSL())
-        {
-            throw new IllegalStateException("No PRF available for SSLv3 session");
-        }
-
-        byte[] label = Strings.toByteArray(asciiLabel);
-        byte[] labelSeed = concat(label, seed);
-
-        int prfAlgorithm = context.getSecurityParameters().getPrfAlgorithm();
-
-        if (prfAlgorithm == PRFAlgorithm.tls_prf_legacy)
-        {
-            return PRF_legacy(secret, label, labelSeed, size);
-        }
-
-        Digest prfDigest = createPRFHash(prfAlgorithm);
-        byte[] buf = new byte[size];
-        hmac_hash(prfDigest, secret, labelSeed, buf);
-        return buf;
-    }
-
-    public static byte[] PRF_legacy(byte[] secret, String asciiLabel, byte[] seed, int size)
-    {
-        byte[] label = Strings.toByteArray(asciiLabel);
-        byte[] labelSeed = concat(label, seed);
-
-        return PRF_legacy(secret, label, labelSeed, size);
-    }
-
-    static byte[] PRF_legacy(byte[] secret, byte[] label, byte[] labelSeed, int size)
-    {
-        int s_half = (secret.length + 1) / 2;
-        byte[] s1 = new byte[s_half];
-        byte[] s2 = new byte[s_half];
-        System.arraycopy(secret, 0, s1, 0, s_half);
-        System.arraycopy(secret, secret.length - s_half, s2, 0, s_half);
-
-        byte[] b1 = new byte[size];
-        byte[] b2 = new byte[size];
-        hmac_hash(createHash(HashAlgorithm.md5), s1, labelSeed, b1);
-        hmac_hash(createHash(HashAlgorithm.sha1), s2, labelSeed, b2);
-        for (int i = 0; i < size; i++)
-        {
-            b1[i] ^= b2[i];
-        }
-        return b1;
-    }
-
-    static byte[] concat(byte[] a, byte[] b)
-    {
-        byte[] c = new byte[a.length + b.length];
-        System.arraycopy(a, 0, c, 0, a.length);
-        System.arraycopy(b, 0, c, a.length, b.length);
-        return c;
-    }
-
-    static void hmac_hash(Digest digest, byte[] secret, byte[] seed, byte[] out)
-    {
-        HMac mac = new HMac(digest);
-        mac.init(new KeyParameter(secret));
-        byte[] a = seed;
-        int size = digest.getDigestSize();
-        int iterations = (out.length + size - 1) / size;
-        byte[] buf = new byte[mac.getMacSize()];
-        byte[] buf2 = new byte[mac.getMacSize()];
-        for (int i = 0; i < iterations; i++)
-        {
-            mac.update(a, 0, a.length);
-            mac.doFinal(buf, 0);
-            a = buf;
-            mac.update(a, 0, a.length);
-            mac.update(seed, 0, seed.length);
-            mac.doFinal(buf2, 0);
-            System.arraycopy(buf2, 0, out, (size * i), Math.min(size, out.length - (size * i)));
-        }
-    }
-
-    static void validateKeyUsage(org.bouncycastle.asn1.x509.Certificate c, int keyUsageBits)
-        throws IOException
-    {
-        Extensions exts = c.getTBSCertificate().getExtensions();
-        if (exts != null)
-        {
-            KeyUsage ku = KeyUsage.fromExtensions(exts);
-            if (ku != null)
-            {
-                int bits = ku.getBytes()[0] & 0xff;
-                if ((bits & keyUsageBits) != keyUsageBits)
-                {
-                    throw new TlsFatalAlert(AlertDescription.certificate_unknown);
-                }
-            }
-        }
-    }
-
-    static byte[] calculateKeyBlock(TlsContext context, int size)
-    {
-        SecurityParameters securityParameters = context.getSecurityParameters();
-        byte[] master_secret = securityParameters.getMasterSecret();
-        byte[] seed = concat(securityParameters.getServerRandom(),
-            securityParameters.getClientRandom());
-
-        if (isSSL(context))
-        {
-            return calculateKeyBlock_SSL(master_secret, seed, size);
-        }
-
-        return PRF(context, master_secret, ExporterLabel.key_expansion, seed, size);
-    }
-
-    static byte[] calculateKeyBlock_SSL(byte[] master_secret, byte[] random, int size)
-    {
-        Digest md5 = createHash(HashAlgorithm.md5);
-        Digest sha1 = createHash(HashAlgorithm.sha1);
-        int md5Size = md5.getDigestSize();
-        byte[] shatmp = new byte[sha1.getDigestSize()];
-        byte[] tmp = new byte[size + md5Size];
-
-        int i = 0, pos = 0;
-        while (pos < size)
-        {
-            byte[] ssl3Const = SSL3_CONST[i];
-
-            sha1.update(ssl3Const, 0, ssl3Const.length);
-            sha1.update(master_secret, 0, master_secret.length);
-            sha1.update(random, 0, random.length);
-            sha1.doFinal(shatmp, 0);
-
-            md5.update(master_secret, 0, master_secret.length);
-            md5.update(shatmp, 0, shatmp.length);
-            md5.doFinal(tmp, pos);
-
-            pos += md5Size;
-            ++i;
-        }
-
-        return Arrays.copyOfRange(tmp, 0, size);
-    }
-
-    static byte[] calculateMasterSecret(TlsContext context, byte[] pre_master_secret)
-    {
-        SecurityParameters securityParameters = context.getSecurityParameters();
-
-        byte[] seed;
-        if (securityParameters.isExtendedMasterSecret())
-        {
-            seed = securityParameters.getSessionHash();
-        }
-        else
-        {
-            seed = concat(securityParameters.getClientRandom(), securityParameters.getServerRandom());
-        }
-
-        if (isSSL(context))
-        {
-            return calculateMasterSecret_SSL(pre_master_secret, seed);
-        }
-
-        String asciiLabel = securityParameters.isExtendedMasterSecret()
-            ?   ExporterLabel.extended_master_secret
-            :   ExporterLabel.master_secret;
-
-        return PRF(context, pre_master_secret, asciiLabel, seed, 48);
-    }
-
-    static byte[] calculateMasterSecret_SSL(byte[] pre_master_secret, byte[] random)
-    {
-        Digest md5 = createHash(HashAlgorithm.md5);
-        Digest sha1 = createHash(HashAlgorithm.sha1);
-        int md5Size = md5.getDigestSize();
-        byte[] shatmp = new byte[sha1.getDigestSize()];
-
-        byte[] rval = new byte[md5Size * 3];
-        int pos = 0;
-
-        for (int i = 0; i < 3; ++i)
-        {
-            byte[] ssl3Const = SSL3_CONST[i];
-
-            sha1.update(ssl3Const, 0, ssl3Const.length);
-            sha1.update(pre_master_secret, 0, pre_master_secret.length);
-            sha1.update(random, 0, random.length);
-            sha1.doFinal(shatmp, 0);
-
-            md5.update(pre_master_secret, 0, pre_master_secret.length);
-            md5.update(shatmp, 0, shatmp.length);
-            md5.doFinal(rval, pos);
-
-            pos += md5Size;
-        }
-
-        return rval;
-    }
-
-    static byte[] calculateVerifyData(TlsContext context, String asciiLabel, byte[] handshakeHash)
-    {
-        if (isSSL(context))
-        {
-            return handshakeHash;
-        }
-
-        SecurityParameters securityParameters = context.getSecurityParameters();
-        byte[] master_secret = securityParameters.getMasterSecret();
-        int verify_data_length = securityParameters.getVerifyDataLength();
-
-        return PRF(context, master_secret, asciiLabel, handshakeHash, verify_data_length);
-    }
-
-    public static Digest createHash(short hashAlgorithm)
-    {
-        switch (hashAlgorithm)
-        {
-        case HashAlgorithm.md5:
-            return new MD5Digest();
-        case HashAlgorithm.sha1:
-            return new SHA1Digest();
-        case HashAlgorithm.sha224:
-            return new SHA224Digest();
-        case HashAlgorithm.sha256:
-            return new SHA256Digest();
-        case HashAlgorithm.sha384:
-            return new SHA384Digest();
-        case HashAlgorithm.sha512:
-            return new SHA512Digest();
-        default:
-            throw new IllegalArgumentException("unknown HashAlgorithm");
-        }
-    }
-
-    public static Digest createHash(SignatureAndHashAlgorithm signatureAndHashAlgorithm)
-    {
-        return signatureAndHashAlgorithm == null
-            ?   new CombinedHash()
-            :   createHash(signatureAndHashAlgorithm.getHash());
-    }
-
-    public static Digest cloneHash(short hashAlgorithm, Digest hash)
-    {
-        switch (hashAlgorithm)
-        {
-        case HashAlgorithm.md5:
-            return new MD5Digest((MD5Digest)hash);
-        case HashAlgorithm.sha1:
-            return new SHA1Digest((SHA1Digest)hash);
-        case HashAlgorithm.sha224:
-            return new SHA224Digest((SHA224Digest)hash);
-        case HashAlgorithm.sha256:
-            return new SHA256Digest((SHA256Digest)hash);
-        case HashAlgorithm.sha384:
-            return new SHA384Digest((SHA384Digest)hash);
-        case HashAlgorithm.sha512:
-            return new SHA512Digest((SHA512Digest)hash);
-        default:
-            throw new IllegalArgumentException("unknown HashAlgorithm");
-        }
-    }
-
-    public static Digest createPRFHash(int prfAlgorithm)
-    {
-        switch (prfAlgorithm)
-        {
-        case PRFAlgorithm.tls_prf_legacy:
-            return new CombinedHash();
-        default:
-            return createHash(getHashAlgorithmForPRFAlgorithm(prfAlgorithm));
-        }
-    }
-
-    public static Digest clonePRFHash(int prfAlgorithm, Digest hash)
-    {
-        switch (prfAlgorithm)
-        {
-        case PRFAlgorithm.tls_prf_legacy:
-            return new CombinedHash((CombinedHash)hash);
-        default:
-            return cloneHash(getHashAlgorithmForPRFAlgorithm(prfAlgorithm), hash);
-        }
-    }
-
-    public static short getHashAlgorithmForPRFAlgorithm(int prfAlgorithm)
-    {
-        switch (prfAlgorithm)
-        {
-        case PRFAlgorithm.tls_prf_legacy:
-            throw new IllegalArgumentException("legacy PRF not a valid algorithm");
-        case PRFAlgorithm.tls_prf_sha256:
-            return HashAlgorithm.sha256;
-        case PRFAlgorithm.tls_prf_sha384:
-            return HashAlgorithm.sha384;
-        default:
-            throw new IllegalArgumentException("unknown PRFAlgorithm");
-        }
-    }
-
-    public static ASN1ObjectIdentifier getOIDForHashAlgorithm(short hashAlgorithm)
-    {
-        switch (hashAlgorithm)
-        {
-        case HashAlgorithm.md5:
-            return PKCSObjectIdentifiers.md5;
-        case HashAlgorithm.sha1:
-            return X509ObjectIdentifiers.id_SHA1;
-        case HashAlgorithm.sha224:
-            return NISTObjectIdentifiers.id_sha224;
-        case HashAlgorithm.sha256:
-            return NISTObjectIdentifiers.id_sha256;
-        case HashAlgorithm.sha384:
-            return NISTObjectIdentifiers.id_sha384;
-        case HashAlgorithm.sha512:
-            return NISTObjectIdentifiers.id_sha512;
-        default:
-            throw new IllegalArgumentException("unknown HashAlgorithm");
-        }
-    }
-
-    static short getClientCertificateType(Certificate clientCertificate, Certificate serverCertificate)
-        throws IOException
-    {
-        if (clientCertificate.isEmpty())
-        {
-            return -1;
-        }
-
-        org.bouncycastle.asn1.x509.Certificate x509Cert = clientCertificate.getCertificateAt(0);
-        SubjectPublicKeyInfo keyInfo = x509Cert.getSubjectPublicKeyInfo();
-        try
-        {
-            AsymmetricKeyParameter publicKey = PublicKeyFactory.createKey(keyInfo);
-            if (publicKey.isPrivate())
-            {
-                throw new TlsFatalAlert(AlertDescription.internal_error);
-            }
-
-            /*
-             * TODO RFC 5246 7.4.6. The certificates MUST be signed using an acceptable hash/
-             * signature algorithm pair, as described in Section 7.4.4. Note that this relaxes the
-             * constraints on certificate-signing algorithms found in prior versions of TLS.
-             */
-
-            /*
-             * RFC 5246 7.4.6. Client Certificate
-             */
-
-            /*
-             * RSA public key; the certificate MUST allow the key to be used for signing with the
-             * signature scheme and hash algorithm that will be employed in the certificate verify
-             * message.
-             */
-            if (publicKey instanceof RSAKeyParameters)
-            {
-                validateKeyUsage(x509Cert, KeyUsage.digitalSignature);
-                return ClientCertificateType.rsa_sign;
-            }
-
-            /*
-             * DSA public key; the certificate MUST allow the key to be used for signing with the
-             * hash algorithm that will be employed in the certificate verify message.
-             */
-            if (publicKey instanceof DSAPublicKeyParameters)
-            {
-                validateKeyUsage(x509Cert, KeyUsage.digitalSignature);
-                return ClientCertificateType.dss_sign;
-            }
-
-            /*
-             * ECDSA-capable public key; the certificate MUST allow the key to be used for signing
-             * with the hash algorithm that will be employed in the certificate verify message; the
-             * public key MUST use a curve and point format supported by the server.
-             */
-            if (publicKey instanceof ECPublicKeyParameters)
-            {
-                validateKeyUsage(x509Cert, KeyUsage.digitalSignature);
-                // TODO Check the curve and point format
-                return ClientCertificateType.ecdsa_sign;
-            }
-
-            // TODO Add support for ClientCertificateType.*_fixed_*
-
-            throw new TlsFatalAlert(AlertDescription.unsupported_certificate);
-        }
-        catch (Exception e)
-        {
-            throw new TlsFatalAlert(AlertDescription.unsupported_certificate, e);
-        }
-    }
-
-    static void trackHashAlgorithms(TlsHandshakeHash handshakeHash, Vector supportedSignatureAlgorithms)
-    {
-        if (supportedSignatureAlgorithms != null)
-        {
-            for (int i = 0; i < supportedSignatureAlgorithms.size(); ++i)
-            {
-                SignatureAndHashAlgorithm signatureAndHashAlgorithm = (SignatureAndHashAlgorithm)
-                    supportedSignatureAlgorithms.elementAt(i);
-                short hashAlgorithm = signatureAndHashAlgorithm.getHash();
-
-                if (HashAlgorithm.isRecognized(hashAlgorithm))
-                {
-                    handshakeHash.trackHashAlgorithm(hashAlgorithm);
-                }
-                else //if (HashAlgorithm.isPrivate(hashAlgorithm))
-                {
-                    // TODO Support values in the "Reserved for Private Use" range
-                }
-            }
-        }
-    }
-
-    public static boolean hasSigningCapability(short clientCertificateType)
-    {
-        switch (clientCertificateType)
-        {
-        case ClientCertificateType.dss_sign:
-        case ClientCertificateType.ecdsa_sign:
-        case ClientCertificateType.rsa_sign:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    public static TlsSigner createTlsSigner(short clientCertificateType)
-    {
-        switch (clientCertificateType)
-        {
-        case ClientCertificateType.dss_sign:
-            return new TlsDSSSigner();
-        case ClientCertificateType.ecdsa_sign:
-            return new TlsECDSASigner();
-        case ClientCertificateType.rsa_sign:
-            return new TlsRSASigner();
-        default:
-            throw new IllegalArgumentException("'clientCertificateType' is not a type with signing capability");
-        }
-    }
-
-    static final byte[] SSL_CLIENT = {0x43, 0x4C, 0x4E, 0x54};
-    static final byte[] SSL_SERVER = {0x53, 0x52, 0x56, 0x52};
-
-    // SSL3 magic mix constants ("A", "BB", "CCC", ...)
-    static final byte[][] SSL3_CONST = genSSL3Const();
-
-    private static byte[][] genSSL3Const()
-    {
-        int n = 10;
-        byte[][] arr = new byte[n][];
-        for (int i = 0; i < n; i++)
-        {
-            byte[] b = new byte[i + 1];
-            Arrays.fill(b, (byte)('A' + i));
-            arr[i] = b;
-        }
-        return arr;
-    }
-
-    private static Vector vectorOfOne(Object obj)
-    {
-        Vector v = new Vector(1);
-        v.addElement(obj);
-        return v;
-    }
-
-    public static int getCipherType(int ciphersuite) throws IOException
-    {
-        switch (getEncryptionAlgorithm(ciphersuite))
-        {
-        case EncryptionAlgorithm.AES_128_CCM:
-        case EncryptionAlgorithm.AES_128_CCM_8:
-        case EncryptionAlgorithm.AES_128_GCM:
-        case EncryptionAlgorithm.AES_128_OCB_TAGLEN96:
-        case EncryptionAlgorithm.AES_256_CCM:
-        case EncryptionAlgorithm.AES_256_CCM_8:
-        case EncryptionAlgorithm.AES_256_GCM:
-        case EncryptionAlgorithm.AES_256_OCB_TAGLEN96:
-        case EncryptionAlgorithm.CAMELLIA_128_GCM:
-        case EncryptionAlgorithm.CAMELLIA_256_GCM:
-        case EncryptionAlgorithm.CHACHA20_POLY1305:
-            return CipherType.aead;
-
-        case EncryptionAlgorithm.RC2_CBC_40:
-        case EncryptionAlgorithm.IDEA_CBC:
-        case EncryptionAlgorithm.DES40_CBC:
-        case EncryptionAlgorithm.DES_CBC:
-        case EncryptionAlgorithm._3DES_EDE_CBC:
-        case EncryptionAlgorithm.AES_128_CBC:
-        case EncryptionAlgorithm.AES_256_CBC:
-        case EncryptionAlgorithm.CAMELLIA_128_CBC:
-        case EncryptionAlgorithm.CAMELLIA_256_CBC:
-        case EncryptionAlgorithm.SEED_CBC:
-            return CipherType.block;
-
-        case EncryptionAlgorithm.NULL:
-        case EncryptionAlgorithm.RC4_40:
-        case EncryptionAlgorithm.RC4_128:
-            return CipherType.stream;
-
-        default:
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    public static int getEncryptionAlgorithm(int ciphersuite) throws IOException
-    {
-        switch (ciphersuite)
-        {
-        case CipherSuite.TLS_DH_anon_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_PSK_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA:
-            return EncryptionAlgorithm._3DES_EDE_CBC;
-
-        case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDH_anon_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA:
-            return EncryptionAlgorithm.AES_128_CBC;
-
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CCM:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM:
-        case CipherSuite.TLS_PSK_WITH_AES_128_CCM:
-        case CipherSuite.TLS_RSA_WITH_AES_128_CCM:
-            return EncryptionAlgorithm.AES_128_CCM;
-
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM_8:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
-        case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8:
-        case CipherSuite.TLS_PSK_WITH_AES_128_CCM_8:
-        case CipherSuite.TLS_RSA_WITH_AES_128_CCM_8:
-            return EncryptionAlgorithm.AES_128_CCM_8;
-
-        case CipherSuite.TLS_DH_anon_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_PSK_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_RSA_PSK_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256:
-            return EncryptionAlgorithm.AES_128_GCM;
-
-        case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_128_OCB:
-        case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_128_OCB:
-        case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_128_OCB:
-        case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_128_OCB:
-        case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_128_OCB:
-        case CipherSuite.DRAFT_TLS_PSK_WITH_AES_128_OCB:
-            return EncryptionAlgorithm.AES_128_OCB_TAGLEN96;
-
-        case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_ECDH_anon_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA:
-            return EncryptionAlgorithm.AES_256_CBC;
-
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CCM:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM:
-        case CipherSuite.TLS_PSK_WITH_AES_256_CCM:
-        case CipherSuite.TLS_RSA_WITH_AES_256_CCM:
-            return EncryptionAlgorithm.AES_256_CCM;
-
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM_8:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8:
-        case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8:
-        case CipherSuite.TLS_PSK_WITH_AES_256_CCM_8:
-        case CipherSuite.TLS_RSA_WITH_AES_256_CCM_8:
-            return EncryptionAlgorithm.AES_256_CCM_8;
-
-        case CipherSuite.TLS_DH_anon_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_DH_DSS_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_DH_RSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_PSK_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_RSA_PSK_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384:
-            return EncryptionAlgorithm.AES_256_GCM;
-
-        case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_256_OCB:
-        case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_256_OCB:
-        case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_256_OCB:
-        case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_256_OCB:
-        case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_256_OCB:
-        case CipherSuite.DRAFT_TLS_PSK_WITH_AES_256_OCB:
-            return EncryptionAlgorithm.AES_256_OCB_TAGLEN96;
-
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA:
-        case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA:
-        case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA:
-        case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256:
-            return EncryptionAlgorithm.CAMELLIA_128_CBC;
-
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-            return EncryptionAlgorithm.CAMELLIA_128_GCM;
-
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA:
-        case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA:
-        case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA:
-        case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384:
-            return EncryptionAlgorithm.CAMELLIA_256_CBC;
-
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-            return EncryptionAlgorithm.CAMELLIA_256_GCM;
-
-        case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.DRAFT_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.DRAFT_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256:
-            return EncryptionAlgorithm.CHACHA20_POLY1305;
-
-        case CipherSuite.TLS_RSA_WITH_NULL_MD5:
-            return EncryptionAlgorithm.NULL;
-
-        case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA:
-        case CipherSuite.TLS_ECDH_anon_WITH_NULL_SHA:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_NULL_SHA:
-        case CipherSuite.TLS_ECDH_RSA_WITH_NULL_SHA:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_NULL_SHA:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_NULL_SHA:
-        case CipherSuite.TLS_PSK_WITH_NULL_SHA:
-        case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA:
-        case CipherSuite.TLS_RSA_WITH_NULL_SHA:
-            return EncryptionAlgorithm.NULL;
-
-        case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA256:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA256:
-        case CipherSuite.TLS_PSK_WITH_NULL_SHA256:
-        case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA256:
-        case CipherSuite.TLS_RSA_WITH_NULL_SHA256:
-            return EncryptionAlgorithm.NULL;
-
-        case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA384:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA384:
-        case CipherSuite.TLS_PSK_WITH_NULL_SHA384:
-        case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA384:
-            return EncryptionAlgorithm.NULL;
-
-        case CipherSuite.TLS_DH_anon_WITH_RC4_128_MD5:
-        case CipherSuite.TLS_RSA_WITH_RC4_128_MD5:
-            return EncryptionAlgorithm.RC4_128;
-
-        case CipherSuite.TLS_DHE_PSK_WITH_RC4_128_SHA:
-        case CipherSuite.TLS_ECDH_anon_WITH_RC4_128_SHA:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_RC4_128_SHA:
-        case CipherSuite.TLS_ECDH_RSA_WITH_RC4_128_SHA:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_RC4_128_SHA:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_RC4_128_SHA:
-        case CipherSuite.TLS_PSK_WITH_RC4_128_SHA:
-        case CipherSuite.TLS_RSA_WITH_RC4_128_SHA:
-        case CipherSuite.TLS_RSA_PSK_WITH_RC4_128_SHA:
-            return EncryptionAlgorithm.RC4_128;
-
-        case CipherSuite.TLS_DH_anon_WITH_SEED_CBC_SHA:
-        case CipherSuite.TLS_DH_DSS_WITH_SEED_CBC_SHA:
-        case CipherSuite.TLS_DH_RSA_WITH_SEED_CBC_SHA:
-        case CipherSuite.TLS_DHE_DSS_WITH_SEED_CBC_SHA:
-        case CipherSuite.TLS_DHE_RSA_WITH_SEED_CBC_SHA:
-        case CipherSuite.TLS_RSA_WITH_SEED_CBC_SHA:
-            return EncryptionAlgorithm.SEED_CBC;
-
-        default:
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    public static int getKeyExchangeAlgorithm(int ciphersuite) throws IOException
-    {
-        switch (ciphersuite)
-        {
-        case CipherSuite.TLS_DH_anon_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_DH_anon_WITH_RC4_128_MD5:
-        case CipherSuite.TLS_DH_anon_WITH_SEED_CBC_SHA:
-            return KeyExchangeAlgorithm.DH_anon;
-
-        case CipherSuite.TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA:
-        case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA:
-        case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_DH_DSS_WITH_SEED_CBC_SHA:
-            return KeyExchangeAlgorithm.DH_DSS;
-
-        case CipherSuite.TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA:
-        case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA:
-        case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_DH_RSA_WITH_SEED_CBC_SHA:
-            return KeyExchangeAlgorithm.DH_RSA;
-
-        case CipherSuite.TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_DHE_DSS_WITH_SEED_CBC_SHA:
-            return KeyExchangeAlgorithm.DHE_DSS;
-
-        case CipherSuite.TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CCM:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_128_OCB:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CCM:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_256_OCB:
-        case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA:
-        case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA256:
-        case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA384:
-        case CipherSuite.TLS_DHE_PSK_WITH_RC4_128_SHA:
-        case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8:
-        case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8:
-            return KeyExchangeAlgorithm.DHE_PSK;
-
-        case CipherSuite.TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM_8:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_128_OCB:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM_8:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_256_OCB:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_SEED_CBC_SHA:
-            return KeyExchangeAlgorithm.DHE_RSA;
-
-        case CipherSuite.TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_ECDH_anon_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_ECDH_anon_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_ECDH_anon_WITH_NULL_SHA:
-        case CipherSuite.TLS_ECDH_anon_WITH_RC4_128_SHA:
-            return KeyExchangeAlgorithm.ECDH_anon;
-
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_NULL_SHA:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_RC4_128_SHA:
-            return KeyExchangeAlgorithm.ECDH_ECDSA;
-
-        case CipherSuite.TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDH_RSA_WITH_NULL_SHA:
-        case CipherSuite.TLS_ECDH_RSA_WITH_RC4_128_SHA:
-            return KeyExchangeAlgorithm.ECDH_RSA;
-
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_128_OCB:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_256_OCB:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_NULL_SHA:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA:
-            return KeyExchangeAlgorithm.ECDHE_ECDSA;
-
-        case CipherSuite.TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_128_OCB:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_256_OCB:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA256:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA384:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_RC4_128_SHA:
-            return KeyExchangeAlgorithm.ECDHE_PSK;
-
-        case CipherSuite.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_128_OCB:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_256_OCB:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_NULL_SHA:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_RC4_128_SHA:
-            return KeyExchangeAlgorithm.ECDHE_RSA;
-
-        case CipherSuite.TLS_PSK_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_PSK_WITH_AES_128_CCM:
-        case CipherSuite.TLS_PSK_WITH_AES_128_CCM_8:
-        case CipherSuite.TLS_PSK_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.DRAFT_TLS_PSK_WITH_AES_128_OCB:
-        case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_PSK_WITH_AES_256_CCM:
-        case CipherSuite.TLS_PSK_WITH_AES_256_CCM_8:
-        case CipherSuite.TLS_PSK_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_PSK_WITH_AES_256_OCB:
-        case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.TLS_PSK_WITH_NULL_SHA:
-        case CipherSuite.TLS_PSK_WITH_NULL_SHA256:
-        case CipherSuite.TLS_PSK_WITH_NULL_SHA384:
-        case CipherSuite.TLS_PSK_WITH_RC4_128_SHA:
-            return KeyExchangeAlgorithm.PSK;
-
-        case CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_RSA_WITH_AES_128_CCM:
-        case CipherSuite.TLS_RSA_WITH_AES_128_CCM_8:
-        case CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_RSA_WITH_AES_256_CCM:
-        case CipherSuite.TLS_RSA_WITH_AES_256_CCM_8:
-        case CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA:
-        case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA:
-        case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_RSA_WITH_NULL_MD5:
-        case CipherSuite.TLS_RSA_WITH_NULL_SHA:
-        case CipherSuite.TLS_RSA_WITH_NULL_SHA256:
-        case CipherSuite.TLS_RSA_WITH_RC4_128_MD5:
-        case CipherSuite.TLS_RSA_WITH_RC4_128_SHA:
-        case CipherSuite.TLS_RSA_WITH_SEED_CBC_SHA:
-            return KeyExchangeAlgorithm.RSA;
-
-        case CipherSuite.TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_RSA_PSK_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_RSA_PSK_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA:
-        case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA256:
-        case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA384:
-        case CipherSuite.TLS_RSA_PSK_WITH_RC4_128_SHA:
-            return KeyExchangeAlgorithm.RSA_PSK;
-
-        case CipherSuite.TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA:
-            return KeyExchangeAlgorithm.SRP;
-
-        case CipherSuite.TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA:
-            return KeyExchangeAlgorithm.SRP_DSS;
-
-        case CipherSuite.TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA:
-            return KeyExchangeAlgorithm.SRP_RSA;
-
-        default:
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    public static int getMACAlgorithm(int ciphersuite) throws IOException
-    {
-        switch (ciphersuite)
-        {
-        case CipherSuite.TLS_DH_anon_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_DH_DSS_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_DH_RSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CCM:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_128_OCB:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CCM:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_256_OCB:
-        case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM_8:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_128_OCB:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM_8:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_256_OCB:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_128_OCB:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_256_OCB:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_128_OCB:
-        case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_256_OCB:
-        case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_128_OCB:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_256_OCB:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8:
-        case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8:
-        case CipherSuite.TLS_PSK_WITH_AES_128_CCM:
-        case CipherSuite.TLS_PSK_WITH_AES_128_CCM_8:
-        case CipherSuite.TLS_PSK_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.DRAFT_TLS_PSK_WITH_AES_128_OCB:
-        case CipherSuite.TLS_PSK_WITH_AES_256_CCM:
-        case CipherSuite.TLS_PSK_WITH_AES_256_CCM_8:
-        case CipherSuite.TLS_PSK_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_PSK_WITH_AES_256_OCB:
-        case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.TLS_RSA_PSK_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_RSA_PSK_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.TLS_RSA_WITH_AES_128_CCM:
-        case CipherSuite.TLS_RSA_WITH_AES_128_CCM_8:
-        case CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_RSA_WITH_AES_256_CCM:
-        case CipherSuite.TLS_RSA_WITH_AES_256_CCM_8:
-        case CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-            return MACAlgorithm._null;
-
-        case CipherSuite.TLS_DH_anon_WITH_RC4_128_MD5:
-        case CipherSuite.TLS_RSA_WITH_NULL_MD5:
-        case CipherSuite.TLS_RSA_WITH_RC4_128_MD5:
-            return MACAlgorithm.hmac_md5;
-
-        case CipherSuite.TLS_DH_anon_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA:
-        case CipherSuite.TLS_DH_anon_WITH_SEED_CBC_SHA:
-        case CipherSuite.TLS_DH_DSS_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA:
-        case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA:
-        case CipherSuite.TLS_DH_DSS_WITH_SEED_CBC_SHA:
-        case CipherSuite.TLS_DH_RSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA:
-        case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA:
-        case CipherSuite.TLS_DH_RSA_WITH_SEED_CBC_SHA:
-        case CipherSuite.TLS_DHE_DSS_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA:
-        case CipherSuite.TLS_DHE_DSS_WITH_SEED_CBC_SHA:
-        case CipherSuite.TLS_DHE_PSK_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA:
-        case CipherSuite.TLS_DHE_PSK_WITH_RC4_128_SHA:
-        case CipherSuite.TLS_DHE_RSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA:
-        case CipherSuite.TLS_DHE_RSA_WITH_SEED_CBC_SHA:
-        case CipherSuite.TLS_ECDH_anon_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_ECDH_anon_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_ECDH_anon_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_ECDH_anon_WITH_NULL_SHA:
-        case CipherSuite.TLS_ECDH_anon_WITH_RC4_128_SHA:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_NULL_SHA:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_RC4_128_SHA:
-        case CipherSuite.TLS_ECDH_RSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_ECDH_RSA_WITH_NULL_SHA:
-        case CipherSuite.TLS_ECDH_RSA_WITH_RC4_128_SHA:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_NULL_SHA:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_RC4_128_SHA:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_RC4_128_SHA:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_NULL_SHA:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_RC4_128_SHA:
-        case CipherSuite.TLS_RSA_PSK_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_PSK_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_PSK_WITH_NULL_SHA:
-        case CipherSuite.TLS_PSK_WITH_RC4_128_SHA:
-        case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA:
-        case CipherSuite.TLS_RSA_PSK_WITH_RC4_128_SHA:
-        case CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA:
-        case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA:
-        case CipherSuite.TLS_RSA_WITH_NULL_SHA:
-        case CipherSuite.TLS_RSA_WITH_RC4_128_SHA:
-        case CipherSuite.TLS_RSA_WITH_SEED_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_DSS_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_DSS_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_RSA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_RSA_WITH_AES_256_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_WITH_3DES_EDE_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_WITH_AES_128_CBC_SHA:
-        case CipherSuite.TLS_SRP_SHA_WITH_AES_256_CBC_SHA:
-            return MACAlgorithm.hmac_sha1;
-
-        case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA256:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_PSK_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_PSK_WITH_NULL_SHA256:
-        case CipherSuite.TLS_RSA_PSK_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA256:
-        case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_RSA_WITH_NULL_SHA256:
-            return MACAlgorithm.hmac_sha256;
-
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_DHE_PSK_WITH_NULL_SHA384:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_PSK_WITH_NULL_SHA384:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_PSK_WITH_NULL_SHA384:
-        case CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_RSA_PSK_WITH_NULL_SHA384:
-            return MACAlgorithm.hmac_sha384;
-
-        default:
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-    }
-
-    public static ProtocolVersion getMinimumVersion(int ciphersuite)
-    {
-        switch (ciphersuite)
-        {
-        case CipherSuite.TLS_DH_anon_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_anon_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_DH_DSS_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_DSS_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_DH_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_DH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_DHE_DSS_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_128_CCM:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_128_OCB:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_256_CCM:
-        case CipherSuite.TLS_DHE_PSK_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_AES_256_OCB:
-        case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DHE_PSK_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_DHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_CCM_8:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_128_OCB:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_CCM_8:
-        case CipherSuite.TLS_DHE_RSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_AES_256_OCB:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_DHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_DHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDH_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDH_RSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDH_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_CCM_8:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_128_OCB:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_CCM_8:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_AES_256_OCB:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_ECDSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_ECDHE_ECDSA_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_128_OCB:
-        case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_AES_256_OCB:
-        case CipherSuite.DRAFT_TLS_ECDHE_PSK_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_128_OCB:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_AES_256_OCB:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_CBC_SHA384:
-        case CipherSuite.TLS_ECDHE_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.TLS_PSK_DHE_WITH_AES_128_CCM_8:
-        case CipherSuite.TLS_PSK_DHE_WITH_AES_256_CCM_8:
-        case CipherSuite.TLS_PSK_WITH_AES_128_CCM:
-        case CipherSuite.TLS_PSK_WITH_AES_128_CCM_8:
-        case CipherSuite.TLS_PSK_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.DRAFT_TLS_PSK_WITH_AES_128_OCB:
-        case CipherSuite.TLS_PSK_WITH_AES_256_CCM:
-        case CipherSuite.TLS_PSK_WITH_AES_256_CCM_8:
-        case CipherSuite.TLS_PSK_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_PSK_WITH_AES_256_OCB:
-        case CipherSuite.TLS_PSK_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_PSK_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_PSK_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.TLS_RSA_PSK_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_RSA_PSK_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_RSA_PSK_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.DRAFT_TLS_RSA_PSK_WITH_CHACHA20_POLY1305_SHA256:
-        case CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA256:
-        case CipherSuite.TLS_RSA_WITH_AES_128_CCM:
-        case CipherSuite.TLS_RSA_WITH_AES_128_CCM_8:
-        case CipherSuite.TLS_RSA_WITH_AES_128_GCM_SHA256:
-        case CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA256:
-        case CipherSuite.TLS_RSA_WITH_AES_256_CCM:
-        case CipherSuite.TLS_RSA_WITH_AES_256_CCM_8:
-        case CipherSuite.TLS_RSA_WITH_AES_256_GCM_SHA384:
-        case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_CBC_SHA256:
-        case CipherSuite.TLS_RSA_WITH_CAMELLIA_128_GCM_SHA256:
-        case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_CBC_SHA256:
-        case CipherSuite.TLS_RSA_WITH_CAMELLIA_256_GCM_SHA384:
-        case CipherSuite.TLS_RSA_WITH_NULL_SHA256:
-            return ProtocolVersion.TLSv12;
-
-        default:
-            return ProtocolVersion.SSLv3;
-        }
-    }
-
-    public static boolean isAEADCipherSuite(int ciphersuite) throws IOException
-    {
-        return CipherType.aead == getCipherType(ciphersuite);
-    }
-
-    public static boolean isBlockCipherSuite(int ciphersuite) throws IOException
-    {
-        return CipherType.block == getCipherType(ciphersuite);
-    }
-
-    public static boolean isStreamCipherSuite(int ciphersuite) throws IOException
-    {
-        return CipherType.stream == getCipherType(ciphersuite);
-    }
-
-    public static boolean isValidCipherSuiteForSignatureAlgorithms(int cipherSuite, Vector sigAlgs)
-    {
-        int keyExchangeAlgorithm;
-        try
-        {
-            keyExchangeAlgorithm = getKeyExchangeAlgorithm(cipherSuite);
-        }
-        catch (IOException e)
-        {
-            return true;
-        }
-
-        switch (keyExchangeAlgorithm)
-        {
-        case KeyExchangeAlgorithm.DH_anon:
-        case KeyExchangeAlgorithm.DH_anon_EXPORT:
-        case KeyExchangeAlgorithm.ECDH_anon:
-            return sigAlgs.contains(Shorts.valueOf(SignatureAlgorithm.anonymous));
-
-        case KeyExchangeAlgorithm.DHE_RSA:
-        case KeyExchangeAlgorithm.DHE_RSA_EXPORT:
-        case KeyExchangeAlgorithm.ECDHE_RSA:
-        case KeyExchangeAlgorithm.SRP_RSA:
-            return sigAlgs.contains(Shorts.valueOf(SignatureAlgorithm.rsa));
-
-        case KeyExchangeAlgorithm.DHE_DSS:
-        case KeyExchangeAlgorithm.DHE_DSS_EXPORT:
-        case KeyExchangeAlgorithm.SRP_DSS:
-            return sigAlgs.contains(Shorts.valueOf(SignatureAlgorithm.dsa));
-
-        case KeyExchangeAlgorithm.ECDHE_ECDSA:
-            return sigAlgs.contains(Shorts.valueOf(SignatureAlgorithm.ecdsa));
-
-        default:
-            return true;
-        }
-    }
-
-    public static boolean isValidCipherSuiteForVersion(int cipherSuite, ProtocolVersion serverVersion)
-    {
-        return getMinimumVersion(cipherSuite).isEqualOrEarlierVersionOf(serverVersion.getEquivalentTLSVersion());
-    }
-
-    public static Vector getUsableSignatureAlgorithms(Vector sigHashAlgs)
-    {
-        if (sigHashAlgs == null)
-        {
-            return getAllSignatureAlgorithms();
-        }
-
-        Vector v = new Vector(4);
-        v.addElement(Shorts.valueOf(SignatureAlgorithm.anonymous));
-        for (int i = 0; i < sigHashAlgs.size(); ++i)
-        {
-            SignatureAndHashAlgorithm sigHashAlg = (SignatureAndHashAlgorithm)sigHashAlgs.elementAt(i);
-//            if (sigHashAlg.getHash() >= MINIMUM_HASH_STRICT)
-            {
-                Short sigAlg = Shorts.valueOf(sigHashAlg.getSignature());
-                if (!v.contains(sigAlg))
-                {
-                    v.addElement(sigAlg);
-                }
-            }
-        }
-        return v;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/UDPTransport.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/UDPTransport.java
deleted file mode 100644
index d5f0769..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/UDPTransport.java
+++ /dev/null

@@ -1,75 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-import java.net.DatagramPacket;
-import java.net.DatagramSocket;
-
-public class UDPTransport
-    implements DatagramTransport
-{
-    protected final static int MIN_IP_OVERHEAD = 20;
-    protected final static int MAX_IP_OVERHEAD = MIN_IP_OVERHEAD + 64;
-    protected final static int UDP_OVERHEAD = 8;
-
-    protected final DatagramSocket socket;
-    protected final int receiveLimit, sendLimit;
-
-    public UDPTransport(DatagramSocket socket, int mtu)
-        throws IOException
-    {
-        if (!socket.isBound() || !socket.isConnected())
-        {
-            throw new IllegalArgumentException("'socket' must be bound and connected");
-        }
-
-        this.socket = socket;
-
-        // NOTE: As of JDK 1.6, can use NetworkInterface.getMTU
-
-        this.receiveLimit = mtu - MIN_IP_OVERHEAD - UDP_OVERHEAD;
-        this.sendLimit = mtu - MAX_IP_OVERHEAD - UDP_OVERHEAD;
-    }
-
-    public int getReceiveLimit()
-    {
-        return receiveLimit;
-    }
-
-    public int getSendLimit()
-    {
-        // TODO[DTLS] Implement Path-MTU discovery?
-        return sendLimit;
-    }
-
-    public int receive(byte[] buf, int off, int len, int waitMillis)
-        throws IOException
-    {
-        socket.setSoTimeout(waitMillis);
-        DatagramPacket packet = new DatagramPacket(buf, off, len);
-        socket.receive(packet);
-        return packet.getLength();
-    }
-
-    public void send(byte[] buf, int off, int len)
-        throws IOException
-    {
-        if (len > getSendLimit())
-        {
-            /*
-             * RFC 4347 4.1.1. "If the application attempts to send a record larger than the MTU,
-             * the DTLS implementation SHOULD generate an error, thus avoiding sending a packet
-             * which will be fragmented."
-             */
-            throw new TlsFatalAlert(AlertDescription.internal_error);
-        }
-
-        DatagramPacket packet = new DatagramPacket(buf, off, len);
-        socket.send(packet);
-    }
-
-    public void close()
-        throws IOException
-    {
-        socket.close();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/URLAndHash.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/URLAndHash.java
deleted file mode 100644
index c32a904..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/URLAndHash.java
+++ /dev/null

@@ -1,104 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-
-import org.bouncycastle.util.Strings;
-
-/**
- * RFC 6066 5.
- */
-public class URLAndHash
-{
-    protected String url;
-    protected byte[] sha1Hash;
-
-    public URLAndHash(String url, byte[] sha1Hash)
-    {
-        if (url == null || url.length() < 1 || url.length() >= (1 << 16))
-        {
-            throw new IllegalArgumentException("'url' must have length from 1 to (2^16 - 1)");
-        }
-        if (sha1Hash != null && sha1Hash.length != 20)
-        {
-            throw new IllegalArgumentException("'sha1Hash' must have length == 20, if present");
-        }
-
-        this.url = url;
-        this.sha1Hash = sha1Hash;
-    }
-
-    public String getURL()
-    {
-        return url;
-    }
-
-    public byte[] getSHA1Hash()
-    {
-        return sha1Hash;
-    }
-
-    /**
-     * Encode this {@link URLAndHash} to an {@link OutputStream}.
-     *
-     * @param output the {@link OutputStream} to encode to.
-     * @throws IOException
-     */
-    public void encode(OutputStream output)
-        throws IOException
-    {
-        byte[] urlEncoding = Strings.toByteArray(this.url);
-        TlsUtils.writeOpaque16(urlEncoding, output);
-
-        if (this.sha1Hash == null)
-        {
-            TlsUtils.writeUint8(0, output);
-        }
-        else
-        {
-            TlsUtils.writeUint8(1, output);
-            output.write(this.sha1Hash);
-        }
-    }
-
-    /**
-     * Parse a {@link URLAndHash} from an {@link InputStream}.
-     * 
-     * @param context
-     *            the {@link TlsContext} of the current connection.
-     * @param input
-     *            the {@link InputStream} to parse from.
-     * @return a {@link URLAndHash} object.
-     * @throws IOException
-     */
-    public static URLAndHash parse(TlsContext context, InputStream input)
-        throws IOException
-    {
-        byte[] urlEncoding = TlsUtils.readOpaque16(input);
-        if (urlEncoding.length < 1)
-        {
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-        String url = Strings.fromByteArray(urlEncoding);
-
-        byte[] sha1Hash = null;
-        short padding = TlsUtils.readUint8(input);
-        switch (padding)
-        {
-        case 0:
-            if (TlsUtils.isTLSv12(context))
-            {
-                throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-            }
-            break;
-        case 1:
-            sha1Hash = TlsUtils.readFully(20, input);
-            break;
-        default:
-            throw new TlsFatalAlert(AlertDescription.illegal_parameter);
-        }
-
-        return new URLAndHash(url, sha1Hash);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/UseSRTPData.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/UseSRTPData.java
deleted file mode 100644
index 7a83e4d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/UseSRTPData.java
+++ /dev/null

@@ -1,52 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/**
- * RFC 5764 4.1.1
- */
-public class UseSRTPData
-{
-    protected int[] protectionProfiles;
-    protected byte[] mki;
-
-    /**
-     * @param protectionProfiles see {@link SRTPProtectionProfile} for valid constants.
-     * @param mki                valid lengths from 0 to 255.
-     */
-    public UseSRTPData(int[] protectionProfiles, byte[] mki)
-    {
-        if (protectionProfiles == null || protectionProfiles.length < 1
-            || protectionProfiles.length >= (1 << 15))
-        {
-            throw new IllegalArgumentException(
-                "'protectionProfiles' must have length from 1 to (2^15 - 1)");
-        }
-
-        if (mki == null)
-        {
-            mki = TlsUtils.EMPTY_BYTES;
-        }
-        else if (mki.length > 255)
-        {
-            throw new IllegalArgumentException("'mki' cannot be longer than 255 bytes");
-        }
-
-        this.protectionProfiles = protectionProfiles;
-        this.mki = mki;
-    }
-
-    /**
-     * @return see {@link SRTPProtectionProfile} for valid constants.
-     */
-    public int[] getProtectionProfiles()
-    {
-        return protectionProfiles;
-    }
-
-    /**
-     * @return valid lengths from 0 to 255.
-     */
-    public byte[] getMki()
-    {
-        return mki;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/UserMappingType.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/UserMappingType.java
deleted file mode 100644
index 8f6ae7b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/UserMappingType.java
+++ /dev/null

@@ -1,12 +0,0 @@
-package org.bouncycastle.crypto.tls;
-
-/**
- * RFC 4681
- */
-public class UserMappingType
-{
-    /*
-     * RFC 4681
-     */
-    public static final short upn_domain_hint = 64;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/package.html b/bcprov/src/main/java/org/bouncycastle/crypto/tls/package.html
deleted file mode 100644
index ee59f8a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-A lightweight TLS API.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/AllTests.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/AllTests.java
deleted file mode 100644
index 9eb94b9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/AllTests.java
+++ /dev/null

@@ -1,53 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-
-public class AllTests
-    extends TestCase
-{
-    public static void main(String[] args)
-        throws Exception
-    {
-        junit.textui.TestRunner.run(suite());
-    }
-
-    public static Test suite()
-        throws Exception
-    {
-        TestSuite suite = new TestSuite("TLS tests");
-
-        suite.addTestSuite(BasicTlsTest.class);
-        suite.addTestSuite(DTLSProtocolTest.class);
-        suite.addTestSuite(DTLSTestCase.class);
-        suite.addTestSuite(TlsProtocolTest.class);
-        suite.addTestSuite(TlsProtocolNonBlockingTest.class);
-        suite.addTestSuite(TlsPSKProtocolTest.class);
-        suite.addTestSuite(TlsSRPProtocolTest.class);
-        suite.addTestSuite(TlsTestCase.class);
-        suite.addTest(TlsTestSuite.suite());
-
-        return new BCTestSetup(suite);
-    }
-
-    static class BCTestSetup
-        extends TestSetup
-    {
-        public BCTestSetup(Test test)
-        {
-            super(test);
-        }
-
-        protected void setUp()
-        {
-
-        }
-
-        protected void tearDown()
-        {
-
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/BasicTlsTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/BasicTlsTest.java
deleted file mode 100644
index 49f6310..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/BasicTlsTest.java
+++ /dev/null

@@ -1,226 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.io.PrintStream;
-import java.net.Socket;
-import java.security.SecureRandom;
-
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-
-import org.bouncycastle.crypto.tls.AlertDescription;
-import org.bouncycastle.crypto.tls.AlertLevel;
-import org.bouncycastle.crypto.tls.Certificate;
-import org.bouncycastle.crypto.tls.CipherSuite;
-import org.bouncycastle.crypto.tls.DefaultTlsClient;
-import org.bouncycastle.crypto.tls.ServerOnlyTlsAuthentication;
-import org.bouncycastle.crypto.tls.TlsAuthentication;
-import org.bouncycastle.crypto.tls.TlsClient;
-import org.bouncycastle.crypto.tls.TlsClientProtocol;
-import org.bouncycastle.crypto.tls.TlsFatalAlert;
-import org.bouncycastle.crypto.tls.TlsKeyExchange;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-
-public class BasicTlsTest
-    extends TestCase
-{
-    private static final int PORT_NO = 8003;
-
-    protected boolean isSufficientVMVersion(String vmVersion)
-    {
-        if (vmVersion == null)
-        {
-            return false;
-        }
-        String[] parts = vmVersion.split("\\.");
-        if (parts == null || parts.length != 2)
-        {
-            return false;
-        }
-        try
-        {
-            int major = Integer.parseInt(parts[0]);
-            if (major != 1)
-            {
-                return major > 1;
-            }
-            int minor = Integer.parseInt(parts[1]);
-            return minor >= 7;
-        }
-        catch (NumberFormatException e)
-        {
-            return false;
-        }
-    }
-
-    public void testConnection()
-        throws Exception
-    {
-        String vmVersion = System.getProperty("java.specification.version");
-        if (!isSufficientVMVersion(vmVersion))
-        {
-            return; // only works on later VMs.
-        }
-
-        Thread server = new HTTPSServerThread();
-
-        server.start();
-
-        Thread.yield();
-
-        Socket s = null;
-
-        for (int i = 0; s == null && i != 3; i++)
-        {
-            Thread.sleep(1000);
-
-            try
-            {
-                s = new Socket("localhost", PORT_NO);
-            }
-            catch (IOException e)
-            {
-                // ignore
-            }
-        }
-
-        if (s == null)
-        {
-            throw new IOException("unable to connect");
-        }
-
-        TlsClientProtocol protocol = new TlsClientProtocol(s.getInputStream(), s.getOutputStream(),
-            new SecureRandom());
-        protocol.connect(new MyTlsClient(new ServerOnlyTlsAuthentication()
-        {
-            public void notifyServerCertificate(Certificate serverCertificate) throws IOException
-            {
-                // NOTE: In production code this MUST verify the certificate!
-            }
-        }));
-
-        InputStream is = protocol.getInputStream();
-        OutputStream os = protocol.getOutputStream();
-
-        os.write("GET / HTTP/1.1\r\n\r\n".getBytes());
-
-        byte[] buf = new byte[4096];
-        int read = 0;
-        int total = 0;
-
-        while ((read = is.read(buf, total, buf.length - total)) > 0)
-        {
-            total += read;
-        }
-
-        is.close();
-
-        byte[] expected = Hex.decode("485454502f312e3120323030204f4b0d0a436f6e74656e742d547970653a20746578742f68"
-            + "746d6c0d0a0d0a3c68746d6c3e0d0a3c626f64793e0d0a48656c6c6f20576f726c64210d0a3c2f626f64793e0d0a3c2f"
-            + "68746d6c3e0d0a");
-        assertEquals(total, expected.length);
-
-        byte[] tmp = new byte[expected.length];
-        System.arraycopy(buf, 0, tmp, 0, total);
-        assertTrue(Arrays.areEqual(expected, tmp));
-    }
-
-    public void testRSAConnectionClient()
-        throws Exception
-    {
-        MyTlsClient client = new MyTlsClient(null);
-
-        checkConnectionClient(client, CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA, TlsTestUtils.rsaCertData);
-        checkConnectionClient(client, CipherSuite.TLS_RSA_WITH_AES_128_CBC_SHA, TlsTestUtils.rsaCertData);
-        checkConnectionClient(client, CipherSuite.TLS_RSA_WITH_AES_256_CBC_SHA, TlsTestUtils.rsaCertData);
-        checkConnectionClient(client, CipherSuite.TLS_RSA_WITH_RC4_128_SHA, TlsTestUtils.rsaCertData);
-
-        try
-        {
-            checkConnectionClient(client, CipherSuite.TLS_RSA_WITH_3DES_EDE_CBC_SHA, TlsTestUtils.dudRsaCertData);
-
-            fail("dud certificate not caught");
-        }
-        catch (TlsFatalAlert e)
-        {
-            assertEquals(AlertDescription.certificate_unknown, e.getAlertDescription());
-        }
-
-        try
-        {
-            checkConnectionClient(client, CipherSuite.TLS_DH_anon_EXPORT_WITH_DES40_CBC_SHA, TlsTestUtils.rsaCertData);
-
-            fail("wrong certificate not caught");
-        }
-        catch (TlsFatalAlert e)
-        {
-            assertEquals(AlertDescription.internal_error, e.getAlertDescription());
-        }
-    }
-
-    private void checkConnectionClient(TlsClient client, int cipherSuite, byte[] encCert)
-        throws Exception
-    {
-        client.notifySelectedCipherSuite(cipherSuite);
-
-        TlsKeyExchange keyExchange = client.getKeyExchange();
-
-        keyExchange
-            .processServerCertificate(new Certificate(
-                new org.bouncycastle.asn1.x509.Certificate[]{org.bouncycastle.asn1.x509.Certificate
-                    .getInstance(encCert)}));
-    }
-
-    public static TestSuite suite()
-    {
-        return new TestSuite(BasicTlsTest.class);
-    }
-
-    public static void main(String[] args)
-        throws Exception
-    {
-        junit.textui.TestRunner.run(suite());
-    }
-
-    static class MyTlsClient
-        extends DefaultTlsClient
-    {
-        public void notifyAlertRaised(short alertLevel, short alertDescription, String message, Throwable cause)
-        {
-            PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
-            out.println("TLS client raised alert (AlertLevel." + alertLevel + ", AlertDescription." + alertDescription
-                + ")");
-            if (message != null)
-            {
-                out.println(message);
-            }
-            if (cause != null)
-            {
-                cause.printStackTrace(out);
-            }
-        }
-
-        public void notifyAlertReceived(short alertLevel, short alertDescription)
-        {
-            PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
-            out.println("TLS client received alert (AlertLevel." + alertLevel + ", AlertDescription."
-                + alertDescription + ")");
-        }
-
-        private final TlsAuthentication authentication;
-
-        MyTlsClient(TlsAuthentication authentication)
-        {
-            this.authentication = authentication;
-        }
-
-        public TlsAuthentication getAuthentication()
-            throws IOException
-        {
-            return authentication;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/ByteQueueInputStreamTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/ByteQueueInputStreamTest.java
deleted file mode 100644
index de4d559..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/ByteQueueInputStreamTest.java
+++ /dev/null

@@ -1,127 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import org.bouncycastle.crypto.tls.ByteQueueInputStream;
-import org.bouncycastle.util.Arrays;
-
-import junit.framework.TestCase;
-
-public class ByteQueueInputStreamTest
-    extends TestCase
-{
-    public void testAvailable()
-    {
-        ByteQueueInputStream in = new ByteQueueInputStream();
-
-        // buffer is empty
-        assertEquals(0, in.available());
-
-        // after adding once
-        in.addBytes(new byte[10]);
-        assertEquals(10, in.available());
-
-        // after adding more than once
-        in.addBytes(new byte[5]);
-        assertEquals(15, in.available());
-
-        // after reading a single byte
-        in.read();
-        assertEquals(14, in.available());
-
-        // after reading into a byte array
-        in.read(new byte[4]);
-        assertEquals(10, in.available());
-
-        in.close();// so Eclipse doesn't whine about a resource leak
-    }
-
-    public void testSkip()
-    {
-        ByteQueueInputStream in = new ByteQueueInputStream();
-
-        // skip when buffer is empty
-        assertEquals(0, in.skip(10));
-
-        // skip equal to available
-        in.addBytes(new byte[2]);
-        assertEquals(2, in.skip(2));
-        assertEquals(0, in.available());
-
-        // skip less than available
-        in.addBytes(new byte[10]);
-        assertEquals(5, in.skip(5));
-        assertEquals(5, in.available());
-
-        // skip more than available
-        assertEquals(5, in.skip(20));
-        assertEquals(0, in.available());
-
-        in.close();// so Eclipse doesn't whine about a resource leak
-    }
-
-    public void testRead()
-    {
-        ByteQueueInputStream in = new ByteQueueInputStream();
-        in.addBytes(new byte[]{ 0x01, 0x02 });
-        in.addBytes(new byte[]{ 0x03 });
-
-        assertEquals(0x01, in.read());
-        assertEquals(0x02, in.read());
-        assertEquals(0x03, in.read());
-        assertEquals(-1, in.read());
-
-        in.close();// so Eclipse doesn't whine about a resource leak
-    }
-
-    public void testReadArray()
-    {
-        ByteQueueInputStream in = new ByteQueueInputStream();
-        in.addBytes(new byte[]{ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 });
-
-        byte[] buffer = new byte[5];
-
-        // read less than available into specified position
-        assertEquals(1, in.read(buffer, 2, 1));
-        assertArrayEquals(new byte[]{ 0x00, 0x00, 0x01, 0x00, 0x00 }, buffer);
-
-        // read equal to available
-        assertEquals(5, in.read(buffer));
-        assertArrayEquals(new byte[]{ 0x02, 0x03, 0x04, 0x05, 0x06 }, buffer);
-
-        // read more than available
-        in.addBytes(new byte[]{ 0x01, 0x02, 0x03 });
-        assertEquals(3, in.read(buffer));
-        assertArrayEquals(new byte[]{ 0x01, 0x02, 0x03, 0x05, 0x06 }, buffer);
-
-        in.close();// so Eclipse doesn't whine about a resource leak
-    }
-
-    public void testPeek()
-    {
-        ByteQueueInputStream in = new ByteQueueInputStream();
-
-        byte[] buffer = new byte[5];
-
-        // peek more than available
-        assertEquals(0, in.peek(buffer));
-        assertArrayEquals(new byte[]{ 0x00, 0x00, 0x00, 0x00, 0x00 }, buffer);
-
-        // peek less than available
-        in.addBytes(new byte[]{ 0x01, 0x02, 0x03, 0x04, 0x05, 0x06 });
-        assertEquals(5, in.peek(buffer));
-        assertArrayEquals(new byte[]{ 0x01, 0x02, 0x03, 0x04, 0x05 }, buffer);
-        assertEquals(6, in.available());
-
-        // peek equal to available
-        in.read();
-        assertEquals(5, in.peek(buffer));
-        assertArrayEquals(new byte[]{ 0x02, 0x03, 0x04, 0x05, 0x06 }, buffer);
-        assertEquals(5, in.available());
-
-        in.close();// so Eclipse doesn't whine about a resource leak
-    }
-
-    private static void assertArrayEquals(byte[] a, byte[] b)
-    {
-        assertTrue(Arrays.areEqual(a, b));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/DTLSClientTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/DTLSClientTest.java
deleted file mode 100644
index 37ad8ca..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/DTLSClientTest.java
+++ /dev/null

@@ -1,81 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.IOException;
-import java.net.DatagramSocket;
-import java.net.InetAddress;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.tls.DTLSClientProtocol;
-import org.bouncycastle.crypto.tls.DTLSTransport;
-import org.bouncycastle.crypto.tls.DatagramTransport;
-import org.bouncycastle.crypto.tls.TlsClient;
-import org.bouncycastle.crypto.tls.TlsSession;
-import org.bouncycastle.crypto.tls.UDPTransport;
-
-/**
- * A simple test designed to conduct a DTLS handshake with an external DTLS server.
- * <p>
- * Please refer to GnuTLSSetup.html or OpenSSLSetup.html (under 'docs'), and x509-*.pem files in
- * this package (under 'src/test/resources') for help configuring an external DTLS server.
- * </p>
- */
-public class DTLSClientTest
-{
-    private static final SecureRandom secureRandom = new SecureRandom();
-
-    public static void main(String[] args)
-        throws Exception
-    {
-        InetAddress address = InetAddress.getLocalHost();
-        int port = 5556;
-
-        TlsSession session = createSession(address, port);
-
-        MockDTLSClient client = new MockDTLSClient(session);
-
-        DTLSTransport dtls = openDTLSConnection(address, port, client);
-
-        System.out.println("Receive limit: " + dtls.getReceiveLimit());
-        System.out.println("Send limit: " + dtls.getSendLimit());
-
-        // Send and hopefully receive a packet back
-
-        byte[] request = "Hello World!\n".getBytes("UTF-8");
-        dtls.send(request, 0, request.length);
-
-        byte[] response = new byte[dtls.getReceiveLimit()];
-        int received = dtls.receive(response, 0, response.length, 30000);
-        if (received >= 0)
-        {
-            System.out.println(new String(response, 0, received, "UTF-8"));
-        }
-
-        dtls.close();
-    }
-
-    private static TlsSession createSession(InetAddress address, int port)
-        throws IOException
-    {
-        MockDTLSClient client = new MockDTLSClient(null);
-        DTLSTransport dtls = openDTLSConnection(address, port, client);
-        TlsSession session = client.getSessionToResume();
-        dtls.close();
-        return session;
-    }
-
-    private static DTLSTransport openDTLSConnection(InetAddress address, int port, TlsClient client)
-        throws IOException
-    {
-        DatagramSocket socket = new DatagramSocket();
-        socket.connect(address, port);
-
-        int mtu = 1500;
-        DatagramTransport transport = new UDPTransport(socket, mtu);
-        transport = new UnreliableDatagramTransport(transport, secureRandom, 0, 0);
-        transport = new LoggingDatagramTransport(transport, System.out);
-
-        DTLSClientProtocol protocol = new DTLSClientProtocol(secureRandom);
-
-        return protocol.connect(client, transport);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/DTLSProtocolTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/DTLSProtocolTest.java
deleted file mode 100644
index df5a3f8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/DTLSProtocolTest.java
+++ /dev/null

@@ -1,102 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.security.SecureRandom;
-
-import junit.framework.TestCase;
-
-import org.bouncycastle.crypto.tls.DTLSClientProtocol;
-import org.bouncycastle.crypto.tls.DTLSServerProtocol;
-import org.bouncycastle.crypto.tls.DTLSTransport;
-import org.bouncycastle.crypto.tls.DatagramTransport;
-import org.bouncycastle.util.Arrays;
-
-public class DTLSProtocolTest
-    extends TestCase
-{
-    public void testClientServer()
-        throws Exception
-    {
-        SecureRandom secureRandom = new SecureRandom();
-
-        DTLSClientProtocol clientProtocol = new DTLSClientProtocol(secureRandom);
-        DTLSServerProtocol serverProtocol = new DTLSServerProtocol(secureRandom);
-
-        MockDatagramAssociation network = new MockDatagramAssociation(1500);
-
-        ServerThread serverThread = new ServerThread(serverProtocol, network.getServer());
-        serverThread.start();
-
-        DatagramTransport clientTransport = network.getClient();
-
-        clientTransport = new UnreliableDatagramTransport(clientTransport, secureRandom, 0, 0);
-
-        clientTransport = new LoggingDatagramTransport(clientTransport, System.out);
-
-        MockDTLSClient client = new MockDTLSClient(null);
-
-        DTLSTransport dtlsClient = clientProtocol.connect(client, clientTransport);
-
-        for (int i = 1; i <= 10; ++i)
-        {
-            byte[] data = new byte[i];
-            Arrays.fill(data, (byte)i);
-            dtlsClient.send(data, 0, data.length);
-        }
-
-        byte[] buf = new byte[dtlsClient.getReceiveLimit()];
-        while (dtlsClient.receive(buf, 0, buf.length, 100) >= 0)
-        {
-        }
-
-        dtlsClient.close();
-
-        serverThread.shutdown();
-    }
-
-    static class ServerThread
-        extends Thread
-    {
-        private final DTLSServerProtocol serverProtocol;
-        private final DatagramTransport serverTransport;
-        private volatile boolean isShutdown = false;
-
-        ServerThread(DTLSServerProtocol serverProtocol, DatagramTransport serverTransport)
-        {
-            this.serverProtocol = serverProtocol;
-            this.serverTransport = serverTransport;
-        }
-
-        public void run()
-        {
-            try
-            {
-                MockDTLSServer server = new MockDTLSServer();
-                DTLSTransport dtlsServer = serverProtocol.accept(server, serverTransport);
-                byte[] buf = new byte[dtlsServer.getReceiveLimit()];
-                while (!isShutdown)
-                {
-                    int length = dtlsServer.receive(buf, 0, buf.length, 1000);
-                    if (length >= 0)
-                    {
-                        dtlsServer.send(buf, 0, length);
-                    }
-                }
-                dtlsServer.close();
-            }
-            catch (Exception e)
-            {
-                e.printStackTrace();
-            }
-        }
-
-        void shutdown()
-            throws InterruptedException
-        {
-            if (!isShutdown)
-            {
-                isShutdown = true;
-                this.join();
-            }
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/DTLSServerTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/DTLSServerTest.java
deleted file mode 100644
index 06f57ab..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/DTLSServerTest.java
+++ /dev/null

@@ -1,75 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.net.DatagramPacket;
-import java.net.DatagramSocket;
-import java.net.SocketTimeoutException;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.tls.DTLSServerProtocol;
-import org.bouncycastle.crypto.tls.DTLSTransport;
-import org.bouncycastle.crypto.tls.DatagramTransport;
-import org.bouncycastle.crypto.tls.UDPTransport;
-
-/**
- * A simple test designed to conduct a DTLS handshake with an external DTLS client.
- * <p>
- * Please refer to GnuTLSSetup.html or OpenSSLSetup.html (under 'docs'), and x509-*.pem files in
- * this package (under 'src/test/resources') for help configuring an external DTLS client.
- * </p>
- */
-public class DTLSServerTest
-{
-    public static void main(String[] args)
-        throws Exception
-    {
-        int port = 5556;
-
-        int mtu = 1500;
-
-        SecureRandom secureRandom = new SecureRandom();
-
-        DTLSServerProtocol serverProtocol = new DTLSServerProtocol(secureRandom);
-
-        byte[] data = new byte[mtu];
-        DatagramPacket packet = new DatagramPacket(data, mtu);
-
-        DatagramSocket socket = new DatagramSocket(port);
-        socket.receive(packet);
-
-        System.out.println("Accepting connection from " + packet.getAddress().getHostAddress() + ":" + port);
-        socket.connect(packet.getAddress(), packet.getPort());
-
-        /*
-         * NOTE: For simplicity, and since we don't yet have HelloVerifyRequest support, we just
-         * discard the initial packet, which the client should re-send anyway.
-         */
-
-        DatagramTransport transport = new UDPTransport(socket, mtu);
-        
-        // Uncomment to see packets
-//        transport = new LoggingDatagramTransport(transport, System.out);
-
-        MockDTLSServer server = new MockDTLSServer();
-        DTLSTransport dtlsServer = serverProtocol.accept(server, transport);
-
-        byte[] buf = new byte[dtlsServer.getReceiveLimit()];
-
-        while (!socket.isClosed())
-        {
-            try
-            {
-                int length = dtlsServer.receive(buf, 0, buf.length, 60000);
-                if (length >= 0)
-                {
-                    System.out.write(buf, 0, length);
-                    dtlsServer.send(buf, 0, length);
-                }
-            }
-            catch (SocketTimeoutException ste)
-            {
-            }
-        }
-
-        dtlsServer.close();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/DTLSTestCase.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/DTLSTestCase.java
deleted file mode 100644
index 1fadbdd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/DTLSTestCase.java
+++ /dev/null

@@ -1,177 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.tls.DTLSTransport;
-import org.bouncycastle.crypto.tls.DatagramTransport;
-import org.bouncycastle.crypto.tls.ProtocolVersion;
-import org.bouncycastle.util.Arrays;
-
-import junit.framework.TestCase;
-
-public class DTLSTestCase extends TestCase
-{
-    private static void checkDTLSVersion(ProtocolVersion version)
-    {
-        if (version != null && !version.isDTLS())
-        {
-            throw new IllegalStateException("Non-DTLS version");
-        }
-    }
-
-    protected final TlsTestConfig config;
-
-    public DTLSTestCase(String name)
-    {
-        super(name);
-
-        this.config = null;
-    }
-
-    public DTLSTestCase(TlsTestConfig config, String name)
-    {
-        super(name);
-
-        checkDTLSVersion(config.clientMinimumVersion);
-        checkDTLSVersion(config.clientOfferVersion);
-        checkDTLSVersion(config.serverMaximumVersion);
-        checkDTLSVersion(config.serverMinimumVersion);
-
-        this.config = config;
-    }
-
-    public void testDummy()
-    {
-        // Avoid "No tests found" warning from junit
-    }
-
-    protected void runTest() throws Throwable
-    {
-        // Disable the test if it is not being run via DTLSTestSuite
-        if (config == null)
-        {
-            return;
-        }
-
-        SecureRandom secureRandom = new SecureRandom();
-
-        DTLSTestClientProtocol clientProtocol = new DTLSTestClientProtocol(secureRandom, config);
-        DTLSTestServerProtocol serverProtocol = new DTLSTestServerProtocol(secureRandom, config);
-
-        MockDatagramAssociation network = new MockDatagramAssociation(1500);
-
-        TlsTestClientImpl clientImpl = new TlsTestClientImpl(config);
-        TlsTestServerImpl serverImpl = new TlsTestServerImpl(config);
-
-        ServerThread serverThread = new ServerThread(serverProtocol, network.getServer(), serverImpl);
-        serverThread.start();
-
-        Exception caught = null;
-        try
-        {
-            DatagramTransport clientTransport = network.getClient();
-    
-            if (TlsTestConfig.DEBUG)
-            {
-                clientTransport = new LoggingDatagramTransport(clientTransport, System.out);
-            }
-    
-            DTLSTransport dtlsClient = clientProtocol.connect(clientImpl, clientTransport);
-    
-            for (int i = 1; i <= 10; ++i)
-            {
-                byte[] data = new byte[i];
-                Arrays.fill(data, (byte)i);
-                dtlsClient.send(data, 0, data.length);
-            }
-    
-            byte[] buf = new byte[dtlsClient.getReceiveLimit()];
-            while (dtlsClient.receive(buf, 0, buf.length, 100) >= 0)
-            {
-            }
-    
-            dtlsClient.close();
-        }
-        catch (Exception e)
-        {
-            caught = e;
-            logException(caught);
-        }
-
-        serverThread.shutdown();
-
-        // TODO Add checks that the various streams were closed
-
-        assertEquals("Client fatal alert connection end", config.expectFatalAlertConnectionEnd, clientImpl.firstFatalAlertConnectionEnd);
-        assertEquals("Server fatal alert connection end", config.expectFatalAlertConnectionEnd, serverImpl.firstFatalAlertConnectionEnd);
-
-        assertEquals("Client fatal alert description", config.expectFatalAlertDescription, clientImpl.firstFatalAlertDescription);
-        assertEquals("Server fatal alert description", config.expectFatalAlertDescription, serverImpl.firstFatalAlertDescription);
-
-        if (config.expectFatalAlertConnectionEnd == -1)
-        {
-            assertNull("Unexpected client exception", caught);
-            assertNull("Unexpected server exception", serverThread.caught);
-        }
-    }
-
-    protected void logException(Exception e)
-    {
-        if (TlsTestConfig.DEBUG)
-        {
-            e.printStackTrace();
-        }
-    }
-
-    class ServerThread
-        extends Thread
-    {
-        private final DTLSTestServerProtocol serverProtocol;
-        private final DatagramTransport serverTransport;
-        private final TlsTestServerImpl serverImpl;
-
-        private volatile boolean isShutdown = false;
-        Exception caught = null;
-
-        ServerThread(DTLSTestServerProtocol serverProtocol, DatagramTransport serverTransport, TlsTestServerImpl serverImpl)
-        {
-            this.serverProtocol = serverProtocol;
-            this.serverTransport = serverTransport;
-            this.serverImpl = serverImpl;
-        }
-
-        public void run()
-        {
-            try
-            {
-                DTLSTransport dtlsServer = serverProtocol.accept(serverImpl, serverTransport);
-                byte[] buf = new byte[dtlsServer.getReceiveLimit()];
-                while (!isShutdown)
-                {
-                    int length = dtlsServer.receive(buf, 0, buf.length, 100);
-                    if (length >= 0)
-                    {
-                        dtlsServer.send(buf, 0, length);
-                    }
-                }
-                dtlsServer.close();
-            }
-            catch (Exception e)
-            {
-                caught = e;
-                logException(caught);
-            }
-        }
-
-        void shutdown()
-            throws InterruptedException
-        {
-            if (!isShutdown)
-            {
-                isShutdown = true;
-                this.interrupt();
-                this.join();
-            }
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/DTLSTestClientProtocol.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/DTLSTestClientProtocol.java
deleted file mode 100644
index 84109cd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/DTLSTestClientProtocol.java
+++ /dev/null

@@ -1,30 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.IOException;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.tls.DTLSClientProtocol;
-import org.bouncycastle.crypto.tls.DigitallySigned;
-
-class DTLSTestClientProtocol extends DTLSClientProtocol
-{
-    protected final TlsTestConfig config;
-
-    public DTLSTestClientProtocol(SecureRandom secureRandom, TlsTestConfig config)
-    {
-        super(secureRandom);
-
-        this.config = config;
-    }
-
-    protected byte[] generateCertificateVerify(ClientHandshakeState state, DigitallySigned certificateVerify)
-        throws IOException
-    {
-        if (certificateVerify.getAlgorithm() != null && config.clientAuthSigAlgClaimed != null)
-        {
-            certificateVerify = new DigitallySigned(config.clientAuthSigAlgClaimed, certificateVerify.getSignature());
-        }
-
-        return super.generateCertificateVerify(state, certificateVerify);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/DTLSTestServerProtocol.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/DTLSTestServerProtocol.java
deleted file mode 100644
index 9244eeb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/DTLSTestServerProtocol.java
+++ /dev/null

@@ -1,17 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.tls.DTLSServerProtocol;
-
-class DTLSTestServerProtocol extends DTLSServerProtocol
-{
-    protected final TlsTestConfig config;
-
-    public DTLSTestServerProtocol(SecureRandom secureRandom, TlsTestConfig config)
-    {
-        super(secureRandom);
-
-        this.config = config;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/DTLSTestSuite.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/DTLSTestSuite.java
deleted file mode 100644
index 5fc9748..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/DTLSTestSuite.java
+++ /dev/null

@@ -1,211 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import org.bouncycastle.crypto.tls.ProtocolVersion;
-
-import junit.framework.Test;
-import junit.framework.TestSuite;
-
-public class DTLSTestSuite extends TestSuite
-{
-    // Make the access to constants less verbose 
-    static abstract class C extends TlsTestConfig {}
-
-    public DTLSTestSuite()
-    {
-        super("DTLS");
-    }
-
-    public static Test suite()
-    {
-        DTLSTestSuite testSuite = new DTLSTestSuite();
-
-        addFallbackTests(testSuite);
-        addVersionTests(testSuite, ProtocolVersion.DTLSv10);
-        addVersionTests(testSuite, ProtocolVersion.DTLSv12);
-
-        return testSuite;
-    }
-
-    private static void addFallbackTests(TestSuite testSuite)
-    {
-        {
-            TlsTestConfig c = createDTLSTestConfig(ProtocolVersion.DTLSv12);
-            c.clientFallback = true;
-
-            addTestCase(testSuite, c, "FallbackGood");
-        }
-
-        /*
-         * NOTE: Temporarily disabled automatic test runs because of problems getting a clean exit
-         * of the DTLS server after a fatal alert. As of writing, manual runs show the correct
-         * alerts being raised
-         */
-
-//        {
-//            TlsTestConfig c = createDTLSTestConfig(ProtocolVersion.DTLSv12);
-//            c.clientOfferVersion = ProtocolVersion.DTLSv10;
-//            c.clientFallback = true;
-//            c.expectServerFatalAlert(AlertDescription.inappropriate_fallback);
-//
-//            addTestCase(testSuite, c, "FallbackBad");
-//        }
-
-        {
-            TlsTestConfig c = createDTLSTestConfig(ProtocolVersion.DTLSv12);
-            c.clientOfferVersion = ProtocolVersion.DTLSv10;
-
-            addTestCase(testSuite, c, "FallbackNone");
-        }
-    }
-
-    private static void addVersionTests(TestSuite testSuite, ProtocolVersion version)
-    {
-        String prefix = version.toString().replaceAll("[ \\.]", "") + "_";
-
-        /*
-         * NOTE: Temporarily disabled automatic test runs because of problems getting a clean exit
-         * of the DTLS server after a fatal alert. As of writing, manual runs show the correct
-         * alerts being raised
-         */
-
-//        /*
-//         * Server only declares support for SHA1/RSA, client selects MD5/RSA. Since the client is
-//         * NOT actually tracking MD5 over the handshake, we expect fatal alert from the client.
-//         */
-//        if (TlsUtils.isTLSv12(version))
-//        {
-//            TlsTestConfig c = createDTLSTestConfig(version);
-//            c.clientAuth = C.CLIENT_AUTH_VALID;
-//            c.clientAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.md5, SignatureAlgorithm.rsa);
-//            c.serverCertReqSigAlgs = TlsUtils.getDefaultRSASignatureAlgorithms();
-//            c.expectClientFatalAlert(AlertDescription.internal_error);
-//
-//            addTestCase(testSuite, c, prefix + "BadCertificateVerifyHashAlg");
-//        }
-//
-//        /*
-//         * Server only declares support for SHA1/ECDSA, client selects SHA1/RSA. Since the client is
-//         * actually tracking SHA1 over the handshake, we expect fatal alert to come from the server
-//         * when it verifies the selected algorithm against the CertificateRequest supported
-//         * algorithms.
-//         */
-//        if (TlsUtils.isTLSv12(version))
-//        {
-//            TlsTestConfig c = createDTLSTestConfig(version);
-//            c.clientAuth = C.CLIENT_AUTH_VALID;
-//            c.clientAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.rsa);
-//            c.serverCertReqSigAlgs = TlsUtils.getDefaultECDSASignatureAlgorithms();
-//            c.expectServerFatalAlert(AlertDescription.illegal_parameter);
-//
-//            addTestCase(testSuite, c, prefix + "BadCertificateVerifySigAlg");
-//        }
-//
-//        /*
-//         * Server only declares support for SHA1/ECDSA, client signs with SHA1/RSA, but sends
-//         * SHA1/ECDSA in the CertificateVerify. Since the client is actually tracking SHA1 over the
-//         * handshake, and the claimed algorithm is in the CertificateRequest supported algorithms,
-//         * we expect fatal alert to come from the server when it finds the claimed algorithm
-//         * doesn't match the client certificate.
-//         */
-//        if (TlsUtils.isTLSv12(version))
-//        {
-//            TlsTestConfig c = createDTLSTestConfig(version);
-//            c.clientAuth = C.CLIENT_AUTH_VALID;
-//            c.clientAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.rsa);
-//            c.clientAuthSigAlgClaimed = new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.ecdsa);
-//            c.serverCertReqSigAlgs = TlsUtils.getDefaultECDSASignatureAlgorithms();
-//            c.expectServerFatalAlert(AlertDescription.decrypt_error);
-//
-//            addTestCase(testSuite, c, prefix + "BadCertificateVerifySigAlgMismatch");
-//        }
-//
-//        {
-//            TlsTestConfig c = createDTLSTestConfig(version);
-//            c.clientAuth = C.CLIENT_AUTH_INVALID_VERIFY;
-//            c.expectServerFatalAlert(AlertDescription.decrypt_error);
-//
-//            addTestCase(testSuite, c, prefix + "BadCertificateVerifySignature");
-//        }
-//
-//        {
-//            TlsTestConfig c = createDTLSTestConfig(version);
-//            c.clientAuth = C.CLIENT_AUTH_INVALID_CERT;
-//            c.expectServerFatalAlert(AlertDescription.bad_certificate);
-//
-//            addTestCase(testSuite, c, prefix + "BadClientCertificate");
-//        }
-//
-//        {
-//            TlsTestConfig c = createDTLSTestConfig(version);
-//            c.clientAuth = C.CLIENT_AUTH_NONE;
-//            c.serverCertReq = C.SERVER_CERT_REQ_MANDATORY;
-//            c.expectServerFatalAlert(AlertDescription.handshake_failure);
-//
-//            addTestCase(testSuite, c, prefix + "BadMandatoryCertReqDeclined");
-//        }
-//
-//        /*
-//         * Server selects MD5/RSA for ServerKeyExchange signature, which is not in the default
-//         * supported signature algorithms that the client sent. We expect fatal alert from the
-//         * client when it verifies the selected algorithm against the supported algorithms.
-//         */
-//        if (TlsUtils.isTLSv12(version))
-//        {
-//            TlsTestConfig c = createDTLSTestConfig(version);
-//            c.serverAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.md5, SignatureAlgorithm.rsa);
-//            c.expectClientFatalAlert(AlertDescription.illegal_parameter);
-//
-//            addTestCase(testSuite, c, prefix + "BadServerKeyExchangeSigAlg");
-//        }
-//
-//        /*
-//         * Server selects MD5/RSA for ServerKeyExchange signature, which is not the default {sha1,rsa}
-//         * implied by the absent signature_algorithms extension. We expect fatal alert from the
-//         * client when it verifies the selected algorithm against the implicit default.
-//         */
-//        if (TlsUtils.isTLSv12(version))
-//        {
-//            TlsTestConfig c = createDTLSTestConfig(version);
-//            c.clientSendSignatureAlgorithms = false;
-//            c.serverAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.md5, SignatureAlgorithm.rsa);
-//            c.expectClientFatalAlert(AlertDescription.illegal_parameter);
-//
-//            addTestCase(testSuite, c, prefix + "BadServerKeyExchangeSigAlg2");
-//        }
-
-        {
-            TlsTestConfig c = createDTLSTestConfig(version);
-
-            addTestCase(testSuite, c, prefix + "GoodDefault");
-        }
-
-        {
-            TlsTestConfig c = createDTLSTestConfig(version);
-            c.serverCertReq = C.SERVER_CERT_REQ_NONE;
-
-            addTestCase(testSuite, c, prefix + "GoodNoCertReq");
-        }
-
-        {
-            TlsTestConfig c = createDTLSTestConfig(version);
-            c.clientAuth = C.CLIENT_AUTH_NONE;
-
-            addTestCase(testSuite, c, prefix + "GoodOptionalCertReqDeclined");
-        }
-    }
-
-    private static void addTestCase(TestSuite testSuite, TlsTestConfig config, String name)
-    {
-        testSuite.addTest(new DTLSTestCase(config, name));
-    }
-
-    private static TlsTestConfig createDTLSTestConfig(ProtocolVersion version)
-    {
-        TlsTestConfig c = new TlsTestConfig();
-        c.clientMinimumVersion = ProtocolVersion.DTLSv10;
-        c.clientOfferVersion = ProtocolVersion.DTLSv12;
-        c.serverMaximumVersion = version;
-        c.serverMinimumVersion = ProtocolVersion.DTLSv10;
-        return c;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/HTTPSServerThread.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/HTTPSServerThread.java
deleted file mode 100644
index 528da42..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/HTTPSServerThread.java
+++ /dev/null

@@ -1,114 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.io.OutputStreamWriter;
-import java.io.PrintWriter;
-import java.security.KeyStore;
-
-import javax.net.ssl.KeyManagerFactory;
-import javax.net.ssl.SSLContext;
-import javax.net.ssl.SSLServerSocket;
-import javax.net.ssl.SSLServerSocketFactory;
-import javax.net.ssl.SSLSession;
-import javax.net.ssl.SSLSocket;
-import javax.net.ssl.TrustManagerFactory;
-
-public class HTTPSServerThread
-    extends Thread
-{
-    private static final int PORT_NO = 8003;
-    private static final char[] SERVER_PASSWORD = "serverPassword".toCharArray();
-    private static final char[] TRUST_STORE_PASSWORD = "trustPassword".toCharArray();
-
-    /**
-     * Read a HTTP request
-     */
-    private void readRequest(
-        InputStream in)
-        throws IOException
-    {
-        int ch = 0;
-        int lastCh = 0;
-        while ((ch = in.read()) >= 0 && (ch != '\n' && lastCh != '\n'))
-        {
-            if (ch != '\r')
-            {
-                lastCh = ch;
-            }
-        }
-    }
-
-    /**
-     * Send a response
-     */
-    private void sendResponse(
-        OutputStream out)
-    {
-        PrintWriter pWrt = new PrintWriter(new OutputStreamWriter(out));
-        pWrt.print("HTTP/1.1 200 OK\r\n");
-        pWrt.print("Content-Type: text/html\r\n");
-        pWrt.print("\r\n");
-        pWrt.print("<html>\r\n");
-        pWrt.print("<body>\r\n");
-        pWrt.print("Hello World!\r\n");
-        pWrt.print("</body>\r\n");
-        pWrt.print("</html>\r\n");
-        pWrt.flush();
-    }
-
-    SSLContext createSSLContext()
-        throws Exception
-    {
-        KeyManagerFactory mgrFact = KeyManagerFactory.getInstance("SunX509");
-        KeyStore serverStore = KeyStore.getInstance("JKS");
-
-        serverStore.load(new ByteArrayInputStream(KeyStores.server), SERVER_PASSWORD);
-
-        mgrFact.init(serverStore, SERVER_PASSWORD);
-
-        // set up a trust manager so we can recognize the server
-        TrustManagerFactory trustFact = TrustManagerFactory.getInstance("SunX509");
-        KeyStore trustStore = KeyStore.getInstance("JKS");
-
-        trustStore.load(new ByteArrayInputStream(KeyStores.trustStore), TRUST_STORE_PASSWORD);
-
-        trustFact.init(trustStore);
-
-        // create a context and set up a socket factory
-        SSLContext sslContext = SSLContext.getInstance("TLS");
-
-        sslContext.init(mgrFact.getKeyManagers(), trustFact.getTrustManagers(), null);
-
-        return sslContext;
-    }
-
-    public void run()
-    {
-        try
-        {
-            SSLContext sslContext = createSSLContext();
-            SSLServerSocketFactory fact = sslContext.getServerSocketFactory();
-
-            SSLServerSocket sSock = (SSLServerSocket)fact.createServerSocket(PORT_NO);
-            SSLSocket sslSock = (SSLSocket)sSock.accept();
-
-            sslSock.startHandshake();
-
-            readRequest(sslSock.getInputStream());
-
-            SSLSession session = sslSock.getSession();
-
-            sendResponse(sslSock.getOutputStream());
-
-            sslSock.close();
-            sSock.close();
-        }
-        catch (Exception e)
-        {
-            throw new RuntimeException(e);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/KeyStores.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/KeyStores.java
deleted file mode 100644
index bf71f96..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/KeyStores.java
+++ /dev/null

@@ -1,113 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import org.bouncycastle.util.encoders.Base64;
-
-public class KeyStores
-{
-    static final byte[] trustStore = Base64.decode(
-        "/u3+7QAAAAIAAAABAAAAAgAGc2VydmVyAAABD34zDJEABVguNTA5AAABrzCC"
-            + "AaswggEUAgEBMA0GCSqGSIb3DQEBBQUAMB4xHDAaBgNVBAMTE1Rlc3QgQ0Eg"
-            + "Q2VydGlmaWNhdGUwHhcNMDYxMjEzMjM0MzI5WhcNMDYxMjIwMjM0MzI5WjAe"
-            + "MRwwGgYDVQQDExNUZXN0IENBIENlcnRpZmljYXRlMIGfMA0GCSqGSIb3DQEB"
-            + "AQUAA4GNADCBiQKBgQCmOumCM46ehsdcrZMw6tj0hMl5D0xf21gcyBj/ByIv"
-            + "pe008ukaN3zCXIUUUlAu0GkbI1sCbTD1V4qVZuaHqtfa/FINJjyZJy5w7KEx"
-            + "93OOF2/gyPlnEPGs6RPdThAPliSBsWKBKqtOdmKpwYn/NKuUNFRkFXVLLUPn"
-            + "jyEKjIcNywIDAQABMA0GCSqGSIb3DQEBBQUAA4GBACi8J7raYqDFjXqAXXPJ"
-            + "ljZHqvzJNVaSWvBtK/oY7g0+sdGIjPR526fhSCxOZRr7G157ERqMnPjuFjcm"
-            + "cRlUOPsQtTl6KbUnxmKxa04UzDuNXzSx2oyGx5GCWx9u62hpO6vSpK69L9gH"
-            + "OUtM5dQXcoK4i3olScKaU8qaYb0mBAy8fnx5pen8B0bIg+pz47l5VxQ5NO8=");
-
-    static final byte[] server = Base64.decode(
-        "/u3+7QAAAAIAAAABAAAAAQAGc2VydmVyAAABD34zDJIAAAK8MIICuDAOBgor"
-            + "BgEEASoCEQEBBQAEggKk9OXWj3aBr6rV9Grcsm2YL+/2ShVsxbJVGMSWll1f"
-            + "U8z/mjhv5K/skgleTIMoyE5FzDDxJIGEmSMCkcHsnseXzxyhLpKBaz3N1Tk7"
-            + "KVPzXfrNh0FJwzw3lPWyC2ayT+ObQfAtzuI9SUWNLBzzpWeolUJ8gkXnLshX"
-            + "5RqmR735NRZdjgQOtNYBBErX/NOhTyi009/CZDNxgJQzywFmQcXBLhNSA+0i"
-            + "cE+LwZ4sZV0NXshPZiyNnsfqN/XNOyhpKr8a3VyVtee2nhO9+FY5IDEviHmR"
-            + "WDvH5TmB6Os3L6xvwE1ZQCPElk/cK2G1q9+zDBe4JDeo8o7lPhiNpVfcivnr"
-            + "+tyK9m7PqlssR0+ohuZGwrFMyzLugkOWh+qZ3pk8/7AwJosMvvTvIg36nN7R"
-            + "pdnouQNKqTm1Sr/UUnKyWqfG7zqKIuF72IkDwwafwuQ9YRX5PAOuRfo6bCyb"
-            + "D4w1OWdfGFciKMc1BrT+8JzhiTkzNe+jWEA5Tw1zeazPGpp1RHPz2np50G2s"
-            + "v025uiOSUilBe13Qpx0mAyx7z8Gl6eOxai6rQ/eB/Fu++BMx0OX8vO/K4//Q"
-            + "w43IPVPklGlb/3Qt7eoNf4tichuxrYJjHu4XbwnzB29Vmsan0XZFER7epvFj"
-            + "cAZCSG+O6G/f6Ib+7d7xYjLdUaPI60tJ4/C+AuYwZn4jJwTnMnMmwIypz4Z8"
-            + "XPXW5SbHlV5OkkFC+eAuuN4b2YXZmifeWv4fx65Ioir921LMJrorMizH41RJ"
-            + "/rAO5wGSwjeDJ784QhhLGbEUMygraRtdaz6MRx26InnoHY7V58ET3Z5YGV39"
-            + "p+9AtVhYw/QQmTZiF7hqnEMf9AMVFfac9qFF2+IN3g9HAMC6QLxJ1VuPn5oo"
-            + "lS//axPfjckO7iZx9x59/gAAAAEABVguNTA5AAABrzCCAaswggEUAgEBMA0G"
-            + "CSqGSIb3DQEBBQUAMB4xHDAaBgNVBAMTE1Rlc3QgQ0EgQ2VydGlmaWNhdGUw"
-            + "HhcNMDYxMjEzMjM0MzI5WhcNMDYxMjIwMjM0MzI5WjAeMRwwGgYDVQQDExNU"
-            + "ZXN0IENBIENlcnRpZmljYXRlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB"
-            + "gQCmOumCM46ehsdcrZMw6tj0hMl5D0xf21gcyBj/ByIvpe008ukaN3zCXIUU"
-            + "UlAu0GkbI1sCbTD1V4qVZuaHqtfa/FINJjyZJy5w7KEx93OOF2/gyPlnEPGs"
-            + "6RPdThAPliSBsWKBKqtOdmKpwYn/NKuUNFRkFXVLLUPnjyEKjIcNywIDAQAB"
-            + "MA0GCSqGSIb3DQEBBQUAA4GBACi8J7raYqDFjXqAXXPJljZHqvzJNVaSWvBt"
-            + "K/oY7g0+sdGIjPR526fhSCxOZRr7G157ERqMnPjuFjcmcRlUOPsQtTl6KbUn"
-            + "xmKxa04UzDuNXzSx2oyGx5GCWx9u62hpO6vSpK69L9gHOUtM5dQXcoK4i3ol"
-            + "ScKaU8qaYb0mBAy87VQaPfaiQqqxSgqifbSowlg+0fg=");
-
-    static final byte[] client = Base64.decode(
-        "MIACAQMwgAYJKoZIhvcNAQcBoIAkgASCA+gwgDCABgkqhkiG9w0BBwGggCSA"
-            + "BIIDDzCCAwswggMHBgsqhkiG9w0BDAoBAqCCArIwggKuMCgGCiqGSIb3DQEM"
-            + "AQMwGgQUyeN8U+ViAJCk1WGo8wTnRVOaE1oCAgQABIICgH3yMWB+dfMBNa07"
-            + "hn3smUSBTF+LUauM+kx+12nZt0QazBYg09yM+aVcTznettlDwE/PTpKZnrFT"
-            + "22DSQf5GwABwiL6KW+xyM8wV5vZx1xtqrQoNf2oNHnF0lB7ddSYM8jHqennb"
-            + "bzcVOdrrCqewqAfUU/CDugpwwI8c8Iy9ECri6vBMbfeIIZQTug+1952TCCiA"
-            + "E1bEDFGqgAoDsqYi6uNtpjmL/DPX/qmkbHAXUKxOtjTtxacfat2HgN97Gb7z"
-            + "+ZBNI5aaCSRoYwl+K9biWGID3EqsNmg0+2ELmFhE4mQZ78i7vNLTG7e5mj6v"
-            + "Qt+QuqN+daCbVqVTKxsFpODRRweobUTRxwEun6p0p3w3SUhR6p7ug1Jttgyu"
-            + "vfZug3PIk2j9fb26wAs2ZreVYut8hXpp/09ulCUudtlsYb/FD+H11v/JyopG"
-            + "2vYy0hL/gkMr41sGoVdyvzXeZUa7A1wYask+g7torad9sT8CPb3zXBd0kU2r"
-            + "lbSJIXQ8wTpheeUKe47YF9JVCF8WRc1dokD7fgfn6197pwyZpDEVrVyz1pUq"
-            + "jyum3ctONU4BSkAUVr9pTyeRFUeOE7SLuVu+c67PzNWXEc/HMVD4Hgs/idVc"
-            + "mrONk3xe385wFJK1iPe1kfRX5OXk9UWr2/yjgrahbkonWhJHnIlvs+b5rRKN"
-            + "qauwUZ+agMJV98Eyc2Lz0Lp/pNDRNjmGXeJLzAaAy46STov8sxwAgj3bQ7xu"
-            + "uEzdhJPDynAY5sWd3WnBY2ZhpawnToEKnD4u+eiH2MjUL2q/R2IPSmoyg9i2"
-            + "Ictgh4/ylrhm+lJDzcDrLDhC0m/t9EdhytH4erk/uCPcmAK/jpzFn6ltxcsx"
-            + "QjAbBgkqhkiG9w0BCRQxDh4MAGMAbABpAGUAbgB0MCMGCSqGSIb3DQEJFTEW"
-            + "BBS2wDxw7yH2OhKIgkDoQrTlavLvxQAAAAAAADCABgkqhkiG9w0BBwaggDCA"
-            + "AgEAMIAGCSqGSIb3DQEHATAoBgoqhkiG9w0BDAEGMBoEFORdyeTIG2oXDQBl"
-            + "I3aFNozDAkC2AgIEAKCABIIHICsc3D8rxLiDlegyXFfIejto66RW4u6b+d0C"
-            + "uAAz0G+dIvhQ9g3s++vUsX7x+icO/vjpgdo09aqtIg7T3suzfcHtU8CGSgtQ"
-            + "Tvml25LDC3IK3qI6cRqO+sCdvg18aS04IDKvDPYH4ca5btwPBIID6CStk/jY"
-            + "QFpnSI6VNz9IERi/nwuvuBYk+A0Z7+nQdhF+QkW1rzN+uz0dkNJt6ZbG5lEK"
-            + "GayV+FDTQcREMihYa716RN9sq3cm0jXXdttj998oS/QrpZDEcPqd4AM6EIL+"
-            + "PTA1tEQYxXa8msAPp+tLvXOtiD6v/4FO77EA7E5oR36a9en+M1QQasFU3VBf"
-            + "V9os92QlbtVUTkspJV9gXL6s4CGNptc7lUH+nIw65j9MOoyOU9w1qjPRlN/Z"
-            + "MTuhFooglE6TPd29Udwufqp+hHkW/7z5tBKkhGlZEClzD3IWhcF9NVraE/IV"
-            + "S5qVmx2Up7SeLZAXJ+AAznq5IXwE1dOUTkwYLcIrH1FuVA5rtOkB8Xt1LJq0"
-            + "ERkjJ5MfpxTxbKXp5PejzD98v54+s4INekcrI0jzz4pLsann7ex0r6CPsQsH"
-            + "+F3rBVaT3oHSKqoIm2Nw57oDjLLp5lP2qcCqps3y2dcVzu5NIzCSkVlxUaBK"
-            + "IT3xv0gvVJI7wnP0QM35MCywKkToJX5ajQKrDc4iCAAzmxaQzdBycxJPYByq"
-            + "VHvH7BJldJlMw5NHbTHlNoYKndMdAsHp7sUqERkDEGl80R86TlB4nJaDrfsx"
-            + "vL+KluiCY9AD7o+MEYZ9VYoNDUzVGH4pTr4wnv1UFoRWix5IZuDnnYkyijKD"
-            + "VtU5+mc0YtsPQIpKCBJOYt05bgpX5aPQ3s2lviYw3bvP0TrclYs/rx4wKVgW"
-            + "2GYLzPh0OVMBduCbzW1E58ieBsgRyQ7+2MTl9Nj+nznjCAfLSvrVEcwxVUQA"
-            + "ofcEbiECEJss2JNQq8erwgo8dP3atwQ1KeqMc8acICcOrI2rNxwVOLzPuCsl"
-            + "l8gwZOoxLZXuKMQbQu4as1HNS309dfWIWppvc3K4nDWg51HUCPbsIo3wm3rR"
-            + "igc/W3bf4Ppg0pLAS5c1s0Xau43u9GmIjGiDqYaasfcXnCKy2LNuUpbhoOC1"
-            + "o/wMC9gT45aJQ5vsVGe5XvfhLV7Y815EdI756s9PIEOnG8HbAtCAjOIVpQfP"
-            + "eF8+cnZyGGdsbmu7lYzg3whCpZ/L2RrTI86nEn5eePs4m2hDV0Oi9r6e2CIf"
-            + "nGUa0TB9jf1OMhOSBD+h4jx7b6uT+XLmG8qUxvkoItMDZLrJ0f8czO5MyOZa"
-            + "nEJoG42Fy2p7zD/qO72OUQISNmt8C1rQFsg9dBDib4DMu69vBsVrIV028sal"
-            + "+tq1UH3vFMbEYyVfPH3WDgxyHwUQK2qrz3WBdD/BMyuAV4DPI3SPTweROh8n"
-            + "yWJN1ppY9qybmTyHFCs6TRjPB9cVcdKSc0qYxgzblJiXXb3s9ANOb89aA3Ah"
-            + "anWnAhcEggLZN2yFCtrRuvJXvDQhj8qmye9UkjB2fEpWXV7H0natE3hSoB+C"
-            + "2krt3eBV0xJ1tLEco7T4zsbQQJRmeu/essOsfwpRfE5ZPoIeThf+UmWTsfsw"
-            + "r4fxeePMTy6iCnkF5/ro8k5WKnOsaV+HWy/ulwW2r/DMT3aDBWfHX5Hk8DpU"
-            + "+PlQhbyGTSTIJ/OFmbcWjMPt469o7+KrrF9IBrzJ42KzMw6xtKwtVb0232AM"
-            + "pIwnLzCHIiNO2qDBZAIDdF68+GU3RsEkHfR6d5myZVxnH4mhSCFFtHxgqTOz"
-            + "Ouo/uvgu72miZ0OFAy1zcMtfGMS3Md54MJkhSZq4ZgUo/EyJCeEDLGn8pMF1"
-            + "jX1WsUj96qMRyc+p2KnKs6ZL95BVa76SdIFz6ts6uoIem3drTXYJHNbw29OW"
-            + "Y0am+FmXTWFZFnin8Qu5Xct5l7FYIGA9VLOHL9Vtp+SXomcFEZpjMaxvtf4R"
-            + "xoAI2Bc9Ka+MNiz35O0JXhI9/t5uOdiN6ZOJlfpEWOK7ou5lDkZuDcrHvLvQ"
-            + "PocP2Yemd36xEgjFssR/tFITlhRBXHDeHwpvmXM4iiwD1wOGMqybXx/1g1m1"
-            + "0UBbKqDsgSLQC7c0TaRFJjj71T74PBMiapiQgijv9WINfmTgxNUukbK3Kqp/"
-            + "G3BmThoIDCB8WD1kxXBpaG62dSsih7yhPQJVEV3Y0tdkdChOk+Y3Wf8crV/Q"
-            + "P08pQH7H9yCi04S5fSJtIDtYARWhr1yl8EQMnu2X8J6r/DWcDmXUK4Bv1vqe"
-            + "tcnT5EAYFPeOMz21nonM3kJgUMNsxCQjKaEMEcUu8ZRnGUAFdG4lULPJn5NQ"
-            + "LTvWg8Y3GrHRLjpnd9k+8gWWzRIbBiwCwEbClMZffRd6kcA5ZoOhVngdyvvj"
-            + "BhkgadB5jC+ZRzExHxoEhzPJx3mxIVTqLuw7QxHz9OTcysvY/cGKCvmgzgk/"
-            + "TjTJsqcEAAAAAAAAAAAAAAAAAAAAAAAAMD0wITAJBgUrDgMCGgUABBQWfGA6"
-            + "lI+TXQiuXaa1V+LlHodhXAQUAwMIAAUvBYY+a7sXNlQeVEPAGkMCAgQAAAA=");
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/LoggingDatagramTransport.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/LoggingDatagramTransport.java
deleted file mode 100644
index 0819d93..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/LoggingDatagramTransport.java
+++ /dev/null

@@ -1,92 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.IOException;
-import java.io.PrintStream;
-
-import org.bouncycastle.crypto.tls.DatagramTransport;
-import org.bouncycastle.util.Strings;
-
-public class LoggingDatagramTransport
-    implements DatagramTransport
-{
-
-    private static final String HEX_CHARS = "0123456789ABCDEF";
-
-    private final DatagramTransport transport;
-    private final PrintStream output;
-    private final long launchTimestamp;
-
-    public LoggingDatagramTransport(DatagramTransport transport, PrintStream output)
-    {
-        this.transport = transport;
-        this.output = output;
-        this.launchTimestamp = System.currentTimeMillis();
-    }
-
-    public int getReceiveLimit()
-        throws IOException
-    {
-        return transport.getReceiveLimit();
-    }
-
-    public int getSendLimit()
-        throws IOException
-    {
-        return transport.getSendLimit();
-    }
-
-    public int receive(byte[] buf, int off, int len, int waitMillis)
-        throws IOException
-    {
-        int length = transport.receive(buf, off, len, waitMillis);
-        if (length >= 0)
-        {
-            dumpDatagram("Received", buf, off, length);
-        }
-        return length;
-    }
-
-    public void send(byte[] buf, int off, int len)
-        throws IOException
-    {
-        dumpDatagram("Sending", buf, off, len);
-        transport.send(buf, off, len);
-    }
-
-    public void close()
-        throws IOException
-    {
-    }
-
-    private void dumpDatagram(String verb, byte[] buf, int off, int len)
-        throws IOException
-    {
-        long timestamp = System.currentTimeMillis() - launchTimestamp;
-        StringBuffer sb = new StringBuffer("(+" + timestamp + "ms) " + verb + " " + len + " byte datagram:");
-        for (int pos = 0; pos < len; ++pos)
-        {
-            if (pos % 16 == 0)
-            {
-                sb.append(Strings.lineSeparator());
-                sb.append("    ");
-            }
-            else if (pos % 16 == 8)
-            {
-                sb.append('-');
-            }
-            else
-            {
-                sb.append(' ');
-            }
-            int val = buf[off + pos] & 0xFF;
-            sb.append(HEX_CHARS.charAt(val >> 4));
-            sb.append(HEX_CHARS.charAt(val & 0xF));
-        }
-        dump(sb.toString());
-    }
-
-    private synchronized void dump(String s)
-    {
-        output.println(s);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockDTLSClient.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockDTLSClient.java
deleted file mode 100644
index ba6f2a8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockDTLSClient.java
+++ /dev/null

@@ -1,157 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.IOException;
-import java.io.PrintStream;
-import java.util.Hashtable;
-
-import org.bouncycastle.asn1.x509.Certificate;
-import org.bouncycastle.crypto.tls.AlertDescription;
-import org.bouncycastle.crypto.tls.AlertLevel;
-import org.bouncycastle.crypto.tls.CertificateRequest;
-import org.bouncycastle.crypto.tls.ClientCertificateType;
-import org.bouncycastle.crypto.tls.DefaultTlsClient;
-import org.bouncycastle.crypto.tls.MaxFragmentLength;
-import org.bouncycastle.crypto.tls.ProtocolVersion;
-import org.bouncycastle.crypto.tls.SignatureAlgorithm;
-import org.bouncycastle.crypto.tls.TlsAuthentication;
-import org.bouncycastle.crypto.tls.TlsCredentials;
-import org.bouncycastle.crypto.tls.TlsExtensionsUtils;
-import org.bouncycastle.crypto.tls.TlsSession;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-
-public class MockDTLSClient
-    extends DefaultTlsClient
-{
-    protected TlsSession session;
-
-    public MockDTLSClient(TlsSession session)
-    {
-        this.session = session;
-    }
-
-    public TlsSession getSessionToResume()
-    {
-        return this.session;
-    }
-
-    public void notifyAlertRaised(short alertLevel, short alertDescription, String message, Throwable cause)
-    {
-        PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
-        out.println("DTLS client raised alert: " + AlertLevel.getText(alertLevel)
-            + ", " + AlertDescription.getText(alertDescription));
-        if (message != null)
-        {
-            out.println(message);
-        }
-        if (cause != null)
-        {
-            cause.printStackTrace(out);
-        }
-    }
-
-    public void notifyAlertReceived(short alertLevel, short alertDescription)
-    {
-        PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
-        out.println("DTLS client received alert: " + AlertLevel.getText(alertLevel)
-            + ", " + AlertDescription.getText(alertDescription));
-    }
-
-    public ProtocolVersion getClientVersion()
-    {
-        return ProtocolVersion.DTLSv12;
-    }
-
-    public ProtocolVersion getMinimumVersion()
-    {
-        return ProtocolVersion.DTLSv10;
-    }
-
-//    public int[] getCipherSuites()
-//    {
-//        return Arrays.concatenate(super.getCipherSuites(),
-//            new int[]
-//            {
-//                CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
-//            });
-//    }
-
-    public Hashtable getClientExtensions() throws IOException
-    {
-        Hashtable clientExtensions = TlsExtensionsUtils.ensureExtensionsInitialised(super.getClientExtensions());
-        TlsExtensionsUtils.addEncryptThenMACExtension(clientExtensions);
-        {
-            /*
-             * NOTE: If you are copying test code, do not blindly set these extensions in your own client.
-             */
-            TlsExtensionsUtils.addMaxFragmentLengthExtension(clientExtensions, MaxFragmentLength.pow2_9);
-            TlsExtensionsUtils.addPaddingExtension(clientExtensions, context.getSecureRandom().nextInt(16));
-            TlsExtensionsUtils.addTruncatedHMacExtension(clientExtensions);
-        }
-        return clientExtensions;
-    }
-
-    public void notifyServerVersion(ProtocolVersion serverVersion) throws IOException
-    {
-        super.notifyServerVersion(serverVersion);
-
-        System.out.println("Negotiated " + serverVersion);
-    }
-
-    public TlsAuthentication getAuthentication()
-        throws IOException
-    {
-        return new TlsAuthentication()
-        {
-            public void notifyServerCertificate(org.bouncycastle.crypto.tls.Certificate serverCertificate)
-                throws IOException
-            {
-                Certificate[] chain = serverCertificate.getCertificateList();
-                System.out.println("DTLS client received server certificate chain of length " + chain.length);
-                for (int i = 0; i != chain.length; i++)
-                {
-                    Certificate entry = chain[i];
-                    // TODO Create fingerprint based on certificate signature algorithm digest
-                    System.out.println("    fingerprint:SHA-256 " + TlsTestUtils.fingerprint(entry) + " ("
-                        + entry.getSubject() + ")");
-                }
-            }
-
-            public TlsCredentials getClientCredentials(CertificateRequest certificateRequest)
-                throws IOException
-            {
-                short[] certificateTypes = certificateRequest.getCertificateTypes();
-                if (certificateTypes == null || !Arrays.contains(certificateTypes, ClientCertificateType.rsa_sign))
-                {
-                    return null;
-                }
-
-                return TlsTestUtils.loadSignerCredentials(context, certificateRequest.getSupportedSignatureAlgorithms(),
-                    SignatureAlgorithm.rsa, "x509-client.pem", "x509-client-key.pem");
-            }
-        };
-    }
-
-    public void notifyHandshakeComplete() throws IOException
-    {
-        super.notifyHandshakeComplete();
-
-        TlsSession newSession = context.getResumableSession();
-        if (newSession != null)
-        {
-            byte[] newSessionID = newSession.getSessionID();
-            String hex = Hex.toHexString(newSessionID);
-
-            if (this.session != null && Arrays.areEqual(this.session.getSessionID(), newSessionID))
-            {
-                System.out.println("Resumed session: " + hex);
-            }
-            else
-            {
-                System.out.println("Established session: " + hex);
-            }
-
-            this.session = newSession;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockDTLSServer.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockDTLSServer.java
deleted file mode 100644
index 9e5544b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockDTLSServer.java
+++ /dev/null

@@ -1,108 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.IOException;
-import java.io.PrintStream;
-import java.util.Vector;
-
-import org.bouncycastle.asn1.x509.Certificate;
-import org.bouncycastle.crypto.tls.AlertDescription;
-import org.bouncycastle.crypto.tls.AlertLevel;
-import org.bouncycastle.crypto.tls.CertificateRequest;
-import org.bouncycastle.crypto.tls.CipherSuite;
-import org.bouncycastle.crypto.tls.ClientCertificateType;
-import org.bouncycastle.crypto.tls.DefaultTlsServer;
-import org.bouncycastle.crypto.tls.ProtocolVersion;
-import org.bouncycastle.crypto.tls.SignatureAlgorithm;
-import org.bouncycastle.crypto.tls.TlsEncryptionCredentials;
-import org.bouncycastle.crypto.tls.TlsSignerCredentials;
-import org.bouncycastle.crypto.tls.TlsUtils;
-import org.bouncycastle.util.Arrays;
-
-public class MockDTLSServer
-    extends DefaultTlsServer
-{
-    public void notifyAlertRaised(short alertLevel, short alertDescription, String message, Throwable cause)
-    {
-        PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
-        out.println("DTLS server raised alert: " + AlertLevel.getText(alertLevel)
-            + ", " + AlertDescription.getText(alertDescription));
-        if (message != null)
-        {
-            out.println(message);
-        }
-        if (cause != null)
-        {
-            cause.printStackTrace(out);
-        }
-    }
-
-    public void notifyAlertReceived(short alertLevel, short alertDescription)
-    {
-        PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
-        out.println("DTLS server received alert: " + AlertLevel.getText(alertLevel)
-            + ", " + AlertDescription.getText(alertDescription));
-    }
-
-    protected int[] getCipherSuites()
-    {
-        return Arrays.concatenate(super.getCipherSuites(),
-            new int[]
-            {
-                CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
-            });
-    }
-
-    public CertificateRequest getCertificateRequest() throws IOException
-    {
-        short[] certificateTypes = new short[]{ ClientCertificateType.rsa_sign,
-            ClientCertificateType.dss_sign, ClientCertificateType.ecdsa_sign };
-
-        Vector serverSigAlgs = null;
-        if (TlsUtils.isSignatureAlgorithmsExtensionAllowed(serverVersion))
-        {
-            serverSigAlgs = TlsUtils.getDefaultSupportedSignatureAlgorithms();
-        }
-
-        Vector certificateAuthorities = new Vector();
-        certificateAuthorities.addElement(TlsTestUtils.loadCertificateResource("x509-ca.pem").getSubject());
-
-        return new CertificateRequest(certificateTypes, serverSigAlgs, certificateAuthorities);
-    }
-
-    public void notifyClientCertificate(org.bouncycastle.crypto.tls.Certificate clientCertificate)
-        throws IOException
-    {
-        Certificate[] chain = clientCertificate.getCertificateList();
-        System.out.println("DTLS server received client certificate chain of length " + chain.length);
-        for (int i = 0; i != chain.length; i++)
-        {
-            Certificate entry = chain[i];
-            // TODO Create fingerprint based on certificate signature algorithm digest
-            System.out.println("    fingerprint:SHA-256 " + TlsTestUtils.fingerprint(entry) + " (" + entry.getSubject()
-                + ")");
-        }
-    }
-
-    protected ProtocolVersion getMaximumVersion()
-    {
-        return ProtocolVersion.DTLSv12;
-    }
-
-    protected ProtocolVersion getMinimumVersion()
-    {
-        return ProtocolVersion.DTLSv10;
-    }
-
-    protected TlsEncryptionCredentials getRSAEncryptionCredentials()
-        throws IOException
-    {
-        return TlsTestUtils.loadEncryptionCredentials(context, new String[]{"x509-server.pem", "x509-ca.pem"},
-            "x509-server-key.pem");
-    }
-
-    protected TlsSignerCredentials getRSASignerCredentials() throws IOException
-    {
-        return TlsTestUtils.loadSignerCredentials(context, supportedSignatureAlgorithms, SignatureAlgorithm.rsa,
-            "x509-server.pem", "x509-server-key.pem");
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockDatagramAssociation.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockDatagramAssociation.java
deleted file mode 100644
index b8b7c06..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockDatagramAssociation.java
+++ /dev/null

@@ -1,110 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.IOException;
-import java.net.DatagramPacket;
-import java.util.Vector;
-
-import org.bouncycastle.crypto.tls.DatagramTransport;
-
-public class MockDatagramAssociation
-{
-    private int mtu;
-    private MockDatagramTransport client, server;
-
-    public MockDatagramAssociation(int mtu)
-    {
-        this.mtu = mtu;
-
-        Vector clientQueue = new Vector();
-        Vector serverQueue = new Vector();
-
-        this.client = new MockDatagramTransport(clientQueue, serverQueue);
-        this.server = new MockDatagramTransport(serverQueue, clientQueue);
-    }
-
-    public DatagramTransport getClient()
-    {
-        return client;
-    }
-
-    public DatagramTransport getServer()
-    {
-        return server;
-    }
-
-    private class MockDatagramTransport
-        implements DatagramTransport
-    {
-        private Vector receiveQueue, sendQueue;
-
-        MockDatagramTransport(Vector receiveQueue, Vector sendQueue)
-        {
-            this.receiveQueue = receiveQueue;
-            this.sendQueue = sendQueue;
-        }
-
-        public int getReceiveLimit()
-            throws IOException
-        {
-            return mtu;
-        }
-
-        public int getSendLimit()
-            throws IOException
-        {
-            return mtu;
-        }
-
-        public int receive(byte[] buf, int off, int len, int waitMillis)
-            throws IOException
-        {
-            synchronized (receiveQueue)
-            {
-                if (receiveQueue.isEmpty())
-                {
-                    try
-                    {
-                        receiveQueue.wait(waitMillis);
-                    }
-                    catch (InterruptedException e)
-                    {
-                        // TODO Keep waiting until full wait expired?
-                    }
-                    if (receiveQueue.isEmpty())
-                    {
-                        return -1;
-                    }
-                }
-                DatagramPacket packet = (DatagramPacket)receiveQueue.remove(0);
-                int copyLength = Math.min(len, packet.getLength());
-                System.arraycopy(packet.getData(), packet.getOffset(), buf, off, copyLength);
-                return copyLength;
-            }
-        }
-
-        public void send(byte[] buf, int off, int len)
-            throws IOException
-        {
-            if (len > mtu)
-            {
-                // TODO Simulate rejection?
-            }
-
-            byte[] copy = new byte[len];
-            System.arraycopy(buf, off, copy, 0, len);
-            DatagramPacket packet = new DatagramPacket(copy, len);
-
-            synchronized (sendQueue)
-            {
-                sendQueue.addElement(packet);
-                sendQueue.notify();
-            }
-        }
-
-        public void close()
-            throws IOException
-        {
-            // TODO?
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockPSKTlsClient.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockPSKTlsClient.java
deleted file mode 100644
index 7af5957..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockPSKTlsClient.java
+++ /dev/null

@@ -1,134 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.IOException;
-import java.io.PrintStream;
-import java.util.Hashtable;
-
-import org.bouncycastle.asn1.x509.Certificate;
-import org.bouncycastle.crypto.tls.AlertDescription;
-import org.bouncycastle.crypto.tls.AlertLevel;
-import org.bouncycastle.crypto.tls.BasicTlsPSKIdentity;
-import org.bouncycastle.crypto.tls.CipherSuite;
-import org.bouncycastle.crypto.tls.PSKTlsClient;
-import org.bouncycastle.crypto.tls.ProtocolVersion;
-import org.bouncycastle.crypto.tls.ServerOnlyTlsAuthentication;
-import org.bouncycastle.crypto.tls.TlsAuthentication;
-import org.bouncycastle.crypto.tls.TlsExtensionsUtils;
-import org.bouncycastle.crypto.tls.TlsPSKIdentity;
-import org.bouncycastle.crypto.tls.TlsSession;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-
-class MockPSKTlsClient
-    extends PSKTlsClient
-{
-    TlsSession session;
-
-    MockPSKTlsClient(TlsSession session)
-    {
-        this(session, new BasicTlsPSKIdentity("client", new byte[16]));
-    }
-
-    MockPSKTlsClient(TlsSession session, TlsPSKIdentity pskIdentity)
-    {
-        super(pskIdentity);
-
-        this.session = session;
-    }
-
-    public TlsSession getSessionToResume()
-    {
-        return this.session;
-    }
-
-    public void notifyAlertRaised(short alertLevel, short alertDescription, String message, Throwable cause)
-    {
-        PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
-        out.println("TLS-PSK client raised alert: " + AlertLevel.getText(alertLevel) + ", "
-            + AlertDescription.getText(alertDescription));
-        if (message != null)
-        {
-            out.println("> " + message);
-        }
-        if (cause != null)
-        {
-            cause.printStackTrace(out);
-        }
-    }
-
-    public void notifyAlertReceived(short alertLevel, short alertDescription)
-    {
-        PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
-        out.println("TLS-PSK client received alert: " + AlertLevel.getText(alertLevel) + ", "
-            + AlertDescription.getText(alertDescription));
-    }
-
-    public void notifyHandshakeComplete() throws IOException
-    {
-        super.notifyHandshakeComplete();
-
-        TlsSession newSession = context.getResumableSession();
-        if (newSession != null)
-        {
-            byte[] newSessionID = newSession.getSessionID();
-            String hex = Hex.toHexString(newSessionID);
-
-            if (this.session != null && Arrays.areEqual(this.session.getSessionID(), newSessionID))
-            {
-                System.out.println("Resumed session: " + hex);
-            }
-            else
-            {
-                System.out.println("Established session: " + hex);
-            }
-
-            this.session = newSession;
-        }
-    }
-
-    public int[] getCipherSuites()
-    {
-        return new int[]{ CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
-            CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
-            CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA };
-    }
-
-    public ProtocolVersion getMinimumVersion()
-    {
-        return ProtocolVersion.TLSv12;
-    }
-
-    public Hashtable getClientExtensions() throws IOException
-    {
-        Hashtable clientExtensions = TlsExtensionsUtils.ensureExtensionsInitialised(super.getClientExtensions());
-        TlsExtensionsUtils.addEncryptThenMACExtension(clientExtensions);
-        return clientExtensions;
-    }
-
-    public void notifyServerVersion(ProtocolVersion serverVersion) throws IOException
-    {
-        super.notifyServerVersion(serverVersion);
-
-        System.out.println("TLS-PSK client negotiated " + serverVersion);
-    }
-
-    public TlsAuthentication getAuthentication() throws IOException
-    {
-        return new ServerOnlyTlsAuthentication()
-        {
-            public void notifyServerCertificate(org.bouncycastle.crypto.tls.Certificate serverCertificate)
-                throws IOException
-            {
-                Certificate[] chain = serverCertificate.getCertificateList();
-                System.out.println("TLS-PSK client received server certificate chain of length " + chain.length);
-                for (int i = 0; i != chain.length; i++)
-                {
-                    Certificate entry = chain[i];
-                    // TODO Create fingerprint based on certificate signature algorithm digest
-                    System.out.println("    fingerprint:SHA-256 " + TlsTestUtils.fingerprint(entry) + " ("
-                        + entry.getSubject() + ")");
-                }
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockPSKTlsServer.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockPSKTlsServer.java
deleted file mode 100644
index d5ca7ab..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockPSKTlsServer.java
+++ /dev/null

@@ -1,110 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.IOException;
-import java.io.PrintStream;
-
-import org.bouncycastle.crypto.tls.AlertDescription;
-import org.bouncycastle.crypto.tls.AlertLevel;
-import org.bouncycastle.crypto.tls.CipherSuite;
-import org.bouncycastle.crypto.tls.PSKTlsServer;
-import org.bouncycastle.crypto.tls.ProtocolVersion;
-import org.bouncycastle.crypto.tls.TlsEncryptionCredentials;
-import org.bouncycastle.crypto.tls.TlsPSKIdentityManager;
-import org.bouncycastle.util.Strings;
-
-class MockPSKTlsServer
-    extends PSKTlsServer
-{
-    MockPSKTlsServer()
-    {
-        super(new MyIdentityManager());
-    }
-
-    public void notifyAlertRaised(short alertLevel, short alertDescription, String message, Throwable cause)
-    {
-        PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
-        out.println("TLS-PSK server raised alert: " + AlertLevel.getText(alertLevel) + ", "
-            + AlertDescription.getText(alertDescription));
-        if (message != null)
-        {
-            out.println("> " + message);
-        }
-        if (cause != null)
-        {
-            cause.printStackTrace(out);
-        }
-    }
-
-    public void notifyAlertReceived(short alertLevel, short alertDescription)
-    {
-        PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
-        out.println("TLS-PSK server received alert: " + AlertLevel.getText(alertLevel) + ", "
-            + AlertDescription.getText(alertDescription));
-    }
-
-    public void notifyHandshakeComplete() throws IOException
-    {
-        super.notifyHandshakeComplete();
-
-        byte[] pskIdentity = context.getSecurityParameters().getPSKIdentity();
-        if (pskIdentity != null)
-        {
-            String name = Strings.fromUTF8ByteArray(pskIdentity);
-            System.out.println("TLS-PSK server completed handshake for PSK identity: " + name);
-        }
-    }
-
-    protected int[] getCipherSuites()
-    {
-        return new int[]{ CipherSuite.TLS_ECDHE_PSK_WITH_AES_256_CBC_SHA384,
-            CipherSuite.TLS_DHE_PSK_WITH_AES_256_CBC_SHA384, CipherSuite.TLS_RSA_PSK_WITH_AES_256_CBC_SHA384,
-            CipherSuite.TLS_PSK_WITH_AES_256_CBC_SHA };
-    }
-
-    protected ProtocolVersion getMaximumVersion()
-    {
-        return ProtocolVersion.TLSv12;
-    }
-
-    protected ProtocolVersion getMinimumVersion()
-    {
-        return ProtocolVersion.TLSv12;
-    }
-
-    public ProtocolVersion getServerVersion() throws IOException
-    {
-        ProtocolVersion serverVersion = super.getServerVersion();
-
-        System.out.println("TLS-PSK server negotiated " + serverVersion);
-
-        return serverVersion;
-    }
-
-    protected TlsEncryptionCredentials getRSAEncryptionCredentials() throws IOException
-    {
-        return TlsTestUtils.loadEncryptionCredentials(context, new String[]{ "x509-server.pem", "x509-ca.pem" },
-            "x509-server-key.pem");
-    }
-
-    static class MyIdentityManager
-        implements TlsPSKIdentityManager
-    {
-        public byte[] getHint()
-        {
-            return Strings.toUTF8ByteArray("hint");
-        }
-
-        public byte[] getPSK(byte[] identity)
-        {
-            if (identity != null)
-            {
-                String name = Strings.fromUTF8ByteArray(identity);
-                if (name.equals("client"))
-                {
-                    return new byte[16];
-                }
-            }
-            return null;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockSRPTlsClient.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockSRPTlsClient.java
deleted file mode 100644
index e6f20d6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockSRPTlsClient.java
+++ /dev/null

@@ -1,120 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.IOException;
-import java.io.PrintStream;
-import java.util.Hashtable;
-
-import org.bouncycastle.asn1.x509.Certificate;
-import org.bouncycastle.crypto.tls.AlertDescription;
-import org.bouncycastle.crypto.tls.AlertLevel;
-import org.bouncycastle.crypto.tls.CipherSuite;
-import org.bouncycastle.crypto.tls.ProtocolVersion;
-import org.bouncycastle.crypto.tls.SRPTlsClient;
-import org.bouncycastle.crypto.tls.ServerOnlyTlsAuthentication;
-import org.bouncycastle.crypto.tls.TlsAuthentication;
-import org.bouncycastle.crypto.tls.TlsExtensionsUtils;
-import org.bouncycastle.crypto.tls.TlsSession;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-
-class MockSRPTlsClient
-    extends SRPTlsClient
-{
-    TlsSession session;
-
-    MockSRPTlsClient(TlsSession session, byte[] identity, byte[] password)
-    {
-        super(identity, password);
-
-        this.session = session;
-    }
-
-    public TlsSession getSessionToResume()
-    {
-        return this.session;
-    }
-
-    public void notifyAlertRaised(short alertLevel, short alertDescription, String message, Throwable cause)
-    {
-        PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
-        out.println("TLS-SRP client raised alert: " + AlertLevel.getText(alertLevel) + ", "
-            + AlertDescription.getText(alertDescription));
-        if (message != null)
-        {
-            out.println("> " + message);
-        }
-        if (cause != null)
-        {
-            cause.printStackTrace(out);
-        }
-    }
-
-    public void notifyAlertReceived(short alertLevel, short alertDescription)
-    {
-        PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
-        out.println("TLS-SRP client received alert: " + AlertLevel.getText(alertLevel) + ", "
-            + AlertDescription.getText(alertDescription));
-    }
-
-    public void notifyHandshakeComplete() throws IOException
-    {
-        super.notifyHandshakeComplete();
-
-        TlsSession newSession = context.getResumableSession();
-        if (newSession != null)
-        {
-            byte[] newSessionID = newSession.getSessionID();
-            String hex = Hex.toHexString(newSessionID);
-
-            if (this.session != null && Arrays.areEqual(this.session.getSessionID(), newSessionID))
-            {
-                System.out.println("Resumed session: " + hex);
-            }
-            else
-            {
-                System.out.println("Established session: " + hex);
-            }
-
-            this.session = newSession;
-        }
-    }
-
-    public ProtocolVersion getMinimumVersion()
-    {
-        return ProtocolVersion.TLSv12;
-    }
-
-    public Hashtable getClientExtensions() throws IOException
-    {
-        Hashtable clientExtensions = TlsExtensionsUtils.ensureExtensionsInitialised(super.getClientExtensions());
-        TlsExtensionsUtils.addEncryptThenMACExtension(clientExtensions);
-        return clientExtensions;
-    }
-
-    public void notifyServerVersion(ProtocolVersion serverVersion) throws IOException
-    {
-        super.notifyServerVersion(serverVersion);
-
-        System.out.println("TLS-SRP client negotiated " + serverVersion);
-    }
-
-    public TlsAuthentication getAuthentication() throws IOException
-    {
-        return new ServerOnlyTlsAuthentication()
-        {
-            public void notifyServerCertificate(org.bouncycastle.crypto.tls.Certificate serverCertificate)
-                throws IOException
-            {
-                Certificate[] chain = serverCertificate.getCertificateList();
-                System.out.println("TLS-SRP client received server certificate chain of length " + chain.length);
-                for (int i = 0; i != chain.length; i++)
-                {
-                    Certificate entry = chain[i];
-                    // TODO Create fingerprint based on certificate signature algorithm digest
-                    System.out.println("    fingerprint:SHA-256 " + TlsTestUtils.fingerprint(entry) + " ("
-                        + entry.getSubject() + ")");
-                }
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockSRPTlsServer.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockSRPTlsServer.java
deleted file mode 100644
index 3593757..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockSRPTlsServer.java
+++ /dev/null

@@ -1,124 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.IOException;
-import java.io.PrintStream;
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.agreement.srp.SRP6StandardGroups;
-import org.bouncycastle.crypto.agreement.srp.SRP6VerifierGenerator;
-import org.bouncycastle.crypto.params.SRP6GroupParameters;
-import org.bouncycastle.crypto.tls.AlertDescription;
-import org.bouncycastle.crypto.tls.AlertLevel;
-import org.bouncycastle.crypto.tls.HashAlgorithm;
-import org.bouncycastle.crypto.tls.ProtocolVersion;
-import org.bouncycastle.crypto.tls.SRPTlsServer;
-import org.bouncycastle.crypto.tls.SignatureAlgorithm;
-import org.bouncycastle.crypto.tls.SimulatedTlsSRPIdentityManager;
-import org.bouncycastle.crypto.tls.TlsSRPIdentityManager;
-import org.bouncycastle.crypto.tls.TlsSRPLoginParameters;
-import org.bouncycastle.crypto.tls.TlsSignerCredentials;
-import org.bouncycastle.crypto.tls.TlsUtils;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-
-class MockSRPTlsServer
-    extends SRPTlsServer
-{
-    static final SRP6GroupParameters TEST_GROUP = SRP6StandardGroups.rfc5054_1024;
-    static final byte[] TEST_IDENTITY = Strings.toUTF8ByteArray("client");
-    static final byte[] TEST_PASSWORD = Strings.toUTF8ByteArray("password");
-    static final byte[] TEST_SALT = Strings.toUTF8ByteArray("salt");
-    static final byte[] TEST_SEED_KEY = Strings.toUTF8ByteArray("seed_key");
-
-    MockSRPTlsServer()
-    {
-        super(new MyIdentityManager());
-    }
-
-    public void notifyAlertRaised(short alertLevel, short alertDescription, String message, Throwable cause)
-    {
-        PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
-        out.println("TLS-SRP server raised alert: " + AlertLevel.getText(alertLevel) + ", "
-            + AlertDescription.getText(alertDescription));
-        if (message != null)
-        {
-            out.println("> " + message);
-        }
-        if (cause != null)
-        {
-            cause.printStackTrace(out);
-        }
-    }
-
-    public void notifyAlertReceived(short alertLevel, short alertDescription)
-    {
-        PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
-        out.println("TLS-SRP server received alert: " + AlertLevel.getText(alertLevel) + ", "
-            + AlertDescription.getText(alertDescription));
-    }
-
-    public void notifyHandshakeComplete() throws IOException
-    {
-        super.notifyHandshakeComplete();
-
-        byte[] srpIdentity = context.getSecurityParameters().getSRPIdentity();
-        if (srpIdentity != null)
-        {
-            String name = Strings.fromUTF8ByteArray(srpIdentity);
-            System.out.println("TLS-SRP server completed handshake for SRP identity: " + name);
-        }
-    }
-
-    protected ProtocolVersion getMaximumVersion()
-    {
-        return ProtocolVersion.TLSv12;
-    }
-
-    protected ProtocolVersion getMinimumVersion()
-    {
-        return ProtocolVersion.TLSv12;
-    }
-
-    public ProtocolVersion getServerVersion() throws IOException
-    {
-        ProtocolVersion serverVersion = super.getServerVersion();
-
-        System.out.println("TLS-SRP server negotiated " + serverVersion);
-
-        return serverVersion;
-    }
-
-    protected TlsSignerCredentials getDSASignerCredentials() throws IOException
-    {
-        return TlsTestUtils.loadSignerCredentials(context, supportedSignatureAlgorithms, SignatureAlgorithm.dsa,
-            "x509-server-dsa.pem", "x509-server-key-dsa.pem");
-    }
-
-    protected TlsSignerCredentials getRSASignerCredentials() throws IOException
-    {
-        return TlsTestUtils.loadSignerCredentials(context, supportedSignatureAlgorithms, SignatureAlgorithm.rsa,
-            "x509-server.pem", "x509-server-key.pem");
-    }
-
-    static class MyIdentityManager
-        implements TlsSRPIdentityManager
-    {
-        protected SimulatedTlsSRPIdentityManager unknownIdentityManager = SimulatedTlsSRPIdentityManager.getRFC5054Default(
-            TEST_GROUP, TEST_SEED_KEY);
-
-        public TlsSRPLoginParameters getLoginParameters(byte[] identity)
-        {
-            if (Arrays.areEqual(TEST_IDENTITY, identity))
-            {
-                SRP6VerifierGenerator verifierGenerator = new SRP6VerifierGenerator();
-                verifierGenerator.init(TEST_GROUP, TlsUtils.createHash(HashAlgorithm.sha1));
-
-                BigInteger verifier = verifierGenerator.generateVerifier(TEST_SALT, identity, TEST_PASSWORD);
-
-                return new TlsSRPLoginParameters(TEST_GROUP, verifier, TEST_SALT);
-            }
-
-            return unknownIdentityManager.getLoginParameters(identity);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockTlsClient.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockTlsClient.java
deleted file mode 100644
index e2bd5c1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockTlsClient.java
+++ /dev/null

@@ -1,148 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.IOException;
-import java.io.PrintStream;
-import java.util.Hashtable;
-
-import org.bouncycastle.asn1.x509.Certificate;
-import org.bouncycastle.crypto.tls.AlertDescription;
-import org.bouncycastle.crypto.tls.AlertLevel;
-import org.bouncycastle.crypto.tls.CertificateRequest;
-import org.bouncycastle.crypto.tls.CipherSuite;
-import org.bouncycastle.crypto.tls.ClientCertificateType;
-import org.bouncycastle.crypto.tls.DefaultTlsClient;
-import org.bouncycastle.crypto.tls.MaxFragmentLength;
-import org.bouncycastle.crypto.tls.ProtocolVersion;
-import org.bouncycastle.crypto.tls.SignatureAlgorithm;
-import org.bouncycastle.crypto.tls.TlsAuthentication;
-import org.bouncycastle.crypto.tls.TlsCredentials;
-import org.bouncycastle.crypto.tls.TlsExtensionsUtils;
-import org.bouncycastle.crypto.tls.TlsSession;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-
-class MockTlsClient
-    extends DefaultTlsClient
-{
-    TlsSession session;
-
-    MockTlsClient(TlsSession session)
-    {
-        this.session = session;
-    }
-
-    public TlsSession getSessionToResume()
-    {
-        return this.session;
-    }
-
-    public void notifyAlertRaised(short alertLevel, short alertDescription, String message, Throwable cause)
-    {
-        PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
-        out.println("TLS client raised alert: " + AlertLevel.getText(alertLevel)
-            + ", " + AlertDescription.getText(alertDescription));
-        if (message != null)
-        {
-            out.println("> " + message);
-        }
-        if (cause != null)
-        {
-            cause.printStackTrace(out);
-        }
-    }
-
-    public void notifyAlertReceived(short alertLevel, short alertDescription)
-    {
-        PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
-        out.println("TLS client received alert: " + AlertLevel.getText(alertLevel)
-            + ", " + AlertDescription.getText(alertDescription));
-    }
-
-//    public int[] getCipherSuites()
-//    {
-//        return Arrays.concatenate(super.getCipherSuites(),
-//            new int[]
-//            {
-//                CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
-//            });
-//    }
-
-    public Hashtable getClientExtensions() throws IOException
-    {
-        Hashtable clientExtensions = TlsExtensionsUtils.ensureExtensionsInitialised(super.getClientExtensions());
-        TlsExtensionsUtils.addEncryptThenMACExtension(clientExtensions);
-        {
-            /*
-             * NOTE: If you are copying test code, do not blindly set these extensions in your own client.
-             */
-            TlsExtensionsUtils.addMaxFragmentLengthExtension(clientExtensions, MaxFragmentLength.pow2_9);
-            TlsExtensionsUtils.addPaddingExtension(clientExtensions, context.getSecureRandom().nextInt(16));
-            TlsExtensionsUtils.addTruncatedHMacExtension(clientExtensions);
-        }
-        return clientExtensions;
-    }
-
-    public void notifyServerVersion(ProtocolVersion serverVersion) throws IOException
-    {
-        super.notifyServerVersion(serverVersion);
-
-        System.out.println("TLS client negotiated " + serverVersion);
-    }
-
-    public TlsAuthentication getAuthentication()
-        throws IOException
-    {
-        return new TlsAuthentication()
-        {
-            public void notifyServerCertificate(org.bouncycastle.crypto.tls.Certificate serverCertificate)
-                throws IOException
-            {
-                Certificate[] chain = serverCertificate.getCertificateList();
-                System.out.println("TLS client received server certificate chain of length " + chain.length);
-                for (int i = 0; i != chain.length; i++)
-                {
-                    Certificate entry = chain[i];
-                    // TODO Create fingerprint based on certificate signature algorithm digest
-                    System.out.println("    fingerprint:SHA-256 " + TlsTestUtils.fingerprint(entry) + " ("
-                        + entry.getSubject() + ")");
-                }
-            }
-
-            public TlsCredentials getClientCredentials(CertificateRequest certificateRequest)
-                throws IOException
-            {
-                short[] certificateTypes = certificateRequest.getCertificateTypes();
-                if (certificateTypes == null || !Arrays.contains(certificateTypes, ClientCertificateType.rsa_sign))
-                {
-                    return null;
-                }
-
-                return TlsTestUtils.loadSignerCredentials(context, certificateRequest.getSupportedSignatureAlgorithms(),
-                    SignatureAlgorithm.rsa, "x509-client.pem", "x509-client-key.pem");
-            }
-        };
-    }
-
-    public void notifyHandshakeComplete() throws IOException
-    {
-        super.notifyHandshakeComplete();
-
-        TlsSession newSession = context.getResumableSession();
-        if (newSession != null)
-        {
-            byte[] newSessionID = newSession.getSessionID();
-            String hex = Hex.toHexString(newSessionID);
-
-            if (this.session != null && Arrays.areEqual(this.session.getSessionID(), newSessionID))
-            {
-                System.out.println("Resumed session: " + hex);
-            }
-            else
-            {
-                System.out.println("Established session: " + hex);
-            }
-
-            this.session = newSession;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockTlsServer.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockTlsServer.java
deleted file mode 100644
index f28a075..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/MockTlsServer.java
+++ /dev/null

@@ -1,112 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.IOException;
-import java.io.PrintStream;
-import java.util.Vector;
-
-import org.bouncycastle.asn1.x509.Certificate;
-import org.bouncycastle.crypto.tls.AlertDescription;
-import org.bouncycastle.crypto.tls.AlertLevel;
-import org.bouncycastle.crypto.tls.CertificateRequest;
-import org.bouncycastle.crypto.tls.CipherSuite;
-import org.bouncycastle.crypto.tls.ClientCertificateType;
-import org.bouncycastle.crypto.tls.DefaultTlsServer;
-import org.bouncycastle.crypto.tls.ProtocolVersion;
-import org.bouncycastle.crypto.tls.SignatureAlgorithm;
-import org.bouncycastle.crypto.tls.TlsEncryptionCredentials;
-import org.bouncycastle.crypto.tls.TlsSignerCredentials;
-import org.bouncycastle.crypto.tls.TlsUtils;
-import org.bouncycastle.util.Arrays;
-
-class MockTlsServer
-    extends DefaultTlsServer
-{
-    public void notifyAlertRaised(short alertLevel, short alertDescription, String message, Throwable cause)
-    {
-        PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
-        out.println("TLS server raised alert: " + AlertLevel.getText(alertLevel)
-            + ", " + AlertDescription.getText(alertDescription));
-        if (message != null)
-        {
-            out.println("> " + message);
-        }
-        if (cause != null)
-        {
-            cause.printStackTrace(out);
-        }
-    }
-
-    public void notifyAlertReceived(short alertLevel, short alertDescription)
-    {
-        PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
-        out.println("TLS server received alert: " + AlertLevel.getText(alertLevel)
-            + ", " + AlertDescription.getText(alertDescription));
-    }
-
-    protected int[] getCipherSuites()
-    {
-        return Arrays.concatenate(super.getCipherSuites(),
-            new int[]
-            {
-                CipherSuite.DRAFT_TLS_ECDHE_RSA_WITH_CHACHA20_POLY1305_SHA256,
-            });
-    }
-
-    protected ProtocolVersion getMaximumVersion()
-    {
-        return ProtocolVersion.TLSv12;
-    }
-
-    public ProtocolVersion getServerVersion() throws IOException
-    {
-        ProtocolVersion serverVersion = super.getServerVersion();
-
-        System.out.println("TLS server negotiated " + serverVersion);
-
-        return serverVersion;
-    }
-
-    public CertificateRequest getCertificateRequest() throws IOException
-    {
-        short[] certificateTypes = new short[]{ ClientCertificateType.rsa_sign,
-            ClientCertificateType.dss_sign, ClientCertificateType.ecdsa_sign };
-
-        Vector serverSigAlgs = null;
-        if (TlsUtils.isSignatureAlgorithmsExtensionAllowed(serverVersion))
-        {
-            serverSigAlgs = TlsUtils.getDefaultSupportedSignatureAlgorithms();
-        }
-
-        Vector certificateAuthorities = new Vector();
-        certificateAuthorities.addElement(TlsTestUtils.loadCertificateResource("x509-ca.pem").getSubject());
-
-        return new CertificateRequest(certificateTypes, serverSigAlgs, certificateAuthorities);
-    }
-
-    public void notifyClientCertificate(org.bouncycastle.crypto.tls.Certificate clientCertificate)
-        throws IOException
-    {
-        Certificate[] chain = clientCertificate.getCertificateList();
-        System.out.println("TLS server received client certificate chain of length " + chain.length);
-        for (int i = 0; i != chain.length; i++)
-        {
-            Certificate entry = chain[i];
-            // TODO Create fingerprint based on certificate signature algorithm digest
-            System.out.println("    fingerprint:SHA-256 " + TlsTestUtils.fingerprint(entry) + " ("
-                + entry.getSubject() + ")");
-        }
-    }
-
-    protected TlsEncryptionCredentials getRSAEncryptionCredentials()
-        throws IOException
-    {
-        return TlsTestUtils.loadEncryptionCredentials(context, new String[]{"x509-server.pem", "x509-ca.pem"},
-            "x509-server-key.pem");
-    }
-
-    protected TlsSignerCredentials getRSASignerCredentials() throws IOException
-    {
-        return TlsTestUtils.loadSignerCredentials(context, supportedSignatureAlgorithms, SignatureAlgorithm.rsa,
-            "x509-server.pem", "x509-server-key.pem");
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/NetworkInputStream.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/NetworkInputStream.java
deleted file mode 100644
index e5f4770..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/NetworkInputStream.java
+++ /dev/null

@@ -1,60 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.FilterInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-
-/**
- * Tracks and enforces close() calls, without closing the underlying InputStream
- */
-class NetworkInputStream extends FilterInputStream
-{
-    boolean closed = false;
-
-    public NetworkInputStream(InputStream input)
-    {
-        super(input);
-    }
-
-    synchronized boolean isClosed()
-    {
-        return closed;
-    }
-
-    public int available() throws IOException
-    {
-        checkNotClosed();
-        return in.available();
-    }
-
-    public synchronized void close() throws IOException
-    {
-        closed = true;
-    }
-
-    public int read() throws IOException
-    {
-        checkNotClosed();
-        return in.read();
-    }
-
-    public int read(byte[] b) throws IOException
-    {
-        checkNotClosed();
-        return in.read(b);
-    }
-
-    public int read(byte[] b, int off, int len) throws IOException
-    {
-        checkNotClosed();
-        return in.read(b, off, len);
-    }
-
-    protected synchronized void checkNotClosed() throws IOException
-    {
-        if (closed)
-        {
-            throw new IOException("NetworkInputStream closed");
-        }
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/NetworkOutputStream.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/NetworkOutputStream.java
deleted file mode 100644
index a11694b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/NetworkOutputStream.java
+++ /dev/null

@@ -1,54 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.FilterOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-
-/**
- * Tracks and enforces close() calls, without closing the underlying OutputStream
- */
-class NetworkOutputStream extends FilterOutputStream
-{
-    boolean closed = false;
-
-    public NetworkOutputStream(OutputStream output)
-    {
-        super(output);
-    }
-
-    synchronized boolean isClosed()
-    {
-        return closed;
-    }
-
-    public synchronized void close() throws IOException
-    {
-        closed = true;
-    }
-
-    public void write(int b) throws IOException
-    {
-        checkNotClosed();
-        out.write(b);
-    }
-
-    public void write(byte[] b) throws IOException
-    {
-        checkNotClosed();
-        out.write(b);
-    }
-
-    public void write(byte[] b, int off, int len) throws IOException
-    {
-        checkNotClosed();
-        out.write(b, off, len);
-    }
-
-    protected synchronized void checkNotClosed() throws IOException
-    {
-        if (closed)
-        {
-            throw new IOException("NetworkOutputStream closed");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/PSKTlsClientTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/PSKTlsClientTest.java
deleted file mode 100644
index 4b152f4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/PSKTlsClientTest.java
+++ /dev/null

@@ -1,82 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.BufferedReader;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.io.OutputStream;
-import java.net.InetAddress;
-import java.net.Socket;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.tls.BasicTlsPSKIdentity;
-import org.bouncycastle.crypto.tls.TlsClient;
-import org.bouncycastle.crypto.tls.TlsClientProtocol;
-
-/**
- * A simple test designed to conduct a TLS handshake with an external TLS server.
- * <p>
- * Please refer to GnuTLSSetup.html or OpenSSLSetup.html (under 'docs'), and x509-*.pem files in
- * this package (under 'src/test/resources') for help configuring an external TLS server.
- * </p><p>
- * In both cases, extra options are required to enable PSK ciphersuites and configure identities/keys.
- * </p>
- */
-public class PSKTlsClientTest
-{
-    private static final SecureRandom secureRandom = new SecureRandom();
-
-    public static void main(String[] args) throws Exception
-    {
-        InetAddress address = InetAddress.getLocalHost();
-        int port = 5556;
-
-        long time1 = System.currentTimeMillis();
-
-        /*
-         * Note: This is the default PSK identity for 'openssl s_server' testing, the server must be
-         * started with "-psk 6161616161" to make the keys match, and possibly the "-psk_hint"
-         * option should be present.
-         */
-        String psk_identity = "Client_identity";
-        byte[] psk = new byte[]{ 0x61, 0x61, 0x61, 0x61, 0x61 };
-
-        BasicTlsPSKIdentity pskIdentity = new BasicTlsPSKIdentity(psk_identity, psk);
-
-        MockPSKTlsClient client = new MockPSKTlsClient(null, pskIdentity);
-        TlsClientProtocol protocol = openTlsConnection(address, port, client);
-        protocol.close();
-
-        long time2 = System.currentTimeMillis();
-        System.out.println("Elapsed 1: " + (time2 - time1) + "ms");
-
-        client = new MockPSKTlsClient(client.getSessionToResume(), pskIdentity);
-        protocol = openTlsConnection(address, port, client);
-
-        long time3 = System.currentTimeMillis();
-        System.out.println("Elapsed 2: " + (time3 - time2) + "ms");
-
-        OutputStream output = protocol.getOutputStream();
-        output.write("GET / HTTP/1.1\r\n\r\n".getBytes("UTF-8"));
-        output.flush();
-
-        InputStream input = protocol.getInputStream();
-        BufferedReader reader = new BufferedReader(new InputStreamReader(input));
-
-        String line;
-        while ((line = reader.readLine()) != null)
-        {
-            System.out.println(">>> " + line);
-        }
-
-        protocol.close();
-    }
-
-    static TlsClientProtocol openTlsConnection(InetAddress address, int port, TlsClient client) throws IOException
-    {
-        Socket s = new Socket(address, port);
-        TlsClientProtocol protocol = new TlsClientProtocol(s.getInputStream(), s.getOutputStream(), secureRandom);
-        protocol.connect(client);
-        return protocol;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsClientTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsClientTest.java
deleted file mode 100644
index bf289d8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsClientTest.java
+++ /dev/null

@@ -1,70 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.BufferedReader;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.io.OutputStream;
-import java.net.InetAddress;
-import java.net.Socket;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.tls.TlsClient;
-import org.bouncycastle.crypto.tls.TlsClientProtocol;
-
-/**
- * A simple test designed to conduct a TLS handshake with an external TLS server.
- * <p>
- * Please refer to GnuTLSSetup.html or OpenSSLSetup.html (under 'docs'), and x509-*.pem files in
- * this package (under 'src/test/resources') for help configuring an external TLS server.
- * </p>
- */
-public class TlsClientTest
-{
-    private static final SecureRandom secureRandom = new SecureRandom();
-
-    public static void main(String[] args)
-        throws Exception
-    {
-        InetAddress address = InetAddress.getLocalHost();
-        int port = 5556;
-
-        long time1 = System.currentTimeMillis();
-
-        MockTlsClient client = new MockTlsClient(null);
-        TlsClientProtocol protocol = openTlsConnection(address, port, client);
-        protocol.close();
-
-        long time2 = System.currentTimeMillis();
-        System.out.println("Elapsed 1: " + (time2 - time1) + "ms");
-
-        client = new MockTlsClient(client.getSessionToResume());
-        protocol = openTlsConnection(address, port, client);
-
-        long time3 = System.currentTimeMillis();
-        System.out.println("Elapsed 2: " + (time3 - time2) + "ms");
-
-        OutputStream output = protocol.getOutputStream();
-        output.write("GET / HTTP/1.1\r\n\r\n".getBytes("UTF-8"));
-        output.flush();
-
-        InputStream input = protocol.getInputStream();
-        BufferedReader reader = new BufferedReader(new InputStreamReader(input));
-
-        String line;
-        while ((line = reader.readLine()) != null)
-        {
-            System.out.println(">>> " + line);
-        }
-
-        protocol.close();
-    }
-
-    static TlsClientProtocol openTlsConnection(InetAddress address, int port, TlsClient client) throws IOException
-    {
-        Socket s = new Socket(address, port);
-        TlsClientProtocol protocol = new TlsClientProtocol(s.getInputStream(), s.getOutputStream(), secureRandom);
-        protocol.connect(client);
-        return protocol;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsPSKProtocolTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsPSKProtocolTest.java
deleted file mode 100644
index f32554a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsPSKProtocolTest.java
+++ /dev/null

@@ -1,81 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.OutputStream;
-import java.io.PipedInputStream;
-import java.io.PipedOutputStream;
-import java.security.SecureRandom;
-
-import junit.framework.TestCase;
-
-import org.bouncycastle.crypto.tls.TlsClientProtocol;
-import org.bouncycastle.crypto.tls.TlsServerProtocol;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.io.Streams;
-
-public class TlsPSKProtocolTest
-    extends TestCase
-{
-    public void testClientServer() throws Exception
-    {
-        SecureRandom secureRandom = new SecureRandom();
-
-        PipedInputStream clientRead = new PipedInputStream();
-        PipedInputStream serverRead = new PipedInputStream();
-        PipedOutputStream clientWrite = new PipedOutputStream(serverRead);
-        PipedOutputStream serverWrite = new PipedOutputStream(clientRead);
-
-        TlsClientProtocol clientProtocol = new TlsClientProtocol(clientRead, clientWrite, secureRandom);
-        TlsServerProtocol serverProtocol = new TlsServerProtocol(serverRead, serverWrite, secureRandom);
-
-        ServerThread serverThread = new ServerThread(serverProtocol);
-        serverThread.start();
-
-        MockPSKTlsClient client = new MockPSKTlsClient(null);
-        clientProtocol.connect(client);
-
-        // NOTE: Because we write-all before we read-any, this length can't be more than the pipe capacity
-        int length = 1000;
-
-        byte[] data = new byte[length];
-        secureRandom.nextBytes(data);
-
-        OutputStream output = clientProtocol.getOutputStream();
-        output.write(data);
-
-        byte[] echo = new byte[data.length];
-        int count = Streams.readFully(clientProtocol.getInputStream(), echo);
-
-        assertEquals(count, data.length);
-        assertTrue(Arrays.areEqual(data, echo));
-
-        output.close();
-
-        serverThread.join();
-    }
-
-    static class ServerThread
-        extends Thread
-    {
-        private final TlsServerProtocol serverProtocol;
-
-        ServerThread(TlsServerProtocol serverProtocol)
-        {
-            this.serverProtocol = serverProtocol;
-        }
-
-        public void run()
-        {
-            try
-            {
-                MockPSKTlsServer server = new MockPSKTlsServer();
-                serverProtocol.accept(server);
-                Streams.pipeAll(serverProtocol.getInputStream(), serverProtocol.getOutputStream());
-                serverProtocol.close();
-            }
-            catch (Exception e)
-            {
-                //                throw new RuntimeException(e);
-            }
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsProtocolNonBlockingTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsProtocolNonBlockingTest.java
deleted file mode 100644
index 5fc095c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsProtocolNonBlockingTest.java
+++ /dev/null

@@ -1,127 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.IOException;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.tls.TlsClientProtocol;
-import org.bouncycastle.crypto.tls.TlsProtocol;
-import org.bouncycastle.crypto.tls.TlsServerProtocol;
-import org.bouncycastle.util.Arrays;
-
-import junit.framework.TestCase;
-
-public class TlsProtocolNonBlockingTest
-    extends TestCase
-{
-    public void testClientServerFragmented() throws IOException
-    {
-        // tests if it's really non-blocking when partial records arrive
-        testClientServer(true);
-    }
-
-    public void testClientServerNonFragmented() throws IOException
-    {
-        testClientServer(false);
-    }
-
-    private static void testClientServer(boolean fragment) throws IOException
-    {
-        SecureRandom secureRandom = new SecureRandom();
-
-        TlsClientProtocol clientProtocol = new TlsClientProtocol(secureRandom);
-        TlsServerProtocol serverProtocol = new TlsServerProtocol(secureRandom);
-
-        clientProtocol.connect(new MockTlsClient(null));
-        serverProtocol.accept(new MockTlsServer());
-
-        // pump handshake
-        boolean hadDataFromServer = true;
-        boolean hadDataFromClient = true;
-        while (hadDataFromServer || hadDataFromClient)
-        {
-            hadDataFromServer = pumpData(serverProtocol, clientProtocol, fragment);
-            hadDataFromClient = pumpData(clientProtocol, serverProtocol, fragment);
-        }
-
-        // send data in both directions
-        byte[] data = new byte[1024];
-        secureRandom.nextBytes(data);
-        writeAndRead(clientProtocol, serverProtocol, data, fragment);
-        writeAndRead(serverProtocol, clientProtocol, data, fragment);
-
-        // close the connection
-        clientProtocol.close();
-        pumpData(clientProtocol, serverProtocol, fragment);
-        serverProtocol.closeInput();
-        checkClosed(serverProtocol);
-        checkClosed(clientProtocol);
-    }
-
-    private static void writeAndRead(TlsProtocol writer, TlsProtocol reader, byte[] data, boolean fragment)
-        throws IOException
-    {
-        int dataSize = data.length;
-        writer.offerOutput(data, 0, dataSize);
-        pumpData(writer, reader, fragment);
-
-        assertEquals(dataSize, reader.getAvailableInputBytes());
-        byte[] readData = new byte[dataSize];
-        reader.readInput(readData, 0, dataSize);
-        assertArrayEquals(data, readData);
-    }
-
-    private static boolean pumpData(TlsProtocol from, TlsProtocol to, boolean fragment) throws IOException
-    {
-        int byteCount = from.getAvailableOutputBytes();
-        if (byteCount == 0)
-        {
-            return false;
-        }
-
-        if (fragment)
-        {
-            while (from.getAvailableOutputBytes() > 0)
-            {
-                byte[] buffer = new byte[1];
-                from.readOutput(buffer, 0, 1);
-                to.offerInput(buffer);
-            }
-        }
-        else
-        {
-            byte[] buffer = new byte[byteCount];
-            from.readOutput(buffer, 0, buffer.length);
-            to.offerInput(buffer);
-        }
-
-        return true;
-    }
-
-    private static void checkClosed(TlsProtocol protocol)
-    {
-        assertTrue(protocol.isClosed());
-
-        try
-        {
-            protocol.offerInput(new byte[10]);
-            fail("Input was accepted after close");
-        }
-        catch (IOException e)
-        {
-        }
-
-        try
-        {
-            protocol.offerOutput(new byte[10], 0, 10);
-            fail("Output was accepted after close");
-        }
-        catch (IOException e)
-        {
-        }
-    }
-
-    private static void assertArrayEquals(byte[] a, byte[] b)
-    {
-        assertTrue(Arrays.areEqual(a, b));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsProtocolTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsProtocolTest.java
deleted file mode 100644
index a817c47..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsProtocolTest.java
+++ /dev/null

@@ -1,82 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.OutputStream;
-import java.io.PipedInputStream;
-import java.io.PipedOutputStream;
-import java.security.SecureRandom;
-
-import junit.framework.TestCase;
-
-import org.bouncycastle.crypto.tls.TlsClientProtocol;
-import org.bouncycastle.crypto.tls.TlsServerProtocol;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.io.Streams;
-
-public class TlsProtocolTest
-    extends TestCase
-{
-    public void testClientServer()
-        throws Exception
-    {
-        SecureRandom secureRandom = new SecureRandom();
-
-        PipedInputStream clientRead = new PipedInputStream();
-        PipedInputStream serverRead = new PipedInputStream();
-        PipedOutputStream clientWrite = new PipedOutputStream(serverRead);
-        PipedOutputStream serverWrite = new PipedOutputStream(clientRead);
-
-        TlsClientProtocol clientProtocol = new TlsClientProtocol(clientRead, clientWrite, secureRandom);
-        TlsServerProtocol serverProtocol = new TlsServerProtocol(serverRead, serverWrite, secureRandom);
-
-        ServerThread serverThread = new ServerThread(serverProtocol);
-        serverThread.start();
-
-        MockTlsClient client = new MockTlsClient(null);
-        clientProtocol.connect(client);
-
-        // NOTE: Because we write-all before we read-any, this length can't be more than the pipe capacity
-        int length = 1000;
-
-        byte[] data = new byte[length];
-        secureRandom.nextBytes(data);
-
-        OutputStream output = clientProtocol.getOutputStream();
-        output.write(data);
-
-        byte[] echo = new byte[data.length];
-        int count = Streams.readFully(clientProtocol.getInputStream(), echo);
-
-        assertEquals(count, data.length);
-        assertTrue(Arrays.areEqual(data, echo));
-
-        output.close();
-
-        serverThread.join();
-    }
-
-    static class ServerThread
-        extends Thread
-    {
-        private final TlsServerProtocol serverProtocol;
-
-        ServerThread(TlsServerProtocol serverProtocol)
-        {
-            this.serverProtocol = serverProtocol;
-        }
-
-        public void run()
-        {
-            try
-            {
-                MockTlsServer server = new MockTlsServer();
-                serverProtocol.accept(server);
-                Streams.pipeAll(serverProtocol.getInputStream(), serverProtocol.getOutputStream());
-                serverProtocol.close();
-            }
-            catch (Exception e)
-            {
-//                throw new RuntimeException(e);
-            }
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsSRPProtocolTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsSRPProtocolTest.java
deleted file mode 100644
index b0c3c92..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsSRPProtocolTest.java
+++ /dev/null

@@ -1,81 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.OutputStream;
-import java.io.PipedInputStream;
-import java.io.PipedOutputStream;
-import java.security.SecureRandom;
-
-import junit.framework.TestCase;
-
-import org.bouncycastle.crypto.tls.TlsClientProtocol;
-import org.bouncycastle.crypto.tls.TlsServerProtocol;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.io.Streams;
-
-public class TlsSRPProtocolTest
-    extends TestCase
-{
-    public void testClientServer() throws Exception
-    {
-        SecureRandom secureRandom = new SecureRandom();
-
-        PipedInputStream clientRead = new PipedInputStream();
-        PipedInputStream serverRead = new PipedInputStream();
-        PipedOutputStream clientWrite = new PipedOutputStream(serverRead);
-        PipedOutputStream serverWrite = new PipedOutputStream(clientRead);
-
-        TlsClientProtocol clientProtocol = new TlsClientProtocol(clientRead, clientWrite, secureRandom);
-        TlsServerProtocol serverProtocol = new TlsServerProtocol(serverRead, serverWrite, secureRandom);
-
-        ServerThread serverThread = new ServerThread(serverProtocol);
-        serverThread.start();
-
-        MockSRPTlsClient client = new MockSRPTlsClient(null, MockSRPTlsServer.TEST_IDENTITY, MockSRPTlsServer.TEST_PASSWORD);
-        clientProtocol.connect(client);
-
-        // NOTE: Because we write-all before we read-any, this length can't be more than the pipe capacity
-        int length = 1000;
-
-        byte[] data = new byte[length];
-        secureRandom.nextBytes(data);
-
-        OutputStream output = clientProtocol.getOutputStream();
-        output.write(data);
-
-        byte[] echo = new byte[data.length];
-        int count = Streams.readFully(clientProtocol.getInputStream(), echo);
-
-        assertEquals(count, data.length);
-        assertTrue(Arrays.areEqual(data, echo));
-
-        output.close();
-
-        serverThread.join();
-    }
-
-    static class ServerThread
-        extends Thread
-    {
-        private final TlsServerProtocol serverProtocol;
-
-        ServerThread(TlsServerProtocol serverProtocol)
-        {
-            this.serverProtocol = serverProtocol;
-        }
-
-        public void run()
-        {
-            try
-            {
-                MockSRPTlsServer server = new MockSRPTlsServer();
-                serverProtocol.accept(server);
-                Streams.pipeAll(serverProtocol.getInputStream(), serverProtocol.getOutputStream());
-                serverProtocol.close();
-            }
-            catch (Exception e)
-            {
-                //throw new RuntimeException(e);
-            }
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsServerTest.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsServerTest.java
deleted file mode 100644
index 27cf877..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsServerTest.java
+++ /dev/null

@@ -1,89 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.IOException;
-import java.io.OutputStream;
-import java.net.InetAddress;
-import java.net.ServerSocket;
-import java.net.Socket;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.tls.TlsServerProtocol;
-import org.bouncycastle.util.io.Streams;
-import org.bouncycastle.util.io.TeeOutputStream;
-
-/**
- * A simple test designed to conduct a TLS handshake with an external TLS client.
- * <p>
- * Please refer to GnuTLSSetup.html or OpenSSLSetup.html (under 'docs'), and x509-*.pem files in
- * this package (under 'src/test/resources') for help configuring an external TLS client.
- * </p>
- */
-public class TlsServerTest
-{
-    private static final SecureRandom secureRandom = new SecureRandom();
-
-    public static void main(String[] args)
-        throws Exception
-    {
-        InetAddress address = InetAddress.getLocalHost();
-        int port = 5556;
-
-        ServerSocket ss = new ServerSocket(port, 16, address);
-        try
-        {
-            while (true)
-            {
-                Socket s = ss.accept();
-                System.out.println("--------------------------------------------------------------------------------");
-                System.out.println("Accepted " + s);
-                ServerThread t = new ServerThread(s);
-                t.start();
-            }
-        }
-        finally
-        {
-            ss.close();
-        }
-    }
-
-    static class ServerThread
-        extends Thread
-    {
-        private final Socket s;
-
-        ServerThread(Socket s)
-        {
-            this.s = s;
-        }
-
-        public void run()
-        {
-            try
-            {
-                MockTlsServer server = new MockTlsServer();
-                TlsServerProtocol serverProtocol = new TlsServerProtocol(s.getInputStream(), s.getOutputStream(), secureRandom);
-                serverProtocol.accept(server);
-                OutputStream log = new TeeOutputStream(serverProtocol.getOutputStream(), System.out);
-                Streams.pipeAll(serverProtocol.getInputStream(), log);
-                serverProtocol.close();
-            }
-            catch (Exception e)
-            {
-                throw new RuntimeException(e);
-            }
-            finally
-            {
-                try
-                {
-                    s.close();
-                }
-                catch (IOException e)
-                {
-                }
-                finally
-                {
-                }
-            }
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsTestCase.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsTestCase.java
deleted file mode 100644
index 5aaf708..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsTestCase.java
+++ /dev/null

@@ -1,187 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.OutputStream;
-import java.io.PipedInputStream;
-import java.io.PipedOutputStream;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.tls.ProtocolVersion;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.io.Streams;
-
-import junit.framework.TestCase;
-
-public class TlsTestCase extends TestCase
-{
-    private static void checkTLSVersion(ProtocolVersion version)
-    {
-        if (version != null && !version.isTLS())
-        {
-            throw new IllegalStateException("Non-TLS version");
-        }
-    }
-
-    protected final TlsTestConfig config;
-
-    public TlsTestCase(String name)
-    {
-        super(name);
-
-        this.config = null;
-    }
-
-    public TlsTestCase(TlsTestConfig config, String name)
-    {
-        super(name);
-
-        checkTLSVersion(config.clientMinimumVersion);
-        checkTLSVersion(config.clientOfferVersion);
-        checkTLSVersion(config.serverMaximumVersion);
-        checkTLSVersion(config.serverMinimumVersion);
-
-        this.config = config;
-    }
-
-    public void testDummy()
-    {
-        // Avoid "No tests found" warning from junit
-    }
-
-    protected void runTest() throws Throwable
-    {
-        // Disable the test if it is not being run via TlsTestSuite
-        if (config == null)
-        {
-            return;
-        }
-
-        SecureRandom secureRandom = new SecureRandom();
-        
-        PipedInputStream clientRead = new PipedInputStream();
-        PipedInputStream serverRead = new PipedInputStream();
-        PipedOutputStream clientWrite = new PipedOutputStream(serverRead);
-        PipedOutputStream serverWrite = new PipedOutputStream(clientRead);
-
-        NetworkInputStream clientNetIn = new NetworkInputStream(clientRead);
-        NetworkInputStream serverNetIn = new NetworkInputStream(serverRead);
-        NetworkOutputStream clientNetOut = new NetworkOutputStream(clientWrite);
-        NetworkOutputStream serverNetOut = new NetworkOutputStream(serverWrite);
-
-        TlsTestClientProtocol clientProtocol = new TlsTestClientProtocol(clientNetIn, clientNetOut, secureRandom, config);
-        TlsTestServerProtocol serverProtocol = new TlsTestServerProtocol(serverNetIn, serverNetOut, secureRandom, config);
-
-        TlsTestClientImpl clientImpl = new TlsTestClientImpl(config);
-        TlsTestServerImpl serverImpl = new TlsTestServerImpl(config);
-
-        ServerThread serverThread = new ServerThread(serverProtocol, serverImpl);
-        serverThread.start();
-
-        Exception caught = null;
-        try
-        {
-            clientProtocol.connect(clientImpl);
-
-            // NOTE: Because we write-all before we read-any, this length can't be more than the pipe capacity
-            int length = 1000;
-
-            byte[] data = new byte[length];
-            secureRandom.nextBytes(data);
-    
-            OutputStream output = clientProtocol.getOutputStream();
-            output.write(data);
-    
-            byte[] echo = new byte[data.length];
-            int count = Streams.readFully(clientProtocol.getInputStream(), echo);
-    
-            assertEquals(count, data.length);
-            assertTrue(Arrays.areEqual(data, echo));
-    
-            output.close();
-        }
-        catch (Exception e)
-        {
-            caught = e;
-            logException(caught);
-        }
-
-        serverThread.allowExit();
-        serverThread.join();
-
-        assertTrue("Client InputStream not closed", clientNetIn.isClosed());
-        assertTrue("Client OutputStream not closed", clientNetOut.isClosed());
-        assertTrue("Server InputStream not closed", serverNetIn.isClosed());
-        assertTrue("Server OutputStream not closed", serverNetOut.isClosed());
-
-        assertEquals("Client fatal alert connection end", config.expectFatalAlertConnectionEnd, clientImpl.firstFatalAlertConnectionEnd);
-        assertEquals("Server fatal alert connection end", config.expectFatalAlertConnectionEnd, serverImpl.firstFatalAlertConnectionEnd);
-
-        assertEquals("Client fatal alert description", config.expectFatalAlertDescription, clientImpl.firstFatalAlertDescription);
-        assertEquals("Server fatal alert description", config.expectFatalAlertDescription, serverImpl.firstFatalAlertDescription);
-
-        if (config.expectFatalAlertConnectionEnd == -1)
-        {
-            assertNull("Unexpected client exception", caught);
-            assertNull("Unexpected server exception", serverThread.caught);
-        }
-    }
-
-    protected void logException(Exception e)
-    {
-        if (TlsTestConfig.DEBUG)
-        {
-            e.printStackTrace();
-        }
-    }
-
-    class ServerThread extends Thread
-    {
-        protected final TlsTestServerProtocol serverProtocol;
-        protected final TlsTestServerImpl serverImpl;
-
-        boolean canExit = false;
-        Exception caught = null;
-
-        ServerThread(TlsTestServerProtocol serverProtocol, TlsTestServerImpl serverImpl)
-        {
-            this.serverProtocol = serverProtocol;
-            this.serverImpl = serverImpl;
-        }
-
-        synchronized void allowExit()
-        {
-            canExit = true;
-            this.notifyAll();
-        }
-
-        public void run()
-        {
-            try
-            {
-                serverProtocol.accept(serverImpl);
-                Streams.pipeAll(serverProtocol.getInputStream(), serverProtocol.getOutputStream());
-                serverProtocol.close();
-            }
-            catch (Exception e)
-            {
-                caught = e;
-                logException(caught);
-            }
-
-            waitExit();
-        }
-
-        protected synchronized void waitExit()
-        {
-            while (!canExit)
-            {
-                try
-                {
-                    this.wait();
-                }
-                catch (InterruptedException e)
-                {
-                }
-            }
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsTestClientImpl.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsTestClientImpl.java
deleted file mode 100644
index bf20e9b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsTestClientImpl.java
+++ /dev/null

@@ -1,270 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.IOException;
-import java.io.PrintStream;
-import java.util.Hashtable;
-import java.util.Vector;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.Certificate;
-import org.bouncycastle.crypto.tls.AlertDescription;
-import org.bouncycastle.crypto.tls.AlertLevel;
-import org.bouncycastle.crypto.tls.CertificateRequest;
-import org.bouncycastle.crypto.tls.ClientCertificateType;
-import org.bouncycastle.crypto.tls.ConnectionEnd;
-import org.bouncycastle.crypto.tls.DefaultTlsClient;
-import org.bouncycastle.crypto.tls.ProtocolVersion;
-import org.bouncycastle.crypto.tls.SignatureAlgorithm;
-import org.bouncycastle.crypto.tls.SignatureAndHashAlgorithm;
-import org.bouncycastle.crypto.tls.TlsAuthentication;
-import org.bouncycastle.crypto.tls.TlsCredentials;
-import org.bouncycastle.crypto.tls.TlsFatalAlert;
-import org.bouncycastle.crypto.tls.TlsSignerCredentials;
-import org.bouncycastle.crypto.tls.TlsUtils;
-import org.bouncycastle.util.Arrays;
-
-class TlsTestClientImpl
-    extends DefaultTlsClient
-{
-    protected final TlsTestConfig config;
-
-    protected int firstFatalAlertConnectionEnd = -1;
-    protected short firstFatalAlertDescription = -1;
-
-    TlsTestClientImpl(TlsTestConfig config)
-    {
-        this.config = config;
-    }
-
-    int getFirstFatalAlertConnectionEnd()
-    {
-        return firstFatalAlertConnectionEnd;
-    }
-
-    short getFirstFatalAlertDescription()
-    {
-        return firstFatalAlertDescription;
-    }
-
-    public ProtocolVersion getClientVersion()
-    {
-        if (config.clientOfferVersion != null)
-        {
-            return config.clientOfferVersion;
-        }
-
-        return super.getClientVersion();
-    }
-
-    public ProtocolVersion getMinimumVersion()
-    {
-        if (config.clientMinimumVersion != null)
-        {
-            return config.clientMinimumVersion;
-        }
-
-        return super.getMinimumVersion();
-    }
-
-    public Hashtable getClientExtensions() throws IOException
-    {
-        Hashtable clientExtensions = super.getClientExtensions();
-        if (clientExtensions != null && !config.clientSendSignatureAlgorithms)
-        {
-            clientExtensions.remove(TlsUtils.EXT_signature_algorithms);
-            this.supportedSignatureAlgorithms = null;
-        }
-        return clientExtensions;
-    }
-
-    public boolean isFallback()
-    {
-        return config.clientFallback;
-    }
-
-    public void notifyAlertRaised(short alertLevel, short alertDescription, String message, Throwable cause)
-    {
-        if (alertLevel == AlertLevel.fatal && firstFatalAlertConnectionEnd == -1)
-        {
-            firstFatalAlertConnectionEnd = ConnectionEnd.client;
-            firstFatalAlertDescription = alertDescription;
-        }
-
-        if (TlsTestConfig.DEBUG)
-        {
-            PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
-            out.println("TLS client raised alert: " + AlertLevel.getText(alertLevel)
-                + ", " + AlertDescription.getText(alertDescription));
-            if (message != null)
-            {
-                out.println("> " + message);
-            }
-            if (cause != null)
-            {
-                cause.printStackTrace(out);
-            }
-        }
-    }
-
-    public void notifyAlertReceived(short alertLevel, short alertDescription)
-    {
-        if (alertLevel == AlertLevel.fatal && firstFatalAlertConnectionEnd == -1)
-        {
-            firstFatalAlertConnectionEnd = ConnectionEnd.server;
-            firstFatalAlertDescription = alertDescription;
-        }
-
-        if (TlsTestConfig.DEBUG)
-        {
-            PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
-            out.println("TLS client received alert: " + AlertLevel.getText(alertLevel)
-                + ", " + AlertDescription.getText(alertDescription));
-        }
-    }
-
-    public void notifyServerVersion(ProtocolVersion serverVersion) throws IOException
-    {
-        super.notifyServerVersion(serverVersion);
-
-        if (TlsTestConfig.DEBUG)
-        {
-            System.out.println("TLS client negotiated " + serverVersion);
-        }
-    }
-
-    public TlsAuthentication getAuthentication()
-        throws IOException
-    {
-        return new TlsAuthentication()
-        {
-            public void notifyServerCertificate(org.bouncycastle.crypto.tls.Certificate serverCertificate)
-                throws IOException
-            {
-                boolean isEmpty = serverCertificate == null || serverCertificate.isEmpty();
-
-                Certificate[] chain = serverCertificate.getCertificateList();
-
-                // TODO Cache test resources?
-                if (isEmpty || !(chain[0].equals(TlsTestUtils.loadCertificateResource("x509-server.pem"))
-                    || chain[0].equals(TlsTestUtils.loadCertificateResource("x509-server-dsa.pem"))
-                    || chain[0].equals(TlsTestUtils.loadCertificateResource("x509-server-ecdsa.pem"))))
-                {
-                    throw new TlsFatalAlert(AlertDescription.bad_certificate);
-                }
-
-                if (TlsTestConfig.DEBUG)
-                {
-                    System.out.println("TLS client received server certificate chain of length " + chain.length);
-                    for (int i = 0; i != chain.length; i++)
-                    {
-                        Certificate entry = chain[i];
-                        // TODO Create fingerprint based on certificate signature algorithm digest
-                        System.out.println("    fingerprint:SHA-256 " + TlsTestUtils.fingerprint(entry) + " ("
-                            + entry.getSubject() + ")");
-                    }
-                }
-            }
-
-            public TlsCredentials getClientCredentials(CertificateRequest certificateRequest)
-                throws IOException
-            {
-                if (config.serverCertReq == TlsTestConfig.SERVER_CERT_REQ_NONE)
-                {
-                    throw new IllegalStateException();
-                }
-                if (config.clientAuth == TlsTestConfig.CLIENT_AUTH_NONE)
-                {
-                    return null;
-                }
-
-                short[] certificateTypes = certificateRequest.getCertificateTypes();
-                if (certificateTypes == null || !Arrays.contains(certificateTypes, ClientCertificateType.rsa_sign))
-                {
-                    return null;
-                }
-
-                Vector supportedSigAlgs = certificateRequest.getSupportedSignatureAlgorithms();
-                if (supportedSigAlgs != null && config.clientAuthSigAlg != null)
-                {
-                    supportedSigAlgs = new Vector(1);
-                    supportedSigAlgs.addElement(config.clientAuthSigAlg);
-                }
-
-                final TlsSignerCredentials signerCredentials = TlsTestUtils.loadSignerCredentials(context,
-                    supportedSigAlgs, SignatureAlgorithm.rsa, "x509-client.pem", "x509-client-key.pem");
-
-                if (config.clientAuth == TlsTestConfig.CLIENT_AUTH_VALID)
-                {
-                    return signerCredentials;
-                }
-
-                return new TlsSignerCredentials()
-                {
-                    public byte[] generateCertificateSignature(byte[] hash) throws IOException
-                    {
-                        byte[] sig = signerCredentials.generateCertificateSignature(hash);
-
-                        if (config.clientAuth == TlsTestConfig.CLIENT_AUTH_INVALID_VERIFY)
-                        {
-                            sig = corruptBit(sig);
-                        }
-
-                        return sig;
-                    }
-
-                    public org.bouncycastle.crypto.tls.Certificate getCertificate()
-                    {
-                        org.bouncycastle.crypto.tls.Certificate cert = signerCredentials.getCertificate();
-
-                        if (config.clientAuth == TlsTestConfig.CLIENT_AUTH_INVALID_CERT)
-                        {
-                            cert = corruptCertificate(cert);
-                        }
-
-                        return cert;
-                    }
-
-                    public SignatureAndHashAlgorithm getSignatureAndHashAlgorithm()
-                    {
-                        return signerCredentials.getSignatureAndHashAlgorithm();
-                    }
-                };
-            }
-        };
-    }
-
-    protected org.bouncycastle.crypto.tls.Certificate corruptCertificate(org.bouncycastle.crypto.tls.Certificate cert)
-    {
-        Certificate[] certList = cert.getCertificateList();
-        certList[0] = corruptCertificateSignature(certList[0]);
-        return new org.bouncycastle.crypto.tls.Certificate(certList);
-    }
-
-    protected Certificate corruptCertificateSignature(Certificate cert)
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        v.add(cert.getTBSCertificate());
-        v.add(cert.getSignatureAlgorithm());
-        v.add(corruptSignature(cert.getSignature()));
-
-        return Certificate.getInstance(new DERSequence(v));
-    }
-
-    protected DERBitString corruptSignature(DERBitString bs)
-    {
-        return new DERBitString(corruptBit(bs.getOctets()));
-    }
-
-    protected byte[] corruptBit(byte[] bs)
-    {
-        bs = Arrays.clone(bs);
-
-        // Flip a random bit
-        int bit = context.getSecureRandom().nextInt(bs.length << 3); 
-        bs[bit >>> 3] ^= (1 << (bit & 7));
-
-        return bs;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsTestClientProtocol.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsTestClientProtocol.java
deleted file mode 100644
index 2f6f751..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsTestClientProtocol.java
+++ /dev/null

@@ -1,31 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.tls.DigitallySigned;
-import org.bouncycastle.crypto.tls.TlsClientProtocol;
-
-class TlsTestClientProtocol extends TlsClientProtocol
-{
-    protected final TlsTestConfig config;
-
-    public TlsTestClientProtocol(InputStream input, OutputStream output, SecureRandom secureRandom, TlsTestConfig config)
-    {
-        super(input, output, secureRandom);
-
-        this.config = config;
-    }
-
-    protected void sendCertificateVerifyMessage(DigitallySigned certificateVerify) throws IOException
-    {
-        if (certificateVerify.getAlgorithm() != null && config.clientAuthSigAlgClaimed != null)
-        {
-            certificateVerify = new DigitallySigned(config.clientAuthSigAlgClaimed, certificateVerify.getSignature());
-        }
-
-        super.sendCertificateVerifyMessage(certificateVerify);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsTestConfig.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsTestConfig.java
deleted file mode 100644
index 700aa41..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsTestConfig.java
+++ /dev/null

@@ -1,133 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.util.Vector;
-
-import org.bouncycastle.crypto.tls.ConnectionEnd;
-import org.bouncycastle.crypto.tls.ProtocolVersion;
-import org.bouncycastle.crypto.tls.SignatureAndHashAlgorithm;
-
-public class TlsTestConfig
-{
-    public static final boolean DEBUG = false;
-
-    /**
-     * Client does not authenticate, ignores any certificate request
-     */
-    public static final int CLIENT_AUTH_NONE = 0;
-
-    /**
-     * Client will authenticate if it receives a certificate request
-     */
-    public static final int CLIENT_AUTH_VALID = 1;
-
-    /**
-     * Client will authenticate if it receives a certificate request, with an invalid certificate
-     */
-    public static final int CLIENT_AUTH_INVALID_CERT = 2;
-
-    /**
-     * Client will authenticate if it receives a certificate request, with an invalid CertificateVerify signature
-     */
-    public static final int CLIENT_AUTH_INVALID_VERIFY = 3;
-
-    /**
-     * Server will not request a client certificate
-     */
-    public static final int SERVER_CERT_REQ_NONE = 0;
-
-    /**
-     * Server will request a client certificate but receiving one is optional
-     */
-    public static final int SERVER_CERT_REQ_OPTIONAL = 1;
-
-    /**
-     * Server will request a client certificate and receiving one is mandatory
-     */
-    public static final int SERVER_CERT_REQ_MANDATORY = 2;
-
-    /**
-     * Configures the client authentication behaviour of the test client. Use CLIENT_AUTH_* constants.
-     */
-    public int clientAuth = CLIENT_AUTH_VALID;
-
-    /**
-     * If not null, and TLS 1.2 or higher is negotiated, selects a fixed signature/hash algorithm to
-     * be used for the CertificateVerify signature (if one is sent).
-     */
-    public SignatureAndHashAlgorithm clientAuthSigAlg = null;
-
-    /**
-     * If not null, and TLS 1.2 or higher is negotiated, selects a fixed signature/hash algorithm to
-     * be _claimed_ in the CertificateVerify (if one is sent), independently of what was actually used.
-     */
-    public SignatureAndHashAlgorithm clientAuthSigAlgClaimed = null;
-
-    /**
-     * Configures the minimum protocol version the client will accept. If null, uses the library's default.
-     */
-    public ProtocolVersion clientMinimumVersion = null;
-
-    /**
-     * Configures the protocol version the client will offer. If null, uses the library's default.
-     */
-    public ProtocolVersion clientOfferVersion = null;
-
-    /**
-     * Configures whether the client will indicate version fallback via TLS_FALLBACK_SCSV.
-     */
-    public boolean clientFallback = false;
-
-    /**
-     * Configures whether a (TLS 1.2+) client will send the signature_algorithms extension in ClientHello.
-     */
-    public boolean clientSendSignatureAlgorithms = true;
-
-    /**
-     * If not null, and TLS 1.2 or higher is negotiated, selects a fixed signature/hash algorithm to
-     * be used for the ServerKeyExchange signature (if one is sent).
-     */
-    public SignatureAndHashAlgorithm serverAuthSigAlg = null;
-
-    /**
-     * Configures whether the test server will send a certificate request.
-     */
-    public int serverCertReq = SERVER_CERT_REQ_OPTIONAL;
-
-    /**
-     * If TLS 1.2 or higher is negotiated, configures the set of supported signature algorithms in the
-     * CertificateRequest (if one is sent). If null, uses a default set.
-     */
-    public Vector serverCertReqSigAlgs = null;
-
-    /**
-     * Configures the maximum protocol version the server will accept. If null, uses the library's default.
-     */
-    public ProtocolVersion serverMaximumVersion = null;
-
-    /**
-     * Configures the minimum protocol version the server will accept. If null, uses the library's default.
-     */
-    public ProtocolVersion serverMinimumVersion = null;
-
-    /**
-     * Configures the connection end that a fatal alert is expected to be raised. Use ConnectionEnd.* constants.
-     */
-    public int expectFatalAlertConnectionEnd = -1;
-
-    /**
-     * Configures the type of fatal alert expected to be raised. Use AlertDescription.* constants.
-     */
-    public short expectFatalAlertDescription = -1;
-
-    public void expectClientFatalAlert(short alertDescription)
-    {
-        this.expectFatalAlertConnectionEnd = ConnectionEnd.client;
-        this.expectFatalAlertDescription = alertDescription;
-    }
-
-    public void expectServerFatalAlert(short alertDescription)
-    {
-        this.expectFatalAlertConnectionEnd = ConnectionEnd.server;
-        this.expectFatalAlertDescription = alertDescription;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsTestServerImpl.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsTestServerImpl.java
deleted file mode 100644
index a883bde..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsTestServerImpl.java
+++ /dev/null

@@ -1,214 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.IOException;
-import java.io.PrintStream;
-import java.util.Vector;
-
-import org.bouncycastle.asn1.x509.Certificate;
-import org.bouncycastle.crypto.tls.AlertDescription;
-import org.bouncycastle.crypto.tls.AlertLevel;
-import org.bouncycastle.crypto.tls.CertificateRequest;
-import org.bouncycastle.crypto.tls.ClientCertificateType;
-import org.bouncycastle.crypto.tls.ConnectionEnd;
-import org.bouncycastle.crypto.tls.DefaultTlsServer;
-import org.bouncycastle.crypto.tls.ProtocolVersion;
-import org.bouncycastle.crypto.tls.SignatureAlgorithm;
-import org.bouncycastle.crypto.tls.TlsEncryptionCredentials;
-import org.bouncycastle.crypto.tls.TlsFatalAlert;
-import org.bouncycastle.crypto.tls.TlsSignerCredentials;
-import org.bouncycastle.crypto.tls.TlsUtils;
-
-class TlsTestServerImpl
-    extends DefaultTlsServer
-{
-    protected final TlsTestConfig config;
-
-    protected int firstFatalAlertConnectionEnd = -1;
-    protected short firstFatalAlertDescription = -1;
-
-    TlsTestServerImpl(TlsTestConfig config)
-    {
-        this.config = config;
-    }
-
-    int getFirstFatalAlertConnectionEnd()
-    {
-        return firstFatalAlertConnectionEnd;
-    }
-
-    short getFirstFatalAlertDescription()
-    {
-        return firstFatalAlertDescription;
-    }
-
-    protected ProtocolVersion getMaximumVersion()
-    {
-        if (config.serverMaximumVersion != null)
-        {
-            return config.serverMaximumVersion;
-        }
-
-        return super.getMaximumVersion();
-    }
-
-    protected ProtocolVersion getMinimumVersion()
-    {
-        if (config.serverMinimumVersion != null)
-        {
-            return config.serverMinimumVersion;
-        }
-
-        return super.getMinimumVersion();
-    }
-
-    public void notifyAlertRaised(short alertLevel, short alertDescription, String message, Throwable cause)
-    {
-        if (alertLevel == AlertLevel.fatal && firstFatalAlertConnectionEnd == -1)
-        {
-            firstFatalAlertConnectionEnd = ConnectionEnd.server;
-            firstFatalAlertDescription = alertDescription;
-        }
-
-        if (TlsTestConfig.DEBUG)
-        {
-            PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
-            out.println("TLS server raised alert: " + AlertLevel.getText(alertLevel)
-                + ", " + AlertDescription.getText(alertDescription));
-            if (message != null)
-            {
-                out.println("> " + message);
-            }
-            if (cause != null)
-            {
-                cause.printStackTrace(out);
-            }
-        }
-    }
-
-    public void notifyAlertReceived(short alertLevel, short alertDescription)
-    {
-        if (alertLevel == AlertLevel.fatal && firstFatalAlertConnectionEnd == -1)
-        {
-            firstFatalAlertConnectionEnd = ConnectionEnd.client;
-            firstFatalAlertDescription = alertDescription;
-        }
-
-        if (TlsTestConfig.DEBUG)
-        {
-            PrintStream out = (alertLevel == AlertLevel.fatal) ? System.err : System.out;
-            out.println("TLS server received alert: " + AlertLevel.getText(alertLevel)
-                + ", " + AlertDescription.getText(alertDescription));
-        }
-    }
-
-    public ProtocolVersion getServerVersion() throws IOException
-    {
-        ProtocolVersion serverVersion = super.getServerVersion();
-
-        if (TlsTestConfig.DEBUG)
-        {
-            System.out.println("TLS server negotiated " + serverVersion);
-        }
-
-        return serverVersion;
-    }
-
-    public CertificateRequest getCertificateRequest() throws IOException
-    {
-        if (config.serverCertReq == TlsTestConfig.SERVER_CERT_REQ_NONE)
-        {
-            return null;
-        }
-
-        short[] certificateTypes = new short[]{ ClientCertificateType.rsa_sign,
-            ClientCertificateType.dss_sign, ClientCertificateType.ecdsa_sign };
-
-        Vector serverSigAlgs = null;
-        if (TlsUtils.isSignatureAlgorithmsExtensionAllowed(serverVersion))
-        {
-            serverSigAlgs = config.serverCertReqSigAlgs;
-            if (serverSigAlgs == null)
-            {
-                serverSigAlgs = TlsUtils.getDefaultSupportedSignatureAlgorithms();
-            }
-        }
-
-        Vector certificateAuthorities = new Vector();
-        certificateAuthorities.addElement(TlsTestUtils.loadCertificateResource("x509-ca.pem").getSubject());
-
-        return new CertificateRequest(certificateTypes, serverSigAlgs, certificateAuthorities);
-    }
-
-    public void notifyClientCertificate(org.bouncycastle.crypto.tls.Certificate clientCertificate)
-        throws IOException
-    {
-        boolean isEmpty = (clientCertificate == null || clientCertificate.isEmpty());
-
-        if (isEmpty != (config.clientAuth == TlsTestConfig.CLIENT_AUTH_NONE))
-        {
-            throw new IllegalStateException();
-        }
-        if (isEmpty && (config.serverCertReq == TlsTestConfig.SERVER_CERT_REQ_MANDATORY))
-        {
-            throw new TlsFatalAlert(AlertDescription.handshake_failure);
-        }
-
-        Certificate[] chain = clientCertificate.getCertificateList();
-
-        // TODO Cache test resources?
-        if (!isEmpty && !(chain[0].equals(TlsTestUtils.loadCertificateResource("x509-client.pem"))
-            || chain[0].equals(TlsTestUtils.loadCertificateResource("x509-client-dsa.pem"))
-            || chain[0].equals(TlsTestUtils.loadCertificateResource("x509-client-ecdsa.pem"))))
-        {
-            throw new TlsFatalAlert(AlertDescription.bad_certificate);
-        }
-
-        if (TlsTestConfig.DEBUG)
-        {
-            System.out.println("TLS server received client certificate chain of length " + chain.length);
-            for (int i = 0; i != chain.length; i++)
-            {
-                Certificate entry = chain[i];
-                // TODO Create fingerprint based on certificate signature algorithm digest
-                System.out.println("    fingerprint:SHA-256 " + TlsTestUtils.fingerprint(entry) + " ("
-                    + entry.getSubject() + ")");
-            }
-        }
-    }
-
-    protected Vector getSupportedSignatureAlgorithms()
-    {
-        if (TlsUtils.isTLSv12(context) && config.serverAuthSigAlg != null)
-        {
-            Vector signatureAlgorithms = new Vector(1);
-            signatureAlgorithms.addElement(config.serverAuthSigAlg);
-            return signatureAlgorithms;
-        }
-
-        return supportedSignatureAlgorithms;
-    }
-
-    protected TlsSignerCredentials getDSASignerCredentials() throws IOException
-    {
-        return TlsTestUtils.loadSignerCredentials(context, getSupportedSignatureAlgorithms(), SignatureAlgorithm.dsa,
-            "x509-server-dsa.pem", "x509-server-key-dsa.pem");
-    }
-
-    protected TlsSignerCredentials getECDSASignerCredentials() throws IOException
-    {
-        return TlsTestUtils.loadSignerCredentials(context, getSupportedSignatureAlgorithms(), SignatureAlgorithm.ecdsa,
-            "x509-server-ecdsa.pem", "x509-server-key-ecdsa.pem");
-    }
-
-    protected TlsEncryptionCredentials getRSAEncryptionCredentials() throws IOException
-    {
-        return TlsTestUtils.loadEncryptionCredentials(context, new String[]{ "x509-server.pem", "x509-ca.pem" },
-            "x509-server-key.pem");
-    }
-
-    protected TlsSignerCredentials getRSASignerCredentials() throws IOException
-    {
-        return TlsTestUtils.loadSignerCredentials(context, getSupportedSignatureAlgorithms(), SignatureAlgorithm.rsa,
-            "x509-server.pem", "x509-server-key.pem");
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsTestServerProtocol.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsTestServerProtocol.java
deleted file mode 100644
index 0bfc985..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsTestServerProtocol.java
+++ /dev/null

@@ -1,19 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.tls.TlsServerProtocol;
-
-class TlsTestServerProtocol extends TlsServerProtocol
-{
-    protected final TlsTestConfig config;
-
-    public TlsTestServerProtocol(InputStream input, OutputStream output, SecureRandom secureRandom, TlsTestConfig config)
-    {
-        super(input, output, secureRandom);
-
-        this.config = config;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsTestSuite.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsTestSuite.java
deleted file mode 100644
index c661db0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsTestSuite.java
+++ /dev/null

@@ -1,206 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import org.bouncycastle.crypto.tls.AlertDescription;
-import org.bouncycastle.crypto.tls.HashAlgorithm;
-import org.bouncycastle.crypto.tls.ProtocolVersion;
-import org.bouncycastle.crypto.tls.SignatureAlgorithm;
-import org.bouncycastle.crypto.tls.SignatureAndHashAlgorithm;
-import org.bouncycastle.crypto.tls.TlsUtils;
-
-import junit.framework.Test;
-import junit.framework.TestSuite;
-
-public class TlsTestSuite extends TestSuite
-{
-    // Make the access to constants less verbose 
-    static abstract class C extends TlsTestConfig {}
-
-    public TlsTestSuite()
-    {
-        super("TLS");
-    }
-
-    public static Test suite()
-    {
-        TlsTestSuite testSuite = new TlsTestSuite();
-
-        addFallbackTests(testSuite);
-        addVersionTests(testSuite, ProtocolVersion.SSLv3);
-        addVersionTests(testSuite, ProtocolVersion.TLSv10);
-        addVersionTests(testSuite, ProtocolVersion.TLSv11);
-        addVersionTests(testSuite, ProtocolVersion.TLSv12);
-
-        return testSuite;
-    }
-
-    private static void addFallbackTests(TestSuite testSuite)
-    {
-        {
-            TlsTestConfig c = createTlsTestConfig(ProtocolVersion.TLSv12);
-            c.clientFallback = true;
-
-            addTestCase(testSuite, c, "FallbackGood");
-        }
-
-        {
-            TlsTestConfig c = createTlsTestConfig(ProtocolVersion.TLSv12);
-            c.clientOfferVersion = ProtocolVersion.TLSv11;
-            c.clientFallback = true;
-            c.expectServerFatalAlert(AlertDescription.inappropriate_fallback);
-
-            addTestCase(testSuite, c, "FallbackBad");
-        }
-
-        {
-            TlsTestConfig c = createTlsTestConfig(ProtocolVersion.TLSv12);
-            c.clientOfferVersion = ProtocolVersion.TLSv11;
-
-            addTestCase(testSuite, c, "FallbackNone");
-        }
-    }
-
-    private static void addVersionTests(TestSuite testSuite, ProtocolVersion version)
-    {
-        String prefix = version.toString().replaceAll("[ \\.]", "") + "_";
-
-        {
-            TlsTestConfig c = createTlsTestConfig(version);
-
-            addTestCase(testSuite, c, prefix + "GoodDefault");
-        }
-
-        /*
-         * Server only declares support for SHA1/RSA, client selects MD5/RSA. Since the client is
-         * NOT actually tracking MD5 over the handshake, we expect fatal alert from the client.
-         */
-        if (TlsUtils.isTLSv12(version))
-        {
-            TlsTestConfig c = createTlsTestConfig(version);
-            c.clientAuth = C.CLIENT_AUTH_VALID;
-            c.clientAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.md5, SignatureAlgorithm.rsa);
-            c.serverCertReqSigAlgs = TlsUtils.getDefaultRSASignatureAlgorithms();
-            c.expectClientFatalAlert(AlertDescription.internal_error);
-
-            addTestCase(testSuite, c, prefix + "BadCertificateVerifyHashAlg");
-        }
-
-        /*
-         * Server only declares support for SHA1/ECDSA, client selects SHA1/RSA. Since the client is
-         * actually tracking SHA1 over the handshake, we expect fatal alert to come from the server
-         * when it verifies the selected algorithm against the CertificateRequest supported
-         * algorithms.
-         */
-        if (TlsUtils.isTLSv12(version))
-        {
-            TlsTestConfig c = createTlsTestConfig(version);
-            c.clientAuth = C.CLIENT_AUTH_VALID;
-            c.clientAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.rsa);
-            c.serverCertReqSigAlgs = TlsUtils.getDefaultECDSASignatureAlgorithms();
-            c.expectServerFatalAlert(AlertDescription.illegal_parameter);
-
-            addTestCase(testSuite, c, prefix + "BadCertificateVerifySigAlg");
-        }
-
-        /*
-         * Server only declares support for SHA1/ECDSA, client signs with SHA1/RSA, but sends
-         * SHA1/ECDSA in the CertificateVerify. Since the client is actually tracking SHA1 over the
-         * handshake, and the claimed algorithm is in the CertificateRequest supported algorithms,
-         * we expect fatal alert to come from the server when it finds the claimed algorithm
-         * doesn't match the client certificate.
-         */
-        if (TlsUtils.isTLSv12(version))
-        {
-            TlsTestConfig c = createTlsTestConfig(version);
-            c.clientAuth = C.CLIENT_AUTH_VALID;
-            c.clientAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.rsa);
-            c.clientAuthSigAlgClaimed = new SignatureAndHashAlgorithm(HashAlgorithm.sha1, SignatureAlgorithm.ecdsa);
-            c.serverCertReqSigAlgs = TlsUtils.getDefaultECDSASignatureAlgorithms();
-            c.expectServerFatalAlert(AlertDescription.decrypt_error);
-
-            addTestCase(testSuite, c, prefix + "BadCertificateVerifySigAlgMismatch");
-        }
-
-        {
-            TlsTestConfig c = createTlsTestConfig(version);
-            c.clientAuth = C.CLIENT_AUTH_INVALID_VERIFY;
-            c.expectServerFatalAlert(AlertDescription.decrypt_error);
-
-            addTestCase(testSuite, c, prefix + "BadCertificateVerifySignature");
-        }
-
-        {
-            TlsTestConfig c = createTlsTestConfig(version);
-            c.clientAuth = C.CLIENT_AUTH_INVALID_CERT;
-            c.expectServerFatalAlert(AlertDescription.bad_certificate);
-
-            addTestCase(testSuite, c, prefix + "BadClientCertificate");
-        }
-
-        {
-            TlsTestConfig c = createTlsTestConfig(version);
-            c.clientAuth = C.CLIENT_AUTH_NONE;
-            c.serverCertReq = C.SERVER_CERT_REQ_MANDATORY;
-            c.expectServerFatalAlert(AlertDescription.handshake_failure);
-
-            addTestCase(testSuite, c, prefix + "BadMandatoryCertReqDeclined");
-        }
-
-        /*
-         * Server selects MD5/RSA for ServerKeyExchange signature, which is not in the default
-         * supported signature algorithms that the client sent. We expect fatal alert from the
-         * client when it verifies the selected algorithm against the supported algorithms.
-         */
-        if (TlsUtils.isTLSv12(version))
-        {
-            TlsTestConfig c = createTlsTestConfig(version);
-            c.serverAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.md5, SignatureAlgorithm.rsa);
-            c.expectClientFatalAlert(AlertDescription.illegal_parameter);
-
-            addTestCase(testSuite, c, prefix + "BadServerKeyExchangeSigAlg");
-        }
-
-        /*
-         * Server selects MD5/RSA for ServerKeyExchange signature, which is not the default {sha1,rsa}
-         * implied by the absent signature_algorithms extension. We expect fatal alert from the
-         * client when it verifies the selected algorithm against the implicit default.
-         */
-        if (TlsUtils.isTLSv12(version))
-        {
-            TlsTestConfig c = createTlsTestConfig(version);
-            c.clientSendSignatureAlgorithms = false;
-            c.serverAuthSigAlg = new SignatureAndHashAlgorithm(HashAlgorithm.md5, SignatureAlgorithm.rsa);
-            c.expectClientFatalAlert(AlertDescription.illegal_parameter);
-
-            addTestCase(testSuite, c, prefix + "BadServerKeyExchangeSigAlg2");
-        }
-
-        {
-            TlsTestConfig c = createTlsTestConfig(version);
-            c.serverCertReq = C.SERVER_CERT_REQ_NONE;
-
-            addTestCase(testSuite, c, prefix + "GoodNoCertReq");
-        }
-
-        {
-            TlsTestConfig c = createTlsTestConfig(version);
-            c.clientAuth = C.CLIENT_AUTH_NONE;
-
-            addTestCase(testSuite, c, prefix + "GoodOptionalCertReqDeclined");
-        }
-    }
-
-    private static void addTestCase(TestSuite testSuite, TlsTestConfig config, String name)
-    {
-        testSuite.addTest(new TlsTestCase(config, name));
-    }
-
-    private static TlsTestConfig createTlsTestConfig(ProtocolVersion version)
-    {
-        TlsTestConfig c = new TlsTestConfig();
-        c.clientMinimumVersion = ProtocolVersion.SSLv3;
-        c.clientOfferVersion = ProtocolVersion.TLSv12;
-        c.serverMaximumVersion = version;
-        c.serverMinimumVersion = ProtocolVersion.SSLv3;
-        return c;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsTestUtils.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsTestUtils.java
deleted file mode 100644
index c68c014..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/TlsTestUtils.java
+++ /dev/null

@@ -1,191 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InputStreamReader;
-import java.util.Vector;
-
-import org.bouncycastle.asn1.pkcs.RSAPrivateKey;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
-import org.bouncycastle.crypto.tls.Certificate;
-import org.bouncycastle.crypto.tls.DefaultTlsAgreementCredentials;
-import org.bouncycastle.crypto.tls.DefaultTlsEncryptionCredentials;
-import org.bouncycastle.crypto.tls.DefaultTlsSignerCredentials;
-import org.bouncycastle.crypto.tls.SignatureAndHashAlgorithm;
-import org.bouncycastle.crypto.tls.TlsAgreementCredentials;
-import org.bouncycastle.crypto.tls.TlsContext;
-import org.bouncycastle.crypto.tls.TlsEncryptionCredentials;
-import org.bouncycastle.crypto.tls.TlsSignerCredentials;
-import org.bouncycastle.crypto.util.PrivateKeyFactory;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.io.pem.PemObject;
-import org.bouncycastle.util.io.pem.PemReader;
-
-public class TlsTestUtils
-{
-    static final byte[] rsaCertData = Base64
-        .decode("MIICUzCCAf2gAwIBAgIBATANBgkqhkiG9w0BAQQFADCBjzELMAkGA1UEBhMCQVUxKDAmBgNVBAoMH1RoZSBMZWdpb2"
-            + "4gb2YgdGhlIEJvdW5jeSBDYXN0bGUxEjAQBgNVBAcMCU1lbGJvdXJuZTERMA8GA1UECAwIVmljdG9yaWExLzAtBgkq"
-            + "hkiG9w0BCQEWIGZlZWRiYWNrLWNyeXB0b0Bib3VuY3ljYXN0bGUub3JnMB4XDTEzMDIyNTA2MDIwNVoXDTEzMDIyNT"
-            + "A2MDM0NVowgY8xCzAJBgNVBAYTAkFVMSgwJgYDVQQKDB9UaGUgTGVnaW9uIG9mIHRoZSBCb3VuY3kgQ2FzdGxlMRIw"
-            + "EAYDVQQHDAlNZWxib3VybmUxETAPBgNVBAgMCFZpY3RvcmlhMS8wLQYJKoZIhvcNAQkBFiBmZWVkYmFjay1jcnlwdG"
-            + "9AYm91bmN5Y2FzdGxlLm9yZzBaMA0GCSqGSIb3DQEBAQUAA0kAMEYCQQC0p+RhcFdPFqlwgrIr5YtqKmKXmEGb4Shy"
-            + "pL26Ymz66ZAPdqv7EhOdzl3lZWT6srZUMWWgQMYGiHQg4z2R7X7XAgERo0QwQjAOBgNVHQ8BAf8EBAMCBSAwEgYDVR"
-            + "0lAQH/BAgwBgYEVR0lADAcBgNVHREBAf8EEjAQgQ50ZXN0QHRlc3QudGVzdDANBgkqhkiG9w0BAQQFAANBAHU55Ncz"
-            + "eglREcTg54YLUlGWu2WOYWhit/iM1eeq8Kivro7q98eW52jTuMI3CI5ulqd0hYzshQKQaZ5GDzErMyM=");
-
-    static final byte[] dudRsaCertData = Base64
-        .decode("MIICUzCCAf2gAwIBAgIBATANBgkqhkiG9w0BAQQFADCBjzELMAkGA1UEBhMCQVUxKDAmBgNVBAoMH1RoZSBMZWdpb2"
-            + "4gb2YgdGhlIEJvdW5jeSBDYXN0bGUxEjAQBgNVBAcMCU1lbGJvdXJuZTERMA8GA1UECAwIVmljdG9yaWExLzAtBgkq"
-            + "hkiG9w0BCQEWIGZlZWRiYWNrLWNyeXB0b0Bib3VuY3ljYXN0bGUub3JnMB4XDTEzMDIyNTA1NDcyOFoXDTEzMDIyNT"
-            + "A1NDkwOFowgY8xCzAJBgNVBAYTAkFVMSgwJgYDVQQKDB9UaGUgTGVnaW9uIG9mIHRoZSBCb3VuY3kgQ2FzdGxlMRIw"
-            + "EAYDVQQHDAlNZWxib3VybmUxETAPBgNVBAgMCFZpY3RvcmlhMS8wLQYJKoZIhvcNAQkBFiBmZWVkYmFjay1jcnlwdG"
-            + "9AYm91bmN5Y2FzdGxlLm9yZzBaMA0GCSqGSIb3DQEBAQUAA0kAMEYCQQC0p+RhcFdPFqlwgrIr5YtqKmKXmEGb4Shy"
-            + "pL26Ymz66ZAPdqv7EhOdzl3lZWT6srZUMWWgQMYGiHQg4z2R7X7XAgERo0QwQjAOBgNVHQ8BAf8EBAMCAAEwEgYDVR"
-            + "0lAQH/BAgwBgYEVR0lADAcBgNVHREBAf8EEjAQgQ50ZXN0QHRlc3QudGVzdDANBgkqhkiG9w0BAQQFAANBAJg55PBS"
-            + "weg6obRUKF4FF6fCrWFi6oCYSQ99LWcAeupc5BofW5MstFMhCOaEucuGVqunwT5G7/DweazzCIrSzB0=");
-
-    static String fingerprint(org.bouncycastle.asn1.x509.Certificate c)
-        throws IOException
-    {
-        byte[] der = c.getEncoded();
-        byte[] sha1 = sha256DigestOf(der);
-        byte[] hexBytes = Hex.encode(sha1);
-        String hex = new String(hexBytes, "ASCII").toUpperCase();
-
-        StringBuffer fp = new StringBuffer();
-        int i = 0;
-        fp.append(hex.substring(i, i + 2));
-        while ((i += 2) < hex.length())
-        {
-            fp.append(':');
-            fp.append(hex.substring(i, i + 2));
-        }
-        return fp.toString();
-    }
-
-    static byte[] sha256DigestOf(byte[] input)
-    {
-        SHA256Digest d = new SHA256Digest();
-        d.update(input, 0, input.length);
-        byte[] result = new byte[d.getDigestSize()];
-        d.doFinal(result, 0);
-        return result;
-    }
-
-    static TlsAgreementCredentials loadAgreementCredentials(TlsContext context,
-        String[] certResources, String keyResource)
-        throws IOException
-    {
-        Certificate certificate = loadCertificateChain(certResources);
-        AsymmetricKeyParameter privateKey = loadPrivateKeyResource(keyResource);
-
-        return new DefaultTlsAgreementCredentials(certificate, privateKey);
-    }
-
-    static TlsEncryptionCredentials loadEncryptionCredentials(TlsContext context,
-        String[] certResources, String keyResource)
-        throws IOException
-    {
-        Certificate certificate = loadCertificateChain(certResources);
-        AsymmetricKeyParameter privateKey = loadPrivateKeyResource(keyResource);
-
-        return new DefaultTlsEncryptionCredentials(context, certificate, privateKey);
-    }
-
-    static TlsSignerCredentials loadSignerCredentials(TlsContext context, String[] certResources,
-        String keyResource, SignatureAndHashAlgorithm signatureAndHashAlgorithm)
-        throws IOException
-    {
-        Certificate certificate = loadCertificateChain(certResources);
-        AsymmetricKeyParameter privateKey = loadPrivateKeyResource(keyResource);
-
-        return new DefaultTlsSignerCredentials(context, certificate, privateKey, signatureAndHashAlgorithm);
-    }
-
-    static TlsSignerCredentials loadSignerCredentials(TlsContext context, Vector supportedSignatureAlgorithms,
-        short signatureAlgorithm, String certResource, String keyResource)
-        throws IOException
-    {
-        /*
-         * TODO Note that this code fails to provide default value for the client supported
-         * algorithms if it wasn't sent.
-         */
-     
-        SignatureAndHashAlgorithm signatureAndHashAlgorithm = null;
-        if (supportedSignatureAlgorithms != null)
-        {
-            for (int i = 0; i < supportedSignatureAlgorithms.size(); ++i)
-            {
-                SignatureAndHashAlgorithm alg = (SignatureAndHashAlgorithm)
-                    supportedSignatureAlgorithms.elementAt(i);
-                if (alg.getSignature() == signatureAlgorithm)
-                {
-                    signatureAndHashAlgorithm = alg;
-                    break;
-                }
-            }
-
-            if (signatureAndHashAlgorithm == null)
-            {
-                return null;
-            }
-        }
-
-        return loadSignerCredentials(context, new String[]{ certResource, "x509-ca.pem" },
-            keyResource, signatureAndHashAlgorithm);
-    }
-
-    static Certificate loadCertificateChain(String[] resources)
-        throws IOException
-    {
-        org.bouncycastle.asn1.x509.Certificate[] chain = new org.bouncycastle.asn1.x509.Certificate[resources.length];
-        for (int i = 0; i < resources.length; ++i)
-        {
-            chain[i] = loadCertificateResource(resources[i]);
-        }
-        return new Certificate(chain);
-    }
-
-    static org.bouncycastle.asn1.x509.Certificate loadCertificateResource(String resource)
-        throws IOException
-    {
-        PemObject pem = loadPemResource(resource);
-        if (pem.getType().endsWith("CERTIFICATE"))
-        {
-            return org.bouncycastle.asn1.x509.Certificate.getInstance(pem.getContent());
-        }
-        throw new IllegalArgumentException("'resource' doesn't specify a valid certificate");
-    }
-
-    static AsymmetricKeyParameter loadPrivateKeyResource(String resource)
-        throws IOException
-    {
-        PemObject pem = loadPemResource(resource);
-        if (pem.getType().endsWith("RSA PRIVATE KEY"))
-        {
-            RSAPrivateKey rsa = RSAPrivateKey.getInstance(pem.getContent());
-            return new RSAPrivateCrtKeyParameters(rsa.getModulus(), rsa.getPublicExponent(),
-                rsa.getPrivateExponent(), rsa.getPrime1(), rsa.getPrime2(), rsa.getExponent1(),
-                rsa.getExponent2(), rsa.getCoefficient());
-        }
-        if (pem.getType().endsWith("PRIVATE KEY"))
-        {
-            return PrivateKeyFactory.createKey(pem.getContent());
-        }
-        throw new IllegalArgumentException("'resource' doesn't specify a valid private key");
-    }
-
-    static PemObject loadPemResource(String resource)
-        throws IOException
-    {
-        InputStream s = TlsTestUtils.class.getResourceAsStream(resource);
-        PemReader p = new PemReader(new InputStreamReader(s));
-        PemObject o = p.readPemObject();
-        p.close();
-        return o;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/UnreliableDatagramTransport.java b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/UnreliableDatagramTransport.java
deleted file mode 100644
index bdc205a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/UnreliableDatagramTransport.java
+++ /dev/null

@@ -1,93 +0,0 @@
-package org.bouncycastle.crypto.tls.test;
-
-import java.io.IOException;
-import java.util.Random;
-
-import org.bouncycastle.crypto.tls.DatagramTransport;
-
-public class UnreliableDatagramTransport
-    implements DatagramTransport
-{
-
-    private final DatagramTransport transport;
-    private final Random random;
-    private final int percentPacketLossReceiving, percentPacketLossSending;
-
-    public UnreliableDatagramTransport(DatagramTransport transport, Random random,
-                                       int percentPacketLossReceiving, int percentPacketLossSending)
-    {
-        if (percentPacketLossReceiving < 0 || percentPacketLossReceiving > 100)
-        {
-            throw new IllegalArgumentException("'percentPacketLossReceiving' out of range");
-        }
-        if (percentPacketLossSending < 0 || percentPacketLossSending > 100)
-        {
-            throw new IllegalArgumentException("'percentPacketLossSending' out of range");
-        }
-
-        this.transport = transport;
-        this.random = random;
-        this.percentPacketLossReceiving = percentPacketLossReceiving;
-        this.percentPacketLossSending = percentPacketLossSending;
-    }
-
-    public int getReceiveLimit()
-        throws IOException
-    {
-        return transport.getReceiveLimit();
-    }
-
-    public int getSendLimit()
-        throws IOException
-    {
-        return transport.getSendLimit();
-    }
-
-    public int receive(byte[] buf, int off, int len, int waitMillis)
-        throws IOException
-    {
-        long endMillis = System.currentTimeMillis() + waitMillis;
-        for (; ; )
-        {
-            int length = transport.receive(buf, off, len, waitMillis);
-            if (length < 0 || !lostPacket(percentPacketLossReceiving))
-            {
-                return length;
-            }
-
-            System.out.println("PACKET LOSS (" + length + " byte packet not received)");
-
-            long now = System.currentTimeMillis();
-            if (now >= endMillis)
-            {
-                return -1;
-            }
-
-            waitMillis = (int)(endMillis - now);
-        }
-    }
-
-    public void send(byte[] buf, int off, int len)
-        throws IOException
-    {
-        if (lostPacket(percentPacketLossSending))
-        {
-            System.out.println("PACKET LOSS (" + len + " byte packet not sent)");
-        }
-        else
-        {
-            transport.send(buf, off, len);
-        }
-    }
-
-    public void close()
-        throws IOException
-    {
-        transport.close();
-    }
-
-    private boolean lostPacket(int percentPacketLoss)
-    {
-        return percentPacketLoss > 0 && random.nextInt(100) < percentPacketLoss;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/package.html b/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/package.html
deleted file mode 100644
index ec6dbbc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/tls/test/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Example code and test classes for the lightweight TLS API.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/util/AlgorithmIdentifierFactory.java b/bcprov/src/main/java/org/bouncycastle/crypto/util/AlgorithmIdentifierFactory.java
deleted file mode 100644
index 6dc572f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/util/AlgorithmIdentifierFactory.java
+++ /dev/null

@@ -1,114 +0,0 @@
-package org.bouncycastle.crypto.util;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.kisa.KISAObjectIdentifiers;
-import org.bouncycastle.asn1.misc.CAST5CBCParameters;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.RC2CBCParameter;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * Factory methods for common AlgorithmIdentifiers.
- */
-public class AlgorithmIdentifierFactory
-{
-    private AlgorithmIdentifierFactory()
-    {
-
-    }
-
-    static final ASN1ObjectIdentifier  IDEA_CBC        = new ASN1ObjectIdentifier("1.3.6.1.4.1.188.7.1.1.2").intern();
-    static final ASN1ObjectIdentifier  CAST5_CBC       = new ASN1ObjectIdentifier("1.2.840.113533.7.66.10").intern();
-
-    private static final short[] rc2Table = {
-        0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0,
-        0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a,
-        0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36,
-        0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c,
-        0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60,
-        0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa,
-        0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e,
-        0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf,
-        0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6,
-        0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3,
-        0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c,
-        0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2,
-        0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5,
-        0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5,
-        0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f,
-        0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab
-    };
-
-    /**
-     * Create an AlgorithmIdentifier for the passed in encryption algorithm.
-     *
-     * @param encryptionOID OID for the encryption algorithm
-     * @param keySize key size in bits (-1 if unknown)
-     * @param random SecureRandom to use for parameter generation.
-     * @return a full AlgorithmIdentifier including parameters
-     * @throws IllegalArgumentException if encryptionOID cannot be matched
-     */
-    public static AlgorithmIdentifier generateEncryptionAlgID(ASN1ObjectIdentifier encryptionOID, int keySize, SecureRandom random)
-        throws IllegalArgumentException
-    {
-        if (encryptionOID.equals(NISTObjectIdentifiers.id_aes128_CBC)
-                || encryptionOID.equals(NISTObjectIdentifiers.id_aes192_CBC)
-                || encryptionOID.equals(NISTObjectIdentifiers.id_aes256_CBC)
-                || encryptionOID.equals(NTTObjectIdentifiers.id_camellia128_cbc)
-                || encryptionOID.equals(NTTObjectIdentifiers.id_camellia192_cbc)
-                || encryptionOID.equals(NTTObjectIdentifiers.id_camellia256_cbc)
-                || encryptionOID.equals(KISAObjectIdentifiers.id_seedCBC))
-        {
-            byte[] iv = new byte[16];
-
-            random.nextBytes(iv);
-
-            return new AlgorithmIdentifier(encryptionOID, new DEROctetString(iv));
-        }
-        else if (encryptionOID.equals(PKCSObjectIdentifiers.des_EDE3_CBC)
-                || encryptionOID.equals(IDEA_CBC)
-                || encryptionOID.equals(OIWObjectIdentifiers.desCBC))
-        {
-            byte[] iv = new byte[8];
-
-            random.nextBytes(iv);
-
-            return new AlgorithmIdentifier(encryptionOID, new DEROctetString(iv));
-        }
-        else if (encryptionOID.equals(CAST5_CBC))
-        {
-            byte[] iv = new byte[8];
-
-            random.nextBytes(iv);
-
-            CAST5CBCParameters cbcParams = new CAST5CBCParameters(iv, keySize);
-
-            return new AlgorithmIdentifier(encryptionOID, cbcParams);
-        }
-        else if (encryptionOID.equals(PKCSObjectIdentifiers.rc4))
-        {
-            return new AlgorithmIdentifier(encryptionOID, DERNull.INSTANCE);
-        }
-        else if (encryptionOID.equals(PKCSObjectIdentifiers.RC2_CBC))
-        {
-            byte[] iv = new byte[8];
-
-            random.nextBytes(iv);
-
-            RC2CBCParameter cbcParams = new RC2CBCParameter(rc2Table[128], iv);
-
-            return new AlgorithmIdentifier(encryptionOID, cbcParams);
-        }
-        else
-        {
-            throw new IllegalArgumentException("unable to match algorithm");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/util/CipherFactory.java b/bcprov/src/main/java/org/bouncycastle/crypto/util/CipherFactory.java
deleted file mode 100644
index 613b9c1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/util/CipherFactory.java
+++ /dev/null

@@ -1,199 +0,0 @@
-package org.bouncycastle.crypto.util;
-
-import java.io.OutputStream;
-
-import org.bouncycastle.asn1.ASN1Null;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.kisa.KISAObjectIdentifiers;
-import org.bouncycastle.asn1.misc.CAST5CBCParameters;
-import org.bouncycastle.asn1.misc.MiscObjectIdentifiers;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.RC2CBCParameter;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.StreamCipher;
-import org.bouncycastle.crypto.engines.AESEngine;
-import org.bouncycastle.crypto.engines.CAST5Engine;
-import org.bouncycastle.crypto.engines.DESEngine;
-import org.bouncycastle.crypto.engines.DESedeEngine;
-import org.bouncycastle.crypto.engines.RC2Engine;
-import org.bouncycastle.crypto.engines.RC4Engine;
-import org.bouncycastle.crypto.io.CipherOutputStream;
-import org.bouncycastle.crypto.modes.AEADBlockCipher;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.paddings.PKCS7Padding;
-import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.crypto.params.RC2Parameters;
-
-/**
- * Factory methods for creating Cipher objects and CipherOutputStreams.
- */
-public class CipherFactory
-{
-
-    private static final short[] rc2Ekb = {
-        0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5,
-        0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5,
-        0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef,
-        0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d,
-        0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb,
-        0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d,
-        0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3,
-        0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61,
-        0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1,
-        0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21,
-        0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42,
-        0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f,
-        0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7,
-        0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15,
-        0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7,
-        0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd
-    };
-
-    /**
-     * Create a content cipher for encrypting bulk data.
-     *
-     * @param forEncryption true if the cipher is for encryption, false otherwise.
-     * @param encKey the basic key to use.
-     * @param encryptionAlgID identifying algorithm OID and parameters to use.
-     * @return a StreamCipher or a BufferedBlockCipher depending on the algorithm.
-     * @throws IllegalArgumentException
-     */
-    public static Object createContentCipher(boolean forEncryption, CipherParameters encKey, AlgorithmIdentifier encryptionAlgID)
-        throws IllegalArgumentException
-    {
-        ASN1ObjectIdentifier encAlg = encryptionAlgID.getAlgorithm();
-
-        if (encAlg.equals(PKCSObjectIdentifiers.rc4))
-        {
-            StreamCipher cipher = new RC4Engine();
-
-            cipher.init(forEncryption, encKey);
-
-            return cipher;
-        }
-        else
-        {
-            BufferedBlockCipher cipher = createCipher(encryptionAlgID.getAlgorithm());
-            ASN1Primitive sParams = encryptionAlgID.getParameters().toASN1Primitive();
-
-            if (sParams != null && !(sParams instanceof ASN1Null))
-            {
-                if (encAlg.equals(PKCSObjectIdentifiers.des_EDE3_CBC)
-                    || encAlg.equals(AlgorithmIdentifierFactory.IDEA_CBC)
-                    || encAlg.equals(NISTObjectIdentifiers.id_aes128_CBC)
-                    || encAlg.equals(NISTObjectIdentifiers.id_aes192_CBC)
-                    || encAlg.equals(NISTObjectIdentifiers.id_aes256_CBC)
-                    || encAlg.equals(NTTObjectIdentifiers.id_camellia128_cbc)
-                    || encAlg.equals(NTTObjectIdentifiers.id_camellia192_cbc)
-                    || encAlg.equals(NTTObjectIdentifiers.id_camellia256_cbc)
-                    || encAlg.equals(KISAObjectIdentifiers.id_seedCBC)
-                    || encAlg.equals(OIWObjectIdentifiers.desCBC))
-                {
-                    cipher.init(forEncryption, new ParametersWithIV(encKey,
-                        ASN1OctetString.getInstance(sParams).getOctets()));
-                }
-                else if (encAlg.equals(AlgorithmIdentifierFactory.CAST5_CBC))
-                {
-                    CAST5CBCParameters cbcParams = CAST5CBCParameters.getInstance(sParams);
-
-                    cipher.init(forEncryption, new ParametersWithIV(encKey, cbcParams.getIV()));
-                }
-                else if (encAlg.equals(PKCSObjectIdentifiers.RC2_CBC))
-                {
-                    RC2CBCParameter cbcParams = RC2CBCParameter.getInstance(sParams);
-
-                    cipher.init(forEncryption, new ParametersWithIV(new RC2Parameters(((KeyParameter)encKey).getKey(), rc2Ekb[cbcParams.getRC2ParameterVersion().intValue()]), cbcParams.getIV()));
-                }
-                else
-                {
-                    throw new IllegalArgumentException("cannot match parameters");
-                }
-            }
-            else
-            {
-                if (encAlg.equals(PKCSObjectIdentifiers.des_EDE3_CBC)
-                    || encAlg.equals(AlgorithmIdentifierFactory.IDEA_CBC)
-                    || encAlg.equals(AlgorithmIdentifierFactory.CAST5_CBC))
-                {
-                    cipher.init(forEncryption, new ParametersWithIV(encKey, new byte[8]));
-                }
-                else
-                {
-                    cipher.init(forEncryption, encKey);
-                }
-            }
-
-            return cipher;
-        }
-    }
-
-    private static BufferedBlockCipher createCipher(ASN1ObjectIdentifier algorithm)
-        throws IllegalArgumentException
-    {
-        BlockCipher cipher;
-
-        if (NISTObjectIdentifiers.id_aes128_CBC.equals(algorithm)
-            || NISTObjectIdentifiers.id_aes192_CBC.equals(algorithm)
-            || NISTObjectIdentifiers.id_aes256_CBC.equals(algorithm))
-        {
-            cipher = new CBCBlockCipher(new AESEngine());
-        }
-        else if (PKCSObjectIdentifiers.des_EDE3_CBC.equals(algorithm))
-        {
-            cipher = new CBCBlockCipher(new DESedeEngine());
-        }
-        else if (OIWObjectIdentifiers.desCBC.equals(algorithm))
-        {
-            cipher = new CBCBlockCipher(new DESEngine());
-        }
-        else if (PKCSObjectIdentifiers.RC2_CBC.equals(algorithm))
-        {
-            cipher = new CBCBlockCipher(new RC2Engine());
-        }
-        else if (MiscObjectIdentifiers.cast5CBC.equals(algorithm))
-        {
-            cipher = new CBCBlockCipher(new CAST5Engine());
-        }
-        else
-        {
-            throw new IllegalArgumentException("cannot recognise cipher: " + algorithm);
-        }
-
-        return new PaddedBufferedBlockCipher(cipher, new PKCS7Padding());
-    }
-
-    /**
-     * Return a new CipherOutputStream based on the passed in cipher.
-     *
-     * @param dOut the output stream to write the processed data to.
-     * @param cipher the cipher to use.
-     * @return a BC CipherOutputStream using the cipher and writing to dOut.
-     */
-    public static CipherOutputStream createOutputStream(OutputStream dOut, Object cipher)
-    {
-        if (cipher instanceof BufferedBlockCipher)
-        {
-            return new CipherOutputStream(dOut, (BufferedBlockCipher)cipher);
-        }
-        if (cipher instanceof StreamCipher)
-        {
-            return new CipherOutputStream(dOut, (StreamCipher)cipher);
-        }
-        if (cipher instanceof AEADBlockCipher)
-        {
-            return new CipherOutputStream(dOut, (AEADBlockCipher)cipher);
-        }
-        throw new IllegalArgumentException("unknown cipher object: " + cipher);
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/util/CipherKeyGeneratorFactory.java b/bcprov/src/main/java/org/bouncycastle/crypto/util/CipherKeyGeneratorFactory.java
deleted file mode 100644
index 14d1785..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/util/CipherKeyGeneratorFactory.java
+++ /dev/null

@@ -1,106 +0,0 @@
-package org.bouncycastle.crypto.util;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.kisa.KISAObjectIdentifiers;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.crypto.generators.DESKeyGenerator;
-import org.bouncycastle.crypto.generators.DESedeKeyGenerator;
-
-/**
- * Factory methods for generating secret key generators for symmetric ciphers.
- */
-public class CipherKeyGeneratorFactory
-{
-    private CipherKeyGeneratorFactory()
-    {
-    }
-
-    /**
-     * Create a key generator for the passed in Object Identifier.
-     *
-     * @param algorithm the Object Identifier indicating the algorithn the generator is for.
-     * @param random a source of random to initialise the generator with.
-     * @return an initialised CipherKeyGenerator.
-     * @throws IllegalArgumentException if the algorithm cannot be identified.
-     */
-    public static CipherKeyGenerator createKeyGenerator(ASN1ObjectIdentifier algorithm, SecureRandom random)
-        throws IllegalArgumentException
-    {
-        if (NISTObjectIdentifiers.id_aes128_CBC.equals(algorithm))
-        {
-            return createCipherKeyGenerator(random, 128);
-        }
-        else if (NISTObjectIdentifiers.id_aes192_CBC.equals(algorithm))
-        {
-            return createCipherKeyGenerator(random, 192);
-        }
-        else if (NISTObjectIdentifiers.id_aes256_CBC.equals(algorithm))
-        {
-            return createCipherKeyGenerator(random, 256);
-        }
-        else if (PKCSObjectIdentifiers.des_EDE3_CBC.equals(algorithm))
-        {
-            DESedeKeyGenerator keyGen = new DESedeKeyGenerator();
-
-            keyGen.init(new KeyGenerationParameters(random, 192));
-
-            return keyGen;
-        }
-        else if (NTTObjectIdentifiers.id_camellia128_cbc.equals(algorithm))
-        {
-            return createCipherKeyGenerator(random, 128);
-        }
-        else if (NTTObjectIdentifiers.id_camellia192_cbc.equals(algorithm))
-        {
-            return createCipherKeyGenerator(random, 192);
-        }
-        else if (NTTObjectIdentifiers.id_camellia256_cbc.equals(algorithm))
-        {
-            return createCipherKeyGenerator(random, 256);
-        }
-        else if (KISAObjectIdentifiers.id_seedCBC.equals(algorithm))
-        {
-            return createCipherKeyGenerator(random, 128);
-        }
-        else if (AlgorithmIdentifierFactory.CAST5_CBC.equals(algorithm))
-        {
-            return createCipherKeyGenerator(random, 128);
-        }
-        else if (OIWObjectIdentifiers.desCBC.equals(algorithm))
-        {
-            DESKeyGenerator keyGen = new DESKeyGenerator();
-
-            keyGen.init(new KeyGenerationParameters(random, 64));
-
-            return keyGen;
-        }
-        else if (PKCSObjectIdentifiers.rc4.equals(algorithm))
-        {
-            return createCipherKeyGenerator(random, 128);
-        }
-        else if (PKCSObjectIdentifiers.RC2_CBC.equals(algorithm))
-        {
-            return createCipherKeyGenerator(random, 128);
-        }
-        else
-        {
-            throw new IllegalArgumentException("cannot recognise cipher: " + algorithm);
-        }
-    }
-
-    private static CipherKeyGenerator createCipherKeyGenerator(SecureRandom random, int keySize)
-    {
-        CipherKeyGenerator keyGen = new CipherKeyGenerator();
-
-        keyGen.init(new KeyGenerationParameters(random, keySize));
-
-        return keyGen;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/util/DERMacData.java b/bcprov/src/main/java/org/bouncycastle/crypto/util/DERMacData.java
deleted file mode 100644
index d895a1f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/util/DERMacData.java
+++ /dev/null

@@ -1,114 +0,0 @@
-package org.bouncycastle.crypto.util;
-
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-
-/**
- * Builder and holder class for preparing SP 800-56A compliant MacData. Elements in the data are encoded
- * as DER objects with empty octet strings used to represent nulls in compulsory fields.
- */
-public final class DERMacData
-{
-    public enum Type
-    {
-        UNILATERALU("KC_1_U"),
-        UNILATERALV("KC_1_V"),
-        BILATERALU("KC_2_U"),
-        BILATERALV("KC_2_V");
-
-        private final String enc;
-
-        Type(String enc)
-        {
-            this.enc = enc;
-        }
-
-        public byte[] getHeader()
-        {
-            return Strings.toByteArray(enc);
-        }
-    }
-
-    /**
-     * Builder to create OtherInfo
-     */
-    public static final class Builder
-    {
-        private final Type type;
-
-        private ASN1OctetString idU;
-        private ASN1OctetString idV;
-        private ASN1OctetString ephemDataU;
-        private ASN1OctetString ephemDataV;
-        private byte[] text;
-
-        /**
-         * Create a basic builder with just the compulsory fields.
-         *
-         * @param type the MAC header
-         * @param idU  sender party ID.
-         * @param idV  receiver party ID.
-         * @param ephemDataU ephemeral data from sender.
-         * @param ephemDataV ephemeral data from receiver.
-         */
-        public Builder(Type type, byte[] idU, byte[] idV, byte[] ephemDataU, byte[] ephemDataV)
-        {
-            this.type = type;
-            this.idU = DerUtil.getOctetString(idU);
-            this.idV = DerUtil.getOctetString(idV);
-            this.ephemDataU = DerUtil.getOctetString(ephemDataU);
-            this.ephemDataV = DerUtil.getOctetString(ephemDataV);
-        }
-
-        /**
-         * Add optional text.
-         *
-         * @param text optional agreed text to add to the MAC.
-         * @return the current builder instance.
-         */
-        public Builder withText(byte[] text)
-        {
-            this.text = DerUtil.toByteArray(new DERTaggedObject(false, 0, DerUtil.getOctetString(text)));
-
-            return this;
-        }
-
-        public DERMacData build()
-        {
-            switch (type)
-            {
-            case UNILATERALU:
-            case BILATERALU:
-                return new DERMacData(concatenate(type.getHeader(),
-                                DerUtil.toByteArray(idU), DerUtil.toByteArray(idV),
-                                DerUtil.toByteArray(ephemDataU), DerUtil.toByteArray(ephemDataV), text));
-            case UNILATERALV:
-            case BILATERALV:
-                return new DERMacData(concatenate(type.getHeader(),
-                                DerUtil.toByteArray(idV), DerUtil.toByteArray(idU),
-                                DerUtil.toByteArray(ephemDataV), DerUtil.toByteArray(ephemDataU), text));
-            }
-
-            throw new IllegalStateException("Unknown type encountered in build");   // should never happen
-        }
-
-        private byte[] concatenate(byte[] header, byte[] id1, byte[] id2, byte[] ed1, byte[] ed2, byte[] text)
-        {
-            return Arrays.concatenate(Arrays.concatenate(header, id1, id2), Arrays.concatenate(ed1, ed2, text));
-        }
-    }
-
-    private final byte[] macData;
-
-    private DERMacData(byte[] macData)
-    {
-        this.macData = macData;
-    }
-
-    public byte[] getMacData()
-    {
-        return Arrays.clone(macData);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/util/DEROtherInfo.java b/bcprov/src/main/java/org/bouncycastle/crypto/util/DEROtherInfo.java
deleted file mode 100644
index 4e821f7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/util/DEROtherInfo.java
+++ /dev/null

@@ -1,109 +0,0 @@
-package org.bouncycastle.crypto.util;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * Builder and holder class for preparing SP 800-56A compliant OtherInfo. The data is ultimately encoded as a DER SEQUENCE.
- * Empty octet strings are used to represent nulls in compulsory fields.
- */
-public class DEROtherInfo
-{
-    /**
-     * Builder to create OtherInfo
-     */
-    public static final class Builder
-    {
-        private final AlgorithmIdentifier algorithmID;
-        private final ASN1OctetString partyUVInfo;
-        private final ASN1OctetString partyVInfo;
-
-        private ASN1TaggedObject suppPubInfo;
-        private ASN1TaggedObject suppPrivInfo;
-
-        /**
-         * Create a basic builder with just the compulsory fields.
-         *
-         * @param algorithmID the algorithm associated with this invocation of the KDF.
-         * @param partyUInfo  sender party info.
-         * @param partyVInfo  receiver party info.
-         */
-        public Builder(AlgorithmIdentifier algorithmID, byte[] partyUInfo, byte[] partyVInfo)
-        {
-            this.algorithmID = algorithmID;
-            this.partyUVInfo = DerUtil.getOctetString(partyUInfo);
-            this.partyVInfo = DerUtil.getOctetString(partyVInfo);
-        }
-
-        /**
-         * Add optional supplementary public info (DER tagged, implicit, 0).
-         *
-         * @param suppPubInfo supplementary public info.
-         * @return  the current builder instance.
-         */
-        public Builder withSuppPubInfo(byte[] suppPubInfo)
-        {
-            this.suppPubInfo = new DERTaggedObject(false, 0, DerUtil.getOctetString(suppPubInfo));
-
-            return this;
-        }
-
-        /**
-         * Add optional supplementary private info (DER tagged, implicit, 1).
-         *
-         * @param suppPrivInfo supplementary private info.
-         * @return the current builder instance.
-         */
-        public Builder withSuppPrivInfo(byte[] suppPrivInfo)
-        {
-            this.suppPrivInfo = new DERTaggedObject(false, 1, DerUtil.getOctetString(suppPrivInfo));
-
-            return this;
-        }
-
-        /**
-         * Build the KTSOtherInfo.
-         *
-         * @return an KTSOtherInfo containing the data.
-         */
-        public DEROtherInfo build()
-        {
-            ASN1EncodableVector v = new ASN1EncodableVector();
-
-            v.add(algorithmID);
-            v.add(partyUVInfo);
-            v.add(partyVInfo);
-
-            if (suppPubInfo != null)
-            {
-                v.add(suppPubInfo);
-            }
-
-            if (suppPrivInfo != null)
-            {
-                v.add(suppPrivInfo);
-            }
-
-            return new DEROtherInfo(new DERSequence(v));
-        }
-    }
-
-    private final DERSequence sequence;
-
-    private DEROtherInfo(DERSequence sequence)
-    {
-        this.sequence = sequence;
-    }
-
-    public byte[] getEncoded()
-        throws IOException
-    {
-        return sequence.getEncoded();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/util/DerUtil.java b/bcprov/src/main/java/org/bouncycastle/crypto/util/DerUtil.java
deleted file mode 100644
index 324c5ae..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/util/DerUtil.java
+++ /dev/null

@@ -1,39 +0,0 @@
-package org.bouncycastle.crypto.util;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.util.Arrays;
-
-class DerUtil
-{
-    static ASN1OctetString getOctetString(byte[] data)
-    {
-        if (data == null)
-        {
-            return new DEROctetString(new byte[0]);
-        }
-
-        return new DEROctetString(Arrays.clone(data));
-    }
-
-    static byte[] toByteArray(ASN1Primitive primitive)
-    {
-        try
-        {
-            return primitive.getEncoded();
-        }
-        catch (final IOException e)
-        {
-            throw new IllegalStateException("Cannot get encoding: " + e.getMessage())
-            {
-                public Throwable getCause()
-                {
-                    return e;
-                }
-            };
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/util/DigestFactory.java b/bcprov/src/main/java/org/bouncycastle/crypto/util/DigestFactory.java
deleted file mode 100644
index c19c351..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/util/DigestFactory.java
+++ /dev/null

@@ -1,77 +0,0 @@
-package org.bouncycastle.crypto.util;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.MD5Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA224Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA384Digest;
-import org.bouncycastle.crypto.digests.SHA3Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.digests.SHA512tDigest;
-
-/**
- * Basic factory class for message digests.
- */
-public final class DigestFactory
-{
-    public static Digest createMD5()
-    {
-        return new MD5Digest();
-    }
-
-    public static Digest createSHA1()
-    {
-        return new SHA1Digest();
-    }
-
-    public static Digest createSHA224()
-    {
-        return new SHA224Digest();
-    }
-
-    public static Digest createSHA256()
-    {
-        return new SHA256Digest();
-    }
-
-    public static Digest createSHA384()
-    {
-        return new SHA384Digest();
-    }
-
-    public static Digest createSHA512()
-    {
-        return new SHA512Digest();
-    }
-
-    public static Digest createSHA512_224()
-    {
-        return new SHA512tDigest(224);
-    }
-
-    public static Digest createSHA512_256()
-    {
-        return new SHA512tDigest(256);
-    }
-
-    public static Digest createSHA3_224()
-    {
-        return new SHA3Digest(224);
-    }
-
-    public static Digest createSHA3_256()
-    {
-        return new SHA3Digest(256);
-    }
-
-    public static Digest createSHA3_384()
-    {
-        return new SHA3Digest(384);
-    }
-
-    public static Digest createSHA3_512()
-    {
-        return new SHA3Digest(512);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/util/JournalingSecureRandom.java b/bcprov/src/main/java/org/bouncycastle/crypto/util/JournalingSecureRandom.java
deleted file mode 100644
index a5cf185..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/util/JournalingSecureRandom.java
+++ /dev/null

@@ -1,122 +0,0 @@
-package org.bouncycastle.crypto.util;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.security.SecureRandom;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * A SecureRandom that maintains a journal of its output.
- */
-public class JournalingSecureRandom
-    extends SecureRandom
-{
-    private static byte[] EMPTY_TRANSCRIPT = new byte[0];
-
-    private final SecureRandom base;
-    private final byte[] transcript;
-
-    private TranscriptStream tOut = new TranscriptStream();
-    private int index = 0;
-
-    /**
-     * Base constructor - no prior transcript.
-     *
-     * @param random source of randomness we will be journaling.
-     */
-    public JournalingSecureRandom(SecureRandom random)
-    {
-        this.base = random;
-        this.transcript = EMPTY_TRANSCRIPT;
-    }
-
-    /**
-     * Constructor with a prior transcript. Both the transcript used and
-     * any new randomness are journaled.
-     *
-     * @param transcript initial transcript of randomness.
-     * @param random source of randomness we will be journaling when the transcript runs out.
-     */
-    public JournalingSecureRandom(byte[] transcript, SecureRandom random)
-    {
-         this.base = random;
-         this.transcript = Arrays.clone(transcript);
-    }
-
-    /**
-     * Fill bytes with random data, journaling the random data before returning.
-     *
-     * @param bytes a block of bytes to be filled with random data.
-     */
-    public final void nextBytes(byte[] bytes)
-    {
-        if (index >= transcript.length)
-        {
-            base.nextBytes(bytes);
-        }
-        else
-        {
-            int i = 0;
-
-            while (i != bytes.length)
-            {
-                if (index < transcript.length)
-                {
-                    bytes[i] = transcript[index++];
-                }
-                else
-                {
-                    break;
-                }
-                i++;
-            }
-
-            if (i != bytes.length)
-            {
-                byte[] extra = new byte[bytes.length - i];
-
-                base.nextBytes(extra);
-
-                System.arraycopy(extra, 0, bytes, i, extra.length);
-            }
-        }
-
-        try
-        {
-            tOut.write(bytes);
-        }
-        catch (IOException e)
-        {
-            throw new IllegalStateException("unable to record transcript: " + e.getMessage());
-        }
-    }
-
-    /**
-     * Clear the internals
-     */
-    public void clear()
-    {
-        Arrays.fill(transcript, (byte)0);
-        tOut.clear();
-    }
-
-    /**
-     * Return the transcript so far,
-     *
-     * @return a copy of the randomness produced so far.
-     */
-    public byte[] getTranscript()
-    {
-        return tOut.toByteArray();
-    }
-
-    private class TranscriptStream
-        extends ByteArrayOutputStream
-    {
-        public void clear()
-        {
-            Arrays.fill(buf, (byte)0);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/util/OpenSSHPrivateKeyUtil.java b/bcprov/src/main/java/org/bouncycastle/crypto/util/OpenSSHPrivateKeyUtil.java
deleted file mode 100644
index f047af0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/util/OpenSSHPrivateKeyUtil.java
+++ /dev/null

@@ -1,282 +0,0 @@
-package org.bouncycastle.crypto.util;
-
-import java.io.IOException;
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.pkcs.RSAPrivateKey;
-import org.bouncycastle.asn1.sec.ECPrivateKey;
-import org.bouncycastle.asn1.x9.ECNamedCurveTable;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.DSAParameters;
-import org.bouncycastle.crypto.params.DSAPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECNamedDomainParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.Ed25519PrivateKeyParameters;
-import org.bouncycastle.crypto.params.Ed25519PublicKeyParameters;
-import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.BigIntegers;
-import org.bouncycastle.util.Strings;
-
-
-/**
- * A collection of utility methods for parsing OpenSSH private keys.
- */
-public class OpenSSHPrivateKeyUtil
-{
-    private OpenSSHPrivateKeyUtil()
-    {
-
-    }
-
-    /**
-     * Magic value for propriety OpenSSH private key.
-     **/
-    static final byte[] AUTH_MAGIC = Strings.toByteArray("openssh-key-v1\0"); // C string so null terminated
-
-    /**
-     * Encode a cipher parameters into an OpenSSH private key.
-     * This does not add headers like ----BEGIN RSA PRIVATE KEY----
-     *
-     * @param params the cipher parameters.
-     * @return a byte array
-     */
-    public static byte[] encodePrivateKey(AsymmetricKeyParameter params)
-        throws IOException
-    {
-        if (params == null)
-        {
-            throw new IllegalArgumentException("param is null");
-        }
-
-        if (params instanceof RSAPrivateCrtKeyParameters)
-        {
-            PrivateKeyInfo pInfo = PrivateKeyInfoFactory.createPrivateKeyInfo(params);
-
-            return pInfo.parsePrivateKey().toASN1Primitive().getEncoded();
-        }
-        else if (params instanceof ECPrivateKeyParameters)
-        {
-            PrivateKeyInfo pInfo = PrivateKeyInfoFactory.createPrivateKeyInfo(params);
-
-            return pInfo.parsePrivateKey().toASN1Primitive().getEncoded();
-        }
-        else if (params instanceof DSAPrivateKeyParameters)
-        {
-            ASN1EncodableVector vec = new ASN1EncodableVector();
-            vec.add(new ASN1Integer(0));
-            vec.add(new ASN1Integer(((DSAPrivateKeyParameters)params).getParameters().getP()));
-            vec.add(new ASN1Integer(((DSAPrivateKeyParameters)params).getParameters().getQ()));
-            vec.add(new ASN1Integer(((DSAPrivateKeyParameters)params).getParameters().getG()));
-
-            // public key = g.modPow(x, p);
-
-            BigInteger pubKey = ((DSAPrivateKeyParameters)params).getParameters().getG().modPow(
-                ((DSAPrivateKeyParameters)params).getX(),
-                ((DSAPrivateKeyParameters)params).getParameters().getP());
-            vec.add(new ASN1Integer(pubKey));
-
-            vec.add(new ASN1Integer(((DSAPrivateKeyParameters)params).getX()));
-            try
-            {
-                return new DERSequence(vec).getEncoded();
-            }
-            catch (Exception ex)
-            {
-                throw new IllegalStateException("unable to encode DSAPrivateKeyParameters " + ex.getMessage());
-            }
-        }
-        else if (params instanceof Ed25519PrivateKeyParameters)
-        {
-            SSHBuilder builder = new SSHBuilder();
-
-            builder.write(AUTH_MAGIC);
-            builder.writeString("none");
-            builder.writeString("none");
-            builder.u32(0); // Zero length of the KDF
-
-            builder.u32(1);
-
-            Ed25519PublicKeyParameters publicKeyParameters = ((Ed25519PrivateKeyParameters)params).generatePublicKey();
-
-            byte[] pkEncoded = OpenSSHPublicKeyUtil.encodePublicKey(publicKeyParameters);
-            builder.rawArray(pkEncoded);
-
-            SSHBuilder pkBuild = new SSHBuilder();
-
-            pkBuild.u32(0x00ff00ff);
-            pkBuild.u32(0x00ff00ff);
-
-            pkBuild.writeString("ssh-ed25519");
-
-            byte[] pubKeyEncoded = ((Ed25519PrivateKeyParameters)params).generatePublicKey().getEncoded();
-
-            pkBuild.rawArray(pubKeyEncoded); // Public key written as length defined item.
-
-            // The private key in SSH is 64 bytes long and is the concatenation of the private and the public keys
-            pkBuild.rawArray(Arrays.concatenate(((Ed25519PrivateKeyParameters)params).getEncoded(), pubKeyEncoded));
-            pkBuild.u32(0); // No comment.
-            builder.rawArray(pkBuild.getBytes());
-
-            return builder.getBytes();
-        }
-
-        throw new IllegalArgumentException("unable to convert " + params.getClass().getName() + " to openssh private key");
-
-    }
-
-    /**
-     * Parse a private key.
-     * <p>
-     * This method accepts the body of the OpenSSH private key.
-     * The easiest way to extract the body is to use PemReader, for example:
-     * <p>
-     * byte[] blob = new PemReader([reader]).readPemObject().getContent();
-     * CipherParameters params = parsePrivateKeyBlob(blob);
-     *
-     * @param blob The key.
-     * @return A cipher parameters instance.
-     */
-    public static AsymmetricKeyParameter parsePrivateKeyBlob(byte[] blob)
-    {
-        AsymmetricKeyParameter result = null;
-
-        if  (blob[0] == 0x30)
-        {
-            ASN1Sequence sequence = ASN1Sequence.getInstance(blob);
-
-            if (sequence.size() == 6)
-            {
-                if (allIntegers(sequence) && ((ASN1Integer)sequence.getObjectAt(0)).getPositiveValue().equals(BigIntegers.ZERO))
-                {
-                    // length of 6 and all Integers -- DSA
-                    result = new DSAPrivateKeyParameters(
-                        ((ASN1Integer)sequence.getObjectAt(5)).getPositiveValue(),
-                        new DSAParameters(
-                            ((ASN1Integer)sequence.getObjectAt(1)).getPositiveValue(),
-                            ((ASN1Integer)sequence.getObjectAt(2)).getPositiveValue(),
-                            ((ASN1Integer)sequence.getObjectAt(3)).getPositiveValue())
-                    );
-                }
-            }
-            else if (sequence.size() == 9)
-            {
-                if (allIntegers(sequence) && ((ASN1Integer)sequence.getObjectAt(0)).getPositiveValue().equals(BigIntegers.ZERO))
-                {
-                    // length of 8 and all Integers -- RSA
-                    RSAPrivateKey rsaPrivateKey = RSAPrivateKey.getInstance(sequence);
-
-                    result = new RSAPrivateCrtKeyParameters(
-                        rsaPrivateKey.getModulus(),
-                        rsaPrivateKey.getPublicExponent(),
-                        rsaPrivateKey.getPrivateExponent(),
-                        rsaPrivateKey.getPrime1(),
-                        rsaPrivateKey.getPrime2(),
-                        rsaPrivateKey.getExponent1(),
-                        rsaPrivateKey.getExponent2(),
-                        rsaPrivateKey.getCoefficient());
-                }
-            }
-            else if (sequence.size() == 4)
-            {
-                if (sequence.getObjectAt(3) instanceof DERTaggedObject && sequence.getObjectAt(2) instanceof DERTaggedObject)
-                {
-                    ECPrivateKey ecPrivateKey = ECPrivateKey.getInstance(sequence);
-                    ASN1ObjectIdentifier curveOID = (ASN1ObjectIdentifier)ecPrivateKey.getParameters();
-                    X9ECParameters x9Params = ECNamedCurveTable.getByOID(curveOID);
-                    result = new ECPrivateKeyParameters(
-                        ecPrivateKey.getKey(),
-                        new ECNamedDomainParameters(
-                            curveOID,
-                            x9Params.getCurve(),
-                            x9Params.getG(),
-                            x9Params.getN(),
-                            x9Params.getH(),
-                            x9Params.getSeed()));
-                }
-            }
-        }
-        else
-        {
-            SSHBuffer kIn = new SSHBuffer(AUTH_MAGIC, blob);
-            // Cipher name.
-            String cipherName = Strings.fromByteArray(kIn.readString());
-
-            if (!"none".equals(cipherName))
-            {
-                throw new IllegalStateException("encrypted keys not supported");
-            }
-
-            // KDF name
-            kIn.readString();
-
-            // KDF options
-            kIn.readString();
-
-            long publicKeyCount = kIn.readU32();
-
-            for (int l = 0; l != publicKeyCount; l++)
-            {
-                // Burn off public keys.
-                OpenSSHPublicKeyUtil.parsePublicKey(kIn.readString());
-            }
-
-            SSHBuffer pkIn = new SSHBuffer(kIn.readPaddedString());
-            int check1 = pkIn.readU32();
-            int check2 = pkIn.readU32();
-
-            if (check1 != check2)
-            {
-                throw new IllegalStateException("private key check values are not the same");
-            }
-
-            String keyType = Strings.fromByteArray(pkIn.readString());
-
-            if ("ssh-ed25519".equals(keyType))
-            {
-                //
-                // Skip public key
-                //
-                pkIn.readString();
-                byte[] edPrivateKey = pkIn.readString();
-
-                result = new Ed25519PrivateKeyParameters(edPrivateKey, 0);
-            }
-            else
-            {
-                throw new IllegalStateException("can not parse private key of type " + keyType);
-            }
-        }
-
-        if (result == null)
-        {
-            throw new IllegalArgumentException("unable to parse key");
-        }
-
-        return result;
-    }
-
-    /**
-     * allIntegers returns true if the sequence holds only ASN1Integer types.
-     **/
-    private static boolean allIntegers(ASN1Sequence sequence)
-    {
-        for (int t = 0; t < sequence.size(); t++)
-        {
-            if (!(sequence.getObjectAt(t) instanceof ASN1Integer))
-            {
-                return false;
-
-            }
-        }
-        return true;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/util/OpenSSHPublicKeyUtil.java b/bcprov/src/main/java/org/bouncycastle/crypto/util/OpenSSHPublicKeyUtil.java
deleted file mode 100644
index a0809f0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/util/OpenSSHPublicKeyUtil.java
+++ /dev/null

@@ -1,201 +0,0 @@
-package org.bouncycastle.crypto.util;
-
-import java.io.IOException;
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.x9.ECNamedCurveTable;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.DSAParameters;
-import org.bouncycastle.crypto.params.DSAPublicKeyParameters;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.Ed25519PublicKeyParameters;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.custom.sec.SecP256R1Curve;
-import org.bouncycastle.util.Strings;
-
-
-/**
- * OpenSSHPublicKeyUtil utility classes for parsing OpenSSH public keys.
- */
-public class OpenSSHPublicKeyUtil
-{
-    private OpenSSHPublicKeyUtil()
-    {
-
-    }
-
-    private static final String RSA = "ssh-rsa";
-    private static final String ECDSA = "ecdsa";
-    private static final String ED_25519 = "ssh-ed25519";
-    private static final String DSS = "ssh-dss";
-
-    /**
-     * Parse a public key.
-     * <p>
-     * This method accepts the bytes that are Base64 encoded in an OpenSSH public key file.
-     *
-     * @param encoded The key.
-     * @return An AsymmetricKeyParameter instance.
-     */
-    public static AsymmetricKeyParameter parsePublicKey(byte[] encoded)
-    {
-        SSHBuffer buffer = new SSHBuffer(encoded);
-        return parsePublicKey(buffer);
-    }
-
-    /**
-     * Encode a public key from an AsymmetricKeyParameter instance.
-     *
-     * @param cipherParameters The key to encode.
-     * @return the key OpenSSH encoded.
-     * @throws IOException
-     */
-    public static byte[] encodePublicKey(AsymmetricKeyParameter cipherParameters)
-        throws IOException
-    {
-        BigInteger e;
-        BigInteger n;
-
-        if (cipherParameters == null)
-        {
-            throw new IllegalArgumentException("cipherParameters was null.");
-        }
-
-        if (cipherParameters instanceof RSAKeyParameters)
-        {
-            if (cipherParameters.isPrivate())
-            {
-                throw new IllegalArgumentException("RSAKeyParamaters was for encryption");
-            }
-
-            e = ((RSAKeyParameters)cipherParameters).getExponent();
-            n = ((RSAKeyParameters)cipherParameters).getModulus();
-
-            SSHBuilder builder = new SSHBuilder();
-            builder.writeString(RSA);
-            builder.rawArray(e.toByteArray());
-            builder.rawArray(n.toByteArray());
-
-            return builder.getBytes();
-
-        }
-        else if (cipherParameters instanceof ECPublicKeyParameters)
-        {
-            SSHBuilder builder = new SSHBuilder();
-
-            String name = null;
-            if (((ECPublicKeyParameters)cipherParameters).getParameters().getCurve() instanceof SecP256R1Curve)
-            {
-                name = "nistp256";
-            }
-            else
-            {
-                throw new IllegalArgumentException("unable to derive ssh curve name for " + ((ECPublicKeyParameters)cipherParameters).getParameters().getCurve().getClass().getName());
-            }
-
-            builder.writeString(ECDSA + "-sha2-" + name); // Magic
-            builder.writeString(name);
-            builder.rawArray(((ECPublicKeyParameters)cipherParameters).getQ().getEncoded(false)); //Uncompressed
-            return builder.getBytes();
-        }
-        else if (cipherParameters instanceof DSAPublicKeyParameters)
-        {
-            SSHBuilder builder = new SSHBuilder();
-            builder.writeString(DSS);
-            builder.rawArray(((DSAPublicKeyParameters)cipherParameters).getParameters().getP().toByteArray());
-            builder.rawArray(((DSAPublicKeyParameters)cipherParameters).getParameters().getQ().toByteArray());
-            builder.rawArray(((DSAPublicKeyParameters)cipherParameters).getParameters().getG().toByteArray());
-            builder.rawArray(((DSAPublicKeyParameters)cipherParameters).getY().toByteArray());
-            return builder.getBytes();
-        }
-        else if (cipherParameters instanceof Ed25519PublicKeyParameters)
-        {
-            SSHBuilder builder = new SSHBuilder();
-            builder.writeString(ED_25519);
-            builder.rawArray(((Ed25519PublicKeyParameters)cipherParameters).getEncoded());
-            return builder.getBytes();
-        }
-
-        throw new IllegalArgumentException("unable to convert " + cipherParameters.getClass().getName() + " to private key");
-    }
-
-    /**
-     * Parse a public key from an SSHBuffer instance.
-     *
-     * @param buffer containing the SSH public key.
-     * @return A CipherParameters instance.
-     */
-    public static AsymmetricKeyParameter parsePublicKey(SSHBuffer buffer)
-    {
-        AsymmetricKeyParameter result = null;
-
-        String magic = Strings.fromByteArray(buffer.readString());
-        if (RSA.equals(magic))
-        {
-            BigInteger e = buffer.positiveBigNum();
-            BigInteger n = buffer.positiveBigNum();
-            result = new RSAKeyParameters(false, n, e);
-        }
-        else if (DSS.equals(magic))
-        {
-            BigInteger p = buffer.positiveBigNum();
-            BigInteger q = buffer.positiveBigNum();
-            BigInteger g = buffer.positiveBigNum();
-            BigInteger pubKey = buffer.positiveBigNum();
-
-            result = new DSAPublicKeyParameters(pubKey, new DSAParameters(p, q, g));
-        }
-        else if (magic.startsWith(ECDSA))
-        {
-            String curveName = Strings.fromByteArray(buffer.readString());
-            String nameToFind = curveName;
-
-            if (curveName.startsWith("nist"))
-            {
-                //
-                // NIST names like P-256 are encoded in SSH as nistp256
-                //
-
-                nameToFind = curveName.substring(4);
-                nameToFind = nameToFind.substring(0, 1) + "-" + nameToFind.substring(1);
-            }
-
-            X9ECParameters x9ECParameters = ECNamedCurveTable.getByName(nameToFind);
-
-            if (x9ECParameters == null)
-            {
-                throw new IllegalStateException("unable to find curve for " + magic + " using curve name " + nameToFind);
-            }
-
-            //
-            // Extract name of digest from magic string value;
-            //
-            //String digest = magic.split("-")[1];
-
-            ECCurve curve = x9ECParameters.getCurve();
-
-            byte[] pointRaw = buffer.readString();
-
-            result = new ECPublicKeyParameters(curve.decodePoint(pointRaw), new ECDomainParameters(curve, x9ECParameters.getG(), x9ECParameters.getN(), x9ECParameters.getH(), x9ECParameters.getSeed()));
-        }
-        else if (magic.startsWith(ED_25519))
-        {
-            result = new Ed25519PublicKeyParameters(buffer.readString(), 0);
-        }
-
-        if (result == null)
-        {
-            throw new IllegalArgumentException("unable to parse key");
-        }
-
-        if (buffer.hasRemaining())
-        {
-            throw new IllegalArgumentException("uncoded key has trailing data");
-        }
-
-        return result;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/util/PBKDF2Config.java b/bcprov/src/main/java/org/bouncycastle/crypto/util/PBKDF2Config.java
deleted file mode 100644
index f5639b3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/util/PBKDF2Config.java
+++ /dev/null

@@ -1,171 +0,0 @@
-package org.bouncycastle.crypto.util;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.util.Integers;
-
-/**
- * Configuration class for a PBKDF using PKCS#5 Scheme 2.
- */
-public class PBKDF2Config
-    extends PBKDFConfig
-{
-    /**
-     * AlgorithmIdentifier for a PRF using HMac with SHA-1
-     */
-    public static final AlgorithmIdentifier PRF_SHA1 = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_hmacWithSHA1, DERNull.INSTANCE);
-
-    /**
-     * AlgorithmIdentifier for a PRF using HMac with SHA-256
-     */
-    public static final AlgorithmIdentifier PRF_SHA256 = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_hmacWithSHA256, DERNull.INSTANCE);
-
-    /**
-     * AlgorithmIdentifier for a PRF using HMac with SHA-512
-     */
-    public static final AlgorithmIdentifier PRF_SHA512 = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_hmacWithSHA512, DERNull.INSTANCE);
-
-    /**
-     * AlgorithmIdentifier for a PRF using HMac with SHA3-256
-     */
-    public static final AlgorithmIdentifier PRF_SHA3_256 = new AlgorithmIdentifier(NISTObjectIdentifiers.id_hmacWithSHA3_256, DERNull.INSTANCE);
-
-    /**
-     * AlgorithmIdentifier for a PRF using SHA3-512
-     */
-    public static final AlgorithmIdentifier PRF_SHA3_512 = new AlgorithmIdentifier(NISTObjectIdentifiers.id_hmacWithSHA3_512, DERNull.INSTANCE);
-
-    private static final Map PRFS_SALT = new HashMap();
-
-    static
-    {
-        PRFS_SALT.put(PKCSObjectIdentifiers.id_hmacWithSHA1, Integers.valueOf(20));
-        PRFS_SALT.put(PKCSObjectIdentifiers.id_hmacWithSHA256, Integers.valueOf(32));
-        PRFS_SALT.put(PKCSObjectIdentifiers.id_hmacWithSHA512, Integers.valueOf(64));
-        PRFS_SALT.put(PKCSObjectIdentifiers.id_hmacWithSHA224, Integers.valueOf(28));
-        PRFS_SALT.put(PKCSObjectIdentifiers.id_hmacWithSHA384, Integers.valueOf(48));
-        PRFS_SALT.put(NISTObjectIdentifiers.id_hmacWithSHA3_224, Integers.valueOf(28));
-        PRFS_SALT.put(NISTObjectIdentifiers.id_hmacWithSHA3_256, Integers.valueOf(32));
-        PRFS_SALT.put(NISTObjectIdentifiers.id_hmacWithSHA3_384, Integers.valueOf(48));
-        PRFS_SALT.put(NISTObjectIdentifiers.id_hmacWithSHA3_512, Integers.valueOf(64));
-        PRFS_SALT.put(CryptoProObjectIdentifiers.gostR3411Hmac, Integers.valueOf(32));
-        PRFS_SALT.put(RosstandartObjectIdentifiers.id_tc26_hmac_gost_3411_12_256, Integers.valueOf(32));
-        PRFS_SALT.put(RosstandartObjectIdentifiers.id_tc26_hmac_gost_3411_12_512, Integers.valueOf(64));
-        PRFS_SALT.put(GMObjectIdentifiers.hmac_sm3, Integers.valueOf(32));
-    }
-
-    static int getSaltSize(ASN1ObjectIdentifier algorithm)
-    {
-        if (!PRFS_SALT.containsKey(algorithm))
-        {
-            throw new IllegalStateException("no salt size for algorithm: " + algorithm);
-        }
-
-        return ((Integer)PRFS_SALT.get(algorithm)).intValue();
-    }
-
-    public static class Builder
-    {
-        private int iterationCount = 1024;
-        private int saltLength = -1;
-        private AlgorithmIdentifier prf = PRF_SHA1;
-
-        /**
-         * Base constructor.
-         *
-         * This configures the builder to use an iteration count of 1024, and the HMacSHA1 PRF.
-         */
-        public Builder()
-        {
-        }
-
-        /**
-         * Set the iteration count for the PBE calculation.
-         *
-         * @param iterationCount the iteration count to apply to the key creation.
-         * @return the current builder.
-         */
-        public Builder withIterationCount(int iterationCount)
-        {
-            this.iterationCount = iterationCount;
-
-            return this;
-        }
-
-        /**
-         * Set the PRF to use for key generation. By default this is HmacSHA1.
-         *
-         * @param prf algorithm id for PRF.
-         * @return the current builder.
-         */
-        public Builder withPRF(AlgorithmIdentifier prf)
-        {
-            this.prf = prf;
-
-            return this;
-        }
-
-        /**
-         * Set the length of the salt to use.
-         *
-         * @param saltLength the length of the salt (in octets) to use.
-         * @return the current builder.
-         */
-        public Builder withSaltLength(int saltLength)
-        {
-            this.saltLength = saltLength;
-
-            return this;
-        }
-
-        public PBKDF2Config build()
-        {
-            return new PBKDF2Config(this);
-        }
-    }
-
-    private final int iterationCount;
-    private final int saltLength;
-    private final AlgorithmIdentifier prf;
-
-    private PBKDF2Config(Builder builder)
-    {
-        super(PKCSObjectIdentifiers.id_PBKDF2);
-
-        this.iterationCount = builder.iterationCount;
-        this.prf = builder.prf;
-
-        if (builder.saltLength < 0)
-        {
-            this.saltLength = getSaltSize(prf.getAlgorithm());
-        }
-        else
-        {
-            this.saltLength = builder.saltLength;
-        }
-    }
-
-    public int getIterationCount()
-    {
-        return iterationCount;
-    }
-
-    public AlgorithmIdentifier getPRF()
-    {
-        return prf;
-    }
-
-    public int getSaltLength()
-    {
-        return saltLength;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/util/PBKDFConfig.java b/bcprov/src/main/java/org/bouncycastle/crypto/util/PBKDFConfig.java
deleted file mode 100644
index 33582df..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/util/PBKDFConfig.java
+++ /dev/null

@@ -1,21 +0,0 @@
-package org.bouncycastle.crypto.util;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-
-/**
- * Base class for PBKDF configs.
- */
-public abstract class PBKDFConfig
-{
-    private final ASN1ObjectIdentifier algorithm;
-
-    protected PBKDFConfig(ASN1ObjectIdentifier algorithm)
-    {
-        this.algorithm = algorithm;
-    }
-
-    public ASN1ObjectIdentifier getAlgorithm()
-    {
-        return algorithm;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/util/PrivateKeyFactory.java b/bcprov/src/main/java/org/bouncycastle/crypto/util/PrivateKeyFactory.java
index 22d5ad4..58c7871 100644
--- a/bcprov/src/main/java/org/bouncycastle/crypto/util/PrivateKeyFactory.java
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/util/PrivateKeyFactory.java

@@ -11,17 +11,18 @@
 import org.bouncycastle.asn1.ASN1OctetString;
 import org.bouncycastle.asn1.ASN1Primitive;
 import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
-import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
-import org.bouncycastle.asn1.edec.EdECObjectIdentifiers;
-import org.bouncycastle.asn1.oiw.ElGamalParameter;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.oiw.ElGamalParameter;
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
+// import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
+// import org.bouncycastle.asn1.edec.EdECObjectIdentifiers;
 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.DHParameter;
 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
 import org.bouncycastle.asn1.pkcs.RSAPrivateKey;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
+// import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
 import org.bouncycastle.asn1.sec.ECPrivateKey;
 import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
 import org.bouncycastle.asn1.x509.DSAParameter;
@@ -37,16 +38,19 @@
 import org.bouncycastle.crypto.params.DSAParameters;
 import org.bouncycastle.crypto.params.DSAPrivateKeyParameters;
 import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECGOST3410Parameters;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.params.ECGOST3410Parameters;
 import org.bouncycastle.crypto.params.ECNamedDomainParameters;
 import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.Ed25519PrivateKeyParameters;
-import org.bouncycastle.crypto.params.Ed448PrivateKeyParameters;
-import org.bouncycastle.crypto.params.ElGamalParameters;
-import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.params.ElGamalParameters;
+// import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters;
+// import org.bouncycastle.crypto.params.Ed25519PrivateKeyParameters;
+// import org.bouncycastle.crypto.params.Ed448PrivateKeyParameters;
 import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
-import org.bouncycastle.crypto.params.X25519PrivateKeyParameters;
-import org.bouncycastle.crypto.params.X448PrivateKeyParameters;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.params.X25519PrivateKeyParameters;
+// import org.bouncycastle.crypto.params.X448PrivateKeyParameters;
 
 /**
  * Factory for creating private key objects from PKCS8 PrivateKeyInfo objects.
@@ -117,6 +121,8 @@
 
             return new DHPrivateKeyParameters(derX.getValue(), dhParams);
         }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         else if (algOID.equals(OIWObjectIdentifiers.elGamalAlgorithm))
         {
             ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters());
@@ -125,6 +131,8 @@
             return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters(
                 params.getP(), params.getG()));
         }
+        */
+        // END Android-removed: Unsupported algorithms
         else if (algOID.equals(X9ObjectIdentifiers.id_dsa))
         {
             ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey();
@@ -170,6 +178,8 @@
 
             return new ECPrivateKeyParameters(d, dParams);
         }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         else if (algOID.equals(EdECObjectIdentifiers.id_X25519))
         {
             return new X25519PrivateKeyParameters(getRawKey(keyInfo, X25519PrivateKeyParameters.KEY_SIZE), 0);
@@ -297,6 +307,8 @@
                     gostParams.getEncryptionParamSet()));
 
         }
+        */
+        // END Android-removed: Unsupported algorithms
         else
         {
             throw new RuntimeException("algorithm identifier in private key not recognised");

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/util/PrivateKeyInfoFactory.java b/bcprov/src/main/java/org/bouncycastle/crypto/util/PrivateKeyInfoFactory.java
deleted file mode 100644
index 76a6413..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/util/PrivateKeyInfoFactory.java
+++ /dev/null

@@ -1,220 +0,0 @@
-package org.bouncycastle.crypto.util;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.util.HashSet;
-import java.util.Set;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
-import org.bouncycastle.asn1.edec.EdECObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.pkcs.RSAPrivateKey;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.asn1.sec.ECPrivateKey;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.DSAParameter;
-import org.bouncycastle.asn1.x9.X962Parameters;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.DSAParameters;
-import org.bouncycastle.crypto.params.DSAPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECGOST3410Parameters;
-import org.bouncycastle.crypto.params.ECNamedDomainParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.Ed25519PrivateKeyParameters;
-import org.bouncycastle.crypto.params.Ed448PrivateKeyParameters;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
-import org.bouncycastle.crypto.params.X25519PrivateKeyParameters;
-import org.bouncycastle.crypto.params.X448PrivateKeyParameters;
-
-/**
- * Factory to create ASN.1 private key info objects from lightweight private keys.
- */
-public class PrivateKeyInfoFactory
-{
-    private static Set cryptoProOids = new HashSet(5);
-
-    static
-    {
-        cryptoProOids.add(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_A);
-        cryptoProOids.add(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_B);
-        cryptoProOids.add(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_C);
-        cryptoProOids.add(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_XchA);
-        cryptoProOids.add(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_XchB);
-    }
-
-    private PrivateKeyInfoFactory()
-    {
-
-    }
-
-    /**
-     * Create a PrivateKeyInfo representation of a private key.
-     *
-     * @param privateKey the key to be encoded into the info object.
-     * @return the appropriate PrivateKeyInfo
-     * @throws java.io.IOException on an error encoding the key
-     */
-    public static PrivateKeyInfo createPrivateKeyInfo(AsymmetricKeyParameter privateKey)
-        throws IOException
-    {
-        return createPrivateKeyInfo(privateKey, null);
-    }
-
-    /**
-     * Create a PrivateKeyInfo representation of a private key with attributes.
-     *
-     * @param privateKey the key to be encoded into the info object.
-     * @param attributes the set of attributes to be included.
-     * @return the appropriate PrivateKeyInfo
-     * @throws java.io.IOException on an error encoding the key
-     */
-    public static PrivateKeyInfo createPrivateKeyInfo(AsymmetricKeyParameter privateKey, ASN1Set attributes)
-        throws IOException
-    {
-        if (privateKey instanceof RSAKeyParameters)
-        {
-            RSAPrivateCrtKeyParameters priv = (RSAPrivateCrtKeyParameters)privateKey;
-
-            return new PrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE),
-                new RSAPrivateKey(priv.getModulus(), priv.getPublicExponent(), priv.getExponent(), priv.getP(), priv.getQ(), priv.getDP(), priv.getDQ(), priv.getQInv()),
-                attributes);
-        }
-        else if (privateKey instanceof DSAPrivateKeyParameters)
-        {
-            DSAPrivateKeyParameters priv = (DSAPrivateKeyParameters)privateKey;
-            DSAParameters params = priv.getParameters();
-
-            return new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa,
-                new DSAParameter(params.getP(), params.getQ(), params.getG())), new ASN1Integer(priv.getX()),
-                attributes);
-        }
-        else if (privateKey instanceof ECPrivateKeyParameters)
-        {
-            ECPrivateKeyParameters priv = (ECPrivateKeyParameters)privateKey;
-            ECDomainParameters domainParams = priv.getParameters();
-            ASN1Encodable params;
-            int orderBitLength;
-
-            if (domainParams == null)
-            {
-                params = new X962Parameters(DERNull.INSTANCE);      // Implicitly CA
-                orderBitLength = priv.getD().bitLength();   // TODO: this is as good as currently available, must be a better way...
-            }
-            else if (domainParams instanceof ECGOST3410Parameters)
-            {
-                GOST3410PublicKeyAlgParameters gostParams = new GOST3410PublicKeyAlgParameters(
-                    ((ECGOST3410Parameters)domainParams).getPublicKeyParamSet(),
-                    ((ECGOST3410Parameters)domainParams).getDigestParamSet(),
-                    ((ECGOST3410Parameters)domainParams).getEncryptionParamSet());
-
-
-                int size;
-                ASN1ObjectIdentifier identifier;
-
-                if (cryptoProOids.contains(gostParams.getPublicKeyParamSet()))
-                {
-                    size = 32;
-                    identifier = CryptoProObjectIdentifiers.gostR3410_2001;
-                }
-                else
-                {
-
-                    boolean is512 = priv.getD().bitLength() > 256;
-                    identifier = (is512) ?
-                        RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512 :
-                        RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256;
-                    size = (is512) ? 64 : 32;
-                }
-                byte[] encKey = new byte[size];
-
-                extractBytes(encKey, size, 0, priv.getD());
-
-                return new PrivateKeyInfo(new AlgorithmIdentifier(identifier, gostParams), new DEROctetString(encKey));
-            }
-            else if (domainParams instanceof ECNamedDomainParameters)
-            {
-                params = new X962Parameters(((ECNamedDomainParameters)domainParams).getName());
-                orderBitLength = domainParams.getN().bitLength();
-            }
-            else
-            {
-                X9ECParameters ecP = new X9ECParameters(
-                    domainParams.getCurve(),
-                    domainParams.getG(),
-                    domainParams.getN(),
-                    domainParams.getH(),
-                    domainParams.getSeed());
-
-                params = new X962Parameters(ecP);
-                orderBitLength = domainParams.getN().bitLength();
-            }
-
-            return new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params),
-                new ECPrivateKey(orderBitLength, priv.getD(),
-                    new DERBitString(domainParams.getG().multiply(priv.getD()).getEncoded(false)), params),
-                attributes);
-        }
-        else if (privateKey instanceof X448PrivateKeyParameters)
-        {
-            X448PrivateKeyParameters key = (X448PrivateKeyParameters)privateKey;
-
-            return new PrivateKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_X448),
-                new DEROctetString(key.getEncoded()), attributes, key.generatePublicKey().getEncoded());
-        }
-        else if (privateKey instanceof X25519PrivateKeyParameters)
-        {
-            X25519PrivateKeyParameters key = (X25519PrivateKeyParameters)privateKey;
-
-            return new PrivateKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_X25519),
-                new DEROctetString(key.getEncoded()), attributes, key.generatePublicKey().getEncoded());
-        }
-        else if (privateKey instanceof Ed448PrivateKeyParameters)
-        {
-            Ed448PrivateKeyParameters key = (Ed448PrivateKeyParameters)privateKey;
-
-            return new PrivateKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_Ed448),
-                new DEROctetString(key.getEncoded()), attributes, key.generatePublicKey().getEncoded());
-        }
-        else if (privateKey instanceof Ed25519PrivateKeyParameters)
-        {
-            Ed25519PrivateKeyParameters key = (Ed25519PrivateKeyParameters)privateKey;
-
-            return new PrivateKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_Ed25519),
-                new DEROctetString(key.getEncoded()), attributes, key.generatePublicKey().getEncoded());
-        }
-        else
-        {
-            throw new IOException("key parameters not recognized");
-        }
-    }
-
-
-    private static void extractBytes(byte[] encKey, int size, int offSet, BigInteger bI)
-    {
-        byte[] val = bI.toByteArray();
-        if (val.length < size)
-        {
-            byte[] tmp = new byte[size];
-            System.arraycopy(val, 0, tmp, tmp.length - val.length, val.length);
-            val = tmp;
-        }
-
-        for (int i = 0; i != size; i++)
-        {
-            encKey[offSet + i] = val[val.length - 1 - i];
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/util/PublicKeyFactory.java b/bcprov/src/main/java/org/bouncycastle/crypto/util/PublicKeyFactory.java
index b2ab535..b64c6a2 100644
--- a/bcprov/src/main/java/org/bouncycastle/crypto/util/PublicKeyFactory.java
+++ b/bcprov/src/main/java/org/bouncycastle/crypto/util/PublicKeyFactory.java

@@ -14,22 +14,23 @@
 import org.bouncycastle.asn1.ASN1Primitive;
 import org.bouncycastle.asn1.DERBitString;
 import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
-import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
-import org.bouncycastle.asn1.edec.EdECObjectIdentifiers;
-import org.bouncycastle.asn1.oiw.ElGamalParameter;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
+// import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
+// import org.bouncycastle.asn1.edec.EdECObjectIdentifiers;
+// import org.bouncycastle.asn1.oiw.ElGamalParameter;
 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.DHParameter;
 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.RSAPublicKey;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.asn1.ua.DSTU4145BinaryField;
-import org.bouncycastle.asn1.ua.DSTU4145ECBinary;
-import org.bouncycastle.asn1.ua.DSTU4145NamedCurves;
-import org.bouncycastle.asn1.ua.DSTU4145Params;
-import org.bouncycastle.asn1.ua.DSTU4145PointEncoder;
-import org.bouncycastle.asn1.ua.UAObjectIdentifiers;
+// import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
+// import org.bouncycastle.asn1.ua.DSTU4145BinaryField;
+// import org.bouncycastle.asn1.ua.DSTU4145ECBinary;
+// import org.bouncycastle.asn1.ua.DSTU4145NamedCurves;
+// import org.bouncycastle.asn1.ua.DSTU4145Params;
+// import org.bouncycastle.asn1.ua.DSTU4145PointEncoder;
+// import org.bouncycastle.asn1.ua.UAObjectIdentifiers;
 import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
 import org.bouncycastle.asn1.x509.DSAParameter;
 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
@@ -51,16 +52,18 @@
 import org.bouncycastle.crypto.params.DSAParameters;
 import org.bouncycastle.crypto.params.DSAPublicKeyParameters;
 import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECGOST3410Parameters;
+// import org.bouncycastle.crypto.params.ECGOST3410Parameters;
 import org.bouncycastle.crypto.params.ECNamedDomainParameters;
 import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.Ed25519PublicKeyParameters;
-import org.bouncycastle.crypto.params.Ed448PublicKeyParameters;
-import org.bouncycastle.crypto.params.ElGamalParameters;
-import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.params.Ed25519PublicKeyParameters;
+// import org.bouncycastle.crypto.params.Ed448PublicKeyParameters;
+// import org.bouncycastle.crypto.params.ElGamalParameters;
+// import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters;
 import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.crypto.params.X25519PublicKeyParameters;
-import org.bouncycastle.crypto.params.X448PublicKeyParameters;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.params.X25519PublicKeyParameters;
+// import org.bouncycastle.crypto.params.X448PublicKeyParameters;
 import org.bouncycastle.math.ec.ECCurve;
 
 /**
@@ -80,8 +83,11 @@
         converters.put(PKCSObjectIdentifiers.dhKeyAgreement, new DHAgreementConverter());
         converters.put(X9ObjectIdentifiers.id_dsa, new DSAConverter());
         converters.put(OIWObjectIdentifiers.dsaWithSHA1, new DSAConverter());
-        converters.put(OIWObjectIdentifiers.elGamalAlgorithm, new ElGamalConverter());
+        // Android-removed: Unsupported algorithm
+        // converters.put(OIWObjectIdentifiers.elGamalAlgorithm, new ElGamalConverter());
         converters.put(X9ObjectIdentifiers.id_ecPublicKey, new ECConverter());
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         converters.put(CryptoProObjectIdentifiers.gostR3410_2001, new GOST3410_2001Converter());
         converters.put(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256, new GOST3410_2012Converter());
         converters.put(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512, new GOST3410_2012Converter());
@@ -91,6 +97,8 @@
         converters.put(EdECObjectIdentifiers.id_X448, new X448Converter());
         converters.put(EdECObjectIdentifiers.id_Ed25519, new Ed25519Converter());
         converters.put(EdECObjectIdentifiers.id_Ed448, new Ed448Converter());
+        */
+        // END Android-removed: Unsupported algorithms
     }
 
     /**
@@ -229,6 +237,8 @@
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithm
+    /*
     private static class ElGamalConverter
         extends SubjectPublicKeyInfoConverter
     {
@@ -242,6 +252,8 @@
                 params.getP(), params.getG()));
         }
     }
+    */
+    // END Android-removed: Unsupported algorithm
 
     private static class DSAConverter
         extends SubjectPublicKeyInfoConverter
@@ -325,6 +337,8 @@
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     private static class GOST3410_2001Converter
         extends SubjectPublicKeyInfoConverter
     {
@@ -520,6 +534,8 @@
             return new Ed448PublicKeyParameters(getRawKey(keyInfo, defaultParams, Ed448PublicKeyParameters.KEY_SIZE), 0);
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     private static byte[] getRawKey(SubjectPublicKeyInfo keyInfo, Object defaultParams, int expectedSize)
     {

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/util/SSHBuffer.java b/bcprov/src/main/java/org/bouncycastle/crypto/util/SSHBuffer.java
deleted file mode 100644
index f177d22..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/util/SSHBuffer.java
+++ /dev/null

@@ -1,105 +0,0 @@
-package org.bouncycastle.crypto.util;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * A Buffer for dealing with SSH key products.
- */
-class SSHBuffer
-{
-    private final byte[] buffer;
-    private int pos = 0;
-
-    public SSHBuffer(byte[] magic, byte[] buffer)
-    {
-        this.buffer = buffer;
-        for (int i = 0; i != magic.length; i++)
-        {
-            if (magic[i] != buffer[i])
-            {
-                throw new IllegalArgumentException("magic-number incorrect");
-            }
-        }
-
-        pos += magic.length;
-    }
-
-    public SSHBuffer(byte[] buffer)
-    {
-        this.buffer = buffer;
-    }
-
-    public int readU32()
-    {
-        if (pos + 4 > buffer.length)
-        {
-            throw new IllegalArgumentException("4 bytes for U32 exceeds buffer.");
-        }
-
-        int i = (buffer[pos++] & 0xFF) << 24;
-        i |= (buffer[pos++] & 0xFF) << 16;
-        i |= (buffer[pos++] & 0xFF) << 8;
-        i |= (buffer[pos++] & 0xFF);
-
-        return i;
-    }
-
-    public byte[] readString()
-    {
-        int len = readU32();
-        if (len == 0)
-        {
-            return new byte[0];
-        }
-
-        if (pos + len > buffer.length)
-        {
-            throw new IllegalArgumentException("not enough data for string");
-        }
-
-        return Arrays.copyOfRange(buffer, pos, pos += len);
-    }
-
-    public byte[] readPaddedString()
-    {
-        int len = readU32();
-        if (len == 0)
-        {
-            return new byte[0];
-        }
-
-        if (pos + len > buffer.length)
-        {
-            throw new IllegalArgumentException("not enough data for string");
-        }
-
-        return Arrays.copyOfRange(buffer, pos, pos += (len - (buffer[pos + len - 1] & 0xff)));
-    }
-
-
-    public BigInteger positiveBigNum()
-    {
-        int len = readU32();
-        if (pos + len > buffer.length)
-        {
-            throw new IllegalArgumentException("not enough data for big num");
-        }
-
-        byte[] d = new byte[len];
-        System.arraycopy(buffer, pos, d, 0, d.length);
-        pos += len;
-        return new BigInteger(1, d);
-    }
-
-    public byte[] getBuffer()
-    {
-        return Arrays.clone(buffer);
-    }
-
-    public boolean hasRemaining()
-    {
-        return pos < buffer.length;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/util/SSHBuilder.java b/bcprov/src/main/java/org/bouncycastle/crypto/util/SSHBuilder.java
deleted file mode 100644
index 28f9a32..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/util/SSHBuilder.java
+++ /dev/null

@@ -1,55 +0,0 @@
-package org.bouncycastle.crypto.util;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-
-import org.bouncycastle.util.Strings;
-
-class SSHBuilder
-{
-    private final ByteArrayOutputStream bos = new ByteArrayOutputStream();
-
-    public void u32(long value)
-    {
-        bos.write((int)((value >>> 24) & 0xFF));
-        bos.write((int)((value >>> 16) & 0xFF));
-        bos.write((int)((value >>> 8) & 0xFF));
-        bos.write((int)(value & 0xFF));
-    }
-
-    public void rawArray(byte[] value)
-    {
-        u32(value.length);
-        try
-        {
-            bos.write(value);
-        }
-        catch (IOException e)
-        {
-            throw new IllegalStateException(e.getMessage(), e);
-        }
-    }
-
-    public void write(byte[] value)
-    {
-        try
-        {
-            bos.write(value);
-        }
-        catch (IOException e)
-        {
-            throw new IllegalStateException(e.getMessage(), e);
-        }
-    }
-
-    public void writeString(String str)
-    {
-        rawArray(Strings.toByteArray(str));
-    }
-
-    public byte[] getBytes()
-    {
-        return bos.toByteArray();
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/util/ScryptConfig.java b/bcprov/src/main/java/org/bouncycastle/crypto/util/ScryptConfig.java
deleted file mode 100644
index bb02683..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/util/ScryptConfig.java
+++ /dev/null

@@ -1,97 +0,0 @@
-package org.bouncycastle.crypto.util;
-
-import org.bouncycastle.asn1.misc.MiscObjectIdentifiers;
-
-/**
- * Configuration class for a PBKDF based around scrypt.
- */
-public class ScryptConfig
-    extends PBKDFConfig
-{
-    public static class Builder
-    {
-        private final int costParameter;
-        private final int blockSize;
-        private final int parallelizationParameter;
-
-        private int saltLength = 16;
-
-        /**
-         * Base constructor.
-         *
-         * @param costParameter cost parameter (must be a power of 2)
-         * @param blockSize block size
-         * @param parallelizationParameter parallelization parameter
-         */
-        public Builder(int costParameter, int blockSize, int parallelizationParameter)
-        {
-            if (costParameter <= 1 || !isPowerOf2(costParameter))
-            {
-                throw new IllegalArgumentException("Cost parameter N must be > 1 and a power of 2");
-            }
-
-            this.costParameter = costParameter;
-            this.blockSize = blockSize;
-            this.parallelizationParameter = parallelizationParameter;
-        }
-
-        /**
-         * Set the length of the salt to use.
-         *
-         * @param saltLength the length of the salt (in octets) to use.
-         * @return the current builder.
-         */
-        public Builder withSaltLength(int saltLength)
-        {
-            this.saltLength = saltLength;
-
-            return this;
-        }
-
-        public ScryptConfig build()
-        {
-            return new ScryptConfig(this);
-        }
-
-        // note: we know X is non-zero
-        private static boolean isPowerOf2(int x)
-        {
-            return ((x & (x - 1)) == 0);
-        }
-    }
-
-    private final int costParameter;
-    private final int blockSize;
-    private final int parallelizationParameter;
-    private final int saltLength;
-
-    private ScryptConfig(Builder builder)
-    {
-        super(MiscObjectIdentifiers.id_scrypt);
-
-        this.costParameter = builder.costParameter;
-        this.blockSize = builder.blockSize;
-        this.parallelizationParameter = builder.parallelizationParameter;
-        this.saltLength = builder.saltLength;
-    }
-
-    public int getCostParameter()
-    {
-        return costParameter;
-    }
-
-    public int getBlockSize()
-    {
-        return blockSize;
-    }
-
-    public int getParallelizationParameter()
-    {
-        return parallelizationParameter;
-    }
-
-    public int getSaltLength()
-    {
-        return saltLength;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/util/SubjectPublicKeyInfoFactory.java b/bcprov/src/main/java/org/bouncycastle/crypto/util/SubjectPublicKeyInfoFactory.java
deleted file mode 100644
index ffe1efa..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/util/SubjectPublicKeyInfoFactory.java
+++ /dev/null

@@ -1,217 +0,0 @@
-package org.bouncycastle.crypto.util;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.util.HashSet;
-import java.util.Set;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
-import org.bouncycastle.asn1.edec.EdECObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.RSAPublicKey;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.DSAParameter;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x9.X962Parameters;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.asn1.x9.X9ECPoint;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.DSAParameters;
-import org.bouncycastle.crypto.params.DSAPublicKeyParameters;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECGOST3410Parameters;
-import org.bouncycastle.crypto.params.ECNamedDomainParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.Ed25519PublicKeyParameters;
-import org.bouncycastle.crypto.params.Ed448PublicKeyParameters;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.crypto.params.X25519PublicKeyParameters;
-import org.bouncycastle.crypto.params.X448PublicKeyParameters;
-
-/**
- * Factory to create ASN.1 subject public key info objects from lightweight public keys.
- */
-public class SubjectPublicKeyInfoFactory
-{
-    private static Set cryptoProOids = new HashSet(5);
-
-    static
-    {
-        cryptoProOids.add(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_A);
-        cryptoProOids.add(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_B);
-        cryptoProOids.add(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_C);
-        cryptoProOids.add(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_XchA);
-        cryptoProOids.add(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_XchB);
-    }
-
-    private SubjectPublicKeyInfoFactory()
-    {
-
-    }
-
-    /**
-     * Create a SubjectPublicKeyInfo public key.
-     *
-     * @param publicKey the key to be encoded into the info object.
-     * @return a SubjectPublicKeyInfo representing the key.
-     * @throws java.io.IOException on an error encoding the key
-     */
-    public static SubjectPublicKeyInfo createSubjectPublicKeyInfo(AsymmetricKeyParameter publicKey)
-        throws IOException
-    {
-        if (publicKey instanceof RSAKeyParameters)
-        {
-            RSAKeyParameters pub = (RSAKeyParameters)publicKey;
-
-            return new SubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new RSAPublicKey(pub.getModulus(), pub.getExponent()));
-        }
-        else if (publicKey instanceof DSAPublicKeyParameters)
-        {
-            DSAPublicKeyParameters pub = (DSAPublicKeyParameters)publicKey;
-
-            DSAParameter params = null;
-            DSAParameters dsaParams = pub.getParameters();
-            if (dsaParams != null)
-            {
-                params = new DSAParameter(dsaParams.getP(), dsaParams.getQ(), dsaParams.getG());
-            }
-
-            return new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa, params), new ASN1Integer(pub.getY()));
-        }
-        else if (publicKey instanceof ECPublicKeyParameters)
-        {
-            ECPublicKeyParameters pub = (ECPublicKeyParameters)publicKey;
-            ECDomainParameters domainParams = pub.getParameters();
-            ASN1Encodable params;
-
-            if (domainParams == null)
-            {
-                params = new X962Parameters(DERNull.INSTANCE);      // Implicitly CA
-            }
-            else if (domainParams instanceof ECGOST3410Parameters)
-            {
-                ECGOST3410Parameters gostParams = (ECGOST3410Parameters)domainParams;
-
-                BigInteger bX = pub.getQ().getAffineXCoord().toBigInteger();
-                BigInteger bY = pub.getQ().getAffineYCoord().toBigInteger();
-
-                params = new GOST3410PublicKeyAlgParameters(gostParams.getPublicKeyParamSet(), gostParams.getDigestParamSet());
-
-                int encKeySize;
-                int offset;
-                ASN1ObjectIdentifier algIdentifier;
-
-
-                if (cryptoProOids.contains(gostParams.getPublicKeyParamSet()))
-                {
-                    encKeySize = 64;
-                    offset = 32;
-                    algIdentifier = CryptoProObjectIdentifiers.gostR3410_2001;
-                }
-                else
-                {
-                    boolean is512 = (bX.bitLength() > 256);
-                    if (is512)
-                    {
-                        encKeySize = 128;
-                        offset = 64;
-                        algIdentifier = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512;
-                    }
-                    else
-                    {
-                        encKeySize = 64;
-                        offset = 32;
-                        algIdentifier = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256;
-                    }
-                }
-
-                byte[] encKey = new byte[encKeySize];
-
-
-                extractBytes(encKey, encKeySize / 2, 0, bX);
-                extractBytes(encKey, encKeySize / 2, offset, bY);
-
-                try
-                {
-                    return new SubjectPublicKeyInfo(new AlgorithmIdentifier(algIdentifier, params), new DEROctetString(encKey));
-                }
-                catch (IOException e)
-                {
-                    return null;
-                }
-            }
-            else if (domainParams instanceof ECNamedDomainParameters)
-            {
-                params = new X962Parameters(((ECNamedDomainParameters)domainParams).getName());
-            }
-            else
-            {
-                X9ECParameters ecP = new X9ECParameters(
-                    domainParams.getCurve(),
-                    domainParams.getG(),
-                    domainParams.getN(),
-                    domainParams.getH(),
-                    domainParams.getSeed());
-
-                params = new X962Parameters(ecP);
-            }
-
-            ASN1OctetString p = (ASN1OctetString)new X9ECPoint(pub.getQ()).toASN1Primitive();
-
-            return new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params), p.getOctets());
-        }
-        else if (publicKey instanceof X448PublicKeyParameters)
-        {
-            X448PublicKeyParameters key = (X448PublicKeyParameters)publicKey;
-
-            return new SubjectPublicKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_X448), key.getEncoded());
-        }
-        else if (publicKey instanceof X25519PublicKeyParameters)
-        {
-            X25519PublicKeyParameters key = (X25519PublicKeyParameters)publicKey;
-
-            return new SubjectPublicKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_X25519), key.getEncoded());
-        }
-        else if (publicKey instanceof Ed448PublicKeyParameters)
-        {
-            Ed448PublicKeyParameters key = (Ed448PublicKeyParameters)publicKey;
-
-            return new SubjectPublicKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_Ed448), key.getEncoded());
-        }
-        else if (publicKey instanceof Ed25519PublicKeyParameters)
-        {
-            Ed25519PublicKeyParameters key = (Ed25519PublicKeyParameters)publicKey;
-
-            return new SubjectPublicKeyInfo(new AlgorithmIdentifier(EdECObjectIdentifiers.id_Ed25519), key.getEncoded());
-        }
-        else
-        {
-            throw new IOException("key parameters not recognized");
-        }
-    }
-
-    private static void extractBytes(byte[] encKey, int size, int offSet, BigInteger bI)
-    {
-        byte[] val = bI.toByteArray();
-        if (val.length < size)
-        {
-            byte[] tmp = new byte[size];
-            System.arraycopy(val, 0, tmp, tmp.length - val.length, val.length);
-            val = tmp;
-        }
-
-        for (int i = 0; i != size; i++)
-        {
-            encKey[offSet + i] = val[val.length - 1 - i];
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/crypto/util/package.html b/bcprov/src/main/java/org/bouncycastle/crypto/util/package.html
deleted file mode 100644
index 787b892..0000000
--- a/bcprov/src/main/java/org/bouncycastle/crypto/util/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Some general utility/conversion classes.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/i18n/ErrorBundle.java b/bcprov/src/main/java/org/bouncycastle/i18n/ErrorBundle.java
deleted file mode 100644
index 415b5e5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/i18n/ErrorBundle.java
+++ /dev/null

@@ -1,120 +0,0 @@
-package org.bouncycastle.i18n;
-
-import java.io.UnsupportedEncodingException;
-import java.util.Locale;
-import java.util.TimeZone;
-
-public class ErrorBundle extends MessageBundle 
-{
-
-    /**
-     * summary entry key
-     */
-    public static final String SUMMARY_ENTRY = "summary";
-    
-    /**
-     * detail entry key
-     */
-    public static final String DETAIL_ENTRY = "details";
-    
-    /**
-     * Constructs a new ErrorBundle using <code>resource</code> as the base name for the 
-     * RessourceBundle and <code>id</code> as the message bundle id the resource file. 
-     * @param resource base name of the resource file 
-     * @param id the id of the corresponding bundle in the resource file
-     * @throws NullPointerException if <code>resource</code> or <code>id</code> is <code>null</code>
-     */
-    public ErrorBundle(String resource, String id) throws NullPointerException
-    {
-        super(resource, id);
-    }
-    
-    /**
-     * Constructs a new ErrorBundle using <code>resource</code> as the base name for the 
-     * RessourceBundle and <code>id</code> as the message bundle id the resource file. 
-     * @param resource base name of the resource file 
-     * @param id the id of the corresponding bundle in the resource file
-     * @param encoding the encoding of the resource file
-     * @throws NullPointerException if <code>resource</code> or <code>id</code> is <code>null</code>
-     * @throws UnsupportedEncodingException if the encoding is not supported
-     */
-    public ErrorBundle(String resource, String id, String encoding) throws NullPointerException, UnsupportedEncodingException
-    {
-        super(resource, id, encoding);
-    }
-
-    /**
-     * Constructs a new ErrorBundle using <code>resource</code> as the base name for the 
-     * RessourceBundle and <code>id</code> as the message bundle id the resource file. 
-     * @param resource base name of the resource file 
-     * @param id the id of the corresponding bundle in the resource file
-     * @param arguments an array containing the arguments for the message
-     * @throws NullPointerException if <code>resource</code> or <code>id</code> is <code>null</code>
-     */
-    public ErrorBundle(String resource, String id, Object[] arguments) throws NullPointerException
-    {
-        super(resource, id, arguments);
-    }
-    
-    /**
-     * Constructs a new ErrorBundle using <code>resource</code> as the base name for the 
-     * RessourceBundle and <code>id</code> as the message bundle id the resource file. 
-     * @param resource base name of the resource file 
-     * @param id the id of the corresponding bundle in the resource file
-     * @param encoding the encoding of the resource file
-     * @param arguments an array containing the arguments for the message
-     * @throws NullPointerException if <code>resource</code> or <code>id</code> is <code>null</code>
-     * @throws UnsupportedEncodingException if the encoding is not supported
-     */
-    public ErrorBundle(String resource, String id, String encoding, Object[] arguments) throws NullPointerException, UnsupportedEncodingException
-    {
-        super(resource, id, encoding, arguments);
-    }
-    
-    /**
-     * Returns the summary message in the given locale and timezone.
-     * @param loc the {@link Locale}
-     * @param timezone the {@link TimeZone}
-     * @return the summary message.
-     * @throws MissingEntryException if the message is not available
-     */
-    public String getSummary(Locale loc, TimeZone timezone) throws MissingEntryException
-    {
-        return getEntry(SUMMARY_ENTRY,loc,timezone);
-    }
-    
-    /**
-     * Returns the summary message in the given locale and the default timezone.
-     * @param loc the {@link Locale}
-     * @return the summary message.
-     * @throws MissingEntryException if the message is not available
-     */
-    public String getSummary(Locale loc) throws MissingEntryException
-    {
-        return getEntry(SUMMARY_ENTRY,loc,TimeZone.getDefault());
-    }
-    
-    /**
-     * Returns the detail message in the given locale and timezone.
-     * @param loc the {@link Locale}
-     * @param timezone the {@link TimeZone}
-     * @return the detail message.
-     * @throws MissingEntryException if the message is not available
-     */
-    public String getDetail(Locale loc, TimeZone timezone) throws MissingEntryException
-    {
-        return getEntry(DETAIL_ENTRY,loc,timezone);
-    }
-    
-    /**
-     * Returns the detail message in the given locale and the default timezone.
-     * @param loc the {@link Locale}
-     * @return the detail message.
-     * @throws MissingEntryException if the message is not available
-     */
-    public String getDetail(Locale loc) throws MissingEntryException
-    {
-        return getEntry(DETAIL_ENTRY,loc,TimeZone.getDefault());
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/i18n/LocaleString.java b/bcprov/src/main/java/org/bouncycastle/i18n/LocaleString.java
deleted file mode 100644
index ab898a9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/i18n/LocaleString.java
+++ /dev/null

@@ -1,30 +0,0 @@
-package org.bouncycastle.i18n;
-
-import java.io.UnsupportedEncodingException;
-import java.util.Locale;
-
-public class LocaleString extends LocalizedMessage
-{
-
-    public LocaleString(String resource, String id)
-    {
-        super(resource, id);
-    }
-    
-    public LocaleString(String resource, String id, String encoding) throws NullPointerException, UnsupportedEncodingException
-    {
-        super(resource, id, encoding);
-    }
-
-    public LocaleString(String resource, String id, String encoding, Object[] arguments)
-        throws NullPointerException, UnsupportedEncodingException
-    {
-        super(resource, id, encoding, arguments);
-    }
-    
-    public String getLocaleString(Locale locale)
-    {
-        return this.getEntry(null, locale, null);
-    }
-    
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/i18n/LocalizedException.java b/bcprov/src/main/java/org/bouncycastle/i18n/LocalizedException.java
deleted file mode 100644
index 373fd6c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/i18n/LocalizedException.java
+++ /dev/null

@@ -1,49 +0,0 @@
-package org.bouncycastle.i18n;
-
-import java.util.Locale;
-
-/**
- * Base class for all Exceptions with localized messages.
- */
-public class LocalizedException extends Exception 
-{
-
-    protected ErrorBundle message;
-    private Throwable cause;
-    
-    /**
-     * Constructs a new LocalizedException with the specified localized message.
-     * @param message the {@link ErrorBundle} that contains the message for the exception
-     */
-    public LocalizedException(ErrorBundle message) 
-    {
-        super(message.getText(Locale.getDefault()));
-        this.message = message;
-    }
-    
-    /**
-     * Constructs a new LocalizedException with the specified localized message and cause.
-     * @param message the {@link ErrorBundle} that contains the message for the exception
-     * @param throwable the cause
-     */
-    public LocalizedException(ErrorBundle message, Throwable throwable) 
-    {
-        super(message.getText(Locale.getDefault()));
-        this.message = message;
-        this.cause = throwable;
-    }
-    
-    /**
-     * Returns the localized error message of the exception.
-     * @return the localized error message as {@link ErrorBundle}
-     */
-    public ErrorBundle getErrorMessage() 
-    {
-        return message;
-    }
-
-    public Throwable getCause()
-    {
-        return cause;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/i18n/LocalizedMessage.java b/bcprov/src/main/java/org/bouncycastle/i18n/LocalizedMessage.java
deleted file mode 100644
index d88c229..0000000
--- a/bcprov/src/main/java/org/bouncycastle/i18n/LocalizedMessage.java
+++ /dev/null

@@ -1,476 +0,0 @@
-package org.bouncycastle.i18n;
-
-import org.bouncycastle.i18n.filter.Filter;
-import org.bouncycastle.i18n.filter.TrustedInput;
-import org.bouncycastle.i18n.filter.UntrustedInput;
-import org.bouncycastle.i18n.filter.UntrustedUrlInput;
-
-import java.io.UnsupportedEncodingException;
-import java.nio.charset.Charset;
-import java.text.DateFormat;
-import java.text.Format;
-import java.text.MessageFormat;
-import java.util.Locale;
-import java.util.MissingResourceException;
-import java.util.ResourceBundle;
-import java.util.TimeZone;
-
-public class LocalizedMessage 
-{
-
-    protected final String id;
-    protected final String resource;
-    
-    // ISO-8859-1 is the default encoding
-    public static final String DEFAULT_ENCODING = "ISO-8859-1";
-    protected String encoding = DEFAULT_ENCODING;
-    
-    protected FilteredArguments arguments;
-    protected FilteredArguments extraArgs = null;
-    
-    protected Filter filter = null;
-    
-    protected ClassLoader loader = null;
-    
-    /**
-     * Constructs a new LocalizedMessage using <code>resource</code> as the base name for the 
-     * RessourceBundle and <code>id</code> as the message bundle id the resource file. 
-     * @param resource base name of the resource file 
-     * @param id the id of the corresponding bundle in the resource file
-     * @throws NullPointerException if <code>resource</code> or <code>id</code> is <code>null</code>
-     */
-    public LocalizedMessage(String resource,String id) throws NullPointerException
-    {
-        if (resource == null || id == null)
-        {
-            throw new NullPointerException();
-        }
-        this.id = id;
-        this.resource = resource;
-        arguments = new FilteredArguments();
-    }
-    
-    /**
-     * Constructs a new LocalizedMessage using <code>resource</code> as the base name for the 
-     * RessourceBundle and <code>id</code> as the message bundle id the resource file. 
-     * @param resource base name of the resource file 
-     * @param id the id of the corresponding bundle in the resource file
-     * @param encoding the encoding of the resource file
-     * @throws NullPointerException if <code>resource</code> or <code>id</code> is <code>null</code>
-     * @throws UnsupportedEncodingException if the encoding is not supported
-     */
-    public LocalizedMessage(String resource,String id, String encoding) throws NullPointerException, UnsupportedEncodingException
-    {
-        if (resource == null || id == null)
-        {
-            throw new NullPointerException();
-        }
-        this.id = id;
-        this.resource = resource;
-        arguments = new FilteredArguments();
-        if (!Charset.isSupported(encoding))
-        {
-            throw new UnsupportedEncodingException("The encoding \"" + encoding + "\" is not supported.");
-        }
-        this.encoding = encoding;
-    }
-    
-    /**
-     * Constructs a new LocalizedMessage using <code>resource</code> as the base name for the 
-     * RessourceBundle and <code>id</code> as the message bundle id the resource file. 
-     * @param resource base name of the resource file 
-     * @param id the id of the corresponding bundle in the resource file
-     * @param arguments an array containing the arguments for the message
-     * @throws NullPointerException if <code>resource</code> or <code>id</code> is <code>null</code>
-     */
-    public LocalizedMessage(String resource, String id, Object[] arguments) throws NullPointerException
-    {
-        if (resource == null || id == null || arguments == null)
-        {
-            throw new NullPointerException();
-        }
-        this.id = id;
-        this.resource = resource;
-        this.arguments = new FilteredArguments(arguments);
-    }
-    
-    /**
-     * Constructs a new LocalizedMessage using <code>resource</code> as the base name for the 
-     * RessourceBundle and <code>id</code> as the message bundle id the resource file. 
-     * @param resource base name of the resource file 
-     * @param id the id of the corresponding bundle in the resource file
-     * @param encoding the encoding of the resource file
-     * @param arguments an array containing the arguments for the message
-     * @throws NullPointerException if <code>resource</code> or <code>id</code> is <code>null</code>
-     * @throws UnsupportedEncodingException if the encoding is not supported
-     */
-    public LocalizedMessage(String resource, String id, String encoding, Object[] arguments) throws NullPointerException, UnsupportedEncodingException
-    {
-        if (resource == null || id == null || arguments == null)
-        {
-            throw new NullPointerException();
-        }
-        this.id = id;
-        this.resource = resource;
-        this.arguments = new FilteredArguments(arguments);
-        if (!Charset.isSupported(encoding))
-        {
-            throw new UnsupportedEncodingException("The encoding \"" + encoding + "\" is not supported.");
-        }
-        this.encoding = encoding;
-    }
-    
-    /**
-     * Reads the entry <code>id + "." + key</code> from the resource file and returns a 
-     * formated message for the given Locale and TimeZone.
-     * @param key second part of the entry id
-     * @param loc the used {@link Locale}
-     * @param timezone the used {@link TimeZone}
-     * @return a Strng containing the localized message
-     * @throws MissingEntryException if the resource file is not available or the entry does not exist.
-     */
-    public String getEntry(String key,Locale loc, TimeZone timezone) throws MissingEntryException
-    {
-        String entry = id;
-        if (key != null)
-        {
-            entry += "." + key;
-        }
-        
-        try
-        {
-            ResourceBundle bundle;
-            if (loader == null)
-            {
-                bundle = ResourceBundle.getBundle(resource,loc);
-            }
-            else
-            {
-                bundle = ResourceBundle.getBundle(resource, loc, loader);
-            }
-            String result = bundle.getString(entry);
-            if (!encoding.equals(DEFAULT_ENCODING))
-            {
-                result = new String(result.getBytes(DEFAULT_ENCODING), encoding);
-            }
-            if (!arguments.isEmpty())
-            {
-                result = formatWithTimeZone(result,arguments.getFilteredArgs(loc),loc,timezone);
-            }
-            result = addExtraArgs(result, loc);
-            return result;
-        }
-        catch (MissingResourceException mre)
-        {
-            throw new MissingEntryException("Can't find entry " + entry + " in resource file " + resource + ".",
-                    resource,
-                    entry,
-                    loc,
-                    loader != null ? loader : this.getClassLoader()); 
-        }
-        catch (UnsupportedEncodingException use)
-        {
-            // should never occur - cause we already test this in the constructor
-            throw new RuntimeException(use);
-        }
-    }
-    
-    protected String formatWithTimeZone(
-            String template,
-            Object[] arguments, 
-            Locale locale,
-            TimeZone timezone) 
-    {
-        MessageFormat mf = new MessageFormat(" ");
-        mf.setLocale(locale);
-        mf.applyPattern(template);
-        if (!timezone.equals(TimeZone.getDefault())) 
-        {
-            Format[] formats = mf.getFormats();
-            for (int i = 0; i < formats.length; i++) 
-            {
-                if (formats[i] instanceof DateFormat) 
-                {
-                    DateFormat temp = (DateFormat) formats[i];
-                    temp.setTimeZone(timezone);
-                    mf.setFormat(i,temp);
-                }
-            }
-        }
-        return mf.format(arguments);
-    }
-    
-    protected String addExtraArgs(String msg, Locale locale)
-    {
-        if (extraArgs != null)
-        {
-            StringBuffer sb = new StringBuffer(msg);
-            Object[] filteredArgs = extraArgs.getFilteredArgs(locale);
-            for (int i = 0; i < filteredArgs.length; i++)
-            {
-                sb.append(filteredArgs[i]);
-            }
-            msg = sb.toString();
-        }
-        return msg;
-    }
-    
-    /**
-     * Sets the {@link Filter} that is used to filter the arguments of this message
-     * @param filter the {@link Filter} to use. <code>null</code> to disable filtering.
-     */
-    public void setFilter(Filter filter)
-    {
-        arguments.setFilter(filter);
-        if (extraArgs != null)
-        {
-            extraArgs.setFilter(filter);
-        }
-        this.filter = filter;
-    }
-    
-    /**
-     * Returns the current filter.
-     * @return the current filter
-     */
-    public Filter getFilter()
-    {
-        return filter;
-    }
-    
-    /**
-     * Set the {@link ClassLoader} which loads the resource files. If it is set to <code>null</code>
-     * then the default {@link ClassLoader} is used. 
-     * @param loader the {@link ClassLoader} which loads the resource files
-     */
-    public void setClassLoader(ClassLoader loader)
-    {
-        this.loader = loader;
-    }
-    
-    /**
-     * Returns the {@link ClassLoader} which loads the resource files or <code>null</code>
-     * if the default ClassLoader is used.
-     * @return the {@link ClassLoader} which loads the resource files
-     */
-    public ClassLoader getClassLoader()
-    {
-        return loader;
-    }
-    
-    /**
-     * Returns the id of the message in the resource bundle.
-     * @return the id of the message
-     */
-    public String getId()
-    {
-        return id;
-    }
-    
-    /**
-     * Returns the name of the resource bundle for this message
-     * @return name of the resource file
-     */
-    public String getResource()
-    {
-        return resource;
-    }
-    
-    /**
-     * Returns an <code>Object[]</code> containing the message arguments.
-     * @return the message arguments
-     */
-    public Object[] getArguments()
-    {
-        return arguments.getArguments();
-    }
-    
-    /**
-     * 
-     * @param extraArg
-     */
-    public void setExtraArgument(Object extraArg)
-    {
-        setExtraArguments(new Object[] {extraArg});
-    }
-    
-    /**
-     * 
-     * @param extraArgs
-     */
-    public void setExtraArguments(Object[] extraArgs)
-    {
-        if (extraArgs != null)
-        {
-            this.extraArgs = new FilteredArguments(extraArgs);
-            this.extraArgs.setFilter(filter);
-        }
-        else
-        {
-            this.extraArgs = null;
-        }
-    }
-    
-    /**
-     * 
-     * @return
-     */
-    public Object[] getExtraArgs()
-    {
-        return (extraArgs == null) ? null : extraArgs.getArguments();
-    }
-    
-    protected class FilteredArguments
-    {
-        protected static final int NO_FILTER = 0;
-        protected static final int FILTER = 1;
-        protected static final int FILTER_URL = 2;
-        
-        protected Filter filter = null;
-        
-        protected boolean[] isLocaleSpecific;
-        protected int[] argFilterType;
-        protected Object[] arguments;
-        protected Object[] unpackedArgs;
-        protected Object[] filteredArgs;
-        
-        FilteredArguments()
-        {
-            this(new Object[0]);
-        }
-        
-        FilteredArguments(Object[] args)
-        {
-            this.arguments = args;
-            this.unpackedArgs = new Object[args.length];
-            this.filteredArgs = new Object[args.length];
-            this.isLocaleSpecific = new boolean[args.length];
-            this.argFilterType = new int[args.length];
-            for (int i = 0; i < args.length; i++)
-            {
-                if (args[i] instanceof TrustedInput)
-                {
-                    this.unpackedArgs[i] = ((TrustedInput) args[i]).getInput();
-                    argFilterType[i] = NO_FILTER;
-                }
-                else if (args[i] instanceof UntrustedInput)
-                {
-                    this.unpackedArgs[i] = ((UntrustedInput) args[i]).getInput();
-                    if (args[i] instanceof UntrustedUrlInput)
-                    {
-                        argFilterType[i] = FILTER_URL;
-                    }
-                    else
-                    {
-                        argFilterType[i] = FILTER;
-                    }
-                }
-                else
-                {
-                    this.unpackedArgs[i] = args[i];
-                    argFilterType[i] = FILTER;
-                }
-                
-                // locale specific
-                this.isLocaleSpecific[i] = (this.unpackedArgs[i] instanceof LocaleString);
-            }
-        }
-        
-        public boolean isEmpty()
-        {
-            return unpackedArgs.length == 0;
-        }
-        
-        public Object[] getArguments()
-        {
-            return arguments;
-        }
-        
-        public Object[] getFilteredArgs(Locale locale)
-        {
-            Object[] result = new Object[unpackedArgs.length];
-            for (int i = 0; i < unpackedArgs.length; i++)
-            {
-                Object arg;
-                if (filteredArgs[i] != null)
-                {
-                    arg = filteredArgs[i];
-                }
-                else
-                {
-                    arg = unpackedArgs[i];
-                    if (isLocaleSpecific[i])
-                    {
-                        // get locale
-                        arg = ((LocaleString) arg).getLocaleString(locale);
-                        arg = filter(argFilterType[i], arg);
-                    }
-                    else
-                    {
-                        arg = filter(argFilterType[i], arg);
-                        filteredArgs[i] = arg;
-                    }
-                }
-                result[i] = arg;
-            }
-            return result;
-        }
-        
-        private Object filter(int type, Object obj)
-        {
-            if (filter != null)
-            {
-                Object o = (null == obj) ? "null" : obj;
-                switch (type)
-                {
-                case NO_FILTER:
-                    return o;
-                case FILTER:
-                    return filter.doFilter(o.toString());
-                case FILTER_URL:
-                    return filter.doFilterUrl(o.toString());
-                default:
-                    return null;
-                }
-            }
-            else
-            {
-                return obj;
-            }
-        }
-
-        public Filter getFilter()
-        {
-            return filter;
-        }
-
-        public void setFilter(Filter filter)
-        {
-            if (filter != this.filter)
-            {
-                for (int i = 0; i < unpackedArgs.length; i++)
-                {
-                    filteredArgs[i] = null;
-                }
-            }
-            this.filter = filter;
-        }
-        
-    }
-    
-    public String toString()
-    {
-        StringBuffer sb = new StringBuffer();
-        sb.append("Resource: \"").append(resource);
-        sb.append("\" Id: \"").append(id).append("\"");
-        sb.append(" Arguments: ").append(arguments.getArguments().length).append(" normal");
-        if (extraArgs != null && extraArgs.getArguments().length > 0)
-        {
-            sb.append(", ").append(extraArgs.getArguments().length).append(" extra");
-        }
-        sb.append(" Encoding: ").append(encoding);
-        sb.append(" ClassLoader: ").append(loader);
-        return sb.toString();
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/i18n/MessageBundle.java b/bcprov/src/main/java/org/bouncycastle/i18n/MessageBundle.java
deleted file mode 100644
index de931fc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/i18n/MessageBundle.java
+++ /dev/null

@@ -1,92 +0,0 @@
-package org.bouncycastle.i18n;
-
-import java.io.UnsupportedEncodingException;
-import java.util.Locale;
-import java.util.TimeZone;
-
-public class MessageBundle extends TextBundle
-{
-
-    /**
-     * title entry key
-     */
-    public static final String TITLE_ENTRY = "title";
-    
-    /**
-     * Constructs a new MessageBundle using <code>resource</code> as the base name for the 
-     * RessourceBundle and <code>id</code> as the message bundle id the resource file. 
-     * @param resource base name of the resource file 
-     * @param id the id of the corresponding bundle in the resource file
-     * @throws NullPointerException if <code>resource</code> or <code>id</code> is <code>null</code>
-     */
-    public MessageBundle(String resource, String id) throws NullPointerException
-    {
-        super(resource, id);
-    }
-    
-    /**
-     * Constructs a new MessageBundle using <code>resource</code> as the base name for the 
-     * RessourceBundle and <code>id</code> as the message bundle id the resource file. 
-     * @param resource base name of the resource file 
-     * @param id the id of the corresponding bundle in the resource file
-     * @param encoding the encoding of the resource file
-     * @throws NullPointerException if <code>resource</code> or <code>id</code> is <code>null</code>
-     * @throws UnsupportedEncodingException if the encoding is not supported
-     */
-    public MessageBundle(String resource, String id, String encoding) throws NullPointerException, UnsupportedEncodingException
-    {
-        super(resource, id, encoding);
-    }
-
-    /**
-     * Constructs a new MessageBundle using <code>resource</code> as the base name for the 
-     * RessourceBundle and <code>id</code> as the message bundle id the resource file. 
-     * @param resource base name of the resource file 
-     * @param id the id of the corresponding bundle in the resource file
-     * @param arguments an array containing the arguments for the message
-     * @throws NullPointerException if <code>resource</code> or <code>id</code> is <code>null</code>
-     */
-    public MessageBundle(String resource, String id, Object[] arguments) throws NullPointerException
-    {
-        super(resource, id, arguments);
-    }
-    
-    /**
-     * Constructs a new MessageBundle using <code>resource</code> as the base name for the 
-     * RessourceBundle and <code>id</code> as the message bundle id the resource file. 
-     * @param resource base name of the resource file 
-     * @param id the id of the corresponding bundle in the resource file
-     * @param encoding the encoding of the resource file
-     * @param arguments an array containing the arguments for the message
-     * @throws NullPointerException if <code>resource</code> or <code>id</code> is <code>null</code>
-     * @throws UnsupportedEncodingException if the encoding is not supported
-     */
-    public MessageBundle(String resource, String id, String encoding, Object[] arguments) throws NullPointerException, UnsupportedEncodingException
-    {
-        super(resource, id, encoding, arguments);
-    }
-    
-    /**
-     * Returns the title message in the given locale and timezone.
-     * @param loc the {@link Locale}
-     * @param timezone the {@link TimeZone}
-     * @return the title message.
-     * @throws MissingEntryException if the message is not available
-     */
-    public String getTitle(Locale loc,TimeZone timezone) throws MissingEntryException
-    {
-        return getEntry(TITLE_ENTRY,loc,timezone);
-    }
-    
-    /**
-     * Returns the title message in the given locale and the default timezone.
-     * @param loc the {@link Locale}
-     * @return the title message.
-     * @throws MissingEntryException if the message is not available
-     */
-    public String getTitle(Locale loc) throws MissingEntryException
-    {
-        return getEntry(TITLE_ENTRY,loc,TimeZone.getDefault());
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/i18n/MissingEntryException.java b/bcprov/src/main/java/org/bouncycastle/i18n/MissingEntryException.java
deleted file mode 100644
index ffd4d54..0000000
--- a/bcprov/src/main/java/org/bouncycastle/i18n/MissingEntryException.java
+++ /dev/null

@@ -1,73 +0,0 @@
-package org.bouncycastle.i18n;
-
-import java.net.URL;
-import java.net.URLClassLoader;
-import java.util.Locale;
-
-public class MissingEntryException extends RuntimeException 
-{
-
-    protected final String resource;
-    protected final String key;
-    protected final ClassLoader loader;
-    protected final Locale locale;
-    
-    private String debugMsg;
-
-    public MissingEntryException(String message, String resource, String key, Locale locale, ClassLoader loader) 
-    {
-        super(message);
-        this.resource = resource;
-        this.key = key;
-        this.locale = locale;
-        this.loader = loader;
-    }
-    
-    public MissingEntryException(String message, Throwable cause, String resource, String key, Locale locale, ClassLoader loader) 
-    {
-        super(message, cause);
-        this.resource = resource;
-        this.key = key;
-        this.locale = locale;
-        this.loader = loader;
-    }
-
-    public String getKey()
-    {
-        return key;
-    }
-
-    public String getResource()
-    {
-        return resource;
-    }
-    
-    public ClassLoader getClassLoader()
-    {
-        return loader;
-    }
-    
-    public Locale getLocale()
-    {
-        return locale;
-    }
-
-    public String getDebugMsg()
-    {
-        if (debugMsg == null)
-        {
-            debugMsg = "Can not find entry " + key + " in resource file " + resource + " for the locale " + locale + ".";
-            if (loader instanceof URLClassLoader)
-            {
-                URL[] urls = ((URLClassLoader) loader).getURLs();
-                debugMsg += " The following entries in the classpath were searched: ";
-                for (int i = 0; i != urls.length; i++)
-                {
-                    debugMsg += urls[i] + " ";
-                }
-            }
-        }
-        return debugMsg;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/i18n/TextBundle.java b/bcprov/src/main/java/org/bouncycastle/i18n/TextBundle.java
deleted file mode 100644
index d77e841..0000000
--- a/bcprov/src/main/java/org/bouncycastle/i18n/TextBundle.java
+++ /dev/null

@@ -1,92 +0,0 @@
-package org.bouncycastle.i18n;
-
-import java.io.UnsupportedEncodingException;
-import java.util.Locale;
-import java.util.TimeZone;
-
-public class TextBundle extends LocalizedMessage 
-{
-
-    /**
-     * text entry key
-     */
-    public static final String TEXT_ENTRY = "text";
-    
-    /**
-     * Constructs a new TextBundle using <code>resource</code> as the base name for the 
-     * RessourceBundle and <code>id</code> as the message bundle id the resource file. 
-     * @param resource base name of the resource file 
-     * @param id the id of the corresponding bundle in the resource file
-     * @throws NullPointerException if <code>resource</code> or <code>id</code> is <code>null</code>
-     */
-    public TextBundle(String resource, String id) throws NullPointerException 
-    {
-        super(resource, id);
-    }
-    
-    /**
-     * Constructs a new TextBundle using <code>resource</code> as the base name for the 
-     * RessourceBundle and <code>id</code> as the message bundle id the resource file. 
-     * @param resource base name of the resource file 
-     * @param id the id of the corresponding bundle in the resource file
-     * @param encoding the encoding of the resource file
-     * @throws NullPointerException if <code>resource</code> or <code>id</code> is <code>null</code>
-     * @throws UnsupportedEncodingException if the encoding is not supported
-     */
-    public TextBundle(String resource, String id, String encoding) throws NullPointerException, UnsupportedEncodingException 
-    {
-        super(resource, id, encoding);
-    }
-
-    /**
-     * Constructs a new TextBundle using <code>resource</code> as the base name for the 
-     * RessourceBundle and <code>id</code> as the message bundle id the resource file. 
-     * @param resource base name of the resource file 
-     * @param id the id of the corresponding bundle in the resource file
-     * @param arguments an array containing the arguments for the message
-     * @throws NullPointerException if <code>resource</code> or <code>id</code> is <code>null</code>
-     */
-    public TextBundle(String resource, String id, Object[] arguments) throws NullPointerException 
-    {
-        super(resource, id, arguments);
-    }
-    
-    /**
-     * Constructs a new TextBundle using <code>resource</code> as the base name for the 
-     * RessourceBundle and <code>id</code> as the message bundle id the resource file. 
-     * @param resource base name of the resource file 
-     * @param id the id of the corresponding bundle in the resource file
-     * @param encoding the encoding of the resource file
-     * @param arguments an array containing the arguments for the message
-     * @throws NullPointerException if <code>resource</code> or <code>id</code> is <code>null</code>
-     * @throws UnsupportedEncodingException if the encoding is not supported
-     */
-    public TextBundle(String resource, String id, String encoding, Object[] arguments) throws NullPointerException, UnsupportedEncodingException 
-    {
-        super(resource, id, encoding, arguments);
-    }
-    
-    /**
-     * Returns the text message in the given locale and timezone.
-     * @param loc the {@link Locale}
-     * @param timezone the {@link TimeZone}
-     * @return the text message.
-     * @throws MissingEntryException if the message is not available
-     */
-    public String getText(Locale loc, TimeZone timezone) throws MissingEntryException
-    {
-        return getEntry(TEXT_ENTRY,loc,timezone);
-    }
-    
-    /**
-     * Returns the text message in the given locale and the defaut timezone.
-     * @param loc the {@link Locale}
-     * @return the text message.
-     * @throws MissingEntryException if the message is not available
-     */
-    public String getText(Locale loc) throws MissingEntryException
-    {
-        return getEntry(TEXT_ENTRY,loc,TimeZone.getDefault());
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/i18n/filter/Filter.java b/bcprov/src/main/java/org/bouncycastle/i18n/filter/Filter.java
deleted file mode 100644
index fc86aaa..0000000
--- a/bcprov/src/main/java/org/bouncycastle/i18n/filter/Filter.java
+++ /dev/null

@@ -1,21 +0,0 @@
-
-package org.bouncycastle.i18n.filter;
-
-public interface Filter
-{
-
-    /**
-     * Runs the filter on the input String and returns the filtered String
-     * @param input input String
-     * @return filtered String
-     */
-    public String doFilter(String input);
-    
-    /**
-     * Runs the filter on the input url and returns the filtered String
-     * @param input input url String
-     * @return filtered String
-     */
-    public String doFilterUrl(String input);
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/i18n/filter/HTMLFilter.java b/bcprov/src/main/java/org/bouncycastle/i18n/filter/HTMLFilter.java
deleted file mode 100644
index b9904bc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/i18n/filter/HTMLFilter.java
+++ /dev/null

@@ -1,68 +0,0 @@
-
-package org.bouncycastle.i18n.filter;
-
-/**
- * HTML Filter
- */
-public class HTMLFilter implements Filter 
-{
-
-    public String doFilter(String input) 
-    {
-        StringBuffer buf = new StringBuffer(input);
-        int i = 0;
-        while (i < buf.length()) 
-        {
-            char ch = buf.charAt(i);
-            switch (ch)
-            {
-            case '<':
-                buf.replace(i,i+1,"&#60");
-                break;
-            case '>':
-                buf.replace(i,i+1,"&#62");
-                break;
-            case '(':
-                buf.replace(i,i+1,"&#40");
-                break;
-            case ')':
-                buf.replace(i,i+1,"&#41");
-                break;
-            case '#':
-                buf.replace(i,i+1,"&#35");
-                break;
-            case '&':
-                buf.replace(i,i+1,"&#38");
-                break;
-            case '\"':
-                buf.replace(i,i+1,"&#34");
-                break;
-            case '\'':
-                buf.replace(i,i+1,"&#39");
-                break;
-            case '%':
-                buf.replace(i,i+1,"&#37");
-                break;
-            case ';':
-                buf.replace(i,i+1,"&#59");
-                break;
-            case '+':
-                buf.replace(i,i+1,"&#43");
-                break;
-            case '-':
-                buf.replace(i,i+1,"&#45");
-                break;
-            default:
-                i -= 3;
-            }
-            i += 4;
-        }
-        return buf.toString();
-    }
-    
-    public String doFilterUrl(String input)
-    {
-        return doFilter(input);
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/i18n/filter/SQLFilter.java b/bcprov/src/main/java/org/bouncycastle/i18n/filter/SQLFilter.java
deleted file mode 100644
index d55610b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/i18n/filter/SQLFilter.java
+++ /dev/null

@@ -1,69 +0,0 @@
-
-package org.bouncycastle.i18n.filter;
-
-/**
- * Filter for strings to store in a SQL table.
- * 
- * escapes ' " = - / \ ; \r \n
- */
-public class SQLFilter implements Filter
-{
-
-    public String doFilter(String input) 
-    {
-        StringBuffer buf = new StringBuffer(input);
-        int i = 0;
-        while (i < buf.length()) 
-        {
-            char ch = buf.charAt(i);
-            switch (ch) 
-            {
-            case '\'':
-                buf.replace(i,i+1,"\\\'");
-                i += 1;
-                break;
-            case '\"':
-                buf.replace(i,i+1,"\\\"");
-                i += 1;
-                break;
-            case '=':
-                buf.replace(i,i+1,"\\=");
-                i += 1;
-                break;
-            case '-':
-                buf.replace(i,i+1,"\\-");
-                i += 1;
-                break;
-            case '/':
-                buf.replace(i,i+1,"\\/");
-                i += 1;
-                break;
-            case '\\':
-                buf.replace(i,i+1,"\\\\");
-                i += 1;
-                break;
-            case ';':
-                buf.replace(i,i+1,"\\;");
-                i += 1;
-                break;
-            case '\r':
-                buf.replace(i,i+1,"\\r");
-                i += 1;
-                break;
-            case '\n':
-                buf.replace(i,i+1,"\\n");
-                i += 1;
-                break;
-            default:
-            }
-            i++;
-        }
-        return buf.toString();
-    }
-    
-    public String doFilterUrl(String input)
-    {
-        return doFilter(input);
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/i18n/filter/TrustedInput.java b/bcprov/src/main/java/org/bouncycastle/i18n/filter/TrustedInput.java
deleted file mode 100644
index 0feeeea..0000000
--- a/bcprov/src/main/java/org/bouncycastle/i18n/filter/TrustedInput.java
+++ /dev/null

@@ -1,23 +0,0 @@
-package org.bouncycastle.i18n.filter;
-
-public class TrustedInput
-{
-
-    protected Object input;
-    
-    public TrustedInput(Object input)
-    {
-        this.input = input; 
-    }
-    
-    public Object getInput()
-    {
-        return input;
-    }
-    
-    public String toString()
-    {
-        return input.toString();
-    }
-    
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/i18n/filter/UntrustedInput.java b/bcprov/src/main/java/org/bouncycastle/i18n/filter/UntrustedInput.java
deleted file mode 100644
index cc69ac4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/i18n/filter/UntrustedInput.java
+++ /dev/null

@@ -1,44 +0,0 @@
-
-package org.bouncycastle.i18n.filter;
-
-/**
- * Wrapper class to mark untrusted input.
- */
-public class UntrustedInput 
-{
-
-    protected Object input;
-
-    /**
-     * Construct a new UntrustedInput instance.
-     * @param input the untrusted input Object
-     */
-    public UntrustedInput(Object input) 
-    {
-        this.input = input;
-    }
-
-    /**
-     * Returns the untrusted input as Object.
-     * @return the <code>input</code> as Object
-     */
-    public Object getInput() 
-    {
-        return input;
-    }
-
-    /**
-     * Returns the untrusted input convertet to a String.
-     * @return the <code>input</code> as String
-     */
-    public String getString() 
-    {
-        return input.toString();
-    }
-    
-    public String toString()
-    {
-        return input.toString();
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/i18n/filter/UntrustedUrlInput.java b/bcprov/src/main/java/org/bouncycastle/i18n/filter/UntrustedUrlInput.java
deleted file mode 100644
index 98ee1e7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/i18n/filter/UntrustedUrlInput.java
+++ /dev/null

@@ -1,14 +0,0 @@
-package org.bouncycastle.i18n.filter;
-
-/**
- * 
- * Wrapper class to mark an untrusted Url
- */
-public class UntrustedUrlInput extends UntrustedInput
-{
-    public UntrustedUrlInput(Object url)
-    {
-        super(url);
-    }
-    
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/BCFKSLoadStoreParameter.java b/bcprov/src/main/java/org/bouncycastle/jcajce/BCFKSLoadStoreParameter.java
deleted file mode 100644
index 3781f8a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/BCFKSLoadStoreParameter.java
+++ /dev/null

@@ -1,325 +0,0 @@
-package org.bouncycastle.jcajce;
-
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.security.Key;
-import java.security.KeyStore;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.cert.X509Certificate;
-
-import org.bouncycastle.crypto.util.PBKDF2Config;
-import org.bouncycastle.crypto.util.PBKDFConfig;
-
-/**
- * LoadStoreParameter to allow configuring of the PBKDF used to generate encryption keys for
- * use in the keystore.
- */
-public class BCFKSLoadStoreParameter
-    extends BCLoadStoreParameter
-{
-    public enum EncryptionAlgorithm
-    {
-        AES256_CCM,
-        AES256_KWP
-    }
-
-    public enum MacAlgorithm
-    {
-        HmacSHA512,
-        HmacSHA3_512
-    }
-
-    public enum SignatureAlgorithm
-    {
-        SHA512withDSA,
-        SHA3_512withDSA,
-        SHA512withECDSA,
-        SHA3_512withECDSA,
-        SHA512withRSA,
-        SHA3_512withRSA
-    }
-
-    public interface CertChainValidator
-    {
-        /**
-         * Return true if the passed in chain is valid, false otherwise.
-         *
-         * @param chain the certChain we know about, the end-entity is at position 0.
-         * @return true if valid, false otherwise.
-         */
-         boolean isValid(X509Certificate[] chain);
-    }
-
-    public static class Builder
-    {
-        private final OutputStream out;
-        private final InputStream in;
-        private final KeyStore.ProtectionParameter protectionParameter;
-        private final Key sigKey;
-
-        private PBKDFConfig storeConfig = new PBKDF2Config.Builder()
-                                                .withIterationCount(16384)
-                                                .withSaltLength(64).withPRF(PBKDF2Config.PRF_SHA512).build();
-        private EncryptionAlgorithm encAlg = EncryptionAlgorithm.AES256_CCM;
-        private MacAlgorithm macAlg = MacAlgorithm.HmacSHA512;
-        private SignatureAlgorithm sigAlg = SignatureAlgorithm.SHA512withECDSA;
-        private X509Certificate[] certs = null;
-        private CertChainValidator validator;
-
-
-        /**
-         * Base constructor for creating a LoadStoreParameter for initializing a key store.
-         */
-        public Builder()
-        {
-            this((OutputStream)null, (KeyStore.ProtectionParameter)null);
-        }
-
-        /**
-         * Base constructor for storing to an OutputStream using a password.
-         *
-         * @param out OutputStream to write KeyStore to.
-         * @param password the password to use to protect the KeyStore.
-         */
-        public Builder(OutputStream out, char[] password)
-        {
-            this(out, new KeyStore.PasswordProtection(password));
-        }
-
-        /**
-         * Base constructor for storing to an OutputStream using a protection parameter.
-         *
-         * @param out OutputStream to write KeyStore to.
-         * @param protectionParameter the protection parameter to use to protect the KeyStore.
-         */
-        public Builder(OutputStream out, KeyStore.ProtectionParameter protectionParameter)
-        {
-            this.in = null;
-            this.out = out;
-            this.protectionParameter = protectionParameter;
-            this.sigKey = null;
-        }
-
-        /**
-         * Base constructor for storing to an OutputStream using a protection parameter.
-         *
-         * @param out OutputStream to write KeyStore to.
-         * @param sigKey the key used to protect the integrity of the key store.
-         */
-        public Builder(OutputStream out, PrivateKey sigKey)
-        {
-            this.in = null;
-            this.out = out;
-            this.protectionParameter = null;
-            this.sigKey = sigKey;
-        }
-
-        /**
-         * Base constructor for reading a KeyStore from an InputStream using a public key for validation.
-         *
-         * @param in InputStream to load KeyStore to.
-         * @param sigKey the public key parameter to used to verify the KeyStore.
-         */
-        public Builder(InputStream in, PublicKey sigKey)
-        {
-            this.in = in;
-            this.out = null;
-            this.protectionParameter = null;
-            this.sigKey = sigKey;
-        }
-
-        /**
-         * Base constructor for reading a KeyStore from an InputStream using validation based on
-         * encapsulated certificates in the KeyStore data.
-         *
-         * @param in InputStream to load KeyStore to.
-         * @param validator the certificate chain validator to check the signing certificates.
-         */
-        public Builder(InputStream in, CertChainValidator validator)
-        {
-            this.in = in;
-            this.out = null;
-            this.protectionParameter = null;
-            this.validator = validator;
-            this.sigKey = null;
-        }
-
-        /**
-         * Base constructor for reading a KeyStore from an InputStream using a password.
-         *
-         * @param in InputStream to read the KeyStore from.
-         * @param password the password used to protect the KeyStore.
-         */
-        public Builder(InputStream in, char[] password)
-        {
-            this(in, new KeyStore.PasswordProtection(password));
-        }
-
-        /**
-         * Base constructor for reading a KeyStore from an InputStream using a password.
-         *
-         * @param in InputStream to read the KeyStore from.
-         * @param protectionParameter  the protection parameter used to protect the KeyStore.
-         */
-        public Builder(InputStream in, KeyStore.ProtectionParameter protectionParameter)
-        {
-            this.in = in;
-            this.out = null;
-            this.protectionParameter = protectionParameter;
-            this.sigKey = null;
-        }
-
-        /**
-         * Configure the PBKDF to use for protecting the KeyStore.
-         *
-         * @param storeConfig the PBKDF config to use for protecting the KeyStore.
-         * @return the current Builder instance.
-         */
-        public Builder withStorePBKDFConfig(PBKDFConfig storeConfig)
-        {
-            this.storeConfig = storeConfig;
-            return this;
-        }
-
-        /**
-         * Configure the encryption algorithm to use for protecting the KeyStore and its keys.
-         *
-         * @param encAlg the PBKDF config to use for protecting the KeyStore and its keys.
-         * @return the current Builder instance.
-         */
-        public Builder withStoreEncryptionAlgorithm(EncryptionAlgorithm encAlg)
-        {
-            this.encAlg = encAlg;
-            return this;
-        }
-
-        /**
-         * Configure the MAC algorithm to use for protecting the KeyStore.
-         *
-         * @param macAlg the PBKDF config to use for protecting the KeyStore.
-         * @return the current Builder instance.
-         */
-        public Builder withStoreMacAlgorithm(MacAlgorithm macAlg)
-        {
-            this.macAlg = macAlg;
-            return this;
-        }
-
-
-        /**
-         * Add a valid certificate chain where certs[0] is the end-entity matching the
-         * private key we are using to sign the key store.
-         *
-         * @param certs an array of X509 certificates.
-         * @return the current Builder instance.
-         */
-        public Builder withCertificates(X509Certificate[] certs)
-        {
-            X509Certificate[] tmp = new X509Certificate[certs.length];
-            System.arraycopy(certs, 0, tmp, 0, tmp.length);
-            this.certs = tmp;
-
-            return this;
-        }
-
-        /**
-         * Configure the signature algorithm to use for protecting the KeyStore.
-         *
-         * @param sigAlg the signature config to use for protecting the KeyStore.
-         * @return the current Builder instance.
-         */
-        public Builder withStoreSignatureAlgorithm(SignatureAlgorithm sigAlg)
-        {
-            this.sigAlg = sigAlg;
-
-            return this;
-        }
-
-        /**
-         * Build and return a BCFKSLoadStoreParameter.
-         *
-         * @return a new BCFKSLoadStoreParameter.
-         */
-        public BCFKSLoadStoreParameter build()
-        {
-            return new BCFKSLoadStoreParameter(this);
-        }
-    }
-
-    private final PBKDFConfig storeConfig;
-    private final EncryptionAlgorithm encAlg;
-    private final MacAlgorithm macAlg;
-    private final SignatureAlgorithm sigAlg;
-    private final Key sigKey;
-    private final X509Certificate[] certificates;
-    private final CertChainValidator validator;
-
-    private BCFKSLoadStoreParameter(Builder bldr)
-    {
-        super(bldr.in, bldr.out, bldr.protectionParameter);
-
-        this.storeConfig = bldr.storeConfig;
-        this.encAlg = bldr.encAlg;
-        this.macAlg = bldr.macAlg;
-        this.sigAlg = bldr.sigAlg;
-        this.sigKey = bldr.sigKey;
-        this.certificates = bldr.certs;
-        this.validator = bldr.validator;
-    }
-
-    /**
-     * Return the PBKDF used for generating the HMAC and store encryption keys.
-     *
-     * @return the PBKDF to use for deriving HMAC and store encryption keys.
-     */
-    public PBKDFConfig getStorePBKDFConfig()
-    {
-        return storeConfig;
-    }
-
-    /**
-     * Return encryption algorithm used to secure the store and its entries.
-     *
-     * @return the encryption algorithm to use.
-     */
-    public EncryptionAlgorithm getStoreEncryptionAlgorithm()
-    {
-        return encAlg;
-    }
-
-    /**
-     * Return mac algorithm used to protect the integrity of the store and its contents.
-     *
-     * @return the mac algorithm to use.
-     */
-    public MacAlgorithm getStoreMacAlgorithm()
-    {
-        return macAlg;
-    }
-
-    /**
-     * Return signature algorithm used to protect the integrity of the store and its contents.
-     *
-     * @return the signature algorithm to use.
-     */
-    public SignatureAlgorithm getStoreSignatureAlgorithm()
-    {
-        return sigAlg;
-    }
-
-    public Key getStoreSignatureKey()
-    {
-        return sigKey;
-    }
-
-    public X509Certificate[] getStoreCertificates()
-    {
-        return certificates;
-    }
-
-    public CertChainValidator getCertChainValidator()
-    {
-        return validator;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/BCFKSStoreParameter.java b/bcprov/src/main/java/org/bouncycastle/jcajce/BCFKSStoreParameter.java
deleted file mode 100644
index 6b52831..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/BCFKSStoreParameter.java
+++ /dev/null

@@ -1,52 +0,0 @@
-package org.bouncycastle.jcajce;
-
-import java.io.OutputStream;
-import java.security.KeyStore;
-
-import org.bouncycastle.crypto.util.PBKDFConfig;
-
-/**
- * LoadStoreParameter to allow configuring of the PBKDF used to generate encryption keys for
- * use in the keystore.
- * @deprecated This class does not support configuration on creation, use BCFKSLoadStoreParameter for best results.
- */
-public class BCFKSStoreParameter
-    implements KeyStore.LoadStoreParameter
-{
-    private final KeyStore.ProtectionParameter protectionParameter;
-    private final PBKDFConfig storeConfig;
-
-    private OutputStream out;
-
-    public BCFKSStoreParameter(OutputStream out, PBKDFConfig storeConfig, char[] password)
-    {
-        this(out, storeConfig, new KeyStore.PasswordProtection(password));
-    }
-
-    public BCFKSStoreParameter(OutputStream out, PBKDFConfig storeConfig, KeyStore.ProtectionParameter protectionParameter)
-    {
-        this.out = out;
-        this.storeConfig = storeConfig;
-        this.protectionParameter = protectionParameter;
-    }
-
-    public KeyStore.ProtectionParameter getProtectionParameter()
-    {
-        return protectionParameter;
-    }
-
-    public OutputStream getOutputStream()
-    {
-        return out;
-    }
-
-    /**
-     * Return the PBKDF used for generating the HMAC and store encryption keys.
-     *
-     * @return the PBKDF to use for deriving HMAC and store encryption keys.
-     */
-    public PBKDFConfig getStorePBKDFConfig()
-    {
-        return storeConfig;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/BCLoadStoreParameter.java b/bcprov/src/main/java/org/bouncycastle/jcajce/BCLoadStoreParameter.java
deleted file mode 100644
index 0a299cb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/BCLoadStoreParameter.java
+++ /dev/null

@@ -1,71 +0,0 @@
-package org.bouncycastle.jcajce;
-
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.security.KeyStore;
-
-public class BCLoadStoreParameter
-    implements KeyStore.LoadStoreParameter
-{
-    private final InputStream in;
-    private final OutputStream out;
-    private final KeyStore.ProtectionParameter protectionParameter;
-
-    /**
-     * Base constructor for
-     *
-     * @param out
-     * @param password
-     */
-    public BCLoadStoreParameter(OutputStream out, char[] password)
-    {
-        this(out, new KeyStore.PasswordProtection(password));
-    }
-
-    public BCLoadStoreParameter(InputStream in, char[] password)
-    {
-        this(in, new KeyStore.PasswordProtection(password));
-    }
-
-    public BCLoadStoreParameter(InputStream in, KeyStore.ProtectionParameter protectionParameter)
-    {
-        this(in, null, protectionParameter);
-    }
-
-    public BCLoadStoreParameter(OutputStream out, KeyStore.ProtectionParameter protectionParameter)
-    {
-        this(null, out, protectionParameter);
-    }
-
-    BCLoadStoreParameter(InputStream in, OutputStream out, KeyStore.ProtectionParameter protectionParameter)
-    {
-        this.in = in;
-        this.out = out;
-        this.protectionParameter = protectionParameter;
-    }
-
-    public KeyStore.ProtectionParameter getProtectionParameter()
-    {
-        return protectionParameter;
-    }
-
-    public OutputStream getOutputStream()
-    {
-        if (out == null)
-        {
-            throw new UnsupportedOperationException("parameter not configured for storage - no OutputStream");
-        }
-
-        return out;
-    }
-
-    public InputStream getInputStream()
-    {
-        if (out != null)
-        {
-            throw new UnsupportedOperationException("parameter configured for storage OutputStream present");
-        }
-
-        return in;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/PBKDF1Key.java b/bcprov/src/main/java/org/bouncycastle/jcajce/PBKDF1Key.java
deleted file mode 100644
index 7f7581c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/PBKDF1Key.java
+++ /dev/null

@@ -1,67 +0,0 @@
-package org.bouncycastle.jcajce;
-
-import org.bouncycastle.crypto.CharToByteConverter;
-
-/**
- * A password based key for use with PBKDF1 as defined in PKCS#5.
- */
-public class PBKDF1Key
-    implements PBKDFKey
-{
-    private final char[] password;
-    private final CharToByteConverter converter;
-
-    /**
-     * Basic constructor for a password based key with generation parameters for PBKDF1.
-     *
-     * @param password password to use.
-     * @param converter the converter to use to turn the char array into octets.
-     */
-    public PBKDF1Key(char[] password, CharToByteConverter converter)
-    {
-        this.password = new char[password.length];
-        this.converter = converter;
-
-        System.arraycopy(password, 0, this.password, 0, password.length);
-    }
-
-    /**
-     * Return a reference to the char[] array holding the password.
-     *
-     * @return a reference to the password array.
-     */
-    public char[] getPassword()
-    {
-        return password;
-    }
-
-    /**
-     * Return the password based key derivation function this key is for,
-     *
-     * @return the string "PBKDF1"
-     */
-    public String getAlgorithm()
-    {
-        return "PBKDF1";
-    }
-
-    /**
-     * Return the format encoding.
-     *
-     * @return the type name representing a char[] to byte[] conversion.
-     */
-    public String getFormat()
-    {
-        return converter.getType();
-    }
-
-    /**
-     * Return the password converted to bytes.
-     *
-     * @return the password converted to a byte array.
-     */
-    public byte[] getEncoded()
-    {
-        return converter.convert(password);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/PBKDF1KeyWithParameters.java b/bcprov/src/main/java/org/bouncycastle/jcajce/PBKDF1KeyWithParameters.java
deleted file mode 100644
index d0899c1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/PBKDF1KeyWithParameters.java
+++ /dev/null

@@ -1,53 +0,0 @@
-package org.bouncycastle.jcajce;
-
-import javax.crypto.interfaces.PBEKey;
-
-import org.bouncycastle.crypto.CharToByteConverter;
-import org.bouncycastle.util.Arrays;
-
-/**
- * A password based key for use with PBKDF1 as defined in PKCS#5 with full PBE parameters.
- */
-public class PBKDF1KeyWithParameters
-    extends PBKDF1Key
-    implements PBEKey
-{
-    private final byte[] salt;
-    private final int iterationCount;
-
-    /**
-     * Basic constructor for a password based key with generation parameters for PBKDF1.
-     *
-     * @param password password to use.
-     * @param converter the converter to use to turn the char array into octets.
-     * @param salt salt for generation algorithm
-     * @param iterationCount iteration count for generation algorithm.
-     */
-    public PBKDF1KeyWithParameters(char[] password, CharToByteConverter converter, byte[] salt, int iterationCount)
-    {
-        super(password, converter);
-
-        this.salt = Arrays.clone(salt);
-        this.iterationCount = iterationCount;
-    }
-
-    /**
-     * Return the salt to use in the key derivation function.
-     *
-     * @return the salt to use in the KDF.
-     */
-    public byte[] getSalt()
-    {
-        return salt;
-    }
-
-    /**
-     * Return the iteration count to use in the key derivation function.
-     *
-     * @return the iteration count to use in the KDF.
-     */
-    public int getIterationCount()
-    {
-        return iterationCount;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/PBKDF2Key.java b/bcprov/src/main/java/org/bouncycastle/jcajce/PBKDF2Key.java
deleted file mode 100644
index d9dc6e7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/PBKDF2Key.java
+++ /dev/null

@@ -1,65 +0,0 @@
-package org.bouncycastle.jcajce;
-
-import org.bouncycastle.crypto.CharToByteConverter;
-import org.bouncycastle.util.Arrays;
-
-/**
- * A password based key for use with PBKDF2 as defined in PKCS#5.
- */
-public class PBKDF2Key
-    implements PBKDFKey
-{
-    private final char[] password;
-    private final CharToByteConverter converter;
-
-    /**
-     * Basic constructor for a password based key using PBKDF - secret key generation parameters will be passed separately..
-     *
-     * @param password password to use.
-     */
-    public PBKDF2Key(char[] password, CharToByteConverter converter)
-    {
-        this.password = Arrays.clone(password);
-        this.converter = converter;
-    }
-
-    /**
-     * Return a reference to the char[] array holding the password.
-     *
-     * @return a reference to the password array.
-     */
-    public char[] getPassword()
-    {
-        return password;
-    }
-
-    /**
-     * Return the password based key derivation function this key is for,
-     *
-     * @return the string "PBKDF2"
-     */
-    public String getAlgorithm()
-    {
-        return "PBKDF2";
-    }
-
-    /**
-     * Return the format encoding.
-     *
-     * @return the type name representing a char[] to byte[] conversion.
-     */
-    public String getFormat()
-    {
-        return converter.getType();
-    }
-
-    /**
-     * Return the password converted to bytes.
-     *
-     * @return the password converted to a byte array.
-     */
-    public byte[] getEncoded()
-    {
-        return converter.convert(password);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/PBKDF2KeyWithParameters.java b/bcprov/src/main/java/org/bouncycastle/jcajce/PBKDF2KeyWithParameters.java
deleted file mode 100644
index b356cfb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/PBKDF2KeyWithParameters.java
+++ /dev/null

@@ -1,53 +0,0 @@
-package org.bouncycastle.jcajce;
-
-import javax.crypto.interfaces.PBEKey;
-
-import org.bouncycastle.crypto.CharToByteConverter;
-import org.bouncycastle.util.Arrays;
-
-/**
- * A password based key for use with PBKDF2 as defined in PKCS#5 with full PBE parameters.
- */
-public class PBKDF2KeyWithParameters
-    extends PBKDF2Key
-    implements PBEKey
-{
-    private final byte[] salt;
-    private final int iterationCount;
-
-    /**
-     * Basic constructor for a password based key with generation parameters using FIPS PBKDF.
-     *
-     * @param password password to use.
-     * @param converter converter to use for transforming characters into bytes.
-     * @param salt salt for generation algorithm
-     * @param iterationCount iteration count for generation algorithm.
-     */
-    public PBKDF2KeyWithParameters(char[] password, CharToByteConverter converter, byte[] salt, int iterationCount)
-    {
-        super(password, converter);
-
-        this.salt = Arrays.clone(salt);
-        this.iterationCount = iterationCount;
-    }
-
-    /**
-     * Return the salt to use in the key derivation function.
-     *
-     * @return the salt to use in the KDF.
-     */
-    public byte[] getSalt()
-    {
-        return salt;
-    }
-
-    /**
-     * Return the iteration count to use in the key derivation function.
-     *
-     * @return the iteration count to use in the KDF.
-     */
-    public int getIterationCount()
-    {
-        return iterationCount;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/interfaces/EdDSAKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/interfaces/EdDSAKey.java
deleted file mode 100644
index 9ae3805..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/interfaces/EdDSAKey.java
+++ /dev/null

@@ -1,8 +0,0 @@
-package org.bouncycastle.jcajce.interfaces;
-
-import java.security.Key;
-
-public interface EdDSAKey
-    extends Key
-{
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/interfaces/XDHKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/interfaces/XDHKey.java
deleted file mode 100644
index cd3d9e8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/interfaces/XDHKey.java
+++ /dev/null

@@ -1,8 +0,0 @@
-package org.bouncycastle.jcajce.interfaces;
-
-import java.security.Key;
-
-public interface XDHKey
-    extends Key
-{
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/io/CipherInputStream.java b/bcprov/src/main/java/org/bouncycastle/jcajce/io/CipherInputStream.java
deleted file mode 100644
index bca96fa..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/io/CipherInputStream.java
+++ /dev/null

@@ -1,218 +0,0 @@
-package org.bouncycastle.jcajce.io;
-
-import java.io.FilterInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.GeneralSecurityException;
-
-import javax.crypto.BadPaddingException;
-import javax.crypto.Cipher;
-import javax.crypto.IllegalBlockSizeException;
-
-import org.bouncycastle.crypto.io.InvalidCipherTextIOException;
-
-/**
- * A CipherInputStream is composed of an InputStream and a cipher so that read() methods return data
- * that are read in from the underlying InputStream but have been additionally processed by the
- * Cipher. The cipher must be fully initialized before being used by a CipherInputStream.
- * <p>
- * For example, if the Cipher is initialized for decryption, the CipherInputStream will attempt to
- * read in data and decrypt them, before returning the decrypted data.
- * </p><p>
- * This is a reimplementation of {@link javax.crypto.CipherInputStream} that is safe for use with
- * AEAD block ciphers, and does not silently catch {@link BadPaddingException} and
- * {@link IllegalBlockSizeException} errors. Any errors that occur during {@link Cipher#doFinal()
- * finalisation} are rethrown wrapped in an {@link InvalidCipherTextIOException}.
- * </p>
- */
-public class CipherInputStream
-    extends FilterInputStream
-{
-    private final Cipher cipher;
-    private final byte[] inputBuffer = new byte[512];
-    private boolean finalized = false;
-    private byte[] buf;
-    private int maxBuf;
-    private int bufOff;
-
-    /**
-     * Constructs a CipherInputStream from an InputStream and an initialised Cipher.
-     */
-    public CipherInputStream(InputStream input, Cipher cipher)
-    {
-        super(input);
-        this.cipher = cipher;
-    }
-
-    /**
-     * Read data from underlying stream and process with cipher until end of stream or some data is
-     * available after cipher processing.
-     *
-     * @return -1 to indicate end of stream, or the number of bytes (> 0) available.
-     */
-    private int nextChunk()
-        throws IOException
-    {
-        if (finalized)
-        {
-            return -1;
-        }
-
-        bufOff = 0;
-        maxBuf = 0;
-
-        // Keep reading until EOF or cipher processing produces data
-        while (maxBuf == 0)
-        {
-            int read = in.read(inputBuffer);
-            if (read == -1)
-            {
-                buf = finaliseCipher();
-                if ((buf == null) || (buf.length == 0))
-                {
-                    return -1;
-                }
-                maxBuf = buf.length;
-                return maxBuf;
-            }
-
-            buf = cipher.update(inputBuffer, 0, read);
-            if (buf != null)
-            {
-                maxBuf = buf.length;
-            }
-        }
-        return maxBuf;
-    }
-
-    private byte[] finaliseCipher()
-        throws InvalidCipherTextIOException
-    {
-        try
-        {
-            finalized = true;
-            return cipher.doFinal();
-        }
-        catch (GeneralSecurityException e)
-        {
-            throw new InvalidCipherTextIOException("Error finalising cipher", e);
-        }
-    }
-
-    /**
-     * Reads data from the underlying stream and processes it with the cipher until the cipher
-     * outputs data, and returns the next available byte.
-     * <p>
-     * If the underlying stream is exhausted by this call, the cipher will be finalised.
-     * </p>
-     * @throws IOException if there was an error closing the input stream.
-     * @throws InvalidCipherTextIOException if the data read from the stream was invalid ciphertext
-     * (e.g. the cipher is an AEAD cipher and the ciphertext tag check fails).
-     */
-    public int read()
-        throws IOException
-    {
-        if (bufOff >= maxBuf)
-        {
-            if (nextChunk() < 0)
-            {
-                return -1;
-            }
-        }
-
-        return buf[bufOff++] & 0xff;
-    }
-
-    /**
-     * Reads data from the underlying stream and processes it with the cipher until the cipher
-     * outputs data, and then returns up to <code>len</code> bytes in the provided array.
-     * <p>
-     * If the underlying stream is exhausted by this call, the cipher will be finalised.
-     * </p>
-     * @param b   the buffer into which the data is read.
-     * @param off the start offset in the destination array <code>b</code>
-     * @param len the maximum number of bytes read.
-     * @return the total number of bytes read into the buffer, or <code>-1</code> if there is no
-     *         more data because the end of the stream has been reached.
-     * @throws IOException if there was an error closing the input stream.
-     * @throws InvalidCipherTextIOException if the data read from the stream was invalid ciphertext
-     * (e.g. the cipher is an AEAD cipher and the ciphertext tag check fails).
-     */
-    public int read(byte[] b, int off, int len)
-        throws IOException
-    {
-        if (bufOff >= maxBuf)
-        {
-            if (nextChunk() < 0)
-            {
-                return -1;
-            }
-        }
-
-        int toSupply = Math.min(len, available());
-        System.arraycopy(buf, bufOff, b, off, toSupply);
-        bufOff += toSupply;
-        return toSupply;
-    }
-
-    public long skip(long n)
-        throws IOException
-    {
-        if (n <= 0)
-        {
-            return 0;
-        }
-
-        int skip = (int)Math.min(n, available());
-        bufOff += skip;
-        return skip;
-    }
-
-    public int available()
-        throws IOException
-    {
-        return maxBuf - bufOff;
-    }
-
-    /**
-     * Closes the underlying input stream, and then finalises the processing of the data by the
-     * cipher.
-     *
-     * @throws IOException if there was an error closing the input stream.
-     * @throws InvalidCipherTextIOException if the data read from the stream was invalid ciphertext
-     * (e.g. the cipher is an AEAD cipher and the ciphertext tag check fails).
-     */
-    public void close()
-        throws IOException
-    {
-        try
-        {
-            in.close();
-        }
-        finally
-        {
-            if (!finalized)
-            {
-                // Reset the cipher, discarding any data buffered in it
-                // Errors in cipher finalisation trump I/O error closing input
-                finaliseCipher();
-            }
-        }
-        maxBuf = bufOff = 0;
-    }
-
-    public void mark(int readlimit)
-    {
-    }
-
-    public void reset()
-        throws IOException
-    {
-    }
-
-    public boolean markSupported()
-    {
-        return false;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/io/CipherOutputStream.java b/bcprov/src/main/java/org/bouncycastle/jcajce/io/CipherOutputStream.java
deleted file mode 100644
index 7c1cebf..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/io/CipherOutputStream.java
+++ /dev/null

@@ -1,147 +0,0 @@
-package org.bouncycastle.jcajce.io;
-
-import java.io.FilterOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-import java.security.GeneralSecurityException;
-
-import javax.crypto.BadPaddingException;
-import javax.crypto.Cipher;
-import javax.crypto.IllegalBlockSizeException;
-
-import org.bouncycastle.crypto.io.InvalidCipherTextIOException;
-
-/**
- * A CipherOutputStream is composed of an OutputStream and a cipher so that write() methods process
- * the written data with the cipher, and the output of the cipher is in turn written to the
- * underlying OutputStream. The cipher must be fully initialized before being used by a
- * CipherInputStream.
- * <p>
- * For example, if the cipher is initialized for encryption, the CipherOutputStream will encrypt the
- * data before writing the encrypted data to the underlying stream.
- * </p><p>
- * This is a reimplementation of {@link javax.crypto.CipherOutputStream} that is safe for use with
- * AEAD block ciphers, and does not silently catch {@link BadPaddingException} and
- * {@link IllegalBlockSizeException} errors. Any errors that occur during {@link Cipher#doFinal()
- * finalisation} are rethrown wrapped in an {@link InvalidCipherTextIOException}.
- * </p>
- */
-public class CipherOutputStream
-    extends FilterOutputStream
-{
-    private final Cipher cipher;
-    private final byte[] oneByte = new byte[1];
-
-    /**
-     * Constructs a CipherOutputStream from an OutputStream and a Cipher.
-     */
-    public CipherOutputStream(OutputStream output, Cipher cipher)
-    {
-        super(output);
-        this.cipher = cipher;
-    }
-
-    /**
-     * Writes the specified byte to this output stream.
-     *
-     * @param b the <code>byte</code>.
-     * @throws java.io.IOException if an I/O error occurs.
-     */
-    public void write(int b)
-        throws IOException
-    {
-        oneByte[0] = (byte)b;
-        write(oneByte, 0, 1);
-    }
-
-    /**
-     * Writes <code>len</code> bytes from the specified byte array starting at offset
-     * <code>off</code> to this output stream.
-     *
-     * @param b   the data.
-     * @param off the start offset in the data.
-     * @param len the number of bytes to write.
-     * @throws java.io.IOException if an I/O error occurs.
-     */
-    public void write(byte[] b, int off, int len)
-        throws IOException
-    {
-        byte[] outData = cipher.update(b, off, len);
-        if (outData != null)
-        {
-            out.write(outData);
-        }
-    }
-
-    /**
-     * Flushes this output stream by forcing any buffered output bytes that have already been
-     * processed by the encapsulated cipher object to be written out.
-     * <p>
-     * Any bytes buffered by the encapsulated cipher and waiting to be processed by it will not be
-     * written out. For example, if the encapsulated cipher is a block cipher, and the total number
-     * of bytes written using one of the <code>write</code> methods is less than the cipher's block
-     * size, no bytes will be written out.
-     * </p>
-     * @throws java.io.IOException if an I/O error occurs.
-     */
-    public void flush()
-        throws IOException
-    {
-        out.flush();
-    }
-
-    /**
-     * Closes this output stream and releases any system resources associated with this stream.
-     * <p>
-     * This method invokes the <code>doFinal</code> method of the encapsulated cipher object, which
-     * causes any bytes buffered by the encapsulated cipher to be processed. The result is written
-     * out by calling the <code>flush</code> method of this output stream.
-     * </p><p>
-     * This method resets the encapsulated cipher object to its initial state and calls the
-     * <code>close</code> method of the underlying output stream.
-     * </p>
-     * @throws java.io.IOException if an I/O error occurs.
-     * @throws InvalidCipherTextIOException if the data written to this stream was invalid
-     * ciphertext (e.g. the cipher is an AEAD cipher and the ciphertext tag check
-     * fails).
-     */
-    public void close()
-        throws IOException
-    {
-        IOException error = null;
-        try
-        {
-            byte[] outData = cipher.doFinal();
-            if (outData != null)
-            {
-                out.write(outData);
-            }
-        }
-        catch (GeneralSecurityException e)
-        {
-            error = new InvalidCipherTextIOException("Error during cipher finalisation", e);
-        }
-        catch (Exception e)
-        {
-            error = new IOException("Error closing stream: " + e);
-        }
-        try
-        {
-            flush();
-            out.close();
-        }
-        catch (IOException e)
-        {
-            // Invalid ciphertext takes precedence over close error
-            if (error == null)
-            {
-                error = e;
-            }
-        }
-        if (error != null)
-        {
-            throw error;
-        }
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/io/MacOutputStream.java b/bcprov/src/main/java/org/bouncycastle/jcajce/io/MacOutputStream.java
deleted file mode 100644
index 41618e2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/io/MacOutputStream.java
+++ /dev/null

@@ -1,66 +0,0 @@
-package org.bouncycastle.jcajce.io;
-
-import java.io.IOException;
-import java.io.OutputStream;
-
-import javax.crypto.Mac;
-
-/**
- * An output stream which calculates a MAC based on the data that is written to it.
- */
-public final class MacOutputStream
-    extends OutputStream
-{
-    private Mac mac;
-
-    /**
-     * Base constructor - specify the MAC algorithm to use.
-     *
-     * @param mac the MAC implementation to use as the basis of the stream.
-     */
-    public MacOutputStream(
-        Mac mac)
-    {
-        this.mac = mac;
-    }
-
-    /**
-     * Write a single byte to the stream.
-     *
-     * @param b the byte value to write.
-     * @throws IOException  in case of failure.
-     */
-    public void write(int b)
-        throws IOException
-    {
-        mac.update((byte)b);
-    }
-
-    /**
-     * Write a block of data of length len starting at offset off in the byte array bytes to
-     * the stream.
-     *
-     * @param bytes byte array holding the data.
-     * @param off offset into bytes that the data starts at.
-     * @param len the length of the data block to write.
-     * @throws IOException in case of failure.
-     */
-    public void write(
-        byte[] bytes,
-        int off,
-        int len)
-        throws IOException
-    {
-        mac.update(bytes, off, len);
-    }
-
-    /**
-     * Execute doFinal() and return the calculated MAC.
-     *
-     * @return the MAC calculated from the output written to the stream.
-     */
-    public byte[] getMac()
-    {
-        return mac.doFinal();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DH.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DH.java
index 6c663e3..a0c2f84 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DH.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DH.java

@@ -36,8 +36,10 @@
             provider.addAttributes("KeyAgreement.DH", generalDhAttributes);
             provider.addAlgorithm("KeyAgreement.DH", PREFIX + "KeyAgreementSpi");
             provider.addAlgorithm("Alg.Alias.KeyAgreement.DIFFIEHELLMAN", "DH");
-            provider.addAlgorithm("KeyAgreement", PKCSObjectIdentifiers.id_alg_ESDH, PREFIX + "KeyAgreementSpi$DHwithRFC2631KDF");
-            provider.addAlgorithm("KeyAgreement", PKCSObjectIdentifiers.id_alg_SSDH, PREFIX + "KeyAgreementSpi$DHwithRFC2631KDF");
+            // BEGIN Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("KeyAgreement", PKCSObjectIdentifiers.id_alg_ESDH, PREFIX + "KeyAgreementSpi$DHwithRFC2631KDF");
+            // provider.addAlgorithm("KeyAgreement", PKCSObjectIdentifiers.id_alg_SSDH, PREFIX + "KeyAgreementSpi$DHwithRFC2631KDF");
+            // END Android-removed: Unsupported algorithms
 
             provider.addAlgorithm("KeyFactory.DH", PREFIX + "KeyFactorySpi");
             provider.addAlgorithm("Alg.Alias.KeyFactory.DIFFIEHELLMAN", "DH");
@@ -49,6 +51,8 @@
 
             provider.addAlgorithm("AlgorithmParameterGenerator.DH", PREFIX + "AlgorithmParameterGeneratorSpi");
 
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             provider.addAlgorithm("Cipher.IES", PREFIX + "IESCipher$IES");
             provider.addAlgorithm("Cipher.IESwithAES-CBC", PREFIX + "IESCipher$IESwithAESCBC");
             provider.addAlgorithm("Cipher.IESWITHAES-CBC", PREFIX + "IESCipher$IESwithAESCBC");
@@ -88,6 +92,8 @@
             provider.addAlgorithm("KeyAgreement.MQVWITHSHA256CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA256CKDF");
             provider.addAlgorithm("KeyAgreement.MQVWITHSHA384CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA384CKDF");
             provider.addAlgorithm("KeyAgreement.MQVWITHSHA512CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA512CKDF");
+            */
+            // END Android-removed: Unsupported algorithms
 
             registerOid(provider, PKCSObjectIdentifiers.dhKeyAgreement, "DH", new KeyFactorySpi());
             registerOid(provider, X9ObjectIdentifiers.dhpublicnumber, "DH", new KeyFactorySpi());

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java
index 08949fa..6323b75 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSA.java

@@ -27,11 +27,17 @@
             provider.addAlgorithm("KeyPairGenerator.DSA", PREFIX + "KeyPairGeneratorSpi");
             provider.addAlgorithm("KeyFactory.DSA", PREFIX + "KeyFactorySpi");
 
-            provider.addAlgorithm("Signature.DSA", PREFIX + "DSASigner$stdDSA");
+            // BEGIN Android-changed: Change primary ID from DSA to SHA1withDSA
+            // provider.addAlgorithm("Signature.DSA", PREFIX + "DSASigner$stdDSA");
+            provider.addAlgorithm("Signature.SHA1withDSA", PREFIX + "DSASigner$stdDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.DSA", "SHA1withDSA");
+            // END Android-changed: Change primary ID from DSA to SHA1withDSA
             provider.addAlgorithm("Signature.NONEWITHDSA", PREFIX + "DSASigner$noneDSA");
 
             provider.addAlgorithm("Alg.Alias.Signature.RAWDSA", "NONEWITHDSA");
 
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             provider.addAlgorithm("Signature.DETDSA", PREFIX + "DSASigner$detDSA");
             provider.addAlgorithm("Signature.SHA1WITHDETDSA", PREFIX + "DSASigner$detDSA");
             provider.addAlgorithm("Signature.SHA224WITHDETDSA", PREFIX + "DSASigner$detDSA224");
@@ -49,9 +55,13 @@
             provider.addAlgorithm("Signature.SHA3-256WITHDDSA", PREFIX + "DSASigner$detDSASha3_256");
             provider.addAlgorithm("Signature.SHA3-384WITHDDSA", PREFIX + "DSASigner$detDSASha3_384");
             provider.addAlgorithm("Signature.SHA3-512WITHDDSA", PREFIX + "DSASigner$detDSASha3_512");
+            */
+            // END Android-removed: Unsupported algorithms
 
             addSignatureAlgorithm(provider, "SHA224", "DSA", PREFIX + "DSASigner$dsa224", NISTObjectIdentifiers.dsa_with_sha224);
             addSignatureAlgorithm(provider, "SHA256", "DSA", PREFIX + "DSASigner$dsa256", NISTObjectIdentifiers.dsa_with_sha256);
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384);
             addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512);
 
@@ -59,22 +69,28 @@
             addSignatureAlgorithm(provider, "SHA3-256", "DSA", PREFIX + "DSASigner$dsaSha3_256", NISTObjectIdentifiers.id_dsa_with_sha3_256);
             addSignatureAlgorithm(provider, "SHA3-384", "DSA", PREFIX + "DSASigner$dsaSha3_384", NISTObjectIdentifiers.id_dsa_with_sha3_384);
             addSignatureAlgorithm(provider, "SHA3-512", "DSA", PREFIX + "DSASigner$dsaSha3_512", NISTObjectIdentifiers.id_dsa_with_sha3_512);
+            */
+            // END Android-removed: Unsupported algorithms
 
-            provider.addAlgorithm("Alg.Alias.Signature.SHA/DSA", "DSA");
-            provider.addAlgorithm("Alg.Alias.Signature.SHA1withDSA", "DSA");
-            provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDSA", "DSA");
-            provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.1", "DSA");
-            provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.3", "DSA");
-            provider.addAlgorithm("Alg.Alias.Signature.DSAwithSHA1", "DSA");
-            provider.addAlgorithm("Alg.Alias.Signature.DSAWITHSHA1", "DSA");
-            provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "DSA");
-            provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "DSA");
+            // BEGIN Android-changed: Change primary ID from DSA to SHA1withDSA
+            provider.addAlgorithm("Alg.Alias.Signature.SHA/DSA", "SHA1withDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.SHA1withDSA", "SHA1withDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDSA", "SHA1withDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.1", "SHA1withDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.3", "SHA1withDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.DSAwithSHA1", "SHA1withDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.DSAWITHSHA1", "SHA1withDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "SHA1withDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "SHA1withDSA");
+            // END Android-changed: Change primary ID from DSA to SHA1withDSA
 
             AsymmetricKeyInfoConverter keyFact = new KeyFactorySpi();
 
             for (int i = 0; i != DSAUtil.dsaOids.length; i++)
             {
-                provider.addAlgorithm("Alg.Alias.Signature." + DSAUtil.dsaOids[i], "DSA");
+                // BEGIN Android-changed: Change primary ID from DSA to SHA1withDSA
+                provider.addAlgorithm("Alg.Alias.Signature." + DSAUtil.dsaOids[i], "SHA1withDSA");
+                // END Android-changed: Change primary ID from DSA to SHA1withDSA
 
                 registerOid(provider, DSAUtil.dsaOids[i], "DSA", keyFact);
                 registerOidAlgorithmParameterGenerator(provider, DSAUtil.dsaOids[i], "DSA");

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSTU4145.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSTU4145.java
deleted file mode 100644
index bdf167d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/DSTU4145.java
+++ /dev/null

@@ -1,42 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric;
-
-import org.bouncycastle.asn1.ua.UAObjectIdentifiers;
-import org.bouncycastle.jcajce.provider.asymmetric.dstu.KeyFactorySpi;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider;
-
-public class DSTU4145 
-{
-    private static final String PREFIX = "org.bouncycastle.jcajce.provider.asymmetric" + ".dstu.";
-
-    public static class Mappings
-        extends AsymmetricAlgorithmProvider
-    {
-        public Mappings()
-        {
-        }
-        
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("KeyFactory.DSTU4145", PREFIX + "KeyFactorySpi");
-            provider.addAlgorithm("Alg.Alias.KeyFactory.DSTU-4145-2002", "DSTU4145");
-            provider.addAlgorithm("Alg.Alias.KeyFactory.DSTU4145-3410", "DSTU4145");
-
-            registerOid(provider, UAObjectIdentifiers.dstu4145le, "DSTU4145", new KeyFactorySpi());
-            registerOidAlgorithmParameters(provider, UAObjectIdentifiers.dstu4145le, "DSTU4145");
-            registerOid(provider, UAObjectIdentifiers.dstu4145be, "DSTU4145", new KeyFactorySpi());
-            registerOidAlgorithmParameters(provider, UAObjectIdentifiers.dstu4145be, "DSTU4145");
-
-            provider.addAlgorithm("KeyPairGenerator.DSTU4145", PREFIX + "KeyPairGeneratorSpi");
-            provider.addAlgorithm("Alg.Alias.KeyPairGenerator.DSTU-4145", "DSTU4145");
-            provider.addAlgorithm("Alg.Alias.KeyPairGenerator.DSTU-4145-2002", "DSTU4145");
-
-            provider.addAlgorithm("Signature.DSTU4145", PREFIX + "SignatureSpi");
-            provider.addAlgorithm("Alg.Alias.Signature.DSTU-4145", "DSTU4145");
-            provider.addAlgorithm("Alg.Alias.Signature.DSTU-4145-2002", "DSTU4145");
-
-            addSignatureAlgorithm(provider, "GOST3411", "DSTU4145LE", PREFIX + "SignatureSpiLe", UAObjectIdentifiers.dstu4145le);
-            addSignatureAlgorithm(provider, "GOST3411", "DSTU4145", PREFIX + "SignatureSpi", UAObjectIdentifiers.dstu4145be);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java
index 9dd00b2..b79b0c5 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EC.java

@@ -3,16 +3,20 @@
 import java.util.HashMap;
 import java.util.Map;
 
-import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
-import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.sec.SECObjectIdentifiers;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+// BEGIN Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
+// import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
+// import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+// import org.bouncycastle.asn1.sec.SECObjectIdentifiers;
+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+// END Android-removed: Unsupported algorithms
 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
 import org.bouncycastle.jcajce.provider.asymmetric.ec.KeyFactorySpi;
 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
 import org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider;
-import org.bouncycastle.util.Properties;
+// BEGIN Android-removed: Unsupported algorithms
+// import org.bouncycastle.util.Properties;
+// END Android-removed: Unsupported algorithms
 
 public class EC
 {
@@ -39,6 +43,8 @@
 
             provider.addAttributes("KeyAgreement.ECDH", generalEcAttributes);
             provider.addAlgorithm("KeyAgreement.ECDH", PREFIX + "KeyAgreementSpi$DH");
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             provider.addAttributes("KeyAgreement.ECDHC", generalEcAttributes);
             provider.addAlgorithm("KeyAgreement.ECDHC", PREFIX + "KeyAgreementSpi$DHC");
             provider.addAttributes("KeyAgreement.ECCDH", generalEcAttributes);
@@ -108,9 +114,13 @@
 
             provider.addAlgorithm("KeyAgreement", BSIObjectIdentifiers.ecka_eg_X963kdf_RIPEMD160, PREFIX + "KeyAgreementSpi$ECKAEGwithRIPEMD160KDF");
             provider.addAlgorithm("KeyAgreement.ECKAEGWITHRIPEMD160KDF", PREFIX + "KeyAgreementSpi$ECKAEGwithRIPEMD160KDF");
+            */
+            // END Android-removed: Unsupported algorithms
 
             registerOid(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC", new KeyFactorySpi.EC());
 
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             registerOid(provider, X9ObjectIdentifiers.dhSinglePass_cofactorDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC());
             registerOid(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV());
 
@@ -165,7 +175,11 @@
                 provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha384kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA384KDFAndSharedInfo");
                 provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha512kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA512KDFAndSharedInfo");
 
+            */
+            // END Android-removed: Unsupported algorithms
                 registerOid(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC());
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
                 registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "EC");
 
                 registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha224kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV());
@@ -183,13 +197,21 @@
                 provider.addAlgorithm("KeyFactory.ECMQV", PREFIX + "KeyFactorySpi$ECMQV");
                 provider.addAlgorithm("KeyPairGenerator.ECMQV", PREFIX + "KeyPairGeneratorSpi$ECMQV");
             }
+            */
+            // END Android-removed: Unsupported algorithms
 
             provider.addAlgorithm("KeyFactory.EC", PREFIX + "KeyFactorySpi$EC");
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             provider.addAlgorithm("KeyFactory.ECDSA", PREFIX + "KeyFactorySpi$ECDSA");
             provider.addAlgorithm("KeyFactory.ECDH", PREFIX + "KeyFactorySpi$ECDH");
             provider.addAlgorithm("KeyFactory.ECDHC", PREFIX + "KeyFactorySpi$ECDHC");
+            */
+            // END Android-removed: Unsupported algorithms
 
             provider.addAlgorithm("KeyPairGenerator.EC", PREFIX + "KeyPairGeneratorSpi$EC");
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             provider.addAlgorithm("KeyPairGenerator.ECDSA", PREFIX + "KeyPairGeneratorSpi$ECDSA");
             provider.addAlgorithm("KeyPairGenerator.ECDH", PREFIX + "KeyPairGeneratorSpi$ECDH");
             provider.addAlgorithm("KeyPairGenerator.ECDHWITHSHA1KDF", PREFIX + "KeyPairGeneratorSpi$ECDH");
@@ -204,15 +226,23 @@
             provider.addAlgorithm("Cipher.ECIESWITHDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC");
 
             provider.addAlgorithm("Signature.ECDSA", PREFIX + "SignatureSpi$ecDSA");
+            */
+            // END Android-removed: Unsupported algorithms
+
+            // BEGIN Android-changed: Change primary ID from ECDSA to SHA1withECDSA
+            provider.addAlgorithm("Signature.SHA1withECDSA", PREFIX + "SignatureSpi$ecDSA");
             provider.addAlgorithm("Signature.NONEwithECDSA", PREFIX + "SignatureSpi$ecDSAnone");
 
-            provider.addAlgorithm("Alg.Alias.Signature.SHA1withECDSA", "ECDSA");
-            provider.addAlgorithm("Alg.Alias.Signature.ECDSAwithSHA1", "ECDSA");
-            provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHECDSA", "ECDSA");
-            provider.addAlgorithm("Alg.Alias.Signature.ECDSAWITHSHA1", "ECDSA");
-            provider.addAlgorithm("Alg.Alias.Signature.SHA1WithECDSA", "ECDSA");
-            provider.addAlgorithm("Alg.Alias.Signature.ECDSAWithSHA1", "ECDSA");
-            provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10045.4.1", "ECDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.ECDSA", "SHA1withECDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.ECDSAwithSHA1", "SHA1withECDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHECDSA", "SHA1withECDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.ECDSAWITHSHA1", "SHA1withECDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.SHA1WithECDSA", "SHA1withECDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.ECDSAWithSHA1", "SHA1withECDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10045.4.1", "SHA1withECDSA");
+            // END Android-changed: Change primary ID from ECDSA to SHA1withECDSA
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA");
 
             provider.addAlgorithm("Signature.ECDDSA", PREFIX + "SignatureSpi$ecDetDSA");
@@ -232,11 +262,15 @@
             provider.addAlgorithm("Alg.Alias.Signature.SHA256WITHDETECDSA", "SHA256WITHECDDSA");
             provider.addAlgorithm("Alg.Alias.Signature.SHA384WITHDETECDSA", "SHA384WITHECDDSA");
             provider.addAlgorithm("Alg.Alias.Signature.SHA512WITHDETECDSA", "SHA512WITHECDDSA");
+            */
+            // END Android-removed: Unsupported algorithms
 
             addSignatureAlgorithm(provider, "SHA224", "ECDSA", PREFIX + "SignatureSpi$ecDSA224", X9ObjectIdentifiers.ecdsa_with_SHA224);
             addSignatureAlgorithm(provider, "SHA256", "ECDSA", PREFIX + "SignatureSpi$ecDSA256", X9ObjectIdentifiers.ecdsa_with_SHA256);
             addSignatureAlgorithm(provider, "SHA384", "ECDSA", PREFIX + "SignatureSpi$ecDSA384", X9ObjectIdentifiers.ecdsa_with_SHA384);
             addSignatureAlgorithm(provider, "SHA512", "ECDSA", PREFIX + "SignatureSpi$ecDSA512", X9ObjectIdentifiers.ecdsa_with_SHA512);
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             addSignatureAlgorithm(provider, "SHA3-224", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_224", NISTObjectIdentifiers.id_ecdsa_with_sha3_224);
             addSignatureAlgorithm(provider, "SHA3-256", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_256", NISTObjectIdentifiers.id_ecdsa_with_sha3_256);
             addSignatureAlgorithm(provider, "SHA3-384", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_384", NISTObjectIdentifiers.id_ecdsa_with_sha3_384);
@@ -262,6 +296,8 @@
             addSignatureAlgorithm(provider, "SHA384", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", BSIObjectIdentifiers.ecdsa_plain_SHA384);
             addSignatureAlgorithm(provider, "SHA512", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", BSIObjectIdentifiers.ecdsa_plain_SHA512);
             addSignatureAlgorithm(provider, "RIPEMD160", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecPlainDSARP160", BSIObjectIdentifiers.ecdsa_plain_RIPEMD160);
+            */
+            // END Android-removed: Unsupported algorithms
         }
     }
 }

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ECGOST.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ECGOST.java
deleted file mode 100644
index 67aef3f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ECGOST.java
+++ /dev/null

@@ -1,125 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric;
-
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.jcajce.provider.asymmetric.ecgost.KeyFactorySpi;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider;
-
-public class ECGOST
-{
-    private static final String PREFIX = "org.bouncycastle.jcajce.provider.asymmetric" + ".ecgost.";
-    private static final String PREFIX_GOST_2012 = "org.bouncycastle.jcajce.provider.asymmetric" + ".ecgost12.";
-
-    public static class Mappings
-        extends AsymmetricAlgorithmProvider
-    {
-        public Mappings()
-        {
-        }
-        
-        public void configure(ConfigurableProvider provider)
-        {
-
-            // ========= GOST34.10 2001
-            provider.addAlgorithm("KeyFactory.ECGOST3410", PREFIX + "KeyFactorySpi");
-            provider.addAlgorithm("Alg.Alias.KeyFactory.GOST-3410-2001", "ECGOST3410");
-            provider.addAlgorithm("Alg.Alias.KeyFactory.ECGOST-3410", "ECGOST3410");
-
-            registerOid(provider, CryptoProObjectIdentifiers.gostR3410_2001,
-                    "ECGOST3410", new KeyFactorySpi());
-            registerOid(provider, CryptoProObjectIdentifiers.gostR3410_2001DH,
-                    "ECGOST3410", new KeyFactorySpi());
-            registerOidAlgorithmParameters(provider, CryptoProObjectIdentifiers.gostR3410_2001,
-                    "ECGOST3410");
-
-            provider.addAlgorithm("KeyPairGenerator.ECGOST3410", PREFIX + "KeyPairGeneratorSpi");
-            provider.addAlgorithm("Alg.Alias.KeyPairGenerator.ECGOST-3410", "ECGOST3410");
-            provider.addAlgorithm("Alg.Alias.KeyPairGenerator.GOST-3410-2001", "ECGOST3410");
-
-            provider.addAlgorithm("Signature.ECGOST3410", PREFIX + "SignatureSpi");
-            provider.addAlgorithm("Alg.Alias.Signature.ECGOST-3410", "ECGOST3410");
-            provider.addAlgorithm("Alg.Alias.Signature.GOST-3410-2001", "ECGOST3410");
-
-            provider.addAlgorithm("KeyAgreement.ECGOST3410", PREFIX + "KeyAgreementSpi$ECVKO");
-            provider.addAlgorithm("Alg.Alias.KeyAgreement." + CryptoProObjectIdentifiers.gostR3410_2001, "ECGOST3410");
-            provider.addAlgorithm("Alg.Alias.KeyAgreement.GOST-3410-2001", "ECGOST3410");
-
-            provider.addAlgorithm("Alg.Alias.KeyAgreement." + CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_ESDH, "ECGOST3410");
-            
-            provider.addAlgorithm("AlgorithmParameters.ECGOST3410", PREFIX + "AlgorithmParametersSpi");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.GOST-3410-2001", "ECGOST3410");
-
-            addSignatureAlgorithm(provider, "GOST3411",
-                    "ECGOST3410", PREFIX + "SignatureSpi",
-                    CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-
-            // ========= GOST34.10 2012 256|512
-
-            provider.addAlgorithm("KeyFactory.ECGOST3410-2012", PREFIX_GOST_2012 + "KeyFactorySpi");
-            provider.addAlgorithm("Alg.Alias.KeyFactory.GOST-3410-2012", "ECGOST3410-2012");
-            provider.addAlgorithm("Alg.Alias.KeyFactory.ECGOST-3410-2012", "ECGOST3410-2012");
-
-            registerOid(provider, RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256,
-                    "ECGOST3410-2012",
-                    new org.bouncycastle.jcajce.provider.asymmetric.ecgost12.KeyFactorySpi());
-            registerOid(provider, RosstandartObjectIdentifiers.id_tc26_agreement_gost_3410_12_256,
-                             "ECGOST3410-2012",
-                             new org.bouncycastle.jcajce.provider.asymmetric.ecgost12.KeyFactorySpi());
-            registerOidAlgorithmParameters(provider,
-                    RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256, "ECGOST3410-2012");
-
-            registerOid(provider, RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512,
-                    "ECGOST3410-2012",
-                    new org.bouncycastle.jcajce.provider.asymmetric.ecgost12.KeyFactorySpi());
-            registerOid(provider, RosstandartObjectIdentifiers.id_tc26_agreement_gost_3410_12_512,
-                    "ECGOST3410-2012",
-                    new org.bouncycastle.jcajce.provider.asymmetric.ecgost12.KeyFactorySpi());
-            registerOidAlgorithmParameters(provider,
-                    RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512, "ECGOST3410-2012");
-
-            provider.addAlgorithm("KeyPairGenerator.ECGOST3410-2012",
-                    PREFIX_GOST_2012 + "KeyPairGeneratorSpi");
-            provider.addAlgorithm("Alg.Alias.KeyPairGenerator.ECGOST3410-2012",
-                    "ECGOST3410-2012");
-            provider.addAlgorithm("Alg.Alias.KeyPairGenerator.GOST-3410-2012",
-                    "ECGOST3410-2012");
-
-            // 256 signature
-
-            provider.addAlgorithm("Signature.ECGOST3410-2012-256",
-                    PREFIX_GOST_2012 + "ECGOST2012SignatureSpi256");
-            provider.addAlgorithm("Alg.Alias.Signature.ECGOST3410-2012-256",
-                    "ECGOST3410-2012-256");
-            provider.addAlgorithm("Alg.Alias.Signature.GOST-3410-2012-256",
-                    "ECGOST3410-2012-256");
-
-
-            addSignatureAlgorithm(provider, "GOST3411-2012-256", "ECGOST3410-2012-256",
-                    PREFIX_GOST_2012 + "ECGOST2012SignatureSpi256",
-                    RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_256);
-
-            // 512 signature
-
-
-            provider.addAlgorithm("Signature.ECGOST3410-2012-512",
-                    PREFIX_GOST_2012 + "ECGOST2012SignatureSpi512");
-            provider.addAlgorithm("Alg.Alias.Signature.ECGOST3410-2012-512",
-                    "ECGOST3410-2012-512");
-            provider.addAlgorithm("Alg.Alias.Signature.GOST-3410-2012-512",
-                    "ECGOST3410-2012-512");
-
-            addSignatureAlgorithm(provider, "GOST3411-2012-512", "ECGOST3410-2012-512",
-                    PREFIX_GOST_2012 + "ECGOST2012SignatureSpi512",
-                    RosstandartObjectIdentifiers.id_tc26_signwithdigest_gost_3410_12_512);
-
-            provider.addAlgorithm("KeyAgreement.ECGOST3410-2012-256", PREFIX_GOST_2012 + "KeyAgreementSpi$ECVKO256");
-            provider.addAlgorithm("KeyAgreement.ECGOST3410-2012-512", PREFIX_GOST_2012 + "KeyAgreementSpi$ECVKO512");
-
-            provider.addAlgorithm("Alg.Alias.KeyAgreement." + RosstandartObjectIdentifiers.id_tc26_agreement_gost_3410_12_256, "ECGOST3410-2012-256");
-            provider.addAlgorithm("Alg.Alias.KeyAgreement." + RosstandartObjectIdentifiers.id_tc26_agreement_gost_3410_12_512, "ECGOST3410-2012-512");
-            provider.addAlgorithm("Alg.Alias.KeyAgreement." + RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256, "ECGOST3410-2012-256");
-            provider.addAlgorithm("Alg.Alias.KeyAgreement." + RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512, "ECGOST3410-2012-512");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EdEC.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EdEC.java
deleted file mode 100644
index 60f8ea6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/EdEC.java
+++ /dev/null

@@ -1,84 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import org.bouncycastle.asn1.edec.EdECObjectIdentifiers;
-import org.bouncycastle.jcajce.provider.asymmetric.edec.KeyFactorySpi;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider;
-
-public class EdEC
-{
-    private static final String PREFIX = "org.bouncycastle.jcajce.provider.asymmetric" + ".edec.";
-
-    private static final Map<String, String> edxAttributes = new HashMap<String, String>();
-
-    static
-    {
-        edxAttributes.put("SupportedKeyClasses", "java.security.interfaces.ECPublicKey|java.security.interfaces.ECPrivateKey");
-        edxAttributes.put("SupportedKeyFormats", "PKCS#8|X.509");
-    }
-
-    public static class Mappings
-        extends AsymmetricAlgorithmProvider
-    {
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("KeyFactory.XDH", PREFIX + "KeyFactorySpi$XDH");
-            provider.addAlgorithm("KeyFactory.X448", PREFIX + "KeyFactorySpi$X448");
-            provider.addAlgorithm("KeyFactory.X25519", PREFIX + "KeyFactorySpi$X25519");
-
-            provider.addAlgorithm("KeyFactory.EDDSA", PREFIX + "KeyFactorySpi$EDDSA");
-            provider.addAlgorithm("KeyFactory.ED448", PREFIX + "KeyFactorySpi$ED448");
-            provider.addAlgorithm("KeyFactory.ED25519", PREFIX + "KeyFactorySpi$ED25519");
-
-            provider.addAlgorithm("Signature.EDDSA", PREFIX + "SignatureSpi$EdDSA");
-            provider.addAlgorithm("Signature.ED448", PREFIX + "SignatureSpi$Ed448");
-            provider.addAlgorithm("Signature.ED25519", PREFIX + "SignatureSpi$Ed25519");
-            provider.addAlgorithm("Signature", EdECObjectIdentifiers.id_Ed448, PREFIX + "SignatureSpi$Ed448");
-            provider.addAlgorithm("Signature", EdECObjectIdentifiers.id_Ed25519, PREFIX + "SignatureSpi$Ed25519");
-
-            provider.addAlgorithm("KeyPairGenerator.EDDSA", PREFIX + "KeyPairGeneratorSpi$EdDSA");
-            provider.addAlgorithm("KeyPairGenerator.ED448", PREFIX + "KeyPairGeneratorSpi$Ed448");
-            provider.addAlgorithm("KeyPairGenerator.ED25519", PREFIX + "KeyPairGeneratorSpi$Ed25519");
-            provider.addAlgorithm("KeyPairGenerator", EdECObjectIdentifiers.id_Ed448, PREFIX + "KeyPairGeneratorSpi$Ed448");
-            provider.addAlgorithm("KeyPairGenerator", EdECObjectIdentifiers.id_Ed25519, PREFIX + "KeyPairGeneratorSpi$Ed25519");
-
-            provider.addAlgorithm("KeyAgreement.XDH", PREFIX + "KeyAgreementSpi$XDH");
-            provider.addAlgorithm("KeyAgreement.X448", PREFIX + "KeyAgreementSpi$X448");
-            provider.addAlgorithm("KeyAgreement.X25519", PREFIX + "KeyAgreementSpi$X25519");
-            provider.addAlgorithm("KeyAgreement", EdECObjectIdentifiers.id_X448, PREFIX + "KeyAgreementSpi$X448");
-            provider.addAlgorithm("KeyAgreement", EdECObjectIdentifiers.id_X25519, PREFIX + "KeyAgreementSpi$X25519");
-
-            provider.addAlgorithm("KeyAgreement.X25519WITHSHA256CKDF", PREFIX + "KeyAgreementSpi$X25519withSHA256CKDF");
-            provider.addAlgorithm("KeyAgreement.X25519WITHSHA384CKDF", PREFIX + "KeyAgreementSpi$X25519withSHA384CKDF");
-            provider.addAlgorithm("KeyAgreement.X25519WITHSHA512CKDF", PREFIX + "KeyAgreementSpi$X25519withSHA512CKDF");
-
-            provider.addAlgorithm("KeyAgreement.X448WITHSHA256CKDF", PREFIX + "KeyAgreementSpi$X448withSHA256CKDF");
-            provider.addAlgorithm("KeyAgreement.X448WITHSHA384CKDF", PREFIX + "KeyAgreementSpi$X448withSHA384CKDF");
-            provider.addAlgorithm("KeyAgreement.X448WITHSHA512CKDF", PREFIX + "KeyAgreementSpi$X448withSHA512CKDF");
-
-            provider.addAlgorithm("KeyAgreement.X25519WITHSHA256KDF", PREFIX + "KeyAgreementSpi$X25519withSHA256KDF");
-            provider.addAlgorithm("KeyAgreement.X448WITHSHA512KDF", PREFIX + "KeyAgreementSpi$X448withSHA512KDF");
-
-            provider.addAlgorithm("KeyAgreement.X25519UWITHSHA256KDF", PREFIX + "KeyAgreementSpi$X25519UwithSHA256KDF");
-            provider.addAlgorithm("KeyAgreement.X448UWITHSHA512KDF", PREFIX + "KeyAgreementSpi$X448UwithSHA512KDF");
-
-            provider.addAlgorithm("KeyPairGenerator.XDH", PREFIX + "KeyPairGeneratorSpi$XDH");
-            provider.addAlgorithm("KeyPairGenerator.X448", PREFIX + "KeyPairGeneratorSpi$X448");
-            provider.addAlgorithm("KeyPairGenerator.X25519", PREFIX + "KeyPairGeneratorSpi$X25519");
-            provider.addAlgorithm("KeyPairGenerator", EdECObjectIdentifiers.id_X448, PREFIX + "KeyPairGeneratorSpiSpi$X448");
-            provider.addAlgorithm("KeyPairGenerator", EdECObjectIdentifiers.id_X25519, PREFIX + "KeyPairGeneratorSpiSpi$X25519");
-
-            registerOid(provider, EdECObjectIdentifiers.id_X448, "XDH", new KeyFactorySpi.X448());
-            registerOid(provider, EdECObjectIdentifiers.id_X25519, "XDH", new KeyFactorySpi.X25519());
-            registerOid(provider, EdECObjectIdentifiers.id_Ed448, "EDDSA", new KeyFactorySpi.ED448());
-            registerOid(provider, EdECObjectIdentifiers.id_Ed25519, "EDDSA", new KeyFactorySpi.ED25519());
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ElGamal.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ElGamal.java
deleted file mode 100644
index 279e951..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ElGamal.java
+++ /dev/null

@@ -1,46 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric;
-
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.jcajce.provider.asymmetric.elgamal.KeyFactorySpi;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider;
-import org.bouncycastle.jcajce.provider.util.AsymmetricKeyInfoConverter;
-
-public class ElGamal
-{
-    private static final String PREFIX = "org.bouncycastle.jcajce.provider.asymmetric" + ".elgamal.";
-
-    public static class Mappings
-        extends AsymmetricAlgorithmProvider
-    {
-        public Mappings()
-        {
-        }
-        
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("AlgorithmParameterGenerator.ELGAMAL", PREFIX + "AlgorithmParameterGeneratorSpi");
-            provider.addAlgorithm("AlgorithmParameterGenerator.ElGamal", PREFIX + "AlgorithmParameterGeneratorSpi");
-            provider.addAlgorithm("AlgorithmParameters.ELGAMAL", PREFIX + "AlgorithmParametersSpi");
-            provider.addAlgorithm("AlgorithmParameters.ElGamal", PREFIX + "AlgorithmParametersSpi");
-
-            provider.addAlgorithm("Cipher.ELGAMAL", PREFIX + "CipherSpi$NoPadding");
-            provider.addAlgorithm("Cipher.ElGamal", PREFIX + "CipherSpi$NoPadding");
-            provider.addAlgorithm("Alg.Alias.Cipher.ELGAMAL/ECB/PKCS1PADDING", "ELGAMAL/PKCS1");
-            provider.addAlgorithm("Alg.Alias.Cipher.ELGAMAL/NONE/PKCS1PADDING", "ELGAMAL/PKCS1");
-            provider.addAlgorithm("Alg.Alias.Cipher.ELGAMAL/NONE/NOPADDING", "ELGAMAL");
-
-            provider.addAlgorithm("Cipher.ELGAMAL/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding");
-            provider.addAlgorithm("KeyFactory.ELGAMAL", PREFIX + "KeyFactorySpi");
-            provider.addAlgorithm("KeyFactory.ElGamal", PREFIX + "KeyFactorySpi");
-
-            provider.addAlgorithm("KeyPairGenerator.ELGAMAL", PREFIX + "KeyPairGeneratorSpi");
-            provider.addAlgorithm("KeyPairGenerator.ElGamal", PREFIX + "KeyPairGeneratorSpi");
-
-            AsymmetricKeyInfoConverter keyFact = new KeyFactorySpi();
-
-            registerOid(provider, OIWObjectIdentifiers.elGamalAlgorithm, "ELGAMAL", keyFact);
-            registerOidAlgorithmParameterGenerator(provider, OIWObjectIdentifiers.elGamalAlgorithm, "ELGAMAL");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/GM.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/GM.java
deleted file mode 100644
index 744200c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/GM.java
+++ /dev/null

@@ -1,59 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider;
-
-public class GM
-{
-    private static final String PREFIX = "org.bouncycastle.jcajce.provider.asymmetric" + ".ec.";
-
-    private static final Map<String, String> generalSm2Attributes = new HashMap<String, String>();
-
-    static
-    {
-        generalSm2Attributes.put("SupportedKeyClasses", "java.security.interfaces.ECPublicKey|java.security.interfaces.ECPrivateKey");
-        generalSm2Attributes.put("SupportedKeyFormats", "PKCS#8|X.509");
-    }
-
-    public static class Mappings
-        extends AsymmetricAlgorithmProvider
-    {
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("Signature.SM3WITHSM2", PREFIX + "GMSignatureSpi$sm3WithSM2");
-            provider.addAlgorithm("Alg.Alias.Signature." + GMObjectIdentifiers.sm2sign_with_sm3, "SM3WITHSM2");
-
-            provider.addAlgorithm("Cipher.SM2", PREFIX + "GMCipherSpi$SM2");
-            provider.addAlgorithm("Alg.Alias.Cipher.SM2WITHSM3", "SM2");
-            provider.addAlgorithm("Alg.Alias.Cipher." + GMObjectIdentifiers.sm2encrypt_with_sm3, "SM2");
-            provider.addAlgorithm("Cipher.SM2WITHBLAKE2B", PREFIX + "GMCipherSpi$SM2withBlake2b");
-            provider.addAlgorithm("Alg.Alias.Cipher." + GMObjectIdentifiers.sm2encrypt_with_blake2b512, "SM2WITHBLAKE2B");
-            provider.addAlgorithm("Cipher.SM2WITHBLAKE2S", PREFIX + "GMCipherSpi$SM2withBlake2s");
-            provider.addAlgorithm("Alg.Alias.Cipher." + GMObjectIdentifiers.sm2encrypt_with_blake2s256, "SM2WITHBLAKE2S");
-            provider.addAlgorithm("Cipher.SM2WITHWHIRLPOOL", PREFIX + "GMCipherSpi$SM2withWhirlpool");
-            provider.addAlgorithm("Alg.Alias.Cipher." + GMObjectIdentifiers.sm2encrypt_with_whirlpool, "SM2WITHWHIRLPOOL");
-            provider.addAlgorithm("Cipher.SM2WITHMD5", PREFIX + "GMCipherSpi$SM2withMD5");
-            provider.addAlgorithm("Alg.Alias.Cipher." + GMObjectIdentifiers.sm2encrypt_with_md5, "SM2WITHMD5");
-            provider.addAlgorithm("Cipher.SM2WITHRIPEMD160", PREFIX + "GMCipherSpi$SM2withRMD");
-            provider.addAlgorithm("Alg.Alias.Cipher." + GMObjectIdentifiers.sm2encrypt_with_rmd160, "SM2WITHRIPEMD160");
-            provider.addAlgorithm("Cipher.SM2WITHSHA1", PREFIX + "GMCipherSpi$SM2withSha1");
-            provider.addAlgorithm("Alg.Alias.Cipher." + GMObjectIdentifiers.sm2encrypt_with_sha1, "SM2WITHSHA1");
-            provider.addAlgorithm("Cipher.SM2WITHSHA224", PREFIX + "GMCipherSpi$SM2withSha224");
-            provider.addAlgorithm("Alg.Alias.Cipher." + GMObjectIdentifiers.sm2encrypt_with_sha224, "SM2WITHSHA224");
-            provider.addAlgorithm("Cipher.SM2WITHSHA256", PREFIX + "GMCipherSpi$SM2withSha256");
-            provider.addAlgorithm("Alg.Alias.Cipher." + GMObjectIdentifiers.sm2encrypt_with_sha256, "SM2WITHSHA256");
-            provider.addAlgorithm("Cipher.SM2WITHSHA384", PREFIX + "GMCipherSpi$SM2withSha384");
-            provider.addAlgorithm("Alg.Alias.Cipher." + GMObjectIdentifiers.sm2encrypt_with_sha384, "SM2WITHSHA384");
-            provider.addAlgorithm("Cipher.SM2WITHSHA512", PREFIX + "GMCipherSpi$SM2withSha512");
-            provider.addAlgorithm("Alg.Alias.Cipher." + GMObjectIdentifiers.sm2encrypt_with_sha512, "SM2WITHSHA512");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/GOST.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/GOST.java
deleted file mode 100644
index 30b6f2f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/GOST.java
+++ /dev/null

@@ -1,49 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric;
-
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.jcajce.provider.asymmetric.gost.KeyFactorySpi;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider;
-
-public class GOST
-{
-    private static final String PREFIX = "org.bouncycastle.jcajce.provider.asymmetric" + ".gost.";
-
-    public static class Mappings
-        extends AsymmetricAlgorithmProvider
-    {
-        public Mappings()
-        {
-        }
-        
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("KeyPairGenerator.GOST3410", PREFIX + "KeyPairGeneratorSpi");
-            provider.addAlgorithm("Alg.Alias.KeyPairGenerator.GOST-3410", "GOST3410");
-            provider.addAlgorithm("Alg.Alias.KeyPairGenerator.GOST-3410-94", "GOST3410");
-
-            provider.addAlgorithm("KeyFactory.GOST3410", PREFIX + "KeyFactorySpi");
-            provider.addAlgorithm("Alg.Alias.KeyFactory.GOST-3410", "GOST3410");
-            provider.addAlgorithm("Alg.Alias.KeyFactory.GOST-3410-94", "GOST3410");
-
-
-            provider.addAlgorithm("AlgorithmParameters.GOST3410", PREFIX + "AlgorithmParametersSpi");
-            provider.addAlgorithm("AlgorithmParameterGenerator.GOST3410", PREFIX + "AlgorithmParameterGeneratorSpi");
-
-            registerOid(provider, CryptoProObjectIdentifiers.gostR3410_94, "GOST3410", new KeyFactorySpi());
-            registerOidAlgorithmParameterGenerator(provider, CryptoProObjectIdentifiers.gostR3410_94, "GOST3410");
-
-            provider.addAlgorithm("Signature.GOST3410", PREFIX + "SignatureSpi");
-            provider.addAlgorithm("Alg.Alias.Signature.GOST-3410", "GOST3410");
-            provider.addAlgorithm("Alg.Alias.Signature.GOST-3410-94", "GOST3410");
-            provider.addAlgorithm("Alg.Alias.Signature.GOST3411withGOST3410", "GOST3410");
-            provider.addAlgorithm("Alg.Alias.Signature.GOST3411WITHGOST3410", "GOST3410");
-            provider.addAlgorithm("Alg.Alias.Signature.GOST3411WithGOST3410", "GOST3410");
-            provider.addAlgorithm("Alg.Alias.Signature." + CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3410");
-
-
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator.GOST-3410", "GOST3410");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.GOST-3410", "GOST3410");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/IES.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/IES.java
deleted file mode 100644
index dfe1644..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/IES.java
+++ /dev/null

@@ -1,23 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric;
-
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider;
-
-public class IES
-{
-    private static final String PREFIX = "org.bouncycastle.jcajce.provider.asymmetric" + ".ies.";
-
-    public static class Mappings
-        extends AsymmetricAlgorithmProvider
-    {
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("AlgorithmParameters.IES", PREFIX + "AlgorithmParametersSpi");
-            provider.addAlgorithm("AlgorithmParameters.ECIES", PREFIX + "AlgorithmParametersSpi");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/RSA.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/RSA.java
index c32690a..4eb01a3 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/RSA.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/RSA.java

@@ -7,7 +7,8 @@
 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
 import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
 import org.bouncycastle.jcajce.provider.asymmetric.rsa.KeyFactorySpi;
 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
@@ -38,6 +39,8 @@
             provider.addAlgorithm("AlgorithmParameters.OAEP", PREFIX + "AlgorithmParametersSpi$OAEP");
             provider.addAlgorithm("AlgorithmParameters.PSS", PREFIX + "AlgorithmParametersSpi$PSS");
 
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS");
             provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS");
 
@@ -59,10 +62,15 @@
             provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS");
             provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS");
             provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAANDMGF1", "PSS");
+            */
+            // END Android-removed: Unsupported algorithms
 
             provider.addAttributes("Cipher.RSA", generalRsaAttributes);
             provider.addAlgorithm("Cipher.RSA", PREFIX + "CipherSpi$NoPadding");
-            provider.addAlgorithm("Cipher.RSA/RAW", PREFIX + "CipherSpi$NoPadding");
+            // Android-changed: Use an alias for RSA/RAW instead of a concrete implementation
+            provider.addAlgorithm("Alg.Alias.Cipher.RSA/RAW", "RSA");
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             provider.addAlgorithm("Cipher.RSA/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding");
             provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.rsaEncryption, PREFIX + "CipherSpi$PKCS1v1_5Padding");
             provider.addAlgorithm("Cipher", X509ObjectIdentifiers.id_ea_rsa, PREFIX + "CipherSpi$PKCS1v1_5Padding");
@@ -71,12 +79,18 @@
             provider.addAlgorithm("Cipher.RSA/OAEP", PREFIX + "CipherSpi$OAEPPadding");
             provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.id_RSAES_OAEP, PREFIX + "CipherSpi$OAEPPadding");
             provider.addAlgorithm("Cipher.RSA/ISO9796-1", PREFIX + "CipherSpi$ISO9796d1Padding");
+            */
+            // END Android-removed: Unsupported algorithms
 
             provider.addAlgorithm("Alg.Alias.Cipher.RSA//RAW", "RSA");
             provider.addAlgorithm("Alg.Alias.Cipher.RSA//NOPADDING", "RSA");
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             provider.addAlgorithm("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1");
             provider.addAlgorithm("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP");
             provider.addAlgorithm("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1");
+            */
+            // END Android-removed: Unsupported algorithms
 
             provider.addAlgorithm("KeyFactory.RSA", PREFIX + "KeyFactorySpi");
             provider.addAlgorithm("KeyPairGenerator.RSA", PREFIX + "KeyPairGeneratorSpi");
@@ -86,6 +100,8 @@
             registerOid(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA", keyFact);
             registerOid(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA", keyFact);
             registerOid(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "RSA", keyFact);
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             registerOid(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "RSA", keyFact);
 
             registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA");
@@ -129,32 +145,43 @@
             {
                 addDigestSignature(provider, "MD4", PREFIX + "DigestSignatureSpi$MD4", PKCSObjectIdentifiers.md4WithRSAEncryption);
             }
+            */
+            // END Android-removed: Unsupported algorithms
 
             if (provider.hasAlgorithm("MessageDigest", "MD5"))
             {
                 addDigestSignature(provider, "MD5", PREFIX + "DigestSignatureSpi$MD5", PKCSObjectIdentifiers.md5WithRSAEncryption);
-                addISO9796Signature(provider, "MD5", PREFIX + "ISOSignatureSpi$MD5WithRSAEncryption");
+                // Android-removed: Unsupported algorithms
+                // addISO9796Signature(provider, "MD5", PREFIX + "ISOSignatureSpi$MD5WithRSAEncryption");
             }
 
             if (provider.hasAlgorithm("MessageDigest", "SHA1"))
             {
+                // BEGIN Android-removed: Unsupported algorithms
+                /*
                 provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS");
                 provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS");
 
                 addPSSSignature(provider, "SHA1", PREFIX + "PSSSignatureSpi$SHA1withRSA");
+                */
+                // END Android-removed: Unsupported algorithms
                 addDigestSignature(provider, "SHA1", PREFIX + "DigestSignatureSpi$SHA1", PKCSObjectIdentifiers.sha1WithRSAEncryption);
-                addISO9796Signature(provider, "SHA1", PREFIX + "ISOSignatureSpi$SHA1WithRSAEncryption");
+                // Android-removed: Unsupported algorithms
+                // addISO9796Signature(provider, "SHA1", PREFIX + "ISOSignatureSpi$SHA1WithRSAEncryption");
 
                 provider.addAlgorithm("Alg.Alias.Signature." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA");
                 provider.addAlgorithm("Alg.Alias.Signature.OID." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA");
 
-                addX931Signature(provider, "SHA1", PREFIX + "X931SignatureSpi$SHA1WithRSAEncryption");
+                // BEGIN Android-removed: Unsupported algorithms
+                // addX931Signature(provider, "SHA1", PREFIX + "X931SignatureSpi$SHA1WithRSAEncryption");
             }
 
             addDigestSignature(provider, "SHA224", PREFIX + "DigestSignatureSpi$SHA224", PKCSObjectIdentifiers.sha224WithRSAEncryption);
             addDigestSignature(provider, "SHA256", PREFIX + "DigestSignatureSpi$SHA256", PKCSObjectIdentifiers.sha256WithRSAEncryption);
             addDigestSignature(provider, "SHA384", PREFIX + "DigestSignatureSpi$SHA384", PKCSObjectIdentifiers.sha384WithRSAEncryption);
             addDigestSignature(provider, "SHA512", PREFIX + "DigestSignatureSpi$SHA512", PKCSObjectIdentifiers.sha512WithRSAEncryption);
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             addDigestSignature(provider, "SHA512(224)", PREFIX + "DigestSignatureSpi$SHA512_224", PKCSObjectIdentifiers.sha512_224WithRSAEncryption);
             addDigestSignature(provider, "SHA512(256)", PREFIX + "DigestSignatureSpi$SHA512_256", PKCSObjectIdentifiers.sha512_256WithRSAEncryption);
 
@@ -210,6 +237,8 @@
                 addX931Signature(provider, "Whirlpool", PREFIX + "X931SignatureSpi$WhirlpoolWithRSAEncryption");
                 addX931Signature(provider, "WHIRLPOOL", PREFIX + "X931SignatureSpi$WhirlpoolWithRSAEncryption");
             }
+            */
+            // END Android-removed: Unsupported algorithms
         }
 
         private void addDigestSignature(

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/X509.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/X509.java
index 5cbee90..12a9f6f 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/X509.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/X509.java

@@ -18,8 +18,10 @@
 
         public void configure(ConfigurableProvider provider)
         {
-            provider.addAlgorithm("KeyFactory.X.509", "org.bouncycastle.jcajce.provider.asymmetric.x509.KeyFactory");
-            provider.addAlgorithm("Alg.Alias.KeyFactory.X509", "X.509");
+            // BEGIN Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("KeyFactory.X.509", "org.bouncycastle.jcajce.provider.asymmetric.x509.KeyFactory");
+            // provider.addAlgorithm("Alg.Alias.KeyFactory.X509", "X.509");
+            // END Android-removed: Unsupported algorithms
 
             //
             // certificate factories.

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/IESCipher.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/IESCipher.java
deleted file mode 100644
index 02f7fe4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/IESCipher.java
+++ /dev/null

@@ -1,546 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.dh;
-
-import java.io.ByteArrayOutputStream;
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.NoSuchAlgorithmException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.BadPaddingException;
-import javax.crypto.Cipher;
-import javax.crypto.CipherSpi;
-import javax.crypto.IllegalBlockSizeException;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.ShortBufferException;
-import javax.crypto.interfaces.DHKey;
-import javax.crypto.interfaces.DHPrivateKey;
-import javax.crypto.interfaces.DHPublicKey;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.KeyEncoder;
-import org.bouncycastle.crypto.agreement.DHBasicAgreement;
-import org.bouncycastle.crypto.engines.AESEngine;
-import org.bouncycastle.crypto.engines.DESedeEngine;
-import org.bouncycastle.crypto.engines.IESEngine;
-import org.bouncycastle.crypto.generators.DHKeyPairGenerator;
-import org.bouncycastle.crypto.generators.EphemeralKeyPairGenerator;
-import org.bouncycastle.crypto.generators.KDF2BytesGenerator;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.DHKeyGenerationParameters;
-import org.bouncycastle.crypto.params.DHKeyParameters;
-import org.bouncycastle.crypto.params.DHParameters;
-import org.bouncycastle.crypto.params.DHPublicKeyParameters;
-import org.bouncycastle.crypto.params.IESWithCipherParameters;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.crypto.parsers.DHIESPublicKeyParser;
-import org.bouncycastle.crypto.util.DigestFactory;
-import org.bouncycastle.jcajce.provider.asymmetric.util.DHUtil;
-import org.bouncycastle.jcajce.provider.asymmetric.util.IESUtil;
-import org.bouncycastle.jcajce.provider.util.BadBlockException;
-import org.bouncycastle.jcajce.util.BCJcaJceHelper;
-import org.bouncycastle.jcajce.util.JcaJceHelper;
-import org.bouncycastle.jce.interfaces.IESKey;
-import org.bouncycastle.jce.spec.IESParameterSpec;
-import org.bouncycastle.util.BigIntegers;
-import org.bouncycastle.util.Strings;
-
-
-public class IESCipher
-    extends CipherSpi
-{
-    private final JcaJceHelper helper = new BCJcaJceHelper();
-    private final int ivLength;
-
-    private IESEngine engine;
-    private int state = -1;
-    private ByteArrayOutputStream buffer = new ByteArrayOutputStream();
-    private AlgorithmParameters engineParam = null;
-    private IESParameterSpec engineSpec = null;
-    private AsymmetricKeyParameter key;
-    private SecureRandom random;
-    private boolean dhaesMode = false;
-    private AsymmetricKeyParameter otherKeyParameter = null;
-
-    public IESCipher(IESEngine engine)
-    {
-        this.engine = engine;
-        this.ivLength = 0;
-    }
-
-    public IESCipher(IESEngine engine, int ivLength)
-    {
-        this.engine = engine;
-        this.ivLength = ivLength;
-    }
-
-    public int engineGetBlockSize()
-    {
-        if (engine.getCipher() != null)
-        {
-            return engine.getCipher().getBlockSize();
-        }
-        else
-        {
-            return 0;
-        }
-    }
-
-
-    public int engineGetKeySize(Key key)
-    {
-        if (key instanceof DHKey)
-        {
-            return ((DHKey)key).getParams().getP().bitLength();
-        }
-        else
-        {
-            throw new IllegalArgumentException("not a DH key");
-        }
-    }
-
-
-    public byte[] engineGetIV()
-    {
-        if (engineSpec != null)
-        {
-            return engineSpec.getNonce();
-        }
-        return null;
-    }
-
-    public AlgorithmParameters engineGetParameters()
-    {
-        if (engineParam == null && engineSpec != null)
-        {
-            try
-            {
-                engineParam = helper.createAlgorithmParameters("IES");
-                engineParam.init(engineSpec);
-            }
-            catch (Exception e)
-            {
-                throw new RuntimeException(e.toString());
-            }
-        }
-
-        return engineParam;
-    }
-
-
-    public void engineSetMode(String mode)
-        throws NoSuchAlgorithmException
-    {
-        String modeName = Strings.toUpperCase(mode);
-
-        if (modeName.equals("NONE"))
-        {
-            dhaesMode = false;
-        }
-        else if (modeName.equals("DHAES"))
-        {
-            dhaesMode = true;
-        }
-        else
-        {
-            throw new IllegalArgumentException("can't support mode " + mode);
-        }
-    }
-
-    public int engineGetOutputSize(int inputLen)
-    {
-        int len1, len2, len3;
-
-        if (key == null)
-        {
-            throw new IllegalStateException("cipher not initialised");
-        }
-
-        len1 = engine.getMac().getMacSize();
-
-        if (otherKeyParameter == null)
-        {
-            len2 = 1 + 2 * (((DHKeyParameters)key).getParameters().getP().bitLength() + 7) / 8;
-        }
-        else
-        {
-            len2 = 0;
-        }
-
-        if (engine.getCipher() == null)
-        {
-            len3 = inputLen;
-        }
-        else if (state == Cipher.ENCRYPT_MODE || state == Cipher.WRAP_MODE)
-        {
-            len3 = engine.getCipher().getOutputSize(inputLen);
-        }
-        else if (state == Cipher.DECRYPT_MODE || state == Cipher.UNWRAP_MODE)
-        {
-            len3 = engine.getCipher().getOutputSize(inputLen - len1 - len2);
-        }
-        else
-        {
-            throw new IllegalStateException("cipher not initialised");
-        }
-
-        if (state == Cipher.ENCRYPT_MODE || state == Cipher.WRAP_MODE)
-        {
-            return buffer.size() + len1 + len2 + len3;
-        }
-        else if (state == Cipher.DECRYPT_MODE || state == Cipher.UNWRAP_MODE)
-        {
-            return buffer.size() - len1 - len2 + len3;
-        }
-        else
-        {
-            throw new IllegalStateException("IESCipher not initialised");
-        }
-
-    }
-
-    public void engineSetPadding(String padding)
-        throws NoSuchPaddingException
-    {
-        String paddingName = Strings.toUpperCase(padding);
-
-        // TDOD: make this meaningful...
-        if (paddingName.equals("NOPADDING"))
-        {
-
-        }
-        else if (paddingName.equals("PKCS5PADDING") || paddingName.equals("PKCS7PADDING"))
-        {
-
-        }
-        else
-        {
-            throw new NoSuchPaddingException("padding not available with IESCipher");
-        }
-    }
-
-    // Initialisation methods
-
-    public void engineInit(
-        int opmode,
-        Key key,
-        AlgorithmParameters params,
-        SecureRandom random)
-        throws InvalidKeyException, InvalidAlgorithmParameterException
-    {
-        AlgorithmParameterSpec paramSpec = null;
-
-        if (params != null)
-        {
-            try
-            {
-                paramSpec = params.getParameterSpec(IESParameterSpec.class);
-            }
-            catch (Exception e)
-            {
-                throw new InvalidAlgorithmParameterException("cannot recognise parameters: " + e.toString());
-            }
-        }
-
-        engineParam = params;
-        engineInit(opmode, key, paramSpec, random);
-    }
-
-
-    public void engineInit(
-        int opmode,
-        Key key,
-        AlgorithmParameterSpec engineSpec,
-        SecureRandom random)
-        throws InvalidAlgorithmParameterException, InvalidKeyException
-    {
-        // Use default parameters (including cipher key size) if none are specified
-        if (engineSpec == null)
-        {
-            byte[] nonce = null;
-            if (ivLength != 0 && opmode == Cipher.ENCRYPT_MODE)
-            {
-                nonce = new byte[ivLength];
-                random.nextBytes(nonce);
-            }
-            this.engineSpec = IESUtil.guessParameterSpec(engine.getCipher(), nonce);
-        }
-        else if (engineSpec instanceof IESParameterSpec)
-        {
-            this.engineSpec = (IESParameterSpec)engineSpec;
-        }
-        else
-        {
-            throw new InvalidAlgorithmParameterException("must be passed IES parameters");
-        }
-
-        byte[] nonce = this.engineSpec.getNonce();
-
-        if (ivLength != 0 && (nonce == null || nonce.length != ivLength))
-        {
-            throw new InvalidAlgorithmParameterException("NONCE in IES Parameters needs to be " + ivLength + " bytes long");
-        }
-
-        // Parse the recipient's key
-        if (opmode == Cipher.ENCRYPT_MODE || opmode == Cipher.WRAP_MODE)
-        {
-            if (key instanceof DHPublicKey)
-            {
-                this.key = DHUtil.generatePublicKeyParameter((PublicKey)key);
-            }
-            else if (key instanceof IESKey)
-            {
-                IESKey ieKey = (IESKey)key;
-
-                this.key = DHUtil.generatePublicKeyParameter(ieKey.getPublic());
-                this.otherKeyParameter = DHUtil.generatePrivateKeyParameter(ieKey.getPrivate());
-            }
-            else
-            {
-                throw new InvalidKeyException("must be passed recipient's public DH key for encryption");
-            }
-        }
-        else if (opmode == Cipher.DECRYPT_MODE || opmode == Cipher.UNWRAP_MODE)
-        {
-            if (key instanceof DHPrivateKey)
-            {
-                this.key = DHUtil.generatePrivateKeyParameter((PrivateKey)key);
-            }
-            else if (key instanceof IESKey)
-            {
-                IESKey ieKey = (IESKey)key;
-
-                this.otherKeyParameter = DHUtil.generatePublicKeyParameter(ieKey.getPublic());
-                this.key = DHUtil.generatePrivateKeyParameter(ieKey.getPrivate());
-            }
-            else
-            {
-                throw new InvalidKeyException("must be passed recipient's private DH key for decryption");
-            }
-        }
-        else
-        {
-            throw new InvalidKeyException("must be passed EC key");
-        }
-
-        this.random = random;
-        this.state = opmode;
-        buffer.reset();
-
-    }
-
-
-    public void engineInit(
-        int opmode,
-        Key key,
-        SecureRandom random)
-        throws InvalidKeyException
-    {
-        try
-        {
-            engineInit(opmode, key, (AlgorithmParameterSpec)null, random);
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            throw new IllegalArgumentException("cannot handle supplied parameter spec: " + e.getMessage());
-        }
-
-    }
-
-
-    // Update methods - buffer the input
-
-    public byte[] engineUpdate(
-        byte[] input,
-        int inputOffset,
-        int inputLen)
-    {
-        buffer.write(input, inputOffset, inputLen);
-        return null;
-    }
-
-
-    public int engineUpdate(
-        byte[] input,
-        int inputOffset,
-        int inputLen,
-        byte[] output,
-        int outputOffset)
-    {
-        buffer.write(input, inputOffset, inputLen);
-        return 0;
-    }
-
-
-    // Finalisation methods
-
-    public byte[] engineDoFinal(
-        byte[] input,
-        int inputOffset,
-        int inputLen)
-        throws IllegalBlockSizeException, BadPaddingException
-    {
-        if (inputLen != 0)
-        {
-            buffer.write(input, inputOffset, inputLen);
-        }
-
-        byte[] in = buffer.toByteArray();
-        buffer.reset();
-
-        // Convert parameters for use in IESEngine
-        CipherParameters params = new IESWithCipherParameters(engineSpec.getDerivationV(),
-            engineSpec.getEncodingV(),
-            engineSpec.getMacKeySize(),
-            engineSpec.getCipherKeySize());
-
-        if (engineSpec.getNonce() != null)
-        {
-            params = new ParametersWithIV(params, engineSpec.getNonce());
-        }
-
-        DHParameters dhParams = ((DHKeyParameters)key).getParameters();
-
-        byte[] V;
-        if (otherKeyParameter != null)
-        {
-            try
-            {
-                if (state == Cipher.ENCRYPT_MODE || state == Cipher.WRAP_MODE)
-                {
-                    engine.init(true, otherKeyParameter, key, params);
-                }
-                else
-                {
-                    engine.init(false, key, otherKeyParameter, params);
-                }
-                return engine.processBlock(in, 0, in.length);
-            }
-            catch (Exception e)
-            {
-                throw new BadBlockException("unable to process block", e);
-            }
-        }
-
-        if (state == Cipher.ENCRYPT_MODE || state == Cipher.WRAP_MODE)
-        {
-            // Generate the ephemeral key pair
-            DHKeyPairGenerator gen = new DHKeyPairGenerator();
-            gen.init(new DHKeyGenerationParameters(random, dhParams));
-
-            EphemeralKeyPairGenerator kGen = new EphemeralKeyPairGenerator(gen, new KeyEncoder()
-            {
-                public byte[] getEncoded(AsymmetricKeyParameter keyParameter)
-                {
-                    byte[] Vloc = new byte[(((DHKeyParameters)keyParameter).getParameters().getP().bitLength() + 7) / 8];
-                    byte[] Vtmp = BigIntegers.asUnsignedByteArray(((DHPublicKeyParameters)keyParameter).getY());
-
-                    if (Vtmp.length > Vloc.length)
-                    {
-                        throw new IllegalArgumentException("Senders's public key longer than expected.");
-                    }
-                    else
-                    {
-                        System.arraycopy(Vtmp, 0, Vloc, Vloc.length - Vtmp.length, Vtmp.length);
-                    }
-
-                    return Vloc;
-                }
-            });
-
-            // Encrypt the buffer
-            try
-            {
-                engine.init(key, params, kGen);
-
-                return engine.processBlock(in, 0, in.length);
-            }
-            catch (Exception e)
-            {
-                throw new BadBlockException("unable to process block", e);
-            }
-        }
-        else if (state == Cipher.DECRYPT_MODE || state == Cipher.UNWRAP_MODE)
-        {
-            // Decrypt the buffer
-            try
-            {
-                engine.init(key, params, new DHIESPublicKeyParser(((DHKeyParameters)key).getParameters()));
-
-                return engine.processBlock(in, 0, in.length);
-            }
-            catch (InvalidCipherTextException e)
-            {
-                throw new BadBlockException("unable to process block", e);
-            }
-        }
-        else
-        {
-            throw new IllegalStateException("IESCipher not initialised");
-        }
-
-    }
-
-
-    public int engineDoFinal(
-        byte[] input,
-        int inputOffset,
-        int inputLength,
-        byte[] output,
-        int outputOffset)
-        throws ShortBufferException, IllegalBlockSizeException, BadPaddingException
-    {
-
-        byte[] buf = engineDoFinal(input, inputOffset, inputLength);
-        System.arraycopy(buf, 0, output, outputOffset, buf.length);
-        return buf.length;
-
-    }
-
-    /**
-     * Classes that inherit from us
-     */
-
-    static public class IES
-        extends IESCipher
-    {
-        public IES()
-        {
-            super(new IESEngine(new DHBasicAgreement(),
-                new KDF2BytesGenerator(DigestFactory.createSHA1()),
-                new HMac(DigestFactory.createSHA1())));
-        }
-    }
-
-    static public class IESwithDESedeCBC
-        extends IESCipher
-    {
-        public IESwithDESedeCBC()
-        {
-            super(new IESEngine(new DHBasicAgreement(),
-                new KDF2BytesGenerator(DigestFactory.createSHA1()),
-                new HMac(DigestFactory.createSHA1()),
-                new PaddedBufferedBlockCipher(new CBCBlockCipher(new DESedeEngine()))), 8);
-        }
-    }
-
-    static public class IESwithAESCBC
-        extends IESCipher
-    {
-        public IESwithAESCBC()
-        {
-            super(new IESEngine(new DHBasicAgreement(),
-                new KDF2BytesGenerator(DigestFactory.createSHA1()),
-                new HMac(DigestFactory.createSHA1()),
-                new PaddedBufferedBlockCipher(new CBCBlockCipher(new AESEngine()))), 16);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java
index 18e3597..502854d 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java

@@ -19,23 +19,26 @@
 
 import org.bouncycastle.crypto.BasicAgreement;
 import org.bouncycastle.crypto.DerivationFunction;
-import org.bouncycastle.crypto.agreement.DHUnifiedAgreement;
-import org.bouncycastle.crypto.agreement.MQVBasicAgreement;
-import org.bouncycastle.crypto.agreement.kdf.ConcatenationKDFGenerator;
-import org.bouncycastle.crypto.agreement.kdf.DHKEKGenerator;
-import org.bouncycastle.crypto.generators.KDF2BytesGenerator;
-import org.bouncycastle.crypto.params.DHMQVPrivateParameters;
-import org.bouncycastle.crypto.params.DHMQVPublicParameters;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.agreement.DHUnifiedAgreement;
+// import org.bouncycastle.crypto.agreement.MQVBasicAgreement;
+// import org.bouncycastle.crypto.agreement.kdf.ConcatenationKDFGenerator;
+// import org.bouncycastle.crypto.agreement.kdf.DHKEKGenerator;
+// import org.bouncycastle.crypto.generators.KDF2BytesGenerator;
+// import org.bouncycastle.crypto.params.DHMQVPrivateParameters;
+// import org.bouncycastle.crypto.params.DHMQVPublicParameters;
 import org.bouncycastle.crypto.params.DHParameters;
 import org.bouncycastle.crypto.params.DHPrivateKeyParameters;
 import org.bouncycastle.crypto.params.DHPublicKeyParameters;
-import org.bouncycastle.crypto.params.DHUPrivateParameters;
-import org.bouncycastle.crypto.params.DHUPublicParameters;
-import org.bouncycastle.crypto.util.DigestFactory;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.params.DHUPrivateParameters;
+// import org.bouncycastle.crypto.params.DHUPublicParameters;
+// import org.bouncycastle.crypto.util.DigestFactory;
 import org.bouncycastle.jcajce.provider.asymmetric.util.BaseAgreementSpi;
 import org.bouncycastle.jcajce.spec.DHDomainParameterSpec;
-import org.bouncycastle.jcajce.spec.DHUParameterSpec;
-import org.bouncycastle.jcajce.spec.MQVParameterSpec;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jcajce.spec.DHUParameterSpec;
+// import org.bouncycastle.jcajce.spec.MQVParameterSpec;
 import org.bouncycastle.jcajce.spec.UserKeyingMaterialSpec;
 
 /**
@@ -49,11 +52,13 @@
     private static final BigInteger ONE = BigInteger.valueOf(1);
     private static final BigInteger TWO = BigInteger.valueOf(2);
 
-    private final DHUnifiedAgreement unifiedAgreement;
+    // Android-removed: Unsupported algorithms
+    // private final DHUnifiedAgreement unifiedAgreement;
     private final BasicAgreement mqvAgreement;
 
-    private DHUParameterSpec dheParameters;
-    private MQVParameterSpec mqvParameters;
+    // Android-removed: Unsupported algorithms
+    // private DHUParameterSpec dheParameters;
+    // private MQVParameterSpec mqvParameters;
 
     private BigInteger      x;
     private BigInteger      p;
@@ -71,10 +76,13 @@
         DerivationFunction kdf)
     {
         super(kaAlgorithm, kdf);
-        this.unifiedAgreement = null;
+        // Android-removed: Unsupported algorithm
+        // this.unifiedAgreement = null;
         this.mqvAgreement = null;
     }
 
+    // BEGIN Android-removed: Unsupported algorithm
+    /*
     public KeyAgreementSpi(
         String kaAlgorithm,
         DHUnifiedAgreement unifiedAgreement,
@@ -84,6 +92,8 @@
         this.unifiedAgreement = unifiedAgreement;
         this.mqvAgreement = null;
     }
+    */
+    // END Android-removed: Unsupported algorithm
 
     public KeyAgreementSpi(
         String kaAlgorithm,
@@ -91,7 +101,8 @@
         DerivationFunction kdf)
     {
         super(kaAlgorithm, kdf);
-        this.unifiedAgreement = null;
+        // Android-removed: Unsupported algorithm
+        // this.unifiedAgreement = null;
         this.mqvAgreement = mqvAgreement;
     }
 
@@ -156,6 +167,8 @@
             throw new InvalidKeyException("Invalid DH PublicKey");
         }
 
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         if (unifiedAgreement != null)
         {
             if (!lastPhase)
@@ -190,6 +203,8 @@
         }
         else
         {
+        */
+        // END Android-removed: Unsupported algorithms
             BigInteger res = peerY.modPow(x, p);
             if (res.compareTo(ONE) == 0)
             {
@@ -204,7 +219,9 @@
             }
 
             return new BCDHPublicKey(res, pubKey.getParams());
+        /*
         }
+        */
     }
 
     protected byte[] engineGenerateSecret() 
@@ -269,9 +286,12 @@
 
                 this.p = p.getP();
                 this.g = p.getG();
-                this.dheParameters = null;
+                // Android-removed: Unsupported algorithm
+                // this.dheParameters = null;
                 this.ukmParameters = null;
             }
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             else if (params instanceof DHUParameterSpec)
             {
                 if (unifiedAgreement == null)
@@ -318,6 +338,8 @@
                             generatePrivateKeyParameter(mqvParameters.getEphemeralPrivateKey())));
                 }
             }
+            */
+            // END Android-removed: Unsupported algorithms
             else if (params instanceof UserKeyingMaterialSpec)
             {
                 if (kdf == null)
@@ -326,7 +348,8 @@
                 }
                 this.p = privKey.getParams().getP();
                 this.g = privKey.getParams().getG();
-                this.dheParameters = null;
+                // Android-removed: Unsupported algorithm
+                // this.dheParameters = null;
                 this.ukmParameters = ((UserKeyingMaterialSpec)params).getUserKeyingMaterial();
             }
             else
@@ -420,6 +443,8 @@
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     public static class DHwithRFC2631KDF
         extends KeyAgreementSpi
     {
@@ -698,4 +723,6 @@
             super("MQVwithSHA512CKDF", new MQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA512()));
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 }

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/AlgorithmParameterGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/AlgorithmParameterGeneratorSpi.java
index f7db9be..1cc7cb3 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/AlgorithmParameterGeneratorSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/AlgorithmParameterGeneratorSpi.java

@@ -19,7 +19,11 @@
     extends BaseAlgorithmParameterGeneratorSpi
 {
     protected SecureRandom random;
-    protected int strength = 2048;
+    // Android-changed: Change default strength to 1024
+    // In 1.57, the default strength was changed to 2048.  We keep it at 1024 for app
+    // compatibility, particularly because the default digest (SHA-1) doesn't have
+    // a sufficiently long digest to work with 2048-bit keys.
+    protected int strength = 1024;
     protected DSAParameterGenerationParameters params;
 
     protected void engineInit(

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java
index d0e3674..8d1653f 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java

@@ -15,11 +15,18 @@
 import org.bouncycastle.crypto.DSAExt;
 import org.bouncycastle.crypto.Digest;
 import org.bouncycastle.crypto.digests.NullDigest;
+// Android-added: Check DSA keys when generated
+import org.bouncycastle.crypto.params.DSAKeyParameters;
+import org.bouncycastle.crypto.params.DSAParameters;
 import org.bouncycastle.crypto.params.ParametersWithRandom;
 import org.bouncycastle.crypto.signers.DSAEncoding;
-import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
+// Android-removed: Unsupported algorithm
+// import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
 import org.bouncycastle.crypto.signers.StandardDSAEncoding;
-import org.bouncycastle.crypto.util.DigestFactory;
+// Android-changed: Use Android digests
+// import org.bouncycastle.crypto.util.DigestFactory;
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
+import org.bouncycastle.util.Arrays;
 
 public class DSASigner
     extends SignatureSpi
@@ -63,6 +70,10 @@
     {
         CipherParameters    param = DSAUtil.generatePrivateKeyParameter(privateKey);
 
+        // Android-added: Check DSA keys when generated
+        DSAParameters dsaParam = ((DSAKeyParameters) param).getParameters();
+        checkKey(dsaParam);
+
         if (random != null)
         {
             param = new ParametersWithRandom(param, random);
@@ -135,6 +146,28 @@
         throw new UnsupportedOperationException("engineSetParameter unsupported");
     }
 
+    // BEGIN Android-added: Check DSA keys when generated
+    protected void checkKey(DSAParameters params) throws InvalidKeyException {
+        int valueL = params.getP().bitLength();
+        int valueN = params.getQ().bitLength();
+        int digestSize = digest.getDigestSize();
+
+        // The checks are consistent with DSAParametersGenerator's init method.
+        if ((valueL < 1024 || valueL > 3072) || valueL % 1024 != 0) {
+            throw new InvalidKeyException("valueL values must be between 1024 and 3072 and a multiple of 1024");
+        } else if (valueL == 1024 && valueN != 160) {
+            throw new InvalidKeyException("valueN must be 160 for valueL = 1024");
+        } else if (valueL == 2048 && (valueN != 224 && valueN != 256)) {
+            throw new InvalidKeyException("valueN must be 224 or 256 for valueL = 2048");
+        } else if (valueL == 3072 && valueN != 256) {
+            throw new InvalidKeyException("valueN must be 256 for valueL = 3072");
+        }
+        if (!(digest instanceof NullDigest) && valueN > digestSize * 8) {
+            throw new InvalidKeyException("Key is too strong for this signature algorithm");
+        }
+    }
+
+    // END Android-added: Check DSA keys when generated
     /**
      * @deprecated replaced with #engineSetParameter(java.security.spec.AlgorithmParameterSpec)
      */
@@ -159,10 +192,14 @@
     {
         public stdDSA()
         {
-            super(DigestFactory.createSHA1(), new org.bouncycastle.crypto.signers.DSASigner());
+            // Android-changed: Use Android digests
+            // super(DigestFactory.createSHA1(), new org.bouncycastle.crypto.signers.DSASigner());
+            super(AndroidDigestFactory.getSHA1(), new org.bouncycastle.crypto.signers.DSASigner());
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithm
+    /*
     static public class detDSA
         extends DSASigner
     {
@@ -171,16 +208,22 @@
             super(DigestFactory.createSHA1(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA1())));
         }
     }
+    */
+    // END Android-removed: Unsupported algorithm
 
     static public class dsa224
         extends DSASigner
     {
         public dsa224()
         {
-            super(DigestFactory.createSHA224(), new org.bouncycastle.crypto.signers.DSASigner());
+            // Android-changed: Use Android digests
+            // super(DigestFactory.createSHA224(), new org.bouncycastle.crypto.signers.DSASigner());
+            super(AndroidDigestFactory.getSHA224(), new org.bouncycastle.crypto.signers.DSASigner());
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithm
+    /*
     static public class detDSA224
         extends DSASigner
     {
@@ -189,16 +232,22 @@
             super(DigestFactory.createSHA224(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA224())));
         }
     }
+    */
+    // END Android-removed: Unsupported algorithm
 
     static public class dsa256
         extends DSASigner
     {
         public dsa256()
         {
-            super(DigestFactory.createSHA256(), new org.bouncycastle.crypto.signers.DSASigner());
+            // Android-changed: Use Android digests
+            // super(DigestFactory.createSHA256(), new org.bouncycastle.crypto.signers.DSASigner());
+            super(AndroidDigestFactory.getSHA256(), new org.bouncycastle.crypto.signers.DSASigner());
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     static public class detDSA256
         extends DSASigner
     {
@@ -315,6 +364,8 @@
             super(DigestFactory.createSHA3_512(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_512())));
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     static public class noneDSA
         extends DSASigner

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/KeyFactorySpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/KeyFactorySpi.java
index 3b33c32..10b160f 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/KeyFactorySpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/KeyFactorySpi.java

@@ -19,11 +19,13 @@
 import org.bouncycastle.crypto.params.DSAParameters;
 import org.bouncycastle.crypto.params.DSAPrivateKeyParameters;
 import org.bouncycastle.crypto.params.DSAPublicKeyParameters;
-import org.bouncycastle.crypto.util.OpenSSHPrivateKeyUtil;
-import org.bouncycastle.crypto.util.OpenSSHPublicKeyUtil;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.util.OpenSSHPrivateKeyUtil;
+// import org.bouncycastle.crypto.util.OpenSSHPublicKeyUtil;
 import org.bouncycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi;
-import org.bouncycastle.jce.spec.OpenSSHPrivateKeySpec;
-import org.bouncycastle.jce.spec.OpenSSHPublicKeySpec;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jce.spec.OpenSSHPrivateKeySpec;
+// import org.bouncycastle.jce.spec.OpenSSHPublicKeySpec;
 
 public class KeyFactorySpi
     extends BaseKeyFactorySpi
@@ -49,6 +51,8 @@
 
             return new DSAPrivateKeySpec(k.getX(), k.getParams().getP(), k.getParams().getQ(), k.getParams().getG());
         }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         else if (spec.isAssignableFrom(OpenSSHPublicKeySpec.class) && key instanceof java.security.interfaces.DSAPublicKey)
         {
             DSAPublicKey k = (DSAPublicKey)key;
@@ -73,6 +77,8 @@
                 throw new IllegalArgumentException("unable to produce encoding: " + e.getMessage());
             }
         }
+        */
+        // END Android-removed: Unsupported algorithms
 
         return super.engineGetKeySpec(key, spec);
     }
@@ -131,6 +137,8 @@
         {
             return new BCDSAPrivateKey((DSAPrivateKeySpec)keySpec);
         }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         else if (keySpec instanceof OpenSSHPrivateKeySpec)
         {
             CipherParameters params = OpenSSHPrivateKeyUtil.parsePrivateKeyBlob(((OpenSSHPrivateKeySpec)keySpec).getEncoded());
@@ -149,6 +157,8 @@
             }
 
         }
+        */
+        // END Android-removed: Unsupported algorithms
 
         return super.engineGeneratePrivate(keySpec);
     }
@@ -174,6 +184,8 @@
                 };
             }
         }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         else if (keySpec instanceof OpenSSHPublicKeySpec)
         {
             CipherParameters parameters = OpenSSHPublicKeyUtil.parsePublicKey(((OpenSSHPublicKeySpec)keySpec).getEncoded());
@@ -190,6 +202,8 @@
             throw new IllegalArgumentException("openssh public key is not dsa public key");
 
         }
+        */
+        // END Android-removed: Unsupported algorithms
 
         return super.engineGeneratePublic(keySpec);
     }

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/KeyPairGeneratorSpi.java
index 091caa2..a7ed3e0 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/KeyPairGeneratorSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dsa/KeyPairGeneratorSpi.java

@@ -31,7 +31,12 @@
 
     DSAKeyGenerationParameters param;
     DSAKeyPairGenerator engine = new DSAKeyPairGenerator();
-    int strength = 2048;
+    // Android-changed: Change default strength to 1024
+    // In 1.57, the default strength was changed to 2048.  We keep it at 1024 for app
+    // compatibility, particularly because the default digest (SHA-1) doesn't have
+    // a sufficiently long digest to work with 2048-bit keys.
+    int strength = 1024;
+
     SecureRandom random = CryptoServicesRegistrar.getSecureRandom();
     boolean initialised = false;
 
@@ -49,6 +54,11 @@
             throw new InvalidParameterException("strength must be from 512 - 4096 and a multiple of 1024 above 1024");
         }
 
+        // Android-added: Treat null SecureRandom as default
+        if (random == null) {
+            random = new SecureRandom();
+        }
+
         DSAParameterSpec spec = BouncyCastleProvider.CONFIGURATION.getDSADefaultParameters(strength);
 
         if (spec != null)
@@ -77,6 +87,11 @@
         }
         DSAParameterSpec dsaParams = (DSAParameterSpec)params;
 
+        // Android-added: Treat null SecureRandom as default
+        if (random == null) {
+            random = new SecureRandom();
+        }
+
         param = new DSAKeyGenerationParameters(random, new DSAParameters(dsaParams.getP(), dsaParams.getQ(), dsaParams.getG()));
 
         engine.init(param);

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/BCDSTU4145PrivateKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/BCDSTU4145PrivateKey.java
deleted file mode 100644
index 8481e3a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/BCDSTU4145PrivateKey.java
+++ /dev/null

@@ -1,511 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.dstu;
-
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.math.BigInteger;
-import java.security.interfaces.ECPrivateKey;
-import java.security.spec.ECParameterSpec;
-import java.security.spec.ECPrivateKeySpec;
-import java.security.spec.EllipticCurve;
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.ua.DSTU4145BinaryField;
-import org.bouncycastle.asn1.ua.DSTU4145ECBinary;
-import org.bouncycastle.asn1.ua.DSTU4145NamedCurves;
-import org.bouncycastle.asn1.ua.DSTU4145Params;
-import org.bouncycastle.asn1.ua.DSTU4145PointEncoder;
-import org.bouncycastle.asn1.ua.UAObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x9.X962Parameters;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
-import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
-import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl;
-import org.bouncycastle.jce.interfaces.ECPointEncoder;
-import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
-import org.bouncycastle.jce.spec.ECNamedCurveSpec;
-import org.bouncycastle.math.ec.ECCurve;
-
-public class BCDSTU4145PrivateKey
-    implements ECPrivateKey, org.bouncycastle.jce.interfaces.ECPrivateKey, PKCS12BagAttributeCarrier, ECPointEncoder
-{
-    static final long serialVersionUID = 7245981689601667138L;
-
-    private String algorithm = "DSTU4145";
-    private boolean withCompression;
-
-    private transient BigInteger d;
-    private transient ECParameterSpec ecSpec;
-    private transient DERBitString publicKey;
-    private transient PKCS12BagAttributeCarrierImpl attrCarrier = new PKCS12BagAttributeCarrierImpl();
-
-    protected BCDSTU4145PrivateKey()
-    {
-    }
-
-    public BCDSTU4145PrivateKey(
-        ECPrivateKey key)
-    {
-        this.d = key.getS();
-        this.algorithm = key.getAlgorithm();
-        this.ecSpec = key.getParams();
-    }
-
-    public BCDSTU4145PrivateKey(
-        org.bouncycastle.jce.spec.ECPrivateKeySpec spec)
-    {
-        this.d = spec.getD();
-
-        if (spec.getParams() != null) // can be null if implicitlyCA
-        {
-            ECCurve curve = spec.getParams().getCurve();
-            EllipticCurve ellipticCurve;
-
-            ellipticCurve = EC5Util.convertCurve(curve, spec.getParams().getSeed());
-
-            this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec.getParams());
-        }
-        else
-        {
-            this.ecSpec = null;
-        }
-    }
-
-
-    public BCDSTU4145PrivateKey(
-        ECPrivateKeySpec spec)
-    {
-        this.d = spec.getS();
-        this.ecSpec = spec.getParams();
-    }
-
-    public BCDSTU4145PrivateKey(
-        BCDSTU4145PrivateKey key)
-    {
-        this.d = key.d;
-        this.ecSpec = key.ecSpec;
-        this.withCompression = key.withCompression;
-        this.attrCarrier = key.attrCarrier;
-        this.publicKey = key.publicKey;
-    }
-
-    public BCDSTU4145PrivateKey(
-        String algorithm,
-        ECPrivateKeyParameters params,
-        BCDSTU4145PublicKey pubKey,
-        ECParameterSpec spec)
-    {
-        ECDomainParameters dp = params.getParameters();
-
-        this.algorithm = algorithm;
-        this.d = params.getD();
-
-        if (spec == null)
-        {
-            EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed());
-
-            this.ecSpec = new ECParameterSpec(
-                ellipticCurve,
-                EC5Util.convertPoint(dp.getG()),
-                dp.getN(),
-                dp.getH().intValue());
-        }
-        else
-        {
-            this.ecSpec = spec;
-        }
-
-        publicKey = getPublicKeyDetails(pubKey);
-    }
-
-    public BCDSTU4145PrivateKey(
-        String algorithm,
-        ECPrivateKeyParameters params,
-        BCDSTU4145PublicKey pubKey,
-        org.bouncycastle.jce.spec.ECParameterSpec spec)
-    {
-        ECDomainParameters dp = params.getParameters();
-
-        this.algorithm = algorithm;
-        this.d = params.getD();
-
-        if (spec == null)
-        {
-            EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed());
-
-            this.ecSpec = new ECParameterSpec(
-                ellipticCurve,
-                EC5Util.convertPoint(dp.getG()),
-                dp.getN(),
-                dp.getH().intValue());
-        }
-        else
-        {
-            EllipticCurve ellipticCurve = EC5Util.convertCurve(spec.getCurve(), spec.getSeed());
-
-            this.ecSpec = new ECParameterSpec(
-                ellipticCurve,
-                EC5Util.convertPoint(spec.getG()),
-                spec.getN(),
-                spec.getH().intValue());
-        }
-
-        publicKey = getPublicKeyDetails(pubKey);
-    }
-
-    public BCDSTU4145PrivateKey(
-        String algorithm,
-        ECPrivateKeyParameters params)
-    {
-        this.algorithm = algorithm;
-        this.d = params.getD();
-        this.ecSpec = null;
-    }
-
-    BCDSTU4145PrivateKey(
-        PrivateKeyInfo info)
-        throws IOException
-    {
-        populateFromPrivKeyInfo(info);
-    }
-
-    private void populateFromPrivKeyInfo(PrivateKeyInfo info)
-        throws IOException
-    {
-        X962Parameters params = X962Parameters.getInstance(info.getPrivateKeyAlgorithm().getParameters());
-
-        if (params.isNamedCurve())
-        {
-            ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters());
-            X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
-
-            if (ecP == null) // DSTU Curve
-            {
-                ECDomainParameters gParam = DSTU4145NamedCurves.getByOID(oid);
-                EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed());
-
-                ecSpec = new ECNamedCurveSpec(
-                    oid.getId(),
-                    ellipticCurve,
-                    EC5Util.convertPoint(gParam.getG()),
-                    gParam.getN(),
-                    gParam.getH());
-            }
-            else
-            {
-                EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
-
-                ecSpec = new ECNamedCurveSpec(
-                    ECUtil.getCurveName(oid),
-                    ellipticCurve,
-                    EC5Util.convertPoint(ecP.getG()),
-                    ecP.getN(),
-                    ecP.getH());
-            }
-        }
-        else if (params.isImplicitlyCA())
-        {
-            ecSpec = null;
-        }
-        else
-        {
-            ASN1Sequence seq = ASN1Sequence.getInstance(params.getParameters());
-
-            if (seq.getObjectAt(0) instanceof ASN1Integer)
-            {
-                X9ECParameters ecP = X9ECParameters.getInstance(params.getParameters());
-                EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
-
-                this.ecSpec = new ECParameterSpec(
-                    ellipticCurve,
-                    EC5Util.convertPoint(ecP.getG()),
-                    ecP.getN(),
-                    ecP.getH().intValue());
-            }
-            else
-            {
-                DSTU4145Params dstuParams = DSTU4145Params.getInstance(seq);
-                org.bouncycastle.jce.spec.ECParameterSpec spec;
-                if (dstuParams.isNamedCurve())
-                {
-                    ASN1ObjectIdentifier curveOid = dstuParams.getNamedCurve();
-                    ECDomainParameters ecP = DSTU4145NamedCurves.getByOID(curveOid);
-
-                    spec = new ECNamedCurveParameterSpec(curveOid.getId(), ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH(), ecP.getSeed());
-                }
-                else
-                {
-                    DSTU4145ECBinary binary = dstuParams.getECBinary();
-                    byte[] b_bytes = binary.getB();
-                    if (info.getPrivateKeyAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le))
-                    {
-                        reverseBytes(b_bytes);
-                    }
-                    DSTU4145BinaryField field = binary.getField();
-                    ECCurve curve = new ECCurve.F2m(field.getM(), field.getK1(), field.getK2(), field.getK3(), binary.getA(), new BigInteger(1, b_bytes));
-                    byte[] g_bytes = binary.getG();
-                    if (info.getPrivateKeyAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le))
-                    {
-                        reverseBytes(g_bytes);
-                    }
-                    spec = new org.bouncycastle.jce.spec.ECParameterSpec(curve, DSTU4145PointEncoder.decodePoint(curve, g_bytes), binary.getN());
-                }
-
-                EllipticCurve ellipticCurve = EC5Util.convertCurve(spec.getCurve(), spec.getSeed());
-
-                this.ecSpec = new ECParameterSpec(
-                    ellipticCurve,
-                    EC5Util.convertPoint(spec.getG()),
-                    spec.getN(),
-                    spec.getH().intValue());
-            }
-        }
-
-        ASN1Encodable privKey = info.parsePrivateKey();
-        if (privKey instanceof ASN1Integer)
-        {
-            ASN1Integer derD = ASN1Integer.getInstance(privKey);
-
-            this.d = derD.getValue();
-        }
-        else
-        {
-            org.bouncycastle.asn1.sec.ECPrivateKey ec = org.bouncycastle.asn1.sec.ECPrivateKey.getInstance(privKey);
-
-            this.d = ec.getKey();
-            this.publicKey = ec.getPublicKey();
-        }
-    }
-
-    private void reverseBytes(byte[] bytes)
-    {
-        byte tmp;
-
-        for (int i = 0; i < bytes.length / 2; i++)
-        {
-            tmp = bytes[i];
-            bytes[i] = bytes[bytes.length - 1 - i];
-            bytes[bytes.length - 1 - i] = tmp;
-        }
-    }
-
-    public String getAlgorithm()
-    {
-        return algorithm;
-    }
-
-    /**
-     * return the encoding format we produce in getEncoded().
-     *
-     * @return the string "PKCS#8"
-     */
-    public String getFormat()
-    {
-        return "PKCS#8";
-    }
-
-    /**
-     * Return a PKCS8 representation of the key. The sequence returned
-     * represents a full PrivateKeyInfo object.
-     *
-     * @return a PKCS8 representation of the key.
-     */
-    public byte[] getEncoded()
-    {
-        X962Parameters params;
-        int orderBitLength;
-
-        if (ecSpec instanceof ECNamedCurveSpec)
-        {
-            ASN1ObjectIdentifier curveOid = ECUtil.getNamedCurveOid(((ECNamedCurveSpec)ecSpec).getName());
-            if (curveOid == null)  // guess it's the OID
-            {
-                curveOid = new ASN1ObjectIdentifier(((ECNamedCurveSpec)ecSpec).getName());
-            }
-            params = new X962Parameters(curveOid);
-            orderBitLength = ECUtil.getOrderBitLength(BouncyCastleProvider.CONFIGURATION, ecSpec.getOrder(), this.getS());
-        }
-        else if (ecSpec == null)
-        {
-            params = new X962Parameters(DERNull.INSTANCE);
-            orderBitLength = ECUtil.getOrderBitLength(BouncyCastleProvider.CONFIGURATION, null, this.getS());
-        }
-        else
-        {
-            ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
-
-            X9ECParameters ecP = new X9ECParameters(
-                curve,
-                EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression),
-                ecSpec.getOrder(),
-                BigInteger.valueOf(ecSpec.getCofactor()),
-                ecSpec.getCurve().getSeed());
-
-            params = new X962Parameters(ecP);
-            orderBitLength = ECUtil.getOrderBitLength(BouncyCastleProvider.CONFIGURATION, ecSpec.getOrder(), this.getS());
-        }
-
-        PrivateKeyInfo info;
-        org.bouncycastle.asn1.sec.ECPrivateKey keyStructure;
-
-        if (publicKey != null)
-        {
-            keyStructure = new org.bouncycastle.asn1.sec.ECPrivateKey(orderBitLength, this.getS(), publicKey, params);
-        }
-        else
-        {
-            keyStructure = new org.bouncycastle.asn1.sec.ECPrivateKey(orderBitLength, this.getS(), params);
-        }
-
-        try
-        {
-            if (algorithm.equals("DSTU4145"))
-            {
-                info = new PrivateKeyInfo(new AlgorithmIdentifier(UAObjectIdentifiers.dstu4145be, params.toASN1Primitive()), keyStructure.toASN1Primitive());
-            }
-            else
-            {
-
-                info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()), keyStructure.toASN1Primitive());
-            }
-
-            return info.getEncoded(ASN1Encoding.DER);
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-    }
-
-    public ECParameterSpec getParams()
-    {
-        return ecSpec;
-    }
-
-    public org.bouncycastle.jce.spec.ECParameterSpec getParameters()
-    {
-        if (ecSpec == null)
-        {
-            return null;
-        }
-
-        return EC5Util.convertSpec(ecSpec, withCompression);
-    }
-
-    org.bouncycastle.jce.spec.ECParameterSpec engineGetSpec()
-    {
-        if (ecSpec != null)
-        {
-            return EC5Util.convertSpec(ecSpec, withCompression);
-        }
-
-        return BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
-    }
-
-    public BigInteger getS()
-    {
-        return d;
-    }
-
-    public BigInteger getD()
-    {
-        return d;
-    }
-
-    public void setBagAttribute(
-        ASN1ObjectIdentifier oid,
-        ASN1Encodable attribute)
-    {
-        attrCarrier.setBagAttribute(oid, attribute);
-    }
-
-    public ASN1Encodable getBagAttribute(
-        ASN1ObjectIdentifier oid)
-    {
-        return attrCarrier.getBagAttribute(oid);
-    }
-
-    public Enumeration getBagAttributeKeys()
-    {
-        return attrCarrier.getBagAttributeKeys();
-    }
-
-    public void setPointFormat(String style)
-    {
-        withCompression = !("UNCOMPRESSED".equalsIgnoreCase(style));
-    }
-
-    public boolean equals(Object o)
-    {
-        if (!(o instanceof BCDSTU4145PrivateKey))
-        {
-            return false;
-        }
-
-        BCDSTU4145PrivateKey other = (BCDSTU4145PrivateKey)o;
-
-        return getD().equals(other.getD()) && (engineGetSpec().equals(other.engineGetSpec()));
-    }
-
-    public int hashCode()
-    {
-        return getD().hashCode() ^ engineGetSpec().hashCode();
-    }
-
-    public String toString()
-    {
-        return ECUtil.privateKeyToString(algorithm, d, engineGetSpec());
-    }
-
-    private DERBitString getPublicKeyDetails(BCDSTU4145PublicKey pub)
-    {
-        try
-        {
-            SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(pub.getEncoded()));
-
-            return info.getPublicKeyData();
-        }
-        catch (IOException e)
-        {   // should never happen
-            return null;
-        }
-    }
-
-    private void readObject(
-        ObjectInputStream in)
-        throws IOException, ClassNotFoundException
-    {
-        in.defaultReadObject();
-
-        byte[] enc = (byte[])in.readObject();
-
-        populateFromPrivKeyInfo(PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(enc)));
-
-        this.attrCarrier = new PKCS12BagAttributeCarrierImpl();
-    }
-
-    private void writeObject(
-        ObjectOutputStream out)
-        throws IOException
-    {
-        out.defaultWriteObject();
-
-        out.writeObject(this.getEncoded());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/BCDSTU4145PublicKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/BCDSTU4145PublicKey.java
deleted file mode 100644
index b1fd2f2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/BCDSTU4145PublicKey.java
+++ /dev/null

@@ -1,432 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.dstu;
-
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.math.BigInteger;
-import java.security.interfaces.ECPublicKey;
-import java.security.spec.ECParameterSpec;
-import java.security.spec.ECPoint;
-import java.security.spec.ECPublicKeySpec;
-import java.security.spec.EllipticCurve;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.ua.DSTU4145BinaryField;
-import org.bouncycastle.asn1.ua.DSTU4145ECBinary;
-import org.bouncycastle.asn1.ua.DSTU4145NamedCurves;
-import org.bouncycastle.asn1.ua.DSTU4145Params;
-import org.bouncycastle.asn1.ua.DSTU4145PointEncoder;
-import org.bouncycastle.asn1.ua.UAObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x9.X962Parameters;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
-import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
-import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil;
-import org.bouncycastle.jcajce.provider.config.ProviderConfiguration;
-import org.bouncycastle.jce.interfaces.ECPointEncoder;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
-import org.bouncycastle.jce.spec.ECNamedCurveSpec;
-import org.bouncycastle.math.ec.ECCurve;
-
-public class BCDSTU4145PublicKey
-    implements ECPublicKey, org.bouncycastle.jce.interfaces.ECPublicKey, ECPointEncoder
-{
-    static final long serialVersionUID = 7026240464295649314L;
-
-    private String algorithm = "DSTU4145";
-    private boolean withCompression;
-
-    private transient ECPublicKeyParameters   ecPublicKey;
-    private transient ECParameterSpec ecSpec;
-    private transient DSTU4145Params dstuParams;
-
-    public BCDSTU4145PublicKey(
-        BCDSTU4145PublicKey key)
-    {
-        this.ecPublicKey = key.ecPublicKey;
-        this.ecSpec = key.ecSpec;
-        this.withCompression = key.withCompression;
-        this.dstuParams = key.dstuParams;
-    }
-
-    public BCDSTU4145PublicKey(
-        ECPublicKeySpec spec)
-    {
-        this.ecSpec = spec.getParams();
-        this.ecPublicKey = new ECPublicKeyParameters(EC5Util.convertPoint(ecSpec, spec.getW(), false), EC5Util.getDomainParameters(null, ecSpec));
-    }
-
-    public BCDSTU4145PublicKey(
-        org.bouncycastle.jce.spec.ECPublicKeySpec spec,
-        ProviderConfiguration configuration)
-    {
-        if (spec.getParams() != null) // can be null if implictlyCa
-        {
-            ECCurve curve = spec.getParams().getCurve();
-            EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getParams().getSeed());
-
-            // this may seem a little long-winded but it's how we pick up the custom curve.
-            this.ecPublicKey = new ECPublicKeyParameters(
-                spec.getQ(), ECUtil.getDomainParameters(configuration, spec.getParams()));
-            this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec.getParams());
-        }
-        else
-        {
-            org.bouncycastle.jce.spec.ECParameterSpec s = configuration.getEcImplicitlyCa();
-
-            this.ecPublicKey = new ECPublicKeyParameters(s.getCurve().createPoint(spec.getQ().getAffineXCoord().toBigInteger(), spec.getQ().getAffineYCoord().toBigInteger()), EC5Util.getDomainParameters(configuration, (ECParameterSpec)null));
-            this.ecSpec = null;
-        }
-    }
-
-    public BCDSTU4145PublicKey(
-        String algorithm,
-        ECPublicKeyParameters params,
-        ECParameterSpec spec)
-    {
-        ECDomainParameters dp = params.getParameters();
-
-        this.algorithm = algorithm;
-        this.ecPublicKey = params;
-
-        if (spec == null)
-        {
-            EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed());
-
-            this.ecSpec = createSpec(ellipticCurve, dp);
-        }
-        else
-        {
-            this.ecSpec = spec;
-        }
-    }
-
-    public BCDSTU4145PublicKey(
-        String algorithm,
-        ECPublicKeyParameters params,
-        org.bouncycastle.jce.spec.ECParameterSpec spec)
-    {
-        ECDomainParameters      dp = params.getParameters();
-
-        this.algorithm = algorithm;
-
-        if (spec == null)
-        {
-            EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed());
-
-            this.ecSpec = createSpec(ellipticCurve, dp);
-        }
-        else
-        {
-            EllipticCurve ellipticCurve = EC5Util.convertCurve(spec.getCurve(), spec.getSeed());
-
-            this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec);
-        }
-
-        this.ecPublicKey = params;
-    }
-
-    /*
-     * called for implicitCA
-     */
-    public BCDSTU4145PublicKey(
-        String algorithm,
-        ECPublicKeyParameters params)
-    {
-        this.algorithm = algorithm;
-        this.ecPublicKey = params;
-        this.ecSpec = null;
-    }
-
-    private ECParameterSpec createSpec(EllipticCurve ellipticCurve, ECDomainParameters dp)
-    {
-        return new ECParameterSpec(
-            ellipticCurve,
-            EC5Util.convertPoint(dp.getG()),
-            dp.getN(),
-            dp.getH().intValue());
-    }
-
-    BCDSTU4145PublicKey(
-        SubjectPublicKeyInfo info)
-    {
-        populateFromPubKeyInfo(info);
-    }
-
-    private void reverseBytes(byte[] bytes)
-    {
-        byte tmp;
-
-        for (int i = 0; i < bytes.length / 2; i++)
-        {
-            tmp = bytes[i];
-            bytes[i] = bytes[bytes.length - 1 - i];
-            bytes[bytes.length - 1 - i] = tmp;
-        }
-    }
-
-    private void populateFromPubKeyInfo(SubjectPublicKeyInfo info)
-    {
-        DERBitString bits = info.getPublicKeyData();
-        ASN1OctetString key;
-        this.algorithm = "DSTU4145";
-
-        try
-        {
-            key = (ASN1OctetString)ASN1Primitive.fromByteArray(bits.getBytes());
-        }
-        catch (IOException ex)
-        {
-            throw new IllegalArgumentException("error recovering public key");
-        }
-
-        byte[] keyEnc = key.getOctets();
-
-        if (info.getAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le))
-        {
-            reverseBytes(keyEnc);
-        }
-
-        ASN1Sequence seq = ASN1Sequence.getInstance(info.getAlgorithm().getParameters());
-        org.bouncycastle.jce.spec.ECParameterSpec spec = null;
-        X9ECParameters x9Params = null;
-
-        if (seq.getObjectAt(0) instanceof ASN1Integer)
-        {
-            x9Params = X9ECParameters.getInstance(seq);
-            spec = new  org.bouncycastle.jce.spec.ECParameterSpec(x9Params.getCurve(), x9Params.getG(), x9Params.getN(), x9Params.getH(), x9Params.getSeed());
-        }
-        else
-        {
-            dstuParams = DSTU4145Params.getInstance(seq);
-
-            if (dstuParams.isNamedCurve())
-            {
-                ASN1ObjectIdentifier curveOid = dstuParams.getNamedCurve();
-                ECDomainParameters ecP = DSTU4145NamedCurves.getByOID(curveOid);
-
-                spec = new ECNamedCurveParameterSpec(curveOid.getId(), ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH(), ecP.getSeed());
-            }
-            else
-            {
-                DSTU4145ECBinary binary = dstuParams.getECBinary();
-                byte[] b_bytes = binary.getB();
-                if (info.getAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le))
-                {
-                    reverseBytes(b_bytes);
-                }
-                DSTU4145BinaryField field = binary.getField();
-                ECCurve curve = new ECCurve.F2m(field.getM(), field.getK1(), field.getK2(), field.getK3(), binary.getA(), new BigInteger(1, b_bytes));
-                byte[] g_bytes = binary.getG();
-                if (info.getAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le))
-                {
-                    reverseBytes(g_bytes);
-                }
-                spec = new org.bouncycastle.jce.spec.ECParameterSpec(curve, DSTU4145PointEncoder.decodePoint(curve, g_bytes), binary.getN());
-            }
-        }
-
-        ECCurve curve = spec.getCurve();
-        EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed());
-
-        if (dstuParams != null)
-        {
-            if (dstuParams.isNamedCurve())
-            {
-                ecSpec = new ECNamedCurveSpec(
-                    dstuParams.getNamedCurve().getId(),
-                    ellipticCurve,
-                    EC5Util.convertPoint(spec.getG()),
-                    spec.getN(),
-                    spec.getH());
-            }
-            else
-            {
-                ecSpec = new ECParameterSpec(
-                    ellipticCurve,
-                    EC5Util.convertPoint(spec.getG()),
-                    spec.getN(),
-                    spec.getH().intValue());
-            }
-        }
-        else
-        {
-            ecSpec = EC5Util.convertToSpec(x9Params);
-        }
-
-        //this.q = curve.createPoint(new BigInteger(1, x), new BigInteger(1, y), false);
-        this.ecPublicKey = new ECPublicKeyParameters(DSTU4145PointEncoder.decodePoint(curve, keyEnc), EC5Util.getDomainParameters(null, ecSpec));
-    }
-
-    public byte[] getSbox()
-    {
-        if (null != dstuParams)
-        {
-            return dstuParams.getDKE();
-        }
-        else
-        {
-            return DSTU4145Params.getDefaultDKE();
-        }
-    }
-
-    public String getAlgorithm()
-    {
-        return algorithm;
-    }
-
-    public String getFormat()
-    {
-        return "X.509";
-    }
-
-    public byte[] getEncoded()
-    {
-        ASN1Encodable params;
-        SubjectPublicKeyInfo info;
-
-        if (dstuParams != null)
-        {
-            params = dstuParams;
-        }
-        else
-        {
-            if (ecSpec instanceof ECNamedCurveSpec)
-            {
-                params = new DSTU4145Params(new ASN1ObjectIdentifier(((ECNamedCurveSpec)ecSpec).getName()));
-            }
-            else
-            {   // strictly speaking this may not be applicable...
-                ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
-
-                X9ECParameters ecP = new X9ECParameters(
-                    curve,
-                    EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression),
-                    ecSpec.getOrder(),
-                    BigInteger.valueOf(ecSpec.getCofactor()),
-                    ecSpec.getCurve().getSeed());
-
-                params = new X962Parameters(ecP);
-            }
-        }
-
-        byte[] encKey = DSTU4145PointEncoder.encodePoint(ecPublicKey.getQ());
-
-        try
-        {
-            info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(UAObjectIdentifiers.dstu4145be, params), new DEROctetString(encKey));
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-
-        return KeyUtil.getEncodedSubjectPublicKeyInfo(info);
-    }
-
-    public ECParameterSpec getParams()
-    {
-        return ecSpec;
-    }
-
-    public org.bouncycastle.jce.spec.ECParameterSpec getParameters()
-    {
-        if (ecSpec == null)     // implictlyCA
-        {
-            return null;
-        }
-
-        return EC5Util.convertSpec(ecSpec, withCompression);
-    }
-
-    public ECPoint getW()
-    {
-        return EC5Util.convertPoint(ecPublicKey.getQ());
-    }
-
-    public org.bouncycastle.math.ec.ECPoint getQ()
-    {
-        org.bouncycastle.math.ec.ECPoint q = ecPublicKey.getQ();
-
-        if (ecSpec == null)
-        {
-            return q.getDetachedPoint();
-        }
-
-        return q;
-    }
-
-    ECPublicKeyParameters engineGetKeyParameters()
-    {
-        return ecPublicKey;
-    }
-
-    org.bouncycastle.jce.spec.ECParameterSpec engineGetSpec()
-    {
-        if (ecSpec != null)
-        {
-            return EC5Util.convertSpec(ecSpec, withCompression);
-        }
-
-        return BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
-    }
-
-    public String toString()
-    {
-        return ECUtil.publicKeyToString(algorithm, ecPublicKey.getQ(), engineGetSpec());
-    }
-
-    public void setPointFormat(String style)
-    {
-        withCompression = !("UNCOMPRESSED".equalsIgnoreCase(style));
-    }
-
-    public boolean equals(Object o)
-    {
-        if (!(o instanceof BCDSTU4145PublicKey))
-        {
-            return false;
-        }
-
-        BCDSTU4145PublicKey other = (BCDSTU4145PublicKey)o;
-
-        return ecPublicKey.getQ().equals(other.ecPublicKey.getQ()) && (engineGetSpec().equals(other.engineGetSpec()));
-    }
-
-    public int hashCode()
-    {
-        return ecPublicKey.getQ().hashCode() ^ engineGetSpec().hashCode();
-    }
-
-    private void readObject(
-        ObjectInputStream in)
-        throws IOException, ClassNotFoundException
-    {
-        in.defaultReadObject();
-
-        byte[] enc = (byte[])in.readObject();
-
-        populateFromPubKeyInfo(SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(enc)));
-    }
-
-    private void writeObject(
-        ObjectOutputStream out)
-        throws IOException
-    {
-        out.defaultWriteObject();
-
-        out.writeObject(this.getEncoded());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/KeyFactorySpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/KeyFactorySpi.java
deleted file mode 100644
index f2ff838..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/KeyFactorySpi.java
+++ /dev/null

@@ -1,166 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.dstu;
-
-import java.io.IOException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.interfaces.ECPrivateKey;
-import java.security.interfaces.ECPublicKey;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.KeySpec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.ua.UAObjectIdentifiers;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
-import org.bouncycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECParameterSpec;
-import org.bouncycastle.jce.spec.ECPrivateKeySpec;
-import org.bouncycastle.jce.spec.ECPublicKeySpec;
-
-public class KeyFactorySpi
-    extends BaseKeyFactorySpi
-{
-    public KeyFactorySpi()
-    {
-    }
-
-    protected KeySpec engineGetKeySpec(
-        Key key,
-        Class spec)
-        throws InvalidKeySpecException
-    {
-        if (spec.isAssignableFrom(java.security.spec.ECPublicKeySpec.class) && key instanceof ECPublicKey)
-        {
-            ECPublicKey k = (ECPublicKey)key;
-            if (k.getParams() != null)
-            {
-                return new java.security.spec.ECPublicKeySpec(k.getW(), k.getParams());
-            }
-            else
-            {
-                ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
-
-                return new java.security.spec.ECPublicKeySpec(k.getW(), EC5Util.convertSpec(EC5Util.convertCurve(implicitSpec.getCurve(), implicitSpec.getSeed()), implicitSpec));
-            }
-        }
-        else if (spec.isAssignableFrom(java.security.spec.ECPrivateKeySpec.class) && key instanceof ECPrivateKey)
-        {
-            ECPrivateKey k = (ECPrivateKey)key;
-
-            if (k.getParams() != null)
-            {
-                return new java.security.spec.ECPrivateKeySpec(k.getS(), k.getParams());
-            }
-            else
-            {
-                ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
-
-                return new java.security.spec.ECPrivateKeySpec(k.getS(), EC5Util.convertSpec(EC5Util.convertCurve(implicitSpec.getCurve(), implicitSpec.getSeed()), implicitSpec));
-            }
-        }
-        else if (spec.isAssignableFrom(org.bouncycastle.jce.spec.ECPublicKeySpec.class) && key instanceof ECPublicKey)
-        {
-            ECPublicKey k = (ECPublicKey)key;
-            if (k.getParams() != null)
-            {
-                return new org.bouncycastle.jce.spec.ECPublicKeySpec(EC5Util.convertPoint(k.getParams(), k.getW(), false), EC5Util.convertSpec(k.getParams(), false));
-            }
-            else
-            {
-                ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
-
-                return new org.bouncycastle.jce.spec.ECPublicKeySpec(EC5Util.convertPoint(k.getParams(), k.getW(), false), implicitSpec);
-            }
-        }
-        else if (spec.isAssignableFrom(org.bouncycastle.jce.spec.ECPrivateKeySpec.class) && key instanceof ECPrivateKey)
-        {
-            ECPrivateKey k = (ECPrivateKey)key;
-
-            if (k.getParams() != null)
-            {
-                return new org.bouncycastle.jce.spec.ECPrivateKeySpec(k.getS(), EC5Util.convertSpec(k.getParams(), false));
-            }
-            else
-            {
-                ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
-
-                return new org.bouncycastle.jce.spec.ECPrivateKeySpec(k.getS(), implicitSpec);
-            }
-        }
-
-        return super.engineGetKeySpec(key, spec);
-    }
-
-    protected Key engineTranslateKey(
-        Key key)
-        throws InvalidKeyException
-    {
-        throw new InvalidKeyException("key type unknown");
-    }
-
-    protected PrivateKey engineGeneratePrivate(
-        KeySpec keySpec)
-        throws InvalidKeySpecException
-    {
-        if (keySpec instanceof ECPrivateKeySpec)
-        {
-            return new BCDSTU4145PrivateKey((ECPrivateKeySpec)keySpec);
-        }
-        else if (keySpec instanceof java.security.spec.ECPrivateKeySpec)
-        {
-            return new BCDSTU4145PrivateKey((java.security.spec.ECPrivateKeySpec)keySpec);
-        }
-
-        return super.engineGeneratePrivate(keySpec);
-    }
-
-    protected PublicKey engineGeneratePublic(
-        KeySpec keySpec)
-        throws InvalidKeySpecException
-    {
-        if (keySpec instanceof ECPublicKeySpec)
-        {
-            return new BCDSTU4145PublicKey((ECPublicKeySpec)keySpec, BouncyCastleProvider.CONFIGURATION);
-        }
-        else if (keySpec instanceof java.security.spec.ECPublicKeySpec)
-        {
-            return new BCDSTU4145PublicKey((java.security.spec.ECPublicKeySpec)keySpec);
-        }
-
-        return super.engineGeneratePublic(keySpec);
-    }
-
-    public PrivateKey generatePrivate(PrivateKeyInfo keyInfo)
-        throws IOException
-    {
-        ASN1ObjectIdentifier algOid = keyInfo.getPrivateKeyAlgorithm().getAlgorithm();
-
-        if (algOid.equals(UAObjectIdentifiers.dstu4145le) || algOid.equals(UAObjectIdentifiers.dstu4145be))
-        {
-            return new BCDSTU4145PrivateKey(keyInfo);
-        }
-        else
-        {
-            throw new IOException("algorithm identifier " + algOid + " in key not recognised");
-        }
-    }
-
-    public PublicKey generatePublic(SubjectPublicKeyInfo keyInfo)
-        throws IOException
-    {
-        ASN1ObjectIdentifier algOid = keyInfo.getAlgorithm().getAlgorithm();
-
-        if (algOid.equals(UAObjectIdentifiers.dstu4145le) || algOid.equals(UAObjectIdentifiers.dstu4145be))
-        {
-            return new BCDSTU4145PublicKey(keyInfo);
-        }
-        else
-        {
-            throw new IOException("algorithm identifier " + algOid + " in key not recognised");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/KeyPairGeneratorSpi.java
deleted file mode 100644
index 3429d39..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/KeyPairGeneratorSpi.java
+++ /dev/null

@@ -1,199 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.dstu;
-
-import java.math.BigInteger;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidParameterException;
-import java.security.KeyPair;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.ECGenParameterSpec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ua.DSTU4145NamedCurves;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.generators.DSTU4145KeyPairGenerator;
-import org.bouncycastle.crypto.generators.ECKeyPairGenerator;
-import org.bouncycastle.crypto.params.DSTU4145Parameters;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECKeyGenerationParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
-import org.bouncycastle.jcajce.spec.DSTU4145ParameterSpec;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECNamedCurveGenParameterSpec;
-import org.bouncycastle.jce.spec.ECNamedCurveSpec;
-import org.bouncycastle.jce.spec.ECParameterSpec;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECPoint;
-
-public class KeyPairGeneratorSpi
-    extends java.security.KeyPairGenerator
-{
-    Object ecParams = null;
-    ECKeyPairGenerator engine = new DSTU4145KeyPairGenerator();
-
-    String algorithm = "DSTU4145";
-    ECKeyGenerationParameters param;
-    //int strength = 239;
-    SecureRandom random = null;
-    boolean initialised = false;
-
-    public KeyPairGeneratorSpi()
-    {
-        super("DSTU4145");
-    }
-
-    public void initialize(
-        int strength,
-        SecureRandom random)
-    {
-        this.random = random;
-
-        if (ecParams != null)
-        {
-            try
-            {
-                initialize((ECGenParameterSpec)ecParams, random);
-            }
-            catch (InvalidAlgorithmParameterException e)
-            {
-                throw new InvalidParameterException("key size not configurable.");
-            }
-        }
-        else
-        {
-            throw new InvalidParameterException("unknown key size.");
-        }
-    }
-
-    public void initialize(
-        AlgorithmParameterSpec params,
-        SecureRandom random)
-        throws InvalidAlgorithmParameterException
-    {
-        if (params instanceof ECParameterSpec)
-        {
-            ECParameterSpec p = (ECParameterSpec)params;
-            this.ecParams = params;
-
-            param = new ECKeyGenerationParameters(new ECDomainParameters(p.getCurve(), p.getG(), p.getN(), p.getH()), random);
-
-            engine.init(param);
-            initialised = true;
-        }
-        else if (params instanceof java.security.spec.ECParameterSpec)
-        {
-            java.security.spec.ECParameterSpec p = (java.security.spec.ECParameterSpec)params;
-            this.ecParams = params;
-
-            ECCurve curve = EC5Util.convertCurve(p.getCurve());
-            ECPoint g = EC5Util.convertPoint(curve, p.getGenerator(), false);
-
-            if (p instanceof DSTU4145ParameterSpec)
-            {
-                DSTU4145ParameterSpec dstuSpec = (DSTU4145ParameterSpec)p;
-
-                param = new ECKeyGenerationParameters(new DSTU4145Parameters(
-                    new ECDomainParameters(curve, g, p.getOrder(), BigInteger.valueOf(p.getCofactor())), dstuSpec.getDKE()), random);
-            }
-            else
-            {
-                param = new ECKeyGenerationParameters(new ECDomainParameters(curve, g, p.getOrder(), BigInteger.valueOf(p.getCofactor())), random);
-            }
-            engine.init(param);
-            initialised = true;
-        }
-        else if (params instanceof ECGenParameterSpec || params instanceof ECNamedCurveGenParameterSpec)
-        {
-            String curveName;
-
-            if (params instanceof ECGenParameterSpec)
-            {
-                curveName = ((ECGenParameterSpec)params).getName();
-            }
-            else
-            {
-                curveName = ((ECNamedCurveGenParameterSpec)params).getName();
-            }
-
-            //ECDomainParameters ecP = ECGOST3410NamedCurves.getByName(curveName);
-            ECDomainParameters ecP = DSTU4145NamedCurves.getByOID(new ASN1ObjectIdentifier(curveName));
-            if (ecP == null)
-            {
-                throw new InvalidAlgorithmParameterException("unknown curve name: " + curveName);
-            }
-
-            this.ecParams = new ECNamedCurveSpec(
-                curveName,
-                ecP.getCurve(),
-                ecP.getG(),
-                ecP.getN(),
-                ecP.getH(),
-                ecP.getSeed());
-
-            java.security.spec.ECParameterSpec p = (java.security.spec.ECParameterSpec)ecParams;
-
-            ECCurve curve = EC5Util.convertCurve(p.getCurve());
-            ECPoint g = EC5Util.convertPoint(curve, p.getGenerator(), false);
-
-            param = new ECKeyGenerationParameters(new ECDomainParameters(curve, g, p.getOrder(), BigInteger.valueOf(p.getCofactor())), random);
-
-            engine.init(param);
-            initialised = true;
-        }
-        else if (params == null && BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa() != null)
-        {
-            ECParameterSpec p = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
-            this.ecParams = params;
-
-            param = new ECKeyGenerationParameters(new ECDomainParameters(p.getCurve(), p.getG(), p.getN(), p.getH()), random);
-
-            engine.init(param);
-            initialised = true;
-        }
-        else if (params == null && BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa() == null)
-        {
-            throw new InvalidAlgorithmParameterException("null parameter passed but no implicitCA set");
-        }
-        else
-        {
-            throw new InvalidAlgorithmParameterException("parameter object not a ECParameterSpec: " + params.getClass().getName());
-        }
-    }
-
-    public KeyPair generateKeyPair()
-    {
-        if (!initialised)
-        {
-            throw new IllegalStateException("DSTU Key Pair Generator not initialised");
-        }
-
-        AsymmetricCipherKeyPair pair = engine.generateKeyPair();
-        ECPublicKeyParameters pub = (ECPublicKeyParameters)pair.getPublic();
-        ECPrivateKeyParameters priv = (ECPrivateKeyParameters)pair.getPrivate();
-
-        if (ecParams instanceof ECParameterSpec)
-        {
-            ECParameterSpec p = (ECParameterSpec)ecParams;
-
-            BCDSTU4145PublicKey pubKey = new BCDSTU4145PublicKey(algorithm, pub, p);
-            return new KeyPair(pubKey,
-                new BCDSTU4145PrivateKey(algorithm, priv, pubKey, p));
-        }
-        else if (ecParams == null)
-        {
-            return new KeyPair(new BCDSTU4145PublicKey(algorithm, pub),
-                new BCDSTU4145PrivateKey(algorithm, priv));
-        }
-        else
-        {
-            java.security.spec.ECParameterSpec p = (java.security.spec.ECParameterSpec)ecParams;
-
-            BCDSTU4145PublicKey pubKey = new BCDSTU4145PublicKey(algorithm, pub, p);
-
-            return new KeyPair(pubKey, new BCDSTU4145PrivateKey(algorithm, priv, pubKey, p));
-        }
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/SignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/SignatureSpi.java
deleted file mode 100644
index 52a2da4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/SignatureSpi.java
+++ /dev/null

@@ -1,194 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.dstu;
-
-import java.math.BigInteger;
-import java.security.InvalidKeyException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SignatureException;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.ua.DSTU4145Params;
-import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DSAExt;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.GOST3411Digest;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.signers.DSTU4145Signer;
-import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
-import org.bouncycastle.jce.interfaces.ECKey;
-
-public class SignatureSpi
-    extends java.security.SignatureSpi
-    implements PKCSObjectIdentifiers, X509ObjectIdentifiers
-{
-    private Digest digest;
-    private DSAExt signer;
-
-    public SignatureSpi()
-    {
-        this.signer = new DSTU4145Signer();
-    }
-
-    protected void engineInitVerify(
-        PublicKey publicKey)
-        throws InvalidKeyException
-    {
-        CipherParameters param;
-
-        if (publicKey instanceof BCDSTU4145PublicKey)
-        {
-            param = ((BCDSTU4145PublicKey)publicKey).engineGetKeyParameters();
-            digest = new GOST3411Digest(expandSbox(((BCDSTU4145PublicKey)publicKey).getSbox()));
-        }
-        else
-        {
-            param = ECUtil.generatePublicKeyParameter(publicKey);
-            digest = new GOST3411Digest(expandSbox(DSTU4145Params.getDefaultDKE()));
-        }
-
-        signer.init(false, param);
-    }
-
-    byte[] expandSbox(byte[] compressed)
-    {
-        byte[] expanded = new byte[128];
-
-        for (int i = 0; i < compressed.length; i++)
-        {
-            expanded[i * 2] = (byte)((compressed[i] >> 4) & 0xf);
-            expanded[i * 2 + 1] = (byte)(compressed[i] & 0xf);
-        }
-        return expanded;
-    }
-
-    protected void engineInitSign(
-        PrivateKey privateKey)
-        throws InvalidKeyException
-    {
-        CipherParameters param = null;
-
-        if (privateKey instanceof BCDSTU4145PrivateKey)
-        {
-            // TODO: add parameters support.
-            param = ECUtil.generatePrivateKeyParameter(privateKey);
-            digest = new GOST3411Digest(expandSbox(DSTU4145Params.getDefaultDKE()));
-        }
-        else if (privateKey instanceof ECKey)
-        {
-            param = ECUtil.generatePrivateKeyParameter(privateKey);
-            digest = new GOST3411Digest(expandSbox(DSTU4145Params.getDefaultDKE()));
-        }
-
-        if (appRandom != null)
-        {
-            signer.init(true, new ParametersWithRandom(param, appRandom));
-        }
-        else
-        {
-            signer.init(true, param);
-        }
-    }
-
-    protected void engineUpdate(
-        byte b)
-        throws SignatureException
-    {
-        digest.update(b);
-    }
-
-    protected void engineUpdate(
-        byte[] b,
-        int off,
-        int len)
-        throws SignatureException
-    {
-        digest.update(b, off, len);
-    }
-
-    protected byte[] engineSign()
-        throws SignatureException
-    {
-        byte[] hash = new byte[digest.getDigestSize()];
-
-        digest.doFinal(hash, 0);
-
-        try
-        {
-            BigInteger[] sig = signer.generateSignature(hash);
-            byte[] r = sig[0].toByteArray();
-            byte[] s = sig[1].toByteArray();
-
-            byte[] sigBytes = new byte[(r.length > s.length ? r.length * 2 : s.length * 2)];
-            System.arraycopy(s, 0, sigBytes, (sigBytes.length / 2) - s.length, s.length);
-            System.arraycopy(r, 0, sigBytes, sigBytes.length - r.length, r.length);
-
-            return new DEROctetString(sigBytes).getEncoded();
-        }
-        catch (Exception e)
-        {
-            throw new SignatureException(e.toString());
-        }
-    }
-
-    protected boolean engineVerify(
-        byte[] sigBytes)
-        throws SignatureException
-    {
-        byte[] hash = new byte[digest.getDigestSize()];
-
-        digest.doFinal(hash, 0);
-
-        BigInteger[] sig;
-
-        try
-        {
-            byte[] bytes = ((ASN1OctetString)ASN1OctetString.fromByteArray(sigBytes)).getOctets();
-
-            byte[] r = new byte[bytes.length / 2];
-            byte[] s = new byte[bytes.length / 2];
-
-            System.arraycopy(bytes, 0, s, 0, bytes.length / 2);
-
-            System.arraycopy(bytes, bytes.length / 2, r, 0, bytes.length / 2);
-
-            sig = new BigInteger[2];
-            sig[0] = new BigInteger(1, r);
-            sig[1] = new BigInteger(1, s);
-        }
-        catch (Exception e)
-        {
-            throw new SignatureException("error decoding signature bytes.");
-        }
-
-        return signer.verifySignature(hash, sig[0], sig[1]);
-    }
-
-    protected void engineSetParameter(
-        AlgorithmParameterSpec params)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    /**
-     * @deprecated replaced with #engineSetParameter(java.security.spec.AlgorithmParameterSpec)
-     */
-    protected void engineSetParameter(
-        String param,
-        Object value)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    /**
-     * @deprecated
-     */
-    protected Object engineGetParameter(
-        String param)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/SignatureSpiLe.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/SignatureSpiLe.java
deleted file mode 100644
index 0eb8bc9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/dstu/SignatureSpiLe.java
+++ /dev/null

@@ -1,69 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.dstu;
-
-import java.io.IOException;
-import java.security.SignatureException;
-
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.DEROctetString;
-
-public class SignatureSpiLe
-    extends SignatureSpi
-{
-    void reverseBytes(byte[] bytes)
-    {
-        byte tmp;
-
-        for (int i = 0; i < bytes.length / 2; i++)
-        {
-            tmp = bytes[i];
-            bytes[i] = bytes[bytes.length - 1 - i];
-            bytes[bytes.length - 1 - i] = tmp;
-        }
-    }
-
-    protected byte[] engineSign()
-        throws SignatureException
-    {
-        byte[] signature = ASN1OctetString.getInstance(super.engineSign()).getOctets();
-        reverseBytes(signature);
-        try
-        {
-            return (new DEROctetString(signature)).getEncoded();
-        }
-        catch (Exception e)
-        {
-            throw new SignatureException(e.toString());
-        }
-    }
-
-    protected boolean engineVerify(
-        byte[] sigBytes)
-        throws SignatureException
-    {
-        byte[] bytes = null;
-
-        try
-        {
-            bytes = ((ASN1OctetString)ASN1OctetString.fromByteArray(sigBytes)).getOctets();
-        }
-        catch (IOException e)
-        {
-            throw new SignatureException("error decoding signature bytes.");
-        }
-
-        reverseBytes(bytes);
-
-        try
-        {
-            return super.engineVerify((new DEROctetString(bytes)).getEncoded());
-        }
-        catch (SignatureException e)
-        {
-            throw e;
-        }
-        catch (Exception e)
-        {
-            throw new SignatureException(e.toString());
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/GMCipherSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/GMCipherSpi.java
deleted file mode 100644
index fca555a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/GMCipherSpi.java
+++ /dev/null

@@ -1,424 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.ec;
-
-import java.io.ByteArrayOutputStream;
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.NoSuchAlgorithmException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.BadPaddingException;
-import javax.crypto.Cipher;
-import javax.crypto.CipherSpi;
-import javax.crypto.IllegalBlockSizeException;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.ShortBufferException;
-
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.digests.Blake2bDigest;
-import org.bouncycastle.crypto.digests.Blake2sDigest;
-import org.bouncycastle.crypto.digests.MD5Digest;
-import org.bouncycastle.crypto.digests.RIPEMD160Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA224Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA384Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.digests.WhirlpoolDigest;
-import org.bouncycastle.crypto.engines.SM2Engine;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
-import org.bouncycastle.jcajce.provider.util.BadBlockException;
-import org.bouncycastle.jcajce.util.BCJcaJceHelper;
-import org.bouncycastle.jcajce.util.JcaJceHelper;
-import org.bouncycastle.jce.interfaces.ECKey;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-
-
-public class GMCipherSpi
-    extends CipherSpi
-{
-    private final JcaJceHelper helper = new BCJcaJceHelper();
-
-    private SM2Engine engine;
-    private int state = -1;
-    private ErasableOutputStream buffer = new ErasableOutputStream();
-    private AsymmetricKeyParameter key;
-    private SecureRandom random;
-
-    public GMCipherSpi(SM2Engine engine)
-    {
-        this.engine = engine;
-    }
-
-    public int engineGetBlockSize()
-    {
-        return 0;
-    }
-
-    public int engineGetKeySize(Key key)
-    {
-        if (key instanceof ECKey)
-        {
-            return ((ECKey)key).getParameters().getCurve().getFieldSize();
-        }
-        else
-        {
-            throw new IllegalArgumentException("not an EC key");
-        }
-    }
-
-
-    public byte[] engineGetIV()
-    {
-        return null;
-    }
-
-    public AlgorithmParameters engineGetParameters()
-    {
-        return null;
-    }
-
-    public void engineSetMode(String mode)
-        throws NoSuchAlgorithmException
-    {
-        String modeName = Strings.toUpperCase(mode);
-
-        if (!modeName.equals("NONE"))
-        {
-            throw new IllegalArgumentException("can't support mode " + mode);
-        }
-    }
-
-    public int engineGetOutputSize(int inputLen)
-    {
-        if (state == Cipher.ENCRYPT_MODE || state == Cipher.WRAP_MODE)
-        {
-            return engine.getOutputSize(inputLen);
-        }
-        else if (state == Cipher.DECRYPT_MODE || state == Cipher.UNWRAP_MODE)
-        {
-            return engine.getOutputSize(inputLen);
-        }
-        else
-        {
-            throw new IllegalStateException("cipher not initialised");
-        }
-    }
-
-    public void engineSetPadding(String padding)
-        throws NoSuchPaddingException
-    {
-        String paddingName = Strings.toUpperCase(padding);
-
-        // TDOD: make this meaningful...
-        if (!paddingName.equals("NOPADDING"))
-        {
-            throw new NoSuchPaddingException("padding not available with IESCipher");
-        }
-    }
-
-
-    // Initialisation methods
-
-    public void engineInit(
-        int opmode,
-        Key key,
-        AlgorithmParameters params,
-        SecureRandom random)
-        throws InvalidKeyException, InvalidAlgorithmParameterException
-    {
-        AlgorithmParameterSpec paramSpec = null;
-
-        if (params != null)
-        {
-            throw new InvalidAlgorithmParameterException("cannot recognise parameters: " + params.getClass().getName());
-        }
-
-        engineInit(opmode, key, paramSpec, random);
-    }
-
-    public void engineInit(
-        int opmode,
-        Key key,
-        AlgorithmParameterSpec engineSpec,
-        SecureRandom random)
-        throws InvalidAlgorithmParameterException, InvalidKeyException
-    {
-        // Parse the recipient's key
-        if (opmode == Cipher.ENCRYPT_MODE || opmode == Cipher.WRAP_MODE)
-        {
-            if (key instanceof PublicKey)
-            {
-                this.key = ECUtils.generatePublicKeyParameter((PublicKey)key);
-            }
-            else
-            {
-                throw new InvalidKeyException("must be passed public EC key for encryption");
-            }
-        }
-        else if (opmode == Cipher.DECRYPT_MODE || opmode == Cipher.UNWRAP_MODE)
-        {
-            if (key instanceof PrivateKey)
-            {
-                this.key = ECUtil.generatePrivateKeyParameter((PrivateKey)key);
-            }
-            else
-            {
-                throw new InvalidKeyException("must be passed private EC key for decryption");
-            }
-        }
-        else
-        {
-            throw new InvalidKeyException("must be passed EC key");
-        }
-
-
-        if (random != null)
-        {
-            this.random = random;
-        }
-        else
-        {
-            this.random = CryptoServicesRegistrar.getSecureRandom();
-        }
-
-        this.state = opmode;
-        buffer.reset();
-    }
-
-    public void engineInit(
-        int opmode,
-        Key key,
-        SecureRandom random)
-        throws InvalidKeyException
-    {
-        try
-        {
-            engineInit(opmode, key, (AlgorithmParameterSpec)null, random);
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            throw new IllegalArgumentException("cannot handle supplied parameter spec: " + e.getMessage());
-        }
-    }
-
-
-    // Update methods - buffer the input
-
-    public byte[] engineUpdate(
-        byte[] input,
-        int inputOffset,
-        int inputLen)
-    {
-        buffer.write(input, inputOffset, inputLen);
-        return null;
-    }
-
-
-    public int engineUpdate(
-        byte[] input,
-        int inputOffset,
-        int inputLen,
-        byte[] output,
-        int outputOffset)
-    {
-        buffer.write(input, inputOffset, inputLen);
-        return 0;
-    }
-
-
-    // Finalisation methods
-
-    public byte[] engineDoFinal(
-        byte[] input,
-        int inputOffset,
-        int inputLen)
-        throws IllegalBlockSizeException, BadPaddingException
-    {
-        if (inputLen != 0)
-        {
-            buffer.write(input, inputOffset, inputLen);
-        }
-
-        try
-        {
-            if (state == Cipher.ENCRYPT_MODE || state == Cipher.WRAP_MODE)
-            {
-                // Encrypt the buffer
-                try
-                {
-                    engine.init(true, new ParametersWithRandom(key, random));
-
-                    return engine.processBlock(buffer.getBuf(), 0, buffer.size());
-                }
-                catch (final Exception e)
-                {
-                    throw new BadBlockException("unable to process block", e);
-                }
-            }
-            else if (state == Cipher.DECRYPT_MODE || state == Cipher.UNWRAP_MODE)
-            {
-                // Decrypt the buffer
-                try
-                {
-                    engine.init(false, key);
-
-                    return engine.processBlock(buffer.getBuf(), 0, buffer.size());
-                }
-                catch (final Exception e)
-                {
-                    throw new BadBlockException("unable to process block", e);
-                }
-            }
-            else
-            {
-                throw new IllegalStateException("cipher not initialised");
-            }
-        }
-        finally
-        {
-            buffer.erase();
-        }
-    }
-
-    public int engineDoFinal(
-        byte[] input,
-        int inputOffset,
-        int inputLength,
-        byte[] output,
-        int outputOffset)
-        throws ShortBufferException, IllegalBlockSizeException, BadPaddingException
-    {
-        byte[] buf = engineDoFinal(input, inputOffset, inputLength);
-        System.arraycopy(buf, 0, output, outputOffset, buf.length);
-        return buf.length;
-    }
-
-    /**
-     * Classes that inherit from us
-     */
-    static public class SM2
-        extends GMCipherSpi
-    {
-        public SM2()
-        {
-            super(new SM2Engine());
-        }
-    }
-
-    static public class SM2withBlake2b
-        extends GMCipherSpi
-    {
-        public SM2withBlake2b()
-        {
-            super(new SM2Engine(new Blake2bDigest(512)));
-        }
-    }
-
-    static public class SM2withBlake2s
-        extends GMCipherSpi
-    {
-        public SM2withBlake2s()
-        {
-            super(new SM2Engine(new Blake2sDigest(256)));
-        }
-    }
-
-    static public class SM2withWhirlpool
-        extends GMCipherSpi
-    {
-        public SM2withWhirlpool()
-        {
-            super(new SM2Engine(new WhirlpoolDigest()));
-        }
-    }
-
-    static public class SM2withMD5
-        extends GMCipherSpi
-    {
-        public SM2withMD5()
-        {
-            super(new SM2Engine(new MD5Digest()));
-        }
-    }
-
-    static public class SM2withRMD
-        extends GMCipherSpi
-    {
-        public SM2withRMD()
-        {
-            super(new SM2Engine(new RIPEMD160Digest()));
-        }
-    }
-
-    static public class SM2withSha1
-        extends GMCipherSpi
-    {
-        public SM2withSha1()
-        {
-            super(new SM2Engine(new SHA1Digest()));
-        }
-    }
-
-    static public class SM2withSha224
-        extends GMCipherSpi
-    {
-        public SM2withSha224()
-        {
-            super(new SM2Engine(new SHA224Digest()));
-        }
-    }
-
-    static public class SM2withSha256
-        extends GMCipherSpi
-    {
-        public SM2withSha256()
-        {
-            super(new SM2Engine(new SHA256Digest()));
-        }
-    }
-
-    static public class SM2withSha384
-        extends GMCipherSpi
-    {
-        public SM2withSha384()
-        {
-            super(new SM2Engine(new SHA384Digest()));
-        }
-    }
-
-    static public class SM2withSha512
-        extends GMCipherSpi
-    {
-        public SM2withSha512()
-        {
-            super(new SM2Engine(new SHA512Digest()));
-        }
-    }
-
-    protected static final class ErasableOutputStream
-        extends ByteArrayOutputStream
-    {
-        public ErasableOutputStream()
-        {
-        }
-
-        public byte[] getBuf()
-        {
-            return buf;
-        }
-
-        public void erase()
-        {
-            Arrays.fill(this.buf, (byte)0);
-            reset();
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/GMSignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/GMSignatureSpi.java
deleted file mode 100644
index bc7abd4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/GMSignatureSpi.java
+++ /dev/null

@@ -1,157 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.ec;
-
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SignatureException;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.params.ParametersWithID;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.signers.SM2Signer;
-import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
-import org.bouncycastle.jcajce.spec.SM2ParameterSpec;
-import org.bouncycastle.jcajce.util.BCJcaJceHelper;
-import org.bouncycastle.jcajce.util.JcaJceHelper;
-
-public class GMSignatureSpi
-    extends java.security.SignatureSpi
-{
-    private final JcaJceHelper helper = new BCJcaJceHelper();
-
-    private AlgorithmParameters engineParams;
-    private SM2ParameterSpec paramSpec;
-
-    private final SM2Signer signer;
-
-    GMSignatureSpi(SM2Signer signer)
-    {
-        this.signer = signer;
-    }
-
-    protected void engineInitVerify(PublicKey publicKey)
-        throws InvalidKeyException
-    {
-        CipherParameters param = ECUtils.generatePublicKeyParameter(publicKey);
-
-        if (paramSpec != null)
-        {
-            param = new ParametersWithID(param, paramSpec.getID());
-        }
-
-        signer.init(false, param);
-    }
-
-    protected void engineInitSign(
-        PrivateKey privateKey)
-        throws InvalidKeyException
-    {
-        CipherParameters param = ECUtil.generatePrivateKeyParameter(privateKey);
-
-        if (appRandom != null)
-        {
-            param = new ParametersWithRandom(param, appRandom);
-        }
-
-        if (paramSpec != null)
-        {
-            signer.init(true, new ParametersWithID(param, paramSpec.getID()));
-        }
-        else
-        {
-            signer.init(true, param);
-        }
-    }
-
-    protected void engineUpdate(byte b)
-        throws SignatureException
-    {
-        signer.update(b);
-    }
-
-    protected void engineUpdate(byte[] bytes, int off, int length)
-        throws SignatureException
-    {
-        signer.update(bytes, off, length);
-    }
-
-    protected byte[] engineSign()
-        throws SignatureException
-    {
-        try
-        {
-            return signer.generateSignature();
-        }
-        catch (CryptoException e)
-        {
-            throw new SignatureException("unable to create signature: " + e.getMessage());
-        }
-    }
-
-    protected boolean engineVerify(byte[] bytes)
-        throws SignatureException
-    {
-        return signer.verifySignature(bytes);
-    }
-
-    protected void engineSetParameter(
-        AlgorithmParameterSpec params)
-        throws InvalidAlgorithmParameterException
-    {
-        if (params instanceof SM2ParameterSpec)
-        {
-            paramSpec = (SM2ParameterSpec)params;
-        }
-        else
-        {
-            throw new InvalidAlgorithmParameterException("only SM2ParameterSpec supported");
-        }
-    }
-
-    protected AlgorithmParameters engineGetParameters()
-    {
-        if (engineParams == null)
-        {
-            if (paramSpec != null)
-            {
-                try
-                {
-                    engineParams = helper.createAlgorithmParameters("PSS");
-                    engineParams.init(paramSpec);
-                }
-                catch (Exception e)
-                {
-                    throw new RuntimeException(e.toString());
-                }
-            }
-        }
-
-        return engineParams;
-    }
-
-    protected void engineSetParameter(
-        String param,
-        Object value)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    protected Object engineGetParameter(
-        String param)
-    {
-        throw new UnsupportedOperationException("engineGetParameter unsupported");
-    }
-
-    static public class sm3WithSM2
-        extends GMSignatureSpi
-    {
-        public sm3WithSM2()
-        {
-            super(new SM2Signer());
-        }
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/IESCipher.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/IESCipher.java
deleted file mode 100644
index e937f5c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/IESCipher.java
+++ /dev/null

@@ -1,547 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.ec;
-
-import java.io.ByteArrayOutputStream;
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.NoSuchAlgorithmException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.BadPaddingException;
-import javax.crypto.Cipher;
-import javax.crypto.CipherSpi;
-import javax.crypto.IllegalBlockSizeException;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.ShortBufferException;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.KeyEncoder;
-import org.bouncycastle.crypto.agreement.ECDHBasicAgreement;
-import org.bouncycastle.crypto.engines.AESEngine;
-import org.bouncycastle.crypto.engines.DESedeEngine;
-import org.bouncycastle.crypto.engines.IESEngine;
-import org.bouncycastle.crypto.generators.ECKeyPairGenerator;
-import org.bouncycastle.crypto.generators.EphemeralKeyPairGenerator;
-import org.bouncycastle.crypto.generators.KDF2BytesGenerator;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECKeyGenerationParameters;
-import org.bouncycastle.crypto.params.ECKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.IESWithCipherParameters;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.crypto.parsers.ECIESPublicKeyParser;
-import org.bouncycastle.crypto.util.DigestFactory;
-import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
-import org.bouncycastle.jcajce.provider.asymmetric.util.IESUtil;
-import org.bouncycastle.jcajce.provider.util.BadBlockException;
-import org.bouncycastle.jcajce.util.BCJcaJceHelper;
-import org.bouncycastle.jcajce.util.JcaJceHelper;
-import org.bouncycastle.jce.interfaces.ECKey;
-import org.bouncycastle.jce.interfaces.IESKey;
-import org.bouncycastle.jce.spec.IESParameterSpec;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.util.Strings;
-
-
-public class IESCipher
-    extends CipherSpi
-{
-    private final JcaJceHelper helper = new BCJcaJceHelper();
-
-    private int ivLength;
-    private IESEngine engine;
-    private int state = -1;
-    private ByteArrayOutputStream buffer = new ByteArrayOutputStream();
-    private AlgorithmParameters engineParam = null;
-    private IESParameterSpec engineSpec = null;
-    private AsymmetricKeyParameter key;
-    private SecureRandom random;
-    private boolean dhaesMode = false;
-    private AsymmetricKeyParameter otherKeyParameter = null;
-
-    public IESCipher(IESEngine engine)
-    {
-        this.engine = engine;
-        this.ivLength = 0;
-    }
-
-    public IESCipher(IESEngine engine, int ivLength)
-    {
-        this.engine = engine;
-        this.ivLength = ivLength;
-    }
-
-    public int engineGetBlockSize()
-    {
-        if (engine.getCipher() != null)
-        {
-            return engine.getCipher().getBlockSize();
-        }
-        else
-        {
-            return 0;
-        }
-    }
-
-
-    public int engineGetKeySize(Key key)
-    {
-        if (key instanceof ECKey)
-        {
-            return ((ECKey)key).getParameters().getCurve().getFieldSize();
-        }
-        else
-        {
-            throw new IllegalArgumentException("not an EC key");
-        }
-    }
-
-
-    public byte[] engineGetIV()
-    {
-        if (engineSpec != null)
-        {
-            return engineSpec.getNonce();
-        }
-        return null;
-    }
-
-    public AlgorithmParameters engineGetParameters()
-    {
-        if (engineParam == null && engineSpec != null)
-        {
-            try
-            {
-                engineParam = helper.createAlgorithmParameters("IES");
-                engineParam.init(engineSpec);
-            }
-            catch (Exception e)
-            {
-                throw new RuntimeException(e.toString());
-            }
-        }
-
-        return engineParam;
-    }
-
-
-    public void engineSetMode(String mode)
-        throws NoSuchAlgorithmException
-    {
-        String modeName = Strings.toUpperCase(mode);
-
-        if (modeName.equals("NONE"))
-        {
-            dhaesMode = false;
-        }
-        else if (modeName.equals("DHAES"))
-        {
-            dhaesMode = true;
-        }
-        else
-        {
-            throw new IllegalArgumentException("can't support mode " + mode);
-        }
-    }
-
-
-    public int engineGetOutputSize(int inputLen)
-    {
-        int len1, len2, len3;
-
-        if (key == null)
-        {
-            throw new IllegalStateException("cipher not initialised");
-        }
-
-        len1 = engine.getMac().getMacSize();
-
-        if (otherKeyParameter == null)
-        {
-            ECCurve c = ((ECKeyParameters)key).getParameters().getCurve();
-            int feSize = (c.getFieldSize() + 7) / 8; 
-            len2 = 2 * feSize;
-        }
-        else
-        {
-            len2 = 0;
-        }
-
-        if (engine.getCipher() == null)
-        {
-            len3 = inputLen;
-        }
-        else if (state == Cipher.ENCRYPT_MODE || state == Cipher.WRAP_MODE)
-        {
-            len3 = engine.getCipher().getOutputSize(inputLen);
-        }
-        else if (state == Cipher.DECRYPT_MODE || state == Cipher.UNWRAP_MODE)
-        {
-            len3 = engine.getCipher().getOutputSize(inputLen - len1 - len2);
-        }
-        else
-        {
-            throw new IllegalStateException("cipher not initialised");
-        }
-
-        if (state == Cipher.ENCRYPT_MODE || state == Cipher.WRAP_MODE)
-        {
-            return buffer.size() + len1 + 1 + len2 + len3;
-        }
-        else if (state == Cipher.DECRYPT_MODE || state == Cipher.UNWRAP_MODE)
-        {
-            return buffer.size() - len1 - len2 + len3;
-        }
-        else
-        {
-            throw new IllegalStateException("cipher not initialised");
-        }
-
-    }
-
-    public void engineSetPadding(String padding)
-        throws NoSuchPaddingException
-    {
-        String paddingName = Strings.toUpperCase(padding);
-
-        // TDOD: make this meaningful...
-        if (paddingName.equals("NOPADDING"))
-        {
-
-        }
-        else if (paddingName.equals("PKCS5PADDING") || paddingName.equals("PKCS7PADDING"))
-        {
-
-        }
-        else
-        {
-            throw new NoSuchPaddingException("padding not available with IESCipher");
-        }
-    }
-
-
-    // Initialisation methods
-
-    public void engineInit(
-        int opmode,
-        Key key,
-        AlgorithmParameters params,
-        SecureRandom random)
-        throws InvalidKeyException, InvalidAlgorithmParameterException
-    {
-        AlgorithmParameterSpec paramSpec = null;
-
-        if (params != null)
-        {
-            try
-            {
-                paramSpec = params.getParameterSpec(IESParameterSpec.class);
-            }
-            catch (Exception e)
-            {
-                throw new InvalidAlgorithmParameterException("cannot recognise parameters: " + e.toString());
-            }
-        }
-
-        engineParam = params;
-        engineInit(opmode, key, paramSpec, random);
-
-    }
-
-
-    public void engineInit(
-        int opmode,
-        Key key,
-        AlgorithmParameterSpec engineSpec,
-        SecureRandom random)
-        throws InvalidAlgorithmParameterException, InvalidKeyException
-    {
-        otherKeyParameter = null;
-
-        // Use default parameters (including cipher key size) if none are specified
-        if (engineSpec == null)
-        {
-            byte[] nonce = null;
-            if (ivLength != 0 && opmode == Cipher.ENCRYPT_MODE)
-            {
-                nonce = new byte[ivLength];
-                random.nextBytes(nonce);
-            }
-            this.engineSpec = IESUtil.guessParameterSpec(engine.getCipher(), nonce);
-        }
-        else if (engineSpec instanceof IESParameterSpec)
-        {
-            this.engineSpec = (IESParameterSpec)engineSpec;
-        }
-        else
-        {
-            throw new InvalidAlgorithmParameterException("must be passed IES parameters");
-        }
-
-        byte[] nonce = this.engineSpec.getNonce();
-
-        if (ivLength != 0 && (nonce == null || nonce.length != ivLength))
-        {
-            throw new InvalidAlgorithmParameterException("NONCE in IES Parameters needs to be " + ivLength + " bytes long");
-        }
-
-        // Parse the recipient's key
-        if (opmode == Cipher.ENCRYPT_MODE || opmode == Cipher.WRAP_MODE)
-        {
-            if (key instanceof PublicKey)
-            {
-                this.key = ECUtils.generatePublicKeyParameter((PublicKey)key);
-            }
-            else if (key instanceof IESKey)
-            {
-                IESKey ieKey = (IESKey)key;
-
-                this.key = ECUtils.generatePublicKeyParameter(ieKey.getPublic());
-                this.otherKeyParameter = ECUtil.generatePrivateKeyParameter(ieKey.getPrivate());
-            }
-            else
-            {
-                throw new InvalidKeyException("must be passed recipient's public EC key for encryption");
-            }
-        }
-        else if (opmode == Cipher.DECRYPT_MODE || opmode == Cipher.UNWRAP_MODE)
-        {
-            if (key instanceof PrivateKey)
-            {
-                this.key = ECUtil.generatePrivateKeyParameter((PrivateKey)key);
-            }
-            else if (key instanceof IESKey)
-            {
-                IESKey ieKey = (IESKey)key;
-
-                this.otherKeyParameter = ECUtils.generatePublicKeyParameter(ieKey.getPublic());
-                this.key = ECUtil.generatePrivateKeyParameter(ieKey.getPrivate());
-            }
-            else
-            {
-                throw new InvalidKeyException("must be passed recipient's private EC key for decryption");
-            }
-        }
-        else
-        {
-            throw new InvalidKeyException("must be passed EC key");
-        }
-
-
-        this.random = random;
-        this.state = opmode;
-        buffer.reset();
-
-    }
-
-
-    public void engineInit(
-        int opmode,
-        Key key,
-        SecureRandom random)
-        throws InvalidKeyException
-    {
-        try
-        {
-            engineInit(opmode, key, (AlgorithmParameterSpec)null, random);
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            throw new IllegalArgumentException("cannot handle supplied parameter spec: " + e.getMessage());
-        }
-
-    }
-
-
-    // Update methods - buffer the input
-
-    public byte[] engineUpdate(
-        byte[] input,
-        int inputOffset,
-        int inputLen)
-    {
-        buffer.write(input, inputOffset, inputLen);
-        return null;
-    }
-
-
-    public int engineUpdate(
-        byte[] input,
-        int inputOffset,
-        int inputLen,
-        byte[] output,
-        int outputOffset)
-    {
-        buffer.write(input, inputOffset, inputLen);
-        return 0;
-    }
-
-
-    // Finalisation methods
-
-    public byte[] engineDoFinal(
-        byte[] input,
-        int inputOffset,
-        int inputLen)
-        throws IllegalBlockSizeException, BadPaddingException
-    {
-        if (inputLen != 0)
-        {
-            buffer.write(input, inputOffset, inputLen);
-        }
-
-        final byte[] in = buffer.toByteArray();
-        buffer.reset();
-
-        // Convert parameters for use in IESEngine
-        CipherParameters params = new IESWithCipherParameters(engineSpec.getDerivationV(),
-            engineSpec.getEncodingV(),
-            engineSpec.getMacKeySize(),
-            engineSpec.getCipherKeySize());
-
-        if (engineSpec.getNonce() != null)
-        {
-            params = new ParametersWithIV(params, engineSpec.getNonce());
-        }
-
-        final ECDomainParameters ecParams = ((ECKeyParameters)key).getParameters();
-
-        final byte[] V;
-
-        if (otherKeyParameter != null)
-        {
-            try
-            {
-                if (state == Cipher.ENCRYPT_MODE || state == Cipher.WRAP_MODE)
-                {
-                    engine.init(true, otherKeyParameter, key, params);
-                }
-                else
-                {
-                    engine.init(false, key, otherKeyParameter, params);
-                }
-                return engine.processBlock(in, 0, in.length);
-            }
-            catch (Exception e)
-            {
-                throw new BadBlockException("unable to process block", e);
-            }
-        }
-
-        if (state == Cipher.ENCRYPT_MODE || state == Cipher.WRAP_MODE)
-        {
-            // Generate the ephemeral key pair
-            ECKeyPairGenerator gen = new ECKeyPairGenerator();
-            gen.init(new ECKeyGenerationParameters(ecParams, random));
-
-            final boolean usePointCompression = engineSpec.getPointCompression();
-            EphemeralKeyPairGenerator kGen = new EphemeralKeyPairGenerator(gen, new KeyEncoder()
-            {
-                public byte[] getEncoded(AsymmetricKeyParameter keyParameter)
-                {
-                    return ((ECPublicKeyParameters)keyParameter).getQ().getEncoded(usePointCompression);
-                }
-            });
-
-            // Encrypt the buffer
-            try
-            {
-                engine.init(key, params, kGen);
-
-                return engine.processBlock(in, 0, in.length);
-            }
-            catch (final Exception e)
-            {
-                throw new BadBlockException("unable to process block", e);
-            }
-        }
-        else if (state == Cipher.DECRYPT_MODE || state == Cipher.UNWRAP_MODE)
-        {
-            // Decrypt the buffer
-            try
-            {
-                engine.init(key, params, new ECIESPublicKeyParser(ecParams));
-
-                return engine.processBlock(in, 0, in.length);
-            }
-            catch (InvalidCipherTextException e)
-            {
-                throw new BadBlockException("unable to process block", e);
-            }
-        }
-        else
-        {
-            throw new IllegalStateException("cipher not initialised");
-        }
-
-    }
-
-    public int engineDoFinal(
-        byte[] input,
-        int inputOffset,
-        int inputLength,
-        byte[] output,
-        int outputOffset)
-        throws ShortBufferException, IllegalBlockSizeException, BadPaddingException
-    {
-
-        byte[] buf = engineDoFinal(input, inputOffset, inputLength);
-        System.arraycopy(buf, 0, output, outputOffset, buf.length);
-        return buf.length;
-    }
-
-    /**
-     * Classes that inherit from us
-     */
-
-    static public class ECIES
-        extends IESCipher
-    {
-        public ECIES()
-        {
-            super(new IESEngine(new ECDHBasicAgreement(),
-                new KDF2BytesGenerator(DigestFactory.createSHA1()),
-                new HMac(DigestFactory.createSHA1())));
-        }
-    }
-
-    static public class ECIESwithCipher
-        extends IESCipher
-    {
-        public ECIESwithCipher(BlockCipher cipher, int ivLength)
-        {
-            super(new IESEngine(new ECDHBasicAgreement(),
-                            new KDF2BytesGenerator(DigestFactory.createSHA1()),
-                            new HMac(DigestFactory.createSHA1()),
-                            new PaddedBufferedBlockCipher(cipher)), ivLength);
-        }
-    }
-
-    static public class ECIESwithDESedeCBC
-        extends ECIESwithCipher
-    {
-        public ECIESwithDESedeCBC()
-        {
-            super(new CBCBlockCipher(new DESedeEngine()), 8);
-        }
-    }
-
-    static public class ECIESwithAESCBC
-        extends ECIESwithCipher
-    {
-        public ECIESwithAESCBC()
-        {
-            super(new CBCBlockCipher(new AESEngine()), 16);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java
index d82481e..7070df8 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java

@@ -14,29 +14,37 @@
 import org.bouncycastle.crypto.CipherParameters;
 import org.bouncycastle.crypto.DerivationFunction;
 import org.bouncycastle.crypto.agreement.ECDHBasicAgreement;
-import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement;
-import org.bouncycastle.crypto.agreement.ECDHCUnifiedAgreement;
-import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement;
-import org.bouncycastle.crypto.agreement.kdf.ConcatenationKDFGenerator;
-import org.bouncycastle.crypto.digests.RIPEMD160Digest;
-import org.bouncycastle.crypto.generators.KDF2BytesGenerator;
-import org.bouncycastle.crypto.params.ECDHUPrivateParameters;
-import org.bouncycastle.crypto.params.ECDHUPublicParameters;
+// BEGIN Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement;
+// import org.bouncycastle.crypto.agreement.ECDHCUnifiedAgreement;
+// import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement;
+// import org.bouncycastle.crypto.agreement.kdf.ConcatenationKDFGenerator;
+// import org.bouncycastle.crypto.digests.RIPEMD160Digest;
+// import org.bouncycastle.crypto.generators.KDF2BytesGenerator;
+// import org.bouncycastle.crypto.params.ECDHUPrivateParameters;
+// import org.bouncycastle.crypto.params.ECDHUPublicParameters;
+// END Android-removed: Unsupported algorithms
 import org.bouncycastle.crypto.params.ECDomainParameters;
 import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
 import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.MQVPrivateParameters;
-import org.bouncycastle.crypto.params.MQVPublicParameters;
-import org.bouncycastle.crypto.util.DigestFactory;
+// BEGIN Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.params.MQVPrivateParameters;
+// import org.bouncycastle.crypto.params.MQVPublicParameters;
+// import org.bouncycastle.crypto.util.DigestFactory;
+// END Android-removed: Unsupported algorithms
 import org.bouncycastle.jcajce.provider.asymmetric.util.BaseAgreementSpi;
 import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
-import org.bouncycastle.jcajce.spec.DHUParameterSpec;
-import org.bouncycastle.jcajce.spec.MQVParameterSpec;
+// BEGIN Android-removed: Unsupported algorithms
+// import org.bouncycastle.jcajce.spec.DHUParameterSpec;
+// import org.bouncycastle.jcajce.spec.MQVParameterSpec;
+// END Android-removed: Unsupported algorithms
 import org.bouncycastle.jcajce.spec.UserKeyingMaterialSpec;
 import org.bouncycastle.jce.interfaces.ECPrivateKey;
 import org.bouncycastle.jce.interfaces.ECPublicKey;
-import org.bouncycastle.jce.interfaces.MQVPrivateKey;
-import org.bouncycastle.jce.interfaces.MQVPublicKey;
+// BEGIN Android-removed: Unsupported algorithms
+// import org.bouncycastle.jce.interfaces.MQVPrivateKey;
+// import org.bouncycastle.jce.interfaces.MQVPublicKey;
+// END Android-removed: Unsupported algorithms
 import org.bouncycastle.util.Arrays;
 
 /**
@@ -55,8 +63,9 @@
     private ECDomainParameters parameters;
     private Object agreement;
 
-    private MQVParameterSpec mqvParameters;
-    private DHUParameterSpec dheParameters;
+    // Android-removed: Unsupported algorithms
+    // private MQVParameterSpec       mqvParameters;
+    // private DHUParameterSpec dheParameters;
     private byte[] result;
 
     protected KeyAgreementSpi(
@@ -70,6 +79,8 @@
         this.agreement = agreement;
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     protected KeyAgreementSpi(
         String kaAlgorithm,
         ECDHCUnifiedAgreement agreement,
@@ -80,6 +91,8 @@
         this.kaAlgorithm = kaAlgorithm;
         this.agreement = agreement;
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     protected byte[] bigIntToBytes(
         BigInteger r)
@@ -103,6 +116,8 @@
         }
 
         CipherParameters pubKey;
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         if (agreement instanceof ECMQVBasicAgreement)
         {
             if (!(key instanceof MQVPublicKey))
@@ -135,6 +150,8 @@
             pubKey = new ECDHUPublicParameters(staticKey, ephemKey);
         }
         else
+        */
+        // END Android-removed: Unsupported algorithms
         {
             if (!(key instanceof PublicKey))
             {
@@ -147,14 +164,22 @@
 
         try
         {
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             if (agreement instanceof BasicAgreement)
             {
+            */
+            // END Android-removed: Unsupported algorithms
                 result = bigIntToBytes(((BasicAgreement)agreement).calculateAgreement(pubKey));
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             }
             else
             {
                 result = ((ECDHCUnifiedAgreement)agreement).calculateAgreement(pubKey);
             }
+            */
+            // END Android-removed: Unsupported algorithms
         }
         catch (final Exception e)
         {
@@ -176,8 +201,10 @@
         SecureRandom random)
         throws InvalidKeyException, InvalidAlgorithmParameterException
     {
-        if (params != null &&
-            !(params instanceof MQVParameterSpec || params instanceof UserKeyingMaterialSpec || params instanceof DHUParameterSpec))
+        // Android-removed: Unsupported algorithms
+        // if (params != null &&
+        //     !(params instanceof MQVParameterSpec || params instanceof UserKeyingMaterialSpec || params instanceof DHUParameterSpec))
+        if (params != null && !(params instanceof UserKeyingMaterialSpec))
         {
             throw new InvalidAlgorithmParameterException("No algorithm parameters supported");
         }
@@ -204,6 +231,8 @@
     private void initFromKey(Key key, AlgorithmParameterSpec parameterSpec)
         throws InvalidKeyException, InvalidAlgorithmParameterException
     {
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         if (agreement instanceof ECMQVBasicAgreement)
         {
             mqvParameters = null;
@@ -289,6 +318,8 @@
             ((ECDHCUnifiedAgreement)agreement).init(localParams);
         }
         else
+        */
+        // END Android-removed: Unsupported algorithms
         {
             if (!(key instanceof PrivateKey))
             {
@@ -327,6 +358,8 @@
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     public static class DHC
         extends KeyAgreementSpi
     {
@@ -716,7 +749,7 @@
 
     /**
    	 * KeyAgreement according to BSI TR-03111 chapter 4.3.1
-   	 */
+   	 *
    	public static class ECKAEGwithSHA1KDF
    			extends KeyAgreementSpi
    	{
@@ -729,7 +762,7 @@
 
     /**
    	 * KeyAgreement according to BSI TR-03111 chapter 4.3.1
-   	 */
+   	 *
    	public static class ECKAEGwithRIPEMD160KDF
    			extends KeyAgreementSpi
    	{
@@ -742,7 +775,7 @@
 
     /**
    	 * KeyAgreement according to BSI TR-03111 chapter 4.3.1
-   	 */
+   	 *
    	public static class ECKAEGwithSHA224KDF
    			extends KeyAgreementSpi
    	{
@@ -755,7 +788,7 @@
 
 	/**
 	 * KeyAgreement according to BSI TR-03111 chapter 4.3.1
-	 */
+	 *
 	public static class ECKAEGwithSHA256KDF
 			extends KeyAgreementSpi
 	{
@@ -768,7 +801,7 @@
 
 	/**
 	 * KeyAgreement according to BSI TR-03111 chapter 4.3.1
-	 */
+	 *
 	public static class ECKAEGwithSHA384KDF
 			extends KeyAgreementSpi
 	{
@@ -781,7 +814,7 @@
 
 	/**
 	 * KeyAgreement according to BSI TR-03111 chapter 4.3.1
-	 */
+	 *
 	public static class ECKAEGwithSHA512KDF
 			extends KeyAgreementSpi
 	{
@@ -791,4 +824,6 @@
                 new KDF2BytesGenerator(DigestFactory.createSHA512()));
 		}
 	}
+  */
+  // END Android-removed: Unsupported algorithms
 }

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java
index ea82bc8..19b538a 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java

@@ -18,7 +18,8 @@
 import org.bouncycastle.crypto.CipherParameters;
 import org.bouncycastle.crypto.params.ECDomainParameters;
 import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.util.OpenSSHPublicKeyUtil;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.util.OpenSSHPublicKeyUtil;
 import org.bouncycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi;
 import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
 import org.bouncycastle.jcajce.provider.config.ProviderConfiguration;
@@ -27,8 +28,9 @@
 import org.bouncycastle.jce.spec.ECParameterSpec;
 import org.bouncycastle.jce.spec.ECPrivateKeySpec;
 import org.bouncycastle.jce.spec.ECPublicKeySpec;
-import org.bouncycastle.jce.spec.OpenSSHPrivateKeySpec;
-import org.bouncycastle.jce.spec.OpenSSHPublicKeySpec;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jce.spec.OpenSSHPrivateKeySpec;
+// import org.bouncycastle.jce.spec.OpenSSHPublicKeySpec;
 
 public class KeyFactorySpi
     extends BaseKeyFactorySpi
@@ -124,6 +126,8 @@
                 return new org.bouncycastle.jce.spec.ECPrivateKeySpec(k.getS(), implicitSpec);
             }
         }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         else if (spec.isAssignableFrom(OpenSSHPublicKeySpec.class) && key instanceof ECPublicKey)
         {
             if (key instanceof BCECPublicKey)
@@ -165,6 +169,8 @@
             }
 
         }
+        */
+        // END Android-removed: Unsupported algorithms
 
         return super.engineGetKeySpec(key, spec);
     }
@@ -181,6 +187,8 @@
         {
             return new BCECPrivateKey(algorithm, (java.security.spec.ECPrivateKeySpec)keySpec, configuration);
         }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         else if (keySpec instanceof OpenSSHPrivateKeySpec)
         {
             org.bouncycastle.asn1.sec.ECPrivateKey ecKey = org.bouncycastle.asn1.sec.ECPrivateKey.getInstance(((OpenSSHPrivateKeySpec)keySpec).getEncoded());
@@ -194,6 +202,8 @@
                 throw new InvalidKeySpecException("bad encoding: " + e.getMessage());
             }
         }
+        */
+        // END Android-removed: Unsupported algorithms
 
         return super.engineGeneratePrivate(keySpec);
     }
@@ -212,6 +222,8 @@
             {
                 return new BCECPublicKey(algorithm, (java.security.spec.ECPublicKeySpec)keySpec, configuration);
             }
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             else if (keySpec instanceof OpenSSHPublicKeySpec)
             {
                 CipherParameters params = OpenSSHPublicKeyUtil.parsePublicKey(((OpenSSHPublicKeySpec)keySpec).getEncoded());
@@ -228,6 +240,8 @@
                     throw new IllegalArgumentException("openssh key is not ec public key");
                 }
             }
+            */
+            // END Android-removed: Unsupported algorithms
         }
         catch (Exception e)
         {
@@ -285,6 +299,8 @@
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithm
+    /*
     public static class ECGOST3410
         extends KeyFactorySpi
     {
@@ -302,6 +318,8 @@
             super("ECGOST3410-2012", BouncyCastleProvider.CONFIGURATION);
         }
     }
+    */
+    // END Android-removed: Unsupported algorithm
 
     public static class ECDH
         extends KeyFactorySpi

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java
index 72fcca9..17a2e1d 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java

@@ -44,7 +44,10 @@
         ECKeyGenerationParameters   param;
         ECKeyPairGenerator          engine = new ECKeyPairGenerator();
         Object                      ecParams = null;
-        int                         strength = 239;
+        // Android-changed: Use 256-bit keys by default.
+        // 239-bit keys (the Bouncy Castle default) are less widely-supported than 256-bit ones,
+        // so we've changed the default strength to 256 for increased compatibility
+        int                         strength = 256;
         SecureRandom                random = CryptoServicesRegistrar.getSecureRandom();
         boolean                     initialised = false;
         String                      algorithm;
@@ -85,7 +88,13 @@
             SecureRandom    random)
         {
             this.strength = strength;
-            this.random = random;
+            // BEGIN Android-changed: Don't override this.random with null.
+            // Passing null just means to use a default random, which this.random is already
+            // initialized to, so just use that
+            if (random != null) {
+                this.random = random;
+            }
+            // END Android-changed: Don't override this.random with null.
 
             ECGenParameterSpec ecParams = (ECGenParameterSpec)ecParameters.get(Integers.valueOf(strength));
             if (ecParams == null)
@@ -108,6 +117,11 @@
             SecureRandom            random)
             throws InvalidAlgorithmParameterException
         {
+            // BEGIN Android-added: Use existing SecureRandom if none is provided.
+            if (random == null) {
+                random = this.random;
+            }
+            // END Android-added: Use existing SecureRandom if none is provided.
             if (params == null)
             {
                 ECParameterSpec implicitCA = configuration.getEcImplicitlyCa();

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java
index 73d2ae5..271f774 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java

@@ -8,15 +8,21 @@
 import org.bouncycastle.crypto.DSAExt;
 import org.bouncycastle.crypto.Digest;
 import org.bouncycastle.crypto.digests.NullDigest;
-import org.bouncycastle.crypto.digests.RIPEMD160Digest;
+// BEGIN Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.digests.RIPEMD160Digest;
+// END Android-removed: Unsupported algorithms
 import org.bouncycastle.crypto.params.ParametersWithRandom;
 import org.bouncycastle.crypto.signers.DSAEncoding;
 import org.bouncycastle.crypto.signers.ECDSASigner;
-import org.bouncycastle.crypto.signers.ECNRSigner;
-import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
+// BEGIN Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.signers.ECNRSigner;
+// import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
+// END Android-removed: Unsupported algorithms
 import org.bouncycastle.crypto.signers.PlainDSAEncoding;
 import org.bouncycastle.crypto.signers.StandardDSAEncoding;
-import org.bouncycastle.crypto.util.DigestFactory;
+// BEGIN Android-changed: Use Android digests
+// import org.bouncycastle.crypto.util.DigestFactory;
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
 import org.bouncycastle.jcajce.provider.asymmetric.util.DSABase;
 import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
 
@@ -60,10 +66,14 @@
     {
         public ecDSA()
         {
-            super(DigestFactory.createSHA1(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
+            // Android-changed: Use Android digests
+            // super(DigestFactory.createSHA1(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
+            super(AndroidDigestFactory.getSHA1(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithm
+    /*
     static public class ecDetDSA
         extends SignatureSpi
     {
@@ -72,6 +82,8 @@
             super(DigestFactory.createSHA1(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA1())), StandardDSAEncoding.INSTANCE);
         }
     }
+    */
+    // END Android-removed: Unsupported algorithm
 
     static public class ecDSAnone
         extends SignatureSpi
@@ -87,10 +99,14 @@
     {
         public ecDSA224()
         {
-            super(DigestFactory.createSHA224(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
+            // Android-changed: Use Android digests
+            // super(DigestFactory.createSHA224(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
+            super(AndroidDigestFactory.getSHA224(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithm
+    /*
     static public class ecDetDSA224
         extends SignatureSpi
     {
@@ -99,16 +115,22 @@
             super(DigestFactory.createSHA224(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA224())), StandardDSAEncoding.INSTANCE);
         }
     }
+    */
+    // END Android-removed: Unsupported algorithm
 
     static public class ecDSA256
         extends SignatureSpi
     {
         public ecDSA256()
         {
-            super(DigestFactory.createSHA256(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
+            // Android-changed: Use Android digests
+            // super(DigestFactory.createSHA256(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
+            super(AndroidDigestFactory.getSHA256(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithm
+    /*
     static public class ecDetDSA256
         extends SignatureSpi
     {
@@ -117,16 +139,22 @@
             super(DigestFactory.createSHA256(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA256())), StandardDSAEncoding.INSTANCE);
         }
     }
+    */
+    // END Android-removed: Unsupported algorithm
 
     static public class ecDSA384
         extends SignatureSpi
     {
         public ecDSA384()
         {
-            super(DigestFactory.createSHA384(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
+            // Android-changed: Use Android digests
+            // super(DigestFactory.createSHA384(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
+            super(AndroidDigestFactory.getSHA384(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithm
+    /*
     static public class ecDetDSA384
         extends SignatureSpi
     {
@@ -135,16 +163,22 @@
             super(DigestFactory.createSHA384(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA384())), StandardDSAEncoding.INSTANCE);
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     static public class ecDSA512
         extends SignatureSpi
     {
         public ecDSA512()
         {
-            super(DigestFactory.createSHA512(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
+            // Android-changed: Use Android digests
+            // super(DigestFactory.createSHA512(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
+            super(AndroidDigestFactory.getSHA512(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     static public class ecDetDSA512
         extends SignatureSpi
     {
@@ -333,4 +367,6 @@
             super(new RIPEMD160Digest(), new ECDSASigner(), PlainDSAEncoding.INSTANCE);
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 }

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/BCECGOST3410PrivateKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/BCECGOST3410PrivateKey.java
deleted file mode 100644
index 4ad33a8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/BCECGOST3410PrivateKey.java
+++ /dev/null

@@ -1,529 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.ecgost;
-
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.math.BigInteger;
-import java.security.interfaces.ECPrivateKey;
-import java.security.spec.ECParameterSpec;
-import java.security.spec.ECPrivateKeySpec;
-import java.security.spec.EllipticCurve;
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
-import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x9.X962Parameters;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
-import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
-import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl;
-import org.bouncycastle.jce.ECGOST3410NamedCurveTable;
-import org.bouncycastle.jce.interfaces.ECPointEncoder;
-import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
-import org.bouncycastle.jce.spec.ECNamedCurveSpec;
-import org.bouncycastle.math.ec.ECCurve;
-
-public class BCECGOST3410PrivateKey
-    implements ECPrivateKey, org.bouncycastle.jce.interfaces.ECPrivateKey, PKCS12BagAttributeCarrier, ECPointEncoder
-{
-    static final long serialVersionUID = 7245981689601667138L;
-
-    private String algorithm = "ECGOST3410";
-    private boolean withCompression;
-
-    private transient ASN1Encodable gostParams;
-    private transient BigInteger d;
-    private transient ECParameterSpec ecSpec;
-    private transient DERBitString publicKey;
-    private transient PKCS12BagAttributeCarrierImpl attrCarrier = new PKCS12BagAttributeCarrierImpl();
-
-    protected BCECGOST3410PrivateKey()
-    {
-    }
-
-    public BCECGOST3410PrivateKey(
-        ECPrivateKey key)
-    {
-        this.d = key.getS();
-        this.algorithm = key.getAlgorithm();
-        this.ecSpec = key.getParams();
-    }
-
-    public BCECGOST3410PrivateKey(
-        org.bouncycastle.jce.spec.ECPrivateKeySpec spec)
-    {
-        this.d = spec.getD();
-
-        if (spec.getParams() != null) // can be null if implicitlyCA
-        {
-            ECCurve curve = spec.getParams().getCurve();
-            EllipticCurve ellipticCurve;
-
-            ellipticCurve = EC5Util.convertCurve(curve, spec.getParams().getSeed());
-
-            this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec.getParams());
-        }
-        else
-        {
-            this.ecSpec = null;
-        }
-    }
-
-
-    public BCECGOST3410PrivateKey(
-        ECPrivateKeySpec spec)
-    {
-        this.d = spec.getS();
-        this.ecSpec = spec.getParams();
-    }
-
-    public BCECGOST3410PrivateKey(
-        BCECGOST3410PrivateKey key)
-    {
-        this.d = key.d;
-        this.ecSpec = key.ecSpec;
-        this.withCompression = key.withCompression;
-        this.attrCarrier = key.attrCarrier;
-        this.publicKey = key.publicKey;
-        this.gostParams = key.gostParams;
-    }
-
-    public BCECGOST3410PrivateKey(
-        String algorithm,
-        ECPrivateKeyParameters params,
-        BCECGOST3410PublicKey pubKey,
-        ECParameterSpec spec)
-    {
-        this.algorithm = algorithm;
-        this.d = params.getD();
-
-        if (spec == null)
-        {
-            ECDomainParameters dp = params.getParameters();
-            EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed());
-
-            this.ecSpec = new ECParameterSpec(
-                ellipticCurve,
-                EC5Util.convertPoint(dp.getG()),
-                dp.getN(),
-                dp.getH().intValue());
-        }
-        else
-        {
-            this.ecSpec = spec;
-        }
-
-        this.gostParams = pubKey.getGostParams();
-
-        publicKey = getPublicKeyDetails(pubKey);
-    }
-
-    public BCECGOST3410PrivateKey(
-        String algorithm,
-        ECPrivateKeyParameters params,
-        BCECGOST3410PublicKey pubKey,
-        org.bouncycastle.jce.spec.ECParameterSpec spec)
-    {
-        this.algorithm = algorithm;
-        this.d = params.getD();
-
-        if (spec == null)
-        {
-            ECDomainParameters dp = params.getParameters();
-            EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed());
-
-            this.ecSpec = new ECParameterSpec(
-                ellipticCurve,
-                EC5Util.convertPoint(dp.getG()),
-                dp.getN(),
-                dp.getH().intValue());
-        }
-        else
-        {
-            EllipticCurve ellipticCurve = EC5Util.convertCurve(spec.getCurve(), spec.getSeed());
-
-            this.ecSpec = new ECParameterSpec(
-                ellipticCurve,
-                EC5Util.convertPoint(spec.getG()),
-                spec.getN(),
-                spec.getH().intValue());
-        }
-
-        this.gostParams = pubKey.getGostParams();
-
-        publicKey = getPublicKeyDetails(pubKey);
-    }
-
-    public BCECGOST3410PrivateKey(
-        String algorithm,
-        ECPrivateKeyParameters params)
-    {
-        this.algorithm = algorithm;
-        this.d = params.getD();
-        this.ecSpec = null;
-    }
-
-    BCECGOST3410PrivateKey(
-        PrivateKeyInfo info)
-        throws IOException
-    {
-        populateFromPrivKeyInfo(info);
-    }
-
-    private void populateFromPrivKeyInfo(PrivateKeyInfo info)
-        throws IOException
-    {
-        AlgorithmIdentifier pkAlg = info.getPrivateKeyAlgorithm(); 
-        ASN1Encodable pkParams = pkAlg.getParameters();
-        ASN1Primitive p = pkParams.toASN1Primitive();
-
-        if (p instanceof ASN1Sequence && (ASN1Sequence.getInstance(p).size() == 2 || ASN1Sequence.getInstance(p).size() == 3))
-        {
-            GOST3410PublicKeyAlgParameters gParams = GOST3410PublicKeyAlgParameters.getInstance(pkParams);
-            gostParams = gParams;
-
-            ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gParams.getPublicKeyParamSet()));
-
-            ECCurve curve = spec.getCurve();
-            EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed());
-
-            ecSpec = new ECNamedCurveSpec(
-                ECGOST3410NamedCurves.getName(gParams.getPublicKeyParamSet()),
-                ellipticCurve,
-                EC5Util.convertPoint(spec.getG()),
-                spec.getN(), spec.getH());
-
-            ASN1Encodable privKey = info.parsePrivateKey();
-
-            if (privKey instanceof ASN1Integer)
-            {
-                this.d = ASN1Integer.getInstance(privKey).getPositiveValue();
-            }
-            else
-            {
-                byte[] encVal = ASN1OctetString.getInstance(privKey).getOctets();
-                byte[] dVal = new byte[encVal.length];
-
-                for (int i = 0; i != encVal.length; i++)
-                {
-                    dVal[i] = encVal[encVal.length - 1 - i];
-                }
-
-                this.d = new BigInteger(1, dVal);
-            }
-        }
-        else
-        {
-            // for backwards compatibility
-            X962Parameters params = X962Parameters.getInstance(pkParams);
-
-            if (params.isNamedCurve())
-            {
-                ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters());
-                X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
-
-                String curveName;
-                if (ecP == null) // GOST Curve
-                {
-                    ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid);
-                    ecP = new X9ECParameters(gParam.getCurve(), gParam.getG(), gParam.getN(), gParam.getH(), gParam.getSeed());
-
-                    curveName = ECGOST3410NamedCurves.getName(oid);
-                }
-                else
-                {
-                    curveName = ECUtil.getCurveName(oid);
-                }
-
-                EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
-
-                ecSpec = new ECNamedCurveSpec(
-                    curveName,
-                    ellipticCurve,
-                    EC5Util.convertPoint(ecP.getG()),
-                    ecP.getN(),
-                    ecP.getH());
-            }
-            else if (params.isImplicitlyCA())
-            {
-                ecSpec = null;
-            }
-            else
-            {
-                X9ECParameters ecP = X9ECParameters.getInstance(params.getParameters());
-                EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
-
-                this.ecSpec = new ECParameterSpec(
-                    ellipticCurve,
-                    EC5Util.convertPoint(ecP.getG()),
-                    ecP.getN(),
-                    ecP.getH().intValue());
-            }
-
-            ASN1Encodable privKey = info.parsePrivateKey();
-            if (privKey instanceof ASN1Integer)
-            {
-                ASN1Integer derD = ASN1Integer.getInstance(privKey);
-
-                this.d = derD.getValue();
-            }
-            else
-            {
-                org.bouncycastle.asn1.sec.ECPrivateKey ec = org.bouncycastle.asn1.sec.ECPrivateKey.getInstance(privKey);
-
-                this.d = ec.getKey();
-                this.publicKey = ec.getPublicKey();
-            }
-        }
-    }
-
-    public String getAlgorithm()
-    {
-        return algorithm;
-    }
-
-    /**
-     * return the encoding format we produce in getEncoded().
-     *
-     * @return the string "PKCS#8"
-     */
-    public String getFormat()
-    {
-        return "PKCS#8";
-    }
-
-    /**
-     * Return a PKCS8 representation of the key. The sequence returned
-     * represents a full PrivateKeyInfo object.
-     *
-     * @return a PKCS8 representation of the key.
-     */
-    public byte[] getEncoded()
-    {
-        if (gostParams != null)
-        {
-            byte[] encKey = new byte[32];
-
-            extractBytes(encKey, 0, this.getS());
-
-            try
-            {
-                PrivateKeyInfo info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, gostParams), new DEROctetString(encKey));
-
-                return info.getEncoded(ASN1Encoding.DER);
-            }
-            catch (IOException e)
-            {
-                return null;
-            }
-        }
-        else
-        {
-            X962Parameters params;
-            int orderBitLength;
-
-            if (ecSpec instanceof ECNamedCurveSpec)
-            {
-                ASN1ObjectIdentifier curveOid = ECUtil.getNamedCurveOid(((ECNamedCurveSpec)ecSpec).getName());
-                if (curveOid == null)  // guess it's the OID
-                {
-                    curveOid = new ASN1ObjectIdentifier(((ECNamedCurveSpec)ecSpec).getName());
-                }
-                params = new X962Parameters(curveOid);
-                orderBitLength = ECUtil.getOrderBitLength(BouncyCastleProvider.CONFIGURATION, ecSpec.getOrder(), this.getS());
-            }
-            else if (ecSpec == null)
-            {
-                params = new X962Parameters(DERNull.INSTANCE);
-                orderBitLength = ECUtil.getOrderBitLength(BouncyCastleProvider.CONFIGURATION, null, this.getS());
-            }
-            else
-            {
-                ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
-
-                X9ECParameters ecP = new X9ECParameters(
-                    curve,
-                    EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression),
-                    ecSpec.getOrder(),
-                    BigInteger.valueOf(ecSpec.getCofactor()),
-                    ecSpec.getCurve().getSeed());
-
-                params = new X962Parameters(ecP);
-                orderBitLength = ECUtil.getOrderBitLength(BouncyCastleProvider.CONFIGURATION, ecSpec.getOrder(), this.getS());
-            }
-
-            PrivateKeyInfo info;
-            org.bouncycastle.asn1.sec.ECPrivateKey keyStructure;
-
-            if (publicKey != null)
-            {
-                keyStructure = new org.bouncycastle.asn1.sec.ECPrivateKey(orderBitLength, this.getS(), publicKey, params);
-            }
-            else
-            {
-                keyStructure = new org.bouncycastle.asn1.sec.ECPrivateKey(orderBitLength, this.getS(), params);
-            }
-
-            try
-            {
-                info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive());
-
-                return info.getEncoded(ASN1Encoding.DER);
-            }
-            catch (IOException e)
-            {
-                return null;
-            }
-        }
-    }
-
-    private void extractBytes(byte[] encKey, int offSet, BigInteger bI)
-    {
-        byte[] val = bI.toByteArray();
-        if (val.length < 32)
-        {
-            byte[] tmp = new byte[32];
-            System.arraycopy(val, 0, tmp, tmp.length - val.length, val.length);
-            val = tmp;
-        }
-
-        for (int i = 0; i != 32; i++)
-        {
-            encKey[offSet + i] = val[val.length - 1 - i];
-        }
-    }
-
-    public ECParameterSpec getParams()
-    {
-        return ecSpec;
-    }
-
-    public org.bouncycastle.jce.spec.ECParameterSpec getParameters()
-    {
-        if (ecSpec == null)
-        {
-            return null;
-        }
-
-        return EC5Util.convertSpec(ecSpec, withCompression);
-    }
-
-    org.bouncycastle.jce.spec.ECParameterSpec engineGetSpec()
-    {
-        if (ecSpec != null)
-        {
-            return EC5Util.convertSpec(ecSpec, withCompression);
-        }
-
-        return BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
-    }
-
-    public BigInteger getS()
-    {
-        return d;
-    }
-
-    public BigInteger getD()
-    {
-        return d;
-    }
-
-    public void setBagAttribute(
-        ASN1ObjectIdentifier oid,
-        ASN1Encodable attribute)
-    {
-        attrCarrier.setBagAttribute(oid, attribute);
-    }
-
-    public ASN1Encodable getBagAttribute(
-        ASN1ObjectIdentifier oid)
-    {
-        return attrCarrier.getBagAttribute(oid);
-    }
-
-    public Enumeration getBagAttributeKeys()
-    {
-        return attrCarrier.getBagAttributeKeys();
-    }
-
-    public void setPointFormat(String style)
-    {
-        withCompression = !("UNCOMPRESSED".equalsIgnoreCase(style));
-    }
-
-    public boolean equals(Object o)
-    {
-        if (!(o instanceof BCECGOST3410PrivateKey))
-        {
-            return false;
-        }
-
-        BCECGOST3410PrivateKey other = (BCECGOST3410PrivateKey)o;
-
-        return getD().equals(other.getD()) && (engineGetSpec().equals(other.engineGetSpec()));
-    }
-
-    public int hashCode()
-    {
-        return getD().hashCode() ^ engineGetSpec().hashCode();
-    }
-
-    public String toString()
-    {
-        return ECUtil.privateKeyToString(algorithm, d, engineGetSpec());
-    }
-
-    private DERBitString getPublicKeyDetails(BCECGOST3410PublicKey pub)
-    {
-        try
-        {
-            SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(pub.getEncoded()));
-
-            return info.getPublicKeyData();
-        }
-        catch (IOException e)
-        {   // should never happen
-            return null;
-        }
-    }
-
-    private void readObject(
-        ObjectInputStream in)
-        throws IOException, ClassNotFoundException
-    {
-        in.defaultReadObject();
-
-        byte[] enc = (byte[])in.readObject();
-
-        populateFromPrivKeyInfo(PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(enc)));
-
-        this.attrCarrier = new PKCS12BagAttributeCarrierImpl();
-    }
-
-    private void writeObject(
-        ObjectOutputStream out)
-        throws IOException
-    {
-        out.defaultWriteObject();
-
-        out.writeObject(this.getEncoded());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/BCECGOST3410PublicKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/BCECGOST3410PublicKey.java
deleted file mode 100644
index cb21e96..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/BCECGOST3410PublicKey.java
+++ /dev/null

@@ -1,412 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.ecgost;
-
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.math.BigInteger;
-import java.security.interfaces.ECPublicKey;
-import java.security.spec.ECParameterSpec;
-import java.security.spec.ECPoint;
-import java.security.spec.ECPublicKeySpec;
-import java.security.spec.EllipticCurve;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
-import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x9.X962Parameters;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECGOST3410Parameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
-import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
-import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil;
-import org.bouncycastle.jcajce.provider.config.ProviderConfiguration;
-import org.bouncycastle.jce.ECGOST3410NamedCurveTable;
-import org.bouncycastle.jce.interfaces.ECPointEncoder;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
-import org.bouncycastle.jce.spec.ECNamedCurveSpec;
-import org.bouncycastle.math.ec.ECCurve;
-
-public class BCECGOST3410PublicKey
-    implements ECPublicKey, org.bouncycastle.jce.interfaces.ECPublicKey, ECPointEncoder
-{
-    static final long serialVersionUID = 7026240464295649314L;
-
-    private String algorithm = "ECGOST3410";
-    private boolean withCompression;
-
-    private transient ECPublicKeyParameters   ecPublicKey;
-    private transient ECParameterSpec ecSpec;
-    private transient ASN1Encodable gostParams;
-
-    public BCECGOST3410PublicKey(
-        BCECGOST3410PublicKey key)
-    {
-        this.ecPublicKey = key.ecPublicKey;
-        this.ecSpec = key.ecSpec;
-        this.withCompression = key.withCompression;
-        this.gostParams = key.gostParams;
-    }
-
-    public BCECGOST3410PublicKey(
-        ECPublicKeySpec spec)
-    {
-        this.ecSpec = spec.getParams();
-        this.ecPublicKey = new ECPublicKeyParameters(EC5Util.convertPoint(ecSpec, spec.getW(), false), EC5Util.getDomainParameters(null, spec.getParams()));
-    }
-
-    public BCECGOST3410PublicKey(
-        org.bouncycastle.jce.spec.ECPublicKeySpec spec,
-        ProviderConfiguration configuration)
-    {
-        if (spec.getParams() != null) // can be null if implictlyCa
-        {
-            ECCurve curve = spec.getParams().getCurve();
-            EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getParams().getSeed());
-
-            // this may seem a little long-winded but it's how we pick up the custom curve.
-            this.ecPublicKey = new ECPublicKeyParameters(
-                spec.getQ(), ECUtil.getDomainParameters(configuration, spec.getParams()));
-            this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec.getParams());
-        }
-        else
-        {
-            org.bouncycastle.jce.spec.ECParameterSpec s = configuration.getEcImplicitlyCa();
-
-            this.ecPublicKey = new ECPublicKeyParameters(s.getCurve().createPoint(spec.getQ().getAffineXCoord().toBigInteger(), spec.getQ().getAffineYCoord().toBigInteger()), EC5Util.getDomainParameters(configuration, (ECParameterSpec)null));
-            this.ecSpec = null;
-        }
-    }
-
-    public BCECGOST3410PublicKey(
-        String algorithm,
-        ECPublicKeyParameters params,
-        ECParameterSpec spec)
-    {
-        ECDomainParameters      dp = params.getParameters();
-
-        if (dp instanceof ECGOST3410Parameters)
-        {
-            ECGOST3410Parameters p = (ECGOST3410Parameters)dp;
-
-            this.gostParams = new GOST3410PublicKeyAlgParameters(p.getPublicKeyParamSet(),
-                                                p.getDigestParamSet(), p.getEncryptionParamSet());
-        }
-
-        this.algorithm = algorithm;
-        this.ecPublicKey = params;
-
-        if (spec == null)
-        {
-            EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed());
-
-            this.ecSpec = createSpec(ellipticCurve, dp);
-        }
-        else
-        {
-            this.ecSpec = spec;
-        }
-    }
-
-    public BCECGOST3410PublicKey(
-        String algorithm,
-        ECPublicKeyParameters params,
-        org.bouncycastle.jce.spec.ECParameterSpec spec)
-    {
-        ECDomainParameters dp = params.getParameters();
-
-        this.algorithm = algorithm;
-        this.ecPublicKey = params;
-
-        if (spec == null)
-        {
-            EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed());
-
-            this.ecSpec = createSpec(ellipticCurve, dp);
-        }
-        else
-        {
-            EllipticCurve ellipticCurve = EC5Util.convertCurve(spec.getCurve(), spec.getSeed());
-
-            this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec);
-        }
-    }
-
-    /*
-     * called for implicitCA
-     */
-    public BCECGOST3410PublicKey(
-        String algorithm,
-        ECPublicKeyParameters params)
-    {
-        this.algorithm = algorithm;
-        this.ecPublicKey = params;
-        this.ecSpec = null;
-    }
-
-    private ECParameterSpec createSpec(EllipticCurve ellipticCurve, ECDomainParameters dp)
-    {
-        return new ECParameterSpec(
-            ellipticCurve,
-            EC5Util.convertPoint(dp.getG()),
-            dp.getN(),
-            dp.getH().intValue());
-    }
-
-    public BCECGOST3410PublicKey(
-        ECPublicKey key)
-    {
-        this.algorithm = key.getAlgorithm();
-        this.ecSpec = key.getParams();
-        this.ecPublicKey = new ECPublicKeyParameters(EC5Util.convertPoint(this.ecSpec, key.getW(), false), EC5Util.getDomainParameters(null, key.getParams()));
-    }
-
-    BCECGOST3410PublicKey(
-        SubjectPublicKeyInfo info)
-    {
-        populateFromPubKeyInfo(info);
-    }
-
-    private void populateFromPubKeyInfo(SubjectPublicKeyInfo info)
-    {
-        DERBitString bits = info.getPublicKeyData();
-        ASN1OctetString key;
-        this.algorithm = "ECGOST3410";
-
-        try
-        {
-            key = (ASN1OctetString)ASN1Primitive.fromByteArray(bits.getBytes());
-        }
-        catch (IOException ex)
-        {
-            throw new IllegalArgumentException("error recovering public key");
-        }
-
-        byte[] keyEnc = key.getOctets();
-
-        byte[] x9Encoding = new byte[65];
-        x9Encoding[0] = 0x04;
-        for (int i = 1; i <= 32; ++i)
-        {
-            x9Encoding[i     ] = keyEnc[32 - i];
-            x9Encoding[i + 32] = keyEnc[64 - i];
-        }
-
-        ASN1ObjectIdentifier paramOID;
-
-        if (info.getAlgorithm().getParameters() instanceof ASN1ObjectIdentifier)
-        {
-            paramOID = ASN1ObjectIdentifier.getInstance(info.getAlgorithm().getParameters());
-            gostParams = paramOID;
-        }
-        else
-        {
-            GOST3410PublicKeyAlgParameters params = GOST3410PublicKeyAlgParameters.getInstance(info.getAlgorithm().getParameters());
-            gostParams = params;
-            paramOID = params.getPublicKeyParamSet();
-
-        }
-
-        ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(paramOID));
-
-        ECCurve curve = spec.getCurve();
-        EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed());
-
-        this.ecPublicKey = new ECPublicKeyParameters(curve.decodePoint(x9Encoding), ECUtil.getDomainParameters(null, spec));
-
-        this.ecSpec = new ECNamedCurveSpec(
-            ECGOST3410NamedCurves.getName(paramOID),
-            ellipticCurve,
-            EC5Util.convertPoint(spec.getG()),
-            spec.getN(), spec.getH());
-    }
-
-    public String getAlgorithm()
-    {
-        return algorithm;
-    }
-
-    public String getFormat()
-    {
-        return "X.509";
-    }
-
-    public byte[] getEncoded()
-    {
-        ASN1Encodable params;
-        SubjectPublicKeyInfo info;
-
-        params = getGostParams();
-
-        if (params == null)
-        {
-            if (ecSpec instanceof ECNamedCurveSpec)
-            {
-                params = new GOST3410PublicKeyAlgParameters(
-                    ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()),
-                    CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet);
-            }
-            else
-            {   // strictly speaking this may not be applicable...
-                ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
-
-                X9ECParameters ecP = new X9ECParameters(
-                    curve,
-                    EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression),
-                    ecSpec.getOrder(),
-                    BigInteger.valueOf(ecSpec.getCofactor()),
-                    ecSpec.getCurve().getSeed());
-
-                params = new X962Parameters(ecP);
-            }
-        }
-
-        BigInteger bX = this.ecPublicKey.getQ().getAffineXCoord().toBigInteger();
-        BigInteger bY = this.ecPublicKey.getQ().getAffineYCoord().toBigInteger();
-        byte[] encKey = new byte[64];
-
-        extractBytes(encKey, 0, bX);
-        extractBytes(encKey, 32, bY);
-
-        try
-        {
-            info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey));
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-
-        return KeyUtil.getEncodedSubjectPublicKeyInfo(info);
-    }
-
-    private void extractBytes(byte[] encKey, int offSet, BigInteger bI)
-    {
-        byte[] val = bI.toByteArray();
-        if (val.length < 32)
-        {
-            byte[] tmp = new byte[32];
-            System.arraycopy(val, 0, tmp, tmp.length - val.length, val.length);
-            val = tmp;
-        }
-
-        for (int i = 0; i != 32; i++)
-        {
-            encKey[offSet + i] = val[val.length - 1 - i];
-        }
-    }
-
-    public ECParameterSpec getParams()
-    {
-        return ecSpec;
-    }
-
-    public org.bouncycastle.jce.spec.ECParameterSpec getParameters()
-    {
-        if (ecSpec == null)     // implictlyCA
-        {
-            return null;
-        }
-
-        return EC5Util.convertSpec(ecSpec, withCompression);
-    }
-
-    public ECPoint getW()
-    {
-        return EC5Util.convertPoint(ecPublicKey.getQ());
-    }
-
-    public org.bouncycastle.math.ec.ECPoint getQ()
-    {
-        if (ecSpec == null)
-        {
-            return ecPublicKey.getQ().getDetachedPoint();
-        }
-
-        return ecPublicKey.getQ();
-    }
-
-    ECPublicKeyParameters engineGetKeyParameters()
-    {
-        return ecPublicKey;
-    }
-
-    org.bouncycastle.jce.spec.ECParameterSpec engineGetSpec()
-    {
-        if (ecSpec != null)
-        {
-            return EC5Util.convertSpec(ecSpec, withCompression);
-        }
-
-        return BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
-    }
-
-    public String toString()
-    {
-        return ECUtil.publicKeyToString(algorithm, ecPublicKey.getQ(), engineGetSpec());
-    }
-
-    public void setPointFormat(String style)
-    {
-        withCompression = !("UNCOMPRESSED".equalsIgnoreCase(style));
-    }
-
-    public boolean equals(Object o)
-    {
-        if (!(o instanceof BCECGOST3410PublicKey))
-        {
-            return false;
-        }
-
-        BCECGOST3410PublicKey other = (BCECGOST3410PublicKey)o;
-
-        return ecPublicKey.getQ().equals(other.ecPublicKey.getQ()) && (engineGetSpec().equals(other.engineGetSpec()));
-    }
-
-    public int hashCode()
-    {
-        return ecPublicKey.getQ().hashCode() ^ engineGetSpec().hashCode();
-    }
-
-    private void readObject(
-        ObjectInputStream in)
-        throws IOException, ClassNotFoundException
-    {
-        in.defaultReadObject();
-
-        byte[] enc = (byte[])in.readObject();
-
-        populateFromPubKeyInfo(SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(enc)));
-    }
-
-    private void writeObject(
-        ObjectOutputStream out)
-        throws IOException
-    {
-        out.defaultWriteObject();
-
-        out.writeObject(this.getEncoded());
-    }
-
-    ASN1Encodable getGostParams()
-    {
-        if (gostParams == null && ecSpec instanceof ECNamedCurveSpec)
-        {
-            this.gostParams = new GOST3410PublicKeyAlgParameters(
-                ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()),
-                CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet);
-        }
-
-        return gostParams;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/KeyAgreementSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/KeyAgreementSpi.java
deleted file mode 100644
index 3296c24..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/KeyAgreementSpi.java
+++ /dev/null

@@ -1,160 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.ecgost;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.asn1.x9.X9IntegerConverter;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DerivationFunction;
-import org.bouncycastle.crypto.agreement.ECVKOAgreement;
-import org.bouncycastle.crypto.digests.GOST3411Digest;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithUKM;
-import org.bouncycastle.jcajce.provider.asymmetric.ec.BCECPublicKey;
-import org.bouncycastle.jcajce.provider.asymmetric.util.BaseAgreementSpi;
-import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
-import org.bouncycastle.jcajce.spec.UserKeyingMaterialSpec;
-import org.bouncycastle.jce.interfaces.ECPrivateKey;
-import org.bouncycastle.jce.interfaces.ECPublicKey;
-
-public class KeyAgreementSpi
-    extends BaseAgreementSpi
-{
-    private static final X9IntegerConverter converter = new X9IntegerConverter();
-
-    private String                 kaAlgorithm;
-
-    private ECDomainParameters     parameters;
-    private ECVKOAgreement agreement;
-
-    private byte[]             result;
-
-    protected KeyAgreementSpi(
-        String kaAlgorithm,
-        ECVKOAgreement agreement,
-        DerivationFunction kdf)
-    {
-        super(kaAlgorithm, kdf);
-
-        this.kaAlgorithm = kaAlgorithm;
-        this.agreement = agreement;
-    }
-
-    protected Key engineDoPhase(
-        Key     key,
-        boolean lastPhase) 
-        throws InvalidKeyException, IllegalStateException
-    {
-        if (parameters == null)
-        {
-            throw new IllegalStateException(kaAlgorithm + " not initialised.");
-        }
-
-        if (!lastPhase)
-        {
-            throw new IllegalStateException(kaAlgorithm + " can only be between two parties.");
-        }
-
-        CipherParameters pubKey;
-        {
-            if (!(key instanceof PublicKey))
-            {
-                throw new InvalidKeyException(kaAlgorithm + " key agreement requires "
-                    + getSimpleName(ECPublicKey.class) + " for doPhase");
-            }
-
-            pubKey = generatePublicKeyParameter((PublicKey)key);
-        }
-
-        try
-        {
-            result = agreement.calculateAgreement(pubKey);
-        }
-        catch (final Exception e)
-        {
-            throw new InvalidKeyException("calculation failed: " + e.getMessage())
-            {
-                public Throwable getCause()
-                            {
-                                return e;
-                            }
-            };
-        }
-
-        return null;
-    }
-
-    protected void engineInit(
-        Key                     key,
-        AlgorithmParameterSpec  params,
-        SecureRandom            random) 
-        throws InvalidKeyException, InvalidAlgorithmParameterException
-    {
-        if (params != null && !(params instanceof UserKeyingMaterialSpec))
-        {
-            throw new InvalidAlgorithmParameterException("No algorithm parameters supported");
-        }
-
-        initFromKey(key, params);
-    }
-
-    protected void engineInit(
-        Key             key,
-        SecureRandom    random) 
-        throws InvalidKeyException
-    {
-        initFromKey(key, null);
-    }
-
-    private void initFromKey(Key key, AlgorithmParameterSpec parameterSpec)
-        throws InvalidKeyException
-    {
-        {
-            if (!(key instanceof PrivateKey))
-            {
-                throw new InvalidKeyException(kaAlgorithm + " key agreement requires "
-                    + getSimpleName(ECPrivateKey.class) + " for initialisation");
-            }
-
-            ECPrivateKeyParameters privKey = (ECPrivateKeyParameters)ECUtil.generatePrivateKeyParameter((PrivateKey)key);
-            this.parameters = privKey.getParameters();
-            ukmParameters = (parameterSpec instanceof UserKeyingMaterialSpec) ? ((UserKeyingMaterialSpec)parameterSpec).getUserKeyingMaterial() : null;
-            agreement.init(new ParametersWithUKM(privKey, ukmParameters));
-        }
-    }
-
-    private static String getSimpleName(Class clazz)
-    {
-        String fullName = clazz.getName();
-
-        return fullName.substring(fullName.lastIndexOf('.') + 1);
-    }
-
-    protected byte[] calcSecret()
-    {
-        return result;
-    }
-
-    static AsymmetricKeyParameter generatePublicKeyParameter(
-            PublicKey key)
-        throws InvalidKeyException
-    {
-        return (key instanceof BCECPublicKey) ? ((BCECGOST3410PublicKey)key).engineGetKeyParameters() : ECUtil.generatePublicKeyParameter(key);
-    }
-
-    public static class ECVKO
-        extends KeyAgreementSpi
-    {
-        public ECVKO()
-        {
-            super("ECGOST3410", new ECVKOAgreement(new GOST3411Digest()), null);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/KeyFactorySpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/KeyFactorySpi.java
deleted file mode 100644
index 09a232a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/KeyFactorySpi.java
+++ /dev/null

@@ -1,182 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.ecgost;
-
-import java.io.IOException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.interfaces.ECPrivateKey;
-import java.security.interfaces.ECPublicKey;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.KeySpec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi;
-import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECParameterSpec;
-import org.bouncycastle.jce.spec.ECPrivateKeySpec;
-import org.bouncycastle.jce.spec.ECPublicKeySpec;
-
-public class KeyFactorySpi
-    extends BaseKeyFactorySpi
-{
-    public KeyFactorySpi()
-    {
-    }
-
-    protected KeySpec engineGetKeySpec(
-        Key key,
-        Class spec)
-        throws InvalidKeySpecException
-    {
-       if (spec.isAssignableFrom(java.security.spec.ECPublicKeySpec.class) && key instanceof ECPublicKey)
-       {
-           ECPublicKey k = (ECPublicKey)key;
-           if (k.getParams() != null)
-           {
-               return new java.security.spec.ECPublicKeySpec(k.getW(), k.getParams());
-           }
-           else
-           {
-               ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
-
-               return new java.security.spec.ECPublicKeySpec(k.getW(), EC5Util.convertSpec(EC5Util.convertCurve(implicitSpec.getCurve(), implicitSpec.getSeed()), implicitSpec));
-           }
-       }
-       else if (spec.isAssignableFrom(java.security.spec.ECPrivateKeySpec.class) && key instanceof ECPrivateKey)
-       {
-           ECPrivateKey k = (ECPrivateKey)key;
-
-           if (k.getParams() != null)
-           {
-               return new java.security.spec.ECPrivateKeySpec(k.getS(), k.getParams());
-           }
-           else
-           {
-               ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
-
-               return new java.security.spec.ECPrivateKeySpec(k.getS(), EC5Util.convertSpec(EC5Util.convertCurve(implicitSpec.getCurve(), implicitSpec.getSeed()), implicitSpec));
-           }
-       }
-       else if (spec.isAssignableFrom(org.bouncycastle.jce.spec.ECPublicKeySpec.class) && key instanceof ECPublicKey)
-       {
-           ECPublicKey k = (ECPublicKey)key;
-           if (k.getParams() != null)
-           {
-               return new org.bouncycastle.jce.spec.ECPublicKeySpec(EC5Util.convertPoint(k.getParams(), k.getW(), false), EC5Util.convertSpec(k.getParams(), false));
-           }
-           else
-           {
-               ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
-
-               return new org.bouncycastle.jce.spec.ECPublicKeySpec(EC5Util.convertPoint(k.getParams(), k.getW(), false), implicitSpec);
-           }
-       }
-       else if (spec.isAssignableFrom(org.bouncycastle.jce.spec.ECPrivateKeySpec.class) && key instanceof ECPrivateKey)
-       {
-           ECPrivateKey k = (ECPrivateKey)key;
-
-           if (k.getParams() != null)
-           {
-               return new org.bouncycastle.jce.spec.ECPrivateKeySpec(k.getS(), EC5Util.convertSpec(k.getParams(), false));
-           }
-           else
-           {
-               ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
-
-               return new org.bouncycastle.jce.spec.ECPrivateKeySpec(k.getS(), implicitSpec);
-           }
-       }
-
-       return super.engineGetKeySpec(key, spec);
-    }
-
-    protected Key engineTranslateKey(
-        Key key)
-        throws InvalidKeyException
-    {
-        throw new InvalidKeyException("key type unknown");
-    }
-
-    protected PrivateKey engineGeneratePrivate(
-        KeySpec keySpec)
-        throws InvalidKeySpecException
-    {
-        if (keySpec instanceof ECPrivateKeySpec)
-        {
-            return new BCECGOST3410PrivateKey((ECPrivateKeySpec)keySpec);
-        }
-        else if (keySpec instanceof java.security.spec.ECPrivateKeySpec)
-        {
-            return new BCECGOST3410PrivateKey((java.security.spec.ECPrivateKeySpec)keySpec);
-        }
-
-        return super.engineGeneratePrivate(keySpec);
-    }
-
-    protected PublicKey engineGeneratePublic(
-        KeySpec keySpec)
-        throws InvalidKeySpecException
-    {
-        if (keySpec instanceof ECPublicKeySpec)
-        {
-            return new BCECGOST3410PublicKey((ECPublicKeySpec)keySpec, BouncyCastleProvider.CONFIGURATION);
-        }
-        else if (keySpec instanceof java.security.spec.ECPublicKeySpec)
-        {
-            return new BCECGOST3410PublicKey((java.security.spec.ECPublicKeySpec)keySpec);
-        }
-
-        return super.engineGeneratePublic(keySpec);
-    }
-
-    public PrivateKey generatePrivate(PrivateKeyInfo keyInfo)
-        throws IOException
-    {
-        ASN1ObjectIdentifier algOid = keyInfo.getPrivateKeyAlgorithm().getAlgorithm();
-
-        if (algOid.equals(CryptoProObjectIdentifiers.gostR3410_2001))
-        {
-            return new BCECGOST3410PrivateKey(keyInfo);
-        }
-        else if (algOid.equals(CryptoProObjectIdentifiers.gostR3410_2001DH))
-        {
-            return new BCECGOST3410PrivateKey(keyInfo);
-        }
-        else if (algOid.equals(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_ESDH))
-        {
-            return new BCECGOST3410PrivateKey(keyInfo);
-        }
-        else
-        {
-            throw new IOException("algorithm identifier " + algOid + " in key not recognised");
-        }
-    }
-
-    public PublicKey generatePublic(SubjectPublicKeyInfo keyInfo)
-        throws IOException
-    {
-        ASN1ObjectIdentifier algOid = keyInfo.getAlgorithm().getAlgorithm();
-
-        if (algOid.equals(CryptoProObjectIdentifiers.gostR3410_2001))
-        {
-            return new BCECGOST3410PublicKey(keyInfo);
-        }
-        else if (algOid.equals(CryptoProObjectIdentifiers.gostR3410_2001DH))
-        {
-            return new BCECGOST3410PublicKey(keyInfo);
-        }
-        else if (algOid.equals(CryptoProObjectIdentifiers.gostR3410_2001_CryptoPro_ESDH))
-        {
-            return new BCECGOST3410PublicKey(keyInfo);
-        }
-        else
-        {
-            throw new IOException("algorithm identifier " + algOid + " in key not recognised");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/KeyPairGeneratorSpi.java
deleted file mode 100644
index 07e3419..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/KeyPairGeneratorSpi.java
+++ /dev/null

@@ -1,199 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.ecgost;
-
-import java.math.BigInteger;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidParameterException;
-import java.security.KeyPair;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.ECGenParameterSpec;
-
-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.generators.ECKeyPairGenerator;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECGOST3410Parameters;
-import org.bouncycastle.crypto.params.ECKeyGenerationParameters;
-import org.bouncycastle.crypto.params.ECNamedDomainParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
-import org.bouncycastle.jcajce.spec.GOST3410ParameterSpec;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECNamedCurveGenParameterSpec;
-import org.bouncycastle.jce.spec.ECNamedCurveSpec;
-import org.bouncycastle.jce.spec.ECParameterSpec;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECPoint;
-
-public class KeyPairGeneratorSpi
-    extends java.security.KeyPairGenerator
-{
-    Object ecParams = null;
-    ECKeyPairGenerator engine = new ECKeyPairGenerator();
-
-    String algorithm = "ECGOST3410";
-    ECKeyGenerationParameters param;
-    int strength = 239;
-    SecureRandom random = null;
-    boolean initialised = false;
-
-    public KeyPairGeneratorSpi()
-    {
-        super("ECGOST3410");
-    }
-
-    public void initialize(
-        int strength,
-        SecureRandom random)
-    {
-        this.strength = strength;
-        this.random = random;
-
-        if (ecParams != null)
-        {
-            try
-            {
-                initialize((ECGenParameterSpec)ecParams, random);
-            }
-            catch (InvalidAlgorithmParameterException e)
-            {
-                throw new InvalidParameterException("key size not configurable.");
-            }
-        }
-        else
-        {
-            throw new InvalidParameterException("unknown key size.");
-        }
-    }
-
-    public void initialize(
-        AlgorithmParameterSpec params,
-        SecureRandom random)
-        throws InvalidAlgorithmParameterException
-    {
-        if (params instanceof GOST3410ParameterSpec)
-        {
-            GOST3410ParameterSpec gostParams = (GOST3410ParameterSpec)params;
-
-            init(gostParams, random);
-        }
-        else if (params instanceof ECParameterSpec)
-        {
-            ECParameterSpec p = (ECParameterSpec)params;
-            this.ecParams = params;
-
-            param = new ECKeyGenerationParameters(new ECDomainParameters(p.getCurve(), p.getG(), p.getN(), p.getH()), random);
-
-            engine.init(param);
-            initialised = true;
-        }
-        else if (params instanceof java.security.spec.ECParameterSpec)
-        {
-            java.security.spec.ECParameterSpec p = (java.security.spec.ECParameterSpec)params;
-            this.ecParams = params;
-
-            ECCurve curve = EC5Util.convertCurve(p.getCurve());
-            ECPoint g = EC5Util.convertPoint(curve, p.getGenerator(), false);
-
-            param = new ECKeyGenerationParameters(new ECDomainParameters(curve, g, p.getOrder(), BigInteger.valueOf(p.getCofactor())), random);
-
-            engine.init(param);
-            initialised = true;
-        }
-        else if (params instanceof ECGenParameterSpec || params instanceof ECNamedCurveGenParameterSpec)
-        {
-            String curveName;
-
-            if (params instanceof ECGenParameterSpec)
-            {
-                curveName = ((ECGenParameterSpec)params).getName();
-            }
-            else
-            {
-                curveName = ((ECNamedCurveGenParameterSpec)params).getName();
-            }
-
-            init(new GOST3410ParameterSpec(curveName), random);
-        }
-        else if (params == null && BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa() != null)
-        {
-            ECParameterSpec p = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
-            this.ecParams = params;
-
-            param = new ECKeyGenerationParameters(new ECDomainParameters(p.getCurve(), p.getG(), p.getN(), p.getH()), random);
-
-            engine.init(param);
-            initialised = true;
-        }
-        else if (params == null && BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa() == null)
-        {
-            throw new InvalidAlgorithmParameterException("null parameter passed but no implicitCA set");
-        }
-        else
-        {
-            throw new InvalidAlgorithmParameterException("parameter object not a ECParameterSpec: " + params.getClass().getName());
-        }
-    }
-
-    private void init(GOST3410ParameterSpec gostParams, SecureRandom random)
-        throws InvalidAlgorithmParameterException
-    {
-        ECDomainParameters ecP = ECGOST3410NamedCurves.getByOID(gostParams.getPublicKeyParamSet());
-        if (ecP == null)
-        {
-            throw new InvalidAlgorithmParameterException("unknown curve: " + gostParams.getPublicKeyParamSet());
-        }
-
-        this.ecParams = new ECNamedCurveSpec(
-            ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()),
-            ecP.getCurve(),
-            ecP.getG(),
-            ecP.getN(),
-            ecP.getH(),
-            ecP.getSeed());
-        
-        param = new ECKeyGenerationParameters(
-            new ECGOST3410Parameters(
-                new ECNamedDomainParameters(gostParams.getPublicKeyParamSet(), ecP),
-                gostParams.getPublicKeyParamSet(), gostParams.getDigestParamSet(), gostParams.getEncryptionParamSet()), random);
-
-        engine.init(param);
-        initialised = true;
-    }
-    
-    public KeyPair generateKeyPair()
-    {
-        if (!initialised)
-        {
-            throw new IllegalStateException("EC Key Pair Generator not initialised");
-        }
-
-        AsymmetricCipherKeyPair pair = engine.generateKeyPair();
-        ECPublicKeyParameters pub = (ECPublicKeyParameters)pair.getPublic();
-        ECPrivateKeyParameters priv = (ECPrivateKeyParameters)pair.getPrivate();
-
-        if (ecParams instanceof ECParameterSpec)
-        {
-            ECParameterSpec p = (ECParameterSpec)ecParams;
-
-            BCECGOST3410PublicKey pubKey = new BCECGOST3410PublicKey(algorithm, pub, p);
-            return new KeyPair(pubKey,
-                new BCECGOST3410PrivateKey(algorithm, priv, pubKey, p));
-        }
-        else if (ecParams == null)
-        {
-            return new KeyPair(new BCECGOST3410PublicKey(algorithm, pub),
-                new BCECGOST3410PrivateKey(algorithm, priv));
-        }
-        else
-        {
-            java.security.spec.ECParameterSpec p = (java.security.spec.ECParameterSpec)ecParams;
-
-            BCECGOST3410PublicKey pubKey = new BCECGOST3410PublicKey(algorithm, pub, p);
-
-            return new KeyPair(pubKey, new BCECGOST3410PrivateKey(algorithm, priv, pubKey, p));
-        }
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/SignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/SignatureSpi.java
deleted file mode 100644
index 3bda40f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost/SignatureSpi.java
+++ /dev/null

@@ -1,219 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.ecgost;
-
-import java.math.BigInteger;
-import java.security.InvalidKeyException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SignatureException;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DSAExt;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.GOST3411Digest;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.signers.ECGOST3410Signer;
-import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
-import org.bouncycastle.jcajce.provider.asymmetric.util.GOST3410Util;
-import org.bouncycastle.jce.interfaces.ECKey;
-import org.bouncycastle.jce.interfaces.ECPublicKey;
-import org.bouncycastle.jce.interfaces.GOST3410Key;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-
-public class SignatureSpi
-    extends java.security.SignatureSpi
-    implements PKCSObjectIdentifiers, X509ObjectIdentifiers
-{
-    private Digest                  digest;
-    private DSAExt                  signer;
-
-    public SignatureSpi()
-    {
-        this.digest = new GOST3411Digest();
-        this.signer = new ECGOST3410Signer();
-    }
-
-    protected void engineInitVerify(
-        PublicKey   publicKey)
-        throws InvalidKeyException
-    {
-        CipherParameters    param;
-
-        if (publicKey instanceof ECPublicKey)
-        {
-            param = generatePublicKeyParameter(publicKey);
-        }
-        else if (publicKey instanceof GOST3410Key)
-        {
-            param = GOST3410Util.generatePublicKeyParameter(publicKey);
-        }
-        else
-        {
-            try
-            {
-                byte[]  bytes = publicKey.getEncoded();
-
-                publicKey = BouncyCastleProvider.getPublicKey(SubjectPublicKeyInfo.getInstance(bytes));
-
-                param = ECUtil.generatePublicKeyParameter(publicKey);
-            }
-            catch (Exception e)
-            {
-                throw new InvalidKeyException("can't recognise key type in DSA based signer");
-            }
-        }
-
-        digest.reset();
-        signer.init(false, param);
-    }
-
-    protected void engineInitSign(
-        PrivateKey  privateKey)
-        throws InvalidKeyException
-    {
-        CipherParameters    param;
-
-        if (privateKey instanceof ECKey)
-        {
-            param = ECUtil.generatePrivateKeyParameter(privateKey);
-        }
-        else
-        {
-            param = GOST3410Util.generatePrivateKeyParameter(privateKey);
-        }
-
-        digest.reset();
-
-        if (appRandom != null)
-        {
-            signer.init(true, new ParametersWithRandom(param, appRandom));
-        }
-        else
-        {
-            signer.init(true, param);
-        }
-    }
-
-    protected void engineUpdate(
-        byte    b)
-        throws SignatureException
-    {
-        digest.update(b);
-    }
-
-    protected void engineUpdate(
-        byte[]  b,
-        int     off,
-        int     len) 
-        throws SignatureException
-    {
-        digest.update(b, off, len);
-    }
-
-    protected byte[] engineSign()
-        throws SignatureException
-    {
-        byte[]  hash = new byte[digest.getDigestSize()];
-
-        digest.doFinal(hash, 0);
-
-        try
-        {
-            byte[]          sigBytes = new byte[64];
-            BigInteger[]    sig = signer.generateSignature(hash);
-            byte[]          r = sig[0].toByteArray();
-            byte[]          s = sig[1].toByteArray();
-
-            if (s[0] != 0)
-            {
-                System.arraycopy(s, 0, sigBytes, 32 - s.length, s.length);
-            }
-            else
-            {
-                System.arraycopy(s, 1, sigBytes, 32 - (s.length - 1), s.length - 1);
-            }
-            
-            if (r[0] != 0)
-            {
-                System.arraycopy(r, 0, sigBytes, 64 - r.length, r.length);
-            }
-            else
-            {
-                System.arraycopy(r, 1, sigBytes, 64 - (r.length - 1), r.length - 1);
-            }
-
-            return sigBytes;
-        }
-        catch (Exception e)
-        {
-            throw new SignatureException(e.toString());
-        }
-    }
-    
-    protected boolean engineVerify(
-        byte[]  sigBytes) 
-        throws SignatureException
-    {
-        byte[]  hash = new byte[digest.getDigestSize()];
-
-        digest.doFinal(hash, 0);
-
-        BigInteger[]    sig;
-
-        try
-        {
-            byte[] r = new byte[32]; 
-            byte[] s = new byte[32];
-
-            System.arraycopy(sigBytes, 0, s, 0, 32);
-
-            System.arraycopy(sigBytes, 32, r, 0, 32);
-            
-            sig = new BigInteger[2];
-            sig[0] = new BigInteger(1, r);
-            sig[1] = new BigInteger(1, s);
-        }
-        catch (Exception e)
-        {
-            throw new SignatureException("error decoding signature bytes.");
-        }
-
-        return signer.verifySignature(hash, sig[0], sig[1]);
-    }
-
-    protected void engineSetParameter(
-        AlgorithmParameterSpec params)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    /**
-     * @deprecated replaced with #engineSetParameter(java.security.spec.AlgorithmParameterSpec)
-     */
-    protected void engineSetParameter(
-        String  param,
-        Object  value)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    /**
-     * @deprecated
-     */
-    protected Object engineGetParameter(
-        String      param)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    static AsymmetricKeyParameter generatePublicKeyParameter(
-            PublicKey key)
-    throws InvalidKeyException
-    {
-        return (key instanceof BCECGOST3410PublicKey) ? ((BCECGOST3410PublicKey)key).engineGetKeyParameters() : ECUtil.generatePublicKeyParameter(key);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost12/BCECGOST3410_2012PrivateKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost12/BCECGOST3410_2012PrivateKey.java
deleted file mode 100644
index 5919257..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost12/BCECGOST3410_2012PrivateKey.java
+++ /dev/null

@@ -1,532 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.ecgost12;
-
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.math.BigInteger;
-import java.security.interfaces.ECPrivateKey;
-import java.security.spec.ECParameterSpec;
-import java.security.spec.ECPrivateKeySpec;
-import java.security.spec.EllipticCurve;
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
-import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x9.X962Parameters;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
-import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
-import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl;
-import org.bouncycastle.jce.ECGOST3410NamedCurveTable;
-import org.bouncycastle.jce.interfaces.ECPointEncoder;
-import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
-import org.bouncycastle.jce.spec.ECNamedCurveSpec;
-import org.bouncycastle.math.ec.ECCurve;
-
-/**
- * Represent two kind of GOST34.10 2012 PrivateKeys: with 256 and 512 size
- */
-public class BCECGOST3410_2012PrivateKey
-    implements ECPrivateKey, org.bouncycastle.jce.interfaces.ECPrivateKey, PKCS12BagAttributeCarrier, ECPointEncoder
-{
-    static final long serialVersionUID = 7245981689601667138L;
-
-    private String algorithm = "ECGOST3410-2012";
-    private boolean withCompression;
-
-    private transient GOST3410PublicKeyAlgParameters gostParams;
-    private transient BigInteger d;
-    private transient ECParameterSpec ecSpec;
-    private transient DERBitString publicKey;
-    private transient PKCS12BagAttributeCarrierImpl attrCarrier = new PKCS12BagAttributeCarrierImpl();
-
-    protected BCECGOST3410_2012PrivateKey()
-    {
-    }
-
-    public BCECGOST3410_2012PrivateKey(
-        ECPrivateKey key)
-    {
-        this.d = key.getS();
-        this.algorithm = key.getAlgorithm();
-        this.ecSpec = key.getParams();
-    }
-
-    public BCECGOST3410_2012PrivateKey(
-        org.bouncycastle.jce.spec.ECPrivateKeySpec spec)
-    {
-        this.d = spec.getD();
-
-        if (spec.getParams() != null) // can be null if implicitlyCA
-        {
-            ECCurve curve = spec.getParams().getCurve();
-            EllipticCurve ellipticCurve;
-
-            ellipticCurve = EC5Util.convertCurve(curve, spec.getParams().getSeed());
-
-            this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec.getParams());
-        }
-        else
-        {
-            this.ecSpec = null;
-        }
-    }
-
-
-    public BCECGOST3410_2012PrivateKey(
-        ECPrivateKeySpec spec)
-    {
-        this.d = spec.getS();
-        this.ecSpec = spec.getParams();
-    }
-
-    public BCECGOST3410_2012PrivateKey(
-        BCECGOST3410_2012PrivateKey key)
-    {
-        this.d = key.d;
-        this.ecSpec = key.ecSpec;
-        this.withCompression = key.withCompression;
-        this.attrCarrier = key.attrCarrier;
-        this.publicKey = key.publicKey;
-        this.gostParams = key.gostParams;
-    }
-
-    public BCECGOST3410_2012PrivateKey(
-        String algorithm,
-        ECPrivateKeyParameters params,
-        BCECGOST3410_2012PublicKey pubKey,
-        ECParameterSpec spec)
-    {
-        ECDomainParameters dp = params.getParameters();
-
-        this.algorithm = algorithm;
-        this.d = params.getD();
-
-        if (spec == null)
-        {
-            EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed());
-
-            this.ecSpec = new ECParameterSpec(
-                ellipticCurve,
-                EC5Util.convertPoint(dp.getG()),
-                dp.getN(),
-                dp.getH().intValue());
-        }
-        else
-        {
-            this.ecSpec = spec;
-        }
-
-        this.gostParams = pubKey.getGostParams();
-
-        publicKey = getPublicKeyDetails(pubKey);
-    }
-
-    public BCECGOST3410_2012PrivateKey(
-        String algorithm,
-        ECPrivateKeyParameters params,
-        BCECGOST3410_2012PublicKey pubKey,
-        org.bouncycastle.jce.spec.ECParameterSpec spec)
-    {
-        ECDomainParameters dp = params.getParameters();
-
-        this.algorithm = algorithm;
-        this.d = params.getD();
-
-        if (spec == null)
-        {
-            EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed());
-
-            this.ecSpec = new ECParameterSpec(
-                ellipticCurve,
-                EC5Util.convertPoint(dp.getG()),
-                dp.getN(),
-                dp.getH().intValue());
-        }
-        else
-        {
-            EllipticCurve ellipticCurve = EC5Util.convertCurve(spec.getCurve(), spec.getSeed());
-
-            this.ecSpec = new ECParameterSpec(
-                ellipticCurve,
-                EC5Util.convertPoint(spec.getG()),
-                spec.getN(),
-                spec.getH().intValue());
-        }
-
-        this.gostParams = pubKey.getGostParams();
-
-        publicKey = getPublicKeyDetails(pubKey);
-    }
-
-    public BCECGOST3410_2012PrivateKey(
-        String algorithm,
-        ECPrivateKeyParameters params)
-    {
-        this.algorithm = algorithm;
-        this.d = params.getD();
-        this.ecSpec = null;
-    }
-
-    BCECGOST3410_2012PrivateKey(
-        PrivateKeyInfo info)
-        throws IOException
-    {
-        populateFromPrivKeyInfo(info);
-    }
-
-    private void populateFromPrivKeyInfo(PrivateKeyInfo info)
-        throws IOException
-    {
-        ASN1Primitive p = info.getPrivateKeyAlgorithm().getParameters().toASN1Primitive();
-
-        if (p instanceof ASN1Sequence && (ASN1Sequence.getInstance(p).size() == 2 || ASN1Sequence.getInstance(p).size() == 3))
-        {
-            gostParams = GOST3410PublicKeyAlgParameters.getInstance(info.getPrivateKeyAlgorithm().getParameters());
-
-            ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()));
-
-            ECCurve curve = spec.getCurve();
-            EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed());
-
-            ecSpec = new ECNamedCurveSpec(
-                ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()),
-                ellipticCurve,
-                EC5Util.convertPoint(spec.getG()),
-                spec.getN(), spec.getH());
-
-            ASN1Encodable privKey = info.parsePrivateKey();
-
-            if (privKey instanceof ASN1Integer)
-            {
-                this.d = ASN1Integer.getInstance(privKey).getPositiveValue();
-            }
-            else
-            {
-                byte[] encVal = ASN1OctetString.getInstance(privKey).getOctets();
-                byte[] dVal = new byte[encVal.length];
-
-                for (int i = 0; i != encVal.length; i++)
-                {
-                    dVal[i] = encVal[encVal.length - 1 - i];
-                }
-
-                this.d = new BigInteger(1, dVal);
-            }
-        }
-        else
-        {
-            // for backwards compatibility
-            X962Parameters params = X962Parameters.getInstance(info.getPrivateKeyAlgorithm().getParameters());
-
-            if (params.isNamedCurve())
-            {
-                ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters());
-                X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
-
-                if (ecP == null) // GOST Curve
-                {
-                    ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid);
-                    EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed());
-
-                    ecSpec = new ECNamedCurveSpec(
-                        ECGOST3410NamedCurves.getName(oid),
-                        ellipticCurve,
-                        EC5Util.convertPoint(gParam.getG()),
-                        gParam.getN(),
-                        gParam.getH());
-                }
-                else
-                {
-                    EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
-
-                    ecSpec = new ECNamedCurveSpec(
-                        ECUtil.getCurveName(oid),
-                        ellipticCurve,
-                        EC5Util.convertPoint(ecP.getG()),
-                        ecP.getN(),
-                        ecP.getH());
-                }
-            }
-            else if (params.isImplicitlyCA())
-            {
-                ecSpec = null;
-            }
-            else
-            {
-                X9ECParameters ecP = X9ECParameters.getInstance(params.getParameters());
-                EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
-
-                this.ecSpec = new ECParameterSpec(
-                    ellipticCurve,
-                    EC5Util.convertPoint(ecP.getG()),
-                    ecP.getN(),
-                    ecP.getH().intValue());
-            }
-
-            ASN1Encodable privKey = info.parsePrivateKey();
-            if (privKey instanceof ASN1Integer)
-            {
-                ASN1Integer derD = ASN1Integer.getInstance(privKey);
-
-                this.d = derD.getValue();
-            }
-            else
-            {
-                org.bouncycastle.asn1.sec.ECPrivateKey ec = org.bouncycastle.asn1.sec.ECPrivateKey.getInstance(privKey);
-
-                this.d = ec.getKey();
-                this.publicKey = ec.getPublicKey();
-            }
-        }
-    }
-
-    public String getAlgorithm()
-    {
-        return algorithm;
-    }
-
-    /**
-     * return the encoding format we produce in getEncoded().
-     *
-     * @return the string "PKCS#8"
-     */
-    public String getFormat()
-    {
-        return "PKCS#8";
-    }
-
-    /**
-     * Return a PKCS8 representation of the key. The sequence returned
-     * represents a full PrivateKeyInfo object.
-     *
-     * @return a PKCS8 representation of the key.
-     */
-    public byte[] getEncoded()
-    {
-        boolean is512 = d.bitLength() > 256;
-        ASN1ObjectIdentifier identifier = (is512)?
-                RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512 :
-                RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256;
-        int size = (is512) ? 64 : 32;
-
-        if (gostParams != null)
-        {
-            byte[] encKey = new byte[size];
-
-            extractBytes(encKey, size,0, this.getS());
-
-            try
-            {
-                PrivateKeyInfo info = new PrivateKeyInfo(new AlgorithmIdentifier(identifier, gostParams), new DEROctetString(encKey));
-
-                return info.getEncoded(ASN1Encoding.DER);
-            }
-            catch (IOException e)
-            {
-                return null;
-            }
-        }
-        else
-        {
-            X962Parameters params;
-            int orderBitLength;
-
-            if (ecSpec instanceof ECNamedCurveSpec)
-            {
-                ASN1ObjectIdentifier curveOid = ECUtil.getNamedCurveOid(((ECNamedCurveSpec)ecSpec).getName());
-                if (curveOid == null)  // guess it's the OID
-                {
-                    curveOid = new ASN1ObjectIdentifier(((ECNamedCurveSpec)ecSpec).getName());
-                }
-                params = new X962Parameters(curveOid);
-                orderBitLength = ECUtil.getOrderBitLength(BouncyCastleProvider.CONFIGURATION, ecSpec.getOrder(), this.getS());
-            }
-            else if (ecSpec == null)
-            {
-                params = new X962Parameters(DERNull.INSTANCE);
-                orderBitLength = ECUtil.getOrderBitLength(BouncyCastleProvider.CONFIGURATION, null, this.getS());
-            }
-            else
-            {
-                ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
-
-                X9ECParameters ecP = new X9ECParameters(
-                    curve,
-                    EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression),
-                    ecSpec.getOrder(),
-                    BigInteger.valueOf(ecSpec.getCofactor()),
-                    ecSpec.getCurve().getSeed());
-
-                params = new X962Parameters(ecP);
-                orderBitLength = ECUtil.getOrderBitLength(BouncyCastleProvider.CONFIGURATION, ecSpec.getOrder(), this.getS());
-            }
-
-            PrivateKeyInfo info;
-            org.bouncycastle.asn1.sec.ECPrivateKey keyStructure;
-
-            if (publicKey != null)
-            {
-                keyStructure = new org.bouncycastle.asn1.sec.ECPrivateKey(orderBitLength, this.getS(), publicKey, params);
-            }
-            else
-            {
-                keyStructure = new org.bouncycastle.asn1.sec.ECPrivateKey(orderBitLength, this.getS(), params);
-            }
-
-            try
-            {
-                info = new PrivateKeyInfo(new AlgorithmIdentifier(identifier, params.toASN1Primitive()), keyStructure.toASN1Primitive());
-
-                return info.getEncoded(ASN1Encoding.DER);
-            }
-            catch (IOException e)
-            {
-                return null;
-            }
-        }
-    }
-
-    private void extractBytes(byte[] encKey, int size, int offSet, BigInteger bI)
-    {
-        byte[] val = bI.toByteArray();
-        if (val.length < size)
-        {
-            byte[] tmp = new byte[size];
-            System.arraycopy(val, 0, tmp, tmp.length - val.length, val.length);
-            val = tmp;
-        }
-
-        for (int i = 0; i != size; i++)
-        {
-            encKey[offSet + i] = val[val.length - 1 - i];
-        }
-    }
-
-    public ECParameterSpec getParams()
-    {
-        return ecSpec;
-    }
-
-    public org.bouncycastle.jce.spec.ECParameterSpec getParameters()
-    {
-        if (ecSpec == null)
-        {
-            return null;
-        }
-
-        return EC5Util.convertSpec(ecSpec, withCompression);
-    }
-
-    org.bouncycastle.jce.spec.ECParameterSpec engineGetSpec()
-    {
-        if (ecSpec != null)
-        {
-            return EC5Util.convertSpec(ecSpec, withCompression);
-        }
-
-        return BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
-    }
-
-    public BigInteger getS()
-    {
-        return d;
-    }
-
-    public BigInteger getD()
-    {
-        return d;
-    }
-
-    public void setBagAttribute(
-        ASN1ObjectIdentifier oid,
-        ASN1Encodable attribute)
-    {
-        attrCarrier.setBagAttribute(oid, attribute);
-    }
-
-    public ASN1Encodable getBagAttribute(
-        ASN1ObjectIdentifier oid)
-    {
-        return attrCarrier.getBagAttribute(oid);
-    }
-
-    public Enumeration getBagAttributeKeys()
-    {
-        return attrCarrier.getBagAttributeKeys();
-    }
-
-    public void setPointFormat(String style)
-    {
-        withCompression = !("UNCOMPRESSED".equalsIgnoreCase(style));
-    }
-
-    public boolean equals(Object o)
-    {
-        if (!(o instanceof BCECGOST3410_2012PrivateKey))
-        {
-            return false;
-        }
-
-        BCECGOST3410_2012PrivateKey other = (BCECGOST3410_2012PrivateKey)o;
-
-        return getD().equals(other.getD()) && (engineGetSpec().equals(other.engineGetSpec()));
-    }
-
-    public int hashCode()
-    {
-        return getD().hashCode() ^ engineGetSpec().hashCode();
-    }
-
-    public String toString()
-    {
-        return ECUtil.privateKeyToString(algorithm, d, engineGetSpec());
-    }
-
-    private DERBitString getPublicKeyDetails(BCECGOST3410_2012PublicKey pub)
-    {
-        SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(pub.getEncoded());
-
-        return info.getPublicKeyData();
-    }
-
-    private void readObject(
-        ObjectInputStream in)
-        throws IOException, ClassNotFoundException
-    {
-        in.defaultReadObject();
-
-        byte[] enc = (byte[])in.readObject();
-
-        populateFromPrivKeyInfo(PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(enc)));
-
-        this.attrCarrier = new PKCS12BagAttributeCarrierImpl();
-    }
-
-    private void writeObject(
-        ObjectOutputStream out)
-        throws IOException
-    {
-        out.defaultWriteObject();
-
-        out.writeObject(this.getEncoded());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost12/BCECGOST3410_2012PublicKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost12/BCECGOST3410_2012PublicKey.java
deleted file mode 100644
index af89a5d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost12/BCECGOST3410_2012PublicKey.java
+++ /dev/null

@@ -1,456 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.ecgost12;
-
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.math.BigInteger;
-import java.security.interfaces.ECPublicKey;
-import java.security.spec.ECParameterSpec;
-import java.security.spec.ECPoint;
-import java.security.spec.ECPublicKeySpec;
-import java.security.spec.EllipticCurve;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
-import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x9.X962Parameters;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECGOST3410Parameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
-import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
-import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil;
-import org.bouncycastle.jcajce.provider.config.ProviderConfiguration;
-import org.bouncycastle.jce.ECGOST3410NamedCurveTable;
-import org.bouncycastle.jce.interfaces.ECPointEncoder;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
-import org.bouncycastle.jce.spec.ECNamedCurveSpec;
-import org.bouncycastle.math.ec.ECCurve;
-
-/**
- * Represent two kind of GOST34.10 2012 PublicKeys: with 256 and 512 size
- */
-public class BCECGOST3410_2012PublicKey
-    implements ECPublicKey, org.bouncycastle.jce.interfaces.ECPublicKey, ECPointEncoder
-{
-    static final long serialVersionUID = 7026240464295649314L;
-
-    private String algorithm = "ECGOST3410-2012";
-    private boolean withCompression;
-
-    private transient ECPublicKeyParameters ecPublicKey;
-    private transient ECParameterSpec ecSpec;
-    private transient GOST3410PublicKeyAlgParameters gostParams;
-
-    public BCECGOST3410_2012PublicKey(
-        BCECGOST3410_2012PublicKey key)
-    {
-        this.ecPublicKey = key.ecPublicKey;
-        this.ecSpec = key.ecSpec;
-        this.withCompression = key.withCompression;
-        this.gostParams = key.gostParams;
-    }
-
-    public BCECGOST3410_2012PublicKey(
-        ECPublicKeySpec spec)
-    {
-        this.ecSpec = spec.getParams();
-        this.ecPublicKey = new ECPublicKeyParameters(EC5Util.convertPoint(ecSpec, spec.getW(), false), EC5Util.getDomainParameters(null, spec.getParams()));
-    }
-
-    public BCECGOST3410_2012PublicKey(
-        org.bouncycastle.jce.spec.ECPublicKeySpec spec,
-        ProviderConfiguration configuration)
-    {
-        if (spec.getParams() != null) // can be null if implictlyCa
-        {
-            ECCurve curve = spec.getParams().getCurve();
-            EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getParams().getSeed());
-
-            // this may seem a little long-winded but it's how we pick up the custom curve.
-            this.ecPublicKey = new ECPublicKeyParameters(
-                spec.getQ(), ECUtil.getDomainParameters(configuration, spec.getParams()));
-            this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec.getParams());
-        }
-        else
-        {
-            org.bouncycastle.jce.spec.ECParameterSpec s = configuration.getEcImplicitlyCa();
-
-            this.ecPublicKey = new ECPublicKeyParameters(s.getCurve().createPoint(spec.getQ().getAffineXCoord().toBigInteger(), spec.getQ().getAffineYCoord().toBigInteger()), EC5Util.getDomainParameters(configuration, (ECParameterSpec)null));
-            this.ecSpec = null;
-        }
-    }
-
-    public BCECGOST3410_2012PublicKey(
-        String algorithm,
-        ECPublicKeyParameters params,
-        ECParameterSpec spec)
-    {
-        ECDomainParameters dp = params.getParameters();
-
-        this.algorithm = algorithm;
-        this.ecPublicKey = params;
-
-        if (dp instanceof ECGOST3410Parameters)
-        {
-            ECGOST3410Parameters p = (ECGOST3410Parameters)dp;
-
-            this.gostParams = new GOST3410PublicKeyAlgParameters(p.getPublicKeyParamSet(),
-                                                p.getDigestParamSet(), p.getEncryptionParamSet());
-        }
-
-        if (spec == null)
-        {
-            EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed());
-
-            this.ecSpec = createSpec(ellipticCurve, dp);
-        }
-        else
-        {
-            this.ecSpec = spec;
-        }
-
-
-    }
-
-    public BCECGOST3410_2012PublicKey(
-        String algorithm,
-        ECPublicKeyParameters params,
-        org.bouncycastle.jce.spec.ECParameterSpec spec)
-    {
-        ECDomainParameters dp = params.getParameters();
-
-        this.algorithm = algorithm;
-        this.ecPublicKey = params;
-
-        if (spec == null)
-        {
-            EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed());
-
-            this.ecSpec = createSpec(ellipticCurve, dp);
-        }
-        else
-        {
-            EllipticCurve ellipticCurve = EC5Util.convertCurve(spec.getCurve(), spec.getSeed());
-
-            this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec);
-        }
-    }
-
-    /*
-     * called for implicitCA
-     */
-    public BCECGOST3410_2012PublicKey(
-        String algorithm,
-        ECPublicKeyParameters params)
-    {
-        this.algorithm = algorithm;
-        this.ecPublicKey = params;
-        this.ecSpec = null;
-    }
-
-    private ECParameterSpec createSpec(EllipticCurve ellipticCurve, ECDomainParameters dp)
-    {
-        return new ECParameterSpec(
-            ellipticCurve,
-            EC5Util.convertPoint(dp.getG()),
-            dp.getN(),
-            dp.getH().intValue());
-    }
-
-    public BCECGOST3410_2012PublicKey(
-        ECPublicKey key)
-    {
-        this.algorithm = key.getAlgorithm();
-        this.ecSpec = key.getParams();
-        this.ecPublicKey = new ECPublicKeyParameters(EC5Util.convertPoint(this.ecSpec, key.getW(), false), EC5Util.getDomainParameters(null, key.getParams()));
-    }
-
-    BCECGOST3410_2012PublicKey(
-        SubjectPublicKeyInfo info)
-    {
-        populateFromPubKeyInfo(info);
-    }
-
-    private void populateFromPubKeyInfo(SubjectPublicKeyInfo info)
-    {
-        ASN1ObjectIdentifier algOid = info.getAlgorithm().getAlgorithm();
-        DERBitString bits = info.getPublicKeyData();
-        ASN1OctetString key;
-        this.algorithm = "ECGOST3410-2012";
-
-        try
-        {
-            key = (ASN1OctetString)ASN1Primitive.fromByteArray(bits.getBytes());
-        }
-        catch (IOException ex)
-        {
-            throw new IllegalArgumentException("error recovering public key");
-        }
-
-        byte[] keyEnc = key.getOctets();
-
-        int fieldSize = 32;
-        if (algOid.equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512))
-        {
-            fieldSize = 64;
-        }
-
-        int keySize = 2 * fieldSize;
-
-        byte[] x9Encoding = new byte[1 + keySize];
-        x9Encoding[0] = 0x04;
-        for (int i = 1; i <= fieldSize; ++i)
-        {
-            x9Encoding[i            ] = keyEnc[fieldSize - i];
-            x9Encoding[i + fieldSize] = keyEnc[keySize - i];
-        }
-
-        this.gostParams = GOST3410PublicKeyAlgParameters.getInstance(info.getAlgorithm().getParameters());
-
-        ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()));
-
-        ECCurve curve = spec.getCurve();
-        EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed());
-
-        this.ecPublicKey = new ECPublicKeyParameters(curve.decodePoint(x9Encoding), ECUtil.getDomainParameters(null, spec));
-
-        this.ecSpec = new ECNamedCurveSpec(
-            ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()),
-            ellipticCurve,
-            EC5Util.convertPoint(spec.getG()),
-            spec.getN(), spec.getH());
-    }
-
-    public String getAlgorithm()
-    {
-        return algorithm;
-    }
-
-    public String getFormat()
-    {
-        return "X.509";
-    }
-
-    public byte[] getEncoded()
-    {
-        ASN1Encodable params;
-        SubjectPublicKeyInfo info;
-
-//        ecPublicKey.getQ().
-        BigInteger bX = this.ecPublicKey.getQ().getAffineXCoord().toBigInteger();
-        BigInteger bY = this.ecPublicKey.getQ().getAffineYCoord().toBigInteger();
-
-        // need to detect key size
-        boolean is512 = (bX.bitLength() > 256);
-
-        params = getGostParams();
-
-        if (params == null)
-        {
-            if (ecSpec instanceof ECNamedCurveSpec)
-            {
-                if (is512)
-                {
-                    params = new GOST3410PublicKeyAlgParameters(
-                        ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()),
-                        RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512);
-                }
-                else
-                {
-                    params = new GOST3410PublicKeyAlgParameters(
-                        ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()),
-                        RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256);
-                }
-            }
-            else
-            {   // strictly speaking this may not be applicable...
-                ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
-
-                X9ECParameters ecP = new X9ECParameters(
-                    curve,
-                    EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression),
-                    ecSpec.getOrder(),
-                    BigInteger.valueOf(ecSpec.getCofactor()),
-                    ecSpec.getCurve().getSeed());
-
-                params = new X962Parameters(ecP);
-            }
-        }
-
-        int encKeySize;
-        int offset;
-        ASN1ObjectIdentifier algIdentifier;
-        if (is512)
-        {
-            encKeySize = 128;
-            offset = 64;
-            algIdentifier = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512;
-        }
-        else
-        {
-            encKeySize = 64;
-            offset = 32;
-            algIdentifier = RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256;
-        }
-
-        byte[] encKey = new byte[encKeySize];
-
-        extractBytes(encKey, encKeySize / 2, 0, bX);
-        extractBytes(encKey, encKeySize / 2, offset, bY);
-
-        try
-        {
-            info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(algIdentifier, params),
-                new DEROctetString(encKey));
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-
-        return KeyUtil.getEncodedSubjectPublicKeyInfo(info);
-    }
-
-    private void extractBytes(byte[] encKey, int size, int offSet, BigInteger bI)
-    {
-        byte[] val = bI.toByteArray();
-        if (val.length < size)
-        {
-            byte[] tmp = new byte[size];
-            System.arraycopy(val, 0, tmp, tmp.length - val.length, val.length);
-            val = tmp;
-        }
-
-        for (int i = 0; i != size; i++)
-        {
-            encKey[offSet + i] = val[val.length - 1 - i];
-        }
-    }
-
-    public ECParameterSpec getParams()
-    {
-        return ecSpec;
-    }
-
-    public org.bouncycastle.jce.spec.ECParameterSpec getParameters()
-    {
-        if (ecSpec == null)     // implictlyCA
-        {
-            return null;
-        }
-
-        return EC5Util.convertSpec(ecSpec, withCompression);
-    }
-
-    public ECPoint getW()
-    {
-        return EC5Util.convertPoint(ecPublicKey.getQ());
-    }
-
-    public org.bouncycastle.math.ec.ECPoint getQ()
-    {
-        if (ecSpec == null)
-        {
-            return ecPublicKey.getQ().getDetachedPoint();
-        }
-
-        return ecPublicKey.getQ();
-    }
-
-    ECPublicKeyParameters engineGetKeyParameters()
-    {
-        return ecPublicKey;
-    }
-
-    org.bouncycastle.jce.spec.ECParameterSpec engineGetSpec()
-    {
-        if (ecSpec != null)
-        {
-            return EC5Util.convertSpec(ecSpec, withCompression);
-        }
-
-        return BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
-    }
-
-    public String toString()
-    {
-        return ECUtil.publicKeyToString(algorithm, ecPublicKey.getQ(), engineGetSpec());
-    }
-
-    public void setPointFormat(String style)
-    {
-        withCompression = !("UNCOMPRESSED".equalsIgnoreCase(style));
-    }
-
-    public boolean equals(Object o)
-    {
-        if (!(o instanceof BCECGOST3410_2012PublicKey))
-        {
-            return false;
-        }
-
-        BCECGOST3410_2012PublicKey other = (BCECGOST3410_2012PublicKey)o;
-
-        return ecPublicKey.getQ().equals(other.ecPublicKey.getQ()) && (engineGetSpec().equals(other.engineGetSpec()));
-    }
-
-    public int hashCode()
-    {
-        return ecPublicKey.getQ().hashCode() ^ engineGetSpec().hashCode();
-    }
-
-    private void readObject(
-        ObjectInputStream in)
-        throws IOException, ClassNotFoundException
-    {
-        in.defaultReadObject();
-
-        byte[] enc = (byte[])in.readObject();
-
-        populateFromPubKeyInfo(SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(enc)));
-    }
-
-    private void writeObject(
-        ObjectOutputStream out)
-        throws IOException
-    {
-        out.defaultWriteObject();
-
-        out.writeObject(this.getEncoded());
-    }
-
-    public GOST3410PublicKeyAlgParameters getGostParams()
-    {
-        if (gostParams == null && ecSpec instanceof ECNamedCurveSpec)
-        {
-            BigInteger bX = this.ecPublicKey.getQ().getAffineXCoord().toBigInteger();
-
-            // need to detect key size
-            boolean is512 = (bX.bitLength() > 256);
-            if (is512)
-            {
-                this.gostParams = new GOST3410PublicKeyAlgParameters(
-                    ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()),
-                    RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512);
-            }
-            else
-            {
-                this.gostParams = new GOST3410PublicKeyAlgParameters(
-                    ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()),
-                    RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256);
-            }
-        }
-        return gostParams;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost12/ECGOST2012SignatureSpi256.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost12/ECGOST2012SignatureSpi256.java
deleted file mode 100644
index bfa73e9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost12/ECGOST2012SignatureSpi256.java
+++ /dev/null

@@ -1,228 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.ecgost12;
-
-import java.math.BigInteger;
-import java.security.InvalidKeyException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SignatureException;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
-import org.bouncycastle.crypto.DSAExt;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.GOST3411_2012_256Digest;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.ECKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.signers.ECGOST3410_2012Signer;
-import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
-import org.bouncycastle.jce.interfaces.ECKey;
-import org.bouncycastle.jce.interfaces.ECPublicKey;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-
-/**
- * Signature for GOST34.10 2012 256. Algorithm is the same as for GOST34.10 2001
- */
-public class ECGOST2012SignatureSpi256
-    extends java.security.SignatureSpi
-    implements PKCSObjectIdentifiers, X509ObjectIdentifiers
-{
-    private Digest                  digest;
-    private DSAExt                  signer;
-    private int size = 64;
-    private int halfSize = size/2;
-
-    public ECGOST2012SignatureSpi256()
-    {
-        this.digest = new GOST3411_2012_256Digest();
-        this.signer = new ECGOST3410_2012Signer();
-    }
-
-    protected void engineInitVerify(
-        PublicKey   publicKey)
-        throws InvalidKeyException
-    {
-        ECKeyParameters    param;
-
-        if (publicKey instanceof ECPublicKey)
-        {
-            param = (ECKeyParameters)generatePublicKeyParameter(publicKey);
-        }
-        else
-        {
-            try
-            {
-                byte[]  bytes = publicKey.getEncoded();
-
-                publicKey = BouncyCastleProvider.getPublicKey(SubjectPublicKeyInfo.getInstance(bytes));
-
-                param = (ECKeyParameters)ECUtil.generatePublicKeyParameter(publicKey);
-            }
-            catch (Exception e)
-            {
-                throw new InvalidKeyException("cannot recognise key type in ECGOST-2012-256 signer");
-            }
-        }
-
-        if (param.getParameters().getN().bitLength() > 256)
-        {
-            throw new InvalidKeyException("key out of range for ECGOST-2012-256");
-        }
-
-        digest.reset();
-        signer.init(false, param);
-    }
-
-    protected void engineInitSign(
-        PrivateKey  privateKey)
-        throws InvalidKeyException
-    {
-        ECKeyParameters param;
-
-        if (privateKey instanceof ECKey)
-        {
-            param = (ECKeyParameters)ECUtil.generatePrivateKeyParameter(privateKey);
-        }
-        else
-        {
-            throw new InvalidKeyException("cannot recognise key type in ECGOST-2012-256 signer");
-        }
-
-        if (param.getParameters().getN().bitLength() > 256)
-        {
-            throw new InvalidKeyException("key out of range for ECGOST-2012-256");
-        }
-        
-        digest.reset();
-
-        if (appRandom != null)
-        {
-            signer.init(true, new ParametersWithRandom(param, appRandom));
-        }
-        else
-        {
-            signer.init(true, param);
-        }
-    }
-
-    protected void engineUpdate(
-        byte    b)
-        throws SignatureException
-    {
-        digest.update(b);
-    }
-
-    protected void engineUpdate(
-        byte[]  b,
-        int     off,
-        int     len) 
-        throws SignatureException
-    {
-        digest.update(b, off, len);
-    }
-
-    protected byte[] engineSign()
-        throws SignatureException
-    {
-        byte[]  hash = new byte[digest.getDigestSize()];
-
-        digest.doFinal(hash, 0);
-
-        try
-        {
-            byte[]          sigBytes = new byte[size];
-            BigInteger[]    sig = signer.generateSignature(hash);
-            byte[]          r = sig[0].toByteArray();
-            byte[]          s = sig[1].toByteArray();
-
-            if (s[0] != 0)
-            {
-                System.arraycopy(s, 0, sigBytes, halfSize - s.length, s.length);
-            }
-            else
-            {
-                System.arraycopy(s, 1, sigBytes, halfSize - (s.length - 1), s.length - 1);
-            }
-            
-            if (r[0] != 0)
-            {
-                System.arraycopy(r, 0, sigBytes, size - r.length, r.length);
-            }
-            else
-            {
-                System.arraycopy(r, 1, sigBytes, size - (r.length - 1), r.length - 1);
-            }
-
-            return sigBytes;
-        }
-        catch (Exception e)
-        {
-            throw new SignatureException(e.toString());
-        }
-    }
-    
-    protected boolean engineVerify(
-        byte[]  sigBytes) 
-        throws SignatureException
-    {
-        byte[]  hash = new byte[digest.getDigestSize()];
-
-        digest.doFinal(hash, 0);
-
-        BigInteger[]    sig;
-
-        try
-        {
-            byte[] r = new byte[halfSize];
-            byte[] s = new byte[halfSize];
-
-            System.arraycopy(sigBytes, 0, s, 0, halfSize);
-
-            System.arraycopy(sigBytes, halfSize, r, 0, halfSize);
-            
-            sig = new BigInteger[2];
-            sig[0] = new BigInteger(1, r);
-            sig[1] = new BigInteger(1, s);
-        }
-        catch (Exception e)
-        {
-            throw new SignatureException("error decoding signature bytes.");
-        }
-
-        return signer.verifySignature(hash, sig[0], sig[1]);
-    }
-
-    protected void engineSetParameter(
-        AlgorithmParameterSpec params)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    /**
-     * @deprecated replaced with "#engineSetParameter(java.security.spec.AlgorithmParameterSpec)"
-     */
-    protected void engineSetParameter(
-        String  param,
-        Object  value)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    /**
-     * @deprecated
-     */
-    protected Object engineGetParameter(
-        String      param)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    static AsymmetricKeyParameter generatePublicKeyParameter(
-            PublicKey key)
-    throws InvalidKeyException
-    {
-        return (key instanceof BCECGOST3410_2012PublicKey) ? ((BCECGOST3410_2012PublicKey)key).engineGetKeyParameters() : ECUtil.generatePublicKeyParameter(key);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost12/ECGOST2012SignatureSpi512.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost12/ECGOST2012SignatureSpi512.java
deleted file mode 100644
index 4ea3e92..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost12/ECGOST2012SignatureSpi512.java
+++ /dev/null

@@ -1,230 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.ecgost12;
-
-import java.math.BigInteger;
-import java.security.InvalidKeyException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SignatureException;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
-import org.bouncycastle.crypto.DSAExt;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.GOST3411_2012_512Digest;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.ECKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.signers.ECGOST3410_2012Signer;
-import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
-import org.bouncycastle.jce.interfaces.ECKey;
-import org.bouncycastle.jce.interfaces.ECPublicKey;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-
-/**
- * Signature for GOST34.10 2012 512. Algorithm is the same as for GOST34.10 2001
- */
-public class ECGOST2012SignatureSpi512
-    extends java.security.SignatureSpi
-    implements PKCSObjectIdentifiers, X509ObjectIdentifiers
-{
-
-    private Digest digest;
-    private DSAExt signer;
-    private int size = 128;
-    private int halfSize = 64;
-
-
-    public ECGOST2012SignatureSpi512()
-    {
-        this.digest = new GOST3411_2012_512Digest();
-        this.signer = new ECGOST3410_2012Signer();
-    }
-
-    protected void engineInitVerify(
-        PublicKey publicKey)
-        throws InvalidKeyException
-    {
-        ECKeyParameters param;
-
-        if (publicKey instanceof ECPublicKey)
-        {
-            param = (ECKeyParameters)generatePublicKeyParameter(publicKey);
-        }
-        else
-        {
-            try
-            {
-                byte[] bytes = publicKey.getEncoded();
-
-                publicKey = BouncyCastleProvider.getPublicKey(SubjectPublicKeyInfo.getInstance(bytes));
-
-                param = (ECKeyParameters)ECUtil.generatePublicKeyParameter(publicKey);
-            }
-            catch (Exception e)
-            {
-                throw new InvalidKeyException("cannot recognise key type in ECGOST-2012-512 signer");
-            }
-        }
-
-        if (param.getParameters().getN().bitLength() < 505)
-        {
-            throw new InvalidKeyException("key too weak for ECGOST-2012-512");
-        }
-
-        digest.reset();
-        signer.init(false, param);
-    }
-
-    protected void engineInitSign(
-        PrivateKey privateKey)
-        throws InvalidKeyException
-    {
-        ECKeyParameters param;
-
-        if (privateKey instanceof ECKey)
-        {
-            param = (ECKeyParameters)ECUtil.generatePrivateKeyParameter(privateKey);
-        }
-        else
-        {
-            throw new InvalidKeyException("cannot recognise key type in ECGOST-2012-512 signer");
-        }
-
-        if (param.getParameters().getN().bitLength() < 505)
-        {
-            throw new InvalidKeyException("key too weak for ECGOST-2012-512");
-        }
-
-        digest.reset();
-
-        if (appRandom != null)
-        {
-            signer.init(true, new ParametersWithRandom(param, appRandom));
-        }
-        else
-        {
-            signer.init(true, param);
-        }
-    }
-
-    protected void engineUpdate(
-        byte b)
-        throws SignatureException
-    {
-        digest.update(b);
-    }
-
-    protected void engineUpdate(
-        byte[] b,
-        int off,
-        int len)
-        throws SignatureException
-    {
-        digest.update(b, off, len);
-    }
-
-    protected byte[] engineSign()
-        throws SignatureException
-    {
-        byte[] hash = new byte[digest.getDigestSize()];
-
-        digest.doFinal(hash, 0);
-
-        try
-        {
-            byte[] sigBytes = new byte[size];
-            BigInteger[] sig = signer.generateSignature(hash);
-            byte[] r = sig[0].toByteArray();
-            byte[] s = sig[1].toByteArray();
-
-            if (s[0] != 0)
-            {
-                System.arraycopy(s, 0, sigBytes, halfSize - s.length, s.length);
-            }
-            else
-            {
-                System.arraycopy(s, 1, sigBytes, halfSize - (s.length - 1), s.length - 1);
-            }
-
-            if (r[0] != 0)
-            {
-                System.arraycopy(r, 0, sigBytes, size - r.length, r.length);
-            }
-            else
-            {
-                System.arraycopy(r, 1, sigBytes, size - (r.length - 1), r.length - 1);
-            }
-
-            return sigBytes;
-        }
-        catch (Exception e)
-        {
-            throw new SignatureException(e.toString());
-        }
-    }
-
-    protected boolean engineVerify(
-        byte[] sigBytes)
-        throws SignatureException
-    {
-        byte[] hash = new byte[digest.getDigestSize()];
-
-        digest.doFinal(hash, 0);
-
-        BigInteger[] sig;
-
-        try
-        {
-            byte[] r = new byte[halfSize];
-            byte[] s = new byte[halfSize];
-
-            System.arraycopy(sigBytes, 0, s, 0, halfSize);
-
-            System.arraycopy(sigBytes, halfSize, r, 0, halfSize);
-
-            sig = new BigInteger[2];
-            sig[0] = new BigInteger(1, r);
-            sig[1] = new BigInteger(1, s);
-        }
-        catch (Exception e)
-        {
-            throw new SignatureException("error decoding signature bytes.");
-        }
-
-        return signer.verifySignature(hash, sig[0], sig[1]);
-    }
-
-    protected void engineSetParameter(
-        AlgorithmParameterSpec params)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    /**
-     * @deprecated replaced with #engineSetParameter(java.security.spec.AlgorithmParameterSpec)
-     */
-    protected void engineSetParameter(
-        String param,
-        Object value)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    /**
-     * @deprecated
-     */
-    protected Object engineGetParameter(
-        String param)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    static AsymmetricKeyParameter generatePublicKeyParameter(
-        PublicKey key)
-        throws InvalidKeyException
-    {
-        return (key instanceof BCECGOST3410_2012PublicKey) ? ((BCECGOST3410_2012PublicKey)key).engineGetKeyParameters() : ECUtil.generatePublicKeyParameter(key);
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost12/KeyAgreementSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost12/KeyAgreementSpi.java
deleted file mode 100644
index 6091e9d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost12/KeyAgreementSpi.java
+++ /dev/null

@@ -1,169 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.ecgost12;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.asn1.x9.X9IntegerConverter;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DerivationFunction;
-import org.bouncycastle.crypto.agreement.ECVKOAgreement;
-import org.bouncycastle.crypto.digests.GOST3411_2012_256Digest;
-import org.bouncycastle.crypto.digests.GOST3411_2012_512Digest;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithUKM;
-import org.bouncycastle.jcajce.provider.asymmetric.util.BaseAgreementSpi;
-import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
-import org.bouncycastle.jcajce.spec.UserKeyingMaterialSpec;
-import org.bouncycastle.jce.interfaces.ECPrivateKey;
-import org.bouncycastle.jce.interfaces.ECPublicKey;
-
-public class KeyAgreementSpi
-    extends BaseAgreementSpi
-{
-    private static final X9IntegerConverter converter = new X9IntegerConverter();
-
-    private String                 kaAlgorithm;
-
-    private ECDomainParameters     parameters;
-    private ECVKOAgreement agreement;
-
-    private byte[]             result;
-
-    protected KeyAgreementSpi(
-        String kaAlgorithm,
-        ECVKOAgreement agreement,
-        DerivationFunction kdf)
-    {
-        super(kaAlgorithm, kdf);
-
-        this.kaAlgorithm = kaAlgorithm;
-        this.agreement = agreement;
-    }
-
-    protected Key engineDoPhase(
-        Key     key,
-        boolean lastPhase) 
-        throws InvalidKeyException, IllegalStateException
-    {
-        if (parameters == null)
-        {
-            throw new IllegalStateException(kaAlgorithm + " not initialised.");
-        }
-
-        if (!lastPhase)
-        {
-            throw new IllegalStateException(kaAlgorithm + " can only be between two parties.");
-        }
-
-        CipherParameters pubKey;
-        {
-            if (!(key instanceof PublicKey))
-            {
-                throw new InvalidKeyException(kaAlgorithm + " key agreement requires "
-                    + getSimpleName(ECPublicKey.class) + " for doPhase");
-            }
-
-            pubKey = generatePublicKeyParameter((PublicKey)key);
-        }
-
-        try
-        {
-            result = agreement.calculateAgreement(pubKey);
-        }
-        catch (final Exception e)
-        {
-            throw new InvalidKeyException("calculation failed: " + e.getMessage())
-            {
-                public Throwable getCause()
-                            {
-                                return e;
-                            }
-            };
-        }
-
-        return null;
-    }
-
-    protected void engineInit(
-        Key                     key,
-        AlgorithmParameterSpec  params,
-        SecureRandom            random) 
-        throws InvalidKeyException, InvalidAlgorithmParameterException
-    {
-        if (params != null && !(params instanceof UserKeyingMaterialSpec))
-        {
-            throw new InvalidAlgorithmParameterException("No algorithm parameters supported");
-        }
-
-        initFromKey(key, params);
-    }
-
-    protected void engineInit(
-        Key             key,
-        SecureRandom    random) 
-        throws InvalidKeyException
-    {
-        initFromKey(key, null);
-    }
-
-    private void initFromKey(Key key, AlgorithmParameterSpec parameterSpec)
-        throws InvalidKeyException
-    {
-        {
-            if (!(key instanceof PrivateKey))
-            {
-                throw new InvalidKeyException(kaAlgorithm + " key agreement requires "
-                    + getSimpleName(ECPrivateKey.class) + " for initialisation");
-            }
-
-            ECPrivateKeyParameters privKey = (ECPrivateKeyParameters)ECUtil.generatePrivateKeyParameter((PrivateKey)key);
-            this.parameters = privKey.getParameters();
-            ukmParameters = (parameterSpec instanceof UserKeyingMaterialSpec) ? ((UserKeyingMaterialSpec)parameterSpec).getUserKeyingMaterial() : null;
-            agreement.init(new ParametersWithUKM(privKey, ukmParameters));
-        }
-    }
-
-    private static String getSimpleName(Class clazz)
-    {
-        String fullName = clazz.getName();
-
-        return fullName.substring(fullName.lastIndexOf('.') + 1);
-    }
-
-    static AsymmetricKeyParameter generatePublicKeyParameter(
-            PublicKey key)
-        throws InvalidKeyException
-    {
-        return (key instanceof BCECGOST3410_2012PublicKey) ? ((BCECGOST3410_2012PublicKey)key).engineGetKeyParameters() : ECUtil.generatePublicKeyParameter(key);
-    }
-
-    protected byte[] calcSecret()
-    {
-        return result;
-    }
-
-    public static class ECVKO256
-        extends KeyAgreementSpi
-    {
-        public ECVKO256()
-        {
-            super("ECGOST3410-2012-256", new ECVKOAgreement(new GOST3411_2012_256Digest()), null);
-        }
-    }
-
-    public static class ECVKO512
-        extends KeyAgreementSpi
-    {
-        public ECVKO512()
-        {
-            super("ECGOST3410-2012-512", new ECVKOAgreement(new GOST3411_2012_512Digest()), null);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost12/KeyFactorySpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost12/KeyFactorySpi.java
deleted file mode 100644
index ebd9f42..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost12/KeyFactorySpi.java
+++ /dev/null

@@ -1,174 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.ecgost12;
-
-import java.io.IOException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.interfaces.ECPrivateKey;
-import java.security.interfaces.ECPublicKey;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.KeySpec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi;
-import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECParameterSpec;
-import org.bouncycastle.jce.spec.ECPrivateKeySpec;
-import org.bouncycastle.jce.spec.ECPublicKeySpec;
-
-public class KeyFactorySpi
-    extends BaseKeyFactorySpi
-{
-    public KeyFactorySpi()
-    {
-    }
-
-    protected KeySpec engineGetKeySpec(
-        Key key,
-        Class spec)
-        throws InvalidKeySpecException
-    {
-       if (spec.isAssignableFrom(java.security.spec.ECPublicKeySpec.class) && key instanceof ECPublicKey)
-       {
-           ECPublicKey k = (ECPublicKey)key;
-           if (k.getParams() != null)
-           {
-               return new java.security.spec.ECPublicKeySpec(k.getW(), k.getParams());
-           }
-           else
-           {
-               ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
-
-               return new java.security.spec.ECPublicKeySpec(k.getW(), EC5Util.convertSpec(EC5Util.convertCurve(implicitSpec.getCurve(), implicitSpec.getSeed()), implicitSpec));
-           }
-       }
-       else if (spec.isAssignableFrom(java.security.spec.ECPrivateKeySpec.class) && key instanceof ECPrivateKey)
-       {
-           ECPrivateKey k = (ECPrivateKey)key;
-
-           if (k.getParams() != null)
-           {
-               return new java.security.spec.ECPrivateKeySpec(k.getS(), k.getParams());
-           }
-           else
-           {
-               ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
-
-               return new java.security.spec.ECPrivateKeySpec(k.getS(), EC5Util.convertSpec(EC5Util.convertCurve(implicitSpec.getCurve(), implicitSpec.getSeed()), implicitSpec));
-           }
-       }
-       else if (spec.isAssignableFrom(ECPublicKeySpec.class) && key instanceof ECPublicKey)
-       {
-           ECPublicKey k = (ECPublicKey)key;
-           if (k.getParams() != null)
-           {
-               return new ECPublicKeySpec(EC5Util.convertPoint(k.getParams(), k.getW(), false), EC5Util.convertSpec(k.getParams(), false));
-           }
-           else
-           {
-               ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
-
-               return new ECPublicKeySpec(EC5Util.convertPoint(k.getParams(), k.getW(), false), implicitSpec);
-           }
-       }
-       else if (spec.isAssignableFrom(ECPrivateKeySpec.class) && key instanceof ECPrivateKey)
-       {
-           ECPrivateKey k = (ECPrivateKey)key;
-
-           if (k.getParams() != null)
-           {
-               return new ECPrivateKeySpec(k.getS(), EC5Util.convertSpec(k.getParams(), false));
-           }
-           else
-           {
-               ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
-
-               return new ECPrivateKeySpec(k.getS(), implicitSpec);
-           }
-       }
-
-       return super.engineGetKeySpec(key, spec);
-    }
-
-    protected Key engineTranslateKey(
-        Key key)
-        throws InvalidKeyException
-    {
-        throw new InvalidKeyException("key type unknown");
-    }
-
-    protected PrivateKey engineGeneratePrivate(
-        KeySpec keySpec)
-        throws InvalidKeySpecException
-    {
-        if (keySpec instanceof ECPrivateKeySpec)
-        {
-            return new BCECGOST3410_2012PrivateKey((ECPrivateKeySpec)keySpec);
-        }
-        else if (keySpec instanceof java.security.spec.ECPrivateKeySpec)
-        {
-            return new BCECGOST3410_2012PrivateKey((java.security.spec.ECPrivateKeySpec)keySpec);
-        }
-
-        return super.engineGeneratePrivate(keySpec);
-    }
-
-    public PublicKey engineGeneratePublic(
-        KeySpec keySpec)
-        throws InvalidKeySpecException
-    {
-        if (keySpec instanceof ECPublicKeySpec)
-        {
-            return new BCECGOST3410_2012PublicKey((ECPublicKeySpec)keySpec, BouncyCastleProvider.CONFIGURATION);
-        }
-        else if (keySpec instanceof java.security.spec.ECPublicKeySpec)
-        {
-            return new BCECGOST3410_2012PublicKey((java.security.spec.ECPublicKeySpec)keySpec);
-        }
-
-        return super.engineGeneratePublic(keySpec);
-    }
-
-    public PrivateKey generatePrivate(PrivateKeyInfo keyInfo)
-        throws IOException
-    {
-        ASN1ObjectIdentifier algOid = keyInfo.getPrivateKeyAlgorithm().getAlgorithm();
-
-        if (isValid(algOid))
-        {
-            return new BCECGOST3410_2012PrivateKey(keyInfo);
-        }
-        else
-        {
-            throw new IOException("algorithm identifier " + algOid + " in key not recognised");
-        }
-    }
-
-    public PublicKey generatePublic(SubjectPublicKeyInfo keyInfo)
-        throws IOException
-    {
-        ASN1ObjectIdentifier algOid = keyInfo.getAlgorithm().getAlgorithm();
-
-        if (isValid(algOid))
-        {
-            return new BCECGOST3410_2012PublicKey(keyInfo);
-        }
-        else
-        {
-            throw new IOException("algorithm identifier " + algOid + " in key not recognised");
-        }
-    }
-
-    private boolean isValid(ASN1ObjectIdentifier algOid)
-    {
-        return algOid.equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256)
-            || algOid.equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512)
-            || algOid.equals(RosstandartObjectIdentifiers.id_tc26_agreement_gost_3410_12_256)
-            || algOid.equals(RosstandartObjectIdentifiers.id_tc26_agreement_gost_3410_12_512);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost12/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost12/KeyPairGeneratorSpi.java
deleted file mode 100644
index 50431de..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ecgost12/KeyPairGeneratorSpi.java
+++ /dev/null

@@ -1,202 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.ecgost12;
-
-import java.math.BigInteger;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidParameterException;
-import java.security.KeyPair;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.ECGenParameterSpec;
-
-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.generators.ECKeyPairGenerator;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECGOST3410Parameters;
-import org.bouncycastle.crypto.params.ECKeyGenerationParameters;
-import org.bouncycastle.crypto.params.ECNamedDomainParameters;
-import org.bouncycastle.crypto.params.ECPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
-import org.bouncycastle.jcajce.spec.GOST3410ParameterSpec;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECNamedCurveGenParameterSpec;
-import org.bouncycastle.jce.spec.ECNamedCurveSpec;
-import org.bouncycastle.jce.spec.ECParameterSpec;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECPoint;
-
-/**
- * KeyPairGenerator for GOST34.10 2012. Algorithm is the same as for GOST34.10 2001
- */
-public class KeyPairGeneratorSpi
-    extends java.security.KeyPairGenerator
-{
-    Object ecParams = null;
-    ECKeyPairGenerator engine = new ECKeyPairGenerator();
-
-    String algorithm = "ECGOST3410-2012";
-    ECKeyGenerationParameters param;
-    int strength = 239;
-    SecureRandom random = null;
-    boolean initialised = false;
-
-    public KeyPairGeneratorSpi()
-    {
-        super("ECGOST3410-2012");
-    }
-
-    public void initialize(
-        int strength,
-        SecureRandom random)
-    {
-        this.strength = strength;
-        this.random = random;
-
-        if (ecParams != null)
-        {
-            try
-            {
-                initialize((ECGenParameterSpec)ecParams, random);
-            }
-            catch (InvalidAlgorithmParameterException e)
-            {
-                throw new InvalidParameterException("key size not configurable.");
-            }
-        }
-        else
-        {
-            throw new InvalidParameterException("unknown key size.");
-        }
-    }
-
-    public void initialize(
-        AlgorithmParameterSpec params,
-        SecureRandom random)
-        throws InvalidAlgorithmParameterException
-    {
-        if (params instanceof GOST3410ParameterSpec)
-        {
-            GOST3410ParameterSpec gostParams = (GOST3410ParameterSpec)params;
-
-            init(gostParams, random);
-        }
-        else if (params instanceof ECParameterSpec)
-        {
-            ECParameterSpec p = (ECParameterSpec)params;
-            this.ecParams = params;
-
-            param = new ECKeyGenerationParameters(new ECDomainParameters(p.getCurve(), p.getG(), p.getN(), p.getH()), random);
-
-            engine.init(param);
-            initialised = true;
-        }
-        else if (params instanceof java.security.spec.ECParameterSpec)
-        {
-            java.security.spec.ECParameterSpec p = (java.security.spec.ECParameterSpec)params;
-            this.ecParams = params;
-
-            ECCurve curve = EC5Util.convertCurve(p.getCurve());
-            ECPoint g = EC5Util.convertPoint(curve, p.getGenerator(), false);
-
-            param = new ECKeyGenerationParameters(new ECDomainParameters(curve, g, p.getOrder(), BigInteger.valueOf(p.getCofactor())), random);
-
-            engine.init(param);
-            initialised = true;
-        }
-        else if (params instanceof ECGenParameterSpec || params instanceof ECNamedCurveGenParameterSpec)
-        {
-            String curveName;
-
-            if (params instanceof ECGenParameterSpec)
-            {
-                curveName = ((ECGenParameterSpec)params).getName();
-            }
-            else
-            {
-                curveName = ((ECNamedCurveGenParameterSpec)params).getName();
-            }
-
-            init(new GOST3410ParameterSpec(curveName), random);
-        }
-        else if (params == null && BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa() != null)
-        {
-            ECParameterSpec p = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
-            this.ecParams = params;
-
-            param = new ECKeyGenerationParameters(new ECDomainParameters(p.getCurve(), p.getG(), p.getN(), p.getH()), random);
-
-            engine.init(param);
-            initialised = true;
-        }
-        else if (params == null && BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa() == null)
-        {
-            throw new InvalidAlgorithmParameterException("null parameter passed but no implicitCA set");
-        }
-        else
-        {
-            throw new InvalidAlgorithmParameterException("parameter object not a ECParameterSpec: " + params.getClass().getName());
-        }
-    }
-
-    private void init(GOST3410ParameterSpec gostParams, SecureRandom random)
-        throws InvalidAlgorithmParameterException
-    {
-        ECDomainParameters ecP = ECGOST3410NamedCurves.getByOID(gostParams.getPublicKeyParamSet());
-        if (ecP == null)
-        {
-            throw new InvalidAlgorithmParameterException("unknown curve: " + gostParams.getPublicKeyParamSet());
-        }
-
-        this.ecParams = new ECNamedCurveSpec(
-            ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()),
-            ecP.getCurve(),
-            ecP.getG(),
-            ecP.getN(),
-            ecP.getH(),
-            ecP.getSeed());
-
-        param = new ECKeyGenerationParameters(
-            new ECGOST3410Parameters(
-                new ECNamedDomainParameters(gostParams.getPublicKeyParamSet(), ecP),
-                gostParams.getPublicKeyParamSet(), gostParams.getDigestParamSet(), gostParams.getEncryptionParamSet()), random);
-
-        engine.init(param);
-        initialised = true;
-    }
-
-    public KeyPair generateKeyPair()
-    {
-        if (!initialised)
-        {
-            throw new IllegalStateException("EC Key Pair Generator not initialised");
-        }
-
-        AsymmetricCipherKeyPair pair = engine.generateKeyPair();
-        ECPublicKeyParameters pub = (ECPublicKeyParameters)pair.getPublic();
-        ECPrivateKeyParameters priv = (ECPrivateKeyParameters)pair.getPrivate();
-
-        if (ecParams instanceof ECParameterSpec)
-        {
-            ECParameterSpec p = (ECParameterSpec)ecParams;
-
-            BCECGOST3410_2012PublicKey pubKey = new BCECGOST3410_2012PublicKey(algorithm, pub, p);
-            return new KeyPair(pubKey,
-                new BCECGOST3410_2012PrivateKey(algorithm, priv, pubKey, p));
-        }
-        else if (ecParams == null)
-        {
-            return new KeyPair(new BCECGOST3410_2012PublicKey(algorithm, pub),
-                new BCECGOST3410_2012PrivateKey(algorithm, priv));
-        }
-        else
-        {
-            java.security.spec.ECParameterSpec p = (java.security.spec.ECParameterSpec)ecParams;
-
-            BCECGOST3410_2012PublicKey pubKey = new BCECGOST3410_2012PublicKey(algorithm, pub, p);
-
-            return new KeyPair(pubKey, new BCECGOST3410_2012PrivateKey(algorithm, priv, pubKey, p));
-        }
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/BCEdDSAPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/BCEdDSAPrivateKey.java
deleted file mode 100644
index 92061da..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/BCEdDSAPrivateKey.java
+++ /dev/null

@@ -1,152 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.edec;
-
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.security.PrivateKey;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.edec.EdECObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.Ed25519PrivateKeyParameters;
-import org.bouncycastle.crypto.params.Ed448PrivateKeyParameters;
-import org.bouncycastle.crypto.util.PrivateKeyInfoFactory;
-import org.bouncycastle.jcajce.interfaces.EdDSAKey;
-import org.bouncycastle.util.Arrays;
-
-public class BCEdDSAPrivateKey
-    implements EdDSAKey, PrivateKey
-{
-    static final long serialVersionUID = 1L;
-    
-    private transient AsymmetricKeyParameter eddsaPrivateKey;
-
-    private final boolean hasPublicKey;
-    private final byte[] attributes;
-
-    BCEdDSAPrivateKey(AsymmetricKeyParameter privKey)
-    {
-        this.hasPublicKey = true;
-        this.attributes = null;
-        this.eddsaPrivateKey = privKey;
-    }
-
-    BCEdDSAPrivateKey(PrivateKeyInfo keyInfo)
-        throws IOException
-    {
-        this.hasPublicKey = keyInfo.hasPublicKey();
-        this.attributes = (keyInfo.getAttributes() != null) ? keyInfo.getAttributes().getEncoded() : null;
-
-        populateFromPrivateKeyInfo(keyInfo);
-    }
-
-    private void populateFromPrivateKeyInfo(PrivateKeyInfo keyInfo)
-        throws IOException
-    {
-        ASN1Encodable keyOcts = keyInfo.parsePrivateKey();
-        if (EdECObjectIdentifiers.id_Ed448.equals(keyInfo.getPrivateKeyAlgorithm().getAlgorithm()))
-        {
-            eddsaPrivateKey = new Ed448PrivateKeyParameters(ASN1OctetString.getInstance(keyOcts).getOctets(), 0);
-        }
-        else
-        {
-            eddsaPrivateKey = new Ed25519PrivateKeyParameters(ASN1OctetString.getInstance(keyOcts).getOctets(), 0);
-        }
-    }
-
-    public String getAlgorithm()
-    {
-        return (eddsaPrivateKey instanceof Ed448PrivateKeyParameters) ? "Ed448" : "Ed25519";
-    }
-
-    public String getFormat()
-    {
-        return "PKCS#8";
-    }
-
-    public byte[] getEncoded()
-    {
-        try
-        {
-            ASN1Set attrSet = ASN1Set.getInstance(attributes);
-            PrivateKeyInfo privInfo = PrivateKeyInfoFactory.createPrivateKeyInfo(eddsaPrivateKey, attrSet);
-
-            if (hasPublicKey)
-            {
-                return privInfo.getEncoded();
-            }
-            else
-            {
-                return new PrivateKeyInfo(privInfo.getPrivateKeyAlgorithm(), privInfo.parsePrivateKey(), attrSet).getEncoded();
-            }
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-    }
-
-    AsymmetricKeyParameter engineGetKeyParameters()
-    {
-        return eddsaPrivateKey;
-    }
-
-    public String toString()
-    {
-        AsymmetricKeyParameter pubKey;
-        if (eddsaPrivateKey instanceof Ed448PrivateKeyParameters)
-        {
-            pubKey = ((Ed448PrivateKeyParameters)eddsaPrivateKey).generatePublicKey();
-        }
-        else
-        {
-            pubKey = ((Ed25519PrivateKeyParameters)eddsaPrivateKey).generatePublicKey();
-        }
-        return Utils.keyToString("Private Key", getAlgorithm(), pubKey);
-    }
-
-    public boolean equals(Object o)
-    {
-        if (o == this)
-        {
-            return true;
-        }
-
-        if (!(o instanceof BCEdDSAPrivateKey))
-        {
-            return false;
-        }
-
-        BCEdDSAPrivateKey other = (BCEdDSAPrivateKey)o;
-
-        return Arrays.areEqual(other.getEncoded(), this.getEncoded());
-    }
-
-    public int hashCode()
-    {
-        return Arrays.hashCode(this.getEncoded());
-    }
-
-    private void readObject(
-        ObjectInputStream in)
-        throws IOException, ClassNotFoundException
-    {
-        in.defaultReadObject();
-
-        byte[] enc = (byte[])in.readObject();
-
-        populateFromPrivateKeyInfo(PrivateKeyInfo.getInstance(enc));
-    }
-
-    private void writeObject(
-        ObjectOutputStream out)
-        throws IOException
-    {
-        out.defaultWriteObject();
-
-        out.writeObject(this.getEncoded());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/BCEdDSAPublicKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/BCEdDSAPublicKey.java
deleted file mode 100644
index c6b6d72..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/BCEdDSAPublicKey.java
+++ /dev/null

@@ -1,157 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.edec;
-
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.security.PublicKey;
-import java.security.spec.InvalidKeySpecException;
-
-import org.bouncycastle.asn1.edec.EdECObjectIdentifiers;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.Ed25519PublicKeyParameters;
-import org.bouncycastle.crypto.params.Ed448PublicKeyParameters;
-import org.bouncycastle.jcajce.interfaces.EdDSAKey;
-import org.bouncycastle.util.Arrays;
-
-public class BCEdDSAPublicKey
-    implements EdDSAKey, PublicKey
-{
-    static final long serialVersionUID = 1L;
-
-    private transient AsymmetricKeyParameter eddsaPublicKey;
-
-    BCEdDSAPublicKey(AsymmetricKeyParameter pubKey)
-    {
-        this.eddsaPublicKey = pubKey;
-    }
-
-    BCEdDSAPublicKey(SubjectPublicKeyInfo keyInfo)
-    {
-        populateFromPubKeyInfo(keyInfo);
-    }
-
-    BCEdDSAPublicKey(byte[] prefix, byte[] rawData)
-        throws InvalidKeySpecException
-    {
-        int prefixLength = prefix.length;
-
-        if (Utils.isValidPrefix(prefix, rawData))
-        {
-            if ((rawData.length - prefixLength) == Ed448PublicKeyParameters.KEY_SIZE)
-            {
-                eddsaPublicKey = new Ed448PublicKeyParameters(rawData, prefixLength);
-            }
-            else if ((rawData.length - prefixLength) == Ed25519PublicKeyParameters.KEY_SIZE)
-            {
-                eddsaPublicKey = new Ed25519PublicKeyParameters(rawData, prefixLength);
-            }
-            else
-            {
-                throw new InvalidKeySpecException("raw key data not recognised");
-            }
-        }
-        else
-        {
-            throw new InvalidKeySpecException("raw key data not recognised");
-        }
-    }
-
-    private void populateFromPubKeyInfo(SubjectPublicKeyInfo keyInfo)
-    {
-        if (EdECObjectIdentifiers.id_Ed448.equals(keyInfo.getAlgorithm().getAlgorithm()))
-        {
-            eddsaPublicKey = new Ed448PublicKeyParameters(keyInfo.getPublicKeyData().getOctets(), 0);
-        }
-        else
-        {
-            eddsaPublicKey = new Ed25519PublicKeyParameters(keyInfo.getPublicKeyData().getOctets(), 0);
-        }
-    }
-
-    public String getAlgorithm()
-    {
-        return (eddsaPublicKey instanceof Ed448PublicKeyParameters) ? "Ed448" : "Ed25519";
-    }
-
-    public String getFormat()
-    {
-        return "X.509";
-    }
-
-    public byte[] getEncoded()
-    {
-        if (eddsaPublicKey instanceof Ed448PublicKeyParameters)
-        {
-            byte[] encoding = new byte[KeyFactorySpi.Ed448Prefix.length + Ed448PublicKeyParameters.KEY_SIZE];
-
-            System.arraycopy(KeyFactorySpi.Ed448Prefix, 0, encoding, 0, KeyFactorySpi.Ed448Prefix.length);
-
-            ((Ed448PublicKeyParameters)eddsaPublicKey).encode(encoding, KeyFactorySpi.Ed448Prefix.length);
-
-            return encoding;
-        }
-        else
-        {
-            byte[] encoding = new byte[KeyFactorySpi.Ed25519Prefix.length + Ed25519PublicKeyParameters.KEY_SIZE];
-
-            System.arraycopy(KeyFactorySpi.Ed25519Prefix, 0, encoding, 0, KeyFactorySpi.Ed25519Prefix.length);
-
-            ((Ed25519PublicKeyParameters)eddsaPublicKey).encode(encoding, KeyFactorySpi.Ed25519Prefix.length);
-
-            return encoding;
-        }
-    }
-
-    AsymmetricKeyParameter engineGetKeyParameters()
-    {
-        return eddsaPublicKey;
-    }
-
-    public String toString()
-    {
-        return Utils.keyToString("Public Key", getAlgorithm(), eddsaPublicKey);
-    }
-
-    public boolean equals(Object o)
-    {
-        if (o == this)
-        {
-            return true;
-        }
-
-        if (!(o instanceof BCEdDSAPublicKey))
-        {
-            return false;
-        }
-
-        BCEdDSAPublicKey other = (BCEdDSAPublicKey)o;
-
-        return Arrays.areEqual(other.getEncoded(), this.getEncoded());
-    }
-
-    public int hashCode()
-    {
-        return Arrays.hashCode(this.getEncoded());
-    }
-
-    private void readObject(
-        ObjectInputStream in)
-        throws IOException, ClassNotFoundException
-    {
-        in.defaultReadObject();
-
-        byte[] enc = (byte[])in.readObject();
-
-        populateFromPubKeyInfo(SubjectPublicKeyInfo.getInstance(enc));
-    }
-
-    private void writeObject(
-        ObjectOutputStream out)
-        throws IOException
-    {
-        out.defaultWriteObject();
-
-        out.writeObject(this.getEncoded());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/BCXDHPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/BCXDHPrivateKey.java
deleted file mode 100644
index 3485158..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/BCXDHPrivateKey.java
+++ /dev/null

@@ -1,152 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.edec;
-
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.security.PrivateKey;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.edec.EdECObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.X25519PrivateKeyParameters;
-import org.bouncycastle.crypto.params.X448PrivateKeyParameters;
-import org.bouncycastle.crypto.util.PrivateKeyInfoFactory;
-import org.bouncycastle.jcajce.interfaces.XDHKey;
-import org.bouncycastle.util.Arrays;
-
-public class BCXDHPrivateKey
-    implements XDHKey, PrivateKey
-{
-    static final long serialVersionUID = 1L;
-
-    private transient AsymmetricKeyParameter xdhPrivateKey;
-
-    private final boolean hasPublicKey;
-    private final byte[] attributes;
-
-    BCXDHPrivateKey(AsymmetricKeyParameter privKey)
-    {
-        this.hasPublicKey = true;
-        this.attributes = null;
-        this.xdhPrivateKey = privKey;
-    }
-
-    BCXDHPrivateKey(PrivateKeyInfo keyInfo)
-        throws IOException
-    {
-        this.hasPublicKey = keyInfo.hasPublicKey();
-        this.attributes = (keyInfo.getAttributes() != null) ? keyInfo.getAttributes().getEncoded() : null;
-
-        populateFromPrivateKeyInfo(keyInfo);
-    }
-
-    private void populateFromPrivateKeyInfo(PrivateKeyInfo keyInfo)
-        throws IOException
-    {
-        ASN1Encodable keyOcts = keyInfo.parsePrivateKey();
-        if (EdECObjectIdentifiers.id_X448.equals(keyInfo.getPrivateKeyAlgorithm().getAlgorithm()))
-        {
-            xdhPrivateKey = new X448PrivateKeyParameters(ASN1OctetString.getInstance(keyOcts).getOctets(), 0);
-        }
-        else
-        {
-            xdhPrivateKey = new X25519PrivateKeyParameters(ASN1OctetString.getInstance(keyOcts).getOctets(), 0);
-        }
-    }
-
-    public String getAlgorithm()
-    {
-        return (xdhPrivateKey instanceof X448PrivateKeyParameters) ? "X448" : "X25519";
-    }
-
-    public String getFormat()
-    {
-        return "PKCS#8";
-    }
-
-    public byte[] getEncoded()
-    {
-        try
-        {
-            ASN1Set attrSet = ASN1Set.getInstance(attributes);
-            PrivateKeyInfo privInfo = PrivateKeyInfoFactory.createPrivateKeyInfo(xdhPrivateKey, attrSet);
-
-            if (hasPublicKey)
-            {
-                return privInfo.getEncoded();
-            }
-            else
-            {
-                return new PrivateKeyInfo(privInfo.getPrivateKeyAlgorithm(), privInfo.parsePrivateKey(), attrSet).getEncoded();
-            }
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-    }
-
-    AsymmetricKeyParameter engineGetKeyParameters()
-    {
-        return xdhPrivateKey;
-    }
-
-    public String toString()
-    {
-        AsymmetricKeyParameter pubKey;
-        if (xdhPrivateKey instanceof X448PrivateKeyParameters)
-        {
-            pubKey = ((X448PrivateKeyParameters)xdhPrivateKey).generatePublicKey();
-        }
-        else
-        {
-            pubKey = ((X25519PrivateKeyParameters)xdhPrivateKey).generatePublicKey();
-        }
-        return Utils.keyToString("Private Key", getAlgorithm(), pubKey);
-    }
-
-    public boolean equals(Object o)
-    {
-        if (o == this)
-        {
-            return true;
-        }
-
-        if (!(o instanceof BCXDHPrivateKey))
-        {
-            return false;
-        }
-
-        BCXDHPrivateKey other = (BCXDHPrivateKey)o;
-
-        return Arrays.areEqual(other.getEncoded(), this.getEncoded());
-    }
-
-    public int hashCode()
-    {
-        return Arrays.hashCode(this.getEncoded());
-    }
-
-    private void readObject(
-        ObjectInputStream in)
-        throws IOException, ClassNotFoundException
-    {
-        in.defaultReadObject();
-
-        byte[] enc = (byte[])in.readObject();
-
-        populateFromPrivateKeyInfo(PrivateKeyInfo.getInstance(enc));
-    }
-
-    private void writeObject(
-        ObjectOutputStream out)
-        throws IOException
-    {
-        out.defaultWriteObject();
-
-        out.writeObject(this.getEncoded());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/BCXDHPublicKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/BCXDHPublicKey.java
deleted file mode 100644
index 143bf11..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/BCXDHPublicKey.java
+++ /dev/null

@@ -1,157 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.edec;
-
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.security.PublicKey;
-import java.security.spec.InvalidKeySpecException;
-
-import org.bouncycastle.asn1.edec.EdECObjectIdentifiers;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.X25519PublicKeyParameters;
-import org.bouncycastle.crypto.params.X448PublicKeyParameters;
-import org.bouncycastle.jcajce.interfaces.XDHKey;
-import org.bouncycastle.util.Arrays;
-
-public class BCXDHPublicKey
-    implements XDHKey, PublicKey
-{
-    static final long serialVersionUID = 1L;
-
-    private transient AsymmetricKeyParameter xdhPublicKey;
-
-    BCXDHPublicKey(AsymmetricKeyParameter pubKey)
-    {
-        this.xdhPublicKey = pubKey;
-    }
-
-    BCXDHPublicKey(SubjectPublicKeyInfo keyInfo)
-    {
-        populateFromPubKeyInfo(keyInfo);
-    }
-
-    BCXDHPublicKey(byte[] prefix, byte[] rawData)
-        throws InvalidKeySpecException
-    {
-        int prefixLength = prefix.length;
-
-        if (Utils.isValidPrefix(prefix, rawData))
-        {
-            if ((rawData.length - prefixLength) == X448PublicKeyParameters.KEY_SIZE)
-            {
-                xdhPublicKey = new X448PublicKeyParameters(rawData, prefixLength);
-            }
-            else if ((rawData.length - prefixLength) == X25519PublicKeyParameters.KEY_SIZE)
-            {
-                xdhPublicKey = new X25519PublicKeyParameters(rawData, prefixLength);
-            }
-            else
-            {
-                throw new InvalidKeySpecException("raw key data not recognised");
-            }
-        }
-        else
-        {
-            throw new InvalidKeySpecException("raw key data not recognised");
-        }
-    }
-
-    private void populateFromPubKeyInfo(SubjectPublicKeyInfo keyInfo)
-    {
-        if (EdECObjectIdentifiers.id_X448.equals(keyInfo.getAlgorithm().getAlgorithm()))
-        {
-            xdhPublicKey = new X448PublicKeyParameters(keyInfo.getPublicKeyData().getOctets(), 0);
-        }
-        else
-        {
-            xdhPublicKey = new X25519PublicKeyParameters(keyInfo.getPublicKeyData().getOctets(), 0);
-        }
-    }
-
-    public String getAlgorithm()
-    {
-        return (xdhPublicKey instanceof X448PublicKeyParameters) ? "X448" : "X25519";
-    }
-
-    public String getFormat()
-    {
-        return "X.509";
-    }
-
-    public byte[] getEncoded()
-    {
-        if (xdhPublicKey instanceof X448PublicKeyParameters)
-        {
-            byte[] encoding = new byte[KeyFactorySpi.x448Prefix.length + X448PublicKeyParameters.KEY_SIZE];
-
-            System.arraycopy(KeyFactorySpi.x448Prefix, 0, encoding, 0, KeyFactorySpi.x448Prefix.length);
-
-            ((X448PublicKeyParameters)xdhPublicKey).encode(encoding, KeyFactorySpi.x448Prefix.length);
-
-            return encoding;
-        }
-        else
-        {
-            byte[] encoding = new byte[KeyFactorySpi.x25519Prefix.length + X25519PublicKeyParameters.KEY_SIZE];
-
-            System.arraycopy(KeyFactorySpi.x25519Prefix, 0, encoding, 0, KeyFactorySpi.x25519Prefix.length);
-
-            ((X25519PublicKeyParameters)xdhPublicKey).encode(encoding, KeyFactorySpi.x25519Prefix.length);
-
-            return encoding;
-        }
-    }
-
-    AsymmetricKeyParameter engineGetKeyParameters()
-    {
-        return xdhPublicKey;
-    }
-
-    public String toString()
-    {
-        return Utils.keyToString("Public Key", getAlgorithm(), xdhPublicKey);
-    }
-
-    public boolean equals(Object o)
-    {
-        if (o == this)
-        {
-            return true;
-        }
-
-        if (!(o instanceof BCXDHPublicKey))
-        {
-            return false;
-        }
-
-        BCXDHPublicKey other = (BCXDHPublicKey)o;
-
-        return Arrays.areEqual(other.getEncoded(), this.getEncoded());
-    }
-
-    public int hashCode()
-    {
-        return Arrays.hashCode(this.getEncoded());
-    }
-
-    private void readObject(
-        ObjectInputStream in)
-        throws IOException, ClassNotFoundException
-    {
-        in.defaultReadObject();
-
-        byte[] enc = (byte[])in.readObject();
-
-        populateFromPubKeyInfo(SubjectPublicKeyInfo.getInstance(enc));
-    }
-
-    private void writeObject(
-        ObjectOutputStream out)
-        throws IOException
-    {
-        out.defaultWriteObject();
-
-        out.writeObject(this.getEncoded());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/KeyAgreementSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/KeyAgreementSpi.java
deleted file mode 100644
index 0cfd2f5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/KeyAgreementSpi.java
+++ /dev/null

@@ -1,343 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.edec;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.crypto.DerivationFunction;
-import org.bouncycastle.crypto.RawAgreement;
-import org.bouncycastle.crypto.agreement.X25519Agreement;
-import org.bouncycastle.crypto.agreement.X448Agreement;
-import org.bouncycastle.crypto.agreement.XDHUnifiedAgreement;
-import org.bouncycastle.crypto.agreement.kdf.ConcatenationKDFGenerator;
-import org.bouncycastle.crypto.generators.KDF2BytesGenerator;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.X448PrivateKeyParameters;
-import org.bouncycastle.crypto.params.XDHUPrivateParameters;
-import org.bouncycastle.crypto.params.XDHUPublicParameters;
-import org.bouncycastle.crypto.util.DigestFactory;
-import org.bouncycastle.jcajce.provider.asymmetric.util.BaseAgreementSpi;
-import org.bouncycastle.jcajce.spec.DHUParameterSpec;
-import org.bouncycastle.jcajce.spec.UserKeyingMaterialSpec;
-
-public class KeyAgreementSpi
-    extends BaseAgreementSpi
-{
-    private RawAgreement agreement;
-    private DHUParameterSpec dhuSpec;
-    private byte[] result;
-
-    KeyAgreementSpi(String algorithm)
-    {
-        super(algorithm, null);
-    }
-
-    KeyAgreementSpi(String algorithm, DerivationFunction kdf)
-    {
-        super(algorithm, kdf);
-    }
-
-    protected byte[] calcSecret()
-    {
-        return result;
-    }
-
-    protected void engineInit(Key key, SecureRandom secureRandom)
-        throws InvalidKeyException
-    {
-        if (key instanceof BCXDHPrivateKey)
-        {
-            AsymmetricKeyParameter priv = ((BCXDHPrivateKey)key).engineGetKeyParameters();
-
-            if (priv instanceof X448PrivateKeyParameters)
-            {
-                agreement = getAgreement("X448");
-            }
-            else
-            {
-                agreement = getAgreement("X25519");
-            }
-
-            agreement.init(priv);
-        }
-        else
-        {
-            throw new InvalidKeyException("cannot identify XDH private key");
-        }
-
-        if (kdf != null)
-        {
-            ukmParameters = new byte[0];
-        }
-        else
-        {
-            ukmParameters = null;
-        }
-    }
-
-    protected void engineInit(Key key, AlgorithmParameterSpec params, SecureRandom secureRandom)
-        throws InvalidKeyException, InvalidAlgorithmParameterException
-    {
-        AsymmetricKeyParameter priv;
-
-        if (key instanceof BCXDHPrivateKey)
-        {
-            priv = ((BCXDHPrivateKey)key).engineGetKeyParameters();
-
-            if (priv instanceof X448PrivateKeyParameters)
-            {
-                agreement = getAgreement("X448");
-            }
-            else
-            {
-                agreement = getAgreement("X25519");
-            }
-        }
-        else
-        {
-            throw new InvalidKeyException("cannot identify XDH private key");
-        }
-
-        ukmParameters = null;
-        if (params instanceof DHUParameterSpec)
-        {
-            if (kaAlgorithm.indexOf('U') < 0)
-            {
-                throw new InvalidAlgorithmParameterException("agreement algorithm not DHU based");
-            }
-
-            dhuSpec = (DHUParameterSpec)params;
-
-            ukmParameters = dhuSpec.getUserKeyingMaterial();
-            
-            agreement.init(new XDHUPrivateParameters(
-                priv, ((BCXDHPrivateKey)dhuSpec.getEphemeralPrivateKey()).engineGetKeyParameters(),
-                ((BCXDHPublicKey)dhuSpec.getEphemeralPublicKey()).engineGetKeyParameters()));
-        }
-        else
-        {
-            agreement.init(priv);
-
-            if (params instanceof UserKeyingMaterialSpec)
-            {
-                if (kdf == null)
-                {
-                    throw new InvalidAlgorithmParameterException("no KDF specified for UserKeyingMaterialSpec");
-                }
-                this.ukmParameters = ((UserKeyingMaterialSpec)params).getUserKeyingMaterial();
-            }
-            else
-            {
-                throw new InvalidAlgorithmParameterException("unknown ParameterSpec");
-            }
-        }
-
-        if (kdf != null && ukmParameters == null)
-        {
-            ukmParameters = new byte[0];
-        }
-    }
-
-    protected Key engineDoPhase(Key key, boolean lastPhase)
-        throws InvalidKeyException, IllegalStateException
-    {
-        if (agreement == null)
-        {
-            throw new IllegalStateException(kaAlgorithm + " not initialised.");
-        }
-
-        if (!lastPhase)
-        {
-            throw new IllegalStateException(kaAlgorithm + " can only be between two parties.");
-        }
-
-        if (!(key instanceof BCXDHPublicKey))
-        {
-            throw new InvalidKeyException("cannot identify XDH private key");
-        }
-
-        AsymmetricKeyParameter pub = ((BCXDHPublicKey)key).engineGetKeyParameters();
-
-        result = new byte[agreement.getAgreementSize()];
-
-        if (dhuSpec != null)
-        {
-            agreement.calculateAgreement(new XDHUPublicParameters(pub, ((BCXDHPublicKey)dhuSpec.getOtherPartyEphemeralKey()).engineGetKeyParameters()), result, 0);
-        }
-        else
-        {
-            agreement.calculateAgreement(pub, result, 0);
-        }
-
-        return null;
-    }
-
-    private RawAgreement getAgreement(String alg)
-        throws InvalidKeyException
-    {
-        if (!(kaAlgorithm.equals("XDH") || kaAlgorithm.startsWith(alg)))
-        {
-            throw new InvalidKeyException("inappropriate key for " + kaAlgorithm);
-        }
-
-        if (kaAlgorithm.indexOf('U') > 0)
-        {
-            if (alg.startsWith("X448"))
-            {
-                return new XDHUnifiedAgreement(new X448Agreement());
-            }
-            else
-            {
-                return new XDHUnifiedAgreement(new X25519Agreement());
-            }
-        }
-        else
-        {
-            if (alg.startsWith("X448"))
-            {
-                return new X448Agreement();
-            }
-            else
-            {
-                return new X25519Agreement();
-            }
-        }
-    }
-
-    public final static class XDH
-        extends KeyAgreementSpi
-    {
-        public XDH()
-        {
-            super("XDH");
-        }
-    }
-
-    public final static class X448
-        extends KeyAgreementSpi
-    {
-        public X448()
-        {
-            super("X448");
-        }
-    }
-
-    public final static class X25519
-        extends KeyAgreementSpi
-    {
-        public X25519()
-        {
-            super("X25519");
-        }
-    }
-
-    public final static class X25519withSHA256CKDF
-        extends KeyAgreementSpi
-    {
-        public X25519withSHA256CKDF()
-        {
-            super("X25519withSHA256CKDF", new ConcatenationKDFGenerator(DigestFactory.createSHA256()));
-        }
-    }
-
-    public static class X25519withSHA384CKDF
-        extends KeyAgreementSpi
-    {
-        public X25519withSHA384CKDF()
-        {
-            super("X25519withSHA384CKDF", new ConcatenationKDFGenerator(DigestFactory.createSHA384()));
-        }
-    }
-
-    public static class X25519withSHA512CKDF
-        extends KeyAgreementSpi
-    {
-        public X25519withSHA512CKDF()
-        {
-            super("X25519withSHA512CKDF", new ConcatenationKDFGenerator(DigestFactory.createSHA512()));
-        }
-    }
-
-    public final static class X448withSHA256CKDF
-        extends KeyAgreementSpi
-    {
-        public X448withSHA256CKDF()
-        {
-            super("X448withSHA256CKDF", new ConcatenationKDFGenerator(DigestFactory.createSHA256()));
-        }
-    }
-
-    public static class X448withSHA384CKDF
-        extends KeyAgreementSpi
-    {
-        public X448withSHA384CKDF()
-        {
-            super("X448withSHA384CKDF", new ConcatenationKDFGenerator(DigestFactory.createSHA384()));
-        }
-    }
-
-    public final static class X448withSHA512CKDF
-        extends KeyAgreementSpi
-    {
-        public X448withSHA512CKDF()
-        {
-            super("X448withSHA512CKDF", new ConcatenationKDFGenerator(DigestFactory.createSHA512()));
-        }
-    }
-
-    public final static class X25519withSHA256KDF
-        extends KeyAgreementSpi
-    {
-        public X25519withSHA256KDF()
-        {
-            super("X25519withSHA256KDF", new KDF2BytesGenerator(DigestFactory.createSHA256()));
-        }
-    }
-
-    public final static class X448withSHA512KDF
-        extends KeyAgreementSpi
-    {
-        public X448withSHA512KDF()
-        {
-            super("X448withSHA512KDF", new KDF2BytesGenerator(DigestFactory.createSHA512()));
-        }
-    }
-
-    public static class X25519UwithSHA256CKDF
-        extends KeyAgreementSpi
-    {
-        public X25519UwithSHA256CKDF()
-        {
-            super("X25519UwithSHA256CKDF", new ConcatenationKDFGenerator(DigestFactory.createSHA256()));
-        }
-    }
-
-    public static class X448UwithSHA512CKDF
-        extends KeyAgreementSpi
-    {
-        public X448UwithSHA512CKDF()
-        {
-            super("X448UwithSHA512CKDF", new ConcatenationKDFGenerator(DigestFactory.createSHA512()));
-        }
-    }
-
-    public static class X25519UwithSHA256KDF
-        extends KeyAgreementSpi
-    {
-        public X25519UwithSHA256KDF()
-        {
-            super("X25519UwithSHA256KDF", new KDF2BytesGenerator(DigestFactory.createSHA256()));
-        }
-    }
-
-    public static class X448UwithSHA512KDF
-        extends KeyAgreementSpi
-    {
-        public X448UwithSHA512KDF()
-        {
-            super("X448UwithSHA512KDF", new KDF2BytesGenerator(DigestFactory.createSHA512()));
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/KeyFactorySpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/KeyFactorySpi.java
deleted file mode 100644
index 9fd7945..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/KeyFactorySpi.java
+++ /dev/null

@@ -1,277 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.edec;
-
-import java.io.IOException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.KeySpec;
-import java.security.spec.X509EncodedKeySpec;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.edec.EdECObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.params.Ed25519PrivateKeyParameters;
-import org.bouncycastle.crypto.params.Ed25519PublicKeyParameters;
-import org.bouncycastle.crypto.util.OpenSSHPrivateKeyUtil;
-import org.bouncycastle.crypto.util.OpenSSHPublicKeyUtil;
-import org.bouncycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi;
-import org.bouncycastle.jcajce.provider.util.AsymmetricKeyInfoConverter;
-import org.bouncycastle.jce.spec.OpenSSHPrivateKeySpec;
-import org.bouncycastle.jce.spec.OpenSSHPublicKeySpec;
-import org.bouncycastle.util.encoders.Hex;
-
-public class KeyFactorySpi
-    extends BaseKeyFactorySpi
-    implements AsymmetricKeyInfoConverter
-{
-    static final byte[] x448Prefix = Hex.decode("3042300506032b656f033900");
-    static final byte[] x25519Prefix = Hex.decode("302a300506032b656e032100");
-    static final byte[] Ed448Prefix = Hex.decode("3043300506032b6571033a00");
-    static final byte[] Ed25519Prefix = Hex.decode("302a300506032b6570032100");
-
-    private static final byte x448_type = 0x6f;
-    private static final byte x25519_type = 0x6e;
-    private static final byte Ed448_type = 0x71;
-    private static final byte Ed25519_type = 0x70;
-
-    String algorithm;
-    private final boolean isXdh;
-    private final int specificBase;
-
-    public KeyFactorySpi(
-        String algorithm,
-        boolean isXdh,
-        int specificBase)
-    {
-        this.algorithm = algorithm;
-        this.isXdh = isXdh;
-        this.specificBase = specificBase;
-    }
-
-    protected Key engineTranslateKey(
-        Key key)
-        throws InvalidKeyException
-    {
-        throw new InvalidKeyException("key type unknown");
-    }
-
-    protected KeySpec engineGetKeySpec(
-        Key key,
-        Class spec)
-        throws InvalidKeySpecException
-    {
-        if (spec.isAssignableFrom(OpenSSHPrivateKeySpec.class) && key instanceof BCEdDSAPrivateKey)
-        {
-            try
-            {
-                //
-                // The DEROctetString at element 2 is an encoded DEROctetString with the private key value
-                // within it.
-                //
-
-                ASN1Sequence seq = ASN1Sequence.getInstance(key.getEncoded());
-                DEROctetString val = (DEROctetString)seq.getObjectAt(2);
-                ASN1InputStream in = new ASN1InputStream(val.getOctets());
-
-                return new OpenSSHPrivateKeySpec(OpenSSHPrivateKeyUtil.encodePrivateKey(new Ed25519PrivateKeyParameters(((DEROctetString)in.readObject()).getOctets(), 0)));
-            }
-            catch (IOException ex)
-            {
-                throw new InvalidKeySpecException(ex.getMessage(), ex.getCause());
-            }
-
-        }
-        else if (spec.isAssignableFrom(OpenSSHPublicKeySpec.class) && key instanceof BCEdDSAPublicKey)
-        {
-            try
-            {
-                return new OpenSSHPublicKeySpec(OpenSSHPublicKeyUtil.encodePublicKey(new Ed25519PublicKeyParameters(key.getEncoded(), Ed25519Prefix.length)));
-            }
-            catch (IOException ex)
-            {
-                throw new InvalidKeySpecException(ex.getMessage(), ex.getCause());
-            }
-        }
-
-        return super.engineGetKeySpec(key, spec);
-    }
-
-    protected PrivateKey engineGeneratePrivate(
-        KeySpec keySpec)
-        throws InvalidKeySpecException
-    {
-        if (keySpec instanceof OpenSSHPrivateKeySpec)
-        {
-            CipherParameters parameters = OpenSSHPrivateKeyUtil.parsePrivateKeyBlob(((OpenSSHPrivateKeySpec)keySpec).getEncoded());
-            if (parameters instanceof Ed25519PrivateKeyParameters)
-            {
-                return new BCEdDSAPrivateKey((Ed25519PrivateKeyParameters)parameters);
-            }
-            throw new IllegalStateException("openssh private key not Ed25519 private key");
-        }
-
-        return super.engineGeneratePrivate(keySpec);
-    }
-
-    protected PublicKey engineGeneratePublic(
-        KeySpec keySpec)
-        throws InvalidKeySpecException
-    {
-        if (keySpec instanceof X509EncodedKeySpec)
-        {
-            byte[] enc = ((X509EncodedKeySpec)keySpec).getEncoded();
-            // optimise if we can
-            if (specificBase == 0 || specificBase == enc[8])
-            {
-                switch (enc[8])
-                {
-                case x448_type:
-                    return new BCXDHPublicKey(x448Prefix, enc);
-                case x25519_type:
-                    return new BCXDHPublicKey(x25519Prefix, enc);
-                case Ed448_type:
-                    return new BCEdDSAPublicKey(Ed448Prefix, enc);
-                case Ed25519_type:
-                    return new BCEdDSAPublicKey(Ed25519Prefix, enc);
-                default:
-                    return super.engineGeneratePublic(keySpec);
-                }
-            }
-        }
-        else if (keySpec instanceof OpenSSHPublicKeySpec)
-        {
-            CipherParameters parameters = OpenSSHPublicKeyUtil.parsePublicKey(((OpenSSHPublicKeySpec)keySpec).getEncoded());
-            if (parameters instanceof Ed25519PublicKeyParameters)
-            {
-                return new BCEdDSAPublicKey(new byte[0], ((Ed25519PublicKeyParameters)parameters).getEncoded());
-            }
-
-            throw new IllegalStateException("openssh public key not Ed25519 public key");
-        }
-
-        return super.engineGeneratePublic(keySpec);
-    }
-
-    public PrivateKey generatePrivate(PrivateKeyInfo keyInfo)
-        throws IOException
-    {
-        ASN1ObjectIdentifier algOid = keyInfo.getPrivateKeyAlgorithm().getAlgorithm();
-
-        if (isXdh)
-        {
-            if ((specificBase == 0 || specificBase == x448_type) && algOid.equals(EdECObjectIdentifiers.id_X448))
-            {
-                return new BCXDHPrivateKey(keyInfo);
-            }
-            if ((specificBase == 0 || specificBase == x25519_type) && algOid.equals(EdECObjectIdentifiers.id_X25519))
-            {
-                return new BCXDHPrivateKey(keyInfo);
-            }
-        }
-        else if (algOid.equals(EdECObjectIdentifiers.id_Ed448) || algOid.equals(EdECObjectIdentifiers.id_Ed25519))
-        {
-            if ((specificBase == 0 || specificBase == Ed448_type) && algOid.equals(EdECObjectIdentifiers.id_Ed448))
-            {
-                return new BCEdDSAPrivateKey(keyInfo);
-            }
-            if ((specificBase == 0 || specificBase == Ed25519_type) && algOid.equals(EdECObjectIdentifiers.id_Ed25519))
-            {
-                return new BCEdDSAPrivateKey(keyInfo);
-            }
-        }
-
-        throw new IOException("algorithm identifier " + algOid + " in key not recognized");
-    }
-
-    public PublicKey generatePublic(SubjectPublicKeyInfo keyInfo)
-        throws IOException
-    {
-        ASN1ObjectIdentifier algOid = keyInfo.getAlgorithm().getAlgorithm();
-
-        if (isXdh)
-        {
-            if ((specificBase == 0 || specificBase == x448_type) && algOid.equals(EdECObjectIdentifiers.id_X448))
-            {
-                return new BCXDHPublicKey(keyInfo);
-            }
-            if ((specificBase == 0 || specificBase == x25519_type) && algOid.equals(EdECObjectIdentifiers.id_X25519))
-            {
-                return new BCXDHPublicKey(keyInfo);
-            }
-        }
-        else if (algOid.equals(EdECObjectIdentifiers.id_Ed448) || algOid.equals(EdECObjectIdentifiers.id_Ed25519))
-        {
-            if ((specificBase == 0 || specificBase == Ed448_type) && algOid.equals(EdECObjectIdentifiers.id_Ed448))
-            {
-                return new BCEdDSAPublicKey(keyInfo);
-            }
-            if ((specificBase == 0 || specificBase == Ed25519_type) && algOid.equals(EdECObjectIdentifiers.id_Ed25519))
-            {
-                return new BCEdDSAPublicKey(keyInfo);
-            }
-        }
-
-        throw new IOException("algorithm identifier " + algOid + " in key not recognized");
-    }
-
-    public static class XDH
-        extends KeyFactorySpi
-    {
-        public XDH()
-        {
-            super("XDH", true, 0);
-        }
-    }
-
-    public static class X448
-        extends KeyFactorySpi
-    {
-        public X448()
-        {
-            super("X448", true, x448_type);
-        }
-    }
-
-    public static class X25519
-        extends KeyFactorySpi
-    {
-        public X25519()
-        {
-            super("X25519", true, x25519_type);
-        }
-    }
-
-    public static class EDDSA
-        extends KeyFactorySpi
-    {
-        public EDDSA()
-        {
-            super("EdDSA", false, 0);
-        }
-    }
-
-    public static class ED448
-        extends KeyFactorySpi
-    {
-        public ED448()
-        {
-            super("Ed448", false, Ed448_type);
-        }
-    }
-
-    public static class ED25519
-        extends KeyFactorySpi
-    {
-        public ED25519()
-        {
-            super("Ed25519", false, Ed25519_type);
-        }
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/KeyPairGeneratorSpi.java
deleted file mode 100644
index b5cad9a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/KeyPairGeneratorSpi.java
+++ /dev/null

@@ -1,281 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.edec;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidParameterException;
-import java.security.KeyPair;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.ECGenParameterSpec;
-
-import org.bouncycastle.asn1.edec.EdECObjectIdentifiers;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
-import org.bouncycastle.crypto.generators.Ed25519KeyPairGenerator;
-import org.bouncycastle.crypto.generators.Ed448KeyPairGenerator;
-import org.bouncycastle.crypto.generators.X25519KeyPairGenerator;
-import org.bouncycastle.crypto.generators.X448KeyPairGenerator;
-import org.bouncycastle.crypto.params.Ed25519KeyGenerationParameters;
-import org.bouncycastle.crypto.params.Ed448KeyGenerationParameters;
-import org.bouncycastle.crypto.params.X25519KeyGenerationParameters;
-import org.bouncycastle.crypto.params.X448KeyGenerationParameters;
-import org.bouncycastle.jcajce.spec.EdDSAParameterSpec;
-import org.bouncycastle.jcajce.spec.XDHParameterSpec;
-import org.bouncycastle.jce.spec.ECNamedCurveGenParameterSpec;
-
-public class KeyPairGeneratorSpi
-    extends java.security.KeyPairGeneratorSpi
-{
-    private static final int EdDSA = -1;
-    private static final int XDH = -2;
-
-    private static final int Ed448 = 0;
-    private static final int Ed25519 = 1;
-    private static final int X448 = 2;
-    private static final int X25519 = 3;
-
-    private int algorithm;
-    private AsymmetricCipherKeyPairGenerator generator;
-
-    private boolean initialised;
-    private SecureRandom secureRandom;
-
-    KeyPairGeneratorSpi(int algorithm, AsymmetricCipherKeyPairGenerator generator)
-    {
-        this.algorithm = algorithm;
-        this.generator = generator;
-    }
-
-    public void initialize(int strength, SecureRandom secureRandom)
-    {
-        this.secureRandom = secureRandom;
-
-        switch (strength)
-        {
-        case 255:
-        case 256:
-            switch (algorithm)
-            {
-            case EdDSA:
-            case Ed25519:
-                setupGenerator(Ed25519);
-                break;
-            case XDH:
-            case X25519:
-                setupGenerator(X25519);
-                break;
-            default:
-                throw new InvalidParameterException("key size not configurable");
-            }
-            break;
-        case 448:
-            switch (algorithm)
-            {
-            case EdDSA:
-            case Ed448:
-                setupGenerator(Ed448);
-                break;
-            case XDH:
-            case X448:
-                setupGenerator(X448);
-                break;
-            default:
-                throw new InvalidParameterException("key size not configurable");
-            }
-            break;
-        default:
-            throw new InvalidParameterException("unknown key size");
-        }
-    }
-
-    public void initialize(AlgorithmParameterSpec paramSpec, SecureRandom secureRandom)
-        throws InvalidAlgorithmParameterException
-    {
-        this.secureRandom = secureRandom;
-
-        if (paramSpec instanceof ECGenParameterSpec)
-        {
-            initializeGenerator(((ECGenParameterSpec)paramSpec).getName());
-        }
-        else if (paramSpec instanceof ECNamedCurveGenParameterSpec)
-        {
-            initializeGenerator(((ECNamedCurveGenParameterSpec)paramSpec).getName());
-        }
-        else if (paramSpec instanceof EdDSAParameterSpec)
-        {
-            initializeGenerator(((EdDSAParameterSpec)paramSpec).getCurveName());
-        }
-        else if (paramSpec instanceof XDHParameterSpec)
-        {
-            initializeGenerator(((XDHParameterSpec)paramSpec).getCurveName());
-        }
-        else
-        {
-            throw new InvalidAlgorithmParameterException("invalid parameterSpec: " + paramSpec);
-        }
-    }
-
-    private void algorithmCheck(int algorithm)
-        throws InvalidAlgorithmParameterException
-    {
-        if (this.algorithm != algorithm)
-        {
-            if (this.algorithm == Ed25519 || this.algorithm == Ed448)
-            {
-                throw new InvalidAlgorithmParameterException("parameterSpec for wrong curve type");
-            }
-            if (this.algorithm == EdDSA && (algorithm != Ed25519 && algorithm != Ed448))
-            {
-                throw new InvalidAlgorithmParameterException("parameterSpec for wrong curve type");
-            }
-            if (this.algorithm == X25519 || this.algorithm == X448)
-            {
-                throw new InvalidAlgorithmParameterException("parameterSpec for wrong curve type");
-            }
-            if (this.algorithm == XDH && (algorithm != X25519 && algorithm != X448))
-            {
-                throw new InvalidAlgorithmParameterException("parameterSpec for wrong curve type");
-            }
-            this.algorithm = algorithm;
-        }
-    }
-
-    private void initializeGenerator(String name)
-        throws InvalidAlgorithmParameterException
-    {
-        if (name.equalsIgnoreCase(EdDSAParameterSpec.Ed448) || name.equals(EdECObjectIdentifiers.id_Ed448.getId()))
-        {
-            algorithmCheck(Ed448);
-            this.generator = new Ed448KeyPairGenerator();
-            setupGenerator(Ed448);
-        }
-        else if (name.equalsIgnoreCase(EdDSAParameterSpec.Ed25519) || name.equals(EdECObjectIdentifiers.id_Ed25519.getId()))
-        {
-            algorithmCheck(Ed25519);
-            this.generator = new Ed25519KeyPairGenerator();
-            setupGenerator(Ed25519);
-        }
-        else if (name.equalsIgnoreCase(XDHParameterSpec.X448) || name.equals(EdECObjectIdentifiers.id_X448.getId()))
-        {
-            algorithmCheck(X448);
-            this.generator = new X448KeyPairGenerator();
-            setupGenerator(X448);
-        }
-        else if (name.equalsIgnoreCase(XDHParameterSpec.X25519) || name.equals(EdECObjectIdentifiers.id_X25519.getId()))
-        {
-            algorithmCheck(X25519);
-            this.generator = new X25519KeyPairGenerator();
-            setupGenerator(X25519);
-        }
-    }
-
-    public KeyPair generateKeyPair()
-    {
-        if (generator == null)
-        {
-            throw new IllegalStateException("generator not correctly initialized");
-        }
-
-        if (!initialised)
-        {
-            setupGenerator(algorithm);
-        }
-
-        AsymmetricCipherKeyPair kp = generator.generateKeyPair();
-
-        switch (algorithm)
-        {
-        case Ed448:
-            return new KeyPair(new BCEdDSAPublicKey(kp.getPublic()), new BCEdDSAPrivateKey(kp.getPrivate()));
-        case Ed25519:
-            return new KeyPair(new BCEdDSAPublicKey(kp.getPublic()), new BCEdDSAPrivateKey(kp.getPrivate()));
-        case X448:
-            return new KeyPair(new BCXDHPublicKey(kp.getPublic()), new BCXDHPrivateKey(kp.getPrivate()));
-        case X25519:
-            return new KeyPair(new BCXDHPublicKey(kp.getPublic()), new BCXDHPrivateKey(kp.getPrivate()));
-        }
-
-        throw new IllegalStateException("generator not correctly initialized");
-    }
-
-    private void setupGenerator(int algorithm)
-    {
-        initialised = true;
-
-        if (secureRandom == null)
-        {
-            secureRandom = new SecureRandom();
-        }
-
-        switch (algorithm)
-        {
-        case Ed448:
-            generator.init(new Ed448KeyGenerationParameters(secureRandom));
-            break;
-        case EdDSA:
-        case Ed25519:
-            generator.init(new Ed25519KeyGenerationParameters(secureRandom));
-            break;
-        case X448:
-            generator.init(new X448KeyGenerationParameters(secureRandom));
-            break;
-        case XDH:
-        case X25519:
-            generator.init(new X25519KeyGenerationParameters(secureRandom));
-            break;
-        }
-    }
-
-    public static final class EdDSA
-        extends KeyPairGeneratorSpi
-    {
-        public EdDSA()
-        {
-            super(EdDSA, null);
-        }
-    }
-
-    public static final class Ed448
-        extends KeyPairGeneratorSpi
-    {
-        public Ed448()
-        {
-            super(Ed448, new Ed448KeyPairGenerator());
-        }
-    }
-
-    public static final class Ed25519
-        extends KeyPairGeneratorSpi
-    {
-        public Ed25519()
-        {
-            super(Ed25519, new Ed25519KeyPairGenerator());
-        }
-    }
-
-    public static final class XDH
-        extends KeyPairGeneratorSpi
-    {
-        public XDH()
-        {
-            super(XDH, null);
-        }
-    }
-
-    public static final class X448
-        extends KeyPairGeneratorSpi
-    {
-        public X448()
-        {
-            super(X448, new X448KeyPairGenerator());
-        }
-    }
-
-    public static final class X25519
-        extends KeyPairGeneratorSpi
-    {
-        public X25519()
-        {
-            super(X25519, new X25519KeyPairGenerator());
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/SignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/SignatureSpi.java
deleted file mode 100644
index a88bb2c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/SignatureSpi.java
+++ /dev/null

@@ -1,166 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.edec;
-
-import java.security.InvalidKeyException;
-import java.security.InvalidParameterException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SignatureException;
-
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.Ed448PrivateKeyParameters;
-import org.bouncycastle.crypto.params.Ed448PublicKeyParameters;
-import org.bouncycastle.crypto.signers.Ed25519Signer;
-import org.bouncycastle.crypto.signers.Ed448Signer;
-
-public class SignatureSpi
-    extends java.security.SignatureSpi
-{
-    private static final byte[] EMPTY_CONTEXT = new byte[0];
-
-    private final String algorithm;
-
-    private Signer signer;
-
-    SignatureSpi(String algorithm)
-    {
-        this.algorithm = algorithm;
-    }
-
-    protected void engineInitVerify(PublicKey publicKey)
-        throws InvalidKeyException
-    {
-        if (publicKey instanceof BCEdDSAPublicKey)
-        {
-            AsymmetricKeyParameter pub = ((BCEdDSAPublicKey)publicKey).engineGetKeyParameters();
-
-            if (pub instanceof Ed448PublicKeyParameters)
-            {
-                signer = getSigner("Ed448");
-            }
-            else
-            {
-                signer = getSigner("Ed25519");
-            }
-
-            signer.init(false, pub);
-        }
-        else
-        {
-            throw new InvalidKeyException("cannot identify EdDSA public key");
-        }
-    }
-
-    protected void engineInitSign(PrivateKey privateKey)
-        throws InvalidKeyException
-    {
-        if (privateKey instanceof BCEdDSAPrivateKey)
-        {
-            AsymmetricKeyParameter priv = ((BCEdDSAPrivateKey)privateKey).engineGetKeyParameters();
-
-            if (priv instanceof Ed448PrivateKeyParameters)
-            {
-                signer = getSigner("Ed448");
-            }
-            else
-            {
-                signer = getSigner("Ed25519");
-            }
-
-            signer.init(true, priv);
-        }
-        else
-        {
-            throw new InvalidKeyException("cannot identify EdDSA public key");
-        }
-    }
-
-    private Signer getSigner(String alg)
-        throws InvalidKeyException
-    {
-        if (algorithm != null && !alg.equals(algorithm))
-        {
-            throw new InvalidKeyException("inappropriate key for " + algorithm);
-        }
-
-        if (alg.equals("Ed448"))
-        {
-            return new Ed448Signer(EMPTY_CONTEXT);
-        }
-        else
-        {
-            return new Ed25519Signer();
-        }
-    }
-
-    protected void engineUpdate(byte b)
-        throws SignatureException
-    {
-        signer.update(b);
-    }
-
-    protected void engineUpdate(byte[] bytes, int off, int len)
-        throws SignatureException
-    {
-        signer.update(bytes, off, len);
-    }
-
-    protected byte[] engineSign()
-        throws SignatureException
-    {
-        try
-        {
-            return signer.generateSignature();
-        }
-        catch (CryptoException e)
-        {
-            throw new SignatureException(e.getMessage());
-        }
-    }
-
-    protected boolean engineVerify(byte[] signature)
-        throws SignatureException
-    {
-        return signer.verifySignature(signature);
-    }
-
-    protected void engineSetParameter(String s, Object o)
-        throws InvalidParameterException
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    protected Object engineGetParameter(String s)
-        throws InvalidParameterException
-    {
-        throw new UnsupportedOperationException("engineGetParameter unsupported");
-    }
-
-    public final static class EdDSA
-        extends SignatureSpi
-    {
-        public EdDSA()
-        {
-            super(null);
-        }
-    }
-
-    public final static class Ed448
-        extends SignatureSpi
-    {
-        public Ed448()
-        {
-            super("Ed448");
-        }
-    }
-
-    public final static class Ed25519
-        extends SignatureSpi
-    {
-        public Ed25519()
-        {
-            super("Ed25519");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/Utils.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/Utils.java
deleted file mode 100644
index c3081ac..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/edec/Utils.java
+++ /dev/null

@@ -1,71 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.edec;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.Ed25519PublicKeyParameters;
-import org.bouncycastle.crypto.params.Ed448PublicKeyParameters;
-import org.bouncycastle.crypto.params.X25519PublicKeyParameters;
-import org.bouncycastle.crypto.params.X448PublicKeyParameters;
-import org.bouncycastle.util.Fingerprint;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-
-class Utils
-{
-    static boolean isValidPrefix(byte[] prefix, byte[] encoding)
-    {
-        if (encoding.length < prefix.length)
-        {
-            return !isValidPrefix(prefix, prefix);
-        }
-
-        int nonEqual = 0;
-
-        for (int i = 0; i != prefix.length; i++)
-        {
-            nonEqual |= (prefix[i] ^ encoding[i]);
-        }
-
-        return nonEqual == 0;
-    }
-
-    static String keyToString(String label, String algorithm, AsymmetricKeyParameter pubKey)
-    {
-        StringBuffer buf = new StringBuffer();
-        String nl = Strings.lineSeparator();
-
-        byte[] keyBytes;
-        if (pubKey instanceof X448PublicKeyParameters)
-        {
-            keyBytes = ((X448PublicKeyParameters)pubKey).getEncoded();
-        }
-        else if (pubKey instanceof Ed448PublicKeyParameters)
-        {
-            keyBytes = ((Ed448PublicKeyParameters)pubKey).getEncoded();
-        }
-        else if (pubKey instanceof X25519PublicKeyParameters)
-        {
-            keyBytes = ((X25519PublicKeyParameters)pubKey).getEncoded();
-        }
-        else
-        {
-            keyBytes = ((Ed25519PublicKeyParameters)pubKey).getEncoded();
-        }
-
-        buf.append(algorithm)
-            .append(" ")
-            .append(label).append(" [")
-            .append(Utils.generateKeyFingerprint(keyBytes))
-            .append("]")
-            .append(nl)
-            .append("    public data: ")
-            .append(Hex.toHexString(keyBytes))
-            .append(nl);
-
-        return buf.toString();
-    }
-
-    private static String generateKeyFingerprint(byte[] keyBytes)
-    {
-        return new Fingerprint(keyBytes).toString();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/AlgorithmParameterGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/AlgorithmParameterGeneratorSpi.java
deleted file mode 100644
index 18b9d9a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/AlgorithmParameterGeneratorSpi.java
+++ /dev/null

@@ -1,77 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.elgamal;
-
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.spec.DHGenParameterSpec;
-import javax.crypto.spec.DHParameterSpec;
-
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.generators.ElGamalParametersGenerator;
-import org.bouncycastle.crypto.params.ElGamalParameters;
-import org.bouncycastle.jcajce.provider.asymmetric.util.BaseAlgorithmParameterGeneratorSpi;
-
-public class AlgorithmParameterGeneratorSpi
-    extends BaseAlgorithmParameterGeneratorSpi
-{
-    protected SecureRandom random;
-    protected int strength = 1024;
-
-    private int l = 0;
-
-    protected void engineInit(
-        int strength,
-        SecureRandom random)
-    {
-        this.strength = strength;
-        this.random = random;
-    }
-
-    protected void engineInit(
-        AlgorithmParameterSpec genParamSpec,
-        SecureRandom random)
-        throws InvalidAlgorithmParameterException
-    {
-        if (!(genParamSpec instanceof DHGenParameterSpec))
-        {
-            throw new InvalidAlgorithmParameterException("DH parameter generator requires a DHGenParameterSpec for initialisation");
-        }
-        DHGenParameterSpec spec = (DHGenParameterSpec)genParamSpec;
-
-        this.strength = spec.getPrimeSize();
-        this.l = spec.getExponentSize();
-        this.random = random;
-    }
-
-    protected AlgorithmParameters engineGenerateParameters()
-    {
-        ElGamalParametersGenerator pGen = new ElGamalParametersGenerator();
-
-        if (random != null)
-        {
-            pGen.init(strength, 20, random);
-        }
-        else
-        {
-            pGen.init(strength, 20, CryptoServicesRegistrar.getSecureRandom());
-        }
-
-        ElGamalParameters p = pGen.generateParameters();
-
-        AlgorithmParameters params;
-
-        try
-        {
-            params = createParametersInstance("ElGamal");
-            params.init(new DHParameterSpec(p.getP(), p.getG(), l));
-        }
-        catch (Exception e)
-        {
-            throw new RuntimeException(e.getMessage());
-        }
-
-        return params;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/AlgorithmParametersSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/AlgorithmParametersSpi.java
deleted file mode 100644
index 9280f80..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/AlgorithmParametersSpi.java
+++ /dev/null

@@ -1,129 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.elgamal;
-
-import java.io.IOException;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.InvalidParameterSpecException;
-
-import javax.crypto.spec.DHParameterSpec;
-
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.oiw.ElGamalParameter;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters;
-import org.bouncycastle.jce.spec.ElGamalParameterSpec;
-
-public class AlgorithmParametersSpi
-    extends BaseAlgorithmParameters
-{
-    ElGamalParameterSpec currentSpec;
-
-    /**
-     * Return the X.509 ASN.1 structure ElGamalParameter.
-     * <pre>
-     *  ElGamalParameter ::= SEQUENCE {
-     *                   prime INTEGER, -- p
-     *                   base INTEGER, -- g}
-     * </pre>
-     */
-    protected byte[] engineGetEncoded()
-    {
-        ElGamalParameter elP = new ElGamalParameter(currentSpec.getP(), currentSpec.getG());
-
-        try
-        {
-            return elP.getEncoded(ASN1Encoding.DER);
-        }
-        catch (IOException e)
-        {
-            throw new RuntimeException("Error encoding ElGamalParameters");
-        }
-    }
-
-    protected byte[] engineGetEncoded(
-        String format)
-    {
-        if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509"))
-        {
-            return engineGetEncoded();
-        }
-
-        return null;
-    }
-
-    protected AlgorithmParameterSpec localEngineGetParameterSpec(
-        Class paramSpec)
-        throws InvalidParameterSpecException
-    {
-        if (paramSpec == ElGamalParameterSpec.class || paramSpec == AlgorithmParameterSpec.class)
-        {
-            return currentSpec;
-        }
-        else if (paramSpec == DHParameterSpec.class)
-        {
-            return new DHParameterSpec(currentSpec.getP(), currentSpec.getG());
-        }
-
-        throw new InvalidParameterSpecException("unknown parameter spec passed to ElGamal parameters object.");
-    }
-
-    protected void engineInit(
-        AlgorithmParameterSpec paramSpec)
-        throws InvalidParameterSpecException
-    {
-        if (!(paramSpec instanceof ElGamalParameterSpec) && !(paramSpec instanceof DHParameterSpec))
-        {
-            throw new InvalidParameterSpecException("DHParameterSpec required to initialise a ElGamal algorithm parameters object");
-        }
-
-        if (paramSpec instanceof ElGamalParameterSpec)
-        {
-            this.currentSpec = (ElGamalParameterSpec)paramSpec;
-        }
-        else
-        {
-            DHParameterSpec s = (DHParameterSpec)paramSpec;
-
-            this.currentSpec = new ElGamalParameterSpec(s.getP(), s.getG());
-        }
-    }
-
-    protected void engineInit(
-        byte[] params)
-        throws IOException
-    {
-        try
-        {
-            ElGamalParameter elP = ElGamalParameter.getInstance(ASN1Primitive.fromByteArray(params));
-
-            currentSpec = new ElGamalParameterSpec(elP.getP(), elP.getG());
-        }
-        catch (ClassCastException e)
-        {
-            throw new IOException("Not a valid ElGamal Parameter encoding.");
-        }
-        catch (ArrayIndexOutOfBoundsException e)
-        {
-            throw new IOException("Not a valid ElGamal Parameter encoding.");
-        }
-    }
-
-    protected void engineInit(
-        byte[] params,
-        String format)
-        throws IOException
-    {
-        if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509"))
-        {
-            engineInit(params);
-        }
-        else
-        {
-            throw new IOException("Unknown parameter format " + format);
-        }
-    }
-
-    protected String engineToString()
-    {
-        return "ElGamal Parameters";
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/BCElGamalPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/BCElGamalPrivateKey.java
deleted file mode 100644
index f0f83fa..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/BCElGamalPrivateKey.java
+++ /dev/null

@@ -1,197 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.elgamal;
-
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.math.BigInteger;
-import java.util.Enumeration;
-
-import javax.crypto.interfaces.DHPrivateKey;
-import javax.crypto.spec.DHParameterSpec;
-import javax.crypto.spec.DHPrivateKeySpec;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.oiw.ElGamalParameter;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters;
-import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl;
-import org.bouncycastle.jce.interfaces.ElGamalPrivateKey;
-import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
-import org.bouncycastle.jce.spec.ElGamalParameterSpec;
-import org.bouncycastle.jce.spec.ElGamalPrivateKeySpec;
-
-public class BCElGamalPrivateKey
-    implements ElGamalPrivateKey, DHPrivateKey, PKCS12BagAttributeCarrier
-{
-    static final long serialVersionUID = 4819350091141529678L;
-        
-    private BigInteger      x;
-
-    private transient ElGamalParameterSpec   elSpec;
-    private transient PKCS12BagAttributeCarrierImpl attrCarrier = new PKCS12BagAttributeCarrierImpl();
-
-    protected BCElGamalPrivateKey()
-    {
-    }
-
-    BCElGamalPrivateKey(
-        ElGamalPrivateKey key)
-    {
-        this.x = key.getX();
-        this.elSpec = key.getParameters();
-    }
-
-    BCElGamalPrivateKey(
-        DHPrivateKey key)
-    {
-        this.x = key.getX();
-        this.elSpec = new ElGamalParameterSpec(key.getParams().getP(), key.getParams().getG());
-    }
-    
-    BCElGamalPrivateKey(
-        ElGamalPrivateKeySpec spec)
-    {
-        this.x = spec.getX();
-        this.elSpec = new ElGamalParameterSpec(spec.getParams().getP(), spec.getParams().getG());
-    }
-
-    BCElGamalPrivateKey(
-        DHPrivateKeySpec spec)
-    {
-        this.x = spec.getX();
-        this.elSpec = new ElGamalParameterSpec(spec.getP(), spec.getG());
-    }
-    
-    BCElGamalPrivateKey(
-        PrivateKeyInfo info)
-        throws IOException
-    {
-        ElGamalParameter     params = ElGamalParameter.getInstance(info.getPrivateKeyAlgorithm().getParameters());
-        ASN1Integer      derX = ASN1Integer.getInstance(info.parsePrivateKey());
-
-        this.x = derX.getValue();
-        this.elSpec = new ElGamalParameterSpec(params.getP(), params.getG());
-    }
-
-    BCElGamalPrivateKey(
-        ElGamalPrivateKeyParameters params)
-    {
-        this.x = params.getX();
-        this.elSpec = new ElGamalParameterSpec(params.getParameters().getP(), params.getParameters().getG());
-    }
-
-    public String getAlgorithm()
-    {
-        return "ElGamal";
-    }
-
-    /**
-     * return the encoding format we produce in getEncoded().
-     *
-     * @return the string "PKCS#8"
-     */
-    public String getFormat()
-    {
-        return "PKCS#8";
-    }
-
-    /**
-     * Return a PKCS8 representation of the key. The sequence returned
-     * represents a full PrivateKeyInfo object.
-     *
-     * @return a PKCS8 representation of the key.
-     */
-    public byte[] getEncoded()
-    {
-        try
-        {
-            PrivateKeyInfo          info = new PrivateKeyInfo(new AlgorithmIdentifier(OIWObjectIdentifiers.elGamalAlgorithm, new ElGamalParameter(elSpec.getP(), elSpec.getG())), new ASN1Integer(getX()));
-
-            return info.getEncoded(ASN1Encoding.DER);
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-    }
-
-    public ElGamalParameterSpec getParameters()
-    {
-        return elSpec;
-    }
-
-    public DHParameterSpec getParams()
-    {
-        return new DHParameterSpec(elSpec.getP(), elSpec.getG());
-    }
-    
-    public BigInteger getX()
-    {
-        return x;
-    }
-
-    public boolean equals(
-        Object o)
-    {
-        if (!(o instanceof DHPrivateKey))
-        {
-            return false;
-        }
-
-        DHPrivateKey other = (DHPrivateKey)o;
-
-        return this.getX().equals(other.getX())
-            && this.getParams().getG().equals(other.getParams().getG())
-            && this.getParams().getP().equals(other.getParams().getP())
-            && this.getParams().getL() == other.getParams().getL();
-    }
-
-    public int hashCode()
-    {
-        return this.getX().hashCode() ^ this.getParams().getG().hashCode()
-                ^ this.getParams().getP().hashCode() ^ this.getParams().getL();
-    }
-
-    private void readObject(
-        ObjectInputStream   in)
-        throws IOException, ClassNotFoundException
-    {
-        in.defaultReadObject();
-
-        this.elSpec = new ElGamalParameterSpec((BigInteger)in.readObject(), (BigInteger)in.readObject());
-        this.attrCarrier = new PKCS12BagAttributeCarrierImpl();
-    }
-
-    private void writeObject(
-        ObjectOutputStream  out)
-        throws IOException
-    {
-        out.defaultWriteObject();
-
-        out.writeObject(elSpec.getP());
-        out.writeObject(elSpec.getG());
-    }
-
-    public void setBagAttribute(
-        ASN1ObjectIdentifier oid,
-        ASN1Encodable attribute)
-    {
-        attrCarrier.setBagAttribute(oid, attribute);
-    }
-
-    public ASN1Encodable getBagAttribute(
-        ASN1ObjectIdentifier oid)
-    {
-        return attrCarrier.getBagAttribute(oid);
-    }
-
-    public Enumeration getBagAttributeKeys()
-    {
-        return attrCarrier.getBagAttributeKeys();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/BCElGamalPublicKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/BCElGamalPublicKey.java
deleted file mode 100644
index cd31cc5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/BCElGamalPublicKey.java
+++ /dev/null

@@ -1,172 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.elgamal;
-
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.math.BigInteger;
-
-import javax.crypto.interfaces.DHPublicKey;
-import javax.crypto.spec.DHParameterSpec;
-import javax.crypto.spec.DHPublicKeySpec;
-
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.oiw.ElGamalParameter;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters;
-import org.bouncycastle.jce.interfaces.ElGamalPublicKey;
-import org.bouncycastle.jce.spec.ElGamalParameterSpec;
-import org.bouncycastle.jce.spec.ElGamalPublicKeySpec;
-
-public class BCElGamalPublicKey
-    implements ElGamalPublicKey, DHPublicKey
-{
-    static final long serialVersionUID = 8712728417091216948L;
-        
-    private BigInteger              y;
-    private transient ElGamalParameterSpec    elSpec;
-
-    BCElGamalPublicKey(
-        ElGamalPublicKeySpec spec)
-    {
-        this.y = spec.getY();
-        this.elSpec = new ElGamalParameterSpec(spec.getParams().getP(), spec.getParams().getG());
-    }
-
-    BCElGamalPublicKey(
-        DHPublicKeySpec spec)
-    {
-        this.y = spec.getY();
-        this.elSpec = new ElGamalParameterSpec(spec.getP(), spec.getG());
-    }
-    
-    BCElGamalPublicKey(
-        ElGamalPublicKey key)
-    {
-        this.y = key.getY();
-        this.elSpec = key.getParameters();
-    }
-
-    BCElGamalPublicKey(
-        DHPublicKey key)
-    {
-        this.y = key.getY();
-        this.elSpec = new ElGamalParameterSpec(key.getParams().getP(), key.getParams().getG());
-    }
-    
-    BCElGamalPublicKey(
-        ElGamalPublicKeyParameters params)
-    {
-        this.y = params.getY();
-        this.elSpec = new ElGamalParameterSpec(params.getParameters().getP(), params.getParameters().getG());
-    }
-
-    BCElGamalPublicKey(
-        BigInteger y,
-        ElGamalParameterSpec elSpec)
-    {
-        this.y = y;
-        this.elSpec = elSpec;
-    }
-
-    BCElGamalPublicKey(
-        SubjectPublicKeyInfo info)
-    {
-        ElGamalParameter        params = ElGamalParameter.getInstance(info.getAlgorithm().getParameters());
-        ASN1Integer              derY = null;
-
-        try
-        {
-            derY = (ASN1Integer)info.parsePublicKey();
-        }
-        catch (IOException e)
-        {
-            throw new IllegalArgumentException("invalid info structure in DSA public key");
-        }
-
-        this.y = derY.getValue();
-        this.elSpec = new ElGamalParameterSpec(params.getP(), params.getG());
-    }
-
-    public String getAlgorithm()
-    {
-        return "ElGamal";
-    }
-
-    public String getFormat()
-    {
-        return "X.509";
-    }
-
-    public byte[] getEncoded()
-    {
-        try
-        {
-            SubjectPublicKeyInfo    info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(OIWObjectIdentifiers.elGamalAlgorithm, new ElGamalParameter(elSpec.getP(), elSpec.getG())), new ASN1Integer(y));
-
-            return info.getEncoded(ASN1Encoding.DER);
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-    }
-
-    public ElGamalParameterSpec getParameters()
-    {
-        return elSpec;
-    }
-    
-    public DHParameterSpec getParams()
-    {
-        return new DHParameterSpec(elSpec.getP(), elSpec.getG());
-    }
-
-    public BigInteger getY()
-    {
-        return y;
-    }
-
-    public int hashCode()
-    {
-        return this.getY().hashCode() ^ this.getParams().getG().hashCode()
-                ^ this.getParams().getP().hashCode() ^ this.getParams().getL();
-    }
-
-    public boolean equals(
-        Object o)
-    {
-        if (!(o instanceof DHPublicKey))
-        {
-            return false;
-        }
-
-        DHPublicKey other = (DHPublicKey)o;
-
-        return this.getY().equals(other.getY())
-            && this.getParams().getG().equals(other.getParams().getG())
-            && this.getParams().getP().equals(other.getParams().getP())
-            && this.getParams().getL() == other.getParams().getL();
-    }
-
-    private void readObject(
-        ObjectInputStream   in)
-        throws IOException, ClassNotFoundException
-    {
-        in.defaultReadObject();
-
-        this.elSpec = new ElGamalParameterSpec((BigInteger)in.readObject(), (BigInteger)in.readObject());
-    }
-
-    private void writeObject(
-        ObjectOutputStream  out)
-        throws IOException
-    {
-        out.defaultWriteObject();
-
-        out.writeObject(elSpec.getP());
-        out.writeObject(elSpec.getG());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/CipherSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/CipherSpi.java
deleted file mode 100644
index 06ca108..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/CipherSpi.java
+++ /dev/null

@@ -1,445 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.elgamal;
-
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.InvalidParameterException;
-import java.security.Key;
-import java.security.NoSuchAlgorithmException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.MGF1ParameterSpec;
-
-import javax.crypto.BadPaddingException;
-import javax.crypto.IllegalBlockSizeException;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.ShortBufferException;
-import javax.crypto.interfaces.DHKey;
-import javax.crypto.interfaces.DHPrivateKey;
-import javax.crypto.interfaces.DHPublicKey;
-import javax.crypto.spec.OAEPParameterSpec;
-import javax.crypto.spec.PSource;
-
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.crypto.AsymmetricBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.encodings.ISO9796d1Encoding;
-import org.bouncycastle.crypto.encodings.OAEPEncoding;
-import org.bouncycastle.crypto.encodings.PKCS1Encoding;
-import org.bouncycastle.crypto.engines.ElGamalEngine;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.jcajce.provider.asymmetric.util.BaseCipherSpi;
-import org.bouncycastle.jcajce.provider.util.BadBlockException;
-import org.bouncycastle.jcajce.provider.util.DigestFactory;
-import org.bouncycastle.jce.interfaces.ElGamalKey;
-import org.bouncycastle.util.Strings;
-
-public class CipherSpi
-    extends BaseCipherSpi
-{
-    private AsymmetricBlockCipher   cipher;
-    private AlgorithmParameterSpec  paramSpec;
-    private AlgorithmParameters     engineParams;
-    private ErasableOutputStream    bOut = new ErasableOutputStream();
-
-    public CipherSpi(
-        AsymmetricBlockCipher engine)
-    {
-        cipher = engine;
-    }
-   
-    private void initFromSpec(
-        OAEPParameterSpec pSpec) 
-        throws NoSuchPaddingException
-    {
-        MGF1ParameterSpec   mgfParams = (MGF1ParameterSpec)pSpec.getMGFParameters();
-        Digest              digest = DigestFactory.getDigest(mgfParams.getDigestAlgorithm());
-        
-        if (digest == null)
-        {
-            throw new NoSuchPaddingException("no match on OAEP constructor for digest algorithm: "+ mgfParams.getDigestAlgorithm());
-        }
-
-        cipher = new OAEPEncoding(new ElGamalEngine(), digest, ((PSource.PSpecified)pSpec.getPSource()).getValue());
-        paramSpec = pSpec;
-    }
-    
-    protected int engineGetBlockSize() 
-    {
-        return cipher.getInputBlockSize();
-    }
-
-    protected int engineGetKeySize(
-        Key     key) 
-    {
-        if (key instanceof ElGamalKey)
-        {
-            ElGamalKey   k = (ElGamalKey)key;
-
-            return k.getParameters().getP().bitLength();
-        }
-        else if (key instanceof DHKey)
-        {
-            DHKey   k = (DHKey)key;
-
-            return k.getParams().getP().bitLength();
-        }
-
-        throw new IllegalArgumentException("not an ElGamal key!");
-    }
-
-    protected int engineGetOutputSize(
-        int     inputLen) 
-    {
-        return cipher.getOutputBlockSize();
-    }
-
-    protected AlgorithmParameters engineGetParameters() 
-    {
-        if (engineParams == null)
-        {
-            if (paramSpec != null)
-            {
-                try
-                {
-                    engineParams = createParametersInstance("OAEP");
-                    engineParams.init(paramSpec);
-                }
-                catch (Exception e)
-                {
-                    throw new RuntimeException(e.toString());
-                }
-            }
-        }
-
-        return engineParams;
-    }
-
-    protected void engineSetMode(
-        String  mode)
-        throws NoSuchAlgorithmException
-    {
-        String md = Strings.toUpperCase(mode);
-        
-        if (md.equals("NONE") || md.equals("ECB"))
-        {
-            return;
-        }
-        
-        throw new NoSuchAlgorithmException("can't support mode " + mode);
-    }
-
-    protected void engineSetPadding(
-        String  padding) 
-        throws NoSuchPaddingException
-    {
-        String pad = Strings.toUpperCase(padding);
-
-        if (pad.equals("NOPADDING"))
-        {
-            cipher = new ElGamalEngine();
-        }
-        else if (pad.equals("PKCS1PADDING"))
-        {
-            cipher = new PKCS1Encoding(new ElGamalEngine());
-        }
-        else if (pad.equals("ISO9796-1PADDING"))
-        {
-            cipher = new ISO9796d1Encoding(new ElGamalEngine());
-        }
-        else if (pad.equals("OAEPPADDING"))
-        {
-            initFromSpec(OAEPParameterSpec.DEFAULT);
-        }
-        else if (pad.equals("OAEPWITHMD5ANDMGF1PADDING"))
-        {
-            initFromSpec(new OAEPParameterSpec("MD5", "MGF1", new MGF1ParameterSpec("MD5"), PSource.PSpecified.DEFAULT));
-        }
-        else if (pad.equals("OAEPWITHSHA1ANDMGF1PADDING"))
-        {
-            initFromSpec(OAEPParameterSpec.DEFAULT);
-        }
-        else if (pad.equals("OAEPWITHSHA224ANDMGF1PADDING"))
-        {
-            initFromSpec(new OAEPParameterSpec("SHA-224", "MGF1", new MGF1ParameterSpec("SHA-224"), PSource.PSpecified.DEFAULT));
-        }
-        else if (pad.equals("OAEPWITHSHA256ANDMGF1PADDING"))
-        {
-            initFromSpec(new OAEPParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA256, PSource.PSpecified.DEFAULT));
-        }
-        else if (pad.equals("OAEPWITHSHA384ANDMGF1PADDING"))
-        {
-            initFromSpec(new OAEPParameterSpec("SHA-384", "MGF1", MGF1ParameterSpec.SHA384, PSource.PSpecified.DEFAULT));
-        }
-        else if (pad.equals("OAEPWITHSHA512ANDMGF1PADDING"))
-        {
-            initFromSpec(new OAEPParameterSpec("SHA-512", "MGF1", MGF1ParameterSpec.SHA512, PSource.PSpecified.DEFAULT));
-        }
-        else if (pad.equals("OAEPWITHSHA3-224ANDMGF1PADDING"))
-        {
-            initFromSpec(new OAEPParameterSpec("SHA3-224", "MGF1", new MGF1ParameterSpec("SHA3-224"), PSource.PSpecified.DEFAULT));
-        }
-        else if (pad.equals("OAEPWITHSHA3-256ANDMGF1PADDING"))
-        {
-            initFromSpec(new OAEPParameterSpec("SHA3-256", "MGF1", new MGF1ParameterSpec("SHA3-256"), PSource.PSpecified.DEFAULT));
-        }
-        else if (pad.equals("OAEPWITHSHA3-384ANDMGF1PADDING"))
-        {
-            initFromSpec(new OAEPParameterSpec("SHA3-384", "MGF1", new MGF1ParameterSpec("SHA3-384"), PSource.PSpecified.DEFAULT));
-        }
-        else if (pad.equals("OAEPWITHSHA3-512ANDMGF1PADDING"))
-        {
-            initFromSpec(new OAEPParameterSpec("SHA3-512", "MGF1", new MGF1ParameterSpec("SHA3-512"), PSource.PSpecified.DEFAULT));
-        }
-        else
-        {
-            throw new NoSuchPaddingException(padding + " unavailable with ElGamal.");
-        }
-    }
-
-    protected void engineInit(
-        int                     opmode,
-        Key                     key,
-        AlgorithmParameterSpec  params,
-        SecureRandom            random)
-        throws InvalidKeyException, InvalidAlgorithmParameterException
-    {
-        CipherParameters        param;
-
-        if (key instanceof DHPublicKey)
-        {
-            param = ElGamalUtil.generatePublicKeyParameter((PublicKey)key);
-        }
-        else if (key instanceof DHPrivateKey)
-        {
-            param = ElGamalUtil.generatePrivateKeyParameter((PrivateKey)key);
-        }
-        else
-        {
-            throw new InvalidKeyException("unknown key type passed to ElGamal");
-        }
-
-        if (params instanceof OAEPParameterSpec)
-        {
-            OAEPParameterSpec spec = (OAEPParameterSpec)params;
-
-            paramSpec = params;
-
-            if (!spec.getMGFAlgorithm().equalsIgnoreCase("MGF1") && !spec.getMGFAlgorithm().equals(PKCSObjectIdentifiers.id_mgf1.getId()))
-            {
-                throw new InvalidAlgorithmParameterException("unknown mask generation function specified");
-            }
-
-            if (!(spec.getMGFParameters() instanceof MGF1ParameterSpec))
-            {
-                throw new InvalidAlgorithmParameterException("unkown MGF parameters");
-            }
-
-            Digest digest = DigestFactory.getDigest(spec.getDigestAlgorithm());
-
-            if (digest == null)
-            {
-                throw new InvalidAlgorithmParameterException("no match on digest algorithm: "+ spec.getDigestAlgorithm());
-            }
-
-            MGF1ParameterSpec mgfParams = (MGF1ParameterSpec)spec.getMGFParameters();
-            Digest mgfDigest = DigestFactory.getDigest(mgfParams.getDigestAlgorithm());
-
-            if (mgfDigest == null)
-            {
-                throw new InvalidAlgorithmParameterException("no match on MGF digest algorithm: "+ mgfParams.getDigestAlgorithm());
-            }
-
-            cipher = new OAEPEncoding(new ElGamalEngine(), digest, mgfDigest, ((PSource.PSpecified)spec.getPSource()).getValue());
-        }
-        else if (params != null)
-        {
-            throw new InvalidAlgorithmParameterException("unknown parameter type.");
-        }
-
-        if (random != null)
-        {
-            param = new ParametersWithRandom(param, random);
-        }
-
-        switch (opmode)
-        {
-        case javax.crypto.Cipher.ENCRYPT_MODE:
-        case javax.crypto.Cipher.WRAP_MODE:
-            cipher.init(true, param);
-            break;
-        case javax.crypto.Cipher.DECRYPT_MODE:
-        case javax.crypto.Cipher.UNWRAP_MODE:
-            cipher.init(false, param);
-            break;
-        default:
-            throw new InvalidParameterException("unknown opmode " + opmode + " passed to ElGamal");
-        }
-    }
-
-    protected void engineInit(
-        int                 opmode,
-        Key                 key,
-        AlgorithmParameters params,
-        SecureRandom        random) 
-    throws InvalidKeyException, InvalidAlgorithmParameterException
-    {
-        throw new InvalidAlgorithmParameterException("can't handle parameters in ElGamal");
-    }
-
-    protected void engineInit(
-        int                 opmode,
-        Key                 key,
-        SecureRandom        random) 
-    throws InvalidKeyException
-    {
-        try
-        {
-            engineInit(opmode, key, (AlgorithmParameterSpec)null, random);
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            // this shouldn't happen
-            throw new InvalidKeyException("Eeeek! " + e.toString(), e);
-        }
-    }
-
-    protected byte[] engineUpdate(
-        byte[]  input,
-        int     inputOffset,
-        int     inputLen) 
-    {
-        bOut.write(input, inputOffset, inputLen);
-        return null;
-    }
-
-    protected int engineUpdate(
-        byte[]  input,
-        int     inputOffset,
-        int     inputLen,
-        byte[]  output,
-        int     outputOffset) 
-    {
-        bOut.write(input, inputOffset, inputLen);
-        return 0;
-    }
-
-
-    protected byte[] engineDoFinal(
-        byte[]  input,
-        int     inputOffset,
-        int     inputLen)
-        throws IllegalBlockSizeException, BadPaddingException
-    {
-        if (input != null)
-        {
-            bOut.write(input, inputOffset, inputLen);
-        }
-
-        if (cipher instanceof ElGamalEngine)
-        {
-            if (bOut.size() > cipher.getInputBlockSize() + 1)
-            {
-                throw new ArrayIndexOutOfBoundsException("too much data for ElGamal block");
-            }
-        }
-        else
-        {
-            if (bOut.size() > cipher.getInputBlockSize())
-            {
-                throw new ArrayIndexOutOfBoundsException("too much data for ElGamal block");
-            }
-        }
-
-        return getOutput();
-    }
-
-    protected int engineDoFinal(
-        byte[]  input,
-        int     inputOffset,
-        int     inputLen,
-        byte[]  output,
-        int     outputOffset)
-        throws IllegalBlockSizeException, BadPaddingException, ShortBufferException
-    {
-        if (outputOffset + engineGetOutputSize(inputLen) > output.length)
-        {
-            throw new ShortBufferException("output buffer too short for input.");
-        }
-
-        if (input != null)
-        {
-            bOut.write(input, inputOffset, inputLen);
-        }
-
-        if (cipher instanceof ElGamalEngine)
-        {
-            if (bOut.size() > cipher.getInputBlockSize() + 1)
-            {
-                throw new ArrayIndexOutOfBoundsException("too much data for ElGamal block");
-            }
-        }
-        else
-        {
-            if (bOut.size() > cipher.getInputBlockSize())
-            {
-                throw new ArrayIndexOutOfBoundsException("too much data for ElGamal block");
-            }
-        }
-
-        byte[]  out = getOutput();
-
-        for (int i = 0; i != out.length; i++)
-        {
-            output[outputOffset + i] = out[i];
-        }
-
-        return out.length;
-    }
-
-    private byte[] getOutput()
-        throws BadPaddingException
-    {
-        try
-        {
-            return cipher.processBlock(bOut.getBuf(), 0, bOut.size());
-        }
-        catch (InvalidCipherTextException e)
-        {
-            throw new BadBlockException("unable to decrypt block", e);
-        }
-        catch (ArrayIndexOutOfBoundsException e)
-        {
-            throw new BadBlockException("unable to decrypt block", e);
-        }
-        finally
-        {
-            bOut.erase();
-        }
-    }
-
-    /**
-     * classes that inherit from us.
-     */
-    static public class NoPadding
-        extends CipherSpi
-    {
-        public NoPadding()
-        {
-            super(new ElGamalEngine());
-        }
-    }
-    
-    static public class PKCS1v1_5Padding
-        extends CipherSpi
-    {
-        public PKCS1v1_5Padding()
-        {
-            super(new PKCS1Encoding(new ElGamalEngine()));
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/ElGamalUtil.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/ElGamalUtil.java
deleted file mode 100644
index f0442f4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/ElGamalUtil.java
+++ /dev/null

@@ -1,66 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.elgamal;
-
-import java.security.InvalidKeyException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-
-import javax.crypto.interfaces.DHPrivateKey;
-import javax.crypto.interfaces.DHPublicKey;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.ElGamalParameters;
-import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters;
-import org.bouncycastle.jce.interfaces.ElGamalPrivateKey;
-import org.bouncycastle.jce.interfaces.ElGamalPublicKey;
-
-/**
- * utility class for converting jce/jca ElGamal objects
- * objects into their org.bouncycastle.crypto counterparts.
- */
-public class ElGamalUtil
-{
-    static public AsymmetricKeyParameter generatePublicKeyParameter(
-        PublicKey    key)
-        throws InvalidKeyException
-    {
-        if (key instanceof ElGamalPublicKey)
-        {
-            ElGamalPublicKey    k = (ElGamalPublicKey)key;
-
-            return new ElGamalPublicKeyParameters(k.getY(),
-                new ElGamalParameters(k.getParameters().getP(), k.getParameters().getG()));
-        }
-        else if (key instanceof DHPublicKey)
-        {
-            DHPublicKey    k = (DHPublicKey)key;
-
-            return new ElGamalPublicKeyParameters(k.getY(),
-                new ElGamalParameters(k.getParams().getP(), k.getParams().getG()));
-        }
-
-        throw new InvalidKeyException("can't identify public key for El Gamal.");
-    }
-
-    static public AsymmetricKeyParameter generatePrivateKeyParameter(
-        PrivateKey    key)
-        throws InvalidKeyException
-    {
-        if (key instanceof ElGamalPrivateKey)
-        {
-            ElGamalPrivateKey    k = (ElGamalPrivateKey)key;
-
-            return new ElGamalPrivateKeyParameters(k.getX(),
-                new ElGamalParameters(k.getParameters().getP(), k.getParameters().getG()));
-        }
-        else if (key instanceof DHPrivateKey)
-        {
-            DHPrivateKey    k = (DHPrivateKey)key;
-
-            return new ElGamalPrivateKeyParameters(k.getX(),
-                new ElGamalParameters(k.getParams().getP(), k.getParams().getG()));
-        }
-                        
-        throw new InvalidKeyException("can't identify private key for El Gamal.");
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/KeyFactorySpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/KeyFactorySpi.java
deleted file mode 100644
index 92e655f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/KeyFactorySpi.java
+++ /dev/null

@@ -1,156 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.elgamal;
-
-import java.io.IOException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.KeySpec;
-
-import javax.crypto.interfaces.DHPrivateKey;
-import javax.crypto.interfaces.DHPublicKey;
-import javax.crypto.spec.DHPrivateKeySpec;
-import javax.crypto.spec.DHPublicKeySpec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-import org.bouncycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi;
-import org.bouncycastle.jce.interfaces.ElGamalPrivateKey;
-import org.bouncycastle.jce.interfaces.ElGamalPublicKey;
-import org.bouncycastle.jce.spec.ElGamalPrivateKeySpec;
-import org.bouncycastle.jce.spec.ElGamalPublicKeySpec;
-
-public class KeyFactorySpi
-    extends BaseKeyFactorySpi
-{
-    public KeyFactorySpi()
-    {
-    }
-
-    protected PrivateKey engineGeneratePrivate(
-        KeySpec keySpec)
-        throws InvalidKeySpecException
-    {
-        if (keySpec instanceof ElGamalPrivateKeySpec)
-        {
-            return new BCElGamalPrivateKey((ElGamalPrivateKeySpec)keySpec);
-        }
-        else if (keySpec instanceof DHPrivateKeySpec)
-        {
-            return new BCElGamalPrivateKey((DHPrivateKeySpec)keySpec);
-        }
-
-        return super.engineGeneratePrivate(keySpec);
-    }
-
-    protected PublicKey engineGeneratePublic(
-        KeySpec keySpec)
-        throws InvalidKeySpecException
-    {
-        if (keySpec instanceof ElGamalPublicKeySpec)
-        {
-            return new BCElGamalPublicKey((ElGamalPublicKeySpec)keySpec);
-        }
-        else if (keySpec instanceof DHPublicKeySpec)
-        {
-            return new BCElGamalPublicKey((DHPublicKeySpec)keySpec);
-        }
-        return super.engineGeneratePublic(keySpec);
-    }
-
-    protected KeySpec engineGetKeySpec(
-        Key key,
-        Class spec)
-        throws InvalidKeySpecException
-    {
-        if (spec.isAssignableFrom(DHPrivateKeySpec.class) && key instanceof DHPrivateKey)
-        {
-            DHPrivateKey k = (DHPrivateKey)key;
-
-            return new DHPrivateKeySpec(k.getX(), k.getParams().getP(), k.getParams().getG());
-        }
-        else if (spec.isAssignableFrom(DHPublicKeySpec.class) && key instanceof DHPublicKey)
-        {
-            DHPublicKey k = (DHPublicKey)key;
-
-            return new DHPublicKeySpec(k.getY(), k.getParams().getP(), k.getParams().getG());
-        }
-
-        return super.engineGetKeySpec(key, spec);
-    }
-
-    protected Key engineTranslateKey(
-        Key key)
-        throws InvalidKeyException
-    {
-        if (key instanceof DHPublicKey)
-        {
-            return new BCElGamalPublicKey((DHPublicKey)key);
-        }
-        else if (key instanceof DHPrivateKey)
-        {
-            return new BCElGamalPrivateKey((DHPrivateKey)key);
-        }
-        else if (key instanceof ElGamalPublicKey)
-        {
-            return new BCElGamalPublicKey((ElGamalPublicKey)key);
-        }
-        else if (key instanceof ElGamalPrivateKey)
-        {
-            return new BCElGamalPrivateKey((ElGamalPrivateKey)key);
-        }
-
-        throw new InvalidKeyException("key type unknown");
-    }
-
-    public PrivateKey generatePrivate(PrivateKeyInfo info)
-        throws IOException
-    {
-        ASN1ObjectIdentifier algOid = info.getPrivateKeyAlgorithm().getAlgorithm();
-
-        if (algOid.equals(PKCSObjectIdentifiers.dhKeyAgreement))
-        {
-            return new BCElGamalPrivateKey(info);
-        }
-        else if (algOid.equals(X9ObjectIdentifiers.dhpublicnumber))
-        {
-            return new BCElGamalPrivateKey(info);
-        }
-        else if (algOid.equals(OIWObjectIdentifiers.elGamalAlgorithm))
-        {
-            return new BCElGamalPrivateKey(info);
-        }
-        else
-        {
-            throw new IOException("algorithm identifier " + algOid + " in key not recognised");
-        }
-    }
-
-    public PublicKey generatePublic(SubjectPublicKeyInfo info)
-        throws IOException
-    {
-        ASN1ObjectIdentifier algOid = info.getAlgorithm().getAlgorithm();
-
-        if (algOid.equals(PKCSObjectIdentifiers.dhKeyAgreement))
-        {
-            return new BCElGamalPublicKey(info);
-        }
-        else if (algOid.equals(X9ObjectIdentifiers.dhpublicnumber))
-        {
-            return new BCElGamalPublicKey(info);
-        }
-        else if (algOid.equals(OIWObjectIdentifiers.elGamalAlgorithm))
-        {
-            return new BCElGamalPublicKey(info);
-        }
-        else
-        {
-            throw new IOException("algorithm identifier " + algOid + " in key not recognised");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/KeyPairGeneratorSpi.java
deleted file mode 100644
index 0888543..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/elgamal/KeyPairGeneratorSpi.java
+++ /dev/null

@@ -1,101 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.elgamal;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyPair;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.spec.DHParameterSpec;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.generators.ElGamalKeyPairGenerator;
-import org.bouncycastle.crypto.generators.ElGamalParametersGenerator;
-import org.bouncycastle.crypto.params.ElGamalKeyGenerationParameters;
-import org.bouncycastle.crypto.params.ElGamalParameters;
-import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters;
-import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ElGamalParameterSpec;
-
-public class KeyPairGeneratorSpi
-    extends java.security.KeyPairGenerator
-{
-    ElGamalKeyGenerationParameters param;
-    ElGamalKeyPairGenerator engine = new ElGamalKeyPairGenerator();
-    int strength = 1024;
-    int certainty = 20;
-    SecureRandom random = CryptoServicesRegistrar.getSecureRandom();
-    boolean initialised = false;
-
-    public KeyPairGeneratorSpi()
-    {
-        super("ElGamal");
-    }
-
-    public void initialize(
-        int strength,
-        SecureRandom random)
-    {
-        this.strength = strength;
-        this.random = random;
-    }
-
-    public void initialize(
-        AlgorithmParameterSpec params,
-        SecureRandom random)
-        throws InvalidAlgorithmParameterException
-    {
-        if (!(params instanceof ElGamalParameterSpec) && !(params instanceof DHParameterSpec))
-        {
-            throw new InvalidAlgorithmParameterException("parameter object not a DHParameterSpec or an ElGamalParameterSpec");
-        }
-
-        if (params instanceof ElGamalParameterSpec)
-        {
-            ElGamalParameterSpec elParams = (ElGamalParameterSpec)params;
-
-            param = new ElGamalKeyGenerationParameters(random, new ElGamalParameters(elParams.getP(), elParams.getG()));
-        }
-        else
-        {
-            DHParameterSpec dhParams = (DHParameterSpec)params;
-
-            param = new ElGamalKeyGenerationParameters(random, new ElGamalParameters(dhParams.getP(), dhParams.getG(), dhParams.getL()));
-        }
-
-        engine.init(param);
-        initialised = true;
-    }
-
-    public KeyPair generateKeyPair()
-    {
-        if (!initialised)
-        {
-            DHParameterSpec dhParams = BouncyCastleProvider.CONFIGURATION.getDHDefaultParameters(strength);
-
-            if (dhParams != null)
-            {
-                param = new ElGamalKeyGenerationParameters(random, new ElGamalParameters(dhParams.getP(), dhParams.getG(), dhParams.getL()));
-            }
-            else
-            {
-                ElGamalParametersGenerator pGen = new ElGamalParametersGenerator();
-
-                pGen.init(strength, certainty, random);
-                param = new ElGamalKeyGenerationParameters(random, pGen.generateParameters());
-            }
-
-            engine.init(param);
-            initialised = true;
-        }
-
-        AsymmetricCipherKeyPair pair = engine.generateKeyPair();
-        ElGamalPublicKeyParameters pub = (ElGamalPublicKeyParameters)pair.getPublic();
-        ElGamalPrivateKeyParameters priv = (ElGamalPrivateKeyParameters)pair.getPrivate();
-
-        return new KeyPair(new BCElGamalPublicKey(pub),
-            new BCElGamalPrivateKey(priv));
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/AlgorithmParameterGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/AlgorithmParameterGeneratorSpi.java
deleted file mode 100644
index e706e68..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/AlgorithmParameterGeneratorSpi.java
+++ /dev/null

@@ -1,66 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.gost;
-
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.generators.GOST3410ParametersGenerator;
-import org.bouncycastle.crypto.params.GOST3410Parameters;
-import org.bouncycastle.jcajce.provider.asymmetric.util.BaseAlgorithmParameterGeneratorSpi;
-import org.bouncycastle.jce.spec.GOST3410ParameterSpec;
-import org.bouncycastle.jce.spec.GOST3410PublicKeyParameterSetSpec;
-
-public abstract class AlgorithmParameterGeneratorSpi
-    extends BaseAlgorithmParameterGeneratorSpi
-{
-    protected SecureRandom random;
-    protected int strength = 1024;
-
-    protected void engineInit(
-        int strength,
-        SecureRandom random)
-    {
-        this.strength = strength;
-        this.random = random;
-    }
-
-    protected void engineInit(
-        AlgorithmParameterSpec genParamSpec,
-        SecureRandom random)
-        throws InvalidAlgorithmParameterException
-    {
-        throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for GOST3410 parameter generation.");
-    }
-
-    protected AlgorithmParameters engineGenerateParameters()
-    {
-        GOST3410ParametersGenerator pGen = new GOST3410ParametersGenerator();
-
-        if (random != null)
-        {
-            pGen.init(strength, 2, random);
-        }
-        else
-        {
-            pGen.init(strength, 2, CryptoServicesRegistrar.getSecureRandom());
-        }
-
-        GOST3410Parameters p = pGen.generateParameters();
-
-        AlgorithmParameters params;
-
-        try
-        {
-            params = createParametersInstance("GOST3410");
-            params.init(new GOST3410ParameterSpec(new GOST3410PublicKeyParameterSetSpec(p.getP(), p.getQ(), p.getA())));
-        }
-        catch (Exception e)
-        {
-            throw new RuntimeException(e.getMessage());
-        }
-
-        return params;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/AlgorithmParametersSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/AlgorithmParametersSpi.java
deleted file mode 100644
index 07ffbd0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/AlgorithmParametersSpi.java
+++ /dev/null

@@ -1,137 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.gost;
-
-import java.io.IOException;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.InvalidParameterSpecException;
-
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
-import org.bouncycastle.jce.spec.GOST3410ParameterSpec;
-import org.bouncycastle.jce.spec.GOST3410PublicKeyParameterSetSpec;
-
-public class AlgorithmParametersSpi
-    extends java.security.AlgorithmParametersSpi
-{
-    GOST3410ParameterSpec currentSpec;
-
-    protected boolean isASN1FormatString(String format)
-    {
-        return format == null || format.equals("ASN.1");
-    }
-
-    protected AlgorithmParameterSpec engineGetParameterSpec(
-        Class paramSpec)
-        throws InvalidParameterSpecException
-    {
-        if (paramSpec == null)
-        {
-            throw new NullPointerException("argument to getParameterSpec must not be null");
-        }
-
-        return localEngineGetParameterSpec(paramSpec);
-    }
-
-
-    /**
-     * Return the X.509 ASN.1 structure GOST3410Parameter.
-     * <pre>
-     *  GOST3410Parameter ::= SEQUENCE {
-     *                   prime INTEGER, -- p
-     *                   subprime INTEGER, -- q
-     *                   base INTEGER, -- a}
-     * </pre>
-     */
-    protected byte[] engineGetEncoded()
-    {
-        GOST3410PublicKeyAlgParameters gost3410P = new GOST3410PublicKeyAlgParameters(new ASN1ObjectIdentifier(currentSpec.getPublicKeyParamSetOID()), new ASN1ObjectIdentifier(currentSpec.getDigestParamSetOID()), new ASN1ObjectIdentifier(currentSpec.getEncryptionParamSetOID()));
-
-        try
-        {
-            return gost3410P.getEncoded(ASN1Encoding.DER);
-        }
-        catch (IOException e)
-        {
-            throw new RuntimeException("Error encoding GOST3410Parameters");
-        }
-    }
-
-    protected byte[] engineGetEncoded(
-        String format)
-    {
-        if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509"))
-        {
-            return engineGetEncoded();
-        }
-
-        return null;
-    }
-
-    protected AlgorithmParameterSpec localEngineGetParameterSpec(
-        Class paramSpec)
-        throws InvalidParameterSpecException
-    {
-        if (paramSpec == GOST3410PublicKeyParameterSetSpec.class || paramSpec == AlgorithmParameterSpec.class)
-        {
-            return currentSpec;
-        }
-
-        throw new InvalidParameterSpecException("unknown parameter spec passed to GOST3410 parameters object.");
-    }
-
-    protected void engineInit(
-        AlgorithmParameterSpec paramSpec)
-        throws InvalidParameterSpecException
-    {
-        if (!(paramSpec instanceof GOST3410ParameterSpec))
-        {
-            throw new InvalidParameterSpecException("GOST3410ParameterSpec required to initialise a GOST3410 algorithm parameters object");
-        }
-
-        this.currentSpec = (GOST3410ParameterSpec)paramSpec;
-    }
-
-    protected void engineInit(
-        byte[] params)
-        throws IOException
-    {
-        try
-        {
-            ASN1Sequence seq = (ASN1Sequence)ASN1Primitive.fromByteArray(params);
-
-            this.currentSpec = GOST3410ParameterSpec.fromPublicKeyAlg(
-                new GOST3410PublicKeyAlgParameters(seq));
-        }
-        catch (ClassCastException e)
-        {
-            throw new IOException("Not a valid GOST3410 Parameter encoding.");
-        }
-        catch (ArrayIndexOutOfBoundsException e)
-        {
-            throw new IOException("Not a valid GOST3410 Parameter encoding.");
-        }
-    }
-
-    protected void engineInit(
-        byte[] params,
-        String format)
-        throws IOException
-    {
-        if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509"))
-        {
-            engineInit(params);
-        }
-        else
-        {
-            throw new IOException("Unknown parameter format " + format);
-        }
-    }
-
-    protected String engineToString()
-    {
-        return "GOST3410 Parameters";
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/BCGOST3410PrivateKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/BCGOST3410PrivateKey.java
deleted file mode 100644
index 8992d5f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/BCGOST3410PrivateKey.java
+++ /dev/null

@@ -1,279 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.gost;
-
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.math.BigInteger;
-import java.security.InvalidKeyException;
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.params.GOST3410PrivateKeyParameters;
-import org.bouncycastle.jcajce.provider.asymmetric.util.GOST3410Util;
-import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl;
-import org.bouncycastle.jce.interfaces.GOST3410Params;
-import org.bouncycastle.jce.interfaces.GOST3410PrivateKey;
-import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
-import org.bouncycastle.jce.spec.GOST3410ParameterSpec;
-import org.bouncycastle.jce.spec.GOST3410PrivateKeySpec;
-import org.bouncycastle.jce.spec.GOST3410PublicKeyParameterSetSpec;
-
-public class BCGOST3410PrivateKey
-    implements GOST3410PrivateKey, PKCS12BagAttributeCarrier
-{
-    static final long serialVersionUID = 8581661527592305464L;
-
-    private BigInteger          x;
-
-    private transient   GOST3410Params      gost3410Spec;
-    private transient   PKCS12BagAttributeCarrier attrCarrier = new PKCS12BagAttributeCarrierImpl();
-
-    protected BCGOST3410PrivateKey()
-    {
-    }
-
-    BCGOST3410PrivateKey(
-        GOST3410PrivateKey key)
-    {
-        this.x = key.getX();
-        this.gost3410Spec = key.getParameters();
-    }
-
-    BCGOST3410PrivateKey(
-        GOST3410PrivateKeySpec spec)
-    {
-        this.x = spec.getX();
-        this.gost3410Spec = new GOST3410ParameterSpec(new GOST3410PublicKeyParameterSetSpec(spec.getP(), spec.getQ(), spec.getA()));
-    }
-
-    BCGOST3410PrivateKey(
-        PrivateKeyInfo info)
-        throws IOException
-    {
-        GOST3410PublicKeyAlgParameters    params = GOST3410PublicKeyAlgParameters.getInstance(info.getPrivateKeyAlgorithm().getParameters());
-
-        ASN1Encodable privKey = info.parsePrivateKey();
-
-        if (privKey instanceof ASN1Integer)
-        {
-            this.x = ASN1Integer.getInstance(privKey).getPositiveValue();
-        }
-        else
-        {
-            ASN1OctetString derX = ASN1OctetString.getInstance(info.parsePrivateKey());
-            byte[] keyEnc = derX.getOctets();
-            byte[] keyBytes = new byte[keyEnc.length];
-
-            for (int i = 0; i != keyEnc.length; i++)
-            {
-                keyBytes[i] = keyEnc[keyEnc.length - 1 - i]; // was little endian
-            }
-
-            this.x = new BigInteger(1, keyBytes);
-        }
-
-        this.gost3410Spec = GOST3410ParameterSpec.fromPublicKeyAlg(params);
-    }
-
-    BCGOST3410PrivateKey(
-        GOST3410PrivateKeyParameters params,
-        GOST3410ParameterSpec spec)
-    {
-        this.x = params.getX();
-        this.gost3410Spec = spec;
-
-        if (spec == null) 
-        {
-            throw new IllegalArgumentException("spec is null");
-        }
-    }
-
-    public String getAlgorithm()
-    {
-        return "GOST3410";
-    }
-
-    /**
-     * return the encoding format we produce in getEncoded().
-     *
-     * @return the string "PKCS#8"
-     */
-    public String getFormat()
-    {
-        return "PKCS#8";
-    }
-
-    /**
-     * Return a PKCS8 representation of the key. The sequence returned
-     * represents a full PrivateKeyInfo object.
-     *
-     * @return a PKCS8 representation of the key.
-     */
-    public byte[] getEncoded()
-    {
-        PrivateKeyInfo          info;
-        byte[]                  keyEnc = this.getX().toByteArray();
-        byte[]                  keyBytes;
-
-        if (keyEnc[0] == 0)
-        {
-            keyBytes = new byte[keyEnc.length - 1];
-        }
-        else
-        {
-            keyBytes = new byte[keyEnc.length];
-        }
-        
-        for (int i = 0; i != keyBytes.length; i++)
-        {
-            keyBytes[i] = keyEnc[keyEnc.length - 1 - i]; // must be little endian
-        }
-
-        try
-        {
-            if (gost3410Spec instanceof GOST3410ParameterSpec)
-            {
-                info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_94, new GOST3410PublicKeyAlgParameters(new ASN1ObjectIdentifier(gost3410Spec.getPublicKeyParamSetOID()), new ASN1ObjectIdentifier(gost3410Spec.getDigestParamSetOID()))), new DEROctetString(keyBytes));
-            }
-            else
-            {
-                info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_94), new DEROctetString(keyBytes));
-            }
-
-            return info.getEncoded(ASN1Encoding.DER);
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-    }
-
-    public GOST3410Params getParameters()
-    {
-        return gost3410Spec;
-    }
-
-    public BigInteger getX()
-    {
-        return x;
-    }
-
-    public boolean equals(
-        Object o)
-    {
-        if (!(o instanceof GOST3410PrivateKey))
-        {
-            return false;
-        }
-
-        GOST3410PrivateKey other = (GOST3410PrivateKey)o;
-
-        return this.getX().equals(other.getX())
-            && this.getParameters().getPublicKeyParameters().equals(other.getParameters().getPublicKeyParameters())
-            && this.getParameters().getDigestParamSetOID().equals(other.getParameters().getDigestParamSetOID())
-            && compareObj(this.getParameters().getEncryptionParamSetOID(), other.getParameters().getEncryptionParamSetOID());
-    }
-
-    private boolean compareObj(Object o1, Object o2)
-    {
-        if (o1 == o2)
-        {
-            return true;
-        }
-
-        if (o1 == null)
-        {
-            return false;
-        }
-
-        return o1.equals(o2);
-    }
-
-    public int hashCode()
-    {
-        return this.getX().hashCode() ^ gost3410Spec.hashCode();
-    }
-
-    public String toString()
-    {
-        try
-        {
-            return GOSTUtil.privateKeyToString("GOST3410", x,
-                ((GOST3410PrivateKeyParameters)GOST3410Util.generatePrivateKeyParameter(this)).getParameters());
-        }
-        catch (InvalidKeyException e)
-        {
-            throw new IllegalStateException(e.getMessage()); // should not be possible
-        }
-    }
-
-    public void setBagAttribute(
-        ASN1ObjectIdentifier oid,
-        ASN1Encodable        attribute)
-    {
-        attrCarrier.setBagAttribute(oid, attribute);
-    }
-
-    public ASN1Encodable getBagAttribute(
-        ASN1ObjectIdentifier oid)
-    {
-        return attrCarrier.getBagAttribute(oid);
-    }
-
-    public Enumeration getBagAttributeKeys()
-    {
-        return attrCarrier.getBagAttributeKeys();
-    }
-
-    private void readObject(
-        ObjectInputStream in)
-        throws IOException, ClassNotFoundException
-    {
-        in.defaultReadObject();
-
-        String publicKeyParamSetOID = (String)in.readObject();
-        if (publicKeyParamSetOID != null)
-        {
-            this.gost3410Spec = new GOST3410ParameterSpec(publicKeyParamSetOID, (String)in.readObject(), (String)in.readObject());
-        }
-        else
-        {
-            this.gost3410Spec = new GOST3410ParameterSpec(new GOST3410PublicKeyParameterSetSpec((BigInteger)in.readObject(), (BigInteger)in.readObject(), (BigInteger)in.readObject()));
-            in.readObject();
-            in.readObject();
-        }
-        this.attrCarrier = new PKCS12BagAttributeCarrierImpl();
-    }
-
-    private void writeObject(
-        ObjectOutputStream out)
-        throws IOException
-    {
-        out.defaultWriteObject();
-
-        if (gost3410Spec.getPublicKeyParamSetOID() != null)
-        {
-            out.writeObject(gost3410Spec.getPublicKeyParamSetOID());
-            out.writeObject(gost3410Spec.getDigestParamSetOID());
-            out.writeObject(gost3410Spec.getEncryptionParamSetOID());
-        }
-        else
-        {
-            out.writeObject(null);
-            out.writeObject(gost3410Spec.getPublicKeyParameters().getP());
-            out.writeObject(gost3410Spec.getPublicKeyParameters().getQ());
-            out.writeObject(gost3410Spec.getPublicKeyParameters().getA());
-            out.writeObject(gost3410Spec.getDigestParamSetOID());
-            out.writeObject(gost3410Spec.getEncryptionParamSetOID());
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/BCGOST3410PublicKey.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/BCGOST3410PublicKey.java
deleted file mode 100644
index 6a80e30..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/BCGOST3410PublicKey.java
+++ /dev/null

@@ -1,227 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.gost;
-
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.math.BigInteger;
-import java.security.InvalidKeyException;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.params.GOST3410PublicKeyParameters;
-import org.bouncycastle.jcajce.provider.asymmetric.util.GOST3410Util;
-import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil;
-import org.bouncycastle.jce.interfaces.GOST3410Params;
-import org.bouncycastle.jce.interfaces.GOST3410PublicKey;
-import org.bouncycastle.jce.spec.GOST3410ParameterSpec;
-import org.bouncycastle.jce.spec.GOST3410PublicKeyParameterSetSpec;
-import org.bouncycastle.jce.spec.GOST3410PublicKeySpec;
-
-public class BCGOST3410PublicKey
-    implements GOST3410PublicKey
-{
-    static final long serialVersionUID = -6251023343619275990L;
-
-    private BigInteger      y;
-    private transient GOST3410Params  gost3410Spec;
-
-    BCGOST3410PublicKey(
-        GOST3410PublicKeySpec spec)
-    {
-        this.y = spec.getY();
-        this.gost3410Spec = new GOST3410ParameterSpec(new GOST3410PublicKeyParameterSetSpec(spec.getP(), spec.getQ(), spec.getA()));
-    }
-
-    BCGOST3410PublicKey(
-        GOST3410PublicKey key)
-    {
-        this.y = key.getY();
-        this.gost3410Spec = key.getParameters();
-    }
-
-    BCGOST3410PublicKey(
-        GOST3410PublicKeyParameters params,
-        GOST3410ParameterSpec spec)
-    {
-        this.y = params.getY();
-        this.gost3410Spec = spec;
-    }
-
-    BCGOST3410PublicKey(
-        BigInteger y,
-        GOST3410ParameterSpec gost3410Spec)
-    {
-        this.y = y;
-        this.gost3410Spec = gost3410Spec;
-    }
-
-    BCGOST3410PublicKey(
-        SubjectPublicKeyInfo info)
-    {
-        GOST3410PublicKeyAlgParameters    params = GOST3410PublicKeyAlgParameters.getInstance(info.getAlgorithm().getParameters());
-        DEROctetString                    derY;
-
-        try
-        {
-            derY = (DEROctetString)info.parsePublicKey();
-            
-            byte[]                  keyEnc = derY.getOctets();
-            byte[]                  keyBytes = new byte[keyEnc.length];
-            
-            for (int i = 0; i != keyEnc.length; i++)
-            {
-                keyBytes[i] = keyEnc[keyEnc.length - 1 - i]; // was little endian
-            }
-
-            this.y = new BigInteger(1, keyBytes);
-        }
-        catch (IOException e)
-        {
-            throw new IllegalArgumentException("invalid info structure in GOST3410 public key");
-        }
-
-        this.gost3410Spec = GOST3410ParameterSpec.fromPublicKeyAlg(params);
-    }
-
-    public String getAlgorithm()
-    {
-        return "GOST3410";
-    }
-
-    public String getFormat()
-    {
-        return "X.509";
-    }
-
-    public byte[] getEncoded()
-    {
-        SubjectPublicKeyInfo    info;
-        byte[]                  keyEnc = this.getY().toByteArray();
-        byte[]                  keyBytes;
-        
-        if (keyEnc[0] == 0)
-        {
-            keyBytes = new byte[keyEnc.length - 1];
-        }
-        else
-        {
-            keyBytes = new byte[keyEnc.length];
-        }
-        
-        for (int i = 0; i != keyBytes.length; i++)
-        {
-            keyBytes[i] = keyEnc[keyEnc.length - 1 - i]; // must be little endian
-        }
-
-        try
-        {
-            if (gost3410Spec instanceof GOST3410ParameterSpec)
-            {
-                if (gost3410Spec.getEncryptionParamSetOID() != null)
-                {
-                    info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_94, new GOST3410PublicKeyAlgParameters(new ASN1ObjectIdentifier(gost3410Spec.getPublicKeyParamSetOID()), new ASN1ObjectIdentifier(gost3410Spec.getDigestParamSetOID()), new ASN1ObjectIdentifier(gost3410Spec.getEncryptionParamSetOID()))), new DEROctetString(keyBytes));
-                }
-                else
-                {
-                    info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_94, new GOST3410PublicKeyAlgParameters(new ASN1ObjectIdentifier(gost3410Spec.getPublicKeyParamSetOID()), new ASN1ObjectIdentifier(gost3410Spec.getDigestParamSetOID()))), new DEROctetString(keyBytes));
-                }
-            }
-            else
-            {
-                info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_94), new DEROctetString(keyBytes));
-            }
-
-            return KeyUtil.getEncodedSubjectPublicKeyInfo(info);
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-    }
-
-    public GOST3410Params getParameters()
-    {
-        return gost3410Spec;
-    }
-
-    public BigInteger getY()
-    {
-        return y;
-    }
-
-    public String toString()
-    {
-        try
-        {
-            return GOSTUtil.publicKeyToString("GOST3410", y,
-                ((GOST3410PublicKeyParameters)GOST3410Util.generatePublicKeyParameter(this)).getParameters());
-        }
-        catch (InvalidKeyException e)
-        {
-            throw new IllegalStateException(e.getMessage()); // should not be possible
-        }
-    }
-    
-    public boolean equals(Object o)
-    {
-        if (o instanceof BCGOST3410PublicKey)
-        {
-            BCGOST3410PublicKey other = (BCGOST3410PublicKey)o;
-            
-            return this.y.equals(other.y) && this.gost3410Spec.equals(other.gost3410Spec);
-        }
-        
-        return false;
-    }
-    
-    public int hashCode()
-    {
-        return y.hashCode() ^ gost3410Spec.hashCode();
-    }
-
-    private void readObject(
-        ObjectInputStream in)
-        throws IOException, ClassNotFoundException
-    {
-        in.defaultReadObject();
-
-        String publicKeyParamSetOID = (String)in.readObject();
-        if (publicKeyParamSetOID != null)
-        {
-            this.gost3410Spec = new GOST3410ParameterSpec(publicKeyParamSetOID, (String)in.readObject(), (String)in.readObject());
-        }
-        else
-        {
-            this.gost3410Spec = new GOST3410ParameterSpec(new GOST3410PublicKeyParameterSetSpec((BigInteger)in.readObject(), (BigInteger)in.readObject(), (BigInteger)in.readObject()));
-            in.readObject();
-            in.readObject();
-        }
-    }
-
-    private void writeObject(
-        ObjectOutputStream out)
-        throws IOException
-    {
-        out.defaultWriteObject();
-
-        if (gost3410Spec.getPublicKeyParamSetOID() != null)
-        {
-            out.writeObject(gost3410Spec.getPublicKeyParamSetOID());
-            out.writeObject(gost3410Spec.getDigestParamSetOID());
-            out.writeObject(gost3410Spec.getEncryptionParamSetOID());
-        }
-        else
-        {
-            out.writeObject(null);
-            out.writeObject(gost3410Spec.getPublicKeyParameters().getP());
-            out.writeObject(gost3410Spec.getPublicKeyParameters().getQ());
-            out.writeObject(gost3410Spec.getPublicKeyParameters().getA());
-            out.writeObject(gost3410Spec.getDigestParamSetOID());
-            out.writeObject(gost3410Spec.getEncryptionParamSetOID());
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/GOSTUtil.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/GOSTUtil.java
deleted file mode 100644
index 772f253..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/GOSTUtil.java
+++ /dev/null

@@ -1,45 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.gost;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.crypto.params.GOST3410Parameters;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Fingerprint;
-import org.bouncycastle.util.Strings;
-
-class GOSTUtil
-{
-    static String privateKeyToString(String algorithm, BigInteger x, GOST3410Parameters gostParams)
-    {
-        StringBuffer buf = new StringBuffer();
-        String        nl = Strings.lineSeparator();
-
-        BigInteger y = gostParams.getA().modPow(x, gostParams.getP());
-
-        buf.append(algorithm);
-        buf.append(" Private Key [").append(generateKeyFingerprint(y, gostParams)).append("]").append(nl);
-        buf.append("                  Y: ").append(y.toString(16)).append(nl);
-
-        return buf.toString();
-    }
-
-    static String publicKeyToString(String algorithm, BigInteger y, GOST3410Parameters gostParams)
-    {
-        StringBuffer buf = new StringBuffer();
-        String nl = Strings.lineSeparator();
-
-        buf.append(algorithm);
-        buf.append(" Public Key [").append(generateKeyFingerprint(y, gostParams)).append("]").append(nl);
-        buf.append("                 Y: ").append(y.toString(16)).append(nl);
-
-        return buf.toString();
-    }
-
-    private static String generateKeyFingerprint(BigInteger y, GOST3410Parameters dhParams)
-    {
-            return new Fingerprint(
-                Arrays.concatenate(
-                    y.toByteArray(),
-                    dhParams.getP().toByteArray(), dhParams.getA().toByteArray())).toString();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/KeyFactorySpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/KeyFactorySpi.java
deleted file mode 100644
index ceaf967..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/KeyFactorySpi.java
+++ /dev/null

@@ -1,121 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.gost;
-
-import java.io.IOException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.KeySpec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi;
-import org.bouncycastle.jce.interfaces.GOST3410PrivateKey;
-import org.bouncycastle.jce.interfaces.GOST3410PublicKey;
-import org.bouncycastle.jce.spec.GOST3410PrivateKeySpec;
-import org.bouncycastle.jce.spec.GOST3410PublicKeyParameterSetSpec;
-import org.bouncycastle.jce.spec.GOST3410PublicKeySpec;
-
-public class KeyFactorySpi
-    extends BaseKeyFactorySpi
-{
-    public KeyFactorySpi()
-    {
-    }
-
-    protected KeySpec engineGetKeySpec(
-        Key key,
-        Class spec)
-        throws InvalidKeySpecException
-    {
-        if (spec.isAssignableFrom(GOST3410PublicKeySpec.class) && key instanceof GOST3410PublicKey)
-        {
-            GOST3410PublicKey k = (GOST3410PublicKey)key;
-            GOST3410PublicKeyParameterSetSpec parameters = k.getParameters().getPublicKeyParameters();
-
-            return new GOST3410PublicKeySpec(k.getY(), parameters.getP(), parameters.getQ(), parameters.getA());
-        }
-        else if (spec.isAssignableFrom(GOST3410PrivateKeySpec.class) && key instanceof GOST3410PrivateKey)
-        {
-            GOST3410PrivateKey k = (GOST3410PrivateKey)key;
-            GOST3410PublicKeyParameterSetSpec parameters = k.getParameters().getPublicKeyParameters();
-
-            return new GOST3410PrivateKeySpec(k.getX(), parameters.getP(), parameters.getQ(), parameters.getA());
-        }
-
-        return super.engineGetKeySpec(key, spec);
-    }
-
-    protected Key engineTranslateKey(
-        Key key)
-        throws InvalidKeyException
-    {
-        if (key instanceof GOST3410PublicKey)
-        {
-            return new BCGOST3410PublicKey((GOST3410PublicKey)key);
-        }
-        else if (key instanceof GOST3410PrivateKey)
-        {
-            return new BCGOST3410PrivateKey((GOST3410PrivateKey)key);
-        }
-
-        throw new InvalidKeyException("key type unknown");
-    }
-
-    protected PrivateKey engineGeneratePrivate(
-            KeySpec    keySpec)
-    throws InvalidKeySpecException
-    {
-        if (keySpec instanceof GOST3410PrivateKeySpec)
-        {
-            return new BCGOST3410PrivateKey((GOST3410PrivateKeySpec)keySpec);
-        }
-
-        return super.engineGeneratePrivate(keySpec);
-    }
-
-    protected PublicKey engineGeneratePublic(
-            KeySpec    keySpec)
-    throws InvalidKeySpecException
-    {
-        if (keySpec instanceof GOST3410PublicKeySpec)
-        {
-            return new BCGOST3410PublicKey((GOST3410PublicKeySpec)keySpec);
-        }
-
-        return super.engineGeneratePublic(keySpec);
-    }
-
-    public PrivateKey generatePrivate(PrivateKeyInfo keyInfo)
-        throws IOException
-    {
-        ASN1ObjectIdentifier algOid = keyInfo.getPrivateKeyAlgorithm().getAlgorithm();
-
-        if (algOid.equals(CryptoProObjectIdentifiers.gostR3410_94))
-        {
-            return new BCGOST3410PrivateKey(keyInfo);
-        }
-        else
-        {
-            throw new IOException("algorithm identifier " + algOid + " in key not recognised");
-        }
-    }
-
-    public PublicKey generatePublic(SubjectPublicKeyInfo keyInfo)
-        throws IOException
-    {
-        ASN1ObjectIdentifier algOid = keyInfo.getAlgorithm().getAlgorithm();
-
-        if (algOid.equals(CryptoProObjectIdentifiers.gostR3410_94))
-        {
-            return new BCGOST3410PublicKey(keyInfo);
-        }
-        else
-        {
-            throw new IOException("algorithm identifier " + algOid + " in key not recognised");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/KeyPairGeneratorSpi.java
deleted file mode 100644
index 4d2bf86..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/KeyPairGeneratorSpi.java
+++ /dev/null

@@ -1,82 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.gost;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyPair;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.generators.GOST3410KeyPairGenerator;
-import org.bouncycastle.crypto.params.GOST3410KeyGenerationParameters;
-import org.bouncycastle.crypto.params.GOST3410Parameters;
-import org.bouncycastle.crypto.params.GOST3410PrivateKeyParameters;
-import org.bouncycastle.crypto.params.GOST3410PublicKeyParameters;
-import org.bouncycastle.jce.spec.GOST3410ParameterSpec;
-import org.bouncycastle.jce.spec.GOST3410PublicKeyParameterSetSpec;
-
-public class KeyPairGeneratorSpi
-    extends java.security.KeyPairGenerator
-{
-    GOST3410KeyGenerationParameters param;
-    GOST3410KeyPairGenerator engine = new GOST3410KeyPairGenerator();
-    GOST3410ParameterSpec gost3410Params;
-    int strength = 1024;
-    SecureRandom random = null;
-    boolean initialised = false;
-
-    public KeyPairGeneratorSpi()
-    {
-        super("GOST3410");
-    }
-
-    public void initialize(
-        int strength,
-        SecureRandom random)
-    {
-        this.strength = strength;
-        this.random = random;
-    }
-
-    private void init(
-        GOST3410ParameterSpec gParams,
-        SecureRandom random)
-    {
-        GOST3410PublicKeyParameterSetSpec spec = gParams.getPublicKeyParameters();
-
-        param = new GOST3410KeyGenerationParameters(random, new GOST3410Parameters(spec.getP(), spec.getQ(), spec.getA()));
-
-        engine.init(param);
-
-        initialised = true;
-        gost3410Params = gParams;
-    }
-
-    public void initialize(
-        AlgorithmParameterSpec params,
-        SecureRandom random)
-        throws InvalidAlgorithmParameterException
-    {
-        if (!(params instanceof GOST3410ParameterSpec))
-        {
-            throw new InvalidAlgorithmParameterException("parameter object not a GOST3410ParameterSpec");
-        }
-
-        init((GOST3410ParameterSpec)params, random);
-    }
-
-    public KeyPair generateKeyPair()
-    {
-        if (!initialised)
-        {
-            init(new GOST3410ParameterSpec(CryptoProObjectIdentifiers.gostR3410_94_CryptoPro_A.getId()), CryptoServicesRegistrar.getSecureRandom());
-        }
-
-        AsymmetricCipherKeyPair pair = engine.generateKeyPair();
-        GOST3410PublicKeyParameters pub = (GOST3410PublicKeyParameters)pair.getPublic();
-        GOST3410PrivateKeyParameters priv = (GOST3410PrivateKeyParameters)pair.getPrivate();
-
-        return new KeyPair(new BCGOST3410PublicKey(pub, gost3410Params), new BCGOST3410PrivateKey(priv, gost3410Params));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/SignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/SignatureSpi.java
deleted file mode 100644
index 65ed09f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/gost/SignatureSpi.java
+++ /dev/null

@@ -1,229 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.gost;
-
-import java.math.BigInteger;
-import java.security.InvalidKeyException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.SignatureException;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.DSAExt;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.GOST3411Digest;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.signers.GOST3410Signer;
-import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
-import org.bouncycastle.jcajce.provider.asymmetric.util.GOST3410Util;
-import org.bouncycastle.jce.interfaces.ECKey;
-import org.bouncycastle.jce.interfaces.ECPublicKey;
-import org.bouncycastle.jce.interfaces.GOST3410Key;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-
-public class SignatureSpi
-    extends java.security.SignatureSpi
-    implements PKCSObjectIdentifiers, X509ObjectIdentifiers
-{
-    private Digest                  digest;
-    private DSAExt                  signer;
-    private SecureRandom            random;
-
-    public SignatureSpi()
-    {
-        this.digest = new GOST3411Digest();
-        this.signer = new GOST3410Signer();
-    }
-
-    protected void engineInitVerify(
-        PublicKey   publicKey)
-        throws InvalidKeyException
-    {
-        CipherParameters    param;
-
-        if (publicKey instanceof ECPublicKey)
-        {
-            param = ECUtil.generatePublicKeyParameter(publicKey);
-        }
-        else if (publicKey instanceof GOST3410Key)
-        {
-            param = GOST3410Util.generatePublicKeyParameter(publicKey);
-        }
-        else
-        {
-            try
-            {
-                byte[]  bytes = publicKey.getEncoded();
-
-                publicKey = BouncyCastleProvider.getPublicKey(SubjectPublicKeyInfo.getInstance(bytes));
-
-                if (publicKey instanceof ECPublicKey)
-                {
-                    param = ECUtil.generatePublicKeyParameter(publicKey);
-                }
-                else
-                {
-                    throw new InvalidKeyException("can't recognise key type in DSA based signer");
-                }
-            }
-            catch (Exception e)
-            {
-                throw new InvalidKeyException("can't recognise key type in DSA based signer");
-            }
-        }
-
-        digest.reset();
-        signer.init(false, param);
-    }
-
-    protected void engineInitSign(
-        PrivateKey      privateKey,
-        SecureRandom    random)
-        throws InvalidKeyException
-    {
-        this.random = random;
-        engineInitSign(privateKey);
-    }
-
-    protected void engineInitSign(
-        PrivateKey  privateKey)
-        throws InvalidKeyException
-    {
-        CipherParameters    param;
-
-        if (privateKey instanceof ECKey)
-        {
-            param = ECUtil.generatePrivateKeyParameter(privateKey);
-        }
-        else
-        {
-            param = GOST3410Util.generatePrivateKeyParameter(privateKey);
-        }
-
-        digest.reset();
-
-        if (random != null)
-        {
-            signer.init(true, new ParametersWithRandom(param, random));
-        }
-        else
-        {
-            signer.init(true, param);
-        }
-    }
-
-    protected void engineUpdate(
-        byte    b)
-        throws SignatureException
-    {
-        digest.update(b);
-    }
-
-    protected void engineUpdate(
-        byte[]  b,
-        int     off,
-        int     len) 
-        throws SignatureException
-    {
-        digest.update(b, off, len);
-    }
-
-    protected byte[] engineSign()
-        throws SignatureException
-    {
-        byte[]  hash = new byte[digest.getDigestSize()];
-
-        digest.doFinal(hash, 0);
-
-        try
-        {
-            byte[]          sigBytes = new byte[64];
-            BigInteger[]    sig = signer.generateSignature(hash);
-            byte[]          r = sig[0].toByteArray();
-            byte[]          s = sig[1].toByteArray();
-
-            if (s[0] != 0)
-            {
-                System.arraycopy(s, 0, sigBytes, 32 - s.length, s.length);
-            }
-            else
-            {
-                System.arraycopy(s, 1, sigBytes, 32 - (s.length - 1), s.length - 1);
-            }
-            
-            if (r[0] != 0)
-            {
-                System.arraycopy(r, 0, sigBytes, 64 - r.length, r.length);
-            }
-            else
-            {
-                System.arraycopy(r, 1, sigBytes, 64 - (r.length - 1), r.length - 1);
-            }
-
-            return sigBytes;
-        }
-        catch (Exception e)
-        {
-            throw new SignatureException(e.toString());
-        }
-    }
-    
-    protected boolean engineVerify(
-        byte[]  sigBytes) 
-        throws SignatureException
-    {
-        byte[]  hash = new byte[digest.getDigestSize()];
-
-        digest.doFinal(hash, 0);
-
-        BigInteger[]    sig;
-
-        try
-        {
-            byte[] r = new byte[32]; 
-            byte[] s = new byte[32];
-
-            System.arraycopy(sigBytes, 0, s, 0, 32);
-
-            System.arraycopy(sigBytes, 32, r, 0, 32);
-            
-            sig = new BigInteger[2];
-            sig[0] = new BigInteger(1, r);
-            sig[1] = new BigInteger(1, s);
-        }
-        catch (Exception e)
-        {
-            throw new SignatureException("error decoding signature bytes.");
-        }
-
-        return signer.verifySignature(hash, sig[0], sig[1]);
-    }
-
-    protected void engineSetParameter(
-        AlgorithmParameterSpec params)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    /**
-     * @deprecated replaced with #engineSetParameter(java.security.spec.AlgorithmParameterSpec)
-     */
-    protected void engineSetParameter(
-        String  param,
-        Object  value)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    /**
-     * @deprecated
-     */
-    protected Object engineGetParameter(
-        String      param)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ies/AlgorithmParametersSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ies/AlgorithmParametersSpi.java
deleted file mode 100644
index d6406a7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/ies/AlgorithmParametersSpi.java
+++ /dev/null

@@ -1,184 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.ies;
-
-import java.io.IOException;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.InvalidParameterSpecException;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.jce.spec.IESParameterSpec;
-
-public class AlgorithmParametersSpi
-    extends java.security.AlgorithmParametersSpi
-{
-    protected boolean isASN1FormatString(String format)
-    {
-        return format == null || format.equals("ASN.1");
-    }
-
-    protected AlgorithmParameterSpec engineGetParameterSpec(
-        Class paramSpec)
-        throws InvalidParameterSpecException
-    {
-        if (paramSpec == null)
-        {
-            throw new NullPointerException("argument to getParameterSpec must not be null");
-        }
-
-        return localEngineGetParameterSpec(paramSpec);
-    }
-
-    IESParameterSpec currentSpec;
-
-    /**
-     * in the absence of a standard way of doing it this will do for
-     * now...
-     */
-    protected byte[] engineGetEncoded()
-    {
-        try
-        {
-            ASN1EncodableVector v = new ASN1EncodableVector();
-
-            if (currentSpec.getDerivationV() != null)
-            {
-                v.add(new DERTaggedObject(false, 0, new DEROctetString(currentSpec.getDerivationV())));
-            }
-            if (currentSpec.getEncodingV() != null)
-            {
-                v.add(new DERTaggedObject(false, 1, new DEROctetString(currentSpec.getEncodingV())));
-            }
-            v.add(new ASN1Integer(currentSpec.getMacKeySize()));
-            if (currentSpec.getNonce() != null)
-            {
-                ASN1EncodableVector cV = new ASN1EncodableVector();
-
-                cV.add(new ASN1Integer(currentSpec.getCipherKeySize()));
-                cV.add(new ASN1Integer(currentSpec.getNonce()));
-
-                v.add(new DERSequence(cV));
-            }
-            return new DERSequence(v).getEncoded(ASN1Encoding.DER);
-        }
-        catch (IOException e)
-        {
-            throw new RuntimeException("Error encoding IESParameters");
-        }
-    }
-
-    protected byte[] engineGetEncoded(
-        String format)
-    {
-        if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509"))
-        {
-            return engineGetEncoded();
-        }
-
-        return null;
-    }
-
-    protected AlgorithmParameterSpec localEngineGetParameterSpec(
-        Class paramSpec)
-        throws InvalidParameterSpecException
-    {
-        if (paramSpec == IESParameterSpec.class || paramSpec == AlgorithmParameterSpec.class)
-        {
-            return currentSpec;
-        }
-
-        throw new InvalidParameterSpecException("unknown parameter spec passed to ElGamal parameters object.");
-    }
-
-    protected void engineInit(
-        AlgorithmParameterSpec paramSpec)
-        throws InvalidParameterSpecException
-    {
-        if (!(paramSpec instanceof IESParameterSpec))
-        {
-            throw new InvalidParameterSpecException("IESParameterSpec required to initialise a IES algorithm parameters object");
-        }
-
-        this.currentSpec = (IESParameterSpec)paramSpec;
-    }
-
-    protected void engineInit(
-        byte[] params)
-        throws IOException
-    {
-        try
-        {
-            ASN1Sequence s = (ASN1Sequence)ASN1Primitive.fromByteArray(params);
-
-            if (s.size() == 1)
-            {
-                this.currentSpec = new IESParameterSpec(null, null, ASN1Integer.getInstance(s.getObjectAt(0)).getValue().intValue());
-            }
-            else if (s.size() == 2)
-            {
-                ASN1TaggedObject tagged = ASN1TaggedObject.getInstance(s.getObjectAt(0));
-
-                if (tagged.getTagNo() == 0)
-                {
-                    this.currentSpec = new IESParameterSpec(ASN1OctetString.getInstance(tagged, false).getOctets(), null, ASN1Integer.getInstance(s.getObjectAt(1)).getValue().intValue());
-                }
-                else
-                {
-                    this.currentSpec = new IESParameterSpec(null, ASN1OctetString.getInstance(tagged, false).getOctets(), ASN1Integer.getInstance(s.getObjectAt(1)).getValue().intValue());
-                }
-            }
-            else if (s.size() == 3)
-            {
-                ASN1TaggedObject tagged1 = ASN1TaggedObject.getInstance(s.getObjectAt(0));
-                ASN1TaggedObject tagged2 = ASN1TaggedObject.getInstance(s.getObjectAt(1));
-
-                this.currentSpec = new IESParameterSpec(ASN1OctetString.getInstance(tagged1, false).getOctets(), ASN1OctetString.getInstance(tagged2, false).getOctets(), ASN1Integer.getInstance(s.getObjectAt(2)).getValue().intValue());
-            }
-            else if (s.size() == 4)
-            {
-                ASN1TaggedObject tagged1 = ASN1TaggedObject.getInstance(s.getObjectAt(0));
-                ASN1TaggedObject tagged2 = ASN1TaggedObject.getInstance(s.getObjectAt(1));
-                ASN1Sequence     cipherDet = ASN1Sequence.getInstance(s.getObjectAt(3));
-
-                this.currentSpec = new IESParameterSpec(ASN1OctetString.getInstance(tagged1, false).getOctets(), ASN1OctetString.getInstance(tagged2, false).getOctets(), ASN1Integer.getInstance(s.getObjectAt(2)).getValue().intValue(),
-                    ASN1Integer.getInstance(cipherDet.getObjectAt(0)).getValue().intValue(),
-                    ASN1OctetString.getInstance(cipherDet.getObjectAt(1)).getOctets());
-            }
-        }
-        catch (ClassCastException e)
-        {
-            throw new IOException("Not a valid IES Parameter encoding.");
-        }
-        catch (ArrayIndexOutOfBoundsException e)
-        {
-            throw new IOException("Not a valid IES Parameter encoding.");
-        }
-    }
-
-    protected void engineInit(
-        byte[] params,
-        String format)
-        throws IOException
-    {
-        if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509"))
-        {
-            engineInit(params);
-        }
-        else
-        {
-            throw new IOException("Unknown parameter format " + format);
-        }
-    }
-
-    protected String engineToString()
-    {
-        return "IES Parameters";
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java
index cb02462..274f6fa 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java

@@ -27,7 +27,8 @@
 import org.bouncycastle.crypto.CryptoServicesRegistrar;
 import org.bouncycastle.crypto.Digest;
 import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.encodings.ISO9796d1Encoding;
+// Android-removed: Unsupported algorithm
+// import org.bouncycastle.crypto.encodings.ISO9796d1Encoding;
 import org.bouncycastle.crypto.encodings.OAEPEncoding;
 import org.bouncycastle.crypto.encodings.PKCS1Encoding;
 import org.bouncycastle.crypto.engines.RSABlindedEngine;
@@ -35,14 +36,18 @@
 import org.bouncycastle.jcajce.provider.asymmetric.util.BaseCipherSpi;
 import org.bouncycastle.jcajce.provider.util.BadBlockException;
 import org.bouncycastle.jcajce.provider.util.DigestFactory;
-import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+// Android-changed: Use default provider for JCA algorithms instead of BC
+// Was: import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
 import org.bouncycastle.jcajce.util.JcaJceHelper;
 import org.bouncycastle.util.Strings;
 
 public class CipherSpi
     extends BaseCipherSpi
 {
-    private final JcaJceHelper helper = new BCJcaJceHelper();
+    // Android-changed: Use default provider for JCA algorithms instead of BC
+    // Was: private final JcaJceHelper helper = new BCJcaJceHelper();
+    private final JcaJceHelper helper = new DefaultJcaJceHelper();
 
     private AsymmetricBlockCipher   cipher;
     private AlgorithmParameterSpec  paramSpec;
@@ -202,10 +207,12 @@
         {
             cipher = new PKCS1Encoding(new RSABlindedEngine());
         }
-        else if (pad.equals("ISO9796-1PADDING"))
-        {
-            cipher = new ISO9796d1Encoding(new RSABlindedEngine());
-        }
+        // BEGIN Android-removed: Unsupported algorithm
+        // else if (pad.equals("ISO9796-1PADDING"))
+        // {
+        //     cipher = new ISO9796d1Encoding(new RSABlindedEngine());
+        // }
+        // END Android-removed: Unsupported algorithm
         else if (pad.equals("OAEPWITHMD5ANDMGF1PADDING"))
         {
             initFromSpec(new OAEPParameterSpec("MD5", "MGF1", new MGF1ParameterSpec("MD5"), PSource.PSpecified.DEFAULT));
@@ -234,6 +241,8 @@
         {
             initFromSpec(new OAEPParameterSpec("SHA-512", "MGF1", MGF1ParameterSpec.SHA512, PSource.PSpecified.DEFAULT));
         }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         else if (pad.equals("OAEPWITHSHA3-224ANDMGF1PADDING"))
         {
             initFromSpec(new OAEPParameterSpec("SHA3-224", "MGF1", new MGF1ParameterSpec("SHA3-224"), PSource.PSpecified.DEFAULT));
@@ -250,6 +259,8 @@
         {
             initFromSpec(new OAEPParameterSpec("SHA3-512", "MGF1", new MGF1ParameterSpec("SHA3-512"), PSource.PSpecified.DEFAULT));
         }
+        */
+        // END Android-removed: Unsupported algorithms
         else
         {
             throw new NoSuchPaddingException(padding + " unavailable with RSA.");
@@ -560,6 +571,8 @@
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     static public class PKCS1v1_5Padding
         extends CipherSpi
     {
@@ -604,4 +617,6 @@
             super(new ISO9796d1Encoding(new RSABlindedEngine()));
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 }

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java
index bc00222..8688f7e 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java

@@ -17,21 +17,25 @@
 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
 import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
 import org.bouncycastle.asn1.x509.DigestInfo;
 import org.bouncycastle.crypto.AsymmetricBlockCipher;
 import org.bouncycastle.crypto.CipherParameters;
 import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.MD2Digest;
-import org.bouncycastle.crypto.digests.MD4Digest;
-import org.bouncycastle.crypto.digests.NullDigest;
-import org.bouncycastle.crypto.digests.RIPEMD128Digest;
-import org.bouncycastle.crypto.digests.RIPEMD160Digest;
-import org.bouncycastle.crypto.digests.RIPEMD256Digest;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.digests.MD2Digest;
+// import org.bouncycastle.crypto.digests.MD4Digest;
+// import org.bouncycastle.crypto.digests.NullDigest;
+// import org.bouncycastle.crypto.digests.RIPEMD128Digest;
+// import org.bouncycastle.crypto.digests.RIPEMD160Digest;
+// import org.bouncycastle.crypto.digests.RIPEMD256Digest;
 import org.bouncycastle.crypto.encodings.PKCS1Encoding;
 import org.bouncycastle.crypto.engines.RSABlindedEngine;
-import org.bouncycastle.crypto.util.DigestFactory;
+// Android-changed: Use Android digests
+// import org.bouncycastle.crypto.util.DigestFactory;
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
 import org.bouncycastle.util.Arrays;
 
 public class DigestSignatureSpi
@@ -248,7 +252,9 @@
     {
         public SHA1()
         {
-            super(OIWObjectIdentifiers.idSHA1, DigestFactory.createSHA1(), new PKCS1Encoding(new RSABlindedEngine()));
+            // Android-changed: Use Android digests
+            // super(OIWObjectIdentifiers.idSHA1, DigestFactory.createSHA1(), new PKCS1Encoding(new RSABlindedEngine()));
+            super(OIWObjectIdentifiers.idSHA1, AndroidDigestFactory.getSHA1(), new PKCS1Encoding(new RSABlindedEngine()));
         }
     }
 
@@ -257,7 +263,9 @@
     {
         public SHA224()
         {
-            super(NISTObjectIdentifiers.id_sha224, DigestFactory.createSHA224(), new PKCS1Encoding(new RSABlindedEngine()));
+            // Android-changed: Use Android digests
+            // super(NISTObjectIdentifiers.id_sha224, DigestFactory.createSHA224(), new PKCS1Encoding(new RSABlindedEngine()));
+            super(NISTObjectIdentifiers.id_sha224, AndroidDigestFactory.getSHA224(), new PKCS1Encoding(new RSABlindedEngine()));
         }
     }
 
@@ -266,7 +274,9 @@
     {
         public SHA256()
         {
-            super(NISTObjectIdentifiers.id_sha256, DigestFactory.createSHA256(), new PKCS1Encoding(new RSABlindedEngine()));
+            // Android-changed: Use Android digests
+            // super(NISTObjectIdentifiers.id_sha256, DigestFactory.createSHA256(), new PKCS1Encoding(new RSABlindedEngine()));
+            super(NISTObjectIdentifiers.id_sha256, AndroidDigestFactory.getSHA256(), new PKCS1Encoding(new RSABlindedEngine()));
         }
     }
 
@@ -275,7 +285,9 @@
     {
         public SHA384()
         {
-            super(NISTObjectIdentifiers.id_sha384, DigestFactory.createSHA384(), new PKCS1Encoding(new RSABlindedEngine()));
+            // Android-changed: Use Android digests
+            // super(NISTObjectIdentifiers.id_sha384, DigestFactory.createSHA384(), new PKCS1Encoding(new RSABlindedEngine()));
+            super(NISTObjectIdentifiers.id_sha384, AndroidDigestFactory.getSHA384(), new PKCS1Encoding(new RSABlindedEngine()));
         }
     }
 
@@ -284,10 +296,14 @@
     {
         public SHA512()
         {
-            super(NISTObjectIdentifiers.id_sha512, DigestFactory.createSHA512(), new PKCS1Encoding(new RSABlindedEngine()));
+            // Android-changed: Use Android digests
+            // super(NISTObjectIdentifiers.id_sha512, DigestFactory.createSHA512(), new PKCS1Encoding(new RSABlindedEngine()));
+            super(NISTObjectIdentifiers.id_sha512, AndroidDigestFactory.getSHA512(), new PKCS1Encoding(new RSABlindedEngine()));
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     static public class SHA512_224
         extends DigestSignatureSpi
     {
@@ -359,16 +375,22 @@
             super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine()));
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     static public class MD5
         extends DigestSignatureSpi
     {
         public MD5()
         {
-            super(PKCSObjectIdentifiers.md5, DigestFactory.createMD5(), new PKCS1Encoding(new RSABlindedEngine()));
+            // Android-changed: Use Android digests
+            // super(PKCSObjectIdentifiers.md5, DigestFactory.createMD5(), new PKCS1Encoding(new RSABlindedEngine()));
+            super(PKCSObjectIdentifiers.md5, AndroidDigestFactory.getMD5(), new PKCS1Encoding(new RSABlindedEngine()));
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     static public class RIPEMD160
         extends DigestSignatureSpi
     {
@@ -404,4 +426,6 @@
             super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine()));
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 }

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/ISOSignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/ISOSignatureSpi.java
deleted file mode 100644
index 8bad9f4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/ISOSignatureSpi.java
+++ /dev/null

@@ -1,205 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.rsa;
-
-import java.security.InvalidKeyException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SignatureException;
-import java.security.SignatureSpi;
-import java.security.interfaces.RSAPrivateKey;
-import java.security.interfaces.RSAPublicKey;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.crypto.AsymmetricBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.RIPEMD160Digest;
-import org.bouncycastle.crypto.digests.WhirlpoolDigest;
-import org.bouncycastle.crypto.engines.RSABlindedEngine;
-import org.bouncycastle.crypto.signers.ISO9796d2Signer;
-import org.bouncycastle.crypto.util.DigestFactory;
-
-public class ISOSignatureSpi
-    extends SignatureSpi
-{
-    private ISO9796d2Signer signer;
-
-    protected ISOSignatureSpi(
-        Digest digest,
-        AsymmetricBlockCipher cipher)
-    {
-        signer = new ISO9796d2Signer(cipher, digest, true);
-    }
-
-    protected void engineInitVerify(
-        PublicKey publicKey)
-        throws InvalidKeyException
-    {
-        CipherParameters param = RSAUtil.generatePublicKeyParameter((RSAPublicKey)publicKey);
-
-        signer.init(false, param);
-    }
-
-    protected void engineInitSign(
-        PrivateKey privateKey)
-        throws InvalidKeyException
-    {
-        CipherParameters param = RSAUtil.generatePrivateKeyParameter((RSAPrivateKey)privateKey);
-
-        signer.init(true, param);
-    }
-
-    protected void engineUpdate(
-        byte    b)
-        throws SignatureException
-    {
-        signer.update(b);
-    }
-
-    protected void engineUpdate(
-        byte[]  b,
-        int     off,
-        int     len) 
-        throws SignatureException
-    {
-        signer.update(b, off, len);
-    }
-
-    protected byte[] engineSign()
-        throws SignatureException
-    {
-        try
-        {
-            byte[]  sig = signer.generateSignature();
-
-            return sig;
-        }
-        catch (Exception e)
-        {
-            throw new SignatureException(e.toString());
-        }
-    }
-
-    protected boolean engineVerify(
-        byte[]  sigBytes) 
-        throws SignatureException
-    {
-        boolean yes = signer.verifySignature(sigBytes);
-
-        return yes;
-    }
-
-    protected void engineSetParameter(
-        AlgorithmParameterSpec params)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    /**
-     * @deprecated replaced with <a href="#engineSetParameter(java.security.spec.AlgorithmParameterSpec)">engineSetParameter(java.security.spec.AlgorithmParameterSpec)</a>
-     */
-    protected void engineSetParameter(
-        String param,
-        Object value)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    /**
-     * @deprecated
-     */
-    protected Object engineGetParameter(
-        String param)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    static public class SHA1WithRSAEncryption
-        extends ISOSignatureSpi
-    {
-        public SHA1WithRSAEncryption()
-        {
-            super(DigestFactory.createSHA1(), new RSABlindedEngine());
-        }
-    }
-
-    static public class MD5WithRSAEncryption
-        extends ISOSignatureSpi
-    {
-        public MD5WithRSAEncryption()
-        {
-            super(DigestFactory.createMD5(), new RSABlindedEngine());
-        }
-    }
-
-    static public class RIPEMD160WithRSAEncryption
-        extends ISOSignatureSpi
-    {
-        public RIPEMD160WithRSAEncryption()
-        {
-            super(new RIPEMD160Digest(), new RSABlindedEngine());
-        }
-    }
-
-    static public class SHA224WithRSAEncryption
-        extends ISOSignatureSpi
-    {
-        public SHA224WithRSAEncryption()
-        {
-            super(DigestFactory.createSHA224(), new RSABlindedEngine());
-        }
-    }
-
-    static public class SHA256WithRSAEncryption
-        extends ISOSignatureSpi
-    {
-        public SHA256WithRSAEncryption()
-        {
-            super(DigestFactory.createSHA256(), new RSABlindedEngine());
-        }
-    }
-
-    static public class SHA384WithRSAEncryption
-        extends ISOSignatureSpi
-    {
-        public SHA384WithRSAEncryption()
-        {
-            super(DigestFactory.createSHA384(), new RSABlindedEngine());
-        }
-    }
-
-    static public class SHA512WithRSAEncryption
-        extends ISOSignatureSpi
-    {
-        public SHA512WithRSAEncryption()
-        {
-            super(DigestFactory.createSHA512(), new RSABlindedEngine());
-        }
-    }
-
-    static public class SHA512_224WithRSAEncryption
-        extends ISOSignatureSpi
-    {
-        public SHA512_224WithRSAEncryption()
-        {
-            super(DigestFactory.createSHA512_224(), new RSABlindedEngine());
-        }
-    }
-
-    static public class SHA512_256WithRSAEncryption
-        extends ISOSignatureSpi
-    {
-        public SHA512_256WithRSAEncryption()
-        {
-            super(DigestFactory.createSHA512_256(), new RSABlindedEngine());
-        }
-    }
-
-    static public class WhirlpoolWithRSAEncryption
-        extends ISOSignatureSpi
-    {
-        public WhirlpoolWithRSAEncryption()
-        {
-            super(new WhirlpoolDigest(), new RSABlindedEngine());
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/KeyFactorySpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/KeyFactorySpi.java
index 8e5d951..89afe5c 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/KeyFactorySpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/KeyFactorySpi.java

@@ -21,12 +21,14 @@
 import org.bouncycastle.crypto.CipherParameters;
 import org.bouncycastle.crypto.params.RSAKeyParameters;
 import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
-import org.bouncycastle.crypto.util.OpenSSHPrivateKeyUtil;
-import org.bouncycastle.crypto.util.OpenSSHPublicKeyUtil;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.util.OpenSSHPrivateKeyUtil;
+// import org.bouncycastle.crypto.util.OpenSSHPublicKeyUtil;
 import org.bouncycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi;
 import org.bouncycastle.jcajce.provider.asymmetric.util.ExtendedInvalidKeySpecException;
-import org.bouncycastle.jce.spec.OpenSSHPrivateKeySpec;
-import org.bouncycastle.jce.spec.OpenSSHPublicKeySpec;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jce.spec.OpenSSHPrivateKeySpec;
+// import org.bouncycastle.jce.spec.OpenSSHPublicKeySpec;
 
 public class KeyFactorySpi
     extends BaseKeyFactorySpi
@@ -63,6 +65,8 @@
                 k.getPrimeExponentP(), k.getPrimeExponentQ(),
                 k.getCrtCoefficient());
         }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         else if (spec.isAssignableFrom(OpenSSHPublicKeySpec.class) && key instanceof RSAPublicKey)
         {
             try
@@ -101,6 +105,8 @@
                 throw new IllegalArgumentException("unable to produce encoding: " + e.getMessage());
             }
         }
+        */
+        // END Android-removed: Unsupported algorithms
 
         return super.engineGetKeySpec(key, spec);
     }
@@ -159,6 +165,8 @@
         {
             return new BCRSAPrivateKey((RSAPrivateKeySpec)keySpec);
         }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         else if (keySpec instanceof OpenSSHPrivateKeySpec)
         {
             CipherParameters parameters = OpenSSHPrivateKeyUtil.parsePrivateKeyBlob(((OpenSSHPrivateKeySpec)keySpec).getEncoded());
@@ -170,6 +178,8 @@
 
             throw new InvalidKeySpecException("open SSH public key is not RSA private key");
         }
+        */
+        // END Android-removed: Unsupported algorithms
 
         throw new InvalidKeySpecException("unknown KeySpec type: " + keySpec.getClass().getName());
     }
@@ -182,6 +192,8 @@
         {
             return new BCRSAPublicKey((RSAPublicKeySpec)keySpec);
         }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         else if (keySpec instanceof OpenSSHPublicKeySpec)
         {
 
@@ -194,6 +206,8 @@
             throw new InvalidKeySpecException("Open SSH public key is not RSA public key");
 
         }
+        */
+        // END Android-removed: Unsupported algorithms
 
         return super.engineGeneratePublic(keySpec);
     }

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/KeyPairGeneratorSpi.java
index 4334815..3b9d7ab 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/KeyPairGeneratorSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/KeyPairGeneratorSpi.java

@@ -44,7 +44,9 @@
         SecureRandom random)
     {
         param = new RSAKeyGenerationParameters(defaultPublicExponent,
-            random, strength, PrimeCertaintyCalculator.getDefaultCertainty(strength));
+            // Android-changed: Replace null random with default implementation.
+            // random, strength, PrimeCertaintyCalculator.getDefaultCertainty(strength));
+            (random != null) ? random : new SecureRandom(), strength, PrimeCertaintyCalculator.getDefaultCertainty(strength));
 
         engine.init(param);
     }
@@ -62,7 +64,9 @@
 
         param = new RSAKeyGenerationParameters(
             rsaParams.getPublicExponent(),
-            random, rsaParams.getKeysize(), PrimeCertaintyCalculator.getDefaultCertainty(2048));
+            // Android-changed: Replace null random with default implementation.
+            // random, rsaParams.getKeysize(), PrimeCertaintyCalculator.getDefaultCertainty(2048));
+            (random != null) ? random : new SecureRandom(), rsaParams.getKeysize(), PrimeCertaintyCalculator.getDefaultCertainty(2048));
 
         engine.init(param);
     }

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/PSSSignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/PSSSignatureSpi.java
deleted file mode 100644
index f8872f8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/PSSSignatureSpi.java
+++ /dev/null

@@ -1,494 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.rsa;
-
-import java.io.ByteArrayOutputStream;
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.PrivateKey;
-import java.security.ProviderException;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.SignatureException;
-import java.security.SignatureSpi;
-import java.security.interfaces.RSAPrivateKey;
-import java.security.interfaces.RSAPublicKey;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.MGF1ParameterSpec;
-import java.security.spec.PSSParameterSpec;
-
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.crypto.AsymmetricBlockCipher;
-import org.bouncycastle.crypto.CryptoException;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.engines.RSABlindedEngine;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.jcajce.provider.util.DigestFactory;
-import org.bouncycastle.jcajce.util.BCJcaJceHelper;
-import org.bouncycastle.jcajce.util.JcaJceHelper;
-
-public class PSSSignatureSpi
-    extends SignatureSpi
-{
-    private final JcaJceHelper helper = new BCJcaJceHelper();
-
-    private AlgorithmParameters engineParams;
-    private PSSParameterSpec paramSpec;
-    private PSSParameterSpec originalSpec;
-    private AsymmetricBlockCipher signer;
-    private Digest contentDigest;
-    private Digest mgfDigest;
-    private int saltLength;
-    private byte trailer;
-    private boolean isRaw;
-    private RSAKeyParameters key;
-
-    private org.bouncycastle.crypto.signers.PSSSigner pss;
-    private boolean isInitState = true;
-
-    private byte getTrailer(
-        int trailerField)
-    {
-        if (trailerField == 1)
-        {
-            return org.bouncycastle.crypto.signers.PSSSigner.TRAILER_IMPLICIT;
-        }
-        
-        throw new IllegalArgumentException("unknown trailer field");
-    }
-
-    private void setupContentDigest()
-    {
-        if (isRaw)
-        {
-            this.contentDigest = new NullPssDigest(mgfDigest);
-        }
-        else
-        {
-            this.contentDigest = mgfDigest;
-        }
-    }
-
-    // care - this constructor is actually used by outside organisations
-    protected PSSSignatureSpi(
-        AsymmetricBlockCipher signer,
-        PSSParameterSpec paramSpecArg)
-    {
-        this(signer, paramSpecArg, false);
-    }
-
-    // care - this constructor is actually used by outside organisations
-    protected PSSSignatureSpi(
-        AsymmetricBlockCipher signer,
-        PSSParameterSpec baseParamSpec,
-        boolean isRaw)
-    {
-        this.signer = signer;
-        this.originalSpec = baseParamSpec;
-        
-        if (baseParamSpec == null)
-        {
-            this.paramSpec = PSSParameterSpec.DEFAULT;
-        }
-        else
-        {
-            this.paramSpec = baseParamSpec;
-        }
-
-        this.mgfDigest = DigestFactory.getDigest(paramSpec.getDigestAlgorithm());
-        this.saltLength = paramSpec.getSaltLength();
-        this.trailer = getTrailer(paramSpec.getTrailerField());
-        this.isRaw = isRaw;
-
-        setupContentDigest();
-    }
-    
-    protected void engineInitVerify(
-        PublicKey publicKey)
-        throws InvalidKeyException
-    {
-        if (!(publicKey instanceof RSAPublicKey))
-        {
-            throw new InvalidKeyException("Supplied key is not a RSAPublicKey instance");
-        }
-
-        key = RSAUtil.generatePublicKeyParameter((RSAPublicKey)publicKey);
-        pss = new org.bouncycastle.crypto.signers.PSSSigner(signer, contentDigest, mgfDigest, saltLength, trailer);
-        pss.init(false, key);
-        isInitState = true;
-    }
-
-    protected void engineInitSign(
-        PrivateKey privateKey,
-        SecureRandom random)
-        throws InvalidKeyException
-    {
-        if (!(privateKey instanceof RSAPrivateKey))
-        {
-            throw new InvalidKeyException("Supplied key is not a RSAPrivateKey instance");
-        }
-
-        key = RSAUtil.generatePrivateKeyParameter((RSAPrivateKey)privateKey);
-        pss = new org.bouncycastle.crypto.signers.PSSSigner(signer, contentDigest, mgfDigest, saltLength, trailer);
-        pss.init(true, new ParametersWithRandom(key, random));
-        isInitState = true;
-    }
-
-    protected void engineInitSign(
-        PrivateKey privateKey)
-        throws InvalidKeyException
-    {
-        if (!(privateKey instanceof RSAPrivateKey))
-        {
-            throw new InvalidKeyException("Supplied key is not a RSAPrivateKey instance");
-        }
-
-        key = RSAUtil.generatePrivateKeyParameter((RSAPrivateKey)privateKey);
-        pss = new org.bouncycastle.crypto.signers.PSSSigner(signer, contentDigest, mgfDigest, saltLength, trailer);
-        pss.init(true, key);
-        isInitState = true;
-    }
-
-    protected void engineUpdate(
-        byte    b)
-        throws SignatureException
-    {
-        pss.update(b);
-        isInitState = false;
-    }
-
-    protected void engineUpdate(
-        byte[]  b,
-        int     off,
-        int     len) 
-        throws SignatureException
-    {
-        pss.update(b, off, len);
-        isInitState = false;
-    }
-
-    protected byte[] engineSign()
-        throws SignatureException
-    {
-        isInitState = true;
-        try
-        {
-            return pss.generateSignature();
-        }
-        catch (CryptoException e)
-        {
-            throw new SignatureException(e.getMessage());
-        }
-    }
-
-    protected boolean engineVerify(
-        byte[]  sigBytes) 
-        throws SignatureException
-    {
-        isInitState = true;
-        return pss.verifySignature(sigBytes);
-    }
-
-    protected void engineSetParameter(
-        AlgorithmParameterSpec params)
-        throws InvalidAlgorithmParameterException
-    {
-        if (params == null)
-        {
-            if (originalSpec != null)
-            {
-                params = originalSpec;
-            }
-            else
-            {
-                return;  // Java 11 bug
-            }
-        }
-
-        if (!isInitState)
-        {
-            throw new ProviderException("cannot call setParameter in the middle of update");
-        }
-
-        if (params instanceof PSSParameterSpec)
-        {
-            PSSParameterSpec newParamSpec = (PSSParameterSpec)params;
-            
-            if (originalSpec != null)
-            {
-                if (!DigestFactory.isSameDigest(originalSpec.getDigestAlgorithm(), newParamSpec.getDigestAlgorithm()))
-                {
-                    throw new InvalidAlgorithmParameterException("parameter must be using " + originalSpec.getDigestAlgorithm());
-                }
-            }
-            if (!newParamSpec.getMGFAlgorithm().equalsIgnoreCase("MGF1") && !newParamSpec.getMGFAlgorithm().equals(PKCSObjectIdentifiers.id_mgf1.getId()))
-            {
-                throw new InvalidAlgorithmParameterException("unknown mask generation function specified");
-            }
-            
-            if (!(newParamSpec.getMGFParameters() instanceof MGF1ParameterSpec))
-            {
-                throw new InvalidAlgorithmParameterException("unknown MGF parameters");
-            }
-            
-            MGF1ParameterSpec mgfParams = (MGF1ParameterSpec)newParamSpec.getMGFParameters();
-            
-            if (!DigestFactory.isSameDigest(mgfParams.getDigestAlgorithm(), newParamSpec.getDigestAlgorithm()))
-            {
-                throw new InvalidAlgorithmParameterException("digest algorithm for MGF should be the same as for PSS parameters.");
-            }
-            
-            Digest newDigest = DigestFactory.getDigest(mgfParams.getDigestAlgorithm());
-            
-            if (newDigest == null)
-            {
-                throw new InvalidAlgorithmParameterException("no match on MGF digest algorithm: "+ mgfParams.getDigestAlgorithm());
-            }
-
-            this.engineParams = null;
-            this.paramSpec = newParamSpec;
-            this.mgfDigest = newDigest;
-            this.saltLength = paramSpec.getSaltLength();
-            this.trailer = getTrailer(paramSpec.getTrailerField());
-
-            setupContentDigest();
-
-            if (key != null)
-            {
-                pss = new org.bouncycastle.crypto.signers.PSSSigner(signer, contentDigest, mgfDigest, saltLength, trailer);
-                if (key.isPrivate())
-                {
-                    pss.init(true, key);
-                }
-                else
-                {
-                    pss.init(false, key);
-                }
-            }
-        }
-        else
-        {
-            throw new InvalidAlgorithmParameterException("Only PSSParameterSpec supported");
-        }
-    }
-
-    protected AlgorithmParameters engineGetParameters()
-    {
-        if (engineParams == null)
-        {
-            if (paramSpec != null)
-            {
-                try
-                {
-                    engineParams = helper.createAlgorithmParameters("PSS");
-                    engineParams.init(paramSpec);
-                }
-                catch (Exception e)
-                {
-                    throw new RuntimeException(e.toString());
-                }
-            }
-        }
-
-        return engineParams;
-    }
-    
-    /**
-     * @deprecated replaced with <a href="#engineSetParameter(java.security.spec.AlgorithmParameterSpec)">engineSetParameter(java.security.spec.AlgorithmParameterSpec)</a>
-     */
-    protected void engineSetParameter(
-        String param,
-        Object value)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-    
-    protected Object engineGetParameter(
-        String param)
-    {
-        throw new UnsupportedOperationException("engineGetParameter unsupported");
-    }
-
-    static public class nonePSS
-        extends PSSSignatureSpi
-    {
-        public nonePSS()
-        {
-            super(new RSABlindedEngine(), null, true);
-        }
-    }
-
-    static public class PSSwithRSA
-        extends PSSSignatureSpi
-    {
-        public PSSwithRSA()
-        {
-            super(new RSABlindedEngine(), null);
-        }
-    }
-    
-    static public class SHA1withRSA
-        extends PSSSignatureSpi
-    {
-        public SHA1withRSA()
-        {
-            super(new RSABlindedEngine(), PSSParameterSpec.DEFAULT);
-        }
-    }
-
-    static public class SHA224withRSA
-        extends PSSSignatureSpi
-    {
-        public SHA224withRSA()
-        {
-            super(new RSABlindedEngine(), new PSSParameterSpec("SHA-224", "MGF1", new MGF1ParameterSpec("SHA-224"), 28, 1));
-        }
-    }
-    
-    static public class SHA256withRSA
-        extends PSSSignatureSpi
-    {
-        public SHA256withRSA()
-        {
-            super(new RSABlindedEngine(), new PSSParameterSpec("SHA-256", "MGF1", new MGF1ParameterSpec("SHA-256"), 32, 1));
-        }
-    }
-
-    static public class SHA384withRSA
-        extends PSSSignatureSpi
-    {
-        public SHA384withRSA()
-        {
-            super(new RSABlindedEngine(), new PSSParameterSpec("SHA-384", "MGF1", new MGF1ParameterSpec("SHA-384"), 48, 1));
-        }
-    }
-
-    static public class SHA512withRSA
-        extends PSSSignatureSpi
-    {
-        public SHA512withRSA()
-        {
-            super(new RSABlindedEngine(), new PSSParameterSpec("SHA-512", "MGF1", new MGF1ParameterSpec("SHA-512"), 64, 1));
-        }
-    }
-
-    static public class SHA512_224withRSA
-        extends PSSSignatureSpi
-    {
-        public SHA512_224withRSA()
-        {
-            super(new RSABlindedEngine(), new PSSParameterSpec("SHA-512(224)", "MGF1", new MGF1ParameterSpec("SHA-512(224)"), 28, 1));
-        }
-    }
-
-    static public class SHA512_256withRSA
-        extends PSSSignatureSpi
-    {
-        public SHA512_256withRSA()
-        {
-            super(new RSABlindedEngine(), new PSSParameterSpec("SHA-512(256)", "MGF1", new MGF1ParameterSpec("SHA-512(256)"), 32, 1));
-        }
-    }
-
-    static public class SHA3_224withRSA
-        extends PSSSignatureSpi
-    {
-        public SHA3_224withRSA()
-        {
-            super(new RSABlindedEngine(), new PSSParameterSpec("SHA3-224", "MGF1", new MGF1ParameterSpec("SHA3-224"), 28, 1));
-        }
-    }
-
-    static public class SHA3_256withRSA
-        extends PSSSignatureSpi
-    {
-        public SHA3_256withRSA()
-        {
-            super(new RSABlindedEngine(), new PSSParameterSpec("SHA3-256", "MGF1", new MGF1ParameterSpec("SHA3-256"), 32, 1));
-        }
-    }
-
-    static public class SHA3_384withRSA
-        extends PSSSignatureSpi
-    {
-        public SHA3_384withRSA()
-        {
-            super(new RSABlindedEngine(), new PSSParameterSpec("SHA3-384", "MGF1", new MGF1ParameterSpec("SHA3-384"), 48, 1));
-        }
-    }
-
-    static public class SHA3_512withRSA
-        extends PSSSignatureSpi
-    {
-        public SHA3_512withRSA()
-        {
-            super(new RSABlindedEngine(), new PSSParameterSpec("SHA3-512", "MGF1", new MGF1ParameterSpec("SHA3-512"), 64, 1));
-        }
-    }
-
-    private class NullPssDigest
-        implements Digest
-    {
-        private ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        private Digest baseDigest;
-        private boolean oddTime = true;
-
-        public NullPssDigest(Digest mgfDigest)
-        {
-            this.baseDigest = mgfDigest;
-        }
-
-        public String getAlgorithmName()
-        {
-            return "NULL";
-        }
-
-        public int getDigestSize()
-        {
-            return baseDigest.getDigestSize();
-        }
-
-        public void update(byte in)
-        {
-            bOut.write(in);
-        }
-
-        public void update(byte[] in, int inOff, int len)
-        {
-            bOut.write(in, inOff, len);
-        }
-
-        public int doFinal(byte[] out, int outOff)
-        {
-            byte[] res = bOut.toByteArray();
-
-            if (oddTime)
-            {
-                System.arraycopy(res, 0, out, outOff, res.length);
-            }
-            else
-            {
-                baseDigest.update(res, 0, res.length);
-
-                baseDigest.doFinal(out, outOff);
-            }
-
-            reset();
-
-            oddTime = !oddTime;
-
-            return res.length;
-        }
-
-        public void reset()
-        {
-            bOut.reset();
-            baseDigest.reset();
-        }
-
-        public int getByteLength()
-        {
-            return 0;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/X931SignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/X931SignatureSpi.java
deleted file mode 100644
index c05daef..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/rsa/X931SignatureSpi.java
+++ /dev/null

@@ -1,206 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.rsa;
-
-import java.security.InvalidKeyException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SignatureException;
-import java.security.SignatureSpi;
-import java.security.interfaces.RSAPrivateKey;
-import java.security.interfaces.RSAPublicKey;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.crypto.AsymmetricBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.RIPEMD128Digest;
-import org.bouncycastle.crypto.digests.RIPEMD160Digest;
-import org.bouncycastle.crypto.digests.WhirlpoolDigest;
-import org.bouncycastle.crypto.engines.RSABlindedEngine;
-import org.bouncycastle.crypto.signers.X931Signer;
-import org.bouncycastle.crypto.util.DigestFactory;
-
-public class X931SignatureSpi
-    extends SignatureSpi
-{
-    private X931Signer signer;
-
-    protected X931SignatureSpi(
-        Digest digest,
-        AsymmetricBlockCipher cipher)
-    {
-        signer = new X931Signer(cipher, digest);
-    }
-
-    protected void engineInitVerify(
-        PublicKey publicKey)
-        throws InvalidKeyException
-    {
-        CipherParameters param = RSAUtil.generatePublicKeyParameter((RSAPublicKey)publicKey);
-
-        signer.init(false, param);
-    }
-
-    protected void engineInitSign(
-        PrivateKey privateKey)
-        throws InvalidKeyException
-    {
-        CipherParameters param = RSAUtil.generatePrivateKeyParameter((RSAPrivateKey)privateKey);
-
-        signer.init(true, param);
-    }
-
-    protected void engineUpdate(
-        byte    b)
-        throws SignatureException
-    {
-        signer.update(b);
-    }
-
-    protected void engineUpdate(
-        byte[]  b,
-        int     off,
-        int     len) 
-        throws SignatureException
-    {
-        signer.update(b, off, len);
-    }
-
-    protected byte[] engineSign()
-        throws SignatureException
-    {
-        try
-        {
-            byte[]  sig = signer.generateSignature();
-
-            return sig;
-        }
-        catch (Exception e)
-        {
-            throw new SignatureException(e.toString());
-        }
-    }
-
-    protected boolean engineVerify(
-        byte[]  sigBytes) 
-        throws SignatureException
-    {
-        boolean yes = signer.verifySignature(sigBytes);
-
-        return yes;
-    }
-
-    protected void engineSetParameter(
-        AlgorithmParameterSpec params)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    /**
-     * @deprecated replaced with <a href="#engineSetParameter(java.security.spec.AlgorithmParameterSpec)">engineSetParameter(java.security.spec.AlgorithmParameterSpec)</a>
-     */
-    protected void engineSetParameter(
-        String param,
-        Object value)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    /**
-     * @deprecated
-     */
-    protected Object engineGetParameter(
-        String param)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    static public class RIPEMD128WithRSAEncryption
-        extends X931SignatureSpi
-    {
-        public RIPEMD128WithRSAEncryption()
-        {
-            super(new RIPEMD128Digest(), new RSABlindedEngine());
-        }
-    }
-
-    static public class RIPEMD160WithRSAEncryption
-        extends X931SignatureSpi
-    {
-        public RIPEMD160WithRSAEncryption()
-        {
-            super(new RIPEMD160Digest(), new RSABlindedEngine());
-        }
-    }
-
-    static public class SHA1WithRSAEncryption
-        extends X931SignatureSpi
-    {
-        public SHA1WithRSAEncryption()
-        {
-            super(DigestFactory.createSHA1(), new RSABlindedEngine());
-        }
-    }
-
-    static public class SHA224WithRSAEncryption
-        extends X931SignatureSpi
-    {
-        public SHA224WithRSAEncryption()
-        {
-            super(DigestFactory.createSHA224(), new RSABlindedEngine());
-        }
-    }
-
-    static public class SHA256WithRSAEncryption
-        extends X931SignatureSpi
-    {
-        public SHA256WithRSAEncryption()
-        {
-            super(DigestFactory.createSHA256(), new RSABlindedEngine());
-        }
-    }
-
-    static public class SHA384WithRSAEncryption
-        extends X931SignatureSpi
-    {
-        public SHA384WithRSAEncryption()
-        {
-            super(DigestFactory.createSHA384(), new RSABlindedEngine());
-        }
-    }
-
-    static public class SHA512WithRSAEncryption
-        extends X931SignatureSpi
-    {
-        public SHA512WithRSAEncryption()
-        {
-            super(DigestFactory.createSHA512(), new RSABlindedEngine());
-        }
-    }
-
-    static public class SHA512_224WithRSAEncryption
-        extends X931SignatureSpi
-    {
-        public SHA512_224WithRSAEncryption()
-        {
-            super(DigestFactory.createSHA512_224(), new RSABlindedEngine());
-        }
-    }
-
-    static public class SHA512_256WithRSAEncryption
-        extends X931SignatureSpi
-    {
-        public SHA512_256WithRSAEncryption()
-        {
-            super(DigestFactory.createSHA512_256(), new RSABlindedEngine());
-        }
-    }
-
-    static public class WhirlpoolWithRSAEncryption
-        extends X931SignatureSpi
-    {
-        public WhirlpoolWithRSAEncryption()
-        {
-            super(new WhirlpoolDigest(), new RSABlindedEngine());
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseAgreementSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseAgreementSpi.java
index abac079..b449dc5 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseAgreementSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseAgreementSpi.java

@@ -11,8 +11,9 @@
 import javax.crypto.spec.SecretKeySpec;
 
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.gnu.GNUObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// import org.bouncycastle.asn1.gnu.GNUObjectIdentifiers;
 import org.bouncycastle.asn1.kisa.KISAObjectIdentifiers;
 import org.bouncycastle.asn1.misc.MiscObjectIdentifiers;
 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
@@ -20,8 +21,9 @@
 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
 import org.bouncycastle.crypto.DerivationFunction;
-import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters;
-import org.bouncycastle.crypto.agreement.kdf.DHKEKGenerator;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters;
+// import org.bouncycastle.crypto.agreement.kdf.DHKEKGenerator;
 import org.bouncycastle.crypto.params.DESParameters;
 import org.bouncycastle.crypto.params.KDFParameters;
 import org.bouncycastle.util.Arrays;
@@ -80,9 +82,10 @@
         keySizes.put(PKCSObjectIdentifiers.des_EDE3_CBC.getId(), i192);
         keySizes.put(OIWObjectIdentifiers.desCBC.getId(), i64);
 
-        keySizes.put(CryptoProObjectIdentifiers.gostR28147_gcfb.getId(), i256);
-        keySizes.put(CryptoProObjectIdentifiers.id_Gost28147_89_None_KeyWrap.getId(), i256);
-        keySizes.put(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_KeyWrap.getId(), i256);
+        // Android-removed: Unsupported algorithms
+        // keySizes.put(CryptoProObjectIdentifiers.gostR28147_gcfb.getId(), i256);
+        // keySizes.put(CryptoProObjectIdentifiers.id_Gost28147_89_None_KeyWrap.getId(), i256);
+        // keySizes.put(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_KeyWrap.getId(), i256);
 
         keySizes.put(PKCSObjectIdentifiers.id_hmacWithSHA1.getId(), Integers.valueOf(160));
         keySizes.put(PKCSObjectIdentifiers.id_hmacWithSHA256.getId(), i256);
@@ -123,7 +126,8 @@
         nameTable.put(KISAObjectIdentifiers.id_npki_app_cmsSeed_wrap.getId(), "SEED");
         nameTable.put(KISAObjectIdentifiers.id_seedCBC.getId(), "SEED");
         nameTable.put(KISAObjectIdentifiers.id_seedMAC.getId(), "SEED");
-        nameTable.put(CryptoProObjectIdentifiers.gostR28147_gcfb.getId(), "GOST28147");
+        // Android-removed: Unsupported algorithm
+        // nameTable.put(CryptoProObjectIdentifiers.gostR28147_gcfb.getId(), "GOST28147");
 
         nameTable.put(NISTObjectIdentifiers.id_aes128_wrap.getId(), "AES");
         nameTable.put(NISTObjectIdentifiers.id_aes128_CCM.getId(), "AES");
@@ -162,10 +166,12 @@
         {
             return "AES";
         }
-        if (algDetails.startsWith(GNUObjectIdentifiers.Serpent.getId()))
-        {
-            return "Serpent";
-        }
+        // BEGIN Android-removed: Unsupported algorithm
+        // if (algDetails.startsWith(GNUObjectIdentifiers.Serpent.getId()))
+        // {
+        //     return "Serpent";
+        // }
+        // END Android-removed: Unsupported algorithms
 
         String name = (String)nameTable.get(Strings.toUpperCase(algDetails));
 
@@ -288,6 +294,8 @@
             }
             byte[] keyBytes = new byte[keySize / 8];
 
+            // BEGIN Android-removed: Unsupported algorithm
+            /*
             if (kdf instanceof DHKEKGenerator)
             {
                 if (oidAlgorithm == null)
@@ -308,6 +316,8 @@
                 kdf.init(params);
             }
             else
+            */
+            // END Android-removed: Unsupported algorithm
             {
                 KDFParameters params = new KDFParameters(secret, ukmParameters);
 

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java
index 3284ad0..978eef8 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java

@@ -19,8 +19,9 @@
 import javax.crypto.NoSuchPaddingException;
 import javax.crypto.spec.IvParameterSpec;
 import javax.crypto.spec.PBEParameterSpec;
-import javax.crypto.spec.RC2ParameterSpec;
-import javax.crypto.spec.RC5ParameterSpec;
+// Android-removed: Unsupported algorithms
+// import javax.crypto.spec.RC2ParameterSpec;
+// import javax.crypto.spec.RC5ParameterSpec;
 import javax.crypto.spec.SecretKeySpec;
 
 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
@@ -41,8 +42,9 @@
                                     {
                                         IvParameterSpec.class,
                                         PBEParameterSpec.class,
-                                        RC2ParameterSpec.class,
-                                        RC5ParameterSpec.class
+                                        // Android-removed: Unsupported algorithms
+                                        // RC2ParameterSpec.class,
+                                        // RC5ParameterSpec.class
                                     };
 
     private final JcaJceHelper helper = new BCJcaJceHelper();

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/DESUtil.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/DESUtil.java
deleted file mode 100644
index 2409fb0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/DESUtil.java
+++ /dev/null

@@ -1,53 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.util;
-
-import java.util.HashSet;
-import java.util.Set;
-
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.util.Strings;
-
-public class DESUtil
-{
-    private static final Set<String> des = new HashSet<String>();
-
-    static
-    {
-        des.add("DES");
-        des.add("DESEDE");
-        des.add(OIWObjectIdentifiers.desCBC.getId());
-        des.add(PKCSObjectIdentifiers.des_EDE3_CBC.getId());
-        des.add(PKCSObjectIdentifiers.des_EDE3_CBC.getId());
-        des.add(PKCSObjectIdentifiers.id_alg_CMS3DESwrap.getId());
-    }
-
-    public static boolean isDES(String algorithmID)
-    {
-        String name = Strings.toUpperCase(algorithmID);
-
-        return des.contains(name);
-    }
-
-    /**
-     * DES Keys use the LSB as the odd parity bit.  This can
-     * be used to check for corrupt keys.
-     *
-     * @param bytes the byte array to set the parity on.
-     */
-    public static void setOddParity(
-        byte[] bytes)
-    {
-        for (int i = 0; i < bytes.length; i++)
-        {
-            int b = bytes[i];
-            bytes[i] = (byte)((b & 0xfe) |
-                            ((((b >> 1) ^
-                            (b >> 2) ^
-                            (b >> 3) ^
-                            (b >> 4) ^
-                            (b >> 5) ^
-                            (b >> 6) ^
-                            (b >> 7)) ^ 0x01) & 0x01));
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/EC5Util.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/EC5Util.java
index de7536b..91e15b7 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/EC5Util.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/EC5Util.java

@@ -47,6 +47,8 @@
             }
         }
 
+        // BEGIN Android-removed: Unsupported curves
+        /*
         X9ECParameters x9_25519 = CustomNamedCurves.getByName("Curve25519");
         ECCurve c_25519 = x9_25519.getCurve();
 
@@ -57,6 +59,8 @@
             c_25519.getOrder(),
             c_25519.getCofactor()
             ), c_25519);
+        */
+        // END Android-removed: Unsupported curves
     }
 
     public static ECCurve getCurve(

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/GOST3410Util.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/GOST3410Util.java
deleted file mode 100644
index 850ab9d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/GOST3410Util.java
+++ /dev/null

@@ -1,52 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.util;
-
-import java.security.InvalidKeyException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.GOST3410Parameters;
-import org.bouncycastle.crypto.params.GOST3410PrivateKeyParameters;
-import org.bouncycastle.crypto.params.GOST3410PublicKeyParameters;
-import org.bouncycastle.jce.interfaces.GOST3410PrivateKey;
-import org.bouncycastle.jce.interfaces.GOST3410PublicKey;
-import org.bouncycastle.jce.spec.GOST3410PublicKeyParameterSetSpec;
-
-/**
- * utility class for converting jce/jca GOST3410-94 objects
- * objects into their org.bouncycastle.crypto counterparts.
- */
-public class GOST3410Util
-{
-    static public AsymmetricKeyParameter generatePublicKeyParameter(
-        PublicKey    key)
-        throws InvalidKeyException
-    {
-        if (key instanceof GOST3410PublicKey)
-        {
-            GOST3410PublicKey          k = (GOST3410PublicKey)key;
-            GOST3410PublicKeyParameterSetSpec p = k.getParameters().getPublicKeyParameters();
-            
-            return new GOST3410PublicKeyParameters(k.getY(),
-                new GOST3410Parameters(p.getP(), p.getQ(), p.getA()));
-        }
-
-        throw new InvalidKeyException("can't identify GOST3410 public key: " + key.getClass().getName());
-    }
-
-    static public AsymmetricKeyParameter generatePrivateKeyParameter(
-        PrivateKey    key)
-        throws InvalidKeyException
-    {
-        if (key instanceof GOST3410PrivateKey)
-        {
-            GOST3410PrivateKey         k = (GOST3410PrivateKey)key;
-            GOST3410PublicKeyParameterSetSpec p = k.getParameters().getPublicKeyParameters();
-            
-            return new GOST3410PrivateKeyParameters(k.getX(),
-                new GOST3410Parameters(p.getP(), p.getQ(), p.getA()));
-        }
-
-        throw new InvalidKeyException("can't identify GOST3410 private key.");
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/IESUtil.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/IESUtil.java
deleted file mode 100644
index 63373b2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/util/IESUtil.java
+++ /dev/null

@@ -1,38 +0,0 @@
-package org.bouncycastle.jcajce.provider.asymmetric.util;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.jce.spec.IESParameterSpec;
-
-public class IESUtil
-{
-    public static IESParameterSpec guessParameterSpec(BufferedBlockCipher iesBlockCipher, byte[] nonce)
-    {
-        if (iesBlockCipher == null)
-        {
-            return new IESParameterSpec(null, null, 128);
-        }
-        else
-        {
-            BlockCipher underlyingCipher = iesBlockCipher.getUnderlyingCipher();
-
-            if (underlyingCipher.getAlgorithmName().equals("DES") ||
-                underlyingCipher.getAlgorithmName().equals("RC2") ||
-                underlyingCipher.getAlgorithmName().equals("RC5-32") ||
-                underlyingCipher.getAlgorithmName().equals("RC5-64"))
-            {
-                return new IESParameterSpec(null, null, 64, 64, nonce);
-            }
-            else if (underlyingCipher.getAlgorithmName().equals("SKIPJACK"))
-            {
-                return new IESParameterSpec(null, null, 80, 80, nonce);
-            }
-            else if (underlyingCipher.getAlgorithmName().equals("GOST28147"))
-            {
-                return new IESParameterSpec(null, null, 256, 256, nonce);
-            }
-
-            return new IESParameterSpec(null, null, 128, 128, nonce);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java
index f6cec93..4b84ddd 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java

@@ -4,6 +4,8 @@
 import java.io.ByteArrayInputStream;
 import java.io.IOException;
 import java.io.InputStream;
+// Android-added: Use PushbackInputStream
+import java.io.PushbackInputStream;
 import java.security.cert.CRL;
 import java.security.cert.CRLException;
 import java.security.cert.CertPath;
@@ -214,10 +216,22 @@
             }
             else
             {
-                pis = new ByteArrayInputStream(Streams.readAll(in));
+                // Android-changed: Use PushbackInputStream instead of ByteArrayInputStream.
+                // we want {@code in.available()} to return the number of available bytes if
+                // there is trailing data (otherwise it breaks
+                // libcore.java.security.cert.X509CertificateTest#test_Provider
+                // ). Which is not possible if we read the whole stream at this point.
+                // // pis = new ByteArrayInputStream(Streams.readAll(in));
+                pis = new PushbackInputStream(in);
             }
 
-            pis.mark(1);
+            // BEGIN Android-changed: Use PushbackInputStream
+            // pis.mark(1);
+            if (in.markSupported()) {
+                pis.mark(1);
+            }
+            // END Android-changed: Use PushbackInputStream
+
             int tag = pis.read();
 
             if (tag == -1)
@@ -225,7 +239,17 @@
                 return null;
             }
 
-            pis.reset();
+            // BEGIN Android-changed: Use PushbackInputStream
+            // pis.reset
+            if (in.markSupported()) {
+                pis.reset();
+            }
+            else
+            {
+                ((PushbackInputStream) pis).unread(tag);
+            }
+            // END Android-changed: Use PushbackInputStream
+
             if (tag != 0x30)  // assume ascii PEM encoded.
             {
                 return readPEMCertificate(pis);
@@ -250,11 +274,17 @@
         throws CertificateException
     {
         java.security.cert.Certificate     cert;
-        BufferedInputStream in = new BufferedInputStream(inStream);
-
+        // Android-removed: Don't read entire stream immediately.
+        // we want {@code in.available()} to return the number of available bytes if
+        // there is trailing data (otherwise it breaks
+        // libcore.java.security.cert.X509CertificateTest#test_Provider
+        // ). Which is not possible if we read the whole stream at this point.
+        // BufferedInputStream in = new BufferedInputStream(inStream);
         List certs = new ArrayList();
 
-        while ((cert = engineGenerateCertificate(in)) != null)
+        // Android-changed: Read from original stream
+        // while ((cert = engineGenerateCertificate(in)) != null)
+        while ((cert = engineGenerateCertificate(inStream)) != null)
         {
             certs.add(cert);
         }

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java
index 1664a9c..98b3a05 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java

@@ -37,7 +37,8 @@
 import org.bouncycastle.jcajce.util.BCJcaJceHelper;
 import org.bouncycastle.jcajce.util.JcaJceHelper;
 import org.bouncycastle.util.io.pem.PemObject;
-import org.bouncycastle.util.io.pem.PemWriter;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.util.io.pem.PemWriter;
 
 /**
  * CertPath implementation for X.509 certificates.
@@ -53,7 +54,8 @@
     {
         List encodings = new ArrayList();
         encodings.add("PkiPath");
-        encodings.add("PEM");
+        // Android-removed: Unsupported algorithms
+        // encodings.add("PEM");
         encodings.add("PKCS7");
         certPathEncodings = Collections.unmodifiableList(encodings);
     }
@@ -300,6 +302,8 @@
             return toDEREncoded(new ContentInfo(
                     PKCSObjectIdentifiers.signedData, sd));
         }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         else if (encoding.equalsIgnoreCase("PEM"))
         {
             ByteArrayOutputStream bOut = new ByteArrayOutputStream();
@@ -321,6 +325,8 @@
 
             return bOut.toByteArray();
         }
+        */
+        // END Android-removed: Unsupported algorithms
         else
         {
             throw new CertificateEncodingException("unsupported encoding: " + encoding);

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java
index ca77c3d..bfd7c25 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java

@@ -56,6 +56,9 @@
 import org.bouncycastle.asn1.x509.Extensions;
 import org.bouncycastle.asn1.x509.GeneralName;
 import org.bouncycastle.asn1.x509.KeyUsage;
+// BEGIN Android-added: Unknown reason
+import org.bouncycastle.asn1.x509.X509Name;
+// END Android-added: Unknown reason
 import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl;
 import org.bouncycastle.jcajce.util.JcaJceHelper;
 import org.bouncycastle.jce.X509Principal;
@@ -539,12 +542,19 @@
         }
     }
 
+    // Android-added: Cache the encoded certificate
+    private byte[] encoded;
     public byte[] getEncoded()
         throws CertificateEncodingException
     {
         try
         {
-            return c.getEncoded(ASN1Encoding.DER);
+            // BEGIN Android-changed: Cache the encoded certificate
+            if (encoded == null) {
+                encoded = c.getEncoded(ASN1Encoding.DER);
+            }
+            return encoded;
+            // END Android-changed: Cache the encoded certificate
         }
         catch (IOException e)
         {
@@ -868,7 +878,9 @@
                     list.add(genName.getEncoded());
                     break;
                 case GeneralName.directoryName:
-                    list.add(X500Name.getInstance(RFC4519Style.INSTANCE, genName.getName()).toString());
+                    // Android-changed: Unknown reason
+                    // list.add(X500Name.getInstance(RFC4519Style.INSTANCE, genName.getName()).toString());
+                    list.add(X509Name.getInstance(genName.getName()).toString(true, X509Name.DefaultSymbols));
                     break;
                 case GeneralName.dNSName:
                 case GeneralName.rfc822Name:

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/Blake2b.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/Blake2b.java
deleted file mode 100644
index 0eb978a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/Blake2b.java
+++ /dev/null

@@ -1,114 +0,0 @@
-package org.bouncycastle.jcajce.provider.digest;
-
-import org.bouncycastle.asn1.misc.MiscObjectIdentifiers;
-import org.bouncycastle.crypto.digests.Blake2bDigest;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-
-public class Blake2b
-{
-    private Blake2b()
-    {
-
-    }
-
-    static public class Blake2b512
-        extends BCMessageDigest
-        implements Cloneable
-    {
-        public Blake2b512()
-        {
-            super(new Blake2bDigest(512));
-        }
-
-        public Object clone()
-            throws CloneNotSupportedException
-        {
-            Blake2b512 d = (Blake2b512)super.clone();
-            d.digest = new Blake2bDigest((Blake2bDigest)digest);
-
-            return d;
-        }
-    }
-
-    static public class Blake2b384
-        extends BCMessageDigest
-        implements Cloneable
-    {
-        public Blake2b384()
-        {
-            super(new Blake2bDigest(384));
-        }
-
-        public Object clone()
-            throws CloneNotSupportedException
-        {
-            Blake2b384 d = (Blake2b384)super.clone();
-            d.digest = new Blake2bDigest((Blake2bDigest)digest);
-
-            return d;
-        }
-    }
-
-    static public class Blake2b256
-        extends BCMessageDigest
-        implements Cloneable
-    {
-        public Blake2b256()
-        {
-            super(new Blake2bDigest(256));
-        }
-
-        public Object clone()
-            throws CloneNotSupportedException
-        {
-            Blake2b256 d = (Blake2b256)super.clone();
-            d.digest = new Blake2bDigest((Blake2bDigest)digest);
-
-            return d;
-        }
-    }
-
-    static public class Blake2b160
-        extends BCMessageDigest
-        implements Cloneable
-    {
-        public Blake2b160()
-        {
-            super(new Blake2bDigest(160));
-        }
-
-        public Object clone()
-            throws CloneNotSupportedException
-        {
-            Blake2b160 d = (Blake2b160)super.clone();
-            d.digest = new Blake2bDigest((Blake2bDigest)digest);
-
-            return d;
-        }
-    }
-
-    public static class Mappings
-        extends DigestAlgorithmProvider
-    {
-        private static final String PREFIX = Blake2b.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("MessageDigest.BLAKE2B-512", PREFIX + "$Blake2b512");
-            provider.addAlgorithm("Alg.Alias.MessageDigest." + MiscObjectIdentifiers.id_blake2b512, "BLAKE2B-512");
-
-            provider.addAlgorithm("MessageDigest.BLAKE2B-384", PREFIX + "$Blake2b384");
-            provider.addAlgorithm("Alg.Alias.MessageDigest." + MiscObjectIdentifiers.id_blake2b384, "BLAKE2B-384");
-
-            provider.addAlgorithm("MessageDigest.BLAKE2B-256", PREFIX + "$Blake2b256");
-            provider.addAlgorithm("Alg.Alias.MessageDigest." + MiscObjectIdentifiers.id_blake2b256, "BLAKE2B-256");
-
-            provider.addAlgorithm("MessageDigest.BLAKE2B-160", PREFIX + "$Blake2b160");
-            provider.addAlgorithm("Alg.Alias.MessageDigest." + MiscObjectIdentifiers.id_blake2b160, "BLAKE2B-160");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/Blake2s.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/Blake2s.java
deleted file mode 100644
index a79fbe9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/Blake2s.java
+++ /dev/null

@@ -1,114 +0,0 @@
-package org.bouncycastle.jcajce.provider.digest;
-
-import org.bouncycastle.asn1.misc.MiscObjectIdentifiers;
-import org.bouncycastle.crypto.digests.Blake2sDigest;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-
-public class Blake2s
-{
-    private Blake2s()
-    {
-
-    }
-
-    static public class Blake2s256
-        extends BCMessageDigest
-        implements Cloneable
-    {
-        public Blake2s256()
-        {
-            super(new Blake2sDigest(256));
-        }
-
-        public Object clone()
-            throws CloneNotSupportedException
-        {
-            Blake2s256 d = (Blake2s256)super.clone();
-            d.digest = new Blake2sDigest((Blake2sDigest)digest);
-
-            return d;
-        }
-    }
-
-    static public class Blake2s224
-        extends BCMessageDigest
-        implements Cloneable
-    {
-        public Blake2s224()
-        {
-            super(new Blake2sDigest(224));
-        }
-
-        public Object clone()
-            throws CloneNotSupportedException
-        {
-            Blake2s224 d = (Blake2s224)super.clone();
-            d.digest = new Blake2sDigest((Blake2sDigest)digest);
-
-            return d;
-        }
-    }
-
-    static public class Blake2s160
-        extends BCMessageDigest
-        implements Cloneable
-    {
-        public Blake2s160()
-        {
-            super(new Blake2sDigest(160));
-        }
-
-        public Object clone()
-            throws CloneNotSupportedException
-        {
-            Blake2s160 d = (Blake2s160)super.clone();
-            d.digest = new Blake2sDigest((Blake2sDigest)digest);
-
-            return d;
-        }
-    }
-
-    static public class Blake2s128
-        extends BCMessageDigest
-        implements Cloneable
-    {
-        public Blake2s128()
-        {
-            super(new Blake2sDigest(128));
-        }
-
-        public Object clone()
-            throws CloneNotSupportedException
-        {
-            Blake2s128 d = (Blake2s128)super.clone();
-            d.digest = new Blake2sDigest((Blake2sDigest)digest);
-
-            return d;
-        }
-    }
-
-    public static class Mappings
-        extends DigestAlgorithmProvider
-    {
-        private static final String PREFIX = Blake2s.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("MessageDigest.BLAKE2S-256", PREFIX + "$Blake2s256");
-            provider.addAlgorithm("Alg.Alias.MessageDigest." + MiscObjectIdentifiers.id_blake2s256, "BLAKE2S-256");
-
-            provider.addAlgorithm("MessageDigest.BLAKE2S-224", PREFIX + "$Blake2s224");
-            provider.addAlgorithm("Alg.Alias.MessageDigest." + MiscObjectIdentifiers.id_blake2s224, "BLAKE2S-224");
-
-            provider.addAlgorithm("MessageDigest.BLAKE2S-160", PREFIX + "$Blake2s160");
-            provider.addAlgorithm("Alg.Alias.MessageDigest." + MiscObjectIdentifiers.id_blake2s160, "BLAKE2S-160");
-
-            provider.addAlgorithm("MessageDigest.BLAKE2S-128", PREFIX + "$Blake2s128");
-            provider.addAlgorithm("Alg.Alias.MessageDigest." + MiscObjectIdentifiers.id_blake2s128, "BLAKE2S-128");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/DSTU7564.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/DSTU7564.java
deleted file mode 100644
index 3f354cf..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/DSTU7564.java
+++ /dev/null

@@ -1,146 +0,0 @@
-package org.bouncycastle.jcajce.provider.digest;
-
-import org.bouncycastle.asn1.ua.UAObjectIdentifiers;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.digests.DSTU7564Digest;
-import org.bouncycastle.crypto.macs.DSTU7564Mac;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-
-public class DSTU7564
-{
-    private DSTU7564()
-    {
-
-    }
-
-    static public class DigestDSTU7564
-        extends BCMessageDigest
-        implements Cloneable
-    {
-        public DigestDSTU7564(int size)
-        {
-            super(new DSTU7564Digest(size));
-        }
-
-        public Object clone()
-            throws CloneNotSupportedException
-        {
-            BCMessageDigest d = (BCMessageDigest)super.clone();
-            d.digest = new DSTU7564Digest((DSTU7564Digest)digest);
-
-            return d;
-        }
-    }
-
-    static public class Digest256
-        extends DigestDSTU7564
-    {
-        public Digest256()
-        {
-            super(256);
-        }
-    }
-
-    static public class Digest384
-        extends DigestDSTU7564
-    {
-        public Digest384()
-        {
-            super(384);
-        }
-    }
-
-    static public class Digest512
-        extends DigestDSTU7564
-    {
-        public Digest512()
-        {
-            super(512);
-        }
-    }
-
-    public static class HashMac256
-        extends BaseMac
-    {
-        public HashMac256()
-        {
-            super(new DSTU7564Mac(256));
-        }
-    }
-
-    public static class HashMac384
-        extends BaseMac
-    {
-        public HashMac384()
-        {
-            super(new DSTU7564Mac(384));
-        }
-    }
-
-    public static class HashMac512
-        extends BaseMac
-    {
-        public HashMac512()
-        {
-            super(new DSTU7564Mac(512));
-        }
-    }
-
-    public static class KeyGenerator256
-        extends BaseKeyGenerator
-    {
-        public KeyGenerator256()
-        {
-            super("HMACDSTU7564-256", 256, new CipherKeyGenerator());
-        }
-    }
-
-    public static class KeyGenerator384
-        extends BaseKeyGenerator
-    {
-        public KeyGenerator384()
-        {
-            super("HMACDSTU7564-384", 384, new CipherKeyGenerator());
-        }
-    }
-
-    public static class KeyGenerator512
-        extends BaseKeyGenerator
-    {
-        public KeyGenerator512()
-        {
-            super("HMACDSTU7564-512", 512, new CipherKeyGenerator());
-        }
-    }
-
-    public static class Mappings
-        extends DigestAlgorithmProvider
-    {
-        private static final String PREFIX = DSTU7564.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("MessageDigest.DSTU7564-256", PREFIX + "$Digest256");
-            provider.addAlgorithm("MessageDigest.DSTU7564-384", PREFIX + "$Digest384");
-            provider.addAlgorithm("MessageDigest.DSTU7564-512", PREFIX + "$Digest512");
-
-            provider.addAlgorithm("MessageDigest", UAObjectIdentifiers.dstu7564digest_256, PREFIX + "$Digest256");
-            provider.addAlgorithm("MessageDigest", UAObjectIdentifiers.dstu7564digest_384, PREFIX + "$Digest384");
-            provider.addAlgorithm("MessageDigest", UAObjectIdentifiers.dstu7564digest_512, PREFIX + "$Digest512");
-
-            addHMACAlgorithm(provider, "DSTU7564-256", PREFIX + "$HashMac256", PREFIX + "$KeyGenerator256");
-            addHMACAlgorithm(provider, "DSTU7564-384", PREFIX + "$HashMac384", PREFIX + "$KeyGenerator384");
-            addHMACAlgorithm(provider, "DSTU7564-512", PREFIX + "$HashMac512", PREFIX + "$KeyGenerator512");
-
-            addHMACAlias(provider, "DSTU7564-256", UAObjectIdentifiers.dstu7564mac_256);
-            addHMACAlias(provider, "DSTU7564-384", UAObjectIdentifiers.dstu7564mac_384);
-            addHMACAlias(provider, "DSTU7564-512", UAObjectIdentifiers.dstu7564mac_512);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/GOST3411.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/GOST3411.java
deleted file mode 100644
index 6d5dfa3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/GOST3411.java
+++ /dev/null

@@ -1,187 +0,0 @@
-package org.bouncycastle.jcajce.provider.digest;
-
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.digests.GOST3411Digest;
-import org.bouncycastle.crypto.digests.GOST3411_2012_256Digest;
-import org.bouncycastle.crypto.digests.GOST3411_2012_512Digest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory;
-
-public class GOST3411
-{
-    private GOST3411()
-    {
-
-    }
-
-    static public class Digest
-        extends BCMessageDigest
-        implements Cloneable
-    {
-        public Digest()
-        {
-            super(new GOST3411Digest());
-        }
-
-        public Object clone()
-            throws CloneNotSupportedException
-        {
-            Digest d = (Digest)super.clone();
-            d.digest = new GOST3411Digest((GOST3411Digest)digest);
-
-            return d;
-        }
-    }
-
-    static public class Digest2012_256
-        extends BCMessageDigest
-        implements Cloneable
-    {
-        public Digest2012_256()
-        {
-            super(new GOST3411_2012_256Digest());
-        }
-
-        public Object clone()
-            throws CloneNotSupportedException
-        {
-            Digest2012_256 d = (Digest2012_256)super.clone();
-            d.digest = new GOST3411_2012_256Digest((GOST3411_2012_256Digest)digest);
-
-            return d;
-        }
-    }
-
-    static public class Digest2012_512
-        extends BCMessageDigest
-        implements Cloneable
-    {
-        public Digest2012_512()
-        {
-            super(new GOST3411_2012_512Digest());
-        }
-
-        public Object clone()
-            throws CloneNotSupportedException
-        {
-            Digest2012_512 d = (Digest2012_512)super.clone();
-            d.digest = new GOST3411_2012_512Digest((GOST3411_2012_512Digest)digest);
-
-            return d;
-        }
-    }
-
-    /**
-     * GOST3411 HMac
-     */
-    public static class HashMac
-        extends BaseMac
-    {
-        public HashMac()
-        {
-            super(new HMac(new GOST3411Digest()));
-        }
-    }
-
-    public static class HashMac2012_256
-        extends BaseMac
-    {
-        public HashMac2012_256()
-        {
-            super(new HMac(new GOST3411_2012_256Digest()));
-        }
-    }
-
-    public static class HashMac2012_512
-        extends BaseMac
-    {
-        public HashMac2012_512()
-        {
-            super(new HMac(new GOST3411_2012_512Digest()));
-        }
-    }
-
-    /**
-     * PBEWithHmacGOST3411
-     */
-    public static class PBEWithMacKeyFactory
-        extends PBESecretKeyFactory
-    {
-        public PBEWithMacKeyFactory()
-        {
-            super("PBEwithHmacGOST3411", null, false, PKCS12, GOST3411, 256, 0);
-        }
-    }
-
-    public static class KeyGenerator
-        extends BaseKeyGenerator
-    {
-        public KeyGenerator()
-        {
-            super("HMACGOST3411", 256, new CipherKeyGenerator());
-        }
-    }
-
-    public static class KeyGenerator2012_256
-        extends BaseKeyGenerator
-    {
-        public KeyGenerator2012_256()
-        {
-            super("HMACGOST3411", 256, new CipherKeyGenerator());
-        }
-    }
-
-    public static class KeyGenerator2012_512
-        extends BaseKeyGenerator
-    {
-        public KeyGenerator2012_512()
-        {
-            super("HMACGOST3411", 512, new CipherKeyGenerator());
-        }
-    }
-
-    public static class Mappings
-        extends DigestAlgorithmProvider
-    {
-        private static final String PREFIX = GOST3411.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("MessageDigest.GOST3411", PREFIX + "$Digest");
-            provider.addAlgorithm("Alg.Alias.MessageDigest.GOST", "GOST3411");
-            provider.addAlgorithm("Alg.Alias.MessageDigest.GOST-3411", "GOST3411");
-            provider.addAlgorithm("Alg.Alias.MessageDigest." + CryptoProObjectIdentifiers.gostR3411, "GOST3411");
-
-            addHMACAlgorithm(provider, "GOST3411", PREFIX + "$HashMac", PREFIX + "$KeyGenerator");
-            addHMACAlias(provider, "GOST3411", CryptoProObjectIdentifiers.gostR3411);
-
-            provider.addAlgorithm("MessageDigest.GOST3411-2012-256", PREFIX + "$Digest2012_256");
-            provider.addAlgorithm("Alg.Alias.MessageDigest.GOST-2012-256", "GOST3411-2012-256");
-            provider.addAlgorithm("Alg.Alias.MessageDigest.GOST-3411-2012-256", "GOST3411-2012-256");
-            provider.addAlgorithm("Alg.Alias.MessageDigest." + RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256, "GOST3411-2012-256");
-
-            addHMACAlgorithm(provider, "GOST3411-2012-256", PREFIX + "$HashMac2012_256", PREFIX + "$KeyGenerator2012_256");
-            addHMACAlias(provider, "GOST3411-2012-256", RosstandartObjectIdentifiers.id_tc26_hmac_gost_3411_12_256);
-
-            provider.addAlgorithm("MessageDigest.GOST3411-2012-512", PREFIX + "$Digest2012_512");
-            provider.addAlgorithm("Alg.Alias.MessageDigest.GOST-2012-512", "GOST3411-2012-512");
-            provider.addAlgorithm("Alg.Alias.MessageDigest.GOST-3411-2012-512", "GOST3411-2012-512");
-            provider.addAlgorithm("Alg.Alias.MessageDigest." + RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512, "GOST3411-2012-512");
-
-            addHMACAlgorithm(provider, "GOST3411-2012-512", PREFIX + "$HashMac2012_512", PREFIX + "$KeyGenerator2012_512");
-            addHMACAlias(provider, "GOST3411-2012-512", RosstandartObjectIdentifiers.id_tc26_hmac_gost_3411_12_512);
-
-            provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACGOST3411", PREFIX + "$PBEWithMacKeyFactory");
-            provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + CryptoProObjectIdentifiers.gostR3411, "PBEWITHHMACGOST3411");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/Keccak.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/Keccak.java
deleted file mode 100644
index f8b989b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/Keccak.java
+++ /dev/null

@@ -1,195 +0,0 @@
-package org.bouncycastle.jcajce.provider.digest;
-
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.digests.KeccakDigest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-
-public class Keccak
-{
-    private Keccak()
-    {
-
-    }
-
-    static public class DigestKeccak
-        extends BCMessageDigest
-        implements Cloneable
-    {
-        public DigestKeccak(int size)
-        {
-            super(new KeccakDigest(size));
-        }
-
-        public Object clone()
-            throws CloneNotSupportedException
-        {
-            BCMessageDigest d = (BCMessageDigest)super.clone();
-            d.digest = new KeccakDigest((KeccakDigest)digest);
-
-            return d;
-        }
-    }
-
-    static public class Digest224
-        extends DigestKeccak
-    {
-        public Digest224()
-        {
-            super(224);
-        }
-    }
-
-    static public class Digest256
-        extends DigestKeccak
-    {
-        public Digest256()
-        {
-            super(256);
-        }
-    }
-
-    static public class Digest288
-        extends DigestKeccak
-    {
-        public Digest288()
-        {
-            super(288);
-        }
-    }
-
-    static public class Digest384
-        extends DigestKeccak
-    {
-        public Digest384()
-        {
-            super(384);
-        }
-    }
-
-    static public class Digest512
-        extends DigestKeccak
-    {
-        public Digest512()
-        {
-            super(512);
-        }
-    }
-
-    public static class HashMac224
-        extends BaseMac
-    {
-        public HashMac224()
-        {
-            super(new HMac(new KeccakDigest(224)));
-        }
-    }
-
-    public static class HashMac256
-        extends BaseMac
-    {
-        public HashMac256()
-        {
-            super(new HMac(new KeccakDigest(256)));
-        }
-    }
-
-    public static class HashMac288
-        extends BaseMac
-    {
-        public HashMac288()
-        {
-            super(new HMac(new KeccakDigest(288)));
-        }
-    }
-
-    public static class HashMac384
-        extends BaseMac
-    {
-        public HashMac384()
-        {
-            super(new HMac(new KeccakDigest(384)));
-        }
-    }
-
-    public static class HashMac512
-        extends BaseMac
-    {
-        public HashMac512()
-        {
-            super(new HMac(new KeccakDigest(512)));
-        }
-    }
-
-    public static class KeyGenerator224
-        extends BaseKeyGenerator
-    {
-        public KeyGenerator224()
-        {
-            super("HMACKECCAK224", 224, new CipherKeyGenerator());
-        }
-    }
-
-    public static class KeyGenerator256
-        extends BaseKeyGenerator
-    {
-        public KeyGenerator256()
-        {
-            super("HMACKECCAK256", 256, new CipherKeyGenerator());
-        }
-    }
-
-    public static class KeyGenerator288
-        extends BaseKeyGenerator
-    {
-        public KeyGenerator288()
-        {
-            super("HMACKECCAK288", 288, new CipherKeyGenerator());
-        }
-    }
-
-    public static class KeyGenerator384
-        extends BaseKeyGenerator
-    {
-        public KeyGenerator384()
-        {
-            super("HMACKECCAK384", 384, new CipherKeyGenerator());
-        }
-    }
-
-    public static class KeyGenerator512
-        extends BaseKeyGenerator
-    {
-        public KeyGenerator512()
-        {
-            super("HMACKECCAK512", 512, new CipherKeyGenerator());
-        }
-    }
-
-    public static class Mappings
-        extends DigestAlgorithmProvider
-    {
-        private static final String PREFIX = Keccak.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("MessageDigest.KECCAK-224", PREFIX + "$Digest224");
-            provider.addAlgorithm("MessageDigest.KECCAK-288", PREFIX + "$Digest288");
-            provider.addAlgorithm("MessageDigest.KECCAK-256", PREFIX + "$Digest256");
-            provider.addAlgorithm("MessageDigest.KECCAK-384", PREFIX + "$Digest384");
-            provider.addAlgorithm("MessageDigest.KECCAK-512", PREFIX + "$Digest512");
-
-            addHMACAlgorithm(provider, "KECCAK224", PREFIX + "$HashMac224", PREFIX + "$KeyGenerator224");
-            addHMACAlgorithm(provider, "KECCAK256", PREFIX + "$HashMac256", PREFIX + "$KeyGenerator256");
-            addHMACAlgorithm(provider, "KECCAK288", PREFIX + "$HashMac288", PREFIX + "$KeyGenerator288");
-            addHMACAlgorithm(provider, "KECCAK384", PREFIX + "$HashMac384", PREFIX + "$KeyGenerator384");
-            addHMACAlgorithm(provider, "KECCAK512", PREFIX + "$HashMac512", PREFIX + "$KeyGenerator512");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/MD2.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/MD2.java
deleted file mode 100644
index 5a3a2bf..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/MD2.java
+++ /dev/null

@@ -1,75 +0,0 @@
-package org.bouncycastle.jcajce.provider.digest;
-
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.digests.MD2Digest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-
-public class MD2
-{
-    private MD2()
-    {
-
-    }
-
-    static public class Digest
-        extends BCMessageDigest
-        implements Cloneable
-    {
-        public Digest()
-        {
-            super(new MD2Digest());
-        }
-
-        public Object clone()
-            throws CloneNotSupportedException
-        {
-            Digest d = (Digest)super.clone();
-            d.digest = new MD2Digest((MD2Digest)digest);
-
-            return d;
-        }
-    }
-
-    /**
-     * MD2 HMac
-     */
-    public static class HashMac
-        extends BaseMac
-    {
-        public HashMac()
-        {
-            super(new HMac(new MD2Digest()));
-        }
-    }
-
-    public static class KeyGenerator
-        extends BaseKeyGenerator
-    {
-        public KeyGenerator()
-        {
-            super("HMACMD2", 128, new CipherKeyGenerator());
-        }
-    }
-
-    public static class Mappings
-        extends DigestAlgorithmProvider
-    {
-        private static final String PREFIX = MD2.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("MessageDigest.MD2", PREFIX + "$Digest");
-            provider.addAlgorithm("Alg.Alias.MessageDigest." + PKCSObjectIdentifiers.md2, "MD2");
-
-            addHMACAlgorithm(provider, "MD2", PREFIX + "$HashMac", PREFIX + "$KeyGenerator");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/MD4.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/MD4.java
deleted file mode 100644
index 8a30baa..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/MD4.java
+++ /dev/null

@@ -1,75 +0,0 @@
-package org.bouncycastle.jcajce.provider.digest;
-
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.digests.MD4Digest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-
-public class MD4
-{
-    private MD4()
-    {
-
-    }
-
-    /**
-     * MD4 HashMac
-     */
-    public static class HashMac
-        extends BaseMac
-    {
-        public HashMac()
-        {
-            super(new HMac(new MD4Digest()));
-        }
-    }
-
-    public static class KeyGenerator
-        extends BaseKeyGenerator
-    {
-        public KeyGenerator()
-        {
-            super("HMACMD4", 128, new CipherKeyGenerator());
-        }
-    }
-
-    static public class Digest
-        extends BCMessageDigest
-        implements Cloneable
-    {
-        public Digest()
-        {
-            super(new MD4Digest());
-        }
-
-        public Object clone()
-            throws CloneNotSupportedException
-        {
-            Digest d = (Digest)super.clone();
-            d.digest = new MD4Digest((MD4Digest)digest);
-
-            return d;
-        }
-    }
-
-    public static class Mappings
-        extends DigestAlgorithmProvider
-    {
-        private static final String PREFIX = MD4.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("MessageDigest.MD4", PREFIX + "$Digest");
-            provider.addAlgorithm("Alg.Alias.MessageDigest." + PKCSObjectIdentifiers.md4, "MD4");
-
-            addHMACAlgorithm(provider, "MD4", PREFIX + "$HashMac", PREFIX + "$KeyGenerator");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/RIPEMD128.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/RIPEMD128.java
deleted file mode 100644
index e913f65..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/RIPEMD128.java
+++ /dev/null

@@ -1,75 +0,0 @@
-package org.bouncycastle.jcajce.provider.digest;
-
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.digests.RIPEMD128Digest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-
-public class RIPEMD128
-{
-    private RIPEMD128()
-    {
-
-    }
-
-    static public class Digest
-        extends BCMessageDigest
-        implements Cloneable
-    {
-        public Digest()
-        {
-            super(new RIPEMD128Digest());
-        }
-
-        public Object clone()
-            throws CloneNotSupportedException
-        {
-            Digest d = (Digest)super.clone();
-            d.digest = new RIPEMD128Digest((RIPEMD128Digest)digest);
-
-            return d;
-        }
-    }
-
-    /**
-     * RIPEMD128 HashMac
-     */
-    public static class HashMac
-        extends BaseMac
-    {
-        public HashMac()
-        {
-            super(new HMac(new RIPEMD128Digest()));
-        }
-    }
-
-    public static class KeyGenerator
-        extends BaseKeyGenerator
-    {
-        public KeyGenerator()
-        {
-            super("HMACRIPEMD128", 128, new CipherKeyGenerator());
-        }
-    }
-
-    public static class Mappings
-        extends DigestAlgorithmProvider
-    {
-        private static final String PREFIX = RIPEMD128.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("MessageDigest.RIPEMD128", PREFIX + "$Digest");
-            provider.addAlgorithm("Alg.Alias.MessageDigest." + TeleTrusTObjectIdentifiers.ripemd128, "RIPEMD128");            
-
-            addHMACAlgorithm(provider, "RIPEMD128", PREFIX + "$HashMac", PREFIX + "$KeyGenerator");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/RIPEMD160.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/RIPEMD160.java
deleted file mode 100644
index f081713..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/RIPEMD160.java
+++ /dev/null

@@ -1,113 +0,0 @@
-package org.bouncycastle.jcajce.provider.digest;
-
-import org.bouncycastle.asn1.iana.IANAObjectIdentifiers;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.digests.RIPEMD160Digest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory;
-
-public class RIPEMD160
-{
-    private RIPEMD160()
-    {
-
-    }
-
-    static public class Digest
-        extends BCMessageDigest
-        implements Cloneable
-    {
-        public Digest()
-        {
-            super(new RIPEMD160Digest());
-        }
-
-        public Object clone()
-            throws CloneNotSupportedException
-        {
-            Digest d = (Digest)super.clone();
-            d.digest = new RIPEMD160Digest((RIPEMD160Digest)digest);
-
-            return d;
-        }
-    }
-
-    /**
-     * RIPEMD160 HMac
-     */
-    public static class HashMac
-        extends BaseMac
-    {
-        public HashMac()
-        {
-            super(new HMac(new RIPEMD160Digest()));
-        }
-    }
-
-    public static class KeyGenerator
-        extends BaseKeyGenerator
-    {
-        public KeyGenerator()
-        {
-            super("HMACRIPEMD160", 160, new CipherKeyGenerator());
-        }
-    }
-
-
-    //
-    // PKCS12 states that the same algorithm should be used
-    // for the key generation as is used in the HMAC, so that
-    // is what we do here.
-    //
-
-    /**
-     * PBEWithHmacRIPEMD160
-     */
-    public static class PBEWithHmac
-        extends BaseMac
-    {
-        public PBEWithHmac()
-        {
-            super(new HMac(new RIPEMD160Digest()), PKCS12, RIPEMD160, 160);
-        }
-    }
-
-    /**
-     * PBEWithHmacRIPEMD160
-     */
-    public static class PBEWithHmacKeyFactory
-        extends PBESecretKeyFactory
-    {
-        public PBEWithHmacKeyFactory()
-        {
-            super("PBEwithHmacRIPEMD160", null, false, PKCS12, RIPEMD160, 160, 0);
-        }
-    }
-
-    public static class Mappings
-        extends DigestAlgorithmProvider
-    {
-        private static final String PREFIX = RIPEMD160.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("MessageDigest.RIPEMD160", PREFIX + "$Digest");
-            provider.addAlgorithm("Alg.Alias.MessageDigest." + TeleTrusTObjectIdentifiers.ripemd160, "RIPEMD160");
-
-            addHMACAlgorithm(provider, "RIPEMD160", PREFIX + "$HashMac", PREFIX + "$KeyGenerator");
-            addHMACAlias(provider, "RIPEMD160", IANAObjectIdentifiers.hmacRIPEMD160);
-
-
-            provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACRIPEMD160", PREFIX + "$PBEWithHmacKeyFactory");
-            provider.addAlgorithm("Mac.PBEWITHHMACRIPEMD160", PREFIX + "$PBEWithHmac");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/RIPEMD256.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/RIPEMD256.java
deleted file mode 100644
index dcb1b56..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/RIPEMD256.java
+++ /dev/null

@@ -1,75 +0,0 @@
-package org.bouncycastle.jcajce.provider.digest;
-
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.digests.RIPEMD256Digest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-
-public class RIPEMD256
-{
-    private RIPEMD256()
-    {
-
-    }
-
-    static public class Digest
-        extends BCMessageDigest
-        implements Cloneable
-    {
-        public Digest()
-        {
-            super(new RIPEMD256Digest());
-        }
-
-        public Object clone()
-            throws CloneNotSupportedException
-        {
-            Digest d = (Digest)super.clone();
-            d.digest = new RIPEMD256Digest((RIPEMD256Digest)digest);
-
-            return d;
-        }
-    }
-
-    /**
-     * RIPEMD256 HMac
-     */
-    public static class HashMac
-        extends BaseMac
-    {
-        public HashMac()
-        {
-            super(new HMac(new RIPEMD256Digest()));
-        }
-    }
-
-    public static class KeyGenerator
-        extends BaseKeyGenerator
-    {
-        public KeyGenerator()
-        {
-            super("HMACRIPEMD256", 256, new CipherKeyGenerator());
-        }
-    }
-
-    public static class Mappings
-        extends DigestAlgorithmProvider
-    {
-        private static final String PREFIX = RIPEMD256.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("MessageDigest.RIPEMD256", PREFIX + "$Digest");
-            provider.addAlgorithm("Alg.Alias.MessageDigest." + TeleTrusTObjectIdentifiers.ripemd256, "RIPEMD256");
-
-            addHMACAlgorithm(provider, "RIPEMD256", PREFIX + "$HashMac", PREFIX + "$KeyGenerator");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/RIPEMD320.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/RIPEMD320.java
deleted file mode 100644
index 12e0fd8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/RIPEMD320.java
+++ /dev/null

@@ -1,73 +0,0 @@
-package org.bouncycastle.jcajce.provider.digest;
-
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.digests.RIPEMD320Digest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-
-public class RIPEMD320
-{
-    private RIPEMD320()
-    {
-
-    }
-
-    static public class Digest
-        extends BCMessageDigest
-        implements Cloneable
-    {
-        public Digest()
-        {
-            super(new RIPEMD320Digest());
-        }
-
-        public Object clone()
-            throws CloneNotSupportedException
-        {
-            Digest d = (Digest)super.clone();
-            d.digest = new RIPEMD320Digest((RIPEMD320Digest)digest);
-
-            return d;
-        }
-    }
-
-    /**
-     * RIPEMD320 HMac
-     */
-    public static class HashMac
-        extends BaseMac
-    {
-        public HashMac()
-        {
-            super(new HMac(new RIPEMD320Digest()));
-        }
-    }
-
-    public static class KeyGenerator
-        extends BaseKeyGenerator
-    {
-        public KeyGenerator()
-        {
-            super("HMACRIPEMD320", 320, new CipherKeyGenerator());
-        }
-    }
-
-    public static class Mappings
-        extends DigestAlgorithmProvider
-    {
-        private static final String PREFIX = RIPEMD320.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("MessageDigest.RIPEMD320", PREFIX + "$Digest");
-
-            addHMACAlgorithm(provider, "RIPEMD320", PREFIX + "$HashMac", PREFIX + "$KeyGenerator");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA256.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA256.java
index e203362..af375c2 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA256.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA256.java

@@ -45,9 +45,11 @@
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     /**
      * PBEWithHmacSHA
-     */
+     *
     public static class PBEWithMacKeyFactory
         extends PBESecretKeyFactory
     {
@@ -56,6 +58,8 @@
             super("PBEwithHmacSHA256", null, false, PKCS12, SHA256, 256, 0);
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     /**
      * HMACSHA256
@@ -84,9 +88,11 @@
             provider.addAlgorithm("Alg.Alias.MessageDigest.SHA256", "SHA-256");
             provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha256, "SHA-256");
 
-            provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACSHA256", PREFIX + "$PBEWithMacKeyFactory");
-            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHHMACSHA-256", "PBEWITHHMACSHA256");
-            provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + NISTObjectIdentifiers.id_sha256, "PBEWITHHMACSHA256");
+            // BEGIN Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACSHA256", PREFIX + "$PBEWithMacKeyFactory");
+            // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHHMACSHA-256", "PBEWITHHMACSHA256");
+            // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + NISTObjectIdentifiers.id_sha256, "PBEWITHHMACSHA256");
+            // END Android-removed: Unsupported algorithms
 
             provider.addAlgorithm("Mac.PBEWITHHMACSHA256", PREFIX + "$HashMac");
 

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA3.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA3.java
deleted file mode 100644
index 8f048b1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA3.java
+++ /dev/null

@@ -1,196 +0,0 @@
-package org.bouncycastle.jcajce.provider.digest;
-
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.digests.SHA3Digest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-
-public class SHA3
-{
-    private SHA3()
-    {
-
-    }
-
-    static public class DigestSHA3
-        extends BCMessageDigest
-        implements Cloneable
-    {
-        public DigestSHA3(int size)
-        {
-            super(new SHA3Digest(size));
-        }
-
-        public Object clone()
-            throws CloneNotSupportedException
-        {
-            BCMessageDigest d = (BCMessageDigest)super.clone();
-            d.digest = new SHA3Digest((SHA3Digest)digest);
-
-            return d;
-        }
-    }
-
-    public static class HashMacSHA3
-        extends BaseMac
-    {
-        public HashMacSHA3(int size)
-        {
-            super(new HMac(new SHA3Digest(size)));
-        }
-    }
-
-    public static class KeyGeneratorSHA3
-        extends BaseKeyGenerator
-    {
-        public KeyGeneratorSHA3(int size)
-        {
-            super("HMACSHA3-" + size, size, new CipherKeyGenerator());
-        }
-    }
-
-    static public class Digest224
-        extends DigestSHA3
-    {
-        public Digest224()
-        {
-            super(224);
-        }
-    }
-
-    static public class Digest256
-        extends DigestSHA3
-    {
-        public Digest256()
-        {
-            super(256);
-        }
-    }
-
-    static public class Digest384
-        extends DigestSHA3
-    {
-        public Digest384()
-        {
-            super(384);
-        }
-    }
-
-    static public class Digest512
-        extends DigestSHA3
-    {
-        public Digest512()
-        {
-            super(512);
-        }
-    }
-
-    static public class HashMac224
-        extends HashMacSHA3
-    {
-        public HashMac224()
-        {
-            super(224);
-        }
-    }
-
-    static public class HashMac256
-        extends HashMacSHA3
-    {
-        public HashMac256()
-        {
-            super(256);
-        }
-    }
-
-    static public class HashMac384
-        extends HashMacSHA3
-    {
-        public HashMac384()
-        {
-            super(384);
-        }
-    }
-
-    static public class HashMac512
-        extends HashMacSHA3
-    {
-        public HashMac512()
-        {
-            super(512);
-        }
-    }
-
-    static public class KeyGenerator224
-        extends KeyGeneratorSHA3
-    {
-        public KeyGenerator224()
-        {
-            super(224);
-        }
-    }
-
-    static public class KeyGenerator256
-        extends KeyGeneratorSHA3
-    {
-        public KeyGenerator256()
-        {
-            super(256);
-        }
-    }
-
-    static public class KeyGenerator384
-        extends KeyGeneratorSHA3
-    {
-        public KeyGenerator384()
-        {
-            super(384);
-        }
-    }
-
-    static public class KeyGenerator512
-        extends KeyGeneratorSHA3
-    {
-        public KeyGenerator512()
-        {
-            super(512);
-        }
-    }
-
-    public static class Mappings
-        extends DigestAlgorithmProvider
-    {
-        private static final String PREFIX = SHA3.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("MessageDigest.SHA3-224", PREFIX + "$Digest224");
-            provider.addAlgorithm("MessageDigest.SHA3-256", PREFIX + "$Digest256");
-            provider.addAlgorithm("MessageDigest.SHA3-384", PREFIX + "$Digest384");
-            provider.addAlgorithm("MessageDigest.SHA3-512", PREFIX + "$Digest512");
-            provider.addAlgorithm("MessageDigest", NISTObjectIdentifiers.id_sha3_224, PREFIX + "$Digest224");
-            provider.addAlgorithm("MessageDigest", NISTObjectIdentifiers.id_sha3_256, PREFIX + "$Digest256");
-            provider.addAlgorithm("MessageDigest", NISTObjectIdentifiers.id_sha3_384, PREFIX + "$Digest384");
-            provider.addAlgorithm("MessageDigest", NISTObjectIdentifiers.id_sha3_512, PREFIX + "$Digest512");
-
-            addHMACAlgorithm(provider, "SHA3-224", PREFIX + "$HashMac224",  PREFIX + "$KeyGenerator224");
-            addHMACAlias(provider, "SHA3-224", NISTObjectIdentifiers.id_hmacWithSHA3_224);
-
-            addHMACAlgorithm(provider, "SHA3-256", PREFIX + "$HashMac256",  PREFIX + "$KeyGenerator256");
-            addHMACAlias(provider, "SHA3-256", NISTObjectIdentifiers.id_hmacWithSHA3_256);
-
-            addHMACAlgorithm(provider, "SHA3-384", PREFIX + "$HashMac384",  PREFIX + "$KeyGenerator384");
-            addHMACAlias(provider, "SHA3-384", NISTObjectIdentifiers.id_hmacWithSHA3_384);
-
-            addHMACAlgorithm(provider, "SHA3-512", PREFIX + "$HashMac512",  PREFIX + "$KeyGenerator512");
-            addHMACAlias(provider, "SHA3-512", NISTObjectIdentifiers.id_hmacWithSHA3_512);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA384.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA384.java
index 75b04eb..8bddcb2 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA384.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA384.java

@@ -5,7 +5,8 @@
 import org.bouncycastle.crypto.CipherKeyGenerator;
 import org.bouncycastle.crypto.digests.SHA384Digest;
 import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.macs.OldHMac;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.macs.OldHMac;
 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
 import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
 import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
@@ -57,6 +58,8 @@
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     public static class OldSHA384
         extends BaseMac
     {
@@ -65,6 +68,8 @@
             super(new OldHMac(new SHA384Digest()));
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     public static class Mappings
         extends DigestAlgorithmProvider
@@ -80,7 +85,8 @@
             provider.addAlgorithm("MessageDigest.SHA-384", PREFIX + "$Digest");
             provider.addAlgorithm("Alg.Alias.MessageDigest.SHA384", "SHA-384");
             provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha384, "SHA-384");
-            provider.addAlgorithm("Mac.OLDHMACSHA384", PREFIX + "$OldSHA384");
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("Mac.OLDHMACSHA384", PREFIX + "$OldSHA384");
 
             provider.addAlgorithm("Mac.PBEWITHHMACSHA384", PREFIX + "$HashMac");
 

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA512.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA512.java
index 01371e7..589e26a 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA512.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SHA512.java

@@ -4,9 +4,11 @@
 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
 import org.bouncycastle.crypto.CipherKeyGenerator;
 import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.digests.SHA512tDigest;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.digests.SHA512tDigest;
 import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.macs.OldHMac;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.macs.OldHMac;
 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
 import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
 import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
@@ -37,6 +39,8 @@
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     static public class DigestT
         extends BCMessageDigest
         implements Cloneable
@@ -73,6 +77,8 @@
             super(256);
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     public static class HashMac
         extends BaseMac
@@ -83,6 +89,8 @@
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     public static class HashMacT224
         extends BaseMac
     {
@@ -103,7 +111,7 @@
 
     /**
      * SHA-512 HMac
-     */
+     *
     public static class OldSHA512
         extends BaseMac
     {
@@ -112,6 +120,8 @@
             super(new OldHMac(new SHA512Digest()));
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     /**
      * HMACSHA512
@@ -125,6 +135,8 @@
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     public static class KeyGeneratorT224
         extends BaseKeyGenerator
     {
@@ -142,6 +154,8 @@
             super("HMACSHA512/256", 256, new CipherKeyGenerator());
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     public static class Mappings
         extends DigestAlgorithmProvider
@@ -158,6 +172,8 @@
             provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512", "SHA-512");
             provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512, "SHA-512");
 
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             provider.addAlgorithm("MessageDigest.SHA-512/224", PREFIX + "$DigestT224");
             provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512/224", "SHA-512/224");
             provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_224, "SHA-512/224");
@@ -167,14 +183,18 @@
             provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_256, "SHA-512/256");
 
             provider.addAlgorithm("Mac.OLDHMACSHA512", PREFIX + "$OldSHA512");
+            */
+            // END Android-removed: Unsupported algorithms
 
             provider.addAlgorithm("Mac.PBEWITHHMACSHA512", PREFIX + "$HashMac");
 
             addHMACAlgorithm(provider, "SHA512", PREFIX + "$HashMac",  PREFIX + "$KeyGenerator");
             addHMACAlias(provider, "SHA512", PKCSObjectIdentifiers.id_hmacWithSHA512);
 
-            addHMACAlgorithm(provider, "SHA512/224", PREFIX + "$HashMacT224",  PREFIX + "$KeyGeneratorT224");
-            addHMACAlgorithm(provider, "SHA512/256", PREFIX + "$HashMacT256",  PREFIX + "$KeyGeneratorT256");
+            // BEGIN Android-removed: Unsupported algorithms
+            // addHMACAlgorithm(provider, "SHA512/224", PREFIX + "$HashMacT224",  PREFIX + "$KeyGeneratorT224");
+            // addHMACAlgorithm(provider, "SHA512/256", PREFIX + "$HashMacT256",  PREFIX + "$KeyGeneratorT256");
+            // END Android-removed: Unsupported algorithms
         }
     }
 

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SM3.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SM3.java
deleted file mode 100644
index e93facc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/SM3.java
+++ /dev/null

@@ -1,49 +0,0 @@
-package org.bouncycastle.jcajce.provider.digest;
-
-import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
-import org.bouncycastle.crypto.digests.SM3Digest;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-
-public class SM3
-{
-    private SM3()
-    {
-    }
-
-    static public class Digest
-        extends BCMessageDigest
-        implements Cloneable
-    {
-        public Digest()
-        {
-            super(new SM3Digest());
-        }
-
-        public Object clone()
-            throws CloneNotSupportedException
-        {
-            Digest d = (Digest)super.clone();
-            d.digest = new SM3Digest((SM3Digest)digest);
-
-            return d;
-        }
-    }
-
-    public static class Mappings
-        extends DigestAlgorithmProvider
-    {
-        private static final String PREFIX = SM3.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("MessageDigest.SM3", PREFIX + "$Digest");
-            provider.addAlgorithm("Alg.Alias.MessageDigest.SM3", "SM3");
-            provider.addAlgorithm("Alg.Alias.MessageDigest.1.2.156.197.1.401", "SM3");  // old draft OID - deprecated
-            provider.addAlgorithm("Alg.Alias.MessageDigest." + GMObjectIdentifiers.sm3, "SM3");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/Skein.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/Skein.java
deleted file mode 100644
index 1191049..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/Skein.java
+++ /dev/null

@@ -1,740 +0,0 @@
-package org.bouncycastle.jcajce.provider.digest;
-
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.digests.SkeinDigest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.macs.SkeinMac;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-
-public class Skein
-{
-    private Skein()
-    {
-    }
-
-    public static class DigestSkein256
-        extends BCMessageDigest
-        implements Cloneable
-    {
-        public DigestSkein256(int outputSize)
-        {
-            super(new SkeinDigest(SkeinDigest.SKEIN_256, outputSize));
-        }
-
-        public Object clone()
-            throws CloneNotSupportedException
-        {
-            BCMessageDigest d = (BCMessageDigest)super.clone();
-            d.digest = new SkeinDigest((SkeinDigest)digest);
-
-            return d;
-        }
-    }
-
-    public static class Digest_256_128
-        extends DigestSkein256
-    {
-        public Digest_256_128()
-        {
-            super(128);
-        }
-    }
-
-    public static class Digest_256_160
-        extends DigestSkein256
-    {
-        public Digest_256_160()
-        {
-            super(160);
-        }
-    }
-
-    public static class Digest_256_224
-        extends DigestSkein256
-    {
-        public Digest_256_224()
-        {
-            super(224);
-        }
-    }
-
-    public static class Digest_256_256
-        extends DigestSkein256
-    {
-        public Digest_256_256()
-        {
-            super(256);
-        }
-    }
-
-    public static class DigestSkein512
-        extends BCMessageDigest
-        implements Cloneable
-    {
-        public DigestSkein512(int outputSize)
-        {
-            super(new SkeinDigest(SkeinDigest.SKEIN_512, outputSize));
-        }
-
-        public Object clone()
-            throws CloneNotSupportedException
-        {
-            BCMessageDigest d = (BCMessageDigest)super.clone();
-            d.digest = new SkeinDigest((SkeinDigest)digest);
-
-            return d;
-        }
-    }
-
-    public static class Digest_512_128
-        extends DigestSkein512
-    {
-        public Digest_512_128()
-        {
-            super(128);
-        }
-    }
-
-    public static class Digest_512_160
-        extends DigestSkein512
-    {
-        public Digest_512_160()
-        {
-            super(160);
-        }
-    }
-
-    public static class Digest_512_224
-        extends DigestSkein512
-    {
-        public Digest_512_224()
-        {
-            super(224);
-        }
-    }
-
-    public static class Digest_512_256
-        extends DigestSkein512
-    {
-        public Digest_512_256()
-        {
-            super(256);
-        }
-    }
-
-    public static class Digest_512_384
-        extends DigestSkein512
-    {
-        public Digest_512_384()
-        {
-            super(384);
-        }
-    }
-
-    public static class Digest_512_512
-        extends DigestSkein512
-    {
-        public Digest_512_512()
-        {
-            super(512);
-        }
-    }
-
-    public static class DigestSkein1024
-        extends BCMessageDigest
-        implements Cloneable
-    {
-        public DigestSkein1024(int outputSize)
-        {
-            super(new SkeinDigest(SkeinDigest.SKEIN_1024, outputSize));
-        }
-
-        public Object clone()
-            throws CloneNotSupportedException
-        {
-            BCMessageDigest d = (BCMessageDigest)super.clone();
-            d.digest = new SkeinDigest((SkeinDigest)digest);
-
-            return d;
-        }
-    }
-
-    public static class Digest_1024_384
-        extends DigestSkein1024
-    {
-        public Digest_1024_384()
-        {
-            super(384);
-        }
-    }
-
-    public static class Digest_1024_512
-        extends DigestSkein1024
-    {
-        public Digest_1024_512()
-        {
-            super(512);
-        }
-    }
-
-    public static class Digest_1024_1024
-        extends DigestSkein1024
-    {
-        public Digest_1024_1024()
-        {
-            super(1024);
-        }
-    }
-
-    /**
-     * Skein HMac
-     */
-    public static class HashMac_256_128
-        extends BaseMac
-    {
-        public HashMac_256_128()
-        {
-            super(new HMac(new SkeinDigest(SkeinDigest.SKEIN_256, 128)));
-        }
-    }
-
-    public static class HashMac_256_160
-        extends BaseMac
-    {
-        public HashMac_256_160()
-        {
-            super(new HMac(new SkeinDigest(SkeinDigest.SKEIN_256, 160)));
-        }
-    }
-
-    public static class HashMac_256_224
-        extends BaseMac
-    {
-        public HashMac_256_224()
-        {
-            super(new HMac(new SkeinDigest(SkeinDigest.SKEIN_256, 224)));
-        }
-    }
-
-    public static class HashMac_256_256
-        extends BaseMac
-    {
-        public HashMac_256_256()
-        {
-            super(new HMac(new SkeinDigest(SkeinDigest.SKEIN_256, 256)));
-        }
-    }
-
-    public static class HashMac_512_128
-        extends BaseMac
-    {
-        public HashMac_512_128()
-        {
-            super(new HMac(new SkeinDigest(SkeinDigest.SKEIN_512, 128)));
-        }
-    }
-
-    public static class HashMac_512_160
-        extends BaseMac
-    {
-        public HashMac_512_160()
-        {
-            super(new HMac(new SkeinDigest(SkeinDigest.SKEIN_512, 160)));
-        }
-    }
-
-    public static class HashMac_512_224
-        extends BaseMac
-    {
-        public HashMac_512_224()
-        {
-            super(new HMac(new SkeinDigest(SkeinDigest.SKEIN_512, 224)));
-        }
-    }
-
-    public static class HashMac_512_256
-        extends BaseMac
-    {
-        public HashMac_512_256()
-        {
-            super(new HMac(new SkeinDigest(SkeinDigest.SKEIN_512, 256)));
-        }
-    }
-
-    public static class HashMac_512_384
-        extends BaseMac
-    {
-        public HashMac_512_384()
-        {
-            super(new HMac(new SkeinDigest(SkeinDigest.SKEIN_512, 384)));
-        }
-    }
-
-    public static class HashMac_512_512
-        extends BaseMac
-    {
-        public HashMac_512_512()
-        {
-            super(new HMac(new SkeinDigest(SkeinDigest.SKEIN_512, 512)));
-        }
-    }
-
-    public static class HashMac_1024_384
-        extends BaseMac
-    {
-        public HashMac_1024_384()
-        {
-            super(new HMac(new SkeinDigest(SkeinDigest.SKEIN_1024, 384)));
-        }
-    }
-
-    public static class HashMac_1024_512
-        extends BaseMac
-    {
-        public HashMac_1024_512()
-        {
-            super(new HMac(new SkeinDigest(SkeinDigest.SKEIN_1024, 512)));
-        }
-    }
-
-    public static class HashMac_1024_1024
-        extends BaseMac
-    {
-        public HashMac_1024_1024()
-        {
-            super(new HMac(new SkeinDigest(SkeinDigest.SKEIN_1024, 1024)));
-        }
-    }
-
-    public static class HMacKeyGenerator_256_128
-        extends BaseKeyGenerator
-    {
-        public HMacKeyGenerator_256_128()
-        {
-            super("HMACSkein-256-128", 128, new CipherKeyGenerator());
-        }
-    }
-
-    public static class HMacKeyGenerator_256_160
-        extends BaseKeyGenerator
-    {
-        public HMacKeyGenerator_256_160()
-        {
-            super("HMACSkein-256-160", 160, new CipherKeyGenerator());
-        }
-    }
-
-    public static class HMacKeyGenerator_256_224
-        extends BaseKeyGenerator
-    {
-        public HMacKeyGenerator_256_224()
-        {
-            super("HMACSkein-256-224", 224, new CipherKeyGenerator());
-        }
-    }
-
-    public static class HMacKeyGenerator_256_256
-        extends BaseKeyGenerator
-    {
-        public HMacKeyGenerator_256_256()
-        {
-            super("HMACSkein-256-256", 256, new CipherKeyGenerator());
-        }
-    }
-
-    public static class HMacKeyGenerator_512_128
-        extends BaseKeyGenerator
-    {
-        public HMacKeyGenerator_512_128()
-        {
-            super("HMACSkein-512-128", 128, new CipherKeyGenerator());
-        }
-    }
-
-    public static class HMacKeyGenerator_512_160
-        extends BaseKeyGenerator
-    {
-        public HMacKeyGenerator_512_160()
-        {
-            super("HMACSkein-512-160", 160, new CipherKeyGenerator());
-        }
-    }
-
-    public static class HMacKeyGenerator_512_224
-        extends BaseKeyGenerator
-    {
-        public HMacKeyGenerator_512_224()
-        {
-            super("HMACSkein-512-224", 224, new CipherKeyGenerator());
-        }
-    }
-
-    public static class HMacKeyGenerator_512_256
-        extends BaseKeyGenerator
-    {
-        public HMacKeyGenerator_512_256()
-        {
-            super("HMACSkein-512-256", 256, new CipherKeyGenerator());
-        }
-    }
-
-    public static class HMacKeyGenerator_512_384
-        extends BaseKeyGenerator
-    {
-        public HMacKeyGenerator_512_384()
-        {
-            super("HMACSkein-512-384", 384, new CipherKeyGenerator());
-        }
-    }
-
-    public static class HMacKeyGenerator_512_512
-        extends BaseKeyGenerator
-    {
-        public HMacKeyGenerator_512_512()
-        {
-            super("HMACSkein-512-512", 512, new CipherKeyGenerator());
-        }
-    }
-
-    public static class HMacKeyGenerator_1024_384
-        extends BaseKeyGenerator
-    {
-        public HMacKeyGenerator_1024_384()
-        {
-            super("HMACSkein-1024-384", 384, new CipherKeyGenerator());
-        }
-    }
-
-    public static class HMacKeyGenerator_1024_512
-        extends BaseKeyGenerator
-    {
-        public HMacKeyGenerator_1024_512()
-        {
-            super("HMACSkein-1024-512", 512, new CipherKeyGenerator());
-        }
-    }
-
-    public static class HMacKeyGenerator_1024_1024
-        extends BaseKeyGenerator
-    {
-        public HMacKeyGenerator_1024_1024()
-        {
-            super("HMACSkein-1024-1024", 1024, new CipherKeyGenerator());
-        }
-    }
-
-    /*
-     * Skein-MAC
-     */
-    public static class SkeinMac_256_128
-        extends BaseMac
-    {
-        public SkeinMac_256_128()
-        {
-            super(new SkeinMac(SkeinMac.SKEIN_256, 128));
-        }
-    }
-
-    public static class SkeinMac_256_160
-        extends BaseMac
-    {
-        public SkeinMac_256_160()
-        {
-            super(new SkeinMac(SkeinMac.SKEIN_256, 160));
-        }
-    }
-
-    public static class SkeinMac_256_224
-        extends BaseMac
-    {
-        public SkeinMac_256_224()
-        {
-            super(new SkeinMac(SkeinMac.SKEIN_256, 224));
-        }
-    }
-
-    public static class SkeinMac_256_256
-        extends BaseMac
-    {
-        public SkeinMac_256_256()
-        {
-            super(new SkeinMac(SkeinMac.SKEIN_256, 256));
-        }
-    }
-
-    public static class SkeinMac_512_128
-        extends BaseMac
-    {
-        public SkeinMac_512_128()
-        {
-            super(new SkeinMac(SkeinMac.SKEIN_512, 128));
-        }
-    }
-
-    public static class SkeinMac_512_160
-        extends BaseMac
-    {
-        public SkeinMac_512_160()
-        {
-            super(new SkeinMac(SkeinMac.SKEIN_512, 160));
-        }
-    }
-
-    public static class SkeinMac_512_224
-        extends BaseMac
-    {
-        public SkeinMac_512_224()
-        {
-            super(new SkeinMac(SkeinMac.SKEIN_512, 224));
-        }
-    }
-
-    public static class SkeinMac_512_256
-        extends BaseMac
-    {
-        public SkeinMac_512_256()
-        {
-            super(new SkeinMac(SkeinMac.SKEIN_512, 256));
-        }
-    }
-
-    public static class SkeinMac_512_384
-        extends BaseMac
-    {
-        public SkeinMac_512_384()
-        {
-            super(new SkeinMac(SkeinMac.SKEIN_512, 384));
-        }
-    }
-
-    public static class SkeinMac_512_512
-        extends BaseMac
-    {
-        public SkeinMac_512_512()
-        {
-            super(new SkeinMac(SkeinMac.SKEIN_512, 512));
-        }
-    }
-
-    public static class SkeinMac_1024_384
-        extends BaseMac
-    {
-        public SkeinMac_1024_384()
-        {
-            super(new SkeinMac(SkeinMac.SKEIN_1024, 384));
-        }
-    }
-
-    public static class SkeinMac_1024_512
-        extends BaseMac
-    {
-        public SkeinMac_1024_512()
-        {
-            super(new SkeinMac(SkeinMac.SKEIN_1024, 512));
-        }
-    }
-
-    public static class SkeinMac_1024_1024
-        extends BaseMac
-    {
-        public SkeinMac_1024_1024()
-        {
-            super(new SkeinMac(SkeinMac.SKEIN_1024, 1024));
-        }
-    }
-
-    public static class SkeinMacKeyGenerator_256_128
-        extends BaseKeyGenerator
-    {
-        public SkeinMacKeyGenerator_256_128()
-        {
-            super("Skein-MAC-256-128", 128, new CipherKeyGenerator());
-        }
-    }
-
-    public static class SkeinMacKeyGenerator_256_160
-        extends BaseKeyGenerator
-    {
-        public SkeinMacKeyGenerator_256_160()
-        {
-            super("Skein-MAC-256-160", 160, new CipherKeyGenerator());
-        }
-    }
-
-    public static class SkeinMacKeyGenerator_256_224
-        extends BaseKeyGenerator
-    {
-        public SkeinMacKeyGenerator_256_224()
-        {
-            super("Skein-MAC-256-224", 224, new CipherKeyGenerator());
-        }
-    }
-
-    public static class SkeinMacKeyGenerator_256_256
-        extends BaseKeyGenerator
-    {
-        public SkeinMacKeyGenerator_256_256()
-        {
-            super("Skein-MAC-256-256", 256, new CipherKeyGenerator());
-        }
-    }
-
-    public static class SkeinMacKeyGenerator_512_128
-        extends BaseKeyGenerator
-    {
-        public SkeinMacKeyGenerator_512_128()
-        {
-            super("Skein-MAC-512-128", 128, new CipherKeyGenerator());
-        }
-    }
-
-    public static class SkeinMacKeyGenerator_512_160
-        extends BaseKeyGenerator
-    {
-        public SkeinMacKeyGenerator_512_160()
-        {
-            super("Skein-MAC-512-160", 160, new CipherKeyGenerator());
-        }
-    }
-
-    public static class SkeinMacKeyGenerator_512_224
-        extends BaseKeyGenerator
-    {
-        public SkeinMacKeyGenerator_512_224()
-        {
-            super("Skein-MAC-512-224", 224, new CipherKeyGenerator());
-        }
-    }
-
-    public static class SkeinMacKeyGenerator_512_256
-        extends BaseKeyGenerator
-    {
-        public SkeinMacKeyGenerator_512_256()
-        {
-            super("Skein-MAC-512-256", 256, new CipherKeyGenerator());
-        }
-    }
-
-    public static class SkeinMacKeyGenerator_512_384
-        extends BaseKeyGenerator
-    {
-        public SkeinMacKeyGenerator_512_384()
-        {
-            super("Skein-MAC-512-384", 384, new CipherKeyGenerator());
-        }
-    }
-
-    public static class SkeinMacKeyGenerator_512_512
-        extends BaseKeyGenerator
-    {
-        public SkeinMacKeyGenerator_512_512()
-        {
-            super("Skein-MAC-512-512", 512, new CipherKeyGenerator());
-        }
-    }
-
-    public static class SkeinMacKeyGenerator_1024_384
-        extends BaseKeyGenerator
-    {
-        public SkeinMacKeyGenerator_1024_384()
-        {
-            super("Skein-MAC-1024-384", 384, new CipherKeyGenerator());
-        }
-    }
-
-    public static class SkeinMacKeyGenerator_1024_512
-        extends BaseKeyGenerator
-    {
-        public SkeinMacKeyGenerator_1024_512()
-        {
-            super("Skein-MAC-1024-512", 512, new CipherKeyGenerator());
-        }
-    }
-
-    public static class SkeinMacKeyGenerator_1024_1024
-        extends BaseKeyGenerator
-    {
-        public SkeinMacKeyGenerator_1024_1024()
-        {
-            super("Skein-MAC-1024-1024", 1024, new CipherKeyGenerator());
-        }
-    }
-
-    public static class Mappings
-        extends DigestAlgorithmProvider
-    {
-        private static final String PREFIX = Skein.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            // Skein sizes as used in "The Skein Hash Function Family 1.3"
-
-            provider.addAlgorithm("MessageDigest.Skein-256-128", PREFIX + "$Digest_256_128");
-            provider.addAlgorithm("MessageDigest.Skein-256-160", PREFIX + "$Digest_256_160");
-            provider.addAlgorithm("MessageDigest.Skein-256-224", PREFIX + "$Digest_256_224");
-            provider.addAlgorithm("MessageDigest.Skein-256-256", PREFIX + "$Digest_256_256");
-
-            provider.addAlgorithm("MessageDigest.Skein-512-128", PREFIX + "$Digest_512_128");
-            provider.addAlgorithm("MessageDigest.Skein-512-160", PREFIX + "$Digest_512_160");
-            provider.addAlgorithm("MessageDigest.Skein-512-224", PREFIX + "$Digest_512_224");
-            provider.addAlgorithm("MessageDigest.Skein-512-256", PREFIX + "$Digest_512_256");
-            provider.addAlgorithm("MessageDigest.Skein-512-384", PREFIX + "$Digest_512_384");
-            provider.addAlgorithm("MessageDigest.Skein-512-512", PREFIX + "$Digest_512_512");
-
-            provider.addAlgorithm("MessageDigest.Skein-1024-384", PREFIX + "$Digest_1024_384");
-            provider.addAlgorithm("MessageDigest.Skein-1024-512", PREFIX + "$Digest_1024_512");
-            provider.addAlgorithm("MessageDigest.Skein-1024-1024", PREFIX + "$Digest_1024_1024");
-
-            addHMACAlgorithm(provider, "Skein-256-128", PREFIX + "$HashMac_256_128", PREFIX + "$HMacKeyGenerator_256_128");
-            addHMACAlgorithm(provider, "Skein-256-160", PREFIX + "$HashMac_256_160", PREFIX + "$HMacKeyGenerator_256_160");
-            addHMACAlgorithm(provider, "Skein-256-224", PREFIX + "$HashMac_256_224", PREFIX + "$HMacKeyGenerator_256_224");
-            addHMACAlgorithm(provider, "Skein-256-256", PREFIX + "$HashMac_256_256", PREFIX + "$HMacKeyGenerator_256_256");
-
-            addHMACAlgorithm(provider, "Skein-512-128", PREFIX + "$HashMac_512_128", PREFIX + "$HMacKeyGenerator_512_128");
-            addHMACAlgorithm(provider, "Skein-512-160", PREFIX + "$HashMac_512_160", PREFIX + "$HMacKeyGenerator_512_160");
-            addHMACAlgorithm(provider, "Skein-512-224", PREFIX + "$HashMac_512_224", PREFIX + "$HMacKeyGenerator_512_224");
-            addHMACAlgorithm(provider, "Skein-512-256", PREFIX + "$HashMac_512_256", PREFIX + "$HMacKeyGenerator_512_256");
-            addHMACAlgorithm(provider, "Skein-512-384", PREFIX + "$HashMac_512_384", PREFIX + "$HMacKeyGenerator_512_384");
-            addHMACAlgorithm(provider, "Skein-512-512", PREFIX + "$HashMac_512_512", PREFIX + "$HMacKeyGenerator_512_512");
-
-            addHMACAlgorithm(provider, "Skein-1024-384", PREFIX + "$HashMac_1024_384", PREFIX + "$HMacKeyGenerator_1024_384");
-            addHMACAlgorithm(provider, "Skein-1024-512", PREFIX + "$HashMac_1024_512", PREFIX + "$HMacKeyGenerator_1024_512");
-            addHMACAlgorithm(provider, "Skein-1024-1024", PREFIX + "$HashMac_1024_1024", PREFIX + "$HMacKeyGenerator_1024_1024");
-
-            addSkeinMacAlgorithm(provider, 256, 128);
-            addSkeinMacAlgorithm(provider, 256, 160);
-            addSkeinMacAlgorithm(provider, 256, 224);
-            addSkeinMacAlgorithm(provider, 256, 256);
-
-            addSkeinMacAlgorithm(provider, 512, 128);
-            addSkeinMacAlgorithm(provider, 512, 160);
-            addSkeinMacAlgorithm(provider, 512, 224);
-            addSkeinMacAlgorithm(provider, 512, 256);
-            addSkeinMacAlgorithm(provider, 512, 384);
-            addSkeinMacAlgorithm(provider, 512, 512);
-
-            addSkeinMacAlgorithm(provider, 1024, 384);
-            addSkeinMacAlgorithm(provider, 1024, 512);
-            addSkeinMacAlgorithm(provider, 1024, 1024);
-        }
-
-        private void addSkeinMacAlgorithm(ConfigurableProvider provider, int blockSize, int outputSize)
-        {
-            String mainName = "Skein-MAC-" + blockSize + "-" + outputSize;
-            String algorithmClassName = PREFIX + "$SkeinMac_" + blockSize + "_" + outputSize;
-            String keyGeneratorClassName = PREFIX + "$SkeinMacKeyGenerator_" + blockSize + "_" + outputSize;
-
-            provider.addAlgorithm("Mac." + mainName, algorithmClassName);
-            provider.addAlgorithm("Alg.Alias.Mac.Skein-MAC" + blockSize + "/" + outputSize, mainName);
-            provider.addAlgorithm("KeyGenerator." + mainName, keyGeneratorClassName);
-            provider.addAlgorithm("Alg.Alias.KeyGenerator.Skein-MAC" + blockSize + "/" + outputSize, mainName);
-        }
-
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/Tiger.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/Tiger.java
deleted file mode 100644
index 3d248aa..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/Tiger.java
+++ /dev/null

@@ -1,115 +0,0 @@
-package org.bouncycastle.jcajce.provider.digest;
-
-import org.bouncycastle.asn1.iana.IANAObjectIdentifiers;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.digests.TigerDigest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory;
-
-public class Tiger
-{
-    private Tiger()
-    {
-
-    }
-
-    static public class Digest
-        extends BCMessageDigest
-        implements Cloneable
-    {
-        public Digest()
-        {
-            super(new TigerDigest());
-        }
-
-        public Object clone()
-            throws CloneNotSupportedException
-        {
-            Digest d = (Digest)super.clone();
-            d.digest = new TigerDigest((TigerDigest)digest);
-
-            return d;
-        }
-    }
-
-    /**
-     * Tiger HMac
-     */
-    public static class HashMac
-        extends BaseMac
-    {
-        public HashMac()
-        {
-            super(new HMac(new TigerDigest()));
-        }
-    }
-
-    public static class KeyGenerator
-        extends BaseKeyGenerator
-    {
-        public KeyGenerator()
-        {
-            super("HMACTIGER", 192, new CipherKeyGenerator());
-        }
-    }
-
-    /**
-     * Tiger HMac
-     */
-    public static class TigerHmac
-        extends BaseMac
-    {
-        public TigerHmac()
-        {
-            super(new HMac(new TigerDigest()));
-        }
-    }
-
-    /**
-     * PBEWithHmacTiger
-     */
-    public static class PBEWithMacKeyFactory
-        extends PBESecretKeyFactory
-    {
-        public PBEWithMacKeyFactory()
-        {
-            super("PBEwithHmacTiger", null, false, PKCS12, TIGER, 192, 0);
-        }
-    }
-
-    /**
-     * PBEWithHmacTiger
-     */
-    public static class PBEWithHashMac
-        extends BaseMac
-    {
-        public PBEWithHashMac()
-        {
-            super(new HMac(new TigerDigest()), PKCS12, TIGER, 192);
-        }
-    }
-
-    public static class Mappings
-        extends DigestAlgorithmProvider
-    {
-        private static final String PREFIX = Tiger.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("MessageDigest.TIGER", PREFIX + "$Digest");
-            provider.addAlgorithm("MessageDigest.Tiger", PREFIX + "$Digest"); // JDK 1.1.
-
-            addHMACAlgorithm(provider, "TIGER", PREFIX + "$HashMac", PREFIX + "$KeyGenerator");
-            addHMACAlias(provider, "TIGER", IANAObjectIdentifiers.hmacTIGER);
-
-            provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACTIGER", PREFIX + "$PBEWithMacKeyFactory");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/Whirlpool.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/Whirlpool.java
deleted file mode 100644
index 95bd9bc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/digest/Whirlpool.java
+++ /dev/null

@@ -1,75 +0,0 @@
-package org.bouncycastle.jcajce.provider.digest;
-
-import org.bouncycastle.asn1.iso.ISOIECObjectIdentifiers;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.digests.WhirlpoolDigest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-
-public class Whirlpool
-{
-    private Whirlpool()
-    {
-
-    }
-
-    static public class Digest
-        extends BCMessageDigest
-        implements Cloneable
-    {
-        public Digest()
-        {
-            super(new WhirlpoolDigest());
-        }
-
-        public Object clone()
-            throws CloneNotSupportedException
-        {
-            Digest d = (Digest)super.clone();
-            d.digest = new WhirlpoolDigest((WhirlpoolDigest)digest);
-
-            return d;
-        }
-    }
-
-    /**
-     * Tiger HMac
-     */
-    public static class HashMac
-        extends BaseMac
-    {
-        public HashMac()
-        {
-            super(new HMac(new WhirlpoolDigest()));
-        }
-    }
-
-    public static class KeyGenerator
-        extends BaseKeyGenerator
-    {
-        public KeyGenerator()
-        {
-            super("HMACWHIRLPOOL", 512, new CipherKeyGenerator());
-        }
-    }
-
-    public static class Mappings
-        extends DigestAlgorithmProvider
-    {
-        private static final String PREFIX = Whirlpool.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("MessageDigest.WHIRLPOOL", PREFIX + "$Digest");
-            provider.addAlgorithm("MessageDigest", ISOIECObjectIdentifiers.whirlpool, PREFIX + "$Digest");
-
-            addHMACAlgorithm(provider, "WHIRLPOOL", PREFIX + "$HashMac", PREFIX + "$KeyGenerator");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/drbg/DRBG.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/drbg/DRBG.java
deleted file mode 100644
index 9939b8c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/drbg/DRBG.java
+++ /dev/null

@@ -1,473 +0,0 @@
-package org.bouncycastle.jcajce.provider.drbg;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.net.URL;
-import java.security.AccessController;
-import java.security.PrivilegedAction;
-import java.security.Provider;
-import java.security.SecureRandom;
-import java.security.SecureRandomSpi;
-import java.security.Security;
-import java.util.concurrent.atomic.AtomicBoolean;
-import java.util.concurrent.atomic.AtomicInteger;
-import java.util.concurrent.atomic.AtomicReference;
-
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.prng.EntropySource;
-import org.bouncycastle.crypto.prng.EntropySourceProvider;
-import org.bouncycastle.crypto.prng.SP800SecureRandom;
-import org.bouncycastle.crypto.prng.SP800SecureRandomBuilder;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.ClassUtil;
-import org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Pack;
-import org.bouncycastle.util.Strings;
-
-public class DRBG
-{
-    private static final String PREFIX = DRBG.class.getName();
-
-    // {"Provider class name","SecureRandomSpi class name"}
-    private static final String[][] initialEntropySourceNames = new String[][]
-        {
-            // Normal JVM
-            {"sun.security.provider.Sun", "sun.security.provider.SecureRandom"},
-            // Apache harmony
-            {"org.apache.harmony.security.provider.crypto.CryptoProvider", "org.apache.harmony.security.provider.crypto.SHA1PRNG_SecureRandomImpl"},
-            // Android.
-            {"com.android.org.conscrypt.OpenSSLProvider", "com.android.org.conscrypt.OpenSSLRandom"},
-            {"org.conscrypt.OpenSSLProvider", "org.conscrypt.OpenSSLRandom"},
-        };
-
-    private static final Object[] initialEntropySourceAndSpi = findSource();
-
-    // Cascade through providers looking for match.
-    private final static Object[] findSource()
-    {
-        for (int t = 0; t < initialEntropySourceNames.length; t++)
-        {
-            String[] pair = initialEntropySourceNames[t];
-            try
-            {
-                Object[] r = new Object[]{Class.forName(pair[0]).newInstance(), Class.forName(pair[1]).newInstance()};
-
-                return r;
-            }
-            catch (Throwable ex)
-            {
-                continue;
-            }
-        }
-
-        return null;
-    }
-
-    private static class CoreSecureRandom
-        extends SecureRandom
-    {
-        CoreSecureRandom()
-        {
-            super((SecureRandomSpi)initialEntropySourceAndSpi[1], (Provider)initialEntropySourceAndSpi[0]);
-        }
-    }
-
-    // unfortunately new SecureRandom() can cause a regress and it's the only reliable way of getting access
-    // to the JVM's seed generator.
-    private static SecureRandom createInitialEntropySource()
-    {
-        boolean hasGetInstanceStrong = AccessController.doPrivileged(new PrivilegedAction<Boolean>()
-        {
-            public Boolean run()
-            {
-                try
-                {
-                    Class def = SecureRandom.class;
-
-                    return def.getMethod("getInstanceStrong") != null;
-                }
-                catch (Exception e)
-                {
-                    return false;
-                }
-            }
-        });
-
-        if (hasGetInstanceStrong)
-        {
-            return AccessController.doPrivileged(new PrivilegedAction<SecureRandom>()
-            {
-                public SecureRandom run()
-                {
-                    try
-                    {
-                        return (SecureRandom)SecureRandom.class.getMethod("getInstanceStrong").invoke(null);
-                    }
-                    catch (Exception e)
-                    {
-                        return createCoreSecureRandom();
-                    }
-                }
-            });
-        }
-        else
-        {
-            return createCoreSecureRandom();
-        }
-    }
-
-    private static SecureRandom createCoreSecureRandom()
-    {
-        if (initialEntropySourceAndSpi != null)
-        {
-            return new CoreSecureRandom();
-        }
-        else
-        {
-            try
-            {
-                String source = Security.getProperty("securerandom.source");
-
-                return new URLSeededSecureRandom(new URL(source));
-            }
-            catch (Exception e)
-            {
-                return new SecureRandom();  // we're desperate, it's worth a try.
-            }
-        }
-    }
-
-    private static EntropySourceProvider createEntropySource()
-    {
-        final String sourceClass = System.getProperty("org.bouncycastle.drbg.entropysource");
-
-        return AccessController.doPrivileged(new PrivilegedAction<EntropySourceProvider>()
-        {
-            public EntropySourceProvider run()
-            {
-                try
-                {
-                    Class clazz = ClassUtil.loadClass(DRBG.class, sourceClass);
-
-                    return (EntropySourceProvider)clazz.newInstance();
-                }
-                catch (Exception e)
-                {
-                    throw new IllegalStateException("entropy source " + sourceClass + " not created: " + e.getMessage(), e);
-                }
-            }
-        });
-    }
-
-    private static SecureRandom createBaseRandom(boolean isPredictionResistant)
-    {
-        if (System.getProperty("org.bouncycastle.drbg.entropysource") != null)
-        {
-            EntropySourceProvider entropyProvider = createEntropySource();
-
-            EntropySource initSource = entropyProvider.get(16 * 8);
-
-            byte[] personalisationString = isPredictionResistant ? generateDefaultPersonalizationString(initSource.getEntropy())
-                                                                 : generateNonceIVPersonalizationString(initSource.getEntropy());
-
-            return new SP800SecureRandomBuilder(entropyProvider)
-                                .setPersonalizationString(personalisationString)
-                                .buildHash(new SHA512Digest(), Arrays.concatenate(initSource.getEntropy(), initSource.getEntropy()), isPredictionResistant);
-        }
-        else
-        {
-            SecureRandom randomSource = new HybridSecureRandom();   // needs to be done late, can't use static
-
-            byte[] personalisationString = isPredictionResistant ? generateDefaultPersonalizationString(randomSource.generateSeed(16))
-                                                                 : generateNonceIVPersonalizationString(randomSource.generateSeed(16));
-
-            return new SP800SecureRandomBuilder(randomSource, true)
-                .setPersonalizationString(personalisationString)
-                .buildHash(new SHA512Digest(), randomSource.generateSeed(32), isPredictionResistant);
-        }
-    }
-
-    public static class Default
-        extends SecureRandomSpi
-    {
-        private static final SecureRandom random = createBaseRandom(true);
-
-        public Default()
-        {
-        }
-
-        protected void engineSetSeed(byte[] bytes)
-        {
-            random.setSeed(bytes);
-        }
-
-        protected void engineNextBytes(byte[] bytes)
-        {
-            random.nextBytes(bytes);
-        }
-
-        protected byte[] engineGenerateSeed(int numBytes)
-        {
-            return random.generateSeed(numBytes);
-        }
-    }
-
-    public static class NonceAndIV
-        extends SecureRandomSpi
-    {
-        private static final SecureRandom random = createBaseRandom(false);
-
-        public NonceAndIV()
-        {
-        }
-
-        protected void engineSetSeed(byte[] bytes)
-        {
-            random.setSeed(bytes);
-        }
-
-        protected void engineNextBytes(byte[] bytes)
-        {
-            random.nextBytes(bytes);
-        }
-
-        protected byte[] engineGenerateSeed(int numBytes)
-        {
-            return random.generateSeed(numBytes);
-        }
-    }
-
-    public static class Mappings
-        extends AsymmetricAlgorithmProvider
-    {
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("SecureRandom.DEFAULT", PREFIX + "$Default");
-            provider.addAlgorithm("SecureRandom.NONCEANDIV", PREFIX + "$NonceAndIV");
-        }
-    }
-
-    private static byte[] generateDefaultPersonalizationString(byte[] seed)
-    {
-        return Arrays.concatenate(Strings.toByteArray("Default"), seed,
-            Pack.longToBigEndian(Thread.currentThread().getId()), Pack.longToBigEndian(System.currentTimeMillis()));
-    }
-
-    private static byte[] generateNonceIVPersonalizationString(byte[] seed)
-    {
-        return Arrays.concatenate(Strings.toByteArray("Nonce"), seed,
-            Pack.longToLittleEndian(Thread.currentThread().getId()), Pack.longToLittleEndian(System.currentTimeMillis()));
-    }
-
-    private static class HybridRandomProvider
-        extends Provider
-    {
-        protected HybridRandomProvider()
-        {
-            super("BCHEP", 1.0, "Bouncy Castle Hybrid Entropy Provider");
-        }
-    }
-
-    private static class URLSeededSecureRandom
-        extends SecureRandom
-    {
-        private final InputStream seedStream;
-
-        URLSeededSecureRandom(final URL url)
-        {
-            super(null, new HybridRandomProvider());
-
-            this.seedStream = AccessController.doPrivileged(new PrivilegedAction<InputStream>()
-            {
-                public InputStream run()
-                {
-                    try
-                    {
-                        return url.openStream();
-                    }
-                    catch (IOException e)
-                    {
-                        throw new InternalError("unable to open random source");
-                    }
-                }
-            });
-        }
-
-        public void setSeed(byte[] seed)
-        {
-            // ignore
-        }
-
-        public void setSeed(long seed)
-        {
-            // ignore
-        }
-
-        public byte[] generateSeed(int numBytes)
-        {
-            synchronized (this)
-            {
-                byte[] data = new byte[numBytes];
-
-                int off = 0;
-                int len;
-
-                while (off != data.length && (len = privilegedRead(data, off, data.length - off)) > -1)
-                {
-                    off += len;
-                }
-
-                if (off != data.length)
-                {
-                    throw new InternalError("unable to fully read random source");
-                }
-
-                return data;
-            }
-        }
-
-        private int privilegedRead(final byte[] data, final int off, final int len)
-        {
-            return AccessController.doPrivileged(new PrivilegedAction<Integer>()
-            {
-                public Integer run()
-                {
-                    try
-                    {
-                        return seedStream.read(data, off, len);
-                    }
-                    catch (IOException e)
-                    {
-                        throw new InternalError("unable to read random source");
-                    }
-                }
-            });
-        }
-    }
-
-    private static class HybridSecureRandom
-        extends SecureRandom
-    {
-        private final AtomicBoolean seedAvailable = new AtomicBoolean(false);
-        private final AtomicInteger samples = new AtomicInteger(0);
-        private final SecureRandom baseRandom = createInitialEntropySource();
-
-        private final SP800SecureRandom drbg;
-
-        HybridSecureRandom()
-        {
-            super(null, new HybridRandomProvider());
-            drbg = new SP800SecureRandomBuilder(new EntropySourceProvider()
-                {
-                    public EntropySource get(final int bitsRequired)
-                    {
-                        return new SignallingEntropySource(bitsRequired);
-                    }
-                })
-                .setPersonalizationString(Strings.toByteArray("Bouncy Castle Hybrid Entropy Source"))
-                .buildHMAC(new HMac(new SHA512Digest()), baseRandom.generateSeed(32), false);     // 32 byte nonce
-        }
-
-        public void setSeed(byte[] seed)
-        {
-            if (drbg != null)
-            {
-                drbg.setSeed(seed);
-            }
-        }
-
-        public void setSeed(long seed)
-        {
-            if (drbg != null)
-            {
-                drbg.setSeed(seed);
-            }
-        }
-
-        public byte[] generateSeed(int numBytes)
-        {
-            byte[] data = new byte[numBytes];
-
-            // after 20 samples we'll start to check if there is new seed material.
-            if (samples.getAndIncrement() > 20)
-            {
-                if (seedAvailable.getAndSet(false))
-                {
-                    samples.set(0);
-                    drbg.reseed((byte[])null);    // need for Java 1.9
-                }
-            }
-
-            drbg.nextBytes(data);
-
-            return data;
-        }
-
-        private class SignallingEntropySource
-            implements EntropySource
-        {
-            private final int byteLength;
-            private final AtomicReference entropy = new AtomicReference();
-            private final AtomicBoolean scheduled = new AtomicBoolean(false);
-
-            SignallingEntropySource(int bitsRequired)
-            {
-                this.byteLength = (bitsRequired + 7) / 8;
-            }
-
-            public boolean isPredictionResistant()
-            {
-                return true;
-            }
-
-            public byte[] getEntropy()
-            {
-                byte[] seed = (byte[])entropy.getAndSet(null);
-
-                if (seed == null || seed.length != byteLength)
-                {
-                    seed = baseRandom.generateSeed(byteLength);
-                }
-                else
-                {
-                    scheduled.set(false);
-                }
-
-                if (!scheduled.getAndSet(true))
-                {
-                    new Thread(new EntropyGatherer(byteLength)).start();
-                }
-
-                return seed;
-            }
-
-            public int entropySize()
-            {
-                return byteLength * 8;
-            }
-
-            private class EntropyGatherer
-                implements Runnable
-            {
-                private final int numBytes;
-
-                EntropyGatherer(int numBytes)
-                {
-                    this.numBytes = numBytes;
-                }
-
-                public void run()
-                {
-                    entropy.set(baseRandom.generateSeed(numBytes));
-                    seedAvailable.set(true);
-                }
-            }
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/BC.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/BC.java
index 30a81ff..5bc0aa8 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/BC.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/BC.java

@@ -17,7 +17,8 @@
         public void configure(ConfigurableProvider provider)
         {
             provider.addAlgorithm("KeyStore.BKS", PREFIX + "BcKeyStoreSpi$Std");
-            provider.addAlgorithm("KeyStore.BKS-V1", PREFIX + "BcKeyStoreSpi$Version1");
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("KeyStore.BKS-V1", PREFIX + "BcKeyStoreSpi$Version1");
             provider.addAlgorithm("KeyStore.BouncyCastle", PREFIX + "BcKeyStoreSpi$BouncyCastleStore");
             provider.addAlgorithm("Alg.Alias.KeyStore.UBER", "BouncyCastle");
             provider.addAlgorithm("Alg.Alias.KeyStore.BOUNCYCASTLE", "BouncyCastle");

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/BCFKS.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/BCFKS.java
deleted file mode 100644
index 1f84e58..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/BCFKS.java
+++ /dev/null

@@ -1,26 +0,0 @@
-package org.bouncycastle.jcajce.provider.keystore;
-
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider;
-
-public class BCFKS
-{
-    private static final String PREFIX = "org.bouncycastle.jcajce.provider.keystore" + ".bcfks.";
-
-    public static class Mappings
-        extends AsymmetricAlgorithmProvider
-    {
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("KeyStore.BCFKS", PREFIX + "BcFKSKeyStoreSpi$Std");
-            provider.addAlgorithm("KeyStore.BCFKS-DEF", PREFIX + "BcFKSKeyStoreSpi$Def");
-
-            provider.addAlgorithm("KeyStore.IBCFKS", PREFIX + "BcFKSKeyStoreSpi$StdShared");
-            provider.addAlgorithm("KeyStore.IBCFKS-DEF", PREFIX + "BcFKSKeyStoreSpi$DefShared");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/PKCS12.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/PKCS12.java
index 73abd17..4dc856d 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/PKCS12.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/PKCS12.java

@@ -17,6 +17,8 @@
         public void configure(ConfigurableProvider provider)
         {
             provider.addAlgorithm("KeyStore.PKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore");
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             provider.addAlgorithm("KeyStore.BCPKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore");
             provider.addAlgorithm("KeyStore.PKCS12-DEF", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore");
 
@@ -25,6 +27,8 @@
     
             provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore");
             provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore3DES");
+            */
+            // END Android-removed: Unsupported algorithms
         }
     }
 }

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/bc/BcKeyStoreSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/bc/BcKeyStoreSpi.java
index 275b49f..f9ba6df 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/bc/BcKeyStoreSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/bc/BcKeyStoreSpi.java

@@ -48,7 +48,9 @@
 import org.bouncycastle.crypto.io.MacInputStream;
 import org.bouncycastle.crypto.io.MacOutputStream;
 import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+// Android-changed: Use default provider for JCA algorithms instead of BC
+// Was: import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
 import org.bouncycastle.jcajce.util.JcaJceHelper;
 import org.bouncycastle.jce.interfaces.BCKeyStore;
 import org.bouncycastle.jce.provider.BouncyCastleProvider;
@@ -92,7 +94,9 @@
 
     protected int              version;
 
-    private final JcaJceHelper helper = new BCJcaJceHelper();
+    // Android-changed: Use default provider for JCA algorithms instead of BC
+    // Was: private final JcaJceHelper helper = new BCJcaJceHelper();
+    private final JcaJceHelper helper = new DefaultJcaJceHelper();
 
     public BcKeyStoreSpi(int version)
     {

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/bcfks/BcFKSKeyStoreSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/bcfks/BcFKSKeyStoreSpi.java
deleted file mode 100644
index 884c9a5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/bcfks/BcFKSKeyStoreSpi.java
+++ /dev/null

@@ -1,1669 +0,0 @@
-package org.bouncycastle.jcajce.provider.keystore.bcfks;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.math.BigInteger;
-import java.security.AlgorithmParameters;
-import java.security.GeneralSecurityException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.KeyFactory;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.KeyStoreSpi;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Signature;
-import java.security.UnrecoverableKeyException;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-import java.security.interfaces.DSAKey;
-import java.security.interfaces.RSAKey;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.text.ParseException;
-import java.util.Date;
-import java.util.Enumeration;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.Map;
-
-import javax.crypto.BadPaddingException;
-import javax.crypto.Cipher;
-import javax.crypto.IllegalBlockSizeException;
-import javax.crypto.Mac;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.spec.SecretKeySpec;
-import javax.security.auth.callback.Callback;
-import javax.security.auth.callback.CallbackHandler;
-import javax.security.auth.callback.PasswordCallback;
-import javax.security.auth.callback.UnsupportedCallbackException;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.bc.EncryptedObjectStoreData;
-import org.bouncycastle.asn1.bc.EncryptedPrivateKeyData;
-import org.bouncycastle.asn1.bc.EncryptedSecretKeyData;
-import org.bouncycastle.asn1.bc.ObjectData;
-import org.bouncycastle.asn1.bc.ObjectDataSequence;
-import org.bouncycastle.asn1.bc.ObjectStore;
-import org.bouncycastle.asn1.bc.ObjectStoreData;
-import org.bouncycastle.asn1.bc.ObjectStoreIntegrityCheck;
-import org.bouncycastle.asn1.bc.PbkdMacIntegrityCheck;
-import org.bouncycastle.asn1.bc.SecretKeyData;
-import org.bouncycastle.asn1.bc.SignatureCheck;
-import org.bouncycastle.asn1.cms.CCMParameters;
-import org.bouncycastle.asn1.kisa.KISAObjectIdentifiers;
-import org.bouncycastle.asn1.misc.MiscObjectIdentifiers;
-import org.bouncycastle.asn1.misc.ScryptParams;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.nsri.NSRIObjectIdentifiers;
-import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo;
-import org.bouncycastle.asn1.pkcs.EncryptionScheme;
-import org.bouncycastle.asn1.pkcs.KeyDerivationFunc;
-import org.bouncycastle.asn1.pkcs.PBES2Parameters;
-import org.bouncycastle.asn1.pkcs.PBKDF2Params;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.PBEParametersGenerator;
-import org.bouncycastle.crypto.digests.SHA3Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator;
-import org.bouncycastle.crypto.generators.SCrypt;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.util.PBKDF2Config;
-import org.bouncycastle.crypto.util.PBKDFConfig;
-import org.bouncycastle.crypto.util.ScryptConfig;
-import org.bouncycastle.jcajce.BCFKSLoadStoreParameter;
-import org.bouncycastle.jcajce.BCFKSStoreParameter;
-import org.bouncycastle.jcajce.BCLoadStoreParameter;
-import org.bouncycastle.jcajce.util.BCJcaJceHelper;
-import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
-import org.bouncycastle.jcajce.util.JcaJceHelper;
-import org.bouncycastle.jce.interfaces.ECKey;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-
-class BcFKSKeyStoreSpi
-    extends KeyStoreSpi
-{
-    private static final Map<String, ASN1ObjectIdentifier> oidMap = new HashMap<String, ASN1ObjectIdentifier>();
-    private static final Map<ASN1ObjectIdentifier, String> publicAlgMap = new HashMap<ASN1ObjectIdentifier, String>();
-
-    static
-    {
-        // Note: AES handled inline
-        oidMap.put("DESEDE", OIWObjectIdentifiers.desEDE);
-        oidMap.put("TRIPLEDES", OIWObjectIdentifiers.desEDE);
-        oidMap.put("TDEA", OIWObjectIdentifiers.desEDE);
-        oidMap.put("HMACSHA1", PKCSObjectIdentifiers.id_hmacWithSHA1);
-        oidMap.put("HMACSHA224", PKCSObjectIdentifiers.id_hmacWithSHA224);
-        oidMap.put("HMACSHA256", PKCSObjectIdentifiers.id_hmacWithSHA256);
-        oidMap.put("HMACSHA384", PKCSObjectIdentifiers.id_hmacWithSHA384);
-        oidMap.put("HMACSHA512", PKCSObjectIdentifiers.id_hmacWithSHA512);
-        oidMap.put("SEED", KISAObjectIdentifiers.id_seedCBC);
-
-        oidMap.put("CAMELLIA.128", NTTObjectIdentifiers.id_camellia128_cbc);
-        oidMap.put("CAMELLIA.192", NTTObjectIdentifiers.id_camellia192_cbc);
-        oidMap.put("CAMELLIA.256", NTTObjectIdentifiers.id_camellia256_cbc);
-
-        oidMap.put("ARIA.128", NSRIObjectIdentifiers.id_aria128_cbc);
-        oidMap.put("ARIA.192", NSRIObjectIdentifiers.id_aria192_cbc);
-        oidMap.put("ARIA.256", NSRIObjectIdentifiers.id_aria256_cbc);
-
-        publicAlgMap.put(PKCSObjectIdentifiers.rsaEncryption, "RSA");
-        publicAlgMap.put(X9ObjectIdentifiers.id_ecPublicKey, "EC");
-        publicAlgMap.put(OIWObjectIdentifiers.elGamalAlgorithm, "DH");
-        publicAlgMap.put(PKCSObjectIdentifiers.dhKeyAgreement, "DH");
-        publicAlgMap.put(X9ObjectIdentifiers.id_dsa, "DSA");
-    }
-
-    private PublicKey verificationKey;
-    private BCFKSLoadStoreParameter.CertChainValidator validator;
-
-    private static String getPublicKeyAlg(ASN1ObjectIdentifier oid)
-    {
-        String algName = (String)publicAlgMap.get(oid);
-
-        if (algName != null)
-        {
-            return algName;
-        }
-
-        return oid.getId();
-    }
-
-    private final static BigInteger CERTIFICATE = BigInteger.valueOf(0);
-    private final static BigInteger PRIVATE_KEY = BigInteger.valueOf(1);
-    private final static BigInteger SECRET_KEY = BigInteger.valueOf(2);
-    private final static BigInteger PROTECTED_PRIVATE_KEY = BigInteger.valueOf(3);
-    private final static BigInteger PROTECTED_SECRET_KEY = BigInteger.valueOf(4);
-
-    private final JcaJceHelper helper;
-    private final Map<String, ObjectData> entries = new HashMap<String, ObjectData>();
-    private final Map<String, PrivateKey> privateKeyCache = new HashMap<String, PrivateKey>();
-
-    private AlgorithmIdentifier hmacAlgorithm;
-    private KeyDerivationFunc hmacPkbdAlgorithm;
-    private AlgorithmIdentifier signatureAlgorithm;
-    private Date creationDate;
-    private Date lastModifiedDate;
-    private ASN1ObjectIdentifier storeEncryptionAlgorithm = NISTObjectIdentifiers.id_aes256_CCM;
-
-    BcFKSKeyStoreSpi(JcaJceHelper helper)
-    {
-        this.helper = helper;
-    }
-
-    public Key engineGetKey(String alias, char[] password)
-        throws NoSuchAlgorithmException, UnrecoverableKeyException
-    {
-        ObjectData ent = (ObjectData)entries.get(alias);
-
-        if (ent != null)
-        {
-            if (ent.getType().equals(PRIVATE_KEY) || ent.getType().equals(PROTECTED_PRIVATE_KEY))
-            {
-                PrivateKey cachedKey = (PrivateKey)privateKeyCache.get(alias);
-                if (cachedKey != null)
-                {
-                    return cachedKey;
-                }
-
-                EncryptedPrivateKeyData encPrivData = EncryptedPrivateKeyData.getInstance(ent.getData());
-                EncryptedPrivateKeyInfo encInfo = EncryptedPrivateKeyInfo.getInstance(encPrivData.getEncryptedPrivateKeyInfo());
-
-                try
-                {
-                    PrivateKeyInfo pInfo = PrivateKeyInfo.getInstance(decryptData("PRIVATE_KEY_ENCRYPTION", encInfo.getEncryptionAlgorithm(), password, encInfo.getEncryptedData()));
-
-                    KeyFactory kFact = helper.createKeyFactory(getPublicKeyAlg(pInfo.getPrivateKeyAlgorithm().getAlgorithm()));
-
-                    PrivateKey privateKey = kFact.generatePrivate(new PKCS8EncodedKeySpec(pInfo.getEncoded()));
-
-                    // check that the key pair and the certificate public key are consistent
-                    // TODO: new ConsistentKeyPair(engineGetCertificate(alias).getPublicKey(), privateKey);
-
-                    privateKeyCache.put(alias, privateKey);
-
-                    return privateKey;
-                }
-                catch (Exception e)
-                {
-                    throw new UnrecoverableKeyException("BCFKS KeyStore unable to recover private key (" + alias + "): " + e.getMessage());
-                }
-            }
-            else if (ent.getType().equals(SECRET_KEY) || ent.getType().equals(PROTECTED_SECRET_KEY))
-            {
-                EncryptedSecretKeyData encKeyData = EncryptedSecretKeyData.getInstance(ent.getData());
-
-                try
-                {
-                    SecretKeyData keyData = SecretKeyData.getInstance(decryptData("SECRET_KEY_ENCRYPTION", encKeyData.getKeyEncryptionAlgorithm(), password, encKeyData.getEncryptedKeyData()));
-                    SecretKeyFactory kFact = helper.createSecretKeyFactory(keyData.getKeyAlgorithm().getId());
-
-                    return kFact.generateSecret(new SecretKeySpec(keyData.getKeyBytes(), keyData.getKeyAlgorithm().getId()));
-                }
-                catch (Exception e)
-                {
-                    throw new UnrecoverableKeyException("BCFKS KeyStore unable to recover secret key (" + alias + "): " + e.getMessage());
-                }
-            }
-            else
-            {
-                throw new UnrecoverableKeyException("BCFKS KeyStore unable to recover secret key (" + alias + "): type not recognized");
-            }
-        }
-
-        return null;
-    }
-
-    public Certificate[] engineGetCertificateChain(String alias)
-    {
-        ObjectData ent = (ObjectData)entries.get(alias);
-
-        if (ent != null)
-        {
-            if (ent.getType().equals(PRIVATE_KEY) || ent.getType().equals(PROTECTED_PRIVATE_KEY))
-            {
-                EncryptedPrivateKeyData encPrivData = EncryptedPrivateKeyData.getInstance(ent.getData());
-                org.bouncycastle.asn1.x509.Certificate[] certificates = encPrivData.getCertificateChain();
-                Certificate[] chain = new X509Certificate[certificates.length];
-
-                for (int i = 0; i != chain.length; i++)
-                {
-                    chain[i] = decodeCertificate(certificates[i]);
-                }
-
-                return chain;
-            }
-        }
-
-        return null;
-    }
-
-    public Certificate engineGetCertificate(String s)
-    {
-        ObjectData ent = (ObjectData)entries.get(s);
-
-        if (ent != null)
-        {
-            if (ent.getType().equals(PRIVATE_KEY) || ent.getType().equals(PROTECTED_PRIVATE_KEY))
-            {
-                EncryptedPrivateKeyData encPrivData = EncryptedPrivateKeyData.getInstance(ent.getData());
-                org.bouncycastle.asn1.x509.Certificate[] certificates = encPrivData.getCertificateChain();
-
-                return decodeCertificate(certificates[0]);
-            }
-            else if (ent.getType().equals(CERTIFICATE))
-            {
-                return decodeCertificate(ent.getData());
-            }
-        }
-
-        return null;
-    }
-
-    private Certificate decodeCertificate(Object cert)
-    {
-        if (helper != null)
-        {
-            try
-            {
-                CertificateFactory certFact = helper.createCertificateFactory("X.509");
-
-                return certFact.generateCertificate(new ByteArrayInputStream(org.bouncycastle.asn1.x509.Certificate.getInstance(cert).getEncoded()));
-            }
-            catch (Exception e)
-            {
-                return null;
-            }
-        }
-        else
-        {
-            try
-            {
-                CertificateFactory certFact = CertificateFactory.getInstance("X.509");
-
-                return certFact.generateCertificate(new ByteArrayInputStream(org.bouncycastle.asn1.x509.Certificate.getInstance(cert).getEncoded()));
-            }
-            catch (Exception e)
-            {
-                return null;
-            }
-        }
-    }
-
-    public Date engineGetCreationDate(String s)
-    {
-        ObjectData ent = (ObjectData)entries.get(s);
-
-        if (ent != null)
-        {
-            try
-            {
-                // we return last modified as it represents date current state of entry was created
-                return ent.getLastModifiedDate().getDate();
-            }
-            catch (ParseException e)
-            {
-                return new Date();     // it's here, but...
-            }
-        }
-
-        return null;
-    }
-
-    public void engineSetKeyEntry(String alias, Key key, char[] password, Certificate[] chain)
-        throws KeyStoreException
-    {
-        Date creationDate = new Date();
-        Date lastEditDate = creationDate;
-
-        ObjectData entry = (ObjectData)entries.get(alias);
-        if (entry != null)
-        {
-            creationDate = extractCreationDate(entry, creationDate);
-        }
-
-        privateKeyCache.remove(alias);
-
-        if (key instanceof PrivateKey)
-        {
-            if (chain == null)
-            {
-                throw new KeyStoreException("BCFKS KeyStore requires a certificate chain for private key storage.");
-            }
-
-            try
-            {
-                // check that the key pair and the certificate public are consistent
-                // TODO: new ConsistentKeyPair(chain[0].getPublicKey(), (PrivateKey)key);
-
-                byte[] encodedKey = key.getEncoded();
-
-                KeyDerivationFunc pbkdAlgId = generatePkbdAlgorithmIdentifier(PKCSObjectIdentifiers.id_PBKDF2, 256 / 8);
-                byte[] keyBytes = generateKey(pbkdAlgId, "PRIVATE_KEY_ENCRYPTION", ((password != null) ? password : new char[0]), 32);
-
-                EncryptedPrivateKeyInfo keyInfo;
-                if (storeEncryptionAlgorithm.equals(NISTObjectIdentifiers.id_aes256_CCM))
-                {
-                    Cipher c = createCipher("AES/CCM/NoPadding", keyBytes);
-
-                    byte[] encryptedKey = c.doFinal(encodedKey);
-
-                    AlgorithmParameters algParams = c.getParameters();
-
-                    PBES2Parameters pbeParams = new PBES2Parameters(pbkdAlgId, new EncryptionScheme(NISTObjectIdentifiers.id_aes256_CCM, CCMParameters.getInstance(algParams.getEncoded())));
-
-                    keyInfo = new EncryptedPrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.id_PBES2, pbeParams), encryptedKey);
-                }
-                else
-                {
-                    Cipher c = createCipher("AESKWP", keyBytes);
-
-                    byte[] encryptedKey = c.doFinal(encodedKey);
-
-                    PBES2Parameters pbeParams = new PBES2Parameters(pbkdAlgId, new EncryptionScheme(NISTObjectIdentifiers.id_aes256_wrap_pad));
-
-                    keyInfo = new EncryptedPrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.id_PBES2, pbeParams), encryptedKey);
-                }
-
-                EncryptedPrivateKeyData keySeq = createPrivateKeySequence(keyInfo, chain);
-
-                entries.put(alias, new ObjectData(PRIVATE_KEY, alias, creationDate, lastEditDate, keySeq.getEncoded(), null));
-            }
-            catch (Exception e)
-            {
-                throw new ExtKeyStoreException("BCFKS KeyStore exception storing private key: " + e.toString(), e);
-            }
-        }
-        else if (key instanceof SecretKey)
-        {
-            if (chain != null)
-            {
-                throw new KeyStoreException("BCFKS KeyStore cannot store certificate chain with secret key.");
-            }
-
-            try
-            {
-                byte[] encodedKey = key.getEncoded();
-
-                KeyDerivationFunc pbkdAlgId = generatePkbdAlgorithmIdentifier(PKCSObjectIdentifiers.id_PBKDF2, 256 / 8);
-                byte[] keyBytes = generateKey(pbkdAlgId, "SECRET_KEY_ENCRYPTION", ((password != null) ? password : new char[0]), 32);
-
-                String keyAlg = Strings.toUpperCase(key.getAlgorithm());
-                SecretKeyData secKeyData;
-
-                if (keyAlg.indexOf("AES") > -1)
-                {
-                    secKeyData = new SecretKeyData(NISTObjectIdentifiers.aes, encodedKey);
-                }
-                else
-                {
-                    ASN1ObjectIdentifier algOid = (ASN1ObjectIdentifier)oidMap.get(keyAlg);
-                    if (algOid != null)
-                    {
-                        secKeyData = new SecretKeyData(algOid, encodedKey);
-                    }
-                    else
-                    {
-                        algOid = (ASN1ObjectIdentifier)oidMap.get(keyAlg + "." + (encodedKey.length * 8));
-                        if (algOid != null)
-                        {
-                            secKeyData = new SecretKeyData(algOid, encodedKey);
-                        }
-                        else
-                        {
-                            throw new KeyStoreException("BCFKS KeyStore cannot recognize secret key (" + keyAlg + ") for storage.");
-                        }
-                    }
-                }
-
-                EncryptedSecretKeyData keyData;
-                if (storeEncryptionAlgorithm.equals(NISTObjectIdentifiers.id_aes256_CCM))
-                {
-                    Cipher c = createCipher("AES/CCM/NoPadding", keyBytes);
-
-                    byte[] encryptedKey = c.doFinal(secKeyData.getEncoded());
-
-                    AlgorithmParameters algParams = c.getParameters();
-
-                    PBES2Parameters pbeParams = new PBES2Parameters(pbkdAlgId, new EncryptionScheme(NISTObjectIdentifiers.id_aes256_CCM, CCMParameters.getInstance(algParams.getEncoded())));
-
-                    keyData = new EncryptedSecretKeyData(new AlgorithmIdentifier(PKCSObjectIdentifiers.id_PBES2, pbeParams), encryptedKey);
-                }
-                else
-                {
-                    Cipher c = createCipher("AESKWP", keyBytes);
-
-                    byte[] encryptedKey = c.doFinal(secKeyData.getEncoded());
-
-                    PBES2Parameters pbeParams = new PBES2Parameters(pbkdAlgId, new EncryptionScheme(NISTObjectIdentifiers.id_aes256_wrap_pad));
-
-                    keyData = new EncryptedSecretKeyData(new AlgorithmIdentifier(PKCSObjectIdentifiers.id_PBES2, pbeParams), encryptedKey);
-                }
-                entries.put(alias, new ObjectData(SECRET_KEY, alias, creationDate, lastEditDate, keyData.getEncoded(), null));
-            }
-            catch (Exception e)
-            {
-                throw new ExtKeyStoreException("BCFKS KeyStore exception storing private key: " + e.toString(), e);
-            }
-        }
-        else
-        {
-            throw new KeyStoreException("BCFKS KeyStore unable to recognize key.");
-        }
-
-        lastModifiedDate = lastEditDate;
-    }
-
-    private Cipher createCipher(String algorithm, byte[] keyBytes)
-        throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, NoSuchProviderException
-    {
-        Cipher c = helper.createCipher(algorithm);
-
-        c.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(keyBytes, "AES"));
-
-        return c;
-    }
-
-    private SecureRandom getDefaultSecureRandom()
-    {
-        return CryptoServicesRegistrar.getSecureRandom();
-    }
-
-    private EncryptedPrivateKeyData createPrivateKeySequence(EncryptedPrivateKeyInfo encryptedPrivateKeyInfo, Certificate[] chain)
-        throws CertificateEncodingException
-    {
-        org.bouncycastle.asn1.x509.Certificate[] certChain = new org.bouncycastle.asn1.x509.Certificate[chain.length];
-        for (int i = 0; i != chain.length; i++)
-        {
-            certChain[i] = org.bouncycastle.asn1.x509.Certificate.getInstance(chain[i].getEncoded());
-        }
-
-        return new EncryptedPrivateKeyData(encryptedPrivateKeyInfo, certChain);
-    }
-
-    public void engineSetKeyEntry(String alias, byte[] keyBytes, Certificate[] chain)
-        throws KeyStoreException
-    {
-        Date creationDate = new Date();
-        Date lastEditDate = creationDate;
-
-        ObjectData entry = (ObjectData)entries.get(alias);
-        if (entry != null)
-        {
-            creationDate = extractCreationDate(entry, creationDate);
-        }
-
-        if (chain != null)
-        {
-            EncryptedPrivateKeyInfo encInfo;
-
-            try
-            {
-                encInfo = EncryptedPrivateKeyInfo.getInstance(keyBytes);
-            }
-            catch (Exception e)
-            {
-                throw new ExtKeyStoreException("BCFKS KeyStore private key encoding must be an EncryptedPrivateKeyInfo.", e);
-            }
-
-            try
-            {
-                privateKeyCache.remove(alias);
-                entries.put(alias, new ObjectData(PROTECTED_PRIVATE_KEY, alias, creationDate, lastEditDate, createPrivateKeySequence(encInfo, chain).getEncoded(), null));
-            }
-            catch (Exception e)
-            {
-                throw new ExtKeyStoreException("BCFKS KeyStore exception storing protected private key: " + e.toString(), e);
-            }
-        }
-        else
-        {
-            try
-            {
-                entries.put(alias, new ObjectData(PROTECTED_SECRET_KEY, alias, creationDate, lastEditDate, keyBytes, null));
-            }
-            catch (Exception e)
-            {
-                throw new ExtKeyStoreException("BCFKS KeyStore exception storing protected private key: " + e.toString(), e);
-            }
-        }
-
-        lastModifiedDate = lastEditDate;
-    }
-
-    public void engineSetCertificateEntry(String alias, Certificate certificate)
-        throws KeyStoreException
-    {
-        ObjectData entry = (ObjectData)entries.get(alias);
-        Date creationDate = new Date();
-        Date lastEditDate = creationDate;
-
-        if (entry != null)
-        {
-            if (!entry.getType().equals(CERTIFICATE))
-            {
-                throw new KeyStoreException("BCFKS KeyStore already has a key entry with alias " + alias);
-            }
-
-            creationDate = extractCreationDate(entry, creationDate);
-        }
-
-        try
-        {
-            entries.put(alias, new ObjectData(CERTIFICATE, alias, creationDate, lastEditDate, certificate.getEncoded(), null));
-        }
-        catch (CertificateEncodingException e)
-        {
-            throw new ExtKeyStoreException("BCFKS KeyStore unable to handle certificate: " + e.getMessage(), e);
-        }
-
-        lastModifiedDate = lastEditDate;
-    }
-
-    private Date extractCreationDate(ObjectData entry, Date creationDate)
-    {
-        try
-        {
-            creationDate = entry.getCreationDate().getDate();
-        }
-        catch (ParseException e)
-        {
-            // this should never happen, if it does we'll leave creation date unmodified and hope for the best.
-        }
-        return creationDate;
-    }
-
-    public void engineDeleteEntry(String alias)
-        throws KeyStoreException
-    {
-        ObjectData entry = (ObjectData)entries.get(alias);
-
-        if (entry == null)
-        {
-            return;
-        }
-
-        privateKeyCache.remove(alias);
-        entries.remove(alias);
-
-        lastModifiedDate = new Date();
-    }
-
-    public Enumeration<String> engineAliases()
-    {
-        final Iterator<String> it = new HashSet(entries.keySet()).iterator();
-
-        return new Enumeration()
-        {
-            public boolean hasMoreElements()
-            {
-                return it.hasNext();
-            }
-
-            public Object nextElement()
-            {
-                return it.next();
-            }
-        };
-    }
-
-    public boolean engineContainsAlias(String alias)
-    {
-        if (alias == null)
-        {
-            throw new NullPointerException("alias value is null");
-        }
-
-        return entries.containsKey(alias);
-    }
-
-    public int engineSize()
-    {
-        return entries.size();
-    }
-
-    public boolean engineIsKeyEntry(String alias)
-    {
-        ObjectData ent = (ObjectData)entries.get(alias);
-
-        if (ent != null)
-        {
-            BigInteger entryType = ent.getType();
-            return entryType.equals(PRIVATE_KEY) || entryType.equals(SECRET_KEY)
-                || entryType.equals(PROTECTED_PRIVATE_KEY) || entryType.equals(PROTECTED_SECRET_KEY);
-        }
-
-        return false;
-    }
-
-    public boolean engineIsCertificateEntry(String alias)
-    {
-        ObjectData ent = (ObjectData)entries.get(alias);
-
-        if (ent != null)
-        {
-            return ent.getType().equals(CERTIFICATE);
-        }
-
-        return false;
-    }
-
-    public String engineGetCertificateAlias(Certificate certificate)
-    {
-        if (certificate == null)
-        {
-            return null;
-        }
-
-        byte[] encodedCert;
-        try
-        {
-            encodedCert = certificate.getEncoded();
-        }
-        catch (CertificateEncodingException e)
-        {
-            return null;
-        }
-
-        for (Iterator<String> it = entries.keySet().iterator(); it.hasNext(); )
-        {
-            String alias = (String)it.next();
-            ObjectData ent = (ObjectData)entries.get(alias);
-
-            if (ent.getType().equals(CERTIFICATE))
-            {
-                if (Arrays.areEqual(ent.getData(), encodedCert))
-                {
-                    return alias;
-                }
-            }
-            else if (ent.getType().equals(PRIVATE_KEY) || ent.getType().equals(PROTECTED_PRIVATE_KEY))
-            {
-                try
-                {
-                    EncryptedPrivateKeyData encPrivData = EncryptedPrivateKeyData.getInstance(ent.getData());
-                    if (Arrays.areEqual(encPrivData.getCertificateChain()[0].toASN1Primitive().getEncoded(), encodedCert))
-                    {
-                        return alias;
-                    }
-                }
-                catch (IOException e)
-                {
-                    // ignore - this should never happen
-                }
-            }
-        }
-
-        return null;
-    }
-
-    private byte[] generateKey(KeyDerivationFunc pbkdAlgorithm, String purpose, char[] password, int defKeySize)
-        throws IOException
-    {
-        byte[] encPassword = PBEParametersGenerator.PKCS12PasswordToBytes(password);
-        byte[] differentiator = PBEParametersGenerator.PKCS12PasswordToBytes(purpose.toCharArray());
-
-        int keySizeInBytes = defKeySize;
-
-        if (MiscObjectIdentifiers.id_scrypt.equals(pbkdAlgorithm.getAlgorithm()))
-        {
-            ScryptParams params = ScryptParams.getInstance(pbkdAlgorithm.getParameters());
-
-            if (params.getKeyLength() != null)
-            {
-                keySizeInBytes = params.getKeyLength().intValue();
-            }
-            else if (keySizeInBytes == -1)
-            {
-                throw new IOException("no keyLength found in ScryptParams");
-            }
-            return SCrypt.generate(Arrays.concatenate(encPassword, differentiator), params.getSalt(),
-                params.getCostParameter().intValue(), params.getBlockSize().intValue(),
-                params.getBlockSize().intValue(), keySizeInBytes);
-        }
-        else if (pbkdAlgorithm.getAlgorithm().equals(PKCSObjectIdentifiers.id_PBKDF2))
-        {
-            PBKDF2Params pbkdf2Params = PBKDF2Params.getInstance(pbkdAlgorithm.getParameters());
-
-            if (pbkdf2Params.getKeyLength() != null)
-            {
-                keySizeInBytes = pbkdf2Params.getKeyLength().intValue();
-            }
-            else if (keySizeInBytes == -1)
-            {
-                throw new IOException("no keyLength found in PBKDF2Params");
-            }
-
-            if (pbkdf2Params.getPrf().getAlgorithm().equals(PKCSObjectIdentifiers.id_hmacWithSHA512))
-            {
-                PKCS5S2ParametersGenerator pGen = new PKCS5S2ParametersGenerator(new SHA512Digest());
-
-                pGen.init(Arrays.concatenate(encPassword, differentiator), pbkdf2Params.getSalt(), pbkdf2Params.getIterationCount().intValue());
-
-                return ((KeyParameter)pGen.generateDerivedParameters(keySizeInBytes * 8)).getKey();
-            }
-            else if (pbkdf2Params.getPrf().getAlgorithm().equals(NISTObjectIdentifiers.id_hmacWithSHA3_512))
-            {
-                PKCS5S2ParametersGenerator pGen = new PKCS5S2ParametersGenerator(new SHA3Digest(512));
-
-                pGen.init(Arrays.concatenate(encPassword, differentiator), pbkdf2Params.getSalt(), pbkdf2Params.getIterationCount().intValue());
-
-                return ((KeyParameter)pGen.generateDerivedParameters(keySizeInBytes * 8)).getKey();
-            }
-            else
-            {
-                throw new IOException("BCFKS KeyStore: unrecognized MAC PBKD PRF: " + pbkdf2Params.getPrf().getAlgorithm());
-            }
-        }
-        else
-        {
-            throw new IOException("BCFKS KeyStore: unrecognized MAC PBKD.");
-        }
-    }
-
-    private void verifySig(ASN1Encodable store, SignatureCheck integrityCheck, PublicKey key)
-        throws GeneralSecurityException, IOException
-    {
-        Signature sig = helper.createSignature(integrityCheck.getSignatureAlgorithm().getAlgorithm().getId());
-
-        sig.initVerify(key);
-
-        sig.update(store.toASN1Primitive().getEncoded(ASN1Encoding.DER));
-
-        if (!sig.verify(integrityCheck.getSignature().getOctets()))
-        {
-            throw new IOException("BCFKS KeyStore corrupted: signature calculation failed");
-        }
-    }
-
-    private void verifyMac(byte[] content, PbkdMacIntegrityCheck integrityCheck, char[] password)
-        throws NoSuchAlgorithmException, IOException, NoSuchProviderException
-    {
-        byte[] check = calculateMac(content, integrityCheck.getMacAlgorithm(), integrityCheck.getPbkdAlgorithm(), password);
-
-        if (!Arrays.constantTimeAreEqual(check, integrityCheck.getMac()))
-        {
-            throw new IOException("BCFKS KeyStore corrupted: MAC calculation failed");
-        }
-    }
-
-    private byte[] calculateMac(byte[] content, AlgorithmIdentifier algorithm, KeyDerivationFunc pbkdAlgorithm, char[] password)
-        throws NoSuchAlgorithmException, IOException, NoSuchProviderException
-    {
-        String algorithmId = algorithm.getAlgorithm().getId();
-
-        Mac mac = helper.createMac(algorithmId);
-
-        try
-        {
-            // no default key size for MAC.
-            mac.init(new SecretKeySpec(generateKey(pbkdAlgorithm, "INTEGRITY_CHECK", ((password != null) ? password : new char[0]), -1), algorithmId));
-        }
-        catch (InvalidKeyException e)
-        {
-            throw new IOException("Cannot set up MAC calculation: " + e.getMessage());
-        }
-
-        return mac.doFinal(content);
-    }
-
-    private char[] extractPassword(KeyStore.LoadStoreParameter bcParam)
-        throws IOException
-    {
-        KeyStore.ProtectionParameter protParam = bcParam.getProtectionParameter();
-
-        if (protParam == null)
-        {
-            return null;
-        }
-        else if (protParam instanceof KeyStore.PasswordProtection)
-        {
-            return ((KeyStore.PasswordProtection)protParam).getPassword();
-        }
-        else if (protParam instanceof KeyStore.CallbackHandlerProtection)
-        {
-            CallbackHandler handler = ((KeyStore.CallbackHandlerProtection)protParam).getCallbackHandler();
-
-            PasswordCallback passwordCallback = new PasswordCallback("password: ", false);
-
-            try
-            {
-                handler.handle(new Callback[]{passwordCallback});
-
-                return passwordCallback.getPassword();
-            }
-            catch (UnsupportedCallbackException e)
-            {
-                throw new IllegalArgumentException("PasswordCallback not recognised: " + e.getMessage(), e);
-            }
-        }
-        else
-        {
-            throw new IllegalArgumentException(
-                "no support for protection parameter of type " + protParam.getClass().getName());
-        }
-    }
-
-    public void engineStore(KeyStore.LoadStoreParameter parameter)
-        throws CertificateException, NoSuchAlgorithmException, IOException
-    {
-        if (parameter == null)
-        {
-            throw new IllegalArgumentException("'parameter' arg cannot be null");
-        }
-
-        if (parameter instanceof BCFKSStoreParameter)
-        {
-            BCFKSStoreParameter bcParam = (BCFKSStoreParameter)parameter;
-
-            char[] password = extractPassword(parameter);
-
-            hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier(bcParam.getStorePBKDFConfig(), 512 / 8);
-
-            engineStore(bcParam.getOutputStream(), password);
-        }
-        else if (parameter instanceof BCFKSLoadStoreParameter)
-        {
-            BCFKSLoadStoreParameter bcParam = (BCFKSLoadStoreParameter)parameter;
-
-            if (bcParam.getStoreSignatureKey() != null)
-            {
-                signatureAlgorithm = generateSignatureAlgId(bcParam.getStoreSignatureKey(), bcParam.getStoreSignatureAlgorithm());
-
-                hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier(bcParam.getStorePBKDFConfig(), 512 / 8);
-
-                if (bcParam.getStoreEncryptionAlgorithm() == BCFKSLoadStoreParameter.EncryptionAlgorithm.AES256_CCM)
-                {
-                    storeEncryptionAlgorithm = NISTObjectIdentifiers.id_aes256_CCM;
-                }
-                else
-                {
-                    storeEncryptionAlgorithm = NISTObjectIdentifiers.id_aes256_wrap_pad;
-                }
-
-                if (bcParam.getStoreMacAlgorithm() == BCFKSLoadStoreParameter.MacAlgorithm.HmacSHA512)
-                {
-                    hmacAlgorithm = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_hmacWithSHA512, DERNull.INSTANCE);
-                }
-                else
-                {
-                    hmacAlgorithm = new AlgorithmIdentifier(NISTObjectIdentifiers.id_hmacWithSHA3_512, DERNull.INSTANCE);
-                }
-
-                char[] password = extractPassword(bcParam);
-                
-                EncryptedObjectStoreData encStoreData = getEncryptedObjectStoreData(signatureAlgorithm, password);
-                
-                try
-                {
-                    Signature sig = helper.createSignature(signatureAlgorithm.getAlgorithm().getId());
-
-                    sig.initSign((PrivateKey)bcParam.getStoreSignatureKey());
-
-                    sig.update(encStoreData.getEncoded());
-
-                    SignatureCheck signatureCheck;
-                    X509Certificate[] certs = bcParam.getStoreCertificates();
-
-                    if (certs != null)
-                    {
-                        org.bouncycastle.asn1.x509.Certificate[] certificates = new org.bouncycastle.asn1.x509.Certificate[certs.length];
-                        for (int i = 0; i != certificates.length; i++)
-                        {
-                            certificates[i] = org.bouncycastle.asn1.x509.Certificate.getInstance(certs[i].getEncoded());
-                        }
-                        signatureCheck = new SignatureCheck(signatureAlgorithm, certificates, sig.sign());
-                    }
-                    else
-                    {
-                        signatureCheck = new SignatureCheck(signatureAlgorithm, sig.sign());
-                    }
-                    ObjectStore store = new ObjectStore(encStoreData, new ObjectStoreIntegrityCheck(signatureCheck));
-
-                    bcParam.getOutputStream().write(store.getEncoded());
-
-                    bcParam.getOutputStream().flush();
-                }
-                catch (GeneralSecurityException e)
-                {
-                    throw new IOException("error creating signature: " + e.getMessage(), e);
-                }
-            }
-            else
-            {
-                char[] password = extractPassword(bcParam);
-
-                hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier(bcParam.getStorePBKDFConfig(), 512 / 8);
-
-                if (bcParam.getStoreEncryptionAlgorithm() == BCFKSLoadStoreParameter.EncryptionAlgorithm.AES256_CCM)
-                {
-                    storeEncryptionAlgorithm = NISTObjectIdentifiers.id_aes256_CCM;
-                }
-                else
-                {
-                    storeEncryptionAlgorithm = NISTObjectIdentifiers.id_aes256_wrap_pad;
-                }
-
-                if (bcParam.getStoreMacAlgorithm() == BCFKSLoadStoreParameter.MacAlgorithm.HmacSHA512)
-                {
-                    hmacAlgorithm = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_hmacWithSHA512, DERNull.INSTANCE);
-                }
-                else
-                {
-                    hmacAlgorithm = new AlgorithmIdentifier(NISTObjectIdentifiers.id_hmacWithSHA3_512, DERNull.INSTANCE);
-                }
-
-                engineStore(bcParam.getOutputStream(), password);
-            }
-        }
-        else if (parameter instanceof BCLoadStoreParameter)
-        {
-            BCLoadStoreParameter bcParam = (BCLoadStoreParameter)parameter;
-
-            engineStore(bcParam.getOutputStream(), extractPassword(parameter));
-        }
-        else
-        {
-            throw new IllegalArgumentException(
-                "no support for 'parameter' of type " + parameter.getClass().getName());
-        }
-
-    }
-
-    public void engineStore(OutputStream outputStream, char[] password)
-        throws IOException, NoSuchAlgorithmException, CertificateException
-    {
-        if (creationDate == null)
-        {
-            throw new IOException("KeyStore not initialized");
-        }
-
-        EncryptedObjectStoreData encStoreData = getEncryptedObjectStoreData(hmacAlgorithm, password);
-
-        // update the salt
-        if (MiscObjectIdentifiers.id_scrypt.equals(hmacPkbdAlgorithm.getAlgorithm()))
-        {
-            ScryptParams sParams = ScryptParams.getInstance(hmacPkbdAlgorithm.getParameters());
-
-            hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier(hmacPkbdAlgorithm, sParams.getKeyLength().intValue());
-        }
-        else
-        {
-            PBKDF2Params pbkdf2Params = PBKDF2Params.getInstance(hmacPkbdAlgorithm.getParameters());
-
-            hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier(hmacPkbdAlgorithm, pbkdf2Params.getKeyLength().intValue());
-        }
-        byte[] mac;
-        try
-        {
-            mac = calculateMac(encStoreData.getEncoded(), hmacAlgorithm, hmacPkbdAlgorithm, password);
-        }
-        catch (NoSuchProviderException e)
-        {
-            throw new IOException("cannot calculate mac: " + e.getMessage());
-        }
-
-        ObjectStore store = new ObjectStore(encStoreData, new ObjectStoreIntegrityCheck(new PbkdMacIntegrityCheck(hmacAlgorithm, hmacPkbdAlgorithm, mac)));
-
-        outputStream.write(store.getEncoded());
-
-        outputStream.flush();
-    }
-
-    private EncryptedObjectStoreData getEncryptedObjectStoreData(AlgorithmIdentifier integrityAlgorithm, char[] password)
-        throws IOException, NoSuchAlgorithmException
-    {
-        ObjectData[] dataArray = (ObjectData[])entries.values().toArray(new ObjectData[entries.size()]);
-
-        KeyDerivationFunc pbkdAlgId = generatePkbdAlgorithmIdentifier(hmacPkbdAlgorithm, 256 / 8);
-        byte[] keyBytes = generateKey(pbkdAlgId, "STORE_ENCRYPTION", ((password != null) ? password : new char[0]), 256 / 8);
-
-        ObjectStoreData storeData = new ObjectStoreData(integrityAlgorithm, creationDate, lastModifiedDate, new ObjectDataSequence(dataArray), null);
-        EncryptedObjectStoreData encStoreData;
-
-        try
-        {
-            if (storeEncryptionAlgorithm.equals(NISTObjectIdentifiers.id_aes256_CCM))
-            {
-                Cipher c = createCipher("AES/CCM/NoPadding", keyBytes);
-
-                byte[] encOut = c.doFinal(storeData.getEncoded());
-
-                AlgorithmParameters algorithmParameters = c.getParameters();
-
-                PBES2Parameters pbeParams = new PBES2Parameters(pbkdAlgId, new EncryptionScheme(NISTObjectIdentifiers.id_aes256_CCM, CCMParameters.getInstance(algorithmParameters.getEncoded())));
-
-                encStoreData = new EncryptedObjectStoreData(new AlgorithmIdentifier(PKCSObjectIdentifiers.id_PBES2, pbeParams), encOut);
-            }
-            else
-            {
-                Cipher c = createCipher("AESKWP", keyBytes);
-
-                byte[] encOut = c.doFinal(storeData.getEncoded());
-                PBES2Parameters pbeParams = new PBES2Parameters(pbkdAlgId, new EncryptionScheme(NISTObjectIdentifiers.id_aes256_wrap_pad));
-
-                encStoreData = new EncryptedObjectStoreData(new AlgorithmIdentifier(PKCSObjectIdentifiers.id_PBES2, pbeParams), encOut);
-            }
-        }
-        catch (NoSuchPaddingException e)
-        {
-            throw new NoSuchAlgorithmException(e.toString());
-        }
-        catch (BadPaddingException e)
-        {
-            throw new IOException(e.toString());
-        }
-        catch (IllegalBlockSizeException e)
-        {
-            throw new IOException(e.toString());
-        }
-        catch (InvalidKeyException e)
-        {
-            throw new IOException(e.toString());
-        }
-        catch (NoSuchProviderException e)
-        {
-            throw new IOException(e.toString());
-        }
-        return encStoreData;
-    }
-
-    public void engineLoad(KeyStore.LoadStoreParameter parameter)
-        throws CertificateException, NoSuchAlgorithmException, IOException
-    {
-        if (parameter == null)
-        {
-            throw new IllegalArgumentException("'parameter' arg cannot be null");
-        }
-
-        if (parameter instanceof BCFKSLoadStoreParameter)
-        {
-            BCFKSLoadStoreParameter bcParam = (BCFKSLoadStoreParameter)parameter;
-
-            char[] password = extractPassword(bcParam);
-
-            hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier(bcParam.getStorePBKDFConfig(), 512 / 8);
-
-            if (bcParam.getStoreEncryptionAlgorithm() == BCFKSLoadStoreParameter.EncryptionAlgorithm.AES256_CCM)
-            {
-                storeEncryptionAlgorithm = NISTObjectIdentifiers.id_aes256_CCM;
-            }
-            else
-            {
-                storeEncryptionAlgorithm = NISTObjectIdentifiers.id_aes256_wrap_pad;
-            }
-
-            if (bcParam.getStoreMacAlgorithm() == BCFKSLoadStoreParameter.MacAlgorithm.HmacSHA512)
-            {
-                hmacAlgorithm = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_hmacWithSHA512, DERNull.INSTANCE);
-            }
-            else
-            {
-                hmacAlgorithm = new AlgorithmIdentifier(NISTObjectIdentifiers.id_hmacWithSHA3_512, DERNull.INSTANCE);
-            }
-
-            this.verificationKey = (PublicKey)bcParam.getStoreSignatureKey();
-            this.validator = bcParam.getCertChainValidator();
-            this.signatureAlgorithm = generateSignatureAlgId(verificationKey, bcParam.getStoreSignatureAlgorithm());
-
-            AlgorithmIdentifier presetHmacAlgorithm = hmacAlgorithm;
-            ASN1ObjectIdentifier presetStoreEncryptionAlgorithm = storeEncryptionAlgorithm;
-
-            InputStream inputStream = bcParam.getInputStream();
-
-            engineLoad(inputStream, password);
-
-            if (inputStream != null)
-            {
-                if (//!presetHmacAlgorithm.equals(hmacAlgorithm)
-                     !isSimilarHmacPbkd(bcParam.getStorePBKDFConfig(), hmacPkbdAlgorithm)
-                    || !presetStoreEncryptionAlgorithm.equals(storeEncryptionAlgorithm))
-                {
-                    throw new IOException("configuration parameters do not match existing store");
-                }
-            }
-        }
-        else if (parameter instanceof BCLoadStoreParameter)
-        {
-            BCLoadStoreParameter bcParam = (BCLoadStoreParameter)parameter;
-
-            engineLoad(bcParam.getInputStream(), extractPassword(parameter));
-        }
-        else
-        {
-            throw new IllegalArgumentException(
-                "no support for 'parameter' of type " + parameter.getClass().getName());
-        }
-    }
-
-    private boolean isSimilarHmacPbkd(PBKDFConfig storePBKDFConfig, KeyDerivationFunc hmacPkbdAlgorithm)
-    {
-        if (!storePBKDFConfig.getAlgorithm().equals(hmacPkbdAlgorithm.getAlgorithm()))
-        {
-            return false;
-        }
-
-        if (MiscObjectIdentifiers.id_scrypt.equals(hmacPkbdAlgorithm.getAlgorithm()))
-        {
-            if (!(storePBKDFConfig instanceof ScryptConfig))
-            {
-                return false;
-            }
-
-            ScryptConfig scryptConfig = (ScryptConfig)storePBKDFConfig;
-            ScryptParams sParams = ScryptParams.getInstance(hmacPkbdAlgorithm.getParameters());
-
-            if (scryptConfig.getSaltLength() != sParams.getSalt().length
-                || scryptConfig.getBlockSize() != sParams.getBlockSize().intValue()
-                || scryptConfig.getCostParameter() != sParams.getCostParameter().intValue()
-                || scryptConfig.getParallelizationParameter() != sParams.getParallelizationParameter().intValue())
-            {
-                return false;
-            }
-        }
-        else
-        {
-            if (!(storePBKDFConfig instanceof PBKDF2Config))
-            {
-                return false;
-            }
-
-            PBKDF2Config pbkdf2Config = (PBKDF2Config)storePBKDFConfig;
-            PBKDF2Params pbkdf2Params = PBKDF2Params.getInstance(hmacPkbdAlgorithm.getParameters());
-
-            if (pbkdf2Config.getSaltLength() != pbkdf2Params.getSalt().length
-                || pbkdf2Config.getIterationCount() != pbkdf2Params.getIterationCount().intValue())
-            {
-                return false;
-            }
-        }
-
-        return true;
-    }
-    
-    public void engineLoad(InputStream inputStream, char[] password)
-        throws IOException, NoSuchAlgorithmException, CertificateException
-    {
-        // reset any current values
-        entries.clear();
-        privateKeyCache.clear();
-
-        lastModifiedDate = creationDate = null;
-        hmacAlgorithm = null;
-
-        if (inputStream == null)
-        {
-            // initialise defaults
-            lastModifiedDate = creationDate = new Date();
-            verificationKey = null;
-            validator = null;
-
-            // basic initialisation
-            hmacAlgorithm = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_hmacWithSHA512, DERNull.INSTANCE);
-            hmacPkbdAlgorithm = generatePkbdAlgorithmIdentifier(PKCSObjectIdentifiers.id_PBKDF2, 512 / 8);
-
-            return;
-        }
-
-        ASN1InputStream aIn = new ASN1InputStream(inputStream);
-
-        ObjectStore store;
-
-        try
-        {
-            store = ObjectStore.getInstance(aIn.readObject());
-        }
-        catch (Exception e)
-        {
-            throw new IOException(e.getMessage());
-        }
-
-        ObjectStoreIntegrityCheck integrityCheck = store.getIntegrityCheck();
-        AlgorithmIdentifier integrityAlg;
-
-        if (integrityCheck.getType() == ObjectStoreIntegrityCheck.PBKD_MAC_CHECK)
-        {
-            PbkdMacIntegrityCheck pbkdMacIntegrityCheck = PbkdMacIntegrityCheck.getInstance(integrityCheck.getIntegrityCheck());
-
-            hmacAlgorithm = pbkdMacIntegrityCheck.getMacAlgorithm();
-            hmacPkbdAlgorithm = pbkdMacIntegrityCheck.getPbkdAlgorithm();
-
-            integrityAlg = hmacAlgorithm;
-
-            try
-            {
-                verifyMac(store.getStoreData().toASN1Primitive().getEncoded(), pbkdMacIntegrityCheck, password);
-            }
-            catch (NoSuchProviderException e)
-            {
-                throw new IOException(e.getMessage());
-            }
-        }
-        else if (integrityCheck.getType() == ObjectStoreIntegrityCheck.SIG_CHECK)
-        {
-            SignatureCheck sigCheck = SignatureCheck.getInstance(integrityCheck.getIntegrityCheck());
-
-            integrityAlg = sigCheck.getSignatureAlgorithm();
-
-            try
-            {
-                org.bouncycastle.asn1.x509.Certificate[] certificates = sigCheck.getCertificates();
-                if (validator != null)
-                {
-                    if (certificates == null)
-                    {
-                        throw new IOException("validator specified but no certifcates in store");
-                    }
-                    CertificateFactory certFact = helper.createCertificateFactory("X.509");
-                    X509Certificate[] certs = new X509Certificate[certificates.length];
-
-                    for (int i = 0; i != certs.length; i++)
-                    {
-                        certs[i] = (X509Certificate)certFact.generateCertificate(
-                                        new ByteArrayInputStream(certificates[i].getEncoded()));
-                    }
-
-                    if (validator.isValid(certs))
-                    {
-                        verifySig(store.getStoreData(), sigCheck, certs[0].getPublicKey());
-                    }
-                    else
-                    {
-                        throw new IOException("certificate chain in key store signature not valid");
-                    }
-                }
-                else
-                {
-                    verifySig(store.getStoreData(), sigCheck, verificationKey);
-                }
-            }
-            catch (GeneralSecurityException e)
-            {
-                throw new IOException("error verifying signature: " + e.getMessage(), e);
-            }
-        }
-        else
-        {
-            throw new IOException("BCFKS KeyStore unable to recognize integrity check.");
-        }
-
-        ASN1Encodable sData = store.getStoreData();
-
-        ObjectStoreData storeData;
-        if (sData instanceof EncryptedObjectStoreData)
-        {
-            EncryptedObjectStoreData encryptedStoreData = (EncryptedObjectStoreData)sData;
-            AlgorithmIdentifier protectAlgId = encryptedStoreData.getEncryptionAlgorithm();
-
-            storeData = ObjectStoreData.getInstance(decryptData("STORE_ENCRYPTION", protectAlgId, password, encryptedStoreData.getEncryptedContent().getOctets()));
-        }
-        else
-        {
-            storeData = ObjectStoreData.getInstance(sData);
-        }
-
-        try
-        {
-            creationDate = storeData.getCreationDate().getDate();
-            lastModifiedDate = storeData.getLastModifiedDate().getDate();
-        }
-        catch (ParseException e)
-        {
-            throw new IOException("BCFKS KeyStore unable to parse store data information.");
-        }
-
-        if (!storeData.getIntegrityAlgorithm().equals(integrityAlg))
-        {
-            throw new IOException("BCFKS KeyStore storeData integrity algorithm does not match store integrity algorithm.");
-        }
-
-        for (Iterator it = storeData.getObjectDataSequence().iterator(); it.hasNext(); )
-        {
-            ObjectData objData = ObjectData.getInstance(it.next());
-
-            entries.put(objData.getIdentifier(), objData);
-        }
-    }
-
-    private byte[] decryptData(String purpose, AlgorithmIdentifier protectAlgId, char[] password, byte[] encryptedData)
-        throws IOException
-    {
-        if (!protectAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_PBES2))
-        {
-            throw new IOException("BCFKS KeyStore cannot recognize protection algorithm.");
-        }
-
-        PBES2Parameters pbes2Parameters = PBES2Parameters.getInstance(protectAlgId.getParameters());
-        EncryptionScheme algId = pbes2Parameters.getEncryptionScheme();
-
-        try
-        {
-            Cipher c;
-            AlgorithmParameters algParams;
-            if (algId.getAlgorithm().equals(NISTObjectIdentifiers.id_aes256_CCM))
-            {
-                c = helper.createCipher("AES/CCM/NoPadding");
-                algParams = helper.createAlgorithmParameters("CCM");
-
-                CCMParameters ccmParameters = CCMParameters.getInstance(algId.getParameters());
-
-                algParams.init(ccmParameters.getEncoded());
-            }
-            else if (algId.getAlgorithm().equals(NISTObjectIdentifiers.id_aes256_wrap_pad))
-            {
-                c = helper.createCipher("AESKWP");
-                algParams = null;
-            }
-            else
-            {
-                throw new IOException("BCFKS KeyStore cannot recognize protection encryption algorithm.");
-            }
-
-            byte[] keyBytes = generateKey(pbes2Parameters.getKeyDerivationFunc(), purpose, ((password != null) ? password : new char[0]), 32);
-
-            c.init(Cipher.DECRYPT_MODE, new SecretKeySpec(keyBytes, "AES"), algParams);
-
-            byte[] rv = c.doFinal(encryptedData);
-            return rv;
-        }
-        catch (IOException e)
-        {
-            throw e;
-        }
-        catch (Exception e)
-        {
-            throw new IOException(e.toString());
-        }
-    }
-
-    private AlgorithmIdentifier generateSignatureAlgId(Key key, BCFKSLoadStoreParameter.SignatureAlgorithm sigAlg)
-        throws IOException
-    {
-        if (key== null)
-        {
-            return null;
-        }
-
-        if (key instanceof ECKey)
-        {
-            if (sigAlg == BCFKSLoadStoreParameter.SignatureAlgorithm.SHA512withECDSA)
-            {
-                return new AlgorithmIdentifier(X9ObjectIdentifiers.ecdsa_with_SHA512);
-            }
-            else if (sigAlg == BCFKSLoadStoreParameter.SignatureAlgorithm.SHA3_512withECDSA)
-            {
-                return new AlgorithmIdentifier(NISTObjectIdentifiers.id_ecdsa_with_sha3_512);
-            }
-        }
-        if (key instanceof DSAKey)
-        {
-            if (sigAlg == BCFKSLoadStoreParameter.SignatureAlgorithm.SHA512withDSA)
-            {
-                return new AlgorithmIdentifier(NISTObjectIdentifiers.dsa_with_sha512);
-            }
-            else if (sigAlg == BCFKSLoadStoreParameter.SignatureAlgorithm.SHA3_512withDSA)
-            {
-                return new AlgorithmIdentifier(NISTObjectIdentifiers.id_dsa_with_sha3_512);
-            }
-        }
-        if (key instanceof RSAKey)
-        {
-            if (sigAlg == BCFKSLoadStoreParameter.SignatureAlgorithm.SHA512withRSA)
-            {
-                return new AlgorithmIdentifier(PKCSObjectIdentifiers.sha512WithRSAEncryption, DERNull.INSTANCE);
-            }
-            else if (sigAlg == BCFKSLoadStoreParameter.SignatureAlgorithm.SHA3_512withRSA)
-            {
-                return new AlgorithmIdentifier(NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512, DERNull.INSTANCE);
-            }
-        }
-        throw new IOException("unknown signature algorithm");
-    }
-
-    private KeyDerivationFunc generatePkbdAlgorithmIdentifier(PBKDFConfig pbkdfConfig, int keySizeInBytes)
-    {
-        if (MiscObjectIdentifiers.id_scrypt.equals(pbkdfConfig.getAlgorithm()))
-        {
-            ScryptConfig scryptConfig = (ScryptConfig)pbkdfConfig;
-
-            byte[] pbkdSalt = new byte[scryptConfig.getSaltLength()];
-            getDefaultSecureRandom().nextBytes(pbkdSalt);
-
-            ScryptParams params = new ScryptParams(
-                pbkdSalt,
-                scryptConfig.getCostParameter(), scryptConfig.getBlockSize(), scryptConfig.getParallelizationParameter(), keySizeInBytes);
-
-            return new KeyDerivationFunc(MiscObjectIdentifiers.id_scrypt, params);
-        }
-        else
-        {
-            PBKDF2Config pbkdf2Config = (PBKDF2Config)pbkdfConfig;
-
-            byte[] pbkdSalt = new byte[pbkdf2Config.getSaltLength()];
-            getDefaultSecureRandom().nextBytes(pbkdSalt);
-
-            return new KeyDerivationFunc(PKCSObjectIdentifiers.id_PBKDF2, new PBKDF2Params(pbkdSalt, pbkdf2Config.getIterationCount(), keySizeInBytes, pbkdf2Config.getPRF()));
-        }
-    }
-
-    private KeyDerivationFunc generatePkbdAlgorithmIdentifier(KeyDerivationFunc baseAlg, int keySizeInBytes)
-    {
-        if (MiscObjectIdentifiers.id_scrypt.equals(baseAlg.getAlgorithm()))
-        {
-            ScryptParams oldParams = ScryptParams.getInstance(baseAlg.getParameters());
-
-            byte[] pbkdSalt = new byte[oldParams.getSalt().length];
-            getDefaultSecureRandom().nextBytes(pbkdSalt);
-
-            ScryptParams params = new ScryptParams(
-                pbkdSalt,
-                oldParams.getCostParameter(), oldParams.getBlockSize(), oldParams.getParallelizationParameter(), BigInteger.valueOf(keySizeInBytes));
-
-            return new KeyDerivationFunc(MiscObjectIdentifiers.id_scrypt, params);
-        }
-        else
-        {
-            PBKDF2Params oldParams = PBKDF2Params.getInstance(baseAlg.getParameters());
-
-            byte[] pbkdSalt = new byte[oldParams.getSalt().length];
-            getDefaultSecureRandom().nextBytes(pbkdSalt);
-
-            PBKDF2Params params = new PBKDF2Params(pbkdSalt,
-                oldParams.getIterationCount().intValue(), keySizeInBytes, oldParams.getPrf());
-            return new KeyDerivationFunc(PKCSObjectIdentifiers.id_PBKDF2, params);
-        }
-    }
-
-    private KeyDerivationFunc generatePkbdAlgorithmIdentifier(ASN1ObjectIdentifier derivationAlgorithm, int keySizeInBytes)
-    {
-        byte[] pbkdSalt = new byte[512 / 8];
-        getDefaultSecureRandom().nextBytes(pbkdSalt);
-
-        if (PKCSObjectIdentifiers.id_PBKDF2.equals(derivationAlgorithm))
-        {
-            return new KeyDerivationFunc(PKCSObjectIdentifiers.id_PBKDF2, new PBKDF2Params(pbkdSalt, 50 * 1024, keySizeInBytes, new AlgorithmIdentifier(PKCSObjectIdentifiers.id_hmacWithSHA512, DERNull.INSTANCE)));
-        }
-        else
-        {
-            throw new IllegalStateException("unknown derivation algorithm: " + derivationAlgorithm);
-        }
-    }
-
-    public static class Std
-        extends BcFKSKeyStoreSpi
-    {
-        public Std()
-        {
-            super(new BCJcaJceHelper());
-        }
-    }
-
-    public static class Def
-        extends BcFKSKeyStoreSpi
-    {
-        public Def()
-        {
-            super(new DefaultJcaJceHelper());
-        }
-    }
-
-    private static class SharedKeyStoreSpi
-        extends BcFKSKeyStoreSpi
-        implements PKCSObjectIdentifiers, X509ObjectIdentifiers
-    {
-        private final Map<String, byte[]> cache;
-        private final byte[] seedKey;
-
-        public SharedKeyStoreSpi(JcaJceHelper provider)
-        {
-            super(provider);
-
-            try
-            {
-                this.seedKey = new byte[32];
-                provider.createSecureRandom("DEFAULT").nextBytes(seedKey);
-            }
-            catch (GeneralSecurityException e)
-            {
-                throw new IllegalArgumentException("can't create random - " + e.toString());
-            }
-
-            this.cache = new HashMap<String, byte[]>();
-        }
-
-        public void engineDeleteEntry(
-            String alias)
-            throws KeyStoreException
-        {
-            throw new KeyStoreException("delete operation not supported in shared mode");
-        }
-
-        public void engineSetKeyEntry(String alias, Key key, char[] password, Certificate[] chain)
-            throws KeyStoreException
-        {
-            throw new KeyStoreException("set operation not supported in shared mode");
-        }
-
-        public void engineSetKeyEntry(String alias, byte[] keyEncoding, Certificate[] chain)
-            throws KeyStoreException
-        {
-            throw new KeyStoreException("set operation not supported in shared mode");
-        }
-
-        public void engineSetCertificateEntry(String alias, Certificate cert)
-            throws KeyStoreException
-        {
-            throw new KeyStoreException("set operation not supported in shared mode");
-        }
-
-        public Key engineGetKey(
-            String alias,
-            char[] password)
-            throws NoSuchAlgorithmException, UnrecoverableKeyException
-        {
-            byte[] mac;
-
-            try
-            {
-                mac = calculateMac(alias, password);
-            }
-            catch (InvalidKeyException e)
-            {   // this should never happen...
-                throw new UnrecoverableKeyException("unable to recover key (" + alias + "): " + e.getMessage());
-            }
-
-            if (cache.containsKey(alias))
-            {
-                byte[] hash = cache.get(alias);
-
-                if (!Arrays.constantTimeAreEqual(hash, mac))
-                {
-                    throw new UnrecoverableKeyException("unable to recover key (" + alias + ")");
-                }
-            }
-
-            Key key = super.engineGetKey(alias, password);
-
-            if (key != null && !cache.containsKey(alias))
-            {
-                cache.put(alias, mac);
-            }
-
-            return key;
-        }
-
-        private byte[] calculateMac(String alias, char[] password)
-            throws NoSuchAlgorithmException, InvalidKeyException
-        {
-            byte[] encoding;
-            if (password != null)
-            {
-                encoding = Arrays.concatenate(Strings.toUTF8ByteArray(password), Strings.toUTF8ByteArray(alias));
-            }
-            else
-            {
-                encoding = Arrays.concatenate(seedKey, Strings.toUTF8ByteArray(alias));
-            }
-
-            return SCrypt.generate(encoding, seedKey, 16384, 8, 1, 32);
-        }
-    }
-
-    public static class StdShared
-        extends SharedKeyStoreSpi
-    {
-        public StdShared()
-        {
-            super(new BCJcaJceHelper());
-        }
-    }
-
-    public static class DefShared
-        extends SharedKeyStoreSpi
-    {
-        public DefShared()
-        {
-            super(new DefaultJcaJceHelper());
-        }
-    }
-
-    private static class ExtKeyStoreException
-        extends KeyStoreException
-    {
-        private final Throwable cause;
-
-        ExtKeyStoreException(String msg, Throwable cause)
-        {
-            super(msg);
-            this.cause = cause;
-        }
-
-        public Throwable getCause()
-        {
-            return cause;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
index b12aabe..1251ff2 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java

@@ -64,10 +64,11 @@
 import org.bouncycastle.asn1.DEROutputStream;
 import org.bouncycastle.asn1.DERSequence;
 import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.GOST28147Parameters;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// import org.bouncycastle.asn1.cryptopro.GOST28147Parameters;
 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
+// import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.AuthenticatedSafe;
 import org.bouncycastle.asn1.pkcs.CertBag;
@@ -90,10 +91,13 @@
 import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
 import org.bouncycastle.crypto.CryptoServicesRegistrar;
 import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.util.DigestFactory;
+// Android-changed: Use Android digests
+// import org.bouncycastle.crypto.util.DigestFactory;
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
 import org.bouncycastle.jcajce.PKCS12Key;
 import org.bouncycastle.jcajce.PKCS12StoreParameter;
-import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec;
 import org.bouncycastle.jcajce.spec.PBKDF2KeySpec;
 import org.bouncycastle.jcajce.util.BCJcaJceHelper;
 import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
@@ -114,7 +118,9 @@
 {
     static final String PKCS12_MAX_IT_COUNT_PROPERTY = "org.bouncycastle.pkcs12.max_it_count";
 
-    private final JcaJceHelper helper = new BCJcaJceHelper();
+    // Android-changed: Use default provider for JCA algorithms instead of BC
+    // Was: private final JcaJceHelper helper = new BCJcaJceHelper();
+    private final JcaJceHelper helper = new DefaultJcaJceHelper();
 
     private static final int SALT_SIZE = 20;
     private static final int MIN_ITERATIONS = 50 * 1024;
@@ -229,7 +235,9 @@
 
     private static byte[] getDigest(SubjectPublicKeyInfo spki)
     {
-        Digest digest = DigestFactory.createSHA1();
+        // Android-changed: Use Android digests
+        // Digest digest = DigestFactory.createSHA1();
+        Digest digest = AndroidDigestFactory.getSHA1();
         byte[]  resBuf = new byte[digest.getDigestSize()];
 
         byte[] bytes = spki.getPublicKeyData().getBytes();
@@ -750,6 +758,8 @@
         {
             cipher.init(mode, key, new IvParameterSpec(ASN1OctetString.getInstance(encParams).getOctets()));
         }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         else
         {
             // TODO: at the moment it's just GOST, but...
@@ -757,6 +767,8 @@
 
             cipher.init(mode, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV()));
         }
+        */
+        // END Android-removed: Unsupported algorithms
         return cipher;
     }
 
@@ -1737,10 +1749,14 @@
     {
         public BCPKCS12KeyStore()
         {
-            super(new BCJcaJceHelper(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC);
+            // Android-changed: Use default provider for JCA algorithms instead of BC
+            // Was: super(new BCJcaJceHelper(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC);
+            super(new DefaultJcaJceHelper(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC);
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     public static class BCPKCS12KeyStore3DES
         extends PKCS12KeyStoreSpi
     {
@@ -1767,6 +1783,8 @@
             super(new DefaultJcaJceHelper(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC);
         }
     }
+    */
+    // END android-removed
 
     private static class IgnoresCaseHashtable
     {
@@ -1835,11 +1853,15 @@
             keySizes.put(NISTObjectIdentifiers.id_aes192_CBC, Integers.valueOf(192));
             keySizes.put(NISTObjectIdentifiers.id_aes256_CBC, Integers.valueOf(256));
 
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             keySizes.put(NTTObjectIdentifiers.id_camellia128_cbc, Integers.valueOf(128));
             keySizes.put(NTTObjectIdentifiers.id_camellia192_cbc, Integers.valueOf(192));
             keySizes.put(NTTObjectIdentifiers.id_camellia256_cbc, Integers.valueOf(256));
 
             keySizes.put(CryptoProObjectIdentifiers.gostR28147_gcfb, Integers.valueOf(256));
+            */
+            // END Android-removed: Unsupported algorithms
 
             KEY_SIZES = Collections.unmodifiableMap(keySizes);
         }

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java
index c68a53f..0615fff 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/AES.java

@@ -1,6 +1,9 @@
 package org.bouncycastle.jcajce.provider.symmetric;
 
 import java.io.IOException;
+// BEGIN Android-added: Needed for setting mode with GCM
+import java.security.NoSuchAlgorithmException;
+// END Android-added: Needed for setting mode with GCM
 import java.security.AlgorithmParameters;
 import java.security.InvalidAlgorithmParameterException;
 import java.security.SecureRandom;
@@ -11,8 +14,12 @@
 
 import javax.crypto.spec.IvParameterSpec;
 
+// BEGIN Android-added: Needed for setting padding with GCM
+import javax.crypto.NoSuchPaddingException;
+// END Android-added: Needed for setting padding with GCM
 import org.bouncycastle.asn1.bc.BCObjectIdentifiers;
-import org.bouncycastle.asn1.cms.CCMParameters;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cms.CCMParameters;
 import org.bouncycastle.asn1.cms.GCMParameters;
 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
 import org.bouncycastle.crypto.BlockCipher;
@@ -24,24 +31,28 @@
 import org.bouncycastle.crypto.Mac;
 import org.bouncycastle.crypto.engines.AESEngine;
 import org.bouncycastle.crypto.engines.AESWrapEngine;
-import org.bouncycastle.crypto.engines.AESWrapPadEngine;
-import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
-import org.bouncycastle.crypto.engines.RFC5649WrapEngine;
-import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
-import org.bouncycastle.crypto.macs.CMac;
-import org.bouncycastle.crypto.macs.GMac;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.engines.AESWrapPadEngine;
+// import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
+// import org.bouncycastle.crypto.engines.RFC5649WrapEngine;
+// import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
+// import org.bouncycastle.crypto.macs.CMac;
+// import org.bouncycastle.crypto.macs.GMac;
 import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.modes.CCMBlockCipher;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.modes.CCMBlockCipher;
 import org.bouncycastle.crypto.modes.CFBBlockCipher;
 import org.bouncycastle.crypto.modes.GCMBlockCipher;
 import org.bouncycastle.crypto.modes.OFBBlockCipher;
 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
 import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters;
 import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
 import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseSecretKeyFactory;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseSecretKeyFactory;
 import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher;
 import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider;
 import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
@@ -110,9 +121,20 @@
         public GCM()
         {
             super(new GCMBlockCipher(new AESEngine()));
+            // BEGIN Android-added: Set mode and padding due to name change (see note in Mappings)
+            try {
+                engineSetMode("GCM");
+                engineSetPadding("NoPadding");
+            } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
+                // this should not be possible
+                throw new RuntimeException("Could not set mode or padding for GCM mode", e);
+            }
+            // END Android-added: Set mode and padding due to name change (see note in Mappings)
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     static public class CCM
         extends BaseBlockCipher
     {
@@ -231,6 +253,8 @@
             super("Poly1305-AES", 256, new Poly1305KeyGenerator());
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     static public class Wrap
         extends BaseWrapCipher
@@ -241,6 +265,8 @@
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     public static class WrapPad
         extends BaseWrapCipher
     {
@@ -267,6 +293,8 @@
             super(new RFC5649WrapEngine(new AESEngine()));
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     /**
      * PBEWithAES-CBC
@@ -345,7 +373,12 @@
     {
         public KeyGen()
         {
-            this(192);
+            // Android-changed: Use 128-bit keys by default.
+            // Bouncy Castle defaults to 192-bit keys, which is the worst choice: worse security
+            // than 256-bit keys, slower than 128-bit keys, narrower support than either.
+            // Use 128-bit keys by default since they're faster and should still be plenty secure.
+            // this(192);
+            this(128);
         }
 
         public KeyGen(int keySize)
@@ -354,6 +387,8 @@
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     public static class KeyGen128
         extends KeyGen
     {
@@ -380,6 +415,8 @@
             super(256);
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
     
     /**
      * PBEWithSHA1And128BitAES-BC
@@ -489,6 +526,8 @@
         }
     }
     
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     public static class AlgParamGen
         extends BaseAlgorithmParameterGenerator
     {
@@ -604,6 +643,8 @@
             return params;
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     public static class AlgParams
         extends IvAlgorithmParameters
@@ -699,6 +740,8 @@
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     public static class AlgParamsCCM
         extends BaseAlgorithmParameters
     {
@@ -783,6 +826,8 @@
             throw new InvalidParameterSpecException("AlgorithmParameterSpec not recognized: " + paramSpec.getName());
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     public static class Mappings
         extends SymmetricAlgorithmProvider
@@ -817,6 +862,8 @@
             provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_GCM, "GCM");
             provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_GCM, "GCM");
 
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             provider.addAlgorithm("AlgorithmParameters.CCM", PREFIX + "$AlgParamsCCM");
             provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_CCM, "CCM");
             provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_CCM, "CCM");
@@ -829,12 +876,16 @@
             provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES");
             provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES");
             provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES");
+            */
+            // END Android-removed: Unsupported algorithms
 
             provider.addAttributes("Cipher.AES", generalAesAttributes);
             provider.addAlgorithm("Cipher.AES", PREFIX + "$ECB");
             provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES128, "AES");
             provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES192, "AES");
             provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES256, "AES");
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$ECB");
             provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$ECB");
             provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$ECB");
@@ -847,6 +898,8 @@
             provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$CFB");
             provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$CFB");
             provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$CFB");
+            */
+            // END Android-removed: Unsupported algorithms
 
             provider.addAttributes("Cipher.AESWRAP", generalAesAttributes);
             provider.addAlgorithm("Cipher.AESWRAP", PREFIX + "$Wrap");
@@ -855,6 +908,8 @@
             provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes256_wrap, "AESWRAP");
             provider.addAlgorithm("Alg.Alias.Cipher.AESKW", "AESWRAP");
 
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             provider.addAttributes("Cipher.AESWRAPPAD", generalAesAttributes);
             provider.addAlgorithm("Cipher.AESWRAPPAD", PREFIX + "$WrapPad");
             provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes128_wrap_pad, "AESWRAPPAD");
@@ -880,14 +935,20 @@
             provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_GCM, "GCM");
             provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_GCM, "GCM");
             provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_GCM, "GCM");
+            */
+            // END Android-removed: Unsupported algorithms
 
-            provider.addAttributes("Cipher.GCM", generalAesAttributes);
-            provider.addAlgorithm("Cipher.GCM", PREFIX + "$GCM");
-            provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes128_GCM, "GCM");
-            provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes192_GCM, "GCM");
-            provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes256_GCM, "GCM");
+            // BEGIN Android-changed: Use standard name for AES/GCM/NOPADDING instead of "GCM"
+            provider.addAttributes("Cipher.AES/GCM/NOPADDING", generalAesAttributes);
+            provider.addAlgorithm("Cipher.AES/GCM/NOPADDING", PREFIX + "$GCM");
+            provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_GCM, "AES/GCM/NOPADDING");
+            provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_GCM, "AES/GCM/NOPADDING");
+            provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_GCM, "AES/GCM/NOPADDING");
+            // END Android-changed: Use standard name for AES/GCM/NOPADDING instead of "GCM"
 
             provider.addAlgorithm("KeyGenerator.AES", PREFIX + "$KeyGen");
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             provider.addAlgorithm("KeyGenerator." + wrongAES128, PREFIX + "$KeyGen128");
             provider.addAlgorithm("KeyGenerator." + wrongAES192, PREFIX + "$KeyGen192");
             provider.addAlgorithm("KeyGenerator." + wrongAES256, PREFIX + "$KeyGen256");
@@ -924,6 +985,8 @@
             provider.addAlgorithm("Alg.Alias.Mac." + NISTObjectIdentifiers.id_aes128_CCM.getId(), "AESCCMMAC");
             provider.addAlgorithm("Alg.Alias.Mac." + NISTObjectIdentifiers.id_aes192_CCM.getId(), "AESCCMMAC");
             provider.addAlgorithm("Alg.Alias.Mac." + NISTObjectIdentifiers.id_aes256_CCM.getId(), "AESCCMMAC");
+            */
+            // END Android-removed: Unsupported algorithms
 
             provider.addAlgorithm("Alg.Alias.Cipher", BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes128_cbc, "PBEWITHSHAAND128BITAES-CBC-BC");
             provider.addAlgorithm("Alg.Alias.Cipher", BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes192_cbc, "PBEWITHSHAAND192BITAES-CBC-BC");
@@ -968,8 +1031,10 @@
             provider.addAlgorithm("Cipher.PBEWITHMD5AND192BITAES-CBC-OPENSSL", PREFIX + "$PBEWithAESCBC");
             provider.addAlgorithm("Cipher.PBEWITHMD5AND256BITAES-CBC-OPENSSL", PREFIX + "$PBEWithAESCBC");
 
-            provider.addAlgorithm("SecretKeyFactory.AES", PREFIX + "$KeyFactory");
-            provider.addAlgorithm("SecretKeyFactory", NISTObjectIdentifiers.aes, PREFIX + "$KeyFactory");
+            // BEGIN Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("SecretKeyFactory.AES", PREFIX + "$KeyFactory");
+            // provider.addAlgorithm("SecretKeyFactory", NISTObjectIdentifiers.aes, PREFIX + "$KeyFactory");
+            // END Android-removed: Unsupported algorithms
 
             provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5AND128BITAES-CBC-OPENSSL", PREFIX + "$PBEWithMD5And128BitAESCBCOpenSSL");
             provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5AND192BITAES-CBC-OPENSSL", PREFIX + "$PBEWithMD5And192BitAESCBCOpenSSL");
@@ -1023,8 +1088,10 @@
             provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes192_cbc.getId(), "PKCS12PBE");
             provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes256_cbc.getId(), "PKCS12PBE");
 
-            addGMacAlgorithm(provider, "AES", PREFIX + "$AESGMAC", PREFIX + "$KeyGen128");
-            addPoly1305Algorithm(provider, "AES", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen");
+            // BEGIN Android-removed: Unsupported algorithms
+            // addGMacAlgorithm(provider, "AES", PREFIX + "$AESGMAC", PREFIX + "$KeyGen128");
+            // addPoly1305Algorithm(provider, "AES", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen");
+            // END Android-removed: Unsupported algorithms
         }
     }
 }

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ARC4.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ARC4.java
index 6de8e09..d1305cb 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ARC4.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ARC4.java

@@ -29,7 +29,9 @@
     {
         public KeyGen()
         {
-            super("RC4", 128, new CipherKeyGenerator());
+            // Android-changed: Use ARC4 for algorithm name to match name used in provider
+            // super("RC4", 128, new CipherKeyGenerator());
+            super("ARC4", 128, new CipherKeyGenerator());
         }
     }
 

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ARIA.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ARIA.java
deleted file mode 100644
index 7d9cb45..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ARIA.java
+++ /dev/null

@@ -1,523 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import java.io.IOException;
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.InvalidParameterSpecException;
-
-import javax.crypto.spec.IvParameterSpec;
-
-import org.bouncycastle.asn1.cms.CCMParameters;
-import org.bouncycastle.asn1.cms.GCMParameters;
-import org.bouncycastle.asn1.nsri.NSRIObjectIdentifiers;
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.engines.ARIAEngine;
-import org.bouncycastle.crypto.engines.ARIAWrapEngine;
-import org.bouncycastle.crypto.engines.ARIAWrapPadEngine;
-import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
-import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
-import org.bouncycastle.crypto.macs.GMac;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.modes.CFBBlockCipher;
-import org.bouncycastle.crypto.modes.GCMBlockCipher;
-import org.bouncycastle.crypto.modes.OFBBlockCipher;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseSecretKeyFactory;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
-import org.bouncycastle.jcajce.spec.AEADParameterSpec;
-
-public final class ARIA
-{
-    private ARIA()
-    {
-    }
-    
-    public static class ECB
-        extends BaseBlockCipher
-    {
-        public ECB()
-        {
-            super(new BlockCipherProvider()
-            {
-                public BlockCipher get()
-                {
-                    return new ARIAEngine();
-                }
-            });
-        }
-    }
-
-    public static class CBC
-       extends BaseBlockCipher
-    {
-        public CBC()
-        {
-            super(new CBCBlockCipher(new ARIAEngine()), 128);
-        }
-    }
-
-    static public class CFB
-        extends BaseBlockCipher
-    {
-        public CFB()
-        {
-            super(new BufferedBlockCipher(new CFBBlockCipher(new ARIAEngine(), 128)), 128);
-        }
-    }
-
-    static public class OFB
-        extends BaseBlockCipher
-    {
-        public OFB()
-        {
-            super(new BufferedBlockCipher(new OFBBlockCipher(new ARIAEngine(), 128)), 128);
-        }
-    }
-
-    public static class Wrap
-        extends BaseWrapCipher
-    {
-        public Wrap()
-        {
-            super(new ARIAWrapEngine());
-        }
-    }
-
-    public static class WrapPad
-        extends BaseWrapCipher
-    {
-        public WrapPad()
-        {
-            super(new ARIAWrapPadEngine());
-        }
-    }
-    
-    public static class RFC3211Wrap
-        extends BaseWrapCipher
-    {
-        public RFC3211Wrap()
-        {
-            super(new RFC3211WrapEngine(new ARIAEngine()), 16);
-        }
-    }
-
-    public static class GMAC
-        extends BaseMac
-    {
-        public GMAC()
-        {
-            super(new GMac(new GCMBlockCipher(new ARIAEngine())));
-        }
-    }
-
-    static public class KeyFactory
-         extends BaseSecretKeyFactory
-    {
-        public KeyFactory()
-        {
-            super("ARIA", null);
-        }
-    }
-    public static class Poly1305
-        extends BaseMac
-    {
-        public Poly1305()
-        {
-            super(new org.bouncycastle.crypto.macs.Poly1305(new ARIAEngine()));
-        }
-    }
-
-    public static class Poly1305KeyGen
-        extends BaseKeyGenerator
-    {
-        public Poly1305KeyGen()
-        {
-            super("Poly1305-ARIA", 256, new Poly1305KeyGenerator());
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            this(256);
-        }
-
-        public KeyGen(int keySize)
-        {
-            super("ARIA", keySize, new CipherKeyGenerator());
-        }
-    }
-
-    public static class KeyGen128
-        extends KeyGen
-    {
-        public KeyGen128()
-        {
-            super(128);
-        }
-    }
-
-    public static class KeyGen192
-        extends KeyGen
-    {
-        public KeyGen192()
-        {
-            super(192);
-        }
-    }
-
-    public static class KeyGen256
-        extends KeyGen
-    {
-        public KeyGen256()
-        {
-            super(256);
-        }
-    }
-
-    public static class AlgParamGen
-        extends BaseAlgorithmParameterGenerator
-    {
-        protected void engineInit(
-            AlgorithmParameterSpec genParamSpec,
-            SecureRandom random)
-            throws InvalidAlgorithmParameterException
-        {
-            throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for ARIA parameter generation.");
-        }
-
-        protected AlgorithmParameters engineGenerateParameters()
-        {
-            byte[] iv = new byte[16];
-
-            if (random == null)
-            {
-                random = CryptoServicesRegistrar.getSecureRandom();
-            }
-
-            random.nextBytes(iv);
-
-            AlgorithmParameters params;
-
-            try
-            {
-                params = createParametersInstance("ARIA");
-                params.init(new IvParameterSpec(iv));
-            }
-            catch (Exception e)
-            {
-                throw new RuntimeException(e.getMessage());
-            }
-
-            return params;
-        }
-    }
-
-    public static class AlgParams
-        extends IvAlgorithmParameters
-    {
-        protected String engineToString()
-        {
-            return "ARIA IV";
-        }
-    }
-
-    public static class AlgParamsGCM
-        extends BaseAlgorithmParameters
-    {
-        private GCMParameters gcmParams;
-
-        protected void engineInit(AlgorithmParameterSpec paramSpec)
-            throws InvalidParameterSpecException
-        {
-            if (GcmSpecUtil.isGcmSpec(paramSpec))
-            {
-                gcmParams = GcmSpecUtil.extractGcmParameters(paramSpec);
-            }
-            else if (paramSpec instanceof AEADParameterSpec)
-            {
-                gcmParams = new GCMParameters(((AEADParameterSpec)paramSpec).getNonce(), ((AEADParameterSpec)paramSpec).getMacSizeInBits() / 8);
-            }
-            else
-            {
-                throw new InvalidParameterSpecException("AlgorithmParameterSpec class not recognized: " + paramSpec.getClass().getName());
-            }
-        }
-
-        protected void engineInit(byte[] params)
-            throws IOException
-        {
-            gcmParams = GCMParameters.getInstance(params);
-        }
-
-        protected void engineInit(byte[] params, String format)
-            throws IOException
-        {
-            if (!isASN1FormatString(format))
-            {
-                throw new IOException("unknown format specified");
-            }
-
-            gcmParams = GCMParameters.getInstance(params);
-        }
-
-        protected byte[] engineGetEncoded()
-            throws IOException
-        {
-            return gcmParams.getEncoded();
-        }
-
-        protected byte[] engineGetEncoded(String format)
-            throws IOException
-        {
-            if (!isASN1FormatString(format))
-            {
-                throw new IOException("unknown format specified");
-            }
-
-            return gcmParams.getEncoded();
-        }
-
-        protected String engineToString()
-        {
-            return "GCM";
-        }
-
-        protected AlgorithmParameterSpec localEngineGetParameterSpec(Class paramSpec)
-            throws InvalidParameterSpecException
-        {
-            if (paramSpec == AlgorithmParameterSpec.class || GcmSpecUtil.isGcmSpec(paramSpec))
-            {
-                if (GcmSpecUtil.gcmSpecExists())
-                {
-                    return GcmSpecUtil.extractGcmSpec(gcmParams.toASN1Primitive());
-                }
-                return new AEADParameterSpec(gcmParams.getNonce(), gcmParams.getIcvLen() * 8);
-            }
-            if (paramSpec == AEADParameterSpec.class)
-            {
-                return new AEADParameterSpec(gcmParams.getNonce(), gcmParams.getIcvLen() * 8);
-            }
-            if (paramSpec == IvParameterSpec.class)
-            {
-                return new IvParameterSpec(gcmParams.getNonce());
-            }
-
-            throw new InvalidParameterSpecException("AlgorithmParameterSpec not recognized: " + paramSpec.getName());
-        }
-    }
-
-    public static class AlgParamsCCM
-        extends BaseAlgorithmParameters
-    {
-        private CCMParameters ccmParams;
-
-        protected void engineInit(AlgorithmParameterSpec paramSpec)
-            throws InvalidParameterSpecException
-        {
-            if (GcmSpecUtil.isGcmSpec(paramSpec))
-            {
-                ccmParams = CCMParameters.getInstance(GcmSpecUtil.extractGcmParameters(paramSpec));
-            }
-            else if (paramSpec instanceof AEADParameterSpec)
-            {
-                ccmParams = new CCMParameters(((AEADParameterSpec)paramSpec).getNonce(), ((AEADParameterSpec)paramSpec).getMacSizeInBits() / 8);
-            }
-            else
-            {
-                throw new InvalidParameterSpecException("AlgorithmParameterSpec class not recognized: " + paramSpec.getClass().getName());
-            }
-        }
-
-        protected void engineInit(byte[] params)
-            throws IOException
-        {
-            ccmParams = CCMParameters.getInstance(params);
-        }
-
-        protected void engineInit(byte[] params, String format)
-            throws IOException
-        {
-            if (!isASN1FormatString(format))
-            {
-                throw new IOException("unknown format specified");
-            }
-
-            ccmParams = CCMParameters.getInstance(params);
-        }
-
-        protected byte[] engineGetEncoded()
-            throws IOException
-        {
-            return ccmParams.getEncoded();
-        }
-
-        protected byte[] engineGetEncoded(String format)
-            throws IOException
-        {
-            if (!isASN1FormatString(format))
-            {
-                throw new IOException("unknown format specified");
-            }
-
-            return ccmParams.getEncoded();
-        }
-
-        protected String engineToString()
-        {
-            return "CCM";
-        }
-
-        protected AlgorithmParameterSpec localEngineGetParameterSpec(Class paramSpec)
-            throws InvalidParameterSpecException
-        {
-            if (paramSpec == AlgorithmParameterSpec.class || GcmSpecUtil.isGcmSpec(paramSpec))
-            {
-                if (GcmSpecUtil.gcmSpecExists())
-                {
-                    return GcmSpecUtil.extractGcmSpec(ccmParams.toASN1Primitive());
-                }
-                return new AEADParameterSpec(ccmParams.getNonce(), ccmParams.getIcvLen() * 8);
-            }
-            if (paramSpec == AEADParameterSpec.class)
-            {
-                return new AEADParameterSpec(ccmParams.getNonce(), ccmParams.getIcvLen() * 8);
-            }
-            if (paramSpec == IvParameterSpec.class)
-            {
-                return new IvParameterSpec(ccmParams.getNonce());
-            }
-
-            throw new InvalidParameterSpecException("AlgorithmParameterSpec not recognized: " + paramSpec.getName());
-        }
-    }
-    
-    public static class Mappings
-        extends SymmetricAlgorithmProvider
-    {
-        private static final String PREFIX = ARIA.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("AlgorithmParameters.ARIA", PREFIX + "$AlgParams");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameters", NSRIObjectIdentifiers.id_aria128_cbc, "ARIA");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameters", NSRIObjectIdentifiers.id_aria192_cbc, "ARIA");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameters", NSRIObjectIdentifiers.id_aria256_cbc, "ARIA");
-
-            provider.addAlgorithm("AlgorithmParameterGenerator.ARIA", PREFIX + "$AlgParamGen");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator", NSRIObjectIdentifiers.id_aria128_cbc, "ARIA");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator", NSRIObjectIdentifiers.id_aria192_cbc, "ARIA");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator", NSRIObjectIdentifiers.id_aria256_cbc, "ARIA");
-
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator", NSRIObjectIdentifiers.id_aria128_ofb, "ARIA");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator", NSRIObjectIdentifiers.id_aria192_ofb, "ARIA");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator", NSRIObjectIdentifiers.id_aria256_ofb, "ARIA");
-
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator", NSRIObjectIdentifiers.id_aria128_cfb, "ARIA");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator", NSRIObjectIdentifiers.id_aria192_cfb, "ARIA");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator", NSRIObjectIdentifiers.id_aria256_cfb, "ARIA");
-
-
-            provider.addAlgorithm("Cipher.ARIA", PREFIX + "$ECB");
-            provider.addAlgorithm("Cipher", NSRIObjectIdentifiers.id_aria128_ecb, PREFIX + "$ECB");
-            provider.addAlgorithm("Cipher", NSRIObjectIdentifiers.id_aria192_ecb, PREFIX + "$ECB");
-            provider.addAlgorithm("Cipher", NSRIObjectIdentifiers.id_aria256_ecb, PREFIX + "$ECB");
-            
-            provider.addAlgorithm("Cipher", NSRIObjectIdentifiers.id_aria128_cbc, PREFIX + "$CBC");
-            provider.addAlgorithm("Cipher", NSRIObjectIdentifiers.id_aria192_cbc, PREFIX + "$CBC");
-            provider.addAlgorithm("Cipher", NSRIObjectIdentifiers.id_aria256_cbc, PREFIX + "$CBC");
-
-            provider.addAlgorithm("Cipher", NSRIObjectIdentifiers.id_aria128_cfb, PREFIX + "$CFB");
-            provider.addAlgorithm("Cipher", NSRIObjectIdentifiers.id_aria192_cfb, PREFIX + "$CFB");
-            provider.addAlgorithm("Cipher", NSRIObjectIdentifiers.id_aria256_cfb, PREFIX + "$CFB");
-
-            provider.addAlgorithm("Cipher", NSRIObjectIdentifiers.id_aria128_ofb, PREFIX + "$OFB");
-            provider.addAlgorithm("Cipher", NSRIObjectIdentifiers.id_aria192_ofb, PREFIX + "$OFB");
-            provider.addAlgorithm("Cipher", NSRIObjectIdentifiers.id_aria256_ofb, PREFIX + "$OFB");
-
-            provider.addAlgorithm("Cipher.ARIARFC3211WRAP", PREFIX + "$RFC3211Wrap");
-
-            provider.addAlgorithm("Cipher.ARIAWRAP", PREFIX + "$Wrap");
-            provider.addAlgorithm("Alg.Alias.Cipher", NSRIObjectIdentifiers.id_aria128_kw, "ARIAWRAP");
-            provider.addAlgorithm("Alg.Alias.Cipher", NSRIObjectIdentifiers.id_aria192_kw, "ARIAWRAP");
-            provider.addAlgorithm("Alg.Alias.Cipher", NSRIObjectIdentifiers.id_aria256_kw, "ARIAWRAP");
-            provider.addAlgorithm("Alg.Alias.Cipher.ARIAKW", "ARIAWRAP");
-
-            provider.addAlgorithm("Cipher.ARIAWRAPPAD", PREFIX + "$WrapPad");
-            provider.addAlgorithm("Alg.Alias.Cipher", NSRIObjectIdentifiers.id_aria128_kwp, "ARIAWRAPPAD");
-            provider.addAlgorithm("Alg.Alias.Cipher", NSRIObjectIdentifiers.id_aria192_kwp, "ARIAWRAPPAD");
-            provider.addAlgorithm("Alg.Alias.Cipher", NSRIObjectIdentifiers.id_aria256_kwp, "ARIAWRAPPAD");
-            provider.addAlgorithm("Alg.Alias.Cipher.ARIAKWP", "ARIAWRAPPAD");
-            
-            provider.addAlgorithm("KeyGenerator.ARIA", PREFIX + "$KeyGen");
-            provider.addAlgorithm("KeyGenerator", NSRIObjectIdentifiers.id_aria128_kw, PREFIX + "$KeyGen128");
-            provider.addAlgorithm("KeyGenerator", NSRIObjectIdentifiers.id_aria192_kw, PREFIX + "$KeyGen192");
-            provider.addAlgorithm("KeyGenerator", NSRIObjectIdentifiers.id_aria256_kw, PREFIX + "$KeyGen256");
-            provider.addAlgorithm("KeyGenerator", NSRIObjectIdentifiers.id_aria128_kwp, PREFIX + "$KeyGen128");
-            provider.addAlgorithm("KeyGenerator", NSRIObjectIdentifiers.id_aria192_kwp, PREFIX + "$KeyGen192");
-            provider.addAlgorithm("KeyGenerator", NSRIObjectIdentifiers.id_aria256_kwp, PREFIX + "$KeyGen256");
-            provider.addAlgorithm("KeyGenerator", NSRIObjectIdentifiers.id_aria128_ecb, PREFIX + "$KeyGen128");
-            provider.addAlgorithm("KeyGenerator", NSRIObjectIdentifiers.id_aria192_ecb, PREFIX + "$KeyGen192");
-            provider.addAlgorithm("KeyGenerator", NSRIObjectIdentifiers.id_aria256_ecb, PREFIX + "$KeyGen256");
-            provider.addAlgorithm("KeyGenerator", NSRIObjectIdentifiers.id_aria128_cbc, PREFIX + "$KeyGen128");
-            provider.addAlgorithm("KeyGenerator", NSRIObjectIdentifiers.id_aria192_cbc, PREFIX + "$KeyGen192");
-            provider.addAlgorithm("KeyGenerator", NSRIObjectIdentifiers.id_aria256_cbc, PREFIX + "$KeyGen256");
-            provider.addAlgorithm("KeyGenerator", NSRIObjectIdentifiers.id_aria128_cfb, PREFIX + "$KeyGen128");
-            provider.addAlgorithm("KeyGenerator", NSRIObjectIdentifiers.id_aria192_cfb, PREFIX + "$KeyGen192");
-            provider.addAlgorithm("KeyGenerator", NSRIObjectIdentifiers.id_aria256_cfb, PREFIX + "$KeyGen256");
-            provider.addAlgorithm("KeyGenerator", NSRIObjectIdentifiers.id_aria128_ofb, PREFIX + "$KeyGen128");
-            provider.addAlgorithm("KeyGenerator", NSRIObjectIdentifiers.id_aria192_ofb, PREFIX + "$KeyGen192");
-            provider.addAlgorithm("KeyGenerator", NSRIObjectIdentifiers.id_aria256_ofb, PREFIX + "$KeyGen256");
-            provider.addAlgorithm("KeyGenerator", NSRIObjectIdentifiers.id_aria128_ccm, PREFIX + "$KeyGen128");
-            provider.addAlgorithm("KeyGenerator", NSRIObjectIdentifiers.id_aria192_ccm, PREFIX + "$KeyGen192");
-            provider.addAlgorithm("KeyGenerator", NSRIObjectIdentifiers.id_aria256_ccm, PREFIX + "$KeyGen256");
-            provider.addAlgorithm("KeyGenerator", NSRIObjectIdentifiers.id_aria128_gcm, PREFIX + "$KeyGen128");
-            provider.addAlgorithm("KeyGenerator", NSRIObjectIdentifiers.id_aria192_gcm, PREFIX + "$KeyGen192");
-            provider.addAlgorithm("KeyGenerator", NSRIObjectIdentifiers.id_aria256_gcm, PREFIX + "$KeyGen256");
-
-            provider.addAlgorithm("SecretKeyFactory.ARIA", PREFIX + "$KeyFactory");
-            provider.addAlgorithm("Alg.Alias.SecretKeyFactory", NSRIObjectIdentifiers.id_aria128_cbc, "ARIA");
-            provider.addAlgorithm("Alg.Alias.SecretKeyFactory", NSRIObjectIdentifiers.id_aria192_cbc, "ARIA");
-            provider.addAlgorithm("Alg.Alias.SecretKeyFactory", NSRIObjectIdentifiers.id_aria256_cbc, "ARIA");
-
-            provider.addAlgorithm("AlgorithmParameterGenerator.ARIACCM", PREFIX + "$AlgParamGenCCM");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NSRIObjectIdentifiers.id_aria128_ccm, "CCM");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NSRIObjectIdentifiers.id_aria192_ccm, "CCM");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NSRIObjectIdentifiers.id_aria256_ccm, "CCM");
-
-            provider.addAlgorithm("Alg.Alias.Cipher", NSRIObjectIdentifiers.id_aria128_ccm, "CCM");
-            provider.addAlgorithm("Alg.Alias.Cipher", NSRIObjectIdentifiers.id_aria192_ccm, "CCM");
-            provider.addAlgorithm("Alg.Alias.Cipher", NSRIObjectIdentifiers.id_aria256_ccm, "CCM");
-
-            provider.addAlgorithm("AlgorithmParameterGenerator.ARIAGCM", PREFIX + "$AlgParamGenGCM");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NSRIObjectIdentifiers.id_aria128_gcm, "GCM");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NSRIObjectIdentifiers.id_aria192_gcm, "GCM");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NSRIObjectIdentifiers.id_aria256_gcm, "GCM");
-
-            provider.addAlgorithm("Alg.Alias.Cipher", NSRIObjectIdentifiers.id_aria128_gcm, "GCM");
-            provider.addAlgorithm("Alg.Alias.Cipher", NSRIObjectIdentifiers.id_aria192_gcm, "GCM");
-            provider.addAlgorithm("Alg.Alias.Cipher", NSRIObjectIdentifiers.id_aria256_gcm, "GCM");
-            
-            addGMacAlgorithm(provider, "ARIA", PREFIX + "$GMAC", PREFIX + "$KeyGen");
-            addPoly1305Algorithm(provider, "ARIA", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java
index efcd0d8..ebaa5c5 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java

@@ -3,12 +3,14 @@
 import org.bouncycastle.asn1.misc.MiscObjectIdentifiers;
 import org.bouncycastle.crypto.CipherKeyGenerator;
 import org.bouncycastle.crypto.engines.BlowfishEngine;
-import org.bouncycastle.crypto.macs.CMac;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.macs.CMac;
 import org.bouncycastle.crypto.modes.CBCBlockCipher;
 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
 import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
 import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
 import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
 import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
 
@@ -36,6 +38,8 @@
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     public static class CMAC
         extends BaseMac
     {
@@ -44,6 +48,8 @@
             super(new CMac(new BlowfishEngine()));
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     public static class KeyGen
         extends BaseKeyGenerator
@@ -74,10 +80,11 @@
 
         public void configure(ConfigurableProvider provider)
         {
-
-            provider.addAlgorithm("Mac.BLOWFISHCMAC", PREFIX + "$CMAC");
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("Mac.BLOWFISHCMAC", PREFIX + "$CMAC");
             provider.addAlgorithm("Cipher.BLOWFISH", PREFIX + "$ECB");
-            provider.addAlgorithm("Cipher", MiscObjectIdentifiers.cryptlib_algorithm_blowfish_CBC, PREFIX + "$CBC");
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("Cipher", MiscObjectIdentifiers.cryptlib_algorithm_blowfish_CBC, PREFIX + "$CBC");
             provider.addAlgorithm("KeyGenerator.BLOWFISH", PREFIX + "$KeyGen");
             provider.addAlgorithm("Alg.Alias.KeyGenerator", MiscObjectIdentifiers.cryptlib_algorithm_blowfish_CBC, "BLOWFISH");
             provider.addAlgorithm("AlgorithmParameters.BLOWFISH", PREFIX + "$AlgParams");

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/CAST5.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/CAST5.java
deleted file mode 100644
index 7c29095..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/CAST5.java
+++ /dev/null

@@ -1,222 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import java.io.IOException;
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.InvalidParameterSpecException;
-
-import javax.crypto.spec.IvParameterSpec;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.misc.CAST5CBCParameters;
-import org.bouncycastle.asn1.misc.MiscObjectIdentifiers;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.engines.CAST5Engine;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
-
-public final class CAST5
-{
-    private CAST5()
-    {
-    }
-    
-    public static class ECB
-        extends BaseBlockCipher
-    {
-        public ECB()
-        {
-            super(new CAST5Engine());
-        }
-    }
-
-    public static class CBC
-       extends BaseBlockCipher
-    {
-        public CBC()
-        {
-            super(new CBCBlockCipher(new CAST5Engine()), 64);
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            super("CAST5", 128, new CipherKeyGenerator());
-        }
-    }
-
-    public static class AlgParamGen
-        extends BaseAlgorithmParameterGenerator
-    {
-        protected void engineInit(
-            AlgorithmParameterSpec  genParamSpec,
-            SecureRandom            random)
-            throws InvalidAlgorithmParameterException
-        {
-            throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for CAST5 parameter generation.");
-        }
-
-        protected AlgorithmParameters engineGenerateParameters()
-        {
-            byte[]  iv = new byte[8];
-
-            if (random == null)
-            {
-                random = CryptoServicesRegistrar.getSecureRandom();
-            }
-
-            random.nextBytes(iv);
-
-            AlgorithmParameters params;
-
-            try
-            {
-                params = createParametersInstance("CAST5");
-                params.init(new IvParameterSpec(iv));
-            }
-            catch (Exception e)
-            {
-                throw new RuntimeException(e.getMessage());
-            }
-
-            return params;
-        }
-    }
-
-    public static class AlgParams
-        extends BaseAlgorithmParameters
-    {
-        private byte[]  iv;
-        private int     keyLength = 128;
-
-        protected byte[] engineGetEncoded()
-        {
-            byte[]  tmp = new byte[iv.length];
-
-            System.arraycopy(iv, 0, tmp, 0, iv.length);
-            return tmp;
-        }
-
-        protected byte[] engineGetEncoded(
-            String format)
-            throws IOException
-        {
-            if (this.isASN1FormatString(format))
-            {
-                return new CAST5CBCParameters(engineGetEncoded(), keyLength).getEncoded();
-            }
-
-            if (format.equals("RAW"))
-            {
-                return engineGetEncoded();
-            }
-
-
-            return null;
-        }
-
-        protected AlgorithmParameterSpec localEngineGetParameterSpec(
-            Class paramSpec)
-            throws InvalidParameterSpecException
-        {
-            if (paramSpec == IvParameterSpec.class)
-            {
-                return new IvParameterSpec(iv);
-            }
-
-            throw new InvalidParameterSpecException("unknown parameter spec passed to CAST5 parameters object.");
-        }
-
-        protected void engineInit(
-            AlgorithmParameterSpec paramSpec)
-            throws InvalidParameterSpecException
-        {
-            if (paramSpec instanceof IvParameterSpec)
-            {
-                this.iv = ((IvParameterSpec)paramSpec).getIV();
-            }
-            else
-            {
-                throw new InvalidParameterSpecException("IvParameterSpec required to initialise a CAST5 parameters algorithm parameters object");
-            }
-        }
-
-        protected void engineInit(
-            byte[] params)
-            throws IOException
-        {
-            this.iv = new byte[params.length];
-
-            System.arraycopy(params, 0, iv, 0, iv.length);
-        }
-
-        protected void engineInit(
-            byte[] params,
-            String format)
-            throws IOException
-        {
-            if (this.isASN1FormatString(format))
-            {
-                ASN1InputStream aIn = new ASN1InputStream(params);
-                CAST5CBCParameters      p = CAST5CBCParameters.getInstance(aIn.readObject());
-
-                keyLength = p.getKeyLength();
-
-                iv = p.getIV();
-
-                return;
-            }
-
-            if (format.equals("RAW"))
-            {
-                engineInit(params);
-                return;
-            }
-
-            throw new IOException("Unknown parameters format in IV parameters object");
-        }
-
-        protected String engineToString()
-        {
-            return "CAST5 Parameters";
-        }
-    }
-
-    public static class Mappings
-        extends AlgorithmProvider
-    {
-        private static final String PREFIX = CAST5.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-
-            provider.addAlgorithm("AlgorithmParameters.CAST5", PREFIX + "$AlgParams");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.1.2.840.113533.7.66.10", "CAST5");
-
-            provider.addAlgorithm("AlgorithmParameterGenerator.CAST5", PREFIX + "$AlgParamGen");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator.1.2.840.113533.7.66.10", "CAST5");
-
-            provider.addAlgorithm("Cipher.CAST5", PREFIX + "$ECB");
-            provider.addAlgorithm("Cipher", MiscObjectIdentifiers.cast5CBC, PREFIX + "$CBC");
-
-            provider.addAlgorithm("KeyGenerator.CAST5", PREFIX + "$KeyGen");
-            provider.addAlgorithm("Alg.Alias.KeyGenerator", MiscObjectIdentifiers.cast5CBC, "CAST5");
-
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/CAST6.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/CAST6.java
deleted file mode 100644
index b9d683e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/CAST6.java
+++ /dev/null

@@ -1,101 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.engines.CAST6Engine;
-import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
-import org.bouncycastle.crypto.macs.GMac;
-import org.bouncycastle.crypto.modes.GCMBlockCipher;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
-
-public final class CAST6
-{
-    private CAST6()
-    {
-    }
-    
-    public static class ECB
-        extends BaseBlockCipher
-    {
-        public ECB()
-        {
-            super(new BlockCipherProvider()
-            {
-                public BlockCipher get()
-                {
-                    return new CAST6Engine();
-                }
-            });
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            super("CAST6", 256, new CipherKeyGenerator());
-        }
-    }
-
-    public static class GMAC
-        extends BaseMac
-    {
-        public GMAC()
-        {
-            super(new GMac(new GCMBlockCipher(new CAST6Engine())));
-        }
-    }
-
-    public static class Poly1305
-        extends BaseMac
-    {
-        public Poly1305()
-        {
-            super(new org.bouncycastle.crypto.macs.Poly1305(new CAST6Engine()));
-        }
-    }
-
-    public static class Poly1305KeyGen
-        extends BaseKeyGenerator
-    {
-        public Poly1305KeyGen()
-        {
-            super("Poly1305-CAST6", 256, new Poly1305KeyGenerator());
-        }
-    }
-
-    public static class AlgParams
-        extends IvAlgorithmParameters
-    {
-        protected String engineToString()
-        {
-            return "CAST6 IV";
-        }
-    }
-
-    public static class Mappings
-        extends SymmetricAlgorithmProvider
-    {
-        private static final String PREFIX = CAST6.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("Cipher.CAST6", PREFIX + "$ECB");
-            provider.addAlgorithm("KeyGenerator.CAST6", PREFIX + "$KeyGen");
-            provider.addAlgorithm("AlgorithmParameters.CAST6", PREFIX + "$AlgParams");
-            
-            addGMacAlgorithm(provider, "CAST6", PREFIX + "$GMAC", PREFIX + "$KeyGen");
-            addPoly1305Algorithm(provider, "CAST6", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Camellia.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Camellia.java
deleted file mode 100644
index 139810c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Camellia.java
+++ /dev/null

@@ -1,253 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.spec.IvParameterSpec;
-
-import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.engines.CamelliaEngine;
-import org.bouncycastle.crypto.engines.CamelliaWrapEngine;
-import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
-import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
-import org.bouncycastle.crypto.macs.GMac;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.modes.GCMBlockCipher;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseSecretKeyFactory;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
-
-public final class Camellia
-{
-    private Camellia()
-    {
-    }
-    
-    public static class ECB
-        extends BaseBlockCipher
-    {
-        public ECB()
-        {
-            super(new BlockCipherProvider()
-            {
-                public BlockCipher get()
-                {
-                    return new CamelliaEngine();
-                }
-            });
-        }
-    }
-
-    public static class CBC
-       extends BaseBlockCipher
-    {
-        public CBC()
-        {
-            super(new CBCBlockCipher(new CamelliaEngine()), 128);
-        }
-    }
-
-    public static class Wrap
-        extends BaseWrapCipher
-    {
-        public Wrap()
-        {
-            super(new CamelliaWrapEngine());
-        }
-    }
-
-    public static class RFC3211Wrap
-        extends BaseWrapCipher
-    {
-        public RFC3211Wrap()
-        {
-            super(new RFC3211WrapEngine(new CamelliaEngine()), 16);
-        }
-    }
-
-    public static class GMAC
-        extends BaseMac
-    {
-        public GMAC()
-        {
-            super(new GMac(new GCMBlockCipher(new CamelliaEngine())));
-        }
-    }
-
-    static public class KeyFactory
-         extends BaseSecretKeyFactory
-    {
-        public KeyFactory()
-        {
-            super("Camellia", null);
-        }
-    }
-
-    public static class Poly1305
-        extends BaseMac
-    {
-        public Poly1305()
-        {
-            super(new org.bouncycastle.crypto.macs.Poly1305(new CamelliaEngine()));
-        }
-    }
-
-    public static class Poly1305KeyGen
-        extends BaseKeyGenerator
-    {
-        public Poly1305KeyGen()
-        {
-            super("Poly1305-Camellia", 256, new Poly1305KeyGenerator());
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            this(256);
-        }
-
-        public KeyGen(int keySize)
-        {
-            super("Camellia", keySize, new CipherKeyGenerator());
-        }
-    }
-
-    public static class KeyGen128
-        extends KeyGen
-    {
-        public KeyGen128()
-        {
-            super(128);
-        }
-    }
-
-    public static class KeyGen192
-        extends KeyGen
-    {
-        public KeyGen192()
-        {
-            super(192);
-        }
-    }
-
-    public static class KeyGen256
-        extends KeyGen
-    {
-        public KeyGen256()
-        {
-            super(256);
-        }
-    }
-
-    public static class AlgParamGen
-        extends BaseAlgorithmParameterGenerator
-    {
-        protected void engineInit(
-            AlgorithmParameterSpec genParamSpec,
-            SecureRandom random)
-            throws InvalidAlgorithmParameterException
-        {
-            throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for Camellia parameter generation.");
-        }
-
-        protected AlgorithmParameters engineGenerateParameters()
-        {
-            byte[] iv = new byte[16];
-
-            if (random == null)
-            {
-                random = CryptoServicesRegistrar.getSecureRandom();
-            }
-
-            random.nextBytes(iv);
-
-            AlgorithmParameters params;
-
-            try
-            {
-                params = createParametersInstance("Camellia");
-                params.init(new IvParameterSpec(iv));
-            }
-            catch (Exception e)
-            {
-                throw new RuntimeException(e.getMessage());
-            }
-
-            return params;
-        }
-    }
-
-    public static class AlgParams
-        extends IvAlgorithmParameters
-    {
-        protected String engineToString()
-        {
-            return "Camellia IV";
-        }
-    }
-
-    public static class Mappings
-        extends SymmetricAlgorithmProvider
-    {
-        private static final String PREFIX = Camellia.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-
-            provider.addAlgorithm("AlgorithmParameters.CAMELLIA", PREFIX + "$AlgParams");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameters", NTTObjectIdentifiers.id_camellia128_cbc, "CAMELLIA");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameters", NTTObjectIdentifiers.id_camellia192_cbc, "CAMELLIA");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameters", NTTObjectIdentifiers.id_camellia256_cbc, "CAMELLIA");
-
-            provider.addAlgorithm("AlgorithmParameterGenerator.CAMELLIA", PREFIX + "$AlgParamGen");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator", NTTObjectIdentifiers.id_camellia128_cbc, "CAMELLIA");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator", NTTObjectIdentifiers.id_camellia192_cbc, "CAMELLIA");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator", NTTObjectIdentifiers.id_camellia256_cbc, "CAMELLIA");
-
-            provider.addAlgorithm("Cipher.CAMELLIA", PREFIX + "$ECB");
-            provider.addAlgorithm("Cipher", NTTObjectIdentifiers.id_camellia128_cbc, PREFIX + "$CBC");
-            provider.addAlgorithm("Cipher", NTTObjectIdentifiers.id_camellia192_cbc, PREFIX + "$CBC");
-            provider.addAlgorithm("Cipher", NTTObjectIdentifiers.id_camellia256_cbc, PREFIX + "$CBC");
-
-            provider.addAlgorithm("Cipher.CAMELLIARFC3211WRAP", PREFIX + "$RFC3211Wrap");
-            provider.addAlgorithm("Cipher.CAMELLIAWRAP", PREFIX + "$Wrap");
-            provider.addAlgorithm("Alg.Alias.Cipher", NTTObjectIdentifiers.id_camellia128_wrap, "CAMELLIAWRAP");
-            provider.addAlgorithm("Alg.Alias.Cipher", NTTObjectIdentifiers.id_camellia192_wrap, "CAMELLIAWRAP");
-            provider.addAlgorithm("Alg.Alias.Cipher", NTTObjectIdentifiers.id_camellia256_wrap, "CAMELLIAWRAP");
-
-            provider.addAlgorithm("SecretKeyFactory.CAMELLIA", PREFIX + "$KeyFactory");
-            provider.addAlgorithm("Alg.Alias.SecretKeyFactory", NTTObjectIdentifiers.id_camellia128_cbc, "CAMELLIA");
-            provider.addAlgorithm("Alg.Alias.SecretKeyFactory", NTTObjectIdentifiers.id_camellia192_cbc, "CAMELLIA");
-            provider.addAlgorithm("Alg.Alias.SecretKeyFactory", NTTObjectIdentifiers.id_camellia256_cbc, "CAMELLIA");
-
-            provider.addAlgorithm("KeyGenerator.CAMELLIA", PREFIX + "$KeyGen");
-            provider.addAlgorithm("KeyGenerator", NTTObjectIdentifiers.id_camellia128_wrap, PREFIX + "$KeyGen128");
-            provider.addAlgorithm("KeyGenerator", NTTObjectIdentifiers.id_camellia192_wrap, PREFIX + "$KeyGen192");
-            provider.addAlgorithm("KeyGenerator", NTTObjectIdentifiers.id_camellia256_wrap, PREFIX + "$KeyGen256");
-            provider.addAlgorithm("KeyGenerator", NTTObjectIdentifiers.id_camellia128_cbc, PREFIX + "$KeyGen128");
-            provider.addAlgorithm("KeyGenerator", NTTObjectIdentifiers.id_camellia192_cbc, PREFIX + "$KeyGen192");
-            provider.addAlgorithm("KeyGenerator", NTTObjectIdentifiers.id_camellia256_cbc, PREFIX + "$KeyGen256");
-
-            addGMacAlgorithm(provider, "CAMELLIA", PREFIX + "$GMAC", PREFIX + "$KeyGen");
-            addPoly1305Algorithm(provider, "CAMELLIA", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ChaCha.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ChaCha.java
deleted file mode 100644
index 07ad6e9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/ChaCha.java
+++ /dev/null

@@ -1,86 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.engines.ChaCha7539Engine;
-import org.bouncycastle.crypto.engines.ChaChaEngine;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseStreamCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
-import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
-
-public final class ChaCha
-{
-    private ChaCha()
-    {
-    }
-    
-    public static class Base
-        extends BaseStreamCipher
-    {
-        public Base()
-        {
-            super(new ChaChaEngine(), 8);
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            super("ChaCha", 128, new CipherKeyGenerator());
-        }
-    }
-
-    public static class Base7539
-        extends BaseStreamCipher
-    {
-        public Base7539()
-        {
-            super(new ChaCha7539Engine(), 12);
-        }
-    }
-
-    public static class KeyGen7539
-        extends BaseKeyGenerator
-    {
-        public KeyGen7539()
-        {
-            super("ChaCha7539", 256, new CipherKeyGenerator());
-        }
-    }
-
-    public static class AlgParams
-        extends IvAlgorithmParameters
-    {
-        protected String engineToString()
-        {
-            return "ChaCha7539 IV";
-        }
-    }
-
-    public static class Mappings
-        extends AlgorithmProvider
-    {
-        private static final String PREFIX = ChaCha.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-
-            provider.addAlgorithm("Cipher.CHACHA", PREFIX + "$Base");
-            provider.addAlgorithm("KeyGenerator.CHACHA", PREFIX + "$KeyGen");
-
-            provider.addAlgorithm("Cipher.CHACHA7539", PREFIX + "$Base7539");
-            provider.addAlgorithm("KeyGenerator.CHACHA7539", PREFIX + "$KeyGen7539");
-            provider.addAlgorithm("AlgorithmParameters.CHACHA7539", PREFIX + "$AlgParams");
-            provider.addAlgorithm("Alg.Alias.Cipher.CHACHA20", "CHACHA7539");
-            provider.addAlgorithm("Alg.Alias.KeyGenerator.CHACHA20", "CHACHA7539");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.CHACHA20", "CHACHA7539");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DES.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DES.java
index 91a25ec..cf7e418 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DES.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DES.java

@@ -19,20 +19,24 @@
 import org.bouncycastle.crypto.CipherParameters;
 import org.bouncycastle.crypto.CryptoServicesRegistrar;
 import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.crypto.PasswordConverter;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.PasswordConverter;
 import org.bouncycastle.crypto.engines.DESEngine;
-import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
 import org.bouncycastle.crypto.generators.DESKeyGenerator;
 import org.bouncycastle.crypto.macs.CBCBlockCipherMac;
-import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
-import org.bouncycastle.crypto.macs.CMac;
-import org.bouncycastle.crypto.macs.ISO9797Alg3Mac;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
+// import org.bouncycastle.crypto.macs.CMac;
+// import org.bouncycastle.crypto.macs.ISO9797Alg3Mac;
 import org.bouncycastle.crypto.modes.CBCBlockCipher;
 import org.bouncycastle.crypto.paddings.ISO7816d4Padding;
 import org.bouncycastle.crypto.params.DESParameters;
 import org.bouncycastle.crypto.params.KeyParameter;
 import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.jcajce.PBKDF1Key;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jcajce.PBKDF1Key;
 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
 import org.bouncycastle.jcajce.provider.symmetric.util.BCPBEKey;
 import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
@@ -68,9 +72,11 @@
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     /**
      * DES   CFB8
-     */
+     *
     public static class DESCFB8
         extends BaseMac
     {
@@ -79,6 +85,8 @@
             super(new CFBBlockCipherMac(new DESEngine()));
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     /**
      * DES64
@@ -113,6 +121,8 @@
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     static public class CMAC
         extends BaseMac
     {
@@ -124,7 +134,7 @@
 
     /**
      * DES9797Alg3with7816-4Padding
-     */
+     *
     public static class DES9797Alg3with7816d4
         extends BaseMac
     {
@@ -136,7 +146,7 @@
 
     /**
      * DES9797Alg3
-     */
+     *
     public static class DES9797Alg3
         extends BaseMac
     {
@@ -192,6 +202,8 @@
             return params;
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
   /**
      * DES - the default for this is to generate a key in
@@ -322,6 +334,8 @@
 
                 if (pbeSpec.getSalt() == null)
                 {
+                    // BEGIN Android-removed: Unsupported algorithms
+                    /*
                     if (scheme == PKCS5S1 || scheme == PKCS5S1_UTF8)
                     {
                         return new PBKDF1Key(pbeSpec.getPassword(),
@@ -329,8 +343,12 @@
                     }
                     else
                     {
+                    */
+                    // END Android-removed: Unsupported algorithms
                         return new BCPBEKey(this.algName, this.algOid, scheme, digest, keySize, ivSize, pbeSpec, null);
+                    /*
                     }
+                    */
                 }
 
                 if (forCipher)
@@ -361,9 +379,11 @@
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     /**
      * PBEWithMD2AndDES
-     */
+     *
     static public class PBEWithMD2KeyFactory
         extends DESPBEKeyFactory
     {
@@ -372,6 +392,8 @@
             super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64);
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     /**
      * PBEWithMD5AndDES
@@ -397,9 +419,11 @@
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     /**
      * PBEWithMD2AndDES
-     */
+     *
     static public class PBEWithMD2
         extends BaseBlockCipher
     {
@@ -408,6 +432,8 @@
             super(new CBCBlockCipher(new DESEngine()), PKCS5S1, MD2, 64, 8);
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     /**
      * PBEWithMD5AndDES
@@ -447,16 +473,22 @@
         {
 
             provider.addAlgorithm("Cipher.DES", PREFIX + "$ECB");
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             provider.addAlgorithm("Cipher", OIWObjectIdentifiers.desCBC, PREFIX + "$CBC");
 
             addAlias(provider, OIWObjectIdentifiers.desCBC, "DES");
 
             provider.addAlgorithm("Cipher.DESRFC3211WRAP", PREFIX + "$RFC3211");
+            */
+            // END Android-removed: Unsupported algorithms
 
             provider.addAlgorithm("KeyGenerator.DES", PREFIX + "$KeyGenerator");
 
             provider.addAlgorithm("SecretKeyFactory.DES", PREFIX + "$KeyFactory");
 
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             provider.addAlgorithm("Mac.DESCMAC", PREFIX + "$CMAC");
             provider.addAlgorithm("Mac.DESMAC", PREFIX + "$CBCMAC");
             provider.addAlgorithm("Alg.Alias.Mac.DES", "DESMAC");
@@ -479,33 +511,42 @@
             provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC");
             provider.addAlgorithm("Mac.ISO9797ALG3WITHISO7816-4PADDING", PREFIX + "$DES9797Alg3with7816d4");
             provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING");
+            */
+            // END Android-removed: Unsupported algorithms
 
             provider.addAlgorithm("AlgorithmParameters.DES", PACKAGE + ".util.IvAlgorithmParameters");
             provider.addAlgorithm("Alg.Alias.AlgorithmParameters", OIWObjectIdentifiers.desCBC, "DES");
 
-            provider.addAlgorithm("AlgorithmParameterGenerator.DES",  PREFIX + "$AlgParamGen");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + OIWObjectIdentifiers.desCBC, "DES");
-
-            provider.addAlgorithm("Cipher.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2");
+            // BEGIN Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("AlgorithmParameterGenerator.DES",  PREFIX + "$AlgParamGen");
+            // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + OIWObjectIdentifiers.desCBC, "DES");
+            //
+            // provider.addAlgorithm("Cipher.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2");
+            // END Android-removed: Unsupported algorithms
             provider.addAlgorithm("Cipher.PBEWITHMD5ANDDES", PREFIX + "$PBEWithMD5");
             provider.addAlgorithm("Cipher.PBEWITHSHA1ANDDES", PREFIX + "$PBEWithSHA1");
             
-            provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES");
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES");
             provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES");
             provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES");
 
-            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES");
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES");
             provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHMD5ANDDES-CBC", "PBEWITHMD5ANDDES");
             provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1ANDDES-CBC", "PBEWITHSHA1ANDDES");
 
-            provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2KeyFactory");
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2KeyFactory");
             provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5ANDDES", PREFIX + "$PBEWithMD5KeyFactory");
             provider.addAlgorithm("SecretKeyFactory.PBEWITHSHA1ANDDES", PREFIX + "$PBEWithSHA1KeyFactory");
 
-            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES");
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES");
             provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDDES-CBC", "PBEWITHMD5ANDDES");
             provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDDES-CBC", "PBEWITHSHA1ANDDES");
-            provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES");
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES");
             provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES");
             provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES");
         }

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DESede.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DESede.java
index d433abe..24785a4 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DESede.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DESede.java

@@ -1,15 +1,18 @@
 package org.bouncycastle.jcajce.provider.symmetric;
 
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
+// Android-removed: Unsupported algorithms
+// import java.security.AlgorithmParameters;
+// import java.security.InvalidAlgorithmParameterException;
 import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
+// Android-removed: Unsupported algorithms
+// import java.security.spec.AlgorithmParameterSpec;
 import java.security.spec.InvalidKeySpecException;
 import java.security.spec.KeySpec;
 
 import javax.crypto.SecretKey;
 import javax.crypto.spec.DESedeKeySpec;
-import javax.crypto.spec.IvParameterSpec;
+// Android-removed: Unsupported algorithms
+// import javax.crypto.spec.IvParameterSpec;
 import javax.crypto.spec.SecretKeySpec;
 
 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
@@ -18,15 +21,18 @@
 import org.bouncycastle.crypto.KeyGenerationParameters;
 import org.bouncycastle.crypto.engines.DESedeEngine;
 import org.bouncycastle.crypto.engines.DESedeWrapEngine;
-import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
 import org.bouncycastle.crypto.generators.DESedeKeyGenerator;
 import org.bouncycastle.crypto.macs.CBCBlockCipherMac;
-import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
-import org.bouncycastle.crypto.macs.CMac;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
+// import org.bouncycastle.crypto.macs.CMac;
 import org.bouncycastle.crypto.modes.CBCBlockCipher;
 import org.bouncycastle.crypto.paddings.ISO7816d4Padding;
 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
 import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
 import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
 import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
@@ -58,9 +64,11 @@
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     /**
      * DESede   CFB8
-     */
+     *
     public static class DESedeCFB8
         extends BaseMac
     {
@@ -69,6 +77,8 @@
             super(new CFBBlockCipherMac(new DESedeEngine()));
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     /**
      * DESede64
@@ -103,6 +113,8 @@
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     static public class CMAC
         extends BaseMac
     {
@@ -111,6 +123,8 @@
             super(new CMac(new DESedeEngine()));
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     public static class Wrap
         extends BaseWrapCipher
@@ -121,6 +135,8 @@
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     public static class RFC3211
         extends BaseWrapCipher
     {
@@ -129,6 +145,8 @@
             super(new RFC3211WrapEngine(new DESedeEngine()), 8);
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
   /**
      * DESede - the default for this is to generate a key in
@@ -242,6 +260,8 @@
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     public static class AlgParamGen
         extends BaseAlgorithmParameterGenerator
     {
@@ -279,6 +299,8 @@
             return params;
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     static public class KeyFactory
         extends BaseSecretKeyFactory
@@ -362,26 +384,35 @@
         public void configure(ConfigurableProvider provider)
         {
             provider.addAlgorithm("Cipher.DESEDE", PREFIX + "$ECB");
-            provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$CBC");
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$CBC");
             provider.addAlgorithm("Cipher.DESEDEWRAP", PREFIX + "$Wrap");
-            provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.id_alg_CMS3DESwrap, PREFIX + "$Wrap");
-            provider.addAlgorithm("Cipher.DESEDERFC3211WRAP", PREFIX + "$RFC3211");
-            provider.addAlgorithm("Alg.Alias.Cipher.DESEDERFC3217WRAP", "DESEDEWRAP");
+            // BEGIN Android-changed: Make alias of DESEDEWRAP rather than separate algorithm
+            provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMS3DESwrap, "DESEDEWRAP");
+            // END Android-changed: Make alias of DESEDEWRAP rather than separate algorithm
+            // BEGIN Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("Cipher.DESEDERFC3211WRAP", PREFIX + "$RFC3211");
+            // provider.addAlgorithm("Alg.Alias.Cipher.DESEDERFC3217WRAP", "DESEDEWRAP");
+            // END Android-removed: Unsupported algorithms
 
             provider.addAlgorithm("Alg.Alias.Cipher.TDEA", "DESEDE");
             provider.addAlgorithm("Alg.Alias.Cipher.TDEAWRAP", "DESEDEWRAP");
             provider.addAlgorithm("Alg.Alias.KeyGenerator.TDEA", "DESEDE");
             provider.addAlgorithm("Alg.Alias.AlgorithmParameters.TDEA", "DESEDE");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator.TDEA", "DESEDE");
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator.TDEA", "DESEDE");
             provider.addAlgorithm("Alg.Alias.SecretKeyFactory.TDEA", "DESEDE");
 
             if (provider.hasAlgorithm("MessageDigest", "SHA-1"))
             {
                 provider.addAlgorithm("Cipher.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES3Key");
-                provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES3Key");
-                provider.addAlgorithm("Cipher.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$OldPBEWithSHAAndDES3Key");
+                // BEGIN Android-removed: Unsupported algorithms
+                // provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES3Key");
+                // provider.addAlgorithm("Cipher.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$OldPBEWithSHAAndDES3Key");
+                // END Android-removed: Unsupported algorithms
                 provider.addAlgorithm("Cipher.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES2Key");
-                provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES2Key");
+                // Android-removed: Unsupported algorithms
+                // provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES2Key");
                 provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, "PBEWITHSHAAND3-KEYTRIPLEDES-CBC");
                 provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC, "PBEWITHSHAAND2-KEYTRIPLEDES-CBC");
                 provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1ANDDESEDE", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC");
@@ -395,11 +426,15 @@
             }
 
             provider.addAlgorithm("KeyGenerator.DESEDE", PREFIX + "$KeyGenerator");
-            provider.addAlgorithm("KeyGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$KeyGenerator3");
-            provider.addAlgorithm("KeyGenerator.DESEDEWRAP", PREFIX + "$KeyGenerator");
+            // BEGIN Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("KeyGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$KeyGenerator3");
+            // provider.addAlgorithm("KeyGenerator.DESEDEWRAP", PREFIX + "$KeyGenerator");
+            // END Android-removed: Unsupported algorithms
 
             provider.addAlgorithm("SecretKeyFactory.DESEDE", PREFIX + "$KeyFactory");
 
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             provider.addAlgorithm("SecretKeyFactory", OIWObjectIdentifiers.desEDE, PREFIX + "$KeyFactory");
 
             provider.addAlgorithm("Mac.DESEDECMAC", PREFIX + "$CMAC");
@@ -416,12 +451,16 @@
             provider.addAlgorithm("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING");
             provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING");
             provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING");
+            */
+            // END Android-removed: Unsupported algorithms
 
             provider.addAlgorithm("AlgorithmParameters.DESEDE", PACKAGE + ".util.IvAlgorithmParameters");
             provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE");
 
-            provider.addAlgorithm("AlgorithmParameterGenerator.DESEDE",  PREFIX + "$AlgParamGen");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE");
+            // BEGIN Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("AlgorithmParameterGenerator.DESEDE",  PREFIX + "$AlgParamGen");
+            // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE");
+            // END Android-removed: Unsupported algorithms
 
             provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES3KeyFactory");
             provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES2KeyFactory");

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DSTU7624.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DSTU7624.java
deleted file mode 100644
index 4ef48cb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/DSTU7624.java
+++ /dev/null

@@ -1,564 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.spec.IvParameterSpec;
-
-import org.bouncycastle.asn1.ua.UAObjectIdentifiers;
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.engines.DSTU7624Engine;
-import org.bouncycastle.crypto.engines.DSTU7624WrapEngine;
-import org.bouncycastle.crypto.macs.KGMac;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.modes.CFBBlockCipher;
-import org.bouncycastle.crypto.modes.KCCMBlockCipher;
-import org.bouncycastle.crypto.modes.KCTRBlockCipher;
-import org.bouncycastle.crypto.modes.KGCMBlockCipher;
-import org.bouncycastle.crypto.modes.OFBBlockCipher;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
-
-public class DSTU7624
-{
-    private DSTU7624()
-    {
-    }
-    
-    public static class ECB
-        extends BaseBlockCipher
-    {
-        public ECB()
-        {
-            super(new BlockCipherProvider()
-            {
-                public BlockCipher get()
-                {
-                    return new DSTU7624Engine(128);
-                }
-            });
-        }
-    }
-
-    // these next three allow some variation on the keysize used in each case.
-    public static class ECB_128
-       extends BaseBlockCipher
-    {
-        public ECB_128()
-        {
-            super(new DSTU7624Engine(128));
-        }
-    }
-
-    public static class ECB_256
-       extends BaseBlockCipher
-    {
-        public ECB_256()
-        {
-            super(new DSTU7624Engine(256));
-        }
-    }
-
-    public static class ECB_512
-       extends BaseBlockCipher
-    {
-        public ECB_512()
-        {
-            super(new DSTU7624Engine(512));
-        }
-    }
-
-    // what follows is fixed with a key size the same as the block size.
-    public static class ECB128
-       extends BaseBlockCipher
-    {
-        public ECB128()
-        {    // TODO: key size is also meant to be fixed
-            super(new DSTU7624Engine(128));
-        }
-    }
-
-    public static class ECB256
-       extends BaseBlockCipher
-    {
-        public ECB256()
-        {
-            super(new DSTU7624Engine(256));
-        }
-    }
-
-    public static class ECB512
-       extends BaseBlockCipher
-    {
-        public ECB512()
-        {
-            super(new DSTU7624Engine(512));
-        }
-    }
-
-    public static class CBC128
-       extends BaseBlockCipher
-    {
-        public CBC128()
-        {    // TODO: key size is also meant to be fixed
-            super(new CBCBlockCipher(new DSTU7624Engine(128)), 128);
-        }
-    }
-
-    public static class CBC256
-       extends BaseBlockCipher
-    {
-        public CBC256()
-        {
-            super(new CBCBlockCipher(new DSTU7624Engine(256)), 256);
-        }
-    }
-
-    public static class CBC512
-       extends BaseBlockCipher
-    {
-        public CBC512()
-        {
-            super(new CBCBlockCipher(new DSTU7624Engine(512)), 512);
-        }
-    }
-
-    public static class OFB128
-       extends BaseBlockCipher
-    {
-        public OFB128()
-        {    // TODO: key size is also meant to be fixed
-            super(new BufferedBlockCipher(new OFBBlockCipher(new DSTU7624Engine(128), 128)), 128);
-        }
-    }
-
-    public static class OFB256
-       extends BaseBlockCipher
-    {
-        public OFB256()
-        {
-            super(new BufferedBlockCipher(new OFBBlockCipher(new DSTU7624Engine(256), 256)), 256);
-        }
-    }
-
-    public static class OFB512
-       extends BaseBlockCipher
-    {
-        public OFB512()
-        {
-            super(new BufferedBlockCipher(new OFBBlockCipher(new DSTU7624Engine(512), 512)), 512);
-        }
-    }
-
-    public static class CFB128
-       extends BaseBlockCipher
-    {
-        public CFB128()
-        {    // TODO: key size is also meant to be fixed
-            super(new BufferedBlockCipher(new CFBBlockCipher(new DSTU7624Engine(128), 128)), 128);
-        }
-    }
-
-    public static class CFB256
-       extends BaseBlockCipher
-    {
-        public CFB256()
-        {
-            super(new BufferedBlockCipher(new CFBBlockCipher(new DSTU7624Engine(256), 256)), 256);
-        }
-    }
-
-    public static class CFB512
-       extends BaseBlockCipher
-    {
-        public CFB512()
-        {
-            super(new BufferedBlockCipher(new CFBBlockCipher(new DSTU7624Engine(512), 512)), 512);
-        }
-    }
-
-    public static class CTR128
-       extends BaseBlockCipher
-    {
-        public CTR128()
-        {    // TODO: key size is also meant to be fixed
-            super(new BufferedBlockCipher(new KCTRBlockCipher(new DSTU7624Engine(128))), 128);
-        }
-    }
-
-    public static class CTR256
-       extends BaseBlockCipher
-    {
-        public CTR256()
-        {
-            super(new BufferedBlockCipher(new KCTRBlockCipher(new DSTU7624Engine(256))), 256);
-        }
-    }
-
-    public static class CTR512
-       extends BaseBlockCipher
-    {
-        public CTR512()
-        {
-            super(new BufferedBlockCipher(new KCTRBlockCipher(new DSTU7624Engine(512))), 512);
-        }
-    }
-
-    public static class CCM128
-       extends BaseBlockCipher
-    {
-        public CCM128()
-        {    // TODO: key size is also meant to be fixed
-            super(new KCCMBlockCipher(new DSTU7624Engine(128)));
-        }
-    }
-
-    public static class CCM256
-       extends BaseBlockCipher
-    {
-        public CCM256()
-        {
-            super(new KCCMBlockCipher(new DSTU7624Engine(256)));
-        }
-    }
-
-    public static class CCM512
-       extends BaseBlockCipher
-    {
-        public CCM512()
-        {
-            super(new KCCMBlockCipher(new DSTU7624Engine(512)));
-        }
-    }
-
-    public static class GCM128
-       extends BaseBlockCipher
-    {
-        public GCM128()
-        {    // TODO: key size is also meant to be fixed
-            super(new KGCMBlockCipher(new DSTU7624Engine(128)));
-        }
-    }
-
-    public static class GCM256
-       extends BaseBlockCipher
-    {
-        public GCM256()
-        {
-            super(new KGCMBlockCipher(new DSTU7624Engine(256)));
-        }
-    }
-
-    public static class GCM512
-       extends BaseBlockCipher
-    {
-        public GCM512()
-        {
-            super(new KGCMBlockCipher(new DSTU7624Engine(512)));
-        }
-    }
-
-    public static class Wrap
-        extends BaseWrapCipher
-    {
-        public Wrap()
-        {
-            super(new DSTU7624WrapEngine(128));
-        }
-    }
-
-    public static class Wrap128
-        extends BaseWrapCipher
-    {
-        public Wrap128()
-        {
-            super(new DSTU7624WrapEngine(128));
-        }
-    }
-
-    public static class Wrap256
-        extends BaseWrapCipher
-    {
-        public Wrap256()
-        {
-            super(new DSTU7624WrapEngine(256));
-        }
-    }
-
-    public static class Wrap512
-        extends BaseWrapCipher
-    {
-        public Wrap512()
-        {
-            super(new DSTU7624WrapEngine(512));
-        }
-    }
-
-    public static class GMAC
-        extends BaseMac
-    {
-        public GMAC()
-        {
-            super(new KGMac(new KGCMBlockCipher(new DSTU7624Engine(128)), 128));
-        }
-    }
-       // TODO: enforce key size restriction
-    public static class GMAC128
-        extends BaseMac
-    {
-        public GMAC128()
-        {
-            super(new KGMac(new KGCMBlockCipher(new DSTU7624Engine(128)), 128));
-        }
-    }
-
-    public static class GMAC256
-        extends BaseMac
-    {
-        public GMAC256()
-        {
-            super(new KGMac(new KGCMBlockCipher(new DSTU7624Engine(256)), 256));
-        }
-    }
-
-    public static class GMAC512
-        extends BaseMac
-    {
-        public GMAC512()
-        {
-            super(new KGMac(new KGCMBlockCipher(new DSTU7624Engine(512)), 512));
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            this(256);
-        }
-
-        public KeyGen(int keySize)
-        {
-            super("DSTU7624", keySize, new CipherKeyGenerator());
-        }
-    }
-
-    public static class KeyGen128
-        extends DSTU7624.KeyGen
-    {
-        public KeyGen128()
-        {
-            super(128);
-        }
-    }
-
-    public static class KeyGen256
-        extends DSTU7624.KeyGen
-    {
-        public KeyGen256()
-        {
-            super(256);
-        }
-    }
-
-    public static class KeyGen512
-        extends DSTU7624.KeyGen
-    {
-        public KeyGen512()
-        {
-            super(512);
-        }
-    }
-
-    public static class AlgParamGen
-        extends BaseAlgorithmParameterGenerator
-    {
-        private final int ivLength;
-
-        public AlgParamGen(int blockSize)
-        {
-            this.ivLength = blockSize / 8;
-        }
-
-        protected void engineInit(
-            AlgorithmParameterSpec genParamSpec,
-            SecureRandom random)
-            throws InvalidAlgorithmParameterException
-        {
-            throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DSTU7624 parameter generation.");
-        }
-
-        protected AlgorithmParameters engineGenerateParameters()
-        {
-            byte[] iv = new byte[ivLength];
-
-            if (random == null)
-            {
-                random = CryptoServicesRegistrar.getSecureRandom();
-            }
-
-            random.nextBytes(iv);
-
-            AlgorithmParameters params;
-
-            try
-            {
-                params = createParametersInstance("DSTU7624");
-                params.init(new IvParameterSpec(iv));
-            }
-            catch (Exception e)
-            {
-                throw new RuntimeException(e.getMessage());
-            }
-
-            return params;
-        }
-    }
-
-    public static class AlgParamGen128
-        extends AlgParamGen
-    {
-        AlgParamGen128()
-        {
-            super(128);
-        }
-    }
-
-    public static class AlgParamGen256
-        extends AlgParamGen
-    {
-        AlgParamGen256()
-        {
-            super(256);
-        }
-    }
-
-    public static class AlgParamGen512
-        extends AlgParamGen
-    {
-        AlgParamGen512()
-        {
-            super(512);
-        }
-    }
-
-    public static class AlgParams
-        extends IvAlgorithmParameters
-    {
-        protected String engineToString()
-        {
-            return "DSTU7624 IV";
-        }
-    }
-
-    public static class Mappings
-        extends SymmetricAlgorithmProvider
-    {
-        private static final String PREFIX = DSTU7624.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-
-            provider.addAlgorithm("AlgorithmParameters.DSTU7624", PREFIX + "$AlgParams128");
-            provider.addAlgorithm("AlgorithmParameters", UAObjectIdentifiers.dstu7624cbc_128, PREFIX + "$AlgParams");
-            provider.addAlgorithm("AlgorithmParameters",  UAObjectIdentifiers.dstu7624cbc_256, PREFIX + "$AlgParams");
-            provider.addAlgorithm("AlgorithmParameters",  UAObjectIdentifiers.dstu7624cbc_512, PREFIX + "$AlgParams");
-
-            provider.addAlgorithm("AlgorithmParameterGenerator.DSTU7624", PREFIX + "$AlgParamGen128");
-            provider.addAlgorithm("AlgorithmParameterGenerator", UAObjectIdentifiers.dstu7624cbc_128, PREFIX + "$AlgParamGen128");
-            provider.addAlgorithm("AlgorithmParameterGenerator", UAObjectIdentifiers.dstu7624cbc_256, PREFIX + "$AlgParamGen256");
-            provider.addAlgorithm("AlgorithmParameterGenerator", UAObjectIdentifiers.dstu7624cbc_512, PREFIX + "$AlgParamGen512");
-
-            provider.addAlgorithm("Cipher.DSTU7624", PREFIX + "$ECB_128");
-            provider.addAlgorithm("Cipher.DSTU7624-128", PREFIX + "$ECB_128");
-            provider.addAlgorithm("Cipher.DSTU7624-256", PREFIX + "$ECB_256");
-            provider.addAlgorithm("Cipher.DSTU7624-512", PREFIX + "$ECB_512");
-
-            provider.addAlgorithm("Cipher", UAObjectIdentifiers.dstu7624ecb_128, PREFIX + "$ECB128");
-            provider.addAlgorithm("Cipher", UAObjectIdentifiers.dstu7624ecb_256, PREFIX + "$ECB256");
-            provider.addAlgorithm("Cipher", UAObjectIdentifiers.dstu7624ecb_512, PREFIX + "$ECB512");
-
-            provider.addAlgorithm("Cipher", UAObjectIdentifiers.dstu7624cbc_128, PREFIX + "$CBC128");
-            provider.addAlgorithm("Cipher", UAObjectIdentifiers.dstu7624cbc_256, PREFIX + "$CBC256");
-            provider.addAlgorithm("Cipher", UAObjectIdentifiers.dstu7624cbc_512, PREFIX + "$CBC512");
-
-            provider.addAlgorithm("Cipher", UAObjectIdentifiers.dstu7624ofb_128, PREFIX + "$OFB128");
-            provider.addAlgorithm("Cipher", UAObjectIdentifiers.dstu7624ofb_256, PREFIX + "$OFB256");
-            provider.addAlgorithm("Cipher", UAObjectIdentifiers.dstu7624ofb_512, PREFIX + "$OFB512");
-
-            provider.addAlgorithm("Cipher", UAObjectIdentifiers.dstu7624cfb_128, PREFIX + "$CFB128");
-            provider.addAlgorithm("Cipher", UAObjectIdentifiers.dstu7624cfb_256, PREFIX + "$CFB256");
-            provider.addAlgorithm("Cipher", UAObjectIdentifiers.dstu7624cfb_512, PREFIX + "$CFB512");
-
-            provider.addAlgorithm("Cipher", UAObjectIdentifiers.dstu7624ctr_128, PREFIX + "$CTR128");
-            provider.addAlgorithm("Cipher", UAObjectIdentifiers.dstu7624ctr_256, PREFIX + "$CTR256");
-            provider.addAlgorithm("Cipher", UAObjectIdentifiers.dstu7624ctr_512, PREFIX + "$CTR512");
-
-            provider.addAlgorithm("Cipher", UAObjectIdentifiers.dstu7624ccm_128, PREFIX + "$CCM128");
-            provider.addAlgorithm("Cipher", UAObjectIdentifiers.dstu7624ccm_256, PREFIX + "$CCM256");
-            provider.addAlgorithm("Cipher", UAObjectIdentifiers.dstu7624ccm_512, PREFIX + "$CCM512");
-
-            provider.addAlgorithm("Cipher.DSTU7624KW", PREFIX + "$Wrap");
-            provider.addAlgorithm("Alg.Alias.Cipher.DSTU7624WRAP", "DSTU7624KW");
-            provider.addAlgorithm("Cipher.DSTU7624-128KW", PREFIX + "$Wrap128");
-            provider.addAlgorithm("Alg.Alias.Cipher." + UAObjectIdentifiers.dstu7624kw_128.getId(), "DSTU7624-128KW");
-            provider.addAlgorithm("Alg.Alias.Cipher.DSTU7624-128WRAP", "DSTU7624-128KW");
-            provider.addAlgorithm("Cipher.DSTU7624-256KW", PREFIX + "$Wrap256");
-            provider.addAlgorithm("Alg.Alias.Cipher." + UAObjectIdentifiers.dstu7624kw_256.getId(), "DSTU7624-256KW");
-            provider.addAlgorithm("Alg.Alias.Cipher.DSTU7624-256WRAP", "DSTU7624-256KW");
-            provider.addAlgorithm("Cipher.DSTU7624-512KW", PREFIX + "$Wrap512");
-            provider.addAlgorithm("Alg.Alias.Cipher." + UAObjectIdentifiers.dstu7624kw_512.getId(), "DSTU7624-512KW");
-            provider.addAlgorithm("Alg.Alias.Cipher.DSTU7624-512WRAP", "DSTU7624-512KW");
-
-            provider.addAlgorithm("Mac.DSTU7624GMAC", PREFIX + "$GMAC");
-            provider.addAlgorithm("Mac.DSTU7624-128GMAC", PREFIX + "$GMAC128");
-            provider.addAlgorithm("Alg.Alias.Mac." + UAObjectIdentifiers.dstu7624gmac_128.getId(), "DSTU7624-128GMAC");
-            provider.addAlgorithm("Mac.DSTU7624-256GMAC", PREFIX + "$GMAC256");
-            provider.addAlgorithm("Alg.Alias.Mac." + UAObjectIdentifiers.dstu7624gmac_256.getId(), "DSTU7624-256GMAC");
-            provider.addAlgorithm("Mac.DSTU7624-512GMAC", PREFIX + "$GMAC512");
-            provider.addAlgorithm("Alg.Alias.Mac." + UAObjectIdentifiers.dstu7624gmac_512.getId(), "DSTU7624-512GMAC");
-            
-            provider.addAlgorithm("KeyGenerator.DSTU7624", PREFIX + "$KeyGen");
-            provider.addAlgorithm("KeyGenerator", UAObjectIdentifiers.dstu7624kw_128, PREFIX + "$KeyGen128");
-            provider.addAlgorithm("KeyGenerator", UAObjectIdentifiers.dstu7624kw_256, PREFIX + "$KeyGen256");
-            provider.addAlgorithm("KeyGenerator", UAObjectIdentifiers.dstu7624kw_512, PREFIX + "$KeyGen512");
-            provider.addAlgorithm("KeyGenerator", UAObjectIdentifiers.dstu7624ecb_128, PREFIX + "$KeyGen128");
-            provider.addAlgorithm("KeyGenerator", UAObjectIdentifiers.dstu7624ecb_256, PREFIX + "$KeyGen256");
-            provider.addAlgorithm("KeyGenerator", UAObjectIdentifiers.dstu7624ecb_512, PREFIX + "$KeyGen512");
-            provider.addAlgorithm("KeyGenerator", UAObjectIdentifiers.dstu7624cbc_128, PREFIX + "$KeyGen128");
-            provider.addAlgorithm("KeyGenerator", UAObjectIdentifiers.dstu7624cbc_256, PREFIX + "$KeyGen256");
-            provider.addAlgorithm("KeyGenerator", UAObjectIdentifiers.dstu7624cbc_512, PREFIX + "$KeyGen512");
-            provider.addAlgorithm("KeyGenerator", UAObjectIdentifiers.dstu7624ofb_128, PREFIX + "$KeyGen128");
-            provider.addAlgorithm("KeyGenerator", UAObjectIdentifiers.dstu7624ofb_256, PREFIX + "$KeyGen256");
-            provider.addAlgorithm("KeyGenerator", UAObjectIdentifiers.dstu7624ofb_512, PREFIX + "$KeyGen512");
-            provider.addAlgorithm("KeyGenerator", UAObjectIdentifiers.dstu7624cfb_128, PREFIX + "$KeyGen128");
-            provider.addAlgorithm("KeyGenerator", UAObjectIdentifiers.dstu7624cfb_256, PREFIX + "$KeyGen256");
-            provider.addAlgorithm("KeyGenerator", UAObjectIdentifiers.dstu7624cfb_512, PREFIX + "$KeyGen512");
-            provider.addAlgorithm("KeyGenerator", UAObjectIdentifiers.dstu7624ctr_128, PREFIX + "$KeyGen128");
-            provider.addAlgorithm("KeyGenerator", UAObjectIdentifiers.dstu7624ctr_256, PREFIX + "$KeyGen256");
-            provider.addAlgorithm("KeyGenerator", UAObjectIdentifiers.dstu7624ctr_512, PREFIX + "$KeyGen512");
-            provider.addAlgorithm("KeyGenerator", UAObjectIdentifiers.dstu7624ccm_128, PREFIX + "$KeyGen128");
-            provider.addAlgorithm("KeyGenerator", UAObjectIdentifiers.dstu7624ccm_256, PREFIX + "$KeyGen256");
-            provider.addAlgorithm("KeyGenerator", UAObjectIdentifiers.dstu7624ccm_512, PREFIX + "$KeyGen512");
-            provider.addAlgorithm("KeyGenerator", UAObjectIdentifiers.dstu7624gmac_128, PREFIX + "$KeyGen128");
-            provider.addAlgorithm("KeyGenerator", UAObjectIdentifiers.dstu7624gmac_256, PREFIX + "$KeyGen256");
-            provider.addAlgorithm("KeyGenerator", UAObjectIdentifiers.dstu7624gmac_512, PREFIX + "$KeyGen512");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/GOST28147.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/GOST28147.java
deleted file mode 100644
index e08ca0b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/GOST28147.java
+++ /dev/null

@@ -1,430 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import java.io.IOException;
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.InvalidParameterSpecException;
-import java.util.HashMap;
-import java.util.Map;
-
-import javax.crypto.spec.IvParameterSpec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.GOST28147Parameters;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.engines.CryptoProWrapEngine;
-import org.bouncycastle.crypto.engines.GOST28147Engine;
-import org.bouncycastle.crypto.engines.GOST28147WrapEngine;
-import org.bouncycastle.crypto.macs.GOST28147Mac;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.modes.GCFBBlockCipher;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher;
-import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
-import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec;
-
-public final class GOST28147
-{
-    private static Map<ASN1ObjectIdentifier, String> oidMappings = new HashMap<ASN1ObjectIdentifier, String>();
-    private static Map<String, ASN1ObjectIdentifier> nameMappings = new HashMap<String, ASN1ObjectIdentifier>();
-
-    static
-    {
-        oidMappings.put(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_TestParamSet, "E-TEST");
-        oidMappings.put(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_A_ParamSet, "E-A");
-        oidMappings.put(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_B_ParamSet, "E-B");
-        oidMappings.put(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_C_ParamSet, "E-C");
-        oidMappings.put(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_D_ParamSet, "E-D");
-        oidMappings.put(RosstandartObjectIdentifiers.id_tc26_gost_28147_param_Z, "Param-Z");
-        
-        nameMappings.put("E-A", CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_A_ParamSet);
-        nameMappings.put("E-B", CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_B_ParamSet);
-        nameMappings.put("E-C", CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_C_ParamSet);
-        nameMappings.put("E-D", CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_D_ParamSet);
-        nameMappings.put("Param-Z", RosstandartObjectIdentifiers.id_tc26_gost_28147_param_Z);
-    }
-
-    private GOST28147()
-    {
-    }
-
-    public static class ECB
-        extends BaseBlockCipher
-    {
-        public ECB()
-        {
-            super(new GOST28147Engine());
-        }
-    }
-
-    public static class CBC
-        extends BaseBlockCipher
-    {
-        public CBC()
-        {
-            super(new CBCBlockCipher(new GOST28147Engine()), 64);
-        }
-    }
-
-    public static class GCFB
-        extends BaseBlockCipher
-    {
-        public GCFB()
-        {
-            super(new BufferedBlockCipher(new GCFBBlockCipher(new GOST28147Engine())), 64);
-        }
-    }
-
-    public static class GostWrap
-        extends BaseWrapCipher
-    {
-        public GostWrap()
-        {
-            super(new GOST28147WrapEngine());
-        }
-    }
-
-    public static class CryptoProWrap
-        extends BaseWrapCipher
-    {
-        public CryptoProWrap()
-        {
-            super(new CryptoProWrapEngine());
-        }
-    }
-
-    /**
-     * GOST28147
-     */
-    public static class Mac
-        extends BaseMac
-    {
-        public Mac()
-        {
-            super(new GOST28147Mac());
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            this(256);
-        }
-
-        public KeyGen(int keySize)
-        {
-            super("GOST28147", keySize, new CipherKeyGenerator());
-        }
-    }
-
-    public static class AlgParamGen
-        extends BaseAlgorithmParameterGenerator
-    {
-        byte[] iv = new byte[8];
-        byte[] sBox = GOST28147Engine.getSBox("E-A");
-
-        protected void engineInit(
-            AlgorithmParameterSpec genParamSpec,
-            SecureRandom random)
-            throws InvalidAlgorithmParameterException
-        {
-            if (genParamSpec instanceof GOST28147ParameterSpec)
-            {
-                  this.sBox = ((GOST28147ParameterSpec)genParamSpec).getSBox();
-            }
-            else
-            {
-                throw new InvalidAlgorithmParameterException("parameter spec not supported");
-            }
-        }
-
-        protected AlgorithmParameters engineGenerateParameters()
-        {
-            if (random == null)
-            {
-                random = CryptoServicesRegistrar.getSecureRandom();
-            }
-
-            random.nextBytes(iv);
-
-            AlgorithmParameters params;
-
-            try
-            {
-                params = createParametersInstance("GOST28147");
-                params.init(new GOST28147ParameterSpec(sBox, iv));
-            }
-            catch (Exception e)
-            {
-                throw new RuntimeException(e.getMessage());
-            }
-
-            return params;
-        }
-    }
-
-    public abstract static class BaseAlgParams
-        extends BaseAlgorithmParameters
-    {
-        private ASN1ObjectIdentifier sBox = CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_A_ParamSet;
-        private byte[] iv;
-
-        protected final void engineInit(byte[] encoding)
-            throws IOException
-        {
-            engineInit(encoding, "ASN.1");
-        }
-
-        protected final byte[] engineGetEncoded()
-            throws IOException
-        {
-            return engineGetEncoded("ASN.1");
-        }
-
-        protected final byte[] engineGetEncoded(
-            String format)
-            throws IOException
-        {
-            if (isASN1FormatString(format))
-            {
-                return localGetEncoded();
-            }
-
-            throw new IOException("Unknown parameter format: " + format);
-        }
-
-        protected final void engineInit(
-            byte[] params,
-            String format)
-            throws IOException
-        {
-            if (params == null)
-            {
-                throw new NullPointerException("Encoded parameters cannot be null");
-            }
-
-            if (isASN1FormatString(format))
-            {
-                try
-                {
-                    localInit(params);
-                }
-                catch (IOException e)
-                {
-                    throw e;
-                }
-                catch (Exception e)
-                {
-                    throw new IOException("Parameter parsing failed: " + e.getMessage());
-                }
-            }
-            else
-            {
-                throw new IOException("Unknown parameter format: " + format);
-            }
-        }
-
-        protected byte[] localGetEncoded()
-            throws IOException
-        {
-            return new GOST28147Parameters(iv, sBox).getEncoded();
-        }
-
-        protected AlgorithmParameterSpec localEngineGetParameterSpec(
-            Class paramSpec)
-            throws InvalidParameterSpecException
-        {
-            if (paramSpec == IvParameterSpec.class)
-            {
-                return new IvParameterSpec(iv);
-            }
-
-            if (paramSpec == GOST28147ParameterSpec.class || paramSpec == AlgorithmParameterSpec.class)
-            {
-                return new GOST28147ParameterSpec(sBox, iv);
-            }
-
-            throw new InvalidParameterSpecException("AlgorithmParameterSpec not recognized: " + paramSpec.getName());
-        }
-
-        protected void engineInit(
-            AlgorithmParameterSpec paramSpec)
-            throws InvalidParameterSpecException
-        {
-            if (paramSpec instanceof IvParameterSpec)
-            {
-                this.iv = ((IvParameterSpec)paramSpec).getIV();
-            }
-            else if (paramSpec instanceof GOST28147ParameterSpec)
-            {
-                this.iv = ((GOST28147ParameterSpec)paramSpec).getIV();
-                try
-                {
-                    this.sBox = getSBoxOID((((GOST28147ParameterSpec)paramSpec).getSBox()));
-                }
-                catch (IllegalArgumentException e)
-                {
-                    throw new InvalidParameterSpecException(e.getMessage());
-                }
-            }
-            else
-            {
-                throw new InvalidParameterSpecException("IvParameterSpec required to initialise a IV parameters algorithm parameters object");
-            }
-        }
-
-        protected static ASN1ObjectIdentifier getSBoxOID(String name)
-        {
-            ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)nameMappings.get(name);
-
-            if (oid == null)
-            {
-                throw new IllegalArgumentException("Unknown SBOX name: " + name);
-            }
-
-            return oid;
-        }
-
-        protected static ASN1ObjectIdentifier getSBoxOID(byte[] sBox)
-        {
-            return getSBoxOID(GOST28147Engine.getSBoxName(sBox));
-        }
-
-        abstract void localInit(byte[] params) throws IOException;
-    }
-
-    public static class AlgParams
-        extends BaseAlgParams
-    {
-        private ASN1ObjectIdentifier sBox = CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_A_ParamSet;
-        private byte[] iv;
-
-        protected byte[] localGetEncoded()
-            throws IOException
-        {
-            return new GOST28147Parameters(iv, sBox).getEncoded();
-        }
-
-        protected AlgorithmParameterSpec localEngineGetParameterSpec(
-            Class paramSpec)
-            throws InvalidParameterSpecException
-        {
-            if (paramSpec == IvParameterSpec.class)
-            {
-                return new IvParameterSpec(iv);
-            }
-
-            if (paramSpec == GOST28147ParameterSpec.class || paramSpec == AlgorithmParameterSpec.class)
-            {
-                return new GOST28147ParameterSpec(sBox, iv);
-            }
-
-            throw new InvalidParameterSpecException("AlgorithmParameterSpec not recognized: " + paramSpec.getName());
-        }
-
-        protected void engineInit(
-            AlgorithmParameterSpec paramSpec)
-            throws InvalidParameterSpecException
-        {
-            if (paramSpec instanceof IvParameterSpec)
-            {
-                this.iv = ((IvParameterSpec)paramSpec).getIV();
-            }
-            else if (paramSpec instanceof GOST28147ParameterSpec)
-            {
-                this.iv = ((GOST28147ParameterSpec)paramSpec).getIV();
-                try
-                {
-                    this.sBox = getSBoxOID((((GOST28147ParameterSpec)paramSpec).getSBox()));
-                }
-                catch (IllegalArgumentException e)
-                {
-                    throw new InvalidParameterSpecException(e.getMessage());
-                }
-            }
-            else
-            {
-                throw new InvalidParameterSpecException("IvParameterSpec required to initialise a IV parameters algorithm parameters object");
-            }
-        }
-
-        protected void localInit(
-            byte[] params)
-            throws IOException
-        {
-            ASN1Primitive asn1Params = ASN1Primitive.fromByteArray(params);
-
-            if (asn1Params instanceof ASN1OctetString)
-            {
-                this.iv = ASN1OctetString.getInstance(asn1Params).getOctets();
-            }
-            else if (asn1Params instanceof ASN1Sequence)
-            {
-                GOST28147Parameters gParams = GOST28147Parameters.getInstance(asn1Params);
-
-                this.sBox = gParams.getEncryptionParamSet();
-                this.iv = gParams.getIV();
-            }
-            else
-            {
-                throw new IOException("Unable to recognize parameters");
-            }
-        }
-
-        protected String engineToString()
-        {
-            return "GOST 28147 IV Parameters";
-        }
-    }
-
-    public static class Mappings
-        extends AlgorithmProvider
-    {
-        private static final String PREFIX = GOST28147.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("Cipher.GOST28147", PREFIX + "$ECB");
-            provider.addAlgorithm("Alg.Alias.Cipher.GOST", "GOST28147");
-            provider.addAlgorithm("Alg.Alias.Cipher.GOST-28147", "GOST28147");
-            provider.addAlgorithm("Cipher." + CryptoProObjectIdentifiers.gostR28147_gcfb, PREFIX + "$GCFB");
-
-            provider.addAlgorithm("KeyGenerator.GOST28147", PREFIX + "$KeyGen");
-            provider.addAlgorithm("Alg.Alias.KeyGenerator.GOST", "GOST28147");
-            provider.addAlgorithm("Alg.Alias.KeyGenerator.GOST-28147", "GOST28147");
-            provider.addAlgorithm("Alg.Alias.KeyGenerator." + CryptoProObjectIdentifiers.gostR28147_gcfb, "GOST28147");
-
-            provider.addAlgorithm("AlgorithmParameters." + "GOST28147", PREFIX + "$AlgParams");
-            provider.addAlgorithm("AlgorithmParameterGenerator." + "GOST28147", PREFIX + "$AlgParamGen");
-
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + CryptoProObjectIdentifiers.gostR28147_gcfb, "GOST28147");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + CryptoProObjectIdentifiers.gostR28147_gcfb, "GOST28147");
-
-            provider.addAlgorithm("Cipher." + CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_KeyWrap, PREFIX + "$CryptoProWrap");
-            provider.addAlgorithm("Cipher." + CryptoProObjectIdentifiers.id_Gost28147_89_None_KeyWrap, PREFIX + "$GostWrap");
-
-            provider.addAlgorithm("Mac.GOST28147MAC", PREFIX + "$Mac");
-            provider.addAlgorithm("Alg.Alias.Mac.GOST28147", "GOST28147MAC");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/GOST3412_2015.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/GOST3412_2015.java
deleted file mode 100644
index 3134e00..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/GOST3412_2015.java
+++ /dev/null

@@ -1,129 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.engines.GOST3412_2015Engine;
-import org.bouncycastle.crypto.macs.CMac;
-import org.bouncycastle.crypto.modes.G3413CBCBlockCipher;
-import org.bouncycastle.crypto.modes.G3413CFBBlockCipher;
-import org.bouncycastle.crypto.modes.G3413CTRBlockCipher;
-import org.bouncycastle.crypto.modes.G3413OFBBlockCipher;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
-
-
-public class GOST3412_2015
-{
-    public static class ECB
-        extends BaseBlockCipher
-    {
-        public ECB()
-        {
-            super(new GOST3412_2015Engine());
-        }
-    }
-
-    public static class CBC
-        extends BaseBlockCipher
-    {
-        public CBC()
-        {
-            super(new G3413CBCBlockCipher(new GOST3412_2015Engine()), false, 128);
-        }
-    }
-
-    public static class GCFB
-        extends BaseBlockCipher
-    {
-        public GCFB()
-        {
-            super(new BufferedBlockCipher(new G3413CFBBlockCipher(new GOST3412_2015Engine())), false, 128);
-        }
-    }
-
-    public static class GCFB8
-        extends BaseBlockCipher
-    {
-        public GCFB8()
-        {
-            super(new BufferedBlockCipher(new G3413CFBBlockCipher(new GOST3412_2015Engine(), 8)), false, 128);
-        }
-    }
-
-    public static class OFB
-        extends BaseBlockCipher
-    {
-        public OFB()
-        {
-            super(new BufferedBlockCipher(new G3413OFBBlockCipher(new GOST3412_2015Engine())), false, 128);
-        }
-
-    }
-
-    public static class CTR
-        extends BaseBlockCipher
-    {
-        public CTR()
-        {
-            super(new BufferedBlockCipher(new G3413CTRBlockCipher(new GOST3412_2015Engine())), 128);
-        }
-
-    }
-
-    /**
-     * GOST3412 2015 CMAC( OMAC1)
-     */
-    public static class Mac
-        extends BaseMac
-    {
-        public Mac()
-        {
-            super(new CMac(new GOST3412_2015Engine()));
-        }
-    }
-
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            this(256);
-        }
-
-        public KeyGen(int keySize)
-        {
-            super("GOST3412-2015", keySize, new CipherKeyGenerator());
-        }
-    }
-
-    public static class Mappings
-        extends AlgorithmProvider
-    {
-        private static final String PREFIX = GOST3412_2015.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("Cipher.GOST3412-2015", PREFIX + "$ECB");
-            provider.addAlgorithm("Cipher.GOST3412-2015/CFB", PREFIX + "$GCFB");
-            provider.addAlgorithm("Cipher.GOST3412-2015/CFB8", PREFIX + "$GCFB8");
-            provider.addAlgorithm("Cipher.GOST3412-2015/OFB", PREFIX + "$OFB");
-            provider.addAlgorithm("Cipher.GOST3412-2015/CBC", PREFIX + "$CBC");
-            provider.addAlgorithm("Cipher.GOST3412-2015/CTR", PREFIX + "$CTR");
-
-            provider.addAlgorithm("KeyGenerator.GOST3412-2015", PREFIX + "$KeyGen");;
-
-            provider.addAlgorithm("Mac.GOST3412MAC", PREFIX + "$Mac");
-            provider.addAlgorithm("Alg.Alias.Mac.GOST3412-2015", "GOST3412MAC");
-        }
-    }
-
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Grain128.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Grain128.java
deleted file mode 100644
index d7232b1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Grain128.java
+++ /dev/null

@@ -1,49 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.engines.Grain128Engine;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseStreamCipher;
-import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
-
-public final class Grain128
-{
-    private Grain128()
-    {
-    }
-    
-    public static class Base
-        extends BaseStreamCipher
-    {
-        public Base()
-        {
-            super(new Grain128Engine(), 12);
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            super("Grain128", 128, new CipherKeyGenerator());
-        }
-    }
-
-    public static class Mappings
-        extends AlgorithmProvider
-    {
-        private static final String PREFIX = Grain128.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("Cipher.Grain128", PREFIX + "$Base");
-            provider.addAlgorithm("KeyGenerator.Grain128", PREFIX + "$KeyGen");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Grainv1.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Grainv1.java
deleted file mode 100644
index 4fa544c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Grainv1.java
+++ /dev/null

@@ -1,60 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.engines.Grainv1Engine;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseStreamCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
-import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
-
-public final class Grainv1
-{
-    private Grainv1()
-    {
-    }
-    
-    public static class Base
-        extends BaseStreamCipher
-    {
-        public Base()
-        {
-            super(new Grainv1Engine(), 8);
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            super("Grainv1", 80, new CipherKeyGenerator());
-        }
-    }
-
-    public static class AlgParams
-        extends IvAlgorithmParameters
-    {
-        protected String engineToString()
-        {
-            return "Grainv1 IV";
-        }
-    }
-
-    public static class Mappings
-        extends AlgorithmProvider
-    {
-        private static final String PREFIX = Grainv1.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("Cipher.Grainv1", PREFIX + "$Base");
-            provider.addAlgorithm("KeyGenerator.Grainv1", PREFIX + "$KeyGen");
-            provider.addAlgorithm("AlgorithmParameters.Grainv1", PREFIX + "$AlgParams");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/HC128.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/HC128.java
deleted file mode 100644
index 755cc09..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/HC128.java
+++ /dev/null

@@ -1,60 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.engines.HC128Engine;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseStreamCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
-import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
-
-public final class HC128
-{
-    private HC128()
-    {
-    }
-    
-    public static class Base
-        extends BaseStreamCipher
-    {
-        public Base()
-        {
-            super(new HC128Engine(), 16);
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            super("HC128", 128, new CipherKeyGenerator());
-        }
-    }
-
-    public static class AlgParams
-        extends IvAlgorithmParameters
-    {
-        protected String engineToString()
-        {
-            return "HC128 IV";
-        }
-    }
-
-    public static class Mappings
-        extends AlgorithmProvider
-    {
-        private static final String PREFIX = HC128.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("Cipher.HC128", PREFIX + "$Base");
-            provider.addAlgorithm("KeyGenerator.HC128", PREFIX + "$KeyGen");
-            provider.addAlgorithm("AlgorithmParameters.HC128", PREFIX + "$AlgParams");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/HC256.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/HC256.java
deleted file mode 100644
index 1335719..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/HC256.java
+++ /dev/null

@@ -1,60 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.engines.HC256Engine;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseStreamCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
-import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
-
-public final class HC256
-{
-    private HC256()
-    {
-    }
-    
-    public static class Base
-        extends BaseStreamCipher
-    {
-        public Base()
-        {
-            super(new HC256Engine(), 32);
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            super("HC256", 256, new CipherKeyGenerator());
-        }
-    }
-
-    public static class AlgParams
-        extends IvAlgorithmParameters
-    {
-        protected String engineToString()
-        {
-            return "HC256 IV";
-        }
-    }
-
-    public static class Mappings
-        extends AlgorithmProvider
-    {
-        private static final String PREFIX = HC256.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("Cipher.HC256", PREFIX + "$Base");
-            provider.addAlgorithm("KeyGenerator.HC256", PREFIX + "$KeyGen");
-            provider.addAlgorithm("AlgorithmParameters.HC256", PREFIX + "$AlgParams");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/IDEA.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/IDEA.java
deleted file mode 100644
index f4d16f8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/IDEA.java
+++ /dev/null

@@ -1,256 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import java.io.IOException;
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.InvalidParameterSpecException;
-
-import javax.crypto.spec.IvParameterSpec;
-
-import org.bouncycastle.asn1.misc.IDEACBCPar;
-import org.bouncycastle.asn1.misc.MiscObjectIdentifiers;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.engines.IDEAEngine;
-import org.bouncycastle.crypto.macs.CBCBlockCipherMac;
-import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory;
-import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
-
-public final class IDEA
-{
-    private IDEA()
-    {
-    }
-    
-    public static class ECB
-        extends BaseBlockCipher
-    {
-        public ECB()
-        {
-            super(new IDEAEngine());
-        }
-    }
-
-    public static class CBC
-       extends BaseBlockCipher
-    {
-        public CBC()
-        {
-            super(new CBCBlockCipher(new IDEAEngine()), 64);
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            super("IDEA", 128, new CipherKeyGenerator());
-        }
-    }
-
-    public static class PBEWithSHAAndIDEAKeyGen
-       extends PBESecretKeyFactory
-    {
-       public PBEWithSHAAndIDEAKeyGen()
-       {
-           super("PBEwithSHAandIDEA-CBC", null, true, PKCS12, SHA1, 128, 64);
-       }
-    }
-
-    static public class PBEWithSHAAndIDEA
-        extends BaseBlockCipher
-    {
-        public PBEWithSHAAndIDEA()
-        {
-            super(new CBCBlockCipher(new IDEAEngine()));
-        }
-    }
-
-    public static class AlgParamGen
-        extends BaseAlgorithmParameterGenerator
-    {
-        protected void engineInit(
-            AlgorithmParameterSpec genParamSpec,
-            SecureRandom random)
-            throws InvalidAlgorithmParameterException
-        {
-            throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for IDEA parameter generation.");
-        }
-
-        protected AlgorithmParameters engineGenerateParameters()
-        {
-            byte[] iv = new byte[8];
-
-            if (random == null)
-            {
-                random = CryptoServicesRegistrar.getSecureRandom();
-            }
-
-            random.nextBytes(iv);
-
-            AlgorithmParameters params;
-
-            try
-            {
-                params = createParametersInstance("IDEA");
-                params.init(new IvParameterSpec(iv));
-            }
-            catch (Exception e)
-            {
-                throw new RuntimeException(e.getMessage());
-            }
-
-            return params;
-        }
-    }
-
-    public static class AlgParams
-        extends BaseAlgorithmParameters
-    {
-        private byte[]  iv;
-
-        protected byte[] engineGetEncoded()
-            throws IOException
-        {
-            return engineGetEncoded("ASN.1");
-        }
-
-        protected byte[] engineGetEncoded(
-            String format)
-            throws IOException
-        {
-            if (this.isASN1FormatString(format))
-            {
-                return new IDEACBCPar(engineGetEncoded("RAW")).getEncoded();
-            }
-
-            if (format.equals("RAW"))
-            {
-                byte[]  tmp = new byte[iv.length];
-
-                System.arraycopy(iv, 0, tmp, 0, iv.length);
-                return tmp;
-            }
-
-            return null;
-        }
-
-        protected AlgorithmParameterSpec localEngineGetParameterSpec(
-            Class paramSpec)
-            throws InvalidParameterSpecException
-        {
-            if (paramSpec == IvParameterSpec.class)
-            {
-                return new IvParameterSpec(iv);
-            }
-
-            throw new InvalidParameterSpecException("unknown parameter spec passed to IV parameters object.");
-        }
-
-        protected void engineInit(
-            AlgorithmParameterSpec paramSpec)
-            throws InvalidParameterSpecException
-        {
-            if (!(paramSpec instanceof IvParameterSpec))
-            {
-                throw new InvalidParameterSpecException("IvParameterSpec required to initialise a IV parameters algorithm parameters object");
-            }
-
-            this.iv = ((IvParameterSpec)paramSpec).getIV();
-        }
-
-        protected void engineInit(
-            byte[] params)
-            throws IOException
-        {
-            this.iv = new byte[params.length];
-
-            System.arraycopy(params, 0, iv, 0, iv.length);
-        }
-
-        protected void engineInit(
-            byte[] params,
-            String format)
-            throws IOException
-        {
-            if (format.equals("RAW"))
-            {
-                engineInit(params);
-                return;
-            }
-            if (format.equals("ASN.1"))
-            {
-                IDEACBCPar      oct = IDEACBCPar.getInstance(params);
-
-                engineInit(oct.getIV());
-                return;
-            }
-
-            throw new IOException("Unknown parameters format in IV parameters object");
-        }
-
-        protected String engineToString()
-        {
-            return "IDEA Parameters";
-        }
-    }
-    
-    public static class Mac
-        extends BaseMac
-    {
-        public Mac()
-        {
-            super(new CBCBlockCipherMac(new IDEAEngine()));
-        }
-    }
-
-    public static class CFB8Mac
-        extends BaseMac
-    {
-        public CFB8Mac()
-        {
-            super(new CFBBlockCipherMac(new IDEAEngine()));
-        }
-    }
-
-    public static class Mappings
-        extends AlgorithmProvider
-    {
-        private static final String PREFIX = IDEA.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("AlgorithmParameterGenerator.IDEA", PREFIX + "$AlgParamGen");
-            provider.addAlgorithm("AlgorithmParameterGenerator.1.3.6.1.4.1.188.7.1.1.2", PREFIX + "$AlgParamGen");
-            provider.addAlgorithm("AlgorithmParameters.IDEA", PREFIX + "$AlgParams");
-            provider.addAlgorithm("AlgorithmParameters.1.3.6.1.4.1.188.7.1.1.2", PREFIX + "$AlgParams");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDIDEA", "PKCS12PBE");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDIDEA-CBC", "PKCS12PBE");
-            provider.addAlgorithm("Cipher.IDEA", PREFIX + "$ECB");
-            provider.addAlgorithm("Cipher", MiscObjectIdentifiers.as_sys_sec_alg_ideaCBC, PREFIX + "$CBC");
-            provider.addAlgorithm("Cipher.PBEWITHSHAANDIDEA-CBC", PREFIX + "$PBEWithSHAAndIDEA");
-            provider.addAlgorithm("KeyGenerator.IDEA", PREFIX + "$KeyGen");
-            provider.addAlgorithm("KeyGenerator",  MiscObjectIdentifiers.as_sys_sec_alg_ideaCBC, PREFIX + "$KeyGen");
-            provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAANDIDEA-CBC", PREFIX + "$PBEWithSHAAndIDEAKeyGen");
-            provider.addAlgorithm("Mac.IDEAMAC", PREFIX + "$Mac");
-            provider.addAlgorithm("Alg.Alias.Mac.IDEA", "IDEAMAC");
-            provider.addAlgorithm("Mac.IDEAMAC/CFB8", PREFIX + "$CFB8Mac");
-            provider.addAlgorithm("Alg.Alias.Mac.IDEA/CFB8", "IDEAMAC/CFB8");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Noekeon.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Noekeon.java
deleted file mode 100644
index 1e32091..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Noekeon.java
+++ /dev/null

@@ -1,153 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.spec.IvParameterSpec;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.engines.NoekeonEngine;
-import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
-import org.bouncycastle.crypto.macs.GMac;
-import org.bouncycastle.crypto.modes.GCMBlockCipher;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
-
-public final class Noekeon
-{
-    private Noekeon()
-    {
-    }
-
-    public static class ECB
-        extends BaseBlockCipher
-    {
-        public ECB()
-        {
-            super(new BlockCipherProvider()
-            {
-                public BlockCipher get()
-                {
-                    return new NoekeonEngine();
-                }
-            });
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            super("Noekeon", 128, new CipherKeyGenerator());
-        }
-    }
-
-    public static class GMAC
-        extends BaseMac
-    {
-        public GMAC()
-        {
-            super(new GMac(new GCMBlockCipher(new NoekeonEngine())));
-        }
-    }
-
-    public static class Poly1305
-        extends BaseMac
-    {
-        public Poly1305()
-        {
-            super(new org.bouncycastle.crypto.macs.Poly1305(new NoekeonEngine()));
-        }
-    }
-
-    public static class Poly1305KeyGen
-        extends BaseKeyGenerator
-    {
-        public Poly1305KeyGen()
-        {
-            super("Poly1305-Noekeon", 256, new Poly1305KeyGenerator());
-        }
-    }
-
-    public static class AlgParamGen
-        extends BaseAlgorithmParameterGenerator
-    {
-        protected void engineInit(
-            AlgorithmParameterSpec genParamSpec,
-            SecureRandom random)
-            throws InvalidAlgorithmParameterException
-        {
-            throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for Noekeon parameter generation.");
-        }
-
-        protected AlgorithmParameters engineGenerateParameters()
-        {
-            byte[] iv = new byte[16];
-
-            if (random == null)
-            {
-                random = CryptoServicesRegistrar.getSecureRandom();
-            }
-
-            random.nextBytes(iv);
-
-            AlgorithmParameters params;
-
-            try
-            {
-                params = createParametersInstance("Noekeon");
-                params.init(new IvParameterSpec(iv));
-            }
-            catch (Exception e)
-            {
-                throw new RuntimeException(e.getMessage());
-            }
-
-            return params;
-        }
-    }
-
-    public static class AlgParams
-        extends IvAlgorithmParameters
-    {
-        protected String engineToString()
-        {
-            return "Noekeon IV";
-        }
-    }
-
-    public static class Mappings
-        extends SymmetricAlgorithmProvider
-    {
-        private static final String PREFIX = Noekeon.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-
-            provider.addAlgorithm("AlgorithmParameters.NOEKEON", PREFIX + "$AlgParams");
-
-            provider.addAlgorithm("AlgorithmParameterGenerator.NOEKEON", PREFIX + "$AlgParamGen");
-
-            provider.addAlgorithm("Cipher.NOEKEON", PREFIX + "$ECB");
-
-            provider.addAlgorithm("KeyGenerator.NOEKEON", PREFIX + "$KeyGen");
-
-            addGMacAlgorithm(provider, "NOEKEON", PREFIX + "$GMAC", PREFIX + "$KeyGen");
-            addPoly1305Algorithm(provider, "NOEKEON", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/OpenSSLPBKDF.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/OpenSSLPBKDF.java
deleted file mode 100644
index 5888adf..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/OpenSSLPBKDF.java
+++ /dev/null

@@ -1,86 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.KeySpec;
-
-import javax.crypto.SecretKey;
-import javax.crypto.spec.PBEKeySpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.crypto.generators.OpenSSLPBEParametersGenerator;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseSecretKeyFactory;
-import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
-import org.bouncycastle.util.Strings;
-
-public final class OpenSSLPBKDF
-{
-    private OpenSSLPBKDF()
-    {
-    }
-
-    public static class PBKDF
-        extends BaseSecretKeyFactory
-    {
-        public PBKDF()
-        {
-            super("PBKDF-OpenSSL", null);
-        }
-
-        protected SecretKey engineGenerateSecret(
-            KeySpec keySpec)
-            throws InvalidKeySpecException
-        {
-            if (keySpec instanceof PBEKeySpec)
-            {
-                PBEKeySpec pbeSpec = (PBEKeySpec)keySpec;
-
-                if (pbeSpec.getSalt() == null)
-                {
-                    throw new InvalidKeySpecException("missing required salt");
-                }
-
-                if (pbeSpec.getIterationCount() <= 0)
-                {
-                    throw new InvalidKeySpecException("positive iteration count required: "
-                        + pbeSpec.getIterationCount());
-                }
-
-                if (pbeSpec.getKeyLength() <= 0)
-                {
-                    throw new InvalidKeySpecException("positive key length required: "
-                        + pbeSpec.getKeyLength());
-                }
-
-                if (pbeSpec.getPassword().length == 0)
-                {
-                    throw new IllegalArgumentException("password empty");
-                }
-
-                OpenSSLPBEParametersGenerator pGen = new OpenSSLPBEParametersGenerator();
-
-                pGen.init(Strings.toByteArray(pbeSpec.getPassword()), pbeSpec.getSalt());
-
-                return new SecretKeySpec(((KeyParameter)pGen.generateDerivedParameters(pbeSpec.getKeyLength())).getKey(), "OpenSSLPBKDF");
-            }
-
-            throw new InvalidKeySpecException("Invalid KeySpec");
-        }
-    }
-
-    public static class Mappings
-        extends AlgorithmProvider
-    {
-        private static final String PREFIX = OpenSSLPBKDF.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("SecretKeyFactory.PBKDF-OPENSSL", PREFIX + "$PBKDF");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF1.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF1.java
deleted file mode 100644
index 122f918..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF1.java
+++ /dev/null

@@ -1,125 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import java.io.IOException;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.InvalidParameterSpecException;
-
-import javax.crypto.spec.PBEParameterSpec;
-
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.pkcs.PBEParameter;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters;
-import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
-
-public class PBEPBKDF1
-{
-    private PBEPBKDF1()
-    {
-
-    }
-
-    public static class AlgParams
-        extends BaseAlgorithmParameters
-    {
-        PBEParameter params;
-
-        protected byte[] engineGetEncoded()
-        {
-            try
-            {
-                return params.getEncoded(ASN1Encoding.DER);
-            }
-            catch (IOException e)
-            {
-                throw new RuntimeException("Oooops! " + e.toString());
-            }
-        }
-
-        protected byte[] engineGetEncoded(
-            String format)
-        {
-            if (this.isASN1FormatString(format))
-            {
-                return engineGetEncoded();
-            }
-
-            return null;
-        }
-
-        protected AlgorithmParameterSpec localEngineGetParameterSpec(
-            Class paramSpec)
-            throws InvalidParameterSpecException
-        {
-            if (paramSpec == PBEParameterSpec.class)
-            {
-                return new PBEParameterSpec(params.getSalt(),
-                                params.getIterationCount().intValue());
-            }
-
-            throw new InvalidParameterSpecException("unknown parameter spec passed to PBKDF1 PBE parameters object.");
-        }
-
-        protected void engineInit(
-            AlgorithmParameterSpec paramSpec)
-            throws InvalidParameterSpecException
-        {
-            if (!(paramSpec instanceof PBEParameterSpec))
-            {
-                throw new InvalidParameterSpecException("PBEParameterSpec required to initialise a PBKDF1 PBE parameters algorithm parameters object");
-            }
-
-            PBEParameterSpec    pbeSpec = (PBEParameterSpec)paramSpec;
-
-            this.params = new PBEParameter(pbeSpec.getSalt(),
-                                pbeSpec.getIterationCount());
-        }
-
-        protected void engineInit(
-            byte[] params)
-            throws IOException
-        {
-            this.params = PBEParameter.getInstance(params);
-        }
-
-        protected void engineInit(
-            byte[] params,
-            String format)
-            throws IOException
-        {
-            if (this.isASN1FormatString(format))
-            {
-                engineInit(params);
-                return;
-            }
-
-            throw new IOException("Unknown parameters format in PBKDF2 parameters object");
-        }
-
-        protected String engineToString()
-        {
-            return "PBKDF1 Parameters";
-        }
-    }
-
-    public static class Mappings
-        extends AlgorithmProvider
-    {
-        private static final String PREFIX = PBEPBKDF1.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("AlgorithmParameters.PBKDF1", PREFIX + "$AlgParams");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBKDF1");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBKDF1");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBKDF1");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBKDF1");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.pbeWithSHA1AndRC2_CBC, "PBKDF1");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java
index 8c77e96..8474f86 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java

@@ -15,13 +15,15 @@
 import org.bouncycastle.asn1.ASN1Encoding;
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
 import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.PBKDF2Params;
 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
 import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.PasswordConverter;
-import org.bouncycastle.jcajce.PBKDF2Key;
+// Android-removed: Unneeded imports of files we don't include
+// import org.bouncycastle.crypto.PasswordConverter;
+// import org.bouncycastle.jcajce.PBKDF2Key;
 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
 import org.bouncycastle.jcajce.provider.symmetric.util.BCPBEKey;
 import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters;
@@ -37,16 +39,18 @@
 
     static
     {
-        prfCodes.put(CryptoProObjectIdentifiers.gostR3411Hmac, Integers.valueOf(PBE.GOST3411));
+        // Android-removed: Unsupported algorithm
+        // prfCodes.put(CryptoProObjectIdentifiers.gostR3411Hmac, Integers.valueOf(PBE.GOST3411));
         prfCodes.put(PKCSObjectIdentifiers.id_hmacWithSHA1, Integers.valueOf(PBE.SHA1));
         prfCodes.put(PKCSObjectIdentifiers.id_hmacWithSHA256, Integers.valueOf(PBE.SHA256));
         prfCodes.put(PKCSObjectIdentifiers.id_hmacWithSHA224, Integers.valueOf(PBE.SHA224));
         prfCodes.put(PKCSObjectIdentifiers.id_hmacWithSHA384, Integers.valueOf(PBE.SHA384));
         prfCodes.put(PKCSObjectIdentifiers.id_hmacWithSHA512, Integers.valueOf(PBE.SHA512));
-        prfCodes.put(NISTObjectIdentifiers.id_hmacWithSHA3_256, Integers.valueOf(PBE.SHA3_256));
-        prfCodes.put(NISTObjectIdentifiers.id_hmacWithSHA3_224, Integers.valueOf(PBE.SHA3_224));
-        prfCodes.put(NISTObjectIdentifiers.id_hmacWithSHA3_384, Integers.valueOf(PBE.SHA3_384));
-        prfCodes.put(NISTObjectIdentifiers.id_hmacWithSHA3_512, Integers.valueOf(PBE.SHA3_512));
+        // Android-remove: Unsupported algorithms
+        // prfCodes.put(NISTObjectIdentifiers.id_hmacWithSHA3_256, Integers.valueOf(PBE.SHA3_256));
+        // prfCodes.put(NISTObjectIdentifiers.id_hmacWithSHA3_224, Integers.valueOf(PBE.SHA3_224));
+        // prfCodes.put(NISTObjectIdentifiers.id_hmacWithSHA3_384, Integers.valueOf(PBE.SHA3_384));
+        // prfCodes.put(NISTObjectIdentifiers.id_hmacWithSHA3_512, Integers.valueOf(PBE.SHA3_512));
     }
 
     private PBEPBKDF2()
@@ -54,6 +58,8 @@
 
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     public static class AlgParams
         extends BaseAlgorithmParameters
     {
@@ -136,11 +142,17 @@
             return "PBKDF2 Parameters";
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     public static class BasePBKDF2
         extends BaseSecretKeyFactory
     {
         private int scheme;
+        // BEGIN Android-added: Allow to specify a key using only the password.
+        private int keySizeInBits;
+        private int ivSizeInBits;
+        // END Android-added: Allow to specify a key using only the password.
         private int defaultDigest;
 
         public BasePBKDF2(String name, int scheme)
@@ -148,14 +160,28 @@
             this(name, scheme, SHA1);
         }
 
-        public BasePBKDF2(String name, int scheme, int defaultDigest)
+        // BEGIN Android-changed: Allow to specify a key using only the password.
+        // public BasePBKDF2(String name, int scheme, int defaultDigest)
+        private BasePBKDF2(
+                String name, int scheme, int digest, int keySizeInBits, int ivSizeInBits)
+        // END Android-changed: Allow to specify a key using only the password.
         {
             super(name, PKCSObjectIdentifiers.id_PBKDF2);
 
             this.scheme = scheme;
-            this.defaultDigest = defaultDigest;
+            // BEGIN Android-added: Support key-restricted versions.
+            this.keySizeInBits = keySizeInBits;
+            this.ivSizeInBits = ivSizeInBits;
+            // END Android-added: Support key-restricted versions.
+            this.defaultDigest = digest;
         }
 
+        // BEGIN Android-added: Allow to specify a key using only the password.
+        private BasePBKDF2(String name, int scheme, int digest) {
+            this(name, scheme, digest, 0, 0);
+        }
+        // END Android-added: Allow to specify a key using only the password.
+
         protected SecretKey engineGenerateSecret(
             KeySpec keySpec)
             throws InvalidKeySpecException
@@ -164,10 +190,27 @@
             {
                 PBEKeySpec pbeSpec = (PBEKeySpec)keySpec;
 
+                // BEGIN Android-added: Allow to specify a key using only the password.
+                // The key will be generated later when other parameters are known.
+                if (pbeSpec.getSalt() == null
+                        && pbeSpec.getIterationCount() == 0
+                        && pbeSpec.getKeyLength() == 0
+                        && pbeSpec.getPassword().length > 0
+                        && keySizeInBits != 0) {
+                    return new BCPBEKey(
+                            this.algName, this.algOid, scheme, defaultDigest, keySizeInBits,
+                            ivSizeInBits, pbeSpec,
+                            // cipherParameters, to be generated when the PBE parameters are known.
+                            null);
+                }
+                // END Android-added: Allow to specify a key using only the password.
+
                 if (pbeSpec.getSalt() == null)
                 {
-                    return new PBKDF2Key(((PBEKeySpec)keySpec).getPassword(),
-                        scheme == PKCS5S2 ? PasswordConverter.ASCII : PasswordConverter.UTF8);
+                    // Android-changed: Throw an exception if the salt is missing
+                    // return new PBKDF2Key(((PBEKeySpec)keySpec).getPassword(),
+                    //     scheme == PKCS5S2 ? PasswordConverter.ASCII : PasswordConverter.UTF8);
+                    throw new InvalidKeySpecException("missing required salt");
                 }
 
                 if (pbeSpec.getIterationCount() <= 0)
@@ -226,6 +269,8 @@
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     public static class PBKDF2withUTF8
         extends BasePBKDF2
     {
@@ -324,6 +369,172 @@
             super("PBKDF2", PKCS5S2);
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    // BEGIN Android-added: Android implementations of PBKDF2 algorithms.
+    // See note in Mappings below.
+    public static class BasePBKDF2WithHmacSHA1 extends BasePBKDF2 {
+        public BasePBKDF2WithHmacSHA1(String name, int scheme)
+        {
+            super(name, scheme, SHA1);
+        }
+    }
+
+    public static class PBKDF2WithHmacSHA1UTF8
+            extends BasePBKDF2WithHmacSHA1
+    {
+        public PBKDF2WithHmacSHA1UTF8()
+        {
+            super("PBKDF2WithHmacSHA1", PKCS5S2_UTF8);
+        }
+    }
+
+    public static class PBKDF2WithHmacSHA18BIT
+            extends BasePBKDF2WithHmacSHA1
+    {
+        public PBKDF2WithHmacSHA18BIT()
+        {
+            super("PBKDF2WithHmacSHA1And8bit", PKCS5S2);
+        }
+    }
+
+    public static class BasePBKDF2WithHmacSHA224 extends BasePBKDF2 {
+        public BasePBKDF2WithHmacSHA224(String name, int scheme)
+        {
+            super(name, scheme, SHA224);
+        }
+    }
+
+    public static class PBKDF2WithHmacSHA224UTF8
+            extends BasePBKDF2WithHmacSHA224
+    {
+        public PBKDF2WithHmacSHA224UTF8()
+        {
+            super("PBKDF2WithHmacSHA224", PKCS5S2_UTF8);
+        }
+    }
+
+    public static class BasePBKDF2WithHmacSHA256 extends BasePBKDF2 {
+        public BasePBKDF2WithHmacSHA256(String name, int scheme)
+        {
+            super(name, scheme, SHA256);
+        }
+    }
+
+    public static class PBKDF2WithHmacSHA256UTF8
+            extends BasePBKDF2WithHmacSHA256
+    {
+        public PBKDF2WithHmacSHA256UTF8()
+        {
+            super("PBKDF2WithHmacSHA256", PKCS5S2_UTF8);
+        }
+    }
+
+
+    public static class BasePBKDF2WithHmacSHA384 extends BasePBKDF2 {
+        public BasePBKDF2WithHmacSHA384(String name, int scheme)
+        {
+            super(name, scheme, SHA384);
+        }
+    }
+
+    public static class PBKDF2WithHmacSHA384UTF8
+            extends BasePBKDF2WithHmacSHA384
+    {
+        public PBKDF2WithHmacSHA384UTF8()
+        {
+            super("PBKDF2WithHmacSHA384", PKCS5S2_UTF8);
+        }
+    }
+
+    public static class BasePBKDF2WithHmacSHA512 extends BasePBKDF2 {
+        public BasePBKDF2WithHmacSHA512(String name, int scheme)
+        {
+            super(name, scheme, SHA512);
+        }
+    }
+
+    public static class PBKDF2WithHmacSHA512UTF8
+            extends BasePBKDF2WithHmacSHA512
+    {
+        public PBKDF2WithHmacSHA512UTF8()
+        {
+            super("PBKDF2WithHmacSHA512", PKCS5S2_UTF8);
+        }
+    }
+
+    public static class PBEWithHmacSHA1AndAES_128
+            extends BasePBKDF2 {
+        public PBEWithHmacSHA1AndAES_128() {
+            super("PBEWithHmacSHA1AndAES_128", PKCS5S2_UTF8, SHA1, 128, 128);
+        }
+    }
+
+    public static class PBEWithHmacSHA224AndAES_128
+            extends BasePBKDF2 {
+        public PBEWithHmacSHA224AndAES_128() {
+            super("PBEWithHmacSHA224AndAES_128", PKCS5S2_UTF8, SHA224, 128, 128);
+        }
+    }
+
+    public static class PBEWithHmacSHA256AndAES_128
+            extends BasePBKDF2 {
+        public PBEWithHmacSHA256AndAES_128() {
+            super("PBEWithHmacSHA256AndAES_128", PKCS5S2_UTF8, SHA256, 128, 128);
+        }
+    }
+
+    public static class PBEWithHmacSHA384AndAES_128
+            extends BasePBKDF2 {
+        public PBEWithHmacSHA384AndAES_128() {
+            super("PBEWithHmacSHA384AndAES_128", PKCS5S2_UTF8, SHA384, 128, 128);
+        }
+    }
+
+    public static class PBEWithHmacSHA512AndAES_128
+            extends BasePBKDF2 {
+        public PBEWithHmacSHA512AndAES_128() {
+            super("PBEWithHmacSHA512AndAES_128", PKCS5S2_UTF8, SHA512, 128, 128);
+        }
+    }
+
+
+    public static class PBEWithHmacSHA1AndAES_256
+            extends BasePBKDF2 {
+        public PBEWithHmacSHA1AndAES_256() {
+            super("PBEWithHmacSHA1AndAES_256", PKCS5S2_UTF8, SHA1, 256, 128);
+        }
+    }
+
+    public static class PBEWithHmacSHA224AndAES_256
+            extends BasePBKDF2 {
+        public PBEWithHmacSHA224AndAES_256() {
+            super("PBEWithHmacSHA224AndAES_256", PKCS5S2_UTF8, SHA224, 256, 128);
+        }
+    }
+
+    public static class PBEWithHmacSHA256AndAES_256
+            extends BasePBKDF2 {
+        public PBEWithHmacSHA256AndAES_256() {
+            super("PBEWithHmacSHA256AndAES_256", PKCS5S2_UTF8, SHA256, 256, 128);
+        }
+    }
+
+    public static class PBEWithHmacSHA384AndAES_256
+            extends BasePBKDF2 {
+        public PBEWithHmacSHA384AndAES_256() {
+            super("PBEWithHmacSHA384AndAES_256", PKCS5S2_UTF8, SHA384, 256, 128);
+        }
+    }
+
+    public static class PBEWithHmacSHA512AndAES_256
+            extends BasePBKDF2 {
+        public PBEWithHmacSHA512AndAES_256() {
+            super("PBEWithHmacSHA512AndAES_256", PKCS5S2_UTF8, SHA512, 256, 128);
+        }
+    }
+    // END Android-added: Android implementations of PBKDF2 algorithms.
 
     public static class Mappings
         extends AlgorithmProvider
@@ -336,6 +547,15 @@
 
         public void configure(ConfigurableProvider provider)
         {
+            // Android-note: Provided classes differ significantly from upstream.
+            // Before BC 1.56, this class was omitted in Android and the algorithms we desired
+            // were provided in org.bouncycastle.jcajce.provider.digest.SHA1.  During that
+            // time, Android added some additional versions of these algorithms for fixed key sizes.
+            // BC eventually consolidated the algorithms into this class.  As a result, when
+            // upgrading to BC 1.56, we added this class but replaced its contents with
+            // our versions.
+            // BEGIN Android-removed: Bouncy Castle versions of algorithms.
+            /*
             provider.addAlgorithm("AlgorithmParameters.PBKDF2", PREFIX + "$AlgParams");
             provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.id_PBKDF2, "PBKDF2");
             provider.addAlgorithm("SecretKeyFactory.PBKDF2", PREFIX + "$PBKDF2withUTF8");
@@ -354,6 +574,29 @@
             provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA3-384", PREFIX + "$PBKDF2withSHA3_384");
             provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA3-512", PREFIX + "$PBKDF2withSHA3_512");
             provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACGOST3411", PREFIX + "$PBKDF2withGOST3411");
+            */
+            // END Android-removed: Bouncy Castle versions of algorithms.
+            // BEGIN Android-added: Android versions of algorithms.
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WithHmacSHA1AndUTF8", "PBKDF2WithHmacSHA1");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2with8BIT", "PBKDF2WithHmacSHA1And8BIT");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2withASCII", "PBKDF2WithHmacSHA1And8BIT");
+            provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA1", PREFIX + "$PBKDF2WithHmacSHA1UTF8");
+            provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA224", PREFIX + "$PBKDF2WithHmacSHA224UTF8");
+            provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA256", PREFIX + "$PBKDF2WithHmacSHA256UTF8");
+            provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA384", PREFIX + "$PBKDF2WithHmacSHA384UTF8");
+            provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA512", PREFIX + "$PBKDF2WithHmacSHA512UTF8");
+            provider.addAlgorithm("SecretKeyFactory.PBEWithHmacSHA1AndAES_128", PREFIX + "$PBEWithHmacSHA1AndAES_128");
+            provider.addAlgorithm("SecretKeyFactory.PBEWithHmacSHA224AndAES_128", PREFIX + "$PBEWithHmacSHA224AndAES_128");
+            provider.addAlgorithm("SecretKeyFactory.PBEWithHmacSHA256AndAES_128", PREFIX + "$PBEWithHmacSHA256AndAES_128");
+            provider.addAlgorithm("SecretKeyFactory.PBEWithHmacSHA384AndAES_128", PREFIX + "$PBEWithHmacSHA384AndAES_128");
+            provider.addAlgorithm("SecretKeyFactory.PBEWithHmacSHA512AndAES_128", PREFIX + "$PBEWithHmacSHA512AndAES_128");
+            provider.addAlgorithm("SecretKeyFactory.PBEWithHmacSHA1AndAES_256", PREFIX + "$PBEWithHmacSHA1AndAES_256");
+            provider.addAlgorithm("SecretKeyFactory.PBEWithHmacSHA224AndAES_256", PREFIX + "$PBEWithHmacSHA224AndAES_256");
+            provider.addAlgorithm("SecretKeyFactory.PBEWithHmacSHA256AndAES_256", PREFIX + "$PBEWithHmacSHA256AndAES_256");
+            provider.addAlgorithm("SecretKeyFactory.PBEWithHmacSHA384AndAES_256", PREFIX + "$PBEWithHmacSHA384AndAES_256");
+            provider.addAlgorithm("SecretKeyFactory.PBEWithHmacSHA512AndAES_256", PREFIX + "$PBEWithHmacSHA512AndAES_256");
+            provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA1And8BIT", PREFIX + "$PBKDF2WithHmacSHA18BIT");
+            // END Android-added: Android versions of algorithms.
         }
     }
 }

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/PBES2AlgorithmParameters.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/PBES2AlgorithmParameters.java
new file mode 100644
index 0000000..9f2262f
--- /dev/null
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/PBES2AlgorithmParameters.java

@@ -0,0 +1,330 @@
+// BEGIN android-added
+// Based on org.bouncycastle.jcajce.provider.symmetric.PBEPKCS12
+
+package org.bouncycastle.jcajce.provider.symmetric;
+
+import org.bouncycastle.asn1.ASN1Encodable;
+import org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import org.bouncycastle.asn1.ASN1Primitive;
+import org.bouncycastle.asn1.ASN1OctetString;
+import org.bouncycastle.asn1.ASN1Sequence;
+import org.bouncycastle.asn1.DERNull;
+import org.bouncycastle.asn1.DEROctetString;
+import org.bouncycastle.asn1.DERSequence;
+import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+import org.bouncycastle.asn1.pkcs.EncryptionScheme;
+import org.bouncycastle.asn1.pkcs.KeyDerivationFunc;
+import org.bouncycastle.asn1.pkcs.PBES2Parameters;
+import org.bouncycastle.asn1.pkcs.PBKDF2Params;
+import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters;
+import org.bouncycastle.jcajce.provider.symmetric.util.PBE;
+import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
+
+import java.io.IOException;
+import java.lang.reflect.Constructor;
+import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.InvalidParameterSpecException;
+import java.util.Enumeration;
+
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.PBEParameterSpec;
+
+public class PBES2AlgorithmParameters
+{
+    private PBES2AlgorithmParameters()
+    {
+
+    }
+
+    private static abstract class BasePBEWithHmacAlgorithmParameters
+            extends BaseAlgorithmParameters
+    {
+        private final AlgorithmIdentifier kdf;
+        private final String kdfShortName;
+        private final int keySize;
+        private final ASN1ObjectIdentifier cipherAlgorithm;
+        private final String cipherAlgorithmShortName;
+
+        private PBES2Parameters params;
+
+        private BasePBEWithHmacAlgorithmParameters(
+                ASN1ObjectIdentifier kdf,
+                String kdfShortName,
+                int keySize,
+                ASN1ObjectIdentifier cipherAlgorithm,
+                String cipherAlgorithmShortName) {
+            this.kdf = new AlgorithmIdentifier(kdf, DERNull.INSTANCE);
+            this.kdfShortName = kdfShortName;
+            this.keySize = keySize;
+            this.cipherAlgorithm = cipherAlgorithm;
+            this.cipherAlgorithmShortName = cipherAlgorithmShortName;
+        }
+
+        protected byte[] engineGetEncoded()
+        {
+            try
+            {
+                return new DERSequence(new ASN1Encodable[] {
+                        PKCSObjectIdentifiers.id_PBES2,
+                        params
+                }).getEncoded();
+            }
+            catch (IOException e)
+            {
+                throw new RuntimeException("Unable to read PBES2 parameters: " + e.toString());
+            }
+        }
+
+        protected byte[] engineGetEncoded(
+                String format)
+        {
+            if (this.isASN1FormatString(format))
+            {
+                return engineGetEncoded();
+            }
+
+            return null;
+        }
+
+        protected AlgorithmParameterSpec localEngineGetParameterSpec(
+                Class parameterSpec)
+                throws InvalidParameterSpecException
+        {
+            if (parameterSpec == PBEParameterSpec.class)
+            {
+                PBKDF2Params pbeParamSpec =
+                        (PBKDF2Params) params.getKeyDerivationFunc().getParameters();
+                byte[] iv =  ((ASN1OctetString) params.getEncryptionScheme().getParameters())
+                        .getOctets();
+                return createPBEParameterSpec(pbeParamSpec.getSalt(),
+                        pbeParamSpec.getIterationCount().intValue(),
+                        iv);
+            }
+
+            throw new InvalidParameterSpecException(
+                    "unknown parameter spec passed to PBES2 parameters object.");
+        }
+
+        protected void engineInit(
+                AlgorithmParameterSpec paramSpec)
+                throws InvalidParameterSpecException
+        {
+            if (!(paramSpec instanceof PBEParameterSpec))
+            {
+                throw new InvalidParameterSpecException(
+                        "PBEParameterSpec required to initialise PBES2 algorithm parameters");
+            }
+
+            PBEParameterSpec pbeSpec = (PBEParameterSpec)paramSpec;
+
+            byte[] iv;
+
+            AlgorithmParameterSpec algorithmParameterSpec =
+                    PBE.Util.getParameterSpecFromPBEParameterSpec(pbeSpec);
+            if (algorithmParameterSpec instanceof IvParameterSpec) {
+                iv = ((IvParameterSpec) algorithmParameterSpec).getIV();
+            } else {
+                throw new IllegalArgumentException("Expecting an IV as a parameter");
+            }
+
+            this.params = new PBES2Parameters(
+                    new KeyDerivationFunc(
+                            PKCSObjectIdentifiers.id_PBKDF2,
+                            new PBKDF2Params(
+                                    pbeSpec.getSalt(), pbeSpec.getIterationCount(), keySize, kdf)),
+                    new EncryptionScheme(cipherAlgorithm, new DEROctetString(iv)));
+        }
+
+        protected void engineInit(
+                byte[] params)
+                throws IOException
+        {
+            // Dual of engineGetEncoded()
+            ASN1Sequence seq = ASN1Sequence.getInstance(ASN1Primitive.fromByteArray(params));
+            Enumeration seqObjects = seq.getObjects();
+            ASN1ObjectIdentifier id = (ASN1ObjectIdentifier) seqObjects.nextElement();
+            if (!id.getId().equals(PKCSObjectIdentifiers.id_PBES2.getId())) {
+                throw new IllegalArgumentException("Invalid PBES2 parameters");
+            }
+            this.params = PBES2Parameters.getInstance(seqObjects.nextElement());
+        }
+
+        protected void engineInit(
+                byte[] params,
+                String format)
+                throws IOException
+        {
+            if (this.isASN1FormatString(format))
+            {
+                engineInit(params);
+                return;
+            }
+
+            throw new IOException("Unknown parameters format in PBES2 parameters object");
+        }
+
+        protected String engineToString()
+        {
+            return "PBES2 " + kdfShortName + " " + cipherAlgorithmShortName + " Parameters";
+        }
+    }
+
+    public static class PBEWithHmacSHA1AES128AlgorithmParameters
+            extends BasePBEWithHmacAlgorithmParameters {
+        public PBEWithHmacSHA1AES128AlgorithmParameters() {
+            super(PKCSObjectIdentifiers.id_hmacWithSHA1,
+                    "HmacSHA1",
+                    16, /* keySize */
+                    NISTObjectIdentifiers.id_aes128_CBC,
+                    "AES128");
+        }
+    }
+
+    public static class PBEWithHmacSHA224AES128AlgorithmParameters
+            extends BasePBEWithHmacAlgorithmParameters {
+        public PBEWithHmacSHA224AES128AlgorithmParameters() {
+            super(PKCSObjectIdentifiers.id_hmacWithSHA224,
+                    "HmacSHA224",
+                    16, /* keySize */
+                    NISTObjectIdentifiers.id_aes128_CBC,
+                    "AES128");
+        }
+    }
+
+    public static class PBEWithHmacSHA256AES128AlgorithmParameters
+            extends BasePBEWithHmacAlgorithmParameters {
+        public PBEWithHmacSHA256AES128AlgorithmParameters() {
+            super(PKCSObjectIdentifiers.id_hmacWithSHA256,
+                    "HmacSHA256",
+                    16, /* keySize */
+                    NISTObjectIdentifiers.id_aes128_CBC,
+                    "AES128");
+        }
+    }
+
+    public static class PBEWithHmacSHA384AES128AlgorithmParameters
+            extends BasePBEWithHmacAlgorithmParameters {
+        public PBEWithHmacSHA384AES128AlgorithmParameters() {
+            super(PKCSObjectIdentifiers.id_hmacWithSHA384,
+                    "HmacSHA384",
+                    16, /* keySize */
+                    NISTObjectIdentifiers.id_aes128_CBC,
+                    "AES128");
+        }
+    }
+
+    public static class PBEWithHmacSHA512AES128AlgorithmParameters
+            extends BasePBEWithHmacAlgorithmParameters {
+        public PBEWithHmacSHA512AES128AlgorithmParameters() {
+            super(PKCSObjectIdentifiers.id_hmacWithSHA512,
+                    "HmacSHA512",
+                    16, /* keySize */
+                    NISTObjectIdentifiers.id_aes128_CBC,
+                    "AES128");
+        }
+    }
+
+    public static class PBEWithHmacSHA1AES256AlgorithmParameters
+            extends BasePBEWithHmacAlgorithmParameters {
+        public PBEWithHmacSHA1AES256AlgorithmParameters() {
+            super(PKCSObjectIdentifiers.id_hmacWithSHA1,
+                    "HmacSHA1",
+                    32, /* keySize */
+                    NISTObjectIdentifiers.id_aes256_CBC,
+                    "AES256");
+        }
+    }
+
+    public static class PBEWithHmacSHA224AES256AlgorithmParameters
+            extends BasePBEWithHmacAlgorithmParameters {
+        public PBEWithHmacSHA224AES256AlgorithmParameters() {
+            super(PKCSObjectIdentifiers.id_hmacWithSHA224,
+                    "HmacSHA224",
+                    32, /* keySize */
+                    NISTObjectIdentifiers.id_aes256_CBC,
+                    "AES256");
+        }
+    }
+
+    public static class PBEWithHmacSHA256AES256AlgorithmParameters
+            extends BasePBEWithHmacAlgorithmParameters {
+        public PBEWithHmacSHA256AES256AlgorithmParameters() {
+            super(PKCSObjectIdentifiers.id_hmacWithSHA256,
+                    "HmacSHA256",
+                    32, /* keySize */
+                    NISTObjectIdentifiers.id_aes256_CBC,
+                    "AES256");
+        }
+    }
+
+    public static class PBEWithHmacSHA384AES256AlgorithmParameters
+            extends BasePBEWithHmacAlgorithmParameters {
+        public PBEWithHmacSHA384AES256AlgorithmParameters() {
+            super(PKCSObjectIdentifiers.id_hmacWithSHA384,
+                    "HmacSHA384",
+                    32, /* keySize */
+                    NISTObjectIdentifiers.id_aes256_CBC,
+                    "AES256");
+        }
+    }
+
+    public static class PBEWithHmacSHA512AES256AlgorithmParameters
+            extends BasePBEWithHmacAlgorithmParameters {
+        public PBEWithHmacSHA512AES256AlgorithmParameters() {
+            super(PKCSObjectIdentifiers.id_hmacWithSHA512,
+                    "HmacSHA512",
+                    32, /* keySize */
+                    NISTObjectIdentifiers.id_aes256_CBC,
+                    "AES256");
+        }
+    }
+
+
+    public static class Mappings
+            extends AlgorithmProvider
+    {
+        private static final String PREFIX = PBES2AlgorithmParameters.class.getName();
+
+        public Mappings()
+        {
+        }
+
+        public void configure(ConfigurableProvider provider)
+        {
+            int[] keySizes = { 128, 256 };
+            int[] shaVariants = { 1, 224, 256, 384, 512 };
+            for (int keySize : keySizes) {
+                for (int shaVariant : shaVariants) {
+                    provider.addAlgorithm(
+                            "AlgorithmParameters.PBEWithHmacSHA" + shaVariant + "AndAES_" + keySize,
+                            PREFIX + "$PBEWithHmacSHA" + shaVariant + "AES" + keySize
+                                    + "AlgorithmParameters");
+                }
+            }
+        }
+    }
+
+    /**
+     * Helper method to create a PBEParameterSpec with a parameter specification via reflection, as
+     * the constructor became available in Java 1.8 and Bouncycastle is at level 1.5.
+     */
+    private static PBEParameterSpec createPBEParameterSpec(
+            byte[] salt, int iterationCount, byte[] iv) {
+        try {
+            Class<PBEParameterSpec> pbeParameterSpecClass =
+                    (Class<PBEParameterSpec>) PBES2AlgorithmParameters.class.getClassLoader()
+                            .loadClass("javax.crypto.spec.PBEParameterSpec");
+            Constructor<PBEParameterSpec> constructor =
+                    pbeParameterSpecClass.getConstructor(new Class[]{
+                            byte[].class, int.class, AlgorithmParameterSpec.class });
+            return constructor.newInstance(salt, iterationCount, new IvParameterSpec(iv));
+        } catch (Exception e) {
+            throw new IllegalStateException(
+                    "Requested creation PBES2 parameters in an SDK that doesn't support them", e);
+        }
+    }
+}
+// END android-added
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Poly1305.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Poly1305.java
deleted file mode 100644
index 735e5bd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Poly1305.java
+++ /dev/null

@@ -1,49 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
-
-public class Poly1305
-{
-    private Poly1305()
-    {
-    }
-
-    public static class Mac
-        extends BaseMac
-    {
-        public Mac()
-        {
-            super(new org.bouncycastle.crypto.macs.Poly1305());
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            super("Poly1305", 256, new Poly1305KeyGenerator());
-        }
-    }
-
-    public static class Mappings
-        extends AlgorithmProvider
-    {
-        private static final String PREFIX = Poly1305.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("Mac.POLY1305", PREFIX + "$Mac");
-
-            provider.addAlgorithm("KeyGenerator.POLY1305", PREFIX + "$KeyGen");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC2.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC2.java
index 36b2068..c424890 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC2.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC2.java

@@ -12,21 +12,25 @@
 
 import org.bouncycastle.asn1.ASN1Primitive;
 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.RC2CBCParameter;
-import org.bouncycastle.crypto.CipherKeyGenerator;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.pkcs.RC2CBCParameter;
+// import org.bouncycastle.crypto.CipherKeyGenerator;
 import org.bouncycastle.crypto.CryptoServicesRegistrar;
 import org.bouncycastle.crypto.engines.RC2Engine;
-import org.bouncycastle.crypto.engines.RC2WrapEngine;
-import org.bouncycastle.crypto.macs.CBCBlockCipherMac;
-import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.engines.RC2WrapEngine;
+// import org.bouncycastle.crypto.macs.CBCBlockCipherMac;
+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
 import org.bouncycastle.crypto.modes.CBCBlockCipher;
 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters;
 import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher;
 import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory;
 import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
 import org.bouncycastle.util.Arrays;
@@ -37,9 +41,11 @@
     {
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     /**
      * RC2
-     */
+     *
     static public class ECB
         extends BaseBlockCipher
     {
@@ -51,7 +57,7 @@
 
     /**
      * RC2CBC
-     */
+     *
     static public class CBC
         extends BaseBlockCipher
     {
@@ -72,7 +78,7 @@
 
     /**
      * RC2
-     */
+     *
     public static class CBCMAC
         extends BaseMac
     {
@@ -90,6 +96,8 @@
             super(new CFBBlockCipherMac(new RC2Engine()));
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     /**
      * PBEWithSHA1AndRC2
@@ -175,9 +183,11 @@
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     /**
      * PBEWithMD2AndRC2
-     */
+     *
     static public class PBEWithMD2KeyFactory
         extends PBESecretKeyFactory
     {
@@ -186,6 +196,8 @@
             super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64);
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
    /**
     * PBEWithMD5AndRC2
@@ -199,6 +211,8 @@
        }
    }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     public static class AlgParamGen
         extends BaseAlgorithmParameterGenerator
     {
@@ -440,6 +454,8 @@
             return "RC2 Parameters";
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     public static class Mappings
         extends AlgorithmProvider
@@ -453,6 +469,8 @@
         public void configure(ConfigurableProvider provider)
         {
 
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             provider.addAlgorithm("AlgorithmParameterGenerator.RC2", PREFIX + "$AlgParamGen");
             provider.addAlgorithm("AlgorithmParameterGenerator.1.2.840.113549.3.2", PREFIX + "$AlgParamGen");
 
@@ -473,12 +491,17 @@
             provider.addAlgorithm("Alg.Alias.Mac.RC2/CFB8", "RC2MAC/CFB8");
 
             provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2");
+            */
+            // END Android-removed: Unsupported algorithms
 
+            // Android-note: All of the non-disabled algorithms in this class are necessary
+            // for KeyStore.PKCS12
             provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDRC2-CBC", "PBEWITHMD5ANDRC2");
 
             provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDRC2-CBC", "PBEWITHSHA1ANDRC2");
 
-            provider.addAlgorithm("Alg.Alias.SecretKeyFactory", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2");
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("Alg.Alias.SecretKeyFactory", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2");
 
             provider.addAlgorithm("Alg.Alias.SecretKeyFactory", PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDRC2");
 
@@ -486,14 +509,16 @@
             provider.addAlgorithm("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.5", "PBEWITHSHAAND128BITRC2-CBC");
             provider.addAlgorithm("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.6", "PBEWITHSHAAND40BITRC2-CBC");
 
-            provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDRC2", PREFIX + "$PBEWithMD2KeyFactory");
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDRC2", PREFIX + "$PBEWithMD2KeyFactory");
             provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5ANDRC2", PREFIX + "$PBEWithMD5KeyFactory");
             provider.addAlgorithm("SecretKeyFactory.PBEWITHSHA1ANDRC2", PREFIX + "$PBEWithSHA1KeyFactory");
 
             provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND128BITRC2-CBC", PREFIX + "$PBEWithSHAAnd128BitKeyFactory");
             provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND40BITRC2-CBC", PREFIX + "$PBEWithSHAAnd40BitKeyFactory");
-            
-            provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2");
+
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2");
 
             provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDRC2");
 

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC5.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC5.java
deleted file mode 100644
index 1547554..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC5.java
+++ /dev/null

@@ -1,177 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.spec.IvParameterSpec;
-
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.engines.RC532Engine;
-import org.bouncycastle.crypto.engines.RC564Engine;
-import org.bouncycastle.crypto.macs.CBCBlockCipherMac;
-import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
-import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
-
-public final class RC5
-{
-    private RC5()
-    {
-    }
-
-    /**
-     * RC5
-     */
-    public static class ECB32
-        extends BaseBlockCipher
-    {
-        public ECB32()
-        {
-            super(new RC532Engine());
-        }
-    }
-
-    /**
-     * RC564
-     */
-    public static class ECB64
-        extends BaseBlockCipher
-    {
-        public ECB64()
-        {
-            super(new RC564Engine());
-        }
-    }
-
-    public static class CBC32
-       extends BaseBlockCipher
-    {
-        public CBC32()
-        {
-            super(new CBCBlockCipher(new RC532Engine()), 64);
-        }
-    }
-
-    public static class KeyGen32
-        extends BaseKeyGenerator
-    {
-        public KeyGen32()
-        {
-            super("RC5", 128, new CipherKeyGenerator());
-        }
-    }
-
-    /**
-     * RC5
-     */
-    public static class KeyGen64
-        extends BaseKeyGenerator
-    {
-        public KeyGen64()
-        {
-            super("RC5-64", 256, new CipherKeyGenerator());
-        }
-    }
-
-    public static class AlgParamGen
-        extends BaseAlgorithmParameterGenerator
-    {
-        protected void engineInit(
-            AlgorithmParameterSpec genParamSpec,
-            SecureRandom random)
-            throws InvalidAlgorithmParameterException
-        {
-            throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for RC5 parameter generation.");
-        }
-
-        protected AlgorithmParameters engineGenerateParameters()
-        {
-            byte[] iv = new byte[8];
-
-            if (random == null)
-            {
-                random = CryptoServicesRegistrar.getSecureRandom();
-            }
-
-            random.nextBytes(iv);
-
-            AlgorithmParameters params;
-
-            try
-            {
-                params = createParametersInstance("RC5");
-                params.init(new IvParameterSpec(iv));
-            }
-            catch (Exception e)
-            {
-                throw new RuntimeException(e.getMessage());
-            }
-
-            return params;
-        }
-    }
-
-    public static class Mac32
-        extends BaseMac
-    {
-        public Mac32()
-        {
-            super(new CBCBlockCipherMac(new RC532Engine()));
-        }
-    }
-
-    public static class CFB8Mac32
-        extends BaseMac
-    {
-        public CFB8Mac32()
-        {
-            super(new CFBBlockCipherMac(new RC532Engine()));
-        }
-    }
-
-    public static class AlgParams
-        extends IvAlgorithmParameters
-    {
-        protected String engineToString()
-        {
-            return "RC5 IV";
-        }
-    }
-
-    public static class Mappings
-        extends AlgorithmProvider
-    {
-        private static final String PREFIX = RC5.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-
-            provider.addAlgorithm("Cipher.RC5", PREFIX + "$ECB32");
-            provider.addAlgorithm("Alg.Alias.Cipher.RC5-32", "RC5");
-            provider.addAlgorithm("Cipher.RC5-64", PREFIX + "$ECB64");
-            provider.addAlgorithm("KeyGenerator.RC5", PREFIX + "$KeyGen32");
-            provider.addAlgorithm("Alg.Alias.KeyGenerator.RC5-32", "RC5");
-            provider.addAlgorithm("KeyGenerator.RC5-64", PREFIX + "$KeyGen64");
-            provider.addAlgorithm("AlgorithmParameters.RC5", PREFIX + "$AlgParams");
-            provider.addAlgorithm("AlgorithmParameters.RC5-64", PREFIX + "$AlgParams");
-            provider.addAlgorithm("Mac.RC5MAC", PREFIX + "$Mac32");
-            provider.addAlgorithm("Alg.Alias.Mac.RC5", "RC5MAC");
-            provider.addAlgorithm("Mac.RC5MAC/CFB8", PREFIX + "$CFB8Mac32");
-            provider.addAlgorithm("Alg.Alias.Mac.RC5/CFB8", "RC5MAC/CFB8");
-
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC6.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC6.java
deleted file mode 100644
index 81271ec..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/RC6.java
+++ /dev/null

@@ -1,180 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.spec.IvParameterSpec;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.engines.RC6Engine;
-import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
-import org.bouncycastle.crypto.macs.GMac;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.modes.CFBBlockCipher;
-import org.bouncycastle.crypto.modes.GCMBlockCipher;
-import org.bouncycastle.crypto.modes.OFBBlockCipher;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
-
-public final class RC6
-{
-    private RC6()
-    {
-    }
-    
-    public static class ECB
-        extends BaseBlockCipher
-    {
-        public ECB()
-        {
-            super(new BlockCipherProvider()
-            {
-                public BlockCipher get()
-                {
-                    return new RC6Engine();
-                }
-            });
-        }
-    }
-
-    public static class CBC
-       extends BaseBlockCipher
-    {
-        public CBC()
-        {
-            super(new CBCBlockCipher(new RC6Engine()), 128);
-        }
-    }
-
-    static public class CFB
-        extends BaseBlockCipher
-    {
-        public CFB()
-        {
-            super(new BufferedBlockCipher(new CFBBlockCipher(new RC6Engine(), 128)), 128);
-        }
-    }
-
-    static public class OFB
-        extends BaseBlockCipher
-    {
-        public OFB()
-        {
-            super(new BufferedBlockCipher(new OFBBlockCipher(new RC6Engine(), 128)), 128);
-        }
-    }
-
-    public static class GMAC
-        extends BaseMac
-    {
-        public GMAC()
-        {
-            super(new GMac(new GCMBlockCipher(new RC6Engine())));
-        }
-    }
-
-    public static class Poly1305
-        extends BaseMac
-    {
-        public Poly1305()
-        {
-            super(new org.bouncycastle.crypto.macs.Poly1305(new RC6Engine()));
-        }
-    }
-
-    public static class Poly1305KeyGen
-        extends BaseKeyGenerator
-    {
-        public Poly1305KeyGen()
-        {
-            super("Poly1305-RC6", 256, new Poly1305KeyGenerator());
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            super("RC6", 256, new CipherKeyGenerator());
-        }
-    }
-
-    public static class AlgParamGen
-        extends BaseAlgorithmParameterGenerator
-    {
-        protected void engineInit(
-            AlgorithmParameterSpec genParamSpec,
-            SecureRandom random)
-            throws InvalidAlgorithmParameterException
-        {
-            throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for RC6 parameter generation.");
-        }
-
-        protected AlgorithmParameters engineGenerateParameters()
-        {
-            byte[]  iv = new byte[16];
-
-            if (random == null)
-            {
-                random = CryptoServicesRegistrar.getSecureRandom();
-            }
-
-            random.nextBytes(iv);
-
-            AlgorithmParameters params;
-
-            try
-            {
-                params = createParametersInstance("RC6");
-                params.init(new IvParameterSpec(iv));
-            }
-            catch (Exception e)
-            {
-                throw new RuntimeException(e.getMessage());
-            }
-
-            return params;
-        }
-    }
-
-    public static class AlgParams
-        extends IvAlgorithmParameters
-    {
-        protected String engineToString()
-        {
-            return "RC6 IV";
-        }
-    }
-
-    public static class Mappings
-        extends SymmetricAlgorithmProvider
-    {
-        private static final String PREFIX = RC6.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-
-            provider.addAlgorithm("Cipher.RC6", PREFIX + "$ECB");
-            provider.addAlgorithm("KeyGenerator.RC6", PREFIX + "$KeyGen");
-            provider.addAlgorithm("AlgorithmParameters.RC6", PREFIX + "$AlgParams");
-
-            addGMacAlgorithm(provider, "RC6", PREFIX + "$GMAC", PREFIX + "$KeyGen");
-            addPoly1305Algorithm(provider, "RC6", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Rijndael.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Rijndael.java
deleted file mode 100644
index b8c36b7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Rijndael.java
+++ /dev/null

@@ -1,70 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.engines.RijndaelEngine;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
-import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
-
-public final class Rijndael
-{
-    private Rijndael()
-    {
-    }
-    
-    public static class ECB
-        extends BaseBlockCipher
-    {
-        public ECB()
-        {
-            super(new BlockCipherProvider()
-            {
-                public BlockCipher get()
-                {
-                    return new RijndaelEngine();
-                }
-            });
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            super("Rijndael", 192, new CipherKeyGenerator());
-        }
-    }
-
-    public static class AlgParams
-        extends IvAlgorithmParameters
-    {
-        protected String engineToString()
-        {
-            return "Rijndael IV";
-        }
-    }
-
-    public static class Mappings
-        extends AlgorithmProvider
-    {
-        private static final String PREFIX = Rijndael.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-
-            provider.addAlgorithm("Cipher.RIJNDAEL", PREFIX + "$ECB");
-            provider.addAlgorithm("KeyGenerator.RIJNDAEL", PREFIX + "$KeyGen");
-            provider.addAlgorithm("AlgorithmParameters.RIJNDAEL", PREFIX + "$AlgParams");
-
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SCRYPT.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SCRYPT.java
deleted file mode 100644
index 82e4179..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SCRYPT.java
+++ /dev/null

@@ -1,102 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.KeySpec;
-
-import javax.crypto.SecretKey;
-
-import org.bouncycastle.asn1.misc.MiscObjectIdentifiers;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.PasswordConverter;
-import org.bouncycastle.crypto.generators.SCrypt;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BCPBEKey;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseSecretKeyFactory;
-import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
-import org.bouncycastle.jcajce.spec.ScryptKeySpec;
-
-public class SCRYPT
-{
-    private SCRYPT()
-    {
-
-    }
-
-    public static class BasePBKDF2
-        extends BaseSecretKeyFactory
-    {
-        private int scheme;
-
-        public BasePBKDF2(String name, int scheme)
-        {
-            super(name, MiscObjectIdentifiers.id_scrypt);
-
-            this.scheme = scheme;
-        }
-
-        protected SecretKey engineGenerateSecret(
-            KeySpec keySpec)
-            throws InvalidKeySpecException
-        {
-            if (keySpec instanceof ScryptKeySpec)
-            {
-                ScryptKeySpec pbeSpec = (ScryptKeySpec)keySpec;
-
-                if (pbeSpec.getSalt() == null)
-                {
-                    throw new IllegalArgumentException("Salt S must be provided.");
-                }
-                if (pbeSpec.getCostParameter() <= 1)
-                {
-                    throw new IllegalArgumentException("Cost parameter N must be > 1.");
-                }
-
-                if (pbeSpec.getKeyLength() <= 0)
-                {
-                    throw new InvalidKeySpecException("positive key length required: "
-                        + pbeSpec.getKeyLength());
-                }
-
-                if (pbeSpec.getPassword().length == 0)
-                {
-                    throw new IllegalArgumentException("password empty");
-                }
-
-                CipherParameters param = new KeyParameter(SCrypt.generate(
-                        PasswordConverter.UTF8.convert(pbeSpec.getPassword()), pbeSpec.getSalt(),
-                        pbeSpec.getCostParameter(), pbeSpec.getBlockSize(), pbeSpec.getParallelizationParameter(),
-                        pbeSpec.getKeyLength() / 8));
-
-                return new BCPBEKey(this.algName, pbeSpec, param);
-            }
-
-            throw new InvalidKeySpecException("Invalid KeySpec");
-        }
-    }
-
-    public static class ScryptWithUTF8
-        extends BasePBKDF2
-    {
-        public ScryptWithUTF8()
-        {
-            super("SCRYPT", PKCS5S2_UTF8);
-        }
-    }
-
-    public static class Mappings
-        extends AlgorithmProvider
-    {
-        private static final String PREFIX = SCRYPT.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("SecretKeyFactory.SCRYPT", PREFIX + "$ScryptWithUTF8");
-            provider.addAlgorithm("SecretKeyFactory", MiscObjectIdentifiers.id_scrypt, PREFIX + "$ScryptWithUTF8");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SEED.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SEED.java
deleted file mode 100644
index 62a4efa..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SEED.java
+++ /dev/null

@@ -1,208 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.spec.IvParameterSpec;
-
-import org.bouncycastle.asn1.kisa.KISAObjectIdentifiers;
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.engines.SEEDEngine;
-import org.bouncycastle.crypto.engines.SEEDWrapEngine;
-import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
-import org.bouncycastle.crypto.macs.CMac;
-import org.bouncycastle.crypto.macs.GMac;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.modes.GCMBlockCipher;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseSecretKeyFactory;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
-
-public final class SEED
-{
-    private SEED()
-    {
-    }
-    
-    public static class ECB
-        extends BaseBlockCipher
-    {
-        public ECB()
-        {
-            super(new BlockCipherProvider()
-            {
-                public BlockCipher get()
-                {
-                    return new SEEDEngine();
-                }
-            });
-        }
-    }
-
-    public static class CBC
-       extends BaseBlockCipher
-    {
-        public CBC()
-        {
-            super(new CBCBlockCipher(new SEEDEngine()), 128);
-        }
-    }
-
-    public static class Wrap
-        extends BaseWrapCipher
-    {
-        public Wrap()
-        {
-            super(new SEEDWrapEngine());
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            super("SEED", 128, new CipherKeyGenerator());
-        }
-    }
-
-    public static class CMAC
-        extends BaseMac
-    {
-        public CMAC()
-        {
-            super(new CMac(new SEEDEngine()));
-        }
-    }
-
-    public static class GMAC
-        extends BaseMac
-    {
-        public GMAC()
-        {
-            super(new GMac(new GCMBlockCipher(new SEEDEngine())));
-        }
-    }
-
-    static public class KeyFactory
-         extends BaseSecretKeyFactory
-    {
-        public KeyFactory()
-        {
-            super("SEED", null);
-        }
-    }
-
-    public static class Poly1305
-        extends BaseMac
-    {
-        public Poly1305()
-        {
-            super(new org.bouncycastle.crypto.macs.Poly1305(new SEEDEngine()));
-        }
-    }
-
-    public static class Poly1305KeyGen
-        extends BaseKeyGenerator
-    {
-        public Poly1305KeyGen()
-        {
-            super("Poly1305-SEED", 256, new Poly1305KeyGenerator());
-        }
-    }
-
-    public static class AlgParamGen
-        extends BaseAlgorithmParameterGenerator
-    {
-        protected void engineInit(
-            AlgorithmParameterSpec genParamSpec,
-            SecureRandom random)
-            throws InvalidAlgorithmParameterException
-        {
-            throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for SEED parameter generation.");
-        }
-
-        protected AlgorithmParameters engineGenerateParameters()
-        {
-            byte[] iv = new byte[16];
-
-            if (random == null)
-            {
-                random = CryptoServicesRegistrar.getSecureRandom();
-            }
-
-            random.nextBytes(iv);
-
-            AlgorithmParameters params;
-
-            try
-            {
-                params = createParametersInstance("SEED");
-                params.init(new IvParameterSpec(iv));
-            }
-            catch (Exception e)
-            {
-                throw new RuntimeException(e.getMessage());
-            }
-
-            return params;
-        }
-    }
-
-    public static class AlgParams
-        extends IvAlgorithmParameters
-    {
-        protected String engineToString()
-        {
-            return "SEED IV";
-        }
-    }
-
-    public static class Mappings
-        extends SymmetricAlgorithmProvider
-    {
-        private static final String PREFIX = SEED.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-
-            provider.addAlgorithm("AlgorithmParameters.SEED", PREFIX + "$AlgParams");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + KISAObjectIdentifiers.id_seedCBC, "SEED");
-
-            provider.addAlgorithm("AlgorithmParameterGenerator.SEED", PREFIX + "$AlgParamGen");
-            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + KISAObjectIdentifiers.id_seedCBC, "SEED");
-
-            provider.addAlgorithm("Cipher.SEED", PREFIX + "$ECB");
-            provider.addAlgorithm("Cipher", KISAObjectIdentifiers.id_seedCBC, PREFIX + "$CBC");
-
-            provider.addAlgorithm("Cipher.SEEDWRAP", PREFIX + "$Wrap");
-            provider.addAlgorithm("Alg.Alias.Cipher", KISAObjectIdentifiers.id_npki_app_cmsSeed_wrap, "SEEDWRAP");
-            provider.addAlgorithm("Alg.Alias.Cipher.SEEDKW", "SEEDWRAP");
-
-            provider.addAlgorithm("KeyGenerator.SEED", PREFIX + "$KeyGen");
-            provider.addAlgorithm("KeyGenerator", KISAObjectIdentifiers.id_seedCBC, PREFIX + "$KeyGen");
-            provider.addAlgorithm("KeyGenerator", KISAObjectIdentifiers.id_npki_app_cmsSeed_wrap, PREFIX + "$KeyGen");
-
-            provider.addAlgorithm("SecretKeyFactory.SEED", PREFIX + "$KeyFactory");
-            provider.addAlgorithm("Alg.Alias.SecretKeyFactory", KISAObjectIdentifiers.id_seedCBC, "SEED");
-
-            addCMacAlgorithm(provider, "SEED", PREFIX + "$CMAC", PREFIX + "$KeyGen");
-            addGMacAlgorithm(provider, "SEED", PREFIX + "$GMAC", PREFIX + "$KeyGen");
-            addPoly1305Algorithm(provider, "SEED", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SM4.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SM4.java
deleted file mode 100644
index 6e0202f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SM4.java
+++ /dev/null

@@ -1,163 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.spec.IvParameterSpec;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.engines.SM4Engine;
-import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
-import org.bouncycastle.crypto.macs.CMac;
-import org.bouncycastle.crypto.macs.GMac;
-import org.bouncycastle.crypto.modes.GCMBlockCipher;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
-
-public final class SM4
-{
-    private SM4()
-    {
-    }
-    
-    public static class ECB
-        extends BaseBlockCipher
-    {
-        public ECB()
-        {
-            super(new BlockCipherProvider()
-            {
-                public BlockCipher get()
-                {
-                    return new SM4Engine();
-                }
-            });
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            super("SM4", 128, new CipherKeyGenerator());
-        }
-    }
-
-    public static class CMAC
-        extends BaseMac
-    {
-        public CMAC()
-        {
-            super(new CMac(new SM4Engine()));
-        }
-    }
-
-    public static class GMAC
-        extends BaseMac
-    {
-        public GMAC()
-        {
-            super(new GMac(new GCMBlockCipher(new SM4Engine())));
-        }
-    }
-
-    public static class Poly1305
-        extends BaseMac
-    {
-        public Poly1305()
-        {
-            super(new org.bouncycastle.crypto.macs.Poly1305(new SM4Engine()));
-        }
-    }
-
-    public static class Poly1305KeyGen
-        extends BaseKeyGenerator
-    {
-        public Poly1305KeyGen()
-        {
-            super("Poly1305-SM4", 256, new Poly1305KeyGenerator());
-        }
-    }
-
-    public static class AlgParamGen
-        extends BaseAlgorithmParameterGenerator
-    {
-        protected void engineInit(
-            AlgorithmParameterSpec genParamSpec,
-            SecureRandom random)
-            throws InvalidAlgorithmParameterException
-        {
-            throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for SM4 parameter generation.");
-        }
-
-        protected AlgorithmParameters engineGenerateParameters()
-        {
-            byte[] iv = new byte[16];
-
-            if (random == null)
-            {
-                random = CryptoServicesRegistrar.getSecureRandom();
-            }
-
-            random.nextBytes(iv);
-
-            AlgorithmParameters params;
-
-            try
-            {
-                params = createParametersInstance("SM4");
-                params.init(new IvParameterSpec(iv));
-            }
-            catch (Exception e)
-            {
-                throw new RuntimeException(e.getMessage());
-            }
-
-            return params;
-        }
-    }
-
-    public static class AlgParams
-        extends IvAlgorithmParameters
-    {
-        protected String engineToString()
-        {
-            return "SM4 IV";
-        }
-    }
-
-    public static class Mappings
-        extends SymmetricAlgorithmProvider
-    {
-        private static final String PREFIX = SM4.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("AlgorithmParameters.SM4", PREFIX + "$AlgParams");
-
-            provider.addAlgorithm("AlgorithmParameterGenerator.SM4", PREFIX + "$AlgParamGen");
-
-            provider.addAlgorithm("Cipher.SM4", PREFIX + "$ECB");
-
-            provider.addAlgorithm("KeyGenerator.SM4", PREFIX + "$KeyGen");
-
-            addCMacAlgorithm(provider, "SM4", PREFIX + "$CMAC", PREFIX + "$KeyGen");
-            addGMacAlgorithm(provider, "SM4", PREFIX + "$GMAC", PREFIX + "$KeyGen");
-            addPoly1305Algorithm(provider, "SM4", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Salsa20.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Salsa20.java
deleted file mode 100644
index 86774f9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Salsa20.java
+++ /dev/null

@@ -1,61 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.engines.Salsa20Engine;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseStreamCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
-import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
-
-public final class Salsa20
-{
-    private Salsa20()
-    {
-    }
-    
-    public static class Base
-        extends BaseStreamCipher
-    {
-        public Base()
-        {
-            super(new Salsa20Engine(), 8);
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            super("Salsa20", 128, new CipherKeyGenerator());
-        }
-    }
-
-    public static class AlgParams
-        extends IvAlgorithmParameters
-    {
-        protected String engineToString()
-        {
-            return "Salsa20 IV";
-        }
-    }
-
-    public static class Mappings
-        extends AlgorithmProvider
-    {
-        private static final String PREFIX = Salsa20.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-
-            provider.addAlgorithm("Cipher.SALSA20", PREFIX + "$Base");
-            provider.addAlgorithm("KeyGenerator.SALSA20", PREFIX + "$KeyGen");
-            provider.addAlgorithm("AlgorithmParameters.SALSA20", PREFIX + "$AlgParams");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Serpent.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Serpent.java
deleted file mode 100644
index 52a7e1e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Serpent.java
+++ /dev/null

@@ -1,198 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import org.bouncycastle.asn1.gnu.GNUObjectIdentifiers;
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.engines.SerpentEngine;
-import org.bouncycastle.crypto.engines.TnepresEngine;
-import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
-import org.bouncycastle.crypto.macs.GMac;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.modes.CFBBlockCipher;
-import org.bouncycastle.crypto.modes.GCMBlockCipher;
-import org.bouncycastle.crypto.modes.OFBBlockCipher;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
-
-public final class Serpent
-{
-    private Serpent()
-    {
-    }
-    
-    public static class ECB
-        extends BaseBlockCipher
-    {
-        public ECB()
-        {
-            super(new BlockCipherProvider()
-            {
-                public BlockCipher get()
-                {
-                    return new SerpentEngine();
-                }
-            });
-        }
-    }
-
-    public static class TECB
-        extends BaseBlockCipher
-    {
-        public TECB()
-        {
-            super(new BlockCipherProvider()
-            {
-                public BlockCipher get()
-                {
-                    return new TnepresEngine();
-                }
-            });
-        }
-    }
-
-    public static class CBC
-        extends BaseBlockCipher
-    {
-        public CBC()
-        {
-            super(new CBCBlockCipher(new SerpentEngine()), 128);
-        }
-    }
-
-    public static class CFB
-        extends BaseBlockCipher
-    {
-        public CFB()
-        {
-            super(new BufferedBlockCipher(new CFBBlockCipher(new SerpentEngine(), 128)), 128);
-        }
-    }
-
-    public static class OFB
-        extends BaseBlockCipher
-    {
-        public OFB()
-        {
-            super(new BufferedBlockCipher(new OFBBlockCipher(new SerpentEngine(), 128)), 128);
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            super("Serpent", 192, new CipherKeyGenerator());
-        }
-    }
-
-    public static class TKeyGen
-        extends BaseKeyGenerator
-    {
-        public TKeyGen()
-        {
-            super("Tnepres", 192, new CipherKeyGenerator());
-        }
-    }
-
-    public static class SerpentGMAC
-        extends BaseMac
-    {
-        public SerpentGMAC()
-        {
-            super(new GMac(new GCMBlockCipher(new SerpentEngine())));
-        }
-    }
-
-    public static class TSerpentGMAC
-        extends BaseMac
-    {
-        public TSerpentGMAC()
-        {
-            super(new GMac(new GCMBlockCipher(new TnepresEngine())));
-        }
-    }
-
-    public static class Poly1305
-        extends BaseMac
-    {
-        public Poly1305()
-        {
-            super(new org.bouncycastle.crypto.macs.Poly1305(new SerpentEngine()));
-        }
-    }
-
-    public static class Poly1305KeyGen
-        extends BaseKeyGenerator
-    {
-        public Poly1305KeyGen()
-        {
-            super("Poly1305-Serpent", 256, new Poly1305KeyGenerator());
-        }
-    }
-
-    public static class AlgParams
-        extends IvAlgorithmParameters
-    {
-        protected String engineToString()
-        {
-            return "Serpent IV";
-        }
-    }
-
-    public static class TAlgParams
-        extends IvAlgorithmParameters
-    {
-        protected String engineToString()
-        {
-            return "Tnepres IV";
-        }
-    }
-
-    public static class Mappings
-        extends SymmetricAlgorithmProvider
-    {
-        private static final String PREFIX = Serpent.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-
-            provider.addAlgorithm("Cipher.Serpent", PREFIX + "$ECB");
-            provider.addAlgorithm("KeyGenerator.Serpent", PREFIX + "$KeyGen");
-            provider.addAlgorithm("AlgorithmParameters.Serpent", PREFIX + "$AlgParams");
-
-            provider.addAlgorithm("Cipher.Tnepres", PREFIX + "$TECB");
-            provider.addAlgorithm("KeyGenerator.Tnepres", PREFIX + "$TKeyGen");
-            provider.addAlgorithm("AlgorithmParameters.Tnepres", PREFIX + "$TAlgParams");
-
-            provider.addAlgorithm("Cipher", GNUObjectIdentifiers.Serpent_128_ECB, PREFIX + "$ECB");
-            provider.addAlgorithm("Cipher", GNUObjectIdentifiers.Serpent_192_ECB, PREFIX + "$ECB");
-            provider.addAlgorithm("Cipher", GNUObjectIdentifiers.Serpent_256_ECB, PREFIX + "$ECB");
-
-            provider.addAlgorithm("Cipher", GNUObjectIdentifiers.Serpent_128_CBC, PREFIX + "$CBC");
-            provider.addAlgorithm("Cipher", GNUObjectIdentifiers.Serpent_192_CBC, PREFIX + "$CBC");
-            provider.addAlgorithm("Cipher", GNUObjectIdentifiers.Serpent_256_CBC, PREFIX + "$CBC");
-
-            provider.addAlgorithm("Cipher", GNUObjectIdentifiers.Serpent_128_CFB, PREFIX + "$CFB");
-            provider.addAlgorithm("Cipher", GNUObjectIdentifiers.Serpent_192_CFB, PREFIX + "$CFB");
-            provider.addAlgorithm("Cipher", GNUObjectIdentifiers.Serpent_256_CFB, PREFIX + "$CFB");
-
-            provider.addAlgorithm("Cipher", GNUObjectIdentifiers.Serpent_128_OFB, PREFIX + "$OFB");
-            provider.addAlgorithm("Cipher", GNUObjectIdentifiers.Serpent_192_OFB, PREFIX + "$OFB");
-            provider.addAlgorithm("Cipher", GNUObjectIdentifiers.Serpent_256_OFB, PREFIX + "$OFB");
-
-            addGMacAlgorithm(provider, "SERPENT", PREFIX + "$SerpentGMAC", PREFIX + "$KeyGen");
-            addGMacAlgorithm(provider, "TNEPRES", PREFIX + "$TSerpentGMAC", PREFIX + "$TKeyGen");
-            addPoly1305Algorithm(provider, "SERPENT", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Shacal2.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Shacal2.java
deleted file mode 100644
index f10c68f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Shacal2.java
+++ /dev/null

@@ -1,141 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.spec.IvParameterSpec;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.engines.Shacal2Engine;
-import org.bouncycastle.crypto.macs.CMac;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
-
-public final class Shacal2
-{
-    private Shacal2()
-    {
-    }
-    
-    public static class ECB
-        extends BaseBlockCipher
-    {
-        public ECB()
-        {
-            super(new BlockCipherProvider()
-            {
-                public BlockCipher get()
-                {
-                    return new Shacal2Engine();
-                }
-            });
-        }
-    }
-
-    public static class CBC
-       extends BaseBlockCipher
-    {
-        public CBC()
-        {
-            super(new CBCBlockCipher(new Shacal2Engine()), 256);//block size
-        }
-    }
-
-    public static class CMAC
-        extends BaseMac
-    {
-        public CMAC()
-        {
-            super(new CMac(new Shacal2Engine()));
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            super("SHACAL-2", 128, new CipherKeyGenerator());//key size
-        }
-    }
-
-    public static class AlgParamGen
-        extends BaseAlgorithmParameterGenerator
-    {
-        protected void engineInit(
-            AlgorithmParameterSpec genParamSpec,
-            SecureRandom random)
-            throws InvalidAlgorithmParameterException
-        {
-            throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for Shacal2 parameter generation.");
-        }
-
-        protected AlgorithmParameters engineGenerateParameters()
-        {
-            byte[] iv = new byte[32];// block size 256
-
-            if (random == null)
-            {
-                random = CryptoServicesRegistrar.getSecureRandom();
-            }
-
-            random.nextBytes(iv);
-
-            AlgorithmParameters params;
-
-            try
-            {
-                params = createParametersInstance("Shacal2");
-                params.init(new IvParameterSpec(iv));
-            }
-            catch (Exception e)
-            {
-                throw new RuntimeException(e.getMessage());
-            }
-            return params;
-        }
-    }
-
-    public static class AlgParams
-        extends IvAlgorithmParameters
-    {
-        protected String engineToString()
-        {
-            return "Shacal2 IV";
-        }
-    }
-
-    public static class Mappings
-        extends SymmetricAlgorithmProvider
-    {
-        private static final String PREFIX = Shacal2.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("Mac.Shacal-2CMAC", PREFIX + "$CMAC");
-
-            provider.addAlgorithm("Cipher.Shacal2", PREFIX + "$ECB");
-            provider.addAlgorithm("Cipher.SHACAL-2", PREFIX + "$ECB");
-            provider.addAlgorithm("KeyGenerator.Shacal2", PREFIX + "$KeyGen");        
-            provider.addAlgorithm("AlgorithmParameterGenerator.Shacal2", PREFIX + "$AlgParamGen");
-        	provider.addAlgorithm("AlgorithmParameters.Shacal2", PREFIX + "$AlgParams");
-            provider.addAlgorithm("KeyGenerator.SHACAL-2", PREFIX + "$KeyGen");
-            provider.addAlgorithm("AlgorithmParameterGenerator.SHACAL-2", PREFIX + "$AlgParamGen");
-        	provider.addAlgorithm("AlgorithmParameters.SHACAL-2", PREFIX + "$AlgParams");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SipHash.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SipHash.java
deleted file mode 100644
index 5a11531..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SipHash.java
+++ /dev/null

@@ -1,62 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
-
-public final class SipHash
-{
-    private SipHash()
-    {
-    }
-
-    public static class Mac24
-        extends BaseMac
-    {
-        public Mac24()
-        {
-            super(new org.bouncycastle.crypto.macs.SipHash());
-        }
-    }
-
-    public static class Mac48
-        extends BaseMac
-    {
-        public Mac48()
-        {
-            super(new org.bouncycastle.crypto.macs.SipHash(4, 8));
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            super("SipHash", 128, new CipherKeyGenerator());
-        }
-    }
-
-    public static class Mappings
-        extends AlgorithmProvider
-    {
-        private static final String PREFIX = SipHash.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("Mac.SIPHASH-2-4", PREFIX + "$Mac24");
-            provider.addAlgorithm("Alg.Alias.Mac.SIPHASH", "SIPHASH-2-4");
-            provider.addAlgorithm("Mac.SIPHASH-4-8", PREFIX + "$Mac48");
-
-            provider.addAlgorithm("KeyGenerator.SIPHASH", PREFIX + "$KeyGen");
-            provider.addAlgorithm("Alg.Alias.KeyGenerator.SIPHASH-2-4", "SIPHASH");
-            provider.addAlgorithm("Alg.Alias.KeyGenerator.SIPHASH-4-8", "SIPHASH");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Skipjack.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Skipjack.java
deleted file mode 100644
index ec75944..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Skipjack.java
+++ /dev/null

@@ -1,87 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.engines.SkipjackEngine;
-import org.bouncycastle.crypto.macs.CBCBlockCipherMac;
-import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
-import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
-
-public final class Skipjack
-{
-    private Skipjack()
-    {
-    }
-    
-    public static class ECB
-        extends BaseBlockCipher
-    {
-        public ECB()
-        {
-            super(new SkipjackEngine());
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            super("Skipjack", 80, new CipherKeyGenerator());
-        }
-    }
-
-    public static class AlgParams
-        extends IvAlgorithmParameters
-    {
-        protected String engineToString()
-        {
-            return "Skipjack IV";
-        }
-    }
-
-    public static class Mac
-        extends BaseMac
-    {
-        public Mac()
-        {
-            super(new CBCBlockCipherMac(new SkipjackEngine()));
-        }
-    }
-
-    public static class MacCFB8
-        extends BaseMac
-    {
-        public MacCFB8()
-        {
-            super(new CFBBlockCipherMac(new SkipjackEngine()));
-        }
-    }
-
-    public static class Mappings
-        extends AlgorithmProvider
-    {
-        private static final String PREFIX = Skipjack.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-
-            provider.addAlgorithm("Cipher.SKIPJACK", PREFIX + "$ECB");
-            provider.addAlgorithm("KeyGenerator.SKIPJACK", PREFIX + "$KeyGen");
-            provider.addAlgorithm("AlgorithmParameters.SKIPJACK", PREFIX + "$AlgParams");
-            provider.addAlgorithm("Mac.SKIPJACKMAC", PREFIX + "$Mac");
-            provider.addAlgorithm("Alg.Alias.Mac.SKIPJACK", "SKIPJACKMAC");
-            provider.addAlgorithm("Mac.SKIPJACKMAC/CFB8", PREFIX + "$MacCFB8");
-            provider.addAlgorithm("Alg.Alias.Mac.SKIPJACK/CFB8", "SKIPJACKMAC/CFB8");
-
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java
index 4dd8e6f..e955e9d 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java

@@ -6,6 +6,8 @@
 abstract class SymmetricAlgorithmProvider
     extends AlgorithmProvider
 {
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     protected void addCMacAlgorithm(
         ConfigurableProvider provider,
         String algorithm,
@@ -43,5 +45,7 @@
         provider.addAlgorithm("KeyGenerator.POLY1305-" + algorithm, keyGeneratorClassName);
         provider.addAlgorithm("Alg.Alias.KeyGenerator.POLY1305" + algorithm, "POLY1305-" + algorithm);
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
 }

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/TEA.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/TEA.java
deleted file mode 100644
index 4bc12c9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/TEA.java
+++ /dev/null

@@ -1,62 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.engines.TEAEngine;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
-import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
-
-public final class TEA
-{
-    private TEA()
-    {
-    }
-    
-    public static class ECB
-        extends BaseBlockCipher
-    {
-        public ECB()
-        {
-            super(new TEAEngine());
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            super("TEA", 128, new CipherKeyGenerator());
-        }
-    }
-
-    public static class AlgParams
-        extends IvAlgorithmParameters
-    {
-        protected String engineToString()
-        {
-            return "TEA IV";
-        }
-    }
-
-    public static class Mappings
-        extends AlgorithmProvider
-    {
-        private static final String PREFIX = TEA.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-
-            provider.addAlgorithm("Cipher.TEA", PREFIX + "$ECB");
-            provider.addAlgorithm("KeyGenerator.TEA", PREFIX + "$KeyGen");
-            provider.addAlgorithm("AlgorithmParameters.TEA", PREFIX + "$AlgParams");
-
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/TLSKDF.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/TLSKDF.java
deleted file mode 100644
index eee822a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/TLSKDF.java
+++ /dev/null

@@ -1,207 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.KeySpec;
-
-import javax.crypto.SecretKey;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.crypto.Mac;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA384Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.util.DigestFactory;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseSecretKeyFactory;
-import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
-import org.bouncycastle.jcajce.spec.TLSKeyMaterialSpec;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-
-public class TLSKDF
-{
-    public static class TLSKeyMaterialFactory
-        extends BaseSecretKeyFactory
-    {
-        protected TLSKeyMaterialFactory(String algName)
-        {
-            super(algName, null);
-        }
-    }
-
-    public static final class TLS10
-        extends TLSKeyMaterialFactory
-    {
-        public TLS10()
-        {
-            super("TLS10KDF");
-        }
-
-        protected SecretKey engineGenerateSecret(
-            KeySpec keySpec)
-        throws InvalidKeySpecException
-        {
-            if (keySpec instanceof TLSKeyMaterialSpec)
-            {
-                return new SecretKeySpec(PRF_legacy((TLSKeyMaterialSpec)keySpec), algName);
-            }
-
-            throw new InvalidKeySpecException("Invalid KeySpec");
-        }
-    }
-
-    public static final class TLS11
-        extends TLSKeyMaterialFactory
-    {
-        public TLS11()
-        {
-            super("TLS11KDF");
-        }
-
-        protected SecretKey engineGenerateSecret(
-            KeySpec keySpec)
-        throws InvalidKeySpecException
-        {
-            if (keySpec instanceof TLSKeyMaterialSpec)
-            {
-                return new SecretKeySpec(PRF_legacy((TLSKeyMaterialSpec)keySpec), algName);
-            }
-
-            throw new InvalidKeySpecException("Invalid KeySpec");
-        }
-    }
-
-    private static byte[] PRF_legacy(TLSKeyMaterialSpec parameters)
-    {
-        Mac md5Hmac = new HMac(DigestFactory.createMD5());
-        Mac sha1HMac = new HMac(DigestFactory.createSHA1());
-
-        byte[] label = Strings.toByteArray(parameters.getLabel());
-        byte[] labelSeed = Arrays.concatenate(label, parameters.getSeed());
-        byte[] secret = parameters.getSecret();
-
-        int s_half = (secret.length + 1) / 2;
-        byte[] s1 = new byte[s_half];
-        byte[] s2 = new byte[s_half];
-        System.arraycopy(secret, 0, s1, 0, s_half);
-        System.arraycopy(secret, secret.length - s_half, s2, 0, s_half);
-
-        int size = parameters.getLength();
-        byte[] b1 = new byte[size];
-        byte[] b2 = new byte[size];
-
-        hmac_hash(md5Hmac, s1, labelSeed, b1);
-        hmac_hash(sha1HMac, s2, labelSeed, b2);
-
-        for (int i = 0; i < size; i++)
-        {
-            b1[i] ^= b2[i];
-        }
-        return b1;
-    }
-
-    public static class TLS12
-        extends TLSKeyMaterialFactory
-    {
-        private final Mac prf;
-
-        protected TLS12(String algName, Mac prf)
-        {
-            super(algName);
-            this.prf = prf;
-        }
-
-        protected SecretKey engineGenerateSecret(
-            KeySpec keySpec)
-        throws InvalidKeySpecException
-        {
-            if (keySpec instanceof TLSKeyMaterialSpec)
-            {
-                return new SecretKeySpec(PRF((TLSKeyMaterialSpec)keySpec, prf), algName);
-            }
-
-            throw new InvalidKeySpecException("Invalid KeySpec");
-        }
-
-        private byte[] PRF(TLSKeyMaterialSpec parameters, Mac prf)
-        {
-            byte[] label = Strings.toByteArray(parameters.getLabel());
-            byte[] labelSeed = Arrays.concatenate(label, parameters.getSeed());
-            byte[] secret = parameters.getSecret();
-
-            byte[] buf = new byte[parameters.getLength()];
-
-            hmac_hash(prf, secret, labelSeed, buf);
-
-            return buf;
-        }
-    }
-
-    public static final class TLS12withSHA256
-        extends TLS12
-    {
-        public TLS12withSHA256()
-        {
-            super("TLS12withSHA256KDF", new HMac(new SHA256Digest()));
-        }
-    }
-
-    public static final class TLS12withSHA384
-        extends TLS12
-    {
-        public TLS12withSHA384()
-        {
-            super("TLS12withSHA384KDF", new HMac(new SHA384Digest()));
-        }
-    }
-
-    public static final class TLS12withSHA512
-        extends TLS12
-    {
-        public TLS12withSHA512()
-        {
-            super("TLS12withSHA512KDF", new HMac(new SHA512Digest()));
-        }
-    }
-
-    private static void hmac_hash(Mac mac, byte[] secret, byte[] seed, byte[] out)
-    {
-        mac.init(new KeyParameter(secret));
-        byte[] a = seed;
-        int size = mac.getMacSize();
-        int iterations = (out.length + size - 1) / size;
-        byte[] buf = new byte[mac.getMacSize()];
-        byte[] buf2 = new byte[mac.getMacSize()];
-        for (int i = 0; i < iterations; i++)
-        {
-            mac.update(a, 0, a.length);
-            mac.doFinal(buf, 0);
-            a = buf;
-            mac.update(a, 0, a.length);
-            mac.update(seed, 0, seed.length);
-            mac.doFinal(buf2, 0);
-            System.arraycopy(buf2, 0, out, (size * i), Math.min(size, out.length - (size * i)));
-        }
-    }
-
-    public static class Mappings
-        extends AlgorithmProvider
-    {
-        private static final String PREFIX = TLSKDF.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("SecretKeyFactory.TLS10KDF", PREFIX + "$TLS10");
-            provider.addAlgorithm("SecretKeyFactory.TLS11KDF", PREFIX + "$TLS11");
-            provider.addAlgorithm("SecretKeyFactory.TLS12WITHSHA256KDF", PREFIX + "$TLS12withSHA256");
-            provider.addAlgorithm("SecretKeyFactory.TLS12WITHSHA384KDF", PREFIX + "$TLS12withSHA384");
-            provider.addAlgorithm("SecretKeyFactory.TLS12WITHSHA512KDF", PREFIX + "$TLS12withSHA512");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Threefish.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Threefish.java
deleted file mode 100644
index 10fab5c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Threefish.java
+++ /dev/null

@@ -1,153 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.engines.ThreefishEngine;
-import org.bouncycastle.crypto.macs.CMac;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
-import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
-
-public final class Threefish
-{
-    private Threefish()
-    {
-    }
-
-    public static class ECB_256
-        extends BaseBlockCipher
-    {
-        public ECB_256()
-        {
-            super(new ThreefishEngine(ThreefishEngine.BLOCKSIZE_256));
-        }
-    }
-
-    public static class ECB_512
-        extends BaseBlockCipher
-    {
-        public ECB_512()
-        {
-            super(new ThreefishEngine(ThreefishEngine.BLOCKSIZE_512));
-        }
-    }
-
-    public static class ECB_1024
-        extends BaseBlockCipher
-    {
-        public ECB_1024()
-        {
-            super(new ThreefishEngine(ThreefishEngine.BLOCKSIZE_1024));
-        }
-    }
-
-    public static class KeyGen_256
-        extends BaseKeyGenerator
-    {
-        public KeyGen_256()
-        {
-            super("Threefish-256", 256, new CipherKeyGenerator());
-        }
-    }
-
-    public static class KeyGen_512
-        extends BaseKeyGenerator
-    {
-        public KeyGen_512()
-        {
-            super("Threefish-512", 512, new CipherKeyGenerator());
-        }
-    }
-
-    public static class KeyGen_1024
-        extends BaseKeyGenerator
-    {
-        public KeyGen_1024()
-        {
-            super("Threefish-1024", 1024, new CipherKeyGenerator());
-        }
-    }
-
-    public static class AlgParams_256
-        extends IvAlgorithmParameters
-    {
-        protected String engineToString()
-        {
-            return "Threefish-256 IV";
-        }
-    }
-
-    public static class AlgParams_512
-        extends IvAlgorithmParameters
-    {
-        protected String engineToString()
-        {
-            return "Threefish-512 IV";
-        }
-    }
-
-    public static class AlgParams_1024
-        extends IvAlgorithmParameters
-    {
-        protected String engineToString()
-        {
-            return "Threefish-1024 IV";
-        }
-    }
-
-    public static class CMAC_256
-        extends BaseMac
-    {
-        public CMAC_256()
-        {
-            super(new CMac(new ThreefishEngine(256)));
-        }
-    }
-
-    public static class CMAC_512
-        extends BaseMac
-    {
-        public CMAC_512()
-        {
-            super(new CMac(new ThreefishEngine(512)));
-        }
-    }
-
-    public static class CMAC_1024
-        extends BaseMac
-    {
-        public CMAC_1024()
-        {
-            super(new CMac(new ThreefishEngine(1024)));
-        }
-    }
-
-    public static class Mappings
-        extends AlgorithmProvider
-    {
-        private static final String PREFIX = Threefish.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("Mac.Threefish-256CMAC", PREFIX + "$CMAC_256");
-            provider.addAlgorithm("Mac.Threefish-512CMAC", PREFIX + "$CMAC_512");
-            provider.addAlgorithm("Mac.Threefish-1024CMAC", PREFIX + "$CMAC_1024");
-
-            provider.addAlgorithm("Cipher.Threefish-256", PREFIX + "$ECB_256");
-            provider.addAlgorithm("Cipher.Threefish-512", PREFIX + "$ECB_512");
-            provider.addAlgorithm("Cipher.Threefish-1024", PREFIX + "$ECB_1024");
-            provider.addAlgorithm("KeyGenerator.Threefish-256", PREFIX + "$KeyGen_256");
-            provider.addAlgorithm("KeyGenerator.Threefish-512", PREFIX + "$KeyGen_512");
-            provider.addAlgorithm("KeyGenerator.Threefish-1024", PREFIX + "$KeyGen_1024");
-            provider.addAlgorithm("AlgorithmParameters.Threefish-256", PREFIX + "$AlgParams_256");
-            provider.addAlgorithm("AlgorithmParameters.Threefish-512", PREFIX + "$AlgParams_512");
-            provider.addAlgorithm("AlgorithmParameters.Threefish-1024", PREFIX + "$AlgParams_1024");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Twofish.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Twofish.java
index a759ccd..62988e0 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Twofish.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/Twofish.java

@@ -1,18 +1,22 @@
 package org.bouncycastle.jcajce.provider.symmetric;
 
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.CipherKeyGenerator;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.BlockCipher;
+// import org.bouncycastle.crypto.CipherKeyGenerator;
 import org.bouncycastle.crypto.engines.TwofishEngine;
-import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
-import org.bouncycastle.crypto.macs.GMac;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
+// import org.bouncycastle.crypto.macs.GMac;
 import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.modes.GCMBlockCipher;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.modes.GCMBlockCipher;
 import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
 import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
+// import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider;
+// import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
 import org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory;
 
 public final class Twofish
@@ -21,6 +25,8 @@
     {
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     public static class ECB
         extends BaseBlockCipher
     {
@@ -71,6 +77,8 @@
             super("Poly1305-Twofish", 256, new Poly1305KeyGenerator());
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     /**
      * PBEWithSHAAndTwofish-CBC
@@ -96,6 +104,8 @@
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     public static class AlgParams
         extends IvAlgorithmParameters
     {
@@ -104,6 +114,8 @@
             return "Twofish IV";
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     public static class Mappings
         extends SymmetricAlgorithmProvider
@@ -116,17 +128,22 @@
 
         public void configure(ConfigurableProvider provider)
         {
-            provider.addAlgorithm("Cipher.Twofish", PREFIX + "$ECB");
-            provider.addAlgorithm("KeyGenerator.Twofish", PREFIX + "$KeyGen");
-            provider.addAlgorithm("AlgorithmParameters.Twofish", PREFIX + "$AlgParams");
+            // BEGIN Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("Cipher.Twofish", PREFIX + "$ECB");
+            // provider.addAlgorithm("KeyGenerator.Twofish", PREFIX + "$KeyGen");
+            // provider.addAlgorithm("AlgorithmParameters.Twofish", PREFIX + "$AlgParams");
+            // END Android-removed: Unsupported algorithms
 
+            // Android-note: These algorithms are necessary for KeyStore.BouncyCastle
             provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH", "PKCS12PBE");
             provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH-CBC", "PKCS12PBE");
             provider.addAlgorithm("Cipher.PBEWITHSHAANDTWOFISH-CBC",  PREFIX + "$PBEWithSHA");
             provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAANDTWOFISH-CBC", PREFIX + "$PBEWithSHAKeyFactory");
 
-            addGMacAlgorithm(provider, "Twofish", PREFIX + "$GMAC", PREFIX + "$KeyGen");
-            addPoly1305Algorithm(provider, "Twofish", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen");
+            // BEGIN Android-removed: Unsupported algorithms
+            // addGMacAlgorithm(provider, "Twofish", PREFIX + "$GMAC", PREFIX + "$KeyGen");
+            // addPoly1305Algorithm(provider, "Twofish", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen");
+            // END Android-removed: Unsupported algorithms
         }
     }
 }

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/VMPC.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/VMPC.java
deleted file mode 100644
index 1e59e07..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/VMPC.java
+++ /dev/null

@@ -1,65 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.engines.VMPCEngine;
-import org.bouncycastle.crypto.macs.VMPCMac;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseStreamCipher;
-import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
-
-public final class VMPC
-{
-    private VMPC()
-    {
-    }
-    
-    public static class Base
-        extends BaseStreamCipher
-    {
-        public Base()
-        {
-            super(new VMPCEngine(), 16);
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            super("VMPC", 128, new CipherKeyGenerator());
-        }
-    }
-
-    public static class Mac
-        extends BaseMac
-    {
-        public Mac()
-        {
-            super(new VMPCMac());
-        }
-    }
-
-    public static class Mappings
-        extends AlgorithmProvider
-    {
-        private static final String PREFIX = VMPC.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-
-            provider.addAlgorithm("Cipher.VMPC", PREFIX + "$Base");
-            provider.addAlgorithm("KeyGenerator.VMPC", PREFIX + "$KeyGen");
-            provider.addAlgorithm("Mac.VMPCMAC", PREFIX + "$Mac");
-            provider.addAlgorithm("Alg.Alias.Mac.VMPC", "VMPCMAC");
-            provider.addAlgorithm("Alg.Alias.Mac.VMPC-MAC", "VMPCMAC");
-
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/VMPCKSA3.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/VMPCKSA3.java
deleted file mode 100644
index b5d8814..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/VMPCKSA3.java
+++ /dev/null

@@ -1,51 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.engines.VMPCKSA3Engine;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseStreamCipher;
-import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
-
-public final class VMPCKSA3
-{
-    private VMPCKSA3()
-    {
-    }
-    
-    public static class Base
-        extends BaseStreamCipher
-    {
-        public Base()
-        {
-            super(new VMPCKSA3Engine(), 16);
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            super("VMPC-KSA3", 128, new CipherKeyGenerator());
-        }
-    }
-
-    public static class Mappings
-        extends AlgorithmProvider
-    {
-        private static final String PREFIX = VMPCKSA3.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-
-            provider.addAlgorithm("Cipher.VMPC-KSA3", PREFIX + "$Base");
-            provider.addAlgorithm("KeyGenerator.VMPC-KSA3", PREFIX + "$KeyGen");
-
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/XSalsa20.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/XSalsa20.java
deleted file mode 100644
index 027f2d8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/XSalsa20.java
+++ /dev/null

@@ -1,61 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.engines.XSalsa20Engine;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseStreamCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
-import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
-
-public final class XSalsa20
-{
-    private XSalsa20()
-    {
-    }
-    
-    public static class Base
-        extends BaseStreamCipher
-    {
-        public Base()
-        {
-            super(new XSalsa20Engine(), 24);
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            super("XSalsa20", 256, new CipherKeyGenerator());
-        }
-    }
-
-    public static class AlgParams
-        extends IvAlgorithmParameters
-    {
-        protected String engineToString()
-        {
-            return "XSalsa20 IV";
-        }
-    }
-
-    public static class Mappings
-        extends AlgorithmProvider
-    {
-        private static final String PREFIX = XSalsa20.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-
-            provider.addAlgorithm("Cipher.XSALSA20", PREFIX + "$Base");
-            provider.addAlgorithm("KeyGenerator.XSALSA20", PREFIX + "$KeyGen");
-            provider.addAlgorithm("AlgorithmParameters.XSALSA20", PREFIX + "$AlgParams");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/XTEA.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/XTEA.java
deleted file mode 100644
index 2e946de..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/XTEA.java
+++ /dev/null

@@ -1,62 +0,0 @@
-package org.bouncycastle.jcajce.provider.symmetric;
-
-import org.bouncycastle.crypto.CipherKeyGenerator;
-import org.bouncycastle.crypto.engines.XTEAEngine;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
-import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
-import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
-import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
-
-public final class XTEA
-{
-    private XTEA()
-    {
-    }
-    
-    public static class ECB
-        extends BaseBlockCipher
-    {
-        public ECB()
-        {
-            super(new XTEAEngine());
-        }
-    }
-
-    public static class KeyGen
-        extends BaseKeyGenerator
-    {
-        public KeyGen()
-        {
-            super("XTEA", 128, new CipherKeyGenerator());
-        }
-    }
-
-    public static class AlgParams
-        extends IvAlgorithmParameters
-    {
-        protected String engineToString()
-        {
-            return "XTEA IV";
-        }
-    }
-
-    public static class Mappings
-        extends AlgorithmProvider
-    {
-        private static final String PREFIX = XTEA.class.getName();
-
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-
-            provider.addAlgorithm("Cipher.XTEA", PREFIX + "$ECB");
-            provider.addAlgorithm("KeyGenerator.XTEA", PREFIX + "$KeyGen");
-            provider.addAlgorithm("AlgorithmParameters.XTEA", PREFIX + "$AlgParams");
-
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseAlgorithmParameterGenerator.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseAlgorithmParameterGenerator.java
index 296d692..2237e26 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseAlgorithmParameterGenerator.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseAlgorithmParameterGenerator.java

@@ -6,13 +6,17 @@
 import java.security.NoSuchProviderException;
 import java.security.SecureRandom;
 
-import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+// Android-changed: Use default provider for JCA algorithms instead of BC
+// Was: import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
 import org.bouncycastle.jcajce.util.JcaJceHelper;
 
 public abstract class BaseAlgorithmParameterGenerator
     extends AlgorithmParameterGeneratorSpi
 {
-    private final JcaJceHelper helper = new BCJcaJceHelper();
+    // Android-changed: Use default provider for JCA algorithms instead of BC
+    // Was: private final JcaJceHelper helper = new BCJcaJceHelper();
+    private final JcaJceHelper helper = new DefaultJcaJceHelper();
 
     protected SecureRandom  random;
     protected int           strength = 1024;

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java
index c3ba97a..db2f66c 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java

@@ -20,9 +20,13 @@
 import javax.crypto.ShortBufferException;
 import javax.crypto.interfaces.PBEKey;
 import javax.crypto.spec.IvParameterSpec;
+// BEGIN Android-added: Various key-handling modifications
+import javax.crypto.spec.PBEKeySpec;
+// END Android-added: Various key-handling modifications
 import javax.crypto.spec.PBEParameterSpec;
-import javax.crypto.spec.RC2ParameterSpec;
-import javax.crypto.spec.RC5ParameterSpec;
+// Android-removed: Unsupported algorithms
+// import javax.crypto.spec.RC2ParameterSpec;
+// import javax.crypto.spec.RC5ParameterSpec;
 
 import org.bouncycastle.asn1.cms.GCMParameters;
 import org.bouncycastle.crypto.BlockCipher;
@@ -32,23 +36,27 @@
 import org.bouncycastle.crypto.DataLengthException;
 import org.bouncycastle.crypto.InvalidCipherTextException;
 import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.engines.DSTU7624Engine;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.engines.DSTU7624Engine;
 import org.bouncycastle.crypto.modes.AEADBlockCipher;
 import org.bouncycastle.crypto.modes.CBCBlockCipher;
 import org.bouncycastle.crypto.modes.CCMBlockCipher;
 import org.bouncycastle.crypto.modes.CFBBlockCipher;
 import org.bouncycastle.crypto.modes.CTSBlockCipher;
-import org.bouncycastle.crypto.modes.EAXBlockCipher;
-import org.bouncycastle.crypto.modes.GCFBBlockCipher;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.modes.EAXBlockCipher;
+// import org.bouncycastle.crypto.modes.GCFBBlockCipher;
 import org.bouncycastle.crypto.modes.GCMBlockCipher;
-import org.bouncycastle.crypto.modes.GOFBBlockCipher;
-import org.bouncycastle.crypto.modes.KCCMBlockCipher;
-import org.bouncycastle.crypto.modes.KCTRBlockCipher;
-import org.bouncycastle.crypto.modes.KGCMBlockCipher;
-import org.bouncycastle.crypto.modes.OCBBlockCipher;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.modes.GOFBBlockCipher;
+// import org.bouncycastle.crypto.modes.KCCMBlockCipher;
+// import org.bouncycastle.crypto.modes.KCTRBlockCipher;
+// import org.bouncycastle.crypto.modes.KGCMBlockCipher;
+// import org.bouncycastle.crypto.modes.OCBBlockCipher;
 import org.bouncycastle.crypto.modes.OFBBlockCipher;
-import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher;
-import org.bouncycastle.crypto.modes.PGPCFBBlockCipher;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher;
+// import org.bouncycastle.crypto.modes.PGPCFBBlockCipher;
 import org.bouncycastle.crypto.modes.SICBlockCipher;
 import org.bouncycastle.crypto.paddings.BlockCipherPadding;
 import org.bouncycastle.crypto.paddings.ISO10126d2Padding;
@@ -61,16 +69,19 @@
 import org.bouncycastle.crypto.params.KeyParameter;
 import org.bouncycastle.crypto.params.ParametersWithIV;
 import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.params.ParametersWithSBox;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.params.ParametersWithSBox;
 import org.bouncycastle.crypto.params.RC2Parameters;
-import org.bouncycastle.crypto.params.RC5Parameters;
-import org.bouncycastle.jcajce.PBKDF1Key;
-import org.bouncycastle.jcajce.PBKDF1KeyWithParameters;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.params.RC5Parameters;
+// import org.bouncycastle.jcajce.PBKDF1Key;
+// import org.bouncycastle.jcajce.PBKDF1KeyWithParameters;
 import org.bouncycastle.jcajce.PKCS12Key;
 import org.bouncycastle.jcajce.PKCS12KeyWithParameters;
 import org.bouncycastle.jcajce.spec.AEADParameterSpec;
-import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec;
-import org.bouncycastle.jcajce.spec.RepeatedSecretKeySpec;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec;
+// import org.bouncycastle.jcajce.spec.RepeatedSecretKeySpec;
 import org.bouncycastle.util.Strings;
 
 public class BaseBlockCipher
@@ -84,10 +95,12 @@
     //
     private Class[]                 availableSpecs =
                                     {
-                                        RC2ParameterSpec.class,
-                                        RC5ParameterSpec.class,
+                                        // Android-removed: Unsupported algorithms
+                                        // RC2ParameterSpec.class,
+                                        // RC5ParameterSpec.class,
                                         gcmSpecClass,
-                                        GOST28147ParameterSpec.class,
+                                        // Android-removed: Unsupported algorithms
+                                        // GOST28147ParameterSpec.class
                                         IvParameterSpec.class,
                                         PBEParameterSpec.class
                                     };
@@ -330,6 +343,8 @@
                         new CFBBlockCipher(baseEngine, 8 * baseEngine.getBlockSize()));
             }
         }
+        // BEGIN Android-removed: Unsupported modes
+        /*
         else if (modeName.startsWith("PGP"))
         {
             boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV");
@@ -355,10 +370,14 @@
             cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
                         new SICBlockCipher(baseEngine)));
         }
+        */
+        // END Android-removed: Unsupported modes
         else if (modeName.startsWith("CTR"))
         {
             ivLength = baseEngine.getBlockSize();
             fixedIv = false;
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             if (baseEngine instanceof DSTU7624Engine)
             {
                 cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
@@ -366,10 +385,15 @@
             }
             else
             {
+            */
                 cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
                     new SICBlockCipher(baseEngine)));
+            /*
             }
+            */
         }
+        // BEGIN Android-removed: Unsupported modes
+        /*
         else if (modeName.startsWith("GOFB"))
         {
             ivLength = baseEngine.getBlockSize();
@@ -382,6 +406,8 @@
             cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
                         new GCFBBlockCipher(baseEngine)));
         }
+        */
+        // END Android-removed: Unsupported modes
         else if (modeName.startsWith("CTS"))
         {
             ivLength = baseEngine.getBlockSize();
@@ -390,22 +416,29 @@
         else if (modeName.startsWith("CCM"))
         {
             ivLength = 12; // CCM nonce 7..13 bytes
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             if (baseEngine instanceof DSTU7624Engine)
             {
                 cipher = new AEADGenericBlockCipher(new KCCMBlockCipher(baseEngine));
             }
             else
             {
+            */
                 cipher = new AEADGenericBlockCipher(new CCMBlockCipher(baseEngine));
+            /*
             }
+            */
         }
+        // BEGIN Android-removed: Unsupported modes
+        /*
         else if (modeName.startsWith("OCB"))
         {
             if (engineProvider != null)
             {
                 /*
                  * RFC 7253 4.2. Nonce is a string of no more than 120 bits
-                 */
+                 *
                 ivLength = 15;
                 cipher = new AEADGenericBlockCipher(new OCBBlockCipher(baseEngine, engineProvider.get()));
             }
@@ -419,17 +452,24 @@
             ivLength = baseEngine.getBlockSize();
             cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine));
         }
+        */
+        // END Android-removed: Unsupported modes
         else if (modeName.startsWith("GCM"))
         {
             ivLength = baseEngine.getBlockSize();
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             if (baseEngine instanceof DSTU7624Engine)
             {
                 cipher = new AEADGenericBlockCipher(new KGCMBlockCipher(baseEngine));
             }
             else
             {
+            */
                 cipher = new AEADGenericBlockCipher(new GCMBlockCipher(baseEngine));
+            /*
             }
+            */
         }
         else
         {
@@ -493,6 +533,12 @@
         }
     }
 
+    // BEGIN Android-added: Handling missing IVs
+    private boolean isBCPBEKeyWithoutIV(Key key) {
+        return (key instanceof BCPBEKey) && !(((BCPBEKey)key).getParam() instanceof ParametersWithIV);
+    }
+    // END Android-added: Handling missing IVs
+
     protected void engineInit(
         int                     opmode,
         Key                     key,
@@ -526,7 +572,11 @@
         //
         // a note on iv's - if ivLength is zero the IV gets ignored (we don't use it).
         //
-        if (scheme == PKCS12 || key instanceof PKCS12Key)
+        // BEGIN Android-changed: Don't use PKCS12 with missing IV.
+        // If the key is a BCPBE one without an IV, ignore the fact that the scheme is PKCS12.
+        // if (scheme == PKCS12 || key instanceof PKCS12Key)
+        if ((scheme == PKCS12 || key instanceof PKCS12Key) && !isBCPBEKeyWithoutIV(key))
+        // END Android-changed: Don't use PKCS12 with missing IV.
         {
             SecretKey k;
             try
@@ -569,7 +619,11 @@
                 }
                 else if (pbeKeyParam == null)
                 {
-                    param = PBE.Util.makePBEParameters(k.getEncoded(), PKCS12, digest, keySizeInBits, ivLength * 8, pbeSpec, cipher.getAlgorithmName());
+                    // BEGIN Android-changed: Unreachable code
+                    // See above for the Android change that makes this code unreachable.
+                    // param = PBE.Util.makePBEParameters(k.getEncoded(), PKCS12, digest, keySizeInBits, ivLength * 8, pbeSpec, cipher.getAlgorithmName());
+                    throw new AssertionError("Unreachable code");
+                    // END Android-changed: Unreachable code
                 }
                 else
                 {
@@ -585,6 +639,8 @@
                 ivParam = (ParametersWithIV)param;
             }
         }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         else if (key instanceof PBKDF1Key)
         {
             PBKDF1Key k = (PBKDF1Key)key;
@@ -604,6 +660,8 @@
                 ivParam = (ParametersWithIV)param;
             }
         }
+        */
+        // END Android-removed: Unsupported algorithms
         else if (key instanceof BCPBEKey)
         {
             BCPBEKey k = (BCPBEKey)key;
@@ -624,6 +682,19 @@
             else if (params instanceof PBEParameterSpec)
             {
                 pbeSpec = (PBEParameterSpec)params;
+                // BEGIN Android-added: Allow PBE keys with only passwords.
+                // At this point, k.getParam() == null, so the key hasn't been generated.  If
+                // the parameters have non-default values, recreate the BCPBEKey from algorithm
+                // parameters as to generate the key.
+                if ((pbeSpec.getSalt().length != 0) && (pbeSpec.getIterationCount() > 0)) {
+                    k = new BCPBEKey(k.getAlgorithm(), k.getOID(), k.getType(), k.getDigest(),
+                            k.getKeySize(), k.getIvSize(),
+                            new PBEKeySpec(
+                                    k.getPassword(), pbeSpec.getSalt(), pbeSpec.getIterationCount(),
+                                    k.getKeySize()),
+                            null /* CipherParameters */);
+                }
+                // END Android-added: Allow PBE keys with only passwords.
                 param = PBE.Util.makePBEParameters(k, params, cipher.getUnderlyingCipher().getAlgorithmName());
             }
             else
@@ -651,7 +722,10 @@
                 ivParam = (ParametersWithIV)param;
             }
         }
-        else if (!(key instanceof RepeatedSecretKeySpec))
+        // BEGIN Android-changed: Unsupported algorithm
+        // else if (!(key instanceof RepeatedSecretKeySpec))
+        else
+        // END Android-changed: Unsupported algorithms
         {
             if (scheme == PKCS5S1 || scheme == PKCS5S1_UTF8 || scheme == PKCS5S2 || scheme == PKCS5S2_UTF8)
             {
@@ -659,10 +733,12 @@
             }
             param = new KeyParameter(key.getEncoded());
         }
-        else
-        {
-            param = null;
-        }
+        // BEGIN Android-removed: Unreachable
+        // else
+        // {
+        //    param = null;
+        // }
+        // END Android-removed: Unreachable
 
         if (params instanceof AEADParameterSpec)
         {
@@ -713,6 +789,8 @@
                 }
             }
         }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         else if (params instanceof GOST28147ParameterSpec)
         {
             GOST28147ParameterSpec    gost28147Param = (GOST28147ParameterSpec)params;
@@ -791,6 +869,8 @@
                 ivParam = (ParametersWithIV)param;
             }
         }
+        */
+        // END Android-removed: Unsupported algorithms
         else if (gcmSpecClass != null && gcmSpecClass.isInstance(params))
         {
             if (!isAEADModeName(modeName) && !(cipher instanceof AEADGenericBlockCipher))
@@ -837,13 +917,56 @@
             {
                 byte[]  iv = new byte[ivLength];
 
-                ivRandom.nextBytes(iv);
+                // BEGIN Android-changed: For PBE keys with no IV, log and use IV of 0
+                // These keys were accepted in BC 1.52 (and treated as having an IV of 0) but
+                // rejected outright in BC 1.54 (even if an IV was passed in params).  We
+                // want the eventual state to be that an IV can be passed in params, but the key
+                // is rejected otherwise.  For now, log that these will be rejected in a future
+                // release.  See b/27995180 for historical details.
+                // ivRandom.nextBytes(iv);
+                if (!isBCPBEKeyWithoutIV(key)) {
+                    ivRandom.nextBytes(iv);
+                } else {
+                    // TODO(b/70275132): Change to rejecting these keys
+                    System.err.println(" ******** DEPRECATED FUNCTIONALITY ********");
+                    System.err.println(" * You have initialized a cipher with a PBE key with no IV and");
+                    System.err.println(" * have not provided an IV in the AlgorithmParameterSpec.  This");
+                    System.err.println(" * configuration is deprecated.  The cipher will be initialized");
+                    System.err.println(" * with an all-zero IV, but in a future release this call will");
+                    System.err.println(" * throw an exception.");
+                    new InvalidAlgorithmParameterException("No IV set when using PBE key")
+                            .printStackTrace(System.err);
+                }
+                // END Android-changed: For PBE keys with no IV, log and use IV of 0
                 param = new ParametersWithIV(param, iv);
                 ivParam = (ParametersWithIV)param;
             }
             else if (cipher.getUnderlyingCipher().getAlgorithmName().indexOf("PGPCFB") < 0)
             {
-                throw new InvalidAlgorithmParameterException("no IV set when one expected");
+                // BEGIN Android-changed: For PBE keys with no IV, log and use IV of 0
+                // These keys were accepted in BC 1.52 (and treated as having an IV of 0) but
+                // rejected outright in BC 1.54 (even if an IV was passed in params).  We
+                // want the eventual state to be that an IV can be passed in params, but the key
+                // is rejected otherwise.  For now, log that these will be rejected in a future
+                // release.  See b/27995180 for historical details.
+                // throw new InvalidAlgorithmParameterException("no IV set when one expected");
+                if (!isBCPBEKeyWithoutIV(key)) {
+                    throw new InvalidAlgorithmParameterException("no IV set when one expected");
+                } else {
+                    // TODO(b/70275132): Change to rejecting these keys
+                    System.err.println(" ******** DEPRECATED FUNCTIONALITY ********");
+                    System.err.println(" * You have initialized a cipher with a PBE key with no IV and");
+                    System.err.println(" * have not provided an IV in the AlgorithmParameterSpec.  This");
+                    System.err.println(" * configuration is deprecated.  The cipher will be initialized");
+                    System.err.println(" * with an all-zero IV, but in a future release this call will");
+                    System.err.println(" * throw an exception.");
+                    new InvalidAlgorithmParameterException("No IV set when using PBE key")
+                            .printStackTrace(System.err);
+                    // Mimic behaviour in 1.52 by using an IV of 0's
+                    param = new ParametersWithIV(param, new byte[ivLength]);
+                    ivParam = (ParametersWithIV)param;
+                }
+                // END Android-changed: For PBE keys with no IV, log and use IV of 0
             }
         }
 
@@ -897,6 +1020,8 @@
                 ivParam = new ParametersWithIV(key, iv.getIV());
                 param = ivParam;
             }
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             else if (params instanceof GOST28147ParameterSpec)
             {
                 // need to pick up IV and SBox.
@@ -910,6 +1035,8 @@
                     param = ivParam;
                 }
             }
+            */
+            // END Android-removed: Unsupported algorithms
         }
         else
         {
@@ -920,6 +1047,8 @@
                 ivParam = new ParametersWithIV(param, iv.getIV());
                 param = ivParam;
             }
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             else if (params instanceof GOST28147ParameterSpec)
             {
                 // need to pick up IV and SBox.
@@ -932,6 +1061,8 @@
                     param = new ParametersWithIV(param, gost28147Param.getIV());
                 }
             }
+            */
+            // END Android-removed: Unsupported algorithms
         }
         return param;
     }
@@ -1134,7 +1265,9 @@
     private boolean isAEADModeName(
         String modeName)
     {
-        return "CCM".equals(modeName) || "EAX".equals(modeName) || "GCM".equals(modeName) || "OCB".equals(modeName);
+        // Android-changed: Unsupported modes
+        // return "CCM".equals(modeName) || "EAX".equals(modeName) || "GCM".equals(modeName) || "OCB".equals(modeName);
+        return "CCM".equals(modeName) || "GCM".equals(modeName);
     }
 
     /*

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java
index e1ce811..29bd6a5 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java

@@ -22,11 +22,13 @@
 import org.bouncycastle.crypto.params.AEADParameters;
 import org.bouncycastle.crypto.params.KeyParameter;
 import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.crypto.params.RC2Parameters;
-import org.bouncycastle.crypto.params.SkeinParameters;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.params.RC2Parameters;
+// import org.bouncycastle.crypto.params.SkeinParameters;
 import org.bouncycastle.jcajce.PKCS12Key;
 import org.bouncycastle.jcajce.spec.AEADParameterSpec;
-import org.bouncycastle.jcajce.spec.SkeinParameterSpec;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jcajce.spec.SkeinParameterSpec;
 
 public class BaseMac
     extends MacSpi implements PBE
@@ -99,12 +101,16 @@
 
             int digest = SHA1;
             int keySize = 160;
-            if (macEngine.getAlgorithmName().startsWith("GOST"))
-            {
-                digest = GOST3411;
-                keySize = 256;
-            }
-            else if (macEngine instanceof HMac)
+            // BEGIN Android-removed: Unsupported algorithms
+            // if (macEngine.getAlgorithmName().startsWith("GOST"))
+            // {
+            //     digest = GOST3411;
+            //     keySize = 256;
+            // }
+            // END Android-removed: Unsupported algorithms
+            // Android-changed: Adjust for missing if
+            // else if (macEngine instanceof HMac)
+            if (macEngine instanceof HMac)
             {
                 if (!macEngine.getAlgorithmName().startsWith("SHA-1"))
                 {
@@ -128,11 +134,13 @@
                         digest = SHA512;
                         keySize = 512;
                     }
-                    else if (macEngine.getAlgorithmName().startsWith("RIPEMD160"))
-                    {
-                        digest = RIPEMD160;
-                        keySize = 160;
-                    }
+                    // BEGIN Android-removed: Unsupported algorithms
+                    // else if (macEngine.getAlgorithmName().startsWith("RIPEMD160"))
+                    // {
+                    //     digest = RIPEMD160;
+                    //     keySize = 160;
+                    // }
+                    // END Android-removed: Unsupported algorithms
                     else
                     {
                         throw new InvalidAlgorithmParameterException("no PKCS12 mapping for HMAC: " + macEngine.getAlgorithmName());
@@ -188,6 +196,8 @@
         {
             param = new ParametersWithIV(keyParam, ((IvParameterSpec)params).getIV());
         }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         else if (params instanceof RC2ParameterSpec)
         {
             param = new ParametersWithIV(new RC2Parameters(keyParam.getKey(), ((RC2ParameterSpec)params).getEffectiveKeyBits()), ((RC2ParameterSpec)params).getIV());
@@ -196,6 +206,8 @@
         {
             param = new SkeinParameters.Builder(copyMap(((SkeinParameterSpec)params).getParameters())).setKey(keyParam.getKey()).build();
         }
+        */
+        // END Android-removed: Unsupported algorithms
         else if (params == null)
         {
             param = new KeyParameter(key.getEncoded());

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java
index 5877e8e..06e5af0 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java

@@ -15,8 +15,9 @@
 import javax.crypto.ShortBufferException;
 import javax.crypto.spec.IvParameterSpec;
 import javax.crypto.spec.PBEParameterSpec;
-import javax.crypto.spec.RC2ParameterSpec;
-import javax.crypto.spec.RC5ParameterSpec;
+// Android-removed: Unsupported algorithms
+// import javax.crypto.spec.RC2ParameterSpec;
+// import javax.crypto.spec.RC5ParameterSpec;
 
 import org.bouncycastle.crypto.CipherParameters;
 import org.bouncycastle.crypto.CryptoServicesRegistrar;
@@ -36,8 +37,9 @@
     //
     private Class[]                 availableSpecs =
                                     {
-                                        RC2ParameterSpec.class,
-                                        RC5ParameterSpec.class,
+                                        // Android-removed: Unsupported algorithms
+                                        // RC2ParameterSpec.class,
+                                        // RC5ParameterSpec.class,
                                         IvParameterSpec.class,
                                         PBEParameterSpec.class
                                     };

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java
index f0d6044..4ebb294 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java

@@ -24,8 +24,9 @@
 import javax.crypto.ShortBufferException;
 import javax.crypto.spec.IvParameterSpec;
 import javax.crypto.spec.PBEParameterSpec;
-import javax.crypto.spec.RC2ParameterSpec;
-import javax.crypto.spec.RC5ParameterSpec;
+// Android-removed: Unsupported algorithms
+// import javax.crypto.spec.RC2ParameterSpec;
+// import javax.crypto.spec.RC5ParameterSpec;
 import javax.crypto.spec.SecretKeySpec;
 
 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
@@ -35,10 +36,13 @@
 import org.bouncycastle.crypto.params.KeyParameter;
 import org.bouncycastle.crypto.params.ParametersWithIV;
 import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.params.ParametersWithSBox;
-import org.bouncycastle.crypto.params.ParametersWithUKM;
-import org.bouncycastle.jcajce.spec.GOST28147WrapParameterSpec;
-import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.params.ParametersWithSBox;
+// import org.bouncycastle.crypto.params.ParametersWithUKM;
+// import org.bouncycastle.jcajce.spec.GOST28147WrapParameterSpec;
+// Android-changed: Use default provider for JCA algorithms instead of BC
+// Was: import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+import org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
 import org.bouncycastle.jcajce.util.JcaJceHelper;
 import org.bouncycastle.jce.provider.BouncyCastleProvider;
 import org.bouncycastle.util.Arrays;
@@ -52,10 +56,12 @@
     //
     private Class[]                 availableSpecs =
                                     {
-                                        GOST28147WrapParameterSpec.class,
+                                        // Android-removed: Unsupported algorithms
+                                        // GOST28147WrapParameterSpec.class,
                                         PBEParameterSpec.class,
-                                        RC2ParameterSpec.class,
-                                        RC5ParameterSpec.class,
+                                        // Android-removed: Unsupported algorithms
+                                        // RC2ParameterSpec.class,
+                                        // RC5ParameterSpec.class
                                         IvParameterSpec.class
                                     };
 
@@ -74,7 +80,9 @@
     private ErasableOutputStream wrapStream = null;
     private boolean                   forWrapping;
 
-    private final JcaJceHelper helper = new BCJcaJceHelper();
+    // Android-changed: Use default provider for JCA algorithms instead of BC
+    // Was: private final JcaJceHelper helper = new BCJcaJceHelper();
+    private final JcaJceHelper helper = new DefaultJcaJceHelper();
 
     protected BaseWrapCipher()
     {
@@ -202,6 +210,8 @@
             param = new ParametersWithIV(param, iv);
         }
 
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         if (params instanceof GOST28147WrapParameterSpec)
         {
             GOST28147WrapParameterSpec spec = (GOST28147WrapParameterSpec) params;
@@ -213,6 +223,8 @@
             }
             param = new ParametersWithUKM(param, spec.getUKM());
         }
+        */
+        // END Android-removed: Unsupported algorithms
 
         if (param instanceof KeyParameter && ivSize != 0)
         {

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java
index 1df06fd..fcfd4df 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java

@@ -1,18 +1,25 @@
 package org.bouncycastle.jcajce.provider.symmetric.util;
 
+// BEGIN Android-added: Needed for compatibility helper
+import java.lang.reflect.Method;
+// END Android-added: Needed for compatibility helper
 import java.security.InvalidAlgorithmParameterException;
 import java.security.spec.AlgorithmParameterSpec;
 
 import javax.crypto.SecretKey;
+// BEGIN Android-added: Allow IVs specified in parameters.
+import javax.crypto.spec.IvParameterSpec;
+// END Android-added: Allow IVs specified in parameters.
 import javax.crypto.spec.PBEKeySpec;
 import javax.crypto.spec.PBEParameterSpec;
 
 import org.bouncycastle.crypto.CipherParameters;
 import org.bouncycastle.crypto.PBEParametersGenerator;
-import org.bouncycastle.crypto.digests.GOST3411Digest;
-import org.bouncycastle.crypto.digests.MD2Digest;
-import org.bouncycastle.crypto.digests.RIPEMD160Digest;
-import org.bouncycastle.crypto.digests.TigerDigest;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.digests.GOST3411Digest;
+// import org.bouncycastle.crypto.digests.MD2Digest;
+// import org.bouncycastle.crypto.digests.RIPEMD160Digest;
+// import org.bouncycastle.crypto.digests.TigerDigest;
 import org.bouncycastle.crypto.generators.OpenSSLPBEParametersGenerator;
 import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator;
 import org.bouncycastle.crypto.generators.PKCS5S1ParametersGenerator;
@@ -20,7 +27,10 @@
 import org.bouncycastle.crypto.params.DESParameters;
 import org.bouncycastle.crypto.params.KeyParameter;
 import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.crypto.util.DigestFactory;
+// BEGIN Android-changed: Use Android digests
+// import org.bouncycastle.crypto.util.DigestFactory;
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
+// END Android-changed: Use Android digests
 
 public interface PBE
 {
@@ -29,11 +39,13 @@
     //
     static final int        MD5          = 0;
     static final int        SHA1         = 1;
-    static final int        RIPEMD160    = 2;
-    static final int        TIGER        = 3;
+    // Android-removed: Unsupported algorithms
+    // static final int        RIPEMD160    = 2;
+    // static final int        TIGER        = 3;
     static final int        SHA256       = 4;
-    static final int        MD2          = 5;
-    static final int        GOST3411     = 6;
+    // Android-removed: Unsupported algorithms
+    // static final int        MD2          = 5;
+    // static final int        GOST3411     = 6;
     static final int        SHA224       = 7;
     static final int        SHA384       = 8;
     static final int        SHA512       = 9;
@@ -64,14 +76,19 @@
             {
                 switch (hash)
                 {
-                case MD2:
-                    generator = new PKCS5S1ParametersGenerator(new MD2Digest());
-                    break;
+                // Android-removed: Unsupported algorithms
+                // case MD2:
+                //     generator = new PKCS5S1ParametersGenerator(new MD2Digest());
+                //     break;
                 case MD5:
-                    generator = new PKCS5S1ParametersGenerator(DigestFactory.createMD5());
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS5S1ParametersGenerator(DigestFactory.createMD5());
+                    generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getMD5());
                     break;
                 case SHA1:
-                    generator = new PKCS5S1ParametersGenerator(DigestFactory.createSHA1());
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS5S1ParametersGenerator(DigestFactory.createSHA1());
+                    generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getSHA1());
                     break;
                 default:
                     throw new IllegalStateException("PKCS5 scheme 1 only supports MD2, MD5 and SHA1.");
@@ -81,36 +98,56 @@
             {
                 switch (hash)
                 {
-                case MD2:
-                    generator = new PKCS5S2ParametersGenerator(new MD2Digest());
-                    break;
+                // Android-removed: Unsupported algorithms
+                // case MD2:
+                //     generator = new PKCS5S2ParametersGenerator(new MD2Digest());
+                //     break;
                 case MD5:
-                    generator = new PKCS5S2ParametersGenerator(DigestFactory.createMD5());
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS5S2ParametersGenerator(DigestFactory.createMD5());
+                    generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getMD5());
                     break;
                 case SHA1:
-                    generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA1());
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA1());
+                    generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA1());
                     break;
+                // BEGIN Android-removed: Unsupported algorithms
+                /*
                 case RIPEMD160:
                     generator = new PKCS5S2ParametersGenerator(new RIPEMD160Digest());
                     break;
                 case TIGER:
                     generator = new PKCS5S2ParametersGenerator(new TigerDigest());
                     break;
+                */
+                // END Android-removed: Unsupported algorithms
                 case SHA256:
-                    generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA256());
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA256());
+                    generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA256());
                     break;
-                case GOST3411:
-                    generator = new PKCS5S2ParametersGenerator(new GOST3411Digest());
-                    break;
+                // Android-removed: Unsupported algorithms
+                // case GOST3411:
+                //     generator = new PKCS5S2ParametersGenerator(new GOST3411Digest());
+                //     break;
                 case SHA224:
-                    generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA224());
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA224());
+                    generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA224());
                     break;
                 case SHA384:
-                    generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA384());
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA384());
+                    generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA384());
                     break;
                 case SHA512:
-                    generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA512());
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA512());
+                    generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA512());
                     break;
+                // BEGIN Android-removed: Unsupported algorithms
+                /*
                 case SHA3_224:
                     generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA3_224());
                     break;
@@ -123,6 +160,8 @@
                 case SHA3_512:
                     generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA3_512());
                     break;
+                */
+                // END Android-removed: Unsupported algorithms
                 default:
                     throw new IllegalStateException("unknown digest scheme for PBE PKCS5S2 encryption.");
                 }
@@ -131,35 +170,53 @@
             {
                 switch (hash)
                 {
-                case MD2:
-                    generator = new PKCS12ParametersGenerator(new MD2Digest());
-                    break;
+                // Android-removed: Unsupported algorithms
+                // case MD2:
+                //     generator = new PKCS12ParametersGenerator(new MD2Digest());
+                //     break;
                 case MD5:
-                    generator = new PKCS12ParametersGenerator(DigestFactory.createMD5());
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS12ParametersGenerator(DigestFactory.createMD5());
+                    generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getMD5());
                     break;
                 case SHA1:
-                    generator = new PKCS12ParametersGenerator(DigestFactory.createSHA1());
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS12ParametersGenerator(DigestFactory.createSHA1());
+                    generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA1());
                     break;
+                // BEGIN Android-removed: Unsupported algorithms
+                /*
                 case RIPEMD160:
                     generator = new PKCS12ParametersGenerator(new RIPEMD160Digest());
                     break;
                 case TIGER:
                     generator = new PKCS12ParametersGenerator(new TigerDigest());
                     break;
+                */
+                // END Android-removed: Unsupported algorithms
                 case SHA256:
-                    generator = new PKCS12ParametersGenerator(DigestFactory.createSHA256());
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS12ParametersGenerator(DigestFactory.createSHA256());
+                    generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA256());
                     break;
-                case GOST3411:
-                    generator = new PKCS12ParametersGenerator(new GOST3411Digest());
-                    break;
+                // Android-removed: Unsupported algorithms
+                // case GOST3411:
+                //     generator = new PKCS12ParametersGenerator(new GOST3411Digest());
+                //     break;
                 case SHA224:
-                    generator = new PKCS12ParametersGenerator(DigestFactory.createSHA224());
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS12ParametersGenerator(DigestFactory.createSHA224());
+                    generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA224());
                     break;
                 case SHA384:
-                    generator = new PKCS12ParametersGenerator(DigestFactory.createSHA384());
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS12ParametersGenerator(DigestFactory.createSHA384());
+                    generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA384());
                     break;
                 case SHA512:
-                    generator = new PKCS12ParametersGenerator(DigestFactory.createSHA512());
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS12ParametersGenerator(DigestFactory.createSHA512());
+                    generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA512());
                     break;
                 default:
                     throw new IllegalStateException("unknown digest scheme for PBE encryption.");
@@ -207,6 +264,21 @@
             if (ivSize != 0)
             {
                 param = generator.generateDerivedParameters(keySize, ivSize);
+                // BEGIN Android-added: Allow IVs specified in parameters.
+                // PKCS5S2 doesn't specify that the IV must be generated from the password. If the
+                // IV is passed as a parameter, use it.
+                AlgorithmParameterSpec parameterSpecFromPBEParameterSpec =
+                        getParameterSpecFromPBEParameterSpec(pbeParam);
+                if ((scheme == PKCS5S2 || scheme == PKCS5S2_UTF8)
+                        && parameterSpecFromPBEParameterSpec instanceof IvParameterSpec) {
+                    ParametersWithIV parametersWithIV = (ParametersWithIV) param;
+                    IvParameterSpec ivParameterSpec =
+                            (IvParameterSpec) parameterSpecFromPBEParameterSpec;
+                    param = new ParametersWithIV(
+                            (KeyParameter) parametersWithIV.getParameters(),
+                            ivParameterSpec.getIV());
+                }
+                // END Android-added: Allow IVs specified in parameters.
             }
             else
             {
@@ -261,6 +333,21 @@
             if (pbeKey.getIvSize() != 0)
             {
                 param = generator.generateDerivedParameters(pbeKey.getKeySize(), pbeKey.getIvSize());
+                // BEGIN Android-added: Allow IVs specified in parameters.
+                // PKCS5S2 doesn't specify that the IV must be generated from the password. If the
+                // IV is passed as a parameter, use it.
+                AlgorithmParameterSpec parameterSpecFromPBEParameterSpec =
+                        getParameterSpecFromPBEParameterSpec(pbeParam);
+                if ((pbeKey.getType() == PKCS5S2 || pbeKey.getType() == PKCS5S2_UTF8)
+                        && parameterSpecFromPBEParameterSpec instanceof IvParameterSpec) {
+                    ParametersWithIV parametersWithIV = (ParametersWithIV) param;
+                    IvParameterSpec ivParameterSpec =
+                            (IvParameterSpec) parameterSpecFromPBEParameterSpec;
+                    param = new ParametersWithIV(
+                            (KeyParameter) parametersWithIV.getParameters(),
+                            ivParameterSpec.getIV());
+                }
+                // END Android-added: Allow IVs specified in parameters.
             }
             else
             {
@@ -406,6 +493,28 @@
             return param;
         }
 
+        // BEGIN Android-added: Add helper for 1.8 compatibility.
+        /**
+         * Invokes the method {@link PBEParameterSpec#getParameterSpec()} via reflection.
+         *
+         * Needed as the method was introduced in Java 1.8 and Bouncycastle level is 1.5.
+         *
+         * @return the parameter spec, or null if the method is not available.
+         */
+        public static AlgorithmParameterSpec getParameterSpecFromPBEParameterSpec(
+                PBEParameterSpec pbeParameterSpec) {
+            try {
+                Method getParameterSpecMethod = PBE.class.getClassLoader()
+                        .loadClass("javax.crypto.spec.PBEParameterSpec")
+                        .getMethod("getParameterSpec");
+                return (AlgorithmParameterSpec) getParameterSpecMethod.invoke(pbeParameterSpec);
+            } catch (Exception e) {
+                return null;
+            }
+        }
+        // END Android-added: Add helper for 1.8 compatibility.
+
+
         private static byte[] convertPassword(int type, PBEKeySpec keySpec)
         {
             byte[] key;

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/util/DigestFactory.java b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/util/DigestFactory.java
index f5823ac..552a6e6 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/provider/util/DigestFactory.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/provider/util/DigestFactory.java

@@ -10,6 +10,9 @@
 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
 import org.bouncycastle.crypto.Digest;
+// BEGIN Android-added: Use Android digests
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
+// END Android-added: Use Android digests
 import org.bouncycastle.util.Strings;
 
 public class DigestFactory
@@ -20,12 +23,16 @@
     private static Set sha256 = new HashSet();
     private static Set sha384 = new HashSet();
     private static Set sha512 = new HashSet();
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     private static Set sha512_224 = new HashSet();
     private static Set sha512_256 = new HashSet();
     private static Set sha3_224 = new HashSet();
     private static Set sha3_256 = new HashSet();
     private static Set sha3_384 = new HashSet();
     private static Set sha3_512 = new HashSet();
+    */
+    // END Android-removed: Unsupported algorithms
 
     private static Map oids = new HashMap();
     
@@ -54,6 +61,8 @@
         sha512.add("SHA-512");
         sha512.add(NISTObjectIdentifiers.id_sha512.getId()); 
 
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         sha512_224.add("SHA512(224)");
         sha512_224.add("SHA-512(224)");
         sha512_224.add(NISTObjectIdentifiers.id_sha512_224.getId());
@@ -73,6 +82,9 @@
 
         sha3_512.add("SHA3-512");
         sha3_512.add(NISTObjectIdentifiers.id_sha3_512.getId());
+        */
+        // END Android-removed: Unsupported algorithms
+
 
         oids.put("MD5", PKCSObjectIdentifiers.md5);
         oids.put(PKCSObjectIdentifiers.md5.getId(), PKCSObjectIdentifiers.md5);
@@ -125,28 +137,42 @@
         
         if (sha1.contains(digestName))
         {
-            return org.bouncycastle.crypto.util.DigestFactory.createSHA1();
+            // Android-changed: Use Android digests
+            // return org.bouncycastle.crypto.util.DigestFactory.createSHA1();
+            return AndroidDigestFactory.getSHA1();
         }
         if (md5.contains(digestName))
         {
-            return org.bouncycastle.crypto.util.DigestFactory.createMD5();
+            // Android-changed: Use Android digests
+            // return org.bouncycastle.crypto.util.DigestFactory.createMD5();
+            return AndroidDigestFactory.getMD5();
         }
         if (sha224.contains(digestName))
         {
-            return org.bouncycastle.crypto.util.DigestFactory.createSHA224();
+            // Android-changed: Use Android digests
+            // return org.bouncycastle.crypto.util.DigestFactory.createSHA224();
+            return AndroidDigestFactory.getSHA224();
         }
         if (sha256.contains(digestName))
         {
-            return org.bouncycastle.crypto.util.DigestFactory.createSHA256();
+            // Android-changed: Use Android digests
+            // return org.bouncycastle.crypto.util.DigestFactory.createSHA256();
+            return AndroidDigestFactory.getSHA256();
         }
         if (sha384.contains(digestName))
         {
-            return org.bouncycastle.crypto.util.DigestFactory.createSHA384();
+            // Android-changed: Use Android digests
+            // return org.bouncycastle.crypto.util.DigestFactory.createSHA384();
+            return AndroidDigestFactory.getSHA384();
         }
         if (sha512.contains(digestName))
         {
-            return org.bouncycastle.crypto.util.DigestFactory.createSHA512();
+            // Android-changed: Use Android digests
+            // return org.bouncycastle.crypto.util.DigestFactory.createSHA512();
+            return AndroidDigestFactory.getSHA512();
         }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         if (sha512_224.contains(digestName))
         {
             return org.bouncycastle.crypto.util.DigestFactory.createSHA512_224();
@@ -172,6 +198,8 @@
         {
             return org.bouncycastle.crypto.util.DigestFactory.createSHA3_512();
         }
+        */
+        // END Android-removed: Unsupported algorithms
 
         return null;
     }
@@ -185,12 +213,16 @@
             || (sha256.contains(digest1) && sha256.contains(digest2))
             || (sha384.contains(digest1) && sha384.contains(digest2))
             || (sha512.contains(digest1) && sha512.contains(digest2))
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             || (sha512_224.contains(digest1) && sha512_224.contains(digest2))
             || (sha512_256.contains(digest1) && sha512_256.contains(digest2))
             || (sha3_224.contains(digest1) && sha3_224.contains(digest2))
             || (sha3_256.contains(digest1) && sha3_256.contains(digest2))
             || (sha3_384.contains(digest1) && sha3_384.contains(digest2))
             || (sha3_512.contains(digest1) && sha3_512.contains(digest2))
+            */
+            // END Android-removed: Unsupported algorithms
             || (md5.contains(digest1) && md5.contains(digest2));
     }
     

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/DHUParameterSpec.java b/bcprov/src/main/java/org/bouncycastle/jcajce/spec/DHUParameterSpec.java
deleted file mode 100644
index 1bd86c3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/DHUParameterSpec.java
+++ /dev/null

@@ -1,144 +0,0 @@
-package org.bouncycastle.jcajce.spec;
-
-import java.security.KeyPair;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * Parameter spec to provide Diffie-Hellman Unified model keys and user keying material.
- */
-public class DHUParameterSpec
-    implements AlgorithmParameterSpec
-{
-    private final PublicKey ephemeralPublicKey;
-    private final PrivateKey ephemeralPrivateKey;
-    private final PublicKey otherPartyEphemeralKey;
-    private final byte[] userKeyingMaterial;
-
-    /**
-     * Base constructor for a Diffie-Hellman unified model.
-     *
-     * @param ephemeralPublicKey our ephemeral public key.
-     * @param ephemeralPrivateKey our ephemeral private key.
-     * @param otherPartyEphemeralKey the ephemeral public key sent by the other party.
-     * @param userKeyingMaterial key generation material to mix with the calculated secret.
-     */
-    public DHUParameterSpec(PublicKey ephemeralPublicKey, PrivateKey ephemeralPrivateKey, PublicKey otherPartyEphemeralKey, byte[] userKeyingMaterial)
-    {
-        if (ephemeralPrivateKey == null)
-        {
-            throw new IllegalArgumentException("ephemeral private key cannot be null");
-        }
-        if (otherPartyEphemeralKey == null)
-        {
-            throw new IllegalArgumentException("other party ephemeral key cannot be null");
-        }
-        this.ephemeralPublicKey = ephemeralPublicKey;
-        this.ephemeralPrivateKey = ephemeralPrivateKey;
-        this.otherPartyEphemeralKey = otherPartyEphemeralKey;
-        this.userKeyingMaterial = Arrays.clone(userKeyingMaterial);
-    }
-
-    /**
-     * Base constructor for a Diffie-Hellman unified model without user keying material.
-     *
-     * @param ephemeralPublicKey our ephemeral public key.
-     * @param ephemeralPrivateKey our ephemeral private key.
-     * @param otherPartyEphemeralKey the ephemeral public key sent by the other party.
-     */
-    public DHUParameterSpec(PublicKey ephemeralPublicKey, PrivateKey ephemeralPrivateKey, PublicKey otherPartyEphemeralKey)
-    {
-        this(ephemeralPublicKey, ephemeralPrivateKey, otherPartyEphemeralKey, null);
-    }
-
-    /**
-     * Base constructor for a Diffie-Hellman unified model using a key pair.
-     *
-     * @param ephemeralKeyPair our ephemeral public and private key.
-     * @param otherPartyEphemeralKey the ephemeral public key sent by the other party.
-     * @param userKeyingMaterial key generation material to mix with the calculated secret.
-     */
-    public DHUParameterSpec(KeyPair ephemeralKeyPair, PublicKey otherPartyEphemeralKey, byte[] userKeyingMaterial)
-    {
-        this(ephemeralKeyPair.getPublic(), ephemeralKeyPair.getPrivate(), otherPartyEphemeralKey, userKeyingMaterial);
-    }
-
-    /**
-     * Base constructor for a Diffie-Hellman unified model - calculation of our ephemeral public key
-     * is required.
-     *
-     * @param ephemeralPrivateKey our ephemeral private key.
-     * @param otherPartyEphemeralKey the ephemeral public key sent by the other party.
-     * @param userKeyingMaterial key generation material to mix with the calculated secret.
-     */
-    public DHUParameterSpec(PrivateKey ephemeralPrivateKey, PublicKey otherPartyEphemeralKey, byte[] userKeyingMaterial)
-    {
-        this(null, ephemeralPrivateKey, otherPartyEphemeralKey, userKeyingMaterial);
-    }
-
-    /**
-     * Base constructor for a Diffie-Hellman unified model using a key pair without user keying material.
-     *
-     * @param ephemeralKeyPair our ephemeral public and private key.
-     * @param otherPartyEphemeralKey the ephemeral public key sent by the other party.
-     */
-    public DHUParameterSpec(KeyPair ephemeralKeyPair, PublicKey otherPartyEphemeralKey)
-    {
-        this(ephemeralKeyPair.getPublic(), ephemeralKeyPair.getPrivate(), otherPartyEphemeralKey, null);
-    }
-
-    /**
-     * Base constructor for a Diffie-Hellman unified model - calculation of our ephemeral public key
-     * is required and no user keying material is provided.
-     *
-     * @param ephemeralPrivateKey our ephemeral private key.
-     * @param otherPartyEphemeralKey the ephemeral public key sent by the other party.
-     */
-    public DHUParameterSpec(PrivateKey ephemeralPrivateKey, PublicKey otherPartyEphemeralKey)
-    {
-        this(null, ephemeralPrivateKey, otherPartyEphemeralKey, null);
-    }
-
-    /**
-     * Return our ephemeral private key.
-     *
-     * @return our ephemeral private key.
-     */
-    public PrivateKey getEphemeralPrivateKey()
-    {
-        return ephemeralPrivateKey;
-    }
-
-    /**
-     * Return our ephemeral public key, null if it was not provided.
-     *
-     * @return our ephemeral public key, can be null.
-     */
-    public PublicKey getEphemeralPublicKey()
-    {
-        return ephemeralPublicKey;
-    }
-
-    /**
-     * Return the ephemeral other party public key.
-     *
-     * @return the ephemeral other party public key.
-     */
-    public PublicKey getOtherPartyEphemeralKey()
-    {
-        return otherPartyEphemeralKey;
-    }
-
-    /**
-     * Return a copy of the user keying material, null if none is available.
-     *
-     * @return a copy of the user keying material, can be null.
-     */
-    public byte[] getUserKeyingMaterial()
-    {
-        return Arrays.clone(userKeyingMaterial);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/DSTU4145ParameterSpec.java b/bcprov/src/main/java/org/bouncycastle/jcajce/spec/DSTU4145ParameterSpec.java
deleted file mode 100644
index 161ba54..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/DSTU4145ParameterSpec.java
+++ /dev/null

@@ -1,54 +0,0 @@
-package org.bouncycastle.jcajce.spec;
-
-import java.security.spec.ECParameterSpec;
-
-import org.bouncycastle.asn1.ua.DSTU4145Params;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
-import org.bouncycastle.util.Arrays;
-
-/**
- * ParameterSpec for a DSTU4145 key.
- */
-public class DSTU4145ParameterSpec
-    extends ECParameterSpec
-{
-    private final byte[]             dke;
-    private final ECDomainParameters parameters;
-
-    public DSTU4145ParameterSpec(
-        ECDomainParameters parameters)
-    {
-        this(parameters, EC5Util.convertToSpec(parameters), DSTU4145Params.getDefaultDKE());
-    }
-
-    private DSTU4145ParameterSpec(ECDomainParameters parameters, ECParameterSpec ecParameterSpec, byte[] dke)
-    {
-        super(ecParameterSpec.getCurve(), ecParameterSpec.getGenerator(), ecParameterSpec.getOrder(), ecParameterSpec.getCofactor());
-
-        this.parameters = parameters;
-        this.dke = Arrays.clone(dke);
-    }
-
-    public byte[] getDKE()
-    {
-        return Arrays.clone(dke);
-    }
-
-    public boolean equals(Object o)
-    {
-        if (o instanceof DSTU4145ParameterSpec)
-        {
-            DSTU4145ParameterSpec other = (DSTU4145ParameterSpec)o;
-            
-            return this.parameters.equals(other.parameters);
-        }
-        
-        return false;
-    }
-    
-    public int hashCode()
-    {
-        return this.parameters.hashCode();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/EdDSAParameterSpec.java b/bcprov/src/main/java/org/bouncycastle/jcajce/spec/EdDSAParameterSpec.java
deleted file mode 100644
index 1f0f203..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/EdDSAParameterSpec.java
+++ /dev/null

@@ -1,57 +0,0 @@
-package org.bouncycastle.jcajce.spec;
-
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.asn1.edec.EdECObjectIdentifiers;
-
-/**
- * ParameterSpec for EdDSA signature algorithms.
- */
-public class EdDSAParameterSpec
-    implements AlgorithmParameterSpec
-{
-    public static final String Ed25519 = "Ed25519";
-    public static final String Ed448 = "Ed448";
-
-    private final String curveName;
-
-    /**
-     * Base constructor.
-     *
-     * @param curveName name of the curve to specify.
-     */
-    public EdDSAParameterSpec(String curveName)
-    {
-        if (curveName.equalsIgnoreCase(Ed25519))
-        {
-            this.curveName = Ed25519;
-        }
-        else if (curveName.equalsIgnoreCase(Ed448))
-        {
-            this.curveName = Ed448;
-        }
-        else if (curveName.equals(EdECObjectIdentifiers.id_Ed25519.getId()))
-        {
-            this.curveName = Ed25519;
-        }
-        else if (curveName.equals(EdECObjectIdentifiers.id_Ed448.getId()))
-        {
-            this.curveName = Ed448;
-        }
-        else
-        {
-            throw new IllegalArgumentException("unrecognized curve name: " + curveName);
-        }
-
-    }
-
-    /**
-     * Return the curve name specified by this parameterSpec.
-     *
-     * @return the name of the curve this parameterSpec specifies.
-     */
-    public String getCurveName()
-    {
-        return curveName;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/GOST28147ParameterSpec.java b/bcprov/src/main/java/org/bouncycastle/jcajce/spec/GOST28147ParameterSpec.java
deleted file mode 100644
index d06dc5a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/GOST28147ParameterSpec.java
+++ /dev/null

@@ -1,109 +0,0 @@
-package org.bouncycastle.jcajce.spec;
-
-import java.security.spec.AlgorithmParameterSpec;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.crypto.engines.GOST28147Engine;
-import org.bouncycastle.util.Arrays;
-
-/**
- * A parameter spec for the GOST-28147 cipher.
- */
-public class GOST28147ParameterSpec
-    implements AlgorithmParameterSpec
-{
-    private byte[] iv = null;
-    private byte[] sBox = null;
-
-    public GOST28147ParameterSpec(
-        byte[] sBox)
-    {
-        this.sBox = new byte[sBox.length];
-        
-        System.arraycopy(sBox, 0, this.sBox, 0, sBox.length);
-    }
-
-    public GOST28147ParameterSpec(
-        byte[] sBox,
-        byte[] iv)
-    {
-        this(sBox);
-        this.iv = new byte[iv.length];
-        
-        System.arraycopy(iv, 0, this.iv, 0, iv.length);
-    }
-    
-    public GOST28147ParameterSpec(
-        String sBoxName)
-    {
-        this.sBox = GOST28147Engine.getSBox(sBoxName);
-    }
-
-    public GOST28147ParameterSpec(
-        String sBoxName,
-        byte[] iv)
-    {
-        this(sBoxName);
-        this.iv = new byte[iv.length];
-        
-        System.arraycopy(iv, 0, this.iv, 0, iv.length);
-    }
-
-    public GOST28147ParameterSpec(
-        ASN1ObjectIdentifier sBoxName,
-        byte[] iv)
-    {
-        this(getName(sBoxName));
-        this.iv = Arrays.clone(iv);
-    }
-
-    /**
-     * @deprecated use getSBox()
-     */
-    public byte[] getSbox()
-    {
-        return Arrays.clone(sBox);
-    }
-
-    public byte[] getSBox()
-    {
-        return Arrays.clone(sBox);
-    }
-
-    /**
-     * Returns the IV or null if this parameter set does not contain an IV.
-     *
-     * @return the IV or null if this parameter set does not contain an IV.
-     */
-    public byte[] getIV()
-    {
-        return Arrays.clone(iv);
-    }
-
-    private static Map oidMappings = new HashMap();
-
-    static
-    {
-        oidMappings.put(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_A_ParamSet, "E-A");
-        oidMappings.put(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_B_ParamSet, "E-B");
-        oidMappings.put(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_C_ParamSet, "E-C");
-        oidMappings.put(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_D_ParamSet, "E-D");
-        oidMappings.put(RosstandartObjectIdentifiers.id_tc26_gost_28147_param_Z, "Param-Z");
-    }
-
-    private static String getName(ASN1ObjectIdentifier sBoxOid)
-    {
-        String sBoxName = (String)oidMappings.get(sBoxOid);
-
-        if (sBoxName == null)
-        {
-            throw new IllegalArgumentException("unknown OID: " + sBoxOid);
-        }
-
-        return sBoxName;
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/GOST28147WrapParameterSpec.java b/bcprov/src/main/java/org/bouncycastle/jcajce/spec/GOST28147WrapParameterSpec.java
deleted file mode 100644
index 3ee3364..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/GOST28147WrapParameterSpec.java
+++ /dev/null

@@ -1,101 +0,0 @@
-package org.bouncycastle.jcajce.spec;
-
-import java.security.spec.AlgorithmParameterSpec;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.crypto.engines.GOST28147Engine;
-import org.bouncycastle.util.Arrays;
-
-/**
- * A parameter spec for the GOST-28147 cipher.
- */
-public class GOST28147WrapParameterSpec
-    implements AlgorithmParameterSpec
-{
-    private byte[] ukm = null;
-    private byte[] sBox = null;
-
-    public GOST28147WrapParameterSpec(
-        byte[] sBox)
-    {
-        this.sBox = new byte[sBox.length];
-
-        System.arraycopy(sBox, 0, this.sBox, 0, sBox.length);
-    }
-
-    public GOST28147WrapParameterSpec(
-        byte[] sBox,
-        byte[] ukm)
-    {
-        this(sBox);
-        this.ukm = new byte[ukm.length];
-
-        System.arraycopy(ukm, 0, this.ukm, 0, ukm.length);
-    }
-
-    public GOST28147WrapParameterSpec(
-        String sBoxName)
-    {
-        this.sBox = GOST28147Engine.getSBox(sBoxName);
-    }
-
-    public GOST28147WrapParameterSpec(
-        String sBoxName,
-        byte[] ukm)
-    {
-        this(sBoxName);
-        this.ukm = new byte[ukm.length];
-
-        System.arraycopy(ukm, 0, this.ukm, 0, ukm.length);
-    }
-
-    public GOST28147WrapParameterSpec(
-        ASN1ObjectIdentifier sBoxName,
-        byte[] ukm)
-    {
-        this(getName(sBoxName));
-        this.ukm = Arrays.clone(ukm);
-    }
-
-    public byte[] getSBox()
-    {
-        return Arrays.clone(sBox);
-    }
-
-    /**
-     * Returns the UKM.
-     *
-     * @return the UKM.
-     */
-    public byte[] getUKM()
-    {
-        return Arrays.clone(ukm);
-    }
-
-    private static Map oidMappings = new HashMap();
-
-    static
-    {
-        oidMappings.put(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_A_ParamSet, "E-A");
-        oidMappings.put(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_B_ParamSet, "E-B");
-        oidMappings.put(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_C_ParamSet, "E-C");
-        oidMappings.put(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_D_ParamSet, "E-D");
-        oidMappings.put(RosstandartObjectIdentifiers.id_tc26_gost_28147_param_Z, "Param-Z");
-    }
-
-    private static String getName(ASN1ObjectIdentifier sBoxOid)
-    {
-        String sBoxName = (String)oidMappings.get(sBoxOid);
-
-        if (sBoxName == null)
-        {
-            throw new IllegalArgumentException("unknown OID: " + sBoxOid);
-        }
-
-        return sBoxName;
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/GOST3410ParameterSpec.java b/bcprov/src/main/java/org/bouncycastle/jcajce/spec/GOST3410ParameterSpec.java
deleted file mode 100644
index 474c185..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/GOST3410ParameterSpec.java
+++ /dev/null

@@ -1,108 +0,0 @@
-package org.bouncycastle.jcajce.spec;
-
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-
-/**
- * ParameterSpec for a GOST 3410-1994/2001/2012 algorithm parameters.
- */
-public class GOST3410ParameterSpec
-    implements AlgorithmParameterSpec
-{
-    private final ASN1ObjectIdentifier publicKeyParamSet;
-    private final ASN1ObjectIdentifier digestParamSet;
-    private final ASN1ObjectIdentifier encryptionParamSet;
-
-    /**
-     * Constructor for signing parameters.
-     *
-     * @param publicKeyParamSet the curve parameter set name.
-     */
-    public GOST3410ParameterSpec(String publicKeyParamSet)
-    {
-        this(getOid(publicKeyParamSet), getDigestOid(publicKeyParamSet), null);
-    }
-
-    /**
-     * Constructor for signing parameters.
-     *
-     * @param publicKeyParamSet the public key parameter set object identifier.
-     * @param digestParamSet the object identifier for the digest algorithm to be associated with parameters.
-     */
-    public GOST3410ParameterSpec(ASN1ObjectIdentifier publicKeyParamSet, ASN1ObjectIdentifier digestParamSet)
-    {
-        this(publicKeyParamSet, digestParamSet, null);
-    }
-
-    /**
-     * Constructor for signing/encryption parameters.
-     *
-     * @param publicKeyParamSet the public key parameter set object identifier.
-     * @param digestParamSet the object identifier for the digest algorithm to be associated with parameters.
-     * @param encryptionParamSet the object identifier associated with encryption algorithm to use.
-     */
-    public GOST3410ParameterSpec(ASN1ObjectIdentifier publicKeyParamSet, ASN1ObjectIdentifier digestParamSet, ASN1ObjectIdentifier encryptionParamSet)
-    {
-        this.publicKeyParamSet = publicKeyParamSet;
-        this.digestParamSet = digestParamSet;
-        this.encryptionParamSet = encryptionParamSet;
-    }
-
-    public String getPublicKeyParamSetName()
-    {
-        return ECGOST3410NamedCurves.getName(this.getPublicKeyParamSet());
-    }
-
-    /**
-     * Return the object identifier for the public key parameter set.
-     *
-     * @return the OID for the public key parameter set.
-     */
-    public ASN1ObjectIdentifier getPublicKeyParamSet()
-    {
-        return publicKeyParamSet;
-    }
-
-    /**
-     * Return the object identifier for the digest parameter set.
-     *
-     * @return the OID for the digest parameter set.
-     */
-    public ASN1ObjectIdentifier getDigestParamSet()
-    {
-        return digestParamSet;
-    }
-
-    /**
-     * Return the object identifier for the encryption parameter set.
-     *
-     * @return the OID for the encryption parameter set.
-     */
-    public ASN1ObjectIdentifier getEncryptionParamSet()
-    {
-        return encryptionParamSet;
-    }
-
-    private static ASN1ObjectIdentifier getOid(String paramName)
-    {
-        return ECGOST3410NamedCurves.getOID(paramName);
-    }
-
-    private static ASN1ObjectIdentifier getDigestOid(String paramName)
-    {
-        if (paramName.indexOf("12-512") > 0)
-        {
-            return RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512;
-        }
-        if (paramName.indexOf("12-256") > 0)
-        {
-            return RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256;
-        }
-
-        return CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/KTSParameterSpec.java b/bcprov/src/main/java/org/bouncycastle/jcajce/spec/KTSParameterSpec.java
deleted file mode 100644
index a6d1a8d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/KTSParameterSpec.java
+++ /dev/null

@@ -1,157 +0,0 @@
-package org.bouncycastle.jcajce.spec;
-
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Parameter spec for doing KTS based wrapping via the Cipher API.
- */
-public class KTSParameterSpec
-    implements AlgorithmParameterSpec
-{
-    private final String wrappingKeyAlgorithm;
-    private final int keySizeInBits;
-    private final AlgorithmParameterSpec parameterSpec;
-    private final AlgorithmIdentifier kdfAlgorithm;
-    private byte[] otherInfo;
-
-    /**
-     * Builder class for creating a KTSParameterSpec.
-     */
-    public static final class Builder
-    {
-        private final String algorithmName;
-        private final int keySizeInBits;
-
-        private AlgorithmParameterSpec parameterSpec;
-        private AlgorithmIdentifier kdfAlgorithm;
-        private byte[] otherInfo;
-
-        /**
-         * Basic builder.
-         *
-         * @param algorithmName the algorithm name for the secret key we use for wrapping.
-         * @param keySizeInBits the size of the wrapping key we want to produce in bits.
-         */
-        public Builder(String algorithmName, int keySizeInBits)
-        {
-            this(algorithmName, keySizeInBits, null);
-        }
-
-        /**
-         * Basic builder.
-         *
-         * @param algorithmName the algorithm name for the secret key we use for wrapping.
-         * @param keySizeInBits the size of the wrapping key we want to produce in bits.
-         * @param otherInfo     the otherInfo/IV encoding to be applied to the KDF.
-         */
-        public Builder(String algorithmName, int keySizeInBits, byte[] otherInfo)
-        {
-            this.algorithmName = algorithmName;
-            this.keySizeInBits = keySizeInBits;
-            this.kdfAlgorithm = new AlgorithmIdentifier(X9ObjectIdentifiers.id_kdf_kdf3, new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256));
-            this.otherInfo = (otherInfo == null) ? new byte[0] : Arrays.clone(otherInfo);
-        }
-
-        /**
-         * Set the algorithm parameter spec to be used with the wrapper.
-         *
-         * @param parameterSpec the algorithm parameter spec to be used in wrapping/unwrapping.
-         * @return the current Builder instance.
-         */
-        public Builder withParameterSpec(AlgorithmParameterSpec parameterSpec)
-        {
-            this.parameterSpec = parameterSpec;
-
-            return this;
-        }
-
-        /**
-         * Set the KDF algorithm and digest algorithm for wrap key generation.
-         *
-         * @param kdfAlgorithm the KDF algorithm to apply.
-         * @return the current Builder instance.
-         */
-        public Builder withKdfAlgorithm(AlgorithmIdentifier kdfAlgorithm)
-        {
-            this.kdfAlgorithm = kdfAlgorithm;
-
-            return this;
-        }
-
-        /**
-         * Build the new parameter spec.
-         *
-         * @return a new parameter spec configured according to the builder state.
-         */
-        public KTSParameterSpec build()
-        {
-            return new KTSParameterSpec(algorithmName, keySizeInBits, parameterSpec, kdfAlgorithm, otherInfo);
-        }
-    }
-
-    private KTSParameterSpec(
-        String wrappingKeyAlgorithm, int keySizeInBits,
-        AlgorithmParameterSpec parameterSpec, AlgorithmIdentifier kdfAlgorithm, byte[] otherInfo)
-    {
-        this.wrappingKeyAlgorithm = wrappingKeyAlgorithm;
-        this.keySizeInBits = keySizeInBits;
-        this.parameterSpec = parameterSpec;
-        this.kdfAlgorithm = kdfAlgorithm;
-        this.otherInfo = otherInfo;
-    }
-
-    /**
-     * Return the name of the algorithm for the wrapping key this key spec should use.
-     *
-     * @return the key algorithm.
-     */
-    public String getKeyAlgorithmName()
-    {
-        return wrappingKeyAlgorithm;
-    }
-
-    /**
-     * Return the size of the key (in bits) for the wrapping key this key spec should use.
-     *
-     * @return length in bits of the key to be calculated.
-     */
-    public int getKeySize()
-    {
-        return keySizeInBits;
-    }
-
-    /**
-     * Return the algorithm parameter spec to be applied with the private key when the encapsulation is decrypted.
-     *
-     * @return the algorithm parameter spec to be used with the private key.
-     */
-    public AlgorithmParameterSpec getParameterSpec()
-    {
-        return parameterSpec;
-    }
-
-    /**
-     * Return the AlgorithmIdentifier for the KDF to do key derivation after extracting the secret.
-     *
-     * @return the AlgorithmIdentifier for the SecretKeyFactory's KDF.
-     */
-    public AlgorithmIdentifier getKdfAlgorithm()
-    {
-        return kdfAlgorithm;
-    }
-
-    /**
-     * Return the otherInfo data for initialising the KDF.
-     *
-     * @return the otherInfo data.
-     */
-    public byte[] getOtherInfo()
-    {
-        return Arrays.clone(otherInfo);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/MQVParameterSpec.java b/bcprov/src/main/java/org/bouncycastle/jcajce/spec/MQVParameterSpec.java
deleted file mode 100644
index 76ae8d6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/MQVParameterSpec.java
+++ /dev/null

@@ -1,73 +0,0 @@
-package org.bouncycastle.jcajce.spec;
-
-import java.security.KeyPair;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * Parameter spec to provide MQV ephemeral keys and user keying material.
- */
-public class MQVParameterSpec
-    implements AlgorithmParameterSpec
-{
-    private final PublicKey ephemeralPublicKey;
-    private final PrivateKey ephemeralPrivateKey;
-    private final PublicKey otherPartyEphemeralKey;
-    private final byte[] userKeyingMaterial;
-
-    public MQVParameterSpec(PublicKey ephemeralPublicKey, PrivateKey ephemeralPrivateKey, PublicKey otherPartyEphemeralKey, byte[] userKeyingMaterial)
-    {
-        this.ephemeralPublicKey = ephemeralPublicKey;
-        this.ephemeralPrivateKey = ephemeralPrivateKey;
-        this.otherPartyEphemeralKey = otherPartyEphemeralKey;
-        this.userKeyingMaterial = Arrays.clone(userKeyingMaterial);
-    }
-
-    public MQVParameterSpec(PublicKey ephemeralPublicKey, PrivateKey ephemeralPrivateKey, PublicKey otherPartyEphemeralKey)
-    {
-        this(ephemeralPublicKey, ephemeralPrivateKey, otherPartyEphemeralKey, null);
-    }
-
-    public MQVParameterSpec(KeyPair ephemeralKeyPair, PublicKey otherPartyEphemeralKey, byte[] userKeyingMaterial)
-    {
-        this(ephemeralKeyPair.getPublic(), ephemeralKeyPair.getPrivate(), otherPartyEphemeralKey, userKeyingMaterial);
-    }
-
-    public MQVParameterSpec(PrivateKey ephemeralPrivateKey, PublicKey otherPartyEphemeralKey, byte[] userKeyingMaterial)
-    {
-        this(null, ephemeralPrivateKey, otherPartyEphemeralKey, userKeyingMaterial);
-    }
-
-    public MQVParameterSpec(KeyPair ephemeralKeyPair, PublicKey otherPartyEphemeralKey)
-    {
-        this(ephemeralKeyPair.getPublic(), ephemeralKeyPair.getPrivate(), otherPartyEphemeralKey, null);
-    }
-
-    public MQVParameterSpec(PrivateKey ephemeralPrivateKey, PublicKey otherPartyEphemeralKey)
-    {
-        this(null, ephemeralPrivateKey, otherPartyEphemeralKey, null);
-    }
-
-    public PrivateKey getEphemeralPrivateKey()
-    {
-        return ephemeralPrivateKey;
-    }
-
-    public PublicKey getEphemeralPublicKey()
-    {
-        return ephemeralPublicKey;
-    }
-
-    public PublicKey getOtherPartyEphemeralKey()
-    {
-        return otherPartyEphemeralKey;
-    }
-
-    public byte[] getUserKeyingMaterial()
-    {
-        return Arrays.clone(userKeyingMaterial);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/RepeatedSecretKeySpec.java b/bcprov/src/main/java/org/bouncycastle/jcajce/spec/RepeatedSecretKeySpec.java
deleted file mode 100644
index 6af15db..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/RepeatedSecretKeySpec.java
+++ /dev/null

@@ -1,34 +0,0 @@
-package org.bouncycastle.jcajce.spec;
-
-
-import javax.crypto.SecretKey;
-
-/**
- * A simple object to indicate that a symmetric cipher should reuse the
- * last key provided.
- */
-public class RepeatedSecretKeySpec
-    implements SecretKey
-{
-    private String algorithm;
-
-    public RepeatedSecretKeySpec(String algorithm)
-    {
-        this.algorithm = algorithm;
-    }
-
-    public String getAlgorithm()
-    {
-        return algorithm;
-    }
-
-    public String getFormat()
-    {
-        return null;
-    }
-
-    public byte[] getEncoded()
-    {
-        return null;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/SM2ParameterSpec.java b/bcprov/src/main/java/org/bouncycastle/jcajce/spec/SM2ParameterSpec.java
deleted file mode 100644
index aefde8f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/SM2ParameterSpec.java
+++ /dev/null

@@ -1,40 +0,0 @@
-package org.bouncycastle.jcajce.spec;
-
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * Parameter spec for SM2 ID parameter
- */
-public class SM2ParameterSpec
-    implements AlgorithmParameterSpec
-{
-    private byte[] id;
-
-    /**
-     * Base constructor.
-     *
-     * @param id the ID string associated with this usage of SM2.
-     */
-    public SM2ParameterSpec(
-        byte[] id)
-    {
-        if (id == null)
-        {
-            throw new NullPointerException("id string cannot be null");
-        }
-
-        this.id = Arrays.clone(id);
-    }
-
-    /**
-     * Return the ID value.
-     *
-     * @return the ID string.
-     */
-    public byte[] getID()
-    {
-        return Arrays.clone(id);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/ScryptKeySpec.java b/bcprov/src/main/java/org/bouncycastle/jcajce/spec/ScryptKeySpec.java
deleted file mode 100644
index 92468dc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/ScryptKeySpec.java
+++ /dev/null

@@ -1,65 +0,0 @@
-package org.bouncycastle.jcajce.spec;
-
-import java.security.spec.KeySpec;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * Key spec for use with the scrypt SecretKeyFactory.
- */
-public class ScryptKeySpec
-    implements KeySpec
-{
-    private final char[] password;
-    private final byte[] salt;
-    private final int costParameter;
-    private final int blockSize;
-    private final int parallelizationParameter;
-    private final int keySize;
-
-    public ScryptKeySpec(char[] password, byte[] salt, int costParameter, int blockSize, int parallelizationParameter, int keySize)
-    {
-
-        this.password = password;
-        this.salt = Arrays.clone(salt);
-        this.costParameter = costParameter;
-        this.blockSize = blockSize;
-        this.parallelizationParameter = parallelizationParameter;
-        this.keySize = keySize;
-    }
-
-    public char[] getPassword()
-    {
-        return password;
-    }
-
-    public byte[] getSalt()
-    {
-        return Arrays.clone(salt);
-    }
-
-    public int getCostParameter()
-    {
-        return costParameter;
-    }
-
-    public int getBlockSize()
-    {
-        return blockSize;
-    }
-
-    public int getParallelizationParameter()
-    {
-        return parallelizationParameter;
-    }
-
-    /**
-     * Key length (in bits).
-     *
-     * @return length of the key to generate in bits.
-     */
-    public int getKeyLength()
-    {
-        return keySize;
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/SkeinParameterSpec.java b/bcprov/src/main/java/org/bouncycastle/jcajce/spec/SkeinParameterSpec.java
deleted file mode 100644
index c208548..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/SkeinParameterSpec.java
+++ /dev/null

@@ -1,327 +0,0 @@
-package org.bouncycastle.jcajce.spec;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.OutputStreamWriter;
-import java.security.spec.AlgorithmParameterSpec;
-import java.text.DateFormat;
-import java.text.SimpleDateFormat;
-import java.util.Collections;
-import java.util.Date;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.Locale;
-import java.util.Map;
-
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Integers;
-
-/**
- * Parameters for the Skein hash function - a series of byte[] strings identified by integer tags.
- * <p>
- * Parameterised Skein can be used for:
- * <ul>
- * <li>MAC generation, by providing a {@link org.bouncycastle.jcajce.spec.SkeinParameterSpec.Builder#setKey(byte[]) key}.</li>
- * <li>Randomised hashing, by providing a {@link org.bouncycastle.jcajce.spec.SkeinParameterSpec.Builder#setNonce(byte[]) nonce}.</li>
- * <li>A hash function for digital signatures, associating a
- * {@link org.bouncycastle.jcajce.spec.SkeinParameterSpec.Builder#setPublicKey(byte[]) public key} with the message digest.</li>
- * <li>A key derivation function, by providing a
- * {@link org.bouncycastle.jcajce.spec.SkeinParameterSpec.Builder#setKeyIdentifier(byte[]) key identifier}.</li>
- * <li>Personalised hashing, by providing a
- * {@link org.bouncycastle.jcajce.spec.SkeinParameterSpec.Builder#setPersonalisation(java.util.Date, String, String) recommended format} or
- * {@link org.bouncycastle.jcajce.spec.SkeinParameterSpec.Builder#setPersonalisation(byte[]) arbitrary} personalisation string.</li>
- * </ul>
- *
- * @see org.bouncycastle.crypto.digests.SkeinEngine
- * @see org.bouncycastle.crypto.digests.SkeinDigest
- * @see org.bouncycastle.crypto.macs.SkeinMac
- */
-public class SkeinParameterSpec
-    implements AlgorithmParameterSpec
-{
-    /**
-     * The parameter type for a secret key, supporting MAC or KDF functions: {@value
-     * #PARAM_TYPE_KEY}.
-     */
-    public static final int PARAM_TYPE_KEY = 0;
-
-    /**
-     * The parameter type for the Skein configuration block: {@value #PARAM_TYPE_CONFIG}.
-     */
-    public static final int PARAM_TYPE_CONFIG = 4;
-
-    /**
-     * The parameter type for a personalisation string: {@value #PARAM_TYPE_PERSONALISATION}.
-     */
-    public static final int PARAM_TYPE_PERSONALISATION = 8;
-
-    /**
-     * The parameter type for a public key: {@value #PARAM_TYPE_PUBLIC_KEY}.
-     */
-    public static final int PARAM_TYPE_PUBLIC_KEY = 12;
-
-    /**
-     * The parameter type for a key identifier string: {@value #PARAM_TYPE_KEY_IDENTIFIER}.
-     */
-    public static final int PARAM_TYPE_KEY_IDENTIFIER = 16;
-
-    /**
-     * The parameter type for a nonce: {@value #PARAM_TYPE_NONCE}.
-     */
-    public static final int PARAM_TYPE_NONCE = 20;
-
-    /**
-     * The parameter type for the message: {@value #PARAM_TYPE_MESSAGE}.
-     */
-    public static final int PARAM_TYPE_MESSAGE = 48;
-
-    /**
-     * The parameter type for the output transformation: {@value #PARAM_TYPE_OUTPUT}.
-     */
-    public static final int PARAM_TYPE_OUTPUT = 63;
-
-    private Map parameters;
-
-    public SkeinParameterSpec()
-    {
-        this(new HashMap());
-    }
-
-    private SkeinParameterSpec(Map parameters)
-    {
-        this.parameters = Collections.unmodifiableMap(parameters);
-    }
-
-    /**
-     * Obtains a map of type (Integer) to value (byte[]) for the parameters tracked in this object.
-     */
-    public Map getParameters()
-    {
-        return parameters;
-    }
-
-    /**
-     * Obtains the value of the {@link #PARAM_TYPE_KEY key parameter}, or <code>null</code> if not
-     * set.
-     */
-    public byte[] getKey()
-    {
-        return Arrays.clone((byte[])parameters.get(Integers.valueOf(PARAM_TYPE_KEY)));
-    }
-
-    /**
-     * Obtains the value of the {@link #PARAM_TYPE_PERSONALISATION personalisation parameter}, or
-     * <code>null</code> if not set.
-     */
-    public byte[] getPersonalisation()
-    {
-        return Arrays.clone((byte[])parameters.get(Integers.valueOf(PARAM_TYPE_PERSONALISATION)));
-    }
-
-    /**
-     * Obtains the value of the {@link #PARAM_TYPE_PUBLIC_KEY public key parameter}, or
-     * <code>null</code> if not set.
-     */
-    public byte[] getPublicKey()
-    {
-        return Arrays.clone((byte[])parameters.get(Integers.valueOf(PARAM_TYPE_PUBLIC_KEY)));
-    }
-
-    /**
-     * Obtains the value of the {@link #PARAM_TYPE_KEY_IDENTIFIER key identifier parameter}, or
-     * <code>null</code> if not set.
-     */
-    public byte[] getKeyIdentifier()
-    {
-        return Arrays.clone((byte[])parameters.get(Integers.valueOf(PARAM_TYPE_KEY_IDENTIFIER)));
-    }
-
-    /**
-     * Obtains the value of the {@link #PARAM_TYPE_NONCE nonce parameter}, or <code>null</code> if
-     * not set.
-     */
-    public byte[] getNonce()
-    {
-        return Arrays.clone((byte[])parameters.get(Integers.valueOf(PARAM_TYPE_NONCE)));
-    }
-
-    /**
-     * A builder for {@link org.bouncycastle.jcajce.spec.SkeinParameterSpec}.
-     */
-    public static class Builder
-    {
-        private Map parameters = new HashMap();
-
-        public Builder()
-        {
-        }
-
-        public Builder(SkeinParameterSpec params)
-        {
-            Iterator keys = params.parameters.keySet().iterator();
-            while (keys.hasNext())
-            {
-                Integer key = (Integer)keys.next();
-                parameters.put(key, params.parameters.get(key));
-            }
-        }
-
-        /**
-         * Sets a parameters to apply to the Skein hash function.<br>
-         * Parameter types must be in the range 0,5..62, and cannot use the value {@value
-         * org.bouncycastle.jcajce.spec.SkeinParameterSpec#PARAM_TYPE_MESSAGE} (reserved for message body).
-         * <p>
-         * Parameters with type &lt; {@value org.bouncycastle.jcajce.spec.SkeinParameterSpec#PARAM_TYPE_MESSAGE} are processed before
-         * the message content, parameters with type &gt; {@value org.bouncycastle.jcajce.spec.SkeinParameterSpec#PARAM_TYPE_MESSAGE}
-         * are processed after the message and prior to output.
-         * </p>
-         *
-         * @param type  the type of the parameter, in the range 5..62.
-         * @param value the byte sequence of the parameter.
-         * @return the current builder instance.
-         */
-        public Builder set(int type, byte[] value)
-        {
-            if (value == null)
-            {
-                throw new IllegalArgumentException("Parameter value must not be null.");
-            }
-            if ((type != PARAM_TYPE_KEY)
-                && (type <= PARAM_TYPE_CONFIG || type >= PARAM_TYPE_OUTPUT || type == PARAM_TYPE_MESSAGE))
-            {
-                throw new IllegalArgumentException("Parameter types must be in the range 0,5..47,49..62.");
-            }
-            if (type == PARAM_TYPE_CONFIG)
-            {
-                throw new IllegalArgumentException("Parameter type " + PARAM_TYPE_CONFIG
-                    + " is reserved for internal use.");
-            }
-            this.parameters.put(Integers.valueOf(type), value);
-            return this;
-        }
-
-        /**
-         * Sets the {@link org.bouncycastle.jcajce.spec.SkeinParameterSpec#PARAM_TYPE_KEY} parameter.
-         */
-        public Builder setKey(byte[] key)
-        {
-            return set(PARAM_TYPE_KEY, key);
-        }
-
-        /**
-         * Sets the {@link org.bouncycastle.jcajce.spec.SkeinParameterSpec#PARAM_TYPE_PERSONALISATION} parameter.
-         */
-        public Builder setPersonalisation(byte[] personalisation)
-        {
-            return set(PARAM_TYPE_PERSONALISATION, personalisation);
-        }
-
-        /**
-         * Implements the recommended personalisation format for Skein defined in Section 4.11 of
-         * the Skein 1.3 specification.
-         * <p>
-         * The format is <code>YYYYMMDD email@address distinguisher</code>, encoded to a byte
-         * sequence using UTF-8 encoding.
-         * </p>
-         *
-         * @param date          the date the personalised application of the Skein was defined.
-         * @param emailAddress  the email address of the creation of the personalised application.
-         * @param distinguisher an arbitrary personalisation string distinguishing the application.
-         * @return the current builder instance.
-         */
-        public Builder setPersonalisation(Date date, String emailAddress, String distinguisher)
-        {
-            try
-            {
-                final ByteArrayOutputStream bout = new ByteArrayOutputStream();
-                final OutputStreamWriter out = new OutputStreamWriter(bout, "UTF-8");
-                final DateFormat format = new SimpleDateFormat("YYYYMMDD");
-                out.write(format.format(date));
-                out.write(" ");
-                out.write(emailAddress);
-                out.write(" ");
-                out.write(distinguisher);
-                out.close();
-                return set(PARAM_TYPE_PERSONALISATION, bout.toByteArray());
-            }
-            catch (IOException e)
-            {
-                throw new IllegalStateException("Byte I/O failed: " + e);
-            }
-        }
-
-        /**
-         * Implements the recommended personalisation format for Skein defined in Section 4.11 of
-         * the Skein 1.3 specification. You may need to use this method if the default locale
-         * doesn't use a Gregorian calender so that the GeneralizedTime produced is compatible implementations.
-         * <p>
-         * The format is <code>YYYYMMDD email@address distinguisher</code>, encoded to a byte
-         * sequence using UTF-8 encoding.
-         *
-         * @param date          the date the personalised application of the Skein was defined.
-         * @param dateLocale    locale to be used for date interpretation.
-         * @param emailAddress  the email address of the creation of the personalised application.
-         * @param distinguisher an arbitrary personalisation string distinguishing the application.
-         * @return the current builder instance.
-         */
-        public Builder setPersonalisation(Date date, Locale dateLocale, String emailAddress, String distinguisher)
-        {
-            try
-            {
-                final ByteArrayOutputStream bout = new ByteArrayOutputStream();
-                final OutputStreamWriter out = new OutputStreamWriter(bout, "UTF-8");
-                final DateFormat format = new SimpleDateFormat("YYYYMMDD", dateLocale);
-                out.write(format.format(date));
-                out.write(" ");
-                out.write(emailAddress);
-                out.write(" ");
-                out.write(distinguisher);
-                out.close();
-                return set(PARAM_TYPE_PERSONALISATION, bout.toByteArray());
-            }
-            catch (IOException e)
-            {
-                throw new IllegalStateException("Byte I/O failed: " + e);
-            }
-        }
-
-        /**
-         * Sets the {@link org.bouncycastle.jcajce.spec.SkeinParameterSpec#PARAM_TYPE_KEY_IDENTIFIER} parameter.
-         *
-         * @return the current builder instance.
-         */
-        public Builder setPublicKey(byte[] publicKey)
-        {
-            return set(PARAM_TYPE_PUBLIC_KEY, publicKey);
-        }
-
-        /**
-         * Sets the {@link org.bouncycastle.jcajce.spec.SkeinParameterSpec#PARAM_TYPE_KEY_IDENTIFIER} parameter.
-         *
-         * @return the current builder instance.
-         */
-        public Builder setKeyIdentifier(byte[] keyIdentifier)
-        {
-            return set(PARAM_TYPE_KEY_IDENTIFIER, keyIdentifier);
-        }
-
-        /**
-         * Sets the {@link org.bouncycastle.jcajce.spec.SkeinParameterSpec#PARAM_TYPE_NONCE} parameter.
-         *
-         * @return the current builder instance.
-         */
-        public Builder setNonce(byte[] nonce)
-        {
-            return set(PARAM_TYPE_NONCE, nonce);
-        }
-
-        /**
-         * Constructs a new {@link org.bouncycastle.jcajce.spec.SkeinParameterSpec} instance with the parameters provided to this
-         * builder.
-         */
-        public SkeinParameterSpec build()
-        {
-            return new SkeinParameterSpec(parameters);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/TLSKeyMaterialSpec.java b/bcprov/src/main/java/org/bouncycastle/jcajce/spec/TLSKeyMaterialSpec.java
deleted file mode 100644
index 6a862c5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/TLSKeyMaterialSpec.java
+++ /dev/null

@@ -1,76 +0,0 @@
-package org.bouncycastle.jcajce.spec;
-
-import java.security.spec.KeySpec;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * Key Spec class for generating TLS key/iv material.
- */
-public class TLSKeyMaterialSpec
-    implements KeySpec
-{
-    public static final String MASTER_SECRET = "master secret";
-    public static final String KEY_EXPANSION = "key expansion";
-
-    private final byte[] secret;
-    private final String label;
-    private final int length;
-    private final byte[] seed;
-
-    /**
-     * Constructor specifying the basic parameters for a TLS KDF
-     *
-     * @param secret secret to use
-     * @param label e.g. 'master secret', or 'key expansion'
-     * @param length number of bytes of material to be generated
-     * @param seedMaterial array of seed material inputs (to be concatenated together)
-     */
-    public TLSKeyMaterialSpec(byte[] secret, String label, int length, byte[]... seedMaterial)
-    {
-        this.secret = Arrays.clone(secret);
-        this.label = label;
-        this.length = length;
-        this.seed = Arrays.concatenate(seedMaterial);
-    }
-
-    /**
-     * Return the label associated with this spec.
-     *
-     * @return the label to be used with the TLS KDF.
-     */
-    public String getLabel()
-    {
-        return label;
-    }
-
-    /**
-     * Return the number of bytes of key material to be generated for this spec.
-     *
-     * @return the length in bytes of the result.
-     */
-    public int getLength()
-    {
-        return length;
-    }
-
-    /**
-     * Return the secret associated with this spec.
-     *
-     * @return a copy of the secret.
-     */
-    public byte[] getSecret()
-    {
-        return Arrays.clone(secret);
-    }
-
-    /**
-     * Return the full seed for the spec.
-     *
-     * @return a copy of the seed.
-     */
-    public byte[] getSeed()
-    {
-        return Arrays.clone(seed);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/XDHParameterSpec.java b/bcprov/src/main/java/org/bouncycastle/jcajce/spec/XDHParameterSpec.java
deleted file mode 100644
index 600e2d6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/spec/XDHParameterSpec.java
+++ /dev/null

@@ -1,56 +0,0 @@
-package org.bouncycastle.jcajce.spec;
-
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.asn1.edec.EdECObjectIdentifiers;
-
-/**
- * ParameterSpec for XDH key agreement algorithms.
- */
-public class XDHParameterSpec
-    implements AlgorithmParameterSpec
-{
-    public static final String X25519 = "X25519";
-    public static final String X448 = "X448";
-
-    private final String curveName;
-
-    /**
-     * Base constructor.
-     *
-     * @param curveName name of the curve to specify.
-     */
-    public XDHParameterSpec(String curveName)
-    {
-        if (curveName.equalsIgnoreCase(X25519))
-        {
-            this.curveName = X25519;
-        }
-        else if (curveName.equalsIgnoreCase(X448))
-        {
-            this.curveName = X448;
-        }
-        else if (curveName.equals(EdECObjectIdentifiers.id_X25519.getId()))
-        {
-            this.curveName = X25519;
-        }
-        else if (curveName.equals(EdECObjectIdentifiers.id_X448.getId()))
-        {
-            this.curveName = X448;
-        }
-        else
-        {
-            throw new IllegalArgumentException("unrecognized curve name: " + curveName);
-        }
-    }
-
-    /**
-     * Return the curve name specified by this parameterSpec.
-     *
-     * @return the name of the curve this parameterSpec specifies.
-     */
-    public String getCurveName()
-    {
-        return curveName;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/util/JcaJceUtils.java b/bcprov/src/main/java/org/bouncycastle/jcajce/util/JcaJceUtils.java
index b4ede4a..4237ac6 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/util/JcaJceUtils.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/util/JcaJceUtils.java

@@ -6,11 +6,13 @@
 import org.bouncycastle.asn1.ASN1Encodable;
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
 import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
 
 /**
  * General JCA/JCE utility methods.
@@ -103,6 +105,8 @@
         {
             return "SHA512";
         }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
         {
             return "RIPEMD128";
@@ -119,6 +123,8 @@
         {
             return "GOST3411";
         }
+        */
+        // END Android-removed: Unsupported algorithms
         else
         {
             return digestAlgOID.getId();

diff --git a/bcprov/src/main/java/org/bouncycastle/jcajce/util/MessageDigestUtils.java b/bcprov/src/main/java/org/bouncycastle/jcajce/util/MessageDigestUtils.java
index 8951234..e20d1f1 100644
--- a/bcprov/src/main/java/org/bouncycastle/jcajce/util/MessageDigestUtils.java
+++ b/bcprov/src/main/java/org/bouncycastle/jcajce/util/MessageDigestUtils.java

@@ -4,14 +4,16 @@
 import java.util.Map;
 
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
-import org.bouncycastle.asn1.gnu.GNUObjectIdentifiers;
-import org.bouncycastle.asn1.iso.ISOIECObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
+// import org.bouncycastle.asn1.gnu.GNUObjectIdentifiers;
+// import org.bouncycastle.asn1.iso.ISOIECObjectIdentifiers;
 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
 
 public class MessageDigestUtils
 {
@@ -19,14 +21,18 @@
 
     static
     {
-        digestOidMap.put(PKCSObjectIdentifiers.md2, "MD2");
-        digestOidMap.put(PKCSObjectIdentifiers.md4, "MD4");
+        // BEGIN Android-removed: Unsupported algorithms
+        // digestOidMap.put(PKCSObjectIdentifiers.md2, "MD2");
+        // digestOidMap.put(PKCSObjectIdentifiers.md4, "MD4");
+        // END Android-removed: Unsupported algorithms
         digestOidMap.put(PKCSObjectIdentifiers.md5, "MD5");
         digestOidMap.put(OIWObjectIdentifiers.idSHA1, "SHA-1");
         digestOidMap.put(NISTObjectIdentifiers.id_sha224, "SHA-224");
         digestOidMap.put(NISTObjectIdentifiers.id_sha256, "SHA-256");
         digestOidMap.put(NISTObjectIdentifiers.id_sha384, "SHA-384");
         digestOidMap.put(NISTObjectIdentifiers.id_sha512, "SHA-512");
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         digestOidMap.put(TeleTrusTObjectIdentifiers.ripemd128, "RIPEMD-128");
         digestOidMap.put(TeleTrusTObjectIdentifiers.ripemd160, "RIPEMD-160");
         digestOidMap.put(TeleTrusTObjectIdentifiers.ripemd256, "RIPEMD-128");
@@ -40,6 +46,8 @@
         digestOidMap.put(NISTObjectIdentifiers.id_sha3_384, "SHA3-384");
         digestOidMap.put(NISTObjectIdentifiers.id_sha3_512, "SHA3-512");
         digestOidMap.put(GMObjectIdentifiers.sm3, "SM3");
+        */
+        // END Android-removed: Unsupported algorithms
     }
 
     /**

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/ECGOST3410NamedCurveTable.java b/bcprov/src/main/java/org/bouncycastle/jce/ECGOST3410NamedCurveTable.java
deleted file mode 100644
index 7843e0a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/ECGOST3410NamedCurveTable.java
+++ /dev/null

@@ -1,61 +0,0 @@
-package org.bouncycastle.jce;
-
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
-
-/**
- * a table of locally supported named curves.
- */
-public class ECGOST3410NamedCurveTable
-{
-    /**
-     * return a parameter spec representing the passed in named
-     * curve. The routine returns null if the curve is not present.
-     * 
-     * @param name the name of the curve requested
-     * @return a parameter spec for the curve, null if it is not available.
-     */
-    public static ECNamedCurveParameterSpec getParameterSpec(
-        String  name)
-    {
-        ECDomainParameters  ecP = ECGOST3410NamedCurves.getByName(name);
-        if (ecP == null)
-        {
-            try
-            {
-                ecP = ECGOST3410NamedCurves.getByOID(new ASN1ObjectIdentifier(name));
-            }
-            catch (IllegalArgumentException e)
-            {
-                return null; // not an oid.
-            }
-        }
-        
-        if (ecP == null)
-        {
-            return null;
-        }
-
-        return new ECNamedCurveParameterSpec(
-                                        name,
-                                        ecP.getCurve(),
-                                        ecP.getG(),
-                                        ecP.getN(),
-                                        ecP.getH(),
-                                        ecP.getSeed());
-    }
-
-    /**
-     * return an enumeration of the names of the available curves.
-     *
-     * @return an enumeration of the names of the available curves.
-     */
-    public static Enumeration getNames()
-    {
-        return ECGOST3410NamedCurves.getNames();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/ECKeyUtil.java b/bcprov/src/main/java/org/bouncycastle/jce/ECKeyUtil.java
deleted file mode 100644
index 15f13cf..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/ECKeyUtil.java
+++ /dev/null

@@ -1,229 +0,0 @@
-package org.bouncycastle.jce;
-
-import java.io.UnsupportedEncodingException;
-import java.security.KeyFactory;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PrivateKey;
-import java.security.Provider;
-import java.security.PublicKey;
-import java.security.Security;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x9.X962Parameters;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-
-/**
- * Utility class to allow conversion of EC key parameters to explicit from named
- * curves and back (where possible).
- */
-public class ECKeyUtil
-{
-    /**
-     * Convert a passed in public EC key to have explicit parameters. If the key
-     * is already using explicit parameters it is returned.
-     *
-     * @param key key to be converted
-     * @param providerName provider name to be used.
-     * @return the equivalent key with explicit curve parameters
-     * @throws IllegalArgumentException
-     * @throws NoSuchAlgorithmException
-     * @throws NoSuchProviderException
-     */
-    public static PublicKey publicToExplicitParameters(PublicKey key, String providerName)
-        throws IllegalArgumentException, NoSuchAlgorithmException, NoSuchProviderException
-    {
-        Provider provider = Security.getProvider(providerName);
-
-        if (provider == null)
-        {
-            throw new NoSuchProviderException("cannot find provider: " + providerName);
-        }
-
-        return publicToExplicitParameters(key, provider);
-    }
-
-    /**
-     * Convert a passed in public EC key to have explicit parameters. If the key
-     * is already using explicit parameters it is returned.
-     *
-     * @param key key to be converted
-     * @param provider provider to be used.
-     * @return the equivalent key with explicit curve parameters
-     * @throws IllegalArgumentException
-     * @throws NoSuchAlgorithmException
-     */
-    public static PublicKey publicToExplicitParameters(PublicKey key, Provider provider)
-        throws IllegalArgumentException, NoSuchAlgorithmException
-    {
-        try
-        {
-            SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(key.getEncoded()));
-
-            if (info.getAlgorithm().getAlgorithm().equals(CryptoProObjectIdentifiers.gostR3410_2001))
-            {
-                throw new IllegalArgumentException("cannot convert GOST key to explicit parameters.");
-            }
-            else
-            {
-                X962Parameters params = X962Parameters.getInstance(info.getAlgorithm().getParameters());
-                X9ECParameters curveParams;
-
-                if (params.isNamedCurve())
-                {
-                    ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters());
-
-                    curveParams = ECUtil.getNamedCurveByOid(oid);
-                    // ignore seed value due to JDK bug
-                    curveParams = new X9ECParameters(curveParams.getCurve(), curveParams.getG(), curveParams.getN(), curveParams.getH());
-                }
-                else if (params.isImplicitlyCA())
-                {
-                    curveParams = new X9ECParameters(BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa().getCurve(), BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa().getG(), BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa().getN(), BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa().getH());
-                }
-                else
-                {
-                    return key;   // already explicit
-                }
-
-                params = new X962Parameters(curveParams);
-
-                info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params), info.getPublicKeyData().getBytes());
-
-                KeyFactory keyFact = KeyFactory.getInstance(key.getAlgorithm(), provider);
-
-                return keyFact.generatePublic(new X509EncodedKeySpec(info.getEncoded()));
-            }
-        }
-        catch (IllegalArgumentException e)
-        {
-            throw e;
-        }
-        catch (NoSuchAlgorithmException e)
-        {
-            throw e;
-        }
-        catch (Exception e)
-        {               // shouldn't really happen...
-            throw new UnexpectedException(e);
-        }
-    }
-
-    /**
-     * Convert a passed in private EC key to have explicit parameters. If the key
-     * is already using explicit parameters it is returned.
-     *
-     * @param key key to be converted
-     * @param providerName provider name to be used.
-     * @return the equivalent key with explicit curve parameters
-     * @throws IllegalArgumentException
-     * @throws NoSuchAlgorithmException
-     * @throws NoSuchProviderException
-     */
-    public static PrivateKey privateToExplicitParameters(PrivateKey key, String providerName)
-        throws IllegalArgumentException, NoSuchAlgorithmException, NoSuchProviderException
-    {
-        Provider provider = Security.getProvider(providerName);
-
-        if (provider == null)
-        {
-            throw new NoSuchProviderException("cannot find provider: " + providerName);
-        }
-
-        return privateToExplicitParameters(key, provider);
-    }
-
-    /**
-     * Convert a passed in private EC key to have explicit parameters. If the key
-     * is already using explicit parameters it is returned.
-     *
-     * @param key key to be converted
-     * @param provider provider to be used.
-     * @return the equivalent key with explicit curve parameters
-     * @throws IllegalArgumentException
-     * @throws NoSuchAlgorithmException
-     */
-    public static PrivateKey privateToExplicitParameters(PrivateKey key, Provider provider)
-        throws IllegalArgumentException, NoSuchAlgorithmException
-    {
-        try
-        {
-            PrivateKeyInfo info = PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(key.getEncoded()));
-
-            if (info.getPrivateKeyAlgorithm().getAlgorithm().equals(CryptoProObjectIdentifiers.gostR3410_2001))
-            {
-                throw new UnsupportedEncodingException("cannot convert GOST key to explicit parameters.");
-            }
-            else
-            {
-                X962Parameters params = X962Parameters.getInstance(info.getPrivateKeyAlgorithm().getParameters());
-                X9ECParameters curveParams;
-
-                if (params.isNamedCurve())
-                {
-                    ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters());
-
-                    curveParams = ECUtil.getNamedCurveByOid(oid);
-                    // ignore seed value due to JDK bug
-                    curveParams = new X9ECParameters(curveParams.getCurve(), curveParams.getG(), curveParams.getN(), curveParams.getH());
-                }
-                else if (params.isImplicitlyCA())
-                {
-                    curveParams = new X9ECParameters(BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa().getCurve(), BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa().getG(), BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa().getN(), BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa().getH());
-                }
-                else
-                {
-                    return key;   // already explicit
-                }
-
-                params = new X962Parameters(curveParams);
-
-                info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params), info.parsePrivateKey());
-
-                KeyFactory keyFact = KeyFactory.getInstance(key.getAlgorithm(), provider);
-
-                return keyFact.generatePrivate(new PKCS8EncodedKeySpec(info.getEncoded()));
-            }
-        }
-        catch (IllegalArgumentException e)
-        {
-            throw e;
-        }
-        catch (NoSuchAlgorithmException e)
-        {
-            throw e;
-        }
-        catch (Exception e)
-        {          // shouldn't really happen
-            throw new UnexpectedException(e);
-        }
-    }
-
-    private static class UnexpectedException
-        extends RuntimeException
-    {
-        private Throwable cause;
-
-        UnexpectedException(Throwable cause)
-        {
-            super(cause.toString());
-
-            this.cause = cause;
-        }
-
-        public Throwable getCause()
-        {
-            return cause;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/ECPointUtil.java b/bcprov/src/main/java/org/bouncycastle/jce/ECPointUtil.java
deleted file mode 100644
index 40e5beb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/ECPointUtil.java
+++ /dev/null

@@ -1,55 +0,0 @@
-package org.bouncycastle.jce;
-
-import java.security.spec.ECFieldF2m;
-import java.security.spec.ECFieldFp;
-import java.security.spec.ECPoint;
-import java.security.spec.EllipticCurve;
-
-import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
-import org.bouncycastle.math.ec.ECCurve;
-
-/**
- * Utility class for handling EC point decoding.
- */
-public class ECPointUtil
-{
-    /**
-     * Decode a point on this curve which has been encoded using point
-     * compression (X9.62 s 4.2.1 and 4.2.2) or regular encoding.
-     * 
-     * @param curve
-     *            The elliptic curve.
-     * @param encoded
-     *            The encoded point.
-     * @return the decoded point.
-     */
-    public static ECPoint decodePoint(
-       EllipticCurve curve, 
-       byte[] encoded)
-    {
-        ECCurve c = null;
-        
-        if (curve.getField() instanceof ECFieldFp)
-        {
-            c = new ECCurve.Fp(
-                    ((ECFieldFp)curve.getField()).getP(), curve.getA(), curve.getB());
-        }
-        else
-        {
-            int k[] = ((ECFieldF2m)curve.getField()).getMidTermsOfReductionPolynomial();
-            
-            if (k.length == 3)
-            {
-                c = new ECCurve.F2m(
-                        ((ECFieldF2m)curve.getField()).getM(), k[2], k[1], k[0], curve.getA(), curve.getB());
-            }
-            else
-            {
-                c = new ECCurve.F2m(
-                        ((ECFieldF2m)curve.getField()).getM(), k[0], curve.getA(), curve.getB());
-            }
-        }
-
-        return EC5Util.convertPoint(c.decodePoint(encoded));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/MultiCertStoreParameters.java b/bcprov/src/main/java/org/bouncycastle/jce/MultiCertStoreParameters.java
deleted file mode 100644
index 2ffa031..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/MultiCertStoreParameters.java
+++ /dev/null

@@ -1,51 +0,0 @@
-package org.bouncycastle.jce;
-
-import java.security.cert.CertStoreParameters;
-import java.util.Collection;
-
-public class MultiCertStoreParameters
-    implements CertStoreParameters
-{
-    private Collection certStores;
-    private boolean searchAllStores;
-
-    /**
-     * Create a parameters object which specifies searching of all the passed in stores.
-     *
-     * @param certStores CertStores making up the multi CertStore
-     */
-    public MultiCertStoreParameters(Collection certStores)
-    {
-        this(certStores, true);
-    }
-
-    /**
-     * Create a parameters object which can be to used to make a multi store made up
-     * of the passed in CertStores. If the searchAllStores parameter is false, any search on
-     * the multi-store will terminate as soon as a search query produces a result.
-     * 
-     * @param certStores CertStores making up the multi CertStore
-     * @param searchAllStores true if all CertStores should be searched on request, false if a result
-     * should be returned on the first successful CertStore query.
-     */
-    public MultiCertStoreParameters(Collection certStores, boolean searchAllStores)
-    {
-        this.certStores = certStores;
-        this.searchAllStores = searchAllStores;
-    }
-
-    public Collection getCertStores()
-    {
-        return certStores;
-    }
-
-    public boolean getSearchAllStores()
-    {
-        return searchAllStores;
-    }
-
-    public Object clone()
-    {
-        return this;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/PKCS10CertificationRequest.java b/bcprov/src/main/java/org/bouncycastle/jce/PKCS10CertificationRequest.java
index 3dbd6ec..1c63c3b 100644
--- a/bcprov/src/main/java/org/bouncycastle/jce/PKCS10CertificationRequest.java
+++ b/bcprov/src/main/java/org/bouncycastle/jce/PKCS10CertificationRequest.java

@@ -30,14 +30,16 @@
 import org.bouncycastle.asn1.ASN1Set;
 import org.bouncycastle.asn1.DERBitString;
 import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.CertificationRequest;
 import org.bouncycastle.asn1.pkcs.CertificationRequestInfo;
 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.RSASSAPSSparams;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
 import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
 import org.bouncycastle.asn1.x509.X509Name;
@@ -81,8 +83,10 @@
 
     static
     {
-        algorithms.put("MD2WITHRSAENCRYPTION", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"));
-        algorithms.put("MD2WITHRSA", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"));
+        // Android-removed: Unsupported algorithms
+        // algorithms.put("MD2WITHRSAENCRYPTION", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"));
+        // algorithms.put("MD2WITHRSA", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"));
+        // END Android-removed: Unsupported algorithms
         algorithms.put("MD5WITHRSAENCRYPTION", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"));
         algorithms.put("MD5WITHRSA", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"));
         algorithms.put("RSAWITHMD5", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"));
@@ -102,12 +106,14 @@
         algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
         algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
         algorithms.put("RSAWITHSHA1", new ASN1ObjectIdentifier("1.2.840.113549.1.1.5"));
-        algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
-        algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
-        algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
-        algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
-        algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
-        algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
+        // BEGIN Android-removed: Unsupported algorithms
+        // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
+        // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
+        // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
+        // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
+        // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
+        // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
+        // END Android-removed: Unsupported algorithms
         algorithms.put("SHA1WITHDSA", new ASN1ObjectIdentifier("1.2.840.10040.4.3"));
         algorithms.put("DSAWITHSHA1", new ASN1ObjectIdentifier("1.2.840.10040.4.3"));
         algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224);
@@ -120,11 +126,13 @@
         algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384);
         algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512);
         algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1);
-        algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
-        algorithms.put("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
-        algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-        algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-        algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+        // BEGIN Android-removed: Unsupported algorithms
+        // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
+        // algorithms.put("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
+        // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+        // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+        // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+        // END Android-removed: Unsupported algorithms
 
         //
         // reverse mappings
@@ -134,11 +142,15 @@
         oids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256WITHRSA");
         oids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384WITHRSA");
         oids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512WITHRSA");
-        oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410");
-        oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410");
+        // BEGIN Android-removed: Unsupported algorithms
+        // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410");
+        // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410");
+        // END Android-removed: Unsupported algorithms
         
         oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"), "MD5WITHRSA");
-        oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA");
+        // BEGIN Android-removed: Unsupported algorithms
+        // oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA");
+        // END Android-removed: Unsupported algorithms
         oids.put(new ASN1ObjectIdentifier("1.2.840.10040.4.3"), "SHA1WITHDSA");
         oids.put(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1WITHECDSA");
         oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA");
@@ -172,8 +184,10 @@
         //
         // RFC 4491
         //
-        noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
-        noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+        // BEGIN Android-removed: Unsupported algorithms
+        // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
+        // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+        // END Android-removed: Unsupported algorithms
         //
         // explicit params
         //
@@ -616,6 +630,8 @@
         {
             return "SHA512";
         }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
         {
             return "RIPEMD128";
@@ -632,6 +648,8 @@
         {
             return "GOST3411";
         }
+        */
+        // END Android-removed: Unsupported algorithms
         else
         {
             return digestAlgOID.getId();            

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/PKCS12Util.java b/bcprov/src/main/java/org/bouncycastle/jce/PKCS12Util.java
deleted file mode 100644
index b791d55..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/PKCS12Util.java
+++ /dev/null

@@ -1,126 +0,0 @@
-package org.bouncycastle.jce;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-
-import javax.crypto.Mac;
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.spec.PBEKeySpec;
-import javax.crypto.spec.PBEParameterSpec;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DEROutputStream;
-import org.bouncycastle.asn1.pkcs.ContentInfo;
-import org.bouncycastle.asn1.pkcs.MacData;
-import org.bouncycastle.asn1.pkcs.Pfx;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.DigestInfo;
-
-/**
- * Utility class for reencoding PKCS#12 files to definite length.
- */
-public class PKCS12Util
-{
-    /**
-     * Just re-encode the outer layer of the PKCS#12 file to definite length encoding.
-     *
-     * @param berPKCS12File - original PKCS#12 file
-     * @return a byte array representing the DER encoding of the PFX structure
-     * @throws IOException
-     */
-    public static byte[] convertToDefiniteLength(byte[] berPKCS12File)
-        throws IOException
-    {
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        DEROutputStream dOut = new DEROutputStream(bOut);
-
-        Pfx pfx = Pfx.getInstance(berPKCS12File);
-
-        bOut.reset();
-
-        dOut.writeObject(pfx);
-
-        return bOut.toByteArray();
-    }
-
-    /**
-     * Re-encode the PKCS#12 structure to definite length encoding at the inner layer
-     * as well, recomputing the MAC accordingly.
-     *
-     * @param berPKCS12File - original PKCS12 file.
-     * @param provider - provider to use for MAC calculation.
-     * @return a byte array representing the DER encoding of the PFX structure.
-     * @throws IOException on parsing, encoding errors.
-     */
-    public static byte[] convertToDefiniteLength(byte[] berPKCS12File, char[] passwd, String provider)
-        throws IOException
-    {
-        Pfx pfx = Pfx.getInstance(berPKCS12File);
-
-        ContentInfo info = pfx.getAuthSafe();
-
-        ASN1OctetString content = ASN1OctetString.getInstance(info.getContent());
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        DEROutputStream dOut = new DEROutputStream(bOut);
-
-        ASN1InputStream contentIn = new ASN1InputStream(content.getOctets());
-        ASN1Primitive obj = contentIn.readObject();
-
-        dOut.writeObject(obj);
-
-        info = new ContentInfo(info.getContentType(), new DEROctetString(bOut.toByteArray()));
-
-        MacData mData = pfx.getMacData();
-        try
-        {
-            int itCount = mData.getIterationCount().intValue();
-            byte[] data = ASN1OctetString.getInstance(info.getContent()).getOctets();
-            byte[] res = calculatePbeMac(mData.getMac().getAlgorithmId().getAlgorithm(), mData.getSalt(), itCount, passwd, data, provider);
-
-            AlgorithmIdentifier algId = new AlgorithmIdentifier(mData.getMac().getAlgorithmId().getAlgorithm(), DERNull.INSTANCE);
-            DigestInfo dInfo = new DigestInfo(algId, res);
-
-            mData = new MacData(dInfo, mData.getSalt(), itCount);
-        }
-        catch (Exception e)
-        {
-            throw new IOException("error constructing MAC: " + e.toString());
-        }
-        
-        pfx = new Pfx(info, mData);
-
-        bOut.reset();
-        
-        dOut.writeObject(pfx);
-        
-        return bOut.toByteArray();
-    }
-
-    private static byte[] calculatePbeMac(
-        ASN1ObjectIdentifier oid,
-        byte[]              salt,
-        int                 itCount,
-        char[]              password,
-        byte[]              data,
-        String              provider)
-        throws Exception
-    {
-        SecretKeyFactory keyFact = SecretKeyFactory.getInstance(oid.getId(), provider);
-        PBEParameterSpec defParams = new PBEParameterSpec(salt, itCount);
-        PBEKeySpec pbeSpec = new PBEKeySpec(password);
-        SecretKey key = keyFact.generateSecret(pbeSpec);
-
-        Mac mac = Mac.getInstance(oid.getId(), provider);
-        mac.init(key, defParams);
-        mac.update(data);
-
-        return mac.doFinal();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/X509KeyUsage.java b/bcprov/src/main/java/org/bouncycastle/jce/X509KeyUsage.java
deleted file mode 100644
index 163566a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/X509KeyUsage.java
+++ /dev/null

@@ -1,57 +0,0 @@
-package org.bouncycastle.jce;
-
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.x509.KeyUsage;
-
-/**
- * A holding class for constructing an X509 Key Usage extension.
- *
- * <pre>
- *    id-ce-keyUsage OBJECT IDENTIFIER ::=  { id-ce 15 }
- *
- *    KeyUsage ::= BIT STRING {
- *         digitalSignature        (0),
- *         nonRepudiation          (1),
- *         keyEncipherment         (2),
- *         dataEncipherment        (3),
- *         keyAgreement            (4),
- *         keyCertSign             (5),
- *         cRLSign                 (6),
- *         encipherOnly            (7),
- *         decipherOnly            (8) }
- * </pre>
- */
-public class X509KeyUsage
-    extends ASN1Object
-{
-    public static final int        digitalSignature = 1 << 7; 
-    public static final int        nonRepudiation   = 1 << 6;
-    public static final int        keyEncipherment  = 1 << 5;
-    public static final int        dataEncipherment = 1 << 4;
-    public static final int        keyAgreement     = 1 << 3;
-    public static final int        keyCertSign      = 1 << 2;
-    public static final int        cRLSign          = 1 << 1;
-    public static final int        encipherOnly     = 1 << 0;
-    public static final int        decipherOnly     = 1 << 15;
-
-    private int usage = 0;
-
-    /**
-     * Basic constructor.
-     * 
-     * @param usage - the bitwise OR of the Key Usage flags giving the
-     * allowed uses for the key.
-     * e.g. (X509KeyUsage.keyEncipherment | X509KeyUsage.dataEncipherment)
-     */
-    public X509KeyUsage(
-        int usage)
-    {
-        this.usage = usage;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return new KeyUsage(usage).toASN1Primitive();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/X509LDAPCertStoreParameters.java b/bcprov/src/main/java/org/bouncycastle/jce/X509LDAPCertStoreParameters.java
deleted file mode 100644
index 80532fa..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/X509LDAPCertStoreParameters.java
+++ /dev/null

@@ -1,1258 +0,0 @@
-package org.bouncycastle.jce;
-
-import org.bouncycastle.x509.X509StoreParameters;
-
-import java.security.cert.CertStoreParameters;
-import java.security.cert.LDAPCertStoreParameters;
-
-/**
- * An expanded set of parameters for an LDAPCertStore
- */
-public class X509LDAPCertStoreParameters
-    implements X509StoreParameters, CertStoreParameters
-{
-
-    private String ldapURL;
-
-    private String baseDN;
-
-    // LDAP attributes, where data is stored
-
-    private String userCertificateAttribute;
-
-    private String cACertificateAttribute;
-
-    private String crossCertificateAttribute;
-
-    private String certificateRevocationListAttribute;
-
-    private String deltaRevocationListAttribute;
-
-    private String authorityRevocationListAttribute;
-
-    private String attributeCertificateAttributeAttribute;
-
-    private String aACertificateAttribute;
-
-    private String attributeDescriptorCertificateAttribute;
-
-    private String attributeCertificateRevocationListAttribute;
-
-    private String attributeAuthorityRevocationListAttribute;
-
-    // LDAP attributes with which data can be found
-
-    private String ldapUserCertificateAttributeName;
-
-    private String ldapCACertificateAttributeName;
-
-    private String ldapCrossCertificateAttributeName;
-
-    private String ldapCertificateRevocationListAttributeName;
-
-    private String ldapDeltaRevocationListAttributeName;
-
-    private String ldapAuthorityRevocationListAttributeName;
-
-    private String ldapAttributeCertificateAttributeAttributeName;
-
-    private String ldapAACertificateAttributeName;
-
-    private String ldapAttributeDescriptorCertificateAttributeName;
-
-    private String ldapAttributeCertificateRevocationListAttributeName;
-
-    private String ldapAttributeAuthorityRevocationListAttributeName;
-
-    // certificates and CRLs subject or issuer DN attributes, which must be
-    // matched against ldap attribute names
-
-    private String userCertificateSubjectAttributeName;
-
-    private String cACertificateSubjectAttributeName;
-
-    private String crossCertificateSubjectAttributeName;
-
-    private String certificateRevocationListIssuerAttributeName;
-
-    private String deltaRevocationListIssuerAttributeName;
-
-    private String authorityRevocationListIssuerAttributeName;
-
-    private String attributeCertificateAttributeSubjectAttributeName;
-
-    private String aACertificateSubjectAttributeName;
-
-    private String attributeDescriptorCertificateSubjectAttributeName;
-
-    private String attributeCertificateRevocationListIssuerAttributeName;
-
-    private String attributeAuthorityRevocationListIssuerAttributeName;
-
-    private String searchForSerialNumberIn;
-
-    public static class Builder
-    {
-        private String ldapURL;
-
-        private String baseDN;
-
-        // LDAP attributes, where data is stored
-
-        private String userCertificateAttribute;
-
-        private String cACertificateAttribute;
-
-        private String crossCertificateAttribute;
-
-        private String certificateRevocationListAttribute;
-
-        private String deltaRevocationListAttribute;
-
-        private String authorityRevocationListAttribute;
-
-        private String attributeCertificateAttributeAttribute;
-
-        private String aACertificateAttribute;
-
-        private String attributeDescriptorCertificateAttribute;
-
-        private String attributeCertificateRevocationListAttribute;
-
-        private String attributeAuthorityRevocationListAttribute;
-
-        // LDAP attributes with which data can be found
-
-        private String ldapUserCertificateAttributeName;
-
-        private String ldapCACertificateAttributeName;
-
-        private String ldapCrossCertificateAttributeName;
-
-        private String ldapCertificateRevocationListAttributeName;
-
-        private String ldapDeltaRevocationListAttributeName;
-
-        private String ldapAuthorityRevocationListAttributeName;
-
-        private String ldapAttributeCertificateAttributeAttributeName;
-
-        private String ldapAACertificateAttributeName;
-
-        private String ldapAttributeDescriptorCertificateAttributeName;
-
-        private String ldapAttributeCertificateRevocationListAttributeName;
-
-        private String ldapAttributeAuthorityRevocationListAttributeName;
-
-        // certificates and CRLs subject or issuer DN attributes, which must be
-        // matched against ldap attribute names
-
-        private String userCertificateSubjectAttributeName;
-
-        private String cACertificateSubjectAttributeName;
-
-        private String crossCertificateSubjectAttributeName;
-
-        private String certificateRevocationListIssuerAttributeName;
-
-        private String deltaRevocationListIssuerAttributeName;
-
-        private String authorityRevocationListIssuerAttributeName;
-
-        private String attributeCertificateAttributeSubjectAttributeName;
-
-        private String aACertificateSubjectAttributeName;
-
-        private String attributeDescriptorCertificateSubjectAttributeName;
-
-        private String attributeCertificateRevocationListIssuerAttributeName;
-
-        private String attributeAuthorityRevocationListIssuerAttributeName;
-
-        private String searchForSerialNumberIn;
-
-        public Builder()
-        {
-            this("ldap://localhost:389", "");
-        }
-
-        public Builder(String ldapURL, String baseDN)
-        {
-            this.ldapURL = ldapURL;
-            if (baseDN == null)
-            {
-                this.baseDN = "";
-            }
-            else
-            {
-                this.baseDN = baseDN;
-            }
-
-            this.userCertificateAttribute = "userCertificate";
-            this.cACertificateAttribute = "cACertificate";
-            this.crossCertificateAttribute = "crossCertificatePair";
-            this.certificateRevocationListAttribute = "certificateRevocationList";
-            this.deltaRevocationListAttribute = "deltaRevocationList";
-            this.authorityRevocationListAttribute = "authorityRevocationList";
-            this.attributeCertificateAttributeAttribute = "attributeCertificateAttribute";
-            this.aACertificateAttribute = "aACertificate";
-            this.attributeDescriptorCertificateAttribute = "attributeDescriptorCertificate";
-            this.attributeCertificateRevocationListAttribute = "attributeCertificateRevocationList";
-            this.attributeAuthorityRevocationListAttribute = "attributeAuthorityRevocationList";
-            this.ldapUserCertificateAttributeName = "cn";
-            this.ldapCACertificateAttributeName = "cn ou o";
-            this.ldapCrossCertificateAttributeName = "cn ou o";
-            this.ldapCertificateRevocationListAttributeName = "cn ou o";
-            this.ldapDeltaRevocationListAttributeName = "cn ou o";
-            this.ldapAuthorityRevocationListAttributeName = "cn ou o";
-            this.ldapAttributeCertificateAttributeAttributeName = "cn";
-            this.ldapAACertificateAttributeName = "cn o ou";
-            this.ldapAttributeDescriptorCertificateAttributeName = "cn o ou";
-            this.ldapAttributeCertificateRevocationListAttributeName = "cn o ou";
-            this.ldapAttributeAuthorityRevocationListAttributeName = "cn o ou";
-            this.userCertificateSubjectAttributeName = "cn";
-            this.cACertificateSubjectAttributeName = "o ou";
-            this.crossCertificateSubjectAttributeName = "o ou";
-            this.certificateRevocationListIssuerAttributeName = "o ou";
-            this.deltaRevocationListIssuerAttributeName = "o ou";
-            this.authorityRevocationListIssuerAttributeName = "o ou";
-            this.attributeCertificateAttributeSubjectAttributeName = "cn";
-            this.aACertificateSubjectAttributeName = "o ou";
-            this.attributeDescriptorCertificateSubjectAttributeName = "o ou";
-            this.attributeCertificateRevocationListIssuerAttributeName = "o ou";
-            this.attributeAuthorityRevocationListIssuerAttributeName = "o ou";
-            this.searchForSerialNumberIn = "uid serialNumber cn";
-        }
-
-        /**
-         * @param userCertificateAttribute       Attribute name(s) in the LDAP directory where end certificates
-         *                                       are stored. Separated by space. Defaults to "userCertificate"
-         *                                       if <code>null</code>.
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setUserCertificateAttribute(String userCertificateAttribute)
-        {
-            this.userCertificateAttribute = userCertificateAttribute;
-
-            return this;
-        }
-
-        /**
-         * @param cACertificateAttribute         Attribute name(s) in the LDAP directory where CA certificates
-         *                                       are stored. Separated by space. Defaults to "cACertificate" if
-         *                                       <code>null</code>.
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setCACertificateAttribute(String cACertificateAttribute)
-        {
-            this.cACertificateAttribute = cACertificateAttribute;
-
-            return this;
-        }
-
-        /**
-         * @param crossCertificateAttribute      Attribute name(s), where the cross certificates are stored.
-         *                                       Separated by space. Defaults to "crossCertificatePair" if
-         *                                       <code>null</code>
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setCrossCertificateAttribute(String crossCertificateAttribute)
-        {
-            this.crossCertificateAttribute = crossCertificateAttribute;
-
-            return this;
-        }
-
-        /**
-         * @param certificateRevocationListAttribute
-         *                                       Attribute name(s) in the LDAP directory where CRLs are stored.
-         *                                       Separated by space. Defaults to "certificateRevocationList" if
-         *                                       <code>null</code>.
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setCertificateRevocationListAttribute(String certificateRevocationListAttribute)
-        {
-            this.certificateRevocationListAttribute = certificateRevocationListAttribute;
-
-            return this;
-        }
-
-        /**
-         * @param deltaRevocationListAttribute   Attribute name(s) in the LDAP directory where delta RLs are
-         *                                       stored. Separated by space. Defaults to "deltaRevocationList"
-         *                                       if <code>null</code>.
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setDeltaRevocationListAttribute(String deltaRevocationListAttribute)
-        {
-            this.deltaRevocationListAttribute = deltaRevocationListAttribute;
-
-            return this;
-        }
-
-        /**
-         * @param authorityRevocationListAttribute
-         *                                       Attribute name(s) in the LDAP directory where CRLs for
-         *                                       authorities are stored. Separated by space. Defaults to
-         *                                       "authorityRevocationList" if <code>null</code>.
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setAuthorityRevocationListAttribute(String authorityRevocationListAttribute)
-        {
-            this.authorityRevocationListAttribute = authorityRevocationListAttribute;
-
-            return this;
-        }
-
-        /**
-         * @param attributeCertificateAttributeAttribute
-         *                                       Attribute name(s) in the LDAP directory where end attribute
-         *                                       certificates are stored. Separated by space. Defaults to
-         *                                       "attributeCertificateAttribute" if <code>null</code>.
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setAttributeCertificateAttributeAttribute(String attributeCertificateAttributeAttribute)
-        {
-            this.attributeCertificateAttributeAttribute = attributeCertificateAttributeAttribute;
-
-            return this;
-        }
-
-        /**
-         * @param aACertificateAttribute         Attribute name(s) in the LDAP directory where attribute
-         *                                       certificates for attribute authorities are stored. Separated
-         *                                       by space. Defaults to "aACertificate" if <code>null</code>.
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setAACertificateAttribute(String aACertificateAttribute)
-        {
-            this.aACertificateAttribute = aACertificateAttribute;
-
-            return this;
-        }
-
-        /**
-         * @param attributeDescriptorCertificateAttribute
-         *                                       Attribute name(s) in the LDAP directory where self signed
-         *                                       attribute certificates for attribute authorities are stored.
-         *                                       Separated by space. Defaults to
-         *                                       "attributeDescriptorCertificate" if <code>null</code>.
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setAttributeDescriptorCertificateAttribute(String attributeDescriptorCertificateAttribute)
-        {
-            this.attributeDescriptorCertificateAttribute = attributeDescriptorCertificateAttribute;
-
-            return this;
-        }
-
-        /**
-         * @param attributeCertificateRevocationListAttribute
-         *                                       Attribute name(s) in the LDAP directory where CRLs for
-         *                                       attribute certificates are stored. Separated by space.
-         *                                       Defaults to "attributeCertificateRevocationList" if
-         *                                       <code>null</code>.
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setAttributeCertificateRevocationListAttribute(String attributeCertificateRevocationListAttribute)
-        {
-            this.attributeCertificateRevocationListAttribute = attributeCertificateRevocationListAttribute;
-
-            return this;
-        }
-
-        /**
-         * @param attributeAuthorityRevocationListAttribute
-         *                                       Attribute name(s) in the LDAP directory where RLs for
-         *                                       attribute authority attribute certificates are stored.
-         *                                       Separated by space. Defaults to
-         *                                       "attributeAuthorityRevocationList" if <code>null</code>.
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setAttributeAuthorityRevocationListAttribute(String attributeAuthorityRevocationListAttribute)
-        {
-            this.attributeAuthorityRevocationListAttribute = attributeAuthorityRevocationListAttribute;
-
-            return this;
-        }
-
-        /**
-         * @param ldapUserCertificateAttributeName
-         *                                       The attribute name(s) in the LDAP directory where to search
-         *                                       for the attribute value of the specified
-         *                                       <code>userCertificateSubjectAttributeName</code>. E.g. if
-         *                                       "cn" is used to put information about the subject for end
-         *                                       certificates, then specify "cn".
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setLdapUserCertificateAttributeName(String ldapUserCertificateAttributeName)
-        {
-            this.ldapUserCertificateAttributeName = ldapUserCertificateAttributeName;
-
-            return this;
-        }
-
-        /**
-         * @param ldapCACertificateAttributeName The attribute name(s) in the LDAP directory where to search
-         *                                       for the attribute value of the specified
-         *                                       <code>cACertificateSubjectAttributeName</code>. E.g. if
-         *                                       "ou" is used to put information about the subject for CA
-         *                                       certificates, then specify "ou".
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setLdapCACertificateAttributeName(String ldapCACertificateAttributeName)
-        {
-            this.ldapCACertificateAttributeName = ldapCACertificateAttributeName;
-
-            return this;
-        }
-
-        /**
-         * @param ldapCrossCertificateAttributeName
-         *                                       The attribute name(s) in the LDAP directory where to search for
-         *                                       the attribute value of the specified
-         *                                       <code>crossCertificateSubjectAttributeName</code>. E.g. if
-         *                                       "o" is used to put information about the subject for cross
-         *                                       certificates, then specify "o".
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setLdapCrossCertificateAttributeName(String ldapCrossCertificateAttributeName)
-        {
-            this.ldapCrossCertificateAttributeName = ldapCrossCertificateAttributeName;
-
-            return this;
-        }
-
-        /**
-         * @param ldapCertificateRevocationListAttributeName
-         *                                       The attribute name(s) in the LDAP directory where to search for
-         *                                       the attribute value of the specified
-         *                                       <code>certificateRevocationListIssuerAttributeName</code>.
-         *                                       E.g. if "ou" is used to put information about the issuer of
-         *                                       CRLs, specify "ou".
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setLdapCertificateRevocationListAttributeName(String ldapCertificateRevocationListAttributeName)
-        {
-            this.ldapCertificateRevocationListAttributeName = ldapCertificateRevocationListAttributeName;
-
-            return this;
-        }
-
-        /**
-         * @param ldapDeltaRevocationListAttributeName
-         *                                       The attribute name(s) in the LDAP directory where to search for
-         *                                       the attribute value of the specified
-         *                                       <code>deltaRevocationListIssuerAttributeName</code>. E.g.
-         *                                       if "ou" is used to put information about the issuer of CRLs,
-         *                                       specify "ou".
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setLdapDeltaRevocationListAttributeName(String ldapDeltaRevocationListAttributeName)
-        {
-            this.ldapDeltaRevocationListAttributeName = ldapDeltaRevocationListAttributeName;
-
-            return this;
-        }
-
-        /**
-         * @param ldapAuthorityRevocationListAttributeName
-         *                                       The attribute name(s) in the LDAP directory where to search for
-         *                                       the attribute value of the specified
-         *                                       <code>authorityRevocationListIssuerAttributeName</code>.
-         *                                       E.g. if "ou" is used to put information about the issuer of
-         *                                       CRLs, specify "ou".
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setLdapAuthorityRevocationListAttributeName(String ldapAuthorityRevocationListAttributeName)
-        {
-            this.ldapAuthorityRevocationListAttributeName = ldapAuthorityRevocationListAttributeName;
-
-            return this;
-        }
-
-        /**
-         * @param ldapAttributeCertificateAttributeAttributeName
-         *                                       The attribute name(s) in the LDAP directory where to search for
-         *                                       the attribute value of the specified
-         *                                       <code>attributeCertificateAttributeSubjectAttributeName</code>.
-         *                                       E.g. if "cn" is used to put information about the subject of
-         *                                       end attribute certificates, specify "cn".
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setLdapAttributeCertificateAttributeAttributeName(String ldapAttributeCertificateAttributeAttributeName)
-        {
-            this.ldapAttributeCertificateAttributeAttributeName = ldapAttributeCertificateAttributeAttributeName;
-
-            return this;
-        }
-
-        /**
-         * @param ldapAACertificateAttributeName The attribute name(s) in the LDAP directory where to search for
-         *                                       the attribute value of the specified
-         *                                       <code>aACertificateSubjectAttributeName</code>. E.g. if
-         *                                       "ou" is used to put information about the subject of attribute
-         *                                       authority attribute certificates, specify "ou".
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setLdapAACertificateAttributeName(String ldapAACertificateAttributeName)
-        {
-            this.ldapAACertificateAttributeName = ldapAACertificateAttributeName;
-
-            return this;
-        }
-
-        /**
-         * @param ldapAttributeDescriptorCertificateAttributeName
-         *                                       The attribute name(s) in the LDAP directory where to search for
-         *                                       the attribute value of the specified
-         *                                       <code>attributeDescriptorCertificateSubjectAttributeName</code>.
-         *                                       E.g. if "o" is used to put information about the subject of
-         *                                       self signed attribute authority attribute certificates,
-         *                                       specify "o".
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setLdapAttributeDescriptorCertificateAttributeName(String ldapAttributeDescriptorCertificateAttributeName)
-        {
-            this.ldapAttributeDescriptorCertificateAttributeName = ldapAttributeDescriptorCertificateAttributeName;
-
-            return this;
-        }
-
-        /**
-         * @param ldapAttributeCertificateRevocationListAttributeName
-         *                                       The attribute name(s) in the LDAP directory where to search for
-         *                                       the attribute value of the specified
-         *                                       <code>attributeCertificateRevocationListIssuerAttributeName</code>.
-         *                                       E.g. if "ou" is used to put information about the issuer of
-         *                                       CRLs, specify "ou".
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setLdapAttributeCertificateRevocationListAttributeName(String ldapAttributeCertificateRevocationListAttributeName)
-        {
-            this.ldapAttributeCertificateRevocationListAttributeName = ldapAttributeCertificateRevocationListAttributeName;
-
-            return this;
-        }
-
-        /**
-         * @param ldapAttributeAuthorityRevocationListAttributeName
-         *                                       The attribute name(s) in the LDAP directory where to search for
-         *                                       the attribute value of the specified
-         *                                       <code>attributeAuthorityRevocationListIssuerAttributeName</code>.
-         *                                       E.g. if "ou" is used to put information about the issuer of
-         *                                       CRLs, specify "ou".
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setLdapAttributeAuthorityRevocationListAttributeName(String ldapAttributeAuthorityRevocationListAttributeName)
-        {
-            this.ldapAttributeAuthorityRevocationListAttributeName = ldapAttributeAuthorityRevocationListAttributeName;
-
-            return this;
-        }
-
-        /**
-         * @param userCertificateSubjectAttributeName
-         *                                       Attribute(s) in the subject of the certificate which is used
-         *                                       to be searched in the
-         *                                       <code>ldapUserCertificateAttributeName</code>. E.g. the
-         *                                       "cn" attribute of the DN could be used.
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setUserCertificateSubjectAttributeName(String userCertificateSubjectAttributeName)
-        {
-            this.userCertificateSubjectAttributeName = userCertificateSubjectAttributeName;
-
-            return this;
-        }
-
-        /**
-         * @param cACertificateSubjectAttributeName
-         *                                       Attribute(s) in the subject of the certificate which is used
-         *                                       to be searched in the
-         *                                       <code>ldapCACertificateAttributeName</code>. E.g. the "ou"
-         *                                       attribute of the DN could be used.
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setCACertificateSubjectAttributeName(String cACertificateSubjectAttributeName)
-        {
-            this.cACertificateSubjectAttributeName = cACertificateSubjectAttributeName;
-
-            return this;
-        }
-
-        /**
-         * @param crossCertificateSubjectAttributeName
-         *                                       Attribute(s) in the subject of the cross certificate which is
-         *                                       used to be searched in the
-         *                                       <code>ldapCrossCertificateAttributeName</code>. E.g. the
-         *                                       "o" attribute of the DN may be appropriate.
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setCrossCertificateSubjectAttributeName(String crossCertificateSubjectAttributeName)
-        {
-            this.crossCertificateSubjectAttributeName = crossCertificateSubjectAttributeName;
-
-            return this;
-        }
-
-        /**
-         * @param certificateRevocationListIssuerAttributeName
-         *                                       Attribute(s) in the issuer of the CRL which is used to be
-         *                                       searched in the
-         *                                       <code>ldapCertificateRevocationListAttributeName</code>.
-         *                                       E.g. the "o" or "ou" attribute may be used.
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setCertificateRevocationListIssuerAttributeName(String certificateRevocationListIssuerAttributeName)
-        {
-            this.certificateRevocationListIssuerAttributeName = certificateRevocationListIssuerAttributeName;
-
-            return this;
-        }
-
-        /**
-         * @param deltaRevocationListIssuerAttributeName
-         *                                       Attribute(s) in the issuer of the CRL which is used to be
-         *                                       searched in the
-         *                                       <code>ldapDeltaRevocationListAttributeName</code>. E.g. the
-         *                                       "o" or "ou" attribute may be used.
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setDeltaRevocationListIssuerAttributeName(String deltaRevocationListIssuerAttributeName)
-        {
-            this.deltaRevocationListIssuerAttributeName = deltaRevocationListIssuerAttributeName;
-
-            return this;
-        }
-
-        /**
-         * @param authorityRevocationListIssuerAttributeName
-         *                                       Attribute(s) in the issuer of the CRL which is used to be
-         *                                       searched in the
-         *                                       <code>ldapAuthorityRevocationListAttributeName</code>. E.g.
-         *                                       the "o" or "ou" attribute may be used.
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setAuthorityRevocationListIssuerAttributeName(String authorityRevocationListIssuerAttributeName)
-        {
-            this.authorityRevocationListIssuerAttributeName = authorityRevocationListIssuerAttributeName;
-
-            return this;
-        }
-
-        /**
-         * @param attributeCertificateAttributeSubjectAttributeName
-         *                                       Attribute(s) in the subject of the attribute certificate which
-         *                                       is used to be searched in the
-         *                                       <code>ldapAttributeCertificateAttributeAttributeName</code>.
-         *                                       E.g. the "cn" attribute of the DN could be used.
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setAttributeCertificateAttributeSubjectAttributeName(String attributeCertificateAttributeSubjectAttributeName)
-        {
-            this.attributeCertificateAttributeSubjectAttributeName = attributeCertificateAttributeSubjectAttributeName;
-
-            return this;
-        }
-
-        /**
-         * @param aACertificateSubjectAttributeName
-         *                                       Attribute(s) in the subject of the attribute certificate which
-         *                                       is used to be searched in the
-         *                                       <code>ldapAACertificateAttributeName</code>. E.g. the "ou"
-         *                                       attribute of the DN could be used.
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setAACertificateSubjectAttributeName(String aACertificateSubjectAttributeName)
-        {
-            this.aACertificateSubjectAttributeName = aACertificateSubjectAttributeName;
-
-            return this;
-        }
-
-        /**
-         * @param attributeDescriptorCertificateSubjectAttributeName
-         *                                       Attribute(s) in the subject of the attribute certificate which
-         *                                       is used to be searched in the
-         *                                       <code>ldapAttributeDescriptorCertificateAttributeName</code>.
-         *                                       E.g. the "o" attribute of the DN could be used.
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setAttributeDescriptorCertificateSubjectAttributeName(String attributeDescriptorCertificateSubjectAttributeName)
-        {
-            this.attributeDescriptorCertificateSubjectAttributeName = attributeDescriptorCertificateSubjectAttributeName;
-
-            return this;
-        }
-
-        /**
-         * @param attributeCertificateRevocationListIssuerAttributeName
-         *                                       Attribute(s) in the issuer of the CRL which is used to be
-         *                                       searched in the
-         *                                       <code>ldapAttributeCertificateRevocationListAttributeName</code>.
-         *                                       E.g. the "o" or "ou" attribute may be used
-         *                                       certificate is searched in this LDAP attribute.
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setAttributeCertificateRevocationListIssuerAttributeName(String attributeCertificateRevocationListIssuerAttributeName)
-        {
-            this.attributeCertificateRevocationListIssuerAttributeName = attributeCertificateRevocationListIssuerAttributeName;
-
-            return this;
-        }
-
-        /**
-         * @param attributeAuthorityRevocationListIssuerAttributeName
-         *                                       Anttribute(s) in the issuer of the CRL which is used to be
-         *                                       searched in the
-         *                                       <code>ldapAttributeAuthorityRevocationListAttributeName</code>.
-         *                                       E.g. the "o" or "ou" attribute may be used.
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setAttributeAuthorityRevocationListIssuerAttributeName(String attributeAuthorityRevocationListIssuerAttributeName)
-        {
-            this.attributeAuthorityRevocationListIssuerAttributeName = attributeAuthorityRevocationListIssuerAttributeName;
-
-            return this;
-        }
-
-        /**
-         *
-         * @param searchForSerialNumberIn        If not <code>null</code> the serial number of the
-         *                                       certificate is searched in this LDAP attribute.
-         * @throws IllegalArgumentException if a necessary parameter is <code>null</code>.
-         * @return the builder
-         */
-        public Builder setSearchForSerialNumberIn(String searchForSerialNumberIn)
-        {
-            this.searchForSerialNumberIn = searchForSerialNumberIn;
-
-            return this;
-        }
-
-        public X509LDAPCertStoreParameters build()
-        {
-             if (ldapUserCertificateAttributeName == null   // migrate to setters
-                || ldapCACertificateAttributeName == null
-                || ldapCrossCertificateAttributeName == null
-                || ldapCertificateRevocationListAttributeName == null
-                || ldapDeltaRevocationListAttributeName == null
-                || ldapAuthorityRevocationListAttributeName == null
-                || ldapAttributeCertificateAttributeAttributeName == null
-                || ldapAACertificateAttributeName == null
-                || ldapAttributeDescriptorCertificateAttributeName == null
-                || ldapAttributeCertificateRevocationListAttributeName == null
-                || ldapAttributeAuthorityRevocationListAttributeName == null
-                || userCertificateSubjectAttributeName == null
-                || cACertificateSubjectAttributeName == null
-                || crossCertificateSubjectAttributeName == null
-                || certificateRevocationListIssuerAttributeName == null
-                || deltaRevocationListIssuerAttributeName == null
-                || authorityRevocationListIssuerAttributeName == null
-                || attributeCertificateAttributeSubjectAttributeName == null
-                || aACertificateSubjectAttributeName == null
-                || attributeDescriptorCertificateSubjectAttributeName == null
-                || attributeCertificateRevocationListIssuerAttributeName == null
-                || attributeAuthorityRevocationListIssuerAttributeName == null)
-            {
-                throw new IllegalArgumentException(
-                    "Necessary parameters not specified.");
-            }
-            return new X509LDAPCertStoreParameters(this);
-        }
-    }
-
-
-    private X509LDAPCertStoreParameters(Builder builder)
-    {
-        this.ldapURL = builder.ldapURL;
-        this.baseDN = builder.baseDN;
-
-        this.userCertificateAttribute = builder.userCertificateAttribute;
-        this.cACertificateAttribute = builder.cACertificateAttribute;
-        this.crossCertificateAttribute = builder.crossCertificateAttribute;
-        this.certificateRevocationListAttribute = builder.certificateRevocationListAttribute;
-        this.deltaRevocationListAttribute = builder.deltaRevocationListAttribute;
-        this.authorityRevocationListAttribute = builder.authorityRevocationListAttribute;
-        this.attributeCertificateAttributeAttribute = builder.attributeCertificateAttributeAttribute;
-        this.aACertificateAttribute = builder.aACertificateAttribute;
-        this.attributeDescriptorCertificateAttribute = builder.attributeDescriptorCertificateAttribute;
-        this.attributeCertificateRevocationListAttribute = builder.attributeCertificateRevocationListAttribute;
-        this.attributeAuthorityRevocationListAttribute = builder.attributeAuthorityRevocationListAttribute;
-        this.ldapUserCertificateAttributeName = builder.ldapUserCertificateAttributeName;
-        this.ldapCACertificateAttributeName = builder.ldapCACertificateAttributeName;
-        this.ldapCrossCertificateAttributeName = builder.ldapCrossCertificateAttributeName;
-        this.ldapCertificateRevocationListAttributeName = builder.ldapCertificateRevocationListAttributeName;
-        this.ldapDeltaRevocationListAttributeName = builder.ldapDeltaRevocationListAttributeName;
-        this.ldapAuthorityRevocationListAttributeName = builder.ldapAuthorityRevocationListAttributeName;
-        this.ldapAttributeCertificateAttributeAttributeName = builder.ldapAttributeCertificateAttributeAttributeName;
-        this.ldapAACertificateAttributeName = builder.ldapAACertificateAttributeName;
-        this.ldapAttributeDescriptorCertificateAttributeName = builder.ldapAttributeDescriptorCertificateAttributeName;
-        this.ldapAttributeCertificateRevocationListAttributeName = builder.ldapAttributeCertificateRevocationListAttributeName;
-        this.ldapAttributeAuthorityRevocationListAttributeName = builder.ldapAttributeAuthorityRevocationListAttributeName;
-        this.userCertificateSubjectAttributeName = builder.userCertificateSubjectAttributeName;
-        this.cACertificateSubjectAttributeName = builder.cACertificateSubjectAttributeName;
-        this.crossCertificateSubjectAttributeName = builder.crossCertificateSubjectAttributeName;
-        this.certificateRevocationListIssuerAttributeName = builder.certificateRevocationListIssuerAttributeName;
-        this.deltaRevocationListIssuerAttributeName = builder.deltaRevocationListIssuerAttributeName;
-        this.authorityRevocationListIssuerAttributeName = builder.authorityRevocationListIssuerAttributeName;
-        this.attributeCertificateAttributeSubjectAttributeName = builder.attributeCertificateAttributeSubjectAttributeName;
-        this.aACertificateSubjectAttributeName = builder.aACertificateSubjectAttributeName;
-        this.attributeDescriptorCertificateSubjectAttributeName = builder.attributeDescriptorCertificateSubjectAttributeName;
-        this.attributeCertificateRevocationListIssuerAttributeName = builder.attributeCertificateRevocationListIssuerAttributeName;
-        this.attributeAuthorityRevocationListIssuerAttributeName = builder.attributeAuthorityRevocationListIssuerAttributeName;
-        this.searchForSerialNumberIn = builder.searchForSerialNumberIn;
-    }
-
-    /**
-     * Returns a clone of this object.
-     */
-    public Object clone()
-    {
-        return this;
-    }
-
-    public boolean equal(Object o)
-    {
-        if (o == this)
-        {
-            return true;
-        }
-
-        if (!(o instanceof X509LDAPCertStoreParameters))
-        {
-            return false;
-        }
-
-        X509LDAPCertStoreParameters params = (X509LDAPCertStoreParameters)o;
-        return checkField(ldapURL, params.ldapURL)
-            && checkField(baseDN, params.baseDN)
-            && checkField(userCertificateAttribute, params.userCertificateAttribute)
-            && checkField(cACertificateAttribute, params.cACertificateAttribute)
-            && checkField(crossCertificateAttribute, params.crossCertificateAttribute)
-            && checkField(certificateRevocationListAttribute, params.certificateRevocationListAttribute)
-            && checkField(deltaRevocationListAttribute, params.deltaRevocationListAttribute)
-            && checkField(authorityRevocationListAttribute, params.authorityRevocationListAttribute)
-            && checkField(attributeCertificateAttributeAttribute, params.attributeCertificateAttributeAttribute)
-            && checkField(aACertificateAttribute, params.aACertificateAttribute)
-            && checkField(attributeDescriptorCertificateAttribute, params.attributeDescriptorCertificateAttribute)
-            && checkField(attributeCertificateRevocationListAttribute, params.attributeCertificateRevocationListAttribute)
-            && checkField(attributeAuthorityRevocationListAttribute, params.attributeAuthorityRevocationListAttribute)
-            && checkField(ldapUserCertificateAttributeName, params.ldapUserCertificateAttributeName)
-            && checkField(ldapCACertificateAttributeName, params.ldapCACertificateAttributeName)
-            && checkField(ldapCrossCertificateAttributeName, params.ldapCrossCertificateAttributeName)
-            && checkField(ldapCertificateRevocationListAttributeName, params.ldapCertificateRevocationListAttributeName)
-            && checkField(ldapDeltaRevocationListAttributeName, params.ldapDeltaRevocationListAttributeName)
-            && checkField(ldapAuthorityRevocationListAttributeName, params.ldapAuthorityRevocationListAttributeName)
-            && checkField(ldapAttributeCertificateAttributeAttributeName, params.ldapAttributeCertificateAttributeAttributeName)
-            && checkField(ldapAACertificateAttributeName, params.ldapAACertificateAttributeName)
-            && checkField(ldapAttributeDescriptorCertificateAttributeName, params.ldapAttributeDescriptorCertificateAttributeName)
-            && checkField(ldapAttributeCertificateRevocationListAttributeName, params.ldapAttributeCertificateRevocationListAttributeName)
-            && checkField(ldapAttributeAuthorityRevocationListAttributeName, params.ldapAttributeAuthorityRevocationListAttributeName)
-            && checkField(userCertificateSubjectAttributeName, params.userCertificateSubjectAttributeName)
-            && checkField(cACertificateSubjectAttributeName, params.cACertificateSubjectAttributeName)
-            && checkField(crossCertificateSubjectAttributeName, params.crossCertificateSubjectAttributeName)
-            && checkField(certificateRevocationListIssuerAttributeName, params.certificateRevocationListIssuerAttributeName)
-            && checkField(deltaRevocationListIssuerAttributeName, params.deltaRevocationListIssuerAttributeName)
-            && checkField(authorityRevocationListIssuerAttributeName, params.authorityRevocationListIssuerAttributeName)
-            && checkField(attributeCertificateAttributeSubjectAttributeName, params.attributeCertificateAttributeSubjectAttributeName)
-            && checkField(aACertificateSubjectAttributeName, params.aACertificateSubjectAttributeName)
-            && checkField(attributeDescriptorCertificateSubjectAttributeName, params.attributeDescriptorCertificateSubjectAttributeName)
-            && checkField(attributeCertificateRevocationListIssuerAttributeName, params.attributeCertificateRevocationListIssuerAttributeName)
-            && checkField(attributeAuthorityRevocationListIssuerAttributeName, params.attributeAuthorityRevocationListIssuerAttributeName)
-            && checkField(searchForSerialNumberIn, params.searchForSerialNumberIn);
-    }
-
-    private boolean checkField(Object o1, Object o2)
-    {
-        if (o1 == o2)
-        {
-            return true;
-        }
-
-        if (o1 == null)
-        {
-            return false;
-        }
-
-        return o1.equals(o2);
-    }
-
-    public int hashCode()
-    {
-        int hash = 0;
-
-        hash = addHashCode(hash, userCertificateAttribute);
-        hash = addHashCode(hash, cACertificateAttribute);
-        hash = addHashCode(hash, crossCertificateAttribute);
-        hash = addHashCode(hash, certificateRevocationListAttribute);
-        hash = addHashCode(hash, deltaRevocationListAttribute);
-        hash = addHashCode(hash, authorityRevocationListAttribute);
-        hash = addHashCode(hash, attributeCertificateAttributeAttribute);
-        hash = addHashCode(hash, aACertificateAttribute);
-        hash = addHashCode(hash, attributeDescriptorCertificateAttribute);
-        hash = addHashCode(hash, attributeCertificateRevocationListAttribute);
-        hash = addHashCode(hash, attributeAuthorityRevocationListAttribute);
-        hash = addHashCode(hash, ldapUserCertificateAttributeName);
-        hash = addHashCode(hash, ldapCACertificateAttributeName);
-        hash = addHashCode(hash, ldapCrossCertificateAttributeName);
-        hash = addHashCode(hash, ldapCertificateRevocationListAttributeName);
-        hash = addHashCode(hash, ldapDeltaRevocationListAttributeName);
-        hash = addHashCode(hash, ldapAuthorityRevocationListAttributeName);
-        hash = addHashCode(hash, ldapAttributeCertificateAttributeAttributeName);
-        hash = addHashCode(hash, ldapAACertificateAttributeName);
-        hash = addHashCode(hash, ldapAttributeDescriptorCertificateAttributeName);
-        hash = addHashCode(hash, ldapAttributeCertificateRevocationListAttributeName);
-        hash = addHashCode(hash, ldapAttributeAuthorityRevocationListAttributeName);
-        hash = addHashCode(hash, userCertificateSubjectAttributeName);
-        hash = addHashCode(hash, cACertificateSubjectAttributeName);
-        hash = addHashCode(hash, crossCertificateSubjectAttributeName);
-        hash = addHashCode(hash, certificateRevocationListIssuerAttributeName);
-        hash = addHashCode(hash, deltaRevocationListIssuerAttributeName);
-        hash = addHashCode(hash, authorityRevocationListIssuerAttributeName);
-        hash = addHashCode(hash, attributeCertificateAttributeSubjectAttributeName);
-        hash = addHashCode(hash, aACertificateSubjectAttributeName);
-        hash = addHashCode(hash, attributeDescriptorCertificateSubjectAttributeName);
-        hash = addHashCode(hash, attributeCertificateRevocationListIssuerAttributeName);
-        hash = addHashCode(hash, attributeAuthorityRevocationListIssuerAttributeName);
-        hash = addHashCode(hash, searchForSerialNumberIn);
-        
-        return hash;
-    }
-
-    private int addHashCode(int hashCode, Object o)
-    {
-        return (hashCode * 29) + (o == null ? 0 : o.hashCode());
-    }
-
-    /**
-     * @return Returns the aACertificateAttribute.
-     */
-    public String getAACertificateAttribute()
-    {
-        return aACertificateAttribute;
-    }
-
-    /**
-     * @return Returns the aACertificateSubjectAttributeName.
-     */
-    public String getAACertificateSubjectAttributeName()
-    {
-        return aACertificateSubjectAttributeName;
-    }
-
-    /**
-     * @return Returns the attributeAuthorityRevocationListAttribute.
-     */
-    public String getAttributeAuthorityRevocationListAttribute()
-    {
-        return attributeAuthorityRevocationListAttribute;
-    }
-
-    /**
-     * @return Returns the attributeAuthorityRevocationListIssuerAttributeName.
-     */
-    public String getAttributeAuthorityRevocationListIssuerAttributeName()
-    {
-        return attributeAuthorityRevocationListIssuerAttributeName;
-    }
-
-    /**
-     * @return Returns the attributeCertificateAttributeAttribute.
-     */
-    public String getAttributeCertificateAttributeAttribute()
-    {
-        return attributeCertificateAttributeAttribute;
-    }
-
-    /**
-     * @return Returns the attributeCertificateAttributeSubjectAttributeName.
-     */
-    public String getAttributeCertificateAttributeSubjectAttributeName()
-    {
-        return attributeCertificateAttributeSubjectAttributeName;
-    }
-
-    /**
-     * @return Returns the attributeCertificateRevocationListAttribute.
-     */
-    public String getAttributeCertificateRevocationListAttribute()
-    {
-        return attributeCertificateRevocationListAttribute;
-    }
-
-    /**
-     * @return Returns the
-     *         attributeCertificateRevocationListIssuerAttributeName.
-     */
-    public String getAttributeCertificateRevocationListIssuerAttributeName()
-    {
-        return attributeCertificateRevocationListIssuerAttributeName;
-    }
-
-    /**
-     * @return Returns the attributeDescriptorCertificateAttribute.
-     */
-    public String getAttributeDescriptorCertificateAttribute()
-    {
-        return attributeDescriptorCertificateAttribute;
-    }
-
-    /**
-     * @return Returns the attributeDescriptorCertificateSubjectAttributeName.
-     */
-    public String getAttributeDescriptorCertificateSubjectAttributeName()
-    {
-        return attributeDescriptorCertificateSubjectAttributeName;
-    }
-
-    /**
-     * @return Returns the authorityRevocationListAttribute.
-     */
-    public String getAuthorityRevocationListAttribute()
-    {
-        return authorityRevocationListAttribute;
-    }
-
-    /**
-     * @return Returns the authorityRevocationListIssuerAttributeName.
-     */
-    public String getAuthorityRevocationListIssuerAttributeName()
-    {
-        return authorityRevocationListIssuerAttributeName;
-    }
-
-    /**
-     * @return Returns the baseDN.
-     */
-    public String getBaseDN()
-    {
-        return baseDN;
-    }
-
-    /**
-     * @return Returns the cACertificateAttribute.
-     */
-    public String getCACertificateAttribute()
-    {
-        return cACertificateAttribute;
-    }
-
-    /**
-     * @return Returns the cACertificateSubjectAttributeName.
-     */
-    public String getCACertificateSubjectAttributeName()
-    {
-        return cACertificateSubjectAttributeName;
-    }
-
-    /**
-     * @return Returns the certificateRevocationListAttribute.
-     */
-    public String getCertificateRevocationListAttribute()
-    {
-        return certificateRevocationListAttribute;
-    }
-
-    /**
-     * @return Returns the certificateRevocationListIssuerAttributeName.
-     */
-    public String getCertificateRevocationListIssuerAttributeName()
-    {
-        return certificateRevocationListIssuerAttributeName;
-    }
-
-    /**
-     * @return Returns the crossCertificateAttribute.
-     */
-    public String getCrossCertificateAttribute()
-    {
-        return crossCertificateAttribute;
-    }
-
-    /**
-     * @return Returns the crossCertificateSubjectAttributeName.
-     */
-    public String getCrossCertificateSubjectAttributeName()
-    {
-        return crossCertificateSubjectAttributeName;
-    }
-
-    /**
-     * @return Returns the deltaRevocationListAttribute.
-     */
-    public String getDeltaRevocationListAttribute()
-    {
-        return deltaRevocationListAttribute;
-    }
-
-    /**
-     * @return Returns the deltaRevocationListIssuerAttributeName.
-     */
-    public String getDeltaRevocationListIssuerAttributeName()
-    {
-        return deltaRevocationListIssuerAttributeName;
-    }
-
-    /**
-     * @return Returns the ldapAACertificateAttributeName.
-     */
-    public String getLdapAACertificateAttributeName()
-    {
-        return ldapAACertificateAttributeName;
-    }
-
-    /**
-     * @return Returns the ldapAttributeAuthorityRevocationListAttributeName.
-     */
-    public String getLdapAttributeAuthorityRevocationListAttributeName()
-    {
-        return ldapAttributeAuthorityRevocationListAttributeName;
-    }
-
-    /**
-     * @return Returns the ldapAttributeCertificateAttributeAttributeName.
-     */
-    public String getLdapAttributeCertificateAttributeAttributeName()
-    {
-        return ldapAttributeCertificateAttributeAttributeName;
-    }
-
-    /**
-     * @return Returns the ldapAttributeCertificateRevocationListAttributeName.
-     */
-    public String getLdapAttributeCertificateRevocationListAttributeName()
-    {
-        return ldapAttributeCertificateRevocationListAttributeName;
-    }
-
-    /**
-     * @return Returns the ldapAttributeDescriptorCertificateAttributeName.
-     */
-    public String getLdapAttributeDescriptorCertificateAttributeName()
-    {
-        return ldapAttributeDescriptorCertificateAttributeName;
-    }
-
-    /**
-     * @return Returns the ldapAuthorityRevocationListAttributeName.
-     */
-    public String getLdapAuthorityRevocationListAttributeName()
-    {
-        return ldapAuthorityRevocationListAttributeName;
-    }
-
-    /**
-     * @return Returns the ldapCACertificateAttributeName.
-     */
-    public String getLdapCACertificateAttributeName()
-    {
-        return ldapCACertificateAttributeName;
-    }
-
-    /**
-     * @return Returns the ldapCertificateRevocationListAttributeName.
-     */
-    public String getLdapCertificateRevocationListAttributeName()
-    {
-        return ldapCertificateRevocationListAttributeName;
-    }
-
-    /**
-     * @return Returns the ldapCrossCertificateAttributeName.
-     */
-    public String getLdapCrossCertificateAttributeName()
-    {
-        return ldapCrossCertificateAttributeName;
-    }
-
-    /**
-     * @return Returns the ldapDeltaRevocationListAttributeName.
-     */
-    public String getLdapDeltaRevocationListAttributeName()
-    {
-        return ldapDeltaRevocationListAttributeName;
-    }
-
-    /**
-     * @return Returns the ldapURL.
-     */
-    public String getLdapURL()
-    {
-        return ldapURL;
-    }
-
-    /**
-     * @return Returns the ldapUserCertificateAttributeName.
-     */
-    public String getLdapUserCertificateAttributeName()
-    {
-        return ldapUserCertificateAttributeName;
-    }
-
-    /**
-     * @return Returns the searchForSerialNumberIn.
-     */
-    public String getSearchForSerialNumberIn()
-    {
-        return searchForSerialNumberIn;
-    }
-
-    /**
-     * @return Returns the userCertificateAttribute.
-     */
-    public String getUserCertificateAttribute()
-    {
-        return userCertificateAttribute;
-    }
-
-    /**
-     * @return Returns the userCertificateSubjectAttributeName.
-     */
-    public String getUserCertificateSubjectAttributeName()
-    {
-        return userCertificateSubjectAttributeName;
-    }
-
-    public static X509LDAPCertStoreParameters getInstance(LDAPCertStoreParameters params)
-    {
-        String server = "ldap://" + params.getServerName() + ":" + params.getPort();
-        X509LDAPCertStoreParameters _params = new Builder(server, "").build();
-        return _params;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/examples/package.html b/bcprov/src/main/java/org/bouncycastle/jce/examples/package.html
deleted file mode 100644
index 96b3193..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/examples/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Example classes for use with the JCE.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/exception/ExtCertificateEncodingException.java b/bcprov/src/main/java/org/bouncycastle/jce/exception/ExtCertificateEncodingException.java
deleted file mode 100644
index e3c33d8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/exception/ExtCertificateEncodingException.java
+++ /dev/null

@@ -1,21 +0,0 @@
-package org.bouncycastle.jce.exception;
-
-import java.security.cert.CertificateEncodingException;
-
-public class ExtCertificateEncodingException
-    extends CertificateEncodingException
-    implements ExtException
-{
-    private Throwable cause;
-
-    public ExtCertificateEncodingException(String message, Throwable cause)
-    {
-        super(message);
-        this.cause = cause;
-    }
-
-    public Throwable getCause()
-    {
-        return cause;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/exception/ExtIOException.java b/bcprov/src/main/java/org/bouncycastle/jce/exception/ExtIOException.java
deleted file mode 100644
index 656e23a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/exception/ExtIOException.java
+++ /dev/null

@@ -1,21 +0,0 @@
-package org.bouncycastle.jce.exception;
-
-import java.io.IOException;
-
-public class ExtIOException
-    extends IOException
-    implements ExtException
-{
-    private Throwable cause;
-
-    public ExtIOException(String message, Throwable cause)
-    {
-        super(message);
-        this.cause = cause;
-    }
-
-    public Throwable getCause()
-    {
-        return cause;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/interfaces/ElGamalKey.java b/bcprov/src/main/java/org/bouncycastle/jce/interfaces/ElGamalKey.java
deleted file mode 100644
index fa3d437..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/interfaces/ElGamalKey.java
+++ /dev/null

@@ -1,11 +0,0 @@
-package org.bouncycastle.jce.interfaces;
-
-import javax.crypto.interfaces.DHKey;
-
-import org.bouncycastle.jce.spec.ElGamalParameterSpec;
-
-public interface ElGamalKey
-    extends DHKey
-{
-    public ElGamalParameterSpec getParameters();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/interfaces/ElGamalPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/jce/interfaces/ElGamalPrivateKey.java
deleted file mode 100644
index b37dc38..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/interfaces/ElGamalPrivateKey.java
+++ /dev/null

@@ -1,11 +0,0 @@
-package org.bouncycastle.jce.interfaces;
-
-import java.math.BigInteger;
-
-import javax.crypto.interfaces.DHPrivateKey;
-
-public interface ElGamalPrivateKey
-    extends ElGamalKey, DHPrivateKey
-{
-    public BigInteger getX();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/interfaces/ElGamalPublicKey.java b/bcprov/src/main/java/org/bouncycastle/jce/interfaces/ElGamalPublicKey.java
deleted file mode 100644
index 1f75987..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/interfaces/ElGamalPublicKey.java
+++ /dev/null

@@ -1,11 +0,0 @@
-package org.bouncycastle.jce.interfaces;
-
-import java.math.BigInteger;
-
-import javax.crypto.interfaces.DHPublicKey;
-
-public interface ElGamalPublicKey
-    extends ElGamalKey, DHPublicKey
-{
-    public BigInteger getY();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/interfaces/GOST3410Key.java b/bcprov/src/main/java/org/bouncycastle/jce/interfaces/GOST3410Key.java
deleted file mode 100644
index ad16ac3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/interfaces/GOST3410Key.java
+++ /dev/null

@@ -1,11 +0,0 @@
-package org.bouncycastle.jce.interfaces;
-
-/**
- * Main interface for a GOST 3410-94 key.
- */
-public interface GOST3410Key
-{
-
-    public GOST3410Params getParameters();
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/interfaces/GOST3410Params.java b/bcprov/src/main/java/org/bouncycastle/jce/interfaces/GOST3410Params.java
deleted file mode 100644
index 175913b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/interfaces/GOST3410Params.java
+++ /dev/null

@@ -1,15 +0,0 @@
-package org.bouncycastle.jce.interfaces;
-
-import org.bouncycastle.jce.spec.GOST3410PublicKeyParameterSetSpec;
-
-public interface GOST3410Params
-{
-
-    public String getPublicKeyParamSetOID();
-
-    public String getDigestParamSetOID();
-
-    public String getEncryptionParamSetOID();
-    
-    public GOST3410PublicKeyParameterSetSpec getPublicKeyParameters();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/interfaces/GOST3410PrivateKey.java b/bcprov/src/main/java/org/bouncycastle/jce/interfaces/GOST3410PrivateKey.java
deleted file mode 100644
index dcb25fe..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/interfaces/GOST3410PrivateKey.java
+++ /dev/null

@@ -1,9 +0,0 @@
-package org.bouncycastle.jce.interfaces;
-
-import java.math.BigInteger;
-
-public interface GOST3410PrivateKey extends GOST3410Key, java.security.PrivateKey
-{
-
-    public BigInteger getX();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/interfaces/GOST3410PublicKey.java b/bcprov/src/main/java/org/bouncycastle/jce/interfaces/GOST3410PublicKey.java
deleted file mode 100644
index 447cec2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/interfaces/GOST3410PublicKey.java
+++ /dev/null

@@ -1,10 +0,0 @@
-package org.bouncycastle.jce.interfaces;
-
-import java.security.PublicKey;
-import java.math.BigInteger;
-
-public interface GOST3410PublicKey extends GOST3410Key, PublicKey
-{
-
-    public BigInteger getY();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/interfaces/IESKey.java b/bcprov/src/main/java/org/bouncycastle/jce/interfaces/IESKey.java
deleted file mode 100644
index f1d7901..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/interfaces/IESKey.java
+++ /dev/null

@@ -1,22 +0,0 @@
-package org.bouncycastle.jce.interfaces;
-
-import java.security.Key;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-
-/**
- * key pair for use with an integrated encryptor
- */
-public interface IESKey
-    extends Key
-{
-    /**
-     * return the intended recipient's/sender's public key.
-     */
-    public PublicKey getPublic();
-
-    /**
-     * return the local private key.
-     */
-    public PrivateKey getPrivate();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/interfaces/MQVPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/jce/interfaces/MQVPrivateKey.java
deleted file mode 100644
index 74950b5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/interfaces/MQVPrivateKey.java
+++ /dev/null

@@ -1,28 +0,0 @@
-package org.bouncycastle.jce.interfaces;
-
-import java.security.PrivateKey;
-import java.security.PublicKey;
-
-/**
- * Static/ephemeral private key (pair) for use with ECMQV key agreement
- * (Optionally provides the ephemeral public key)
- * @deprecated use MQVParameterSpec for passing the ephemeral key.
- */
-public interface MQVPrivateKey
-    extends PrivateKey
-{
-    /**
-     * return the static private key.
-     */
-    PrivateKey getStaticPrivateKey();
-
-    /**
-     * return the ephemeral private key.
-     */
-    PrivateKey getEphemeralPrivateKey();
-
-    /**
-     * return the ephemeral public key (may be null).
-     */
-    PublicKey getEphemeralPublicKey();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/interfaces/MQVPublicKey.java b/bcprov/src/main/java/org/bouncycastle/jce/interfaces/MQVPublicKey.java
deleted file mode 100644
index 539b73e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/interfaces/MQVPublicKey.java
+++ /dev/null

@@ -1,21 +0,0 @@
-package org.bouncycastle.jce.interfaces;
-
-import java.security.PublicKey;
-
-/**
- * Static/ephemeral public key pair for use with ECMQV key agreement
- * @deprecated use MQVParameterSpec for passing the ephemeral key.
- */
-public interface MQVPublicKey
-    extends PublicKey
-{
-    /**
-     * return the static public key.
-     */
-    PublicKey getStaticKey();
-
-    /**
-     * return the ephemeral public key.
-     */
-    PublicKey getEphemeralKey();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/interfaces/package.html b/bcprov/src/main/java/org/bouncycastle/jce/interfaces/package.html
deleted file mode 100644
index bacde6c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/interfaces/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Interfaces for supporting Elliptic Curve Keys, El Gamal, and PKCS12 attributes.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/package.html b/bcprov/src/main/java/org/bouncycastle/jce/package.html
deleted file mode 100644
index 52ef3bf..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/package.html
+++ /dev/null

@@ -1,10 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Utility classes for use with the JCE.
-<p>
-The classes in this package support the generation of certificates and PKCS10 signing requests.
-<p>
-Note: the PKCS7 class is deprecated, for a fuller version of CMS see the cms package distributed
-with the BC mail API.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java
index 1d774b1..4458fc1 100644
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java
+++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/BouncyCastleProvider.java

@@ -18,15 +18,16 @@
 import org.bouncycastle.jcajce.provider.symmetric.util.ClassUtil;
 import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
 import org.bouncycastle.jcajce.provider.util.AsymmetricKeyInfoConverter;
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-import org.bouncycastle.pqc.jcajce.provider.mceliece.McElieceCCA2KeyFactorySpi;
-import org.bouncycastle.pqc.jcajce.provider.mceliece.McElieceKeyFactorySpi;
-import org.bouncycastle.pqc.jcajce.provider.newhope.NHKeyFactorySpi;
-import org.bouncycastle.pqc.jcajce.provider.qtesla.QTESLAKeyFactorySpi;
-import org.bouncycastle.pqc.jcajce.provider.rainbow.RainbowKeyFactorySpi;
-import org.bouncycastle.pqc.jcajce.provider.sphincs.Sphincs256KeyFactorySpi;
-import org.bouncycastle.pqc.jcajce.provider.xmss.XMSSKeyFactorySpi;
-import org.bouncycastle.pqc.jcajce.provider.xmss.XMSSMTKeyFactorySpi;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
+// import org.bouncycastle.pqc.jcajce.provider.mceliece.McElieceCCA2KeyFactorySpi;
+// import org.bouncycastle.pqc.jcajce.provider.mceliece.McElieceKeyFactorySpi;
+// import org.bouncycastle.pqc.jcajce.provider.newhope.NHKeyFactorySpi;
+// import org.bouncycastle.pqc.jcajce.provider.qtesla.QTESLAKeyFactorySpi;
+// import org.bouncycastle.pqc.jcajce.provider.rainbow.RainbowKeyFactorySpi;
+// import org.bouncycastle.pqc.jcajce.provider.sphincs.Sphincs256KeyFactorySpi;
+// import org.bouncycastle.pqc.jcajce.provider.xmss.XMSSKeyFactorySpi;
+// import org.bouncycastle.pqc.jcajce.provider.xmss.XMSSMTKeyFactorySpi;
 
 /**
  * To add the provider at runtime use:
@@ -70,20 +71,25 @@
 
     private static final String[] SYMMETRIC_GENERIC =
     {
-        "PBEPBKDF1", "PBEPBKDF2", "PBEPKCS12", "TLSKDF", "SCRYPT"
+        // Android-changed: Remove unsupported algorithms, add our own version of PBEv2 AlgParams
+        // "PBEPBKDF1", "PBEPBKDF2", "PBEPKCS12", "TLSKDF", "SCRYPT"
+        "PBEPBKDF2", "PBEPKCS12", "PBES2AlgorithmParameters"
     };
 
     private static final String[] SYMMETRIC_MACS =
     {
-        "SipHash", "Poly1305"
+        // Android-removed: Unsupported algorithms
+        // "SipHash", "Poly1305"
     };
 
     private static final String[] SYMMETRIC_CIPHERS =
     {
-        "AES", "ARC4", "ARIA", "Blowfish", "Camellia", "CAST5", "CAST6", "ChaCha", "DES", "DESede",
-        "GOST28147", "Grainv1", "Grain128", "HC128", "HC256", "IDEA", "Noekeon", "RC2", "RC5",
-        "RC6", "Rijndael", "Salsa20", "SEED", "Serpent", "Shacal2", "Skipjack", "SM4", "TEA", "Twofish", "Threefish",
-        "VMPC", "VMPCKSA3", "XTEA", "XSalsa20", "OpenSSLPBKDF", "DSTU7624", "GOST3412_2015"
+        // Android-changed: Unsupported algorithms
+        // "AES", "ARC4", "ARIA", "Blowfish", "Camellia", "CAST5", "CAST6", "ChaCha", "DES", "DESede",
+        // "GOST28147", "Grainv1", "Grain128", "HC128", "HC256", "IDEA", "Noekeon", "RC2", "RC5",
+        // "RC6", "Rijndael", "Salsa20", "SEED", "Serpent", "Shacal2", "Skipjack", "SM4", "TEA", "Twofish", "Threefish",
+        // "VMPC", "VMPCKSA3", "XTEA", "XSalsa20", "OpenSSLPBKDF", "DSTU7624", "GOST3412_2015"
+        "AES", "ARC4", "Blowfish", "DES", "DESede", "RC2", "Twofish",
     };
 
      /*
@@ -95,12 +101,16 @@
     // later ones configure it.
     private static final String[] ASYMMETRIC_GENERIC =
     {
-        "X509", "IES"
+        // Android-changed: Unsupported algorithms
+        // "X509", "IES"
+        "X509"
     };
 
     private static final String[] ASYMMETRIC_CIPHERS =
     {
-        "DSA", "DH", "EC", "RSA", "GOST", "ECGOST", "ElGamal", "DSTU4145", "GM", "EdEC"
+        // Android-changed: Unsupported algorithms
+        // "DSA", "DH", "EC", "RSA", "GOST", "ECGOST", "ElGamal", "DSTU4145", "GM", "EdEC"
+        "DSA", "DH", "EC", "RSA",
     };
 
     /*
@@ -109,8 +119,10 @@
     private static final String DIGEST_PACKAGE = "org.bouncycastle.jcajce.provider.digest.";
     private static final String[] DIGESTS =
     {
-        "GOST3411", "Keccak", "MD2", "MD4", "MD5", "SHA1", "RIPEMD128", "RIPEMD160", "RIPEMD256", "RIPEMD320", "SHA224",
-        "SHA256", "SHA384", "SHA512", "SHA3", "Skein", "SM3", "Tiger", "Whirlpool", "Blake2b", "Blake2s", "DSTU7564"
+        // Android-changed: Unsupported algorithms
+        // "GOST3411", "Keccak", "MD2", "MD4", "MD5", "SHA1", "RIPEMD128", "RIPEMD160", "RIPEMD256", "RIPEMD320", "SHA224",
+        // "SHA256", "SHA384", "SHA512", "SHA3", "Skein", "SM3", "Tiger", "Whirlpool", "Blake2b", "Blake2s", "DSTU7564"
+        "MD5", "SHA1", "SHA224", "SHA256", "SHA384", "SHA512",
     };
 
     /*
@@ -122,14 +134,15 @@
         "BC", "BCFKS", "PKCS12"
     };
 
-    /*
-     * Configurable secure random
-     */
-    private static final String SECURE_RANDOM_PACKAGE = "org.bouncycastle.jcajce.provider.drbg.";
-    private static final String[] SECURE_RANDOMS =
-    {
-        "DRBG"
-    };
+    // Android-removed: Unsupported algorithms
+    // /*
+    //  * Configurable secure random
+    //  */
+    // private static final String SECURE_RANDOM_PACKAGE = "org.bouncycastle.jcajce.provider.drbg.";
+    // private static final String[] SECURE_RANDOMS =
+    // {
+    //     "DRBG"
+    // };
 
     /**
      * Construct a new provider.  This should only be required when
@@ -166,6 +179,8 @@
 
         loadAlgorithms(KEYSTORE_PACKAGE, KEYSTORES);
 
+        // Android-removed: Unsupported algorithms
+        /*
         loadAlgorithms(SECURE_RANDOM_PACKAGE, SECURE_RANDOMS);
 
         loadPQCKeys();  // so we can handle certificates containing them.
@@ -205,12 +220,16 @@
         put("CertPathBuilder.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathBuilderSpi");
         put("CertPathValidator.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi");
         put("CertPathBuilder.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi");
+        */
+        // END Android-removed: Unsupported algorithms
         put("CertPathValidator.PKIX", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi");
         put("CertPathBuilder.PKIX", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi");
         put("CertStore.Collection", "org.bouncycastle.jce.provider.CertStoreCollectionSpi");
-        put("CertStore.LDAP", "org.bouncycastle.jce.provider.X509LDAPCertStoreSpi");
-        put("CertStore.Multi", "org.bouncycastle.jce.provider.MultiCertStoreSpi");
-        put("Alg.Alias.CertStore.X509LDAP", "LDAP");
+        // BEGIN Android-removed: Unsupported algorithms
+        // put("CertStore.LDAP", "org.bouncycastle.jce.provider.X509LDAPCertStoreSpi");
+        // put("CertStore.Multi", "org.bouncycastle.jce.provider.MultiCertStoreSpi");
+        // put("Alg.Alias.CertStore.X509LDAP", "LDAP");
+        // END Android-removed: Unsupported algorithms
     }
 
     private void loadAlgorithms(String packageName, String[] names)
@@ -234,6 +253,8 @@
         }
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     private void loadPQCKeys()
     {
         addKeyInfoConverter(PQCObjectIdentifiers.sphincs256, new Sphincs256KeyFactorySpi());
@@ -249,6 +270,8 @@
         addKeyInfoConverter(PQCObjectIdentifiers.qTESLA_p_I, new QTESLAKeyFactorySpi());
         addKeyInfoConverter(PQCObjectIdentifiers.qTESLA_p_III, new QTESLAKeyFactorySpi());
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     public void setParameter(String parameterName, Object parameter)
     {

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/BrokenJCEBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/BrokenJCEBlockCipher.java
deleted file mode 100644
index a0f5692..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/BrokenJCEBlockCipher.java
+++ /dev/null

@@ -1,622 +0,0 @@
-package org.bouncycastle.jce.provider;
-
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.KeyFactory;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-
-import javax.crypto.BadPaddingException;
-import javax.crypto.Cipher;
-import javax.crypto.IllegalBlockSizeException;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.PBEParameterSpec;
-import javax.crypto.spec.RC2ParameterSpec;
-import javax.crypto.spec.RC5ParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.crypto.BlockCipher;
-import org.bouncycastle.crypto.BufferedBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.engines.DESEngine;
-import org.bouncycastle.crypto.engines.DESedeEngine;
-import org.bouncycastle.crypto.engines.TwofishEngine;
-import org.bouncycastle.crypto.modes.CBCBlockCipher;
-import org.bouncycastle.crypto.modes.CFBBlockCipher;
-import org.bouncycastle.crypto.modes.CTSBlockCipher;
-import org.bouncycastle.crypto.modes.OFBBlockCipher;
-import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.crypto.params.RC2Parameters;
-import org.bouncycastle.crypto.params.RC5Parameters;
-import org.bouncycastle.jcajce.provider.symmetric.util.BCPBEKey;
-import org.bouncycastle.util.Strings;
-
-public class BrokenJCEBlockCipher
-    implements BrokenPBE
-{
-    //
-    // specs we can handle.
-    //
-    private Class[]                 availableSpecs =
-                                    {
-                                        IvParameterSpec.class,
-                                        PBEParameterSpec.class,
-                                        RC2ParameterSpec.class,
-                                        RC5ParameterSpec.class
-                                    };
- 
-    private BufferedBlockCipher     cipher;
-    private ParametersWithIV        ivParam;
-
-    private int                     pbeType = PKCS12;
-    private int                     pbeHash = SHA1;
-    private int                     pbeKeySize;
-    private int                     pbeIvSize;
-
-    private int                     ivLength = 0;
-
-    private AlgorithmParameters     engineParams = null;
-
-    protected BrokenJCEBlockCipher(
-        BlockCipher engine)
-    {
-        cipher = new PaddedBufferedBlockCipher(engine);
-    }
-        
-    protected BrokenJCEBlockCipher(
-        BlockCipher engine,
-        int         pbeType,
-        int         pbeHash,
-        int         pbeKeySize,
-        int         pbeIvSize)
-    {
-        cipher = new PaddedBufferedBlockCipher(engine);
-
-        this.pbeType = pbeType;
-        this.pbeHash = pbeHash;
-        this.pbeKeySize = pbeKeySize;
-        this.pbeIvSize = pbeIvSize;
-    }
-
-    protected int engineGetBlockSize() 
-    {
-        return cipher.getBlockSize();
-    }
-
-    protected byte[] engineGetIV() 
-    {
-        return (ivParam != null) ? ivParam.getIV() : null;
-    }
-
-    protected int engineGetKeySize(
-        Key     key) 
-    {
-        return key.getEncoded().length;
-    }
-
-    protected int engineGetOutputSize(
-        int     inputLen) 
-    {
-        return cipher.getOutputSize(inputLen);
-    }
-
-    protected AlgorithmParameters engineGetParameters() 
-    {
-        if (engineParams == null)
-        {
-            if (ivParam != null)
-            {
-                String  name = cipher.getUnderlyingCipher().getAlgorithmName();
-
-                if (name.indexOf('/') >= 0)
-                {
-                    name = name.substring(0, name.indexOf('/'));
-                }
-
-                try
-                {
-                    engineParams = AlgorithmParameters.getInstance(name, BouncyCastleProvider.PROVIDER_NAME);
-                    engineParams.init(ivParam.getIV());
-                }
-                catch (Exception e)
-                {
-                    throw new RuntimeException(e.toString());
-                }
-            }
-        }
-
-        return engineParams;
-    }
-
-    protected void engineSetMode(
-        String  mode) 
-    {
-        String  modeName = Strings.toUpperCase(mode);
-
-        if (modeName.equals("ECB"))
-        {
-            ivLength = 0;
-            cipher = new PaddedBufferedBlockCipher(cipher.getUnderlyingCipher());
-        }
-        else if (modeName.equals("CBC"))
-        {
-            ivLength = cipher.getUnderlyingCipher().getBlockSize();
-            cipher = new PaddedBufferedBlockCipher(
-                            new CBCBlockCipher(cipher.getUnderlyingCipher()));
-        }
-        else if (modeName.startsWith("OFB"))
-        {
-            ivLength = cipher.getUnderlyingCipher().getBlockSize();
-            if (modeName.length() != 3)
-            {
-                int wordSize = Integer.parseInt(modeName.substring(3));
-
-                cipher = new PaddedBufferedBlockCipher(
-                                new OFBBlockCipher(cipher.getUnderlyingCipher(), wordSize));
-            }
-            else
-            {
-                cipher = new PaddedBufferedBlockCipher(
-                        new OFBBlockCipher(cipher.getUnderlyingCipher(), 8 * cipher.getBlockSize()));
-            }
-        }
-        else if (modeName.startsWith("CFB"))
-        {
-            ivLength = cipher.getUnderlyingCipher().getBlockSize();
-            if (modeName.length() != 3)
-            {
-                int wordSize = Integer.parseInt(modeName.substring(3));
-
-                cipher = new PaddedBufferedBlockCipher(
-                                new CFBBlockCipher(cipher.getUnderlyingCipher(), wordSize));
-            }
-            else
-            {
-                cipher = new PaddedBufferedBlockCipher(
-                        new CFBBlockCipher(cipher.getUnderlyingCipher(), 8 * cipher.getBlockSize()));
-            }
-        }
-        else
-        {
-            throw new IllegalArgumentException("can't support mode " + mode);
-        }
-    }
-
-    protected void engineSetPadding(
-        String  padding) 
-    throws NoSuchPaddingException
-    {
-        String  paddingName = Strings.toUpperCase(padding);
-
-        if (paddingName.equals("NOPADDING"))
-        {
-            cipher = new BufferedBlockCipher(cipher.getUnderlyingCipher());
-        }
-        else if (paddingName.equals("PKCS5PADDING") || paddingName.equals("PKCS7PADDING") || paddingName.equals("ISO10126PADDING"))
-        {
-            cipher = new PaddedBufferedBlockCipher(cipher.getUnderlyingCipher());
-        }
-        else if (paddingName.equals("WITHCTS"))
-        {
-            cipher = new CTSBlockCipher(cipher.getUnderlyingCipher());
-        }
-        else
-        {
-            throw new NoSuchPaddingException("Padding " + padding + " unknown.");
-        }
-    }
-
-    protected void engineInit(
-        int                     opmode,
-        Key                     key,
-        AlgorithmParameterSpec  params,
-        SecureRandom            random) 
-    throws InvalidKeyException, InvalidAlgorithmParameterException
-    {
-        CipherParameters        param;
-
-        //
-        // a note on iv's - if ivLength is zero the IV gets ignored (we don't use it).
-        //
-        if (key instanceof BCPBEKey)
-        {
-            param = BrokenPBE.Util.makePBEParameters((BCPBEKey)key, params, pbeType, pbeHash,
-                        cipher.getUnderlyingCipher().getAlgorithmName(), pbeKeySize, pbeIvSize);
-
-            if (pbeIvSize != 0)
-            {
-                ivParam = (ParametersWithIV)param;
-            }
-        }
-        else if (params == null)
-        {
-            param = new KeyParameter(key.getEncoded());
-        }
-        else if (params instanceof IvParameterSpec)
-        {
-            if (ivLength != 0)
-            {
-                param = new ParametersWithIV(new KeyParameter(key.getEncoded()), ((IvParameterSpec)params).getIV());
-                ivParam = (ParametersWithIV)param;
-            }
-            else
-            {
-                param = new KeyParameter(key.getEncoded());
-            }
-        }
-        else if (params instanceof RC2ParameterSpec)
-        {
-            RC2ParameterSpec    rc2Param = (RC2ParameterSpec)params;
-
-            param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits());
-
-            if (rc2Param.getIV() != null && ivLength != 0)
-            {
-                param = new ParametersWithIV(param, rc2Param.getIV());
-                ivParam = (ParametersWithIV)param;
-            }
-        }
-        else if (params instanceof RC5ParameterSpec)
-        {
-            RC5ParameterSpec    rc5Param = (RC5ParameterSpec)params;
-
-            param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds());
-            if (rc5Param.getWordSize() != 32)
-            {
-                throw new IllegalArgumentException("can only accept RC5 word size 32 (at the moment...)");
-            }
-            if ((rc5Param.getIV() != null) && (ivLength != 0))
-            {
-                param = new ParametersWithIV(param, rc5Param.getIV());
-                ivParam = (ParametersWithIV)param;
-            }
-        }
-        else
-        {
-            throw new InvalidAlgorithmParameterException("unknown parameter type.");
-        }
-
-        if ((ivLength != 0) && !(param instanceof ParametersWithIV))
-        {
-            if (random == null)
-            {
-                random = CryptoServicesRegistrar.getSecureRandom();
-            }
-
-            if ((opmode == Cipher.ENCRYPT_MODE) || (opmode == Cipher.WRAP_MODE))
-            {
-                byte[]  iv = new byte[ivLength];
-
-                random.nextBytes(iv);
-                param = new ParametersWithIV(param, iv);
-                ivParam = (ParametersWithIV)param;
-            }
-            else
-            {
-                throw new InvalidAlgorithmParameterException("no IV set when one expected");
-            }
-        }
-
-        switch (opmode)
-        {
-        case Cipher.ENCRYPT_MODE:
-        case Cipher.WRAP_MODE:
-            cipher.init(true, param);
-            break;
-        case Cipher.DECRYPT_MODE:
-        case Cipher.UNWRAP_MODE:
-            cipher.init(false, param);
-            break;
-        default:
-            System.out.println("eeek!");
-        }
-    }
-
-    protected void engineInit(
-        int                 opmode,
-        Key                 key,
-        AlgorithmParameters params,
-        SecureRandom        random) 
-    throws InvalidKeyException, InvalidAlgorithmParameterException
-    {
-        AlgorithmParameterSpec  paramSpec = null;
-
-        if (params != null)
-        {
-            for (int i = 0; i != availableSpecs.length; i++)
-            {
-                try
-                {
-                    paramSpec = params.getParameterSpec(availableSpecs[i]);
-                    break;
-                }
-                catch (Exception e)
-                {
-                    continue;
-                }
-            }
-
-            if (paramSpec == null)
-            {
-                throw new InvalidAlgorithmParameterException("can't handle parameter " + params.toString());
-            }
-        }
-
-        engineParams = params;
-        engineInit(opmode, key, paramSpec, random);
-    }
-
-    protected void engineInit(
-        int                 opmode,
-        Key                 key,
-        SecureRandom        random) 
-        throws InvalidKeyException
-    {
-        try
-        {
-            engineInit(opmode, key, (AlgorithmParameterSpec)null, random);
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            throw new IllegalArgumentException(e.getMessage());
-        }
-    }
-
-    protected byte[] engineUpdate(
-        byte[]  input,
-        int     inputOffset,
-        int     inputLen) 
-    {
-        int     length = cipher.getUpdateOutputSize(inputLen);
-
-        if (length > 0)
-        {
-                byte[]  out = new byte[length];
-
-                cipher.processBytes(input, inputOffset, inputLen, out, 0);
-                return out;
-        }
-
-        cipher.processBytes(input, inputOffset, inputLen, null, 0);
-
-        return null;
-    }
-
-    protected int engineUpdate(
-        byte[]  input,
-        int     inputOffset,
-        int     inputLen,
-        byte[]  output,
-        int     outputOffset) 
-    {
-        return cipher.processBytes(input, inputOffset, inputLen, output, outputOffset);
-    }
-
-    protected byte[] engineDoFinal(
-        byte[]  input,
-        int     inputOffset,
-        int     inputLen) 
-        throws IllegalBlockSizeException, BadPaddingException
-    {
-        int     len = 0;
-        byte[]  tmp = new byte[engineGetOutputSize(inputLen)];
-
-        if (inputLen != 0)
-        {
-            len = cipher.processBytes(input, inputOffset, inputLen, tmp, 0);
-        }
-
-        try
-        {
-            len += cipher.doFinal(tmp, len);
-        }
-        catch (DataLengthException e)
-        {
-            throw new IllegalBlockSizeException(e.getMessage());
-        }
-        catch (InvalidCipherTextException e)
-        {
-            throw new BadPaddingException(e.getMessage());
-        }
-
-        byte[]  out = new byte[len];
-
-        System.arraycopy(tmp, 0, out, 0, len);
-
-        return out;
-    }
-
-    protected int engineDoFinal(
-        byte[]  input,
-        int     inputOffset,
-        int     inputLen,
-        byte[]  output,
-        int     outputOffset) 
-        throws IllegalBlockSizeException, BadPaddingException
-    {
-        int     len = 0;
-
-        if (inputLen != 0)
-        {
-                len = cipher.processBytes(input, inputOffset, inputLen, output, outputOffset);
-        }
-
-        try
-        {
-            return len + cipher.doFinal(output, outputOffset + len);
-        }
-        catch (DataLengthException e)
-        {
-            throw new IllegalBlockSizeException(e.getMessage());
-        }
-        catch (InvalidCipherTextException e)
-        {
-            throw new BadPaddingException(e.getMessage());
-        }
-    }
-
-    protected byte[] engineWrap(
-        Key     key) 
-    throws IllegalBlockSizeException, java.security.InvalidKeyException
-    {
-        byte[] encoded = key.getEncoded();
-        if (encoded == null)
-        {
-            throw new InvalidKeyException("Cannot wrap key, null encoding.");
-        }
-
-        try
-        {
-            return engineDoFinal(encoded, 0, encoded.length);
-        }
-        catch (BadPaddingException e)
-        {
-            throw new IllegalBlockSizeException(e.getMessage());
-        }
-    }
-
-    protected Key engineUnwrap(
-        byte[]  wrappedKey,
-        String  wrappedKeyAlgorithm,
-        int     wrappedKeyType) 
-    throws InvalidKeyException
-    {
-        byte[] encoded = null;
-        try
-        {
-            encoded = engineDoFinal(wrappedKey, 0, wrappedKey.length);
-        }
-        catch (BadPaddingException e)
-        {
-            throw new InvalidKeyException(e.getMessage());
-        }
-        catch (IllegalBlockSizeException e2)
-        {
-            throw new InvalidKeyException(e2.getMessage());
-        }
-
-        if (wrappedKeyType == Cipher.SECRET_KEY)
-        {
-            return new SecretKeySpec(encoded, wrappedKeyAlgorithm);
-        }
-        else
-        {
-            try
-            {
-                KeyFactory kf = KeyFactory.getInstance(wrappedKeyAlgorithm, BouncyCastleProvider.PROVIDER_NAME);
-
-                if (wrappedKeyType == Cipher.PUBLIC_KEY)
-                {
-                    return kf.generatePublic(new X509EncodedKeySpec(encoded));
-                }
-                else if (wrappedKeyType == Cipher.PRIVATE_KEY)
-                {
-                    return kf.generatePrivate(new PKCS8EncodedKeySpec(encoded));
-                }
-            }
-            catch (NoSuchProviderException e)
-            {
-                throw new InvalidKeyException("Unknown key type " + e.getMessage());
-            }
-            catch (NoSuchAlgorithmException e)
-            {
-                throw new InvalidKeyException("Unknown key type " + e.getMessage());
-            }
-            catch (InvalidKeySpecException e2)
-            {
-                throw new InvalidKeyException("Unknown key type " + e2.getMessage());
-            }
-
-            throw new InvalidKeyException("Unknown key type " + wrappedKeyType);
-        }
-    }
-
-    /*
-     * The ciphers that inherit from us.
-     */
-
-    /**
-     * PBEWithMD5AndDES
-     */
-    static public class BrokePBEWithMD5AndDES
-        extends BrokenJCEBlockCipher
-    {
-        public BrokePBEWithMD5AndDES()
-        {
-            super(new CBCBlockCipher(new DESEngine()), PKCS5S1, MD5, 64, 64);
-        }
-    }
-
-    /**
-     * PBEWithSHA1AndDES
-     */
-    static public class BrokePBEWithSHA1AndDES
-        extends BrokenJCEBlockCipher
-    {
-        public BrokePBEWithSHA1AndDES()
-        {
-            super(new CBCBlockCipher(new DESEngine()), PKCS5S1, SHA1, 64, 64);
-        }
-    }
-
-    /**
-     * PBEWithSHAAnd3-KeyTripleDES-CBC
-     */
-    static public class BrokePBEWithSHAAndDES3Key
-        extends BrokenJCEBlockCipher
-    {
-        public BrokePBEWithSHAAndDES3Key()
-        {
-            super(new CBCBlockCipher(new DESedeEngine()), PKCS12, SHA1, 192, 64);
-        }
-    }
-
-    /**
-     * OldPBEWithSHAAnd3-KeyTripleDES-CBC
-     */
-    static public class OldPBEWithSHAAndDES3Key
-        extends BrokenJCEBlockCipher
-    {
-        public OldPBEWithSHAAndDES3Key()
-        {
-            super(new CBCBlockCipher(new DESedeEngine()), OLD_PKCS12, SHA1, 192, 64);
-        }
-    }
-
-    /**
-     * PBEWithSHAAnd2-KeyTripleDES-CBC
-     */
-    static public class BrokePBEWithSHAAndDES2Key
-        extends BrokenJCEBlockCipher
-    {
-        public BrokePBEWithSHAAndDES2Key()
-        {
-            super(new CBCBlockCipher(new DESedeEngine()), PKCS12, SHA1, 128, 64);
-        }
-    }
-
-    /**
-     * OldPBEWithSHAAndTwofish-CBC
-     */
-    static public class OldPBEWithSHAAndTwofish
-        extends BrokenJCEBlockCipher
-    {
-        public OldPBEWithSHAAndTwofish()
-        {
-            super(new CBCBlockCipher(new TwofishEngine()), OLD_PKCS12, SHA1, 256, 128);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/BrokenKDF2BytesGenerator.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/BrokenKDF2BytesGenerator.java
deleted file mode 100644
index 0f328f6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/BrokenKDF2BytesGenerator.java
+++ /dev/null

@@ -1,128 +0,0 @@
-package org.bouncycastle.jce.provider;
-
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.DerivationFunction;
-import org.bouncycastle.crypto.DerivationParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.OutputLengthException;
-import org.bouncycastle.crypto.params.KDFParameters;
-
-/**
- * Generator for PBE derived keys and ivs as defined by IEEE P1363a
- * <br>
- * This implementation is based on draft 9 of IEEE P1363a. <b>Note:</b>
- * as this is still a draft the output of this generator may change, don't
- * use it for anything that might be subject to long term storage.
- */
-public class BrokenKDF2BytesGenerator
-    implements DerivationFunction
-{
-    private Digest  digest;
-    private byte[]  shared;
-    private byte[]  iv;
-
-    /**
-     * Construct a KDF2 Parameters generator. Generates key material
-     * according to IEEE P1363a - if you want orthodox results you should
-     * use a digest specified in the standard.
-     * <p>
-     * <b>Note:</b> IEEE P1363a standard is still a draft standard, if the standard
-     * changes this function, the output of this function will change as well.
-     * Don't use this routine for anything subject to long term storage.
-     *
-     * @param digest the digest to be used as the source of derived keys.
-     */
-    public BrokenKDF2BytesGenerator(
-        Digest  digest)
-    {
-        this.digest = digest;
-    }
-
-    public void init(
-        DerivationParameters    param)
-    {
-        if (!(param instanceof KDFParameters))
-        {
-            throw new IllegalArgumentException("KDF parameters required for generator");
-        }
-
-        KDFParameters   p = (KDFParameters)param;
-
-        shared = p.getSharedSecret();
-        iv = p.getIV();
-    }
-
-    /**
-     * return the underlying digest.
-     */
-    public Digest getDigest()
-    {
-        return digest;
-    }
-
-    /**
-     * fill len bytes of the output buffer with bytes generated from
-     * the derivation function.
-     *
-     * @throws IllegalArgumentException if the size of the request will cause an overflow.
-     * @throws DataLengthException if the out buffer is too small.
-     */
-    public int generateBytes(
-        byte[]  out,
-        int     outOff,
-        int     len)
-        throws DataLengthException, IllegalArgumentException
-    {
-        if ((out.length - len) < outOff)
-        {
-            throw new OutputLengthException("output buffer too small");
-        }
-
-        long    oBits = len * 8L;
-
-        //
-        // this is at odds with the standard implementation, the
-        // maximum value should be hBits * (2^32 - 1) where hBits
-        // is the digest output size in bits. We can't have an
-        // array with a long index at the moment...
-        //
-        if (oBits > (digest.getDigestSize() * 8L * (1L<<32 - 1)))
-        {
-            throw new IllegalArgumentException("Output length too large");
-        }
-    
-        int cThreshold = (int)(oBits / digest.getDigestSize());
-
-        byte[] dig = null;
-
-        dig = new byte[digest.getDigestSize()];
-
-        for (int counter = 1; counter <= cThreshold; counter++)
-        {
-            digest.update(shared, 0, shared.length);
-
-            digest.update((byte)(counter & 0xff));
-            digest.update((byte)((counter >> 8) & 0xff));
-            digest.update((byte)((counter >> 16) & 0xff));
-            digest.update((byte)((counter >> 24) & 0xff));
-
-            digest.update(iv, 0, iv.length);
-
-            digest.doFinal(dig, 0);
-
-            if ((len - outOff) > dig.length)
-            {
-                System.arraycopy(dig, 0, out, outOff, dig.length);
-                outOff += dig.length;
-            }
-            else
-            {
-                System.arraycopy(dig, 0, out, outOff, len - outOff);
-            }
-        }
-    
-        digest.reset();
-
-        return len;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/BrokenPBE.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/BrokenPBE.java
deleted file mode 100644
index a173625..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/BrokenPBE.java
+++ /dev/null

@@ -1,441 +0,0 @@
-package org.bouncycastle.jce.provider;
-
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.spec.PBEParameterSpec;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.PBEParametersGenerator;
-import org.bouncycastle.crypto.digests.MD5Digest;
-import org.bouncycastle.crypto.digests.RIPEMD160Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator;
-import org.bouncycastle.crypto.generators.PKCS5S1ParametersGenerator;
-import org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.jcajce.provider.symmetric.util.BCPBEKey;
-
-/**
- * Generator for PBE derived keys and ivs as defined by PKCS 12 V1.0,
- * with a bug affecting 180 bit plus keys - this class is only here to
- * allow smooth migration of the version 0 keystore to version 1. Don't
- * use it (it won't be staying around).
- * <p>
- * The document this implementation is based on can be found at
- * <a href=http://www.rsasecurity.com/rsalabs/pkcs/pkcs-12/index.html>
- * RSA's PKCS12 Page</a>
- */
-class OldPKCS12ParametersGenerator
-    extends PBEParametersGenerator
-{
-    public static final int KEY_MATERIAL = 1;
-    public static final int IV_MATERIAL  = 2;
-    public static final int MAC_MATERIAL = 3;
-
-    private Digest digest;
-
-    private int     u;
-    private int     v;
-
-    /**
-     * Construct a PKCS 12 Parameters generator. This constructor will
-     * accept MD5, SHA1, and RIPEMD160.
-     *
-     * @param digest the digest to be used as the source of derived keys.
-     * @exception IllegalArgumentException if an unknown digest is passed in.
-     */
-    public OldPKCS12ParametersGenerator(
-        Digest  digest)
-    {
-        this.digest = digest;
-        if (digest instanceof MD5Digest)
-        {
-            u = 128 / 8;
-            v = 512 / 8;
-        }
-        else if (digest instanceof SHA1Digest)
-        {
-            u = 160 / 8;
-            v = 512 / 8;
-        }
-        else if (digest instanceof RIPEMD160Digest)
-        {
-            u = 160 / 8;
-            v = 512 / 8;
-        }
-        else
-        {
-            throw new IllegalArgumentException("Digest " + digest.getAlgorithmName() + " unsupported");
-        }
-    }
-
-    /**
-     * add a + b + 1, returning the result in a. The a value is treated
-     * as a BigInteger of length (b.length * 8) bits. The result is 
-     * modulo 2^b.length in case of overflow.
-     */
-    private void adjust(
-        byte[]  a,
-        int     aOff,
-        byte[]  b)
-    {
-        int  x = (b[b.length - 1] & 0xff) + (a[aOff + b.length - 1] & 0xff) + 1;
-
-        a[aOff + b.length - 1] = (byte)x;
-        x >>>= 8;
-
-        for (int i = b.length - 2; i >= 0; i--)
-        {
-            x += (b[i] & 0xff) + (a[aOff + i] & 0xff);
-            a[aOff + i] = (byte)x;
-            x >>>= 8;
-        }
-    }
-
-    /**
-     * generation of a derived key ala PKCS12 V1.0.
-     */
-    private byte[] generateDerivedKey(
-        int idByte,
-        int n)
-    {
-        byte[]  D = new byte[v];
-        byte[]  dKey = new byte[n];
-
-        for (int i = 0; i != D.length; i++)
-        {
-            D[i] = (byte)idByte;
-        }
-
-        byte[]  S;
-
-        if ((salt != null) && (salt.length != 0))
-        {
-            S = new byte[v * ((salt.length + v - 1) / v)];
-
-            for (int i = 0; i != S.length; i++)
-            {
-                S[i] = salt[i % salt.length];
-            }
-        }
-        else
-        {
-            S = new byte[0];
-        }
-
-        byte[]  P;
-
-        if ((password != null) && (password.length != 0))
-        {
-            P = new byte[v * ((password.length + v - 1) / v)];
-
-            for (int i = 0; i != P.length; i++)
-            {
-                P[i] = password[i % password.length];
-            }
-        }
-        else
-        {
-            P = new byte[0];
-        }
-
-        byte[]  I = new byte[S.length + P.length];
-
-        System.arraycopy(S, 0, I, 0, S.length);
-        System.arraycopy(P, 0, I, S.length, P.length);
-
-        byte[]  B = new byte[v];
-        int     c = (n + u - 1) / u;
-
-        for (int i = 1; i <= c; i++)
-        {
-            byte[]  A = new byte[u];
-
-            digest.update(D, 0, D.length);
-            digest.update(I, 0, I.length);
-            digest.doFinal(A, 0);
-            for (int j = 1; j != iterationCount; j++)
-            {
-                digest.update(A, 0, A.length);
-                digest.doFinal(A, 0);
-            }
-
-            for (int j = 0; j != B.length; j++)
-            {
-                B[i] = A[j % A.length];
-            }
-
-            for (int j = 0; j != I.length / v; j++)
-            {
-                adjust(I, j * v, B);
-            }
-
-            if (i == c)
-            {
-                System.arraycopy(A, 0, dKey, (i - 1) * u, dKey.length - ((i - 1) * u));
-            }
-            else
-            {
-                System.arraycopy(A, 0, dKey, (i - 1) * u, A.length);
-            }
-        }
-
-        return dKey;
-    }
-
-    /**
-     * Generate a key parameter derived from the password, salt, and iteration
-     * count we are currently initialised with.
-     *
-     * @param keySize the size of the key we want (in bits)
-     * @return a KeyParameter object.
-     */
-    public CipherParameters generateDerivedParameters(
-        int keySize)
-    {
-        keySize = keySize / 8;
-
-        byte[]  dKey = generateDerivedKey(KEY_MATERIAL, keySize);
-
-        return new KeyParameter(dKey, 0, keySize);
-    }
-
-    /**
-     * Generate a key with initialisation vector parameter derived from
-     * the password, salt, and iteration count we are currently initialised
-     * with.
-     *
-     * @param keySize the size of the key we want (in bits)
-     * @param ivSize the size of the iv we want (in bits)
-     * @return a ParametersWithIV object.
-     */
-    public CipherParameters generateDerivedParameters(
-        int     keySize,
-        int     ivSize)
-    {
-        keySize = keySize / 8;
-        ivSize = ivSize / 8;
-
-        byte[]  dKey = generateDerivedKey(KEY_MATERIAL, keySize);
-
-        byte[]  iv = generateDerivedKey(IV_MATERIAL, ivSize);
-
-        return new ParametersWithIV(new KeyParameter(dKey, 0, keySize), iv, 0, ivSize);
-    }
-
-    /**
-     * Generate a key parameter for use with a MAC derived from the password,
-     * salt, and iteration count we are currently initialised with.
-     *
-     * @param keySize the size of the key we want (in bits)
-     * @return a KeyParameter object.
-     */
-    public CipherParameters generateDerivedMacParameters(
-        int keySize)
-    {
-        keySize = keySize / 8;
-
-        byte[]  dKey = generateDerivedKey(MAC_MATERIAL, keySize);
-
-        return new KeyParameter(dKey, 0, keySize);
-    }
-}
-
-public interface BrokenPBE
-{
-    //
-    // PBE Based encryption constants - by default we do PKCS12 with SHA-1
-    //
-    static final int        MD5         = 0;
-    static final int        SHA1        = 1;
-    static final int        RIPEMD160   = 2;
-
-    static final int        PKCS5S1     = 0;
-    static final int        PKCS5S2     = 1;
-    static final int        PKCS12      = 2;
-    static final int        OLD_PKCS12  = 3;
-
-    /**
-     * uses the appropriate mixer to generate the key and IV if neccessary.
-     */
-    static class Util
-    {
-        /**
-         * a faulty parity routine...
-         *
-         * @param bytes the byte array to set the parity on.
-         */
-        static private void setOddParity(
-            byte[] bytes)
-        {
-            for (int i = 0; i < bytes.length; i++)
-            {
-                int b = bytes[i];
-                bytes[i] = (byte)((b & 0xfe) |
-                                (((b >> 1) ^
-                                (b >> 2) ^
-                                (b >> 3) ^
-                                (b >> 4) ^
-                                (b >> 5) ^
-                                (b >> 6) ^
-                                (b >> 7)) ^ 0x01));
-            }
-        }
-
-        static private PBEParametersGenerator makePBEGenerator(
-            int                     type,
-            int                     hash)
-        {
-            PBEParametersGenerator  generator;
-    
-            if (type == PKCS5S1)
-            {
-                switch (hash)
-                {
-                case MD5:
-                    generator = new PKCS5S1ParametersGenerator(new MD5Digest());
-                    break;
-                case SHA1:
-                    generator = new PKCS5S1ParametersGenerator(new SHA1Digest());
-                    break;
-                default:
-                    throw new IllegalStateException("PKCS5 scheme 1 only supports only MD5 and SHA1.");
-                }
-            }
-            else if (type == PKCS5S2)
-            {
-                generator = new PKCS5S2ParametersGenerator();
-            }
-            else if (type == OLD_PKCS12)
-            {
-                switch (hash)
-                {
-                case MD5:
-                    generator = new OldPKCS12ParametersGenerator(new MD5Digest());
-                    break;
-                case SHA1:
-                    generator = new OldPKCS12ParametersGenerator(new SHA1Digest());
-                    break;
-                case RIPEMD160:
-                    generator = new OldPKCS12ParametersGenerator(new RIPEMD160Digest());
-                    break;
-                default:
-                    throw new IllegalStateException("unknown digest scheme for PBE encryption.");
-                }
-            }
-            else
-            {
-                switch (hash)
-                {
-                case MD5:
-                    generator = new PKCS12ParametersGenerator(new MD5Digest());
-                    break;
-                case SHA1:
-                    generator = new PKCS12ParametersGenerator(new SHA1Digest());
-                    break;
-                case RIPEMD160:
-                    generator = new PKCS12ParametersGenerator(new RIPEMD160Digest());
-                    break;
-                default:
-                    throw new IllegalStateException("unknown digest scheme for PBE encryption.");
-                }
-            }
-    
-            return generator;
-        }
-
-        /**
-         * construct a key and iv (if neccessary) suitable for use with a 
-         * Cipher.
-         */
-        static CipherParameters makePBEParameters(
-            BCPBEKey pbeKey,
-            AlgorithmParameterSpec  spec,
-            int                     type,
-            int                     hash,
-            String                  targetAlgorithm,
-            int                     keySize,
-            int                     ivSize)
-        {
-            if ((spec == null) || !(spec instanceof PBEParameterSpec))
-            {
-                throw new IllegalArgumentException("Need a PBEParameter spec with a PBE key.");
-            }
-    
-            PBEParameterSpec        pbeParam = (PBEParameterSpec)spec;
-            PBEParametersGenerator  generator = makePBEGenerator(type, hash);
-            byte[]                  key = pbeKey.getEncoded();
-            CipherParameters        param;
-    
-            generator.init(key, pbeParam.getSalt(), pbeParam.getIterationCount());
-
-            if (ivSize != 0)
-            {
-                param = generator.generateDerivedParameters(keySize, ivSize);
-            }
-            else
-            {
-                param = generator.generateDerivedParameters(keySize);
-            }
-
-            if (targetAlgorithm.startsWith("DES"))
-            {
-                if (param instanceof ParametersWithIV)
-                {
-                    KeyParameter    kParam = (KeyParameter)((ParametersWithIV)param).getParameters();
-
-                    setOddParity(kParam.getKey());
-                }
-                else
-                {
-                    KeyParameter    kParam = (KeyParameter)param;
-
-                    setOddParity(kParam.getKey());
-                }
-            }
-
-            for (int i = 0; i != key.length; i++)
-            {
-                key[i] = 0;
-            }
-
-            return param;
-        }
-
-        /**
-         * generate a PBE based key suitable for a MAC algorithm, the
-         * key size is chosen according the MAC size, or the hashing algorithm,
-         * whichever is greater.
-         */
-        static CipherParameters makePBEMacParameters(
-            BCPBEKey pbeKey,
-            AlgorithmParameterSpec  spec,
-            int                     type,
-            int                     hash,
-            int                     keySize)
-        {
-            if ((spec == null) || !(spec instanceof PBEParameterSpec))
-            {
-                throw new IllegalArgumentException("Need a PBEParameter spec with a PBE key.");
-            }
-    
-            PBEParameterSpec        pbeParam = (PBEParameterSpec)spec;
-            PBEParametersGenerator  generator = makePBEGenerator(type, hash);
-            byte[]                  key = pbeKey.getEncoded();
-            CipherParameters        param;
-    
-            generator.init(key, pbeParam.getSalt(), pbeParam.getIterationCount());
-
-            param = generator.generateDerivedMacParameters(keySize);
-    
-            for (int i = 0; i != key.length; i++)
-            {
-                key[i] = 0;
-            }
-
-            return param;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/CertBlacklist.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/CertBlacklist.java
new file mode 100644
index 0000000..1094b3b
--- /dev/null
+++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/CertBlacklist.java

@@ -0,0 +1,233 @@
+/*
+ * Copyright (C) 2012 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package org.bouncycastle.jce.provider;
+
+import java.io.Closeable;
+import java.io.ByteArrayOutputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.io.RandomAccessFile;
+import java.math.BigInteger;
+import java.security.PublicKey;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Set;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+import org.bouncycastle.crypto.Digest;
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
+import org.bouncycastle.util.encoders.Hex;
+
+public class CertBlacklist {
+    private static final Logger logger = Logger.getLogger(CertBlacklist.class.getName());
+
+    // public for testing
+    public final Set<BigInteger> serialBlacklist;
+    public final Set<byte[]> pubkeyBlacklist;
+
+    public CertBlacklist() {
+        String androidData = System.getenv("ANDROID_DATA");
+        String blacklistRoot = androidData + "/misc/keychain/";
+        String defaultPubkeyBlacklistPath = blacklistRoot + "pubkey_blacklist.txt";
+        String defaultSerialBlacklistPath = blacklistRoot + "serial_blacklist.txt";
+
+        pubkeyBlacklist = readPublicKeyBlackList(defaultPubkeyBlacklistPath);
+        serialBlacklist = readSerialBlackList(defaultSerialBlacklistPath);
+    }
+
+    /** Test only interface, not for public use */
+    public CertBlacklist(String pubkeyBlacklistPath, String serialBlacklistPath) {
+        pubkeyBlacklist = readPublicKeyBlackList(pubkeyBlacklistPath);
+        serialBlacklist = readSerialBlackList(serialBlacklistPath);
+    }
+
+    private static boolean isHex(String value) {
+        try {
+            new BigInteger(value, 16);
+            return true;
+        } catch (NumberFormatException e) {
+            logger.log(Level.WARNING, "Could not parse hex value " + value, e);
+            return false;
+        }
+    }
+
+    private static boolean isPubkeyHash(String value) {
+        if (value.length() != 40) {
+            logger.log(Level.WARNING, "Invalid pubkey hash length: " + value.length());
+            return false;
+        }
+        return isHex(value);
+    }
+
+    private static String readBlacklist(String path) {
+        try {
+            return readFileAsString(path);
+        } catch (FileNotFoundException ignored) {
+        } catch (IOException e) {
+            logger.log(Level.WARNING, "Could not read blacklist", e);
+        }
+        return "";
+    }
+
+    // From IoUtils.readFileAsString
+    private static String readFileAsString(String path) throws IOException {
+        return readFileAsBytes(path).toString("UTF-8");
+    }
+
+    // Based on IoUtils.readFileAsBytes
+    private static ByteArrayOutputStream readFileAsBytes(String path) throws IOException {
+        RandomAccessFile f = null;
+        try {
+            f = new RandomAccessFile(path, "r");
+            ByteArrayOutputStream bytes = new ByteArrayOutputStream((int) f.length());
+            byte[] buffer = new byte[8192];
+            while (true) {
+                int byteCount = f.read(buffer);
+                if (byteCount == -1) {
+                    return bytes;
+                }
+                bytes.write(buffer, 0, byteCount);
+            }
+        } finally {
+            closeQuietly(f);
+        }
+    }
+
+    // Base on IoUtils.closeQuietly
+    private static void closeQuietly(Closeable closeable) {
+        if (closeable != null) {
+            try {
+                closeable.close();
+            } catch (RuntimeException rethrown) {
+                throw rethrown;
+            } catch (Exception ignored) {
+            }
+        }
+    }
+
+    private static final Set<BigInteger> readSerialBlackList(String path) {
+
+        /* Start out with a base set of known bad values.
+         *
+         * WARNING: Do not add short serials to this list!
+         *
+         * Since this currently doesn't compare the serial + issuer, you
+         * should only add serials that have enough entropy here. Short
+         * serials may inadvertently match a certificate that was issued
+         * not in compliance with the Baseline Requirements.
+         */
+        Set<BigInteger> bl = new HashSet<BigInteger>(Arrays.asList(
+            // From http://src.chromium.org/viewvc/chrome/trunk/src/net/base/x509_certificate.cc?revision=78748&view=markup
+            // Not a real certificate. For testing only.
+            new BigInteger("077a59bcd53459601ca6907267a6dd1c", 16),
+            new BigInteger("047ecbe9fca55f7bd09eae36e10cae1e", 16),
+            new BigInteger("d8f35f4eb7872b2dab0692e315382fb0", 16),
+            new BigInteger("b0b7133ed096f9b56fae91c874bd3ac0", 16),
+            new BigInteger("9239d5348f40d1695a745470e1f23f43", 16),
+            new BigInteger("e9028b9578e415dc1a710a2b88154447", 16),
+            new BigInteger("d7558fdaf5f1105bb213282b707729a3", 16),
+            new BigInteger("f5c86af36162f13a64f54f6dc9587c06", 16),
+            new BigInteger("392a434f0e07df1f8aa305de34e0c229", 16),
+            new BigInteger("3e75ced46b693021218830ae86a82a71", 16)
+        ));
+
+        // attempt to augment it with values taken from gservices
+        String serialBlacklist = readBlacklist(path);
+        if (!serialBlacklist.equals("")) {
+            for(String value : serialBlacklist.split(",")) {
+                try {
+                    bl.add(new BigInteger(value, 16));
+                } catch (NumberFormatException e) {
+                    logger.log(Level.WARNING, "Tried to blacklist invalid serial number " + value, e);
+                }
+            }
+        }
+
+        // whether that succeeds or fails, send it on its merry way
+        return Collections.unmodifiableSet(bl);
+    }
+
+    private static final Set<byte[]> readPublicKeyBlackList(String path) {
+
+        // start out with a base set of known bad values
+        Set<byte[]> bl = new HashSet<byte[]>(Arrays.asList(
+            // From http://src.chromium.org/viewvc/chrome/branches/782/src/net/base/x509_certificate.cc?r1=98750&r2=98749&pathrev=98750
+            // C=NL, O=DigiNotar, CN=DigiNotar Root CA/emailAddress=info@diginotar.nl
+            "410f36363258f30b347d12ce4863e433437806a8".getBytes(),
+            // Subject: CN=DigiNotar Cyber CA
+            // Issuer: CN=GTE CyberTrust Global Root
+            "ba3e7bd38cd7e1e6b9cd4c219962e59d7a2f4e37".getBytes(),
+            // Subject: CN=DigiNotar Services 1024 CA
+            // Issuer: CN=Entrust.net
+            "e23b8d105f87710a68d9248050ebefc627be4ca6".getBytes(),
+            // Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2
+            // Issuer: CN=Staat der Nederlanden Organisatie CA - G2
+            "7b2e16bc39bcd72b456e9f055d1de615b74945db".getBytes(),
+            // Subject: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven
+            // Issuer: CN=Staat der Nederlanden Overheid CA
+            "e8f91200c65cee16e039b9f883841661635f81c5".getBytes(),
+            // From http://src.chromium.org/viewvc/chrome?view=rev&revision=108479
+            // Subject: O=Digicert Sdn. Bhd.
+            // Issuer: CN=GTE CyberTrust Global Root
+            "0129bcd5b448ae8d2496d1c3e19723919088e152".getBytes(),
+            // Subject: CN=e-islem.kktcmerkezbankasi.org/emailAddress=ileti@kktcmerkezbankasi.org
+            // Issuer: CN=T\xC3\x9CRKTRUST Elektronik Sunucu Sertifikas\xC4\xB1 Hizmetleri
+            "5f3ab33d55007054bc5e3e5553cd8d8465d77c61".getBytes(),
+            // Subject: CN=*.EGO.GOV.TR 93
+            // Issuer: CN=T\xC3\x9CRKTRUST Elektronik Sunucu Sertifikas\xC4\xB1 Hizmetleri
+            "783333c9687df63377efceddd82efa9101913e8e".getBytes(),
+            // Subject: Subject: C=FR, O=DG Tr\xC3\xA9sor, CN=AC DG Tr\xC3\xA9sor SSL
+            // Issuer: C=FR, O=DGTPE, CN=AC DGTPE Signature Authentification
+            "3ecf4bbbe46096d514bb539bb913d77aa4ef31bf".getBytes()
+        ));
+
+        // attempt to augment it with values taken from gservices
+        String pubkeyBlacklist = readBlacklist(path);
+        if (!pubkeyBlacklist.equals("")) {
+            for (String value : pubkeyBlacklist.split(",")) {
+                value = value.trim();
+                if (isPubkeyHash(value)) {
+                    bl.add(value.getBytes());
+                } else {
+                    logger.log(Level.WARNING, "Tried to blacklist invalid pubkey " + value);
+                }
+            }
+        }
+
+        return bl;
+    }
+
+    public boolean isPublicKeyBlackListed(PublicKey publicKey) {
+        byte[] encoded = publicKey.getEncoded();
+        Digest digest = AndroidDigestFactory.getSHA1();
+        digest.update(encoded, 0, encoded.length);
+        byte[] out = new byte[digest.getDigestSize()];
+        digest.doFinal(out, 0);
+        for (byte[] blacklisted : pubkeyBlacklist) {
+            if (Arrays.equals(blacklisted, Hex.encode(out))) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    public boolean isSerialNumberBlackListed(BigInteger serial) {
+        return serialBlacklist.contains(serial);
+    }
+
+}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java
index c1975e7..0f783ec 100644
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java
+++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java

@@ -671,6 +671,8 @@
         {
             Object obj = iter.next();
 
+            // BEGIN Android-removed: Unknown reason
+            /*
             if (obj instanceof Store)
             {
                 Store certStore = (Store)obj;
@@ -685,6 +687,8 @@
                 }
             }
             else
+            */
+            // END Android-removed: Unknown reason
             {
                 CertStore certStore = (CertStore)obj;
 

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPrivateKey.java
index 8cd9836..1e99c86 100644
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPrivateKey.java
+++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPrivateKey.java

@@ -19,8 +19,9 @@
 import org.bouncycastle.asn1.ASN1Sequence;
 import org.bouncycastle.asn1.DERBitString;
 import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
 import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
 import org.bouncycastle.asn1.sec.ECPrivateKeyStructure;
 import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
@@ -195,6 +196,8 @@
             ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters());
             X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
 
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             if (ecP == null) // GOST Curve
             {
                 ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid);
@@ -208,6 +211,8 @@
                     gParam.getH());
             }
             else
+            */
+            // END Android-removed: Unsupported algorithms
             {
                 EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
 
@@ -317,11 +322,13 @@
 
         try
         {
-            if (algorithm.equals("ECGOST3410"))
-            {
-                info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive());
-            }
-            else
+            // BEGIN Android-removed: Unsupported algorithms
+            // if (algorithm.equals("ECGOST3410"))
+            // {
+            //     info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive());
+            // }
+            // else
+            // END Android-removed: Unsupported algorithms
             {
 
                 info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()), keyStructure.toASN1Primitive());

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPublicKey.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPublicKey.java
index da4ff8d..916f6fd 100644
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPublicKey.java
+++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEECPublicKey.java

@@ -18,9 +18,10 @@
 import org.bouncycastle.asn1.DERBitString;
 import org.bouncycastle.asn1.DERNull;
 import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
-import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
+// import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
 import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
 import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
 import org.bouncycastle.asn1.x9.X962Parameters;
@@ -33,9 +34,11 @@
 import org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
 import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
 import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil;
-import org.bouncycastle.jce.ECGOST3410NamedCurveTable;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jce.ECGOST3410NamedCurveTable;
 import org.bouncycastle.jce.interfaces.ECPointEncoder;
-import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
 import org.bouncycastle.jce.spec.ECNamedCurveSpec;
 import org.bouncycastle.math.ec.ECCurve;
 import org.bouncycastle.math.ec.custom.sec.SecP256K1Point;
@@ -49,7 +52,8 @@
     private org.bouncycastle.math.ec.ECPoint q;
     private ECParameterSpec         ecSpec;
     private boolean                 withCompression;
-    private GOST3410PublicKeyAlgParameters       gostParams;
+    // Android-removed: Unsupported algorithms
+    // private GOST3410PublicKeyAlgParameters       gostParams;
 
     public JCEECPublicKey(
         String              algorithm,
@@ -59,7 +63,8 @@
         this.q = key.q;
         this.ecSpec = key.ecSpec;
         this.withCompression = key.withCompression;
-        this.gostParams = key.gostParams;
+        // Android-removed: Unsupported algorithms
+        // this.gostParams = key.gostParams;
     }
     
     public JCEECPublicKey(
@@ -180,6 +185,8 @@
 
     private void populateFromPubKeyInfo(SubjectPublicKeyInfo info)
     {
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         if (info.getAlgorithmId().getAlgorithm().equals(CryptoProObjectIdentifiers.gostR3410_2001))
         {
             DERBitString bits = info.getPublicKeyData();
@@ -222,6 +229,8 @@
                 spec.getH());
         }
         else
+        */
+        // END Android-removed: Unsupported algorithms
         {
             X962Parameters params = new X962Parameters((ASN1Primitive)info.getAlgorithmId().getParameters());
             ECCurve                 curve;
@@ -306,6 +315,8 @@
         ASN1Encodable        params;
         SubjectPublicKeyInfo info;
 
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         if (algorithm.equals("ECGOST3410"))
         {
             if (gostParams != null)
@@ -352,6 +363,8 @@
             }
         }
         else
+        */
+        // END Android-removed: Unsupported algorithms
         {
             if (ecSpec instanceof ECNamedCurveSpec)
             {

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEElGamalPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEElGamalPrivateKey.java
deleted file mode 100644
index 6c21f87..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEElGamalPrivateKey.java
+++ /dev/null

@@ -1,165 +0,0 @@
-package org.bouncycastle.jce.provider;
-
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.math.BigInteger;
-import java.util.Enumeration;
-
-import javax.crypto.interfaces.DHPrivateKey;
-import javax.crypto.spec.DHParameterSpec;
-import javax.crypto.spec.DHPrivateKeySpec;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.oiw.ElGamalParameter;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters;
-import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil;
-import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl;
-import org.bouncycastle.jce.interfaces.ElGamalPrivateKey;
-import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
-import org.bouncycastle.jce.spec.ElGamalParameterSpec;
-import org.bouncycastle.jce.spec.ElGamalPrivateKeySpec;
-
-public class JCEElGamalPrivateKey
-    implements ElGamalPrivateKey, DHPrivateKey, PKCS12BagAttributeCarrier
-{
-    static final long serialVersionUID = 4819350091141529678L;
-        
-    BigInteger      x;
-
-    ElGamalParameterSpec   elSpec;
-
-    private PKCS12BagAttributeCarrierImpl attrCarrier = new PKCS12BagAttributeCarrierImpl();
-
-    protected JCEElGamalPrivateKey()
-    {
-    }
-
-    JCEElGamalPrivateKey(
-        ElGamalPrivateKey    key)
-    {
-        this.x = key.getX();
-        this.elSpec = key.getParameters();
-    }
-
-    JCEElGamalPrivateKey(
-        DHPrivateKey    key)
-    {
-        this.x = key.getX();
-        this.elSpec = new ElGamalParameterSpec(key.getParams().getP(), key.getParams().getG());
-    }
-    
-    JCEElGamalPrivateKey(
-        ElGamalPrivateKeySpec    spec)
-    {
-        this.x = spec.getX();
-        this.elSpec = new ElGamalParameterSpec(spec.getParams().getP(), spec.getParams().getG());
-    }
-
-    JCEElGamalPrivateKey(
-        DHPrivateKeySpec    spec)
-    {
-        this.x = spec.getX();
-        this.elSpec = new ElGamalParameterSpec(spec.getP(), spec.getG());
-    }
-    
-    JCEElGamalPrivateKey(
-        PrivateKeyInfo  info)
-        throws IOException
-    {
-        ElGamalParameter     params = ElGamalParameter.getInstance(info.getPrivateKeyAlgorithm().getParameters());
-        ASN1Integer      derX = ASN1Integer.getInstance(info.parsePrivateKey());
-
-        this.x = derX.getValue();
-        this.elSpec = new ElGamalParameterSpec(params.getP(), params.getG());
-    }
-
-    JCEElGamalPrivateKey(
-        ElGamalPrivateKeyParameters  params)
-    {
-        this.x = params.getX();
-        this.elSpec = new ElGamalParameterSpec(params.getParameters().getP(), params.getParameters().getG());
-    }
-
-    public String getAlgorithm()
-    {
-        return "ElGamal";
-    }
-
-    /**
-     * return the encoding format we produce in getEncoded().
-     *
-     * @return the string "PKCS#8"
-     */
-    public String getFormat()
-    {
-        return "PKCS#8";
-    }
-
-    /**
-     * Return a PKCS8 representation of the key. The sequence returned
-     * represents a full PrivateKeyInfo object.
-     *
-     * @return a PKCS8 representation of the key.
-     */
-    public byte[] getEncoded()
-    {
-        return KeyUtil.getEncodedPrivateKeyInfo(new AlgorithmIdentifier(OIWObjectIdentifiers.elGamalAlgorithm, new ElGamalParameter(elSpec.getP(), elSpec.getG())), new ASN1Integer(getX()));
-    }
-
-    public ElGamalParameterSpec getParameters()
-    {
-        return elSpec;
-    }
-
-    public DHParameterSpec getParams()
-    {
-        return new DHParameterSpec(elSpec.getP(), elSpec.getG());
-    }
-    
-    public BigInteger getX()
-    {
-        return x;
-    }
-
-    private void readObject(
-        ObjectInputStream   in)
-        throws IOException, ClassNotFoundException
-    {
-        x = (BigInteger)in.readObject();
-
-        this.elSpec = new ElGamalParameterSpec((BigInteger)in.readObject(), (BigInteger)in.readObject());
-    }
-
-    private void writeObject(
-        ObjectOutputStream  out)
-        throws IOException
-    {
-        out.writeObject(this.getX());
-        out.writeObject(elSpec.getP());
-        out.writeObject(elSpec.getG());
-    }
-
-    public void setBagAttribute(
-        ASN1ObjectIdentifier oid,
-        ASN1Encodable attribute)
-    {
-        attrCarrier.setBagAttribute(oid, attribute);
-    }
-
-    public ASN1Encodable getBagAttribute(
-        ASN1ObjectIdentifier oid)
-    {
-        return attrCarrier.getBagAttribute(oid);
-    }
-
-    public Enumeration getBagAttributeKeys()
-    {
-        return attrCarrier.getBagAttributeKeys();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEElGamalPublicKey.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEElGamalPublicKey.java
deleted file mode 100644
index 30780c8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/JCEElGamalPublicKey.java
+++ /dev/null

@@ -1,139 +0,0 @@
-package org.bouncycastle.jce.provider;
-
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.math.BigInteger;
-
-import javax.crypto.interfaces.DHPublicKey;
-import javax.crypto.spec.DHParameterSpec;
-import javax.crypto.spec.DHPublicKeySpec;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.oiw.ElGamalParameter;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters;
-import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil;
-import org.bouncycastle.jce.interfaces.ElGamalPublicKey;
-import org.bouncycastle.jce.spec.ElGamalParameterSpec;
-import org.bouncycastle.jce.spec.ElGamalPublicKeySpec;
-
-public class JCEElGamalPublicKey
-    implements ElGamalPublicKey, DHPublicKey
-{
-    static final long serialVersionUID = 8712728417091216948L;
-        
-    private BigInteger              y;
-    private ElGamalParameterSpec    elSpec;
-
-    JCEElGamalPublicKey(
-        ElGamalPublicKeySpec    spec)
-    {
-        this.y = spec.getY();
-        this.elSpec = new ElGamalParameterSpec(spec.getParams().getP(), spec.getParams().getG());
-    }
-
-    JCEElGamalPublicKey(
-        DHPublicKeySpec    spec)
-    {
-        this.y = spec.getY();
-        this.elSpec = new ElGamalParameterSpec(spec.getP(), spec.getG());
-    }
-    
-    JCEElGamalPublicKey(
-        ElGamalPublicKey    key)
-    {
-        this.y = key.getY();
-        this.elSpec = key.getParameters();
-    }
-
-    JCEElGamalPublicKey(
-        DHPublicKey    key)
-    {
-        this.y = key.getY();
-        this.elSpec = new ElGamalParameterSpec(key.getParams().getP(), key.getParams().getG());
-    }
-    
-    JCEElGamalPublicKey(
-        ElGamalPublicKeyParameters  params)
-    {
-        this.y = params.getY();
-        this.elSpec = new ElGamalParameterSpec(params.getParameters().getP(), params.getParameters().getG());
-    }
-
-    JCEElGamalPublicKey(
-        BigInteger              y,
-        ElGamalParameterSpec    elSpec)
-    {
-        this.y = y;
-        this.elSpec = elSpec;
-    }
-
-    JCEElGamalPublicKey(
-        SubjectPublicKeyInfo    info)
-    {
-        ElGamalParameter        params = ElGamalParameter.getInstance(info.getAlgorithm().getParameters());
-        ASN1Integer              derY = null;
-
-        try
-        {
-            derY = (ASN1Integer)info.parsePublicKey();
-        }
-        catch (IOException e)
-        {
-            throw new IllegalArgumentException("invalid info structure in DSA public key");
-        }
-
-        this.y = derY.getValue();
-        this.elSpec = new ElGamalParameterSpec(params.getP(), params.getG());
-    }
-
-    public String getAlgorithm()
-    {
-        return "ElGamal";
-    }
-
-    public String getFormat()
-    {
-        return "X.509";
-    }
-
-    public byte[] getEncoded()
-    {
-        return KeyUtil.getEncodedSubjectPublicKeyInfo(new AlgorithmIdentifier(OIWObjectIdentifiers.elGamalAlgorithm, new ElGamalParameter(elSpec.getP(), elSpec.getG())), new ASN1Integer(y));
-    }
-
-    public ElGamalParameterSpec getParameters()
-    {
-        return elSpec;
-    }
-    
-    public DHParameterSpec getParams()
-    {
-        return new DHParameterSpec(elSpec.getP(), elSpec.getG());
-    }
-
-    public BigInteger getY()
-    {
-        return y;
-    }
-
-    private void readObject(
-        ObjectInputStream   in)
-        throws IOException, ClassNotFoundException
-    {
-        this.y = (BigInteger)in.readObject();
-        this.elSpec = new ElGamalParameterSpec((BigInteger)in.readObject(), (BigInteger)in.readObject());
-    }
-
-    private void writeObject(
-        ObjectOutputStream  out)
-        throws IOException
-    {
-        out.writeObject(this.getY());
-        out.writeObject(elSpec.getP());
-        out.writeObject(elSpec.getG());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/JCERSAPrivateCrtKey.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/JCERSAPrivateCrtKey.java
deleted file mode 100644
index 40f007f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/JCERSAPrivateCrtKey.java
+++ /dev/null

@@ -1,242 +0,0 @@
-package org.bouncycastle.jce.provider;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.security.interfaces.RSAPrivateCrtKey;
-import java.security.spec.RSAPrivateCrtKeySpec;
-
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.pkcs.RSAPrivateKey;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
-import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil;
-import org.bouncycastle.util.Strings;
-
-/**
- * A provider representation for a RSA private key, with CRT factors included.
- */
-public class JCERSAPrivateCrtKey
-    extends JCERSAPrivateKey
-    implements RSAPrivateCrtKey
-{
-    static final long serialVersionUID = 7834723820638524718L;
-    
-    private BigInteger  publicExponent;
-    private BigInteger  primeP;
-    private BigInteger  primeQ;
-    private BigInteger  primeExponentP;
-    private BigInteger  primeExponentQ;
-    private BigInteger  crtCoefficient;
-
-    /**
-     * construct a private key from it's org.bouncycastle.crypto equivalent.
-     *
-     * @param key the parameters object representing the private key.
-     */
-    JCERSAPrivateCrtKey(
-        RSAPrivateCrtKeyParameters key)
-    {
-        super(key);
-
-        this.publicExponent = key.getPublicExponent();
-        this.primeP = key.getP();
-        this.primeQ = key.getQ();
-        this.primeExponentP = key.getDP();
-        this.primeExponentQ = key.getDQ();
-        this.crtCoefficient = key.getQInv();
-    }
-
-    /**
-     * construct a private key from an RSAPrivateCrtKeySpec
-     *
-     * @param spec the spec to be used in construction.
-     */
-    JCERSAPrivateCrtKey(
-        RSAPrivateCrtKeySpec spec)
-    {
-        this.modulus = spec.getModulus();
-        this.publicExponent = spec.getPublicExponent();
-        this.privateExponent = spec.getPrivateExponent();
-        this.primeP = spec.getPrimeP();
-        this.primeQ = spec.getPrimeQ();
-        this.primeExponentP = spec.getPrimeExponentP();
-        this.primeExponentQ = spec.getPrimeExponentQ();
-        this.crtCoefficient = spec.getCrtCoefficient();
-    }
-
-    /**
-     * construct a private key from another RSAPrivateCrtKey.
-     *
-     * @param key the object implementing the RSAPrivateCrtKey interface.
-     */
-    JCERSAPrivateCrtKey(
-        RSAPrivateCrtKey key)
-    {
-        this.modulus = key.getModulus();
-        this.publicExponent = key.getPublicExponent();
-        this.privateExponent = key.getPrivateExponent();
-        this.primeP = key.getPrimeP();
-        this.primeQ = key.getPrimeQ();
-        this.primeExponentP = key.getPrimeExponentP();
-        this.primeExponentQ = key.getPrimeExponentQ();
-        this.crtCoefficient = key.getCrtCoefficient();
-    }
-
-    /**
-     * construct an RSA key from a private key info object.
-     */
-    JCERSAPrivateCrtKey(
-        PrivateKeyInfo  info)
-        throws IOException
-    {
-        this(org.bouncycastle.asn1.pkcs.RSAPrivateKey.getInstance(info.parsePrivateKey()));
-    }
-
-    /**
-     * construct an RSA key from a ASN.1 RSA private key object.
-     */
-    JCERSAPrivateCrtKey(
-        RSAPrivateKey  key)
-    {
-        this.modulus = key.getModulus();
-        this.publicExponent = key.getPublicExponent();
-        this.privateExponent = key.getPrivateExponent();
-        this.primeP = key.getPrime1();
-        this.primeQ = key.getPrime2();
-        this.primeExponentP = key.getExponent1();
-        this.primeExponentQ = key.getExponent2();
-        this.crtCoefficient = key.getCoefficient();
-    }
-
-    /**
-     * return the encoding format we produce in getEncoded().
-     *
-     * @return the encoding format we produce in getEncoded().
-     */
-    public String getFormat()
-    {
-        return "PKCS#8";
-    }
-
-    /**
-     * Return a PKCS8 representation of the key. The sequence returned
-     * represents a full PrivateKeyInfo object.
-     *
-     * @return a PKCS8 representation of the key.
-     */
-    public byte[] getEncoded()
-    {
-        return KeyUtil.getEncodedPrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new RSAPrivateKey(getModulus(), getPublicExponent(), getPrivateExponent(), getPrimeP(), getPrimeQ(), getPrimeExponentP(), getPrimeExponentQ(), getCrtCoefficient()));
-    }
-
-    /**
-     * return the public exponent.
-     *
-     * @return the public exponent.
-     */
-    public BigInteger getPublicExponent()
-    {
-        return publicExponent;
-    }
-
-    /**
-     * return the prime P.
-     *
-     * @return the prime P.
-     */
-    public BigInteger getPrimeP()
-    {
-        return primeP;
-    }
-
-    /**
-     * return the prime Q.
-     *
-     * @return the prime Q.
-     */
-    public BigInteger getPrimeQ()
-    {
-        return primeQ;
-    }
-
-    /**
-     * return the prime exponent for P.
-     *
-     * @return the prime exponent for P.
-     */
-    public BigInteger getPrimeExponentP()
-    {
-        return primeExponentP;
-    }
-
-    /**
-     * return the prime exponent for Q.
-     *
-     * @return the prime exponent for Q.
-     */
-    public BigInteger getPrimeExponentQ()
-    {
-        return primeExponentQ;
-    }
-
-    /**
-     * return the CRT coefficient.
-     *
-     * @return the CRT coefficient.
-     */
-    public BigInteger getCrtCoefficient()
-    {
-        return crtCoefficient;
-    }
-
-    public int hashCode()
-    {
-        return this.getModulus().hashCode()
-               ^ this.getPublicExponent().hashCode()
-               ^ this.getPrivateExponent().hashCode();
-    }
-
-    public boolean equals(Object o)
-    {
-        if (o == this)
-        {
-            return true;
-        }
-
-        if (!(o instanceof RSAPrivateCrtKey))
-        {
-            return false;
-        }
-
-        RSAPrivateCrtKey key = (RSAPrivateCrtKey)o;
-
-        return this.getModulus().equals(key.getModulus())
-         && this.getPublicExponent().equals(key.getPublicExponent())
-         && this.getPrivateExponent().equals(key.getPrivateExponent())
-         && this.getPrimeP().equals(key.getPrimeP())
-         && this.getPrimeQ().equals(key.getPrimeQ())
-         && this.getPrimeExponentP().equals(key.getPrimeExponentP())
-         && this.getPrimeExponentQ().equals(key.getPrimeExponentQ())
-         && this.getCrtCoefficient().equals(key.getCrtCoefficient());
-    }
-
-    public String toString()
-    {
-        StringBuffer    buf = new StringBuffer();
-        String          nl = Strings.lineSeparator();
-
-        buf.append("RSA Private CRT Key").append(nl);
-        buf.append("            modulus: ").append(this.getModulus().toString(16)).append(nl);
-        buf.append("    public exponent: ").append(this.getPublicExponent().toString(16)).append(nl);
-        buf.append("   private exponent: ").append(this.getPrivateExponent().toString(16)).append(nl);
-        buf.append("             primeP: ").append(this.getPrimeP().toString(16)).append(nl);
-        buf.append("             primeQ: ").append(this.getPrimeQ().toString(16)).append(nl);
-        buf.append("     primeExponentP: ").append(this.getPrimeExponentP().toString(16)).append(nl);
-        buf.append("     primeExponentQ: ").append(this.getPrimeExponentQ().toString(16)).append(nl);
-        buf.append("     crtCoefficient: ").append(this.getCrtCoefficient().toString(16)).append(nl);
-
-        return buf.toString();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/JCERSAPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/JCERSAPrivateKey.java
deleted file mode 100644
index 7529b41..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/JCERSAPrivateKey.java
+++ /dev/null

@@ -1,146 +0,0 @@
-package org.bouncycastle.jce.provider;
-
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.math.BigInteger;
-import java.security.interfaces.RSAPrivateKey;
-import java.security.spec.RSAPrivateKeySpec;
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil;
-import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl;
-import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
-
-public class JCERSAPrivateKey
-    implements RSAPrivateKey, PKCS12BagAttributeCarrier
-{
-    static final long serialVersionUID = 5110188922551353628L;
-
-    private static BigInteger ZERO = BigInteger.valueOf(0);
-
-    protected BigInteger modulus;
-    protected BigInteger privateExponent;
-
-    private transient PKCS12BagAttributeCarrierImpl attrCarrier = new PKCS12BagAttributeCarrierImpl();
-
-    protected JCERSAPrivateKey()
-    {
-    }
-
-    JCERSAPrivateKey(
-        RSAKeyParameters key)
-    {
-        this.modulus = key.getModulus();
-        this.privateExponent = key.getExponent();
-    }
-
-    JCERSAPrivateKey(
-        RSAPrivateKeySpec spec)
-    {
-        this.modulus = spec.getModulus();
-        this.privateExponent = spec.getPrivateExponent();
-    }
-
-    JCERSAPrivateKey(
-        RSAPrivateKey key)
-    {
-        this.modulus = key.getModulus();
-        this.privateExponent = key.getPrivateExponent();
-    }
-
-    public BigInteger getModulus()
-    {
-        return modulus;
-    }
-
-    public BigInteger getPrivateExponent()
-    {
-        return privateExponent;
-    }
-
-    public String getAlgorithm()
-    {
-        return "RSA";
-    }
-
-    public String getFormat()
-    {
-        return "PKCS#8";
-    }
-
-    public byte[] getEncoded()
-    {
-        return KeyUtil.getEncodedPrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new org.bouncycastle.asn1.pkcs.RSAPrivateKey(getModulus(), ZERO, getPrivateExponent(), ZERO, ZERO, ZERO, ZERO, ZERO));
-    }
-
-    public boolean equals(Object o)
-    {
-        if (!(o instanceof RSAPrivateKey))
-        {
-            return false;
-        }
-
-        if (o == this)
-        {
-            return true;
-        }
-
-        RSAPrivateKey key = (RSAPrivateKey)o;
-
-        return getModulus().equals(key.getModulus())
-            && getPrivateExponent().equals(key.getPrivateExponent());
-    }
-
-    public int hashCode()
-    {
-        return getModulus().hashCode() ^ getPrivateExponent().hashCode();
-    }
-
-    public void setBagAttribute(
-        ASN1ObjectIdentifier oid,
-        ASN1Encodable        attribute)
-    {
-        attrCarrier.setBagAttribute(oid, attribute);
-    }
-
-    public ASN1Encodable getBagAttribute(
-        ASN1ObjectIdentifier oid)
-    {
-        return attrCarrier.getBagAttribute(oid);
-    }
-
-    public Enumeration getBagAttributeKeys()
-    {
-        return attrCarrier.getBagAttributeKeys();
-    }
-
-    private void readObject(
-        ObjectInputStream   in)
-        throws IOException, ClassNotFoundException
-    {
-        this.modulus = (BigInteger)in.readObject();
-        this.attrCarrier = new PKCS12BagAttributeCarrierImpl();
-        
-        attrCarrier.readObject(in);
-
-        this.privateExponent = (BigInteger)in.readObject();
-    }
-
-    private void writeObject(
-        ObjectOutputStream  out)
-        throws IOException
-    {
-        out.writeObject(modulus);
-
-        attrCarrier.writeObject(out);
-
-        out.writeObject(privateExponent);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/JCERSAPublicKey.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/JCERSAPublicKey.java
deleted file mode 100644
index adf0e3e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/JCERSAPublicKey.java
+++ /dev/null

@@ -1,130 +0,0 @@
-package org.bouncycastle.jce.provider;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.security.interfaces.RSAPublicKey;
-import java.security.spec.RSAPublicKeySpec;
-
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.params.RSAKeyParameters;
-import org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil;
-import org.bouncycastle.util.Strings;
-
-public class JCERSAPublicKey
-    implements RSAPublicKey
-{
-    static final long serialVersionUID = 2675817738516720772L;
-    
-    private BigInteger modulus;
-    private BigInteger publicExponent;
-
-    JCERSAPublicKey(
-        RSAKeyParameters key)
-    {
-        this.modulus = key.getModulus();
-        this.publicExponent = key.getExponent();
-    }
-
-    JCERSAPublicKey(
-        RSAPublicKeySpec spec)
-    {
-        this.modulus = spec.getModulus();
-        this.publicExponent = spec.getPublicExponent();
-    }
-
-    JCERSAPublicKey(
-        RSAPublicKey key)
-    {
-        this.modulus = key.getModulus();
-        this.publicExponent = key.getPublicExponent();
-    }
-
-    JCERSAPublicKey(
-        SubjectPublicKeyInfo    info)
-    {
-        try
-        {
-            org.bouncycastle.asn1.pkcs.RSAPublicKey   pubKey = org.bouncycastle.asn1.pkcs.RSAPublicKey.getInstance(info.parsePublicKey());
-
-            this.modulus = pubKey.getModulus();
-            this.publicExponent = pubKey.getPublicExponent();
-        }
-        catch (IOException e)
-        {
-            throw new IllegalArgumentException("invalid info structure in RSA public key");
-        }
-    }
-
-    /**
-     * return the modulus.
-     *
-     * @return the modulus.
-     */
-    public BigInteger getModulus()
-    {
-        return modulus;
-    }
-
-    /**
-     * return the public exponent.
-     *
-     * @return the public exponent.
-     */
-    public BigInteger getPublicExponent()
-    {
-        return publicExponent;
-    }
-
-    public String getAlgorithm()
-    {
-        return "RSA";
-    }
-
-    public String getFormat()
-    {
-        return "X.509";
-    }
-
-    public byte[] getEncoded()
-    {
-        return KeyUtil.getEncodedSubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new org.bouncycastle.asn1.pkcs.RSAPublicKey(getModulus(), getPublicExponent()));
-    }
-
-    public int hashCode()
-    {
-        return this.getModulus().hashCode() ^ this.getPublicExponent().hashCode();
-    }
-
-    public boolean equals(Object o)
-    {
-        if (o == this)
-        {
-            return true;
-        }
-
-        if (!(o instanceof RSAPublicKey))
-        {
-            return false;
-        }
-
-        RSAPublicKey key = (RSAPublicKey)o;
-
-        return getModulus().equals(key.getModulus())
-            && getPublicExponent().equals(key.getPublicExponent());
-    }
-
-    public String toString()
-    {
-        StringBuffer    buf = new StringBuffer();
-        String          nl = Strings.lineSeparator();
-
-        buf.append("RSA Public Key").append(nl);
-        buf.append("            modulus: ").append(this.getModulus().toString(16)).append(nl);
-        buf.append("    public exponent: ").append(this.getPublicExponent().toString(16)).append(nl);
-
-        return buf.toString();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/MultiCertStoreSpi.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/MultiCertStoreSpi.java
deleted file mode 100644
index cf3d15d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/MultiCertStoreSpi.java
+++ /dev/null

@@ -1,85 +0,0 @@
-package org.bouncycastle.jce.provider;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.cert.CRLSelector;
-import java.security.cert.CertSelector;
-import java.security.cert.CertStore;
-import java.security.cert.CertStoreException;
-import java.security.cert.CertStoreParameters;
-import java.security.cert.CertStoreSpi;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.Iterator;
-import java.util.List;
-
-import org.bouncycastle.jce.MultiCertStoreParameters;
-
-public class MultiCertStoreSpi
-    extends CertStoreSpi
-{
-    private MultiCertStoreParameters params;
-
-    public MultiCertStoreSpi(CertStoreParameters params)
-        throws InvalidAlgorithmParameterException
-    {
-        super(params);
-
-        if (!(params instanceof MultiCertStoreParameters))
-        {
-            throw new InvalidAlgorithmParameterException("org.bouncycastle.jce.provider.MultiCertStoreSpi: parameter must be a MultiCertStoreParameters object\n" +  params.toString());
-        }
-
-        this.params = (MultiCertStoreParameters)params;
-    }
-
-    public Collection engineGetCertificates(CertSelector certSelector)
-        throws CertStoreException
-    {
-        boolean searchAllStores = params.getSearchAllStores();
-        Iterator iter = params.getCertStores().iterator();
-        List allCerts = searchAllStores ? new ArrayList() : Collections.EMPTY_LIST;
-
-        while (iter.hasNext())
-        {
-            CertStore store = (CertStore)iter.next();
-            Collection certs = store.getCertificates(certSelector);
-
-            if (searchAllStores)
-            {
-                allCerts.addAll(certs);
-            }
-            else if (!certs.isEmpty())
-            {
-                return certs;
-            }
-        }
-
-        return allCerts;
-    }
-
-    public Collection engineGetCRLs(CRLSelector crlSelector)
-        throws CertStoreException
-    {
-        boolean searchAllStores = params.getSearchAllStores();
-        Iterator iter = params.getCertStores().iterator();
-        List allCRLs = searchAllStores ? new ArrayList() : Collections.EMPTY_LIST;
-        
-        while (iter.hasNext())
-        {
-            CertStore store = (CertStore)iter.next();
-            Collection crls = store.getCRLs(crlSelector);
-
-            if (searchAllStores)
-            {
-                allCRLs.addAll(crls);
-            }
-            else if (!crls.isEmpty())
-            {
-                return crls;
-            }
-        }
-
-        return allCRLs;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXAttrCertPathBuilderSpi.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXAttrCertPathBuilderSpi.java
deleted file mode 100644
index bcc258c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXAttrCertPathBuilderSpi.java
+++ /dev/null

@@ -1,361 +0,0 @@
-package org.bouncycastle.jce.provider;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.Principal;
-import java.security.cert.CertPath;
-import java.security.cert.CertPathBuilderException;
-import java.security.cert.CertPathBuilderResult;
-import java.security.cert.CertPathBuilderSpi;
-import java.security.cert.CertPathParameters;
-import java.security.cert.CertPathValidator;
-import java.security.cert.CertStore;
-import java.security.cert.CertStoreException;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.CertificateParsingException;
-import java.security.cert.PKIXBuilderParameters;
-import java.security.cert.PKIXCertPathBuilderResult;
-import java.security.cert.PKIXCertPathValidatorResult;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Set;
-
-import javax.security.auth.x500.X500Principal;
-
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.jcajce.PKIXCertStoreSelector;
-import org.bouncycastle.jcajce.PKIXExtendedBuilderParameters;
-import org.bouncycastle.jce.exception.ExtCertPathBuilderException;
-import org.bouncycastle.util.Encodable;
-import org.bouncycastle.util.Selector;
-import org.bouncycastle.util.Store;
-import org.bouncycastle.util.StoreException;
-import org.bouncycastle.x509.ExtendedPKIXBuilderParameters;
-import org.bouncycastle.x509.ExtendedPKIXParameters;
-import org.bouncycastle.x509.X509AttributeCertStoreSelector;
-import org.bouncycastle.x509.X509AttributeCertificate;
-import org.bouncycastle.x509.X509CertStoreSelector;
-import org.bouncycastle.x509.X509Store;
-
-public class PKIXAttrCertPathBuilderSpi
-    extends CertPathBuilderSpi
-{
-
-    /**
-     * Build and validate a CertPath using the given parameter.
-     * 
-     * @param params PKIXBuilderParameters object containing all information to
-     *            build the CertPath
-     */
-    public CertPathBuilderResult engineBuild(CertPathParameters params)
-            throws CertPathBuilderException, InvalidAlgorithmParameterException
-    {
-        if (!(params instanceof PKIXBuilderParameters)
-                && !(params instanceof ExtendedPKIXBuilderParameters)
-                && !(params instanceof PKIXExtendedBuilderParameters))
-        {
-            throw new InvalidAlgorithmParameterException(
-                    "Parameters must be an instance of "
-                            + PKIXBuilderParameters.class.getName() + " or "
-                            + PKIXExtendedBuilderParameters.class.getName()
-                            + ".");
-        }
-
-        List targetStores = new ArrayList();
-
-        PKIXExtendedBuilderParameters paramsPKIX;
-        if (params instanceof PKIXBuilderParameters)
-        {
-            PKIXExtendedBuilderParameters.Builder paramsPKIXBldr = new PKIXExtendedBuilderParameters.Builder((PKIXBuilderParameters)params);
-
-            if (params instanceof ExtendedPKIXParameters)
-            {
-                ExtendedPKIXBuilderParameters extPKIX = (ExtendedPKIXBuilderParameters)params;
-
-                paramsPKIXBldr.addExcludedCerts(extPKIX.getExcludedCerts());
-                paramsPKIXBldr.setMaxPathLength(extPKIX.getMaxPathLength());
-                targetStores = extPKIX.getStores();
-            }
-
-            paramsPKIX = paramsPKIXBldr.build();
-        }
-        else
-        {
-            paramsPKIX = (PKIXExtendedBuilderParameters)params;
-        }
-
-        Collection targets;
-        Iterator targetIter;
-        List certPathList = new ArrayList();
-        X509AttributeCertificate cert;
-
-        // search target certificates
-
-        Selector certSelect = paramsPKIX.getBaseParameters().getTargetConstraints();
-        if (!(certSelect instanceof X509AttributeCertStoreSelector))
-        {
-            throw new CertPathBuilderException(
-                    "TargetConstraints must be an instance of "
-                            + X509AttributeCertStoreSelector.class.getName()
-                            + " for "+this.getClass().getName()+" class.");
-        }
-
-
-        try
-        {
-            targets = findCertificates((X509AttributeCertStoreSelector)certSelect, targetStores);
-        }
-        catch (AnnotatedException e)
-        {
-            throw new ExtCertPathBuilderException("Error finding target attribute certificate.", e);
-        }
-
-        if (targets.isEmpty())
-        {
-            throw new CertPathBuilderException(
-                    "No attribute certificate found matching targetContraints.");
-        }
-
-        CertPathBuilderResult result = null;
-
-        // check all potential target certificates
-        targetIter = targets.iterator();
-        while (targetIter.hasNext() && result == null)
-        {
-            cert = (X509AttributeCertificate) targetIter.next();
-            
-            X509CertStoreSelector selector = new X509CertStoreSelector();
-            Principal[] principals = cert.getIssuer().getPrincipals();
-            Set issuers = new HashSet();
-            for (int i = 0; i < principals.length; i++)
-            {
-                try
-                {
-                    if (principals[i] instanceof X500Principal)
-                    {
-                        selector.setSubject(((X500Principal)principals[i]).getEncoded());
-                    }
-                    PKIXCertStoreSelector certStoreSelector = new PKIXCertStoreSelector.Builder(selector).build();
-                    issuers.addAll(CertPathValidatorUtilities.findCertificates(certStoreSelector, paramsPKIX.getBaseParameters().getCertStores()));
-                    issuers.addAll(CertPathValidatorUtilities.findCertificates(certStoreSelector, paramsPKIX.getBaseParameters().getCertificateStores()));
-                }
-                catch (AnnotatedException e)
-                {
-                    throw new ExtCertPathBuilderException(
-                        "Public key certificate for attribute certificate cannot be searched.",
-                        e);
-                }
-                catch (IOException e)
-                {
-                    throw new ExtCertPathBuilderException(
-                        "cannot encode X500Principal.",
-                        e);
-                }
-            }
-            if (issuers.isEmpty())
-            {
-                throw new CertPathBuilderException(
-                    "Public key certificate for attribute certificate cannot be found.");
-            }
-            Iterator it = issuers.iterator();
-            while (it.hasNext() && result == null)
-            {
-                result = build(cert, (X509Certificate)it.next(), paramsPKIX, certPathList);
-            }
-        }
-
-        if (result == null && certPathException != null)
-        {
-            throw new ExtCertPathBuilderException(
-                                    "Possible certificate chain could not be validated.",
-                                    certPathException);
-        }
-
-        if (result == null && certPathException == null)
-        {
-            throw new CertPathBuilderException(
-                    "Unable to find certificate chain.");
-        }
-
-        return result;
-    }
-
-    private Exception certPathException;
-
-    private CertPathBuilderResult build(X509AttributeCertificate attrCert, X509Certificate tbvCert,
-            PKIXExtendedBuilderParameters pkixParams, List tbvPath)
-
-    {
-        // If tbvCert is readily present in tbvPath, it indicates having run
-        // into a cycle in the
-        // PKI graph.
-        if (tbvPath.contains(tbvCert))
-        {
-            return null;
-        }
-        // step out, the certificate is not allowed to appear in a certification
-        // chain
-        if (pkixParams.getExcludedCerts().contains(tbvCert))
-        {
-            return null;
-        }
-        // test if certificate path exceeds maximum length
-        if (pkixParams.getMaxPathLength() != -1)
-        {
-            if (tbvPath.size() - 1 > pkixParams.getMaxPathLength())
-            {
-                return null;
-            }
-        }
-
-        tbvPath.add(tbvCert);
-
-        CertificateFactory cFact;
-        CertPathValidator validator;
-        CertPathBuilderResult builderResult = null;
-
-        try
-        {
-            cFact = CertificateFactory.getInstance("X.509", BouncyCastleProvider.PROVIDER_NAME);
-            validator = CertPathValidator.getInstance("RFC3281", BouncyCastleProvider.PROVIDER_NAME);
-        }
-        catch (Exception e)
-        {
-            // cannot happen
-            throw new RuntimeException(
-                            "Exception creating support classes.");
-        }
-
-        try
-        {
-            // check whether the issuer of <tbvCert> is a TrustAnchor
-            if (CertPathValidatorUtilities.isIssuerTrustAnchor(tbvCert, pkixParams.getBaseParameters().getTrustAnchors(),
-                pkixParams.getBaseParameters().getSigProvider()))
-            {
-                CertPath certPath;
-                PKIXCertPathValidatorResult result;
-                try
-                {
-                    certPath = cFact.generateCertPath(tbvPath);
-                }
-                catch (Exception e)
-                {
-                    throw new AnnotatedException(
-                                            "Certification path could not be constructed from certificate list.",
-                                            e);
-                }
-
-                try
-                {
-                    result = (PKIXCertPathValidatorResult) validator.validate(
-                            certPath, pkixParams);
-                }
-                catch (Exception e)
-                {
-                    throw new AnnotatedException(
-                                            "Certification path could not be validated.",
-                                            e);
-                }
-
-                return new PKIXCertPathBuilderResult(certPath, result
-                        .getTrustAnchor(), result.getPolicyTree(), result
-                        .getPublicKey());
-
-            }
-            else
-            {
-                List stores = new ArrayList();
-
-                stores.addAll(pkixParams.getBaseParameters().getCertificateStores());
-                // add additional X.509 stores from locations in certificate
-                try
-                {
-                    stores.addAll(CertPathValidatorUtilities.getAdditionalStoresFromAltNames(tbvCert.getExtensionValue(Extension.issuerAlternativeName.getId()), pkixParams.getBaseParameters().getNamedCertificateStoreMap()));
-                }
-                catch (CertificateParsingException e)
-                {
-                    throw new AnnotatedException(
-                                            "No additional X.509 stores can be added from certificate locations.",
-                                            e);
-                }
-                Collection issuers = new HashSet();
-                // try to get the issuer certificate from one
-                // of the stores
-                try
-                {
-                    issuers.addAll(CertPathValidatorUtilities.findIssuerCerts(tbvCert, pkixParams.getBaseParameters().getCertStores(), stores));
-                }
-                catch (AnnotatedException e)
-                {
-                    throw new AnnotatedException(
-                                            "Cannot find issuer certificate for certificate in certification path.",
-                                            e);
-                }
-                if (issuers.isEmpty())
-                {
-                    throw new AnnotatedException(
-                            "No issuer certificate for certificate in certification path found.");
-                }
-                Iterator it = issuers.iterator();
-
-                while (it.hasNext() && builderResult == null)
-                {
-                    X509Certificate issuer = (X509Certificate) it.next();
-                    // TODO Use CertPathValidatorUtilities.isSelfIssued(issuer)?
-                    // if untrusted self signed certificate continue
-                    if (issuer.getIssuerX500Principal().equals(
-                            issuer.getSubjectX500Principal()))
-                    {
-                        continue;
-                    }
-                    builderResult = build(attrCert, issuer, pkixParams, tbvPath);
-                }
-            }
-        }
-        catch (AnnotatedException e)
-        {
-            certPathException = new AnnotatedException(
-                            "No valid certification path could be build.", e);
-        }
-        if (builderResult == null)
-        {
-            tbvPath.remove(tbvCert);
-        }
-        return builderResult;
-    }
-
-    protected static Collection findCertificates(X509AttributeCertStoreSelector certSelect,
-                                                     List certStores)
-        throws AnnotatedException
-    {
-        Set certs = new HashSet();
-        Iterator iter = certStores.iterator();
-
-        while (iter.hasNext())
-        {
-            Object obj = iter.next();
-
-            if (obj instanceof Store)
-            {
-                Store certStore = (Store)obj;
-                try
-                {
-                    certs.addAll(certStore.getMatches(certSelect));
-                }
-                catch (StoreException e)
-                {
-                    throw new AnnotatedException(
-                            "Problem while picking certificates from X.509 store.", e);
-                }
-            }
-        }
-        return certs;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXAttrCertPathValidatorSpi.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXAttrCertPathValidatorSpi.java
deleted file mode 100644
index ee72703..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXAttrCertPathValidatorSpi.java
+++ /dev/null

@@ -1,137 +0,0 @@
-package org.bouncycastle.jce.provider;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.Provider;
-import java.security.Security;
-import java.security.cert.CertPath;
-import java.security.cert.CertPathParameters;
-import java.security.cert.CertPathValidatorException;
-import java.security.cert.CertPathValidatorResult;
-import java.security.cert.CertPathValidatorSpi;
-import java.security.cert.PKIXParameters;
-import java.security.cert.X509Certificate;
-import java.util.Date;
-import java.util.HashSet;
-import java.util.Set;
-
-import org.bouncycastle.jcajce.PKIXExtendedParameters;
-import org.bouncycastle.jcajce.util.BCJcaJceHelper;
-import org.bouncycastle.jcajce.util.JcaJceHelper;
-import org.bouncycastle.jce.exception.ExtCertPathValidatorException;
-import org.bouncycastle.util.Selector;
-import org.bouncycastle.x509.ExtendedPKIXParameters;
-import org.bouncycastle.x509.X509AttributeCertStoreSelector;
-import org.bouncycastle.x509.X509AttributeCertificate;
-
-/**
- * CertPathValidatorSpi implementation for X.509 Attribute Certificates la RFC 3281.
- * 
- * @see org.bouncycastle.x509.ExtendedPKIXParameters
- */
-public class PKIXAttrCertPathValidatorSpi
-    extends CertPathValidatorSpi
-{
-    private final JcaJceHelper helper = new BCJcaJceHelper();
-
-    public PKIXAttrCertPathValidatorSpi()
-    {
-    }
-
-    /**
-     * Validates an attribute certificate with the given certificate path.
-     * 
-     * <p>
-     * <code>params</code> must be an instance of
-     * <code>ExtendedPKIXParameters</code>.
-     * <p>
-     * The target constraints in the <code>params</code> must be an
-     * <code>X509AttributeCertStoreSelector</code> with at least the attribute
-     * certificate criterion set. Obey that also target informations may be
-     * necessary to correctly validate this attribute certificate.
-     * <p>
-     * The attribute certificate issuer must be added to the trusted attribute
-     * issuers with {@link org.bouncycastle.x509.ExtendedPKIXParameters#setTrustedACIssuers(java.util.Set)}.
-     * 
-     * @param certPath The certificate path which belongs to the attribute
-     *            certificate issuer public key certificate.
-     * @param params The PKIX parameters.
-     * @return A <code>PKIXCertPathValidatorResult</code> of the result of
-     *         validating the <code>certPath</code>.
-     * @throws java.security.InvalidAlgorithmParameterException if <code>params</code> is
-     *             inappropriate for this validator.
-     * @throws java.security.cert.CertPathValidatorException if the verification fails.
-     */
-    public CertPathValidatorResult engineValidate(CertPath certPath,
-        CertPathParameters params) throws CertPathValidatorException,
-        InvalidAlgorithmParameterException
-    {
-        if (!(params instanceof ExtendedPKIXParameters || params instanceof PKIXExtendedParameters))
-        {
-            throw new InvalidAlgorithmParameterException(
-                "Parameters must be a "
-                    + ExtendedPKIXParameters.class.getName() + " instance.");
-        }
-        Set attrCertCheckers = new HashSet();
-        Set prohibitedACAttrbiutes = new HashSet();
-        Set necessaryACAttributes = new HashSet();
-        Set trustedACIssuers = new HashSet();
-
-        PKIXExtendedParameters paramsPKIX;
-        if (params instanceof PKIXParameters)
-        {
-            PKIXExtendedParameters.Builder paramsPKIXBldr = new PKIXExtendedParameters.Builder((PKIXParameters)params);
-
-            if (params instanceof ExtendedPKIXParameters)
-            {
-                ExtendedPKIXParameters extPKIX = (ExtendedPKIXParameters)params;
-
-                paramsPKIXBldr.setUseDeltasEnabled(extPKIX.isUseDeltasEnabled());
-                paramsPKIXBldr.setValidityModel(extPKIX.getValidityModel());
-                attrCertCheckers = extPKIX.getAttrCertCheckers();
-                prohibitedACAttrbiutes = extPKIX.getProhibitedACAttributes();
-                necessaryACAttributes = extPKIX.getNecessaryACAttributes();
-            }
-
-            paramsPKIX = paramsPKIXBldr.build();
-        }
-        else
-        {
-            paramsPKIX = (PKIXExtendedParameters)params;
-        }
-
-        Selector certSelect = paramsPKIX.getTargetConstraints();
-        if (!(certSelect instanceof X509AttributeCertStoreSelector))
-        {
-            throw new InvalidAlgorithmParameterException(
-                "TargetConstraints must be an instance of "
-                    + X509AttributeCertStoreSelector.class.getName() + " for "
-                    + this.getClass().getName() + " class.");
-        }
-
-        X509AttributeCertificate attrCert = ((X509AttributeCertStoreSelector) certSelect)
-            .getAttributeCert();
-
-        CertPath holderCertPath = RFC3281CertPathUtilities.processAttrCert1(attrCert, paramsPKIX);
-        CertPathValidatorResult result = RFC3281CertPathUtilities.processAttrCert2(certPath, paramsPKIX);
-        X509Certificate issuerCert = (X509Certificate) certPath
-            .getCertificates().get(0);
-        RFC3281CertPathUtilities.processAttrCert3(issuerCert, paramsPKIX);
-        RFC3281CertPathUtilities.processAttrCert4(issuerCert, trustedACIssuers);
-        RFC3281CertPathUtilities.processAttrCert5(attrCert, paramsPKIX);
-        // 6 already done in X509AttributeCertStoreSelector
-        RFC3281CertPathUtilities.processAttrCert7(attrCert, certPath, holderCertPath, paramsPKIX, attrCertCheckers);
-        RFC3281CertPathUtilities.additionalChecks(attrCert, prohibitedACAttrbiutes, necessaryACAttributes);
-        Date date = null;
-        try
-        {
-            date = CertPathValidatorUtilities.getValidCertDateFromValidityModel(paramsPKIX, null, -1);
-        }
-        catch (AnnotatedException e)
-        {
-            throw new ExtCertPathValidatorException(
-                "Could not get validity date from attribute certificate.", e);
-        }
-        RFC3281CertPathUtilities.checkCRLs(attrCert, paramsPKIX, issuerCert, date, certPath.getCertificates(), helper);
-        return result;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCRLUtil.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCRLUtil.java
index f43e185..97a38ac 100644
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCRLUtil.java
+++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCRLUtil.java

@@ -88,6 +88,8 @@
         {
             Object obj = iter.next();
 
+            // BEGIN Android-removed: Unknown reason
+            /*
             if (obj instanceof Store)
             {
                 Store store = (Store)obj;
@@ -104,6 +106,8 @@
                 }
             }
             else
+            */
+            // END Android-removed: Unknown reason
             {
                 CertStore store = (CertStore)obj;
 

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java
index 9da3425..1665952 100644
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java
+++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java

@@ -45,6 +45,11 @@
     public PKIXCertPathValidatorSpi()
     {
     }
+    // BEGIN Android-added: Avoid loading blacklist during class init
+    private static class NoPreloadHolder {
+        private final static CertBlacklist blacklist = new CertBlacklist();
+    }
+    // END Android-added: Avoid loading blacklist during class init
 
     public CertPathValidatorResult engineValidate(
             CertPath certPath,
@@ -100,6 +105,22 @@
         {
             throw new CertPathValidatorException("Certification path is empty.", null, certPath, -1);
         }
+        // BEGIN Android-added: Support blacklisting known-bad certs
+        {
+            X509Certificate cert = (X509Certificate) certs.get(0);
+
+            if (cert != null) {
+                BigInteger serial = cert.getSerialNumber();
+                if (NoPreloadHolder.blacklist.isSerialNumberBlackListed(serial)) {
+                    // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs
+                    String message = "Certificate revocation of serial 0x" + serial.toString(16);
+                    System.out.println(message);
+                    AnnotatedException e = new AnnotatedException(message);
+                    throw new CertPathValidatorException(e.getMessage(), e, certPath, 0);
+                }
+            }
+        }
+        // END Android-added: Support blacklisting known-bad certs
 
         //
         // (b)
@@ -281,6 +302,15 @@
 
         for (index = certs.size() - 1; index >= 0; index--)
         {
+            // BEGIN Android-added: Support blacklisting known-bad certs
+            if (NoPreloadHolder.blacklist.isPublicKeyBlackListed(workingPublicKey)) {
+                // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs
+                String message = "Certificate revocation of public key " + workingPublicKey;
+                System.out.println(message);
+                AnnotatedException e = new AnnotatedException(message);
+                throw new CertPathValidatorException(e.getMessage(), e, certPath, index);
+            }
+            // END Android-added: Support blacklisting known-bad certs
             // try
             // {
             //

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/RFC3281CertPathUtilities.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/RFC3281CertPathUtilities.java
deleted file mode 100644
index ea026c7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/RFC3281CertPathUtilities.java
+++ /dev/null

@@ -1,718 +0,0 @@
-package org.bouncycastle.jce.provider;
-
-import java.io.IOException;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.Principal;
-import java.security.PublicKey;
-import java.security.cert.CertPath;
-import java.security.cert.CertPathBuilder;
-import java.security.cert.CertPathBuilderException;
-import java.security.cert.CertPathBuilderResult;
-import java.security.cert.CertPathValidator;
-import java.security.cert.CertPathValidatorException;
-import java.security.cert.CertPathValidatorResult;
-import java.security.cert.CertificateExpiredException;
-import java.security.cert.CertificateNotYetValidException;
-import java.security.cert.TrustAnchor;
-import java.security.cert.X509CRL;
-import java.security.cert.X509CertSelector;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Date;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Set;
-
-import javax.security.auth.x500.X500Principal;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.x509.CRLDistPoint;
-import org.bouncycastle.asn1.x509.CRLReason;
-import org.bouncycastle.asn1.x509.DistributionPoint;
-import org.bouncycastle.asn1.x509.DistributionPointName;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.GeneralNames;
-import org.bouncycastle.asn1.x509.TargetInformation;
-import org.bouncycastle.asn1.x509.X509Extensions;
-import org.bouncycastle.jcajce.PKIXCRLStore;
-import org.bouncycastle.jcajce.PKIXCertStoreSelector;
-import org.bouncycastle.jcajce.PKIXExtendedBuilderParameters;
-import org.bouncycastle.jcajce.PKIXExtendedParameters;
-import org.bouncycastle.jcajce.util.JcaJceHelper;
-import org.bouncycastle.jce.exception.ExtCertPathValidatorException;
-import org.bouncycastle.x509.PKIXAttrCertChecker;
-import org.bouncycastle.x509.X509AttributeCertificate;
-import org.bouncycastle.x509.X509CertStoreSelector;
-
-class RFC3281CertPathUtilities
-{
-
-    private static final String TARGET_INFORMATION = Extension.targetInformation
-        .getId();
-
-    private static final String NO_REV_AVAIL = Extension.noRevAvail
-        .getId();
-
-    private static final String CRL_DISTRIBUTION_POINTS = Extension.cRLDistributionPoints
-        .getId();
-
-    private static final String AUTHORITY_INFO_ACCESS = Extension.authorityInfoAccess
-        .getId();
-
-    protected static void processAttrCert7(X509AttributeCertificate attrCert,
-        CertPath certPath, CertPath holderCertPath,
-        PKIXExtendedParameters pkixParams, Set attrCertCheckers) throws CertPathValidatorException
-    {
-        // TODO:
-        // AA Controls
-        // Attribute encryption
-        // Proxy
-        Set set = attrCert.getCriticalExtensionOIDs();
-        // 7.1
-        // process extensions
-
-        // target information checked in step 6 / X509AttributeCertStoreSelector
-        if (set.contains(TARGET_INFORMATION))
-        {
-            try
-            {
-                TargetInformation.getInstance(CertPathValidatorUtilities
-                    .getExtensionValue(attrCert, TARGET_INFORMATION));
-            }
-            catch (AnnotatedException e)
-            {
-                throw new ExtCertPathValidatorException(
-                    "Target information extension could not be read.", e);
-            }
-            catch (IllegalArgumentException e)
-            {
-                throw new ExtCertPathValidatorException(
-                    "Target information extension could not be read.", e);
-            }
-        }
-        set.remove(TARGET_INFORMATION);
-        for (Iterator it = attrCertCheckers.iterator(); it
-            .hasNext();)
-        {
-            ((PKIXAttrCertChecker) it.next()).check(attrCert, certPath,
-                holderCertPath, set);
-        }
-        if (!set.isEmpty())
-        {
-            throw new CertPathValidatorException(
-                "Attribute certificate contains unsupported critical extensions: "
-                    + set);
-        }
-    }
-
-    /**
-     * Checks if an attribute certificate is revoked.
-     * 
-     * @param attrCert Attribute certificate to check if it is revoked.
-     * @param paramsPKIX PKIX parameters.
-     * @param issuerCert The issuer certificate of the attribute certificate
-     *            <code>attrCert</code>.
-     * @param validDate The date when the certificate revocation status should
-     *            be checked.
-     * @param certPathCerts The certificates of the certification path to be
-     *            checked.
-     * 
-     * @throws CertPathValidatorException if the certificate is revoked or the
-     *             status cannot be checked or some error occurs.
-     */
-    protected static void checkCRLs(X509AttributeCertificate attrCert,
-        PKIXExtendedParameters paramsPKIX, X509Certificate issuerCert,
-        Date validDate, List certPathCerts, JcaJceHelper helper) throws CertPathValidatorException
-    {
-        if (paramsPKIX.isRevocationEnabled())
-        {
-            // check if revocation is available
-            if (attrCert.getExtensionValue(NO_REV_AVAIL) == null)
-            {
-                CRLDistPoint crldp = null;
-                try
-                {
-                    crldp = CRLDistPoint.getInstance(CertPathValidatorUtilities
-                        .getExtensionValue(attrCert, CRL_DISTRIBUTION_POINTS));
-                }
-                catch (AnnotatedException e)
-                {
-                    throw new CertPathValidatorException(
-                        "CRL distribution point extension could not be read.",
-                        e);
-                }
-
-                List crlStores = new ArrayList();
-
-                try
-                {
-                    crlStores.addAll(CertPathValidatorUtilities.getAdditionalStoresFromCRLDistributionPoint(crldp, paramsPKIX.getNamedCRLStoreMap()));
-                }
-                catch (AnnotatedException e)
-                {
-                    throw new CertPathValidatorException(
-                        "No additional CRL locations could be decoded from CRL distribution point extension.",
-                        e);
-                }
-
-                PKIXExtendedParameters.Builder bldr = new PKIXExtendedParameters.Builder(paramsPKIX);
-
-                for (Iterator it = crlStores.iterator(); it.hasNext(); )
-                {
-                    bldr.addCRLStore((PKIXCRLStore)crlStores);
-                }
-
-                paramsPKIX = bldr.build();
-
-                CertStatus certStatus = new CertStatus();
-                ReasonsMask reasonsMask = new ReasonsMask();
-
-                AnnotatedException lastException = null;
-                boolean validCrlFound = false;
-                // for each distribution point
-                if (crldp != null)
-                {
-                    DistributionPoint dps[] = null;
-                    try
-                    {
-                        dps = crldp.getDistributionPoints();
-                    }
-                    catch (Exception e)
-                    {
-                        throw new ExtCertPathValidatorException(
-                            "Distribution points could not be read.", e);
-                    }
-                    try
-                    {
-                        for (int i = 0; i < dps.length
-                            && certStatus.getCertStatus() == CertStatus.UNREVOKED
-                            && !reasonsMask.isAllReasons(); i++)
-                        {
-                            PKIXExtendedParameters paramsPKIXClone = (PKIXExtendedParameters)paramsPKIX
-                                    .clone();
-
-                            checkCRL(dps[i], attrCert, paramsPKIXClone,
-                                validDate, issuerCert, certStatus, reasonsMask,
-                                certPathCerts, helper);
-                            validCrlFound = true;
-                        }
-                    }
-                    catch (AnnotatedException e)
-                    {
-                        lastException = new AnnotatedException(
-                            "No valid CRL for distribution point found.", e);
-                    }
-                }
-
-                /*
-                 * If the revocation status has not been determined, repeat the
-                 * process above with any available CRLs not specified in a
-                 * distribution point but issued by the certificate issuer.
-                 */
-
-                if (certStatus.getCertStatus() == CertStatus.UNREVOKED
-                    && !reasonsMask.isAllReasons())
-                {
-                    try
-                    {
-                        /*
-                         * assume a DP with both the reasons and the cRLIssuer
-                         * fields omitted and a distribution point name of the
-                         * certificate issuer.
-                         */
-                        ASN1Primitive issuer = null;
-                        try
-                        {
-
-                            issuer = new ASN1InputStream(
-                                ((X500Principal) attrCert.getIssuer()
-                                    .getPrincipals()[0]).getEncoded())
-                                .readObject();
-                        }
-                        catch (Exception e)
-                        {
-                            throw new AnnotatedException(
-                                "Issuer from certificate for CRL could not be reencoded.",
-                                e);
-                        }
-                        DistributionPoint dp = new DistributionPoint(
-                            new DistributionPointName(0, new GeneralNames(
-                                new GeneralName(GeneralName.directoryName,
-                                    issuer))), null, null);
-                        PKIXExtendedParameters paramsPKIXClone = (PKIXExtendedParameters) paramsPKIX
-                            .clone();
-                        checkCRL(dp, attrCert, paramsPKIXClone, validDate,
-                            issuerCert, certStatus, reasonsMask, certPathCerts, helper);
-                        validCrlFound = true;
-                    }
-                    catch (AnnotatedException e)
-                    {
-                        lastException = new AnnotatedException(
-                            "No valid CRL for distribution point found.", e);
-                    }
-                }
-
-                if (!validCrlFound)
-                {
-                    throw new ExtCertPathValidatorException(
-                        "No valid CRL found.", lastException);
-                }
-                if (certStatus.getCertStatus() != CertStatus.UNREVOKED)
-                {
-                    String message = "Attribute certificate revocation after "
-                        + certStatus.getRevocationDate();
-                    message += ", reason: "
-                        + RFC3280CertPathUtilities.crlReasons[certStatus
-                            .getCertStatus()];
-                    throw new CertPathValidatorException(message);
-                }
-                if (!reasonsMask.isAllReasons()
-                    && certStatus.getCertStatus() == CertStatus.UNREVOKED)
-                {
-                    certStatus.setCertStatus(CertStatus.UNDETERMINED);
-                }
-                if (certStatus.getCertStatus() == CertStatus.UNDETERMINED)
-                {
-                    throw new CertPathValidatorException(
-                        "Attribute certificate status could not be determined.");
-                }
-
-            }
-            else
-            {
-                if (attrCert.getExtensionValue(CRL_DISTRIBUTION_POINTS) != null
-                    || attrCert.getExtensionValue(AUTHORITY_INFO_ACCESS) != null)
-                {
-                    throw new CertPathValidatorException(
-                        "No rev avail extension is set, but also an AC revocation pointer.");
-                }
-            }
-        }
-    }
-
-    protected static void additionalChecks(X509AttributeCertificate attrCert,
-        Set prohibitedACAttributes, Set necessaryACAttributes) throws CertPathValidatorException
-    {
-        // 1
-        for (Iterator it = prohibitedACAttributes.iterator(); it
-            .hasNext();)
-        {
-            String oid = (String) it.next();
-            if (attrCert.getAttributes(oid) != null)
-            {
-                throw new CertPathValidatorException(
-                    "Attribute certificate contains prohibited attribute: "
-                        + oid + ".");
-            }
-        }
-        for (Iterator it = necessaryACAttributes.iterator(); it
-            .hasNext();)
-        {
-            String oid = (String) it.next();
-            if (attrCert.getAttributes(oid) == null)
-            {
-                throw new CertPathValidatorException(
-                    "Attribute certificate does not contain necessary attribute: "
-                        + oid + ".");
-            }
-        }
-    }
-
-    protected static void processAttrCert5(X509AttributeCertificate attrCert,
-        PKIXExtendedParameters pkixParams) throws CertPathValidatorException
-    {
-        try
-        {
-            attrCert.checkValidity(CertPathValidatorUtilities
-                .getValidDate(pkixParams));
-        }
-        catch (CertificateExpiredException e)
-        {
-            throw new ExtCertPathValidatorException(
-                "Attribute certificate is not valid.", e);
-        }
-        catch (CertificateNotYetValidException e)
-        {
-            throw new ExtCertPathValidatorException(
-                "Attribute certificate is not valid.", e);
-        }
-    }
-
-    protected static void processAttrCert4(X509Certificate acIssuerCert,
-        Set trustedACIssuers) throws CertPathValidatorException
-    {
-        Set set = trustedACIssuers;
-        boolean trusted = false;
-        for (Iterator it = set.iterator(); it.hasNext();)
-        {
-            TrustAnchor anchor = (TrustAnchor) it.next();
-            if (acIssuerCert.getSubjectX500Principal().getName("RFC2253")
-                .equals(anchor.getCAName())
-                || acIssuerCert.equals(anchor.getTrustedCert()))
-            {
-                trusted = true;
-            }
-        }
-        if (!trusted)
-        {
-            throw new CertPathValidatorException(
-                "Attribute certificate issuer is not directly trusted.");
-        }
-    }
-
-    protected static void processAttrCert3(X509Certificate acIssuerCert,
-        PKIXExtendedParameters pkixParams) throws CertPathValidatorException
-    {
-        if (acIssuerCert.getKeyUsage() != null
-            && (!acIssuerCert.getKeyUsage()[0] && !acIssuerCert.getKeyUsage()[1]))
-        {
-            throw new CertPathValidatorException(
-                "Attribute certificate issuer public key cannot be used to validate digital signatures.");
-        }
-        if (acIssuerCert.getBasicConstraints() != -1)
-        {
-            throw new CertPathValidatorException(
-                "Attribute certificate issuer is also a public key certificate issuer.");
-        }
-    }
-
-    protected static CertPathValidatorResult processAttrCert2(
-        CertPath certPath, PKIXExtendedParameters pkixParams)
-        throws CertPathValidatorException
-    {
-        CertPathValidator validator = null;
-        try
-        {
-            validator = CertPathValidator.getInstance("PKIX", BouncyCastleProvider.PROVIDER_NAME);
-        }
-        catch (NoSuchProviderException e)
-        {
-            throw new ExtCertPathValidatorException(
-                "Support class could not be created.", e);
-        }
-        catch (NoSuchAlgorithmException e)
-        {
-            throw new ExtCertPathValidatorException(
-                "Support class could not be created.", e);
-        }
-        try
-        {
-            return validator.validate(certPath, pkixParams);
-        }
-        catch (CertPathValidatorException e)
-        {
-            throw new ExtCertPathValidatorException(
-                "Certification path for issuer certificate of attribute certificate could not be validated.",
-                e);
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            // must be a programming error
-            throw new RuntimeException(e.getMessage());
-        }
-    }
-
-    /**
-     * Searches for a holder public key certificate and verifies its
-     * certification path.
-     * 
-     * @param attrCert the attribute certificate.
-     * @param pkixParams The PKIX parameters.
-     * @return The certificate path of the holder certificate.
-     * @throws AnnotatedException if
-     *             <ul>
-     *             <li>no public key certificate can be found although holder
-     *             information is given by an entity name or a base certificate
-     *             ID
-     *             <li>support classes cannot be created
-     *             <li>no certification path for the public key certificate can
-     *             be built
-     *             </ul>
-     */
-    protected static CertPath processAttrCert1(
-        X509AttributeCertificate attrCert, PKIXExtendedParameters pkixParams)
-        throws CertPathValidatorException
-    {
-        CertPathBuilderResult result = null;
-        // find holder PKCs
-        Set holderPKCs = new HashSet();
-        if (attrCert.getHolder().getIssuer() != null)
-        {
-            X509CertSelector selector = new X509CertSelector();
-            selector.setSerialNumber(attrCert.getHolder().getSerialNumber());
-            Principal[] principals = attrCert.getHolder().getIssuer();
-            for (int i = 0; i < principals.length; i++)
-            {
-                try
-                {
-                    if (principals[i] instanceof X500Principal)
-                    {
-                        selector.setIssuer(((X500Principal)principals[i])
-                            .getEncoded());
-                    }
-                    holderPKCs.addAll(CertPathValidatorUtilities
-                        .findCertificates(new PKIXCertStoreSelector.Builder(selector).build(), pkixParams.getCertStores()));
-                }
-                catch (AnnotatedException e)
-                {
-                    throw new ExtCertPathValidatorException(
-                        "Public key certificate for attribute certificate cannot be searched.",
-                        e);
-                }
-                catch (IOException e)
-                {
-                    throw new ExtCertPathValidatorException(
-                        "Unable to encode X500 principal.", e);
-                }
-            }
-            if (holderPKCs.isEmpty())
-            {
-                throw new CertPathValidatorException(
-                    "Public key certificate specified in base certificate ID for attribute certificate cannot be found.");
-            }
-        }
-        if (attrCert.getHolder().getEntityNames() != null)
-        {
-            X509CertStoreSelector selector = new X509CertStoreSelector();
-            Principal[] principals = attrCert.getHolder().getEntityNames();
-            for (int i = 0; i < principals.length; i++)
-            {
-                try
-                {
-                    if (principals[i] instanceof X500Principal)
-                    {
-                        selector.setIssuer(((X500Principal) principals[i])
-                            .getEncoded());
-                    }
-                    holderPKCs.addAll(CertPathValidatorUtilities
-                        .findCertificates(new PKIXCertStoreSelector.Builder(selector).build(), pkixParams.getCertStores()));
-                }
-                catch (AnnotatedException e)
-                {
-                    throw new ExtCertPathValidatorException(
-                        "Public key certificate for attribute certificate cannot be searched.",
-                        e);
-                }
-                catch (IOException e)
-                {
-                    throw new ExtCertPathValidatorException(
-                        "Unable to encode X500 principal.", e);
-                }
-            }
-            if (holderPKCs.isEmpty())
-            {
-                throw new CertPathValidatorException(
-                    "Public key certificate specified in entity name for attribute certificate cannot be found.");
-            }
-        }
-        // verify cert paths for PKCs
-        PKIXExtendedParameters.Builder paramsBldr = new PKIXExtendedParameters.Builder(pkixParams);
-
-        CertPathValidatorException lastException = null;
-        for (Iterator it = holderPKCs.iterator(); it.hasNext();)
-        {
-            X509CertStoreSelector selector = new X509CertStoreSelector();
-            selector.setCertificate((X509Certificate) it.next());
-            paramsBldr.setTargetConstraints(new PKIXCertStoreSelector.Builder(selector).build());
-            CertPathBuilder builder = null;
-            try
-            {
-                builder = CertPathBuilder.getInstance("PKIX", BouncyCastleProvider.PROVIDER_NAME);
-            }
-            catch (NoSuchProviderException e)
-            {
-                throw new ExtCertPathValidatorException(
-                    "Support class could not be created.", e);
-            }
-            catch (NoSuchAlgorithmException e)
-            {
-                throw new ExtCertPathValidatorException(
-                    "Support class could not be created.", e);
-            }
-            try
-            {
-                result = builder.build(new PKIXExtendedBuilderParameters.Builder(paramsBldr.build()).build());
-            }
-            catch (CertPathBuilderException e)
-            {
-                lastException = new ExtCertPathValidatorException(
-                    "Certification path for public key certificate of attribute certificate could not be build.",
-                    e);
-            }
-            catch (InvalidAlgorithmParameterException e)
-            {
-                // must be a programming error
-                throw new RuntimeException(e.getMessage());
-            }
-        }
-        if (lastException != null)
-        {
-            throw lastException;
-        }
-        return result.getCertPath();
-    }
-
-    /**
-     * 
-     * Checks a distribution point for revocation information for the
-     * certificate <code>attrCert</code>.
-     * 
-     * @param dp The distribution point to consider.
-     * @param attrCert The attribute certificate which should be checked.
-     * @param paramsPKIX PKIX parameters.
-     * @param validDate The date when the certificate revocation status should
-     *            be checked.
-     * @param issuerCert Certificate to check if it is revoked.
-     * @param reasonMask The reasons mask which is already checked.
-     * @param certPathCerts The certificates of the certification path to be
-     *            checked.
-     * @throws AnnotatedException if the certificate is revoked or the status
-     *             cannot be checked or some error occurs.
-     */
-    private static void checkCRL(DistributionPoint dp,
-        X509AttributeCertificate attrCert, PKIXExtendedParameters paramsPKIX,
-        Date validDate, X509Certificate issuerCert, CertStatus certStatus,
-        ReasonsMask reasonMask, List certPathCerts, JcaJceHelper helper) throws AnnotatedException
-    {
-
-        /*
-         * 4.3.6 No Revocation Available
-         * 
-         * The noRevAvail extension, defined in [X.509-2000], allows an AC
-         * issuer to indicate that no revocation information will be made
-         * available for this AC.
-         */
-        if (attrCert.getExtensionValue(X509Extensions.NoRevAvail.getId()) != null)
-        {
-            return;
-        }
-        Date currentDate = new Date(System.currentTimeMillis());
-        if (validDate.getTime() > currentDate.getTime())
-        {
-            throw new AnnotatedException("Validation time is in future.");
-        }
-
-        // (a)
-        /*
-         * We always get timely valid CRLs, so there is no step (a) (1).
-         * "locally cached" CRLs are assumed to be in getStore(), additional
-         * CRLs must be enabled in the PKIXExtendedParameters and are in
-         * getAdditionalStore()
-         */
-
-        Set crls = CertPathValidatorUtilities.getCompleteCRLs(dp, attrCert,
-            currentDate, paramsPKIX);
-        boolean validCrlFound = false;
-        AnnotatedException lastException = null;
-        Iterator crl_iter = crls.iterator();
-
-        while (crl_iter.hasNext()
-            && certStatus.getCertStatus() == CertStatus.UNREVOKED
-            && !reasonMask.isAllReasons())
-        {
-            try
-            {
-                X509CRL crl = (X509CRL) crl_iter.next();
-
-                // (d)
-                ReasonsMask interimReasonsMask = RFC3280CertPathUtilities
-                    .processCRLD(crl, dp);
-
-                // (e)
-                /*
-                 * The reasons mask is updated at the end, so only valid CRLs
-                 * can update it. If this CRL does not contain new reasons it
-                 * must be ignored.
-                 */
-                if (!interimReasonsMask.hasNewReasons(reasonMask))
-                {
-                    continue;
-                }
-
-                // (f)
-                Set keys = RFC3280CertPathUtilities.processCRLF(crl, attrCert, null, null, paramsPKIX, certPathCerts, helper);
-                // (g)
-                PublicKey key = RFC3280CertPathUtilities.processCRLG(crl, keys);
-
-                X509CRL deltaCRL = null;
-
-                if (paramsPKIX.isUseDeltasEnabled())
-                {
-                    // get delta CRLs
-                    Set deltaCRLs = CertPathValidatorUtilities.getDeltaCRLs(currentDate, crl, paramsPKIX.getCertStores(), paramsPKIX.getCRLStores());
-                    // we only want one valid delta CRL
-                    // (h)
-                    deltaCRL = RFC3280CertPathUtilities.processCRLH(deltaCRLs,
-                        key);
-                }
-
-                /*
-                 * CRL must be be valid at the current time, not the validation
-                 * time. If a certificate is revoked with reason keyCompromise,
-                 * cACompromise, it can be used for forgery, also for the past.
-                 * This reason may not be contained in older CRLs.
-                 */
-
-                /*
-                 * in the chain model signatures stay valid also after the
-                 * certificate has been expired, so they do not have to be in
-                 * the CRL vality time
-                 */
-
-                if (paramsPKIX.getValidityModel() != PKIXExtendedParameters.CHAIN_VALIDITY_MODEL)
-                {
-                    /*
-                     * if a certificate has expired, but was revoked, it is not
-                     * more in the CRL, so it would be regarded as valid if the
-                     * first check is not done
-                     */
-                    if (attrCert.getNotAfter().getTime() < crl.getThisUpdate()
-                        .getTime())
-                    {
-                        throw new AnnotatedException(
-                            "No valid CRL for current time found.");
-                    }
-                }
-
-                RFC3280CertPathUtilities.processCRLB1(dp, attrCert, crl);
-
-                // (b) (2)
-                RFC3280CertPathUtilities.processCRLB2(dp, attrCert, crl);
-
-                // (c)
-                RFC3280CertPathUtilities.processCRLC(deltaCRL, crl, paramsPKIX);
-
-                // (i)
-                RFC3280CertPathUtilities.processCRLI(validDate, deltaCRL,
-                    attrCert, certStatus, paramsPKIX);
-
-                // (j)
-                RFC3280CertPathUtilities.processCRLJ(validDate, crl, attrCert,
-                    certStatus);
-
-                // (k)
-                if (certStatus.getCertStatus() == CRLReason.removeFromCRL)
-                {
-                    certStatus.setCertStatus(CertStatus.UNREVOKED);
-                }
-
-                // update reasons mask
-                reasonMask.addReasons(interimReasonsMask);
-                validCrlFound = true;
-            }
-            catch (AnnotatedException e)
-            {
-                lastException = e;
-            }
-        }
-        if (!validCrlFound)
-        {
-            throw lastException;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509AttrCertParser.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509AttrCertParser.java
deleted file mode 100644
index 08f61c2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509AttrCertParser.java
+++ /dev/null

@@ -1,156 +0,0 @@
-package org.bouncycastle.jce.provider;
-
-import java.io.BufferedInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.List;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.SignedData;
-import org.bouncycastle.x509.X509AttributeCertificate;
-import org.bouncycastle.x509.X509StreamParserSpi;
-import org.bouncycastle.x509.X509V2AttributeCertificate;
-import org.bouncycastle.x509.util.StreamParsingException;
-
-public class X509AttrCertParser
-    extends X509StreamParserSpi
-{
-    private static final PEMUtil PEM_PARSER = new PEMUtil("ATTRIBUTE CERTIFICATE");
-
-    private ASN1Set     sData = null;
-    private int         sDataObjectCount = 0;
-    private InputStream currentStream = null;
-
-    private X509AttributeCertificate readDERCertificate(
-        InputStream in)
-        throws IOException
-    {
-        ASN1InputStream dIn = new ASN1InputStream(in);
-        ASN1Sequence seq = (ASN1Sequence)dIn.readObject();
-
-        if (seq.size() > 1
-                && seq.getObjectAt(0) instanceof ASN1ObjectIdentifier)
-        {
-            if (seq.getObjectAt(0).equals(PKCSObjectIdentifiers.signedData))
-            {
-                sData = new SignedData(ASN1Sequence.getInstance(
-                                (ASN1TaggedObject)seq.getObjectAt(1), true)).getCertificates();
-
-                return getCertificate();
-            }
-        }
-
-        return new X509V2AttributeCertificate(seq.getEncoded());
-    }
-
-    private X509AttributeCertificate getCertificate()
-        throws IOException
-    {
-        if (sData != null)
-        {
-            while (sDataObjectCount < sData.size())
-            {
-                Object obj = sData.getObjectAt(sDataObjectCount++);
-
-                if (obj instanceof ASN1TaggedObject && ((ASN1TaggedObject)obj).getTagNo() == 2)
-                {
-                   return new X509V2AttributeCertificate(
-                          ASN1Sequence.getInstance((ASN1TaggedObject)obj, false).getEncoded());
-                }
-            }
-        }
-
-        return null;
-    }
-
-    private X509AttributeCertificate readPEMCertificate(
-        InputStream  in)
-        throws IOException
-    {
-        ASN1Sequence seq = PEM_PARSER.readPEMObject(in);
-
-        if (seq != null)
-        {
-            return new X509V2AttributeCertificate(seq.getEncoded());
-        }
-
-        return null;
-    }
-
-    public void engineInit(InputStream in)
-    {
-        currentStream = in;
-        sData = null;
-        sDataObjectCount = 0;
-
-        if (!currentStream.markSupported())
-        {
-            currentStream = new BufferedInputStream(currentStream);
-        }
-    }
-
-    public Object engineRead()
-        throws StreamParsingException
-    {
-        try
-        {
-            if (sData != null)
-            {
-                if (sDataObjectCount != sData.size())
-                {
-                    return getCertificate();
-                }
-                else
-                {
-                    sData = null;
-                    sDataObjectCount = 0;
-                    return null;
-                }
-            }
-
-            currentStream.mark(10);
-            int    tag = currentStream.read();
-
-            if (tag == -1)
-            {
-                return null;
-            }
-
-            if (tag != 0x30)  // assume ascii PEM encoded.
-            {
-                currentStream.reset();
-                return readPEMCertificate(currentStream);
-            }
-            else
-            {
-                currentStream.reset();
-                return readDERCertificate(currentStream);
-            }
-        }
-        catch (Exception e)
-        {
-            throw new StreamParsingException(e.toString(), e);
-        }
-    }
-
-    public Collection engineReadAll()
-        throws StreamParsingException
-    {
-        X509AttributeCertificate cert;
-        List certs = new ArrayList();
-
-        while ((cert = (X509AttributeCertificate)engineRead()) != null)
-        {
-            certs.add(cert);
-        }
-
-        return certs;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CRLParser.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CRLParser.java
deleted file mode 100644
index 0d1eca7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CRLParser.java
+++ /dev/null

@@ -1,150 +0,0 @@
-package org.bouncycastle.jce.provider;
-
-import java.io.BufferedInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.cert.CRL;
-import java.security.cert.CRLException;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.List;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.SignedData;
-import org.bouncycastle.asn1.x509.CertificateList;
-import org.bouncycastle.x509.X509StreamParserSpi;
-import org.bouncycastle.x509.util.StreamParsingException;
-
-public class X509CRLParser
-    extends X509StreamParserSpi
-{
-    private static final PEMUtil PEM_PARSER = new PEMUtil("CRL");
-
-    private ASN1Set     sData = null;
-    private int         sDataObjectCount = 0;
-    private InputStream currentStream = null;
-
-    private CRL readDERCRL(
-        InputStream in)
-        throws IOException, CRLException
-    {
-        ASN1InputStream dIn = new ASN1InputStream(in);
-        ASN1Sequence seq = (ASN1Sequence)dIn.readObject();
-
-        if (seq.size() > 1
-                && seq.getObjectAt(0) instanceof ASN1ObjectIdentifier)
-        {
-            if (seq.getObjectAt(0).equals(PKCSObjectIdentifiers.signedData))
-            {
-                sData = new SignedData(ASN1Sequence.getInstance(
-                                (ASN1TaggedObject)seq.getObjectAt(1), true)).getCRLs();
-
-                return getCRL();
-            }
-        }
-
-        return new X509CRLObject(CertificateList.getInstance(seq));
-    }
-
-    private CRL getCRL()
-        throws CRLException
-    {
-        if (sData == null || sDataObjectCount >= sData.size())
-        {
-            return null;
-        }
-
-        return new X509CRLObject(
-                        CertificateList.getInstance(
-                                sData.getObjectAt(sDataObjectCount++)));
-    }
-
-    private CRL readPEMCRL(
-        InputStream  in)
-        throws IOException, CRLException
-    {
-        ASN1Sequence seq = PEM_PARSER.readPEMObject(in);
-
-        if (seq != null)
-        {
-            return new X509CRLObject(CertificateList.getInstance(seq));
-        }
-
-        return null;
-    }
-
-    public void engineInit(InputStream in)
-    {
-        currentStream = in;
-        sData = null;
-        sDataObjectCount = 0;
-
-        if (!currentStream.markSupported())
-        {
-            currentStream = new BufferedInputStream(currentStream);
-        }
-    }
-
-    public Object engineRead()
-        throws StreamParsingException
-    {
-        try
-        {
-            if (sData != null)
-            {
-                if (sDataObjectCount != sData.size())
-                {
-                    return getCRL();
-                }
-                else
-                {
-                    sData = null;
-                    sDataObjectCount = 0;
-                    return null;
-                }
-            }
-
-            currentStream.mark(10);
-            int    tag = currentStream.read();
-
-            if (tag == -1)
-            {
-                return null;
-            }
-
-            if (tag != 0x30)  // assume ascii PEM encoded.
-            {
-                currentStream.reset();
-                return readPEMCRL(currentStream);
-            }
-            else
-            {
-                currentStream.reset();
-                return readDERCRL(currentStream);
-            }
-        }
-        catch (Exception e)
-        {
-            throw new StreamParsingException(e.toString(), e);
-        }
-    }
-
-    public Collection engineReadAll()
-        throws StreamParsingException
-    {
-        CRL     crl;
-        List certs = new ArrayList();
-
-        while ((crl = (CRL)engineRead()) != null)
-        {
-            certs.add(crl);
-        }
-
-        return certs;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CertPairParser.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CertPairParser.java
deleted file mode 100644
index 41d6448..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CertPairParser.java
+++ /dev/null

@@ -1,77 +0,0 @@
-package org.bouncycastle.jce.provider;
-
-import java.io.BufferedInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.cert.CertificateParsingException;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.List;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.x509.CertificatePair;
-import org.bouncycastle.x509.X509CertificatePair;
-import org.bouncycastle.x509.X509StreamParserSpi;
-import org.bouncycastle.x509.util.StreamParsingException;
-
-public class X509CertPairParser
-    extends X509StreamParserSpi
-{
-    private InputStream currentStream = null;
-
-    private X509CertificatePair readDERCrossCertificatePair(
-        InputStream in)
-        throws IOException, CertificateParsingException
-    {
-        ASN1InputStream dIn = new ASN1InputStream(in);
-        ASN1Sequence seq = (ASN1Sequence)dIn.readObject();
-        CertificatePair pair = CertificatePair.getInstance(seq);
-        return new X509CertificatePair(pair);
-    }
-
-    public void engineInit(InputStream in)
-    {
-        currentStream = in;
-
-        if (!currentStream.markSupported())
-        {
-            currentStream = new BufferedInputStream(currentStream);
-        }
-    }
-
-    public Object engineRead() throws StreamParsingException
-    {
-        try
-        {
-
-            currentStream.mark(10);
-            int tag = currentStream.read();
-
-            if (tag == -1)
-            {
-                return null;
-            }
-
-            currentStream.reset();
-            return readDERCrossCertificatePair(currentStream);
-        }
-        catch (Exception e)
-        {
-            throw new StreamParsingException(e.toString(), e);
-        }
-    }
-
-    public Collection engineReadAll() throws StreamParsingException
-    {
-        X509CertificatePair pair;
-        List certs = new ArrayList();
-
-        while ((pair = (X509CertificatePair)engineRead()) != null)
-        {
-            certs.add(pair);
-        }
-
-        return certs;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CertParser.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CertParser.java
deleted file mode 100644
index 9ff1765..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CertParser.java
+++ /dev/null

@@ -1,161 +0,0 @@
-package org.bouncycastle.jce.provider;
-
-import java.io.BufferedInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateParsingException;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.List;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.SignedData;
-import org.bouncycastle.x509.X509StreamParserSpi;
-import org.bouncycastle.x509.util.StreamParsingException;
-
-/**
- * @deprecated use CertificateFactory or the PEMParser in the openssl package (pkix jar).
- */
-public class X509CertParser
-    extends X509StreamParserSpi
-{
-    private static final PEMUtil PEM_PARSER = new PEMUtil("CERTIFICATE");
-
-    private ASN1Set     sData = null;
-    private int         sDataObjectCount = 0;
-    private InputStream currentStream = null;
-
-    private Certificate readDERCertificate(
-        InputStream in)
-        throws IOException, CertificateParsingException
-    {
-        ASN1InputStream dIn = new ASN1InputStream(in);
-        ASN1Sequence seq = (ASN1Sequence)dIn.readObject();
-
-        if (seq.size() > 1
-                && seq.getObjectAt(0) instanceof ASN1ObjectIdentifier)
-        {
-            if (seq.getObjectAt(0).equals(PKCSObjectIdentifiers.signedData))
-            {
-                sData = new SignedData(ASN1Sequence.getInstance(
-                                (ASN1TaggedObject)seq.getObjectAt(1), true)).getCertificates();
-
-                return getCertificate();
-            }
-        }
-
-        return new X509CertificateObject(
-                            org.bouncycastle.asn1.x509.Certificate.getInstance(seq));
-    }
-
-    private Certificate getCertificate()
-        throws CertificateParsingException
-    {
-        if (sData != null)
-        {
-            while (sDataObjectCount < sData.size())
-            {
-                Object obj = sData.getObjectAt(sDataObjectCount++);
-
-                if (obj instanceof ASN1Sequence)
-                {
-                   return new X509CertificateObject(
-                                    org.bouncycastle.asn1.x509.Certificate.getInstance(obj));
-                }
-            }
-        }
-
-        return null;
-    }
-
-    private Certificate readPEMCertificate(
-        InputStream  in)
-        throws IOException, CertificateParsingException
-    {
-        ASN1Sequence seq = PEM_PARSER.readPEMObject(in);
-
-        if (seq != null)
-        {
-            return new X509CertificateObject(
-                            org.bouncycastle.asn1.x509.Certificate.getInstance(seq));
-        }
-
-        return null;
-    }
-
-    public void engineInit(InputStream in)
-    {
-        currentStream = in;
-        sData = null;
-        sDataObjectCount = 0;
-
-        if (!currentStream.markSupported())
-        {
-            currentStream = new BufferedInputStream(currentStream);
-        }
-    }
-
-    public Object engineRead()
-        throws StreamParsingException
-    {
-        try
-        {
-            if (sData != null)
-            {
-                if (sDataObjectCount != sData.size())
-                {
-                    return getCertificate();
-                }
-                else
-                {
-                    sData = null;
-                    sDataObjectCount = 0;
-                    return null;
-                }
-            }
-
-            currentStream.mark(10);
-            int    tag = currentStream.read();
-
-            if (tag == -1)
-            {
-                return null;
-            }
-
-            if (tag != 0x30)  // assume ascii PEM encoded.
-            {
-                currentStream.reset();
-                return readPEMCertificate(currentStream);
-            }
-            else
-            {
-                currentStream.reset();
-                return readDERCertificate(currentStream);
-            }
-        }
-        catch (Exception e)
-        {
-            throw new StreamParsingException(e.toString(), e);
-        }
-    }
-
-    public Collection engineReadAll()
-        throws StreamParsingException
-    {
-        Certificate     cert;
-        List certs = new ArrayList();
-
-        while ((cert = (Certificate)engineRead()) != null)
-        {
-            certs.add(cert);
-        }
-
-        return certs;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CertificateObject.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CertificateObject.java
index e204be7..a35fa65 100644
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CertificateObject.java
+++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509CertificateObject.java

@@ -58,6 +58,9 @@
 import org.bouncycastle.asn1.x509.Extensions;
 import org.bouncycastle.asn1.x509.GeneralName;
 import org.bouncycastle.asn1.x509.KeyUsage;
+// BEGIN Android-added: Unknown reason
+import org.bouncycastle.asn1.x509.X509Name;
+// END Android-added: Unknown reason
 import org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl;
 import org.bouncycastle.jce.X509Principal;
 import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
@@ -567,12 +570,20 @@
         }
     }
 
+    // BEGIN Android-added: Cache encoded certificates
+    private byte[] encoded;
+    // END Android-added: Cache encoded certificates
     public byte[] getEncoded()
         throws CertificateEncodingException
     {
         try
         {
-            return c.getEncoded(ASN1Encoding.DER);
+            // BEGIN Android-changed: Cache encoded certificates
+            if (encoded == null) {
+                encoded = c.getEncoded(ASN1Encoding.DER);
+            }
+            return encoded;
+            // END Android-changed: Cache encoded certificates
         }
         catch (IOException e)
         {
@@ -893,7 +904,9 @@
                     list.add(genName.getEncoded());
                     break;
                 case GeneralName.directoryName:
-                    list.add(X500Name.getInstance(RFC4519Style.INSTANCE, genName.getName()).toString());
+                    // BEGIN Android-changed: Unknown reason
+                    list.add(X509Name.getInstance(genName.getName()).toString(true, X509Name.DefaultSymbols));
+                    // END Android-changed: Unknown reason
                     break;
                 case GeneralName.dNSName:
                 case GeneralName.rfc822Name:

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509LDAPCertStoreSpi.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509LDAPCertStoreSpi.java
deleted file mode 100644
index f526994..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509LDAPCertStoreSpi.java
+++ /dev/null

@@ -1,477 +0,0 @@
-package org.bouncycastle.jce.provider;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.cert.CRL;
-import java.security.cert.CRLSelector;
-import java.security.cert.CertSelector;
-import java.security.cert.CertStoreException;
-import java.security.cert.CertStoreParameters;
-import java.security.cert.CertStoreSpi;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509CRLSelector;
-import java.security.cert.X509CertSelector;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Properties;
-import java.util.Set;
-
-import javax.naming.Context;
-import javax.naming.NamingEnumeration;
-import javax.naming.NamingException;
-import javax.naming.directory.Attribute;
-import javax.naming.directory.DirContext;
-import javax.naming.directory.InitialDirContext;
-import javax.naming.directory.SearchControls;
-import javax.naming.directory.SearchResult;
-import javax.security.auth.x500.X500Principal;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.x509.CertificatePair;
-import org.bouncycastle.jce.X509LDAPCertStoreParameters;
-
-/**
- * 
- * This is a general purpose implementation to get X.509 certificates and CRLs
- * from a LDAP location.
- * <p>
- * At first a search is performed in the ldap*AttributeNames of the
- * {@link org.bouncycastle.jce.X509LDAPCertStoreParameters} with the given
- * information of the subject (for all kind of certificates) or issuer (for
- * CRLs), respectively, if a X509CertSelector is given with that details. For
- * CRLs, CA certificates and cross certificates a coarse search is made only for
- * entries with that content to get more possibly matching results.
- */
-public class X509LDAPCertStoreSpi
-    extends CertStoreSpi
-{
-    private X509LDAPCertStoreParameters params;
-
-    public X509LDAPCertStoreSpi(CertStoreParameters params)
-        throws InvalidAlgorithmParameterException
-    {
-        super(params);
-
-        if (!(params instanceof X509LDAPCertStoreParameters))
-        {
-            throw new InvalidAlgorithmParameterException(
-                X509LDAPCertStoreSpi.class.getName() + ": parameter must be a " + X509LDAPCertStoreParameters.class.getName() + " object\n"
-                    + params.toString());
-        }
-
-        this.params = (X509LDAPCertStoreParameters)params;
-    }
-
-    /**
-     * Initial Context Factory.
-     */
-    private static String LDAP_PROVIDER = "com.sun.jndi.ldap.LdapCtxFactory";
-
-    /**
-     * Processing referrals..
-     */
-    private static String REFERRALS_IGNORE = "ignore";
-
-    /**
-     * Security level to be used for LDAP connections.
-     */
-    private static final String SEARCH_SECURITY_LEVEL = "none";
-
-    /**
-     * Package Prefix for loading URL context factories.
-     */
-    private static final String URL_CONTEXT_PREFIX = "com.sun.jndi.url";
-
-    private DirContext connectLDAP() throws NamingException
-    {
-        Properties props = new Properties();
-        props.setProperty(Context.INITIAL_CONTEXT_FACTORY, LDAP_PROVIDER);
-        props.setProperty(Context.BATCHSIZE, "0");
-
-        props.setProperty(Context.PROVIDER_URL, params.getLdapURL());
-        props.setProperty(Context.URL_PKG_PREFIXES, URL_CONTEXT_PREFIX);
-        props.setProperty(Context.REFERRAL, REFERRALS_IGNORE);
-        props.setProperty(Context.SECURITY_AUTHENTICATION,
-            SEARCH_SECURITY_LEVEL);
-
-        DirContext ctx = new InitialDirContext(props);
-        return ctx;
-    }
-
-    private String parseDN(String subject, String subjectAttributeName)
-    {
-        String temp = subject;
-        int begin = temp.toLowerCase().indexOf(
-            subjectAttributeName.toLowerCase());
-        temp = temp.substring(begin + subjectAttributeName.length());
-        int end = temp.indexOf(',');
-        if (end == -1)
-        {
-            end = temp.length();
-        }
-        while (temp.charAt(end - 1) == '\\')
-        {
-            end = temp.indexOf(',', end + 1);
-            if (end == -1)
-            {
-                end = temp.length();
-            }
-        }
-        temp = temp.substring(0, end);
-        begin = temp.indexOf('=');
-        temp = temp.substring(begin + 1);
-        if (temp.charAt(0) == ' ')
-        {
-            temp = temp.substring(1);
-        }
-        if (temp.startsWith("\""))
-        {
-            temp = temp.substring(1);
-        }
-        if (temp.endsWith("\""))
-        {
-            temp = temp.substring(0, temp.length() - 1);
-        }
-        return temp;
-    }
-
-    public Collection engineGetCertificates(CertSelector selector)
-        throws CertStoreException
-    {
-        if (!(selector instanceof X509CertSelector))
-        {
-            throw new CertStoreException("selector is not a X509CertSelector");
-        }
-        X509CertSelector xselector = (X509CertSelector)selector;
-
-        Set certSet = new HashSet();
-
-        Set set = getEndCertificates(xselector);
-        set.addAll(getCACertificates(xselector));
-        set.addAll(getCrossCertificates(xselector));
-
-        Iterator it = set.iterator();
-
-        try
-        {
-            CertificateFactory cf = CertificateFactory.getInstance("X.509",
-                BouncyCastleProvider.PROVIDER_NAME);
-            while (it.hasNext())
-            {
-                byte[] bytes = (byte[])it.next();
-                if (bytes == null || bytes.length == 0)
-                {
-                    continue;
-                }
-
-                List bytesList = new ArrayList();
-                bytesList.add(bytes);
-
-                try
-                {
-                    CertificatePair pair = CertificatePair
-                        .getInstance(new ASN1InputStream(bytes)
-                            .readObject());
-                    bytesList.clear();
-                    if (pair.getForward() != null)
-                    {
-                        bytesList.add(pair.getForward().getEncoded());
-                    }
-                    if (pair.getReverse() != null)
-                    {
-                        bytesList.add(pair.getReverse().getEncoded());
-                    }
-                }
-                catch (IOException e)
-                {
-
-                }
-                catch (IllegalArgumentException e)
-                {
-
-                }
-                for (Iterator it2 = bytesList.iterator(); it2.hasNext();)
-                {
-                    ByteArrayInputStream bIn = new ByteArrayInputStream(
-                        (byte[])it2.next());
-                    try
-                    {
-                        Certificate cert = cf.generateCertificate(bIn);
-                        // System.out.println(((X509Certificate)
-                        // cert).getSubjectX500Principal());
-                        if (xselector.match(cert))
-                        {
-                            certSet.add(cert);
-                        }
-                    }
-                    catch (Exception e)
-                    {
-
-                    }
-                }
-            }
-        }
-        catch (Exception e)
-        {
-            throw new CertStoreException(
-                "certificate cannot be constructed from LDAP result: " + e);
-        }
-
-        return certSet;
-    }
-
-    private Set certSubjectSerialSearch(X509CertSelector xselector,
-                                        String[] attrs, String attrName, String subjectAttributeName)
-        throws CertStoreException
-    {
-        Set set = new HashSet();
-        try
-        {
-            if (xselector.getSubjectAsBytes() != null
-                || xselector.getSubjectAsString() != null
-                || xselector.getCertificate() != null)
-            {
-                String subject = null;
-                String serial = null;
-                if (xselector.getCertificate() != null)
-                {
-                    subject = xselector.getCertificate()
-                        .getSubjectX500Principal().getName("RFC1779");
-                    serial = xselector.getCertificate().getSerialNumber()
-                        .toString();
-                }
-                else
-                {
-                    if (xselector.getSubjectAsBytes() != null)
-                    {
-                        subject = new X500Principal(xselector
-                            .getSubjectAsBytes()).getName("RFC1779");
-                    }
-                    else
-                    {
-                        subject = xselector.getSubjectAsString();
-                    }
-                }
-                String attrValue = parseDN(subject, subjectAttributeName);
-                set.addAll(search(attrName, "*" + attrValue + "*", attrs));
-                if (serial != null
-                    && params.getSearchForSerialNumberIn() != null)
-                {
-                    attrValue = serial;
-                    attrName = params.getSearchForSerialNumberIn();
-                    set.addAll(search(attrName, "*" + attrValue + "*", attrs));
-                }
-            }
-            else
-            {
-                set.addAll(search(attrName, "*", attrs));
-            }
-        }
-        catch (IOException e)
-        {
-            throw new CertStoreException("exception processing selector: " + e);
-        }
-
-        return set;
-    }
-
-    private Set getEndCertificates(X509CertSelector xselector)
-        throws CertStoreException
-    {
-        String[] attrs = {params.getUserCertificateAttribute()};
-        String attrName = params.getLdapUserCertificateAttributeName();
-        String subjectAttributeName = params.getUserCertificateSubjectAttributeName();
-
-        Set set = certSubjectSerialSearch(xselector, attrs, attrName,
-            subjectAttributeName);
-        return set;
-    }
-
-    private Set getCACertificates(X509CertSelector xselector)
-        throws CertStoreException
-    {
-        String[] attrs = {params.getCACertificateAttribute()};
-        String attrName = params.getLdapCACertificateAttributeName();
-        String subjectAttributeName = params
-            .getCACertificateSubjectAttributeName();
-        Set set = certSubjectSerialSearch(xselector, attrs, attrName,
-            subjectAttributeName);
-
-        if (set.isEmpty())
-        {
-            set.addAll(search(null, "*", attrs));
-        }
-
-        return set;
-    }
-
-    private Set getCrossCertificates(X509CertSelector xselector)
-        throws CertStoreException
-    {
-        String[] attrs = {params.getCrossCertificateAttribute()};
-        String attrName = params.getLdapCrossCertificateAttributeName();
-        String subjectAttributeName = params
-            .getCrossCertificateSubjectAttributeName();
-        Set set = certSubjectSerialSearch(xselector, attrs, attrName,
-            subjectAttributeName);
-
-        if (set.isEmpty())
-        {
-            set.addAll(search(null, "*", attrs));
-        }
-
-        return set;
-    }
-
-    public Collection engineGetCRLs(CRLSelector selector)
-        throws CertStoreException
-    {
-        String[] attrs = {params.getCertificateRevocationListAttribute()};
-        if (!(selector instanceof X509CRLSelector))
-        {
-            throw new CertStoreException("selector is not a X509CRLSelector");
-        }
-        X509CRLSelector xselector = (X509CRLSelector)selector;
-
-        Set crlSet = new HashSet();
-
-        String attrName = params.getLdapCertificateRevocationListAttributeName();
-        Set set = new HashSet();
-
-        if (xselector.getIssuerNames() != null)
-        {
-            for (Iterator it = xselector.getIssuerNames().iterator(); it
-                .hasNext();)
-            {
-                Object o = it.next();
-                String attrValue = null;
-                if (o instanceof String)
-                {
-                    String issuerAttributeName = params
-                        .getCertificateRevocationListIssuerAttributeName();
-                    attrValue = parseDN((String)o, issuerAttributeName);
-                }
-                else
-                {
-                    String issuerAttributeName = params
-                        .getCertificateRevocationListIssuerAttributeName();
-                    attrValue = parseDN(new X500Principal((byte[])o)
-                        .getName("RFC1779"), issuerAttributeName);
-                }
-                set.addAll(search(attrName, "*" + attrValue + "*", attrs));
-            }
-        }
-        else
-        {
-            set.addAll(search(attrName, "*", attrs));
-        }
-        set.addAll(search(null, "*", attrs));
-        Iterator it = set.iterator();
-
-        try
-        {
-            CertificateFactory cf = CertificateFactory.getInstance("X.509",
-                BouncyCastleProvider.PROVIDER_NAME);
-            while (it.hasNext())
-            {
-                CRL crl = cf.generateCRL(new ByteArrayInputStream((byte[])it
-                    .next()));
-                if (xselector.match(crl))
-                {
-                    crlSet.add(crl);
-                }
-            }
-        }
-        catch (Exception e)
-        {
-            throw new CertStoreException(
-                "CRL cannot be constructed from LDAP result " + e);
-        }
-
-        return crlSet;
-    }
-
-    /**
-     * Returns a Set of byte arrays with the certificate or CRL encodings.
-     *
-     * @param attributeName  The attribute name to look for in the LDAP.
-     * @param attributeValue The value the attribute name must have.
-     * @param attrs          The attributes in the LDAP which hold the certificate,
-     *                       certificate pair or CRL in a found entry.
-     * @return Set of byte arrays with the certificate encodings.
-     */
-    private Set search(String attributeName, String attributeValue,
-                       String[] attrs) throws CertStoreException
-    {
-        String filter = attributeName + "=" + attributeValue;
-        if (attributeName == null)
-        {
-            filter = null;
-        }
-        DirContext ctx = null;
-        Set set = new HashSet();
-        try
-        {
-
-            ctx = connectLDAP();
-
-            SearchControls constraints = new SearchControls();
-            constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
-            constraints.setCountLimit(0);
-            for (int i = 0; i < attrs.length; i++)
-            {
-                String temp[] = new String[1];
-                temp[0] = attrs[i];
-                constraints.setReturningAttributes(temp);
-
-                String filter2 = "(&(" + filter + ")(" + temp[0] + "=*))";
-                if (filter == null)
-                {
-                    filter2 = "(" + temp[0] + "=*)";
-                }
-                NamingEnumeration results = ctx.search(params.getBaseDN(),
-                    filter2, constraints);
-                while (results.hasMoreElements())
-                {
-                    SearchResult sr = (SearchResult)results.next();
-                    // should only be one attribute in the attribute set with
-                    // one
-                    // attribute value as byte array
-                    NamingEnumeration enumeration = ((Attribute)(sr
-                        .getAttributes().getAll().next())).getAll();
-                    while (enumeration.hasMore())
-                    {
-                        Object o = enumeration.next();
-                        set.add(o);
-                    }
-                }
-            }
-        }
-        catch (Exception e)
-        {
-            throw new CertStoreException(
-                "Error getting results from LDAP directory " + e);
-
-        }
-        finally
-        {
-            try
-            {
-                if (null != ctx)
-                {
-                    ctx.close();
-                }
-            }
-            catch (Exception e)
-            {
-            }
-        }
-        return set;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509SignatureUtil.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509SignatureUtil.java
index eb1e556..a2ac86f 100644
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509SignatureUtil.java
+++ b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509SignatureUtil.java

@@ -14,7 +14,8 @@
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
 import org.bouncycastle.asn1.ASN1Sequence;
 import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
@@ -66,12 +67,16 @@
         
         if (params != null && !derNull.equals(params))
         {
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
             if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS))
             {
                 RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params);
                 
                 return getDigestAlgName(rsaParams.getHashAlgorithm().getAlgorithm()) + "withRSAandMGF1";
             }
+            */
+            // END Android-removed: Unsupported algorithms
             if (sigAlgId.getAlgorithm().equals(X9ObjectIdentifiers.ecdsa_with_SHA2))
             {
                 ASN1Sequence ecDsaParams = ASN1Sequence.getInstance(params);
@@ -114,6 +119,8 @@
         {
             return "SHA512";
         }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
         else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
         {
             return "RIPEMD128";
@@ -130,6 +137,8 @@
         {
             return "GOST3411";
         }
+        */
+        // END Android-removed: Unsupported algorithms
         else
         {
             return digestAlgOID.getId();            

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreAttrCertCollection.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreAttrCertCollection.java
deleted file mode 100644
index 7e2dc6a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreAttrCertCollection.java
+++ /dev/null

@@ -1,34 +0,0 @@
-package org.bouncycastle.jce.provider;
-
-import java.util.Collection;
-
-import org.bouncycastle.util.CollectionStore;
-import org.bouncycastle.util.Selector;
-import org.bouncycastle.x509.X509CollectionStoreParameters;
-import org.bouncycastle.x509.X509StoreParameters;
-import org.bouncycastle.x509.X509StoreSpi;
-
-public class X509StoreAttrCertCollection
-    extends X509StoreSpi
-{
-    private CollectionStore _store;
-
-    public X509StoreAttrCertCollection()
-    {
-    }
-
-    public void engineInit(X509StoreParameters params)
-    {
-        if (!(params instanceof X509CollectionStoreParameters))
-        {
-            throw new IllegalArgumentException(params.toString());
-        }
-
-        _store = new CollectionStore(((X509CollectionStoreParameters)params).getCollection());
-    }
-
-    public Collection engineGetMatches(Selector selector)
-    {
-        return _store.getMatches(selector);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreCRLCollection.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreCRLCollection.java
deleted file mode 100644
index b914f17..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreCRLCollection.java
+++ /dev/null

@@ -1,34 +0,0 @@
-package org.bouncycastle.jce.provider;
-
-import java.util.Collection;
-
-import org.bouncycastle.util.CollectionStore;
-import org.bouncycastle.util.Selector;
-import org.bouncycastle.x509.X509CollectionStoreParameters;
-import org.bouncycastle.x509.X509StoreParameters;
-import org.bouncycastle.x509.X509StoreSpi;
-
-public class X509StoreCRLCollection
-    extends X509StoreSpi
-{
-    private CollectionStore _store;
-
-    public X509StoreCRLCollection()
-    {
-    }
-
-    public void engineInit(X509StoreParameters params)
-    {
-        if (!(params instanceof X509CollectionStoreParameters))
-        {
-            throw new IllegalArgumentException(params.toString());
-        }
-
-        _store = new CollectionStore(((X509CollectionStoreParameters)params).getCollection());
-    }
-
-    public Collection engineGetMatches(Selector selector)
-    {
-        return _store.getMatches(selector);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreCertCollection.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreCertCollection.java
deleted file mode 100644
index db88f31..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreCertCollection.java
+++ /dev/null

@@ -1,34 +0,0 @@
-package org.bouncycastle.jce.provider;
-
-import java.util.Collection;
-
-import org.bouncycastle.util.CollectionStore;
-import org.bouncycastle.util.Selector;
-import org.bouncycastle.x509.X509CollectionStoreParameters;
-import org.bouncycastle.x509.X509StoreParameters;
-import org.bouncycastle.x509.X509StoreSpi;
-
-public class X509StoreCertCollection
-    extends X509StoreSpi
-{
-    private CollectionStore _store;
-
-    public X509StoreCertCollection()
-    {
-    }
-
-    public void engineInit(X509StoreParameters params)
-    {
-        if (!(params instanceof X509CollectionStoreParameters))
-        {
-            throw new IllegalArgumentException(params.toString());
-        }
-
-        _store = new CollectionStore(((X509CollectionStoreParameters)params).getCollection());
-    }
-
-    public Collection engineGetMatches(Selector selector)
-    {
-        return _store.getMatches(selector);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreCertPairCollection.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreCertPairCollection.java
deleted file mode 100644
index 2a6a2c3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreCertPairCollection.java
+++ /dev/null

@@ -1,64 +0,0 @@
-package org.bouncycastle.jce.provider;
-
-import java.util.Collection;
-
-import org.bouncycastle.util.CollectionStore;
-import org.bouncycastle.util.Selector;
-import org.bouncycastle.x509.X509CollectionStoreParameters;
-import org.bouncycastle.x509.X509StoreParameters;
-import org.bouncycastle.x509.X509StoreSpi;
-
-/**
- * This class is a collection based Bouncy Castle
- * {@link org.bouncycastle.x509.X509Store} SPI implementation for certificate
- * pairs.
- *
- * @see org.bouncycastle.x509.X509Store
- * @see org.bouncycastle.x509.X509CertificatePair
- */
-public class X509StoreCertPairCollection extends X509StoreSpi
-{
-
-    private CollectionStore _store;
-
-    public X509StoreCertPairCollection()
-    {
-    }
-
-    /**
-     * Initializes this store.
-     *
-     * @param params The {@link X509CollectionStoreParameters}s for this store.
-     * @throws IllegalArgumentException if <code>params</code> is no instance of
-     *                                  <code>X509CollectionStoreParameters</code>.
-     */
-    public void engineInit(X509StoreParameters params)
-    {
-        if (!(params instanceof X509CollectionStoreParameters))
-        {
-            throw new IllegalArgumentException(
-                "Initialization parameters must be an instance of "
-                    + X509CollectionStoreParameters.class.getName()
-                    + ".");
-        }
-
-        _store = new CollectionStore(((X509CollectionStoreParameters)params)
-            .getCollection());
-    }
-
-    /**
-     * Returns a colelction of certificate pairs which match the given
-     * <code>selector</code>.
-     * <p>
-     * The returned collection contains
-     * {@link org.bouncycastle.x509.X509CertificatePair}s. The selector must be
-     * a {@link org.bouncycastle.x509.X509CertPairStoreSelector} to select
-     * certificate pairs.
-     * </p>
-     * @return A collection with matching certificate pairs.
-     */
-    public Collection engineGetMatches(Selector selector)
-    {
-        return _store.getMatches(selector);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreLDAPAttrCerts.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreLDAPAttrCerts.java
deleted file mode 100644
index 245f305..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreLDAPAttrCerts.java
+++ /dev/null

@@ -1,79 +0,0 @@
-package org.bouncycastle.jce.provider;
-
-import java.util.Collection;
-import java.util.Collections;
-import java.util.HashSet;
-import java.util.Set;
-
-import org.bouncycastle.jce.X509LDAPCertStoreParameters;
-import org.bouncycastle.util.Selector;
-import org.bouncycastle.util.StoreException;
-import org.bouncycastle.x509.X509AttributeCertStoreSelector;
-import org.bouncycastle.x509.X509StoreParameters;
-import org.bouncycastle.x509.X509StoreSpi;
-import org.bouncycastle.x509.util.LDAPStoreHelper;
-
-/**
- * A SPI implementation of Bouncy Castle <code>X509Store</code> for getting
- * attribute certificates from an LDAP directory.
- *
- * @see org.bouncycastle.x509.X509Store
- */
-public class X509StoreLDAPAttrCerts extends X509StoreSpi
-{
-
-    private LDAPStoreHelper helper;
-
-    public X509StoreLDAPAttrCerts()
-    {
-    }
-
-    /**
-     * Initializes this LDAP attribute cert store implementation.
-     *
-     * @param parameters <code>X509LDAPCertStoreParameters</code>.
-     * @throws IllegalArgumentException if <code>params</code> is not an instance of
-     *                                  <code>X509LDAPCertStoreParameters</code>.
-     */
-    public void engineInit(X509StoreParameters parameters)
-    {
-        if (!(parameters instanceof X509LDAPCertStoreParameters))
-        {
-            throw new IllegalArgumentException(
-                "Initialization parameters must be an instance of "
-                    + X509LDAPCertStoreParameters.class.getName() + ".");
-        }
-        helper = new LDAPStoreHelper((X509LDAPCertStoreParameters)parameters);
-    }
-
-    /**
-     * Returns a collection of matching attribute certificates from the LDAP
-     * location.
-     * <p>
-     * The selector must be a of type
-     * <code>X509AttributeCertStoreSelector</code>. If it is not an empty
-     * collection is returned.
-     * </p>
-     * <p>
-     * The subject and the serial number should be reasonable criterias for a
-     * selector.
-     * </p>
-     * @param selector The selector to use for finding.
-     * @return A collection with the matches.
-     * @throws StoreException if an exception occurs while searching.
-     */
-    public Collection engineGetMatches(Selector selector) throws StoreException
-    {
-        if (!(selector instanceof X509AttributeCertStoreSelector))
-        {
-            return Collections.EMPTY_SET;
-        }
-        X509AttributeCertStoreSelector xselector = (X509AttributeCertStoreSelector)selector;
-        Set set = new HashSet();
-        set.addAll(helper.getAACertificates(xselector));
-        set.addAll(helper.getAttributeCertificateAttributes(xselector));
-        set.addAll(helper.getAttributeDescriptorCertificates(xselector));
-        return set;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreLDAPCRLs.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreLDAPCRLs.java
deleted file mode 100644
index 8af4ade..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreLDAPCRLs.java
+++ /dev/null

@@ -1,87 +0,0 @@
-package org.bouncycastle.jce.provider;
-
-import java.util.Collection;
-import java.util.Collections;
-import java.util.HashSet;
-import java.util.Set;
-
-import org.bouncycastle.jce.X509LDAPCertStoreParameters;
-import org.bouncycastle.util.Selector;
-import org.bouncycastle.util.StoreException;
-import org.bouncycastle.x509.X509CRLStoreSelector;
-import org.bouncycastle.x509.X509StoreParameters;
-import org.bouncycastle.x509.X509StoreSpi;
-import org.bouncycastle.x509.util.LDAPStoreHelper;
-
-/**
- * A SPI implementation of Bouncy Castle <code>X509Store</code> for getting
- * certificate revocation lists from an LDAP directory.
- *
- * @see org.bouncycastle.x509.X509Store
- */
-public class X509StoreLDAPCRLs extends X509StoreSpi
-{
-
-    private LDAPStoreHelper helper;
-
-    public X509StoreLDAPCRLs()
-    {
-    }
-
-    /**
-     * Initializes this LDAP CRL store implementation.
-     *
-     * @param params <code>X509LDAPCertStoreParameters</code>.
-     * @throws IllegalArgumentException if <code>params</code> is not an instance of
-     *                                  <code>X509LDAPCertStoreParameters</code>.
-     */
-    public void engineInit(X509StoreParameters params)
-    {
-        if (!(params instanceof X509LDAPCertStoreParameters))
-        {
-            throw new IllegalArgumentException(
-                "Initialization parameters must be an instance of "
-                    + X509LDAPCertStoreParameters.class.getName() + ".");
-        }
-        helper = new LDAPStoreHelper((X509LDAPCertStoreParameters)params);
-    }
-
-    /**
-     * Returns a collection of matching CRLs from the LDAP location.
-     * <p>
-     * The selector must be a of type <code>X509CRLStoreSelector</code>. If
-     * it is not an empty collection is returned.
-     * </p><p>
-     * The issuer should be a reasonable criteria for a selector.
-     * </p>
-     * @param selector The selector to use for finding.
-     * @return A collection with the matches.
-     * @throws StoreException if an exception occurs while searching.
-     */
-    public Collection engineGetMatches(Selector selector) throws StoreException
-    {
-        if (!(selector instanceof X509CRLStoreSelector))
-        {
-            return Collections.EMPTY_SET;
-        }
-        X509CRLStoreSelector xselector = (X509CRLStoreSelector)selector;
-        Set set = new HashSet();
-        // test only delta CRLs should be selected
-        if (xselector.isDeltaCRLIndicatorEnabled())
-        {
-            set.addAll(helper.getDeltaCertificateRevocationLists(xselector));
-        }
-        // nothing specified
-        else
-        {
-            set.addAll(helper.getDeltaCertificateRevocationLists(xselector));
-            set.addAll(helper.getAttributeAuthorityRevocationLists(xselector));
-            set
-                .addAll(helper
-                    .getAttributeCertificateRevocationLists(xselector));
-            set.addAll(helper.getAuthorityRevocationLists(xselector));
-            set.addAll(helper.getCertificateRevocationLists(xselector));
-        }
-        return set;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreLDAPCertPairs.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreLDAPCertPairs.java
deleted file mode 100644
index 3d3036d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreLDAPCertPairs.java
+++ /dev/null

@@ -1,75 +0,0 @@
-package org.bouncycastle.jce.provider;
-
-import java.util.Collection;
-import java.util.Collections;
-import java.util.HashSet;
-import java.util.Set;
-
-import org.bouncycastle.jce.X509LDAPCertStoreParameters;
-import org.bouncycastle.util.Selector;
-import org.bouncycastle.util.StoreException;
-import org.bouncycastle.x509.X509CertPairStoreSelector;
-import org.bouncycastle.x509.X509StoreParameters;
-import org.bouncycastle.x509.X509StoreSpi;
-import org.bouncycastle.x509.util.LDAPStoreHelper;
-
-/**
- * A SPI implementation of Bouncy Castle <code>X509Store</code> for getting
- * cross certificates pairs from an LDAP directory.
- *
- * @see org.bouncycastle.x509.X509Store
- */
-public class X509StoreLDAPCertPairs extends X509StoreSpi
-{
-
-    private LDAPStoreHelper helper;
-
-    public X509StoreLDAPCertPairs()
-    {
-    }
-
-    /**
-     * Initializes this LDAP cross certificate pair store implementation.
-     *
-     * @param parameters <code>X509LDAPCertStoreParameters</code>.
-     * @throws IllegalArgumentException if <code>params</code> is not an instance of
-     *                                  <code>X509LDAPCertStoreParameters</code>.
-     */
-    public void engineInit(X509StoreParameters parameters)
-    {
-        if (!(parameters instanceof X509LDAPCertStoreParameters))
-        {
-            throw new IllegalArgumentException(
-                "Initialization parameters must be an instance of "
-                    + X509LDAPCertStoreParameters.class.getName() + ".");
-        }
-        helper = new LDAPStoreHelper((X509LDAPCertStoreParameters)parameters);
-    }
-
-    /**
-     * Returns a collection of matching cross certificate pairs from the LDAP
-     * location.
-     * <p>
-     * The selector must be a of type <code>X509CertPairStoreSelector</code>.
-     * If it is not an empty collection is returned.
-     * </p>
-     * <p>
-     * The subject should be a reasonable criteria for a selector.
-     * </p>
-     * @param selector The selector to use for finding.
-     * @return A collection with the matches.
-     * @throws StoreException if an exception occurs while searching.
-     */
-    public Collection engineGetMatches(Selector selector) throws StoreException
-    {
-        if (!(selector instanceof X509CertPairStoreSelector))
-        {
-            return Collections.EMPTY_SET;
-        }
-        X509CertPairStoreSelector xselector = (X509CertPairStoreSelector)selector;
-        Set set = new HashSet();
-        set.addAll(helper.getCrossCertificatePairs(xselector));
-        return set;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreLDAPCerts.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreLDAPCerts.java
deleted file mode 100644
index c8463ef..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/X509StoreLDAPCerts.java
+++ /dev/null

@@ -1,128 +0,0 @@
-package org.bouncycastle.jce.provider;
-
-import java.util.Collection;
-import java.util.Collections;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.Set;
-
-import org.bouncycastle.jce.X509LDAPCertStoreParameters;
-import org.bouncycastle.util.Selector;
-import org.bouncycastle.util.StoreException;
-import org.bouncycastle.x509.X509CertPairStoreSelector;
-import org.bouncycastle.x509.X509CertStoreSelector;
-import org.bouncycastle.x509.X509CertificatePair;
-import org.bouncycastle.x509.X509StoreParameters;
-import org.bouncycastle.x509.X509StoreSpi;
-import org.bouncycastle.x509.util.LDAPStoreHelper;
-
-/**
- * A SPI implementation of Bouncy Castle <code>X509Store</code> for getting
- * certificates form a LDAP directory.
- *
- * @see org.bouncycastle.x509.X509Store
- */
-public class X509StoreLDAPCerts
-    extends X509StoreSpi
-{
-
-    private LDAPStoreHelper helper;
-
-    public X509StoreLDAPCerts()
-    {
-    }
-
-    /**
-     * Initializes this LDAP cert store implementation.
-     *
-     * @param params <code>X509LDAPCertStoreParameters</code>.
-     * @throws IllegalArgumentException if <code>params</code> is not an instance of
-     *                                  <code>X509LDAPCertStoreParameters</code>.
-     */
-    public void engineInit(X509StoreParameters params)
-    {
-        if (!(params instanceof X509LDAPCertStoreParameters))
-        {
-            throw new IllegalArgumentException(
-                "Initialization parameters must be an instance of "
-                    + X509LDAPCertStoreParameters.class.getName() + ".");
-        }
-        helper = new LDAPStoreHelper((X509LDAPCertStoreParameters)params);
-    }
-
-    /**
-     * Returns a collection of matching certificates from the LDAP location.
-     * <p>
-     * The selector must be a of type <code>X509CertStoreSelector</code>. If
-     * it is not an empty collection is returned.
-     * </p><p>
-     * The implementation searches only for CA certificates, if the method
-     * {@link java.security.cert.X509CertSelector#getBasicConstraints()} is
-     * greater or equal to 0. If it is -2 only end certificates are searched.
-     * </p><p>
-     * The subject and the serial number for end certificates should be
-     * reasonable criterias for a selector.
-     * </p>
-     * @param selector The selector to use for finding.
-     * @return A collection with the matches.
-     * @throws StoreException if an exception occurs while searching.
-     */
-    public Collection engineGetMatches(Selector selector) throws StoreException
-    {
-        if (!(selector instanceof X509CertStoreSelector))
-        {
-            return Collections.EMPTY_SET;
-        }
-        X509CertStoreSelector xselector = (X509CertStoreSelector)selector;
-        Set set = new HashSet();
-        // test if only CA certificates should be selected
-        if (xselector.getBasicConstraints() > 0)
-        {
-            set.addAll(helper.getCACertificates(xselector));
-            set.addAll(getCertificatesFromCrossCertificatePairs(xselector));
-        }
-        // only end certificates should be selected
-        else if (xselector.getBasicConstraints() == -2)
-        {
-            set.addAll(helper.getUserCertificates(xselector));
-        }
-        // nothing specified
-        else
-        {
-            set.addAll(helper.getUserCertificates(xselector));
-            set.addAll(helper.getCACertificates(xselector));
-            set.addAll(getCertificatesFromCrossCertificatePairs(xselector));
-        }
-        return set;
-    }
-
-    private Collection getCertificatesFromCrossCertificatePairs(
-        X509CertStoreSelector xselector) throws StoreException
-    {
-        Set set = new HashSet();
-        X509CertPairStoreSelector ps = new X509CertPairStoreSelector();
-
-        ps.setForwardSelector(xselector);
-        ps.setReverseSelector(new X509CertStoreSelector());
-        
-        Set crossCerts = new HashSet(helper.getCrossCertificatePairs(ps));
-        Set forward = new HashSet();
-        Set reverse = new HashSet();
-        Iterator it = crossCerts.iterator();
-        while (it.hasNext())
-        {
-            X509CertificatePair pair = (X509CertificatePair)it.next();
-            if (pair.getForward() != null)
-            {
-                forward.add(pair.getForward());
-            }
-            if (pair.getReverse() != null)
-            {
-                reverse.add(pair.getReverse());
-            }
-        }
-        set.addAll(forward);
-        set.addAll(reverse);
-        return set;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/AEADTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/AEADTest.java
deleted file mode 100644
index a8f7c26..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/AEADTest.java
+++ /dev/null

@@ -1,490 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.IOException;
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.spec.InvalidParameterSpecException;
-
-import javax.crypto.BadPaddingException;
-import javax.crypto.Cipher;
-import javax.crypto.IllegalBlockSizeException;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.spec.GCMParameterSpec;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import junit.framework.TestCase;
-import org.bouncycastle.asn1.cms.GCMParameters;
-import org.bouncycastle.jcajce.spec.AEADParameterSpec;
-import org.bouncycastle.jcajce.spec.RepeatedSecretKeySpec;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class AEADTest extends SimpleTest
-{
-
-    // EAX test vector from EAXTest
-    private byte[] K2 = Hex.decode("91945D3F4DCBEE0BF45EF52255F095A4");
-    private byte[] N2 = Hex.decode("BECAF043B0A23D843194BA972C66DEBD");
-    private byte[] A2 = Hex.decode("FA3BFD4806EB53FA");
-    private byte[] P2 = Hex.decode("F7FB");
-    private byte[] C2 = Hex.decode("19DD5C4C9331049D0BDAB0277408F67967E5");
-    // C2 with only 64bit MAC (default for EAX)
-    private byte[] C2_short = Hex.decode("19DD5C4C9331049D0BDA");
-
-    private byte[] KGCM = Hex.decode("00000000000000000000000000000000");
-    private byte[] NGCM = Hex.decode("000000000000000000000000");
-    private byte[] CGCM = Hex.decode("58e2fccefa7e3061367f1d57a4e7455a");
-
-    public String getName()
-    {
-        return "AEAD";
-    }
-
-    public void performTest() throws Exception
-    {
-        boolean aeadAvailable = false;
-        try
-        {
-            this.getClass().getClassLoader().loadClass("javax.crypto.spec.GCMParameterSpec");
-            aeadAvailable = true;
-        }
-        catch (ClassNotFoundException e)
-        {
-        }
-        testAEADParameterSpec(K2, N2, A2, P2, C2);
-        if (aeadAvailable)
-        {
-            checkCipherWithAD(K2, N2, A2, P2, C2_short);
-            testGCMParameterSpec(K2, N2, A2, P2, C2);
-            testGCMParameterSpecWithRepeatKey(K2, N2, A2, P2, C2);
-            testGCMGeneric(KGCM, NGCM, new byte[0], new byte[0], CGCM);
-            testGCMParameterSpecWithMultipleUpdates(K2, N2, A2, P2, C2);
-            testRepeatedGCMWithSpec(KGCM, NGCM, A2, P2, Hex.decode("f4732d84342623f65b7d63c3c335dd44b87d"));
-        }
-        else
-        {
-            System.err.println("GCM AEADTests disabled due to JDK");
-        }
-        testTampering(aeadAvailable);
-    }
-
-    private void testTampering(boolean aeadAvailable)
-        throws InvalidKeyException,
-        InvalidAlgorithmParameterException,
-        NoSuchAlgorithmException,
-        NoSuchProviderException,
-        NoSuchPaddingException,
-        IllegalBlockSizeException,
-        BadPaddingException
-    {
-        Cipher eax = Cipher.getInstance("AES/EAX/NoPadding", "BC");
-        final SecretKeySpec key = new SecretKeySpec(new byte[eax.getBlockSize()], eax.getAlgorithm());
-        final IvParameterSpec iv = new IvParameterSpec(new byte[eax.getBlockSize()]);
-
-        eax.init(Cipher.ENCRYPT_MODE, key, iv);
-        byte[] ciphertext = eax.doFinal(new byte[100]);
-        ciphertext[0] = (byte)(ciphertext[0] + 1);  // Tamper
-
-        try
-        {
-            eax.init(Cipher.DECRYPT_MODE, key, iv);
-            eax.doFinal(ciphertext);
-            fail("Tampered ciphertext should be invalid");
-        }
-        catch (BadPaddingException e)
-        {
-            if (aeadAvailable)
-            {
-                if (!e.getClass().getName().equals("javax.crypto.AEADBadTagException"))
-                {
-                    fail("Tampered AEAD ciphertext should fail with AEADBadTagException when available.");
-                }
-            }
-        }
-    }
-
-    private void checkCipherWithAD(byte[] K,
-                                   byte[] N,
-                                   byte[] A,
-                                   byte[] P,
-                                   byte[] C) throws InvalidKeyException,
-            NoSuchAlgorithmException, NoSuchPaddingException,
-            IllegalBlockSizeException, BadPaddingException,
-            InvalidAlgorithmParameterException, NoSuchProviderException
-    {
-        Cipher eax = Cipher.getInstance("AES/EAX/NoPadding", "BC");
-        SecretKeySpec key = new SecretKeySpec(K, "AES");
-        IvParameterSpec iv = new IvParameterSpec(N);
-        eax.init(Cipher.ENCRYPT_MODE, key, iv);
-
-        eax.updateAAD(A);
-        byte[] c = eax.doFinal(P);
-
-        if (!areEqual(C, c))
-        {
-            fail("JCE encrypt with additional data failed.");
-        }
-
-        eax.init(Cipher.DECRYPT_MODE, key, iv);
-        eax.updateAAD(A);
-        byte[] p = eax.doFinal(C);
-
-        if (!areEqual(P, p))
-        {
-            fail("JCE decrypt with additional data failed.");
-        }
-    }
-
-    private void testAEADParameterSpec(byte[] K,
-                                       byte[] N,
-                                       byte[] A,
-                                       byte[] P,
-                                       byte[] C)
-        throws Exception
-    {
-        Cipher eax = Cipher.getInstance("AES/EAX/NoPadding", "BC");
-        SecretKeySpec key = new SecretKeySpec(K, "AES");
-
-        AEADParameterSpec spec = new AEADParameterSpec(N, 128, A);
-        eax.init(Cipher.ENCRYPT_MODE, key, spec);
-
-        byte[] c = eax.doFinal(P);
-
-        if (!Arrays.areEqual(C, c))
-        {
-            TestCase.fail("JCE encrypt with additional data and AEADParameterSpec failed.");
-        }
-
-        // doFinal test
-        c = eax.doFinal(P);
-
-        if (!Arrays.areEqual(C, c))
-        {
-            TestCase.fail("JCE encrypt with additional data and AEADParameterSpec failed after do final");
-        }
-
-        eax.init(Cipher.DECRYPT_MODE, key, spec);
-
-        byte[] p = eax.doFinal(C);
-
-        if (!Arrays.areEqual(P, p))
-        {
-            TestCase.fail("JCE decrypt with additional data and AEADParameterSpec failed.");
-        }
-
-        AlgorithmParameters algParams = eax.getParameters();
-
-        byte[] encParams = algParams.getEncoded();
-
-        GCMParameters gcmParameters = GCMParameters.getInstance(encParams);
-
-        if (!Arrays.areEqual(spec.getIV(), gcmParameters.getNonce()) || spec.getMacSizeInBits() != gcmParameters.getIcvLen() * 8)
-        {
-            TestCase.fail("parameters mismatch");
-        }
-
-        // note: associated data is not preserved
-        AEADParameterSpec cSpec = algParams.getParameterSpec(AEADParameterSpec.class);
-        if (!Arrays.areEqual(spec.getIV(), cSpec.getNonce()) || spec.getMacSizeInBits() != cSpec.getMacSizeInBits()
-            || cSpec.getAssociatedData() != null)
-        {
-            TestCase.fail("parameters mismatch");
-        }
-
-        AlgorithmParameters aeadParams = AlgorithmParameters.getInstance("GCM", "BC");
-
-        aeadParams.init(spec);
-
-        cSpec = aeadParams.getParameterSpec(AEADParameterSpec.class);
-        if (!Arrays.areEqual(spec.getIV(), cSpec.getNonce()) || spec.getMacSizeInBits() != cSpec.getMacSizeInBits()
-            || cSpec.getAssociatedData() != null)
-        {
-            TestCase.fail("parameters mismatch");
-        }
-    }
-
-    private void testGCMParameterSpec(byte[] K,
-                                      byte[] N,
-                                      byte[] A,
-                                      byte[] P,
-                                      byte[] C)
-        throws InvalidKeyException,
-        NoSuchAlgorithmException, NoSuchPaddingException,
-        IllegalBlockSizeException, BadPaddingException,
-        InvalidAlgorithmParameterException, NoSuchProviderException, IOException
-    {
-        Cipher eax = Cipher.getInstance("AES/EAX/NoPadding", "BC");
-        SecretKeySpec key = new SecretKeySpec(K, "AES");
-
-        // GCMParameterSpec mapped to AEADParameters and overrides default MAC
-        // size
-        GCMParameterSpec spec = new GCMParameterSpec(128, N);
-        eax.init(Cipher.ENCRYPT_MODE, key, spec);
-
-        eax.updateAAD(A);
-        byte[] c = eax.doFinal(P);
-
-        if (!areEqual(C, c))
-        {
-            fail("JCE encrypt with additional data and GCMParameterSpec failed.");
-        }
-
-        eax.init(Cipher.DECRYPT_MODE, key, spec);
-        eax.updateAAD(A);
-        byte[] p = eax.doFinal(C);
-
-        if (!areEqual(P, p))
-        {
-            fail("JCE decrypt with additional data and GCMParameterSpec failed.");
-        }
-
-        AlgorithmParameters algParams = eax.getParameters();
-
-        byte[] encParams = algParams.getEncoded();
-
-        GCMParameters gcmParameters = GCMParameters.getInstance(encParams);
-
-        if (!Arrays.areEqual(spec.getIV(), gcmParameters.getNonce()) || spec.getTLen() != gcmParameters.getIcvLen() * 8)
-        {
-            fail("parameters mismatch");
-        }
-    }
-
-    private void testGCMParameterSpecWithMultipleUpdates(byte[] K,
-                                      byte[] N,
-                                      byte[] A,
-                                      byte[] P,
-                                      byte[] C)
-        throws Exception
-    {
-        Cipher eax = Cipher.getInstance("AES/EAX/NoPadding", "BC");
-        SecretKeySpec key = new SecretKeySpec(K, "AES");
-        SecureRandom random = new SecureRandom();
-
-        // GCMParameterSpec mapped to AEADParameters and overrides default MAC
-        // size
-        GCMParameterSpec spec = new GCMParameterSpec(128, N);
-
-        for (int i = 900; i != 1024; i++)
-        {
-            byte[] message = new byte[i];
-
-            random.nextBytes(message);
-
-            eax.init(Cipher.ENCRYPT_MODE, key, spec);
-
-            byte[] out = new byte[eax.getOutputSize(i)];
-
-            int offSet = 0;
-
-            int count;
-            for (count = 0; count < i / 21; count++)
-            {
-                offSet += eax.update(message, count * 21, 21, out, offSet);
-            }
-
-            offSet += eax.doFinal(message, count * 21, i - (count * 21), out, offSet);
-
-            byte[] dec = new byte[i];
-            int    len = offSet;
-
-            eax.init(Cipher.DECRYPT_MODE, key, spec);
-
-            offSet = 0;
-            for (count = 0; count < len / 10; count++)
-            {
-                offSet += eax.update(out, count * 10, 10, dec, offSet);
-            }
-
-            offSet += eax.doFinal(out, count * 10, len - (count * 10), dec, offSet);
-
-            if (!Arrays.areEqual(message, dec) || offSet != message.length)
-            {
-                fail("message mismatch");
-            }
-        }
-    }
-
-
-    private void testGCMParameterSpecWithRepeatKey(byte[] K,
-                                                   byte[] N,
-                                                   byte[] A,
-                                                   byte[] P,
-                                                   byte[] C)
-        throws InvalidKeyException, NoSuchAlgorithmException,
-        NoSuchPaddingException, IllegalBlockSizeException,
-        BadPaddingException, InvalidAlgorithmParameterException, NoSuchProviderException, IOException
-    {
-        Cipher eax = Cipher.getInstance("AES/EAX/NoPadding", "BC");
-        SecretKeySpec key = new SecretKeySpec(K, "AES");
-        GCMParameterSpec spec = new GCMParameterSpec(128, N);
-        eax.init(Cipher.ENCRYPT_MODE, key, spec);
-
-        eax.updateAAD(A);
-        byte[] c = eax.doFinal(P);
-
-        if (!areEqual(C, c))
-        {
-            fail("JCE encrypt with additional data and RepeatedSecretKeySpec failed.");
-        }
-
-        // Check GCMParameterSpec handling knows about RepeatedSecretKeySpec
-        eax.init(Cipher.DECRYPT_MODE, new RepeatedSecretKeySpec("AES"), spec);
-        eax.updateAAD(A);
-        byte[] p = eax.doFinal(C);
-
-        if (!areEqual(P, p))
-        {
-            fail("JCE decrypt with additional data and RepeatedSecretKeySpec failed.");
-        }
-
-        AlgorithmParameters algParams = eax.getParameters();
-
-        byte[] encParams = algParams.getEncoded();
-
-        GCMParameters gcmParameters = GCMParameters.getInstance(encParams);
-
-        if (!Arrays.areEqual(spec.getIV(), gcmParameters.getNonce()) || spec.getTLen() != gcmParameters.getIcvLen() * 8)
-        {
-            fail("parameters mismatch");
-        }
-    }
-
-    private void testGCMGeneric(byte[] K,
-                                      byte[] N,
-                                      byte[] A,
-                                      byte[] P,
-                                      byte[] C)
-        throws InvalidKeyException,
-        NoSuchAlgorithmException, NoSuchPaddingException,
-        IllegalBlockSizeException, BadPaddingException,
-        InvalidAlgorithmParameterException, NoSuchProviderException, IOException, InvalidParameterSpecException
-    {
-        Cipher eax = Cipher.getInstance("AES/GCM/NoPadding", "BC");
-        SecretKeySpec key = new SecretKeySpec(K, "AES");
-
-        // GCMParameterSpec mapped to AEADParameters and overrides default MAC
-        // size
-        GCMParameterSpec spec = new GCMParameterSpec(128, N);
-        eax.init(Cipher.ENCRYPT_MODE, key, spec);
-
-        eax.updateAAD(A);
-        byte[] c = eax.doFinal(P);
-
-        if (!areEqual(C, c))
-        {
-            fail("JCE encrypt with additional data and GCMParameterSpec failed.");
-        }
-
-        eax = Cipher.getInstance("GCM", "BC");
-        eax.init(Cipher.DECRYPT_MODE, key, spec);
-        eax.updateAAD(A);
-        byte[] p = eax.doFinal(C);
-
-        if (!areEqual(P, p))
-        {
-            fail("JCE decrypt with additional data and GCMParameterSpec failed.");
-        }
-
-        AlgorithmParameters algParams = eax.getParameters();
-
-        byte[] encParams = algParams.getEncoded();
-
-        GCMParameters gcmParameters = GCMParameters.getInstance(encParams);
-
-        if (!Arrays.areEqual(spec.getIV(), gcmParameters.getNonce()) || spec.getTLen() != gcmParameters.getIcvLen() * 8)
-        {
-            fail("parameters mismatch");
-        }
-
-        GCMParameterSpec gcmSpec = algParams.getParameterSpec(GCMParameterSpec.class);
-
-        if (!Arrays.areEqual(gcmSpec.getIV(), gcmParameters.getNonce()) || gcmSpec.getTLen() != gcmParameters.getIcvLen() * 8)
-        {
-            fail("spec parameters mismatch");
-        }
-
-        if (!Arrays.areEqual(eax.getIV(), gcmParameters.getNonce()))
-        {
-            fail("iv mismatch");
-        }
-    }
-
-    private void testRepeatedGCMWithSpec(byte[] K,
-                                 byte[] N,
-                                 byte[] A,
-                                 byte[] P,
-                                 byte[] C)
-        throws InvalidKeyException, NoSuchAlgorithmException,
-        NoSuchPaddingException, IllegalBlockSizeException,
-        BadPaddingException, InvalidAlgorithmParameterException, NoSuchProviderException, IOException
-    {
-        Cipher eax = Cipher.getInstance("AES/GCM/NoPadding", "BC");
-        SecretKeySpec key = new SecretKeySpec(K, "AES");
-        GCMParameterSpec spec = new GCMParameterSpec(128, N);
-        eax.init(Cipher.ENCRYPT_MODE, key, spec);
-
-        eax.updateAAD(A);
-        byte[] c = eax.doFinal(P);
-
-        if (!areEqual(C, c))
-        {
-            fail("JCE encrypt with additional data and RepeatedSecretKeySpec failed.");
-        }
-
-        eax = Cipher.getInstance("GCM", "BC");
-        eax.init(Cipher.DECRYPT_MODE, key, spec);
-        eax.updateAAD(A);
-        byte[] p = eax.doFinal(C);
-
-        if (!areEqual(P, p))
-        {
-            fail("JCE decrypt with additional data and GCMParameterSpec failed.");
-        }
-
-        try
-        {
-            eax.init(Cipher.ENCRYPT_MODE, new RepeatedSecretKeySpec("AES"), spec);
-            fail("no exception");
-        }
-        catch (InvalidKeyException e)
-        {
-            isTrue("wrong message", "cannot reuse nonce for GCM encryption".equals(e.getMessage()));
-        }
-
-        try
-        {
-            eax.init(Cipher.ENCRYPT_MODE, new RepeatedSecretKeySpec("AES"), new IvParameterSpec(spec.getIV()));
-            fail("no exception");
-        }
-        catch (InvalidKeyException e)
-        {
-            isTrue("wrong message", "cannot reuse nonce for GCM encryption".equals(e.getMessage()));
-        }
-
-        try
-        {
-            eax.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(K, "AES"), new IvParameterSpec(spec.getIV()));
-            fail("no exception");
-        }
-        catch (InvalidKeyException e)
-        {
-            isTrue("wrong message", "cannot reuse nonce for GCM encryption".equals(e.getMessage()));
-        }
-    }
-
-    public static void main(String[] args) throws Exception
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new AEADTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/AESSICTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/AESSICTest.java
deleted file mode 100644
index ae6d7bc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/AESSICTest.java
+++ /dev/null

@@ -1,168 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.security.Key;
-import java.security.Security;
-
-import javax.crypto.Cipher;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.jcajce.spec.RepeatedSecretKeySpec;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * test vectors based on NIST Special Publication 800-38A,
- * "Recommendation for Block Cipher Modes of Operation"
- */
-public class AESSICTest
-    extends SimpleTest
-{
-    private byte[][]    keys =
-                        {
-                            Hex.decode("2b7e151628aed2a6abf7158809cf4f3c"),
-                            Hex.decode("8e73b0f7da0e6452c810f32b809079e562f8ead2522c6b7b"),
-                            Hex.decode("603deb1015ca71be2b73aef0857d77811f352c073b6108d72d9810a30914dff4")
-                        };
-
-    private byte[][]    plain =
-                        {
-                            Hex.decode("6bc1bee22e409f96e93d7e117393172a"),
-                            Hex.decode("ae2d8a571e03ac9c9eb76fac45af8e51"),
-                            Hex.decode("30c81c46a35ce411e5fbc1191a0a52ef"),
-                            Hex.decode("f69f2445df4f9b17ad2b417be66c3710")
-                        };
-
-    private byte[][][]  cipher =
-                        {
-                            {
-                                Hex.decode("874d6191b620e3261bef6864990db6ce"),
-                                Hex.decode("9806f66b7970fdff8617187bb9fffdff"),
-                                Hex.decode("5ae4df3edbd5d35e5b4f09020db03eab"),
-                                Hex.decode("1e031dda2fbe03d1792170a0f3009cee")
-                            },
-                            {
-                                Hex.decode("1abc932417521ca24f2b0459fe7e6e0b"),
-                                Hex.decode("090339ec0aa6faefd5ccc2c6f4ce8e94"),
-                                Hex.decode("1e36b26bd1ebc670d1bd1d665620abf7"),
-                                Hex.decode("4f78a7f6d29809585a97daec58c6b050")
-                            },
-                            {
-                                Hex.decode("601ec313775789a5b7a7f504bbf3d228"),
-                                Hex.decode("f443e3ca4d62b59aca84e990cacaf5c5"),
-                                Hex.decode("2b0930daa23de94ce87017ba2d84988d"),
-                                Hex.decode("dfc9c58db67aada613c2dd08457941a6")
-                            }
-                        };
-
-    public String getName()
-    {
-        return "AESSIC";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        Cipher c = Cipher.getInstance("AES/SIC/NoPadding", "BC");
-
-        //
-        // NIST vectors
-        //
-        for (int i = 0; i != keys.length; i++)
-        {
-            Key sk = new SecretKeySpec(keys[i], "AES");
-            c.init(
-                Cipher.ENCRYPT_MODE, sk,
-            new IvParameterSpec(Hex.decode("F0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF")));
-
-            for (int j = 0; j != plain.length; j++)
-            {
-                byte[] crypt = c.update(plain[j]);
-                if (!areEqual(crypt, cipher[i][j]))
-                {
-                    fail("AESSIC encrypt failed: key " + i + " block " + j);
-                }
-            }
-
-            c.init(
-                Cipher.DECRYPT_MODE, sk,
-            new IvParameterSpec(Hex.decode("F0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF")));
-
-            for (int j = 0; j != plain.length; j++)
-            {
-                byte[] crypt = c.update(cipher[i][j]);
-                if (!areEqual(crypt, plain[j]))
-                {
-                    fail("AESSIC decrypt failed: key " + i + " block " + j);
-                }
-            }
-        }
-
-        //
-        // check CTR also recognised.
-        //
-        c = Cipher.getInstance("AES/CTR/NoPadding", "BC");
-
-        Key sk = new SecretKeySpec(Hex.decode("2B7E151628AED2A6ABF7158809CF4F3C"), "AES");
-
-        c.init(
-            Cipher.ENCRYPT_MODE, sk,
-            new IvParameterSpec(Hex.decode("F0F1F2F3F4F5F6F7F8F9FAFBFCFD0001")));
-
-        byte[] crypt = c.doFinal(Hex.decode("00000000000000000000000000000000"));
-
-        if (!areEqual(crypt, Hex.decode("D23513162B02D0F72A43A2FE4A5F97AB")))
-        {
-            fail("AESSIC failed test 2");
-        }
-        
-        //
-        // check partial block processing
-        //
-        c = Cipher.getInstance("AES/CTR/NoPadding", "BC");
-
-        sk = new SecretKeySpec(Hex.decode("2B7E151628AED2A6ABF7158809CF4F3C"), "AES");
-
-        c.init(
-            Cipher.ENCRYPT_MODE, sk,
-            new IvParameterSpec(Hex.decode("F0F1F2F3F4F5F6F7F8F9FAFBFCFD0001")));
-
-        crypt = c.doFinal(Hex.decode("12345678"));
-
-        c.init(
-                Cipher.DECRYPT_MODE, sk,
-                new IvParameterSpec(Hex.decode("F0F1F2F3F4F5F6F7F8F9FAFBFCFD0001")));
-        
-        crypt = c.doFinal(crypt);
-        
-        if (!areEqual(crypt, Hex.decode("12345678")))
-        {
-            fail("AESSIC failed partial test");
-        }
-
-        // null key test
-        sk = new RepeatedSecretKeySpec("AES");
-
-        c.init(
-                Cipher.ENCRYPT_MODE, sk,
-        new IvParameterSpec(Hex.decode("F0F1F2F3F4F5F6F7F8F9FAFBFCFDFEFF")));
-
-        for (int j = 0; j != plain.length; j++)
-        {
-            crypt = c.update(plain[j]);
-            if (!areEqual(crypt, cipher[0][j]))
-            {
-                fail("AESSIC encrypt failed: key " + 0 + " block " + j);
-            }
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new AESSICTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/AESTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/AESTest.java
deleted file mode 100644
index 454232a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/AESTest.java
+++ /dev/null

@@ -1,459 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.DataInputStream;
-import java.io.IOException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.Security;
-
-import javax.crypto.Cipher;
-import javax.crypto.CipherInputStream;
-import javax.crypto.CipherOutputStream;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.crypto.prng.FixedSecureRandom;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.encoders.Hex;
-
-/**
- * basic test class for the AES cipher vectors from FIPS-197
- */
-public class AESTest
-    extends BaseBlockCipherTest
-{
-    static String[] cipherTests =
-    {
-        "128",
-        "000102030405060708090a0b0c0d0e0f",
-        "00112233445566778899aabbccddeeff",
-        "69c4e0d86a7b0430d8cdb78070b4c55a",
-        "192",
-        "000102030405060708090a0b0c0d0e0f1011121314151617",
-        "00112233445566778899aabbccddeeff",
-        "dda97ca4864cdfe06eaf70a0ec0d7191",
-        "256",
-        "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
-        "00112233445566778899aabbccddeeff",
-        "8ea2b7ca516745bfeafc49904b496089",
-    };
-
-    public AESTest()
-    {
-        super("AES");
-    }
-
-    private void test(
-        int         strength,
-        byte[]      keyBytes,
-        byte[]      input,
-        byte[]      output)
-        throws Exception
-    {
-        Key                     key;
-        Cipher                  in, out;
-        CipherInputStream       cIn;
-        CipherOutputStream      cOut;
-        ByteArrayInputStream    bIn;
-        ByteArrayOutputStream   bOut;
-
-        key = new SecretKeySpec(keyBytes, "AES");
-
-        in = Cipher.getInstance("AES/ECB/NoPadding", "BC");
-        out = Cipher.getInstance("AES/ECB/NoPadding", "BC");
-        
-        try
-        {
-            out.init(Cipher.ENCRYPT_MODE, key);
-        }
-        catch (Exception e)
-        {
-            fail("AES failed initialisation - " + e.toString(), e);
-        }
-
-        try
-        {
-            in.init(Cipher.DECRYPT_MODE, key);
-        }
-        catch (Exception e)
-        {
-            fail("AES failed initialisation - " + e.toString(), e);
-        }
-
-        //
-        // encryption pass
-        //
-        bOut = new ByteArrayOutputStream();
-
-        cOut = new CipherOutputStream(bOut, out);
-
-        try
-        {
-            for (int i = 0; i != input.length / 2; i++)
-            {
-                cOut.write(input[i]);
-            }
-            cOut.write(input, input.length / 2, input.length - input.length / 2);
-            cOut.close();
-        }
-        catch (IOException e)
-        {
-            fail("AES failed encryption - " + e.toString(), e);
-        }
-
-        byte[]    bytes;
-
-        bytes = bOut.toByteArray();
-
-        if (!areEqual(bytes, output))
-        {
-            fail("AES failed encryption - expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(bytes)));
-        }
-
-        //
-        // decryption pass
-        //
-        bIn = new ByteArrayInputStream(bytes);
-
-        cIn = new CipherInputStream(bIn, in);
-
-        try
-        {
-            DataInputStream dIn = new DataInputStream(cIn);
-
-            bytes = new byte[input.length];
-
-            for (int i = 0; i != input.length / 2; i++)
-            {
-                bytes[i] = (byte)dIn.read();
-            }
-            dIn.readFully(bytes, input.length / 2, bytes.length - input.length / 2);
-        }
-        catch (Exception e)
-        {
-            fail("AES failed encryption - " + e.toString(), e);
-        }
-
-        if (!areEqual(bytes, input))
-        {
-            fail("AES failed decryption - expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(bytes)));
-        }
-    }
-
-    private void eaxTest()
-        throws Exception
-    {
-        byte[] K = Hex.decode("233952DEE4D5ED5F9B9C6D6FF80FF478");
-        byte[] N = Hex.decode("62EC67F9C3A4A407FCB2A8C49031A8B3");
-        byte[] P = Hex.decode("68656c6c6f20776f726c642121");
-        byte[] C = Hex.decode("2f9f76cb7659c70e4be11670a3e193ae1bc6b5762a");
-
-        Key                     key;
-        Cipher                  in, out;
-
-        key = new SecretKeySpec(K, "AES");
-
-        in = Cipher.getInstance("AES/EAX/NoPadding", "BC");
-        out = Cipher.getInstance("AES/EAX/NoPadding", "BC");
-
-        in.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(N));
-
-        byte[] enc = in.doFinal(P);
-        if (!areEqual(enc, C))
-        {
-            fail("ciphertext doesn't match in EAX");
-        }
-
-        out.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(N));
-
-        byte[] dec = out.doFinal(C);
-        if (!areEqual(dec, P))
-        {
-            fail("plaintext doesn't match in EAX");
-        }
-
-        try
-        {
-            in = Cipher.getInstance("AES/EAX/PKCS5Padding", "BC");
-
-            fail("bad padding missed in EAX");
-        }
-        catch (NoSuchPaddingException e)
-        {
-            // expected
-        }
-    }
-
-    private void ccmTest()
-        throws Exception
-    {
-        byte[] K = Hex.decode("404142434445464748494a4b4c4d4e4f");
-        byte[] N = Hex.decode("10111213141516");
-        byte[] P = Hex.decode("68656c6c6f20776f726c642121");
-        byte[] C = Hex.decode("39264f148b54c456035de0a531c8344f46db12b388");
-
-        Key                     key;
-        Cipher                  in, out;
-
-        key = new SecretKeySpec(K, "AES");
-
-        in = Cipher.getInstance("AES/CCM/NoPadding", "BC");
-        out = Cipher.getInstance("AES/CCM/NoPadding", "BC");
-
-        in.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(N));
-
-        byte[] enc = in.doFinal(P);
-        if (!areEqual(enc, C))
-        {
-            fail("ciphertext doesn't match in CCM");
-        }
-
-        out.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(N));
-
-        byte[] dec = out.doFinal(C);
-        if (!areEqual(dec, P))
-        {
-            fail("plaintext doesn't match in CCM");
-        }
-
-        try
-        {
-            in = Cipher.getInstance("AES/CCM/PKCS5Padding", "BC");
-
-            fail("bad padding missed in CCM");
-        }
-        catch (NoSuchPaddingException e)
-        {
-            // expected
-        }
-    }
-
-    private void gcmTest()
-        throws Exception
-    {
-        // Test Case 15 from McGrew/Viega
-        byte[] K = Hex.decode(
-              "feffe9928665731c6d6a8f9467308308"
-            + "feffe9928665731c6d6a8f9467308308");
-        byte[] P = Hex.decode(
-              "d9313225f88406e5a55909c5aff5269a"
-            + "86a7a9531534f7da2e4c303d8a318a72"
-            + "1c3c0c95956809532fcf0e2449a6b525"
-            + "b16aedf5aa0de657ba637b391aafd255");
-        byte[] N = Hex.decode("cafebabefacedbaddecaf888");
-        String T = "b094dac5d93471bdec1a502270e3cc6c";
-        byte[] C = Hex.decode(
-              "522dc1f099567d07f47f37a32a84427d"
-            + "643a8cdcbfe5c0c97598a2bd2555d1aa"
-            + "8cb08e48590dbb3da7b08b1056828838"
-            + "c5f61e6393ba7a0abcc9f662898015ad"
-            + T);
-
-        Key                     key;
-        Cipher                  in, out;
-
-        key = new SecretKeySpec(K, "AES");
-
-        in = Cipher.getInstance("AES/GCM/NoPadding", "BC");
-        out = Cipher.getInstance("AES/GCM/NoPadding", "BC");
-
-        in.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(N));
-
-        byte[] enc = in.doFinal(P);
-        if (!areEqual(enc, C))
-        {
-            fail("ciphertext doesn't match in GCM");
-        }
-
-        out.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(N));
-
-        byte[] dec = out.doFinal(C);
-        if (!areEqual(dec, P))
-        {
-            fail("plaintext doesn't match in GCM");
-        }
-
-        try
-        {
-            in = Cipher.getInstance("AES/GCM/PKCS5Padding", "BC");
-    
-            fail("bad padding missed in GCM");
-        }
-        catch (NoSuchPaddingException e)
-        {
-            // expected
-        }
-
-
-        // reuse test
-        in = Cipher.getInstance("AES/GCM/NoPadding", "BC");
-        
-        in.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(N));
-
-        enc = in.doFinal(P);
-
-        try
-        {
-            in.doFinal(P);
-            fail("no exception on reuse");
-        }
-        catch (IllegalStateException e)
-        {
-            isTrue("wrong message", e.getMessage().equals("GCM cipher cannot be reused for encryption"));
-        }
-
-        try
-        {
-            in.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(N));
-            fail("no exception on reuse");
-        }
-        catch (InvalidKeyException e)
-        {
-            isTrue("wrong message", e.getMessage().equals("cannot reuse nonce for GCM encryption"));
-        }
-    }
-
-    private void ocbTest()
-        throws Exception
-    {
-        byte[] K = Hex.decode(
-              "000102030405060708090A0B0C0D0E0F");
-        byte[] P = Hex.decode(
-              "000102030405060708090A0B0C0D0E0F");
-        byte[] N = Hex.decode("000102030405060708090A0B");
-        String T = "4CBB3E4BD6B456AF";
-        byte[] C = Hex.decode(
-            "BEA5E8798DBE7110031C144DA0B2612213CC8B747807121A" + T);
-
-        Key                     key;
-        Cipher                  in, out;
-
-        key = new SecretKeySpec(K, "AES");
-
-        in = Cipher.getInstance("AES/OCB/NoPadding", "BC");
-        out = Cipher.getInstance("AES/OCB/NoPadding", "BC");
-
-        in.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(N));
-
-        byte[] enc = in.doFinal(P);
-        if (!areEqual(enc, C))
-        {
-            fail("ciphertext doesn't match in OCB");
-        }
-
-        out.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(N));
-
-        byte[] dec = out.doFinal(C);
-        if (!areEqual(dec, P))
-        {
-            fail("plaintext doesn't match in OCB");
-        }
-
-        try
-        {
-            in = Cipher.getInstance("AES/OCB/PKCS5Padding", "BC");
-
-            fail("bad padding missed in OCB");
-        }
-        catch (NoSuchPaddingException e)
-        {
-            // expected
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        for (int i = 0; i != cipherTests.length; i += 4)
-        {
-            test(Integer.parseInt(cipherTests[i]), 
-                            Hex.decode(cipherTests[i + 1]),
-                            Hex.decode(cipherTests[i + 2]),
-                            Hex.decode(cipherTests[i + 3]));
-        }
-
-        byte[]  kek1 = Hex.decode("000102030405060708090a0b0c0d0e0f");
-        byte[]  in1 = Hex.decode("00112233445566778899aabbccddeeff");
-        byte[]  out1 = Hex.decode("1fa68b0a8112b447aef34bd8fb5a7b829d3e862371d2cfe5");
-        
-        wrapTest(1, "AESWrap", kek1, in1, out1);
-
-        byte[]  kek2 = Hex.decode("000102030405060708090a0b0c0d0e0f");
-        byte[]  in2 = Hex.decode("00112233445566778899aabbccddeeff");
-        byte[]  out2 = Hex.decode("7c8798dfc802553b3f00bb4315e3a087322725c92398b9c112c74d0925c63b61");
-
-        wrapTest(2, "AESRFC3211WRAP", kek2,  kek2, new FixedSecureRandom(Hex.decode("9688df2af1b7b1ac9688df2a")), in2, out2);
-
-        byte[] kek3 = Hex.decode("5840df6e29b02af1ab493b705bf16ea1ae8338f4dcc176a8");
-        byte[] in3 = Hex.decode("c37b7e6492584340bed12207808941155068f738");
-        byte[] out3 = Hex.decode("138bdeaa9b8fa7fc61f97742e72248ee5ae6ae5360d1ae6a5f54f373fa543b6a");
-
-        wrapTest(3, "AESRFC5649WRAP", kek3, in3, out3);
-
-        String[] oids = {
-                NISTObjectIdentifiers.id_aes128_ECB.getId(),
-                NISTObjectIdentifiers.id_aes128_CBC.getId(),
-                NISTObjectIdentifiers.id_aes128_OFB.getId(),
-                NISTObjectIdentifiers.id_aes128_CFB.getId(),
-                NISTObjectIdentifiers.id_aes192_ECB.getId(),
-                NISTObjectIdentifiers.id_aes192_CBC.getId(),
-                NISTObjectIdentifiers.id_aes192_OFB.getId(),
-                NISTObjectIdentifiers.id_aes192_CFB.getId(),
-                NISTObjectIdentifiers.id_aes256_ECB.getId(),
-                NISTObjectIdentifiers.id_aes256_CBC.getId(),
-                NISTObjectIdentifiers.id_aes256_OFB.getId(),
-                NISTObjectIdentifiers.id_aes256_CFB.getId()
-        };
-
-        String[] names = {
-                "AES/ECB/PKCS7Padding",
-                "AES/CBC/PKCS7Padding",
-                "AES/OFB/NoPadding",
-                "AES/CFB/NoPadding",
-                "AES/ECB/PKCS7Padding",
-                "AES/CBC/PKCS7Padding",
-                "AES/OFB/NoPadding",
-                "AES/CFB/NoPadding",
-                "AES/ECB/PKCS7Padding",
-                "AES/CBC/PKCS7Padding",
-                "AES/OFB/NoPadding",
-                "AES/CFB/NoPadding"
-        };
-
-        oidTest(oids, names, 4);
-
-
-        String[] wrapOids = {
-            NISTObjectIdentifiers.id_aes128_wrap.getId(),
-            NISTObjectIdentifiers.id_aes192_wrap.getId(),
-            NISTObjectIdentifiers.id_aes256_wrap.getId(),
-        };
-
-        wrapOidTest(wrapOids, "AESWrap");
-
-        wrapOids = new String[] {
-                NISTObjectIdentifiers.id_aes128_wrap_pad.getId(),
-                NISTObjectIdentifiers.id_aes192_wrap_pad.getId(),
-                NISTObjectIdentifiers.id_aes256_wrap_pad.getId()
-        };
-
-        wrapOidTest(wrapOids, "AESWrapPad");
-
-        eaxTest();
-        ccmTest();
-        gcmTest();
-        ocbTest();
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new AESTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/ARIATest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/ARIATest.java
deleted file mode 100644
index c49691e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/ARIATest.java
+++ /dev/null

@@ -1,427 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.DataInputStream;
-import java.io.IOException;
-import java.security.Key;
-import java.security.Security;
-
-import javax.crypto.Cipher;
-import javax.crypto.CipherInputStream;
-import javax.crypto.CipherOutputStream;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.asn1.nsri.NSRIObjectIdentifiers;
-import org.bouncycastle.crypto.prng.FixedSecureRandom;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.encoders.Hex;
-
-/**
- * basic test class for the ARIA cipher vectors from FIPS-197
- */
-public class ARIATest
-    extends BaseBlockCipherTest
-{
-    static String[] cipherTests =
-    {
-            "128",
-            "000102030405060708090a0b0c0d0e0f",
-            "00112233445566778899aabbccddeeff",
-            "d718fbd6ab644c739da95f3be6451778",
-            "192",
-            "000102030405060708090a0b0c0d0e0f1011121314151617",
-            "00112233445566778899aabbccddeeff",
-            "26449c1805dbe7aa25a468ce263a9e79",
-            "256",
-            "000102030405060708090a0b0c0d0e0f101112131415161718191a1b1c1d1e1f",
-            "00112233445566778899aabbccddeeff",
-            "f92bd7c79fb72e2f2b8f80c1972d24fc"
-    };
-
-    public ARIATest()
-    {
-        super("ARIA");
-    }
-
-    private void test(
-        int         strength,
-        byte[]      keyBytes,
-        byte[]      input,
-        byte[]      output)
-        throws Exception
-    {
-        Key                     key;
-        Cipher                  in, out;
-        CipherInputStream       cIn;
-        CipherOutputStream      cOut;
-        ByteArrayInputStream    bIn;
-        ByteArrayOutputStream   bOut;
-
-        key = new SecretKeySpec(keyBytes, "ARIA");
-
-        in = Cipher.getInstance("ARIA/ECB/NoPadding", "BC");
-        out = Cipher.getInstance("ARIA/ECB/NoPadding", "BC");
-        
-        try
-        {
-            out.init(Cipher.ENCRYPT_MODE, key);
-        }
-        catch (Exception e)
-        {
-            fail("ARIA failed initialisation - " + e.toString(), e);
-        }
-
-        try
-        {
-            in.init(Cipher.DECRYPT_MODE, key);
-        }
-        catch (Exception e)
-        {
-            fail("ARIA failed initialisation - " + e.toString(), e);
-        }
-
-        //
-        // encryption pass
-        //
-        bOut = new ByteArrayOutputStream();
-
-        cOut = new CipherOutputStream(bOut, out);
-
-        try
-        {
-            for (int i = 0; i != input.length / 2; i++)
-            {
-                cOut.write(input[i]);
-            }
-            cOut.write(input, input.length / 2, input.length - input.length / 2);
-            cOut.close();
-        }
-        catch (IOException e)
-        {
-            fail("ARIA failed encryption - " + e.toString(), e);
-        }
-
-        byte[]    bytes;
-
-        bytes = bOut.toByteArray();
-
-        if (!areEqual(bytes, output))
-        {
-            fail("ARIA failed encryption - expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(bytes)));
-        }
-
-        //
-        // decryption pass
-        //
-        bIn = new ByteArrayInputStream(bytes);
-
-        cIn = new CipherInputStream(bIn, in);
-
-        try
-        {
-            DataInputStream dIn = new DataInputStream(cIn);
-
-            bytes = new byte[input.length];
-
-            for (int i = 0; i != input.length / 2; i++)
-            {
-                bytes[i] = (byte)dIn.read();
-            }
-            dIn.readFully(bytes, input.length / 2, bytes.length - input.length / 2);
-        }
-        catch (Exception e)
-        {
-            fail("ARIA failed encryption - " + e.toString(), e);
-        }
-
-        if (!areEqual(bytes, input))
-        {
-            fail("ARIA failed decryption - expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(bytes)));
-        }
-    }
-
-    private void eaxTest()
-        throws Exception
-    {
-        byte[] K = Hex.decode("233952DEE4D5ED5F9B9C6D6FF80FF478");
-        byte[] N = Hex.decode("62EC67F9C3A4A407FCB2A8C49031A8B3");
-        byte[] P = Hex.decode("68656c6c6f20776f726c642121");
-        byte[] C = Hex.decode("85fe63d6cfb872d2420e65425c074dfad6fe752e03");
-
-        Key                     key;
-        Cipher                  in, out;
-
-        key = new SecretKeySpec(K, "ARIA");
-
-        in = Cipher.getInstance("ARIA/EAX/NoPadding", "BC");
-        out = Cipher.getInstance("ARIA/EAX/NoPadding", "BC");
-
-        in.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(N));
-
-        byte[] enc = in.doFinal(P);
-        if (!areEqual(enc, C))
-        {
-            fail("ciphertext doesn't match in EAX: " + Hex.toHexString(enc));
-        }
-
-        out.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(N));
-
-        byte[] dec = out.doFinal(C);
-        if (!areEqual(dec, P))
-        {
-            fail("plaintext doesn't match in EAX");
-        }
-
-        try
-        {
-            in = Cipher.getInstance("ARIA/EAX/PKCS5Padding", "BC");
-
-            fail("bad padding missed in EAX");
-        }
-        catch (NoSuchPaddingException e)
-        {
-            // expected
-        }
-    }
-
-    private void ccmTest()
-        throws Exception
-    {
-        byte[] K = Hex.decode("404142434445464748494a4b4c4d4e4f");
-        byte[] N = Hex.decode("10111213141516");
-        byte[] P = Hex.decode("68656c6c6f20776f726c642121");
-        byte[] C = Hex.decode("0af625ff69cd9dbe65fae181d654717eb7a0263bcd");
-
-        Key                     key;
-        Cipher                  in, out;
-
-        key = new SecretKeySpec(K, "ARIA");
-
-        in = Cipher.getInstance("ARIA/CCM/NoPadding", "BC");
-        out = Cipher.getInstance("ARIA/CCM/NoPadding", "BC");
-
-        in.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(N));
-
-        byte[] enc = in.doFinal(P);
-        if (!areEqual(enc, C))
-        {
-            fail("ciphertext doesn't match in CCM: " + Hex.toHexString(enc));
-        }
-
-        out.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(N));
-
-        byte[] dec = out.doFinal(C);
-        if (!areEqual(dec, P))
-        {
-            fail("plaintext doesn't match in CCM");
-        }
-
-        try
-        {
-            in = Cipher.getInstance("ARIA/CCM/PKCS5Padding", "BC");
-
-            fail("bad padding missed in CCM");
-        }
-        catch (NoSuchPaddingException e)
-        {
-            // expected
-        }
-    }
-
-    private void gcmTest()
-        throws Exception
-    {
-        // Test Case 15 from McGrew/Viega
-        byte[] K = Hex.decode(
-              "feffe9928665731c6d6a8f9467308308"
-            + "feffe9928665731c6d6a8f9467308308");
-        byte[] P = Hex.decode(
-              "d9313225f88406e5a55909c5aff5269a"
-            + "86a7a9531534f7da2e4c303d8a318a72"
-            + "1c3c0c95956809532fcf0e2449a6b525"
-            + "b16aedf5aa0de657ba637b391aafd255");
-        byte[] N = Hex.decode("cafebabefacedbaddecaf888");
-        String T = "c8f245c8619ca9ba7d6d9545e7f48214";
-        byte[] C = Hex.decode(             
-              "c3aa0e01a4f8b5dfdb25d0f1c78c275e516114080e2be7a7f7bffd4504b19a8552f80ad5b55f3d911725489629996d398d5ed6f077e22924c5b8ebe20a219693"
-            + T);
-
-        Key                     key;
-        Cipher                  in, out;
-
-        key = new SecretKeySpec(K, "ARIA");
-
-        in = Cipher.getInstance("ARIA/GCM/NoPadding", "BC");
-        out = Cipher.getInstance("ARIA/GCM/NoPadding", "BC");
-
-        in.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(N));
-
-        byte[] enc = in.doFinal(P);
-        if (!areEqual(enc, C))
-        {
-            fail("ciphertext doesn't match in GCM: " + Hex.toHexString(enc));
-        }
-
-        out.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(N));
-
-        byte[] dec = out.doFinal(C);
-        if (!areEqual(dec, P))
-        {
-            fail("plaintext doesn't match in GCM");
-        }
-
-        try
-        {
-            in = Cipher.getInstance("ARIA/GCM/PKCS5Padding", "BC");
-    
-            fail("bad padding missed in GCM");
-        }
-        catch (NoSuchPaddingException e)
-        {
-            // expected
-        }
-    }
-
-    private void ocbTest()
-        throws Exception
-    {
-        byte[] K = Hex.decode(
-              "000102030405060708090A0B0C0D0E0F");
-        byte[] P = Hex.decode(
-              "000102030405060708090A0B0C0D0E0F");
-        byte[] N = Hex.decode("000102030405060708090A0B");
-        String T = "0027ce4f3aaeec75";
-        byte[] C = Hex.decode(
-            "7bcae9eac9f1f54704a630e309099a87f53a1c1559de1b3b" + T);
-
-        Key                     key;
-        Cipher                  in, out;
-
-        key = new SecretKeySpec(K, "ARIA");
-
-        in = Cipher.getInstance("ARIA/OCB/NoPadding", "BC");
-        out = Cipher.getInstance("ARIA/OCB/NoPadding", "BC");
-
-        in.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(N));
-
-        byte[] enc = in.doFinal(P);
-        if (!areEqual(enc, C))
-        {
-            fail("ciphertext doesn't match in OCB: " + Hex.toHexString(enc));
-        }
-
-        out.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(N));
-
-        byte[] dec = out.doFinal(C);
-        if (!areEqual(dec, P))
-        {
-            fail("plaintext doesn't match in OCB");
-        }
-
-        try
-        {
-            in = Cipher.getInstance("ARIA/OCB/PKCS5Padding", "BC");
-
-            fail("bad padding missed in OCB");
-        }
-        catch (NoSuchPaddingException e)
-        {
-            // expected
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        for (int i = 0; i != cipherTests.length; i += 4)
-        {
-            test(Integer.parseInt(cipherTests[i]), 
-                            Hex.decode(cipherTests[i + 1]),
-                            Hex.decode(cipherTests[i + 2]),
-                            Hex.decode(cipherTests[i + 3]));
-        }
-
-        byte[]  kek1 = Hex.decode("000102030405060708090a0b0c0d0e0f");
-        byte[]  in1 = Hex.decode("00112233445566778899aabbccddeeff");
-        byte[]  out1 = Hex.decode("a93f148d4909d85f1aae656909879275ae597b3acf9d60db");
-        
-        wrapTest(1, "ARIAWrap", kek1, in1, out1);
-
-        byte[]  kek2 = Hex.decode("000102030405060708090a0b0c0d0e0f");
-        byte[]  in2 = Hex.decode("00112233445566778899aabbccddeeff");
-        byte[]  out2 = Hex.decode("9b2d3cac0acf9d4bde7c1bdb0313fbef931f025acc77bf57d3d1cabc88b514d0");
-
-        wrapTest(2, "ARIARFC3211WRAP", kek2,  kek2, new FixedSecureRandom(Hex.decode("9688df2af1b7b1ac9688df2a")), in2, out2);
-
-        byte[]  kek3 = Hex.decode("000102030405060708090a0b0c0d0e0f");
-        byte[]  in3 = Hex.decode("00112233445566778899aabbccddeeff");
-        byte[]  out3 = Hex.decode("ac0e22699a036ced63adeb75f4946f82dc98ad8af43b24d5");
-
-        wrapTest(3, "ARIAWrapPad", kek3, in3, out3);
-
-        String[] oids = {
-                NSRIObjectIdentifiers.id_aria128_ecb.getId(),
-                NSRIObjectIdentifiers.id_aria128_cbc.getId(),
-                NSRIObjectIdentifiers.id_aria128_ofb.getId(),
-                NSRIObjectIdentifiers.id_aria128_cfb.getId(),
-                NSRIObjectIdentifiers.id_aria192_ecb.getId(),
-                NSRIObjectIdentifiers.id_aria192_cbc.getId(),
-                NSRIObjectIdentifiers.id_aria192_ofb.getId(),
-                NSRIObjectIdentifiers.id_aria192_cfb.getId(),
-                NSRIObjectIdentifiers.id_aria256_ecb.getId(),
-                NSRIObjectIdentifiers.id_aria256_cbc.getId(),
-                NSRIObjectIdentifiers.id_aria256_ofb.getId(),
-                NSRIObjectIdentifiers.id_aria256_cfb.getId()
-        };
-
-        String[] names = {
-                "ARIA/ECB/PKCS7Padding",
-                "ARIA/CBC/PKCS7Padding",
-                "ARIA/OFB/NoPadding",
-                "ARIA/CFB/NoPadding",
-                "ARIA/ECB/PKCS7Padding",
-                "ARIA/CBC/PKCS7Padding",
-                "ARIA/OFB/NoPadding",
-                "ARIA/CFB/NoPadding",
-                "ARIA/ECB/PKCS7Padding",
-                "ARIA/CBC/PKCS7Padding",
-                "ARIA/OFB/NoPadding",
-                "ARIA/CFB/NoPadding"
-        };
-
-        oidTest(oids, names, 4);
-
-
-        String[] wrapOids = {
-                NSRIObjectIdentifiers.id_aria128_kw.getId(),
-                NSRIObjectIdentifiers.id_aria192_kw.getId(),
-                NSRIObjectIdentifiers.id_aria256_kw.getId()
-        };
-
-        wrapOidTest(wrapOids, "ARIAWrap");
-
-        wrapOids = new String[] {
-                NSRIObjectIdentifiers.id_aria128_kwp.getId(),
-                NSRIObjectIdentifiers.id_aria192_kwp.getId(),
-                NSRIObjectIdentifiers.id_aria256_kwp.getId()
-        };
-
-        wrapOidTest(wrapOids, "ARIAWrapPad");
-
-        eaxTest();
-        ccmTest();
-        gcmTest();
-        ocbTest();
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new ARIATest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/AlgorithmParametersTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/AlgorithmParametersTest.java
deleted file mode 100644
index 217258a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/AlgorithmParametersTest.java
+++ /dev/null

@@ -1,128 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.IOException;
-import java.security.AlgorithmParameters;
-import java.security.Security;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.DSAParameterSpec;
-import java.security.spec.ECGenParameterSpec;
-import java.security.spec.InvalidParameterSpecException;
-
-import javax.crypto.spec.IvParameterSpec;
-
-import org.bouncycastle.asn1.sec.SECObjectIdentifiers;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class AlgorithmParametersTest
-    extends SimpleTest
-{
-    private byte[] dsaParams = Base64.decode(
-        "MIGcAkEAjfKklEkidqo9JXWbsGhpy+rA2Dr7jQz3y7gyTw14guXQdi/FtyEOr8Lprawyq3qsSWk9+/g3J"
-      + "MLsBzbuMcgCkQIVAMdzIYxzfsjumTtPLe0w9I7azpFfAkBP3Z9K7oNeZMXEXYpqvrMUgVdFjq4lnWJoV8"
-      + "Rwe+TERStHTkqSO7sp0lq7EEggVMcuXtarKNsxaJ+qyYv/n1t6");
-
-    private void basicTest(String algorithm, Class algorithmParameterSpec, byte[] asn1Encoded)
-        throws Exception
-    {
-        AlgorithmParameters alg = AlgorithmParameters.getInstance(algorithm, "BC");
-
-        alg.init(asn1Encoded);
-
-        try
-        {
-            alg.init(asn1Encoded);
-            fail("encoded re-initialization not detected");
-        }
-        catch (IOException e)
-        {
-            // expected already initialized
-        }
-
-        AlgorithmParameterSpec spec = alg.getParameterSpec(algorithmParameterSpec);
-
-        try
-        {
-            alg.init(spec);
-            fail("spec re-initialization not detected");
-        }
-        catch (InvalidParameterSpecException e)
-        {
-            // expected already initialized
-        }
-
-        // check default
-        spec = alg.getParameterSpec(AlgorithmParameterSpec.class);
-
-        try
-        {
-            spec = alg.getParameterSpec(IvParameterSpec.class);
-            fail("wrong spec not detected");
-        }
-        catch (InvalidParameterSpecException e)
-        {
-            // expected unknown object
-        }
-
-        try
-        {
-            spec = alg.getParameterSpec(null);
-            fail("null spec not detected");
-        }
-        catch (NullPointerException e)
-        {
-            // expected unknown object
-        }
-
-        alg = AlgorithmParameters.getInstance(algorithm, "BC");
-
-        alg.init(asn1Encoded, "ASN.1");
-
-        alg = AlgorithmParameters.getInstance(algorithm, "BC");
-
-        alg.init(asn1Encoded, null);
-
-        alg = AlgorithmParameters.getInstance(algorithm, "BC");
-
-        try
-        {
-            alg.init(asn1Encoded, "FRED");
-            fail("unknown spec not detected");
-        }
-        catch (IOException e)
-        {
-            // expected already initialized
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        basicTest("DSA", DSAParameterSpec.class, dsaParams);
-
-        AlgorithmParameters al = AlgorithmParameters.getInstance("EC", "BC");
-
-        al.init(new ECGenParameterSpec(SECObjectIdentifiers.secp256r1.getId()));
-
-        if (!Arrays.areEqual(Hex.decode("06082a8648ce3d030107"), al.getEncoded()))
-        {
-             fail("EC param test failed");
-        }
-    }
-
-    public String getName()
-    {
-        return "AlgorithmParameters";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new AlgorithmParametersTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/AllTests.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/AllTests.java
deleted file mode 100644
index 15e9fbd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/AllTests.java
+++ /dev/null

@@ -1,71 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.security.Security;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.test.SimpleTestResult;
-
-public class AllTests
-    extends TestCase
-{
-    public static void main (String[] args)
-    {
-        junit.textui.TestRunner.run(suite());
-    }
-    
-    public static Test suite()
-    {
-        TestSuite suite = new TestSuite("JCE Tests");
-
-        suite.addTestSuite(SimpleTestTest.class);
-        
-        return new BCTestSetup(suite);
-    }
-
-    public static class SimpleTestTest
-       extends TestCase
-    {
-        public void testJCE()
-        {
-            org.bouncycastle.util.test.Test[] tests = RegressionTest.tests;
-
-            for (int i = 0; i != tests.length; i++)
-            {
-                SimpleTestResult  result = (SimpleTestResult)tests[i].perform();
-
-                if (!result.isSuccessful())
-                {
-                    if (result.getException() != null)
-                    {
-                        result.getException().printStackTrace();
-                    }
-                    fail(result.toString());
-                }
-            }
-        }
-    }
-
-    static class BCTestSetup
-        extends TestSetup
-    {
-        public BCTestSetup(Test test)
-        {
-            super(test);
-        }
-
-        protected void setUp()
-        {
-            Security.addProvider(new BouncyCastleProvider());
-        }
-
-        protected void tearDown()
-        {
-            Security.removeProvider("BC");
-        }
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/AttrCertData.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/AttrCertData.java
deleted file mode 100644
index 3e49657..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/AttrCertData.java
+++ /dev/null

@@ -1,119 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.math.BigInteger;
-import java.security.spec.RSAPrivateCrtKeySpec;
-
-import org.bouncycastle.util.encoders.Base64;
-
-public class AttrCertData
-{
-    private static final RSAPrivateCrtKeySpec RSA_PRIVATE_KEY_SPEC = new RSAPrivateCrtKeySpec(
-                new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-                new BigInteger("11", 16),
-                new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
-                new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
-                new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
-                new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
-                new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
-                new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));
-
-    public static byte[]  attrCert = Base64.decode(
-            "MIIHQDCCBqkCAQEwgZChgY2kgYowgYcxHDAaBgkqhkiG9w0BCQEWDW1sb3JjaEB2"
-          + "dC5lZHUxHjAcBgNVBAMTFU1hcmt1cyBMb3JjaCAobWxvcmNoKTEbMBkGA1UECxMS"
-          + "VmlyZ2luaWEgVGVjaCBVc2VyMRAwDgYDVQQLEwdDbGFzcyAyMQswCQYDVQQKEwJ2"
-          + "dDELMAkGA1UEBhMCVVMwgYmkgYYwgYMxGzAZBgkqhkiG9w0BCQEWDHNzaGFoQHZ0"
-          + "LmVkdTEbMBkGA1UEAxMSU3VtaXQgU2hhaCAoc3NoYWgpMRswGQYDVQQLExJWaXJn"
-          + "aW5pYSBUZWNoIFVzZXIxEDAOBgNVBAsTB0NsYXNzIDExCzAJBgNVBAoTAnZ0MQsw"
-          + "CQYDVQQGEwJVUzANBgkqhkiG9w0BAQQFAAIBBTAiGA8yMDAzMDcxODE2MDgwMloY"
-          + "DzIwMDMwNzI1MTYwODAyWjCCBU0wggVJBgorBgEEAbRoCAEBMYIFORaCBTU8UnVs"
-          + "ZSBSdWxlSWQ9IkZpbGUtUHJpdmlsZWdlLVJ1bGUiIEVmZmVjdD0iUGVybWl0Ij4K"
-          + "IDxUYXJnZXQ+CiAgPFN1YmplY3RzPgogICA8U3ViamVjdD4KICAgIDxTdWJqZWN0"
-          + "TWF0Y2ggTWF0Y2hJZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjEuMDpmdW5j"
-          + "dGlvbjpzdHJpbmctZXF1YWwiPgogICAgIDxBdHRyaWJ1dGVWYWx1ZSBEYXRhVHlw"
-          + "ZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjc3RyaW5nIj4KICAg"
-          + "ICAgIENOPU1hcmt1cyBMb3JjaDwvQXR0cmlidXRlVmFsdWU+CiAgICAgPFN1Ympl"
-          + "Y3RBdHRyaWJ1dGVEZXNpZ25hdG9yIEF0dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFt"
-          + "ZXM6dGM6eGFjbWw6MS4wOnN1YmplY3Q6c3ViamVjdC1pZCIgRGF0YVR5cGU9Imh0"
-          + "dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hI3N0cmluZyIgLz4gCiAgICA8"
-          + "L1N1YmplY3RNYXRjaD4KICAgPC9TdWJqZWN0PgogIDwvU3ViamVjdHM+CiAgPFJl"
-          + "c291cmNlcz4KICAgPFJlc291cmNlPgogICAgPFJlc291cmNlTWF0Y2ggTWF0Y2hJ"
-          + "ZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjEuMDpmdW5jdGlvbjpzdHJpbmct"
-          + "ZXF1YWwiPgogICAgIDxBdHRyaWJ1dGVWYWx1ZSBEYXRhVHlwZT0iaHR0cDovL3d3"
-          + "dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjYW55VVJJIj4KICAgICAgaHR0cDovL3p1"
-          + "bmkuY3MudnQuZWR1PC9BdHRyaWJ1dGVWYWx1ZT4KICAgICA8UmVzb3VyY2VBdHRy"
-          + "aWJ1dGVEZXNpZ25hdG9yIEF0dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFtZXM6dGM6"
-          + "eGFjbWw6MS4wOnJlc291cmNlOnJlc291cmNlLWlkIiBEYXRhVHlwZT0iaHR0cDov"
-          + "L3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjYW55VVJJIiAvPiAKICAgIDwvUmVz"
-          + "b3VyY2VNYXRjaD4KICAgPC9SZXNvdXJjZT4KICA8L1Jlc291cmNlcz4KICA8QWN0"
-          + "aW9ucz4KICAgPEFjdGlvbj4KICAgIDxBY3Rpb25NYXRjaCBNYXRjaElkPSJ1cm46"
-          + "b2FzaXM6bmFtZXM6dGM6eGFjbWw6MS4wOmZ1bmN0aW9uOnN0cmluZy1lcXVhbCI+"
-          + "CiAgICAgPEF0dHJpYnV0ZVZhbHVlIERhdGFUeXBlPSJodHRwOi8vd3d3LnczLm9y"
-          + "Zy8yMDAxL1hNTFNjaGVtYSNzdHJpbmciPgpEZWxlZ2F0ZSBBY2Nlc3MgICAgIDwv"
-          + "QXR0cmlidXRlVmFsdWU+CgkgIDxBY3Rpb25BdHRyaWJ1dGVEZXNpZ25hdG9yIEF0"
-          + "dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFtZXM6dGM6eGFjbWw6MS4wOmFjdGlvbjph"
-          + "Y3Rpb24taWQiIERhdGFUeXBlPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNj"
-          + "aGVtYSNzdHJpbmciIC8+IAogICAgPC9BY3Rpb25NYXRjaD4KICAgPC9BY3Rpb24+"
-          + "CiAgPC9BY3Rpb25zPgogPC9UYXJnZXQ+CjwvUnVsZT4KMA0GCSqGSIb3DQEBBAUA"
-          + "A4GBAGiJSM48XsY90HlYxGmGVSmNR6ZW2As+bot3KAfiCIkUIOAqhcphBS23egTr"
-          + "6asYwy151HshbPNYz+Cgeqs45KkVzh7bL/0e1r8sDVIaaGIkjHK3CqBABnfSayr3"
-          + "Rd1yBoDdEv8Qb+3eEPH6ab9021AsLEnJ6LWTmybbOpMNZ3tv");
-
-    byte[]  signCert = Base64.decode(
-            "MIIGjTCCBXWgAwIBAgICAPswDQYJKoZIhvcNAQEEBQAwaTEdMBsGCSqGSIb3DQEJ"
-          + "ARYOaXJtaGVscEB2dC5lZHUxLjAsBgNVBAMTJVZpcmdpbmlhIFRlY2ggQ2VydGlm"
-          + "aWNhdGlvbiBBdXRob3JpdHkxCzAJBgNVBAoTAnZ0MQswCQYDVQQGEwJVUzAeFw0w"
-          + "MzAxMzExMzUyMTRaFw0wNDAxMzExMzUyMTRaMIGDMRswGQYJKoZIhvcNAQkBFgxz"
-          + "c2hhaEB2dC5lZHUxGzAZBgNVBAMTElN1bWl0IFNoYWggKHNzaGFoKTEbMBkGA1UE"
-          + "CxMSVmlyZ2luaWEgVGVjaCBVc2VyMRAwDgYDVQQLEwdDbGFzcyAxMQswCQYDVQQK"
-          + "EwJ2dDELMAkGA1UEBhMCVVMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAPDc"
-          + "scgSKmsEp0VegFkuitD5j5PUkDuzLjlfaYONt2SN8WeqU4j2qtlCnsipa128cyKS"
-          + "JzYe9duUdNxquh5BPIkMkHBw4jHoQA33tk0J/sydWdN74/AHPpPieK5GHwhU7GTG"
-          + "rCCS1PJRxjXqse79ExAlul+gjQwHeldAC+d4A6oZAgMBAAGjggOmMIIDojAMBgNV"
-          + "HRMBAf8EAjAAMBEGCWCGSAGG+EIBAQQEAwIFoDAOBgNVHQ8BAf8EBAMCA/gwHQYD"
-          + "VR0lBBYwFAYIKwYBBQUHAwIGCCsGAQUFBwMEMB0GA1UdDgQWBBRUIoWAzlXbzBYE"
-          + "yVTjQFWyMMKo1jCBkwYDVR0jBIGLMIGIgBTgc3Fm+TGqKDhen+oKfbl+xVbj2KFt"
-          + "pGswaTEdMBsGCSqGSIb3DQEJARYOaXJtaGVscEB2dC5lZHUxLjAsBgNVBAMTJVZp"
-          + "cmdpbmlhIFRlY2ggQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxCzAJBgNVBAoTAnZ0"
-          + "MQswCQYDVQQGEwJVU4IBADCBiwYJYIZIAYb4QgENBH4WfFZpcmdpbmlhIFRlY2gg"
-          + "Q2VydGlmaWNhdGlvbiBBdXRob3JpdHkgZGlnaXRhbCBjZXJ0aWZpY2F0ZXMgYXJl"
-          + "IHN1YmplY3QgdG8gcG9saWNpZXMgbG9jYXRlZCBhdCBodHRwOi8vd3d3LnBraS52"
-          + "dC5lZHUvY2EvY3BzLy4wFwYDVR0RBBAwDoEMc3NoYWhAdnQuZWR1MBkGA1UdEgQS"
-          + "MBCBDmlybWhlbHBAdnQuZWR1MEMGCCsGAQUFBwEBBDcwNTAzBggrBgEFBQcwAoYn"
-          + "aHR0cDovL2JveDE3Ny5jYy52dC5lZHUvY2EvaXNzdWVycy5odG1sMEQGA1UdHwQ9"
-          + "MDswOaA3oDWGM2h0dHA6Ly9ib3gxNzcuY2MudnQuZWR1L2h0ZG9jcy1wdWJsaWMv"
-          + "Y3JsL2NhY3JsLmNybDBUBgNVHSAETTBLMA0GCysGAQQBtGgFAQEBMDoGCysGAQQB"
-          + "tGgFAQEBMCswKQYIKwYBBQUHAgEWHWh0dHA6Ly93d3cucGtpLnZ0LmVkdS9jYS9j"
-          + "cHMvMD8GCWCGSAGG+EIBBAQyFjBodHRwOi8vYm94MTc3LmNjLnZ0LmVkdS9jZ2kt"
-          + "cHVibGljL2NoZWNrX3Jldl9jYT8wPAYJYIZIAYb4QgEDBC8WLWh0dHA6Ly9ib3gx"
-          + "NzcuY2MudnQuZWR1L2NnaS1wdWJsaWMvY2hlY2tfcmV2PzBLBglghkgBhvhCAQcE"
-          + "PhY8aHR0cHM6Ly9ib3gxNzcuY2MudnQuZWR1L35PcGVuQ0E4LjAxMDYzMC9jZ2kt"
-          + "cHVibGljL3JlbmV3YWw/MCwGCWCGSAGG+EIBCAQfFh1odHRwOi8vd3d3LnBraS52"
-          + "dC5lZHUvY2EvY3BzLzANBgkqhkiG9w0BAQQFAAOCAQEAHJ2ls9yjpZVcu5DqiE67"
-          + "r7BfkdMnm7IOj2v8cd4EAlPp6OPBmjwDMwvKRBb/P733kLBqFNWXWKTpT008R0KB"
-          + "8kehbx4h0UPz9vp31zhGv169+5iReQUUQSIwTGNWGLzrT8kPdvxiSAvdAJxcbRBm"
-          + "KzDic5I8PoGe48kSCkPpT1oNmnivmcu5j1SMvlx0IS2BkFMksr0OHiAW1elSnE/N"
-          + "RuX2k73b3FucwVxB3NRo3vgoHPCTnh9r4qItAHdxFlF+pPtbw2oHESKRfMRfOIHz"
-          + "CLQWSIa6Tvg4NIV3RRJ0sbCObesyg08lymalQMdkXwtRn5eGE00SHWwEUjSXP2gR"
-          + "3g==");
-
-    static byte[] certWithBaseCertificateID = Base64.decode(
-            "MIIBqzCCARQCAQEwSKBGMD6kPDA6MQswCQYDVQQGEwJJVDEOMAwGA1UEChMFVU5JVE4xDDAKBgNV"
-          + "BAsTA0RJVDENMAsGA1UEAxMEcm9vdAIEAVMVjqB6MHikdjB0MQswCQYDVQQGEwJBVTEoMCYGA1UE"
-          + "ChMfVGhlIExlZ2lvbiBvZiB0aGUgQm91bmN5IENhc3RsZTEjMCEGA1UECxMaQm91bmN5IFByaW1h"
-          + "cnkgQ2VydGlmaWNhdGUxFjAUBgNVBAMTDUJvdW5jeSBDYXN0bGUwDQYJKoZIhvcNAQEFBQACBQKW"
-          + "RhnHMCIYDzIwMDUxMjEyMTIwMDQyWhgPMjAwNTEyMTkxMjAxMzJaMA8wDQYDVRhIMQaBBGVWSVAw"
-          + "DQYJKoZIhvcNAQEFBQADgYEAUAVin9StDaA+InxtXq/av6rUQLI9p1X6louBcj4kYJnxRvTrHpsr"
-          + "N3+i9Uq/uk5lRdAqmPFvcmSbuE3TRAsjrXON5uFiBBKZ1AouLqcr8nHbwcdwjJ9TyUNO9I4hfpSH"
-          + "UHHXMtBKgp4MOkhhX8xTGyWg3hp23d3GaUeg/IYlXBI=");
-    
-    byte[] holderCertWithBaseCertificateID = Base64.decode(
-            "MIIBwDCCASmgAwIBAgIEAVMVjjANBgkqhkiG9w0BAQUFADA6MQswCQYDVQQGEwJJVDEOMAwGA1UE"
-          + "ChMFVU5JVE4xDDAKBgNVBAsTA0RJVDENMAsGA1UEAxMEcm9vdDAeFw0wNTExMTExMjAxMzJaFw0w"
-          + "NjA2MTYxMjAxMzJaMD4xCzAJBgNVBAYTAklUMQ4wDAYDVQQKEwVVTklUTjEMMAoGA1UECxMDRElU"
-          + "MREwDwYDVQQDEwhMdWNhQm9yejBaMA0GCSqGSIb3DQEBAQUAA0kAMEYCQQC0p+RhcFdPFqlwgrIr"
-          + "5YtqKmKXmEGb4ShypL26Ymz66ZAPdqv7EhOdzl3lZWT6srZUMWWgQMYGiHQg4z2R7X7XAgERoxUw"
-          + "EzARBglghkgBhvhCAQEEBAMCBDAwDQYJKoZIhvcNAQEFBQADgYEAsX50VPQQCWmHvPq9y9DeCpmS"
-          + "4szcpFAhpZyn6gYRwY9CRZVtmZKH8713XhkGDWcIEMcG0u3oTz3tdKgPU5uyIPrDEWr6w8ClUj4x"
-          + "5aVz5c2223+dVY7KES//JSB2bE/KCIchN3kAioQ4K8O3e0OL6oDVjsqKGw5bfahgKuSIk/Q=");
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/BCFKSStoreTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/BCFKSStoreTest.java
deleted file mode 100644
index 2df1e7f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/BCFKSStoreTest.java
+++ /dev/null

@@ -1,1560 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.math.BigInteger;
-import java.security.Key;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PrivateKey;
-import java.security.Security;
-import java.security.UnrecoverableKeyException;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-import java.security.interfaces.RSAPrivateCrtKey;
-import java.security.spec.ECGenParameterSpec;
-import java.security.spec.RSAPrivateCrtKeySpec;
-import java.util.Date;
-import java.util.Enumeration;
-import java.util.concurrent.atomic.AtomicBoolean;
-
-import javax.crypto.SecretKey;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.asn1.bc.EncryptedObjectStoreData;
-import org.bouncycastle.asn1.bc.ObjectStore;
-import org.bouncycastle.asn1.bc.ObjectStoreIntegrityCheck;
-import org.bouncycastle.asn1.bc.PbkdMacIntegrityCheck;
-import org.bouncycastle.asn1.misc.MiscObjectIdentifiers;
-import org.bouncycastle.asn1.misc.ScryptParams;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PBES2Parameters;
-import org.bouncycastle.asn1.pkcs.PBKDF2Params;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.util.PBKDF2Config;
-import org.bouncycastle.crypto.util.PBKDFConfig;
-import org.bouncycastle.crypto.util.ScryptConfig;
-import org.bouncycastle.jcajce.BCFKSLoadStoreParameter;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Exercise the  BCFKS KeyStore,
- */
-public class BCFKSStoreTest
-    extends SimpleTest
-{
-    private static byte[] trustedCertData = Base64.decode(
-        "MIIB/DCCAaagAwIBAgIBATANBgkqhkiG9w0BAQQFADCBhjELMAkGA1UEBhMCQVUxKDAmBgNVBAoMH1RoZSBMZWdpb24gb2YgdGhlIE" +
-            "JvdW5jeSBDYXN0bGUxEjAQBgNVBAcMCU1lbGJvdXJuZTERMA8GA1UECAwIVmljdG9yaWExJjAkBgkqhkiG9w0BCQEWF2lzc3VlckBi" +
-            "b3VuY3ljYXN0bGUub3JnMB4XDTE0MDIyODExMjcxMVoXDTE0MDQyOTExMjcxMVowgYcxCzAJBgNVBAYTAkFVMSgwJgYDVQQKDB9UaG" +
-            "UgTGVnaW9uIG9mIHRoZSBCb3VuY3kgQ2FzdGxlMRIwEAYDVQQHDAlNZWxib3VybmUxETAPBgNVBAgMCFZpY3RvcmlhMScwJQYJKoZI" +
-            "hvcNAQkBFhhzdWJqZWN0QGJvdW5jeWNhc3RsZS5vcmcwWjANBgkqhkiG9w0BAQEFAANJADBGAkEAtKfkYXBXTxapcIKyK+WLaipil5" +
-            "hBm+EocqS9umJs+umQD3ar+xITnc5d5WVk+rK2VDFloEDGBoh0IOM9ke1+1wIBETANBgkqhkiG9w0BAQQFAANBAJ/ZhfF21NykhbEY" +
-            "RQrAo/yRr9XfpmBTVUSlLJXYoNVVRT5u9SGQqmPNfHElrTvNMZQPC0ridDZtBWb6S2tg9/E=");
-
-    static char[] testPassword = {'h', 'e', 'l', 'l', 'o', ' ', 'w', 'o', 'r', 'l', 'd'};
-    static char[] invalidTestPassword = {'Y', 'e', 'l', 'l', 'o', ' ', 'w', 'o', 'r', 'l', 'd'};
-
-    static byte[] kwpKeyStore = Base64.decode(
-        "MIIJ/TCCCT8wgZUGCSqGSIb3DQEFDTCBhzBlBgkqhkiG9w0BBQwwWARAKXQjiKdsRc8lgCbMh8wLqjNPCiLcXVxArXA4/n6Y72G8jn" +
-            "jWUsXqvMQFmruTbQF6USSVaMgS1UlTbdLtu7yH9wIDAMgAAgEgMAwGCCqGSIb3DQILBQAwHgYJYIZIAWUDBAEvMBEEDJMoeNdAkcnM" +
-            "QjtxowIBCASCCKMU5dCIAkTb84CUiUGy4no3nGgVZL+2t4MNPKhMiL+2Xv7Ok9rucD2SMitzm+kxnkVU+aYGLVUrwEPFCvq5GWdnzO" +
-            "yjCd3XzTieySlfxhIxYMixGfz8NAvPu+P2LwtE+j2C4poHS7+MG22OXpxTTLGzWGuYusxb1zVLTujP6gSVGbtBikLxOXRiYXapZQzL" +
-            "32bOIKV/tHLv3JCKvIGyJAnTQBDlHQxVsm8fcYBhc101qc9vd3qMborJEZK3E+znJ++lI0yIb+WcZJ3PDI11Fzf22M1D6qtV8RELsL" +
-            "b5zfLheFLc4rJcY0YSja24se0tFvT7X9cSyrpvXdNDmzBlBThPdINsKPf3N6fO/9ibn/0QIJPY5bQc3SwbN8c7vboHOJzbWjq7n7Q7" +
-            "1ZkFeiYO/NIXKZ4/KN8sqlRLjvEy4BFnbGoufim+K1zpFGdUPbYpDkuzCkfQfiEaQ9Zt69p5w5e6qh04kgHue0Ac/0IsnRIFy78k4J" +
-            "lK5TlrB3exqpuISZEWP72WDa+0yTaRM6ecMfIqieDNQmpD9U3HpmdMgiWZXTpCTtM/3I62Bv7EkwcVccRP9z4QUcoGZy81EemQ4d3e" +
-            "OVfYgvgZBCsbSpf+V8HlsnApTbJubTY1wJQAA19h49E7l3VCxSmeNcUSSE68xJjdJPPAzU1v83+RkYUDPlRx1YsO77zYBSuOwJr0g4" +
-            "BDTfnyd1vZCM6APt9N7Z2MfALoSSg4EF68nr144GLAMZw4ZVjfUeZ+kF3mjTDPujOoyI3vDztA5ZFa0JCQpp8Yh0CuO+sGnWLh+7Tb" +
-            "irH2ifEscmNI++csUwDPSInjfGzv722JY6c9XzbaqDGqstpykwwUVN01IceolCvgeHZW7P0feDyqbpgmpdRxiGuBWshFEdcttXDSl9" +
-            "mQVEyYAMHQFVQKIx2RrFD7QPWZhITGqCvF44GNst/3962Au9oyGAY6rRQfN/HdF4+ygWjOS0t/50c1eAyBj1Rfk/M4sHBi8dKDjOpX" +
-            "QzqfqLqHjevxQPw1761q629iTagOO/3AIebbraD2qLqDHjmqUAW0ZVLkdS5n8zYyiqGsVeKok7SSDDKQfqwouPHJvRmKzHAK6bZDdr" +
-            "qMBqNfNcRghWHSH0jM4j8G1w3H2FQsNfBHqTb+kiFx1jEovKkf2HumctWwI5hqV2R2I23ThRNQbh6bdtFc8D3a8YnuXpUK+Tw/RTzM" +
-            "eGtUsVeakGOZDHh9AlxsdcLChY9xTLMzbpLfb6VAE9kpZ86Uwe60i+S4ropyIp5cwXizAgJPh1T51ZWTzEu+s8BDEAkXSDgxs1PFML" +
-            "Ha2pWnHPMNSs4VF6eeyK0Vj66m4LcQ0AgE35jAGxWQm31KbWI/h8EMxiC/tDJfMJ3UUKxYCRdbcneDBRc4E4cNmZVqajc8o9Fexr97" +
-            "GLQ6Is1HVoG65qtq6I9Wt6wmA/5i8ptG7bl7NrIzn3Fg0bMbwHEaKIoXrFHTM0EjwnOkVtQWBNDhnBa66IDJXMxJzXDB2uoMU/wX2y" +
-            "4dGpM+mgomJt0U3i29HqeihEQjHDc0hTJLkp2SJ2tKw3+VtoXUinV1W7tsG9TMj3F+XNSeiGFrcZpryi6+Fml3Tohg/FaiJQLpB9pL" +
-            "tzNd61ln1Q6RTHcOMChNocCRaagH6ntX5j8GcVp0auPfw8zyR5iNGueQdnV38Q6MhiGxlMQKC/gjBdKAHRI2q+31tGK8ZslHFxDee1" +
-            "fy3wtRZpLDwgecH74g4+1TYTLPj/PNeYRQicRCa1BbvI3zB1d8t+LKTg/f34MeEzdMpRT8fRb6vw/O1CRhtdl/0pBQ7RZQSrZFPdEr" +
-            "KPRv4/1IG46crTCw1/AOMTXKjPeaUeADjff7aLKizJHUSPr6sTRxoMWQeOYfBDnRiLDZ/XYvSDkjnzesa0hdQIIe/tHnqSZ23Jbi46" +
-            "bLD7Lhf3lfZzbEOqKXAlq0m/ooidubndc0K1xVex4M/T+M0mMPRwO0uICJM4EtivU9Fp5/12GXdvimGEhr/adGodf+JduhsUoIUiz5" +
-            "TghRV0dSuLtQkcD2d0GkfxgHkCBlhbS3WifMWLTa3lHWrCVyhdIf6m5UOtqfzj5CEEkwE+L6urNBo3D4zHUjm8XJekjI3xjGbQHjBo" +
-            "sr+BFHkwGNfTXXBHVqRE0L8lH6kSpLaCF5iMpU2NuAeaJ/xdS7LUXBtn4Zvi34PR3/akwMYIr4X+uDM0eB0KkOyyqSXZVPsT7uGMef" +
-            "wOHmbx1eHe22mR/q1r1iczDwOtXNYo8OB9jSsL3XWFdt4STxdA7kFEsAvK001x0pjrpTa/j/4ixjKhBGu8V/WVuBl0Hlicybtdl7xF" +
-            "CgoeF3FrAsn2Rw0EjVJm4uLpdEHGIVCWWTgadhZ9YyMWoMenLOUoGMlWXGE9hLGUfJG1wOMlFg33zq4dwCj17O0ULdpHh7QFQFEEpM" +
-            "+zscDhOHKmrZZEuiJvhR0JFkZz2rml0TEfSjCmdQ8XfJMzLbQ8BKZhWLOQdVh8Scn96Hm0EGkFBkcb4dO/Ubw+cu+bGskxHL1Q6uW0" +
-            "hGOdejiS7yWclE//uzSlSTa7GRtZ1F/vziWIVno0IInEyiOsCGagagWmxMvv1GTnRJwJl8Bt0BPJmWS2L4CClD6ocH2DrCEEYjMraP" +
-            "dquGbe0/0eYv3qANDWjvzJs4o4/4SoKZuRBuVj5YQMs69XdaxPgnC3Xfx59pf1Q5qOQe94R8oVTnT6z6G1Radsoweh1UnwItjjt4pt" +
-            "pfjyUn4bF2Ovz6bs/Tprbo2B4gmBraimCVHT5pruScBY2q4Vd8XiGbiviS8SgqUnxhH/4XmRRdeYpHpZyet1DT+nNTdJdOCfrsE630" +
-            "9CEQNhQRXt9j5c9S8fnwEA3x/FsriCOAnXsmjVZTnMmctnEYs0aChPxnCBgW1vb2dVUTJQ+KR+2CD3xPNiIEwdk9rA+80k1z3JXek8" +
-            "tac4cwgbcwDAYIKoZIhvcNAgsFADBlBgkqhkiG9w0BBQwwWARAvH3U5H5R/XeTJYthNF/5aUAsqnHPEeperLR1iXVAiVH8t4iby2WP" +
-            "FbvQtoKDbREOo9NaULKIWlDlimxCJosvygIDAMgAAgFAMAwGCCqGSIb3DQILBQAEQGeIvocQlW6yjPCczqj+yNdn6sTcmuHI9AnFtn" +
-            "aY0K7Ki2oIlXl5D9TLznFhJuHDtrIA3VYy2XTCvyrY3qEIySo=");
-
-    static byte[] oldKeyStoreNoPW = Base64.decode(
-        "MIIF/jCCBUEwgZQGCSqGSIb3DQEFDTCBhjBkBgkqhkiG9w0BBQwwVwRAr1ik7Ut78AkRAXYcwhwjOjlSjfjzLzCqFFFsT2OHXWtCK1h" +
-            "FEnbVpdi5OFL+TQ6g8kU9w8EYrIZH7elwkMt+6wICBAACASAwDAYIKoZIhvcNAgsFADAeBglghkgBZQMEAS8wEQQMi3d/cdRmlkhW1" +
-            "B43AgEIBIIEpvp3Y9FgZwdOCGGd3pJmhTy4z3FQ+xQD5yQizR3GtuNwLQvrsDfaZOPdmt6bKSLQdjVXX214d2JmBlKNOj9MD6SDIsW" +
-            "+yEVoqk4asmQjY5KZi/l7o9IRMTAVFBSKyXYcmnV/0Wqpv/AEOaV1ytrxwu2TOW3gZcbNHs3YQvAArxMcqCLyyGJYJ73Qt2xuccZa8" +
-            "YgagCovr0t2KJYHdpeTIFvhaAU7/iHKa0z4ES0YjZoEKNu7jA91WCnKIaFdJCRLS5NKqcuHw93KgGNelEEJt9BbhmddlzZ3upxdw9Q" +
-            "vZsaasD30ezK6viROxAkerfXzI5QVS8Qlz1/TQ10/ri8Lf04H3+HNRV5YS0cH9ghoBxKvvu8whcA43FdvGE7MREIEykJBWWWK5bgul" +
-            "duf2ONNA5cIBTLwLOmPdT2I4PkXUjCROHBmX9m4F0p41+9DCpqS2z5H2oS4+n+sBLHFWZbsOu/NAXKswLDVRaBbSGJW270dc8Gv1Vo" +
-            "B9VWlkqX4wLZTLp+Gbk2aJaKlp9zeN5EHG/vh1wJWYq138h2MB+cYZ2TCl3+orhzlzx6xfRVAtbBz9kpPDpfgpnahM0+IdcuVc5B2s" +
-            "UR6hBM/GQY4cgFdsBI1XhoEjLxzD8PxF4Se2KbseB6fq0+h1GKSB8YXv+IVvroF1ueqsi8DisNcrkN3Bdbl28gopF7kG+aJ84JkEHP" +
-            "bmN+EaYIZZ6yRBHa/nfXltblCIRbSfB0x4L8Uz+/lbEen5hov7v/60+v+6nAlNWs3Af0ZlmOU4KAcSgmLBJzh3+83qld8BlJH1t1HI" +
-            "Ct/md7BQLXn4fRWeKUhbwvSvlut7knai1ZKaLxEhNCh+/7UDE7Y1wvzBfWJYfyAFkCxW9U0erkwp8euea7OgMd1U+6R9H8FEgEjzaj" +
-            "maMCKqmAizZromgxsiPzZgMkz9J1eY/VtWqk1Gu3mq7O/6ilWh/dogxVfeVZ2kyS17rXL152pcJHIx20Vsd4gnFx8sLqfqiO5n/qoA" +
-            "8BkbbwdrBmURNCVmDMuqlMl/yiOpqohQ8kcp81l6B6NHAtxAWCSz7ypfKw43G80tTKhHYDguCUvdbLCuR43DJj22SuuxoRKHjnhtYD" +
-            "xKL58W5HhIcSFliI5qBuRc+EHVOdHfFfqNhisitOzuTk9z1Emg0lweVFzaWkpqxiwtNfOmiYrg+EzDYiGmiQ7/r5Uxqku+aX69khXN" +
-            "OKQbx1d48PI/0mNJV7qUY6k1hhU3ZkMSnuR1akaq/Skds7BnC3yj8byDlWouJ5AYreHPc4uxoH6YwSrBGBWw9omxGPFE6aGWze8pV/" +
-            "95HOrftINptVRDPtuBvV8fo9qPJ7Xr6unG3kEbKoflYTbolguI4YN338+QIc6+53I7N7H+3kkb8TJhUPj4ImS1dvN5KfkSwYuKX8sQ" +
-            "r4MGUVTfJwbRCKkbimtJ1MY/Rcpe9No1xQObp/3G4Tfam1KlhhLaM3A9fCLm+WwS7zlemJ+KcWa7iOyoS5f646+aLRZ7sNeuoxYecq" +
-            "9ybT5W8mYitUdvxcPwMlh2w1DqwmDqXVqkevs8WnDBJM2FYWVJenoU98oPd3pbFicZsjuMIG2MAwGCCqGSIb3DQILBQAwZAYJKoZIh" +
-            "vcNAQUMMFcEQAI9+HvmFMWhbl/EmZBy/B2CDIKcCs4AuhrKu50UVHSHobnuX7phOAtxdI9VevE2ehMCbWkLrUa3Qtkv4CmozFwCAgQ" +
-            "AAgFAMAwGCCqGSIb3DQILBQAEQHGAl3x6ij1f4oSoeKX/KQOYByXY/Kk4BinJM0cG0zXapG4vYidgmTMPTguuWXxL1u3+ncAGmW2EY" +
-            "gEAHiOUu5c=");
-
-    static byte[] oldKeyStore = Base64.decode(
-        "MIIF/jCCBUEwgZQGCSqGSIb3DQEFDTCBhjBkBgkqhkiG9w0BBQwwVwRA1njcCRF+e+s3pQsVaifZNKCablZ+5cLEeJXEdsAtJt7ZG2" +
-            "6dq5iYzBhbol5L5D0n9RLYFW5IoK9rCd8UpD61GAICBAACASAwDAYIKoZIhvcNAgsFADAeBglghkgBZQMEAS8wEQQMhT2rGv09UX8P" +
-            "pmcZAgEIBIIEpu8KeIMyG7FZL+rxPCJ7YFNRXEjykNt70W1BD8VDsN/bGuW4kCnKXNlzV2SAx/44mhdR47qiKrXziCwZUgpck9d1R5" +
-            "nQQtTKw0Q2F1EuWGm9ErFpCMYl6E43/URmkmjuCMIpEbrKHTmuEjqsdHJ7+CST4cFU3lCsBj7dMl9G7tLxJhq5aCTYxhFX6R5kM5QH" +
-            "t/pkxE/5Ei94nh606cKNjLA7Zlrbn1c5WlTpesOjE1pZp/QY9UuSiSA0nucNd8Ir0H4PK120QerdQQ4EWY/KHEDn4EqGpaE1Z6WVAS" +
-            "qyYING7g1q4YeYeJjFA2V8fqsj0j/wxG29x5J5ghcERnrcQGTL2P3uLvy2chgHdqIaFxKStANVntW+dy9MD/uCZnYi7DzeS3qWEZcl" +
-            "cpp5oImL79k08uc9jpfOnNaqbxz8b76ABH39OVQVSGRhh7fkYYSlUEWpSlaFoKaywV3yJwXlilhX7JqyiqRt/hrlVLTlQZZeJbYMrE" +
-            "KA/Fn2ePmNt5hJRiHzF5w/YVd5My27QtPvInCgJ2bV+Z0Di3l+Sd4SCS1NiHtR6uB7G3xlI8E3uQVV4dRNXM8drb1Uu/eTGxGSH0hY" +
-            "2Z0N8TvSGdz+TAQRNn/nXaMA2nZdfhVmwiRPPP3BaiBCJM6y5FroOT1rkPupA+gpmlw1M7Ey+rABphsqEig2XyRe4FMMmIc4i8ga6m" +
-            "KH+F0e26ycsb+nSycdhLIs5Dcdo42wzmvmoG8fvM+/C1N98TfB0m2KbtS1TV9dohagJi4l685iUMnUbH3nmha7RPYUVnpZdDokiATV" +
-            "WjuSezCdpIxv1m6HOqXuArvDtvExDzyVZnPoIF4DEuRypDpW8tkppvLGA6VEo1TPJvjvyrX6SqorwDa1JINVnQGPpx5StjL+eIQBzV" +
-            "RHoy+NP2dcPBHUlAfwWrkk7V7CwST6uNYBL+YVhTYYIN1HnJY0CkmmraqMvkMks17WAd9hONzSLmNT3St6s3VIQMMPC7qNatB+570Q" +
-            "BxgiQC7ieFu1wqy9ZNnNLU9DC69HR37uUFyiCnbCb54XY/zmCUhc8ONBi3L8DwmiDZ2oF7WIEmWvblcbWaQNFPNBMS9KzejHLpvopW" +
-            "+XcfRX4jCz9PwZ9HhUwGk8R7b1MALgJhXxuAD/a4VQK2OtlTHeAgSGBrGcGgjzSa7JWM5ks+EHdTuLaiU3ViVXLrZq4lr/D8ni1Ipt" +
-            "kKPaVcWnl56i7AXZtPj5xVE5v2eVual3sBOkObpoObyrDfmouZW0A9GPk69jGTm5j2FU+50p7JxSfR78BZJitBqrcYS4boVDFmTZYN" +
-            "MBpgGkHqW79gWKIde/pf6nf9cSnDEjZEIZJQI5rnLqmGG6+vKxJQJt7be4vCzGTVMqiY3+QgVCuwtK7Vd44RaPDnzQDxC9OwJOhIUF" +
-            "s1UwoS/vU/n5kbaYmD+py3dgffw4EicaOv5hG7NELZRKxueCjnVwdeCGH+WgJL7AIUdruK/SvsQbJX1asEFKU5KCG4Z9Sw0Sw4MjL+" +
-            "OAiyIbpQpMfHtG+9ORfWWmlH8McA3rjT07fKelhPn1YauY2jGZLfBrpBrQKxvcL82og7rUMIG2MAwGCCqGSIb3DQILBQAwZAYJKoZI" +
-            "hvcNAQUMMFcEQOchs+KAXDWhUaENOgpSls0plNpIUYDkgnMa/iL4RzEOCwiZBOuBdGsEfP3oKLWUS3wO83vrgetSLK5fkN6QNnoCAg" +
-            "QAAgFAMAwGCCqGSIb3DQILBQAEQBLCR5e4teCd8JX0xJbGadSCFaO1oEehyXSZrnKahsYJ7yTHqJTvlcWvqTiwn7Gud/SJmMXPQkZC" +
-            "SQhMQ5k+xZ4=");
-
-    public void shouldCreateEmptyBCFKSNoPassword()
-        throws Exception
-    {
-        checkEmptyStore(null);
-    }
-
-    public void shouldCreateEmptyBCFKSPassword()
-        throws Exception
-    {
-        checkEmptyStore(testPassword);
-    }
-
-    private void checkEmptyStore(char[] passwd)
-        throws KeyStoreException, NoSuchProviderException, IOException, NoSuchAlgorithmException, CertificateException
-    {
-        KeyStore store1 = KeyStore.getInstance("BCFKS", "BC");
-
-        store1.load(null, null);
-
-        isTrue("", 0 == store1.size());
-        isTrue("", !store1.aliases().hasMoreElements());
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        store1.store(bOut, passwd);
-
-        KeyStore store2 = KeyStore.getInstance("BCFKS", "BC");
-
-        store2.load(new ByteArrayInputStream(bOut.toByteArray()), passwd);
-
-        isTrue("", 0 == store2.size());
-        isTrue("", !store2.aliases().hasMoreElements());
-
-        checkInvalidLoad(store2, passwd, bOut.toByteArray());
-    }
-
-    private void checkInvalidLoad(KeyStore store, char[] passwd, byte[] data)
-        throws NoSuchAlgorithmException, CertificateException, KeyStoreException
-    {
-        checkInvalidLoadForPassword(store, invalidTestPassword, data);
-
-        if (passwd != null)
-        {
-            checkInvalidLoadForPassword(store, null, data);
-        }
-    }
-
-    private void checkInvalidLoadForPassword(KeyStore store, char[] password, byte[] data)
-        throws NoSuchAlgorithmException, CertificateException, KeyStoreException
-    {
-        try
-        {
-            store.load(new ByteArrayInputStream(data), password);
-        }
-        catch (IOException e)
-        {
-            isTrue("wrong message", "BCFKS KeyStore corrupted: MAC calculation failed".equals(e.getMessage()));
-        }
-
-        isTrue("", 0 == store.size());
-        isTrue("", !store.aliases().hasMoreElements());
-    }
-
-    public void shouldStoreOneCertificate()
-        throws Exception
-    {
-        X509Certificate cert = (X509Certificate)CertificateFactory.getInstance("X.509", "BC").generateCertificate(new ByteArrayInputStream(trustedCertData));
-
-        checkOneCertificate(cert, null);
-        checkOneCertificate(cert, testPassword);
-    }
-
-    public void shouldStoreOneCertificateWithECDSASignature()
-        throws Exception
-    {
-        KeyPairGenerator kpG = KeyPairGenerator.getInstance("EC", "BC");
-
-        kpG.initialize(new ECGenParameterSpec("P-256"));
-
-        KeyPair kp = kpG.generateKeyPair();
-
-        X509Certificate cert = (X509Certificate)CertificateFactory.getInstance("X.509", "BC").generateCertificate(new ByteArrayInputStream(trustedCertData));
-
-        KeyStore store1 = KeyStore.getInstance("BCFKS", "BC");
-
-        store1.load(null, null);
-
-        store1.setCertificateEntry("cert", cert);
-
-        isTrue("", 1 == store1.size());
-        Enumeration<String> en1 = store1.aliases();
-
-        isTrue("", "cert".equals(en1.nextElement()));
-        isTrue("", !en1.hasMoreElements());
-
-        certStorageCheck(store1, "cert", cert);
-
-        Date entryDate = store1.getCreationDate("cert");
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        BCFKSLoadStoreParameter storeParameter = new BCFKSLoadStoreParameter.Builder(bOut, kp.getPrivate())
-            .withStoreSignatureAlgorithm(BCFKSLoadStoreParameter.SignatureAlgorithm.SHA512withECDSA)
-            .build();
-
-        store1.store(storeParameter);
-
-        KeyStore store2 = KeyStore.getInstance("BCFKS", "BC");
-
-        BCFKSLoadStoreParameter loadParameter = new BCFKSLoadStoreParameter.Builder(
-                new ByteArrayInputStream(bOut.toByteArray()), kp.getPublic())
-            .withStoreSignatureAlgorithm(BCFKSLoadStoreParameter.SignatureAlgorithm.SHA512withECDSA)
-            .build();
-
-        store2.load(loadParameter);
-    }
-
-    public void shouldStoreOneCertificateWithECDSASignatureAndCertificates()
-        throws Exception
-    {
-        KeyPairGenerator kpG = KeyPairGenerator.getInstance("EC", "BC");
-
-        kpG.initialize(new ECGenParameterSpec("P-256"));
-
-        KeyPair kp = kpG.generateKeyPair();
-
-        X509Certificate cert = (X509Certificate)CertificateFactory.getInstance("X.509", "BC").generateCertificate(new ByteArrayInputStream(trustedCertData));
-
-        KeyStore store1 = KeyStore.getInstance("BCFKS", "BC");
-
-        store1.load(null, null);
-
-        store1.setCertificateEntry("cert", cert);
-
-        isTrue("", 1 == store1.size());
-        Enumeration<String> en1 = store1.aliases();
-
-        isTrue("", "cert".equals(en1.nextElement()));
-        isTrue("", !en1.hasMoreElements());
-
-        certStorageCheck(store1, "cert", cert);
-
-        Date entryDate = store1.getCreationDate("cert");
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        final X509Certificate selfSignedCert = TestUtils.createSelfSignedCert("CN=ECDSA", "SHA256withECDSA", kp);
-        BCFKSLoadStoreParameter storeParameter = new BCFKSLoadStoreParameter.Builder(bOut, kp.getPrivate())
-            .withStoreSignatureAlgorithm(BCFKSLoadStoreParameter.SignatureAlgorithm.SHA512withECDSA)
-            .withCertificates(
-                new X509Certificate[] {selfSignedCert})
-            .build();
-
-        store1.store(storeParameter);
-
-        KeyStore store2 = KeyStore.getInstance("BCFKS", "BC");
-
-        final AtomicBoolean isCalled = new AtomicBoolean(false);
-
-        BCFKSLoadStoreParameter loadParameter = new BCFKSLoadStoreParameter.Builder(
-            new ByteArrayInputStream(bOut.toByteArray()), new BCFKSLoadStoreParameter.CertChainValidator()
-            {
-                public boolean isValid(X509Certificate[] chain)
-                {
-                    isEquals(selfSignedCert, chain[0]);
-                    isCalled.set(true);
-                    return true;
-                }
-            })
-            .withStoreSignatureAlgorithm(BCFKSLoadStoreParameter.SignatureAlgorithm.SHA512withECDSA)
-            .build();
-
-        store2.load(loadParameter);
-
-        isTrue(isCalled.get());
-        
-        loadParameter = new BCFKSLoadStoreParameter.Builder(
-            new ByteArrayInputStream(bOut.toByteArray()), new BCFKSLoadStoreParameter.CertChainValidator()
-            {
-                public boolean isValid(X509Certificate[] chain)
-                {
-                    isEquals(selfSignedCert, chain[0]);
-
-                    return false;
-                }
-            })
-            .withStoreSignatureAlgorithm(BCFKSLoadStoreParameter.SignatureAlgorithm.SHA512withECDSA)
-            .build();
-
-        try
-        {
-            store2.load(loadParameter);
-            fail("no exception");
-        }
-        catch (IOException e)
-        {
-            isEquals("certificate chain in key store signature not valid", e.getMessage());
-        }
-    }
-
-    public void shouldStoreOneCertificateWithDSASignature()
-        throws Exception
-    {
-        KeyPairGenerator kpG = KeyPairGenerator.getInstance("DSA", "BC");
-
-        kpG.initialize(2048);
-
-        KeyPair kp = kpG.generateKeyPair();
-
-        X509Certificate cert = (X509Certificate)CertificateFactory.getInstance("X.509", "BC").generateCertificate(new ByteArrayInputStream(trustedCertData));
-
-        KeyStore store1 = KeyStore.getInstance("BCFKS", "BC");
-
-        store1.load(null, null);
-
-        store1.setCertificateEntry("cert", cert);
-
-        isTrue("", 1 == store1.size());
-        Enumeration<String> en1 = store1.aliases();
-
-        isTrue("", "cert".equals(en1.nextElement()));
-        isTrue("", !en1.hasMoreElements());
-
-        certStorageCheck(store1, "cert", cert);
-
-        Date entryDate = store1.getCreationDate("cert");
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        BCFKSLoadStoreParameter storeParameter = new BCFKSLoadStoreParameter.Builder(bOut, kp.getPrivate())
-            .withStoreSignatureAlgorithm(BCFKSLoadStoreParameter.SignatureAlgorithm.SHA512withDSA)
-            .build();
-
-        store1.store(storeParameter);
-
-        KeyStore store2 = KeyStore.getInstance("BCFKS", "BC");
-
-        BCFKSLoadStoreParameter loadParameter = new BCFKSLoadStoreParameter.Builder(
-                new ByteArrayInputStream(bOut.toByteArray()), kp.getPublic())
-            .withStoreSignatureAlgorithm(BCFKSLoadStoreParameter.SignatureAlgorithm.SHA512withDSA)
-            .build();
-
-        store2.load(loadParameter);
-    }
-
-    public void shouldStoreOneCertificateWithRSASignature()
-        throws Exception
-    {
-        KeyPairGenerator kpG = KeyPairGenerator.getInstance("RSA", "BC");
-
-        kpG.initialize(2048);
-
-        KeyPair kp = kpG.generateKeyPair();
-
-        X509Certificate cert = (X509Certificate)CertificateFactory.getInstance("X.509", "BC").generateCertificate(new ByteArrayInputStream(trustedCertData));
-
-        KeyStore store1 = KeyStore.getInstance("BCFKS", "BC");
-
-        store1.load(null, null);
-
-        store1.setCertificateEntry("cert", cert);
-
-        isTrue("", 1 == store1.size());
-        Enumeration<String> en1 = store1.aliases();
-
-        isTrue("", "cert".equals(en1.nextElement()));
-        isTrue("", !en1.hasMoreElements());
-
-        certStorageCheck(store1, "cert", cert);
-
-        Date entryDate = store1.getCreationDate("cert");
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        BCFKSLoadStoreParameter storeParameter = new BCFKSLoadStoreParameter.Builder(bOut, kp.getPrivate())
-            .withStoreSignatureAlgorithm(BCFKSLoadStoreParameter.SignatureAlgorithm.SHA512withRSA)
-            .build();
-
-        store1.store(storeParameter);
-
-        KeyStore store2 = KeyStore.getInstance("BCFKS", "BC");
-
-        BCFKSLoadStoreParameter loadParameter = new BCFKSLoadStoreParameter.Builder(
-                new ByteArrayInputStream(bOut.toByteArray()), kp.getPublic())
-            .withStoreSignatureAlgorithm(BCFKSLoadStoreParameter.SignatureAlgorithm.SHA512withRSA)
-            .build();
-
-        store2.load(loadParameter);
-    }
-
-    private void checkOneCertificate(X509Certificate cert, char[] passwd)
-        throws KeyStoreException, NoSuchProviderException, IOException, NoSuchAlgorithmException, CertificateException
-    {
-        KeyStore store1 = KeyStore.getInstance("BCFKS", "BC");
-
-        store1.load(null, null);
-
-        store1.setCertificateEntry("cert", cert);
-
-        isTrue("", 1 == store1.size());
-        Enumeration<String> en1 = store1.aliases();
-
-        isTrue("", "cert".equals(en1.nextElement()));
-        isTrue("", !en1.hasMoreElements());
-
-        certStorageCheck(store1, "cert", cert);
-
-        Date entryDate = store1.getCreationDate("cert");
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        store1.store(bOut, passwd);
-
-        KeyStore store2 = KeyStore.getInstance("BCFKS", "BC");
-
-        store2.load(new ByteArrayInputStream(bOut.toByteArray()), passwd);
-
-        isTrue("", entryDate.equals(store2.getCreationDate("cert")));
-        isTrue("", 1 == store2.size());
-        Enumeration<String> en2 = store2.aliases();
-
-        isTrue("", "cert".equals(en2.nextElement()));
-        isTrue("", !en2.hasMoreElements());
-
-        certStorageCheck(store2, "cert", cert);
-
-        // check invalid load with content
-
-        checkInvalidLoad(store2, passwd, bOut.toByteArray());
-
-        // check deletion on purpose
-
-        store1.deleteEntry("cert");
-
-        isTrue("", 0 == store1.size());
-        isTrue("", !store1.aliases().hasMoreElements());
-
-        bOut = new ByteArrayOutputStream();
-
-        store1.store(bOut, passwd);
-
-        store2 = KeyStore.getInstance("BCFKS", "BC");
-
-        store2.load(new ByteArrayInputStream(bOut.toByteArray()), passwd);
-
-        isTrue("", 0 == store2.size());
-        isTrue("", !store2.aliases().hasMoreElements());
-    }
-
-    public void shouldStoreOnePrivateKey()
-        throws Exception
-    {
-        PrivateKey privKey = getPrivateKey();
-
-        X509Certificate cert = (X509Certificate)CertificateFactory.getInstance("X.509", "BC").generateCertificate(new ByteArrayInputStream(trustedCertData));
-
-        checkOnePrivateKeyFips(privKey, new X509Certificate[]{cert}, null);
-        checkOnePrivateKeyFips(privKey, new X509Certificate[]{cert}, testPassword);
-        checkOnePrivateKeyDef(privKey, new X509Certificate[]{cert}, null);
-        checkOnePrivateKeyDef(privKey, new X509Certificate[]{cert}, testPassword);
-    }
-
-    public void shouldStoreOnePrivateKeyWithChain()
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", "BC");
-
-        kpGen.initialize(512);
-
-        KeyPair kp1 = kpGen.generateKeyPair();
-        KeyPair kp2 = kpGen.generateKeyPair();
-
-        X509Certificate finalCert = TestUtils.createSelfSignedCert("CN=Final", "SHA1withRSA", kp2);
-        X509Certificate interCert = TestUtils.createCert(
-            TestUtils.getCertSubject(finalCert),
-            kp2.getPrivate(),
-            "CN=EE",
-            "SHA1withRSA",
-            null,
-            kp1.getPublic());
-
-        checkOnePrivateKeyFips(kp1.getPrivate(), new X509Certificate[]{interCert, finalCert}, null);
-        checkOnePrivateKeyFips(kp1.getPrivate(), new X509Certificate[]{interCert, finalCert}, testPassword);
-
-        checkOnePrivateKeyDef(kp1.getPrivate(), new X509Certificate[]{interCert, finalCert}, null);
-        checkOnePrivateKeyDef(kp1.getPrivate(), new X509Certificate[]{interCert, finalCert}, testPassword);
-    }
-
-    public void shouldStoreOneECKeyWithChain()
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("EC", "BC");
-
-        kpGen.initialize(256);
-
-        KeyPair kp1 = kpGen.generateKeyPair();
-        KeyPair kp2 = kpGen.generateKeyPair();
-
-        X509Certificate finalCert = TestUtils.createSelfSignedCert("CN=Final", "SHA1withECDSA", kp2);
-        X509Certificate interCert = TestUtils.createCert(
-            TestUtils.getCertSubject(finalCert),
-            kp2.getPrivate(),
-            "CN=EE",
-            "SHA1withECDSA",
-            null,
-            kp1.getPublic());
-
-        checkOnePrivateKeyFips(kp1.getPrivate(), new X509Certificate[]{interCert, finalCert}, null);
-        checkOnePrivateKeyFips(kp1.getPrivate(), new X509Certificate[]{interCert, finalCert}, testPassword);
-
-        checkOnePrivateKeyDef(kp1.getPrivate(), new X509Certificate[]{interCert, finalCert}, null);
-        checkOnePrivateKeyDef(kp1.getPrivate(), new X509Certificate[]{interCert, finalCert}, testPassword);
-    }
-
-    public void shouldRejectInconsistentKeys()
-        throws Exception
-    {
-        PrivateKey privKey = getPrivateKey();
-
-        CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
-
-        X509Certificate interCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(CertPathTest.interCertBin));
-
-        KeyStore store1 = KeyStore.getInstance("BCFKS", "BC");
-
-        store1.load(null, null);
-
-        try
-        {
-            store1.setKeyEntry("privkey", privKey, "hello".toCharArray(), new X509Certificate[]{interCert});
-            fail("no exception");
-        }
-        catch (KeyStoreException e)
-        {
-            isTrue("", "RSA keys do not have the same modulus".equals(e.getCause().getMessage()));
-        }
-    }
-
-    private void checkOnePrivateKeyFips(PrivateKey key, X509Certificate[] certs, char[] passwd)
-        throws Exception
-    {
-        KeyStore store1 = KeyStore.getInstance("BCFKS", "BC");
-
-        store1.load(null, null);
-
-        checkOnePrivateKey(key, store1, certs, passwd);
-    }
-
-    private void checkOnePrivateKeyDef(PrivateKey key, X509Certificate[] certs, char[] passwd)
-        throws Exception
-    {
-        KeyStore store1 = KeyStore.getInstance("BCFKS-DEF", "BC");
-
-        store1.load(null, null);
-
-        checkOnePrivateKey(key, store1, certs, passwd);
-    }
-
-    private void checkOnePrivateKey(PrivateKey key, KeyStore store1, X509Certificate[] certs, char[] passwd)
-        throws Exception
-    {
-        store1.setKeyEntry("privkey", key, passwd, certs);
-
-        isTrue("", 1 == store1.size());
-        Enumeration<String> en1 = store1.aliases();
-
-        isTrue("", "privkey".equals(en1.nextElement()));
-        isTrue("", !en1.hasMoreElements());
-
-        privateKeyStorageCheck(store1, "privkey", key, certs[0], passwd);
-
-        Date entryDate = store1.getCreationDate("privkey");
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        store1.store(bOut, passwd);
-
-        KeyStore store2 = KeyStore.getInstance("BCFKS", "BC");
-
-        store2.load(new ByteArrayInputStream(bOut.toByteArray()), passwd);
-
-        isTrue("", store2.getCertificateChain("privkey").length == certs.length);
-        Certificate[] sChain = store2.getCertificateChain("privkey");
-        for (int i = 0; i != sChain.length; i++)
-        {
-            isTrue("", certs[i].equals(sChain[i]));
-        }
-        isTrue("", entryDate.equals(store2.getCreationDate("privkey")));
-        isTrue("", 1 == store2.size());
-        Enumeration<String> en2 = store2.aliases();
-
-        isTrue("", "privkey".equals(en2.nextElement()));
-        isTrue("", !en2.hasMoreElements());
-
-        privateKeyStorageCheck(store2, "privkey", key, certs[0], passwd);
-
-        // check invalid load with content
-
-        checkInvalidLoad(store2, passwd, bOut.toByteArray());
-
-        // check deletion on purpose
-
-        store1.deleteEntry("privkey");
-
-        isTrue("", 0 == store1.size());
-        isTrue("", !store1.aliases().hasMoreElements());
-
-        bOut = new ByteArrayOutputStream();
-
-        store1.store(bOut, passwd);
-
-        store2 = KeyStore.getInstance("BCFKS", "BC");
-
-        store2.load(new ByteArrayInputStream(bOut.toByteArray()), passwd);
-
-        isTrue("", 0 == store2.size());
-        isTrue("", !store2.aliases().hasMoreElements());
-    }
-
-    public void shouldStoreMultipleKeys()
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", "BC");
-
-        kpGen.initialize(512);
-
-        KeyPair kp1 = kpGen.generateKeyPair();
-        KeyPair kp2 = kpGen.generateKeyPair();
-
-        X509Certificate finalCert = TestUtils.createSelfSignedCert("CN=Final", "SHA1withRSA", kp2);
-        X509Certificate interCert = TestUtils.createCert(
-            TestUtils.getCertSubject(finalCert),
-            kp2.getPrivate(),
-            "CN=EE",
-            "SHA1withRSA",
-            null,
-            kp1.getPublic());
-
-        PrivateKey privKey = kp1.getPrivate();
-
-        CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
-
-        X509Certificate cert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(trustedCertData));
-
-        KeyStore store1 = KeyStore.getInstance("BCFKS", "BC");
-
-        store1.load(null, null);
-
-        store1.setKeyEntry("privkey", privKey, testPassword, new X509Certificate[]{interCert, finalCert});
-        store1.setCertificateEntry("trusted", cert);
-        SecretKeySpec aesKey = new SecretKeySpec(Hex.decode("000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f"), "AES");
-        store1.setKeyEntry("secret1", aesKey, "secretPwd1".toCharArray(), null);
-        SecretKeySpec edeKey = new SecretKeySpec(Hex.decode("010102020404070708080b0b0d0d0e0e"), "DESede");
-        store1.setKeyEntry("secret2", edeKey, "secretPwd2".toCharArray(), null);
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        store1.store(bOut, testPassword);
-
-        KeyStore store2 = KeyStore.getInstance("BCFKS", "BC");
-
-        store2.load(new ByteArrayInputStream(bOut.toByteArray()), testPassword);
-
-        isTrue("", 4 == store2.size());
-
-        Key storeDesEde = store2.getKey("secret2", "secretPwd2".toCharArray());
-
-        isTrue("", edeKey.getAlgorithm().equals(storeDesEde.getAlgorithm()));
-
-        isTrue("", Arrays.areEqual(edeKey.getEncoded(), storeDesEde.getEncoded()));
-
-        Key storeAes = store2.getKey("secret1", "secretPwd1".toCharArray());
-        isTrue("", Arrays.areEqual(aesKey.getEncoded(), storeAes.getEncoded()));
-        isTrue("", aesKey.getAlgorithm().equals(storeAes.getAlgorithm()));
-
-        Key storePrivKey = store2.getKey("privkey", testPassword);
-        isTrue("", privKey.equals(storePrivKey));
-        isTrue("", 2 == store2.getCertificateChain("privkey").length);
-
-        Certificate storeCert = store2.getCertificate("trusted");
-        isTrue("", cert.equals(storeCert));
-
-        isTrue("", null == store2.getCertificate("unknown"));
-
-        isTrue("", null == store2.getCertificateChain("unknown"));
-
-        isTrue("", !store2.isCertificateEntry("unknown"));
-
-        isTrue("", !store2.isKeyEntry("unknown"));
-
-        isTrue("", !store2.containsAlias("unknown"));
-    }
-
-    public void shouldParseKWPKeyStore()
-        throws Exception
-    {
-        CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
-
-        X509Certificate cert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(trustedCertData));
-
-        SecretKeySpec aesKey = new SecretKeySpec(Hex.decode("000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f"), "AES");
-        SecretKeySpec edeKey = new SecretKeySpec(Hex.decode("010102020404070708080b0b0d0d0e0e"), "DESede");
-
-        KeyStore store2 = KeyStore.getInstance("BCFKS", "BC");
-
-        store2.load(new ByteArrayInputStream(kwpKeyStore), testPassword);
-
-        isTrue("", 4 == store2.size());
-
-        Key storeDesEde = store2.getKey("secret2", "secretPwd2".toCharArray());
-
-        isTrue("", edeKey.getAlgorithm().equals(storeDesEde.getAlgorithm()));
-
-        isTrue("", Arrays.areEqual(edeKey.getEncoded(), storeDesEde.getEncoded()));
-
-        Key storeAes = store2.getKey("secret1", "secretPwd1".toCharArray());
-        isTrue("", Arrays.areEqual(aesKey.getEncoded(), storeAes.getEncoded()));
-        isTrue("", aesKey.getAlgorithm().equals(storeAes.getAlgorithm()));
-
-        Key storePrivKey = store2.getKey("privkey", testPassword);
-        isTrue("", 2 == store2.getCertificateChain("privkey").length);
-        isTrue("", storePrivKey instanceof RSAPrivateCrtKey);
-
-        Certificate storeCert = store2.getCertificate("trusted");
-        isTrue("", cert.equals(storeCert));
-
-        isTrue("", null == store2.getCertificate("unknown"));
-
-        isTrue("", null == store2.getCertificateChain("unknown"));
-
-        isTrue("", !store2.isCertificateEntry("unknown"));
-
-        isTrue("", !store2.isKeyEntry("unknown"));
-
-        isTrue("", !store2.containsAlias("unknown"));
-    }
-
-    public void shouldStoreSecretKeys()
-        throws Exception
-    {
-        KeyStore store1 = KeyStore.getInstance("BCFKS", "BC");
-
-        store1.load(null, null);
-
-        SecretKeySpec aesKey = new SecretKeySpec(Hex.decode("000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f"), "AES");
-        SecretKeySpec edeKey1 = new SecretKeySpec(Hex.decode("010102020404070708080b0b0d0d0e0e"), "DESede");
-        SecretKeySpec edeKey2 = new SecretKeySpec(Hex.decode("010102020404070708080b0b0d0d0e0e"), "TripleDES");
-        SecretKeySpec edeKey3 = new SecretKeySpec(Hex.decode("010102020404070708080b0b0d0d0e0e"), "TDEA");
-        SecretKeySpec hmacKey1 = new SecretKeySpec(Hex.decode("000102030405060708090a0b0c0d0eff"), "HmacSHA1");
-        SecretKeySpec hmacKey224 = new SecretKeySpec(Hex.decode("000102030405060708090a0b0c0d0eff"), "HmacSHA224");
-        SecretKeySpec hmacKey256 = new SecretKeySpec(Hex.decode("000102030405060708090a0b0c0d0eff01ff"), "HmacSHA256");
-        SecretKeySpec hmacKey384 = new SecretKeySpec(Hex.decode("000102030405060708090a0b0c0d0eff0102ff"), "HmacSHA384");
-        SecretKeySpec hmacKey512 = new SecretKeySpec(Hex.decode("000102030405060708090a0b0c0d0eff010203ff"), "HmacSHA512");
-
-        SecretKeySpec camellia128 = new SecretKeySpec(Hex.decode("000102030405060708090a0b0c0d0e0f"), "Camellia");
-        SecretKeySpec camellia192 = new SecretKeySpec(Hex.decode("000102030405060708090a0b0c0d0e0f0001020304050607"), "Camellia");
-        SecretKeySpec camellia256 = new SecretKeySpec(Hex.decode("000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f"), "Camellia");
-        SecretKeySpec seed = new SecretKeySpec(Hex.decode("000102030405060708090a0b0c0d0e0f"), "SEED");
-        SecretKeySpec aria128 = new SecretKeySpec(Hex.decode("000102030405060708090a0b0c0d0e0f"), "ARIA");
-        SecretKeySpec aria192 = new SecretKeySpec(Hex.decode("000102030405060708090a0b0c0d0e0f0001020304050607"), "ARIA");
-        SecretKeySpec aria256 = new SecretKeySpec(Hex.decode("000102030405060708090a0b0c0d0e0f000102030405060708090a0b0c0d0e0f"), "ARIA");
-
-        store1.setKeyEntry("secret1", aesKey, "secretPwd1".toCharArray(), null);
-        store1.setKeyEntry("secret2", edeKey1, "secretPwd2".toCharArray(), null);
-        store1.setKeyEntry("secret3", edeKey2, "secretPwd3".toCharArray(), null);
-        store1.setKeyEntry("secret4", edeKey3, "secretPwd4".toCharArray(), null);
-        store1.setKeyEntry("secret5", hmacKey1, "secretPwd5".toCharArray(), null);
-        store1.setKeyEntry("secret6", hmacKey224, "secretPwd6".toCharArray(), null);
-        store1.setKeyEntry("secret7", hmacKey256, "secretPwd7".toCharArray(), null);
-        store1.setKeyEntry("secret8", hmacKey384, "secretPwd8".toCharArray(), null);
-        store1.setKeyEntry("secret9", hmacKey512, "secretPwd9".toCharArray(), null);
-
-        store1.setKeyEntry("secret10", camellia128, "secretPwd10".toCharArray(), null);
-        store1.setKeyEntry("secret11", camellia192, "secretPwd11".toCharArray(), null);
-        store1.setKeyEntry("secret12", camellia256, "secretPwd12".toCharArray(), null);
-        store1.setKeyEntry("secret13", seed, "secretPwd13".toCharArray(), null);
-        store1.setKeyEntry("secret14", aria128, "secretPwd14".toCharArray(), null);
-        store1.setKeyEntry("secret15", aria192, "secretPwd15".toCharArray(), null);
-        store1.setKeyEntry("secret16", aria256, "secretPwd16".toCharArray(), null);
-
-        checkSecretKey(store1, "secret1", "secretPwd1".toCharArray(), aesKey);
-        checkSecretKey(store1, "secret2", "secretPwd2".toCharArray(), edeKey1); // TRIPLEDES and TDEA will convert to DESEDE
-        checkSecretKey(store1, "secret3", "secretPwd3".toCharArray(), edeKey1);
-        checkSecretKey(store1, "secret4", "secretPwd4".toCharArray(), edeKey1);
-        // TODO:
-//        checkSecretKey(store1, "secret5", "secretPwd5".toCharArray(), hmacKey1);
-//        checkSecretKey(store1, "secret6", "secretPwd6".toCharArray(), hmacKey224);
-//        checkSecretKey(store1, "secret7", "secretPwd7".toCharArray(), hmacKey256);
-//        checkSecretKey(store1, "secret8", "secretPwd8".toCharArray(), hmacKey384);
-//        checkSecretKey(store1, "secret9", "secretPwd9".toCharArray(), hmacKey512);
-
-        checkSecretKey(store1, "secret10", "secretPwd10".toCharArray(), camellia128);
-        checkSecretKey(store1, "secret11", "secretPwd11".toCharArray(), camellia192);
-        checkSecretKey(store1, "secret12", "secretPwd12".toCharArray(), camellia256);
-        checkSecretKey(store1, "secret13", "secretPwd13".toCharArray(), seed);
-        checkSecretKey(store1, "secret14", "secretPwd14".toCharArray(), aria128);
-        checkSecretKey(store1, "secret15", "secretPwd15".toCharArray(), aria192);
-        checkSecretKey(store1, "secret16", "secretPwd16".toCharArray(), aria256);
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        store1.store(bOut, "secretkeytest".toCharArray());
-
-        KeyStore store2 = KeyStore.getInstance("BCFKS", "BC");
-
-        store2.load(new ByteArrayInputStream(bOut.toByteArray()), "secretkeytest".toCharArray());
-
-        checkSecretKey(store2, "secret1", "secretPwd1".toCharArray(), aesKey);
-        checkSecretKey(store2, "secret2", "secretPwd2".toCharArray(), edeKey1); // TRIPLEDES and TDEA will convert to DESEDE
-        checkSecretKey(store2, "secret3", "secretPwd3".toCharArray(), edeKey1);
-        checkSecretKey(store2, "secret4", "secretPwd4".toCharArray(), edeKey1);
-        // TODO:
-//        checkSecretKey(store2, "secret5", "secretPwd5".toCharArray(), hmacKey1);
-//        checkSecretKey(store2, "secret6", "secretPwd6".toCharArray(), hmacKey224);
-//        checkSecretKey(store2, "secret7", "secretPwd7".toCharArray(), hmacKey256);
-//        checkSecretKey(store2, "secret8", "secretPwd8".toCharArray(), hmacKey384);
-//        checkSecretKey(store2, "secret9", "secretPwd9".toCharArray(), hmacKey512);
-
-        isTrue("", null == store2.getKey("secret17", new char[0]));
-    }
-
-    public void shouldFailOnWrongPassword()
-        throws Exception
-    {
-        failOnWrongPasswordTest("IBCFKS");
-        failOnWrongPasswordTest("IBCFKS-DEF");
-    }
-
-    public void failOnWrongPasswordTest(String storeName)
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", "BC");
-
-        kpGen.initialize(512);
-
-        KeyPair kp1 = kpGen.generateKeyPair();
-        KeyPair kp2 = kpGen.generateKeyPair();
-
-        X509Certificate finalCert = TestUtils.createSelfSignedCert("CN=Final", "SHA1withRSA", kp2);
-        X509Certificate interCert = TestUtils.createCert(
-            X500Name.getInstance(finalCert.getSubjectX500Principal().getEncoded()),
-            kp2.getPrivate(),
-            "CN=EE",
-            "SHA1withRSA",
-            null,
-            kp1.getPublic());
-
-        KeyStore store1 = KeyStore.getInstance("BCFKS", "BC");
-
-        store1.load(null, null);
-
-        store1.setKeyEntry("privkey", kp1.getPrivate(), testPassword, new X509Certificate[]{interCert, finalCert});
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        store1.store(bOut, testPassword);
-
-        store1 = KeyStore.getInstance(storeName, "BC");
-
-        store1.load(new ByteArrayInputStream(bOut.toByteArray()), testPassword);
-
-        isTrue("privKey test 1", store1.getKey("privkey", testPassword) != null);
-
-        try
-        {
-            store1.getKey("privkey", invalidTestPassword);
-            fail("no exception");
-        }
-        catch (UnrecoverableKeyException e)
-        {
-            isEquals("wrong message, got : " + e.getMessage(), "unable to recover key (privkey)", e.getMessage());
-        }
-
-        isTrue("privKey test 2", store1.getKey("privkey", testPassword) != null);
-    }
-
-    private void checkSecretKey(KeyStore store, String alias, char[] passwd, SecretKey key)
-        throws Exception
-    {
-        SecretKey sKey = (SecretKey)store.getKey(alias, passwd);
-
-        isTrue("", Arrays.areEqual(key.getEncoded(), sKey.getEncoded()));
-        isTrue("", key.getAlgorithm().equals(sKey.getAlgorithm()));
-
-        if (!store.isKeyEntry(alias))
-        {
-            fail("key not identified as key entry");
-        }
-        if (!store.entryInstanceOf(alias, KeyStore.SecretKeyEntry.class))
-        {
-            fail("not identified as key entry via SecretKeyEntry");
-        }
-    }
-
-    private PrivateKey getPrivateKey()
-    {
-        PrivateKey privKey = null;
-
-        RSAPrivateCrtKeySpec privKeySpec = new RSAPrivateCrtKeySpec(
-            new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-            new BigInteger("11", 16),
-            new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
-            new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
-            new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
-            new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
-            new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
-            new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));
-
-
-        try
-        {
-            KeyFactory fact = KeyFactory.getInstance("RSA", "BC");
-
-            privKey = fact.generatePrivate(privKeySpec);
-        }
-        catch (Exception e)
-        {
-            fail("error setting up keys - " + e.toString());
-        }
-
-        return privKey;
-    }
-
-    public void shouldFailOnRemovesOrOverwrite()
-        throws Exception
-    {
-        failOnRemovesOrOverwrite("IBCFKS");
-        failOnRemovesOrOverwrite("IBCFKS-DEF");
-    }
-
-    private void failOnRemovesOrOverwrite(String storeName)
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", "BC");
-
-        kpGen.initialize(512);
-
-        KeyPair kp1 = kpGen.generateKeyPair();
-        KeyPair kp2 = kpGen.generateKeyPair();
-
-        X509Certificate finalCert = TestUtils.createSelfSignedCert("CN=Final", "SHA1withRSA", kp2);
-        X509Certificate interCert = TestUtils.createCert(
-            X500Name.getInstance(finalCert.getSubjectX500Principal().getEncoded()),
-            kp2.getPrivate(),
-            "CN=EE",
-            "SHA1withRSA",
-            null,
-            kp1.getPublic());
-
-        KeyStore store1 = KeyStore.getInstance(storeName, "BC");
-
-        store1.load(new ByteArrayInputStream(oldKeyStoreNoPW), null);
-
-        try
-        {
-            store1.setKeyEntry("privkey", kp1.getPrivate(), testPassword, new X509Certificate[]{interCert, finalCert});
-            fail("no exception");
-        }
-        catch (KeyStoreException e)
-        {
-            isTrue("set operation not supported in shared mode".equals(e.getMessage()));
-        }
-
-        try
-        {
-            store1.setKeyEntry("privkey", kp1.getPrivate().getEncoded(), new X509Certificate[]{interCert, finalCert});
-            fail("no exception");
-        }
-        catch (KeyStoreException e)
-        {
-            isTrue("set operation not supported in shared mode".equals(e.getMessage()));
-        }
-
-        try
-        {
-            store1.setCertificateEntry("cert", interCert);
-            fail("no exception");
-        }
-        catch (KeyStoreException e)
-        {
-            isTrue("set operation not supported in shared mode".equals(e.getMessage()));
-        }
-
-        try
-        {
-            store1.deleteEntry("privkey");
-            fail("no exception");
-        }
-        catch (KeyStoreException e)
-        {
-            isTrue("delete operation not supported in shared mode".equals(e.getMessage()));
-        }
-    }
-
-    public void shouldStoreOneSecretKey()
-        throws Exception
-    {
-        checkOneSecretKey(new SecretKeySpec(Hex.decode("000102030405060708090a0b0c0d0e0f"), "AES"), null);
-        checkOneSecretKey(new SecretKeySpec(Hex.decode("000102030405060708090a0b0c0d0e0f"), "AES"), testPassword);
-    }
-
-    private void checkOneSecretKey(SecretKey key, char[] passwd)
-        throws Exception
-    {
-        KeyStore store1 = KeyStore.getInstance("BCFKS", "BC");
-
-        store1.load(null, null);
-
-        store1.setKeyEntry("seckey", key, passwd, null);
-
-        isTrue("", 1 == store1.size());
-        Enumeration<String> en1 = store1.aliases();
-
-        isTrue("", "seckey".equals(en1.nextElement()));
-        isTrue("", !en1.hasMoreElements());
-
-        secretKeyStorageCheck(store1, "seckey", key, passwd);
-
-        Date entryDate = store1.getCreationDate("seckey");
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        store1.store(bOut, passwd);
-
-        KeyStore store2 = KeyStore.getInstance("BCFKS", "BC");
-
-        store2.load(new ByteArrayInputStream(bOut.toByteArray()), passwd);
-
-        isTrue("", entryDate.equals(store2.getCreationDate("seckey")));
-        isTrue("", 1 == store2.size());
-        Enumeration<String> en2 = store2.aliases();
-
-        isTrue("", "seckey".equals(en2.nextElement()));
-        isTrue("", !en2.hasMoreElements());
-
-        secretKeyStorageCheck(store2, "seckey", key, passwd);
-
-        // check invalid load with content
-
-        checkInvalidLoad(store2, passwd, bOut.toByteArray());
-
-        // check deletion on purpose
-
-        store1.deleteEntry("seckey");
-
-        isTrue("", 0 == store1.size());
-        isTrue("", !store1.aliases().hasMoreElements());
-
-        bOut = new ByteArrayOutputStream();
-
-        store1.store(bOut, passwd);
-
-        store2 = KeyStore.getInstance("BCFKS", "BC");
-
-        store2.load(new ByteArrayInputStream(bOut.toByteArray()), passwd);
-
-        isTrue("", 0 == store2.size());
-        isTrue("", !store2.aliases().hasMoreElements());
-    }
-
-    private void privateKeyStorageCheck(KeyStore store, String keyName, PrivateKey key, Certificate cert, char[] password)
-        throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException
-    {
-        if (!store.containsAlias(keyName))
-        {
-            fail("couldn't find alias privateKey");
-        }
-
-        if (store.isCertificateEntry(keyName))
-        {
-            fail("key identified as certificate entry");
-        }
-
-        if (!store.isKeyEntry(keyName))
-        {
-            fail("key not identified as key entry");
-        }
-
-        Key storeKey = store.getKey(keyName, password);
-
-        if (store.getType().equals("BCFKS"))
-        {
-            isTrue("", key.equals(storeKey));
-        }
-
-        if (password != null)
-        {
-            try
-            {
-                store.getKey(keyName, null);
-            }
-            catch (UnrecoverableKeyException e)
-            {
-                isTrue("", e.getMessage().startsWith("BCFKS KeyStore unable to recover private key (privkey)"));
-            }
-        }
-
-        Certificate[] certificateChain = store.getCertificateChain(keyName);
-        if (certificateChain == null)
-        {
-            fail("Did not return certificate chain");
-        }
-        isTrue("", cert.equals(certificateChain[0]));
-
-        isTrue("", keyName.equals(store.getCertificateAlias(cert)));
-
-        if (store.entryInstanceOf(keyName, KeyStore.TrustedCertificateEntry.class))
-        {
-            fail("identified as TrustedCertificateEntry");
-        }
-
-        if (!store.entryInstanceOf(keyName, KeyStore.PrivateKeyEntry.class))
-        {
-            fail("not identified as key entry via PrivateKeyEntry");
-        }
-
-        if (store.entryInstanceOf(keyName, KeyStore.SecretKeyEntry.class))
-        {
-            fail("identified as key entry via SecretKeyEntry");
-        }
-    }
-
-    private void certStorageCheck(KeyStore store, String certName, Certificate cert)
-        throws KeyStoreException
-    {
-        if (!store.containsAlias(certName))
-        {
-            fail("couldn't find alias " + certName);
-        }
-
-        if (!store.isCertificateEntry(certName))
-        {
-            fail("cert not identified as certificate entry");
-        }
-
-        if (store.isKeyEntry(certName))
-        {
-            fail("cert identified as key entry");
-        }
-
-        if (!store.entryInstanceOf(certName, KeyStore.TrustedCertificateEntry.class))
-        {
-            fail("cert not identified as TrustedCertificateEntry");
-        }
-
-        if (store.entryInstanceOf(certName, KeyStore.PrivateKeyEntry.class))
-        {
-            fail("cert identified as key entry via PrivateKeyEntry");
-        }
-
-        if (store.entryInstanceOf(certName, KeyStore.SecretKeyEntry.class))
-        {
-            fail("cert identified as key entry via SecretKeyEntry");
-        }
-
-        if (!certName.equals(store.getCertificateAlias(cert)))
-        {
-            fail("Did not return alias for certificate entry");
-        }
-    }
-
-    private void secretKeyStorageCheck(KeyStore store, String keyName, SecretKey key, char[] password)
-        throws KeyStoreException, UnrecoverableKeyException, NoSuchAlgorithmException
-    {
-        if (!store.containsAlias(keyName))
-        {
-            fail("couldn't find alias privateKey");
-        }
-
-        if (store.isCertificateEntry(keyName))
-        {
-            fail("key identified as certificate entry");
-        }
-
-        if (!store.isKeyEntry(keyName))
-        {
-            fail("key not identified as key entry");
-        }
-
-        Key storeKey = store.getKey(keyName, password);
-
-        isTrue("", Arrays.areEqual(key.getEncoded(), storeKey.getEncoded()));
-
-        if (password != null)
-        {
-            try
-            {
-                store.getKey(keyName, null);
-            }
-            catch (UnrecoverableKeyException e)
-            {
-                isTrue("", e.getMessage().startsWith("BCFKS KeyStore unable to recover secret key (seckey)"));
-            }
-        }
-
-        Certificate[] certificateChain = store.getCertificateChain(keyName);
-        if (certificateChain != null)
-        {
-            fail("returned certificates!");
-        }
-
-        if (store.entryInstanceOf(keyName, KeyStore.TrustedCertificateEntry.class))
-        {
-            fail("identified as TrustedCertificateEntry");
-        }
-
-        if (store.entryInstanceOf(keyName, KeyStore.PrivateKeyEntry.class))
-        {
-            fail("identified as key entry via PrivateKeyEntry");
-        }
-
-        if (!store.entryInstanceOf(keyName, KeyStore.SecretKeyEntry.class))
-        {
-            fail("not identified as key entry via SecretKeyEntry");
-        }
-    }
-
-    private void shouldParseOldStores()
-        throws Exception
-    {
-        KeyStore store = KeyStore.getInstance("BCFKS", "BC");
-
-        store.load(new ByteArrayInputStream(oldKeyStore), testPassword);
-
-        checkStore(store, oldKeyStore, testPassword);
-
-        store.load(new ByteArrayInputStream(oldKeyStoreNoPW), null);
-
-        checkStore(store, oldKeyStoreNoPW, null);
-    }
-
-    private void checkStore(KeyStore store1, byte[] data, char[] passwd)
-        throws Exception
-    {
-        isEquals(store1.getCertificateChain("privkey").length, 2);
-        isEquals(1, store1.size());
-        Enumeration<String> en2 = store1.aliases();
-
-        isEquals("privkey", en2.nextElement());
-        isTrue(!en2.hasMoreElements());
-
-        // check invalid load with content
-
-        checkInvalidLoad(store1, passwd, data);
-
-        try
-        {
-            store1.store(new ByteArrayOutputStream(), passwd);
-            fail("no exception");
-        }
-        catch (IOException e)
-        {
-            isEquals("KeyStore not initialized", e.getMessage());
-        }
-
-        // check deletion on purpose
-
-        store1.load(new ByteArrayInputStream(data), passwd);
-
-        store1.deleteEntry("privkey");
-
-        isEquals(0, store1.size());
-        isTrue(!store1.aliases().hasMoreElements());
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        store1.store(bOut, passwd);
-
-        KeyStore store2 = KeyStore.getInstance("BCFKS", "BC");
-
-        store2.load(new ByteArrayInputStream(bOut.toByteArray()), passwd);
-
-        isEquals(0, store2.size());
-        isTrue(!store2.aliases().hasMoreElements());
-    }
-
-    private void shouldStoreUsingSCRYPT()
-        throws Exception
-    {
-        byte[] enc = doStoreUsingStoreParameter(new ScryptConfig.Builder(1024, 8, 1)
-            .withSaltLength(20).build());
-
-        ObjectStore store = ObjectStore.getInstance(enc);
-
-        ObjectStoreIntegrityCheck integrityCheck = store.getIntegrityCheck();
-
-        isEquals(integrityCheck.getType(), ObjectStoreIntegrityCheck.PBKD_MAC_CHECK);
-
-        PbkdMacIntegrityCheck check = PbkdMacIntegrityCheck.getInstance(integrityCheck.getIntegrityCheck());
-
-        isTrue("wrong MAC", check.getMacAlgorithm().getAlgorithm().equals(PKCSObjectIdentifiers.id_hmacWithSHA512));
-        isTrue("wrong PBE", check.getPbkdAlgorithm().getAlgorithm().equals(MiscObjectIdentifiers.id_scrypt));
-
-        ScryptParams sParams = ScryptParams.getInstance(check.getPbkdAlgorithm().getParameters());
-
-        isEquals(20, sParams.getSalt().length);
-        isEquals(1024, sParams.getCostParameter().intValue());
-        isEquals(8, sParams.getBlockSize().intValue());
-        isEquals(1, sParams.getParallelizationParameter().intValue());
-
-        EncryptedObjectStoreData objStore = EncryptedObjectStoreData.getInstance(store.getStoreData());
-
-        AlgorithmIdentifier encryptionAlgorithm = objStore.getEncryptionAlgorithm();
-        isTrue(encryptionAlgorithm.getAlgorithm().equals(PKCSObjectIdentifiers.id_PBES2));
-
-        PBES2Parameters pbeParams = PBES2Parameters.getInstance(encryptionAlgorithm.getParameters());
-
-        isTrue(pbeParams.getKeyDerivationFunc().getAlgorithm().equals(MiscObjectIdentifiers.id_scrypt));
-
-        sParams = ScryptParams.getInstance(pbeParams.getKeyDerivationFunc().getParameters());
-
-        isEquals(20, sParams.getSalt().length);
-        isEquals(1024, sParams.getCostParameter().intValue());
-        isEquals(8, sParams.getBlockSize().intValue());
-        isEquals(1, sParams.getParallelizationParameter().intValue());
-    }
-
-    private void shouldStoreUsingKWP()
-        throws Exception
-    {
-        X509Certificate cert = (X509Certificate)CertificateFactory.getInstance("X.509", "BC").generateCertificate(new ByteArrayInputStream(trustedCertData));
-
-        KeyStore store1 = KeyStore.getInstance("BCFKS", "BC");
-
-        store1.load(new BCFKSLoadStoreParameter.Builder().withStoreEncryptionAlgorithm(BCFKSLoadStoreParameter.EncryptionAlgorithm.AES256_KWP).build());
-
-        store1.setCertificateEntry("cert", cert);
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        store1.store(bOut, testPassword);
-
-        byte[] enc = bOut.toByteArray();
-
-        ObjectStore store = ObjectStore.getInstance(enc);
-
-        ObjectStoreIntegrityCheck integrityCheck = store.getIntegrityCheck();
-
-        isEquals(integrityCheck.getType(), ObjectStoreIntegrityCheck.PBKD_MAC_CHECK);
-
-        PbkdMacIntegrityCheck check = PbkdMacIntegrityCheck.getInstance(integrityCheck.getIntegrityCheck());
-
-        isTrue("wrong MAC", check.getMacAlgorithm().getAlgorithm().equals(PKCSObjectIdentifiers.id_hmacWithSHA512));
-        isTrue("wrong PBE", check.getPbkdAlgorithm().getAlgorithm().equals(PKCSObjectIdentifiers.id_PBKDF2));
-
-        EncryptedObjectStoreData objStore = EncryptedObjectStoreData.getInstance(store.getStoreData());
-
-        AlgorithmIdentifier encryptionAlgorithm = objStore.getEncryptionAlgorithm();
-        isTrue(encryptionAlgorithm.getAlgorithm().equals(PKCSObjectIdentifiers.id_PBES2));
-
-        PBES2Parameters pbeParams = PBES2Parameters.getInstance(encryptionAlgorithm.getParameters());
-
-        isTrue(pbeParams.getKeyDerivationFunc().getAlgorithm().equals(PKCSObjectIdentifiers.id_PBKDF2));
-
-        isTrue(pbeParams.getEncryptionScheme().getAlgorithm().equals(NISTObjectIdentifiers.id_aes256_wrap_pad));
-    }
-
-    private void shouldStoreUsingPBKDF2()
-        throws Exception
-    {
-        doStoreUsingPBKDF2(PBKDF2Config.PRF_SHA512);
-        doStoreUsingPBKDF2(PBKDF2Config.PRF_SHA3_512);
-    }
-
-    private void doStoreUsingPBKDF2(AlgorithmIdentifier prf)
-        throws Exception
-    {
-        byte[] enc = doStoreUsingStoreParameter(new PBKDF2Config.Builder()
-            .withPRF(prf)
-            .withIterationCount(1024)
-            .withSaltLength(20).build());
-
-        ObjectStore store = ObjectStore.getInstance(enc);
-
-        ObjectStoreIntegrityCheck integrityCheck = store.getIntegrityCheck();
-
-        isEquals(integrityCheck.getType(), ObjectStoreIntegrityCheck.PBKD_MAC_CHECK);
-
-        PbkdMacIntegrityCheck check = PbkdMacIntegrityCheck.getInstance(integrityCheck.getIntegrityCheck());
-
-        isTrue("wrong MAC", check.getMacAlgorithm().getAlgorithm().equals(PKCSObjectIdentifiers.id_hmacWithSHA512));
-        isTrue("wrong PBE", check.getPbkdAlgorithm().getAlgorithm().equals(PKCSObjectIdentifiers.id_PBKDF2));
-
-        PBKDF2Params pParams = PBKDF2Params.getInstance(check.getPbkdAlgorithm().getParameters());
-
-        isTrue(pParams.getPrf().equals(prf));
-        isEquals(20, pParams.getSalt().length);
-        isEquals(1024, pParams.getIterationCount().intValue());
-
-        EncryptedObjectStoreData objStore = EncryptedObjectStoreData.getInstance(store.getStoreData());
-
-        AlgorithmIdentifier encryptionAlgorithm = objStore.getEncryptionAlgorithm();
-        isTrue(encryptionAlgorithm.getAlgorithm().equals(PKCSObjectIdentifiers.id_PBES2));
-
-        PBES2Parameters pbeParams = PBES2Parameters.getInstance(encryptionAlgorithm.getParameters());
-
-        isTrue(pbeParams.getKeyDerivationFunc().getAlgorithm().equals(PKCSObjectIdentifiers.id_PBKDF2));
-
-        pParams = PBKDF2Params.getInstance(check.getPbkdAlgorithm().getParameters());
-
-        isTrue(pParams.getPrf().equals(prf));
-        isEquals(20, pParams.getSalt().length);
-        isEquals(1024, pParams.getIterationCount().intValue());
-    }
-
-    private byte[] doStoreUsingStoreParameter(PBKDFConfig config)
-        throws Exception
-    {
-        X509Certificate cert = (X509Certificate)CertificateFactory.getInstance("X.509", "BC").generateCertificate(new ByteArrayInputStream(trustedCertData));
-
-        KeyStore store1 = KeyStore.getInstance("BCFKS", "BC");
-
-        store1.load(null, null);
-
-        store1.setCertificateEntry("cert", cert);
-
-        isTrue("", 1 == store1.size());
-        Enumeration<String> en1 = store1.aliases();
-
-        isTrue("", "cert".equals(en1.nextElement()));
-        isTrue("", !en1.hasMoreElements());
-
-        certStorageCheck(store1, "cert", cert);
-
-        Date entryDate = store1.getCreationDate("cert");
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        store1.store(new BCFKSLoadStoreParameter.Builder(bOut, testPassword).withStorePBKDFConfig(config).build());
-
-        KeyStore store2 = KeyStore.getInstance("BCFKS", "BC");
-
-        store2.load(new ByteArrayInputStream(bOut.toByteArray()), testPassword);
-
-        isTrue("", entryDate.equals(store2.getCreationDate("cert")));
-        isTrue("", 1 == store2.size());
-        Enumeration<String> en2 = store2.aliases();
-
-        isTrue("", "cert".equals(en2.nextElement()));
-        isTrue("", !en2.hasMoreElements());
-
-        certStorageCheck(store2, "cert", cert);
-
-        // check invalid load with content
-
-        checkInvalidLoad(store2, testPassword, bOut.toByteArray());
-
-        // check deletion on purpose
-
-        store1.deleteEntry("cert");
-
-        isTrue("", 0 == store1.size());
-        isTrue("", !store1.aliases().hasMoreElements());
-
-        bOut = new ByteArrayOutputStream();
-
-        store1.store(bOut, testPassword);
-
-        store2 = KeyStore.getInstance("BCFKS", "BC");
-
-        store2.load(new ByteArrayInputStream(bOut.toByteArray()), testPassword);
-
-        isTrue("", 0 == store2.size());
-        isTrue("", !store2.aliases().hasMoreElements());
-
-        return bOut.toByteArray();
-    }
-
-    public String getName()
-    {
-        return "BCFKS";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        shouldCreateEmptyBCFKSNoPassword();
-        shouldCreateEmptyBCFKSPassword();
-        shouldStoreMultipleKeys();
-        shouldStoreOneCertificate();
-        shouldStoreOneCertificateWithECDSASignature();
-        shouldStoreOneCertificateWithDSASignature();
-        shouldStoreOneCertificateWithRSASignature();
-        shouldStoreOneCertificateWithECDSASignatureAndCertificates();
-        shouldStoreOneECKeyWithChain();
-        shouldStoreOnePrivateKey();
-        shouldStoreOnePrivateKeyWithChain();
-        shouldStoreOneSecretKey();
-        shouldStoreSecretKeys();
-        shouldStoreUsingSCRYPT();
-        shouldStoreUsingPBKDF2();
-        shouldFailOnWrongPassword();
-        shouldParseKWPKeyStore();
-        shouldFailOnRemovesOrOverwrite();
-        shouldParseOldStores();
-        shouldStoreUsingKWP();
-        //shouldRejectInconsistentKeys();
-    }
-
-    public static void main(
-        String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new BCFKSStoreTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/BaseBlockCipherTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/BaseBlockCipherTest.java
deleted file mode 100644
index 379bd44..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/BaseBlockCipherTest.java
+++ /dev/null

@@ -1,172 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.security.Key;
-import java.security.SecureRandom;
-
-import javax.crypto.Cipher;
-import javax.crypto.KeyGenerator;
-import javax.crypto.SecretKey;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestFailedException;
-
-public abstract class BaseBlockCipherTest
-    extends SimpleTest
-{
-    String algorithm;
-
-    BaseBlockCipherTest(
-        String algorithm)
-    {
-        this.algorithm = algorithm;
-    }
-
-    public String getName()
-    {
-        return algorithm;
-    }
-
-    protected void oidTest(String[] oids, String[] names, int groupSize)
-        throws Exception
-    {
-        byte[] data = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16};
-        IvParameterSpec ivSpec = new IvParameterSpec(new byte[16]);
-
-        for (int i = 0; i != oids.length; i++)
-        {
-            Cipher c1 = Cipher.getInstance(oids[i], "BC");
-            Cipher c2 = Cipher.getInstance(names[i], "BC");
-            KeyGenerator kg = KeyGenerator.getInstance(oids[i], "BC");
-
-            SecretKey k = kg.generateKey();
-
-            if (names[i].indexOf("/ECB/") > 0)
-            {
-                c1.init(Cipher.ENCRYPT_MODE, k);
-                c2.init(Cipher.DECRYPT_MODE, k);
-            }
-            else
-            {
-                c1.init(Cipher.ENCRYPT_MODE, k, ivSpec);
-                c2.init(Cipher.DECRYPT_MODE, k, ivSpec);
-            }
-
-            byte[] result = c2.doFinal(c1.doFinal(data));
-
-            if (!areEqual(data, result))
-            {
-                fail("failed OID test");
-            }
-
-            if (k.getEncoded().length != (16 + ((i / groupSize) * 8)))
-            {
-                fail("failed key length test");
-            }
-        }
-    }
-
-    protected void wrapOidTest(String[] oids, String name)
-        throws Exception
-    {
-        byte[] data = {1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16};
-
-        for (int i = 0; i != oids.length; i++)
-        {
-            Cipher c1 = Cipher.getInstance(oids[i], "BC");
-            Cipher c2 = Cipher.getInstance(name, "BC");
-            KeyGenerator kg = KeyGenerator.getInstance(oids[i], "BC");
-
-            SecretKey k = kg.generateKey();
-
-            c1.init(Cipher.WRAP_MODE, k);
-            c2.init(Cipher.UNWRAP_MODE, k);
-
-            Key wKey = c2.unwrap(c1.wrap(new SecretKeySpec(data, algorithm)), algorithm, Cipher.SECRET_KEY);
-
-            if (!areEqual(data, wKey.getEncoded()))
-            {
-                fail("failed wrap OID test");
-            }
-
-            if (k.getEncoded().length != (16 + (i * 8)))
-            {
-                fail("failed key length test");
-            }
-        }
-    }
-
-    protected void wrapTest(
-        int     id,
-        String  wrappingAlgorithm,
-        byte[]  kek,
-        byte[]  in,
-        byte[]  out)
-        throws Exception
-    {
-        wrapTest(id, wrappingAlgorithm, kek, null, null, in, out);
-    }
-
-    protected void wrapTest(
-        int     id,
-        String  wrappingAlgorithm,
-        byte[]  kek,
-        byte[] iv,
-        SecureRandom rand,
-        byte[]  in,
-        byte[]  out)
-        throws Exception
-    {
-        Cipher wrapper = Cipher.getInstance(wrappingAlgorithm, "BC");
-
-        if (iv != null)
-        {
-            wrapper.init(Cipher.WRAP_MODE, new SecretKeySpec(kek, algorithm), new IvParameterSpec(iv), rand);
-        }
-        else
-        {
-            wrapper.init(Cipher.WRAP_MODE, new SecretKeySpec(kek, algorithm), rand);
-        }
-
-        try
-        {
-            byte[]  cText = wrapper.wrap(new SecretKeySpec(in, algorithm));
-            if (!areEqual(cText, out))
-            {
-                fail("failed wrap test " + id  + " expected " + new String(Hex.encode(out)) + " got " + new String(Hex.encode(cText)));
-            }
-        }
-        catch (TestFailedException e)
-        {
-            throw e;
-        }
-        catch (Exception e)
-        {
-            fail("failed wrap test exception " + e.toString(), e);
-        }
-
-        if (iv != null)
-        {
-            wrapper.init(Cipher.UNWRAP_MODE, new SecretKeySpec(kek, algorithm), new IvParameterSpec(iv));
-        }
-        else
-        {
-            wrapper.init(Cipher.UNWRAP_MODE, new SecretKeySpec(kek, algorithm));
-        }
-
-        try
-        {
-            Key  pText = wrapper.unwrap(out, algorithm, Cipher.SECRET_KEY);
-            if (!areEqual(pText.getEncoded(), in))
-            {
-                fail("failed unwrap test " + id  + " expected " + new String(Hex.encode(in)) + " got " + new String(Hex.encode(pText.getEncoded())));
-            }
-        }
-        catch (Exception e)
-        {
-            fail("failed unwrap test exception " + e.toString(), e);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/BlockCipherTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/BlockCipherTest.java
deleted file mode 100644
index c2475c3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/BlockCipherTest.java
+++ /dev/null

@@ -1,1630 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.DataInputStream;
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.InvalidParameterException;
-import java.security.Key;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.KeySpec;
-import java.util.HashSet;
-import java.util.Set;
-
-import javax.crypto.Cipher;
-import javax.crypto.CipherInputStream;
-import javax.crypto.CipherOutputStream;
-import javax.crypto.IllegalBlockSizeException;
-import javax.crypto.KeyGenerator;
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.ShortBufferException;
-import javax.crypto.spec.DESedeKeySpec;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.RC2ParameterSpec;
-import javax.crypto.spec.RC5ParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestFailedException;
-
-/**
- * basic test class for a block cipher, basically this just exercises the provider, and makes sure we
- * are behaving sensibly, correctness of the implementation is shown in the lightweight test classes.
- */
-public class BlockCipherTest
-    extends SimpleTest
-{
-    private static Set<String> shortIvOkay = new HashSet<String>();
-
-    static
-    {
-        shortIvOkay.add("EAX");
-        shortIvOkay.add("OCB");
-        shortIvOkay.add("CCM");
-        shortIvOkay.add("GCM");
-        shortIvOkay.add("SIC");
-        shortIvOkay.add("CTR");
-    }
-
-    static String[] cipherTests1 =
-    {
-        "DES",
-        "466da00648ef0e1f9617b1f002e225251a3248d09172f46b9617b1f002e225250112ecb3da61bc99",
-        "DESede",
-        "2f4bc6b30c893fa549d82c560d61cf3eb088aed020603de249d82c560d61cf3e529e95ecd8e05394",
-        "SKIPJACK",
-        "d4de46d52274dbb029f33b076043f8c40089f906751623de29f33b076043f8c4ac99b90f9396cb04",
-        "Blowfish",
-        "7870ebe7f6a52803eb9396ba6c5198216ce81d76d8d4c74beb9396ba6c5198211212473b05214e9f",
-        "GOST28147",
-        "0a77f4114451b37d44c5192619b723dd49093d1047c2373544c5192619b723dd06618da5b04d3670",
-        "Twofish",
-        "70336d9c9718a8a2ced1b19deed973a3c58af7ea71a69e7efc4df082dca581c0839e31468661bcfc57a14899ceeb0253",
-        "RC2",
-        "eb5b889bbcced12eb6b1a3da6a3d965bba66a5edfdd4c8a6b6b1a3da6a3d965b994a5b859e765797",
-        "RC5",
-        "220053543e3eca3bc9503a091ca67b08372560d8a4fdbee8c9503a091ca67b08a796d53bb8a4b7e0",
-        "RC5-64",
-        "e0b4a526ba3bc5f09199c3b1fe3737fe6d248cde70e565b0feea59ebfda375ae1946c386a48d8d8a74d7b1947ff6a788",
-        "RC6",
-        "44c97b67ca8486067f8b6c5b97632f3049e5e52c1d61fdd527dc3da39616540f19a3db39aac1ffd713795cd886cce0c0",
-        "IDEA",
-        "8c9fd56823ffdc523f6ccf7f614aa6173553e594fc7a21b53f6ccf7f614aa61740c54f7a66e95108",
-        "TEA",
-        "fcf45062104fda7c35712368b56dd4216a6ca998dc297b5435712368b56dd421208027ed2923cd0c",
-        "XTEA",
-        "4b427893d3d6aaded2afafabe25f7b233fb5589faa2b6389d2afafabe25f7b239d12979ac67e1c07",
-        "Camellia",
-        "3a68b4ad145bc2c76010669d68f2826359887afce763a78d9994143266adfaec8ba7ee562a1688ef9dfd7f897e5c44dc",
-        "SEED",
-        "d53d4ce1f48b9879420949467bfcbfbe2c6a7d4a8770bee0c71211def898d7c5024ce2007dd85accb3f69d906ae2164d",
-        "Noekeon",
-        "7e68ceb33aad9db04af6b878a16dd6c6b4f880d6c89027ba581884c10690bb6b3dbfd6ed5513e2c4f5670c3528023121",
-        "DES/CBC/NoPadding",
-        "60fa2f8fae5aa2a38e9ac77d0246726beb7511e4515feb12cf99f75cc6e0122a",
-        "DESede/CBC/NoPadding",
-        "4d3d7931875cf25593dc402298add8b914761e4936c9585ae22b2c1441169231",
-        "SKIPJACK/CBC/NoPadding",
-        "ceebcc2e5e2b847f9ed797b4930b95f115b9e6cf49c457fc2ea0df79ad5c8334",
-        "Blowfish/CBC/NoPadding",
-        "80823abbabc109733e7ebf3ce3344d67fc387c306b782086b452f7fbe8e844ce",
-        "Twofish/CBC/NoPadding",
-        "f819694251a00bdd403928745cd1d8a094de61f49ddf8e7692e9d81a83812943",
-        "RC2/CBC/NoPadding",
-        "a51facdb3933c9676795cd38cc3146fd4694722b468b1a979a399c77606abf99",
-        "RC5/CBC/NoPadding",
-        "9ee7517eab0280445f3a7c60c90c0f75029d65bca8b1af83ace5399d388c83c3",
-        "RC6/CBC/NoPadding",
-        "c44695633c07010f3a0d8f7ea046a642d4a96bf4e44f89fd91b46830bc95b130",
-        "IDEA/CBC/NoPadding",
-        "30cd990ebdae80fe12b6c6e4fcd1c064a27d985c276b3d7097351c8684e4c4d9",
-        "DES/CBC/PKCS5Padding",
-        "60fa2f8fae5aa2a38e9ac77d0246726beb7511e4515feb12cf99f75cc6e0122afdc70484fb9c0232",
-        "DES/CBC/ISO10126Padding",
-        "60fa2f8fae5aa2a38e9ac77d0246726beb7511e4515feb12cf99f75cc6e0122a980639850a2cc3e8",
-        "DES/CBC/ISO7816-4Padding",
-        "60fa2f8fae5aa2a38e9ac77d0246726beb7511e4515feb12cf99f75cc6e0122a1f80b9b0f1be49ac",
-        "DES/CBC/X9.23Padding",
-        "60fa2f8fae5aa2a38e9ac77d0246726beb7511e4515feb12cf99f75cc6e0122a980639850a2cc3e8",
-        "DESede/CBC/PKCS7Padding",
-        "4d3d7931875cf25593dc402298add8b914761e4936c9585ae22b2c1441169231a41e40695f1cff84",
-        "SKIPJACK/CBC/PKCS7Padding",
-        "ceebcc2e5e2b847f9ed797b4930b95f115b9e6cf49c457fc2ea0df79ad5c8334df7042de5db89c96",
-        "Blowfish/CBC/PKCS7Padding",
-        "80823abbabc109733e7ebf3ce3344d67fc387c306b782086b452f7fbe8e844cef986562ab1a675e8",
-        "Twofish/CBC/PKCS7Padding",
-        "f819694251a00bdd403928745cd1d8a094de61f49ddf8e7692e9d81a838129433e5f1343d6cdb0b41838619da1541f04",
-        "RC2/CBC/PKCS7Padding",
-        "a51facdb3933c9676795cd38cc3146fd4694722b468b1a979a399c77606abf9958435525f770f137",
-        "RC5/CBC/PKCS7Padding",
-        "9ee7517eab0280445f3a7c60c90c0f75029d65bca8b1af83ace5399d388c83c3edd95ff49be76651",
-        "RC5-64/CBC/PKCS7Padding",
-        "e479fd11f89dab22d2f3dd062b1d2abd5b5962553421a5c562dc7214c3b23b8e21949fda87f2f820e5f032c552c6ec78",
-        "RC6/CBC/PKCS7Padding",
-        "c44695633c07010f3a0d8f7ea046a642d4a96bf4e44f89fd91b46830bc95b130824b972c9019a69d2dd05ef2d36b37ac",
-        "IDEA/CBC/PKCS7Padding",
-        "30cd990ebdae80fe12b6c6e4fcd1c064a27d985c276b3d7097351c8684e4c4d9e584751325ef7c32",
-        "IDEA/CBC/ISO10126Padding",
-        "30cd990ebdae80fe12b6c6e4fcd1c064a27d985c276b3d7097351c8684e4c4d978b3fd73135f033b",
-        "IDEA/CBC/X9.23Padding",
-        "30cd990ebdae80fe12b6c6e4fcd1c064a27d985c276b3d7097351c8684e4c4d978b3fd73135f033b",
-        "AES/CBC/PKCS7Padding",
-        "cf87f4d8bb9d1abb36cdd9f44ead7d046db2f802d99e1ef0a5940f306079e08389a44c4a8cc1a47cbaee1128da55bbb7",
-        "AES/CBC/ISO7816-4Padding",
-        "cf87f4d8bb9d1abb36cdd9f44ead7d046db2f802d99e1ef0a5940f306079e08306d84876508a33efec701118d8eeaf6d",
-        "Rijndael/CBC/PKCS7Padding",
-        "cf87f4d8bb9d1abb36cdd9f44ead7d046db2f802d99e1ef0a5940f306079e08389a44c4a8cc1a47cbaee1128da55bbb7",
-        "Serpent/CBC/PKCS7Padding",
-        "d8b971931de211cb2d31721773a5b1f9dc4e263efe0465f97c024daa26dd7d03473e9beb82ba809cf36071d4807e4706",
-        "Tnepres/CBC/PKCS7Padding",
-        "f8940ca31aba8ce1e0693b1ae0b1e08daef6de03c80f019774280052f824ac44540bb8dd74dfad47f83f9c7ec268ca68",
-        "CAST5/CBC/PKCS7Padding",
-        "87b6dc0c5a1d23d42fa740b0548be0b298112000544610d889d6361994cf8e670a19d6af72d7289f",
-        "CAST6/CBC/PKCS7Padding",
-        "943445569cfdda174118e433828f84e137faee38cac5c827d87a3c9a5a46a07dd64e7ad8accd921f248eea627cd6826f",
-        "DES/CBC/WithCTS",
-        "60fa2f8fae5aa2a38e9ac77d0246726bcf99f75cc6e0122aeb7511e4515feb12",
-        "IDEA/CBC/PKCS7Padding",
-        "30cd990ebdae80fe12b6c6e4fcd1c064a27d985c276b3d7097351c8684e4c4d9e584751325ef7c32",
-        "DES/CBC/ZeroBytePadding",
-        "60fa2f8fae5aa2a38e9ac77d0246726beb7511e4515feb12cf99f75cc6e0122ad3b3f002c927f1fd",
-        "DES/CTS/NoPadding", // official style
-        "60fa2f8fae5aa2a38e9ac77d0246726bcf99f75cc6e0122aeb7511e4515feb12",
-        "DESede/CTS/NoPadding",
-        "4d3d7931875cf25593dc402298add8b9e22b2c144116923114761e4936c9585a",
-        "SKIPJACK/CTS/NoPadding",
-        "ceebcc2e5e2b847f9ed797b4930b95f12ea0df79ad5c833415b9e6cf49c457fc",
-        "Blowfish/CTS/NoPadding",
-        "80823abbabc109733e7ebf3ce3344d67b452f7fbe8e844cefc387c306b782086",
-        "Twofish/CTS/NoPadding",
-        "94de61f49ddf8e7692e9d81a83812943f819694251a00bdd403928745cd1d8a0",
-        "AES/CTS/NoPadding",
-        "6db2f802d99e1ef0a5940f306079e083cf87f4d8bb9d1abb36cdd9f44ead7d04",
-        "Rijndael/CTS/NoPadding",
-        "6db2f802d99e1ef0a5940f306079e083cf87f4d8bb9d1abb36cdd9f44ead7d04",
-        "Serpent/CTS/NoPadding",
-        "dc4e263efe0465f97c024daa26dd7d03d8b971931de211cb2d31721773a5b1f9",
-        "Tnepres/CTS/NoPadding",
-        "aef6de03c80f019774280052f824ac44f8940ca31aba8ce1e0693b1ae0b1e08d",
-        "CAST5/CTS/NoPadding",
-        "87b6dc0c5a1d23d42fa740b0548be0b289d6361994cf8e6798112000544610d8",
-        "CAST6/CTS/NoPadding",
-        "37faee38cac5c827d87a3c9a5a46a07d943445569cfdda174118e433828f84e1",
-        "RC2/CTS/NoPadding",
-        "a51facdb3933c9676795cd38cc3146fd9a399c77606abf994694722b468b1a97",
-        "RC5/CTS/NoPadding",
-        "9ee7517eab0280445f3a7c60c90c0f75ace5399d388c83c3029d65bca8b1af83",
-        "RC6/CTS/NoPadding",
-        "d4a96bf4e44f89fd91b46830bc95b130c44695633c07010f3a0d8f7ea046a642",
-        "IDEA/CTS/NoPadding",
-        "30cd990ebdae80fe12b6c6e4fcd1c06497351c8684e4c4d9a27d985c276b3d70",
-        "DES/CBC/WithCTS",                  // older style
-        "60fa2f8fae5aa2a38e9ac77d0246726bcf99f75cc6e0122aeb7511e4515feb12",
-        "DESede/CBC/WithCTS",
-        "4d3d7931875cf25593dc402298add8b9e22b2c144116923114761e4936c9585a",
-        "SKIPJACK/CBC/WithCTS",
-        "ceebcc2e5e2b847f9ed797b4930b95f12ea0df79ad5c833415b9e6cf49c457fc",
-        "Blowfish/CBC/WithCTS",
-        "80823abbabc109733e7ebf3ce3344d67b452f7fbe8e844cefc387c306b782086",
-        "Twofish/CBC/WithCTS",
-        "94de61f49ddf8e7692e9d81a83812943f819694251a00bdd403928745cd1d8a0",
-        "AES/CBC/WithCTS",
-        "6db2f802d99e1ef0a5940f306079e083cf87f4d8bb9d1abb36cdd9f44ead7d04",
-        "Rijndael/CBC/WithCTS",
-        "6db2f802d99e1ef0a5940f306079e083cf87f4d8bb9d1abb36cdd9f44ead7d04",
-        "Serpent/CBC/WithCTS",
-        "dc4e263efe0465f97c024daa26dd7d03d8b971931de211cb2d31721773a5b1f9",
-        "Tnepres/CBC/WithCTS",
-        "aef6de03c80f019774280052f824ac44f8940ca31aba8ce1e0693b1ae0b1e08d",
-        "CAST5/CBC/WithCTS",
-        "87b6dc0c5a1d23d42fa740b0548be0b289d6361994cf8e6798112000544610d8",
-        "CAST6/CBC/WithCTS",
-        "37faee38cac5c827d87a3c9a5a46a07d943445569cfdda174118e433828f84e1",
-        "RC2/CBC/WithCTS",
-        "a51facdb3933c9676795cd38cc3146fd9a399c77606abf994694722b468b1a97",
-        "RC5/CBC/WithCTS",
-        "9ee7517eab0280445f3a7c60c90c0f75ace5399d388c83c3029d65bca8b1af83",
-        "RC6/CBC/WithCTS",
-        "d4a96bf4e44f89fd91b46830bc95b130c44695633c07010f3a0d8f7ea046a642",
-        "IDEA/CBC/WithCTS",
-        "30cd990ebdae80fe12b6c6e4fcd1c06497351c8684e4c4d9a27d985c276b3d70",
-        "Blowfish/CTR/NoPadding",
-        "6cd6f7c5d2c65555d2b31f8614f54ec654f5e7888d515008d59302c3edfcc6cb",
-        "CAST5/CTR/NoPadding",
-        "9ef6c08987f02d3dc218513450cf0f8d6aa9eb15d0ad92dde14863731a7e39c2",
-        "Camellia/CTR/NoPadding",
-        "9132cee4b4f13574ed61c00997f8049e8b45f941f6394e333926a3245f11d759",
-        "DES/OFB/NoPadding",
-        "537572e480c1714f5c9a4f3b874df824dc6681b1fd6c11982debcad91e3f78b7",
-        "DESede/OFB/NoPadding",
-        "481e9872acea7fcf8e29a453242da774e5f6a28f15f7723659a73e4ff4939f80",
-        "SKIPJACK/OFB/NoPadding",
-        "71143a124e3a0cde753b60fe9b200e559018b6a0fe0682659f7c13feb9df995c",
-        "Blowfish/OFB/NoPadding",
-        "6cd6f7c5d2c655556d7a9e98a1696d1875e9f1b2fc991e28a2d55b56861e80bd",
-        "Twofish/OFB/NoPadding",
-        "821c54b1b54ae113cf74595eefe10c83b61c9682fc81f92c52f39a3a693f88b8",
-        "Threefish-256/OFB/NoPadding",
-        "546ea995dd302f1efcb1f27d14bad468280a3a7994c2af75dfdf1e9fc5ef2373",
-        "Threefish-512/OFB/NoPadding",
-        "152df966484ecc2e9ddfc386559732f7f632e4008920804a1bde4efcf2e6e2f2",
-        "Threefish-1024/OFB/NoPadding",
-        "03953ac751a7377812c6e3e4d14b36c6953f9b390acaa892811c10001c9be454",
-        "RC2/OFB/NoPadding",
-        "0a07cb78537cb04c0c74e28a7b86b80f80acadf87d6ef32792f1a8cf74b39f74",
-        "RC5/OFB/NoPadding",
-        "c62b233df296283b918a2b4cc53a54fbf061850e781b97332ed1bd78b88d9670",
-        "IDEA/OFB/NoPadding",
-        "dd447da3cbdcf81f4053fb446596261cb00a3c49a66085485af5f7c10ba20dad",
-        "DES/OFB8/NoPadding",
-        "53cb5010d189f94cf584e5ff1c4a9d86443c45ddb6fa3c2d1a5dadfcdf01db8a",
-        "DESede/OFB8/NoPadding",
-        "482c0c1ccd0e6d218e1cffb0a295352c2357ffaa673f2257ef5c77b6c04f03b5",
-        "SKIPJACK/OFB8/NoPadding",
-        "719ea1b432b3d2c8011e5aa873f95978420022b5e2c9c1a1c1082cd1f4999da2",
-        "Blowfish/OFB8/NoPadding",
-        "6ca6078755b263f09787d830b6fda7b7748494634bdc73ab68540cf9f6b7eccf",
-        "Twofish/OFB8/NoPadding",
-        "825dcec234ad52253d6e064b0d769bc04b1142435933f4a510ffc20d70095a88",
-        "Threefish-256/OFB8/NoPadding",
-        "545fbd92313512127218262dd4394569aca96ba122e1432b661ecfc01af3a25c",
-        "Threefish-512/OFB8/NoPadding",
-        "15f6e7d215662c525ea982cab56409cf833157e1af06edd57a13c71487904fea",
-        "Threefish-1024/OFB8/NoPadding",
-        "03d80b67ff7139d9dd8b07280642f94074496e5fc37b1ba1f8593cdf64a1e4ca",
-        "RC2/OFB8/NoPadding",
-        "0aa26c6f6a820fe7d38da97085995ad62e2e293323a76300fcd4eb572810f7c6",
-        "RC5/OFB8/NoPadding",
-        "c601a9074dbd874f4d3293f6a32d93d9f0a4f5685d8597f0102fcc96d444f976",
-        "IDEA/OFB8/NoPadding",
-        "dd7897b6ced43d060a518bb38d570308b83b4de577eb208130daabf619e9b1fb",
-        "DES/CFB/NoPadding",
-        "537572e480c1714fec3c7424f88d4202219244c5ca8f5e4361d64f08fe747bb2",
-        "DESede/CFB/NoPadding",
-        "481e9872acea7fcfb75bb58670fe64c59123265139e357d161cd4ddb5eba042a",
-        "SKIPJACK/CFB/NoPadding",
-        "71143a124e3a0cde70a69ede4ceb14376b1e6a80bafde0a6330508dfa86a7c41",
-        "Blowfish/CFB/NoPadding",
-        "6cd6f7c5d2c6555561167fe9b10665102206869339122f1ed89efa4a985397f6",
-        "Twofish/CFB/NoPadding",
-        "821c54b1b54ae113cf74595eefe10c8308b7a438277de4f40948ac2d172d53d2",
-        "Threefish-256/CFB/NoPadding",
-        "546ea995dd302f1efcb1f27d14bad468280a3a7994c2af75dfdf1e9fc5ef2373",
-        "Threefish-512/CFB/NoPadding",
-        "152df966484ecc2e9ddfc386559732f7f632e4008920804a1bde4efcf2e6e2f2",
-        "Threefish-1024/CFB/NoPadding",
-        "03953ac751a7377812c6e3e4d14b36c6953f9b390acaa892811c10001c9be454",
-        "RC2/CFB/NoPadding",
-        "0a07cb78537cb04ca1401450d5cd411c7da7fa5b6baaa17bb2137bd95c9f26a5",
-        "RC5/CFB/NoPadding",
-        "c62b233df296283b989352bbebf616a19e11503ac737f9e0eaf19049cde05d34",
-        "IDEA/CFB/NoPadding",
-        "dd447da3cbdcf81fcbe4661dcbed88aed899f87585118384bd0565067fa6c13a",
-        "DES/CFB8/NoPadding",
-        "53cb0cdff712a825eb283b23c31e7323aa12495e7e751428b5c4eb89b28a25d4",
-        "DESede/CFB8/NoPadding",
-        "482cd5bf87ca4cee0b573d66a077231bfea93843ce2d1f948550a1d208e18279",
-        "SKIPJACK/CFB8/NoPadding",
-        "719eef3906bef23f7b63599285437d8e34183b165acf3e855b4e160d4f036508",
-        "Blowfish/CFB8/NoPadding",
-        "6ca63aaada9188d2410c07513cc0736b9888770768c25a5befc776beea5bdc4c",
-        "Twofish/CFB8/NoPadding",
-        "825d12af040721cf5ed4a4798647837ac5eb14d752aace28728aeb37b2010abd",
-        "Threefish-256/CFB8/NoPadding",
-        "545fbf0a4b925f399cf7540f1cc1cc6012e329ab2d4db0aa0dfa29ee2a2019d1",
-        "Threefish-512/CFB8/NoPadding",
-        "15f695964f20b95ed72afad75f905788839c53bed2ae5fdfdfb13e3241fd7f94",
-        "Threefish-1024/CFB8/NoPadding",
-        "03d897c89e740d2254f717b73315151d9a34c829e4162232b3cd5f5158ff367b",
-        "RC2/CFB8/NoPadding",
-        "0aa227f94be3a32ff927c5d25647ea41d7c2a1e94012fc7f2ad6767b9664bce5",
-        "RC5/CFB8/NoPadding",
-        "c601cf88725411f119965b9cd38d6c313b91128ed7c98c7604cc62d9b210be79",
-        "IDEA/CFB8/NoPadding",
-        "dd7839d2525420d10f95eec23dbaf3463302c445972a28c563c2635191bc19af",
-        "IDEA/PGPCFB/NoPadding",
-        "dd447da3cbdcf81fcbe4661dcbed88aed899f87585118384bd0565067fa6c13a",
-        "IDEA/PGPCFBwithIv/NoPadding",
-        "ed5adbac0e730cc0f00df7e4f6fef672ab042673106435faf3ecf3996a72a0e127b440ba9e5313501de3",
-        "Twofish/ECB/TBCPadding",
-        "70336d9c9718a8a2ced1b19deed973a3c58af7ea71a69e7efc4df082dca581c019d7daa58d02b89aab6e8c0d17202439",
-        "RC2/ECB/TBCPadding",
-        "eb5b889bbcced12eb6b1a3da6a3d965bba66a5edfdd4c8a6b6b1a3da6a3d965b6b5359ba5e69b179",
-        "DES/CTR/NoPadding",
-        "537572e480c1714fb47081d35eb18eaca9e0a5aee982f105438a0db6cece1f6d",
-        "DESede/CTR/NoPadding",
-        "481e9872acea7fcfa93b7d4e34ec7bab340c10faba2e43b879d40d38e07c422d",
-        "SKIPJACK/CTR/NoPadding",
-        "71143a124e3a0cdeee98a7b843baa05bd1d59faee8ec9b89880e070314a04cc2",
-        "Blowfish/CTR/NoPadding",
-        "6cd6f7c5d2c65555d2b31f8614f54ec654f5e7888d515008d59302c3edfcc6cb",
-        "Twofish/CTR/NoPadding",
-        "821c54b1b54ae113cf74595eefe10c83d09e95d4599190b9bbd5bc71dd703730",
-        "Threefish-256/CTR/NoPadding",
-        "546ea995dd302f1efcb1f27d14bad468280a3a7994c2af75dfdf1e9fc5ef2373",
-        "Threefish-512/CTR/NoPadding",
-        "152df966484ecc2e9ddfc386559732f7f632e4008920804a1bde4efcf2e6e2f2",
-        "Threefish-1024/CTR/NoPadding",
-        "03953ac751a7377812c6e3e4d14b36c6953f9b390acaa892811c10001c9be454",
-        "RC2/CTR/NoPadding",
-        "0a07cb78537cb04c8c5a0a39a15977a7eb19f3c48a42759c234868c391a99c63",
-        "RC5/CTR/NoPadding",
-        "c62b233df296283b97f17364d5f69a1ff91f46659cf9856caefd322a936203a7",
-        "IDEA/CTR/NoPadding",
-        "dd447da3cbdcf81f4694ab7715d79e3f90af5682e8c318b8f7dadbed6b5c9714",
-        "Blowfish/EAX/NoPadding",
-        "bee85ae6512b8a2346d46f7bac31526238091ccc5de75760c9a39628fb45d44a653bfac0",
-        "CAST5/EAX/NoPadding",
-        "85e0dbd3402f2179f96d231315ec73f04f64f1b7ab1347423b9aec51a07a7222e2bc65a3",
-        "DES/EAX/NoPadding",
-        "07d12249945e77607086f7463f316966466e6a0c0789b3307b8b51a7cc807e3c1fb91f98",
-        "DESede/EAX/NoPadding",
-        "278b28f13537dc13bb688c95391754bd6d39c79a7361b407f8dee0b111b264f20391cb0e",
-        "GOST28147/EAX/NoPadding",
-        "1416713d52affb595b880be996e838edd377e67dfe822fbb0ff235f1b706e6ce34d68dc5",
-        "IDEA/EAX/NoPadding",
-        "b2e9f3e40954c140ac60423466dee0138f84e879fbde003780202bd83c91571b64df7bb7",
-        "RC2/EAX/NoPadding",
-        "5d1c095de75bd5eef6a5146f7d6c44545807a8b452f7a38e2719a14f1a269709d2eda2d3",
-        "SEED/EAX/NoPadding",
-        "6780f18b2dd1f75a934b5a3e45e8fd44877fd3498a9b919b417b3d8a7c67c6021d74bbaef71841ef",
-        "Serpent/EAX/NoPadding",
-        "13c2b1fec2bda74f5ccc8ca31b36a2e91ee024a215387219808640b2fc7a6a41e017aacee3ed893a",
-        "Tnepres/EAX/NoPadding",
-        "8d5ac312ca0d436a0154d56568d39811ccf6bb970012398014fc8a49ed669b117443c0249b07ead8",
-        "SM4/EAX/NoPadding",
-        "e072a95da8e529b41199859482142b3fdfa6b7af27348e5ebf35445a099583dae882affde90ea4a4",
-        "Twofish/EAX/NoPadding",
-        "9a90dffe1233a04733fc8869e8ec4cba2fa53d9543f0206825293b1ff102e63f81a60b12204e1fd8",
-        "IDEA/OFB/NoPadding",
-        "dd447da3cbdcf81f4053fb446596261cb00a3c49a66085485af5f7c10ba20dad",
-        "RC2/OFB/NoPadding",
-        "0a07cb78537cb04c0c74e28a7b86b80f80acadf87d6ef32792f1a8cf74b39f74",
-        "SEED/OFB/NoPadding",
-        "9fd249435dc66d3d5d41abad270df5e3c6b972692fadfcb6c311b047f96fb114",
-        "SEED/OCB/NoPadding",
-        "eb04b3612769e1ad681f975af1a6f401d94dc88276dd50fc3ebce791c28825c652b7351acbad8c63d4d66191de94c970",
-        "SEED/CCM/NoPadding",
-        "da684e8cab782d4ebae835726f43c3aeea97ee270897255714d464e981ac39af06c9483153f8a05a",
-        "SEED/GCM/NoPadding",
-        "ed5f6293c9a4f280af6695750bfb3bb3b60c214565a049494df955152757812ebfb93705895606c4378498a93f2541b5",
-        "SM4/GCM/NoPadding",
-        "323b601a951da693f87e53c6832380719b4d4bd306c94248202b7e337c81e2d9de0044b77a4c556f15f6fd19f828236b",
-        "DES/ECB/TBCPadding",
-        "466da00648ef0e1f9617b1f002e225251a3248d09172f46b9617b1f002e22525698575eb3998481b",
-        "GOST28147/ECB/TBCPadding",
-        "0a77f4114451b37d44c5192619b723dd49093d1047c2373544c5192619b723dde7b0810d205c07ab",
-        "IDEA/ECB/TBCPadding",
-        "8c9fd56823ffdc523f6ccf7f614aa6173553e594fc7a21b53f6ccf7f614aa61747a7c95a57b9eaf4",
-        "RC2/ECB/TBCPadding",
-        "eb5b889bbcced12eb6b1a3da6a3d965bba66a5edfdd4c8a6b6b1a3da6a3d965b6b5359ba5e69b179",
-        "SEED/ECB/TBCPadding",
-        "d53d4ce1f48b9879420949467bfcbfbe2c6a7d4a8770bee0c71211def898d7c509f6e111845db39b4cce1dd155aa592b",
-        "DES/CBC/TBCPadding",
-        "60fa2f8fae5aa2a38e9ac77d0246726beb7511e4515feb12cf99f75cc6e0122ad3b3f002c927f1fd",
-        "GOST28147/CBC/TBCPadding",
-        "ba87be9c465cbb30e1bf0148daa9639c2e4cbc1b6777cfcda860760686596159aa564fd65e66c125",
-        "IDEA/CBC/TBCPadding",
-        "30cd990ebdae80fe12b6c6e4fcd1c064a27d985c276b3d7097351c8684e4c4d922f14e12faecaa0b",
-        "RC2/CBC/TBCPadding",
-        "a51facdb3933c9676795cd38cc3146fd4694722b468b1a979a399c77606abf9997b47d2f64a37e2f",
-        "SEED/CBC/TBCPadding",
-        "fc34f03ddf4d2a4d9934addc82011af1d5f76ee015b691a6524d7ad5464422d7989825d19e23a60ba759407e13d1ea02",
-        "DES/CFB8/NoPadding",
-        "53cb0cdff712a825eb283b23c31e7323aa12495e7e751428b5c4eb89b28a25d4",
-        "GOST28147/CFB8/NoPadding",
-        "29f6ca1ca7ae9670413183932a28cdd4a09f2ba630c3c3fbf6f071d3774d7577",
-        "IDEA/CFB8/NoPadding",
-        "dd7839d2525420d10f95eec23dbaf3463302c445972a28c563c2635191bc19af",
-        "RC2/CFB8/NoPadding",
-        "0aa227f94be3a32ff927c5d25647ea41d7c2a1e94012fc7f2ad6767b9664bce5",
-        "SEED/CFB8/NoPadding",
-        "9f1622c3785a034ee4c595df05fb11e69e4d52036e238d2d451e190e87ee876e",
-        "DES/CTS/NoPadding",
-        "60fa2f8fae5aa2a38e9ac77d0246726bcf99f75cc6e0122aeb7511e4515feb12",
-        "GOST28147/CTS/NoPadding",
-        "ba87be9c465cbb30e1bf0148daa9639ca8607606865961592e4cbc1b6777cfcd",
-        "IDEA/CTS/NoPadding",
-        "30cd990ebdae80fe12b6c6e4fcd1c06497351c8684e4c4d9a27d985c276b3d70",
-        "RC2/CTS/NoPadding",
-        "a51facdb3933c9676795cd38cc3146fd9a399c77606abf994694722b468b1a97",
-        "SEED/CTS/NoPadding",
-        "d5f76ee015b691a6524d7ad5464422d7fc34f03ddf4d2a4d9934addc82011af1",
-        "SHACAL-2/CBC/PKCS7Padding",
-        "3af7c54ea55d2497162ac9c79d9b2f7837898f83aa4b50b7b762979aa8087669b6a81cdec475ed4d2394d7ad771404a52eb52d245a39f0d7d3e8062d3b0f0e54",
-        "SHACAL-2/CBC/TBCPadding",
-        "3af7c54ea55d2497162ac9c79d9b2f7837898f83aa4b50b7b762979aa80876693f17fbe9a5baa88ed21b2e1a863dc449061f40cafadfc3cf73486208f87b9352",
-    };
-
-    static String[] cipherTests2 =
-    {
-        "DES/OFB64/NoPadding",
-        "537572e480c1714f5c9a4f3b874df824dc6681b1fd6c11982debcad91e",
-        "DES/CFB64/NoPadding",
-        "537572e480c1714fec3c7424f88d4202219244c5ca8f5e4361d64f08fe",
-        "DES/CTR/NoPadding",
-        "537572e480c1714fb47081d35eb18eaca9e0a5aee982f105438a0db6ce",
-        "DES/CTS/NoPadding",
-        "60fa2f8fae5aa2a38e9ac77d0246726b32df660db51a710ceb7511e451"
-    };
-
-    static String[] cipherTestsLargeBlock =
-    {
-        "SHACAL-2/CBC/withCTS",
-        "3af7c54ea55d2497162ac9c79d9b2f7837898f83aa4b50b7b762979aa8087669c7228283218babbc53af6eb9edefe37ddd827ded8dd6d99557e9f10075b53e18fff454cccdc913a1817dcad39fca72820e014892ff16432233e9a0a19aa499b456478bbaaa6c1a4adcda6564906a71fd49669fffec5806dd86c451052d70f276",
-        "SHACAL-2/CBC/PKCS7Padding",
-        "3af7c54ea55d2497162ac9c79d9b2f7837898f83aa4b50b7b762979aa8087669c7228283218babbc53af6eb9edefe37ddd827ded8dd6d99557e9f10075b53e1856478bbaaa6c1a4adcda6564906a71fd49669fffec5806dd86c451052d70f276fff454cccdc913a1817dcad39fca72820e014892ff16432233e9a0a19aa499b4dda7154ca3f53f3c8ff443f31b7821aa05cdcf584add4dbfb436abb2cffec14d",
-        "SHACAL-2/CBC/ISO10126-2Padding",
-        "3af7c54ea55d2497162ac9c79d9b2f7837898f83aa4b50b7b762979aa8087669c7228283218babbc53af6eb9edefe37ddd827ded8dd6d99557e9f10075b53e1856478bbaaa6c1a4adcda6564906a71fd49669fffec5806dd86c451052d70f276fff454cccdc913a1817dcad39fca72820e014892ff16432233e9a0a19aa499b46ba38f310460943eca68cbe924899c32e4436e71c3b7c9714d139ca559a4a63c",
-        "SHACAL-2/CBC/ISO7816-4Padding",
-        "3af7c54ea55d2497162ac9c79d9b2f7837898f83aa4b50b7b762979aa8087669c7228283218babbc53af6eb9edefe37ddd827ded8dd6d99557e9f10075b53e1856478bbaaa6c1a4adcda6564906a71fd49669fffec5806dd86c451052d70f276fff454cccdc913a1817dcad39fca72820e014892ff16432233e9a0a19aa499b499af44e121ef1a08eaaa3b96f2c4fe6248c375435a69f7fc0e1c22eed8aeeac2",
-        "SHACAL-2/CBC/X923Padding",
-        "3af7c54ea55d2497162ac9c79d9b2f7837898f83aa4b50b7b762979aa8087669c7228283218babbc53af6eb9edefe37ddd827ded8dd6d99557e9f10075b53e1856478bbaaa6c1a4adcda6564906a71fd49669fffec5806dd86c451052d70f276fff454cccdc913a1817dcad39fca72820e014892ff16432233e9a0a19aa499b46ba38f310460943eca68cbe924899c32e4436e71c3b7c9714d139ca559a4a63c",
-        "SHACAL-2/CBC/TBCPadding",
-        "3af7c54ea55d2497162ac9c79d9b2f7837898f83aa4b50b7b762979aa8087669c7228283218babbc53af6eb9edefe37ddd827ded8dd6d99557e9f10075b53e1856478bbaaa6c1a4adcda6564906a71fd49669fffec5806dd86c451052d70f276fff454cccdc913a1817dcad39fca72820e014892ff16432233e9a0a19aa499b49607ddd0d5c54de11ed6ae50afa7fe6ed7f298b5963254e60e069f0916b8f0e1",
-        "SHACAL-2/CTR/NoPadding",
-        "e128b4dd0a8a3bf0d4b558ec2a76700a754a1f99cf83a28b3e3a4c2c6b7c6d2cbeb759073b08aa4294730bbed03cfb77a506efb833a4c09a906bbabf25daca6d7ee7df13ef0c462a54dcede0b282914f7914b1cf6f64409c6ce4ea48c7da26ea95fcb7f4b8d169f4bd6b0515f6a37d784b3b9fbb519f931a912391250a78e0c5",
-        "SHACAL-2/CFB8/NoPadding",
-        "e185119f49ecb9370bc6915d9f3748e352a4bbd26a7d4911089762cd2933912e220909b2c4a5c047038a547f89701ab6b0ab7fb6cc3e48c79ab573e218793d01f78c3b590ad9d6ce078d3ccecedd228bb8cce130b94dcfe8d5d0ed6fcbb9d1d06768da1f0a4b979c2cdd590474f05e6c0073c35e5202b3f8f73e5e9028120c2b",
-        "SHACAL-2/CFB256/NoPadding",
-        "e128b4dd0a8a3bf0d4b558ec2a76700a754a1f99cf83a28b3e3a4c2c6b7c6d2ccd3ea6711fea5531f1bb21be35c6cc8b25e86942f397106b65c56b42267f4bf62782bd6011cb320bb073ceb037de8a5bd775f6fb3ee74525ef6286c54bbb1d19f29e2ed08c7519ecd1440a50fc68a254f7f5ac085f9b7d63e4fa651a25ab7a3b",
-        "SHACAL-2/CFB/NoPadding",
-        "e128b4dd0a8a3bf0d4b558ec2a76700a754a1f99cf83a28b3e3a4c2c6b7c6d2ccd3ea6711fea5531f1bb21be35c6cc8b25e86942f397106b65c56b42267f4bf62782bd6011cb320bb073ceb037de8a5bd775f6fb3ee74525ef6286c54bbb1d19f29e2ed08c7519ecd1440a50fc68a254f7f5ac085f9b7d63e4fa651a25ab7a3b",
-        "SHACAL-2/OFB/NoPadding",
-        "e128b4dd0a8a3bf0d4b558ec2a76700a754a1f99cf83a28b3e3a4c2c6b7c6d2cb231d2897aba5cffa1b64a99fb6f9b5c9df8875dcd0d88412dacfaf61c2985ee726c4f534c109b16289811f1fc8e20d73c3a4c07dc30e07e806bc631a7e901e5d77fe48114b52abbed9a0c58bde5622c1a624ad8714e5044081016da78518d58",
-        "SHACAL-2/EAX/NoPadding",
-        "002e7bac7a8776e78ae9f0ea5df37b3c02a9210a91d583b1ef8dfad22cc346acbe9ff20ea8707e49ba85ed5718225b9f5b4550cefd6ef93566283f411ec0a05f4852b92f2a5b68a5c2c2acd170ac98dcbdc4c2b30787f5b55f3dd88f596852f0bda40ed840dfbb4cc1c8504e729ba724f3fada64e2d3897a3335da5b8c04f1afc2daf2d3a3012b3fec847f663e22a842",
-        "Threefish-256",
-        "9f82b577cf4cca7a504e9f7a2cd7dbb4ef4ac167c716fca19ab1211f195f610f" +
-            "9f82b577cf4cca7a504e9f7a2cd7dbb4ef4ac167c716fca19ab1211f195f610f" +
-            "9f82b577cf4cca7a504e9f7a2cd7dbb4ef4ac167c716fca19ab1211f195f610f" +
-            "9f82b577cf4cca7a504e9f7a2cd7dbb4ef4ac167c716fca19ab1211f195f610f" +
-             "31533aa864e6a40edc3e24b36260d94374893dc2e479793292e29c18a6ee01a9",
-        "Threefish-512",
-        "35d0c46770ebb3bf62fadd48765db209df215d7cd18a8b18d11625e70067e1fa" +
-            "bb98982312ce1fdfccae1a59408e1d5418b400a7bf0d1c4e9ea4afa4395886d7" +
-            "35d0c46770ebb3bf62fadd48765db209df215d7cd18a8b18d11625e70067e1fa" +
-            "bb98982312ce1fdfccae1a59408e1d5418b400a7bf0d1c4e9ea4afa4395886d7" +
-            "ad7ec86b2137af1ddb64794d714c4e1d7b687b19fc9781ef887a0ad7f88e18fc" +
-            "1baa6123ec8bc497e7eb7b5090cfd756fd5333425ed5a240cb96735dea9713d9",
-        "Threefish-1024",
-        "df6d789e301c6a5e22e0cff0b44666630d44ce774a41b628ebaff6adc86d9e66" +
-            "af50a282a4313552bc9b861cb286ab569e2e23b1c97cdb5cb1fde1bacfba9bfb" +
-            "de3b443218e16b6038537b3d803ff5dbd26b13c177a5bfb597ffccca142a5905" +
-            "8c0f74623daa96bff95b716674701034e7947ce0541426fa5177bc1a519b23ba" +
-            "462f1724989612e49ca5e92a0129ec7be576846fe2616664674e16a29ce8679c" +
-            "0adda9034fbd652910c2ae5afacde10281ab18dbeeb83464dc21ff66b0d358ff" +
-            "2328c73aca59e9095a7bca94acc79d10038eab6ef865545bcf73f4caeeba1844" +
-            "6add98350c8276e5abfb8709bb6c01ef3297b862818a4996b744f375b9126e5c",
-        "Threefish-256/CBC/NoPadding",
-        "1c46830ef0a43a0869bf070a87f0d4e63f2458edfa5654bafd8520358dae8bf9" +
-            "2a8c039d41e87bb65a907331dde317450d38aba6cb3885bfbe0aee148503e37b" +
-            "973c5e8a16c4309f7a4229d9943ab403082b5836431b9d1646b619f368e057b3" +
-            "0931ce1b791b641dd3e79f2b536897f3c537e3b4588dc03c3888f9bab3bc7a0e",
-        "Threefish-512/CBC/NoPadding",
-        "caee9b663eba4663de1cd6f17ffc51dc8b808c95f91e12a818ab31436985830b" +
-            "3aa886a93e53849d34e713f36db52bac3557b137328434f41f825f3948a611c6" +
-            "03efe066d8d6d57b15b04729632de0ce5636b8ccd28219ac17ef836734556e15" +
-            "e90356111279412a814b660150323a416138b2b62942f2d0cd08ee0bb45b0dd7",
-        "Threefish-1024/CBC/NoPadding",
-        "7540a8fe54a1a1d117ba1f970a12002cf9e24477daef9439dfc43b79a88a9e87" +
-            "b59be63aa448b4e02e8b9a6464419c35b0b3f97219e6c88ed5429d0f9ffb40bb" +
-            "491f280f4281af177e254828f82e90d196c6bf9afa31926cf5bf0cc3dc81f28a" +
-            "419544ef5907f3b8bf6179da37ff07134d9c6d147521e5c840d5086ec74c1003",
-        "Threefish-256/CBC/PKCS7Padding",
-        "1c46830ef0a43a0869bf070a87f0d4e63f2458edfa5654bafd8520358dae8bf9" +
-            "2a8c039d41e87bb65a907331dde317450d38aba6cb3885bfbe0aee148503e37b" +
-            "973c5e8a16c4309f7a4229d9943ab403082b5836431b9d1646b619f368e057b3" +
-            "0931ce1b791b641dd3e79f2b536897f3c537e3b4588dc03c3888f9bab3bc7a0e" +
-            "f96cb468a5cd39a003f976464a7d072c94cb72a3fe739f101aa7b5452bc3fbba",
-        "Threefish-512/CBC/PKCS7Padding",
-        "caee9b663eba4663de1cd6f17ffc51dc8b808c95f91e12a818ab31436985830b" +
-            "3aa886a93e53849d34e713f36db52bac3557b137328434f41f825f3948a611c6" +
-            "03efe066d8d6d57b15b04729632de0ce5636b8ccd28219ac17ef836734556e15" +
-            "e90356111279412a814b660150323a416138b2b62942f2d0cd08ee0bb45b0dd7" +
-            "03902162280012e59efa15c6beecfbf440a6a0c4474bbbb2f74a0ad31bcd398f" +
-            "b24728c3605a4ced3c92c30a5e231113abafaf6f83a3867978e3cdd74091d09f",
-        "Threefish-1024/CBC/PKCS7Padding",
-        "7540a8fe54a1a1d117ba1f970a12002cf9e24477daef9439dfc43b79a88a9e87" +
-            "b59be63aa448b4e02e8b9a6464419c35b0b3f97219e6c88ed5429d0f9ffb40bb" +
-            "491f280f4281af177e254828f82e90d196c6bf9afa31926cf5bf0cc3dc81f28a" +
-            "419544ef5907f3b8bf6179da37ff07134d9c6d147521e5c840d5086ec74c1003" +
-            "4ddd16ad731ad9a32d0f196a72284f7a8df98918e3e22f1708662edeb1810d2b" +
-            "bafd4200e849f3288b55634b37f99f0f7b2dd192a5944fc211ef9e37b67a829b" +
-            "005a5ec609f736875fdf8946bd79c1daa6c44c9d6733a2223cf8b7e5203b1cfd" +
-            "76995f67e570d9c403b2a2e3f3a89c63c7850ee8d47d4398ac377345a139dda4",
-        "Threefish-256/CTS/NoPadding",
-        "1c46830ef0a43a0869bf070a87f0d4e63f2458edfa5654bafd8520358dae8bf9" +
-            "2a8c039d41e87bb65a907331dde317450d38aba6cb3885bfbe0aee148503e37b" +
-            "0931ce1b791b641dd3e79f2b536897f3c537e3b4588dc03c3888f9bab3bc7a0e" +
-            "973c5e8a16c4309f7a4229d9943ab403082b5836431b9d1646b619f368e057b3",
-        "Threefish-512/CTS/NoPadding",
-        "03efe066d8d6d57b15b04729632de0ce5636b8ccd28219ac17ef836734556e15" +
-            "e90356111279412a814b660150323a416138b2b62942f2d0cd08ee0bb45b0dd7" +
-            "caee9b663eba4663de1cd6f17ffc51dc8b808c95f91e12a818ab31436985830b" +
-            "3aa886a93e53849d34e713f36db52bac3557b137328434f41f825f3948a611c6",
-        "Threefish-1024/CTS/NoPadding",
-        "7540a8fe54a1a1d117ba1f970a12002cf9e24477daef9439dfc43b79a88a9e87b59b" +
-        "e63aa448b4e02e8b9a6464419c35b0b3f97219e6c88ed5429d0f9ffb40bb491f280f" +
-        "4281af177e254828f82e90d196c6bf9afa31926cf5bf0cc3dc81f28a419544ef5907" +
-        "f3b8bf6179da37ff07134d9c6d147521e5c840d5086ec74c1003",
-        "Threefish-256/CBC/WithCTS",
-        "1c46830ef0a43a0869bf070a87f0d4e63f2458edfa5654bafd8520358dae8bf9" +
-            "2a8c039d41e87bb65a907331dde317450d38aba6cb3885bfbe0aee148503e37b" +
-            "0931ce1b791b641dd3e79f2b536897f3c537e3b4588dc03c3888f9bab3bc7a0e" +
-            "973c5e8a16c4309f7a4229d9943ab403082b5836431b9d1646b619f368e057b3",
-        "Threefish-512/CBC/WithCTS",
-        "03efe066d8d6d57b15b04729632de0ce5636b8ccd28219ac17ef836734556e15" +
-            "e90356111279412a814b660150323a416138b2b62942f2d0cd08ee0bb45b0dd7" +
-            "caee9b663eba4663de1cd6f17ffc51dc8b808c95f91e12a818ab31436985830b" +
-            "3aa886a93e53849d34e713f36db52bac3557b137328434f41f825f3948a611c6",
-        "Threefish-1024/CBC/WithCTS",
-        "7540a8fe54a1a1d117ba1f970a12002cf9e24477daef9439dfc43b79a88a9e87b59b" +
-        "e63aa448b4e02e8b9a6464419c35b0b3f97219e6c88ed5429d0f9ffb40bb491f280f" +
-        "4281af177e254828f82e90d196c6bf9afa31926cf5bf0cc3dc81f28a419544ef5907" +
-        "f3b8bf6179da37ff07134d9c6d147521e5c840d5086ec74c1003",
-        "Threefish-256/ECB/TBCPadding",
-        "9f82b577cf4cca7a504e9f7a2cd7dbb4ef4ac167c716fca19ab1211f195f610f" +
-            "9f82b577cf4cca7a504e9f7a2cd7dbb4ef4ac167c716fca19ab1211f195f610f" +
-            "9f82b577cf4cca7a504e9f7a2cd7dbb4ef4ac167c716fca19ab1211f195f610f" +
-            "9f82b577cf4cca7a504e9f7a2cd7dbb4ef4ac167c716fca19ab1211f195f610f" +
-            "89c4e79b90153a821bdd4efd5eb1e2cda89b6a91540a003eef03868472d8cfce",
-        "Threefish-512/ECB/TBCPadding",
-        "35d0c46770ebb3bf62fadd48765db209df215d7cd18a8b18d11625e70067e1fa" +
-            "bb98982312ce1fdfccae1a59408e1d5418b400a7bf0d1c4e9ea4afa4395886d7" +
-            "35d0c46770ebb3bf62fadd48765db209df215d7cd18a8b18d11625e70067e1fa" +
-            "bb98982312ce1fdfccae1a59408e1d5418b400a7bf0d1c4e9ea4afa4395886d7" +
-            "dd6bfa1006e4df51298e382ca397a2c398cdb4d65009dce77c5f0a31f9807218" +
-            "a72372a8a0df3b1bacd5dbfb116ebbe314e0b0cd64fd2c8ae8a81491c2534a2a",
-        "Threefish-1024/ECB/TBCPadding",
-        "df6d789e301c6a5e22e0cff0b44666630d44ce774a41b628ebaff6adc86d9e66" +
-            "af50a282a4313552bc9b861cb286ab569e2e23b1c97cdb5cb1fde1bacfba9bfb" +
-            "de3b443218e16b6038537b3d803ff5dbd26b13c177a5bfb597ffccca142a5905" +
-            "8c0f74623daa96bff95b716674701034e7947ce0541426fa5177bc1a519b23ba" +
-            "7312262dc3a25984847d1b05cb624f5751946f136ee7bd0a9a4bbac5dd3bd213" +
-            "702390d3a53d1a4132f59383cce4fe61e08cd3c73c570190d1c8b60940031ef7" +
-            "42f6775b00fb0b4273a14b46a3fc0e760e02f75dc6100ca9c038c3f151e03145" +
-            "92686fd8cccbee74d246a8c59ad80205c9f9aaeb100ea5812837ee8699753301",
-        "Threefish-256/EAX/NoPadding",
-        "13e8b245045cd24c287c8eff69efff7eb884d6451e06825a16b5877a5c31701d" +
-            "873c4ad59b6920ad065a661dc3318299f2ce6bfffef82c5f8d076ca619fb785b" +
-            "799c08e25920e8e4ec322a5059adf8ccecf19b68233c912c64e95327e65f8643" +
-            "8bc1a9d71a872e706b1fd948c6dd2544ba8cee4e535d0e4fde2034be790b316f" +
-            "71c6eb1b6282d6abe5d47b8918e0bd68",
-        "Threefish-512/EAX/NoPadding",
-        "a27669576966dc3c623f4e14e57cbd039c54dcdf44290905b147b5f2debcc58b" +
-            "5e6c35a18f24de3ad1f5103c67705ba30eab18e02e2813650ab2ab2daabfdf7" +
-            "ebae0ecb2d0b90cc8a3d9cbbd68a4b4542e5289f84dc7f4eff5a9e2589d5aa0" +
-            "bab92db80824956f2b74961456943f8f99c81bc986b4e8a089e9085f665f1bd" +
-            "b455f05cedbaddb01ef90a70a51272fca60f49021fa0b699faef835fa14a32a" +
-            "3152",
-        "Threefish-1024/EAX/NoPadding",
-        "e247bb71d487cd77edb8eabfeb1f8d2501f6b408dd1004f9c2c4463ea897993" +
-            "c2288c8bb0334d56a5e239adf1d463a7dc21c690307a5c48612be7f56d57f48" +
-            "a5a145c4955a7a13a2ae21f49194dc8ce65c4d7d4c88d122dbe6bc869f2d39e" +
-            "04f983344122d15bffb4e0dfdda82512c5d6450a32d019a5f08f214b0843a03" +
-            "22095a9d37588d3d469c1051b473c4d645512a805f06d34971c83e18c5b5dab" +
-            "2e8ed2958f038f7d8133333f90cfef1d72eefc69623e2f07a19ff520b8b4e75" +
-            "3d9255",
-    };
-
-    static byte[]   input1 = Hex.decode("000102030405060708090a0b0c0d0e0fff0102030405060708090a0b0c0d0e0f");
-    static byte[]   input2 = Hex.decode("000102030405060708090a0b0c0d0e0fff0102030405060708090a0b0c");
-    static byte[]   inputLargeBlock = Hex.decode("000102030405060708090a0b0c0d0e0fff0102030405060708090a0b0c0d0e0f" +
-                                                 "000102030405060708090a0b0c0d0e0fff0102030405060708090a0b0c0d0e0f" +
-                                                 "000102030405060708090a0b0c0d0e0fff0102030405060708090a0b0c0d0e0f" +
-                                                 "000102030405060708090a0b0c0d0e0fff0102030405060708090a0b0c0d0e0f");
-
-    static RC2ParameterSpec rc2Spec = new RC2ParameterSpec(128, Hex.decode("0123456789abcdef"));
-    static RC5ParameterSpec rc5Spec = new RC5ParameterSpec(16, 16, 32, Hex.decode("0123456789abcdef"));
-    static RC5ParameterSpec rc564Spec = new RC5ParameterSpec(16, 16, 64, Hex.decode("0123456789abcdef0123456789abcdef"));
-
-    /**
-     * a fake random number generator - we just want to make sure the random numbers
-     * aren't random so that we get the same output, while still getting to test the
-     * key generation facilities.
-     */
-    private class FixedSecureRandom
-        extends SecureRandom
-    {
-        byte[]  seed = {
-                (byte)0xaa, (byte)0xfd, (byte)0x12, (byte)0xf6, (byte)0x59,
-                (byte)0xca, (byte)0xe6, (byte)0x34, (byte)0x89, (byte)0xb4,
-                (byte)0x79, (byte)0xe5, (byte)0x07, (byte)0x6d, (byte)0xde,
-                (byte)0xc2, (byte)0xf0, (byte)0x6c, (byte)0xb5, (byte)0x8f
-        };
-
-        public void nextBytes(
-            byte[]  bytes)
-        {
-            int offset = 0;
-
-            while ((offset + seed.length) < bytes.length)
-            {
-                System.arraycopy(seed, 0, bytes, offset, seed.length);
-                offset += seed.length;
-            }
-
-            System.arraycopy(seed, 0, bytes, offset, bytes.length - offset);
-        }
-    }
-
-    public String getName()
-    {
-        return "BlockCipher";
-    }
-
-    public void test(
-        String      algorithm,
-        byte[]      input,
-        byte[]      output)
-    {
-        Key                     key = null;
-        KeyGenerator            keyGen;
-        SecureRandom            rand;
-        Cipher                  in = null;
-        Cipher                  out = null;
-        CipherInputStream       cIn;
-        CipherOutputStream      cOut;
-        ByteArrayInputStream    bIn;
-        ByteArrayOutputStream   bOut;
-
-        rand = new FixedSecureRandom();
-
-        String baseAlgorithm, mode;
-        try
-        {
-
-            int index = algorithm.indexOf('/');
-
-            if (index > 0)
-            {
-                baseAlgorithm = algorithm.substring(0, index);
-                mode = algorithm.substring(index + 1, algorithm.lastIndexOf('/'));
-            }
-            else
-            {
-                baseAlgorithm = algorithm;
-                mode = null;
-            }
-
-            if (baseAlgorithm.equals("IDEA") & noIDEA())
-            {
-                return;
-            }
-
-            keyGen = KeyGenerator.getInstance(baseAlgorithm, "BC");
-            if (!keyGen.getAlgorithm().equals(baseAlgorithm))
-            {
-                fail("wrong key generator returned!");
-            }
-            keyGen.init(rand);
-
-            key = keyGen.generateKey();
-
-            in = Cipher.getInstance(algorithm, "BC");
-            out = Cipher.getInstance(algorithm, "BC");
-
-            if (!in.getAlgorithm().startsWith(baseAlgorithm))
-            {
-                fail("wrong cipher returned!");
-            }
-
-            if (algorithm.startsWith("RC2"))
-            {
-                out.init(Cipher.ENCRYPT_MODE, key, rc2Spec, rand);
-            }
-            else if (algorithm.startsWith("RC5"))
-            {
-                if (algorithm.startsWith("RC5-64"))
-                {
-                    out.init(Cipher.ENCRYPT_MODE, key, rc564Spec, rand);
-                }
-                else
-                {
-                    out.init(Cipher.ENCRYPT_MODE, key, rc5Spec, rand);
-                }
-            }
-            else
-            {
-                out.init(Cipher.ENCRYPT_MODE, key, rand);
-            }
-        }
-        catch (Exception e)
-        {
-            fail("" + algorithm + " failed initialisation - " + e.toString(), e);
-            return;
-        }
-
-        //
-        // grab the iv if there is one
-        //
-        try
-        {
-            if (algorithm.startsWith("RC2"))
-            {
-                in.init(Cipher.DECRYPT_MODE, key, rc2Spec);
-            }
-            else if (algorithm.startsWith("RC5"))
-            {
-                if (algorithm.startsWith("RC5-64"))
-                {
-                    in.init(Cipher.DECRYPT_MODE, key, rc564Spec, rand);
-                }
-                else
-                {
-                    in.init(Cipher.DECRYPT_MODE, key, rc5Spec, rand);
-                }
-            }
-            else
-            {
-                byte[]    iv;
-
-                iv = out.getIV();
-                if (iv != null)
-                {
-                    if (!shortIvOkay.contains(mode))
-                    {
-                        try
-                        {
-                            byte[] nIv = new byte[iv.length - 1];
-
-                            in.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(nIv));
-                            fail("failed to pick up short IV");
-                        }
-                        catch (InvalidAlgorithmParameterException e)
-                        {
-                            // ignore - this is what we want...
-                        }
-                    }
-
-                    IvParameterSpec    spec;
-
-                    spec = new IvParameterSpec(iv);
-
-                    in.init(Cipher.DECRYPT_MODE, key, spec);
-                }
-                else
-                {
-                    in.init(Cipher.DECRYPT_MODE, key);
-                }
-            }
-        }
-        catch (TestFailedException e)
-        {
-            throw e;
-        }
-        catch (Exception e)
-        {
-            fail("" + algorithm + " failed initialisation - " + e.toString());
-        }
-
-        //
-        // encryption pass
-        //
-        bOut = new ByteArrayOutputStream();
-
-        cOut = new CipherOutputStream(bOut, out);
-
-        try
-        {
-            for (int i = 0; i != input.length / 2; i++)
-            {
-                cOut.write(input[i]);
-            }
-            cOut.write(input, input.length / 2, input.length - input.length / 2);
-            cOut.close();
-        }
-        catch (IOException e)
-        {
-            fail("" + algorithm + " failed encryption - " + e.toString());
-        }
-
-        byte[]    bytes;
-
-        bytes = bOut.toByteArray();
-
-        if (!areEqual(bytes, output))
-        {
-            fail("" + algorithm + " failed encryption - expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(bytes)));
-        }
-
-        //
-        // decryption pass
-        //
-        bIn = new ByteArrayInputStream(bytes);
-
-        cIn = new CipherInputStream(bIn, in);
-
-        try
-        {
-            DataInputStream dIn = new DataInputStream(cIn);
-
-            bytes = new byte[input.length];
-
-            for (int i = 0; i != input.length / 2; i++)
-            {
-                bytes[i] = (byte)dIn.read();
-            }
-            dIn.readFully(bytes, input.length / 2, bytes.length - input.length / 2);
-
-            dIn.close();
-        }
-        catch (Exception e)
-        {
-            fail("" + algorithm + " failed decryption - " + e.toString());
-        }
-
-        if (!areEqual(bytes, input))
-        {
-            fail("" + algorithm + " failed decryption - expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(bytes)));
-        }
-
-        //
-        // short buffer test
-        //
-        try
-        {
-            byte[] out1 = new byte[input.length / 2];
-
-            try
-            {
-                in.doFinal(output, 0, output.length, out1, 0);
-
-                fail("ShortBufferException not triggered");
-            }
-            catch (ShortBufferException e)
-            {
-                byte[] out2 = new byte[in.getOutputSize(output.length)];
-
-                int count = in.doFinal(output, 0, output.length, out2, 0);
-
-                if (!areEqual(out2, count, input))
-                {
-                    fail("doFinal " + algorithm + " failed decryption - expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out2)));
-                }
-            }
-        }
-        catch (TestFailedException e)
-        {
-            throw e;
-        }
-        catch (Exception e)
-        {
-            fail("" + algorithm + " failed short buffer decryption - " + e.toString());
-        }
-
-        try
-        {
-            if (algorithm.indexOf("CCM") < 0 && algorithm.indexOf("Threefish") < 0 && algorithm.indexOf("PGPCFB") < 0)
-            {
-                //
-                // short buffer on update test
-                //
-                byte[] input2 = new byte[input.length * 8];
-
-                System.arraycopy(input, 0, input2, 0, input.length);
-                System.arraycopy(input, 0, input2, input.length, input.length);
-                System.arraycopy(input, 0, input2, input.length * 2, input.length);
-                System.arraycopy(input, 0, input2, input.length * 3, input.length);
-
-                if (algorithm.indexOf("GCM") > 0)
-                {
-                    out = Cipher.getInstance(algorithm, "BC");
-                    out.init(Cipher.ENCRYPT_MODE, key, rand);
-                }
-
-                byte[] output2 = out.doFinal(input2);
-
-                if (algorithm.indexOf("GCM") > 0)
-                {
-                    out = Cipher.getInstance(algorithm, "BC");
-                    out.init(Cipher.ENCRYPT_MODE, key, rand);
-                }
-                
-                byte[] out1 = new byte[input2.length / 2 - out.getBlockSize() * 2 - 1];
-
-                try
-                {
-                    out.update(input2, 0, input2.length / 2, out1, 0);
-
-                    fail("ShortBufferException not triggered: " + algorithm + " " + input2.length);
-                }
-                catch (ShortBufferException e)
-                {
-                    byte[] out2 = new byte[out.getOutputSize(input2.length / 2)];
-
-                    System.arraycopy(input2, 0, out2, 0, out2.length);
-
-                    int count = out.update(out2, 0, out2.length, out2, 0);
-
-                    if (!areEqual(out2, count, Arrays.copyOfRange(output2, 0, count)))
-                    {
-                        fail("update " + algorithm + " failed decryption - expected " + new String(Hex.encode(output2)) + " got " + new String(Hex.encode(out2)));
-                    }
-                }
-            }
-
-            serialiseTest(algorithm, input, output);
-        }
-        catch (TestFailedException e)
-        {
-            throw e;
-        }
-        catch (Exception e)
-        {
-            fail("" + algorithm + " failed short buffer decryption - " + e.toString());
-        }
-     }
-
-     private void serialiseTest(
-         String algorithm,
-         byte[] input,
-         byte[] output)
-         throws Exception
-     {
-         Key key = null;
-         KeyGenerator keyGen;
-         SecureRandom rand;
-         Cipher in = null;
-         Cipher out = null;
-         CipherInputStream cIn;
-         CipherOutputStream cOut;
-         ByteArrayInputStream bIn;
-         ByteArrayOutputStream bOut;
-
-         rand = new FixedSecureRandom();
-
-         String baseAlgorithm, mode;
-         int index = algorithm.indexOf('/');
-
-         if (index > 0)
-         {
-             baseAlgorithm = algorithm.substring(0, index);
-             mode = algorithm.substring(index + 1, algorithm.lastIndexOf('/'));
-         }
-         else
-         {
-             baseAlgorithm = algorithm;
-             mode = null;
-         }
-
-         keyGen = KeyGenerator.getInstance(baseAlgorithm, "BC");
-         if (!keyGen.getAlgorithm().equals(baseAlgorithm))
-         {
-             fail("wrong key generator returned!");
-         }
-         keyGen.init(rand);
-
-         key = keyGen.generateKey();
-
-         bOut = new ByteArrayOutputStream();
-         ObjectOutputStream oOut = new ObjectOutputStream(bOut);
-
-         oOut.writeObject(key);
-
-         bIn = new ByteArrayInputStream(bOut.toByteArray());
-         ObjectInputStream oIn = new ObjectInputStream(bIn);
-
-         in = Cipher.getInstance(algorithm, "BC");
-         out = Cipher.getInstance(algorithm, "BC");
-
-         key = (Key)oIn.readObject();
-
-         if (!in.getAlgorithm().startsWith(baseAlgorithm))
-         {
-             fail("wrong cipher returned!");
-         }
-
-         if (algorithm.startsWith("RC2"))
-         {
-             if (baseAlgorithm.equals(algorithm) || algorithm.indexOf("ECB") > 0)
-             {
-                 out.init(Cipher.ENCRYPT_MODE, key, new RC2ParameterSpec(rc2Spec.getEffectiveKeyBits()), rand);
-             }
-             else
-             {
-                 out.init(Cipher.ENCRYPT_MODE, key, rc2Spec, rand);
-             }
-         }
-         else if (algorithm.startsWith("RC5"))
-         {
-             if (algorithm.startsWith("RC5-64"))
-             {
-                 out.init(Cipher.ENCRYPT_MODE, key, rc564Spec, rand);
-             }
-             else
-             {
-                 out.init(Cipher.ENCRYPT_MODE, key, rc5Spec, rand);
-             }
-         }
-         else
-         {
-             out.init(Cipher.ENCRYPT_MODE, key, rand);
-         }
-
-         //
-         // grab the iv if there is one
-         //
-         if (algorithm.startsWith("RC2"))
-         {
-             if (baseAlgorithm.equals(algorithm) || algorithm.indexOf("ECB") > 0)
-             {
-                 in.init(Cipher.DECRYPT_MODE, key, new RC2ParameterSpec(rc2Spec.getEffectiveKeyBits()), rand);
-             }
-             else
-             {
-                 in.init(Cipher.DECRYPT_MODE, key, rc2Spec, rand);
-             }
-         }
-         else if (algorithm.startsWith("RC5"))
-         {
-             if (algorithm.startsWith("RC5-64"))
-             {
-                 in.init(Cipher.DECRYPT_MODE, key, rc564Spec, rand);
-             }
-             else
-             {
-                 in.init(Cipher.DECRYPT_MODE, key, rc5Spec, rand);
-             }
-         }
-         else
-         {
-             byte[] iv;
-
-             iv = out.getIV();
-             if (iv != null)
-             {
-                 if (!shortIvOkay.contains(mode))
-                 {
-                     try
-                     {
-                         byte[] nIv = new byte[iv.length - 1];
-
-                         in.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(nIv));
-                         fail("failed to pick up short IV");
-                     }
-                     catch (InvalidAlgorithmParameterException e)
-                     {
-                         // ignore - this is what we want...
-                     }
-                 }
-
-                 IvParameterSpec spec;
-
-                 spec = new IvParameterSpec(iv);
-
-                 in.init(Cipher.DECRYPT_MODE, key, spec);
-             }
-             else
-             {
-                 in.init(Cipher.DECRYPT_MODE, key);
-             }
-         }
-
-         //
-         // encryption pass
-         //
-         bOut = new ByteArrayOutputStream();
-
-         cOut = new CipherOutputStream(bOut, out);
-
-         try
-         {
-             for (int i = 0; i != input.length / 2; i++)
-             {
-                 cOut.write(input[i]);
-             }
-
-             cOut.write(input, input.length / 2, input.length - input.length / 2);
-             cOut.close();
-         }
-         catch (IOException e)
-         {
-             fail("" + algorithm + " failed encryption - " + e.toString());
-         }
-
-         byte[] bytes;
-
-         bytes = bOut.toByteArray();
-
-         if (!Arrays.areEqual(bytes, output))
-         {
-             fail("" + algorithm + " failed encryption - expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(bytes)));
-         }
-
-         //
-         // decryption pass
-         //
-         bIn = new ByteArrayInputStream(bytes);
-
-         cIn = new CipherInputStream(bIn, in);
-
-         try
-         {
-             DataInputStream dIn = new DataInputStream(cIn);
-
-             bytes = new byte[input.length];
-
-             for (int i = 0; i != input.length / 2; i++)
-             {
-                 bytes[i] = (byte)dIn.read();
-             }
-             dIn.readFully(bytes, input.length / 2, bytes.length - input.length / 2);
-
-             dIn.close();
-         }
-         catch (Exception e)
-         {
-             fail("" + algorithm + " failed decryption - " + e.toString());
-         }
-
-         if (!Arrays.areEqual(bytes, input))
-         {
-             fail("" + algorithm + " failed decryption - expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(bytes)));
-         }
-     }
-
-
-    private boolean noIDEA()
-    {
-        try
-        {
-            Cipher.getInstance("IDEA", "BC");
-
-            return false;
-        }
-        catch (Exception e)
-        {
-            return true;
-        }
-    }
-
-    private boolean areEqual(byte[] a, int aLen, byte[] b)
-    {
-        if (b.length != aLen)
-        {
-            return false;
-        }
-
-        for (int i = 0; i != aLen; i++)
-        {
-            if (a[i] != b[i])
-            {
-                return false;
-            }
-        }
-
-        return true;
-    }
-
-    private void testExceptions()
-    {
-        SecretKeyFactory skF = null;
-        
-        try
-        {
-            skF = SecretKeyFactory.getInstance("DESede", "BC");
-        }
-        catch (Exception e)
-        {
-            fail("unexpected exception.", e);
-        }
-        
-        KeySpec ks = null;
-        SecretKey secKey = null;
-        byte[] bb = new byte[24];
-
-        try
-        {
-            skF.getKeySpec(null, null);
-            
-            fail("failed exception test - no exception thrown");
-        }
-        catch (InvalidKeySpecException e)
-        {
-            // ignore okay
-        }
-        catch (Exception e)
-        {
-            fail("failed exception test.", e);
-        }
-        try
-        {
-            ks = (KeySpec)new DESedeKeySpec(bb);
-            skF.getKeySpec(null, ks.getClass());
-            
-            fail("failed exception test - no exception thrown");
-        }
-        catch (InvalidKeySpecException e)
-        {
-            // ignore okay;
-        }
-        catch (Exception e)
-        {
-            fail("failed exception test.", e);
-        }
-        try
-        {
-            skF.getKeySpec(secKey, null);
-        }
-        catch (InvalidKeySpecException e)
-        {
-            // ignore okay
-        }
-        catch (Exception e)
-        {
-            fail("failed exception test.", e);
-        }
-        
-        try
-        {
-            KeyGenerator kg = KeyGenerator.getInstance("DESede", "BC");
-            try
-            {
-                kg.init(Integer.MIN_VALUE, new SecureRandom());
-                
-                fail("failed exception test - no exception thrown");
-            }
-            catch (InvalidParameterException e)
-            {
-                // ignore okay
-            }
-            catch (Exception e)
-            {
-                fail("failed exception test.", e);
-            }
-        }
-        catch (Exception e)
-        {
-            fail("unexpected exception.", e);
-        }
-
-        try
-        {
-            skF = SecretKeyFactory.getInstance("DESede", "BC");
-
-            try
-            {
-                skF.translateKey(null);
-                
-                fail("failed exception test - no exception thrown");
-            }
-            catch (InvalidKeyException e)
-            {
-                // ignore okay
-            }
-            catch (Exception e)
-            {
-                fail("failed exception test.", e);
-            }
-        }
-        catch (Exception e)
-        {
-            fail("unexpected exception.", e);
-        }
-        
-        try
-        {
-            byte[] rawDESKey = { (byte)128, (byte)131, (byte)133, (byte)134,
-                    (byte)137, (byte)138, (byte)140, (byte)143 };
-
-            SecretKeySpec cipherKey = new SecretKeySpec(rawDESKey, "DES");
-
-            Cipher cipher = Cipher.getInstance("DES/CBC/NoPadding", "BC");
-            
-            try
-            {
-                // According specification engineInit(int opmode, Key key,
-                // SecureRandom random) throws InvalidKeyException if this
-                // cipher is being
-                // initialized for decryption and requires algorithm parameters
-                // that cannot be determined from the given key
-                cipher.init(Cipher.DECRYPT_MODE, cipherKey, (SecureRandom)null);
-                
-                fail("failed exception test - no InvalidKeyException thrown");
-            }
-            catch (InvalidKeyException e)
-            {
-                // ignore
-            }
-        }
-        catch (Exception e)
-        {
-            fail("unexpected exception.", e);
-        }
-
-        try
-        {
-            byte[] rawDESKey = { -128, -125, -123, -122, -119, -118 };
-
-            SecretKeySpec cipherKey = new SecretKeySpec(rawDESKey, "DES");
-            Cipher cipher = Cipher.getInstance("DES/ECB/NoPadding", "BC");
-            try
-            {
-                // According specification engineInit(int opmode, Key key,
-                // SecureRandom random) throws InvalidKeyException if the given
-                // key is inappropriate for initializing this cipher
-                cipher.init(Cipher.ENCRYPT_MODE, cipherKey);
-                
-                fail("failed exception test - no InvalidKeyException thrown");
-            }
-            catch (InvalidKeyException e)
-            {
-                // ignore
-            }
-        }
-        catch (Exception e)
-        {
-            fail("unexpected exception.", e);
-        }
-
-        try
-        {
-            byte[] rawDESKey = { -128, -125, -123, -122, -119, -118, -117, -115, -114 };
-
-            SecretKeySpec cipherKey = new SecretKeySpec(rawDESKey, "DES");
-            Cipher cipher = Cipher.getInstance("DES/ECB/NoPadding", "BC");
-            try
-            {
-                // According specification engineInit(int opmode, Key key,
-                // SecureRandom random) throws InvalidKeyException if the given
-                // key is inappropriate for initializing this cipher
-                cipher.init(Cipher.ENCRYPT_MODE, cipherKey);
-                
-                fail("failed exception test - no InvalidKeyException thrown");
-            }
-            catch (InvalidKeyException e)
-            {
-                // ignore
-            }
-        }
-        catch (Exception e)
-        {
-            fail("unexpected exception.", e);
-        }
-        
-
-        try
-        {
-            byte[] rawDESKey = { (byte)128, (byte)131, (byte)133, (byte)134,
-                    (byte)137, (byte)138, (byte)140, (byte)143 };
-
-            SecretKeySpec cipherKey = new SecretKeySpec(rawDESKey, "DES");
-            Cipher ecipher = Cipher.getInstance("DES/ECB/PKCS5Padding", "BC");
-            ecipher.init(Cipher.ENCRYPT_MODE, cipherKey);
-
-            byte[] cipherText = new byte[0];
-            try
-            {
-                // According specification Method engineUpdate(byte[] input,
-                // int inputOffset, int inputLen, byte[] output, int
-                // outputOffset)
-                // throws ShortBufferException - if the given output buffer is
-                // too
-                // small to hold the result
-                ecipher.update(new byte[20], 0, 20, cipherText);
-                
-                fail("failed exception test - no ShortBufferException thrown");
-            }
-            catch (ShortBufferException e)
-            {
-                // ignore
-            }
-        }
-        catch (Exception e)
-        {
-            fail("unexpected exception.", e);
-        }
-
-        try
-        {
-            byte[] rawDESKey = { (byte)128, (byte)131, (byte)133, (byte)134,
-                    (byte)137, (byte)138, (byte)140, (byte)143 };
-
-            SecretKeySpec cipherKey = new SecretKeySpec(rawDESKey, "DES");
-            Cipher ecipher = Cipher.getInstance("DES/ECB/PKCS5Padding", "BC");
-            ecipher.init(Cipher.ENCRYPT_MODE, cipherKey);
-
-            byte[] cipherText = new byte[0];
-            try
-            {
-                // According specification Method enginedoFinal(byte[] input,
-                // int inputOffset, int inputLen, byte[] output, int
-                // outputOffset)
-                // throws ShortBufferException - if the given output buffer is
-                // too
-                // small to hold the result
-                ecipher.doFinal(new byte[20], 0, 20, cipherText);
-
-                fail("failed exception test - no ShortBufferException thrown");
-            }
-            catch (ShortBufferException e)
-            {
-                // ignore
-            }
-        }
-        catch (Exception e)
-        {
-            fail("unexpected exception.", e);
-        }
-
-        try
-        {
-            KeyGenerator keyGen = KeyGenerator.getInstance("DES", "BC");
-
-            keyGen.init((SecureRandom)null);
-
-            // According specification engineGenerateKey() doesn't throw any exceptions.
-
-            SecretKey key = keyGen.generateKey();
-            if (key == null)
-            {
-                fail("key is null!");
-            }
-        }
-        catch (Exception e)
-        {
-            fail("unexpected exception.", e);
-        }
-
-        try
-        {
-            AlgorithmParameters algParams = AlgorithmParameters.getInstance("DES", "BC");
-            
-            algParams.init(new IvParameterSpec(new byte[8]));
-
-            // According specification engineGetEncoded() returns
-            // the parameters in their primary encoding format. The primary
-            // encoding
-            // format for parameters is ASN.1, if an ASN.1 specification for
-            // this type
-            // of parameters exists.
-            byte[] iv = algParams.getEncoded();
-            
-            if (iv.length != 10)
-            {
-                fail("parameters encoding wrong length - "  + iv.length);
-            }
-        }
-        catch (Exception e)
-        {
-            fail("unexpected exception.", e);
-        }
-
-        try
-        {
-            try
-            {
-                AlgorithmParameters algParams = AlgorithmParameters.getInstance("DES", "BC");
-    
-                byte[] encoding = new byte[10];
-                encoding[0] = 3;
-                encoding[1] = 8;
-    
-                // According specification engineInit(byte[] params, String format)
-                // throws
-                // IOException on decoding errors, but BC throws ClassCastException.
-                algParams.init(encoding, "ASN.1");
-    
-                fail("failed exception test - no IOException thrown");
-            }
-            catch (IOException e)
-            {
-                // okay
-            }
-            
-            try
-            {
-                Cipher c = Cipher.getInstance("DES", "BC");
-    
-                Key k = new PublicKey()
-                {
-
-                    public String getAlgorithm()
-                    {
-                        return "STUB";
-                    }
-
-                    public String getFormat()
-                    {
-                        return null;
-                    }
-
-                    public byte[] getEncoded()
-                    {
-                        return null;
-                    }
-                    
-                };
-    
-                c.init(Cipher.ENCRYPT_MODE, k);
-    
-                fail("failed exception test - no InvalidKeyException thrown for public key");
-            }
-            catch (InvalidKeyException e)
-            {
-                // okay
-            }
-            
-            try
-            {
-                Cipher c = Cipher.getInstance("DES", "BC");
-    
-                Key k = new PrivateKey()
-                {
-
-                    public String getAlgorithm()
-                    {
-                        return "STUB";
-                    }
-
-                    public String getFormat()
-                    {
-                        return null;
-                    }
-
-                    public byte[] getEncoded()
-                    {
-                        return null;
-                    }
-                    
-                };
-    
-                c.init(Cipher.DECRYPT_MODE, k);
-    
-                fail("failed exception test - no InvalidKeyException thrown for private key");
-            }
-            catch (InvalidKeyException e)
-            {
-                // okay
-            }
-        }
-        catch (Exception e)
-        {
-            fail("unexpected exception.", e);
-        }
-    }
-    
-    public void performTest()
-    {
-        for (int i = 0; i != cipherTests1.length; i += 2)
-        {
-            test(cipherTests1[i], input1, Hex.decode(cipherTests1[i + 1]));
-        }
-
-        for (int i = 0; i != cipherTests2.length; i += 2)
-        {
-            test(cipherTests2[i], input2, Hex.decode(cipherTests2[i + 1]));
-        }
-
-        for (int i = 0; i != cipherTestsLargeBlock.length; i += 2)
-        {
-            test(cipherTestsLargeBlock[i], inputLargeBlock, Hex.decode(cipherTestsLargeBlock[i + 1]));
-        }
-
-        //
-        // check for less than a block
-        //
-        try
-        {
-            Cipher c = Cipher.getInstance("AES/CTS/NoPadding", "BC");
-            
-            c.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(new byte[16], "AES"));
-            
-            c.doFinal(new byte[4]);
-            
-            fail("CTS failed to throw exception");
-        }
-        catch (Exception e)
-        {
-            if (!(e instanceof IllegalBlockSizeException))
-            {
-                fail("CTS exception test - " + e, e);
-            }
-        }
-        
-        testExceptions();
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new BlockCipherTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CMacTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CMacTest.java
deleted file mode 100644
index e9702e6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CMacTest.java
+++ /dev/null

@@ -1,329 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.security.Key;
-import java.security.Security;
-
-import javax.crypto.Mac;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * CMAC tester - <a href="http://www.nuee.nagoya-u.ac.jp/labs/tiwata/omac/tv/omac1-tv.txt">AES Official Test Vectors</a>.
- */
-public class CMacTest
-    extends SimpleTest
-{
-    private static final byte[] keyBytes128 = Hex.decode("2b7e151628aed2a6abf7158809cf4f3c");
-    private static final byte[] keyBytes192 = Hex.decode(
-              "8e73b0f7da0e6452c810f32b809079e5"
-            + "62f8ead2522c6b7b");
-    private static final byte[] keyBytes256 = Hex.decode(
-              "603deb1015ca71be2b73aef0857d7781"
-            + "1f352c073b6108d72d9810a30914dff4");
-
-    private static final byte[] input0 = Hex.decode("");
-    private static final byte[] input16 = Hex.decode("6bc1bee22e409f96e93d7e117393172a");
-    private static final byte[] input40 = Hex.decode(
-              "6bc1bee22e409f96e93d7e117393172a"
-            + "ae2d8a571e03ac9c9eb76fac45af8e5130c81c46a35ce411");
-    private static final byte[] input64 = Hex.decode(
-              "6bc1bee22e409f96e93d7e117393172a"
-            + "ae2d8a571e03ac9c9eb76fac45af8e51"
-            + "30c81c46a35ce411e5fbc1191a0a52ef"
-            + "f69f2445df4f9b17ad2b417be66c3710");
-
-    private static final byte[] output_k128_m0 = Hex.decode("bb1d6929e95937287fa37d129b756746");
-    private static final byte[] output_k128_m16 = Hex.decode("070a16b46b4d4144f79bdd9dd04a287c");
-    private static final byte[] output_k128_m40 = Hex.decode("dfa66747de9ae63030ca32611497c827");
-    private static final byte[] output_k128_m64 = Hex.decode("51f0bebf7e3b9d92fc49741779363cfe");
-
-    private static final byte[] output_k192_m0 = Hex.decode("d17ddf46adaacde531cac483de7a9367");
-    private static final byte[] output_k192_m16 = Hex.decode("9e99a7bf31e710900662f65e617c5184");
-    private static final byte[] output_k192_m40 = Hex.decode("8a1de5be2eb31aad089a82e6ee908b0e");
-    private static final byte[] output_k192_m64 = Hex.decode("a1d5df0eed790f794d77589659f39a11");
-
-    private static final byte[] output_k256_m0 = Hex.decode("028962f61b7bf89efc6b551f4667d983");
-    private static final byte[] output_k256_m16 = Hex.decode("28a7023f452e8f82bd4bf28d8c37c35c");
-    private static final byte[] output_k256_m40 = Hex.decode("aaf3d8f1de5640c232f5b169b9c911e6");
-    private static final byte[] output_k256_m64 = Hex.decode("e1992190549f6ed5696a2c056c315410");
-
-    private final byte[] output_des_ede = Hex.decode("1ca670dea381d37c");
-
-    private static final byte[] general_input = Strings.toByteArray("The quick brown fox jumps over the lazy dog.");
-
-    public CMacTest()
-    {
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        Mac mac = Mac.getInstance("AESCMAC", "BC");
-
-        //128 bytes key
-
-        SecretKeySpec key = new SecretKeySpec(keyBytes128, "AES");
-
-        // 0 bytes message - 128 bytes key
-        mac.init(key);
-
-        mac.update(input0, 0, input0.length);
-
-        byte[] out = new byte[mac.getMacLength()];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output_k128_m0))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output_k128_m0))
-                + " got " + new String(Hex.encode(out)));
-        }
-
-        // 16 bytes message - 128 bytes key
-        mac.init(key);
-
-        mac.update(input16, 0, input16.length);
-
-        out = new byte[mac.getMacLength()];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output_k128_m16))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output_k128_m16))
-                + " got " + new String(Hex.encode(out)));
-        }
-
-        // 40 bytes message - 128 bytes key
-        mac.init(key);
-
-        mac.update(input40, 0, input40.length);
-
-        out = new byte[mac.getMacLength()];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output_k128_m40))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output_k128_m40))
-                + " got " + new String(Hex.encode(out)));
-        }
-
-        // 64 bytes message - 128 bytes key
-        mac.init(key);
-
-        mac.update(input64, 0, input64.length);
-
-        out = new byte[mac.getMacLength()];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output_k128_m64))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output_k128_m64))
-                + " got " + new String(Hex.encode(out)));
-        }
-
-        //192 bytes key
-
-        key = new SecretKeySpec(keyBytes192, "AES");
-
-        // 0 bytes message - 192 bytes key
-        mac.init(key);
-
-        mac.update(input0, 0, input0.length);
-
-        out = new byte[mac.getMacLength()];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output_k192_m0))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output_k192_m0))
-                + " got " + new String(Hex.encode(out)));
-        }
-
-        // 16 bytes message - 192 bytes key
-        mac.init(key);
-
-        mac.update(input16, 0, input16.length);
-
-        out = new byte[mac.getMacLength()];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output_k192_m16))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output_k192_m16))
-                + " got " + new String(Hex.encode(out)));
-        }
-
-        // 40 bytes message - 192 bytes key
-        mac.init(key);
-
-        mac.update(input40, 0, input40.length);
-
-        out = new byte[mac.getMacLength()];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output_k192_m40))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output_k192_m40))
-                + " got " + new String(Hex.encode(out)));
-        }
-
-        // 64 bytes message - 192 bytes key
-        mac.init(key);
-
-        mac.update(input64, 0, input64.length);
-
-        out = new byte[mac.getMacLength()];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output_k192_m64))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output_k192_m64))
-                + " got " + new String(Hex.encode(out)));
-        }
-
-        //256 bytes key
-
-        key = new SecretKeySpec(keyBytes256, "AES");
-
-        // 0 bytes message - 256 bytes key
-        mac.init(key);
-
-        mac.update(input0, 0, input0.length);
-
-        out = new byte[mac.getMacLength()];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output_k256_m0))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output_k256_m0))
-                + " got " + new String(Hex.encode(out)));
-        }
-
-        // 16 bytes message - 256 bytes key
-        mac.init(key);
-
-        mac.update(input16, 0, input16.length);
-
-        out = new byte[mac.getMacLength()];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output_k256_m16))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output_k256_m16))
-                + " got " + new String(Hex.encode(out)));
-        }
-
-        // 40 bytes message - 256 bytes key
-        mac.init(key);
-
-        mac.update(input40, 0, input40.length);
-
-        out = new byte[mac.getMacLength()];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output_k256_m40))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output_k256_m40))
-                + " got " + new String(Hex.encode(out)));
-        }
-
-        // 64 bytes message - 256 bytes key
-        mac.init(key);
-
-        mac.update(input64, 0, input64.length);
-
-        out = new byte[mac.getMacLength()];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output_k256_m64))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output_k256_m64))
-                + " got " + new String(Hex.encode(out)));
-        }
-
-        mac = Mac.getInstance("DESedeCMAC", "BC");
-
-        //DESede
-
-        key = new SecretKeySpec(keyBytes128, "DESede");
-
-        // 0 bytes message - 128 bytes key
-        mac.init(key);
-
-        mac.update(input0, 0, input0.length);
-
-        out = new byte[mac.getMacLength()];
-
-        mac.doFinal(out, 0);
-
-        if (!areEqual(out, output_des_ede))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output_des_ede))
-                + " got " + new String(Hex.encode(out)));
-        }
-
-        testCMac(Mac.getInstance("DESedeCMAC", "BC"), keyBytes128, "DESede", input0, output_des_ede);
-
-        testCMac(Mac.getInstance("BlowfishCMAC", "BC"), "2b7e151628aed2a6abf7158809cf4f3c", "Blowfish", "875d73b9bc3de78a");
-        testCMac(Mac.getInstance("SEED-CMAC", "BC"),  "2b7e151628aed2a6abf7158809cf4f3c", "SEED", "73624c03548a1aaeab9104e47fbd14b1");
-        testCMac(Mac.getInstance("SM4-CMAC", "BC"),  "2b7e151628aed2a6abf7158809cf4f3c", "SM4", "25b84c0bb3f0cb0c285148a62a09940a");
-        testCMac(Mac.getInstance("SHACAL-2CMAC", "BC"),  "2b7e151628aed2a6abf7158809cf4f3c", "SHACAL-2", "794b2766cd0d550877f1ded48ab74f9ddff20f32e6d69fae8a1ede4205e7d640");
-        testCMac(Mac.getInstance("Threefish-256CMAC", "BC"),  "2b7e151628aed2a6abf7158809cf4f3c2b7e151628aed2a6abf7158809cf4f3c", "Threefish-256", "107a7afec4d17ba4a7bf6b80e5f34b39d066abf168d413ddd16d7ad97515bfff");
-        testCMac(Mac.getInstance("Threefish-512CMAC", "BC"),  "2b7e151628aed2a6abf7158809cf4f3c2b7e151628aed2a6abf7158809cf4f3c2b7e151628aed2a6abf7158809cf4f3c2b7e151628aed2a6abf7158809cf4f3c", "Threefish-512", "b3499567f5846fa6de3bd3f8d885d726976026cd0b04ec2e95431d9aed7743b7c1629d5759b3bca48aeb0c76a905ddfed5cd45c598dfd41d3a9f5964b3a6c4cf");
-        testCMac(Mac.getInstance("Threefish-1024CMAC", "BC"),  "2b7e151628aed2a6abf7158809cf4f3c2b7e151628aed2a6abf7158809cf4f3c2b7e151628aed2a6abf7158809cf4f3c2b7e151628aed2a6abf7158809cf4f3c2b7e151628aed2a6abf7158809cf4f3c2b7e151628aed2a6abf7158809cf4f3c2b7e151628aed2a6abf7158809cf4f3c2b7e151628aed2a6abf7158809cf4f3c",
-            "Threefish-1024", "644009204fcf388e692f989c435a41b4218c6cb7ee3589170e3cf791d007f5c9fd0b389be769f144d36ea19b4c7489812a68c81ba7cc756c6d143a4bbe3175a415897b70f736cd4251b98cff3d357d0c2a1036d0df154bf6cf514c04ce01c1059002082c4792dbb4b7638aa04064d8b93c2c8fe5512f2e05d14ac9bf66397dea");
-    }
-
-    private void testCMac(Mac mac, String keyBytes, String algorithm, String expected)
-        throws Exception
-    {
-        testCMac(mac, Hex.decode(keyBytes), algorithm, general_input, Hex.decode(expected));
-    }
-
-    private void testCMac(Mac mac, byte[] keyBytes, String algorithm, byte[] input, byte[] expected)
-        throws Exception
-    {
-         Key key = new SecretKeySpec(keyBytes, algorithm);
-
-         mac.init(key);
-
-         mac.update(input, 0, input.length);
-
-         byte[] out = new byte[mac.getMacLength()];
-
-         mac.doFinal(out, 0);
-
-         if (!areEqual(out, expected))
-         {
-             fail("Failed - expected " + new String(Hex.encode(expected))
-                 + " got " + new String(Hex.encode(out)));
-         }
-    }
-
-    public String getName()
-    {
-        return "CMac";
-    }
-
-    public static void main(String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new CMacTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CRL5Test.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CRL5Test.java
deleted file mode 100644
index 8b1c022..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CRL5Test.java
+++ /dev/null

@@ -1,268 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.security.Security;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509CRL;
-import java.security.cert.X509CRLEntry;
-import java.util.Iterator;
-import java.util.Set;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class CRL5Test
-    extends SimpleTest
-{
-    byte[] inDirectCrl = Base64.decode(
-            "MIIdXjCCHMcCAQEwDQYJKoZIhvcNAQEFBQAwdDELMAkGA1UEBhMCREUxHDAaBgNV"
-            +"BAoUE0RldXRzY2hlIFRlbGVrb20gQUcxFzAVBgNVBAsUDlQtVGVsZVNlYyBUZXN0"
-            +"MS4wDAYHAoIGAQoHFBMBMTAeBgNVBAMUF1QtVGVsZVNlYyBUZXN0IERJUiA4OlBO"
-            +"Fw0wNjA4MDQwODQ1MTRaFw0wNjA4MDQxNDQ1MTRaMIIbfzB+AgQvrj/pFw0wMzA3"
-            +"MjIwNTQxMjhaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD"
-            +"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU"
-            +"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP+oXDTAzMDcyMjA1NDEyOFowZzBlBgNV"
-            +"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
-            +"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6"
-            +"UE4wfgIEL64/5xcNMDQwNDA1MTMxODE3WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw"
-            +"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC"
-            +"BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/oFw0wNDA0"
-            +"MDUxMzE4MTdaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD"
-            +"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU"
-            +"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP+UXDTAzMDExMzExMTgxMVowZzBlBgNV"
-            +"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
-            +"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6"
-            +"UE4wfgIEL64/5hcNMDMwMTEzMTExODExWjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw"
-            +"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC"
-            +"BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/jFw0wMzAx"
-            +"MTMxMTI2NTZaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD"
-            +"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU"
-            +"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP+QXDTAzMDExMzExMjY1NlowZzBlBgNV"
-            +"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
-            +"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6"
-            +"UE4wfgIEL64/4hcNMDQwNzEzMDc1ODM4WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw"
-            +"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC"
-            +"BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/eFw0wMzAy"
-            +"MTcwNjMzMjVaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD"
-            +"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU"
-            +"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP98XDTAzMDIxNzA2MzMyNVowZzBlBgNV"
-            +"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
-            +"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6"
-            +"UE4wfgIEL64/0xcNMDMwMjE3MDYzMzI1WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw"
-            +"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC"
-            +"BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/dFw0wMzAx"
-            +"MTMxMTI4MTRaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD"
-            +"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU"
-            +"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP9cXDTAzMDExMzExMjcwN1owZzBlBgNV"
-            +"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
-            +"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6"
-            +"UE4wfgIEL64/2BcNMDMwMTEzMTEyNzA3WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw"
-            +"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC"
-            +"BgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNDpQTjB+AgQvrj/VFw0wMzA0"
-            +"MzAxMjI3NTNaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYD"
-            +"VQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMU"
-            +"EVNpZ0cgVGVzdCBDQSA0OlBOMH4CBC+uP9YXDTAzMDQzMDEyMjc1M1owZzBlBgNV"
-            +"HR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
-            +"bGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDQ6"
-            +"UE4wfgIEL64/xhcNMDMwMjEyMTM0NTQwWjBnMGUGA1UdHQEB/wRbMFmkVzBVMQsw"
-            +"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKC"
-            +"BgEKBxQTATEwGAYDVQQDFBFUVEMgVGVzdCBDQSAxMTpQTjCBkAIEL64/xRcNMDMw"
-            +"MjEyMTM0NTQwWjB5MHcGA1UdHQEB/wRtMGukaTBnMQswCQYDVQQGEwJERTEcMBoG"
-            +"A1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEQMA4GA1UECxQHVGVsZVNlYzEoMAwG"
-            +"BwKCBgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0EgNTpQTjB+AgQvrj/CFw0w"
-            +"MzAyMTIxMzA5MTZaMGcwZQYDVR0dAQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRww"
-            +"GgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNV"
-            +"BAMUEVRUQyBUZXN0IENBIDExOlBOMIGQAgQvrj/BFw0wMzAyMTIxMzA4NDBaMHkw"
-            +"dwYDVR0dAQH/BG0wa6RpMGcxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2No"
-            +"ZSBUZWxla29tIEFHMRAwDgYDVQQLFAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAY"
-            +"BgNVBAMUEVNpZ0cgVGVzdCBDQSA1OlBOMH4CBC+uP74XDTAzMDIxNzA2MzcyNVow"
-            +"ZzBlBgNVHR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRz"
-            +"Y2hlIFRlbGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRVFRDIFRlc3Qg"
-            +"Q0EgMTE6UE4wgZACBC+uP70XDTAzMDIxNzA2MzcyNVoweTB3BgNVHR0BAf8EbTBr"
-            +"pGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcx"
-            +"EDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBU"
-            +"ZXN0IENBIDU6UE4wgZACBC+uP7AXDTAzMDIxMjEzMDg1OVoweTB3BgNVHR0BAf8E"
-            +"bTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20g"
-            +"QUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2ln"
-            +"RyBUZXN0IENBIDU6UE4wgZACBC+uP68XDTAzMDIxNzA2MzcyNVoweTB3BgNVHR0B"
-            +"Af8EbTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVr"
-            +"b20gQUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQR"
-            +"U2lnRyBUZXN0IENBIDU6UE4wfgIEL64/kxcNMDMwNDEwMDUyNjI4WjBnMGUGA1Ud"
-            +"HQEB/wRbMFmkVzBVMQswCQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVs"
-            +"ZWtvbSBBRzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFUVEMgVGVzdCBDQSAxMTpQ"
-            +"TjCBkAIEL64/khcNMDMwNDEwMDUyNjI4WjB5MHcGA1UdHQEB/wRtMGukaTBnMQsw"
-            +"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEQMA4GA1UE"
-            +"CxQHVGVsZVNlYzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFTaWdHIFRlc3QgQ0Eg"
-            +"NTpQTjB+AgQvrj8/Fw0wMzAyMjYxMTA0NDRaMGcwZQYDVR0dAQH/BFswWaRXMFUx"
-            +"CzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMSgwDAYH"
-            +"AoIGAQoHFBMBMTAYBgNVBAMUEVRUQyBUZXN0IENBIDExOlBOMIGQAgQvrj8+Fw0w"
-            +"MzAyMjYxMTA0NDRaMHkwdwYDVR0dAQH/BG0wa6RpMGcxCzAJBgNVBAYTAkRFMRww"
-            +"GgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMRAwDgYDVQQLFAdUZWxlU2VjMSgw"
-            +"DAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cgVGVzdCBDQSA1OlBOMH4CBC+uPs0X"
-            +"DTAzMDUyMDA1MjczNlowZzBlBgNVHR0BAf8EWzBZpFcwVTELMAkGA1UEBhMCREUx"
-            +"HDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxKDAMBgcCggYBCgcUEwExMBgG"
-            +"A1UEAxQRVFRDIFRlc3QgQ0EgMTE6UE4wgZACBC+uPswXDTAzMDUyMDA1MjczNlow"
-            +"eTB3BgNVHR0BAf8EbTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRz"
-            +"Y2hlIFRlbGVrb20gQUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwEx"
-            +"MBgGA1UEAxQRU2lnRyBUZXN0IENBIDY6UE4wfgIEL64+PBcNMDMwNjE3MTAzNDE2"
-            +"WjBnMGUGA1UdHQEB/wRbMFmkVzBVMQswCQYDVQQGEwJERTEcMBoGA1UEChQTRGV1"
-            +"dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFUVEMgVGVz"
-            +"dCBDQSAxMTpQTjCBkAIEL64+OxcNMDMwNjE3MTAzNDE2WjB5MHcGA1UdHQEB/wRt"
-            +"MGukaTBnMQswCQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBB"
-            +"RzEQMA4GA1UECxQHVGVsZVNlYzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFTaWdH"
-            +"IFRlc3QgQ0EgNjpQTjCBkAIEL64+OhcNMDMwNjE3MTAzNDE2WjB5MHcGA1UdHQEB"
-            +"/wRtMGukaTBnMQswCQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtv"
-            +"bSBBRzEQMA4GA1UECxQHVGVsZVNlYzEoMAwGBwKCBgEKBxQTATEwGAYDVQQDFBFT"
-            +"aWdHIFRlc3QgQ0EgNjpQTjB+AgQvrj45Fw0wMzA2MTcxMzAxMDBaMGcwZQYDVR0d"
-            +"AQH/BFswWaRXMFUxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxl"
-            +"a29tIEFHMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVRUQyBUZXN0IENBIDExOlBO"
-            +"MIGQAgQvrj44Fw0wMzA2MTcxMzAxMDBaMHkwdwYDVR0dAQH/BG0wa6RpMGcxCzAJ"
-            +"BgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMRAwDgYDVQQL"
-            +"FAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cgVGVzdCBDQSA2"
-            +"OlBOMIGQAgQvrj43Fw0wMzA2MTcxMzAxMDBaMHkwdwYDVR0dAQH/BG0wa6RpMGcx"
-            +"CzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMRAwDgYD"
-            +"VQQLFAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cgVGVzdCBD"
-            +"QSA2OlBOMIGQAgQvrj42Fw0wMzA2MTcxMzAxMDBaMHkwdwYDVR0dAQH/BG0wa6Rp"
-            +"MGcxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMRAw"
-            +"DgYDVQQLFAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cgVGVz"
-            +"dCBDQSA2OlBOMIGQAgQvrj4zFw0wMzA2MTcxMDM3NDlaMHkwdwYDVR0dAQH/BG0w"
-            +"a6RpMGcxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFH"
-            +"MRAwDgYDVQQLFAdUZWxlU2VjMSgwDAYHAoIGAQoHFBMBMTAYBgNVBAMUEVNpZ0cg"
-            +"VGVzdCBDQSA2OlBOMH4CBC+uPjEXDTAzMDYxNzEwNDI1OFowZzBlBgNVHR0BAf8E"
-            +"WzBZpFcwVTELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20g"
-            +"QUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRVFRDIFRlc3QgQ0EgMTE6UE4wgZAC"
-            +"BC+uPjAXDTAzMDYxNzEwNDI1OFoweTB3BgNVHR0BAf8EbTBrpGkwZzELMAkGA1UE"
-            +"BhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxEDAOBgNVBAsUB1Rl"
-            +"bGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDY6UE4w"
-            +"gZACBC+uPakXDTAzMTAyMjExMzIyNFoweTB3BgNVHR0BAf8EbTBrpGkwZzELMAkG"
-            +"A1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxEDAOBgNVBAsU"
-            +"B1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENBIDY6"
-            +"UE4wgZACBC+uPLIXDTA1MDMxMTA2NDQyNFoweTB3BgNVHR0BAf8EbTBrpGkwZzEL"
-            +"MAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxEDAOBgNV"
-            +"BAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0IENB"
-            +"IDY6UE4wgZACBC+uPKsXDTA0MDQwMjA3NTQ1M1oweTB3BgNVHR0BAf8EbTBrpGkw"
-            +"ZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcxEDAO"
-            +"BgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBUZXN0"
-            +"IENBIDY6UE4wgZACBC+uOugXDTA1MDEyNzEyMDMyNFoweTB3BgNVHR0BAf8EbTBr"
-            +"pGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20gQUcx"
-            +"EDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2lnRyBU"
-            +"ZXN0IENBIDY6UE4wgZACBC+uOr4XDTA1MDIxNjA3NTcxNloweTB3BgNVHR0BAf8E"
-            +"bTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVrb20g"
-            +"QUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRU2ln"
-            +"RyBUZXN0IENBIDY6UE4wgZACBC+uOqcXDTA1MDMxMDA1NTkzNVoweTB3BgNVHR0B"
-            +"Af8EbTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRlbGVr"
-            +"b20gQUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQR"
-            +"U2lnRyBUZXN0IENBIDY6UE4wgZACBC+uOjwXDTA1MDUxMTEwNDk0NloweTB3BgNV"
-            +"HR0BAf8EbTBrpGkwZzELMAkGA1UEBhMCREUxHDAaBgNVBAoUE0RldXRzY2hlIFRl"
-            +"bGVrb20gQUcxEDAOBgNVBAsUB1RlbGVTZWMxKDAMBgcCggYBCgcUEwExMBgGA1UE"
-            +"AxQRU2lnRyBUZXN0IENBIDY6UE4wgaoCBC+sbdUXDTA1MTExMTEwMDMyMVowgZIw"
-            +"gY8GA1UdHQEB/wSBhDCBgaR/MH0xCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0"
-            +"c2NoZSBUZWxla29tIEFHMR8wHQYDVQQLFBZQcm9kdWt0emVudHJ1bSBUZWxlU2Vj"
-            +"MS8wDAYHAoIGAQoHFBMBMTAfBgNVBAMUGFRlbGVTZWMgUEtTIFNpZ0cgQ0EgMTpQ"
-            +"TjCBlQIEL64uaBcNMDYwMTIzMTAyNTU1WjB+MHwGA1UdHQEB/wRyMHCkbjBsMQsw"
-            +"CQYDVQQGEwJERTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEWMBQGA1UE"
-            +"CxQNWmVudHJhbGUgQm9ubjEnMAwGBwKCBgEKBxQTATEwFwYDVQQDFBBUVEMgVGVz"
-            +"dCBDQSA5OlBOMIGVAgQvribHFw0wNjA4MDEwOTQ4NDRaMH4wfAYDVR0dAQH/BHIw"
-            +"cKRuMGwxCzAJBgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFH"
-            +"MRYwFAYDVQQLFA1aZW50cmFsZSBCb25uMScwDAYHAoIGAQoHFBMBMTAXBgNVBAMU"
-            +"EFRUQyBUZXN0IENBIDk6UE6ggZswgZgwCwYDVR0UBAQCAhEMMB8GA1UdIwQYMBaA"
-            +"FANbyNumDI9545HwlCF26NuOJC45MA8GA1UdHAEB/wQFMAOEAf8wVwYDVR0SBFAw"
-            +"ToZMbGRhcDovL3Brc2xkYXAudHR0Yy5kZS9vdT1ULVRlbGVTZWMgVGVzdCBESVIg"
-            +"ODpQTixvPURldXRzY2hlIFRlbGVrb20gQUcsYz1kZTANBgkqhkiG9w0BAQUFAAOB"
-            +"gQBewL5gLFHpeOWO07Vk3Gg7pRDuAlvaovBH4coCyCWpk5jEhUfFSYEDuaQB7do4"
-            +"IlJmeTHvkI0PIZWJ7bwQ2PVdipPWDx0NVwS/Cz5jUKiS3BbAmZQZOueiKLFpQq3A"
-            +"b8aOHA7WHU4078/1lM+bgeu33Ln1CGykEbmSjA/oKPi/JA==");
-    
-    byte[] directCRL = Base64.decode(
-            "MIIGXTCCBckCAQEwCgYGKyQDAwECBQAwdDELMAkGA1UEBhMCREUxHDAaBgNVBAoU"
-            +"E0RldXRzY2hlIFRlbGVrb20gQUcxFzAVBgNVBAsUDlQtVGVsZVNlYyBUZXN0MS4w"
-            +"DAYHAoIGAQoHFBMBMTAeBgNVBAMUF1QtVGVsZVNlYyBUZXN0IERJUiA4OlBOFw0w"
-            +"NjA4MDQwODQ1MTRaFw0wNjA4MDQxNDQ1MTRaMIIElTAVAgQvrj/pFw0wMzA3MjIw"
-            +"NTQxMjhaMBUCBC+uP+oXDTAzMDcyMjA1NDEyOFowFQIEL64/5xcNMDQwNDA1MTMx"
-            +"ODE3WjAVAgQvrj/oFw0wNDA0MDUxMzE4MTdaMBUCBC+uP+UXDTAzMDExMzExMTgx"
-            +"MVowFQIEL64/5hcNMDMwMTEzMTExODExWjAVAgQvrj/jFw0wMzAxMTMxMTI2NTZa"
-            +"MBUCBC+uP+QXDTAzMDExMzExMjY1NlowFQIEL64/4hcNMDQwNzEzMDc1ODM4WjAV"
-            +"AgQvrj/eFw0wMzAyMTcwNjMzMjVaMBUCBC+uP98XDTAzMDIxNzA2MzMyNVowFQIE"
-            +"L64/0xcNMDMwMjE3MDYzMzI1WjAVAgQvrj/dFw0wMzAxMTMxMTI4MTRaMBUCBC+u"
-            +"P9cXDTAzMDExMzExMjcwN1owFQIEL64/2BcNMDMwMTEzMTEyNzA3WjAVAgQvrj/V"
-            +"Fw0wMzA0MzAxMjI3NTNaMBUCBC+uP9YXDTAzMDQzMDEyMjc1M1owFQIEL64/xhcN"
-            +"MDMwMjEyMTM0NTQwWjAVAgQvrj/FFw0wMzAyMTIxMzQ1NDBaMBUCBC+uP8IXDTAz"
-            +"MDIxMjEzMDkxNlowFQIEL64/wRcNMDMwMjEyMTMwODQwWjAVAgQvrj++Fw0wMzAy"
-            +"MTcwNjM3MjVaMBUCBC+uP70XDTAzMDIxNzA2MzcyNVowFQIEL64/sBcNMDMwMjEy"
-            +"MTMwODU5WjAVAgQvrj+vFw0wMzAyMTcwNjM3MjVaMBUCBC+uP5MXDTAzMDQxMDA1"
-            +"MjYyOFowFQIEL64/khcNMDMwNDEwMDUyNjI4WjAVAgQvrj8/Fw0wMzAyMjYxMTA0"
-            +"NDRaMBUCBC+uPz4XDTAzMDIyNjExMDQ0NFowFQIEL64+zRcNMDMwNTIwMDUyNzM2"
-            +"WjAVAgQvrj7MFw0wMzA1MjAwNTI3MzZaMBUCBC+uPjwXDTAzMDYxNzEwMzQxNlow"
-            +"FQIEL64+OxcNMDMwNjE3MTAzNDE2WjAVAgQvrj46Fw0wMzA2MTcxMDM0MTZaMBUC"
-            +"BC+uPjkXDTAzMDYxNzEzMDEwMFowFQIEL64+OBcNMDMwNjE3MTMwMTAwWjAVAgQv"
-            +"rj43Fw0wMzA2MTcxMzAxMDBaMBUCBC+uPjYXDTAzMDYxNzEzMDEwMFowFQIEL64+"
-            +"MxcNMDMwNjE3MTAzNzQ5WjAVAgQvrj4xFw0wMzA2MTcxMDQyNThaMBUCBC+uPjAX"
-            +"DTAzMDYxNzEwNDI1OFowFQIEL649qRcNMDMxMDIyMTEzMjI0WjAVAgQvrjyyFw0w"
-            +"NTAzMTEwNjQ0MjRaMBUCBC+uPKsXDTA0MDQwMjA3NTQ1M1owFQIEL6466BcNMDUw"
-            +"MTI3MTIwMzI0WjAVAgQvrjq+Fw0wNTAyMTYwNzU3MTZaMBUCBC+uOqcXDTA1MDMx"
-            +"MDA1NTkzNVowFQIEL646PBcNMDUwNTExMTA0OTQ2WjAVAgQvrG3VFw0wNTExMTEx"
-            +"MDAzMjFaMBUCBC+uLmgXDTA2MDEyMzEwMjU1NVowFQIEL64mxxcNMDYwODAxMDk0"
-            +"ODQ0WqCBijCBhzALBgNVHRQEBAICEQwwHwYDVR0jBBgwFoAUA1vI26YMj3njkfCU"
-            +"IXbo244kLjkwVwYDVR0SBFAwToZMbGRhcDovL3Brc2xkYXAudHR0Yy5kZS9vdT1U"
-            +"LVRlbGVTZWMgVGVzdCBESVIgODpQTixvPURldXRzY2hlIFRlbGVrb20gQUcsYz1k"
-            +"ZTAKBgYrJAMDAQIFAAOBgQArj4eMlbAwuA2aS5O4UUUHQMKKdK/dtZi60+LJMiMY"
-            +"ojrMIf4+ZCkgm1Ca0Cd5T15MJxVHhh167Ehn/Hd48pdnAP6Dfz/6LeqkIHGWMHR+"
-            +"z6TXpwWB+P4BdUec1ztz04LypsznrHcLRa91ixg9TZCb1MrOG+InNhleRs1ImXk8"
-            +"MQ==");
-        
- 
-    public String getName()
-    {
-        return "CRL5";
-    }
-   
-    public void indirectCRLTest()
-        throws Exception
-    {
-        CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
-        ByteArrayInputStream in = new ByteArrayInputStream(inDirectCrl);
-        X509CRL crl = (X509CRL) cf.generateCRL(in);
-        Set set = crl.getRevokedCertificates();
-        Iterator it = set.iterator();
-        while (it.hasNext())
-        {
-            if (((X509CRLEntry)it.next()).getCertificateIssuer() == null)
-            {
-                fail("certificate issuer CRL entry extension is null");
-            }
-        }
-    } 
-
-    public void directCRLTest()
-        throws Exception
-    {
-        CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
-        ByteArrayInputStream in = new ByteArrayInputStream(directCRL);
-        X509CRL crl = (X509CRL) cf.generateCRL(in);
-        Set set = crl.getRevokedCertificates();
-        Iterator it = set.iterator();
-        while (it.hasNext())
-        {
-            if (((X509CRLEntry)it.next()).getCertificateIssuer() != null)
-            {
-                fail("certificate issuer CRL entry extension is not null");
-            }
-        }
-    }
-    
-    public void performTest()
-        throws Exception
-    {
-        indirectCRLTest();
-        directCRLTest();
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new CRL5Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CamelliaTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CamelliaTest.java
deleted file mode 100644
index 9ee56c7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CamelliaTest.java
+++ /dev/null

@@ -1,189 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.encoders.Hex;
-
-import javax.crypto.Cipher;
-import javax.crypto.CipherInputStream;
-import javax.crypto.CipherOutputStream;
-import javax.crypto.spec.SecretKeySpec;
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.DataInputStream;
-import java.io.IOException;
-import java.security.Key;
-import java.security.Security;
-
-/**
- * basic test class for Camellia
- */
-public class CamelliaTest
-    extends BaseBlockCipherTest
-{
-    static String[] cipherTests =
-    {
-        "128",
-        "0123456789abcdeffedcba9876543210",
-        "0123456789abcdeffedcba9876543210",
-        "67673138549669730857065648eabe43",
-        "192",
-        "0123456789abcdeffedcba98765432100011223344556677",
-        "0123456789abcdeffedcba9876543210",
-        "b4993401b3e996f84ee5cee7d79b09b9",
-        "256",
-        "0123456789abcdeffedcba987654321000112233445566778899aabbccddeeff",
-        "0123456789abcdeffedcba9876543210",
-        "9acc237dff16d76c20ef7c919e3a7509",
-    };
-
-    public CamelliaTest()
-    {
-        super("Camellia");
-    }
-
-    public void test(
-        int         strength,
-        byte[]      keyBytes,
-        byte[]      input,
-        byte[]      output)
-        throws Exception
-    {
-        Key key;
-        Cipher in, out;
-        CipherInputStream cIn;
-        CipherOutputStream cOut;
-        ByteArrayInputStream bIn;
-        ByteArrayOutputStream bOut;
-
-        key = new SecretKeySpec(keyBytes, "Camellia");
-
-        in = Cipher.getInstance("Camellia/ECB/NoPadding", "BC");
-        out = Cipher.getInstance("Camellia/ECB/NoPadding", "BC");
-
-        try
-        {
-            out.init(Cipher.ENCRYPT_MODE, key);
-        }
-        catch (Exception e)
-        {
-            fail("Camellia failed initialisation - " + e.toString(), e);
-        }
-
-        try
-        {
-            in.init(Cipher.DECRYPT_MODE, key);
-        }
-        catch (Exception e)
-        {
-            fail("Camellia failed initialisation - " + e.toString(), e);
-        }
-
-        //
-        // encryption pass
-        //
-        bOut = new ByteArrayOutputStream();
-
-        cOut = new CipherOutputStream(bOut, out);
-
-        try
-        {
-            for (int i = 0; i != input.length / 2; i++)
-            {
-                cOut.write(input[i]);
-            }
-            cOut.write(input, input.length / 2, input.length - input.length / 2);
-            cOut.close();
-        }
-        catch (IOException e)
-        {
-            fail("Camellia failed encryption - " + e.toString(), e);
-        }
-
-        byte[]    bytes;
-
-        bytes = bOut.toByteArray();
-
-        if (!areEqual(bytes, output))
-        {
-            fail("Camellia failed encryption - expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(bytes)));
-        }
-
-        //
-        // decryption pass
-        //
-        bIn = new ByteArrayInputStream(bytes);
-
-        cIn = new CipherInputStream(bIn, in);
-
-        try
-        {
-            DataInputStream dIn = new DataInputStream(cIn);
-
-            bytes = new byte[input.length];
-
-            for (int i = 0; i != input.length / 2; i++)
-            {
-                bytes[i] = (byte)dIn.read();
-            }
-            dIn.readFully(bytes, input.length / 2, bytes.length - input.length / 2);
-        }
-        catch (Exception e)
-        {
-            fail("Camellia failed encryption - " + e.toString(), e);
-        }
-
-        if (!areEqual(bytes, input))
-        {
-            fail("Camellia failed decryption - expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(bytes)));
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        for (int i = 0; i != cipherTests.length; i += 4)
-        {
-            test(Integer.parseInt(cipherTests[i]),
-                            Hex.decode(cipherTests[i + 1]),
-                            Hex.decode(cipherTests[i + 2]),
-                            Hex.decode(cipherTests[i + 3]));
-        }
-
-        byte[]  kek1 = Hex.decode("000102030405060708090a0b0c0d0e0f");
-        byte[]  in1 = Hex.decode("00112233445566778899aabbccddeeff");
-        byte[]  out1 = Hex.decode("635d6ac46eedebd3a7f4a06421a4cbd1746b24795ba2f708");
-
-        wrapTest(1, "CamelliaWrap", kek1, in1, out1);
-
-        String[] oids = {
-                NTTObjectIdentifiers.id_camellia128_cbc.getId(),
-                NTTObjectIdentifiers.id_camellia192_cbc.getId(),
-                NTTObjectIdentifiers.id_camellia256_cbc.getId()
-        };
-
-        String[] names = {
-                "Camellia/CBC/PKCS7Padding",
-                "Camellia/CBC/PKCS7Padding",
-                "Camellia/CBC/PKCS7Padding"
-        };
-
-        oidTest(oids, names, 1);
-
-        String[] wrapOids = {
-                NTTObjectIdentifiers.id_camellia128_wrap.getId(),
-                NTTObjectIdentifiers.id_camellia192_wrap.getId(),
-                NTTObjectIdentifiers.id_camellia256_wrap.getId()
-        };
-
-        wrapOidTest(wrapOids, "CamelliaWrap");
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new CamelliaTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CertPathBuilderTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CertPathBuilderTest.java
deleted file mode 100644
index 42f5878..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CertPathBuilderTest.java
+++ /dev/null

@@ -1,140 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.math.BigInteger;
-import java.security.KeyPair;
-import java.security.Security;
-import java.security.cert.CertPath;
-import java.security.cert.CertPathBuilder;
-import java.security.cert.CertStore;
-import java.security.cert.CertificateFactory;
-import java.security.cert.CollectionCertStoreParameters;
-import java.security.cert.PKIXBuilderParameters;
-import java.security.cert.PKIXCertPathBuilderResult;
-import java.security.cert.TrustAnchor;
-import java.security.cert.X509CRL;
-import java.security.cert.X509CertSelector;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.Date;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Set;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class CertPathBuilderTest
-    extends SimpleTest
-{
-
-    private void baseTest()
-        throws Exception
-    {
-        CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
-
-            // initialise CertStore
-        X509Certificate rootCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(CertPathTest.rootCertBin));
-        X509Certificate interCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(CertPathTest.interCertBin));
-        X509Certificate finalCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(CertPathTest.finalCertBin));
-        X509CRL rootCrl = (X509CRL)cf.generateCRL(new ByteArrayInputStream(CertPathTest.rootCrlBin));
-        X509CRL interCrl = (X509CRL)cf.generateCRL(new ByteArrayInputStream(CertPathTest.interCrlBin));
-        List list = new ArrayList();
-        list.add(rootCert);
-        list.add(interCert);
-        list.add(finalCert);
-        list.add(rootCrl);
-        list.add(interCrl);
-        CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
-        CertStore store = CertStore.getInstance("Collection", ccsp, "BC");
-        Date validDate = new Date(rootCrl.getThisUpdate().getTime() + 60 * 60 * 1000);
-
-            //Searching for rootCert by subjectDN without CRL
-        Set trust = new HashSet();
-        trust.add(new TrustAnchor(rootCert, null));
-
-        CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX","BC");
-        X509CertSelector targetConstraints = new X509CertSelector();
-        targetConstraints.setSubject(finalCert.getSubjectX500Principal().getEncoded());
-        PKIXBuilderParameters params = new PKIXBuilderParameters(trust, targetConstraints);
-        params.addCertStore(store);
-        params.setDate(validDate);
-        PKIXCertPathBuilderResult result = (PKIXCertPathBuilderResult) cpb.build(params);
-        CertPath                  path = result.getCertPath();
-
-        if (path.getCertificates().size() != 2)
-        {
-            fail("wrong number of certs in baseTest path");
-        }
-    }
-
-    private void v0Test()
-        throws Exception
-    {
-        // create certificates and CRLs
-        KeyPair         rootPair = TestUtils.generateRSAKeyPair();
-        KeyPair         interPair = TestUtils.generateRSAKeyPair();
-        KeyPair         endPair = TestUtils.generateRSAKeyPair();
-
-        X509Certificate rootCert = TestUtils.generateRootCert(rootPair);
-        X509Certificate interCert = TestUtils.generateIntermediateCert(interPair.getPublic(), rootPair.getPrivate(), rootCert);
-        X509Certificate endCert = TestUtils.generateEndEntityCert(endPair.getPublic(), interPair.getPrivate(), interCert);
-
-        BigInteger      revokedSerialNumber = BigInteger.valueOf(2);
-        X509CRL         rootCRL = TestUtils.createCRL(rootCert, rootPair.getPrivate(), revokedSerialNumber);
-        X509CRL         interCRL = TestUtils.createCRL(interCert, interPair.getPrivate(), revokedSerialNumber);
-
-        // create CertStore to support path building
-        List list = new ArrayList();
-
-        list.add(rootCert);
-        list.add(interCert);
-        list.add(endCert);
-        list.add(rootCRL);
-        list.add(interCRL);
-
-        CollectionCertStoreParameters params = new CollectionCertStoreParameters(list);
-        CertStore                     store = CertStore.getInstance("Collection", params);
-
-        // build the path
-        CertPathBuilder  builder = CertPathBuilder.getInstance("PKIX", "BC");
-        X509CertSelector pathConstraints = new X509CertSelector();
-
-        pathConstraints.setSubject(endCert.getSubjectX500Principal().getEncoded());
-
-        PKIXBuilderParameters buildParams = new PKIXBuilderParameters(Collections.singleton(new TrustAnchor(rootCert, null)), pathConstraints);
-
-        buildParams.addCertStore(store);
-        buildParams.setDate(new Date());
-
-        PKIXCertPathBuilderResult result = (PKIXCertPathBuilderResult)builder.build(buildParams);
-        CertPath                  path = result.getCertPath();
-
-        if (path.getCertificates().size() != 2)
-        {
-            fail("wrong number of certs in v0Test path");
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        baseTest();
-        v0Test();
-    }
-    
-    public String getName()
-    {
-        return "CertPathBuilder";
-    }
-
-    public static void main(
-        String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new CertPathBuilderTest());
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CertPathTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CertPathTest.java
deleted file mode 100644
index 5e00b61..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CertPathTest.java
+++ /dev/null

@@ -1,369 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.ObjectOutputStream;
-import java.security.InvalidKeyException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PublicKey;
-import java.security.Security;
-import java.security.SignatureException;
-import java.security.cert.CertPath;
-import java.security.cert.CertPathBuilder;
-import java.security.cert.CertPathBuilderException;
-import java.security.cert.CertPathBuilderResult;
-import java.security.cert.CertStore;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.CollectionCertStoreParameters;
-import java.security.cert.PKIXBuilderParameters;
-import java.security.cert.TrustAnchor;
-import java.security.cert.X509CertSelector;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Set;
-import java.util.Vector;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class CertPathTest
-    extends SimpleTest
-{
-    public static byte[] rootCertBin = Base64.decode(
-        "MIIBqzCCARQCAQEwDQYJKoZIhvcNAQEFBQAwHjEcMBoGA1UEAxMTVGVzdCBDQSBDZXJ0aWZpY2F0ZTAeFw0wODA5MDQwNDQ1MDhaFw0wODA5MTEwNDQ1MDhaMB4xHDAaBgNVBAMTE1Rlc3QgQ0EgQ2VydGlmaWNhdGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMRLUjhPe4YUdLo6EcjKcWUOG7CydFTH53Pr1lWjOkbmszYDpkhCTT9LOsI+disk18nkBxSl8DAHTqV+VxtuTPt64iyi10YxyDeep+DwZG/f8cVQv97U3hA9cLurZ2CofkMLGr6JpSGCMZ9FcstcTdHB4lbErIJ54YqfF4pNOs4/AgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAgyrTEFY7ALpeY59jL6xFOLpuPqoBOWrUWv6O+zy5BCU0qiX71r3BpigtxRj+DYcfLIM9FNERDoHu3TthD3nwYWUBtFX8N0QUJIdJabxqAMhLjSC744koiFpCYse5Ye3ZvEdFwDzgAQsJTp5eFGgTZPkPzcdhkFJ2p9+OWs+cb24=");
-
-
-    static byte[] interCertBin = Base64.decode(
-        "MIICSzCCAbSgAwIBAgIBATANBgkqhkiG9w0BAQUFADAeMRwwGgYDVQQDExNUZXN0IENBIENlcnRpZmljYXRlMB4XDTA4MDkwNDA0NDUwOFoXDTA4MDkxMTA0NDUwOFowKDEmMCQGA1UEAxMdVGVzdCBJbnRlcm1lZGlhdGUgQ2VydGlmaWNhdGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAISS9OOZ2wxzdWny9aVvk4Joq+dwSJ+oqvHUxX3PflZyuiLiCBUOUE4q59dGKdtNX5fIfwyK3cpV0e73Y/0fwfM3m9rOWFrCKOhfeswNTes0w/2PqPVVDDsF/nj7NApuqXwioeQlgTL251RDF4sVoxXqAU7lRkcqwZt3mwqS4KTJAgMBAAGjgY4wgYswRgYDVR0jBD8wPYAUhv8BOT27EB9JaCccJD4YASPP5XWhIqQgMB4xHDAaBgNVBAMTE1Rlc3QgQ0EgQ2VydGlmaWNhdGWCAQEwHQYDVR0OBBYEFL/IwAGOkHzaQyPZegy79CwM5oTFMBIGA1UdEwEB/wQIMAYBAf8CAQAwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBBQUAA4GBAE4TRgUz4sUvZyVdZxqV+XyNRnqXAeLOOqFGYv2D96tQrS+zjd0elVlT6lFrtchZdOmmX7R6/H/tjMWMcTBICZyRYrvK8cCAmDOI+EIdq5p6lj2Oq6Pbw/wruojAqNrpaR6IkwNpWtdOSSupv4IJL+YU9q2YFTh4R1j3tOkPoFGr");
-
-    static byte[] finalCertBin = Base64.decode(
-        "MIICRjCCAa+gAwIBAgIBATANBgkqhkiG9w0BAQUFADAoMSYwJAYDVQQDEx1UZXN0IEludGVybWVkaWF0ZSBDZXJ0aWZpY2F0ZTAeFw0wODA5MDQwNDQ1MDhaFw0wODA5MTEwNDQ1MDhaMB8xHTAbBgNVBAMTFFRlc3QgRW5kIENlcnRpZmljYXRlMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQChpUeo0tPYywWKiLlbWKNJBcCpSaLSlaZ+4+yer1AxI5yJIVHP6SAlBghlbD5Qne5ImnN/15cz1xwYAiul6vGKJkVPlFEe2Mr+g/J/WJPQQPsjbZ1G+vxbAwXEDA4KaQrnpjRZFq+CdKHwOjuPLYS/MYQNgdIvDVEQcTbPQ8GaiQIDAQABo4GIMIGFMEYGA1UdIwQ/MD2AFL/IwAGOkHzaQyPZegy79CwM5oTFoSKkIDAeMRwwGgYDVQQDExNUZXN0IENBIENlcnRpZmljYXRlggEBMB0GA1UdDgQWBBSVkw+VpqBf3zsLc/9GdkK9TzHPwDAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIFoDANBgkqhkiG9w0BAQUFAAOBgQBLv/0bVDjzTs/y1vN3FUiZNknEbzupIZduTuXJjqv/vBX+LDPjUfu/+iOCXOSKoRn6nlOWhwB1z6taG2usQkFG8InMkRcPREi2uVgFdhJ/1C3dAWhsdlubjdL926bftXvxnx/koDzyrePW5U96RlOQM2qLvbaky2Giz6hrc3Wl+w==");
-    public static byte[] rootCrlBin = Base64.decode(
-        "MIIBYjCBzAIBATANBgkqhkiG9w0BAQsFADAeMRwwGgYDVQQDExNUZXN0IENBIENlcnRpZmljYXRlFw0wODA5MDQwNDQ1MDhaFw0wODA5MDQwNzMxNDhaMCIwIAIBAhcNMDgwOTA0MDQ0NTA4WjAMMAoGA1UdFQQDCgEJoFYwVDBGBgNVHSMEPzA9gBSG/wE5PbsQH0loJxwkPhgBI8/ldaEipCAwHjEcMBoGA1UEAxMTVGVzdCBDQSBDZXJ0aWZpY2F0ZYIBATAKBgNVHRQEAwIBATANBgkqhkiG9w0BAQsFAAOBgQCAbaFCo0BNG4AktVf6jjBLeawP1u0ELYkOCEGvYZE0mBpQ+OvFg7subZ6r3lRIj030nUli28sPFtu5ZQMBNcpE4nS1ziF44RfT3Lp5UgHx9x17Krz781iEyV+7zU8YxYMY9wULD+DCuK294kGKIssVNbmTYXZatBNoXQN5CLIocA==");
-    static byte[] interCrlBin = Base64.decode(
-        "MIIBbDCB1gIBATANBgkqhkiG9w0BAQsFADAoMSYwJAYDVQQDEx1UZXN0IEludGVybWVkaWF0ZSBDZXJ0aWZpY2F0ZRcNMDgwOTA0MDQ0NTA4WhcNMDgwOTA0MDczMTQ4WjAiMCACAQIXDTA4MDkwNDA0NDUwOFowDDAKBgNVHRUEAwoBCaBWMFQwRgYDVR0jBD8wPYAUv8jAAY6QfNpDI9l6DLv0LAzmhMWhIqQgMB4xHDAaBgNVBAMTE1Rlc3QgQ0EgQ2VydGlmaWNhdGWCAQEwCgYDVR0UBAMCAQEwDQYJKoZIhvcNAQELBQADgYEAEVCr5TKs5yguGgLH+dBzmSPoeSIWJFLsgWwJEit/iUDJH3dgYmaczOcGxIDtbYYHLWIHM+P2YRyQz3MEkCXEgm/cx4y7leAmux5l+xQWgmxFPz+197vaphPeCZo+B7V1CWtm518gcq4mrs9ovfgNqgyFj7KGjcBpWdJE32KMt50=");
-
-    /*
-     * certpath with a circular reference
-     */
-    static byte[] certA = Base64.decode(
-        "MIIC6jCCAlOgAwIBAgIBBTANBgkqhkiG9w0BAQUFADCBjTEPMA0GA1UEAxMGSW50"
-      + "ZXIzMQswCQYDVQQGEwJDSDEPMA0GA1UEBxMGWnVyaWNoMQswCQYDVQQIEwJaSDEX"
-      + "MBUGA1UEChMOUHJpdmFzcGhlcmUgQUcxEDAOBgNVBAsTB1Rlc3RpbmcxJDAiBgkq"
-      + "hkiG9w0BCQEWFWFybWluQHByaXZhc3BoZXJlLmNvbTAeFw0wNzA0MDIwODQ2NTda"
-      + "Fw0xNzAzMzAwODQ0MDBaMIGlMScwJQYDVQQDHh4AQQByAG0AaQBuACAASADkAGIA"
-      + "ZQByAGwAaQBuAGcxCzAJBgNVBAYTAkNIMQ8wDQYDVQQHEwZadXJpY2gxCzAJBgNV"
-      + "BAgTAlpIMRcwFQYDVQQKEw5Qcml2YXNwaGVyZSBBRzEQMA4GA1UECxMHVGVzdGlu"
-      + "ZzEkMCIGCSqGSIb3DQEJARYVYXJtaW5AcHJpdmFzcGhlcmUuY29tMIGfMA0GCSqG"
-      + "SIb3DQEBAQUAA4GNADCBiQKBgQCfHfyVs5dbxG35H/Thd29qR4NZU88taCu/OWA1"
-      + "GdACI02lXWYpmLWiDgnU0ULP+GG8OnVp1IES9fz2zcrXKQ19xZzsen/To3h5sNte"
-      + "cJpS00XMM24q/jDwy5NvkBP9YIfFKQ1E/0hFHXcqwlw+b/y/v6YGsZCU2h6QDzc4"
-      + "5m0+BwIDAQABo0AwPjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIE8DAeBglg"
-      + "hkgBhvhCAQ0EERYPeGNhIGNlcnRpZmljYXRlMA0GCSqGSIb3DQEBBQUAA4GBAJEu"
-      + "KiSfIwsY7SfobMLrv2v/BtLhGLi4RnmjiwzBhuv5rn4rRfBpq1ppmqQMJ2pmA67v"
-      + "UWCY+mNwuyjHyivpCCyJGsZ9d5H09g2vqxzkDBMz7X9VNMZYFH8j/R3/Cfvqks31"
-      + "z0OFslJkeKLa1I0P/dfVHsRKNkLRT3Ws5LKksErQ");
-
-    static byte[] certB = Base64.decode(
-        "MIICtTCCAh6gAwIBAgIBBDANBgkqhkiG9w0BAQQFADCBjTEPMA0GA1UEAxMGSW50"
-      + "ZXIyMQswCQYDVQQGEwJDSDEPMA0GA1UEBxMGWnVyaWNoMQswCQYDVQQIEwJaSDEX"
-      + "MBUGA1UEChMOUHJpdmFzcGhlcmUgQUcxEDAOBgNVBAsTB1Rlc3RpbmcxJDAiBgkq"
-      + "hkiG9w0BCQEWFWFybWluQHByaXZhc3BoZXJlLmNvbTAeFw0wNzA0MDIwODQ2Mzha"
-      + "Fw0xNzAzMzAwODQ0MDBaMIGNMQ8wDQYDVQQDEwZJbnRlcjMxCzAJBgNVBAYTAkNI"
-      + "MQ8wDQYDVQQHEwZadXJpY2gxCzAJBgNVBAgTAlpIMRcwFQYDVQQKEw5Qcml2YXNw"
-      + "aGVyZSBBRzEQMA4GA1UECxMHVGVzdGluZzEkMCIGCSqGSIb3DQEJARYVYXJtaW5A"
-      + "cHJpdmFzcGhlcmUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCxCXIB"
-      + "QRnmVvl2h7Q+0SsRxDLnyM1dJG9jMa+UCCmHy0k/ZHs5VirSbjEJSjkQ9BGeh9SC"
-      + "7JwbMpXO7UE+gcVc2RnWUY+MA+fWIeTV4KtkYA8WPu8wVGCXbN8wwh/StOocszxb"
-      + "g+iLvGeh8CYSRqg6QN3S/02etH3o8H4e7Z0PZwIDAQABoyMwITAPBgNVHRMBAf8E"
-      + "BTADAQH/MA4GA1UdDwEB/wQEAwIB9jANBgkqhkiG9w0BAQQFAAOBgQCtWdirSsmt"
-      + "+CBBCNn6ZnbU3QqQfiiQIomjenNEHESJgaS/+PvPE5i3xWFXsunTHLW321/Km16I"
-      + "7+ZvT8Su1cqHg79NAT8QB0yke1saKSy2C0Pic4HwrNqVBWFNSxMU0hQzpx/ZXDbZ"
-      + "DqIXAp5EfyRYBy2ul+jm6Rot6aFgzuopKg==");
-
-    static byte[] certC = Base64.decode(
-        "MIICtTCCAh6gAwIBAgIBAjANBgkqhkiG9w0BAQQFADCBjTEPMA0GA1UEAxMGSW50"
-      + "ZXIxMQswCQYDVQQGEwJDSDEPMA0GA1UEBxMGWnVyaWNoMQswCQYDVQQIEwJaSDEX"
-      + "MBUGA1UEChMOUHJpdmFzcGhlcmUgQUcxEDAOBgNVBAsTB1Rlc3RpbmcxJDAiBgkq"
-      + "hkiG9w0BCQEWFWFybWluQHByaXZhc3BoZXJlLmNvbTAeFw0wNzA0MDIwODQ0Mzla"
-      + "Fw0xNzAzMzAwODQ0MDBaMIGNMQ8wDQYDVQQDEwZJbnRlcjIxCzAJBgNVBAYTAkNI"
-      + "MQ8wDQYDVQQHEwZadXJpY2gxCzAJBgNVBAgTAlpIMRcwFQYDVQQKEw5Qcml2YXNw"
-      + "aGVyZSBBRzEQMA4GA1UECxMHVGVzdGluZzEkMCIGCSqGSIb3DQEJARYVYXJtaW5A"
-      + "cHJpdmFzcGhlcmUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD0rLr6"
-      + "f2/ONeJzTb0q9M/NNX+MnAFMSqiQGVBkT76u5nOH4KLkpHXkzI82JI7GuQMzoT3a"
-      + "+RP1hO6FneO92ms2soC6xiOFb4EC69Dfhh87Nww5O35JxVF0bzmbmIAWd6P/7zGh"
-      + "nd2S4tKkaZcubps+C0j9Fgi0hipVicAOUVVoDQIDAQABoyMwITAPBgNVHRMBAf8E"
-      + "BTADAQH/MA4GA1UdDwEB/wQEAwIB9jANBgkqhkiG9w0BAQQFAAOBgQCLPvc1IMA4"
-      + "YP+PmnEldyUoRWRnvPWjBGeu0WheBP7fdcnGBf93Nmc5j68ZN+eTZ5VMuZ99YdvH"
-      + "CXGNX6oodONLU//LlFKdLl5xjLAS5X9p1RbOEGytnalqeiEpjk4+C/7rIBG1kllO"
-      + "dItmI6LlEMV09Hkpg6ZRAUmRkb8KrM4X7A==");
-
-    static byte[] certD = Base64.decode(
-        "MIICtTCCAh6gAwIBAgIBBjANBgkqhkiG9w0BAQQFADCBjTEPMA0GA1UEAxMGSW50"
-      + "ZXIzMQswCQYDVQQGEwJDSDEPMA0GA1UEBxMGWnVyaWNoMQswCQYDVQQIEwJaSDEX"
-      + "MBUGA1UEChMOUHJpdmFzcGhlcmUgQUcxEDAOBgNVBAsTB1Rlc3RpbmcxJDAiBgkq"
-      + "hkiG9w0BCQEWFWFybWluQHByaXZhc3BoZXJlLmNvbTAeFw0wNzA0MDIwODQ5NTNa"
-      + "Fw0xNzAzMzAwODQ0MDBaMIGNMQ8wDQYDVQQDEwZJbnRlcjExCzAJBgNVBAYTAkNI"
-      + "MQ8wDQYDVQQHEwZadXJpY2gxCzAJBgNVBAgTAlpIMRcwFQYDVQQKEw5Qcml2YXNw"
-      + "aGVyZSBBRzEQMA4GA1UECxMHVGVzdGluZzEkMCIGCSqGSIb3DQEJARYVYXJtaW5A"
-      + "cHJpdmFzcGhlcmUuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCae3TP"
-      + "jIVKeASqvNabaiUHAMGUgFxB7L0yUsIj39azLcLtUj4S7XkDf7SMGtYV0JY1XNaQ"
-      + "sHJAsnJivDZc50oiYvqDYfgFZx5+AsN5l5X5rjRzs/OX+Jo+k1OgsIyu6+mf9Kfb"
-      + "5IdWOVB2EcOg4f9tPjLM8CIj9Pp7RbKLyqUUgwIDAQABoyMwITAPBgNVHRMBAf8E"
-      + "BTADAQH/MA4GA1UdDwEB/wQEAwIB9jANBgkqhkiG9w0BAQQFAAOBgQCgr9kUdWUT"
-      + "Lt9UcztSzR3pnHRsyvS0E/z850OKQKS5/VxLEalpFvhj+3EcZ7Y6mFxaaS2B7vXg"
-      + "2YWyqV1PRb6iF7/u9EXkpSTKGrJahwANirCa3V/HTUuPdCE2GITlnWI8h3eVA+xQ"
-      + "D4LF0PXHOkXbwmhXRSb10lW1bSGkUxE9jg==");
-
-    private void testExceptions()
-        throws Exception
-    {
-        byte[] enc = { (byte)0, (byte)2, (byte)3, (byte)4, (byte)5 };
-        MyCertPath mc = new MyCertPath(enc);
-        ByteArrayOutputStream os = new ByteArrayOutputStream();
-        ByteArrayInputStream is;
-        byte[] arr;
-
-        ObjectOutputStream oOut = new ObjectOutputStream(os);
-        oOut.writeObject(mc);
-        oOut.flush();
-        oOut.close();
-
-        try
-        {
-            CertificateFactory cFac = CertificateFactory.getInstance("X.509",
-                    "BC");
-            arr = os.toByteArray();
-            is = new ByteArrayInputStream(arr);
-            cFac.generateCertPath(is);
-        }
-        catch (CertificateException e)
-        {
-            // ignore okay
-        }
-
-        CertificateFactory cf = CertificateFactory.getInstance("X.509");
-        List certCol = new ArrayList();
-
-        certCol.add(cf.generateCertificate(new ByteArrayInputStream(certA)));
-        certCol.add(cf.generateCertificate(new ByteArrayInputStream(certB)));
-        certCol.add(cf.generateCertificate(new ByteArrayInputStream(certC)));
-        certCol.add(cf.generateCertificate(new ByteArrayInputStream(certD)));
-
-        CertPathBuilder pathBuilder = CertPathBuilder.getInstance("PKIX", "BC");
-        X509CertSelector select = new X509CertSelector();
-        select.setSubject(((X509Certificate)certCol.get(0)).getSubjectX500Principal().getEncoded());
-
-        Set trustanchors = new HashSet();
-        trustanchors.add(new TrustAnchor((X509Certificate)cf.generateCertificate(new ByteArrayInputStream(rootCertBin)), null));
-
-        CertStore certStore = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certCol));
-
-        PKIXBuilderParameters params = new PKIXBuilderParameters(trustanchors, select);
-        params.addCertStore(certStore);
-
-        try
-        {
-            CertPathBuilderResult result = pathBuilder.build(params);
-            CertPath path = result.getCertPath();
-            fail("found cert path in circular set");
-        }
-        catch (CertPathBuilderException e) 
-        {
-            // expected
-        }
-    }
-    
-    public void performTest()
-        throws Exception
-    {
-        CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
-
-        X509Certificate rootCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(rootCertBin));
-        X509Certificate interCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(interCertBin));
-        X509Certificate finalCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(finalCertBin));
-
-            //Testing CertPath generation from List
-        List list = new ArrayList();
-        list.add(interCert);
-        CertPath certPath1 = cf.generateCertPath(list);
-
-            //Testing CertPath encoding as PkiPath
-        byte[] encoded = certPath1.getEncoded("PkiPath");
-
-            //Testing CertPath generation from InputStream
-        ByteArrayInputStream inStream = new ByteArrayInputStream(encoded);
-        CertPath certPath2 = cf.generateCertPath(inStream, "PkiPath");
-
-            //Comparing both CertPathes
-        if (!certPath2.equals(certPath1))
-        {
-            fail("CertPath differ after encoding and decoding.");
-        }
-
-        encoded = certPath1.getEncoded("PKCS7");
-
-            //Testing CertPath generation from InputStream
-        inStream = new ByteArrayInputStream(encoded);
-        certPath2 = cf.generateCertPath(inStream, "PKCS7");
-
-            //Comparing both CertPathes
-        if (!certPath2.equals(certPath1))
-        {
-            fail("CertPath differ after encoding and decoding.");
-        }
-
-        encoded = certPath1.getEncoded("PEM");
-
-            //Testing CertPath generation from InputStream
-        inStream = new ByteArrayInputStream(encoded);
-        certPath2 = cf.generateCertPath(inStream, "PEM");
-
-            //Comparing both CertPathes
-        if (!certPath2.equals(certPath1))
-        {
-            fail("CertPath differ after encoding and decoding.");
-        }
-
-        //
-        // empty list test
-        //
-        list = new ArrayList();
-
-        CertPath certPath = CertificateFactory.getInstance("X.509","BC").generateCertPath(list);
-        if (certPath.getCertificates().size() != 0)
-        {
-            fail("list wrong size.");
-        }
-
-        //
-        // exception tests
-        //
-        testExceptions();
-    }
-
-    public String getName()
-    {
-        return "CertPath";
-    }
-
-    public static void main(
-        String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new CertPathTest());
-    }
-
-    private static class MyCertificate extends Certificate
-    {
-        private final byte[] encoding;
-
-        public MyCertificate(String type, byte[] encoding)
-        {
-            super(type);
-            // don't copy to allow null parameter in test
-            this.encoding = encoding;
-        }
-
-        public byte[] getEncoded() throws CertificateEncodingException
-        {
-            // do copy to force NPE in test
-            return (byte[])encoding.clone();
-        }
-
-        public void verify(PublicKey key) throws CertificateException,
-                NoSuchAlgorithmException, InvalidKeyException,
-                NoSuchProviderException, SignatureException
-        {
-        }
-
-        public void verify(PublicKey key, String sigProvider)
-                throws CertificateException, NoSuchAlgorithmException,
-                InvalidKeyException, NoSuchProviderException,
-                SignatureException
-        {
-        }
-
-        public String toString()
-        {
-            return "[My test Certificate, type: " + getType() + "]";
-        }
-
-        public PublicKey getPublicKey()
-        {
-            return new PublicKey()
-            {
-                public String getAlgorithm()
-                {
-                    return "TEST";
-                }
-
-                public byte[] getEncoded()
-                {
-                    return new byte[] { (byte)1, (byte)2, (byte)3 };
-                }
-
-                public String getFormat()
-                {
-                    return "TEST_FORMAT";
-                }
-            };
-        }
-    }
-
-    private static class MyCertPath extends CertPath
-    {
-        private final Vector certificates;
-
-        private final Vector encodingNames;
-
-        private final byte[] encoding;
-
-        public MyCertPath(byte[] encoding)
-        {
-            super("MyEncoding");
-            this.encoding = encoding;
-            certificates = new Vector();
-            certificates.add(new MyCertificate("MyEncoding", encoding));
-            encodingNames = new Vector();
-            encodingNames.add("MyEncoding");
-        }
-
-        public List getCertificates()
-        {
-            return Collections.unmodifiableList(certificates);
-        }
-
-        public byte[] getEncoded() throws CertificateEncodingException
-        {
-            return (byte[])encoding.clone();
-        }
-
-        public byte[] getEncoded(String encoding)
-                throws CertificateEncodingException
-        {
-            if (getType().equals(encoding))
-            {
-                return (byte[])this.encoding.clone();
-            }
-            throw new CertificateEncodingException("Encoding not supported: "
-                    + encoding);
-        }
-
-        public Iterator getEncodings()
-        {
-            return Collections.unmodifiableCollection(encodingNames).iterator();
-        }
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CertPathValidatorTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CertPathValidatorTest.java
deleted file mode 100644
index be8416b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CertPathValidatorTest.java
+++ /dev/null

@@ -1,1511 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.math.BigInteger;
-import java.net.InetAddress;
-import java.net.UnknownHostException;
-import java.security.InvalidKeyException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.Principal;
-import java.security.Provider;
-import java.security.PublicKey;
-import java.security.Security;
-import java.security.Signature;
-import java.security.SignatureException;
-import java.security.cert.CertPath;
-import java.security.cert.CertPathValidator;
-import java.security.cert.CertPathValidatorException;
-import java.security.cert.CertStore;
-import java.security.cert.CertStoreParameters;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateExpiredException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.CertificateNotYetValidException;
-import java.security.cert.CertificateParsingException;
-import java.security.cert.CollectionCertStoreParameters;
-import java.security.cert.PKIXBuilderParameters;
-import java.security.cert.PKIXCertPathChecker;
-import java.security.cert.PKIXCertPathValidatorResult;
-import java.security.cert.PKIXParameters;
-import java.security.cert.PolicyNode;
-import java.security.cert.TrustAnchor;
-import java.security.cert.X509CRL;
-import java.security.cert.X509CertSelector;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.Date;
-import java.util.Enumeration;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Set;
-
-import javax.security.auth.x500.X500Principal;
-
-import org.bouncycastle.asn1.ASN1BitString;
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OutputStream;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1String;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERIA5String;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.misc.MiscObjectIdentifiers;
-import org.bouncycastle.asn1.misc.NetscapeCertType;
-import org.bouncycastle.asn1.misc.NetscapeRevocationURL;
-import org.bouncycastle.asn1.misc.VerisignCzagExtension;
-import org.bouncycastle.asn1.util.ASN1Dump;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x500.style.RFC4519Style;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.BasicConstraints;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.KeyUsage;
-import org.bouncycastle.asn1.x509.X509CertificateStructure;
-import org.bouncycastle.asn1.x509.X509Extension;
-import org.bouncycastle.asn1.x509.X509Extensions;
-import org.bouncycastle.jce.X509Principal;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Integers;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class CertPathValidatorTest
-    extends SimpleTest
-{
-    private byte[] AC_PR = Base64.decode(
-        "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlFU1RDQ0F6R2dBd0lC"
-            + "QWdJQkJUQU5CZ2txaGtpRzl3MEJBUVVGQURDQnRERUxNQWtHQTFVRUJoTUNR"
-            + "bEl4DQpFekFSQmdOVkJBb1RDa2xEVUMxQ2NtRnphV3d4UFRBN0JnTlZCQXNU"
-            + "TkVsdWMzUnBkSFYwYnlCT1lXTnBiMjVoDQpiQ0JrWlNCVVpXTnViMnh2WjJs"
-            + "aElHUmhJRWx1Wm05eWJXRmpZVzhnTFNCSlZFa3hFVEFQQmdOVkJBY1RDRUp5"
-            + "DQpZWE5wYkdsaE1Rc3dDUVlEVlFRSUV3SkVSakV4TUM4R0ExVUVBeE1vUVhW"
-            + "MGIzSnBaR0ZrWlNCRFpYSjBhV1pwDQpZMkZrYjNKaElGSmhhWG9nUW5KaGMy"
-            + "bHNaV2x5WVRBZUZ3MHdNakEwTURReE9UTTVNREJhRncwd05UQTBNRFF5DQpN"
-            + "elU1TURCYU1HRXhDekFKQmdOVkJBWVRBa0pTTVJNd0VRWURWUVFLRXdwSlEx"
-            + "QXRRbkpoYzJsc01UMHdPd1lEDQpWUVFERXpSQmRYUnZjbWxrWVdSbElFTmxj"
-            + "blJwWm1sallXUnZjbUVnWkdFZ1VISmxjMmxrWlc1amFXRWdaR0VnDQpVbVZ3"
-            + "ZFdKc2FXTmhNSUlCSWpBTkJna3Foa2lHOXcwQkFRRUZBQU9DQVE4QU1JSUJD"
-            + "Z0tDQVFFQXMwc0t5NGsrDQp6b016aldyMTQxeTVYQ045UGJMZERFQXN2cjZ4"
-            + "Z0NCN1l5bEhIQ1NBYmpGR3dOQ0R5NlVxN1h0VjZ6UHdIMXpGDQpFWENlS3Jm"
-            + "UUl5YXBXSEZ4V1VKajBMblFrY1RZM1FOR1huK0JuVk9EVTZDV3M1c3NoZktH"
-            + "RXZyVlQ1Z214V1NmDQp4OFlsdDgzY1dwUE1QZzg3VDlCaHVIbHQzazh2M2Ev"
-            + "NmRPbmF2dytOYTAyZExBaDBlNzZqcCtQUS9LK0pHZlBuDQphQjVVWURrZkd0"
-            + "em5uTTNBV01tY3VJK0o0ek5OMDZaa3ZnbDFsdEo2UU1qcnZEUFlSak9ndDlT"
-            + "cklpY1NmbEo4DQptVDdHWGRRaXJnQUNXc3g1QURBSklRK253TU1vNHlyTUtx"
-            + "SlFhNFFDMHhhT0QvdkdVcG9SaDQzT0FTZFp3c3YvDQpPWFlybmVJeVAwVCs4"
-            + "UUlEQVFBQm80RzNNSUcwTUQwR0ExVWRId1EyTURRd01xQXdvQzZHTEdoMGRI"
-            + "QTZMeTloDQpZM0poYVhvdWFXTndZbkpoYzJsc0xtZHZkaTVpY2k5TVExSmhZ"
-            + "M0poYVhvdVkzSnNNQklHQTFVZElBUUxNQWt3DQpCd1lGWUV3QkFRRXdIUVlE"
-            + "VlIwT0JCWUVGREpUVFlKNE9TWVB5T09KZkVMZXhDaHppK2hiTUI4R0ExVWRJ"
-            + "d1FZDQpNQmFBRklyNjhWZUVFUk0xa0VMNlYwbFVhUTJreFBBM01BNEdBMVVk"
-            + "RHdFQi93UUVBd0lCQmpBUEJnTlZIUk1CDQpBZjhFQlRBREFRSC9NQTBHQ1Nx"
-            + "R1NJYjNEUUVCQlFVQUE0SUJBUUJRUFNoZ1lidnFjaWV2SDVVb3ZMeXhkbkYr"
-            + "DQpFcjlOeXF1SWNkMnZ3Y0N1SnpKMkQ3WDBUcWhHQ0JmUEpVVkdBVWorS0NP"
-            + "SDFCVkgva1l1OUhsVHB1MGtKWFBwDQpBQlZkb2hJUERqRHhkbjhXcFFSL0Yr"
-            + "ejFDaWtVcldIMDR4eTd1N1p6UUpLSlBuR0loY1FpOElyRm1PYkllMEc3DQpY"
-            + "WTZPTjdPRUZxY21KTFFHWWdtRzFXMklXcytQd1JwWTdENGhLVEFoVjFSNkVv"
-            + "amE1L3BPcmVDL09kZXlQWmVxDQo1SUZTOUZZZk02U0Npd2hrK3l2Q1FHbVo0"
-            + "YzE5SjM0ZjVFYkRrK1NQR2tEK25EQ0E3L3VMUWNUMlJURE14SzBaDQpuZlo2"
-            + "Nm1Sc0ZjcXRGaWdScjVFcmtKZDdoUVV6eHNOV0VrNzJEVUFIcVgvNlNjeWtt"
-            + "SkR2V0plSUpqZlcNCi0tLS0tRU5EIENFUlRJRklDQVRFLS0tLS0NCg==");
-
-    private byte[] AC_RAIZ_ICPBRASIL = Base64.decode(
-        "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlFdURDQ0E2Q2dBd0lC"
-            + "QWdJQkJEQU5CZ2txaGtpRzl3MEJBUVVGQURDQnRERUxNQWtHQTFVRUJoTUNR"
-            + "bEl4DQpFekFSQmdOVkJBb1RDa2xEVUMxQ2NtRnphV3d4UFRBN0JnTlZCQXNU"
-            + "TkVsdWMzUnBkSFYwYnlCT1lXTnBiMjVoDQpiQ0JrWlNCVVpXTnViMnh2WjJs"
-            + "aElHUmhJRWx1Wm05eWJXRmpZVzhnTFNCSlZFa3hFVEFQQmdOVkJBY1RDRUp5"
-            + "DQpZWE5wYkdsaE1Rc3dDUVlEVlFRSUV3SkVSakV4TUM4R0ExVUVBeE1vUVhW"
-            + "MGIzSnBaR0ZrWlNCRFpYSjBhV1pwDQpZMkZrYjNKaElGSmhhWG9nUW5KaGMy"
-            + "bHNaV2x5WVRBZUZ3MHdNVEV4TXpBeE1qVTRNREJhRncweE1URXhNekF5DQpN"
-            + "elU1TURCYU1JRzBNUXN3Q1FZRFZRUUdFd0pDVWpFVE1CRUdBMVVFQ2hNS1NV"
-            + "TlFMVUp5WVhOcGJERTlNRHNHDQpBMVVFQ3hNMFNXNXpkR2wwZFhSdklFNWhZ"
-            + "Mmx2Ym1Gc0lHUmxJRlJsWTI1dmJHOW5hV0VnWkdFZ1NXNW1iM0p0DQpZV05o"
-            + "YnlBdElFbFVTVEVSTUE4R0ExVUVCeE1JUW5KaGMybHNhV0V4Q3pBSkJnTlZC"
-            + "QWdUQWtSR01URXdMd1lEDQpWUVFERXloQmRYUnZjbWxrWVdSbElFTmxjblJw"
-            + "Wm1sallXUnZjbUVnVW1GcGVpQkNjbUZ6YVd4bGFYSmhNSUlCDQpJakFOQmdr"
-            + "cWhraUc5dzBCQVFFRkFBT0NBUThBTUlJQkNnS0NBUUVBd1BNdWR3WC9odm0r"
-            + "VWgyYi9sUUFjSFZBDQppc2FtYUxrV2Rrd1A5L1MvdE9LSWdSckw2T3krWklH"
-            + "bE9VZGQ2dVl0azlNYS8zcFVwZ2NmTkFqMHZZbTVnc3lqDQpRbzllbXNjK3g2"
-            + "bTRWV3drOWlxTVpTQ0s1RVFrQXEvVXQ0bjdLdUxFMStnZGZ0d2RJZ3hmVXNQ"
-            + "dDRDeU5yWTUwDQpRVjU3S00yVVQ4eDVycm16RWpyN1RJQ0dwU1VBbDJnVnFl"
-            + "NnhhaWkrYm1ZUjFRcm1XYUJTQUc1OUxya3Jqcll0DQpiUmhGYm9VRGUxREsr"
-            + "NlQ4czVMNms4Yzhva3BiSHBhOXZlTXp0RFZDOXNQSjYwTVdYaDZhblZLbzFV"
-            + "Y0xjYlVSDQp5RWVOdlpuZVZSS0FBVTZvdXdkakR2d2xzYUt5ZEZLd2VkMFRv"
-            + "UTQ3Ym1VS2djbSt3VjNlVFJrMzZVT25Ud0lEDQpBUUFCbzRIU01JSFBNRTRH"
-            + "QTFVZElBUkhNRVV3UXdZRllFd0JBUUF3T2pBNEJnZ3JCZ0VGQlFjQ0FSWXNh"
-            + "SFIwDQpjRG92TDJGamNtRnBlaTVwWTNCaWNtRnphV3d1WjI5MkxtSnlMMFJR"
-            + "UTJGamNtRnBlaTV3WkdZd1BRWURWUjBmDQpCRFl3TkRBeW9EQ2dMb1lzYUhS"
-            + "MGNEb3ZMMkZqY21GcGVpNXBZM0JpY21GemFXd3VaMjkyTG1KeUwweERVbUZq"
-            + "DQpjbUZwZWk1amNtd3dIUVlEVlIwT0JCWUVGSXI2OFZlRUVSTTFrRUw2VjBs"
-            + "VWFRMmt4UEEzTUE4R0ExVWRFd0VCDQovd1FGTUFNQkFmOHdEZ1lEVlIwUEFR"
-            + "SC9CQVFEQWdFR01BMEdDU3FHU0liM0RRRUJCUVVBQTRJQkFRQVpBNWMxDQpV"
-            + "L2hnSWg2T2NnTEFmaUpnRldwdm1EWldxbFYzMC9iSEZwajhpQm9iSlNtNXVE"
-            + "cHQ3VGlyWWgxVXhlM2ZRYUdsDQpZakplKzl6ZCtpelBSYkJxWFBWUUEzNEVY"
-            + "Y3drNHFwV3VmMWhIcmlXZmRyeDhBY3FTcXI2Q3VRRndTcjc1Rm9zDQpTemx3"
-            + "REFEYTcwbVQ3d1pqQW1RaG5aeDJ4SjZ3ZldsVDlWUWZTLy9KWWVJYzdGdWUy"
-            + "Sk5MZDAwVU9TTU1haUsvDQp0NzllbktOSEVBMmZ1cEgzdkVpZ2Y1RWg0YlZB"
-            + "TjVWb2hyVG02TVk1M3g3WFFaWnIxTUU3YTU1bEZFblNlVDB1DQptbE9BalIy"
-            + "bUFidlNNNVg1b1NaTnJtZXRkenlUajJmbENNOENDN01MYWIwa2tkbmdSSWxV"
-            + "QkdIRjEvUzVubVBiDQpLKzlBNDZzZDMzb3FLOG44DQotLS0tLUVORCBDRVJU"
-            + "SUZJQ0FURS0tLS0tDQo=");
-
-    private byte[] schefer = Base64.decode(
-        "MIIEnDCCBAWgAwIBAgICIPAwDQYJKoZIhvcNAQEEBQAwgcAxCzAJBgNVBAYT"
-            + "AkRFMQ8wDQYDVQQIEwZIRVNTRU4xGDAWBgNVBAcTDzY1MDA4IFdpZXNiYWRl"
-            + "bjEaMBgGA1UEChMRU0NIVUZBIEhPTERJTkcgQUcxGjAYBgNVBAsTEVNDSFVG"
-            + "QSBIT0xESU5HIEFHMSIwIAYDVQQDExlJbnRlcm5ldCBCZW51dHplciBTZXJ2"
-            + "aWNlMSowKAYJKoZIhvcNAQkBFht6ZXJ0aWZpa2F0QHNjaHVmYS1vbmxpbmUu"
-            + "ZGUwHhcNMDQwMzMwMTEwODAzWhcNMDUwMzMwMTEwODAzWjCBnTELMAkGA1UE"
-            + "BhMCREUxCjAIBgNVBAcTASAxIzAhBgNVBAoTGlNIUyBJbmZvcm1hdGlvbnNz"
-            + "eXN0ZW1lIEFHMRwwGgYDVQQLExM2MDAvMDU5NDktNjAwLzA1OTQ5MRgwFgYD"
-            + "VQQDEw9TY2hldHRlciBTdGVmYW4xJTAjBgkqhkiG9w0BCQEWFlN0ZWZhbi5T"
-            + "Y2hldHRlckBzaHMuZGUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJD0"
-            + "95Bi76fkAMjJNTGPDiLPHmZXNsmakngDeS0juzKMeJA+TjXFouhYh6QyE4Bl"
-            + "Nf18fT4mInlgLefwf4t6meIWbiseeTo7VQdM+YrbXERMx2uHsRcgZMsiMYHM"
-            + "kVfYMK3SMJ4nhCmZxrBkoTRed4gXzVA1AA8YjjTqMyyjvt4TAgMBAAGjggHE"
-            + "MIIBwDAJBgNVHRMEAjAAMBEGCWCGSAGG+EIBAQQEAwIEsDALBgNVHQ8EBAMC"
-            + "BNAwOQYJYIZIAYb4QgENBCwWKlplcnRpZmlrYXQgbnVyIGZ1ZXIgU0NIVUZB"
-            + "LU9ubGluZSBndWVsdGlnLjAdBgNVHQ4EFgQUXReirhBfg0Yhf6MsBWoo/nPa"
-            + "hGwwge0GA1UdIwSB5TCB4oAUf2UyCaBV9JUeG9lS1Yo6OFBUdEKhgcakgcMw"
-            + "gcAxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIEwZIRVNTRU4xGDAWBgNVBAcTDzY1"
-            + "MDA4IFdpZXNiYWRlbjEaMBgGA1UEChMRU0NIVUZBIEhPTERJTkcgQUcxGjAY"
-            + "BgNVBAsTEVNDSFVGQSBIT0xESU5HIEFHMSIwIAYDVQQDExlJbnRlcm5ldCBC"
-            + "ZW51dHplciBTZXJ2aWNlMSowKAYJKoZIhvcNAQkBFht6ZXJ0aWZpa2F0QHNj"
-            + "aHVmYS1vbmxpbmUuZGWCAQAwIQYDVR0RBBowGIEWU3RlZmFuLlNjaGV0dGVy"
-            + "QHNocy5kZTAmBgNVHRIEHzAdgRt6ZXJ0aWZpa2F0QHNjaHVmYS1vbmxpbmUu"
-            + "ZGUwDQYJKoZIhvcNAQEEBQADgYEAWzZtN9XQ9uyrFXqSy3hViYwV751+XZr0"
-            + "YH5IFhIS+9ixNAu8orP3bxqTaMhpwoU7T/oSsyGGSkb3fhzclgUADbA2lrOI"
-            + "GkeB/m+FArTwRbwpqhCNTwZywOp0eDosgPjCX1t53BB/m/2EYkRiYdDGsot0"
-            + "kQPOVGSjQSQ4+/D+TM8=");
-
-    // circular dependency certificates
-    private static final byte[] circCA = Base64.decode(
-        "MIIDTzCCAjegAwIBAgIDARAAMA0GCSqGSIb3DQEBBQUAMDkxCzAJBgNVBAYT"
-            + "AkZSMRAwDgYDVQQKEwdHSVAtQ1BTMRgwFgYDVQQLEw9HSVAtQ1BTIEFOT05Z"
-            + "TUUwHhcNMDQxMDExMDAwMDAxWhcNMTQxMjMxMjM1OTU5WjA5MQswCQYDVQQG"
-            + "EwJGUjEQMA4GA1UEChMHR0lQLUNQUzEYMBYGA1UECxMPR0lQLUNQUyBBTk9O"
-            + "WU1FMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3WyWDwcM58aU"
-            + "hPX4ueI1mwETt3WdQtMfIdRiCXeBrjCkYCc7nIgCmGbnfTzXSplHRgKColWh"
-            + "q/Z+1rHYayje1gjAEU2+4/r1P2pnBmPgquDuguktCIbDtCcGZu0ylyKeHh37"
-            + "aeIKzkcmRSLRzvGf/eO3RdFksrvaPaSjqCVfGRXVDKK2uftE8rIFJE+bCqow"
-            + "6+WiaAaDDiJaSJPuu5hC1NA5jw0/BFodlCuAvl1GJ8A+TICkYWcSpKS9bkSC"
-            + "0i8xdGbSSk94shA1PdDvRdFMfFys8g4aupBXV8yqqEAUkBYmOtZSJckc3W4y"
-            + "2Gx53y7vY07Xh63mcgtJs2T82WJICwIDAQABo2AwXjAdBgNVHQ4EFgQU8c/P"
-            + "NNJaL0srd9SwHwgtvwPB/3cwDgYDVR0PAQH/BAQDAgIEMBkGA1UdIAQSMBAw"
-            + "DgYMKoF6AUcDBwgAAAABMBIGA1UdEwEB/wQIMAYBAf8CAQEwDQYJKoZIhvcN"
-            + "AQEFBQADggEBAHRjYDPJKlfUzID0YzajZpgR/i2ngJrJqYeaWCmwzBgNUPad"
-            + "uBKSGHmPVg21sfULMSnirnR+e90i/D0EVzLwQzcbjPDD/85rp9QDCeMxqqPe"
-            + "9ZCHGs2BpE/HOQMP0QfQ3/Kpk7SvOH/ZcpIf6+uE6lLBQYAGs5cxvtTGOzZk"
-            + "jCVFG+TrAnF4V5sNkn3maCWiYLmyqcnxtKEFSONy2bYqqudx/dBBlRrDbRfZ"
-            + "9XsCBdiXAHY1hFHldbfDs8rslmkXJi3fJC028HZYB6oiBX/JE7BbMk7bRnUf"
-            + "HSpP7Sjxeso2SY7Yit+hQDVAlqTDGmh6kLt/hQMpsOMry4vgBL6XHKw=");
-
-    private static final byte[] circCRLCA = Base64.decode(
-        "MIIDXDCCAkSgAwIBAgIDASAAMA0GCSqGSIb3DQEBBQUAMDkxCzAJBgNVBAYT"
-            + "AkZSMRAwDgYDVQQKEwdHSVAtQ1BTMRgwFgYDVQQLEw9HSVAtQ1BTIEFOT05Z"
-            + "TUUwHhcNMDQxMDExMDAwMDAxWhcNMTQxMjMxMjM1OTU5WjA5MQswCQYDVQQG"
-            + "EwJGUjEQMA4GA1UEChMHR0lQLUNQUzEYMBYGA1UECxMPR0lQLUNQUyBBTk9O"
-            + "WU1FMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfEcFK0g7Kfo"
-            + "o5f2IBF7VEd/AG+RVGSds0Yg+u2kNYu4k04HR/+tOdBQtJvyr4W5jrQKsC5X"
-            + "skeFWMyWaFKzAjZDWB52HWp/kiMivGcxnYDuYf5piukSC+d2+vL8YaAphDzV"
-            + "HPnxEKqoM/J66uUussDTqfcL3JC/Bc7kBwn4srrsZOsamMWTQQtEqVQxNN7A"
-            + "ROSRsdiTt3hMOKditc9/NBNmjZWxgc7Twr/SaZ8CfN5wf2wuOl23knWL0QsJ"
-            + "0lSMBSBTzTcfAke4/jIT7d4nVMp3t7dsna8rt56pFK4wpRFGuCt+1P5gi51x"
-            + "xVSdI+JoNXv6zGO4o8YVaRpC5rQeGQIDAQABo20wazAfBgNVHSMEGDAWgBTx"
-            + "z8800lovSyt31LAfCC2/A8H/dzAdBgNVHQ4EFgQUGa3SbBrJx/wa2MQwhWPl"
-            + "dwLw1+IwDgYDVR0PAQH/BAQDAgECMBkGA1UdIAQSMBAwDgYMKoF6AUcDBwgA"
-            + "AAABMA0GCSqGSIb3DQEBBQUAA4IBAQAPDpYe2WPYnXTLsXSIUREBNMLmg+/7"
-            + "4Yhq9uOm5Hb5LVkDuHoEHGfmpXXEvucx5Ehu69hw+F4YSrd9wPjOiG8G6GXi"
-            + "RcrK8nE8XDvvV+E1HpJ7NKN4fSAoSb+0gliiq3aF15bvXP8nfespdd/x1xWQ"
-            + "mpYCx/mJeuqONQv2/D/7hfRKYoDBaAkWGodenPFPVs6FxwnEuH2R+KWCUdA9"
-            + "L04v8JBeL3kZiALkU7+DCCm7A0imUAgeeArbAbfIPu6eDygm+XndZ9qi7o4O"
-            + "AntPxrqbeXFIbDrQ4GV1kpxnW+XpSGDd96SWKe715gxkkDBppR5IKYJwRb6O"
-            + "1TRQIf2F+muQ");
-
-    private static final byte[] circCRL = Base64.decode(
-        "MIIB1DCBvQIBATANBgkqhkiG9w0BAQUFADA5MQswCQYDVQQGEwJGUjEQMA4G"
-            + "A1UEChMHR0lQLUNQUzEYMBYGA1UECxMPR0lQLUNQUyBBTk9OWU1FFw0xMDAx"
-            + "MDcwMzAwMTVaFw0xMDAxMTMwMzAwMTVaMACgTjBMMB8GA1UdIwQYMBaAFBmt"
-            + "0mwaycf8GtjEMIVj5XcC8NfiMAsGA1UdFAQEAgILgzAcBgNVHRIEFTATgRFh"
-            + "Yy1naXBAZ2lwLWNwcy5mcjANBgkqhkiG9w0BAQUFAAOCAQEAtF1DdFl1MQvf"
-            + "vNkbrCPuppNYcHen4+za/ZDepKuwHsH/OpKuaDJc4LndRgd5IwzfpCHkQGzt"
-            + "shK50bakN8oaYJgthKIOIJzR+fn6NMjftfR2a27Hdk2o3eQXRHQ360qMbpSy"
-            + "qPb3WfuBhxO2/DlLChJP+OxZIHtT/rNYgE0tlIv7swYi81Gq+DafzaZ9+A5t"
-            + "I0L2Gp/NUDsp5dF6PllAGiXQzl27qkcu+r50w+u0gul3nobXgbwPcMSYuWUz"
-            + "1lhA+uDn/EUWV4RSiJciCGSS10WCkFh1/YPo++mV15KDB0m+8chscrSu/bAl"
-            + "B19LxL/pCX3qr5iLE9ss3olVImyFZg==");
-
-    private void checkCircProcessing()
-        throws Exception
-    {
-        CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
-
-        X509Certificate caCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(circCA));
-        X509Certificate crlCaCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(circCRLCA));
-        X509CRL crl = (X509CRL)cf.generateCRL(new ByteArrayInputStream(circCRL));
-
-        List list = new ArrayList();
-
-        list.add(caCert);
-        list.add(crlCaCert);
-        list.add(crl);
-
-        CertStoreParameters ccsp = new CollectionCertStoreParameters(list);
-        CertStore store = CertStore.getInstance("Collection", ccsp);
-
-        Date validDate = new Date(crl.getThisUpdate().getTime() + 60 * 60 * 1000);
-
-        //validating path
-        List certchain = new ArrayList();
-
-        certchain.add(crlCaCert);
-        CertPath cp = CertificateFactory.getInstance("X.509", "BC").generateCertPath(certchain);
-
-        Set trust = new HashSet();
-        trust.add(new TrustAnchor(caCert, null));
-
-        CertPathValidator cpv = CertPathValidator.getInstance("PKIX", "BC");
-        //PKIXParameters param = new PKIXParameters(trust);
-
-        PKIXBuilderParameters param = new PKIXBuilderParameters(trust, null);
-        X509CertSelector certSelector = new X509CertSelector();
-        certSelector.setCertificate(crlCaCert);
-        param.setTargetCertConstraints(certSelector);
-        param.addCertStore(store);
-        param.setRevocationEnabled(true);
-        param.setDate(validDate);
-
-        PKIXCertPathValidatorResult result = (PKIXCertPathValidatorResult)cpv.validate(cp, param);
-    }
-
-    private void checkPolicyProcessingAtDomainMatch()
-        throws Exception
-    {
-        CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
-
-        X509Certificate root = (X509Certificate)cf.generateCertificate(this.getClass().getResourceAsStream("qvRooCa3.crt"));
-        X509Certificate ca1 = (X509Certificate)cf.generateCertificate(this.getClass().getResourceAsStream("suvaRoot1.crt"));
-        X509Certificate ca2 = (X509Certificate)cf.generateCertificate(this.getClass().getResourceAsStream("suvaEmail1.crt"));
-        X509Certificate ee = (X509Certificate)cf.generateCertificate(this.getClass().getResourceAsStream("suvaEE.crt"));
-
-        List certchain = new ArrayList();
-        certchain.add(ee);
-        certchain.add(ca2);
-        certchain.add(ca1);
-
-        Set trust = new HashSet();
-        trust.add(new TrustAnchor(root, null));
-
-        CertPathValidator cpv = CertPathValidator.getInstance("PKIX", "BC");
-        PKIXParameters param = new PKIXParameters(trust);
-        param.setRevocationEnabled(false);
-        param.setDate(new Date(0x156445410b4L)); // around 1st August 2016
-
-        CertPath cp = cf.generateCertPath(certchain);
-
-        MyChecker checker = new MyChecker();
-        param.addCertPathChecker(checker);
-
-        PKIXCertPathValidatorResult result =
-            (PKIXCertPathValidatorResult)cpv.validate(cp, param);
-    }
-
-    public void testEmptyPath()
-        throws Exception
-    {
-        CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
-        X509Certificate rootCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(CertPathTest.rootCertBin));
-
-        List list = new ArrayList();
-        list.add(rootCert);
-        CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
-        CertStore store = CertStore.getInstance("Collection", ccsp, "BC");
-
-        List certchain = new ArrayList();
-        CertPath cp = CertificateFactory.getInstance("X.509", "BC").generateCertPath(certchain);
-        Set trust = new HashSet();
-        trust.add(new TrustAnchor(rootCert, null));
-
-        CertPathValidator cpv = CertPathValidator.getInstance("PKIX", "BC");
-        PKIXParameters param = new PKIXParameters(trust);
-        param.addCertStore(store);
-        MyChecker checker = new MyChecker();
-        param.addCertPathChecker(checker);
-
-        try
-        {
-            cpv.validate(cp, param);
-        }
-        catch (CertPathValidatorException e)
-        {
-            if (!"Certification path is empty.".equals(e.getMessage()))
-            {
-                fail("message mismatch");
-            }
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
-
-        // initialise CertStore
-        X509Certificate rootCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(CertPathTest.rootCertBin));
-        X509Certificate interCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(CertPathTest.interCertBin));
-        X509Certificate finalCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(CertPathTest.finalCertBin));
-        X509CRL rootCrl = (X509CRL)cf.generateCRL(new ByteArrayInputStream(CertPathTest.rootCrlBin));
-        X509CRL interCrl = (X509CRL)cf.generateCRL(new ByteArrayInputStream(CertPathTest.interCrlBin));
-        List list = new ArrayList();
-        list.add(rootCert);
-        list.add(interCert);
-        list.add(finalCert);
-        list.add(rootCrl);
-        list.add(interCrl);
-        CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
-        CertStore store = CertStore.getInstance("Collection", ccsp, "BC");
-        Date validDate = new Date(rootCrl.getThisUpdate().getTime() + 60 * 60 * 1000);
-        //validating path
-        List certchain = new ArrayList();
-        certchain.add(finalCert);
-        certchain.add(interCert);
-      
-        CertPath cp = CertificateFactory.getInstance("X.509", "BC").generateCertPath(certchain);
-        Set trust = new HashSet();
-        trust.add(new TrustAnchor(rootCert, null));
-
-        CertPathValidator cpv = CertPathValidator.getInstance("PKIX", "BC");
-        PKIXParameters param = new PKIXParameters(trust);
-        param.addCertStore(store);
-        param.setDate(validDate);
-        MyChecker checker = new MyChecker();
-        param.addCertPathChecker(checker);
-
-        PKIXCertPathValidatorResult result =
-            (PKIXCertPathValidatorResult)cpv.validate(cp, param);
-        PolicyNode policyTree = result.getPolicyTree();
-        PublicKey subjectPublicKey = result.getPublicKey();
-
-        if (checker.getCount() != 2)
-        {
-            fail("checker not evaluated for each certificate");
-        }
-
-        if (!subjectPublicKey.equals(finalCert.getPublicKey()))
-        {
-            fail("wrong public key returned");
-        }
-
-        isTrue(result.getTrustAnchor().getTrustedCert().equals(rootCert));
-
-        // try a path with trust anchor included.
-        certchain.clear();
-        certchain.add(finalCert);
-        certchain.add(interCert);
-        certchain.add(rootCert);
-
-        cp = CertificateFactory.getInstance("X.509", "BC").generateCertPath(certchain);
-
-        cpv = CertPathValidator.getInstance("PKIX", "BC");
-        param = new PKIXParameters(trust);
-        param.addCertStore(store);
-        param.setDate(validDate);
-
-        result = (PKIXCertPathValidatorResult)cpv.validate(cp, param);
-
-        isTrue(result.getTrustAnchor().getTrustedCert().equals(rootCert));
-        
-        //
-        // invalid path containing a valid one test
-        //
-        try
-        {
-            // initialise CertStore
-            rootCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(AC_RAIZ_ICPBRASIL));
-            interCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(AC_PR));
-            finalCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(schefer));
-
-            list = new ArrayList();
-            list.add(rootCert);
-            list.add(interCert);
-            list.add(finalCert);
-
-            ccsp = new CollectionCertStoreParameters(list);
-            store = CertStore.getInstance("Collection", ccsp);
-            validDate = new Date(finalCert.getNotBefore().getTime() + 60 * 60 * 1000);
-
-            //validating path
-            certchain = new ArrayList();
-            certchain.add(finalCert);
-            certchain.add(interCert);
-     
-            cp = CertificateFactory.getInstance("X.509", "BC").generateCertPath(certchain);
-            trust = new HashSet();
-            trust.add(new TrustAnchor(rootCert, null));
-
-            cpv = CertPathValidator.getInstance("PKIX", "BC");
-            param = new PKIXParameters(trust);
-            param.addCertStore(store);
-            param.setRevocationEnabled(false);
-            param.setDate(validDate);
-
-            result = (PKIXCertPathValidatorResult)cpv.validate(cp, param);
-            policyTree = result.getPolicyTree();
-            subjectPublicKey = result.getPublicKey();
-
-            fail("Invalid path validated");
-        }
-        catch (Exception e)
-        {
-            if (!(e instanceof CertPathValidatorException
-                && e.getMessage().startsWith("Could not validate certificate signature.")))
-            {
-                fail("unexpected exception", e);
-            }
-        }
-
-        checkCircProcessing();
-        checkPolicyProcessingAtDomainMatch();
-        validateWithExtendedKeyUsage();
-        testEmptyPath();
-        checkInvalidCertPath();
-    }
-
-    // extended key usage chain
-    static byte[] extEE = Base64.decode("MIICtDCCAh2gAwIBAgIBAzANBgkqhkiG9w0BAQUFADCBkjELMAkGA1UEBhMCQVUxKDAmBgNVBAoMH1RoZSBMZWdpb24gb2YgdGhlIEJvdW5jeSBDYXN0bGUxKDAmBgNVBAsMH0JvdW5jeSBJbnRlcm1lZGlhdGUgQ2VydGlmaWNhdGUxLzAtBgkqhkiG9w0BCQEWIGZlZWRiYWNrLWNyeXB0b0Bib3VuY3ljYXN0bGUub3JnMB4XDTE1MDMyNDAzNTEwOVoXDTE1MDUyMzAzNTEwOVowgZYxCzAJBgNVBAYTAkFVMSgwJgYDVQQKDB9UaGUgTGVnaW9uIG9mIHRoZSBCb3VuY3kgQ2FzdGxlMRIwEAYDVQQHDAlNZWxib3VybmUxGDAWBgNVBAMMD0VyaWMgSC4gRWNoaWRuYTEvMC0GCSqGSIb3DQEJARYgZmVlZGJhY2stY3J5cHRvQGJvdW5jeWNhc3RsZS5vcmcwWjANBgkqhkiG9w0BAQEFAANJADBGAkEAtKfkYXBXTxapcIKyK+WLaipil5hBm+EocqS9umJs+umQD3ar+xITnc5d5WVk+rK2VDFloEDGBoh0IOM9ke1+1wIBEaNaMFgwHQYDVR0OBBYEFNBs7G01g7xVEhsMyz7+1yamFmRoMB8GA1UdIwQYMBaAFJQIM28yQPeHN9rRIKrtLqduyckeMBYGA1UdJQEB/wQMMAoGCCsGAQUFBwMDMA0GCSqGSIb3DQEBBQUAA4GBAICrsNswvaXFMreUHHRHrhU4QqPOds8XJe0INx3v/5TfyjPPDMihMEm8WtWbVpFgFAqUQoZscf8cE/SO5375unYFgxrK+p2/je9E82VLF4Xb0cWizjQoWvvTmvFYjt43cGGXgySFLTrW87ju9uNFr/l4W9xvI0hoLI96vEW7Ccho");
-    static byte[] extCA = Base64.decode("MIIDIzCCAoygAwIBAgIBAjANBgkqhkiG9w0BAQUFADBcMQswCQYDVQQGEwJBVTEoMCYGA1UECgwfVGhlIExlZ2lvbiBvZiB0aGUgQm91bmN5IENhc3RsZTEjMCEGA1UECwwaQm91bmN5IFByaW1hcnkgQ2VydGlmaWNhdGUwHhcNMTUwMzI0MDM1MTA5WhcNMTUwNTIzMDM1MTA5WjCBkjELMAkGA1UEBhMCQVUxKDAmBgNVBAoMH1RoZSBMZWdpb24gb2YgdGhlIEJvdW5jeSBDYXN0bGUxKDAmBgNVBAsMH0JvdW5jeSBJbnRlcm1lZGlhdGUgQ2VydGlmaWNhdGUxLzAtBgkqhkiG9w0BCQEWIGZlZWRiYWNrLWNyeXB0b0Bib3VuY3ljYXN0bGUub3JnMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCN4NETxec2lpyNKwR6JD+P4Y7a1kzenoQtNmkjDKSG98/d4fjuxU0ZBf/wSsyF5hCT4YDK3GzqQH8ZPUS7DpRJuNu0l4TNnjYmDDngapRymZeMbtgwByTohxmM/t4g8/veZY+ivQeL6Uajkr00nytJxIbiDEBViOMGcGyQFzCOaQIDAP//o4G9MIG6MB0GA1UdDgQWBBSUCDNvMkD3hzfa0SCq7S6nbsnJHjCBhAYDVR0jBH0we4AUwDYZB63EiJeoXnJvawnr5ebxKVyhYKReMFwxCzAJBgNVBAYTAkFVMSgwJgYDVQQKDB9UaGUgTGVnaW9uIG9mIHRoZSBCb3VuY3kgQ2FzdGxlMSMwIQYDVQQLDBpCb3VuY3kgUHJpbWFyeSBDZXJ0aWZpY2F0ZYIBATASBgNVHRMBAf8ECDAGAQH/AgEAMA0GCSqGSIb3DQEBBQUAA4GBAJqUlDjse7Og+7qkkFsiXHzQ8FxT82hzfcji8W7bPwZddCPBEluxCJiJBPYXWsLvwo6BEmCDzT9lLQZ+QZyL1fVbOVHiI24hAalbEBEIrEO4GXMD9spqRQ5yoTJ8CgZHTPo0rJkH/ebprp0YHtahVF440zBOvuLM0QTYpERgO2Oe");
-    static byte[] extTrust = Base64.decode("MIICJTCCAY4CAQEwDQYJKoZIhvcNAQEFBQAwXDELMAkGA1UEBhMCQVUxKDAmBgNVBAoMH1RoZSBMZWdpb24gb2YgdGhlIEJvdW5jeSBDYXN0bGUxIzAhBgNVBAsMGkJvdW5jeSBQcmltYXJ5IENlcnRpZmljYXRlMB4XDTE1MDMyNDAzNTEwOVoXDTE1MDUyMzAzNTEwOVowXDELMAkGA1UEBhMCQVUxKDAmBgNVBAoMH1RoZSBMZWdpb24gb2YgdGhlIEJvdW5jeSBDYXN0bGUxIzAhBgNVBAsMGkJvdW5jeSBQcmltYXJ5IENlcnRpZmljYXRlMIGdMA0GCSqGSIb3DQEBAQUAA4GLADCBhwKBgQCyWdLW5ienaMlL42Fkwtn8edl6q5JTFA5b8XdRGXcx1vdUDSUJ57n/7gpwpuJtVuktLt1/hauoVgC2kInzX2vb88KY4FhCU12fBk5rA5HLfTBuCi0gxN+057SalkC96ibBCtacPwUAfOJRPO5Ez+AZmOYrbDY30/wDkQebJu421QIBETANBgkqhkiG9w0BAQUFAAOBgQCDNfqQnQbbmnGzZTl7ccWIyw7SPzWnijpKsQpuRNGkoXfkCcuQLZudytEFZGEL0cycNBnierjJWAn78zGpCQtab01r1GwytRMYz8qO5IIrhsJ4XNafNypYZbi0WtPa07UCQp8tipMbfQNLzSkvkIAaD5IfhdaWKLrSQJwmGg7YAg==");
-
-    private void validateWithExtendedKeyUsage()
-        throws Exception
-    {
-        CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
-
-        X509Certificate rootCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(extTrust));
-        X509Certificate interCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(extCA));
-        X509Certificate finalCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(extEE));
-
-        List list = new ArrayList();
-        list.add(rootCert);
-        list.add(interCert);
-        list.add(finalCert);
-
-        CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
-        CertStore store = CertStore.getInstance("Collection", ccsp, "BC");
-        Date validDate = new Date(rootCert.getNotBefore().getTime() + 60 * 60 * 1000);
-        //validating path
-        List certchain = new ArrayList();
-        certchain.add(finalCert);
-        certchain.add(interCert);
-        CertPath cp = CertificateFactory.getInstance("X.509", "BC").generateCertPath(certchain);
-        Set trust = new HashSet();
-        trust.add(new TrustAnchor(rootCert, null));
-
-        CertPathValidator cpv = CertPathValidator.getInstance("PKIX", "BC");
-        PKIXParameters param = new PKIXParameters(trust);
-        param.addCertStore(store);
-        param.setDate(validDate);
-        param.setRevocationEnabled(false);
-
-        PKIXCertPathValidatorResult result = (PKIXCertPathValidatorResult)cpv.validate(cp, param);
-    }
-
-    // invalid EE certificate
-    static byte[] extInvEE = Base64.decode("MIICJjCCAY+gAwIBAAIGAV3Y0TnDMA0GCSqGSIb3DQEBCwUAMBExDzANBgNVBAMMBktQMSBDQTAeFw0xNzA4MTIyMzM5MzJaFw0xNzA4MTMwMDA5MzdaMBExDzANBgNVBAMMBktQMSBFRTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuOcqkp2+HBCuwRDwfR7kkUYXMdhScDG8m6A3Af6hpG86nAimNoVIQe3REaQ6IO0XSdd13rjjRwIXsUFLsrQhQJczF5JeyWXcaYqZyNNbUwFuLeSqOsLS63ltjOJYqOJRxY03Cr//baGWvxGXcRvHoZkg1nEXPcMZhgsy/9JxVoUCAwEAAaOBiDCBhTBABgNVHSMEOTA3gBSPMqzNmTdyjQmr9W1TSDW1h0ZzFaEXpBUwEzERMA8GA1UEAwwIS1AxIFJPT1SCBgFd2NE5wjAdBgNVHQ4EFgQUC1rtYrQdQkA3CLTeV1kbVIdysKQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADgYEAGr841G7E84Ow9+fFGW1zzXeTRfxsafdT/bHXCS75bjF2YPitKLcRLkm92VPxANRXIpmt++3iU/oduWqkLsfXnfTGmCwtjj/XrCvkCBQ4GONwmegltJEThMud0XOEB1UN6tfTINfLYpbyfOdE/wLy4Rte0t43aOTTOBo+/SapYOE=");
-    static byte[] extInvCA = Base64.decode("MIICKDCCAZGgAwIBAgIGAV3Y0TnCMA0GCSqGSIb3DQEBCwUAMBMxETAPBgNVBAMMCEtQMSBST09UMB4XDTE3MDgxMjIzMzkzMloXDTE3MDgxMzAwMDkzN1owETEPMA0GA1UEAwwGS1AxIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC7Qd/cTP5S0GoPcomcZU5QlJcb1uWydvmQx3U6p4/KOZBhk6JXQeSzT8QZ/gd+9vfosA62SEX+dq7MvxxzeERxdIsVU0zZ1TrYNxlQjnYXiYRVXBczowsxseQ9oSGD94Y4buhrMAltmIHijdzGRVMY41FZmWqNXqsEwQXj6ULX+QIDAQABo4GIMIGFMEAGA1UdIwQ5MDeAFAbfd2S3aiwFww3/0ocLa6ULQjJMoRekFTATMREwDwYDVQQDDAhLUDEgUk9PVIIGAV3Y0TnBMB0GA1UdDgQWBBSPMqzNmTdyjQmr9W1TSDW1h0ZzFTASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOBgQCnmxQYy6LnvRSMxkTsGIQa4LB51O8skbWc4KYVDfcvTYQuvn6rE/ZoYf82jKXJzXksffanfjn/b38l4l8hwAcBQ8we9yjCkjO8OVDUlYiSGYUhH2ZJrl2+K2Z6wpakZ9Lz3pZ/PSS1FIsVd4I1jkexAdAm1+uMlfWXVt/uTZx98w==");
-    static byte[] extInvTrust = Base64.decode("MIIBmjCCAQMCBgFd2NE5wTANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDDAhLUDEgUk9PVDAeFw0xNzA4MTIyMzM5MzJaFw0xNzA4MTMwMDA5MzdaMBMxETAPBgNVBAMMCEtQMSBST09UMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC8U3p6Y9ah0yQ58wpI3H6vQPMdhN6Hh+zuiNzwX3AIpEspUFTfqXJ6EIhqh/EraDnLnoFBajzihwS1y6a+ZyXYKa5pxbFsslmzms+ozcTaJ4mSMiC+DHbGYdOAEzwx2nsEt7UKyrlnl5h2kQFusUPmnXXEorIxhpS2Lul+zEBo1wIDAQABMA0GCSqGSIb3DQEBCwUAA4GBABClwXaJ8S66GmeySf1thOPc1GxIHuubezIjcBbECLZQqn7iwuzp+eft1vtnqNP7BWM1xBZkSe+/2xUsArc1rb1ffZHF3k92+WLbpDh3+NsQIod/91HRWUuu/S2g9oMK4b7BH8JrmBgy3ewtpNZwOaKF613GPCeGv3ya5Z24vBu+");
-
-    static byte[] extInvV2Trust = Base64.decode("MIIBmjCCAQMCBgFd2NhVgTANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDDAhLUDEgUk9PVDAeFw0xNzA4MTIyMzQ3MThaFw0xNzA4MTMwMDE3MjNaMBMxETAPBgNVBAMMCEtQMSBST09UMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCQaASWM5avAAJ57eHQ2zQ0k/mAiYSOkRKDLEzptDPYfzuQtTdAlBPn7tsYx+Ylge4YQwtx5bQZbc3apinBK9tn+c++go0kUF1cec2bacYyFokSP2r48j6ZhlY4MYGfrvfWHULrG2JL2BMeuZVP+wiqXktXCEKVG1fh1m6RY0TJPwIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAC9mXO2i2vltBZZa7RMkizvhzhsehDHbEqvJd2aoWE9JG4sDo2tiIVN5vbq9EWLZVga3ejFzmQ+FI1Ty0xX3fwDgvUyxsveGTs40xwA9TEgVk1KNTQQs+sLE9rRB7L0giKn2DDmHFsOPL1KwxdzqD7vYhJr5av3eAsJpMxF+Anyg");
-    static byte[] extInvV2CA = Base64.decode("MIICKDCCAZGgAwIBAgIGAV3Y2FWCMA0GCSqGSIb3DQEBCwUAMBMxETAPBgNVBAMMCEtQMSBST09UMB4XDTE3MDgxMjIzNDcxOFoXDTE3MDgxMzAwMTcyM1owETEPMA0GA1UEAwwGS1AxIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCgb8h3h9d/FzhIc+PMbF0vwdiDKw7N3dNyY6TrmzCMC1mYDXSKmxxDwNKZCKj6VSNfbTDqxYKlZMoGVT8Cl/iE/+XEhOKYLv73rzTqzdMizqcQTCvwps1enGxI5wPBYKGCMWrpJui5RWV9wH6hMvmzSSZq7bdWTvc/pIltCpIj8wIDAQABo4GIMIGFMEAGA1UdIwQ5MDeAFMOcs/uWpVOkGRQJrVIp6cN6tCJQoRekFTATMREwDwYDVQQDDAhLUDEgUk9PVIIGAV3Y2FWBMB0GA1UdDgQWBBTsZ2B5JbgKm9/up2hOcYVyOaM1SjASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOBgQBI8J1bKh/e+uEZtfngKMADS1PSHztAPFFKXgeIfYeJDRznnamtbheensdxrA+aoriJbJfHxmjecr4xA8+s0uN9GPtQ3+ad1K5Sg6mfzsXtNPf3xa9y0pIWOGZavr1s/QugoPLQxEiuHrvkHX5+sZlx47KoBQJ8LBRmJydeSvxz1g==");
-    static byte[] extInvV2EE = Base64.decode("MIICJjCCAY+gAwIBAQIGAV3Y2FWDMA0GCSqGSIb3DQEBCwUAMBExDzANBgNVBAMMBktQMSBDQTAeFw0xNzA4MTIyMzQ3MThaFw0xNzA4MTMwMDE3MjNaMBExDzANBgNVBAMMBktQMSBFRTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAzWXxtMpnjz8Q1qTdwpB66W2D0vEHhqow2PTsvfQdENL4AFESE1C7Cj3lLBTei1vRHCnpM0jdNghBW8k/u2b2tqeeWLBqwul0tEGbjtUwkYV2WgtTGmiYZZFfMH35HIvqlZMwIIdZqz4lEdkPiAPEUOELvycpVDFnWjF0qah5LqsCAwEAAaOBiDCBhTBABgNVHSMEOTA3gBTsZ2B5JbgKm9/up2hOcYVyOaM1SqEXpBUwEzERMA8GA1UEAwwIS1AxIFJPT1SCBgFd2NhVgjAdBgNVHQ4EFgQUfeKdn63Gmlkub8m8bwjqJook5ywwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADgYEAco35KYLE683l53J6V1q2tcMV3EpM39tifkL7Kl38oX9d3SGiKkEO6YFeQekRyto0Z91mPq7Pe/oOfDrfsY3r9KX7oqnhOKBnnR/58atM9udVLvuLfCJpxiroAldSkhRKvHG5MrFwZyDcVkTZF4GDrP6bojp32wVfU5EYkfwcJN8=");
-
-    static byte[] extInvVersionTrust = Base64.decode("MIIBmjCCAQMCBgFd2RZiPjANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDDAhLUDEgUk9PVDAeFw0xNzA4MTMwMDU1MDRaFw0xNzA4MTMwMTI1MDlaMBMxETAPBgNVBAMMCEtQMSBST09UMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCPn6zObnrjGPUb0ozc3MCOOcHwtQABZmUHtB1jxRXWwYXKo+iTms2wJjDS5fhz2UmUptsbdFwPdvT2t7K8cpaZBcovC3jLvEAMmjO+nU3FQrdopZ6MhBjpgIezAvJ9LUhrYctqUJzfViqtLl0dL+YRjaVdfCz5z0iZn4rv2VSf3QIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAHtS9RjMIRzeEpH9MKIaMLR7wVb55MYW7E2CVuIbsHmT+KyDBFsYbAylgc76cH1b8F53ECygS9jCpzfKtO61WVPPlUhsL13i2XbzCtj8DSPXaW5pgvpwClQZ+dpGFz8D/MYLSdjTdls8dbhJ5O08ckSKcrIGHcF90oeepVXOmiTw");
-    static byte[] extInvVersionCA = Base64.decode(    "MIICKDCCAZGgAwIBAgIGAV3ZFmI/MA0GCSqGSIb3DQEBCwUAMBMxETAPBgNVBAMMCEtQMSBST09UMB4XDTE3MDgxMzAwNTUwNFoXDTE3MDgxMzAxMjUwOVowETEPMA0GA1UEAwwGS1AxIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQChlaZhX9/eHmtfravHzs/E0g6ZhWTmD9aNNvuuz/GCBF9AMS6QQCGVhEzxESn0gLzs1bM/9M/EaylHS3Ecvi6QYdkrTKRDj38FDzrDhiPlM3TxY0XuUQ3Py590k8yZDcuEeVEQeoUx83qOnO7o/cL+vECfMj9ImYFFgY5sMcKkVQIDAQABo4GIMIGFMEAGA1UdIwQ5MDeAFAfTyJtmNkinVjfd7/2Giy6krDTpoRekFTATMREwDwYDVQQDDAhLUDEgUk9PVIIGAV3ZFmI+MB0GA1UdDgQWBBQkMq+wajXvKQaJtSdpvDJn77bU9zASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOBgQAqmKtykmixemAvppo2tTmekLsL93+/DMR+oz1iK2rjhqYzEF1/pM9VUyG+Ni1924U8tzGbXv2lL3MiToRSyjO50HHfnE7PfOvNiTUj73PTn27tPl03eWO3CtsOTGxtE2vpNyXyFXm4SFZlSicOXE0o/kUrNGVYvnjs/jjcNlPiHQ==");
-    static byte[] extInvVersionEE = Base64.decode(   "MIICJjCCAY+gAwIBBQIGAV3ZFmJAMA0GCSqGSIb3DQEBCwUAMBExDzANBgNVBAMMBktQMSBDQTAeFw0xNzA4MTMwMDU1MDRaFw0xNzA4MTMwMTI1MDlaMBExDzANBgNVBAMMBktQMSBFRTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA6PXdCOvE33+mMcal/rC+I7zdJqcc6OBhn+Lyku29TRcYplMA5mkh7WkjLtRYBUAzHukN/GXb1Mo+dFkvCnKO/l4gLWyVuf23rL6iELt8X1KVJdJlrDElCmTgl6lA0Omq7QhNrsv5Vdk7mK2mbJzl0bj4fcu5dc23nQXEskmGrZsCAwEAAaOBiDCBhTBABgNVHSMEOTA3gBQkMq+wajXvKQaJtSdpvDJn77bU96EXpBUwEzERMA8GA1UEAwwIS1AxIFJPT1SCBgFd2RZiPzAdBgNVHQ4EFgQU3Nw/DFxNqK1fRhc/W8W4o3mkCHQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwDQYJKoZIhvcNAQELBQADgYEAjMTiKgLC2Kb5+elvfD/+CM8pNeLt5Y43sMSTpgIrebdWPA2hyvjvW/upsIYIquGrymOYBU/K0abQlkNUbBHpQCQMPQ6iPXuhTQj/P7rt7McLl6OXV/DQqgF+39y0xWAzoZbgMKrQaSr9oRmEVt6xzLM92JS67w8Xgbh39PGBfEg=");
-
-    static byte[] extInvExtTrust = Base64.decode("MIIBmjCCAQMCBgFd2SFqKjANBgkqhkiG9w0BAQsFADATMREwDwYDVQQDDAhLUDEgUk9PVDAeFw0xNzA4MTMwMTA3MDdaFw0xNzA4MTMwMTM3MTJaMBMxETAPBgNVBAMMCEtQMSBST09UMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDEY3toxiphhoeoTd79/Uznb1YyKjYgxtXkYVQLZ+Q76bJFQftVVcUHw25/A/2qgSc8XPflGRpn82Qn/B7s3fxEglgeY0ekdYjea5+jZSJj70p1QcC60yH1NKGxE0ASBuv/22IoHhdu5dOTmiWegikKUXblBD1wAxbbvOcXFs2x/wIDAQABMA0GCSqGSIb3DQEBCwUAA4GBAJPG9wt9edpTaCc0z03xGNF/M6x5cLx5eLgZaBFt+FO3S1xWIVby+iU8Hw2mzHOc58Fghw1jEwLaslQYadx9667NedGu7dYyY318h+VhaDppQqkhJiQl5Q8aTvVNt60fDEVLjvB7E6Z+CafVGR1jNrXxLDe6zVf/BZJK7QrkTKh4");
-    static byte[] extInvExtCA = Base64.decode("MIICKDCCAZGgAwIBAgIGAV3ZIWorMA0GCSqGSIb3DQEBCwUAMBMxETAPBgNVBAMMCEtQMSBST09UMB4XDTE3MDgxMzAxMDcwN1oXDTE3MDgxMzAxMzcxMlowETEPMA0GA1UEAwwGS1AxIENBMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCJKySmanEENpLJdPwpM/v0I7H0bW9ZlIxRpiL+/Z4uvF3j0r0O42Tm+dW8Ub42DzHcQ8pK/n/k2Wb4Jf7cP8+TGTAne3bgC24USW131XUZxaunGt4tCqZ0RNWpmBQUcUM0lgntDSfcvyv3QFB+nwLc93GYij9l3FaeUcHkwFiKsQIDAQABo4GIMIGFMEAGA1UdIwQ5MDeAFLnC9UF+JqEqboFH84ab9dEAkwEBoRekFTATMREwDwYDVQQDDAhLUDEgUk9PVIIGAV3ZIWoqMB0GA1UdDgQWBBQkr/0UP1MKPGQH7bkRNctHMsVQsjASBgNVHRMBAf8ECDAGAQH/AgEAMA4GA1UdDwEB/wQEAwIBhjANBgkqhkiG9w0BAQsFAAOBgQCZxLwkAPif1H2P398MHK3NLf3mrmLsP41ZphdHnSLNROlY9PdO5I/dfhElzVXW2oxecIIKbOQsjZe0FOSGvZHEhLftQmOdfGc5QfGf5w9CSFCCBe5vHdMjglRLVhNB51jz6DB7Dp0MjFDgkQI4lBHaiMVkE+HUZjNLwBddHH58Sw==");
-    static byte[] extInvExtEE = Base64.decode("MIICNjCCAZ+gAwIBAgIGAV3ZIWosMA0GCSqGSIb3DQEBCwUAMBExDzANBgNVBAMMBktQMSBDQTAeFw0xNzA4MTMwMTA3MDdaFw0xNzA4MTMwMTM3MTJaMBExDzANBgNVBAMMBktQMSBFRTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAj6WOoo8xHLLo+CT0l288xZDK3OsF64lPfNVkFnrRI65Ywl89M19nNF5Q24hF1FS6getO5oU+BhvRqft1/De22SME9SzKqs3G6uMxACKrMqgni1QBEOC/DdZ5Uaxh2s4lEgxbN0PQZIarAgLtAIgzRM4CrvofxFMwQy/neUuWmeMCAwEAAaOBmDCBlTBABgNVHSMEOTA3gBQkr/0UP1MKPGQH7bkRNctHMsVQsqEXpBUwEzERMA8GA1UEAwwIS1AxIFJPT1SCBgFd2SFqKzAdBgNVHQ4EFgQU/yuQXlvqXJQsbqB6whCPu5bwFCAwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAYYwDgYDVR0PAQH/BAQDAgGGMA0GCSqGSIb3DQEBCwUAA4GBABYUGar9s7wlM3Qlnja7uc7U8FqU+xH4e8/Jk64ku7DdwXelEbKo/FTFAzh464aiFP4eMDOH7YThXyTruPudEAvYyWY7eaEgRqA2MmL0uWHSrN+HR9aBeqrMCJK/E2e1egvk2whJHMimhDUFJ3cIPsFhazMvLTnVgWGMjOqQtuP+");
-
-    private void checkInvalidCertPath()
-        throws Exception
-    {
-        checkInvalidPath(extInvTrust, extInvCA, extInvEE, "version 1 certificate contains extra data");
-        checkInvalidPath(extInvV2Trust, extInvV2CA, extInvV2EE, "version 2 certificate cannot contain extensions");
-        checkInvalidPath(extInvVersionTrust, extInvVersionCA, extInvVersionEE, "version number not recognised");
-        checkInvalidPath(extInvExtTrust, extInvExtCA, extInvExtEE, "repeated extension found: 2.5.29.15");
-    }
-
-    private void checkInvalidPath(byte[] root, byte[] inter, byte[] ee, String expected)
-        throws Exception
-    {
-        X509Certificate rootCert = new X509CertificateObject(X509CertificateStructure.getInstance(root));
-        X509Certificate interCert = new X509CertificateObject(X509CertificateStructure.getInstance(inter));
-        X509Certificate finalCert = new X509CertificateObject(X509CertificateStructure.getInstance(ee));
-        List list = new ArrayList();
-        list.add(rootCert);
-        list.add(interCert);
-        list.add(finalCert);
-
-        CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
-        CertStore store = CertStore.getInstance("Collection", ccsp, "BC");
-        Date validDate = new Date(rootCert.getNotBefore().getTime() + 60 * 1000);
-        //validating path
-        List certchain = new ArrayList();
-        certchain.add(finalCert);
-        certchain.add(interCert);
-        CertPath cp = CertificateFactory.getInstance("X.509", "BC").generateCertPath(certchain);
-        Set trust = new HashSet();
-        trust.add(new TrustAnchor(rootCert, null));
-
-        CertPathValidator cpv = CertPathValidator.getInstance("PKIX", "BC");
-        PKIXParameters param = new PKIXParameters(trust);
-        param.addCertStore(store);
-        param.setDate(validDate);
-        param.setRevocationEnabled(false);
-
-        try
-        {
-            PKIXCertPathValidatorResult result = (PKIXCertPathValidatorResult)cpv.validate(cp, param);
-            fail("valid path passed");
-        }
-        catch (CertPathValidatorException e)
-        {
-            isTrue(e.getMessage().equals(expected));
-        }
-
-        // check that our cert factory also rejects - the EE is always the invalid one
-        CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
-
-        try
-        {
-            cf.generateCertificate(new ByteArrayInputStream(ee));
-        }
-        catch (CertificateException e)
-        {
-            isTrue(e.getMessage().equals("parsing issue: " + expected));
-        }
-    }
-
-    public String getName()
-    {
-        return "CertPathValidator";
-    }
-
-    public static void main(
-        String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new CertPathValidatorTest());
-    }
-
-    private static class MyChecker
-        extends PKIXCertPathChecker
-    {
-        private static int count;
-
-        public void init(boolean forward)
-            throws CertPathValidatorException
-        {
-            //To change body of implemented methods use File | Settings | File Templates.
-        }
-
-        public boolean isForwardCheckingSupported()
-        {
-            return true;
-        }
-
-        public Set getSupportedExtensions()
-        {
-            return null;
-        }
-
-        public void check(Certificate cert, Collection unresolvedCritExts)
-            throws CertPathValidatorException
-        {
-            count++;
-        }
-
-        public int getCount()
-        {
-            return count;
-        }
-    }
-
-    public static class X509CertificateObject
-        extends X509Certificate
-    {
-        static final String CERTIFICATE_POLICIES = Extension.certificatePolicies.getId();
-        static final String POLICY_MAPPINGS = Extension.policyMappings.getId();
-        static final String INHIBIT_ANY_POLICY = Extension.inhibitAnyPolicy.getId();
-        static final String ISSUING_DISTRIBUTION_POINT = Extension.issuingDistributionPoint.getId();
-        static final String FRESHEST_CRL = Extension.freshestCRL.getId();
-        static final String DELTA_CRL_INDICATOR = Extension.deltaCRLIndicator.getId();
-        static final String POLICY_CONSTRAINTS = Extension.policyConstraints.getId();
-        static final String BASIC_CONSTRAINTS = Extension.basicConstraints.getId();
-        static final String CRL_DISTRIBUTION_POINTS = Extension.cRLDistributionPoints.getId();
-        static final String SUBJECT_ALTERNATIVE_NAME = Extension.subjectAlternativeName.getId();
-        static final String NAME_CONSTRAINTS = Extension.nameConstraints.getId();
-        static final String AUTHORITY_KEY_IDENTIFIER = Extension.authorityKeyIdentifier.getId();
-        static final String KEY_USAGE = Extension.keyUsage.getId();
-        static final String CRL_NUMBER = Extension.cRLNumber.getId();
-        static final String ANY_POLICY = "2.5.29.32.0";
-
-        private org.bouncycastle.asn1.x509.X509CertificateStructure c;
-        private BasicConstraints basicConstraints;
-        private boolean[] keyUsage;
-        private boolean hashValueSet;
-        private int hashValue;
-
-        public X509CertificateObject(
-            org.bouncycastle.asn1.x509.X509CertificateStructure c)
-            throws CertificateParsingException
-        {
-            this.c = c;
-
-            try
-            {
-                byte[] bytes = this.getExtensionBytes("2.5.29.19");
-
-                if (bytes != null)
-                {
-                    basicConstraints = BasicConstraints.getInstance(ASN1Primitive.fromByteArray(bytes));
-                }
-            }
-            catch (Exception e)
-            {
-                throw new CertificateParsingException("cannot construct BasicConstraints: " + e);
-            }
-
-            try
-            {
-                byte[] bytes = this.getExtensionBytes("2.5.29.15");
-                if (bytes != null)
-                {
-                    ASN1BitString bits = DERBitString.getInstance(ASN1Primitive.fromByteArray(bytes));
-
-                    bytes = bits.getBytes();
-                    int length = (bytes.length * 8) - bits.getPadBits();
-
-                    keyUsage = new boolean[(length < 9) ? 9 : length];
-
-                    for (int i = 0; i != length; i++)
-                    {
-                        keyUsage[i] = (bytes[i / 8] & (0x80 >>> (i % 8))) != 0;
-                    }
-                }
-                else
-                {
-                    keyUsage = null;
-                }
-            }
-            catch (Exception e)
-            {
-                throw new CertificateParsingException("cannot construct KeyUsage: " + e);
-            }
-        }
-
-        public void checkValidity()
-            throws CertificateExpiredException, CertificateNotYetValidException
-        {
-            this.checkValidity(new Date());
-        }
-
-        public void checkValidity(
-            Date date)
-            throws CertificateExpiredException, CertificateNotYetValidException
-        {
-            if (date.getTime() > this.getNotAfter().getTime())  // for other VM compatibility
-            {
-                throw new CertificateExpiredException("certificate expired on " + c.getEndDate().getTime());
-            }
-
-            if (date.getTime() < this.getNotBefore().getTime())
-            {
-                throw new CertificateNotYetValidException("certificate not valid till " + c.getStartDate().getTime());
-            }
-        }
-
-        public int getVersion()
-        {
-            return c.getVersion();
-        }
-
-        public BigInteger getSerialNumber()
-        {
-            return c.getSerialNumber().getValue();
-        }
-
-        public Principal getIssuerDN()
-        {
-            try
-            {
-                return new X509Principal(X500Name.getInstance(c.getIssuer().getEncoded()));
-            }
-            catch (IOException e)
-            {
-                return null;
-            }
-        }
-
-        public X500Principal getIssuerX500Principal()
-        {
-            try
-            {
-                ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-                ASN1OutputStream aOut = new ASN1OutputStream(bOut);
-
-                aOut.writeObject(c.getIssuer());
-
-                return new X500Principal(bOut.toByteArray());
-            }
-            catch (IOException e)
-            {
-                throw new IllegalStateException("can't encode issuer DN");
-            }
-        }
-
-        public Principal getSubjectDN()
-        {
-            return new X509Principal(X500Name.getInstance(c.getSubject().toASN1Primitive()));
-        }
-
-        public X500Principal getSubjectX500Principal()
-        {
-            try
-            {
-                ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-                ASN1OutputStream aOut = new ASN1OutputStream(bOut);
-
-                aOut.writeObject(c.getSubject());
-
-                return new X500Principal(bOut.toByteArray());
-            }
-            catch (IOException e)
-            {
-                throw new IllegalStateException("can't encode issuer DN");
-            }
-        }
-
-        public Date getNotBefore()
-        {
-            return c.getStartDate().getDate();
-        }
-
-        public Date getNotAfter()
-        {
-            return c.getEndDate().getDate();
-        }
-
-        public byte[] getTBSCertificate()
-            throws CertificateEncodingException
-        {
-            try
-            {
-                return c.getTBSCertificate().getEncoded(ASN1Encoding.DER);
-            }
-            catch (IOException e)
-            {
-                throw new CertificateEncodingException(e.toString());
-            }
-        }
-
-        public byte[] getSignature()
-        {
-            return c.getSignature().getOctets();
-        }
-
-        /**
-         * return a more "meaningful" representation for the signature algorithm used in
-         * the certficate.
-         */
-        public String getSigAlgName()
-        {
-            Provider prov = Security.getProvider(BouncyCastleProvider.PROVIDER_NAME);
-
-            if (prov != null)
-            {
-                String algName = prov.getProperty("Alg.Alias.Signature." + this.getSigAlgOID());
-
-                if (algName != null)
-                {
-                    return algName;
-                }
-            }
-
-            Provider[] provs = Security.getProviders();
-
-            //
-            // search every provider looking for a real algorithm
-            //
-            for (int i = 0; i != provs.length; i++)
-            {
-                String algName = provs[i].getProperty("Alg.Alias.Signature." + this.getSigAlgOID());
-                if (algName != null)
-                {
-                    return algName;
-                }
-            }
-
-            return this.getSigAlgOID();
-        }
-
-        /**
-         * return the object identifier for the signature.
-         */
-        public String getSigAlgOID()
-        {
-            return c.getSignatureAlgorithm().getAlgorithm().getId();
-        }
-
-        /**
-         * return the signature parameters, or null if there aren't any.
-         */
-        public byte[] getSigAlgParams()
-        {
-            if (c.getSignatureAlgorithm().getParameters() != null)
-            {
-                try
-                {
-                    return c.getSignatureAlgorithm().getParameters().toASN1Primitive().getEncoded(ASN1Encoding.DER);
-                }
-                catch (IOException e)
-                {
-                    return null;
-                }
-            }
-            else
-            {
-                return null;
-            }
-        }
-
-        public boolean[] getIssuerUniqueID()
-        {
-            DERBitString id = c.getTBSCertificate().getIssuerUniqueId();
-
-            if (id != null)
-            {
-                byte[] bytes = id.getBytes();
-                boolean[] boolId = new boolean[bytes.length * 8 - id.getPadBits()];
-
-                for (int i = 0; i != boolId.length; i++)
-                {
-                    boolId[i] = (bytes[i / 8] & (0x80 >>> (i % 8))) != 0;
-                }
-
-                return boolId;
-            }
-
-            return null;
-        }
-
-        public boolean[] getSubjectUniqueID()
-        {
-            DERBitString id = c.getTBSCertificate().getSubjectUniqueId();
-
-            if (id != null)
-            {
-                byte[] bytes = id.getBytes();
-                boolean[] boolId = new boolean[bytes.length * 8 - id.getPadBits()];
-
-                for (int i = 0; i != boolId.length; i++)
-                {
-                    boolId[i] = (bytes[i / 8] & (0x80 >>> (i % 8))) != 0;
-                }
-
-                return boolId;
-            }
-
-            return null;
-        }
-
-        public boolean[] getKeyUsage()
-        {
-            return keyUsage;
-        }
-
-        public List getExtendedKeyUsage()
-            throws CertificateParsingException
-        {
-            byte[] bytes = this.getExtensionBytes("2.5.29.37");
-
-            if (bytes != null)
-            {
-                try
-                {
-                    ASN1InputStream dIn = new ASN1InputStream(bytes);
-                    ASN1Sequence seq = (ASN1Sequence)dIn.readObject();
-                    List list = new ArrayList();
-
-                    for (int i = 0; i != seq.size(); i++)
-                    {
-                        list.add(((ASN1ObjectIdentifier)seq.getObjectAt(i)).getId());
-                    }
-
-                    return Collections.unmodifiableList(list);
-                }
-                catch (Exception e)
-                {
-                    throw new CertificateParsingException("error processing extended key usage extension");
-                }
-            }
-
-            return null;
-        }
-
-        public int getBasicConstraints()
-        {
-            if (basicConstraints != null)
-            {
-                if (basicConstraints.isCA())
-                {
-                    if (basicConstraints.getPathLenConstraint() == null)
-                    {
-                        return Integer.MAX_VALUE;
-                    }
-                    else
-                    {
-                        return basicConstraints.getPathLenConstraint().intValue();
-                    }
-                }
-                else
-                {
-                    return -1;
-                }
-            }
-
-            return -1;
-        }
-
-        public Collection getSubjectAlternativeNames()
-            throws CertificateParsingException
-        {
-            return getAlternativeNames(getExtensionBytes(Extension.subjectAlternativeName.getId()));
-        }
-
-        public Collection getIssuerAlternativeNames()
-            throws CertificateParsingException
-        {
-            return getAlternativeNames(getExtensionBytes(Extension.issuerAlternativeName.getId()));
-        }
-
-        public Set getCriticalExtensionOIDs()
-        {
-            if (this.getVersion() == 3)
-            {
-                Set set = new HashSet();
-                X509Extensions extensions = c.getTBSCertificate().getExtensions();
-
-                if (extensions != null)
-                {
-                    Enumeration e = extensions.oids();
-
-                    while (e.hasMoreElements())
-                    {
-                        ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement();
-                        X509Extension ext = extensions.getExtension(oid);
-
-                        if (ext.isCritical())
-                        {
-                            set.add(oid.getId());
-                        }
-                    }
-
-                    return set;
-                }
-            }
-
-            return null;
-        }
-
-        private byte[] getExtensionBytes(String oid)
-        {
-            X509Extensions exts = c.getTBSCertificate().getExtensions();
-
-            if (exts != null)
-            {
-                X509Extension ext = exts.getExtension(new ASN1ObjectIdentifier(oid));
-                if (ext != null)
-                {
-                    return ext.getValue().getOctets();
-                }
-            }
-
-            return null;
-        }
-
-        public byte[] getExtensionValue(String oid)
-        {
-            X509Extensions exts = c.getTBSCertificate().getExtensions();
-
-            if (exts != null)
-            {
-                X509Extension ext = exts.getExtension(new ASN1ObjectIdentifier(oid));
-
-                if (ext != null)
-                {
-                    try
-                    {
-                        return ext.getValue().getEncoded();
-                    }
-                    catch (Exception e)
-                    {
-                        throw new IllegalStateException("error parsing " + e.toString());
-                    }
-                }
-            }
-
-            return null;
-        }
-
-        public Set getNonCriticalExtensionOIDs()
-        {
-            if (this.getVersion() == 3)
-            {
-                Set set = new HashSet();
-                X509Extensions extensions = c.getTBSCertificate().getExtensions();
-
-                if (extensions != null)
-                {
-                    Enumeration e = extensions.oids();
-
-                    while (e.hasMoreElements())
-                    {
-                        ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement();
-                        X509Extension ext = extensions.getExtension(oid);
-
-                        if (!ext.isCritical())
-                        {
-                            set.add(oid.getId());
-                        }
-                    }
-
-                    return set;
-                }
-            }
-
-            return null;
-        }
-
-        public boolean hasUnsupportedCriticalExtension()
-        {
-            if (this.getVersion() == 3)
-            {
-                X509Extensions extensions = c.getTBSCertificate().getExtensions();
-
-                if (extensions != null)
-                {
-                    Enumeration e = extensions.oids();
-
-                    while (e.hasMoreElements())
-                    {
-                        ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement();
-                        String oidId = oid.getId();
-
-                        if (oidId.equals(KEY_USAGE)
-                            || oidId.equals(CERTIFICATE_POLICIES)
-                            || oidId.equals(POLICY_MAPPINGS)
-                            || oidId.equals(INHIBIT_ANY_POLICY)
-                            || oidId.equals(CRL_DISTRIBUTION_POINTS)
-                            || oidId.equals(ISSUING_DISTRIBUTION_POINT)
-                            || oidId.equals(DELTA_CRL_INDICATOR)
-                            || oidId.equals(POLICY_CONSTRAINTS)
-                            || oidId.equals(BASIC_CONSTRAINTS)
-                            || oidId.equals(SUBJECT_ALTERNATIVE_NAME)
-                            || oidId.equals(NAME_CONSTRAINTS))
-                        {
-                            continue;
-                        }
-
-                        X509Extension ext = extensions.getExtension(oid);
-
-                        if (ext.isCritical())
-                        {
-                            return true;
-                        }
-                    }
-                }
-            }
-
-            return false;
-        }
-
-        public PublicKey getPublicKey()
-        {
-            try
-            {
-                return BouncyCastleProvider.getPublicKey(c.getSubjectPublicKeyInfo());
-            }
-            catch (IOException e)
-            {
-                return null;   // should never happen...
-            }
-        }
-
-        public byte[] getEncoded()
-            throws CertificateEncodingException
-        {
-            try
-            {
-                return c.getEncoded(ASN1Encoding.DER);
-            }
-            catch (IOException e)
-            {
-                throw new CertificateEncodingException(e.toString());
-            }
-        }
-
-        public boolean equals(
-            Object o)
-        {
-            if (o == this)
-            {
-                return true;
-            }
-
-            if (!(o instanceof Certificate))
-            {
-                return false;
-            }
-
-            Certificate other = (Certificate)o;
-
-            try
-            {
-                byte[] b1 = this.getEncoded();
-                byte[] b2 = other.getEncoded();
-
-                return Arrays.areEqual(b1, b2);
-            }
-            catch (CertificateEncodingException e)
-            {
-                return false;
-            }
-        }
-
-        public synchronized int hashCode()
-        {
-            if (!hashValueSet)
-            {
-                hashValue = calculateHashCode();
-                hashValueSet = true;
-            }
-
-            return hashValue;
-        }
-
-        private int calculateHashCode()
-        {
-            try
-            {
-                int hashCode = 0;
-                byte[] certData = this.getEncoded();
-                for (int i = 1; i < certData.length; i++)
-                {
-                    hashCode += certData[i] * i;
-                }
-                return hashCode;
-            }
-            catch (CertificateEncodingException e)
-            {
-                return 0;
-            }
-        }
-
-        public String toString()
-        {
-            StringBuffer buf = new StringBuffer();
-            String nl = Strings.lineSeparator();
-
-            buf.append("  [0]         Version: ").append(this.getVersion()).append(nl);
-            buf.append("         SerialNumber: ").append(this.getSerialNumber()).append(nl);
-            buf.append("             IssuerDN: ").append(this.getIssuerDN()).append(nl);
-            buf.append("           Start Date: ").append(this.getNotBefore()).append(nl);
-            buf.append("           Final Date: ").append(this.getNotAfter()).append(nl);
-            buf.append("            SubjectDN: ").append(this.getSubjectDN()).append(nl);
-            buf.append("           Public Key: ").append(this.getPublicKey()).append(nl);
-            buf.append("  Signature Algorithm: ").append(this.getSigAlgName()).append(nl);
-
-            byte[] sig = this.getSignature();
-
-            buf.append("            Signature: ").append(new String(Hex.encode(sig, 0, 20))).append(nl);
-            for (int i = 20; i < sig.length; i += 20)
-            {
-                if (i < sig.length - 20)
-                {
-                    buf.append("                       ").append(new String(Hex.encode(sig, i, 20))).append(nl);
-                }
-                else
-                {
-                    buf.append("                       ").append(new String(Hex.encode(sig, i, sig.length - i))).append(nl);
-                }
-            }
-
-            X509Extensions extensions = c.getTBSCertificate().getExtensions();
-
-            if (extensions != null)
-            {
-                Enumeration e = extensions.oids();
-
-                if (e.hasMoreElements())
-                {
-                    buf.append("       Extensions: \n");
-                }
-
-                while (e.hasMoreElements())
-                {
-                    ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement();
-                    X509Extension ext = extensions.getExtension(oid);
-
-                    if (ext.getValue() != null)
-                    {
-                        byte[] octs = ext.getValue().getOctets();
-                        ASN1InputStream dIn = new ASN1InputStream(octs);
-                        buf.append("                       critical(").append(ext.isCritical()).append(") ");
-                        try
-                        {
-                            if (oid.equals(Extension.basicConstraints))
-                            {
-                                buf.append(BasicConstraints.getInstance(dIn.readObject())).append(nl);
-                            }
-                            else if (oid.equals(Extension.keyUsage))
-                            {
-                                buf.append(KeyUsage.getInstance(dIn.readObject())).append(nl);
-                            }
-                            else if (oid.equals(MiscObjectIdentifiers.netscapeCertType))
-                            {
-                                buf.append(new NetscapeCertType((DERBitString)dIn.readObject())).append(nl);
-                            }
-                            else if (oid.equals(MiscObjectIdentifiers.netscapeRevocationURL))
-                            {
-                                buf.append(new NetscapeRevocationURL((DERIA5String)dIn.readObject())).append(nl);
-                            }
-                            else if (oid.equals(MiscObjectIdentifiers.verisignCzagExtension))
-                            {
-                                buf.append(new VerisignCzagExtension((DERIA5String)dIn.readObject())).append(nl);
-                            }
-                            else
-                            {
-                                buf.append(oid.getId());
-                                buf.append(" value = ").append(ASN1Dump.dumpAsString(dIn.readObject())).append(nl);
-                                //buf.append(" value = ").append("*****").append(nl);
-                            }
-                        }
-                        catch (Exception ex)
-                        {
-                            buf.append(oid.getId());
-                            //     buf.append(" value = ").append(new String(Hex.encode(ext.getExtnValue().getOctets()))).append(nl);
-                            buf.append(" value = ").append("*****").append(nl);
-                        }
-                    }
-                    else
-                    {
-                        buf.append(nl);
-                    }
-                }
-            }
-
-            return buf.toString();
-        }
-
-        public final void verify(
-            PublicKey key)
-            throws CertificateException, NoSuchAlgorithmException,
-            InvalidKeyException, NoSuchProviderException, SignatureException
-        {
-            Signature signature;
-            String sigName = "SHA256withRSA";
-
-            try
-            {
-                signature = Signature.getInstance(sigName, BouncyCastleProvider.PROVIDER_NAME);
-            }
-            catch (Exception e)
-            {
-                signature = Signature.getInstance(sigName);
-            }
-
-            checkSignature(key, signature);
-        }
-
-        public final void verify(
-            PublicKey key,
-            String sigProvider)
-            throws CertificateException, NoSuchAlgorithmException,
-            InvalidKeyException, NoSuchProviderException, SignatureException
-        {
-            String sigName = "SHA256withRSA";
-            Signature signature;
-
-            if (sigProvider != null)
-            {
-                signature = Signature.getInstance(sigName, sigProvider);
-            }
-            else
-            {
-                signature = Signature.getInstance(sigName);
-            }
-
-            checkSignature(key, signature);
-        }
-
-        public final void verify(
-            PublicKey key,
-            Provider sigProvider)
-            throws CertificateException, NoSuchAlgorithmException,
-            InvalidKeyException, SignatureException
-        {
-            String sigName = "SHA256withRSA";
-            Signature signature;
-
-            if (sigProvider != null)
-            {
-                signature = Signature.getInstance(sigName, sigProvider);
-            }
-            else
-            {
-                signature = Signature.getInstance(sigName);
-            }
-
-            checkSignature(key, signature);
-        }
-
-        private void checkSignature(
-            PublicKey key,
-            Signature signature)
-            throws CertificateException, NoSuchAlgorithmException,
-            SignatureException, InvalidKeyException
-        {
-            if (!isAlgIdEqual(c.getSignatureAlgorithm(), c.getTBSCertificate().getSignature()))
-            {
-                throw new CertificateException("signature algorithm in TBS cert not same as outer cert");
-            }
-
-            ASN1Encodable params = c.getSignatureAlgorithm().getParameters();
-
-            signature.initVerify(key);
-
-            signature.update(this.getTBSCertificate());
-
-            if (!signature.verify(this.getSignature()))
-            {
-                throw new SignatureException("certificate does not verify with supplied key");
-            }
-        }
-
-        private boolean isAlgIdEqual(AlgorithmIdentifier id1, AlgorithmIdentifier id2)
-        {
-            if (!id1.getAlgorithm().equals(id2.getAlgorithm()))
-            {
-                return false;
-            }
-
-            if (id1.getParameters() == null)
-            {
-                if (id2.getParameters() != null && !id2.getParameters().equals(DERNull.INSTANCE))
-                {
-                    return false;
-                }
-
-                return true;
-            }
-
-            if (id2.getParameters() == null)
-            {
-                if (id1.getParameters() != null && !id1.getParameters().equals(DERNull.INSTANCE))
-                {
-                    return false;
-                }
-
-                return true;
-            }
-
-            return id1.getParameters().equals(id2.getParameters());
-        }
-
-        private static Collection getAlternativeNames(byte[] extVal)
-            throws CertificateParsingException
-        {
-            if (extVal == null)
-            {
-                return null;
-            }
-            try
-            {
-                Collection temp = new ArrayList();
-                Enumeration it = ASN1Sequence.getInstance(extVal).getObjects();
-                while (it.hasMoreElements())
-                {
-                    GeneralName genName = GeneralName.getInstance(it.nextElement());
-                    List list = new ArrayList();
-                    list.add(Integers.valueOf(genName.getTagNo()));
-                    switch (genName.getTagNo())
-                    {
-                    case GeneralName.ediPartyName:
-                    case GeneralName.x400Address:
-                    case GeneralName.otherName:
-                        list.add(genName.getEncoded());
-                        break;
-                    case GeneralName.directoryName:
-                        list.add(X500Name.getInstance(RFC4519Style.INSTANCE, genName.getName()).toString());
-                        break;
-                    case GeneralName.dNSName:
-                    case GeneralName.rfc822Name:
-                    case GeneralName.uniformResourceIdentifier:
-                        list.add(((ASN1String)genName.getName()).getString());
-                        break;
-                    case GeneralName.registeredID:
-                        list.add(ASN1ObjectIdentifier.getInstance(genName.getName()).getId());
-                        break;
-                    case GeneralName.iPAddress:
-                        byte[] addrBytes = DEROctetString.getInstance(genName.getName()).getOctets();
-                        final String addr;
-                        try
-                        {
-                            addr = InetAddress.getByAddress(addrBytes).getHostAddress();
-                        }
-                        catch (UnknownHostException e)
-                        {
-                            continue;
-                        }
-                        list.add(addr);
-                        break;
-                    default:
-                        throw new IOException("Bad tag number: " + genName.getTagNo());
-                    }
-
-                    temp.add(Collections.unmodifiableList(list));
-                }
-                if (temp.size() == 0)
-                {
-                    return null;
-                }
-                return Collections.unmodifiableCollection(temp);
-            }
-            catch (Exception e)
-            {
-                throw new CertificateParsingException(e.getMessage());
-            }
-        }
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CertStoreTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CertStoreTest.java
deleted file mode 100644
index 35f55e8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CertStoreTest.java
+++ /dev/null

@@ -1,235 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.test.SimpleTest;
-
-import java.io.ByteArrayInputStream;
-import java.security.Security;
-import java.security.cert.CertStore;
-import java.security.cert.CertificateFactory;
-import java.security.cert.CollectionCertStoreParameters;
-import java.security.cert.X509CRL;
-import java.security.cert.X509CRLSelector;
-import java.security.cert.X509CertSelector;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Iterator;
-import java.util.List;
-
-public class CertStoreTest
-    extends SimpleTest
-{
-
-    public void performTest()
-        throws Exception
-    {
-        basicTest();
-        orderTest();
-    }
-
-    private void basicTest()
-        throws Exception
-    {
-        CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
-
-        X509Certificate rootCert = (X509Certificate)cf
-                .generateCertificate(new ByteArrayInputStream(
-                        CertPathTest.rootCertBin));
-        X509Certificate interCert = (X509Certificate)cf
-                .generateCertificate(new ByteArrayInputStream(
-                        CertPathTest.interCertBin));
-        X509Certificate finalCert = (X509Certificate)cf
-                .generateCertificate(new ByteArrayInputStream(
-                        CertPathTest.finalCertBin));
-        X509CRL rootCrl = (X509CRL)cf.generateCRL(new ByteArrayInputStream(
-                CertPathTest.rootCrlBin));
-        X509CRL interCrl = (X509CRL)cf
-                .generateCRL(new ByteArrayInputStream(
-                        CertPathTest.interCrlBin));
-
-        // Testing CollectionCertStore generation from List
-        List list = new ArrayList();
-        list.add(rootCert);
-        list.add(interCert);
-        list.add(finalCert);
-        list.add(rootCrl);
-        list.add(interCrl);
-        CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
-        CertStore store = CertStore.getInstance("Collection", ccsp, "BC");
-
-        // Searching for rootCert by subjectDN
-        X509CertSelector targetConstraints = new X509CertSelector();
-        targetConstraints.setSubject(rootCert.getSubjectX500Principal().getName());
-        Collection certs = store.getCertificates(targetConstraints);
-        if (certs.size() != 1 || !certs.contains(rootCert))
-        {
-            fail("rootCert not found by subjectDN");
-        }
-
-        // Searching for rootCert by subjectDN encoded as byte
-        targetConstraints = new X509CertSelector();
-        targetConstraints.setSubject(rootCert.getSubjectX500Principal()
-                .getEncoded());
-        certs = store.getCertificates(targetConstraints);
-        if (certs.size() != 1 || !certs.contains(rootCert))
-        {
-            fail("rootCert not found by encoded subjectDN");
-        }
-
-        // Searching for rootCert by public key encoded as byte
-        targetConstraints = new X509CertSelector();
-        targetConstraints.setSubjectPublicKey(rootCert.getPublicKey()
-                .getEncoded());
-        certs = store.getCertificates(targetConstraints);
-        if (certs.size() != 1 || !certs.contains(rootCert))
-        {
-            fail("rootCert not found by encoded public key");
-        }
-
-        // Searching for interCert by issuerDN
-        targetConstraints = new X509CertSelector();
-        targetConstraints.setIssuer(rootCert.getSubjectX500Principal()
-                .getEncoded());
-        certs = store.getCertificates(targetConstraints);
-        if (certs.size() != 2)
-        {
-            fail("did not found 2 certs");
-        }
-        if (!certs.contains(rootCert))
-        {
-            fail("rootCert not found");
-        }
-        if (!certs.contains(interCert))
-        {
-            fail("interCert not found");
-        }
-
-        // Searching for rootCrl by issuerDN
-        X509CRLSelector targetConstraintsCRL = new X509CRLSelector();
-        targetConstraintsCRL.addIssuerName(rootCrl.getIssuerX500Principal()
-                .getEncoded());
-        Collection crls = store.getCRLs(targetConstraintsCRL);
-        if (crls.size() != 1 || !crls.contains(rootCrl))
-        {
-            fail("rootCrl not found");
-        }
-    }
-
-    private void orderTest()
-        throws Exception
-    {
-        CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
-
-        X509Certificate rootCert = (X509Certificate)cf
-                .generateCertificate(new ByteArrayInputStream(
-                        CertPathTest.rootCertBin));
-        X509Certificate interCert = (X509Certificate)cf
-                .generateCertificate(new ByteArrayInputStream(
-                        CertPathTest.interCertBin));
-        X509Certificate finalCert = (X509Certificate)cf
-                .generateCertificate(new ByteArrayInputStream(
-                        CertPathTest.finalCertBin));
-
-        List list = new ArrayList();
-        list.add(rootCert);
-        list.add(interCert);
-        list.add(finalCert);
-        CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
-        CertStore store = CertStore.getInstance("Collection", ccsp, "BC");
-
-        Iterator certs = store.getCertificates(null).iterator();
-
-        if (!certs.next().equals(rootCert))
-        {
-            fail("root ordering wrong");
-        }
-        if (!certs.next().equals(interCert))
-        {
-            fail("mid ordering wrong");
-        }
-        if (!certs.next().equals(finalCert))
-        {
-            fail("final ordering wrong");
-        }
-
-        list = new ArrayList();
-        list.add(finalCert);
-        list.add(interCert);
-        list.add(rootCert);
-        ccsp = new CollectionCertStoreParameters(list);
-        store = CertStore.getInstance("Collection", ccsp, "BC");
-
-        certs = store.getCertificates(null).iterator();
-
-        if (!certs.next().equals(finalCert))
-        {
-            fail("reverse final ordering wrong");
-        }
-        if (!certs.next().equals(interCert))
-        {
-            fail("reverse mid ordering wrong");
-        }
-        if (!certs.next().equals(rootCert))
-        {
-            fail("reverse root ordering wrong");
-        }
-
-        X509CRL rootCrl = (X509CRL)cf.generateCRL(new ByteArrayInputStream(
-                CertPathTest.rootCrlBin));
-        X509CRL interCrl = (X509CRL)cf
-                .generateCRL(new ByteArrayInputStream(
-                        CertPathTest.interCrlBin));
-
-        list = new ArrayList();
-        list.add(finalCert);
-        list.add(rootCrl);
-        list.add(interCrl);
-
-        ccsp = new CollectionCertStoreParameters(list);
-        store = CertStore.getInstance("Collection", ccsp, "BC");
-
-        Iterator crls = store.getCRLs(null).iterator();
-
-        if (!crls.next().equals(rootCrl))
-        {
-            fail("root crl ordering wrong");
-        }
-        if (!crls.next().equals(interCrl))
-        {
-            fail("mid crl ordering wrong");
-        }
-
-        list = new ArrayList();
-        list.add(finalCert);
-        list.add(interCrl);
-        list.add(rootCrl);
-        ccsp = new CollectionCertStoreParameters(list);
-        store = CertStore.getInstance("Collection", ccsp, "BC");
-
-        crls = store.getCRLs(null).iterator();
-
-        if (!crls.next().equals(interCrl))
-        {
-            fail("reverse mid crl ordering wrong");
-        }
-        if (!crls.next().equals(rootCrl))
-        {
-            fail("reverse root crl ordering wrong");
-        }
-    }
-    
-    public String getName()
-    {
-        return "CertStore";
-    }
-
-    public static void main(String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new CertStoreTest());
-    }
-
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CertTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CertTest.java
deleted file mode 100644
index 9f7b0a6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CertTest.java
+++ /dev/null

@@ -1,1785 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.BufferedInputStream;
-import java.io.ByteArrayInputStream;
-import java.io.InputStream;
-import java.io.UnsupportedEncodingException;
-import java.math.BigInteger;
-import java.security.AlgorithmParameters;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PublicKey;
-import java.security.Security;
-import java.security.cert.CRL;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509CRL;
-import java.security.cert.X509Certificate;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.RSAPrivateCrtKeySpec;
-import java.security.spec.RSAPublicKeySpec;
-import java.util.Collection;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.Set;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.cms.SignedData;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.jce.interfaces.ECPublicKey;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.io.Streams;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestFailedException;
-
-public class CertTest
-    extends SimpleTest
-{
-    //
-    // server.crt
-    //
-    byte[] cert1 = Base64.decode(
-        "MIIDXjCCAsegAwIBAgIBBzANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx"
-            + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY"
-            + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB"
-            + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ"
-            + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU2MjFaFw0wMTA2"
-            + "MDIwNzU2MjFaMIG4MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW"
-            + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM"
-            + "dGQxFzAVBgNVBAsTDldlYnNlcnZlciBUZWFtMR0wGwYDVQQDExR3d3cyLmNvbm5l"
-            + "Y3Q0LmNvbS5hdTEoMCYGCSqGSIb3DQEJARYZd2VibWFzdGVyQGNvbm5lY3Q0LmNv"
-            + "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArvDxclKAhyv7Q/Wmr2re"
-            + "Gw4XL9Cnh9e+6VgWy2AWNy/MVeXdlxzd7QAuc1eOWQkGQEiLPy5XQtTY+sBUJ3AO"
-            + "Rvd2fEVJIcjf29ey7bYua9J/vz5MG2KYo9/WCHIwqD9mmG9g0xLcfwq/s8ZJBswE"
-            + "7sb85VU+h94PTvsWOsWuKaECAwEAAaN3MHUwJAYDVR0RBB0wG4EZd2VibWFzdGVy"
-            + "QGNvbm5lY3Q0LmNvbS5hdTA6BglghkgBhvhCAQ0ELRYrbW9kX3NzbCBnZW5lcmF0"
-            + "ZWQgY3VzdG9tIHNlcnZlciBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCBkAw"
-            + "DQYJKoZIhvcNAQEEBQADgYEAotccfKpwSsIxM1Hae8DR7M/Rw8dg/RqOWx45HNVL"
-            + "iBS4/3N/TO195yeQKbfmzbAA2jbPVvIvGgTxPgO1MP4ZgvgRhasaa0qCJCkWvpM4"
-            + "yQf33vOiYQbpv4rTwzU8AmRlBG45WdjyNIigGV+oRc61aKCTnLq7zB8N3z1TF/bF"
-            + "5/8=");
-
-    //
-    // ca.crt
-    //
-    byte[] cert2 = Base64.decode(
-        "MIIDbDCCAtWgAwIBAgIBADANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx"
-            + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY"
-            + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB"
-            + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ"
-            + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU1MzNaFw0wMTA2"
-            + "MDIwNzU1MzNaMIG3MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW"
-            + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM"
-            + "dGQxHjAcBgNVBAsTFUNlcnRpZmljYXRlIEF1dGhvcml0eTEVMBMGA1UEAxMMQ29u"
-            + "bmVjdCA0IENBMSgwJgYJKoZIhvcNAQkBFhl3ZWJtYXN0ZXJAY29ubmVjdDQuY29t"
-            + "LmF1MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDgs5ptNG6Qv1ZpCDuUNGmv"
-            + "rhjqMDPd3ri8JzZNRiiFlBA4e6/ReaO1U8ASewDeQMH6i9R6degFdQRLngbuJP0s"
-            + "xcEE+SksEWNvygfzLwV9J/q+TQDyJYK52utb++lS0b48A1KPLwEsyL6kOAgelbur"
-            + "ukwxowprKUIV7Knf1ajetQIDAQABo4GFMIGCMCQGA1UdEQQdMBuBGXdlYm1hc3Rl"
-            + "ckBjb25uZWN0NC5jb20uYXUwDwYDVR0TBAgwBgEB/wIBADA2BglghkgBhvhCAQ0E"
-            + "KRYnbW9kX3NzbCBnZW5lcmF0ZWQgY3VzdG9tIENBIGNlcnRpZmljYXRlMBEGCWCG"
-            + "SAGG+EIBAQQEAwICBDANBgkqhkiG9w0BAQQFAAOBgQCsGvfdghH8pPhlwm1r3pQk"
-            + "msnLAVIBb01EhbXm2861iXZfWqGQjrGAaA0ZpXNk9oo110yxoqEoSJSzniZa7Xtz"
-            + "soTwNUpE0SLHvWf/SlKdFWlzXA+vOZbzEv4UmjeelekTm7lc01EEa5QRVzOxHFtQ"
-            + "DhkaJ8VqOMajkQFma2r9iA==");
-
-    //
-    // testx509.pem
-    //
-    byte[] cert3 = Base64.decode(
-        "MIIBWzCCAQYCARgwDQYJKoZIhvcNAQEEBQAwODELMAkGA1UEBhMCQVUxDDAKBgNV"
-            + "BAgTA1FMRDEbMBkGA1UEAxMSU1NMZWF5L3JzYSB0ZXN0IENBMB4XDTk1MDYxOTIz"
-            + "MzMxMloXDTk1MDcxNzIzMzMxMlowOjELMAkGA1UEBhMCQVUxDDAKBgNVBAgTA1FM"
-            + "RDEdMBsGA1UEAxMUU1NMZWF5L3JzYSB0ZXN0IGNlcnQwXDANBgkqhkiG9w0BAQEF"
-            + "AANLADBIAkEAqtt6qS5GTxVxGZYWa0/4u+IwHf7p2LNZbcPBp9/OfIcYAXBQn8hO"
-            + "/Re1uwLKXdCjIoaGs4DLdG88rkzfyK5dPQIDAQABMAwGCCqGSIb3DQIFBQADQQAE"
-            + "Wc7EcF8po2/ZO6kNCwK/ICH6DobgLekA5lSLr5EvuioZniZp5lFzAw4+YzPQ7XKJ"
-            + "zl9HYIMxATFyqSiD9jsx");
-
-    //
-    // v3-cert1.pem
-    //
-    byte[] cert4 = Base64.decode(
-        "MIICjTCCAfigAwIBAgIEMaYgRzALBgkqhkiG9w0BAQQwRTELMAkGA1UEBhMCVVMx"
-            + "NjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFuZCBTcGFjZSBBZG1pbmlz"
-            + "dHJhdGlvbjAmFxE5NjA1MjgxMzQ5MDUrMDgwMBcROTgwNTI4MTM0OTA1KzA4MDAw"
-            + "ZzELMAkGA1UEBhMCVVMxNjA0BgNVBAoTLU5hdGlvbmFsIEFlcm9uYXV0aWNzIGFu"
-            + "ZCBTcGFjZSBBZG1pbmlzdHJhdGlvbjEgMAkGA1UEBRMCMTYwEwYDVQQDEwxTdGV2"
-            + "ZSBTY2hvY2gwWDALBgkqhkiG9w0BAQEDSQAwRgJBALrAwyYdgxmzNP/ts0Uyf6Bp"
-            + "miJYktU/w4NG67ULaN4B5CnEz7k57s9o3YY3LecETgQ5iQHmkwlYDTL2fTgVfw0C"
-            + "AQOjgaswgagwZAYDVR0ZAQH/BFowWDBWMFQxCzAJBgNVBAYTAlVTMTYwNAYDVQQK"
-            + "Ey1OYXRpb25hbCBBZXJvbmF1dGljcyBhbmQgU3BhY2UgQWRtaW5pc3RyYXRpb24x"
-            + "DTALBgNVBAMTBENSTDEwFwYDVR0BAQH/BA0wC4AJODMyOTcwODEwMBgGA1UdAgQR"
-            + "MA8ECTgzMjk3MDgyM4ACBSAwDQYDVR0KBAYwBAMCBkAwCwYJKoZIhvcNAQEEA4GB"
-            + "AH2y1VCEw/A4zaXzSYZJTTUi3uawbbFiS2yxHvgf28+8Js0OHXk1H1w2d6qOHH21"
-            + "X82tZXd/0JtG0g1T9usFFBDvYK8O0ebgz/P5ELJnBL2+atObEuJy1ZZ0pBDWINR3"
-            + "WkDNLCGiTkCKp0F5EWIrVDwh54NNevkCQRZita+z4IBO");
-
-    //
-    // v3-cert2.pem
-    //
-    byte[] cert5 = Base64.decode(
-        "MIICiTCCAfKgAwIBAgIEMeZfHzANBgkqhkiG9w0BAQQFADB9MQswCQYDVQQGEwJD"
-            + "YTEPMA0GA1UEBxMGTmVwZWFuMR4wHAYDVQQLExVObyBMaWFiaWxpdHkgQWNjZXB0"
-            + "ZWQxHzAdBgNVBAoTFkZvciBEZW1vIFB1cnBvc2VzIE9ubHkxHDAaBgNVBAMTE0Vu"
-            + "dHJ1c3QgRGVtbyBXZWIgQ0EwHhcNOTYwNzEyMTQyMDE1WhcNOTYxMDEyMTQyMDE1"
-            + "WjB0MSQwIgYJKoZIhvcNAQkBExVjb29rZUBpc3NsLmF0bC5ocC5jb20xCzAJBgNV"
-            + "BAYTAlVTMScwJQYDVQQLEx5IZXdsZXR0IFBhY2thcmQgQ29tcGFueSAoSVNTTCkx"
-            + "FjAUBgNVBAMTDVBhdWwgQS4gQ29va2UwXDANBgkqhkiG9w0BAQEFAANLADBIAkEA"
-            + "6ceSq9a9AU6g+zBwaL/yVmW1/9EE8s5you1mgjHnj0wAILuoB3L6rm6jmFRy7QZT"
-            + "G43IhVZdDua4e+5/n1ZslwIDAQABo2MwYTARBglghkgBhvhCAQEEBAMCB4AwTAYJ"
-            + "YIZIAYb4QgENBD8WPVRoaXMgY2VydGlmaWNhdGUgaXMgb25seSBpbnRlbmRlZCBm"
-            + "b3IgZGVtb25zdHJhdGlvbiBwdXJwb3Nlcy4wDQYJKoZIhvcNAQEEBQADgYEAi8qc"
-            + "F3zfFqy1sV8NhjwLVwOKuSfhR/Z8mbIEUeSTlnH3QbYt3HWZQ+vXI8mvtZoBc2Fz"
-            + "lexKeIkAZXCesqGbs6z6nCt16P6tmdfbZF3I3AWzLquPcOXjPf4HgstkyvVBn0Ap"
-            + "jAFN418KF/Cx4qyHB4cjdvLrRjjQLnb2+ibo7QU=");
-
-    //
-    // pem encoded pkcs7
-    //
-    byte[] cert6 = Base64.decode(
-        "MIAGCSqGSIb3DQEHAqCAMIACAQExCzAJBgUrDgMCGgUAMIAGCSqGSIb3DQEHAQAAoIIJbzCCAj0w"
-            + "ggGmAhEAzbp/VvDf5LxU/iKss3KqVTANBgkqhkiG9w0BAQIFADBfMQswCQYDVQQGEwJVUzEXMBUG"
-            + "A1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVibGljIFByaW1hcnkgQ2Vy"
-            + "dGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNOTYwMTI5MDAwMDAwWhcNMjgwODAxMjM1OTU5WjBfMQsw"
-            + "CQYDVQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVi"
-            + "bGljIFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwgZ8wDQYJKoZIhvcNAQEBBQADgY0A"
-            + "MIGJAoGBAOUZv22jVmEtmUhx9mfeuY3rt56GgAqRDvo4Ja9GiILlc6igmyRdDR/MZW4MsNBWhBiH"
-            + "mgabEKFz37RYOWtuwfYV1aioP6oSBo0xrH+wNNePNGeICc0UEeJORVZpH3gCgNrcR5EpuzbJY1zF"
-            + "4Ncth3uhtzKwezC6Ki8xqu6jZ9rbAgMBAAEwDQYJKoZIhvcNAQECBQADgYEATD+4i8Zo3+5DMw5d"
-            + "6abLB4RNejP/khv0Nq3YlSI2aBFsfELM85wuxAc/FLAPT/+Qknb54rxK6Y/NoIAK98Up8YIiXbix"
-            + "3YEjo3slFUYweRb46gVLlH8dwhzI47f0EEA8E8NfH1PoSOSGtHuhNbB7Jbq4046rPzidADQAmPPR"
-            + "cZQwggMuMIICl6ADAgECAhEA0nYujRQMPX2yqCVdr+4NdTANBgkqhkiG9w0BAQIFADBfMQswCQYD"
-            + "VQQGEwJVUzEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xNzA1BgNVBAsTLkNsYXNzIDEgUHVibGlj"
-            + "IFByaW1hcnkgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkwHhcNOTgwNTEyMDAwMDAwWhcNMDgwNTEy"
-            + "MjM1OTU5WjCBzDEXMBUGA1UEChMOVmVyaVNpZ24sIEluYy4xHzAdBgNVBAsTFlZlcmlTaWduIFRy"
-            + "dXN0IE5ldHdvcmsxRjBEBgNVBAsTPXd3dy52ZXJpc2lnbi5jb20vcmVwb3NpdG9yeS9SUEEgSW5j"
-            + "b3JwLiBCeSBSZWYuLExJQUIuTFREKGMpOTgxSDBGBgNVBAMTP1ZlcmlTaWduIENsYXNzIDEgQ0Eg"
-            + "SW5kaXZpZHVhbCBTdWJzY3JpYmVyLVBlcnNvbmEgTm90IFZhbGlkYXRlZDCBnzANBgkqhkiG9w0B"
-            + "AQEFAAOBjQAwgYkCgYEAu1pEigQWu1X9A3qKLZRPFXg2uA1Ksm+cVL+86HcqnbnwaLuV2TFBcHqB"
-            + "S7lIE1YtxwjhhEKrwKKSq0RcqkLwgg4C6S/7wju7vsknCl22sDZCM7VuVIhPh0q/Gdr5FegPh7Yc"
-            + "48zGmo5/aiSS4/zgZbqnsX7vyds3ashKyAkG5JkCAwEAAaN8MHowEQYJYIZIAYb4QgEBBAQDAgEG"
-            + "MEcGA1UdIARAMD4wPAYLYIZIAYb4RQEHAQEwLTArBggrBgEFBQcCARYfd3d3LnZlcmlzaWduLmNv"
-            + "bS9yZXBvc2l0b3J5L1JQQTAPBgNVHRMECDAGAQH/AgEAMAsGA1UdDwQEAwIBBjANBgkqhkiG9w0B"
-            + "AQIFAAOBgQCIuDc73dqUNwCtqp/hgQFxHpJqbS/28Z3TymQ43BuYDAeGW4UVag+5SYWklfEXfWe0"
-            + "fy0s3ZpCnsM+tI6q5QsG3vJWKvozx74Z11NMw73I4xe1pElCY+zCphcPXVgaSTyQXFWjZSAA/Rgg"
-            + "5V+CprGoksVYasGNAzzrw80FopCubjCCA/gwggNhoAMCAQICEBbbn/1G1zppD6KsP01bwywwDQYJ"
-            + "KoZIhvcNAQEEBQAwgcwxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYDVQQLExZWZXJpU2ln"
-            + "biBUcnVzdCBOZXR3b3JrMUYwRAYDVQQLEz13d3cudmVyaXNpZ24uY29tL3JlcG9zaXRvcnkvUlBB"
-            + "IEluY29ycC4gQnkgUmVmLixMSUFCLkxURChjKTk4MUgwRgYDVQQDEz9WZXJpU2lnbiBDbGFzcyAx"
-            + "IENBIEluZGl2aWR1YWwgU3Vic2NyaWJlci1QZXJzb25hIE5vdCBWYWxpZGF0ZWQwHhcNMDAxMDAy"
-            + "MDAwMDAwWhcNMDAxMjAxMjM1OTU5WjCCAQcxFzAVBgNVBAoTDlZlcmlTaWduLCBJbmMuMR8wHQYD"
-            + "VQQLExZWZXJpU2lnbiBUcnVzdCBOZXR3b3JrMUYwRAYDVQQLEz13d3cudmVyaXNpZ24uY29tL3Jl"
-            + "cG9zaXRvcnkvUlBBIEluY29ycC4gYnkgUmVmLixMSUFCLkxURChjKTk4MR4wHAYDVQQLExVQZXJz"
-            + "b25hIE5vdCBWYWxpZGF0ZWQxJzAlBgNVBAsTHkRpZ2l0YWwgSUQgQ2xhc3MgMSAtIE1pY3Jvc29m"
-            + "dDETMBEGA1UEAxQKRGF2aWQgUnlhbjElMCMGCSqGSIb3DQEJARYWZGF2aWRAbGl2ZW1lZGlhLmNv"
-            + "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqxBsdeNmSvFqhMNwhQgNzM8mdjX9eSXb"
-            + "DawpHtQHjmh0AKJSa3IwUY0VIsyZHuXWktO/CgaMBVPt6OVf/n0R2sQigMP6Y+PhEiS0vCJBL9aK"
-            + "0+pOo2qXrjVBmq+XuCyPTnc+BOSrU26tJsX0P9BYorwySiEGxGanBNATdVL4NdUCAwEAAaOBnDCB"
-            + "mTAJBgNVHRMEAjAAMEQGA1UdIAQ9MDswOQYLYIZIAYb4RQEHAQgwKjAoBggrBgEFBQcCARYcaHR0"
-            + "cHM6Ly93d3cudmVyaXNpZ24uY29tL3JwYTARBglghkgBhvhCAQEEBAMCB4AwMwYDVR0fBCwwKjAo"
-            + "oCagJIYiaHR0cDovL2NybC52ZXJpc2lnbi5jb20vY2xhc3MxLmNybDANBgkqhkiG9w0BAQQFAAOB"
-            + "gQBC8yIIdVGpFTf8/YiL14cMzcmL0nIRm4kGR3U59z7UtcXlfNXXJ8MyaeI/BnXwG/gD5OKYqW6R"
-            + "yca9vZOxf1uoTBl82gInk865ED3Tej6msCqFzZffnSUQvOIeqLxxDlqYRQ6PmW2nAnZeyjcnbI5Y"
-            + "syQSM2fmo7n6qJFP+GbFezGCAkUwggJBAgEBMIHhMIHMMRcwFQYDVQQKEw5WZXJpU2lnbiwgSW5j"
-            + "LjEfMB0GA1UECxMWVmVyaVNpZ24gVHJ1c3QgTmV0d29yazFGMEQGA1UECxM9d3d3LnZlcmlzaWdu"
-            + "LmNvbS9yZXBvc2l0b3J5L1JQQSBJbmNvcnAuIEJ5IFJlZi4sTElBQi5MVEQoYyk5ODFIMEYGA1UE"
-            + "AxM/VmVyaVNpZ24gQ2xhc3MgMSBDQSBJbmRpdmlkdWFsIFN1YnNjcmliZXItUGVyc29uYSBOb3Qg"
-            + "VmFsaWRhdGVkAhAW25/9Rtc6aQ+irD9NW8MsMAkGBSsOAwIaBQCggbowGAYJKoZIhvcNAQkDMQsG"
-            + "CSqGSIb3DQEHATAcBgkqhkiG9w0BCQUxDxcNMDAxMDAyMTczNTE4WjAjBgkqhkiG9w0BCQQxFgQU"
-            + "gZjSaBEY2oxGvlQUIMnxSXhivK8wWwYJKoZIhvcNAQkPMU4wTDAKBggqhkiG9w0DBzAOBggqhkiG"
-            + "9w0DAgICAIAwDQYIKoZIhvcNAwICAUAwBwYFKw4DAgcwDQYIKoZIhvcNAwICASgwBwYFKw4DAh0w"
-            + "DQYJKoZIhvcNAQEBBQAEgYAzk+PU91/ZFfoiuKOECjxEh9fDYE2jfDCheBIgh5gdcCo+sS1WQs8O"
-            + "HreQ9Nop/JdJv1DQMBK6weNBBDoP0EEkRm1XCC144XhXZC82jBZohYmi2WvDbbC//YN58kRMYMyy"
-            + "srrfn4Z9I+6kTriGXkrpGk9Q0LSGjmG2BIsqiF0dvwAAAAAAAA==");
-
-    //
-    // dsaWithSHA1 cert
-    //
-    byte[] cert7 = Base64.decode(
-        "MIIEXAYJKoZIhvcNAQcCoIIETTCCBEkCAQExCzAJBgUrDgMCGgUAMAsGCSqG"
-            + "SIb3DQEHAaCCAsMwggK/MIIB4AIBADCBpwYFKw4DAhswgZ0CQQEkJRHP+mN7"
-            + "d8miwTMN55CUSmo3TO8WGCxgY61TX5k+7NU4XPf1TULjw3GobwaJX13kquPh"
-            + "fVXk+gVy46n4Iw3hAhUBSe/QF4BUj+pJOF9ROBM4u+FEWA8CQQD4mSJbrABj"
-            + "TUWrlnAte8pS22Tq4/FPO7jHSqjijUHfXKTrHL1OEqV3SVWcFy5j/cqBgX/z"
-            + "m8Q12PFp/PjOhh+nMA4xDDAKBgNVBAMTA0lEMzAeFw05NzEwMDEwMDAwMDBa"
-            + "Fw0zODAxMDEwMDAwMDBaMA4xDDAKBgNVBAMTA0lEMzCB8DCBpwYFKw4DAhsw"
-            + "gZ0CQQEkJRHP+mN7d8miwTMN55CUSmo3TO8WGCxgY61TX5k+7NU4XPf1TULj"
-            + "w3GobwaJX13kquPhfVXk+gVy46n4Iw3hAhUBSe/QF4BUj+pJOF9ROBM4u+FE"
-            + "WA8CQQD4mSJbrABjTUWrlnAte8pS22Tq4/FPO7jHSqjijUHfXKTrHL1OEqV3"
-            + "SVWcFy5j/cqBgX/zm8Q12PFp/PjOhh+nA0QAAkEAkYkXLYMtGVGWj9OnzjPn"
-            + "sB9sefSRPrVegZJCZbpW+Iv0/1RP1u04pHG9vtRpIQLjzUiWvLMU9EKQTThc"
-            + "eNMmWDCBpwYFKw4DAhswgZ0CQQEkJRHP+mN7d8miwTMN55CUSmo3TO8WGCxg"
-            + "Y61TX5k+7NU4XPf1TULjw3GobwaJX13kquPhfVXk+gVy46n4Iw3hAhUBSe/Q"
-            + "F4BUj+pJOF9ROBM4u+FEWA8CQQD4mSJbrABjTUWrlnAte8pS22Tq4/FPO7jH"
-            + "SqjijUHfXKTrHL1OEqV3SVWcFy5j/cqBgX/zm8Q12PFp/PjOhh+nAy8AMCwC"
-            + "FBY3dBSdeprGcqpr6wr3xbG+6WW+AhRMm/facKJNxkT3iKgJbp7R8Xd3QTGC"
-            + "AWEwggFdAgEBMBMwDjEMMAoGA1UEAxMDSUQzAgEAMAkGBSsOAwIaBQCgXTAY"
-            + "BgkqhkiG9w0BCQMxCwYJKoZIhvcNAQcBMBwGCSqGSIb3DQEJBTEPFw0wMjA1"
-            + "MjQyMzEzMDdaMCMGCSqGSIb3DQEJBDEWBBS4WMsoJhf7CVbZYCFcjoTRzPkJ"
-            + "xjCBpwYFKw4DAhswgZ0CQQEkJRHP+mN7d8miwTMN55CUSmo3TO8WGCxgY61T"
-            + "X5k+7NU4XPf1TULjw3GobwaJX13kquPhfVXk+gVy46n4Iw3hAhUBSe/QF4BU"
-            + "j+pJOF9ROBM4u+FEWA8CQQD4mSJbrABjTUWrlnAte8pS22Tq4/FPO7jHSqji"
-            + "jUHfXKTrHL1OEqV3SVWcFy5j/cqBgX/zm8Q12PFp/PjOhh+nBC8wLQIVALID"
-            + "dt+MHwawrDrwsO1Z6sXBaaJsAhRaKssrpevmLkbygKPV07XiAKBG02Zvb2Jh"
-            + "cg==");
-
-    //
-    // testcrl.pem
-    //
-    byte[] crl1 = Base64.decode(
-        "MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT"
-            + "F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy"
-            + "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw"
-            + "MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw"
-            + "MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw"
-            + "MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw"
-            + "MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw"
-            + "MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw"
-            + "MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw"
-            + "NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw"
-            + "NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF"
-            + "AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ"
-            + "wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt"
-            + "JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v");
-
-    //
-    // ecdsa cert with extra octet string.
-    //
-    byte[] oldEcdsa = Base64.decode(
-        "MIICljCCAkCgAwIBAgIBATALBgcqhkjOPQQBBQAwgY8xCzAJBgNVBAYTAkFVMSgwJ"
-            + "gYDVQQKEx9UaGUgTGVnaW9uIG9mIHRoZSBCb3VuY3kgQ2FzdGxlMRIwEAYDVQQHEw"
-            + "lNZWxib3VybmUxETAPBgNVBAgTCFZpY3RvcmlhMS8wLQYJKoZIhvcNAQkBFiBmZWV"
-            + "kYmFjay1jcnlwdG9AYm91bmN5Y2FzdGxlLm9yZzAeFw0wMTEyMDcwMTAwMDRaFw0w"
-            + "MTEyMDcwMTAxNDRaMIGPMQswCQYDVQQGEwJBVTEoMCYGA1UEChMfVGhlIExlZ2lvb"
-            + "iBvZiB0aGUgQm91bmN5IENhc3RsZTESMBAGA1UEBxMJTWVsYm91cm5lMREwDwYDVQ"
-            + "QIEwhWaWN0b3JpYTEvMC0GCSqGSIb3DQEJARYgZmVlZGJhY2stY3J5cHRvQGJvdW5"
-            + "jeWNhc3RsZS5vcmcwgeQwgb0GByqGSM49AgEwgbECAQEwKQYHKoZIzj0BAQIef///"
-            + "////////////f///////gAAAAAAAf///////MEAEHn///////////////3///////"
-            + "4AAAAAAAH///////AQeawFsO9zxiUHQ1lSSFHXKcanbL7J9HTd5YYXClCwKBB8CD/"
-            + "qWPNyogWzMM7hkK+35BcPTWFc9Pyf7vTs8uaqvAh5///////////////9///+eXpq"
-            + "fXZBx+9FSJoiQnQsDIgAEHwJbbcU7xholSP+w9nFHLebJUhqdLSU05lq/y9X+DHAw"
-            + "CwYHKoZIzj0EAQUAA0MAMEACHnz6t4UNoVROp74ma4XNDjjGcjaqiIWPZLK8Bdw3G"
-            + "QIeLZ4j3a6ividZl344UH+UPUE7xJxlYGuy7ejTsqRR");
-
-    byte[] uncompressedPtEC = Base64.decode(
-        "MIIDKzCCAsGgAwIBAgICA+kwCwYHKoZIzj0EAQUAMGYxCzAJBgNVBAYTAkpQ"
-            + "MRUwEwYDVQQKEwxuaXRlY2guYWMuanAxDjAMBgNVBAsTBWFpbGFiMQ8wDQYD"
-            + "VQQDEwZ0ZXN0Y2ExHzAdBgkqhkiG9w0BCQEWEHRlc3RjYUBsb2NhbGhvc3Qw"
-            + "HhcNMDExMDEzMTE1MzE3WhcNMjAxMjEyMTE1MzE3WjBmMQswCQYDVQQGEwJK"
-            + "UDEVMBMGA1UEChMMbml0ZWNoLmFjLmpwMQ4wDAYDVQQLEwVhaWxhYjEPMA0G"
-            + "A1UEAxMGdGVzdGNhMR8wHQYJKoZIhvcNAQkBFhB0ZXN0Y2FAbG9jYWxob3N0"
-            + "MIIBczCCARsGByqGSM49AgEwggEOAgEBMDMGByqGSM49AQECKEdYWnajFmnZ"
-            + "tzrukK2XWdle2v+GsD9l1ZiR6g7ozQDbhFH/bBiMDQcwVAQoJ5EQKrI54/CT"
-            + "xOQ2pMsd/fsXD+EX8YREd8bKHWiLz8lIVdD5cBNeVwQoMKSc6HfI7vKZp8Q2"
-            + "zWgIFOarx1GQoWJbMcSt188xsl30ncJuJT2OoARRBAqJ4fD+q6hbqgNSjTQ7"
-            + "htle1KO3eiaZgcJ8rrnyN8P+5A8+5K+H9aQ/NbBR4Gs7yto5PXIUZEUgodHA"
-            + "TZMSAcSq5ZYt4KbnSYaLY0TtH9CqAigEwZ+hglbT21B7ZTzYX2xj0x+qooJD"
-            + "hVTLtIPaYJK2HrMPxTw6/zfrAgEPA1IABAnvfFcFDgD/JicwBGn6vR3N8MIn"
-            + "mptZf/mnJ1y649uCF60zOgdwIyI7pVSxBFsJ7ohqXEHW0x7LrGVkdSEiipiH"
-            + "LYslqh3xrqbAgPbl93GUo0IwQDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB"
-            + "/wQEAwIBxjAdBgNVHQ4EFgQUAEo62Xm9H6DcsE0zUDTza4BRG90wCwYHKoZI"
-            + "zj0EAQUAA1cAMFQCKAQsCHHSNOqfJXLgt3bg5+k49hIBGVr/bfG0B9JU3rNt"
-            + "Ycl9Y2zfRPUCKAK2ccOQXByAWfsasDu8zKHxkZv7LVDTFjAIffz3HaCQeVhD"
-            + "z+fauEg=");
-
-    byte[] keyUsage = Base64.decode(
-        "MIIE7TCCBFagAwIBAgIEOAOR7jANBgkqhkiG9w0BAQQFADCByTELMAkGA1UE"
-            + "BhMCVVMxFDASBgNVBAoTC0VudHJ1c3QubmV0MUgwRgYDVQQLFD93d3cuZW50"
-            + "cnVzdC5uZXQvQ2xpZW50X0NBX0luZm8vQ1BTIGluY29ycC4gYnkgcmVmLiBs"
-            + "aW1pdHMgbGlhYi4xJTAjBgNVBAsTHChjKSAxOTk5IEVudHJ1c3QubmV0IExp"
-            + "bWl0ZWQxMzAxBgNVBAMTKkVudHJ1c3QubmV0IENsaWVudCBDZXJ0aWZpY2F0"
-            + "aW9uIEF1dGhvcml0eTAeFw05OTEwMTIxOTI0MzBaFw0xOTEwMTIxOTU0MzBa"
-            + "MIHJMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50cnVzdC5uZXQxSDBGBgNV"
-            + "BAsUP3d3dy5lbnRydXN0Lm5ldC9DbGllbnRfQ0FfSW5mby9DUFMgaW5jb3Jw"
-            + "LiBieSByZWYuIGxpbWl0cyBsaWFiLjElMCMGA1UECxMcKGMpIDE5OTkgRW50"
-            + "cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50cnVzdC5uZXQgQ2xpZW50"
-            + "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MIGdMA0GCSqGSIb3DQEBAQUAA4GL"
-            + "ADCBhwKBgQDIOpleMRffrCdvkHvkGf9FozTC28GoT/Bo6oT9n3V5z8GKUZSv"
-            + "x1cDR2SerYIbWtp/N3hHuzeYEpbOxhN979IMMFGpOZ5V+Pux5zDeg7K6PvHV"
-            + "iTs7hbqqdCz+PzFur5GVbgbUB01LLFZHGARS2g4Qk79jkJvh34zmAqTmT173"
-            + "iwIBA6OCAeAwggHcMBEGCWCGSAGG+EIBAQQEAwIABzCCASIGA1UdHwSCARkw"
-            + "ggEVMIHkoIHhoIHepIHbMIHYMQswCQYDVQQGEwJVUzEUMBIGA1UEChMLRW50"
-            + "cnVzdC5uZXQxSDBGBgNVBAsUP3d3dy5lbnRydXN0Lm5ldC9DbGllbnRfQ0Ff"
-            + "SW5mby9DUFMgaW5jb3JwLiBieSByZWYuIGxpbWl0cyBsaWFiLjElMCMGA1UE"
-            + "CxMcKGMpIDE5OTkgRW50cnVzdC5uZXQgTGltaXRlZDEzMDEGA1UEAxMqRW50"
-            + "cnVzdC5uZXQgQ2xpZW50IENlcnRpZmljYXRpb24gQXV0aG9yaXR5MQ0wCwYD"
-            + "VQQDEwRDUkwxMCygKqAohiZodHRwOi8vd3d3LmVudHJ1c3QubmV0L0NSTC9D"
-            + "bGllbnQxLmNybDArBgNVHRAEJDAigA8xOTk5MTAxMjE5MjQzMFqBDzIwMTkx"
-            + "MDEyMTkyNDMwWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgwFoAUxPucKXuXzUyW"
-            + "/O5bs8qZdIuV6kwwHQYDVR0OBBYEFMT7nCl7l81MlvzuW7PKmXSLlepMMAwG"
-            + "A1UdEwQFMAMBAf8wGQYJKoZIhvZ9B0EABAwwChsEVjQuMAMCBJAwDQYJKoZI"
-            + "hvcNAQEEBQADgYEAP66K8ddmAwWePvrqHEa7pFuPeJoSSJn59DXeDDYHAmsQ"
-            + "OokUgZwxpnyyQbJq5wcBoUv5nyU7lsqZwz6hURzzwy5E97BnRqqS5TvaHBkU"
-            + "ODDV4qIxJS7x7EU47fgGWANzYrAQMY9Av2TgXD7FTx/aEkP/TOYGJqibGapE"
-            + "PHayXOw=");
-
-    byte[] nameCert = Base64.decode(
-        "MIIEFjCCA3+gAwIBAgIEdS8BozANBgkqhkiG9w0BAQUFADBKMQswCQYDVQQGEwJE" +
-            "RTERMA8GA1UEChQIREFURVYgZUcxKDAMBgcCggYBCgcUEwExMBgGA1UEAxQRQ0Eg" +
-            "REFURVYgRDAzIDE6UE4wIhgPMjAwMTA1MTAxMDIyNDhaGA8yMDA0MDUwOTEwMjI0" +
-            "OFowgYQxCzAJBgNVBAYTAkRFMQ8wDQYDVQQIFAZCYXllcm4xEjAQBgNVBAcUCU7I" +
-            "dXJuYmVyZzERMA8GA1UEChQIREFURVYgZUcxHTAbBgNVBAUTFDAwMDAwMDAwMDA4" +
-            "OTU3NDM2MDAxMR4wHAYDVQQDFBVEaWV0bWFyIFNlbmdlbmxlaXRuZXIwgaEwDQYJ" +
-            "KoZIhvcNAQEBBQADgY8AMIGLAoGBAJLI/LJLKaHoMk8fBECW/od8u5erZi6jI8Ug" +
-            "C0a/LZyQUO/R20vWJs6GrClQtXB+AtfiBSnyZOSYzOdfDI8yEKPEv8qSuUPpOHps" +
-            "uNCFdLZF1vavVYGEEWs2+y+uuPmg8q1oPRyRmUZ+x9HrDvCXJraaDfTEd9olmB/Z" +
-            "AuC/PqpjAgUAwAAAAaOCAcYwggHCMAwGA1UdEwEB/wQCMAAwDwYDVR0PAQH/BAUD" +
-            "AwdAADAxBgNVHSAEKjAoMCYGBSskCAEBMB0wGwYIKwYBBQUHAgEWD3d3dy56cy5k" +
-            "YXRldi5kZTApBgNVHREEIjAggR5kaWV0bWFyLnNlbmdlbmxlaXRuZXJAZGF0ZXYu" +
-            "ZGUwgYQGA1UdIwR9MHuhc6RxMG8xCzAJBgNVBAYTAkRFMT0wOwYDVQQKFDRSZWd1" +
-            "bGllcnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21tdW5pa2F0aW9uIHVuZCBQb3N0" +
-            "MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjVSLUNBIDE6UE6CBACm8LkwDgYHAoIG" +
-            "AQoMAAQDAQEAMEcGA1UdHwRAMD4wPKAUoBKGEHd3dy5jcmwuZGF0ZXYuZGWiJKQi" +
-            "MCAxCzAJBgNVBAYTAkRFMREwDwYDVQQKFAhEQVRFViBlRzAWBgUrJAgDBAQNMAsT" +
-            "A0VVUgIBBQIBATAdBgNVHQ4EFgQUfv6xFP0xk7027folhy+ziZvBJiwwLAYIKwYB" +
-            "BQUHAQEEIDAeMBwGCCsGAQUFBzABhhB3d3cuZGlyLmRhdGV2LmRlMA0GCSqGSIb3" +
-            "DQEBBQUAA4GBAEOVX6uQxbgtKzdgbTi6YLffMftFr2mmNwch7qzpM5gxcynzgVkg" +
-            "pnQcDNlm5AIbS6pO8jTCLfCd5TZ5biQksBErqmesIl3QD+VqtB+RNghxectZ3VEs" +
-            "nCUtcE7tJ8O14qwCb3TxS9dvIUFiVi4DjbxX46TdcTbTaK8/qr6AIf+l");
-
-    byte[] probSelfSignedCert = Base64.decode(
-        "MIICxTCCAi6gAwIBAgIQAQAAAAAAAAAAAAAAAAAAATANBgkqhkiG9w0BAQUFADBF"
-            + "MScwJQYDVQQKEx4gRElSRUNUSU9OIEdFTkVSQUxFIERFUyBJTVBPVFMxGjAYBgNV"
-            + "BAMTESBBQyBNSU5FRkkgQiBURVNUMB4XDTA0MDUwNzEyMDAwMFoXDTE0MDUwNzEy"
-            + "MDAwMFowRTEnMCUGA1UEChMeIERJUkVDVElPTiBHRU5FUkFMRSBERVMgSU1QT1RT"
-            + "MRowGAYDVQQDExEgQUMgTUlORUZJIEIgVEVTVDCBnzANBgkqhkiG9w0BAQEFAAOB"
-            + "jQAwgYkCgYEAveoCUOAukZdcFCs2qJk76vSqEX0ZFzHqQ6faBPZWjwkgUNwZ6m6m"
-            + "qWvvyq1cuxhoDvpfC6NXILETawYc6MNwwxsOtVVIjuXlcF17NMejljJafbPximEt"
-            + "DQ4LcQeSp4K7FyFlIAMLyt3BQ77emGzU5fjFTvHSUNb3jblx0sV28c0CAwEAAaOB"
-            + "tTCBsjAfBgNVHSMEGDAWgBSEJ4bLbvEQY8cYMAFKPFD1/fFXlzAdBgNVHQ4EFgQU"
-            + "hCeGy27xEGPHGDABSjxQ9f3xV5cwDgYDVR0PAQH/BAQDAgEGMBEGCWCGSAGG+EIB"
-            + "AQQEAwIBBjA8BgNVHR8ENTAzMDGgL6AthitodHRwOi8vYWRvbmlzLnBrNy5jZXJ0"
-            + "cGx1cy5uZXQvZGdpLXRlc3QuY3JsMA8GA1UdEwEB/wQFMAMBAf8wDQYJKoZIhvcN"
-            + "AQEFBQADgYEAmToHJWjd3+4zknfsP09H6uMbolHNGG0zTS2lrLKpzcmkQfjhQpT9"
-            + "LUTBvfs1jdjo9fGmQLvOG+Sm51Rbjglb8bcikVI5gLbclOlvqLkm77otjl4U4Z2/"
-            + "Y0vP14Aov3Sn3k+17EfReYUZI4liuB95ncobC4e8ZM++LjQcIM0s+Vs=");
-
-
-    byte[] gost34102001base = Base64.decode(
-        "MIIB1DCCAYECEEjpVKXP6Wn1yVz3VeeDQa8wCgYGKoUDAgIDBQAwbTEfMB0G"
-            + "A1UEAwwWR29zdFIzNDEwLTIwMDEgZXhhbXBsZTESMBAGA1UECgwJQ3J5cHRv"
-            + "UHJvMQswCQYDVQQGEwJSVTEpMCcGCSqGSIb3DQEJARYaR29zdFIzNDEwLTIw"
-            + "MDFAZXhhbXBsZS5jb20wHhcNMDUwMjAzMTUxNjQ2WhcNMTUwMjAzMTUxNjQ2"
-            + "WjBtMR8wHQYDVQQDDBZHb3N0UjM0MTAtMjAwMSBleGFtcGxlMRIwEAYDVQQK"
-            + "DAlDcnlwdG9Qcm8xCzAJBgNVBAYTAlJVMSkwJwYJKoZIhvcNAQkBFhpHb3N0"
-            + "UjM0MTAtMjAwMUBleGFtcGxlLmNvbTBjMBwGBiqFAwICEzASBgcqhQMCAiQA"
-            + "BgcqhQMCAh4BA0MABECElWh1YAIaQHUIzROMMYks/eUFA3pDXPRtKw/nTzJ+"
-            + "V4/rzBa5lYgD0Jp8ha4P5I3qprt+VsfLsN8PZrzK6hpgMAoGBiqFAwICAwUA"
-            + "A0EAHw5dw/aw/OiNvHyOE65kvyo4Hp0sfz3csM6UUkp10VO247ofNJK3tsLb"
-            + "HOLjUaqzefrlGb11WpHYrvWFg+FcLA==");
-
-    byte[] gost341094base = Base64.decode(
-        "MIICDzCCAbwCEBcxKsIb0ghYvAQeUjfQdFAwCgYGKoUDAgIEBQAwaTEdMBsG"
-            + "A1UEAwwUR29zdFIzNDEwLTk0IGV4YW1wbGUxEjAQBgNVBAoMCUNyeXB0b1By"
-            + "bzELMAkGA1UEBhMCUlUxJzAlBgkqhkiG9w0BCQEWGEdvc3RSMzQxMC05NEBl"
-            + "eGFtcGxlLmNvbTAeFw0wNTAyMDMxNTE2NTFaFw0xNTAyMDMxNTE2NTFaMGkx"
-            + "HTAbBgNVBAMMFEdvc3RSMzQxMC05NCBleGFtcGxlMRIwEAYDVQQKDAlDcnlw"
-            + "dG9Qcm8xCzAJBgNVBAYTAlJVMScwJQYJKoZIhvcNAQkBFhhHb3N0UjM0MTAt"
-            + "OTRAZXhhbXBsZS5jb20wgaUwHAYGKoUDAgIUMBIGByqFAwICIAIGByqFAwIC"
-            + "HgEDgYQABIGAu4Rm4XmeWzTYLIB/E6gZZnFX/oxUJSFHbzALJ3dGmMb7R1W+"
-            + "t7Lzk2w5tUI3JoTiDRCKJA4fDEJNKzsRK6i/ZjkyXJSLwaj+G2MS9gklh8x1"
-            + "G/TliYoJgmjTXHemD7aQEBON4z58nJHWrA0ILD54wbXCtrcaqCqLRYGTMjJ2"
-            + "+nswCgYGKoUDAgIEBQADQQBxKNhOmjgz/i5CEgLOyKyz9pFGkDcaymsWYQWV"
-            + "v7CZ0pTM8IzMzkUBW3GHsUjCFpanFZDfg2zuN+3kT+694n9B");
-
-    byte[] gost341094A = Base64.decode(
-        "MIICSDCCAfWgAwIBAgIBATAKBgYqhQMCAgQFADCBgTEXMBUGA1UEAxMOZGVmYXVsdDM0MTAtOTQx"
-            + "DTALBgNVBAoTBERpZ3QxDzANBgNVBAsTBkNyeXB0bzEOMAwGA1UEBxMFWS1vbGExDDAKBgNVBAgT"
-            + "A01FTDELMAkGA1UEBhMCcnUxGzAZBgkqhkiG9w0BCQEWDHRlc3RAdGVzdC5ydTAeFw0wNTAzMjkx"
-            + "MzExNTdaFw0wNjAzMjkxMzExNTdaMIGBMRcwFQYDVQQDEw5kZWZhdWx0MzQxMC05NDENMAsGA1UE"
-            + "ChMERGlndDEPMA0GA1UECxMGQ3J5cHRvMQ4wDAYDVQQHEwVZLW9sYTEMMAoGA1UECBMDTUVMMQsw"
-            + "CQYDVQQGEwJydTEbMBkGCSqGSIb3DQEJARYMdGVzdEB0ZXN0LnJ1MIGlMBwGBiqFAwICFDASBgcq"
-            + "hQMCAiACBgcqhQMCAh4BA4GEAASBgIQACDLEuxSdRDGgdZxHmy30g/DUYkRxO9Mi/uSHX5NjvZ31"
-            + "b7JMEMFqBtyhql1HC5xZfUwZ0aT3UnEFDfFjLP+Bf54gA+LPkQXw4SNNGOj+klnqgKlPvoqMGlwa"
-            + "+hLPKbS561WpvB2XSTgbV+pqqXR3j6j30STmybelEV3RdS2Now8wDTALBgNVHQ8EBAMCB4AwCgYG"
-            + "KoUDAgIEBQADQQBCFy7xWRXtNVXflKvDs0pBdBuPzjCMeZAXVxK8vUxsxxKu76d9CsvhgIFknFRi"
-            + "wWTPiZenvNoJ4R1uzeX+vREm");
-
-    byte[] gost341094B = Base64.decode(
-        "MIICSDCCAfWgAwIBAgIBATAKBgYqhQMCAgQFADCBgTEXMBUGA1UEAxMOcGFyYW0xLTM0MTAtOTQx"
-            + "DTALBgNVBAoTBERpZ3QxDzANBgNVBAsTBkNyeXB0bzEOMAwGA1UEBxMFWS1PbGExDDAKBgNVBAgT"
-            + "A01lbDELMAkGA1UEBhMCcnUxGzAZBgkqhkiG9w0BCQEWDHRlc3RAdGVzdC5ydTAeFw0wNTAzMjkx"
-            + "MzEzNTZaFw0wNjAzMjkxMzEzNTZaMIGBMRcwFQYDVQQDEw5wYXJhbTEtMzQxMC05NDENMAsGA1UE"
-            + "ChMERGlndDEPMA0GA1UECxMGQ3J5cHRvMQ4wDAYDVQQHEwVZLU9sYTEMMAoGA1UECBMDTWVsMQsw"
-            + "CQYDVQQGEwJydTEbMBkGCSqGSIb3DQEJARYMdGVzdEB0ZXN0LnJ1MIGlMBwGBiqFAwICFDASBgcq"
-            + "hQMCAiADBgcqhQMCAh4BA4GEAASBgEa+AAcZmijWs1M9x5Pn9efE8D9ztG1NMoIt0/hNZNqln3+j"
-            + "lMZjyqPt+kTLIjtmvz9BRDmIDk6FZz+4LhG2OTL7yGpWfrMxMRr56nxomTN9aLWRqbyWmn3brz9Y"
-            + "AUD3ifnwjjIuW7UM84JNlDTOdxx0XRUfLQIPMCXe9cO02Xskow8wDTALBgNVHQ8EBAMCB4AwCgYG"
-            + "KoUDAgIEBQADQQBzFcnuYc/639OTW+L5Ecjw9KxGr+dwex7lsS9S1BUgKa3m1d5c+cqI0B2XUFi5"
-            + "4iaHHJG0dCyjtQYLJr0OZjRw");
-
-    byte[] gost34102001A = Base64.decode(
-        "MIICCzCCAbigAwIBAgIBATAKBgYqhQMCAgMFADCBhDEaMBgGA1UEAxMRZGVmYXVsdC0zNDEwLTIw"
-            + "MDExDTALBgNVBAoTBERpZ3QxDzANBgNVBAsTBkNyeXB0bzEOMAwGA1UEBxMFWS1PbGExDDAKBgNV"
-            + "BAgTA01lbDELMAkGA1UEBhMCcnUxGzAZBgkqhkiG9w0BCQEWDHRlc3RAdGVzdC5ydTAeFw0wNTAz"
-            + "MjkxMzE4MzFaFw0wNjAzMjkxMzE4MzFaMIGEMRowGAYDVQQDExFkZWZhdWx0LTM0MTAtMjAwMTEN"
-            + "MAsGA1UEChMERGlndDEPMA0GA1UECxMGQ3J5cHRvMQ4wDAYDVQQHEwVZLU9sYTEMMAoGA1UECBMD"
-            + "TWVsMQswCQYDVQQGEwJydTEbMBkGCSqGSIb3DQEJARYMdGVzdEB0ZXN0LnJ1MGMwHAYGKoUDAgIT"
-            + "MBIGByqFAwICIwEGByqFAwICHgEDQwAEQG/4c+ZWb10IpeHfmR+vKcbpmSOClJioYmCVgnojw0Xn"
-            + "ned0KTg7TJreRUc+VX7vca4hLQaZ1o/TxVtfEApK/O6jDzANMAsGA1UdDwQEAwIHgDAKBgYqhQMC"
-            + "AgMFAANBAN8y2b6HuIdkD3aWujpfQbS1VIA/7hro4vLgDhjgVmev/PLzFB8oTh3gKhExpDo82IEs"
-            + "ZftGNsbbyp1NFg7zda0=");
-
-    byte[] gostCA1 = Base64.decode(
-        "MIIDNDCCAuGgAwIBAgIQZLcKDcWcQopF+jp4p9jylDAKBgYqhQMCAgQFADBm"
-            + "MQswCQYDVQQGEwJSVTEPMA0GA1UEBxMGTW9zY293MRcwFQYDVQQKEw5PT08g"
-            + "Q3J5cHRvLVBybzEUMBIGA1UECxMLRGV2ZWxvcG1lbnQxFzAVBgNVBAMTDkNQ"
-            + "IENTUCBUZXN0IENBMB4XDTAyMDYwOTE1NTIyM1oXDTA5MDYwOTE1NTkyOVow"
-            + "ZjELMAkGA1UEBhMCUlUxDzANBgNVBAcTBk1vc2NvdzEXMBUGA1UEChMOT09P"
-            + "IENyeXB0by1Qcm8xFDASBgNVBAsTC0RldmVsb3BtZW50MRcwFQYDVQQDEw5D"
-            + "UCBDU1AgVGVzdCBDQTCBpTAcBgYqhQMCAhQwEgYHKoUDAgIgAgYHKoUDAgIe"
-            + "AQOBhAAEgYAYglywKuz1nMc9UiBYOaulKy53jXnrqxZKbCCBSVaJ+aCKbsQm"
-            + "glhRFrw6Mwu8Cdeabo/ojmea7UDMZd0U2xhZFRti5EQ7OP6YpqD0alllo7za"
-            + "4dZNXdX+/ag6fOORSLFdMpVx5ganU0wHMPk67j+audnCPUj/plbeyccgcdcd"
-            + "WaOCASIwggEeMAsGA1UdDwQEAwIBxjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud"
-            + "DgQWBBTe840gTo4zt2twHilw3PD9wJaX0TCBygYDVR0fBIHCMIG/MDygOqA4"
-            + "hjYtaHR0cDovL2ZpZXdhbGwvQ2VydEVucm9sbC9DUCUyMENTUCUyMFRlc3Ql"
-            + "MjBDQSgzKS5jcmwwRKBCoECGPmh0dHA6Ly93d3cuY3J5cHRvcHJvLnJ1L0Nl"
-            + "cnRFbnJvbGwvQ1AlMjBDU1AlMjBUZXN0JTIwQ0EoMykuY3JsMDmgN6A1hjMt"
-            + "ZmlsZTovL1xcZmlld2FsbFxDZXJ0RW5yb2xsXENQIENTUCBUZXN0IENBKDMp"
-            + "LmNybC8wEgYJKwYBBAGCNxUBBAUCAwMAAzAKBgYqhQMCAgQFAANBAIJi7ni7"
-            + "9rwMR5rRGTFftt2k70GbqyUEfkZYOzrgdOoKiB4IIsIstyBX0/ne6GsL9Xan"
-            + "G2IN96RB7KrowEHeW+k=");
-
-    byte[] gostCA2 = Base64.decode(
-        "MIIC2DCCAoWgAwIBAgIQe9ZCugm42pRKNcHD8466zTAKBgYqhQMCAgMFADB+"
-            + "MRowGAYJKoZIhvcNAQkBFgtzYmFAZGlndC5ydTELMAkGA1UEBhMCUlUxDDAK"
-            + "BgNVBAgTA01FTDEUMBIGA1UEBxMLWW9zaGthci1PbGExDTALBgNVBAoTBERp"
-            + "Z3QxDzANBgNVBAsTBkNyeXB0bzEPMA0GA1UEAxMGc2JhLUNBMB4XDTA0MDgw"
-            + "MzEzMzE1OVoXDTE0MDgwMzEzNDAxMVowfjEaMBgGCSqGSIb3DQEJARYLc2Jh"
-            + "QGRpZ3QucnUxCzAJBgNVBAYTAlJVMQwwCgYDVQQIEwNNRUwxFDASBgNVBAcT"
-            + "C1lvc2hrYXItT2xhMQ0wCwYDVQQKEwREaWd0MQ8wDQYDVQQLEwZDcnlwdG8x"
-            + "DzANBgNVBAMTBnNiYS1DQTBjMBwGBiqFAwICEzASBgcqhQMCAiMBBgcqhQMC"
-            + "Ah4BA0MABEDMSy10CuOH+i8QKG2UWA4XmCt6+BFrNTZQtS6bOalyDY8Lz+G7"
-            + "HybyipE3PqdTB4OIKAAPsEEeZOCZd2UXGQm5o4HaMIHXMBMGCSsGAQQBgjcU"
-            + "AgQGHgQAQwBBMAsGA1UdDwQEAwIBhjAPBgNVHRMBAf8EBTADAQH/MB0GA1Ud"
-            + "DgQWBBRJJl3LcNMxkZI818STfoi3ng1xoDBxBgNVHR8EajBoMDGgL6Athito"
-            + "dHRwOi8vc2JhLmRpZ3QubG9jYWwvQ2VydEVucm9sbC9zYmEtQ0EuY3JsMDOg"
-            + "MaAvhi1maWxlOi8vXFxzYmEuZGlndC5sb2NhbFxDZXJ0RW5yb2xsXHNiYS1D"
-            + "QS5jcmwwEAYJKwYBBAGCNxUBBAMCAQAwCgYGKoUDAgIDBQADQQA+BRJHbc/p"
-            + "q8EYl6iJqXCuR+ozRmH7hPAP3c4KqYSC38TClCgBloLapx/3/WdatctFJW/L"
-            + "mcTovpq088927shE");
-
-    private final byte[] pkcs7CrlProblem = Base64.decode(
-        "MIIwSAYJKoZIhvcNAQcCoIIwOTCCMDUCAQExCzAJBgUrDgMCGgUAMAsGCSqG"
-            + "SIb3DQEHAaCCEsAwggP4MIIC4KADAgECAgF1MA0GCSqGSIb3DQEBBQUAMEUx"
-            + "CzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMR4wHAYDVQQD"
-            + "ExVHZW9UcnVzdCBDQSBmb3IgQWRvYmUwHhcNMDQxMjAyMjEyNTM5WhcNMDYx"
-            + "MjMwMjEyNTM5WjBMMQswCQYDVQQGEwJVUzEVMBMGA1UEChMMR2VvVHJ1c3Qg"
-            + "SW5jMSYwJAYDVQQDEx1HZW9UcnVzdCBBZG9iZSBPQ1NQIFJlc3BvbmRlcjCB"
-            + "nzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4gnNYhtw7U6QeVXZODnGhHMj"
-            + "+OgZ0DB393rEk6a2q9kq129IA2e03yKBTfJfQR9aWKc2Qj90dsSqPjvTDHFG"
-            + "Qsagm2FQuhnA3fb1UWhPzeEIdm6bxDsnQ8nWqKqxnWZzELZbdp3I9bBLizIq"
-            + "obZovzt60LNMghn/unvvuhpeVSsCAwEAAaOCAW4wggFqMA4GA1UdDwEB/wQE"
-            + "AwIE8DCB5QYDVR0gAQH/BIHaMIHXMIHUBgkqhkiG9y8BAgEwgcYwgZAGCCsG"
-            + "AQUFBwICMIGDGoGAVGhpcyBjZXJ0aWZpY2F0ZSBoYXMgYmVlbiBpc3N1ZWQg"
-            + "aW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBBY3JvYmF0IENyZWRlbnRpYWxzIENQ"
-            + "UyBsb2NhdGVkIGF0IGh0dHA6Ly93d3cuZ2VvdHJ1c3QuY29tL3Jlc291cmNl"
-            + "cy9jcHMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuZ2VvdHJ1c3QuY29tL3Jl"
-            + "c291cmNlcy9jcHMwEwYDVR0lBAwwCgYIKwYBBQUHAwkwOgYDVR0fBDMwMTAv"
-            + "oC2gK4YpaHR0cDovL2NybC5nZW90cnVzdC5jb20vY3Jscy9hZG9iZWNhMS5j"
-            + "cmwwHwYDVR0jBBgwFoAUq4BZw2WDbR19E70Zw+wajw1HaqMwDQYJKoZIhvcN"
-            + "AQEFBQADggEBAENJf1BD7PX5ivuaawt90q1OGzXpIQL/ClzEeFVmOIxqPc1E"
-            + "TFRq92YuxG5b6+R+k+tGkmCwPLcY8ipg6ZcbJ/AirQhohzjlFuT6YAXsTfEj"
-            + "CqEZfWM2sS7crK2EYxCMmKE3xDfPclYtrAoz7qZvxfQj0TuxHSstHZv39wu2"
-            + "ZiG1BWiEcyDQyTgqTOXBoZmfJtshuAcXmTpgkrYSrS37zNlPTGh+pMYQ0yWD"
-            + "c8OQRJR4OY5ZXfdna01mjtJTOmj6/6XPoLPYTq2gQrc2BCeNJ4bEhLb7sFVB"
-            + "PbwPrpzTE/HRbQHDrzj0YimDxeOUV/UXctgvYwHNtEkcBLsOm/uytMYwggSh"
-            + "MIIDiaADAgECAgQ+HL0oMA0GCSqGSIb3DQEBBQUAMGkxCzAJBgNVBAYTAlVT"
-            + "MSMwIQYDVQQKExpBZG9iZSBTeXN0ZW1zIEluY29ycG9yYXRlZDEdMBsGA1UE"
-            + "CxMUQWRvYmUgVHJ1c3QgU2VydmljZXMxFjAUBgNVBAMTDUFkb2JlIFJvb3Qg"
-            + "Q0EwHhcNMDMwMTA4MjMzNzIzWhcNMjMwMTA5MDAwNzIzWjBpMQswCQYDVQQG"
-            + "EwJVUzEjMCEGA1UEChMaQWRvYmUgU3lzdGVtcyBJbmNvcnBvcmF0ZWQxHTAb"
-            + "BgNVBAsTFEFkb2JlIFRydXN0IFNlcnZpY2VzMRYwFAYDVQQDEw1BZG9iZSBS"
-            + "b290IENBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzE9UhPen"
-            + "ouczU38/nBKIayyZR2d+Dx65rRSI+cMQ2B3w8NWfaQovWTWwzGypTJwVoJ/O"
-            + "IL+gz1Ti4CBmRT85hjh+nMSOByLGJPYBErA131XqaZCw24U3HuJOB7JCoWoT"
-            + "aaBm6oCREVkqmwh5WiBELcm9cziLPC/gQxtdswvwrzUaKf7vppLdgUydPVmO"
-            + "rTE8QH6bkTYG/OJcjdGNJtVcRc+vZT+xqtJilvSoOOq6YEL09BxKNRXO+E4i"
-            + "Vg+VGMX4lp+f+7C3eCXpgGu91grwxnSUnfMPUNuad85LcIMjjaDKeCBEXDxU"
-            + "ZPHqojAZn+pMBk0GeEtekt8i0slns3rSAQIDAQABo4IBTzCCAUswEQYJYIZI"
-            + "AYb4QgEBBAQDAgAHMIGOBgNVHR8EgYYwgYMwgYCgfqB8pHoweDELMAkGA1UE"
-            + "BhMCVVMxIzAhBgNVBAoTGkFkb2JlIFN5c3RlbXMgSW5jb3Jwb3JhdGVkMR0w"
-            + "GwYDVQQLExRBZG9iZSBUcnVzdCBTZXJ2aWNlczEWMBQGA1UEAxMNQWRvYmUg"
-            + "Um9vdCBDQTENMAsGA1UEAxMEQ1JMMTArBgNVHRAEJDAigA8yMDAzMDEwODIz"
-            + "MzcyM1qBDzIwMjMwMTA5MDAwNzIzWjALBgNVHQ8EBAMCAQYwHwYDVR0jBBgw"
-            + "FoAUgrc4SpOqmxDvgLvZVOLxD/uAnN4wHQYDVR0OBBYEFIK3OEqTqpsQ74C7"
-            + "2VTi8Q/7gJzeMAwGA1UdEwQFMAMBAf8wHQYJKoZIhvZ9B0EABBAwDhsIVjYu"
-            + "MDo0LjADAgSQMA0GCSqGSIb3DQEBBQUAA4IBAQAy2p9DdcH6b8lv26sdNjc+"
-            + "vGEZNrcCPB0jWZhsnu5NhedUyCAfp9S74r8Ad30ka3AvXME6dkm10+AjhCpx"
-            + "aiLzwScpmBX2NZDkBEzDjbyfYRzn/SSM0URDjBa6m02l1DUvvBHOvfdRN42f"
-            + "kOQU8Rg/vulZEjX5M5LznuDVa5pxm5lLyHHD4bFhCcTl+pHwQjo3fTT5cujN"
-            + "qmIcIenV9IIQ43sFti1oVgt+fpIsb01yggztVnSynbmrLSsdEF/bJ3Vwj/0d"
-            + "1+ICoHnlHOX/r2RAUS2em0fbQqV8H8KmSLDXvpJpTaT2KVfFeBEY3IdRyhOy"
-            + "Yp1PKzK9MaXB+lKrBYjIMIIEyzCCA7OgAwIBAgIEPhy9tTANBgkqhkiG9w0B"
-            + "AQUFADBpMQswCQYDVQQGEwJVUzEjMCEGA1UEChMaQWRvYmUgU3lzdGVtcyBJ"
-            + "bmNvcnBvcmF0ZWQxHTAbBgNVBAsTFEFkb2JlIFRydXN0IFNlcnZpY2VzMRYw"
-            + "FAYDVQQDEw1BZG9iZSBSb290IENBMB4XDTA0MDExNzAwMDMzOVoXDTE1MDEx"
-            + "NTA4MDAwMFowRTELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IElu"
-            + "Yy4xHjAcBgNVBAMTFUdlb1RydXN0IENBIGZvciBBZG9iZTCCASIwDQYJKoZI"
-            + "hvcNAQEBBQADggEPADCCAQoCggEBAKfld+BkeFrnOYW8r9L1WygTDlTdSfrO"
-            + "YvWS/Z6Ye5/l+HrBbOHqQCXBcSeCpz7kB2WdKMh1FOE4e9JlmICsHerBLdWk"
-            + "emU+/PDb69zh8E0cLoDfxukF6oVPXj6WSThdSG7H9aXFzRr6S3XGCuvgl+Qw"
-            + "DTLiLYW+ONF6DXwt3TQQtKReJjOJZk46ZZ0BvMStKyBaeB6DKZsmiIo89qso"
-            + "13VDZINH2w1KvXg0ygDizoNtbvgAPFymwnsINS1klfQlcvn0x0RJm9bYQXK3"
-            + "5GNZAgL3M7Lqrld0jMfIUaWvuHCLyivytRuzq1dJ7E8rmidjDEk/G+27pf13"
-            + "fNZ7vR7M+IkCAwEAAaOCAZ0wggGZMBIGA1UdEwEB/wQIMAYBAf8CAQEwUAYD"
-            + "VR0gBEkwRzBFBgkqhkiG9y8BAgEwODA2BggrBgEFBQcCARYqaHR0cHM6Ly93"
-            + "d3cuYWRvYmUuY29tL21pc2MvcGtpL2Nkc19jcC5odG1sMBQGA1UdJQQNMAsG"
-            + "CSqGSIb3LwEBBTCBsgYDVR0fBIGqMIGnMCKgIKAehhxodHRwOi8vY3JsLmFk"
-            + "b2JlLmNvbS9jZHMuY3JsMIGAoH6gfKR6MHgxCzAJBgNVBAYTAlVTMSMwIQYD"
-            + "VQQKExpBZG9iZSBTeXN0ZW1zIEluY29ycG9yYXRlZDEdMBsGA1UECxMUQWRv"
-            + "YmUgVHJ1c3QgU2VydmljZXMxFjAUBgNVBAMTDUFkb2JlIFJvb3QgQ0ExDTAL"
-            + "BgNVBAMTBENSTDEwCwYDVR0PBAQDAgEGMB8GA1UdIwQYMBaAFIK3OEqTqpsQ"
-            + "74C72VTi8Q/7gJzeMB0GA1UdDgQWBBSrgFnDZYNtHX0TvRnD7BqPDUdqozAZ"
-            + "BgkqhkiG9n0HQQAEDDAKGwRWNi4wAwIEkDANBgkqhkiG9w0BAQUFAAOCAQEA"
-            + "PzlZLqIAjrFeEWEs0uC29YyJhkXOE9mf3YSaFGsITF+Gl1j0pajTjyH4R35Q"
-            + "r3floW2q3HfNzTeZ90Jnr1DhVERD6zEMgJpCtJqVuk0sixuXJHghS/KicKf4"
-            + "YXJJPx9epuIRF1siBRnznnF90svmOJMXApc0jGnYn3nQfk4kaShSnDaYaeYR"
-            + "DJKcsiWhl6S5zfwS7Gg8hDeyckhMQKKWnlG1CQrwlSFisKCduoodwRtWgft8"
-            + "kx13iyKK3sbalm6vnVc+5nufS4vI+TwMXoV63NqYaSroafBWk0nL53zGXPEy"
-            + "+A69QhzEViJKn2Wgqt5gt++jMMNImbRObIqgfgF1VjCCBUwwggQ0oAMCAQIC"
-            + "AgGDMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1H"
-            + "ZW9UcnVzdCBJbmMuMR4wHAYDVQQDExVHZW9UcnVzdCBDQSBmb3IgQWRvYmUw"
-            + "HhcNMDYwMzI0MTU0MjI5WhcNMDkwNDA2MTQ0MjI5WjBzMQswCQYDVQQGEwJV"
-            + "UzELMAkGA1UECBMCTUExETAPBgNVBAoTCEdlb1RydXN0MR0wGwYDVQQDExRN"
-            + "YXJrZXRpbmcgRGVwYXJ0bWVudDElMCMGCSqGSIb3DQEJARYWbWFya2V0aW5n"
-            + "QGdlb3RydXN0LmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEB"
-            + "ANmvajTO4XJvAU2nVcLmXeCnAQX7RZt+7+ML3InmqQ3LCGo1weop09zV069/"
-            + "1x/Nmieol7laEzeXxd2ghjGzwfXafqQEqHn6+vBCvqdNPoSi63fSWhnuDVWp"
-            + "KVDOYgxOonrXl+Cc43lu4zRSq+Pi5phhrjDWcH74a3/rdljUt4c4GFezFXfa"
-            + "w2oTzWkxj2cTSn0Szhpr17+p66UNt8uknlhmu4q44Speqql2HwmCEnpLYJrK"
-            + "W3fOq5D4qdsvsLR2EABLhrBezamLI3iGV8cRHOUTsbTMhWhv/lKfHAyf4XjA"
-            + "z9orzvPN5jthhIfICOFq/nStTgakyL4Ln+nFAB/SMPkCAwEAAaOCAhYwggIS"
-            + "MA4GA1UdDwEB/wQEAwIF4DCB5QYDVR0gAQH/BIHaMIHXMIHUBgkqhkiG9y8B"
-            + "AgEwgcYwgZAGCCsGAQUFBwICMIGDGoGAVGhpcyBjZXJ0aWZpY2F0ZSBoYXMg"
-            + "YmVlbiBpc3N1ZWQgaW4gYWNjb3JkYW5jZSB3aXRoIHRoZSBBY3JvYmF0IENy"
-            + "ZWRlbnRpYWxzIENQUyBsb2NhdGVkIGF0IGh0dHA6Ly93d3cuZ2VvdHJ1c3Qu"
-            + "Y29tL3Jlc291cmNlcy9jcHMwMQYIKwYBBQUHAgEWJWh0dHA6Ly93d3cuZ2Vv"
-            + "dHJ1c3QuY29tL3Jlc291cmNlcy9jcHMwOgYDVR0fBDMwMTAvoC2gK4YpaHR0"
-            + "cDovL2NybC5nZW90cnVzdC5jb20vY3Jscy9hZG9iZWNhMS5jcmwwHwYDVR0j"
-            + "BBgwFoAUq4BZw2WDbR19E70Zw+wajw1HaqMwRAYIKwYBBQUHAQEEODA2MDQG"
-            + "CCsGAQUFBzABhihodHRwOi8vYWRvYmUtb2NzcC5nZW90cnVzdC5jb20vcmVz"
-            + "cG9uZGVyMBQGA1UdJQQNMAsGCSqGSIb3LwEBBTA8BgoqhkiG9y8BAQkBBC4w"
-            + "LAIBAYYnaHR0cDovL2Fkb2JlLXRpbWVzdGFtcC5nZW90cnVzdC5jb20vdHNh"
-            + "MBMGCiqGSIb3LwEBCQIEBTADAgEBMAwGA1UdEwQFMAMCAQAwDQYJKoZIhvcN"
-            + "AQEFBQADggEBAAOhy6QxOo+i3h877fvDvTa0plGD2bIqK7wMdNqbMDoSWied"
-            + "FIcgcBOIm2wLxOjZBAVj/3lDq59q2rnVeNnfXM0/N0MHI9TumHRjU7WNk9e4"
-            + "+JfJ4M+c3anrWOG3NE5cICDVgles+UHjXetHWql/LlP04+K2ZOLb6LE2xGnI"
-            + "YyLW9REzCYNAVF+/WkYdmyceHtaBZdbyVAJq0NAJPsfgY1pWcBo31Mr1fpX9"
-            + "WrXNTYDCqMyxMImJTmN3iI68tkXlNrhweQoArKFqBysiBkXzG/sGKYY6tWKU"
-            + "pzjLc3vIp/LrXC5zilROes8BSvwu1w9qQrJNcGwo7O4uijoNtyYil1Exgh1Q"
-            + "MIIdTAIBATBLMEUxCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJ"
-            + "bmMuMR4wHAYDVQQDExVHZW9UcnVzdCBDQSBmb3IgQWRvYmUCAgGDMAkGBSsO"
-            + "AwIaBQCgggxMMBgGCSqGSIb3DQEJAzELBgkqhkiG9w0BBwEwIwYJKoZIhvcN"
-            + "AQkEMRYEFP4R6qIdpQJzWyzrqO8X1ZfJOgChMIIMCQYJKoZIhvcvAQEIMYIL"
-            + "+jCCC/agggZ5MIIGdTCCA6gwggKQMA0GCSqGSIb3DQEBBQUAMEUxCzAJBgNV"
-            + "BAYTAlVTMRYwFAYDVQQKEw1HZW9UcnVzdCBJbmMuMR4wHAYDVQQDExVHZW9U"
-            + "cnVzdCBDQSBmb3IgQWRvYmUXDTA2MDQwNDE3NDAxMFoXDTA2MDQwNTE3NDAx"
-            + "MFowggIYMBMCAgC5Fw0wNTEwMTEyMDM2MzJaMBICAVsXDTA0MTEwNDE1MDk0"
-            + "MVowEwICALgXDTA1MTIxMjIyMzgzOFowEgIBWhcNMDQxMTA0MTUwOTMzWjAT"
-            + "AgIA5hcNMDUwODI3MDQwOTM4WjATAgIAtxcNMDYwMTE2MTc1NTEzWjATAgIA"
-            + "hhcNMDUxMjEyMjIzODU1WjATAgIAtRcNMDUwNzA2MTgzODQwWjATAgIA4BcN"
-            + "MDYwMzIwMDc0ODM0WjATAgIAgRcNMDUwODAyMjIzMTE1WjATAgIA3xcNMDUx"
-            + "MjEyMjIzNjUwWjASAgFKFw0wNDExMDQxNTA5MTZaMBICAUQXDTA0MTEwNDE1"
-            + "MDg1M1owEgIBQxcNMDQxMDAzMDEwMDQwWjASAgFsFw0wNDEyMDYxOTQ0MzFa"
-            + "MBMCAgEoFw0wNjAzMDkxMjA3MTJaMBMCAgEkFw0wNjAxMTYxNzU1MzRaMBIC"
-            + "AWcXDTA1MDMxODE3NTYxNFowEwICAVEXDTA2MDEzMTExMjcxMVowEgIBZBcN"
-            + "MDQxMTExMjI0ODQxWjATAgIA8RcNMDUwOTE2MTg0ODAxWjATAgIBThcNMDYw"
-            + "MjIxMjAxMDM2WjATAgIAwRcNMDUxMjEyMjIzODE2WjASAgFiFw0wNTAxMTAx"
-            + "NjE5MzRaMBICAWAXDTA1MDExMDE5MDAwNFowEwICAL4XDTA1MDUxNzE0NTYx"
-            + "MFowDQYJKoZIhvcNAQEFBQADggEBAEKhRMS3wVho1U3EvEQJZC8+JlUngmZQ"
-            + "A78KQbHPWNZWFlNvPuf/b0s7Lu16GfNHXh1QAW6Y5Hi1YtYZ3YOPyMd4Xugt"
-            + "gCdumbB6xtKsDyN5RvTht6ByXj+CYlYqsL7RX0izJZ6mJn4fjMkqzPKNOjb8"
-            + "kSn5T6rn93BjlATtCE8tPVOM8dnqGccRE0OV59+nDBXc90UMt5LdEbwaUOap"
-            + "snVB0oLcNm8d/HnlVH6RY5LnDjrT4vwfe/FApZtTecEWsllVUXDjSpwfcfD/"
-            + "476/lpGySB2otALqzImlA9R8Ok3hJ8dnF6hhQ5Oe6OJMnGYgdhkKbxsKkdib"
-            + "tTVl3qmH5QAwggLFMIIBrQIBATANBgkqhkiG9w0BAQUFADBpMQswCQYDVQQG"
-            + "EwJVUzEjMCEGA1UEChMaQWRvYmUgU3lzdGVtcyBJbmNvcnBvcmF0ZWQxHTAb"
-            + "BgNVBAsTFEFkb2JlIFRydXN0IFNlcnZpY2VzMRYwFAYDVQQDEw1BZG9iZSBS"
-            + "b290IENBFw0wNjAxMjcxODMzMzFaFw0wNzAxMjcwMDAwMDBaMIHeMCMCBD4c"
-            + "vUAXDTAzMDEyMTIzNDY1NlowDDAKBgNVHRUEAwoBBDAjAgQ+HL1BFw0wMzAx"
-            + "MjEyMzQ3MjJaMAwwCgYDVR0VBAMKAQQwIwIEPhy9YhcNMDMwMTIxMjM0NzQy"
-            + "WjAMMAoGA1UdFQQDCgEEMCMCBD4cvWEXDTA0MDExNzAxMDg0OFowDDAKBgNV"
-            + "HRUEAwoBBDAjAgQ+HL2qFw0wNDAxMTcwMTA5MDVaMAwwCgYDVR0VBAMKAQQw"
-            + "IwIEPhy9qBcNMDQwMTE3MDEzOTI5WjAMMAoGA1UdFQQDCgEEoC8wLTAKBgNV"
-            + "HRQEAwIBDzAfBgNVHSMEGDAWgBSCtzhKk6qbEO+Au9lU4vEP+4Cc3jANBgkq"
-            + "hkiG9w0BAQUFAAOCAQEAwtXF9042wG39icUlsotn5tpE3oCusLb/hBpEONhx"
-            + "OdfEQOq0w5hf/vqaxkcf71etA+KpbEUeSVaHMHRPhx/CmPrO9odE139dJdbt"
-            + "9iqbrC9iZokFK3h/es5kg73xujLKd7C/u5ngJ4mwBtvhMLjFjF2vJhPKHL4C"
-            + "IgMwdaUAhrcNzy16v+mw/VGJy3Fvc6oCESW1K9tvFW58qZSNXrMlsuidgunM"
-            + "hPKG+z0SXVyCqL7pnqKiaGddcgujYGOSY4S938oVcfZeZQEODtSYGlzldojX"
-            + "C1U1hCK5+tHAH0Ox/WqRBIol5VCZQwJftf44oG8oviYq52aaqSejXwmfT6zb"
-            + "76GCBXUwggVxMIIFbQoBAKCCBWYwggViBgkrBgEFBQcwAQEEggVTMIIFTzCB"
-            + "taIWBBS+8EpykfXdl4h3z7m/NZfdkAQQERgPMjAwNjA0MDQyMDIwMTVaMGUw"
-            + "YzA7MAkGBSsOAwIaBQAEFEb4BuZYkbjBjOjT6VeA/00fBvQaBBT3fTSQniOp"
-            + "BbHBSkz4xridlX0bsAICAYOAABgPMjAwNjA0MDQyMDIwMTVaoBEYDzIwMDYw"
-            + "NDA1MDgyMDE1WqEjMCEwHwYJKwYBBQUHMAECBBIEEFqooq/R2WltD7TposkT"
-            + "BhMwDQYJKoZIhvcNAQEFBQADgYEAMig6lty4b0JDsT/oanfQG5x6jVKPACpp"
-            + "1UA9SJ0apJJa7LeIdDFmu5C2S/CYiKZm4A4P9cAu0YzgLHxE4r6Op+HfVlAG"
-            + "6bzUe1P/hi1KCJ8r8wxOZAktQFPSzs85RAZwkHMfB0lP2e/h666Oye+Zf8VH"
-            + "RaE+/xZ7aswE89HXoumgggQAMIID/DCCA/gwggLgoAMCAQICAXUwDQYJKoZI"
-            + "hvcNAQEFBQAwRTELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IElu"
-            + "Yy4xHjAcBgNVBAMTFUdlb1RydXN0IENBIGZvciBBZG9iZTAeFw0wNDEyMDIy"
-            + "MTI1MzlaFw0wNjEyMzAyMTI1MzlaMEwxCzAJBgNVBAYTAlVTMRUwEwYDVQQK"
-            + "EwxHZW9UcnVzdCBJbmMxJjAkBgNVBAMTHUdlb1RydXN0IEFkb2JlIE9DU1Ag"
-            + "UmVzcG9uZGVyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDiCc1iG3Dt"
-            + "TpB5Vdk4OcaEcyP46BnQMHf3esSTprar2SrXb0gDZ7TfIoFN8l9BH1pYpzZC"
-            + "P3R2xKo+O9MMcUZCxqCbYVC6GcDd9vVRaE/N4Qh2bpvEOydDydaoqrGdZnMQ"
-            + "tlt2ncj1sEuLMiqhtmi/O3rQs0yCGf+6e++6Gl5VKwIDAQABo4IBbjCCAWow"
-            + "DgYDVR0PAQH/BAQDAgTwMIHlBgNVHSABAf8EgdowgdcwgdQGCSqGSIb3LwEC"
-            + "ATCBxjCBkAYIKwYBBQUHAgIwgYMagYBUaGlzIGNlcnRpZmljYXRlIGhhcyBi"
-            + "ZWVuIGlzc3VlZCBpbiBhY2NvcmRhbmNlIHdpdGggdGhlIEFjcm9iYXQgQ3Jl"
-            + "ZGVudGlhbHMgQ1BTIGxvY2F0ZWQgYXQgaHR0cDovL3d3dy5nZW90cnVzdC5j"
-            + "b20vcmVzb3VyY2VzL2NwczAxBggrBgEFBQcCARYlaHR0cDovL3d3dy5nZW90"
-            + "cnVzdC5jb20vcmVzb3VyY2VzL2NwczATBgNVHSUEDDAKBggrBgEFBQcDCTA6"
-            + "BgNVHR8EMzAxMC+gLaArhilodHRwOi8vY3JsLmdlb3RydXN0LmNvbS9jcmxz"
-            + "L2Fkb2JlY2ExLmNybDAfBgNVHSMEGDAWgBSrgFnDZYNtHX0TvRnD7BqPDUdq"
-            + "ozANBgkqhkiG9w0BAQUFAAOCAQEAQ0l/UEPs9fmK+5prC33SrU4bNekhAv8K"
-            + "XMR4VWY4jGo9zURMVGr3Zi7Eblvr5H6T60aSYLA8txjyKmDplxsn8CKtCGiH"
-            + "OOUW5PpgBexN8SMKoRl9YzaxLtysrYRjEIyYoTfEN89yVi2sCjPupm/F9CPR"
-            + "O7EdKy0dm/f3C7ZmIbUFaIRzINDJOCpM5cGhmZ8m2yG4BxeZOmCSthKtLfvM"
-            + "2U9MaH6kxhDTJYNzw5BElHg5jlld92drTWaO0lM6aPr/pc+gs9hOraBCtzYE"
-            + "J40nhsSEtvuwVUE9vA+unNMT8dFtAcOvOPRiKYPF45RX9Rdy2C9jAc20SRwE"
-            + "uw6b+7K0xjANBgkqhkiG9w0BAQEFAASCAQC7a4yICFGCEMPlJbydK5qLG3rV"
-            + "sip7Ojjz9TB4nLhC2DgsIHds8jjdq2zguInluH2nLaBCVS+qxDVlTjgbI2cB"
-            + "TaWS8nglC7nNjzkKAsa8vThA8FZUVXTW0pb74jNJJU2AA27bb4g+4WgunCrj"
-            + "fpYp+QjDyMmdrJVqRmt5eQN+dpVxMS9oq+NrhOSEhyIb4/rejgNg9wnVK1ms"
-            + "l5PxQ4x7kpm7+Ua41//owkJVWykRo4T1jo4eHEz1DolPykAaKie2VKH/sMqR"
-            + "Spjh4E5biKJLOV9fKivZWKAXByXfwUbbMsJvz4v/2yVHFy9xP+tqB5ZbRoDK"
-            + "k8PzUyCprozn+/22oYIPijCCD4YGCyqGSIb3DQEJEAIOMYIPdTCCD3EGCSqG"
-            + "SIb3DQEHAqCCD2Iwgg9eAgEDMQswCQYFKw4DAhoFADCB+gYLKoZIhvcNAQkQ"
-            + "AQSggeoEgecwgeQCAQEGAikCMCEwCQYFKw4DAhoFAAQUoT97qeCv3FXYaEcS"
-            + "gY8patCaCA8CAiMHGA8yMDA2MDQwNDIwMjA1N1owAwIBPAEB/wIIO0yRre3L"
-            + "8/6ggZCkgY0wgYoxCzAJBgNVBAYTAlVTMRYwFAYDVQQIEw1NYXNzYWNodXNl"
-            + "dHRzMRAwDgYDVQQHEwdOZWVkaGFtMRUwEwYDVQQKEwxHZW9UcnVzdCBJbmMx"
-            + "EzARBgNVBAsTClByb2R1Y3Rpb24xJTAjBgNVBAMTHGFkb2JlLXRpbWVzdGFt"
-            + "cC5nZW90cnVzdC5jb22gggzJMIIDUTCCAjmgAwIBAgICAI8wDQYJKoZIhvcN"
-            + "AQEFBQAwRTELMAkGA1UEBhMCVVMxFjAUBgNVBAoTDUdlb1RydXN0IEluYy4x"
-            + "HjAcBgNVBAMTFUdlb1RydXN0IENBIGZvciBBZG9iZTAeFw0wNTAxMTAwMTI5"
-            + "MTBaFw0xNTAxMTUwODAwMDBaMIGKMQswCQYDVQQGEwJVUzEWMBQGA1UECBMN"
-            + "TWFzc2FjaHVzZXR0czEQMA4GA1UEBxMHTmVlZGhhbTEVMBMGA1UEChMMR2Vv"
-            + "VHJ1c3QgSW5jMRMwEQYDVQQLEwpQcm9kdWN0aW9uMSUwIwYDVQQDExxhZG9i"
-            + "ZS10aW1lc3RhbXAuZ2VvdHJ1c3QuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GN"
-            + "ADCBiQKBgQDRbxJotLFPWQuuEDhKtOMaBUJepGxIvWxeahMbq1DVmqnk88+j"
-            + "w/5lfPICPzQZ1oHrcTLSAFM7Mrz3pyyQKQKMqUyiemzuG/77ESUNfBNSUfAF"
-            + "PdtHuDMU8Is8ABVnFk63L+wdlvvDIlKkE08+VTKCRdjmuBVltMpQ6QcLFQzm"
-            + "AQIDAQABo4GIMIGFMDoGA1UdHwQzMDEwL6AtoCuGKWh0dHA6Ly9jcmwuZ2Vv"
-            + "dHJ1c3QuY29tL2NybHMvYWRvYmVjYTEuY3JsMB8GA1UdIwQYMBaAFKuAWcNl"
-            + "g20dfRO9GcPsGo8NR2qjMA4GA1UdDwEB/wQEAwIGwDAWBgNVHSUBAf8EDDAK"
-            + "BggrBgEFBQcDCDANBgkqhkiG9w0BAQUFAAOCAQEAmnyXjdtX+F79Nf0KggTd"
-            + "6YC2MQD9s09IeXTd8TP3rBmizfM+7f3icggeCGakNfPRmIUMLoa0VM5Kt37T"
-            + "2X0TqzBWusfbKx7HnX4v1t/G8NJJlT4SShSHv+8bjjU4lUoCmW2oEcC5vXwP"
-            + "R5JfjCyois16npgcO05ZBT+LLDXyeBijE6qWmwLDfEpLyILzVRmyU4IE7jvm"
-            + "rgb3GXwDUvd3yQXGRRHbPCh3nj9hBGbuzyt7GnlqnEie3wzIyMG2ET/wvTX5"
-            + "4BFXKNe7lDLvZj/MXvd3V7gMTSVW0kAszKao56LfrVTgp1VX3UBQYwmQqaoA"
-            + "UwFezih+jEvjW6cYJo/ErDCCBKEwggOJoAMCAQICBD4cvSgwDQYJKoZIhvcN"
-            + "AQEFBQAwaTELMAkGA1UEBhMCVVMxIzAhBgNVBAoTGkFkb2JlIFN5c3RlbXMg"
-            + "SW5jb3Jwb3JhdGVkMR0wGwYDVQQLExRBZG9iZSBUcnVzdCBTZXJ2aWNlczEW"
-            + "MBQGA1UEAxMNQWRvYmUgUm9vdCBDQTAeFw0wMzAxMDgyMzM3MjNaFw0yMzAx"
-            + "MDkwMDA3MjNaMGkxCzAJBgNVBAYTAlVTMSMwIQYDVQQKExpBZG9iZSBTeXN0"
-            + "ZW1zIEluY29ycG9yYXRlZDEdMBsGA1UECxMUQWRvYmUgVHJ1c3QgU2Vydmlj"
-            + "ZXMxFjAUBgNVBAMTDUFkb2JlIFJvb3QgQ0EwggEiMA0GCSqGSIb3DQEBAQUA"
-            + "A4IBDwAwggEKAoIBAQDMT1SE96ei5zNTfz+cEohrLJlHZ34PHrmtFIj5wxDY"
-            + "HfDw1Z9pCi9ZNbDMbKlMnBWgn84gv6DPVOLgIGZFPzmGOH6cxI4HIsYk9gES"
-            + "sDXfVeppkLDbhTce4k4HskKhahNpoGbqgJERWSqbCHlaIEQtyb1zOIs8L+BD"
-            + "G12zC/CvNRop/u+mkt2BTJ09WY6tMTxAfpuRNgb84lyN0Y0m1VxFz69lP7Gq"
-            + "0mKW9Kg46rpgQvT0HEo1Fc74TiJWD5UYxfiWn5/7sLd4JemAa73WCvDGdJSd"
-            + "8w9Q25p3zktwgyONoMp4IERcPFRk8eqiMBmf6kwGTQZ4S16S3yLSyWezetIB"
-            + "AgMBAAGjggFPMIIBSzARBglghkgBhvhCAQEEBAMCAAcwgY4GA1UdHwSBhjCB"
-            + "gzCBgKB+oHykejB4MQswCQYDVQQGEwJVUzEjMCEGA1UEChMaQWRvYmUgU3lz"
-            + "dGVtcyBJbmNvcnBvcmF0ZWQxHTAbBgNVBAsTFEFkb2JlIFRydXN0IFNlcnZp"
-            + "Y2VzMRYwFAYDVQQDEw1BZG9iZSBSb290IENBMQ0wCwYDVQQDEwRDUkwxMCsG"
-            + "A1UdEAQkMCKADzIwMDMwMTA4MjMzNzIzWoEPMjAyMzAxMDkwMDA3MjNaMAsG"
-            + "A1UdDwQEAwIBBjAfBgNVHSMEGDAWgBSCtzhKk6qbEO+Au9lU4vEP+4Cc3jAd"
-            + "BgNVHQ4EFgQUgrc4SpOqmxDvgLvZVOLxD/uAnN4wDAYDVR0TBAUwAwEB/zAd"
-            + "BgkqhkiG9n0HQQAEEDAOGwhWNi4wOjQuMAMCBJAwDQYJKoZIhvcNAQEFBQAD"
-            + "ggEBADLan0N1wfpvyW/bqx02Nz68YRk2twI8HSNZmGye7k2F51TIIB+n1Lvi"
-            + "vwB3fSRrcC9cwTp2SbXT4COEKnFqIvPBJymYFfY1kOQETMONvJ9hHOf9JIzR"
-            + "REOMFrqbTaXUNS+8Ec6991E3jZ+Q5BTxGD++6VkSNfkzkvOe4NVrmnGbmUvI"
-            + "ccPhsWEJxOX6kfBCOjd9NPly6M2qYhwh6dX0ghDjewW2LWhWC35+kixvTXKC"
-            + "DO1WdLKduastKx0QX9sndXCP/R3X4gKgeeUc5f+vZEBRLZ6bR9tCpXwfwqZI"
-            + "sNe+kmlNpPYpV8V4ERjch1HKE7JinU8rMr0xpcH6UqsFiMgwggTLMIIDs6AD"
-            + "AgECAgQ+HL21MA0GCSqGSIb3DQEBBQUAMGkxCzAJBgNVBAYTAlVTMSMwIQYD"
-            + "VQQKExpBZG9iZSBTeXN0ZW1zIEluY29ycG9yYXRlZDEdMBsGA1UECxMUQWRv"
-            + "YmUgVHJ1c3QgU2VydmljZXMxFjAUBgNVBAMTDUFkb2JlIFJvb3QgQ0EwHhcN"
-            + "MDQwMTE3MDAwMzM5WhcNMTUwMTE1MDgwMDAwWjBFMQswCQYDVQQGEwJVUzEW"
-            + "MBQGA1UEChMNR2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgQ0Eg"
-            + "Zm9yIEFkb2JlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+V3"
-            + "4GR4Wuc5hbyv0vVbKBMOVN1J+s5i9ZL9nph7n+X4esFs4epAJcFxJ4KnPuQH"
-            + "ZZ0oyHUU4Th70mWYgKwd6sEt1aR6ZT788Nvr3OHwTRwugN/G6QXqhU9ePpZJ"
-            + "OF1Ibsf1pcXNGvpLdcYK6+CX5DANMuIthb440XoNfC3dNBC0pF4mM4lmTjpl"
-            + "nQG8xK0rIFp4HoMpmyaIijz2qyjXdUNkg0fbDUq9eDTKAOLOg21u+AA8XKbC"
-            + "ewg1LWSV9CVy+fTHREmb1thBcrfkY1kCAvczsuquV3SMx8hRpa+4cIvKK/K1"
-            + "G7OrV0nsTyuaJ2MMST8b7bul/Xd81nu9Hsz4iQIDAQABo4IBnTCCAZkwEgYD"
-            + "VR0TAQH/BAgwBgEB/wIBATBQBgNVHSAESTBHMEUGCSqGSIb3LwECATA4MDYG"
-            + "CCsGAQUFBwIBFipodHRwczovL3d3dy5hZG9iZS5jb20vbWlzYy9wa2kvY2Rz"
-            + "X2NwLmh0bWwwFAYDVR0lBA0wCwYJKoZIhvcvAQEFMIGyBgNVHR8Egaowgacw"
-            + "IqAgoB6GHGh0dHA6Ly9jcmwuYWRvYmUuY29tL2Nkcy5jcmwwgYCgfqB8pHow"
-            + "eDELMAkGA1UEBhMCVVMxIzAhBgNVBAoTGkFkb2JlIFN5c3RlbXMgSW5jb3Jw"
-            + "b3JhdGVkMR0wGwYDVQQLExRBZG9iZSBUcnVzdCBTZXJ2aWNlczEWMBQGA1UE"
-            + "AxMNQWRvYmUgUm9vdCBDQTENMAsGA1UEAxMEQ1JMMTALBgNVHQ8EBAMCAQYw"
-            + "HwYDVR0jBBgwFoAUgrc4SpOqmxDvgLvZVOLxD/uAnN4wHQYDVR0OBBYEFKuA"
-            + "WcNlg20dfRO9GcPsGo8NR2qjMBkGCSqGSIb2fQdBAAQMMAobBFY2LjADAgSQ"
-            + "MA0GCSqGSIb3DQEBBQUAA4IBAQA/OVkuogCOsV4RYSzS4Lb1jImGRc4T2Z/d"
-            + "hJoUawhMX4aXWPSlqNOPIfhHflCvd+Whbarcd83NN5n3QmevUOFUREPrMQyA"
-            + "mkK0mpW6TSyLG5ckeCFL8qJwp/hhckk/H16m4hEXWyIFGfOecX3Sy+Y4kxcC"
-            + "lzSMadifedB+TiRpKFKcNphp5hEMkpyyJaGXpLnN/BLsaDyEN7JySExAopae"
-            + "UbUJCvCVIWKwoJ26ih3BG1aB+3yTHXeLIorextqWbq+dVz7me59Li8j5PAxe"
-            + "hXrc2phpKuhp8FaTScvnfMZc8TL4Dr1CHMRWIkqfZaCq3mC376Mww0iZtE5s"
-            + "iqB+AXVWMYIBgDCCAXwCAQEwSzBFMQswCQYDVQQGEwJVUzEWMBQGA1UEChMN"
-            + "R2VvVHJ1c3QgSW5jLjEeMBwGA1UEAxMVR2VvVHJ1c3QgQ0EgZm9yIEFkb2Jl"
-            + "AgIAjzAJBgUrDgMCGgUAoIGMMBoGCSqGSIb3DQEJAzENBgsqhkiG9w0BCRAB"
-            + "BDAcBgkqhkiG9w0BCQUxDxcNMDYwNDA0MjAyMDU3WjAjBgkqhkiG9w0BCQQx"
-            + "FgQUp7AnXBqoNcarvO7fMJut1og2U5AwKwYLKoZIhvcNAQkQAgwxHDAaMBgw"
-            + "FgQU1dH4eZTNhgxdiSABrat6zsPdth0wDQYJKoZIhvcNAQEBBQAEgYCinr/F"
-            + "rMiQz/MRm9ZD5YGcC0Qo2dRTPd0Aop8mZ4g1xAhKFLnp7lLsjCbkSDpVLDBh"
-            + "cnCk7CV+3FT5hlvt8OqZlR0CnkSnCswLFhrppiWle6cpxlwGqyAteC8uKtQu"
-            + "wjE5GtBKLcCOAzQYyyuNZZeB6oCZ+3mPhZ62FxrvvEGJCgAAAAAAAAAAAAAA"
-            + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
-            + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
-            + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
-            + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
-            + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
-            + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
-            + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
-            + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA"
-            + "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA==");
-
-    private final byte[] emptyDNCert = Base64.decode(
-        "MIICfTCCAeagAwIBAgIBajANBgkqhkiG9w0BAQQFADB8MQswCQYDVQQGEwJVUzEMMAoGA1UEChMD"
-            + "Q0RXMQkwBwYDVQQLEwAxCTAHBgNVBAcTADEJMAcGA1UECBMAMRowGAYDVQQDExFUZW1wbGFyIFRl"
-            + "c3QgMTAyNDEiMCAGCSqGSIb3DQEJARYTdGVtcGxhcnRlc3RAY2R3LmNvbTAeFw0wNjA1MjIwNTAw"
-            + "MDBaFw0xMDA1MjIwNTAwMDBaMHwxCzAJBgNVBAYTAlVTMQwwCgYDVQQKEwNDRFcxCTAHBgNVBAsT"
-            + "ADEJMAcGA1UEBxMAMQkwBwYDVQQIEwAxGjAYBgNVBAMTEVRlbXBsYXIgVGVzdCAxMDI0MSIwIAYJ"
-            + "KoZIhvcNAQkBFhN0ZW1wbGFydGVzdEBjZHcuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKB"
-            + "gQDH3aJpJBfM+A3d84j5YcU6zEQaQ76u5xO9NSBmHjZykKS2kCcUqPpvVOPDA5WgV22dtKPh+lYV"
-            + "iUp7wyCVwAKibq8HIbihHceFqMKzjwC639rMoDJ7bi/yzQWz1Zg+075a4FGPlUKn7Yfu89wKkjdW"
-            + "wDpRPXc/agqBnrx5pJTXzQIDAQABow8wDTALBgNVHQ8EBAMCALEwDQYJKoZIhvcNAQEEBQADgYEA"
-            + "RRsRsjse3i2/KClFVd6YLZ+7K1BE0WxFyY2bbytkwQJSxvv3vLSuweFUbhNxutb68wl/yW4GLy4b"
-            + "1QdyswNxrNDXTuu5ILKhRDDuWeocz83aG2KGtr3JlFyr3biWGEyn5WUOE6tbONoQDJ0oPYgI6CAc"
-            + "EHdUp0lioOCt6UOw7Cs=");
-
-    private final byte[] gostRFC4491_94 = Base64.decode(
-        "MIICCzCCAboCECMO42BGlSTOxwvklBgufuswCAYGKoUDAgIEMGkxHTAbBgNVBAMM" +
-            "FEdvc3RSMzQxMC05NCBleGFtcGxlMRIwEAYDVQQKDAlDcnlwdG9Qcm8xCzAJBgNV" +
-            "BAYTAlJVMScwJQYJKoZIhvcNAQkBFhhHb3N0UjM0MTAtOTRAZXhhbXBsZS5jb20w" +
-            "HhcNMDUwODE2MTIzMjUwWhcNMTUwODE2MTIzMjUwWjBpMR0wGwYDVQQDDBRHb3N0" +
-            "UjM0MTAtOTQgZXhhbXBsZTESMBAGA1UECgwJQ3J5cHRvUHJvMQswCQYDVQQGEwJS" +
-            "VTEnMCUGCSqGSIb3DQEJARYYR29zdFIzNDEwLTk0QGV4YW1wbGUuY29tMIGlMBwG" +
-            "BiqFAwICFDASBgcqhQMCAiACBgcqhQMCAh4BA4GEAASBgLuEZuF5nls02CyAfxOo" +
-            "GWZxV/6MVCUhR28wCyd3RpjG+0dVvrey85NsObVCNyaE4g0QiiQOHwxCTSs7ESuo" +
-            "v2Y5MlyUi8Go/htjEvYJJYfMdRv05YmKCYJo01x3pg+2kBATjeM+fJyR1qwNCCw+" +
-            "eMG1wra3Gqgqi0WBkzIydvp7MAgGBiqFAwICBANBABHHCH4S3ALxAiMpR3aPRyqB" +
-            "g1DjB8zy5DEjiULIc+HeIveF81W9lOxGkZxnrFjXBSqnjLeFKgF1hffXOAP7zUM=");
-
-    private final byte[] gostRFC4491_2001 = Base64.decode(
-        "MIIB0DCCAX8CECv1xh7CEb0Xx9zUYma0LiEwCAYGKoUDAgIDMG0xHzAdBgNVBAMM" +
-            "Fkdvc3RSMzQxMC0yMDAxIGV4YW1wbGUxEjAQBgNVBAoMCUNyeXB0b1BybzELMAkG" +
-            "A1UEBhMCUlUxKTAnBgkqhkiG9w0BCQEWGkdvc3RSMzQxMC0yMDAxQGV4YW1wbGUu" +
-            "Y29tMB4XDTA1MDgxNjE0MTgyMFoXDTE1MDgxNjE0MTgyMFowbTEfMB0GA1UEAwwW" +
-            "R29zdFIzNDEwLTIwMDEgZXhhbXBsZTESMBAGA1UECgwJQ3J5cHRvUHJvMQswCQYD" +
-            "VQQGEwJSVTEpMCcGCSqGSIb3DQEJARYaR29zdFIzNDEwLTIwMDFAZXhhbXBsZS5j" +
-            "b20wYzAcBgYqhQMCAhMwEgYHKoUDAgIkAAYHKoUDAgIeAQNDAARAhJVodWACGkB1" +
-            "CM0TjDGJLP3lBQN6Q1z0bSsP508yfleP68wWuZWIA9CafIWuD+SN6qa7flbHy7Df" +
-            "D2a8yuoaYDAIBgYqhQMCAgMDQQA8L8kJRLcnqeyn1en7U23Sw6pkfEQu3u0xFkVP" +
-            "vFQ/3cHeF26NG+xxtZPz3TaTVXdoiYkXYiD02rEx1bUcM97i");
-
-    private final byte[] uaczo1 = Base64.decode(
-        "MIIFWzCCBNegAwIBAgIUMAR1He8seK4BAAAAAQAAAAEAAAAwDQYLKoYkAgEBAQED" +
-            "AQEwgfoxPzA9BgNVBAoMNtCc0ZbQvdGW0YHRgtC10YDRgdGC0LLQviDRjtGB0YLQ" +
-            "uNGG0ZbRlyDQo9C60YDQsNGX0L3QuDExMC8GA1UECwwo0JDQtNC80ZbQvdGW0YHR" +
-            "gtGA0LDRgtC+0YAg0IbQotChINCm0JfQnjFJMEcGA1UEAwxA0KbQtdC90YLRgNCw" +
-            "0LvRjNC90LjQuSDQt9Cw0YHQstGW0LTRh9GD0LLQsNC70YzQvdC40Lkg0L7RgNCz" +
-            "0LDQvTEZMBcGA1UEBQwQVUEtMDAwMTU2MjItMjAxMjELMAkGA1UEBhMCVUExETAP" +
-            "BgNVBAcMCNCa0LjRl9CyMB4XDTEyMDkyODE5NTMwMFoXDTIyMDkyODE5NTMwMFow" +
-            "gfoxPzA9BgNVBAoMNtCc0ZbQvdGW0YHRgtC10YDRgdGC0LLQviDRjtGB0YLQuNGG" +
-            "0ZbRlyDQo9C60YDQsNGX0L3QuDExMC8GA1UECwwo0JDQtNC80ZbQvdGW0YHRgtGA" +
-            "0LDRgtC+0YAg0IbQotChINCm0JfQnjFJMEcGA1UEAwxA0KbQtdC90YLRgNCw0LvR" +
-            "jNC90LjQuSDQt9Cw0YHQstGW0LTRh9GD0LLQsNC70YzQvdC40Lkg0L7RgNCz0LDQ" +
-            "vTEZMBcGA1UEBQwQVUEtMDAwMTU2MjItMjAxMjELMAkGA1UEBhMCVUExETAPBgNV" +
-            "BAcMCNCa0LjRl9CyMIIBUTCCARIGCyqGJAIBAQEBAwEBMIIBATCBvDAPAgIBrzAJ" +
-            "AgEBAgEDAgEFAgEBBDbzykDGaaTaFzFJyhLDLa4Ya1Osa8Y2WZferq6K0tiI+b/V" +
-            "NAFpTvnEJz2M/m3Cj3BqD0kQzgMCNj//////////////////////////////////" +
-            "/7oxdUWACajApyTwL4Gqih/Lr4DZDHqVEQUEzwQ2fIV8lMVDO/2ZHhfCJoQGWFCp" +
-            "oknte8JJrlpOh4aJ+HLvetUkCC7DA46a7ee6a6Ezgdl5umIaBECp1utF8TxwgoDE" +
-            "lnsjH16t9ljrpMA3KR042WvwJcpOF/jpcg3GFbQ6KJdfC8Heo2Q4tWTqLBef0BI+" +
-            "bbj6xXkEAzkABDa2G/m9S2LKqyw5UPXFHV+oDXB+AHtSW3BnZ9zlzRuvbido2tDG" +
-            "qE/CL5kFHZE0NfTrHrGa1USjggE6MIIBNjApBgNVHQ4EIgQgMAR1He8seK4VC6vv" +
-            "vv8Nq9v4LOVonutO0xCl+xM4+wowKwYDVR0jBCQwIoAgMAR1He8seK4VC6vvvv8N" +
-            "q9v4LOVonutO0xCl+xM4+wowDgYDVR0PAQH/BAQDAgEGMBkGA1UdIAEB/wQPMA0w" +
-            "CwYJKoYkAgEBAQICMBIGA1UdEwEB/wQIMAYBAf8CAQIwHgYIKwYBBQUHAQMBAf8E" +
-            "DzANMAsGCSqGJAIBAQECATA9BgNVHR8ENjA0MDKgMKAuhixodHRwOi8vY3pvLmdv" +
-            "di51YS9kb3dubG9hZC9jcmxzL0NaTy1GdWxsLmNybDA+BgNVHS4ENzA1MDOgMaAv" +
-            "hi1odHRwOi8vY3pvLmdvdi51YS9kb3dubG9hZC9jcmxzL0NaTy1EZWx0YS5jcmww" +
-            "DQYLKoYkAgEBAQEDAQEDbwAEbPF4bx7drDxzzYABhB33Y0MQ+/N5FuPl7faVx/es" +
-            "V5n5DXg5TzZovzZeICB5JHPLcbdeCq6aGwvXsgybt34zqf7LKmfq0rFNYfXJVWFH" +
-            "4Tg5sPA+fCQ+T0O35VN873BLgTGz7bnHH9o8bnjwMA==");
-
-    private final byte[] uaczo2 = Base64.decode(
-        "MIIEvTCCBDmgAwIBAgIDAYhwMA0GCyqGJAIBAQEBAwEBMIIBHjELMAkGA1UEBhMC" +
-            "VUExKDAmBgNVBAgMH9Ca0LjRl9Cy0YHRjNC60LAg0L7QsdC70LDRgdGC0YwxETAP" +
-            "BgNVBAcMCNCa0LjRl9CyMUkwRwYDVQQKDEDQptC10L3RgtGA0LDQu9GM0L3QuNC5" +
-            "INC30LDRgdCy0ZbQtNGH0YPQstCw0LvRjNC90LjQuSDQvtGA0LPQsNC9MTUwMwYD" +
-            "VQQLDCzQotC10YXQvdC+0LvQvtCz0ZbRh9C90LjQuSDRhtC10L3RgtGAINCm0JfQ" +
-            "njE1MDMGA1UEAwws0KPQutGA0LDRl9C90LAsINCm0JfQniAvIFVrcmFpbmUsIENl" +
-            "bnRyYWwgQ0ExGTAXBgNVBAUTEFVBLTM3MjAwMzAzLTIwMTAwHhcNMDYxMjI1MDc0" +
-            "MDU4WhcNMTExMjI0MDc0MDU4WjCCAR4xCzAJBgNVBAYTAlVBMSgwJgYDVQQIDB/Q" +
-            "mtC40ZfQstGB0YzQutCwINC+0LHQu9Cw0YHRgtGMMREwDwYDVQQHDAjQmtC40ZfQ" +
-            "sjFJMEcGA1UECgxA0KbQtdC90YLRgNCw0LvRjNC90LjQuSDQt9Cw0YHQstGW0LTR" +
-            "h9GD0LLQsNC70YzQvdC40Lkg0L7RgNCz0LDQvTE1MDMGA1UECwws0KLQtdGF0L3Q" +
-            "vtC70L7Qs9GW0YfQvdC40Lkg0YbQtdC90YLRgCDQptCX0J4xNTAzBgNVBAMMLNCj" +
-            "0LrRgNCw0ZfQvdCwLCDQptCX0J4gLyBVa3JhaW5lLCBDZW50cmFsIENBMRkwFwYD" +
-            "VQQFExBVQS0zNzIwMDMwMy0yMDEwMIGdMGAGCyqGJAIBAQEBAwEBMFEGDSqGJAIB" +
-            "AQEBAwEBAgkEQKnW60XxPHCCgMSWeyMfXq32WOukwDcpHTjZa/Alyk4X+OlyDcYV" +
-            "tDool18Lwd6jZDi1ZOosF5/QEj5tuPrFeQQDOQAENlMfji/H5gxxL5TKtLMFv2X3" +
-            "0EJrj3orwGV0zEz+EgSChr+I8bsOrnfkr5UwMQIjGJOg1G/nYKOCARgwggEUMA8G" +
-            "A1UdEwEB/wQFMAMBAf8weQYDVR0gAQH/BG8wbTBeBgkqhiQCAQEBAgEwUTBPBggr" +
-            "BgEFBQcCARZDaHR0cDovL2N6by5nb3YudWEvY29udGVudC9ub3JtYXRpdmVfZG9j" +
-            "dW1lbnQvZ2VuZXJhbF9kb2MvcmVnQ1pPLnppcDALBgkqhiQCAQEBAgIwHgYIKwYB" +
-            "BQUHAQMBAf8EDzANMAsGCSqGJAIBAQECATAOBgNVHQ8BAf8EBAMCAcYwKQYDVR0O" +
-            "BCIEIPqbNt55OgWdLCn8hfuY9HJE3d3+DTTBlTJBN0nxog+mMCsGA1UdIwQkMCKA" +
-            "IPqbNt55OgWdLCn8hfuY9HJE3d3+DTTBlTJBN0nxog+mMA0GCyqGJAIBAQEBAwEB" +
-            "A28ABGx8QNaWcy0admsBt6iB0Vi+kAargzsQuoc/BThskYdxGNftLvYDPYxkEM2N" +
-            "GQ+9f1RJgCSNVRj3NhWoHhkqcL5R3gxAHie+a+zMqsX0258hGdT3MXkm0Syn/cNo" +
-            "sga4XzzvnVaas9vsPKMrZTQ=");
-
-    private final byte[] uaczo3 = Base64.decode(
-        "MIIEtTCCBDGgAwIBAgIDAYisMA0GCyqGJAIBAQEBAwEBMIIBGjELMAkGA1UEBhMC" +
-            "VUExKDAmBgNVBAgMH9Ca0LjRl9Cy0YHRjNC60LAg0L7QsdC70LDRgdGC0YwxETAP" +
-            "BgNVBAcMCNCa0LjRl9CyMUkwRwYDVQQKDEDQptC10L3RgtGA0LDQu9GM0L3QuNC5" +
-            "INC30LDRgdCy0ZbQtNGH0YPQstCw0LvRjNC90LjQuSDQvtGA0LPQsNC9MTEwLwYD" +
-            "VQQLDCjQkNC00LzRltC90ZbRgdGC0YDQsNGC0L7RgCDQhtCi0KEg0KbQl9CeMTUw" +
-            "MwYDVQQDDCzQo9C60YDQsNGX0L3QsCwg0KbQl9CeIC8gVWtyYWluZSwgQ2VudHJh" +
-            "bCBDQTEZMBcGA1UEBRMQVUEtMDAwMTU2MjItMjAxMTAeFw0wNzEyMjAxMDAwMDBa" +
-            "Fw0xMjEyMTgxMDAwMDBaMIIBGjELMAkGA1UEBhMCVUExKDAmBgNVBAgMH9Ca0LjR" +
-            "l9Cy0YHRjNC60LAg0L7QsdC70LDRgdGC0YwxETAPBgNVBAcMCNCa0LjRl9CyMUkw" +
-            "RwYDVQQKDEDQptC10L3RgtGA0LDQu9GM0L3QuNC5INC30LDRgdCy0ZbQtNGH0YPQ" +
-            "stCw0LvRjNC90LjQuSDQvtGA0LPQsNC9MTEwLwYDVQQLDCjQkNC00LzRltC90ZbR" +
-            "gdGC0YDQsNGC0L7RgCDQhtCi0KEg0KbQl9CeMTUwMwYDVQQDDCzQo9C60YDQsNGX" +
-            "0L3QsCwg0KbQl9CeIC8gVWtyYWluZSwgQ2VudHJhbCBDQTEZMBcGA1UEBRMQVUEt" +
-            "MDAwMTU2MjItMjAxMTCBnTBgBgsqhiQCAQEBAQMBATBRBg0qhiQCAQEBAQMBAQIJ" +
-            "BECp1utF8TxwgoDElnsjH16t9ljrpMA3KR042WvwJcpOF/jpcg3GFbQ6KJdfC8He" +
-            "o2Q4tWTqLBef0BI+bbj6xXkEAzkABDajkfNBomH27xjY1N7wklRvY5E0ZFaU53Fh" +
-            "y4jUY+G4AUhEHHCkTvUja8CUxPqtb9KyfuZELVOjggEYMIIBFDAPBgNVHRMBAf8E" +
-            "BTADAQH/MHkGA1UdIAEB/wRvMG0wXgYJKoYkAgEBAQIBMFEwTwYIKwYBBQUHAgEW" +
-            "Q2h0dHA6Ly9jem8uZ292LnVhL2NvbnRlbnQvbm9ybWF0aXZlX2RvY3VtZW50L2dl" +
-            "bmVyYWxfZG9jL3JlZ0NaTy56aXAwCwYJKoYkAgEBAQICMB4GCCsGAQUFBwEDAQH/" +
-            "BA8wDTALBgkqhiQCAQEBAgEwDgYDVR0PAQH/BAQDAgHGMCkGA1UdDgQiBCC+e+cA" +
-            "bIdAgQkh6q3dUAZjPrNhwDDGrVnLNP6telmoCjArBgNVHSMEJDAigCC+e+cAbIdA" +
-            "gQkh6q3dUAZjPrNhwDDGrVnLNP6telmoCjANBgsqhiQCAQEBAQMBAQNvAARsyq9i" +
-            "ajEgdBh5mPUZefcLY56AIRWqmsJsWuZuUbCa5oQXRH5iCRa4PSvs8v6zHAKKlMgK" +
-            "gaoY6jywqmwiMlylbSgo/A0HKdCFnUUl7S8yjE4054MSSIjb2R0c2pmqmwtU25JB" +
-            "/MkNbe77Uzka");
-
-    private final byte[] uaczo4 = Base64.decode(
-        "MIIEKzCCA6egAwIBAgIBATANBgsqhiQCAQEBAQMBATCBzDFJMEcGA1UECwxA0KbQ" +
-            "tdC90YLRgNCw0LvRjNC90LjQuSDQt9Cw0YHQstGW0LTRh9GD0LLQsNC70YzQvdC4" +
-            "0Lkg0L7RgNCz0LDQvTE1MDMGA1UEAwws0KPQutGA0LDRl9C90LAsINCm0JfQniAv" +
-            "IFVrcmFpbmUsIENlbnRyYWwgQ0ExCzAJBgNVBAYTAlVBMREwDwYDVQQHDAjQmtC4" +
-            "0ZfQsjEoMCYGA1UECAwf0JrQuNGX0LLRgdGM0LrQsCDQvtCx0LvQsNGB0YLRjDAe" +
-            "Fw0wNTEyMjMyMzAxMDFaFw0xMDEyMjMyMzAxMDFaMIHMMUkwRwYDVQQLDEDQptC1" +
-            "0L3RgtGA0LDQu9GM0L3QuNC5INC30LDRgdCy0ZbQtNGH0YPQstCw0LvRjNC90LjQ" +
-            "uSDQvtGA0LPQsNC9MTUwMwYDVQQDDCzQo9C60YDQsNGX0L3QsCwg0KbQl9CeIC8g" +
-            "VWtyYWluZSwgQ2VudHJhbCBDQTELMAkGA1UEBhMCVUExETAPBgNVBAcMCNCa0LjR" +
-            "l9CyMSgwJgYDVQQIDB/QmtC40ZfQstGB0YzQutCwINC+0LHQu9Cw0YHRgtGMMIIB" +
-            "UTCCARIGCyqGJAIBAQEBAwEBMIIBATCBvDAPAgIBrzAJAgEBAgEDAgEFAgEBBDbz" +
-            "ykDGaaTaFzFJyhLDLa4Ya1Osa8Y2WZferq6K0tiI+b/VNAFpTvnEJz2M/m3Cj3Bq" +
-            "D0kQzgMCNj///////////////////////////////////7oxdUWACajApyTwL4Gq" +
-            "ih/Lr4DZDHqVEQUEzwQ2lqAgR9+skUI33jGNgj2Qsh9+3x7so5koelwr4fy89k/x" +
-            "5eqNSvFZ/1fPHfXz+iz7PmFIhr15BECLwhftNllK8B904j3LmmBY/teFIBSrw2lL" +
-            "CKc1nWIez+h/01q0GSxgeuwU0oOw9WmwlkGuj13DJ8cSmm70jTULAzkABDa6vb3U" +
-            "VIxZr2cXcVSvKkPM65Ii2+8biqyoH8i9e0NKJu+IhjDvUrvzlr8U+ywuf5bpSj4N" +
-            "fEmjezB5MA4GA1UdDwEB/wQEAwIBxjAPBgNVHRMBAf8EBTADAQH/MCsGA1UdIwQk" +
-            "MCKAIOPEn/xcXE6VGFNB8vbfXS1XMYYzAa4ML8opsOslTHJNMCkGA1UdDgQiBCDj" +
-            "xJ/8XFxOlRhTQfL2310tVzGGMwGuDC/KKbDrJUxyTTANBgsqhiQCAQEBAQMBAQNv" +
-            "AARsh0unjBfQoINx2rXAJggrBdoRsCouw8lN771DhcuUrlQUuEEQHTaZrQoYbECu" +
-            "AGfsxfTyldQDEOVzD/Uq8Xh4gIHuSqki9mRSjMR19MQtTKRmI9TRHIeTdIZ6l3P7" +
-            "jFfGJvTP0E9NYSolx+kM");
-
-    private final byte[] sha3Cert = Base64.decode(
-        "MIID8jCCAqagAwIBAgIICfBykpzUT+IwQQYJKoZIhvcNAQEKMDSgDzANBglg"
-            + "hkgBZQMEAggFAKEcMBoGCSqGSIb3DQEBCDANBglghkgBZQMEAggFAKIDAgEg"
-            + "MCwxCzAJBgNVBAYTAkRFMQ4wDAYDVQQKDAV4aXBraTENMAsGA1UEAwwEUkNB"
-            + "MTAeFw0xNjEwMTgxODQzMjhaFw0yNjEwMTgxODQzMjdaMCwxCzAJBgNVBAYT"
-            + "AkRFMQ4wDAYDVQQKDAV4aXBraTENMAsGA1UEAwwEUkNBMTCCASIwDQYJKoZI"
-            + "hvcNAQEBBQADggEPADCCAQoCggEBAK/pzm1RASDYDg3WBXyW3AnAESRF/+li"
-            + "qh0X8Y89m+JFJeOi1u89bOSPjsFfo5SbRSElyRXedh/d37KrONg39NEKIcC6"
-            + "iSuiNfXu0D6nlSzhrQzmvHIyfLnm8N2JtHDr/hZIprOcFO+lZTJIjjrOVe9y"
-            + "lFGgGDd/uQCEJk1Cmi5Ivi9odeiN3z8lVlGNeN9/Q5n47ijuYWr73z/FyyAK"
-            + "gAG3B5nhAYWs4ft0O3JWBc0QJZzShqsRjm3SNhAqMDnRoTq04PFgbDYizV8T"
-            + "ydz2kCne79TDwsY4MckYYaGoNcPoQXVS+9YjQjI72ktSlxiJxodL9WMFl+ED"
-            + "5ZLBRIRsDJECAwEAAaOBrzCBrDAPBgNVHRMBAf8EBTADAQH/MGoGCCsGAQUF"
-            + "BwEBBF4wXDAnBggrBgEFBQcwAoYbaHR0cDovL2V4YW1wbGUub3JnL1JDQTEu"
-            + "ZGVyMDEGCCsGAQUFBzABhiVodHRwOi8vbG9jYWxob3N0OjgwODAvb2NzcC9y"
-            + "ZXNwb25kZXIxMB0GA1UdDgQWBBRTXKdJI3P1kveLlRxPvzUfDnC8JjAOBgNV"
-            + "HQ8BAf8EBAMCAQYwQQYJKoZIhvcNAQEKMDSgDzANBglghkgBZQMEAggFAKEc"
-            + "MBoGCSqGSIb3DQEBCDANBglghkgBZQMEAggFAKIDAgEgA4IBAQCpSVaqOMKz"
-            + "6NT0+mivEhig9cKsglFhnWStKUtdhrG4HqOf6Qjny9Xvq1nE7x8e2xAoaZLd"
-            + "GMsNAWFCbwzoJrDL7Ct6itQ5ymxi2haN+Urc5UWJd/8C0R74OdP1uPCiljZ9"
-            + "DdjbNk/hS36UPYi+FT5r6Jr/1X/EqgL1MOUsSTEXdYlZH662zjbV4D9QSBzx"
-            + "ul9bYyWrqSZFKvKef4UQwUy8yXtChwiwp50mfJQBdVcIqPBYCgmLYclamjQx"
-            + "hlkk5VbZb4D/Cv4HxrdxpJfy/ewUZR7uHlzDx0/m4qjzNzWgq+sh3ZbveDrV"
-            + "wd/FDMFOxSIno9qgHtdfgXRwZJ+l07fF");
-
-    private final String ecPemCert =
-        "-----BEGIN CERTIFICATE-----\n" +
-            "MIIB/jCCAYWgAwIBAgIIdJclisc/elQwCgYIKoZIzj0EAwMwRTELMAkGA1UEBhMC\n" +
-            "VVMxFDASBgNVBAoMC0FmZmlybVRydXN0MSAwHgYDVQQDDBdBZmZpcm1UcnVzdCBQ\n" +
-            "cmVtaXVtIEVDQzAeFw0xMDAxMjkxNDIwMjRaFw00MDEyMzExNDIwMjRaMEUxCzAJ\n" +
-            "BgNVBAYTAlVTMRQwEgYDVQQKDAtBZmZpcm1UcnVzdDEgMB4GA1UEAwwXQWZmaXJt\n" +
-            "VHJ1c3QgUHJlbWl1bSBFQ0MwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQNMF4bFZ0D\n" +
-            "0KF5Nbc6PJJ6yhUczWLznCZcBz3lVPqj1swS6vQUX+iOGasvLkjmrBhDeKzQN8O9\n" +
-            "ss0s5kfiGuZjuD0uL3jET9v0D6RoTFVya5UdThhClXjMNzyR4ptlKymjQjBAMB0G\n" +
-            "A1UdDgQWBBSaryl6wBE1NSZRMADDav5A1a7WPDAPBgNVHRMBAf8EBTADAQH/MA4G\n" +
-            "A1UdDwEB/wQEAwIBBjAKBggqhkjOPQQDAwNnADBkAjAXCfOHiFBar8jAQr9HX/Vs\n" +
-            "aobgxCd05DhT1wV/GzTjxi+zygk8N53X57hG8f2h4nECMEJZh0PUUd+60wkyWs6I\n" +
-            "flc9nF9Ca/UHLbXwgpP5WW+uZPpY5Yse42O+tYHNbwKMeQ==\n" +
-            "-----END CERTIFICATE-----";
-
-    private final String pemPKCS7 =
-        "-----BEGIN PKCS7-----\n" +
-            "MIIJDAYJKoZIhvcNAQcCoIII/TCCCPkCAQExADALBgkqhkiG9w0BBwGgggjfMIIF\n" +
-            "wTCCBKmgAwIBAgIJ+pQ4odKc8AABMA0GCSqGSIb3DQEBBQUAMGAxCzAJBgNVBAYT\n" +
-            "AlVTMRMwEQYDVQQIEwpDYWxpZm9ybmlhMRIwEAYDVQQHEwlTYW4gTWF0ZW8xFzAV\n" +
-            "BgNVBAoTDkdlbml1cy5jb20gSW5jMQ8wDQYDVQQLEwZOZXRPcHMwHhcNMTQwMTI4\n" +
-            "MjE0MjE0WhcNMjQwMTI2MjE0MjE0WjBgMQswCQYDVQQGEwJVUzETMBEGA1UECBMK\n" +
-            "Q2FsaWZvcm5pYTESMBAGA1UEBxMJU2FuIE1hdGVvMRcwFQYDVQQKEw5HZW5pdXMu\n" +
-            "Y29tIEluYzEPMA0GA1UECxMGTmV0T3BzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8A\n" +
-            "MIIBCgKCAQEArfmkkDffJP6ODl13KnTaB8cwvB4anWw8+bGa8y9N7wPx7RWZWFMr\n" +
-            "fOac01p2fhq+oUIw3/uxRcDAQBQx0ZFLx3OFMuQkTpFbzHeSctsXi1Kk28pn4K3B\n" +
-            "K2CModRh8ir/qdhu0PG4SsXdyN8uT8H6bitmH4vpLaAMMi6aa1M6Ygio8a37UCQQ\n" +
-            "7fw2P7YVR61BsyqwsM/eYtgd2LqrObLwkkOvxTwpZPWDftHI4ucz1rgNnD9q0H3g\n" +
-            "kyGyGq9NBkBHJ25+CkMe+1q/eh4Xt2kt2ML4q5YZmQEwHm1eIR3/uGlb1+bueRMd\n" +
-            "hrueth/FsUiKPJ0gzmsxzQefgcLnctIx3wIDAQABo4ICfDCCAngwCQYDVR0TBAIw\n" +
-            "ADALBgNVHQ8EBAMCBeAwHQYDVR0OBBYEFJ/uU/wudzNDSI/SWkNNTXNLq2EIMIGS\n" +
-            "BgNVHSMEgYowgYeAFJ/uU/wudzNDSI/SWkNNTXNLq2EIoWSkYjBgMQswCQYDVQQG\n" +
-            "EwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTESMBAGA1UEBxMJU2FuIE1hdGVvMRcw\n" +
-            "FQYDVQQKEw5HZW5pdXMuY29tIEluYzEPMA0GA1UECxMGTmV0T3Bzggn6lDih0pzw\n" +
-            "AAEwHgYJYIZIAYb4QgENBBEWD1guNTA5IFVuaXQgVGVzdDCBwwYDVR0RBIG7MIG4\n" +
-            "oA4GAyoDBKAHDAV0ZXN0MYEQeDUwOUBleGFtcGxlLmNvbYIQeDUwOS5leGFtcGxl\n" +
-            "LmNvbaRQME4xCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1Bd2Vzb21lIER1ZGVzMRcw\n" +
-            "FQYDVQQLFA7DnGJlciBGcsOuZW5kczEOMAwGA1UEAxQF4oiGxpKGJWh0dHA6Ly93\n" +
-            "d3cuZXhhbXBsZS5jb20vP3E9YXdlc29tZW5lc3OHBMCoAAGIAyoDBDCBwwYDVR0S\n" +
-            "BIG7MIG4oA4GAyoDBKAHDAV0ZXN0MYEQeDUwOUBleGFtcGxlLmNvbYIQeDUwOS5l\n" +
-            "eGFtcGxlLmNvbaRQME4xCzAJBgNVBAYTAlVTMRYwFAYDVQQKEw1Bd2Vzb21lIER1\n" +
-            "ZGVzMRcwFQYDVQQLFA7DnGJlciBGcsOuZW5kczEOMAwGA1UEAxQF4oiGxpKGJWh0\n" +
-            "dHA6Ly93d3cuZXhhbXBsZS5jb20vP3E9YXdlc29tZW5lc3OHBMCoAAGIAyoDBDAN\n" +
-            "BgkqhkiG9w0BAQUFAAOCAQEAQK5jBzTq2lX1GpVD9RHxtTHJn/WkYOpMJYJruw8j\n" +
-            "HGfQwAkhlL9AqWgodTruoTnXgZbA7F3S8hx9gmUbHVjVeBvxZnGEJ8g7So1erFKv\n" +
-            "yQD1Ajtn7+uGXw6s0Dvde2ZVzV05pRk9ybg7kxKNXvVbKS3kyd6XoA27H5CSmzDu\n" +
-            "8cwHQkN4mJlwAiNCwMarpN4m4X0rQ+g1Ncfq+4sRjFLd8VVCbCpzD8UMBOVTpxxj\n" +
-            "kSyRPJZ7Db8SY0H2vcTUj2Yyog1RQ+RA/xp7Fgw+leEiveIE23Dq62hCHq6rU5Vj\n" +
-            "6L/LlLiKZ17lZT4z0fJ0lukPUpmVTynALKsKNm57+fOfnzCCAxYwggLWoAMCAQIC\n" +
-            "CQDcaK5WyhbztjAJBgcqhkjOOAQDMGAxCzAJBgNVBAYTAlVTMRMwEQYDVQQIEwpD\n" +
-            "YWxpZm9ybmlhMRIwEAYDVQQHEwlTYW4gTWF0ZW8xFzAVBgNVBAoTDkdlbml1cy5j\n" +
-            "b20gSW5jMQ8wDQYDVQQLEwZOZXRPcHMwHhcNMTQwMTI4MjE0MjE1WhcNMTQwMjI3\n" +
-            "MjE0MjE1WjBgMQswCQYDVQQGEwJVUzETMBEGA1UECBMKQ2FsaWZvcm5pYTESMBAG\n" +
-            "A1UEBxMJU2FuIE1hdGVvMRcwFQYDVQQKEw5HZW5pdXMuY29tIEluYzEPMA0GA1UE\n" +
-            "CxMGTmV0T3BzMIIBtzCCASsGByqGSM44BAEwggEeAoGBAIiv42coWuyVXpYoyEwf\n" +
-            "7uevd4ILhylFuvKH5tRWRcZENuxPOmXfr3L43PCdbnJhXMg3RkkWgjaE7lBk5evx\n" +
-            "LKH6rU2a1GnGmoY34OIvVvGL3xi96uYTTvLIX3+6NXaAlNppIBSHXcYx8cMdtYIn\n" +
-            "3J6JGSHEPo36ay4rDZbfS1frAhUAxF6k+/9T00QMolE41R+6ytzrawkCgYA4soyt\n" +
-            "rrIrQq6gwm2HanT8coIChr3/Et8rMamj7gS1yT9kH8HNGf217XtE3f/LUZZWUkBq\n" +
-            "3PNOuxhprNmvSAdQ7ZzhWfRvOFHKaH/DtKvLeEC5I00DfYSI64/V869Jy7lnyY7M\n" +
-            "h7ShLIwOlwnBDIL5oluircfXTr20a/Jv9pS1AAOBhQACgYEAhg6lELBZAIHVkjm7\n" +
-            "bwVJ5G/ka+KCjXxWXo+BCbqo0LqfrKQoQwUcwDzuKdqWxYbyUd0cl5/9fX59/RT/\n" +
-            "9ULklGy+dTyUSc/hj85PCXLYly3G6WECiN29TK0QLhEMZfi+iSm3YxNX3rxvmrHb\n" +
-            "bfO2SMef4r6ujv9KscDg0zQ4AgajGjAYMAkGA1UdEwQCMAAwCwYDVR0PBAQDAgA3\n" +
-            "MAkGByqGSM44BAMDLwAwLAIUVcYZ1LNv22fDBiajZ99FpTn05SMCFCgMXzUGLdPy\n" +
-            "gY460q7tGpuydry+oQAxAA==\n" +
-            "-----END PKCS7-----\n";
-
-    private static byte[] sm_root = Base64.decode(
-        "MIICDTCCAbGgAwIBAgIEHPP3OTAMBggqgRzPVQGDdQUAMFoxCzAJBgNVBAYTAkNO"
-            + "MTAwLgYDVQQKDCdDaGluYSBGaW5hbmNpYWwgQ2VydGlmaWNhdGlvbiBBdXRob3Jp"
-            + "dHkxGTAXBgNVBAMMEENGQ0EgRVYgU00yIFJPT1QwHhcNMTIwODA4MDMwNjMwWhcN"
-            + "MjkxMjMxMDMwNjMwWjBaMQswCQYDVQQGEwJDTjEwMC4GA1UECgwnQ2hpbmEgRmlu"
-            + "YW5jaWFsIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MRkwFwYDVQQDDBBDRkNBIEVW"
-            + "IFNNMiBST09UMFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAE/9xokvYPq1PPsvqh"
-            + "wzc1OvhRJyqfm+FeefW522OMUJeSqmaYRcwAaEC1IH03etyYEOD4R4HQG+ovJr4z"
-            + "PLZzUqNjMGEwHwYDVR0jBBgwFoAUXxyJKUK15hS66W6X7kBqaMo9lLgwDwYDVR0T"
-            + "AQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwHQYDVR0OBBYEFF8ciSlCteYUuulu"
-            + "l+5AamjKPZS4MAwGCCqBHM9VAYN1BQADSAAwRQIgbE/XnzWMMQItSfz/LH6CyNz1"
-            + "OxFwvI6WcgcqGGUdCiMCIQDRFwF7M4Cvo7KqGMNuSiByFNUX9PJYXByjxqPart9U"
-            + "tw==");
-
-    private static byte[] sm_sign = Base64.decode(
-        "MIICzTCCAnKgAwIBAgIGAIgmba9KMAwGCCqBHM9VAYN1BQAwWjELMAkGA1UEBhMC"
-            + "Q04xMDAuBgNVBAoMJ0NoaW5hIEZpbmFuY2lhbCBDZXJ0aWZpY2F0aW9uIEF1dGhv"
-            + "cml0eTEZMBcGA1UEAwwQQ0ZDQSBFViBTTTIgUk9PVDAeFw0xMjA4MDgwNTU2Mjda"
-            + "Fw0yOTEyMjkwNTU2MjdaMFkxCzAJBgNVBAYTAkNOMTAwLgYDVQQKDCdDaGluYSBG"
-            + "aW5hbmNpYWwgQ2VydGlmaWNhdGlvbiBBdXRob3JpdHkxGDAWBgNVBAMMD0NGQ0Eg"
-            + "RVYgU00yIE9DQTBZMBMGByqGSM49AgEGCCqBHM9VAYItA0IABG6sjKVpVukkQpY1"
-            + "nokr6wmp44hwkVnzmdXvuBbq/VtwB/8V+awkIfpz4THaSjPGzSGh+hwFcka0NCFK"
-            + "TQ7y8rqjggEhMIIBHTA4BggrBgEFBQcBAQQsMCowKAYIKwYBBQUHMAGGHGh0dHA6"
-            + "Ly9vY3NwLmNmY2EuY29tLmNuL29jc3AwHwYDVR0jBBgwFoAUXxyJKUK15hS66W6X"
-            + "7kBqaMo9lLgwDwYDVR0TAQH/BAUwAwEB/zBEBgNVHSAEPTA7MDkGBFUdIAAwMTAv"
-            + "BggrBgEFBQcCARYjaHR0cDovL3d3dy5jZmNhLmNvbS5jbi91cy91cy0xMi5odG0w"
-            + "OgYDVR0fBDMwMTAvoC2gK4YpaHR0cDovL2NybC5jZmNhLmNvbS5jbi9ldnJjYS9T"
-            + "TTIvY3JsMS5jcmwwDgYDVR0PAQH/BAQDAgEGMB0GA1UdDgQWBBTDJFfnVXuTdN3s"
-            + "yIha7AIm0b8vWTAMBggqgRzPVQGDdQUAA0cAMEQCIBgrKO75mE5lfONElZZzkAWh"
-            + "eb0R0ai6/J7nj7SCZ3jJAiAE2dKJIv9ROkN17bhZpXsVrOtyYULW7YzQePqnNN58"
-            + "MA==");
-
-    private static byte[] sm_root1 = Base64.decode(
-        "MIICwzCCAmmgAwIBAgIIIBQGIgAAAAMwCgYIKoEcz1UBg3UwgdgxCzAJBgNVBAYT" +
-            "AkNOMRIwEAYDVQQIDAnmsZ/oi4/nnIExEjAQBgNVBAcMCeWNl+S6rOW4gjE8MDoG" +
-            "A1UECgwz5rGf6IuP55yB55S15a2Q5ZWG5Yqh5pyN5Yqh5Lit5b+D5pyJ6ZmQ6LSj" +
-            "5Lu75YWs5Y+4MUswSQYDVQQLDELmsZ/oi4/nnIHnlLXlrZDllYbliqHmnI3liqHk" +
-            "uK3lv4PmnInpmZDotKPku7vlhazlj7jlronlhajkuovkuJrpg6gxFjAUBgNVBAMM" +
-            "DUpTQ0FfUk9PVF9TTTIwHhcNMTQwNjIyMDQ1MzAyWhcNMzQwNjIyMDQ1MzAyWjCB" +
-            "1jELMAkGA1UEBhMCQ04xEjAQBgNVBAgMCeaxn+iLj+ecgTESMBAGA1UEBwwJ5Y2X" +
-            "5Lqs5biCMTwwOgYDVQQKDDPmsZ/oi4/nnIHnlLXlrZDllYbliqHmnI3liqHkuK3l" +
-            "v4PmnInpmZDotKPku7vlhazlj7gxSzBJBgNVBAsMQuaxn+iLj+ecgeeUteWtkOWV" +
-            "huWKoeacjeWKoeS4reW/g+aciemZkOi0o+S7u+WFrOWPuOWuieWFqOS6i+S4mumD" +
-            "qDEUMBIGA1UEAwwLSlNDQV9DQV9TTTIwWTATBgcqhkjOPQIBBggqgRzPVQGCLQNC" +
-            "AAS/gvW90+LvyXPgpR7L0pwlVoZQdan7V5YQMEpxt47tzer31/8WJIfldx9NL/1A" +
-            "swkk6ItveCVW5k0u+IIk6crLox0wGzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIB" +
-            "BjAKBggqgRzPVQGDdQNIADBFAiEAy9NkogihHCj9Jx0ZiHdkMyCHF0wHWX58KZco" +
-            "CW5mjbgCIC9cAyuVV91ygLWk14PDuIAPFWKm6rJPXbiZL6KzwHQA");
-
-    private static byte[] sm_ca1 = Base64.decode(
-         "MIIC/TCCAqKgAwIBAgIIIBYDKQETeGQwCgYIKoEcz1UBg3UwgccxCzAJBgNVBAYT" +
-             "AkNOMRIwEAYDVQQIDAnmsZ/oi4/nnIExEjAQBgNVBAcMCeWNl+S6rOW4gjE8MDoG" +
-             "A1UECgwz5rGf6IuP55yB55S15a2Q5ZWG5Yqh5pyN5Yqh5Lit5b+D5pyJ6ZmQ6LSj" +
-             "5Lu75YWs5Y+4MTwwOgYDVQQLDDPmsZ/oi4/nnIHnlLXlrZDllYbliqHmnI3liqHk" +
-             "uK3lv4PmnInpmZDotKPku7vlhazlj7gxFDASBgNVBAMMC0pTQ0FfQ0FfU00yMB4X" +
-             "DTE2MDMyOTA3MzQxOVoXDTIxMDMyOTA3MzQxOVowejENMAsGA1UEAxMEaG9zdDEL" +
-             "MAkGA1UECxMCMTExETAPBgNVBAoTCEFCQyBsdGQuMQswCQYDVQQHEwJOSjELMAkG" +
-             "A1UECBMCSlMxIjAgBgRVBC0RExhEOURGQThBN0NFMDg5QTg0Q0Q4Q0RCQjYxCzAJ" +
-             "BgNVBAYTAkNOMFkwEwYHKoZIzj0CAQYIKoEcz1UBgi0DQgAEaTG1mpejjdsNRr2q" +
-             "p3ZC0pPXuBO19sNhIJEG6cMSi/kE1hNDosCBRhpr2gOqKP9bXHrIhVGe41Z9Ci8L" +
-             "jf/hpaOBwzCBwDAJBgNVHRMEAjAAMAsGA1UdDwQEAwIEsDAdBgNVHSUEFjAUBggr" +
-             "BgEFBQcDAgYIKwYBBQUHAwQwHwYDVR0jBBgwFoAU/9NocgiO5XrE+eYsU0VOkaSx" +
-             "egMwRwYIKwYBBQUHAQEEOzA5MDcGCCsGAQUFBzAChitodHRwOi8vMTAuMTA4LjUu" +
-             "Mjo4ODgwL2Rvd25sb2FkL0pTQ0FfQ0EuY2VyMB0GA1UdDgQWBBQQ80pId+SJS9uP" +
-             "aZaItbNdEE2C0zAKBggqgRzPVQGDdQNJADBGAiEAogpBxL3Cc4P4v+FvQsnCgCZs" +
-             "oSdFZLZDB4uDlOIqU9wCIQDXmE1iiCsWi1RmdoY+/ics2ZlY8vyHWBJnZ+XFy1Jb" +
-             "fA==");
-
-    private static byte[] sm_sign1 = Base64.decode(
-        "MIID9zCCA5ygAwIBAgIIIBcEJwKSCCMwCgYIKoEcz1UBg3UwgccxCzAJBgNVBAYT" +
-        "AkNOMRIwEAYDVQQIDAnmsZ/oi4/nnIExEjAQBgNVBAcMCeWNl+S6rOW4gjE8MDoG" +
-        "A1UECgwz5rGf6IuP55yB55S15a2Q5ZWG5Yqh5pyN5Yqh5Lit5b+D5pyJ6ZmQ6LSj" +
-        "5Lu75YWs5Y+4MTwwOgYDVQQLDDPmsZ/oi4/nnIHnlLXlrZDllYbliqHmnI3liqHk" +
-        "uK3lv4PmnInpmZDotKPku7vlhazlj7gxFDASBgNVBAMMC0pTQ0FfQ0FfU00yMB4X" +
-        "DTE3MDQyNzAwMzkwNVoXDTE4MDQyNzAwMzkwNVowggEdMQ4wDAYDVQRYDAUwMDAw" +
-        "MTESMBAGA1UEGgwJ5biC6L6W5Yy6MRswGQYDVQQBDBIzMjAxMTIxOTgxMDUxMTAw" +
-        "MTQxDTALBgRVBIhYDAM0NTYxDTALBgRVBIhXDAMxMjMxEjAQBgNVBC0MCXVzZXJD" +
-        "ZXJ0MjELMAkGA1UEBhMCQ04xEjAQBgNVBAgMCeaxn+iLj+ecgTESMBAGA1UEBwwJ" +
-        "5Y2X5Lqs5biCMQwwCgYDVQQLDAMwMDgxHzAdBgkqhkiG9w0BCQEWEDMyNzMyMTU2" +
-        "OEBxcS5jb20xITAfBgNVBCoMGOa1i+ivlee9keWFs1NNMueul+azlTEyMzEhMB8G" +
-        "A1UEAwwY5rWL6K+V572R5YWzU00y566X5rOVMTIzMFkwEwYHKoZIzj0CAQYIKoEc" +
-        "z1UBgi0DQgAEdbrBzy2y8Gz4grOF23iaDipPhRPQRApAMIAP0cAuL1tATFjFuWJs" +
-        "pBc1cnCZmsOJnVpV4W7VF8hNOaqv3Tq4NqOCARcwggETMAkGA1UdEwQCMAAwCwYD" +
-        "VR0PBAQDAgbAMB0GA1UdDgQWBBRsWSOQDniy75t7UEvTXugwfq0HpzAfBgNVHSME" +
-        "GDAWgBT/02hyCI7lesT55ixTRU6RpLF6AzAxBgNVHSUEKjAoBggrBgEFBQcDAgYI" +
-        "KwYBBQUHAwgGCCsGAQUFBwMEBggrBgEFBQcDCDA9BgNVHR8ENjA0MDKgMKAuhixo" +
-        "dHRwOi8vY3JsLmpzY2EuY29tLmNuL2NybC9TTTJDUkxfRU5USVRZLmNybDBHBggr" +
-        "BgEFBQcBAQQ7MDkwNwYIKwYBBQUHMAKBK2h0dHA6Ly8xMC4xMDguNS4yOjg4ODAv" +
-        "ZG93bmxvYWQvSlNDQV9DQS5jZXIwCgYIKoEcz1UBg3UDSQAwRgIhALFoMoA1+uO4" +
-        "tXfmoyePz1pmv0CWPBgEP1EfDeS6FPitAiEAjHJYq7ryHKULqpRg6ph9r+xUDoWd" +
-        "0TPMOQ9jj4XJPO4=");
-
-    private byte[] x25519Cert = Base64.decode(
-        "MIIBLDCB36ADAgECAghWAUdKKo3DMDAFBgMrZXAwGTEXMBUGA1UEAwwOSUVURiBUZX" +
-            "N0IERlbW8wHhcNMTYwODAxMTIxOTI0WhcNNDAxMjMxMjM1OTU5WjAZMRcwFQYDVQQD" +
-            "DA5JRVRGIFRlc3QgRGVtbzAqMAUGAytlbgMhAIUg8AmJMKdUdIt93LQ+91oNvzoNJj" +
-            "ga9OukqY6qm05qo0UwQzAPBgNVHRMBAf8EBTADAQEAMA4GA1UdDwEBAAQEAwIDCDAg" +
-            "BgNVHQ4BAQAEFgQUmx9e7e0EM4Xk97xiPFl1uQvIuzswBQYDK2VwA0EAryMB/t3J5v" +
-            "/BzKc9dNZIpDmAgs3babFOTQbs+BolzlDUwsPrdGxO3YNGhW7Ibz3OGhhlxXrCe1Cg" +
-            "w1AH9efZBw=="
-    );
-
-    private PublicKey dudPublicKey = new PublicKey()
-    {
-        public String getAlgorithm()
-        {
-            return null;
-        }
-
-        public String getFormat()
-        {
-            return null;
-        }
-
-        public byte[] getEncoded()
-        {
-            return null;
-        }
-
-    };
-
-    public String getName()
-    {
-        return "CertTest";
-    }
-
-    public void checkCertificate(
-        int id,
-        byte[] bytes)
-    {
-        ByteArrayInputStream bIn;
-        String dump = "";
-
-        try
-        {
-            bIn = new ByteArrayInputStream(bytes);
-
-            CertificateFactory fact = CertificateFactory.getInstance("X.509", "BC");
-
-            Certificate cert = fact.generateCertificate(bIn);
-
-            PublicKey k = cert.getPublicKey();
-
-//            System.out.println(cert);
-        }
-        catch (Exception e)
-        {
-            fail(dump + Strings.lineSeparator() + getName() + ": " + id + " failed - exception " + e.toString(), e);
-        }
-
-    }
-
-    public void checkNameCertificate(
-        int id,
-        byte[] bytes)
-    {
-        ByteArrayInputStream bIn;
-        String dump = "";
-
-        try
-        {
-            bIn = new ByteArrayInputStream(bytes);
-
-            CertificateFactory fact = CertificateFactory.getInstance("X.509", "BC");
-
-            X509Certificate cert = (X509Certificate)fact.generateCertificate(bIn);
-
-            PublicKey k = cert.getPublicKey();
-            if (!cert.getIssuerDN().toString().equals("C=DE,O=DATEV eG,0.2.262.1.10.7.20=1+CN=CA DATEV D03 1:PN"))
-            {
-                fail(id + " failed - name test.");
-            }
-            // System.out.println(cert);
-        }
-        catch (Exception e)
-        {
-            fail(dump + Strings.lineSeparator() + getName() + ": " + id + " failed - exception " + e.toString(), e);
-        }
-
-    }
-
-    public void checkKeyUsage(
-        int id,
-        byte[] bytes)
-    {
-        ByteArrayInputStream bIn;
-        String dump = "";
-
-        try
-        {
-            bIn = new ByteArrayInputStream(bytes);
-
-            CertificateFactory fact = CertificateFactory.getInstance("X.509", "BC");
-
-            X509Certificate cert = (X509Certificate)fact.generateCertificate(bIn);
-
-            PublicKey k = cert.getPublicKey();
-
-            if (cert.getKeyUsage()[7])
-            {
-                fail("error generating cert - key usage wrong.");
-            }
-
-            // System.out.println(cert);
-        }
-        catch (Exception e)
-        {
-            fail(dump + Strings.lineSeparator() + getName() + ": " + id + " failed - exception " + e.toString(), e);
-        }
-
-    }
-
-    public void checkSelfSignedCertificate(
-        int id,
-        byte[] bytes,
-        String sigAlgName)
-    {
-        ByteArrayInputStream bIn;
-        String dump = "";
-
-        try
-        {
-            bIn = new ByteArrayInputStream(bytes);
-
-            CertificateFactory fact = CertificateFactory.getInstance("X.509", "BC");
-
-            Certificate cert = fact.generateCertificate(bIn);
-
-            PublicKey k = cert.getPublicKey();
-
-            cert.verify(k);
-            if (sigAlgName != null && !sigAlgName.equals(((X509Certificate)cert).getSigAlgName()))
-            {
-                fail("sigAlgName not matched on certificate: " + sigAlgName);
-            }
-
-            // System.out.println(cert);
-        }
-        catch (TestFailedException e)
-        {
-            throw e;
-        }
-        catch (Exception e)
-        {
-            fail(dump + Strings.lineSeparator() + getName() + ": " + id + " failed - exception " + e.toString(), e);
-        }
-
-    }
-
-    public void checkCertificateSignedBy(
-        int id,
-        byte[] certBytes,
-        byte[] signingCertBytes)
-    {
-        ByteArrayInputStream bIn;
-        String dump = "";
-
-        try
-        {
-            bIn = new ByteArrayInputStream(certBytes);
-
-            CertificateFactory fact = CertificateFactory.getInstance("X.509", "BC");
-
-            Certificate cert = fact.generateCertificate(bIn);
-
-            bIn = new ByteArrayInputStream(signingCertBytes);
-
-            PublicKey k = fact.generateCertificate(bIn).getPublicKey();
-
-            cert.verify(k);
-
-            // System.out.println(cert);
-        }
-        catch (TestFailedException e)
-        {
-            throw e;
-        }
-        catch (Exception e)
-        {
-            fail(dump + Strings.lineSeparator() + getName() + ": " + id + " failed - exception " + e.toString(), e);
-        }
-
-    }
-
-    private void checkCRL(
-        int id,
-        byte[] bytes)
-    {
-        ByteArrayInputStream bIn;
-        String dump = "";
-
-        try
-        {
-            bIn = new ByteArrayInputStream(bytes);
-
-            CertificateFactory fact = CertificateFactory.getInstance("X.509", "BC");
-
-            CRL cert = fact.generateCRL(bIn);
-
-            // System.out.println(cert);
-        }
-        catch (Exception e)
-        {
-            fail(dump + Strings.lineSeparator() + getName() + ": " + id + " failed - exception " + e.toString(), e);
-        }
-
-    }
-
-    private void testForgedSignature()
-        throws Exception
-    {
-        String cert = "MIIBsDCCAVoCAQYwDQYJKoZIhvcNAQEFBQAwYzELMAkGA1UEBhMCQVUxEzARBgNV"
-            + "BAgTClF1ZWVuc2xhbmQxGjAYBgNVBAoTEUNyeXB0U29mdCBQdHkgTHRkMSMwIQYD"
-            + "VQQDExpTZXJ2ZXIgdGVzdCBjZXJ0ICg1MTIgYml0KTAeFw0wNjA5MTEyMzU4NTVa"
-            + "Fw0wNjEwMTEyMzU4NTVaMGMxCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpRdWVlbnNs"
-            + "YW5kMRowGAYDVQQKExFDcnlwdFNvZnQgUHR5IEx0ZDEjMCEGA1UEAxMaU2VydmVy"
-            + "IHRlc3QgY2VydCAoNTEyIGJpdCkwXDANBgkqhkiG9w0BAQEFAANLADBIAkEAn7PD"
-            + "hCeV/xIxUg8V70YRxK2A5jZbD92A12GN4PxyRQk0/lVmRUNMaJdq/qigpd9feP/u"
-            + "12S4PwTLb/8q/v657QIDAQABMA0GCSqGSIb3DQEBBQUAA0EAbynCRIlUQgaqyNgU"
-            + "DF6P14yRKUtX8akOP2TwStaSiVf/akYqfLFm3UGka5XbPj4rifrZ0/sOoZEEBvHQ"
-            + "e20sRA==";
-
-        CertificateFactory certFact = CertificateFactory.getInstance("X.509", "BC");
-
-        X509Certificate x509 = (X509Certificate)certFact.generateCertificate(new ByteArrayInputStream(Base64.decode(cert)));
-        try
-        {
-            x509.verify(x509.getPublicKey());
-
-            fail("forged RSA signature passed");
-        }
-        catch (Exception e)
-        {
-            // expected
-        }
-    }
-
-
-    private void pemTest()
-        throws Exception
-    {
-        CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
-
-        Certificate cert = readPEMCert(cf, PEMData.CERTIFICATE_1);
-        if (cert == null)
-        {
-            fail("PEM cert not read");
-        }
-        cert = readPEMCert(cf, "-----BEGIN CERTIFICATE-----" + PEMData.CERTIFICATE_2);
-        if (cert == null)
-        {
-            fail("PEM cert with extraneous header not read");
-        }
-        CRL crl = cf.generateCRL(new ByteArrayInputStream(PEMData.CRL_1.getBytes("US-ASCII")));
-        if (crl == null)
-        {
-            fail("PEM crl not read");
-        }
-        Collection col = cf.generateCertificates(new ByteArrayInputStream(PEMData.CERTIFICATE_2.getBytes("US-ASCII")));
-        if (col.size() != 1 || !col.contains(cert))
-        {
-            fail("PEM cert collection not right");
-        }
-        col = cf.generateCRLs(new ByteArrayInputStream(PEMData.CRL_2.getBytes("US-ASCII")));
-        if (col.size() != 1 || !col.contains(crl))
-        {
-            fail("PEM crl collection not right");
-        }
-
-        cert = readPEMCert(cf, ecPemCert);
-
-        SubjectPublicKeyInfo pubInfo = SubjectPublicKeyInfo.getInstance(cert.getPublicKey().getEncoded());
-
-        AlgorithmParameters ecParams = AlgorithmParameters.getInstance("EC", "BC");
-
-        ecParams.init(pubInfo.getAlgorithm().getParameters().toASN1Primitive().getEncoded());
-
-        if (!new BigInteger("ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973", 16)
-            .equals(((ECPublicKey)cert.getPublicKey()).getParameters().getN()))
-        {
-            fail("N incorrect");
-        }
-    }
-
-    private static Certificate readPEMCert(CertificateFactory cf, String pemData)
-        throws CertificateException, UnsupportedEncodingException
-    {
-        return cf.generateCertificate(new ByteArrayInputStream(pemData.getBytes("US-ASCII")));
-    }
-
-    private void pkcs7Test()
-        throws Exception
-    {
-        ASN1EncodableVector certs = new ASN1EncodableVector();
-
-        certs.add(new ASN1InputStream(CertPathTest.rootCertBin).readObject());
-        certs.add(new DERTaggedObject(false, 2, new ASN1InputStream(AttrCertData.attrCert).readObject()));
-
-        ASN1EncodableVector crls = new ASN1EncodableVector();
-
-        crls.add(new ASN1InputStream(CertPathTest.rootCrlBin).readObject());
-        SignedData sigData = new SignedData(new DERSet(), new ContentInfo(CMSObjectIdentifiers.data, null), new DERSet(certs), new DERSet(crls), new DERSet());
-
-        ContentInfo info = new ContentInfo(CMSObjectIdentifiers.signedData, sigData);
-
-        CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
-
-        X509Certificate cert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(info.getEncoded()));
-        if (cert == null || !areEqual(cert.getEncoded(), certs.get(0).toASN1Primitive().getEncoded()))
-        {
-            fail("PKCS7 cert not read");
-        }
-        X509CRL crl = (X509CRL)cf.generateCRL(new ByteArrayInputStream(info.getEncoded()));
-        if (crl == null || !areEqual(crl.getEncoded(), crls.get(0).toASN1Primitive().getEncoded()))
-        {
-            fail("PKCS7 crl not read");
-        }
-
-        if (!"SHA256WITHRSA".equals(crl.getSigAlgName()))
-        {
-            fail("signature ID not matched in CRL: " + crl.getSigAlgName());
-        }
-
-        Collection col = cf.generateCertificates(new ByteArrayInputStream(info.getEncoded()));
-        if (col.size() != 1 || !col.contains(cert))
-        {
-            fail("PKCS7 cert collection not right");
-        }
-        col = cf.generateCRLs(new ByteArrayInputStream(info.getEncoded()));
-        if (col.size() != 1 || !col.contains(crl))
-        {
-            fail("PKCS7 crl collection not right");
-        }
-
-        // data with no certificates or CRLs
-
-        sigData = new SignedData(new DERSet(), new ContentInfo(CMSObjectIdentifiers.data, null), new DERSet(), new DERSet(), new DERSet());
-
-        info = new ContentInfo(CMSObjectIdentifiers.signedData, sigData);
-
-        cert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(info.getEncoded()));
-        if (cert != null)
-        {
-            fail("PKCS7 cert present");
-        }
-        crl = (X509CRL)cf.generateCRL(new ByteArrayInputStream(info.getEncoded()));
-        if (crl != null)
-        {
-            fail("PKCS7 crl present");
-        }
-
-        // data with absent certificates and CRLS
-
-        sigData = new SignedData(new DERSet(), new ContentInfo(CMSObjectIdentifiers.data, null), null, null, new DERSet());
-
-        info = new ContentInfo(CMSObjectIdentifiers.signedData, sigData);
-
-        cert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(info.getEncoded()));
-        if (cert != null)
-        {
-            fail("PKCS7 cert present");
-        }
-        crl = (X509CRL)cf.generateCRL(new ByteArrayInputStream(info.getEncoded()));
-        if (crl != null)
-        {
-            fail("PKCS7 crl present");
-        }
-
-        //
-        // sample message
-        //
-        InputStream in = new ByteArrayInputStream(pkcs7CrlProblem);
-        Collection certCol = cf.generateCertificates(in);
-
-        in.reset();
-        Collection crlCol = cf.generateCRLs(in);
-
-        if (crlCol.size() != 0)
-        {
-            fail("wrong number of CRLs: " + crlCol.size());
-        }
-
-        if (certCol.size() != 4)
-        {
-            fail("wrong number of Certs: " + certCol.size());
-        }
-
-        in = new ByteArrayInputStream(pemPKCS7.getBytes("US-ASCII"));
-        certCol = cf.generateCertificates(in);
-
-        in.reset();
-        crlCol = cf.generateCRLs(in);
-
-        if (crlCol.size() != 0)
-        {
-            fail("wrong number of CRLs: " + crlCol.size());
-        }
-
-        if (certCol.size() != 2)
-        {
-            fail("wrong number of Certs: " + certCol.size());
-        }
-    }
-
-    private KeyPair generateLongFixedKeys()
-        throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeySpecException
-    {
-        RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(
-            new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137", 16),
-            new BigInteger("010001", 16));
-
-        RSAPrivateCrtKeySpec privKeySpec = new RSAPrivateCrtKeySpec(
-            new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137", 16),
-            new BigInteger("010001", 16),
-            new BigInteger("33a5042a90b27d4f5451ca9bbbd0b44771a101af884340aef9885f2a4bbe92e894a724ac3c568c8f97853ad07c0266c8c6a3ca0929f1e8f11231884429fc4d9ae55fee896a10ce707c3ed7e734e44727a39574501a532683109c2abacaba283c31b4bd2f53c3ee37e352cee34f9e503bd80c0622ad79c6dcee883547c6a3b325", 16),
-            new BigInteger("e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443", 16),
-            new BigInteger("b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd", 16),
-            new BigInteger("28fa13938655be1f8a159cbaca5a72ea190c30089e19cd274a556f36c4f6e19f554b34c077790427bbdd8dd3ede2448328f385d81b30e8e43b2fffa027861979", 16),
-            new BigInteger("1a8b38f398fa712049898d7fb79ee0a77668791299cdfa09efc0e507acb21ed74301ef5bfd48be455eaeb6e1678255827580a8e4e8e14151d1510a82a3f2e729", 16),
-            new BigInteger("27156aba4126d24a81f3a528cbfb27f56886f840a9f6e86e17a44b94fe9319584b8e22fdde1e5a2e3bd8aa5ba8d8584194eb2190acf832b847f13a3d24a79f4d", 16));
-
-        KeyFactory fact = KeyFactory.getInstance("RSA", "BC");
-
-        return new KeyPair(fact.generatePublic(pubKeySpec), fact.generatePrivate(privKeySpec));
-    }
-
-    private void rfc4491Test()
-        throws Exception
-    {
-        CertificateFactory certFact = CertificateFactory.getInstance("X.509", "BC");
-
-        X509Certificate x509 = (X509Certificate)certFact.generateCertificate(new ByteArrayInputStream(gostRFC4491_94));
-
-        x509.verify(x509.getPublicKey(), "BC");
-
-        x509 = (X509Certificate)certFact.generateCertificate(new ByteArrayInputStream(gostRFC4491_2001));
-
-        x509.verify(x509.getPublicKey(), "BC");
-    }
-
-    private void checkComparison(byte[] encCert)
-        throws NoSuchProviderException, CertificateException
-    {
-        CertificateFactory bcFact = CertificateFactory.getInstance("X.509", "BC");
-        CertificateFactory sunFact = CertificateFactory.getInstance("X.509", "SUN");
-
-        X509Certificate bcCert = (X509Certificate)bcFact.generateCertificate(new ByteArrayInputStream(encCert));
-        X509Certificate sunCert = (X509Certificate)sunFact.generateCertificate(new ByteArrayInputStream(encCert));
-
-        if (!bcCert.equals(sunCert) || !sunCert.equals(bcCert))
-        {
-            fail("BC/Sun equals test failed");
-        }
-
-        // Yes, they actually changed hashCode() on a certificate in JDK 1.8...
-//        if (bcCert.hashCode() != sunCert.hashCode())
-//        {
-//            fail("BC/Sun hashCode test failed");
-//        }
-    }
-
-    private void testV1CRL()
-        throws Exception
-    {
-        byte[] certData = Streams.readAll(this.getClass().getResourceAsStream("ThawteSGCCA.cer"));
-        byte[] crlData = Streams.readAll(this.getClass().getResourceAsStream("ThawteSGCCA.crl"));
-
-        // verify CRL with default (JCE) provider
-        CertificateFactory jceFac = CertificateFactory.getInstance("X.509");
-
-        X509Certificate jceIssuer = (X509Certificate)
-            jceFac.generateCertificate(new ByteArrayInputStream(certData));
-
-        X509CRL jceCRL = (X509CRL)jceFac.generateCRL(new ByteArrayInputStream(crlData));
-
-        jceCRL.verify(jceIssuer.getPublicKey());
-
-        // verify CRL with BC provider
-        CertificateFactory bcFac = CertificateFactory.getInstance("X.509", "BC");
-
-        X509Certificate bcIssuer = (X509Certificate)
-            bcFac.generateCertificate(new ByteArrayInputStream(certData));
-
-        X509CRL bcCRL = (X509CRL)bcFac.generateCRL(new ByteArrayInputStream(crlData));
-
-        jceCRL.verify(bcIssuer.getPublicKey());
-
-        bcCRL.verify(bcIssuer.getPublicKey());
-
-        if (!"SHA1WITHRSA".equals(bcCRL.getSigAlgName()))
-        {
-            fail("signature ID not matched in CRL");
-        }
-
-        if (!"SHA1WITHRSA".equals(bcIssuer.getSigAlgName()))
-        {
-            fail("signature ID not matched in certificate");
-        }
-    }
-
-    private void testCertPathEncAvailableTest()
-        throws Exception
-    {
-        CertificateFactory certFact = CertificateFactory.getInstance("X.509", "BC");
-
-        Iterator it = certFact.getCertPathEncodings();
-
-        if (!"PkiPath".equals(it.next()))
-        {
-            fail("available enc 1 wrong");
-        }
-        if (!"PEM".equals(it.next()))
-        {
-            fail("available enc 2 wrong");
-        }
-        if (!"PKCS7".equals(it.next()))
-        {
-            fail("available enc 3 wrong");
-        }
-
-        if (it.hasNext())
-        {
-            fail("wrong number of encodings");
-        }
-    }
-
-    private void pemFileTest()
-        throws Exception
-    {
-        CertificateFactory certFact = CertificateFactory.getInstance("X.509", "BC");
-
-        Collection<Certificate> certs1 = (Collection<Certificate>)certFact.generateCertificates(this.getClass().getResourceAsStream("cert_chain.txt"));
-
-        isTrue("certs wrong <cr><nl>", 2 == certs1.size());
-
-        BufferedInputStream in = new BufferedInputStream(this.getClass().getResourceAsStream("cert_chain.txt"));
-
-        Set certs2 = new HashSet();
-        while ((in.available() > 0))
-        {
-            Certificate c = certFact.generateCertificate(in);
-
-            // this isn't strictly correct with the way it's defined in the Java JavaDoc - need it for backward
-            // compatibility.
-            if (c != null)
-            {
-                certs2.add(c);
-            }
-        }
-
-        isTrue("certs size <cr><nl>", certs1.size() == certs2.size());
-
-        for (Iterator it = certs1.iterator(); it.hasNext(); )
-        {
-            certs2.remove(it.next());
-        }
-
-        isTrue("collection not empty", certs2.isEmpty());
-    }
-
-    private void invalidCRLs()
-        throws Exception
-    {
-        CertificateFactory certFact = CertificateFactory.getInstance("X.509", "BC");
-
-        Collection crls = certFact.generateCRLs(this.getClass().getResourceAsStream("cert_chain.txt"));
-        isTrue("multi crl", crls.isEmpty());
-        CRL crl = certFact.generateCRL(this.getClass().getResourceAsStream("cert_chain.txt"));
-        isTrue("single crl", crl == null);
-    }
-
-    private void pemFileTestWithNl()
-        throws Exception
-    {
-        CertificateFactory certFact = CertificateFactory.getInstance("X.509", "BC");
-
-        Collection<Certificate> certs1 = (Collection<Certificate>)certFact.generateCertificates(this.getClass().getResourceAsStream("cert_chain_nl.txt"));
-
-        isTrue("certs wrong <nl>", 2 == certs1.size());
-
-        BufferedInputStream in = new BufferedInputStream(this.getClass().getResourceAsStream("cert_chain_nl.txt"));
-
-        Set certs2 = new HashSet();
-        while ((in.available() > 0))
-        {
-            Certificate c = certFact.generateCertificate(in);
-
-            // this isn't strictly correct with the way it's defined in the Java JavaDoc - need it for backward
-            // compatibility.
-            if (c != null)
-            {
-                certs2.add(c);
-            }
-        }
-
-        isTrue("certs size <nl>", certs1.size() == certs2.size());
-
-        for (Iterator it = certs1.iterator(); it.hasNext(); )
-        {
-            certs2.remove(it.next());
-        }
-
-        isTrue("collection not empty", certs2.isEmpty());
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        testV1CRL();
-
-        checkCertificate(1, cert1);
-        checkCertificate(2, cert2);
-        checkCertificate(3, cert3);
-        checkCertificate(4, cert4);
-        checkCertificate(5, cert5);
-        checkCertificate(6, oldEcdsa);
-        checkCertificate(7, cert7);
-        checkCertificate(8, sm_sign);
-        checkCertificate(9, x25519Cert);
-
-        checkComparison(cert1);
-
-        checkKeyUsage(8, keyUsage);
-        checkSelfSignedCertificate(9, uncompressedPtEC, "ECDSA");
-        checkNameCertificate(10, nameCert);
-
-        checkSelfSignedCertificate(11, probSelfSignedCert, "SHA1WITHRSA");
-        checkSelfSignedCertificate(12, gostCA1, "GOST3410");
-        checkSelfSignedCertificate(13, gostCA2, "GOST3411WITHECGOST3410");
-        checkSelfSignedCertificate(14, gost341094base, "GOST3410");
-        checkSelfSignedCertificate(15, gost34102001base, "GOST3411WITHECGOST3410");
-        checkSelfSignedCertificate(16, gost341094A, "GOST3410");
-        checkSelfSignedCertificate(17, gost341094B, "GOST3410");
-        checkSelfSignedCertificate(18, gost34102001A, "GOST3411WITHECGOST3410");
-
-        try
-        {
-            checkSelfSignedCertificate(19, uaczo1, "GOST3411WITHDSTU4145LE");
-            checkSelfSignedCertificate(20, uaczo2, "GOST3411WITHDSTU4145LE");
-            checkSelfSignedCertificate(21, uaczo3, "GOST3411WITHDSTU4145LE");
-            checkSelfSignedCertificate(22, uaczo4, "GOST3411WITHDSTU4145LE");
-        }
-        catch (Exception e)
-        {
-            if (e instanceof NoSuchAlgorithmException)
-            {
-                // ignore - only valid for jdk1.5+
-            }
-        }
-
-        checkSelfSignedCertificate(23, sha3Cert, "SHA3-256withRSAandMGF1");
-        checkSelfSignedCertificate(24, sm_root, "SM3WITHSM2");
-
-        checkCertificateSignedBy(1, sm_sign, sm_root);
-        checkCertificateSignedBy(2, sm_ca1, sm_root1);
-        checkCertificateSignedBy(3, sm_sign1, sm_root1);
-        
-        checkCRL(1, crl1);
-
-        pemTest();
-        pemFileTest();
-        pemFileTestWithNl();
-        pkcs7Test();
-        rfc4491Test();
-
-        invalidCRLs();
-
-        testForgedSignature();
-
-        checkCertificate(18, emptyDNCert);
-
-        testCertPathEncAvailableTest();
-    }
-
-    public static void main(
-        String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new CertTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CertUniqueIDTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CertUniqueIDTest.java
deleted file mode 100644
index 283c50b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CertUniqueIDTest.java
+++ /dev/null

@@ -1,178 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.math.BigInteger;
-import java.security.KeyFactory;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.Security;
-import java.security.cert.X509Certificate;
-import java.security.spec.RSAPrivateCrtKeySpec;
-import java.security.spec.RSAPublicKeySpec;
-import java.util.Date;
-import java.util.Set;
-import java.util.Vector;
-
-import org.bouncycastle.jce.X509Principal;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.x509.X509V3CertificateGenerator;
-
-public class CertUniqueIDTest
-    extends SimpleTest
-{
-  public String getName()
-  {
-      return "CertUniqueID";
-  }
-
-  public void performTest() throws Exception
-  {
-    checkCreation1();
-  }
-
-  /**
-   * we generate a self signed certificate for the sake of testing - RSA
-   */
-  public void checkCreation1()
-      throws Exception
-  {
-      //
-      // a sample key pair.
-      //
-      RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(
-          new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-          new BigInteger("11", 16));
-
-      RSAPrivateCrtKeySpec privKeySpec = new RSAPrivateCrtKeySpec(
-          new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-          new BigInteger("11", 16),
-          new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
-          new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
-          new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
-          new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
-          new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
-          new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));
-
-      //
-      // set up the keys
-      //
-      PrivateKey          privKey;
-      PublicKey           pubKey;
-
-      KeyFactory  fact = KeyFactory.getInstance("RSA", "BC");
-
-      privKey = fact.generatePrivate(privKeySpec);
-      pubKey = fact.generatePublic(pubKeySpec);
-
-      //
-      // distinguished name table.
-      //
-      Vector                      ord = new Vector();
-      Vector                      values = new Vector();
-
-      ord.addElement(X509Principal.C);
-      ord.addElement(X509Principal.O);
-      ord.addElement(X509Principal.L);
-      ord.addElement(X509Principal.ST);
-      ord.addElement(X509Principal.E);
-
-      values.addElement("AU");
-      values.addElement("The Legion of the Bouncy Castle");
-      values.addElement("Melbourne");
-      values.addElement("Victoria");
-      values.addElement("feedback-crypto@bouncycastle.org");
-
-      //
-      // extensions
-      //
-
-      //
-      // create the certificate - version 3 - without subject unique ID
-      //
-      X509V3CertificateGenerator  certGen = new X509V3CertificateGenerator();
-
-      certGen.setSerialNumber(BigInteger.valueOf(1));
-      certGen.setIssuerDN(new X509Principal(ord, values));
-      certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
-      certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000));
-      certGen.setSubjectDN(new X509Principal(ord, values));
-      certGen.setPublicKey(pubKey);
-      certGen.setSignatureAlgorithm("SHA256WithRSAEncryption");
-
-      X509Certificate cert = certGen.generate(privKey);
-
-      cert.checkValidity(new Date());
-
-      cert.verify(pubKey);
-
-      Set dummySet = cert.getNonCriticalExtensionOIDs();
-      if (dummySet != null)
-      {
-          fail("non-critical oid set should be null");
-      }
-      dummySet = cert.getCriticalExtensionOIDs();
-      if (dummySet != null)
-      {
-          fail("critical oid set should be null");
-      }
-
-      //
-      // create the certificate - version 3 - with subject unique ID
-      //
-      certGen = new X509V3CertificateGenerator();
-
-      certGen.setSerialNumber(BigInteger.valueOf(1));
-      certGen.setIssuerDN(new X509Principal(ord, values));
-      certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
-      certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000));
-      certGen.setSubjectDN(new X509Principal(ord, values));
-      certGen.setPublicKey(pubKey);
-      certGen.setSignatureAlgorithm("MD5WithRSAEncryption");
-
-      boolean[] subjectUniqID = {true, false, false, false, true, false, false, true, false, true, true};
-
-      certGen.setSubjectUniqueID(subjectUniqID);
-
-      boolean[] issuerUniqID = {false, false, true, false, true, false, false, false, true, false, false, true, false, true, true};
-
-      certGen.setIssuerUniqueID(issuerUniqID);
-
-      cert = certGen.generate(privKey);
-
-      cert.checkValidity(new Date());
-
-      cert.verify(pubKey);
-
-      boolean[] subjectUniqueId = cert.getSubjectUniqueID();
-      if (!Arrays.areEqual(subjectUniqID, subjectUniqueId))
-      {
-          fail("Subject unique id is not correct, original: "+arrayToString(subjectUniqID)+", from cert: "+arrayToString(subjectUniqueId));
-      }
-
-      boolean[] issuerUniqueId = cert.getIssuerUniqueID();
-      if (!Arrays.areEqual(issuerUniqID, issuerUniqueId))
-      {
-          fail("Issuer unique id is not correct, original: "+arrayToString(issuerUniqID)+", from cert: "+arrayToString(subjectUniqueId));
-      }
-  }
-
-  private String arrayToString(boolean[] array)
-  {
-      StringBuffer b = new StringBuffer();
-
-      for (int i = 0; i != array.length; i++)
-      {
-          b.append(array[i] ? "1" : "0");
-      }
-
-      return b.toString();
-  }
-  public static void main(
-      String[]    args)
-  {
-      Security.addProvider(new BouncyCastleProvider());
-
-      runTest(new CertUniqueIDTest());
-  }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CipherStreamTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CipherStreamTest.java
deleted file mode 100644
index 39e37a6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CipherStreamTest.java
+++ /dev/null

@@ -1,448 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.security.AlgorithmParameters;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.Security;
-
-import javax.crypto.Cipher;
-import javax.crypto.CipherInputStream;
-import javax.crypto.CipherOutputStream;
-import javax.crypto.KeyGenerator;
-import javax.crypto.SecretKey;
-import javax.crypto.ShortBufferException;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestFailedException;
-
-/**
- * check that cipher input/output streams are working correctly
- */
-public class CipherStreamTest
-    extends SimpleTest
-{
-
-    private static byte[] RK = Hex.decode("0123456789ABCDEF");
-    private static byte[] RIN = Hex.decode("4e6f772069732074");
-    private static byte[] ROUT = Hex.decode("3afbb5c77938280d");
-
-    private static byte[] SIN = Hex.decode(
-                    "00000000000000000000000000000000"
-                  + "00000000000000000000000000000000"
-                  + "00000000000000000000000000000000"
-                  + "00000000000000000000000000000000");
-    private static final byte[] SK = Hex.decode("80000000000000000000000000000000");
-    private static final byte[] SIV = Hex.decode("0000000000000000");
-    private static final byte[] SOUT = Hex.decode(
-          "4DFA5E481DA23EA09A31022050859936"
-        + "DA52FCEE218005164F267CB65F5CFD7F"
-        + "2B4F97E0FF16924A52DF269515110A07"
-        + "F9E460BC65EF95DA58F740B7D1DBB0AA");
-
-    private static final byte[] XSK = Hex.decode("d5c7f6797b7e7e9c1d7fd2610b2abf2bc5a7885fb3ff78092fb3abe8986d35e2");
-    private static final byte[] XSIV = Hex.decode("744e17312b27969d826444640e9c4a378ae334f185369c95");
-    private static final byte[] XSIN = Hex.decode("7758298c628eb3a4b6963c5445ef66971222be5d1a4ad839715d1188071739b77cc6e05d5410f963a64167629757");
-    private static final byte[] XSOUT= Hex.decode("27b8cfe81416a76301fd1eec6a4d99675069b2da2776c360db1bdfea7c0aa613913e10f7a60fec04d11e65f2d64e");
-
-    private static final byte[] CHAK = Hex.decode("80000000000000000000000000000000");
-    private static final byte[] CHAIV = Hex.decode("0000000000000000");
-    private static final byte[] CHAIN =  Hex.decode(
-                                              "00000000000000000000000000000000"
-                                            + "00000000000000000000000000000000"
-                                            + "00000000000000000000000000000000"
-                                            + "00000000000000000000000000000000");
-    private static final byte[] CHAOUT = Hex.decode("FBB87FBB8395E05DAA3B1D683C422046"
-                                                    + "F913985C2AD9B23CFC06C1D8D04FF213"
-                                                    + "D44A7A7CDB84929F915420A8A3DC58BF"
-                                                    + "0F7ECB4B1F167BB1A5E6153FDAF4493D");
-
-    private static final byte[] CHA7539K = Hex.decode("8000000000000000000000000000000080000000000000000000000000000000");
-    private static final byte[] CHA7539IV = Hex.decode("000000000000000000000000");
-    private static final byte[] CHA7539IN =  Hex.decode(
-                                              "00000000000000000000000000000000"
-                                            + "00000000000000000000000000000000"
-                                            + "00000000000000000000000000000000"
-                                            + "00000000000000000000000000000000");
-    private static final byte[] CHA7539OUT = Hex.decode("aef50e541e12a65dc21e90ebb4c03987971c540f78eb536df692ff89fc47561ed17eb23b63eb714c09d0c50af703e01485926c140e994b3edff9df635a91d268");
-
-    private static final byte[] HCIN = new byte[64];
-    private static final byte[] HCIV = new byte[32];
-
-    private static final byte[] HCK256A = new byte[32];
-    private static final byte[] HC256A = Hex.decode(
-          "5B078985D8F6F30D42C5C02FA6B67951"
-        + "53F06534801F89F24E74248B720B4818"
-        + "CD9227ECEBCF4DBF8DBF6977E4AE14FA"
-        + "E8504C7BC8A9F3EA6C0106F5327E6981");
-
-    private static final byte[] HCK128A = new byte[16];
-    private static final byte[] HC128A = Hex.decode(
-          "82001573A003FD3B7FD72FFB0EAF63AA"
-        + "C62F12DEB629DCA72785A66268EC758B"
-        + "1EDB36900560898178E0AD009ABF1F49"
-        + "1330DC1C246E3D6CB264F6900271D59C");
-
-    private static final byte[] GRAIN_V1 = Hex.decode("0123456789abcdef1234");
-    private static final byte[] GRAIN_V1_IV = Hex.decode("0123456789abcdef");
-    private static final byte[] GRAIN_V1_IN = new byte[10];
-    private static final byte[] GRAIN_V1_OUT = Hex.decode("7f362bd3f7abae203664");
-
-    private static final byte[] GRAIN_128 = Hex.decode("0123456789abcdef123456789abcdef0");
-    private static final byte[] GRAIN_128_IV = Hex.decode("0123456789abcdef12345678");
-    private static final byte[] GRAIN_128_IN = new byte[16];
-    private static final byte[] GRAIN_128_OUT = Hex.decode("afb5babfa8de896b4b9c6acaf7c4fbfd");
-
-    public CipherStreamTest()
-    {
-    }
-
-    private void runTest(
-        String  name)
-        throws Exception
-    {
-        String lCode = "ABCDEFGHIJKLMNOPQRSTUVWXY0123456789";
-        KeyGenerator            kGen;
-
-        if (name.indexOf('/') < 0)
-        {
-            kGen = KeyGenerator.getInstance(name, "BC");
-        }
-        else
-        {
-            kGen = KeyGenerator.getInstance(name.substring(0, name.indexOf('/')), "BC");
-        }
-
-        byte[]                  data = lCode.getBytes();
-        Cipher                  in = Cipher.getInstance(name, "BC");
-        Cipher                  out = Cipher.getInstance(name, "BC");
-        Key                     key = kGen.generateKey();
-        ByteArrayInputStream    bIn = new ByteArrayInputStream(data);
-        ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
-
-        in.init(Cipher.ENCRYPT_MODE, key);
-        if (in.getIV() != null)
-        {
-            out.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(in.getIV()));
-        }
-        else
-        {
-            out.init(Cipher.DECRYPT_MODE, key);
-        }
-
-        CipherInputStream       cIn = new CipherInputStream(bIn, in);
-        CipherOutputStream      cOut = new CipherOutputStream(bOut, out);
-
-        int c;
-
-        while ((c = cIn.read()) >= 0)
-        {
-            cOut.write(c);
-        }
-
-        cIn.close();
-
-        cOut.flush();
-        cOut.close();
-
-        String  res = new String(bOut.toByteArray());
-
-        if (!res.equals(lCode))
-        {
-            fail("Failed - decrypted data doesn't match.");
-        }
-
-
-        //
-        // short buffer test
-        //
-        try
-        {
-            byte[] enc = in.doFinal(data);
-            byte[] out1 = new byte[enc.length / 2];
-
-            try
-            {
-                out.doFinal(enc, 0, enc.length, out1, 0);
-
-                fail("ShortBufferException not triggered");
-            }
-            catch (ShortBufferException e)
-            {
-                byte[] out2 = new byte[in.getOutputSize(enc.length)];
-
-                int count = out.doFinal(enc, 0, enc.length, out2, 0);
-
-                if (!areEqual(out2, count, data))
-                {
-                    fail("" + name + " failed decryption - expected " + new String(Hex.encode(data)) + " got " + new String(Hex.encode(out2)));
-                }
-            }
-        }
-        catch (TestFailedException e)
-        {
-            throw e;
-        }
-        catch (Exception e)
-        {
-            fail("" + name + " failed short buffer decryption - " + e.toString());
-        }
-
-        // mode test
-        if (name.indexOf('/') < 0)
-        {
-            Cipher.getInstance(name + "/NONE/NoPadding");
-            Cipher.getInstance(name + "/ECB/NoPadding");    // very old school
-        }
-    }
-
-
-    private boolean areEqual(byte[] a, int aLen, byte[] b)
-    {
-        if (b.length != aLen)
-        {
-            return false;
-        }
-
-        for (int i = 0; i != aLen; i++)
-        {
-            if (a[i] != b[i])
-            {
-                return false;
-            }
-        }
-
-        return true;
-    }
-
-    private void testAlgorithm(String name, byte[] keyBytes, byte[] iv, byte[] plainText, byte[] cipherText)
-        throws Exception
-    {
-        SecretKey key = new SecretKeySpec(keyBytes, name);
-        Cipher    in = Cipher.getInstance(name, "BC");
-        Cipher    out = Cipher.getInstance(name, "BC");
-
-        if (iv != null)
-        {
-            in.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(iv));
-            out.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(iv));
-        }
-        else
-        {
-            in.init(Cipher.ENCRYPT_MODE, key);
-            out.init(Cipher.DECRYPT_MODE, key);
-        }
-
-        if (iv != null)
-        {
-            isTrue(Arrays.areEqual(iv, in.getIV()));
-            isTrue(Arrays.areEqual(iv, out.getIV()));
-       
-            AlgorithmParameters algParams = in.getParameters();
-
-            isTrue(Arrays.areEqual(iv, ((IvParameterSpec)algParams.getParameterSpec(IvParameterSpec.class)).getIV()));
-
-            algParams = out.getParameters();
-            isTrue(Arrays.areEqual(iv, ((IvParameterSpec)algParams.getParameterSpec(IvParameterSpec.class)).getIV()));
-        }
-        
-        byte[] enc = in.doFinal(plainText);
-        if (!areEqual(enc, cipherText))
-        {
-            fail(name + ": cipher text doesn't match got " + new String(Hex.encode(enc)));
-        }
-
-        byte[] dec = out.doFinal(enc);
-
-        if (!areEqual(dec, plainText))
-        {
-            fail(name + ": plain text doesn't match");
-        }
-    }
-
-    private void testException(
-        String  name)
-    {
-        try
-        {
-            byte[] key128 = {
-                    (byte)128, (byte)131, (byte)133, (byte)134,
-                    (byte)137, (byte)138, (byte)140, (byte)143,
-                    (byte)128, (byte)131, (byte)133, (byte)134,
-                    (byte)137, (byte)138, (byte)140, (byte)143 };
-
-            byte[] key256 = {
-                    (byte)128, (byte)131, (byte)133, (byte)134,
-                    (byte)137, (byte)138, (byte)140, (byte)143,
-                    (byte)128, (byte)131, (byte)133, (byte)134,
-                    (byte)137, (byte)138, (byte)140, (byte)143,
-                    (byte)128, (byte)131, (byte)133, (byte)134,
-                    (byte)137, (byte)138, (byte)140, (byte)143,
-                    (byte)128, (byte)131, (byte)133, (byte)134,
-                    (byte)137, (byte)138, (byte)140, (byte)143 };
-
-            byte[] keyBytes;
-            if (name.equals("HC256") || name.equals("XSalsa20") || name.equals("ChaCha7539") || name.equals("ChaCha20"))
-            {
-                keyBytes = key256;
-            }
-            else
-            {
-                keyBytes = key128;
-            }
-
-            SecretKeySpec cipherKey = new SecretKeySpec(keyBytes, name);
-            Cipher ecipher = Cipher.getInstance(name, "BC");
-            ecipher.init(Cipher.ENCRYPT_MODE, cipherKey);
-
-            byte[] cipherText = new byte[0];
-            try
-            {
-                // According specification Method engineUpdate(byte[] input,
-                // int inputOffset, int inputLen, byte[] output, int
-                // outputOffset)
-                // throws ShortBufferException - if the given output buffer is
-                // too
-                // small to hold the result
-                ecipher.update(new byte[20], 0, 20, cipherText);
-
-                fail("failed exception test - no ShortBufferException thrown");
-            }
-            catch (ShortBufferException e)
-            {
-                // ignore
-            }
-
-            try
-            {
-                Cipher c = Cipher.getInstance(name, "BC");
-
-                Key k = new PublicKey()
-                {
-
-                    public String getAlgorithm()
-                    {
-                        return "STUB";
-                    }
-
-                    public String getFormat()
-                    {
-                        return null;
-                    }
-
-                    public byte[] getEncoded()
-                    {
-                        return null;
-                    }
-
-                };
-
-                c.init(Cipher.ENCRYPT_MODE, k);
-
-                fail("failed exception test - no InvalidKeyException thrown for public key");
-            }
-            catch (InvalidKeyException e)
-            {
-                // okay
-            }
-
-            try
-            {
-                Cipher c = Cipher.getInstance(name, "BC");
-
-                Key k = new PrivateKey()
-                {
-
-                    public String getAlgorithm()
-                    {
-                        return "STUB";
-                    }
-
-                    public String getFormat()
-                    {
-                        return null;
-                    }
-
-                    public byte[] getEncoded()
-                    {
-                        return null;
-                    }
-
-                };
-
-                c.init(Cipher.DECRYPT_MODE, k);
-
-                fail("failed exception test - no InvalidKeyException thrown for private key");
-            }
-            catch (InvalidKeyException e)
-            {
-                // okay
-            }
-        }
-        catch (Exception e)
-        {
-            fail("unexpected exception.", e);
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        runTest("RC4");
-        testException("RC4");
-        testAlgorithm("RC4", RK, null, RIN, ROUT);
-        runTest("Salsa20");
-        testException("Salsa20");
-        testAlgorithm("Salsa20", SK, SIV, SIN, SOUT);
-        runTest("XSalsa20");
-        testException("XSalsa20");
-        testAlgorithm("XSalsa20", XSK, XSIV, XSIN, XSOUT);
-        runTest("ChaCha");
-        testException("ChaCha");
-        testAlgorithm("ChaCha", CHAK, CHAIV, CHAIN, CHAOUT);
-        runTest("ChaCha7539");
-        testException("ChaCha7539");
-        testAlgorithm("ChaCha7539", CHA7539K, CHA7539IV, CHA7539IN, CHA7539OUT);
-        runTest("ChaCha20");
-        testException("ChaCha20");
-        testAlgorithm("ChaCha20", CHA7539K, CHA7539IV, CHA7539IN, CHA7539OUT);
-        runTest("HC128");
-        testException("HC128");
-        testAlgorithm("HC128", HCK128A, HCIV, HCIN, HC128A);
-        runTest("HC256");
-        testException("HC256");
-        testAlgorithm("HC256", HCK256A, HCIV, HCIN, HC256A);
-        runTest("VMPC");
-        testException("VMPC");
-        //testAlgorithm("VMPC", a, iv, in, a);
-        runTest("VMPC-KSA3");
-        testException("VMPC-KSA3");
-        //testAlgorithm("VMPC-KSA3", a, iv, in, a);
-        testAlgorithm("Grainv1", GRAIN_V1, GRAIN_V1_IV, GRAIN_V1_IN, GRAIN_V1_OUT);
-        testAlgorithm("Grain128", GRAIN_128, GRAIN_128_IV, GRAIN_128_IN, GRAIN_128_OUT);
-        runTest("DES/ECB/PKCS7Padding");
-        runTest("DES/CFB8/NoPadding");
-    }
-
-    public String getName()
-    {
-        return "CipherStreamTest";
-    }
-
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new CipherStreamTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CipherStreamTest2.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CipherStreamTest2.java
deleted file mode 100644
index 8f4cf01..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/CipherStreamTest2.java
+++ /dev/null

@@ -1,525 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.security.Key;
-import java.security.Security;
-
-import javax.crypto.Cipher;
-import javax.crypto.KeyGenerator;
-import javax.crypto.spec.IvParameterSpec;
-
-import org.bouncycastle.crypto.io.InvalidCipherTextIOException;
-import org.bouncycastle.jcajce.io.CipherInputStream;
-import org.bouncycastle.jcajce.io.CipherOutputStream;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class CipherStreamTest2
-    extends SimpleTest
-{
-    private int streamSize;
-
-    public String getName()
-    {
-        return "CipherStreamTest2";
-    }
-
-    private void testModes(String algo, String[] transforms, boolean authenticated)
-        throws Exception
-    {
-        Key key = generateKey(algo);
-        for (int i = 0; i != transforms.length; i++)
-        {
-            String transform = transforms[i];
-            String cipherName = algo + transform;
-
-            boolean cts = transform.indexOf("CTS") > -1;
-            if (cts && streamSize < Cipher.getInstance(cipherName, "BC").getBlockSize())
-            {
-                continue;
-            }
-            testWriteRead(cipherName, key, authenticated, true, false);
-            testWriteRead(cipherName, key, authenticated, true, true);
-            testWriteRead(cipherName, key, authenticated, false, false);
-            testWriteRead(cipherName, key, authenticated, false, true);
-            testReadWrite(cipherName, key, authenticated, true, false);
-            testReadWrite(cipherName, key, authenticated, true, true);
-            testReadWrite(cipherName, key, authenticated, false, false);
-            testReadWrite(cipherName, key, authenticated, false, true);
-
-            if (!cts)
-            {
-                testWriteReadEmpty(cipherName, key, authenticated, true, false);
-                testWriteReadEmpty(cipherName, key, authenticated, true, true);
-                testWriteReadEmpty(cipherName, key, authenticated, false, false);
-                testWriteReadEmpty(cipherName, key, authenticated, false, true);
-            }
-
-            if (authenticated)
-            {
-                testTamperedRead(cipherName, key, true, true);
-                testTamperedRead(cipherName, key, true, false);
-                testTruncatedRead(cipherName, key, true, true);
-                testTruncatedRead(cipherName, key, true, false);
-                testTamperedWrite(cipherName, key, true, true);
-                testTamperedWrite(cipherName, key, true, false);
-            }
-        }
-    }
-
-    private InputStream createInputStream(byte[] data, Cipher cipher, boolean useBc)
-    {
-        ByteArrayInputStream bytes = new ByteArrayInputStream(data);
-        // cast required for earlier JDK
-        return useBc ? (InputStream)new CipherInputStream(bytes, cipher) : (InputStream)new javax.crypto.CipherInputStream(bytes, cipher);
-    }
-
-    private OutputStream createOutputStream(ByteArrayOutputStream bytes, Cipher cipher, boolean useBc)
-    {
-        // cast required for earlier JDK
-        return useBc ? (OutputStream)new CipherOutputStream(bytes, cipher) : (OutputStream)new javax.crypto.CipherOutputStream(bytes, cipher);
-    }
-
-    /**
-     * Test tampering of ciphertext followed by read from decrypting CipherInputStream
-     */
-    private void testTamperedRead(String name, Key key, boolean authenticated, boolean useBc)
-        throws Exception
-    {
-        Cipher encrypt = Cipher.getInstance(name, "BC");
-        Cipher decrypt = Cipher.getInstance(name, "BC");
-        encrypt.init(Cipher.ENCRYPT_MODE, key);
-        if (encrypt.getIV() != null)
-        {
-            decrypt.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(encrypt.getIV()));
-        }
-        else
-        {
-            decrypt.init(Cipher.DECRYPT_MODE, key);
-        }
-
-        byte[] ciphertext = encrypt.doFinal(new byte[streamSize]);
-
-        // Tamper
-        ciphertext[0] += 1;
-
-        InputStream input = createInputStream(ciphertext, decrypt, useBc);
-        try
-        {
-            while (input.read() >= 0)
-            {
-            }
-            fail("Expected invalid ciphertext after tamper and read : " + name, authenticated, useBc);
-        }
-        catch (InvalidCipherTextIOException e)
-        {
-            // Expected
-        }
-        catch (IOException e)       //     cause will be AEADBadTagException
-        {
-            // Expected
-        }
-        try
-        {
-            input.close();
-        }
-        catch (Exception e)
-        {
-            fail("Unexpected exception : " + name, e, authenticated, useBc);
-        }
-    }
-
-    /**
-     * Test truncation of ciphertext to make tag calculation impossible, followed by read from
-     * decrypting CipherInputStream
-     */
-    private void testTruncatedRead(String name, Key key, boolean authenticated, boolean useBc)
-        throws Exception
-    {
-        Cipher encrypt = Cipher.getInstance(name, "BC");
-        Cipher decrypt = Cipher.getInstance(name, "BC");
-        encrypt.init(Cipher.ENCRYPT_MODE, key);
-        if (encrypt.getIV() != null)
-        {
-            decrypt.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(encrypt.getIV()));
-        }
-        else
-        {
-            decrypt.init(Cipher.DECRYPT_MODE, key);
-        }
-
-        byte[] ciphertext = encrypt.doFinal(new byte[streamSize]);
-
-        // Truncate to just smaller than complete tag
-        byte[] truncated = new byte[ciphertext.length - streamSize - 1];
-        System.arraycopy(ciphertext, 0, truncated, 0, truncated.length);
-
-        // Tamper
-        ciphertext[0] += 1;
-
-        InputStream input = createInputStream(truncated, decrypt, useBc);
-        while (true)
-        {
-            int read = 0;
-            try
-            {
-                read = input.read();
-            }
-            catch (InvalidCipherTextIOException e)
-            {
-                // Expected
-                break;
-            }
-            catch (IOException e)
-            {
-                // Expected from JDK 1.7 on
-                break;
-            }
-            catch (Exception e)
-            {
-                fail("Unexpected exception : " + name, e, authenticated, useBc);
-                break;
-            }
-            if (read < 0)
-            {
-                fail("Expected invalid ciphertext after truncate and read : " + name, authenticated, useBc);
-                break;
-            }
-        }
-        try
-        {
-            input.close();
-        }
-        catch (Exception e)
-        {
-            fail("Unexpected exception : " + name, e, authenticated, useBc);
-        }
-    }
-
-    /**
-     * Test tampering of ciphertext followed by write to decrypting CipherOutputStream
-     */
-    private void testTamperedWrite(String name, Key key, boolean authenticated, boolean useBc)
-        throws Exception
-    {
-        Cipher encrypt = Cipher.getInstance(name, "BC");
-        Cipher decrypt = Cipher.getInstance(name, "BC");
-        encrypt.init(Cipher.ENCRYPT_MODE, key);
-        if (encrypt.getIV() != null)
-        {
-            decrypt.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(encrypt.getIV()));
-        }
-        else
-        {
-            decrypt.init(Cipher.DECRYPT_MODE, key);
-        }
-
-        byte[] ciphertext = encrypt.doFinal(new byte[streamSize]);
-
-        // Tamper
-        ciphertext[0] += 1;
-
-        ByteArrayOutputStream plaintext = new ByteArrayOutputStream();
-        OutputStream output = createOutputStream(plaintext, decrypt, useBc);
-
-        for (int i = 0; i < ciphertext.length; i++)
-        {
-            output.write(ciphertext[i]);
-        }
-        try
-        {
-            output.close();
-            fail("Expected invalid ciphertext after tamper and write : " + name, authenticated, useBc);
-        }
-        catch (InvalidCipherTextIOException e)
-        {
-            // Expected
-        }
-    }
-
-    /**
-     * Test CipherOutputStream in ENCRYPT_MODE, CipherInputStream in DECRYPT_MODE
-     */
-    private void testWriteRead(String name, Key key, boolean authenticated, boolean useBc, boolean blocks)
-        throws Exception
-    {
-        byte[] data = new byte[streamSize];
-        for (int i = 0; i < data.length; i++)
-        {
-            data[i] = (byte)(i % 255);
-        }
-
-        testWriteRead(name, key, authenticated, useBc, blocks, data);
-    }
-
-    /**
-     * Test CipherOutputStream in ENCRYPT_MODE, CipherInputStream in DECRYPT_MODE
-     */
-    private void testWriteReadEmpty(String name, Key key, boolean authenticated, boolean useBc, boolean blocks)
-        throws Exception
-    {
-        byte[] data = new byte[0];
-
-        testWriteRead(name, key, authenticated, useBc, blocks, data);
-    }
-
-    private void testWriteRead(String name, Key key, boolean authenticated, boolean useBc, boolean blocks, byte[] data)
-    {
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        try
-        {
-            Cipher encrypt = Cipher.getInstance(name, "BC");
-            Cipher decrypt = Cipher.getInstance(name, "BC");
-            encrypt.init(Cipher.ENCRYPT_MODE, key);
-            if (encrypt.getIV() != null)
-            {
-                decrypt.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(encrypt.getIV()));
-            }
-            else
-            {
-                decrypt.init(Cipher.DECRYPT_MODE, key);
-            }
-
-            OutputStream cOut = createOutputStream(bOut, encrypt, useBc);
-            if (blocks)
-            {
-                int chunkSize = Math.max(1, data.length / 8);
-                for (int i = 0; i < data.length; i += chunkSize)
-                {
-                    cOut.write(data, i, Math.min(chunkSize, data.length - i));
-                }
-            }
-            else
-            {
-                for (int i = 0; i < data.length; i++)
-                {
-                    cOut.write(data[i]);
-                }
-            }
-            cOut.close();
-
-            byte[] cipherText = bOut.toByteArray();
-            bOut.reset();
-            InputStream cIn = createInputStream(cipherText, decrypt, useBc);
-
-            if (blocks)
-            {
-                byte[] block = new byte[encrypt.getBlockSize() + 1];
-                int c;
-                while ((c = cIn.read(block)) >= 0)
-                {
-                    bOut.write(block, 0, c);
-                }
-            }
-            else
-            {
-                int c;
-                while ((c = cIn.read()) >= 0)
-                {
-                    bOut.write(c);
-                }
-
-            }
-            cIn.close();
-
-        }
-        catch (Exception e)
-        {
-            fail("Unexpected exception " + name, e, authenticated, useBc);
-        }
-
-        byte[] decrypted = bOut.toByteArray();
-        if (!Arrays.areEqual(data, decrypted))
-        {
-            fail("Failed - decrypted data doesn't match: " + name, authenticated, useBc);
-        }
-    }
-
-    protected void fail(String message, boolean authenticated, boolean bc)
-    {
-        if (bc || !authenticated)
-        {
-            super.fail(message);
-        }
-        else
-        {
-            // javax.crypto.CipherInputStream/CipherOutputStream
-            // are broken wrt handling AEAD failures
-            // System.err.println("Broken JCE Streams: " + message);
-        }
-    }
-
-    protected void fail(String message, Throwable throwable, boolean authenticated, boolean bc)
-    {
-        if (bc || !authenticated)
-        {
-            super.fail(message, throwable);
-        }
-        else
-        {
-            // javax.crypto.CipherInputStream/CipherOutputStream
-            // are broken wrt handling AEAD failures
-            //System.err.println("Broken JCE Streams: " + message + " : " + throwable);
-            throwable.printStackTrace();
-        }
-    }
-
-    /**
-     * Test CipherInputStream in ENCRYPT_MODE, CipherOutputStream in DECRYPT_MODE
-     */
-    private void testReadWrite(String name, Key key, boolean authenticated, boolean useBc, boolean blocks)
-        throws Exception
-    {
-        String lCode = "ABCDEFGHIJKLMNOPQRSTU";
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        try
-        {
-            Cipher in = Cipher.getInstance(name, "BC");
-            Cipher out = Cipher.getInstance(name, "BC");
-            in.init(Cipher.ENCRYPT_MODE, key);
-            if (in.getIV() != null)
-            {
-                out.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(in.getIV()));
-            }
-            else
-            {
-                out.init(Cipher.DECRYPT_MODE, key);
-            }
-
-            InputStream cIn = createInputStream(lCode.getBytes(), in, useBc);
-            OutputStream cOut = createOutputStream(bOut, out, useBc);
-
-            if (blocks)
-            {
-                byte[] block = new byte[in.getBlockSize() + 1];
-                int c;
-                while ((c = cIn.read(block)) >= 0)
-                {
-                    cOut.write(block, 0, c);
-                }
-            }
-            else
-            {
-                int c;
-                while ((c = cIn.read()) >= 0)
-                {
-                    cOut.write(c);
-                }
-            }
-
-            cIn.close();
-
-            cOut.flush();
-            cOut.close();
-
-        }
-        catch (Exception e)
-        {
-            fail("Unexpected exception " + name, e, authenticated, useBc);
-        }
-
-        String res = new String(bOut.toByteArray());
-        if (!res.equals(lCode))
-        {
-            fail("Failed - decrypted data doesn't match: " + name, authenticated, useBc);
-        }
-    }
-
-    private static Key generateKey(String name)
-        throws Exception
-    {
-        KeyGenerator kGen;
-
-        if (name.indexOf('/') < 0)
-        {
-            kGen = KeyGenerator.getInstance(name, "BC");
-        }
-        else
-        {
-            kGen = KeyGenerator.getInstance(name.substring(0, name.indexOf('/')), "BC");
-        }
-        return kGen.generateKey();
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        int[] testSizes = new int[]{0, 1, 7, 8, 9, 15, 16, 17, 1023, 1024, 1025, 2047, 2048, 2049, 4095, 4096, 4097};
-        for (int i = 0; i < testSizes.length; i++)
-        {
-            this.streamSize = testSizes[i];
-            performTests();
-        }
-    }
-
-    private void performTests()
-        throws Exception
-    {
-        final String[] blockCiphers64 = new String[]{"BLOWFISH", "DES", "DESEDE", "TEA", "CAST5", "RC2", "XTEA"};
-
-        for (int i = 0; i != blockCiphers64.length; i++)
-        {
-            testModes(blockCiphers64[i], new String[]{
-                "/ECB/PKCS5Padding",
-                "/CBC/PKCS5Padding",
-                "/OFB/NoPadding",
-                "/CFB/NoPadding",
-                "/CTS/NoPadding",}, false);
-            testModes(blockCiphers64[i], new String[]{"/EAX/NoPadding"}, true);
-        }
-
-        final String[] blockCiphers128 = new String[]{
-            "AES",
-            "NOEKEON",
-            "Twofish",
-            "CAST6",
-            "SEED",
-            "Serpent",
-            "RC6",
-            "CAMELLIA"};
-
-        for (int i = 0; i != blockCiphers128.length; i++)
-        {
-            testModes(blockCiphers128[i], new String[]{
-                "/ECB/PKCS5Padding",
-                "/CBC/PKCS5Padding",
-                "/OFB/NoPadding",
-                "/CFB/NoPadding",
-                "/CTS/NoPadding",
-                "/CTR/NoPadding",
-                "/SIC/NoPadding"}, false);
-            testModes(blockCiphers128[i], new String[]{"/CCM/NoPadding", "/EAX/NoPadding", "/GCM/NoPadding", "/OCB/NoPadding"}, true);
-        }
-
-        final String[] streamCiphers = new String[]{
-            "ARC4",
-            "SALSA20",
-            "XSalsa20",
-            "ChaCha",
-            "ChaCha7539",
-            "Grainv1",
-            "Grain128",
-            "HC128",
-            "HC256"};
-
-        for (int i = 0; i != streamCiphers.length; i++)
-        {
-            testModes(streamCiphers[i], new String[]{""}, false);
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-        runTest(new CipherStreamTest2());
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DESedeTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DESedeTest.java
deleted file mode 100644
index 313f665..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DESedeTest.java
+++ /dev/null

@@ -1,326 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.DataInputStream;
-import java.io.IOException;
-import java.security.Key;
-import java.security.SecureRandom;
-import java.security.Security;
-
-import javax.crypto.Cipher;
-import javax.crypto.CipherInputStream;
-import javax.crypto.CipherOutputStream;
-import javax.crypto.KeyGenerator;
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.spec.DESedeKeySpec;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * basic test class for key generation for a DES-EDE block cipher, basically
- * this just exercises the provider, and makes sure we are behaving sensibly,
- * correctness of the implementation is shown in the lightweight test classes.
- */
-public class DESedeTest
-    extends SimpleTest
-{
-    static String[] cipherTests1 =
-    {
-        "112",
-        "2f4bc6b30c893fa549d82c560d61cf3eb088aed020603de249d82c560d61cf3e529e95ecd8e05394",
-        "128",
-        "2f4bc6b30c893fa549d82c560d61cf3eb088aed020603de249d82c560d61cf3e529e95ecd8e05394",
-        "168",
-        "50ddb583a25c21e6c9233f8e57a86d40bb034af421c03096c9233f8e57a86d402fce91e8eb639f89",
-        "192",
-        "50ddb583a25c21e6c9233f8e57a86d40bb034af421c03096c9233f8e57a86d402fce91e8eb639f89",
-    };
-
-    static byte[]   input1 = Hex.decode("000102030405060708090a0b0c0d0e0fff0102030405060708090a0b0c0d0e0f");
-    
-    /**
-     * a fake random number generator - we just want to make sure the random numbers
-     * aren't random so that we get the same output, while still getting to test the
-     * key generation facilities.
-     */
-    private class FixedSecureRandom
-        extends SecureRandom
-    {
-        byte[]  seed = {
-                (byte)0xaa, (byte)0xfd, (byte)0x12, (byte)0xf6, (byte)0x59,
-                (byte)0xca, (byte)0xe6, (byte)0x34, (byte)0x89, (byte)0xb4,
-                (byte)0x79, (byte)0xe5, (byte)0x07, (byte)0x6d, (byte)0xde,
-                (byte)0xc2, (byte)0xf0, (byte)0x6c, (byte)0xb5, (byte)0x8f
-        };
-
-        public void nextBytes(
-            byte[]  bytes)
-        {
-            int offset = 0;
-
-            while ((offset + seed.length) < bytes.length)
-            {
-                System.arraycopy(seed, 0, bytes, offset, seed.length);
-                offset += seed.length;
-            }
-
-            System.arraycopy(seed, 0, bytes, offset, bytes.length - offset);
-        }
-    }
-
-    public String getName()
-    {
-        return "DESEDE";
-    }
-
-    private boolean equalArray(
-        byte[]  a,
-        byte[]  b)
-    {
-        if (a.length != b.length)
-        {
-            return false;
-        }
-
-        for (int i = 0; i != a.length; i++)
-        {
-            if (a[i] != b[i])
-            {
-                return false;
-            }
-        }
-
-        return true;
-    }
-
-    private boolean equalArray(
-        byte[]  a,
-        byte[]  b,
-        int     length)
-    {
-        if (a.length < length)
-        {
-            return false;
-        }
-
-        if (b.length < length)
-        {
-            return false;
-        }
-
-        for (int i = 0; i != length; i++)
-        {
-            if (a[i] != b[i])
-            {
-                return false;
-            }
-        }
-
-        return true;
-    }
-
-    private void wrapTest(
-        String      alg,
-        int     id,
-        byte[]  kek,
-        byte[]  iv,
-        byte[]  in,
-        byte[]  out)
-    {
-        try
-        {
-            Cipher wrapper = Cipher.getInstance(alg + "Wrap", "BC");
-
-            wrapper.init(Cipher.WRAP_MODE, new SecretKeySpec(kek, alg), new IvParameterSpec(iv));
-
-            try
-            {
-                byte[]  cText = wrapper.wrap(new SecretKeySpec(in, alg));
-                if (!equalArray(cText, out))
-                {
-                    fail("failed wrap test " + id  + " expected " + new String(Hex.encode(out)) + " got " + new String(Hex.encode(cText)));
-                }
-            }
-            catch (Exception e)
-            {
-                fail("failed wrap test exception " + e.toString());
-            }
-
-            wrapper.init(Cipher.UNWRAP_MODE, new SecretKeySpec(kek, alg));
-
-            try
-            {
-                Key  pText = wrapper.unwrap(out, alg, Cipher.SECRET_KEY);
-                if (!equalArray(pText.getEncoded(), in))
-                {
-                    fail("failed unwrap test " + id  + " expected " + new String(Hex.encode(in)) + " got " + new String(Hex.encode(pText.getEncoded())));
-                }
-            }
-            catch (Exception e)
-            {
-                fail("failed unwrap test exception " + e.toString());
-            }
-        }
-        catch (Exception ex)
-        {
-            fail("failed exception " + ex.toString());
-        }
-    }
-
-    public void test(
-        String      alg,
-        int         strength,
-        byte[]      input,
-        byte[]      output)
-    {
-        Key                     key = null;
-        KeyGenerator            keyGen;
-        SecureRandom            rand;
-        Cipher                  in = null;
-        Cipher                  out = null;
-        CipherInputStream       cIn;
-        CipherOutputStream      cOut;
-        ByteArrayInputStream    bIn;
-        ByteArrayOutputStream   bOut;
-
-        rand = new FixedSecureRandom();
-
-        try
-        {
-            keyGen = KeyGenerator.getInstance(alg, "BC");
-            keyGen.init(strength, rand);
-
-            key = keyGen.generateKey();
-
-            in = Cipher.getInstance(alg + "/ECB/PKCS7Padding", "BC");
-            out = Cipher.getInstance(alg + "/ECB/PKCS7Padding", "BC");
-
-            out.init(Cipher.ENCRYPT_MODE, key, rand);
-        }
-        catch (Exception e)
-        {
-            fail(alg + " failed initialisation - " + e.toString());
-        }
-
-        try
-        {
-            in.init(Cipher.DECRYPT_MODE, key);
-        }
-        catch (Exception e)
-        {
-            fail(alg + " failed initialisation - " + e.toString());
-        }
-
-        //
-        // encryption pass
-        //
-        bOut = new ByteArrayOutputStream();
-
-        cOut = new CipherOutputStream(bOut, out);
-
-        try
-        {
-            for (int i = 0; i != input.length / 2; i++)
-            {
-                cOut.write(input[i]);
-            }
-            cOut.write(input, input.length / 2, input.length - input.length / 2);
-            cOut.close();
-        }
-        catch (IOException e)
-        {
-            fail(alg + " failed encryption - " + e.toString());
-        }
-
-        byte[]    bytes;
-
-        bytes = bOut.toByteArray();
-
-        if (!equalArray(bytes, output))
-        {
-            fail(alg + " failed encryption - expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(bytes)));
-        }
-
-        //
-        // decryption pass
-        //
-        bIn = new ByteArrayInputStream(bytes);
-
-        cIn = new CipherInputStream(bIn, in);
-
-        try
-        {
-            DataInputStream dIn = new DataInputStream(cIn);
-
-            bytes = new byte[input.length];
-
-            for (int i = 0; i != input.length / 2; i++)
-            {
-                bytes[i] = (byte)dIn.read();
-            }
-            dIn.readFully(bytes, input.length / 2, bytes.length - input.length / 2);
-        }
-        catch (Exception e)
-        {
-            fail(alg + " failed encryption - " + e.toString());
-        }
-
-        if (!equalArray(bytes, input))
-        {
-            fail(alg + " failed decryption - expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(bytes)));
-        }
-
-        //
-        // keyspec test
-        //
-        try
-        {
-            SecretKeyFactory keyFactory = SecretKeyFactory.getInstance(alg, "BC");
-            DESedeKeySpec keySpec = (DESedeKeySpec)keyFactory.getKeySpec((SecretKey)key, DESedeKeySpec.class);
-
-            if (!equalArray(key.getEncoded(), keySpec.getKey(), 16))
-            {
-                fail(alg + " KeySpec does not match key.");
-            }
-        }
-        catch (Exception e)
-        {
-            fail(alg + " failed keyspec - " + e.toString());
-        }
-    }
-
-    public void performTest()
-    {
-        for (int i = 0; i != cipherTests1.length; i += 2)
-        {
-            test("DESEDE", Integer.parseInt(cipherTests1[i]), input1, Hex.decode(cipherTests1[i + 1]));
-        }
-
-        for (int i = 0; i != cipherTests1.length; i += 2)
-        {
-            test("TDEA", Integer.parseInt(cipherTests1[i]), input1, Hex.decode(cipherTests1[i + 1]));
-        }
-
-        byte[]  kek1 = Hex.decode("255e0d1c07b646dfb3134cc843ba8aa71f025b7c0838251f");
-        byte[]  iv1 = Hex.decode("5dd4cbfc96f5453b");
-        byte[]  in1 = Hex.decode("2923bf85e06dd6ae529149f1f1bae9eab3a7da3d860d3e98");
-        byte[]  out1 = Hex.decode("690107618ef092b3b48ca1796b234ae9fa33ebb4159604037db5d6a84eb3aac2768c632775a467d4");
-
-        wrapTest("DESEDE", 1, kek1, iv1, in1, out1);
-        wrapTest("TDEA", 1, kek1, iv1, in1, out1);
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new DESedeTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DHIESTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DHIESTest.java
deleted file mode 100644
index 0d0155d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DHIESTest.java
+++ /dev/null

@@ -1,282 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.math.BigInteger;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.SecureRandom;
-import java.security.Security;
-
-import javax.crypto.BadPaddingException;
-import javax.crypto.Cipher;
-import javax.crypto.interfaces.DHPrivateKey;
-import javax.crypto.interfaces.DHPublicKey;
-import javax.crypto.spec.DHParameterSpec;
-
-import org.bouncycastle.crypto.agreement.DHBasicAgreement;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.engines.DESEngine;
-import org.bouncycastle.crypto.engines.IESEngine;
-import org.bouncycastle.crypto.generators.KDF2BytesGenerator;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
-import org.bouncycastle.jcajce.provider.asymmetric.dh.IESCipher;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.IESParameterSpec;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Test for DHIES - Diffie-Hellman Integrated Encryption Scheme
- */
-public class DHIESTest
-    extends SimpleTest
-{
-    // Oakley group 2 - RFC 5996
-    BigInteger p1024 = new BigInteger(
-                    "FFFFFFFFFFFFFFFFC90FDAA22168C234C4C6628B80DC1CD1" +
-                    "29024E088A67CC74020BBEA63B139B22514A08798E3404DD" +
-                    "EF9519B3CD3A431B302B0A6DF25F14374FE1356D6D51C245" +
-                    "E485B576625E7EC6F44C42E9A637ED6B0BFF5CB6F406B7ED" +
-                    "EE386BFB5A899FA5AE9F24117C4B1FE649286651ECE65381" +
-                    "FFFFFFFFFFFFFFFF",16);
-
-    BigInteger g1024 = new BigInteger("2",16);
-
-    BigInteger p2048 = new BigInteger("95475cf5d93e596c3fcd1d902add02f427f5f3c7210313bb45fb4d5b" +
-                                "b2e5fe1cbd678cd4bbdd84c9836be1f31c0777725aeb6c2fc38b85f4" +
-                                "8076fa76bcd8146cc89a6fb2f706dd719898c2083dc8d896f84062e2" +
-                                "c9c94d137b054a8d8096adb8d51952398eeca852a0af12df83e475aa" +
-                                "65d4ec0c38a9560d5661186ff98b9fc9eb60eee8b030376b236bc73b" +
-                                "e3acdbd74fd61c1d2475fa3077b8f080467881ff7e1ca56fee066d79" +
-                                "506ade51edbb5443a563927dbc4ba520086746175c8885925ebc64c6" +
-                                "147906773496990cb714ec667304e261faee33b3cbdf008e0c3fa906" +
-                                "50d97d3909c9275bf4ac86ffcb3d03e6dfc8ada5934242dd6d3bcca2" +
-                                "a406cb0b", 16);
-
-    BigInteger g2048 = new BigInteger("42debb9da5b3d88cc956e08787ec3f3a09bba5f48b889a74aaf53174" +
-                                "aa0fbe7e3c5b8fcd7a53bef563b0e98560328960a9517f4014d3325f" +
-                                "c7962bf1e049370d76d1314a76137e792f3f0db859d095e4a5b93202" +
-                                "4f079ecf2ef09c797452b0770e1350782ed57ddf794979dcef23cb96" +
-                                "f183061965c4ebc93c9c71c56b925955a75f94cccf1449ac43d586d0" +
-                                "beee43251b0b2287349d68de0d144403f13e802f4146d882e057af19" +
-                                "b6f6275c6676c8fa0e3ca2713a3257fd1b27d0639f695e347d8d1cf9" +
-                                "ac819a26ca9b04cb0eb9b7b035988d15bbac65212a55239cfc7e58fa" +
-                                "e38d7250ab9991ffbc97134025fe8ce04c4399ad96569be91a546f49" +
-                                "78693c7a", 16);
-
-    DHParameterSpec param1024 = new DHParameterSpec(p1024, g1024);
-
-    DHParameterSpec param2048 = new DHParameterSpec(p2048, g2048);
-
-    DHIESTest()
-    {
-    }
-
-    public String getName()
-    {
-        return "DHIES";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        byte[] derivation = Hex.decode("202122232425262728292a2b2c2d2e2f");
-        byte[] encoding   = Hex.decode("303132333435363738393a3b3c3d3e3f");
-
-        
-        IESCipher c1 = new org.bouncycastle.jcajce.provider.asymmetric.dh.IESCipher.IES();
-        IESCipher c2 = new org.bouncycastle.jcajce.provider.asymmetric.dh.IESCipher.IES();
-        IESParameterSpec params = new IESParameterSpec(derivation,encoding,128);
-
-        // Testing DHIES with default prime in streaming mode
-        KeyPairGenerator    g = KeyPairGenerator.getInstance("DH", "BC");
-        KeyPairGenerator    g512 = KeyPairGenerator.getInstance("DH", "BC");
-
-        g.initialize(param1024);
-
-        doTest("DHIES with default", g, "DHIES", params);
-        
-        // Testing DHIES with 512-bit prime in streaming mode
-        g512.initialize(512, new SecureRandom());
-        doTest("DHIES with 512-bit", g512, "DHIES", params);
-
-        // Testing ECIES with 1024-bit prime in streaming mode 
-        g.initialize(param1024, new SecureRandom());
-        doTest("DHIES with 1024-bit", g, "DHIES", params);
-
-        c1 = new IESCipher(new IESEngine(new DHBasicAgreement(), 
-                new KDF2BytesGenerator(new SHA1Digest()),
-                new HMac(new SHA1Digest()),
-                new PaddedBufferedBlockCipher(new DESEngine())));
-        
-        c2 = new IESCipher(new IESEngine(new DHBasicAgreement(), 
-                new KDF2BytesGenerator(new SHA1Digest()),
-                new HMac(new SHA1Digest()),
-                new PaddedBufferedBlockCipher(new DESEngine())));  
-    
-        params = new IESParameterSpec(derivation, encoding, 128, 192, Hex.decode("0001020304050607"));
-      
-        // Testing DHIES with default prime (2048) using DESEDE
-        g = KeyPairGenerator.getInstance("DH", "BC");
-        g.initialize(param2048, new SecureRandom());
-
-        doTest("DHIESwithDES default", g, "DHIESwithDESEDE-CBC", params);
-        
-        // Testing DHIES with 512-bit prime using DESEDE
-        doTest("DHIESwithDES 512-bit", g512, "DHIESwithDESEDE-CBC", params);
-        
-        // Testing DHIES with 1024-bit prime using DESEDE
-        g.initialize(param1024, new SecureRandom());
-        doTest("DHIESwithDES 1024-bit", g, "DHIESwithDESEDE-CBC", params);
-
-        g = KeyPairGenerator.getInstance("DH", "BC");
-        g.initialize(param1024);
-
-        c1 = new IESCipher.IESwithAESCBC();
-        c2 = new IESCipher.IESwithAESCBC();
-        params = new IESParameterSpec(derivation, encoding, 128, 128, Hex.decode("00010203040506070001020304050607"));
-        
-        // Testing DHIES with default prime using AES
-        doTest("DHIESwithAES default", g, "DHIESwithAES-CBC", params);
-        
-        // Testing DHIES with 512-bit prime using AES
-        doTest("DHIESwithAES 512-bit", g512, "DHIESwithAES-CBC", params);
-        
-        // Testing DHIES with 1024-bit prime using AES
-        g.initialize(param1024, new SecureRandom());
-        doTest("DHIESwithAES 1024-bit", g, "DHIESwithAES-CBC", params);
-
-        KeyPair       keyPair = g.generateKeyPair();
-        DHPublicKey   pub = (DHPublicKey)keyPair.getPublic();
-        DHPrivateKey  priv = (DHPrivateKey)keyPair.getPrivate();
-
-        Cipher c = Cipher.getInstance("DHIESwithAES-CBC", "BC");
-
-        try
-        {
-            c.init(Cipher.ENCRYPT_MODE, pub, new IESParameterSpec(derivation, encoding, 128, 128, null));
-
-            fail("no exception");
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            isTrue("message ", "NONCE in IES Parameters needs to be 16 bytes long".equals(e.getMessage()));
-        }
-
-        try
-        {
-            c.init(Cipher.DECRYPT_MODE, priv);
-
-            fail("no exception");
-        }
-        catch (IllegalArgumentException e)
-        {
-            isTrue("message ", "cannot handle supplied parameter spec: NONCE in IES Parameters needs to be 16 bytes long".equals(e.getMessage()));
-        }
-
-        try
-        {
-            c.init(Cipher.DECRYPT_MODE, priv, new IESParameterSpec(derivation, encoding, 128, 128, null));
-
-            fail("no exception");
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            isTrue("message ", "NONCE in IES Parameters needs to be 16 bytes long".equals(e.getMessage()));
-        }
-    }
-
-    public void doTest(
-        String              testname,
-        KeyPairGenerator    g,
-        String              cipher,
-        IESParameterSpec    p)
-        throws Exception
-    {
-        
-        byte[] message = Hex.decode("0102030405060708090a0b0c0d0e0f10111213141516");
-        byte[] out1, out2;
-  
-        Cipher        c1 = Cipher.getInstance(cipher, "BC");
-        Cipher        c2 = Cipher.getInstance(cipher, "BC");
-        // Generate static key pair
-        KeyPair       keyPair = g.generateKeyPair();
-        DHPublicKey   pub = (DHPublicKey)keyPair.getPublic();
-        DHPrivateKey  priv = (DHPrivateKey)keyPair.getPrivate();
-
-        // Testing with default parameters and DHAES mode off
-        c1.init(Cipher.ENCRYPT_MODE, pub, new SecureRandom());
-        c2.init(Cipher.DECRYPT_MODE, priv, c1.getParameters());
-
-        isTrue("nonce mismatch", Arrays.areEqual(c1.getIV(), c2.getIV()));
-
-        out1 = c1.doFinal(message, 0, message.length);
-        out2 = c2.doFinal(out1, 0, out1.length);
-        if (!areEqual(out2, message))
-        {
-            fail(testname + " test failed with default parameters, DHAES mode false.");
-        }
-        
-        // Testing with given parameters and DHAES mode off
-        c1.init(Cipher.ENCRYPT_MODE, pub, p, new SecureRandom());
-        c2.init(Cipher.DECRYPT_MODE, priv, p);
-        out1 = c1.doFinal(message, 0, message.length);
-        out2 = c2.doFinal(out1, 0, out1.length);
-        if (!areEqual(out2, message))
-            fail(testname + " test failed with non-null parameters, DHAES mode false.");
-        
-        // Testing with null parameters and DHAES mode on
-        c1 = Cipher.getInstance(cipher + "/DHAES/PKCS7Padding","BC");
-        c2 = Cipher.getInstance(cipher + "/DHAES/PKCS7Padding","BC");
-        c1.init(Cipher.ENCRYPT_MODE, pub, new SecureRandom());
-        c2.init(Cipher.DECRYPT_MODE, priv, c1.getParameters(), new SecureRandom());
-        out1 = c1.doFinal(message, 0, message.length);
-        out2 = c2.doFinal(out1, 0, out1.length);
-        if (!areEqual(out2, message))
-            fail(testname + " test failed with null parameters, DHAES mode true.");
-     
-        
-        // Testing with given parameters and DHAES mode on
-        c1 = Cipher.getInstance(cipher + "/DHAES/PKCS7Padding","BC");
-        c2 = Cipher.getInstance(cipher + "/DHAES/PKCS7Padding","BC");
-
-        c1.init(Cipher.ENCRYPT_MODE, pub, p, new SecureRandom());
-        c2.init(Cipher.DECRYPT_MODE, priv, p, new SecureRandom());
-
-        out1 = c1.doFinal(message, 0, message.length);
-        out2 = c2.doFinal(out1, 0, out1.length);
-        if (!areEqual(out2, message))
-            fail(testname + " test failed with non-null parameters, DHAES mode true.");
-
-        //
-        // corrupted data test
-        //
-        byte[] tmp = new byte[out1.length];
-        for (int i = 0; i != out1.length; i++)
-        {
-            System.arraycopy(out1, 0, tmp, 0, tmp.length);
-            tmp[i] = (byte)~tmp[i];
-
-            try
-            {
-                c2.doFinal(tmp, 0, tmp.length);
-
-                fail("decrypted corrupted data");
-            }
-            catch (BadPaddingException e)
-            {
-                isTrue("wrong message: " + e.getMessage(), "unable to process block".equals(e.getMessage()));
-            }
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new DHIESTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DHTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DHTest.java
deleted file mode 100644
index 295e14b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DHTest.java
+++ /dev/null

@@ -1,1580 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.math.BigInteger;
-import java.security.AlgorithmParameterGenerator;
-import java.security.AlgorithmParameters;
-import java.security.GeneralSecurityException;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.Key;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.interfaces.ECPrivateKey;
-import java.security.interfaces.ECPublicKey;
-import java.security.spec.ECFieldFp;
-import java.security.spec.ECParameterSpec;
-import java.security.spec.ECPoint;
-import java.security.spec.ECPrivateKeySpec;
-import java.security.spec.ECPublicKeySpec;
-import java.security.spec.EllipticCurve;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-
-import javax.crypto.KeyAgreement;
-import javax.crypto.SecretKey;
-import javax.crypto.interfaces.DHPrivateKey;
-import javax.crypto.interfaces.DHPublicKey;
-import javax.crypto.spec.DESKeySpec;
-import javax.crypto.spec.DESedeKeySpec;
-import javax.crypto.spec.DHParameterSpec;
-import javax.crypto.spec.DHPrivateKeySpec;
-import javax.crypto.spec.DHPublicKeySpec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.crypto.agreement.DHStandardGroups;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.spec.DHDomainParameterSpec;
-import org.bouncycastle.jcajce.spec.DHUParameterSpec;
-import org.bouncycastle.jcajce.spec.MQVParameterSpec;
-import org.bouncycastle.jcajce.spec.UserKeyingMaterialSpec;
-import org.bouncycastle.jce.ECNamedCurveTable;
-import org.bouncycastle.jce.ECPointUtil;
-import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class DHTest
-    extends SimpleTest
-{
-    private BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16);
-    private BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16);
-
-    private BigInteger g768 = new BigInteger("7c240073c1316c621df461b71ebb0cdcc90a6e5527e5e126633d131f87461c4dc4afc60c2cb0f053b6758871489a69613e2a8b4c8acde23954c08c81cbd36132cfd64d69e4ed9f8e51ed6e516297206672d5c0a69135df0a5dcf010d289a9ca1", 16);
-    private BigInteger p768 = new BigInteger("8c9dd223debed1b80103b8b309715be009d48860ed5ae9b9d5d8159508efd802e3ad4501a7f7e1cfec78844489148cd72da24b21eddd01aa624291c48393e277cfc529e37075eccef957f3616f962d15b44aeab4039d01b817fde9eaa12fd73f", 16);
-
-    private BigInteger g1024 = new BigInteger("1db17639cdf96bc4eabba19454f0b7e5bd4e14862889a725c96eb61048dcd676ceb303d586e30f060dbafd8a571a39c4d823982117da5cc4e0f89c77388b7a08896362429b94a18a327604eb7ff227bffbc83459ade299e57b5f77b50fb045250934938efa145511166e3197373e1b5b1e52de713eb49792bedde722c6717abf", 16);
-    private BigInteger p1024 = new BigInteger("a00e283b3c624e5b2b4d9fbc2653b5185d99499b00fd1bf244c6f0bb817b4d1c451b2958d62a0f8a38caef059fb5ecd25d75ed9af403f5b5bdab97a642902f824e3c13789fed95fa106ddfe0ff4a707c85e2eb77d49e68f2808bcea18ce128b178cd287c6bc00efa9a1ad2a673fe0dceace53166f75b81d6709d5f8af7c66bb7", 16);
-
-    // public key with mismatched oid/parameters
-    private byte[] oldPubEnc = Base64.decode(
-        "MIIBnzCCARQGByqGSM4+AgEwggEHAoGBAPxSrN417g43VAM9sZRf1dt6AocAf7D6" +
-            "WVCtqEDcBJrMzt63+g+BNJzhXVtbZ9kp9vw8L/0PHgzv0Ot/kOLX7Khn+JalOECW" +
-            "YlkyBhmOVbjR79TY5u2GAlvG6pqpizieQNBCEMlUuYuK1Iwseil6VoRuA13Zm7uw" +
-            "WO1eZmaJtY7LAoGAQaPRCFKM5rEdkMrV9FNzeSsYRs8m3DqPnnJHpuySpyO9wUcX" +
-            "OOJcJY5qvHbDO5SxHXu/+bMgXmVT6dXI5o0UeYqJR7fj6pR4E6T0FwG55RFr5Ok4" +
-            "3C4cpXmaOu176SyWuoDqGs1RDGmYQjwbZUi23DjaaTFUly9LCYXMliKrQfEDgYQA" +
-            "AoGAQUGCBN4TaBw1BpdBXdTvTfCU69XDB3eyU2FOBE3UWhpx9D8XJlx4f5DpA4Y6" +
-            "6sQMuCbhfmjEph8W7/sbMurM/awR+PSR8tTY7jeQV0OkmAYdGK2nzh0ZSifMO1oE" +
-            "NNhN2O62TLs67msxT28S4/S89+LMtc98mevQ2SX+JF3wEVU=");
-
-    // bogus key with full PKCS parameter set
-    private byte[] oldFullParams = Base64.decode(
-        "MIIBIzCCARgGByqGSM4+AgEwggELAoGBAP1/U4EddRIpUt9KnC7s5Of2EbdSPO9E" +
-            "AMMeP4C2USZpRV1AIlH7WT2NWPq/xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClpJ+f" +
-            "6AR7ECLCT7up1/63xhv4O1fnxqimFQ8E+4P208UewwI1VBNaFpEy9nXzrith1yrv" +
-            "8iIDGZ3RSAHHAoGBAPfhoIXWmz3ey7yrXDa4V7l5lK+7+jrqgvlXTAs9B4JnUVlX" +
-            "jrrUWU/mcQcQgYC0SRZxI+hMKBYTt88JMozIpuE8FnqLVHyNKOCjrh4rs6Z1kW6j" +
-            "fwv6ITVi8ftiegEkO8yk8b6oUZCJqIPf4VrlnwaSi2ZegHtVJWQBTDv+z0kqAgFk" +
-            "AwUAAgIH0A==");
-
-    private byte[] samplePubEnc = Base64.decode(
-        "MIIBpjCCARsGCSqGSIb3DQEDATCCAQwCgYEA/X9TgR11EilS30qcLuzk5/YRt1I8" +
-            "70QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv8mZgt2uZUKWk" +
-            "n5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOuK2HX" +
-            "Ku/yIgMZndFIAccCgYEA9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdR" +
-            "WVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwkyjMim4TwWeotUfI0o4KOuHiuzpnWR" +
-            "bqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKLZl6Ae1UlZAFMO/7PSSoC" +
-            "AgIAA4GEAAKBgEIiqxoUW6E6GChoOgcfNbVFclW91ITf5MFSUGQwt2R0RHoOhxvO" +
-            "lZhNs++d0VPATLAyXovjfgENT9SGCbuZttYcqqLdKTbMXBWPek+rfnAl9E4iEMED" +
-            "IDd83FJTKs9hQcPAm7zmp0Xm1bGF9CbUFjP5G02265z7eBmHDaT0SNlB");
-
-    private byte[] samplePrivEnc = Base64.decode(
-        "MIIBZgIBADCCARsGCSqGSIb3DQEDATCCAQwCgYEA/X9TgR11EilS30qcLuzk5/YR" +
-            "t1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv8mZgt2uZ" +
-            "UKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOu" +
-            "K2HXKu/yIgMZndFIAccCgYEA9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0H" +
-            "gmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwkyjMim4TwWeotUfI0o4KOuHiuz" +
-            "pnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKLZl6Ae1UlZAFMO/7P" +
-            "SSoCAgIABEICQAZYXnBHazxXUUdFP4NIf2Ipu7du0suJPZQKKff81wymi2zfCfHh" +
-            "uhe9gQ9xdm4GpzeNtrQ8/MzpTy+ZVrtd29Q=");
-
-    public String getName()
-    {
-        return "DH";
-    }
-
-    private void testGP(
-        String algName,
-        int size,
-        int privateValueSize,
-        BigInteger g,
-        BigInteger p)
-        throws Exception
-    {
-        DHParameterSpec dhParams = new DHParameterSpec(p, g, privateValueSize);
-
-        KeyPairGenerator keyGen = KeyPairGenerator.getInstance(algName, "BC");
-
-        keyGen.initialize(dhParams);
-
-        testTwoParty(algName, size, privateValueSize, keyGen);
-
-        KeyPair aKeyPair = keyGen.generateKeyPair();
-
-        //
-        // public key encoding test
-        //
-        byte[] pubEnc = aKeyPair.getPublic().getEncoded();
-        KeyFactory keyFac = KeyFactory.getInstance(algName, "BC");
-        X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(pubEnc);
-        DHPublicKey pubKey = (DHPublicKey)keyFac.generatePublic(pubX509);
-        DHParameterSpec spec = pubKey.getParams();
-
-        if (!spec.getG().equals(dhParams.getG()) || !spec.getP().equals(dhParams.getP()))
-        {
-            fail(size + " bit public key encoding/decoding test failed on parameters");
-        }
-
-        if (!((DHPublicKey)aKeyPair.getPublic()).getY().equals(pubKey.getY()))
-        {
-            fail(size + " bit public key encoding/decoding test failed on y value");
-        }
-
-        //
-        // public key serialisation test
-        //
-        pubKey = (DHPublicKey)serializeDeserialize(aKeyPair.getPublic());
-        spec = pubKey.getParams();
-
-        if (!spec.getG().equals(dhParams.getG()) || !spec.getP().equals(dhParams.getP()))
-        {
-            fail(size + " bit public key serialisation test failed on parameters");
-        }
-
-        if (!((DHPublicKey)aKeyPair.getPublic()).getY().equals(pubKey.getY()))
-        {
-            fail(size + " bit public key serialisation test failed on y value");
-        }
-
-        if (!aKeyPair.getPublic().equals(pubKey))
-        {
-            fail("equals test failed");
-        }
-
-        if (aKeyPair.getPublic().hashCode() != pubKey.hashCode())
-        {
-            fail("hashCode test failed");
-        }
-
-        //
-        // private key encoding test
-        //
-        byte[] privEnc = aKeyPair.getPrivate().getEncoded();
-        PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc);
-        DHPrivateKey privKey = (DHPrivateKey)keyFac.generatePrivate(privPKCS8);
-
-        spec = privKey.getParams();
-
-        if (!spec.getG().equals(dhParams.getG()) || !spec.getP().equals(dhParams.getP()))
-        {
-            fail(size + " bit private key encoding/decoding test failed on parameters");
-        }
-
-        if (!((DHPrivateKey)aKeyPair.getPrivate()).getX().equals(privKey.getX()))
-        {
-            fail(size + " bit private key encoding/decoding test failed on y value");
-        }
-
-        //
-        // private key serialisation test
-        //
-        privKey = (DHPrivateKey)serializeDeserialize(aKeyPair.getPrivate());
-        spec = privKey.getParams();
-
-        if (!spec.getG().equals(dhParams.getG()) || !spec.getP().equals(dhParams.getP()))
-        {
-            fail(size + " bit private key serialisation test failed on parameters");
-        }
-
-        if (!((DHPrivateKey)aKeyPair.getPrivate()).getX().equals(privKey.getX()))
-        {
-            fail(size + " bit private key serialisation test failed on X value");
-        }
-
-        if (!aKeyPair.getPrivate().equals(privKey))
-        {
-            fail("equals test failed");
-        }
-
-        if (aKeyPair.getPrivate().hashCode() != privKey.hashCode())
-        {
-            fail("hashCode test failed");
-        }
-
-        if (!(privKey instanceof PKCS12BagAttributeCarrier))
-        {
-            fail("private key not implementing PKCS12 attribute carrier");
-        }
-
-        //
-        // three party test
-        //
-        KeyPairGenerator aPairGen = KeyPairGenerator.getInstance(algName, "BC");
-        aPairGen.initialize(spec);
-        KeyPair aPair = aPairGen.generateKeyPair();
-
-        KeyPairGenerator bPairGen = KeyPairGenerator.getInstance(algName, "BC");
-        bPairGen.initialize(spec);
-        KeyPair bPair = bPairGen.generateKeyPair();
-
-        KeyPairGenerator cPairGen = KeyPairGenerator.getInstance(algName, "BC");
-        cPairGen.initialize(spec);
-        KeyPair cPair = cPairGen.generateKeyPair();
-
-        KeyAgreement aKeyAgree = KeyAgreement.getInstance(algName, "BC");
-        aKeyAgree.init(aPair.getPrivate());
-
-        KeyAgreement bKeyAgree = KeyAgreement.getInstance(algName, "BC");
-        bKeyAgree.init(bPair.getPrivate());
-
-        KeyAgreement cKeyAgree = KeyAgreement.getInstance(algName, "BC");
-        cKeyAgree.init(cPair.getPrivate());
-
-        Key ac = aKeyAgree.doPhase(cPair.getPublic(), false);
-
-        Key ba = bKeyAgree.doPhase(aPair.getPublic(), false);
-
-        Key cb = cKeyAgree.doPhase(bPair.getPublic(), false);
-
-        aKeyAgree.doPhase(cb, true);
-
-        bKeyAgree.doPhase(ac, true);
-
-        cKeyAgree.doPhase(ba, true);
-
-        BigInteger aShared = new BigInteger(aKeyAgree.generateSecret());
-        BigInteger bShared = new BigInteger(bKeyAgree.generateSecret());
-        BigInteger cShared = new BigInteger(cKeyAgree.generateSecret());
-
-        if (!aShared.equals(bShared))
-        {
-            fail(size + " bit 3-way test failed (a and b differ)");
-        }
-
-        if (!cShared.equals(bShared))
-        {
-            fail(size + " bit 3-way test failed (c and b differ)");
-        }
-
-        KeyAgreement noKdf = KeyAgreement.getInstance("DH", "BC");
-        
-
-        try
-        {
-            noKdf.init(aPair.getPrivate(), new UserKeyingMaterialSpec(new byte[20]));
-            fail("no exception");
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            isTrue("no KDF specified for UserKeyingMaterialSpec".equals(e.getMessage()));
-        }
-    }
-
-    private void testTwoParty(String algName, int size, int privateValueSize, KeyPairGenerator keyGen)
-        throws Exception
-    {
-        testTwoParty(algName, size, privateValueSize, keyGen.generateKeyPair(), keyGen.generateKeyPair());
-    }
-
-    private byte[] testTwoParty(String algName, int size, int privateValueSize, KeyPair aKeyPair, KeyPair bKeyPair)
-        throws Exception
-    {
-        //
-        // a side
-        //
-        KeyAgreement aKeyAgree = KeyAgreement.getInstance(algName, "BC");
-
-        checkKeySize(privateValueSize, aKeyPair);
-
-        aKeyAgree.init(aKeyPair.getPrivate());
-
-        //
-        // b side
-        //
-        KeyAgreement bKeyAgree = KeyAgreement.getInstance(algName, "BC");
-
-        checkKeySize(privateValueSize, bKeyPair);
-
-        bKeyAgree.init(bKeyPair.getPrivate());
-
-        //
-        // agreement
-        //
-        aKeyAgree.doPhase(bKeyPair.getPublic(), true);
-        bKeyAgree.doPhase(aKeyPair.getPublic(), true);
-
-        byte[] aSecret = aKeyAgree.generateSecret();
-        byte[] bSecret = bKeyAgree.generateSecret();
-
-        if (!Arrays.areEqual(aSecret, bSecret))
-        {
-            fail(size + " bit 2-way test failed");
-        }
-
-        return aSecret;
-    }
-
-    private void testExplicitWrapping(
-        int size,
-        int privateValueSize,
-        BigInteger g,
-        BigInteger p)
-        throws Exception
-    {
-        DHParameterSpec dhParams = new DHParameterSpec(p, g, privateValueSize);
-
-        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DH", "BC");
-
-        keyGen.initialize(dhParams);
-
-        //
-        // a side
-        //
-        KeyPair aKeyPair = keyGen.generateKeyPair();
-
-        KeyAgreement aKeyAgree = KeyAgreement.getInstance("DH", "BC");
-
-        checkKeySize(privateValueSize, aKeyPair);
-
-        aKeyAgree.init(aKeyPair.getPrivate());
-
-        //
-        // b side
-        //
-        KeyPair bKeyPair = keyGen.generateKeyPair();
-
-        KeyAgreement bKeyAgree = KeyAgreement.getInstance("DH", "BC");
-
-        checkKeySize(privateValueSize, bKeyPair);
-
-        bKeyAgree.init(bKeyPair.getPrivate());
-
-        //
-        // agreement
-        //
-        aKeyAgree.doPhase(bKeyPair.getPublic(), true);
-        bKeyAgree.doPhase(aKeyPair.getPublic(), true);
-
-        SecretKey k1 = aKeyAgree.generateSecret(PKCSObjectIdentifiers.id_alg_CMS3DESwrap.getId());
-        SecretKey k2 = bKeyAgree.generateSecret(PKCSObjectIdentifiers.id_alg_CMS3DESwrap.getId());
-
-        // TODO Compare k1 and k2?
-    }
-
-    private Object serializeDeserialize(Object o)
-        throws Exception
-    {
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        ObjectOutputStream oOut = new ObjectOutputStream(bOut);
-
-        oOut.writeObject(o);
-        oOut.close();
-
-        ObjectInputStream oIn = new ObjectInputStream(new ByteArrayInputStream(bOut.toByteArray()));
-
-        return oIn.readObject();
-    }
-
-    private void checkKeySize(int privateValueSize, KeyPair aKeyPair)
-    {
-        if (privateValueSize != 0)
-        {
-            DHPrivateKey key = (DHPrivateKey)aKeyPair.getPrivate();
-
-            if (key.getX().bitLength() != privateValueSize)
-            {
-                fail("limited key check failed for key size " + privateValueSize);
-            }
-        }
-    }
-
-    private void testRandom(
-        int size)
-        throws Exception
-    {
-        AlgorithmParameterGenerator a = AlgorithmParameterGenerator.getInstance("DH", "BC");
-        a.init(size, new SecureRandom());
-        AlgorithmParameters params = a.generateParameters();
-
-        byte[] encodeParams = params.getEncoded();
-
-        AlgorithmParameters a2 = AlgorithmParameters.getInstance("DH", "BC");
-        a2.init(encodeParams);
-
-        // a and a2 should be equivalent!
-        byte[] encodeParams_2 = a2.getEncoded();
-
-        if (!areEqual(encodeParams, encodeParams_2))
-        {
-            fail("encode/decode parameters failed");
-        }
-
-        DHParameterSpec dhP = (DHParameterSpec)params.getParameterSpec(DHParameterSpec.class);
-
-        testGP("DH", size, 0, dhP.getG(), dhP.getP());
-    }
-
-    private void testDefault(
-        int privateValueSize,
-        BigInteger g,
-        BigInteger p)
-        throws Exception
-    {
-        DHParameterSpec dhParams = new DHParameterSpec(p, g, privateValueSize);
-        String algName = "DH";
-        int size = p.bitLength();
-
-        new BouncyCastleProvider().setParameter(ConfigurableProvider.DH_DEFAULT_PARAMS, dhParams);
-
-        KeyPairGenerator keyGen = KeyPairGenerator.getInstance(algName, "BC");
-
-        keyGen.initialize(dhParams.getP().bitLength());
-
-        testTwoParty("DH", size, privateValueSize, keyGen);
-
-        KeyPair aKeyPair = keyGen.generateKeyPair();
-
-        new BouncyCastleProvider().setParameter(ConfigurableProvider.DH_DEFAULT_PARAMS, null);
-
-        //
-        // public key encoding test
-        //
-        byte[] pubEnc = aKeyPair.getPublic().getEncoded();
-        KeyFactory keyFac = KeyFactory.getInstance(algName, "BC");
-        X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(pubEnc);
-        DHPublicKey pubKey = (DHPublicKey)keyFac.generatePublic(pubX509);
-        DHParameterSpec spec = pubKey.getParams();
-
-        if (!spec.getG().equals(dhParams.getG()) || !spec.getP().equals(dhParams.getP()))
-        {
-            fail(size + " bit public key encoding/decoding test failed on parameters");
-        }
-
-        if (!((DHPublicKey)aKeyPair.getPublic()).getY().equals(pubKey.getY()))
-        {
-            fail(size + " bit public key encoding/decoding test failed on y value");
-        }
-
-        //
-        // public key serialisation test
-        //
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        ObjectOutputStream oOut = new ObjectOutputStream(bOut);
-
-        oOut.writeObject(aKeyPair.getPublic());
-
-        ByteArrayInputStream bIn = new ByteArrayInputStream(bOut.toByteArray());
-        ObjectInputStream oIn = new ObjectInputStream(bIn);
-
-        pubKey = (DHPublicKey)oIn.readObject();
-        spec = pubKey.getParams();
-
-        if (!spec.getG().equals(dhParams.getG()) || !spec.getP().equals(dhParams.getP()))
-        {
-            fail(size + " bit public key serialisation test failed on parameters");
-        }
-
-        if (!((DHPublicKey)aKeyPair.getPublic()).getY().equals(pubKey.getY()))
-        {
-            fail(size + " bit public key serialisation test failed on y value");
-        }
-
-        //
-        // private key encoding test
-        //
-        byte[] privEnc = aKeyPair.getPrivate().getEncoded();
-        PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc);
-        DHPrivateKey privKey = (DHPrivateKey)keyFac.generatePrivate(privPKCS8);
-
-        spec = privKey.getParams();
-
-        if (!spec.getG().equals(dhParams.getG()) || !spec.getP().equals(dhParams.getP()))
-        {
-            fail(size + " bit private key encoding/decoding test failed on parameters");
-        }
-
-        if (!((DHPrivateKey)aKeyPair.getPrivate()).getX().equals(privKey.getX()))
-        {
-            fail(size + " bit private key encoding/decoding test failed on y value");
-        }
-
-        //
-        // private key serialisation test
-        //
-        bOut = new ByteArrayOutputStream();
-        oOut = new ObjectOutputStream(bOut);
-
-        oOut.writeObject(aKeyPair.getPrivate());
-
-        bIn = new ByteArrayInputStream(bOut.toByteArray());
-        oIn = new ObjectInputStream(bIn);
-
-        privKey = (DHPrivateKey)oIn.readObject();
-        spec = privKey.getParams();
-
-        if (!spec.getG().equals(dhParams.getG()) || !spec.getP().equals(dhParams.getP()))
-        {
-            fail(size + " bit private key serialisation test failed on parameters");
-        }
-
-        if (!((DHPrivateKey)aKeyPair.getPrivate()).getX().equals(privKey.getX()))
-        {
-            fail(size + " bit private key serialisation test failed on y value");
-        }
-
-        //
-        // three party test
-        //
-        KeyPairGenerator aPairGen = KeyPairGenerator.getInstance(algName, "BC");
-        aPairGen.initialize(spec);
-        KeyPair aPair = aPairGen.generateKeyPair();
-
-        KeyPairGenerator bPairGen = KeyPairGenerator.getInstance(algName, "BC");
-        bPairGen.initialize(spec);
-        KeyPair bPair = bPairGen.generateKeyPair();
-
-        KeyPairGenerator cPairGen = KeyPairGenerator.getInstance(algName, "BC");
-        cPairGen.initialize(spec);
-        KeyPair cPair = cPairGen.generateKeyPair();
-
-        KeyAgreement aKeyAgree = KeyAgreement.getInstance(algName, "BC");
-        aKeyAgree.init(aPair.getPrivate());
-
-        KeyAgreement bKeyAgree = KeyAgreement.getInstance(algName, "BC");
-        bKeyAgree.init(bPair.getPrivate());
-
-        KeyAgreement cKeyAgree = KeyAgreement.getInstance(algName, "BC");
-        cKeyAgree.init(cPair.getPrivate());
-
-        Key ac = aKeyAgree.doPhase(cPair.getPublic(), false);
-
-        Key ba = bKeyAgree.doPhase(aPair.getPublic(), false);
-
-        Key cb = cKeyAgree.doPhase(bPair.getPublic(), false);
-
-        aKeyAgree.doPhase(cb, true);
-
-        bKeyAgree.doPhase(ac, true);
-
-        cKeyAgree.doPhase(ba, true);
-
-        BigInteger aShared = new BigInteger(aKeyAgree.generateSecret());
-        BigInteger bShared = new BigInteger(bKeyAgree.generateSecret());
-        BigInteger cShared = new BigInteger(cKeyAgree.generateSecret());
-
-        if (!aShared.equals(bShared))
-        {
-            fail(size + " bit 3-way test failed (a and b differ)");
-        }
-
-        if (!cShared.equals(bShared))
-        {
-            fail(size + " bit 3-way test failed (c and b differ)");
-        }
-    }
-
-    private void testECDH(String algorithm, String curveName, String cipher, int keyLen)
-        throws Exception
-    {
-        ECNamedCurveParameterSpec parameterSpec = ECNamedCurveTable.getParameterSpec(curveName);
-        KeyPairGenerator g = KeyPairGenerator.getInstance(algorithm, "BC");
-
-        g.initialize(parameterSpec);
-
-        //
-        // a side
-        //
-        KeyPair aKeyPair = g.generateKeyPair();
-
-        KeyAgreement aKeyAgree = KeyAgreement.getInstance(algorithm, "BC");
-
-        aKeyAgree.init(aKeyPair.getPrivate());
-
-        //
-        // b side
-        //
-        KeyPair bKeyPair = g.generateKeyPair();
-
-        KeyAgreement bKeyAgree = KeyAgreement.getInstance(algorithm, "BC");
-
-        bKeyAgree.init(bKeyPair.getPrivate());
-
-        //
-        // agreement
-        //
-        aKeyAgree.doPhase(bKeyPair.getPublic(), true);
-        bKeyAgree.doPhase(aKeyPair.getPublic(), true);
-
-        SecretKey k1 = aKeyAgree.generateSecret(cipher);
-        SecretKey k2 = bKeyAgree.generateSecret(cipher + "[" + keyLen + "]");  // explicit key-len
-
-        if (!k1.equals(k2))
-        {
-            fail(algorithm + " 2-way test failed");
-        }
-
-        if (k1.getEncoded().length != keyLen / 8)
-        {
-            fail("key for " + cipher + " the wrong size expected " + keyLen / 8 + " got " + k1.getEncoded().length);
-        }
-    }
-
-    private void testECDH(String algorithm, String curveName, ASN1ObjectIdentifier algorithmOid, String cipher, int keyLen)
-        throws Exception
-    {
-        ECNamedCurveParameterSpec parameterSpec = ECNamedCurveTable.getParameterSpec(curveName);
-        KeyPairGenerator g = KeyPairGenerator.getInstance("EC", "BC");
-
-        g.initialize(parameterSpec);
-
-        //
-        // a side
-        //
-        KeyPair aKeyPair = g.generateKeyPair();
-
-        KeyAgreement aKeyAgree = KeyAgreement.getInstance(algorithm, "BC");
-
-        aKeyAgree.init(aKeyPair.getPrivate());
-
-        //
-        // b side
-        //
-        KeyPair bKeyPair = g.generateKeyPair();
-
-        KeyAgreement bKeyAgree = KeyAgreement.getInstance(algorithmOid.getId(), "BC");
-
-        bKeyAgree.init(bKeyPair.getPrivate());
-
-        //
-        // agreement
-        //
-        aKeyAgree.doPhase(bKeyPair.getPublic(), true);
-        bKeyAgree.doPhase(aKeyPair.getPublic(), true);
-
-        SecretKey k1 = aKeyAgree.generateSecret(cipher);
-        SecretKey k2 = bKeyAgree.generateSecret(cipher + "[" + keyLen + "]");  // explicit key-len
-
-        if (!k1.equals(k2))
-        {
-            fail(algorithm + " 2-way test failed");
-        }
-
-        if (k1.getEncoded().length != keyLen / 8)
-        {
-            fail("key for " + cipher + " the wrong size expected " + keyLen / 8 + " got " + k1.getEncoded().length);
-        }
-    }
-
-    private void testECDH(String algorithm)
-        throws Exception
-    {
-        KeyPairGenerator g = KeyPairGenerator.getInstance(algorithm, "BC");
-
-        EllipticCurve curve = new EllipticCurve(
-            new ECFieldFp(new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839")), // q
-            new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
-            new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
-
-        ECParameterSpec ecSpec = new ECParameterSpec(
-            curve,
-            ECPointUtil.decodePoint(curve, Hex.decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
-            new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307"), // n
-            1); // h
-
-        g.initialize(ecSpec, new SecureRandom());
-
-        //
-        // a side
-        //
-        KeyPair aKeyPair = g.generateKeyPair();
-
-        KeyAgreement aKeyAgree = KeyAgreement.getInstance(algorithm, "BC");
-
-        aKeyAgree.init(aKeyPair.getPrivate());
-
-        //
-        // b side
-        //
-        KeyPair bKeyPair = g.generateKeyPair();
-
-        KeyAgreement bKeyAgree = KeyAgreement.getInstance(algorithm, "BC");
-
-        bKeyAgree.init(bKeyPair.getPrivate());
-
-        //
-        // agreement
-        //
-        aKeyAgree.doPhase(bKeyPair.getPublic(), true);
-        bKeyAgree.doPhase(aKeyPair.getPublic(), true);
-
-        BigInteger k1 = new BigInteger(aKeyAgree.generateSecret());
-        BigInteger k2 = new BigInteger(bKeyAgree.generateSecret());
-
-        if (!k1.equals(k2))
-        {
-            fail(algorithm + " 2-way test failed");
-        }
-
-        //
-        // public key encoding test
-        //
-        byte[] pubEnc = aKeyPair.getPublic().getEncoded();
-        KeyFactory keyFac = KeyFactory.getInstance(algorithm, "BC");
-        X509EncodedKeySpec pubX509 = new X509EncodedKeySpec(pubEnc);
-        ECPublicKey pubKey = (ECPublicKey)keyFac.generatePublic(pubX509);
-
-        if (!pubKey.getW().equals(((ECPublicKey)aKeyPair.getPublic()).getW()))
-        {
-            System.out.println(" expected " + pubKey.getW().getAffineX() + " got " + ((ECPublicKey)aKeyPair.getPublic()).getW().getAffineX());
-            System.out.println(" expected " + pubKey.getW().getAffineY() + " got " + ((ECPublicKey)aKeyPair.getPublic()).getW().getAffineY());
-            fail(algorithm + " public key encoding (W test) failed");
-        }
-
-        if (!pubKey.getParams().getGenerator().equals(((ECPublicKey)aKeyPair.getPublic()).getParams().getGenerator()))
-        {
-            fail(algorithm + " public key encoding (G test) failed");
-        }
-
-        //
-        // private key encoding test
-        //
-        byte[] privEnc = aKeyPair.getPrivate().getEncoded();
-        PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc);
-        ECPrivateKey privKey = (ECPrivateKey)keyFac.generatePrivate(privPKCS8);
-
-        if (!privKey.getS().equals(((ECPrivateKey)aKeyPair.getPrivate()).getS()))
-        {
-            fail(algorithm + " private key encoding (S test) failed");
-        }
-
-        if (!privKey.getParams().getGenerator().equals(((ECPrivateKey)aKeyPair.getPrivate()).getParams().getGenerator()))
-        {
-            fail(algorithm + " private key encoding (G test) failed");
-        }
-    }
-
-    private void testMinSpecValue()
-        throws Exception
-    {
-        BigInteger p = new BigInteger("16560215747140417249215968347342080587", 16);
-        BigInteger g = new BigInteger("1234567890", 16);
-
-        DHParameterSpec serverParam = new DHParameterSpec(p, g);
-        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DH", "BC");
-
-        try
-        {
-            keyGen.initialize(serverParam, new SecureRandom());
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            isTrue("unsafe p value so small specific l required".equals(e.getMessage()));
-        }
-
-    }
-
-    /*
-     COUNT = 14
-     XstatCAVS = 95fc47b3c755935a5babce2738d70557a43ded59c2ef8926a04e402cdb0c97b8
-     YstatCAVS = 0b7faaefb56ea62937c2210c44feca95037d4cedfe01abd61cd8085ea195547e29aa2162951a73f9acf0f79de9da1ed587a1374d7b9c25a3ac4848a857edf28d4d6b80142871cd3fa984d673945a6ae69fbd0bc559a68330e7ba8556189216fe5d25abd8f1857baea7ab42fbdc3bb482272eca02fd0095c6b53c8d9ffb3ec172d97a3a1bde096178e2aaa3f084717f3e4530f58906f8f509533cead788b4efbb69ed78b91109965018b9a094612e60b1af470ec03565729c38e6d131eebac3483e7fdb24a7c85fd9bd362404956b928d6e1762b91b13825f7769b6e9426936c03f0328d9325f6fdd4af0b53ab1bc4201fedc5961c7f2c3a9668aa90ed2c4bb5d
-     XephemCAVS = 6044f14699de46fe870688b27d5644a78da6e0758f2c999cc5e6d80a69220e2e
-     YephemCAVS = 4a8d5a1a12cc0aeeb409e07dbffa052d289c4cb49d6550d8483fe063eee9d9faa4e918fe4daa858d535c4ed5cd270d96315db210e20b4446db4f460238b9187accc65b6d43e53b3c85eec3053c8bd675ef34dca5f6189f2233ecf0b1eda0995460ccdded4e31bf3170f9ec3941d010bbd1d7a0e017f0d43c0dd1d6435f8523babfa6599120f3cbf718e755cee86189459bcd20f52d2a0ca04bdff38e26197c211fcb64cc3d7d3f2f28ee4f7eb9dbdc84a420442b8481bfa3218f0d40c00abaedff682e7d66f6e891642bdea3e2d9c6240b768376abc50343cc69ab08b0a12cc4c6f1508444fd662c4825bd6da99eaab40ff5547aae539450062ce70b9722091b
-     XstatIUT = 133a7729c7f1c1872438738edfa44d4cf44d3356d47b73b62eab45853ebdc66d
-     YstatIUT = 21e25ee916b7b56a82f9e7622e909bef000997c44434e1149fa30cb1571500be5e61bab977d9ace85ba62a21719199b9a9747e3bcc0fa729a69c17f080633e6c1426db891721ae74b9752effe8a4b9749f8c7d8edd1f4356bab994304d3fde8223de38436a1a7ffb70371d25cf4c75df7f58cd833837318c1c2213f9a058655905d752fb637d3d7f780c3ee4a788120040424199bc99d96f3c3e56a2a9fe8d6d93e60a91b6f61a1cf0559bc68a1e33716a54fdbd2895c0d9d1f7da2cb936ff0c1bc7c60380d9cf4eaa8595366ed86a72cbd964d1e4309b2dd6efad1e944cdb92752ebe13d2e65772295fb13cd9f11d5b89253e4cc109b76d53306a6534be2641
-     XephemIUT = 412a15e0866572a825219d3eaf9a4d6c0ed855180e5bdabc90f6d1a2354c3964
-     YephemIUT = 8e235a5e20d0d1d431eb832a4309de239403a68217a595d30b2e7fd677ad5eb7a2a3cc5fb0793fe466169d8acac366a20de3863adc542a4fc6dd9dcb59126dfd0336b2c7736d26e87ad4fd84d6240e149f50ffcdaa81b60ca04a26f6335e1c41e49f183bf3a7a39ffe6bf2654874399e07d9a52fb34d08a7246929649171f6e7ceceb19016b83093a9a795245ae348346f9aa8f06380cb2b3cc9176e63e107734e23ead912e408c3085b6ba361cb66cf5b25ed03fdc6893646ea3cddd770fcb51d762a8f549b600044946c362f4dda85288fbc4499e022e2b705b4f1151d5206932da92b36c6b121e3a55a2edca4b42407021f4ea3f4748f21a36d722c086cf6
-     CCMNonce = 7def4d439a9b7a6c5700bb9168
-     OI = a1b2c3d4e543415653696412daed24199775845035176e67b0ace1b413e0
-     CAVSTag = df851c60d5336269c68e42cc0d3b6ea5
-     Z = 051f570adc0c2e26f946153f31784409102f5bd9edc2cdc466b14196b7489d2b157847fb7a13bfe89edc9712b2a161be360936802dc2c1158f0a84a2175671a4f46ed6fbadc4238244a217ed21a35e01b966b100daad49e2390e0c11525280b2ecc60ffad1e73ad12aa49e28fd9dfbf7d90ad75514c48a4c05f7bd8482929c68cc62e86424019462b1e2ef6a7a16507577ab144a89dafe57b9b0889d7afda25e62022f69220f0fb32046d0aa478bde5914177aeb4f359e790a6f9fac367f431b4e32acb8616f040c77cd99c1a666d4569c06b62faa4925f9c6f6525fe074cac972aead654c87dcc772b96992202afff62c82cc501b821bf0fd851942f0797dc98be4bdf193bc6d0d95d40146b5dad610bd4123413369686b460018918c493854a14558b302f6bc3d10109cbb549dc624448246e41a32842b1962a3b884b2eb8546f2bb51d30ceb80ae7a631f2f2fb820c7f149d5e53e2ec3d62f1ff5c6cb07f845de1b31be0e1d31143476a22952406c4fa37029b1e4d2107f5efb9df9e04ec2a4d9def274f934a0e34e22003f2142185c1f79d6058f612b1315acff738e94a18a08be36a3b327ae3e28e1c9aa96fe99cbe4fdeb0df92ff133e94929d6d50fad4d5bffe54454832125212c30dad53109e114413f954f02cfa39fcc0ef574074df2f1d6f4fcb9d99dfcbcc252ee42980f1a483508379434e1ef72358f39bb5725
-     MacData = 4b435f325f56434156536964a1b2c3d4e54a8d5a1a12cc0aeeb409e07dbffa052d289c4cb49d6550d8483fe063eee9d9faa4e918fe4daa858d535c4ed5cd270d96315db210e20b4446db4f460238b9187accc65b6d43e53b3c85eec3053c8bd675ef34dca5f6189f2233ecf0b1eda0995460ccdded4e31bf3170f9ec3941d010bbd1d7a0e017f0d43c0dd1d6435f8523babfa6599120f3cbf718e755cee86189459bcd20f52d2a0ca04bdff38e26197c211fcb64cc3d7d3f2f28ee4f7eb9dbdc84a420442b8481bfa3218f0d40c00abaedff682e7d66f6e891642bdea3e2d9c6240b768376abc50343cc69ab08b0a12cc4c6f1508444fd662c4825bd6da99eaab40ff5547aae539450062ce70b9722091b8e235a5e20d0d1d431eb832a4309de239403a68217a595d30b2e7fd677ad5eb7a2a3cc5fb0793fe466169d8acac366a20de3863adc542a4fc6dd9dcb59126dfd0336b2c7736d26e87ad4fd84d6240e149f50ffcdaa81b60ca04a26f6335e1c41e49f183bf3a7a39ffe6bf2654874399e07d9a52fb34d08a7246929649171f6e7ceceb19016b83093a9a795245ae348346f9aa8f06380cb2b3cc9176e63e107734e23ead912e408c3085b6ba361cb66cf5b25ed03fdc6893646ea3cddd770fcb51d762a8f549b600044946c362f4dda85288fbc4499e022e2b705b4f1151d5206932da92b36c6b121e3a55a2edca4b42407021f4ea3f4748f21a36d722c086cf6
-     DKM = 24a246e6cbaae19e4e8bffbe3167fbbc
-     Result = P (10 - Z value should have leading 0 nibble )
-     */
-    private void testDHUnifiedTestVector1()
-        throws Exception
-    {
-        // Test Vector from NIST sample data
-        KeyFactory dhKeyFact = KeyFactory.getInstance("DH", "BC");
-
-        DHParameterSpec dhSpec = new DHParameterSpec(
-            new BigInteger("9a076bb269abfff57c72073053190a2008c3067fdcd9712ec00ee55c8fbf22af7c454dc5f10ae224d1e29fcccb3855a2509b082b934a353c21dfa5d1212f29d24866f022873d1f0b76373d47bb345e7e74f0ffc27e7c6c149282cb68a66705412995ed7a650a784f15107ed14244563b10f61d3f998b1466c9a3dd7c48a1b92d236b99b912a25f1c5279640c29714ce2123d222a6c9775223be80c5a4e9392db9ae45027110b75703c42d53fbfc1484e84cb70cabdcdcdc55066e5c03ce13ad0d7fa3af6f49101d454d5b3b77ce4c8db5772a427af7e351cdad3d7d278f52c3f57fc9274fc101c66d829871435ea2fc1f43f0e0d556a80dba9ab4e57c7b4b5a7", 16),
-            // Q = fdd88b09ff0c6c6c334a598059c1b55396dab2de01af2e8d06481fd5cd506c71
-            new BigInteger("167f9631c8aba192976a396b9df4bca5e54d1c1400eab4bdea27b1ca957211733d847026d2b3e3ea9b4c14d13b6e59f40c0df0c80bdecafb7ac414de2f920642c60d63406d2cc999ad149d24216b08a3952b50a50a088ab747de04bb4fd26899f7052970cfd0f65002cc0639bea634ba5ac2d98170b3a1b3ab5295e9395990b57fbdaf117662a9430da6b74d4e52d3969ce385b2fb61c11febd93867f1062084ca0a62c0de17b1e7265545198355e026818c037c43535de8f0d5cf0159501bcd35a4ba8fe92041a92e85fae03a051dfb3199d9764d17a3b8968eaf32e666ae867d1d0e6178ab31985b665e3178c36565e685046cb1d0611a25b0d559cd31f818", 16));
-
-        KeyPair U1 = new KeyPair(
-            dhKeyFact.generatePublic(new DHPublicKeySpec(
-                new BigInteger("0b7faaefb56ea62937c2210c44feca95037d4cedfe01abd61cd8085ea195547e29aa2162951a73f9acf0f79de9da1ed587a1374d7b9c25a3ac4848a857edf28d4d6b80142871cd3fa984d673945a6ae69fbd0bc559a68330e7ba8556189216fe5d25abd8f1857baea7ab42fbdc3bb482272eca02fd0095c6b53c8d9ffb3ec172d97a3a1bde096178e2aaa3f084717f3e4530f58906f8f509533cead788b4efbb69ed78b91109965018b9a094612e60b1af470ec03565729c38e6d131eebac3483e7fdb24a7c85fd9bd362404956b928d6e1762b91b13825f7769b6e9426936c03f0328d9325f6fdd4af0b53ab1bc4201fedc5961c7f2c3a9668aa90ed2c4bb5d", 16),
-                dhSpec.getP(), dhSpec.getG())),
-            dhKeyFact.generatePrivate(new DHPrivateKeySpec(
-                new BigInteger("95fc47b3c755935a5babce2738d70557a43ded59c2ef8926a04e402cdb0c97b8", 16),
-                dhSpec.getP(), dhSpec.getG())));
-
-        KeyPair U2 = new KeyPair(
-            dhKeyFact.generatePublic(new DHPublicKeySpec(
-                new BigInteger("4a8d5a1a12cc0aeeb409e07dbffa052d289c4cb49d6550d8483fe063eee9d9faa4e918fe4daa858d535c4ed5cd270d96315db210e20b4446db4f460238b9187accc65b6d43e53b3c85eec3053c8bd675ef34dca5f6189f2233ecf0b1eda0995460ccdded4e31bf3170f9ec3941d010bbd1d7a0e017f0d43c0dd1d6435f8523babfa6599120f3cbf718e755cee86189459bcd20f52d2a0ca04bdff38e26197c211fcb64cc3d7d3f2f28ee4f7eb9dbdc84a420442b8481bfa3218f0d40c00abaedff682e7d66f6e891642bdea3e2d9c6240b768376abc50343cc69ab08b0a12cc4c6f1508444fd662c4825bd6da99eaab40ff5547aae539450062ce70b9722091b", 16),
-                dhSpec.getP(), dhSpec.getG())),
-            dhKeyFact.generatePrivate(new DHPrivateKeySpec(
-                new BigInteger("6044f14699de46fe870688b27d5644a78da6e0758f2c999cc5e6d80a69220e2e", 16),
-                dhSpec.getP(), dhSpec.getG())));
-
-        KeyPair V1 = new KeyPair(
-            dhKeyFact.generatePublic(new DHPublicKeySpec(
-                new BigInteger("21e25ee916b7b56a82f9e7622e909bef000997c44434e1149fa30cb1571500be5e61bab977d9ace85ba62a21719199b9a9747e3bcc0fa729a69c17f080633e6c1426db891721ae74b9752effe8a4b9749f8c7d8edd1f4356bab994304d3fde8223de38436a1a7ffb70371d25cf4c75df7f58cd833837318c1c2213f9a058655905d752fb637d3d7f780c3ee4a788120040424199bc99d96f3c3e56a2a9fe8d6d93e60a91b6f61a1cf0559bc68a1e33716a54fdbd2895c0d9d1f7da2cb936ff0c1bc7c60380d9cf4eaa8595366ed86a72cbd964d1e4309b2dd6efad1e944cdb92752ebe13d2e65772295fb13cd9f11d5b89253e4cc109b76d53306a6534be2641", 16),
-                dhSpec.getP(), dhSpec.getG())),
-            dhKeyFact.generatePrivate(new DHPrivateKeySpec(
-                new BigInteger("133a7729c7f1c1872438738edfa44d4cf44d3356d47b73b62eab45853ebdc66d", 16),
-                dhSpec.getP(), dhSpec.getG())));
-
-        KeyPair V2 = new KeyPair(
-            dhKeyFact.generatePublic(new DHPublicKeySpec(
-                new BigInteger("8e235a5e20d0d1d431eb832a4309de239403a68217a595d30b2e7fd677ad5eb7a2a3cc5fb0793fe466169d8acac366a20de3863adc542a4fc6dd9dcb59126dfd0336b2c7736d26e87ad4fd84d6240e149f50ffcdaa81b60ca04a26f6335e1c41e49f183bf3a7a39ffe6bf2654874399e07d9a52fb34d08a7246929649171f6e7ceceb19016b83093a9a795245ae348346f9aa8f06380cb2b3cc9176e63e107734e23ead912e408c3085b6ba361cb66cf5b25ed03fdc6893646ea3cddd770fcb51d762a8f549b600044946c362f4dda85288fbc4499e022e2b705b4f1151d5206932da92b36c6b121e3a55a2edca4b42407021f4ea3f4748f21a36d722c086cf6", 16),
-                dhSpec.getP(), dhSpec.getG())),
-            dhKeyFact.generatePrivate(new DHPrivateKeySpec(
-                new BigInteger("412a15e0866572a825219d3eaf9a4d6c0ed855180e5bdabc90f6d1a2354c3964", 16),
-                dhSpec.getP(), dhSpec.getG())));
-
-        byte[] x = calculateUnifiedAgreement("DHUwithSHA256CKDF", "AES[128]", U1, U2, V1, V2,
-            Hex.decode("a1b2c3d4e543415653696412daed24199775845035176e67b0ace1b413e0"));
-
-        if (x == null
-            || !areEqual(Hex.decode("24a246e6cbaae19e4e8bffbe3167fbbc"), x))
-        {
-            fail("DH unified Test Vector #1 agreement failed, got: " + Hex.toHexString(x));
-        }
-    }
-
-    private void testECUnifiedTestVector1()
-        throws Exception
-    {
-        // Test Vector from NIST sample data
-
-        ECNamedCurveParameterSpec namedSpec = ECNamedCurveTable.getParameterSpec("P-224");
-        KeyFactory ecKeyFact = KeyFactory.getInstance("EC", "BC");
-
-        EllipticCurve ecCurve = new EllipticCurve(
-            new ECFieldFp(namedSpec.getCurve().getField().getCharacteristic()),
-            namedSpec.getCurve().getA().toBigInteger(), namedSpec.getCurve().getB().toBigInteger());
-        ECParameterSpec ecSpec = new ECParameterSpec(ecCurve,
-            new ECPoint(namedSpec.getG().getAffineXCoord().toBigInteger(), namedSpec.getG().getAffineYCoord().toBigInteger()),
-            namedSpec.getN(), namedSpec.getH().intValue());
-        
-        KeyPair U1 = new KeyPair(
-            ecKeyFact.generatePublic(new ECPublicKeySpec(
-                ECPointUtil.decodePoint(ecCurve, Hex.decode("040784e946ef1fae0cfe127042a310a018ba639d3f6b41f265904f0a7b21b7953efe638b45e6c0c0d34a883a510ce836d143d831daa9ce8a12")), ecSpec)),
-            ecKeyFact.generatePrivate(new ECPrivateKeySpec(
-                new BigInteger("86d1735ca357890aeec8eccb4859275151356ecee9f1b2effb76b092", 16), ecSpec)));
-
-        KeyPair U2 = new KeyPair(
-            ecKeyFact.generatePublic(new ECPublicKeySpec(
-                ECPointUtil.decodePoint(ecCurve, Hex.decode("04b33713dc0d56215be26ee6c5e60ad36d12e02e78529ae3ff07873c6b39598bda41c1cf86ee3981f40e102333c15fef214bda034291c1aca6")), ecSpec)),
-            ecKeyFact.generatePrivate(new ECPrivateKeySpec(
-                new BigInteger("764010b3137ef8d34a3552955ada572a4fa1bb1f5289f27c1bf18344", 16), ecSpec)));
-
-        KeyPair V1 = new KeyPair(
-            ecKeyFact.generatePublic(new ECPublicKeySpec(
-                ECPointUtil.decodePoint(ecCurve, Hex.decode("0484c22d9575d09e280613c8758467f84869c6eede4f6c1b644517d6a72c4fc5c68fa12b4c259032fc5949c630259948fca38fb3342d9cb0a8")), ecSpec)),
-            ecKeyFact.generatePrivate(new ECPrivateKeySpec(
-                new BigInteger("e37964e391f5058fb43435352a9913438a1ec10831f755273285230a", 16), ecSpec)));
-
-        KeyPair V2 = new KeyPair(
-            ecKeyFact.generatePublic(new ECPublicKeySpec(
-                ECPointUtil.decodePoint(ecCurve, Hex.decode("044b917e9ce693b277c8095e535ea81c2dea089446a8c55438eda750fb6170c85b86390481fff2dff94b7dff3e42d35ff623921cb558967b48")), ecSpec)),
-            ecKeyFact.generatePrivate(new ECPrivateKeySpec(
-                new BigInteger("ab40d67f59ba7265d8ad33ade8f704d13a7ba2298b69172a7cd02515", 16), ecSpec)));
-
-        byte[] x = calculateUnifiedAgreement("ECCDHUwithSHA224CKDF", "AES[128]", U1, U2, V1, V2,
-            Hex.decode("a1b2c3d4e54341565369643dba868da77897b6552f6f767ad873b232aa4a810a91863ec3dc86db53359a772dd76933"));
-
-        if (x == null
-            || !areEqual(Hex.decode("63b7ba5699927cb08e058b76af7fc0b0"), x))
-        {
-            fail("EC unified Test Vector #1 agreement failed, got: " + Hex.toHexString(x));
-        }
-    }
-
-    private void testECUnifiedTestVector2()
-        throws Exception
-    {
-        // Test Vector from NIST sample data
-
-        ECNamedCurveParameterSpec namedSpec = ECNamedCurveTable.getParameterSpec("P-256");
-        KeyFactory ecKeyFact = KeyFactory.getInstance("EC", "BC");
-
-        EllipticCurve ecCurve = new EllipticCurve(
-            new ECFieldFp(namedSpec.getCurve().getField().getCharacteristic()),
-            namedSpec.getCurve().getA().toBigInteger(), namedSpec.getCurve().getB().toBigInteger());
-        ECParameterSpec ecSpec = new ECParameterSpec(ecCurve,
-            new ECPoint(namedSpec.getG().getAffineXCoord().toBigInteger(), namedSpec.getG().getAffineYCoord().toBigInteger()),
-            namedSpec.getN(), namedSpec.getH().intValue());
-
-        KeyPair U1 = new KeyPair(
-            ecKeyFact.generatePublic(new ECPublicKeySpec(
-                ECPointUtil.decodePoint(ecCurve, Hex.decode("047581b35964a983414ebdd56f4ebb1ddcad10881b200666a51ae41306e1ecf1db368468a5e8a65ca10ccea526472c8982db68316c468800e171c11f4ee694fce4")), ecSpec)),
-            ecKeyFact.generatePrivate(new ECPrivateKeySpec(
-                new BigInteger("2eb7ef76d4936123b6f13035045aedf45c1c7731f35d529d25941926b5bb38bb", 16), ecSpec)));
-
-        KeyPair U2 = new KeyPair(
-            ecKeyFact.generatePublic(new ECPublicKeySpec(
-                ECPointUtil.decodePoint(ecCurve, Hex.decode("045b1e4cdeb0728333c0a51631b1a75269e4878d10732f4cb94d600483db4bd9ee625c374592c3db7e9f8b4f2c91a0098a158bc37b922e4243bd9cbdefe67d6ab0")), ecSpec)),
-            ecKeyFact.generatePrivate(new ECPrivateKeySpec(
-                new BigInteger("78acde388a022261767e6b3dd6dd016c53b70a084260ec87d395aec761c082de", 16), ecSpec)));
-
-        KeyPair V1 = new KeyPair(
-            ecKeyFact.generatePublic(new ECPublicKeySpec(
-                ECPointUtil.decodePoint(ecCurve, Hex.decode("04e4916d616803ff1bd9569f35b7d06f792f19c1fb4e6fa916d686c027a17d8dffd570193d8e101624ac2ea0bcb762d5613f05452670f09af66ef70861fb528868")), ecSpec)),
-            ecKeyFact.generatePrivate(new ECPrivateKeySpec(
-                new BigInteger("9c85898640a1b1de8ce7f557492dc1460530b9e17afaaf742eb953bb644e9c5a", 16), ecSpec)));
-
-        KeyPair V2 = new KeyPair(
-            ecKeyFact.generatePublic(new ECPublicKeySpec(
-                ECPointUtil.decodePoint(ecCurve, Hex.decode("04d1cd23c29d0fc865c316d44a1fd5adb6605ee47c9ddfec3a9b0a5e532d52704e74ff5d149aeb50856fefb38d5907b6dbb580fe6dc166bcfcbee4eb376d77e95c")), ecSpec)),
-            ecKeyFact.generatePrivate(new ECPrivateKeySpec(
-                new BigInteger("d6e11d5d3b85b201b8f4c12dadfad3000e267961a806a0658a2b859d44389599", 16), ecSpec)));
-
-        byte[] x = calculateUnifiedAgreement("ECCDHUwithSHA256CKDF", "AES[128]",
-            U1, U2, V1, V2, Hex.decode("a1b2c3d4e54341565369649018558dc958160b4b1d240d06ea07c6f321a752496c1a3ff45cbb4b43507c6fe1997d1d"));
-
-        if (x == null
-            || !areEqual(Hex.decode("221d252072d6f85b8298eab6fc38634e"), x))
-        {
-            fail("EC unified Test Vector #2 agreement failed");
-        }
-    }
-
-    private void testECUnifiedTestVector3()
-        throws Exception
-    {
-        // Test Vector from NIST sample data - One pass unified.
-
-        ECNamedCurveParameterSpec namedSpec = ECNamedCurveTable.getParameterSpec("P-224");
-        KeyFactory ecKeyFact = KeyFactory.getInstance("EC", "BC");
-
-        EllipticCurve ecCurve = new EllipticCurve(
-            new ECFieldFp(namedSpec.getCurve().getField().getCharacteristic()),
-            namedSpec.getCurve().getA().toBigInteger(), namedSpec.getCurve().getB().toBigInteger());
-        ECParameterSpec ecSpec = new ECParameterSpec(ecCurve,
-            new ECPoint(namedSpec.getG().getAffineXCoord().toBigInteger(), namedSpec.getG().getAffineYCoord().toBigInteger()),
-            namedSpec.getN(), namedSpec.getH().intValue());
-
-        KeyPair U1 = new KeyPair(
-            ecKeyFact.generatePublic(new ECPublicKeySpec(
-                ECPointUtil.decodePoint(ecCurve, Hex.decode("04030f136fa7fef90d185655ed1c6d46bacdb82001714e682cc80ca6b2d7c62e2f2e19d11755dba4aafd7e1ee5fda3e5f4d0af9a3ad773c38a")), ecSpec)),
-            ecKeyFact.generatePrivate(new ECPrivateKeySpec(
-                new BigInteger("6fc464c741f52b2a2e4cde35673b87fdd0f52caf4e716230b11570ba", 16), ecSpec)));
-
-        KeyPair V1 = new KeyPair(
-            ecKeyFact.generatePublic(new ECPublicKeySpec(
-                ECPointUtil.decodePoint(ecCurve, Hex.decode("048f87f5f8a632c9a3348ea85b596c01c12ca29ca71583dcdc27ff9766351416a707b95fae67d56be5119b460a446b6a02db20a13bbc8ed13b")), ecSpec)),
-            ecKeyFact.generatePrivate(new ECPrivateKeySpec(
-                new BigInteger("f5cb57a08a6949d3f2c2cc02e7c2252cecb3ebb8b3572943ceb407c7", 16), ecSpec)));
-
-        KeyPair V2 = new KeyPair(
-            ecKeyFact.generatePublic(new ECPublicKeySpec(
-                ECPointUtil.decodePoint(ecCurve, Hex.decode("046fcc7d01f905b279e9413645d24cc30d293b98b0ea7bfe87124e4951eba04a74817f596a67c0bfe3b4f4cee99537a2ac1c6470dd006be8ca")), ecSpec)),
-            ecKeyFact.generatePrivate(new ECPrivateKeySpec(
-                new BigInteger("505b6f372725e293cda07bf0dd14dabe2faf0edaa5ab1c7d187a6138", 16), ecSpec)));
-
-        byte[] x = calculateUnifiedAgreement("ECCDHUwithSHA224CKDF", "AES[128]", U1, U1, V1, V2,
-            Hex.decode("a1b2c3d4e5434156536964b62d3197031c27af0e3b45228a8768efcc0b39a375f8f61852f8765b80c067eed4e4db30"));
-
-        if (x == null
-            || !areEqual(Hex.decode("0c96fa268b89cf664392621ad5e174a6"), x))
-        {
-            fail("EC unified Test Vector #3 agreement failed, got: " + Hex.toHexString(x));
-        }
-    }
-
-    private byte[] calculateUnifiedAgreement(
-        String alg,
-        String keyAlg,
-        KeyPair U1,
-        KeyPair U2,
-        KeyPair V1,
-        KeyPair V2,
-        byte[] oi)
-        throws Exception
-    {
-        KeyAgreement u = KeyAgreement.getInstance(alg, "BC");
-
-        u.init(U1.getPrivate(), new DHUParameterSpec(U2, V2.getPublic(), oi));
-
-        u.doPhase(V1.getPublic(), true);
-
-        SecretKey uk = u.generateSecret(keyAlg);
-        byte[] ux = uk.getEncoded();
-
-        KeyAgreement v = KeyAgreement.getInstance(alg, "BC");
-
-        v.init(V1.getPrivate(), new DHUParameterSpec(V2, U2.getPublic(), oi));
-
-        v.doPhase(U1.getPublic(), true);
-
-        SecretKey vk = v.generateSecret(keyAlg);
-        byte[] vx = vk.getEncoded();
-
-        if (areEqual(ux, vx))
-        {
-            return ux;
-        }
-
-        return null;
-    }
-
-    private void testExceptions()
-        throws Exception
-    {
-        try
-        {
-            KeyAgreement aKeyAgree = KeyAgreement.getInstance("DH", "BC");
-
-            aKeyAgree.generateSecret("DES");
-            fail("no exception");
-        }
-        catch (IllegalStateException e)
-        {
-            // okay
-        }
-        catch (Exception e)
-        {
-            fail("Unexpected exception: " + e, e);
-        }
-
-        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("EC", "BC");
-
-        keyGen.initialize(256);
-
-        KeyPair kp = keyGen.generateKeyPair();
-        KeyAgreement agreement = KeyAgreement.getInstance("ECDH", "BC");
-
-        agreement.init(kp.getPrivate());
-        try
-        {
-            ECPoint fakePubPoint = new ECPoint(new BigInteger("12345"), new BigInteger("23457"));
-            ECPublicKeySpec fakePubSpec = new ECPublicKeySpec(fakePubPoint, ((ECPublicKey)kp.getPublic()).getParams());
-            KeyFactory kf = KeyFactory.getInstance("EC", "BC");
-            PublicKey fakePub = kf.generatePublic(fakePubSpec);
-            agreement.doPhase(fakePub, true);
-
-            fail("no exception on dud point");
-        }
-        catch (java.security.spec.InvalidKeySpecException e)
-        {
-            isTrue("wrong message: " + e.getMessage(), "invalid KeySpec: Point not on curve".equals(e.getMessage()));
-        }
-        catch (java.security.InvalidKeyException e)
-        {
-            isTrue("wrong message: " + e.getMessage(), "calculation failed: Invalid point".equals(e.getMessage()));
-        }
-
-        agreement = KeyAgreement.getInstance("ECDH", "BC");
-
-        try
-        {
-            agreement.init(kp.getPrivate(), new UserKeyingMaterialSpec(new byte[20]));
-            fail("no exception");
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            isTrue("no KDF specified for UserKeyingMaterialSpec".equals(e.getMessage()));
-        }
-    }
-
-    private void testDESAndDESede(BigInteger g, BigInteger p)
-        throws Exception
-    {
-        DHParameterSpec dhParams = new DHParameterSpec(p, g, 256);
-
-        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DH", "BC");
-
-        keyGen.initialize(dhParams);
-
-        KeyPair kp = keyGen.generateKeyPair();
-
-        KeyAgreement keyAgreement = KeyAgreement.getInstance("DH", "BC");
-
-        keyAgreement.init(kp.getPrivate());
-        keyAgreement.doPhase(kp.getPublic(), true);
-
-        SecretKey key = keyAgreement.generateSecret("DES");
-
-        if (key.getEncoded().length != 8)
-        {
-            fail("DES length wrong");
-        }
-
-        if (!DESKeySpec.isParityAdjusted(key.getEncoded(), 0))
-        {
-            fail("DES parity wrong");
-        }
-
-        key = keyAgreement.generateSecret("DESEDE");
-
-        if (key.getEncoded().length != 24)
-        {
-            fail("DESEDE length wrong");
-        }
-
-        if (!DESedeKeySpec.isParityAdjusted(key.getEncoded(), 0))
-        {
-            fail("DESEDE parity wrong");
-        }
-
-        key = keyAgreement.generateSecret("Blowfish");
-
-        if (key.getEncoded().length != 16)
-        {
-            fail("Blowfish length wrong");
-        }
-    }
-
-    private void testInitialise()
-        throws Exception
-    {
-        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DH", "BC");
-
-        keyGen.initialize(512);
-
-        keyGen.generateKeyPair();
-
-        testTwoParty("DH", 512, 0, keyGen);
-    }
-
-    private void testSmallSecret()
-        throws Exception
-    {
-        BigInteger p = new BigInteger("ff3b512a4cc0961fa625d6cbd9642c377ece46b8dbc3146a98e0567f944034b5e3a1406edb179a77cd2539bdb74dc819f0a74d486606e26e578ff52c5242a5ff", 16);
-        BigInteger g = new BigInteger("58a66667431136e99d86de8199eb650a21afc9de3dd4ef9da6dfe89c866e928698952d95e68b418becef26f23211572eebfcbf328809bdaf02bba3d24c74f8c0", 16);
-
-        DHPrivateKeySpec aPrivSpec = new DHPrivateKeySpec(
-            new BigInteger("30a6ea4e2240a42867ad98bd3adbfd5b81aba48bd930f20a595983d807566f7cba4e766951efef2c6c0c1be3823f63d66e12c2a091d5ff3bbeb1ea6e335d072d", 16), p, g);
-        DHPublicKeySpec aPubSpec = new DHPublicKeySpec(
-            new BigInteger("694dfea1bfc8897e2fcbfd88033ab34f4581892d7d5cc362dc056e3d43955accda12222bd651ca31c85f008a05dea914de68828dfd83a54a340fa84f3bbe6caf", 16), p, g);
-
-        DHPrivateKeySpec bPrivSpec = new DHPrivateKeySpec(
-            new BigInteger("775b1e7e162190700e2212dd8e4aaacf8a2af92c9c108b81d5bf9a14548f494eaa86a6c4844b9512eb3e3f2f22ffec44c795c813edfea13f075b99bbdebb34bd", 16), p, g);
-
-        DHPublicKeySpec bPubSpec = new DHPublicKeySpec(
-            new BigInteger("d8ddd4ff9246635eadbfa0bc2ef06d98a329b6e8cd2d1435d7b4921467570e697c9a9d3c172c684626a9d2b6b2fa0fc725d5b91f9a9625b717a4169bc714b064", 16), p, g);
-
-        KeyFactory kFact = KeyFactory.getInstance("DH", "BC");
-
-        byte[] secret = testTwoParty("DH", 512, 0, new KeyPair(kFact.generatePublic(aPubSpec), kFact.generatePrivate(aPrivSpec)), new KeyPair(kFact.generatePublic(bPubSpec), kFact.generatePrivate(bPrivSpec)));
-
-        if (secret.length != ((p.bitLength() + 7) / 8))
-        {
-            fail("short secret wrong length");
-        }
-
-        if (!Arrays.areEqual(Hex.decode("00340d3309ddc86e99e2f0be4fc212837bfb5c59336b09b9e1aeb1884b72c8b485b56723d0bf1c1d37fc89a292fc1cface9125106f1df15f55f22e4f77c5879b"), secret))
-        {
-            fail("short secret mismatch");
-        }
-    }
-
-    private void testEnc()
-        throws Exception
-    {
-        KeyFactory kFact = KeyFactory.getInstance("DH", "BC");
-
-        Key k = kFact.generatePrivate(new PKCS8EncodedKeySpec(samplePrivEnc));
-
-        if (!Arrays.areEqual(samplePrivEnc, k.getEncoded()))
-        {
-            fail("private key re-encode failed");
-        }
-
-        k = kFact.generatePublic(new X509EncodedKeySpec(samplePubEnc));
-
-        if (!Arrays.areEqual(samplePubEnc, k.getEncoded()))
-        {
-            fail("public key re-encode failed");
-        }
-
-        k = kFact.generatePublic(new X509EncodedKeySpec(oldPubEnc));
-
-        if (!Arrays.areEqual(oldPubEnc, k.getEncoded()))
-        {
-            fail("old public key re-encode failed");
-        }
-
-        k = kFact.generatePublic(new X509EncodedKeySpec(oldFullParams));
-
-        if (!Arrays.areEqual(oldFullParams, k.getEncoded()))
-        {
-            fail("old full public key re-encode failed");
-        }
-    }
-
-    private void testConfig()
-    {
-        ConfigurableProvider prov = new BouncyCastleProvider();
-
-        DHParameterSpec dhSpec512 = new DHParameterSpec(
-            new BigInteger("fca682ce8e12caba26efccf7110e526db078b05edecbcd1eb4a208f3ae1617ae01f35b91a47e6df63413c5e12ed0899bcd132acd50d99151bdc43ee737592e17", 16),
-            new BigInteger("678471b27a9cf44ee91a49c5147db1a9aaf244f05a434d6486931d2d14271b9e35030b71fd73da179069b32e2935630e1c2062354d0da20a6c416e50be794ca4", 16),
-            384);
-
-        DHParameterSpec dhSpec640 = new DHParameterSpec(
-            new BigInteger("c3d5a7f9a1cd7330099cebb60194f5176793a1cf13cd429f37bcbf1a7ddd53893ffdf1228af760c4a448e459d9cbab8302cc8cfc3368db01972108587c72a0f8b512ede0c99a3bef16cda0de529c8be7", 16),
-            new BigInteger("c066a53c43a55e3474e20de07d14a574f6f1febe0b55e4c49bf72b0c712e02a51b03f379f485884bfd1f53819347b69401b9292196092a635320313ec6ee5ee5a5eac7ab9c57f2631a71452feeab3ef", 16),
-            320);
-
-        DHParameterSpec dhSpec1024 = new DHParameterSpec(
-            new BigInteger("fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80b6512669455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b801d346ff26660b76b9950a5a49f9fe8047b1022c24fbba9d7feb7c61bf83b57e7c6a8a6150f04fb83f6d3c51ec3023554135a169132f675f3ae2b61d72aeff22203199dd14801c7", 16),
-            new BigInteger("f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b3d0782675159578ebad4594fe67107108180b449167123e84c281613b7cf09328cc8a6e13c167a8b547c8d28e0a3ae1e2bb3a675916ea37f0bfa213562f1fb627a01243bcca4f1bea8519089a883dfe15ae59f06928b665e807b552564014c3bfecf492a", 16),
-            512);
-
-        prov.setParameter(ConfigurableProvider.DH_DEFAULT_PARAMS, dhSpec512);
-
-        if (!dhSpec512.equals(BouncyCastleProvider.CONFIGURATION.getDHDefaultParameters(512)))
-        {
-            fail("config mismatch");
-        }
-
-        if (BouncyCastleProvider.CONFIGURATION.getDHDefaultParameters(640) != null)
-        {
-            fail("config found when none expected");
-        }
-
-        prov.setParameter(ConfigurableProvider.DH_DEFAULT_PARAMS, new DHParameterSpec[]{dhSpec512, dhSpec640, dhSpec1024});
-
-        if (!dhSpec512.equals(BouncyCastleProvider.CONFIGURATION.getDHDefaultParameters(512)))
-        {
-            fail("512 config mismatch");
-        }
-
-        if (!dhSpec640.equals(BouncyCastleProvider.CONFIGURATION.getDHDefaultParameters(640)))
-        {
-            fail("640 config mismatch");
-        }
-
-        if (!dhSpec1024.equals(BouncyCastleProvider.CONFIGURATION.getDHDefaultParameters(1024)))
-        {
-            fail("1024 config mismatch");
-        }
-
-        prov.setParameter(ConfigurableProvider.DH_DEFAULT_PARAMS, null);
-        
-        if (BouncyCastleProvider.CONFIGURATION.getDHDefaultParameters(640) != null)
-        {
-            fail("config found for 640 when none expected");
-        }
-
-        prov.setParameter(ConfigurableProvider.THREAD_LOCAL_DH_DEFAULT_PARAMS, dhSpec512);
-
-        if (!dhSpec512.equals(BouncyCastleProvider.CONFIGURATION.getDHDefaultParameters(512)))
-        {
-            fail("config mismatch");
-        }
-
-        if (BouncyCastleProvider.CONFIGURATION.getDHDefaultParameters(640) != null)
-        {
-            fail("config found when none expected");
-        }
-
-        prov.setParameter(ConfigurableProvider.THREAD_LOCAL_DH_DEFAULT_PARAMS, new DHParameterSpec[]{dhSpec512, dhSpec640, dhSpec1024});
-
-        if (!dhSpec512.equals(BouncyCastleProvider.CONFIGURATION.getDHDefaultParameters(512)))
-        {
-            fail("512 config mismatch");
-        }
-
-        if (!dhSpec640.equals(BouncyCastleProvider.CONFIGURATION.getDHDefaultParameters(640)))
-        {
-            fail("640 config mismatch");
-        }
-
-        if (!dhSpec1024.equals(BouncyCastleProvider.CONFIGURATION.getDHDefaultParameters(1024)))
-        {
-            fail("1024 config mismatch");
-        }
-
-        prov.setParameter(ConfigurableProvider.THREAD_LOCAL_DH_DEFAULT_PARAMS, null);
-
-        if (BouncyCastleProvider.CONFIGURATION.getDHDefaultParameters(640) != null)
-        {
-            fail("config found for 640 when none expected");
-        }
-    }
-
-    static final String MESSAGE = "Hello";
-
-    static final String PROVIDER_NAME = "BC";
-    static final SecureRandom rand = new SecureRandom();
-
-    public void setUp()
-    {
-        // Add BouncyCastle for testing.
-        Security.insertProviderAt(new BouncyCastleProvider(), 1);
-        System.out.println("WARNING: Using BouncyCastleProvider");
-    }
-
-    public DHParameterSpec ike2048()
-    {
-        final BigInteger p = new BigInteger(
-            "ffffffffffffffffc90fdaa22168c234c4c6628b80dc1cd129024e088a67cc74"
-                + "020bbea63b139b22514a08798e3404ddef9519b3cd3a431b302b0a6df25f1437"
-                + "4fe1356d6d51c245e485b576625e7ec6f44c42e9a637ed6b0bff5cb6f406b7ed"
-                + "ee386bfb5a899fa5ae9f24117c4b1fe649286651ece45b3dc2007cb8a163bf05"
-                + "98da48361c55d39a69163fa8fd24cf5f83655d23dca3ad961c62f356208552bb"
-                + "9ed529077096966d670c354e4abc9804f1746c08ca18217c32905e462e36ce3b"
-                + "e39e772c180e86039b2783a2ec07a28fb5c55df06f4c52c9de2bcbf695581718"
-                + "3995497cea956ae515d2261898fa051015728e5a8aacaa68ffffffffffffffff", 16);
-        final BigInteger g = new BigInteger("2");
-        return new DHParameterSpec(p, g);
-    }
-
-    /**
-     * Tests whether a provider accepts invalid public keys that result in predictable shared secrets.
-     * This test is based on RFC 2785, Section 4 and NIST SP 800-56A,
-     * If an attacker can modify both public keys in an ephemeral-ephemeral key agreement scheme then
-     * it may be possible to coerce both parties into computing the same predictable shared key.
-     * <p/>
-     * Note: the test is quite whimsical. If the prime p is not a safe prime then the provider itself
-     * cannot prevent all small-subgroup attacks because of the missing parameter q in the
-     * Diffie-Hellman parameters. Implementations must add additional countermeasures such as the ones
-     * proposed in RFC 2785.
-     */
-    private void testSubgroupConfinement()
-        throws Exception
-    {
-        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DH", "BC");
-        DHParameterSpec params = ike2048();
-        final BigInteger p = params.getP();
-        final BigInteger g = params.getG();
-        keyGen.initialize(params);
-        PrivateKey priv = keyGen.generateKeyPair().getPrivate();
-        KeyAgreement ka = KeyAgreement.getInstance("DH", "BC");
-        BigInteger[] weakPublicKeys = {
-            BigInteger.ZERO, BigInteger.ONE, p.subtract(BigInteger.ONE), p,
-            p.add(BigInteger.ONE), BigInteger.ONE.negate()};
-        for (final BigInteger weakKey : weakPublicKeys)
-        {
-            DHPublicKeySpec weakSpec = new DHPublicKeySpec(weakKey, p, g);
-            KeyFactory kf = KeyFactory.getInstance("DH", "BC");
-            try
-            {
-                kf.generatePublic(weakSpec);
-                fail("Generated weak public key");
-            }
-            catch (GeneralSecurityException ex)
-            {
-                isTrue("wrong message (generate)", "invalid DH public key".equals(ex.getMessage()));
-            }
-            ka.init(priv);
-            try
-            {
-                ka.doPhase(new DHPublicKey()
-                {
-                    public BigInteger getY()
-                    {
-                        return weakKey;
-                    }
-
-                    public DHParameterSpec getParams()
-                    {
-                        return new DHParameterSpec(p, g);
-                    }
-
-                    public String getAlgorithm()
-                    {
-                        return null;
-                    }
-
-                    public String getFormat()
-                    {
-                        return null;
-                    }
-
-                    public byte[] getEncoded()
-                    {
-                        return new byte[0];
-                    }
-                }, true);
-                fail("Generated secrets with weak public key");
-            }
-            catch (GeneralSecurityException ex)
-            {
-                isTrue("wrong message (doPhase)", "Invalid DH PublicKey".equals(ex.getMessage()));
-            }
-        }
-    }
-
-    private void testGenerateUsingStandardGroup()
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("DH", "BC");
-        DHDomainParameterSpec mySpec = new DHDomainParameterSpec(DHStandardGroups.rfc7919_ffdhe2048);
-        kpGen.initialize(mySpec, new SecureRandom());
-        KeyPair kp = kpGen.generateKeyPair();
-
-        /* Obtain encoded keys */
-        PKCS8EncodedKeySpec pkcs = new PKCS8EncodedKeySpec(kp.getPrivate().getEncoded());
-        X509EncodedKeySpec x509 = new X509EncodedKeySpec(kp.getPublic().getEncoded());
-    }
-
-    private KeyPair generateDHKeyPair()
-        throws GeneralSecurityException
-    {
-        KeyPairGenerator keyPairGen = KeyPairGenerator.getInstance("DH", "BC");
-
-        keyPairGen.initialize(2048);
-
-        return keyPairGen.generateKeyPair();
-    }
-
-    private SecretKey mqvGenerateAESKey(
-        PrivateKey aPriv, PublicKey aPubEph, PrivateKey aPrivEph, PublicKey bPub, PublicKey bPubEph, byte[] keyMaterial)
-        throws GeneralSecurityException
-    {
-        KeyAgreement agreement = KeyAgreement.getInstance("MQVwithSHA256KDF", "BC");
-
-        agreement.init(aPriv, new MQVParameterSpec(aPubEph, aPrivEph, bPubEph, keyMaterial));
-
-        agreement.doPhase(bPub, true);
-
-        return agreement.generateSecret("AES");
-    }
-
-    private void mqvTest()
-        throws Exception
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        // Generate the key pairs for party A and party B
-        KeyPair aKpS = generateDHKeyPair();
-        KeyPair aKpE = generateDHKeyPair();    // A's ephemeral pair
-        KeyPair bKpS = generateDHKeyPair();
-        KeyPair bKpE = generateDHKeyPair();    // B's ephemeral pair
-
-        // key agreement generating an AES key
-        byte[] keyMaterial = Strings.toByteArray("For an AES key");
-
-        SecretKey aKey = mqvGenerateAESKey(
-            aKpS.getPrivate(),
-            aKpE.getPublic(), aKpE.getPrivate(),
-            bKpS.getPublic(), bKpE.getPublic(), keyMaterial);
-        SecretKey bKey = mqvGenerateAESKey(
-            bKpS.getPrivate(),
-            bKpE.getPublic(), bKpE.getPrivate(),
-            aKpS.getPublic(), aKpE.getPublic(), keyMaterial);
-
-        // compare the two return values.
-        isTrue(Arrays.areEqual(aKey.getEncoded(), bKey.getEncoded()));
-
-        // check with encoding
-        KeyFactory kFact = KeyFactory.getInstance("DH", "BC");
-
-        aKey = mqvGenerateAESKey(
-            kFact.generatePrivate(new PKCS8EncodedKeySpec(aKpS.getPrivate().getEncoded())),
-            aKpE.getPublic(), aKpE.getPrivate(),
-            bKpS.getPublic(), kFact.generatePublic(new X509EncodedKeySpec(bKpE.getPublic().getEncoded())), keyMaterial);
-        bKey = mqvGenerateAESKey(
-            bKpS.getPrivate(),
-            bKpE.getPublic(), kFact.generatePrivate(new PKCS8EncodedKeySpec(bKpE.getPrivate().getEncoded())),
-            aKpS.getPublic(), aKpE.getPublic(), keyMaterial);
-
-        // compare the two return values.
-        isTrue(Arrays.areEqual(aKey.getEncoded(), bKey.getEncoded()));
-    }
-
-    private void generalKeyTest()
-        throws Exception
-    {
-        SecureRandom random = new SecureRandom();
-
-        int[] keySizes = new int[]{512, 768, 1024, 2048};
-        for (int i = 0; i != keySizes.length; i++)
-        {
-            final KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("DH", "BC");
-            keyPairGenerator.initialize(keySizes[i], random);
-            keyPairGenerator.generateKeyPair();
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        generalKeyTest();
-        testDefault(64, g512, p512);
-        mqvTest();
-
-        testEnc();
-        testGP("DH", 512, 0, g512, p512);
-        testGP("DiffieHellman", 768, 0, g768, p768);
-        testGP("DIFFIEHELLMAN", 1024, 0, g1024, p1024);
-        testGP("DH", 512, 64, g512, p512);
-        testGP("DiffieHellman", 768, 128, g768, p768);
-        testGP("DIFFIEHELLMAN", 1024, 256, g1024, p1024);
-        testExplicitWrapping(512, 0, g512, p512);
-        testRandom(256);
-
-        testECDH("ECDH");
-        testECDH("ECDHC");
-        testECDH("ECDH", "secp521r1", "AES", 256);
-        testECDH("ECDH", "secp521r1", "DESEDE", 192);
-        testECDH("ECDH", "secp521r1", "DES", 64);
-        testECDH("ECDHwithSHA1KDF", "secp521r1", "AES", 256);
-        testECDH("ECDHwithSHA1KDF", "secp521r1", "DESEDE", 192);
-        testECDH("ECDH", "Curve25519", "AES", 256);
-        testECDH("ECDH", "Curve25519", "DESEDE", 192);
-        testECDH("ECDH", "Curve25519", "DES", 64);
-        testECDH("ECDHwithSHA1KDF", "Curve25519", "AES", 256);
-        testECDH("ECKAEGWITHSHA1KDF", "secp256r1", BSIObjectIdentifiers.ecka_eg_X963kdf_SHA1, "DESEDE", 192);
-        testECDH("ECKAEGWITHSHA224KDF", "secp256r1", BSIObjectIdentifiers.ecka_eg_X963kdf_SHA224, "DESEDE", 192);
-        testECDH("ECKAEGWITHSHA256KDF", "secp256r1", BSIObjectIdentifiers.ecka_eg_X963kdf_SHA256, "DESEDE", 192);
-        testECDH("ECKAEGWITHSHA384KDF", "secp256r1", BSIObjectIdentifiers.ecka_eg_X963kdf_SHA384,"AES", 256);
-        testECDH("ECKAEGWITHSHA512KDF", "secp256r1", BSIObjectIdentifiers.ecka_eg_X963kdf_SHA512,"DESEDE", 192);
-        testECDH("ECKAEGWITHRIPEMD160KDF", "secp256r1", BSIObjectIdentifiers.ecka_eg_X963kdf_RIPEMD160, "AES", 256);
-
-        testExceptions();
-        testDESAndDESede(g768, p768);
-        testInitialise();
-        testSmallSecret();
-        testConfig();
-        testSubgroupConfinement();
-
-        testECUnifiedTestVector1();
-        testECUnifiedTestVector2();
-        testECUnifiedTestVector3();
-
-        testDHUnifiedTestVector1();
-
-        testMinSpecValue();
-        testGenerateUsingStandardGroup();
-    }
-
-    public static void main(
-        String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new DHTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DRBGTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DRBGTest.java
deleted file mode 100644
index f17f484..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DRBGTest.java
+++ /dev/null

@@ -1,37 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.security.SecureRandom;
-import java.security.Security;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * This test needs to be run with -Djava.security.debug=provider
- */
-public class DRBGTest
-    extends SimpleTest
-{
-    public DRBGTest()
-    {
-    }
-    
-    public String getName()
-    {
-        return "DRBG";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        SecureRandom.getInstance("DEFAULT", "BC");
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new DRBGTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DSATest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DSATest.java
deleted file mode 100644
index 8d0f46b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DSATest.java
+++ /dev/null

@@ -1,1392 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.math.BigInteger;
-import java.security.AlgorithmParameterGenerator;
-import java.security.AlgorithmParameters;
-import java.security.InvalidKeyException;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.Signature;
-import java.security.SignatureException;
-import java.security.interfaces.DSAParams;
-import java.security.interfaces.DSAPrivateKey;
-import java.security.interfaces.DSAPublicKey;
-import java.security.spec.DSAParameterSpec;
-import java.security.spec.DSAPrivateKeySpec;
-import java.security.spec.DSAPublicKeySpec;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
-import org.bouncycastle.asn1.nist.NISTNamedCurves;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x9.ECNamedCurveTable;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-import org.bouncycastle.crypto.params.DSAParameters;
-import org.bouncycastle.crypto.params.DSAPublicKeyParameters;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.signers.DSASigner;
-import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECNamedCurveGenParameterSpec;
-import org.bouncycastle.jce.spec.ECParameterSpec;
-import org.bouncycastle.jce.spec.ECPrivateKeySpec;
-import org.bouncycastle.jce.spec.ECPublicKeySpec;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.BigIntegers;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.FixedSecureRandom;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestRandomBigInteger;
-import org.bouncycastle.util.test.TestRandomData;
-
-public class DSATest
-    extends SimpleTest
-{
-    byte[] k1 = Hex.decode("d5014e4b60ef2ba8b6211b4062ba3224e0427dd3");
-    byte[] k2 = Hex.decode("345e8d05c075c3a508df729a1685690e68fcfb8c8117847e89063bca1f85d968fd281540b6e13bd1af989a1fbf17e06462bf511f9d0b140fb48ac1b1baa5bded");
-
-    SecureRandom    random = new FixedSecureRandom(new byte[][] { k1, k2 });
-
-    // DSA modified signatures, courtesy of the Google security team
-    static final DSAPrivateKeySpec PRIVATE_KEY = new DSAPrivateKeySpec(
-        // x
-        new BigInteger(
-            "15382583218386677486843706921635237927801862255437148328980464126979"),
-        // p
-        new BigInteger(
-            "181118486631420055711787706248812146965913392568235070235446058914"
-            + "1170708161715231951918020125044061516370042605439640379530343556"
-            + "4101919053459832890139496933938670005799610981765220283775567361"
-            + "4836626483403394052203488713085936276470766894079318754834062443"
-            + "1033792580942743268186462355159813630244169054658542719322425431"
-            + "4088256212718983105131138772434658820375111735710449331518776858"
-            + "7867938758654181244292694091187568128410190746310049564097068770"
-            + "8161261634790060655580211122402292101772553741704724263582994973"
-            + "9109274666495826205002104010355456981211025738812433088757102520"
-            + "562459649777989718122219159982614304359"),
-        // q
-        new BigInteger(
-            "19689526866605154788513693571065914024068069442724893395618704484701"),
-        // g
-        new BigInteger(
-            "2859278237642201956931085611015389087970918161297522023542900348"
-            + "0877180630984239764282523693409675060100542360520959501692726128"
-            + "3149190229583566074777557293475747419473934711587072321756053067"
-            + "2532404847508798651915566434553729839971841903983916294692452760"
-            + "2490198571084091890169933809199002313226100830607842692992570749"
-            + "0504363602970812128803790973955960534785317485341020833424202774"
-            + "0275688698461842637641566056165699733710043802697192696426360843"
-            + "1736206792141319514001488556117408586108219135730880594044593648"
-            + "9237302749293603778933701187571075920849848690861126195402696457"
-            + "4111219599568903257472567764789616958430"));
-
-    static final DSAPublicKeySpec PUBLIC_KEY = new DSAPublicKeySpec(
-        new BigInteger(
-            "3846308446317351758462473207111709291533523711306097971550086650"
-            + "2577333637930103311673872185522385807498738696446063139653693222"
-            + "3528823234976869516765207838304932337200968476150071617737755913"
-            + "3181601169463467065599372409821150709457431511200322947508290005"
-            + "1780020974429072640276810306302799924668893998032630777409440831"
-            + "4314588994475223696460940116068336991199969153649625334724122468"
-            + "7497038281983541563359385775312520539189474547346202842754393945"
-            + "8755803223951078082197762886933401284142487322057236814878262166"
-            + "5072306622943221607031324846468109901964841479558565694763440972"
-            + "5447389416166053148132419345627682740529"),
-         PRIVATE_KEY.getP(),
-         PRIVATE_KEY.getQ(),
-         PRIVATE_KEY.getG());
-
-    // The following test vectors check for signature malleability and bugs. That means the test
-    // vectors are derived from a valid signature by modifying the ASN encoding. A correct
-    // implementation of DSA should only accept correct DER encoding and properly handle the others.
-    // Allowing alternative BER encodings is in many cases benign. An example where this kind of
-    // signature malleability was a problem: https://en.bitcoin.it/wiki/Transaction_Malleability
-    static final String[] MODIFIED_SIGNATURES  = {
-        "303e02811c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9e"
-        + "f41dd424a4e1c8f16967cf3365813fe8786236",
-        "303f0282001c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f"
-        + "9ef41dd424a4e1c8f16967cf3365813fe8786236",
-        "303e021d001e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9e"
-        + "f41dd424a4e1c8f16967cf3365813fe8786236",
-        "303e021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd02811d00ade65988d237d30f9e"
-        + "f41dd424a4e1c8f16967cf3365813fe8786236",
-        "303f021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd0282001d00ade65988d237d30f"
-        + "9ef41dd424a4e1c8f16967cf3365813fe8786236",
-        "303e021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021e0000ade65988d237d30f9e"
-        + "f41dd424a4e1c8f16967cf3365813fe8786236",
-        "30813d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9e"
-        + "f41dd424a4e1c8f16967cf3365813fe8786236",
-        "3082003d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f"
-        + "9ef41dd424a4e1c8f16967cf3365813fe8786236",
-        "303d021c1e41b479ad576905b960fe14eadb91b0ccf34843dab916173bb8c9cd021d00ade65988d237d30f9ef4"
-        + "1dd424a4e1c8f16967cf3365813fe87862360000",
-        "3040021c57b10411b54ab248af03d8f2456676ebc6d3db5f1081492ac87e9ca8021d00942b117051d7d9d107fc42cac9c5a36a1fd7f0f8916ccca86cec4ed3040100",
-        "303e021c57b10411b54ab248af03d8f2456676ebc6d3db5f1081492ac87e9ca802811d00942b117051d7d9d107fc42cac9c5a36a1fd7f0f8916ccca86cec4ed3"
-    };
-
-    private void testModified()
-        throws Exception
-    {
-        KeyFactory kFact = KeyFactory.getInstance("DSA", "BC");
-        PublicKey pubKey = kFact.generatePublic(PUBLIC_KEY);
-        Signature sig = Signature.getInstance("DSA", "BC");
-
-        for (int i = 0; i != MODIFIED_SIGNATURES.length; i++)
-        {
-            sig.initVerify(pubKey);
-
-            sig.update(Strings.toByteArray("Hello"));
-
-            boolean failed;
-
-            try
-            {
-                failed = !sig.verify(Hex.decode(MODIFIED_SIGNATURES[i]));
-            }
-            catch (SignatureException e)
-            {
-                failed = true;
-            }
-
-            isTrue("sig verified when shouldn't", failed);
-        }
-    }
-
-    private void testCompat()
-        throws Exception
-    {
-        if (Security.getProvider("SUN") == null)
-        {
-            return;
-        }
-
-        Signature           s = Signature.getInstance("DSA", "SUN");
-        KeyPairGenerator    g = KeyPairGenerator.getInstance("DSA", "SUN");
-        byte[]              data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 };
-        
-        g.initialize(512, new SecureRandom());
-        
-        KeyPair p = g.generateKeyPair();
-        
-        PrivateKey  sKey = p.getPrivate();
-        PublicKey   vKey = p.getPublic();
-        
-        //
-        // sign SUN - verify with BC 
-        //
-        s.initSign(sKey);
-        
-        s.update(data);
-        
-        byte[]  sigBytes = s.sign();
-        
-        s = Signature.getInstance("DSA", "BC");
-        
-        s.initVerify(vKey);
-        
-        s.update(data);
-        
-        if (!s.verify(sigBytes))
-        {
-            fail("SUN -> BC verification failed");
-        }
-        
-        //
-        // sign BC - verify with SUN
-        //
-        
-        s.initSign(sKey);
-        
-        s.update(data);
-        
-        sigBytes = s.sign();
-        
-        s = Signature.getInstance("DSA", "SUN");
-        
-        s.initVerify(vKey);
-        
-        s.update(data);
-        
-        if (!s.verify(sigBytes))
-        {
-            fail("BC -> SUN verification failed");
-        }
-
-        //
-        // key encoding test - BC decoding Sun keys
-        //
-        KeyFactory          f = KeyFactory.getInstance("DSA", "BC");
-        X509EncodedKeySpec  x509s = new X509EncodedKeySpec(vKey.getEncoded());
-
-        DSAPublicKey        k1 = (DSAPublicKey)f.generatePublic(x509s);
-
-        checkPublic(k1, vKey);
-        
-        PKCS8EncodedKeySpec  pkcs8 = new PKCS8EncodedKeySpec(sKey.getEncoded());
-
-        DSAPrivateKey        k2 = (DSAPrivateKey)f.generatePrivate(pkcs8);
-
-        checkPrivateKey(k2, sKey);
-        
-        //
-        // key decoding test - SUN decoding BC keys
-        // 
-        f = KeyFactory.getInstance("DSA", "SUN");
-        x509s = new X509EncodedKeySpec(k1.getEncoded());
-        
-        vKey = (DSAPublicKey)f.generatePublic(x509s);
-
-        checkPublic(k1, vKey);
-        
-        pkcs8 = new PKCS8EncodedKeySpec(k2.getEncoded());
-        sKey = f.generatePrivate(pkcs8);
-
-        checkPrivateKey(k2, sKey);
-    }
-
-    private void testNullParameters()
-        throws Exception
-    {
-        KeyFactory f = KeyFactory.getInstance("DSA", "BC");
-        X509EncodedKeySpec x509s = new X509EncodedKeySpec(new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa), new ASN1Integer(10001)).getEncoded());
-
-        DSAPublicKey key1 = (DSAPublicKey)f.generatePublic(x509s);
-        DSAPublicKey key2 = (DSAPublicKey)f.generatePublic(x509s);
-
-        isTrue("parameters not absent", key1.getParams() == null && key2.getParams() == null);
-        isTrue("hashCode mismatch", key1.hashCode() == key2.hashCode());
-        isTrue("not equal", key1.equals(key2));
-        isTrue("encoding mismatch", Arrays.areEqual(x509s.getEncoded(), key1.getEncoded()));
-    }
-
-    private void testValidate()
-        throws Exception
-    {
-        DSAParameterSpec dsaParams = new DSAParameterSpec(
-            new BigInteger(
-                        "F56C2A7D366E3EBDEAA1891FD2A0D099" +
-                        "436438A673FED4D75F594959CFFEBCA7BE0FC72E4FE67D91" +
-                        "D801CBA0693AC4ED9E411B41D19E2FD1699C4390AD27D94C" +
-                        "69C0B143F1DC88932CFE2310C886412047BD9B1C7A67F8A2" +
-                        "5909132627F51A0C866877E672E555342BDF9355347DBD43" +
-                        "B47156B2C20BAD9D2B071BC2FDCF9757F75C168C5D9FC431" +
-                        "31BE162A0756D1BDEC2CA0EB0E3B018A8B38D3EF2487782A" +
-                        "EB9FBF99D8B30499C55E4F61E5C7DCEE2A2BB55BD7F75FCD" +
-                        "F00E48F2E8356BDB59D86114028F67B8E07B127744778AFF" +
-                        "1CF1399A4D679D92FDE7D941C5C85C5D7BFF91BA69F9489D" +
-                        "531D1EBFA727CFDA651390F8021719FA9F7216CEB177BD75", 16),
-            new BigInteger("C24ED361870B61E0D367F008F99F8A1F75525889C89DB1B673C45AF5867CB467", 16),
-            new BigInteger(
-                        "8DC6CC814CAE4A1C05A3E186A6FE27EA" +
-                        "BA8CDB133FDCE14A963A92E809790CBA096EAA26140550C1" +
-                        "29FA2B98C16E84236AA33BF919CD6F587E048C52666576DB" +
-                        "6E925C6CBE9B9EC5C16020F9A44C9F1C8F7A8E611C1F6EC2" +
-                        "513EA6AA0B8D0F72FED73CA37DF240DB57BBB27431D61869" +
-                        "7B9E771B0B301D5DF05955425061A30DC6D33BB6D2A32BD0" +
-                        "A75A0A71D2184F506372ABF84A56AEEEA8EB693BF29A6403" +
-                        "45FA1298A16E85421B2208D00068A5A42915F82CF0B858C8" +
-                        "FA39D43D704B6927E0B2F916304E86FB6A1B487F07D8139E" +
-                        "428BB096C6D67A76EC0B8D4EF274B8A2CF556D279AD267CC" +
-                        "EF5AF477AFED029F485B5597739F5D0240F67C2D948A6279", 16)
-        );
-
-        KeyFactory f = KeyFactory.getInstance("DSA", "BC");
-
-        try
-        {
-            f.generatePublic(new DSAPublicKeySpec(BigInteger.valueOf(1), dsaParams.getP(), dsaParams.getG(), dsaParams.getQ()));
-
-            fail("no exception");
-        }
-        catch (Exception e)
-        {
-            isTrue("mismatch", "invalid KeySpec: y value does not appear to be in correct group".equals(e.getMessage()));
-        }
-    }
-
-    private void testNONEwithDSA()
-        throws Exception
-    {
-        byte[] dummySha1 = Hex.decode("01020304050607080910111213141516");
-
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("DSA", "BC");
-
-        kpGen.initialize(512);
-
-        KeyPair          kp = kpGen.generateKeyPair();
-
-        Signature        sig = Signature.getInstance("NONEwithDSA", "BC");
-
-        sig.initSign(kp.getPrivate());
-
-        sig.update(dummySha1);
-
-        byte[] sigBytes = sig.sign();
-
-        sig.initVerify(kp.getPublic());
-
-        sig.update(dummySha1);
-
-        sig.verify(sigBytes);
-
-        // reset test
-
-        sig.update(dummySha1);
-
-        if (!sig.verify(sigBytes))
-        {
-            fail("NONEwithDSA failed to reset");
-        }
-
-        // lightweight test
-        DSAPublicKey  key = (DSAPublicKey)kp.getPublic();
-        DSAParameters params = new DSAParameters(key.getParams().getP(), key.getParams().getQ(), key.getParams().getG());
-        DSAPublicKeyParameters keyParams = new DSAPublicKeyParameters(key.getY(), params);
-        DSASigner signer = new DSASigner();
-        ASN1Sequence derSig = ASN1Sequence.getInstance(ASN1Primitive.fromByteArray(sigBytes));
-
-        signer.init(false, keyParams);
-
-        if (!signer.verifySignature(dummySha1, ASN1Integer.getInstance(derSig.getObjectAt(0)).getValue(), ASN1Integer.getInstance(derSig.getObjectAt(1)).getValue()))
-        {
-            fail("NONEwithDSA not really NONE!");
-        }
-    }
-
-    private void checkPublic(DSAPublicKey k1, PublicKey vKey)
-    {
-        if (!k1.getY().equals(((DSAPublicKey)vKey).getY()))
-        {
-            fail("public number not decoded properly");
-        }
-
-        if (!k1.getParams().getG().equals(((DSAPublicKey)vKey).getParams().getG()))
-        {
-            fail("public generator not decoded properly");
-        }
-
-        if (!k1.getParams().getP().equals(((DSAPublicKey)vKey).getParams().getP()))
-        {
-            fail("public p value not decoded properly");
-        }
-
-        if (!k1.getParams().getQ().equals(((DSAPublicKey)vKey).getParams().getQ()))
-        {
-            fail("public q value not decoded properly");
-        }
-    }
-
-    private void checkPrivateKey(DSAPrivateKey k2, PrivateKey sKey)
-    {
-        if (!k2.getX().equals(((DSAPrivateKey)sKey).getX()))
-        {
-            fail("private number not decoded properly");
-        }
-
-        if (!k2.getParams().getG().equals(((DSAPrivateKey)sKey).getParams().getG()))
-        {
-            fail("private generator not decoded properly");
-        }
-
-        if (!k2.getParams().getP().equals(((DSAPrivateKey)sKey).getParams().getP()))
-        {
-            fail("private p value not decoded properly");
-        }
-
-        if (!k2.getParams().getQ().equals(((DSAPrivateKey)sKey).getParams().getQ()))
-        {
-            fail("private q value not decoded properly");
-        }
-    }
-
-    private Object serializeDeserialize(Object o)
-        throws Exception
-    {
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        ObjectOutputStream oOut = new ObjectOutputStream(bOut);
-
-        oOut.writeObject(o);
-        oOut.close();
-
-        ObjectInputStream oIn = new ObjectInputStream(new ByteArrayInputStream(bOut.toByteArray()));
-
-        return oIn.readObject();
-    }
-
-    /**
-     * X9.62 - 1998,<br>
-     * J.3.2, Page 155, ECDSA over the field Fp<br>
-     * an example with 239 bit prime
-     */
-    private void testECDSA239bitPrime()
-        throws Exception
-    {
-        BigInteger r = new BigInteger("308636143175167811492622547300668018854959378758531778147462058306432176");
-        BigInteger s = new BigInteger("323813553209797357708078776831250505931891051755007842781978505179448783");
-
-        byte[] kData = BigIntegers.asUnsignedByteArray(new BigInteger("700000017569056646655505781757157107570501575775705779575555657156756655"));
-
-        SecureRandom k = new TestRandomBigInteger(kData);
-
-        X9ECParameters x9 = ECNamedCurveTable.getByName("prime239v1");
-        ECCurve curve = x9.getCurve();
-        ECParameterSpec spec = new ECParameterSpec(curve, x9.getG(), x9.getN(), x9.getH());
-
-        ECPrivateKeySpec priKey = new ECPrivateKeySpec(
-            new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d
-            spec);
-        
-        ECPublicKeySpec pubKey = new ECPublicKeySpec(
-            curve.decodePoint(Hex.decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q
-            spec);
-        
-        Signature           sgr = Signature.getInstance("ECDSA", "BC");
-        KeyFactory          f = KeyFactory.getInstance("ECDSA", "BC");
-        PrivateKey          sKey = f.generatePrivate(priKey);
-        PublicKey           vKey = f.generatePublic(pubKey);
-        
-        sgr.initSign(sKey, k);
-        
-        byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' };
-        
-        sgr.update(message);
-        
-        byte[]  sigBytes = sgr.sign();
-        
-        sgr.initVerify(vKey);
-        
-        sgr.update(message);
-        
-        if (!sgr.verify(sigBytes))
-        {
-            fail("239 Bit EC verification failed");
-        }
-        
-        BigInteger[]  sig = derDecode(sigBytes);
-        
-        if (!r.equals(sig[0]))
-        {
-            fail("r component wrong." + Strings.lineSeparator()
-                    + " expecting: " + r + Strings.lineSeparator()
-                    + " got      : " + sig[0]);
-        }
-        
-        if (!s.equals(sig[1]))
-        {
-            fail("s component wrong." + Strings.lineSeparator()
-                    + " expecting: " + s + Strings.lineSeparator()
-                    + " got      : " + sig[1]);
-        }
-    }
-
-    private void testNONEwithECDSA239bitPrime()
-        throws Exception
-    {
-        X9ECParameters x9 = ECNamedCurveTable.getByName("prime239v1");
-        ECCurve curve = x9.getCurve();
-        ECParameterSpec spec = new ECParameterSpec(curve, x9.getG(), x9.getN(), x9.getH());
-
-        ECPrivateKeySpec priKey = new ECPrivateKeySpec(
-            new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d
-            spec);
-
-        ECPublicKeySpec pubKey = new ECPublicKeySpec(
-            curve.decodePoint(Hex.decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q
-            spec);
-
-        Signature           sgr = Signature.getInstance("NONEwithECDSA", "BC");
-        KeyFactory          f = KeyFactory.getInstance("ECDSA", "BC");
-        PrivateKey          sKey = f.generatePrivate(priKey);
-        PublicKey           vKey = f.generatePublic(pubKey);
-
-        byte[] message = "abc".getBytes();
-        byte[] sig = Hex.decode("3040021e2cb7f36803ebb9c427c58d8265f11fc5084747133078fc279de874fbecb0021e64cb19604be06c57e761b3de5518f71de0f6e0cd2df677cec8a6ffcb690d");
-
-        checkMessage(sgr, sKey, vKey, message, sig);
-
-        message = "abcdefghijklmnopqrstuvwxyz".getBytes();
-        sig = Hex.decode("3040021e2cb7f36803ebb9c427c58d8265f11fc5084747133078fc279de874fbecb0021e43fd65b3363d76aabef8630572257dbb67c82818ad9fad31256539b1b02c");
-
-        checkMessage(sgr, sKey, vKey, message, sig);
-
-        message = "a very very long message gauranteed to cause an overflow".getBytes();
-        sig = Hex.decode("3040021e2cb7f36803ebb9c427c58d8265f11fc5084747133078fc279de874fbecb0021e7d5be84b22937a1691859a3c6fe45ed30b108574431d01b34025825ec17a");
-
-        checkMessage(sgr, sKey, vKey, message, sig);
-    }
-
-    private void testECDSAP256sha3(ASN1ObjectIdentifier sigOid, int size, BigInteger s)
-        throws Exception
-    {
-        X9ECParameters p = NISTNamedCurves.getByName("P-256");
-        KeyFactory ecKeyFact = KeyFactory.getInstance("EC", "BC");
-
-        ECDomainParameters params = new ECDomainParameters(p.getCurve(), p.getG(), p.getN(), p.getH());
-
-        ECCurve curve = p.getCurve();
-
-        ECParameterSpec spec = new ECParameterSpec(
-                curve,
-                p.getG(), // G
-                p.getN()); // n
-
-        ECPrivateKeySpec priKey = new ECPrivateKeySpec(
-                new BigInteger("20186677036482506117540275567393538695075300175221296989956723148347484984008"), // d
-                spec);
-
-        ECPublicKeySpec pubKey = new ECPublicKeySpec(
-            params.getCurve().decodePoint(Hex.decode("03596375E6CE57E0F20294FC46BDFCFD19A39F8161B58695B3EC5B3D16427C274D")), // Q
-            spec);
-
-        doEcDsaTest("SHA3-" + size + "withECDSA", s, ecKeyFact, pubKey, priKey);
-        doEcDsaTest(sigOid.getId(), s, ecKeyFact, pubKey, priKey);
-    }
-
-    private void doEcDsaTest(String sigName, BigInteger s, KeyFactory ecKeyFact, ECPublicKeySpec pubKey, ECPrivateKeySpec priKey)
-        throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, InvalidKeySpecException, SignatureException
-    {
-        SecureRandom k = new TestRandomBigInteger(BigIntegers.asUnsignedByteArray(new BigInteger("72546832179840998877302529996971396893172522460793442785601695562409154906335")));
-
-        byte[] M = Hex.decode("1BD4ED430B0F384B4E8D458EFF1A8A553286D7AC21CB2F6806172EF5F94A06AD");
-
-        Signature dsa = Signature.getInstance(sigName, "BC");
-
-        dsa.initSign(ecKeyFact.generatePrivate(priKey), k);
-
-        dsa.update(M, 0, M.length);
-
-        byte[] encSig = dsa.sign();
-
-        ASN1Sequence sig = ASN1Sequence.getInstance(encSig);
-
-        BigInteger r = new BigInteger("97354732615802252173078420023658453040116611318111190383344590814578738210384");
-
-        BigInteger sigR = ASN1Integer.getInstance(sig.getObjectAt(0)).getValue();
-        if (!r.equals(sigR))
-        {
-            fail("r component wrong." + Strings.lineSeparator()
-                + " expecting: " + r.toString(16) + Strings.lineSeparator()
-                + " got      : " + sigR.toString(16));
-        }
-
-        BigInteger sigS = ASN1Integer.getInstance(sig.getObjectAt(1)).getValue();
-        if (!s.equals(sigS))
-        {
-            fail("s component wrong." + Strings.lineSeparator()
-                + " expecting: " + s.toString(16) + Strings.lineSeparator()
-                + " got      : " + sigS.toString(16));
-        }
-
-        // Verify the signature
-        dsa.initVerify(ecKeyFact.generatePublic(pubKey));
-
-        dsa.update(M, 0, M.length);
-
-        if (!dsa.verify(encSig))
-        {
-            fail("signature fails");
-        }
-    }
-
-    private void testDSAsha3(ASN1ObjectIdentifier sigOid, int size, BigInteger s)
-        throws Exception
-    {
-        DSAParameterSpec dsaParams = new DSAParameterSpec(
-            new BigInteger(
-                        "F56C2A7D366E3EBDEAA1891FD2A0D099" +
-                        "436438A673FED4D75F594959CFFEBCA7BE0FC72E4FE67D91" +
-                        "D801CBA0693AC4ED9E411B41D19E2FD1699C4390AD27D94C" +
-                        "69C0B143F1DC88932CFE2310C886412047BD9B1C7A67F8A2" +
-                        "5909132627F51A0C866877E672E555342BDF9355347DBD43" +
-                        "B47156B2C20BAD9D2B071BC2FDCF9757F75C168C5D9FC431" +
-                        "31BE162A0756D1BDEC2CA0EB0E3B018A8B38D3EF2487782A" +
-                        "EB9FBF99D8B30499C55E4F61E5C7DCEE2A2BB55BD7F75FCD" +
-                        "F00E48F2E8356BDB59D86114028F67B8E07B127744778AFF" +
-                        "1CF1399A4D679D92FDE7D941C5C85C5D7BFF91BA69F9489D" +
-                        "531D1EBFA727CFDA651390F8021719FA9F7216CEB177BD75", 16),
-            new BigInteger("C24ED361870B61E0D367F008F99F8A1F75525889C89DB1B673C45AF5867CB467", 16),
-            new BigInteger(
-                        "8DC6CC814CAE4A1C05A3E186A6FE27EA" +
-                        "BA8CDB133FDCE14A963A92E809790CBA096EAA26140550C1" +
-                        "29FA2B98C16E84236AA33BF919CD6F587E048C52666576DB" +
-                        "6E925C6CBE9B9EC5C16020F9A44C9F1C8F7A8E611C1F6EC2" +
-                        "513EA6AA0B8D0F72FED73CA37DF240DB57BBB27431D61869" +
-                        "7B9E771B0B301D5DF05955425061A30DC6D33BB6D2A32BD0" +
-                        "A75A0A71D2184F506372ABF84A56AEEEA8EB693BF29A6403" +
-                        "45FA1298A16E85421B2208D00068A5A42915F82CF0B858C8" +
-                        "FA39D43D704B6927E0B2F916304E86FB6A1B487F07D8139E" +
-                        "428BB096C6D67A76EC0B8D4EF274B8A2CF556D279AD267CC" +
-                        "EF5AF477AFED029F485B5597739F5D0240F67C2D948A6279", 16)
-        );
-
-        BigInteger x = new BigInteger("0CAF2EF547EC49C4F3A6FE6DF4223A174D01F2C115D49A6F73437C29A2A8458C", 16);
-
-        BigInteger y = new BigInteger(
-                    "2828003D7C747199143C370FDD07A286" +
-                    "1524514ACC57F63F80C38C2087C6B795B62DE1C224BF8D1D" +
-                    "1424E60CE3F5AE3F76C754A2464AF292286D873A7A30B7EA" +
-                    "CBBC75AAFDE7191D9157598CDB0B60E0C5AA3F6EBE425500" +
-                    "C611957DBF5ED35490714A42811FDCDEB19AF2AB30BEADFF" +
-                    "2907931CEE7F3B55532CFFAEB371F84F01347630EB227A41" +
-                    "9B1F3F558BC8A509D64A765D8987D493B007C4412C297CAF" +
-                    "41566E26FAEE475137EC781A0DC088A26C8804A98C23140E" +
-                    "7C936281864B99571EE95C416AA38CEEBB41FDBFF1EB1D1D" +
-                    "C97B63CE1355257627C8B0FD840DDB20ED35BE92F08C49AE" +
-                    "A5613957D7E5C7A6D5A5834B4CB069E0831753ECF65BA02B", 16);
-
-        DSAPrivateKeySpec priKey = new DSAPrivateKeySpec(
-                x, dsaParams.getP(), dsaParams.getQ(), dsaParams.getG());
-
-        DSAPublicKeySpec pubKey = new DSAPublicKeySpec(
-            y, dsaParams.getP(), dsaParams.getQ(), dsaParams.getG());
-
-        KeyFactory dsaKeyFact = KeyFactory.getInstance("DSA", "BC");
-
-        doDsaTest("SHA3-" + size + "withDSA", s, dsaKeyFact, pubKey, priKey);
-        doDsaTest(sigOid.getId(), s, dsaKeyFact, pubKey, priKey);
-    }
-
-    private void doDsaTest(String sigName, BigInteger s, KeyFactory ecKeyFact, DSAPublicKeySpec pubKey, DSAPrivateKeySpec priKey)
-        throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, InvalidKeySpecException, SignatureException
-    {
-        SecureRandom k = new FixedSecureRandom(
-            new FixedSecureRandom.Source[] { new FixedSecureRandom.BigInteger(BigIntegers.asUnsignedByteArray(new BigInteger("72546832179840998877302529996971396893172522460793442785601695562409154906335"))),
-                new FixedSecureRandom.Data(Hex.decode("01020304")) });
-
-        byte[] M = Hex.decode("1BD4ED430B0F384B4E8D458EFF1A8A553286D7AC21CB2F6806172EF5F94A06AD");
-
-        Signature dsa = Signature.getInstance(sigName, "BC");
-
-        dsa.initSign(ecKeyFact.generatePrivate(priKey), k);
-
-        dsa.update(M, 0, M.length);
-
-        byte[] encSig = dsa.sign();
-
-        ASN1Sequence sig = ASN1Sequence.getInstance(encSig);
-
-        BigInteger r = new BigInteger("4864074fe30e6601268ee663440e4d9b703f62673419864e91e9edb0338ce510", 16);
-
-        BigInteger sigR = ASN1Integer.getInstance(sig.getObjectAt(0)).getValue();
-        if (!r.equals(sigR))
-        {
-            fail("r component wrong." + Strings.lineSeparator()
-                + " expecting: " + r.toString(16) + Strings.lineSeparator()
-                + " got      : " + sigR.toString(16));
-        }
-
-        BigInteger sigS = ASN1Integer.getInstance(sig.getObjectAt(1)).getValue();
-        if (!s.equals(sigS))
-        {
-            fail("s component wrong." + Strings.lineSeparator()
-                + " expecting: " + s.toString(16) + Strings.lineSeparator()
-                + " got      : " + sigS.toString(16));
-        }
-
-        // Verify the signature
-        dsa.initVerify(ecKeyFact.generatePublic(pubKey));
-
-        dsa.update(M, 0, M.length);
-
-        if (!dsa.verify(encSig))
-        {
-            fail("signature fails");
-        }
-    }
-
-    private void checkMessage(Signature sgr, PrivateKey sKey, PublicKey vKey, byte[] message, byte[] sig)
-        throws InvalidKeyException, SignatureException
-    {
-        byte[] kData = BigIntegers.asUnsignedByteArray(new BigInteger("700000017569056646655505781757157107570501575775705779575555657156756655"));
-
-        SecureRandom    k = new TestRandomBigInteger(kData);
-
-        sgr.initSign(sKey, k);
-
-        sgr.update(message);
-
-        byte[]  sigBytes = sgr.sign();
-
-        if (!Arrays.areEqual(sigBytes, sig))
-        {
-            fail(new String(message) + " signature incorrect");
-        }
-
-        sgr.initVerify(vKey);
-
-        sgr.update(message);
-
-        if (!sgr.verify(sigBytes))
-        {
-            fail(new String(message) + " verification failed");
-        }
-    }
-
-    /**
-     * X9.62 - 1998,<br>
-     * J.2.1, Page 100, ECDSA over the field F2m<br>
-     * an example with 191 bit binary field
-     */
-    private void testECDSA239bitBinary()
-        throws Exception
-    {
-        BigInteger r = new BigInteger("21596333210419611985018340039034612628818151486841789642455876922391552");
-        BigInteger s = new BigInteger("197030374000731686738334997654997227052849804072198819102649413465737174");
-    
-        byte[] kData = BigIntegers.asUnsignedByteArray(new BigInteger("171278725565216523967285789236956265265265235675811949404040041670216363"));
-
-        SecureRandom k = new TestRandomBigInteger(kData);
-
-        X9ECParameters x9 = ECNamedCurveTable.getByName("c2tnb239v1");
-        ECCurve curve = x9.getCurve();
-        ECParameterSpec params = new ECParameterSpec(curve, x9.getG(), x9.getN(), x9.getH());
-
-        ECPrivateKeySpec priKeySpec = new ECPrivateKeySpec(
-            new BigInteger("145642755521911534651321230007534120304391871461646461466464667494947990"), // d
-            params);
-
-        ECPublicKeySpec pubKeySpec = new ECPublicKeySpec(
-            curve.decodePoint(Hex.decode("045894609CCECF9A92533F630DE713A958E96C97CCB8F5ABB5A688A238DEED6DC2D9D0C94EBFB7D526BA6A61764175B99CB6011E2047F9F067293F57F5")), // Q
-            params);
-
-        Signature   sgr = Signature.getInstance("ECDSA", "BC");
-        KeyFactory  f = KeyFactory.getInstance("ECDSA", "BC");
-        PrivateKey  sKey = f.generatePrivate(priKeySpec);
-        PublicKey   vKey = f.generatePublic(pubKeySpec);
-        byte[]      message = new byte[] { (byte)'a', (byte)'b', (byte)'c' };
-       
-        sgr.initSign(sKey, k);
-
-        sgr.update(message);
-        
-        byte[]  sigBytes = sgr.sign();
-
-        sgr.initVerify(vKey);
-
-        sgr.update(message);
-
-        if (!sgr.verify(sigBytes))
-        {
-            fail("239 Bit EC verification failed");
-        }
-
-        BigInteger[]  sig = derDecode(sigBytes);
-
-        if (!r.equals(sig[0]))
-        {
-            fail("r component wrong." + Strings.lineSeparator()
-                + " expecting: " + r + Strings.lineSeparator()
-                + " got      : " + sig[0]);
-        }
-
-        if (!s.equals(sig[1]))
-        {
-            fail("s component wrong." + Strings.lineSeparator()
-                + " expecting: " + s + Strings.lineSeparator()
-                + " got      : " + sig[1]);
-        }
-    }
-
-    private void testECDSA239bitBinary(String algorithm, ASN1ObjectIdentifier oid)
-        throws Exception
-    {
-        byte[] kData = BigIntegers.asUnsignedByteArray(new BigInteger("171278725565216523967285789236956265265265235675811949404040041670216363"));
-
-        SecureRandom k = new TestRandomBigInteger(kData);
-
-        X9ECParameters x9 = ECNamedCurveTable.getByName("c2tnb239v1");
-        ECCurve curve = x9.getCurve();
-        ECParameterSpec params = new ECParameterSpec(curve, x9.getG(), x9.getN(), x9.getH());
-
-        ECPrivateKeySpec priKeySpec = new ECPrivateKeySpec(
-            new BigInteger("145642755521911534651321230007534120304391871461646461466464667494947990"), // d
-            params);
-
-        ECPublicKeySpec pubKeySpec = new ECPublicKeySpec(
-            curve.decodePoint(Hex.decode("045894609CCECF9A92533F630DE713A958E96C97CCB8F5ABB5A688A238DEED6DC2D9D0C94EBFB7D526BA6A61764175B99CB6011E2047F9F067293F57F5")), // Q
-            params);
-
-        Signature   sgr = Signature.getInstance(algorithm, "BC");
-        KeyFactory  f = KeyFactory.getInstance("ECDSA", "BC");
-        PrivateKey  sKey = f.generatePrivate(priKeySpec);
-        PublicKey   vKey = f.generatePublic(pubKeySpec);
-        byte[]      message = new byte[] { (byte)'a', (byte)'b', (byte)'c' };
-
-        sgr.initSign(sKey, k);
-
-        sgr.update(message);
-
-        byte[]  sigBytes = sgr.sign();
-
-        sgr = Signature.getInstance(oid.getId(), "BC");
-
-        sgr.initVerify(vKey);
-
-        sgr.update(message);
-
-        if (!sgr.verify(sigBytes))
-        {
-            fail("239 Bit EC RIPEMD160 verification failed");
-        }
-    }
-
-    private void testGeneration()
-        throws Exception
-    {
-        Signature           s = Signature.getInstance("DSA", "BC");
-        KeyPairGenerator    g = KeyPairGenerator.getInstance("DSA", "BC");
-        byte[]              data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 };
-
-
-        // test exception
-        //
-        try
-        {
-            g.initialize(513, new SecureRandom());
-
-            fail("illegal parameter 513 check failed.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-
-        try
-        {
-            g.initialize(510, new SecureRandom());
-
-            fail("illegal parameter 510 check failed.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-
-        try
-        {
-            g.initialize(1025, new SecureRandom());
-
-            fail("illegal parameter 1025 check failed.");
-        }
-        catch (IllegalArgumentException e)
-        {
-            // expected
-        }
-
-        g.initialize(512, new SecureRandom());
-
-        KeyPair p = g.generateKeyPair();
-
-        PrivateKey  sKey = p.getPrivate();
-        PublicKey   vKey = p.getPublic();
-
-        s.initSign(sKey);
-
-        s.update(data);
-
-        byte[]  sigBytes = s.sign();
-
-        s = Signature.getInstance("DSA", "BC");
-
-        s.initVerify(vKey);
-
-        s.update(data);
-
-        if (!s.verify(sigBytes))
-        {
-            fail("DSA verification failed");
-        }
-
-        //
-        // key decoding test - serialisation test
-        //
-
-        DSAPublicKey k1 = (DSAPublicKey)serializeDeserialize(vKey);
-
-        checkPublic(k1, vKey);
-
-        checkEquals(k1, vKey);
-
-        DSAPrivateKey k2 = (DSAPrivateKey)serializeDeserialize(sKey);
-
-        checkPrivateKey(k2, sKey);
-
-        checkEquals(k2, sKey);
-
-        if (!(k2 instanceof PKCS12BagAttributeCarrier))
-        {
-            fail("private key not implementing PKCS12 attribute carrier");
-        }
-
-        //
-        // ECDSA Fp generation test
-        //
-        s = Signature.getInstance("ECDSA", "BC");
-        g = KeyPairGenerator.getInstance("ECDSA", "BC");
-
-        X9ECParameters x9 = ECNamedCurveTable.getByName("prime239v1");
-        ECCurve curve = x9.getCurve();
-        ECParameterSpec ecSpec = new ECParameterSpec(curve, x9.getG(), x9.getN(), x9.getH());
-
-        g.initialize(ecSpec, new SecureRandom());
-
-        p = g.generateKeyPair();
-
-        sKey = p.getPrivate();
-        vKey = p.getPublic();
-
-        s.initSign(sKey);
-
-        s.update(data);
-
-        sigBytes = s.sign();
-
-        s = Signature.getInstance("ECDSA", "BC");
-
-        s.initVerify(vKey);
-
-        s.update(data);
-
-        if (!s.verify(sigBytes))
-        {
-            fail("ECDSA verification failed");
-        }
-
-        //
-        // key decoding test - serialisation test
-        //
-
-        PublicKey eck1 = (PublicKey)serializeDeserialize(vKey);
-
-        checkEquals(eck1, vKey);
-
-        PrivateKey eck2 = (PrivateKey)serializeDeserialize(sKey);
-
-        checkEquals(eck2, sKey);
-
-        // Named curve parameter
-        g.initialize(new ECNamedCurveGenParameterSpec("P-256"), new SecureRandom());
-
-        p = g.generateKeyPair();
-
-        sKey = p.getPrivate();
-        vKey = p.getPublic();
-
-        s.initSign(sKey);
-
-        s.update(data);
-
-        sigBytes = s.sign();
-
-        s = Signature.getInstance("ECDSA", "BC");
-
-        s.initVerify(vKey);
-
-        s.update(data);
-
-        if (!s.verify(sigBytes))
-        {
-            fail("ECDSA verification failed");
-        }
-
-        //
-        // key decoding test - serialisation test
-        //
-
-        eck1 = (PublicKey)serializeDeserialize(vKey);
-
-        checkEquals(eck1, vKey);
-
-        eck2 = (PrivateKey)serializeDeserialize(sKey);
-
-        checkEquals(eck2, sKey);
-
-        //
-        // ECDSA F2m generation test
-        //
-        s = Signature.getInstance("ECDSA", "BC");
-        g = KeyPairGenerator.getInstance("ECDSA", "BC");
-
-        x9 = ECNamedCurveTable.getByName("c2tnb239v1");
-        curve = x9.getCurve();
-        ecSpec = new ECParameterSpec(curve, x9.getG(), x9.getN(), x9.getH());
-
-        g.initialize(ecSpec, new SecureRandom());
-
-        p = g.generateKeyPair();
-
-        sKey = p.getPrivate();
-        vKey = p.getPublic();
-
-        s.initSign(sKey);
-
-        s.update(data);
-
-        sigBytes = s.sign();
-
-        s = Signature.getInstance("ECDSA", "BC");
-
-        s.initVerify(vKey);
-
-        s.update(data);
-
-        if (!s.verify(sigBytes))
-        {
-            fail("ECDSA verification failed");
-        }
-
-        //
-        // key decoding test - serialisation test
-        //
-
-        eck1 = (PublicKey)serializeDeserialize(vKey);
-
-        checkEquals(eck1, vKey);
-
-        eck2 = (PrivateKey)serializeDeserialize(sKey);
-
-        checkEquals(eck2, sKey);
-
-        if (!(eck2 instanceof PKCS12BagAttributeCarrier))
-        {
-            fail("private key not implementing PKCS12 attribute carrier");
-        }
-    }
-
-    private void checkEquals(Object o1, Object o2)
-    {
-        if (!o1.equals(o2))
-        {
-            fail("comparison test failed");
-        }
-
-        if (o1.hashCode() != o2.hashCode())
-        {
-            fail("hashCode test failed");
-        }
-    }
-    
-    private void testParameters()
-        throws Exception
-    {
-        AlgorithmParameterGenerator a = AlgorithmParameterGenerator.getInstance("DSA", "BC");
-        a.init(512, random);
-        AlgorithmParameters params = a.generateParameters();
-        
-        byte[] encodeParams = params.getEncoded();
-        
-        AlgorithmParameters a2 = AlgorithmParameters.getInstance("DSA", "BC");
-        a2.init(encodeParams);
-        
-        // a and a2 should be equivalent!
-        byte[] encodeParams_2 = a2.getEncoded();
-        
-        if (!areEqual(encodeParams, encodeParams_2))
-        {
-            fail("encode/decode parameters failed");
-        }
-        
-        DSAParameterSpec dsaP = (DSAParameterSpec)params.getParameterSpec(DSAParameterSpec.class);
-        
-        KeyPairGenerator    g = KeyPairGenerator.getInstance("DSA", "BC");
-        g.initialize(dsaP, new SecureRandom());
-        KeyPair p = g.generateKeyPair();
-        
-        PrivateKey  sKey = p.getPrivate();
-        PublicKey   vKey = p.getPublic();
-        
-        Signature           s = Signature.getInstance("DSA", "BC");
-        byte[]              data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 };
-        
-        s.initSign(sKey);
-        
-        s.update(data);
-        
-        byte[]  sigBytes = s.sign();
-        
-        s = Signature.getInstance("DSA", "BC");
-        
-        s.initVerify(vKey);
-        
-        s.update(data);
-        
-        if (!s.verify(sigBytes))
-        {
-            fail("DSA verification failed");
-        }
-    }
-
-    private void testDSA2Parameters()
-        throws Exception
-    {
-        byte[] seed = Hex.decode("4783081972865EA95D43318AB2EAF9C61A2FC7BBF1B772A09017BDF5A58F4FF0");
-
-        AlgorithmParameterGenerator a = AlgorithmParameterGenerator.getInstance("DSA", "BC");
-        a.init(2048, new DSATestSecureRandom(seed));
-        AlgorithmParameters params = a.generateParameters();
-
-        DSAParameterSpec dsaP = (DSAParameterSpec)params.getParameterSpec(DSAParameterSpec.class);
-
-        if (!dsaP.getQ().equals(new BigInteger("C24ED361870B61E0D367F008F99F8A1F75525889C89DB1B673C45AF5867CB467", 16)))
-        {
-            fail("Q incorrect");
-        }
-
-        if (!dsaP.getP().equals(new BigInteger(
-            "F56C2A7D366E3EBDEAA1891FD2A0D099" +
-            "436438A673FED4D75F594959CFFEBCA7BE0FC72E4FE67D91" +
-            "D801CBA0693AC4ED9E411B41D19E2FD1699C4390AD27D94C" +
-            "69C0B143F1DC88932CFE2310C886412047BD9B1C7A67F8A2" +
-            "5909132627F51A0C866877E672E555342BDF9355347DBD43" +
-            "B47156B2C20BAD9D2B071BC2FDCF9757F75C168C5D9FC431" +
-            "31BE162A0756D1BDEC2CA0EB0E3B018A8B38D3EF2487782A" +
-            "EB9FBF99D8B30499C55E4F61E5C7DCEE2A2BB55BD7F75FCD" +
-            "F00E48F2E8356BDB59D86114028F67B8E07B127744778AFF" +
-            "1CF1399A4D679D92FDE7D941C5C85C5D7BFF91BA69F9489D" +
-            "531D1EBFA727CFDA651390F8021719FA9F7216CEB177BD75", 16)))
-        {
-            fail("P incorrect");
-        }
-
-        if (!dsaP.getG().equals(new BigInteger(
-            "8DC6CC814CAE4A1C05A3E186A6FE27EA" +
-            "BA8CDB133FDCE14A963A92E809790CBA096EAA26140550C1" +
-            "29FA2B98C16E84236AA33BF919CD6F587E048C52666576DB" +
-            "6E925C6CBE9B9EC5C16020F9A44C9F1C8F7A8E611C1F6EC2" +
-            "513EA6AA0B8D0F72FED73CA37DF240DB57BBB27431D61869" +
-            "7B9E771B0B301D5DF05955425061A30DC6D33BB6D2A32BD0" +
-            "A75A0A71D2184F506372ABF84A56AEEEA8EB693BF29A6403" +
-            "45FA1298A16E85421B2208D00068A5A42915F82CF0B858C8" +
-            "FA39D43D704B6927E0B2F916304E86FB6A1B487F07D8139E" +
-            "428BB096C6D67A76EC0B8D4EF274B8A2CF556D279AD267CC" +
-            "EF5AF477AFED029F485B5597739F5D0240F67C2D948A6279", 16)))
-        {
-            fail("G incorrect");
-        }
-
-        KeyPairGenerator    g = KeyPairGenerator.getInstance("DSA", "BC");
-        g.initialize(dsaP, new TestRandomBigInteger(Hex.decode("0CAF2EF547EC49C4F3A6FE6DF4223A174D01F2C115D49A6F73437C29A2A8458C")));
-        KeyPair p = g.generateKeyPair();
-
-        DSAPrivateKey  sKey = (DSAPrivateKey)p.getPrivate();
-        DSAPublicKey   vKey = (DSAPublicKey)p.getPublic();
-
-        if (!vKey.getY().equals(new BigInteger(
-            "2828003D7C747199143C370FDD07A286" +
-            "1524514ACC57F63F80C38C2087C6B795B62DE1C224BF8D1D" +
-            "1424E60CE3F5AE3F76C754A2464AF292286D873A7A30B7EA" +
-            "CBBC75AAFDE7191D9157598CDB0B60E0C5AA3F6EBE425500" +
-            "C611957DBF5ED35490714A42811FDCDEB19AF2AB30BEADFF" +
-            "2907931CEE7F3B55532CFFAEB371F84F01347630EB227A41" +
-            "9B1F3F558BC8A509D64A765D8987D493B007C4412C297CAF" +
-            "41566E26FAEE475137EC781A0DC088A26C8804A98C23140E" +
-            "7C936281864B99571EE95C416AA38CEEBB41FDBFF1EB1D1D" +
-            "C97B63CE1355257627C8B0FD840DDB20ED35BE92F08C49AE" +
-            "A5613957D7E5C7A6D5A5834B4CB069E0831753ECF65BA02B", 16)))
-        {
-            fail("Y value incorrect");
-        }
-
-        if (!sKey.getX().equals(
-            new BigInteger("0CAF2EF547EC49C4F3A6FE6DF4223A174D01F2C115D49A6F73437C29A2A8458C", 16)))
-        {
-            fail("X value incorrect");
-        }
-
-        byte[] encodeParams = params.getEncoded();
-
-        AlgorithmParameters a2 = AlgorithmParameters.getInstance("DSA", "BC");
-        a2.init(encodeParams);
-
-        // a and a2 should be equivalent!
-        byte[] encodeParams_2 = a2.getEncoded();
-
-        if (!areEqual(encodeParams, encodeParams_2))
-        {
-            fail("encode/decode parameters failed");
-        }
-
-        Signature           s = Signature.getInstance("DSA", "BC");
-        byte[]              data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 };
-
-        s.initSign(sKey);
-
-        s.update(data);
-
-        byte[]  sigBytes = s.sign();
-
-        s = Signature.getInstance("DSA", "BC");
-
-        s.initVerify(vKey);
-
-        s.update(data);
-
-        if (!s.verify(sigBytes))
-        {
-            fail("DSA verification failed");
-        }
-    }
-
-    private void testKeyGeneration(int keysize)
-        throws Exception
-    {
-        KeyPairGenerator generator = KeyPairGenerator.getInstance("DSA", "BC");
-        generator.initialize(keysize);
-        KeyPair keyPair = generator.generateKeyPair();
-        DSAPrivateKey priv = (DSAPrivateKey)keyPair.getPrivate();
-        DSAParams params = priv.getParams();
-        isTrue("keysize mismatch", keysize == params.getP().bitLength());
-        // The NIST standard does not fully specify the size of q that
-        // must be used for a given key size. Hence there are differences.
-        // For example if keysize = 2048, then OpenSSL uses 256 bit q's by default,
-        // but the SUN provider uses 224 bits. Both are acceptable sizes.
-        // The tests below simply asserts that the size of q does not decrease the
-        // overall security of the DSA.
-        int qsize = params.getQ().bitLength();
-        switch (keysize)
-        {
-        case 1024:
-            isTrue("Invalid qsize for 1024 bit key:" + qsize, qsize >= 160);
-            break;
-        case 2048:
-            isTrue("Invalid qsize for 2048 bit key:" + qsize, qsize >= 224);
-            break;
-        case 3072:
-            isTrue("Invalid qsize for 3072 bit key:" + qsize, qsize >= 256);
-            break;
-        default:
-            fail("Invalid key size:" + keysize);
-        }
-        // Check the length of the private key.
-        // For example GPG4Browsers or the KJUR library derived from it use
-        // q.bitCount() instead of q.bitLength() to determine the size of the private key
-        // and hence would generate keys that are much too small.
-        isTrue("privkey error", priv.getX().bitLength() >= qsize - 32);
-    }
-
-    private void testKeyGenerationAll()
-        throws Exception
-    {
-        testKeyGeneration(1024);
-        testKeyGeneration(2048);
-        testKeyGeneration(3072);
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        testCompat();
-        testNONEwithDSA();
-
-        testDSAsha3(NISTObjectIdentifiers.id_dsa_with_sha3_224, 224, new BigInteger("613202af2a7f77e02b11b5c3a5311cf6b412192bc0032aac3ec127faebfc6bd0", 16));
-        testDSAsha3(NISTObjectIdentifiers.id_dsa_with_sha3_256, 256, new BigInteger("2450755c5e15a691b121bc833b97864e34a61ee025ecec89289c949c1858091e", 16));
-        testDSAsha3(NISTObjectIdentifiers.id_dsa_with_sha3_384, 384, new BigInteger("7aad97c0b71bb1e1a6483b6948a03bbe952e4780b0cee699a11731f90d84ddd1", 16));
-        testDSAsha3(NISTObjectIdentifiers.id_dsa_with_sha3_512, 512, new BigInteger("725ad64d923c668e64e7c3898b5efde484cab49ce7f98c2885d2a13a9e355ad4", 16));
-
-        testECDSA239bitPrime();
-        testNONEwithECDSA239bitPrime();
-        testECDSA239bitBinary();
-        testECDSA239bitBinary("RIPEMD160withECDSA", TeleTrusTObjectIdentifiers.ecSignWithRipemd160);
-        testECDSA239bitBinary("SHA1withECDSA", TeleTrusTObjectIdentifiers.ecSignWithSha1);
-        testECDSA239bitBinary("SHA224withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224);
-        testECDSA239bitBinary("SHA256withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256);
-        testECDSA239bitBinary("SHA384withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384);
-        testECDSA239bitBinary("SHA512withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512);
-        testECDSA239bitBinary("SHA1withCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1);
-        testECDSA239bitBinary("SHA224withCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_224);
-        testECDSA239bitBinary("SHA256withCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_256);
-        testECDSA239bitBinary("SHA384withCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_384);
-        testECDSA239bitBinary("SHA512withCVC-ECDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_512);
-
-        testECDSAP256sha3(NISTObjectIdentifiers.id_ecdsa_with_sha3_224, 224, new BigInteger("84d7d8e68e405064109cd9fc3e3026d74d278aada14ce6b7a9dd0380c154dc94", 16));
-        testECDSAP256sha3(NISTObjectIdentifiers.id_ecdsa_with_sha3_256, 256, new BigInteger("99a43bdab4af989aaf2899079375642f2bae2dce05bcd8b72ec8c4a8d9a143f", 16));
-        testECDSAP256sha3(NISTObjectIdentifiers.id_ecdsa_with_sha3_384, 384, new BigInteger("aa27726509c37aaf601de6f7e01e11c19add99530c9848381c23365dc505b11a", 16));
-        testECDSAP256sha3(NISTObjectIdentifiers.id_ecdsa_with_sha3_512, 512, new BigInteger("f8306b57a1f5068bf12e53aabaae39e2658db39bc56747eaefb479995130ad16", 16));
-
-        testGeneration();
-        testParameters();
-        testDSA2Parameters();
-        testNullParameters();
-        testValidate();
-        testModified();
-        testKeyGenerationAll();
-    }
-
-    protected BigInteger[] derDecode(
-        byte[]  encoding)
-        throws IOException
-    {
-        ByteArrayInputStream    bIn = new ByteArrayInputStream(encoding);
-        ASN1InputStream         aIn = new ASN1InputStream(bIn);
-        ASN1Sequence            s = (ASN1Sequence)aIn.readObject();
-
-        BigInteger[]            sig = new BigInteger[2];
-
-        sig[0] = ((ASN1Integer)s.getObjectAt(0)).getValue();
-        sig[1] = ((ASN1Integer)s.getObjectAt(1)).getValue();
-
-        return sig;
-    }
-
-    public String getName()
-    {
-        return "DSA/ECDSA";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new DSATest());
-    }
-
-    private class DSATestSecureRandom
-        extends TestRandomData
-    {
-        private boolean first = true;
-
-        public DSATestSecureRandom(byte[] value)
-        {
-            super(value);
-        }
-
-       public void nextBytes(byte[] bytes)
-       {
-           if (first)
-           {
-               super.nextBytes(bytes);
-               first = false;
-           }
-           else
-           {
-               bytes[bytes.length - 1] = 2;
-           }
-       }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DSTU4145Test.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DSTU4145Test.java
deleted file mode 100644
index a07b919..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DSTU4145Test.java
+++ /dev/null

@@ -1,213 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.Signature;
-import java.security.spec.ECGenParameterSpec;
-
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECParameterSpec;
-import org.bouncycastle.jce.spec.ECPrivateKeySpec;
-import org.bouncycastle.jce.spec.ECPublicKeySpec;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestRandomBigInteger;
-
-public class DSTU4145Test
-    extends SimpleTest
-{
-
-    public String getName()
-    {
-        return "DSTU4145";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-
-        DSTU4145Test();
-        generationTest();
-        //parametersTest();
-        generateFromCurveTest();
-    }
-
-    public static void main(String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-        runTest(new DSTU4145Test());
-    }
-    
-    static final BigInteger r = new BigInteger("00f2702989366e9569d5092b83ac17f918bf040c487a", 16);
-    static final BigInteger s = new BigInteger("01dd460039db3be70392d7012f2a492d3e59091ab7a6", 16);
-    
-    private void generationTest() throws Exception
-    {
-        ECCurve.F2m curve = new ECCurve.F2m(173, 1, 2, 10, BigInteger.ZERO, new BigInteger("108576C80499DB2FC16EDDF6853BBB278F6B6FB437D9", 16));
-
-        ECParameterSpec spec = new ECParameterSpec(
-            curve,
-            curve.createPoint(new BigInteger("BE6628EC3E67A91A4E470894FBA72B52C515F8AEE9", 16), new BigInteger("D9DEEDF655CF5412313C11CA566CDC71F4DA57DB45C", 16), false),
-            new BigInteger("800000000000000000000189B4E67606E3825BB2831", 16));
-        
-        SecureRandom k = new TestRandomBigInteger(Hex.decode("00137449348C1249971759D99C252FFE1E14D8B31F00"));
-        SecureRandom keyRand = new TestRandomBigInteger(Hex.decode("0000955CD7E344303D1034E66933DC21C8044D42ADB8"));
-        
-        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DSTU4145", "BC");
-        keyGen.initialize(spec, keyRand);
-        KeyPair pair = keyGen.generateKeyPair();
-        
-        Signature sgr = Signature.getInstance("DSTU4145", "BC");
-
-        sgr.initSign(pair.getPrivate(), k);
-
-        byte[] message = new byte[]{(byte)'a', (byte)'b', (byte)'c'};
-
-        sgr.update(message);
-
-        byte[] sigBytes = sgr.sign();
-
-        sgr.initVerify(pair.getPublic());
-
-        sgr.update(message);
-
-        if (!sgr.verify(sigBytes))
-        {
-            fail("DSTU4145 verification failed");
-        }
-
-        BigInteger[] sig = decode(sigBytes);
-
-        if (!r.equals(sig[0]))
-        {
-            fail(
-                ": r component wrong." + Strings.lineSeparator()
-                    + " expecting: " + r + Strings.lineSeparator()
-                    + " got      : " + sig[0].toString(16));
-        }
-
-        if (!s.equals(sig[1]))
-        {
-            fail(
-                ": s component wrong." + Strings.lineSeparator()
-                    + " expecting: " + s + Strings.lineSeparator()
-                    + " got      : " + sig[1].toString(16));
-        }
-    }
-
-    private void generateFromCurveTest()
-        throws Exception
-    {
-        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("DSTU4145", "BC");
-
-        for (int i = 0; i != 10; i++)
-        {
-            keyGen.initialize(new ECGenParameterSpec("1.2.804.2.1.1.1.1.3.1.1.2." + i));
-        }
-
-        try
-        {
-            keyGen.initialize(new ECGenParameterSpec("1.2.804.2.1.1.1.1.3.1.1.2." + 10));
-            fail("no exception");
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            isTrue("unknown curve name: 1.2.804.2.1.1.1.1.3.1.1.2.10".equals(e.getMessage()));
-        }
-    }
-
-    private void DSTU4145Test()
-        throws Exception
-    {
-
-        SecureRandom k = new TestRandomBigInteger(Hex.decode("00137449348C1249971759D99C252FFE1E14D8B31F00"));
-
-        ECCurve.F2m curve = new ECCurve.F2m(173, 1, 2, 10, BigInteger.ZERO, new BigInteger("108576C80499DB2FC16EDDF6853BBB278F6B6FB437D9", 16));
-
-        ECParameterSpec spec = new ECParameterSpec(
-            curve,
-            curve.createPoint(new BigInteger("BE6628EC3E67A91A4E470894FBA72B52C515F8AEE9", 16), new BigInteger("D9DEEDF655CF5412313C11CA566CDC71F4DA57DB45C", 16), false),
-            new BigInteger("800000000000000000000189B4E67606E3825BB2831", 16));
-
-        ECPrivateKeySpec priKey = new ECPrivateKeySpec(
-            new BigInteger("955CD7E344303D1034E66933DC21C8044D42ADB8", 16), // d
-            spec);
-
-        ECPublicKeySpec pubKey = new ECPublicKeySpec(
-            curve.createPoint(new BigInteger("22de541d48a75c1c3b8c7c107b2551c5093c6c096e1", 16), new BigInteger("1e5b602efc0269d61e64d97c9193d2788fa05c4b7fd5", 16), false),
-            spec);
-
-        Signature sgr = Signature.getInstance("DSTU4145", "BC");
-        KeyFactory f = KeyFactory.getInstance("DSTU4145", "BC");
-        PrivateKey sKey = f.generatePrivate(priKey);
-        PublicKey vKey = f.generatePublic(pubKey);
-
-        sgr.initSign(sKey, k);
-
-        byte[] message = new byte[]{(byte)'a', (byte)'b', (byte)'c'};
-
-        sgr.update(message);
-
-        byte[] sigBytes = sgr.sign();
-
-        sgr.initVerify(vKey);
-
-        sgr.update(message);
-
-        if (!sgr.verify(sigBytes))
-        {
-            fail("DSTU4145 verification failed");
-        }
-
-        BigInteger[] sig = decode(sigBytes);
-
-        if (!r.equals(sig[0]))
-        {
-            fail(
-                ": r component wrong." + Strings.lineSeparator()
-                    + " expecting: " + r + Strings.lineSeparator()
-                    + " got      : " + sig[0].toString(16));
-        }
-
-        if (!s.equals(sig[1]))
-        {
-            fail(
-                ": s component wrong." + Strings.lineSeparator()
-                    + " expecting: " + s + Strings.lineSeparator()
-                    + " got      : " + sig[1].toString(16));
-        }
-    }
-
-    private BigInteger[] decode(
-        byte[] encoding)
-        throws IOException
-    {
-        ASN1OctetString octetString = (ASN1OctetString)ASN1OctetString.fromByteArray(encoding);
-        encoding = octetString.getOctets();
-
-        byte[] r = new byte[encoding.length / 2];
-        byte[] s = new byte[encoding.length / 2];
-
-        System.arraycopy(encoding, 0, s, 0, encoding.length / 2);
-
-        System.arraycopy(encoding, encoding.length / 2, r, 0, encoding.length / 2);
-
-        BigInteger[] sig = new BigInteger[2];
-
-        sig[0] = new BigInteger(1, r);
-        sig[1] = new BigInteger(1, s);
-
-        return sig;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DSTU7624Test.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DSTU7624Test.java
deleted file mode 100644
index 9827adc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DSTU7624Test.java
+++ /dev/null

@@ -1,359 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.DataInputStream;
-import java.io.IOException;
-import java.security.Key;
-import java.security.SecureRandom;
-import java.security.Security;
-
-import javax.crypto.Cipher;
-import javax.crypto.CipherInputStream;
-import javax.crypto.CipherOutputStream;
-import javax.crypto.KeyGenerator;
-import javax.crypto.Mac;
-import javax.crypto.SecretKey;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ua.UAObjectIdentifiers;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.encoders.Hex;
-
-/**
- * basic test class for DSTU7624
- */
-public class DSTU7624Test
-    extends BaseBlockCipherTest
-{
-    public DSTU7624Test()
-    {
-        super("DSTU7624");
-    }
-
-    public void test(
-        String name,
-        byte[] keyBytes,
-        byte[] input,
-        byte[] output)
-        throws Exception
-    {
-        Key key;
-        Cipher in, out;
-        CipherInputStream cIn;
-        CipherOutputStream cOut;
-        ByteArrayInputStream bIn;
-        ByteArrayOutputStream bOut;
-
-        key = new SecretKeySpec(keyBytes, name);
-
-        in = Cipher.getInstance(name + "/ECB/NoPadding", "BC");
-        out = Cipher.getInstance(name + "/ECB/NoPadding", "BC");
-
-        try
-        {
-            out.init(Cipher.ENCRYPT_MODE, key);
-        }
-        catch (Exception e)
-        {
-            fail("DSTU7624 failed initialisation - " + e.toString(), e);
-        }
-
-        try
-        {
-            in.init(Cipher.DECRYPT_MODE, key);
-        }
-        catch (Exception e)
-        {
-            fail("DSTU7624 failed initialisation - " + e.toString(), e);
-        }
-
-        //
-        // encryption pass
-        //
-        bOut = new ByteArrayOutputStream();
-
-        cOut = new CipherOutputStream(bOut, out);
-
-        try
-        {
-            for (int i = 0; i != input.length / 2; i++)
-            {
-                cOut.write(input[i]);
-            }
-            cOut.write(input, input.length / 2, input.length - input.length / 2);
-            cOut.close();
-        }
-        catch (IOException e)
-        {
-            fail("DSTU7624 failed encryption - " + e.toString(), e);
-        }
-
-        byte[] bytes;
-
-        bytes = bOut.toByteArray();
-
-        if (!areEqual(bytes, output))
-        {
-            fail("DSTU7624 failed encryption - expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(bytes)));
-        }
-
-        //
-        // decryption pass
-        //
-        bIn = new ByteArrayInputStream(bytes);
-
-        cIn = new CipherInputStream(bIn, in);
-
-        try
-        {
-            DataInputStream dIn = new DataInputStream(cIn);
-
-            bytes = new byte[input.length];
-
-            for (int i = 0; i != input.length / 2; i++)
-            {
-                bytes[i] = (byte)dIn.read();
-            }
-            dIn.readFully(bytes, input.length / 2, bytes.length - input.length / 2);
-        }
-        catch (Exception e)
-        {
-            fail("DSTU7624 failed encryption - " + e.toString(), e);
-        }
-
-        if (!areEqual(bytes, input))
-        {
-            fail("DSTU7624 failed decryption - expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(bytes)));
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        test("DSTU7624", Hex.decode("000102030405060708090A0B0C0D0E0F"), Hex.decode("101112131415161718191A1B1C1D1E1F"), Hex.decode("81BF1C7D779BAC20E1C9EA39B4D2AD06"));
-        test("DSTU7624", Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"), Hex.decode("202122232425262728292A2B2C2D2E2F"), Hex.decode("58EC3E091000158A1148F7166F334F14"));
-
-        test("DSTU7624-128", Hex.decode("000102030405060708090A0B0C0D0E0F"), Hex.decode("101112131415161718191A1B1C1D1E1F"), Hex.decode("81BF1C7D779BAC20E1C9EA39B4D2AD06"));
-        test("DSTU7624-128", Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"), Hex.decode("202122232425262728292A2B2C2D2E2F"), Hex.decode("58EC3E091000158A1148F7166F334F14"));
-
-        test("DSTU7624-256", Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F"), Hex.decode("202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F"), Hex.decode("F66E3D570EC92135AEDAE323DCBD2A8CA03963EC206A0D5A88385C24617FD92C"));
-        test("DSTU7624-256", Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F"), Hex.decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F"), Hex.decode("606990E9E6B7B67A4BD6D893D72268B78E02C83C3CD7E102FD2E74A8FDFE5DD9"));
-
-        test("DSTU7624-512", Hex.decode("000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F"), Hex.decode("404142434445464748494A4B4C4D4E4F505152535455565758595A5B5C5D5E5F606162636465666768696A6B6C6D6E6F707172737475767778797A7B7C7D7E7F"), Hex.decode("4A26E31B811C356AA61DD6CA0596231A67BA8354AA47F3A13E1DEEC320EB56B895D0F417175BAB662FD6F134BB15C86CCB906A26856EFEB7C5BC6472940DD9D9"));
-
-        byte[] kek1 = Hex.decode("000102030405060708090A0B0C0D0E0F");
-        byte[] in1 = Hex.decode("101112131415161718191A1B1C1D1E1F");
-        byte[] out1 = Hex.decode("1DC91DC6E52575F6DBED25ADDA95A1B6AD3E15056E489738972C199FB9EE2913");
-
-        wrapTest(1, "DSTU7624Wrap", kek1, in1, out1);
-
-        String[] oids = {
-
-            UAObjectIdentifiers.dstu7624ecb_128.getId(),
-            UAObjectIdentifiers.dstu7624ecb_256.getId(),
-            UAObjectIdentifiers.dstu7624ecb_512.getId(),
-
-            UAObjectIdentifiers.dstu7624cbc_128.getId(),
-            UAObjectIdentifiers.dstu7624cbc_256.getId(),
-            UAObjectIdentifiers.dstu7624cbc_512.getId(),
-
-            UAObjectIdentifiers.dstu7624ofb_128.getId(),
-            UAObjectIdentifiers.dstu7624ofb_256.getId(),
-            UAObjectIdentifiers.dstu7624ofb_512.getId(),
-
-            UAObjectIdentifiers.dstu7624cfb_128.getId(),
-            UAObjectIdentifiers.dstu7624cfb_256.getId(),
-            UAObjectIdentifiers.dstu7624cfb_512.getId(),
-
-            UAObjectIdentifiers.dstu7624ctr_128.getId(),
-            UAObjectIdentifiers.dstu7624ctr_256.getId(),
-            UAObjectIdentifiers.dstu7624ctr_512.getId(),
-
-            UAObjectIdentifiers.dstu7624ccm_128.getId(),
-            UAObjectIdentifiers.dstu7624ccm_256.getId(),
-            UAObjectIdentifiers.dstu7624ccm_512.getId(),
-        };
-
-        String[] names = {
-            "DSTU7624-128/ECB/PKCS7Padding",
-            "DSTU7624-256/ECB/PKCS7Padding",
-            "DSTU7624-512/ECB/PKCS7Padding",
-            "DSTU7624-128/CBC/PKCS7Padding",
-            "DSTU7624-256/CBC/PKCS7Padding",
-            "DSTU7624-512/CBC/PKCS7Padding",
-            "DSTU7624-128/OFB/NoPadding",
-            "DSTU7624-256/OFB/NoPadding",
-            "DSTU7624-512/OFB/NoPadding",
-            "DSTU7624-128/CFB/NoPadding",
-            "DSTU7624-256/CFB/NoPadding",
-            "DSTU7624-512/CFB/NoPadding",
-            "DSTU7624-128/CTR/NoPadding",
-            "DSTU7624-256/CTR/NoPadding",
-            "DSTU7624-512/CTR/NoPadding",
-            "DSTU7624-128/CCM/NoPadding",
-            "DSTU7624-256/CCM/NoPadding",
-            "DSTU7624-512/CCM/NoPadding",
-        };
-
-        int[] keyBlockLengths = {
-            16,
-            32,
-            64,
-            16,
-            32,
-            64,
-            16,
-            32,
-            64,
-            16,
-            32,
-            64,
-            16,
-            32,
-            64,
-            16,
-            32,
-            64,
-        };
-
-        oidTest(oids, names, keyBlockLengths);
-
-        wrapOidTest(UAObjectIdentifiers.dstu7624kw_128, "DSTU7624Wrap", 16);
-
-        wrapOidTest(UAObjectIdentifiers.dstu7624kw_256, "DSTU7624-256Wrap", 32);
-
-        wrapOidTest(UAObjectIdentifiers.dstu7624kw_512, "DSTU7624-512Wrap", 64);
-
-        macOidTest(UAObjectIdentifiers.dstu7624gmac_128, "DSTU7624GMAC", 16);
-
-        macOidTest(UAObjectIdentifiers.dstu7624gmac_128, "DSTU7624-128GMAC", 16);
-
-        macOidTest(UAObjectIdentifiers.dstu7624gmac_256, "DSTU7624-256GMAC", 32);
-
-        macOidTest(UAObjectIdentifiers.dstu7624gmac_512, "DSTU7624-512GMAC", 64);
-    }
-
-    protected void wrapOidTest(ASN1ObjectIdentifier oid, String name, int blockLength)
-        throws Exception
-    {
-        SecureRandom random = new SecureRandom();
-
-        byte[] data = new byte[blockLength];
-
-        random.nextBytes(data);
-
-        Cipher c1 = Cipher.getInstance(oid.getId(), "BC");
-        Cipher c2 = Cipher.getInstance(name, "BC");
-        KeyGenerator kg = KeyGenerator.getInstance(oid.getId(), "BC");
-
-        SecretKey k = kg.generateKey();
-
-        c1.init(Cipher.WRAP_MODE, k);
-        c2.init(Cipher.UNWRAP_MODE, k);
-
-        Key wKey = c2.unwrap(c1.wrap(new SecretKeySpec(data, algorithm)), algorithm, Cipher.SECRET_KEY);
-
-        if (!areEqual(data, wKey.getEncoded()))
-        {
-            fail("failed wrap OID test");
-        }
-
-        if (k.getEncoded().length != blockLength)
-        {
-            fail("failed key length test");
-        }
-    }
-
-    protected void macOidTest(ASN1ObjectIdentifier oid, String name, int blockLength)
-        throws Exception
-    {
-        SecureRandom random = new SecureRandom();
-
-        byte[] data = new byte[blockLength];
-
-        random.nextBytes(data);
-
-        Mac m1 = Mac.getInstance(oid.getId(), "BC");
-        Mac m2 = Mac.getInstance(name, "BC");
-        KeyGenerator kg = KeyGenerator.getInstance(oid.getId(), "BC");
-
-        SecretKey k = kg.generateKey();
-
-        m1.init(k, new IvParameterSpec(new byte[blockLength]));
-        m2.init(k, new IvParameterSpec(new byte[blockLength]));
-
-        m1.update(data);
-
-        m2.update(data);
-
-        byte[] mac = m1.doFinal();
-
-        if (mac.length != blockLength)
-        {
-            fail("mac wrong size");
-        }
-        if (!areEqual(mac, m2.doFinal()))
-        {
-            fail("failed mac OID test");
-        }
-
-        if (k.getEncoded().length != blockLength)
-        {
-            fail("failed key length test");
-        }
-    }
-
-    private void oidTest(String[] oids, String[] names, int[] keyBlockLengths)
-        throws Exception
-    {
-        SecureRandom random = new SecureRandom();
-
-        for (int i = 0; i != oids.length; i++)
-        {
-            byte[] data = new byte[keyBlockLengths[i]];
-
-            random.nextBytes(data);
-
-            IvParameterSpec ivSpec = new IvParameterSpec(new byte[keyBlockLengths[i]]);
-            Cipher c1 = Cipher.getInstance(oids[i], "BC");
-            Cipher c2 = Cipher.getInstance(names[i], "BC");
-            KeyGenerator kg = KeyGenerator.getInstance(oids[i], "BC");
-
-            SecretKey k = kg.generateKey();
-
-            if (names[i].indexOf("/ECB/") > 0)
-            {
-                c1.init(Cipher.ENCRYPT_MODE, k);
-                c2.init(Cipher.DECRYPT_MODE, k);
-            }
-            else
-            {
-                c1.init(Cipher.ENCRYPT_MODE, k, ivSpec);
-                c2.init(Cipher.DECRYPT_MODE, k, ivSpec);
-            }
-
-            byte[] result = c2.doFinal(c1.doFinal(data));
-
-            if (!areEqual(data, result))
-            {
-                fail("failed OID test: " + names[i]);
-            }
-
-            if (k.getEncoded().length != keyBlockLengths[i])
-            {
-                fail("failed key length test");
-            }
-        }
-    }
-
-    public static void main(
-        String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new DSTU7624Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DetDSATest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DetDSATest.java
deleted file mode 100644
index 8e75b47..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DetDSATest.java
+++ /dev/null

@@ -1,167 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.math.BigInteger;
-import java.security.KeyFactory;
-import java.security.PrivateKey;
-import java.security.Security;
-import java.security.Signature;
-import java.security.spec.DSAPrivateKeySpec;
-import java.security.spec.ECFieldFp;
-import java.security.spec.ECParameterSpec;
-import java.security.spec.ECPoint;
-import java.security.spec.ECPrivateKeySpec;
-import java.security.spec.EllipticCurve;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.nist.NISTNamedCurves;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Tests are taken from RFC 6979 - "Deterministic Usage of the Digital Signature Algorithm (DSA) and Elliptic Curve Digital Signature Algorithm (ECDSA)"
- */
-public class DetDSATest
-    extends SimpleTest
-{
-
-    public static final byte[] SAMPLE = Hex.decode("73616d706c65"); // "sample"
-    public static final byte[] TEST = Hex.decode("74657374"); // "test"
-
-    // test vectors from appendix in RFC 6979
-    private void testHMacDeterministic()
-        throws Exception
-    {
-        DSAPrivateKeySpec privKeySpec = new DSAPrivateKeySpec(new BigInteger("411602CB19A6CCC34494D79D98EF1E7ED5AF25F7", 16),
-            new BigInteger("86F5CA03DCFEB225063FF830A0C769B9DD9D6153AD91D7CE27F787C43278B447" +
-                           "E6533B86B18BED6E8A48B784A14C252C5BE0DBF60B86D6385BD2F12FB763ED88" +
-                           "73ABFD3F5BA2E0A8C0A59082EAC056935E529DAF7C610467899C77ADEDFC846C" +
-                           "881870B7B19B2B58F9BE0521A17002E3BDD6B86685EE90B3D9A1B02B782B1779", 16),
-            new BigInteger("996F967F6C8E388D9E28D01E205FBA957A5698B1", 16),
-            new BigInteger("07B0F92546150B62514BB771E2A0C0CE387F03BDA6C56B505209FF25FD3C133D" +
-                           "89BBCD97E904E09114D9A7DEFDEADFC9078EA544D2E401AEECC40BB9FBBF78FD" +
-                           "87995A10A1C27CB7789B594BA7EFB5C4326A9FE59A070E136DB77175464ADCA4" +
-                           "17BE5DCE2F40D10A46A3A3943F26AB7FD9C0398FF8C76EE0A56826A8A88F1DBD", 16));
-
-        KeyFactory keyFact = KeyFactory.getInstance("DSA", "BC");
-
-        PrivateKey privKey = keyFact.generatePrivate(privKeySpec);
-
-        doTestHMACDetDSASample("SHA1withDDSA", privKey, new BigInteger("2E1A0C2562B2912CAAF89186FB0F42001585DA55", 16), new BigInteger("29EFB6B0AFF2D7A68EB70CA313022253B9A88DF5", 16));
-        doTestHMACDetDSASample("SHA224withDDSA", privKey, new BigInteger("4BC3B686AEA70145856814A6F1BB53346F02101E", 16), new BigInteger("410697B92295D994D21EDD2F4ADA85566F6F94C1", 16));
-        doTestHMACDetDSASample("SHA256withDDSA", privKey, new BigInteger("81F2F5850BE5BC123C43F71A3033E9384611C545", 16), new BigInteger("4CDD914B65EB6C66A8AAAD27299BEE6B035F5E89", 16));
-        doTestHMACDetDSASample("SHA384withDDSA", privKey, new BigInteger("07F2108557EE0E3921BC1774F1CA9B410B4CE65A", 16), new BigInteger("54DF70456C86FAC10FAB47C1949AB83F2C6F7595", 16));
-        doTestHMACDetDSASample("SHA512withDDSA", privKey, new BigInteger("16C3491F9B8C3FBBDD5E7A7B667057F0D8EE8E1B", 16), new BigInteger("02C36A127A7B89EDBB72E4FFBC71DABC7D4FC69C", 16));
-
-        doTestHMACDetDSATest("SHA3-224withDDSA", privKey, new BigInteger("58748b6ca41d25e41f7bfa51fed204a10a1bd1d3", 16), new BigInteger("86de2fdad0bc848dd20ddd9dc6253fc6d7553268", 16));
-        doTestHMACDetDSATest("SHA3-256withDDSA", privKey, new BigInteger("98c7a7906ada494285b3ab15cf9188a425f26bd4", 16), new BigInteger("21c5ed876037470d3959fa12f918674a4bf190e9", 16));
-        doTestHMACDetDSATest("SHA3-384withDDSA", privKey, new BigInteger("445ec584ec15c14abc67c99886a30a286cc83b33", 16), new BigInteger("21f564d5bb4b175e89a1a6fb2f27cd34c861142d", 16));
-        doTestHMACDetDSATest("SHA3-512withDDSA", privKey, new BigInteger("16918083f4c3ff4fc9b327e9e120a30ec39faaf6", 16), new BigInteger("1e9183a1dc7c20dbb596920cd94da3844a087203", 16));
-    }
-
-    private void doTestHMACDetDSASample(String algName, PrivateKey privKey, BigInteger r, BigInteger s)
-        throws Exception
-    {
-        doTestHMACDetECDSA(Signature.getInstance(algName, "BC"), SAMPLE, privKey, r, s);
-    }
-
-    private void doTestHMACDetDSATest(String algName, PrivateKey privKey, BigInteger r, BigInteger s)
-        throws Exception
-    {
-        doTestHMACDetECDSA(Signature.getInstance(algName, "BC"), TEST, privKey, r, s);
-    }
-
-    // test vectors from appendix in RFC 6979
-    private void testECHMacDeterministic()
-        throws Exception
-    {
-        X9ECParameters x9ECParameters = NISTNamedCurves.getByName("P-192");
-        ECCurve curve = x9ECParameters.getCurve();
-
-        ECPrivateKeySpec privKeySpec = new ECPrivateKeySpec(new BigInteger("6FAB034934E4C0FC9AE67F5B5659A9D7D1FEFD187EE09FD4", 16),
-            new ECParameterSpec(
-                new EllipticCurve(new ECFieldFp(((ECCurve.Fp)curve).getQ()), curve.getA().toBigInteger(), curve.getB().toBigInteger(), null),
-                new ECPoint(x9ECParameters.getG().getXCoord().toBigInteger(), x9ECParameters.getG().getYCoord().toBigInteger()),
-                x9ECParameters.getN(), x9ECParameters.getH().intValue())
-            );
-
-        KeyFactory keyFact = KeyFactory.getInstance("ECDSA", "BC");
-
-        PrivateKey privKey = keyFact.generatePrivate(privKeySpec);
-
-        doTestHMACDetECDSASample("SHA1withECDDSA", privKey,   new BigInteger("98C6BD12B23EAF5E2A2045132086BE3EB8EBD62ABF6698FF", 16), new BigInteger("57A22B07DEA9530F8DE9471B1DC6624472E8E2844BC25B64", 16));
-        doTestHMACDetECDSASample("SHA224withECDDSA", privKey, new BigInteger("A1F00DAD97AEEC91C95585F36200C65F3C01812AA60378F5", 16), new BigInteger("E07EC1304C7C6C9DEBBE980B9692668F81D4DE7922A0F97A", 16));
-        doTestHMACDetECDSASample("SHA256withECDDSA", privKey, new BigInteger("4B0B8CE98A92866A2820E20AA6B75B56382E0F9BFD5ECB55", 16), new BigInteger("CCDB006926EA9565CBADC840829D8C384E06DE1F1E381B85", 16));
-        doTestHMACDetECDSASample("SHA384withECDDSA", privKey, new BigInteger("DA63BF0B9ABCF948FBB1E9167F136145F7A20426DCC287D5", 16), new BigInteger("C3AA2C960972BD7A2003A57E1C4C77F0578F8AE95E31EC5E", 16));
-        doTestHMACDetECDSASample("SHA512withECDDSA", privKey, new BigInteger("4D60C5AB1996BD848343B31C00850205E2EA6922DAC2E4B8", 16), new BigInteger("3F6E837448F027A1BF4B34E796E32A811CBB4050908D8F67", 16));
-
-        doTestHMACDetECDSATest("SHA1withECDDSA", privKey,   new BigInteger("0F2141A0EBBC44D2E1AF90A50EBCFCE5E197B3B7D4DE036D", 16), new BigInteger("EB18BC9E1F3D7387500CB99CF5F7C157070A8961E38700B7", 16));
-        doTestHMACDetECDSATest("SHA224withECDDSA", privKey, new BigInteger("6945A1C1D1B2206B8145548F633BB61CEF04891BAF26ED34", 16), new BigInteger("B7FB7FDFC339C0B9BD61A9F5A8EAF9BE58FC5CBA2CB15293", 16));
-        doTestHMACDetECDSATest("SHA256withECDDSA", privKey, new BigInteger("3A718BD8B4926C3B52EE6BBE67EF79B18CB6EB62B1AD97AE", 16), new BigInteger("5662E6848A4A19B1F1AE2F72ACD4B8BBE50F1EAC65D9124F", 16));
-        doTestHMACDetECDSATest("SHA384withECDDSA", privKey, new BigInteger("B234B60B4DB75A733E19280A7A6034BD6B1EE88AF5332367", 16), new BigInteger("7994090B2D59BB782BE57E74A44C9A1C700413F8ABEFE77A", 16));
-        doTestHMACDetECDSATest("SHA512withECDDSA", privKey, new BigInteger("FE4F4AE86A58B6507946715934FE2D8FF9D95B6B098FE739", 16), new BigInteger("74CF5605C98FBA0E1EF34D4B5A1577A7DCF59457CAE52290", 16));
-
-        doTestHMACDetECDSATest("SHA3-224withECDDSA", privKey, new BigInteger("abfcb817d04cc223f0d9c02c6db9230a91f955bf4556e0c6", 16), new BigInteger("ec2c29065a50d8ea39533d49472ccf538a5388cb31900e8f", 16));
-        doTestHMACDetECDSATest("SHA3-256withECDDSA", privKey, new BigInteger("a2c2d5362d3cea77191edb239bf22a14dcc59d6500a744fc", 16), new BigInteger("6c63f3012353082026be7e2c6f37e6d7811066ddc9b9ee47", 16));
-        doTestHMACDetECDSATest("SHA3-384withECDDSA", privKey, new BigInteger("2ff2c37d48cd6691c8adb9d2b1c1af203a1a6b8769c588dd", 16), new BigInteger("79c8171097f845c608dafd218ba096a51e0e4882faf2c08d", 16));
-        doTestHMACDetECDSATest("SHA3-512withECDDSA", privKey, new BigInteger("384619b82461f4cc852dfa1e87cd87105e8eb3cfd0fb6461", 16), new BigInteger("d0aac03f72e90942821e3af1f77fd8a6ae82d1ed31b8ed06", 16));
-    }
-
-    private void doTestHMACDetECDSASample(String sigAlg, PrivateKey privKey, BigInteger r, BigInteger s)
-        throws Exception
-    {
-        doTestHMACDetECDSA(Signature.getInstance(sigAlg, "BC"), SAMPLE, privKey, r, s);
-    }
-
-    private void doTestHMACDetECDSATest(String sigAlg, PrivateKey privKey, BigInteger r, BigInteger s)
-        throws Exception
-    {
-        doTestHMACDetECDSA(Signature.getInstance(sigAlg, "BC"), TEST, privKey, r, s);
-    }
-
-    private void doTestHMACDetECDSA(Signature detSigner, byte[] data, PrivateKey privKey, BigInteger r, BigInteger s)
-        throws Exception
-    {
-        detSigner.initSign(privKey);
-
-        detSigner.update(data, 0, data.length);
-
-        byte[] m = detSigner.sign();
-
-        ASN1Sequence seq = ASN1Sequence.getInstance(m);
-
-        if (!r.equals(ASN1Integer.getInstance(seq.getObjectAt(0)).getValue()))
-        {
-            fail("r value wrong, got " + ASN1Integer.getInstance(seq.getObjectAt(0)).getValue().toString(16) + " expected " + r.toString(16));
-        }
-        if (!s.equals(ASN1Integer.getInstance(seq.getObjectAt(1)).getValue()))
-        {
-            fail("s value wrong, got " + ASN1Integer.getInstance(seq.getObjectAt(1)).getValue().toString(16));
-        }
-    }
-
-    public String getName()
-    {
-        return "DetDSA";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        testHMacDeterministic();
-        testECHMacDeterministic();
-    }
-
-
-    public static void main(
-        String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new DetDSATest());
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DigestTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DigestTest.java
deleted file mode 100644
index e9b4a58..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DigestTest.java
+++ /dev/null

@@ -1,215 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.security.MessageDigest;
-import java.security.Security;
-
-import org.bouncycastle.asn1.iso.ISOIECObjectIdentifiers;
-import org.bouncycastle.asn1.misc.MiscObjectIdentifiers;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-import org.bouncycastle.asn1.ua.UAObjectIdentifiers;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class DigestTest
-    extends SimpleTest
-{
-    final static String provider = "BC";
-
-    static private String[][] abcVectors =
-    {
-        { "MD2", "da853b0d3f88d99b30283a69e6ded6bb" },
-        { "MD4", "a448017aaf21d8525fc10ae87aa6729d" },
-        { "MD5", "900150983cd24fb0d6963f7d28e17f72"},
-        { "SHA-1", "a9993e364706816aba3e25717850c26c9cd0d89d" },
-        { "SHA-224", "23097d223405d8228642a477bda255b32aadbce4bda0b3f7e36c9da7" },
-        { "SHA-256", "ba7816bf8f01cfea414140de5dae2223b00361a396177a9cb410ff61f20015ad" },
-        { "SHA-384", "cb00753f45a35e8bb5a03d699ac65007272c32ab0eded1631a8b605a43ff5bed8086072ba1e7cc2358baeca134c825a7" },
-        { "SHA-512", "ddaf35a193617abacc417349ae20413112e6fa4e89a97ea20a9eeee64b55d39a2192992a274fc1a836ba3c23a3feebbd454d4423643ce80e2a9ac94fa54ca49f" },
-        { "SHA-512/224", "4634270F707B6A54DAAE7530460842E20E37ED265CEEE9A43E8924AA" },
-        { "SHA-512/256", "53048E2681941EF99B2E29B76B4C7DABE4C2D0C634FC6D46E0E2F13107E7AF23" },
-        { "RIPEMD128", "c14a12199c66e4ba84636b0f69144c77" },
-        { TeleTrusTObjectIdentifiers.ripemd128.getId(), "c14a12199c66e4ba84636b0f69144c77" },
-        { "RIPEMD160", "8eb208f7e05d987a9b044a8e98c6b087f15a0bfc" },
-        { TeleTrusTObjectIdentifiers.ripemd160.getId(),  "8eb208f7e05d987a9b044a8e98c6b087f15a0bfc" },
-        { "RIPEMD256", "afbd6e228b9d8cbbcef5ca2d03e6dba10ac0bc7dcbe4680e1e42d2e975459b65" },
-        { TeleTrusTObjectIdentifiers.ripemd256.getId(), "afbd6e228b9d8cbbcef5ca2d03e6dba10ac0bc7dcbe4680e1e42d2e975459b65" },
-        { "RIPEMD320", "de4c01b3054f8930a79d09ae738e92301e5a17085beffdc1b8d116713e74f82fa942d64cdbc4682d" },
-        { "Tiger", "2AAB1484E8C158F2BFB8C5FF41B57A525129131C957B5F93" },
-        { "GOST3411", "b285056dbf18d7392d7677369524dd14747459ed8143997e163b2986f92fd42c" },
-        { "WHIRLPOOL", "4E2448A4C6F486BB16B6562C73B4020BF3043E3A731BCE721AE1B303D97E6D4C7181EEBDB6C57E277D0E34957114CBD6C797FC9D95D8B582D225292076D4EEF5" },
-        { ISOIECObjectIdentifiers.whirlpool.getId(), "4E2448A4C6F486BB16B6562C73B4020BF3043E3A731BCE721AE1B303D97E6D4C7181EEBDB6C57E277D0E34957114CBD6C797FC9D95D8B582D225292076D4EEF5" },
-        { "SM3", "66c7f0f462eeedd9d1f2d46bdc10e4e24167c4875cf2f7a2297da02b8f4ba8e0" },
-        { "SHA3-224", "e642824c3f8cf24ad09234ee7d3c766fc9a3a5168d0c94ad73b46fdf" },
-        { "SHA3-256", "3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532" },
-        { "SHA3-384", "ec01498288516fc926459f58e2c6ad8df9b473cb0fc08c2596da7cf0e49be4b298d88cea927ac7f539f1edf228376d25" },
-        { "SHA3-512", "b751850b1a57168a5693cd924b6b096e08f621827444f70d884f5d0240d2712e10e116e9192af3c91a7ec57647e3934057340b4cf408d5a56592f8274eec53f0" },
-        { NISTObjectIdentifiers.id_sha3_224.getId(), "e642824c3f8cf24ad09234ee7d3c766fc9a3a5168d0c94ad73b46fdf" },
-        { NISTObjectIdentifiers.id_sha3_256.getId(), "3a985da74fe225b2045c172d6bd390bd855f086e3e9d525b46bfe24511431532" },
-        { NISTObjectIdentifiers.id_sha3_384.getId(), "ec01498288516fc926459f58e2c6ad8df9b473cb0fc08c2596da7cf0e49be4b298d88cea927ac7f539f1edf228376d25" },
-        { NISTObjectIdentifiers.id_sha3_512.getId(), "b751850b1a57168a5693cd924b6b096e08f621827444f70d884f5d0240d2712e10e116e9192af3c91a7ec57647e3934057340b4cf408d5a56592f8274eec53f0" },
-        { "KECCAK-224", "c30411768506ebe1c2871b1ee2e87d38df342317300a9b97a95ec6a8" },
-        { "KECCAK-256", "4e03657aea45a94fc7d47ba826c8d667c0d1e6e33a64a036ec44f58fa12d6c45" },
-        { "KECCAK-288", "20ff13d217d5789fa7fc9e0e9a2ee627363ec28171d0b6c52bbd2f240554dbc94289f4d6" },
-        { "KECCAK-384", "f7df1165f033337be098e7d288ad6a2f74409d7a60b49c36642218de161b1f99f8c681e4afaf31a34db29fb763e3c28e" },
-        { "KECCAK-512", "18587dc2ea106b9a1563e32b3312421ca164c7f1f07bc922a9c83d77cea3a1e5d0c69910739025372dc14ac9642629379540c17e2a65b19d77aa511a9d00bb96" },
-        { "BLAKE2B-160", "384264f676f39536840523f284921cdc68b6846b" },
-        { "BLAKE2B-256", "bddd813c634239723171ef3fee98579b94964e3bb1cb3e427262c8c068d52319" },
-        { "BLAKE2B-384", "6f56a82c8e7ef526dfe182eb5212f7db9df1317e57815dbda46083fc30f54ee6c66ba83be64b302d7cba6ce15bb556f4" },
-        { "BLAKE2B-512", "ba80a53f981c4d0d6a2797b69f12f6e94c212f14685ac4b74b12bb6fdbffa2d17d87c5392aab792dc252d5de4533cc9518d38aa8dbf1925ab92386edd4009923" },
-        { MiscObjectIdentifiers.id_blake2b160.getId(), "384264f676f39536840523f284921cdc68b6846b" },
-        { MiscObjectIdentifiers.id_blake2b256.getId(), "bddd813c634239723171ef3fee98579b94964e3bb1cb3e427262c8c068d52319" },
-        { MiscObjectIdentifiers.id_blake2b384.getId(), "6f56a82c8e7ef526dfe182eb5212f7db9df1317e57815dbda46083fc30f54ee6c66ba83be64b302d7cba6ce15bb556f4" },
-        { MiscObjectIdentifiers.id_blake2b512.getId(), "ba80a53f981c4d0d6a2797b69f12f6e94c212f14685ac4b74b12bb6fdbffa2d17d87c5392aab792dc252d5de4533cc9518d38aa8dbf1925ab92386edd4009923" },
-        { "BLAKE2S-128", "aa4938119b1dc7b87cbad0ffd200d0ae" },
-        { "BLAKE2S-160", "5ae3b99be29b01834c3b508521ede60438f8de17" },
-        { "BLAKE2S-224", "0b033fc226df7abde29f67a05d3dc62cf271ef3dfea4d387407fbd55" },
-        { "BLAKE2S-256", "508c5e8c327c14e2e1a72ba34eeb452f37458b209ed63a294d999b4c86675982" },
-        { MiscObjectIdentifiers.id_blake2s128.getId(), "aa4938119b1dc7b87cbad0ffd200d0ae" },
-        { MiscObjectIdentifiers.id_blake2s160.getId(), "5ae3b99be29b01834c3b508521ede60438f8de17" },
-        { MiscObjectIdentifiers.id_blake2s224.getId(), "0b033fc226df7abde29f67a05d3dc62cf271ef3dfea4d387407fbd55" },
-        { MiscObjectIdentifiers.id_blake2s256.getId(), "508c5e8c327c14e2e1a72ba34eeb452f37458b209ed63a294d999b4c86675982" },
-        { "GOST3411-2012-256", "4e2919cf137ed41ec4fb6270c61826cc4fffb660341e0af3688cd0626d23b481" },
-        { RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256.getId(), "4e2919cf137ed41ec4fb6270c61826cc4fffb660341e0af3688cd0626d23b481" },
-        { "GOST3411-2012-512", "28156e28317da7c98f4fe2bed6b542d0dab85bb224445fcedaf75d46e26d7eb8d5997f3e0915dd6b7f0aab08d9c8beb0d8c64bae2ab8b3c8c6bc53b3bf0db728" },
-        { RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512.getId(), "28156e28317da7c98f4fe2bed6b542d0dab85bb224445fcedaf75d46e26d7eb8d5997f3e0915dd6b7f0aab08d9c8beb0d8c64bae2ab8b3c8c6bc53b3bf0db728" },
-        { "DSTU7564-256", "0bd1b36109f1318411a0517315aa46b8839df06622a278676f5487996c9cfc04" },
-        { UAObjectIdentifiers.dstu7564digest_256.getId(), "0bd1b36109f1318411a0517315aa46b8839df06622a278676f5487996c9cfc04" },
-        { "DSTU7564-384", "72945012b0820c3132846ddc90da511f80bb7b70abd0cb1ab8df785d600c187b9d0ac567e8b6f76fde8a0b417a2ebf88" },
-        { UAObjectIdentifiers.dstu7564digest_384.getId(), "72945012b0820c3132846ddc90da511f80bb7b70abd0cb1ab8df785d600c187b9d0ac567e8b6f76fde8a0b417a2ebf88" },
-        { "DSTU7564-512", "9e5be7daf7b68b49d2ecbd04c7a5b3af72945012b0820c3132846ddc90da511f80bb7b70abd0cb1ab8df785d600c187b9d0ac567e8b6f76fde8a0b417a2ebf88" },
-        { UAObjectIdentifiers.dstu7564digest_512.getId(), "9e5be7daf7b68b49d2ecbd04c7a5b3af72945012b0820c3132846ddc90da511f80bb7b70abd0cb1ab8df785d600c187b9d0ac567e8b6f76fde8a0b417a2ebf88" },
-    };
-    
-    public String getName()
-    {
-        return "Digest";
-    }
-
-    void test(String algorithm)
-        throws Exception
-    {
-        byte[] message = "hello world".getBytes();
-
-        MessageDigest digest = MessageDigest.getInstance(algorithm, provider);
-
-        byte[] result = digest.digest(message);
-        byte[] result2 = digest.digest(message);
-
-        // test one digest the same message with the same instance
-        if (!MessageDigest.isEqual(result, result2))
-        {
-            fail("Result object 1 not equal");
-        }
-
-        // test two, single byte updates
-        for (int i = 0; i < message.length; i++)
-        {
-            digest.update(message[i]);
-        }
-        result2 = digest.digest();
-
-        if (!MessageDigest.isEqual(result, result2))
-        {
-            fail("Result object 2 not equal");
-        }
-
-        // test three, two half updates
-        digest.update(message, 0, message.length/2);
-        digest.update(message, message.length/2, message.length-message.length/2);
-        result2 = digest.digest();
-
-        if (!MessageDigest.isEqual(result, result2))
-        {
-            fail("Result object 3 not equal");
-        }
-
-        // test four, clone test
-        digest.update(message, 0, message.length/2);
-        MessageDigest d = (MessageDigest)digest.clone();
-        digest.update(message, message.length/2, message.length-message.length/2);
-        result2 = digest.digest();
-
-        if (!MessageDigest.isEqual(result, result2))
-        {
-            fail("Result object 4(a) not equal");
-        }
-
-        d.update(message, message.length/2, message.length-message.length/2);
-        result2 = d.digest();
-
-        if (!MessageDigest.isEqual(result, result2))
-        {
-            fail("Result object 4(b) not equal");
-        }
-
-        // test five, check reset() method
-        digest.update(message, 0, message.length/2);
-        digest.reset();
-        digest.update(message, 0, message.length/2);
-        digest.update(message, message.length/2, message.length-message.length/2);
-        result2 = digest.digest();
-
-        if (!MessageDigest.isEqual(result, result2))
-        {
-            fail("Result object 5 not equal");
-        }
-
-        // test six, check reset() method with longer message
-        digest.update(message);
-        digest.update(message);
-        digest.reset();
-
-        result2 = digest.digest(message);
-
-        if (!MessageDigest.isEqual(result, result2))
-        {
-            fail("Result object 6 not equal");
-        }
-    }
-
-    /**
-     * Test the hash against a standard value for the string "abc"
-     * 
-     * @param algorithm algorithm to test
-     * @param hash expected value
-     * @return the test result.
-     */
-    void abcTest(
-        String algorithm,
-        String hash)
-        throws Exception
-    {
-        byte[] abc = { (byte)0x61, (byte)0x62, (byte)0x63 };
-        
-        MessageDigest digest = MessageDigest.getInstance(algorithm, provider);
-
-        byte[] result = digest.digest(abc);
-        
-        if (!MessageDigest.isEqual(result, Hex.decode(hash)))
-        {                  System.err.println(Hex.toHexString(result));
-            fail("abc result not equal for " + algorithm);
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        for (int i = 0; i != abcVectors.length; i++)
-        {
-            test(abcVectors[i][0]);
-         
-            abcTest(abcVectors[i][0], abcVectors[i][1]);
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new DigestTest());
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DoFinalTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DoFinalTest.java
deleted file mode 100644
index d059138..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/DoFinalTest.java
+++ /dev/null

@@ -1,164 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.security.Key;
-import java.security.Security;
-
-import javax.crypto.Cipher;
-import javax.crypto.KeyGenerator;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-/**
- * check that doFinal is properly reseting the cipher.
- */
-public class DoFinalTest
-    implements Test
-{
-    public DoFinalTest()
-    {
-    }
-
-    private boolean equalArray(
-        byte[]  a,
-        int        aOff,
-        byte[]  b,
-        int        length)
-    {
-        if (aOff + a.length < length)
-        {
-            return false;
-        }
-        
-        if (b.length < length)
-        {
-            return false;
-        }
-        
-        for (int i = 0; i != length; i++)
-        {
-            if (a[aOff + i] != b[i])
-            {
-                return false;
-            }
-        }
-
-        return true;
-    }
-    
-    public TestResult checkCipher(
-        String    cipherName)
-    {
-        String lCode = "ABCDEFGHIJKLMNOPQRSTUVWXY0123456789";
-        String  baseAlgorithm;
-        int     index = cipherName.indexOf('/');
-
-        if (index > 0)
-        {
-            baseAlgorithm = cipherName.substring(0, index);
-        }
-        else
-        {
-            baseAlgorithm = cipherName;
-        }
-        
-        try
-        {
-            KeyGenerator    kGen = KeyGenerator.getInstance(baseAlgorithm, "BC");
-            Cipher          cipher = Cipher.getInstance(cipherName, "BC");
-            Key             key = kGen.generateKey();
-
-            cipher.init(Cipher.ENCRYPT_MODE, key);
-
-            byte[] encrypted = cipher.doFinal(lCode.getBytes());
-
-            // 2nd try
-            byte[]    encrypted2 = cipher.doFinal(lCode.getBytes());
-
-            if (encrypted.length != encrypted2.length)
-            {
-                return new SimpleTestResult(false, getName() + ": Failed " + cipherName + " - expected length " + encrypted.length + " got " + encrypted2.length);
-            }
-
-            if (!equalArray(encrypted, 0, encrypted2, encrypted.length))
-            {
-                return new SimpleTestResult(false, getName() + ": Failed " + cipherName + " - first two arrays not equal");
-            }
-            
-            // 3rd try
-            byte[]  enc1 = cipher.update(lCode.getBytes());
-            byte[]  enc2 = cipher.doFinal();
-
-            if ((enc1.length + enc2.length) != encrypted.length)
-            {
-                return new SimpleTestResult(false, getName() + ": Failed " + cipherName + " - expected length " + encrypted.length + " got " + (enc1.length + enc2.length));
-            }
-
-            if (!equalArray(encrypted, 0, enc1, enc1.length))
-            {
-                return new SimpleTestResult(false, getName() + ": Failed " + cipherName + " - enc1 array not equal");
-            }
-            
-            if (!equalArray(encrypted, enc1.length, enc2, enc2.length))
-            {
-                return new SimpleTestResult(false, getName() + ": Failed " + cipherName + " - enc1 array not equal");
-            }
-            
-            enc1 = cipher.update(lCode.getBytes());
-            
-            if (!equalArray(encrypted, 0, enc1, enc1.length))
-            {
-                return new SimpleTestResult(false, getName() + ": Failed " + cipherName + " - 2nd enc1 array not equal");
-            }
-            
-            int len = cipher.doFinal(enc1, 0);
-            if ((enc1.length + len) != encrypted.length)
-            {
-                return new SimpleTestResult(false, getName() + ": Failed " + cipherName + " - expected length " + encrypted.length + " got " + (enc1.length + len));
-            }
-        }
-        catch (Exception e)
-        {
-            return new SimpleTestResult(false, getName() + ": Failed " + cipherName + " - exception " + e.toString());
-        }
-
-        return new SimpleTestResult(true, getName() + ": Okay");
-    }
-
-    public TestResult perform()
-    {
-        TestResult    result = checkCipher("RC4");
-        
-        if (!result.isSuccessful())
-        {
-            return result;
-        }
-        
-        result = checkCipher("DES/CBC/PKCS5Padding");
-        
-        if (!result.isSuccessful())
-        {
-            return result;
-        }
-        
-        return checkCipher("Rijndael");
-    }
-    
-    public String getName()
-    {
-        return "DoFinalTest";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        Test            test = new DoFinalTest();
-        TestResult      result = test.perform();
-
-        System.out.println(result.toString());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/ECDSA5Test.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/ECDSA5Test.java
deleted file mode 100644
index b37e301..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/ECDSA5Test.java
+++ /dev/null

@@ -1,1239 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.math.BigInteger;
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.Signature;
-import java.security.SignatureException;
-import java.security.interfaces.ECPrivateKey;
-import java.security.interfaces.ECPublicKey;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.ECFieldF2m;
-import java.security.spec.ECFieldFp;
-import java.security.spec.ECGenParameterSpec;
-import java.security.spec.ECParameterSpec;
-import java.security.spec.ECPoint;
-import java.security.spec.ECPrivateKeySpec;
-import java.security.spec.ECPublicKeySpec;
-import java.security.spec.EllipticCurve;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-
-import javax.crypto.KeyAgreement;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
-import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
-import org.bouncycastle.asn1.nist.NISTNamedCurves;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.sec.SECObjectIdentifiers;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x9.X962Parameters;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
-import org.bouncycastle.jcajce.spec.MQVParameterSpec;
-import org.bouncycastle.jce.ECKeyUtil;
-import org.bouncycastle.jce.ECNamedCurveTable;
-import org.bouncycastle.jce.ECPointUtil;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECNamedCurveGenParameterSpec;
-import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.BigIntegers;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.FixedSecureRandom;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestRandomBigInteger;
-
-public class ECDSA5Test
-    extends SimpleTest
-{
-    private static final byte[] namedPubKey = Base64.decode(
-        "MHYwEAYHKoZIzj0CAQYFK4EEACIDYgAEJMeqHZzm+saHt1m3a4u5BIqgSznd8LNvoeS93zzE9Ll31/AMaveAj" +
-            "JqWxGdyCwnqmM5m3IFCZV3abKVGNpnuQwhIOPMm1355YX1JeEy/ifCx7lYe1o8Xs/Ajqz8cJB3j");
-
-    byte[] k1 = Hex.decode("d5014e4b60ef2ba8b6211b4062ba3224e0427dd3");
-    byte[] k2 = Hex.decode("345e8d05c075c3a508df729a1685690e68fcfb8c8117847e89063bca1f85d968fd281540b6e13bd1af989a1fbf17e06462bf511f9d0b140fb48ac1b1baa5bded");
-
-    SecureRandom random = new FixedSecureRandom(
-        new FixedSecureRandom.Source[]{new FixedSecureRandom.Data(k1), new FixedSecureRandom.Data(k2)});
-    static final BigInteger PubX =
-        new BigInteger("3390396496586153202365024500890309020181905168626402195853036609"
-            + "0984128098564");
-    static final BigInteger PubY =
-        new BigInteger("1135421298983937257390683162600855221890652900790509030911087400"
-            + "65052129055287");
-    static final String[] VALID_SIGNATURES = {
-        "3045022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d49"
-            + "1b39fd2c3f0220747291dd2f3f44af7ace68ea33431d6f94e418c106a6e76285"
-            + "cd59f43260ecce",
-    };
-
-    // The following test vectors check for signature malleability and bugs. That means the test
-    // vectors are derived from a valid signature by modifying the ASN encoding. A correct
-    // implementation of ECDSA should only accept correct DER encoding and properly handle the
-    // others (e.g. integer overflow, infinity, redundant parameters, etc). Allowing alternative BER
-    // encodings is in many cases benign. An example where this kind of signature malleability was a
-    // problem: https://en.bitcoin.it/wiki/Transaction_Malleability
-    static final String[] MODIFIED_SIGNATURES = {
-        "304602812100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f"
-            + "3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce",
-        "30470282002100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd"
-            + "2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce",
-        "304602220000b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f"
-            + "3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce",
-        "3046022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f028120747291dd2f"
-            + "3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce",
-        "3047022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f02820020747291dd"
-            + "2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce",
-        "3046022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f022100747291dd2f"
-            + "3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce",
-        "308145022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f"
-            + "3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce",
-        "30820045022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd"
-            + "2f3f44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce",
-        "3047022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f"
-            + "44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce3000",
-        "3047022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f"
-            + "44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce1000",
-        "3047022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f"
-            + "44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce0000",
-        "3045022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f"
-            + "44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce0000",
-        "3048022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f"
-            + "44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce058100",
-        "3049022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f"
-            + "44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce05820000",
-        "3047022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f"
-            + "44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce1100",
-        "3047022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f"
-            + "44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce0500",
-        "3047022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f"
-            + "44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce2500",
-        "3067022100b7babae9332b54b8a3a05b7004579821a887a1b21465f7db8a3d491b39fd2c3f0220747291dd2f3f"
-            + "44af7ace68ea33431d6f94e418c106a6e76285cd59f43260ecce0220747291dd2f3f44af7ace68ea33431d6f"
-            + "94e418c106a6e76285cd59f43260ecce"
-    };
-
-    private void testModified()
-        throws Exception
-    {
-        ECNamedCurveParameterSpec namedCurve = ECNamedCurveTable.getParameterSpec("P-256");
-        org.bouncycastle.jce.spec.ECPublicKeySpec pubSpec = new org.bouncycastle.jce.spec.ECPublicKeySpec(namedCurve.getCurve().createPoint(PubX, PubY), namedCurve);
-        KeyFactory kFact = KeyFactory.getInstance("EC", "BC");
-        PublicKey pubKey = kFact.generatePublic(pubSpec);
-        Signature sig = Signature.getInstance("SHA256WithECDSA", "BC");
-
-        for (int i = 0; i != MODIFIED_SIGNATURES.length; i++)
-        {
-            sig.initVerify(pubKey);
-
-            sig.update(Strings.toByteArray("Hello"));
-
-            boolean failed;
-
-            try
-            {
-                failed = !sig.verify(Hex.decode(MODIFIED_SIGNATURES[i]));
-            }
-            catch (SignatureException e)
-            {
-                failed = true;
-            }
-
-            isTrue("sig verified when shouldn't: " + i, failed);
-        }
-    }
-
-    public void testNamedCurveInKeyFactory()
-        throws Exception
-    {
-        KeyFactory kfBc = KeyFactory.getInstance("EC", "BC");
-        BigInteger x = new BigInteger("24c7aa1d9ce6fac687b759b76b8bb9048aa04b39ddf0b36fa1e4bddf3cc4f4b977d7f00c6af7808c9a96c467720b09ea", 16);
-        BigInteger y = new BigInteger("98ce66dc8142655dda6ca5463699ee43084838f326d77e79617d49784cbf89f0b1ee561ed68f17b3f023ab3f1c241de3", 16);
-        String curveName = "secp384r1";
-        ECPoint point = new ECPoint(x, y);
-
-        AlgorithmParameters parameters = AlgorithmParameters.getInstance("EC", "BC");
-        parameters.init(new ECGenParameterSpec(curveName));
-        ECParameterSpec ecParamSpec = parameters.getParameterSpec(ECParameterSpec.class);
-        PublicKey pubKey = kfBc.generatePublic(new ECPublicKeySpec(point, ecParamSpec));
-
-        isTrue(Arrays.areEqual(namedPubKey, pubKey.getEncoded()));
-    }
-
-    private void decodeTest()
-    {
-        EllipticCurve curve = new EllipticCurve(
-            new ECFieldFp(new BigInteger("6277101735386680763835789423207666416083908700390324961279")), // q
-            new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16), // a
-            new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16)); // b
-
-        ECPoint p = ECPointUtil.decodePoint(curve, Hex.decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012"));
-
-        if (!p.getAffineX().equals(new BigInteger("188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012", 16)))
-        {
-            fail("x uncompressed incorrectly");
-        }
-
-        if (!p.getAffineY().equals(new BigInteger("7192b95ffc8da78631011ed6b24cdd573f977a11e794811", 16)))
-        {
-            fail("y uncompressed incorrectly");
-        }
-    }
-
-    /**
-     * X9.62 - 1998,<br>
-     * J.3.2, Page 155, ECDSA over the field Fp<br>
-     * an example with 239 bit prime
-     */
-    private void testECDSA239bitPrime()
-        throws Exception
-    {
-        BigInteger r = new BigInteger("308636143175167811492622547300668018854959378758531778147462058306432176");
-        BigInteger s = new BigInteger("323813553209797357708078776831250505931891051755007842781978505179448783");
-
-        byte[] kData = BigIntegers.asUnsignedByteArray(new BigInteger("700000017569056646655505781757157107570501575775705779575555657156756655"));
-
-        SecureRandom k = new TestRandomBigInteger(kData);
-
-        EllipticCurve curve = new EllipticCurve(
-            new ECFieldFp(new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839")), // q
-            new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
-            new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
-
-        ECParameterSpec spec = new ECParameterSpec(
-            curve,
-            ECPointUtil.decodePoint(curve, Hex.decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
-            new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307"), // n
-            1); // h
-
-
-        ECPrivateKeySpec priKey = new ECPrivateKeySpec(
-            new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d
-            spec);
-
-        ECPublicKeySpec pubKey = new ECPublicKeySpec(
-            ECPointUtil.decodePoint(curve, Hex.decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q
-            spec);
-
-        Signature sgr = Signature.getInstance("ECDSA", "BC");
-        KeyFactory f = KeyFactory.getInstance("ECDSA", "BC");
-        PrivateKey sKey = f.generatePrivate(priKey);
-        PublicKey vKey = f.generatePublic(pubKey);
-
-        sgr.initSign(sKey, k);
-
-        byte[] message = new byte[]{(byte)'a', (byte)'b', (byte)'c'};
-
-        sgr.update(message);
-
-        byte[] sigBytes = sgr.sign();
-
-        sgr.initVerify(vKey);
-
-        sgr.update(message);
-
-        if (!sgr.verify(sigBytes))
-        {
-            fail("239 Bit EC verification failed");
-        }
-
-        BigInteger[] sig = derDecode(sigBytes);
-
-        if (!r.equals(sig[0]))
-        {
-            fail("r component wrong." + Strings.lineSeparator()
-                + " expecting: " + r + Strings.lineSeparator()
-                + " got      : " + sig[0]);
-        }
-
-        if (!s.equals(sig[1]))
-        {
-            fail("s component wrong." + Strings.lineSeparator()
-                + " expecting: " + s + Strings.lineSeparator()
-                + " got      : " + sig[1]);
-        }
-    }
-
-    private void testSM2()
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("ECDSA", "BC");
-
-        kpGen.initialize(new ECGenParameterSpec("sm2p256v1"));
-
-        KeyPair kp = kpGen.generateKeyPair();
-
-        kpGen.initialize(new ECNamedCurveGenParameterSpec("sm2p256v1"));
-
-        kp = kpGen.generateKeyPair();
-    }
-
-    private void testNonsense()
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("ECDSA", "BC");
-
-        try
-        {
-            kpGen.initialize(new ECGenParameterSpec("no_such_curve"));
-            fail("no exception");
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            isEquals("unknown curve name: no_such_curve", e.getMessage());
-        }
-        KeyPair kp = kpGen.generateKeyPair();
-
-        try
-        {
-            kpGen.initialize(new ECNamedCurveGenParameterSpec("1.2.3.4.5"));
-            fail("no exception");
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            isEquals("unknown curve OID: 1.2.3.4.5", e.getMessage());
-        }
-
-        kp = kpGen.generateKeyPair();
-    }
-
-    // test BSI algorithm support.
-    private void testBSI()
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("ECDSA", "BC");
-
-        kpGen.initialize(new ECGenParameterSpec(TeleTrusTObjectIdentifiers.brainpoolP512r1.getId()));
-
-        KeyPair kp = kpGen.generateKeyPair();
-
-        byte[] data = "Hello World!!!".getBytes();
-        String[] cvcAlgs = {"SHA1WITHCVC-ECDSA", "SHA224WITHCVC-ECDSA",
-            "SHA256WITHCVC-ECDSA", "SHA384WITHCVC-ECDSA",
-            "SHA512WITHCVC-ECDSA"};
-        String[] cvcOids = {EACObjectIdentifiers.id_TA_ECDSA_SHA_1.getId(), EACObjectIdentifiers.id_TA_ECDSA_SHA_224.getId(),
-            EACObjectIdentifiers.id_TA_ECDSA_SHA_256.getId(), EACObjectIdentifiers.id_TA_ECDSA_SHA_384.getId(),
-            EACObjectIdentifiers.id_TA_ECDSA_SHA_512.getId()};
-
-        testBsiAlgorithms(kp, data, cvcAlgs, cvcOids);
-
-        String[] plainAlgs = {"SHA1WITHPLAIN-ECDSA", "SHA224WITHPLAIN-ECDSA",
-            "SHA256WITHPLAIN-ECDSA", "SHA384WITHPLAIN-ECDSA",
-            "SHA512WITHPLAIN-ECDSA", "RIPEMD160WITHPLAIN-ECDSA"};
-        String[] plainOids = {BSIObjectIdentifiers.ecdsa_plain_SHA1.getId(), BSIObjectIdentifiers.ecdsa_plain_SHA224.getId(),
-            BSIObjectIdentifiers.ecdsa_plain_SHA256.getId(), BSIObjectIdentifiers.ecdsa_plain_SHA384.getId(),
-            BSIObjectIdentifiers.ecdsa_plain_SHA512.getId(), BSIObjectIdentifiers.ecdsa_plain_RIPEMD160.getId()};
-
-        testBsiAlgorithms(kp, data, plainAlgs, plainOids);
-
-        kpGen = KeyPairGenerator.getInstance("ECDSA", "BC");
-
-        kpGen.initialize(new ECGenParameterSpec(SECObjectIdentifiers.secp521r1.getId()));
-
-        kp = kpGen.generateKeyPair();
-
-        ECNamedCurveParameterSpec spec = ECNamedCurveTable.getParameterSpec(SECObjectIdentifiers.secp521r1.getId());
-        testBsiSigSize(kp, spec.getN(), "SHA224WITHPLAIN-ECDSA");
-    }
-
-    private void testBsiAlgorithms(KeyPair kp, byte[] data, String[] algs, String[] oids)
-        throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException
-    {
-        for (int i = 0; i != algs.length; i++)
-        {
-            Signature sig1 = Signature.getInstance(algs[i], "BC");
-            Signature sig2 = Signature.getInstance(oids[i], "BC");
-
-            sig1.initSign(kp.getPrivate());
-
-            sig1.update(data);
-
-            byte[] sig = sig1.sign();
-
-            sig2.initVerify(kp.getPublic());
-
-            sig2.update(data);
-
-            if (!sig2.verify(sig))
-            {
-                fail("BSI CVC signature failed: " + algs[i]);
-            }
-        }
-    }
-
-    private void testBsiSigSize(KeyPair kp, BigInteger order, String alg)
-        throws Exception
-    {
-        for (int i = 0; i != 20; i++)
-        {
-            Signature sig1 = Signature.getInstance(alg, "BC");
-            Signature sig2 = Signature.getInstance(alg, "BC");
-
-            sig1.initSign(kp.getPrivate());
-
-            sig1.update(new byte[]{(byte)i});
-
-            byte[] sig = sig1.sign();
-            
-            isTrue(sig.length == (2 * ((order.bitLength() + 7) / 8)));
-            sig2.initVerify(kp.getPublic());
-
-            sig2.update(new byte[]{(byte)i});
-
-            if (!sig2.verify(sig))
-            {
-                fail("BSI CVC signature failed: " + alg);
-            }
-        }
-    }
-    
-    /**
-     * X9.62 - 1998,<br>
-     * J.2.1, Page 100, ECDSA over the field F2m<br>
-     * an example with 191 bit binary field
-     */
-    private void testECDSA239bitBinary()
-        throws Exception
-    {
-        BigInteger r = new BigInteger("21596333210419611985018340039034612628818151486841789642455876922391552");
-        BigInteger s = new BigInteger("197030374000731686738334997654997227052849804072198819102649413465737174");
-
-        byte[] kData = BigIntegers.asUnsignedByteArray(new BigInteger("171278725565216523967285789236956265265265235675811949404040041670216363"));
-
-        SecureRandom k = new TestRandomBigInteger(kData);
-
-        EllipticCurve curve = new EllipticCurve(
-            new ECFieldF2m(239, // m
-                new int[]{36}), // k
-            new BigInteger("32010857077C5431123A46B808906756F543423E8D27877578125778AC76", 16), // a
-            new BigInteger("790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16", 16)); // b
-
-        ECParameterSpec params = new ECParameterSpec(
-            curve,
-            ECPointUtil.decodePoint(curve, Hex.decode("0457927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D61D8EE5077C33FECF6F1A16B268DE469C3C7744EA9A971649FC7A9616305")), // G
-            new BigInteger("220855883097298041197912187592864814557886993776713230936715041207411783"), // n
-            4); // h
-
-        ECPrivateKeySpec priKeySpec = new ECPrivateKeySpec(
-            new BigInteger("145642755521911534651321230007534120304391871461646461466464667494947990"), // d
-            params);
-
-        ECPublicKeySpec pubKeySpec = new ECPublicKeySpec(
-            ECPointUtil.decodePoint(curve, Hex.decode("045894609CCECF9A92533F630DE713A958E96C97CCB8F5ABB5A688A238DEED6DC2D9D0C94EBFB7D526BA6A61764175B99CB6011E2047F9F067293F57F5")), // Q
-            params);
-
-        Signature sgr = Signature.getInstance("ECDSA", "BC");
-        KeyFactory f = KeyFactory.getInstance("ECDSA", "BC");
-        PrivateKey sKey = f.generatePrivate(priKeySpec);
-        PublicKey vKey = f.generatePublic(pubKeySpec);
-        byte[] message = new byte[]{(byte)'a', (byte)'b', (byte)'c'};
-
-        sgr.initSign(sKey, k);
-
-        sgr.update(message);
-
-        byte[] sigBytes = sgr.sign();
-
-        sgr.initVerify(vKey);
-
-        sgr.update(message);
-
-        if (!sgr.verify(sigBytes))
-        {
-            fail("239 Bit EC verification failed");
-        }
-
-        BigInteger[] sig = derDecode(sigBytes);
-
-        if (!r.equals(sig[0]))
-        {
-            fail("r component wrong." + Strings.lineSeparator()
-                + " expecting: " + r + Strings.lineSeparator()
-                + " got      : " + sig[0]);
-        }
-
-        if (!s.equals(sig[1]))
-        {
-            fail("s component wrong." + Strings.lineSeparator()
-                + " expecting: " + s + Strings.lineSeparator()
-                + " got      : " + sig[1]);
-        }
-    }
-
-    private void testGeneration()
-        throws Exception
-    {
-        //
-        // ECDSA generation test
-        //
-        byte[] data = {1, 2, 3, 4, 5, 6, 7, 8, 9, 0};
-        Signature s = Signature.getInstance("ECDSA", "BC");
-        KeyPairGenerator g = KeyPairGenerator.getInstance("ECDSA", "BC");
-
-        EllipticCurve curve = new EllipticCurve(
-            new ECFieldFp(new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839")), // q
-            new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
-            new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
-
-        ECParameterSpec ecSpec = new ECParameterSpec(
-            curve,
-            ECPointUtil.decodePoint(curve, Hex.decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
-            new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307"), // n
-            1); // h
-
-        g.initialize(ecSpec, new SecureRandom());
-
-        KeyPair p = g.generateKeyPair();
-
-        PrivateKey sKey = p.getPrivate();
-        PublicKey vKey = p.getPublic();
-
-        s.initSign(sKey);
-
-        s.update(data);
-
-        byte[] sigBytes = s.sign();
-
-        s = Signature.getInstance("ECDSA", "BC");
-
-        s.initVerify(vKey);
-
-        s.update(data);
-
-        if (!s.verify(sigBytes))
-        {
-            fail("ECDSA verification failed");
-        }
-
-        testKeyFactory((ECPublicKey)vKey, (ECPrivateKey)sKey);
-        testSerialise((ECPublicKey)vKey, (ECPrivateKey)sKey);
-    }
-
-    private void testSerialise(ECPublicKey ecPublicKey, ECPrivateKey ecPrivateKey)
-        throws Exception
-    {
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        ObjectOutputStream oOut = new ObjectOutputStream(bOut);
-
-        oOut.writeObject(ecPublicKey);
-        oOut.writeObject(ecPrivateKey);
-        oOut.close();
-
-        ObjectInputStream oIn = new ObjectInputStream(new ByteArrayInputStream(bOut.toByteArray()));
-
-        PublicKey pubKey = (PublicKey)oIn.readObject();
-        PrivateKey privKey = (PrivateKey)oIn.readObject();
-
-        if (!ecPublicKey.equals(pubKey))
-        {
-            fail("public key serialisation check failed");
-        }
-
-        if (!ecPrivateKey.equals(privKey))
-        {
-            fail("private key serialisation check failed");
-        }
-    }
-
-    private void testKeyFactory(ECPublicKey pub, ECPrivateKey priv)
-        throws Exception
-    {
-        KeyFactory ecFact = KeyFactory.getInstance("ECDSA");
-
-        ECPublicKeySpec pubSpec = (ECPublicKeySpec)ecFact.getKeySpec(pub, ECPublicKeySpec.class);
-        ECPrivateKeySpec privSpec = (ECPrivateKeySpec)ecFact.getKeySpec(priv, ECPrivateKeySpec.class);
-
-        if (!pubSpec.getW().equals(pub.getW()) || !pubSpec.getParams().getCurve().equals(pub.getParams().getCurve()))
-        {
-            fail("pubSpec not correct");
-        }
-
-        if (!privSpec.getS().equals(priv.getS()) || !privSpec.getParams().getCurve().equals(priv.getParams().getCurve()))
-        {
-            fail("privSpec not correct");
-        }
-
-        ECPublicKey pubKey = (ECPublicKey)ecFact.translateKey(pub);
-        ECPrivateKey privKey = (ECPrivateKey)ecFact.translateKey(priv);
-
-        if (!pubKey.getW().equals(pub.getW()) || !pubKey.getParams().getCurve().equals(pub.getParams().getCurve()))
-        {
-            fail("pubKey not correct");
-        }
-
-        if (!privKey.getS().equals(priv.getS()) || !privKey.getParams().getCurve().equals(priv.getParams().getCurve()))
-        {
-            fail("privKey not correct");
-        }
-    }
-
-    private void testKeyConversion()
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("ECDSA", "BC");
-
-        kpGen.initialize(new ECGenParameterSpec("prime192v1"));
-
-        KeyPair pair = kpGen.generateKeyPair();
-
-        PublicKey pubKey = ECKeyUtil.publicToExplicitParameters(pair.getPublic(), "BC");
-
-        SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(pubKey.getEncoded()));
-        X962Parameters params = X962Parameters.getInstance(info.getAlgorithm().getParameters());
-
-        if (params.isNamedCurve() || params.isImplicitlyCA())
-        {
-            fail("public key conversion to explicit failed");
-        }
-
-        if (!((ECPublicKey)pair.getPublic()).getW().equals(((ECPublicKey)pubKey).getW()))
-        {
-            fail("public key conversion check failed");
-        }
-
-        PrivateKey privKey = ECKeyUtil.privateToExplicitParameters(pair.getPrivate(), "BC");
-        PrivateKeyInfo privInfo = PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(privKey.getEncoded()));
-        params = X962Parameters.getInstance(privInfo.getPrivateKeyAlgorithm().getParameters());
-
-        if (params.isNamedCurve() || params.isImplicitlyCA())
-        {
-            fail("private key conversion to explicit failed");
-        }
-
-        if (!((ECPrivateKey)pair.getPrivate()).getS().equals(((ECPrivateKey)privKey).getS()))
-        {
-            fail("private key conversion check failed");
-        }
-    }
-
-    private void testAdaptiveKeyConversion()
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("ECDSA", "BC");
-
-        kpGen.initialize(new ECGenParameterSpec("prime192v1"));
-
-        KeyPair pair = kpGen.generateKeyPair();
-
-        final PrivateKey privKey = pair.getPrivate();
-        final PublicKey pubKey = pair.getPublic();
-
-        Signature s = Signature.getInstance("ECDSA", "BC");
-
-        // raw interface tests
-        s.initSign(new PrivateKey()
-        {
-            public String getAlgorithm()
-            {
-                return privKey.getAlgorithm();
-            }
-
-            public String getFormat()
-            {
-                return privKey.getFormat();
-            }
-
-            public byte[] getEncoded()
-            {
-                return privKey.getEncoded();
-            }
-        });
-
-        s.initVerify(new PublicKey()
-        {
-            public String getAlgorithm()
-            {
-                return pubKey.getAlgorithm();
-            }
-
-            public String getFormat()
-            {
-                return pubKey.getFormat();
-            }
-
-            public byte[] getEncoded()
-            {
-                return pubKey.getEncoded();
-            }
-        });
-
-
-        s.initSign(new ECPrivateKey()
-        {
-            public String getAlgorithm()
-            {
-                return privKey.getAlgorithm();
-            }
-
-            public String getFormat()
-            {
-                return privKey.getFormat();
-            }
-
-            public byte[] getEncoded()
-            {
-                return privKey.getEncoded();
-            }
-
-            public BigInteger getS()
-            {
-                return ((ECPrivateKey)privKey).getS();
-            }
-
-            public ECParameterSpec getParams()
-            {
-                return ((ECPrivateKey)privKey).getParams();
-            }
-        });
-
-        s.initVerify(new ECPublicKey()
-        {
-            public String getAlgorithm()
-            {
-                return pubKey.getAlgorithm();
-            }
-
-            public String getFormat()
-            {
-                return pubKey.getFormat();
-            }
-
-            public byte[] getEncoded()
-            {
-                return pubKey.getEncoded();
-            }
-
-            public ECPoint getW()
-            {
-                return ((ECPublicKey)pubKey).getW();
-            }
-
-            public ECParameterSpec getParams()
-            {
-                return ((ECPublicKey)pubKey).getParams();
-            }
-        });
-
-        try
-        {
-            s.initSign(new PrivateKey()
-            {
-                public String getAlgorithm()
-                {
-                    return privKey.getAlgorithm();
-                }
-
-                public String getFormat()
-                {
-                    return privKey.getFormat();
-                }
-
-                public byte[] getEncoded()
-                {
-                    return null;
-                }
-            });
-
-            fail("no exception thrown!!!");
-        }
-        catch (InvalidKeyException e)
-        {
-            // ignore
-        }
-
-        try
-        {
-            s.initVerify(new PublicKey()
-            {
-                public String getAlgorithm()
-                {
-                    return pubKey.getAlgorithm();
-                }
-
-                public String getFormat()
-                {
-                    return pubKey.getFormat();
-                }
-
-                public byte[] getEncoded()
-                {
-                    return null;
-                }
-            });
-
-            fail("no exception thrown!!!");
-        }
-        catch (InvalidKeyException e)
-        {
-            // ignore
-        }
-
-        // try bogus encoding
-        try
-        {
-            s.initSign(new PrivateKey()
-            {
-                public String getAlgorithm()
-                {
-                    return privKey.getAlgorithm();
-                }
-
-                public String getFormat()
-                {
-                    return privKey.getFormat();
-                }
-
-                public byte[] getEncoded()
-                {
-                    return new byte[20];
-                }
-            });
-
-            fail("no exception thrown!!!");
-        }
-        catch (InvalidKeyException e)
-        {
-            // ignore
-        }
-
-        try
-        {
-            s.initVerify(new PublicKey()
-            {
-                public String getAlgorithm()
-                {
-                    return pubKey.getAlgorithm();
-                }
-
-                public String getFormat()
-                {
-                    return pubKey.getFormat();
-                }
-
-                public byte[] getEncoded()
-                {
-                    return new byte[20];
-                }
-            });
-
-            fail("no exception thrown!!!");
-        }
-        catch (InvalidKeyException e)
-        {
-            // ignore
-        }
-
-        // try encoding of wrong key
-        kpGen = KeyPairGenerator.getInstance("RSA", "BC");
-
-        kpGen.initialize(512);
-
-        pair = kpGen.generateKeyPair();
-
-        final PrivateKey privRsa = pair.getPrivate();
-        final PublicKey pubRsa = pair.getPublic();
-
-        try
-        {
-            s.initSign(new PrivateKey()
-            {
-                public String getAlgorithm()
-                {
-                    return privRsa.getAlgorithm();
-                }
-
-                public String getFormat()
-                {
-                    return privRsa.getFormat();
-                }
-
-                public byte[] getEncoded()
-                {
-                    return privRsa.getEncoded();
-                }
-            });
-
-            fail("no exception thrown!!!");
-
-        }
-        catch (InvalidKeyException e)
-        {
-            // ignore
-        }
-
-        try
-        {
-            s.initVerify(new PublicKey()
-            {
-                public String getAlgorithm()
-                {
-                    return pubRsa.getAlgorithm();
-                }
-
-                public String getFormat()
-                {
-                    return pubRsa.getFormat();
-                }
-
-                public byte[] getEncoded()
-                {
-                    return pubRsa.getEncoded();
-                }
-            });
-
-            fail("no exception thrown!!!");
-        }
-        catch (InvalidKeyException e)
-        {
-            // ignore
-        }
-    }
-
-    private void testAlgorithmParameters()
-        throws Exception
-    {
-        AlgorithmParameters algParam = AlgorithmParameters.getInstance("EC", "BC");
-
-        algParam.init(new ECGenParameterSpec("P-256"));
-
-        byte[] encoded = algParam.getEncoded();
-
-        algParam = AlgorithmParameters.getInstance("EC", "BC");
-
-        algParam.init(encoded);
-
-        ECGenParameterSpec genSpec = algParam.getParameterSpec(ECGenParameterSpec.class);
-
-        if (!genSpec.getName().equals(X9ObjectIdentifiers.prime256v1.getId()))
-        {
-            fail("curve name not recovered");
-        }
-
-        ECParameterSpec ecSpec = algParam.getParameterSpec(ECParameterSpec.class);
-
-        if (!ecSpec.getOrder().equals(NISTNamedCurves.getByName("P-256").getN()))
-        {
-            fail("incorrect spec recovered");
-        }
-    }
-
-    private void testKeyPairGenerationWithOIDs()
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("ECDSA", "BC");
-
-        kpGen.initialize(new ECGenParameterSpec(X9ObjectIdentifiers.prime192v1.getId()));
-        kpGen.initialize(new ECGenParameterSpec(TeleTrusTObjectIdentifiers.brainpoolP160r1.getId()));
-        kpGen.initialize(new ECGenParameterSpec(SECObjectIdentifiers.secp128r1.getId()));
-
-        try
-        {
-            kpGen.initialize(new ECGenParameterSpec("1.1"));
-
-            fail("non-existant curve OID failed");
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            if (!"unknown curve OID: 1.1".equals(e.getMessage()))
-            {
-                fail("OID message check failed");
-            }
-        }
-
-        try
-        {
-            kpGen.initialize(new ECGenParameterSpec("flibble"));
-
-            fail("non-existant curve name failed");
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            if (!"unknown curve name: flibble".equals(e.getMessage()))
-            {
-                fail("name message check failed");
-            }
-        }
-    }
-
-    private static class ECRandom
-        extends SecureRandom
-    {
-        public void nextBytes(byte[] bytes)
-        {
-            byte[] src = new BigInteger("e2eb6663f551331bda00b90f1272c09d980260c1a70cab1ec481f6c937f34b62", 16).toByteArray();
-
-            if (src.length <= bytes.length)
-            {
-                System.arraycopy(src, 0, bytes, bytes.length - src.length, src.length);
-            }
-            else
-            {
-                System.arraycopy(src, 0, bytes, 0, bytes.length);
-            }
-        }
-    }
-
-    private void testNamedCurveParameterPreservation()
-        throws Exception
-    {
-        AlgorithmParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec("secp256r1");
-        KeyPairGenerator keygen = KeyPairGenerator.getInstance("EC", "BC");
-        keygen.initialize(ecSpec, new ECRandom());
-
-        KeyPair keys = keygen.generateKeyPair();
-
-        PrivateKeyInfo priv1 = PrivateKeyInfo.getInstance(keys.getPrivate().getEncoded());
-        SubjectPublicKeyInfo pub1 = SubjectPublicKeyInfo.getInstance(keys.getPublic().getEncoded());
-
-        keygen = KeyPairGenerator.getInstance("EC", "BC");
-        keygen.initialize(new ECGenParameterSpec("secp256r1"), new ECRandom());
-
-        PrivateKeyInfo priv2 = PrivateKeyInfo.getInstance(keys.getPrivate().getEncoded());
-        SubjectPublicKeyInfo pub2 = SubjectPublicKeyInfo.getInstance(keys.getPublic().getEncoded());
-
-        if (!priv1.equals(priv2) || !pub1.equals(pub2))
-        {
-            fail("mismatch between alg param spec and ECGenParameterSpec");
-        }
-
-        if (!(priv2.getPrivateKeyAlgorithm().getParameters() instanceof ASN1ObjectIdentifier))
-        {
-            fail("OID not preserved in private key");
-        }
-
-        if (!(pub1.getAlgorithm().getParameters() instanceof ASN1ObjectIdentifier))
-        {
-            fail("OID not preserved in public key");
-        }
-    }
-
-    private void testNamedCurveSigning()
-        throws Exception
-    {
-        testCustomNamedCurveSigning("secp256r1");
-
-        try
-        {
-            testCustomNamedCurveSigning("secp256k1");
-        }
-        catch (IllegalArgumentException e)
-        {
-            if (!e.getMessage().equals("first coefficient is negative"))     // bogus jdk 1.5 exception...
-            {
-                throw e;
-            }
-        }
-    }
-
-    private void testCustomNamedCurveSigning(String name)
-        throws Exception
-    {
-        X9ECParameters x9Params = ECUtil.getNamedCurveByOid(ECUtil.getNamedCurveOid(name));
-
-        // TODO: one day this may have to change
-        if (x9Params.getCurve() instanceof ECCurve.Fp)
-        {
-            fail("curve not custom curve!!");
-        }
-
-        AlgorithmParameterSpec ecSpec = ECNamedCurveTable.getParameterSpec(name);
-        KeyPairGenerator keygen = KeyPairGenerator.getInstance("EC", "BC");
-        keygen.initialize(ecSpec, new ECRandom());
-
-        KeyPair keys = keygen.generateKeyPair();
-
-        PrivateKeyInfo priv1 = PrivateKeyInfo.getInstance(keys.getPrivate().getEncoded());
-        SubjectPublicKeyInfo pub1 = SubjectPublicKeyInfo.getInstance(keys.getPublic().getEncoded());
-
-        keygen = KeyPairGenerator.getInstance("EC", "BC");
-        keygen.initialize(new ECGenParameterSpec("secp256r1"), new ECRandom());
-
-        Signature ecdsaSigner = Signature.getInstance("ECDSA", "BC");
-
-        ecdsaSigner.initSign(keys.getPrivate());
-
-        ecdsaSigner.update(new byte[100]);
-
-        byte[] sig = ecdsaSigner.sign();
-
-        ecdsaSigner.initVerify(keys.getPublic());
-
-        ecdsaSigner.update(new byte[100]);
-
-        if (!ecdsaSigner.verify(sig))
-        {
-            fail("signature failed to verify");
-        }
-
-        KeyFactory kFact = KeyFactory.getInstance("EC", "BC");
-
-        PublicKey pub = kFact.generatePublic(new X509EncodedKeySpec(pub1.getEncoded()));
-        PrivateKey pri = kFact.generatePrivate(new PKCS8EncodedKeySpec(priv1.getEncoded()));
-
-        ecdsaSigner = Signature.getInstance("ECDSA", "BC");
-
-        ecdsaSigner.initSign(pri);
-
-        ecdsaSigner.update(new byte[100]);
-
-        sig = ecdsaSigner.sign();
-
-        ecdsaSigner.initVerify(pub);
-
-        ecdsaSigner.update(new byte[100]);
-
-        if (!ecdsaSigner.verify(sig))
-        {
-            fail("signature failed to verify");
-        }
-    }
-
-    /**
-     * COUNT = 1
-     * dsCAVS = 00000179557decd75b797bea9db656ce99c03a6e0ab13804b5b589644f7db41ceba05c3940c300361061074ca72a828428d9198267fa0b75e1e3e785a0ff20e839414be0
-     * QsCAVSx = 000001ce7da31681d5f176f3618f205969b9142520363dd26a596866c89988c932e3ce01904d12d1e9b105462e56163dbe7658ba3c472bf1f3c8165813295393ae346764
-     * QsCAVSy = 000000e70d6e55b76ebd362ff071ab819315593cec650276209a9fdc2c1c48e03c35945f04e74d958cabd3f5e4d1f096a991e807a8f9d217de306a6b561038ca15aea4b9
-     * NonceEphemCAVS = 4214a1a0a1d11679ae22f98d7ae483c1a74008a9cd7f7cf71b1f373a4226f5c58eb621ec56e2537797c01750dcbff07f613b9c58774f9af32aebeadd2226140dc7d56b1aa95c93ab1ec4412e2d0e42cdaac7bf9da3ddbf19fbb1edd0556d9c5a339808905fe8defd8b57ff8f34788192cc0cf7df17d1f351d69ac979a3a495931c287fb8
-     * dsIUT = 000000c14895dfcc5a6b24994828cfd0a0cc0a881a70173a3eb05c57b098046c8e60a868f6176284aa346eff1fd1b8b879052c5a6d5fd0ae146b35ed7ecee32e294103cd
-     * QsIUTx = 00000174a658695049db59f6bbe2ad23e1753bf58384a56fc9b3dec13eb873b33e1f4dbd24b6b4ca05a9a11ad531f6d99e9430a774980e8a8d9fd2d1e2a0d76fe3dd36c7
-     * QsIUTy = 00000030639849e1df341973db44e7bbba5bb597884a439f9ce54620c3ca73a9804cc26fcda3aaf73ae5a11d5b325cae0e95cfafe1985c6c2fdb892722e7dd2c5d744cf3
-     * deIUT = 00000138f54e986c7b44f49da389fa9f61bb7265f0cebdeddf09d47c72e55186e2520965fc2c31bb9c0a557e3c28e02a751f097e413c4252c7b0d22452d89f9ac314bc6e
-     * QeIUTx = 000001b9fbce9c9ebb31070a4a4ac7af54ec9189c1f98948cd24ca0a5029217e4784d3c8692da08a6a512d1c9875d20d8e03664c148fa5d34bbac6d42e499ee5dbf01120
-     * QeIUTy = 000000994a714b6d09afa896dbba9b4f436ab3cdb0d11dcd2aad28b7ba35d6fa6be537b6ffb0f9bf5fe1d594b8f8b8829687c9395c3d938c873f26c7100888c3aca2d59a
-     * OI = a1b2c3d4e54341565369646dbb63a273c81e0aad02f92699bf7baa28fd4509145b0096746894e98e209a85ecb415b8
-     * CAVSTag = 4ade5dc983cc1cf61c90fdbf726fa6a88e9bf411bbaf0015db06ff4348560e4d
-     * Z = 019a19a0a99f60221ee23323b3317292e8c10d57ba04e0b33f6241979ec3895945eed0bdcbc59ab576e7047061f0d63d1aaf78b1d442028605aa1c0f963a3bc9d61a
-     * MacData = 4b435f315f55a1b2c3d4e543415653696401b9fbce9c9ebb31070a4a4ac7af54ec9189c1f98948cd24ca0a5029217e4784d3c8692da08a6a512d1c9875d20d8e03664c148fa5d34bbac6d42e499ee5dbf0112000994a714b6d09afa896dbba9b4f436ab3cdb0d11dcd2aad28b7ba35d6fa6be537b6ffb0f9bf5fe1d594b8f8b8829687c9395c3d938c873f26c7100888c3aca2d59a4214a1a0a1d11679ae22f98d7ae483c1a74008a9cd7f7cf71b1f373a4226f5c58eb621ec56e2537797c01750dcbff07f613b9c58774f9af32aebeadd2226140dc7d56b1aa95c93ab1ec4412e2d0e42cdaac7bf9da3ddbf19fbb1edd0556d9c5a339808905fe8defd8b57ff8f34788192cc0cf7df17d1f351d69ac979a3a495931c287fb8
-     * DKM = 0744e1774149a8b8f88d3a1e20ac1517efd2f54ba4b5f178de99f33b68eea426
-     * Result = P (14 - DKM value should have leading 0 nibble )
-     */
-    public void testMQVwithHMACOnePass()
-        throws Exception
-    {
-        AlgorithmParameters algorithmParameters = AlgorithmParameters.getInstance("EC", "BC");
-
-        algorithmParameters.init(new ECGenParameterSpec("P-521"));
-
-        ECParameterSpec ecSpec = algorithmParameters.getParameterSpec(ECParameterSpec.class);
-        KeyFactory keyFact = KeyFactory.getInstance("EC", "BC");
-
-        ECPrivateKey dsCAVS = (ECPrivateKey)keyFact.generatePrivate(new ECPrivateKeySpec(new BigInteger("00000179557decd75b797bea9db656ce99c03a6e0ab13804b5b589644f7db41ceba05c3940c300361061074ca72a828428d9198267fa0b75e1e3e785a0ff20e839414be0", 16), ecSpec));
-        ECPublicKey qsCAVS = (ECPublicKey)keyFact.generatePublic(new ECPublicKeySpec(new ECPoint(
-            new BigInteger("000001ce7da31681d5f176f3618f205969b9142520363dd26a596866c89988c932e3ce01904d12d1e9b105462e56163dbe7658ba3c472bf1f3c8165813295393ae346764", 16),
-            new BigInteger("000000e70d6e55b76ebd362ff071ab819315593cec650276209a9fdc2c1c48e03c35945f04e74d958cabd3f5e4d1f096a991e807a8f9d217de306a6b561038ca15aea4b9", 16)), ecSpec));
-
-        ECPrivateKey dsIUT = (ECPrivateKey)keyFact.generatePrivate(new ECPrivateKeySpec(new BigInteger("000000c14895dfcc5a6b24994828cfd0a0cc0a881a70173a3eb05c57b098046c8e60a868f6176284aa346eff1fd1b8b879052c5a6d5fd0ae146b35ed7ecee32e294103cd", 16), ecSpec));
-        ECPublicKey qsIUT = (ECPublicKey)keyFact.generatePublic(new ECPublicKeySpec(new ECPoint(
-            new BigInteger("00000174a658695049db59f6bbe2ad23e1753bf58384a56fc9b3dec13eb873b33e1f4dbd24b6b4ca05a9a11ad531f6d99e9430a774980e8a8d9fd2d1e2a0d76fe3dd36c7", 16),
-            new BigInteger("00000030639849e1df341973db44e7bbba5bb597884a439f9ce54620c3ca73a9804cc26fcda3aaf73ae5a11d5b325cae0e95cfafe1985c6c2fdb892722e7dd2c5d744cf3", 16)), ecSpec));
-
-        ECPrivateKey deIUT = (ECPrivateKey)keyFact.generatePrivate(new ECPrivateKeySpec(new BigInteger("00000138f54e986c7b44f49da389fa9f61bb7265f0cebdeddf09d47c72e55186e2520965fc2c31bb9c0a557e3c28e02a751f097e413c4252c7b0d22452d89f9ac314bc6e", 16), ecSpec));
-        ECPublicKey qeIUT = (ECPublicKey)keyFact.generatePublic(new ECPublicKeySpec(new ECPoint(
-            new BigInteger("000001b9fbce9c9ebb31070a4a4ac7af54ec9189c1f98948cd24ca0a5029217e4784d3c8692da08a6a512d1c9875d20d8e03664c148fa5d34bbac6d42e499ee5dbf01120", 16),
-            new BigInteger("000000994a714b6d09afa896dbba9b4f436ab3cdb0d11dcd2aad28b7ba35d6fa6be537b6ffb0f9bf5fe1d594b8f8b8829687c9395c3d938c873f26c7100888c3aca2d59a", 16)), ecSpec));
-
-        KeyAgreement uAgree = KeyAgreement.getInstance("ECMQVwithSHA512CKDF", "BC");
-
-        uAgree.init(dsCAVS, new MQVParameterSpec(dsCAVS, qeIUT, Hex.decode("a1b2c3d4e54341565369646dbb63a273c81e0aad02f92699bf7baa28fd4509145b0096746894e98e209a85ecb415b8")));
-
-
-        KeyAgreement vAgree = KeyAgreement.getInstance("ECMQVwithSHA512CKDF", "BC");
-        vAgree.init(dsIUT, new MQVParameterSpec(deIUT, qsCAVS, Hex.decode("a1b2c3d4e54341565369646dbb63a273c81e0aad02f92699bf7baa28fd4509145b0096746894e98e209a85ecb415b8")));
-
-        //
-        // agreement
-        //
-        uAgree.doPhase(qsIUT, true);
-        vAgree.doPhase(qsCAVS, true);
-
-        byte[] ux = uAgree.generateSecret(PKCSObjectIdentifiers.id_hmacWithSHA512.getId()).getEncoded();
-        byte[] vx = vAgree.generateSecret(PKCSObjectIdentifiers.id_hmacWithSHA512.getId()).getEncoded();
-
-        if (!Arrays.areEqual(ux, vx))
-        {
-            fail("agreement values don't match");
-        }
-
-        if (!Arrays.areEqual(Hex.decode("0744e1774149a8b8f88d3a1e20ac1517efd2f54ba4b5f178de99f33b68eea426"), Arrays.copyOfRange(ux, 0, 32)))
-        {
-            fail("agreement values not correct");
-        }
-    }
-
-    protected BigInteger[] derDecode(
-        byte[] encoding)
-        throws IOException
-    {
-        ByteArrayInputStream bIn = new ByteArrayInputStream(encoding);
-        ASN1InputStream aIn = new ASN1InputStream(bIn);
-        ASN1Sequence s = (ASN1Sequence)aIn.readObject();
-
-        BigInteger[] sig = new BigInteger[2];
-
-        sig[0] = ((ASN1Integer)s.getObjectAt(0)).getValue();
-        sig[1] = ((ASN1Integer)s.getObjectAt(1)).getValue();
-
-        return sig;
-    }
-
-    public String getName()
-    {
-        return "ECDSA5";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        testKeyConversion();
-        testAdaptiveKeyConversion();
-        decodeTest();
-        testECDSA239bitPrime();
-        testECDSA239bitBinary();
-        testGeneration();
-        testKeyPairGenerationWithOIDs();
-        testNamedCurveParameterPreservation();
-        testNamedCurveSigning();
-        testBSI();
-        testMQVwithHMACOnePass();
-        testAlgorithmParameters();
-        testModified();
-        testSM2();
-        testNonsense();
-        testNamedCurveInKeyFactory();
-    }
-
-    public static void main(
-        String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new ECDSA5Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/ECEncodingTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/ECEncodingTest.java
deleted file mode 100644
index 1bd3178..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/ECEncodingTest.java
+++ /dev/null

@@ -1,214 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.math.BigInteger;
-import java.security.InvalidKeyException;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.KeyStore;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.Security;
-import java.security.SignatureException;
-import java.security.cert.Certificate;
-import java.security.cert.X509Certificate;
-import java.util.Date;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.jce.X509Principal;
-import org.bouncycastle.jce.interfaces.ECPointEncoder;
-import org.bouncycastle.jce.interfaces.ECPrivateKey;
-import org.bouncycastle.jce.interfaces.ECPublicKey;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECParameterSpec;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.x509.X509V3CertificateGenerator;
-
-public class ECEncodingTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "ECEncodingTest";
-    }
-
-    /** J.4.7 An Example with m = 304 */
-    private int m = 304;
-    
-    /** f = 010000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000000 00000807 */
-    private int k1 = 1;
-    private int    k2 = 2;
-    private int    k3 = 11;
-    private byte hexa[] = {(byte)0xFD, 0x0D, 0x69, 0x31, 0x49, (byte)0xA1, 0x18, (byte)0xF6, 0x51
-        , (byte)0xE6, (byte)0xDC, (byte)0xE6, (byte)0x80, 0x20, (byte)0x85, 0x37, 0x7E, 0x5F, (byte)0x88, 0x2D, 0x1B, 0x51
-        , 0x0B, 0x44, 0x16, 0x00, 0x74, (byte)0xC1, 0x28, (byte)0x80, 0x78, 0x36, 0x5A, 0x03
-        , (byte)0x96, (byte)0xC8, (byte)0xE6, (byte)0x81};
-    private byte hexb[] = {(byte)0xBD, (byte)0xDB, (byte)0x97, (byte)0xE5, (byte)0x55
-        , (byte)0xA5, (byte)0x0A, (byte)0x90, (byte)0x8E, (byte)0x43, (byte)0xB0
-        , (byte)0x1C, (byte)0x79, (byte)0x8E, (byte)0xA5, (byte)0xDA, (byte)0xA6
-        , (byte)0x78, (byte)0x8F, (byte)0x1E, (byte)0xA2, (byte)0x79
-        , (byte)0x4E, (byte)0xFC, (byte)0xF5, (byte)0x71, (byte)0x66, (byte)0xB8
-        , (byte)0xC1, (byte)0x40, (byte)0x39, (byte)0x60, (byte)0x1E
-        , (byte)0x55, (byte)0x82, (byte)0x73, (byte)0x40, (byte)0xBE};
-    private BigInteger a = new BigInteger(1, hexa);
-    private BigInteger b = new BigInteger(1, hexb);
-    
-    /** Base point G (with point compression) */
-    private byte enc[] =    
-    {0x02, 0x19, 0x7B, 0x07, (byte)0x84, 0x5E, (byte)0x9B, (byte)0xE2, (byte)0xD9, 0x6A, (byte)0xDB, 0x0F
-            , 0x5F, 0x3C, 0x7F, 0x2C, (byte)0xFF, (byte)0xBD, 0x7A, 0x3E, (byte)0xB8, (byte)0xB6, (byte)0xFE, 
-            (byte)0xC3, 0x5C, 0x7F, (byte)0xD6, 0x7F, 0x26, (byte)0xDD, (byte)0xF6
-            , 0x28, 0x5A, 0x64, 0x4F, 0x74, 0x0A, 0x26, 0x14};
-    
-    private void testPointCompression() 
-        throws Exception
-    {
-        ECCurve curve = new ECCurve.F2m(m, k1, k2, k3, a, b);
-        curve.decodePoint(enc);
-        
-        int ks[] = new int[3];
-        ks[0] = k3;
-        ks[1] = k2;
-        ks[2] = k1;
-    }
-    
-    public void performTest()
-        throws Exception
-    {
-        byte[] ecParams = Hex.decode("3081C8020101302806072A8648CE3D0101021D00D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF303C041C68A5E62CA9CE6C1C299803A6C1530B514E182AD8B0042A59CAD29F43041C2580F63CCFE44138870713B1A92369E33E2135D266DBB372386C400B0439040D9029AD2C7E5CF4340823B2A87DC68C9E4CE3174C1E6EFDEE12C07D58AA56F772C0726F24C6B89E4ECDAC24354B9E99CAA3F6D3761402CD021D00D7C134AA264366862A18302575D0FB98D116BC4B6DDEBCA3A5A7939F020101");
-        testParams(ecParams, true);
-        
-        testParams(ecParams, false);
-        
-        ecParams = Hex.decode("3081C8020101302806072A8648CE3D0101021D00D7C134AA264366862A18302575D1D787B09F075797DA89F57EC8C0FF303C041C56E6C7E4F11A7B4B961A4DCB5BD282EB22E42E9BCBE3E7B361F18012041C4BE3E7B361F18012F2353D22975E02D8D05D2C6F3342DD8F57D4C76F0439048D127A0C27E0DE207ED3B7FB98F83C8BD5A2A57C827F4B97874DEB2C1BAEB0C006958CE61BB1FC81F5389E288CB3E86E2ED91FB47B08FCCA021D00D7C134AA264366862A18302575D11A5F7AABFBA3D897FF5CA727AF53020101");
-        testParams(ecParams, true);
-        
-        testParams(ecParams, false);
-        
-        ecParams = Hex.decode("30820142020101303c06072a8648ce3d0101023100fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000ffffffff3066043100fffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffffeffffffff0000000000000000fffffffc043100b3312fa7e23ee7e4988e056be3f82d19181d9c6efe8141120314088f5013875ac656398d8a2ed19d2a85c8edd3ec2aef046104aa87ca22be8b05378eb1c71ef320ad746e1d3b628ba79b9859f741e082542a385502f25dbf55296c3a545e3872760ab73617de4a96262c6f5d9e98bf9292dc29f8f41dbd289a147ce9da3113b5f0b8c00a60b1ce1d7e819d7a431d7c90ea0e5f023100ffffffffffffffffffffffffffffffffffffffffffffffffc7634d81f4372ddf581a0db248b0a77aecec196accc52973020101");
-        testParams(ecParams, true);
-        
-        testParams(ecParams, false);
-        
-        testPointCompression();
-    }
-    
-    private void testParams(byte[] ecParameterEncoded, boolean compress)
-        throws Exception
-    {
-        String keyStorePass = "myPass";
-        ASN1InputStream in = new ASN1InputStream(new ByteArrayInputStream(
-                ecParameterEncoded));
-        X9ECParameters params = X9ECParameters.getInstance(in
-                .readObject());
-        KeyPair kp = null;
-        boolean success = false;
-        while (!success)
-        {
-            KeyPairGenerator kpg = KeyPairGenerator.getInstance("ECDSA");
-            kpg.initialize(new ECParameterSpec(params.getCurve(),
-                    params.getG(), params.getN(), params.getH(), params
-                            .getSeed()));
-            kp = kpg.generateKeyPair();
-            // The very old Problem... we need a certificate chain to
-            // save a private key...
-            ECPublicKey pubKey = (ECPublicKey)kp.getPublic();
-            if (!compress)
-            {
-                ((ECPointEncoder)pubKey).setPointFormat("UNCOMPRESSED");
-            }
-            byte[] x = pubKey.getQ().getAffineXCoord().toBigInteger().toByteArray();
-            byte[] y = pubKey.getQ().getAffineYCoord().toBigInteger().toByteArray();
-            if (x.length == y.length)
-            {
-                success = true;
-            }
-        }
-
-        // The very old Problem... we need a certificate chain to
-        // save a private key...
-
-        Certificate[] chain = new Certificate[] { generateSelfSignedSoftECCert(
-                kp, compress) };
-
-        KeyStore keyStore = KeyStore.getInstance("BKS");
-        keyStore.load(null, keyStorePass.toCharArray());
-
-        keyStore.setCertificateEntry("ECCert", chain[0]);
-
-        ECPrivateKey privateECKey = (ECPrivateKey)kp.getPrivate();
-        keyStore.setKeyEntry("ECPrivKey", privateECKey, keyStorePass
-                .toCharArray(), chain);
-
-        // Test ec sign / verify
-        ECPublicKey pub = (ECPublicKey)kp.getPublic();
-        String oldPrivateKey = new String(Hex.encode(privateECKey.getEncoded()));
-        String oldPublicKey = new String(Hex.encode(pub.getEncoded()));
-        ECPrivateKey newKey = (ECPrivateKey)keyStore.getKey("ECPrivKey",
-                keyStorePass.toCharArray());
-        ECPublicKey newPubKey = (ECPublicKey)keyStore.getCertificate(
-                "ECCert").getPublicKey();
-        if (!compress)
-        {
-            ((ECPointEncoder)newKey).setPointFormat("UNCOMPRESSED");
-            ((ECPointEncoder)newPubKey).setPointFormat("UNCOMPRESSED");
-        }
-
-        String newPrivateKey = new String(Hex.encode(newKey.getEncoded()));
-        String newPublicKey = new String(Hex.encode(newPubKey.getEncoded()));
-
-        if (!oldPrivateKey.equals(newPrivateKey))
-        {
-            fail("failed private key comparison");
-        }
-
-        if (!oldPublicKey.equals(newPublicKey))
-        {
-            fail("failed public key comparison");
-        }
-    }
-
-    /**
-     * Create a self signed cert for our software emulation
-     * 
-     * @param kp
-     *            is the keypair for our certificate
-     * @return a self signed cert for our software emulation
-     * @throws InvalidKeyException
-     *             on error
-     * @throws SignatureException
-     *             on error
-     */
-    private X509Certificate generateSelfSignedSoftECCert(KeyPair kp,
-            boolean compress) throws Exception
-    {
-        X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
-        ECPrivateKey privECKey = (ECPrivateKey)kp.getPrivate();
-        ECPublicKey pubECKey = (ECPublicKey)kp.getPublic();
-        if (!compress)
-        {
-            ((ECPointEncoder)privECKey).setPointFormat("UNCOMPRESSED");
-            ((ECPointEncoder)pubECKey).setPointFormat("UNCOMPRESSED");
-        }
-        certGen.setSignatureAlgorithm("ECDSAwithSHA1");
-        certGen.setSerialNumber(BigInteger.valueOf(1));
-        certGen.setIssuerDN(new X509Principal("CN=Software emul (EC Cert)"));
-        certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
-        certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000000));
-        certGen.setSubjectDN(new X509Principal("CN=Software emul (EC Cert)"));
-        certGen.setPublicKey((PublicKey)pubECKey);
-
-        return certGen.generate((PrivateKey)privECKey);
-    }
-    
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new ECEncodingTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/ECIESTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/ECIESTest.java
deleted file mode 100644
index 059fa19..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/ECIESTest.java
+++ /dev/null

@@ -1,302 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.spec.ECGenParameterSpec;
-
-import javax.crypto.BadPaddingException;
-import javax.crypto.Cipher;
-import javax.crypto.SealedObject;
-
-import org.bouncycastle.crypto.agreement.ECDHBasicAgreement;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.engines.DESEngine;
-import org.bouncycastle.crypto.engines.IESEngine;
-import org.bouncycastle.crypto.generators.KDF2BytesGenerator;
-import org.bouncycastle.crypto.macs.HMac;
-import org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
-import org.bouncycastle.jcajce.provider.asymmetric.ec.IESCipher;
-import org.bouncycastle.jce.interfaces.ECPrivateKey;
-import org.bouncycastle.jce.interfaces.ECPublicKey;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.IESParameterSpec;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Test for ECIES - Elliptic Curve Integrated Encryption Scheme
- */
-public class ECIESTest
-    extends SimpleTest
-{
-
-    ECIESTest()
-    {
-    }
-
-    public String getName()
-    {
-        return "ECIES";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        byte[] derivation = Hex.decode("202122232425262728292a2b2c2d2e2f");
-        byte[] encoding   = Hex.decode("303132333435363738393a3b3c3d3e3f");
-        
-        
-        IESCipher c1 = new org.bouncycastle.jcajce.provider.asymmetric.ec.IESCipher.ECIES();
-        IESCipher c2 = new org.bouncycastle.jcajce.provider.asymmetric.ec.IESCipher.ECIES();
-        IESParameterSpec params = new IESParameterSpec(derivation,encoding,128);
-
-        // Testing ECIES with default curve in streaming mode
-        KeyPairGenerator    g = KeyPairGenerator.getInstance("EC", "BC");
-        doTest("ECIES with default", g, "ECIES", params);
-        
-        // Testing ECIES with 192-bit curve in streaming mode 
-        g.initialize(192, new SecureRandom());
-        doTest("ECIES with 192-bit", g, "ECIES", params);
-
-        // Testing ECIES with 256-bit curve in streaming mode 
-        g.initialize(256, new SecureRandom());
-        doTest("ECIES with 256-bit", g, "ECIES", params);
-
-        
-        c1 = new IESCipher(new IESEngine(new ECDHBasicAgreement(), 
-                new KDF2BytesGenerator(new SHA1Digest()),
-                new HMac(new SHA1Digest()),
-                new PaddedBufferedBlockCipher(new DESEngine())));
-        
-        c2 = new IESCipher(new IESEngine(new ECDHBasicAgreement(), 
-                new KDF2BytesGenerator(new SHA1Digest()),
-                new HMac(new SHA1Digest()),
-                new PaddedBufferedBlockCipher(new DESEngine())));  
-    
-        params = new IESParameterSpec(derivation, encoding, 128, 128, Hex.decode("0001020304050607"));
-      
-        // Testing ECIES with default curve using DES
-        g = KeyPairGenerator.getInstance("EC", "BC");
-
-        // Testing ECIES with 256-bit curve using DES-CBC
-        g.initialize(256, new SecureRandom());
-        doTest("256-bit", g, "ECIESwithDESEDE-CBC", params);
-
-        params = new IESParameterSpec(derivation, encoding, 128, 128, Hex.decode("0001020304050607"));
-        g.initialize(256, new SecureRandom());
-        doTest("256-bit", g, "ECIESwithDESEDE-CBC", params);
-
-        try
-        {
-            params = new IESParameterSpec(derivation, encoding, 128, 128, new byte[10]);
-            g.initialize(256, new SecureRandom());
-            doTest("256-bit", g, "ECIESwithDESEDE-CBC", params);
-            fail("DESEDE no exception!");
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            if (!e.getMessage().equals("NONCE in IES Parameters needs to be 8 bytes long"))
-            {
-                fail("DESEDE wrong message!");
-            }
-        }
-
-        c1 = new org.bouncycastle.jcajce.provider.asymmetric.ec.IESCipher.ECIESwithAESCBC();
-        c2 = new org.bouncycastle.jcajce.provider.asymmetric.ec.IESCipher.ECIESwithAESCBC();
-        params = new IESParameterSpec(derivation, encoding, 128, 128, Hex.decode("000102030405060708090a0b0c0d0e0f"));
-
-        // Testing ECIES with 256-bit curve using AES-CBC
-        g.initialize(256, new SecureRandom());
-        doTest("256-bit", g, "ECIESwithAES-CBC", params);
-
-        params = new IESParameterSpec(derivation, encoding, 128, 128, Hex.decode("000102030405060708090a0b0c0d0e0f"));
-        g.initialize(256, new SecureRandom());
-        doTest("256-bit", g, "ECIESwithAES-CBC", params);
-
-        try
-        {
-            params = new IESParameterSpec(derivation, encoding, 128, 128, new byte[10]);
-            g.initialize(256, new SecureRandom());
-            doTest("256-bit", g, "ECIESwithAES-CBC", params);
-            fail("AES no exception!");
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            if (!e.getMessage().equals("NONCE in IES Parameters needs to be 16 bytes long"))
-            {
-                fail("AES wrong message!");
-            }
-        }
-
-        KeyPair       keyPair = g.generateKeyPair();
-        ECPublicKey pub = (ECPublicKey)keyPair.getPublic();
-        ECPrivateKey priv = (ECPrivateKey)keyPair.getPrivate();
-
-        Cipher c = Cipher.getInstance("ECIESwithAES-CBC", "BC");
-
-        try
-        {
-            c.init(Cipher.ENCRYPT_MODE, pub, new IESParameterSpec(derivation, encoding, 128, 128, null));
-
-            fail("no exception");
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            isTrue("message ", "NONCE in IES Parameters needs to be 16 bytes long".equals(e.getMessage()));
-        }
-
-        try
-        {
-            c.init(Cipher.DECRYPT_MODE, priv);
-
-            fail("no exception");
-        }
-        catch (IllegalArgumentException e)
-        {
-            isTrue("message ", "cannot handle supplied parameter spec: NONCE in IES Parameters needs to be 16 bytes long".equals(e.getMessage()));
-        }
-
-        try
-        {
-            c.init(Cipher.DECRYPT_MODE, priv, new IESParameterSpec(derivation, encoding, 128, 128, null));
-
-            fail("no exception");
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            isTrue("message ", "NONCE in IES Parameters needs to be 16 bytes long".equals(e.getMessage()));
-        }
-
-        sealedObjectTest();
-    }
-
-    private void sealedObjectTest()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("ECIES");
-        kpg.initialize(new ECGenParameterSpec("secp256r1"));
-        KeyPair keyPair = kpg.generateKeyPair();
-
-        Cipher cipher = Cipher.getInstance("ECIES");
-        cipher.init(Cipher.ENCRYPT_MODE, keyPair.getPublic());
-
-        String toEncrypt = "Hello";
-
-        // Check that cipher works ok
-        cipher.doFinal(toEncrypt.getBytes());
-
-        // Using a SealedObject to encrypt the same string fails with a NullPointerException
-        SealedObject sealedObject = new SealedObject(toEncrypt, cipher);
-
-        cipher.init(Cipher.DECRYPT_MODE, keyPair.getPrivate());
-
-        String result = (String)sealedObject.getObject(cipher);
-
-        isTrue("result wrong", result.equals(toEncrypt));
-
-        result = (String)sealedObject.getObject(keyPair.getPrivate());
-
-        isTrue("result wrong", result.equals(toEncrypt));
-    }
-
-    public void doTest(
-        String                testname,
-        KeyPairGenerator     g,
-        String              cipher,
-        IESParameterSpec    p)
-        throws Exception
-    {
-
-        byte[] message = Hex.decode("0102030405060708090a0b0c0d0e0f10111213141516");
-        byte[] out1, out2;
-
-        // Generate static key pair
-        KeyPair     KeyPair = g.generateKeyPair();
-        ECPublicKey   Pub = (ECPublicKey) KeyPair.getPublic();
-        ECPrivateKey  Priv = (ECPrivateKey) KeyPair.getPrivate();
-
-        Cipher c1 = Cipher.getInstance(cipher);
-        Cipher c2 = Cipher.getInstance(cipher);
-
-        // Testing with null parameters and DHAES mode off
-        c1.init(Cipher.ENCRYPT_MODE, Pub, new SecureRandom());
-        c2.init(Cipher.DECRYPT_MODE, Priv, c1.getParameters());
-
-        isTrue("nonce mismatch", Arrays.areEqual(c1.getIV(), c2.getIV()));
-
-        out1 = c1.doFinal(message, 0, message.length);
-        out2 = c2.doFinal(out1, 0, out1.length);
-        if (!areEqual(out2, message))
-            fail(testname + " test failed with null parameters, DHAES mode false.");
-    
-        
-        // Testing with given parameters and DHAES mode off
-        c1.init(Cipher.ENCRYPT_MODE, Pub, p, new SecureRandom());
-        c2.init(Cipher.DECRYPT_MODE, Priv, p);
-        out1 = c1.doFinal(message, 0, message.length);
-        out2 = c2.doFinal(out1, 0, out1.length);
-        if (!areEqual(out2, message))
-            fail(testname + " test failed with non-null parameters, DHAES mode false.");
-        
-        //
-        // corrupted data test
-        //
-        int offset = out1.length - (message.length + 8);
-        byte[] tmp = new byte[out1.length];
-        for (int i = offset; i != out1.length; i++)
-        {
-            System.arraycopy(out1, 0, tmp, 0, tmp.length);
-            tmp[i] = (byte)~tmp[i];
-
-            try
-            {
-                c2.doFinal(tmp, 0, tmp.length);
-
-                fail("decrypted corrupted data");
-            }
-            catch (BadPaddingException e)
-            {
-                isTrue("wrong message: " + e.getMessage(), "unable to process block".equals(e.getMessage()));
-            }
-        }
-// TODO: DHAES mode is not currently implemented, perhaps it shouldn't be...
-//        c1 = Cipher.getInstance(cipher + "/DHAES/PKCS7Padding","BC");
-//        c2 = Cipher.getInstance(cipher + "/DHAES/PKCS7Padding","BC");
-//
-//        // Testing with null parameters and DHAES mode on
-//        c1.init(Cipher.ENCRYPT_MODE, Pub, new SecureRandom());
-//        c2.init(Cipher.DECRYPT_MODE, Priv, new SecureRandom());
-//
-//        out1 = c1.doFinal(message, 0, message.length);
-//        out2 = c2.doFinal(out1, 0, out1.length);
-//        if (!areEqual(out2, message))
-//            fail(testname + " test failed with null parameters, DHAES mode true.");
-//
-//        c1 = Cipher.getInstance(cipher + "/DHAES/PKCS7Padding");
-//        c2 = Cipher.getInstance(cipher + "/DHAES/PKCS7Padding");
-//
-//        // Testing with given parameters and DHAES mode on
-//        c1.init(Cipher.ENCRYPT_MODE, Pub, p, new SecureRandom());
-//        c2.init(Cipher.DECRYPT_MODE, Priv, p, new SecureRandom());
-//
-//        out1 = c1.doFinal(message, 0, message.length);
-//        out2 = c2.doFinal(out1, 0, out1.length);
-//        if (!areEqual(out2, message))
-//            fail(testname + " test failed with non-null parameters, DHAES mode true.");
-        
-    }
-
-   
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new ECIESTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/ECIESVectorTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/ECIESVectorTest.java
deleted file mode 100644
index cfbdf06..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/ECIESVectorTest.java
+++ /dev/null

@@ -1,237 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.Security;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-
-import javax.crypto.Cipher;
-
-import org.bouncycastle.crypto.prng.FixedSecureRandom;
-import org.bouncycastle.jce.interfaces.ECPrivateKey;
-import org.bouncycastle.jce.interfaces.ECPublicKey;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.IESParameterSpec;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Test for ECIES - Elliptic Curve Integrated Encryption Scheme
- */
-public class ECIESVectorTest
-    extends SimpleTest
-{
-    static byte[] message = Hex.decode("0102030405060708090a0b0c0d0e0f10111213141516");
-
-    static byte[] derivation1 = Hex.decode("202122232425262728292a2b2c2d2e2f");
-    static byte[] derivation2 = Hex.decode("202122232425262728292a2b2c2d2e2f404142434445464748");
-
-    static byte[] encoding1 = Hex.decode("af");
-    static byte[] encoding2 = Hex.decode("303132333435363738393a3b3c3d3e3f");
-    static byte[] encoding3 = Hex.decode("101112131415161718191a1b1c1d1e1f303132333435363738393a3b3c3d3e3f");
-
-    static byte[] p256_1_pub = Base64.decode("MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAEGVoxUX5AiyggqzcaXG3yG6cH6PKSX6fVOnCo5SKolfR8kwc6S8zmADXlpnjzMLNUVvGDL805VKIXNJHijq4+gw==");
-    static byte[] p256_1_pri = Base64.decode("MIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQg+dn4oLSJcx5lxZhVxJCip13O/OblrNzNyCj2b9sNbQegCgYIKoZIzj0DAQehRANCAAQZWjFRfkCLKCCrNxpcbfIbpwfo8pJfp9U6cKjlIqiV9HyTBzpLzOYANeWmePMws1RW8YMvzTlUohc0keKOrj6D");
-    static byte[] p256_1_eph = Hex.decode("35ee388194396b5febbddb7e3618eaaba44f3bae766dac70f75ae7b84b210948");
-
-    static byte[] p256_1_no_params = Hex.decode("04bc8f4da6ea423c0698744b927ec71b67126d97ef9dd804c141a0dfcb466cc1c7df25539375ddb3ae7d08cc46fa2a78434c9f6123b108e39a5fe614729c3d8ae43dfbe605c746ba0c546c0c25ba5a00304587fbed07a35ca06415cf6ad4d6a69d01122c99e2c854fe818f");
-
-    static byte[] p256_1_with_params11 = Hex.decode("04bc8f4da6ea423c0698744b927ec71b67126d97ef9dd804c141a0dfcb466cc1c7df25539375ddb3ae7d08cc46fa2a78434c9f6123b108e39a5fe614729c3d8ae4a57474b50621e97254c1f3b32635f694feb57e873a33c5d1948ee93ea5dc7577d42d7c2e41ab08f85835");
-    static byte[] p256_1_with_params12 = Hex.decode("04bc8f4da6ea423c0698744b927ec71b67126d97ef9dd804c141a0dfcb466cc1c7df25539375ddb3ae7d08cc46fa2a78434c9f6123b108e39a5fe614729c3d8ae4a57474b50621e97254c1f3b32635f694feb57e873a3394725300acb7855f71a149d3f51a2e6fbd7f5389");
-    static byte[] p256_1_with_params13 = Hex.decode("04bc8f4da6ea423c0698744b927ec71b67126d97ef9dd804c141a0dfcb466cc1c7df25539375ddb3ae7d08cc46fa2a78434c9f6123b108e39a5fe614729c3d8ae4a57474b50621e97254c1f3b32635f694feb57e873a33920872328f8d05ec561ba8c6e58d82b79c360078");
-    static byte[] p256_1_with_params21 = Hex.decode("04bc8f4da6ea423c0698744b927ec71b67126d97ef9dd804c141a0dfcb466cc1c7df25539375ddb3ae7d08cc46fa2a78434c9f6123b108e39a5fe614729c3d8ae4da4d2bb723cd2ca918d1835dc2716a767085facd5df4499a4f4b6726651fb5e88178f01d831d9e5be0c1");
-    static byte[] p256_1_with_params22 = Hex.decode("04bc8f4da6ea423c0698744b927ec71b67126d97ef9dd804c141a0dfcb466cc1c7df25539375ddb3ae7d08cc46fa2a78434c9f6123b108e39a5fe614729c3d8ae4da4d2bb723cd2ca918d1835dc2716a767085facd5df457c384a0e6402a5bb073120f08c706b49a4775d0");
-    static byte[] p256_1_with_params23 = Hex.decode("04bc8f4da6ea423c0698744b927ec71b67126d97ef9dd804c141a0dfcb466cc1c7df25539375ddb3ae7d08cc46fa2a78434c9f6123b108e39a5fe614729c3d8ae4da4d2bb723cd2ca918d1835dc2716a767085facd5df4039427c24c55a2627df0ebea00f9d1eded9dd64b");
-
-    static byte[] p256_2_pub = Base64.decode("MFkwEwYHKoZIzj0CAQYIKoZIzj0DAQcDQgAER4gx8nnRAkP+u76j0COZD81Cu9CTw3vczLnu1DG7ObI/VCzrDzJuswfzNWmxOFYXiXmZMAAkkEFA40nDSGOoqA==");
-    static byte[] p256_2_pri = Base64.decode("MIGTAgEAMBMGByqGSM49AgEGCCqGSM49AwEHBHkwdwIBAQQgkflw6MQj4RbyuPFHoDE3i1dEaROS9uDSjGvrvPjqL7mgCgYIKoZIzj0DAQehRANCAARHiDHyedECQ/67vqPQI5kPzUK70JPDe9zMue7UMbs5sj9ULOsPMm6zB/M1abE4VheJeZkwACSQQUDjScNIY6io");
-    static byte[] p256_2_eph = Hex.decode("0c37e1e0559a60d0b9c5b7b139a3f2df022b23abbd194bd95c8eff0aab1fd544");
-
-    static byte[] p256_2_no_params = Hex.decode("04d1ef981f81edae5e2e517b498504105b636d950cc13a9e1e31c607d8f0adc00c2152f2abae4870274f8788c08be35a7908f5547416405f24818ef4e8e3ae8dacd99a5cadfe82652a18c6058fc5ef7ffca626235fdbf7e2537f494d049d6f4e53d3d3df489cefb31101e1");
-
-    static byte[] p256_2_with_params11 = Hex.decode("04d1ef981f81edae5e2e517b498504105b636d950cc13a9e1e31c607d8f0adc00c2152f2abae4870274f8788c08be35a7908f5547416405f24818ef4e8e3ae8dace0e423753f63e054824edbc298a5645d7a4010cc7e65947090625dc0d750c50b2d563f264718d95818d4");
-    static byte[] p256_2_with_params12 = Hex.decode("04d1ef981f81edae5e2e517b498504105b636d950cc13a9e1e31c607d8f0adc00c2152f2abae4870274f8788c08be35a7908f5547416405f24818ef4e8e3ae8dace0e423753f63e054824edbc298a5645d7a4010cc7e6502850f65c7a2c466444dea69d95a2df9a4b6cf2c");
-    static byte[] p256_2_with_params13 = Hex.decode("04d1ef981f81edae5e2e517b498504105b636d950cc13a9e1e31c607d8f0adc00c2152f2abae4870274f8788c08be35a7908f5547416405f24818ef4e8e3ae8dace0e423753f63e054824edbc298a5645d7a4010cc7e651188a654e47322a60e53ea20a9e02f0e78bf8a32");
-    static byte[] p256_2_with_params21 = Hex.decode("04d1ef981f81edae5e2e517b498504105b636d950cc13a9e1e31c607d8f0adc00c2152f2abae4870274f8788c08be35a7908f5547416405f24818ef4e8e3ae8dacdbdbe5e5f72245f4b5c28ee1ae21442868aef592d4047c8149babf4e7faffb5474bd6d84d6b9f1c9faf5");
-    static byte[] p256_2_with_params22 = Hex.decode("04d1ef981f81edae5e2e517b498504105b636d950cc13a9e1e31c607d8f0adc00c2152f2abae4870274f8788c08be35a7908f5547416405f24818ef4e8e3ae8dacdbdbe5e5f72245f4b5c28ee1ae21442868aef592d40471190bd9b4bddd63983e4963378c9f55c703a7e6");
-    static byte[] p256_2_with_params23 = Hex.decode("04d1ef981f81edae5e2e517b498504105b636d950cc13a9e1e31c607d8f0adc00c2152f2abae4870274f8788c08be35a7908f5547416405f24818ef4e8e3ae8dacdbdbe5e5f72245f4b5c28ee1ae21442868aef592d404ca4307e077a693c6410815c7985b0678a42cbd84");
-    
-    static byte[] p521_1_pub = Base64.decode("MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQBLNtLEbQBq2YGA2Q+eCwulIDggr1dCj8CqY/Yj/HuzicYGmVkNpr/gRfZHX4FRrh9HsGrS7tW+UA1pCQmn3p3aeEADiaXGIybDBsnuU20xntomQG/d/OHDkEaPee9nFNbi9Oha7BHTA/x2yyLMhQHeUlMgjz0DQqRxrwGJmvI85eNZpM=");
-    static byte[] p521_1_pri = Base64.decode("MIH3AgEAMBAGByqGSM49AgEGBSuBBAAjBIHfMIHcAgEBBEIA1QAfnUvK1fAaENAArV0YnNGvnu2H1vGHNgsG3QV7p16gjd6UOgmGCZVM9SLlRH3fi9K1Xreyl4sQH3NeY+ZnInqgBwYFK4EEACOhgYkDgYYABAEs20sRtAGrZgYDZD54LC6UgOCCvV0KPwKpj9iP8e7OJxgaZWQ2mv+BF9kdfgVGuH0ewatLu1b5QDWkJCafendp4QAOJpcYjJsMGye5TbTGe2iZAb9384cOQRo9572cU1uL06FrsEdMD/HbLIsyFAd5SUyCPPQNCpHGvAYma8jzl41mkw==");
-    static byte[] p521_1_eph = Hex.decode("d25c44819712555824360eef5afda947373ec462c2a0fd5bebbe0b0e4e40b4ebf483bc5b5eeb84542fc226dc2e5307ceec59fe7c557522b77589210b434295aabfc7");
-
-    static byte[] p521_1_no_params = Hex.decode("04009d332615586356df7caaabb4ddd1c7902f35595c0a708acf570659061313e44a5d581b0e646e0c623b737327ed2a6fb7391ed76ee5fdceb9480f8b414e37be786301f7f6162afa812f45c15aba6887c6559b4c379c98fddd95af179c457a6a0e414cd921fd3b5736068f2ce6bec2fbf28e0e230784a38bf6f7b6e42672e52959db1b7ee2102423e67f5ee7f46e87a26370b7734548f3baee7729c5ff1c1638b93f068628320c7c56b7a68fb86d");
-
-    static byte[] p521_1_with_params11 = Hex.decode("04009d332615586356df7caaabb4ddd1c7902f35595c0a708acf570659061313e44a5d581b0e646e0c623b737327ed2a6fb7391ed76ee5fdceb9480f8b414e37be786301f7f6162afa812f45c15aba6887c6559b4c379c98fddd95af179c457a6a0e414cd921fd3b5736068f2ce6bec2fbf28e0e230784a38bf6f7b6e42672e52959db1b7e49225382108fb5bdd6b4ad57fee63c2819d10c1bc7517bd0a5070c123d4e24d66f9f0bf21ec105629cb2");
-    static byte[] p521_1_with_params12 = Hex.decode("04009d332615586356df7caaabb4ddd1c7902f35595c0a708acf570659061313e44a5d581b0e646e0c623b737327ed2a6fb7391ed76ee5fdceb9480f8b414e37be786301f7f6162afa812f45c15aba6887c6559b4c379c98fddd95af179c457a6a0e414cd921fd3b5736068f2ce6bec2fbf28e0e230784a38bf6f7b6e42672e52959db1b7e49225382108fb5bdd6b4ad57fee63c2819d10c1bc751a51c6c78d905b0b7702d2edf89d0cf30f0d21c93");
-    static byte[] p521_1_with_params13 = Hex.decode("04009d332615586356df7caaabb4ddd1c7902f35595c0a708acf570659061313e44a5d581b0e646e0c623b737327ed2a6fb7391ed76ee5fdceb9480f8b414e37be786301f7f6162afa812f45c15aba6887c6559b4c379c98fddd95af179c457a6a0e414cd921fd3b5736068f2ce6bec2fbf28e0e230784a38bf6f7b6e42672e52959db1b7e49225382108fb5bdd6b4ad57fee63c2819d10c1bc7513a9fb7f21f78ef3467b54153b8e2998de5f46724");
-    static byte[] p521_1_with_params21 = Hex.decode("04009d332615586356df7caaabb4ddd1c7902f35595c0a708acf570659061313e44a5d581b0e646e0c623b737327ed2a6fb7391ed76ee5fdceb9480f8b414e37be786301f7f6162afa812f45c15aba6887c6559b4c379c98fddd95af179c457a6a0e414cd921fd3b5736068f2ce6bec2fbf28e0e230784a38bf6f7b6e42672e52959db1b7e1e0e7ac9ade1646519a365ef578f0bbe3556a818c83a0ce6226db7a3f3964e7a18955f9150fb030dcb09");
-    static byte[] p521_1_with_params22 = Hex.decode("04009d332615586356df7caaabb4ddd1c7902f35595c0a708acf570659061313e44a5d581b0e646e0c623b737327ed2a6fb7391ed76ee5fdceb9480f8b414e37be786301f7f6162afa812f45c15aba6887c6559b4c379c98fddd95af179c457a6a0e414cd921fd3b5736068f2ce6bec2fbf28e0e230784a38bf6f7b6e42672e52959db1b7e1e0e7ac9ade1646519a365ef578f0bbe3556a818c83ade9180b72d7d2e9218395ea7d83c00cf03c6b39d");
-    static byte[] p521_1_with_params23 = Hex.decode("04009d332615586356df7caaabb4ddd1c7902f35595c0a708acf570659061313e44a5d581b0e646e0c623b737327ed2a6fb7391ed76ee5fdceb9480f8b414e37be786301f7f6162afa812f45c15aba6887c6559b4c379c98fddd95af179c457a6a0e414cd921fd3b5736068f2ce6bec2fbf28e0e230784a38bf6f7b6e42672e52959db1b7e1e0e7ac9ade1646519a365ef578f0bbe3556a818c83a605f2a4ef486f9215e546d618eb7624443ee1a7d");
-
-    static byte[] p521_2_pub = Base64.decode("MIGbMBAGByqGSM49AgEGBSuBBAAjA4GGAAQACXj0hmGm68PQxI12y5sKMn4mN6mIMOEn1l6PBOeGtk8QuJHt1AS3X5DcPorJTxhuhdcdDHA3if1utfAw9hl7tCIBQELwgw2Vo3gYkdbG7Hj6O9kf8WpqIEJ3UsC4S0hITMY1knO41BaO4UdO+nUiN+PZPRRSqFwm3C5v3fffLSGbpIQ=");
-    static byte[] p521_2_pri = Base64.decode("MIH3AgEAMBAGByqGSM49AgEGBSuBBAAjBIHfMIHcAgEBBEIB6s6VR/8WgiOvSjHT/n5Y91wESyI9e4GABUNWMXMPhNspwb9++7fyanbeliHNz9K61SjDG7rLXs90K1iRvHPJwmygBwYFK4EEACOhgYkDgYYABAAJePSGYabrw9DEjXbLmwoyfiY3qYgw4SfWXo8E54a2TxC4ke3UBLdfkNw+islPGG6F1x0McDeJ/W618DD2GXu0IgFAQvCDDZWjeBiR1sbsePo72R/xamogQndSwLhLSEhMxjWSc7jUFo7hR076dSI349k9FFKoXCbcLm/d998tIZukhA==");
-    static byte[] p521_2_eph = Hex.decode("c9ee178c7f200a51a0053931c697001205f8923fd04b538c3fd5df2be43a6f304581f57138906bba0be631f7e0fd2804d00b5cb053559f080c13c913358f6e1fcc6d");
-
-    static byte[] p521_2_no_params = Hex.decode("0400ddfd813bbba275fec8896a140036c9ee2fee49793cadc0a4d976d1b7827357b846e1e5aa9326b449c6ab268e3b2d145894cc02d33d849c108db1f696db6e867c2c01d129fcc80937aeb2beff58ebc9e9777ba864546aed12d86c5e6a89767cf5321ec323283032278698642c238b3fda4a5d5e9ea2f0b91ef7d979fda529687931ace65922842dba0351c1cebde53ee4ba9afadbd3a03a88507046f62c7383f96142c09df58be5b0a661893d41");
-
-    static byte[] p521_2_with_params11 = Hex.decode("0400ddfd813bbba275fec8896a140036c9ee2fee49793cadc0a4d976d1b7827357b846e1e5aa9326b449c6ab268e3b2d145894cc02d33d849c108db1f696db6e867c2c01d129fcc80937aeb2beff58ebc9e9777ba864546aed12d86c5e6a89767cf5321ec323283032278698642c238b3fda4a5d5e9ea2f0b91ef7d979fda529687931ace674ccf084d69e0bc9a728548d887a162ddf53a0002ed034b51a5406b831ce9ea713be7df54934b77dcc84");
-    static byte[] p521_2_with_params12 = Hex.decode("0400ddfd813bbba275fec8896a140036c9ee2fee49793cadc0a4d976d1b7827357b846e1e5aa9326b449c6ab268e3b2d145894cc02d33d849c108db1f696db6e867c2c01d129fcc80937aeb2beff58ebc9e9777ba864546aed12d86c5e6a89767cf5321ec323283032278698642c238b3fda4a5d5e9ea2f0b91ef7d979fda529687931ace674ccf084d69e0bc9a728548d887a162ddf53a0002ed0767534663184e99c0958451ea417729e29e02a60");
-    static byte[] p521_2_with_params13 = Hex.decode("0400ddfd813bbba275fec8896a140036c9ee2fee49793cadc0a4d976d1b7827357b846e1e5aa9326b449c6ab268e3b2d145894cc02d33d849c108db1f696db6e867c2c01d129fcc80937aeb2beff58ebc9e9777ba864546aed12d86c5e6a89767cf5321ec323283032278698642c238b3fda4a5d5e9ea2f0b91ef7d979fda529687931ace674ccf084d69e0bc9a728548d887a162ddf53a0002ed0517e1040bf7d57f2c8f9c3ce69e5a05a9a292700");
-    static byte[] p521_2_with_params21 = Hex.decode("0400ddfd813bbba275fec8896a140036c9ee2fee49793cadc0a4d976d1b7827357b846e1e5aa9326b449c6ab268e3b2d145894cc02d33d849c108db1f696db6e867c2c01d129fcc80937aeb2beff58ebc9e9777ba864546aed12d86c5e6a89767cf5321ec323283032278698642c238b3fda4a5d5e9ea2f0b91ef7d979fda529687931ace68a9e28bb5d49c07d5f5f59a27311619103aea50e48ddc66e0f20686c8d0c329db510facc1c014f800920");
-    static byte[] p521_2_with_params22 = Hex.decode("0400ddfd813bbba275fec8896a140036c9ee2fee49793cadc0a4d976d1b7827357b846e1e5aa9326b449c6ab268e3b2d145894cc02d33d849c108db1f696db6e867c2c01d129fcc80937aeb2beff58ebc9e9777ba864546aed12d86c5e6a89767cf5321ec323283032278698642c238b3fda4a5d5e9ea2f0b91ef7d979fda529687931ace68a9e28bb5d49c07d5f5f59a27311619103aea50e48ddbc970a66c80886782713e25ece75a23dec995121");
-    static byte[] p521_2_with_params23 = Hex.decode("0400ddfd813bbba275fec8896a140036c9ee2fee49793cadc0a4d976d1b7827357b846e1e5aa9326b449c6ab268e3b2d145894cc02d33d849c108db1f696db6e867c2c01d129fcc80937aeb2beff58ebc9e9777ba864546aed12d86c5e6a89767cf5321ec323283032278698642c238b3fda4a5d5e9ea2f0b91ef7d979fda529687931ace68a9e28bb5d49c07d5f5f59a27311619103aea50e48dd7c3d8a51a95f88813d04a0c681355f6e86bb44e5");
-
-    static byte[] old_p256_1_no_params = Hex.decode("04bc8f4da6ea423c0698744b927ec71b67126d97ef9dd804c141a0dfcb466cc1c7df25539375ddb3ae7d08cc46fa2a78434c9f6123b108e39a5fe614729c3d8ae43dfbe605c746ba0c546c0c25ba5a00304587fbed07a3ebe44837c43b86025cc08e333b1631a8227b8d49");
-
-    static byte[] old_p256_1_with_params11 = Hex.decode("04bc8f4da6ea423c0698744b927ec71b67126d97ef9dd804c141a0dfcb466cc1c7df25539375ddb3ae7d08cc46fa2a78434c9f6123b108e39a5fe614729c3d8ae4a57474b50621e97254c1f3b32635f694feb57e873a332ce23d272262d47a528057eb5b0b11631707b28f");
-    static byte[] old_p256_1_with_params12 = Hex.decode("04bc8f4da6ea423c0698744b927ec71b67126d97ef9dd804c141a0dfcb466cc1c7df25539375ddb3ae7d08cc46fa2a78434c9f6123b108e39a5fe614729c3d8ae4a57474b50621e97254c1f3b32635f694feb57e873a3331e3e514868c771270632c9a9b852f2060d415da");
-    static byte[] old_p256_1_with_params13 = Hex.decode("04bc8f4da6ea423c0698744b927ec71b67126d97ef9dd804c141a0dfcb466cc1c7df25539375ddb3ae7d08cc46fa2a78434c9f6123b108e39a5fe614729c3d8ae4a57474b50621e97254c1f3b32635f694feb57e873a3353e10e6260e937bcdd244201a0de1d3941439076");
-    static byte[] old_p256_1_with_params21 = Hex.decode("04bc8f4da6ea423c0698744b927ec71b67126d97ef9dd804c141a0dfcb466cc1c7df25539375ddb3ae7d08cc46fa2a78434c9f6123b108e39a5fe614729c3d8ae4da4d2bb723cd2ca918d1835dc2716a767085facd5df4912a36ccc3c49de7d3d6b1fb312aeacf2d0b30e7");
-    static byte[] old_p256_1_with_params22 = Hex.decode("04bc8f4da6ea423c0698744b927ec71b67126d97ef9dd804c141a0dfcb466cc1c7df25539375ddb3ae7d08cc46fa2a78434c9f6123b108e39a5fe614729c3d8ae4da4d2bb723cd2ca918d1835dc2716a767085facd5df4171c056b90a3badd0bb689403ab214546b5f6411");
-    static byte[] old_p256_1_with_params23 = Hex.decode("04bc8f4da6ea423c0698744b927ec71b67126d97ef9dd804c141a0dfcb466cc1c7df25539375ddb3ae7d08cc46fa2a78434c9f6123b108e39a5fe614729c3d8ae4da4d2bb723cd2ca918d1835dc2716a767085facd5df4ad1a6a561fe0582495cd14ac4494e4610ecddef1");
-
-    ECIESVectorTest()
-    {
-    }
-
-    public String getName()
-    {
-        return "ECIESVectorTest";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        KeyFactory ecFact = KeyFactory.getInstance("EC", "BC");
-
-        KeyPair keyPair = new KeyPair(ecFact.generatePublic(new X509EncodedKeySpec(p256_1_pub)), ecFact.generatePrivate(new PKCS8EncodedKeySpec(p256_1_pri)));
-
-        doTestNoParams("ECIES with P-256 None", keyPair, "ECIES", p256_1_eph, p256_1_no_params);
-        doTestWithParams("ECIES with P-256 KP1 P11", keyPair, "ECIES", p256_1_eph, new IESParameterSpec(derivation1, encoding1, 128), p256_1_with_params11);
-        doTestWithParams("ECIES with P-256 KP1 P11", keyPair, "ECIES", p256_1_eph, new IESParameterSpec(derivation1, encoding2, 128), p256_1_with_params12);
-        doTestWithParams("ECIES with P-256 KP1 P11", keyPair, "ECIES", p256_1_eph, new IESParameterSpec(derivation1, encoding3, 128), p256_1_with_params13);
-        doTestWithParams("ECIES with P-256 KP1 P11", keyPair, "ECIES", p256_1_eph, new IESParameterSpec(derivation2, encoding1, 128), p256_1_with_params21);
-        doTestWithParams("ECIES with P-256 KP1 P11", keyPair, "ECIES", p256_1_eph, new IESParameterSpec(derivation2, encoding2, 128), p256_1_with_params22);
-        doTestWithParams("ECIES with P-256 KP1 P11", keyPair, "ECIES", p256_1_eph, new IESParameterSpec(derivation2, encoding3, 128), p256_1_with_params23);
-
-        // no longer supported
-//        doTestNoParams("ECIES with P-256 None", keyPair, "OldECIES", p256_1_eph, old_p256_1_no_params);
-//        doTestWithParams("ECIES with P-256 KP1 P11", keyPair, "OldECIES", p256_1_eph, new IESParameterSpec(derivation1, encoding1, 128), old_p256_1_with_params11);
-//        doTestWithParams("ECIES with P-256 KP1 P11", keyPair, "OldECIES", p256_1_eph, new IESParameterSpec(derivation1, encoding2, 128), old_p256_1_with_params12);
-//        doTestWithParams("ECIES with P-256 KP1 P11", keyPair, "OldECIES", p256_1_eph, new IESParameterSpec(derivation1, encoding3, 128), old_p256_1_with_params13);
-//        doTestWithParams("ECIES with P-256 KP1 P11", keyPair, "OldECIES", p256_1_eph, new IESParameterSpec(derivation2, encoding1, 128), old_p256_1_with_params21);
-//        doTestWithParams("ECIES with P-256 KP1 P11", keyPair, "OldECIES", p256_1_eph, new IESParameterSpec(derivation2, encoding2, 128), old_p256_1_with_params22);
-//        doTestWithParams("ECIES with P-256 KP1 P11", keyPair, "OldECIES", p256_1_eph, new IESParameterSpec(derivation2, encoding3, 128), old_p256_1_with_params23);
-
-        keyPair = new KeyPair(ecFact.generatePublic(new X509EncodedKeySpec(p256_2_pub)), ecFact.generatePrivate(new PKCS8EncodedKeySpec(p256_2_pri)));
-
-        doTestNoParams("ECIES with P-256 None", keyPair, "ECIES", p256_2_eph, p256_2_no_params);
-        doTestWithParams("ECIES with P-256 KP2 P11", keyPair, "ECIES", p256_2_eph, new IESParameterSpec(derivation1, encoding1, 128), p256_2_with_params11);
-        doTestWithParams("ECIES with P-256 KP2 P11", keyPair, "ECIES", p256_2_eph, new IESParameterSpec(derivation1, encoding2, 128), p256_2_with_params12);
-        doTestWithParams("ECIES with P-256 KP2 P11", keyPair, "ECIES", p256_2_eph, new IESParameterSpec(derivation1, encoding3, 128), p256_2_with_params13);
-        doTestWithParams("ECIES with P-256 KP2 P11", keyPair, "ECIES", p256_2_eph, new IESParameterSpec(derivation2, encoding1, 128), p256_2_with_params21);
-        doTestWithParams("ECIES with P-256 KP2 P11", keyPair, "ECIES", p256_2_eph, new IESParameterSpec(derivation2, encoding2, 128), p256_2_with_params22);
-        doTestWithParams("ECIES with P-256 KP2 P11", keyPair, "ECIES", p256_2_eph, new IESParameterSpec(derivation2, encoding3, 128), p256_2_with_params23);
-
-        keyPair = new KeyPair(ecFact.generatePublic(new X509EncodedKeySpec(p521_1_pub)), ecFact.generatePrivate(new PKCS8EncodedKeySpec(p521_1_pri)));
-
-        doTestNoParams("ECIES with P-521 None", keyPair, "ECIES", p521_1_eph, p521_1_no_params);
-        doTestWithParams("ECIES with P-521 KP1 P11", keyPair, "ECIES", p521_1_eph, new IESParameterSpec(derivation1, encoding1, 128), p521_1_with_params11);
-        doTestWithParams("ECIES with P-521 KP1 P11", keyPair, "ECIES", p521_1_eph, new IESParameterSpec(derivation1, encoding2, 128), p521_1_with_params12);
-        doTestWithParams("ECIES with P-521 KP1 P11", keyPair, "ECIES", p521_1_eph, new IESParameterSpec(derivation1, encoding3, 128), p521_1_with_params13);
-        doTestWithParams("ECIES with P-521 KP1 P11", keyPair, "ECIES", p521_1_eph, new IESParameterSpec(derivation2, encoding1, 128), p521_1_with_params21);
-        doTestWithParams("ECIES with P-521 KP1 P11", keyPair, "ECIES", p521_1_eph, new IESParameterSpec(derivation2, encoding2, 128), p521_1_with_params22);
-        doTestWithParams("ECIES with P-521 KP1 P11", keyPair, "ECIES", p521_1_eph, new IESParameterSpec(derivation2, encoding3, 128), p521_1_with_params23);
-
-        keyPair = new KeyPair(ecFact.generatePublic(new X509EncodedKeySpec(p521_2_pub)), ecFact.generatePrivate(new PKCS8EncodedKeySpec(p521_2_pri)));
-
-        doTestNoParams("ECIES with default", keyPair, "ECIES", p521_2_eph, p521_2_no_params);
-        doTestWithParams("ECIES with P-521 KP2 P11", keyPair, "ECIES", p521_2_eph, new IESParameterSpec(derivation1, encoding1, 128), p521_2_with_params11);
-        doTestWithParams("ECIES with P-521 KP2 P12", keyPair, "ECIES", p521_2_eph, new IESParameterSpec(derivation1, encoding2, 128), p521_2_with_params12);
-        doTestWithParams("ECIES with P-521 KP2 P13", keyPair, "ECIES", p521_2_eph, new IESParameterSpec(derivation1, encoding3, 128), p521_2_with_params13);
-        doTestWithParams("ECIES with P-521 KP2 P21", keyPair, "ECIES", p521_2_eph, new IESParameterSpec(derivation2, encoding1, 128), p521_2_with_params21);
-        doTestWithParams("ECIES with P-521 KP2 P21", keyPair, "ECIES", p521_2_eph, new IESParameterSpec(derivation2, encoding2, 128), p521_2_with_params22);
-        doTestWithParams("ECIES with P-521 KP2 P21", keyPair, "ECIES", p521_2_eph, new IESParameterSpec(derivation2, encoding3, 128), p521_2_with_params23);
-    }
-
-    public void doTestNoParams(
-        String testname,
-        KeyPair keyPair,
-        String cipher,
-        byte[] ephPrivateValue,
-        byte[] expected)
-        throws Exception
-    {
-
-
-        byte[] out1, out2;
-
-        // Generate static key pair
-        ECPublicKey   Pub = (ECPublicKey)keyPair.getPublic();
-        ECPrivateKey  Priv = (ECPrivateKey)keyPair.getPrivate();
-
-        Cipher c1 = Cipher.getInstance(cipher);
-        Cipher c2 = Cipher.getInstance(cipher);
-
-        // Testing with null parameters and DHAES mode off
-        c1.init(Cipher.ENCRYPT_MODE, Pub, new FixedSecureRandom(ephPrivateValue));
-        c2.init(Cipher.DECRYPT_MODE, Priv, new FixedSecureRandom(ephPrivateValue));
-        out1 = c1.doFinal(message, 0, message.length);
-
-        if (!areEqual(out1, expected))
-        {
-            fail(testname + " test failed encrypt with null parameters, DHAES mode false.");
-        }
-
-        out2 = c2.doFinal(out1, 0, out1.length);
-        if (!areEqual(out2, message))
-        {
-            fail(testname + " test failed decrypt with null parameters, DHAES mode false.");
-        }
-    }
-
-    public void doTestWithParams(
-        String testname,
-        KeyPair keyPair,
-        String cipher,
-        byte[] ephPrivateValue,
-        IESParameterSpec p,
-        byte[] expected)
-        throws Exception
-    {
-        byte[] out1, out2;
-
-        // Generate static key pair
-        ECPublicKey   Pub = (ECPublicKey)keyPair.getPublic();
-        ECPrivateKey  Priv = (ECPrivateKey)keyPair.getPrivate();
-
-        Cipher c1 = Cipher.getInstance(cipher);
-        Cipher c2 = Cipher.getInstance(cipher);
-
-        // Testing with given parameters and DHAES mode off
-        c1.init(Cipher.ENCRYPT_MODE, Pub, p, new FixedSecureRandom(ephPrivateValue));
-        c2.init(Cipher.DECRYPT_MODE, Priv, p, new FixedSecureRandom(ephPrivateValue));
-        out1 = c1.doFinal(message, 0, message.length);
-
-        if (!areEqual(out1, expected))
-        {
-            fail(testname + " test failed encrypt with non-null parameters, DHAES mode false.");
-        }
-        out2 = c2.doFinal(out1, 0, out1.length);
-        if (!areEqual(out2, message))
-        {
-            fail(testname + " test failed decrypt with non-null parameters, DHAES mode false.");
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new ECIESVectorTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/ECNRTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/ECNRTest.java
deleted file mode 100644
index d84c2f7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/ECNRTest.java
+++ /dev/null

@@ -1,231 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.math.BigInteger;
-import java.security.KeyFactory;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.Signature;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.x9.ECNamedCurveTable;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECParameterSpec;
-import org.bouncycastle.jce.spec.ECPrivateKeySpec;
-import org.bouncycastle.jce.spec.ECPublicKeySpec;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.util.BigIntegers;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.FixedSecureRandom;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestRandomBigInteger;
-
-public class ECNRTest
-    extends SimpleTest
-{
-    byte[] k1 = Hex.decode("d5014e4b60ef2ba8b6211b4062ba3224e0427dd3");
-    byte[] k2 = Hex.decode("345e8d05c075c3a508df729a1685690e68fcfb8c8117847e89063bca1f85d968fd281540b6e13bd1af989a1fbf17e06462bf511f9d0b140fb48ac1b1baa5bded");
-
-    SecureRandom random = new FixedSecureRandom(
-        new FixedSecureRandom.Source[] { new FixedSecureRandom.Data(k1), new FixedSecureRandom.Data(k2) });
-
-    /**
-     * X9.62 - 1998,<br>
-     * J.3.2, Page 155, ECDSA over the field Fp<br>
-     * an example with 239 bit prime
-     */
-    private void testECNR239bitPrime()
-        throws Exception
-    {
-        BigInteger r = new BigInteger("308636143175167811492623515537541734843573549327605293463169625072911693");
-        BigInteger s = new BigInteger("852401710738814635664888632022555967400445256405412579597015412971797143");
-
-        byte[] kData = BigIntegers.asUnsignedByteArray(new BigInteger("700000017569056646655505781757157107570501575775705779575555657156756655"));
-        
-        SecureRandom k = new TestRandomBigInteger(kData);
-
-        X9ECParameters x9 = ECNamedCurveTable.getByName("prime239v1");
-        ECCurve curve = x9.getCurve();
-        ECParameterSpec spec = new ECParameterSpec(curve, x9.getG(), x9.getN(), x9.getH());
-
-        ECPrivateKeySpec priKey = new ECPrivateKeySpec(
-            new BigInteger("876300101507107567501066130761671078357010671067781776716671676178726717"), // d
-            spec);
-
-        ECPublicKeySpec pubKey = new ECPublicKeySpec(
-            curve.decodePoint(Hex.decode("025b6dc53bc61a2548ffb0f671472de6c9521a9d2d2534e65abfcbd5fe0c70")), // Q
-            spec);
-
-        Signature           sgr = Signature.getInstance("SHA1withECNR", "BC");
-        KeyFactory          f = KeyFactory.getInstance("ECDSA", "BC");
-
-        byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' };
-        
-        checkSignature(239, priKey, pubKey, sgr, k, message, r, s);
-    }
-    
-    // -------------------------------------------------------------------------
-    
-    /**
-     * X9.62 - 1998,<br>
-     * Page 104-105, ECDSA over the field Fp<br>
-     * an example with 192 bit prime
-     */
-    private void testECNR192bitPrime()
-        throws Exception
-    {
-        BigInteger r  = new BigInteger("2474388605162950674935076940284692598330235697454145648371");
-        BigInteger s  = new BigInteger("2997192822503471356158280167065034437828486078932532073836");
-
-        byte[] kData = BigIntegers.asUnsignedByteArray(new BigInteger("dcc5d1f1020906df2782360d36b2de7a17ece37d503784af", 16));
-        
-        SecureRandom k = new TestRandomBigInteger(kData);
-
-        X9ECParameters x9 = ECNamedCurveTable.getByName("prime192v1");
-        ECCurve curve = x9.getCurve();
-        ECParameterSpec spec = new ECParameterSpec(curve, x9.getG(), x9.getN(), x9.getH());
-
-        ECPrivateKeySpec priKey = new ECPrivateKeySpec(
-            new BigInteger("651056770906015076056810763456358567190100156695615665659"), // d
-            spec);
-
-        ECPublicKeySpec pubKey = new ECPublicKeySpec(
-            curve.decodePoint(Hex.decode("0262B12D60690CDCF330BABAB6E69763B471F994DD702D16A5")), // Q
-            spec);
-
-        Signature           sgr = Signature.getInstance("SHA1withECNR", "BC");
-        KeyFactory          f = KeyFactory.getInstance("ECDSA", "BC");
-
-        byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' };
-        
-        checkSignature(192, priKey, pubKey, sgr, k, message, r, s);
-    }
-    
-    // -------------------------------------------------------------------------
-    
-    /**
-     * SEC 2: Recommended Elliptic Curve Domain Parameters - September 2000,<br>
-     * Page 17-19, Recommended 521-bit Elliptic Curve Domain Parameters over Fp<br>
-     * an ECC example with a 521 bit prime and a 512 bit hash
-     */
-    private void testECNR521bitPrime()
-        throws Exception
-    {
-        BigInteger r  = new BigInteger("1820641608112320695747745915744708800944302281118541146383656165330049339564439316345159057453301092391897040509935100825960342573871340486684575368150970954");
-        BigInteger s  = new BigInteger("6358277176448326821136601602749690343031826490505780896013143436153111780706227024847359990383467115737705919410755190867632280059161174165591324242446800763");
-
-        byte[] kData = BigIntegers.asUnsignedByteArray(new BigInteger("cdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef1234567890abcdef", 16));
-        
-        SecureRandom k = new TestRandomBigInteger(kData);
-
-        X9ECParameters x9 = ECNamedCurveTable.getByName("secp521r1");
-        ECCurve curve = x9.getCurve();
-        ECParameterSpec spec = new ECParameterSpec(curve, x9.getG(), x9.getN(), x9.getH());
-
-        ECPrivateKeySpec priKey = new ECPrivateKeySpec(
-            new BigInteger("5769183828869504557786041598510887460263120754767955773309066354712783118202294874205844512909370791582896372147797293913785865682804434049019366394746072023"), // d
-            spec);
-
-        ECPublicKeySpec pubKey = new ECPublicKeySpec(
-            curve.decodePoint(Hex.decode("02006BFDD2C9278B63C92D6624F151C9D7A822CC75BD983B17D25D74C26740380022D3D8FAF304781E416175EADF4ED6E2B47142D2454A7AC7801DD803CF44A4D1F0AC")), // Q
-            spec);
-
-        Signature           sgr = Signature.getInstance("SHA512withECNR", "BC");
-        byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' };
-        
-        checkSignature(521, priKey, pubKey, sgr, k, message, r, s);
-    }
-
-    private void checkSignature(
-        int size,
-        ECPrivateKeySpec priKey, 
-        ECPublicKeySpec pubKey, 
-        Signature sgr,
-        SecureRandom k, 
-        byte[] message, 
-        BigInteger r, 
-        BigInteger s)
-        throws Exception
-    {
-        KeyFactory          f = KeyFactory.getInstance("ECDSA", "BC");
-        PrivateKey          sKey = f.generatePrivate(priKey);
-        PublicKey           vKey = f.generatePublic(pubKey);
-
-        sgr.initSign(sKey, k);
-
-        sgr.update(message);
-
-        byte[]  sigBytes = sgr.sign();
-
-        sgr.initVerify(vKey);
-
-        sgr.update(message);
-
-        if (!sgr.verify(sigBytes))
-        {
-            fail(size + " bit EC verification failed");
-        }
-
-        BigInteger[]  sig = derDecode(sigBytes);
-
-        if (!r.equals(sig[0]))
-        {
-            fail(size + "bit"
-                + ": r component wrong." + Strings.lineSeparator()
-                + " expecting: " + r + Strings.lineSeparator()
-                + " got      : " + sig[0]);
-        }
-
-        if (!s.equals(sig[1]))
-        {
-            fail(size + "bit"
-                + ": s component wrong." + Strings.lineSeparator()
-                + " expecting: " + s + Strings.lineSeparator()
-                + " got      : " + sig[1]);
-        }
-    }
-
-    protected BigInteger[] derDecode(
-        byte[]  encoding)
-        throws IOException
-    {
-        ByteArrayInputStream    bIn = new ByteArrayInputStream(encoding);
-        ASN1InputStream         aIn = new ASN1InputStream(bIn);
-        ASN1Sequence            s = (ASN1Sequence)aIn.readObject();
-
-        BigInteger[]            sig = new BigInteger[2];
-
-        sig[0] = ((ASN1Integer)s.getObjectAt(0)).getValue();
-        sig[1] = ((ASN1Integer)s.getObjectAt(1)).getValue();
-
-        return sig;
-    }
-
-    public String getName()
-    {
-        return "ECNR";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        testECNR192bitPrime();
-        testECNR239bitPrime();
-        testECNR521bitPrime();
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new ECNRTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/EdECTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/EdECTest.java
deleted file mode 100644
index a73fd2f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/EdECTest.java
+++ /dev/null

@@ -1,628 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidParameterException;
-import java.security.Key;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.Signature;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.ECGenParameterSpec;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.Set;
-
-import javax.crypto.KeyAgreement;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.edec.EdECObjectIdentifiers;
-import org.bouncycastle.asn1.x509.Certificate;
-import org.bouncycastle.jcajce.spec.DHUParameterSpec;
-import org.bouncycastle.jcajce.spec.EdDSAParameterSpec;
-import org.bouncycastle.jcajce.spec.UserKeyingMaterialSpec;
-import org.bouncycastle.jcajce.spec.XDHParameterSpec;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class EdECTest
-    extends SimpleTest
-{
-    private static final byte[] pubEnc = Base64.decode(
-        "MCowBQYDK2VwAyEAGb9ECWmEzf6FQbrBZ9w7lshQhqowtrbLDFw4rXAxZuE=");
-
-    private static final byte[] privEnc = Base64.decode(
-        "MC4CAQAwBQYDK2VwBCIEINTuctv5E1hK1bbY8fdp+K06/nwoy/HU++CXqI9EdVhC");
-
-    private static final byte[] privWithPubEnc = Base64.decode(
-        "MHICAQEwBQYDK2VwBCIEINTuctv5E1hK1bbY8fdp+K06/nwoy/HU++CXqI9EdVhC" +
-            "oB8wHQYKKoZIhvcNAQkJFDEPDA1DdXJkbGUgQ2hhaXJzgSEAGb9ECWmEzf6FQbrB" +
-            "Z9w7lshQhqowtrbLDFw4rXAxZuE=");
-
-    public static final byte[] x25519Cert = Base64.decode(
-        "MIIBLDCB36ADAgECAghWAUdKKo3DMDAFBgMrZXAwGTEXMBUGA1UEAwwOSUVURiBUZX" +
-            "N0IERlbW8wHhcNMTYwODAxMTIxOTI0WhcNNDAxMjMxMjM1OTU5WjAZMRcwFQYDVQQD" +
-            "DA5JRVRGIFRlc3QgRGVtbzAqMAUGAytlbgMhAIUg8AmJMKdUdIt93LQ+91oNvzoNJj" +
-            "ga9OukqY6qm05qo0UwQzAPBgNVHRMBAf8EBTADAQEAMA4GA1UdDwEBAAQEAwIDCDAg" +
-            "BgNVHQ4BAQAEFgQUmx9e7e0EM4Xk97xiPFl1uQvIuzswBQYDK2VwA0EAryMB/t3J5v" +
-            "/BzKc9dNZIpDmAgs3babFOTQbs+BolzlDUwsPrdGxO3YNGhW7Ibz3OGhhlxXrCe1Cg" +
-            "w1AH9efZBw==");
-
-    public String getName()
-    {
-        return "EdEC";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        KeyFactory kFact = KeyFactory.getInstance("EdDSA", "BC");
-
-        PublicKey pub = kFact.generatePublic(new X509EncodedKeySpec(pubEnc));
-
-        isTrue("pub failed", areEqual(pubEnc, pub.getEncoded()));
-
-        serializationTest("ref pub", pub);
-
-        PrivateKey priv = kFact.generatePrivate(new PKCS8EncodedKeySpec(privEnc));
-
-        isTrue("priv failed", areEqual(privEnc, priv.getEncoded()));
-
-        priv = kFact.generatePrivate(new PKCS8EncodedKeySpec(privWithPubEnc));
-
-        isTrue("priv with pub failed", areEqual(privWithPubEnc, priv.getEncoded()));
-
-        serializationTest("ref priv", priv);
-
-        Signature sig = Signature.getInstance("EDDSA", "BC");
-
-        Certificate x25519Cert = Certificate.getInstance(EdECTest.x25519Cert);
-
-        sig.initVerify(pub);
-
-        sig.update(x25519Cert.getTBSCertificate().getEncoded());
-
-        isTrue(sig.verify(x25519Cert.getSignature().getBytes()));
-
-        x448AgreementTest();
-        x25519AgreementTest();
-        ed448SignatureTest();
-        ed25519SignatureTest();
-        x448withCKDFTest();
-        x25519withCKDFTest();
-        x448withKDFTest();
-        x25519withKDFTest();
-        x448UwithKDFTest();
-        x25519UwithKDFTest();
-
-        xdhGeneratorTest();
-        eddsaGeneratorTest();
-
-        keyTest("X448");
-        keyTest("X25519");
-        keyTest("Ed448");
-        keyTest("Ed25519");
-
-        keyFactoryTest("X448", EdECObjectIdentifiers.id_X448);
-        keyFactoryTest("X25519", EdECObjectIdentifiers.id_X25519);
-        keyFactoryTest("Ed448", EdECObjectIdentifiers.id_Ed448);
-        keyFactoryTest("Ed25519", EdECObjectIdentifiers.id_Ed25519);
-    }
-
-    private void keyFactoryTest(String algorithm, ASN1ObjectIdentifier algOid)
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance(algorithm, "BC");
-        KeyFactory kFact = KeyFactory.getInstance((algorithm.startsWith("X") ? "XDH" : "EdDSA"), "BC");
-
-        KeyPair kp = kpGen.generateKeyPair();
-
-        Set<String> alts = new HashSet<String>();
-
-        alts.add("X448");
-        alts.add("X25519");
-        alts.add("Ed448");
-        alts.add("Ed25519");
-
-        alts.remove(algorithm);
-
-        PrivateKey k1 = kFact.generatePrivate(new PKCS8EncodedKeySpec(kp.getPrivate().getEncoded()));
-
-        checkEquals(algorithm, kp.getPrivate(), k1);
-
-        PublicKey k2 = kFact.generatePublic(new X509EncodedKeySpec(kp.getPublic().getEncoded()));
-
-        checkEquals(algorithm, kp.getPublic(), k2);
-
-        for (Iterator<String> it = alts.iterator(); it.hasNext(); )
-        {
-            String altAlg = (String)it.next();
-
-            kFact = KeyFactory.getInstance(altAlg, "BC");
-
-            try
-            {
-                k1 = kFact.generatePrivate(new PKCS8EncodedKeySpec(kp.getPrivate().getEncoded()));
-                fail("no exception");
-            }
-            catch (InvalidKeySpecException e)
-            {
-                isEquals("encoded key spec not recognized: algorithm identifier " + algOid.getId() + " in key not recognized", e.getMessage());
-            }
-
-            try
-            {
-                k2 = kFact.generatePublic(new X509EncodedKeySpec(kp.getPublic().getEncoded()));
-                fail("no exception");
-            }
-            catch (InvalidKeySpecException e)
-            {
-                isEquals("encoded key spec not recognized: algorithm identifier " + algOid.getId() + " in key not recognized", e.getMessage());
-            }
-        }
-    }
-
-    private void keyTest(String algorithm)
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance(algorithm, "BC");
-
-        KeyFactory kFact = KeyFactory.getInstance(algorithm, "BC");
-
-        KeyPair kp = kpGen.generateKeyPair();
-
-        PrivateKey k1 = kFact.generatePrivate(new PKCS8EncodedKeySpec(kp.getPrivate().getEncoded()));
-
-        checkEquals(algorithm, kp.getPrivate(), k1);
-
-        PublicKey k2 = kFact.generatePublic(new X509EncodedKeySpec(kp.getPublic().getEncoded()));
-
-        checkEquals(algorithm, kp.getPublic(), k2);
-
-        serializationTest(algorithm, kp.getPublic());
-        serializationTest(algorithm, kp.getPrivate());
-
-        String pubString = kp.getPublic().toString();
-        String privString = kp.getPrivate().toString();
-
-        isTrue(pubString.startsWith(algorithm + " Public Key ["));
-        isTrue(privString.startsWith(algorithm + " Private Key ["));
-        isTrue(privString.substring((algorithm + " Private Key [").length())
-            .equals(pubString.substring((algorithm + " Public Key [").length())));
-    }
-
-    private void xdhGeneratorTest()
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("XDH", "BC");
-
-        kpGen.initialize(new XDHParameterSpec(XDHParameterSpec.X448));
-
-        KeyPair kp = kpGen.generateKeyPair();
-
-        isTrue("X448".equals(kp.getPublic().getAlgorithm()));
-
-        kpGen.initialize(new ECGenParameterSpec(XDHParameterSpec.X448));
-
-        kp = kpGen.generateKeyPair();
-
-        isTrue("X448".equals(kp.getPublic().getAlgorithm()));
-
-        kpGen.initialize(448);
-
-        kp = kpGen.generateKeyPair();
-
-        isTrue("X448".equals(kp.getPublic().getAlgorithm()));
-
-        kpGen = KeyPairGenerator.getInstance("XDH", "BC");
-        
-        kpGen.initialize(new XDHParameterSpec(XDHParameterSpec.X25519));
-
-        kp = kpGen.generateKeyPair();
-
-        isTrue("X25519".equals(kp.getPublic().getAlgorithm()));
-
-        kpGen.initialize(new ECGenParameterSpec(XDHParameterSpec.X25519));
-
-        kp = kpGen.generateKeyPair();
-
-        isTrue("X25519".equals(kp.getPublic().getAlgorithm()));
-
-        kpGen.initialize(256);
-
-        kp = kpGen.generateKeyPair();
-
-        isTrue("X25519".equals(kp.getPublic().getAlgorithm()));
-
-        kpGen.initialize(255);
-
-        kp = kpGen.generateKeyPair();
-
-        isTrue("X25519".equals(kp.getPublic().getAlgorithm()));
-
-        kpGen = KeyPairGenerator.getInstance("XDH", "BC");
-
-        try
-        {
-            kpGen.generateKeyPair();
-            fail("no exception");
-        }
-        catch (IllegalStateException e)
-        {
-            isEquals("generator not correctly initialized", e.getMessage());
-        }
-
-        try
-        {
-            kpGen.initialize(new EdDSAParameterSpec(EdDSAParameterSpec.Ed448));
-            fail("no exception");
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            isEquals("parameterSpec for wrong curve type", e.getMessage());
-        }
-
-        try
-        {
-            kpGen.initialize(1024);
-            fail("no exception");
-        }
-        catch (InvalidParameterException e)
-        {
-            isEquals("unknown key size", e.getMessage());
-        }
-        
-        try
-        {
-            kpGen.initialize(new EdDSAParameterSpec(EdDSAParameterSpec.Ed448));
-            fail("no exception");
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            isEquals("parameterSpec for wrong curve type", e.getMessage());
-        }
-
-        try
-        {
-            new XDHParameterSpec(EdDSAParameterSpec.Ed448);
-        }
-        catch (IllegalArgumentException e)
-        {
-            isEquals("unrecognized curve name: Ed448", e.getMessage());
-        }
-    }
-
-    private void eddsaGeneratorTest()
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("EdDSA", "BC");
-
-        kpGen.initialize(new EdDSAParameterSpec(EdDSAParameterSpec.Ed448));
-
-        KeyPair kp = kpGen.generateKeyPair();
-
-        isTrue("Ed448".equals(kp.getPublic().getAlgorithm()));
-
-        kpGen.initialize(new EdDSAParameterSpec(EdDSAParameterSpec.Ed448));
-
-        kp = kpGen.generateKeyPair();
-
-        isTrue("Ed448".equals(kp.getPublic().getAlgorithm()));
-
-        kpGen.initialize(448);
-
-        kp = kpGen.generateKeyPair();
-
-        isTrue("Ed448".equals(kp.getPublic().getAlgorithm()));
-
-        kpGen = KeyPairGenerator.getInstance("EdDSA", "BC");
-
-        kpGen.initialize(new EdDSAParameterSpec(EdDSAParameterSpec.Ed25519));
-
-        kp = kpGen.generateKeyPair();
-
-        isTrue("Ed25519".equals(kp.getPublic().getAlgorithm()));
-
-        kpGen.initialize(new ECGenParameterSpec(EdDSAParameterSpec.Ed25519));
-
-        kp = kpGen.generateKeyPair();
-
-        isTrue("Ed25519".equals(kp.getPublic().getAlgorithm()));
-
-        kpGen.initialize(256);
-
-        kp = kpGen.generateKeyPair();
-
-        isTrue("Ed25519".equals(kp.getPublic().getAlgorithm()));
-
-        kpGen.initialize(255);
-
-        kp = kpGen.generateKeyPair();
-
-        isTrue("Ed25519".equals(kp.getPublic().getAlgorithm()));
-
-        kpGen = KeyPairGenerator.getInstance("EdDSA", "BC");
-
-        try
-        {
-            kpGen.generateKeyPair();
-            fail("no exception");
-        }
-        catch (IllegalStateException e)
-        {
-            isEquals("generator not correctly initialized", e.getMessage());
-        }
-
-        try
-        {
-            kpGen.initialize(new XDHParameterSpec(XDHParameterSpec.X448));
-            fail("no exception");
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            isEquals("parameterSpec for wrong curve type", e.getMessage());
-        }
-
-        try
-        {
-            kpGen.initialize(new XDHParameterSpec(XDHParameterSpec.X25519));
-            fail("no exception");
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            isEquals("parameterSpec for wrong curve type", e.getMessage());
-        }
-
-        try
-        {
-            kpGen.initialize(1024);
-            fail("no exception");
-        }
-        catch (InvalidParameterException e)
-        {
-            isEquals("unknown key size", e.getMessage());
-        }
-
-        try
-        {
-            new EdDSAParameterSpec(XDHParameterSpec.X448);
-        }
-        catch (IllegalArgumentException e)
-        {
-            isEquals("unrecognized curve name: X448", e.getMessage());
-        }
-    }
-
-    private void checkEquals(String algorithm, Key ka, Key kb)
-    {
-        isEquals(algorithm + " check equals", ka, kb);
-        isEquals(algorithm + " check hashCode", ka.hashCode(), kb.hashCode());
-    }
-
-    private void serializationTest(String algorithm, Key key)
-        throws IOException, ClassNotFoundException
-    {
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        ObjectOutputStream oOut = new ObjectOutputStream(bOut);
-
-        oOut.writeObject(key);
-        oOut.close();
-
-        ObjectInputStream oIn = new ObjectInputStream(new ByteArrayInputStream(bOut.toByteArray()));
-
-        Key rk = (Key)oIn.readObject();
-
-        checkEquals(algorithm, key, rk);
-    }
-
-    private void x448AgreementTest()
-        throws Exception
-    {
-        agreementTest("X448");
-    }
-
-    private void x25519AgreementTest()
-        throws Exception
-    {
-        agreementTest("X25519");
-    }
-
-    private void x448withCKDFTest()
-        throws Exception
-    {
-        agreementTest("X448withSHA256CKDF", new UserKeyingMaterialSpec(Hex.decode("beeffeed")));
-        agreementTest("X448withSHA384CKDF", new UserKeyingMaterialSpec(Hex.decode("beeffeed")));
-        agreementTest("X448withSHA512CKDF", new UserKeyingMaterialSpec(Hex.decode("beeffeed")));
-    }
-
-    private void x25519withCKDFTest()
-        throws Exception
-    {
-        agreementTest("X25519withSHA256CKDF", new UserKeyingMaterialSpec(Hex.decode("beeffeed")));
-        agreementTest("X25519withSHA384CKDF", new UserKeyingMaterialSpec(Hex.decode("beeffeed")));
-        agreementTest("X25519withSHA512CKDF", new UserKeyingMaterialSpec(Hex.decode("beeffeed")));
-    }
-
-    private void x448withKDFTest()
-        throws Exception
-    {
-        agreementTest("X448withSHA512KDF", new UserKeyingMaterialSpec(Hex.decode("beeffeed")));
-    }
-
-    private void x25519withKDFTest()
-        throws Exception
-    {
-        agreementTest("X25519withSHA256KDF", new UserKeyingMaterialSpec(Hex.decode("beeffeed")));
-    }
-
-    private void ed448SignatureTest()
-        throws Exception
-    {
-        signatureTest("Ed448");
-    }
-
-    private void ed25519SignatureTest()
-        throws Exception
-    {
-        signatureTest("Ed25519");
-    }
-
-    private void agreementTest(String algorithm)
-        throws Exception
-    {
-        agreementTest(algorithm, null);
-    }
-
-    private void agreementTest(String algorithm, AlgorithmParameterSpec spec)
-        throws Exception
-    {
-        KeyAgreement keyAgreement = KeyAgreement.getInstance(algorithm, "BC");
-
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance(
-            algorithm.startsWith("X448") ? "X448" : "X25519", "BC");
-
-        KeyPair kp1 = kpGen.generateKeyPair();
-        KeyPair kp2 = kpGen.generateKeyPair();
-
-        keyAgreement.init(kp1.getPrivate());
-
-        keyAgreement.doPhase(kp2.getPublic(), true);
-
-        byte[] sec1 = keyAgreement.generateSecret();
-
-        keyAgreement.init(kp2.getPrivate());
-
-        keyAgreement.doPhase(kp1.getPublic(), true);
-
-        byte[] sec2 = keyAgreement.generateSecret();
-
-        isTrue(areEqual(sec1, sec2));
-
-        if (spec != null)
-        {
-            keyAgreement.init(kp1.getPrivate(), spec);
-
-            keyAgreement.doPhase(kp2.getPublic(), true);
-
-            byte[] sec3 = keyAgreement.generateSecret();
-
-            keyAgreement.init(kp2.getPrivate(), spec);
-
-            keyAgreement.doPhase(kp1.getPublic(), true);
-
-            byte[] sec4 = keyAgreement.generateSecret();
-
-            isTrue(areEqual(sec3, sec4));
-            isTrue(!areEqual(sec1, sec4));
-        }
-    }
-
-    private void x448UwithKDFTest()
-        throws Exception
-    {
-        unifiedAgreementTest("X448UwithSHA512KDF");
-    }
-
-    private void x25519UwithKDFTest()
-        throws Exception
-    {
-        unifiedAgreementTest("X25519UwithSHA256KDF");
-    }
-
-    private void unifiedAgreementTest(String algorithm)
-        throws Exception
-    {
-        KeyAgreement keyAgreement = KeyAgreement.getInstance(algorithm, "BC");
-
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance(
-            algorithm.startsWith("X448") ? "X448" : "X25519", "BC");
-
-        KeyPair aKp1 = kpGen.generateKeyPair();
-        KeyPair aKp2 = kpGen.generateKeyPair();
-
-        KeyPair bKp1 = kpGen.generateKeyPair();
-        KeyPair bKp2 = kpGen.generateKeyPair();
-
-        keyAgreement.init(aKp1.getPrivate(), new DHUParameterSpec(aKp2, bKp2.getPublic(), Hex.decode("beeffeed")));
-
-        keyAgreement.doPhase(bKp1.getPublic(), true);
-
-        byte[] sec1 = keyAgreement.generateSecret();
-
-        keyAgreement.init(bKp1.getPrivate(), new DHUParameterSpec(aKp2, bKp2.getPublic(), Hex.decode("beeffeed")));
-
-        keyAgreement.doPhase(aKp1.getPublic(), true);
-
-        byte[] sec2 = keyAgreement.generateSecret();
-
-        isTrue(areEqual(sec1, sec2));
-
-        keyAgreement.init(bKp1.getPrivate(), new DHUParameterSpec(aKp2, bKp2.getPublic(), Hex.decode("feed")));
-
-        keyAgreement.doPhase(aKp1.getPublic(), true);
-
-        byte[] sec3 = keyAgreement.generateSecret();
-
-        isTrue(!areEqual(sec1, sec3));
-    }
-
-    private void signatureTest(String algorithm)
-        throws Exception
-    {
-        byte[] msg = Strings.toByteArray("Hello, world!");
-        Signature signature = Signature.getInstance(algorithm, "BC");
-
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance(algorithm, "BC");
-
-        KeyPair kp = kpGen.generateKeyPair();
-
-        signature.initSign(kp.getPrivate());
-
-        signature.update(msg);
-
-        byte[] sig = signature.sign();
-
-        signature.initVerify(kp.getPublic());
-
-        signature.update(msg);
-
-        isTrue(signature.verify(sig));
-
-        // try with random - should be ignored
-
-        signature.initSign(kp.getPrivate(), new SecureRandom());
-
-        signature.update(msg);
-
-        sig = signature.sign();
-
-        signature.initVerify(kp.getPublic());
-
-        signature.update(msg);
-
-        isTrue(signature.verify(sig));
-    }
-
-    public static void main(
-        String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new EdECTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/ElGamalTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/ElGamalTest.java
deleted file mode 100644
index 06f6930..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/ElGamalTest.java
+++ /dev/null

@@ -1,534 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.math.BigInteger;
-import java.security.AlgorithmParameterGenerator;
-import java.security.AlgorithmParameters;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-import java.util.HashSet;
-
-import javax.crypto.Cipher;
-import javax.crypto.interfaces.DHPrivateKey;
-import javax.crypto.interfaces.DHPublicKey;
-import javax.crypto.spec.DHParameterSpec;
-
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class ElGamalTest
-    extends SimpleTest
-{
-    private BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16);
-    private BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16);
-
-    private BigInteger g768 = new BigInteger("7c240073c1316c621df461b71ebb0cdcc90a6e5527e5e126633d131f87461c4dc4afc60c2cb0f053b6758871489a69613e2a8b4c8acde23954c08c81cbd36132cfd64d69e4ed9f8e51ed6e516297206672d5c0a69135df0a5dcf010d289a9ca1", 16);
-    private BigInteger p768 = new BigInteger("8c9dd223debed1b80103b8b309715be009d48860ed5ae9b9d5d8159508efd802e3ad4501a7f7e1cfec78844489148cd72da24b21eddd01aa624291c48393e277cfc529e37075eccef957f3616f962d15b44aeab4039d01b817fde9eaa12fd73f", 16);
-
-    private BigInteger  g1024 = new BigInteger("1db17639cdf96bc4eabba19454f0b7e5bd4e14862889a725c96eb61048dcd676ceb303d586e30f060dbafd8a571a39c4d823982117da5cc4e0f89c77388b7a08896362429b94a18a327604eb7ff227bffbc83459ade299e57b5f77b50fb045250934938efa145511166e3197373e1b5b1e52de713eb49792bedde722c6717abf", 16);
-    private BigInteger  p1024 = new BigInteger("a00e283b3c624e5b2b4d9fbc2653b5185d99499b00fd1bf244c6f0bb817b4d1c451b2958d62a0f8a38caef059fb5ecd25d75ed9af403f5b5bdab97a642902f824e3c13789fed95fa106ddfe0ff4a707c85e2eb77d49e68f2808bcea18ce128b178cd287c6bc00efa9a1ad2a673fe0dceace53166f75b81d6709d5f8af7c66bb7", 16);
-
-    public String getName()
-    {
-        return "ElGamal";
-    }
-
-    private void testGP(
-        int         size,
-        int         privateValueSize,
-        BigInteger  g,
-        BigInteger  p)
-        throws Exception
-    {
-        DHParameterSpec  elParams = new DHParameterSpec(p, g, privateValueSize);
-        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("ElGamal", "BC");
-        byte[]           in = "This is a test".getBytes();
-
-        keyGen.initialize(elParams);
-        
-        KeyPair         keyPair = keyGen.generateKeyPair();
-        SecureRandom    rand = new SecureRandom();
-
-        checkKeySize(privateValueSize, keyPair);
-
-        Cipher  cipher = Cipher.getInstance("ElGamal", "BC");
-        
-        cipher.init(Cipher.ENCRYPT_MODE, keyPair.getPublic(), rand);
-        
-        if (cipher.getOutputSize(in.length) != (size / 8) * 2)
-        {
-            fail("getOutputSize wrong on encryption");
-        }
-
-        byte[]  out = cipher.doFinal(in);
-        
-        cipher.init(Cipher.DECRYPT_MODE, keyPair.getPrivate());
-        
-        if (cipher.getOutputSize(out.length) != (size / 8) - 1)
-        {
-            fail("getOutputSize wrong on decryption");
-        }
-        
-        //
-        // No Padding - maximum length
-        //
-        byte[]  modBytes = ((DHPublicKey)keyPair.getPublic()).getParams().getP().toByteArray();
-        byte[]  maxInput = new byte[modBytes.length - 1];
-
-        maxInput[0] |= 0x7f;
-
-        cipher.init(Cipher.ENCRYPT_MODE, keyPair.getPublic(), rand);
-
-        out = cipher.doFinal(maxInput);
-
-        cipher.init(Cipher.DECRYPT_MODE, keyPair.getPrivate());
-
-        out = cipher.doFinal(out);
-
-        if (!areEqual(out, maxInput))
-        {
-            fail("NoPadding test failed on decrypt expected " + new String(Hex.encode(maxInput)) + " got " + new String(Hex.encode(out)));
-        }
-
-        //
-        // encrypt/decrypt
-        //
-
-        Cipher  c1 = Cipher.getInstance("ElGamal", "BC");
-        Cipher  c2 = Cipher.getInstance("ElGamal", "BC");
-
-        c1.init(Cipher.ENCRYPT_MODE, keyPair.getPublic(), rand);
-
-        byte[]  out1 = c1.doFinal(in);
-
-        c2.init(Cipher.DECRYPT_MODE, keyPair.getPrivate());
-
-        byte[]  out2 = c2.doFinal(out1);
-
-        if (!areEqual(in, out2))
-        {
-            fail(size + " encrypt test failed");
-        }
-        
-        //
-        // encrypt/decrypt with update
-        //
-        int outLen = c1.update(in, 0, 2, out1, 0);
-        
-        outLen += c1.doFinal(in, 2, in.length - 2, out1, outLen);
-
-        out2 = new byte[c2.getOutputSize(out1.length)];
-
-        outLen = c2.update(out1, 0, 2, out2, 0);
-        
-        outLen += c2.doFinal(out1, 2, out1.length - 2, out2, outLen);
-
-        if (!areEqual(in, Arrays.copyOfRange(out2, 0, outLen)))
-        {
-            fail(size + " encrypt with update test failed");
-        }
-
-        //
-        // public key encoding test
-        //
-        byte[]                  pubEnc = keyPair.getPublic().getEncoded();
-        KeyFactory              keyFac = KeyFactory.getInstance("ElGamal", "BC");
-        X509EncodedKeySpec      pubX509 = new X509EncodedKeySpec(pubEnc);
-        DHPublicKey             pubKey = (DHPublicKey)keyFac.generatePublic(pubX509);
-        DHParameterSpec         spec = pubKey.getParams();
-
-        if (!spec.getG().equals(elParams.getG()) || !spec.getP().equals(elParams.getP()))
-        {
-            fail(size + " bit public key encoding/decoding test failed on parameters");
-        }
-
-        if (!((DHPublicKey)keyPair.getPublic()).getY().equals(pubKey.getY()))
-        {
-            fail(size + " bit public key encoding/decoding test failed on y value");
-        }
-
-        //
-        // public key serialisation test
-        //
-        pubKey = (DHPublicKey)serializeDeserialize(keyPair.getPublic());
-        spec = pubKey.getParams();
-
-        if (!spec.getG().equals(elParams.getG()) || !spec.getP().equals(elParams.getP()))
-        {
-            fail(size + " bit public key serialisation test failed on parameters");
-        }
-
-        if (!((DHPublicKey)keyPair.getPublic()).getY().equals(pubKey.getY()))
-        {
-            fail(size + " bit public key serialisation test failed on y value");
-        }
-
-        if (!keyPair.getPublic().equals(pubKey))
-        {
-            fail("equals test failed");
-        }
-
-        if (keyPair.getPublic().hashCode() != pubKey.hashCode())
-        {
-            fail("hashCode test failed");
-        }
-
-        //
-        // private key encoding test
-        //
-        byte[]              privEnc = keyPair.getPrivate().getEncoded();
-        PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc);
-        DHPrivateKey        privKey = (DHPrivateKey)keyFac.generatePrivate(privPKCS8);
-
-        spec = privKey.getParams();
-
-        if (!spec.getG().equals(elParams.getG()) || !spec.getP().equals(elParams.getP()))
-        {
-            fail(size + " bit private key encoding/decoding test failed on parameters");
-        }
-
-        if (!((DHPrivateKey)keyPair.getPrivate()).getX().equals(privKey.getX()))
-        {
-            fail(size + " bit private key encoding/decoding test failed on y value");
-        }
-
-        //
-        // private key serialisation test
-        //
-        privKey = (DHPrivateKey)serializeDeserialize(keyPair.getPrivate());
-        spec = privKey.getParams();
-
-        if (!spec.getG().equals(elParams.getG()) || !spec.getP().equals(elParams.getP()))
-        {
-            fail(size + " bit private key serialisation test failed on parameters");
-        }
-
-        if (!((DHPrivateKey)keyPair.getPrivate()).getX().equals(privKey.getX()))
-        {
-            fail(size + " bit private key serialisation test failed on y value");
-        }
-
-        if (!keyPair.getPrivate().equals(privKey))
-        {
-            fail("equals test failed");
-        }
-
-        if (keyPair.getPrivate().hashCode() != privKey.hashCode())
-        {
-            fail("hashCode test failed");
-        }
-
-        if (!(privKey instanceof PKCS12BagAttributeCarrier))
-        {
-            fail("private key not implementing PKCS12 attribute carrier");
-        }
-    }
-
-    private Object serializeDeserialize(Object o)
-        throws Exception
-    {
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        ObjectOutputStream oOut = new ObjectOutputStream(bOut);
-
-        oOut.writeObject(o);
-        oOut.close();
-
-        ObjectInputStream oIn = new ObjectInputStream(new ByteArrayInputStream(bOut.toByteArray()));
-
-        return oIn.readObject();
-    }
-
-    private void checkKeySize(int privateValueSize, KeyPair aKeyPair)
-    {
-        if (privateValueSize != 0)
-        {
-            DHPrivateKey key = (DHPrivateKey)aKeyPair.getPrivate();
-
-            if (key.getX().bitLength() != privateValueSize)
-            {
-                fail("limited key check failed for key size " + privateValueSize);
-            }
-        }
-    }
-
-    private void testRandom(
-        int         size)
-        throws Exception
-    {
-        AlgorithmParameterGenerator a = AlgorithmParameterGenerator.getInstance("ElGamal", "BC");
-        a.init(size, new SecureRandom());
-        AlgorithmParameters params = a.generateParameters();
-
-        byte[] encodeParams = params.getEncoded();
-
-        AlgorithmParameters a2 = AlgorithmParameters.getInstance("ElGamal", "BC");
-        a2.init(encodeParams);
-
-        // a and a2 should be equivalent!
-        byte[] encodeParams_2 = a2.getEncoded();
-
-        if (!areEqual(encodeParams, encodeParams_2))
-        {
-            fail(this.getName() + ": encode/decode parameters failed");
-        }
-
-        DHParameterSpec elP = (DHParameterSpec)params.getParameterSpec(DHParameterSpec.class);
-
-        testGP(size, 0, elP.getG(), elP.getP());
-    }
-
-    private void testDefault(
-        int         privateValueSize,
-        BigInteger  g,
-        BigInteger  p)
-        throws Exception
-    {
-        DHParameterSpec  elParams = new DHParameterSpec(p, g, privateValueSize);
-        int              size = p.bitLength();
-
-        new BouncyCastleProvider().setParameter(ConfigurableProvider.DH_DEFAULT_PARAMS, elParams);
-
-        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("ElGamal", "BC");
-        byte[]           in = "This is a test".getBytes();
-
-        keyGen.initialize(p.bitLength());
-
-        KeyPair         keyPair = keyGen.generateKeyPair();
-
-        new BouncyCastleProvider().setParameter(ConfigurableProvider.DH_DEFAULT_PARAMS, elParams);
-
-        SecureRandom    rand = new SecureRandom();
-
-        checkKeySize(privateValueSize, keyPair);
-
-        Cipher  cipher = Cipher.getInstance("ElGamal", "BC");
-
-        cipher.init(Cipher.ENCRYPT_MODE, keyPair.getPublic(), rand);
-
-        if (cipher.getOutputSize(in.length) != (size / 8) * 2)
-        {
-            fail("getOutputSize wrong on encryption");
-        }
-
-        byte[]  out = cipher.doFinal(in);
-
-        cipher.init(Cipher.DECRYPT_MODE, keyPair.getPrivate());
-
-        if (cipher.getOutputSize(out.length) != (size / 8) - 1)
-        {
-            fail("getOutputSize wrong on decryption");
-        }
-
-        //
-        // No Padding - maximum length
-        //
-        byte[]  modBytes = ((DHPublicKey)keyPair.getPublic()).getParams().getP().toByteArray();
-        byte[]  maxInput = new byte[modBytes.length - 1];
-
-        maxInput[0] |= 0x7f;
-
-        cipher.init(Cipher.ENCRYPT_MODE, keyPair.getPublic(), rand);
-
-        out = cipher.doFinal(maxInput);
-
-        cipher.init(Cipher.DECRYPT_MODE, keyPair.getPrivate());
-
-        out = cipher.doFinal(out);
-
-        if (!areEqual(out, maxInput))
-        {
-            fail("NoPadding test failed on decrypt expected " + new String(Hex.encode(maxInput)) + " got " + new String(Hex.encode(out)));
-        }
-
-        //
-        // encrypt/decrypt
-        //
-
-        Cipher  c1 = Cipher.getInstance("ElGamal", "BC");
-        Cipher  c2 = Cipher.getInstance("ElGamal", "BC");
-
-        c1.init(Cipher.ENCRYPT_MODE, keyPair.getPublic(), rand);
-
-        byte[]  out1 = c1.doFinal(in);
-
-        c2.init(Cipher.DECRYPT_MODE, keyPair.getPrivate());
-
-        byte[]  out2 = c2.doFinal(out1);
-
-        if (!areEqual(in, out2))
-        {
-            fail(size + " encrypt test failed");
-        }
-
-        //
-        // encrypt/decrypt with update
-        //
-        int outLen = c1.update(in, 0, 2, out1, 0);
-
-        outLen += c1.doFinal(in, 2, in.length - 2, out1, outLen);
-
-        out2 = new byte[c2.getOutputSize(out1.length)];
-
-        outLen = c2.update(out1, 0, 2, out2, 0);
-
-        outLen += c2.doFinal(out1, 2, out1.length - 2, out2, outLen);
-
-        if (!areEqual(in, Arrays.copyOfRange(out2, 0, outLen)))
-        {
-            fail(size + " encrypt with update test failed");
-        }
-
-        //
-        // public key encoding test
-        //
-        byte[]                  pubEnc = keyPair.getPublic().getEncoded();
-        KeyFactory              keyFac = KeyFactory.getInstance("ElGamal", "BC");
-        X509EncodedKeySpec      pubX509 = new X509EncodedKeySpec(pubEnc);
-        DHPublicKey             pubKey = (DHPublicKey)keyFac.generatePublic(pubX509);
-        DHParameterSpec         spec = pubKey.getParams();
-
-        if (!spec.getG().equals(elParams.getG()) || !spec.getP().equals(elParams.getP()))
-        {
-            fail(size + " bit public key encoding/decoding test failed on parameters");
-        }
-
-        if (!((DHPublicKey)keyPair.getPublic()).getY().equals(pubKey.getY()))
-        {
-            fail(size + " bit public key encoding/decoding test failed on y value");
-        }
-
-        //
-        // public key serialisation test
-        //
-        ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
-        ObjectOutputStream      oOut = new ObjectOutputStream(bOut);
-
-        oOut.writeObject(keyPair.getPublic());
-
-        ByteArrayInputStream   bIn = new ByteArrayInputStream(bOut.toByteArray());
-        ObjectInputStream      oIn = new ObjectInputStream(bIn);
-
-        pubKey = (DHPublicKey)oIn.readObject();
-        spec = pubKey.getParams();
-
-        if (!spec.getG().equals(elParams.getG()) || !spec.getP().equals(elParams.getP()))
-        {
-            fail(size + " bit public key serialisation test failed on parameters");
-        }
-
-        if (!((DHPublicKey)keyPair.getPublic()).getY().equals(pubKey.getY()))
-        {
-            fail(size + " bit public key serialisation test failed on y value");
-        }
-
-        //
-        // private key encoding test
-        //
-        byte[]              privEnc = keyPair.getPrivate().getEncoded();
-        PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc);
-        DHPrivateKey        privKey = (DHPrivateKey)keyFac.generatePrivate(privPKCS8);
-
-        spec = privKey.getParams();
-
-        if (!spec.getG().equals(elParams.getG()) || !spec.getP().equals(elParams.getP()))
-        {
-            fail(size + " bit private key encoding/decoding test failed on parameters");
-        }
-
-        if (!((DHPrivateKey)keyPair.getPrivate()).getX().equals(privKey.getX()))
-        {
-            fail(size + " bit private key encoding/decoding test failed on y value");
-        }
-
-        //
-        // private key serialisation test
-        //
-        bOut = new ByteArrayOutputStream();
-        oOut = new ObjectOutputStream(bOut);
-
-        oOut.writeObject(keyPair.getPrivate());
-
-        bIn = new ByteArrayInputStream(bOut.toByteArray());
-        oIn = new ObjectInputStream(bIn);
-
-        privKey = (DHPrivateKey)oIn.readObject();
-        spec = privKey.getParams();
-
-        if (!spec.getG().equals(elParams.getG()) || !spec.getP().equals(elParams.getP()))
-        {
-            fail(size + " bit private key serialisation test failed on parameters");
-        }
-
-        if (!((DHPrivateKey)keyPair.getPrivate()).getX().equals(privKey.getX()))
-        {
-            fail(size + " bit private key serialisation test failed on y value");
-        }
-    }
-
-    public void testGetExceptionsPKCS1()
-        throws Exception
-    {
-        SecureRandom rand = new SecureRandom();
-        KeyPairGenerator keygen = KeyPairGenerator.getInstance("ELGAMAL", "BC");
-        keygen.initialize(new DHParameterSpec(p1024, g1024), rand);
-        KeyPair keypair = keygen.genKeyPair();
-
-        Cipher c = Cipher.getInstance("ELGAMAL/ECB/PKCS1Padding", "BC");
-        byte[] ciphertext = new byte[1024 / 8];
-        HashSet<String> exceptions = new HashSet<String>();
-        final int SAMPLES = 1000;
-        for (int i = 0; i < SAMPLES; i++)
-        {
-            rand.nextBytes(ciphertext);
-            ciphertext[0] = (byte)0;
-            try
-            {
-                c.init(Cipher.DECRYPT_MODE, keypair.getPrivate());
-                c.doFinal(ciphertext);
-            }
-            catch (Exception ex)
-            {
-                String message = ex.toString();
-                exceptions.add(message);
-            }
-        }
-        isTrue("exception count wrong", 1 == exceptions.size());
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        testDefault(64, g512, p512);
-
-        testGP(512, 0, g512, p512);
-        testGP(768, 0, g768, p768);
-        testGP(1024, 0, g1024, p1024);
-
-        testGP(512, 64, g512, p512);
-        testGP(768, 128, g768, p768);
-        testGP(1024, 256, g1024, p1024);
-
-        testRandom(256);
-        testGetExceptionsPKCS1();
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new ElGamalTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/EncryptedPrivateKeyInfoTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/EncryptedPrivateKeyInfoTest.java
deleted file mode 100644
index da6811c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/EncryptedPrivateKeyInfoTest.java
+++ /dev/null

@@ -1,199 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.security.AlgorithmParameters;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.MessageDigest;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.spec.PKCS8EncodedKeySpec;
-
-import javax.crypto.Cipher;
-import javax.crypto.EncryptedPrivateKeyInfo;
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.PBEKeySpec;
-import javax.crypto.spec.PBEParameterSpec;
-
-import org.bouncycastle.jcajce.PKCS12KeyWithParameters;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-public class EncryptedPrivateKeyInfoTest
-    extends SimpleTest
-{
-    String  alg = "1.2.840.113549.1.12.1.3"; // 3 key triple DES with SHA-1
-
-    public void performTest()
-        throws Exception
-    {
-        doTestWithExplicitIV();
-
-            KeyPairGenerator fact = KeyPairGenerator.getInstance("RSA", "BC");
-            fact.initialize(512, new SecureRandom());
-
-            KeyPair keyPair = fact.generateKeyPair();
-
-            PrivateKey  priKey = keyPair.getPrivate();
-            PublicKey   pubKey = keyPair.getPublic();
-
-            //
-            // set up the parameters
-            //
-            byte[]              salt = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 };
-            int                 iterationCount = 100;
-            PBEParameterSpec    defParams = new PBEParameterSpec(salt, iterationCount);
-
-            AlgorithmParameters params = AlgorithmParameters.getInstance(alg, "BC");
-
-            params.init(defParams);
-
-            //
-            // set up the key
-            //
-            char[]  password1 = { 'h', 'e', 'l', 'l', 'o' };
-
-            PBEKeySpec          pbeSpec = new PBEKeySpec(password1);
-            SecretKeyFactory    keyFact = SecretKeyFactory.getInstance(alg, "BC");
-            Cipher cipher = Cipher.getInstance(alg, "BC");
-
-            cipher.init(Cipher.WRAP_MODE, keyFact.generateSecret(pbeSpec), params);
-
-            byte[] wrappedKey = cipher.wrap(priKey);
-
-            //
-            // create encrypted object
-            //
-
-            EncryptedPrivateKeyInfo pInfo = new EncryptedPrivateKeyInfo(params, wrappedKey);
-
-            //
-            // decryption step
-            //
-            char[]  password2 = { 'h', 'e', 'l', 'l', 'o' };
-
-            pbeSpec = new PBEKeySpec(password2);
-
-            cipher = Cipher.getInstance(pInfo.getAlgName(), "BC");
-
-            cipher.init(Cipher.DECRYPT_MODE, keyFact.generateSecret(pbeSpec), pInfo.getAlgParameters());
-
-            PKCS8EncodedKeySpec keySpec = pInfo.getKeySpec(cipher);
-
-            if (!MessageDigest.isEqual(priKey.getEncoded(), keySpec.getEncoded()))
-            {
-                fail("Private key does not match");
-            }
-
-            //
-            // using Cipher parameters test
-            //
-            pbeSpec = new PBEKeySpec(password1);
-            keyFact = SecretKeyFactory.getInstance(alg, "BC");
-            cipher = Cipher.getInstance(alg, "BC");
-
-            cipher.init(Cipher.WRAP_MODE, keyFact.generateSecret(pbeSpec), params);
-
-            wrappedKey = cipher.wrap(priKey);
-
-            //
-            // create encrypted object
-            //
-
-            pInfo = new EncryptedPrivateKeyInfo(cipher.getParameters(), wrappedKey);
-
-            //
-            // decryption step
-            //
-            pbeSpec = new PBEKeySpec(password2);
-
-            cipher = Cipher.getInstance(pInfo.getAlgName(), "BC");
-
-            cipher.init(Cipher.DECRYPT_MODE, keyFact.generateSecret(pbeSpec), pInfo.getAlgParameters());
-
-            keySpec = pInfo.getKeySpec(cipher);
-
-            if (!MessageDigest.isEqual(priKey.getEncoded(), keySpec.getEncoded()))
-            {
-               fail("Private key does not match");
-            }
-    }
-
-    public void doTestWithExplicitIV()
-        throws Exception
-    {
-        KeyPairGenerator fact = KeyPairGenerator.getInstance("RSA", "BC");
-        fact.initialize(512, new SecureRandom());
-
-        KeyPair keyPair = fact.generateKeyPair();
-
-        PrivateKey  priKey = keyPair.getPrivate();
-        PublicKey   pubKey = keyPair.getPublic();
-
-        //
-        // set up the parameters
-        //
-        byte[]              salt = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10 };
-        int                 iterationCount = 100;
-        PBEParameterSpec    defParams = new PBEParameterSpec(salt, iterationCount);
-
-        AlgorithmParameters params = AlgorithmParameters.getInstance(alg, "BC");
-
-        params.init(defParams);
-
-        //
-        // set up the key
-        //
-        char[]  password1 = { 'h', 'e', 'l', 'l', 'o' };
-
-        Cipher              cipher = Cipher.getInstance(alg, "BC");
-
-        byte[] iv = { 1, 2, 3, 4, 5, 6, 7, 8 };
-
-        cipher.init(Cipher.WRAP_MODE, new PKCS12KeyWithParameters(password1, salt, iterationCount), new IvParameterSpec(iv));
-
-        byte[] wrappedKey = cipher.wrap(priKey);
-
-        //
-        // create encrypted object
-        //
-
-        EncryptedPrivateKeyInfo pInfo = new EncryptedPrivateKeyInfo(params, wrappedKey);
-
-        //
-        // decryption step
-        //
-        char[]  password2 = { 'h', 'e', 'l', 'l', 'o' };
-
-        cipher = Cipher.getInstance(pInfo.getAlgName(), "BC");
-
-        cipher.init(Cipher.DECRYPT_MODE, new PKCS12KeyWithParameters(password2, salt, iterationCount), new IvParameterSpec(iv));
-
-        PKCS8EncodedKeySpec keySpec = pInfo.getKeySpec(cipher);
-
-        if (!MessageDigest.isEqual(priKey.getEncoded(), keySpec.getEncoded()))
-        {
-            fail("Private key does not match");
-        }
-    }
-
-    public String getName()
-    {
-        return "EncryptedPrivateKeyInfoTest";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        Test            test = new EncryptedPrivateKeyInfoTest();
-        TestResult      result = test.perform();
-
-        System.out.println(result.toString());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/FIPSDESTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/FIPSDESTest.java
deleted file mode 100644
index 5a59987..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/FIPSDESTest.java
+++ /dev/null

@@ -1,229 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.DataInputStream;
-import java.io.IOException;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.Key;
-import java.security.KeyException;
-import java.security.Security;
-
-import javax.crypto.Cipher;
-import javax.crypto.CipherInputStream;
-import javax.crypto.CipherOutputStream;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-/**
- * basic FIPS test class for a block cipher, just to make sure ECB/CBC/OFB/CFB are behaving
- * correctly. Tests from <a href=http://www.itl.nist.gov/fipspubs/fip81.htm>FIPS 81</a>.
- */
-public class FIPSDESTest
-    implements Test
-{
-    static String[] fips1Tests =
-    {
-        "DES/ECB/NoPadding",
-        "3fa40e8a984d48156a271787ab8883f9893d51ec4b563b53",
-        "DES/CBC/NoPadding",
-        "e5c7cdde872bf27c43e934008c389c0f683788499a7c05f6",
-        "DES/CFB/NoPadding",
-        "f3096249c7f46e51a69e839b1a92f78403467133898ea622"
-    };
-
-    static String[] fips2Tests =
-    {
-        "DES/CFB8/NoPadding",
-        "f31fda07011462ee187f",
-        "DES/OFB8/NoPadding",
-        "f34a2850c9c64985d684"
-    };
-
-    static byte[]   input1 = Hex.decode("4e6f77206973207468652074696d6520666f7220616c6c20");
-    static byte[]   input2 = Hex.decode("4e6f7720697320746865");
-
-    public String getName()
-    {
-        return "FIPSDESTest";
-    }
-
-    private boolean equalArray(
-        byte[]  a,
-        byte[]  b)
-    {
-        if (a.length != b.length)
-        {
-            return false;
-        }
-
-        for (int i = 0; i != a.length; i++)
-        {
-            if (a[i] != b[i])
-            {
-                return false;
-            }
-        }
-
-        return true;
-    }
-
-    public TestResult test(
-        String      algorithm,
-        byte[]      input,
-        byte[]      output)
-    {
-        Key                     key;
-        Cipher                  in, out;
-        CipherInputStream       cIn;
-        CipherOutputStream      cOut;
-        ByteArrayInputStream    bIn;
-        ByteArrayOutputStream   bOut;
-        IvParameterSpec         spec = new IvParameterSpec(Hex.decode("1234567890abcdef"));
-
-        try
-        {
-            String  baseAlgorithm;
-
-            key = new SecretKeySpec(Hex.decode("0123456789abcdef"), "DES");
-
-            in = Cipher.getInstance(algorithm, "BC");
-            out = Cipher.getInstance(algorithm, "BC");
-
-            if (algorithm.startsWith("DES/ECB"))
-            {
-                out.init(Cipher.ENCRYPT_MODE, key);
-            }
-            else
-            {
-                out.init(Cipher.ENCRYPT_MODE, key, spec);
-            }
-        }
-        catch (Exception e)
-        {
-            return new SimpleTestResult(false, getName() + ": " + algorithm + " failed initialisation - " + e.toString(), e);
-        }
-
-        try
-        {
-            if (algorithm.startsWith("DES/ECB"))
-            {
-                in.init(Cipher.DECRYPT_MODE, key);
-            }
-            else
-            {
-                in.init(Cipher.DECRYPT_MODE, key, spec);
-            }
-        }
-        catch (Exception e)
-        {
-            return new SimpleTestResult(false, getName() + ": " + algorithm + " failed initialisation - " + e.toString(), e);
-        }
-
-        //
-        // encryption pass
-        //
-        bOut = new ByteArrayOutputStream();
-
-        cOut = new CipherOutputStream(bOut, out);
-
-        try
-        {
-            for (int i = 0; i != input.length / 2; i++)
-            {
-                cOut.write(input[i]);
-            }
-            cOut.write(input, input.length / 2, input.length - input.length / 2);
-            cOut.close();
-        }
-        catch (IOException e)
-        {
-            return new SimpleTestResult(false, getName() + ": " + algorithm + " failed encryption - " + e.toString());
-        }
-
-        byte[]    bytes;
-
-        bytes = bOut.toByteArray();
-
-        if (!equalArray(bytes, output))
-        {
-            return new SimpleTestResult(false, getName() + ": " + algorithm + " failed encryption - expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(bytes)));
-        }
-
-        //
-        // decryption pass
-        //
-        bIn = new ByteArrayInputStream(bytes);
-
-        cIn = new CipherInputStream(bIn, in);
-
-        try
-        {
-            DataInputStream dIn = new DataInputStream(cIn);
-
-            bytes = new byte[input.length];
-
-            for (int i = 0; i != input.length / 2; i++)
-            {
-                bytes[i] = (byte)dIn.read();
-            }
-            dIn.readFully(bytes, input.length / 2, bytes.length - input.length / 2);
-        }
-        catch (Exception e)
-        {
-            return new SimpleTestResult(false, getName() + ": " + algorithm + " failed encryption - " + e.toString());
-        }
-
-        if (!equalArray(bytes, input))
-        {
-            return new SimpleTestResult(false, getName() + ": " + algorithm + " failed decryption - expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(bytes)));
-        }
-
-        return new SimpleTestResult(true, getName() + ": " + algorithm + " Okay");
-    }
-
-    public TestResult perform()
-    {
-        for (int i = 0; i != fips1Tests.length; i += 2)
-        {
-            TestResult  result;
-
-            result = test(fips1Tests[i], input1, Hex.decode(fips1Tests[i + 1]));
-            if (!result.isSuccessful())
-            {
-                return result;
-            }
-        }
-
-        for (int i = 0; i != fips2Tests.length; i += 2)
-        {
-            TestResult  result;
-
-            result = test(fips2Tests[i], input2, Hex.decode(fips2Tests[i + 1]));
-            if (!result.isSuccessful())
-            {
-                return result;
-            }
-        }
-
-        return new SimpleTestResult(true, getName() + ": Okay");
-    }
-
-    public static void main(
-        String[]    args)
-        throws KeyException, InvalidAlgorithmParameterException
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        Test            test = new FIPSDESTest();
-        TestResult      result = test.perform();
-
-        System.out.println(result.toString());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/GMacTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/GMacTest.java
deleted file mode 100644
index 991ce0d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/GMacTest.java
+++ /dev/null

@@ -1,145 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.security.NoSuchAlgorithmException;
-import java.security.Security;
-import java.util.ArrayList;
-import java.util.List;
-
-import javax.crypto.Cipher;
-import javax.crypto.KeyGenerator;
-import javax.crypto.Mac;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestFailedException;
-
-public class GMacTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "GMac";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        checkRegistrations();
-    }
-
-    private void checkRegistrations()
-        throws Exception
-    {
-        List missingMacs = new ArrayList();
-        List missingKeyGens = new ArrayList();
-
-        String[] ciphers = new String[] { "AES", "NOEKEON", "Twofish", "CAST6", "SEED", "Tnepres", "Serpent", "SM4", "RC6", "CAMELLIA" };
-        String[] macs = new String[]
-            {
-                "a52308801b32d4770c701ace9b826f12",
-                "cf11dacaf6024a78dba76b256e23caab",
-                "13db7c428e5a7128149b5ec782d07fac",
-                "d13a33e78e48b274bf7d64bf9aecdb82",
-                "d05d550054735c6e7e01b6981fc14b4e",
-                "4a34dfe4f5410afd7c40b1e110377a73",
-                "80c3cc898899e41fd4e21c6c1261fedb",
-                "d394f3d12bec3cf6c5302265ecab9af1",
-                "d9f597c96b41f641da6c83d4760f543b",
-                "371ad8cc920c6bda2a26d8f237bd446b"
-            };
-
-        for (int i = 0; i < ciphers.length; i++)
-        {
-            String cipherName = ciphers[i];
-            Cipher cipher;
-            try
-            {
-                cipher = Cipher.getInstance(cipherName, "BC");
-            }
-            catch (Exception e)
-            {
-                System.err.println(cipherName + ": " + e.getMessage());
-                continue;
-            }
-            int blocksize;
-            try
-            {
-                blocksize = cipher.getBlockSize();
-            }
-            catch (Exception e)
-            {
-                System.err.println(cipherName + ": " + e.getMessage());
-                continue;
-            }
-            // GCM is defined over 128 bit block ciphers
-            if (blocksize == 16)
-            {
-                String macName = cipherName + "-GMAC";
-                String macNameAlt = cipherName + "GMAC";
-
-                // Check we have a GMAC registered for each name
-                checkMac(macName, missingMacs, missingKeyGens, macs[i]);
-                checkMac(macNameAlt, missingMacs, missingKeyGens, macs[i]);
-            }
-        }
-        if (missingMacs.size() != 0)
-        {
-            fail("Did not find GMAC registrations for the following ciphers: " + missingMacs);
-        }
-        if (missingKeyGens.size() != 0)
-        {
-            fail("Did not find GMAC KeyGenerator registrations for the following macs: " + missingKeyGens);
-        }
-    }
-
-    private void checkMac(String name, List missingMacs, List missingKeyGens, String macOutput)
-    {
-        try
-        {
-            Mac mac = Mac.getInstance(name);
-
-            mac.init(new SecretKeySpec(new byte[mac.getMacLength()], mac.getAlgorithm()), new IvParameterSpec(
-                new byte[16]));
-            mac.update(new byte[128]);
-            byte[] bytes = mac.doFinal();
-
-            if (!Arrays.areEqual(bytes, Hex.decode(macOutput)))
-            {
-                fail("wrong mac value computed for " + name + " " + Hex.toHexString(bytes));
-            }
-
-            try
-            {
-                KeyGenerator kg = KeyGenerator.getInstance(name);
-                kg.generateKey();
-            }
-            catch (NoSuchAlgorithmException e)
-            {
-                missingKeyGens.add(name);
-            }
-        }
-        catch (NoSuchAlgorithmException e)
-        {
-            missingMacs.add(name);
-        }
-        catch (TestFailedException e)
-        {
-            throw e;
-        }
-        catch (Exception e)
-        {
-            fail("Unexpected error", e);
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new GMacTest());
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/GOST28147Test.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/GOST28147Test.java
deleted file mode 100644
index 7323698..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/GOST28147Test.java
+++ /dev/null

@@ -1,260 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.DataInputStream;
-import java.security.Key;
-import java.security.Security;
-
-import javax.crypto.Cipher;
-import javax.crypto.CipherInputStream;
-import javax.crypto.CipherOutputStream;
-import javax.crypto.KeyGenerator;
-import javax.crypto.Mac;
-import javax.crypto.SecretKey;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * basic test class for the GOST28147 cipher
- */
-public class GOST28147Test
-    extends SimpleTest
-{
-    static String[] cipherTests =
-    {
-        "256",
-        "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
-        "4e6f77206973207468652074696d6520666f7220616c6c20",
-        "281630d0d5770030068c252d841e84149ccc1912052dbc02",
-
-        "256",
-        "0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef",
-        "4e6f77206973207468652074696d65208a920c6ed1a804f5",
-        "88e543dfc04dc4f764fa7b624741cec07de49b007bf36065"
-    };
-
-    public String getName()
-    {
-        return "GOST28147";
-    }
-
-    public void testECB(
-        int         strength,
-        byte[]      keyBytes,
-        byte[]      input,
-        byte[]      output)
-        throws Exception
-    {
-        Key                     key;
-        Cipher                  in, out;
-        CipherInputStream       cIn;
-        CipherOutputStream      cOut;
-        ByteArrayInputStream    bIn;
-        ByteArrayOutputStream   bOut;
-
-        key = new SecretKeySpec(keyBytes, "GOST28147");
-
-        in = Cipher.getInstance("GOST28147/ECB/NoPadding", "BC");
-        out = Cipher.getInstance("GOST28147/ECB/NoPadding", "BC");
-        out.init(Cipher.ENCRYPT_MODE, key);
-        in.init(Cipher.DECRYPT_MODE, key);
-
-        //
-        // encryption pass
-        //
-        bOut = new ByteArrayOutputStream();
-
-        cOut = new CipherOutputStream(bOut, out);
-
-        for (int i = 0; i != input.length / 2; i++)
-        {
-            cOut.write(input[i]);
-        }
-        cOut.write(input, input.length / 2, input.length - input.length / 2);
-        cOut.close();
-
-        byte[]    bytes;
-
-        bytes = bOut.toByteArray();
-
-        if (!areEqual(bytes, output))
-        {
-            fail("GOST28147 failed encryption - expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(bytes)));
-        }
-
-        //
-        // decryption pass
-        //
-        bIn = new ByteArrayInputStream(bytes);
-
-        cIn = new CipherInputStream(bIn, in);
-
-        DataInputStream dIn = new DataInputStream(cIn);
-
-        bytes = new byte[input.length];
-
-        for (int i = 0; i != input.length / 2; i++)
-        {
-            bytes[i] = (byte)dIn.read();
-        }
-        dIn.readFully(bytes, input.length / 2, bytes.length - input.length / 2);
-
-        if (!areEqual(bytes, input))
-        {
-            fail("GOST28147 failed decryption - expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(bytes)));
-        }
-    }
-
-    public void testCFB(
-        int         strength,
-        byte[]      keyBytes,
-        byte[]      input,
-        byte[]      output)
-        throws Exception
-    {
-        Key                     key;
-        Cipher                  in, out;
-        CipherInputStream       cIn;
-        CipherOutputStream      cOut;
-        ByteArrayInputStream    bIn;
-        ByteArrayOutputStream   bOut;
-
-        key = new SecretKeySpec(keyBytes, "GOST28147");
-
-        in = Cipher.getInstance("GOST28147/CFB8/NoPadding", "BC");
-        out = Cipher.getInstance("GOST28147/CFB8/NoPadding", "BC");
-        byte[] iv = {1,2,3,4,5,6,7,8};
-        
-        out.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(iv));
-        in.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(iv));
-
-        //
-        // encryption pass
-        //
-        bOut = new ByteArrayOutputStream();
-
-        cOut = new CipherOutputStream(bOut, out);
-
-        for (int i = 0; i != input.length / 2; i++)
-        {
-            cOut.write(input[i]);
-        }
-        cOut.write(input, input.length / 2, input.length - input.length / 2);
-        cOut.close();
-
-        byte[]    bytes;
-
-        bytes = bOut.toByteArray();
-
-        if (!areEqual(bytes, output))
-        {
-            fail("GOST28147 failed encryption - expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(bytes)));
-        }
-
-        //
-        // decryption pass
-        //
-        bIn = new ByteArrayInputStream(bytes);
-
-        cIn = new CipherInputStream(bIn, in);
-
-        DataInputStream dIn = new DataInputStream(cIn);
-
-        bytes = new byte[input.length];
-
-        for (int i = 0; i != input.length / 2; i++)
-        {
-            bytes[i] = (byte)dIn.read();
-        }
-        dIn.readFully(bytes, input.length / 2, bytes.length - input.length / 2);
-
-        if (!areEqual(bytes, input))
-        {
-            fail("GOST28147 failed decryption - expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(bytes)));
-        }
-    }
-
-    private void oidTest()
-    {
-        String[] oids = {
-                CryptoProObjectIdentifiers.gostR28147_gcfb.getId(),
-        };
-        
-        String[] names = {
-            "GOST28147/GCFB/NoPadding"
-        };
-        
-        try
-        {
-            
-            byte[]          data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16 };
-            IvParameterSpec ivSpec = new IvParameterSpec(new byte[8]);
-            
-            for (int i = 0; i != oids.length; i++)
-            {
-                Cipher c1 = Cipher.getInstance(oids[i], "BC");
-                Cipher c2 = Cipher.getInstance(names[i], "BC");
-                KeyGenerator kg = KeyGenerator.getInstance(oids[i], "BC");
-                
-                SecretKey k = kg.generateKey();
-                
-                c1.init(Cipher.ENCRYPT_MODE, k, ivSpec);
-                c2.init(Cipher.DECRYPT_MODE, k, ivSpec);
-
-                byte[] result = c2.doFinal(c1.doFinal(data));
-
-                if (!areEqual(data, result))
-                {
-                    fail("failed OID test");
-                }
-            }
-        }
-        catch (Exception ex)
-        {
-            fail("failed exception " + ex.toString(), ex);
-        }
-    }
-    
-        public void performTest() 
-            throws Exception
-        {
-            for (int i = 0; i != cipherTests.length; i += 8)
-            {
-                testECB(Integer.parseInt(cipherTests[i]),
-                                Hex.decode(cipherTests[i + 1]),
-                                Hex.decode(cipherTests[i + 2]),
-                                Hex.decode(cipherTests[i + 3]));
-
-                testCFB(Integer.parseInt(cipherTests[i + 4]),
-                                Hex.decode(cipherTests[i + 4 + 1]),
-                                Hex.decode(cipherTests[i + 4 + 2]),
-                                Hex.decode(cipherTests[i + 4 + 3]));
-
-                oidTest();
-            }
-
-            Mac mac = Mac.getInstance("GOST28147MAC", "BC");
-
-            mac.init(new SecretKeySpec(Hex.decode("0123456789abcdef0123456789abcdef0123456789abcdef0123456789abcdef"), "GOST28147"));
-
-            if (!Arrays.areEqual(Hex.decode("1b69996e"), mac.doFinal(Hex.decode("4e6f77206973207468652074696d6520666f7220616c6c20"))))
-            {
-                fail("mac test failed.");
-            }
-        }
-
-        public static void main(
-            String[]    args)
-        {
-            Security.addProvider(new BouncyCastleProvider());
-
-            runTest(new GOST28147Test());
-        }
-    }

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/GOST3410KeyPairTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/GOST3410KeyPairTest.java
deleted file mode 100644
index 7dda095..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/GOST3410KeyPairTest.java
+++ /dev/null

@@ -1,179 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.math.BigInteger;
-import java.security.InvalidKeyException;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.Security;
-import java.security.Signature;
-import java.security.spec.ECGenParameterSpec;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class GOST3410KeyPairTest
-    extends SimpleTest
-{
-    private void gost2012MismatchTest()
-        throws Exception
-    {
-        KeyPairGenerator keyPair = KeyPairGenerator.getInstance(
-            "ECGOST3410-2012", "BC");
-
-        keyPair.initialize(new ECGenParameterSpec("Tc26-Gost-3410-12-512-paramSetA"));
-
-        KeyPair kp = keyPair.generateKeyPair();
-
-        testWrong256(kp);
-
-        keyPair = KeyPairGenerator.getInstance(
-            "ECGOST3410-2012", "BC");
-
-        keyPair.initialize(new ECGenParameterSpec("Tc26-Gost-3410-12-512-paramSetB"));
-
-        kp = keyPair.generateKeyPair();
-
-        testWrong256(kp);
-
-        keyPair = KeyPairGenerator.getInstance(
-            "ECGOST3410-2012", "BC");
-
-        keyPair.initialize(new ECGenParameterSpec("Tc26-Gost-3410-12-512-paramSetC"));
-
-        kp = keyPair.generateKeyPair();
-
-        testWrong256(kp);
-
-        keyPair = KeyPairGenerator.getInstance(
-            "ECGOST3410-2012", "BC");
-
-        keyPair.initialize(new ECGenParameterSpec("Tc26-Gost-3410-12-256-paramSetA"));
-
-        kp = keyPair.generateKeyPair();
-
-        testWrong512(kp);
-    }
-
-    private void testWrong512(KeyPair kp)
-        throws NoSuchAlgorithmException, NoSuchProviderException
-    {
-        Signature sig;
-        sig = Signature.getInstance("ECGOST3410-2012-512", "BC");
-
-        try
-        {
-            sig.initSign(kp.getPrivate());
-
-            fail("no exception");
-        }
-        catch (InvalidKeyException e)
-        {
-            isEquals("key too weak for ECGOST-2012-512", e.getMessage());
-        }
-
-        try
-        {
-            sig.initVerify(kp.getPublic());
-            fail("no exception");
-        }
-        catch (InvalidKeyException e)
-        {
-            isEquals("key too weak for ECGOST-2012-512", e.getMessage());
-        }
-    }
-
-    private void testWrong256(KeyPair kp)
-        throws NoSuchAlgorithmException, NoSuchProviderException
-    {
-        Signature sig = Signature.getInstance("ECGOST3410-2012-256", "BC");
-
-        try
-        {
-            sig.initSign(kp.getPrivate());
-            fail("no exception");
-        }
-        catch (InvalidKeyException e)
-        {
-            isEquals("key out of range for ECGOST-2012-256", e.getMessage());
-        }
-
-        try
-        {
-            sig.initVerify(kp.getPublic());
-            fail("no exception");
-        }
-        catch (InvalidKeyException e)
-        {
-            isEquals("key out of range for ECGOST-2012-256", e.getMessage());
-        }
-    }
-
-    private BigInteger[] decode(
-        byte[] encoding)
-    {
-        byte[] r = new byte[32];
-        byte[] s = new byte[32];
-
-        System.arraycopy(encoding, 0, s, 0, 32);
-
-        System.arraycopy(encoding, 32, r, 0, 32);
-
-        BigInteger[] sig = new BigInteger[2];
-
-        sig[0] = new BigInteger(1, r);
-        sig[1] = new BigInteger(1, s);
-
-        return sig;
-    }
-
-    private Object serializeDeserialize(Object o)
-        throws Exception
-    {
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        ObjectOutputStream oOut = new ObjectOutputStream(bOut);
-
-        oOut.writeObject(o);
-        oOut.close();
-
-        ObjectInputStream oIn = new ObjectInputStream(new ByteArrayInputStream(bOut.toByteArray()));
-
-        return oIn.readObject();
-    }
-
-    public String getName()
-    {
-        return "GOST3410/ECGOST3410/ECGOST3410 2012";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        gost2012MismatchTest();
-    }
-
-    protected byte[] toByteArray(String input)
-    {
-        byte[] bytes = new byte[input.length()];
-
-        for (int i = 0; i != bytes.length; i++)
-        {
-            bytes[i] = (byte)input.charAt(i);
-        }
-
-        return bytes;
-    }
-
-    public static void main(
-        String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new GOST3410KeyPairTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/GOST3410Test.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/GOST3410Test.java
deleted file mode 100644
index e9e2d17..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/GOST3410Test.java
+++ /dev/null

@@ -1,923 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.math.BigInteger;
-import java.security.InvalidKeyException;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.KeyStore;
-import java.security.KeyStoreException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.Signature;
-import java.security.SignatureException;
-import java.security.UnrecoverableKeyException;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateException;
-import java.security.cert.X509Certificate;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-import java.util.Date;
-
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.crypto.params.ECPublicKeyParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.signers.ECGOST3410_2012Signer;
-import org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
-import org.bouncycastle.jce.X509Principal;
-import org.bouncycastle.jce.interfaces.ECPrivateKey;
-import org.bouncycastle.jce.interfaces.ECPublicKey;
-import org.bouncycastle.jce.interfaces.GOST3410PrivateKey;
-import org.bouncycastle.jce.interfaces.GOST3410PublicKey;
-import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECNamedCurveGenParameterSpec;
-import org.bouncycastle.jce.spec.ECParameterSpec;
-import org.bouncycastle.jce.spec.ECPrivateKeySpec;
-import org.bouncycastle.jce.spec.ECPublicKeySpec;
-import org.bouncycastle.jce.spec.GOST3410ParameterSpec;
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.util.BigIntegers;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestRandomBigInteger;
-import org.bouncycastle.x509.X509V3CertificateGenerator;
-
-//import java.security.spec.ECGenParameterSpec;
-
-public class GOST3410Test
-    extends SimpleTest
-{
-    private static byte[] ecgostData = {1, 2, 3, 4, 5, 6, 7, 8, 9, 0};
-    private static byte[] ecgost2012_256Key = Base64.decode("MGgwIQYIKoUDBwEBAQEwFQYJKoUDBwECAQEBBggqhQMHAQECAgNDAARAuSmiubNU4NMTvYsWb59uIa0dvNvikSyafTFTvHYhfoEeyVj5qeCoED1AjraW3Q44EZdNZaS5exAUIHuK5Bhd/Q==");
-    private static byte[] ecgost2012_256Sig = Base64.decode("CNUdC6ny8sryzNcwGy7MG3DUbcU+3RgJNPWb3WVtAwUcbaFKPgL0TERfDM4Vsurwx0POt+PZCTxjaiaoY0UxkQ==");
-
-    private static byte[] ecgost2012_512Key = Base64.decode("MIGqMCEGCCqFAwcBAQECMBUGCSqFAwcBAgECAQYIKoUDBwEBAgMDgYQABIGAhiwvUj3M58X6KQfFmqvQhka/JxigdS6hy6rqoYZec0pAwPKFNJ+AUl70zvNR/GDLB2DNBGryofKFXJk1l8aZCHM6cpuSzJbD7y728U/rclJ4GVDAbb4ktq4UmiYaJ7JZcc/CSL0qoj7w69sY7rWZm/T2o+hb1cM1jVq5/u5zYqo=");
-    private static byte[] ecgost2012_512Sig = Base64.decode("uX4splTTDpH6T04tnElszTSmj+aTAl2LV7JxP+1xRRGoQ0ET2+QniOW+6WIOZzCZxEo75fZfx1jRHa7Eo99KfQNzHqmiN7G1Ch9pHQ7eMMwaLVurmWEFpZqBH4k5XfHTSPIa8mUmCn6808xMNy1VfwppbaJwRjtyW0h/CqeDTr8=");
-
-    private void ecGOST3410Test()
-        throws Exception
-    {
-
-        BigInteger r = new BigInteger("29700980915817952874371204983938256990422752107994319651632687982059210933395");
-        BigInteger s = new BigInteger("46959264877825372965922731380059061821746083849389763294914877353246631700866");
-
-        byte[] kData = BigIntegers.asUnsignedByteArray(new BigInteger("53854137677348463731403841147996619241504003434302020712960838528893196233395"));
-
-        SecureRandom k = new TestRandomBigInteger(kData);
-
-        BigInteger mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564821041");
-        BigInteger mod_q = new BigInteger("57896044618658097711785492504343953927082934583725450622380973592137631069619");
-
-        ECCurve curve = new ECCurve.Fp(
-            mod_p,
-            new BigInteger("7"), // a
-            new BigInteger("43308876546767276905765904595650931995942111794451039583252968842033849580414"), // b
-            mod_q, ECConstants.ONE);
-
-        ECParameterSpec spec = new ECParameterSpec(
-            curve,
-            curve.createPoint(
-                new BigInteger("2"), // x
-                new BigInteger("4018974056539037503335449422937059775635739389905545080690979365213431566280")), // y
-            mod_q, ECConstants.ONE);
-
-        ECPrivateKeySpec priKey = new ECPrivateKeySpec(
-            new BigInteger("55441196065363246126355624130324183196576709222340016572108097750006097525544"), // d
-            spec);
-
-        ECPublicKeySpec pubKey = new ECPublicKeySpec(
-            curve.createPoint(
-                new BigInteger("57520216126176808443631405023338071176630104906313632182896741342206604859403"), // x
-                new BigInteger("17614944419213781543809391949654080031942662045363639260709847859438286763994")), // y
-            spec);
-
-        Signature sgr = Signature.getInstance("ECGOST3410", "BC");
-        KeyFactory f = KeyFactory.getInstance("ECGOST3410", "BC");
-        PrivateKey sKey = f.generatePrivate(priKey);
-        PublicKey vKey = f.generatePublic(pubKey);
-
-        sgr.initSign(sKey, k);
-
-        byte[] message = new byte[]{(byte)'a', (byte)'b', (byte)'c'};
-
-        sgr.update(message);
-
-        byte[] sigBytes = sgr.sign();
-
-        sgr.initVerify(vKey);
-
-        sgr.update(message);
-
-        if (!sgr.verify(sigBytes))
-        {
-            fail("ECGOST3410 verification failed");
-        }
-
-        BigInteger[] sig = decode(sigBytes);
-
-        if (!r.equals(sig[0]))
-        {
-            fail(
-                ": r component wrong." + Strings.lineSeparator()
-                    + " expecting: " + r + Strings.lineSeparator()
-                    + " got      : " + sig[0]);
-        }
-
-        if (!s.equals(sig[1]))
-        {
-            fail(
-                ": s component wrong." + Strings.lineSeparator()
-                    + " expecting: " + s + Strings.lineSeparator()
-                    + " got      : " + sig[1]);
-        }
-    }
-
-    private void generationTest()
-        throws Exception
-    {
-        Signature s = Signature.getInstance("GOST3410", "BC");
-        KeyPairGenerator g = KeyPairGenerator.getInstance("GOST3410", "BC");
-        byte[] data = {1, 2, 3, 4, 5, 6, 7, 8, 9, 0};
-        GOST3410ParameterSpec gost3410P = new GOST3410ParameterSpec(CryptoProObjectIdentifiers.gostR3410_94_CryptoPro_A.getId());
-
-        g.initialize(gost3410P, new SecureRandom());
-
-        KeyPair p = g.generateKeyPair();
-
-        PrivateKey sKey = p.getPrivate();
-        PublicKey vKey = p.getPublic();
-
-        s.initSign(sKey);
-
-        s.update(data);
-
-        byte[] sigBytes = s.sign();
-
-        s = Signature.getInstance("GOST3410", "BC");
-
-        s.initVerify(vKey);
-
-        s.update(data);
-
-        if (!s.verify(sigBytes))
-        {
-            fail("GOST3410 verification failed");
-        }
-
-        //
-        // default initialisation test
-        //
-        s = Signature.getInstance("GOST3410", "BC");
-        g = KeyPairGenerator.getInstance("GOST3410", "BC");
-
-        p = g.generateKeyPair();
-
-        sKey = p.getPrivate();
-        vKey = p.getPublic();
-
-        s.initSign(sKey);
-
-        s.update(data);
-
-        sigBytes = s.sign();
-
-        s = Signature.getInstance("GOST3410", "BC");
-
-        s.initVerify(vKey);
-
-        s.update(data);
-
-        if (!s.verify(sigBytes))
-        {
-            fail("GOST3410 verification failed");
-        }
-
-        //
-        // encoded test
-        //
-        KeyFactory f = KeyFactory.getInstance("GOST3410", "BC");
-
-        X509EncodedKeySpec x509s = new X509EncodedKeySpec(vKey.getEncoded());
-        GOST3410PublicKey k1 = (GOST3410PublicKey)f.generatePublic(x509s);
-
-        if (!k1.getY().equals(((GOST3410PublicKey)vKey).getY()))
-        {
-            fail("public number not decoded properly");
-        }
-
-        if (!k1.getParameters().equals(((GOST3410PublicKey)vKey).getParameters()))
-        {
-            fail("public parameters not decoded properly");
-        }
-
-        PKCS8EncodedKeySpec pkcs8 = new PKCS8EncodedKeySpec(sKey.getEncoded());
-        GOST3410PrivateKey k2 = (GOST3410PrivateKey)f.generatePrivate(pkcs8);
-
-        if (!k2.getX().equals(((GOST3410PrivateKey)sKey).getX()))
-        {
-            fail("private number not decoded properly");
-        }
-
-        if (!k2.getParameters().equals(((GOST3410PrivateKey)sKey).getParameters()))
-        {
-            fail("private number not decoded properly");
-        }
-
-        k2 = (GOST3410PrivateKey)serializeDeserialize(sKey);
-        if (!k2.getX().equals(((GOST3410PrivateKey)sKey).getX()))
-        {
-            fail("private number not deserialised properly");
-        }
-
-        if (!k2.getParameters().equals(((GOST3410PrivateKey)sKey).getParameters()))
-        {
-            fail("private number not deserialised properly");
-        }
-
-        checkEquals(k2, sKey);
-
-        if (!(k2 instanceof PKCS12BagAttributeCarrier))
-        {
-            fail("private key not implementing PKCS12 attribute carrier");
-        }
-
-        k1 = (GOST3410PublicKey)serializeDeserialize(vKey);
-
-        if (!k1.getY().equals(((GOST3410PublicKey)vKey).getY()))
-        {
-            fail("public number not deserialised properly");
-        }
-
-        if (!k1.getParameters().equals(((GOST3410PublicKey)vKey).getParameters()))
-        {
-            fail("public parameters not deserialised properly");
-        }
-
-        checkEquals(k1, vKey);
-
-        //
-        // ECGOST3410 generation test
-        //
-        s = Signature.getInstance("ECGOST3410", "BC");
-        g = KeyPairGenerator.getInstance("ECGOST3410", "BC");
-
-//        BigInteger mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564821041"); //p
-//
-//        ECCurve curve = new ECCurve.Fp(
-//            mod_p, // p
-//            new BigInteger("7"), // a
-//            new BigInteger("43308876546767276905765904595650931995942111794451039583252968842033849580414")); // b
-//
-//        ECParameterSpec ecSpec = new ECParameterSpec(
-//                curve,
-//                    new ECPoint.Fp(curve,
-//                                   new ECFieldElement.Fp(mod_p,new BigInteger("2")), // x
-//                                   new ECFieldElement.Fp(mod_p,new BigInteger("4018974056539037503335449422937059775635739389905545080690979365213431566280"))), // y
-//                    new BigInteger("57896044618658097711785492504343953927082934583725450622380973592137631069619")); // q
-
-        g.initialize(new ECNamedCurveGenParameterSpec("GostR3410-2001-CryptoPro-A"), new SecureRandom());
-
-        p = g.generateKeyPair();
-
-        sKey = p.getPrivate();
-        vKey = p.getPublic();
-
-        s.initSign(sKey);
-
-        s.update(data);
-
-        sigBytes = s.sign();
-
-        s = Signature.getInstance("ECGOST3410", "BC");
-
-        s.initVerify(vKey);
-
-        s.update(data);
-
-        if (!s.verify(sigBytes))
-        {
-            fail("ECGOST3410 verification failed");
-        }
-
-        //
-        // encoded test
-        //
-        f = KeyFactory.getInstance("ECGOST3410", "BC");
-
-        x509s = new X509EncodedKeySpec(vKey.getEncoded());
-        ECPublicKey eck1 = (ECPublicKey)f.generatePublic(x509s);
-
-        if (!eck1.getQ().equals(((ECPublicKey)vKey).getQ()))
-        {
-            fail("public number not decoded properly");
-        }
-
-        if (!eck1.getParameters().equals(((ECPublicKey)vKey).getParameters()))
-        {
-            fail("public parameters not decoded properly");
-        }
-
-        pkcs8 = new PKCS8EncodedKeySpec(sKey.getEncoded());
-        ECPrivateKey eck2 = (ECPrivateKey)f.generatePrivate(pkcs8);
-
-        if (!eck2.getD().equals(((ECPrivateKey)sKey).getD()))
-        {
-            fail("private number not decoded properly");
-        }
-
-        if (!eck2.getParameters().equals(((ECPrivateKey)sKey).getParameters()))
-        {
-            fail("private number not decoded properly");
-        }
-
-        eck2 = (ECPrivateKey)serializeDeserialize(sKey);
-        if (!eck2.getD().equals(((ECPrivateKey)sKey).getD()))
-        {
-            fail("private number not decoded properly");
-        }
-
-        if (!eck2.getParameters().equals(((ECPrivateKey)sKey).getParameters()))
-        {
-            fail("private number not decoded properly");
-        }
-
-        checkEquals(eck2, sKey);
-
-        if (!(eck2 instanceof PKCS12BagAttributeCarrier))
-        {
-            fail("private key not implementing PKCS12 attribute carrier");
-        }
-
-        eck1 = (ECPublicKey)serializeDeserialize(vKey);
-
-        if (!eck1.getQ().equals(((ECPublicKey)vKey).getQ()))
-        {
-            fail("public number not decoded properly");
-        }
-
-        if (!eck1.getParameters().equals(((ECPublicKey)vKey).getParameters()))
-        {
-            fail("public parameters not decoded properly");
-        }
-
-        checkEquals(eck1, vKey);
-    }
-
-
-    private void ecGOST34102012256Test()
-        throws Exception
-    {
-
-        BigInteger r = new BigInteger("29700980915817952874371204983938256990422752107994319651632687982059210933395");
-        BigInteger s = new BigInteger("574973400270084654178925310019147038455227042649098563933718999175515839552");
-
-        BigInteger e = new BigInteger("20798893674476452017134061561508270130637142515379653289952617252661468872421");
-
-        byte[] kData = BigIntegers.asUnsignedByteArray(new BigInteger("53854137677348463731403841147996619241504003434302020712960838528893196233395"));
-        SecureRandom k = new TestRandomBigInteger(kData);
-
-        BigInteger mod_p = new BigInteger("57896044618658097711785492504343953926634992332820282019728792003956564821041");
-        BigInteger mod_q = new BigInteger("57896044618658097711785492504343953927082934583725450622380973592137631069619");
-
-        ECCurve curve = new ECCurve.Fp(
-            mod_p,
-            new BigInteger("7"), // a
-            new BigInteger("43308876546767276905765904595650931995942111794451039583252968842033849580414"), // b
-            mod_q, ECConstants.ONE);
-
-        ECParameterSpec spec = new ECParameterSpec(
-            curve,
-            curve.createPoint(
-                new BigInteger("2"), // x
-                new BigInteger("4018974056539037503335449422937059775635739389905545080690979365213431566280")), // y
-            mod_q, ECConstants.ONE);
-
-        ECPrivateKeySpec priKey = new ECPrivateKeySpec(
-            new BigInteger("55441196065363246126355624130324183196576709222340016572108097750006097525544"), // d
-            spec);
-
-        ECPublicKeySpec pubKey = new ECPublicKeySpec(
-            curve.createPoint(
-                new BigInteger("57520216126176808443631405023338071176630104906313632182896741342206604859403"), // x
-                new BigInteger("17614944419213781543809391949654080031942662045363639260709847859438286763994")), // y
-            spec);
-
-        KeyFactory f = KeyFactory.getInstance("ECGOST3410-2012", "BC");
-        PrivateKey sKey = f.generatePrivate(priKey);
-        PublicKey vKey = f.generatePublic(pubKey);
-
-        ECGOST3410_2012Signer signer = new ECGOST3410_2012Signer();
-        CipherParameters param = ECUtil.generatePrivateKeyParameter(sKey);
-
-        signer.init(true, new ParametersWithRandom(param, k));
-
-        byte[] rev = e.toByteArray();
-        byte[] message = new byte[rev.length];
-        for (int i = 0; i != rev.length; i++)
-        {
-            message[i] = rev[rev.length - 1 - i];
-        }
-        BigInteger[] sig = signer.generateSignature(message);
-
-        ECPublicKey ecPublicKey = (ECPublicKey)vKey;
-        param = new ECPublicKeyParameters(
-            ecPublicKey.getQ(),
-            new ECDomainParameters(spec.getCurve(), spec.getG(), spec.getN()));
-        signer.init(false, param);
-
-        if (!signer.verifySignature(message, sig[0], sig[1]))
-        {
-            fail("ECGOST3410 2012 verification failed");
-        }
-
-        if (!r.equals(sig[0]))
-        {
-            fail(
-                ": r component wrong." + Strings.lineSeparator()
-                    + " expecting: " + r + Strings.lineSeparator()
-                    + " got      : " + sig[0]);
-        }
-
-        if (!s.equals(sig[1]))
-        {
-            fail(
-                ": s component wrong." + Strings.lineSeparator()
-                    + " expecting: " + s + Strings.lineSeparator()
-                    + " got      : " + sig[1]);
-        }
-
-        KeyPairGenerator g = KeyPairGenerator.getInstance("ECGOST3410-2012", "BC");
-
-        g.initialize(new ECNamedCurveGenParameterSpec("Tc26-Gost-3410-12-256-paramSetA"), new SecureRandom());
-
-        KeyPair p = g.generateKeyPair();
-
-        signatureGost12Test("ECGOST3410-2012-256", 64, p);
-        encodedGost12Test(p);
-
-
-        g.initialize(new org.bouncycastle.jcajce.spec.GOST3410ParameterSpec("Tc26-Gost-3410-12-512-paramSetA"), new SecureRandom());
-
-        p = g.generateKeyPair();
-
-        signatureGost12Test("ECGOST3410-2012-512", 128, p);
-        encodedGost12Test(p);
-    }
-
-    private void ecGOST2012NameCurveGenerationTest()
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("ECGOST3410-2012", "BC");
-
-        kpGen.initialize(new ECNamedCurveGenParameterSpec("Tc26-Gost-3410-12-256-paramSetA"));
-
-        KeyPair kp = kpGen.generateKeyPair();
-
-        AlgorithmIdentifier expectedAlgId = new AlgorithmIdentifier(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256,
-                    new GOST3410PublicKeyAlgParameters(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256_paramSetA, RosstandartObjectIdentifiers.id_tc26_gost_3411_12_256));
-
-        checkKeyPairAlgId(kp, expectedAlgId);
-
-        kpGen.initialize(new ECNamedCurveGenParameterSpec("Tc26-Gost-3410-12-512-paramSetA"));
-
-        kp = kpGen.generateKeyPair();
-
-        expectedAlgId = new AlgorithmIdentifier(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512,
-                    new GOST3410PublicKeyAlgParameters(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetA, RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512));
-
-        checkKeyPairAlgId(kp, expectedAlgId);
-
-        kpGen.initialize(new ECNamedCurveGenParameterSpec("Tc26-Gost-3410-12-512-paramSetB"));
-
-        kp = kpGen.generateKeyPair();
-
-        expectedAlgId = new AlgorithmIdentifier(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512,
-                    new GOST3410PublicKeyAlgParameters(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetB, RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512));
-
-        checkKeyPairAlgId(kp, expectedAlgId);
-
-        kpGen.initialize(new ECNamedCurveGenParameterSpec("Tc26-Gost-3410-12-512-paramSetC"));
-
-        kp = kpGen.generateKeyPair();
-
-        expectedAlgId = new AlgorithmIdentifier(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512,
-                    new GOST3410PublicKeyAlgParameters(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512_paramSetC, RosstandartObjectIdentifiers.id_tc26_gost_3411_12_512));
-
-        checkKeyPairAlgId(kp, expectedAlgId);
-    }
-
-    private void checkKeyPairAlgId(KeyPair kp, AlgorithmIdentifier expectedAlgId)
-    {
-        SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(kp.getPublic().getEncoded());
-
-        AlgorithmIdentifier algId = info.getAlgorithm();
-
-        isEquals(expectedAlgId, algId);
-
-        PrivateKeyInfo privInfo = PrivateKeyInfo.getInstance(kp.getPrivate().getEncoded());
-
-        algId = privInfo.getPrivateKeyAlgorithm();
-
-        isEquals(expectedAlgId, algId);
-    }
-
-    private void ecGOST34102012512Test()
-        throws Exception
-    {
-
-        BigInteger r = new BigInteger("2489204477031349265072864643032147753667451319282131444027498637357611092810221795101871412928823716805959828708330284243653453085322004442442534151761462");
-        BigInteger s = new BigInteger("864523221707669519038849297382936917075023735848431579919598799313385180564748877195639672460179421760770893278030956807690115822709903853682831835159370");
-
-        BigInteger e = new BigInteger("2897963881682868575562827278553865049173745197871825199562947419041388950970536661109553499954248733088719748844538964641281654463513296973827706272045964");
-
-        byte[] kData = BigIntegers.asUnsignedByteArray(new BigInteger("359E7F4B1410FEACC570456C6801496946312120B39D019D455986E364F365886748ED7A44B3E794434006011842286212273A6D14CF70EA3AF71BB1AE679F1", 16));
-        SecureRandom k = new TestRandomBigInteger(kData);
-
-        BigInteger mod_p = new BigInteger("3623986102229003635907788753683874306021320925534678605086546150450856166624002482588482022271496854025090823603058735163734263822371964987228582907372403");
-        BigInteger mod_q = new BigInteger("3623986102229003635907788753683874306021320925534678605086546150450856166623969164898305032863068499961404079437936585455865192212970734808812618120619743");
-
-        ECCurve curve = new ECCurve.Fp(
-            mod_p,
-            new BigInteger("7"), // a
-            new BigInteger("1518655069210828534508950034714043154928747527740206436194018823352809982443793732829756914785974674866041605397883677596626326413990136959047435811826396"), // b
-            mod_q, ECConstants.ONE);
-
-        ECParameterSpec spec = new ECParameterSpec(
-            curve,
-            curve.createPoint(
-                new BigInteger("1928356944067022849399309401243137598997786635459507974357075491307766592685835441065557681003184874819658004903212332884252335830250729527632383493573274"), // x
-                new BigInteger("2288728693371972859970012155529478416353562327329506180314497425931102860301572814141997072271708807066593850650334152381857347798885864807605098724013854")), // y
-            mod_q, ECConstants.ONE);
-
-        ECPrivateKeySpec priKey = new ECPrivateKeySpec(
-            new BigInteger("610081804136373098219538153239847583006845519069531562982388135354890606301782255383608393423372379057665527595116827307025046458837440766121180466875860"), // d
-            spec);
-
-        ECPublicKeySpec pubKey = new ECPublicKeySpec(
-            curve.createPoint(
-                new BigInteger("909546853002536596556690768669830310006929272546556281596372965370312498563182320436892870052842808608262832456858223580713780290717986855863433431150561"), // x
-                new BigInteger("2921457203374425620632449734248415455640700823559488705164895837509539134297327397380287741428246088626609329139441895016863758984106326600572476822372076")), // y
-            spec);
-
-        KeyFactory f = KeyFactory.getInstance("ECGOST3410-2012", "BC");
-        PrivateKey sKey = f.generatePrivate(priKey);
-        PublicKey vKey = f.generatePublic(pubKey);
-
-
-        ECGOST3410_2012Signer signer = new ECGOST3410_2012Signer();
-        CipherParameters param = ECUtil.generatePrivateKeyParameter(sKey);
-
-        signer.init(true, new ParametersWithRandom(param, k));
-
-        byte[] rev = e.toByteArray();
-        byte[] message = new byte[rev.length];
-        for (int i = 0; i != rev.length; i++)
-        {
-            message[i] = rev[rev.length - 1 - i];
-        }
-        BigInteger[] sig = signer.generateSignature(message);
-
-        ECPublicKey ecPublicKey = (ECPublicKey)vKey;
-        param = new ECPublicKeyParameters(
-            ecPublicKey.getQ(),
-            new ECDomainParameters(spec.getCurve(), spec.getG(), spec.getN()));
-        signer.init(false, param);
-
-        if (!signer.verifySignature(message, sig[0], sig[1]))
-        {
-            fail("ECGOST3410 2012 verification failed");
-        }
-
-        if (!r.equals(sig[0]))
-        {
-            fail(
-                ": r component wrong." + Strings.lineSeparator()
-                    + " expecting: " + r + Strings.lineSeparator()
-                    + " got      : " + sig[0]);
-        }
-
-        if (!s.equals(sig[1]))
-        {
-            fail(
-                ": s component wrong." + Strings.lineSeparator()
-                    + " expecting: " + s + Strings.lineSeparator()
-                    + " got      : " + sig[1]);
-        }
-
-
-    }
-
-    private void ecGOST2012VerifyTest(String signatureAlg, byte[] data, byte[] pubEnc, byte[] sig)
-        throws Exception
-    {
-        KeyFactory keyFact = KeyFactory.getInstance("ECGOST3410-2012", "BC");
-
-        PublicKey vKey = keyFact.generatePublic(new X509EncodedKeySpec(pubEnc));
-
-        Signature s = Signature.getInstance(signatureAlg, "BC");
-
-        s.initVerify(vKey);
-
-        s.update(data);
-
-        if (!s.verify(sig))
-        {
-            fail(signatureAlg + " verification failed");
-        }
-    }
-
-    private void signatureGost12Test(String signatureAlg, int expectedSignLen, KeyPair p)
-        throws Exception
-    {
-        byte[] data = {1, 2, 3, 4, 5, 6, 7, 8, 9, 0};
-
-        PrivateKey sKey = p.getPrivate();
-        PublicKey vKey = p.getPublic();
-        Signature s = Signature.getInstance(signatureAlg, "BC");
-        s.initSign(sKey);
-
-        s.update(data);
-
-        byte[] sigBytes = s.sign();
-
-        if (sigBytes.length != expectedSignLen)
-        {
-            fail(signatureAlg + " signature failed");
-        }
-
-        s = Signature.getInstance(signatureAlg, "BC");
-
-        s.initVerify(vKey);
-
-        s.update(data);
-
-        if (!s.verify(sigBytes))
-        {
-            fail(signatureAlg + " verification failed");
-        }
-
-    }
-
-    private void encodedGost12Test(KeyPair p)
-        throws Exception
-    {
-        PrivateKey sKey = p.getPrivate();
-        PublicKey vKey = p.getPublic();
-
-        KeyFactory f = KeyFactory.getInstance("ECGOST3410-2012", "BC");
-        X509EncodedKeySpec x509s = new X509EncodedKeySpec(vKey.getEncoded());
-        ECPublicKey eck1 = (ECPublicKey)f.generatePublic(x509s);
-
-        if (!eck1.getQ().equals(((ECPublicKey)vKey).getQ()))
-        {
-            fail("public number not decoded properly");
-        }
-
-        if (!eck1.getParameters().equals(((ECPublicKey)vKey).getParameters()))
-        {
-            fail("public parameters not decoded properly");
-        }
-
-        PKCS8EncodedKeySpec pkcs8 = new PKCS8EncodedKeySpec(sKey.getEncoded());
-        ECPrivateKey eck2 = (ECPrivateKey)f.generatePrivate(pkcs8);
-
-        if (!eck2.getD().equals(((ECPrivateKey)sKey).getD()))
-        {
-            fail("private number not decoded properly");
-        }
-
-        if (!eck2.getParameters().equals(((ECPrivateKey)sKey).getParameters()))
-        {
-            fail("private number not decoded properly");
-        }
-
-        eck2 = (ECPrivateKey)serializeDeserialize(sKey);
-        if (!eck2.getD().equals(((ECPrivateKey)sKey).getD()))
-        {
-            fail("private number not decoded properly");
-        }
-
-        if (!eck2.getParameters().equals(((ECPrivateKey)sKey).getParameters()))
-        {
-            fail("private number not decoded properly");
-        }
-
-        checkEquals(eck2, sKey);
-
-        if (!(eck2 instanceof PKCS12BagAttributeCarrier))
-        {
-            fail("private key not implementing PKCS12 attribute carrier");
-        }
-
-        eck1 = (ECPublicKey)serializeDeserialize(vKey);
-
-        if (!eck1.getQ().equals(((ECPublicKey)vKey).getQ()))
-        {
-            fail("public number not decoded properly");
-        }
-
-        if (!eck1.getParameters().equals(((ECPublicKey)vKey).getParameters()))
-        {
-            fail("public parameters not decoded properly");
-        }
-
-        checkEquals(eck1, vKey);
-    }
-
-    private void keyStoreTest(PrivateKey sKey, PublicKey vKey)
-        throws KeyStoreException, IOException, NoSuchAlgorithmException, CertificateException, NoSuchProviderException, SignatureException, InvalidKeyException, UnrecoverableKeyException
-    {
-        //
-        // keystore test
-        //
-        KeyStore ks = KeyStore.getInstance("JKS");
-
-        ks.load(null, null);
-
-        //
-        // create the certificate - version 3
-        //
-        X509V3CertificateGenerator certGen = new X509V3CertificateGenerator();
-
-        certGen.setSerialNumber(BigInteger.valueOf(1));
-        certGen.setIssuerDN(new X509Principal("CN=Test"));
-        certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
-        certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000));
-        certGen.setSubjectDN(new X509Principal("CN=Test"));
-        certGen.setPublicKey(vKey);
-        certGen.setSignatureAlgorithm("GOST3411withGOST3410");
-
-        X509Certificate cert = certGen.generate(sKey, "BC");
-
-        ks.setKeyEntry("gost", sKey, "gost".toCharArray(), new Certificate[]{cert});
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        ks.store(bOut, "gost".toCharArray());
-
-        ks = KeyStore.getInstance("JKS");
-
-        ks.load(new ByteArrayInputStream(bOut.toByteArray()), "gost".toCharArray());
-
-        PrivateKey gKey = (PrivateKey)ks.getKey("gost", "gost".toCharArray());
-    }
-
-    private void checkEquals(Object o1, Object o2)
-    {
-        if (!o1.equals(o2))
-        {
-            fail("comparison test failed");
-        }
-
-        if (o1.hashCode() != o2.hashCode())
-        {
-            fail("hashCode test failed");
-        }
-    }
-
-    private void parametersTest()
-        throws Exception
-    {
-//                AlgorithmParameterGenerator a = AlgorithmParameterGenerator.getInstance("GOST3410", "BC");
-//                a.init(512, random);
-//                AlgorithmParameters params = a.generateParameters();
-//
-//                byte[] encodeParams = params.getEncoded();
-//
-//                AlgorithmParameters a2 = AlgorithmParameters.getInstance("GOST3410", "BC");
-//                a2.init(encodeParams);
-//
-//                // a and a2 should be equivalent!
-//                byte[] encodeParams_2 = a2.getEncoded();
-//
-//                if (!arrayEquals(encodeParams, encodeParams_2))
-//                {
-//                    fail("encode/decode parameters failed");
-//                }
-
-        GOST3410ParameterSpec gost3410P = new GOST3410ParameterSpec(CryptoProObjectIdentifiers.gostR3410_94_CryptoPro_B.getId());
-
-        KeyPairGenerator g = KeyPairGenerator.getInstance("GOST3410", "BC");
-        g.initialize(gost3410P, new SecureRandom());
-        KeyPair p = g.generateKeyPair();
-
-        PrivateKey sKey = p.getPrivate();
-        PublicKey vKey = p.getPublic();
-
-        Signature s = Signature.getInstance("GOST3410", "BC");
-        byte[] data = {1, 2, 3, 4, 5, 6, 7, 8, 9, 0};
-
-        s.initSign(sKey);
-
-        s.update(data);
-
-        byte[] sigBytes = s.sign();
-
-        s = Signature.getInstance("GOST3410", "BC");
-
-        s.initVerify(vKey);
-
-        s.update(data);
-
-        if (!s.verify(sigBytes))
-        {
-            fail("GOST3410 verification failed");
-        }
-
-        keyStoreTest(sKey, vKey);
-    }
-
-    private BigInteger[] decode(
-        byte[] encoding)
-    {
-        byte[] r = new byte[32];
-        byte[] s = new byte[32];
-
-        System.arraycopy(encoding, 0, s, 0, 32);
-
-        System.arraycopy(encoding, 32, r, 0, 32);
-
-        BigInteger[] sig = new BigInteger[2];
-
-        sig[0] = new BigInteger(1, r);
-        sig[1] = new BigInteger(1, s);
-
-        return sig;
-    }
-
-    private Object serializeDeserialize(Object o)
-        throws Exception
-    {
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        ObjectOutputStream oOut = new ObjectOutputStream(bOut);
-
-        oOut.writeObject(o);
-        oOut.close();
-
-        ObjectInputStream oIn = new ObjectInputStream(new ByteArrayInputStream(bOut.toByteArray()));
-
-        return oIn.readObject();
-    }
-
-    public String getName()
-    {
-        return "GOST3410/ECGOST3410/ECGOST3410 2012";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        ecGOST3410Test();
-
-        if (Security.getProvider("BC").containsKey("KeyFactory.ECGOST3410-2012"))
-        {
-            ecGOST34102012256Test();
-            ecGOST34102012512Test();
-            ecGOST2012NameCurveGenerationTest();
-            ecGOST2012VerifyTest("ECGOST3410-2012-256", ecgostData, ecgost2012_256Key, ecgost2012_256Sig);
-            ecGOST2012VerifyTest("ECGOST3410-2012-512", ecgostData, ecgost2012_512Key, ecgost2012_512Sig);
-        }
-        
-        generationTest();
-        parametersTest();
-    }
-
-    protected byte[] toByteArray(String input)
-    {
-        byte[] bytes = new byte[input.length()];
-
-        for (int i = 0; i != bytes.length; i++)
-        {
-            bytes[i] = (byte)input.charAt(i);
-        }
-
-        return bytes;
-    }
-
-    public static void main(
-        String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new GOST3410Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/GOST3412Test.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/GOST3412Test.java
deleted file mode 100644
index cbb199e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/GOST3412Test.java
+++ /dev/null

@@ -1,205 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.DataInputStream;
-import java.security.Key;
-import java.security.Security;
-
-import javax.crypto.Cipher;
-import javax.crypto.CipherInputStream;
-import javax.crypto.CipherOutputStream;
-import javax.crypto.Mac;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * basic test class for the GOST28147 cipher
- */
-public class GOST3412Test
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "GOST3412";
-    }
-
-    public void testECB(
-        byte[] keyBytes,
-        byte[] input,
-        byte[] output)
-        throws Exception
-    {
-        Key key;
-        Cipher in, out;
-        CipherInputStream cIn;
-        CipherOutputStream cOut;
-        ByteArrayInputStream bIn;
-        ByteArrayOutputStream bOut;
-
-        key = new SecretKeySpec(keyBytes, "GOST3412-2015");
-
-        in = Cipher.getInstance("GOST3412-2015/ECB/NoPadding", "BC");
-        out = Cipher.getInstance("GOST3412-2015/ECB/NoPadding", "BC");
-        out.init(Cipher.ENCRYPT_MODE, key);
-        in.init(Cipher.DECRYPT_MODE, key);
-
-        //
-        // encryption pass
-        //
-        bOut = new ByteArrayOutputStream();
-
-        cOut = new CipherOutputStream(bOut, out);
-
-        for (int i = 0; i != input.length / 2; i++)
-        {
-            cOut.write(input[i]);
-        }
-        cOut.write(input, input.length / 2, input.length - input.length / 2);
-        cOut.close();
-
-        byte[] bytes;
-
-        bytes = bOut.toByteArray();
-
-        if (!areEqual(bytes, output))
-        {
-            fail("GOST3412-2015 failed encryption - expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(bytes)));
-        }
-
-        //
-        // decryption pass
-        //
-        bIn = new ByteArrayInputStream(bytes);
-
-        cIn = new CipherInputStream(bIn, in);
-
-        DataInputStream dIn = new DataInputStream(cIn);
-
-        bytes = new byte[input.length];
-
-        for (int i = 0; i != input.length / 2; i++)
-        {
-            bytes[i] = (byte)dIn.read();
-        }
-        dIn.readFully(bytes, input.length / 2, bytes.length - input.length / 2);
-
-        if (!areEqual(bytes, input))
-        {
-            fail("GOST3412-2015 failed decryption - expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(bytes)));
-        }
-    }
-
-    public void testCFB(
-        byte[] keyBytes,
-        byte[] iv,
-        byte[] input,
-        byte[] output)
-        throws Exception
-    {
-        Key key;
-        Cipher in, out;
-        CipherInputStream cIn;
-        CipherOutputStream cOut;
-        ByteArrayInputStream bIn;
-        ByteArrayOutputStream bOut;
-
-        key = new SecretKeySpec(keyBytes, "GOST3412-2015");
-
-        in = Cipher.getInstance("GOST3412-2015/CFB8/NoPadding", "BC");
-        out = Cipher.getInstance("GOST3412-2015/CFB8/NoPadding", "BC");
-
-        out.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(iv));
-        in.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(iv));
-
-        //
-        // encryption pass
-        //
-        bOut = new ByteArrayOutputStream();
-
-        cOut = new CipherOutputStream(bOut, out);
-
-        for (int i = 0; i != input.length / 2; i++)
-        {
-            cOut.write(input[i]);
-        }
-        cOut.write(input, input.length / 2, input.length - input.length / 2);
-        cOut.close();
-
-        byte[] bytes;
-
-        bytes = bOut.toByteArray();
-
-        if (!areEqual(bytes, output))
-        {
-            fail("GOST3412-2015 failed encryption - expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(bytes)));
-        }
-
-        //
-        // decryption pass
-        //
-        bIn = new ByteArrayInputStream(bytes);
-
-        cIn = new CipherInputStream(bIn, in);
-
-        DataInputStream dIn = new DataInputStream(cIn);
-
-        bytes = new byte[input.length];
-
-        for (int i = 0; i != input.length / 2; i++)
-        {
-            bytes[i] = (byte)dIn.read();
-        }
-        dIn.readFully(bytes, input.length / 2, bytes.length - input.length / 2);
-
-        if (!areEqual(bytes, input))
-        {
-            fail("GOST3412-2015 failed decryption - expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(bytes)));
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        testECB(Hex.decode("8899aabbccddeeff0011223344556677fedcba98765432100123456789abcdef"),
-            Hex.decode("1122334455667700ffeeddccbbaa9988"), Hex.decode("7f679d90bebc24305a468d42b9d4edcd"));
-
-        testCFB(Hex.decode("8899aabbccddeeff0011223344556677fedcba98765432100123456789abcdef"),
-             Hex.decode("1234567890abcef0a1b2c3d4e5f0011223344556677889901213141516171819"),
-             Hex.decode("1122334455667700ffeeddccbbaa998800112233445566778899aabbcceeff0a112233445566778899aabbcceeff0a002233445566778899aabbcceeff0a0011"), Hex.decode("819b19c5867e61f1cf1b16f664f66e46ed8fcb82b1110b1e7ec03bfa6611f2eabd7a32363691cbdc3bbe403bc80552d822c2cdf483981cd71d5595453d7f057d"));
-
-        byte[][] inputs = new byte[][]{
-            Hex.decode("1122334455667700ffeeddccbbaa9988"),
-            Hex.decode("00112233445566778899aabbcceeff0a"),
-            Hex.decode("112233445566778899aabbcceeff0a00"),
-            Hex.decode("2233445566778899aabbcceeff0a0011"),
-        };
-
-        Mac mac = Mac.getInstance("GOST3412MAC", "BC");
-
-        mac.init(new SecretKeySpec(Hex.decode("8899aabbccddeeff0011223344556677fedcba98765432100123456789abcdef"), "GOST3412MAC"));
-
-        for (int i = 0; i != inputs.length; i++)
-        {
-            mac.update(inputs[i]);
-        }
-
-        if (!Arrays.areEqual(Hex.decode("336f4d296059fbe34ddeb35b37749c67"), mac.doFinal()))
-        {
-            fail("mac test failed.");
-        }
-    }
-
-    public static void main(
-        String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new GOST3412Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/HMacTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/HMacTest.java
deleted file mode 100644
index 4df0c56..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/HMacTest.java
+++ /dev/null

@@ -1,338 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.Security;
-import java.util.Arrays;
-
-import javax.crypto.KeyGenerator;
-import javax.crypto.Mac;
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.spec.PBEKeySpec;
-import javax.crypto.spec.RC5ParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.asn1.iana.IANAObjectIdentifiers;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
-import org.bouncycastle.asn1.ua.UAObjectIdentifiers;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * HMAC tester
- */
-public class HMacTest
-    extends SimpleTest
-{
-    static byte[] keyBytes = Hex.decode("0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b0b");
-    static byte[] message = Hex.decode("4869205468657265");
-    static byte[] output1 = Hex.decode("b617318655057264e28bc0b6fb378c8ef146be00");
-    static byte[] outputMD5 = Hex.decode("5ccec34ea9656392457fa1ac27f08fbc");
-    static byte[] outputMD2 = Hex.decode("dc1923ef5f161d35bef839ca8c807808");
-    static byte[] outputMD4 = Hex.decode("5570ce964ba8c11756cdc3970278ff5a");
-    static byte[] output224 = Hex.decode("896fb1128abbdf196832107cd49df33f47b4b1169912ba4f53684b22");
-    static byte[] output256 = Hex.decode("b0344c61d8db38535ca8afceaf0bf12b881dc200c9833da726e9376c2e32cff7");
-    static byte[] output384 = Hex.decode("afd03944d84895626b0825f4ab46907f15f9dadbe4101ec682aa034c7cebc59cfaea9ea9076ede7f4af152e8b2fa9cb6");
-    static byte[] output512 = Hex.decode("87aa7cdea5ef619d4ff0b4241a1d6cb02379f4e2ce4ec2787ad0b30545e17cdedaa833b7d6b8a702038b274eaea3f4e4be9d914eeb61f1702e696c203a126854");
-    static byte[] output512_224 = Hex.decode("b244ba01307c0e7a8ccaad13b1067a4cf6b961fe0c6a20bda3d92039");
-    static byte[] output512_256 = Hex.decode("9f9126c3d9c3c330d760425ca8a217e31feae31bfe70196ff81642b868402eab");
-    static byte[] outputRipeMD128 = Hex.decode("fda5717fb7e20cf05d30bb286a44b05d");
-    static byte[] outputRipeMD160 = Hex.decode("24cb4bd67d20fc1a5d2ed7732dcc39377f0a5668");
-    static byte[] outputTiger = Hex.decode("1d7a658c75f8f004916e7b07e2a2e10aec7de2ae124d3647");
-    static byte[] outputOld384 = Hex.decode("0a046aaa0255e432912228f8ccda437c8a8363fb160afb0570ab5b1fd5ddc20eb1888b9ed4e5b6cb5bc034cd9ef70e40");
-    static byte[] outputOld512 = Hex.decode("9656975ee5de55e75f2976ecce9a04501060b9dc22a6eda2eaef638966280182477fe09f080b2bf564649cad42af8607a2bd8d02979df3a980f15e2326a0a22a");
-
-    static byte[] outputKck224 = Hex.decode("b73d595a2ba9af815e9f2b4e53e78581ebd34a80b3bbaac4e702c4cc");
-    static byte[] outputKck256 = Hex.decode("9663d10c73ee294054dc9faf95647cb99731d12210ff7075fb3d3395abfb9821");
-    static byte[] outputKck288 = Hex.decode("36145df8742160a1811139494d708f9a12757c30dedc622a98aa6ecb69da32a34ea55441");
-    static byte[] outputKck384 = Hex.decode("892dfdf5d51e4679bf320cd16d4c9dc6f749744608e003add7fba894acff87361efa4e5799be06b6461f43b60ae97048");
-    static byte[] outputKck512 = Hex.decode("8852c63be8cfc21541a4ee5e5a9a852fc2f7a9adec2ff3a13718ab4ed81aaea0b87b7eb397323548e261a64e7fc75198f6663a11b22cd957f7c8ec858a1c7755");
-
-    static byte[] outputSha3_224 = Hex.decode("3b16546bbc7be2706a031dcafd56373d9884367641d8c59af3c860f7");
-    static byte[] outputSha3_256 = Hex.decode("ba85192310dffa96e2a3a40e69774351140bb7185e1202cdcc917589f95e16bb");
-    static byte[] outputSha3_384 = Hex.decode("68d2dcf7fd4ddd0a2240c8a437305f61fb7334cfb5d0226e1bc27dc10a2e723a20d370b47743130e26ac7e3d532886bd");
-    static byte[] outputSha3_512 = Hex.decode("eb3fbd4b2eaab8f5c504bd3a41465aacec15770a7cabac531e482f860b5ec7ba47ccb2c6f2afce8f88d22b6dc61380f23a668fd3888bb80537c0a0b86407689e");
-
-    static byte[] outputGost2012_256 = Hex.decode("f03422dfa37a507ca126ce01b8eba6b7fdda8f8a60dd8f2703e3a372120b8294");
-    static byte[] outputGost2012_512 = Hex.decode("86b6a06bfa9f1974aff6ccd7fa3f835f0bd850395d6084efc47b9dda861a2cdf0dcaf959160733d5269f6567966dd7a9f932a77cd6f080012cd476f1c2cc31bb");
-
-    static byte[] outputDSTU7564_256 = Hex.decode("98ac67aa21eaf6e8666fb748d66cfc15d5d66f5194c87fffa647e406d3375cdb");
-    static byte[] outputDSTU7564_384 = Hex.decode("4e46a87e70fcd2ccfb4433a8eaec68991a96b11085c5d5484db71af51bac469c03f76e1f721843c8e8667708fe41a48d");
-    static byte[] outputDSTU7564_512 = Hex.decode("5b7acf633a7551b8410fa66a60c74a494e46a87e70fcd2ccfb4433a8eaec68991a96b11085c5d5484db71af51bac469c03f76e1f721843c8e8667708fe41a48d");
-
-    public HMacTest()
-    {
-    }
-
-    public void testHMac(
-        String hmacName,
-        byte[] output)
-        throws Exception
-    {
-        SecretKey key = new SecretKeySpec(keyBytes, hmacName);
-        byte[] out;
-        Mac mac;
-
-        mac = Mac.getInstance(hmacName, "BC");
-
-        mac.init(key);
-
-        mac.reset();
-
-        mac.update(message, 0, message.length);
-
-        out = mac.doFinal();
-
-        if (!areEqual(out, output))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(out)));
-        }
-
-        // no key generator for the old algorithms
-        if (hmacName.startsWith("Old"))
-        {
-            return;
-        }
-
-        KeyGenerator kGen = KeyGenerator.getInstance(hmacName, "BC");
-
-        mac.init(kGen.generateKey());
-
-        mac.update(message);
-
-        out = mac.doFinal();
-    }
-
-    public void testHMac(
-        String hmacName,
-        int defKeySize,
-        byte[] output)
-        throws Exception
-    {
-        SecretKey key = new SecretKeySpec(keyBytes, hmacName);
-        byte[] out;
-        Mac mac;
-
-        mac = Mac.getInstance(hmacName, "BC");
-
-        mac.init(key);
-
-        mac.reset();
-
-        mac.update(message, 0, message.length);
-
-        out = mac.doFinal();
-
-        if (!areEqual(out, output))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(out)));
-        }
-
-        KeyGenerator kGen = KeyGenerator.getInstance(hmacName, "BC");
-
-        SecretKey secretKey = kGen.generateKey();
-
-        mac.init(secretKey);
-
-        mac.update(message);
-
-        out = mac.doFinal();
-
-        isTrue("default key wrong length", secretKey.getEncoded().length == defKeySize / 8);
-    }
-
-
-    private void testExceptions()
-        throws Exception
-    {
-        Mac mac = null;
-
-        mac = Mac.getInstance("HmacSHA1", "BC");
-
-        byte[] b = {(byte)1, (byte)2, (byte)3, (byte)4, (byte)5};
-        SecretKeySpec sks = new SecretKeySpec(b, "HmacSHA1");
-        RC5ParameterSpec algPS = new RC5ParameterSpec(100, 100, 100);
-
-        try
-        {
-            mac.init(sks, algPS);
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            // ignore okay
-        }
-
-        try
-        {
-            mac.init(null, null);
-        }
-        catch (InvalidKeyException e)
-        {
-            // ignore okay
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            // ignore okay
-        }
-
-        try
-        {
-            mac.init(null);
-        }
-        catch (InvalidKeyException e)
-        {
-            // ignore okay
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        testHMac("HMac-SHA1", 160, output1);
-        testHMac("HMac-MD5", outputMD5);
-        testHMac("HMac-MD4", outputMD4);
-        testHMac("HMac-MD2", outputMD2);
-        testHMac("HMac-SHA224", 224, output224);
-        testHMac("HMac-SHA256", 256, output256);
-        testHMac("HMac-SHA384", 384, output384);
-        testHMac("HMac-SHA512", 512, output512);
-        testHMac("HMac-SHA512/224", output512_224);
-        testHMac("HMac-SHA512/256", output512_256);
-        testHMac("HMac-RIPEMD128", 128, outputRipeMD128);
-        testHMac("HMac-RIPEMD160", 160, outputRipeMD160);
-        testHMac("HMac-TIGER", 192, outputTiger);
-        testHMac("HMac-KECCAK224", 224, outputKck224);
-        testHMac("HMac-KECCAK256", 256, outputKck256);
-        testHMac("HMac-KECCAK288", 288, outputKck288);
-        testHMac("HMac-KECCAK384", 384, outputKck384);
-        testHMac("HMac-KECCAK512", 512, outputKck512);
-        testHMac("HMac-SHA3-224", 224, outputSha3_224);
-        testHMac("HMac-SHA3-256", 256, outputSha3_256);
-        testHMac("HMac-SHA3-384", 384, outputSha3_384);
-        testHMac("HMac-SHA3-512", 512, outputSha3_512);
-
-        testHMac("HMac-GOST3411-2012-256", 256, outputGost2012_256);
-        testHMac("HMac-GOST3411-2012-512", 512, outputGost2012_512);
-
-        testHMac("HMac-DSTU7564-256", 256, outputDSTU7564_256);
-        testHMac("HMac-DSTU7564-384", 384, outputDSTU7564_384);
-        testHMac("HMac-DSTU7564-512", 512, outputDSTU7564_512);
-
-        testHMac("HMac/SHA1", output1);
-        testHMac("HMac/MD5", outputMD5);
-        testHMac("HMac/MD4", outputMD4);
-        testHMac("HMac/MD2", outputMD2);
-        testHMac("HMac/SHA224", 224, output224);
-        testHMac("HMac/SHA256", 256, output256);
-        testHMac("HMac/SHA384", 384, output384);
-        testHMac("HMac/SHA512", 512, output512);
-        testHMac("HMac/RIPEMD128", 128, outputRipeMD128);
-        testHMac("HMac/RIPEMD160", 160, outputRipeMD160);
-        testHMac("HMac/TIGER", 192, outputTiger);
-        testHMac("HMac/KECCAK224", 224, outputKck224);
-        testHMac("HMac/KECCAK256", 256, outputKck256);
-        testHMac("HMac/KECCAK288", 288, outputKck288);
-        testHMac("HMac/KECCAK384", 384, outputKck384);
-        testHMac("HMac/KECCAK512", 512, outputKck512);
-        testHMac("HMac/SHA3-224", 224, outputSha3_224);
-        testHMac("HMac/SHA3-256", 256, outputSha3_256);
-        testHMac("HMac/SHA3-384", 384, outputSha3_384);
-        testHMac("HMac/SHA3-512", 512, outputSha3_512);
-        testHMac("HMac/GOST3411-2012-256", 256, outputGost2012_256);
-        testHMac("HMac/GOST3411-2012-512", 512, outputGost2012_512);
-
-        testHMac(PKCSObjectIdentifiers.id_hmacWithSHA1.getId(), 160, output1);
-        testHMac(PKCSObjectIdentifiers.id_hmacWithSHA224.getId(), 224, output224);
-        testHMac(PKCSObjectIdentifiers.id_hmacWithSHA256.getId(), 256, output256);
-        testHMac(PKCSObjectIdentifiers.id_hmacWithSHA384.getId(), 384, output384);
-        testHMac(PKCSObjectIdentifiers.id_hmacWithSHA512.getId(), 512, output512);
-        testHMac(IANAObjectIdentifiers.hmacSHA1.getId(), 160, output1);
-        testHMac(IANAObjectIdentifiers.hmacMD5.getId(), outputMD5);
-        testHMac(IANAObjectIdentifiers.hmacRIPEMD160.getId(), 160, outputRipeMD160);
-        testHMac(IANAObjectIdentifiers.hmacTIGER.getId(), 192, outputTiger);
-
-        testHMac(NISTObjectIdentifiers.id_hmacWithSHA3_224.getId(), 224, outputSha3_224);
-        testHMac(NISTObjectIdentifiers.id_hmacWithSHA3_256.getId(), 256, outputSha3_256);
-        testHMac(NISTObjectIdentifiers.id_hmacWithSHA3_384.getId(), 384, outputSha3_384);
-        testHMac(NISTObjectIdentifiers.id_hmacWithSHA3_512.getId(), 512, outputSha3_512);
-
-        testHMac(RosstandartObjectIdentifiers.id_tc26_hmac_gost_3411_12_256.getId(), 256, outputGost2012_256);
-        testHMac(RosstandartObjectIdentifiers.id_tc26_hmac_gost_3411_12_512.getId(), 512, outputGost2012_512);
-
-        testHMac(UAObjectIdentifiers.dstu7564mac_256.getId(), 256, outputDSTU7564_256);
-        testHMac(UAObjectIdentifiers.dstu7564mac_384.getId(), 384, outputDSTU7564_384);
-        testHMac(UAObjectIdentifiers.dstu7564mac_512.getId(), 512, outputDSTU7564_512);
-
-        // test for compatibility with broken HMac.
-        testHMac("OldHMacSHA384", outputOld384);
-        testHMac("OldHMacSHA512", outputOld512);
-
-        testExceptions();
-
-        testPBEWITHHMACSHAVariants();
-    }
-
-    private static final int[] SUN_JCA_VARIANTS = {
-        1, 224, 256, 384, 512
-    };
-
-    private static final byte[][] SUN_JCA_KNOWN_ANSWERS_FOR_SHA_VARIANTS = {
-        Hex.decode("2cb29f938331443af79de5863a1b072d57a4b640"),
-        Hex.decode("3bf31c354fb1817503e9b581d4d1d51c4c8e921a3b46a513cc24c0ca"),
-        Hex.decode("583697860e49d8d534ebdf99205173356f4e209447b6ac7d500ddddc1b382068"),
-        Hex.decode("ad3ca42cc656876872bd0e5054d0f2260ec2a07635c5dfa655926989af392bbe636a23f08d1dc8ccd966ffa66ecc30e0"),
-        Hex.decode("eabbb30bf280870530126bea40d3123c18d6bd6f6e9ded0eebd51a44d8527b27732206bd1bb7c1c8d941b5f2fba2f87ed49f5f1f3d7bef0e7547d335b4a55b87")
-    };
-
-    /**
-     * Test that BC has the same results as the SunJCA provider for PBEwithHMACSHA.
-     * <p>
-     * Test courtesy of the Android project.
-     * </p>
-     */
-    public void testPBEWITHHMACSHAVariants()
-        throws Exception
-    {
-        byte[] plaintext = new byte[]{0, 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16,
-            17, 18, 19, 20, 21, 22, 23, 24, 25, 26, 27, 28, 29, 30, 31, 32, 33, 34};
-        byte[] salt = "saltsalt".getBytes();
-        char[] password = "password".toCharArray();
-        int iterationCount = 100;
-
-        for (int shaVariantIndex = 0; shaVariantIndex < SUN_JCA_VARIANTS.length; shaVariantIndex++)
-        {
-            int shaVariant = SUN_JCA_VARIANTS[shaVariantIndex];
-            SecretKeyFactory secretKeyFactory =
-                SecretKeyFactory.getInstance("PBKDF2WITHHMACSHA" + shaVariant, "BC");
-            PBEKeySpec pbeKeySpec = new PBEKeySpec(password,
-                salt,
-                iterationCount,
-                // Key depending on block size!
-                (shaVariant < 384) ? 64 : 128);
-            SecretKey secretKey = secretKeyFactory.generateSecret(pbeKeySpec);
-            Mac mac = Mac.getInstance("PBEWITHHMACSHA" + shaVariant, "BC");
-            mac.init(secretKey);
-
-            byte[] bcResult = mac.doFinal(plaintext);
-
-            isTrue("value mismatch", Arrays.equals(SUN_JCA_KNOWN_ANSWERS_FOR_SHA_VARIANTS[shaVariantIndex], bcResult));
-        }
-    }
-
-    public String getName()
-    {
-        return "HMac";
-    }
-
-    public static void main(
-        String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new HMacTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/IESTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/IESTest.java
deleted file mode 100644
index 60c071f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/IESTest.java
+++ /dev/null

@@ -1,265 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.math.BigInteger;
-import java.security.AlgorithmParameters;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-
-import javax.crypto.Cipher;
-import javax.crypto.spec.DHParameterSpec;
-
-import org.bouncycastle.asn1.x9.ECNamedCurveTable;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECParameterSpec;
-import org.bouncycastle.jce.spec.IEKeySpec;
-import org.bouncycastle.jce.spec.IESParameterSpec;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * test for ECIES - Elliptic Curve Integrated Encryption Scheme
- */
-public class IESTest
-    extends SimpleTest
-{
-    private BigInteger g512 = new BigInteger("153d5d6172adb43045b68ae8e1de1070b6137005686d29d3d73a7749199681ee5b212c9b96bfdcfa5b20cd5e3fd2044895d609cf9b410b7a0f12ca1cb9a428cc", 16);
-    private BigInteger p512 = new BigInteger("9494fec095f3b85ee286542b3836fc81a5dd0a0349b4c239dd38744d488cf8e31db8bcb7d33b41abb9e5a33cca9144b1cef332c94bf0573bf047a3aca98cdf3b", 16);
-
-    IESTest()
-    {
-    }
-
-    public String getName()
-    {
-        return "IES";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        KeyPairGenerator g = KeyPairGenerator.getInstance("ECIES", "BC");
-
-        X9ECParameters x9 = ECNamedCurveTable.getByName("prime239v1");
-        ECParameterSpec ecSpec = new ECParameterSpec(x9.getCurve(), x9.getG(),x9.getN(), x9.getH());
-
-        g.initialize(ecSpec, new SecureRandom());
-
-        Cipher c1 = Cipher.getInstance("ECIES", "BC");
-        Cipher c2 = Cipher.getInstance("ECIES", "BC");
-        
-        doTest(g, c1, c2);
-
-        g = KeyPairGenerator.getInstance("ECIES", "BC");
-
-        g.initialize(192, new SecureRandom());
-
-        doTest(g, c1, c2);
-
-        g = KeyPairGenerator.getInstance("ECIES", "BC");
-
-        g.initialize(239, new SecureRandom());
-
-        doTest(g, c1, c2);
-
-        g = KeyPairGenerator.getInstance("ECIES", "BC");
-
-        g.initialize(256, new SecureRandom());
-
-        doTest(g, c1, c2);
-
-        doDefTest(g, c1, c2);
-        
-        DHParameterSpec             dhParams = new DHParameterSpec(p512, g512);
-        
-        c1 = Cipher.getInstance("IES", "BC");
-        c2 = Cipher.getInstance("IES", "BC");
-        
-        g = KeyPairGenerator.getInstance("DH", "BC");
-
-        g.initialize(dhParams);
-        
-        doTest(g, c1, c2);
-        
-        doDefTest(g, c1, c2);
-    }
-
-    public void doTest(
-        KeyPairGenerator g,
-        Cipher           c1,
-        Cipher           c2)
-        throws Exception
-    {
-        //
-        // a side
-        //
-        KeyPair     aKeyPair = g.generateKeyPair();
-        PublicKey   aPub = aKeyPair.getPublic();
-        PrivateKey  aPriv = aKeyPair.getPrivate();
-
-        //
-        // b side
-        //
-        KeyPair     bKeyPair = g.generateKeyPair();
-        PublicKey   bPub = bKeyPair.getPublic();
-        PrivateKey  bPriv = bKeyPair.getPrivate();
-
-        //
-        // stream test
-        //
-
-        IEKeySpec   c1Key = new IEKeySpec(aPriv, bPub);
-        IEKeySpec   c2Key = new IEKeySpec(bPriv, aPub);
-
-        byte[]  d = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8 };
-        byte[]  e = new byte[] { 8, 7, 6, 5, 4, 3, 2, 1 };
-
-        IESParameterSpec param = new IESParameterSpec(d, e, 128);
-
-        c1.init(Cipher.ENCRYPT_MODE, c1Key, param);
-
-        c2.init(Cipher.DECRYPT_MODE, c2Key, param);
-
-        byte[] message = Hex.decode("1234567890abcdef");
-
-        int estLen1 =  c1.getOutputSize(message.length);
-
-        byte[]   out1 = c1.doFinal(message, 0, message.length);
-
-        if (estLen1 < out1.length)
-        {
-            fail("output size incorrect");
-        }
-
-        int estLen2 =  c2.getOutputSize(out1.length);
-
-        byte[]   out2 = c2.doFinal(out1, 0, out1.length);
-
-        if (estLen2 < out2.length)
-        {
-            fail("output size incorrect");
-        }
-
-        if (!areEqual(out2, message))
-        {
-            fail("stream cipher test failed");
-        }
-    }
-
-    public void doDefTest(
-        KeyPairGenerator    g,
-        Cipher              c1,
-        Cipher              c2)
-        throws Exception
-    {
-        //
-        // a side
-        //
-        KeyPair     aKeyPair = g.generateKeyPair();
-        PublicKey   aPub = aKeyPair.getPublic();
-        PrivateKey  aPriv = aKeyPair.getPrivate();
-
-        //
-        // b side
-        //
-        KeyPair     bKeyPair = g.generateKeyPair();
-        PublicKey   bPub = bKeyPair.getPublic();
-        PrivateKey  bPriv = bKeyPair.getPrivate();
-
-        //
-        // stream test
-        //
-        IEKeySpec   c1Key = new IEKeySpec(aPriv, bPub);
-        IEKeySpec   c2Key = new IEKeySpec(bPriv, aPub);
-
-        c1.init(Cipher.ENCRYPT_MODE, c1Key);
-
-        AlgorithmParameters param = c1.getParameters();
-
-        c2.init(Cipher.DECRYPT_MODE, c2Key, param);
-
-        byte[] message = Hex.decode("1234567890abcdef");
-
-        int estLen1 = c1.getOutputSize(message.length);
-
-        byte[] out1 = c1.doFinal(message, 0, message.length);
-
-        if (estLen1 < out1.length)
-        {
-            fail("output size incorrect");
-        }
-
-        int estLen2 =  c2.getOutputSize(out1.length);
-        byte[] out2 = c2.doFinal(out1, 0, out1.length);
-
-        if (estLen2 < out2.length)
-        {
-            fail("output size incorrect");
-        }
-
-        if (!areEqual(out2, message))
-        {
-            fail("stream cipher test failed");
-        }
-        
-        //
-        // int doFinal
-        //
-        int len1 = c1.doFinal(message, 0, message.length, out1, 0);
-        
-        if (len1 != out1.length)
-        {
-            fail("encryption length wrong");
-        }
-        
-        int len2 = c2.doFinal(out1, 0, out1.length, out2, 0);
-
-        if (len2 != out2.length)
-        {
-            fail("decryption length wrong");
-        }
-        
-        if (!areEqual(out2, message))
-        {
-            fail("stream cipher test failed");
-        }
-        
-        //
-        // int doFinal with update
-        //
-        len1 = c1.update(message, 0, 2, out1, 0);
-        
-        len1 += c1.doFinal(message, 2, message.length - 2, out1, len1);
-        
-        if (len1 != out1.length)
-        {
-            fail("update encryption length wrong");
-        }
-        
-        len2 = c2.update(out1, 0, 2, out2, 0);
-        
-        len2 += c2.doFinal(out1, 2, out1.length - 2, out2, len2);
-
-        if (len2 != out2.length)
-        {
-            fail("update decryption length wrong");
-        }
-        
-        if (!areEqual(out2, message))
-        {
-            fail("update stream cipher test failed");
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new IESTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/ImplicitlyCaTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/ImplicitlyCaTest.java
deleted file mode 100644
index 5d67fa8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/ImplicitlyCaTest.java
+++ /dev/null

@@ -1,330 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.math.BigInteger;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.Signature;
-import java.security.interfaces.ECKey;
-import java.security.spec.ECFieldFp;
-import java.security.spec.EllipticCurve;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x9.ECNamedCurveTable;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jce.ECPointUtil;
-import org.bouncycastle.jce.interfaces.ECPrivateKey;
-import org.bouncycastle.jce.interfaces.ECPublicKey;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECParameterSpec;
-import org.bouncycastle.jce.spec.ECPrivateKeySpec;
-import org.bouncycastle.jce.spec.ECPublicKeySpec;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.FixedSecureRandom;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class ImplicitlyCaTest
-    extends SimpleTest
-{
-    byte[] k1 = Hex.decode("d5014e4b60ef2ba8b6211b4062ba3224e0427dd3");
-    byte[] k2 = Hex.decode("345e8d05c075c3a508df729a1685690e68fcfb8c8117847e89063bca1f85d968fd281540b6e13bd1af989a1fbf17e06462bf511f9d0b140fb48ac1b1baa5bded");
-
-    SecureRandom random = new FixedSecureRandom(
-        new FixedSecureRandom.Source[] { new FixedSecureRandom.Data(k1), new FixedSecureRandom.Data(k2) });
-
-    public void performTest()
-        throws Exception
-    {
-        testBCAPI();
-
-        testJDKAPI();
-
-        testKeyFactory();
-
-        testBasicThreadLocal();
-    }
-
-    private void testBCAPI()
-        throws Exception
-    {
-        KeyPairGenerator g = KeyPairGenerator.getInstance("ECDSA", "BC");
-
-        X9ECParameters x9 = ECNamedCurveTable.getByName("prime239v1");
-        ECParameterSpec ecSpec = new ECParameterSpec(x9.getCurve(), x9.getG(), x9.getN(), x9.getH());
-
-        ConfigurableProvider config = (ConfigurableProvider)Security.getProvider("BC");
-
-        config.setParameter(ConfigurableProvider.EC_IMPLICITLY_CA, ecSpec);
-
-        g.initialize(null, new SecureRandom());
-
-        KeyPair p = g.generateKeyPair();
-
-        ECPrivateKey sKey = (ECPrivateKey)p.getPrivate();
-        ECPublicKey vKey = (ECPublicKey)p.getPublic();
-
-        testECDSA(sKey, vKey);
-
-        testBCParamsAndQ(sKey, vKey);
-        testEC5Params(sKey, vKey);
-
-        testEncoding(sKey, vKey);
-    }
-
-    private void testKeyFactory()
-        throws Exception
-    {
-        KeyPairGenerator g = KeyPairGenerator.getInstance("ECDSA", "BC");
-
-        X9ECParameters x9 = ECNamedCurveTable.getByName("prime239v1");
-        ECParameterSpec ecSpec = new ECParameterSpec(x9.getCurve(), x9.getG(), x9.getN(), x9.getH());
-
-        ConfigurableProvider config = (ConfigurableProvider)Security.getProvider("BC");
-
-        config.setParameter(ConfigurableProvider.EC_IMPLICITLY_CA, ecSpec);
-
-        g.initialize(null, new SecureRandom());
-
-        KeyPair p = g.generateKeyPair();
-
-        ECPrivateKey sKey = (ECPrivateKey)p.getPrivate();
-        ECPublicKey vKey = (ECPublicKey)p.getPublic();
-
-        KeyFactory fact = KeyFactory.getInstance("ECDSA", "BC");
-
-        vKey = (ECPublicKey)fact.generatePublic(new ECPublicKeySpec(vKey.getQ(), null));
-        sKey = (ECPrivateKey)fact.generatePrivate(new ECPrivateKeySpec(sKey.getD(), null));
-        
-        testECDSA(sKey, vKey);
-
-        testBCParamsAndQ(sKey, vKey);
-        testEC5Params(sKey, vKey);
-
-        testEncoding(sKey, vKey);
-
-        ECPublicKey vKey2 = (ECPublicKey)fact.generatePublic(new ECPublicKeySpec(vKey.getQ(), null));
-        ECPrivateKey sKey2 = (ECPrivateKey)fact.generatePrivate(new ECPrivateKeySpec(sKey.getD(), null));
-
-        if (!vKey.equals(vKey2) || vKey.hashCode() != vKey2.hashCode())
-        {
-            fail("public equals/hashCode failed");
-        }
-
-        if (!sKey.equals(sKey2) || sKey.hashCode() != sKey2.hashCode())
-        {
-            fail("private equals/hashCode failed");
-        }
-
-        // check we can get specs.
-        fact.getKeySpec(vKey, java.security.spec.ECPublicKeySpec.class);
-
-        fact.getKeySpec(sKey, java.security.spec.ECPrivateKeySpec.class);
-    }
-
-    private void testJDKAPI()
-        throws Exception
-    {
-        KeyPairGenerator g = KeyPairGenerator.getInstance("ECDSA", "BC");
-
-        EllipticCurve curve = new EllipticCurve(
-            new ECFieldFp(new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839")), // q
-            new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
-            new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
-
-        java.security.spec.ECParameterSpec ecSpec = new java.security.spec.ECParameterSpec(
-            curve,
-            ECPointUtil.decodePoint(curve, Hex.decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
-            new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307"), // n
-            1); // h
-
-
-        ConfigurableProvider config = (ConfigurableProvider)Security.getProvider("BC");
-
-        config.setParameter(ConfigurableProvider.EC_IMPLICITLY_CA, ecSpec);
-
-        g.initialize(null, new SecureRandom());
-
-        KeyPair p = g.generateKeyPair();
-
-        ECPrivateKey sKey = (ECPrivateKey)p.getPrivate();
-        ECPublicKey vKey = (ECPublicKey)p.getPublic();
-
-        testECDSA(sKey, vKey);
-
-        testBCParamsAndQ(sKey, vKey);
-        testEC5Params(sKey, vKey);
-
-        testEncoding(sKey, vKey);
-    }
-
-    private void testBasicThreadLocal()
-        throws Exception
-    {
-        KeyPairGenerator g = KeyPairGenerator.getInstance("ECDSA", "BC");
-
-        EllipticCurve curve = new EllipticCurve(
-            new ECFieldFp(new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839")), // q
-            new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
-            new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
-
-        java.security.spec.ECParameterSpec ecSpec = new java.security.spec.ECParameterSpec(
-            curve,
-            ECPointUtil.decodePoint(curve, Hex.decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
-            new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307"), // n
-            1); // h
-
-
-        ConfigurableProvider config = (ConfigurableProvider)Security.getProvider("BC");
-
-        config.setParameter(ConfigurableProvider.THREAD_LOCAL_EC_IMPLICITLY_CA, ecSpec);
-
-        g.initialize(null, new SecureRandom());
-
-        KeyPair p = g.generateKeyPair();
-
-        ECPrivateKey sKey = (ECPrivateKey)p.getPrivate();
-        ECPublicKey vKey = (ECPublicKey)p.getPublic();
-
-        testECDSA(sKey, vKey);
-
-        testBCParamsAndQ(sKey, vKey);
-        testEC5Params(sKey, vKey);
-
-        testEncoding(sKey, vKey);
-    }
-
-    private void testECDSA(
-        ECPrivateKey sKey,
-        ECPublicKey vKey)
-        throws Exception
-    {
-        byte[]           data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 };
-        Signature        s = Signature.getInstance("ECDSA", "BC");
-
-        s.initSign(sKey);
-
-        s.update(data);
-
-        byte[] sigBytes = s.sign();
-
-        s = Signature.getInstance("ECDSA", "BC");
-
-        s.initVerify(vKey);
-
-        s.update(data);
-
-        if (!s.verify(sigBytes))
-        {
-            fail("ECDSA verification failed");
-        }
-    }
-
-    private void testEncoding(
-        ECPrivateKey privKey,
-        ECPublicKey pubKey)
-        throws Exception
-    {
-        KeyFactory kFact = KeyFactory.getInstance("ECDSA", "BC");
-
-        byte[] bytes = privKey.getEncoded();
-
-        PrivateKeyInfo sInfo = PrivateKeyInfo.getInstance(new ASN1InputStream(bytes).readObject());
-        
-        if (!sInfo.getPrivateKeyAlgorithm().getParameters().equals(DERNull.INSTANCE))
-        {
-            fail("private key parameters wrong");
-        }
-
-        ECPrivateKey sKey = (ECPrivateKey)kFact.generatePrivate(new PKCS8EncodedKeySpec(bytes));
-
-        if (!sKey.equals(privKey))
-        {
-            fail("private equals failed");
-        }
-
-        if (sKey.hashCode() != privKey.hashCode())
-        {
-            fail("private hashCode failed");          
-        }
-
-        bytes = pubKey.getEncoded();
-
-        SubjectPublicKeyInfo vInfo = SubjectPublicKeyInfo.getInstance(new ASN1InputStream(bytes).readObject());
-
-        if (!vInfo.getAlgorithm().getParameters().equals(DERNull.INSTANCE))
-        {
-            fail("public key parameters wrong");
-        }
-        
-        ECPublicKey vKey = (ECPublicKey)kFact.generatePublic(new X509EncodedKeySpec(bytes));
-
-        if (!vKey.equals(pubKey) || vKey.hashCode() != pubKey.hashCode())
-        {
-            fail("public equals/hashCode failed");
-        }
-
-        testBCParamsAndQ(sKey, vKey);
-        testEC5Params(sKey, vKey);
-
-        testECDSA(sKey, vKey);
-    }
-
-    private void testBCParamsAndQ(
-        ECPrivateKey sKey,
-        ECPublicKey vKey)
-    {
-        if (sKey.getParameters() != null)
-        {
-            fail("parameters exposed in private key");
-        }
-
-        if (vKey.getParameters() != null)
-        {
-            fail("parameters exposed in public key");
-        }
-
-        if (vKey.getQ().getCurve() != null)
-        {
-            fail("curve exposed in public point");
-        }
-    }
-
-    private void testEC5Params(
-        ECPrivateKey sKey,
-        ECPublicKey vKey)
-    {
-        java.security.interfaces.ECKey k = (java.security.interfaces.ECKey)sKey;
-
-        if (k.getParams() != null)
-        {
-            fail("parameters exposed in private key");
-        }
-
-        k = (ECKey)vKey;
-        if (k.getParams() != null)
-        {
-            fail("parameters exposed in public key");
-        }
-    }
-
-    public String getName()
-    {
-        return "ImplicitlyCA";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new ImplicitlyCaTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/JceTestUtil.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/JceTestUtil.java
deleted file mode 100644
index 9c0805a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/JceTestUtil.java
+++ /dev/null

@@ -1,49 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.security.Security;
-import java.util.ArrayList;
-import java.util.Enumeration;
-import java.util.List;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-
-abstract class JceTestUtil
-{
-    private JceTestUtil()
-    {
-    }
-
-    static String[] getRegisteredAlgorithms(String prefix, String[] exclusionPatterns)
-    {
-        final BouncyCastleProvider prov = (BouncyCastleProvider)Security.getProvider("BC");
-
-        List matches = new ArrayList();
-        Enumeration algos = prov.keys();
-        while (algos.hasMoreElements())
-        {
-            String algo = (String)algos.nextElement();
-            if (!algo.startsWith(prefix))
-            {
-                continue;
-            }
-            String algoName = algo.substring(prefix.length());
-            if (!isExcluded(algoName, exclusionPatterns))
-            {
-                matches.add(algoName);
-            }
-        }
-        return (String[])matches.toArray(new String[matches.size()]);
-    }
-
-    private static boolean isExcluded(String algoName, String[] exclusionPatterns)
-    {
-        for (int i = 0; i < exclusionPatterns.length; i++)
-        {
-            if (algoName.contains(exclusionPatterns[i]))
-            {
-                return true;
-            }
-        }
-        return false;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/KeccakTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/KeccakTest.java
deleted file mode 100644
index ed1659b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/KeccakTest.java
+++ /dev/null

@@ -1,136 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.security.MessageDigest;
-import java.security.Security;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class KeccakTest
-    extends SimpleTest
-{
-    final static String provider = "BC";
-
-    static private byte[] nullMsg = new byte[0];
-
-    static private String[][] nullVectors =
-    {
-        { "KECCAK-224", "f71837502ba8e10837bdd8d365adb85591895602fc552b48b7390abd" },
-        { "KECCAK-256", "c5d2460186f7233c927e7db2dcc703c0e500b653ca82273b7bfad8045d85a470" },
-        { "KECCAK-384", "2c23146a63a29acf99e73b88f8c24eaa7dc60aa771780ccc006afbfa8fe2479b2dd2b21362337441ac12b515911957ff" },
-        { "KECCAK-512", "0eab42de4c3ceb9235fc91acffe746b29c29a8c366b7c60e4e67c466f36a4304c00fa9caf9d87976ba469bcbe06713b435f091ef2769fb160cdab33d3670680e" },
-    };
-
-    static private byte[] shortMsg = Hex.decode("54686520717569636b2062726f776e20666f78206a756d7073206f76657220746865206c617a7920646f67");
-
-    static private String[][] shortVectors =
-    {
-        { "KECCAK-224", "310aee6b30c47350576ac2873fa89fd190cdc488442f3ef654cf23fe" },
-        { "KECCAK-256", "4d741b6f1eb29cb2a9b9911c82f56fa8d73b04959d3d9d222895df6c0b28aa15" },
-        { "KECCAK-384", "283990fa9d5fb731d786c5bbee94ea4db4910f18c62c03d173fc0a5e494422e8a0b3da7574dae7fa0baf005e504063b3" },
-        { "KECCAK-512", "d135bb84d0439dbac432247ee573a23ea7d3c9deb2a968eb31d47c4fb45f1ef4422d6c531b5b9bd6f449ebcc449ea94d0a8f05f62130fda612da53c79659f609" },
-    };
-
-    public String getName()
-    {
-        return "KECCAK";
-    }
-
-    void test(String algorithm, byte[] message, String expected)
-        throws Exception
-    {
-        MessageDigest digest = MessageDigest.getInstance(algorithm, provider);
-
-        byte[] result = digest.digest(message);
-        byte[] result2 = digest.digest(message);
-
-        // test zero results valid
-        if (!MessageDigest.isEqual(result, Hex.decode(expected)))
-        {
-            fail("null result not equal for " + algorithm);
-        }
-        
-        // test one digest the same message with the same instance
-        if (!MessageDigest.isEqual(result, result2))
-        {
-            fail("Result object 1 not equal");
-        }
-
-        if (!MessageDigest.isEqual(result, Hex.decode(expected)))
-        {
-            fail("Result object 1 not equal");
-        }
-
-        // test two, single byte updates
-        for (int i = 0; i < message.length; i++)
-        {
-            digest.update(message[i]);
-        }
-        result2 = digest.digest();
-
-        if (!MessageDigest.isEqual(result, result2))
-        {
-            fail("Result object 2 not equal");
-        }
-
-        // test three, two half updates
-        digest.update(message, 0, message.length/2);
-        digest.update(message, message.length/2, message.length-message.length/2);
-        result2 = digest.digest();
-
-        if (!MessageDigest.isEqual(result, result2))
-        {
-            fail("Result object 3 not equal");
-        }
-
-        // test four, clone test
-        digest.update(message, 0, message.length/2);
-        MessageDigest d = (MessageDigest)digest.clone();
-        digest.update(message, message.length/2, message.length-message.length/2);
-        result2 = digest.digest();
-
-        if (!MessageDigest.isEqual(result, result2))
-        {
-            fail("Result object 4(a) not equal");
-        }
-
-        d.update(message, message.length/2, message.length-message.length/2);
-        result2 = d.digest();
-
-        if (!MessageDigest.isEqual(result, result2))
-        {
-            fail("Result object 4(b) not equal");
-        }
-
-        // test five, check reset() method
-        digest.update(message, 0, message.length/2);
-        digest.reset();
-        digest.update(message, 0, message.length/2);
-        digest.update(message, message.length/2, message.length-message.length/2);
-        result2 = digest.digest();
-
-        if (!MessageDigest.isEqual(result, result2))
-        {
-            fail("Result object 5 not equal");
-        }
-        
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        for (int i = 0; i != nullVectors.length; i++)
-        {
-            test(nullVectors[i][0], nullMsg, nullVectors[i][1]);
-            test(shortVectors[i][0], shortMsg, shortVectors[i][1]);
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new KeccakTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/KeyStoreTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/KeyStoreTest.java
deleted file mode 100644
index 9c660a9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/KeyStoreTest.java
+++ /dev/null

@@ -1,419 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.math.BigInteger;
-import java.security.Key;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.KeyStore;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-import java.security.interfaces.RSAPrivateKey;
-import java.security.interfaces.RSAPublicKey;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-import java.util.Date;
-import java.util.Hashtable;
-import java.util.Vector;
-
-import org.bouncycastle.asn1.x9.ECNamedCurveTable;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.jce.X509Principal;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECParameterSpec;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.x509.X509V3CertificateGenerator;
-
-/**
- * Exercise the various key stores, making sure we at least get back what we put in!
- * <p>
- * This tests both the BKS, and the UBER key store.
- */
-public class KeyStoreTest
-    extends SimpleTest
-{
-    static char[]   passwd = { 'h', 'e', 'l', 'l', 'o', ' ', 'w', 'o', 'r', 'l', 'd' };
-
-    byte[] v1BKS = Base64.decode(
-          "AAAAAQAAABTqZbNMyPjsFazhFplWWDMBLPRdRAAABcYEAAdhbmRyb2lkAAAB"
-        + "NOifkPwAAAAAAAAAPAAAABTZOLhcyhB0gKyfoDvyQbpzftB7GgAABEYPrZP8"
-        + "q20AJLETjDv0K9C5rIl1erpyvpv20bqcbghK6wD0b8OP5/XzOz/8knhxmqJZ"
-        + "3yRJMw==");
-    byte[] v2BKS = Base64.decode(
-          "AAAAAgAAABSkmTXz4VIznO1SSUqsIHdxWcxsuQAABFMEAAdhbmRyb2lkAAABN" +
-          "OifkPwAAAAAAAAAPAAAABTZOLhcyhB0gKyfoDvyQbpzftB7GgAABEYPrZP8q2" +
-          "0AJLETjDv0K9C5rIl1erpyvpv20bqcbghK6wBO59KOGPvSrmJpd32P6ZAh9qLZJw==");
-
-    byte[] v1UBER = Base64.decode(
-          "AAAAAQAAABRP0F6p2p3FyQKqyJiJt3NbvdybiwAAB2znqrO779YIW5gMtbt+"
-        + "NUs96VPPcfZiKJPg7RKH7Yu3CQB0/g9nYsvgFB0fQ05mHcW3KjntN2/31A6G"
-        + "i00n4ZnUTjJL16puZnQrloeGXxFy58tjwkFuwJ7V7ELYgiZlls0beHSdDGQW"
-        + "iyYECwWs1la/");
-    byte[] v2UBER = Base64.decode(
-          "AAAAAgAAABQ/D9k3376OG/REg4Ams9Up332tLQAABujoVcsRcKWwhlo4mMg5"
-        + "lF2vJfK+okIYecJGWCvdykF5r8kDn68llt52IDXDkpRXVXcNJ0/aD7sa7iZ0"
-        + "SL0TAwcfp/9v4j/w8slj/qgO0i/76+zROrP0NGFIa5k/iOg5Z0Tj77muMaJf"
-        + "n3vLlIHa4IsX");
-
-    byte[] negSaltBKS = Base64.decode(
-          "AAAAAv////+WnyglO06djy6JgCxGiIemnZdcOwAAB2AEAAdhbmRyb2lkAAAB" +
-          "NOifkPwAAAAAAAAAPAAAABTZOLhcyhB0gKyfoDvyQbpzftB7GgAABEYPrZP8" +
-          "q20AJLETjDv0K9C5rIl1erpyvpv20bqcbghK6wDrg6gUHsh27wNjUwkR+REe" +
-          "NeFYBg==");
-
-    char[] oldStorePass = "fredfred".toCharArray();
-
-    public void ecStoreTest(
-        String  storeName)
-        throws Exception
-    {
-        X9ECParameters x9 = ECNamedCurveTable.getByName("prime239v1");
-        ECCurve curve = x9.getCurve();
-        ECParameterSpec ecSpec = new ECParameterSpec(curve, x9.getG(), x9.getN(), x9.getH());
-
-        KeyPairGenerator    g = KeyPairGenerator.getInstance("ECDSA", "BC");
-
-        g.initialize(ecSpec, new SecureRandom());
-
-        KeyPair     keyPair = g.generateKeyPair();
-
-        PublicKey   pubKey = keyPair.getPublic();
-        PrivateKey  privKey = keyPair.getPrivate();
-
-        //
-        // distinguished name table.
-        //
-        Hashtable                 attrs = new Hashtable();
-        Vector                    order = new Vector();
-
-        attrs.put(X509Principal.C, "AU");
-        attrs.put(X509Principal.O, "The Legion of the Bouncy Castle");
-        attrs.put(X509Principal.L, "Melbourne");
-        attrs.put(X509Principal.ST, "Victoria");
-        attrs.put(X509Principal.E, "feedback-crypto@bouncycastle.org");
-
-        order.addElement(X509Principal.C);
-        order.addElement(X509Principal.O);
-        order.addElement(X509Principal.L);
-        order.addElement(X509Principal.ST);
-        order.addElement(X509Principal.E);
-
-        //
-        // create the certificate - version 3
-        //
-        X509V3CertificateGenerator  certGen = new X509V3CertificateGenerator();
-
-        certGen.setSerialNumber(BigInteger.valueOf(1));
-        certGen.setIssuerDN(new X509Principal(order, attrs));
-        certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
-        certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000));
-        certGen.setSubjectDN(new X509Principal(order, attrs));
-        certGen.setPublicKey(pubKey);
-        certGen.setSignatureAlgorithm("ECDSAwithSHA1");
-
-        Certificate[]    chain = new Certificate[1];
-
-        try
-        {
-            X509Certificate cert = certGen.generate(privKey);
-
-            cert.checkValidity(new Date());
-
-            cert.verify(pubKey);
-
-            ByteArrayInputStream    bIn = new ByteArrayInputStream(cert.getEncoded());
-            CertificateFactory      fact = CertificateFactory.getInstance("X.509", "BC");
-
-            cert = (X509Certificate)fact.generateCertificate(bIn);
-
-            chain[0] = cert;
-        }
-        catch (Exception e)
-        {
-            fail("error generating cert - " + e.toString());
-        }
-
-        KeyStore store = KeyStore.getInstance(storeName, "BC");
-
-        store.load(null, null);
-
-        store.setKeyEntry("private", privKey, passwd, chain);
-
-        //
-        // write out and read back store
-        //
-        ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
-
-        store.store(bOut, passwd);
-
-        ByteArrayInputStream    bIn = new ByteArrayInputStream(bOut.toByteArray());
-
-        //
-        // start with a new key store
-        //
-        store = KeyStore.getInstance(storeName, "BC");
-
-        store.load(bIn, passwd);
-
-        //
-        // load the private key
-        //
-        privKey = (PrivateKey)store.getKey("private", passwd);
-
-        //
-        // double public key encoding test
-        //
-        byte[]              pubEnc = pubKey.getEncoded();
-        KeyFactory          keyFac = KeyFactory.getInstance(pubKey.getAlgorithm(), "BC");
-        X509EncodedKeySpec  pubX509 = new X509EncodedKeySpec(pubEnc);
-
-        pubKey = (PublicKey)keyFac.generatePublic(pubX509);
-
-        pubEnc = pubKey.getEncoded();
-        keyFac = KeyFactory.getInstance(pubKey.getAlgorithm(), "BC");
-        pubX509 = new X509EncodedKeySpec(pubEnc);
-
-        pubKey = (PublicKey)keyFac.generatePublic(pubX509);
-
-        //
-        // double private key encoding test
-        //
-        byte[]              privEnc = privKey.getEncoded();
-
-        keyFac = KeyFactory.getInstance(privKey.getAlgorithm(), "BC");
-
-        PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc);
-        privKey = (PrivateKey)keyFac.generatePrivate(privPKCS8);
-
-        keyFac = KeyFactory.getInstance(privKey.getAlgorithm(), "BC");
-        privPKCS8 = new PKCS8EncodedKeySpec(privEnc);
-        privKey = (PrivateKey)keyFac.generatePrivate(privPKCS8);
-    }
-
-    public void keyStoreTest(
-        String    storeName)
-        throws Exception
-    {
-        KeyStore store = KeyStore.getInstance(storeName, "BC");
-
-        store.load(null, null);
-
-        KeyPairGenerator gen = KeyPairGenerator.getInstance("RSA", "BC");
-
-        gen.initialize(1024, new SecureRandom());
-
-        KeyPair         pair = gen.generateKeyPair();
-        RSAPrivateKey   privKey = (RSAPrivateKey)pair.getPrivate();
-        RSAPublicKey    pubKey = (RSAPublicKey)pair.getPublic();
-        BigInteger      modulus = privKey.getModulus();
-        BigInteger      privateExponent = privKey.getPrivateExponent();
-
-
-        //
-        // distinguished name table.
-        //
-        Hashtable                   attrs = new Hashtable();
-        Vector                      order = new Vector();
-
-        attrs.put(X509Principal.C, "AU");
-        attrs.put(X509Principal.O, "The Legion of the Bouncy Castle");
-        attrs.put(X509Principal.L, "Melbourne");
-        attrs.put(X509Principal.ST, "Victoria");
-        attrs.put(X509Principal.EmailAddress, "feedback-crypto@bouncycastle.org");
-
-        order.addElement(X509Principal.C);
-        order.addElement(X509Principal.O);
-        order.addElement(X509Principal.L);
-        order.addElement(X509Principal.ST);
-        order.addElement(X509Principal.EmailAddress);
-
-        //
-        // extensions
-        //
-
-        //
-        // create the certificate.
-        //
-        X509V3CertificateGenerator  certGen = new X509V3CertificateGenerator();
-
-        certGen.setSerialNumber(BigInteger.valueOf(1));
-        certGen.setIssuerDN(new X509Principal(order, attrs));
-        certGen.setNotBefore(new Date(System.currentTimeMillis() - 50000));
-        certGen.setNotAfter(new Date(System.currentTimeMillis() + 50000));
-        certGen.setSubjectDN(new X509Principal(order, attrs));
-        certGen.setPublicKey(pubKey);
-        certGen.setSignatureAlgorithm("MD5WithRSAEncryption");
-
-        Certificate[]   chain = new Certificate[1];
-
-        try
-        {
-            X509Certificate cert = certGen.generate(privKey);
-
-            cert.checkValidity(new Date());
-
-            cert.verify(pubKey);
-
-            ByteArrayInputStream    bIn = new ByteArrayInputStream(cert.getEncoded());
-            CertificateFactory      fact = CertificateFactory.getInstance("X.509", "BC");
-
-            cert = (X509Certificate)fact.generateCertificate(bIn);
-
-            chain[0] = cert;
-        }
-        catch (Exception e)
-        {
-            fail("error generating cert - " + e.toString());
-        }
-
-        store.setKeyEntry("private", privKey, passwd, chain);
-
-        //
-        // write out and read back store
-        //
-        ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
-
-        store.store(bOut, passwd);
-
-        ByteArrayInputStream    bIn = new ByteArrayInputStream(bOut.toByteArray());
-
-        //
-        // start with a new key store
-        //
-        store = KeyStore.getInstance(storeName, "BC");
-
-        store.load(bIn, passwd);
-
-        //
-        // verify public key
-        //
-        privKey = (RSAPrivateKey)store.getKey("private", passwd);
-
-        if (!privKey.getModulus().equals(modulus))
-        {
-            fail("private key modulus wrong");
-        }
-        else if (!privKey.getPrivateExponent().equals(privateExponent))
-        {
-            fail("private key exponent wrong");
-        }
-
-        //
-        // verify certificate
-        //
-        Certificate cert = store.getCertificateChain("private")[0];
-
-        cert.verify(pubKey);
-    }
-
-    private void oldStoreTest()
-        throws Exception
-    {
-        checkStore(KeyStore.getInstance("BKS", "BC"), v1BKS);
-        checkStore(KeyStore.getInstance("BKS", "BC"), v2BKS);
-        checkStore(KeyStore.getInstance("UBER", "BC"), v1UBER);
-        checkStore(KeyStore.getInstance("UBER", "BC"), v2UBER);
-
-        checkOldStore(KeyStore.getInstance("BKS-V1", "BC"), v1BKS);
-        checkOldStore(KeyStore.getInstance("BKS-V1", "BC"), v2BKS);
-    }
-
-    private void checkStore(KeyStore ks, byte[] data)
-        throws Exception
-    {
-        ks.load(new ByteArrayInputStream(data), oldStorePass);
-
-        if (!ks.containsAlias("android"))
-        {
-            fail("cannot find alias");
-        }
-
-        Key key = ks.getKey("android", oldStorePass);
-        if (key == null)
-        {
-            fail("cannot find key");
-        }
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        ks.store(bOut, oldStorePass);
-    }
-
-    private void checkOldStore(KeyStore ks, byte[] data)
-        throws Exception
-    {
-        ks.load(new ByteArrayInputStream(data), oldStorePass);
-
-        if (!ks.containsAlias("android"))
-        {
-            fail("cannot find alias");
-        }
-
-        Key key = ks.getKey("android", oldStorePass);
-        if (key == null)
-        {
-            fail("cannot find key");
-        }
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        ks.store(bOut, oldStorePass);
-
-        if (data.length != bOut.toByteArray().length)
-        {
-            fail("Old version key store write incorrect");
-        }
-    }
-
-    private void checkException()
-        throws Exception
-    {
-        KeyStore ks = KeyStore.getInstance("BKS", "BC");
-
-        try
-        {
-            ks.load(new ByteArrayInputStream(negSaltBKS), oldStorePass);
-        }
-        catch (IOException e)
-        {
-            if (!e.getMessage().equals("Invalid salt detected"))
-            {
-                fail("negative salt length not detected");
-            }
-        }
-    }
-
-    public String getName()
-    {
-        return "KeyStore";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        keyStoreTest("BKS");
-        keyStoreTest("UBER");
-        keyStoreTest("BKS-V1");
-        ecStoreTest("BKS");
-        oldStoreTest();
-        checkException();
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new KeyStoreTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/MQVTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/MQVTest.java
deleted file mode 100644
index 28852f7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/MQVTest.java
+++ /dev/null

@@ -1,146 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.math.BigInteger;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.spec.ECFieldFp;
-import java.security.spec.ECParameterSpec;
-import java.security.spec.EllipticCurve;
-
-import javax.crypto.KeyAgreement;
-
-import org.bouncycastle.jcajce.spec.MQVParameterSpec;
-import org.bouncycastle.jce.ECPointUtil;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.MQVPrivateKeySpec;
-import org.bouncycastle.jce.spec.MQVPublicKeySpec;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class MQVTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "MQV";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        testECMQVDeprecated();
-        testECMQV();
-    }
-
-    private void testECMQVDeprecated()
-        throws Exception
-    {
-        KeyPairGenerator g = KeyPairGenerator.getInstance("ECMQV", "BC");
-
-        EllipticCurve curve = new EllipticCurve(
-                new ECFieldFp(new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839")), // q
-                new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
-                new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
-
-        ECParameterSpec ecSpec = new ECParameterSpec(
-                curve,
-                ECPointUtil.decodePoint(curve, Hex.decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
-                new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307"), // n
-                1); // h
-
-        g.initialize(ecSpec, new SecureRandom());
-
-        //
-        // U side
-        //
-        KeyPair U1 = g.generateKeyPair();
-        KeyPair U2 = g.generateKeyPair();
-
-        KeyAgreement uAgree = KeyAgreement.getInstance("ECMQV", "BC");
-        uAgree.init(new MQVPrivateKeySpec(U1.getPrivate(), U2.getPrivate(), U2.getPublic()));
-
-        //
-        // V side
-        //
-        KeyPair V1 = g.generateKeyPair();
-        KeyPair V2 = g.generateKeyPair();
-
-        KeyAgreement vAgree = KeyAgreement.getInstance("ECMQV", "BC");
-        vAgree.init(new MQVPrivateKeySpec(V1.getPrivate(), V2.getPrivate(), V2.getPublic()));
-
-        //
-        // agreement
-        //
-        uAgree.doPhase(new MQVPublicKeySpec(V1.getPublic(), V2.getPublic()), true);
-        vAgree.doPhase(new MQVPublicKeySpec(U1.getPublic(), U2.getPublic()), true);
-
-        BigInteger ux = new BigInteger(uAgree.generateSecret());
-        BigInteger vx = new BigInteger(vAgree.generateSecret());
-
-        if (!ux.equals(vx))
-        {
-            fail("Deprecated Agreement failed");
-        }
-    }
-
-    private void testECMQV()
-        throws Exception
-    {
-        KeyPairGenerator g = KeyPairGenerator.getInstance("ECMQV", "BC");
-
-        EllipticCurve curve = new EllipticCurve(
-                new ECFieldFp(new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839")), // q
-                new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16), // a
-                new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16)); // b
-
-        ECParameterSpec ecSpec = new ECParameterSpec(
-                curve,
-                ECPointUtil.decodePoint(curve, Hex.decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")), // G
-                new BigInteger("883423532389192164791648750360308884807550341691627752275345424702807307"), // n
-                1); // h
-
-        g.initialize(ecSpec, new SecureRandom());
-
-         //
-        // U side
-        //
-        KeyPair U1 = g.generateKeyPair();
-        KeyPair U2 = g.generateKeyPair();
-
-        //
-        // V side
-        //
-        KeyPair V1 = g.generateKeyPair();
-        KeyPair V2 = g.generateKeyPair();
-
-        KeyAgreement uAgree = KeyAgreement.getInstance("ECMQV", "BC");
-        uAgree.init(U1.getPrivate(), new MQVParameterSpec(U2, V2.getPublic()));
-
-        KeyAgreement vAgree = KeyAgreement.getInstance("ECMQV", "BC");
-        vAgree.init(V1.getPrivate(), new MQVParameterSpec(V2, U2.getPublic()));
-
-        //
-        // agreement
-        //
-        uAgree.doPhase(V1.getPublic(), true);
-        vAgree.doPhase(U1.getPublic(), true);
-
-        BigInteger ux = new BigInteger(uAgree.generateSecret());
-        BigInteger vx = new BigInteger(vAgree.generateSecret());
-
-        if (!ux.equals(vx))
-        {
-            fail("Agreement failed");
-        }
-    }
-
-    public static void main(
-        String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new MQVTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/MacTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/MacTest.java
deleted file mode 100644
index d011eb7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/MacTest.java
+++ /dev/null

@@ -1,186 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.security.Security;
-
-import javax.crypto.Mac;
-import javax.crypto.SecretKey;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * MAC tester - vectors from 
- * <a href=http://www.itl.nist.gov/fipspubs/fip81.htm>FIP 81</a> and 
- * <a href=http://www.itl.nist.gov/fipspubs/fip113.htm>FIP 113</a>.
- */
-public class MacTest
-    extends SimpleTest
-{
-    static byte[]   keyBytes = Hex.decode("0123456789abcdef");
-    static byte[]   ivBytes = Hex.decode("1234567890abcdef");
-
-    static byte[]   input = Hex.decode("37363534333231204e6f77206973207468652074696d6520666f7220");
-
-    static byte[]   output1 = Hex.decode("f1d30f68");
-    static byte[]   output2 = Hex.decode("58d2e77e");
-    static byte[]   output3 = Hex.decode("cd647403");
-
-    static byte[]   keyBytesISO9797 = Hex.decode("7CA110454A1A6E570131D9619DC1376E");
-    
-    static byte[]   inputISO9797 = "Hello World !!!!".getBytes(); 
-    
-    static byte[]   outputISO9797 = Hex.decode("F09B856213BAB83B");
-    
-    static byte[]   inputDesEDE64 = "Hello World !!!!".getBytes(); 
-    
-    static byte[]   outputDesEDE64 = Hex.decode("862304d33af01096");
-    
-    public MacTest()
-    {
-    }
-
-    private void aliasTest(SecretKey key, String primary, String[] aliases)
-        throws Exception
-    {
-        Mac mac = Mac.getInstance(primary, "BC");
-
-        //
-        // standard DAC - zero IV
-        //
-        mac.init(key);
-
-        mac.update(input, 0, input.length);
-
-        byte[] ref = mac.doFinal();
-
-        for (int i = 0; i != aliases.length; i++)
-        {
-            mac = Mac.getInstance(aliases[i], "BC");
-
-            mac.init(key);
-
-            mac.update(input, 0, input.length);
-
-            byte[] out = mac.doFinal();
-            if (!areEqual(out, ref))
-            {
-                fail("Failed - expected " + new String(Hex.encode(ref)) + " got " + new String(Hex.encode(out)));
-            }
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        SecretKey           key = new SecretKeySpec(keyBytes, "DES");
-        byte[]              out;
-        Mac                 mac;
-
-        mac = Mac.getInstance("DESMac", "BC");
-
-        //
-        // standard DAC - zero IV
-        //
-        mac.init(key);
-
-        mac.update(input, 0, input.length);
-
-        out = mac.doFinal();
-
-        if (!areEqual(out, output1))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output1)) + " got " + new String(Hex.encode(out)));
-        }
-        
-        //
-        // mac with IV.
-        //
-        mac.init(key, new IvParameterSpec(ivBytes));
-
-        mac.update(input, 0, input.length);
-
-        out = mac.doFinal();
-
-        if (!areEqual(out, output2))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output2)) + " got " + new String(Hex.encode(out)));
-        }
-        
-        //
-        // CFB mac with IV - 8 bit CFB mode
-        //
-        mac = Mac.getInstance("DESMac/CFB8", "BC");
-
-        mac.init(key, new IvParameterSpec(ivBytes));
-
-        mac.update(input, 0, input.length);
-
-        out = mac.doFinal();
-
-        if (!areEqual(out, output3))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output3)) + " got " + new String(Hex.encode(out)));
-        }
-        
-        //
-        // ISO9797 algorithm 3 using DESEDE
-        //
-        key = new SecretKeySpec(keyBytesISO9797, "DESEDE");
-        
-        mac = Mac.getInstance("ISO9797ALG3", "BC");
-
-        mac.init(key);
-
-        mac.update(inputISO9797, 0, inputISO9797.length);
-
-        out = mac.doFinal();
-
-        if (!areEqual(out, outputISO9797))
-        {
-            fail("Failed - expected " + new String(Hex.encode(outputISO9797)) + " got " + new String(Hex.encode(out)));
-        }
-        
-        //
-        // 64bit DESede Mac
-        //
-        key = new SecretKeySpec(keyBytesISO9797, "DESEDE");
-        
-        mac = Mac.getInstance("DESEDE64", "BC");
-
-        mac.init(key);
-
-        mac.update(inputDesEDE64, 0, inputDesEDE64.length);
-
-        out = mac.doFinal();
-
-        if (!areEqual(out, outputDesEDE64))
-        {
-            fail("Failed - expected " + new String(Hex.encode(outputDesEDE64)) + " got " + new String(Hex.encode(out)));
-        }
-
-        aliasTest(new SecretKeySpec(keyBytesISO9797, "DESede"), "DESedeMac64withISO7816-4Padding",
-            new String[] { "DESEDE64WITHISO7816-4PADDING", "DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEISO9797ALG1WITHISO7816-4PADDING" });
-
-        aliasTest(new SecretKeySpec(keyBytesISO9797, "DESede"), "ISO9797ALG3WITHISO7816-4PADDING",
-            new String[] { "ISO9797ALG3MACWITHISO7816-4PADDING" });
-
-        aliasTest(new SecretKeySpec(keyBytes, "DES"), "DES64",
-            new String[] { "DESMAC64" });
-    }
-
-    public String getName()
-    {
-        return "Mac";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new MacTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/MultiCertStoreTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/MultiCertStoreTest.java
deleted file mode 100644
index 240d1e6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/MultiCertStoreTest.java
+++ /dev/null

@@ -1,96 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import org.bouncycastle.jce.MultiCertStoreParameters;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.test.SimpleTest;
-
-import java.io.ByteArrayInputStream;
-import java.security.Security;
-import java.security.cert.CertStore;
-import java.security.cert.CertificateFactory;
-import java.security.cert.CollectionCertStoreParameters;
-import java.security.cert.X509CRL;
-import java.security.cert.X509CertSelector;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.List;
-
-public class MultiCertStoreTest
-    extends SimpleTest
-{
-
-    public void performTest()
-        throws Exception
-    {
-        basicTest();
-    }
-
-    private void basicTest()
-        throws Exception
-    {
-        CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
-
-        X509Certificate rootCert = (X509Certificate)cf
-                .generateCertificate(new ByteArrayInputStream(
-                        CertPathTest.rootCertBin));
-        X509Certificate interCert = (X509Certificate)cf
-                .generateCertificate(new ByteArrayInputStream(
-                        CertPathTest.interCertBin));
-        X509Certificate finalCert = (X509Certificate)cf
-                .generateCertificate(new ByteArrayInputStream(
-                        CertPathTest.finalCertBin));
-        X509CRL rootCrl = (X509CRL)cf.generateCRL(new ByteArrayInputStream(
-                CertPathTest.rootCrlBin));
-        X509CRL interCrl = (X509CRL)cf
-                .generateCRL(new ByteArrayInputStream(
-                        CertPathTest.interCrlBin));
-
-        // Testing CollectionCertStore generation from List
-        List list = new ArrayList();
-        list.add(rootCert);
-        list.add(interCert);
-        list.add(finalCert);
-        list.add(rootCrl);
-        list.add(interCrl);
-        CollectionCertStoreParameters ccsp = new CollectionCertStoreParameters(list);
-        CertStore store1 = CertStore.getInstance("Collection", ccsp, "BC");
-        CertStore store2 = CertStore.getInstance("Collection", ccsp, "BC");
-
-        List storeList = new ArrayList();
-        storeList.add(store1);
-        storeList.add(store2);
-        CertStore store = CertStore.getInstance("Multi", new MultiCertStoreParameters(storeList));
-
-        // Searching for rootCert by subjectDN
-        X509CertSelector targetConstraints = new X509CertSelector();
-        targetConstraints.setSubject(rootCert.getSubjectX500Principal().getName());
-        Collection certs = store.getCertificates(targetConstraints);
-
-        if (certs.size() != 2 || !certs.contains(rootCert))
-        {
-            fail("2 rootCerts not found by subjectDN");
-        }
-
-        store = CertStore.getInstance("Multi", new MultiCertStoreParameters(storeList, false));
-        certs = store.getCertificates(targetConstraints);
-        
-        if (certs.size() != 1 || !certs.contains(rootCert))
-        {
-            fail("1 rootCert not found by subjectDN");
-        }
-    }
-
-    public String getName()
-    {
-        return "MultiCertStore";
-    }
-
-    public static void main(String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new MultiCertStoreTest());
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/NISTCertPathTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/NISTCertPathTest.java
deleted file mode 100644
index 43f90a1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/NISTCertPathTest.java
+++ /dev/null

@@ -1,5173 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.security.GeneralSecurityException;
-import java.security.Security;
-import java.security.cert.CertPathBuilder;
-import java.security.cert.CertPathBuilderResult;
-import java.security.cert.CertStore;
-import java.security.cert.CertificateFactory;
-import java.security.cert.CollectionCertStoreParameters;
-import java.security.cert.PKIXBuilderParameters;
-import java.security.cert.TrustAnchor;
-import java.security.cert.X509CRL;
-import java.security.cert.X509CertSelector;
-import java.security.cert.X509Certificate;
-import java.util.HashSet;
-import java.util.Set;
-import java.util.Vector;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-/*
- * These tests are taken from the NIST X.509 Validation Test Suite
- * available at: http://csrc.nist.gov/pki/testing/x509paths.html
- * 
- * Only the relevant certificate and crl data has been kept, in order
- * to keep the class size to a minimum.
- * 
- */
-
-public class NISTCertPathTest 
-    extends SimpleTest 
-{    
-    private static final String TEST_POLICY_1 = "2.16.840.1.101.3.1.48.1";
-    private static final String TEST_POLICY_2 = "2.16.840.1.101.3.1.48.2";
-    private static final String TEST_POLICY_3 = "2.16.840.1.101.3.1.48.3";
-    private static final String TEST_POLICY_4 = "2.16.840.1.101.3.1.48.4";
-    private static final String TEST_POLICY_5 = "2.16.840.1.101.3.1.48.5";
-    
-    private static Set ANY;
-    private static Set TP1;
-    private static Set TP2;
-    private static Set TP3;
-    private static Set TP4;
-    private static Set TP1_TP2;
-    
-    static {
-        ANY = new HashSet();
-        
-        TP1 = new HashSet();
-        TP1.add(TEST_POLICY_1);
-        
-        TP2 = new HashSet();
-        TP2.add(TEST_POLICY_2);
-        
-        TP3 = new HashSet();
-        TP3.add(TEST_POLICY_3);
-
-        TP4 = new HashSet();
-        TP4.add(TEST_POLICY_4);
-        
-        TP1_TP2 = new HashSet();
-        TP1_TP2.add(TEST_POLICY_1);
-        TP1_TP2.add(TEST_POLICY_2);
-    }
-
-    /*  
-     *  
-     *  FIELDS
-     *  
-     */ 
-    
-    private CertificateFactory fact;
-    
-    private X509Certificate trustedCert;
-    private X509CRL         trustedCRL;
-    private Set             trustedSet;
-    private int             testCount;
-    private Vector          testFail;
-    private StringBuffer    resultBuf;
- 
-    public String getName() 
-    {
-        return "NISTCertPathTest";
-    }
-    
-    
-    public void performTest() 
-    {
-        init();
-        
-        test(" 1", TEST_1_DATA , true , false);
-        test(" 2", TEST_2_DATA , false, false);
-        test(" 3", TEST_3_DATA , false, false);
-        test(" 4", TEST_4_DATA , true , false);
-        test(" 5", TEST_5_DATA , false, false);
-        test(" 6", TEST_6_DATA , false, false);
-        test(" 7", TEST_7_DATA , true , false);
-        test(" 8", TEST_8_DATA , false, false);
-        test(" 9", TEST_9_DATA , false, false);
-        
-        test("10", TEST_10_DATA, false, false);
-        test("11", TEST_11_DATA, false, false);
-        test("12", TEST_12_DATA, true , false);
-        test("13", TEST_13_DATA, false, false);
-        test("14", TEST_14_DATA, false, false);
-        test("15", TEST_15_DATA, true , false);
-        test("16", TEST_16_DATA, true , false);
-        test("17", TEST_17_DATA, true , false);
-        test("18", TEST_18_DATA, true , false);
-        test("19", TEST_19_DATA, false, false);
-        
-        test("20", TEST_20_DATA, false, false);
-        test("21", TEST_21_DATA, false, false);
-        test("22", TEST_22_DATA, false, false);
-        test("23", TEST_23_DATA, false, false);
-        test("24", TEST_24_DATA, true , false);
-        test("25", TEST_25_DATA, false, false);
-        test("26", TEST_26_DATA, true , false);
-        test("27", TEST_27_DATA, true , false);
-        test("28", TEST_28_DATA, false, false);
-        test("29", TEST_29_DATA, false, false);
-        
-        test("30", TEST_30_DATA, true , false);
-        test("31", TEST_31_DATA, false, false);
-        test("32", TEST_32_DATA, false, false);
-        test("33", TEST_33_DATA, true , false);
-        
-        
-
-        test("34a", TEST_34_DATA, ANY , true , true , false);
-        test("34b", TEST_34_DATA, ANY , false, true , false);
-        test("34c", TEST_34_DATA, TP1 , true , true , false);
-        test("34d", TEST_34_DATA, TP1 , false, true , false);
-        test("34e", TEST_34_DATA, TP2 , true , false, false);
-        test("34f", TEST_34_DATA, TP2 , false, true , false);
-        
-        test("35a", TEST_35_DATA, false,  true , false);
-        test("35b", TEST_35_DATA, true ,  false, false);
-
-        test("36a", TEST_36_DATA, false,  true , false);
-        test("36b", TEST_36_DATA, true ,  false, false);
-        
-        test("37a", TEST_37_DATA, false,  true , false);
-        test("37b", TEST_37_DATA, true ,  false, false);
-        
-        test("38a", TEST_38_DATA, false,  true , false);
-        test("38b", TEST_38_DATA, true ,  false, false);
-        
-        test("39a", TEST_39_DATA, ANY , true ,  true , false);
-        test("39b", TEST_39_DATA, ANY , false,  true , false);
-        test("39c", TEST_39_DATA, TP1 , true ,  true , false);
-        test("39d", TEST_39_DATA, TP1 , false,  true , false);
-        test("39e", TEST_39_DATA, TP2 , true ,  false, false);
-        test("39f", TEST_39_DATA, TP2 , false,  true , false);
-        
-
-        test("40a", TEST_40_DATA, false, true , false);
-        test("40b", TEST_40_DATA, true , false, false);
-        
-        test("41a", TEST_41_DATA, false, true , false);
-        test("41b", TEST_41_DATA, true , false, false);
-        
-        test("42a", TEST_42_DATA, false, true , false);
-        test("42b", TEST_42_DATA, true , false, false);
-
-        test("43a", TEST_43_DATA, false, true , false);
-        test("43b", TEST_43_DATA, true , false, false);
-        
-        test("44a", TEST_44_DATA, false, true , false);
-        test("44b", TEST_44_DATA, true , false, false);
-        
-        test("45a", TEST_45_DATA, false, false, false);
-        test("45b", TEST_45_DATA, true , false, false);
-        
-        test("46a", TEST_46_DATA, ANY , false, true , false);
-        test("46b", TEST_46_DATA, ANY , true , true , false);
-        test("46c", TEST_46_DATA, TP1 , true , true , false);
-        test("46d", TEST_46_DATA, TP1 , false, true , false);
-        test("46e", TEST_46_DATA, TP2 , true , false, false);
-        test("46f", TEST_46_DATA, TP2 , false, false, false);
-        
-        test("47a", TEST_47_DATA, false, false, false);
-        test("47b", TEST_47_DATA, true , false, false);
-        
-        test("48a", TEST_48_DATA, TP1 , false, true , false);
-        test("48b", TEST_48_DATA, TP1 , true , true , false);
-        test("48c", TEST_48_DATA, ANY , false, true , false);
-        test("48d", TEST_48_DATA, ANY , true , true , false);
-        test("48e", TEST_48_DATA, TP2 , false, true , false);
-        test("48f", TEST_48_DATA, TP2 , true , false, false);
-        
-        test("49a", TEST_49_DATA, TP1 , false,  true , false);
-        test("49b", TEST_49_DATA, TP1 , true ,  true , false);
-        test("49c", TEST_49_DATA, TP3 , false,  true , false);
-        test("49d", TEST_49_DATA, TP3 , true ,  false, false);
-        test("49e", TEST_49_DATA, ANY , false,  true , false);
-        test("49f", TEST_49_DATA, ANY , true ,  true , false);
-        
-        test("50a", TEST_50_DATA, TP1     , false,  true , false);
-        test("50b", TEST_50_DATA, TP1     , true ,  true , false);
-        test("50c", TEST_50_DATA, TP1_TP2 , false,  true , false);
-        test("50d", TEST_50_DATA, TP1_TP2 , true ,  true , false);
-        test("50e", TEST_50_DATA, ANY     , false,  true , false);
-        test("50f", TEST_50_DATA, ANY     , true ,  true , false);
-        
-        test("51a", TEST_51_DATA, false, true , false);
-        test("51b", TEST_51_DATA, true , false, false);
-        
-        test("52a", TEST_52_DATA, TP1     , false,  true , false);
-        test("52b", TEST_52_DATA, TP1     , true ,  false, false);
-        test("52c", TEST_52_DATA, TP1_TP2 , false,  true , false);
-        test("52d", TEST_52_DATA, TP1_TP2 , true ,  false, false);
-        test("52e", TEST_52_DATA, ANY     , false,  true , false);
-        test("52f", TEST_52_DATA, ANY     , true ,  true , false);
-        
-        test("53a", TEST_53_DATA, TP1     , false,  true , false);
-        test("53b", TEST_53_DATA, TP1     , true ,  true , false);
-        test("53c", TEST_53_DATA, TP1_TP2 , false,  true , false);
-        test("53d", TEST_53_DATA, TP1_TP2 , true ,  true , false);
-        test("53e", TEST_53_DATA, TP4     , false,  true , false);
-        test("53f", TEST_53_DATA, TP4     , true ,  false, false);
-        test("53g", TEST_53_DATA, ANY     , false,  true , false);
-        test("53h", TEST_53_DATA, ANY     , true ,  true , false);
-        
-        test("54", TEST_54_DATA, false, false);
-        test("55", TEST_55_DATA, false, false);
-        test("56", TEST_56_DATA, true , false);
-        test("57", TEST_57_DATA, true , false);
-        test("58", TEST_58_DATA, false, false);
-        test("59", TEST_59_DATA, false, false);
-        
-        test("60", TEST_60_DATA, false, false);
-        test("61", TEST_61_DATA, false, false);
-        test("62", TEST_62_DATA, true , false);
-        test("63", TEST_63_DATA, true , false);
-        test("64", TEST_64_DATA, false, false);
-        test("65", TEST_65_DATA, false, false);
-        test("66", TEST_66_DATA, false, false);
-        test("67", TEST_67_DATA, true , false);
-        test("68", TEST_68_DATA, false, false);
-        test("69", TEST_69_DATA, false, false);
-        
-        test("70", TEST_70_DATA, false, false);
-        test("71", TEST_71_DATA, false, false);
-        test("72", TEST_72_DATA, false, false);
-        test("73", TEST_73_DATA, false, false);
-        test("74", TEST_74_DATA, true , false);
-        test("75", TEST_75_DATA, false, false);
-        test("76", TEST_76_DATA, false, false);
-        
-        resultBuf.append("NISTCertPathTest -- Failed: ").append(testFail.size()).append('/').append(testCount).append('\n');
-        if (!testFail.isEmpty())
-        {
-            fail(resultBuf.toString());
-        }
-    }
-    
-    private void init()
-    {
-        try
-        {
-            fact = CertificateFactory.getInstance("X.509", "BC");
-            trustedCert = (X509Certificate)fact
-                    .generateCertificate(new ByteArrayInputStream(Base64
-                            .decode(Trust_Anchor_CP_01_01_crt)));
-            trustedCRL = (X509CRL)fact.generateCRL(new ByteArrayInputStream(
-                    Base64.decode(Trust_Anchor_CRL_CP_01_01_crl)));
-            trustedSet = new HashSet();
-
-            byte[] _ncBytes = null;
-            byte[] _octBytes = trustedCert.getExtensionValue("2.5.29.30");
-            if (_octBytes != null)
-            {
-                ASN1InputStream _ais = new ASN1InputStream(
-                        new ByteArrayInputStream(_octBytes));
-                ASN1OctetString _oct = ASN1OctetString.getInstance(_ais
-                        .readObject());
-                _ais.close();
-                _ncBytes = _oct.getOctets();
-            }
-
-            trustedSet.add(new TrustAnchor(trustedCert, _ncBytes));
-            testCount = 0;
-            testFail = new Vector();
-            resultBuf = new StringBuffer();
-        }
-        catch (Exception ex)
-        {
-            throw new RuntimeException(ex.getMessage());
-        }
-    }
-
-    private X509Certificate decodeCertificate(String _str)
-            throws GeneralSecurityException
-    {
-
-        return (X509Certificate)fact
-                .generateCertificate(new ByteArrayInputStream(Base64
-                        .decode(_str)));
-    }
-
-    private X509CRL decodeCRL(String _str)
-            throws GeneralSecurityException
-    {
-
-        return (X509CRL)fact.generateCRL(new ByteArrayInputStream(Base64
-                .decode(_str)));
-    }
-
-    private CertStore makeCertStore(String[] _strs)
-            throws GeneralSecurityException
-    {
-
-        Vector _vec = new Vector();
-        _vec.addElement(trustedCRL);
-
-        for (int i = 0; i < _strs.length; i++)
-        {
-            if (_strs[i].startsWith("MIIC"))
-            {
-                _vec.addElement(fact
-                        .generateCertificate(new ByteArrayInputStream(Base64
-                                .decode(_strs[i]))));
-            }
-            else if (_strs[i].startsWith("MIIB"))
-            {
-                _vec.addElement(fact.generateCRL(new ByteArrayInputStream(
-                        Base64.decode(_strs[i]))));
-            }
-            else
-            {
-                throw new IllegalArgumentException("Invalid certificate or crl");
-            }
-        }
-
-        // Insert elements backwards to muck up forward ordering dependency
-        Vector _vec2 = new Vector();
-        for (int i = _vec.size() - 1; i >= 0; i--)
-        {
-            _vec2.add(_vec.elementAt(i));
-        }
-
-        return CertStore.getInstance("Collection",
-                new CollectionCertStoreParameters(_vec2), "BC");
-    }
-
-    private void test(String _name, String[] _data, boolean _accept,
-            boolean _debug)
-    {
-
-        test(_name, _data, null, false, _accept, _debug);
-    }
-
-    private void test(String _name, String[] _data, boolean _explicit,
-            boolean _accept, boolean _debug)
-    {
-
-        test(_name, _data, null, _explicit, _accept, _debug);
-    }
-
-    private void test(String _name, String[] _data, Set _ipolset,
-            boolean _explicit, boolean _accept, boolean _debug)
-    {
-
-        testCount++;
-        boolean _pass = true;
-
-        try
-        {
-            CertPathBuilder _cpb = CertPathBuilder.getInstance("PKIX", "BC");
-            X509Certificate _ee = decodeCertificate(_data[_data.length - 1]);
-            X509CertSelector _select = new X509CertSelector();
-            _select.setSubject(_ee.getSubjectX500Principal().getEncoded());
-
-            PKIXBuilderParameters _param = new PKIXBuilderParameters(
-                    trustedSet, _select);
-            _param.setExplicitPolicyRequired(_explicit);
-            _param.addCertStore(makeCertStore(_data));
-            _param.setRevocationEnabled(true);
-            if (_ipolset != null)
-            {
-                _param.setInitialPolicies(_ipolset);
-            }
-
-            CertPathBuilderResult _result = _cpb.build(_param);
-
-            if (!_accept)
-            {
-                System.out.println("Accept when it should reject");
-                _pass = false;
-                testFail.addElement(_name);
-            }
-        }
-        catch (Exception ex)
-        {
-            if (_accept)
-            {
-                System.out.println("Reject when it should accept");
-                _pass = false;
-                testFail.addElement(_name);
-            }
-        }
-
-        resultBuf.append("NISTCertPathTest -- ").append(_name).append(": ")
-                .append(_pass ? "\n" : "Failed.\n");
-    }
-    
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new NISTCertPathTest());
-    }
-    
-    /*  
-     *  Trust Anchor
-     *  
-     */ 
-    public static final String Trust_Anchor_CP_01_01_crt = 
-        "MIICbDCCAdWgAwIBAgIDAYafMA0GCSqGSIb3DQEBBQUAMF4xCzAJBgNVBAYTAlVTMRgwFg" +
-        "YDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsTA0RvRDEQMA4GA1UECxMHVGVzdGlu" +
-        "ZzEVMBMGA1UEAxMMVHJ1c3QgQW5jaG9yMB4XDTk5MDEwMTEyMDEwMFoXDTQ4MDEwMTEyMD" +
-        "EwMFowXjELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UE" +
-        "CxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5nMRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBANPzucEztz+nJ/ZBHVyceZ2q0pUQt4TO2qPlWAw+" +
-        "TotWvz6qIS1QE/7zGS56yxHP89O4X1efnZeArx2VVxLfNNS9865N53ymINQETtpjYT49Ko" +
-        "03z8U8yfn68DlIBHi9sN31JEYzoUafF58Eu883lAwTQ6qQrJF4HbrzGIQqgitHAgMBAAGj" +
-        "ODA2MBEGA1UdDgQKBAirmuv5wudUjzAMBgNVHRMEBTADAQH/MBMGA1UdIwQMMAqACKua6/" +
-        "nC51SPMA0GCSqGSIb3DQEBBQUAA4GBABZWD2Gsh4tP62QSG8OFWUpo4TulIcFZLpGsaP4T" +
-        "/2Nt7lXUoIJMN7wWjqkmYf5/Rvo4HxNcimq3EkeYcrm1VoDueJUYGvRjcCY5mxkghI27Yl" +
-        "/fLKE9/BvQOrvYzBs2EqKrrT7m4VK0dRMR7CeVpmPP08z0Tti6uK2tzBplp1pF";
-    public static final String Trust_Anchor_CRL_CP_01_01_crl = 
-        "MIIBbzCB2QIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDFRydXN0IEFuY2hvchcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWjAiMCACAS" +
-        "cXDTk5MDEwMTEyMDAwMFowDDAKBgNVHRUEAwoBAaAjMCEwCgYDVR0UBAMCAQEwEwYDVR0j" +
-        "BAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcNAQEFBQADgYEAC7lqZwejJRW7QvzH11/7cYcL3r" +
-        "acgMxH3PSU/ufvyLk7ahR++RtHary/WeCvRdyznLiIOA8ZBiguWtVPqsNysNn7WLofQIVa" +
-        "+/TD3T+lece4e1NwGQvj5Q+e2wRtGXg+gCuTjTKUFfKRnWz7O7RyiJKKim0jtAF4RkCpLe" +
-        "bNChY=";
-
-
-    /*  
-     *  test1
-     *  
-     */ 
-
-    public static final String End_Certificate_CP_01_01_crt = 
-        "MIIChjCCAe+gAwIBAgIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDEuMDEwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMY07G8M4FkOvF+6LpO7BKcDuXCKudfl1+bKSowj" +
-        "2GCza8uIiMfYSH5k+fYb43lGQeRh9yVHcfNQlE7yfGo3tgxGv5yWpeKvDMqL8Iy6Q0oIjm" +
-        "qH80ZOz21dUkermcckzTEOfe/R2fNpJPv8M24pq29SdYAqu+CpLDHFtws9O+q1AgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QIrNv88bwFLtIwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcNAQEFBQADgYEAK4hP" +
-        "goWtZbHf6qWfRfmrPrz9hDH1644NrJop2Y7MXzuTtpo1zp4NCG4+ii0CSOfvhugc8yOmq3" +
-        "I6olgE0V16VtC5br2892UHYZ55Q4oQ9BWouVVlOyY9rogOB160BnsqBELFhT0Wf6mnbsdD" +
-        "G+BB5fFyeK61aYDWV84kS7cSX5w=";
-    public static final String[] TEST_1_DATA = new String[] {
-        End_Certificate_CP_01_01_crt,
-    };
-
-    /*  
-     *  test2
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_CP_01_02_crt = 
-        "MIIClTCCAf6gAwIBAgIBAjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAxLjAyMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDWOZ4hk+K6NX/l+OiHC4pfKCWFt+XM2n/TxwkqY+mt" +
-        "j9Co77rPPPtVA7mDKU4OiYT74mIWH52HQBZr+PRmOFh0Z9S1oTpLbxNLCDc6OmQKBo6iex" +
-        "SIt/jOatFFmzmTZ78Kq9s3nfrOVA83ggmPDTPkuG5GwcxPgFq0vRmAJ0CESQIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQI5o5Am09NlOYwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
-        "hvcNAQEFBQADgYEA3C7Ye5/Te14LIwo/LK2fnpobbQA3dhOn5UgqZ8lKbQ/HV1D8/eU9dK" +
-        "2v5gW43XvFq4whK0WKLBvBFchKtp9T1QX3CI2WCqdJRyqla6TkQsS36T17/ww2nzy1853Y" +
-        "hfDYNsge5XW8YZNfNjjVxcR3RnyFxPax1YIlISiGdI0dnag=";
-    public static final String Intermediate_CRL_CP_01_02_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1DUC4wMS4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI5o5Am09NlOYwDQYJKoZIhvcNAQEFBQADgYEAl26W" +
-        "g1Gqq3R93XPjghABVocfeIi8zcSJ0YAKqbifh5V3JCC8Piy19GzZdL244GqBDls44IAhKj" +
-        "YuXN2mSohdqwULbye4agAgfl37XhhwsBDTYwaJiv3njFQ6Ml7KJ3STmoIpmlLvrXibDuHX" +
-        "ocuNGo72ckhOdBpXd+PhgGuoTis=";
-    public static final String End_Certificate_CP_01_02_crt = 
-        "MIIChjCCAe+gAwIBAgIBAzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1DUC4wMS4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDEuMDIwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALwJrZT6bJXQnZzc3socZ/mNsEag4BTdym99ZCP2" +
-        "3PGsTCfV2z7+p4DehIFrn/N/a1d1nvyqRqpQGPU86tl1CWgFtXS+zCctDR71P76bjd6yef" +
-        "5vxxdO/SBIRHfQTjM8F3BTLkrC+PVl5wbaLcEXRORXrFvBvsj0oqwZ4C8ZObh/AgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QIf5mSjuNhs/gwEwYDVR0jBAwwCoAI5o5Am09NlOYwDQYJKoZIhvcNAQEFBQADgYEAK7wd" +
-        "MyLlIZ/Qsqj3/A3Gat0d5BORtFTZH0VdlVVOWN1JCZxrnjeIFB92NNzUROemxgBxzneuWN" +
-        "SlYlcpTk25pAbs6RMdbT8dovKQkQkF2TXeQ+4qktFaLQntVT8UsEzHR4Diw0/gH8tseGqF" +
-        "F7FyiW8ni6zInSO+embUKiibj9I=";
-    public static final String[] TEST_2_DATA = new String[] {
-        Intermediate_Certificate_CP_01_02_crt,
-        Intermediate_CRL_CP_01_02_crl,
-        End_Certificate_CP_01_02_crt
-    };
-
-    /*  
-     *  test3
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_CP_01_03_crt = 
-        "MIIClTCCAf6gAwIBAgIBBDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAxLjAzMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQC4RZ0R82sA+BfyynFeoIDG7c5IlZ8HorEv+O4Ij3Oy" +
-        "7FR1MB4no8hDEBPBf5fCrAR/8PVxCZjVj2HOwnSAqUQgxo6WPcmkabux12k8kK6yeKq3b7" +
-        "u5fL6tb7eKElQzsz8Je4z4rCDkI10vV+X0VZ5Ip/Es428dw2KoN8eyGmw3+QIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIz08WhMpG2JswEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
-        "hvcNAQEFBQADgYEAQ+iqlFvbvDejO/m+RCHh2UuUau1FuABObkPOu2Tv9yTWvTSWDRygdO" +
-        "LQRiOLsjgrdXPdbDutVGjllBoTN8cdz3SWjCpampg5TBikArxmNEYMDQvL6n2lkUcetRJR" +
-        "gQ7TYLvFj9+SycKXfM5CUXAyCfcU/QwDghhZgc99AuDZtJc=";
-    public static final String Intermediate_CRL_CP_01_03_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1DUC4wMS4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIz08WhMpG2JswDQYJKoZIhvcNAQEFBQADgYEAoyO/" +
-        "xcpJ0Obj4rTXhHFd7XMzslt79njkEgdwnon9BaYB3xSmkEXCMwLMurrjVYKaB6SWAiPeUv" +
-        "G7ScDHJE6UFVJwIt4vP/M7gTOJ7uak33aWi9e5DeIuLqE6pFqTGu+uoBkkd82SHg2GhJhZ" +
-        "VXDtJ3UcO/3JQPbslc02s9HiRBg=";
-    public static final String End_Certificate_CP_01_03_crt = 
-        "MIIChjCCAe+gAwIBAgIBBTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1DUC4wMS4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDEuMDMwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBANAD1vQj//4BGEXW1Q7HX/AUyFJFyHoYcvg5y4u/" +
-        "8Sj6okriXj3knnBKDiJLpKfcsO5p5MQS5QzAc+lxErXD+duiw8lm61hj0StsRzhDFsaC1g" +
-        "akjzU70R2Tmz/djUnqO3aa2wICc4NVAXnIMMsH/b6XXFZpC0/C32TPTv9aa9mrAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QIPw2wltiRqz4wEwYDVR0jBAwwCoAIz08WhMpG2JswDQYJKoZIhvcNAQEFBQADgYEAln42" +
-        "iR3eHyazF8CRjS9Jnas/26MaBtjUyDtcSjTVDWFlccwrQ7TgtzjkNm9fCmgSyvryDnUYGM" +
-        "DoEjwYNLIgtCAkVIEBTmJvlqiPHH+tV5oJvIav+Fn8okHpuuK44umDcdKiFWlOyxrShxzV" +
-        "3Bez/eHklaPTw/VsVhyh+Uru5zM=";
-    public static final String[] TEST_3_DATA = new String[] {
-        Intermediate_Certificate_CP_01_03_crt,
-        Intermediate_CRL_CP_01_03_crl,
-        End_Certificate_CP_01_03_crt
-    };
-
-    /*  
-     *  test4
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_1_CP_02_01_crt = 
-        "MIIClTCCAf6gAwIBAgIBBjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05OTAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAyLjAxMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQC/lQLtWKzklgYuzhjMiK2CzFmzODsEY/JIVNdn9T8M" +
-        "W4ufpGwnfIV62EUHCFeMYydKBm8Hyjbjrz1otINJmrGL5WSAX1/UPtHy1chgXOsFYD6nAH" +
-        "jZAJJGw74nUbKw5+L1wUHU8qXABaaTrRpS1UdKSq4TCZ18NCjC4Oxcf/yDdQIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQINsJcxaBqdugwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
-        "hvcNAQEFBQADgYEAOQP3iUX7FtJlL9nvu4F+8o/N5vr+OB28OsbYtW+Q1FzEfjkUGtT9Ri" +
-        "teradpN/xUnS/oj3BfqFtNANkYKrBeqRtm2VeOC3kdCVFnWFME2aoRAQZbWvOwCFc3yLA7" +
-        "JBdENtDNI54yYHMHPA4/2CuNQq1Iu1ektAS95DIe7ddxL18=";
-    public static final String Intermediate_Certificate_2_CP_02_01_crt = 
-        "MIIClTCCAf6gAwIBAgIBBzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1DUC4wMi4wMTAeFw05OTAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLUNQLjAyLjAxMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQCx/mIo1Ma/IN8OR7KOjclvIwsv0JFXD/T258DruDZU" +
-        "uGoYiEbAc/ZN7R8OHI7dnv9pBfsvyEl7m2DVoLZnP0eXJTHjdZxb1TwPHoSIysi9u3xWlP" +
-        "Rg+v+GGfKLB9pL0m8SZh97SngerZI14w7vQy0kkXziGatSpBoXtWNmsHJNuQIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIoI0mSmDmzZUwEwYDVR0jBAwwCoAINsJcxaBqdugwDQYJKoZI" +
-        "hvcNAQEFBQADgYEAcfs1pH12Qwdhv4NOJO2xxgMZZo8+A9Zl9c7RxsvuoZOOyCxoE9wT/l" +
-        "PdUpGoGxtIPoWQs1qXEXnAlXJCXjLCJUHIG1/E6gQUXW0Ty6Ztpc5Dz06pPTN2gt+41B3J" +
-        "sL/Klqc4iyCaWr8sYgEPQ8nColWRmIwk9gAasPNkNhyxA3Y=";
-    public static final String Intermediate_CRL_1_CP_02_01_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1DUC4wMi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAINsJcxaBqdugwDQYJKoZIhvcNAQEFBQADgYEAlBaV" +
-        "VfrZqvyRhGXNYFik169nBHiNfKpw8k1YgFAQeNYdmfScq1KHmKzDhsx9kQteczBL7ltviK" +
-        "TN3CKlZW82c16mfd4yYx0l5tkU80lwKCHSUzx92+qrvYjSMup+bqSsi8JhqByBf6b0JbKf" +
-        "yx53Vpw1OCzjxrVHcfHPx8Q/vR4=";
-    public static final String Intermediate_CRL_2_CP_02_01_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMi1DUC4wMi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIoI0mSmDmzZUwDQYJKoZIhvcNAQEFBQADgYEAhAHP" +
-        "QxpcrTTN0GXeOwoMXuQUoHMvezEpM0BYOVLzI3KbRXWa9iWZINr99cRQvonMtOGkhIH3iS" +
-        "wSNbsjmF9HX5UvNzrofOWataVP+macpCuNlK0NS3xxJjKRWOB9C1Ib7tiSSrQqIPcchlF6" +
-        "vofy2ALEL6Usa1UTVYMhzGYnVZU=";
-    public static final String End_Certificate_CP_02_01_crt = 
-        "MIIChjCCAe+gAwIBAgIBCDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMi1DUC4wMi4wMTAeFw05OTAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDIuMDEwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOzYq2murB5ZjQd4wReI51Lc1F5VwK90OMGRfi71" +
-        "YvwdRjgCudeDXZGW5ayid82y+eTDKFSzo1Li/BPTUXMpeqHHMCmLeefqxAWmz3aDoilF8I" +
-        "Q53PlejnXJdntsal44w6WdP6ssiXlwzcZDnobAfuDTPgsnWWfzAkr1/LqEw/QZAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QIP5tVdEyxotcwEwYDVR0jBAwwCoAIoI0mSmDmzZUwDQYJKoZIhvcNAQEFBQADgYEAkVx9" +
-        "S/20Hir8qMnfMpMGTgMKoVeWoljxim83IkNs1Xqe1oLGHdyDUA66uF8wPkoTqGrfDYvgBa" +
-        "5Mi0iJREnMWoiWvCe467+L1b2gtvRBMl9bcRj40bvelk0Wn4lBl3VuKXarP5M0PKT5OWvN" +
-        "2cPLNeXHvV6ZIrC4rmK2ISpIXX4=";
-    public static final String[] TEST_4_DATA = new String[] {
-        Intermediate_Certificate_1_CP_02_01_crt,
-        Intermediate_Certificate_2_CP_02_01_crt,
-        Intermediate_CRL_1_CP_02_01_crl,
-        Intermediate_CRL_2_CP_02_01_crl,
-        End_Certificate_CP_02_01_crt
-    };
-
-    /*  
-     *  test5
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_CP_02_02_crt = 
-        "MIIClTCCAf6gAwIBAgIBCTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw00NzAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAyLjAyMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDHJmlRKb+mjc61iiqGe9gx/VUMLNmGrXGRYKMmYSxO" +
-        "Q5sGLoztd2XtEgtZEPwvzd9KLKGP3XmgTrc4BGohqoFoG9Qb+w2ZGFwVC22GpeSoXc+J2u" +
-        "2t3uRKYgboHpB0Jk42XLy+2wSEtS+/er7cFu2ufdPsvT4J1AqiuZSco96vtQIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIBvoP1E6PGiMwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
-        "hvcNAQEFBQADgYEAmOyFq2vZrUNDVWRcyzYvZhs1uQ4zgXtfqnPE0V19RgaYffCrSCI86z" +
-        "5kyDUyZwbGABMxBaVxEw536MesyDTdZdEVw6lN5RRtxr8/WEiSH6oI6t0xNxuNOkSNpz4d" +
-        "28HA4UfUvtXK8RK2YZnPAd6UXsRUPBPXKEpzy4v/9RyihSg=";
-    public static final String Intermediate_CRL_CP_02_02_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1DUC4wMi4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIBvoP1E6PGiMwDQYJKoZIhvcNAQEFBQADgYEAALlA" +
-        "f3IDWexcdkMQHWTdGeFe+bG5dBvVPL5ZyQUw9DWbLwrjw/Jm4v9t+HLjETLSymsFT4bW21" +
-        "OwnEiAAdaKT96k5t+sTyU5QQ6HL/jRXLHLGdCQgMFCglm5iNqaCLIFoMAVCaFkYtFUE3m/" +
-        "iVt+319JOh5UyshMuWrAEW0IGGQ=";
-    public static final String End_Certificate_CP_02_02_crt = 
-        "MIIChjCCAe+gAwIBAgIBCjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1DUC4wMi4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDIuMDIwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAL/Src6e8qXwL+KJs5+v+JsakZdSDqMAFJUMfA2O" +
-        "OO2TIqcvDFHzqesX+G+28MUwy6++ux07CD3FCaapgzBN4zO4RfKcamxFReKMKcEvNVVCOO" +
-        "wO4Lvku1Sad14oYyGLOMzZwZFjRp8paaz5g87k70EOPBLeDlFMcch36czw53sLAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QIPoHc2Sfk6XUwEwYDVR0jBAwwCoAIBvoP1E6PGiMwDQYJKoZIhvcNAQEFBQADgYEAFHhm" +
-        "o6QRFdO1x1wp7Jb1QQAlChFfP8MrGVNK04Ur8f+wfkwIypTDifJ0AoFpjcM3Ohu9Ixvb9q" +
-        "3kCSIWKDnWtDWw1/dN8mPL5If5gGqPA0+wRbUKVKvduOg7hKr4mWjKw7oYiaJuIIoN9RRZ" +
-        "ejzltd0NEaODNPW/JaKeQUVgZbY=";
-    public static final String[] TEST_5_DATA = new String[] {
-        Intermediate_Certificate_CP_02_02_crt,
-        Intermediate_CRL_CP_02_02_crl,
-        End_Certificate_CP_02_02_crt
-    };
-
-    /*  
-     *  test6
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_CP_02_03_crt = 
-        "MIIClTCCAf6gAwIBAgIBCzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAyLjAzMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQCaJ7NcOvb22F6HjMF1R/AORa4+pKFfFfd9teXPpVWC" +
-        "9InTq+alY11QaSj27Qg0znOIItmf2W/8Dub9sjnbg+SgAkoV5+CAkplodRNC8AbD4x8rh/" +
-        "fioQ8lb0Qb4Dn9I0n2wjOgitmMRdE2uW4uwVpH52vsMyenbDVxVI7jA4NS/wIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIC2T+/BkG93AwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
-        "hvcNAQEFBQADgYEApr6kDXVY5jYt23wC9n3LmhoxDoWh8cBQxcWmr1wpVxIrCbaP0/y00a" +
-        "29wbewKfucUoh/W2OfjNcohjpKRrnVmOpi5vN7SmbZIHaxbKLzyQ7JwF17aznyCSZVrGpF" +
-        "A/S49T5rlCm8KDBcc2ym7gRJzwUApbC0Wws4Pg46czrpQlg=";
-    public static final String Intermediate_CRL_CP_02_03_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1DUC4wMi4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIC2T+/BkG93AwDQYJKoZIhvcNAQEFBQADgYEAlBFY" +
-        "vPxhFYsjFOIfQkd7MwKIi7vgPgoWTP5f+QlI0ison5n4N3rYJv31hTZRRRP99JZce1hY6J" +
-        "Qiv1OtkpG7VfQIhr0FAGxTNaJD6F6rLbGjG8cap4+VibFQf5gZv0XQcyW4akYiRqSXImYn" +
-        "NVlNyaxiJja+5GA9XVqvWOjjz4o=";
-    public static final String End_Certificate_CP_02_03_crt = 
-        "MIIChjCCAe+gAwIBAgIBDDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1DUC4wMi4wMzAeFw00NzAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDIuMDMwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMlW6FOLwhRsKZM6p0ww4QEWjQzjpjYhKnz3BnLw" +
-        "SdGZqMe4wzZnDWc/0eyDOMCSYXIWQhlDMqQn2zCVPbDKzMRkdEeRSvE6ghhYP/hn3ipjSw" +
-        "D8QwaqofCp0sFkbDPke+xD2tMhLdUyNKynPjpSQmYtfoA98PD7so3cSAtrYuSDAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QIc/X6kp7teCQwEwYDVR0jBAwwCoAIC2T+/BkG93AwDQYJKoZIhvcNAQEFBQADgYEAStub" +
-        "g3DzhJgzYO+ZmRc0acldZGwZFm6F1Ckc1JzQDgVHU0bnCANgBcJj49UV2MwbNKPQdVzdwo" +
-        "c91rfwrSY/PrvVQ9tUonZ28y/esFRBAdJTLf4u++p/gI3vfCvEXa5xVTIz1Hc+iKzAGKrI" +
-        "cveDHy3ZZluQ3J6tbHs2BhnQFXM=";
-    public static final String[] TEST_6_DATA = new String[] {
-        Intermediate_Certificate_CP_02_03_crt,
-        Intermediate_CRL_CP_02_03_crl,
-        End_Certificate_CP_02_03_crt
-    };
-
-    /*  
-     *  test7
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_CP_02_04_crt = 
-        "MIIClTCCAf6gAwIBAgIBDTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAyLjA0MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDgZy2Xs5pIoJrT7GuagmKLrn8F9rj8p8w2wELorGhM" +
-        "1HJMVOurH+o+y6RXd0oMGJkKNrhjEnbHKm3PBYiLgpCjVEcFNhQF1OOxJ7RdahvA9ifsuw" +
-        "jV1TxTGq35jeaJYASRXb2TiNfzuPWSVm0MWr5zz+YB6NNuvjxwEBgZvNiV8QIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIWAOnkHkwSVkwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
-        "hvcNAQEFBQADgYEAMiHozz92EOhSXU/krwQVs0GNEWoAUH3LHt70Zr01dFzEF6QhA/wUa4" +
-        "+V4XwbMob+q4zGnTHj+tL9ChGWi3NDGELQ4cN64OMPsToGKkepLy+sDwdm9LaUP1bDvPxd" +
-        "v2hjlskJ7TEu4+6ltXSG/k36Jk8C0/I/ayNGbYcEcLyes3s=";
-    public static final String Intermediate_CRL_CP_02_04_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1DUC4wMi4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIWAOnkHkwSVkwDQYJKoZIhvcNAQEFBQADgYEAVtCi" +
-        "IocktnWOwWiaOc7tTUJvvH5+IYVyB/XhmMhF7cDbL292gyrnuh1+3+lHwZQBPoF9kzF0vt" +
-        "WaweG7mDvYKxENQODdph/VcnypgUiFTWRTIPB1ZXfCTMWYf2QSalpHRDR4vVsqF748QbcG" +
-        "E9mbzvLUz6NDA+Vf8wEwZehqSDM=";
-    public static final String End_Certificate_CP_02_04_crt = 
-        "MIIChjCCAe+gAwIBAgIBDjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1DUC4wMi4wNDAeFw01MDAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDIuMDQwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALBX5GIQtvwswWwMDDPnphIk1rJSbcq7iClXLM2E" +
-        "kgvBu+hbOzb0v9mtl0KJB71TWJCfwceVQiXc3Gk+YduujAbZRVTkROf9UOWD9bfrI7g+52" +
-        "g4ms2n7evCO33b+kGEf4I014xl8dJDWtHK9Bhr+569RW9TzO06IeVeTD7whxMXAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QIuKXv5WkUTWAwEwYDVR0jBAwwCoAIWAOnkHkwSVkwDQYJKoZIhvcNAQEFBQADgYEAiu0B" +
-        "yR5Ru8qVsgRqkOpCvrJnkqBAImbbR6+BUYH0juRxxKzKnbFOjU6a9WvkKpEBB8Q2xLynPN" +
-        "68ecLpnOynx3xj2sWWSVbsRKPy0iOesQblKrq3yHAm4lhzoWA8t1Xz29Ko1WxylDhyxGpR" +
-        "QAWsyGVCfJFlsZE0ibw3erlWTnA=";
-    public static final String[] TEST_7_DATA = new String[] {
-        Intermediate_Certificate_CP_02_04_crt,
-        Intermediate_CRL_CP_02_04_crl,
-        End_Certificate_CP_02_04_crt
-    };
-
-    /*  
-     *  test8
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_CP_02_05_crt = 
-        "MIIClTCCAf6gAwIBAgIBDzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAyLjA1MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQC2d80bD1RounqjKizkZJYPFUuVWZQ8W2nZDkEp8qR9" +
-        "fRWCAGOZGs84tgHj5gasmxy1mxJc9ogyQ2mcZhJRitRm5LVNuGevO6JmfqYtJxbW54aZGE" +
-        "5AWSRXqjJKJEih4VmPjA3vjQaSZSZJnu0DSnO82qWfu1ZUDlvIG6dfKJWRQQIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQI3uNhI+QuI4owEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
-        "hvcNAQEFBQADgYEAG/+Rpk8dYrSFdaEO8Ch5tuvvKTOMi7W/DRA4B4xR7WyRJmosPB+37c" +
-        "teGKVzqFND22Xc8xQH/b/nxYW08sCSLAfN0cRusoSWwWSRtPO2f9fyC/BqCy2B2kQLFNPM" +
-        "Bk22jNFwLqPUeZn1UHN05RFAqVx325kpl2m1V7tw/mrXATI=";
-    public static final String Intermediate_CRL_CP_02_05_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1DUC4wMi4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI3uNhI+QuI4owDQYJKoZIhvcNAQEFBQADgYEAWZUI" +
-        "2VGY4pak0kICONP/CKvamYFs5txJfR69AC5tEJ+Fy3PmSeHkLUZf/oc9d8EEyr0MsIjRHj" +
-        "N4X4MquMlk4FflZcc8GblQK8LdXBK4Dy1SiXHA5GB3U1AmgzAzEQGwGRZnzWP5+rJ65upX" +
-        "vksAYyPQmruRM0O5sElctPn6B+Y=";
-    public static final String End_Certificate_CP_02_05_crt = 
-        "MIICiDCCAfGgAwIBAgIBEDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1DUC4wMi4wNTAgGA8yMDUwMDEwMTEyMDEwMFoXDTQ4MDEwMTEyMD" +
-        "EwMFowYDELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UE" +
-        "CxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5nMRcwFQYDVQQDEw5Vc2VyMS1DUC4wMi4wNTCBnz" +
-        "ANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAviLKpW4iblWNLQfmBJJ+ruMgygmjRWfoFGya" +
-        "Ndv2ma0Ugqm5xXq8c0orbnezwSp+tnzZZhG5KDNZr5+z3krCkqOGGzuUvVLqeJxPOLu7Js" +
-        "y472nAA7+FhwfZrXUI+Vg9F4qF+Ye81ivDrYVAEmalCpCyHOAKdvwkwQjRucifu90CAwEA" +
-        "AaNSMFAwDgYDVR0PAQH/BAQDAgXgMBYGA1UdIAQPMA0wCwYJYIZIAWUDATABMBEGA1UdDg" +
-        "QKBAjgph7BA5L7dzATBgNVHSMEDDAKgAje42Ej5C4jijANBgkqhkiG9w0BAQUFAAOBgQBr" +
-        "MDMv9NWCTIQ3blMEqPiEyjiBhSJl88Cu797P4lIn+gc6E+0vZp61X7B2k5CHgsnxyVLK5e" +
-        "bwl0bYAPKwRI9yzHLrj71RNw8HA7PCRPn1GNrtBBbIpLE0/sqLo51UPu/377+CnzYhIycL" +
-        "tvS0KDLUTDSY/OowDcplF6Xwnt8cUQ==";
-    public static final String[] TEST_8_DATA = new String[] {
-        Intermediate_Certificate_CP_02_05_crt,
-        Intermediate_CRL_CP_02_05_crl,
-        End_Certificate_CP_02_05_crt
-    };
-
-    /*  
-     *  test9
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_CP_03_01_crt = 
-        "MIIClTCCAf6gAwIBAgIBETANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw0wMDAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAzLjAxMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQCuF8mub5cgUYZytrRjJ5Rhc2fgazGxWIj6EIKzeSpo" +
-        "FwScItRX9KxnTIXEBTguBk7eQUsbN8yu49/Mlq45EAnemyZRBWzLFLYLPCco7pyTsWm7Ps" +
-        "2FAGJ3vE9pC9xaZC+KrwF3Ho+DZNDwhj5InXTP8pChAIPfB8/7V/2mk0lN0wIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQI4mI6Ojs0onswEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
-        "hvcNAQEFBQADgYEAMVGzU6f4YOHpHla+YuGCjHOUZYrA9J25G3UFFoPr2JZEG+Fb5hRQUh" +
-        "4S1qUQKXn6dpVua+qTJDk3Tg2N8OdIHG/gy0hvYHsxhLCSDQBsfPN7p3FClM7r/VHOqgAN" +
-        "vzT+KYvxx6gwn6O+n7ERkrBIfkyrGFhnmjx3+VOCc9P4SDE=";
-    public static final String Intermediate_CRL_CP_03_01_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1DUC4wMy4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI4mI6Ojs0onswDQYJKoZIhvcNAQEFBQADgYEAfwYf" +
-        "4kAG4srB2VxWimJs1HwXTaPDooellQclZ5hP/EluT7oe03+ReFef6uXbHt/xRdeaoQhJGy" +
-        "SP8dWf6UIbL82oaSYqChIvAZD6zTMavEgSET0PlUsK1aEMTpMEtKPvedFSOTNBaMNvMzSW" +
-        "t5xwurn63qyXTOxHf4m2L4w8+i0=";
-    public static final String End_Certificate_CP_03_01_crt = 
-        "MIIChjCCAe+gAwIBAgIBEjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1DUC4wMy4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDMuMDEwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJ/ALaZ+MdNxKDH49+7jUm+17DII5QQEfjk8IaEU" +
-        "syApOhsByOG06HPItiBEnnfDDxU5kjsZDtw/9LlouBocNXAJt+ZmL3QYyOgeH4SQ4f21rw" +
-        "7j8fw57gUkP5oWhEc0loXr/hB92hoKbsBoRpv8F1zPZcPNLUnyUzqLH5+CeIibAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QI822isg/wPCowEwYDVR0jBAwwCoAI4mI6Ojs0onswDQYJKoZIhvcNAQEFBQADgYEAilIn" +
-        "OD0iQrLrHRkO4zr9S9VXAJXJV3l9wfbLBweXM3q/zt4HGKBw4Wq1Yn+AfDxXrBtJA5hP5e" +
-        "d7CDd4eM93yeKozdZCLNZfUM8sJ2/MRh07tvwJ19e2STklED8b/ndmr5my8H8jjJDaaYww" +
-        "qTSnXqpcqsUsj+kV4Mk0DvVWT3w=";
-    public static final String[] TEST_9_DATA = new String[] {
-        Intermediate_Certificate_CP_03_01_crt,
-        Intermediate_CRL_CP_03_01_crl,
-        End_Certificate_CP_03_01_crt
-    };
-
-    /*  
-     *  test10
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_CP_03_02_crt = 
-        "MIIClTCCAf6gAwIBAgIBEzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAzLjAyMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQC4AbP8gDUUcIa8w4pEsGgbYH2sz08QMUXd4xwx691i" +
-        "9QCcyWSovQO4Jozeb9JwtyN2+f3T+JqZL/gwUHuLO2IEXpzE2C8FzQg6Ma+TiSrlvGJfec" +
-        "TlSooFmEtD3Xh6I6N5PM1fpyyY2sOOhARN5S6qR9BOuxkBAqrAT0fgqD2TswIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQI97nJCqq6+kIwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
-        "hvcNAQEFBQADgYEAWwpfh9oOOvj9xHS0zcczaUIHTkpjgk09I+pERlu0Z0+rHvpZGge4Ov" +
-        "NDFtMc4TgthGcydbIwiKogjtGBM2/sNHIO2jcpNeOtNKLxrzD4Y0Ve164kXBu9Mmsxx4sG" +
-        "7XUXZWgiOPfu/HmyPVdzbIReJdQO515SNx7JdgVyUkyhBxM=";
-    public static final String Intermediate_CRL_CP_03_02_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1DUC4wMy4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI97nJCqq6+kIwDQYJKoZIhvcNAQEFBQADgYEAC9Hv" +
-        "NevV6/Oz3wcgEbDgZYRKJRdr4OW4Es7R4ahjz3sH6GXZ1HiEjx2+frmp8LMshQ4D+hpjRk" +
-        "drSPko1M4a/fQCYxbonZ0xjpYw067dwLmr56+GPJAxkzcSmFKXx+ejyQpG+9+qCR+zm98V" +
-        "lop6besAaGUjZKnYShIQOfNzDZk=";
-    public static final String End_Certificate_CP_03_02_crt = 
-        "MIIChjCCAe+gAwIBAgIBFDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1DUC4wMy4wMjAeFw05ODAxMDExMjAxMDBaFw0wMDAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDMuMDIwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMJMiW+G4bgoRaYz2OUu/+PQ/yp4JgFOB3Vegf5/" +
-        "vIrF4gsnoQxOCCsO5JTLrbS5fi3COjvM5w9/SZpNHtSfyWb9afmx4DdrT1bNjma7I6PCid" +
-        "yxMzX4iTLeaMRnqBk4A+/0Wf2+4VzCqr8aViIiQ7u2JfZiTQ4dZxDoUW6G8lrbAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QIEjny2GzFXGQwEwYDVR0jBAwwCoAI97nJCqq6+kIwDQYJKoZIhvcNAQEFBQADgYEAJw3T" +
-        "3aL3pYbZhswgshOvJ9Y1qv65R6rClSxB5lqBw6+Qki4ZpW57NK8LwaGS03XzDUPaDi4/9R" +
-        "hGCHpP24fIskS4n4jNZgKpGtt6VEVorUH7cOLNCw2cuwMlKbkyZnNdx2JqTMMlHzNJ3cmy" +
-        "aX3F70IY0OZbwCKdUo/uMVC6hss=";
-    public static final String[] TEST_10_DATA = new String[] {
-        Intermediate_Certificate_CP_03_02_crt,
-        Intermediate_CRL_CP_03_02_crl,
-        End_Certificate_CP_03_02_crt
-    };
-
-    /*  
-     *  test11
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_CP_03_03_crt = 
-        "MIIClTCCAf6gAwIBAgIBFTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAzLjAzMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQCjLYKGKEMJgC/r0NH7vubQZ5qPEFEEN6QdLUWWqf/O" +
-        "Yqo9hboQq6S8dFHp3DVR5x/4NOdNRjsTABbXsnz8U+L7+4CorhDhXj29weGMYIIfJ3XSIb" +
-        "T7sE/GOPmXeGhrTv2zucI1j80sN5nTEoiGFm10LQqAgoyV46BxDltf3/D7wwIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIhCIOyzfScpAwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
-        "hvcNAQEFBQADgYEAA18kQijoJebmTQS7n/q/fQx2iblOJaJAWQLHeGCCGqKxCjUpOxuD+y" +
-        "xMspmTKdQqEkqQ5vpHdFYQ5MYuecqAdp6woWUNQGVd4HHPmHsAW3Oppwb0yLggYs8IVHjm" +
-        "dNO1pYb+YYciCKBtX8D1OnedIRcrQmDMJUjbfmAEv/4b0EM=";
-    public static final String Intermediate_CRL_CP_03_03_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1DUC4wMy4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIhCIOyzfScpAwDQYJKoZIhvcNAQEFBQADgYEAk34j" +
-        "SxMr8p1h1qJWlfoh4er9pu1AkkHujovan6Ctx89VwFdOS5Kw82OCvD+nmJAHrFuncNlClf" +
-        "51G8FCEAFLhMNwic4WAxrBX15hcUTaWk8Wj00dfUFwjG8/Kv3QUCDBN8f3KC8/oBeORRX9" +
-        "dHW5ei2IUKuD1ITCeIoyRDBxQIg=";
-    public static final String End_Certificate_CP_03_03_crt = 
-        "MIIChjCCAe+gAwIBAgIBFjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1DUC4wMy4wMzAeFw05ODAxMDExMjAxMDBaFw01MDA3MDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDMuMDMwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALSw1Ey7kzFzzjMS4oTSrZH/95NMHLxtUSaVGMCy" +
-        "0q2iLfGZ79eTS9megQUranYlIuK411yvFtskbFKf0idMKBtM8nX3Rxubm5EnbnpgvNrBEg" +
-        "0FbOPqpSaR+8pxZ6lweB45tkzLU3OZeAZSpGOY1UvT/htn6Ae8JQAVajSvYyfNAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QIF014kOHikvcwEwYDVR0jBAwwCoAIhCIOyzfScpAwDQYJKoZIhvcNAQEFBQADgYEAdLMM" +
-        "zGPPvBLgPbhn2tba/7HiaZaayHIxTXmpW0KAhP+8hwapOitrtLGPwqVtxQ3GoSMZJPMDCV" +
-        "WsrT3OZm27G6ytqqNZ2ZO49UC7WwQ49TVlN79Ui9RZIBnRzlMIDNKsyuohfSRhFZTkWdoH" +
-        "/y8ulY8k4xBThV8e8IRgtYj3nhc=";
-    public static final String[] TEST_11_DATA = new String[] {
-        Intermediate_Certificate_CP_03_03_crt,
-        Intermediate_CRL_CP_03_03_crl,
-        End_Certificate_CP_03_03_crt
-    };
-
-    /*  
-     *  test12
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_CP_03_04_crt = 
-        "MIIClTCCAf6gAwIBAgIBFzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjAzLjA0MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDbUii3czeUQ2zNlxvrhnJ0LcBGxCDHFr3xx+plDg3f" +
-        "uasDKCY/VjCLEfQ5a2oqcovvGKsd2CPXbCFJtimW1R7Dvt+a0y95fppsdseorYDikiBlOj" +
-        "ja6LR3Cz3bslYc133C+W/MKHMJ0tdvtTk+SJrq7lqs+iv/b/xHC3k/gDjIswIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIFNw3o1kc4XkwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
-        "hvcNAQEFBQADgYEAn/pr7/noYyjXSKEe/eLk3l4Rb6PEhNAnzySmxGkjIjWKAgh5IVYSGV" +
-        "KFO/FaNOiYkRFHwXZFNj71q7gbM+HwALurN0Mr/MUA1TSpPy7YhFL0SWq3C3XsC/dVJ50b" +
-        "HmTW+dGcxboX0h9HeKFxp3VyOY/dUut2oc+s/TnmqQII1CU=";
-    public static final String Intermediate_CRL_CP_03_04_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1DUC4wMy4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIFNw3o1kc4XkwDQYJKoZIhvcNAQEFBQADgYEAMoJ5" +
-        "jGE1AxxfluixG8Sk7H4W2rqSEkQyNHfnlKSMbh9KZA3evI8HGKGGfkbBNoe4/HauZ4NVFw" +
-        "FXgllCp+TI8Qd+HafFoDv6ff1K7T86p6r7tE3AEM1XmbnfohP3/ivpIzustv/f2rqjxILK" +
-        "Ldvrth2/OlNygwY+D54lcWH1DX8=";
-    public static final String End_Certificate_CP_03_04_crt = 
-        "MIICiDCCAfGgAwIBAgIBGDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1DUC4wMy4wNDAgFw05ODAxMDExMjAxMDBaGA8yMDUwMDEwMTEyMD" +
-        "EwMFowYDELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UE" +
-        "CxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5nMRcwFQYDVQQDEw5Vc2VyMS1DUC4wMy4wNDCBnz" +
-        "ANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAuSL9tB1JW6JPUO2Xw6TMYkPX41lru3EPyYko" +
-        "YgXy4giy6LGoqbgtskHehD22v3rfWjqOd9iV2PBio/vYE4zEz0H0n84dpnBvog6A1AlE19" +
-        "PkQ1txjzIA52FQIRwRfZ38LaulQEfJ0a+fiRHQiM960O3YvHXV+GEbNcw4jo8b0sUCAwEA" +
-        "AaNSMFAwDgYDVR0PAQH/BAQDAgXgMBYGA1UdIAQPMA0wCwYJYIZIAWUDATABMBEGA1UdDg" +
-        "QKBAh9/WgM+UT6bTATBgNVHSMEDDAKgAgU3DejWRzheTANBgkqhkiG9w0BAQUFAAOBgQDR" +
-        "I6PKUGg876/fSljtqxXCR4CoGAAurNFOcM4EWeoc6ZvuDOi3P7rNYiYAXXlmp7epOAgvZP" +
-        "EV4vS16ODaJO6qIMR1YsaGEPo0ecT2pEStvP37X6pb5TdyjyKYF3586IN6TJdFMFsW/Lqg" +
-        "tucl9bGlWmfTVwxTexq6+D8diK48KQ==";
-    public static final String[] TEST_12_DATA = new String[] {
-        Intermediate_Certificate_CP_03_04_crt,
-        Intermediate_CRL_CP_03_04_crl,
-        End_Certificate_CP_03_04_crt
-    };
-
-    /*  
-     *  test13
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_CP_04_01_crt = 
-        "MIIClTCCAf6gAwIBAgIBGTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjA0LjAxMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQC5UJ+KMj8tAmzr3OGYL2gSFcNTf8ik+ZVxlaPVGHyS" +
-        "KjYQBAEbefhfg5Ps2aIuqBwYkbtFXuHif5GEhgObA4InCyESeRjYLGcVMqwSZzAOFAR0dP" +
-        "1LzgzQs3ZgG9JX5MO5wEZ8IMnVN4Otu4XIlWSgIpUNS2vyet8Zi7t9fX+JewIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIOZvfph4Uu9YwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
-        "hvcNAQEFBQADgYEAXMyscmGpKSLG3hQltMQLegy0+g5wzgOrbFOWxZmiVNR+zSsHDD3UAH" +
-        "H4SyTozlooC0jAY4yAhZ5RX6SSJKx9fHsOZD9ldCmst14qLk3pkI+M0QiPBZkVTx5/7dR2" +
-        "wGkuNKSVWH6woOq7BbEzpO7xMlrUr6tgHt4Dc6Evt1pVZls=";
-    public static final String Intermediate_CRL_CP_04_01_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1DUC4wNC4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIOZvfph4Uu9YwDQYJKoZIhvcNAQEFBQADgYEAe79z" +
-        "iEUgP/mvouJ9ufit1y4SjnHQWik75W65eGn/XGArRrBqJ8jZVJE4/rpDBbzm2V0hQoWU8z" +
-        "zchZFlesUyqQZ9KUlT0YGR0YPcNw/V+58RonWWfmU3M2DvWDrXgCOXPm61+AYq4+kTowsG" +
-        "0stmeML6NxjDzWpfAgI/MpXqe80=";
-    public static final String End_Certificate_CP_04_01_crt = 
-        "MIIChjCCAe+gAwIBAgIBGjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1DUC45OS45OTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDQuMDEwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAPiAZKXPjK8jvaNj34VynyKPK7dQtFysBPKFW5Y1" +
-        "Bc+OMsyd2pPpQoJYcQTMMomlAqoBvSXUJCMNly/BxVuvn7l6I9crtx6PjBBUlEzdcsscaa" +
-        "EaHuCCVl+Msnr66cSV3GqVGAhujun81+lyurcTEog3ftsohwbQnfA76qNU/N3/AgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QIJZPDbf2xNv8wEwYDVR0jBAwwCoAIOZvfph4Uu9YwDQYJKoZIhvcNAQEFBQADgYEAZf4L" +
-        "1RDHDXwwA2CgcIhM4CAfZ72CR2zOan0at38VVFB3u9vs4VLwFcrOQCIjDbdLijc0XWLima" +
-        "4vCD1qrsv6Hk5+6113HfFNmD8mp6X5jAwoNPa/I4kmFOA8iIm4TTk7M75vQyCQTPG0VzbU" +
-        "Nu3uwTbXKm5ME9C5MFMf7z347CM=";
-    public static final String[] TEST_13_DATA = new String[] {
-        Intermediate_Certificate_CP_04_01_crt,
-        Intermediate_CRL_CP_04_01_crl,
-        End_Certificate_CP_04_01_crt
-    };
-
-    /*  
-     *  test14
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_CP_04_02_crt = 
-        "MIIClTCCAf6gAwIBAgIBGzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjA0LjAyMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQCteErspc5ekSOel/wmjn/XQ0HUy4XzxB5Zj0nGn9FD" +
-        "PbjF2LERCHOn5aBnIMHYhyr7PDynwbvSx2egzGC6wGe9Zrri1MteirQ9Ppw7062IIleloy" +
-        "UAiuwvD+s0npKsvboarQsCMfOB1hOB1tGG1bjXP6B5B187SZXuR3KawggyJwIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIUjnGp96itUMwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
-        "hvcNAQEFBQADgYEAR6fmN+9p5AWy/asEAiVBnbY9q7EQXyB8WuZK9FtFmupe3hlfcTq84E" +
-        "A+TGvXOlNr05/1iLRv82GsWXDif7DlGVPN8CS1+0kb5Ve8Pmv2ziiWVREqWx916ioPjDRp" +
-        "wvdGcCNC26+fyvv5TrP8uzojurl1ZlVRRqi2sIbopVX5r8w=";
-    public static final String Intermediate_CRL_CP_04_02_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1DUC4wNC4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIUjnGp96itUMwDQYJKoZIhvcNAQEFBQADgYEAZkXJ" +
-        "aJG4QDE02wFURwaxWuv2VyD7m+N/2B0/9KR+6UKVpsMd2XHq+G3SlFOa6dA/fHUdhtUs2D" +
-        "gpx3SfQYbcgKFrryZHqJDK230eP3F41S9g5XJTRaNR5iZvxvh4bmSf4l6a5MXsKEoBoJoT" +
-        "j8cU4qg6j7Xk4NpIR1JbWiSIYQc=";
-    public static final String End_Certificate_CP_04_02_crt = 
-        "MIIChjCCAe+gAwIBAgIBHDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MRAwDgYDVQQLEwdUZXN0aW5nMQwwCgYDVQQLEwNEb0Qx" +
-        "FTATBgNVBAMTDENBMS1DUC4wNC4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDQuMDIwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALM7mfq+hpLfvQdqZUJfIx/2gFcgHS2AsgZn0An+" +
-        "Yn61WtG8K2+lt/a8aypa/q+J93RVkRYKWKFQcJHiRgx7DMlXElVnfQbSFuLX46ng4hqmQL" +
-        "sSOKmXDld2BlyMZ41B3rfdhJT8P12RMR6uAwvc9CH3b0UTcsc498Kj+JeaRbzxAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QIo7S64S6t5nswEwYDVR0jBAwwCoAIUjnGp96itUMwDQYJKoZIhvcNAQEFBQADgYEApNT5" +
-        "Y+9Jc28m5Qwjm+/8SKk83iCPnIW3BsAvQUB9Wmd1+kMZvqLySQjm1tBBbcGYuSERMJ2Et5" +
-        "eoTdL9B6EG2CZYnPqu1vk0TVugRxs7IJm4h5z4MCInf2g1KTt0AMEasQW6ZTj7DIkkU48Z" +
-        "EKLPoBGXfD9t9Y9cmdj1e1RQbog=";
-    public static final String[] TEST_14_DATA = new String[] {
-        Intermediate_Certificate_CP_04_02_crt,
-        Intermediate_CRL_CP_04_02_crl,
-        End_Certificate_CP_04_02_crt
-    };
-
-    /*  
-     *  test15
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_CP_04_03_crt = 
-        "MIICmzCCAgSgAwIBAgIBHTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGQxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEbMBkGA1UEAxMSICBDQTEgLSAgIENQLjA0LjAzMI" +
-        "GfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD11QBcw4P2rTUfPmbVNYqdo0AMmcB3Yxsx" +
-        "Iz5me/S1I2PJLtRh9KP7lUV20SMEFsFKtE1C+9O7ODtOUCJA/6ECeXbyj20SbG1E2oQrZe" +
-        "gkcn7IQDUgnuedzdFj4kTevok6ao9hycg+qeZrL6oeBD2XQCd9nqMmzhihNu/QOSnp5wID" +
-        "AQABo2MwYTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMA" +
-        "sGCWCGSAFlAwEwATARBgNVHQ4ECgQInx+ELo31rJMwEwYDVR0jBAwwCoAIq5rr+cLnVI8w" +
-        "DQYJKoZIhvcNAQEFBQADgYEAriYMoRDpSPI4HWrxN1rjqWIzggz8p1wpbEFgK5o/Fi2KT3" +
-        "jCd6bfCcIFDpoXNqlsc+dvzc4XB1Eg/Qbcror8HP8LSxrbFw/y7VhC+wCaDCmhcqQn3rp/" +
-        "WaOWnR7/H7HlKM9m1u7MBtwlxHINnLKwPHIA1XwmAnItAXIL2yHRJhU=";
-    public static final String Intermediate_CRL_CP_04_03_crl = 
-        "MIIBUTCBuwIBATANBgkqhkiG9w0BAQUFADBkMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxGzAZBgNV" +
-        "BAMTEiAgQ0ExIC0gICBDUC4wNC4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWq" +
-        "AjMCEwCgYDVR0UBAMCAQEwEwYDVR0jBAwwCoAInx+ELo31rJMwDQYJKoZIhvcNAQEFBQAD" +
-        "gYEAvJgOX6tewnRbC9Ch+Fe4KjkB9IAhe5anQKGfnDHuLfga6JEjOzyfhonWZeppJwvYpl" +
-        "1rZbsKICNphMDkd/eaWnn8Q9w02ah4kzIb0LuzrNBrxpFv9AAidfGU2VeF0gRi02jtAZsh" +
-        "gUNbrdC+ovA8mAsBigy+HMzCi61+wrumwvo=";
-    public static final String End_Certificate_CP_04_03_crt = 
-        "MIICijCCAfOgAwIBAgIBHjANBgkqhkiG9w0BAQUFADBiMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "GTAXBgNVBAMTEGNhMSAtIENQLjA0LjAzICAwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMT" +
-        "IwMTAwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYD" +
-        "VQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLUNQLjA0LjAzMI" +
-        "GfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC2Rd0VKnTIrME7hzpnpIPGXGXZCjpf5lSO" +
-        "19zvB3WdZumLGdwUBXpIQTrl5teYgL62PpOwNC93URZDEUt+rqoqvs8E7MpF3IulStp2+H" +
-        "/xa6Ihf4OmkgKjpHNTWOIFXeRJ4sVgWuH6cqQ+6GL+0fa1sed1crsEgTTAGYNhFi6ebwID" +
-        "AQABo1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR" +
-        "0OBAoECBNwCFdDgPCqMBMGA1UdIwQMMAqACJ8fhC6N9ayTMA0GCSqGSIb3DQEBBQUAA4GB" +
-        "ABAjSPg794yiVz9RqdNxic8TGnApNrZui/vwr1U8ZkETZfx8W1fWgQ0z7KjryML5IOmvps" +
-        "zycM7by6jb2kMmxI1SQCwjiNQ1fb1osrNAj2bRfpp2YgjjbHx1XkddommtVc0V8kvyQBcb" +
-        "7NdxfbwKr8AtpiWTWIajc2uqUlELsLzr";
-    public static final String[] TEST_15_DATA = new String[] {
-        Intermediate_Certificate_CP_04_03_crt,
-        Intermediate_CRL_CP_04_03_crl,
-        End_Certificate_CP_04_03_crt
-    };
-
-    /*  
-     *  test16
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_CP_04_04_crt = 
-        "MIIClzCCAgCgAwIBAgIBHzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOQ0ExIC0gQ1AuMDQuMDQwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOFf5hr4R8IqTp53qQSiBEjOFQ3Q3ICcafl+FLzm" +
-        "K3xIFqERjyXARsTM4gDQ9yntFeNp2TiIi98xBrz7D8TlrbTAmxO/PUfAQ68tXpz9Id/XrU" +
-        "WeAKxMZULPL9nPFcGQoh0qq3JKpFRSb3Iobryfysblm7cCDDCJOI7uK14XZtTFAgMBAAGj" +
-        "YzBhMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMBYGA1UdIAQPMA0wCwYJYI" +
-        "ZIAWUDATABMBEGA1UdDgQKBAjior7qCuLBljATBgNVHSMEDDAKgAirmuv5wudUjzANBgkq" +
-        "hkiG9w0BAQUFAAOBgQBhh55gTy5htqjxW1Ch2hRrRikhBH7LJz1PmDuzwiIOtnWL+EiQOY" +
-        "T6h3NV1j8Kn5S4KhUOrhnvrPXRi22HdqRzEPl7y/wXm6G0XcgYlyy2ofZKdYVWCVStKAMW" +
-        "5SwV2wC5RPK2KphdhnlEqss6QVRUsliDDjnf9Saiey9nzJAfNw==";
-    public static final String Intermediate_CRL_CP_04_04_crl = 
-        "MIIBTTCBtwIBATANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNV" +
-        "BAMTDkNBMSAtIENQLjA0LjA0Fw05OTAxMDExMjAxMDBaFw00ODAxMDExMjAxMDBaoCMwIT" +
-        "AKBgNVHRQEAwIBATATBgNVHSMEDDAKgAjior7qCuLBljANBgkqhkiG9w0BAQUFAAOBgQBI" +
-        "VlXD5FnIiO8tavLJ8qo/qRhbBNgUbFBdAgAY6yVnFNP6YN4qPineYPN6NV1XdqNDrZh2Nz" +
-        "GHzX3YDo1Uv9yABVR0NvXCaMIW5/raqZp/on6bPuQLgJe9UisOPKunzehTm/NmO1RW9dwU" +
-        "37UzC0XnVHyVipDVh07DrTKBUtQJQw==";
-    public static final String End_Certificate_CP_04_04_crt = 
-        "MIICjTCCAfagAwIBAgIBIDANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJVUzEZMBcGA1" +
-        "UEChMQVS5TLiAgR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRswGQYDVQQDExJDQTEgICAgLSAgQ1AuMDQuMDQwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMT" +
-        "AxMTIwMTAwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQww" +
-        "CgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLUNQLjA0Lj" +
-        "A0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCegy6qOnM14CS7+enBElgh2DLtF5bn" +
-        "ah0yfA18/hbqnmUaWOWJQllyXa8QFawnvdXOOEXJm1ErIm3rDYihkbUTP+ybOBH9dprWtl" +
-        "1cSGL9CkoxwzkJRLQTu5xG72EhET3S3kwqZsmYbgy4MduGKv9VGFbv75Wr17Vo9K4Lz6QK" +
-        "vQIDAQABo1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQ" +
-        "YDVR0OBAoECEc4b3BP059HMBMGA1UdIwQMMAqACOKivuoK4sGWMA0GCSqGSIb3DQEBBQUA" +
-        "A4GBADj73jXpPLev5crwZIoXCJd/nXXp1fJzEEbByWggsR9cFHN4wnp7N6gpIxQbLQwjmo" +
-        "cLPC1pHQ3A5VHVrCbxAk6nifmSvnKFWHTBftZGpfTGkrXbURFF64T/CB4O+JXr1eBUGheN" +
-        "Q0T8L17UNgi3oBENKjASWnpjxvD2QrOnH0rb";
-    public static final String[] TEST_16_DATA = new String[] {
-        Intermediate_Certificate_CP_04_04_crt,
-        Intermediate_CRL_CP_04_04_crl,
-        End_Certificate_CP_04_04_crt
-    };
-
-    /*  
-     *  test17
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_CP_04_05_crt = 
-        "MIIClzCCAgCgAwIBAgIBITANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOICBDQTEtQ1AuMDQuMDUwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMBsWmrcKH0J9bkI3zHthZ0S3904f3fMUSasY5qp" +
-        "7CSQ0sbXTwP947sfAPK4Dso6Bpwl0WExRCdFHd6qfY9wR+NtfuI/DkFEY8WveoqM4Vskpi" +
-        "cutWghCx14PiPY5YGFn8VvXu7wbuHp4TnHtUCMEUt3EfYO5oqm+/I8y0eTKMNHAgMBAAGj" +
-        "YzBhMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMBYGA1UdIAQPMA0wCwYJYI" +
-        "ZIAWUDATABMBEGA1UdDgQKBAjOoKlp+BfGqTATBgNVHSMEDDAKgAirmuv5wudUjzANBgkq" +
-        "hkiG9w0BAQUFAAOBgQDLhQ/RJFqMDNRonAHZ30DYyphf8do4q6ARikhhXSSa6G2G/PzbpS" +
-        "x3T+3G8ot+NnFhtf9ZWo7KfwmFEbUA/B/X2vJaJbNImkMDT1aTY5sPXtA69B3QKQVz7HST" +
-        "f5XH6DjuoV0/m1M153A4vf1Z783dOPw1MzOq19t+6tYFeELEHQ==";
-    public static final String Intermediate_CRL_CP_04_05_crl = 
-        "MIIBTTCBtwIBATANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNV" +
-        "BAMTDiAgQ0ExLUNQLjA0LjA1Fw05OTAxMDExMjAxMDBaFw00ODAxMDExMjAxMDBaoCMwIT" +
-        "AKBgNVHRQEAwIBATATBgNVHSMEDDAKgAjOoKlp+BfGqTANBgkqhkiG9w0BAQUFAAOBgQAp" +
-        "6gLCdPQw7Hisnr1i3QbD7GybqfD6b1s10GQ3c/j59RYDe1Fk47Srs9ol/baleasWjcdt8M" +
-        "SlTc66KvK9YPFAqIdYoOW4FidpJBF/1cvSc2hGYwVsxLnXKr9CJ5Py5vBCCjovIRiLdzoL" +
-        "ZoteOKFIEHkV7V8V2OTFawxpW9hkiA==";
-    public static final String End_Certificate_CP_04_05_crt = 
-        "MIICiDCCAfGgAwIBAgIBIjANBgkqhkiG9w0BAQUFADBgMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FzAVBgNVBAMTDkNBMS1DUC4wNC4wNSAgMB4XDTk4MDEwMTEyMDEwMFoXDTQ4MDEwMTEyMD" +
-        "EwMFowYDELMAkGA1UEBhMCVVMxGDAWBgNVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UE" +
-        "CxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5nMRcwFQYDVQQDEw5Vc2VyMS1DUC4wNC4wNTCBnz" +
-        "ANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwZsiUhXiFHN9dfJb0Yyy+rYtV8gx+d0+8WkW" +
-        "5C68nQgSqqk2uSTpvZbx0bpHF+s+LKppj2M2tt/AfZgVQHTsp5rO0IftZE2iLwqejj0rYU" +
-        "Poprq1PE3vVhs818ZlDS0PTUP97YxLysQjq2jS/d/9lF5pS3sMlP4Usp24gXX0vG0CAwEA" +
-        "AaNSMFAwDgYDVR0PAQH/BAQDAgXgMBYGA1UdIAQPMA0wCwYJYIZIAWUDATABMBEGA1UdDg" +
-        "QKBAjpC0ZvCXrvBTATBgNVHSMEDDAKgAjOoKlp+BfGqTANBgkqhkiG9w0BAQUFAAOBgQB7" +
-        "YwJWcx+PU1sUZUOVleoB5amHFu0GT+Hy7cRa82UJMHFkz0bmnyEV8CBNcnn0xa5iVfwe2y" +
-        "5ZKwy61DLR3MPTar9eKITL67uZag9w+1tnIf594XRbEiUzn20uxuDFX3oPoZCemtWdVanj" +
-        "2T+9TVQKfrp15+qzOCObNNRHZw29EA==";
-    public static final String[] TEST_17_DATA = new String[] {
-        Intermediate_Certificate_CP_04_05_crt,
-        Intermediate_CRL_CP_04_05_crl,
-        End_Certificate_CP_04_05_crt
-    };
-
-    /*  
-     *  test18
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_CP_04_06_crt = 
-        "MIIClTCCAf6gAwIBAgIBIzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjA0LjA2MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQD0t0dfe82Su58bJdn4dh7E3OCam1AUPTzPnt7DwT2w" +
-        "1XwD76OCUYP7SBBjsLYDDfUCb2ek96pSK4jpzyE6/4IOtfObe7OW+iBT9YAB5WeW+SmvEO" +
-        "TIX+xo13sbz6rG6j9svcOxtth98yv7mxzV/ZwTNBSO72CcfDXIIq20TVunlwIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQI0AufZEn1f9AwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
-        "hvcNAQEFBQADgYEAbfhxuNBYizxfMZNcyiN61j+7LXZZo3SmMU21UmOhPBTmdTbIkuVCI+" +
-        "F1jSWdu3eGShVNJ3jmkidDvojMm+E8ZZ1YGHYfgeG16dDQudaGUjGmOfYzzlkFmsaf0paG" +
-        "4y4sBerPsZCmhN7BanGh3qYPFvadSmp3OapGfEmDtS+BbVQ=";
-    public static final String Intermediate_CRL_CP_04_06_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1DUC4wNC4wNhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI0AufZEn1f9AwDQYJKoZIhvcNAQEFBQADgYEAIAI7" +
-        "W6K69twJZnHx6CoIMs5+P9DrJ2yKHptmntlOCTSJirC/xdj0Zv2k5FW84VrTtdCSZDT1Ce" +
-        "4Dh69fT2sUUexJb/4IcDtzloiuASSJzKWCeVIj9A8e6+coNUJVKtRKRX8bHJ5Un7xpFrY6" +
-        "t1hdxt8gUecAAdXEFGuZ3QEHHN0=";
-    public static final String End_Certificate_CP_04_06_crt = 
-        "MIIChjCCAe+gAwIBAgIBJDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPdS5zLiBHT1ZFUk5NRU5UMQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1RFU1RJTkcx" +
-        "FTATBgNVBAMTDGNhMS1DUC4wNC4wNjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDQuMDYwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKq8rAPXsu1RVm3vT7od7CDLn8k/C3x3wvfzoWrm" +
-        "W0cmlhp9xRy5a3HWiJATD8yCKY1psBgnrOpv37sdtUX4P2kf668HrYOaGo365fKPeT5Wjm" +
-        "gp0pL3sXKNNsCuJPd3wKAXGHAi1R9arZFYPsKJlfQl1774dwAvzxSOMr5+pbnzAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QI33MEYdo5YX4wEwYDVR0jBAwwCoAI0AufZEn1f9AwDQYJKoZIhvcNAQEFBQADgYEAo8Ge" +
-        "ADBoJFEIRzdO37uasuyIBhClTUgyFhEKemMBN6aelYeiJMX6FZIL3DgZOce4dg7Zg3Ak/w" +
-        "B5m8XlGQLW9xIbpEzY/Iq9kr+qK6k9YmvtcOiHFbnudCFNZngTQZpxjiDaj4eA48uqKIxs" +
-        "51taC5gOv9LYWPnugN8TsUUFZ1s=";
-    public static final String[] TEST_18_DATA = new String[] {
-        Intermediate_Certificate_CP_04_06_crt,
-        Intermediate_CRL_CP_04_06_crl,
-        End_Certificate_CP_04_06_crt
-    };
-
-    /*  
-     *  test19
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_CP_05_01_crt = 
-        "MIIClTCCAf6gAwIBAgIBJTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjA1LjAxMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQCshocJtyGsxeEd2ouVTVKp+HuhDjnDk9eXtaLQIKaB" +
-        "7aTODHYbq1mC+1LO5DmRV5PBVd8NuuCA+1DmzFrfYl+nMCjjgOkC0//Gf9O85Hi/n21q0T" +
-        "F+oVa1j9fc7nAgLIziexaXrflYSbaeNWkwHHftGUninKPuNGM2re0krEeurQIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIaUi/P20o4LcwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
-        "hvcNAQEFBQADgYEAWBLeJl4qlAPKxmBM5QZ2JYsbCV3VBeYGAKQ+4L7ehS63VQMCwIjBCI" +
-        "LaHGIFfCqecDNd6cpYIArdx4tY7X2/Zxm3j5ocngpI1Tv8zydQcFeraILglsHf2UZUuK/N" +
-        "6jKGjwL68C8YwmA+u6ZhcQFD2Xg4wSMC/xxzAs9zEAQGBPo=";
-    public static final String End_Certificate_CP_05_01_crt = 
-        "MIIChjCCAe+gAwIBAgIBJjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1DUC4wNS4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDUuMDEwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAO9ODA12Fky/Md5AELkaOvOwB31UlfZq3SHAOvs0" +
-        "Y4NYoA7Q5KDIwW8RNzMSKD30z51VlgOAaBVR6HLo6rkcWB4wGiV7EPelewdSOdk72IrnYR" +
-        "npJEm2KEuLkHB+gejgk+paw8CejxMsrvT6loN8Pz0btBKxWaCfknTIyXVyQsolAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QI5LtSKs/inGMwEwYDVR0jBAwwCoAIaUi/P20o4LcwDQYJKoZIhvcNAQEFBQADgYEAOMrC" +
-        "38uzHckKMkiawXhPUHtDQfyR7bLweS2qro7GyndfxPpeMJwjzVxqvQBtMuHON+al8jyXpy" +
-        "BsEryV6qvdFC1vczLzJHAJZmLe5np27zQIXOObsyYcOG+aPq727/pKoD90DAlBvrxNW0ox" +
-        "x7citflEYpmOEv9Do5xiO3MuCFw=";
-    public static final String[] TEST_19_DATA = new String[] {
-        Intermediate_Certificate_CP_05_01_crt,
-        End_Certificate_CP_05_01_crt
-    };
-
-    /*  
-     *  test20
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_CP_06_01_crt = 
-        "MIIClTCCAf6gAwIBAgIBJzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjA2LjAxMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDI4MXZB08BfUHxo//4Re7Ax0qWkHgy6nb+/XaLQ2Fw" +
-        "Pbvpb5mkhLhqDZBSX3KQL0YiJ8p81tmdvRQH/LbFzX/3OKBTUfV5imYy979A2NEb4otFp6" +
-        "EDSskZhttY3d2IzUICoCWUXhObnmkHJ2jEc81bggFkK5Lir1m/tKq2IOPFJQIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQICIAmlz6+Cc0wEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
-        "hvcNAQEFBQADgYEA0ZvIG2cnk32p6uxqGw8Bu40NrfHu9gNkJL5MhDHJXA6OxU5BX5bWZp" +
-        "LnKXLoHiqSdtEdmy5cLZw3kggxndxjsnRFMyCawaYupJBhlgquFbuvBtA8rMtkc5H4zudP" +
-        "ZcOcvXu7Xw58K+1caSGURL+A6uXFPnMUBd1+k+ejbtO8Pto=";
-    public static final String Intermediate_CRL_CP_06_01_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1DUC4wNi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAICIAmlz6+Cc0wDQYJKoZIhvcNAQEFBQADgYEAbkJe" +
-        "jfc1rztCbtC6xJZ3iZEDDMW2CxFvOvSwhmCjPqVY3lrCPNSQzdjmqepioCnu7ongP+HAA7" +
-        "hM7bm+SoN7KzXKufQ7C2ONoAwvoPZgnoidg7RVECxUByD6AJu04yd2wCLYRpCfS2tDtXLh" +
-        "HEDpe+ELwv35pbkCMlCO2u7J+Tc=";
-    public static final String End_Certificate_CP_06_01_crt = 
-        "MIIChjCCAe+gAwIBAgIBKDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1DUC4wNi4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDYuMDEwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOh7lUwMRet7t/ABI6mo27CsnRzQ64Xx7f1dqxrJ" +
-        "NuuSRslVShaWnwiGHjc+5/TS7Urfj9VO0dseBCzPsyYFoIX1q7Q5zlArwy24qpXTGMmlpE" +
-        "GByzi7jkXO8w5+wqh3+8RFrQQzr71zLtAVV/qPUyleuF8M8jzkwfPvawunmwdLAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QIayC0PPU9zyswEwYDVR0jBAwwCoAICIAmlz6+Cc0wDQYJKoZIhvcNAQEFBQADgYEAPz7b" +
-        "UvaEV7Myjhe8LJO/soj84X71rvVPtBPrhYjWTJ6p69GCfJRyho3vAUIt8RFal1GFb72c45" +
-        "DQGkcVzLLJw8cDP3ajtWac5HZ9dNPJkW+Kh12l9gqjn061XAjQ4XnbbwQDYCuXhguPE9v3" +
-        "kzDbimwVwIEOB/4SARX37y7TUWk=";
-    public static final String[] TEST_20_DATA = new String[] {
-        Intermediate_Certificate_CP_06_01_crt,
-        Intermediate_CRL_CP_06_01_crl,
-        End_Certificate_CP_06_01_crt
-    };
-
-    /*  
-     *  test21
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_CP_06_02_crt = 
-        "MIIClTCCAf6gAwIBAgIBKTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUNQLjA2LjAyMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQC/IejV3DmeaLW8OwMfAGyr5+8NOxM1C+UBYslbOfWj" +
-        "KUGdhlX6TxFc5AOJVJBpS/QjeA+RWoUCxnxKb9QSlOrBmADrcnGz8zV0/c0JDLaU3oSgsV" +
-        "EWZE0SexBVWrKcl1j7wN0RuxMeAp342/YoyvBwea3VeqJkmSCc7Y2TjruWEQIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIaHxWOdHsLbUwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
-        "hvcNAQEFBQADgYEAuzeq/lqp0qs62krK6EA81Silhy42l/KmynE3mVu9GPBgQS0BUDi7+r" +
-        "QQ+m0UxYElzj2SNO4J5aBYeC98lVJFCHX7QE8yVOoPBQd5rA+rrz4HD9QoP7glxTqLU6Tc" +
-        "9VFd+iaFpqsVtSh2bxH2BtUB2ARgebTklaNl5VPbu0+yc2I=";
-    public static final String Intermediate_CRL_CP_06_02_crl = 
-        "MIIBbzCB2QIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1DUC4wNi4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWjAiMCACAS" +
-        "oXDTk5MDEwMTEyMDAwMFowDDAKBgNVHRUEAwoBAaAjMCEwCgYDVR0UBAMCAQEwEwYDVR0j" +
-        "BAwwCoAIaHxWOdHsLbUwDQYJKoZIhvcNAQEFBQADgYEAYGaAzVoUdlSZ3uGKiRPfHAFIoK" +
-        "T79hNOvtOxaGA0aIek9OypDrDqYAh/s2jsXSheL0pr/v9WRIHvtCt7ytXDxVyn4Nxjpfv7" +
-        "BkAMMiccdUx1OH1VElTRkmmtMe7ROzUeHUGzXJNPex1Bc9BvSChH18bWYckyOZdYJBjctC" +
-        "KJFgw=";
-    public static final String End_Certificate_CP_06_02_crt = 
-        "MIIChjCCAe+gAwIBAgIBKjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1DUC4wNi4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtQ1AuMDYuMDIwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAK4D9H8JxeIrFuOmx0cSkIYNS0p7cDSBlcc57Na3" +
-        "+1k7lJD7mE9ZP6/47YsDVK2bwe4aTKCTXtPk/kGQ6bsLswJXbyW4k4+f5LeAYoXgbmZXjA" +
-        "WF+BKIl8uKetsqC3HkCeqhBaY1AGUqef4oOAkakEP+1jYFumNYtMaB+9x/0ncBAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QIC9MiJNI71RMwEwYDVR0jBAwwCoAIaHxWOdHsLbUwDQYJKoZIhvcNAQEFBQADgYEAo/ib" +
-        "mIxteityjZlszjCc/s7yM/0snL78pYpMOZ3P2TPKkYh2Th4+Bw8JqX10+M/zwFBj5Bw7Im" +
-        "zCIRfS3GFuKmcVcyHB4OZLMcQZtXWA8GOZ94YvWq5TBINlVtThQtusQj15KBq2TJNNFUyD" +
-        "pBdvyo05AnEsRY0HbIQu6ZhNQ40=";
-    public static final String[] TEST_21_DATA = new String[] {
-        Intermediate_Certificate_CP_06_02_crt,
-        Intermediate_CRL_CP_06_02_crl,
-        End_Certificate_CP_06_02_crt
-    };
-
-    /*  
-     *  test22
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_IC_01_01_crt = 
-        "MIIChDCCAe2gAwIBAgIBKzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjAxLjAxMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDDOu1J/VIzbB4VcS2Dwf2fsHOmIj3iatM8y61V7CrN" +
-        "RCxCWTJ1Os8e/mFWOi/zN+0afizA0UzJDTe8L++/RlP68IFg5Ju2OhXqQC3HbUZmQ7ve9g" +
-        "QdWTfur3oEJV6/XoVE4WG0Ic7D1p7BENb3LUT+8MJdSboTvAggA1CiOI6zRQIDAQABo1Iw" +
-        "UDAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBAoECP" +
-        "RyRiSV+4XrMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqGSIb3DQEBBQUAA4GBAJlmJ9EW" +
-        "9ujUosqHZyZkniu2vX8VOL52OnxtLxw3LqxLyuxivjyYCaMAaJNr7/xfm3C2ozh9mQyZTQ" +
-        "6TpBapLFUH8QsEKUhy57MDUgIvZsyOvvjJh3AXfSkXDaMZ3ncLg6x0wwjN/Hxu9i+IhX1W" +
-        "1E7/5foGx7AEVfwY7Fo9S82d";
-    public static final String Intermediate_CRL_IC_01_01_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1JQy4wMS4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI9HJGJJX7heswDQYJKoZIhvcNAQEFBQADgYEAV4DM" +
-        "F5gU8MZ6E/mnjAWS+dIRKUBJV1GZJ+hOysdbmK1hD0mj5Pd5qTzlcvLjuatIoIsB5DCpYd" +
-        "AcNRLVvF5EJFhVjqsPzRlfUZth0Xqa+U/DeHjVxHxYsLEOSt+v2bLkbGh88SmOAk6F8xj1" +
-        "l7YIfPX5cIkUBTVZlsUt51slMXc=";
-    public static final String End_Certificate_IC_01_01_crt = 
-        "MIIChjCCAe+gAwIBAgIBLDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1JQy4wMS4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDEuMDEwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAPrk1fosBu0hemIKgTDCeV/RoFbbsm02X4LfZonX" +
-        "KeGRGYZXz4tpWgbNpjKBq1e/2bOO1DCn9I8I2kjvZdOkabk4MLeuRDo/sqlNndu4Ar5502" +
-        "pAo4A2V0QLR4IDHAJoDpxtSFrqELOiiyCx9O9V19ywe5pcBFrxVEWDqTnBUeDJAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QIbI6BhABrmQ8wEwYDVR0jBAwwCoAI9HJGJJX7heswDQYJKoZIhvcNAQEFBQADgYEAYzYy" +
-        "M0wbzNhZftAWz7TfFi64uA9WmTmd4MeK9vga4ChswT4H1zlaV1Sr+3hqpGmOoP5AUd9XIq" +
-        "O/ui+/gFaeuOLI+ATmK+V2KHGAneMwzcw9qbXRc+xZqGGjbXMb3Bowe3qrj3mhyowfa1n7" +
-        "x5xB7XEOqO6sfWxLdDjLVo4sn88=";
-    public static final String[] TEST_22_DATA = new String[] {
-        Intermediate_Certificate_IC_01_01_crt,
-        Intermediate_CRL_IC_01_01_crl,
-        End_Certificate_IC_01_01_crt
-    };
-
-    /*  
-     *  test23
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_IC_02_01_crt = 
-        "MIICkjCCAfugAwIBAgIBLTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjAyLjAxMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDemJgZnOzXOwNGqRA3Xq9aMrAWQU4oFuhSELsEYfLZ" +
-        "GO3ntBjJLqCn+rs3FjR9N94cu63TduOAgqlXqrNbvyO1+SF9m35JXreqn/OS6KrK6c8W2I" +
-        "pDAWJcr89nGyyCXMoJeaOOtj8m2NjZblmCZvtAl5UMOew73GE7Z5fE+jtA2wIDAQABo2Aw" +
-        "XjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSAFlAw" +
-        "EwATARBgNVHQ4ECgQIhT9GjaaHj68wEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcN" +
-        "AQEFBQADgYEAWhKJUujLapxpz/DoD/w48HMzkL6UQCxQPOAjwwHicX8wFcKmcrWLVBdVC3" +
-        "0+ywrzMraWhaq+QCOqsgtxCwTZrfUxbCNqhKS0lZijCMgNN4Jht+PAZ22tzEsw7nCwiMM2" +
-        "n1jeKF/3btoDEUvZn9SuzhkIyxy7Q8l2tbNOsANqpxE=";
-    public static final String Intermediate_CRL_IC_02_01_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1JQy4wMi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIhT9GjaaHj68wDQYJKoZIhvcNAQEFBQADgYEAJsjf" +
-        "oS3F1KMpcVBOC1Z6P5N20TYLCCHG6KETlBA3Rjf8ehNxJKJW0lGd7qHpVHp4BGvkSfaOAa" +
-        "OrC0G59wjDEY+Ci4QS46OYzBcHXMFX5HF2xMq+y5SfQnyV6MQUVVkxJRjgsTLrYwP2JaYm" +
-        "BK/zExhqQgPfgcR+56swBPXqogo=";
-    public static final String End_Certificate_IC_02_01_crt = 
-        "MIIChjCCAe+gAwIBAgIBLjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1JQy4wMi4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDIuMDEwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBANbTVeAxOibAO3KGqxxY3VqKXDr9tKJN+igpKb4w" +
-        "goR0ZnWGDusSVm4pvneZ9qfmi8A0sM0E91+B2hAwsU6Y9RoA7nPsTkFYi5F+hHGIF46Op6" +
-        "8blGrZraGf9bsWXCZFoLoxcgltwjGPQqyZ5mnnm8cxUbtaWmgo28MK1yBH/sS5AgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QI3gkBNo/SISMwEwYDVR0jBAwwCoAIhT9GjaaHj68wDQYJKoZIhvcNAQEFBQADgYEAQGl1" +
-        "7uT2xxYDks6HolrQIpesIoPqEiZ8TkizEBuLG3sUKsC7klHwy2iyVvA6nRUDwf/XzDLpGW" +
-        "/Gn0KTW6ZYIX6snOC1+7HX5OJglQx8tDpDvcAgyocK8PvCrHfu9o33J49aSeLAVpoCHwne" +
-        "tTtJxVfTMmjYWKeDbHHHi8a2YTI=";
-    public static final String[] TEST_23_DATA = new String[] {
-        Intermediate_Certificate_IC_02_01_crt,
-        Intermediate_CRL_IC_02_01_crl,
-        End_Certificate_IC_02_01_crt
-    };
-
-    /*  
-     *  test24
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_IC_02_02_crt = 
-        "MIIClTCCAf6gAwIBAgIBLzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjAyLjAyMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDoeA32BPwgq8pLJoR/tbOSjHtAz6fmzvzJrhJMvl64" +
-        "ccVuIzGxzOneYsO/ZYWy3ZGtlCoMZJRnS83tw0ikU9vQUwBw7DEcfRlLKYkY68rp25N1V5" +
-        "JEjnlHw+RvubdGkonWzUNJFbY1GA24J3no2GZHiLPgWmGb1jsA8Ag32MUrCQIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIKx4Ybzu2PaYwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
-        "hvcNAQEFBQADgYEAotGeNFzmktvcxpCRcpuARHkv1lW+LegvbDBnSPvGnr1+Cn9rZcuLup" +
-        "u8ex6VJ7KWtgWBtzdOelerO6ytfWQ67uNpTOuc0SDdk/f3tCagdx44LBVQywuq/Kj57ZuN" +
-        "jpe4J8UPZSBFFK+P3gTX3S/lIKsDi6xjRnqFLSQYGX2XiIE=";
-    public static final String Intermediate_CRL_IC_02_02_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1JQy4wMi4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIKx4Ybzu2PaYwDQYJKoZIhvcNAQEFBQADgYEAOfuX" +
-        "wRv4skbPZAbOH/LVXdc/cA7vCSTAnWecN3ZKm/eCsxbyRxqn7fcDyHmqg5H3Ac5UOlMHR4" +
-        "FMe0Dp+Yu4Xg8xg3zRvE/3M/5jyRILGGi7olh4ikkOMD+UlreysvYvUX2MVP1iM9qAkXh8" +
-        "E8n/LZIlABN2GGkFEMRMJA6KTXg=";
-    public static final String End_Certificate_IC_02_02_crt = 
-        "MIIChjCCAe+gAwIBAgIBMDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1JQy4wMi4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDIuMDIwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKogqWGx9EpJ/0G7ORopyIQ4IZXYKKTE48WqOJbu" +
-        "nLD3txGjMUb5Xefl/QyTfd6J758ddGzPiKs1zWO6riffJLIBoOFDmt8tchPBJuIM3gKgXe" +
-        "VcZMyF5mebm5/GZekMOjbs8P/zbLdrlu1D9CZWZMXONYitdluSg2moMGbewS2NAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QIP8N7OmNGshEwEwYDVR0jBAwwCoAIKx4Ybzu2PaYwDQYJKoZIhvcNAQEFBQADgYEAwkpF" +
-        "j6Kv+OcKrUtOgnH9QddB0Ej0oU6B5/5Hhhf3liAPKtllDHnhUj6nqfh4APNq/iqYFOkKMR" +
-        "RUZoaj6kakJNSOlgvRIiQfuFIgv3CqLZnhr85YFRnKgoluZE1pq3TvunoiKyJbCjbmyCos" +
-        "Rd32gVcJq024xvY2eVBTl6tfn5A=";
-    public static final String[] TEST_24_DATA = new String[] {
-        Intermediate_Certificate_IC_02_02_crt,
-        Intermediate_CRL_IC_02_02_crl,
-        End_Certificate_IC_02_02_crt
-    };
-
-    /*  
-     *  test25
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_IC_02_03_crt = 
-        "MIICjzCCAfigAwIBAgIBMTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjAyLjAzMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQC7LFt+yGItQFqSEPi03ICIr5ydWnFPQHZdEMNu2tRU" +
-        "3XiOpfam1wl0xgAPGBkQK768OfidpP/i1hgYOU/isOB5dyALscvIQ9XJG1OWQXBBLgKuCb" +
-        "MS5fuDhBNa4KiFuGMbJ3/UjluRsD9qaXwGUavc436JwbRHvW8FomaBYYY1hQIDAQABo10w" +
-        "WzAJBgNVHRMEAjAAMA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSAFlAwEwAT" +
-        "ARBgNVHQ4ECgQIPsBg9tMABhAwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcNAQEF" +
-        "BQADgYEANZcayTTX+FGhtRUJ+XuYA7jR14CJL6qTHPvdSMgHNw9mGXI/7sO5I4v1vayOCI" +
-        "YQ9luBvrTYlMPmuej8+bhM8YTYpiiOjVFANwvSKArI9U2CAGBcoBMXydykkm8qYw4gtYQT" +
-        "neiOz7VqI9plLWA111IRMgayD3CAt4Ntpzd1VSE=";
-    public static final String Intermediate_CRL_IC_02_03_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1JQy4wMi4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIPsBg9tMABhAwDQYJKoZIhvcNAQEFBQADgYEAVeQi" +
-        "tT1FRUaJlhfpkfjZr6VHmvGnqYapdo4DRT/pm8tsp1LbZZXpYW638ztwgZNgeBRPFlcb+x" +
-        "8naQjEkoaYzLbCYfdY+PPVDv7ym15PE48Kve8ImvANY0YnTGS8pcKdK1dpNKBnYYMOG9JN" +
-        "+H5K/4cSm/WMCKIuKdsiAWFYauE=";
-    public static final String End_Certificate_IC_02_03_crt = 
-        "MIIChjCCAe+gAwIBAgIBMjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1JQy4wMi4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDIuMDMwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALGbo9yEujZ9RFU+Vmxb5+Rx1VdIG/3E/5hXV/xI" +
-        "OFu4mEfYh2tBhP2qIMH2KbrR1tiW5t4DvTCBM3NKKqp75wpiuu7E3q6imt1pLbGW13NVL+" +
-        "81gYWXnCnzHpxYjMTIqqCkPIAeOG+SBJ1MgERbL+NBl+AK3WG4TeQ8vw7r2CGrAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QIS/HbII+ki/kwEwYDVR0jBAwwCoAIPsBg9tMABhAwDQYJKoZIhvcNAQEFBQADgYEAWHy4" +
-        "sHrTkqY1XjDBY5XpNEyhP6htcnjYD9bos4wjxPlJUyxdIWACWrLDE+R5iRCOYsh/nDAJEt" +
-        "CUcVASukvP6VLJaFjyxUOaCp6JCVV+txk7Fh0S/Ur3Zyysfp5LllP1plOA3N/k1Hliljp0" +
-        "+bnSiDhA1+3hJh0gDMjWUdRq9yM=";
-    public static final String[] TEST_25_DATA = new String[] {
-        Intermediate_Certificate_IC_02_03_crt,
-        Intermediate_CRL_IC_02_03_crl,
-        End_Certificate_IC_02_03_crt
-    };
-
-    /*  
-     *  test26
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_IC_02_04_crt = 
-        "MIICkjCCAfugAwIBAgIBMzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjAyLjA0MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDf5u5ouGQlQmdNfc4ell3RXKWmtq+ar9VKMme3kp8D" +
-        "cbDbUaVwlvhWTkOKxb9I208wfGG2nQiArezIwutlASf7sWo16EPapmGdCF+rp1dpjAPBUu" +
-        "fruEyCZ8nu2ITD52wuPY9OAcKHQE2/bBpCJWkw97fYX6Q9PPW5uobWoUJtOwIDAQABo2Aw" +
-        "XjAMBgNVHRMEBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSAFlAw" +
-        "EwATARBgNVHQ4ECgQIjDm8K5YcGakwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcN" +
-        "AQEFBQADgYEAEQIJeZj/HE3HvjjJV7PdU+2Ze8OeCYeeWDocxrA647xpeOksVXBXKmq2OV" +
-        "NqoFk7YNtlSUqiS2TlqjGqLtKYetk7a17qS/8EIQct+H5KWdvkLkYMkfIAAMJvJZHPGxEv" +
-        "j+oVPAi9FITRbFdN8Jvdo9MAuU2q8d2x8MF236RmEds=";
-    public static final String Intermediate_CRL_IC_02_04_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1JQy4wMi4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIjDm8K5YcGakwDQYJKoZIhvcNAQEFBQADgYEAV5bX" +
-        "7WsT8sWeA0iQ7V/+ZQESDzvyHA7Ziju0iRsvTL7qOVF/Nl5v+zND+ZNPhdJDKEM/Q0lEaA" +
-        "ybe0E73NMmM1qRX1daAwE++jHukF9TMeNl750HJaS667H6jcjeRrHUJDD0+AgqrZY52dL6" +
-        "CPM3V4QSvdfc1/xtKmNIZWSSoqY=";
-    public static final String End_Certificate_IC_02_04_crt = 
-        "MIIChjCCAe+gAwIBAgIBNDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1JQy4wMi4wNDAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDIuMDQwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMW45d5dPrzUJbuRIDeQ5gIJRYxi80PxPvxSmJe8" +
-        "ScG1A+l75SAtgLGWAxBqxPSzL+teBBUsnmf2Xsc8/qQHHev74uat0lxq9YrZ3npLW2YNo2" +
-        "CfxLK0M7F1/bhkHK2f9ttIvOrrKI67BeEjfACULdJEhl431uWINWV0pY+fHq+pAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QII61NnUvgvjYwEwYDVR0jBAwwCoAIjDm8K5YcGakwDQYJKoZIhvcNAQEFBQADgYEAjwgL" +
-        "6qMnnqUvNspsDaYpPQzTCqXkqshZhsy5G/nLk621H/YbNGlnZ6asHGljYVYMzjmcny16y6" +
-        "ntiv9QPB7YorAx27WT7pQPFla96s+nM/rfwWHPWI6QGDsquPriwJm/MwQC+1oDXEFKvdIL" +
-        "0urejfd5hgiXYbRRwMI7km97iHg=";
-    public static final String[] TEST_26_DATA = new String[] {
-        Intermediate_Certificate_IC_02_04_crt,
-        Intermediate_CRL_IC_02_04_crl,
-        End_Certificate_IC_02_04_crt
-    };
-
-    /*  
-     *  test27
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_IC_04_01_crt = 
-        "MIICjzCCAfigAwIBAgIBNTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjA0LjAxMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDBtNwpr9LZBF2LRtAp9Tb1FZnfM3b/Jv2sdO5zc/Bk" +
-        "sO4ByUgY+Mux9dEvFrkVWBK110TvXn+dj+85TuboILv4MDKlu+tI/rtuadXGwwDIg8TQnz" +
-        "uyC7LWhxM5JZs1/Is+sPKUY4PTCHs3+EHPBWf2tFiP3l6ZftkySEiL6+2LSQIDAQABo10w" +
-        "WzAMBgNVHRMEBTADAQH/MAsGA1UdDwQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSAFlAwEwAT" +
-        "ARBgNVHQ4ECgQIbMuZ73onuZswEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcNAQEF" +
-        "BQADgYEAhaTSc2xafdP/QceMm9YJ/rZJ5gTgBR/SlmKQwd2BclHabG+Fozdg4delDjtRXS" +
-        "FKY3sFWBFZHVeprh4T93Oj6IVA5X4DIuUeBpprtS+psCnWZxdtcUWmbyYQwZNCifG5C5D0" +
-        "lRwxlMlv40xT2oCM1zPZpfmqemBDUPJ2OhkCjvo=";
-    public static final String Intermediate_CRL_IC_04_01_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1JQy4wNC4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIbMuZ73onuZswDQYJKoZIhvcNAQEFBQADgYEAMk6D" +
-        "Rztz1AyFnFr1KAlbjLLwxtQplf2eIc//zUkDFVUHtX5TrEC/ijUaItjdkOoPGQfpnL0w8x" +
-        "wyqWndMh593QPCqIJTtv/iACoiJNZ90ZJS0adcdZ+AEmQpa0Zv0e1JOqRrPoAfTq4HrOfR" +
-        "vhBwhvKQNtTExupW/EBudznKC6Q=";
-    public static final String End_Certificate_IC_04_01_crt = 
-        "MIIChjCCAe+gAwIBAgIBNjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1JQy4wNC4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDQuMDEwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM2dGkraKGdIi6EXxAu6/ekMqDloX5YSVBGh4Hp2" +
-        "faujr1u4j8Lp8afqjngRxFUpTqGbqH0ETgm4cVPXmc9rUvUzYTMdxTUmIZ+iW+ULZEvzNB" +
-        "712kxRPCD2kDFN2fH2ai8miXr434w+weLm8VQN4jJGo4nswhSs2w1gsUmWyn/ZAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QITsLx/sO1edwwEwYDVR0jBAwwCoAIbMuZ73onuZswDQYJKoZIhvcNAQEFBQADgYEAeKft" +
-        "0RM8/b3zQodaKrTdWiFyLg5fzoOsTecSfdFPXoqz9J5ejLVkvJevSmfXJrIUhKXySzsQi+" +
-        "GazuTh/hvWjwUTIvmupi+EiFudnMpXCro8bgi48+NkepNjXvjsSmOfzlrK3SxtpH5dqonL" +
-        "6LHjGyg+Xp0Nor1m5g1rLHyrcEk=";
-    public static final String[] TEST_27_DATA = new String[] {
-        Intermediate_Certificate_IC_04_01_crt,
-        Intermediate_CRL_IC_04_01_crl,
-        End_Certificate_IC_04_01_crt
-    };
-
-    /*  
-     *  test28
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_IC_05_01_crt = 
-        "MIIClTCCAf6gAwIBAgIBNzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjA1LjAxMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDM3aWmgX3OzAaBg6lnWjpFQ9ufeTOia3+lIUqn+Ypf" +
-        "5OH/s9dLRqg1ZynV3YIUyzaJPP/YlUEmrhheJn3Bjw25bHeIKdge73pfEbuBAugbUMS75D" +
-        "csBV7Ze9D+sVw8w/LtT3ZPcvM3Vju4d+c14Ip/8pC15jlgQPhwVQSf0x3V2QIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBAjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIJ2DFtxoQnXkwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
-        "hvcNAQEFBQADgYEASvdcfBOh2d1dC10pGLZLI3T+oSPCup/U9riynIR3RxZsIaS/+Q2s81" +
-        "oeg++WQV6pyYvCLneZIp0efvqh5DThNV9lhBcJjlYwm/T8Hi2IaRGsSMwIvzrFN7zxA/zu" +
-        "tW98wigAKM2myk/nlYxmholgbQkQ7ZxYM3lD1TDRl69N66Q=";
-    public static final String Intermediate_CRL_IC_05_01_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1JQy4wNS4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIJ2DFtxoQnXkwDQYJKoZIhvcNAQEFBQADgYEAK7Ym" +
-        "Y9PjX5CpVewe2E9PNxj3dLYElghaQyapYoVtNq3jDqLMWspdmHdNdeaQoXsjlSJe0Zy8xH" +
-        "ZvpimwifnFZ5hq4yByzHjzNMpcA2yFtg2MtPWGEia+BmaZYZi3X0lR+OShKpNLFc4CfVM/" +
-        "aWG6W2BulHjIAThZhTg3uRekDzs=";
-    public static final String End_Certificate_IC_05_01_crt = 
-        "MIIChjCCAe+gAwIBAgIBODANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1JQy4wNS4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDUuMDEwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALlcUtceuxDznvI3pVM7YddPcBOrNvrOtpuLOa1L" +
-        "Lj9LeNH6+8CzRZnMsUtt+bRGqCKMEJLUIIstWwGg4SskXWk2m+nDKm5Ai6Kyx4nldpgtgQ" +
-        "xZSEwNcwRhpy7TtmLkxDVM9DoTbIbK0dZ7aWw4bXVHPK/lnOMtOaJbFDq0sLfxAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QIiXgrRBVcDf0wEwYDVR0jBAwwCoAIJ2DFtxoQnXkwDQYJKoZIhvcNAQEFBQADgYEAhyO6" +
-        "SP6brWDDKZwdQGULno4Om5+DuilJKamyEcvSqE666z1KhvOCdLicqwVa6tQiAL6akrt5Kv" +
-        "R+TT0xqHR4JGosGLGolvK4DLrMeD+PRK7m1a+nJl44luo5Mn48HrKI7jn7n8Lp9bNdCHvr" +
-        "NHaQksCIR/Q8xoucPa+8sCTVSj4=";
-    public static final String[] TEST_28_DATA = new String[] {
-        Intermediate_Certificate_IC_05_01_crt,
-        Intermediate_CRL_IC_05_01_crl,
-        End_Certificate_IC_05_01_crt
-    };
-
-    /*  
-     *  test29
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_IC_05_02_crt = 
-        "MIICkjCCAfugAwIBAgIBOTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjA1LjAyMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQCrtIYqo2Is8Cd6Ld+fyWC755oA6hQiiruooaR/6O4z" +
-        "ikyhOUztnHkOGMF5H4CKWafwwVrfFtqe7iop3N6AToEIpNlJLVy3cj14A/IASVYSSNFeHd" +
-        "O44Id1NWhPiKx3paPTWslMEdKQV9BlXb7gu8pQpvqTa/38hNQ9vdil/4QZbQIDAQABo2Aw" +
-        "XjAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBAjAWBgNVHSAEDzANMAsGCWCGSAFlAw" +
-        "EwATARBgNVHQ4ECgQI9P78RavuWW8wEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcN" +
-        "AQEFBQADgYEA0sAEmWBYSazUav6RtuNFtZgNrlQ2i5i138VzRHoF/kq/CxeR/lINQqgJhC" +
-        "ZlUnlslUuM86g8OQGlR8SS0Wsi0MdCQCtPCKA2hStlTx9MMux2IZAGoyHy6P95UE9qINHE" +
-        "fYZUYjO9rh96fzNyJ5Oy2kJdJWdhFXtSh3BSOe0ZD+Y=";
-    public static final String Intermediate_CRL_IC_05_02_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1JQy4wNS4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI9P78RavuWW8wDQYJKoZIhvcNAQEFBQADgYEAlPLh" +
-        "+CMqRcbLgUKEAL2UlSY5tjsF8At0hf000kec93TnBf7f1NKYVJ5eyeoh/WK4s+k4paAA5E" +
-        "/P2C8JMlGXNTrqKZXMy2zIlufE1ymXAZCKLOLC5ezXRSpwIsBWxko2nfw8Bz/mZO/bCSCT" +
-        "nDwkH8BJIbFV51vJFlyyOmZnCz4=";
-    public static final String End_Certificate_IC_05_02_crt = 
-        "MIIChjCCAe+gAwIBAgIBOjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1JQy4wNS4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDUuMDIwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMPsWBfT8HqaiLnoUCPAFniq502odL4uVqzOOxkx" +
-        "evZtjh7NaFlRjuYjTofdkj/IAgg7lkkBEW3auK47Td3TvqnHO401PqvOFNTlbhr5wDLmXS" +
-        "WWcR6XrvgYL3Z3wx15/z6eojcSgu07kdvKqzuLzcDs+noG8lbcruokX0A186pVAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QImgomUTkzwbEwEwYDVR0jBAwwCoAI9P78RavuWW8wDQYJKoZIhvcNAQEFBQADgYEATAEq" +
-        "YVV0iYdYomPqxbTapSCJFAMQO/WZhN9brCXP88+jRfk6cAHzTodQOYTOAVe8YXa904505e" +
-        "RA11NNTViP3s/AseGWuqbWjsom9mbR+tVkvufGqPQtm1JhfLgR/68e29AI7tj7zIJyFVYD" +
-        "nLRXGwMGnosqSHDle+WYyfok6a8=";
-    public static final String[] TEST_29_DATA = new String[] {
-        Intermediate_Certificate_IC_05_02_crt,
-        Intermediate_CRL_IC_05_02_crl,
-        End_Certificate_IC_05_02_crt
-    };
-
-    /*  
-     *  test30
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_IC_05_03_crt = 
-        "MIICkjCCAfugAwIBAgIBOzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjA1LjAzMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQCajRjoRNL9HFTytLLx7C8WYouW0uONGsrtGS5tKMiW" +
-        "oLlQUkohqB2a2PhA1InNGQqnbDtNdqKbR1k6EzD6MyegvXK1sXs0ZE8gt0LZYio7Xp3k+Q" +
-        "7i4Rk5iTruAUrV8bFMYmeIXHXL/9rl5LQV8YRp/Ut3Bg3VECzfhQG4EavMlwIDAQABo2Aw" +
-        "XjAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSAFlAw" +
-        "EwATARBgNVHQ4ECgQI9041oiwvHsgwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcN" +
-        "AQEFBQADgYEAYwGYwLsA/kxYZG/RM+kvoH+mUebrBVZRBxjovYsYzNznD26fssjBFfiTmg" +
-        "zwZJfG7MZRsgDSRsS+bxuTlXMVeGRKH8fVj7PNq05sS18QZQOF0CCKzg9DLkCzkzkEWBxc" +
-        "5ersciPrL90UarOIPIJWUxQ/5sdMS/wZtYTU34rNNWE=";
-    public static final String Intermediate_CRL_IC_05_03_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1JQy4wNS4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI9041oiwvHsgwDQYJKoZIhvcNAQEFBQADgYEAJHTp" +
-        "k+RRsD0dUv59J1GQMWjQTjVz39Xaonx2sk38WHcrHBB78L0W6Skjvt082PwZg32sb7FQBt" +
-        "boAQ3PIKpXMnFnkjnkyaFihrnMdfa0abCPtQhFl3yra+w+1a2RDjQBZOOdq3xlFcLi9unT" +
-        "YYome7eS93wchIvNWFpgwF5A5XY=";
-    public static final String End_Certificate_IC_05_03_crt = 
-        "MIIChjCCAe+gAwIBAgIBPDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1JQy4wNS4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDUuMDMwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMYxdSZq7qRBdPOz6H+l0GGAtymAWTshfZZCubHK" +
-        "lQjbVq98qudORfhCOZgOy83j/mo2KAecBhxaxB9YA5ggWNAgaKtFvknvjFemtBCZwt6cVK" +
-        "8LCyUGKzStwAV1+HSDlHxdWo7pRwP0beXFvFECrX418osGt6E/v7Cz++ZtvaDhAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QIgTuCLfTVa+QwEwYDVR0jBAwwCoAI9041oiwvHsgwDQYJKoZIhvcNAQEFBQADgYEAQRuC" +
-        "rAx9zzu9QwOq9weNit9PNgFHBpo3Gh9jPVYGJjOQxeSqqou503xi82H3W30FT/3ESCO7IF" +
-        "hfpr/uQZVEmUQnvDsVwbKvED1QF9qkTp6ILk38ITJJgfb+sdSL3bsUeNqVXd0C9wzVoErc" +
-        "OuoCulwkZzfoIOlO2YAjAnR1nUc=";
-    public static final String[] TEST_30_DATA = new String[] {
-        Intermediate_Certificate_IC_05_03_crt,
-        Intermediate_CRL_IC_05_03_crl,
-        End_Certificate_IC_05_03_crt
-    };
-
-    /*  
-     *  test31
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_IC_06_01_crt = 
-        "MIIClTCCAf6gAwIBAgIBPTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjA2LjAxMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDmutL9PY/BLXvXMEDQLQnWE7dCOsrLNvJiuSjDdznF" +
-        "vBz6WS/RqUr9zsDFknpOWB3Epo2syV4ZFto+v4VWNo61uaClIEsw5x1y0saG19px34KVpQ" +
-        "wkpvLeRZySdCydKdE1rptYR/JbHvPo5TU4mxOo6L7JeEwAvjSI4tK4rwJ4MwIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwICBDAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQI1BB9j6Jyny4wEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
-        "hvcNAQEFBQADgYEAajWMbY8zL8jS2VUjCPBMuIjUvBfy55+92EXg5pZnyNNwN1diZfJFiB" +
-        "rrPWEg3Fa4NMLgaDKWZsYkOcDDo8I+Qb9FsU9LphCzQ1ubIEuxu6KPX9X29BscFOxUnZCz" +
-        "yuzVfadACxi5Y7Bz5pN5LfC/jEb2iXjkdN5Rm8AqT81syIo=";
-    public static final String Intermediate_CRL_IC_06_01_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1JQy4wNi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI1BB9j6Jyny4wDQYJKoZIhvcNAQEFBQADgYEAxH4/" +
-        "mgACT847PyufmF1nob9TSqBj+cM5ye2bgv83gTVd3B1Gopr75Tnu4iP10d0PpSXjySWCjB" +
-        "0HPJ7BdxzkKxSrcM5vcb/jLdk9PqMUS30ohexsx1xK+E38pDJdLX4kbJ3E62AgyXm9WQlD" +
-        "9xsDk7TMXwuxHT4fX070HL6lWGI=";
-    public static final String End_Certificate_IC_06_01_crt = 
-        "MIIChjCCAe+gAwIBAgIBPjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1JQy4wNi4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDYuMDEwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAO1VOl25MTf068LOgzmQOmyh8MXunBrQ4t6UYuEj" +
-        "H7v+owR9JTDXpfzLPcYfkR+BH2jjISSHIJsUDesKVhpmhABNXcOI5tiRNkeDlV2zKCBXKC" +
-        "wFi5qkhrE8FUCP0hL8YzbybOrYZYSVEP8GgIgMSQcTvhN/Tor0o1jdJvRLmevXAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QIFJA9XGd9UZUwEwYDVR0jBAwwCoAI1BB9j6Jyny4wDQYJKoZIhvcNAQEFBQADgYEApRQC" +
-        "OTU9cp16BHM2n0TdZThgj9kSAQ4wHk/dKNOjYNEWu6n/GQ0alxy1dyRzpsr058FOvft23Z" +
-        "Kp0YhdKG/7F1hkcoNvC2yN+Re44n7S+F/jcEPTWnOX6h1Nkw8OS7Uz2fZ8t61iHjqjX4sv" +
-        "M/cKP+AkC8g7p2tfdkP1fQ6ww5E=";
-    public static final String[] TEST_31_DATA = new String[] {
-        Intermediate_Certificate_IC_06_01_crt,
-        Intermediate_CRL_IC_06_01_crl,
-        End_Certificate_IC_06_01_crt
-    };
-
-    /*  
-     *  test32
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_IC_06_02_crt = 
-        "MIICkjCCAfugAwIBAgIBPzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjA2LjAyMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQC0JoTnPaI/HT2eAqCW1204nRNjcA8EQSp87tvHLpWy" +
-        "5aafmxeJxvk5V9Ba7Ye8eY8yX9losbNUpHJFNdE46fD5qp/oS7Cn3NXA0dwIDQEn1X9vaz" +
-        "nqtZtMjt1S/yGv2xDOb2LKT9zRrqSvxGszCHFUBcJ4HDFJMAdhXPUZiLyXVQIDAQABo2Aw" +
-        "XjAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwICBDAWBgNVHSAEDzANMAsGCWCGSAFlAw" +
-        "EwATARBgNVHQ4ECgQI7j2LO1CcsE4wEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcN" +
-        "AQEFBQADgYEAfXIh0oYlM2pagAWzTuYqTl0NavtfqibPgolvhgIG/XmmjswHOg/JVCLb7O" +
-        "jIYtEG2MAD0xQXwu0mc9Deufed2embP/wc0qVG7rj7lxUq6p0aMQJNndBw4m9KlSnjdzyG" +
-        "lwE9pNd2BgEeD516J2k7dspCZHDw3qLer4i2JYoCo2Y=";
-    public static final String Intermediate_CRL_IC_06_02_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1JQy4wNi4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI7j2LO1CcsE4wDQYJKoZIhvcNAQEFBQADgYEAJej7" +
-        "23qVtwkcvCTPb6afTosYMnVppPXWbtvqn0N5mAFHQfE27x1YPOXOQHBrpQuTyiUdUmPXiH" +
-        "xMKbuR5o2lfdQgew9hbYVk6GegSu+DBC1JKv2YSTgzgRAlJfyByDZ7mbJwZWHVHys08oGk" +
-        "adG6zstavg5EkEeRuAp47T+7cZc=";
-    public static final String End_Certificate_IC_06_02_crt = 
-        "MIIChjCCAe+gAwIBAgIBQDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1JQy4wNi4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDYuMDIwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMkIzl9+NRTZf/xaA8noiHRt65Zo6Zp57YvCKUe+" +
-        "YfoC8koMq12MBgrc0IyIfJoqEDEMfD1WbitZdGZMQZ7D9BP2Bk09NXLEAAuj+waFhYk0bW" +
-        "vHBH90O7HpMGmxwHmzOjDV3JHYsU8hq77/5gRFDNRkSCJe2A1Maj8Gcqi6tYf5AgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QIYDfThEjNL28wEwYDVR0jBAwwCoAI7j2LO1CcsE4wDQYJKoZIhvcNAQEFBQADgYEAJiHT" +
-        "CjLGZK5Lyw+7ICDHs3eS1OGJH/wfsLcBP5sLER41qJfrXGTl2XdKvBMIpriUmJYzjkjof4" +
-        "bvS/VPDNlhI9AJadicW8LM4L3qpy7/YV4Dd/C/BJphJ6cZcT+hjaRKeC7gQVjMeC/npu/p" +
-        "jLgIgzf7HC4WYnaS3h9oYl0cMJk=";
-    public static final String[] TEST_32_DATA = new String[] {
-        Intermediate_Certificate_IC_06_02_crt,
-        Intermediate_CRL_IC_06_02_crl,
-        End_Certificate_IC_06_02_crt
-    };
-
-    /*  
-     *  test33
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_IC_06_03_crt = 
-        "MIICkjCCAfugAwIBAgIBQTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLUlDLjA2LjAzMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQCuUtIYFbVjg8VLLUqIEQ6r7hjTaqYVs8DJnJPHUWPA" +
-        "JW9HEIV+d6hj/so76Bff4KJRX7MgoXbvq4ivmn8656N7YSGk9GPuJ25SXK7RJyoqzG/x2R" +
-        "AVUCx/wG99VXVDZhd5ZAVBG2JCkHImsWAei6/Tz8UgXmmLBM8rZNJ/hNtTBwIDAQABo2Aw" +
-        "XjAPBgNVHRMBAf8EBTADAQH/MAsGA1UdDwQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSAFlAw" +
-        "EwATARBgNVHQ4ECgQIpwUlwG1W+sMwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcN" +
-        "AQEFBQADgYEAqJhUfgar10fl5qG+oH34s/JS3ku0dRm4cTQvqUNOWA9ALnBhSkmOpoMMzH" +
-        "sE9FXXcZ072a8/ecpviP04X5mt5QSLreh3hPVvgWv1LiZ9YkS4Z2kcr+3Gx7zj4gQgT5vG" +
-        "QPpbIBAtBRH5xNHIYQsk6kOe2+t7b0Q82Wnj8UoznmQ=";
-    public static final String Intermediate_CRL_IC_06_03_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1JQy4wNi4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIpwUlwG1W+sMwDQYJKoZIhvcNAQEFBQADgYEAKCp7" +
-        "ViY1cajXpbjCIqe8yo/98SQRIxoTNgp7EUaaV17FeHZ59nJhRtsF1XnLP4cK0lPBkKFhHK" +
-        "2XyDEWx2hK3X7Z3lSAtn12WFJHOP5T5i0DmYfMJYAFbuPD0JQEWCM3aYsgbXKbbFH1BURh" +
-        "L/uy3arVBP4FaJB8gH678K4J1p4=";
-    public static final String End_Certificate_IC_06_03_crt = 
-        "MIIChjCCAe+gAwIBAgIBQjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1JQy4wNi4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtSUMuMDYuMDMwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALZw+GpvdleGlmdqZ/zEO2DUGhwgrsselBUNnEzR" +
-        "bcuzr5O1WwiG6aLjrPxIXeL1wLS1/u9AD9p3CQU0XFhi+bEI9+LLnt2y3707O+AQxy1PnQ" +
-        "6qmYE4jMwqDGHn8WVanN2joFT3isLH5wJD0Jh74eoG0tqCHUyOiXaZNo78qgB3AgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QIJOeyCnvfJtAwEwYDVR0jBAwwCoAIpwUlwG1W+sMwDQYJKoZIhvcNAQEFBQADgYEAJbz1" +
-        "RipbW6uu7B+f2Ol1iq4AVOUuET2S9vi9ojReyAIka3q1XUceZCm5Et0KqpOoOLiu8IRuNB" +
-        "bvKwRcZ4hcVEXv5bRMqaPEK2B0VrRAV/Llj5A+RGn6yc1ZdkJeBRhoSsaHn5whfICaiJX6" +
-        "j3lMpo/CiMRViL+gZLU3SdKqvdY=";
-    public static final String[] TEST_33_DATA = new String[] {
-        Intermediate_Certificate_IC_06_03_crt,
-        Intermediate_CRL_IC_06_03_crl,
-        End_Certificate_IC_06_03_crt
-    };
-
-    /*  
-     *  test34
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_PP_01_01_crt = 
-        "MIIClTCCAf6gAwIBAgIBQzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjAxLjAxMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDRkBhJJVgOXHjydAHAnokd/XfEiW+bnWd2ZPJrMBmP" +
-        "7TlvVpxOGqLd6lGdbelbSyAzut1i8lyYn9NSDR0PcyehCSS+MsKS2uNKsTEuH3mlMK/7C5" +
-        "B1qggKqE8f7opyl9+U+Qyi1WQj01gY6XYXaCxksCB0Oqx2737d7QWMvl15dQIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIO1U69B4DBHQwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
-        "hvcNAQEFBQADgYEAcHWV4Q4z7C+IC4bWgIf1+BzkszCN+LSb4JquR7GgICESbwF2JzR+xL" +
-        "7yoKvB/NBcCqtMY4Hi1DHACbIGJwRe68vVHzz4CmYEK50UUCbAtiAiy9Od6wwrTyFyacBd" +
-        "CBjiO6mkFEp6jOsoIgXRfxK4kDNcMkGUUwMbSR/wZKFuImc=";
-    public static final String Intermediate_CRL_PP_01_01_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QUC4wMS4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIO1U69B4DBHQwDQYJKoZIhvcNAQEFBQADgYEAHtbX" +
-        "MUofQlCnbJhgLQw96jsBRu0Kdx/Rk4LWxEbZQOWNaD7aukASjEv63d1qZIDgpefuUNTz5s" +
-        "3eascdtI6iyWFtBO3r6tihtkkSbxocN2Rz7OlR4rW9VwuUirxP0145nMd5CEL03/CNABP5" +
-        "zUo1bNgswHW3z/RaH6h0j0yTkbo=";
-    public static final String End_Certificate_PP_01_01_crt = 
-        "MIIChjCCAe+gAwIBAgIBRDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1QUC4wMS4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDEuMDEwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALQaTS1wvv551g3BP9JYBMM+KXXLzxtOwPlO5NR4" +
-        "LwuJJB2WuO4vmbn8AG35in/0JqwjZeroLQvbCPxZseXsyA0+7cMO0qcjRJ5l5WdFsahT6g" +
-        "z1YW8pYYY5i2eDUkIRsM7roHMiNjt3zpkuUGX0xZQfAxhuWnRIvlGg5J4r7UOdAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QIeyLSANVaTpQwEwYDVR0jBAwwCoAIO1U69B4DBHQwDQYJKoZIhvcNAQEFBQADgYEAvZ4a" +
-        "SQMNl+Q++D9yVaGr+37XJyxs4yow5e5YM9LXn1qBASQ+GNfqPWoe2cPCPYKj32yulxyFEu" +
-        "RHrbhpEQe+nrKWJgO9W1bmfwgQDin29ne/JCQPlznhd3EPFvCkmPLnTyJmSLR6B2VxvndM" +
-        "GO8JEbj3KCf51uf3VnC/Qj11mX8=";
-    public static final String[] TEST_34_DATA = new String[] {
-        Intermediate_Certificate_PP_01_01_crt,
-        Intermediate_CRL_PP_01_01_crl,
-        End_Certificate_PP_01_01_crt
-    };
-
-    /*  
-     *  test35
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_PP_01_02_crt = 
-        "MIICfTCCAeagAwIBAgIBRTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjAxLjAyMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQCkQQXRO+dnU2v7EbaqQNmfPD8v0s5Wa50hl9M1Gfr5" +
-        "5nuVUZs/RI//1VksTNrW10MVh11nsxpA/XRPntEIbHiH1OoECd4dnZBiA/2xEueM02fTjj" +
-        "fb/t7g+pr9dSU/TzCVZDVWFBcPn4VNz7BBqIrTAOXaJkyBZ8hh7vyiE1Y2VQIDAQABo0sw" +
-        "STAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjARBgNVHQ4ECgQIoTKVlZ8YCR" +
-        "AwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcNAQEFBQADgYEADhtnd6ifr6kyfC5D" +
-        "UWuAXLtoccMj8Jaur/1YT1DgnH1XbBsEeZwm9Jkzr1a3cXPIHgaHYgXvBeGUtZ3XhbCSGp" +
-        "8U6clJz3lm3qKPKkb5rdDrpdTaPnEJJjS3C4ZK1L7UZtQga2Enlelm5vIkhjsF3Sexe1kY" +
-        "mzqiLZZ8yLxJ/Tg=";
-    public static final String Intermediate_CRL_PP_01_02_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QUC4wMS4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIoTKVlZ8YCRAwDQYJKoZIhvcNAQEFBQADgYEAn94u" +
-        "sT8ZYNzfHIdnx0+fV0jglL0Kn1duz+ehKHow+RGqH+J9opMYuXVD+rVQnLdZl5LbFBcv+5" +
-        "TSP9WR9QtyoXar4/jmY2FFdBjfgO9w7p7OHD4WxblJmfPVOvrzFm/slZE39Oe5Qn4KlS03" +
-        "9tttEFTKDH3qREQbT6g4k4ExxYM=";
-    public static final String End_Certificate_PP_01_02_crt = 
-        "MIICbjCCAdegAwIBAgIBRjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1QUC4wMS4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDEuMDIwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBANBwkwTWdZ977UAx6CCpXc9T4MX9T3/Tt6LbtY9I" +
-        "eXxI9W15eXm/aqrKiXhULB+oF9/qNeUi2fAtrURZ7hgHbTaswr8CZ3Uwc6Rbkyj2GGiM6Z" +
-        "8sKFztYZfFyGBiNEwfTT0yaUUQ6etIFqPuL/6qLvqXmvNPxFb9gjTH/azs/MdNAgMBAAGj" +
-        "OjA4MA4GA1UdDwEB/wQEAwIF4DARBgNVHQ4ECgQIW1/BRCbe3c0wEwYDVR0jBAwwCoAIoT" +
-        "KVlZ8YCRAwDQYJKoZIhvcNAQEFBQADgYEAPJg24q7wCU8CVlxFLchoe7txhkzApkVMIJ9G" +
-        "+QTnraHDn0CZS6undCsJw8mrTNBQPHFn2Ixa5lrPfJvwW4Med1bcJKbwR4TveL1WeYYq6+" +
-        "9k1kS/7KmqyKAKC/s504jAc7qgMd4b08oLxbGVfFVjWG/ZMbO770FrsyRHHs2rTOU=";
-    public static final String[] TEST_35_DATA = new String[] {
-        Intermediate_Certificate_PP_01_02_crt,
-        Intermediate_CRL_PP_01_02_crl,
-        End_Certificate_PP_01_02_crt
-    };
-
-    /*  
-     *  test36
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_1_PP_01_03_crt = 
-        "MIIClTCCAf6gAwIBAgIBRzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjAxLjAzMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDL/XgMvoeszcAzZqMYnv1At5u83Gb/CEX3fv6O1jL4" +
-        "W3XbdvBNIZpuTwQhTH4Iofk9rIuQdkR7xOmbk4AqZINuas3Y1CPdzss7teraK0CNralNl1" +
-        "jPYK+ClDBHt32Iw3bAl7RqWX73hl3YH6/7cvG4XCo1HqeeFFHUGa7HXGXq9QIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwAjARBgNVHQ4ECgQITMu5Qbn1Cm4wEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
-        "hvcNAQEFBQADgYEAuCnzXbHg87PIYYRbCCiXKDKA3MOcEKuxpNaSbtm12DQWpnvzmaK5nB" +
-        "D/Ebko97CS7u9Tpwa7TmTyi39bYzY0dmVaotCDzfSTpzw6qHZl/w8riS+cKr0mimnjW1cq" +
-        "kGPyHf0zBBqh0liGbd7EOLIBln0ASrn8V+G4Tj0Q6aQVcko=";
-    public static final String Intermediate_Certificate_2_PP_01_03_crt = 
-        "MIIClTCCAf6gAwIBAgIBSDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1QUC4wMS4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjAxLjAzMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQCu1Fq+gBJsBf5EjKKtNIxgdtgPMObby7tKH7fTJxYE" +
-        "5LPyPi/IiWQ5Mi/8BCG3zmQhu9ZdBbpal350qCGVTbaMlnpi98D4WwXSw7e8oHIJIK689p" +
-        "Q6Z5cf8hgwPnwDpYLeEaqxwhd4bu0x1lG1fUISA0ZZIQaEeNSJfdh15IkAswIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQILRhQwULcyPYwEwYDVR0jBAwwCoAITMu5Qbn1Cm4wDQYJKoZI" +
-        "hvcNAQEFBQADgYEAlEVOqXcdeTU7wT0l+/BJhlG5iaAcanAsOaJFZsXPjLMSjhldQe11/z" +
-        "BsrrqjcpdctcmBarKO4MnwqVU9DN2RZ/v5Gps6OcPxj3T8wlrCGe4l6s9d1FncBMJ0RAUe" +
-        "QEn2JLkQW5JWRBQ00+RXJYFuIM6Ger2MipWj1oOciv9MMoc=";
-    public static final String Intermediate_CRL_1_PP_01_03_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QUC4wMS4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAITMu5Qbn1Cm4wDQYJKoZIhvcNAQEFBQADgYEAycux" +
-        "rzvy2IiYfFkTw7QgGuBhxIQPbSIbfudqyUumuviHJkIMZpPwYj2wltjyiRaozrDAWq8mlc" +
-        "PsFYNr2lUYN5Cj4BhNQCNZlyBw7LLdzRgza55zVjmYkHWedyZm3kPWe7Y0w8xc/XIvi3iC" +
-        "qlwV+X85cgHNJarx3GEYdb7Yos4=";
-    public static final String Intermediate_CRL_2_PP_01_03_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMi1QUC4wMS4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAILRhQwULcyPYwDQYJKoZIhvcNAQEFBQADgYEAbcjU" +
-        "+8l6pSik8PcuIzWndAg/w8uRfAgR5W9hPSXZChlx7uM+48wK98DGEXuTkJcbeclZia+Mpi" +
-        "J5u3qG1zhoL1aHr+RqyJrjiWKC4/rDBuiUk/ftU54mrYn0qev3aSjf/GLtpcC8kC3gpqD+" +
-        "20bvxLjBG3Vc9ZrxDvzfj8cD9K4=";
-    public static final String End_Certificate_PP_01_03_crt = 
-        "MIIChjCCAe+gAwIBAgIBSTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMi1QUC4wMS4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDEuMDMwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMO0l0+X6jfT8cY4DumtseTryyIJ7h+nraogXmYo" +
-        "uhFGvMUWEAZVGD4x9QTTVEL/UCqNfzpI//Pp/uZpDudSgOX0ZdAbykObqCAEO85msK+eie" +
-        "8baS1cW1XGjCuWDqNZko3Uo3c5lLPlRMbZ3hjvA1zmYh3prYnOh032GZAArVcVAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QIMh2aWvtm0mgwEwYDVR0jBAwwCoAILRhQwULcyPYwDQYJKoZIhvcNAQEFBQADgYEAigVE" +
-        "FlCgbgKLR9FWIiwnz1bZ0MKsfhytllCI+jGx0Q3o3CxCGXs9PvL6BPDdMOxNIT/oU2uG64" +
-        "EhZEjcZCnUknGx9OkkSSVq44P/pGuUx1g4Kx4i8gsJ/UPrPpYv/3heuMcKWCr92l33cxPT" +
-        "IU+kmAtqy0MBvBKL4p635+MSIVA=";
-    public static final String[] TEST_36_DATA = new String[] {
-        Intermediate_Certificate_1_PP_01_03_crt,
-        Intermediate_Certificate_2_PP_01_03_crt,
-        Intermediate_CRL_1_PP_01_03_crl,
-        Intermediate_CRL_2_PP_01_03_crl,
-        End_Certificate_PP_01_03_crt
-    };
-
-    /*  
-     *  test37
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_1_PP_01_04_crt = 
-        "MIIClTCCAf6gAwIBAgIBSjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjAxLjA0MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQC9gxMP8j4L+ISffY9wkislQ/V5sO9LzZOncYK93lZf" +
-        "HXJG1MPSQzFPNzDLSc2zsilA03v6q+zr4NRrRWwWGmB34NGM4aqkoxox/7ngTn0MIq5gZ2" +
-        "eOx0FbjA9W9DHEceVDS6kgs9lFcN2W+muCG2/fGqQUED9Fzl9JSM/tE8XAKwIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIgdUt9H4i6kwwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
-        "hvcNAQEFBQADgYEAxPe0vM0BvormJLF5HxkyFcTtoombfDGANoLoyj+PTWRD6z1/AcAx5K" +
-        "rn/0J1sZo13M2ezaZUABbbpNH9X0OS225IJF4mXNpfkYhsz/+jNPGjRpN2p0K+DhMSawUw" +
-        "QfGv2x6f31k6WCdy/769i1mwKP6Rpph2nkRyYW8MwO0N5HU=";
-    public static final String Intermediate_Certificate_2_PP_01_04_crt = 
-        "MIIClTCCAf6gAwIBAgIBSzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1QUC4wMS4wNDAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjAxLjA0MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQC7YCtN67S/ItOzaSGqTvfEE483HoQGiQZ0ob3+0beK" +
-        "kmbSGADBQVBKe/sLJEKddyV2Gl8S4x+cKaKBWUI8lMZViJwWqVnyAFd8ZiAB/BpXaKKgP5" +
-        "pFsg10Yo/EtsxGlLSTLurst0azNnFv7ca5Hb8te3T91eaI6y59IjbsRgilSQIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIGazrt+QRNCkwEwYDVR0jBAwwCoAIgdUt9H4i6kwwDQYJKoZI" +
-        "hvcNAQEFBQADgYEAUIz/MSc6K5eaIAg8skaAgm6rSPvcU/711b9G0qsIs6YqvEz4zhGi5X" +
-        "nalYYXfaSQzomuRuABNvuR1Ydaw/B9OdPMro0DhX8VpY6NzCL5Qj60/I4is5a+Hzgk82ck" +
-        "eAC3okPHbVMd7R9kdFsWNE3Capnv7rriqXO3vwFw8b9vXD4=";
-    public static final String Intermediate_CRL_1_PP_01_04_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QUC4wMS4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIgdUt9H4i6kwwDQYJKoZIhvcNAQEFBQADgYEAkR24" +
-        "ebKfvEhDA0C7sawukQbv/q8mjSS3CrhA/oqeb8bML1IlW8rjHSXuRU/n3oeyAZuxLCAQMU" +
-        "TPG6Vq4dOu8XC1RY74xIm8ps4mE0xB8/nI5kadHUSDPtUZhNzc8tv+z7fUGRaVGL7CBEpq" +
-        "ICyQKYytCwxyf4xu2Ip71Uy2tuo=";
-    public static final String Intermediate_CRL_2_PP_01_04_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMi1QUC4wMS4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIGazrt+QRNCkwDQYJKoZIhvcNAQEFBQADgYEAjpUo" +
-        "XSj0HX7Wm4w1FiRBBazInGOhSQX9VP2GcGb5lfr3GKt75Y+C+C9qd5X25DVkA4M1gPBK+u" +
-        "XjSMQoHAmFJychQG23rcGcuDJlzRMyfvPCF9dOGLFdmkuHSo5hQUyYsxnXV8cWLIkR1AUz" +
-        "PtUbTJL9g98R/OJFsCBiPi+By6w=";
-    public static final String End_Certificate_PP_01_04_crt = 
-        "MIIChjCCAe+gAwIBAgIBTDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMi1QUC4wMS4wNDAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDEuMDQwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOtf65MaydWM3bmMT8tAGCX8gZkx1JlgQyBlJT67" +
-        "2APIkfmKRFK/dBtSwwCVGHZG4JYBrrwMpzUPrkGKYI6ZVIvvPnPfadZns9i5SM5LZFS+a5" +
-        "JfbRnSJd8dXhZsKHxqkxIWwG6+VgnRKXE/Uc4m8TePQJZEOra5ezna5yhvqUwPAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwAjARBgNVHQ4ECg" +
-        "QI4iNoMjKiXMkwEwYDVR0jBAwwCoAIGazrt+QRNCkwDQYJKoZIhvcNAQEFBQADgYEAmOjp" +
-        "2EupE1AmgjGfiGK1fk9kf39yQXK1EDsyO6KLdWL/bmWeYi/G7ZE57/+yVVADJuHI8xVIDZ" +
-        "LAC0u5p35OLgbcmmA5bs52KWJJfa0nbgGpVaUSMg9SkEGS997OsgExWMvYhdFIKXlq4Rwc" +
-        "ca89Hg1GlXdrpfD2OCDNBvcWB5Y=";
-    public static final String[] TEST_37_DATA = new String[] {
-        Intermediate_Certificate_1_PP_01_04_crt,
-        Intermediate_Certificate_2_PP_01_04_crt,
-        Intermediate_CRL_1_PP_01_04_crl,
-        Intermediate_CRL_2_PP_01_04_crl,
-        End_Certificate_PP_01_04_crt
-    };
-
-    /*  
-     *  test38
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_1_PP_01_05_crt = 
-        "MIIClTCCAf6gAwIBAgIBTTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjAxLjA1MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDFzEEzV/yUEORIOufyqpZzKpYz5aPyBbcDf8AMMCM5" +
-        "tEz7j39cf1f227cbrTcAaUfYFwkrb07RU4bTS2X+U2Ak7Q5OROz5rrZBbsfwF3yHhwHxCg" +
-        "KLjbwz7D+OJdNfv7x2HRckwfMUkmP4cEuJIIPwj1ieBbsnUi9dkWZePwl80QIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIjsCjmszYCHMwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
-        "hvcNAQEFBQADgYEAWMUBdOdHMB/SV5kPUk+zut9g/1v/GyxyB60mq9jGqjrIsk4a9JRqa5" +
-        "MWju+6kVfSLelAOCR24EQsXnZM/5Qqg3Wb/SFJXWDcBnfWQWgh8UmJfmPhD7jViG5QVIxn" +
-        "iALNCYtz373L+IDECLMO6S3wcTPsHdYv14jl6BKtabwIpE4=";
-    public static final String Intermediate_Certificate_2_PP_01_05_crt = 
-        "MIIClTCCAf6gAwIBAgIBTjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1QUC4wMS4wNTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjAxLjA1MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQCZzdj+ixWCuxJGMjcoHUwSNqI9Wt9gYwXUTl+dWg/E" +
-        "lg2SPJP7lrBOibAhSmaTorhunUSEf2adhdxhuGrd5Ucp6G0oZAa6ZDWaID4rKYWsI7d5kv" +
-        "mrUhDEEdzk2s4PCoPiQm4dKwRg2rIvA5Dv+W1ldqSVSG376zVrQ5xdjDUX5QIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwAjARBgNVHQ4ECgQIUASviIKBmJgwEwYDVR0jBAwwCoAIjsCjmszYCHMwDQYJKoZI" +
-        "hvcNAQEFBQADgYEAa3c+0Drcq7iWP7K+gE6Mz/0ATQoiG87irXWfWBUGWtYnsh6K+1THMl" +
-        "ibmZjYhsztK1P5rm6qL6HAyw0PhrRE9imqZ16cgiMomh65BWQImOeiXx9YWIPvjXWsE6iV" +
-        "E31XShr9b9OZBA2+Zpydc3ID/SQzy9PiTAfL5yJiW/JZvFw=";
-    public static final String Intermediate_CRL_1_PP_01_05_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QUC4wMS4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIjsCjmszYCHMwDQYJKoZIhvcNAQEFBQADgYEAZIzN" +
-        "pXT89MplQgcXcA/K7YKlf62QCbw3rE+bUQiumJMlNGiVdaNJ8T66ObyoOWE+s+KN/Oetlu" +
-        "HglQ7r6RG68gHYtZZiO6kmxq+wor65dFGQyRggpD+D47yioEgR12wUUksL/8oBW1pfGW2B" +
-        "dR4sNWjzV5k5EWbLYu7wxj2/ubo=";
-    public static final String Intermediate_CRL_2_PP_01_05_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMi1QUC4wMS4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIUASviIKBmJgwDQYJKoZIhvcNAQEFBQADgYEAlZ06" +
-        "h2L/89GvCtU1K1VtbHPMN/LAUYJrWFID1Eo+Cf/5wKEGBr8hxRtvshTK436zqVQRQN/XTq" +
-        "7u0SLxvIixNRErlmUlGByi5vumN2OA77SxOyqYLCnBXTd5tWbFGz/udjaNk1MxOK0MQxPV" +
-        "9R+HHUUVojRnAIQvlcqx/sMzU5o=";
-    public static final String End_Certificate_PP_01_05_crt = 
-        "MIIChjCCAe+gAwIBAgIBTzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMi1QUC4wMS4wNTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDEuMDUwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALyBn2GKvoKNHcu3AEJRCbWOyUpCc/onvRoQgWRr" +
-        "wE7vMI7vjqnoR8mXdWDW5u9DFu9V5pb/yHBWn1zpgFGNnLrqn8irwR9i6Q+qlu4lXL5WSr" +
-        "DqBqEKxrOBDPgkVz8Ldjt/Hy57qEukBarvpAwTc4XEJPAmxNrboMeGCEn2UShbAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QIaV3Cd/83r08wEwYDVR0jBAwwCoAIUASviIKBmJgwDQYJKoZIhvcNAQEFBQADgYEAVJXz" +
-        "gooT1qd6rdehnLxJMf1HZ6JuqpyoQjzWF1jA3SkJmBDMXvAkMmIcQ7r5CZHaVF0iMQl5JW" +
-        "fxPtM9Bws6jZhVL0TkwJHmbnSvbzUkJYeXPCP7ags4bu5I32co1nFVF6wf3aQDZeLFj/TU" +
-        "1GCQ4rh80T5oknuazD4xXAYx9sE=";
-    public static final String[] TEST_38_DATA = new String[] {
-        Intermediate_Certificate_1_PP_01_05_crt,
-        Intermediate_Certificate_2_PP_01_05_crt,
-        Intermediate_CRL_1_PP_01_05_crl,
-        Intermediate_CRL_2_PP_01_05_crl,
-        End_Certificate_PP_01_05_crt
-    };
-
-    /*  
-     *  test39
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_1_PP_01_06_crt = 
-        "MIICvjCCAiegAwIBAgIBUDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjAxLjA2MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQCjeJAwaZ0cw6O76hu15XadwJiTsIJcXZxGAETq8H9p" +
-        "VJs7kJh57oLpO/lG8zG89QS9g1ozxaaGDWsSyXsDzv1eqDVZg3ISQu6XcKdDu8EwgQDY3S" +
-        "EGkJ2AidFue3l0kEwR9+rtsuVKd/P+ULF1hWcoyLB/sQD5z8GvIiDKyRBiFwIDAQABo4GL" +
-        "MIGIMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgEGMD0GA1UdIAQ2MDQwCwYJYI" +
-        "ZIAWUDATABMAsGCWCGSAFlAwEwAjALBglghkgBZQMBMAMwCwYJYIZIAWUDATAEMBEGA1Ud" +
-        "DgQKBAh9i6tKUsPTgTATBgNVHSMEDDAKgAirmuv5wudUjzANBgkqhkiG9w0BAQUFAAOBgQ" +
-        "B/Gxsb5lxSTN21CrjBp2aE+U1oTP2MpIFWUD1q8KWhZZF1iCQ7orcDVITqJPdPxDu1YwKk" +
-        "zOegc4YBSJzHZqF/W4Kw4wisMfnWLTsUAeP/Ucz4vXk5rsf7IRssFG6PLxVmtRZizoxl9a" +
-        "DO9abTM/jV8Mgi1IB6LdWgmtosBGBzbQ==";
-    public static final String Intermediate_Certificate_2_PP_01_06_crt = 
-        "MIICrzCCAhigAwIBAgIBUTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1QUC4wMS4wNjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjAxLjA2MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQC8DbqYUf437toWlRkOQA5PloqYQjWYpiR67yGSjQHp" +
-        "j/HlduTYFS4qfUbLCjH4qsNUH8yQDvogImQw5M1IQOsUAqO6mYFxjqUWccuOaHT6XfUaOs" +
-        "DDHr/tQUvhz3LJryaILiPlNcQF8QiYpujM1utVRyFpmUrMAlOvWUB93c/xUQIDAQABo30w" +
-        "ezAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAwBgNVHSAEKTAnMAsGCWCGSA" +
-        "FlAwEwATALBglghkgBZQMBMAIwCwYJYIZIAWUDATADMBEGA1UdDgQKBAgQxGVMTJml1TAT" +
-        "BgNVHSMEDDAKgAh9i6tKUsPTgTANBgkqhkiG9w0BAQUFAAOBgQALJtPqY5uROJ+2QYTekn" +
-        "fSUc0gC7j3/cngIvxGT385xDLTrd6TjYSi+12+vU7RNd3MIZoz1o7RpWQV6C751WtOFuZi" +
-        "iXeQ758aLqfhjYSVW/NHkO8vjrAMUzUbgjqb03k7q5JgtT6udB+9ySmou2/RxYW5p/IT17" +
-        "euMVGmQb/RFg==";
-    public static final String Intermediate_Certificate_3_PP_01_06_crt = 
-        "MIICojCCAgugAwIBAgIBUjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMi1QUC4wMS4wNjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EzLVBQLjAxLjA2MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQCsQqIx0ayxpIE8NduclvK1ubbNkXyvr0RDqnGOoyTj" +
-        "yMtnfnwRbclkFCNBdalZYofuTWP0reqvqGqsBj+RS3uazvDBqVmn0J0AGRiLILummgEFRJ" +
-        "ow8IB1hduDYJpDMrHRpfXpbG2H3fzN1XeX/B0hUZgdQ86GyK2qrmyIcyqZXwIDAQABo3Aw" +
-        "bjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAjBgNVHSAEHDAaMAsGCWCGSA" +
-        "FlAwEwATALBglghkgBZQMBMAIwEQYDVR0OBAoECNKJMmEWCA+jMBMGA1UdIwQMMAqACBDE" +
-        "ZUxMmaXVMA0GCSqGSIb3DQEBBQUAA4GBAKv9F3+Y4N8RX4bRZ4fFTKri2rrB4BsVrBFpOr" +
-        "SLzKnuyO1O5gg45d70pSHUAVBn3pz0f/6WwWLECq9tB7/Fphi0TyqeFmkRnysygZGlvLgs" +
-        "L19bpIgVPkjFFziMGuzdAFIGy8vnV19yJ2euMygEHr20yiGBUaHHnKyuOGbDg4i7";
-    public static final String Intermediate_CRL_1_PP_01_06_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QUC4wMS4wNhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIfYurSlLD04EwDQYJKoZIhvcNAQEFBQADgYEARL4u" +
-        "DZvfcQDYanTfwU/hWAJDdDO7m7oQZLy3o0PTqXkk2Jd2v3+M2U8UN2PcuqZXT1lwS/piiW" +
-        "Sc1x1YndD0qUtV4bOZ9SESPhCeOc1lQTk5mMf/zqFxQqYv8rfDB5O3QY4bjS7QQzSsvmal" +
-        "TGCnoHmUJ4skmZJrQAzYnXyD9G4=";
-    public static final String Intermediate_CRL_2_PP_01_06_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMi1QUC4wMS4wNhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIEMRlTEyZpdUwDQYJKoZIhvcNAQEFBQADgYEAcEyr" +
-        "sgLhVq0L6N5fww/U6TW4lqaVAEtjqxluWRyZnL3AJLEHfwh1lllCG5dNM5fahGDOW/53fV" +
-        "+gW5l92bsi2D/lAkDfNUdQdi5ZpQG9y2zhTArUlx9z1+KXklCi2Gg1X22gi+cYbK2hfzk6" +
-        "kNGP1v42bjrkF/ECczpy3e41rEg=";
-    public static final String Intermediate_CRL_3_PP_01_06_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMy1QUC4wMS4wNhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI0okyYRYID6MwDQYJKoZIhvcNAQEFBQADgYEAp3uQ" +
-        "Tn2HC65TFmSjzvjuStIJwJcVahNcTWiGdtfTalZrMtuC9vUgQq0K1QIa7QNC9C3hQlzb5e" +
-        "bO7JhJDs+5GZnnsqHN3pvdKEoueRfWBjUGpPnSGFD61ysf9aDFY2j9Amf3zcBFsXZs4+DM" +
-        "dIENndbjkwqCV4zRTajAqCsIy20=";
-    public static final String End_Certificate_PP_01_06_crt = 
-        "MIIClTCCAf6gAwIBAgIBUzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMy1QUC4wMS4wNjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0E0LVBQLjAxLjA2MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQC+IxiNJMOQG2gx1xd9ELNuzs9LrVJVRLvgP0lpWrx2" +
-        "2HTEXPDB6YmrEg/YgyptmQ5Z4K6CEgJz3EdDOarCSGcL7DmcSEwEw46MV3piS5DrHwQ4GH" +
-        "a2/ENSh3lF+6dliBwbQR2necmQ5g8ekqkWNb65pLl6RCNGkntJpdu8w5GWbwIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIMf/eRyakKwgwEwYDVR0jBAwwCoAI0okyYRYID6MwDQYJKoZI" +
-        "hvcNAQEFBQADgYEADgpHRDgyPuK4dc+m2p0IELHUAK3qsdTZzBXsaA0rkkk1aRjI6DQ2qg" +
-        "b4crRU3spQgYwBC7KQYd/hp8Lk17iX6fdV/9wol0DxTGhamOJA0uRl768awRArf4cEUElF" +
-        "uWPN8D3wJEfL6BWgReUJWg8V9HEtdvXZZgzFN/CgHRkQ2RM=";
-    public static final String[] TEST_39_DATA = new String[] {
-        Intermediate_Certificate_1_PP_01_06_crt,
-        Intermediate_Certificate_2_PP_01_06_crt,
-        Intermediate_Certificate_3_PP_01_06_crt,
-        Intermediate_CRL_1_PP_01_06_crl,
-        Intermediate_CRL_2_PP_01_06_crl,
-        Intermediate_CRL_3_PP_01_06_crl,
-        End_Certificate_PP_01_06_crt
-    };
-
-    /*  
-     *  test40
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_1_PP_01_07_crt = 
-        "MIICrzCCAhigAwIBAgIBVDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjAxLjA3MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDs3Z/FfgJOyKp+Ds8xiQBM053cWylYbD+g+zuWDz3d" +
-        "nD0eF77TLPITL7hwI058Pn3tXHlveuKMFqbvzWUgFXaBoHmmRohIj1eqfJQhlmKLjlSYyC" +
-        "N4xhLVi7vg71ZjFdRk1k8ME1HDfpb2WXqXh9LyRYY8b/aqL+NHe1PUDbT6FQIDAQABo30w" +
-        "ezAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAwBgNVHSAEKTAnMAsGCWCGSA" +
-        "FlAwEwATALBglghkgBZQMBMAIwCwYJYIZIAWUDATADMBEGA1UdDgQKBAgvehPxsTfSBDAT" +
-        "BgNVHSMEDDAKgAirmuv5wudUjzANBgkqhkiG9w0BAQUFAAOBgQBpdMBEONGcpFitMN1ihf" +
-        "W441E4HVTQwtF+h56aagVFndUF1gQsVEdDNmvvN/jdlzXotcfdEj1lOahmcwWbPOlNx3PB" +
-        "LUPAcaNM9SCrXWi1gKJK3gXC2OAxj0mT5XhfPlAdfhZXTBZLqMqebmk6kVwa+VyPPZFHGy" +
-        "BW0fV2ClJ69Q==";
-    public static final String Intermediate_Certificate_2_PP_01_07_crt = 
-        "MIICojCCAgugAwIBAgIBVTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1QUC4wMS4wNzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjAxLjA3MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQCrO/98w96Bg5YTTmtdc9sL8AOABGcYx5J8E1Y7/GhU" +
-        "2sInc/j0dtBbE0Tj4KFIKpVLD0m2mTyHVCUA0/QGiS1Tq6DzmZW/V36Clya3CoX9rDTJyU" +
-        "cKHpgntV19fFAK58aksyKCdP9jjLpbSspzOlIc+mVW+hkjgw3NcuY6fAOQvQIDAQABo3Aw" +
-        "bjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAjBgNVHSAEHDAaMAsGCWCGSA" +
-        "FlAwEwATALBglghkgBZQMBMAIwEQYDVR0OBAoECEmeATXRkM5EMBMGA1UdIwQMMAqACC96" +
-        "E/GxN9IEMA0GCSqGSIb3DQEBBQUAA4GBAG/Qv60jyImedUXtCYl0QpQ1Ne2ZLxvUHRLms8" +
-        "B1nXC/Rze7zfz5cwiyQn+6XN2rhuYFdTMDEFZDIjeeCLNllfan4GUAdRGtoJnfoLOGLlQf" +
-        "RW1ONc80cxd1NTxHqxOtqpWdoJQEn8070WLqQPACEs88XYKBZ00sF9ZdSg5vhHUu";
-    public static final String Intermediate_Certificate_3_PP_01_07_crt = 
-        "MIIClTCCAf6gAwIBAgIBVjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMi1QUC4wMS4wNzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EzLVBQLjAxLjA3MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQC+5b7o4iWl80ntDMKGcnquLQDTGlf6Gy/8y34Vw08/" +
-        "8ij+nuHMiKpo6UCF0OpDcnkJ2ovvMsY5dAb5ErhH64UbnMlKbghnGv0sVidtipoC8u7ey1" +
-        "YUIzDCdmbNvTfho6IXKzH8ev//K+FJd3qBuKHl9u2Kk5+igsyb+bPSid7d/QIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIUDKu7h5EQ70wEwYDVR0jBAwwCoAISZ4BNdGQzkQwDQYJKoZI" +
-        "hvcNAQEFBQADgYEAnKhR3OvdgtVtmio7ikCvjxlSoKVbUleazxONOxHUAKdXEv0/mSOTwp" +
-        "hPPIoE2xAqPOOHvXPmzmJpPADjrfhU6afJ7ThDRFTMk4ZLOkT1SvRlymK7uWhj5bhUgi6S" +
-        "UQ2LUmrY2hIN4cTrrzZvDw2Q/6UIuqpmySXEOHDL5T5MXEo=";
-    public static final String Intermediate_CRL_1_PP_01_07_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QUC4wMS4wNxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIL3oT8bE30gQwDQYJKoZIhvcNAQEFBQADgYEA4gZR" +
-        "71wRXNdxWe7kaQPAw44UUw+cN1bDBU0RV7nwYAFDYxDIaDGOfjhUVTMBq4rb51S7uqIqYS" +
-        "F6j7BdLXl9WVRJobfkRH0t0cBnuSeQRz3ckrZrCuvyxb3PEL3pbf0UH1i/BfoG+EHJAY7R" +
-        "OVOL/dyoXeX6ehH6ImGhucDixS0=";
-    public static final String Intermediate_CRL_2_PP_01_07_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMi1QUC4wMS4wNxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAISZ4BNdGQzkQwDQYJKoZIhvcNAQEFBQADgYEAfzKw" +
-        "NHrl10PJDHa3olBYXYzXi94zxDsEQSIb+W4pPXUfDZijPqL1NzapLqc/uL1Sl28GmLDrbm" +
-        "nCrlMn1Kt/gI6XndOnSyC9Sg6WDxAI3HTHxlG5MHLBn9Lb36CHobnwep1BMo8zl2clh0Kz" +
-        "PIxQSGXM1BDpHkwF5eoFAolDih4=";
-    public static final String Intermediate_CRL_3_PP_01_07_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMy1QUC4wMS4wNxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIUDKu7h5EQ70wDQYJKoZIhvcNAQEFBQADgYEAj7+M" +
-        "EeIe1GmJpbRUFqbNrDvT5tHjKQMNdbe5Y8F920U5t0ig1Up60kc7hs7LH57i6R/quPOpym" +
-        "a9Eo9Bql+P2Bg9FELih5/a4B021TZBmmdSI5fwQZ6Q5PjgG58Zl2cJitNYvGi7tVUBojA5" +
-        "CSN7KBMyipia9ivxm9a/llJPrQY=";
-    public static final String End_Certificate_PP_01_07_crt = 
-        "MIIClTCCAf6gAwIBAgIBVzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMy1QUC4wMS4wNzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0E0LVBQLjAxLjA3MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQC/RmUcYHxgQRHCUh5cMug/J2o8DzYbT+2pIehJkNCr" +
-        "zfqemV3qshLdMct5GV73oEkG5b6n7tj3/hI1TLh/A3LQpKROAGZybdo9fk4Pa0+6V6ql/U" +
-        "NnSpcAKct/f3IvchGo9nBGdi9aE+j+xKhMM6E8xj1+Jc7Z0xz7zE4+qRbeZQIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwAjARBgNVHQ4ECgQI/y572lfRyH4wEwYDVR0jBAwwCoAIUDKu7h5EQ70wDQYJKoZI" +
-        "hvcNAQEFBQADgYEANl9zdMKbaq14OP45PeK9D4ftOSuliW2di1qAX38FQoWPYLLoaDU0Q1" +
-        "9I54PDY/UYRR9jKDl1WPhV6cD+65eadtiOZVr/h1CaW/HxTloouzN4z1zCXMC7AxZKo+EI" +
-        "XLN8f4w7hKLFYgf6gP9+iVi+T2gKfH5Ch2zjRhlmGFRgsBQ=";
-    public static final String[] TEST_40_DATA = new String[] {
-        Intermediate_Certificate_1_PP_01_07_crt,
-        Intermediate_Certificate_2_PP_01_07_crt,
-        Intermediate_Certificate_3_PP_01_07_crt,
-        Intermediate_CRL_1_PP_01_07_crl,
-        Intermediate_CRL_2_PP_01_07_crl,
-        Intermediate_CRL_3_PP_01_07_crl,
-        End_Certificate_PP_01_07_crt
-    };
-
-    /*  
-     *  test41
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_1_PP_01_08_crt = 
-        "MIICojCCAgugAwIBAgIBWDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjAxLjA4MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDDe20HLq7R8b0fWTsEiNV3Z5IbQseZ8QCW+1cb6yM+" +
-        "ArKLJDnXx8zmTHSHQCpw3G7xhGsxA1btm0cSC5P/1bw/kFWsSLRe2NFF6oKU+7c+cgIUMB" +
-        "kzyXk+kpWAQRb7hcb50iKdKFtO8gMNGMAxlHRI05/1tThyAs9suI4TrxTS9QIDAQABo3Aw" +
-        "bjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAjBgNVHSAEHDAaMAsGCWCGSA" +
-        "FlAwEwATALBglghkgBZQMBMAIwEQYDVR0OBAoECFxr9vgF31fKMBMGA1UdIwQMMAqACKua" +
-        "6/nC51SPMA0GCSqGSIb3DQEBBQUAA4GBABaX7TYfmSyVmzGCVbTFweUuPilo4wzy7z/w0x" +
-        "y4uSaM/YMtixUdDPpTHOJNYDdeV85v+w9oezdL2ZYAaGn7tldC6k8ouq/6hOGGST+ziHJS" +
-        "gTOD8UVBQPRPvWEwgmDIprnzrVRz8rG6uqslXNiBDnO9BMGpRo4dy8YpOmV6BPCD";
-    public static final String Intermediate_Certificate_2_PP_01_08_crt = 
-        "MIIClTCCAf6gAwIBAgIBWTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1QUC4wMS4wODAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjAxLjA4MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQC8nLZcMLHYKxVqbhwJiqQbAYhf7S6ck2O9AhNor935" +
-        "Bfm7/8qVZbBAotQy1PoCjSW0UYdknDolWvi8aAtO0f9XVrAv6BZVVW9j3osIGN/XUThaN+" +
-        "9dZ83kGpyjeoitpGK4wbFNDteuBFYp+8gFNupnX7JQwUK3aGwBUucbe7puRQIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIL0xyFYBk4OcwEwYDVR0jBAwwCoAIXGv2+AXfV8owDQYJKoZI" +
-        "hvcNAQEFBQADgYEAPk+Lys0Ueoyhp544EH9Hqy9+gY+l/+N99v7KvBlZWKuhkwZDE+qAYT" +
-        "P/SOPsWe8ADZE2iQ4pOlpK8jSqtJSdK69RgGL9omLnR04L9c/zKLArBE+VmoV7mohcQp8x" +
-        "aB4q/g3QnAqwfFYDjIWW3H6gRAeQ5MOtKdz/4042fJxc5L8=";
-    public static final String Intermediate_Certificate_3_PP_01_08_crt = 
-        "MIIClTCCAf6gAwIBAgIBWjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMi1QUC4wMS4wODAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EzLVBQLjAxLjA4MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQCvy6bNOyVaP8JTwiySFa3Sj+rdSqzkalK5gA7DLk4q" +
-        "AyvnAK64HgbCsb8dpnSi94WBDsocrQ4C1Ltoahc/AZyRVLA/REsAh1r3/0FALZgYiIxvSF" +
-        "m3ihKb3P9URBbotzhl1ahRZPSrcxKwNXEmxB0gjixGW7GZTARq3Il5ressRwIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwAjARBgNVHQ4ECgQIwFtfZBe/KqUwEwYDVR0jBAwwCoAIL0xyFYBk4OcwDQYJKoZI" +
-        "hvcNAQEFBQADgYEAeZhpIDEYyV/LkOtUf1TryemJExQ1jdfirJ3AUtoFIoWz1p9aqnV6Po" +
-        "GAMozjtdyotfSA2O8c065DwD+CvUXPmdD+2vWpX/2hJPj+x++UvvntAokD2UE9HCeEvBHK" +
-        "rr59hvKKd6GChyhAjLris202eTLIiMEoyZy9X/Wt1nXF8/g=";
-    public static final String Intermediate_CRL_1_PP_01_08_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QUC4wMS4wOBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIXGv2+AXfV8owDQYJKoZIhvcNAQEFBQADgYEAhkwT" +
-        "E/EGAe32J883qVrh1wG5xQzO/GGfp/zuDYGL2k1zZ2zq7MajKfzBoXXQ3WPh5dTK1sy5o5" +
-        "boPHG0pge0B4/2JvuDVS539+9HAPansUNsrMXzOblg1acjdKtuk4oS8PIYkM/lbA6yJl6F" +
-        "QMbdIthWqa2gjaWKll3R8fVUjxI=";
-    public static final String Intermediate_CRL_2_PP_01_08_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMi1QUC4wMS4wOBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIL0xyFYBk4OcwDQYJKoZIhvcNAQEFBQADgYEAN6BQ" +
-        "sEQT5YCvs9vlUSdG4gjTgNkyQTCdmSIcufpK4MG/AoW/Fn5zJXxiMyHmvT/dkk/UOf82/s" +
-        "41YI/Inz4qRmGF4IL7jo+l7V+OI1n+Vf4ClgZU6ocb9d1dFoBkJu3xI9dcWK6ExpzaBUXw" +
-        "rPJilV4M5luGbszdDCs9cLjmiRA=";
-    public static final String Intermediate_CRL_3_PP_01_08_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMy1QUC4wMS4wOBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIwFtfZBe/KqUwDQYJKoZIhvcNAQEFBQADgYEAkmDx" +
-        "t+r59llppKmm9mSTof9/BX2rNyG9LfIH7wweoDi9be2vYOLy0NU1kJ8f3/muEw2v7hWDri" +
-        "k9ROLDFnb/S8MYVT0l4rymRhpshPF1uMTOZmfJUCfTX9jIaShztSScqcGSP0a3EUfDD14R" +
-        "1yMu2pdlMM35llE0lV3uf/eUNr0=";
-    public static final String End_Certificate_PP_01_08_crt = 
-        "MIIClTCCAf6gAwIBAgIBWzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMy1QUC4wMS4wODAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0E0LVBQLjAxLjA4MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDTWNp6Oz39wwU8AFDzYVs3UfVvXg+t6j/qFavnvllI" +
-        "NO6aU1o4Hnk1wfmTPZPErc00/MfizMSumTYYRl21hEZWhjNO5uQIHrF9V/4OToo2iOfsPd" +
-        "gxwpSokwxcl7CJyadwUxhRDYCLhSORXoCK1CPQZjwb+uQz799O5ozb0WVNYQIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwAjARBgNVHQ4ECgQIO1TNJtWwaiIwEwYDVR0jBAwwCoAIwFtfZBe/KqUwDQYJKoZI" +
-        "hvcNAQEFBQADgYEANmP9hyFnYvi8gdtRe8ERoEG90NwoyPTsB8sXd40f+Sm1QxKqMPzKPL" +
-        "7bOtY12JGwZ55a6HFVgpw4PnU+0iOcCMHS5OQQLtyirxX2HfioiXEmcmRJT6FvLHrGIHGv" +
-        "KNcfc3rUiksdOb6+j2k8x4IwQ6pBEHQwY8U4Y4DgqALlqM0=";
-    public static final String[] TEST_41_DATA = new String[] {
-        Intermediate_Certificate_1_PP_01_08_crt,
-        Intermediate_Certificate_2_PP_01_08_crt,
-        Intermediate_Certificate_3_PP_01_08_crt,
-        Intermediate_CRL_1_PP_01_08_crl,
-        Intermediate_CRL_2_PP_01_08_crl,
-        Intermediate_CRL_3_PP_01_08_crl,
-        End_Certificate_PP_01_08_crt
-    };
-
-    /*  
-     *  test42
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_1_PP_01_09_crt = 
-        "MIICrzCCAhigAwIBAgIBXDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjAxLjA5MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDJqSSqGjgI3JUJfA/XkloAOg2QtZeAGp2nCq1Oiply" +
-        "MTjJpMpEOSRYrEIgKMGnBPq33seP7X/obCT2jgexmbFT2TmPirM+h1aqbGQ7QAqsx80BdE" +
-        "ofdcfiNosLbbzli9qFrbarO7fJfBhzraBFGDJj3N8nLi2YtP9IieFYJ/MhKwIDAQABo30w" +
-        "ezAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAwBgNVHSAEKTAnMAsGCWCGSA" +
-        "FlAwEwATALBglghkgBZQMBMAIwCwYJYIZIAWUDATADMBEGA1UdDgQKBAiVRMrZuHQ7VjAT" +
-        "BgNVHSMEDDAKgAirmuv5wudUjzANBgkqhkiG9w0BAQUFAAOBgQCetZy9JMzUVveSPE2fQY" +
-        "4fRVChyvIc9nCE4wbzhnRl3zduBGmAwTFr7dRWSFTnEq1c2b6B5nJtCzmt4Ovapf69sIlM" +
-        "s3iV16eBB1WTNCY8YlAsnmZ7q/AR0t0vX+hh6QV6zN5xqulOM4Y8csZEx3RWJzV/LjE5w7" +
-        "mKvofBEUoqQA==";
-    public static final String Intermediate_Certificate_2_PP_01_09_crt = 
-        "MIICojCCAgugAwIBAgIBXTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1QUC4wMS4wOTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjAxLjA5MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDWUTlTieoi7aLGUYOAgqUC2J/6JarOWfv4vobpwjAA" +
-        "DjvQGqg/GCZP7FgD/72Z4YefZKJEFZTDnYfmy2qh6iBYxcvLsJ+PJGzPCObNSmyq8gpeXy" +
-        "KKEeCZtEev1tSywTT6E5Dhee4dX0QHE4ydZEliMMXGRW/8ffT6x54CPwVylQIDAQABo3Aw" +
-        "bjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAjBgNVHSAEHDAaMAsGCWCGSA" +
-        "FlAwEwATALBglghkgBZQMBMAIwEQYDVR0OBAoECAMhmGN8+qXoMBMGA1UdIwQMMAqACJVE" +
-        "ytm4dDtWMA0GCSqGSIb3DQEBBQUAA4GBALNjokGrTnWsPn5KrlO+g3R8tAGM90JQDjfrap" +
-        "xWM+nN+dUVVdGU6w2pAOAq2UhfySiP42qiFChnPK9oOqPF2Or7/kcmXZzBfZkE/FnJGNUA" +
-        "gs9je1nZvTPQYsF094OqE7QdJi2k3seA1tqejA1kihMHpwQNmIp8bFpqn4dPO6ys";
-    public static final String Intermediate_Certificate_3_PP_01_09_crt = 
-        "MIIClTCCAf6gAwIBAgIBXjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMi1QUC4wMS4wOTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EzLVBQLjAxLjA5MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDHUpHhF4ANNLOywnvpqyDgzLMtatW3ZxgLBBRYk6TE" +
-        "jMgTVKmRasVRTA9uatGG4b2f70YWs9cOd4ylQDqPEDdKNZ47bqZdX6RAU3j1dO9LBwWDbp" +
-        "NvZ3zuDBRDoCZClIcBESDYweaZ9nUgKl/WxTeCnMwqkfSJGYBBcHIonRPnGwIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwAjARBgNVHQ4ECgQIyppef22OmjEwEwYDVR0jBAwwCoAIAyGYY3z6pegwDQYJKoZI" +
-        "hvcNAQEFBQADgYEAOySUCY+PZxomhWgTRSKRodOIe/QSfCMSC+0iw24a2TuJzFLjN9pSm9" +
-        "0C2PqWbfwD1uDjrteO1NK+1yhtIDySiptR9GmR/fhL7NJ+z7M4fEJBjjeeI9/aEIuHuBFT" +
-        "TVHfwsJxnZtjujtOdl56B825LsKW8Otumd2A43N9wIgSyBg=";
-    public static final String Intermediate_Certificate_4_PP_01_09_crt = 
-        "MIIClTCCAf6gAwIBAgIBXzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMy1QUC4wMS4wOTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0E0LVBQLjAxLjA5MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDR8/c35YqAswoRMgQswlTbKB9oYEzrFSC0G4dt8ydP" +
-        "O4PyQs+J8wUVrRVMiVDTLO9rUnzR1T3iA0dqM+SvWMIA8pMWKyNV58f73ZPJIejhxMmOZa" +
-        "sSLHceMmmMRy1zyk38i3ZJP3YhvxffTjWyTZ9k2xSDX+6KNnkiKkJSKpl6nwIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIpcWcVIIu63kwEwYDVR0jBAwwCoAIyppef22OmjEwDQYJKoZI" +
-        "hvcNAQEFBQADgYEAckgV11ND/D1vfPEMUbDGUvtmsziHiSuEoDLJqSAhOmcX+evKWOfoVo" +
-        "f7og+0ajuul7yuB+7YX1AakOw+33k++Rsgg4o+ImZq3+VScpgnIQ037OOhgH3umwFRC0r3" +
-        "NpWqhmQuz+mHnKiK3X+IDsQOFkhnpNs06CQSZzmrzbYlQU0=";
-    public static final String Intermediate_CRL_1_PP_01_09_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QUC4wMS4wORcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIlUTK2bh0O1YwDQYJKoZIhvcNAQEFBQADgYEAkEc6" +
-        "qHGOWZXYTQ5fsWyJgEtuJyl8uJ+gMcikcMut5SIJTTtOz+q3wclYDevT8z1MM25kNdgwyg" +
-        "b1bwHNAG8I72eIDtGfLrChFwU3qpvVMTG9gPYJb05Q8On56nsBu/PnnzJervzxjViaeOuv" +
-        "kjwwfmWqGkyiK433WxzgPqE48eA=";
-    public static final String Intermediate_CRL_2_PP_01_09_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMi1QUC4wMS4wORcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIAyGYY3z6pegwDQYJKoZIhvcNAQEFBQADgYEAV9Md" +
-        "8PaNoIlT7WIwnelqrbwsR66vAaT8w3gu8XDYXu+MOYThfyERUvtH6AUrHWfiRvWEzKljHH" +
-        "3BQB0Zsa9Zz3U5cLzJcqtqDc1lH53aIA8MflrfMVrYSF684s28FikcukmA5Fw3+7S3TJ18" +
-        "Hq7plHwTCidVD6yG35hsPwcjTrE=";
-    public static final String Intermediate_CRL_3_PP_01_09_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMy1QUC4wMS4wORcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIyppef22OmjEwDQYJKoZIhvcNAQEFBQADgYEAjBaP" +
-        "V/TFQtDLxQFIBCbfqhlgpOfvJBatjNuvB0TuD2rsGS1eaLNfTfyVKlOLpxoKwKYMu36kIO" +
-        "l/+KEPDq+ofy7uDZ6GLK3KZ/WiJyriqBQjFCvlhNTW1cjA7Ejk2lOM/A46mrUS9xC+aITh" +
-        "d+/UYGt6O/e256cOwQCUaF2z328=";
-    public static final String Intermediate_CRL_4_PP_01_09_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBNC1QUC4wMS4wORcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIpcWcVIIu63kwDQYJKoZIhvcNAQEFBQADgYEApZ1l" +
-        "w5SJoU8zeKwX5jpVWiFFFomDgKsNlkkX5mF88l0B6MiYbGqJIowJRfeIlxvPOf20imN7Z8" +
-        "l38DRXFacDQP4y5kxM420dp+ljQL5q9RsrC1+OS7I7TGgGwPoZTO4mHVk8nx9MyT+kW1OU" +
-        "x9qRYWN0CLmP22kutYBndny222Y=";
-    public static final String End_Certificate_PP_01_09_crt = 
-        "MIIChjCCAe+gAwIBAgIBYDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBNC1QUC4wMS4wOTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDEuMDkwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALiOjwwwUk1HNwf2rdzPL2okKTgL+lMdzhC7cbq3" +
-        "6A409EY7iipPCcsDsheo9EaTNOHV9xjWDqOhqjA38h4hGNkRUVOlTW2r8SoHISn3gDXfrh" +
-        "aHbU3owscAmt1nuA7rzo7L1eBPsisIIxAY16uAmVN5RdiAAaP8VUdshcNI4/1jAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QIGZIY3nffEXowEwYDVR0jBAwwCoAIpcWcVIIu63kwDQYJKoZIhvcNAQEFBQADgYEA0Svm" +
-        "aqjaeQx/lnF223xlCTsU7XzOxbHetRWfeCTw0QrWQaTrKjWTS/TNyzLhGuPBFg+NTTvWML" +
-        "gzteo/WWdF8+d2rOis9FVRCe/Euok6ZCL/xgzaE86ZSQg0jj6458TpuC2cszSaifRSlhL5" +
-        "ogy4ADWgJxdVcBrgADo6QZXkXXw=";
-    public static final String[] TEST_42_DATA = new String[] {
-        Intermediate_Certificate_1_PP_01_09_crt,
-        Intermediate_Certificate_2_PP_01_09_crt,
-        Intermediate_Certificate_3_PP_01_09_crt,
-        Intermediate_Certificate_4_PP_01_09_crt,
-        Intermediate_CRL_1_PP_01_09_crl,
-        Intermediate_CRL_2_PP_01_09_crl,
-        Intermediate_CRL_3_PP_01_09_crl,
-        Intermediate_CRL_4_PP_01_09_crl,
-        End_Certificate_PP_01_09_crt
-    };
-
-    /*  
-     *  test43
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_1_PP_06_01_crt = 
-        "MIICozCCAgygAwIBAgIBYTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjA2LjAxMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQC4mu1oBHB9BeorCFJIuSw5tszmmYBD4bjTklsAfjrz" +
-        "OknQsYxEoHfifpdgivh1fMUk+mK5YWUz0G8/edquKbJhPBTTWp8opsGzTATsTLSEzkKbVM" +
-        "DQ84ttxrhJWlrVRlouZTnD5HoLUvujY4EdydmKsjj6UBt/tGL5EKodymcEtwIDAQABo3Ew" +
-        "bzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATAMBgNVHSQEBTADgAEKMBEGA1UdDgQKBAiGRi8YRte8PzATBgNVHSMEDDAKgAir" +
-        "muv5wudUjzANBgkqhkiG9w0BAQUFAAOBgQDHOaIki9TogVJn54FRPl+7FyzBJ2DnR4RTM/" +
-        "q1K3COWRdtvmGqtBBtAccxWziQJ5TnAQn1XA0cFPoCgymGPRcUz+0+C+3VhJ/m9LggVP3/" +
-        "pjJEG0fsmJtUYPyphUlXeUzf4qSj34SlJws3DIHTR8ozAR75HZmlMRnxyZBLl+jAng==";
-    public static final String Intermediate_Certificate_2_PP_06_01_crt = 
-        "MIIClTCCAf6gAwIBAgIBYjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1QUC4wNi4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjA2LjAxMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQC2rptuREzhGfEJ3U8ILPBq+z0s+aafMvBRHpqkipDq" +
-        "bC7v9zpwg1K18F4MYiATpPAEfdEeprKs0mWfdusF93BoMBVm1y0zRgDRUNdyB5GFO8g8+2" +
-        "yNEO6L37c1PwrMLnvJakaqwbbnwlcMcKtLHoX19fyveQQg5DNj8WcKZj397wIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIJPt6qKdFeYEwEwYDVR0jBAwwCoAIhkYvGEbXvD8wDQYJKoZI" +
-        "hvcNAQEFBQADgYEAkFJGNze9/6YX7Rv8FR9obFGACIJ7Om4YQQRW9WM9pEDgKls7g9b9El" +
-        "dJxLKOlWoRoYZIrbEam19traE2O3dxqRevPoYvfAqkR089BkxH/cFYyfqw64IpjDG84dsY" +
-        "XieajI/Ov/HjgF0VQKF3+Y1ZiDjb2OHNgMkqs9VmUHaE+94=";
-    public static final String Intermediate_Certificate_3_PP_06_01_crt = 
-        "MIIClTCCAf6gAwIBAgIBYzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMi1QUC4wNi4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EzLVBQLjA2LjAxMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQCzxfyi52gw/5tt6/9aNAXdY3wZYH1GifzGoN4cg8Mt" +
-        "++5xmTdrc2A9/5biaTUVC0x/Ml6mm940NA9mM/EoEu4SdnP2crNCIFHWNlYz3cJtYJ68rE" +
-        "rEU+S0gnYaYRiwNGhVpAjV+FPDr0Ghgp5rYQ61evAhmRuNAFwYocUw80G6JQIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIZ9yMlboxCIEwEwYDVR0jBAwwCoAIJPt6qKdFeYEwDQYJKoZI" +
-        "hvcNAQEFBQADgYEATNnRMQmvTxRcSMUL4pa5bejuX2Ixy/OfZIAlJWt9AfLW2tHmdAaGpD" +
-        "GhTHKfyQQ+HrIMQ+lXau8Yu6nzWXAY8pKpKD1Hbd355VE4dYZ7aPvcAulZHeV0F2EFn09x" +
-        "qQ1frHDRoCOc11B5qV5hnwgDE/ByZh1+OWUcR4tBQKyEF4g=";
-    public static final String Intermediate_Certificate_4_PP_06_01_crt = 
-        "MIIClTCCAf6gAwIBAgIBZDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMy1QUC4wNi4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0E0LVBQLjA2LjAxMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDB66hLZx1WGcCqmOxHK/rotXOpccJQOB2L3kpWP1M2" +
-        "ZiWufUguLw45XShdqu31OgmGw0/w9ugwy96aRL+Tiluj4xjIAxJCav5cXF8Dt2Ex7hjIHm" +
-        "XV0rHbJUiduHEh3fQphgtzlR4QxG6i/i4SbcsoJzsws8x3qOqRPaWDtyWs0QIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIyZsLNvyyIZEwEwYDVR0jBAwwCoAIZ9yMlboxCIEwDQYJKoZI" +
-        "hvcNAQEFBQADgYEAc7G4BAUsQeqNp/Kv8TKJckfxWygz54PrkBICNw/eGuGamVJMRkYCP3" +
-        "yJ8NW4jY/rfxzKKyjVB09XuNBLDwYdR5Z5UHSg6Ijes3j8tehZ+9DwEQrR+WQf/adHIsxn" +
-        "/347MHrSQF7CJzE9tAu6AOu53lKxLeH6C/5YI611or2Ql1I=";
-    public static final String Intermediate_CRL_1_PP_06_01_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QUC4wNi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIhkYvGEbXvD8wDQYJKoZIhvcNAQEFBQADgYEAC7ev" +
-        "Pqe0veUX+zF51d/NiG6VwgEwOP1HlzD/saDn/FYXStTQDwoIyFjmZ9z0yLGIaVI1O9BWVD" +
-        "CTU3bCU1dBg61Blo3rI3TlNqmGrYRUSJ857QM9c/G+/+V0XJ/HgId39Pufd9Tob150XNMs" +
-        "9h0PvqjhYjG1bARMRa8JB4KTBU4=";
-    public static final String Intermediate_CRL_2_PP_06_01_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMi1QUC4wNi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIJPt6qKdFeYEwDQYJKoZIhvcNAQEFBQADgYEAiUbi" +
-        "qQ3X/hTgjhpQGDZi/7EnZcqSgiAFMreV30/mav2NtXDITE9DqZzCS9x1vHBp4BBsQwYVvp" +
-        "XvLVSgns4pFwR+0Whc+tPo2j9ScePq3sICsqleWTN1DvuoP9rBe8w7pDN4guA59Kbeku75" +
-        "5CMA5YjiTUomK4UaqI3htwkBlWo=";
-    public static final String Intermediate_CRL_3_PP_06_01_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMy1QUC4wNi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIZ9yMlboxCIEwDQYJKoZIhvcNAQEFBQADgYEANowv" +
-        "f/scWT6FFT393XEpWcTnA18hBT5Nkddw6mHjKBq7ndtBQkydMO8Wym1IeQ2qYbAqu3ifNZ" +
-        "SKF3PfgJjYPBKImzJdHTKfcclMC5H8Y9JDN0voeyONr9NiXcoj+p24YNYjb+PFI6avRYo7" +
-        "Xyrqvwnvng/IY9zLtc7SYYUIODk=";
-    public static final String Intermediate_CRL_4_PP_06_01_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBNC1QUC4wNi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIyZsLNvyyIZEwDQYJKoZIhvcNAQEFBQADgYEAsnA9" +
-        "ERwsi2mK540oPL45mLdOjGnet7+HhNk14q0hvALTYGB1vEjijc+Yvf6mHJGRbiG207BpJ1" +
-        "DWeWBY8TLe4YJXlSrWwx1jD46rCt7gdqXAdLpMo+i35yfQ19ZqeWcRLkspmczoUJLJaJza" +
-        "eLRrnjv62GLJ09KVKpZBGhV3SUM=";
-    public static final String End_Certificate_PP_06_01_crt = 
-        "MIICbjCCAdegAwIBAgIBZTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBNC1QUC4wNi4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDYuMDEwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKrLB7XA0PKY0qtSC5lMBvvIvbyjBM8XmANrN9Wx" +
-        "66QxEuloRAz0D5uAu7TnJBv6qNuIPGFl74yusKCSkjEkBMdVpBCfDvpG1/Tz3sALSlxmnz" +
-        "xbK2ytOncbYuYrzvXttx6wkhLrBLlnfuwpZwGZOr/Pt6WwQJWjXxgTNJ6dcgXbAgMBAAGj" +
-        "OjA4MA4GA1UdDwEB/wQEAwIF4DARBgNVHQ4ECgQIv0gg7LxDM+swEwYDVR0jBAwwCoAIyZ" +
-        "sLNvyyIZEwDQYJKoZIhvcNAQEFBQADgYEAgzlxBGGOBvHw20eOzSswMqrHopNMcvwuEO+Z" +
-        "Mr0h8U2/HIiRqKWQaxMyM8A0oULGJny3B/0WtkfVQ2EIibZGiKIjC1RPAB3QmL0vgSyUmF" +
-        "s/LZbzugpJW6jvfov7N4O+u0J5rYniRxa4bgrXa89TY9kwDMbr6/z4oiI8bq3gEsw=";
-    public static final String[] TEST_43_DATA = new String[] {
-        Intermediate_Certificate_1_PP_06_01_crt,
-        Intermediate_Certificate_2_PP_06_01_crt,
-        Intermediate_Certificate_3_PP_06_01_crt,
-        Intermediate_Certificate_4_PP_06_01_crt,
-        Intermediate_CRL_1_PP_06_01_crl,
-        Intermediate_CRL_2_PP_06_01_crl,
-        Intermediate_CRL_3_PP_06_01_crl,
-        Intermediate_CRL_4_PP_06_01_crl,
-        End_Certificate_PP_06_01_crt
-    };
-
-    /*  
-     *  test44
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_1_PP_06_02_crt = 
-        "MIICozCCAgygAwIBAgIBZjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjA2LjAyMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDjg5+XWZwW1gLAOldsRshbCXmUCmt1Vs+oZsvyH+6d" +
-        "2PwKs8ydrz+oD0/D8V7cRXucj7q7cJSLhEY1wJoTTgrWeRg1hQioAXzPW3ZkaZuzhpi+cC" +
-        "qeZzN5nPvqK18GWvpffNbUUVfOuaHzzHmhmhgQyZaNG7JHwpWM10UMzMawOwIDAQABo3Ew" +
-        "bzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATAMBgNVHSQEBTADgAEFMBEGA1UdDgQKBAh5am+tkndt5zATBgNVHSMEDDAKgAir" +
-        "muv5wudUjzANBgkqhkiG9w0BAQUFAAOBgQAF0h1iaxxZUp43AjP5gSvbW6JfFRW/ugH9SU" +
-        "n3e1B29LMH3F/ML0joVhPx5CIVpX4nfaYzdeje9+E2/bHMBGSCFeHz9S/KoBLLiI0GNhzh" +
-        "I6MytvPMPRx7hkuROouQ69TnslJiGCcoo+MD0fA2YwO1bCtyLdeVHYhJZWQ2Sg8PHQ==";
-    public static final String Intermediate_Certificate_2_PP_06_02_crt = 
-        "MIIClTCCAf6gAwIBAgIBZzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1QUC4wNi4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjA2LjAyMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDF4KSKxo8HvQ59E77LcuLpZ7ujNDjb30KB+EbIuRmy" +
-        "khXAkhq2Rp2Iqd3OhC0AXmhSF+enJq3h0dqyxNWP08SIuK5ia3OIeatl1UgEyukuAnrLuI" +
-        "A7PFUQAGZmDG4OuHv28zza4n/SwfCaKfi8qatIwpwF/29ycB8wYBrHThQD0wIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIKFZV4vjfOOQwEwYDVR0jBAwwCoAIeWpvrZJ3becwDQYJKoZI" +
-        "hvcNAQEFBQADgYEAuj8P5ga8Xv9eFjk4AdRMx/Fj/doRAOLZfs+OnrduRXPLe7CFKDxhFx" +
-        "xYOma8In08cgXVVnRR+2nZ54h5qjCYpskGNx+yZRY8+HW3XXE3KpS7QgTnc/1XshUy9VGm" +
-        "2qX0k661f2d3KnSKiKVKtM/y/j/nNyxPugDz1Yy50NtzQOE=";
-    public static final String Intermediate_Certificate_3_PP_06_02_crt = 
-        "MIIClTCCAf6gAwIBAgIBaDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMi1QUC4wNi4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EzLVBQLjA2LjAyMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQCitrzXkbO4hAQpBRQE880MFBPq84umX9pyKbV3iMqK" +
-        "Z7HBYwZOvEwGQxG+TX1PIj0Jz27oyvoqpLeMkbn9L3K0BuS0AZKlWIOGPPHWpYTDoQCCs9" +
-        "Mba1evVT/1CMxESsv2kgf49YHMs/6TtxQX0qj5TQzXrkM6CMBc5zyPBDWORQIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIxLES0WIVZQYwEwYDVR0jBAwwCoAIKFZV4vjfOOQwDQYJKoZI" +
-        "hvcNAQEFBQADgYEAdQeDAOFys//2xUFwBilhqr32/jh4gT/ijxRjG0msKTYXmWcCQv9Tms" +
-        "smtIMtiwwnByhjTdQAtOmEyDm/CFW0/NBnxlRvqZKt+PRtscpExVy7xnnm2MBITTa+9xkC" +
-        "A361jSDPnRPEOZoKdMRRzNnW4f59m0huibeFNRYJ7y8BnHs=";
-    public static final String Intermediate_Certificate_4_PP_06_02_crt = 
-        "MIIClTCCAf6gAwIBAgIBaTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMy1QUC4wNi4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0E0LVBQLjA2LjAyMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQCg0yQG7oewLD2eFfPuj2DPBgT47iEri2IVeS/r5hUD" +
-        "nZhxzT2/+UsQfiS+ufdC2Xq+QAcXFcAifPbvRs9xo2q0uLz26mwSq1TH8ilHLKatKwJ/Yf" +
-        "hcRAfEWDwhLJGRhZ7YrKu8xczZgyxwaeu5m38lEaLIRyaVfVSrw8WhN4z4ewIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQI/dKmuI1u6I0wEwYDVR0jBAwwCoAIxLES0WIVZQYwDQYJKoZI" +
-        "hvcNAQEFBQADgYEAOEcMpdSAVKUzQ1A7LJnWOh5Tul6yXw6qMsdZNGOZ3vYBXH3vHnSHvp" +
-        "MqJQ1JIX/4XSiKF8En5dVI/ooNabgyORpPnLGDvrshvO/09iaDlQXxWRsoGAFhcIe7Ibp+" +
-        "3g6hnBO5U+0pbInioKVYf/1VyZSUK1QQMutshMIye/8gyZw=";
-    public static final String Intermediate_CRL_1_PP_06_02_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QUC4wNi4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIeWpvrZJ3becwDQYJKoZIhvcNAQEFBQADgYEAEJ28" +
-        "g5iyw3ZOqs5ly7O2X0YWtgKK3BnPztxygCUWO1xVy/QbMM5ybAU/UPbJC2pUnkOZMX+h30" +
-        "RYp/kV9w2o15V1hxj2M0tR8fQ0WXudwi20pZO56uHb+WSaETOmPVoNH5efeXsTvtbHQR5w" +
-        "95L2vNeEzJEy1l7S/sasUUoQvqY=";
-    public static final String Intermediate_CRL_2_PP_06_02_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMi1QUC4wNi4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIKFZV4vjfOOQwDQYJKoZIhvcNAQEFBQADgYEApLIK" +
-        "X/YJYhSfn7yLTAlKjnhpH1QDlFeaE6/+uj6j7ZgpK6HBjHOvfwbrjurl+L3ZTLrY1FCL4/" +
-        "SUgXrJxbAyMANlg4Z8u6o73F9cur2gi3sgv5d6FjJ8VwuKYWY2dwZNeXwlWE/W0h01Vd9H" +
-        "QVuctFxzQaJQdQBadw/XqzvLlyw=";
-    public static final String Intermediate_CRL_3_PP_06_02_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMy1QUC4wNi4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIxLES0WIVZQYwDQYJKoZIhvcNAQEFBQADgYEAE5J9" +
-        "wJKAb3veF4GhHeoIgy6JvMsrjv7d7dhT+ZIKq+wPNk1909X/Zo1GXxJSjMaMgkLlXa0QN6" +
-        "LtSJxbyMRCKSJfqTKOezFXirZ7MEQ04FT0z6Hp0m+E2Q7dGs52ZOV3YZBhQUlH+aQ8WNu2" +
-        "6clf4VqBiUYgGhkE95PhN5AAnOU=";
-    public static final String Intermediate_CRL_4_PP_06_02_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBNC1QUC4wNi4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI/dKmuI1u6I0wDQYJKoZIhvcNAQEFBQADgYEAKgk1" +
-        "HJ7OW203z9H7jNGxoLCN9bGDKOFcWlWuruzXWOAn+AomjSZpqZkZU1qyKrFaKM320sfn8C" +
-        "ZJPnVWaVMLBLNddDRWUjJrUHtNdnnZEuYPYlRVb0MmwaxHHR0ZBUIaniqoLuvtQIB9N++T" +
-        "bu4cjx33mN6MX0oWr4Bbq7ovPnE=";
-    public static final String End_Certificate_PP_06_02_crt = 
-        "MIICbjCCAdegAwIBAgIBajANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBNC1QUC4wNi4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDYuMDIwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBANAr4hFku3Y6jI+vD6JTRFc7ZLL9tIxT7Mq+QcDd" +
-        "rRHgSEXhPL3MM//3ZFXca3w4rXOUVQyANQncywNM3uwl7T9jC0MD2kJ9PsNGQL2bQcSajX" +
-        "jrxT403PVFsa6ZrLMU0hwomSO4nJBLCJj3i1rlX9esYbRNCqzep2OMWgAWRUsrAgMBAAGj" +
-        "OjA4MA4GA1UdDwEB/wQEAwIF4DARBgNVHQ4ECgQIMBvQP4Q8w2UwEwYDVR0jBAwwCoAI/d" +
-        "KmuI1u6I0wDQYJKoZIhvcNAQEFBQADgYEAnmNf+3jJp4mo4YDznASTMnrBBdXuskhnRXSQ" +
-        "Gj5dNq6PxEXM+CmBhaNlnFYcr7UCtcD8XwampfyO52tvAZW5kWQKsxyowVtsxtwkAtj6/f" +
-        "trIeulIM0B1xjyXJshmVST5u6gZ3OegsAyuqyAbo9B1IvkNFOldt624aEG43jq7ho=";
-    public static final String[] TEST_44_DATA = new String[] {
-        Intermediate_Certificate_1_PP_06_02_crt,
-        Intermediate_Certificate_2_PP_06_02_crt,
-        Intermediate_Certificate_3_PP_06_02_crt,
-        Intermediate_Certificate_4_PP_06_02_crt,
-        Intermediate_CRL_1_PP_06_02_crl,
-        Intermediate_CRL_2_PP_06_02_crl,
-        Intermediate_CRL_3_PP_06_02_crl,
-        Intermediate_CRL_4_PP_06_02_crl,
-        End_Certificate_PP_06_02_crt
-    };
-
-    /*  
-     *  test45
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_1_PP_06_03_crt = 
-        "MIICozCCAgygAwIBAgIBazANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjA2LjAzMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQCrUMqMxZ4sSrH6sKv2y6nYKagLvUHaforCnf4z/5O1" +
-        "PeldaW4ANtNPA8SkVBES/zoKgvrLJUmqRi4b+BGhCVqLU77PvWyiPOS40tpJfw7m9pPK53" +
-        "aeaLC9M6rarjdOvF8MkdtytCMU/Ef1NsuJULwEP+XB90k4lHr9EzbgKhXvoQIDAQABo3Ew" +
-        "bzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATAMBgNVHSQEBTADgAEEMBEGA1UdDgQKBAhF0iXZmlIKsTATBgNVHSMEDDAKgAir" +
-        "muv5wudUjzANBgkqhkiG9w0BAQUFAAOBgQCmab7noekyx5TzxAqWoQiC9S/aZJtvLkuH1p" +
-        "KiZnclMpRvIL1CVOukkzLTZXY0EcCHnXuVGjw+9vmiQWGGw8t6TGCXo/CtCo934HGBxOfQ" +
-        "MVysEjst7L7TDQsqxk4j9O8cU/TFWsghW9Ihu7SVIn8RJmknKMB2xkIhcDe8S8dmxw==";
-    public static final String Intermediate_Certificate_2_PP_06_03_crt = 
-        "MIIClTCCAf6gAwIBAgIBbDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1QUC4wNi4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjA2LjAzMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQCmT7wL9WwWBr1oY9bHIq4IrJOkbOARK3zOeyZSbBBB" +
-        "zxcky5kjC9pamMpyZjga+q0CGd2rq9eUjQ2FXZsBSgf/X9B0/g9trNMebYgGnYmHHX2JK+" +
-        "doyAX+h3afDbZzZ696S0Hw7yRx00+teQe/Gx4h4qKPwbJIW5Bep9SBysikJQIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQInXHgY/+onu4wEwYDVR0jBAwwCoAIRdIl2ZpSCrEwDQYJKoZI" +
-        "hvcNAQEFBQADgYEAhlboR5gzYWluWIaFM5R1Ko0/rprrv5BHONRiXjLfAPkzZmd7FLDE2j" +
-        "BlU7s7IenICeST4c7HG5zqBigK1814GG75nq5htCGUnM6pn8/gvc58+ckKeWgbJxC5I/0u" +
-        "olCCs8ORbWIEGWmghGg1USxeI1RQwXGgE8XwtabVibJOVBk=";
-    public static final String Intermediate_Certificate_3_PP_06_03_crt = 
-        "MIIClTCCAf6gAwIBAgIBbTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMi1QUC4wNi4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EzLVBQLjA2LjAzMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDEouRlqTFQiJQSwc+yhjpvA0dUIbRrNwLF+EPfUWq0" +
-        "FV1UV0a5lb5BGPW4RGUEbFwsgGCHsfLiY7WmUpC1e6332PZPnrnoJbf28paeiZ8KqcAKZE" +
-        "pGPWKCmFBwBW23q1w/v/CxcXJoBx5OC1yxG3fGH7CZSzc+4Z/+PxLk9yoASwIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIc24GzUM6/LswEwYDVR0jBAwwCoAInXHgY/+onu4wDQYJKoZI" +
-        "hvcNAQEFBQADgYEANLxcLvJqjyu94HN+X6tTxGcN1s43kQh8yRGotW2ptuA2jmGlAhI8QQ" +
-        "sXHO0o0bFLBC/Uv0L0YlEJhK1w0ct7Awwn4UYgqupxug2f84yamcvFa1es3osIMJoi0GPz" +
-        "1WDBM711efRtbzvK6t/4fJ01nG2BlMeEbctVqrehuAip4p4=";
-    public static final String Intermediate_Certificate_4_PP_06_03_crt = 
-        "MIIClTCCAf6gAwIBAgIBbjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMy1QUC4wNi4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0E0LVBQLjA2LjAzMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDNuzSN3BiT84M3Dy6KeTQkMqWNuYGTENWPP8WvQ0Ot" +
-        "ggue/lemC+IqYBtIEYtk3A30eKKnF28WIbPlB3oSykrPVV5dMhYGF9ysOtp4wyETHtzdv0" +
-        "7HyqlMHOCPiFplbwjUSo0uEIRVgS3luBJi9onTpcn97/i0S7VsM2nooooaowIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIDjpr8w0dRq0wEwYDVR0jBAwwCoAIc24GzUM6/LswDQYJKoZI" +
-        "hvcNAQEFBQADgYEArE6qUMnjXiB5eKiAFc9Elw1dYsQArtnDQAfFGtShDulxYKq9+pxory" +
-        "4kTMUZZCJc7awEC11tdJp7xJGcpjCJl4I2wBcHiCcVcnwQijqM719PqoQKydXB9MSrXqmU" +
-        "2CyakSzBpb82VooVNx0IZ3h0nXQSE3V0qSXXCaImJcOIGMo=";
-    public static final String Intermediate_CRL_1_PP_06_03_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QUC4wNi4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIRdIl2ZpSCrEwDQYJKoZIhvcNAQEFBQADgYEAQrHK" +
-        "VV2MJPJLNdPoEuqFXRTEclSmYhUWC5lthK0JnKUbCUj2cMAku2UdN5sRgVG0475dXV2nvn" +
-        "huxy+IQVt5OJ+PNZ9MYZlC2CfYsBiW9DEYMA603XhVvX/bxx80MwxNby18oyo/V9ycSyJw" +
-        "XzUmzYRUtohHk39r3eUSAt5H7zM=";
-    public static final String Intermediate_CRL_2_PP_06_03_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMi1QUC4wNi4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAInXHgY/+onu4wDQYJKoZIhvcNAQEFBQADgYEADOEh" +
-        "jV8V8y17mFstkVwigOAKURbi7sD24RkLd1QG0Bn21JiwpkGY8Z4vetQps+VX586xKzz6v6" +
-        "Sj+TJk3jfHCiEAk6a7PLxRcVCCi6y70mzEBCwn6fS5NDfxzxYYLgq+dlUiVwqXsHksEvUz" +
-        "2Z5dpuLhbUGxHiqazNE9iq9pEEE=";
-    public static final String Intermediate_CRL_3_PP_06_03_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMy1QUC4wNi4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIc24GzUM6/LswDQYJKoZIhvcNAQEFBQADgYEAK/zi" +
-        "r7ASgtWA0xGQVrqhHsXH9bdaj+FceW6ivoXo3z6xCFLvzu2uenEu5g849+YI0KMomHsDAY" +
-        "tX8qO3XEaLGchbhIfywgRVDlSF8ytMKhJTS05R/vZSZAl+eoT3mC92Grihsd3wublyNZ7a" +
-        "d925Py/oFp3J+geUkKJQK+RVu4M=";
-    public static final String Intermediate_CRL_4_PP_06_03_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBNC1QUC4wNi4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIDjpr8w0dRq0wDQYJKoZIhvcNAQEFBQADgYEAcBag" +
-        "81RFYMBAf8aRP5VXPcfu0OxgJvVE25ZHGLCkLD4TPKAXMjZMHWrf34+5FW7aigDO1YhGA+" +
-        "2zVtVj8k71DichiCCGXQvH50AqFgeNXNQwn9WcpQ8rRkfmyhlccfeM+MzHI1giRw/RjvCN" +
-        "0dfJL9g3c7peW+VCKn85REZ1ne4=";
-    public static final String End_Certificate_PP_06_03_crt = 
-        "MIICbjCCAdegAwIBAgIBbzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBNC1QUC4wNi4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDYuMDMwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKBSOacrUg5H5yuISkqmJuQcK2ao+Ib0FmIKCuek" +
-        "8mm2HEiux+K5/yIAYsQnz9eDKzKWaS73exPniKOXABHaL6dxsptbdBqWB6II2kIl0BFz9P" +
-        "82qjz6DMwpUhj5Pwfy5q0Bz8grTe31ZYP19y8AHgcWna+eiY4fNVXVkIEJOJ6tAgMBAAGj" +
-        "OjA4MA4GA1UdDwEB/wQEAwIF4DARBgNVHQ4ECgQIaZQ3Q55so58wEwYDVR0jBAwwCoAIDj" +
-        "pr8w0dRq0wDQYJKoZIhvcNAQEFBQADgYEAnNYKc2pSFZ9PtR4gQyVI3j+gQ97tcWu6Alxm" +
-        "4T48fSb2KtFGuozJyCv0aYjtuZ9ava9r4v04lyFPoAjWYbALHC9F+vz7JLNr4VstuMdy5O" +
-        "ax+PvJjKGACSXD7QjXJ48qvm+v8OnMbkzf8+rY3LoTJ2KhXo9Ey4+UmU/YuZ0PXuY=";
-    public static final String[] TEST_45_DATA = new String[] {
-        Intermediate_Certificate_1_PP_06_03_crt,
-        Intermediate_Certificate_2_PP_06_03_crt,
-        Intermediate_Certificate_3_PP_06_03_crt,
-        Intermediate_Certificate_4_PP_06_03_crt,
-        Intermediate_CRL_1_PP_06_03_crl,
-        Intermediate_CRL_2_PP_06_03_crl,
-        Intermediate_CRL_3_PP_06_03_crl,
-        Intermediate_CRL_4_PP_06_03_crl,
-        End_Certificate_PP_06_03_crt
-    };
-
-    /*  
-     *  test46
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_1_PP_06_04_crt = 
-        "MIICozCCAgygAwIBAgIBcDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjA2LjA0MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDFoR/YTJlGYenu2IRsTiT6jwIA7yOnFbM9JXcqYIP5" +
-        "jSgtn/wVztPHgVWP+582foXJ+oEcThQVZ+RBXYt6VU5o7eVCsGJjqMd0DbRzTO+poelVoY" +
-        "1UEJMrKG0xSEex0T6XLQ+jPU9o5tlXoLYsXvpvbIrCJ0o8kuk4MWTzenDKJwIDAQABo3Ew" +
-        "bzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATAMBgNVHSQEBTADgAEAMBEGA1UdDgQKBAgVwXynYDSYEDATBgNVHSMEDDAKgAir" +
-        "muv5wudUjzANBgkqhkiG9w0BAQUFAAOBgQC6MnYM9cY3CNb7/KKZvoaSwF/Se5iZYnbdPn" +
-        "WCnKydnN1AhlDN3kEw0gjTmZo/MkvPqku2aPzg5EiZ0eyeJaR6a4aiICU9z/Hiet19mBF6" +
-        "BtAUdt0fJ7aL5WPAc4BKXUbONd6vkQNv8uLcBmsqZ4wXDj7ZVBMGKcuDq7uClb0xYw==";
-    public static final String Intermediate_Certificate_2_PP_06_04_crt = 
-        "MIIClTCCAf6gAwIBAgIBcTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1QUC4wNi4wNDAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjA2LjA0MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDHqX/4IZpOCsHWgdJ6mICN94nXz/KqsXPNymadVdZA" +
-        "nVU0fHdMcxehAvsBKju5d791Psly1Xyyda8KQ0BKPgGed6jNKb89JzuEtPBov0VMzskqwR" +
-        "irjaDCwYKtibiDe+T/kEN9Sq5pbexHcaTbAIeQrAIoSUmGdQ/Up6PYplb0jwIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQISKcQDqdBecUwEwYDVR0jBAwwCoAIFcF8p2A0mBAwDQYJKoZI" +
-        "hvcNAQEFBQADgYEAkAQaOoZYAZOCk881Ro+SIclAj2lp+arAkWPP/gwN4/0lpH62eWqlmY" +
-        "okWRBjk6+iwCgRxQ56uUjJhE08p5juZ5V32ie3RW+S1ZBPtL/T/+Tqp9HNQQ3GjW1yc/yI" +
-        "sWQxrd7QKzTER37HBiOr5WjEjn+dzuWlJtClcQetqMLtMgM=";
-    public static final String Intermediate_Certificate_3_PP_06_04_crt = 
-        "MIIClTCCAf6gAwIBAgIBcjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMi1QUC4wNi4wNDAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EzLVBQLjA2LjA0MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQC2tnVj8KHGCm8XBPvDYWZMp3yOKQxuORze6a764qIC" +
-        "hkdO7hQbgJ9YiuAF/y62W17FnbhKPX6ninaZG0N77bznKvivSC3+T1jIVhw+kpxRh9MRya" +
-        "L2p+zHJEyO/9JaKWzJZiVi4kebW+hwNgSZc7FSYsAbW7lr4ujDei/yn/AJEwIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIaAEiWf4JpfQwEwYDVR0jBAwwCoAISKcQDqdBecUwDQYJKoZI" +
-        "hvcNAQEFBQADgYEAHNsZDCWtOqt741IJNA9OwpymTA4ES1BRJquEvGj5+4RH2pxi67bYd1" +
-        "kWTPF1qFC2R1sugSNhbU0wOBMdKUJtKWNacPsK0HbD7CPqt4THOcMXFO36b/2gqHqy9rc/" +
-        "slWuIwbtT/tEC+Mk67GEATWNPifoPT7TjWHM3RhsDnagZXw=";
-    public static final String Intermediate_Certificate_4_PP_06_04_crt = 
-        "MIIClTCCAf6gAwIBAgIBczANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMy1QUC4wNi4wNDAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0E0LVBQLjA2LjA0MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDgdk/smDJ5yZYJDH4SG7pIDCzGNZeLO9RI3ybOx4/B" +
-        "M3YQu3DDFSOv8kq6PgL8ThC8Dk6t1jSbT8QVzaGgx0KMV3p6pIMdaVNkOjVjUb+L0nXVfr" +
-        "XYpFLON6tZLgh8oIbiz4KznKmsxo6VdYwyUeHmkpGcL5y+8qLspCNdRJnDGwIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIgSY376EamQowEwYDVR0jBAwwCoAIaAEiWf4JpfQwDQYJKoZI" +
-        "hvcNAQEFBQADgYEAEztvmGSVnDGGeNlIoR+wfRM8ndJogvUxLBZm4N96mDZ9Y+Nr99Dqvw" +
-        "+mMI3BU0miA5kDO9aFrKIgow3cpruoedhnBUsxTfhrNaFEwp+ORUb3tWn7sSxLfnTim4Vq" +
-        "y6j/EfUK2CS4ZAy7J5BADWSqDezPnrb5UaY1JFKMuLyGRac=";
-    public static final String Intermediate_CRL_1_PP_06_04_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QUC4wNi4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIFcF8p2A0mBAwDQYJKoZIhvcNAQEFBQADgYEAPlIW" +
-        "SxwW2LE8qxeD+M+HypNwai7j9XxUA2MhBbGVnsrhH+DKX5VeyP/nyZn2hBoGWhs05IpG2P" +
-        "S0odnyhbgGSXSj+IOfkZkVT0BmuEJmqv75R15LBzeyONks+eSEhoOIGAaIN4WgJ5mzjSrI" +
-        "ddDu3c4s6QO/OFVrNF1F6e4laSU=";
-    public static final String Intermediate_CRL_2_PP_06_04_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMi1QUC4wNi4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAISKcQDqdBecUwDQYJKoZIhvcNAQEFBQADgYEAE5wt" +
-        "y3+jVnr8de/Yi0LV70v3JDHimwG2pQcuDRhR1NLPr4oC+2uxMqwxVzdHITDb3yI2ZT9pVh" +
-        "PV3UvX85avMdA0/JyaMWSKNpbSah1eNfMwMBY2vzh1Q7f5n+7HYYM+I2kz7HARPvwsLP9d" +
-        "j4mY7Kq7uiOFdnQzJ6LWjm8qEMs=";
-    public static final String Intermediate_CRL_3_PP_06_04_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMy1QUC4wNi4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIaAEiWf4JpfQwDQYJKoZIhvcNAQEFBQADgYEAOm2f" +
-        "m3IdcDnIS915tEZzDmIbTFPBkIn0wjUreZKb9uNxE2a8Jixq+UP2uiyYWiWmXnRdVB1Gsb" +
-        "ofc5f8ctNgSPVTSYB0U5apIauXjV0y7WMUrLNrDFa5m9lxLRhF9kvXVL8zPhVfMpujnXre" +
-        "A8WS4UjDMuveyQL6yASGoZvB+Ps=";
-    public static final String Intermediate_CRL_4_PP_06_04_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBNC1QUC4wNi4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIgSY376EamQowDQYJKoZIhvcNAQEFBQADgYEAznK9" +
-        "ekskl4uWU+2Xqp3Pj14wvXuzfPAqFlHR0jl5By7T82JRiRa6LGX6T953vcwwJBsYG1hMqH" +
-        "pgbnUGB8APQ6YNXN+7ZkudaG6fMVX6bCr8zT+nVSj7PHIK2VFsC1Jpm5SoQMHH6DFit/oH" +
-        "tm4tdV8+nupMBQn1ZtxQHgUUF14=";
-    public static final String End_Certificate_PP_06_04_crt = 
-        "MIIChjCCAe+gAwIBAgIBdDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBNC1QUC4wNi4wNDAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDYuMDQwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOCVJmtrW8Z2WGGRNjEgyp2NJn1xaIVDwlxL4C0n" +
-        "UAPpo1WM/rarQTYejT2Yo8H39TdRfiAlggF0Qsce0W//atey8WewGsFlUem6a4OFwg1X2h" +
-        "CN/COL0eC4a6lwkdOKmqgxSyWNWeKxXRTM8+EYQIem78uY7A8XuzVUmOpzYWoLAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QION6UOZ2Eky4wEwYDVR0jBAwwCoAIgSY376EamQowDQYJKoZIhvcNAQEFBQADgYEAXota" +
-        "1N1UrMxj2a/vdII92Wi8uEetcHo9vmiJVYxwPFkp+qo1q93Ww8Qnfp7xzaZwLgVoUOAF8U" +
-        "TRUVnzqoSwmRrfyEMfrgej3eiBjcU+zS9mNlx9mUUSLmlY+xMeejyVDCntRn6YJWWLesVq" +
-        "eFOjyNux97/XnGT3T1w0J+wShu4=";
-    public static final String[] TEST_46_DATA = new String[] {
-        Intermediate_Certificate_1_PP_06_04_crt,
-        Intermediate_Certificate_2_PP_06_04_crt,
-        Intermediate_Certificate_3_PP_06_04_crt,
-        Intermediate_Certificate_4_PP_06_04_crt,
-        Intermediate_CRL_1_PP_06_04_crl,
-        Intermediate_CRL_2_PP_06_04_crl,
-        Intermediate_CRL_3_PP_06_04_crl,
-        Intermediate_CRL_4_PP_06_04_crl,
-        End_Certificate_PP_06_04_crt
-    };
-
-    /*  
-     *  test47
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_1_PP_06_05_crt = 
-        "MIICozCCAgygAwIBAgIBdTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjA2LjA1MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDMIUtQ/CgudxHAwAAn8jUsdAY8u7WDslOC4nNbWn5C" +
-        "tILgZ2hGIZhEnhzP+VCV8ke8zLo1DX0hCRYAgzk5XTGAimExHFv/yDdhpJWEnqMRljkCHx" +
-        "Hg3XE1439qutBdmWvGUlRF0hQrd9Q/Ubr+PjEzP3a0EUmXo7LYuQKMcFsC4wIDAQABo3Ew" +
-        "bzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATAMBgNVHSQEBTADgAEHMBEGA1UdDgQKBAgha8GqGbO1nDATBgNVHSMEDDAKgAir" +
-        "muv5wudUjzANBgkqhkiG9w0BAQUFAAOBgQAEG5C3P1A/MYpNJ0qvi26v04GGUWDQWRW1q9" +
-        "1392XpAxDdv7kODf1FUMpfBpcUblagxrX7Npthv6/6W8poBTjvJuq5BfnnOMQrCwnsNfRy" +
-        "Y7b1mAZIvcOBhWe+bFVqRLUqZ+JseWkw0YgZIGtX41Znwl0VcFQKJ4lNkuaBgXXdGw==";
-    public static final String Intermediate_Certificate_2_PP_06_05_crt = 
-        "MIICozCCAgygAwIBAgIBdjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1QUC4wNi4wNTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EyLVBQLjA2LjA1MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQC36j0YkXZZSw3qQaxD0g2BfrKYperkGjVAfLwOtOxB" +
-        "0A3Ufx2ECl/MqNOvi/QWlTkKwnrqw0aEnD25iS1DFM4jMZBmdfJg80oa+y6TJoZcIb+3bv" +
-        "SK5o3ArCFWkhTHHggIIY3H9dQOgAeYQF57Vb0iu59GPfnYJO8y8ZpxGIYcjQIDAQABo3Ew" +
-        "bzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATAMBgNVHSQEBTADgAECMBEGA1UdDgQKBAhUpoGZzfV7EjATBgNVHSMEDDAKgAgh" +
-        "a8GqGbO1nDANBgkqhkiG9w0BAQUFAAOBgQAjrFHzC1FLvssJTfV5YsGfw7Luj4EqLDQd6b" +
-        "MgtBSwPnXqMTUAZpDETyeYvcgM+L2tasB26MSy6IttSKsaJpHPCP+BIs0jji5xosuCX6Cs" +
-        "wI2gE/LjF85rjZnldrlDShw01DlcmWlWwudit/ieO71Xc8i0F4EhSaTUJX12po5Xkg==";
-    public static final String Intermediate_Certificate_3_PP_06_05_crt = 
-        "MIICozCCAgygAwIBAgIBdzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMi1QUC4wNi4wNTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0EzLVBQLjA2LjA1MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDFWhChPQNFYQpLBmVmXSGF2py1wcfhZgZurv0E5AgE" +
-        "BZwBo2bxSeC36lBQyR3OABGI4nQoEegSQWwuS2Pk3+emG2MZ8R5QINAkMlAKTp5Gj7KTlm" +
-        "3VVJRx7/VduoFx8sZPjkpvF1bSL+KOH4UZny1xqqTj4bJ+oGu58INeSNVa+wIDAQABo3Ew" +
-        "bzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATAMBgNVHSQEBTADgAEEMBEGA1UdDgQKBAjN4PvsHY9+YzATBgNVHSMEDDAKgAhU" +
-        "poGZzfV7EjANBgkqhkiG9w0BAQUFAAOBgQA8KmWbAQOnM59zry9TNtLbA2P5y8R/sO771S" +
-        "yQYcu6undt9t7UEiOepDp/z3CGsITm9RdtXAobZ5ZqhW+3Ll+UnML1itiCytOPbfC7iiUO" +
-        "S5jviQnpgJncZD2Lp65yNAB7lMmMleFO15Bsk8VNmzMDMsFtzo508Bs6T33ZW69/vg==";
-    public static final String Intermediate_Certificate_4_PP_06_05_crt = 
-        "MIIClTCCAf6gAwIBAgIBeDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMy1QUC4wNi4wNTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0E0LVBQLjA2LjA1MIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDxx57R4j64xdbjpTl7reLby/T2ym4rESC90aBkC2/E" +
-        "/YUSjsuGG9GiHEVgoGzoQGQNQV0v9ZMIvuoI6q7Fd6VZhIVGE0MGzTFNA9QEEDGPc10ZxC" +
-        "Gyh9mZYp77PMuhQ12Iv3aDW9KNTr09+HyhK7d3Se7toXLwjE5pKt+A4ZvBFQIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIwmq0fugIX0kwEwYDVR0jBAwwCoAIzeD77B2PfmMwDQYJKoZI" +
-        "hvcNAQEFBQADgYEAbAbRorTyh6zfAmdg0lfeZyCyW9k4NWfhUs46iSOl6lkZH8c1eoAF5/" +
-        "q0pOF+CtI3F9VMhfUXChEbVj7QENctU7kDiFe8300OWD5h1VUi+WTK4CG7B36/BjkrVOuG" +
-        "Os76P9l1WaC+/WRZdcqgFMfPjpn3R179dImBDwZiCMMbVqc=";
-    public static final String Intermediate_CRL_1_PP_06_05_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QUC4wNi4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIIWvBqhmztZwwDQYJKoZIhvcNAQEFBQADgYEADX3u" +
-        "wxpN+p8N2HqmhFw8w9LCeoR3Xa/uaqgqh4i/VkDuAC4Bi7VbIO6rcxDO2uAdZgNhb/hnRq" +
-        "cvKLcy0vrovCa2EPHcFo7dJl7si2q09EeuHT4+lZt/Ek/VOkwHhvh2o6yEvKOGXCnF9hZr" +
-        "8YbOIknboEz+tRfxoJArRBwpJkE=";
-    public static final String Intermediate_CRL_2_PP_06_05_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMi1QUC4wNi4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIVKaBmc31exIwDQYJKoZIhvcNAQEFBQADgYEAQz7u" +
-        "dfU4yAHFLH5BgeZkYh0l2lZ95af+E/67MSCjQSF7RWWWTffbDMc4HmiRlZLvQdltyGCKmi" +
-        "kuzcPP8vyYOBQmoIKQ6c2LItBjXVavLdpe91yCOhCWXVVlnMFq5ztrvBEpfO0GVUOnPWfG" +
-        "1Ugit3SEd4DbhYFTBYHbbOKRWsU=";
-    public static final String Intermediate_CRL_3_PP_06_05_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMy1QUC4wNi4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIzeD77B2PfmMwDQYJKoZIhvcNAQEFBQADgYEAkiW6" +
-        "h9a8v+IITd+p0jxukj2FYfmED59ZXAlYhQdQAGlPE71rOXn6ZPURYoGf7qlmBwQffpksOb" +
-        "Byb+PX+CBTUNXzhgTzD7ifM9xOhCEKVKai9acQfvokU56OHwfq5AnkRykLZ7IdvdYCP57k" +
-        "ynrNNV35dsMZXg23/PpreumlOkE=";
-    public static final String Intermediate_CRL_4_PP_06_05_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBNC1QUC4wNi4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIwmq0fugIX0kwDQYJKoZIhvcNAQEFBQADgYEAnTbS" +
-        "MBWyoPaslaLpAMmJ+D6kmmKAdRYurA0okU/QP+0W+YNPV4DducAQUDy8Cg3RkpRK2ze0ad" +
-        "l6TUW8g83hj9TXSBp+XZuVvzerMCjOeBqhskZN4Ly8101ZZmMmdYdSc3PEhqkme6iZzjwB" +
-        "ZooAN2dIYjuBj1c1/t5qH80CMAI=";
-    public static final String End_Certificate_PP_06_05_crt = 
-        "MIICbjCCAdegAwIBAgIBeTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBNC1QUC4wNi4wNTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDYuMDUwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALyVMklPv3uwTPzLG70sXIwKSEt65yiU71ibHyhH" +
-        "wJ/6dXy3HK2UETkRBK7UVSOYq005EbO9s/3oR3zt7QTFifvRTsIjl1L4TCLC2a8ApBr3BH" +
-        "xmBWcJDf427Pk1fm5qDdEmZnpyIlpKaKIiBcdtwZfjr0lROL8RNcvgtJPdu/ndAgMBAAGj" +
-        "OjA4MA4GA1UdDwEB/wQEAwIF4DARBgNVHQ4ECgQISjAUfyAwSA0wEwYDVR0jBAwwCoAIwm" +
-        "q0fugIX0kwDQYJKoZIhvcNAQEFBQADgYEAC6Af3cJUh/IQgWdbC2Vmk96sYjDlAsbA2keY" +
-        "J0bgBcNaIVoJ/W0B3rSawqSU+Vv64p7kcuAl6cbvIXPB++19V23jj6HUs1JxtPJZ9IWkS/" +
-        "FRakv6lD7+j1OdzJvDR8AMZWmPFHJdQnJwQ+I1YOU/O/ShawOnGCmihpIULUINFhk=";
-    public static final String[] TEST_47_DATA = new String[] {
-        Intermediate_Certificate_1_PP_06_05_crt,
-        Intermediate_Certificate_2_PP_06_05_crt,
-        Intermediate_Certificate_3_PP_06_05_crt,
-        Intermediate_Certificate_4_PP_06_05_crt,
-        Intermediate_CRL_1_PP_06_05_crl,
-        Intermediate_CRL_2_PP_06_05_crl,
-        Intermediate_CRL_3_PP_06_05_crl,
-        Intermediate_CRL_4_PP_06_05_crl,
-        End_Certificate_PP_06_05_crt
-    };
-
-    /*  
-     *  test48
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_PP_08_01_crt = 
-        "MIIClTCCAf6gAwIBAgIBejANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjA4LjAxMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQCp2vHVX08nyKe+S8NPkNJOZ9Xng22TbYXhUHtXw9yv" +
-        "ZmPkRhwDrZfBLXZcdZFixidkky3kCzv8Q3aPyPByM2ozH+AHJzEMbwifhyvUbANcS+Jts3" +
-        "lsZHarN7VyiXO+8J2OtYqX9qzmrAOHGleB2cJopEcmAMdrzgt1JIo98SUs4wIDAQABo2Mw" +
-        "YTAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAWBgNVHSAEDzANMAsGCWCGSA" +
-        "FlAwEwATARBgNVHQ4ECgQIoRYqHNcbLacwEwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZI" +
-        "hvcNAQEFBQADgYEAXchRFC94Pl25d3Kl4wBcueQLyWPRuH9zS0ZPLAqKLcWVdcg3fYMuJ5" +
-        "SypMMpxLaVjN7xq0KjML1gLiPQPk18iA2TOAUMblvjUl1uFzDdD6SqQidEZh2h3wxFtbLP" +
-        "U7qBBki7i1+Xn072Bpn2paw/vlh4K+ut0tFQ2BAhqVnQGJ8=";
-    public static final String Intermediate_CRL_PP_08_01_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QUC4wOC4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIoRYqHNcbLacwDQYJKoZIhvcNAQEFBQADgYEARyX9" +
-        "2+LoXD2fIAACBMPDgds6m3Equ+Aawlr0kuppPO4ydCU4kiEgtVGK+kY5GzP6fUpAKjC8mh" +
-        "BrozojhAbkJekDoN0BIJ42Iab70VmdWXRQhPsUDhQwEt+9eSgy+HfiFfpcL1VJx8uY4XMh" +
-        "VB3hmapIe99P/T2QkZ+Pl8j0MgY=";
-    public static final String End_Certificate_PP_08_01_crt = 
-        "MIIChjCCAe+gAwIBAgIBezANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1QUC4wOC4wMTAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDguMDEwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBANYtrtpgxNl+9jF3TN1B9bSEGQci+cQOKpFsmrtF" +
-        "AyiGBxKONgGSgSFFuFIhyBKZF5ROaKX1P8lsQkrpnuybUi+Z9ADdyoaLUDD/z/kp5sebAZ" +
-        "ujmF8HVlqHYj5Ls2smS9EdSN1zgPTXIOTeZd/lv1iFppRZv6cBqlaoapQJsb1JAgMBAAGj" +
-        "UjBQMA4GA1UdDwEB/wQEAwIF4DAWBgNVHSAEDzANMAsGCWCGSAFlAwEwATARBgNVHQ4ECg" +
-        "QIZjcOdw0ZTCYwEwYDVR0jBAwwCoAIoRYqHNcbLacwDQYJKoZIhvcNAQEFBQADgYEAarsn" +
-        "13/g0vOKxy0okOp2JXEsPdsP7aWnCfR8N4+7gFD6dVnkgCIyc5Kbs7MbhB9gtIxYhHOV9W" +
-        "MaW9QAcBH+eXciFDfQBfaMBkL34ssE/TsZ92r/bhBwKRcH54f96G0QWUnoNMt4U/1j2mKn" +
-        "faFirltqEPUu9mv4FiQ0pNT9yH0=";
-    public static final String[] TEST_48_DATA = new String[] {
-        Intermediate_Certificate_PP_08_01_crt,
-        Intermediate_CRL_PP_08_01_crl,
-        End_Certificate_PP_08_01_crt
-    };
-
-    /*  
-     *  test49
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_PP_08_02_crt = 
-        "MIICojCCAgugAwIBAgIBfDANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjA4LjAyMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQCmAgNA68ABUEppM9Oo3guiGvguvtrWQzsQIJfMBrE4" +
-        "/Scwc4SPK4PiJD+kVwtXinXpVclBMQge10uZ48lSJTihfZscJw3RSHt70H4CpPQm44QS7P" +
-        "7fQqpcZKZvMWmY6A8jju3Phbuq2WgJCIxxVw886GNIAXW8C4ZFmXCjwiGGHwIDAQABo3Aw" +
-        "bjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjAjBgNVHSAEHDAaMAsGCWCGSA" +
-        "FlAwEwATALBglghkgBZQMBMAIwEQYDVR0OBAoECOhZ4RAlqGGcMBMGA1UdIwQMMAqACKua" +
-        "6/nC51SPMA0GCSqGSIb3DQEBBQUAA4GBAGEVSOcNaUu50f6AgGBtz1MDdRiHe08W/nzCNn" +
-        "0K1/UqrIXVJ7IYgbOLkL3cdHy4PdngCyEblzl5Cwp9chh2zL0PTUbV1uJIBW32ks1HuAVQ" +
-        "FTZqx0iuopY5AqRCJVDJt4HB5PKObwnmLPNWicI4Juap13j/Tcnw1EP7E7n6OejC";
-    public static final String Intermediate_CRL_PP_08_02_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QUC4wOC4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI6FnhECWoYZwwDQYJKoZIhvcNAQEFBQADgYEACLHw" +
-        "iDARFoF4GauIHnoZlfj6nlOHAFfNSXq06Vvl713bsoAiOSV+2goZjRG62uxhampE+gCdXx" +
-        "1nwhKQ5R5jOGGOxgLtBFNZwKmD0KiDOSvfIVJ0kYCcaB4mSm0a/7pcCPrrE5ofvkmTW6Wx" +
-        "k/YIuBZdDoqZC91v4tnu0fSch9Q=";
-    public static final String End_Certificate_PP_08_02_crt = 
-        "MIICkzCCAfygAwIBAgIBfTANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1QUC4wOC4wMjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDguMDIwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBAOJsz8ys71e8UB+VDTBAocVQvADiqh0LjdML3pET" +
-        "B6VvikiHgbB1PJufxDses+v0WD74ChZEa/octNcMFqMgBlhVBEfvbyGTjiN97LzdZ7SPyd" +
-        "DsDulqwBG9sACryUGHqwHYnUbjOqsThOXFB8Sg/CGGawpZAosm2AuH2gqNvNuJAgMBAAGj" +
-        "XzBdMA4GA1UdDwEB/wQEAwIF4DAjBgNVHSAEHDAaMAsGCWCGSAFlAwEwATALBglghkgBZQ" +
-        "MBMAIwEQYDVR0OBAoECOiMLE2l5u16MBMGA1UdIwQMMAqACOhZ4RAlqGGcMA0GCSqGSIb3" +
-        "DQEBBQUAA4GBAFf4BCbNtduwn5InkfdtFbQOqhPLAn/5eIhxhVhUu7TekWT7ktdaVQFzGF" +
-        "G2h1+gXgFP+YKjJy7kGzEVQjlWtuC0l74EwybNHnYAoDg4itKe+0OSNNXdyOmn+i0tE0nx" +
-        "sWN19VvhLGFC8p38gd0oDr1ziYdg0z2Mx4IlMDxl7QhT";
-    public static final String[] TEST_49_DATA = new String[] {
-        Intermediate_Certificate_PP_08_02_crt,
-        Intermediate_CRL_PP_08_02_crl,
-        End_Certificate_PP_08_02_crt
-    };
-
-    /*  
-     *  test50
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_PP_08_03_crt = 
-        "MIICkDCCAfmgAwIBAgIBfjANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb0QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDFRydXN0IEFuY2hvcjAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMF4xCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvZDEQMA4GA1UECxMHVGVzdGluZzEVMBMGA1UEAxMMQ0ExLVBQLjA4LjAzMIGfMA0GCS" +
-        "qGSIb3DQEBAQUAA4GNADCBiQKBgQDKZDgBum5Ud5i8HWlCKInJ1x9goZ7TQJ+LdfA9iGU1" +
-        "47xJL5eFcERWy4dr5wM5GNRW/DHXlnA/qsRVE29EuRh6qAVgcPGAfmJxz7s5yhmErfmiQ3" +
-        "0rh6+pma/EhcjntXqwIqnk1qt6mEk7x9UKO3ksFCVsDEA67/dvownjcZB59wIDAQABo14w" +
-        "XDAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIBBjARBgNVHSAECjAIMAYGBFUdIA" +
-        "AwEQYDVR0OBAoECGtTrZIwYYHbMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqGSIb3DQEB" +
-        "BQUAA4GBAM3t13xJJraRiJDAwZFxhTNR570wMdSRiF3yWSRtOjEv8NTVFj/T1oJJ8h9Gqh" +
-        "hMpTTHU7uGCyVB9S1HCelmS+1zteKr0B+WVzBl9yuhvku3farz6zgIVK3v5hQ6xC4H4Lac" +
-        "NDhTTKBkRfDf9KskFoxJ/AGxPdZtIEC92DFSblQB";
-    public static final String Intermediate_CRL_PP_08_03_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QUC4wOC4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIa1OtkjBhgdswDQYJKoZIhvcNAQEFBQADgYEAcUHo" +
-        "D00X/pd3D5KGa5C6dY18RsnUovkjUkegGTpbhQfmYZIdBatj7Kv75FeUJ9UpqCUjxHgdiE" +
-        "EVy60NLVGP2VRuJ1m8vfDz8hu5PaiVjneQoRw2M9ieBnz3PjSETDdBGJLWHyCBZbp/W2+0" +
-        "iqcZK7Fm9O5EL4PUO6QIwuH76q0=";
-    public static final String End_Certificate_PP_08_03_crt = 
-        "MIICgTCCAeqgAwIBAgIBfzANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1" +
-        "UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3Rpbmcx" +
-        "FTATBgNVBAMTDENBMS1QUC4wOC4wMzAeFw05ODAxMDExMjAxMDBaFw00ODAxMDExMjAxMD" +
-        "BaMGAxCzAJBgNVBAYTAlVTMRgwFgYDVQQKEw9VLlMuIEdvdmVybm1lbnQxDDAKBgNVBAsT" +
-        "A0RvRDEQMA4GA1UECxMHVGVzdGluZzEXMBUGA1UEAxMOVXNlcjEtUFAuMDguMDMwgZ8wDQ" +
-        "YJKoZIhvcNAQEBBQADgY0AMIGJAoGBALsXEPrCg91CObTl5OrHIB5GshIDXgqBmjzxfWPK" +
-        "ih4STWeBe2eIFO9pONXcM5lstEu2XLBPP6QBMUMWOrphJejrJ3eDQHs404bBnt95O/x17i" +
-        "665CZtg1jUqoO1kOBOComx2AJGZ46RdBExbfd0tTtdHWtRhMsnQchI+WtEyotdAgMBAAGj" +
-        "TTBLMA4GA1UdDwEB/wQEAwIF4DARBgNVHSAECjAIMAYGBFUdIAAwEQYDVR0OBAoECEWZkJ" +
-        "TYQ3z5MBMGA1UdIwQMMAqACGtTrZIwYYHbMA0GCSqGSIb3DQEBBQUAA4GBAHki/TrpHiKW" +
-        "gvERhguQ/uOqHHZNXsog+fgGVFFMOWwJ9bq4aHKd1fDZpyZF4vBxW7llbhuSt+ob2TNlkR" +
-        "wkqzfGL+3xOTKNRgzDwJcil8akC1N5uBftrQk+eL7rM1PezWRM7fIbpmv5ZieIVswtTPF5" +
-        "1Rl3G+JXUBy9E95espls";
-    public static final String[] TEST_50_DATA = new String[] {
-        Intermediate_Certificate_PP_08_03_crt,
-        Intermediate_CRL_PP_08_03_crl,
-        End_Certificate_PP_08_03_crt
-    };
-
-    /*  
-     *  test51
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_PP_08_04_crt = 
-        "MIICljCCAf+gAwIBAgICAIAwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QUC4wOC4wNDCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsrM3A06j1zDz6VuZh+O2UrAPcKtwSA6KxTShUpgr" +
-        "t9UB5iIAEvxcDTwDlubEv/cJjDcFj9N57otzW4ppnuT2ztE4ROmkNb0xL6u00deS1yGjXB" +
-        "wy1G9g8bYDdAXOJlv0tjHOBqXlyKoMny82BOBL2vsCstiqxl14Q3/wBD1w29MCAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAMwEQYDVR0OBAoECJiAkexK6/c7MBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
-        "SIb3DQEBBQUAA4GBAL4xwcpXZQPTTPYIQ8CMoVla/5P1x6BPmPqSkvh1D/o4ds9Ll9kHBz" +
-        "//X1ZM8SzYcEO+1r75JUzoHsvDw9yYAk2oclLsCORAPqD8Owhv3jv0QQtYSmf0Sxt5FLx0" +
-        "MRP9keY/DURRf9KitO4glOawtRtYMq2BeeJk1xusY0KqEnQr";
-    public static final String Intermediate_CRL_PP_08_04_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QUC4wOC4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAImICR7Err9zswDQYJKoZIhvcNAQEFBQADgYEAcN3a" +
-        "jIEcXsQatb0fvVcFnO7d7lzNtgbqL3MtaqJ/PjkRJ/rO7JAXQRwdajUZF4ECHylZKE2HUG" +
-        "Dk+vidV98T8mNmb0TEuuLV+J1G0q8ezMXRJtDt/2m3y1VBireXlEMd1DdgpsDdCQ4va+XJ" +
-        "qv0TvVhfxWry+LrVb6Bf5ItexXg=";
-    public static final String End_Certificate_PP_08_04_crt = 
-        "MIIChzCCAfCgAwIBAgICAIEwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTEtUFAuMDguMDQwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVBQLjA4LjA0MIGfMA" +
-        "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPJWa/cB7WW7tkGxFhcwxqE+BycXe3Ru2qGbun" +
-        "NPQZ/j44UT2C6rl1wZwugCY0sR6mXR/P/NR7czZvg4Tt6lwcNtc8PeafFMUeu0u0Kg9uWn" +
-        "fzQQKeIgRVcEzGTGMPGWXS0ed6X/1+Dj8A+T/tqXKUtM3Jpe0pCmm9CIrYCXLPRQIDAQAB" +
-        "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAQwEQYDVR0OBA" +
-        "oECKm9IOyOM1h+MBMGA1UdIwQMMAqACJiAkexK6/c7MA0GCSqGSIb3DQEBBQUAA4GBAEXy" +
-        "dlTkkZaYK6sUJCiPeCPxfj5cdo/G4RGBImMJbTeDyVTvXSH9G2yWUMqBGnYLrwdJJeXjF3" +
-        "89miJgnJ+1r/r3r2/NeAUuJDsOHRMFh0KXFmgubyw/kGsZBe3279hDnND8ZjfQBmKQD17f" +
-        "PycWTTAC5p6GM8tGERiDSnMc5rmm";
-    public static final String[] TEST_51_DATA = new String[] {
-        Intermediate_Certificate_PP_08_04_crt,
-        Intermediate_CRL_PP_08_04_crl,
-        End_Certificate_PP_08_04_crt
-    };
-
-    /*  
-     *  test52
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_PP_08_05_crt = 
-        "MIICljCCAf+gAwIBAgICAIIwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QUC4wOC4wNTCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwH2d+D0pH8y4QJAPpE0s2oWucV1jlE4pBMGNNPJ5" +
-        "FIRmyRCt90IpzmK/EuqT6iSZYd9hIB9wa180ByN67PK1z4loLFMUL2RmbWeAFlGy5eEFOy" +
-        "4d479qfy6JCOzt0TKhYzhukLUqGLa4DDTzvnnUx0o86aLvGq0K5s6DRlNyc08CAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAMwEQYDVR0OBAoECDSeuxr4EVgaMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
-        "SIb3DQEBBQUAA4GBAKoGi6qlODB8Lc86PtGXfBhW769jB8xzgmENE59sqNBEvYa/oK9Xxm" +
-        "1JX1OGEQMq/mqwZXg6hSczpexCIO4tUH8QKTU68yvqcZoZCDV8FLM8aEUPtUoPIpluhAtN" +
-        "scGfb3uXoV9fg7q1Pi5YlKMnNrDIq1tH1CAGKMDRrjW63Q8C";
-    public static final String Intermediate_CRL_PP_08_05_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QUC4wOC4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAINJ67GvgRWBowDQYJKoZIhvcNAQEFBQADgYEAv5Hs" +
-        "nYPZO1fGC/Z2lIbbUKjIv0+BrR9HbG+b76wXeJTVxfXMlZe0cpOR/KD29DyxI3G4IedHRy" +
-        "zL8iCDWYbA86arJzl5GZJ1MC2A586vNn/6wiiT6nP3iMj2z/nyvan8L30KNBm9IDXQExOu" +
-        "PNE/wOWYBxxCjg551fpXfJKqDIo=";
-    public static final String End_Certificate_PP_08_05_crt = 
-        "MIIChzCCAfCgAwIBAgICAIMwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTEtUFAuMDguMDUwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVBQLjA4LjA1MIGfMA" +
-        "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC4BZFTwOqI+71v8CdiYbe7x0qYveN524h6+iLh" +
-        "oEqvzuVKVqvQgVSaSLPcMhoCGDv3nqyP57Znl/3I09vLU6F4HKLtjO9E0PZu8EXOKLjeWP" +
-        "XmJQkdHfODj/TrrWSsrdorl7s7gdWEUFlbiWvUVUtkqLNbGLJZ5Q1xZvBRLS7loQIDAQAB" +
-        "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAMwEQYDVR0OBA" +
-        "oECBDaTXbN11BBMBMGA1UdIwQMMAqACDSeuxr4EVgaMA0GCSqGSIb3DQEBBQUAA4GBAGVa" +
-        "QNtd4LgoVZQ+Uy1lSr6sog4fsGaoQJCZcvrMJwGpMF0FJsGtOb0R2mfwHi1YXqPF5qZY2I" +
-        "7cVbwVtRQzbXunk1z12k0iIesMtYUncxb/SBstC7VNS8HNZm9ese+YM6Ac8mGT+IUZsPcP" +
-        "gI9fQ1L/2u+/3L4fweca1R45xm5M";
-    public static final String[] TEST_52_DATA = new String[] {
-        Intermediate_Certificate_PP_08_05_crt,
-        Intermediate_CRL_PP_08_05_crl,
-        End_Certificate_PP_08_05_crt
-    };
-
-    /*  
-     *  test53
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_PP_08_06_crt = 
-        "MIICsDCCAhmgAwIBAgICAIQwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QUC4wOC4wNjCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAlSIH/+6DEL1P9tkgbsI2PcW0w9dmqMTLP3jKYPsr" +
-        "sSWI5bcv55sk6RItVr3hGgkaskZoHeamUBAiGPksVyrqmRwSCJzQDLnLdMnjjudvPjp1ZZ" +
-        "9UCufTtMPFvnEuVBx5e8A13AQ4OyHqaJgWRVoRJd6vwTa5jzfYCCMJZHHKpcUCAwEAAaN9" +
-        "MHswDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwMAYDVR0gBCkwJzALBglghk" +
-        "gBZQMBMAEwCwYJYIZIAWUDATACMAsGCWCGSAFlAwEwAzARBgNVHQ4ECgQI8837JGF7vMAw" +
-        "EwYDVR0jBAwwCoAIq5rr+cLnVI8wDQYJKoZIhvcNAQEFBQADgYEAKmgbxzWI6V2twYDp65" +
-        "Gu8zn883CnI08s2FEVupvrKduxYmg+ZDkTBE3ZJFxcOuxJf58MRfDWy8C4jJhLnT3JSSSg" +
-        "sY3n93jzc0s2h5y2wd1bUTDLqhqWCshisDG/88rpv938O8luiUEwltolzKTa+ScA6nXSQt" +
-        "LT4I6O3vbTx2g=";
-    public static final String Intermediate_CRL_PP_08_06_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QUC4wOC4wNhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI8837JGF7vMAwDQYJKoZIhvcNAQEFBQADgYEAHua+" +
-        "lC3wP4G6796jjr6wuu7xEQqY1azsLVsGtL7YL8fm42rl7hgU40SuFIc7Kc+A7oEEkKgvmu" +
-        "SLMIv7q5O8J26fQOuduGWQAncPYB8w7sNWjCZbdjVbjp1XIApcAL3djCbLZ8/NYsCoOuwx" +
-        "hRQKX1hIn+rNDi1DMD4H99QdDGE=";
-    public static final String End_Certificate_PP_08_06_crt = 
-        "MIICoTCCAgqgAwIBAgICAIUwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTEtUFAuMDguMDYwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVBQLjA4LjA2MIGfMA" +
-        "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDnaYU/lu+u+LmLQwyACSsRyxQEEvgriE7ApmHj" +
-        "sNBcd3lovFQMfw9MyOOMsInOgQZU8p/invnhx11/pwi77ViQQ780unhHt5H/tteaYwcsDR" +
-        "cUxR/8jK0DBnbVWvm8S/NGb8BxfbRmDHBTWGZ70hDSCJypWRfHQj0I/SAqAW/VuwIDAQAB" +
-        "o2wwajAOBgNVHQ8BAf8EBAMCBeAwMAYDVR0gBCkwJzALBglghkgBZQMBMAEwCwYJYIZIAW" +
-        "UDATACMAsGCWCGSAFlAwEwAzARBgNVHQ4ECgQIhh/KikcKA7EwEwYDVR0jBAwwCoAI8837" +
-        "JGF7vMAwDQYJKoZIhvcNAQEFBQADgYEAbHK3lkqbGy61lu9d22uO2H3hzwvjmlccZo8pro" +
-        "ord45d2nRIxw2ag4dS1YRFrefVdxZtKeR9+5o+tQtvmTcDOer4u6NZ/sVVElTb1d6axtL0" +
-        "i4cmqv6bGWYECEwtwmPGqAavp9pPZjNRbkBGy9qhVNTXfDQYpA8yzXWO/xUrwNU=";
-    public static final String[] TEST_53_DATA = new String[] {
-        Intermediate_Certificate_PP_08_06_crt,
-        Intermediate_CRL_PP_08_06_crl,
-        End_Certificate_PP_08_06_crt
-    };
-
-    /*  
-     *  test54
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_1_PL_01_01_crt = 
-        "MIICmTCCAgKgAwIBAgICAIYwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4wMTCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxDV2d7qXbpCvOzBimskBLsgexpEYaHv0s7gOaqhC" +
-        "4A3K8sxdjyW6QdGZhKX8tCMqnlPp9CNbpY4tQQ5oTSk5pj6HwAsTfGcDwXJnjKWx1FJ7rD" +
-        "meZZ8c2K7a8voBl6FoPGn8CMhO0WmM9Eyb/vDUPdCZzScb+z/BxTcV1BPFdq0CAwEAAaNm" +
-        "MGQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
-        "lghkgBZQMBMAEwEQYDVR0OBAoECBpj0+Gcq32oMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" +
-        "CSqGSIb3DQEBBQUAA4GBAB/9veHrkLeu8jkwXggJtwqPTmkrIBcX+pz85BTSETYeLOzF46" +
-        "onk+qt+IHptlrm3D7ny2Y5M0dQQ6tPzhGZxCEg9RoDibZGtsx+qeAh1ZjeEpEcQyp/idWY" +
-        "asH+EIuEIOZA9c1ySxI/3v3ZfzaSGS8jsgSDkLB4JumrE9ZkLNd1";
-    public static final String Intermediate_Certificate_2_PL_01_01_crt = 
-        "MIICljCCAf+gAwIBAgICAIcwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTEtUEwuMDEuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1QTC4wMS4wMTCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3B3UKG3tEL6FQz6dL6iqSvzgGsm1Fg5uzK8npkEq" +
-        "g2caUM7huYFfXeur1mu6iKiROcGX8ZYxrPi9Orh39YVrSu2EUWvqQui4QScf4dIlzAOunv" +
-        "0gAa/lIVTHgZhIomKND6/tZLU251dJiFhoV6bXx2tor83vWFVPx2oVd5LL5S0CAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAEwEQYDVR0OBAoECJmK3jFTIl6lMBMGA1UdIwQMMAqACBpj0+Gcq32oMA0GCSqG" +
-        "SIb3DQEBBQUAA4GBADkYLTg4RncTpAFmpUy7WGOMvoFV15nDoi91OMxhxVkbGSE0DJFxi3" +
-        "hPKcfUNvzy0bEUUTaqOXdbIkoLTG77NTckJxurSRyam0jA0+6SUYZ6F9fVotwMul2EiVl9" +
-        "XP5oCt7LkgqVgMASuwfzMnQozB6Oi/YP2OdSPXLipI6rl2dx";
-    public static final String Intermediate_CRL_1_PL_01_01_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QTC4wMS4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIGmPT4ZyrfagwDQYJKoZIhvcNAQEFBQADgYEAd8YZ" +
-        "8jibr8yjcGYSDicJuyUvHBZntTVQ1sP5XVmtCZcYcQCVjbC0auYTEP5snXbGPW5qeEaaXB" +
-        "MhekMr776hP4Kl3g4AjguFl3XQGcURlgNd8LsTpMMdNWC7XwooOF2FzFjD1ru0BSEWabzW" +
-        "NNaVeuMMbu2N0lc6NDJvRC8LkhA=";
-    public static final String Intermediate_CRL_2_PL_01_01_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMi1QTC4wMS4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAImYreMVMiXqUwDQYJKoZIhvcNAQEFBQADgYEAZFec" +
-        "GtjOfp8pT0n1dMF/x9n8y5tM+G3LLnZvDJspLc/sqP3E3B/sHBiis81caEkQQAOTBU5goJ" +
-        "0KOFAUOfEq+IX5uvNhuPuinx0OsSak+2Annvi12zodMQKPNm1uMVt2bMHHHZVEVTqcv36g" +
-        "xgdbp0YKTmuvSy6s8NtGFpkNmnU=";
-    public static final String End_Certificate_PL_01_01_crt = 
-        "MIIChzCCAfCgAwIBAgICAIgwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTItUEwuMDEuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVBMLjAxLjAxMIGfMA" +
-        "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCAUPp5j4V5XTA44Ra1EWkp9HgS4w3uXJ7/Vhi" +
-        "K5bARFrDOOxjV8nmr5hoUYr4jwdi2Rl+60TQK/F08gdcGxdyc9p/yiU5HyAP6i+4iqmvaW" +
-        "9b2egNyZ5tOmpl/Q9FSFWa9d/PYBKM5Sj/r73RtA+/chc4uq3uyLekSRQGh1MieQIDAQAB" +
-        "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
-        "oECAiL3A4CkaFyMBMGA1UdIwQMMAqACJmK3jFTIl6lMA0GCSqGSIb3DQEBBQUAA4GBAJtH" +
-        "mNNvCt/0uFbHdvUvCuBeZ9cggfpTyUS4X8zgcLDPFbw6VvX65umOZpceZI6hwcre+LZahi" +
-        "gUEPvXppncEObkeVTcYdOTSDoxh5tZyee1P4sbD9H+suGWeewqUDvFs2ymHtxlkpOttitR" +
-        "xQc2U6VlCuZ4XU8SwucyhW0z51e4";
-    public static final String[] TEST_54_DATA = new String[] {
-        Intermediate_Certificate_1_PL_01_01_crt,
-        Intermediate_Certificate_2_PL_01_01_crt,
-        Intermediate_CRL_1_PL_01_01_crl,
-        Intermediate_CRL_2_PL_01_01_crl,
-        End_Certificate_PL_01_01_crt
-    };
-
-    /*  
-     *  test55
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_1_PL_01_02_crt = 
-        "MIICmTCCAgKgAwIBAgICAIkwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4wMjCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4QmGXEeVKCn1aQx27r+EBuQqfi8fP7gyV5JLkaSu" +
-        "DOUrqXg8dQxHsBNCf3XilGIvjNFZjVUPdS8FNqC+if9D164VyGQlv/JUor/GlvwVfyotUO" +
-        "U1PqSzFrAALYTmfm/ZqhMvGYloStSDxlzjDmyKadskzOxZZDNSe5s8dvUpYn0CAwEAAaNm" +
-        "MGQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
-        "lghkgBZQMBMAEwEQYDVR0OBAoECGk7qDbbBgRbMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" +
-        "CSqGSIb3DQEBBQUAA4GBAD+eI+jg4jmeC3pJRGEF/hbPPYvL6aocjqqbZyNKN5FWItccQo" +
-        "PWg/GK1GpusDZadesZBDo6fLIUJzL+OumrIYJLB3HxQsmyOXB1gRg1hcva71RWFJYzx01U" +
-        "eB8lCbk8Zu24HzLzqjfVuwKOFFELWDEq7bd6Re/aKSHtNnDbsgSE";
-    public static final String Intermediate_Certificate_2_PL_01_02_crt = 
-        "MIICljCCAf+gAwIBAgICAIowDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTEtUEwuMDEuMDIwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1QTC4wMS4wMjCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAl/HiHoos7eHaDIFhMmvIPk63UT33Z+0iiCIuKLW7" +
-        "tgkT8ia1Yg++np1pC3oqYVeKkXqMcjgonPGQhcek12vLt3/+2PYyYirOTVZaiO9pKQ5An8" +
-        "ZMWXIJmCEAMHabPO1RnetvRv5JZFxZY9jIUnD2fUADzzUh/eHN6Pur0DDrI6sCAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAEwEQYDVR0OBAoECPk0C10KQLZuMBMGA1UdIwQMMAqACGk7qDbbBgRbMA0GCSqG" +
-        "SIb3DQEBBQUAA4GBAMJ4+BZQxpxWhNbo8bpGkbbcKT3kfKYrHjHsZADC+/gAJSVL854b1W" +
-        "VKsGr1YcCX10V1Gcqb6Jgziy+AzRLhcJngszcz0A7LxrMH+FIyWEPgZnOyQCa8B/9bnsh9" +
-        "bC1gEmXGOVtWboIFOEdGghEbm/ENnQyj+HbIk3jhF3QYbXhw";
-    public static final String Intermediate_CRL_1_PL_01_02_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QTC4wMS4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIaTuoNtsGBFswDQYJKoZIhvcNAQEFBQADgYEAZEt+" +
-        "FjRuXgnOZg70geqS4hVsF1VWWawlAVGmjPsbRH7rADXPUE2bYL54wLdwt/6QYwHqy2KwCf" +
-        "d4OkWkwn9xwGS4j+XBCw9Y4nbWI+wrsZ9W7vgbeIaVUUUZu6hoin1GxrGDcfbM+bhYzQAA" +
-        "gNmKIWdlJ4tKD2KNgg0KmZPoj/k=";
-    public static final String Intermediate_CRL_2_PL_01_02_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMi1QTC4wMS4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI+TQLXQpAtm4wDQYJKoZIhvcNAQEFBQADgYEAXwZO" +
-        "wr9mrO6yUOoopNjcIcDssCUksYco1PFgWx9O/hGq9ktdoGoGcECGhdkHTLe2ab3WFl9jzW" +
-        "1/lkysD9Jl3VjbnbRB3dPQlrSfiv7cYBLnfKvyF/CxQg/wCtWo46GJJQgOx/WHzi9aF08m" +
-        "tQuJEtl7RgoByUSvLtmvKjQWEnc=";
-    public static final String End_Certificate_PL_01_02_crt = 
-        "MIICljCCAf+gAwIBAgICAIswDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTItUEwuMDEuMDIwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMy1QTC4wMS4wMjCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0/rXOZwUebRaHcPPFeKTB2OWIzIAgavqb5HerPAe" +
-        "c3sJCdNOSLc0OX0dFblso97WR8uueF9I7QeGg3ayQjzDVqm5Tu77ZaCuyb6UU8+fY2eqwD" +
-        "5lCVuLfJr9U2JD5b2TcdvAD9RqfhefclVjDj9rObLjvzLg3AefO3drsfBtAIMCAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAeYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAEwEQYDVR0OBAoECDBWCFTOp3evMBMGA1UdIwQMMAqACPk0C10KQLZuMA0GCSqG" +
-        "SIb3DQEBBQUAA4GBAI/JpU3gHo8Izsbjlx6bkQo/e/hD634N5lSMtVHIGnoVLu99dvroRu" +
-        "2DO8Fhnv6VZpMvYoAc5oEgUqx9hw3bfS/XN9GXaeMssjwN/qM6lzCsvMG7DA9sf59xjf4Y" +
-        "2+u4KTye4PdpmWaseDDJ1wAihTHEaofnQdaoUffxQgw5UcAf";
-    public static final String[] TEST_55_DATA = new String[] {
-        Intermediate_Certificate_1_PL_01_02_crt,
-        Intermediate_Certificate_2_PL_01_02_crt,
-        Intermediate_CRL_1_PL_01_02_crl,
-        Intermediate_CRL_2_PL_01_02_crl,
-        End_Certificate_PL_01_02_crt
-    };
-
-    /*  
-     *  test56
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_PL_01_03_crt = 
-        "MIICmTCCAgKgAwIBAgICAIwwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4wMzCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA60y6V2WkNCB34dcGfu+Jo3YHQZXzgp76+HgnyFmP" +
-        "DLj9DjZHqifD3gW8Zk7L+yK4PfLDSHjbrXM9GY1ser6XwhaJQDPUBBYW5X3XTOmDWmV63J" +
-        "YeRF5r7cfF2h3eEZ460GRLK5tt0Zr8V+hA9oOvwqynrIhDYC/tCzE28ciqA+sCAwEAAaNm" +
-        "MGQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
-        "lghkgBZQMBMAEwEQYDVR0OBAoECPE2FCetVerZMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" +
-        "CSqGSIb3DQEBBQUAA4GBABUOUWwyfyrRIw7dRIVfLlWyp5R1I+Kmq5e8st0AEMVpPAmLoy" +
-        "0s+46Xf+THXZy5em1P3bSVTSUhTs+XD6tbFFUcTrX0mQJlshR7yD/A0siMDUNzzt9LJQvP" +
-        "dwNjQSA2keOrV9q/2CAGce4daL4Wz54jfh33YVqJ8sHT4E8CxQb7";
-    public static final String Intermediate_CRL_PL_01_03_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QTC4wMS4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI8TYUJ61V6tkwDQYJKoZIhvcNAQEFBQADgYEA6FnB" +
-        "LXWt4B/3oP0PXERYh7ZV39yu/tm9DHBQGcGDF8JIspU7F+mH/+37U/lT6BQxpKOpgOgGeP" +
-        "nTQeQzN9sRsXxFO22SkHbdPCao84qvv485epgzqFcVsCRBwBBLcnNLMg891q0EYsTW9vSw" +
-        "Dx7V4CawyYAYGz1MqYuY6SSs6Q0=";
-    public static final String End_Certificate_PL_01_03_crt = 
-        "MIIChzCCAfCgAwIBAgICAI0wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTEtUEwuMDEuMDMwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVBMLjAxLjAzMIGfMA" +
-        "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCwt6B9gpDz/x/vnowXf1MdkAPeaCWZ3pYikgxE" +
-        "ZLrMuulFaI1UDnAzgSuSvoHE80VKGKjSkrzIX9OFfeilW5rNZAXoZrjtkaJd1Q8l5AtjFn" +
-        "0tlLytDzIMYo5Tiq/n3IiTdbEzGYzEOCcSyVaQdB7K1WgYI/z/UAaWV/GbqCX1zQIDAQAB" +
-        "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
-        "oECMQHLiufEm0IMBMGA1UdIwQMMAqACPE2FCetVerZMA0GCSqGSIb3DQEBBQUAA4GBAD5/" +
-        "vGn/rpoHvny/mfh6n2zVNNQLTEBiddfAdCWpeBFcwxS5lpxfm4dAWgHhprZTMirF9yS+wO" +
-        "wWQ4G9/wiqfAtoaNN1qkHMlUMOAPsOSff6ClgP+1uzKVqQa9NTd5HAeMdYfYjMa/fcF/37" +
-        "plCs5ZsJjb9lhEjNd/tq4/aALQmt";
-    public static final String[] TEST_56_DATA = new String[] {
-        Intermediate_Certificate_PL_01_03_crt,
-        Intermediate_CRL_PL_01_03_crl,
-        End_Certificate_PL_01_03_crt
-    };
-
-    /*  
-     *  test57
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_PL_01_04_crt = 
-        "MIICmTCCAgKgAwIBAgICAI4wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4wNDCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA06yd2NQEAgpv0kQQEOzhHHU4YqHgtvJgkdLYxb2W" +
-        "Zordrm4b/43UDnLmsI0790V76y9Aa+Y8SIMBBRBJgnlppFJrFsPaOMO98M3/mXkQotVbY1" +
-        "59P/AjWMxpzP9h8Bs8KuoPqnl5jN0UZAF4kRoNXHzyS445VBp4DtWz/jcCPm8CAwEAAaNm" +
-        "MGQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
-        "lghkgBZQMBMAEwEQYDVR0OBAoECHxLORDZ1KKNMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" +
-        "CSqGSIb3DQEBBQUAA4GBACHmDOaoC0Hr2cmfuQvdyGDF7/RlvTUJ7cvGypCa724SwAZGZk" +
-        "Tf5GwxgjVcLHY5RlX2kDm9vjneDzP88U3587qA2ZRwxhheK0RGp1kudNQ5y2gAGKZ7YSc0" +
-        "SENMDxUAa6HUkn9Rfo4rf5ULuGNJZXQZ3DtP+lZSwzkUeCVjKhyQ";
-    public static final String Intermediate_CRL_PL_01_04_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QTC4wMS4wNBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIfEs5ENnUoo0wDQYJKoZIhvcNAQEFBQADgYEAb8lX" +
-        "19SlVNRkc9SKNpRLZQom67djZfMSIPIDkBALfMepdevbquzgO7AufTuiDn5Zqe6J6odTv6" +
-        "RrQReo64XB4+Lx2pXOe8bZEbzZk0HvzLl9DjN7zxyNglNK+Hd2xS4yT4ps4fBdvXvWAXEx" +
-        "6DfvWHbGFDoH2auomCKJtCVXxCI=";
-    public static final String End_Certificate_PL_01_04_crt = 
-        "MIICljCCAf+gAwIBAgICAI8wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTEtUEwuMDEuMDQwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1QTC4wMS4wNDCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA14bXc39XiWvb4r1jzbADzrpfbg2Y9sGBkefSQHsM" +
-        "QZ1SRLR7uexWD7MuDYh4ZYBL+WPhaJJr3a1jnAIp54h68m8mwS13DgrxBF2/hrVKEm9IRG" +
-        "s13hoM4Mjjogn/Lvc1xLvB5lctHjZrNRZjyrt+PqDDmqZqgCOmcD61PhrfAoECAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAeYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAEwEQYDVR0OBAoECB9hXgJfzBvTMBMGA1UdIwQMMAqACHxLORDZ1KKNMA0GCSqG" +
-        "SIb3DQEBBQUAA4GBAB0HgiURRd/REVfc5DenIPhMu8riVcwVgTUwatsCWragUhXpCtvJmf" +
-        "z4vGo1rKYai2dltVX6am+NDvN5tROcM0bvC8lOCc/iPfI5eWTy9SJ2nxvs1+q809Rj0rno" +
-        "zS77TIE8rD7Q8ZUd3qNUiBwdjBoc9misgyN7zUulg4Ueebvv";
-    public static final String[] TEST_57_DATA = new String[] {
-        Intermediate_Certificate_PL_01_04_crt,
-        Intermediate_CRL_PL_01_04_crl,
-        End_Certificate_PL_01_04_crt
-    };
-
-    /*  
-     *  test58
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_1_PL_01_05_crt = 
-        "MIICmTCCAgKgAwIBAgICAJAwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4wNTCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA/rVBEGZ4jibDhREeRGV3jPnv05esRL8/En1Bu35y" +
-        "QrAHi32+kBu42vwwDbeuiTZd/B90bn5srJZoW83rxXxNnpxqbnjN3GgIcRiUVyaVRTp9/U" +
-        "IT8B9h09b9yT8gpQ5qR0+JDcOHCfJwpogAsyJJa6AM5p/q3TeF39ugfVOWt/cCAwEAAaNm" +
-        "MGQwEgYDVR0TAQH/BAgwBgEB/wIBBjAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
-        "lghkgBZQMBMAEwEQYDVR0OBAoECJ7/mkuLuEIGMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" +
-        "CSqGSIb3DQEBBQUAA4GBADC0A2KMMSSmGI9p85WG7XZVMBX/xdDYOHO0e3ORTRFS3kj9rK" +
-        "a0yUjc1X+p22AA8kUyOLpYIulfDjPrLKN2E/hWSf3+XWMiC7JfX01F+BBl/avEZoymaZB4" +
-        "dkH1Hym4IMJoSaEOgf5HFKBnFEA6aUcr+oDYGUP+Sc1dmJMjBW72";
-    public static final String Intermediate_Certificate_2_PL_01_05_crt = 
-        "MIICmTCCAgKgAwIBAgICAJEwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTEtUEwuMDEuMDUwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1QTC4wMS4wNTCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEArir4GaS6r0Tv9PMbaOXYdPKADNpVbJe79G5t/F6x" +
-        "7Tz1rwUR+m10E+Jq9RsV+fU/nUzzjJXHbPLZnfodUVVmrXgzvQ8+B2N4jJtdNLG66j2PZG" +
-        "+P8GQzVK9drDh54VHXdvxAYCXs7GaIprWmCQsxZOKjhFU3YDiRRK8qJGpBG/cCAwEAAaNm" +
-        "MGQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
-        "lghkgBZQMBMAEwEQYDVR0OBAoECMmrFr30fUzZMBMGA1UdIwQMMAqACJ7/mkuLuEIGMA0G" +
-        "CSqGSIb3DQEBBQUAA4GBAI4qJF6STCi+elUbpZIP7YmcaQsS0PE4G3+LJoMg1LT3rSeobK" +
-        "Aj/yUetmA7y0B5i0svKjRChLOpfClNPVPCx/+mc75+LG+dh1eVG/qk2UH/lrqLN0XLl8tA" +
-        "IwZeoPaegBQAIp9oEjhDN1fWtKIkOe6A6wYdH2VPvsqC8g02VcwD";
-    public static final String Intermediate_Certificate_3_PL_01_05_crt = 
-        "MIICmTCCAgKgAwIBAgICAJIwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTItUEwuMDEuMDUwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMy1QTC4wMS4wNTCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtRC2/PDG3kx8LpzfWC0yJph5h3LXZJZW0W2voss1" +
-        "HYPP1/MBoQY067dfbALilVRh9asCNL4F45uu0lT24qS9vjW8SzBOLA18GsVYRmWO7EP+Cd" +
-        "9f3mgPIMJ5n+UjW+yhBwh0Z2pzVElkX9CxECrs1Mt2ulyuwWA1lR8nRMaTUeMCAwEAAaNm" +
-        "MGQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
-        "lghkgBZQMBMAEwEQYDVR0OBAoECAlV3mzXYPyuMBMGA1UdIwQMMAqACMmrFr30fUzZMA0G" +
-        "CSqGSIb3DQEBBQUAA4GBAG28iHdlA+nTs/b9pi+m9eMy7niELjIWL9fMgn1r4iXQ0TsPYi" +
-        "tgpoip+BB4G/jz7MPx/N4nwyAPV+C9wN8cAHALf/ka2MxAORYFVFI+5PDgXzm78ILqj91f" +
-        "vOFN4jemizTES4/dHxfmdctnsTRpU9ALQgfJLhxEQISOPwuemKB0";
-    public static final String Intermediate_CRL_1_PL_01_05_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QTC4wMS4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAInv+aS4u4QgYwDQYJKoZIhvcNAQEFBQADgYEA5i45" +
-        "gETFAw6l9Awex9IAVIqYTA1dnbDyrUYDRdzd0x6OxSPODvNfQCwqwlTJXrHidCPO8jRhMS" +
-        "Zcdn/MTlIeHa6OERFcjOiwOpeTgtchvpTdDchs5ve8Ik+myue+cfgpEVKOE+ZQ2T2tcyz/" +
-        "+DbeMptECfJ0lVfCKIY7ZOzBPaQ=";
-    public static final String Intermediate_CRL_2_PL_01_05_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMi1QTC4wMS4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIyasWvfR9TNkwDQYJKoZIhvcNAQEFBQADgYEAdsNe" +
-        "ugM8sd8bmIDkYXce2WmS5Zx6QUQ0yT6Ij4OR5/F4CG4Vl+k3JkNPuAiNSs2Z9HeML+F/W8" +
-        "3yEPe/mdLV4nLw4B/b1/8DmgZN4r1ojaWuHAg+KrA3Zz3Rc/hwQfvBy49mf4NGtY4ArbeB" +
-        "DYKz5sVlrwR+gOCR5jm4IC7WEDs=";
-    public static final String Intermediate_CRL_3_PL_01_05_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMy1QTC4wMS4wNRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAICVXebNdg/K4wDQYJKoZIhvcNAQEFBQADgYEAqYex" +
-        "FaIykZo17O2URpofe8x04L/VsfA9jV28zUgNFruAGld/kUh4rYvgwrdbNZ8NmEFDp9J9aL" +
-        "93af3bzoNvWCik2VrQLd5nccCFiC04B+LUH9Y2p+7vV2ojrtBks5SMW0q4HaNyPSQu8Fst" +
-        "4mYVf+QIYZC3iVAF4rsKnaxwzIU=";
-    public static final String End_Certificate_PL_01_05_crt = 
-        "MIIChzCCAfCgAwIBAgICAJMwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTMtUEwuMDEuMDUwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVBMLjAxLjA1MIGfMA" +
-        "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDCXJjzKGcLyONTyOa6sQHvIKZIAh0pWdteUiXf" +
-        "b7yjCn6Z52SCHxB9GZERHwR7fbJpoE3oDcYUY+8pH65bIVm1p3zr5deo4v85DEZQ50cU9a" +
-        "WEUAO/5X57P7pYb9/47abu0cdsLIWeE+O94HpZS8vz8mxRQKLj27gPY1KzzTbrZQIDAQAB" +
-        "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
-        "oECG8ILlM9oqZwMBMGA1UdIwQMMAqACAlV3mzXYPyuMA0GCSqGSIb3DQEBBQUAA4GBAF6S" +
-        "x3aunfgnDmo42aPOzDh536WSkTTbX9bmUNyg3IQHl/3xhVqjS76bMqreYhx5nh4VNx/Z3N" +
-        "LD0W75XmASCk0wtW9S1MoxzJMFIozRruaE3oykrbyMMOt0Br5CV12ofUd0WybDkXfNAIze" +
-        "IRgps3nORHWjV1GwXe8uNoUn6/z7";
-    public static final String[] TEST_58_DATA = new String[] {
-        Intermediate_Certificate_1_PL_01_05_crt,
-        Intermediate_Certificate_2_PL_01_05_crt,
-        Intermediate_Certificate_3_PL_01_05_crt,
-        Intermediate_CRL_1_PL_01_05_crl,
-        Intermediate_CRL_2_PL_01_05_crl,
-        Intermediate_CRL_3_PL_01_05_crl,
-        End_Certificate_PL_01_05_crt
-    };
-
-    /*  
-     *  test59
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_1_PL_01_06_crt = 
-        "MIICmTCCAgKgAwIBAgICAJQwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4wNjCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAweCAiEGMLycmodjrUMIWEEFshkvhX2r90wGl+/pU" +
-        "Ia9NSdT23zYzE4Uo8Is1ywyV+YfvgR22j/RXF6j8OK+XZ8jlgfjVTAhjCnTWY9LDR7qAyk" +
-        "8zuuITxJrYpiPoxqZs9BXLfGkDbye5VpVJXvQdbJNxgKO0hkBBDfe+T9+qw6ECAwEAAaNm" +
-        "MGQwEgYDVR0TAQH/BAgwBgEB/wIBBjAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
-        "lghkgBZQMBMAEwEQYDVR0OBAoECG1DiuoAwV6aMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" +
-        "CSqGSIb3DQEBBQUAA4GBAMFvtFiMDMP6n3CrqQLSzhpK5Qu0uxa56ARXIKSIqi0OUZAu9v" +
-        "sCXxMvaG/R5bElwi7ybYZ5KUSN+PnDmlUxWWL5Ib5RZdXgj7L83oyLTQmbDMvka6rSWHgw" +
-        "Jq8qHVslhh+l+YNOb4fzs8x9ctCrs/BgjX8wkORpQbigU0BUJ9sX";
-    public static final String Intermediate_Certificate_2_PL_01_06_crt = 
-        "MIICmTCCAgKgAwIBAgICAJUwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTEtUEwuMDEuMDYwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1QTC4wMS4wNjCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwf6Nf0+r7JvE6BO4MbDbS1T1SCzn78haBAmqGZLS" +
-        "Ac4xQTydvmzr9PwiWlU0xjFfKItqRMt7rfzTTPfvvnwxsAfQNPtxKzi30yCNq/VotMA7j5" +
-        "iQYaVe2OWVHu13agbXLEZ0pL/ZkmQ3Gvo6UhF4dRmCnjFbd5cMTxQVHUrwgyECAwEAAaNm" +
-        "MGQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
-        "lghkgBZQMBMAEwEQYDVR0OBAoECE3tS4AYmwZDMBMGA1UdIwQMMAqACG1DiuoAwV6aMA0G" +
-        "CSqGSIb3DQEBBQUAA4GBADcBTKbhx8PCunjRVJkcLBCcVGHs9HfkChDafwBO51fe5uhHE2" +
-        "QBpW3J8ZsevuFQiEZvuy2RVFktE6ZoKD8wxwBFhs+OIxe2mergQPy6jHuxoSUiPzr3CVXZ" +
-        "UsNxe7j3IcJLqbJ15UqGFH5yph7Sa4Ym6x747miF6W9knNkjcx3K";
-    public static final String Intermediate_Certificate_3_PL_01_06_crt = 
-        "MIICmTCCAgKgAwIBAgICAJYwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTItUEwuMDEuMDYwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMy1QTC4wMS4wNjCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwq2YlDLHX4KktKnzLCYjnk079IDgXENrkRBuZHTB" +
-        "IQyZoiBH4ZWHreZKs3LvznP8uSd8eEL8keNw4PwZ6aT1LF/Jr/UlrFQNnpLzQVXwGGAuzh" +
-        "tFJYRlOfI5cCZYAcpjnyUV4GW+MuwBdoqDycMjmqIv/8A8vupjahffcmBAassCAwEAAaNm" +
-        "MGQwEgYDVR0TAQH/BAgwBgEB/wIBADAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
-        "lghkgBZQMBMAEwEQYDVR0OBAoECB+qYFJjEkJ5MBMGA1UdIwQMMAqACE3tS4AYmwZDMA0G" +
-        "CSqGSIb3DQEBBQUAA4GBADiXredACtRQTV2TKgu5SDdPlczj7cZZUARJiJKiRfjmxHCc1q" +
-        "m/Oh7sHkqRvlHqjoX8qp4iSchoZWdOAE5O/q4Ef6rViejDFVyN2ZmlhP6KIiRxznrvYfF1" +
-        "n08K7CHgHWvDaumm4pNmWeF03nuasHrY0W9h1uk5poVuzaWDpx3A";
-    public static final String Intermediate_CRL_1_PL_01_06_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QTC4wMS4wNhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIbUOK6gDBXpowDQYJKoZIhvcNAQEFBQADgYEAiHM1" +
-        "xFuYt6tDscqzwj0mLHPHULnR44/vNyPUg0KnV03Dd4XbFHz0FtwDKgVTBZ8x7ybp83ubJH" +
-        "tE/p8nPW5kN25WQOlYkZoAcMpEXjTzlo9evU0W3nyzJjmlT8YEI7vnmWFz/ahzy6WFwPue" +
-        "h862EKh2zVO4hoqZYEuDQI33fOc=";
-    public static final String Intermediate_CRL_2_PL_01_06_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMi1QTC4wMS4wNhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAITe1LgBibBkMwDQYJKoZIhvcNAQEFBQADgYEAuDSF" +
-        "W1KOc4x41HGvdRaw/NtipD2y6zSh3mtRoo7Q6J2BvJvunymZNEziozBOiUgT8zMgbdbm4a" +
-        "PEwlHRaoJP8+yxJIlKaHa9Hc7Yz4SOwSrLicf7EnBSct3Mze0b48UYqbn1q+lf/zKaUGrP" +
-        "M6oqtE8Fam06T+WUfutU53zTtSs=";
-    public static final String Intermediate_CRL_3_PL_01_06_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMy1QTC4wMS4wNhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIH6pgUmMSQnkwDQYJKoZIhvcNAQEFBQADgYEAcPfO" +
-        "+Rj2KmO1CxjuKLEiOUAIq5YmR4U06IcCBGMxlrdHVXHM3vepBKUlMDaT4UGcleABMPX9Iz" +
-        "/31ofyXlZ/fQJOoTZt0CI7SOPQE5ZkUsR3BDuUqf1+sWwBYyBHkrC95JhJkM4LfGS5K19p" +
-        "fp0j0bguzNCXSBRTfjSZhy80tcs=";
-    public static final String End_Certificate_PL_01_06_crt = 
-        "MIICljCCAf+gAwIBAgICAJcwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTMtUEwuMDEuMDYwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBNC1QTC4wMS4wNjCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3asAqJcjXngEuyM/W3+TAE+Qr4JtNUdwBtmrpGlo" +
-        "fAvJdmXHARyiN/Zn6Si8bGI8Wz8J4Y+Ll7zLdaMU4MCZo6hwZiaQwkh9a+ZecCpLpjs4mz" +
-        "MSf5zHSwTYiXKMazlmnGEITVyKLmAiLSyGeeJvOJVqVo/NZXRGVlmnPxZFfgsCAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAeYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAEwEQYDVR0OBAoECLZuS770NcDsMBMGA1UdIwQMMAqACB+qYFJjEkJ5MA0GCSqG" +
-        "SIb3DQEBBQUAA4GBAGM18aR2i8vSywsWhcLrRN1Xckl/HiBPNphobfKoER4NG29cFjUPQX" +
-        "zukjQcJl2clAXNCVtcsKCoYRP3YUyAB6At+yskuuJXtES7FIzM3rt/UpDS5ktVC3gh+jgE" +
-        "pPhMILYIXFzYY1hifkpagfO+mkcr7RqHU3tHAr6LCWjqrB9g";
-    public static final String[] TEST_59_DATA = new String[] {
-        Intermediate_Certificate_1_PL_01_06_crt,
-        Intermediate_Certificate_2_PL_01_06_crt,
-        Intermediate_Certificate_3_PL_01_06_crt,
-        Intermediate_CRL_1_PL_01_06_crl,
-        Intermediate_CRL_2_PL_01_06_crl,
-        Intermediate_CRL_3_PL_01_06_crl,
-        End_Certificate_PL_01_06_crt
-    };
-
-    /*  
-     *  test60
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_1_PL_01_07_crt = 
-        "MIICmTCCAgKgAwIBAgICAJgwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4wNzCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5HkS45NLuqq9ZwF79+pTGtQnGWO7DFdetYeQTbeD" +
-        "sisjZMsK0sCCR5xAKYQsJSS4v/8LQUdxlQR30LMV0SQUKFMJyFsMiSsO8subb6sVINWn8A" +
-        "tL4zcQK0WiASUZOEkybAFJtP31PahzI5wfD1cikE1M4BlDij5WeaIjt/RTHKUCAwEAAaNm" +
-        "MGQwEgYDVR0TAQH/BAgwBgEB/wIBBjAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
-        "lghkgBZQMBMAEwEQYDVR0OBAoECLSUEn5d8YywMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" +
-        "CSqGSIb3DQEBBQUAA4GBANLO+kEiswkGzEh4ZcF5LtfnPZlnG4gTPSNugeWJc+Xedqmttp" +
-        "jZ35fr1hiRe2Q1UcyTd4ThkPknawwZednbsZVPqw8u1mo7kuAeL9KrCk199vL4bV8Ag/kj" +
-        "HJ8TAy40UDB6hMm7l4j8mEKwV03THVrz1Vvz59CQXj+iseH6yUNO";
-    public static final String Intermediate_Certificate_2_PL_01_07_crt = 
-        "MIICmTCCAgKgAwIBAgICAJkwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTEtUEwuMDEuMDcwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1QTC4wMS4wNzCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAu78gmT5HwmBHEe+K8fLLgGaPpcv13ZjrgL4twTBS" +
-        "OkZn5LL9GcfkPuA5WIAZkVYfCWSDPqcAGoOWUIDADfBfdcyLteUH+xI01rHKiLDVexMvU9" +
-        "vqCmcBKhxK3S6wraW5YhOO0bx4oPrZXVIjyG8fh4e5WTEykzvUWJ8ZbzSJ9JsCAwEAAaNm" +
-        "MGQwEgYDVR0TAQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
-        "lghkgBZQMBMAEwEQYDVR0OBAoECCT+fDEaN7GaMBMGA1UdIwQMMAqACLSUEn5d8YywMA0G" +
-        "CSqGSIb3DQEBBQUAA4GBANpKr98PiXAdcXlbgSgif0213H+tg3WwUNKZTw8MpqPyrN2/DZ" +
-        "HBi6e2KWXLTxttV9AZBRvcKwsveS6oc31eulMe8nHxRNRfadvF6dL3Tsig6HAQkartcJMI" +
-        "yfW4V3EhXbCdziQkre7XcR9WK5bpQoX04HWeew6YTxjG/cL9MIJR";
-    public static final String Intermediate_Certificate_3_PL_01_07_crt = 
-        "MIICmTCCAgKgAwIBAgICAJowDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTItUEwuMDEuMDcwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMy1QTC4wMS4wNzCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAr7YezMXvnkSuNCdXch2HRAEVuCqfzpVRCj6laJI9" +
-        "Q+NxgXwzaOwnImvwER3Hblh1l0MAt5/I/9hhqCN+918ueME50MkoM1wPbcmrRIlwWLGSVZ" +
-        "yBKeyPHrLbdPqVIexUlQk7PasLm/Qx4SvRGVe9IMLrEzPV3MFJtrJoWaMobQkCAwEAAaNm" +
-        "MGQwEgYDVR0TAQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
-        "lghkgBZQMBMAEwEQYDVR0OBAoECKw8JlHMvVfuMBMGA1UdIwQMMAqACCT+fDEaN7GaMA0G" +
-        "CSqGSIb3DQEBBQUAA4GBAA5JEDEDyqfZzTGzOoMV+8RVke+a4qgOo7rnOEdletgGFEwz8A" +
-        "tiMHBxR+UMxuHS82Hz3+F8XlyYIwlrG9wWVcB/tOyzgVyA28Yux9Q/meU7T6dco/AnmOdr" +
-        "2XL6Xm5iLnARG+PkUPHOsxuweyB/sSUSA8ZJPowNRWTik57ul/bO";
-    public static final String Intermediate_Certificate_4_PL_01_07_crt = 
-        "MIICljCCAf+gAwIBAgICAJswDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTMtUEwuMDEuMDcwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBNC1QTC4wMS4wNzCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA7mNS8dGz0gkXDbBRzP2ypdNMahJbM3cSMHO0hYpn" +
-        "uRsiXGUhIB0K4WVbnz6tr7Hch3yltK4H1Y12Lf8cXEETR2sE9lCY2A3r8/VM5OUbou5Y8k" +
-        "wIf03VhP7cGKonaFtlj/WD77fidDePVp1Nk28gV0T2F/l4pM5TEJrq5C9PSUcCAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAEwEQYDVR0OBAoECJBEcZsMRq6CMBMGA1UdIwQMMAqACKw8JlHMvVfuMA0GCSqG" +
-        "SIb3DQEBBQUAA4GBACfbHKpuRJnZ5UU0sih8RuywhUo6Getwl/p6fsi87wYI61pvYru+hm" +
-        "4R4eAMZvg7MrAarS3Iu3zKBU1HKeq1i+hpwTIXrngR8eL2fU/X6GPzdte3+3tjhah38bqF" +
-        "zDon+N6ap4MKWRk033SsFYo1K88Mena2tGuFForJlV9DOF1l";
-    public static final String Intermediate_CRL_1_PL_01_07_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QTC4wMS4wNxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAItJQSfl3xjLAwDQYJKoZIhvcNAQEFBQADgYEAJtaE" +
-        "I1+PCNL1/bgEVKWUIwvh58ugnWhxzbFW6hNJwNEz9/yt+FLZfNrT/Ezort4VVQFLQg7+Gj" +
-        "KrkIujqfRJG4LXrXAV8ZsvSPuwyQ+hM1GdHGDPhj9x6DkjFusxJYUEs5BzlX7ovpnaIPSW" +
-        "RPsatheSzu48pMOCmyTKE3MpuZg=";
-    public static final String Intermediate_CRL_2_PL_01_07_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMi1QTC4wMS4wNxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIJP58MRo3sZowDQYJKoZIhvcNAQEFBQADgYEALiV+" +
-        "BFpXhgTjiMZBYLVuc/fqhHcXeXOGOmJZoKUnIXjETH3rzkkt5k4tMN00ycZVgpRwn3ZyQs" +
-        "cFLcW8taau1J7iQOmGY/7qIT0eFx2OlgNmxqirmwx4OM5VSH5mEpnp9NOr1rfut1GDRzw0" +
-        "tZ+nhD/PGDXYPu+QPX6jii0vdHo=";
-    public static final String Intermediate_CRL_3_PL_01_07_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMy1QTC4wMS4wNxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIrDwmUcy9V+4wDQYJKoZIhvcNAQEFBQADgYEASY47" +
-        "p94jEh9FZ1TrPS82nWC3Z6ZKdaD9pUbaJpRnAId59QdBaD2Cxq+SfM3HTlz8grCAPKwulv" +
-        "jDDhXhp4H/m63Q/pJbyl3bbMxnphMOoDwB9wwKIUQPM5wagMovF/UYtC8MoC++m2kuZ1eb" +
-        "fR/OIJuQr+k/kD5Axhw/xolKPdE=";
-    public static final String Intermediate_CRL_4_PL_01_07_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBNC1QTC4wMS4wNxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIkERxmwxGroIwDQYJKoZIhvcNAQEFBQADgYEAMhIQ" +
-        "lE+BdCO6NBz+YgcH+tjP0n4OCdQ+7uxUxUYmPtPbsLwbDDEEZUjykgwiA6P47Cqh5fXB6G" +
-        "tfInh1cmQi3y2IEHK+bRSx321qczOh34Yx2hw5vp+JFttbQAEl/BHixklrFBrXjN0UsWGC" +
-        "ibXcZy0YjerWTp/yceoABz9p94U=";
-    public static final String End_Certificate_PL_01_07_crt = 
-        "MIIChzCCAfCgAwIBAgICAJwwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTQtUEwuMDEuMDcwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVBMLjAxLjA3MIGfMA" +
-        "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCdH60mBM1eInACvOB83zLrtiebq9B5UBlAAVS8" +
-        "9ucDwGx1HOJwhwk2AmvhN7pYuDc+BFzuNtgHojqZSDpRMA3rVsGlgOkZ3sOQzvxB73w+/X" +
-        "XmCYpwcEGLpK4egl8r1aOYm0Zm4OxqWhNu9+Do7nrJczDLi8k/qh8/+Rfdtvt4kwIDAQAB" +
-        "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
-        "oECEmVurZ+7UXFMBMGA1UdIwQMMAqACJBEcZsMRq6CMA0GCSqGSIb3DQEBBQUAA4GBAANe" +
-        "AbvpAHwBu9+FlI4DOb65Z+h5f2Ok59FVbVqAj3zkMRkawppngK3CMY/1BQlGXOlHvE+CGz" +
-        "x/7DsiV0O3rxOUjutt00PNxCyIM2pcOZeGUaAu5DJWn0SRwzTMJa4M5K+7wh/4sSPWyxKi" +
-        "ueDq2VXvIgAfEVC8Lv44sxcOduSZ";
-    public static final String[] TEST_60_DATA = new String[] {
-        Intermediate_Certificate_1_PL_01_07_crt,
-        Intermediate_Certificate_2_PL_01_07_crt,
-        Intermediate_Certificate_3_PL_01_07_crt,
-        Intermediate_Certificate_4_PL_01_07_crt,
-        Intermediate_CRL_1_PL_01_07_crl,
-        Intermediate_CRL_2_PL_01_07_crl,
-        Intermediate_CRL_3_PL_01_07_crl,
-        Intermediate_CRL_4_PL_01_07_crl,
-        End_Certificate_PL_01_07_crt
-    };
-
-    /*  
-     *  test61
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_1_PL_01_08_crt = 
-        "MIICmTCCAgKgAwIBAgICAJ0wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4wODCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsr+i9HxgO6LnOa6xOHfe9BeLVTo4iZd8rp6UTc02" +
-        "C0MmsSjvIgn3UiayU7aoHcTH8tAXSV5bn0CIH4B46qLym//oE69hUFImy6d1kKgNoaUKWB" +
-        "HztKVtswSSPjIUf7pbyp0wasYMN6fIKYyLpLXUxzA2DrD0kP2Y8ElQJKl2HocCAwEAAaNm" +
-        "MGQwEgYDVR0TAQH/BAgwBgEB/wIBBjAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
-        "lghkgBZQMBMAEwEQYDVR0OBAoECPMW3WMPtaowMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" +
-        "CSqGSIb3DQEBBQUAA4GBAH2N6S9ggfmRJkzhs82uOPXaHF62YEg1pbNxaCyJJbSt2iIIyy" +
-        "NPSlE1OufPPH3pO7p5xcYi90LCI//0tlUL8y7aULFNygbshFY3B8MSgCz3KPA3UKdtIZYe" +
-        "7lqP9/ob5wmkjtLpx6oZ4/38jxqe37pH1IwVjaUnoeElSo3EkCI5";
-    public static final String Intermediate_Certificate_2_PL_01_08_crt = 
-        "MIICmTCCAgKgAwIBAgICAJ4wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTEtUEwuMDEuMDgwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1QTC4wMS4wODCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAqZZolrig33i1rEwdP1pin8a5PgzSk7fT+qhrJRCg" +
-        "UTOW5WyPtakrLTUipDcR07t8tIe0NsjRoph7+fAwbjWBfbJdydndHHGx5BqWg8Xi4zFhFd" +
-        "6Mc5O6KO7Yqxs8lmthv/RAdL4Eiir9d9hqskKOtQKbLWz+Bz3+9NwfLGzwzPcCAwEAAaNm" +
-        "MGQwEgYDVR0TAQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
-        "lghkgBZQMBMAEwEQYDVR0OBAoECFjxM3RkbbhNMBMGA1UdIwQMMAqACPMW3WMPtaowMA0G" +
-        "CSqGSIb3DQEBBQUAA4GBAJOJKBubTS/kLnfXN5YbQfggxbO2c7DTxx2LhrnPiyVDEow+Xf" +
-        "lMv4YK5olH6UUm02D8cv6Wxg4NeTtBBnwKQG/GV4Ssgc/rrpEzM7jFRQcUzPu0jfya2fX8" +
-        "ZNBnSDjovlN6vmZHtiksjh66h3a0aVusEuOQXD29ogMR8qAGYQaZ";
-    public static final String Intermediate_Certificate_3_PL_01_08_crt = 
-        "MIICmTCCAgKgAwIBAgICAJ8wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTItUEwuMDEuMDgwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMy1QTC4wMS4wODCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAogLtEcWxzzkkIYe+KrwKhaQjjGQqy2KDsW00U5lx" +
-        "+XJoT8eKd5pxFdCa0SPn/jkNILVeh07mIHec1WF8SOeveVT4Ewd3nG/6ZGoVVq6l0j+3RM" +
-        "jpJbp26BPR69nFn6rmFUMoSNq0VG8Zl+UBqnjq83G3umJCJMMRekUTULSFEGUCAwEAAaNm" +
-        "MGQwEgYDVR0TAQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
-        "lghkgBZQMBMAEwEQYDVR0OBAoECGAFYeJIhrRzMBMGA1UdIwQMMAqACFjxM3RkbbhNMA0G" +
-        "CSqGSIb3DQEBBQUAA4GBABHamiW7sPLQ83nXt3LZemcAp4QaDB8X94EuJGBwshEcKLoOHb" +
-        "/3cZkPRbOiRQUh/YdpfyApndGFSi0DtwM2Z7yup+MzdrR0wzQoNS95A51nHE7XdCuVFemc" +
-        "LTJ5rdd2BLK3OB5lQagVLzAY9Bs1vaeXKT2Cy+gSUkTIekWcsH3K";
-    public static final String Intermediate_Certificate_4_PL_01_08_crt = 
-        "MIICljCCAf+gAwIBAgICAKAwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTMtUEwuMDEuMDgwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBNC1QTC4wMS4wODCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxVjjKlLlZzeZhamPO2NDnRtWM1oWZ3/kdwdBRn50" +
-        "o1NRXb60Ir2HjniK1dRdbijAvR5uItLe9tmj4nusBiaPUGM0HNlEdQWSzble8rvUsP0apw" +
-        "uJusV7zLvzwwbgLbMYT+8lMhxWXM34xszP+dgjWASQOVao1Uqs/MLLibOuueUCAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAEwEQYDVR0OBAoECFMFrvh2hQ18MBMGA1UdIwQMMAqACGAFYeJIhrRzMA0GCSqG" +
-        "SIb3DQEBBQUAA4GBAFsCOJ4DzuMOKti5PvF71ZKOtcTHSv123ZNdPIbK6OatT9YhVuUOYB" +
-        "AjMavggywrb+QOXOFfJMctQlS3y/JE9YyoNNt/4UTdx1jQ3I2ablonmzjt8eN5GJ9jUXth" +
-        "fHjxnmGUeWlAvwMjEdzdigkyuWCi9LJfjyHtTjSf9n7w2rU+";
-    public static final String Intermediate_CRL_1_PL_01_08_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QTC4wMS4wOBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI8xbdYw+1qjAwDQYJKoZIhvcNAQEFBQADgYEAG2Aq" +
-        "R1oelnrTgh56m6Mm+Lsm0Sf+Ot1W7LzZmMDwoZgmGLcTduVktx+XrtiDDWsf58hmneT1q0" +
-        "5wl4yNH8y/VCAA3SM/gOq4ddOEiS8GbuEYo5P/julH/U3g6M0vfPUZ5y+7V0s35jIbTkjX" +
-        "76n3Rhf88nvTscYvMdqrYyUhAmg=";
-    public static final String Intermediate_CRL_2_PL_01_08_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMi1QTC4wMS4wOBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIWPEzdGRtuE0wDQYJKoZIhvcNAQEFBQADgYEAX/+I" +
-        "DkAx7PLTi2x6aYbLacPRaUSjMne84MDaEkYiA64Vo3eL6FbKe14z2mBsM2W7x8xDnxjZ0N" +
-        "RbhcFZ2E6A1ct6HMunuKxjoROIsdWhrYMqJfKKMTWMviz1UjtupsGUWS0dVQCquAr6DJmr" +
-        "W88P8wgiVH2VZsc+edDmCGDunrI=";
-    public static final String Intermediate_CRL_3_PL_01_08_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMy1QTC4wMS4wOBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIYAVh4kiGtHMwDQYJKoZIhvcNAQEFBQADgYEASw1+" +
-        "6rGDKgpUtXcCziQCjy8mHFD2zV6x/Ppxm2Gj0U+5eFnIbMPmr4TUYwfSOROUycsiJX/Wa8" +
-        "HEuqWJhIdcsHMA7TYf0iSXK597Bljjg4F/1Rgz0wqLjgMuA59eFbKjJ6zP1E6Sv2Ck0Ea9" +
-        "HJsv5zFA1ljVnNWoQwoHsuLk/wk=";
-    public static final String Intermediate_CRL_4_PL_01_08_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBNC1QTC4wMS4wOBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIUwWu+HaFDXwwDQYJKoZIhvcNAQEFBQADgYEAHHKd" +
-        "U1SccTsK99BUDrvF930ejNRAvHQM9xv80wcUAy18x+TLwBH8vDTmP210/C5Zk9pQs+rLDd" +
-        "doQQbWJrQkznyB1OSK0T41KZ9L0UE+YmFGJjz0PEzYHV0Kc57j5uc7Fsi8Xu20Y8JeTaJs" +
-        "FUXVsvnCuoSxYmwY1futFWHJG7Q=";
-    public static final String End_Certificate_PL_01_08_crt = 
-        "MIICljCCAf+gAwIBAgICAKEwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTQtUEwuMDEuMDgwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBNS1QTC4wMS4wODCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwgNkhQrcqmjhkES6DNAW3uQLKILcFlrFvOlWfDPo" +
-        "ngXzCKeed85npqL+Enxo4sLarEiywuDLrDgPf0gKnZXQWBmzWViZhvTsiAemH7iNsNS68s" +
-        "hhb0vnLzlPpDUJDv7KVKW8VbM7nvplKptlEE6g5kmj3iEmM4l2u8Z/pmQoTsMCAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAeYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAEwEQYDVR0OBAoECLfApJ09y/ZNMBMGA1UdIwQMMAqACFMFrvh2hQ18MA0GCSqG" +
-        "SIb3DQEBBQUAA4GBAG2ANLc/ib9ayz0B0L6/XQf/xuwETEq8kb5vWml/PbcFD1b/uwRHI8" +
-        "vTvM559nZgtzkhS5ZAvNBTh1CB9Ox/nugHc4srbH6/Wcd94pMQx/sfCB/C6zZ5Tbm7Y4jp" +
-        "hkjnxwGUYTvgNzxmaAPLyCfqY7KwhCSzns2M+yuncEKqlzuT";
-    public static final String[] TEST_61_DATA = new String[] {
-        Intermediate_Certificate_1_PL_01_08_crt,
-        Intermediate_Certificate_2_PL_01_08_crt,
-        Intermediate_Certificate_3_PL_01_08_crt,
-        Intermediate_Certificate_4_PL_01_08_crt,
-        Intermediate_CRL_1_PL_01_08_crl,
-        Intermediate_CRL_2_PL_01_08_crl,
-        Intermediate_CRL_3_PL_01_08_crl,
-        Intermediate_CRL_4_PL_01_08_crl,
-        End_Certificate_PL_01_08_crt
-    };
-
-    /*  
-     *  test62
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_1_PL_01_09_crt = 
-        "MIICmTCCAgKgAwIBAgICAKIwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4wOTCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA4slldx8rhfz5l2i0rwib2McrCyQkadTjJRoEGQCV" +
-        "xT0dmw7GhDa6wJg2ozXLLk5y7ZCwlmBOTEoNbigHvcKSnJT8R/S+F4KqBz5d5dbRMNEKYz" +
-        "jdbD7Sm7id+eyfq1s5cpmta2lBJ5gTaC9YPSOY2mucGcJ1muYzdOc6h+PCCNMCAwEAAaNm" +
-        "MGQwEgYDVR0TAQH/BAgwBgEB/wIBBjAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
-        "lghkgBZQMBMAEwEQYDVR0OBAoECO7tq4dJC8OgMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" +
-        "CSqGSIb3DQEBBQUAA4GBAHbth0HjAygIoWVrz59ZBPntOn5nzgUGpH60aSDOS6i9ZOKSoC" +
-        "7wCOEt6IpKO7M7SNznxaX2uhFTYotneyq3qENvqZVXKhE6wQRsdK4kG10cxSB5AXPHJRgk" +
-        "W9+p+Nb0iYVKwHdDCW8KHYIroGhSkKxuflwxhK6DcwQuA7y5q7r7";
-    public static final String Intermediate_Certificate_2_PL_01_09_crt = 
-        "MIICmTCCAgKgAwIBAgICAKMwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTEtUEwuMDEuMDkwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1QTC4wMS4wOTCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA70v7BFxmToZHF5M29JK6N0Ha6n729cv1U912mH9O" +
-        "NTz9tafa+jv4W7njScv21CJbNlUO5rlAFcTlXY0U9vbqHEufhtwRQqi7+pkfa+Ig8bwl26" +
-        "4U8L5rgmSvZJpEiiKfkmF2Rz9+zPPhHjk58ZcKoAcyhOdZ60KqmaaU/TVtEq8CAwEAAaNm" +
-        "MGQwEgYDVR0TAQH/BAgwBgEB/wIBBDAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
-        "lghkgBZQMBMAEwEQYDVR0OBAoECKOwR13+P/BlMBMGA1UdIwQMMAqACO7tq4dJC8OgMA0G" +
-        "CSqGSIb3DQEBBQUAA4GBAN71oLHr0+uf6zCOC5L7oeCOGMUwvZyROu8eTztZrPYGjaamSm" +
-        "Z0ZmUPOJP3g5nO6tHf34Tb9CTkwPdPicEaXuxflkSbJBV3mUFQ1BUDlyYTuaL8uT2N61dg" +
-        "xt5RgYTIGsW3/2XrRvXsH91gSiEkccoUyjKnQcX3oZmEeITb6H8m";
-    public static final String Intermediate_Certificate_3_PL_01_09_crt = 
-        "MIICmTCCAgKgAwIBAgICAKQwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTItUEwuMDEuMDkwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMy1QTC4wMS4wOTCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAwMLmDs63ai7i4xC/1ufMFWeigJAlbKWMti/PeEKi" +
-        "7LBfNJDRaO+1kde6QIo1vhkhKtokNu9ue3Rfo1+xGuZVohjRbHnmamEm5G3jihegPQgGCR" +
-        "fDZoJDI9HMbwBa0RWw1Nes5igIVjdSHQKO/XTul1yyF2Dt03K2qeLwes+2FyECAwEAAaNm" +
-        "MGQwEgYDVR0TAQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
-        "lghkgBZQMBMAEwEQYDVR0OBAoECPEAjG80q0FoMBMGA1UdIwQMMAqACKOwR13+P/BlMA0G" +
-        "CSqGSIb3DQEBBQUAA4GBAN9eiZXma2n0XgzdvYrlV/IEqBIhpcZ7gycjDumVBVITZJD2sJ" +
-        "bkBi+N8dg7uovgxGxWGsyxqgAboLhMgbpbFzGh+HyIhQu/CeAx93PWYc5rP2l2Y8d7KJvk" +
-        "p1GZEcG/nTakpjxTQ5MQYFsOHVsnDDOyaZYvqPuMrwGYsfoUa1wq";
-    public static final String Intermediate_Certificate_4_PL_01_09_crt = 
-        "MIICljCCAf+gAwIBAgICAKUwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTMtUEwuMDEuMDkwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBNC1QTC4wMS4wOTCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAo4L9QEqzq2VXzkZI3cvUWR5v6vreKKQPfJPfEwNH" +
-        "nMS0cgDjC4Fnw9ySI7Eb4A/OJGLIyg84mzTl6JX3kGoYr9/bJ8jOD7pN6CljXuHpwwmd7L" +
-        "6Nf5Hy0ltjAIr5s67e33OWdPi4gApS4FN6nPSDkZotY73d1xqJYQQZWuNEsGUCAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAEwEQYDVR0OBAoECLfU7BuxzXeCMBMGA1UdIwQMMAqACPEAjG80q0FoMA0GCSqG" +
-        "SIb3DQEBBQUAA4GBABmQZOvwRpVsTD8uazfQpLJUZkuTap4OOPHie5xJsvOhGend2k+LiP" +
-        "7btGoFrqmkyVV/+dNA8+45SRsnoOtgctiF2ubeqIvd7xf/J5C9Cmo+T89Mt7WEBEuDmEZm" +
-        "JPXvOvyh6lRcYVSBnvVW5ZSstNAQKa/8xuyN0OrE1hJWbucn";
-    public static final String Intermediate_CRL_1_PL_01_09_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QTC4wMS4wORcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI7u2rh0kLw6AwDQYJKoZIhvcNAQEFBQADgYEAbXc1" +
-        "QgR2TAvOPqJmRFFrDQkPVIVyEEDTwZy5aNnoAKK+AmJ5FZkBtbPJ8qt9UeYRh8lbX8+EIk" +
-        "tyrAKw/1Kc3h7RDqAQ/p8t8kFwVQh2l4KTIukV8hYcj5sMKlt5f49ZwzWPyoOaLDomiUfI" +
-        "OY/jaDMw293AjQXxGCDtnaTvh0o=";
-    public static final String Intermediate_CRL_2_PL_01_09_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMi1QTC4wMS4wORcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIo7BHXf4/8GUwDQYJKoZIhvcNAQEFBQADgYEAq6en" +
-        "XtvIdh/DifGzWn11hqJIZxLQDGJZPoMmwSOLyB6OzsPrIg1xkOWZYEOELTR8+qP6emmx+D" +
-        "CaEbUDLj60rso0gRQCBwTgHgjeMRpv8fGnV8MJgMv5BdzsGAGQbLSSY9FxtqeCPfZ6olHC" +
-        "iUIopdZJZP8ZvGKQ6QGaMnLpJ78=";
-    public static final String Intermediate_CRL_3_PL_01_09_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMy1QTC4wMS4wORcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAI8QCMbzSrQWgwDQYJKoZIhvcNAQEFBQADgYEAraCx" +
-        "ruxopFbKvxOx/CIF4niG27ABB2ZwU6n4NBGYHo1Y9NjuytjjMZvQjMHyoayqpnF5TA1vXL" +
-        "jXjI3VgQcK7A4ah/0FNLFGtczyY8kXXrpbmdg8+xdNJEG3/e5rDW5VSf7OY1XqU85ySUJQ" +
-        "ZR5uiy8LxlDdaIT4WT7X5ezs3wk=";
-    public static final String Intermediate_CRL_4_PL_01_09_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBNC1QTC4wMS4wORcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIt9TsG7HNd4IwDQYJKoZIhvcNAQEFBQADgYEATtjA" +
-        "BdSZYnIbv1bCL+aSiioJg9S9yWGD1mjsA/CDzvkzSffeSpvqaSy+Zwwf+NDMMG6Cs+SgU+" +
-        "sxQdJALAbb4sYGEyXj/Exh9BYHvgoVahH4NWuhm6LIN8RTcMDAtGoGYFNGXGuT8XRBUJZ/" +
-        "tH9re3gpWaE1rjWeB/2ZBR5ONcM=";
-    public static final String End_Certificate_PL_01_09_crt = 
-        "MIIChzCCAfCgAwIBAgICAKYwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTQtUEwuMDEuMDkwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVBMLjAxLjA5MIGfMA" +
-        "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC+g1Puqjn+/Of35mqVVUricIV5x+bpZRCAgBDh" +
-        "VYcmZFXLB/XnRd/mYTu0RR4ISEerC1km5tjGeCN2k3NGdZwz/wEh9kEL8WikSqpxUSUD/N" +
-        "vQbliz4f3YECLcpNXKzkCvszeB5ZGHa0sLYDg3r62wy+1y2rtcrHzFEoMFgnnruwIDAQAB" +
-        "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
-        "oECANGcL2klYf7MBMGA1UdIwQMMAqACLfU7BuxzXeCMA0GCSqGSIb3DQEBBQUAA4GBAHm+" +
-        "/vQ7VxDry3VqiqKnNoOhAHTTIUphNWF4jddRqVc32IsjVaeTbcGwCIRflRm/lUplRvXXxb" +
-        "JEbW9mP3nfTCREUdm49hjmo/szsPjgosFoEmuEKXThC81/y2vQkb4/jqRoOHEknU++38EU" +
-        "Juv6Y6psZNa37x8Yn3i7S+b3TM2q";
-    public static final String[] TEST_62_DATA = new String[] {
-        Intermediate_Certificate_1_PL_01_09_crt,
-        Intermediate_Certificate_2_PL_01_09_crt,
-        Intermediate_Certificate_3_PL_01_09_crt,
-        Intermediate_Certificate_4_PL_01_09_crt,
-        Intermediate_CRL_1_PL_01_09_crl,
-        Intermediate_CRL_2_PL_01_09_crl,
-        Intermediate_CRL_3_PL_01_09_crl,
-        Intermediate_CRL_4_PL_01_09_crl,
-        End_Certificate_PL_01_09_crt
-    };
-
-    /*  
-     *  test63
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_1_PL_01_10_crt = 
-        "MIICmTCCAgKgAwIBAgICAKcwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1QTC4wMS4xMDCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAr4LmuvhSms70CnuAHIHwz45csKvBPVtcDjA1tWNb" +
-        "NIvvNHBzyt6G8U4CTVKmsFAZOzrWJem3b/ZywM1WlDarGJAAa/SRIYZ/jQwaOIoPW4OUfK" +
-        "ZQI6MO7uAPcIQ4ugtPth10viVqZYLZn/6O26Q905YsFltuPFl64KrJVJJBlLECAwEAAaNm" +
-        "MGQwEgYDVR0TAQH/BAgwBgEB/wIBBjAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
-        "lghkgBZQMBMAEwEQYDVR0OBAoECGRn9ckrcsEdMBMGA1UdIwQMMAqACKua6/nC51SPMA0G" +
-        "CSqGSIb3DQEBBQUAA4GBANK+1qalm7Nl+PJHT9nQLVJ3ruQNAoMlH9fN52Q9BZCr30iWCd" +
-        "+GhQIPRjxZ4GWojMnqbWzYQsxIR2PLdFc6SwjQrq+i2ES/LePDtaLQddS44/+GP/+qDpM9" +
-        "Mqp3/Nbe1MfOKRBT57qgrxa8eUVieysoKeYX6yQpa8bab3qDwOTH";
-    public static final String Intermediate_Certificate_2_PL_01_10_crt = 
-        "MIICmTCCAgKgAwIBAgICAKgwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTEtUEwuMDEuMTAwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1QTC4wMS4xMDCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAx5tMLJ3LRxi9jAzCSNkj8zyrSO0cImNGf6ZCIzEU" +
-        "V8LrmXjgiZboPTh9LWQ3msWDLpzaxVxDLBXG3eMO8ys46TfJKciyeoiB8wfuNGMKAccm8u" +
-        "43XjWs1KAdNikWEZupYPgdmA92oRlVcHshG9PqP4+xA6sydpu3V18Nyfa0n3MCAwEAAaNm" +
-        "MGQwEgYDVR0TAQH/BAgwBgEB/wIBBDAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
-        "lghkgBZQMBMAEwEQYDVR0OBAoECDE3dDXkS7TxMBMGA1UdIwQMMAqACGRn9ckrcsEdMA0G" +
-        "CSqGSIb3DQEBBQUAA4GBAE+8cyOUQ7y4atc4BlZNZvGNRZ63dbGDCM2AItTEAf4ETM9v7j" +
-        "biUWTirJyoWsGxm2eIUk1V+EKxcuO3FotFUe7lS6thmVd6OYOSW+02RXMNklmptzK9I3AK" +
-        "DZNh82ugLNyrrd06BSiED+0MoGVVI4gi3wdFtRiai+MgQVeWIB4i";
-    public static final String Intermediate_Certificate_3_PL_01_10_crt = 
-        "MIICmTCCAgKgAwIBAgICAKkwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTItUEwuMDEuMTAwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMy1QTC4wMS4xMDCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsmSUL/UZBYMdqU0PecjCd+9U+1Ld3mKkH303Fido" +
-        "K6k5S4ZObxVHKhYDJyp3CcVT2+nENjzIfQQQaA11UK7Uf/jmVs0IC8e2scWzq0W2BeOLef" +
-        "jVgNgXGsXyfLi9T4KJPPyGsKlIU2R2xKxgHmAOt/tw6OYX/OaEfM1jiQza5lkCAwEAAaNm" +
-        "MGQwEgYDVR0TAQH/BAgwBgEB/wIBATAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBg" +
-        "lghkgBZQMBMAEwEQYDVR0OBAoECHYI07i4owpIMBMGA1UdIwQMMAqACDE3dDXkS7TxMA0G" +
-        "CSqGSIb3DQEBBQUAA4GBAK23Kx99Y9HtFBVnHWW/NfvNro7I5Wx/ZCko6ulHm84FPAjhnL" +
-        "tvc4jmfAZd0wYPKQKWwUKUDWNEwIU1qkxyJYACckue35GLzj8aLY/z+h037vGonFmNutMM" +
-        "rcRdiV7gVD17dYLVTt0RgxsDVDtut+twqHgIaKtKyJnl9dSgFFv1";
-    public static final String Intermediate_Certificate_4_PL_01_10_crt = 
-        "MIICljCCAf+gAwIBAgICAKowDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTMtUEwuMDEuMTAwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBNC1QTC4wMS4xMDCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEArgBnLCnqI6Sa7gXkZOvIKH4EL5i3CoG6eGG2R8aA" +
-        "kjBs78IKGYj9gY7rRajAKSpf19zvfcW8+2gBDDj5AoCy6uDnBICmqdu+hkdokVi8dJHiTU" +
-        "9LdS2TeuvFv47eiXoEBjMEAquCuSyHvW3lNrA+ESTnK3s7V4lBoO+o5mZD6dsCAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAEwEQYDVR0OBAoECLTgYziQC9zmMBMGA1UdIwQMMAqACHYI07i4owpIMA0GCSqG" +
-        "SIb3DQEBBQUAA4GBAEx8wgBjBglU98rocddKAEKXkt4MNzrpUMq75C9HtnuOtFgM2oY/OC" +
-        "x67aZSTEph9ag6Hc+MyxWB5rzGD9j0y7OLsasE9AX8vjplUq50wq1xAFkGi1GnqRK/Oe7D" +
-        "S6R66+UFHW/3KAeNe96aaJuMcx0TRbfkGbW1ASSi/ixMd9Gi";
-    public static final String Intermediate_CRL_1_PL_01_10_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1QTC4wMS4xMBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIZGf1yStywR0wDQYJKoZIhvcNAQEFBQADgYEAjkY5" +
-        "nXjLst8CMz0fyEM7Ft2d9TOOJXV4TMAfSAP9QCnit8qzrdVdJ6TJIsJNZYBz9Ryr5K/iSw" +
-        "KbYk0g6y/pskcMoHG3vJwNAxBbkf+fV7Eyve+90Z6oWDXHKLGCQQpdZ0a0wAqYeiScok8+" +
-        "YHypEVLfbjWARR9fsci2Ps3tdvA=";
-    public static final String Intermediate_CRL_2_PL_01_10_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMi1QTC4wMS4xMBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIMTd0NeRLtPEwDQYJKoZIhvcNAQEFBQADgYEAdpTU" +
-        "xcywBjX2rD8Gu6zkDqlDmZfRXHDPtnf2RB4bHDx77kDEib6nH6DGoJdx8WnRTZsTjly3MG" +
-        "62LfVmjp/bJyKHUQqBDrilv21EWsaI9JOr673Nk5iTZa/645GdgyLzSmxvcVDN40BAH0py" +
-        "/2gvBQTPNzp2W1IR2mebuLdHwTI=";
-    public static final String Intermediate_CRL_3_PL_01_10_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMy1QTC4wMS4xMBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIdgjTuLijCkgwDQYJKoZIhvcNAQEFBQADgYEATVf2" +
-        "cEEGphsIe0AsqNJ5rENLe8DeDAV8R4XCKdeP5qmHmLMm9Z4pX8bIfU7bCoXiNIwGvIU6ag" +
-        "FmHPNHEj70cQFVqCX/ZESc02hit+Os9g7pcl7s9QgwVUCMZdCiF/+pSEp3eCL5tFoKmAZe" +
-        "nxkL0KOSuKmBzuqRtZufbhDvmbw=";
-    public static final String Intermediate_CRL_4_PL_01_10_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBNC1QTC4wMS4xMBcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAItOBjOJAL3OYwDQYJKoZIhvcNAQEFBQADgYEAbG2B" +
-        "BhvRQ1pY/8VFeiCRFD8mBzq5iW5hWv2P7Zdp9zEbQo0fI4Kbis3OGemEttCxvAc/UPfogr" +
-        "UudImf3s8sLV9BS59xQUGQlxZ5XBNlripY8EjHNWrwgy7/x4hzlZ9yYBbqoNOqnHLy/gbM" +
-        "XZWoCbIK0co70lh1soOQ6eqLDKM=";
-    public static final String End_Certificate_PL_01_10_crt = 
-        "MIICljCCAf+gAwIBAgICAKswDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTQtUEwuMDEuMTAwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBNS1QTC4wMS4xMDCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3bx0qx8s4Zse6Ri6NqkLEKUPLIOhTFj/9Dh7sxvE" +
-        "HpemBlTjbp2in08WTxEb9n8iAIWuGs3Vqm82ttBQmayjIaWD5oE/BE0oV/e91NAv/aRLsl" +
-        "f7VtOb6vi8Ef6muOAjI2dUaUD6QONkqkJhnZ353uR3LZnsAEAW+InePGFNEGkCAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAeYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAEwEQYDVR0OBAoECIokB8m8Vi4QMBMGA1UdIwQMMAqACLTgYziQC9zmMA0GCSqG" +
-        "SIb3DQEBBQUAA4GBAKBGQwZQLQFXb+/kjP5xAtq+1rRtrblytjpv3ujJrKH1v2VB2+9boB" +
-        "0YYYGJTy2Wuj0ZBEMeTzMO8Hol4Mq9pnYv5DCmfnZN3FuDidgnRsCjM3ZL7NcXXG9YwlKF" +
-        "G2SXj0YfkSwN9gnyN11W8i+F/OSjlm+TDKHB3ePMcY8EnnXy";
-    public static final String[] TEST_63_DATA = new String[] {
-        Intermediate_Certificate_1_PL_01_10_crt,
-        Intermediate_Certificate_2_PL_01_10_crt,
-        Intermediate_Certificate_3_PL_01_10_crt,
-        Intermediate_Certificate_4_PL_01_10_crt,
-        Intermediate_CRL_1_PL_01_10_crl,
-        Intermediate_CRL_2_PL_01_10_crl,
-        Intermediate_CRL_3_PL_01_10_crl,
-        Intermediate_CRL_4_PL_01_10_crl,
-        End_Certificate_PL_01_10_crt
-    };
-
-    /*  
-     *  test64
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_RL_02_01_crt = 
-        "MIICljCCAf+gAwIBAgICAKwwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wMi4wMTCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA3AN+Y3Hl/9V0nKXHQotb/cA2VfZc5vrRu+ZjwKgK" +
-        "6KasGegAorKSTybYX/fTbnaPwykDPfSscAnzAW5WdF9+wTLmvYc+6pkcx1ryKkGmofFMXi" +
-        "bZ5LUO/oK0iuNjBKfLdWoi+hpciKyPb9Bs8SO/svKSNqTEbn9ts3q6tpbngoECAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAEwEQYDVR0OBAoECGXQ07qiAqv2MBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
-        "SIb3DQEBBQUAA4GBADKtN3OOaRdte0X4xLC6nTGaK/u7IEKQ0DjduDHwJR5w27zefrx48Z" +
-        "dlq8t5lAfQJqWmfk7iCIW1QJPLcZOouWDP2S9Cb0YooGQRIEkMjpBn3Xufx0XUphtCDs3W" +
-        "9LAMVXqfuce1tpZ6Dvrh6/H2X8rJMU29Czsz949bh6tcsHJi";
-    public static final String Intermediate_CRL_RL_02_01_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1STC4wMi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIZdDTuqICq/YwDQYJKoZIhvcNAQEFBQADgYEAxrDH" +
-        "zKno1mkJqPTub0c9To6jC3CGTilV1E12oD0kFjkXqL40+W251qQ2wMC+G7ZrzBIc5dRuJ9" +
-        "3feHZ7cc03/s3TziXDvSyfNOYpHzkPwT48HuSgBYgJ3uswwk+tDiA64NzbOJqssxxhFRok" +
-        "9OpwC8eQkzgpA3a6816v2I3XL9s=";
-    public static final String End_Certificate_RL_02_01_crt = 
-        "MIIChzCCAfCgAwIBAgICAK0wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTEtUkwuMDIuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjAyLjAxMIGfMA" +
-        "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCykRGcIKuxia47yRmJT8XpNNi2LTTbUUTteIBp" +
-        "DZBfz2ExeWLruO9Rn1/oB/EP+4apx4r9rQ2tGsvr/7qQYeQK8W7eJzZgvxFadY57IMfUNq" +
-        "1nEnj0ZvuWrOSf+K9v6FWX5Y2uyZS5Uvb1VVQv0Ev890+yXTtthPTjepk3JkkouwIDAQAB" +
-        "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
-        "oECFIkVrx7NRAdMBMGA1UdIwQMMAqACGXQ07qiAqv2MA0GCSqGSIb3DQEBBQUAA4GBAI+B" +
-        "T6bFZruoeFHXsYVjkQ42jSdYB9JuQkG7JLKte5gGlhyR+jMlJBzxBgNIfvlmYSnbRFPbE8" +
-        "eqsGm90hJJoUuVMkm0i03H13uddlS494O6HhTGpaKcYwp3hbLhVcaY3wFTqTCuZk1T7Oxq" +
-        "ggTrCDYvNH+/ZpQuy6nB/FH3SAHS";
-    public static final String[] TEST_64_DATA = new String[] {
-        Intermediate_Certificate_RL_02_01_crt,
-        Intermediate_CRL_RL_02_01_crl,
-        End_Certificate_RL_02_01_crt
-    };
-
-    /*  
-     *  test65
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_1_RL_03_01_crt = 
-        "MIICljCCAf+gAwIBAgICAK4wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wMy4wMTCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsZG8wsV3Kuo+jtnKxLYGBuAqQwUh6Cs7ioDTNUFI" +
-        "UDDJ0lOP1HVTMBA7DEcyTCGvnQ02dEVVuCddBTQvG5RvW7G7cCEW37cS56/3yPsU1bD/cp" +
-        "3C1pPJpoun04va91Sxtgcmx7jnz69QPVrucu6aI1sZyeOlvzb8K7DceaAfR98CAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAEwEQYDVR0OBAoECMNzJ3SpyOLxMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
-        "SIb3DQEBBQUAA4GBABo7oKmQilgji3w1tGz1cMrWxZxqGJqOAKcHywli+oxFo2oxSfEuFS" +
-        "tN2aEd2Ja5HU5a0ySztvByXF1TTNurGez7ARxmcS2kpoQtQXTloywza4A5N7iQwk0yyo/E" +
-        "J4lrXUfVRwZHr7FwA7qMODtFb0+Zivv9JLaq19GhnRhzZyWp";
-    public static final String Intermediate_Certificate_2_RL_03_01_crt = 
-        "MIICljCCAf+gAwIBAgICAK8wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1STC4wMy4wMTCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAt7yNq1QZsV3p7OR8rgPuY7x7Bvs+nPhcLR7zFOgR" +
-        "+plQUwpWQ2PhuzReVV4jNasKtNK9MIWoeV+eV3pEiso5obb9+Byvha1F6gkYNZMPs9Iv86" +
-        "cJSMtownNJVGVAL9FEpof1QKLp7kfn08EjkoGmGy85xy9uFytd2S8n5TlrBqcCAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAEwEQYDVR0OBAoECAVwoCPFqMtqMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
-        "SIb3DQEBBQUAA4GBAL9GufFieduzBJaMtsXtKHMf64O/KAGLSh1YDXS+a7Ku+EFw+WteKU" +
-        "Ob6+c1m7VH9P711eATQoACotCdKusPECqeYDEmT9keqA4f7cP4VcvGwhvSVQJsPuB3LL3S" +
-        "LIILE4zhT+O9G+5v+mkG/pEDirRYk6ZkdM91bsUuzsX40uyn";
-    public static final String Intermediate_CRL_RL_03_01_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMi1STC4wMy4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIBXCgI8Woy2owDQYJKoZIhvcNAQEFBQADgYEAkwyA" +
-        "I1rrz6tOmEpBHDzuJfqY2nbXCIXFN6dVuaKNZWHJ4ZNIc4/t29Wa5GgXYrVXyXRcXP/u5k" +
-        "NEhOX2/NwCm6vL8+tclYP5qPLrh/Dk4v3nvcTFLKCvclAbf4Il0zfMQx+RRnO5PPqPDu5i" +
-        "1tHHwOtA8Q+oO71lZEwPE+pX1Sc=";
-    public static final String End_Certificate_RL_03_01_crt = 
-        "MIIChzCCAfCgAwIBAgICALAwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTEtUkwuMDMuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjAzLjAxMIGfMA" +
-        "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDPGLfi8/T5p63cbGE98mqO5VzkeI1r2/2TLgvY" +
-        "RpL1h8i+CVYKoX37yYwNXf+HkHhj1OXJSNrm7853ctmDf2h1fv3f1+qJLg4VRVzlEgErNq" +
-        "74OR7XLXV77kGOmhip2g5BF5VKeqAdj0pCo1E5ZFHpRPFq/0DDmSda6GKJ6Dl8hwIDAQAB" +
-        "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
-        "oECOHM3uWxFmcrMBMGA1UdIwQMMAqACMNzJ3SpyOLxMA0GCSqGSIb3DQEBBQUAA4GBAFBu" +
-        "doX0TZK/yoUcrSkP8AtFiv5c7QvyEtigFZTT+lbW/g4RX/oJGNZCu78yAxCczl+Z6ft+0V" +
-        "wInwahjyyAgw4QXxtw3b9CfqvT7HH7hcQ6r9ZA/NA9XpzNtxKfmXjzCZWdfmLJrd8KCnU/" +
-        "utKRAObRBKiaTGa178SEWvtkoIXd";
-    public static final String[] TEST_65_DATA = new String[] {
-        Intermediate_Certificate_1_RL_03_01_crt,
-        Intermediate_Certificate_2_RL_03_01_crt,
-        Intermediate_CRL_RL_03_01_crl,
-        End_Certificate_RL_03_01_crt
-    };
-
-    /*  
-     *  test66
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_RL_03_02_crt = 
-        "MIICljCCAf+gAwIBAgICALEwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wMy4wMjCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvoTuc2LYBOhziBe02f6F8l9MwX74O1lknBcJjGvq" +
-        "JcirQx/6hQgBQT4hz4RRXNy7DSBr3swEw4eDNSeyd6kvG0h9oI3+SVmVyPPVi5eKDL1roI" +
-        "OBzmfx1+Nn/CnwOf8VroKDutBBQ0gJ24IEjwp6er/8hEAVN/yIjIi/MTFeoRkCAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAEwEQYDVR0OBAoECKtCUOlmMPu6MBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
-        "SIb3DQEBBQUAA4GBAI9x8O/JgJuZV/s4OBUy3AvcW9QP3HWWBQSdxUdjSosT2schjn7wrR" +
-        "gttL7vWjT1djsbATAHa5C3inG+VjGIq/NqWaPoHAucRNMs4oZX2ACZFuBLOb/qhywsKh5+" +
-        "bjv4QgtqkUedzEratY6yQiJSiMSJVJSMzHosTVMX7oOp+cll";
-    public static final String Intermediate_CRL_RL_03_02_crl = 
-        "MIIBcDCB2gIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1STC4wMi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWjAjMCECAg" +
-        "CyFw05OTAxMDExMjAwMDBaMAwwCgYDVR0VBAMKAQGgIzAhMAoGA1UdFAQDAgEBMBMGA1Ud" +
-        "IwQMMAqACKtCUOlmMPu6MA0GCSqGSIb3DQEBBQUAA4GBAAEZ0Hg6sKiVXIeK6zbQrKtMMz" +
-        "Vz2K68+SqN1LAjlNW6u+HSTlAvhRIFO1Hv5Zj7qbO226rLxas/X2XWXpMlm84NHN8T4dZU" +
-        "4Yo5rhhpCHckRxNYn3AFcfcV4ra1rrTtdx8e7e7/m0Ghog9Ny52ZuQThasL9caF0JxUx6d" +
-        "zbBHPm";
-    public static final String End_Certificate_RL_03_02_crt = 
-        "MIIChzCCAfCgAwIBAgICALIwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTEtUkwuMDMuMDIwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjAzLjAyMIGfMA" +
-        "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDNb6HGPRDulLMCCyCq6w2X8rHPtm1gN68JXFkX" +
-        "j/BZsHhu29Z9hXj76hO//7O775EPVMSLyRy8t15yzYpXfZRHFaGB5bs8U2R5ClvsD2FR0H" +
-        "t0JVfU6Ggn1lhO+jOiguJtXVRjofsfvHuiOe75ctaJ9lBpgwiV8tk4VRKz2e5xVwIDAQAB" +
-        "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
-        "oECI3Gy0TgXMrwMBMGA1UdIwQMMAqACKtCUOlmMPu6MA0GCSqGSIb3DQEBBQUAA4GBAISQ" +
-        "Qh9+7D6nk3FL5YQOzyZ0BSHQYjpbIVykJ+Lr4jBPKyGgCqW6jqWNg7X4waB77J2z/OkavY" +
-        "A6qtpsk8r2wmG9thi8JyZZNhYMxAszHzFbBmSoxGRMvI0XarxgIu8Ky6V7jKVDLz12C3o9" +
-        "H0yd+nZXilCD+p9BTjjg5bGUogJS";
-    public static final String[] TEST_66_DATA = new String[] {
-        Intermediate_Certificate_RL_03_02_crt,
-        Intermediate_CRL_RL_03_02_crl,
-        End_Certificate_RL_03_02_crt
-    };
-
-    /*  
-     *  test67
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_RL_03_03_crt = 
-        "MIICljCCAf+gAwIBAgICALMwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wMy4wMzCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAu/o0uxgTrAvNDrMNuG2eTla+AmkLVCIXBbsIo0gs" +
-        "tLm29tLwfBh/8l5OC0y6Xeh5lx+NLdelsiZGRNaaWmWHj9Ji5V6rclr8sXRDUjxe12zLeh" +
-        "0G+a0TfpL380cx9RItqQyA1ZRiUNymmJHnm13hwrf7LPirR9BMrtyTT2EI3cMCAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAEwEQYDVR0OBAoECHYt39LYdEn0MBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
-        "SIb3DQEBBQUAA4GBAIoSGa7MxnOuHoWM/BoJKsCeBmBHYCYDKmQ19JfsDHW8z8oAFiikFb" +
-        "Gtw1Qpc0GFfJgN0cppaXfe5lDS6BWL2dPorhu3URfXKu84ATLwGmNhqLDY7zh/zPvLtG2m" +
-        "izaMLC6ZwZL5KELpYpcP15EHPDquyP1xpV3fT17GjpG9IH8k";
-    public static final String Intermediate_CRL_1_RL_03_03_crl = 
-        "MIIBcDCB2gIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1STC4wMi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWjAjMCECAg" +
-        "C0Fw05OTAxMDExMjAwMDBaMAwwCgYDVR0VBAMKAQGgIzAhMAoGA1UdFAQDAgEBMBMGA1Ud" +
-        "IwQMMAqACHYt39LYdEn0MA0GCSqGSIb3DQEBBQUAA4GBAI3HsXanos/N6uO3QVUaBZzmCt" +
-        "w1HCHMrLVG614YlUQiEedQ/oEc7dwCeD1rUbGNVkFPIRvMkmUQo1klhKAlEUmrtW+aH+If" +
-        "6oqumifqxvaycWidacbgNLIAMQtlQmniPF6Pq0dv8sNeKq4CE0gjRHOPJ2zIqy3kJ3tZYB" +
-        "pTguwO";
-    public static final String Intermediate_CRL_2_RL_03_03_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1STC4wMy4wMxcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIdi3f0th0SfQwDQYJKoZIhvcNAQEFBQADgYEAXZSZ" +
-        "ySsD7U6ETy9ZRmiKUCJMUV9CIhCY0mEihHjW0DhFTyV1Hr01yN5zUr/IFVuP/Xcx36IX4l" +
-        "dVv6/MgR1GeM/BUGZhm4z6YwfAosZ1N3zayIy/pP3fa1rVRl8cgCxc/8qxg9nH9p6yPpxM" +
-        "AOOu6TLYquk/dA7wJPEW7MPixXY=";
-    public static final String End_Certificate_RL_03_03_crt = 
-        "MIIChzCCAfCgAwIBAgICALQwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTEtUkwuMDMuMDMwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjAzLjAzMIGfMA" +
-        "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC5LNxAB+lm514Hk2ykrFUb7fCX0ryIEMg0mgeT" +
-        "/z8Iw7xisht57koK4PTXY863aunfNNh+8oFTHZnoLB5dbkROj1nFRgcWPezzv1wNkZEpxn" +
-        "NINtTPBogW22NPznoZ/rSk9JRFe0sCOVazkW9tZbY2ARqyJsYU1ez5tQIkDS47kQIDAQAB" +
-        "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
-        "oECMWddsi+qmxKMBMGA1UdIwQMMAqACHYt39LYdEn0MA0GCSqGSIb3DQEBBQUAA4GBAAv8" +
-        "nrJaqEycAyIKdPBYTUqaxjkv4SmonDDJG9OqvD78/o9hUKKteoMkNUp8eexTkWk0L72L4N" +
-        "/eXB30+m65E841V+Dy8L4bXh15n4qz4cyMt8Kvm7nbCqcgpiyBJmBxzfaXDLSthlmhcJ4X" +
-        "zDFnav1LEw5fZklt7cnMl4YvLD8d";
-    public static final String[] TEST_67_DATA = new String[] {
-        Intermediate_Certificate_RL_03_03_crt,
-        Intermediate_CRL_1_RL_03_03_crl,
-        Intermediate_CRL_2_RL_03_03_crl,
-        End_Certificate_RL_03_03_crt
-    };
-
-    /*  
-     *  test68
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_1_RL_05_01_crt = 
-        "MIICljCCAf+gAwIBAgICALUwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wNS4wMTCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA59vHTe5A9AcT237mW7HdSfh8Pu4P2wJNLT7RXczN" +
-        "7DD/P6mAkugSgPTXwwlE1oSB/hCxAtEPhwONYZFYlRClFJidHDdVApalB7UbosTghsUzAg" +
-        "Lqw7NL+w9i3Un2G7JM2oWwugozQn/1hzr2Cii2TIB6K0RWKoPBJvaWUURS/G8CAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAEwEQYDVR0OBAoECP55Cc4eBca8MBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
-        "SIb3DQEBBQUAA4GBALX594y5uF4Rt7CoRHeKZ5h8QiG7mc+kQDMjaSU4KJwNVVL0mJatQG" +
-        "w90yFfhvprlgDt9UIAvpF6z5gysbrjHXJaEhVlXeg9D5mcxsL4THEc8f6oU1GjfT/SOD9l" +
-        "QrT/keX3D9lcFEaTOgi0HIZ7aFIJgoWjXF/9kNNMEAs8sJNI";
-    public static final String Intermediate_Certificate_2_RL_05_01_crt = 
-        "MIICljCCAf+gAwIBAgICALYwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTEtUkwuMDUuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1STC4wNS4wMTCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAtl4hX6HlF0M+lSBTG8jHiB06hOy87LL81yAE2JQt" +
-        "/6F+LZjuOBTCIc2yO2bVM3XzUnjyYDBYGnBFp/7XpRoiADuPJSfmkzmezpyJc+hm96UR1g" +
-        "Bpo+pPKbRTWuM+FYy+vPtaDk5wKOrmyNx440PwbzxTN3JeWz17xeYE98bXMc0CAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAEwEQYDVR0OBAoECJOjtwEYV9VSMBMGA1UdIwQMMAqACP55Cc4eBca8MA0GCSqG" +
-        "SIb3DQEBBQUAA4GBAFbkOffoIjWSfxEuKszoK7Fj27Hf5jlV92xqXtBLURjNGi9jCLUIUd" +
-        "QLnONZLJYo70Z6XaGjpAK1EtZKVWsz11JDq5egE1zNES//9Tz8xDtJ7Lcq0mwneVFxmBuL" +
-        "gxkw4GKbBFKz10FoSP7VJWaeW080WwKnp96Me5GtZRe260N1";
-    public static final String Intermediate_CRL_1_RL_05_01_crl = 
-        "MIIBhTCB7wIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1STC4wNS4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWjA4MDYCAg" +
-        "C2Fw05OTAxMDExMjAwMDBaMCEwCgYDVR0VBAMKAQEwEwYJYIZIAWUCAQwCAQH/BAMCAQCg" +
-        "IzAhMAoGA1UdFAQDAgEBMBMGA1UdIwQMMAqACP55Cc4eBca8MA0GCSqGSIb3DQEBBQUAA4" +
-        "GBAIdOaBfpAEKWLrSvepVjk3UTfEfsSP6y+kFMl33YXy18xUvVpLarGu6YjQIpXiL+ulkP" +
-        "eF8TAc9AarUjvDf0kcslIOt3NhdMxR4/F614Ds/rPEXs4c7n4kCkvAlFg/19iIFeCaynx3" +
-        "X0s/v1SwzgAUHi3P+OwAGDApDTyKbnmzvt";
-    public static final String Intermediate_CRL_2_RL_05_01_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMi1STC4wNS4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIk6O3ARhX1VIwDQYJKoZIhvcNAQEFBQADgYEAfOOd" +
-        "JiLUCFSurAafQEBfxE9KVrgFC+W9m64cmERicO1QL9aDVIDGJAIY1pdvWVdhLBIKwSugwB" +
-        "ZH3ToptY+VizvFN1gkKGL2OuvDsXPHn1+QgmqvxYFPmvwDcwuxZ/3zD1VeHgEIKo9ugRnW" +
-        "F8G2Ph6SWUxJCjJQpB7WIbydowI=";
-    public static final String End_Certificate_RL_05_01_crt = 
-        "MIIChzCCAfCgAwIBAgICALcwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTItUkwuMDUuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjA1LjAxMIGfMA" +
-        "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC9NWkW/mia20c5gM3DpcTsBWTNC/d/Cob+OVrS" +
-        "lYytMjK4htO3MavavMZNTLAYFCXWhZ+Uo/uiAF0ddE4HaFI418eKJMSSbQyed0TG5Udw/t" +
-        "3dhYeLzLEmVc0r00q5v+CLINsCNQAKaPV71UvoHrE092zZjmtacuAetBS1Q2ufpwIDAQAB" +
-        "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
-        "oECGNPOXdCLpZ3MBMGA1UdIwQMMAqACJOjtwEYV9VSMA0GCSqGSIb3DQEBBQUAA4GBALTo" +
-        "hfBEPdzZ6A9QNStakOhmhHYox70xOPuWqzSbIugZv4chKXNQGiUAoOGImTw1mcun/uPNtd" +
-        "0bT+O+a9yX5gzW55CSmR/teHkTkND1mJhOMuYOmaCaBHnqgIIe1iEhMZQgag70+/tSmmQm" +
-        "UpWGpxeK2c02tBK6gEmnqk75bKRT";
-    public static final String[] TEST_68_DATA = new String[] {
-        Intermediate_Certificate_1_RL_05_01_crt,
-        Intermediate_Certificate_2_RL_05_01_crt,
-        Intermediate_CRL_1_RL_05_01_crl,
-        Intermediate_CRL_2_RL_05_01_crl,
-        End_Certificate_RL_05_01_crt
-    };
-
-    /*  
-     *  test69
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_RL_05_02_crt = 
-        "MIICljCCAf+gAwIBAgICALgwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wNS4wMjCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAouNcO1wHvKHPR15L7Fohr/QbTkPWGr9QYp2MXEDy" +
-        "BRGHt63Ob+yNvsP/C74GJA+PzvcRELSnJxmBVbdRN5y/u4S6Zt4yTTcrvp4vl//luoGLOX" +
-        "NHhCXbrGavyoP/iKpbfP7fy948AN34i95HuZENoGPjG5stX0uk12P087S2tPcCAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAEwEQYDVR0OBAoECFi86MGPmMsXMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
-        "SIb3DQEBBQUAA4GBAFVZVMZEsaVuL0qX5Ls94+x8gBklxPfxgfG5LeBR2/YcqW+7BhsVA1" +
-        "GQhjBtwqCU9SOL16oTrqgw2+YeWBjaYuNYVlxfdifd0pQydpE1iDQWxmoKLzSDmtWgRYhz" +
-        "v0TB6j8q+0x5Q0OOrHX0jdIiBnHrLmReCK8dY1x6fb6I0tTH";
-    public static final String Intermediate_CRL_RL_05_02_crl = 
-        "MIIBhTCB7wIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1STC4wNS4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWjA4MDYCAg" +
-        "C5Fw05OTAxMDExMjAwMDBaMCEwCgYDVR0VBAMKAQEwEwYJYIZIAWUCAQwCAQH/BAMCAQCg" +
-        "IzAhMAoGA1UdFAQDAgEBMBMGA1UdIwQMMAqACFi86MGPmMsXMA0GCSqGSIb3DQEBBQUAA4" +
-        "GBAFMN6PWjz2bA1RRySYNXde2rKiYkZYghbtT4ig2yDJBKOiPnjdx+jriFJxGYpt7BvcNx" +
-        "cDfijmDZ1clzprIvz0lFO6IwsQiWtLxOz4Doj6K2AD+7IxuGLceaXmubvi4e6VVC3xXGsu" +
-        "OYsNgFzsdUXIazi74+eOcj4dqrHAepbhXT";
-    public static final String End_Certificate_RL_05_02_crt = 
-        "MIIChzCCAfCgAwIBAgICALkwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTEtUkwuMDUuMDIwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjA1LjAyMIGfMA" +
-        "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCuWE1aFx3Zjk6gM0Wy6ijcUegbiGvhjBgqIGwv" +
-        "YissT0v3KGAKoh5wGeKC+rePQNbZ91j4XDLvUNUdNw8HVNdNG/igIwsuaJ9teKSbqrAw9X" +
-        "aD2YjJz/I6X6WXFd/eQ+g9lY3eidOXJkglYSwWMxUV62RUZbGyqjR1so+XpmYxCQIDAQAB" +
-        "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
-        "oECLLbuNyVkkK9MBMGA1UdIwQMMAqACFi86MGPmMsXMA0GCSqGSIb3DQEBBQUAA4GBACKt" +
-        "GgxIRXYHZGZgwYHjNzquM1pUJTbxxm3qYA4U6r44oAo1UzQTDpHOalflreGFvG05l1BCnQ" +
-        "olQ8rcXU25v/CDfyww7cl8l7IxjYz7PNht7R97vjfMVqqButbn+BmU6D5kR9YXDCDPzaQ5" +
-        "DrKNk+3tIjJNj6YhxhqC2tPG9RIN";
-    public static final String[] TEST_69_DATA = new String[] {
-        Intermediate_Certificate_RL_05_02_crt,
-        Intermediate_CRL_RL_05_02_crl,
-        End_Certificate_RL_05_02_crt
-    };
-
-    /*  
-     *  test70
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_1_RL_06_01_crt = 
-        "MIICljCCAf+gAwIBAgICALowDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wNi4wMTCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAmhxr4ckU5C3E57odZjgcxl46ZF2QVy+K86YoLOGT" +
-        "mq34NSHTFxP93mrNqMYdFKFedUTNI68HkecFVvVKoXsDNBnhyyCTQ3xXhBcMUXFByB+55k" +
-        "W5LeQ8l1G2ugsyZ7Z+P8uylrpeGJt4RjOTilhcI2mnfZ7S+arFGe4KYgnsaFUCAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAEwEQYDVR0OBAoECOS4X3XqhyJYMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
-        "SIb3DQEBBQUAA4GBALCPtNwXGxVSUNGErkBHSYCHyqlA55jKQQvZ4P0PznWEQ/gBJx34hq" +
-        "LxiBO2G+iDomzHszeM77TXkQBpNxCUw26Jxv2HuvyBXuSprgjw5F1tvLqwsBAnD5vsb0uD" +
-        "NrkKIzJSIBFQ1SRhuCObaXnamfPJHBmkP25t4QqEvoXMtVHB";
-    public static final String Intermediate_Certificate_2_RL_06_01_crt = 
-        "MIICljCCAf+gAwIBAgICALswDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTEtUkwuMDYuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMi1STC4wNi4wMTCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA2IKrW6HDZJVFw3e4cC7v/jPGXAexI4B88707NhAc" +
-        "qxSVfGTPJBdfWo5pkptZKN5/L5n6+rixLItHnei/uwBCHvhwzeEIGo1yVCgz6R2MoNB966" +
-        "Q5CHWfT43BUjp0rZLJkK4hVKNyXB78NVv2Fly+XWBDEnzQvgVPWbGOvzE3zh0CAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAEwEQYDVR0OBAoECK/1z9Xbu2jGMBMGA1UdIwQMMAqACOS4X3XqhyJYMA0GCSqG" +
-        "SIb3DQEBBQUAA4GBAAa/MVC+8ozm9py40a4o/kHbkkmFNQr4s9yi3KXXuVxsNvquFMXm4a" +
-        "gC8GPoNjvV+RPRmU8wOM6I2/PPl2JEQRb7NDM8LkY/m/Au4GHVeln6FKlldiRm0A+YIr19" +
-        "ip2RHOldikAjUUYv7JT3SP34sjtq2e8bsXfWEPG5BA/wxtm7";
-    public static final String Intermediate_CRL_1_RL_06_01_crl = 
-        "MIIBhTCB7wIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1STC4wNi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWjAjMCECAg" +
-        "C7Fw05OTAxMDExMjAwMDBaMAwwCgYDVR0VBAMKAQGgODA2MAoGA1UdFAQDAgEBMBMGCWCG" +
-        "SAFlAgEMAgEB/wQDAgEAMBMGA1UdIwQMMAqACOS4X3XqhyJYMA0GCSqGSIb3DQEBBQUAA4" +
-        "GBAJSexboWDaqLVY6iiWt8ZX5GwuNwDBN1R2TgM95H7JqjMgoWML887dKk24p4eKACFMWI" +
-        "Ji9nwsqdZ/h1FtPhYpSoJ8l8vo4imMKr+tTnMngDNpMMZPQyRY1AK1jSrLhEtUdjiEtrTY" +
-        "rG56RNt4YyUtNxxfkEymvwJxmO/4YcAz/l";
-    public static final String Intermediate_CRL_2_RL_06_01_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMi1STC4wNi4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIr/XP1du7aMYwDQYJKoZIhvcNAQEFBQADgYEAImRg" +
-        "n9A7px9exOJL4Se9jsSHzZ3sAd3y16LdAb+HLtYLl1swNB4KPE+OebtzEoYiSzVVwezdlm" +
-        "5WseZjfbd0q01srZI4FeACZe99iBSpKymdKxw2gRvfYZ8ZMwFpK2mQq9cmygFn53iOwP7j" +
-        "3KE+lllielu7sYyEnkliF9wsaG0=";
-    public static final String End_Certificate_RL_06_01_crt = 
-        "MIIChzCCAfCgAwIBAgICALwwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTItUkwuMDYuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjA2LjAxMIGfMA" +
-        "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDZVBNzD7LZW6mC2GSbVPjpcJ7sWISYsL2eHqXb" +
-        "/PuxtbOneOjYqx0GeL9pxDGSSNl2NrlG0G1HTU2MaEOVA6h96W9e5ADV/pzGPMr97z+3BV" +
-        "unxLX+ciM3T7rUQm/LueQTEC2Ww19T6QOg2i8rEadYT0OoW6OcvyuomemspxgClQIDAQAB" +
-        "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
-        "oECK5pHDrhL7xjMBMGA1UdIwQMMAqACK/1z9Xbu2jGMA0GCSqGSIb3DQEBBQUAA4GBAF3J" +
-        "Kskjs4jp+BBoei9YWYtmOupn9w3oGyhknNh2jz7api5Gtgk2SyKfYFvN6EhWZJEab0hPFe" +
-        "WuYwO7zNCLGHw0cFXT/R48ogd6JkH6xDwj4afZDkWVTu8oaVD4h1rTYS6WPRzizAozOzhi" +
-        "tmIo+MV/lCG8+jdVtFgeKycI8aX7";
-    public static final String[] TEST_70_DATA = new String[] {
-        Intermediate_Certificate_1_RL_06_01_crt,
-        Intermediate_Certificate_2_RL_06_01_crt,
-        Intermediate_CRL_1_RL_06_01_crl,
-        Intermediate_CRL_2_RL_06_01_crl,
-        End_Certificate_RL_06_01_crt
-    };
-
-    /*  
-     *  test71
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_RL_06_02_crt = 
-        "MIICljCCAf+gAwIBAgICAL0wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wNi4wMjCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxMlJ0vbkMRGzuEDTDGuPmwDzU1xn3dFDZ1Tx6ONP" +
-        "fwNN5gk6r9kYl5TZ8f5TbkQSnOzyhDSqX8dGumCSgukETXtYBU2+KiIAtliu5NJRbXe3La" +
-        "vn102HxaHDLGsR0FFLiFM9GVhOOXryJoXoGZqUwvqbWyaQQEzrV4RWmuOv7xMCAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAEwEQYDVR0OBAoECFNaMo88Vb5MMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
-        "SIb3DQEBBQUAA4GBAJsjJG4/U1OWCJPB1u7UD3TPKRgOR9hT5l3LzFw5s0CEGt2Beg25LP" +
-        "GEGcr0sEdosVQI5m5CuPolpmlQv0FkZv5M1W+uXX+F/6edtMDEquDpdR97ihQSLZjFFqjE" +
-        "ytuaD4gqtL/BKBbz3e93mOmR9Wi+kWlXOYl0j8wpU9ePSjDV";
-    public static final String Intermediate_CRL_RL_06_02_crl = 
-        "MIIBhTCB7wIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1STC4wNi4wMhcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWjAjMCECAg" +
-        "C+Fw05OTAxMDExMjAwMDBaMAwwCgYDVR0VBAMKAQGgODA2MAoGA1UdFAQDAgEBMBMGCWCG" +
-        "SAFlAgEMAgEB/wQDAgEAMBMGA1UdIwQMMAqACFNaMo88Vb5MMA0GCSqGSIb3DQEBBQUAA4" +
-        "GBAAKNj5xmtE7wzO1p5igiAmCDV6KuYsiPAQPHPEBlmo85vzvWv2hpEtmk4nDhehogl0QX" +
-        "rhvRRqR+cPE5vBLB8mAStW+ZR6FXQPnmU5qGHqCQ4Wh6TWZesd7oyftoS7bJD5Xdf5ErA9" +
-        "qijWoz8FgxZHVnAFmjA0rUINkdQ5JfE5oj";
-    public static final String End_Certificate_RL_06_02_crt = 
-        "MIIChzCCAfCgAwIBAgICAL4wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTEtUkwuMDYuMDIwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjA2LjAyMIGfMA" +
-        "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD3UzwrnwKRlP00Pn49iI35S0wLn7c1I3rsmzdm" +
-        "YFicetxHNeOKXLg1CN1bqkbAJ+N39fKjrkusqb2T+R3zhAV5LeLT4fzbHYdU7f4r6xgW2/" +
-        "b2WLv+QVR+ldTsVxgPp/ZUgYi4/vAow4Q/6IT+zWtlawMBob/nLjVl+jQ9N4coFwIDAQAB" +
-        "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
-        "oECPhq75noL+9WMBMGA1UdIwQMMAqACFNaMo88Vb5MMA0GCSqGSIb3DQEBBQUAA4GBAIU2" +
-        "5bLX/NyDC8dKUxRwVn8oc3YPQjK0zXGdUr15Ib+cLdRyFVCuAyxVdpTf/csuga6tDhGuTL" +
-        "B18mTE/fAjhUOiKiOLD6m4P77Nj67l2NTi86RimsI/Z6r5+bU31ahrls/7kr788+f4oEIY" +
-        "TyOJecojsJUOG3qzK9J50iszclxg";
-    public static final String[] TEST_71_DATA = new String[] {
-        Intermediate_Certificate_RL_06_02_crt,
-        Intermediate_CRL_RL_06_02_crl,
-        End_Certificate_RL_06_02_crt
-    };
-
-    /*  
-     *  test72
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_RL_07_01_crt = 
-        "MIICljCCAf+gAwIBAgICAL8wDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wNy4wMTCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAxjHxSRwJjEkLG9Al5uSQ22QI8N/hJ8hhkhh9qlaJ" +
-        "mHusM8sWpAp2vnuumlThTA2zZbptXZ8Krb7i/Kpym4wo3ZkEThwi/ijsM5QCunQJmESRGD" +
-        "yPZJjfhWjoC+lCjbmzsOGLMETpgSEMy+EyoXkRCnKmXcmCMS8HjLrqdnwiWBUCAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAEwEQYDVR0OBAoECHPEkeIs8GuwMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
-        "SIb3DQEBBQUAA4GBABCmgEnb8dfnG9lWQKT5BmQm459WqRQAiqdfqf9w0qRMuVrdfLMwqx" +
-        "oq4uh10A3d+auHohgT2fT9RzNaWnRoNaH9K6qLQsdCUZdqjbEGdyiIFzvWP9MkV9nhDlo2" +
-        "GgiU68HfnpKO/WA9EaRHyEzwT9o4SA7hAbz+3L12hB2WLSOg";
-    public static final String Intermediate_CRL_RL_07_01_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1STC4wNy4wMRcNOTgwMTAxMDYwMTAwWhcNOTgwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIc8SR4izwa7AwDQYJKoZIhvcNAQEFBQADgYEAOyZr" +
-        "f1tRnuzoq7dgQo+eOYhb5JyRyrNaSwNnRy82wOP+/G3NH8V3NGonDFOOcd9SoLTbeW4o71" +
-        "vdOrKZgom5H2MZK5M4wTdfPAfXB1wBxOMzW5jXzsRtaha4l6EPI+GVL0eXN+aW3k/pscdA" +
-        "ToI+OxTmRRnCYS6yW3qL9RoTIXQ=";
-    public static final String End_Certificate_RL_07_01_crt = 
-        "MIIChzCCAfCgAwIBAgICAMAwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTEtUkwuMDcuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjA3LjAxMIGfMA" +
-        "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCrm/Zem9Tt2UJFUKdAhTNwvhLo03uOax74ZgbV" +
-        "YNTCpKeEWkV5d5d7DRC4mCTX1yjIlg6K4l7T+sRGI4XAcDRgYLuoyG1X958XCXSdIPTdbK" +
-        "Hxs/tFv4mrCwi1kU+zjyzDoqgjT6kUxgM39rfcvDMH6qSzHQKgTFp7Tj/DHiELqwIDAQAB" +
-        "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
-        "oECGFR8c6rRbhcMBMGA1UdIwQMMAqACHPEkeIs8GuwMA0GCSqGSIb3DQEBBQUAA4GBAANZ" +
-        "TVR288mKpDDzm9XZMZ9+K1kPZ+eQYX+vUul11luVw27AIJGR8Fb4PIGl4+ALvqU3NQP/6v" +
-        "d+zvS7IfiR6q7aLS3w111BUCgDhTJAp3oSo12qfcp+2DB1M9QfjrM9nKgmh5bBJigdJwJM" +
-        "W8HHKStUMLdxg+qkZJgZpnyowCFM";
-    public static final String[] TEST_72_DATA = new String[] {
-        Intermediate_Certificate_RL_07_01_crt,
-        Intermediate_CRL_RL_07_01_crl,
-        End_Certificate_RL_07_01_crt
-    };
-
-    /*  
-     *  test73
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_RL_07_02_crt = 
-        "MIICljCCAf+gAwIBAgICAMEwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNNTAwMTAxMDYwMDMwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wNy4wMjCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA0CvEneaAPtxZOTqlh/TXBM6V0bQgKbO58yEyURcO" +
-        "Zi7jzYsmNtN9Tsr0wAlD41/ZONsW4MMzZ13UCc0aGa+eE8XRULBe5cgaGxJKwVnEqz3W8z" +
-        "v1MjOk7Anb8TkxMSlWlptC6V3eRA85p5Id9gXbIrP3E3NuSfyx6246oLjNnbECAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAEwEQYDVR0OBAoECIb5Ia6wKcHtMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
-        "SIb3DQEBBQUAA4GBAAYEHQY+Z4qv4bYLmd+sz4aNGwZF7FT6ZIQ43OSeb+t+ibL7rZ0X0y" +
-        "4SCTMs1mAB44IA6RFurmeCFk0ladRCn3A1xaVI1HlHen13ovzDA9ogL4CWbYXvCUv/znQY" +
-        "yVSQCTKwT8iVam8xS1MsNCe408iVjhRfR6u9Hi31M+Pf+AUe";
-    public static final String Intermediate_CRL_RL_07_02_crl = 
-        "MIIBSzCBtQIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1STC4wNy4wMhcNNTAwMTAxMDYwMTAwWhcNNTAwMTAxMTIwMTAwWqAjMCEwCg" +
-        "YDVR0UBAMCAQEwEwYDVR0jBAwwCoAIhvkhrrApwe0wDQYJKoZIhvcNAQEFBQADgYEALVUq" +
-        "3Wq/Opvp9ifmQ4VXz4dgLNR+5Nz3muJ4RZt5R5b4R3RYllhgXNYw2EbEVCFjnfm97z73Ke" +
-        "wzVV+fo/u5GbqJHN2cAVEHarOpasLxySktNA1Cwq5OTzUF0dYISqYbyBvVcaOQBvU/Lwj7" +
-        "MQJJVVq96iDKnAJYBX03EHKbBeg=";
-    public static final String End_Certificate_RL_07_02_crt = 
-        "MIIChzCCAfCgAwIBAgICAMIwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTEtUkwuMDcuMDIwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjA3LjAyMIGfMA" +
-        "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQD6YgsbjW9IL7/SBORKssFUZBUxmluOpxJK/7d7" +
-        "JA2pxbg7L96xHFPWN36CYDJzTscNpbGrD3G2MPkg4GqoTo0rU28NYVzj4SwqYoSLIbXB+r" +
-        "SVgWcxNgbJ+4x9bK3YccNLR1PWEFxz1NckhCLBmb5pI4E34MCxQ6PvFO02I19FwQIDAQAB" +
-        "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
-        "oECIutV9ItCIbZMBMGA1UdIwQMMAqACIb5Ia6wKcHtMA0GCSqGSIb3DQEBBQUAA4GBALQE" +
-        "cBr31h3jKUHcuf3yztr9NWUkGMDM0NCXHOpQl7JbV3P5BjvaiRYWlUrN7+92G8EaUFORto" +
-        "zp8GG+d/MvFooVQOvpOzyhautYWyqq3AWpZLppnxNk1mRAdjUAvJaONtv37eLsma0bhtLM" +
-        "j62sQQ6CdoKbMtIEGuJgpwWqHYwY";
-    public static final String[] TEST_73_DATA = new String[] {
-        Intermediate_Certificate_RL_07_02_crt,
-        Intermediate_CRL_RL_07_02_crl,
-        End_Certificate_RL_07_02_crt
-    };
-
-    /*  
-     *  test74
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_RL_07_03_crt = 
-        "MIICljCCAf+gAwIBAgICAMMwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wNy4wMzCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEA8QzGjV0NVTNrOgkeqTkQFCOvl7M0qmjmYJjuw4R3" +
-        "YfQIXDN0m9HR2JKp5WKTSUedmWviGS7NbGSzLR7+6OkLwSoxN9PkA/fMko7O0KWBfduhvn" +
-        "jymlDMb2GPb1hBjScbq8fVJHwzqUm+BtEO2MXwXKYY2hZr+OEyEGhSEThp90MCAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAEwEQYDVR0OBAoECFwl2XphEZRSMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
-        "SIb3DQEBBQUAA4GBAAb5GERgYVGuOb62gVZAAnhuk5K7CCkWZucOv6iI7pAgI6S7pvool/" +
-        "dXHC0tzgQ+/MkuWcr+22k/ya7f+iSfiYokjnQkgoYFYk3PkjyOXA3mzs5qhF0nOP6Gvmz4" +
-        "asONA+qZSqa4pjxF9Kn8L64f9yeyEXnckmbzdmbjAFCveQIP";
-    public static final String Intermediate_CRL_RL_07_03_crl = 
-        "MIIBTTCBtwIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1STC4wNy4wMxcNOTkwMTAxMDYwMTAwWhgPMjA1MDAxMDExMjAxMDBaoCMwIT" +
-        "AKBgNVHRQEAwIBATATBgNVHSMEDDAKgAhcJdl6YRGUUjANBgkqhkiG9w0BAQUFAAOBgQAz" +
-        "DMl8P16hylNkUEw4z9//PJFObNPZCYdmzBfp0K3tNRrOAouUVegyX0gDHi8O+bmmJNgcnC" +
-        "tMRXx+D4qP7bx5fDS2MVQhSsncf6u4UZ8pxbRc0JmwR5oGZLPQabrctgmEmg8ZKGApKtsf" +
-        "pGyvvTwaAzM+GaWXD68bBEN3VfVdeQ==";
-    public static final String End_Certificate_RL_07_03_crt = 
-        "MIIChzCCAfCgAwIBAgICAMQwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTEtUkwuMDcuMDMwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjA3LjAzMIGfMA" +
-        "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDU6mec24uBaVip7fFWHas+o/lpZBOfj/IPHXQ9" +
-        "QaRZwmJZBB81AX3BJ60DD12o/+RXdHl7B2Eh9kYv/QEXOKmyhJFSPa0Lv7MQ/hCIcL4m1U" +
-        "FDGtJ3SUixZMqVBP0xjwXoNS88zzaCBL+co2TxhBrYMzeNQOX1eEkXMT4pvULmAwIDAQAB" +
-        "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
-        "oECBBgFdYLuvk9MBMGA1UdIwQMMAqACFwl2XphEZRSMA0GCSqGSIb3DQEBBQUAA4GBAAof" +
-        "dPOGa4ZxRPcLw6zWM/NLzF3XYDqXAsZBsC75r0GRrogqEYn07tVUDNaQczDtjRLBRNmxWE" +
-        "+qCkJwc+wOBJqOFUxcuhK9oag6OE94+UIHdh3Td9i2ELZXj9RSNchnjyFohj5gk1dJSO41" +
-        "86Ls3mCT9JcssR0dSxxkF0ENfZCG";
-    public static final String[] TEST_74_DATA = new String[] {
-        Intermediate_Certificate_RL_07_03_crt,
-        Intermediate_CRL_RL_07_03_crl,
-        End_Certificate_RL_07_03_crt
-    };
-
-    /*  
-     *  test75
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_RL_08_01_crt = 
-        "MIICljCCAf+gAwIBAgICAMUwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wOC4wMTCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAs2YRTEl3C1TmmneJ6K110nSACn+KXxSOTGAGN5xv" +
-        "XW751StpE2iEQIbRVPQdMzmcQX0bcg/WpdrewPQld9NRjFj7it+9YNQh7vMKhZwoAPoDmv" +
-        "TnTdTEuV0c1FLVDVhiaAD9KMBa4fBLRfTKVzgzAr+oNqLhm3YBd2JWRHg+fA8CAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAEwEQYDVR0OBAoECB4we8+hIrkKMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
-        "SIb3DQEBBQUAA4GBABTQI82uCMwQ4bgUWr9lawSI5DyWg3KY13F45rAlmKyckgne9SHbCH" +
-        "+Lvm3XkkIqKmeHfJ3QTf7bpz6eErn3CxRrGm5JWblcYbVT+smjboJ9A0BXifqINYLy3qGc" +
-        "AnNRkPq8OUREj2sU1qWKagUIgA/Vk2WyZhcUiApJPHI4fwv9";
-    public static final String Intermediate_CRL_RL_08_01_crl = 
-        "MIIBWjCBxAIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1STC4wOC4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqAyMDAwCg" +
-        "YDVR0UBAMCAQEwDQYDVR0bAQH/BAMCAQEwEwYDVR0jBAwwCoAIHjB7z6EiuQowDQYJKoZI" +
-        "hvcNAQEFBQADgYEAkjF0oERt5XW2i70gyspkEYIHyGCHnqngky5yuwQSRrlW7t0vGdKV7W" +
-        "50evTeSVV41uhi1MBcccpx1MdRcB5vsatFSSKcKx4NF3PuHXxXCm2HkfXQy4K5zftE3jOZ" +
-        "5s+yTHiw3s/QSErtHRca+TQcEZwamI+p402TEa6e82l6xHI=";
-    public static final String End_Certificate_RL_08_01_crt = 
-        "MIIChzCCAfCgAwIBAgICAMYwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTEtUkwuMDguMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjA4LjAxMIGfMA" +
-        "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDfEMqWMqk3Rre5m4ILtQIz45JImvU379Al/S6t" +
-        "2y/TzimJc4nhIKQp80VaZA/gwu/DcvMgJPM+FFz5U5rRkDaYASsc34tZUESF5LC6ZbtGqf" +
-        "J96IKdajvkGLsHyI7dseuwaQ0FlOwcmKMSR898MGNNbKxaQNLEXsIFypRDsN6JhwIDAQAB" +
-        "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
-        "oECMT22ARjB1ABMBMGA1UdIwQMMAqACB4we8+hIrkKMA0GCSqGSIb3DQEBBQUAA4GBAIaP" +
-        "EqI7oHl/+h3MszG4VB1Va9NTN0kaysTyjQSVBi9jhOlPkzuXc2wI1bymBhatHEn6OrgP13" +
-        "vsOiH2BiyudYcYjKpwI4FUiyKLIc0CXzM0VYFoMzb91QtsK1EnvAPDKNYVVFXrL7ABVIK4" +
-        "hU6HfMMUbnpKWBxT5274iHScX8tL";
-    public static final String[] TEST_75_DATA = new String[] {
-        Intermediate_Certificate_RL_08_01_crt,
-        Intermediate_CRL_RL_08_01_crl,
-        End_Certificate_RL_08_01_crt
-    };
-
-    /*  
-     *  test76
-     *  
-     */ 
-
-    public static final String Intermediate_Certificate_RL_09_01_crt = 
-        "MIICljCCAf+gAwIBAgICAMcwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9EMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxUcnVzdCBBbmNob3IwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNVBAMTDENBMS1STC4wOS4wMTCBnzANBg" +
-        "kqhkiG9w0BAQEFAAOBjQAwgYkCgYEAsvkvLv5fMFYvohaXO8a7GgU4rDHe9iL7LP1VeNUg" +
-        "GIdJGqPEnuggQ/guhrBHafGh1NtmlEbmPJ4WQ99dBbPHHeO8sfCgkmWC0SqPODoI+t3qJE" +
-        "kf2z9dWoAij15RXPliywZz+S6bTtcEQAREyBQ6M8/HJ83wRXp/uCpdPOSxVPkCAwEAAaNj" +
-        "MGEwDwYDVR0TAQH/BAUwAwEB/zAOBgNVHQ8BAf8EBAMCAQYwFgYDVR0gBA8wDTALBglghk" +
-        "gBZQMBMAEwEQYDVR0OBAoECISY4bvGMEBTMBMGA1UdIwQMMAqACKua6/nC51SPMA0GCSqG" +
-        "SIb3DQEBBQUAA4GBAAd7g+dWso4V/Vr+QIoNLueCBAYWdOF+Yz3VeomcsDAs2V8E+xcZaq" +
-        "jo2LrMygYCeMxVfXx/ZdhLPOaZ+ahNAbk+nWRwj35JdTNAAbMMWFdZUgR6N+uzx1v7i86p" +
-        "AWUpRJ9IYPgUoQ5pmjdf3Ru1nrLfRt4yp+kNHWp6IL/+MwcM";
-    public static final String Intermediate_CRL_RL_09_01_crl = 
-        "MIIBXDCBxgIBATANBgkqhkiG9w0BAQUFADBeMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS" +
-        "5TLiBHb3Zlcm5tZW50MQwwCgYDVQQLEwNEb2QxEDAOBgNVBAsTB1Rlc3RpbmcxFTATBgNV" +
-        "BAMTDENBMS1STC4wOS4wMRcNOTkwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMTAwWqA0MDIwCg" +
-        "YDVR0UBAMCAQEwDwYDVR0cAQH/BAUwA4IB/zATBgNVHSMEDDAKgAiEmOG7xjBAUzANBgkq" +
-        "hkiG9w0BAQUFAAOBgQAKTXYgqlP+upFIwOSpdaVKDT8aqFzY9nSIsxHg5Wdl43U7p44LvQ" +
-        "lW8XKhw74oQl1ExU5s7mDaEqB0JIozGzmoNyKsErgWKNW+lpKSxR5+1EHOB6Oo2KijpTsv" +
-        "GFrHFCnF09f9JaTaMRIXOljx3rMO1UZsftKy/L9z3aUz8hQRnQ==";
-    public static final String End_Certificate_RL_09_01_crt = 
-        "MIIChzCCAfCgAwIBAgICAMgwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxGDAWBg" +
-        "NVBAoTD1UuUy4gR292ZXJubWVudDEMMAoGA1UECxMDRG9kMRAwDgYDVQQLEwdUZXN0aW5n" +
-        "MRUwEwYDVQQDEwxDQTEtUkwuMDkuMDEwHhcNOTgwMTAxMTIwMTAwWhcNNDgwMTAxMTIwMT" +
-        "AwWjBgMQswCQYDVQQGEwJVUzEYMBYGA1UEChMPVS5TLiBHb3Zlcm5tZW50MQwwCgYDVQQL" +
-        "EwNEb0QxEDAOBgNVBAsTB1Rlc3RpbmcxFzAVBgNVBAMTDlVzZXIxLVJMLjA5LjAxMIGfMA" +
-        "0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDpz09VCXzAhH4/ifMk0RAzaBqJCXaHHqAdO/TW" +
-        "6uvOVtl+fGvWXhXmSSCUfzg5xBqdUXrqcyxOME3vdgF1uOFZ4q2K6+Zuxmm+GCOCIpe+Gl" +
-        "Jzqz4WKXG0iaXXQOYa56itNc/6Z6D/aAjNJavI19w0lmb9l6U2WBfn3LywxHp4dwIDAQAB" +
-        "o1IwUDAOBgNVHQ8BAf8EBAMCBeAwFgYDVR0gBA8wDTALBglghkgBZQMBMAEwEQYDVR0OBA" +
-        "oECOri1JgnJfLjMBMGA1UdIwQMMAqACISY4bvGMEBTMA0GCSqGSIb3DQEBBQUAA4GBADmV" +
-        "Ee0xy25Z0HtmWwprKPjJDr/p7TgzbmNC58pUPkgtxnJFP4yrzNB9FQBWSfnjZpzQkLSU7i" +
-        "7O6cf5HkqjQqoPErDnJLWgGzjbF80v2IIyZk7rEpAAM4MwjIk7hFvJK8QkTht9F4N1zj2X" +
-        "0TQkmlbo9Z4SFj/3fsbl9h2GdKuU";
-    public static final String[] TEST_76_DATA = new String[] {
-        Intermediate_Certificate_RL_09_01_crt,
-        Intermediate_CRL_RL_09_01_crl,
-        End_Certificate_RL_09_01_crt
-    };
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/NamedCurveTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/NamedCurveTest.java
deleted file mode 100644
index 4cd326e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/NamedCurveTest.java
+++ /dev/null

@@ -1,445 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.math.BigInteger;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.Signature;
-import java.security.interfaces.ECPrivateKey;
-import java.security.interfaces.ECPublicKey;
-import java.security.spec.ECGenParameterSpec;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-import java.util.Collections;
-import java.util.Enumeration;
-import java.util.HashSet;
-import java.util.Hashtable;
-import java.util.Set;
-
-import javax.crypto.KeyAgreement;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
-import org.bouncycastle.asn1.nist.NISTNamedCurves;
-import org.bouncycastle.asn1.sec.SECNamedCurves;
-import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x9.X962NamedCurves;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECNamedCurveSpec;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class NamedCurveTest
-    extends SimpleTest
-{
-    private static Hashtable CURVE_NAMES = new Hashtable();
-    private static Hashtable CURVE_ALIASES = new Hashtable();
-
-    static
-    {
-        CURVE_NAMES.put("prime192v1", "prime192v1"); // X9.62
-        CURVE_NAMES.put("sect571r1", "sect571r1"); // sec
-        CURVE_NAMES.put("secp224r1", "secp224r1");
-        CURVE_NAMES.put("B-409", SECNamedCurves.getName(NISTNamedCurves.getOID("B-409")));   // nist
-        CURVE_NAMES.put("P-521", SECNamedCurves.getName(NISTNamedCurves.getOID("P-521")));
-        CURVE_NAMES.put("brainpoolP160r1", "brainpoolp160r1");         // TeleTrusT
-
-        CURVE_ALIASES.put("secp192r1", "prime192v1");
-        CURVE_ALIASES.put("secp256r1", "prime256v1");
-    }
-    
-    public void testCurve(
-        String name)
-        throws Exception
-    {
-        ECGenParameterSpec     ecSpec = new ECGenParameterSpec(name);
-
-        KeyPairGenerator    g = KeyPairGenerator.getInstance("ECDH", "BC");
-
-        g.initialize(ecSpec, new SecureRandom());
-
-        //
-        // a side
-        //
-        KeyPair aKeyPair = g.generateKeyPair();
-
-        KeyAgreement aKeyAgree = KeyAgreement.getInstance("ECDHC", "BC");
-
-        aKeyAgree.init(aKeyPair.getPrivate());
-
-        //
-        // b side
-        //
-        KeyPair bKeyPair = g.generateKeyPair();
-
-        KeyAgreement bKeyAgree = KeyAgreement.getInstance("ECDHC", "BC");
-
-        bKeyAgree.init(bKeyPair.getPrivate());
-
-        //
-        // agreement
-        //
-        aKeyAgree.doPhase(bKeyPair.getPublic(), true);
-        bKeyAgree.doPhase(aKeyPair.getPublic(), true);
-
-        BigInteger  k1 = new BigInteger(aKeyAgree.generateSecret());
-        BigInteger  k2 = new BigInteger(bKeyAgree.generateSecret());
-
-        if (!k1.equals(k2))
-        {
-            fail("2-way test failed");
-        }
-
-        //
-        // public key encoding test
-        //
-        byte[]              pubEnc = aKeyPair.getPublic().getEncoded();
-        KeyFactory          keyFac = KeyFactory.getInstance("ECDH", "BC");
-        X509EncodedKeySpec  pubX509 = new X509EncodedKeySpec(pubEnc);
-        ECPublicKey         pubKey = (ECPublicKey)keyFac.generatePublic(pubX509);
-
-        if (!pubKey.getW().equals(((ECPublicKey)aKeyPair.getPublic()).getW()))
-        {
-            fail("public key encoding (Q test) failed");
-        }
-
-        if (!(pubKey.getParams() instanceof ECNamedCurveSpec))
-        {
-            fail("public key encoding not named curve");
-        }
-
-        //
-        // private key encoding test
-        //
-        byte[]              privEnc = aKeyPair.getPrivate().getEncoded();
-        PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc);
-        ECPrivateKey        privKey = (ECPrivateKey)keyFac.generatePrivate(privPKCS8);
-
-        if (!privKey.getS().equals(((ECPrivateKey)aKeyPair.getPrivate()).getS()))
-        {
-            fail("private key encoding (S test) failed");
-        }
-
-        if (!(privKey.getParams() instanceof ECNamedCurveSpec))
-        {
-            fail("private key encoding not named curve");
-        }
-
-        ECNamedCurveSpec privSpec = (ECNamedCurveSpec)privKey.getParams();
-        if (!(privSpec.getName().equals(name) || privSpec.getName().equals(CURVE_NAMES.get(name))))
-        {
-            fail("private key encoding wrong named curve. Expected: " + CURVE_NAMES.get(name) + " got " + privSpec.getName());
-        }
-    }
-
-    public void testECDSA(
-        String name)
-        throws Exception
-    {
-        ECGenParameterSpec     ecSpec = new ECGenParameterSpec(name);
-
-        KeyPairGenerator    g = KeyPairGenerator.getInstance("ECDSA", "BC");
-
-        g.initialize(ecSpec, new SecureRandom());
-
-        Signature sgr = Signature.getInstance("ECDSA", "BC");
-        KeyPair   pair = g.generateKeyPair();
-        PrivateKey sKey = pair.getPrivate();
-        PublicKey vKey = pair.getPublic();
-
-        sgr.initSign(sKey);
-
-        byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' };
-
-        sgr.update(message);
-
-        byte[]  sigBytes = sgr.sign();
-
-        sgr.initVerify(vKey);
-
-        sgr.update(message);
-
-        if (!sgr.verify(sigBytes))
-        {
-            fail(name + " verification failed");
-        }
-
-        //
-        // public key encoding test
-        //
-        byte[]              pubEnc = vKey.getEncoded();
-        KeyFactory          keyFac = KeyFactory.getInstance("ECDH", "BC");
-        X509EncodedKeySpec  pubX509 = new X509EncodedKeySpec(pubEnc);
-        ECPublicKey         pubKey = (ECPublicKey)keyFac.generatePublic(pubX509);
-
-        if (!pubKey.getW().equals(((ECPublicKey)vKey).getW()))
-        {
-            fail("public key encoding (Q test) failed");
-        }
-
-        if (!(pubKey.getParams() instanceof ECNamedCurveSpec))
-        {
-            fail("public key encoding not named curve");
-        }
-
-        //
-        // private key encoding test
-        //
-        byte[]              privEnc = sKey.getEncoded();
-        PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc);
-        ECPrivateKey        privKey = (ECPrivateKey)keyFac.generatePrivate(privPKCS8);
-
-        if (!privKey.getS().equals(((ECPrivateKey)sKey).getS()))
-        {
-            fail("private key encoding (S test) failed");
-        }
-
-        if (!(privKey.getParams() instanceof ECNamedCurveSpec))
-        {
-            fail("private key encoding not named curve");
-        }
-
-        ECNamedCurveSpec privSpec = (ECNamedCurveSpec)privKey.getParams();
-        if (!privSpec.getName().equalsIgnoreCase(name)
-            && !privSpec.getName().equalsIgnoreCase((String)CURVE_ALIASES.get(name)))
-        {
-            fail("private key encoding wrong named curve. Expected: " + name + " got " + privSpec.getName());
-        }
-    }
-
-    public void testECGOST(
-        String name)
-        throws Exception
-    {
-        ECGenParameterSpec     ecSpec = new ECGenParameterSpec(name);
-
-        KeyPairGenerator    g;
-        Signature           sgr;
-        String              keyAlgorithm;
-
-        if (name.startsWith("Tc26-Gost-3410"))
-        {
-            keyAlgorithm = "ECGOST3410-2012";
-            if (name.indexOf("256") > 0)
-            {
-                sgr = Signature.getInstance("ECGOST3410-2012-256", "BC");
-            }
-            else
-            {
-                sgr = Signature.getInstance("ECGOST3410-2012-512", "BC");
-            }
-        }
-        else
-        {
-            keyAlgorithm = "ECGOST3410";
-
-            sgr = Signature.getInstance("ECGOST3410", "BC");
-        }
-
-        g = KeyPairGenerator.getInstance(keyAlgorithm, "BC");
-
-        g.initialize(ecSpec, new SecureRandom());
-
-        KeyPair   pair = g.generateKeyPair();
-        PrivateKey sKey = pair.getPrivate();
-        PublicKey vKey = pair.getPublic();
-
-        sgr.initSign(sKey);
-
-        byte[] message = new byte[] { (byte)'a', (byte)'b', (byte)'c' };
-
-        sgr.update(message);
-
-        byte[]  sigBytes = sgr.sign();
-
-        sgr.initVerify(vKey);
-
-        sgr.update(message);
-
-        if (!sgr.verify(sigBytes))
-        {
-            fail(name + " verification failed");
-        }
-
-        //
-        // public key encoding test
-        //
-        byte[]              pubEnc = vKey.getEncoded();
-        KeyFactory          keyFac = KeyFactory.getInstance(keyAlgorithm, "BC");
-        X509EncodedKeySpec  pubX509 = new X509EncodedKeySpec(pubEnc);
-        ECPublicKey         pubKey = (ECPublicKey)keyFac.generatePublic(pubX509);
-
-        if (!pubKey.getW().equals(((ECPublicKey)vKey).getW()))
-        {
-            fail("public key encoding (Q test) failed");
-        }
-
-        if (!(pubKey.getParams() instanceof ECNamedCurveSpec))
-        {
-            fail("public key encoding not named curve");
-        }
-
-        //
-        // private key encoding test
-        //
-        byte[]              privEnc = sKey.getEncoded();
-        PKCS8EncodedKeySpec privPKCS8 = new PKCS8EncodedKeySpec(privEnc);
-        ECPrivateKey        privKey = (ECPrivateKey)keyFac.generatePrivate(privPKCS8);
-
-        if (!privKey.getS().equals(((ECPrivateKey)sKey).getS()))
-        {
-            fail("GOST private key encoding (S test) failed");
-        }
-
-        if (!(privKey.getParams() instanceof ECNamedCurveSpec))
-        {
-            fail("GOST private key encoding not named curve");
-        }
-
-        ECNamedCurveSpec privSpec = (ECNamedCurveSpec)privKey.getParams();
-        if (!privSpec.getName().equalsIgnoreCase(name)
-            && !privSpec.getName().equalsIgnoreCase((String)CURVE_ALIASES.get(name)))
-        {
-            fail("GOST private key encoding wrong named curve. Expected: " + name + " got " + privSpec.getName());
-        }
-    }
-
-    public void testAcceptable()
-        throws Exception
-    {
-        ECGenParameterSpec     ecSpec = new ECGenParameterSpec("P-256");
-        KeyPairGenerator       kpGen = KeyPairGenerator.getInstance("EC", "BC");
-
-        kpGen.initialize(ecSpec);
-
-        KeyPair kp = kpGen.generateKeyPair();
-
-        X509EncodedKeySpec pubSpec = new X509EncodedKeySpec(kp.getPublic().getEncoded());
-        PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(kp.getPrivate().getEncoded());
-
-        KeyFactory kf = KeyFactory.getInstance("EC", "BC");
-
-        ConfigurableProvider bcProv = ((ConfigurableProvider)Security.getProvider("BC"));
-
-        bcProv.setParameter(ConfigurableProvider.ACCEPTABLE_EC_CURVES, Collections.singleton(NISTNamedCurves.getOID("P-384")));
-
-        try
-        {
-            kf.generatePrivate(privSpec);
-            fail("no exception");
-        }
-        catch (InvalidKeySpecException e)
-        {
-            isTrue("wrong message", "encoded key spec not recognized: named curve not acceptable".equals(e.getMessage()));
-        }
-
-        try
-        {
-            kf.generatePublic(pubSpec);
-            fail("no exception");
-        }
-        catch (InvalidKeySpecException e)
-        {
-            isTrue("wrong message", "encoded key spec not recognized: named curve not acceptable".equals(e.getMessage()));
-        }
-
-        bcProv.setParameter(ConfigurableProvider.ACCEPTABLE_EC_CURVES, Collections.singleton(NISTNamedCurves.getOID("P-256")));
-
-        kf.generatePrivate(privSpec);
-        kf.generatePublic(pubSpec);
-
-        bcProv.setParameter(ConfigurableProvider.ACCEPTABLE_EC_CURVES, Collections.EMPTY_SET);
-
-        kf.generatePrivate(privSpec);
-        kf.generatePublic(pubSpec);
-    }
-
-    public void testAdditional()
-        throws Exception
-    {
-        ConfigurableProvider bcProv = ((ConfigurableProvider)Security.getProvider("BC"));
-        ASN1ObjectIdentifier bogusCurveID = Extension.auditIdentity;
-
-        bcProv.setParameter(ConfigurableProvider.ADDITIONAL_EC_PARAMETERS, Collections.singletonMap(bogusCurveID, NISTNamedCurves.getByName("P-384")));
-
-        KeyPairGenerator       kpGen = KeyPairGenerator.getInstance("EC", "BC");
-
-        kpGen.initialize(new ECGenParameterSpec(bogusCurveID.getId()));
-
-        KeyPair kp = kpGen.generateKeyPair();
-
-        X509EncodedKeySpec pubSpec = new X509EncodedKeySpec(kp.getPublic().getEncoded());
-        PKCS8EncodedKeySpec privSpec = new PKCS8EncodedKeySpec(kp.getPrivate().getEncoded());
-
-        KeyFactory kf = KeyFactory.getInstance("EC", "BC");
-
-        kf.generatePrivate(privSpec);
-        kf.generatePublic(pubSpec);
-    }
-
-    public String getName()
-    {
-        return "NamedCurve";
-    }
-    
-    public void performTest()
-        throws Exception
-    {
-        testCurve("prime192v1"); // X9.62
-        testCurve("sect571r1"); // sec
-        testCurve("secp224r1");
-        testCurve("B-409");   // nist
-        testCurve("P-521");
-        testCurve("brainpoolP160r1");    // TeleTrusT
-
-        for (Enumeration en = X962NamedCurves.getNames(); en.hasMoreElements();)
-        {
-            testECDSA((String)en.nextElement());
-        }
-
-        // these curves can't be used under JDK 1.5
-        Set  problemCurves = new HashSet();
-
-        problemCurves.add("secp256k1");
-        problemCurves.add("secp160k1");
-        problemCurves.add("secp224k1");
-        problemCurves.add("secp192k1");
-        
-        for (Enumeration en = SECNamedCurves.getNames(); en.hasMoreElements();)
-        {
-            String curveName = (String)en.nextElement();
-
-            if (!problemCurves.contains(curveName))
-            {
-                testECDSA(curveName);
-            }
-        }
-
-        for (Enumeration en = TeleTrusTNamedCurves.getNames(); en.hasMoreElements();)
-        {
-            testECDSA((String)en.nextElement());
-        }
-
-        for (Enumeration en = ECGOST3410NamedCurves.getNames(); en.hasMoreElements();)
-        {
-            testECGOST((String)en.nextElement());
-        }
-
-        testAcceptable();
-        testAdditional();
-    }
-    
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-    
-        runTest(new NamedCurveTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/NetscapeCertRequestTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/NetscapeCertRequestTest.java
deleted file mode 100644
index 076dfc3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/NetscapeCertRequestTest.java
+++ /dev/null

@@ -1,130 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.Security;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROutputStream;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.jce.netscape.NetscapeCertRequest;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-/**
- */
-public class NetscapeCertRequestTest
-    implements Test
-{
-    /* from NS 4.75 */
-    static final String test1 =
-    "MIIBRzCBsTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAmwdh+LJXQ8AtXczo"+
-    "4EIGfXjpmDwsoIRpPaXEx1CBHhpon/Dpo/o5Vw2WoWNICXj5lmqhftIpCPO9qKxx"+
-    "85x6k/fuyTPH8P02hkmscAYsgqOgb/1yRCNXFryuFOATqxw1tsuye5Q3lTU9JCLU"+
-    "UilQ6BV8n3fm2egtPPUaJEuCvcsCAwEAARYNZml4ZWQtZm9yLW5vdzANBgkqhkiG"+
-    "9w0BAQQFAAOBgQAImbJD6xHbJtXl6kOTbCFoMnDk7U0o6pHy9l56DYVsiluXegiY"+
-    "6twB4o7OWsrqTb+gVvzK65FfP+NBVVzxY8UzcjbqC51yvO/9wnpUsIBqD/Gvi1gE"+
-    "qvw7RHwVEhdzsvLwlL22G8CfDxHnWLww39j8uRJsmoNiKJly3BcsZkLd9g==";
-    
-    public String getName()
-    {
-        return "NetscapeCertRequest";
-    }
-
-    public TestResult perform()
-    {
-        try
-        {
-            String    challenge = "fixed-for-now";
-        
-            byte data [] = Base64.decode (test1);
-
-            ASN1InputStream    in = new ASN1InputStream (new ByteArrayInputStream(data));
-            ASN1Sequence    spkac = (ASN1Sequence)in.readObject ();
-            // System.out.println("SPKAC: \n"+DERDump.dumpAsString (spkac));
-
-
-            NetscapeCertRequest nscr = new NetscapeCertRequest (spkac);
-
-            if (!nscr.verify (challenge)) 
-            {
-                return new SimpleTestResult(false, getName() + ": 1 - not verified");
-            }
-
-            //now try to generate one
-            KeyPairGenerator kpg =
-                KeyPairGenerator.getInstance (nscr.getKeyAlgorithm().getAlgorithm().getId(), "BC");
-
-            kpg.initialize (1024);
-
-            KeyPair kp = kpg.genKeyPair();
-
-            nscr.setPublicKey (kp.getPublic());
-            nscr.sign (kp.getPrivate());
-            
-            ByteArrayOutputStream baos = new ByteArrayOutputStream();
-            DEROutputStream deros = new DEROutputStream (baos);
-            deros.writeObject (nscr);
-            deros.close();
-
-            
-            ASN1InputStream     in2 =
-                new ASN1InputStream (new ByteArrayInputStream(baos.toByteArray()));
-            ASN1Sequence        spkac2 = (ASN1Sequence)in2.readObject ();
-
-            // System.out.println("SPKAC2: \n"+DERDump.dumpAsString (spkac2));
-
-            NetscapeCertRequest nscr2 = new NetscapeCertRequest (spkac2);
-
-            if (!nscr2.verify (challenge)) 
-            {
-                return new SimpleTestResult(false, getName() + ": 2 - not verified");
-            }
-
-            //lets build it from scratch
-
-
-            challenge = "try it";
-
-            NetscapeCertRequest nscr3 =
-                new NetscapeCertRequest (challenge,
-                                         new AlgorithmIdentifier(PKCSObjectIdentifiers.sha1WithRSAEncryption, null),
-                                         kp.getPublic());
-            
-            nscr3.sign (kp.getPrivate());
-            
-            // System.out.println("SPKAC3: \n"+DERDump.dumpAsString (nscr3));
-            
-            if (nscr3.verify (challenge)) 
-            {
-                return new SimpleTestResult(true, getName() + ": Okay");
-            }
-            else
-            {
-                return new SimpleTestResult(false, getName() + ": 3 - not verified");
-            }
-        }
-        catch (Exception e)
-        {
-            return new SimpleTestResult(false, getName() + ": exception - " + e.toString());
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        Test            test = new NetscapeCertRequestTest();
-        TestResult      result = test.perform();
-
-        System.out.println(result.toString());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/NoekeonTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/NoekeonTest.java
deleted file mode 100644
index c1c7b66..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/NoekeonTest.java
+++ /dev/null

@@ -1,152 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.encoders.Hex;
-
-import javax.crypto.Cipher;
-import javax.crypto.CipherInputStream;
-import javax.crypto.CipherOutputStream;
-import javax.crypto.spec.SecretKeySpec;
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.DataInputStream;
-import java.io.IOException;
-import java.security.Key;
-import java.security.Security;
-
-/**
- * basic test class for SEED
- */
-public class NoekeonTest
-    extends BaseBlockCipherTest
-{
-    static String[] cipherTests =
-    {
-        "128",
-        "b1656851699e29fa24b70148503d2dfc",
-        "2a78421b87c7d0924f26113f1d1349b2",
-        "e2f687e07b75660ffc372233bc47532c"
-    };
-
-    public NoekeonTest()
-    {
-        super("Noekeon");
-    }
-
-    public void test(
-        int         strength,
-        byte[]      keyBytes,
-        byte[]      input,
-        byte[]      output)
-        throws Exception
-    {
-        Key key;
-        Cipher in, out;
-        CipherInputStream cIn;
-        CipherOutputStream cOut;
-        ByteArrayInputStream bIn;
-        ByteArrayOutputStream bOut;
-
-        key = new SecretKeySpec(keyBytes, "Noekeon");
-
-        in = Cipher.getInstance("Noekeon/ECB/NoPadding", "BC");
-        out = Cipher.getInstance("Noekeon/ECB/NoPadding", "BC");
-
-        try
-        {
-            out.init(Cipher.ENCRYPT_MODE, key);
-        }
-        catch (Exception e)
-        {
-            fail("Noekeon failed initialisation - " + e.toString(), e);
-        }
-
-        try
-        {
-            in.init(Cipher.DECRYPT_MODE, key);
-        }
-        catch (Exception e)
-        {
-            fail("Noekeoen failed initialisation - " + e.toString(), e);
-        }
-
-        //
-        // encryption pass
-        //
-        bOut = new ByteArrayOutputStream();
-
-        cOut = new CipherOutputStream(bOut, out);
-
-        try
-        {
-            for (int i = 0; i != input.length / 2; i++)
-            {
-                cOut.write(input[i]);
-            }
-            cOut.write(input, input.length / 2, input.length - input.length / 2);
-            cOut.close();
-        }
-        catch (IOException e)
-        {
-            fail("Noekeon failed encryption - " + e.toString(), e);
-        }
-
-        byte[]    bytes;
-
-        bytes = bOut.toByteArray();
-
-        if (!areEqual(bytes, output))
-        {
-            fail("Noekeon failed encryption - expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(bytes)));
-        }
-
-        //
-        // decryption pass
-        //
-        bIn = new ByteArrayInputStream(bytes);
-
-        cIn = new CipherInputStream(bIn, in);
-
-        try
-        {
-            DataInputStream dIn = new DataInputStream(cIn);
-
-            bytes = new byte[input.length];
-
-            for (int i = 0; i != input.length / 2; i++)
-            {
-                bytes[i] = (byte)dIn.read();
-            }
-            dIn.readFully(bytes, input.length / 2, bytes.length - input.length / 2);
-        }
-        catch (Exception e)
-        {
-            fail("Noekeon failed encryption - " + e.toString(), e);
-        }
-
-        if (!areEqual(bytes, input))
-        {
-            fail("Noekeon failed decryption - expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(bytes)));
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        for (int i = 0; i != cipherTests.length; i += 4)
-        {
-            test(Integer.parseInt(cipherTests[i]),
-                            Hex.decode(cipherTests[i + 1]),
-                            Hex.decode(cipherTests[i + 2]),
-                            Hex.decode(cipherTests[i + 3]));
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new NoekeonTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/OCBTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/OCBTest.java
deleted file mode 100644
index 668ff61..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/OCBTest.java
+++ /dev/null

@@ -1,105 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.security.Key;
-import java.security.Security;
-
-import javax.crypto.Cipher;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class OCBTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "OCB";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        checkRegistrations();
-    }
-
-    private void checkRegistrations()
-        throws Exception
-    {
-        String[] ciphers = new String[] { "AES", "NOEKEON", "Twofish", "CAST6", "SEED", "Tnepres", "Serpent", "RC6", "CAMELLIA" };
-        String[] cipherText = new String[]
-            {
-                "BEA5E8798DBE7110031C144DA0B2612213CC8B747807121A4CBB3E4BD6B456AF",
-                "a2545b927e0f2e6db2998e20b17d5fc0564dcab63b748327e2ef4eaed88cb059",
-                "1cfafe72f7181cae331610c116345e51fc356b379aca04da2a53337c5428d8e4",
-                "5b9b738b2ac7000b33b89dd4eec18dd853f4f7c1d9e17b565405f17a0a8c8b63",
-                "fcdbcee69d02c69858ed4569f78b81920b3027cdb7f1f154634aa5ace9e6ba29",
-                "4f7154cb34558940e85db7d3e96ac6c9cb0d9c1b00b18e82e15d1be83deef9df",
-                "3dd3477801e71807ea1f1f690d8428ed6b1002831428a64f88c36b6d5610022f",
-                "23f3e450c4c7199563a0ed601a5c60d75eb88db2a0d090ae5e84d98438a146aa",
-                "ac13ce9db4af148e910a813fc728e5785e23b1bf1d04a961a3f95f356b9417ab"
-            };
-
-        for (int i = 0; i < ciphers.length; i++)
-        {
-            ocbTest(ciphers[i], cipherText[i]);
-        }
-    }
-
-    private void ocbTest(String cipher, String cText)
-        throws Exception
-    {
-        byte[] K = Hex.decode(
-              "000102030405060708090A0B0C0D0E0F");
-        byte[] P = Hex.decode(
-              "000102030405060708090A0B0C0D0E0F");
-        byte[] N = Hex.decode("000102030405060708090A0B");
-        String T = "4CBB3E4BD6B456AF";
-        byte[] C = Hex.decode(cText);
-
-        Key key;
-        Cipher                  in, out;
-
-        key = new SecretKeySpec(K, cipher);
-
-        in = Cipher.getInstance(cipher + "/OCB/NoPadding", "BC");
-        out = Cipher.getInstance(cipher + "/OCB/NoPadding", "BC");
-
-        in.init(Cipher.ENCRYPT_MODE, key, new IvParameterSpec(N));
-
-        byte[] enc = in.doFinal(P);
-        if (!areEqual(enc, C))
-        {
-            fail("ciphertext doesn't match in OCB got " + new String(Hex.encode(enc)));
-        }
-
-        out.init(Cipher.DECRYPT_MODE, key, new IvParameterSpec(N));
-
-        byte[] dec = out.doFinal(C);
-        if (!areEqual(dec, P))
-        {
-            fail("plaintext doesn't match in OCB");
-        }
-
-        try
-        {
-            in = Cipher.getInstance(cipher + "/OCB/PKCS5Padding", "BC");
-
-            fail("bad padding missed in OCB");
-        }
-        catch (NoSuchPaddingException e)
-        {
-            // expected
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new OCBTest());
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/OpenSSHSpecTests.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/OpenSSHSpecTests.java
deleted file mode 100644
index 76d8789..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/OpenSSHSpecTests.java
+++ /dev/null

@@ -1,211 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.StringReader;
-import java.security.KeyFactory;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.OpenSSHPrivateKeySpec;
-import org.bouncycastle.jce.spec.OpenSSHPublicKeySpec;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.io.pem.PemReader;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class OpenSSHSpecTests
-    extends SimpleTest
-{
-    private static final SecureRandom secureRandom = new SecureRandom();
-
-    public void testEncodingRSA()
-        throws Exception
-    {
-        byte[] rawPub = Base64.decode("AAAAB3NzaC1yc2EAAAADAQABAAAAgQDvh2BophdIp8ojwGZQR0FQ/awowXnV24nAPm+/na8MOUrdySNhOnlek4LAZl82/+Eu2t21XD6hQUiHKAj6XaNFBthTuss7Cz/tA348DLEMHD9wUtT0FXVmsxqN4BfusunbcULxxVWG2z8FvqeaGgc/Unkp9y7/kyf54pPUCBcClw==");
-        byte[] rawPriv = new PemReader(new StringReader("-----BEGIN RSA PRIVATE KEY-----\n" +
-            "MIICXgIBAAKBgQDvh2BophdIp8ojwGZQR0FQ/awowXnV24nAPm+/na8MOUrdySNh\n" +
-            "Onlek4LAZl82/+Eu2t21XD6hQUiHKAj6XaNFBthTuss7Cz/tA348DLEMHD9wUtT0\n" +
-            "FXVmsxqN4BfusunbcULxxVWG2z8FvqeaGgc/Unkp9y7/kyf54pPUCBcClwIDAQAB\n" +
-            "AoGBAOMXYEoXHgAeREE9CkOWKtDUkEJbnF0rNSB0kZIDt5BJSTeYmNh3jdYi2FX9\n" +
-            "OMx2MFIx4v0tJZvQvyiUxl5IJJ9ZJsYUWF+6VbcTVwYYfdVzZzP2TNyGmF9/ADZW\n" +
-            "wBehqP04uRlYjt94kqb4HoOKF3gJ3LC4uW9xcEltTBeHWCfhAkEA/2biF5St9/Ya\n" +
-            "540E4zu/FKPsxLSaT8LWCo9+X7IqIzlBQCB4GjM+nZeTm7eZOkfAFZoxwfiNde/9\n" +
-            "qleXXf6B2QJBAPAW+jDBC3QF4/g8n9cDxm/A3ICmcOFSychLSrydk9ZyRPbTRyQC\n" +
-            "YlC2mf/pCrO/yO7h189BXyQ3PXOEhnujce8CQQD7gDy0K90EiH0F94AQpA0OLj5B\n" +
-            "lfc/BAXycEtpwPBtrzvqAg9C/aNzXIgmly10jqNAoo7NDA2BTcrlq0uLa8xBAkBl\n" +
-            "7Hs+I1XnZXDIO4Rn1VRysN9rRj15ipnbDAuoUwUl7tDUMBFteg2e0kZCW/6NHIgC\n" +
-            "0aG6fLgVOdY+qi4lYtfFAkEAqqiBgEgSrDmnJLTm6j/Pv1mBA6b9bJbjOqomrDtr\n" +
-            "AWTXe+/kSCv/jYYdpNA/tDgAwEmtkWWEie6+SwJB5cXXqg==\n" +
-            "-----END RSA PRIVATE KEY-----\n")).readPemObject().getContent();
-
-
-        OpenSSHPublicKeySpec pubSpec = new OpenSSHPublicKeySpec(rawPub);
-        OpenSSHPrivateKeySpec privSpec = new OpenSSHPrivateKeySpec(rawPriv);
-
-        isEquals("Pk type", pubSpec.getType(), "ssh-rsa");
-        isEquals("Spec Type", privSpec.getFormat(), "ASN.1");
-
-
-        byte[] originalMessage = new byte[10];
-        secureRandom.nextBytes(originalMessage);
-
-        originalMessage[0] |= 1;
-
-        KeyFactory kpf = KeyFactory.getInstance("RSA", "BC");
-
-        PublicKey pk = kpf.generatePublic(pubSpec);
-        PrivateKey prk = kpf.generatePrivate(privSpec);
-
-        OpenSSHPublicKeySpec rcPublicKeySpec = (OpenSSHPublicKeySpec)kpf.getKeySpec(pk, OpenSSHPublicKeySpec.class);
-        OpenSSHPrivateKeySpec rcPrivateSpec = (OpenSSHPrivateKeySpec)kpf.getKeySpec(prk, OpenSSHPrivateKeySpec.class);
-
-        isEquals("Pk type", rcPublicKeySpec.getType(), "ssh-rsa");
-        isEquals("Spec Type", rcPrivateSpec.getFormat(), "ASN.1");
-
-        isTrue("RSAPublic key not same", Arrays.areEqual(rawPub, rcPublicKeySpec.getEncoded()));
-        isTrue("RSAPrivate key not same", Arrays.areEqual(rawPriv, rcPrivateSpec.getEncoded()));
-
-    }
-
-    public void testEncodingDSA()
-        throws Exception
-    {
-        byte[] rawPub = Base64.decode("AAAAB3NzaC1kc3MAAACBAJBB5+S4kZZYZLswaQ/zm3GM7YWmHsumwo/Xxu+z6Cg2l5PUoiBBZ4ET9EhhQuL2ja/zrCMCi0ZwiSRuSp36ayPrHLbNJb3VdOuJg8xExRa6F3YfVZfcTPUEKh6FU72fI31HrQmi4rpyHnWxL/iDX496ZG2Hdq6UkPISQpQwj4TtAAAAFQCP9TXcVahR/2rpfEhvdXR0PfhbRwAAAIBdXzAVqoOtb9zog6lNF1cGS1S06W9W/clvuwq2xF1s3bkoI/xUbFSc0IAPsGl2kcB61PAZqcop50lgpvYzt8cq/tbqz3ypq1dCQ0xdmJHj975QsRFax+w6xQ0kgpBhwcS2EOizKb+C+tRzndGpcDSoSMuVXp9i4wn5pJSTZxAYFQAAAIEAhQZc687zYxrEDR/1q6m4hw5GFxuVvLsC+bSHtMF0c11Qy4IPg7mBeP7K5Kq4WyJPtmZhuc5Bb12bJQR6qgd1uLn692fe1UK2kM6eWXBzhlzZ54BslfSKHGNN4qH+ln3Zaf/4rpKE7fvoinkrgkOZmj0PMx9D6wlpHKkXMUxeXtc=");
-        byte[] rawPriv = new PemReader(new StringReader("-----BEGIN DSA PRIVATE KEY-----\n" +
-            "MIIBuwIBAAKBgQCQQefkuJGWWGS7MGkP85txjO2Fph7LpsKP18bvs+goNpeT1KIg\n" +
-            "QWeBE/RIYULi9o2v86wjAotGcIkkbkqd+msj6xy2zSW91XTriYPMRMUWuhd2H1WX\n" +
-            "3Ez1BCoehVO9nyN9R60JouK6ch51sS/4g1+PemRth3aulJDyEkKUMI+E7QIVAI/1\n" +
-            "NdxVqFH/aul8SG91dHQ9+FtHAoGAXV8wFaqDrW/c6IOpTRdXBktUtOlvVv3Jb7sK\n" +
-            "tsRdbN25KCP8VGxUnNCAD7BpdpHAetTwGanKKedJYKb2M7fHKv7W6s98qatXQkNM\n" +
-            "XZiR4/e+ULERWsfsOsUNJIKQYcHEthDosym/gvrUc53RqXA0qEjLlV6fYuMJ+aSU\n" +
-            "k2cQGBUCgYEAhQZc687zYxrEDR/1q6m4hw5GFxuVvLsC+bSHtMF0c11Qy4IPg7mB\n" +
-            "eP7K5Kq4WyJPtmZhuc5Bb12bJQR6qgd1uLn692fe1UK2kM6eWXBzhlzZ54BslfSK\n" +
-            "HGNN4qH+ln3Zaf/4rpKE7fvoinkrgkOZmj0PMx9D6wlpHKkXMUxeXtcCFELnLOJ8\n" +
-            "D0akSCUFY/iDLo/KnOIH\n" +
-            "-----END DSA PRIVATE KEY-----\n")).readPemObject().getContent();
-
-
-        OpenSSHPublicKeySpec pubSpec = new OpenSSHPublicKeySpec(rawPub);
-        OpenSSHPrivateKeySpec privSpec = new OpenSSHPrivateKeySpec(rawPriv);
-
-        isEquals("Pk type", pubSpec.getType(), "ssh-dss");
-        isEquals("Spec Type", privSpec.getFormat(), "ASN.1");
-
-
-        byte[] originalMessage = new byte[10];
-        secureRandom.nextBytes(originalMessage);
-
-
-        originalMessage[0] |= 1;
-
-        KeyFactory kpf = KeyFactory.getInstance("DSA", "BC");
-
-        PublicKey pk = kpf.generatePublic(pubSpec);
-        PrivateKey prk = kpf.generatePrivate(privSpec);
-
-        OpenSSHPublicKeySpec dsaPublicKeySpec = (OpenSSHPublicKeySpec)kpf.getKeySpec(pk, OpenSSHPublicKeySpec.class);
-        OpenSSHPrivateKeySpec dsaPrivateSpec = (OpenSSHPrivateKeySpec)kpf.getKeySpec(prk, OpenSSHPrivateKeySpec.class);
-
-        isEquals("Pk type", dsaPublicKeySpec.getType(), "ssh-dss");
-        isEquals("Spec Type", dsaPrivateSpec.getFormat(), "ASN.1");
-
-        isTrue("DSA Public key not same", Arrays.areEqual(rawPub, dsaPublicKeySpec.getEncoded()));
-        isTrue("DSA Private key not same", Arrays.areEqual(rawPriv, dsaPrivateSpec.getEncoded()));
-
-    }
-
-    private void testEncodingECDSA()
-        throws Exception
-    {
-        byte[] rawPub = Base64.decode("AAAAE2VjZHNhLXNoYTItbmlzdHAyNTYAAAAIbmlzdHAyNTYAAABBBHq5qxGqnh93Gpbj2w1Avx1UwBl6z5bZC3Viog1yNHDZYcV6Da4YQ3i0/hN7xY7sUy9dNF6g16tJSYXQQ4tvO3g=");
-        byte[] rawPriv = new PemReader(new StringReader("-----BEGIN EC PRIVATE KEY-----\n" +
-            "MHcCAQEEIHeg/+m02j6nr4bO8ubfbzhs0fqOjiuIoWbvGnVg+FmpoAoGCCqGSM49\n" +
-            "AwEHoUQDQgAEermrEaqeH3caluPbDUC/HVTAGXrPltkLdWKiDXI0cNlhxXoNrhhD\n" +
-            "eLT+E3vFjuxTL100XqDXq0lJhdBDi287eA==\n" +
-            "-----END EC PRIVATE KEY-----\n")).readPemObject().getContent();
-
-        OpenSSHPublicKeySpec pubSpec = new OpenSSHPublicKeySpec(rawPub);
-        OpenSSHPrivateKeySpec privSpec = new OpenSSHPrivateKeySpec(rawPriv);
-
-        isEquals("ecdsa-sha2-nistp256", pubSpec.getType());
-        isEquals("Spec Type", privSpec.getFormat(), "ASN.1");
-
-        KeyFactory kpf = KeyFactory.getInstance("EC", "BC");
-
-        PublicKey pk = kpf.generatePublic(pubSpec);
-        PrivateKey prk = kpf.generatePrivate(privSpec);
-
-        OpenSSHPublicKeySpec ecdsaPublicKeySpec = (OpenSSHPublicKeySpec)kpf.getKeySpec(pk, OpenSSHPublicKeySpec.class);
-        OpenSSHPrivateKeySpec ecdsaPrivateSpec = (OpenSSHPrivateKeySpec)kpf.getKeySpec(prk, OpenSSHPrivateKeySpec.class);
-
-        isEquals("Spec Type", ecdsaPrivateSpec.getFormat(), "ASN.1");
-
-        isTrue("ECPublic key not same", Arrays.areEqual(rawPub, ecdsaPublicKeySpec.getEncoded()));
-        isTrue("ECPrivate key not same", Arrays.areEqual(rawPriv, ecdsaPrivateSpec.getEncoded()));
-
-        isEquals("ecdsa-sha2-nistp256", ecdsaPublicKeySpec.getType());
-    }
-
-    public void testED25519()
-        throws Exception
-    {
-        byte[] rawPub = Base64.decode("AAAAC3NzaC1lZDI1NTE5AAAAIM4CaV7WQcy0lht0hclgXf4Olyvzvv2fnUvQ3J8IYsWF");
-        byte[] rawPriv = new PemReader(new StringReader("-----BEGIN OPENSSH PRIVATE KEY-----\n" +
-            "b3BlbnNzaC1rZXktdjEAAAAABG5vbmUAAAAEbm9uZQAAAAAAAAABAAAAMwAAAAtzc2gtZW\n" +
-            "QyNTUxOQAAACDOAmle1kHMtJYbdIXJYF3+Dpcr8779n51L0NyfCGLFhQAAAKBTr4PvU6+D\n" +
-            "7wAAAAtzc2gtZWQyNTUxOQAAACDOAmle1kHMtJYbdIXJYF3+Dpcr8779n51L0NyfCGLFhQ\n" +
-            "AAAED4BTHeR3YD7CFQqusztfL5K+YSD4mRGLBwb7jHiXxIJM4CaV7WQcy0lht0hclgXf4O\n" +
-            "lyvzvv2fnUvQ3J8IYsWFAAAAG21lZ2Fud29vZHNAdHljaGUtMzI2NS5sb2NhbAEC\n" +
-            "-----END OPENSSH PRIVATE KEY-----\n")).readPemObject().getContent();
-
-        OpenSSHPublicKeySpec pubSpec = new OpenSSHPublicKeySpec(rawPub);
-        OpenSSHPrivateKeySpec privSpec = new OpenSSHPrivateKeySpec(rawPriv);
-
-        isEquals("Pk type", pubSpec.getType(), "ssh-ed25519");
-        isEquals("Spec Type", privSpec.getFormat(), "OpenSSH");
-
-        KeyFactory kpf = KeyFactory.getInstance("ED25519", "BC");
-
-        PublicKey pk = kpf.generatePublic(pubSpec);
-        PrivateKey prk = kpf.generatePrivate(privSpec);
-
-        OpenSSHPublicKeySpec edDsaPublicKeySpec = (OpenSSHPublicKeySpec)kpf.getKeySpec(pk, OpenSSHPublicKeySpec.class);
-        OpenSSHPrivateKeySpec edDsaPrivateKeySpec = (OpenSSHPrivateKeySpec)kpf.getKeySpec(prk, OpenSSHPrivateKeySpec.class);
-
-        isEquals("Pk type", edDsaPublicKeySpec.getType(), "ssh-ed25519");
-        isEquals("Spec Type", edDsaPrivateKeySpec.getFormat(), "OpenSSH");
-
-
-        isTrue("EDPublic key not same", Arrays.areEqual(rawPub, edDsaPublicKeySpec.getEncoded()));
-
-        isTrue("EDPrivate key not same", Arrays.areEqual(
-            Hex.decode("6f70656e7373682d6b65792d763100000000046e6f6e65000000046e6f6e650000000000000001000000330000000b7373682d6564323535313900000020ce02695ed641ccb4961b7485c9605dfe0e972bf3befd9f9d4bd0dc9f0862c5850000008300ff00ff00ff00ff0000000b7373682d6564323535313900000020ce02695ed641ccb4961b7485c9605dfe0e972bf3befd9f9d4bd0dc9f0862c58500000040f80531de477603ec2150aaeb33b5f2f92be6120f899118b0706fb8c7897c4824ce02695ed641ccb4961b7485c9605dfe0e972bf3befd9f9d4bd0dc9f0862c58500000000"),
-            edDsaPrivateKeySpec.getEncoded()));
-
-        isEquals("ssh-ed25519", edDsaPublicKeySpec.getType());
-    }
-
-    public String getName()
-    {
-        return "OpenSSHSpec";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        testEncodingDSA();
-        testEncodingRSA();
-        testEncodingECDSA();
-        testED25519();
-    }
-
-    public static void main(String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new OpenSSHSpecTests());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/PBETest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/PBETest.java
deleted file mode 100644
index 0dfbbad..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/PBETest.java
+++ /dev/null

@@ -1,819 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.security.AlgorithmParameters;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.InvalidParameterSpecException;
-import java.security.spec.KeySpec;
-
-import javax.crypto.Cipher;
-import javax.crypto.KeyGenerator;
-import javax.crypto.Mac;
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.PBEKeySpec;
-import javax.crypto.spec.PBEParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.asn1.bc.BCObjectIdentifiers;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.PBEParametersGenerator;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.generators.OpenSSLPBEParametersGenerator;
-import org.bouncycastle.crypto.generators.PKCS12ParametersGenerator;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.jcajce.PKCS12Key;
-import org.bouncycastle.jcajce.PKCS12KeyWithParameters;
-import org.bouncycastle.jcajce.provider.symmetric.util.BCPBEKey;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * test out the various PBE modes, making sure the JCE implementations
- * are compatible woth the light weight ones.
- */
-public class PBETest
-    extends SimpleTest
-{
-    private class OpenSSLTest
-        extends SimpleTest
-    {
-        char[]    password;
-        String    baseAlgorithm;
-        String    algorithm;
-        int       keySize;
-        int       ivSize;
-        
-        OpenSSLTest(
-            String    baseAlgorithm,
-            String    algorithm,
-            int       keySize,
-            int       ivSize)
-        {
-            this.password = algorithm.toCharArray();
-            this.baseAlgorithm = baseAlgorithm;
-            this.algorithm = algorithm;
-            this.keySize = keySize;
-            this.ivSize = ivSize;
-        }
-        
-        public String getName()
-        {
-            return "OpenSSLPBE";
-        }
-    
-        public void performTest()
-            throws Exception
-        {
-            byte[] salt = new byte[16];
-            int    iCount = 100;
-            
-            for (int i = 0; i != salt.length; i++)
-            {
-                salt[i] = (byte)i;
-            }
-
-            OpenSSLPBEParametersGenerator   pGen = new OpenSSLPBEParametersGenerator();
-
-            pGen.init(
-                    PBEParametersGenerator.PKCS5PasswordToBytes(password),
-                    salt,
-                    iCount);
-
-            ParametersWithIV params = (ParametersWithIV)pGen.generateDerivedParameters(keySize, ivSize);
-
-            SecretKeySpec   encKey = new SecretKeySpec(((KeyParameter)params.getParameters()).getKey(), baseAlgorithm);
-
-            Cipher          c;
-
-            if (baseAlgorithm.equals("RC4"))
-            {
-                c = Cipher.getInstance(baseAlgorithm, "BC");
-
-                c.init(Cipher.ENCRYPT_MODE, encKey);
-            }
-            else
-            {
-                c = Cipher.getInstance(baseAlgorithm + "/CBC/PKCS7Padding", "BC");
-
-                c.init(Cipher.ENCRYPT_MODE, encKey, new IvParameterSpec(params.getIV()));
-            }
-
-            byte[]          enc = c.doFinal(salt);
-
-            c = Cipher.getInstance(algorithm, "BC");
-
-            PBEKeySpec          keySpec = new PBEKeySpec(password, salt, iCount);
-            SecretKeyFactory    fact = SecretKeyFactory.getInstance(algorithm, "BC");
-
-            c.init(Cipher.DECRYPT_MODE, fact.generateSecret(keySpec));
-
-            byte[]          dec = c.doFinal(enc);
-
-            if (!Arrays.areEqual(salt, dec))
-            {
-                fail("" + algorithm + "failed encryption/decryption test");
-            }
-        }
-    }
-    
-    private class PKCS12Test
-        extends SimpleTest
-    {
-        char[]    password;
-        String    baseAlgorithm;
-        String    algorithm;
-        Digest    digest;
-        int       keySize;
-        int       ivSize;
-        
-        PKCS12Test(
-            String    baseAlgorithm,
-            String    algorithm,
-            Digest    digest,
-            int       keySize,
-            int       ivSize)
-        {
-            this.password = algorithm.toCharArray();
-            this.baseAlgorithm = baseAlgorithm;
-            this.algorithm = algorithm;
-            this.digest = digest;
-            this.keySize = keySize;
-            this.ivSize = ivSize;
-        }
-        
-        public String getName()
-        {
-            return "PKCS12PBE";
-        }
-    
-        public void performTest()
-            throws Exception
-        {
-            byte[] salt = new byte[digest.getDigestSize()];
-            int    iCount = 100;
-            
-            digest.doFinal(salt, 0);
-
-            PKCS12ParametersGenerator   pGen = new PKCS12ParametersGenerator(digest);
-
-            pGen.init(
-                    PBEParametersGenerator.PKCS12PasswordToBytes(password),
-                    salt,
-                    iCount);
-
-            ParametersWithIV params = (ParametersWithIV)pGen.generateDerivedParameters(keySize, ivSize);
-
-            SecretKeySpec   encKey = new SecretKeySpec(((KeyParameter)params.getParameters()).getKey(), baseAlgorithm);
-
-            Cipher          c;
-
-            if (baseAlgorithm.equals("RC4"))
-            {
-                c = Cipher.getInstance(baseAlgorithm, "BC");
-
-                c.init(Cipher.ENCRYPT_MODE, encKey);
-            }
-            else
-            {
-                c = Cipher.getInstance(baseAlgorithm + "/CBC/PKCS7Padding", "BC");
-
-                c.init(Cipher.ENCRYPT_MODE, encKey, new IvParameterSpec(params.getIV()));
-            }
-
-            byte[]          enc = c.doFinal(salt);
-
-            c = Cipher.getInstance(algorithm, "BC");
-
-            PBEKeySpec          keySpec = new PBEKeySpec(password, salt, iCount);
-            SecretKeyFactory    fact = SecretKeyFactory.getInstance(algorithm, "BC");
-
-            c.init(Cipher.DECRYPT_MODE, fact.generateSecret(keySpec));
-
-            byte[]          dec = c.doFinal(enc);
-
-            if (!Arrays.areEqual(salt, dec))
-            {
-                fail("" + algorithm + "failed encryption/decryption test");
-            }
-
-            //
-            // get the parameters
-            //
-            AlgorithmParameters param = checkParameters(c, salt, iCount);
-
-            //
-            // try using parameters
-            //
-            c = Cipher.getInstance(algorithm, "BC");
-
-            keySpec = new PBEKeySpec(password);
-
-            c.init(Cipher.DECRYPT_MODE, fact.generateSecret(keySpec), param);
-
-            checkParameters(c, salt, iCount);
-
-            dec = c.doFinal(enc);
-
-            if (!Arrays.areEqual(salt, dec))
-            {
-                fail("" + algorithm + "failed encryption/decryption test");
-            }
-
-            //
-            // try using PBESpec
-            //
-            c = Cipher.getInstance(algorithm, "BC");
-
-            keySpec = new PBEKeySpec(password);
-
-            c.init(Cipher.DECRYPT_MODE, fact.generateSecret(keySpec), param.getParameterSpec(PBEParameterSpec.class));
-
-            checkParameters(c, salt, iCount);
-
-            dec = c.doFinal(enc);
-
-            if (!Arrays.areEqual(salt, dec))
-            {
-                fail("" + algorithm + "failed encryption/decryption test");
-            }
-        }
-
-        private AlgorithmParameters checkParameters(Cipher c, byte[] salt, int iCount)
-            throws InvalidParameterSpecException
-        {
-            AlgorithmParameters param = c.getParameters();
-            PBEParameterSpec spec = (PBEParameterSpec)param.getParameterSpec(PBEParameterSpec.class);
-
-            if (!Arrays.areEqual(salt, spec.getSalt()))
-            {
-                fail("" + algorithm + "failed salt test");
-            }
-
-            if (iCount != spec.getIterationCount())
-            {
-                fail("" + algorithm + "failed count test");
-            }
-            return param;
-        }
-    }
-    
-    private PKCS12Test[] pkcs12Tests = {
-        new PKCS12Test("DESede", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC",  new SHA1Digest(),   192,  64),
-        new PKCS12Test("DESede", "PBEWITHSHAAND2-KEYTRIPLEDES-CBC",  new SHA1Digest(),   128,  64),
-        new PKCS12Test("RC4",    "PBEWITHSHAAND128BITRC4",           new SHA1Digest(),   128,   0),
-        new PKCS12Test("RC4",    "PBEWITHSHAAND40BITRC4",            new SHA1Digest(),    40,   0),
-        new PKCS12Test("RC2",    "PBEWITHSHAAND128BITRC2-CBC",       new SHA1Digest(),   128,  64),
-        new PKCS12Test("RC2",    "PBEWITHSHAAND40BITRC2-CBC",        new SHA1Digest(),    40,  64),
-        new PKCS12Test("AES",    "PBEWithSHA1And128BitAES-CBC-BC",   new SHA1Digest(),   128, 128),
-        new PKCS12Test("AES",    "PBEWithSHA1And192BitAES-CBC-BC",   new SHA1Digest(),   192, 128),
-        new PKCS12Test("AES",    "PBEWithSHA1And256BitAES-CBC-BC",   new SHA1Digest(),   256, 128),
-        new PKCS12Test("AES",    "PBEWithSHA256And128BitAES-CBC-BC", new SHA256Digest(), 128, 128),
-        new PKCS12Test("AES",    "PBEWithSHA256And192BitAES-CBC-BC", new SHA256Digest(), 192, 128),   
-        new PKCS12Test("AES",    "PBEWithSHA256And256BitAES-CBC-BC", new SHA256Digest(), 256, 128),
-        new PKCS12Test("Twofish","PBEWithSHAAndTwofish-CBC",         new SHA1Digest(),   256, 128),
-        new PKCS12Test("IDEA",   "PBEWithSHAAndIDEA-CBC",            new SHA1Digest(),   128,  64),
-        new PKCS12Test("AES",    BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes128_cbc.getId(),   new SHA1Digest(),   128, 128),
-        new PKCS12Test("AES",    BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes192_cbc.getId(),   new SHA1Digest(),   192, 128),
-        new PKCS12Test("AES",    BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes256_cbc.getId(),   new SHA1Digest(),   256, 128),
-        new PKCS12Test("AES",    BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes128_cbc.getId(), new SHA256Digest(), 128, 128),
-        new PKCS12Test("AES",    BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes192_cbc.getId(), new SHA256Digest(), 192, 128),
-        new PKCS12Test("AES",    BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes256_cbc.getId(), new SHA256Digest(), 256, 128),
-    };
-    
-    private OpenSSLTest openSSLTests[] = {
-        new OpenSSLTest("AES", "PBEWITHMD5AND128BITAES-CBC-OPENSSL", 128, 128),
-        new OpenSSLTest("AES", "PBEWITHMD5AND192BITAES-CBC-OPENSSL", 192, 128),
-        new OpenSSLTest("AES", "PBEWITHMD5AND256BITAES-CBC-OPENSSL", 256, 128)
-    };
-    
-    static byte[]   message = Hex.decode("4869205468657265");
-    
-    private byte[] hMac1 = Hex.decode("bcc42174ccb04f425d9a5c8c4a95d6fd7c372911");
-    private byte[] hMac2 = Hex.decode("cb1d8bdb6aca9e3fa8980d6eb41ab28a7eb2cfd6");
-    private byte[] hMac3 = Hex.decode("514aa173a302c770689269aac08eb8698e5879ac");
-
-    private Cipher makePBECipherUsingParam(
-        String  algorithm,
-        int     mode,
-        char[]  password,
-        byte[]  salt,
-        int     iterationCount)
-        throws Exception
-    {
-        PBEKeySpec          pbeSpec = new PBEKeySpec(password);
-        SecretKeyFactory    keyFact = SecretKeyFactory.getInstance(algorithm, "BC");
-        PBEParameterSpec    defParams = new PBEParameterSpec(salt, iterationCount);
-
-        Cipher cipher = Cipher.getInstance(algorithm, "BC");
-
-        cipher.init(mode, keyFact.generateSecret(pbeSpec), defParams);
-
-        return cipher;
-    }
-
-    private Cipher makePBECipherWithoutParam(
-        String  algorithm,
-        int     mode,
-        char[]  password,
-        byte[]  salt,
-        int     iterationCount)
-        throws Exception
-    {
-        PBEKeySpec          pbeSpec = new PBEKeySpec(password, salt, iterationCount);
-        SecretKeyFactory    keyFact = SecretKeyFactory.getInstance(algorithm, "BC");
-
-        Cipher cipher = Cipher.getInstance(algorithm, "BC");
-
-        cipher.init(mode, keyFact.generateSecret(pbeSpec));
-
-        return cipher;
-    }
-
-    public void testPBEHMac(
-        String  hmacName,
-        byte[]  output)
-    {
-        SecretKey           key;
-        byte[]              out;
-        Mac                 mac;
-
-        try
-        {
-            SecretKeyFactory    fact = SecretKeyFactory.getInstance(hmacName, "BC");
-
-            key = fact.generateSecret(new PBEKeySpec("hello".toCharArray()));
-            
-            mac = Mac.getInstance(hmacName, "BC");
-        }
-        catch (Exception e)
-        {
-            fail("Failed - exception " + e.toString(), e);
-            return;
-        }
-
-        try
-        {
-            mac.init(key, new PBEParameterSpec(new byte[20], 100));
-        }
-        catch (Exception e)
-        {
-            fail("Failed - exception " + e.toString(), e);
-            return;
-        }
-
-        mac.reset();
-        
-        mac.update(message, 0, message.length);
-
-        out = mac.doFinal();
-
-        if (!Arrays.areEqual(out, output))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(out)));
-        }
-    }
-
-    public void testPKCS12HMac(
-        String  hmacName,
-        byte[]  output)
-    {
-        SecretKey           key;
-        byte[]              out;
-        Mac                 mac;
-
-        try
-        {
-            mac = Mac.getInstance(hmacName, "BC");
-        }
-        catch (Exception e)
-        {
-            fail("Failed - exception " + e.toString(), e);
-            return;
-        }
-
-        try
-        {
-            mac.init(new PKCS12Key("hello".toCharArray()), new PBEParameterSpec(new byte[20], 100));
-        }
-        catch (Exception e)
-        {
-            fail("Failed - exception " + e.toString(), e);
-            return;
-        }
-
-        mac.reset();
-
-        mac.update(message, 0, message.length);
-
-        out = mac.doFinal();
-
-        if (!Arrays.areEqual(out, output))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(out)));
-        }
-    }
-
-    public void testPBEonSecretKeyHmac(
-        String  hmacName,
-        byte[]  output)
-    {
-        SecretKey           key;
-        byte[]              out;
-        Mac                 mac;
-
-        try
-        {
-            SecretKeyFactory    fact = SecretKeyFactory.getInstance(hmacName, "BC");
-
-            key = fact.generateSecret(new PBEKeySpec("hello".toCharArray(), new byte[20], 100, 160));
-
-            mac = Mac.getInstance("HMAC-SHA1", "BC");
-        }
-        catch (Exception e)
-        {
-            fail("Failed - exception " + e.toString(), e);
-            return;
-        }
-
-        try
-        {
-            mac.init(key);
-        }
-        catch (Exception e)
-        {
-            fail("Failed - exception " + e.toString(), e);
-            return;
-        }
-
-        mac.reset();
-
-        mac.update(message, 0, message.length);
-
-        out = mac.doFinal();
-
-        if (!Arrays.areEqual(out, output))
-        {
-            fail("Failed - expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(out)));
-        }
-    }
-
-    private void testCipherNameWithWrap(String name, String simpleName)
-        throws Exception
-    {
-        KeyGenerator kg = KeyGenerator.getInstance("AES");
-        kg.init(new SecureRandom());
-        SecretKey key = kg.generateKey();
-
-        byte[] salt = {
-                        (byte)0xc7, (byte)0x73, (byte)0x21, (byte)0x8c,
-                        (byte)0x7e, (byte)0xc8, (byte)0xee, (byte)0x99
-                        };
-        char[] password = { 'p','a','s','s','w','o','r','d' };
-
-        PBEParameterSpec pbeParamSpec = new PBEParameterSpec(salt, 20);
-        PBEKeySpec pbeKeySpec = new PBEKeySpec(password);
-        SecretKeyFactory keyFac =
-        SecretKeyFactory.getInstance(name);
-        SecretKey pbeKey = keyFac.generateSecret(pbeKeySpec);
-        Cipher pbeEncryptCipher = Cipher.getInstance(name, "BC");
-
-        pbeEncryptCipher.init(Cipher.WRAP_MODE, pbeKey, pbeParamSpec);
-
-        byte[] symKeyBytes = pbeEncryptCipher.wrap(key);
-
-        Cipher simpleCipher = Cipher.getInstance(simpleName, "BC");
-
-        simpleCipher.init(Cipher.UNWRAP_MODE, pbeKey, pbeParamSpec);
-
-        SecretKey unwrappedKey = (SecretKey)simpleCipher.unwrap(symKeyBytes, "AES", Cipher.SECRET_KEY);
-
-        if (!Arrays.areEqual(unwrappedKey.getEncoded(), key.getEncoded()))
-        {
-            fail("key mismatch on unwrapping");
-        }
-    }
-
-    public void testNullSalt()
-        throws Exception
-    {
-        SecretKeyFactory skf = SecretKeyFactory.getInstance("PBEWITHSHAAND128BITAES-CBC-BC");
-        Key key = skf.generateSecret(new PBEKeySpec("secret".toCharArray()));
-
-        Cipher cipher = Cipher.getInstance("PBEWITHSHAAND128BITAES-CBC-BC");
-
-        try
-        {
-            cipher.init(Cipher.ENCRYPT_MODE, key, (AlgorithmParameterSpec)null);
-            fail("no exception");
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            isTrue("wrong message", "PBEKey requires parameters to specify salt".equals(e.getMessage()));
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        byte[] input = Hex.decode("1234567890abcdefabcdef1234567890fedbca098765");
-
-        //
-        // DES
-        //
-        Cipher  cEnc = Cipher.getInstance("DES/CBC/PKCS7Padding", "BC");
-
-        cEnc.init(Cipher.ENCRYPT_MODE,
-            new SecretKeySpec(Hex.decode("30e69252758e5346"), "DES"),
-            new IvParameterSpec(Hex.decode("7c1c1ab9c454a688")));
-
-        byte[]  out = cEnc.doFinal(input);
-
-        char[]  password = { 'p', 'a', 's', 's', 'w', 'o', 'r', 'd' };
-
-        Cipher  cDec = makePBECipherUsingParam(
-                            "PBEWithSHA1AndDES",
-                            Cipher.DECRYPT_MODE,
-                            password,
-                            Hex.decode("7d60435f02e9e0ae"),
-                            2048);
-
-        byte[]  in = cDec.doFinal(out);
-
-        if (!Arrays.areEqual(input, in))
-        {
-            fail("DES failed");
-        }
-
-        cDec = makePBECipherWithoutParam(
-                "PBEWithSHA1AndDES",
-                Cipher.DECRYPT_MODE,
-                password,
-                Hex.decode("7d60435f02e9e0ae"),
-                2048);
-
-        in = cDec.doFinal(out);
-        
-        if (!Arrays.areEqual(input, in))
-        {
-            fail("DES failed without param");
-        }
-        
-        //
-        // DESede
-        //
-        cEnc = Cipher.getInstance("DESede/CBC/PKCS7Padding", "BC");
-
-        cEnc.init(Cipher.ENCRYPT_MODE,
-            new SecretKeySpec(Hex.decode("732f2d33c801732b7206756cbd44f9c1c103ddd97c7cbe8e"), "DES"),
-            new IvParameterSpec(Hex.decode("b07bf522c8d608b8")));
-
-        out = cEnc.doFinal(input);
-
-        cDec = makePBECipherUsingParam(
-                            "PBEWithSHAAnd3-KeyTripleDES-CBC",
-                            Cipher.DECRYPT_MODE,
-                            password,
-                            Hex.decode("7d60435f02e9e0ae"),
-                            2048);
-
-        in = cDec.doFinal(out);
-
-        if (!Arrays.areEqual(input, in))
-        {
-            fail("DESede failed");
-        }
-
-        //
-        // 40Bit RC2
-        //
-        cEnc = Cipher.getInstance("RC2/CBC/PKCS7Padding", "BC");
-
-        cEnc.init(Cipher.ENCRYPT_MODE,
-            new SecretKeySpec(Hex.decode("732f2d33c8"), "RC2"),
-            new IvParameterSpec(Hex.decode("b07bf522c8d608b8")));
-
-        out = cEnc.doFinal(input);
-
-        cDec = makePBECipherUsingParam(
-                            "PBEWithSHAAnd40BitRC2-CBC",
-                            Cipher.DECRYPT_MODE,
-                            password,
-                            Hex.decode("7d60435f02e9e0ae"),
-                            2048);
-
-        in = cDec.doFinal(out);
-
-        if (!Arrays.areEqual(input, in))
-        {
-            fail("RC2 failed");
-        }
-
-        //
-        // 128bit RC4
-        //
-        cEnc = Cipher.getInstance("RC4", "BC");
-
-        cEnc.init(Cipher.ENCRYPT_MODE,
-            new SecretKeySpec(Hex.decode("732f2d33c801732b7206756cbd44f9c1"), "RC4"));
-
-        out = cEnc.doFinal(input);
-
-        cDec = makePBECipherUsingParam(
-                            "PBEWithSHAAnd128BitRC4",
-                            Cipher.DECRYPT_MODE,
-                            password,
-                            Hex.decode("7d60435f02e9e0ae"),
-                            2048);
-
-        in = cDec.doFinal(out);
-
-        if (!Arrays.areEqual(input, in))
-        {
-            fail("RC4 failed");
-        }
-
-        cDec = makePBECipherWithoutParam(
-                "PBEWithSHAAnd128BitRC4",
-                Cipher.DECRYPT_MODE,
-                password,
-                Hex.decode("7d60435f02e9e0ae"),
-                2048);
-
-        in = cDec.doFinal(out);
-        
-        if (!Arrays.areEqual(input, in))
-        {
-            fail("RC4 failed without param");
-        }
-
-        for (int i = 0; i != pkcs12Tests.length; i++)
-        {
-            pkcs12Tests[i].perform();
-        }
-        
-        for (int i = 0; i != openSSLTests.length; i++)
-        {
-            openSSLTests[i].perform();
-        }
-
-        testPKCS12Interop();
-
-        testPBEHMac("PBEWithHMacSHA1", hMac1);
-        testPBEHMac("PBEWithHMacRIPEMD160", hMac2);
-
-        testPBEonSecretKeyHmac("PBKDF2WithHmacSHA1", hMac3);
-
-        testCipherNameWithWrap("PBEWITHSHA256AND128BITAES-CBC-BC", "AES/CBC/PKCS5Padding");
-        testCipherNameWithWrap("PBEWITHSHAAND40BITRC4", "RC4");
-        testCipherNameWithWrap("PBEWITHSHAAND128BITRC4", "RC4");
-
-        checkPBE("PBKDF2WithHmacSHA1", true, "f14687fc31a66e2f7cc01d0a65f687961bd27e20", "6f6579193d6433a3e4600b243bb390674f04a615");
-
-        testPKCS12HMac("HMacSHA1", Hex.decode("bcc42174ccb04f425d9a5c8c4a95d6fd7c372911"));
-        testPKCS12HMac("HMacSHA256", Hex.decode("e1ae77e2d1dcc56a8befa3867ea3ff8c2163b01885504379412e525b120bf9ce"));
-        testPKCS12HMac("HMacSHA384", Hex.decode("1256a861351db2082f2ba827ca72cede54ee851f533962bba1fd97b500b6d6eb42aa4a51920aca0c817955feaf52d7f8"));
-        testPKCS12HMac("HMacSHA512", Hex.decode("9090898971914cb2e65eb1b083f1cad1ce9a9d386f963a2e2ede965fbce0a7121526b5f8aed83f81db60b97ced0bc4b0c27cf23407028cc2f289957f607cec98"));
-        testPKCS12HMac("HMacRIPEMD160", Hex.decode("cb1d8bdb6aca9e3fa8980d6eb41ab28a7eb2cfd6"));
-
-        try
-        {
-            Mac mac = Mac.getInstance("HMacRIPEMD256", "BC");
-
-            mac.init(new PKCS12Key("hello".toCharArray()), new PBEParameterSpec(new byte[20], 100));
-            fail("no exception");
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            isTrue("wrong exception", "no PKCS12 mapping for HMAC: RIPEMD256/HMAC".equals(e.getMessage()));
-        }
-
-        testMixedKeyTypes();
-        testNullSalt();
-    }
-
-    private void testPKCS12Interop()
-        throws Exception
-    {
-        final String algorithm = "PBEWithSHA256And192BitAES-CBC-BC";
-
-        final PBEKeySpec keySpec = new PBEKeySpec("foo123".toCharArray(), Hex.decode("01020304050607080910"), 1024);
-        final SecretKeyFactory fact = SecretKeyFactory.getInstance(algorithm, "BC");
-
-        BCPBEKey bcpbeKey = (BCPBEKey)fact.generateSecret(keySpec);
-
-        Cipher c1 = Cipher.getInstance(algorithm, "BC");
-
-        c1.init(Cipher.ENCRYPT_MODE, new PKCS12KeyWithParameters("foo123".toCharArray(), Hex.decode("01020304050607080910"), 1024));
-
-        Cipher c2 = Cipher.getInstance("AES/CBC/PKCS7Padding", "BC");
-
-        c2.init(Cipher.DECRYPT_MODE, new SecretKeySpec(bcpbeKey.getEncoded(), "AES"), new IvParameterSpec(((ParametersWithIV)bcpbeKey.getParam()).getIV()));
-
-        if (!Arrays.areEqual(Hex.decode("deadbeef"), c2.doFinal(c1.doFinal(Hex.decode("deadbeef")))))
-        {
-            fail("new key failed");
-        }
-
-        c1.init(Cipher.ENCRYPT_MODE, bcpbeKey);
-
-        if (!Arrays.areEqual(Hex.decode("deadbeef"), c2.doFinal(c1.doFinal(Hex.decode("deadbeef")))))
-        {
-            fail("old key failed");
-        }
-    }
-
-    private void checkPBE(String baseAlg, boolean defIsUTF8, String utf8, String eightBit)
-        throws Exception
-    {
-        byte[] utf8K = Hex.decode(utf8);
-        byte[] ascK = Hex.decode(eightBit);
-
-        SecretKeyFactory f = SecretKeyFactory.getInstance(baseAlg, "BC");
-        KeySpec ks1 = new PBEKeySpec("\u0141\u0142".toCharArray(), new byte[20], 4096, 160);
-        if (!Arrays.areEqual((defIsUTF8) ? utf8K : ascK, f.generateSecret(ks1).getEncoded()))
-        {
-            fail(baseAlg + " wrong PBKDF2 k1 key generated, got : " + new String(Hex.encode(f.generateSecret(ks1).getEncoded())));
-        }
-
-        KeySpec ks2 = new PBEKeySpec("\u0041\u0042".toCharArray(), new byte[20], 4096, 160);
-        if (!Arrays.areEqual(ascK, f.generateSecret(ks2).getEncoded()))
-        {
-            fail(baseAlg + " wrong PBKDF2 k2 key generated");
-        }
-        f = SecretKeyFactory.getInstance(baseAlg + "AndUTF8", "BC");
-        ks1 = new PBEKeySpec("\u0141\u0142".toCharArray(), new byte[20], 4096, 160);
-        if (!Arrays.areEqual(utf8K, f.generateSecret(ks1).getEncoded()))
-        {
-            fail(baseAlg + " wrong PBKDF2 k1 utf8 key generated");
-        }
-
-        ks2 = new PBEKeySpec("\u0041\u0042".toCharArray(), new byte[20], 4096, 160);
-        if (!Arrays.areEqual(ascK, f.generateSecret(ks2).getEncoded()))
-        {
-            fail(baseAlg + " wrong PBKDF2 k2 utf8 key generated");
-        }
-        f = SecretKeyFactory.getInstance(baseAlg + "And8BIT", "BC");
-        ks1 = new PBEKeySpec("\u0141\u0142".toCharArray(), new byte[20], 4096, 160);
-        if (!Arrays.areEqual(ascK, f.generateSecret(ks1).getEncoded()))
-        {
-            fail(baseAlg + " wrong PBKDF2 k1 8bit key generated");
-        }
-
-        ks2 = new PBEKeySpec("\u0041\u0042".toCharArray(), new byte[20], 4096, 160);
-        if (!Arrays.areEqual(ascK, f.generateSecret(ks2).getEncoded()))
-        {
-            fail(baseAlg + " wrong PBKDF2 k2 8bit key generated");
-        }
-    }
-
-    // for regression testing only - don't try this at home.
-    public void testMixedKeyTypes()
-        throws Exception
-    {
-        String provider = "BC";
-        SecretKeyFactory skf =
-            SecretKeyFactory.getInstance("PBKDF2WITHHMACSHA1", provider);
-        PBEKeySpec pbeks = new PBEKeySpec("password".toCharArray(), Strings.toByteArray("salt"), 100, 128);
-        SecretKey secretKey = skf.generateSecret(pbeks);
-        PBEParameterSpec paramSpec = new PBEParameterSpec(pbeks.getSalt(), pbeks.getIterationCount());
-
-        // in this case pbeSpec picked up from internal class representing key
-        Cipher cipher =
-            Cipher.getInstance("PBEWITHSHAAND128BITAES-CBC-BC", provider);
-
-        try
-        {
-            cipher.init(Cipher.ENCRYPT_MODE, secretKey);
-            fail("no exception");
-        }
-        catch (InvalidKeyException e)
-        {
-            isTrue("wrong exception", "Algorithm requires a PBE key suitable for PKCS12".equals(e.getMessage()));
-        }
-    }
-
-    public String getName()
-    {
-        return "PBETest";
-    }
-
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new PBETest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/PEMData.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/PEMData.java
deleted file mode 100644
index e78d4c8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/PEMData.java
+++ /dev/null

@@ -1,114 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-public class PEMData
-{
-    public static String CERTIFICATE_1 =
-       "-----BEGIN X509 CERTIFICATE-----\r"
-     + "MIIDXjCCAsegAwIBAgIBBzANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx\r"
-     + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY\r"
-     + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB\r"
-     + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ\r"
-     + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU2MjFaFw0wMTA2\r"
-     + "MDIwNzU2MjFaMIG4MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW\r"
-     + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM\r"
-     + "dGQxFzAVBgNVBAsTDldlYnNlcnZlciBUZWFtMR0wGwYDVQQDExR3d3cyLmNvbm5l\r"
-     + "Y3Q0LmNvbS5hdTEoMCYGCSqGSIb3DQEJARYZd2VibWFzdGVyQGNvbm5lY3Q0LmNv\r"
-     + "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArvDxclKAhyv7Q/Wmr2re\r"
-     + "Gw4XL9Cnh9e+6VgWy2AWNy/MVeXdlxzd7QAuc1eOWQkGQEiLPy5XQtTY+sBUJ3AO\r"
-     + "Rvd2fEVJIcjf29ey7bYua9J/vz5MG2KYo9/WCHIwqD9mmG9g0xLcfwq/s8ZJBswE\r"
-     + "7sb85VU+h94PTvsWOsWuKaECAwEAAaN3MHUwJAYDVR0RBB0wG4EZd2VibWFzdGVy\r"
-     + "QGNvbm5lY3Q0LmNvbS5hdTA6BglghkgBhvhCAQ0ELRYrbW9kX3NzbCBnZW5lcmF0\r"
-     + "ZWQgY3VzdG9tIHNlcnZlciBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCBkAw\r"
-     + "DQYJKoZIhvcNAQEEBQADgYEAotccfKpwSsIxM1Hae8DR7M/Rw8dg/RqOWx45HNVL\r"
-     + "iBS4/3N/TO195yeQKbfmzbAA2jbPVvIvGgTxPgO1MP4ZgvgRhasaa0qCJCkWvpM4\r"
-     + "yQf33vOiYQbpv4rTwzU8AmRlBG45WdjyNIigGV+oRc61aKCTnLq7zB8N3z1TF/bF\r"
-     + "5/8=\r"
-     + "-----END X509 CERTIFICATE-----\r";
-
-    public static String CERTIFICATE_2 =
-       "-----BEGIN CERTIFICATE-----\n"
-     + "MIIDXjCCAsegAwIBAgIBBzANBgkqhkiG9w0BAQQFADCBtzELMAkGA1UEBhMCQVUx\n"
-     + "ETAPBgNVBAgTCFZpY3RvcmlhMRgwFgYDVQQHEw9Tb3V0aCBNZWxib3VybmUxGjAY\n"
-     + "BgNVBAoTEUNvbm5lY3QgNCBQdHkgTHRkMR4wHAYDVQQLExVDZXJ0aWZpY2F0ZSBB\n"
-     + "dXRob3JpdHkxFTATBgNVBAMTDENvbm5lY3QgNCBDQTEoMCYGCSqGSIb3DQEJARYZ\n"
-     + "d2VibWFzdGVyQGNvbm5lY3Q0LmNvbS5hdTAeFw0wMDA2MDIwNzU2MjFaFw0wMTA2\n"
-     + "MDIwNzU2MjFaMIG4MQswCQYDVQQGEwJBVTERMA8GA1UECBMIVmljdG9yaWExGDAW\n"
-     + "BgNVBAcTD1NvdXRoIE1lbGJvdXJuZTEaMBgGA1UEChMRQ29ubmVjdCA0IFB0eSBM\n"
-     + "dGQxFzAVBgNVBAsTDldlYnNlcnZlciBUZWFtMR0wGwYDVQQDExR3d3cyLmNvbm5l\n"
-     + "Y3Q0LmNvbS5hdTEoMCYGCSqGSIb3DQEJARYZd2VibWFzdGVyQGNvbm5lY3Q0LmNv\n"
-     + "bS5hdTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArvDxclKAhyv7Q/Wmr2re\n"
-     + "Gw4XL9Cnh9e+6VgWy2AWNy/MVeXdlxzd7QAuc1eOWQkGQEiLPy5XQtTY+sBUJ3AO\n"
-     + "Rvd2fEVJIcjf29ey7bYua9J/vz5MG2KYo9/WCHIwqD9mmG9g0xLcfwq/s8ZJBswE\n"
-     + "7sb85VU+h94PTvsWOsWuKaECAwEAAaN3MHUwJAYDVR0RBB0wG4EZd2VibWFzdGVy\n"
-     + "QGNvbm5lY3Q0LmNvbS5hdTA6BglghkgBhvhCAQ0ELRYrbW9kX3NzbCBnZW5lcmF0\n"
-     + "ZWQgY3VzdG9tIHNlcnZlciBjZXJ0aWZpY2F0ZTARBglghkgBhvhCAQEEBAMCBkAw\n"
-     + "DQYJKoZIhvcNAQEEBQADgYEAotccfKpwSsIxM1Hae8DR7M/Rw8dg/RqOWx45HNVL\n"
-     + "iBS4/3N/TO195yeQKbfmzbAA2jbPVvIvGgTxPgO1MP4ZgvgRhasaa0qCJCkWvpM4\n"
-     + "yQf33vOiYQbpv4rTwzU8AmRlBG45WdjyNIigGV+oRc61aKCTnLq7zB8N3z1TF/bF\n"
-     + "5/8=\n"
-     + "-----END CERTIFICATE-----\n";
-
-    public static String CRL_1 =
-       "-----BEGIN X509 CRL-----\r\n"
-     + "MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT\r\n"
-     + "F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy\r\n"
-     + "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw\r\n"
-     + "MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw\r\n"
-     + "MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw\r\n"
-     + "MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw\r\n"
-     + "MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw\r\n"
-     + "MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw\r\n"
-     + "MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw\r\n"
-     + "NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw\r\n"
-     + "NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF\r\n"
-     + "AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ\r\n"
-     + "wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt\r\n"
-     + "JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v\r\n"
-     + "-----END X509 CRL-----\r\n";
-
-    public static String CRL_2 =
-       "-----BEGIN CRL-----\r\n"
-     + "MIICjTCCAfowDQYJKoZIhvcNAQECBQAwXzELMAkGA1UEBhMCVVMxIDAeBgNVBAoT\r\n"
-     + "F1JTQSBEYXRhIFNlY3VyaXR5LCBJbmMuMS4wLAYDVQQLEyVTZWN1cmUgU2VydmVy\r\n"
-     + "IENlcnRpZmljYXRpb24gQXV0aG9yaXR5Fw05NTA1MDIwMjEyMjZaFw05NTA2MDEw\r\n"
-     + "MDAxNDlaMIIBaDAWAgUCQQAABBcNOTUwMjAxMTcyNDI2WjAWAgUCQQAACRcNOTUw\r\n"
-     + "MjEwMDIxNjM5WjAWAgUCQQAADxcNOTUwMjI0MDAxMjQ5WjAWAgUCQQAADBcNOTUw\r\n"
-     + "MjI1MDA0NjQ0WjAWAgUCQQAAGxcNOTUwMzEzMTg0MDQ5WjAWAgUCQQAAFhcNOTUw\r\n"
-     + "MzE1MTkxNjU0WjAWAgUCQQAAGhcNOTUwMzE1MTk0MDQxWjAWAgUCQQAAHxcNOTUw\r\n"
-     + "MzI0MTk0NDMzWjAWAgUCcgAABRcNOTUwMzI5MjAwNzExWjAWAgUCcgAAERcNOTUw\r\n"
-     + "MzMwMDIzNDI2WjAWAgUCQQAAIBcNOTUwNDA3MDExMzIxWjAWAgUCcgAAHhcNOTUw\r\n"
-     + "NDA4MDAwMjU5WjAWAgUCcgAAQRcNOTUwNDI4MTcxNzI0WjAWAgUCcgAAOBcNOTUw\r\n"
-     + "NDI4MTcyNzIxWjAWAgUCcgAATBcNOTUwNTAyMDIxMjI2WjANBgkqhkiG9w0BAQIF\r\n"
-     + "AAN+AHqOEJXSDejYy0UwxxrH/9+N2z5xu/if0J6qQmK92W0hW158wpJg+ovV3+wQ\r\n"
-     + "wvIEPRL2rocL0tKfAsVq1IawSJzSNgxG0lrcla3MrJBnZ4GaZDu4FutZh72MR3Gt\r\n"
-     + "JaAL3iTJHJD55kK2D/VoyY1djlsPuNh6AEgdVwFAyp0v\r\n"
-     + "-----END CRL-----\r\n";
-
-    static String ATTRIBUTE_CERTIFICATE_1 =
-       "-----BEGIN X509 ATTRIBUTE CERTIFICATE-----\r\n"
-     + "MIIBuDCCASECAQEwZ6BlMGCkXjBcMQswCQYDVQQGEwJBVTEoMCYGA1UEChMfVGhl\r\n"
-     + "IExlZ2lvbiBvZiB0aGUgQm91bmN5IENhc3RsZTEjMCEGA1UECxMaQm91bmN5IFBy\r\n"
-     + "aW1hcnkgQ2VydGlmaWNhdGUCARSgYjBgpF4wXDELMAkGA1UEBhMCQVUxKDAmBgNV\r\n"
-     + "BAoTH1RoZSBMZWdpb24gb2YgdGhlIEJvdW5jeSBDYXN0bGUxIzAhBgNVBAsTGkJv\r\n"
-     + "dW5jeSBQcmltYXJ5IENlcnRpZmljYXRlMA0GCSqGSIb3DQEBBQUAAgEBMCIYDzIw\r\n"
-     + "MDUwNjEwMDI0MTMzWhgPMjAwNTA2MTAwMjQzMTNaMBkwFwYDVRhIMRAwDoEMREFV\r\n"
-     + "MTIzNDU2Nzg5MA0GCSqGSIb3DQEBBQUAA4GBALAYXT9zdxSR5zdPLAon1xIPehgI\r\n"
-     + "NZhjM7w0uu3OdzSV5sC31X1Kx9vi5RIWiM9VimRTwbQIod9POttD5QMXCwQb/fm7\r\n"
-     + "eiJqL2YBIXOeClB19VrQe8xQtMFbyuFpDiM7QdvIam9ShZZMEMGjv9QHI64M4b0G\r\n"
-     + "odUBlSsJwPPQjZSU\r\n"
-     + "-----END X509 ATTRIBUTE CERTIFICATE-----\r\n";
-
-    static String ATTRIBUTE_CERTIFICATE_2 =
-       "-----BEGIN ATTRIBUTE CERTIFICATE-----\r\n"
-     + "MIIBuDCCASECAQEwZ6BlMGCkXjBcMQswCQYDVQQGEwJBVTEoMCYGA1UEChMfVGhl\r\n"
-     + "IExlZ2lvbiBvZiB0aGUgQm91bmN5IENhc3RsZTEjMCEGA1UECxMaQm91bmN5IFBy\r\n"
-     + "aW1hcnkgQ2VydGlmaWNhdGUCARSgYjBgpF4wXDELMAkGA1UEBhMCQVUxKDAmBgNV\r\n"
-     + "BAoTH1RoZSBMZWdpb24gb2YgdGhlIEJvdW5jeSBDYXN0bGUxIzAhBgNVBAsTGkJv\r\n"
-     + "dW5jeSBQcmltYXJ5IENlcnRpZmljYXRlMA0GCSqGSIb3DQEBBQUAAgEBMCIYDzIw\r\n"
-     + "MDUwNjEwMDI0MTMzWhgPMjAwNTA2MTAwMjQzMTNaMBkwFwYDVRhIMRAwDoEMREFV\r\n"
-     + "MTIzNDU2Nzg5MA0GCSqGSIb3DQEBBQUAA4GBALAYXT9zdxSR5zdPLAon1xIPehgI\r\n"
-     + "NZhjM7w0uu3OdzSV5sC31X1Kx9vi5RIWiM9VimRTwbQIod9POttD5QMXCwQb/fm7\r\n"
-     + "eiJqL2YBIXOeClB19VrQe8xQtMFbyuFpDiM7QdvIam9ShZZMEMGjv9QHI64M4b0G\r\n"
-     + "odUBlSsJwPPQjZSU\r\n"
-     + "-----END ATTRIBUTE CERTIFICATE-----\r\n";
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/PKCS10CertRequestTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/PKCS10CertRequestTest.java
deleted file mode 100644
index 84303ee..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/PKCS10CertRequestTest.java
+++ /dev/null

@@ -1,546 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.math.BigInteger;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.Signature;
-import java.security.spec.RSAPrivateCrtKeySpec;
-import java.security.spec.RSAPublicKeySpec;
-import java.util.Hashtable;
-import java.util.Vector;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.Attribute;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.BasicConstraints;
-import org.bouncycastle.asn1.x509.KeyUsage;
-import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x509.X509Extension;
-import org.bouncycastle.asn1.x509.X509Extensions;
-import org.bouncycastle.asn1.x509.X509Name;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.jce.ECGOST3410NamedCurveTable;
-import org.bouncycastle.jce.ECNamedCurveTable;
-import org.bouncycastle.jce.PKCS10CertificationRequest;
-import org.bouncycastle.jce.X509Principal;
-import org.bouncycastle.jce.interfaces.ECPointEncoder;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
-import org.bouncycastle.jce.spec.ECParameterSpec;
-import org.bouncycastle.jce.spec.ECPrivateKeySpec;
-import org.bouncycastle.jce.spec.ECPublicKeySpec;
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- **/
-public class PKCS10CertRequestTest
-    extends SimpleTest
-{
-    private byte[] gost3410EC_A = Base64.decode(
-  "MIIBOzCB6wIBADB/MQ0wCwYDVQQDEwR0ZXN0MRUwEwYDVQQKEwxEZW1vcyBDbyBMdGQxHjAcBgNV"
- +"BAsTFUNyeXB0b2dyYXBoeSBkaXZpc2lvbjEPMA0GA1UEBxMGTW9zY293MQswCQYDVQQGEwJydTEZ"
- +"MBcGCSqGSIb3DQEJARYKc2RiQGRvbC5ydTBjMBwGBiqFAwICEzASBgcqhQMCAiMBBgcqhQMCAh4B"
- +"A0MABEBYx0P2D7YuuZo5HgdIAUKAXcLBDZ+4LYFgbKjrfStVfH59lc40BQ2FZ7M703hLpXK8GiBQ"
- +"GEYpKaAuQZnMIpByoAAwCAYGKoUDAgIDA0EAgXMcTrhdOY2Er2tHOSAgnMezqrYxocZTWhxmW5Rl"
- +"JY6lbXH5rndCn4swFzXU+YhgAsJv1wQBaoZEWRl5WV4/nA==");
-
-    private byte[] gost3410EC_B = Base64.decode(
-  "MIIBPTCB7QIBADCBgDENMAsGA1UEAxMEdGVzdDEWMBQGA1UEChMNRGVtb3MgQ28gTHRkLjEeMBwG"
- +"A1UECxMVQ3J5cHRvZ3JhcGh5IGRpdmlzaW9uMQ8wDQYDVQQHEwZNb3Njb3cxCzAJBgNVBAYTAnJ1"
- +"MRkwFwYJKoZIhvcNAQkBFgpzZGJAZG9sLnJ1MGMwHAYGKoUDAgITMBIGByqFAwICIwIGByqFAwIC"
- +"HgEDQwAEQI5SLoWT7dZVilbV9j5B/fyIDuDs6x4pjqNC2TtFYbpRHrk/Wc5g/mcHvD80tsm5o1C7"
- +"7cizNzkvAVUM4VT4Dz6gADAIBgYqhQMCAgMDQQAoT5TwJ8o+bSrxckymyo3diwG7ZbSytX4sRiKy"
- +"wXPWRS9LlBvPO2NqwpS2HUnxSU8rzfL9fJcybATf7Yt1OEVq");
-
-    private byte[] gost3410EC_C = Base64.decode(
-  "MIIBRDCB9AIBADCBhzEVMBMGA1UEAxMMdGVzdCByZXF1ZXN0MRUwEwYDVQQKEwxEZW1vcyBDbyBM"
- +"dGQxHjAcBgNVBAsTFUNyeXB0b2dyYXBoeSBkaXZpc2lvbjEPMA0GA1UEBxMGTW9zY293MQswCQYD"
- +"VQQGEwJydTEZMBcGCSqGSIb3DQEJARYKc2RiQGRvbC5ydTBjMBwGBiqFAwICEzASBgcqhQMCAiMD"
- +"BgcqhQMCAh4BA0MABEBcmGh7OmR4iqqj+ycYo1S1fS7r5PhisSQU2Ezuz8wmmmR2zeTZkdMYCOBa"
- +"UTMNms0msW3wuYDho7nTDNscHTB5oAAwCAYGKoUDAgIDA0EAVoOMbfyo1Un4Ss7WQrUjHJoiaYW8"
- +"Ime5LeGGU2iW3ieAv6es/FdMrwTKkqn5dhd3aL/itFg5oQbhyfXw5yw/QQ==");
-    
-    private byte[] gost3410EC_ExA = Base64.decode(
-     "MIIBOzCB6wIBADB/MQ0wCwYDVQQDEwR0ZXN0MRUwEwYDVQQKEwxEZW1vcyBDbyBMdGQxHjAcBgNV"
-   + "BAsTFUNyeXB0b2dyYXBoeSBkaXZpc2lvbjEPMA0GA1UEBxMGTW9zY293MQswCQYDVQQGEwJydTEZ"
-   + "MBcGCSqGSIb3DQEJARYKc2RiQGRvbC5ydTBjMBwGBiqFAwICEzASBgcqhQMCAiQABgcqhQMCAh4B"
-   + "A0MABEDkqNT/3f8NHj6EUiWnK4JbVZBh31bEpkwq9z3jf0u8ZndG56Vt+K1ZB6EpFxLT7hSIos0w"
-   + "weZ2YuTZ4w43OgodoAAwCAYGKoUDAgIDA0EASk/IUXWxoi6NtcUGVF23VRV1L3undB4sRZLp4Vho"
-   + "gQ7m3CMbZFfJ2cPu6QyarseXGYHmazoirH5lGjEo535c1g==");
-
-    private byte[] gost3410EC_ExB = Base64.decode(
-      "MIIBPTCB7QIBADCBgDENMAsGA1UEAxMEdGVzdDEWMBQGA1UEChMNRGVtb3MgQ28gTHRkLjEeMBwG"
-    + "A1UECxMVQ3J5cHRvZ3JhcGh5IGRpdmlzaW9uMQ8wDQYDVQQHEwZNb3Njb3cxCzAJBgNVBAYTAnJ1"
-    + "MRkwFwYJKoZIhvcNAQkBFgpzZGJAZG9sLnJ1MGMwHAYGKoUDAgITMBIGByqFAwICJAEGByqFAwIC"
-    + "HgEDQwAEQMBWYUKPy/1Kxad9ChAmgoSWSYOQxRnXo7KEGLU5RNSXA4qMUvArWzvhav+EYUfTbWLh"
-    + "09nELDyHt2XQcvgQHnSgADAIBgYqhQMCAgMDQQAdaNhgH/ElHp64mbMaEo1tPCg9Q22McxpH8rCz"
-    + "E0QBpF4H5mSSQVGI5OAXHToetnNuh7gHHSynyCupYDEHTbkZ");
-
-    public String getName()
-    {
-        return "PKCS10CertRequest";
-    }
-
-    private void generationTest(int keySize, String keyName, String sigName, String provider)
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance(keyName, "BC");
-
-        kpg.initialize(keySize);
-
-        KeyPair kp = kpg.genKeyPair();
-
-        Hashtable                   attrs = new Hashtable();
-
-        attrs.put(X509Principal.C, "AU");
-        attrs.put(X509Principal.O, "The Legion of the Bouncy Castle");
-        attrs.put(X509Principal.L, "Melbourne");
-        attrs.put(X509Principal.ST, "Victoria");
-        attrs.put(X509Principal.EmailAddress, "feedback-crypto@bouncycastle.org");
-
-        Vector                      order = new Vector();
-
-        order.addElement(X509Principal.C);
-        order.addElement(X509Principal.O);
-        order.addElement(X509Principal.L);
-        order.addElement(X509Principal.ST);
-        order.addElement(X509Principal.EmailAddress);
-
-        X509Name    subject = new X509Name(order, attrs);
-
-        PKCS10CertificationRequest req1 = new PKCS10CertificationRequest(
-                                                    sigName,
-                                                    subject,
-                                                    kp.getPublic(),
-                                                    null,
-                                                    kp.getPrivate(), provider);
-                            
-        byte[]  bytes = req1.getEncoded();
-
-        PKCS10CertificationRequest req2 = new PKCS10CertificationRequest(bytes);
-
-        if (!req2.verify(provider))
-        {
-            fail(sigName + ": Failed verify check.");
-        }
-
-        if (!req2.getPublicKey(provider).equals(req1.getPublicKey(provider)))
-        {
-            fail(keyName + ": Failed public key check.");
-        }
-    }
-    
-    /*
-     * we generate a self signed certificate for the sake of testing - SHA224withECDSA
-     */
-    private void createECRequest(String algorithm, ASN1ObjectIdentifier algOid, ASN1ObjectIdentifier curveOid)
-        throws Exception
-    {
-        ECNamedCurveParameterSpec spec = ECNamedCurveTable.getParameterSpec(curveOid.getId());
-        KeyPairGenerator ecGen = KeyPairGenerator.getInstance("ECDSA", "BC");
-
-        ecGen.initialize(spec);
-
-        //
-        // set up the keys
-        //
-        PrivateKey          privKey;
-        PublicKey           pubKey;
-
-        KeyPair pair = ecGen.generateKeyPair();
-
-        privKey = pair.getPrivate();
-        pubKey = pair.getPublic();
-
-        PKCS10CertificationRequest req = new PKCS10CertificationRequest(
-                        algorithm, new X509Name("CN=XXX"), pubKey, null, privKey);
-        if (!req.verify())
-        {
-            fail("Failed verify check EC.");
-        }
-
-        req = new PKCS10CertificationRequest(req.getEncoded());
-        if (!req.verify())
-        {
-            fail("Failed verify check EC encoded.");
-        }
-        
-        //
-        // try with point compression turned off
-        //
-        ((ECPointEncoder)pubKey).setPointFormat("UNCOMPRESSED");
-        
-        req = new PKCS10CertificationRequest(
-                        algorithm, new X509Name("CN=XXX"), pubKey, null, privKey);
-        if (!req.verify())
-        {
-            fail("Failed verify check EC uncompressed.");
-        }
-        
-        req = new PKCS10CertificationRequest(req.getEncoded());
-        if (!req.verify())
-        {
-            fail("Failed verify check EC uncompressed encoded.");
-        }
-        
-        if (!req.getSignatureAlgorithm().getAlgorithm().equals(algOid))
-        {
-            fail("ECDSA oid incorrect.");
-        }
-        
-        if (req.getSignatureAlgorithm().getParameters() != null)
-        {
-            fail("ECDSA parameters incorrect.");
-        }
-        
-        Signature sig = Signature.getInstance(algorithm, "BC");
-        
-        sig.initVerify(pubKey);
-        
-        sig.update(req.getCertificationRequestInfo().getEncoded());
-        
-        if (!sig.verify(req.getSignature().getBytes()))
-        {
-            fail("signature not mapped correctly.");
-        }
-    }
-
-    private void createECRequest(String algorithm, ASN1ObjectIdentifier algOid)
-        throws Exception
-    {
-        X9ECParameters x9 = org.bouncycastle.asn1.x9.ECNamedCurveTable.getByName("secp521r1");
-        ECCurve curve = x9.getCurve();
-        ECParameterSpec spec = new ECParameterSpec(curve, x9.getG(), x9.getN(), x9.getH());
-
-        ECPrivateKeySpec privKeySpec = new ECPrivateKeySpec(
-            new BigInteger("5769183828869504557786041598510887460263120754767955773309066354712783118202294874205844512909370791582896372147797293913785865682804434049019366394746072023"), // d
-            spec);
-
-        ECPublicKeySpec pubKeySpec = new ECPublicKeySpec(
-            curve.decodePoint(Hex.decode("02006BFDD2C9278B63C92D6624F151C9D7A822CC75BD983B17D25D74C26740380022D3D8FAF304781E416175EADF4ED6E2B47142D2454A7AC7801DD803CF44A4D1F0AC")), // Q
-            spec);
-
-        //
-        // set up the keys
-        //
-        PrivateKey          privKey;
-        PublicKey           pubKey;
-
-        KeyFactory     fact = KeyFactory.getInstance("ECDSA", "BC");
-
-        privKey = fact.generatePrivate(privKeySpec);
-        pubKey = fact.generatePublic(pubKeySpec);
-
-        PKCS10CertificationRequest req = new PKCS10CertificationRequest(
-                        algorithm, new X509Name("CN=XXX"), pubKey, null, privKey);
-        if (!req.verify())
-        {
-            fail("Failed verify check EC.");
-        }
-
-        req = new PKCS10CertificationRequest(req.getEncoded());
-        if (!req.verify())
-        {
-            fail("Failed verify check EC encoded.");
-        }
-
-        //
-        // try with point compression turned off
-        //
-        ((ECPointEncoder)pubKey).setPointFormat("UNCOMPRESSED");
-
-        req = new PKCS10CertificationRequest(
-                        algorithm, new X509Name("CN=XXX"), pubKey, null, privKey);
-        if (!req.verify())
-        {
-            fail("Failed verify check EC uncompressed.");
-        }
-
-        req = new PKCS10CertificationRequest(req.getEncoded());
-        if (!req.verify())
-        {
-            fail("Failed verify check EC uncompressed encoded.");
-        }
-
-        if (!req.getSignatureAlgorithm().getAlgorithm().equals(algOid))
-        {
-            fail("ECDSA oid incorrect.");
-        }
-
-        if (req.getSignatureAlgorithm().getParameters() != null)
-        {
-            fail("ECDSA parameters incorrect.");
-        }
-
-        Signature sig = Signature.getInstance(algorithm, "BC");
-
-        sig.initVerify(pubKey);
-
-        sig.update(req.getCertificationRequestInfo().getEncoded());
-
-        if (!sig.verify(req.getSignature().getBytes()))
-        {
-            fail("signature not mapped correctly.");
-        }
-    }
-
-    private void createECGOSTRequest()
-        throws Exception
-    {
-        String           algorithm = "GOST3411withECGOST3410";
-        KeyPairGenerator ecGostKpg = KeyPairGenerator.getInstance("ECGOST3410", "BC");
-
-        ecGostKpg.initialize(ECGOST3410NamedCurveTable.getParameterSpec("GostR3410-2001-CryptoPro-A"), new SecureRandom());
-
-        //
-        // set up the keys
-        //
-        KeyPair             pair = ecGostKpg.generateKeyPair();
-        PrivateKey          privKey = pair.getPrivate();
-        PublicKey           pubKey = pair.getPublic();
-
-        PKCS10CertificationRequest req = new PKCS10CertificationRequest(
-                        algorithm, new X509Name("CN=XXX"), pubKey, null, privKey);
-        if (!req.verify())
-        {
-            fail("Failed verify check EC.");
-        }
-
-        req = new PKCS10CertificationRequest(req.getEncoded());
-        if (!req.verify())
-        {
-            fail("Failed verify check EC encoded.");
-        }
-
-        if (!req.getSignatureAlgorithm().getAlgorithm().equals(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001))
-        {
-            fail("ECGOST oid incorrect.");
-        }
-
-        if (req.getSignatureAlgorithm().getParameters() != null)
-        {
-            fail("ECGOST parameters incorrect.");
-        }
-
-        Signature sig = Signature.getInstance(algorithm, "BC");
-
-        sig.initVerify(pubKey);
-
-        sig.update(req.getCertificationRequestInfo().getEncoded());
-
-        if (!sig.verify(req.getSignature().getBytes()))
-        {
-            fail("signature not mapped correctly.");
-        }
-    }
-
-    private void createPSSTest(String algorithm)
-        throws Exception
-    {
-        RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(
-            new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
-            new BigInteger("010001",16));
-
-        RSAPrivateCrtKeySpec privKeySpec = new RSAPrivateCrtKeySpec(
-            new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
-            new BigInteger("010001",16),
-            new BigInteger("33a5042a90b27d4f5451ca9bbbd0b44771a101af884340aef9885f2a4bbe92e894a724ac3c568c8f97853ad07c0266c8c6a3ca0929f1e8f11231884429fc4d9ae55fee896a10ce707c3ed7e734e44727a39574501a532683109c2abacaba283c31b4bd2f53c3ee37e352cee34f9e503bd80c0622ad79c6dcee883547c6a3b325",16),
-            new BigInteger("e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443",16),
-            new BigInteger("b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd",16),
-            new BigInteger("28fa13938655be1f8a159cbaca5a72ea190c30089e19cd274a556f36c4f6e19f554b34c077790427bbdd8dd3ede2448328f385d81b30e8e43b2fffa027861979",16),
-            new BigInteger("1a8b38f398fa712049898d7fb79ee0a77668791299cdfa09efc0e507acb21ed74301ef5bfd48be455eaeb6e1678255827580a8e4e8e14151d1510a82a3f2e729",16),
-            new BigInteger("27156aba4126d24a81f3a528cbfb27f56886f840a9f6e86e17a44b94fe9319584b8e22fdde1e5a2e3bd8aa5ba8d8584194eb2190acf832b847f13a3d24a79f4d",16));
-
-        KeyFactory  fact = KeyFactory.getInstance("RSA", "BC");
-
-        PrivateKey privKey = fact.generatePrivate(privKeySpec);
-        PublicKey pubKey = fact.generatePublic(pubKeySpec);
-
-        PKCS10CertificationRequest req = new PKCS10CertificationRequest(
-                        algorithm, new X509Name("CN=XXX"), pubKey, null, privKey);
-        if (!req.verify())
-        {
-            fail("Failed verify check PSS.");
-        }
-
-        req = new PKCS10CertificationRequest(req.getEncoded());
-        if (!req.verify())
-        {
-            fail("Failed verify check PSS encoded.");
-        }
-
-        if (!req.getSignatureAlgorithm().getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS))
-        {
-            fail("PSS oid incorrect.");
-        }
-
-        if (req.getSignatureAlgorithm().getParameters() == null)
-        {
-            fail("PSS parameters incorrect.");
-        }
-
-        Signature sig = Signature.getInstance(algorithm, "BC");
-
-        sig.initVerify(pubKey);
-
-        sig.update(req.getCertificationRequestInfo().getEncoded());
-
-        if (!sig.verify(req.getSignature().getBytes()))
-        {
-            fail("signature not mapped correctly.");
-        }
-    }
-
-     // previous code found to cause a NullPointerException
-    private void nullPointerTest()
-        throws Exception
-    {
-        KeyPairGenerator keyGen = KeyPairGenerator.getInstance("RSA", "BC");
-        keyGen.initialize(1024, new SecureRandom());
-        KeyPair pair = keyGen.generateKeyPair();
-
-        Vector oids = new Vector();
-        Vector values = new Vector();
-        oids.add(X509Extensions.BasicConstraints);
-        values.add(new X509Extension(true, new DEROctetString(new BasicConstraints(true))));
-        oids.add(X509Extensions.KeyUsage);
-        values.add(new X509Extension(true, new DEROctetString(
-            new KeyUsage(KeyUsage.keyCertSign | KeyUsage.cRLSign))));
-        SubjectKeyIdentifier subjectKeyIdentifier = new SubjectKeyIdentifier(getDigest(SubjectPublicKeyInfo.getInstance(pair.getPublic().getEncoded())));
-        X509Extension ski = new X509Extension(false, new DEROctetString(subjectKeyIdentifier));
-        oids.add(X509Extensions.SubjectKeyIdentifier);
-        values.add(ski);
-
-        Attribute attribute = new Attribute(PKCSObjectIdentifiers.pkcs_9_at_extensionRequest,
-            new DERSet(new X509Extensions(oids, values)));
-        
-        PKCS10CertificationRequest p1 = new PKCS10CertificationRequest(
-            "SHA1WithRSA", new X509Principal("cn=csr"),
-            pair.getPublic(), new DERSet(attribute), pair.getPrivate(), "BC");
-        PKCS10CertificationRequest p2 = new PKCS10CertificationRequest(
-            "SHA1WithRSA", new X509Principal("cn=csr"),
-            pair.getPublic(), new DERSet(attribute), pair.getPrivate(), "BC");
-
-        if (!p1.equals(p2))
-        {
-            fail("cert request comparison failed");
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        generationTest(512, "RSA", "SHA1withRSA", "BC");       
-        generationTest(512, "GOST3410", "GOST3411withGOST3410", "BC");
-        
-        if (Security.getProvider("SunRsaSign") != null)
-        {
-            generationTest(512, "RSA", "SHA1withRSA", "SunRsaSign"); 
-        }
-        
-        // elliptic curve GOST A parameter set
-        PKCS10CertificationRequest req = new PKCS10CertificationRequest(gost3410EC_A);
-        if (!req.verify())
-        {
-            fail("Failed verify check gost3410EC_A.");
-        }
-
-        // elliptic curve GOST B parameter set
-        req = new PKCS10CertificationRequest(gost3410EC_B);
-        if (!req.verify())
-        {
-            fail("Failed verify check gost3410EC_B.");
-        }
-
-        // elliptic curve GOST C parameter set
-        req = new PKCS10CertificationRequest(gost3410EC_C);
-        if (!req.verify())
-        {
-            fail("Failed verify check gost3410EC_C.");
-        }
-        
-        // elliptic curve GOST ExA parameter set
-        req = new PKCS10CertificationRequest(gost3410EC_ExA);
-        if (!req.verify())
-        {
-            fail("Failed verify check gost3410EC_ExA.");
-        }
-
-        // elliptic curve GOST ExB parameter set
-        req = new PKCS10CertificationRequest(gost3410EC_ExB);
-        if (!req.verify())
-        {
-            fail("Failed verify check gost3410EC_ExA.");
-        }
-
-        // elliptic curve openSSL
-        KeyPairGenerator g = KeyPairGenerator.getInstance("ECDSA", "BC");
-
-        X9ECParameters x9 = org.bouncycastle.asn1.x9.ECNamedCurveTable.getByName("prime239v1");
-        ECCurve curve = x9.getCurve();
-        ECParameterSpec ecSpec = new ECParameterSpec(curve, x9.getG(), x9.getN(), x9.getH());
-
-        g.initialize(ecSpec, new SecureRandom());
-
-        KeyPair kp = g.generateKeyPair();
-
-        req = new PKCS10CertificationRequest(
-                "ECDSAWITHSHA1", new X509Name("CN=XXX"), kp.getPublic(), null, kp.getPrivate());
-        if (!req.verify())
-        {
-            fail("Failed verify check EC.");
-        }
-        
-        createECRequest("SHA1withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA1);
-        createECRequest("SHA224withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224);
-        createECRequest("SHA256withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256);
-        createECRequest("SHA384withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384);
-        createECRequest("SHA512withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512);
-
-        createECRequest("SHA1withECDSA", X9ObjectIdentifiers.ecdsa_with_SHA1, new ASN1ObjectIdentifier("1.3.132.0.34"));
-
-        createECGOSTRequest();
-
-        createPSSTest("SHA1withRSAandMGF1");
-        createPSSTest("SHA224withRSAandMGF1");
-        createPSSTest("SHA256withRSAandMGF1");
-        createPSSTest("SHA384withRSAandMGF1");
-
-        nullPointerTest();
-    }
-
-    private static byte[] getDigest(SubjectPublicKeyInfo spki)
-    {
-        Digest digest = new SHA1Digest();
-        byte[]  resBuf = new byte[digest.getDigestSize()];
-
-        byte[] bytes = spki.getPublicKeyData().getBytes();
-        digest.update(bytes, 0, bytes.length);
-        digest.doFinal(resBuf, 0);
-        return resBuf;
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new PKCS10CertRequestTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/PKCS12StoreTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/PKCS12StoreTest.java
deleted file mode 100644
index b8b1e74..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/PKCS12StoreTest.java
+++ /dev/null

@@ -1,1537 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.math.BigInteger;
-import java.security.Key;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.KeyStore;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.Security;
-import java.security.Signature;
-import java.security.cert.Certificate;
-import java.security.cert.X509Certificate;
-import java.security.interfaces.RSAPrivateKey;
-import java.security.spec.RSAPrivateCrtKeySpec;
-import java.security.spec.RSAPublicKeySpec;
-import java.util.Enumeration;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1StreamParser;
-import org.bouncycastle.asn1.DERBMPString;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DERSequenceParser;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.ContentInfo;
-import org.bouncycastle.asn1.pkcs.EncryptedData;
-import org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo;
-import org.bouncycastle.asn1.pkcs.MacData;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.Pfx;
-import org.bouncycastle.asn1.pkcs.SafeBag;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x500.X500NameBuilder;
-import org.bouncycastle.asn1.x500.style.BCStyle;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.jcajce.PKCS12StoreParameter;
-import org.bouncycastle.jce.PKCS12Util;
-import org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.provider.JDKPKCS12StoreParameter;
-import org.bouncycastle.jce.provider.X509CertificateObject;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Exercise the various key stores, making sure we at least get back what we put in!
- * <p>
- * This tests both the PKCS12 key store.
- */
-public class PKCS12StoreTest
-    extends SimpleTest
-{
-    static char[]   passwd = { 'h', 'e', 'l', 'l', 'o', ' ', 'w', 'o', 'r', 'l', 'd' };
-
-    //
-    // pkcs-12 pfx-pdu
-    //
-    byte[]  pkcs12 = Base64.decode(
-          "MIACAQMwgAYJKoZIhvcNAQcBoIAkgAQBMAQBgAQBMAQBgAQBBgQBCQQJKoZI"
-        + "hvcNAQcBBAGgBAGABAEkBAGABAEEBAEBBAEwBAEEBAEDBAOCAzQEAQQEAQEE"
-        + "ATAEAQQEAQMEA4IDMAQBBAQBAQQBBgQBBAQBAQQBCwQBBAQBCwQLKoZIhvcN"
-        + "AQwKAQIEAQQEAQEEAaAEAQQEAQMEA4ICpQQBBAQBAQQBMAQBBAQBAwQDggKh"
-        + "BAEEBAEBBAEwBAEEBAEBBAEbBAEEBAEBBAEGBAEEBAEBBAEKBAEEBAEKBAoq"
-        + "hkiG9w0BDAEDBAEEBAEPBA8wDQQIoagiwNZPJR4CAQEEAQQEAQEEAQQEAQQE"
-        + "AQMEA4ICgAQBBAQDggKABIICgEPG0XlhMFyrs4ZWDrvEzl51ICfXd6K2ql2l"
-        + "nnxhszUbigtSj6x49VEx4PfOB9fQFeidc5L5An+nKp646NBMIY0UwXGs8BLQ"
-        + "au59jtOs987+l7QYIvl6fdGUIuLPhVSnZZDyqD+HQjU/0/ccKFHRif4tlEQq"
-        + "aErvZbFeH0pg4ijf1HfgX6gBJGRKdO+msa4qKGnZdHCSLZehyyxvxAmURetg"
-        + "yhtEl7RmedTB+4TDs7atekqxkNlD9tfwDUX6sb0IH6qbEA6P/DlVMdaD54Cl"
-        + "QDxRzOfIIjklZhv5OMFWtPK0aYPcqyxzLpw1qRAyoTVXpidkj/hpIpgCVBP/"
-        + "k5s2+WdGbLgA/4/zSrF6feRCE5llzM2IGxiHVq4oPzzngl3R+Fi5VCPDMcuW"
-        + "NRuIOzJA+RNV2NPOE/P3knThDnwiImq+rfxmvZ1u6T06s20RmWK6cxp7fTEw"
-        + "lQ9BOsv+mmyV8dr6cYJq4IlRzHdFOyEUBDwfHThyribNKKobO50xh2f93xYj"
-        + "Rn5UMOQBJIe3b7OKZt5HOIMrJSZO02IZgvImi9yQWi96PnWa419D1cAsLWvM"
-        + "xiN0HqZMbDFfxVM2BZmsxiexLhkHWKwLqfQDzRjJfmVww8fnXpWZhFXKyut9"
-        + "gMGEyCNoba4RU3QI/wHKWYaK74qtJpsucuLWBH6UcsHsCry6VZkwRxWwC0lb"
-        + "/F3Bm5UKHax5n9JHJ2amQm9zW3WJ0S5stpPObfmg5ArhbPY+pVOsTqBRlop1"
-        + "bYJLD/X8Qbs468Bwzej0FhoEU59ZxFrbjLSBsMUYrVrwD83JE9kEazMLVchc"
-        + "uCB9WT1g0hxYb7VA0BhOrWhL8F5ZH72RMCYLPI0EAQQEAQEEATEEAQQEAQEE"
-        + "AXgEAQQEAQEEATAEAQQEAQEEAVEEAQQEAQEEAQYEAQQEAQEEAQkEAQQEAQkE"
-        + "CSqGSIb3DQEJFAQBBAQBAQQBMQQBBAQBAQQBRAQBBAQBAQQBHgQBBAQBAQQB"
-        + "QgQBBAQBQgRCAEQAYQB2AGkAZAAgAEcALgAgAEgAbwBvAGsAJwBzACAAVgBl"
-        + "AHIAaQBTAGkAZwBuACwAIABJAG4AYwAuACAASQBEBAEEBAEBBAEwBAEEBAEB"
-        + "BAEjBAEEBAEBBAEGBAEEBAEBBAEJBAEEBAEJBAkqhkiG9w0BCRUEAQQEAQEE"
-        + "ATEEAQQEAQEEARYEAQQEAQEEAQQEAQQEAQEEARQEAQQEARQEFKEcMJ798oZL"
-        + "FkH0OnpbUBnrTLgWBAIAAAQCAAAEAgAABAEwBAGABAEGBAEJBAkqhkiG9w0B"
-        + "BwYEAaAEAYAEATAEAYAEAQIEAQEEAQAEATAEAYAEAQYEAQkECSqGSIb3DQEH"
-        + "AQQBMAQBGwQBBgQBCgQKKoZIhvcNAQwBBgQPMA0ECEE7euvmxxwYAgEBBAGg"
-        + "BAGABAEEBAEIBAgQIWDGlBWxnwQBBAQBCAQI2WsMhavhSCcEAQQEAQgECPol"
-        + "uHJy9bm/BAEEBAEQBBCiRxtllKXkJS2anKD2q3FHBAEEBAEIBAjKy6BRFysf"
-        + "7gQBBAQDggMwBIIDMJWRGu2ZLZild3oz7UBdpBDUVMOA6eSoWiRIfVTo4++l"
-        + "RUBm8TpmmGrVkV32PEoLkoV+reqlyWCvqqSjRzi3epQiVwPQ6PV+ccLqxDhV"
-        + "pGWDRQ5UttDBC2+u4fUQVZi2Z1i1g2tsk6SzB3MKUCrjoWKvaDUUwXo5k9Vz"
-        + "qSLWCLTZCjs3RaY+jg3NbLZYtfMDdYovhCU2jMYV9adJ8MxxmJRz+zPWAJph"
-        + "LH8hhfkKG+wJOSszqk9BqGZUa/mnZyzeQSMTEFga1ZB/kt2e8SZFWrTZEBgJ"
-        + "oszsL5MObbwMDowNurnZsnS+Mf7xi01LeG0VT1fjd6rn9BzVwuMwhoqyoCNo"
-        + "ziUqSUyLEwnGTYYpvXLxzhNiYzW8546KdoEKDkEjhfYsc4XqSjm9NYy/BW/M"
-        + "qR+aL92j8hqnkrWkrWyvocUe3mWaiqt7/oOzNZiMTcV2dgjjh9HfnjSHjFGe"
-        + "CVhnEWzV7dQIVyc/qvNzOuND8X5IyJ28xb6a/i1vScwGuo/UDgPAaMjGw28f"
-        + "siOZBShzde0Kj82y8NilfYLHHeIGRW+N/grUFWhW25mAcBReXDd5JwOqM/eF"
-        + "y+4+zBzlO84ws88T1pkSifwtMldglN0APwr4hvUH0swfiqQOWtwyeM4t+bHd"
-        + "5buAlXOkSeF5rrLzZ2/Lx+JJmI2pJ/CQx3ej3bxPlx/BmarUGAxaI4le5go4"
-        + "KNfs4GV8U+dbEHQz+yDYL+ksYNs1eb+DjI2khbl28jhoeAFKBtu2gGOL5M9M"
-        + "CIP/JDOCHimu1YZRuOTAf6WISnG/0Ri3pYZsgQ0i4cXj+WfYwYVjhKX5AcDj"
-        + "UKnc4/Cxp+TbbgZqEKRcYVb2q0kOAxkeaNo3WCm+qvUYrwAmKp4nVB+/24rK"
-        + "khHiyYJQsETxtOEyvJkVxAS01djY4amuJ4jL0sYnXIhW3Ag93eavbzksGT7W"
-        + "Fg1ywpr1x1xpXWIIuVt1k4e+g9fy7Yx7rx0IK1qCSjNwU3QPWbaef1rp0Q/X"
-        + "P9IVXYkqo1g/T3SyXqrbZLO+sDjiG4IT3z3fJJqt81sRSVT0QN1ND8l93BG4"
-        + "QKzghYw8sZ4FwKPtLky1dDcVTgQBBAQBCAQIK/85VMKWDWYEAQQEAQgECGsO"
-        + "Q85CcFwPBAEEBAEIBAhaup6ot9XnQAQBBAQCgaAEgaCeCMadSm5fkLfhErYQ"
-        + "DgePZl/rrjP9FQ3VJZ13XrjTSjTRknAbXi0DEu2tvAbmCf0sdoVNuZIZ92W0"
-        + "iyaa2/A3RHA2RLPNQz5meTi1RE2N361yR0q181dC3ztkkJ8PLyd74nCtgPUX"
-        + "0JlsvLRrdSjPBpBQ14GiM8VjqeIY7EVFy3vte6IbPzodxaviuSc70iXM4Yko"
-        + "fQq6oaSjNBFRqkHrBAEEBAEIBAjlIvOf8SnfugQBBAQBCAQIutCF3Jovvl0E"
-        + "AQQEAQgECO7jxbucdp/3BAEEBAEIBAidxK3XDLj+BwQBBAQBCAQI3m/HMbd3"
-        + "TwwEAQQEA4ICOASCAjgtoCiMfTkjpCRuMhF5gNLRBiNv+xjg6GvZftR12qiJ"
-        + "dLeCERI5bvXbh9GD6U+DjTUfhEab/37TbiI7VOFzsI/R137sYy9Tbnu7qkSx"
-        + "u0bTvyXSSmio6sMRiWIcakmDbv+TDWR/xgtj7+7C6p+1jfUGXn/RjB3vlyjL"
-        + "Q9lFe5F84qkZjnADo66p9gor2a48fgGm/nkABIUeyzFWCiTp9v6FEzuBfeuP"
-        + "T9qoKSnCitaXRCru5qekF6L5LJHLNXLtIMSrbO0bS3hZK58FZAUVMaqawesJ"
-        + "e/sVfQip9x/aFQ6U3KlSpJkmZK4TAqp9jIfxBC8CclbuwmoXPMomiCH57ykr"
-        + "vkFHOGcxRcCxax5HySCwSyPDr8I4+6Kocty61i/1Xr4xJjb+3oyFStIpB24x"
-        + "+ALb0Mz6mUa1ls76o+iQv0VM2YFwnx+TC8KC1+O4cNOE/gKeh0ircenVX83h"
-        + "GNez8C5Ltg81g6p9HqZPc2pkwsneX2sJ4jMsjDhewV7TyyS3x3Uy3vTpZPek"
-        + "VdjYeVIcgAz8VLJOpsIjyHMB57AyT7Yj87hVVy//VODnE1T88tRXZb+D+fCg"
-        + "lj2weQ/bZtFzDX0ReiEQP6+yklGah59omeklIy9wctGV1o9GNZnGBSLvQ5NI"
-        + "61e9zmQTJD2iDjihvQA/6+edKswCjGRX6rMjRWXT5Jv436l75DVoUj09tgR9"
-        + "ytXSathCjQUL9MNXzUMtr7mgEUPETjM/kYBR7CNrsc+gWTWHYaSWuqKVBAEE"
-        + "BAEIBAh6slfZ6iqkqwQBBAQBCAQI9McJKl5a+UwEAQQEATgEOBelrmiYMay3"
-        + "q0OW2x2a8QQodYqdUs1TCUU4JhfFGFRy+g3yU1cP/9ZSI8gcI4skdPc31cFG"
-        + "grP7BAEEBAEIBAhzv/wSV+RBJQQBBAQBCAQI837ImVqqlr4EAQQEAQgECGeU"
-        + "gjULLnylBAEEBAEIBAjD3P4hlSBCvQQBBAQBCAQISP/qivIzf50EAQQEAQgE"
-        + "CKIDMX9PKxICBAEEBAOCBOgEggTocP5VVT1vWvpAV6koZupKN1btJ3C01dR6"
-        + "16g1zJ5FK5xL1PTdA0r6iAwVtgYdxQYnU8tht3bkNXdPJC1BdsC9oTkBg9Nr"
-        + "dqlF5cCzXWIezcR3ObjGLpXu49SAHvChH4emT5rytv81MYxZ7bGmlQfp8BNa"
-        + "0cMZz05A56LXw//WWDEzZcbKSk4tCsfMXBdGk/ngs7aILZ4FGM620PBPtD92"
-        + "pz2Ui/tUZqtQ0WKdLzwga1E/rl02a/x78/OdlVRNeaIYWJWLmLavX98w0PhY"
-        + "ha3Tbj/fqq+H3ua6Vv2Ff4VeXazkXpp4tTiqUxhc6aAGiRYckwZaP7OPSbos"
-        + "RKFlRLVofSGu1IVSKO+7faxV4IrVaAAzqRwLGkpJZLV7NkzkU1BwgvsAZAI4"
-        + "WClPDF228ygbhLwrSN2NK0s+5bKhTCNAR/LCUf3k7uip3ZSe18IwEkUMWiaZ"
-        + "ayktcTYn2ZjmfIfV7wIxHgWPkP1DeB+RMS7VZe9zEgJKOA16L+9SNBwJSSs9"
-        + "5Sb1+nmhquZmnAltsXMgwOrR12JLIgdfyyqGcNq997U0/KuHybqBVDVu0Fyr"
-        + "6O+q5oRmQZq6rju7h+Hb/ZUqRxRoTTSPjGD4Cu9vUqkoNVgwYOT+88FIMYun"
-        + "g9eChhio2kwPYwU/9BNGGzh+hAvAKcUpO016mGLImYin+FpQxodJXfpNCFpG"
-        + "4v4HhIwKh71OOfL6ocM/518dYwuU4Ds2/JrDhYYFsn+KprLftjrnTBnSsfYS"
-        + "t68b+Xr16qv9r6sseEkXbsaNbrGiZAhfHEVBOxQ4lchHrMp4zpduxG4crmpc"
-        + "+Jy4SadvS0uaJvADgI03DpsDYffUdriECUqAfOg/Hr7HHyr6Q9XMo1GfIarz"
-        + "eUHBgi1Ny0nDTWkdb7I3bIajG+Unr3KfK6dZz5Lb3g5NeclU5zintB1045Jr"
-        + "j9fvGGk0/2lG0n17QViBiOzGs2poTlhn7YxmiskwlkRKVafxPZNPxKILpN9s"
-        + "YaWGz93qER/pGMJarGJxu8sFi3+yt6FZ4pVPkvKE8JZMEPBBrmH41batS3sw"
-        + "sfnJ5CicAkwd8bluQpoc6qQd81HdNpS6u7djaRSDwPtYnZWu/8Hhj4DXisje"
-        + "FJBAjQdn2nK4MV7WKVwr+mNcVgOdc5IuOZbRLOfc3Sff6kYVuQFfcCGgAFpd"
-        + "nbprF/FnYXR/rghWE7fT1gfzSMNv+z5UjZ5Rtg1S/IQfUM/P7t0UqQ01/w58"
-        + "bTlMGihTxHiJ4Qf3o5GUzNmAyryLvID+nOFqxpr5es6kqSN4GPRHsmUIpB9t"
-        + "f9Nw952vhsXI9uVkhQap3JvmdAKJaIyDz6Qi7JBZvhxpghVIDh73BQTaAFP9"
-        + "5GUcPbYOYJzKaU5MeYEsorGoanSqPDeKDeZxjxJD4xFsqJCoutyssqIxnXUN"
-        + "Y3Uojbz26IJOhqIBLaUn6QVFX79buWYjJ5ZkDS7D8kq6DZeqZclt5711AO5U"
-        + "uz/eDSrx3d4iVHR+kSeopxFKsrK+KCH3CbBUMIFGX/GE9WPhDWCtjjNKEe8W"
-        + "PinQtxvv8MlqGXtv3v7ObJ2BmfIfLD0rh3EB5WuRNKL7Ssxaq14KZGEBvc7G"
-        + "Fx7jXLOW6ZV3SH+C3deJGlKM2kVhDdIVjjODvQzD8qw8a/ZKqDO5hGGKUTGD"
-        + "Psdd7O/k/Wfn+XdE+YuKIhcEAQQEAQgECJJCZNJdIshRBAEEBAEIBAiGGrlG"
-        + "HlKwrAQBBAQBCAQIkdvKinJYjJcEAQQEAUAEQBGiIgN/s1bvPQr+p1aQNh/X"
-        + "UQFmay6Vm5HIvPhoNrX86gmMjr6/sg28/WCRtSfyuYjwQkK91n7MwFLOBaU3"
-        + "RrsEAQQEAQgECLRqESFR50+zBAEEBAEIBAguqbAEWMTiPwQBBAQBGAQYKzUv"
-        + "EetQEAe3cXEGlSsY4a/MNTbzu1WbBAEEBAEIBAiVpOv1dOWZ1AQCAAAEAgAA"
-        + "BAIAAAQCAAAEAgAABAIAAAAAAAAAADA1MCEwCQYFKw4DAhoFAAQUvMkeVqe6"
-        + "D4UmMHGEQwcb8O7ZwhgEEGiX9DeqtRwQnVi+iY/6Re8AAA==");
-
-    byte[] certUTF = Base64.decode(
-        "MIIGVQIBAzCCBg8GCSqGSIb3DQEHAaCCBgAEggX8MIIF+DCCAsUGCSqGSIb3"
-      + "DQEHAaCCArYEggKyMIICrjCCAqoGCyqGSIb3DQEMCgEDoIIChTCCAoEGCiqG"
-      + "SIb3DQEJFgGgggJxBIICbTCCAmkwggHSoAMCAQICAQcwDQYJKoZIhvcNAQEF"
-      + "BQAwOTEPMA0GA1UEBxMGTGV1dmVuMRkwFwYDVQQKExBVdGltYWNvIFN1YiBD"
-      + "QSAyMQswCQYDVQQGEwJCRTAeFw05OTEyMzEyMzAwMDBaFw0xOTEyMzEyMzAw"
-      + "MDBaMFcxCzAJBgNVBAYTAkJFMQ8wDQYDVQQHEwZIYWFjaHQxEDAOBgNVBAoT"
-      + "B1V0aW1hY28xDDAKBgNVBAsMA1ImRDEXMBUGA1UEAxMOR2VlcnQgRGUgUHJp"
-      + "bnMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBANYGIyhTn/p0IA41ElLD"
-      + "fZ44PS88AAcDCiOd2DIMLck56ea+5nhI0JLyz1XgPHecc8SLFdl7vSIBA0eb"
-      + "tm/A7WIqIp0lcvgoyQ0qsak/dvzs+xw6r2xLCVogku4+/To6UebtfRsukXNI"
-      + "ckP5lWV/Ui4l+XvGdmENlEE9/BvOZIvLAgMBAAGjYzBhMBEGA1UdIwQKMAiA"
-      + "BlN1YkNBMjAQBgNVHQ4ECQQHVXNlcklEMjAOBgNVHQ8BAf8EBAMCBLAwGQYD"
-      + "VR0RBBIwEIEOVXNlcklEMkB1dGkuYmUwDwYDVR0TAQH/BAUwAwEBADANBgkq"
-      + "hkiG9w0BAQUFAAOBgQACS7iLLgMV4O5gFdriI7dqX55l7Qn6HiRNxlSH2kCX"
-      + "41X82gae4MHFc41qqsC4qm6KZWi1yvTN9XgSBCXTaw1SXGTK7SuNdoYh6ufC"
-      + "KuAwy5lsaetyARDksRiOIrNV9j+MRIjJMjPNg+S+ysIHTWZo2NTUuVuZ01D2"
-      + "jDtYPhcDFDESMBAGCSqGSIb3DQEJFTEDBAE3MIIDKwYJKoZIhvcNAQcGoIID"
-      + "HDCCAxgCAQAwggMRBgkqhkiG9w0BBwEwKAYKKoZIhvcNAQwBAzAaBBS5KxQC"
-      + "BMuZ1To+yed2j/TT45td6gICCACAggLYxQS+fu7W2sLQTkslI0EoNxLoH/WO"
-      + "L8NgiIgZ5temV3mgC2q0MxjVVq+SCvG89ZSTfptxOaSmYV772irFdzlrtotZ"
-      + "wmYk1axuFDYQ1gH0M6i9FWuhOnbk7qHclmOroXqrrbP6g3IsjwztH0+iwBCg"
-      + "39f63V0rr8DHiu7zZ2hBkU4/RHEsXLjaCBVNTUSssWhVLisLh2sqBJccPC2E"
-      + "1lw4c4WrshGQ+syLGG38ttFgXT1c+xYNpUKqJiJTLVouOH9kK3nH1hPRHKMN"
-      + "9CucBdUzibvkcRk1L53F3MfvjhCSNeWEmd9PKN+FtUtzRWQG3L84VGTM37Ws"
-      + "YcxaDwDFGcw3u1W8WFsCCkjpZecKN8P2Kp/ai/iugcXY77bYwAwpETDvQFvD"
-      + "nnL9oGi03HYdfeiXglC7x7dlojvnpkXDbE0nJiFwhe8Mxpx8GVlGHtP+siXg"
-      + "tklubg1eTCSoG9m1rsBJM717ZHXUGf32HNun2dn4vOWGocgBmokZ46KKMb9v"
-      + "reT39JTxi8Jlp+2cYb6Qr/oBzudR+D4iAiiVhhhEbJKPNHa61YyxF810fNI2"
-      + "GWlNIyN3KcI8XU6WJutm/0H3X8Y+iCSWrJ2exUktj8GiqNQ6Yx0YgEk9HI7W"
-      + "t9UVTIsPCgCqrV4SWCOPf6so1JqnpvlPvvNyNxSsAJ7DaJx1+oD2QQfhowk/"
-      + "bygkKnRo5Y15ThrTsIyQKsJHTIVy+6K5uFZnlT1DGV3DcNpuk3AY26hrAzWO"
-      + "TuWXsULZe7M6h6U2hTT/eplZ/mwHlXdF1VErIuusaCdkSI0doY4/Q223H40L"
-      + "BNU3pTezl41PLceSll00WGVr2MunlNeXKnXDJW06lnfs9BmnpV2+Lkfmf30W"
-      + "Pn4RKJQc+3D3SV4fCoQLIGrKiZLFfEdGJcMlySr+dJYcEtoZPuo6i/hb5xot"
-      + "le63h65ihNtXlEDrNpYSQqnfhjOzk5/+ZvYEcOtDObEwPTAhMAkGBSsOAwIa"
-      + "BQAEFMIeDI9l2Da24mtA1fbQIPc6+4dUBBQ8a4lD7j1CA1vRLhdEgPM+5hpD"
-      + "RgICCAA=");
-
-    byte[] pkcs12noFriendly = Base64.decode(
-        "MIACAQMwgAYJKoZIhvcNAQcBoIAkgASCBAAwgDCABgkqhkiG9w0BBwGggCSA"
-      + "BIICvjCCArowggK2BgsqhkiG9w0BDAoBAqCCAqUwggKhMBsGCiqGSIb3DQEM"
-      + "AQMwDQQIyJDupEHvySECAQEEggKAupvM7RuZL3G4qNeJM3afElt03TVfynRT"
-      + "xUxAZOfx+zekHJTlnEuHJ+a16cOV6dQUgYfyMw1xcq4E+l59rVeMX9V3Zr0K"
-      + "tsMN9VYB/9zn62Kw6LQnY0rMlWYf4bt9Ut5ysq0hE5t9FL+NZ5FbFdWBOKsj"
-      + "/3oC6eNXOkOFyrY2haPJtD1hVHUosrlC0ffecV0YxPDsReeyx0R4CiYZpAUy"
-      + "ZD7rkxL+mSX7zTsShRiga2Q/NEhC1KZpbhO/qbyOgvH0r7CRumSMvijzDgaV"
-      + "IGqtrIZ2E2k5kscjcuFTW0x3OZTLAW/UnAh4JXJzC6isbdiWuswbAEBHifUC"
-      + "rk2f+bDJKe2gkH67J2K0yDQ3YSSibpjDX/bVfbtfmOoggK9MKQwqEeE0nbYE"
-      + "jzInH2OK5jPtmwppjmVA7i3Uk25w2+z7b/suUbft9hPCNjxFvzdbyCcXK4Vv"
-      + "xAgEbVWnIkvOQNbyaQi+DEF/4P26GwgJgXuJpMBn0zzsSZSIDLNl8eJHoKp2"
-      + "ZXknTi0SZkLaYlBxZlNhFoyXLfvQd6TI2aR5aCVqg1aZMBXyOWfz5t0JTVX8"
-      + "HTIcdXKis91iEsLB7vjcxIOASTAjKARr5tRp6OvaVterAyDOn2awYQJLLic5"
-      + "pQfditRAlsLkTxlDdu0/QBMXSPptO8g3R+dS7ntvCjXgZZyxpOeKkssS2l5v"
-      + "/B2EsfKmYA9hU4aBdW1S9o/PcF1wpVqABd8664TGJ77tCAkbdHe0VJ3Bop2X"
-      + "lNxlWeEeD0v0QUZLqkJoMEwi5SUE6HAWjbqGhRuHyey9E+UsdCVnQ8AxXQzL"
-      + "2UKOmIrXc6R25GsLPCysXuXPRFBB2Tul0V3re3hPcAAAAAAAADCABgkqhkiG"
-      + "9w0BBwaggDCAAgEAMIAGCSqGSIb3DQEHATAbBgoqhkiG9w0BDAEGMA0ECDXn"
-      + "UZu6xckzAgEBoIAEggTYQMbzAoGnRVJMbCaJJUYgaARJ4zMfxt2e12H4pX/e"
-      + "vnZrR1eKAMck5c2vJoEasr0i2VUcAcK12AntVIEnBwuRBcA2WrZnC28WR+O7"
-      + "rLdu9ymG2V3zmk66aTizaB6rcHAzs2lD74n+/zJhZNaDMBfu9LzAdWb/u6Rb"
-      + "AThmbw764Zyv9802pET6xrB8ureffgyvQAdlcGHM+yxaOV3ZEtS0cp7i+pb/"
-      + "NTiET4jAFoO1tbBrWGJSRrMKvx4ZREppMhG3e/pYglfMFl+1ejbDsOvEUKSt"
-      + "H+MVrgDgAv4NsUtNmBu+BIIEAIOCjrBSK3brtV0NZOWsa6hZSSGBhflbEY8s"
-      + "U1bDsgZIW4ZaJJvSYEXLmiWSBOgq9VxojMfjowY+zj6ePJJMyI3E7AcFa+on"
-      + "zZjeKxkKypER+TtpBeraqUfgf01b6olH8L2i4+1yotCQ0PS+15qRYPK6D+d3"
-      + "S+R4veOA6wEsNRijVcB3oQsBCi0FVdf+6MVDvjNzBCZXj0heVi+x0EE106Sz"
-      + "B3HaDbB/KNHMPZvvs3J3z2lWLj5w7YZ9eVmrVJKsgG2HRKxtt2IQquRj4BkS"
-      + "upFnMTBVgWxXgwXycauC9bgYZurs+DbijqhHfWpUrttDfavsP8aX6+i3gabK"
-      + "DH4LQRL7xrTcKkcUHxOTcPHLgDPhi+RevkV+BX9tdajbk4tqw1d+0wOkf1pW"
-      + "aTG8fUp0lUpra7EJ0lGy8t/MB3NEk/5tLk9qA2nsKKdNoEdZWiEBE0fMrH1o"
-      + "tWJDew3VhspT+Lkor2dLN5ydjcr3wkb76OETPeMxS91onNj5mrAMUBt66vb6"
-      + "Gx4CL8FTRNZ/l8Kzngzdv9PmmKPTIXbhYbn3XRGg3od2tC/oVfsqYlGAMgFO"
-      + "STt+BZ1BR9Phyi4jsiy8R0seCEDRWYQLbwgwVj0V8Rx9VptqRoCnB4XhGJoJ"
-      + "TdAz/MT7KOSxIh2F2FymTJpyImcV6X4Kcj9iY0AZQ4zj712g4yMR6xKGzRu6"
-      + "oIBDkFW2bdA3Lb9ePpo5GFtNyA7IbggIko6VOeeOKxaq9nALS2gsZc1yaYtp"
-      + "aKL8kB+dVTCXiLgQniO6eMzgonsuwFnG+42XM1vhEpAvFzeJRC0CYzebEK9n"
-      + "nGXKCPoqPFuw3gcPMn57NCZJ8MjT/p0wANIEm6AsgqrdFKwTRVJ1ytB/X9Ri"
-      + "ysmjMBs9zbFKjU9jVDg1vGBNtb7YnYg9IrYHa3e4yTu2wUJKGP2XWHVgjDR7"
-      + "6RtzlO4ljw0kkSMMEDle2ZbGZ6lVXbFwV0wPNPmGA6+XGJRxcddTnrM6R/41"
-      + "zqksFLgoNL2BdofMXwv7SzxGyvFhHdRRdBZ5dKj2K9OfXakEcm/asZGu87u8"
-      + "y9m7Cckw8ilSNPMdvYiFRoThICx9NiwYl1IIKGcWlb9p6RAx6XNSkY6ZZ6pE"
-      + "Vla1E26rbd7is1ssSeqxLXXV9anuG5HDwMIt+CIbD8fZmNTcWMzZRiaFajvR"
-      + "gXdyTu/UhVdhiQPF+lrxp4odgF0cXrpcGaKvOtPq04F4ad3O5EkSGucI210Q"
-      + "pR/jQs07Yp5xDPzsXAb8naHb84FvK1iONAEjWbfhDxqtH7KGrBbW4KEzJrv3"
-      + "B8GLDp+wOAFjGEdGDPkOx3y2L2HuI1XiS9LwL+psCily/A96OiUyRU8yEz4A"
-      + "AAAAAAAAAAAEAwAAAAAAAAAAADAtMCEwCQYFKw4DAhoFAAQU1NQjgVRH6Vg3"
-      + "tTy3wnQisALy9aYECKiM2gZrLi+fAAA=");
-
-    static char[]   noFriendlyPassword = "sschette12".toCharArray();
-
-    byte[] pkcs12StorageIssue = Base64.decode(
-        "MIIO8QIBAzCCDrEGCSqGSIb3DQEHAaCCDqIEgg6eMIIOmjCCBBMGCSqGSIb3"
-      + "DQEHAaCCBAQEggQAMIID/DCCA/gGCyqGSIb3DQEMCgECoIICtjCCArIwHAYK"
-      + "KoZIhvcNAQwBAzAOBAgURJ+/5hA2pgICB9AEggKQYZ4POE8clgH9Bjd1XO8m"
-      + "sr6NiRBiA08CllHSOn2RzyAgHTa+cKaWrEVVJ9mCd9XveSUCoBF9E1C3jSl0"
-      + "XIqLNgYd6mWK9BpeMRImM/5crjy///K4ab9kymzkc5qc0pIpdCQCZ04YmtFP"
-      + "B80VCgyaoh2xoxqgjBCIgdSg5XdepdA5nXkG9EsQ1oVUyCykv20lKgKKRseG"
-      + "Jo23AX8YUYR7ANqP2gz9lvlX6RBczuoZ62ujopUexiQgt5SZx97sgo3o/b/C"
-      + "px17A2L4wLdeAYCMCsZhC2UeaqnZCHSsvnPZfRGiuSEGbV5gHLmXszLDaEdQ"
-      + "Bo873GTpKTTzBfRFzNCtYtZRqh2AUsInWZWQUcCeX6Ogwa0wTonkp18/tqsh"
-      + "Fj1fVpnsRmjJTTXFxkPtUw5GPJnDAM0t1xqV7kOjN76XnZrMyk2azQ1Mf3Hn"
-      + "sGpF+VRGH6JtxbM0Jm5zD9uHcmkSfNR3tP/+vHOB1mkIR9tD2cHvBg7pAlPD"
-      + "RfDVWynhS+UBNlQ0SEM/pgR7PytRSUoKc/hhe3N8VerF7VL3BwWfBLlZFYZH"
-      + "FvPQg4coxF7+We7nrSQfXvdVBP9Zf0PTdf3pbZelGCPVjOzbzY/o/cB23IwC"
-      + "ONxlY8SC1nJDXrPZ5sY51cg/qUqor056YqipRlI6I+FoTMmMDKPAiV1V5ibo"
-      + "DNQJkyv/CAbTX4+oFlxgddTwYcPZgd/GoGjiP9yBHHdRISatHwMcM06CzXJS"
-      + "s3MhzXWD4aNxvvSpXAngDLdlB7cm4ja2klmMzL7IuxzLXFQFFvYf7IF5I1pC"
-      + "YZOmTlJgp0efL9bHjuHFnh0S0lPtlGDOjJ/4YpWvSKDplcPiXhaFVjsUtclE"
-      + "oxCC5xppRm8QWS8xggEtMA0GCSsGAQQBgjcRAjEAMBMGCSqGSIb3DQEJFTEG"
-      + "BAQBAAAAMGkGCSsGAQQBgjcRATFcHloATQBpAGMAcgBvAHMAbwBmAHQAIABS"
-      + "AFMAQQAgAFMAQwBoAGEAbgBuAGUAbAAgAEMAcgB5AHAAdABvAGcAcgBhAHAA"
-      + "aABpAGMAIABQAHIAbwB2AGkAZABlAHIwgZsGCSqGSIb3DQEJFDGBjR6BigA3"
-      + "AGQAZQBmADUAYgA0ADMANgBjAGEAYgBkADAAMAAyAGQAZAAyADkAMAAzAGIA"
-      + "MQA2ADgANgBjADcAOQA0ADgAXwA0ADYAZgAyADYAZgBkADQALQA4ADEAMgBk"
-      + "AC0ANABlAGYAYgAtADgAMAA4ADgALQA0ADUAYQBiADkAMQA5ADEAMAA3AGMA"
-      + "YzCCCn8GCSqGSIb3DQEHBqCCCnAwggpsAgEAMIIKZQYJKoZIhvcNAQcBMBwG"
-      + "CiqGSIb3DQEMAQYwDgQIbr2xdnQ9inMCAgfQgIIKOHg9VKz+jlM+3abi3cp6"
-      + "/XMathxDSEJLrxJs6j5DAVX17S4sw1Q/1pptjdMdd8QtTfUB6JpfgJ5Kpn+h"
-      + "gZMf6M8wWue0U/RZN0D9w7o+2n+X3ItdEXu80eJVDOm7I2p8qiXtijbMbXRL"
-      + "Cup1lgfPM5uv2D63/hmWRXLeG8eySrJnKENngpM559V8TI2JcTUBy1ZP3kcH"
-      + "KbcJ/tVPnIIe4qguxfsTmDtAQviGvWUohbt+RGFmtqfgntK7o6b+S8uRSwEs"
-      + "fOU/pnVE9M1ugtNJZI/xeGJq6umZWXA/OrAcK7feWUwqRvfivDGQJEoggByd"
-      + "4/g92PhK1JGkwlCb1HdfhOOKKChowQ4zVvSOm+uBxARGhk2i5uW9I20I0vSJ"
-      + "px42O2VFVJweOchfp+wBtSHBKYP1ZXyXWMvOtULClosSeesbYMAwvyBfpYEz"
-      + "3rQt/1iZkqDmEisXk8X1aEKG1KSWaSPyb/+6glWikDm+YdQw3Khu7IZt1l/H"
-      + "qWGecccel+R9mT4YjRzHlahUYk4U+RNVasVpH1Kxz2j3CZqL+b3jQOwSAPd/"
-      + "hKI+S/pjIpBPfiC4WxORAzGZzY2j+a79B70h1DO1D9jGur3vJDbdmGBNgs6d"
-      + "nonE1B527SICcGeXY1MtnZCLOPvySih0AvOekbN9x2CJg+Hp9e7A3Fxni53/"
-      + "oMLr9wGRRDki72eXCXW98mU8VJofoWYS1/VBLXGf/f+tJ9J02PpzxleqPH9T"
-      + "4mE+YHnZId6cqjCXmwvMr2cMw2clDVfvkbAJRE3eZHzL7IWSO8+giXzzrTsl"
-      + "VbMuXVkT4oniTN7TSRsBCT3zVVmCy1QL2hPBD6KsVc+bvLgAHRov84FPrI3f"
-      + "kY/oJufT36VE34Eu+QjzULlvVsLE3lhjutOerVIGSP//FM4LE99hp214P0JF"
-      + "DgBK+3J+ihmFdW8hUXOt6BU8/MBeiroiJMWo1/f/XcduekG2ZsdGv+GNPzXI"
-      + "PyHRpCgAgmck1+qoUPXxHRJuNqv223OZ5MN14X7iLl5OZ+f8IWfxUnZeZ9gj"
-      + "HNeceElwZ+YOup1CAi3haD9jxRWhZG4NDfB4IYi4Bc/TAkXE3jCPkYEvIbj9"
-      + "ExaU1Ts0+lqOOcwRmBoYjVrz0xbtfR/OWlopyrDHbeL5iQcQCW/loYRapWCZ"
-      + "E4ekHknpX9yoAwT355vtTkl0VKXeSZHE8jREhN95aY9zCoLYwbTQDTw7qUR5"
-      + "UamabLew0oS0XALtuOrfX4OUOZZUstUsGBle/Pw1TE3Bhe1clhrikp0F+Xgb"
-      + "Xx90KqxZX/36RMnCMAD7/q+57rV7WXp2Y5tT0AUgyUMjy1F1X/b1olUfqO1u"
-      + "rlWIUTl2znmQ3D9uO3W4ytfgGd5DpKcl2w84MBAT9qGwKuQg/UYKbP4K/+4L"
-      + "Y1DWCy3utmohQ28IJtlIUkPL1G7lHX1tfq/VA+bRNTJIhMrNn06ZJpuEJHDs"
-      + "/ferdlMFt/d6MrwVivmPVYkb8mSbHSiI8jZOFE44sA974depsDyXafFaSsl0"
-      + "bVzqOAu0C/n9dIednU0xxxgDF/djdZ/QhbaDIg2VJf11wx0nw9n76B0+eeyu"
-      + "QLaapzxCpQNDVOAM9doBb5F1I5pXQHFQqzTNtLmqDC4x0g8IH7asyk5LCglT"
-      + "b1pwMqPJOL2vGWKRLhPzT+9OfSpCmYGKytf593hmGmwIgEO13hQrw31F5TYt"
-      + "btkbDr+Q5XilOKEczhEM+Ug7YHU7bxkckOAbxu0YeRp/57GdGLokeLJ0dRlQ"
-      + "+V2CfQvWJoVC6PS4PUQtjwgK2p/LU10QsEFwM/S621fGq9zGrv7+FPBATRDb"
-      + "k4E9D/WaRylnW11ZTrOlTchQkoHcOh0xztlFxU8jzuIuDrPQQWkoqdl6B+yf"
-      + "lykRNJKKxwzFiPl40nLC3nEdIzCEvR4r/9QHiWQxAVSc/wQX+an5vakUmSXS"
-      + "oLFjgVdY1jmvdsx2r5BQPuOR8ONGmw/muvVSMaHV85brA4uk0lxn00HD9/a0"
-      + "A1LCeFkabNLn9wJT8RaJeOSNmFFllLR70OHaoPSb3GyzHpvd1e6aeaimdyVH"
-      + "BQWJ6Ufx+HjbOGuOiN46WyE6Q27dnWxx8qF89dKB4T/J0mEXqueiUjAUnnnR"
-      + "Cs4zPaX53hmNBdrZGaLs+xNG8xy+iyBUJIWWfQAQjCjfHYlT9nygiUWIbVQq"
-      + "RHkGkAN62jsSNLgHvWVzQPNNsYq0U8TPhyyci/vc8MJytujjptcz8FPqUjg2"
-      + "TPv34ef9buErsm4vsdEv/8Z+9aDaNex+O3Lo3N0Aw7M5NcntFBHjFY/nBFNZ"
-      + "whH5YA4gQ8PLZ5qshlGvb0DFXHV/9zxnsdPkLwH47ERm5IlEAuoaWtZFxg27"
-      + "BjLfwU1Opk+ybDSb5WZVZrs7ljsU85p3Vaf3a//yoyr9ITYj15tTXxSPoct0"
-      + "fDUy1I6LjJH/+eZXKA1WSda9mDQlRocvJ0IIIlI4weJpTdm8aHIJ8OngCqOF"
-      + "TufcSLDM41+nxEK1LqXeAScVy74kVvvqngj6mIrbylrINZOHheEgTXrUWEc0"
-      + "uXS8l1YqY6K6Ru5km2jVyWi/ujrDGb6QGShC09oiDYUuUGy4gwJ3XLVX/dR3"
-      + "pmMExohTGiVefFP400wVZaxB9g1BQmjSEZxIaW1U1K6fk8Yni8yWB3/L/PuD"
-      + "0+OV+98i1sQGaPe35crIpEc7R2XJdngL0Ol1ZuvCIBfy5DQwGIawTtBnjPdi"
-      + "hy//QTt/isdu7C5pGaJDkZFMrfxMibr6c3xXr7wwR75sTzPNmS8mquEdLsmG"
-      + "h8gTUnB8/K6V11JtUExMqTimTbUw+j8PggpeBelG36breWJIz1O+dmCTGuLM"
-      + "x/sK/i8eiUeRvWjqYpq5DYt4URWg2WlcpcKiUxQp07/NMx0svDC+mlQGwMnJ"
-      + "8KOJMW1qr3TGEJ/VVKKVn6sXn/RxA+VPofYzhwZByRX87XmNdPeQKC2DHQsW"
-      + "6v83dua5gcnv0cv/smXt7Yr/c12i0fbIaQvj3qjtUCDucjARoBey3eCyG5H6"
-      + "5VHSsFnPZ2HCTum+jRSw/ENsu/77XU4BIM2fjAfswp7iIr2Xi4OZWKIj6o6q"
-      + "+fNgnOJjemDYHAFK+hWxClrG8b+9Eaf21o4zcHkhCfBlYv4d+xcZOIDsDPwI"
-      + "sf+4V+CfoBLALsa2K0pXlPplGom/a8h7CjlyaICbWpEDItqwu7NQwdMRCa7i"
-      + "yAyM1sVjXUdcZByS1bjOFSeBe7ygAvEl78vApLxqt8Cw11XSsOtmwssecUN/"
-      + "pb7iHE4OMyOgsYx9u7rZ2hMyl42n3c29IwDYMumiNqk9cwCBpQTJAQEv4VzO"
-      + "QE5xYDBY9SEozni+4f7B7e2Wj/LOGb3vfNVYGNpDczBFxvr2FXTQla0lNYD/"
-      + "aePuC++QW4KvwiGL1Zx4Jo0eoDKWYlYj0qiNlQbWfVw+raaaFnlrq+je0W6P"
-      + "+BrKZCncho145y+CFKRLZrN5yl/cDxwsePMVhAIMr1DzVhgBXzA3MB8wBwYF"
-      + "Kw4DAhoEFN4Cwj9AtArnRbOIAsRhaaoZlTNJBBTIVPqCrloqLns145CWXjb0"
-      + "g141BQ==");
-
-    static char[]   storagePassword = "pass".toCharArray();
-
-    byte[] pkcs12nopass = Base64.decode(
-        "MIIMvgIBAzCCDIQGCSqGSIb3DQEHAaCCDHUEggxxMIIMbTCCCS8GCSqGSIb3"
-      + "DQEHBqCCCSAwggkcAgEAMIIJFQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYw"
-      + "DgQIfnlhuZRR6/YCAggAgIII6DYgeRwq5n9kzvohZ3JuK+fB+9jZ7Or6EGBA"
-      + "GDxtBfHmSNUBWJEV/I8wV1zrKKoW/CaoZfA61pyrVZRd/roaqBx/koTFoh/g"
-      + "woyyWTRV9gYTXSVqPQgCH+e2dISAa6UGO+/YOWOOwG2X3t8tS+3FduFQFLt5"
-      + "cvUP98zENdm57Aef5pKpBSZDLIAoTASfmqwszWABRh2p/wKOHcCQ9Aj2e2vs"
-      + "pls/ntIv81MqPuxHttwX8e+3dKWGFrJRztLpCD2aua8VkSsHFsPxEHkezX4O"
-      + "6/VCjMCRFGophTS4dgKKtQIhZ9i/ESlr6sGKgIpyG99ALFpNEhtTKe+T3boE"
-      + "sEkhGDquSpu4PGz2m0W5sej1DyFkKX4zIbeMDAb1y3O7aP0F+Llo9QSeGsOA"
-      + "aCwND3NUAKBMOHzwdyNQcuCGCqY8j5rrSt99A5FMs3UVW3XU6hRCx7JlzO05"
-      + "PNCkcPRSnKSNzBhIR5W0qj4PAZnQTfX+wbtUaDLIqsObX4Muh2l3gl+JmdpO"
-      + "53U7ILqN8PAPly1eT+fIrUmlMmFhvo6LbTB7B2K728wsA/5wROlud/mOQz4s"
-      + "quS288YsnVc9ExSZKodWa3Pqcdb/cgKNJYDxrR6/eBHOj+0RLK/1yTK9ghj7"
-      + "IPYHoEqQbw768WK92RjM+RFGlXASkQhR9y4weWj/388uAWMIbQ+R2Zi4nb31"
-      + "knjqRPFThysG1bsRL04/9PgysaasfS9KYOeAlLqp+Ar4gJrof5fytBuY+6wm"
-      + "/J8eEdNw7VPV1cz/4rhrd2sfJQwDEN/iZoy8rTwe7wozpwZI0lwH11BBbav+"
-      + "1AMfI79jjxhqOeo7uxE2NzUmSd05JYI7a94tcRzGQyGEKpGxYCRamzFW23qb"
-      + "vG5Hcqi7Tdd7eTxw4c60l/vQLSo38g6ST5yZrK3URLiAtpioPyjrq2jnVfie"
-      + "QLsiAHhpHF01+t+OcKv3UjwdEyBmQ34h9klwiG7iwBFXZaPXFCF2Np1TqFVG"
-      + "jjBzmB+hRddEiYwN+XGCKB2Cvgc5ZMQ8LG9jQmEKLmOjuumz1ciAVY2qtl1s"
-      + "HYSvfNsIAV/gGzHshOVF19JmGtcQt3pMtupoRh+sh8jY2/x5eIKrj2Jx6HPd"
-      + "p/6IPUr54j0xSd6j7gWuXMj/eKp/utMNuBzAhkydnhXYedvTDYIj7SyPPIHa"
-      + "qtam8rxTDWn2AOxp7OXTgPmo1GU2zW1OLL1D3MFlS+oaRMfhgNrhW+QP5ay6"
-      + "ge4QLijpnSM+p0CbFAOClwzgdJV56bBVV09sDqSBXnG9MeEv5nDaH3I+GpPA"
-      + "UgDkaI4zT61kaGgk0uNMf3czy2ycoQzTx0iHDTXSdSqvUC1yFza8UG4AYaKz"
-      + "14gtSL7StvZtK0Y8oI084BINI1LgrWyrOLj7vkds4WrKhXm21BtM1GbN/pFh"
-      + "XI41h+XoD8KnEPqJ36rAgBo1uHqTNJCC7YikDE/dEvq6MkOx+Nug1YZRHEyi"
-      + "3AHry5u1HJHtxT34HXBwRXvnstuFhvU6cjc1WY1dJhu1p82TGnx7OBo/QbcM"
-      + "8MRrWmWuU5eW4jWbriGNGYfvZy+tHnGwy0bIeqrsHOG6/JwvfmYYXe64sryH"
-      + "5Qo96SZtcTJZaNFwuBY+bFUuOWm8YrT1L7Gl2Muf3pEVtNHLeYARBo1jEAym"
-      + "Cb4jw0oodZqbPKdyyzUZu69fdTJiQkMUcKDfHJEGK0Li9SvtdqJLiiJs57Tb"
-      + "YfOvn+TIuC40ssJFtmtlGCVH/0vtKLWYeW1NYAMzgI/nlhQ7W6Aroh8sZnqv"
-      + "SwxeQmRJaVLxiV6YveTKuVlCbqNVLeEtKYAujgnJtPemGCPbwZpwlBw6V+Dz"
-      + "oXveOBcUqATztWJeNv7RbU0Mk7k057+DNxXBIU+eHRGquyHQSBXxBbA+OFuu"
-      + "4SPfEAyoYed0HEaoKN9lIsBW1xTROI30MZvaJXvPdLsa8izXGPLnTGmoI+fv"
-      + "tJ644HtBCCCr3Reu82ZsTSDMxspZ9aa4ro9Oza+R5eULXDhVXedbhJBYiPPo"
-      + "J37El5lRqOgu2SEilhhVQq3ZCugsinCaY9P/RtWG4CFnH1IcIT5+/mivB48I"
-      + "2XfH6Xq6ziJdj2/r86mhEnz9sKunNvYPBDGlOvI7xucEf9AiEQoTR1xyFDbW"
-      + "ljL4BsJqgsHN02LyUzLwqMstwv+/JH1wUuXSK40Kik/N7+jEFW2C+/N8tN7l"
-      + "RPKSLaTjxVuTfdv/BH1dkV4iGFgpQrdWkWgkb+VZP9xE2mLz715eIAg13x6+"
-      + "n97tc9Hh375xZJqwr3QyYTXWpsK/vx04RThv8p0qMdqKvf3jVQWwnCnoeBv2"
-      + "L4h/uisOLY18qka/Y48ttympG+6DpmzXTwD1LycoG2SOWckCMmJhZK40+zr3"
-      + "NVmWf6iJtbLGMxI/kzTqbTaOfXc2MroertyM1rILRSpgnJFxJfai5Enspr9b"
-      + "SCwlP718jG2lQsnYlw8CuxoZAiaNy4MmC5Y3qNl3hlcggcHeLodyGkSyRsBg"
-      + "cEiKSL7JNvqr0X/nUeW28zVxkmQsWlp3KmST8agf+r+sQvw52fXNLdYznGZV"
-      + "rJrwgNOoRj0Z70MwTns3s/tCqDEsy5Sv/5dZW2uQEe7/wvmsP2WLu73Rwplg"
-      + "1dwi/Uo9lO9dkEzmoIK5wMPCDINxL1K+0Y79q0tIAEMDgaIxmtRpEh8/TEsA"
-      + "UwyEErkDsQqgGviH+ePmawJ/yehYHTRfYUgdUflwApJxRx65pDeSYkiYboMU"
-      + "8WSAQY2nh/p9hLlS4zbz9dCK2tzVyRkJgqNy/c4IpiHEx2l1iipW9vENglqx"
-      + "dYP4uqD8e3OOLjDQKizWx2t1u7GRwoEVQ3d3QzzOvsRcv7h+6vNsmYqE6phe"
-      + "wKFZLctpSn21zkyut444ij4sSr1OG68dEXLY0t0mATfTmXXy5GJBsdK/lLfk"
-      + "YTIPYYeDMle9aEicDqaKqkZUuYPnVchGp8UFMJ3M0n48OMDdDvpzBLTxxZeW"
-      + "cK5v/m3OEo3jgxy9wXfZdz//J3zXXqvX8LpMy1K9X0uCBTz6ERlawviMQhg1"
-      + "1okD5zCCAzYGCSqGSIb3DQEHAaCCAycEggMjMIIDHzCCAxsGCyqGSIb3DQEM"
-      + "CgECoIICpjCCAqIwHAYKKoZIhvcNAQwBAzAOBAj3QoojTSbZqgICCAAEggKA"
-      + "YOSp5XGdnG1pdm9CfvlAaUSHRCOyNLndoUTqteTZjHTEM9bGwNXAx4/R5H2Q"
-      + "PnPm5HB/ynVSXX0uKdW6YlbqUyAdV3eqE4X3Nl+K7ZoXmgAFnMr0tveBhT1b"
-      + "7rTi0TN4twjJzBTkKcxT8XKjvpVizUxGo+Ss5Wk8FrWLHAiC5dZvgRemtGcM"
-      + "w5S09Pwj+qXpjUhX1pB5/63qWPrjVf+Bfmlz4bWcqogGk0i7eg+OdTeWMrW0"
-      + "KR9nD1+/uNEyc4FdGtdIPnM+ax0E+vcco0ExQpTXe0xoX4JW7O71d550Wp89"
-      + "hAVPNrJA5eUbSWNsuz+38gjUJ+4XaAEhcA7HZIp6ZyxtzSJUoh7oqpRktoxu"
-      + "3cSVqVxIqAEqlNn6j0vbKfW91Od5DI5L+BIxY4xqXS7fdwipj9r6qWA8t9QU"
-      + "C2r1A+xXpZ4jEh6inHW9qlfACBBrYf8pSDakSR6yTbaA07LExw0IXz5oiQYt"
-      + "s7yx231CZlOH88bBmruLOIZsJjeg/lf63zI7Gg4F85QG3RqEJnY2pinLUTP7"
-      + "R62VErFZPc2a85r2dbFH1mSQIj/rT1IKe32zIW8xoHC4VwrPkT3bcLFAu2TH"
-      + "5k5zSI/gZUKjPDxb2dwLM4pvsj3gJ9vcFZp6BCuLkZc5rd7CyD8HK9PrBLKd"
-      + "H3Yngy4A08W4U3XUtIux95WE+5O/UEmSF7fr2vT//DwZArGUpBPq4Bikb8cv"
-      + "0wpOwUv8r0DXveeaPsxdipXlt29Ayywcs6KIidLtCaCX6/0u/XtMsGNFS+ah"
-      + "OlumTGBFpbLnagvIf0GKNhbg2lTjflACnxIj8d+QWsnrIU1uC1JRRKCnhpi2"
-      + "veeWd1m8GUb3aTFiMCMGCSqGSIb3DQEJFTEWBBS9g+Xmq/8B462FWFfaLWd/"
-      + "rlFxOTA7BgkqhkiG9w0BCRQxLh4sAEMAZQByAHQAeQBmAGkAawBhAHQAIAB1"
-      + "AHoAeQB0AGsAbwB3AG4AaQBrAGEwMTAhMAkGBSsOAwIaBQAEFKJpUOIj0OtI"
-      + "j2CPp38YIFBEqvjsBAi8G+yhJe3A/wICCAA=");
-
-    private byte[] gostPfx = Base64.decode(
-        "MIIHEgIBAzCCBssGCSqGSIb3DQEHAaCCBrwEgga4MIIGtDCCBYEGCSqGSIb3"
-      + "DQEHBqCCBXIwggVuAgEAMIIFZwYJKoZIhvcNAQcBMFUGCSqGSIb3DQEFDTBI"
-      + "MCcGCSqGSIb3DQEFDDAaBAi114+lRrpkXAICCAAwCgYGKoUDAgIKBQAwHQYG"
-      + "KoUDAgIVMBMECLEIQPMsz/ZZBgcqhQMCAh8BgIIFAbu13yJiW/BnSKYKbtv9"
-      + "tDJoTv6l9BVpCCI4tvpzJnMeLBJyVZU4JevcJNii+R1LilVuuB+xc8e7/P4G"
-      + "6TILWmnnispr9KPRAbYRfoCJOa59+TYJMur58wwDuYgMapQAFzsvpzyUWi62"
-      + "o3uQbbLKO9hQCeJW2L+K9cbg8k33MjXMLpnblKpqmZbHTmBJDFR3xGw7IEjD"
-      + "UNqruu7DlHY6jctiVJSii9UNEVetSo9AAzfROxRjROg38VsWxLyO9wEMBv/8"
-      + "H8ur+zOtmQPGqirNXmN+pa08OvZin9kh7CgswW03xIbfsdGGGLRAWtvCnEwJ"
-      + "mS2tEfH1SZcuVLpMomhq3FU/jsc12k+vq/jw4I2cmfDL41ieK72bwNj8xUXu"
-      + "JHeoFSPGX4z+nsJUrFbFG4VBuDs2Y0SCWLyYZvdjvJwYjfqtyi/RoFSZjGHF"
-      + "crstf9YNQ0vW0efCJ7pUBH44OrbnCx5ng2U5jFm1b3HBIKA2RX+Tlhv14MgT"
-      + "KSftPZ67eSmgdsyPuQAdMu6fEdBMpVKMNZNRV565690sqi+1jOmH94TUX8XU"
-      + "2pRQj6eGGLq6lgGnnDabcePUEPXW8zW2KYrDKYJ/1QZmVGldvlqnjZMNhIO+"
-      + "Afsqax/P8RBjMduGqdilGdRzbN8PdhVaN0Ys+WzFxiS9gtaA2yPzcQuedWDN"
-      + "T7sIrfIapgFYmmHRQ7ht4AKj+lmOyNadONYw+ww+8RzHB1d2Kk+iXeZCtvH0"
-      + "XFWJZtuoGKSt/gkI0E2vpDfMbLaczaRC7ityO0iJs25ozP4JhZRBVvOmpxc9"
-      + "YuIetbTnTf1TLJKXDgt1IwPZeugbofSeiNv117lx8VgtvMYFD4W+WQlB8HnO"
-      + "C8NOYjkMPElc6PCMB9gGm0cIu1fKLvY8ycLav93JJjdDuC0kgKLb2+8mC5+2"
-      + "DdMkcfgW6hy4c98xnJs8enCww3A4xkRbMU13zMq70liqmKHV2SSurg5hwUHM"
-      + "ZthT8p988ZBrnqW24lXfMBqTK4YtIBMeMnvKocYBXr96ig3GfahI1Aj2Bw2e"
-      + "bpZTVeayYUd+2xX8JJMdqna6Q61AL8/eUhJUETz5+fgQJtPjcKmdJfVHO6nB"
-      + "vOk1t/rjK17eiXLxHCyvfP+Tw8lSFOhcvr4eIeG8WfsWNRu2eKKosOU7uash"
-      + "QpnvQieqDeijuRxf+tbbJ5D86inwbJqdxra7wNuZXmiaB9gFDzNbNjhtL+6i"
-      + "gUyX/iQHKi9bNK+PH6pdH/gkwnG/juhdgqoNY6GRty/LUOPgXD+r5e/ST16R"
-      + "vnlwrlKp5FzRWBEkem+dhelj3rb+cxKEyvPe3TvIUFcmIlV1VCRQ1fBHtX18"
-      + "eC3a3GprH8c40z3S/kdyk7GlFQ27DRLka+iDN05b+MP5jlgvfqYBKxwLfeNu"
-      + "MpxWoCUvYWiQdMih86/l0H+0o5UB8SqRbpuvr6fY910JCk0hDaO1pgB3HlRz"
-      + "k1vb46pg25heXQm3JmO+ghxjOGliYBWjl8p7AfRS9cjS8ca+X02Mv9Viv7Ce"
-      + "3+Gz0MVwfK98viJ3CFxkaEBlM2LM0IeUQbkHG+YwYaTSfl4GYyrug4F0ZdrA"
-      + "KeY9/kIxa/OJxjcIMs2H+2mSpxmrb7ylmHZ2RB8ITiduRVtO091hn/J7N+eT"
-      + "h6BvLBKIFU+UFUdgjxoDNDk7ao++Mu9T3dQfceFBOYzW9vMQgX30yaPLSdan"
-      + "ZMAP0VtiNjCCASsGCSqGSIb3DQEHAaCCARwEggEYMIIBFDCCARAGCyqGSIb3"
-      + "DQEMCgECoIGyMIGvMFUGCSqGSIb3DQEFDTBIMCcGCSqGSIb3DQEFDDAaBAiQ"
-      + "Owewo16xzQICCAAwCgYGKoUDAgIKBQAwHQYGKoUDAgIVMBMECHSCNJJcQ2VI"
-      + "BgcqhQMCAh8BBFYCyRRpFtZgnsxeK7ZHT+aOyoVmzhtnLrqoBHgV4nJJW2/e"
-      + "UcJjc2Rlbzfd+3L/GWcRGF8Bgn+MjiaAqE64Rzaao9t2hc3myw1WrCfPnoEx"
-      + "VI7OPBM5FzFMMCMGCSqGSIb3DQEJFTEWBBTV7LvI27QWRmHD45X2WKXYs3ct"
-      + "AzAlBgkqhkiG9w0BCRQxGB4WAGMAcABfAGUAeABwAG8AcgB0AGUAZDA+MC4w"
-      + "CgYGKoUDAgIJBQAEIJbGZorQsNM63+xozwEI561cTFVCbyHAEEpkvF3eijT8"
-      + "BAgY5sDtkrVeBQICCAA=");
-
-    byte[] certChainCycle = Base64.decode(
-        "MIIKEAIBAzCCCcoGCSqGSIb3DQEHAaCCCbsEggm3MIIJszCCAyAGCSqGSIb3"
-      + "DQEHAaCCAxEEggMNMIIDCTCCAwUGCyqGSIb3DQEMCgECoIICsjCCAq4wKAYK"
-      + "KoZIhvcNAQwBAzAaBBQesw38x26DXisTDrMMSoAanDOAQgICBAAEggKAja8F"
-      + "U82RAAxhc36SWNXgWGV4CDSbDLFjlJuuXLTelz77KcX4dqPOQdKakm3OVl96"
-      + "cbp6mWNSOoo0F8bh/Qu51vayt7hT5NIuI8jJ/Q1FYUffMKRxGt14JwuuTQ8W"
-      + "5DO3z7422fm/rUu+Nkd6y+Sr0Q3FAE8QH/vNc9aUwusVAihr0AZCdT0/HwxK"
-      + "AKAXLtMHeTWRpdq3WPSilPEWeeZI9Gk14uKbjEeQIUsa8IujSxTE43XwNRQN"
-      + "z3Qm4oMxGOZP+DPxuKnj+Ug1OXgX5x+GD2fbwytzss9Isv/Zq8wq0gO3t1Ru"
-      + "PjpxPt/MH2PxNLe4JJTxg1tIXfNP5ZU1SivcIjGLWWcEu+xADG9uq2eDBOja"
-      + "mW2ZQ1cInSQw8mKcBbX7aEl0NVadSMfxMZxIw0unmoNEETmScoGr50G4Ha5H"
-      + "ty1iJLNtI69MUA1c2DsoOqyzlnumTTLwuqsZ/E8rFLfO4sHncMxMRdmCEUjn"
-      + "N2ZOfRqMrgtSFfBsYQ5YjxJ6CI1DLAJwIJhvx8tZgyGItgiI8pSyG8xsRliI"
-      + "WPQzocO39zHK0hG6ERGnfJyll62/MlDNl9BqjobswPu97BV9nMtPIl3yVBPa"
-      + "sZxj5LUPYt5nmBlIjIkT5K4cEOIWHKCHPOnAsk8AGW/vrugBcTsyw9nAsRx+"
-      + "PbmOmmgyo0g2SiPsUX0fGQIWOBVZNxkGP/E4qgDOFS0YavxrdUd2Bgo9q9Sc"
-      + "hENPI9wjhPztR2UNLtBviWd8utQJ7NhX+6guWEE4AN6Th/xLb/pe9c0sIsEO"
-      + "41ViDbu4wDGUz6kw3fpXjIu7i6QKniWXEUL9uuchUgZD1GJHQLhD8xgdR6YQ"
-      + "5SwfIadoWTFAMBkGCSqGSIb3DQEJFDEMHgoAYwB5AGMAbABlMCMGCSqGSIb3"
-      + "DQEJFTEWBBRoHxEy+w9gB2sa3ykN2Ok7sb3AajCCBosGCSqGSIb3DQEHBqCC"
-      + "BnwwggZ4AgEAMIIGcQYJKoZIhvcNAQcBMCgGCiqGSIb3DQEMAQYwGgQU40Mi"
-      + "gMmdUNKyHyGi8miA/3bKZO0CAgQAgIIGOIk1Ouu1n1yoHWGM7YsLpB5fqK6D"
-      + "LbhUoxsshDSxqemUX3QDJQVmPC9wQOUp1BUapkfB3uxsM15uUG/EUAPlF3iW"
-      + "0MKDpmcKTC8y1WzMtgZBmmXwRUbguH2gmn4nd6lI2SkLWQg5boQ47aHjZLO2"
-      + "MZsH1b/DUoT4m6fSrgsMnIVh03z1Gs2XO+Ky3qXqQJM9T3VtCfmeIJBIM2eP"
-      + "YqvWfnvoGZZZA+pmqVUSMu6q0U7cDA5CD9zhZ87tZvaJeQ198fVIKpMUHBdf"
-      + "WRGY/opZh4YTfqn+ZiiysEa9jjjx4hSkxS2XGkyUfwPEx4/1E2AdIBfi3KKW"
-      + "BSyx8hurMyf89YsjxqJudfCAQI2GdWLDEXwwHMi1mM3wn5NVFzZUqM/u+t2W"
-      + "f3gJGfykxwECxrn4TmerRJ3znyn7soLPEyy6Pp+JPNLyen3Z8gva5tU7Y2J4"
-      + "aW6YGbBuQ9iW6QcMA93UtWBMGRAJL1jZ9WDguaTkvH8ffSj90jfu7iTHCm/P"
-      + "4EEtEV7D4ciyLc5xVyq7gIQnIIViVRifAHyjbazrIFQ2yXYwINAk0yNmDqxu"
-      + "8W4KNxkhNTGvQP/kkk+oDpSCa7XfxMpny+2BudjEryen2q3skMp3HjU/svHQ"
-      + "+4Y9kxZ5rVYII9S8TRFmgxiRO7cQCdNEwiZndQVGahjVbLI3Jp3vmQhLg+2l"
-      + "QF07yT7Q0nxeyhbpDGUEizUyIKzs9Or0DEHbq0StU3YwLgHGLlllARLm0eAO"
-      + "SVhuxKGATS6GtCb/0jmzV+kX4GrK1Qkmit3Xxt9Lbq9b2v2eSMANqGrGpYyr"
-      + "ETfJ5Ri/UL0nF7M9+tXrrZam1dEM5nJXR04rXQXjxxIuxsrz5xhvS/I+45RY"
-      + "VKN9l1yw80wNYJlE3Un/eUxT0szk6XA7eguhB6ULGTZNDUMZdELAtwPcq+E4"
-      + "4+0oih/XLzo/losH10RZ1bBf58mFVl/SlZ0CDE3x6GnFyH/tyTb6pR3Vre1v"
-      + "TcBod/rkTyEnkPlFSztbBfCXXIRUcSUcbVXge3Vqn7Orhq1+sb6MPcr88uhU"
-      + "c9Z6g6oKf1liIhiELpMZ5qG06hTwmMlE8prE0tdReGP/eaS2eCu8MyN70adT"
-      + "IfW1PAopoZTfDYKxJYdsJUVkUojZUvmJ21sNeNREPaFBbwncHBR/y19afhqE"
-      + "yyvyzDhDJ1D81TkFUR0OwGk7FvV/5JEQCyJq0wIty9G6mJRbUi2tjCc5WpP7"
-      + "edDW5PBS/rfJPTDMGLy80LlD+obCTFc0sSaBI+dag02Xmxe31V9c96VPOsFt"
-      + "GQ532OFwZU52E9zYLQSL8L2sdNlEK+OCvTd1MNVbH6PGBYgxrmoDfNBQlYBh"
-      + "yX2R9wFClraNUBBV9Dtebb6MSqPW7m8xZWAXCmXkDqR9A9kP6qTMd4X3gSFT"
-      + "qJaezTWbHH44PTgffpK5A1ZBQj37se82QWtBKNPU14KEVvXcI+uuM/TmoAJY"
-      + "0hqMeXK/1JfzhxTuJsJl+c45LuGjq9dLY9tgTSqMLeKOqal7sLH1AVs4BCCA"
-      + "J/sHN5pgOjQNLZ1Zup5mZHXR/ynIhKnpYDADOfnAXLizn/UZZFs5huYJYQEQ"
-      + "K7zcDuzPuxcmFVqUa4AyL9Ul1N42rBx3VsKZ+pvcBTQU5mWsaYwPFox4wLx0"
-      + "HITx7v7cFYsqki7IHfgnvpJlIS8hrvqqXHl75b61T7ZfJMJNQjhf29//OZ36"
-      + "QU4mj7lXwudAe+qAJbn1De5B54dQhtLA7B6sX7/7Sy6xP42QJqXhlWngbhF1"
-      + "IsrgZZrFPJ7zeaKnjOfrLWr8bs1nthHNNoL4cqlPuYtliUGy5zxj9bpQH8xj"
-      + "oh8+PjTOT4H57IvUN/US/6R0awy8WafJ211diVjbU2IbjS/P+xa6Xlbaql4Z"
-      + "KlvXRmoMZNl6xPbJg4x6t2anadNmuS7TXHqfTpp+UxeSsr1phyPmxQZPujZY"
-      + "BADnjfNhTRi7esePheR/DPaPLwjllhetm+U7s7EZzMCdEcd5RB/jiceqRQ5b"
-      + "xoqSyvIW1ZcdTzRQEAFAhnMWRdVT0O0KYDATiSVqcBr0b70dIQ0lZvYk/TUy"
-      + "FdYhRXqC8Gzh8xQZPr3CBGoB02pWpp0Hbb5bHtpf3VnfsEmfwBtRPaEUMD0w"
-      + "ITAJBgUrDgMCGgUABBSsUQPThQeWi8r3oQZ22tcQW2dDqgQUSOpRzALP2lIV"
-      + "GOtPKKbIhe5YCbkCAgQA");
-
-    byte[] gostOpenSSLIntegerDPfx = Base64.decode(
-        "MIIC/wIBAzCCAsUGCSqGSIb3DQEHAaCCArYEggKyMIICrjCCAc8GCSqGSIb3"
-      + "DQEHBqCCAcAwggG8AgEAMIIBtQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYw"
-      + "DgQIb1OLAOp7o6ACAggAgIIBiFSfDqzkF2Lv9arM6fdxKrixa9Zu8sGkrsbN"
-      + "1mYEPYRRJFyfTHB2cOn4yl2I6Ldo9m9GKtnTGGYugMTAFLdBNe0f7X0c4fjr"
-      + "norM2ODUDfzuqI0a54DLwixvV4U9Q0qakLKQJDAHnCSsWu7N8tRktpYt9oIZ"
-      + "3sVJ9r01+yxBrDOapAqT3UtaFILSiUU94Zdyehu9hmL3cq33s7Y+orfESC8A"
-      + "O7OYYks7c6sEjNsvUHag2bC3GClzEapiboIs2F2vb12NoiQ0skU3dbO7Jr1T"
-      + "P6qkjBYFvG31c3vG8pNxJ7iwJr5+FonJ6uVg3y8EmYCROD5Eyd0MeGaa+eBr"
-      + "z/CPFaaM50NT6RAL3CTmfqOEzOlXE2qyKZiPD65TxowbjYOmDh8Tb/mfOQUK"
-      + "hx8Tgzttk0CHHHZmUQkMm0RXDj/n07JaeGuQJQ1pK/3Wg7ejfGxj7eFgzmPU"
-      + "jOhIAAe/fwOkxUC8quv/+db/L+EeSQBSEyacU5MliXwOPVytMUOP4pFMtonw"
-      + "C6NzBU5JMIHYBgkqhkiG9w0BBwGggcoEgccwgcQwgcEGCyqGSIb3DQEMCgEC"
-      + "oHIwcDAcBgoqhkiG9w0BDAEDMA4ECF6BMzmkD7DbAgIIAARQlev2YN09882U"
-      + "niwvu9nMIgS3hmjSlqlpkf5aYQLosSy5eaOWCq0Vskqgv5i+77vKyQYcKOH0"
-      + "VnQYu98kWUgZy4fNfesufL+m3d29LX/JGdoxPjAXBgkqhkiG9w0BCRQxCh4I"
-      + "AHQAZQBzAHQwIwYJKoZIhvcNAQkVMRYEFIaC9GvZM/XUGW4U50bkjCfsTrW8"
-      + "MDEwITAJBgUrDgMCGgUABBT3iAwuHw7KQXrl09gBkHaUVbOoBAQIIm90qua1"
-      + "2i4CAggA");
-
-    /**
-     * we generate a self signed certificate for the sake of testing - RSA
-     */
-    public Certificate createCert(
-        PublicKey       pubKey,
-        PrivateKey      privKey,
-        String          issuerEmail,
-        String          subjectEmail)
-        throws Exception
-    {
-        //
-        // distinguished name table.
-        //
-        X500NameBuilder issuerBldr = new X500NameBuilder();
-
-        issuerBldr.addRDN(BCStyle.C, "AU");
-        issuerBldr.addRDN(BCStyle.O, "The Legion of the Bouncy Castle");
-        issuerBldr.addRDN(BCStyle.L, "Melbourne");
-        issuerBldr.addRDN(BCStyle.ST, "Victoria");
-        issuerBldr.addRDN(BCStyle.EmailAddress, issuerEmail);
-
-        X500NameBuilder subjectBldr = new X500NameBuilder();
-
-        subjectBldr.addRDN(BCStyle.C, "AU");
-        subjectBldr.addRDN(BCStyle.O, "The Legion of the Bouncy Castle");
-        subjectBldr.addRDN(BCStyle.L, "Melbourne");
-        subjectBldr.addRDN(BCStyle.ST, "Victoria");
-        subjectBldr.addRDN(BCStyle.EmailAddress, subjectEmail);
-
-        return TestUtils.createCert(issuerBldr.build(), privKey, subjectBldr.build(), "SHA1withRSA", null, pubKey);
-    }
-
-    private void testGOSTStore()
-        throws Exception
-    {
-        byte[] data = Hex.decode("deadbeef");
-
-        KeyStore pkcs12 = KeyStore.getInstance("PKCS12", "BC");
-
-        pkcs12.load(new ByteArrayInputStream(gostPfx), "1".toCharArray());
-
-        PrivateKey pk = (PrivateKey)pkcs12.getKey("cp_exported", null);
-        Certificate[] pubCerts = pkcs12.getCertificateChain("cp_exported");
-
-        Signature sig = Signature.getInstance("ECGOST3410", "BC");
-
-        sig.initSign(pk);
-
-        sig.update(data);
-
-        byte[] signature = sig.sign();
-
-        sig = Signature.getInstance("ECGOST3410", "BC");
-
-        sig.initVerify(pubCerts[0].getPublicKey());
-
-        sig.update(data);
-
-        if (!sig.verify(signature))
-        {
-            fail("key test failed in GOST store");
-        }
-
-        KeyStore ks = KeyStore.getInstance("PKCS12", "BC");
-
-        ks.load(new ByteArrayInputStream(gostOpenSSLIntegerDPfx), "password".toCharArray());
-
-        PrivateKey key = (PrivateKey)ks.getKey("test", "password".toCharArray());
-
-        X509Certificate cert = (X509Certificate)ks.getCertificate("test");
-
-        sig.initSign(key);
-
-        sig.update(data);
-
-        signature = sig.sign();
-
-        sig.initVerify(cert.getPublicKey());
-
-        sig.update(data);
-
-        if (!sig.verify(signature))
-        {
-            fail("key test failed in 2nd GOST store");
-        }
-
-        ByteArrayOutputStream stream = new ByteArrayOutputStream();
-
-        pkcs12.store(stream, "2".toCharArray());
-
-        // confirm mac details consistent
-        Pfx bag = Pfx.getInstance(stream.toByteArray());
-        MacData mData = bag.getMacData();
-
-        isEquals("mac alg not match", new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3411, DERNull.INSTANCE), mData.getMac().getAlgorithmId());
-        isEquals(2048, mData.getIterationCount().intValue());
-        isEquals(8, mData.getSalt().length);
-
-        //confirm key recovery
-        pkcs12 = KeyStore.getInstance("PKCS12", "BC");
-
-        pkcs12.load(new ByteArrayInputStream(stream.toByteArray()), "2".toCharArray());
-
-        PrivateKey pk2 = (PrivateKey)pkcs12.getKey("cp_exported", null);
-
-        isEquals(pk, pk2);
-    }
-
-    public void testPKCS12Store()
-        throws Exception
-    {
-        BigInteger  mod = new BigInteger("bb1be8074e4787a8d77967f1575ef72dd7582f9b3347724413c021beafad8f32dba5168e280cbf284df722283dad2fd4abc750e3d6487c2942064e2d8d80641aa5866d1f6f1f83eec26b9b46fecb3b1c9856a303148a5cc899c642fb16f3d9d72f52526c751dc81622c420c82e2cfda70fe8d13f16cc7d6a613a5b2a2b5894d1", 16);
-        KeyStore store = KeyStore.getInstance("PKCS12", "BC");
-        ByteArrayInputStream stream = new ByteArrayInputStream(pkcs12);
-
-        store.load(stream, passwd);
-
-        Enumeration en = store.aliases();
-        String      pName = null;
-
-        while (en.hasMoreElements())
-        {
-            String  n = (String)en.nextElement();
-            if (store.isKeyEntry(n))
-            {
-                pName = n;
-            }
-            else
-            {
-                // the store's we're using here are consistent so this test will pass - it's actually
-                // possible for this test to fail in other circumstances as PKCS#12 allows certificates
-                // to be stored multiple times under different aliases.
-                X509Certificate cert = (X509Certificate)store.getCertificate(n);
-
-                if (!store.getCertificateAlias(cert).equals(n))
-                {
-                    fail("certificate alias check fails");
-                }
-            }
-        }
-
-        PrivateKey key = (PrivateKey)store.getKey(pName, null);
-
-        if (!((RSAPrivateKey)key).getModulus().equals(mod))
-        {
-            fail("Modulus doesn't match.");
-        }
-
-        Certificate[]    ch = store.getCertificateChain(pName);
-
-        if (ch.length != 3)
-        {
-            fail("chain was wrong length");
-        }
-
-        if (!((X509Certificate)ch[0]).getSerialNumber().equals(new BigInteger("96153094170511488342715101755496684211")))
-        {
-            fail("chain[0] wrong certificate.");
-        }
-
-        if (!((X509Certificate)ch[1]).getSerialNumber().equals(new BigInteger("279751514312356623147411505294772931957")))
-        {
-            fail("chain[1] wrong certificate.");
-        }
-
-        if (!((X509Certificate)ch[2]).getSerialNumber().equals(new BigInteger("11341398017")))
-        {
-            fail("chain[2] wrong certificate.");
-        }
-
-        //
-        // save test
-        //
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        store.store(bOut, passwd);
-
-        stream = new ByteArrayInputStream(bOut.toByteArray());
-
-        store.load(stream, passwd);
-
-        key = (PrivateKey)store.getKey(pName, null);
-
-        if (!((RSAPrivateKey)key).getModulus().equals(mod))
-        {
-            fail("Modulus doesn't match.");
-        }
-
-        //
-        // save test using LoadStoreParameter
-        //
-        bOut = new ByteArrayOutputStream();
-
-        PKCS12StoreParameter storeParam = new PKCS12StoreParameter(bOut, passwd, true);
-
-        store.store(storeParam);
-
-        byte[] data = bOut.toByteArray();
-
-        stream = new ByteArrayInputStream(data);
-        store.load(stream, passwd);
-
-        key = (PrivateKey)store.getKey(pName, null);
-
-        if (!((RSAPrivateKey)key).getModulus().equals(mod))
-        {
-            fail("Modulus doesn't match.");
-        }
-
-        ASN1Encodable outer = new ASN1StreamParser(data).readObject();
-        if (!(outer instanceof DERSequenceParser))
-        {
-            fail("Failed DER encoding test.");
-        }
-
-
-        //
-        // save test using LoadStoreParameter  - old version
-        //
-        bOut = new ByteArrayOutputStream();
-
-        storeParam = new org.bouncycastle.jcajce.provider.config.PKCS12StoreParameter(bOut, passwd, true);
-
-        store.store(storeParam);
-
-        data = bOut.toByteArray();
-
-        stream = new ByteArrayInputStream(data);
-        store.load(stream, passwd);
-
-        key = (PrivateKey)store.getKey(pName, null);
-
-        if (!((RSAPrivateKey)key).getModulus().equals(mod))
-        {
-            fail("Modulus doesn't match.");
-        }
-
-        outer = new ASN1StreamParser(data).readObject();
-        if (!(outer instanceof DERSequenceParser))
-        {
-            fail("Failed DER encoding test.");
-        }
-
-        //
-        // save test using LoadStoreParameter
-        //
-        bOut = new ByteArrayOutputStream();
-
-        JDKPKCS12StoreParameter oldParam = new JDKPKCS12StoreParameter();
-        oldParam.setOutputStream(bOut);
-        oldParam.setPassword(passwd);
-        oldParam.setUseDEREncoding(true);
-
-        store.store(oldParam);
-
-        data = bOut.toByteArray();
-
-        stream = new ByteArrayInputStream(data);
-        store.load(stream, passwd);
-
-        key = (PrivateKey)store.getKey(pName, null);
-
-        if (!((RSAPrivateKey)key).getModulus().equals(mod))
-        {
-            fail("Modulus doesn't match.");
-        }
-
-        outer = new ASN1StreamParser(data).readObject();
-        if (!(outer instanceof DERSequenceParser))
-        {
-            fail("Failed DER encoding test.");
-        }
-
-        //
-        // delete test
-        //
-        store.deleteEntry(pName);
-
-        if (store.getKey(pName, null) != null)
-        {
-            fail("Failed deletion test.");
-        }
-        
-        // cert chain test
-        //
-        store.setCertificateEntry("testCert", ch[2]);
-        
-        if (store.getCertificateChain("testCert") != null)
-        {
-            fail("Failed null chain test.");
-        }
-
-        //
-        // UTF 8 single cert test
-        //
-        store = KeyStore.getInstance("PKCS12", "BC");
-        stream = new ByteArrayInputStream(certUTF);
-
-        store.load(stream, "user".toCharArray());
-
-        if (store.getCertificate("37") == null)
-        {
-            fail("Failed to find UTF cert.");
-        }
-
-        //
-        // try for a self generated certificate
-        //
-        RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(
-            new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-            new BigInteger("11", 16));
-
-        RSAPrivateCrtKeySpec privKeySpec = new RSAPrivateCrtKeySpec(
-            new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-            new BigInteger("11", 16),
-            new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
-            new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
-            new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
-            new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
-            new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
-            new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));
-
-        //
-        // set up the keys
-        //
-        PrivateKey          privKey = null;
-        PublicKey           pubKey = null;
-
-        try
-        {
-            KeyFactory  fact = KeyFactory.getInstance("RSA", "BC");
-
-            privKey = fact.generatePrivate(privKeySpec);
-            pubKey = fact.generatePublic(pubKeySpec);
-        }
-        catch (Exception e)
-        {
-            fail("error setting up keys - " + e.toString());
-        }
-
-        Certificate[] chain = new Certificate[1];
-
-        chain[0] = createCert(pubKey, privKey, "issuer@bouncycastle.org", "subject@bouncycastle.org");
-
-        testSupportedTypes(privKey, chain);
-
-        store = KeyStore.getInstance("PKCS12", "BC");
-
-        store.load(null, null);
-
-        store.setKeyEntry("privateKey", privKey, null, chain);
-        
-        if (!store.containsAlias("privateKey") || !store.containsAlias("PRIVATEKEY"))
-        {
-            fail("couldn't find alias privateKey");
-        }
-        
-        if (store.isCertificateEntry("privateKey"))
-        {
-            fail("key identified as certificate entry");
-        }
-        
-        if (!store.isKeyEntry("privateKey") || !store.isKeyEntry("PRIVATEKEY"))
-        {
-            fail("key not identified as key entry");
-        }
-        
-        if (!"privateKey".equals(store.getCertificateAlias(chain[0])))
-        {
-            fail("Did not return alias for key certificate privateKey");
-        }
-
-        ByteArrayOutputStream store1Stream = new ByteArrayOutputStream();
-
-        store.store(store1Stream, passwd);
-
-        testNoExtraLocalKeyID(store1Stream.toByteArray());
-
-        //
-        // no friendly name test
-        //
-        store = KeyStore.getInstance("PKCS12", "BC");
-        stream = new ByteArrayInputStream(pkcs12noFriendly);
-
-        store.load(stream, noFriendlyPassword);
-
-        en = store.aliases();
-        pName = null;
-
-        while (en.hasMoreElements())
-        {
-             String  n = (String)en.nextElement();
-
-             if (store.isKeyEntry(n))
-             {
-                 pName = n;
-             }
-        }
-        
-        ch = store.getCertificateChain(pName);
-
-        for (int i = 0; i != ch.length; i++)
-        {
-            //System.out.println(ch[i]);
-        }
-        
-        if (ch.length != 1)
-        {
-            fail("no cert found in pkcs12noFriendly");
-        }
-        
-        //
-        // failure tests
-        //
-        ch = store.getCertificateChain("dummy");
-
-        store.getCertificateChain("DUMMY");
-        
-        store.getCertificate("dummy");
-
-        store.getCertificate("DUMMY");
-
-        //
-        // storage test
-        //
-        store = KeyStore.getInstance("PKCS12", "BC");
-        stream = new ByteArrayInputStream(pkcs12StorageIssue);
-
-        store.load(stream, storagePassword);
-
-        en = store.aliases();
-        pName = null;
-
-        while (en.hasMoreElements())
-        {
-             String  n = (String)en.nextElement();
-
-             if (store.isKeyEntry(n))
-             {
-                 pName = n;
-             }
-        }
-        
-        ch = store.getCertificateChain(pName);
-        if (ch.length != 2)
-        {
-            fail("Certificate chain wrong length");
-        }
-
-        store.store(new ByteArrayOutputStream(), storagePassword);
-        
-        //
-        // basic certificate check
-        //
-        store.setCertificateEntry("cert", ch[1]);
-        
-        if (!store.containsAlias("cert") || !store.containsAlias("CERT"))
-        {
-            fail("couldn't find alias cert");
-        }
-        
-        if (!store.isCertificateEntry("cert") || !store.isCertificateEntry("CERT"))
-        {
-            fail("cert not identified as certificate entry");
-        }
-        
-        if (store.isKeyEntry("cert") || store.isKeyEntry("CERT"))
-        {
-            fail("cert identified as key entry");
-        }
-        
-        if (!store.entryInstanceOf("cert", KeyStore.TrustedCertificateEntry.class))
-        {
-            fail("cert not identified as TrustedCertificateEntry");
-        }
-        
-        if (!store.entryInstanceOf("CERT", KeyStore.TrustedCertificateEntry.class))
-        {
-            fail("CERT not identified as TrustedCertificateEntry");
-        }
-
-        if (store.entryInstanceOf("cert", KeyStore.PrivateKeyEntry.class))
-        {
-            fail("cert identified as key entry via PrivateKeyEntry");
-        }
-    
-        if (!"cert".equals(store.getCertificateAlias(ch[1])))
-        {
-            fail("Did not return alias for certificate entry");
-        }
-
-        //
-        // test restoring of a certificate with private key originally as a ca certificate
-        //
-        store = KeyStore.getInstance("PKCS12", "BC");
-        
-        store.load(null, null);
-        
-        store.setCertificateEntry("cert", ch[0]);
-
-        if (!store.containsAlias("cert") || !store.containsAlias("CERT"))
-        {
-            fail("restore: couldn't find alias cert");
-        }
-        
-        if (!store.isCertificateEntry("cert") || !store.isCertificateEntry("CERT"))
-        {
-            fail("restore: cert not identified as certificate entry");
-        }
-        
-        if (store.isKeyEntry("cert") || store.isKeyEntry("CERT"))
-        {
-            fail("restore: cert identified as key entry");
-        }
-        
-        if (store.entryInstanceOf("cert", KeyStore.PrivateKeyEntry.class))
-        {
-            fail("restore: cert identified as key entry via PrivateKeyEntry");
-        }
-        
-        if (store.entryInstanceOf("CERT", KeyStore.PrivateKeyEntry.class))
-        {
-            fail("restore: cert identified as key entry via PrivateKeyEntry");
-        }
-        
-        if (!store.entryInstanceOf("cert", KeyStore.TrustedCertificateEntry.class))
-        {
-            fail("restore: cert not identified as TrustedCertificateEntry");
-        }
-        
-        //
-        // test of reading incorrect zero-length encoding
-        //
-        store = KeyStore.getInstance("PKCS12", "BC");
-        stream = new ByteArrayInputStream(pkcs12nopass);
-        
-        store.load(stream, "".toCharArray());
-    }
-
-    private void testSupportedTypes(PrivateKey privKey, Certificate[] chain)
-        throws Exception
-    {
-        basicStoreTest(privKey, chain, "PKCS12");
-        basicStoreTest(privKey, chain, "BCPKCS12");
-        basicStoreTest(privKey, chain, "PKCS12-DEF");
-
-        basicStoreTest(privKey, chain, "PKCS12-3DES-40RC2");
-        basicStoreTest(privKey, chain, "PKCS12-3DES-3DES");
-
-        basicStoreTest(privKey, chain, "PKCS12-DEF-3DES-40RC2");
-        basicStoreTest(privKey, chain, "PKCS12-DEF-3DES-3DES");
-    }
-
-    private void basicStoreTest(PrivateKey privKey, Certificate[] chain, String type)
-        throws Exception
-    {
-        KeyStore store = KeyStore.getInstance(type, "BC");
-
-        store.load(null, null);
-
-        store.setKeyEntry("key", privKey, null, chain);
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        store.store(bOut, passwd);
-
-        store.load(new ByteArrayInputStream(bOut.toByteArray()), passwd);
-
-        Key k = store.getKey("key", null);
-
-        if (!k.equals(privKey))
-        {
-            fail("private key didn't match");
-        }
-
-        Certificate[] c = store.getCertificateChain("key");
-
-        if (c.length != chain.length || !c[0].equals(chain[0]))
-        {
-            fail("certificates didn't match");
-        }
-
-        if (type.contains("DEF"))
-        {
-            if (c[0] instanceof X509CertificateObject)
-            {
-                fail("wrong certificate type found");
-            }
-        }
-
-        // check attributes
-        PKCS12BagAttributeCarrier b1 = (PKCS12BagAttributeCarrier)k;
-        PKCS12BagAttributeCarrier b2 = (PKCS12BagAttributeCarrier)chain[0];
-
-        if (b1.getBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName) != null)
-        {
-            DERBMPString name = (DERBMPString)b1.getBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_friendlyName);
-
-            if (!name.equals(new DERBMPString("key")))
-            {
-                fail("friendly name wrong");
-            }
-        }
-        else
-        {
-            fail("no friendly name found on key");
-        }
-
-        if (b1.getBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId) != null)
-        {
-            ASN1OctetString id = (ASN1OctetString)b1.getBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId);
-
-            if (!id.equals(b2.getBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId)))
-            {
-                fail("local key id mismatch");
-            }
-        }
-        else
-        {
-            fail("no local key id found");
-        }
-
-        //
-        // check algorithm types.
-        //
-        ASN1InputStream aIn = new ASN1InputStream(bOut.toByteArray());
-
-        Pfx pfx = Pfx.getInstance(aIn.readObject());
-
-        ContentInfo cInfo = pfx.getAuthSafe();
-
-        ASN1OctetString auth = (ASN1OctetString)cInfo.getContent();
-
-        aIn = new ASN1InputStream(auth.getOctets());
-        ASN1Sequence s1 = (ASN1Sequence)aIn.readObject();
-
-        ContentInfo c1 = ContentInfo.getInstance(s1.getObjectAt(0));
-        ContentInfo c2 = ContentInfo.getInstance(s1.getObjectAt(1));
-
-        aIn = new ASN1InputStream(((ASN1OctetString)c1.getContent()).getOctets());
-
-        SafeBag sb = SafeBag.getInstance((((ASN1Sequence)aIn.readObject()).getObjectAt(0)));
-
-        EncryptedPrivateKeyInfo encInfo = EncryptedPrivateKeyInfo.getInstance(sb.getBagValue());
-
-        if (!encInfo.getEncryptionAlgorithm().getAlgorithm().equals(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC))
-        {
-            fail("key encryption algorithm wrong");
-        }
-
-        // check the key encryption
-
-        // check the certificate encryption
-        EncryptedData cb = EncryptedData.getInstance(c2.getContent());
-
-        if (type.endsWith("3DES"))
-        {
-            if (!cb.getEncryptionAlgorithm().getAlgorithm().equals(PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC))
-            {
-                fail("expected 3DES found: " + cb.getEncryptionAlgorithm().getAlgorithm());
-            }
-        }
-        else if (type.endsWith("40RC2"))
-        {
-            if (!cb.getEncryptionAlgorithm().getAlgorithm().equals(PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC2_CBC))
-            {
-                fail("expected 40 bit RC2 found: " + cb.getEncryptionAlgorithm().getAlgorithm());
-            }
-        }
-        else
-        {
-            if (!cb.getEncryptionAlgorithm().getAlgorithm().equals(PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC2_CBC))
-            {
-                fail("expected 40 bit RC2 found: " + cb.getEncryptionAlgorithm().getAlgorithm());
-            }
-        }
-    }
-
-    private void testNoExtraLocalKeyID(byte[] store1data)
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("RSA", "BC");
-
-        kpg.initialize(512);
-
-        KeyPair newPair = kpg.genKeyPair();
-
-        KeyStore store1 = KeyStore.getInstance("PKCS12", "BC");
-
-        store1.load(new ByteArrayInputStream(store1data), passwd);
-
-        KeyStore store2 = KeyStore.getInstance("PKCS12", "BC");
-
-        store2.load(null, null);
-        
-        PrivateKey k1 = (PrivateKey)store1.getKey("privatekey", null);
-        Certificate[] chain1 = store1.getCertificateChain("privatekey");
-
-        Certificate[] chain2 = new Certificate[chain1.length + 1];
-
-        System.arraycopy(chain1, 0, chain2, 1, chain1.length);
-
-        chain2[0] = createCert(newPair.getPublic(), k1, "subject@bouncycastle.org", "extra@bouncycaste.org");
-
-        if (((PKCS12BagAttributeCarrier)chain1[0]).getBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId) == null)
-        {
-            fail("localKeyID not found initially");
-        }
-        
-        store2.setKeyEntry("new", newPair.getPrivate(), null, chain2);
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        store2.store(bOut, passwd);
-
-        store2.load(new ByteArrayInputStream(bOut.toByteArray()), passwd);
-
-        chain2 = store2.getCertificateChain("new");
-
-        if (((PKCS12BagAttributeCarrier)chain2[1]).getBagAttribute(PKCSObjectIdentifiers.pkcs_9_at_localKeyId) != null)
-        {
-            fail("localKeyID found after save");
-        }
-    }
-
-    private void testChainCycle()
-        throws Exception
-    {
-        KeyStore keyStore = KeyStore.getInstance("PKCS12", "BC");
-
-        // initialize key store
-        keyStore.load(new ByteArrayInputStream(certChainCycle), "test".toCharArray());
-
-        keyStore.getEntry("cycle", new KeyStore.PasswordProtection("test".toCharArray()));
-    }
-
-    private void testOrphanedCertCleanup()
-        throws Exception
-    {
-        KeyPair kp1 = TestUtils.generateRSAKeyPair();
-        KeyPair kp1ca = TestUtils.generateRSAKeyPair();
-        KeyPair kp1ee = TestUtils.generateRSAKeyPair();
-
-        X509Certificate kp1Root = TestUtils.generateRootCert(kp1, new X500Name("CN=KP1 ROOT"));
-        X509Certificate kp1CA = TestUtils.generateIntermediateCert(kp1ca.getPublic(), new X500Name("CN=KP1 CA"), kp1.getPrivate(), kp1Root);
-        X509Certificate kp1EE = TestUtils.generateEndEntityCert(kp1ee.getPublic(), new X500Name("CN=KP1 EE"), kp1ca.getPrivate(), kp1CA);
-
-        Certificate[] kp1Chain = new Certificate[] { kp1EE, kp1CA, kp1Root };
-
-        KeyPair kp2 = TestUtils.generateRSAKeyPair();
-        KeyPair kp2ca = TestUtils.generateRSAKeyPair();
-        KeyPair kp2ee = TestUtils.generateRSAKeyPair();
-
-        X509Certificate kp2Root = TestUtils.generateRootCert(kp2, new X500Name("CN=KP2 ROOT"));
-        X509Certificate kp2CA = TestUtils.generateIntermediateCert(kp2ca.getPublic(), new X500Name("CN=KP2 CA"), kp2.getPrivate(), kp1Root);
-        X509Certificate kp2EE = TestUtils.generateEndEntityCert(kp2ee.getPublic(), new X500Name("CN=KP2 EE"), kp2ca.getPrivate(), kp1CA);
-
-        Certificate[] kp2Chain = new Certificate[] { kp2EE, kp2CA, kp2Root };
-
-        KeyPair kp3 = TestUtils.generateRSAKeyPair();
-        X509Certificate kp3Root = TestUtils.generateRootCert(kp3, new X500Name("CN=KP3 ROOT"));
-
-        KeyStore keyStore = KeyStore.getInstance("PKCS12", "BC");
-
-        keyStore.load(null, null);
-
-        keyStore.setKeyEntry("kp1", kp1ee.getPrivate(), null, kp1Chain);
-        keyStore.setCertificateEntry("kp1root", kp1Root);
-        keyStore.setKeyEntry("kp2", kp1ee.getPrivate(), null, kp2Chain);
-
-        keyStore.setCertificateEntry("kp3root", kp3Root);
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        keyStore.store(bOut, "fred".toCharArray());
-
-        byte[] baseData = bOut.toByteArray();
-
-        KeyStore ks1 = KeyStore.getInstance("PKCS12", "BC");
-
-        ks1.load(new ByteArrayInputStream(baseData), "fred".toCharArray());
-
-        if (!ks1.containsAlias("kp1") || !ks1.isKeyEntry("kp1") || ks1.getCertificateChain("kp1").length != 3)
-        {
-            fail("kp1 missing in ks1");
-        }
-
-        ks1.deleteEntry("kp1");
-
-        ByteArrayOutputStream bOut1 = new ByteArrayOutputStream();
-
-        ks1.store(bOut1, "fred".toCharArray());
-
-        KeyStore ks2 = KeyStore.getInstance("PKCS12", "BC");
-
-        ks2.load(new ByteArrayInputStream(bOut1.toByteArray()), "fred".toCharArray());
-
-        if (!ks2.containsAlias("kp2") || !ks2.isKeyEntry("kp2") || ks2.getCertificateChain("kp2").length != 3)
-        {
-            fail("kp2 missing in ks2");
-        }
-
-        if (!ks2.containsAlias("kp1root") || !ks2.isCertificateEntry("kp1root"))
-        {
-            fail("kp1root missing in ks2");
-        }
-
-        if (!ks2.containsAlias("kp3root") || !ks2.isCertificateEntry("kp3root"))
-        {
-            fail("kp3root missing in ks2");
-        }
-
-        if (ks2.size() != 3)
-        {
-            fail("ks2 wrong size");
-        }
-
-        ks2.deleteEntry("kp2");
-
-        ByteArrayOutputStream bOut2 = new ByteArrayOutputStream();
-
-        ks2.store(bOut2, "fred".toCharArray());
-
-        KeyStore ks3 = KeyStore.getInstance("PKCS12", "BC");
-
-        ks3.load(new ByteArrayInputStream(bOut2.toByteArray()), "fred".toCharArray());
-
-        if (!ks3.containsAlias("kp1root") || !ks3.isCertificateEntry("kp1root"))
-        {
-            fail("kp1root missing in ks3");
-        }
-
-        if (!ks3.containsAlias("kp3root") || !ks3.isCertificateEntry("kp3root"))
-        {
-            fail("kp3root missing in ks3");
-        }
-
-        if (ks3.size() != 2)
-        {
-            fail("ks3 wrong size");
-        }
-    }
-
-    private void testIterationCount()
-        throws Exception
-    {
-        System.setProperty("org.bouncycastle.pkcs12.max_it_count", "10");
-
-        ByteArrayInputStream stream = new ByteArrayInputStream(pkcs12StorageIssue);
-        KeyStore store = KeyStore.getInstance("PKCS12", "BC");
-
-        try
-        {
-            store.load(stream, storagePassword);
-            fail("no exception");
-        }
-        catch (IOException e)
-        {
-            isTrue(e.getMessage().endsWith("iteration count 2000 greater than 10"));
-        }
-
-        System.clearProperty("org.bouncycastle.pkcs12.max_it_count");
-    }
-
-    private void testBCFKSLoad()
-        throws Exception
-    {
-        KeyStore k = KeyStore.getInstance("BCFKS", "BC");
-
-        try
-        {
-            k.load(new ByteArrayInputStream(pkcs12), passwd);
-        }
-        catch (IOException e)
-        {
-            isTrue("malformed sequence".equals(e.getMessage()));
-        }
-
-        KeyPair kp1 = TestUtils.generateRSAKeyPair();
-        KeyPair kp1ca = TestUtils.generateRSAKeyPair();
-        KeyPair kp1ee = TestUtils.generateRSAKeyPair();
-
-        X509Certificate kp1Root = TestUtils.generateRootCert(kp1, new X500Name("CN=KP1 ROOT"));
-        X509Certificate kp1CA = TestUtils.generateIntermediateCert(kp1ca.getPublic(), new X500Name("CN=KP1 CA"), kp1.getPrivate(), kp1Root);
-        X509Certificate kp1EE = TestUtils.generateEndEntityCert(kp1ee.getPublic(), new X500Name("CN=KP1 EE"), kp1ca.getPrivate(), kp1CA);
-
-        Certificate[] kp1Chain = new Certificate[] { kp1EE, kp1CA, kp1Root };
-
-        KeyPair kp2 = TestUtils.generateRSAKeyPair();
-        KeyPair kp2ca = TestUtils.generateRSAKeyPair();
-        KeyPair kp2ee = TestUtils.generateRSAKeyPair();
-
-        X509Certificate kp2Root = TestUtils.generateRootCert(kp2, new X500Name("CN=KP2 ROOT"));
-        X509Certificate kp2CA = TestUtils.generateIntermediateCert(kp2ca.getPublic(), new X500Name("CN=KP2 CA"), kp2.getPrivate(), kp1Root);
-        X509Certificate kp2EE = TestUtils.generateEndEntityCert(kp2ee.getPublic(), new X500Name("CN=KP2 EE"), kp2ca.getPrivate(), kp1CA);
-
-        Certificate[] kp2Chain = new Certificate[] { kp2EE, kp2CA, kp2Root };
-
-        KeyPair kp3 = TestUtils.generateRSAKeyPair();
-        X509Certificate kp3Root = TestUtils.generateRootCert(kp3, new X500Name("CN=KP3 ROOT"));
-
-        KeyStore keyStore = KeyStore.getInstance("BCFKS", "BC");
-
-        keyStore.load(null, null);
-
-        keyStore.setKeyEntry("kp1", kp1ee.getPrivate(), null, kp1Chain);
-        keyStore.setCertificateEntry("kp1root", kp1Root);
-        keyStore.setKeyEntry("kp2", kp1ee.getPrivate(), null, kp2Chain);
-
-        keyStore.setCertificateEntry("kp3root", kp3Root);
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        keyStore.store(bOut, "fred".toCharArray());
-
-        KeyStore k12 = KeyStore.getInstance("PKCS12", "BC");
-
-        try
-        {
-            k12.load(new ByteArrayInputStream(bOut.toByteArray()), "fred".toCharArray());
-        }
-        catch (IOException e)
-        {           
-            isTrue("illegal object in getInstance: org.bouncycastle.asn1.DLSequence".equals(e.getMessage()));
-        }
-    }
-
-    public String getName()
-    {
-        return "PKCS12Store";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        testIterationCount();
-        testPKCS12Store();
-        testGOSTStore();
-        testChainCycle();
-        testBCFKSLoad();
-
-        // converter tests
-
-        KeyStore kS = KeyStore.getInstance("PKCS12", "BC");
-
-        byte[] data = PKCS12Util.convertToDefiniteLength(pkcs12);
-        kS.load(new ByteArrayInputStream(data), passwd);     // check MAC
-
-        ASN1Encodable obj = new ASN1StreamParser(data).readObject();
-        if (!(obj instanceof DERSequenceParser))
-        {
-            fail("Failed DER conversion test.");
-        }
-
-        data = PKCS12Util.convertToDefiniteLength(pkcs12, passwd, "BC");
-        kS.load(new ByteArrayInputStream(data), passwd); //check MAC
-
-        obj = new ASN1StreamParser(data).readObject();
-        if (!(obj instanceof DERSequenceParser))
-        {
-            fail("Failed deep DER conversion test - outer.");
-        }
-
-        Pfx pfx = Pfx.getInstance(obj);
-
-        obj = new ASN1StreamParser(ASN1OctetString.getInstance(pfx.getAuthSafe().getContent()).getOctets()).readObject();
-        if (!(obj instanceof DERSequenceParser))
-        {
-            fail("Failed deep DER conversion test - inner.");
-        }
-
-        testOrphanedCertCleanup();
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new PKCS12StoreTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/PKIXNameConstraintsTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/PKIXNameConstraintsTest.java
deleted file mode 100644
index df8e8b5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/PKIXNameConstraintsTest.java
+++ /dev/null

@@ -1,452 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.GeneralSubtree;
-import org.bouncycastle.jce.provider.PKIXNameConstraintValidator;
-import org.bouncycastle.jce.provider.PKIXNameConstraintValidatorException;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * Test class for {@link PKIXNameConstraintValidator}.
- * <p>
- * The field testXYZ is the name to test.
- * <p>
- * The field testXYZIsConstraint must be tested if it is permitted and excluded.
- * <p>
- * The field testXYZIsNotConstraint must be tested if it is not permitted and
- * not excluded.
- * <p>
- * Furthermore there are tests for the intersection and union of test names.
- * 
- */
-public class PKIXNameConstraintsTest
-    extends SimpleTest
-{
-
-    private final static String testEmail = "test@abc.test.com";
-
-    private final static String testEmailIsConstraint[] =
-    { "test@abc.test.com", "abc.test.com", ".test.com" };
-
-    private final static String testEmailIsNotConstraint[] =
-    { ".abc.test.com", "www.test.com", "test1@abc.test.com", "bc.test.com" };
-
-    private final static String email1[] =
-    { "test@test.com", "test@test.com", "test@test.com", "test@abc.test.com",
-            "test@test.com", "test@test.com", ".test.com", ".test.com",
-            ".test.com", ".test.com", "test.com", "abc.test.com",
-            "abc.test1.com", "test.com", "test.com", ".test.com" };
-
-    private final static String email2[] =
-    { "test@test.abc.com", "test@test.com", ".test.com", ".test.com",
-            "test.com", "test1.com", "test@test.com", ".test.com",
-            ".test1.com", "test.com", "test.com", ".test.com", ".test.com",
-            "test1.com", ".test.com", "abc.test.com" };
-
-    private final static String emailintersect[] =
-    { null, "test@test.com", null, "test@abc.test.com", "test@test.com", null,
-            null, ".test.com", null, null, "test.com", "abc.test.com", null,
-            null, null, "abc.test.com" };
-
-    private final static String emailunion[][] =
-    {
-    { "test@test.com", "test@test.abc.com" },
-    { "test@test.com" },
-    { "test@test.com", ".test.com" },
-    { ".test.com" },
-    { "test.com" },
-    { "test@test.com", "test1.com" },
-    { ".test.com", "test@test.com" },
-    { ".test.com" },
-    { ".test.com", ".test1.com" },
-    { ".test.com", "test.com" },
-    { "test.com" },
-    { ".test.com" },
-    { ".test.com", "abc.test1.com" },
-    { "test1.com", "test.com" },
-    { ".test.com", "test.com" },
-    { ".test.com" } };
-
-    private final static String[] dn1 =
-    { "O=test org, OU=test org unit, CN=John Doe" };
-
-    private final static String[] dn2 =
-    { "O=test org, OU=test org unit" };
-
-    private final static String[][] dnUnion =
-    {
-    { "O=test org, OU=test org unit" } };
-
-    private final static String[] dnIntersection =
-    { "O=test org, OU=test org unit, CN=John Doe" };
-
-    private final static String testDN = "O=test org, OU=test org unit, CN=John Doe";
-
-    private final static String testDNIsConstraint[] =
-    { "O=test org, OU=test org unit",
-            "O=test org, OU=test org unit, CN=John Doe" };
-
-    private final static String testDNIsNotConstraint[] =
-    { "O=test org, OU=test org unit, CN=John Doe2",
-            "O=test org, OU=test org unit2",
-            "OU=test org unit, O=test org, CN=John Doe",
-            "O=test org, OU=test org unit, CN=John Doe, L=USA" };
-
-    private final static String testDNS = "abc.test.com";
-
-    private final static String testDNSIsConstraint[] =
-    { "test.com", "abc.test.com", "test.com" };
-
-    private final static String testDNSIsNotConstraint[] =
-    { "wwww.test.com", "ww.test.com", "www.test.com" };
-
-    private final static String dns1[] =
-    { "www.test.de", "www.test1.de", "www.test.de" };
-
-    private final static String dns2[] =
-    { "test.de", "www.test.de", "www.test.de" };
-
-    private final static String dnsintersect[] =
-    { "www.test.de", null, null };
-
-    private final static String dnsunion[][] =
-    {
-    { "test.de" },
-    { "www.test1.de", "www.test.de" },
-    { "www.test.de" } };
-
-    private final static String testURI = "http://karsten:password@abc.test.com:8080";
-
-    private final static String testURIIsConstraint[] =
-    { "abc.test.com", ".test.com" };
-
-    private final static String testURIIsNotConstraint[] =
-    { "xyz.test.com", ".abc.test.com" };
-
-    private final static String uri1[] =
-    { "www.test.de", ".test.de", "test1.de", ".test.de" };
-
-    private final static String uri2[] =
-    { "test.de", "www.test.de", "test1.de", ".test.de" };
-
-    private final static String uriintersect[] =
-    { null, "www.test.de", "test1.de", ".test.de" };
-
-    private final static String uriunion[][] =
-    {
-    { "www.test.de", "test.de" },
-    { ".test.de" },
-    { "test1.de" },
-    { ".test.de" } };
-
-    private final static byte[] testIP =
-
-    { (byte) 192, (byte) 168, 1, 2 };
-
-    private final static byte[][] testIPIsConstraint =
-    {
-    { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, 0 },
-    { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, 4 } };
-
-    private final static byte[][] testIPIsNotConstraint =
-    {
-    { (byte) 192, (byte) 168, 3, 1, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, 2 },
-    { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF, (byte) 0xFF, 3 } };
-
-    private final static byte[][] ip1 =
-    {
-            { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF,
-                    (byte) 0xFE, (byte) 0xFF },
-            { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF,
-                    (byte) 0xFF, (byte) 0xFF },
-            { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF,
-                    (byte) 0xFF, (byte) 0x00 } };
-
-    private final static byte[][] ip2 =
-    {
-            { (byte) 192, (byte) 168, 0, 1, (byte) 0xFF, (byte) 0xFF,
-                    (byte) 0xFC, 3 },
-            { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF,
-                    (byte) 0xFF, (byte) 0xFF },
-            { (byte) 192, (byte) 168, 0, 1, (byte) 0xFF, (byte) 0xFF,
-                    (byte) 0xFF, (byte) 0x00 } };
-
-    private final static byte[][] ipintersect =
-    {
-            { (byte) 192, (byte) 168, 0, 1, (byte) 0xFF, (byte) 0xFF,
-                    (byte) 0xFE, (byte) 0xFF },
-            { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF,
-                    (byte) 0xFF, (byte) 0xFF }, null };
-
-    private final static byte[][][] ipunion =
-    {
-            {
-                    { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF,
-                            (byte) 0xFE, (byte) 0xFF },
-                    { (byte) 192, (byte) 168, 0, 1, (byte) 0xFF, (byte) 0xFF,
-                            (byte) 0xFC, 3 } },
-            {
-            { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF,
-                    (byte) 0xFF, (byte) 0xFF } },
-            {
-                    { (byte) 192, (byte) 168, 1, 1, (byte) 0xFF, (byte) 0xFF,
-                            (byte) 0xFF, (byte) 0x00 },
-                    { (byte) 192, (byte) 168, 0, 1, (byte) 0xFF, (byte) 0xFF,
-                            (byte) 0xFF, (byte) 0x00 } } };
-
-    public String getName()
-    {
-        return "PKIXNameConstraintsTest";
-    }
-
-    public void performTest() throws Exception
-    {
-        testConstraints(GeneralName.rfc822Name, testEmail,
-            testEmailIsConstraint, testEmailIsNotConstraint, email1, email2,
-            emailunion, emailintersect);
-        testConstraints(GeneralName.dNSName, testDNS, testDNSIsConstraint,
-            testDNSIsNotConstraint, dns1, dns2, dnsunion, dnsintersect);
-        testConstraints(GeneralName.directoryName, testDN, testDNIsConstraint,
-            testDNIsNotConstraint, dn1, dn2, dnUnion, dnIntersection);
-        testConstraints(GeneralName.uniformResourceIdentifier, testURI,
-            testURIIsConstraint, testURIIsNotConstraint, uri1, uri2, uriunion,
-            uriintersect);
-        testConstraints(GeneralName.iPAddress, testIP, testIPIsConstraint,
-            testIPIsNotConstraint, ip1, ip2, ipunion, ipintersect);
-    }
-
-    /**
-     * Tests string based GeneralNames for inclusion or exclusion.
-     * 
-     * @param nameType The {@link GeneralName} type to test.
-     * @param testName The name to test.
-     * @param testNameIsConstraint The names where <code>testName</code> must
-     *            be included and excluded.
-     * @param testNameIsNotConstraint The names where <code>testName</code>
-     *            must not be excluded and included.
-     * @param testNames1 Operand 1 of test names to use for union and
-     *            intersection testing.
-     * @param testNames2 Operand 2 of test names to use for union and
-     *            intersection testing.
-     * @param testUnion The union results.
-     * @param testInterSection The intersection results.
-     * @throws Exception If an unexpected exception occurs.
-     */
-    private void testConstraints(
-        int nameType,
-        String testName,
-        String[] testNameIsConstraint,
-        String[] testNameIsNotConstraint,
-        String[] testNames1,
-        String[] testNames2,
-        String[][] testUnion,
-        String[] testInterSection) throws Exception
-    {
-        for (int i = 0; i < testNameIsConstraint.length; i++)
-        {
-            PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator();
-            constraintValidator.intersectPermittedSubtree(new GeneralSubtree(
-                new GeneralName(nameType, testNameIsConstraint[i])));
-            constraintValidator.checkPermitted(new GeneralName(nameType, testName));
-        }
-        for (int i = 0; i < testNameIsNotConstraint.length; i++)
-        {
-            PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator();
-            constraintValidator.intersectPermittedSubtree(new GeneralSubtree(
-                new GeneralName(nameType, testNameIsNotConstraint[i])));
-            try
-            {
-                constraintValidator.checkPermitted(new GeneralName(nameType, testName));
-                fail("not permitted name allowed: " + nameType);
-            }
-            catch (PKIXNameConstraintValidatorException e)
-            {
-                // expected
-            }
-        }
-        for (int i = 0; i < testNameIsConstraint.length; i++)
-        {
-            PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator();
-            constraintValidator.addExcludedSubtree(new GeneralSubtree(new GeneralName(
-                nameType, testNameIsConstraint[i])));
-            try
-            {
-                constraintValidator.checkExcluded(new GeneralName(nameType, testName));
-                fail("excluded name missed: " + nameType);
-            }
-            catch (PKIXNameConstraintValidatorException e)
-            {
-                // expected
-            }
-        }
-        for (int i = 0; i < testNameIsNotConstraint.length; i++)
-        {
-            PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator();
-            constraintValidator.addExcludedSubtree(new GeneralSubtree(new GeneralName(
-                nameType, testNameIsNotConstraint[i])));
-            constraintValidator.checkExcluded(new GeneralName(nameType, testName));
-        }
-        for (int i = 0; i < testNames1.length; i++)
-        {
-            PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator();
-            constraintValidator.addExcludedSubtree(new GeneralSubtree(new GeneralName(
-                nameType, testNames1[i])));
-            constraintValidator.addExcludedSubtree(new GeneralSubtree(new GeneralName(
-                nameType, testNames2[i])));
-            PKIXNameConstraintValidator constraints2 = new PKIXNameConstraintValidator();
-            for (int j = 0; j < testUnion[i].length; j++)
-            {
-                constraints2.addExcludedSubtree(new GeneralSubtree(
-                    new GeneralName(nameType, testUnion[i][j])));
-            }
-            if (!constraints2.equals(constraintValidator))
-            {
-                fail("union wrong: " + nameType);
-            }
-            constraintValidator = new PKIXNameConstraintValidator();
-            constraintValidator.intersectPermittedSubtree(new GeneralSubtree(
-                new GeneralName(nameType, testNames1[i])));
-            constraintValidator.intersectPermittedSubtree(new GeneralSubtree(
-                new GeneralName(nameType, testNames2[i])));
-            constraints2 = new PKIXNameConstraintValidator();
-            if (testInterSection[i] != null)
-            {
-                constraints2.intersectPermittedSubtree(new GeneralSubtree(
-                    new GeneralName(nameType, testInterSection[i])));
-            }
-            else
-            {
-                constraints2.intersectEmptyPermittedSubtree(nameType);
-            }
-            if (!constraints2.equals(constraintValidator))
-            {
-                fail("intersection wrong: " + nameType);
-            }
-        }
-    }
-
-    /**
-     * Tests byte array based GeneralNames for inclusion or exclusion.
-     * 
-     * @param nameType The {@link GeneralName} type to test.
-     * @param testName The name to test.
-     * @param testNameIsConstraint The names where <code>testName</code> must
-     *            be included and excluded.
-     * @param testNameIsNotConstraint The names where <code>testName</code>
-     *            must not be excluded and included.
-     * @param testNames1 Operand 1 of test names to use for union and
-     *            intersection testing.
-     * @param testNames2 Operand 2 of test names to use for union and
-     *            intersection testing.
-     * @param testUnion The union results.
-     * @param testInterSection The intersection results.
-     * @throws Exception If an unexpected exception occurs.
-     */
-    private void testConstraints(
-        int nameType,
-        byte[] testName,
-        byte[][] testNameIsConstraint,
-        byte[][] testNameIsNotConstraint,
-        byte[][] testNames1,
-        byte[][] testNames2,
-        byte[][][] testUnion,
-        byte[][] testInterSection) throws Exception
-    {
-        for (int i = 0; i < testNameIsConstraint.length; i++)
-        {
-            PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator();
-            constraintValidator.intersectPermittedSubtree(new GeneralSubtree(
-                new GeneralName(nameType, new DEROctetString(
-                    testNameIsConstraint[i]))));
-            constraintValidator.checkPermitted(new GeneralName(nameType,
-                new DEROctetString(testName)));
-        }
-        for (int i = 0; i < testNameIsNotConstraint.length; i++)
-        {
-            PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator();
-            constraintValidator.intersectPermittedSubtree(new GeneralSubtree(
-                new GeneralName(nameType, new DEROctetString(
-                    testNameIsNotConstraint[i]))));
-            try
-            {
-                constraintValidator.checkPermitted(new GeneralName(nameType,
-                    new DEROctetString(testName)));
-                fail("not permitted name allowed: " + nameType);
-            }
-            catch (PKIXNameConstraintValidatorException e)
-            {
-                // expected
-            }
-        }
-        for (int i = 0; i < testNameIsConstraint.length; i++)
-        {
-            PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator();
-            constraintValidator.addExcludedSubtree(new GeneralSubtree(new GeneralName(
-                nameType, new DEROctetString(testNameIsConstraint[i]))));
-            try
-            {
-                constraintValidator.checkExcluded(new GeneralName(nameType,
-                    new DEROctetString(testName)));
-                fail("excluded name missed: " + nameType);
-            }
-            catch (PKIXNameConstraintValidatorException e)
-            {
-                // expected
-            }
-        }
-        for (int i = 0; i < testNameIsNotConstraint.length; i++)
-        {
-            PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator();
-            constraintValidator.addExcludedSubtree(new GeneralSubtree(new GeneralName(
-                nameType, new DEROctetString(testNameIsNotConstraint[i]))));
-            constraintValidator.checkExcluded(new GeneralName(nameType,
-                new DEROctetString(testName)));
-        }
-        for (int i = 0; i < testNames1.length; i++)
-        {
-            PKIXNameConstraintValidator constraintValidator = new PKIXNameConstraintValidator();
-            constraintValidator.addExcludedSubtree(new GeneralSubtree(new GeneralName(
-                nameType, new DEROctetString(testNames1[i]))));
-            constraintValidator.addExcludedSubtree(new GeneralSubtree(new GeneralName(
-                nameType, new DEROctetString(testNames2[i]))));
-            PKIXNameConstraintValidator constraints2 = new PKIXNameConstraintValidator();
-            for (int j = 0; j < testUnion[i].length; j++)
-            {
-                constraints2.addExcludedSubtree(new GeneralSubtree(
-                    new GeneralName(nameType, new DEROctetString(
-                        testUnion[i][j]))));
-            }
-            if (!constraints2.equals(constraintValidator))
-            {
-                fail("union wrong: " + nameType);
-            }
-            constraintValidator = new PKIXNameConstraintValidator();
-            constraintValidator.intersectPermittedSubtree(new GeneralSubtree(
-                new GeneralName(nameType, new DEROctetString(testNames1[i]))));
-            constraintValidator.intersectPermittedSubtree(new GeneralSubtree(
-                new GeneralName(nameType, new DEROctetString(testNames2[i]))));
-            constraints2 = new PKIXNameConstraintValidator();
-            if (testInterSection[i] != null)
-            {
-                constraints2.intersectPermittedSubtree(new GeneralSubtree(
-                new GeneralName(nameType, new DEROctetString(
-                    testInterSection[i]))));
-            }
-            else
-            {
-                constraints2.intersectEmptyPermittedSubtree(nameType);
-            }
-
-            if (!constraints2.equals(constraintValidator))
-            {
-                fail("intersection wrong: " + nameType);
-            }
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        runTest(new PKIXNameConstraintsTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/PKIXPolicyMappingTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/PKIXPolicyMappingTest.java
deleted file mode 100644
index f929a9d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/PKIXPolicyMappingTest.java
+++ /dev/null

@@ -1,460 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyFactory;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.Security;
-import java.security.cert.CertPathBuilder;
-import java.security.cert.CertStore;
-import java.security.cert.CollectionCertStoreParameters;
-import java.security.cert.PKIXBuilderParameters;
-import java.security.cert.PKIXCertPathBuilderResult;
-import java.security.cert.TrustAnchor;
-import java.security.cert.X509CertSelector;
-import java.security.cert.X509Certificate;
-import java.security.spec.RSAPrivateCrtKeySpec;
-import java.security.spec.RSAPublicKeySpec;
-import java.util.Date;
-import java.util.HashSet;
-import java.util.Hashtable;
-import java.util.Set;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.BasicConstraints;
-import org.bouncycastle.asn1.x509.CertificatePolicies;
-import org.bouncycastle.asn1.x509.PolicyInformation;
-import org.bouncycastle.asn1.x509.PolicyMappings;
-import org.bouncycastle.asn1.x509.X509Extensions;
-import org.bouncycastle.jce.X509Principal;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestFailedException;
-import org.bouncycastle.x509.X509V3CertificateGenerator;
-
-public class PKIXPolicyMappingTest
-    extends SimpleTest
-{
-    static X509V3CertificateGenerator  v3CertGen = new X509V3CertificateGenerator();
-    
-    public String getName()
-    {
-        return "PKIXPolicyMapping";
-    }
-    
-    /**
-     * TrustAnchor's Cert
-     */
-    private X509Certificate createTrustCert(
-        PublicKey       pubKey,
-        PrivateKey      privKey)
-        throws Exception
-    {
-        String  issuer  = "C=JP, O=policyMappingAdditionalTest, OU=trustAnchor";
-        String  subject = "C=JP, O=policyMappingAdditionalTest, OU=trustAnchor";
-        v3CertGen.setSerialNumber(BigInteger.valueOf(10));
-        v3CertGen.setIssuerDN(new X509Principal(issuer));
-        v3CertGen.setNotBefore(new Date(System.currentTimeMillis() - 1000L * 60 * 60 * 24 * 30));
-        v3CertGen.setNotAfter(new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 30)));
-        v3CertGen.setSubjectDN(new X509Principal(subject));
-        v3CertGen.setPublicKey(pubKey);
-        v3CertGen.setSignatureAlgorithm("SHA1WithRSAEncryption");
-        X509Certificate cert = v3CertGen.generate(privKey);
-        return cert;
-    }
-    
-    /**
-     * intermediate cert
-     */
-    private X509Certificate createIntmedCert(
-        PublicKey           pubKey,
-        PrivateKey          caPrivKey,
-        PublicKey           caPubKey,
-        CertificatePolicies policies,
-        Hashtable           policyMap)
-        throws Exception
-    {
-        String  issuer  = "C=JP, O=policyMappingAdditionalTest, OU=trustAnchor";
-        String  subject = "C=JP, O=policyMappingAdditionalTest, OU=intmedCA";
-        v3CertGen.reset();
-        v3CertGen.setSerialNumber(BigInteger.valueOf(20));
-        v3CertGen.setIssuerDN(new X509Principal(issuer));
-        v3CertGen.setNotBefore(new Date(System.currentTimeMillis() - 1000L * 60 * 60 * 24 * 30));
-        v3CertGen.setNotAfter(new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 30)));
-        v3CertGen.setSubjectDN(new X509Principal(subject));
-        v3CertGen.setPublicKey(pubKey);
-        v3CertGen.setSignatureAlgorithm("SHA1WithRSAEncryption");
-        v3CertGen.addExtension(X509Extensions.CertificatePolicies, true, policies);
-        v3CertGen.addExtension(X509Extensions.BasicConstraints, true, new BasicConstraints(true));
-        v3CertGen.addExtension(X509Extensions.PolicyMappings, true, new PolicyMappings(policyMap));
-        X509Certificate cert = v3CertGen.generate(caPrivKey);
-        return cert;
-    }
-    
-    /**
-     * endEntity cert
-     */
-    private X509Certificate createEndEntityCert(
-        PublicKey           pubKey,
-        PrivateKey          caPrivKey,
-        PublicKey           caPubKey,
-        ASN1EncodableVector policies)
-        throws Exception
-    {
-        String  issuer  = "C=JP, O=policyMappingAdditionalTest, OU=intMedCA";
-        String  subject = "C=JP, O=policyMappingAdditionalTest, OU=endEntity";
-        v3CertGen.reset();
-        v3CertGen.setSerialNumber(BigInteger.valueOf(20));
-        v3CertGen.setIssuerDN(new X509Principal(issuer));
-        v3CertGen.setNotBefore(new Date(System.currentTimeMillis() - 1000L * 60 * 60 * 24 * 30));
-        v3CertGen.setNotAfter(new Date(System.currentTimeMillis() + (1000L * 60 * 60 * 24 * 30)));
-        v3CertGen.setSubjectDN(new X509Principal(subject));
-        v3CertGen.setPublicKey(pubKey);
-        v3CertGen.setSignatureAlgorithm("SHA1WithRSAEncryption");
-        v3CertGen.addExtension(X509Extensions.CertificatePolicies,true,new DERSequence(policies));
-        X509Certificate cert = v3CertGen.generate(caPrivKey);
-        return cert;
-    }
-    
-    private String testPolicies(
-        int             index,
-        X509Certificate trustCert, 
-        X509Certificate intCert, 
-        X509Certificate endCert,
-        Set             requirePolicies,
-        boolean         okay) 
-        throws IOException, InvalidAlgorithmParameterException, NoSuchAlgorithmException, NoSuchProviderException
-    {
-        Set trust = new HashSet();
-        trust.add(new TrustAnchor(trustCert, null));
-        X509CertSelector targetConstraints = new X509CertSelector();
-        targetConstraints.setSubject(endCert.getSubjectX500Principal().getEncoded());
-        PKIXBuilderParameters params = new PKIXBuilderParameters(trust, targetConstraints);
-        
-        Set certs = new HashSet();
-        certs.add(intCert);
-        certs.add(endCert);
-        CollectionCertStoreParameters pr = new CollectionCertStoreParameters(certs);
-        CertStore store = CertStore.getInstance("Collection",pr);
-        params.addCertStore(store);
-        
-        params.setRevocationEnabled(false);
-        if (requirePolicies != null)
-        {
-            params.setExplicitPolicyRequired(true);
-            params.setInitialPolicies(requirePolicies);
-        }
-        
-        CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX","BC");  
-//      CertPathBuilder cpb = CertPathBuilder.getInstance("PKIX","SUN");  
-        PKIXCertPathBuilderResult result = null;
-        try
-        {
-            result = (PKIXCertPathBuilderResult)cpb.build(params);
-            
-            if (!okay)
-            {
-                fail(index + ": path validated when failure expected.");
-            }
-            
-//            if (result.getPolicyTree() != null)
-//            {
-//                System.out.println("OK");
-//                System.out.println("policy: " + result.getPolicyTree());
-//            }
-//            else
-//            {
-//                System.out.println("OK: policy tree = null");
-//            }
-            
-            return "";
-        }
-        catch (TestFailedException e)
-        {
-            throw e;
-        }
-        catch (Exception e)
-        {
-            if (okay)
-            {
-                fail(index + ": path failed to validate when success expected.");
-            }
-
-            Throwable ee = e.getCause();
-            if (ee != null)
-            {
-                return ee.getMessage();
-            }
-
-            return e.getMessage();
-        }  
-    }
-    
-    public void performTest()
-        throws Exception
-    {   
-        //
-        // personal keys
-        //
-        RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(
-                new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-                new BigInteger("11", 16));
-        
-        RSAPrivateCrtKeySpec privKeySpec = new RSAPrivateCrtKeySpec(
-                new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-                new BigInteger("11", 16),
-                new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
-                new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
-                new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
-                new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
-                new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
-                new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));
-        
-        //
-        // intermediate keys.
-        //
-        RSAPublicKeySpec intPubKeySpec = new RSAPublicKeySpec(
-                new BigInteger("8de0d113c5e736969c8d2b047a243f8fe18edad64cde9e842d3669230ca486f7cfdde1f8eec54d1905fff04acc85e61093e180cadc6cea407f193d44bb0e9449b8dbb49784cd9e36260c39e06a947299978c6ed8300724e887198cfede20f3fbde658fa2bd078be946a392bd349f2b49c486e20c405588e306706c9017308e69", 16),
-                new BigInteger("ffff", 16));
-        
-        
-        RSAPrivateCrtKeySpec intPrivKeySpec = new RSAPrivateCrtKeySpec(
-                new BigInteger("8de0d113c5e736969c8d2b047a243f8fe18edad64cde9e842d3669230ca486f7cfdde1f8eec54d1905fff04acc85e61093e180cadc6cea407f193d44bb0e9449b8dbb49784cd9e36260c39e06a947299978c6ed8300724e887198cfede20f3fbde658fa2bd078be946a392bd349f2b49c486e20c405588e306706c9017308e69", 16),
-                new BigInteger("ffff", 16),
-                new BigInteger("7deb1b194a85bcfd29cf871411468adbc987650903e3bacc8338c449ca7b32efd39ffc33bc84412fcd7df18d23ce9d7c25ea910b1ae9985373e0273b4dca7f2e0db3b7314056ac67fd277f8f89cf2fd73c34c6ca69f9ba477143d2b0e2445548aa0b4a8473095182631da46844c356f5e5c7522eb54b5a33f11d730ead9c0cff", 16),
-                new BigInteger("ef4cede573cea47f83699b814de4302edb60eefe426c52e17bd7870ec7c6b7a24fe55282ebb73775f369157726fcfb988def2b40350bdca9e5b418340288f649", 16),
-                new BigInteger("97c7737d1b9a0088c3c7b528539247fd2a1593e7e01cef18848755be82f4a45aa093276cb0cbf118cb41117540a78f3fc471ba5d69f0042274defc9161265721", 16),
-                new BigInteger("6c641094e24d172728b8da3c2777e69adfd0839085be7e38c7c4a2dd00b1ae969f2ec9d23e7e37090fcd449a40af0ed463fe1c612d6810d6b4f58b7bfa31eb5f", 16),
-                new BigInteger("70b7123e8e69dfa76feb1236d0a686144b00e9232ed52b73847e74ef3af71fb45ccb24261f40d27f98101e230cf27b977a5d5f1f15f6cf48d5cb1da2a3a3b87f", 16),
-                new BigInteger("e38f5750d97e270996a286df2e653fd26c242106436f5bab0f4c7a9e654ce02665d5a281f2c412456f2d1fa26586ef04a9adac9004ca7f913162cb28e13bf40d", 16));
-        
-        //
-        // ca keys
-        //
-        RSAPublicKeySpec caPubKeySpec = new RSAPublicKeySpec(
-                new BigInteger("b259d2d6e627a768c94be36164c2d9fc79d97aab9253140e5bf17751197731d6f7540d2509e7b9ffee0a70a6e26d56e92d2edd7f85aba85600b69089f35f6bdbf3c298e05842535d9f064e6b0391cb7d306e0a2d20c4dfb4e7b49a9640bdea26c10ad69c3f05007ce2513cee44cfe01998e62b6c3637d3fc0391079b26ee36d5", 16),
-                new BigInteger("11", 16));
-        
-        RSAPrivateCrtKeySpec   caPrivKeySpec = new RSAPrivateCrtKeySpec(
-                new BigInteger("b259d2d6e627a768c94be36164c2d9fc79d97aab9253140e5bf17751197731d6f7540d2509e7b9ffee0a70a6e26d56e92d2edd7f85aba85600b69089f35f6bdbf3c298e05842535d9f064e6b0391cb7d306e0a2d20c4dfb4e7b49a9640bdea26c10ad69c3f05007ce2513cee44cfe01998e62b6c3637d3fc0391079b26ee36d5", 16),
-                new BigInteger("11", 16),
-                new BigInteger("92e08f83cc9920746989ca5034dcb384a094fb9c5a6288fcc4304424ab8f56388f72652d8fafc65a4b9020896f2cde297080f2a540e7b7ce5af0b3446e1258d1dd7f245cf54124b4c6e17da21b90a0ebd22605e6f45c9f136d7a13eaac1c0f7487de8bd6d924972408ebb58af71e76fd7b012a8d0e165f3ae2e5077a8648e619", 16),
-                new BigInteger("f75e80839b9b9379f1cf1128f321639757dba514642c206bbbd99f9a4846208b3e93fbbe5e0527cc59b1d4b929d9555853004c7c8b30ee6a213c3d1bb7415d03", 16),
-                new BigInteger("b892d9ebdbfc37e397256dd8a5d3123534d1f03726284743ddc6be3a709edb696fc40c7d902ed804c6eee730eee3d5b20bf6bd8d87a296813c87d3b3cc9d7947", 16),
-                new BigInteger("1d1a2d3ca8e52068b3094d501c9a842fec37f54db16e9a67070a8b3f53cc03d4257ad252a1a640eadd603724d7bf3737914b544ae332eedf4f34436cac25ceb5", 16),
-                new BigInteger("6c929e4e81672fef49d9c825163fec97c4b7ba7acb26c0824638ac22605d7201c94625770984f78a56e6e25904fe7db407099cad9b14588841b94f5ab498dded", 16),
-                new BigInteger("dae7651ee69ad1d081ec5e7188ae126f6004ff39556bde90e0b870962fa7b926d070686d8244fe5a9aa709a95686a104614834b0ada4b10f53197a5cb4c97339", 16));
-        
-        //
-        // set up the keys
-        //
-        KeyFactory          fact = KeyFactory.getInstance("RSA", "BC");
-        PrivateKey          caPrivKey  = fact.generatePrivate(caPrivKeySpec);
-        PublicKey           caPubKey   = fact.generatePublic(caPubKeySpec);
-        PrivateKey          intPrivKey = fact.generatePrivate(intPrivKeySpec);
-        PublicKey           intPubKey  = fact.generatePublic(intPubKeySpec);
-        PrivateKey          privKey    = fact.generatePrivate(privKeySpec);
-        PublicKey           pubKey     = fact.generatePublic(pubKeySpec);
-        
-        X509Certificate     trustCert       = createTrustCert(caPubKey, caPrivKey);
-        CertificatePolicies intPolicies     = null;
-        Hashtable           map             = null;
-        ASN1EncodableVector policies        = null;
-        Set                 requirePolicies = null;
-        X509Certificate     intCert         = null;
-        X509Certificate     endCert         = null;
-        
-        /**
-         * valid test_00
-         */
-        intPolicies = new CertificatePolicies(new PolicyInformation(new ASN1ObjectIdentifier("2.5.29.32.0")));
-        map = new Hashtable();
-        map.put("2.16.840.1.101.3.2.1.48.1","2.16.840.1.101.3.2.1.48.2");
-        intCert = createIntmedCert(intPubKey, caPrivKey, caPubKey, intPolicies, map);
-
-        if (!"CertificatePolicies: [Policy information: 2.5.29.32.0]".equals(intPolicies.toString()))
-        {
-            fail("1st toString() test");
-        }
-
-        policies   = new ASN1EncodableVector();
-        policies.add(new PolicyInformation(new ASN1ObjectIdentifier("2.16.840.1.101.3.2.1.48.2")));
-        endCert = createEndEntityCert(pubKey, intPrivKey, intPubKey, policies);
-        
-        requirePolicies = null;
-        String msg = testPolicies(0, trustCert, intCert, endCert, requirePolicies, true);
-        checkMessage(0, msg, "");
-        
-        /**
-         * test_01
-         */
-        intPolicies = new CertificatePolicies(new PolicyInformation(new ASN1ObjectIdentifier("2.5.29.32.0")));
-        map = new Hashtable();
-        map.put("2.16.840.1.101.3.2.1.48.1","2.16.840.1.101.3.2.1.48.2");
-        intCert = createIntmedCert(intPubKey, caPrivKey, caPubKey, intPolicies, map);
-        
-        policies   = new ASN1EncodableVector();
-        policies.add(new PolicyInformation(new ASN1ObjectIdentifier("2.16.840.1.101.3.2.1.48.2")));
-        endCert = createEndEntityCert(pubKey, intPrivKey, intPubKey, policies);
-        
-        requirePolicies = new HashSet();
-        requirePolicies.add("2.16.840.1.101.3.2.1.48.1");
-        msg = testPolicies(1, trustCert, intCert, endCert, requirePolicies, true);
-        checkMessage(1, msg, "");
-        
-        /**
-         * test_02
-         */
-        intPolicies = new CertificatePolicies(new PolicyInformation(new ASN1ObjectIdentifier("2.5.29.32.0")));
-        map = new Hashtable();
-        map.put("2.16.840.1.101.3.2.1.48.1","2.16.840.1.101.3.2.1.48.2");
-        intCert = createIntmedCert(intPubKey, caPrivKey, caPubKey, intPolicies, map);
-        
-        policies   = new ASN1EncodableVector();
-        policies.add(new PolicyInformation(new ASN1ObjectIdentifier("2.16.840.1.101.3.2.1.48.2")));
-        endCert = createEndEntityCert(pubKey, intPrivKey, intPubKey, policies);
-        
-        requirePolicies = new HashSet();
-        requirePolicies.add("2.5.29.32.0");
-        msg = testPolicies(2, trustCert, intCert, endCert, requirePolicies, true);
-        checkMessage(2, msg, "");
-   
-        /**
-         * test_03
-         */
-        intPolicies = new CertificatePolicies(new PolicyInformation[]
-            { new PolicyInformation(new ASN1ObjectIdentifier("2.16.840.1.101.3.2.1.48.3")),
-              new PolicyInformation(new ASN1ObjectIdentifier("2.5.29.32.0")) });
-
-        if (!"CertificatePolicies: [Policy information: 2.16.840.1.101.3.2.1.48.3, Policy information: 2.5.29.32.0]".equals(intPolicies.toString()))
-        {
-            fail("2nd toString() test");
-        }
-
-        map = new Hashtable();
-        map.put("2.16.840.1.101.3.2.1.48.1","2.16.840.1.101.3.2.1.48.2");
-        intCert = createIntmedCert(intPubKey, caPrivKey, caPubKey, intPolicies, map);
-        
-        policies   = new ASN1EncodableVector();
-        policies.add(new PolicyInformation(new ASN1ObjectIdentifier("2.16.840.1.101.3.2.1.48.2")));
-        endCert = createEndEntityCert(pubKey, intPrivKey, intPubKey, policies);
-        
-        requirePolicies = new HashSet();
-        requirePolicies.add("2.16.840.1.101.3.2.1.48.1");
-        msg = testPolicies(3, trustCert, intCert, endCert, requirePolicies, true);
-        checkMessage(3, msg, "");
-        
-        /**
-         * test_04
-         */
-        intPolicies = new CertificatePolicies(new PolicyInformation[]
-            { new PolicyInformation(new ASN1ObjectIdentifier("2.16.840.1.101.3.2.1.48.3")),
-              new PolicyInformation(new ASN1ObjectIdentifier("2.5.29.32.0")) } );
-        map = new Hashtable();
-        map.put("2.16.840.1.101.3.2.1.48.1", "2.16.840.1.101.3.2.1.48.2");
-        intCert = createIntmedCert(intPubKey, caPrivKey, caPubKey, intPolicies, map);
-        
-        policies   = new ASN1EncodableVector();
-        policies.add(new PolicyInformation(new ASN1ObjectIdentifier("2.16.840.1.101.3.2.1.48.3")));
-        endCert = createEndEntityCert(pubKey, intPrivKey, intPubKey, policies);
-        
-        requirePolicies = new HashSet();
-        requirePolicies.add("2.16.840.1.101.3.2.1.48.3");
-        msg = testPolicies(4, trustCert, intCert, endCert, requirePolicies, true);
-        checkMessage(4, msg, "");
-        
-        /**
-         * test_05
-         */
-        intPolicies = new CertificatePolicies(new PolicyInformation(new ASN1ObjectIdentifier("2.5.29.32.0")));
-        map = new Hashtable();
-        map.put("2.16.840.1.101.3.2.1.48.1", "2.16.840.1.101.3.2.1.48.2");
-        intCert = createIntmedCert(intPubKey, caPrivKey, caPubKey, intPolicies, map);
-        
-        policies   = new ASN1EncodableVector();
-        policies.add(new PolicyInformation(new ASN1ObjectIdentifier("2.16.840.1.101.3.2.1.48.2")));
-        endCert = createEndEntityCert(pubKey, intPrivKey, intPubKey, policies);
-        
-        requirePolicies = new HashSet();
-        requirePolicies.add("2.16.840.1.101.3.2.1.48.2");
-        msg = testPolicies(5, trustCert, intCert, endCert, requirePolicies, false);
-        checkMessage(5, msg, "Path processing failed on policy.");
-        
-        /**
-         * test_06
-         */
-        intPolicies = new CertificatePolicies(new PolicyInformation(new ASN1ObjectIdentifier("2.5.29.32.0")));
-        map = new Hashtable();
-        map.put("2.16.840.1.101.3.2.1.48.1", "2.16.840.1.101.3.2.1.48.2");
-        intCert = createIntmedCert(intPubKey, caPrivKey, caPubKey, intPolicies, map);
-        
-        policies   = new ASN1EncodableVector();
-        policies.add(new PolicyInformation(new ASN1ObjectIdentifier("2.16.840.1.101.3.2.1.48.1")));
-        endCert = createEndEntityCert(pubKey, intPrivKey, intPubKey, policies);
-        
-        requirePolicies = new HashSet();
-        requirePolicies.add("2.16.840.1.101.3.2.1.48.1");
-        msg = testPolicies(6, trustCert, intCert, endCert, requirePolicies, true);
-        checkMessage(6, msg, "");
-        
-        /**
-         * test_07
-         */
-        intPolicies = new CertificatePolicies(new PolicyInformation(new ASN1ObjectIdentifier("2.5.29.32.0")));
-        map = new Hashtable();
-        map.put("2.16.840.1.101.3.2.1.48.1", "2.16.840.1.101.3.2.1.48.2");
-        intCert = createIntmedCert(intPubKey, caPrivKey, caPubKey, intPolicies, map);
-        
-        policies   = new ASN1EncodableVector();
-        policies.add(new PolicyInformation(new ASN1ObjectIdentifier("2.16.840.1.101.3.2.1.48.2")));
-        endCert = createEndEntityCert(pubKey, intPrivKey, intPubKey, policies);
-        
-        requirePolicies = new HashSet();
-        requirePolicies.add("2.16.840.1.101.3.2.1.48.3");
-        msg = testPolicies(7, trustCert, intCert, endCert, requirePolicies, false);
-        checkMessage(7, msg, "Path processing failed on policy.");
-        
-        /**
-         * test_08
-         */
-        intPolicies = new CertificatePolicies(new PolicyInformation(new ASN1ObjectIdentifier("2.5.29.32.0")));
-        map = new Hashtable();
-        map.put("2.16.840.1.101.3.2.1.48.1", "2.16.840.1.101.3.2.1.48.2");
-        intCert = createIntmedCert(intPubKey, caPrivKey, caPubKey, intPolicies, map);
-        
-        policies   = new ASN1EncodableVector();
-        policies.add(new PolicyInformation(new ASN1ObjectIdentifier("2.16.840.1.101.3.2.1.48.3")));
-        endCert = createEndEntityCert(pubKey, intPrivKey, intPubKey, policies);
-        
-        requirePolicies = new HashSet();
-        requirePolicies.add("2.16.840.1.101.3.2.1.48.1");
-        msg = testPolicies(8, trustCert, intCert, endCert, requirePolicies, false);
-        checkMessage(8, msg, "Path processing failed on policy.");
-    }
-    
-
-    private void checkMessage(
-        int index, 
-        String msg, 
-        String expected)
-    {
-        if (!msg.equals(expected))
-        {
-            fail("test " + index + " failed got: " + msg + " expected: " + expected);
-        } 
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new PKIXPolicyMappingTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/PKIXTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/PKIXTest.java
deleted file mode 100644
index 99d21b0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/PKIXTest.java
+++ /dev/null

@@ -1,248 +0,0 @@
-
-package org.bouncycastle.jce.provider.test;
- 
-import java.io.ByteArrayInputStream;
-import java.security.Security;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509CRL;
-import java.security.cert.X509Certificate;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-public class PKIXTest
-    implements Test
-{
-    /*
-     * The following certs and crls are described in:
-     * http://www.ietf.org/internet-drafts/draft-ietf-pkix-new-part1-08.txt
-     *
-     *   This section contains four examples: three certificates and a CRL.
-     *   The first two certificates and the CRL comprise a minimal
-     *   certification path.
-     *
-     *   Section C.1 contains an annotated hex dump of a "self-signed"
-     *   certificate issued by a CA whose distinguished name is
-     *   cn=us,o=gov,ou=nist.  The certificate contains a DSA public key with
-     *   parameters, and is signed by the corresponding DSA private key.
-     *
-     *   Section C.2 contains an annotated hex dump of an end entity
-     *   certificate.  The end entity certificate contains a DSA public key,
-     *   and is signed by the private key corresponding to the "self-signed"
-     *   certificate in section C.1.
-     *
-     *   Section C.3 contains a dump of an end entity certificate which
-     *   contains an RSA public key and is signed with RSA and MD5.  This
-     *   certificate is not part of the minimal certification path.
-     *
-     *   Section C.4 contains an annotated hex dump of a CRL.  The CRL is
-     *   issued by the CA whose distinguished name is cn=us,o=gov,ou=nist and
-     *   the list of revoked certificates includes the end entity certificate
-     *   presented in C.2.
-     */
-
-    /**
-     * C.1  Certificate
-     * 
-        * This section contains an annotated hex dump of a 699 byte version 3
-        * certificate.  The certificate contains the following information:
-        * (a)  the serial number is 23 (17 hex);
-        * (b)  the certificate is signed with DSA and the SHA-1 hash algorithm;
-        * (c)  the issuer's distinguished name is OU=NIST; O=gov; C=US
-        * (d)  and the subject's distinguished name is OU=NIST; O=gov; C=US
-        * (e)  the certificate was issued on June 30, 1997 and will expire on
-        * December 31, 1997;
-        * (f)  the certificate contains a 1024 bit DSA public key with
-        * parameters;
-        * (g)  the certificate contains a subject key identifier extension
-        * generated using method (1) of section 4.2.1.2; and
-        * (h)  the certificate is a CA certificate (as indicated through the
-        * basic constraints extension.)
-     */
-    static byte[] rootCertBin = Hex.decode(
-        "308202bb3082027ba003020102020111300906072a8648ce380403302a310b30"
-        + "09060355040613025553310c300a060355040a1303676f76310d300b06035504"
-        + "0b13044e495354301e170d3937303633303030303030305a170d393731323331"
-        + "3030303030305a302a310b3009060355040613025553310c300a060355040a13"
-        + "03676f76310d300b060355040b13044e495354308201b83082012c06072a8648"
-        + "ce3804013082011f02818100b68b0f942b9acea525c6f2edfcfb9532ac011233"
-        + "b9e01cad909bbc48549ef394773c2c713555e6fe4f22cbd5d83e8993334dfcbd"
-        + "4f41643ea29870ec31b450deebf198280ac93e44b3fd22979683d018a3e3bd35"
-        + "5bffeea321726a7b96dab93f1e5a90af24d620f00d21a7d402b91afcac21fb9e"
-        + "949e4b42459e6ab24863fe43021500b20db0b101df0c6624fc1392ba55f77d57"
-        + "7481e5028181009abf46b1f53f443dc9a565fb91c08e47f10ac30147c2444236"
-        + "a99281de57c5e0688658007b1ff99b77a1c510a580917851513cf6fcfccc46c6"
-        + "817892843df4933d0c387e1a5b994eab1464f60c21224e28089c92b9669f40e8"
-        + "95f6d5312aef39a262c7b26d9e58c43aa81181846daff8b419b4c211aed0223b"
-        + "aa207fee1e57180381850002818100b59e1f490447d1dbf53addca0475e8dd75"
-        + "f69b8ab197d6596982d3034dfd3b365f4af2d14ec107f5d12ad378776356ea96"
-        + "614d420b7a1dfbab91a4cedeef77c8e5ef20aea62848afbe69c36aa530f2c2b9"
-        + "d9822b7dd9c4841fde0de854d71b992eb3d088f6d6639ba7e20e82d43b8a681b"
-        + "065631590b49eb99a5d581417bc955a3323030301d0603551d0e0416041486ca"
-        + "a5228162efad0a89bcad72412c2949f48656300f0603551d130101ff04053003"
-        + "0101ff300906072a8648ce380403032f00302c0214431bcf292545c04e52e77d"
-        + "d6fcb1664c83cf2d7702140b5b9a241198e8f3869004f608a9e18da5cc3ad4");
-
-
-    /**
-     * C.2  Certificate
-     * 
-        * This section contains an annotated hex dump of a 730 byte version 3
-        * certificate.  The certificate contains the following information:
-        * (a the serial number is 18 (12 hex);
-        * (b)  the certificate is signed with DSA and the SHA-1 hash algorithm;
-        * (c)  the issuer's distinguished name is OU=nist; O=gov; C=US
-        * (d)  and the subject's distinguished name is CN=Tim Polk; OU=nist;
-        * O=gov; C=US
-        * (e)  the certificate was valid from July 30, 1997 through December 1,
-        * 1997;
-        * (f)  the certificate contains a 1024 bit DSA public key;
-        * (g)  the certificate is an end entity certificate, as the basic
-        * constraints extension is not present;
-        * (h)  the certificate contains an authority key identifier extension
-        * matching the subject key identifier of the certificate in Appendix
-        * C.1; and
-        * (i)  the certificate includes one alternative name - an RFC 822
-        * address of "wpolk@nist.gov".
-     */
-    static byte[] userCert1Bin = Hex.decode(
-        "308202da30820299a003020102020112300906072a8648ce380403302a310b30"
-        + "09060355040613025553310c300a060355040a1303676f76310d300b06035504"
-        + "0b13044e495354301e170d3937303733303030303030305a170d393731323031"
-        + "3030303030305a303d310b3009060355040613025553310c300a060355040a13"
-        + "03676f76310d300b060355040b13044e4953543111300f060355040313085469"
-        + "6d20506f6c6b308201b73082012c06072a8648ce3804013082011f02818100b6"
-        + "8b0f942b9acea525c6f2edfcfb9532ac011233b9e01cad909bbc48549ef39477"
-        + "3c2c713555e6fe4f22cbd5d83e8993334dfcbd4f41643ea29870ec31b450deeb"
-        + "f198280ac93e44b3fd22979683d018a3e3bd355bffeea321726a7b96dab93f1e"
-        + "5a90af24d620f00d21a7d402b91afcac21fb9e949e4b42459e6ab24863fe4302"
-        + "1500b20db0b101df0c6624fc1392ba55f77d577481e5028181009abf46b1f53f"
-        + "443dc9a565fb91c08e47f10ac30147c2444236a99281de57c5e0688658007b1f"
-        + "f99b77a1c510a580917851513cf6fcfccc46c6817892843df4933d0c387e1a5b"
-        + "994eab1464f60c21224e28089c92b9669f40e895f6d5312aef39a262c7b26d9e"
-        + "58c43aa81181846daff8b419b4c211aed0223baa207fee1e5718038184000281"
-        + "8030b675f77c2031ae38bb7e0d2baba09c4bdf20d524133ccd98e55f6cb7c1ba"
-        + "4abaa9958053f00d72dc3337f4010bf5041f9d2e1f62d8843a9b25095a2dc846"
-        + "8e2bd4f50d3bc72dc66cb998c1253a444e8eca9561357cce15315c23131ea205"
-        + "d17a241ccbd3720990ff9b9d28c0a10aec469f0db8d0dcd018a62b5ef98fb595"
-        + "bea33e303c30190603551d1104123010810e77706f6c6b406e6973742e676f76"
-        + "301f0603551d2304183016801486caa5228162efad0a89bcad72412c2949f486"
-        + "56300906072a8648ce380403033000302d02143697cbe3b42ce1bb61a9d3cc24"
-        + "cc22929ff4f587021500abc979afd2161ca9e368a91410b4a02eff225a73");
-
-
-    /**
-     * C.3  End Entity Certificate Using RSA
-     * 
-        * This section contains an annotated hex dump of a 654 byte version 3
-        * certificate.  The certificate contains the following information:
-        * (a)  the serial number is 256;
-        * (b)  the certificate is signed with RSA and the SHA-1 hash algorithm;
-        * (c)  the issuer's distinguished name is OU=NIST; O=gov; C=US
-        * (d)  and the subject's distinguished name is CN=Tim Polk; OU=NIST;
-        * O=gov; C=US
-        * (e)  the certificate was issued on May 21, 1996 at 09:58:26 and
-        * expired on May 21, 1997 at 09:58:26;
-        * (f)  the certificate contains a 1024 bit RSA public key;
-        * (g)  the certificate is an end entity certificate (not a CA
-        * certificate);
-        * (h)  the certificate includes an alternative subject name of
-     *    "<http://www.itl.nist.gov/div893/staff/polk/index.html>" and an
-        * alternative issuer name of "<http://www.nist.gov/>" - both are URLs;
-        * (i)  the certificate include an authority key identifier extension
-        * and a certificate policies extension psecifying the policy OID
-        * 2.16.840.1.101.3.2.1.48.9; and
-        * (j)  the certificate includes a critical key usage extension
-        * specifying that the public key is intended for verification of
-        * digital signatures.
-     */
-    static byte[] userCert2Bin = Hex.decode(
-        "3082028e308201f7a00302010202020100300d06092a864886f70d0101050500"
-        + "302a310b3009060355040613025553310c300a060355040b1303676f76310d30"
-        + "0b060355040a13044e495354301e170d3936303532313039353832365a170d39"
-        + "37303532313039353832365a303d310b3009060355040613025553310c300a06"
-        + "0355040b1303676f76310d300b060355040a13044e4953543111300f06035504"
-        + "03130854696d20506f6c6b30819f300d06092a864886f70d010101050003818d"
-        + "0030818902818100e16ae4033097023cf410f3b51e4d7f147bf6f5d078e9a48a"
-        + "f0a375ecedb656967f8899859af23e687787eb9ed19fc0b417dcab8923a41d7e"
-        + "16234c4fa84df531b87caae31a4909f44b26db2767308212014ae91ab6c10c53"
-        + "8b6cfc2f7a43ec33367e32b27bd5aacf0114c612ec13f22d147a8b215814134c"
-        + "46a39af21695ff230203010001a381af3081ac303f0603551d11043830368634"
-        + "687474703a2f2f7777772e69746c2e6e6973742e676f762f6469763839332f73"
-        + "746166662f706f6c6b2f696e6465782e68746d6c301f0603551d120418301686"
-        + "14687474703a2f2f7777772e6e6973742e676f762f301f0603551d2304183016"
-        + "80140868af8533c8394a7af882938e706a4a20842c3230170603551d20041030"
-        + "0e300c060a60864801650302013009300e0603551d0f0101ff04040302078030"
-        + "0d06092a864886f70d0101050500038181008e8e3656788bbfa13975172ee310"
-        + "dc832b6834521cf66c1d525e5420105e4ca940f94b729e82b961dceb32a5bdb1"
-        + "b148f99b01bbebaf9b83f6528cb06d7cd09a39543e6d206fcdd0debe275f204f"
-        + "b6ab0df5b7e1bab4dfdf3dd4f6ed01fb6ecb9859ac41fb489c1ff65b46e029e2"
-        + "76ecc43a0afc92c5c0d2a9c9d32952876533");
-
-    /**
-     * This section contains an annotated hex dump of a version 2 CRL with
-     * one extension (cRLNumber). The CRL was issued by OU=NIST; O=gov; C=US
-     * on August 7, 1997; the next scheduled issuance was September 7, 1997.
-     * The CRL includes one revoked certificates: serial number 18 (12 hex),
-     * which was revoked on July 31, 1997 due to keyCompromise.  The CRL
-     * itself is number 18, and it was signed with DSA and SHA-1.
-     */
-    static byte[] crlBin = Hex.decode(
-        "3081cb30818c020101300906072a8648ce380403302a310b3009060355040613025553310c300a060355040a1303676f76310d300b060355040b13044e495354170d3937303830373030303030305a170d3937303930373030303030305a30223020020112170d3937303733313030303030305a300c300a0603551d1504030a0101a00e300c300a0603551d14040302010c300906072a8648ce380403032f00302c0214224e9f43ba950634f2bb5e65dba68005c03a29470214591a57c982d7022114c3d40b321b9616b11f465a");
-
-
-    public TestResult perform()
-    {
-        try
-        {
-            CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
-
-            X509Certificate rootCert = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(rootCertBin));
-            X509Certificate userCert1 = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(userCert1Bin));
-            X509Certificate userCert2 = (X509Certificate)cf.generateCertificate(new ByteArrayInputStream(userCert2Bin));
-            X509CRL crl = (X509CRL)cf.generateCRL(new ByteArrayInputStream(crlBin));
-            rootCert.verify(rootCert.getPublicKey(), "BC");
-            userCert1.verify(rootCert.getPublicKey(), "BC");
-
-            crl.verify(rootCert.getPublicKey(), "BC");
-
-            if (!crl.isRevoked(userCert1))
-            {
-                return new SimpleTestResult(false, this.getName() + ": usercert1 not revoked.");
-            }
-
-            if (crl.isRevoked(userCert2))
-            {
-                return new SimpleTestResult(false, this.getName() + ": usercert2 revoked.");
-            }
-
-        }
-        catch (Exception e)
-        {
-            return new SimpleTestResult(false, this.getName() + ": exception - " + e.toString());
-        }
-
-        return new SimpleTestResult(true, this.getName() + ": Okay");
-    }
-
-    public String getName()
-    {
-        return "PKIX";
-    }
-
-    public static void main(
-        String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        Test            test = new PKIXTest();
-        TestResult        result = test.perform();
-
-        System.out.println(result.toString());
-    }
-
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/PSSTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/PSSTest.java
deleted file mode 100644
index 3618593..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/PSSTest.java
+++ /dev/null

@@ -1,346 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.math.BigInteger;
-import java.security.AlgorithmParameters;
-import java.security.KeyFactory;
-import java.security.MessageDigest;
-import java.security.PrivateKey;
-import java.security.ProviderException;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.Signature;
-import java.security.spec.MGF1ParameterSpec;
-import java.security.spec.PSSParameterSpec;
-import java.security.spec.RSAPrivateCrtKeySpec;
-import java.security.spec.RSAPublicKeySpec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestRandomData;
-
-public class PSSTest
-    extends SimpleTest
-{
-    private class FixedRandom
-        extends SecureRandom
-    {
-        byte[]  vals;
-
-        FixedRandom(
-            byte[]  vals)
-        {
-            this.vals = vals;
-        }
-
-        public void nextBytes(
-            byte[]  bytes)
-        {
-            System.arraycopy(vals, 0, bytes, 0, vals.length);
-        }
-    }
-
-    private boolean arrayEquals(
-        byte[]  a,
-        byte[]  b)
-    {
-        if (a.length != b.length)
-        {
-            return false;
-        }
-
-        for (int i = 0; i != a.length; i++)
-        {
-            if (a[i] != b[i])
-            {
-                return false;
-            }
-        }
-
-        return true;
-    }
-
-
-    private RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(
-        new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
-        new BigInteger("010001",16));
-
-    private RSAPrivateCrtKeySpec privKeySpec = new RSAPrivateCrtKeySpec(
-        new BigInteger("a56e4a0e701017589a5187dc7ea841d156f2ec0e36ad52a44dfeb1e61f7ad991d8c51056ffedb162b4c0f283a12a88a394dff526ab7291cbb307ceabfce0b1dfd5cd9508096d5b2b8b6df5d671ef6377c0921cb23c270a70e2598e6ff89d19f105acc2d3f0cb35f29280e1386b6f64c4ef22e1e1f20d0ce8cffb2249bd9a2137",16),
-        new BigInteger("010001",16),
-        new BigInteger("33a5042a90b27d4f5451ca9bbbd0b44771a101af884340aef9885f2a4bbe92e894a724ac3c568c8f97853ad07c0266c8c6a3ca0929f1e8f11231884429fc4d9ae55fee896a10ce707c3ed7e734e44727a39574501a532683109c2abacaba283c31b4bd2f53c3ee37e352cee34f9e503bd80c0622ad79c6dcee883547c6a3b325",16),
-        new BigInteger("e7e8942720a877517273a356053ea2a1bc0c94aa72d55c6e86296b2dfc967948c0a72cbccca7eacb35706e09a1df55a1535bd9b3cc34160b3b6dcd3eda8e6443",16),
-        new BigInteger("b69dca1cf7d4d7ec81e75b90fcca874abcde123fd2700180aa90479b6e48de8d67ed24f9f19d85ba275874f542cd20dc723e6963364a1f9425452b269a6799fd",16),
-        new BigInteger("28fa13938655be1f8a159cbaca5a72ea190c30089e19cd274a556f36c4f6e19f554b34c077790427bbdd8dd3ede2448328f385d81b30e8e43b2fffa027861979",16),
-        new BigInteger("1a8b38f398fa712049898d7fb79ee0a77668791299cdfa09efc0e507acb21ed74301ef5bfd48be455eaeb6e1678255827580a8e4e8e14151d1510a82a3f2e729",16),
-        new BigInteger("27156aba4126d24a81f3a528cbfb27f56886f840a9f6e86e17a44b94fe9319584b8e22fdde1e5a2e3bd8aa5ba8d8584194eb2190acf832b847f13a3d24a79f4d",16));
-
-    // PSSExample1.1
-
-    private byte[] msg1a = Hex.decode("cdc87da223d786df3b45e0bbbc721326d1ee2af806cc315475cc6f0d9c66e1b62371d45ce2392e1ac92844c310102f156a0d8d52c1f4c40ba3aa65095786cb769757a6563ba958fed0bcc984e8b517a3d5f515b23b8a41e74aa867693f90dfb061a6e86dfaaee64472c00e5f20945729cbebe77f06ce78e08f4098fba41f9d6193c0317e8b60d4b6084acb42d29e3808a3bc372d85e331170fcbf7cc72d0b71c296648b3a4d10f416295d0807aa625cab2744fd9ea8fd223c42537029828bd16be02546f130fd2e33b936d2676e08aed1b73318b750a0167d0");
-
-    private byte[] slt1a = Hex.decode("dee959c7e06411361420ff80185ed57f3e6776af");
-
-    private byte[] sig1a = Hex.decode("9074308fb598e9701b2294388e52f971faac2b60a5145af185df5287b5ed2887e57ce7fd44dc8634e407c8e0e4360bc226f3ec227f9d9e54638e8d31f5051215df6ebb9c2f9579aa77598a38f914b5b9c1bd83c4e2f9f382a0d0aa3542ffee65984a601bc69eb28deb27dca12c82c2d4c3f66cd500f1ff2b994d8a4e30cbb33c");
-
-    private byte[] sig1b = Hex.decode("96ea348db4db2947aee807bd687411a880913706f21b383a1002b97e43656e5450a9d1812efbedd1ed159f8307986adf48bada66a8efd14bd9e2f6f6f458e73b50c8ce6e3079011c5b4bd1600a2601a66198a1582574a43f13e0966c6c2337e6ca0886cd9e1b1037aeadef1382117d22b35e7e4403f90531c8cfccdf223f98e4");
-
-    private byte[] sig1c = Hex.decode("9e64cc1062c537b142480bc5af407b55904ead970e20e0f8f6664279c96c6da6b03522160f224a85cc413dfe6bd00621485b665abac6d90ff38c9af06f4ddd6c7c81540439e5795601a1343d9feb465712ff8a5f5150391522fb5a9b8e2225a555f4efaa5e5c0ed7a19b27074c2d9f6dbbd0c893ba02c4a35b115d337bccd7a2");
-    
-    public void performTest() throws Exception
-    {
-        KeyFactory fact = KeyFactory.getInstance("RSA", "BC");
-
-        PrivateKey  privKey = fact.generatePrivate(privKeySpec);
-        PublicKey   pubKey = fact.generatePublic(pubKeySpec);
-
-        Signature s = Signature.getInstance("SHA1withRSA/PSS", "BC");
-
-        s.initSign(privKey, new FixedRandom(slt1a));
-        s.update(msg1a);
-        byte[] sig = s.sign();
-
-        if (!arrayEquals(sig1a, sig))
-        {
-           fail("PSS Sign test expected " + new String(Hex.encode(sig1a)) + " got " + new String(Hex.encode(sig)));
-        }
-
-        s = Signature.getInstance("SHA1withRSAandMGF1", "BC");
-        
-        s.initVerify(pubKey);
-        s.update(msg1a);
-        if (!s.verify(sig1a))
-        {
-            fail("SHA1 signature verification failed");
-        }
-
-        s = Signature.getInstance("SHA1withRSAandMGF1", "BC");
-        
-        s.setParameter(PSSParameterSpec.DEFAULT);
-        
-        s.initVerify(pubKey);
-        s.update(msg1a);
-        if (!s.verify(sig1a))
-        {
-            fail("SHA1 signature verification with default parameters failed");
-        }
-        
-        AlgorithmParameters pss = s.getParameters();
-        if (!arrayEquals(pss.getEncoded(), new byte[] { 0x30, 0x00 }))
-        {
-            fail("failed default encoding test.");
-        }
-        
-        s = Signature.getInstance("SHA256withRSA/PSS", "BC");
-
-        s.initSign(privKey, new FixedRandom(slt1a));
-        s.update(msg1a);
-        sig = s.sign();
-
-        pss = s.getParameters();
-        
-        if (!arrayEquals(sig1b, sig))
-        {
-            fail("PSS Sign test expected " + new String(Hex.encode(sig1b)) + " got " + new String(Hex.encode(sig)));
-        }
-
-        AlgorithmParameters pParams = AlgorithmParameters.getInstance("PSS", "BC");
-
-        pParams.init(pss.getEncoded());
-
-        PSSParameterSpec spec = (PSSParameterSpec)pParams.getParameterSpec(PSSParameterSpec.class);
-
-        isTrue("Digest mismatch", "SHA-256".equals(spec.getDigestAlgorithm()));
-        isTrue("MGF alg mismatch", PSSParameterSpec.DEFAULT.getMGFAlgorithm().equals(spec.getMGFAlgorithm()));
-        isTrue("MGF Digest mismatch", "SHA-256".equals(((MGF1ParameterSpec)spec.getMGFParameters()).getDigestAlgorithm()));
-
-        s = Signature.getInstance("SHA256withRSAandMGF1", "BC");
-        
-        s.setParameter(pss.getParameterSpec(PSSParameterSpec.class));
-        
-        s.initVerify(pubKey);
-        s.update(msg1a);
-        if (!s.verify(sig1b))
-        {
-            fail("SHA256 signature verification failed");
-        }
-
-        // set parameter after sig intialisation
-        s = Signature.getInstance("RSAPSS", "BC");
-
-        s.initVerify(pubKey);
-
-        s.setParameter(pss.getParameterSpec(PSSParameterSpec.class));
-
-        s.update(msg1a);
-        if (!s.verify(sig1b))
-        {
-            fail("SHA256 signature verification failed");
-        }
-
-        s = Signature.getInstance("RSASSA-PSS", "BC");
-
-        s.initSign(privKey);
-
-        s.setParameter(pss.getParameterSpec(PSSParameterSpec.class));
-
-        s.update(msg1a);
-
-        sig = s.sign();
-
-        s.initVerify(pubKey);
-
-        s.update(msg1a);
-
-        if (!s.verify(sig))
-        {
-            fail("SHA256 signature verification failed (setParameter)");
-        }
-
-        s = Signature.getInstance("RSASSA-PSS", "BC");
-
-        s.initSign(privKey);
-
-        s.setParameter(pss.getParameterSpec(PSSParameterSpec.class));
-
-        s.update(msg1a);
-
-        try
-        {
-            s.setParameter(pss.getParameterSpec(PSSParameterSpec.class));
-            fail("no exception - setParameter byte[]");
-        }
-        catch (ProviderException e)
-        {
-            isEquals("cannot call setParameter in the middle of update", e.getMessage());
-        }
-
-        s.initSign(privKey);
-        
-        s.update(msg1a[0]);
-
-        try
-        {
-            s.setParameter(pss.getParameterSpec(PSSParameterSpec.class));
-            fail("no exception - setParameter byte");
-        }
-        catch (ProviderException e)
-        {
-            isEquals("cannot call setParameter in the middle of update", e.getMessage());
-        }
-
-        //
-        // 512 test -with zero salt length
-        //
-        s = Signature.getInstance("SHA512withRSAandMGF1", "BC");
-        
-        s.setParameter(new PSSParameterSpec("SHA-512", "MGF1", new MGF1ParameterSpec("SHA-512"), 0, 1));
-        s.initSign(privKey);
-
-        s.update(msg1a);
-        sig = s.sign();
-
-        pss = s.getParameters();
-        
-        if (!arrayEquals(sig1c, sig))
-        {
-            fail("PSS Sign test expected " + new String(Hex.encode(sig1c)) + " got " + new String(Hex.encode(sig)));
-        }
-
-        pParams = AlgorithmParameters.getInstance("PSS", "BC");
-
-        pParams.init(pss.getEncoded());
-
-        spec = (PSSParameterSpec)pParams.getParameterSpec(PSSParameterSpec.class);
-
-        isTrue("Digest mismatch", "SHA-512".equals(spec.getDigestAlgorithm()));
-        isTrue("MGF alg mismatch", PSSParameterSpec.DEFAULT.getMGFAlgorithm().equals(spec.getMGFAlgorithm()));
-        isTrue("MGF Digest mismatch", "SHA-512".equals(((MGF1ParameterSpec)spec.getMGFParameters()).getDigestAlgorithm()));
-
-        s = Signature.getInstance("SHA512withRSAandMGF1", "BC");
-        
-        s.setParameter(pss.getParameterSpec(PSSParameterSpec.class));
-        
-        s.initVerify(pubKey);
-        s.update(msg1a);
-        if (!s.verify(sig1c))
-        {
-            fail("SHA512 signature verification failed");
-        }
-
-        SecureRandom random = new SecureRandom();
-
-        // Note: PSS minimum key size determined by hash/salt lengths
-        PrivateKey priv2048Key = fact.generatePrivate(RSATest.priv2048KeySpec);
-        PublicKey pub2048Key = fact.generatePublic(RSATest.pub2048KeySpec);
-
-        rawModeTest("SHA1withRSA/PSS", X509ObjectIdentifiers.id_SHA1, priv2048Key, pub2048Key, random);
-        rawModeTest("SHA224withRSA/PSS", NISTObjectIdentifiers.id_sha224, priv2048Key, pub2048Key, random);
-        rawModeTest("SHA256withRSA/PSS", NISTObjectIdentifiers.id_sha256, priv2048Key, pub2048Key, random);
-        rawModeTest("SHA384withRSA/PSS", NISTObjectIdentifiers.id_sha384, priv2048Key, pub2048Key, random);
-        rawModeTest("SHA512withRSA/PSS", NISTObjectIdentifiers.id_sha512, priv2048Key, pub2048Key, random);
-    }
-
-    private void rawModeTest(String sigName, ASN1ObjectIdentifier digestOID,
-            PrivateKey privKey, PublicKey pubKey, SecureRandom random) throws Exception
-    {
-        byte[] sampleMessage = new byte[1000 + random.nextInt(100)];
-        random.nextBytes(sampleMessage);
-
-        Signature normalSig = Signature.getInstance(sigName, "BC");
-
-        PSSParameterSpec spec = (PSSParameterSpec)normalSig.getParameters().getParameterSpec(PSSParameterSpec.class);
-
-        // Make sure we generate the same 'random' salt for both normal and raw signers
-        int saltLen = spec.getSaltLength();
-        byte[] fixedRandomBytes = new byte[saltLen];
-        random.nextBytes(fixedRandomBytes);
-
-        normalSig.initSign(privKey, new TestRandomData(fixedRandomBytes));
-        normalSig.update(sampleMessage);
-        byte[] normalResult = normalSig.sign();
-
-        MessageDigest digest = MessageDigest.getInstance(digestOID.getId(), "BC");
-        byte[] hash = digest.digest(sampleMessage);
-
-        Signature rawSig = Signature.getInstance("RAWRSASSA-PSS", "BC");
-
-        // Need to init the params explicitly to avoid having a 'raw' variety of every PSS algorithm
-        rawSig.setParameter(spec);
-
-        rawSig.initSign(privKey, new TestRandomData(fixedRandomBytes));
-        rawSig.update(hash);
-        byte[] rawResult = rawSig.sign();
-
-        if (!Arrays.areEqual(normalResult, rawResult))
-        {
-            fail("raw mode signature differs from normal one");
-        }
-
-        rawSig.initVerify(pubKey);
-        rawSig.update(hash);
-
-        if (!rawSig.verify(rawResult))
-        {
-            fail("raw mode signature verification failed");
-        }
-    }
-
-    public String getName()
-    {
-        return "PSSTest";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new PSSTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/Poly1305Test.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/Poly1305Test.java
deleted file mode 100644
index 0a6d8a6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/Poly1305Test.java
+++ /dev/null

@@ -1,191 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.security.NoSuchAlgorithmException;
-import java.security.Security;
-import java.util.ArrayList;
-import java.util.List;
-
-import javax.crypto.Cipher;
-import javax.crypto.KeyGenerator;
-import javax.crypto.Mac;
-import javax.crypto.SecretKey;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestFailedException;
-
-public class Poly1305Test
-    extends SimpleTest
-{
-    private static final byte[] MASTER_KEY = Hex
-        .decode("01bcb20bfc8b6e03609ddd09f44b060f"+"95cc0e44d0b79a8856afcae1bec4fe3c");
-
-    public String getName()
-    {
-        return "Poly1305";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        checkRawPoly1305();
-        checkRegistrations();
-    }
-
-    private void checkRegistrations()
-        throws Exception
-    {
-        List missingMacs = new ArrayList();
-        List missingKeyGens = new ArrayList();
-
-        String[] ciphers = new String[]{"AES", "NOEKEON", "Twofish", "CAST6", "SEED", "Serpent", "SM4", "RC6", "CAMELLIA"};
-        String[] macs = new String[]{
-            "4bb5e21dd13001ed5faccfcfdaf8a854",
-            "6d601be3d5ebbb9972a64ed3223d913d",
-            "211195296d9afc7b35a1223a79487c87",
-            "f328857a1b653684e73760c804c55b1d",
-            "21cd8adb23ca84eb4dbb12780595bf28",
-            "c218102702d8a2ee5c9ef9000e91454d",
-            "9bb04be6a1c314a9054ae3c94d3c941b",
-            "db86de7b1fcae429753d68b1263d7ca0",
-            "11918174f33a2f278fb86554da094112"};
-
-        for (int i = 0; i < ciphers.length; i++)
-        {
-            String cipherName = ciphers[i];
-            Cipher cipher;
-            try
-            {
-                cipher = Cipher.getInstance(cipherName, "BC");
-            }
-            catch (Exception e)
-            {
-                System.err.println(cipherName + ": " + e.getMessage());
-                continue;
-            }
-            int blocksize;
-            try
-            {
-                blocksize = cipher.getBlockSize();
-            }
-            catch (Exception e)
-            {
-                System.err.println(cipherName + ": " + e.getMessage());
-                continue;
-            }
-            // Poly1305 is defined over 128 bit block ciphers
-            if (blocksize == 16)
-            {
-                String macName = "Poly1305-" + cipherName;
-                String macNameAlt = "Poly1305" + cipherName;
-
-                // Check we have a Poly1305 registered for each name
-                checkMac(macName, missingMacs, missingKeyGens, macs[i]);
-                checkMac(macNameAlt, missingMacs, missingKeyGens, macs[i]);
-            }
-        }
-        if (missingMacs.size() != 0)
-        {
-            fail("Did not find Poly1305 registrations for the following ciphers: " + missingMacs);
-        }
-        if (missingKeyGens.size() != 0)
-        {
-            fail("Did not find Poly1305 KeyGenerator registrations for the following macs: " + missingKeyGens);
-        }
-    }
-
-    private void checkRawPoly1305()
-        throws Exception
-    {
-        checkMac("Poly1305", "e8bd1466eaf442dd71598370c1e34392");
-    }
-
-    private void checkMac(String name, String macOutput)
-        throws Exception
-    {
-        KeyGenerator kg = KeyGenerator.getInstance(name);
-        SecretKey key = kg.generateKey();
-
-        try
-        {
-            Poly1305KeyGenerator.checkKey(key.getEncoded());
-        }
-        catch (IllegalArgumentException e)
-        {
-            fail("Generated key for algo " + name + " does not match required Poly1305 format.");
-        }
-
-        Mac mac = Mac.getInstance(name);
-        mac.init(new SecretKeySpec(MASTER_KEY, name));
-        mac.update(new byte[128]);
-        byte[] bytes = mac.doFinal();
-
-        if (!Arrays.areEqual(bytes, Hex.decode(macOutput)))
-        {
-            fail("wrong mac value computed for " + name, macOutput, new String(Hex.encode(bytes)));
-        }
-    }
-
-    private void checkMac(String name, List missingMacs, List missingKeyGens, String macOutput)
-    {
-        try
-        {
-            try
-            {
-                KeyGenerator kg = KeyGenerator.getInstance(name);
-                SecretKey key = kg.generateKey();
-
-                try
-                {
-                    Poly1305KeyGenerator.checkKey(key.getEncoded());
-                }
-                catch (IllegalArgumentException e)
-                {
-                    fail("Generated key for algo " + name + " does not match required Poly1305 format.");
-                }
-
-                try
-                {
-                    Mac mac = Mac.getInstance(name);
-                    mac.init(new SecretKeySpec(MASTER_KEY, name), new IvParameterSpec(new byte[16]));
-                    mac.update(new byte[128]);
-                    byte[] bytes = mac.doFinal();
-
-                    if (!Arrays.areEqual(bytes, Hex.decode(macOutput)))
-                    {
-                        fail("wrong mac value computed for " + name, macOutput, new String(Hex.encode(bytes)));
-                    }
-                }
-                catch (NoSuchAlgorithmException e)
-                {
-                    missingMacs.add(name);
-                }
-
-            }
-            catch (NoSuchAlgorithmException e)
-            {
-                missingKeyGens.add(name);
-            }
-        }
-        catch (TestFailedException e)
-        {
-            throw e;
-        }
-        catch (Exception e)
-        {
-            fail("Unexpected error", e);
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new Poly1305Test());
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/RSATest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/RSATest.java
deleted file mode 100644
index bb30223..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/RSATest.java
+++ /dev/null

@@ -1,941 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.math.BigInteger;
-import java.security.AlgorithmParameters;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.Signature;
-import java.security.interfaces.RSAPrivateCrtKey;
-import java.security.interfaces.RSAPublicKey;
-import java.security.spec.MGF1ParameterSpec;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.RSAKeyGenParameterSpec;
-import java.security.spec.RSAPrivateCrtKeySpec;
-import java.security.spec.RSAPrivateKeySpec;
-import java.security.spec.RSAPublicKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-import java.util.HashSet;
-
-import javax.crypto.Cipher;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.spec.OAEPParameterSpec;
-import javax.crypto.spec.PSource;
-
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.pkcs.RSAESOAEPparams;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.DigestInfo;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class RSATest
-    extends SimpleTest
-{
-    /**
-     * a fake random number generator - we just want to make sure the random numbers
-     * aren't random so that we get the same output, while still getting to test the
-     * key generation facilities.
-     */
-    private class FixedSecureRandom
-        extends SecureRandom
-    {
-        byte[]  seed = {
-                (byte)0xaa, (byte)0xfd, (byte)0x12, (byte)0xf6, (byte)0x59,
-                (byte)0xca, (byte)0xe6, (byte)0x34, (byte)0x89, (byte)0xb4,
-                (byte)0x79, (byte)0xe5, (byte)0x07, (byte)0x6d, (byte)0xde,
-                (byte)0xc2, (byte)0xf0, (byte)0x6c, (byte)0xb5, (byte)0x8f
-        };
-
-        public void nextBytes(
-            byte[]  bytes)
-        {
-            int offset = 0;
-
-            while ((offset + seed.length) < bytes.length)
-            {
-                System.arraycopy(seed, 0, bytes, offset, seed.length);
-                offset += seed.length;
-            }
-
-            System.arraycopy(seed, 0, bytes, offset, bytes.length - offset);
-        }
-    }
-
-    private RSAPublicKeySpec pubKeySpec = new RSAPublicKeySpec(
-        new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-        new BigInteger("11", 16));
-
-    private RSAPrivateCrtKeySpec privKeySpec = new RSAPrivateCrtKeySpec(
-        new BigInteger("b4a7e46170574f16a97082b22be58b6a2a629798419be12872a4bdba626cfae9900f76abfb12139dce5de56564fab2b6543165a040c606887420e33d91ed7ed7", 16),
-        new BigInteger("11", 16),
-        new BigInteger("9f66f6b05410cd503b2709e88115d55daced94d1a34d4e32bf824d0dde6028ae79c5f07b580f5dce240d7111f7ddb130a7945cd7d957d1920994da389f490c89", 16),
-        new BigInteger("c0a0758cdf14256f78d4708c86becdead1b50ad4ad6c5c703e2168fbf37884cb", 16),
-        new BigInteger("f01734d7960ea60070f1b06f2bb81bfac48ff192ae18451d5e56c734a5aab8a5", 16),
-        new BigInteger("b54bb9edff22051d9ee60f9351a48591b6500a319429c069a3e335a1d6171391", 16),
-        new BigInteger("d3d83daf2a0cecd3367ae6f8ae1aeb82e9ac2f816c6fc483533d8297dd7884cd", 16),
-        new BigInteger("b8f52fc6f38593dabb661d3f50f8897f8106eee68b1bce78a95b132b4e5b5d19", 16));
-
-    private RSAPublicKeySpec isoPubKeySpec = new RSAPublicKeySpec(
-        new BigInteger("0100000000000000000000000000000000bba2d15dbb303c8a21c5ebbcbae52b7125087920dd7cdf358ea119fd66fb064012ec8ce692f0a0b8e8321b041acd40b7", 16),
-        new BigInteger("03", 16));
-
-    private RSAPrivateKeySpec isoPrivKeySpec = new RSAPrivateKeySpec(
-        new BigInteger("0100000000000000000000000000000000bba2d15dbb303c8a21c5ebbcbae52b7125087920dd7cdf358ea119fd66fb064012ec8ce692f0a0b8e8321b041acd40b7", 16),
-        new BigInteger("2aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaac9f0783a49dd5f6c5af651f4c9d0dc9281c96a3f16a85f9572d7cc3f2d0f25a9dbf1149e4cdc32273faadd3fda5dcda7", 16));
-
-    static RSAPublicKeySpec pub2048KeySpec = new RSAPublicKeySpec(
-            new BigInteger("a7295693155b1813bb84877fb45343556e0568043de5910872a3a518cc11e23e2db74eaf4545068c4e3d258a2718fbacdcc3eafa457695b957e88fbf110aed049a992d9c430232d02f3529c67a3419935ea9b569f85b1bcd37de6b899cd62697e843130ff0529d09c97d813cb15f293751ff56f943fbdabb63971cc7f4f6d5bff1594416b1f5907bde5a84a44f9802ef29b43bda1960f948f8afb8766c1ab80d32eec88ed66d0b65aebe44a6d0b3c5e0ab051aaa1b912fbcc17b8e751ddecc5365b6db6dab0020c3057db4013a51213a5798a3aab67985b0f4d88627a54a0f3f0285fbcb4afdfeb65cb153af66825656d43238b75503231500753f4e421e3c57", 16),
-            new BigInteger("10001", 16));
-
-    static RSAPrivateCrtKeySpec priv2048KeySpec = new RSAPrivateCrtKeySpec(
-            new BigInteger("a7295693155b1813bb84877fb45343556e0568043de5910872a3a518cc11e23e2db74eaf4545068c4e3d258a2718fbacdcc3eafa457695b957e88fbf110aed049a992d9c430232d02f3529c67a3419935ea9b569f85b1bcd37de6b899cd62697e843130ff0529d09c97d813cb15f293751ff56f943fbdabb63971cc7f4f6d5bff1594416b1f5907bde5a84a44f9802ef29b43bda1960f948f8afb8766c1ab80d32eec88ed66d0b65aebe44a6d0b3c5e0ab051aaa1b912fbcc17b8e751ddecc5365b6db6dab0020c3057db4013a51213a5798a3aab67985b0f4d88627a54a0f3f0285fbcb4afdfeb65cb153af66825656d43238b75503231500753f4e421e3c57", 16),
-            new BigInteger("10001", 16),
-            new BigInteger("65dad56ac7df7abb434e4cb5eeadb16093aa6da7f0033aad3815289b04757d32bfee6ade7749c8e4a323b5050a2fb9e2a99e23469e1ed4ba5bab54336af20a5bfccb8b3424cc6923db2ffca5787ed87aa87aa614cd04cedaebc8f623a2d2063017910f436dff18bb06f01758610787f8b258f0a8efd8bd7de30007c47b2a1031696c7d6523bc191d4d918927a7e0b09584ed205bd2ff4fc4382678df82353f7532b3bbb81d69e3f39070aed3fb64fce032a089e8e64955afa5213a6eb241231bd98d702fba725a9b205952fda186412d9e0d9344d2998c455ad8c2bae85ee672751466d5288304032b5b7e02f7e558c7af82c7fbf58eea0bb4ef0f001e6cd0a9", 16),
-            new BigInteger("d4fd9ac3474fb83aaf832470643609659e511b322632b239b688f3cd2aad87527d6cf652fb9c9ca67940e84789444f2e99b0cb0cfabbd4de95396106c865f38e2fb7b82b231260a94df0e01756bf73ce0386868d9c41645560a81af2f53c18e4f7cdf3d51d80267372e6e0216afbf67f655c9450769cca494e4f6631b239ce1b", 16),
-            new BigInteger("c8eaa0e2a1b3a4412a702bccda93f4d150da60d736c99c7c566fdea4dd1b401cbc0d8c063daaf0b579953d36343aa18b33dbf8b9eae94452490cc905245f8f7b9e29b1a288bc66731a29e1dd1a45c9fd7f8238ff727adc49fff73991d0dc096206b9d3a08f61e7462e2b804d78cb8c5eccdb9b7fbd2ad6a8fea46c1053e1be75", 16),
-            new BigInteger("10edcb544421c0f9e123624d1099feeb35c72a8b34e008ac6fa6b90210a7543f293af4e5299c8c12eb464e70092805c7256e18e5823455ba0f504d36f5ccacac1b7cd5c58ff710f9c3f92646949d88fdd1e7ea5fed1081820bb9b0d2a8cd4b093fecfdb96dabd6e28c3a6f8c186dc86cddc89afd3e403e0fcf8a9e0bcb27af0b", 16),
-            new BigInteger("97fc25484b5a415eaa63c03e6efa8dafe9a1c8b004d9ee6e80548fefd6f2ce44ee5cb117e77e70285798f57d137566ce8ea4503b13e0f1b5ed5ca6942537c4aa96b2a395782a4cb5b58d0936e0b0fa63b1192954d39ced176d71ef32c6f42c84e2e19f9d4dd999c2151b032b97bd22aa73fd8c5bcd15a2dca4046d5acc997021", 16),
-            new BigInteger("4bb8064e1eff7e9efc3c4578fcedb59ca4aef0993a8312dfdcb1b3decf458aa6650d3d0866f143cbf0d3825e9381181170a0a1651eefcd7def786b8eb356555d9fa07c85b5f5cbdd74382f1129b5e36b4166b6cc9157923699708648212c484958351fdc9cf14f218dbe7fbf7cbd93a209a4681fe23ceb44bab67d66f45d1c9d", 16));
-
-    public void performTest()
-        throws Exception
-    {
-        KeyFactory          fact;
-        byte[]              input = new byte[]
-                                { (byte)0x54, (byte)0x85, (byte)0x9b, (byte)0x34, (byte)0x2c, (byte)0x49, (byte)0xea, (byte)0x2a };
-        byte[][]            output = new byte[][]
-                                {
-                                    Hex.decode("8b427f781a2e59dd9def386f1956b996ee07f48c96880e65a368055ed8c0a8831669ef7250b40918b2b1d488547e72c84540e42bd07b03f14e226f04fbc2d929"),
-                                    Hex.decode("2ec6e1a1711b6c7b8cd3f6a25db21ab8bb0a5f1d6df2ef375fa708a43997730ffc7c98856dbbe36edddcdd1b2d2a53867d8355af94fea3aeec128da908e08f4c"),
-                                    Hex.decode("0850ac4e5a8118323200c8ed1e5aaa3d5e635172553ccac66a8e4153d35c79305c4440f11034ab147fccce21f18a50cf1c0099c08a577eb68237a91042278965"),
-                                    Hex.decode("1c9649bdccb51056751fe43837f4eb43bada472accf26f65231666d5de7d11950d8379b3596dfdf75c6234274896fa8d18ad0865d3be2ac4d6687151abdf01e93941dcef18fa63186c9351d1506c89d09733c5ff4304208c812bdd21a50f56fde115e629e0e973721c9fcc87e89295a79853dee613962a0b2f2fc57163fd99057a3c776f13c20c26407eb8863998d7e53b543ba8d0a295a9a68d1a149833078c9809ad6a6dad7fc22a95ad615a73138c54c018f40d99bf8eeecd45f5be526f2d6b01aeb56381991c1ab31a2e756f15e052b9cd5638b2eff799795c5bae493307d5eb9f8c21d438de131fe505a4e7432547ab19224094f9e4be1968bd0793b79d"),
-                                    Hex.decode("4c4afc0c24dddaedd4f9a3b23be30d35d8e005ffd36b3defc5d18acc830c3ed388ce20f43a00e614fd087c814197bc9fc2eff9ad4cc474a7a2ef3ed9c0f0a55eb23371e41ee8f2e2ed93ea3a06ca482589ab87e0d61dcffda5eea1241408e43ea1108726cdb87cc3aa5e9eaaa9f72507ca1352ac54a53920c94dccc768147933d8c50aefd9d1da10522a40133cd33dbc0524669e70f771a88d65c4716d471cd22b08b9f01f24e4e9fc7ffbcfa0e0a7aed47b345826399b26a73be112eb9c5e06fc6742fc3d0ef53d43896403c5105109cfc12e6deeaf4a48ba308e039774b9bdb31a9b9e133c81c321630cf0b4b2d1f90717b24c3268e1fea681ea9cdc709342"),
-                                    Hex.decode("06b5b26bd13515f799e5e37ca43cace15cd82fd4bf36b25d285a6f0998d97c8cb0755a28f0ae66618b1cd03e27ac95eaaa4882bc6dc0078cd457d4f7de4154173a9c7a838cfc2ac2f74875df462aae0cfd341645dc51d9a01da9bdb01507f140fa8a016534379d838cc3b2a53ac33150af1b242fc88013cb8d914e66c8182864ee6de88ce2879d4c05dd125409620a96797c55c832fb2fb31d4310c190b8ed2c95fdfda2ed87f785002faaec3f35ec05cf70a3774ce185e4882df35719d582dd55ac31257344a9cba95189dcbea16e8c6cb7a235a0384bc83b6183ca8547e670fe33b1b91725ae0c250c9eca7b5ba78bd77145b70270bf8ac31653006c02ca9c"),
-                                    Hex.decode("135f1be3d045526235bf9d5e43499d4ee1bfdf93370769ae56e85dbc339bc5b7ea3bee49717497ee8ac3f7cd6adb6fc0f17812390dcd65ac7b87fef7970d9ff9"),
-                                    Hex.decode("03c05add1e030178c352face07cafc9447c8f369b8f95125c0d311c16b6da48ca2067104cce6cd21ae7b163cd18ffc13001aecebdc2eb02b9e92681f84033a98"),
-                                    Hex.decode("00319bb9becb49f3ed1bca26d0fcf09b0b0a508e4d0bd43b350f959b72cd25b3af47d608fdcd248eada74fbe19990dbeb9bf0da4b4e1200243a14e5cab3f7e610c")
-                                };
-        SecureRandom        rand = new FixedSecureRandom();
-
-
-        fact = KeyFactory.getInstance("RSA", "BC");
-
-        PrivateKey  privKey = fact.generatePrivate(privKeySpec);
-        PublicKey   pubKey = fact.generatePublic(pubKeySpec);
-        
-        PrivateKey  priv2048Key = fact.generatePrivate(priv2048KeySpec);
-        PublicKey   pub2048Key = fact.generatePublic(pub2048KeySpec);
-
-        //
-        // key without CRT coefficients
-        //
-        PrivateKeyInfo keyInfo = PrivateKeyInfo.getInstance(privKey.getEncoded());
-        BigInteger zero = BigInteger.valueOf(0);
-        PKCS8EncodedKeySpec noCrtSpec = new PKCS8EncodedKeySpec(new PrivateKeyInfo(keyInfo.getPrivateKeyAlgorithm(),
-                                                   new org.bouncycastle.asn1.pkcs.RSAPrivateKey(privKeySpec.getModulus(), privKeySpec.getPublicExponent(), privKeySpec.getPrivateExponent(), zero, zero, zero, zero, zero)).getEncoded());
-
-        PrivateKey noCrtKey = fact.generatePrivate(noCrtSpec);
-        if (noCrtKey instanceof RSAPrivateCrtKey)
-        {
-            fail("private key without CRT coefficients returned as CRT key");
-        }
-
-        //
-        // No Padding
-        //
-        Cipher c = Cipher.getInstance("RSA", "BC");
-
-        c.init(Cipher.ENCRYPT_MODE, pubKey, rand);
-
-        byte[]  out = c.doFinal(input);
-
-        if (!areEqual(out, output[0]))
-        {
-            fail("NoPadding test failed on encrypt expected " + new String(Hex.encode(output[0])) + " got " + new String(Hex.encode(out)));
-        }
-
-        c.init(Cipher.DECRYPT_MODE, privKey);
-
-        out = c.doFinal(out);
-
-        if (!areEqual(out, input))
-        {
-            fail("NoPadding test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
-        }
-
-        //
-        // No Padding - incremental
-        //
-        c = Cipher.getInstance("RSA", "BC");
-
-        c.init(Cipher.ENCRYPT_MODE, pubKey, rand);
-
-        c.update(input);
-
-        out = c.doFinal();
-
-        if (!areEqual(out, output[0]))
-        {
-            fail("NoPadding test failed on encrypt expected " + new String(Hex.encode(output[0])) + " got " + new String(Hex.encode(out)));
-        }
-
-        c.init(Cipher.DECRYPT_MODE, privKey);
-
-        out = c.doFinal(out);
-
-        if (!areEqual(out, input))
-        {
-            fail("NoPadding test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
-        }
-
-        //
-        // No Padding - incremental - explicit use of NONE in mode.
-        //
-        c = Cipher.getInstance("RSA/NONE/NoPadding", "BC");
-
-        c.init(Cipher.ENCRYPT_MODE, pubKey, rand);
-
-        c.update(input);
-
-        out = c.doFinal();
-
-        if (!areEqual(out, output[0]))
-        {
-            fail("NoPadding test failed on encrypt expected " + new String(Hex.encode(output[0])) + " got " + new String(Hex.encode(out)));
-        }
-
-        c.init(Cipher.DECRYPT_MODE, privKey);
-
-        out = c.doFinal(out);
-
-        if (!areEqual(out, input))
-        {
-            fail("NoPadding test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
-        }
-
-        //
-        // No Padding - maximum length
-        //
-        c = Cipher.getInstance("RSA", "BC");
-
-        byte[]  modBytes = ((RSAPublicKey)pubKey).getModulus().toByteArray();
-        byte[]  maxInput = new byte[modBytes.length - 1];
-
-        maxInput[0] |= 0x7f;
-
-        c.init(Cipher.ENCRYPT_MODE, pubKey, rand);
-
-        out = c.doFinal(maxInput);
-
-        c.init(Cipher.DECRYPT_MODE, privKey);
-
-        out = c.doFinal(out);
-
-        if (!areEqual(out, maxInput))
-        {
-            fail("NoPadding test failed on decrypt expected " + new String(Hex.encode(maxInput)) + " got " + new String(Hex.encode(out)));
-        }
-
-        //
-        // PKCS1 V 1.5
-        //
-        c = Cipher.getInstance("RSA/ECB/PKCS1Padding", "BC");
-
-        c.init(Cipher.ENCRYPT_MODE, pubKey, rand);
-
-        out = c.doFinal(input);
-
-        if (!areEqual(out, output[1]))
-        {
-            fail("PKCS1 test failed on encrypt expected " + new String(Hex.encode(output[1])) + " got " + new String(Hex.encode(out)));
-        }
-
-        c.init(Cipher.DECRYPT_MODE, privKey);
-
-        out = c.doFinal(out);
-
-        if (!areEqual(out, input))
-        {
-            fail("PKCS1 test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
-        }
-
-        //
-        // PKCS1 V 1.5 - NONE
-        //
-        c = Cipher.getInstance("RSA/NONE/PKCS1Padding", "BC");
-
-        c.init(Cipher.ENCRYPT_MODE, pubKey, rand);
-
-        out = c.doFinal(input);
-
-        if (!areEqual(out, output[1]))
-        {
-            fail("PKCS1 test failed on encrypt expected " + new String(Hex.encode(output[1])) + " got " + new String(Hex.encode(out)));
-        }
-
-        c.init(Cipher.DECRYPT_MODE, privKey);
-
-        out = c.doFinal(out);
-
-        if (!areEqual(out, input))
-        {
-            fail("PKCS1 test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
-        }
-
-        //
-        // OAEP - SHA1
-        //
-        c = Cipher.getInstance("RSA/NONE/OAEPPadding", "BC");
-
-        c.init(Cipher.ENCRYPT_MODE, pubKey, rand);
-
-        out = c.doFinal(input);
-
-        if (!areEqual(out, output[2]))
-        {
-            fail("OAEP test failed on encrypt expected " + new String(Hex.encode(output[2])) + " got " + new String(Hex.encode(out)));
-        }
-
-        c = Cipher.getInstance("RSA/NONE/OAEPWithSHA1AndMGF1Padding", "BC");
-        
-        c.init(Cipher.DECRYPT_MODE, privKey);
-
-        out = c.doFinal(out);
-
-        if (!areEqual(out, input))
-        {
-            fail("OAEP test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
-        }
-        
-        AlgorithmParameters oaepP = c.getParameters();
-        
-        if (!areEqual(oaepP.getEncoded(), 
-                new RSAESOAEPparams(
-                        new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE), 
-                        new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE)),
-                        new AlgorithmIdentifier(PKCSObjectIdentifiers.id_pSpecified, new DEROctetString(new byte[0]))).getEncoded()))
-        {
-            fail("OAEP test failed default sha-1 parameters");
-        }
-        
-        //
-        // OAEP - SHA224
-        //
-        c = Cipher.getInstance("RSA/NONE/OAEPWithSHA224AndMGF1Padding", "BC");
-
-        c.init(Cipher.ENCRYPT_MODE, pub2048Key, rand);
-
-        out = c.doFinal(input);
-
-        if (!areEqual(out, output[3]))
-        {
-            fail("OAEP SHA-224 test failed on encrypt expected " + new String(Hex.encode(output[2])) + " got " + new String(Hex.encode(out)));
-        }
-
-        c.init(Cipher.DECRYPT_MODE, priv2048Key);
-
-        out = c.doFinal(out);
-
-        if (!areEqual(out, input))
-        {
-            fail("OAEP SHA-224 test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
-        }
-        
-        oaepP = c.getParameters();
-        
-        if (!areEqual(oaepP.getEncoded(), 
-                new RSAESOAEPparams(
-                        new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, DERNull.INSTANCE), 
-                        new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, DERNull.INSTANCE)),
-                        new AlgorithmIdentifier(PKCSObjectIdentifiers.id_pSpecified, new DEROctetString(new byte[0]))).getEncoded()))
-        {
-            fail("OAEP test failed default sha-224 parameters");
-        }
-        
-        //
-        // OAEP - SHA 256
-        //
-        c = Cipher.getInstance("RSA/NONE/OAEPWithSHA256AndMGF1Padding", "BC");
-
-        c.init(Cipher.ENCRYPT_MODE, pub2048Key, rand);
-
-        out = c.doFinal(input);
-
-        if (!areEqual(out, output[4]))
-        {
-            fail("OAEP SHA-256 test failed on encrypt expected " + new String(Hex.encode(output[2])) + " got " + new String(Hex.encode(out)));
-        }
-
-        c.init(Cipher.DECRYPT_MODE, priv2048Key);
-
-        out = c.doFinal(out);
-
-        if (!areEqual(out, input))
-        {
-            fail("OAEP SHA-256 test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
-        }
-        
-        oaepP = c.getParameters();
-        
-        if (!areEqual(oaepP.getEncoded(), 
-                new RSAESOAEPparams(
-                        new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, DERNull.INSTANCE), 
-                        new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, DERNull.INSTANCE)),
-                        new AlgorithmIdentifier(PKCSObjectIdentifiers.id_pSpecified, new DEROctetString(new byte[0]))).getEncoded()))
-        {
-            fail("OAEP test failed default sha-256 parameters");
-        }
-        
-        //
-        // OAEP - SHA 384
-        //
-        c = Cipher.getInstance("RSA/NONE/OAEPWithSHA384AndMGF1Padding", "BC");
-
-        c.init(Cipher.ENCRYPT_MODE, pub2048Key, rand);
-
-        out = c.doFinal(input);
-
-        if (!areEqual(out, output[5]))
-        {
-            fail("OAEP SHA-384 test failed on encrypt expected " + new String(Hex.encode(output[2])) + " got " + new String(Hex.encode(out)));
-        }
-
-        c.init(Cipher.DECRYPT_MODE, priv2048Key);
-
-        out = c.doFinal(out);
-
-        if (!areEqual(out, input))
-        {
-            fail("OAEP SHA-384 test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
-        }
-        
-        oaepP = c.getParameters();
-        
-        if (!areEqual(oaepP.getEncoded(), 
-                new RSAESOAEPparams(
-                        new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha384, DERNull.INSTANCE), 
-                        new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha384, DERNull.INSTANCE)),
-                        new AlgorithmIdentifier(PKCSObjectIdentifiers.id_pSpecified, new DEROctetString(new byte[0]))).getEncoded()))
-        {
-            fail("OAEP test failed default sha-384 parameters");
-        }
-        
-        //
-        // OAEP - MD5
-        //
-        c = Cipher.getInstance("RSA/NONE/OAEPWithMD5AndMGF1Padding", "BC");
-
-        c.init(Cipher.ENCRYPT_MODE, pubKey, rand);
-
-        out = c.doFinal(input);
-
-        if (!areEqual(out, output[6]))
-        {
-            fail("OAEP MD5 test failed on encrypt expected " + new String(Hex.encode(output[2])) + " got " + new String(Hex.encode(out)));
-        }
-
-        c.init(Cipher.DECRYPT_MODE, privKey);
-
-        out = c.doFinal(out);
-
-        if (!areEqual(out, input))
-        {
-            fail("OAEP MD5 test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
-        }
-        
-        oaepP = c.getParameters();
-        
-        if (!areEqual(oaepP.getEncoded(), 
-                new RSAESOAEPparams(
-                        new AlgorithmIdentifier(PKCSObjectIdentifiers.md5, DERNull.INSTANCE), 
-                        new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, new AlgorithmIdentifier(PKCSObjectIdentifiers.md5, DERNull.INSTANCE)),
-                        new AlgorithmIdentifier(PKCSObjectIdentifiers.id_pSpecified, new DEROctetString(new byte[0]))).getEncoded()))
-        {
-            fail("OAEP test failed default md5 parameters");
-        }
-        
-        //
-        // OAEP - SHA1 with default parameters
-        //
-        c = Cipher.getInstance("RSA/NONE/OAEPPadding", "BC");
-
-        c.init(Cipher.ENCRYPT_MODE, pubKey, OAEPParameterSpec.DEFAULT, rand);
-
-        out = c.doFinal(input);
-
-        if (!areEqual(out, output[2]))
-        {
-            fail("OAEP test failed on encrypt expected " + new String(Hex.encode(output[2])) + " got " + new String(Hex.encode(out)));
-        }
-
-        c = Cipher.getInstance("RSA/NONE/OAEPWithSHA1AndMGF1Padding", "BC");
-        
-        c.init(Cipher.DECRYPT_MODE, privKey);
-
-        out = c.doFinal(out);
-        
-        if (!areEqual(out, input))
-        {
-            fail("OAEP test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
-        }
-        
-        oaepP = c.getParameters();
-        
-        if (!areEqual(oaepP.getEncoded(), new byte[] { 0x30, 0x00 }))
-        {
-            fail("OAEP test failed default parameters");
-        }
-
-        //
-        // OAEP - SHA1 with specified string
-        //
-        c = Cipher.getInstance("RSA/NONE/OAEPPadding", "BC");
-
-        c.init(Cipher.ENCRYPT_MODE, pubKey, new OAEPParameterSpec("SHA1", "MGF1", new MGF1ParameterSpec("SHA1"), new PSource.PSpecified(new byte[] { 1, 2, 3, 4, 5 })), rand);
-
-        out = c.doFinal(input);
-
-        oaepP = c.getParameters();
-        
-        if (!areEqual(oaepP.getEncoded(), 
-                new RSAESOAEPparams(
-                        new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE), 
-                        new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE)),
-                        new AlgorithmIdentifier(PKCSObjectIdentifiers.id_pSpecified, new DEROctetString(new byte[] { 1, 2, 3, 4, 5 }))).getEncoded()))
-        {
-            fail("OAEP test failed changed sha-1 parameters");
-        }
-        
-        if (!areEqual(out, output[7]))
-        {
-            fail("OAEP test failed on encrypt expected " + new String(Hex.encode(output[2])) + " got " + new String(Hex.encode(out)));
-        }
-
-        c = Cipher.getInstance("RSA/NONE/OAEPWithSHA1AndMGF1Padding", "BC");
-        
-        c.init(Cipher.DECRYPT_MODE, privKey, oaepP);
-
-        out = c.doFinal(out);
-
-        if (!areEqual(out, input))
-        {
-            fail("OAEP test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
-        }
-        
-        //
-        // ISO9796-1
-        //
-        byte[]      isoInput =  Hex.decode("fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210");
-        PrivateKey  isoPrivKey = fact.generatePrivate(isoPrivKeySpec);
-        PublicKey   isoPubKey = fact.generatePublic(isoPubKeySpec);
-
-        c = Cipher.getInstance("RSA/NONE/ISO9796-1Padding", "BC");
-
-        c.init(Cipher.ENCRYPT_MODE, isoPrivKey);
-
-        out = c.doFinal(isoInput);
-
-        if (!areEqual(out, output[8]))
-        {
-            fail("ISO9796-1 test failed on encrypt expected " + new String(Hex.encode(output[3])) + " got " + new String(Hex.encode(out)));
-        }
-
-        c.init(Cipher.DECRYPT_MODE, isoPubKey);
-
-        out = c.doFinal(out);
-
-        if (!areEqual(out, isoInput))
-        {
-            fail("ISO9796-1 test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
-        }
-
-        //
-        //
-        // generation with parameters test.
-        //
-        KeyPairGenerator keyPairGen =
-                KeyPairGenerator.getInstance("RSA", "BC");
-
-        //
-        // 768 bit RSA with e = 2^16-1
-        //
-        keyPairGen.initialize(
-            new RSAKeyGenParameterSpec(768,
-            BigInteger.valueOf(65537)),
-            new SecureRandom());
-
-        KeyPair kp = keyPairGen.generateKeyPair();
-
-        pubKey = kp.getPublic();
-        privKey = kp.getPrivate();
-
-        c.init(Cipher.ENCRYPT_MODE, pubKey, rand);
-
-        out = c.doFinal(input);
-
-        c.init(Cipher.DECRYPT_MODE, privKey);
-
-        out = c.doFinal(out);
-
-        if (!areEqual(out, input))
-        {
-            fail("key generation test failed on decrypt expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(out)));
-        }
-
-        //
-        // comparison check
-        //
-        KeyFactory keyFact = KeyFactory.getInstance("RSA", "BC");
-        
-        RSAPrivateCrtKey crtKey = (RSAPrivateCrtKey)keyFact.translateKey(privKey);
-        
-        if (!privKey.equals(crtKey))
-        {
-            fail("private key equality check failed");
-        }
-
-        crtKey = (RSAPrivateCrtKey)keyFact.generatePrivate(new PKCS8EncodedKeySpec(privKey.getEncoded()));
-
-        if (!privKey.equals(crtKey))
-        {
-            fail("private key equality check failed");
-        }
-
-        crtKey = (RSAPrivateCrtKey)serializeDeserialize(privKey);
-
-        if (!privKey.equals(crtKey))
-        {
-            fail("private key equality check failed");
-        }
-
-        if (privKey.hashCode() != crtKey.hashCode())
-        {
-            fail("private key hashCode check failed");
-        }
-
-        RSAPublicKey copyKey = (RSAPublicKey)keyFact.translateKey(pubKey);
-        
-        if (!pubKey.equals(copyKey))
-        {
-            fail("public key equality check failed");
-        }
-
-        copyKey = (RSAPublicKey)keyFact.generatePublic(new X509EncodedKeySpec(pubKey.getEncoded()));
-
-        if (!pubKey.equals(copyKey))
-        {
-            fail("public key equality check failed");
-        }
-
-        copyKey = (RSAPublicKey)serializeDeserialize(pubKey);
-
-        if (!pubKey.equals(copyKey))
-        {
-            fail("public key equality check failed");
-        }
-
-        if (pubKey.hashCode() != copyKey.hashCode())
-        {
-            fail("public key hashCode check failed");
-        }
-
-        //
-        // test an OAEP key
-        //
-        SubjectPublicKeyInfo oaepKey = new SubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.id_RSAES_OAEP, new RSAESOAEPparams()),
-                                                  SubjectPublicKeyInfo.getInstance(pubKey.getEncoded()).parsePublicKey());
-
-        copyKey = (RSAPublicKey)serializeDeserialize(keyFact.generatePublic(new X509EncodedKeySpec(oaepKey.getEncoded())));
-
-        if (!pubKey.equals(copyKey))
-        {
-            fail("public key equality check failed");
-        }
-
-        if (pubKey.hashCode() != copyKey.hashCode())
-        {
-            fail("public key hashCode check failed");
-        }
-
-        if (!Arrays.areEqual(copyKey.getEncoded(), oaepKey.getEncoded()))
-        {
-            fail("encoding does not match");
-        }
-
-        oaepCompatibilityTest("SHA-1", priv2048Key, pub2048Key);
-        // TODO: oaepCompatibilityTest("SHA-224", priv2048Key, pub2048Key);      commented out as fails in JDK 1.7
-        oaepCompatibilityTest("SHA-256", priv2048Key, pub2048Key);
-        oaepCompatibilityTest("SHA-384", priv2048Key, pub2048Key);
-        oaepCompatibilityTest("SHA-512", priv2048Key, pub2048Key);
-
-        SecureRandom random = new SecureRandom();
-        rawModeTest("SHA1withRSA", X509ObjectIdentifiers.id_SHA1, priv2048Key, pub2048Key, random);
-        rawModeTest("MD5withRSA", PKCSObjectIdentifiers.md5, priv2048Key, pub2048Key, random);
-        rawModeTest("RIPEMD128withRSA", TeleTrusTObjectIdentifiers.ripemd128, priv2048Key, pub2048Key, random);
-
-        // init reset test
-        c.init(Cipher.ENCRYPT_MODE, pubKey, rand);
-
-        out = c.update(new byte[40]);
-
-        c.init(Cipher.ENCRYPT_MODE, pubKey, rand);
-
-        out = c.update(new byte[40]);
-
-        testGetExceptionsPKCS1();
-        zeroMessageTest();
-
-        oaepDigestCheck("SHA3-224", NISTObjectIdentifiers.id_sha3_224, pub2048Key, priv2048Key, rand, Hex.decode("2aa7812d4f7b7766f8625feb58481ef5b5fa6dfafbea543e4bbba89d6708f4900fc9fd55d5c2b83fefefc67e2ba7a4222217efaa9b9d31920bdcd78733319aca910dfd118aae5e901a6d27a56e37b1a6f86e7404f82da248e77845e58b789f10a1af8a1208f77dda384692609339346c4ea57928b890042e7d70b1d5817f8978dcbc9cd2fcdde37a0a41a52dbef701ddc859a5d58efd10aa5bd8d205c10154db906540bf20dedcff721df11a456df201cb9cbbd092a89a1eb3f11e7e34003d7070e02c8db54e5498e7ee262fb9178f5eb85d1db66baafe0a66e8283df9c41bded218e5d906d28f08803deb3cbd1a92777d55fe56ff022a47f673cac2ca145973"));
-        oaepDigestCheck("SHA3-256", NISTObjectIdentifiers.id_sha3_256, pub2048Key, priv2048Key, rand, Hex.decode("4460e68586ac0ca1832274919c6b9159d40ea1d383a32ca28f0e1a81962289c8c904fa117d90afd7bfefa51b6889d2d999efb72bafd4beb5594bb08f62532ecb077e4968f43e70673341e60649ed64ac49cf1a2396a64577767d8958217a251938a7ac1bbc1aec9c9197a2eb9a375c74a01097fe3717c8bde04f8a20df85ef10a59070970a4a6470131654cecb641d46e464f17ddfe7e0595025bf25f025edbd56b19487cfc87de1642ca5190f289cf78e2c4b1cf90e73ffae331581c23febcf490c32299f2e5bd5a354a0cc996cc692b5a318777d17e734b3c487ad615df7af0fc361af564e6970ee0aa9b140634cdcf1eda91d1a1156326caaa608c4d43ee4"));
-        oaepDigestCheck("SHA3-384", NISTObjectIdentifiers.id_sha3_384, pub2048Key, priv2048Key, rand, Hex.decode("1b9f490569bddac8ea77e3bec8d6d38b159cb88545de86065dbc8757b35fdeb0cce90eaf93ec6d69d691c590fc3feec9974b80e0c0068929c77533be2066b4002ad6d195e473f72e8581255b8d2dfff016ff27ed50e6d3e63cfaf50851b2d43833eea8dab3b4506f517875659099815a96be6e8fd2dc1417c6e3ffadcfd3f494a5544267688d114d3eeaf43ea954686656afb7a3dc2f8a4cdc5d7b90a97acbbe32ff17b3d26d7eb2a4fbc847d49cc8cb8f837646613d1b5a78096cf3f48acf4be95205e0c4cb283447029eae1442fe3813a017604dfd59a9e841473f4d8914860f785fb2194b21cba47cd401bc32720f3df373e59336c3d64c61babd474b4bbe"));
-        oaepDigestCheck("SHA3-512", NISTObjectIdentifiers.id_sha3_512, pub2048Key, priv2048Key, rand, Hex.decode("7b7870bb5ae52276a8b06b59f7321043afb1fa4e5dbca9f14bcce9efaacded531f090646ab0f8701b012cc93c51e0a8591043e6457cde1950f4ffc8ad87d946622ea48a70f95f40c22d88679eb92c10c19db487fd64857d723daf4ccfe749fdd05e6c0be28de57e09d3b5a0981322b6cc7a9743a50eec355a7af5bdcdcddc5e279ad90f599b68c47fdb39916c7a597cf989169e8667fd8602e88c9c128085d0e158ea75eeb37919a91cdf3f2cd5394adaadc4a2f25a6222d2637cb464841dc5820e54843495cb97af6b19edc72f137123813f5d78503232f79e4f617be3a9f09b0206634a2ecfe457dbd71d2d3d8e3dbca486e75e543f559dcea3112ad50a21d"));
-    }
-
-    public void oaepDigestCheck(String digest, ASN1ObjectIdentifier oid, PublicKey pubKey, PrivateKey privKey, SecureRandom rand, byte[] expected)
-        throws Exception
-    {
-        byte[] input = new byte[]
-            {(byte)0x54, (byte)0x85, (byte)0x9b, (byte)0x34, (byte)0x2c, (byte)0x49, (byte)0xea, (byte)0x2a};
-
-        Cipher c = Cipher.getInstance("RSA/NONE/OAEPPadding", "BC");
-
-        c.init(Cipher.ENCRYPT_MODE, pubKey, new OAEPParameterSpec(digest, "MGF1", new MGF1ParameterSpec(digest), PSource.PSpecified.DEFAULT), rand);
-
-        byte[] out = c.doFinal(input);
-
-        isTrue("OAEP decrypt failed", Arrays.areEqual(expected, out));
-
-        AlgorithmParameters oaepP = c.getParameters();
-
-        if (!areEqual(oaepP.getEncoded(),
-            new RSAESOAEPparams(
-                new AlgorithmIdentifier(oid, DERNull.INSTANCE),
-                new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, new AlgorithmIdentifier(oid, DERNull.INSTANCE)),
-                new AlgorithmIdentifier(PKCSObjectIdentifiers.id_pSpecified, new DEROctetString(new byte[0]))).getEncoded()))
-        {
-            fail("OAEP test failed changed parameters for " + digest);
-        }
-
-        c = Cipher.getInstance("RSA/NONE/OAEPWith" + digest + "AndMGF1Padding", "BC");
-
-        c.init(Cipher.DECRYPT_MODE, privKey);
-
-        byte[] dec = c.doFinal(out);
-
-        isTrue("OAEP decrypt failed", Arrays.areEqual(input, dec));
-
-        AlgorithmParameters parameters = AlgorithmParameters.getInstance("OAEP", "BC");
-
-        parameters.init(oaepP.getEncoded());
-
-        OAEPParameterSpec spec = (OAEPParameterSpec)parameters.getParameterSpec(OAEPParameterSpec.class);
-
-        isTrue("Digest mismatch", digest.equals(spec.getDigestAlgorithm()));
-        isTrue("MGF alg mismatch", OAEPParameterSpec.DEFAULT.getMGFAlgorithm().equals(spec.getMGFAlgorithm()));
-        isTrue("MGF Digest mismatch", digest.equals(((MGF1ParameterSpec)spec.getMGFParameters()).getDigestAlgorithm()));
-
-    }
-
-    public void testGetExceptionsPKCS1()
-        throws Exception
-    {
-        KeyPairGenerator keygen = KeyPairGenerator.getInstance("RSA", "BC");
-        keygen.initialize(1024);
-        KeyPair keypair = keygen.genKeyPair();
-        SecureRandom rand = new SecureRandom();
-        Cipher c = Cipher.getInstance("RSA/ECB/PKCS1Padding", "BC");
-        byte[] ciphertext = new byte[1024 / 8];
-        HashSet<String> exceptions = new HashSet<String>();
-        final int SAMPLES = 1000;
-        for (int i = 0; i < SAMPLES; i++)
-        {
-            rand.nextBytes(ciphertext);
-            ciphertext[0] = (byte)0;
-            try
-            {
-                c.init(Cipher.DECRYPT_MODE, keypair.getPrivate());
-                c.doFinal(ciphertext);
-            }
-            catch (Exception ex)
-            {
-                String message = ex.toString();
-                exceptions.add(message);
-            }
-        }
-        isTrue("exception count wrong", 1 == exceptions.size());
-    }
-
-    public void zeroMessageTest()
-        throws Exception
-    {
-        KeyPairGenerator kgen = KeyPairGenerator.getInstance("RSA", "BC");
-
-        RSAKeyGenParameterSpec rsaSpec = new RSAKeyGenParameterSpec(2048, RSAKeyGenParameterSpec.F4);
-
-        kgen.initialize(rsaSpec);
-
-        KeyPair kp = kgen.generateKeyPair();
-
-        byte[] plain = new byte[0];
-
-        Cipher rsaCipher = Cipher.getInstance("RSA/NONE/OAEPWithSHA1AndMGF1Padding", "BC");
-        rsaCipher.init(Cipher.ENCRYPT_MODE, kp.getPublic());
-        byte[] encrypted = rsaCipher.doFinal(plain);
-
-        rsaCipher = Cipher.getInstance("RSA/NONE/OAEPWithSHA1AndMGF1Padding", "BC");
-        rsaCipher.init(Cipher.DECRYPT_MODE, kp.getPrivate());
-        byte[] decrypted  = rsaCipher.doFinal(encrypted);
-
-        isTrue("zero mismatch", Arrays.areEqual(plain, decrypted));
-    }
-
-    private void oaepCompatibilityTest(String digest, PrivateKey privKey, PublicKey pubKey)
-        throws Exception
-    {
-        if (Security.getProvider("SunJCE") == null || Security.getProvider("SunRsaSign") == null)
-        {
-            return;
-        }
-
-        KeyFactory  fact = KeyFactory.getInstance("RSA", "SunRsaSign");
-        PrivateKey  priv2048Key = fact.generatePrivate(priv2048KeySpec);
-        PublicKey   pub2048Key = fact.generatePublic(pub2048KeySpec);
-
-        byte[] data = new byte[] { 1, 2, 3, 4, 5, 6, 7, 8, 9, 10, 11, 12, 13, 14, 15, 16 };
-
-        Cipher sCipher;
-        try
-        {
-            sCipher = Cipher.getInstance("RSA/ECB/OAEPWith" + digest + "AndMGF1Padding", "SunJCE");
-        }
-        catch (NoSuchAlgorithmException e)
-        {
-            return;
-        }
-        catch (NoSuchPaddingException e)
-        {
-            return;
-        }
-
-        sCipher.init(Cipher.ENCRYPT_MODE, pub2048Key);
-
-        byte[] enctext = sCipher.doFinal(data);
-
-        Cipher bcCipher = Cipher.getInstance("RSA/ECB/OAEPWith" + digest + "AndMGF1Padding", "BC");
-
-        bcCipher.init(Cipher.DECRYPT_MODE, privKey, new OAEPParameterSpec(digest, "MGF1", MGF1ParameterSpec.SHA1, PSource.PSpecified.DEFAULT));
-
-        byte[] plaintext = bcCipher.doFinal(enctext);
-
-        if (!Arrays.areEqual(plaintext, data))
-        {
-            fail("data did not decrypt first time");
-        }
-
-        bcCipher.init(Cipher.ENCRYPT_MODE, pubKey, new OAEPParameterSpec(digest, "MGF1", MGF1ParameterSpec.SHA1, PSource.PSpecified.DEFAULT));
-
-        enctext = bcCipher.doFinal(data);
-
-        sCipher.init(Cipher.DECRYPT_MODE, priv2048Key);
-
-        plaintext = sCipher.doFinal(enctext);
-
-        if (!Arrays.areEqual(plaintext, data))
-        {
-            fail("data did not decrypt second time");
-        }
-    }
-
-    private void rawModeTest(String sigName, ASN1ObjectIdentifier digestOID,
-        PrivateKey privKey, PublicKey pubKey, SecureRandom random) throws Exception
-    {
-        byte[] sampleMessage = new byte[1000 + random.nextInt(100)];
-        random.nextBytes(sampleMessage);
-
-        Signature normalSig = Signature.getInstance(sigName, "BC");
-        normalSig.initSign(privKey);
-        normalSig.update(sampleMessage);
-        byte[] normalResult = normalSig.sign();
-
-        MessageDigest digest = MessageDigest.getInstance(digestOID.getId(), "BC");
-        byte[] hash = digest.digest(sampleMessage);
-        byte[] digInfo = derEncode(digestOID, hash);
-
-        Signature rawSig = Signature.getInstance("RSA", "BC");
-        rawSig.initSign(privKey);
-        rawSig.update(digInfo);
-        byte[] rawResult = rawSig.sign();
-
-        if (!Arrays.areEqual(normalResult, rawResult))
-        {
-            fail("raw mode signature differs from normal one");
-        }
-
-        rawSig.initVerify(pubKey);
-        rawSig.update(digInfo);
-
-        if (!rawSig.verify(rawResult))
-        {
-            fail("raw mode signature verification failed");
-        }
-    }
-
-    private Object serializeDeserialize(Object o)
-        throws Exception
-    {
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        ObjectOutputStream oOut = new ObjectOutputStream(bOut);
-
-        oOut.writeObject(o);
-        oOut.close();
-
-        ObjectInputStream oIn = new ObjectInputStream(new ByteArrayInputStream(bOut.toByteArray()));
-
-        return oIn.readObject();
-    }
-
-    private byte[] derEncode(ASN1ObjectIdentifier oid, byte[] hash) throws IOException
-    {
-        AlgorithmIdentifier algId = new AlgorithmIdentifier(oid, DERNull.INSTANCE);
-        DigestInfo dInfo = new DigestInfo(algId, hash);
-
-        return dInfo.getEncoded(ASN1Encoding.DER);
-    }
-
-    public String getName()
-    {
-        return "RSATest";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new RSATest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/RegressionTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/RegressionTest.java
deleted file mode 100644
index fbc690b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/RegressionTest.java
+++ /dev/null

@@ -1,113 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.security.Security;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-public class RegressionTest
-{
-    public static Test[]    tests = {
-        new FIPSDESTest(),
-        new DESedeTest(),
-        new AESTest(),
-        new AEADTest(),
-        new CamelliaTest(),
-        new SEEDTest(),
-        new AESSICTest(),
-        new GOST28147Test(),
-        new PBETest(),
-        new BlockCipherTest(),
-        new MacTest(),
-        new HMacTest(),
-        new SealedTest(),
-        new RSATest(),
-        new DHTest(),
-        new DHIESTest(),
-        new DSATest(),
-        new ImplicitlyCaTest(),
-        new ECNRTest(),
-        new ECIESTest(),
-        new ECIESVectorTest(),
-        new ECDSA5Test(),
-        new GOST3410Test(),
-        new ElGamalTest(),
-        new IESTest(),
-        new SigTest(),
-        new CertTest(),
-        new PKCS10CertRequestTest(),
-        new EncryptedPrivateKeyInfoTest(),
-        new KeyStoreTest(),
-        new PKCS12StoreTest(),
-        new DigestTest(),
-        new PSSTest(),
-        new WrapTest(),
-        new DoFinalTest(),
-        new CipherStreamTest(),
-        new CipherStreamTest2(),
-        new NamedCurveTest(),
-        new PKIXTest(),
-        new NetscapeCertRequestTest(),
-        new X509StreamParserTest(),
-        new X509CertificatePairTest(),
-        new CertPathTest(),
-        new CertStoreTest(),
-        new CertPathValidatorTest(),
-        new CertPathBuilderTest(),
-        new ECEncodingTest(),
-        new AlgorithmParametersTest(),
-        new NISTCertPathTest(),
-        new PKIXPolicyMappingTest(),
-        new SlotTwoTest(),
-        new PKIXNameConstraintsTest(),
-        new MultiCertStoreTest(),
-        new NoekeonTest(),
-        new SerialisationTest(),
-        new SigNameTest(),
-        new MQVTest(),
-        new CMacTest(),
-        new GMacTest(),
-        new OCBTest(),
-        new DSTU4145Test(),
-        new CRL5Test(),
-        new Poly1305Test(),
-        new SipHashTest(),
-        new KeccakTest(),
-        new SkeinTest(),
-        new Shacal2Test(),
-        new DetDSATest(),
-        new ThreefishTest(),
-        new SM2SignatureTest(),
-        new SM4Test(),
-        new TLSKDFTest(),
-        new BCFKSStoreTest(),
-        new DSTU7624Test(),
-        new GOST3412Test(),
-        new GOST3410KeyPairTest(),
-        new EdECTest(),
-        new OpenSSHSpecTests(),
-        new SM2CipherTest()
-    };
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        System.out.println("Testing " + Security.getProvider("BC").getInfo() + " version: " + Security.getProvider("BC").getVersion());
-        
-        for (int i = 0; i != tests.length; i++)
-        {
-            TestResult  result = tests[i].perform();
-            
-            if (result.getException() != null)
-            {
-                result.getException().printStackTrace();
-            }
-            
-            System.out.println(result);
-        }
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SEEDTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SEEDTest.java
deleted file mode 100644
index 2036464..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SEEDTest.java
+++ /dev/null

@@ -1,175 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import org.bouncycastle.asn1.kisa.KISAObjectIdentifiers;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.encoders.Hex;
-
-import javax.crypto.Cipher;
-import javax.crypto.CipherInputStream;
-import javax.crypto.CipherOutputStream;
-import javax.crypto.spec.SecretKeySpec;
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.DataInputStream;
-import java.io.IOException;
-import java.security.Key;
-import java.security.Security;
-
-/**
- * basic test class for SEED
- */
-public class SEEDTest
-    extends BaseBlockCipherTest
-{
-    static String[] cipherTests =
-    {
-        "128",
-        "28DBC3BC49FFD87DCFA509B11D422BE7",
-        "B41E6BE2EBA84A148E2EED84593C5EC7",
-        "9B9B7BFCD1813CB95D0B3618F40F5122"
-    };
-
-    public SEEDTest()
-    {
-        super("SEED");
-    }
-
-    public void test(
-        int         strength,
-        byte[]      keyBytes,
-        byte[]      input,
-        byte[]      output)
-        throws Exception
-    {
-        Key key;
-        Cipher in, out;
-        CipherInputStream cIn;
-        CipherOutputStream cOut;
-        ByteArrayInputStream bIn;
-        ByteArrayOutputStream bOut;
-
-        key = new SecretKeySpec(keyBytes, "SEED");
-
-        in = Cipher.getInstance("SEED/ECB/NoPadding", "BC");
-        out = Cipher.getInstance("SEED/ECB/NoPadding", "BC");
-
-        try
-        {
-            out.init(Cipher.ENCRYPT_MODE, key);
-        }
-        catch (Exception e)
-        {
-            fail("SEED failed initialisation - " + e.toString(), e);
-        }
-
-        try
-        {
-            in.init(Cipher.DECRYPT_MODE, key);
-        }
-        catch (Exception e)
-        {
-            fail("SEED failed initialisation - " + e.toString(), e);
-        }
-
-        //
-        // encryption pass
-        //
-        bOut = new ByteArrayOutputStream();
-
-        cOut = new CipherOutputStream(bOut, out);
-
-        try
-        {
-            for (int i = 0; i != input.length / 2; i++)
-            {
-                cOut.write(input[i]);
-            }
-            cOut.write(input, input.length / 2, input.length - input.length / 2);
-            cOut.close();
-        }
-        catch (IOException e)
-        {
-            fail("SEED failed encryption - " + e.toString(), e);
-        }
-
-        byte[]    bytes;
-
-        bytes = bOut.toByteArray();
-
-        if (!areEqual(bytes, output))
-        {
-            fail("SEED failed encryption - expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(bytes)));
-        }
-
-        //
-        // decryption pass
-        //
-        bIn = new ByteArrayInputStream(bytes);
-
-        cIn = new CipherInputStream(bIn, in);
-
-        try
-        {
-            DataInputStream dIn = new DataInputStream(cIn);
-
-            bytes = new byte[input.length];
-
-            for (int i = 0; i != input.length / 2; i++)
-            {
-                bytes[i] = (byte)dIn.read();
-            }
-            dIn.readFully(bytes, input.length / 2, bytes.length - input.length / 2);
-        }
-        catch (Exception e)
-        {
-            fail("SEED failed encryption - " + e.toString(), e);
-        }
-
-        if (!areEqual(bytes, input))
-        {
-            fail("SEED failed decryption - expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(bytes)));
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        for (int i = 0; i != cipherTests.length; i += 4)
-        {
-            test(Integer.parseInt(cipherTests[i]),
-                            Hex.decode(cipherTests[i + 1]),
-                            Hex.decode(cipherTests[i + 2]),
-                            Hex.decode(cipherTests[i + 3]));
-        }
-
-        byte[]  kek1 = Hex.decode("000102030405060708090a0b0c0d0e0f");
-        byte[]  in1 = Hex.decode("00112233445566778899aabbccddeeff");
-        byte[]  out1 = Hex.decode("bf71f77138b5afea05232a8dad54024e812dc8dd7d132559");
-
-        wrapTest(1, "SEEDWrap", kek1, in1, out1);
-
-        String[] oids = {
-                KISAObjectIdentifiers.id_seedCBC.getId()
-        };
-
-        String[] names = {
-                "SEED/CBC/PKCS7Padding"
-        };
-
-        oidTest(oids, names, 1);
-
-        String[] wrapOids = {
-                KISAObjectIdentifiers.id_npki_app_cmsSeed_wrap.getId()
-        };
-
-        wrapOidTest(wrapOids, "SEEDWrap");
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new SEEDTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SM2CipherTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SM2CipherTest.java
deleted file mode 100644
index e2782ec..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SM2CipherTest.java
+++ /dev/null

@@ -1,118 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.math.BigInteger;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.Security;
-
-import javax.crypto.Cipher;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
-import org.bouncycastle.crypto.params.ECDomainParameters;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECParameterSpec;
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestRandomBigInteger;
-
-public class SM2CipherTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "SM2Cipher";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        BigInteger SM2_ECC_P = new BigInteger("8542D69E4C044F18E8B92435BF6FF7DE457283915C45517D722EDB8B08F1DFC3", 16);
-        BigInteger SM2_ECC_A = new BigInteger("787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E498", 16);
-        BigInteger SM2_ECC_B = new BigInteger("63E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A", 16);
-        BigInteger SM2_ECC_N = new BigInteger("8542D69E4C044F18E8B92435BF6FF7DD297720630485628D5AE74EE7C32E79B7", 16);
-        BigInteger SM2_ECC_H = ECConstants.ONE;
-        BigInteger SM2_ECC_GX = new BigInteger("421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D", 16);
-        BigInteger SM2_ECC_GY = new BigInteger("0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2", 16);
-
-        ECCurve curve = new ECCurve.Fp(SM2_ECC_P, SM2_ECC_A, SM2_ECC_B, SM2_ECC_N, SM2_ECC_H);
-
-        ECPoint g = curve.createPoint(SM2_ECC_GX, SM2_ECC_GY);
-        ECDomainParameters domainParams = new ECDomainParameters(curve, g, SM2_ECC_N);
-
-        KeyPairGenerator keyPairGenerator = KeyPairGenerator.getInstance("EC", "BC");
-
-        ECParameterSpec aKeyGenParams = new ECParameterSpec(domainParams.getCurve(), domainParams.getG(), domainParams.getN(), domainParams.getH());
-
-        keyPairGenerator.initialize(aKeyGenParams, new TestRandomBigInteger("1649AB77A00637BD5E2EFE283FBF353534AA7F7CB89463F208DDBC2920BB0DA0", 16));
-
-        KeyPair aKp = keyPairGenerator.generateKeyPair();
-
-        Cipher sm2Engine = Cipher.getInstance("SM2", "BC");
-
-        byte[] m = Strings.toByteArray("encryption standard");
-
-        sm2Engine.init(Cipher.ENCRYPT_MODE, aKp.getPublic(), new TestRandomBigInteger("4C62EEFD6ECFC2B95B92FD6C3D9575148AFA17425546D49018E5388D49DD7B4F", 16));
-
-        byte[] enc = sm2Engine.doFinal(m);
-
-        isTrue("enc wrong", Arrays.areEqual(Hex.decode(
-            "04245C26 FB68B1DD DDB12C4B 6BF9F2B6 D5FE60A3 83B0D18D 1C4144AB F17F6252" +
-            "E776CB92 64C2A7E8 8E52B199 03FDC473 78F605E3 6811F5C0 7423A24B 84400F01" +
-            "B8650053 A89B41C4 18B0C3AA D00D886C 00286467 9C3D7360 C30156FA B7C80A02" +
-            "76712DA9 D8094A63 4B766D3A 285E0748 0653426D"), enc));
-
-        sm2Engine.init(Cipher.DECRYPT_MODE, aKp.getPrivate());
-
-        byte[] dec = sm2Engine.doFinal(enc);
-
-        isTrue("dec wrong", Arrays.areEqual(m, dec));
-        
-        testAlgorithm(aKp, "SM2", GMObjectIdentifiers.sm2encrypt_with_sm3);
-        testAlgorithm(aKp, "SM2withSM3", GMObjectIdentifiers.sm2encrypt_with_sm3);
-        testAlgorithm(aKp, "SM2withBlake2b", GMObjectIdentifiers.sm2encrypt_with_blake2b512);
-        testAlgorithm(aKp, "SM2withBlake2s", GMObjectIdentifiers.sm2encrypt_with_blake2s256);
-        testAlgorithm(aKp, "SM2withMD5", GMObjectIdentifiers.sm2encrypt_with_md5);
-        testAlgorithm(aKp, "SM2withRIPEMD160", GMObjectIdentifiers.sm2encrypt_with_rmd160);
-        testAlgorithm(aKp, "SM2withWhirlpool", GMObjectIdentifiers.sm2encrypt_with_whirlpool);
-        testAlgorithm(aKp, "SM2withSHA1", GMObjectIdentifiers.sm2encrypt_with_sha1);
-        testAlgorithm(aKp, "SM2withSHA224", GMObjectIdentifiers.sm2encrypt_with_sha224);
-        testAlgorithm(aKp, "SM2withSHA256", GMObjectIdentifiers.sm2encrypt_with_sha256);
-        testAlgorithm(aKp, "SM2withSHA384", GMObjectIdentifiers.sm2encrypt_with_sha384);
-        testAlgorithm(aKp, "SM2withSHA512", GMObjectIdentifiers.sm2encrypt_with_sha512);
-    }
-
-    private void testAlgorithm(KeyPair kp, String name, ASN1ObjectIdentifier oid)
-        throws Exception
-    {
-        Cipher sm2Engine1 = Cipher.getInstance(name, "BC");
-        Cipher sm2Engine2 = Cipher.getInstance(oid.getId(), "BC");
-        
-        byte[] m = Strings.toByteArray("encryption standard");
-
-        sm2Engine1.init(Cipher.ENCRYPT_MODE, kp.getPublic(), new TestRandomBigInteger("4C62EEFD6ECFC2B95B92FD6C3D9575148AFA17425546D49018E5388D49DD7B4F", 16));
-
-        byte[] enc = sm2Engine1.doFinal(m);
-
-        isTrue(enc.length == sm2Engine1.getOutputSize(m.length));
-
-        sm2Engine2.init(Cipher.DECRYPT_MODE, kp.getPrivate());
-
-        byte[] dec = sm2Engine2.doFinal(enc);
-
-        isTrue("dec wrong", Arrays.areEqual(m, dec));
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new SM2CipherTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SM2SignatureTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SM2SignatureTest.java
deleted file mode 100644
index b23feff..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SM2SignatureTest.java
+++ /dev/null

@@ -1,108 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.math.BigInteger;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.Security;
-import java.security.Signature;
-
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.jcajce.spec.SM2ParameterSpec;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECParameterSpec;
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.util.test.TestRandomBigInteger;
-
-public class SM2SignatureTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "SM2";
-    }
-
-    private void doSignerTestFp()
-        throws Exception
-    {
-        BigInteger SM2_ECC_P = new BigInteger("8542D69E4C044F18E8B92435BF6FF7DE457283915C45517D722EDB8B08F1DFC3", 16);
-        BigInteger SM2_ECC_A = new BigInteger("787968B4FA32C3FD2417842E73BBFEFF2F3C848B6831D7E0EC65228B3937E498", 16);
-        BigInteger SM2_ECC_B = new BigInteger("63E4C6D3B23B0C849CF84241484BFE48F61D59A5B16BA06E6E12D1DA27C5249A", 16);
-        BigInteger SM2_ECC_N = new BigInteger("8542D69E4C044F18E8B92435BF6FF7DD297720630485628D5AE74EE7C32E79B7", 16);
-        BigInteger SM2_ECC_H = ECConstants.ONE;
-        BigInteger SM2_ECC_GX = new BigInteger("421DEBD61B62EAB6746434EBC3CC315E32220B3BADD50BDC4C4E6C147FEDD43D", 16);
-        BigInteger SM2_ECC_GY = new BigInteger("0680512BCBB42C07D47349D2153B70C4E5D7FDFCBFA36EA1A85841B9E46E09A2", 16);
-
-        ECCurve curve = new ECCurve.Fp(SM2_ECC_P, SM2_ECC_A, SM2_ECC_B, SM2_ECC_N, SM2_ECC_H);
-
-        ECPoint g = curve.createPoint(SM2_ECC_GX, SM2_ECC_GY);
-
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("EC", "BC");
-
-        kpGen.initialize(new ECParameterSpec(curve, g, SM2_ECC_N), new TestRandomBigInteger("128B2FA8BD433C6C068C8D803DFF79792A519A55171B1B650C23661D15897263", 16));
-
-        KeyPair kp = kpGen.generateKeyPair();
-
-        Signature signer = Signature.getInstance("SM3withSM2", "BC");
-
-        signer.setParameter(new SM2ParameterSpec(Strings.toByteArray("ALICE123@YAHOO.COM")));
-
-        // repetition test
-        final int times = 2;
-        String random = "";
-        for (int i = 0; i < times; i++) {
-            random += "6CB28D99385C175C94F94E934817663FC176D925DD72B727260DBAAE1FB2F96F";
-        }
-        signer.initSign(kp.getPrivate(),
-                    new TestRandomBigInteger(random, 16));
-
-        byte[] msg = Strings.toByteArray("message digest");
-
-        Signature verifier = Signature.getInstance("SM3withSM2", "BC");
-
-        verifier.setParameter(new SM2ParameterSpec(Strings.toByteArray("ALICE123@YAHOO.COM")));
-
-        verifier.initVerify(kp.getPublic());
-
-        for (int i = 0; i < times; i++) {
-            signer.update(msg, 0, msg.length);
-
-            byte[] sig = signer.sign();
-
-            BigInteger[] rs = decode(sig);
-
-            isTrue("r wrong", rs[0].equals(new BigInteger("40F1EC59F793D9F49E09DCEF49130D4194F79FB1EED2CAA55BACDB49C4E755D1", 16)));
-            isTrue("s wrong", rs[1].equals(new BigInteger("6FC6DAC32C5D5CF10C77DFB20F7C2EB667A457872FB09EC56327A67EC7DEEBE7", 16)));
-
-            verifier.update(msg, 0, msg.length);
-
-            isTrue("verification failed i=" + i, verifier.verify(sig));
-        }
-    }
-
-    private static BigInteger[] decode(byte[] sig)
-    {
-        ASN1Sequence s = ASN1Sequence.getInstance(sig);
-
-        return new BigInteger[] { ASN1Integer.getInstance(s.getObjectAt(0)).getValue(),
-            ASN1Integer.getInstance(s.getObjectAt(1)).getValue() };
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        doSignerTestFp();
-    }
-    
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new SM2SignatureTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SM4Test.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SM4Test.java
deleted file mode 100644
index 428a9cf..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SM4Test.java
+++ /dev/null

@@ -1,153 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.DataInputStream;
-import java.io.IOException;
-import java.security.Key;
-import java.security.Security;
-
-import javax.crypto.Cipher;
-import javax.crypto.CipherInputStream;
-import javax.crypto.CipherOutputStream;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.encoders.Hex;
-
-/**
- * basic test class for SM4
- */
-public class SM4Test
-    extends BaseBlockCipherTest
-{
-    static String[] cipherTests =
-    {
-        "128",
-        "0123456789abcdeffedcba9876543210",
-        "0123456789abcdeffedcba9876543210",
-        "681edf34d206965e86b3e94f536e4246"
-    };
-
-    public SM4Test()
-    {
-        super("SM4");
-    }
-
-    public void test(
-        int         strength,
-        byte[]      keyBytes,
-        byte[]      input,
-        byte[]      output)
-        throws Exception
-    {
-        Key key;
-        Cipher in, out;
-        CipherInputStream cIn;
-        CipherOutputStream cOut;
-        ByteArrayInputStream bIn;
-        ByteArrayOutputStream bOut;
-
-        key = new SecretKeySpec(keyBytes, "SM4");
-
-        in = Cipher.getInstance("SM4/ECB/NoPadding", "BC");
-        out = Cipher.getInstance("SM4/ECB/NoPadding", "BC");
-
-        try
-        {
-            out.init(Cipher.ENCRYPT_MODE, key);
-        }
-        catch (Exception e)
-        {
-            fail("SM4 failed initialisation - " + e.toString(), e);
-        }
-
-        try
-        {
-            in.init(Cipher.DECRYPT_MODE, key);
-        }
-        catch (Exception e)
-        {
-            fail("SM4 failed initialisation - " + e.toString(), e);
-        }
-
-        //
-        // encryption pass
-        //
-        bOut = new ByteArrayOutputStream();
-
-        cOut = new CipherOutputStream(bOut, out);
-
-        try
-        {
-            for (int i = 0; i != input.length / 2; i++)
-            {
-                cOut.write(input[i]);
-            }
-            cOut.write(input, input.length / 2, input.length - input.length / 2);
-            cOut.close();
-        }
-        catch (IOException e)
-        {
-            fail("SM4 failed encryption - " + e.toString(), e);
-        }
-
-        byte[]    bytes;
-
-        bytes = bOut.toByteArray();
-
-        if (!areEqual(bytes, output))
-        {
-            fail("SM4 failed encryption - expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(bytes)));
-        }
-
-        //
-        // decryption pass
-        //
-        bIn = new ByteArrayInputStream(bytes);
-
-        cIn = new CipherInputStream(bIn, in);
-
-        try
-        {
-            DataInputStream dIn = new DataInputStream(cIn);
-
-            bytes = new byte[input.length];
-
-            for (int i = 0; i != input.length / 2; i++)
-            {
-                bytes[i] = (byte)dIn.read();
-            }
-            dIn.readFully(bytes, input.length / 2, bytes.length - input.length / 2);
-        }
-        catch (Exception e)
-        {
-            fail("SM4 failed encryption - " + e.toString(), e);
-        }
-
-        if (!areEqual(bytes, input))
-        {
-            fail("SM4 failed decryption - expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(bytes)));
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        for (int i = 0; i != cipherTests.length; i += 4)
-        {
-            test(Integer.parseInt(cipherTests[i]),
-                            Hex.decode(cipherTests[i + 1]),
-                            Hex.decode(cipherTests[i + 2]),
-                            Hex.decode(cipherTests[i + 3]));
-        }
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new SM4Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SealedTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SealedTest.java
deleted file mode 100644
index 9a7e314..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SealedTest.java
+++ /dev/null

@@ -1,79 +0,0 @@
-
-package org.bouncycastle.jce.provider.test;
-
-import java.security.Key;
-import java.security.Security;
-
-import javax.crypto.Cipher;
-import javax.crypto.KeyGenerator;
-import javax.crypto.SealedObject;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-public class SealedTest
-    implements Test
-{
-    final static String provider = "BC";
-
-    public String getName()
-    {
-        return "SealedObject";
-    }
-
-    public TestResult perform()
-    {
-        try
-        {
-            KeyGenerator keyGen = KeyGenerator.getInstance("DES", provider);
-            Key key = keyGen.generateKey();
-            Cipher c = Cipher.getInstance("DES/ECB/PKCS5Padding", provider);
-
-            c.init(Cipher.ENCRYPT_MODE, key);
-            String object = "Hello world";
-            SealedObject so = new SealedObject(object, c);
-            c.init(Cipher.DECRYPT_MODE, key);
-
-            Object o = so.getObject(c);
-            if (!o.equals(object))
-            {
-                return new SimpleTestResult(false, "Result object 1 not equal"
-                        + "orig: " + object + " res: " + o);
-            }
-
-            o = so.getObject(key);
-            if (!o.equals(object))
-            {
-                return new SimpleTestResult(false, "Result object 2 not equal"
-                        + "orig: " + object + " res: " + o);
-            }
-
-            o = so.getObject(key, provider);
-            if (!o.equals(object))
-            {
-                return new SimpleTestResult(false, "Result object 3 not equal"
-                        + "orig: " + object + " res: " + o);
-            }
-
-            return new SimpleTestResult(true, getName() + ": Okay");
-        }
-        catch (Exception e)
-        {
-            return new SimpleTestResult(false, getName()
-                    + ": failed excpetion - " + e.toString(), e);
-        }
-    }
-
-    public static void main(String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        Test            test = new SealedTest();
-        TestResult      result = test.perform();
-
-        System.out.println(result.toString());
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SerialisationTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SerialisationTest.java
deleted file mode 100644
index 6d04f97..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SerialisationTest.java
+++ /dev/null

@@ -1,342 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.math.BigInteger;
-import java.security.interfaces.DSAPrivateKey;
-import java.security.interfaces.DSAPublicKey;
-import java.security.interfaces.RSAPrivateCrtKey;
-import java.security.interfaces.RSAPublicKey;
-
-import javax.crypto.interfaces.DHPrivateKey;
-import javax.crypto.interfaces.DHPublicKey;
-
-import org.bouncycastle.jce.interfaces.ElGamalPrivateKey;
-import org.bouncycastle.jce.interfaces.ElGamalPublicKey;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class SerialisationTest
-    extends SimpleTest
-{
-    private static BigInteger mod = new BigInteger("69919157209851583596607278525201743749468350078269839551939850344506918649679");
-    private static BigInteger pubExp = new BigInteger("65537");
-    private static BigInteger privExp = new BigInteger("6387323103214694462561419908301918608189256611651974386490887304224030221257");
-    private static BigInteger crtExp = new BigInteger("49050879172577973803420172068797326635");
-    private static BigInteger p = new BigInteger("272712035519670228866910009292918035133");
-    private static BigInteger q = new BigInteger("256384567247338962716621434774670631163");
-    private static BigInteger expP = new BigInteger("121540093892892992427860713054115232161");
-    private static BigInteger expQ = new BigInteger("169333445127196347119779037859859594883");
-
-    private static byte[] rsaPub = Base64.decode(
-                "rO0ABXNyAC1vcmcuYm91bmN5Y2FzdGxlLmpjZS5wcm92aWRlci5KQ0VSU0FQdWJsaWNLZXklImoOW/pshAIAAkwAB21vZHV"
-              + "sdXN0ABZMamF2YS9tYXRoL0JpZ0ludGVnZXI7TAAOcHVibGljRXhwb25lbnRxAH4AAXhwc3IAFGphdmEubWF0aC5CaWdJbn"
-              + "RlZ2VyjPyfH6k7+x0DAAZJAAhiaXRDb3VudEkACWJpdExlbmd0aEkAE2ZpcnN0Tm9uemVyb0J5dGVOdW1JAAxsb3dlc3RTZ"
-              + "XRCaXRJAAZzaWdudW1bAAltYWduaXR1ZGV0AAJbQnhyABBqYXZhLmxhbmcuTnVtYmVyhqyVHQuU4IsCAAB4cP//////////"
-              + "/////v////4AAAABdXIAAltCrPMX+AYIVOACAAB4cAAAACCalNcvvJNMM944KWzzuH2MXkKbiW10OEzGQb9B9MM/T3hzcQB"
-              + "+AAP///////////////7////+AAAAAXVxAH4ABwAAAAMBAAF4");
-
-    private static byte[] rsaPriv = Base64.decode(
-                "rO0ABXNyADFvcmcuYm91bmN5Y2FzdGxlLmpjZS5wcm92aWRlci5KQ0VSU0FQcml2YXRlQ3J0S2V5bLqHzgJzVS4CAAZMAA5"
-              + "jcnRDb2VmZmljaWVudHQAFkxqYXZhL21hdGgvQmlnSW50ZWdlcjtMAA5wcmltZUV4cG9uZW50UHEAfgABTAAOcHJpbWVFeH"
-              + "BvbmVudFFxAH4AAUwABnByaW1lUHEAfgABTAAGcHJpbWVRcQB+AAFMAA5wdWJsaWNFeHBvbmVudHEAfgABeHIALm9yZy5ib"
-              + "3VuY3ljYXN0bGUuamNlLnByb3ZpZGVyLkpDRVJTQVByaXZhdGVLZXlG6wnAB89BHAMABEwAB21vZHVsdXNxAH4AAUwAEHBr"
-              + "Y3MxMkF0dHJpYnV0ZXN0ABVMamF2YS91dGlsL0hhc2h0YWJsZTtMAA5wa2NzMTJPcmRlcmluZ3QAEkxqYXZhL3V0aWwvVmV"
-              + "jdG9yO0wAD3ByaXZhdGVFeHBvbmVudHEAfgABeHBzcgAUamF2YS5tYXRoLkJpZ0ludGVnZXKM/J8fqTv7HQMABkkACGJpdE"
-              + "NvdW50SQAJYml0TGVuZ3RoSQATZmlyc3ROb256ZXJvQnl0ZU51bUkADGxvd2VzdFNldEJpdEkABnNpZ251bVsACW1hZ25pd"
-              + "HVkZXQAAltCeHIAEGphdmEubGFuZy5OdW1iZXKGrJUdC5TgiwIAAHhw///////////////+/////gAAAAF1cgACW0Ks8xf4"
-              + "BghU4AIAAHhwAAAAIJqU1y+8k0wz3jgpbPO4fYxeQpuJbXQ4TMZBv0H0wz9PeHNyABNqYXZhLnV0aWwuSGFzaHRhYmxlE7s"
-              + "PJSFK5LgDAAJGAApsb2FkRmFjdG9ySQAJdGhyZXNob2xkeHA/QAAAAAAACHcIAAAACwAAAAB4c3IAEGphdmEudXRpbC5WZW"
-              + "N0b3LZl31bgDuvAQMAA0kAEWNhcGFjaXR5SW5jcmVtZW50SQAMZWxlbWVudENvdW50WwALZWxlbWVudERhdGF0ABNbTGphd"
-              + "mEvbGFuZy9PYmplY3Q7eHAAAAAAAAAAAHVyABNbTGphdmEubGFuZy5PYmplY3Q7kM5YnxBzKWwCAAB4cAAAAApwcHBwcHBw"
-              + "cHBweHNxAH4ABv///////////////v////4AAAABdXEAfgAKAAAAIA4fGMVoocAtYNiamDRvnzBmMv/l8FibkQsOUJjxrmP"
-              + "JeHhzcQB+AAb///////////////7////+AAAAAXVxAH4ACgAAABAk5tsPIq2YfF0nfLPvAKUreHNxAH4ABv////////////"
-              + "///v////4AAAABdXEAfgAKAAAAEFtvxUfS67k0bWmAU9/geaF4c3EAfgAG///////////////+/////gAAAAF1cQB+AAoAA"
-              + "AAQf2RvbOpsxhCjGK1vhd7+g3hzcQB+AAb///////////////7////+AAAAAXVxAH4ACgAAABDNKm1zRn/cYal03dRjdxK9"
-              + "eHNxAH4ABv///////////////v////4AAAABdXEAfgAKAAAAEMDh3xza3MJ4XNak/35BYPt4c3EAfgAG///////////////"
-              + "+/////gAAAAF1cQB+AAoAAAADAQABeA==");
-
-    private static byte[] rsaPub2 = Base64.decode(
-                 "rO0ABXNyAD5vcmcuYm91bmN5Y2FzdGxlLmpjYWpjZS5wcm92aWRlci5hc3ltbWV0cmljLnJzYS5CQ1JTQVB1YmxpY0tleS"
-              +  "Uiag5b+myEAgACTAAHbW9kdWx1c3QAFkxqYXZhL21hdGgvQmlnSW50ZWdlcjtMAA5wdWJsaWNFeHBvbmVudHEAfgABeHBz"
-              +  "cgAUamF2YS5tYXRoLkJpZ0ludGVnZXKM/J8fqTv7HQMABkkACGJpdENvdW50SQAJYml0TGVuZ3RoSQATZmlyc3ROb256ZXJvQnl0ZU51bUkADGxvd2VzdFNldEJpdEkABnNpZ251bVsACW1hZ25pdHVkZXQAAltCeHIAEGphdmEubGFuZy5OdW1iZXKGrJUdC5TgiwIAAHhw///////////////+/////gAAAAF1cgACW0Ks8xf4BghU4AIAAHhwAAAAIJqU1y+8k0wz3jgpbPO4fYxeQpuJbXQ4TMZBv0H0wz9PeHNxAH4AA////////////////v////4AAAABdXEAfgAHAAAAAwEAAXg=");
-
-    private static BigInteger elGamalY = new BigInteger("89822212135401014750127909969755994242838935150891306006689219384134393835581");
-    private static BigInteger elGamalX = new BigInteger("23522982289275336984843296896007818700866293719703239515258104457243931686357");
-    private static BigInteger elGamalG = new BigInteger("29672625807664138507782226105202719390719480236799714903174779490259822385963");
-    private static BigInteger elGamalP = new BigInteger("98263422916834911205348180460395783697757584103849580149025105739079617780363");
-    
-    private static byte[] elGamalPub = Base64.decode(
-                "rO0ABXNyADFvcmcuYm91bmN5Y2FzdGxlLmpjZS5wcm92aWRlci5KQ0VFbEdhbWFsUHVibGljS2V5eOnUVVUsZjQDAAJMAAZ"
-              + "lbFNwZWN0ADBMb3JnL2JvdW5jeWNhc3RsZS9qY2Uvc3BlYy9FbEdhbWFsUGFyYW1ldGVyU3BlYztMAAF5dAAWTGphdmEvbW"
-              + "F0aC9CaWdJbnRlZ2VyO3hwc3IAFGphdmEubWF0aC5CaWdJbnRlZ2VyjPyfH6k7+x0DAAZJAAhiaXRDb3VudEkACWJpdExlb"
-              + "md0aEkAE2ZpcnN0Tm9uemVyb0J5dGVOdW1JAAxsb3dlc3RTZXRCaXRJAAZzaWdudW1bAAltYWduaXR1ZGV0AAJbQnhyABBq"
-              + "YXZhLmxhbmcuTnVtYmVyhqyVHQuU4IsCAAB4cP///////////////v////4AAAABdXIAAltCrPMX+AYIVOACAAB4cAAAACD"
-              + "GlZIJNbVQCnj4wiR0o8gGbKtJEWJBllz8NAELXcqwPXhzcQB+AAT///////////////7////+AAAAAXVxAH4ACAAAACDZPy"
-              + "BetQ1Ed8NUnTfXb+MBhFVK1KRe2LzQP7oVz2Kai3hzcQB+AAT///////////////7////+AAAAAXVxAH4ACAAAACBBmhxth"
-              + "0FhU4SsG01Wjyi1dlZFZvOy1zFC12XRGO8bK3h4");
-
-    private static byte[] elGamalPriv = Base64.decode(
-                "rO0ABXNyADJvcmcuYm91bmN5Y2FzdGxlLmpjZS5wcm92aWRlci5KQ0VFbEdhbWFsUHJpdmF0ZUtleULhxV+2vMBOAwAETAA"
-              + "GZWxTcGVjdAAwTG9yZy9ib3VuY3ljYXN0bGUvamNlL3NwZWMvRWxHYW1hbFBhcmFtZXRlclNwZWM7TAAQcGtjczEyQXR0cm"
-              + "lidXRlc3QAFUxqYXZhL3V0aWwvSGFzaHRhYmxlO0wADnBrY3MxMk9yZGVyaW5ndAASTGphdmEvdXRpbC9WZWN0b3I7TAABe"
-              + "HQAFkxqYXZhL21hdGgvQmlnSW50ZWdlcjt4cHNyABRqYXZhLm1hdGguQmlnSW50ZWdlcoz8nx+pO/sdAwAGSQAIYml0Q291"
-              + "bnRJAAliaXRMZW5ndGhJABNmaXJzdE5vbnplcm9CeXRlTnVtSQAMbG93ZXN0U2V0Qml0SQAGc2lnbnVtWwAJbWFnbml0dWR"
-              + "ldAACW0J4cgAQamF2YS5sYW5nLk51bWJlcoaslR0LlOCLAgAAeHD///////////////7////+AAAAAXVyAAJbQqzzF/gGCF"
-              + "TgAgAAeHAAAAAgNAGJQeYfM6ToYoA3ePFdEe7yh8hKecr+WZA0AwxrtdV4c3EAfgAG///////////////+/////gAAAAF1c"
-              + "QB+AAoAAAAg2T8gXrUNRHfDVJ0312/jAYRVStSkXti80D+6Fc9imot4c3EAfgAG///////////////+/////gAAAAF1cQB+"
-              + "AAoAAAAgQZocbYdBYVOErBtNVo8otXZWRWbzstcxQtdl0RjvGyt4eA==");
-
-    private static BigInteger dhY = new BigInteger("1925747248304483170395506065378568192931506039297732684689153183373019672434");
-    private static BigInteger dhX = new BigInteger("3");
-    private static BigInteger dhG = new BigInteger("3493483775405590747011712302510626058005717040655777294576367636428413099058");
-    private static BigInteger dhP = new BigInteger("106557663805518855012633095511067237673895862256610675920943888960856082029127");
-
-    private static byte[] dhPub = Base64.decode(
-                "rO0ABXNyACxvcmcuYm91bmN5Y2FzdGxlLmpjZS5wcm92aWRlci5KQ0VESFB1YmxpY0tlefz+KCkPI+T8AwACTAAGZGhTcGV"
-              + "jdAAjTGphdmF4L2NyeXB0by9zcGVjL0RIUGFyYW1ldGVyU3BlYztMAAF5dAAWTGphdmEvbWF0aC9CaWdJbnRlZ2VyO3hwc3"
-              + "IAFGphdmEubWF0aC5CaWdJbnRlZ2VyjPyfH6k7+x0DAAZJAAhiaXRDb3VudEkACWJpdExlbmd0aEkAE2ZpcnN0Tm9uemVyb"
-              + "0J5dGVOdW1JAAxsb3dlc3RTZXRCaXRJAAZzaWdudW1bAAltYWduaXR1ZGV0AAJbQnhyABBqYXZhLmxhbmcuTnVtYmVyhqyV"
-              + "HQuU4IsCAAB4cP///////////////v////4AAAABdXIAAltCrPMX+AYIVOACAAB4cAAAACAEQe8vYXxZPS5oAUy0e0yRYxK"
-              + "EAO3GjhMWZKNw8flvcnhzcQB+AAT///////////////7////+AAAAAXVxAH4ACAAAACDrlYAb5zOABHPgsK6oIKtMFgPD3v"
-              + "nbTosOnokaSVsaR3hzcQB+AAT///////////////7////+AAAAAXVxAH4ACAAAACAHuT3jEhOVRGfaKdFOX6J2vDYxiMPQW"
-              + "ljjL/3Xz85cMnh3BAAAAAB4");
-
-    private static byte[] dhPriv = Base64.decode(
-                "rO0ABXNyAC1vcmcuYm91bmN5Y2FzdGxlLmpjZS5wcm92aWRlci5KQ0VESFByaXZhdGVLZXkEURpYQRlitAMABEwABmRoU3B"
-              + "lY3QAI0xqYXZheC9jcnlwdG8vc3BlYy9ESFBhcmFtZXRlclNwZWM7TAAQcGtjczEyQXR0cmlidXRlc3QAFUxqYXZhL3V0aW"
-              + "wvSGFzaHRhYmxlO0wADnBrY3MxMk9yZGVyaW5ndAASTGphdmEvdXRpbC9WZWN0b3I7TAABeHQAFkxqYXZhL21hdGgvQmlnS"
-              + "W50ZWdlcjt4cHNyABRqYXZhLm1hdGguQmlnSW50ZWdlcoz8nx+pO/sdAwAGSQAIYml0Q291bnRJAAliaXRMZW5ndGhJABNm"
-              + "aXJzdE5vbnplcm9CeXRlTnVtSQAMbG93ZXN0U2V0Qml0SQAGc2lnbnVtWwAJbWFnbml0dWRldAACW0J4cgAQamF2YS5sYW5"
-              + "nLk51bWJlcoaslR0LlOCLAgAAeHD///////////////7////+AAAAAXVyAAJbQqzzF/gGCFTgAgAAeHAAAAABA3hzcQB+AA"
-              + "b///////////////7////+AAAAAXVxAH4ACgAAACDrlYAb5zOABHPgsK6oIKtMFgPD3vnbTosOnokaSVsaR3hzcQB+AAb//"
-              + "/////////////7////+AAAAAXVxAH4ACgAAACAHuT3jEhOVRGfaKdFOX6J2vDYxiMPQWljjL/3Xz85cMnh3BAAAAAB4");
-
-    private static BigInteger dsaY = new BigInteger("6189794363048388077684611193598066807847399153242870209962581468350882042922904596556915269714052441467859854436813271130403014368908908961326314287317209");
-    private static BigInteger dsaX = new BigInteger("45673695048287886591258561084679393738177012644");
-    private static BigInteger dsaG = new BigInteger("3245524385217980657302535456606469153364622623109429686740209357408427939040123729832874550911504858612362156241316117434271994372338032643547044203024422");
-    private static BigInteger dsaP = new BigInteger("8836853285188714261909188099204635517862922237850722644742752953058083563923137941667883080809922365262319540202714582925718707421743492259382127680083261");
-
-    private static byte[] dsaPub = Base64.decode(
-                "rO0ABXNyAC1vcmcuYm91bmN5Y2FzdGxlLmpjZS5wcm92aWRlci5KREtEU0FQdWJsaWNLZXkYUfY34kLIBwMAAkwAB2RzYVN"
-              + "wZWN0ACRMamF2YS9zZWN1cml0eS9pbnRlcmZhY2VzL0RTQVBhcmFtcztMAAF5dAAWTGphdmEvbWF0aC9CaWdJbnRlZ2VyO3"
-              + "hwc3IAFGphdmEubWF0aC5CaWdJbnRlZ2VyjPyfH6k7+x0DAAZJAAhiaXRDb3VudEkACWJpdExlbmd0aEkAE2ZpcnN0Tm9ue"
-              + "mVyb0J5dGVOdW1JAAxsb3dlc3RTZXRCaXRJAAZzaWdudW1bAAltYWduaXR1ZGV0AAJbQnhyABBqYXZhLmxhbmcuTnVtYmVy"
-              + "hqyVHQuU4IsCAAB4cP///////////////v////4AAAABdXIAAltCrPMX+AYIVOACAAB4cAAAAEB2LxWpG2UqKz0HcWZwDii"
-              + "fO0+3sXqWwmnAnHw8HbPRbtJUozr0As4FX7loWxvWyV+CJDse2KwdxISyMmq6hMDZeHNxAH4ABP///////////////v////"
-              + "4AAAABdXEAfgAIAAAAQKi5o5xNZaCAFFAV6dWnHHjG0TVoA7d34RUNF0GhquH6BH/W3BvW4fy428+NPnCgUvJM9iLBTpuBn"
-              + "oepupEE1T14c3EAfgAE///////////////+/////gAAAAF1cQB+AAgAAAAU/tVyr5rbnY4WkK7C6NK21c9jn8V4c3EAfgAE"
-              + "///////////////+/////gAAAAF1cQB+AAgAAABAPffK8RBcfUspb5PsGDyjZf4Tqcmo5UhuaABmUnq8Vqb3P7jc1+LNaTh"
-              + "mUJSnjWQ4+kyCeeJgPH9d3iBd5blQJnh4");
-
-    private static byte[] dsaPriv = Base64.decode(
-                "rO0ABXNyAC5vcmcuYm91bmN5Y2FzdGxlLmpjZS5wcm92aWRlci5KREtEU0FQcml2YXRlS2V5vxcJOSU9rboDAANMAAthdHR"
-              + "yQ2FycmllcnQAPUxvcmcvYm91bmN5Y2FzdGxlL2pjZS9wcm92aWRlci9QS0NTMTJCYWdBdHRyaWJ1dGVDYXJyaWVySW1wbD"
-              + "tMAAdkc2FTcGVjdAAkTGphdmEvc2VjdXJpdHkvaW50ZXJmYWNlcy9EU0FQYXJhbXM7TAABeHQAFkxqYXZhL21hdGgvQmlnS"
-              + "W50ZWdlcjt4cHNyABRqYXZhLm1hdGguQmlnSW50ZWdlcoz8nx+pO/sdAwAGSQAIYml0Q291bnRJAAliaXRMZW5ndGhJABNm"
-              + "aXJzdE5vbnplcm9CeXRlTnVtSQAMbG93ZXN0U2V0Qml0SQAGc2lnbnVtWwAJbWFnbml0dWRldAACW0J4cgAQamF2YS5sYW5"
-              + "nLk51bWJlcoaslR0LlOCLAgAAeHD///////////////7////+AAAAAXVyAAJbQqzzF/gGCFTgAgAAeHAAAAAUCAAUTkau3a"
-              + "uChEXbN4isGH4aY6R4c3EAfgAF///////////////+/////gAAAAF1cQB+AAkAAABAqLmjnE1loIAUUBXp1acceMbRNWgDt"
-              + "3fhFQ0XQaGq4foEf9bcG9bh/Ljbz40+cKBS8kz2IsFOm4Geh6m6kQTVPXhzcQB+AAX///////////////7////+AAAAAXVx"
-              + "AH4ACQAAABT+1XKvmtudjhaQrsLo0rbVz2OfxXhzcQB+AAX///////////////7////+AAAAAXVxAH4ACQAAAEA998rxEFx"
-              + "9Sylvk+wYPKNl/hOpyajlSG5oAGZSerxWpvc/uNzX4s1pOGZQlKeNZDj6TIJ54mA8f13eIF3luVAmeHNyABNqYXZhLnV0aW"
-              + "wuSGFzaHRhYmxlE7sPJSFK5LgDAAJGAApsb2FkRmFjdG9ySQAJdGhyZXNob2xkeHA/QAAAAAAACHcIAAAACwAAAAB4c3IAE"
-              + "GphdmEudXRpbC5WZWN0b3LZl31bgDuvAQMAA0kAEWNhcGFjaXR5SW5jcmVtZW50SQAMZWxlbWVudENvdW50WwALZWxlbWVu"
-              + "dERhdGF0ABNbTGphdmEvbGFuZy9PYmplY3Q7eHAAAAAAAAAAAHVyABNbTGphdmEubGFuZy5PYmplY3Q7kM5YnxBzKWwCAAB"
-              + "4cAAAAApwcHBwcHBwcHBweHg=");
-
-    public String getName()
-    {
-        return "Serialisation";
-    }
-
-    public void performTest() throws Exception
-    {
-        rsaTest();
-        elGamalTest();
-        dhTest();
-        dsaTest();
-    }
-
-    private void rsaTest()
-        throws IOException, ClassNotFoundException
-    {
-        RSAPublicKey pub = (RSAPublicKey)readObject(rsaPub);
-
-        if (!mod.equals(pub.getModulus()))
-        {
-            fail("public key modulus mismatch");
-        }
-        if (!pubExp.equals(pub.getPublicExponent()))
-        {
-            fail("public key exponent mismatch");
-        }
-
-        RSAPublicKey pub2 = (RSAPublicKey)readObject(rsaPub2);
-
-        if (!mod.equals(pub2.getModulus()))
-        {
-            fail("public key 2 modulus mismatch");
-        }
-        if (!pubExp.equals(pub2.getPublicExponent()))
-        {
-            fail("public key 2 exponent mismatch");
-        }
-
-        RSAPrivateCrtKey priv = (RSAPrivateCrtKey)readObject(rsaPriv);
-
-        if (!mod.equals(priv.getModulus()))
-        {
-            fail("private key modulus mismatch");
-        }
-        if (!privExp.equals(priv.getPrivateExponent()))
-        {
-            fail("private key exponent mismatch");
-        }
-        if (!p.equals(priv.getPrimeP()))
-        {
-            fail("private key p mismatch");
-        }
-        if (!q.equals(priv.getPrimeQ()))
-        {
-            fail("private key q mismatch");
-        }
-        if (!expP.equals(priv.getPrimeExponentP()))
-        {
-            fail("private key p exponent mismatch");
-        }
-        if (!expQ.equals(priv.getPrimeExponentQ()))
-        {
-            fail("private key q exponent mismatch");
-        }
-        if (!crtExp.equals(priv.getCrtCoefficient()))
-        {
-            fail("private key crt exponent mismatch");
-        }
-    }
-
-    private void elGamalTest()
-        throws IOException, ClassNotFoundException
-    {
-        ElGamalPublicKey pub = (ElGamalPublicKey)readObject(elGamalPub);
-
-        if (!elGamalY.equals(pub.getY()))
-        {
-            fail("public key y mismatch");
-        }
-        if (!elGamalG.equals(pub.getParameters().getG()))
-        {
-            fail("public key g mismatch");
-        }
-        if (!elGamalP.equals(pub.getParameters().getP()))
-        {
-            fail("public key p mismatch");
-        }
-        
-        ElGamalPrivateKey priv = (ElGamalPrivateKey)readObject(elGamalPriv);
-
-        if (!elGamalX.equals(priv.getX()))
-        {
-            fail("private key x mismatch");
-        }
-        if (!elGamalG.equals(priv.getParameters().getG()))
-        {
-            fail("private key g mismatch");
-        }
-        if (!elGamalP.equals(priv.getParameters().getP()))
-        {
-            fail("private key p mismatch");
-        }
-    }
-
-    private void dhTest()
-        throws IOException, ClassNotFoundException
-    {
-        DHPublicKey pub = (DHPublicKey)readObject(dhPub);
-
-        if (!dhY.equals(pub.getY()))
-        {
-            fail("dh public key y mismatch");
-        }
-        if (!dhG.equals(pub.getParams().getG()))
-        {
-            fail("dh public key g mismatch");
-        }
-        if (!dhP.equals(pub.getParams().getP()))
-        {
-            fail("dh public key p mismatch");
-        }
-        if (0 != pub.getParams().getL())
-        {
-            fail("dh public key l mismatch");
-        }
-
-        DHPrivateKey priv = (DHPrivateKey)readObject(dhPriv);
-
-        if (!dhX.equals(priv.getX()))
-        {
-            fail("dh private key x mismatch");
-        }
-        if (!dhG.equals(priv.getParams().getG()))
-        {
-            fail("dh private key g mismatch");
-        }
-        if (!dhP.equals(priv.getParams().getP()))
-        {
-            fail("dh private key p mismatch");
-        }
-        if (0 != priv.getParams().getL())
-        {
-            fail("dh private key l mismatch");
-        }
-    }
-
-    private void dsaTest()
-        throws IOException, ClassNotFoundException
-    {
-        DSAPublicKey pub = (DSAPublicKey)readObject(dsaPub);
-
-        if (!dsaY.equals(pub.getY()))
-        {
-            fail("dsa public key y mismatch");
-        }
-        if (!dsaG.equals(pub.getParams().getG()))
-        {
-            fail("dsa public key g mismatch");
-        }
-        if (!dsaP.equals(pub.getParams().getP()))
-        {
-            fail("dsa public key p mismatch");
-        }
-
-        DSAPrivateKey priv = (DSAPrivateKey)readObject(dsaPriv);
-
-        if (!dsaX.equals(priv.getX()))
-        {
-            fail("dsa private key x mismatch");
-        }
-        if (!dsaG.equals(priv.getParams().getG()))
-        {
-            fail("dsa private key g mismatch");
-        }
-        if (!dsaP.equals(priv.getParams().getP()))
-        {
-            fail("dsa private key p mismatch");
-        }
-    }
-
-    private Object readObject(byte[] key)
-        throws IOException, ClassNotFoundException
-    {
-        ObjectInputStream oIn = new ObjectInputStream(new ByteArrayInputStream(key));
-
-        return oIn.readObject();
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        runTest(new SerialisationTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/Shacal2Test.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/Shacal2Test.java
deleted file mode 100644
index 511d72d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/Shacal2Test.java
+++ /dev/null

@@ -1,205 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.DataInputStream;
-import java.io.IOException;
-import java.security.Key;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.spec.KeySpec;
-
-import javax.crypto.Cipher;
-import javax.crypto.CipherInputStream;
-import javax.crypto.CipherOutputStream;
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactory;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.PBEKeySpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-/**
- * basic test class for the Shacal2 cipher, vector from NESSIE (Test vectors set 8, vector# 0)
- */
-public class Shacal2Test
-    extends SimpleTest
-{
-    static String[] cipherTests =
-        {
-            "512",
-            "000102030405060708090A0B0C0D0E0F101112131415161718191A1B1C1D1E1F202122232425262728292A2B2C2D2E2F303132333435363738393A3B3C3D3E3F",
-            "98BCC10405AB0BFC686BECECAAD01AC19B452511BCEB9CB094F905C51CA45430",
-            "00112233445566778899AABBCCDDEEFF102132435465768798A9BACBDCEDFE0F",
-
-        };
-
-    public String getName()
-    {
-        return "Shacal2";
-    }
-
-    private static final int KEY_SIZE_BITS = 512;
-
-    private static final byte[] TEST_BYTES = new byte[1536];
-
-    private static final char[] TEST_PASSWORD = new char[1536];
-
-    static
-    {
-        new SecureRandom().nextBytes(TEST_BYTES);
-        int total = TEST_PASSWORD.length;
-        for (char c = 'A'; c <= 'Z' && total > 0; TEST_PASSWORD[TEST_PASSWORD.length - total] = c, c++, total--)
-        {
-            ;
-        }
-    }
-
-    private void blockTest()
-        throws Exception
-    {
-        final byte[] salt = new byte[KEY_SIZE_BITS / 8];
-        new SecureRandom().nextBytes(salt);
-
-        final KeySpec keySpec = new PBEKeySpec(TEST_PASSWORD, salt, 262144, KEY_SIZE_BITS);
-        final SecretKey secretKey = new SecretKeySpec(SecretKeyFactory.getInstance("PBKDF2", "BC").
-            generateSecret(keySpec).getEncoded(), "Shacal2");
-
-        final Cipher cipher = Cipher.getInstance("Shacal2/CBC/ISO10126Padding", "BC");
-        cipher.init(Cipher.ENCRYPT_MODE, secretKey);
-
-        final byte[] iv = cipher.getIV();
-        final byte[] ciphertext = cipher.doFinal(TEST_BYTES);
-
-        cipher.init(Cipher.DECRYPT_MODE, secretKey, new IvParameterSpec(iv));
-
-        final byte[] cleartext = cipher.doFinal(ciphertext);
-
-        if (!Arrays.areEqual(TEST_BYTES, cleartext))
-        {
-            fail("Invalid cleartext.");
-        }
-    }
-
-    public void testECB(
-        int strength,
-        byte[] keyBytes,
-        byte[] input,
-        byte[] output)
-        throws Exception
-    {
-        Key key;
-        Cipher in, out;
-        CipherInputStream cIn;
-        CipherOutputStream cOut;
-        ByteArrayInputStream bIn;
-        ByteArrayOutputStream bOut;
-
-        key = new SecretKeySpec(keyBytes, "Shacal2");
-
-        in = Cipher.getInstance("Shacal2/ECB/NoPadding", "BC");
-        out = Cipher.getInstance("Shacal2/ECB/NoPadding", "BC");
-        try
-        {
-            out.init(Cipher.ENCRYPT_MODE, key);
-        }
-        catch (Exception e)
-        {
-            fail("Shacal2 failed initialisation - " + e.toString(), e);
-        }
-
-        try
-        {
-            in.init(Cipher.DECRYPT_MODE, key);
-        }
-        catch (Exception e)
-        {
-            fail("Shacal2 failed initialisation - " + e.toString(), e);
-        }
-
-        //
-        // encryption pass
-        //
-        bOut = new ByteArrayOutputStream();
-
-        cOut = new CipherOutputStream(bOut, out);
-
-        try
-        {
-            for (int i = 0; i != input.length / 2; i++)
-            {
-                cOut.write(input[i]);
-            }
-            cOut.write(input, input.length / 2, input.length - input.length / 2);
-            cOut.close();
-        }
-        catch (IOException e)
-        {
-            fail("Shacal2 failed encryption - " + e.toString(), e);
-        }
-
-        byte[] bytes;
-
-        bytes = bOut.toByteArray();
-
-        if (!areEqual(bytes, output))
-        {
-            fail("Shacal2 failed encryption - expected " + new String(Hex.encode(output)) + " got " + new String(Hex.encode(bytes)));
-        }
-
-        //
-        // decryption pass
-        //
-        bIn = new ByteArrayInputStream(bytes);
-
-        cIn = new CipherInputStream(bIn, in);
-
-        try
-        {
-            DataInputStream dIn = new DataInputStream(cIn);
-
-            bytes = new byte[input.length];
-
-            for (int i = 0; i != input.length / 2; i++)
-            {
-                bytes[i] = (byte)dIn.read();
-            }
-            dIn.readFully(bytes, input.length / 2, bytes.length - input.length / 2);
-        }
-        catch (Exception e)
-        {
-            fail("Shacal2 failed encryption - " + e.toString(), e);
-        }
-
-        if (!areEqual(bytes, input))
-        {
-            fail("Shacal2 failed decryption - expected " + new String(Hex.encode(input)) + " got " + new String(Hex.encode(bytes)));
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        for (int i = 0; i != cipherTests.length; i += 4)
-        {
-            testECB(Integer.parseInt(cipherTests[i]),
-                Hex.decode(cipherTests[i + 1]),
-                Hex.decode(cipherTests[i + 2]),
-                Hex.decode(cipherTests[i + 3]));
-        }
-
-        blockTest();
-    }
-
-    public static void main(
-        String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new Shacal2Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SigNameTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SigNameTest.java
deleted file mode 100644
index f86bd68..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SigNameTest.java
+++ /dev/null

@@ -1,98 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.Security;
-import java.security.Signature;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class SigNameTest
-    extends SimpleTest
-{
-    private void checkName(String name)
-        throws NoSuchProviderException, NoSuchAlgorithmException
-    {
-        if (!name.equals(Signature.getInstance(name, "BC").getAlgorithm()))
-        {
-            fail("name misatch on " + name);
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        checkName("SHA1withRSA");
-        checkName("SHA224withRSA");
-        checkName("SHA256withRSA");
-        checkName("SHA384withRSA");
-        checkName("SHA512withRSA");
-
-        checkName("SHA3-224withRSA");
-        checkName("SHA3-256withRSA");
-        checkName("SHA3-384withRSA");
-        checkName("SHA3-512withRSA");
-
-        checkName("MD2withRSA");
-        checkName("MD4withRSA");
-        checkName("MD5withRSA");
-        checkName("RIPEMD160withRSA");
-        checkName("RIPEMD128withRSA");
-        checkName("RIPEMD256withRSA");
-
-        checkName("SHA1withDSA");
-        checkName("SHA224withDSA");
-        checkName("SHA256withDSA");
-        checkName("SHA384withDSA");
-        checkName("SHA512withDSA");
-        checkName("NONEwithDSA");
-        checkName("SHA1withECDSA");
-        checkName("SHA224withECDSA");
-        checkName("SHA256withECDSA");
-        checkName("SHA384withECDSA");
-        checkName("SHA512withECDSA");
-        checkName("RIPEMD160withECDSA");
-        checkName("SHA1withECNR");
-        checkName("SHA224withECNR");
-        checkName("SHA256withECNR");
-        checkName("SHA384withECNR");
-        checkName("SHA512withECNR");
-
-        checkName("SHA1withRSAandMGF1");
-        checkName("SHA1withRSAandMGF1");
-        checkName("SHA224withRSAandMGF1");
-        checkName("SHA256withRSAandMGF1");
-        checkName("SHA384withRSAandMGF1");
-        checkName("SHA512withRSAandMGF1");
-
-        checkName("GOST3411withGOST3410");
-        checkName("GOST3411withECGOST3410");
-
-        checkName("SHA1withRSA/ISO9796-2");
-        checkName("MD5withRSA/ISO9796-2");
-        checkName("RIPEMD160withRSA/ISO9796-2");
-
-        checkName("RIPEMD128withRSA/X9.31");
-        checkName("RIPEMD160withRSA/X9.31");
-        checkName("SHA1withRSA/X9.31");
-        checkName("SHA224withRSA/X9.31");
-        checkName("SHA256withRSA/X9.31");
-        checkName("SHA384withRSA/X9.31");
-        checkName("SHA512withRSA/X9.31");
-        checkName("WhirlpoolwithRSA/X9.31");
-    }
-
-    public String getName()
-    {
-        return "SigNameTest";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new SigNameTest());
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SigTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SigTest.java
deleted file mode 100644
index 102c1f7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SigTest.java
+++ /dev/null

@@ -1,534 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.math.BigInteger;
-import java.security.InvalidKeyException;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.MessageDigest;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.Signature;
-import java.security.SignatureException;
-import java.security.interfaces.RSAPrivateKey;
-import java.security.interfaces.RSAPublicKey;
-import java.security.spec.RSAPrivateKeySpec;
-import java.security.spec.RSAPublicKeySpec;
-
-import javax.crypto.Cipher;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.DigestInfo;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class SigTest
-    extends SimpleTest
-{
-    /**
-     * signature with a "forged signature" (sig block not at end of plain text)
-     */
-    private void testBadSig(PrivateKey priv, PublicKey pub) throws Exception
-    {
-        MessageDigest sha1 = MessageDigest.getInstance("SHA1", "BC");
-        Cipher signer = Cipher.getInstance("RSA/ECB/PKCS1Padding", "BC");
-        
-        signer.init(Cipher.ENCRYPT_MODE, priv);
-        
-        byte[] block = new byte[signer.getBlockSize()];
-        
-        sha1.update((byte)0);
-        
-        byte[] sigHeader = Hex.decode("3021300906052b0e03021a05000414");
-        System.arraycopy(sigHeader, 0, block, 0, sigHeader.length);
-        
-        byte[] dig = sha1.digest();
-
-        System.arraycopy(dig, 0, block, sigHeader.length, dig.length);
-
-        System.arraycopy(sigHeader, 0, block, 
-                        sigHeader.length + dig.length, sigHeader.length);
-        
-        byte[] sig = signer.doFinal(block);
-        
-        Signature verifier = Signature.getInstance("SHA1WithRSA", "BC");
-        
-        verifier.initVerify(pub);
-        
-        verifier.update((byte)0);
-        
-        if (verifier.verify(sig))
-        {
-            fail("bad signature passed");
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {   
-        Signature           sig = Signature.getInstance("SHA1WithRSAEncryption", "BC");
-        KeyPairGenerator    fact;
-        KeyPair             keyPair;
-        byte[]              data = { 1, 2, 3, 4, 5, 6, 7, 8, 9, 0 };
-
-        fact = KeyPairGenerator.getInstance("RSA", "BC");
-
-        fact.initialize(768, new SecureRandom());
-
-        keyPair = fact.generateKeyPair();
-
-        PrivateKey  signingKey = keyPair.getPrivate();
-        PublicKey   verifyKey = keyPair.getPublic();
-        
-        testBadSig(signingKey, verifyKey);
-
-        sig.initSign(signingKey);
-
-        sig.update(data);
-
-        byte[]  sigBytes = sig.sign();
-
-        sig.initVerify(verifyKey);
-
-        sig.update(data);
-
-        if (!sig.verify(sigBytes))
-        {
-            fail("SHA1 verification failed");
-        }
-
-        sig = Signature.getInstance("MD2WithRSAEncryption", "BC");
-
-        sig.initSign(signingKey);
-
-        sig.update(data);
-
-        sigBytes = sig.sign();
-
-        sig.initVerify(verifyKey);
-
-        sig.update(data);
-
-        if (!sig.verify(sigBytes))
-        {
-            fail("MD2 verification failed");
-        }
-
-        sig = Signature.getInstance("MD5WithRSAEncryption", "BC");
-
-        sig.initSign(signingKey);
-
-        sig.update(data);
-
-        sigBytes = sig.sign();
-
-        sig.initVerify(verifyKey);
-
-        sig.update(data);
-
-        if (!sig.verify(sigBytes))
-        {
-            fail("MD5 verification failed");
-        }
-
-        sig = Signature.getInstance("RIPEMD160WithRSAEncryption", "BC");
-
-        sig.initSign(signingKey);
-
-        sig.update(data);
-
-        sigBytes = sig.sign();
-
-        sig.initVerify(verifyKey);
-
-        sig.update(data);
-
-        if (!sig.verify(sigBytes))
-        {
-            fail("RIPEMD160 verification failed");
-        }
-
-        //
-        // RIPEMD-128
-        //
-        sig = Signature.getInstance("RIPEMD128WithRSAEncryption", "BC");
-
-        sig.initSign(signingKey);
-
-        sig.update(data);
-
-        sigBytes = sig.sign();
-
-        sig.initVerify(verifyKey);
-
-        sig.update(data);
-
-        if (!sig.verify(sigBytes))
-        {
-            fail("RIPEMD128 verification failed");
-        }
-
-        //
-        // RIPEMD256
-        //
-        sig = Signature.getInstance("RIPEMD256WithRSAEncryption", "BC");
-
-        sig.initSign(signingKey);
-
-        sig.update(data);
-
-        sigBytes = sig.sign();
-
-        sig.initVerify(verifyKey);
-
-        sig.update(data);
-
-        if (!sig.verify(sigBytes))
-        {
-            fail("RIPEMD256 verification failed");
-        }
-
-        //
-        // ISO Sigs.
-        //
-        sig = Signature.getInstance("MD5WithRSA/ISO9796-2", "BC");
-
-        sig.initSign(signingKey);
-
-        sig.update(data);
-
-        sigBytes = sig.sign();
-
-        sig.initVerify(verifyKey);
-
-        sig.update(data);
-
-        if (!sig.verify(sigBytes))
-        {
-            fail("MD5/ISO verification failed");
-        }
-
-        sig = Signature.getInstance("SHA1WithRSA/ISO9796-2", "BC");
-
-        sig.initSign(signingKey);
-
-        sig.update(data);
-
-        sigBytes = sig.sign();
-
-        sig.initVerify(verifyKey);
-
-        sig.update(data);
-
-        if (!sig.verify(sigBytes))
-        {
-            fail("SHA1/ISO verification failed");
-        }
-
-        tryRsaPkcs15Sig("SHA224WithRSA", data, signingKey, verifyKey, PKCSObjectIdentifiers.sha224WithRSAEncryption, NISTObjectIdentifiers.id_sha224);
-        tryRsaPkcs15Sig("SHA256WithRSA", data, signingKey, verifyKey, PKCSObjectIdentifiers.sha256WithRSAEncryption, NISTObjectIdentifiers.id_sha256);
-        tryRsaPkcs15Sig("SHA384WithRSA", data, signingKey, verifyKey, PKCSObjectIdentifiers.sha384WithRSAEncryption, NISTObjectIdentifiers.id_sha384);
-        tryRsaPkcs15Sig("SHA512WithRSA", data, signingKey, verifyKey, PKCSObjectIdentifiers.sha512WithRSAEncryption, NISTObjectIdentifiers.id_sha512);
-        tryRsaPkcs15Sig("SHA512(224)WithRSA", data, signingKey, verifyKey, PKCSObjectIdentifiers.sha512_224WithRSAEncryption, NISTObjectIdentifiers.id_sha512_224);
-        tryRsaPkcs15Sig("SHA512(256)WithRSA", data, signingKey, verifyKey, PKCSObjectIdentifiers.sha512_256WithRSAEncryption, NISTObjectIdentifiers.id_sha512_256);
-        tryRsaPkcs15Sig("SHA224WithRSAEncryption", data, signingKey, verifyKey, PKCSObjectIdentifiers.sha224WithRSAEncryption, NISTObjectIdentifiers.id_sha224);
-        tryRsaPkcs15Sig("SHA256WithRSAEncryption", data, signingKey, verifyKey, PKCSObjectIdentifiers.sha256WithRSAEncryption, NISTObjectIdentifiers.id_sha256);
-        tryRsaPkcs15Sig("SHA384WithRSAEncryption", data, signingKey, verifyKey, PKCSObjectIdentifiers.sha384WithRSAEncryption, NISTObjectIdentifiers.id_sha384);
-        tryRsaPkcs15Sig("SHA512WithRSAEncryption", data, signingKey, verifyKey, PKCSObjectIdentifiers.sha512WithRSAEncryption, NISTObjectIdentifiers.id_sha512);
-        tryRsaPkcs15Sig("SHA512(224)WithRSAEncryption", data, signingKey, verifyKey, PKCSObjectIdentifiers.sha512_224WithRSAEncryption, NISTObjectIdentifiers.id_sha512_224);
-        tryRsaPkcs15Sig("SHA512(256)WithRSAEncryption", data, signingKey, verifyKey, PKCSObjectIdentifiers.sha512_256WithRSAEncryption, NISTObjectIdentifiers.id_sha512_256);
-
-        tryRsaPkcs15Sig("SHA3-224WithRSA", data, signingKey, verifyKey, NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224, NISTObjectIdentifiers.id_sha3_224);
-        tryRsaPkcs15Sig("SHA3-256WithRSA", data, signingKey, verifyKey, NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256, NISTObjectIdentifiers.id_sha3_256);
-        tryRsaPkcs15Sig("SHA3-384WithRSA", data, signingKey, verifyKey, NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384, NISTObjectIdentifiers.id_sha3_384);
-        tryRsaPkcs15Sig("SHA3-512WithRSA", data, signingKey, verifyKey, NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512, NISTObjectIdentifiers.id_sha3_512);
-        tryRsaPkcs15Sig("SHA3-224WithRSAEncryption", data, signingKey, verifyKey, NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224, NISTObjectIdentifiers.id_sha3_224);
-        tryRsaPkcs15Sig("SHA3-256WithRSAEncryption", data, signingKey, verifyKey, NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256, NISTObjectIdentifiers.id_sha3_256);
-        tryRsaPkcs15Sig("SHA3-384WithRSAEncryption", data, signingKey, verifyKey, NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384, NISTObjectIdentifiers.id_sha3_384);
-        tryRsaPkcs15Sig("SHA3-512WithRSAEncryption", data, signingKey, verifyKey, NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512, NISTObjectIdentifiers.id_sha3_512);
-
-        trySig("SHA1WithRSAAndMGF1", data, signingKey, verifyKey);
-        trySig("SHA224WithRSAAndMGF1", data, signingKey, verifyKey);
-        trySig("SHA256WithRSAAndMGF1", data, signingKey, verifyKey);
-        //trySig("SHA384WithRSAAndMGF1", data, signingKey, verifyKey);
-       //trySig("SHA512WithRSAAndMGF1", data, signingKey, verifyKey);
-        trySig("SHA512(224)WithRSAAndMGF1", data, signingKey, verifyKey);
-        trySig("SHA512(256)WithRSAAndMGF1", data, signingKey, verifyKey);
-
-        trySig("SHA3-224WithRSAAndMGF1", data, signingKey, verifyKey);
-        trySig("SHA3-256WithRSAAndMGF1", data, signingKey, verifyKey);
-//        trySig("SHA3-384WithRSAAndMGF1", data, signingKey, verifyKey);
-//        trySig("SHA3-512WithRSAAndMGF1", data, signingKey, verifyKey);
-
-        trySig("SHA1WithRSA/ISO9796-2", data, signingKey, verifyKey);
-        trySig("SHA224WithRSA/ISO9796-2", data, signingKey, verifyKey);
-        trySig("SHA256withRSA/ISO9796-2", data, signingKey, verifyKey);
-        trySig("SHA384WithRSA/ISO9796-2", data, signingKey, verifyKey);
-        trySig("SHA512WithRSA/ISO9796-2", data, signingKey, verifyKey);
-        trySig("SHA512(224)WithRSA/ISO9796-2", data, signingKey, verifyKey);
-        trySig("SHA512(256)WithRSA/ISO9796-2", data, signingKey, verifyKey);
-        trySig("WhirlpoolWithRSA/ISO9796-2", data, signingKey, verifyKey);
-        trySig("RIPEMD160WithRSA/ISO9796-2", data, signingKey, verifyKey);
-
-        trySig("RIPEMD128WithRSA/X9.31", data, signingKey, verifyKey);
-        trySig("RIPEMD160WithRSA/X9.31", data, signingKey, verifyKey);
-        trySig("SHA1WithRSA/X9.31", data, signingKey, verifyKey);
-        trySig("SHA224WithRSA/X9.31", data, signingKey, verifyKey);
-        trySig("SHA256withRSA/X9.31", data, signingKey, verifyKey);
-        trySig("SHA384WithRSA/X9.31", data, signingKey, verifyKey);
-        trySig("SHA512WithRSA/X9.31", data, signingKey, verifyKey);
-        trySig("SHA512(224)WithRSA/X9.31", data, signingKey, verifyKey);
-        trySig("SHA512(256)WithRSA/X9.31", data, signingKey, verifyKey);
-        trySig("WhirlpoolWithRSA/X9.31", data, signingKey, verifyKey);
-
-        KeyFactory keyFact = KeyFactory.getInstance("RSA", "BC");
-
-        BigInteger mod = new BigInteger("f6b18dfb2eb944d8df7e8b8077f8857ffa7a4192ea10cdd87edf7839872d50029ed86fc17c8b90bef725517b7f2f6403559957d0d4220ed8283ebde769d9f7024b84654d7b398d64b582520e6b7a7e07c1aea5eedbfac0474ac239a5ceb6e5e7", 16);
-
-        RSAPublicKey vKey = (RSAPublicKey)keyFact.generatePublic(new RSAPublicKeySpec(mod, new BigInteger("10001", 16)));
-        RSAPrivateKey sKey = (RSAPrivateKey)keyFact.generatePrivate(new RSAPrivateKeySpec(mod, new BigInteger("6af2b6d6fa7e9f76560e0a747b8e66720129175c95d50b289c784d2ac38bc5701d653fade64cab47dee572d9d35dbc414be785166afe59a4dd3e7b5a19e756ed83c56319ece6a3a8a4e8d982526361bb133d49a27c4299a5d717189ebd9159a1", 16)));
-
-        trySig("SHA1WithRSA/X9.31", data, sKey, vKey);
-
-        shouldPassSignatureX931Test1();
-        shouldPassSignatureX931Test2();
-        shouldPassSignatureX931Test3();
-
-        //
-        // standard vector test - B.1.3 RIPEMD160, implicit.
-        //
-        mod = new BigInteger("ffffffff78f6c55506c59785e871211ee120b0b5dd644aa796d82413a47b24573f1be5745b5cd9950f6b389b52350d4e01e90009669a8720bf265a2865994190a661dea3c7828e2e7ca1b19651adc2d5", 16);
-        BigInteger  pub = new BigInteger("03", 16);
-        BigInteger  pri = new BigInteger("2aaaaaaa942920e38120ee965168302fd0301d73a4e60c7143ceb0adf0bf30b9352f50e8b9e4ceedd65343b2179005b2f099915e4b0c37e41314bb0821ad8330d23cba7f589e0f129b04c46b67dfce9d", 16);
-
-        KeyFactory  f = KeyFactory.getInstance("RSA", "BC");
-
-        PrivateKey  privKey = f.generatePrivate(new RSAPrivateKeySpec(mod, pri));
-        PublicKey   pubKey = f.generatePublic(new RSAPublicKeySpec(mod, pub));
-        byte[]      testSig = Hex.decode("5cf9a01854dbacaec83aae8efc563d74538192e95466babacd361d7c86000fe42dcb4581e48e4feb862d04698da9203b1803b262105104d510b365ee9c660857ba1c001aa57abfd1c8de92e47c275cae");
-
-        data = Hex.decode("fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210fedcba9876543210");
-
-        sig = Signature.getInstance("RIPEMD160WithRSA/ISO9796-2", "BC");
-
-        sig.initSign(privKey);
-
-        sig.update(data);
-
-        sigBytes = sig.sign();
-
-        if (!Arrays.areEqual(testSig, sigBytes))
-        {
-            fail("SigTest: failed ISO9796-2 generation Test");
-        }
-
-        sig.initVerify(pubKey);
-
-        sig.update(data);
-
-        if (!sig.verify(sigBytes))
-        {
-            fail("RIPEMD160/ISO verification failed");
-        }
-    }
-
-    private void trySig(String algorithm, byte[] data, PrivateKey signingKey, PublicKey verifyKey)
-        throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException
-    {
-        Signature sig;
-        byte[] sigBytes;
-        sig = Signature.getInstance(algorithm, "BC");
-
-        sig.initSign(signingKey);
-
-        sig.update(data);
-
-        sigBytes = sig.sign();
-
-        sig.initVerify(verifyKey);
-
-        sig.update(data);
-
-        if (!sig.verify(sigBytes))
-        {
-            fail(algorithm + " verification failed");
-        }
-    }
-
-    private void tryRsaPkcs15Sig(String algorithm, byte[] data, PrivateKey signingKey, PublicKey verifyKey, ASN1ObjectIdentifier sigOid, ASN1ObjectIdentifier hashOid)
-        throws Exception
-    {
-        Signature sig;
-        byte[] sigBytes;
-        sig = Signature.getInstance(algorithm, "BC");
-
-        sig.initSign(signingKey);
-
-        sig.update(data);
-
-        sigBytes = sig.sign();
-
-        sig.initVerify(verifyKey);
-
-        sig.update(data);
-
-        if (!sig.verify(sigBytes))
-        {
-            fail(algorithm + " verification failed");
-        }
-
-        Cipher c = Cipher.getInstance("RSA/NONE/PKCS1Padding", "BC");
-
-        c.init(Cipher.DECRYPT_MODE, verifyKey);
-
-        DigestInfo digInfo = DigestInfo.getInstance(c.doFinal(sigBytes));
-
-        isTrue("digest alg not match", digInfo.getAlgorithmId().getAlgorithm().equals(hashOid));
-
-        sig = Signature.getInstance(sigOid.getId(), "BC");
-
-        sig.initSign(signingKey);
-
-        sig.update(data);
-
-        isTrue("sig not matched", Arrays.areEqual(sigBytes, sig.sign()));
-
-        sig.initVerify(verifyKey);
-
-        sig.update(data);
-
-        if (!sig.verify(sigBytes))
-        {
-            fail(algorithm + " oid verification failed");
-        }
-    }
-
-    private void shouldPassSignatureX931Test1()
-        throws Exception
-    {
-        BigInteger n = new BigInteger("c9be1b28f8caccca65d86cc3c9bbcc13eccc059df3b80bd2292b811eff3aa0dd75e1e85c333b8e3fa9bed53bb20f5359ff4e6900c5e9a388e3a4772a583a79e2299c76582c2b27694b65e9ba22e66bfb817f8b70b22206d7d8ae488c86dbb7137c26d5eff9b33c90e6cee640630313b7a715802e15142fef498c404a8de19674974785f0f852e2d470fe85a2e54ffca9f5851f672b71df691785a5cdabe8f14aa628942147de7593b2cf962414a5b59c632c4e14f1768c0ab2e9250824beea60a3529f11bf5e070ce90a47686eb0be1086fb21f0827f55295b4a48307db0b048c05a4aec3f488c576ca6f1879d354224c7e84cbcd8e76dd217a3de54dba73c35", 16);
-        BigInteger e = new BigInteger("e75b1b", 16);
-        byte[] msg = Hex.decode("5bb0d1c0ef9b5c7af2477fe08d45523d3842a4b2db943f7033126c2a7829bacb3d2cfc6497ec91688189e81b7f8742488224ba320ce983ce9480722f2cc5bc42611f00bb6311884f660ccc244788378673532edb05284fd92e83f6f6dab406209032e6af9a33c998677933e32d6fb95fd27408940d7728f9c9c40267ca1d20ce");
-        byte[] sig = Hex.decode("0fe8bb8e3109a1eb7489ef35bf4c1a0780071da789c8bd226a4170538eafefdd30b732d628f0e87a0b9450051feae9754d4fb61f57862d10f0bacc4f660d13281d0cd1141c006ade5186ff7d961a4c6cd0a4b352fc1295c5afd088f80ac1f8e192ef116a010a442655fe8ff5eeacea15807906fb0f0dfa86e680d4c005872357f7ece9aa4e20b15d5f709b30f08648ecaa34f2fbf54eb6b414fa2ff6f87561f70163235e69ccb4ac82a2e46d3be214cc2ef5263b569b2d8fd839b21a9e102665105ea762bda25bb446cfd831487a6b846100dee113ae95ae64f4af22c428c87bab809541c962bb3a56d4c86588e0af4ebc7fcc66dadced311051356d3ea745f7");
-
-        RSAPublicKeySpec rsaPublic = new RSAPublicKeySpec(n, e);
-        Signature signer = Signature.getInstance("SHA1withRSA/X9.31", "BC");
-
-        signer.initVerify(KeyFactory.getInstance("RSA", "BC").generatePublic(rsaPublic));
-
-        signer.update(msg, 0, msg.length);
-
-        if (!signer.verify(sig))
-        {
-            fail("RSA X931 verify test 1 failed.");
-        }
-    }
-
-    private void shouldPassSignatureX931Test2()
-        throws Exception
-    {
-        BigInteger n = new BigInteger("b746ba6c3c0be64bbe33aa55b2929b0af4e86d773d44bfe5914db9287788c4663984b61a418d2eecca30d752ff6b620a07ec72eeb2b422d2429da352407b99982800b9dd7697be6a7b1baa98ca5f4fc2fe33400f20b9dba337ac25c987804165d4a6e0ee4d18eabd6de5abdfe578cae6713ff91d16c80a5bb20217fe614d9509e75a43e1825327b9da8f0a9f6eeaa1c04b69fb4bacc073569fff4ab491becbe6d0441d437fc3fa823239c4a0f75321666b68dd3f66e2dd394089a15bcc288a68a4eb0a48e17d639743b9dea0a91cc35820544732aff253f8ca9967c609dc01c2f8cd0313a7a91cfa94ff74289a1d2b6f19d1811f4b9a65f4cce9e5759b4cc64f", 16);
-        BigInteger e = new BigInteger("dcbbdb", 16);
-        byte[] msg = Hex.decode("a5d3c8a060f897bbbc20ae0955052f37fbc70986b6e11c65075c9f457142bfa93856897c69020aa81a91b5e4f39e05cdeecc63395ab849c8262ca8bc5c96870aecb8edb0aba0024a9bdb71e06de6100344e5c318bc979ef32b8a49a8278ba99d4861bce42ebbc5c8c666aaa6cac39aff8779f2cae367620f9edd4cb1d80b6c8c");
-        byte[] sig = Hex.decode("39fbbd1804c689a533b0043f84da0f06081038c0fbf31e443e46a05e58f50de5198bbca40522afefaba3aed7082a6cb93b1da39f1f5a42246bf64930781948d300549bef0f8d554ecfca60a1b1ecba95a7014ee4545ad4f0c4e3a31942c6738b4ccd6244b6a21267dadf0826a5f713f13b1f5a9ab8501d957a26d4948278ac67851071a315674bdab173bfef2c2690c8373da6bf3d69f30c0e5da8883de872f59521b40793854085641adf98d13db991c5d0a8aaa0222934fa33332e90ef0b954e195cb267d6ffb36c96e14d1ec7b915a87598b4461a3146566354dc2ae748c84ee0cd46543b53ebff8cdf47725b280a1f799fb6ebb4a31ad2bdd5178250f83a");
-
-        RSAPublicKeySpec rsaPublic = new RSAPublicKeySpec(n, e);
-        Signature signer = Signature.getInstance("SHA224withRSA/X9.31", "BC");
-
-        signer.initVerify(KeyFactory.getInstance("RSA", "BC").generatePublic(rsaPublic));
-
-        signer.update(msg, 0, msg.length);
-
-        if (!signer.verify(sig))
-        {
-            fail("RSA X931 verify test 2 failed.");
-        }
-    }
-
-    private void shouldPassSignatureX931Test3()
-        throws Exception
-    {
-        BigInteger n = new BigInteger("dcb5686a3d2063a3f9cf7b9b32d2d3765b4c449b09b4960245a9111cd3b0cbd3260496885b8e1fa5db33b03efcc759d9c1afe29d93c6faebc7e0efada334b5b9a29655e2da2c8f11103d8203be311feab7ae88e9f1b2ec7d8fc655d77202b1681dd9717ec0f525b35584987e19539635a1ed23ca482a00149c609a23dc1645fd", 16);
-        BigInteger e = new BigInteger("00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000dc9f7", 16);
-        BigInteger d = new BigInteger("189d6345099098992e0c9ca5f281e1338092342fa0acc85cc2a111f30f9bd2fb4753cd1a48ef0ddca9bf1af33ec76fb2e23a9fb4896c26f2235b516f7c05ef7ae81e70f4b491a5fedba9b935e9c76d761a813ce7776ff8a1e5efe1166ff2eca26aa900da88c908d51af9de26977fe39719cc781df32216fa41b838f0c63803c3", 16);
-
-        RSAPublicKeySpec rsaPublic = new RSAPublicKeySpec(n, e);
-        RSAPrivateKeySpec rsaPriv = new RSAPrivateKeySpec(n, d);
-
-        PrivateKey privateKey = KeyFactory.getInstance("RSA", "BC").generatePrivate(rsaPriv);
-        PublicKey publicKey = KeyFactory.getInstance("RSA", "BC").generatePublic(rsaPublic);
-
-
-        byte[] msg = Hex.decode("911475c6e210ef4ac65b6fe8d2bfe5e01b959771b137c4ef69b88716e0d2ff9ebc1fad0f358c1dd7d50cc99a7b893ac9a6207076f08d8467d9e48c69c683bfe64a44dabaa3f7c243880f6ab7229bf7bb587822314fc5de5131983bfb2eef8b4bc1eac36f353724b567cd1ae8cddd64ddb7057549d5c81ad5fa3b5e751f00abf5");
-        byte[] sig = Hex.decode("02c50ec0ac8a7f38ef5630c396964d6a6daaa7e3083ab5b57fa2a2632f3b70e2e85c8456cd774d45d7e44fcb063f0f04fff9f1e3adfda11272535a92cb59320b190b5ee4261f23d6ceaa925df3a7bfa42e26bf61ea9645d9d64b3c90a820802768a6e209c9f83705375a3867afccc037e8242a98fa4c3db6b2d9877754d47289");
-
-        doGenVerify("SHA1withRSA/X9.31", privateKey, publicKey, msg, sig);
-
-        msg = Hex.decode("911475c6e210ef4ac65b6fe8d2bfe5e01b959771b137c4ef69b88716e0d2ff9ebc1fad0f358c1dd7d50cc99a7b893ac9a6207076f08d8467d9e48c69c683bfe64a44dabaa3f7c243880f6ab7229bf7bb587822314fc5de5131983bfb2eef8b4bc1eac36f353724b567cd1ae8cddd64ddb7057549d5c81ad5fa3b5e751f00abf5");
-        sig = Hex.decode("2e2e279850ce21e34228a8e810d3ba835c51932e03c5e8886e99036f25a9a43aa5e33168274b7bfc1745ce8fc7ff3335f0927920f09fe9d4a6fac5e546eaf5aedc7e11ba75d33ae1487857b017930e69ec63a10971ca062c0e24f5b08226e59446d02a7827ceecbbcf6ecf0ffa7b3dff3e1a76b5f7432f804a4aa858e18877a5");
-
-        doGenVerify("SHA224withRSA/X9.31", privateKey, publicKey, msg, sig);
-
-        msg = Hex.decode("911475c6e210ef4ac65b6fe8d2bfe5e01b959771b137c4ef69b88716e0d2ff9ebc1fad0f358c1dd7d50cc99a7b893ac9a6207076f08d8467d9e48c69c683bfe64a44dabaa3f7c243880f6ab7229bf7bb587822314fc5de5131983bfb2eef8b4bc1eac36f353724b567cd1ae8cddd64ddb7057549d5c81ad5fa3b5e751f00abf5");
-        sig = Hex.decode("4f917837c2aedfb13e8c039cb076e399de39c2a964e418ad541745ff8062ca967d2ce6d51190732d3db089e48e31e95746f306314468c7d2248ace2cfbf4d67c59629a6e61813d52c1a84ea9d21a73b0afa7e871217f2ebeffeaa1268278edfcb7f2f98d1d32ef835123906e8d5f896d1af6877e304a39b03cf014ddaf850911");
-
-        doGenVerify("SHA256withRSA/X9.31", privateKey, publicKey, msg, sig);
-
-        msg = Hex.decode("7d1f36e728dd03b07825c5dcdf6ea933136e1eb819dd8a8aa27c3b0c9b56a0440045b981f1b9cc4107b55a51e81a5136192883cc1442572d9bf1bed44b2c690374d73a612889f8e8929246fe893dd6e26552da4a12dfbb4b63380e78a83dc44e82dba0d0f6d6ef6ec1c5732beb5ea0ff9ff30b7a3a3d1faba2591140d91017ee");
-        sig = Hex.decode("1210a59883326234d363155876818f43bdbe7ba758c44104ad771984636e13ecfbad97beb138a836b2d94dafd910ecb5b6ba7de6125a15f683af96220b3370e92ea2e1fb22fcd5e83def31728d9196b59308eb4498dadeddad66e26152b456e613ecc5fc8a7ed33f0608ea1ef886949f3741ab8c41ee453de877e5acea33a557");
-
-        doGenVerify("SHA384withRSA/X9.31", privateKey, publicKey, msg, sig);
-
-        msg = Hex.decode("911475c6e210ef4ac65b6fe8d2bfe5e01b959771b137c4ef69b88716e0d2ff9ebc1fad0f358c1dd7d50cc99a7b893ac9a6207076f08d8467d9e48c69c683bfe64a44dabaa3f7c243880f6ab7229bf7bb587822314fc5de5131983bfb2eef8b4bc1eac36f353724b567cd1ae8cddd64ddb7057549d5c81ad5fa3b5e751f00abf5");
-        sig = Hex.decode("154bbde6991b6c8c137a62595619e0038e6787703568a213cff95dac33bc871f7a45f8a3471b823451d1262f7a8932f11d5f93cadbc63daf840e0bbd7d317b57d385be706b58670afac7f055f67d8834f574863b1e295b2a85905bb9926f3114be2be59ad7782321578a451b91587bda7cd6a5051c0fd934af28d5d479463642");
-
-        doGenVerify("SHA512withRSA/X9.31", privateKey, publicKey, msg, sig);
-    }
-
-    private void doGenVerify(String algorithm, PrivateKey privateKey, PublicKey publicKey, byte[] msg, byte[] sig)
-        throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException, SignatureException
-    {
-        Signature signer = Signature.getInstance(algorithm, "BC");
-
-        signer.initSign(privateKey);
-
-        signer.update(msg, 0, msg.length);
-
-        byte[] s = signer.sign();
-
-        if (!Arrays.areEqual(sig, s))
-        {
-           fail(algorithm + " sig test 3 failed.");
-        }
-
-        signer.initVerify(publicKey);
-
-        signer.update(msg, 0, msg.length);
-
-        if (!signer.verify(sig))
-        {
-            fail(algorithm + " verify test 3 failed.");
-        }
-    }
-
-    public String getName()
-    {
-        return "SigTest";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new SigTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SignatureTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SignatureTest.java
deleted file mode 100644
index 07da260..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SignatureTest.java
+++ /dev/null

@@ -1,177 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.Signature;
-
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.spec.ECNamedCurveGenParameterSpec;
-import org.bouncycastle.jce.spec.GOST3410ParameterSpec;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class SignatureTest
-    extends SimpleTest
-{
-    private static final byte[] DATA = Hex.decode("00000000deadbeefbeefdeadffffffff00000000");
-
-    private void checkSig(KeyPair kp, String name)
-        throws Exception
-    {
-        Signature sig = Signature.getInstance(name, "BC");
-
-        sig.initSign(kp.getPrivate());
-        sig.update(DATA);
-
-        byte[] signature1 = sig.sign();
-
-        sig.update(DATA);
-
-        byte[] signature2 = sig.sign();
-
-        sig.initVerify(kp.getPublic());
-
-        sig.update(DATA);
-        if (!sig.verify(signature1))
-        {
-            fail("did not verify: " + name);
-        }
-
-        // After verify, should be reusable as if we are after initVerify
-        sig.update(DATA);
-        if (!sig.verify(signature1))
-        {
-            fail("second verify failed: " + name);
-        }
-
-        sig.update(DATA);
-        if (!sig.verify(signature2))
-        {
-            fail("second verify failed (2): " + name);
-        }
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", "BC");
-
-        kpGen.initialize(2048);
-
-        KeyPair kp = kpGen.generateKeyPair();
-
-        checkSig(kp, "SHA1withRSA");
-        checkSig(kp, "SHA224withRSA");
-        checkSig(kp, "SHA256withRSA");
-        checkSig(kp, "SHA384withRSA");
-        checkSig(kp, "SHA512withRSA");
-
-        checkSig(kp, "SHA3-224withRSA");
-        checkSig(kp, "SHA3-256withRSA");
-        checkSig(kp, "SHA3-384withRSA");
-        checkSig(kp, "SHA3-512withRSA");
-
-        checkSig(kp, "MD2withRSA");
-        checkSig(kp, "MD4withRSA");
-        checkSig(kp, "MD5withRSA");
-        checkSig(kp, "RIPEMD160withRSA");
-        checkSig(kp, "RIPEMD128withRSA");
-        checkSig(kp, "RIPEMD256withRSA");
-
-        checkSig(kp, "SHA1withRSAandMGF1");
-        checkSig(kp, "SHA1withRSAandMGF1");
-        checkSig(kp, "SHA224withRSAandMGF1");
-        checkSig(kp, "SHA256withRSAandMGF1");
-        checkSig(kp, "SHA384withRSAandMGF1");
-        checkSig(kp, "SHA512withRSAandMGF1");
-
-        checkSig(kp, "SHA1withRSA/ISO9796-2");
-        checkSig(kp, "MD5withRSA/ISO9796-2");
-        checkSig(kp, "RIPEMD160withRSA/ISO9796-2");
-
-//        checkSig(kp, "SHA1withRSA/ISO9796-2PSS");
-//        checkSig(kp, "MD5withRSA/ISO9796-2PSS");
-//        checkSig(kp, "RIPEMD160withRSA/ISO9796-2PSS");
-
-        checkSig(kp, "RIPEMD128withRSA/X9.31");
-        checkSig(kp, "RIPEMD160withRSA/X9.31");
-        checkSig(kp, "SHA1withRSA/X9.31");
-        checkSig(kp, "SHA224withRSA/X9.31");
-        checkSig(kp, "SHA256withRSA/X9.31");
-        checkSig(kp, "SHA384withRSA/X9.31");
-        checkSig(kp, "SHA512withRSA/X9.31");
-        checkSig(kp, "WhirlpoolwithRSA/X9.31");
-
-        kpGen = KeyPairGenerator.getInstance("DSA", "BC");
-
-        kpGen.initialize(2048);
-
-        kp = kpGen.generateKeyPair();
-
-        checkSig(kp, "SHA1withDSA");
-        checkSig(kp, "SHA224withDSA");
-        checkSig(kp, "SHA256withDSA");
-        checkSig(kp, "SHA384withDSA");
-        checkSig(kp, "SHA512withDSA");
-        checkSig(kp, "NONEwithDSA");
-
-        kpGen = KeyPairGenerator.getInstance("EC", "BC");
-
-        kpGen.initialize(256);
-
-        kp = kpGen.generateKeyPair();
-
-        checkSig(kp, "SHA1withECDSA");
-        checkSig(kp, "SHA224withECDSA");
-        checkSig(kp, "SHA256withECDSA");
-        checkSig(kp, "SHA384withECDSA");
-        checkSig(kp, "SHA512withECDSA");
-        checkSig(kp, "RIPEMD160withECDSA");
-
-        kpGen = KeyPairGenerator.getInstance("EC", "BC");
-
-        kpGen.initialize(521);
-
-        kp = kpGen.generateKeyPair();
-
-        checkSig(kp, "SHA1withECNR");
-        checkSig(kp, "SHA224withECNR");
-        checkSig(kp, "SHA256withECNR");
-        checkSig(kp, "SHA384withECNR");
-        checkSig(kp, "SHA512withECNR");
-
-        kpGen = KeyPairGenerator.getInstance("ECGOST3410", "BC");
-
-        kpGen.initialize(new ECNamedCurveGenParameterSpec("GostR3410-2001-CryptoPro-A"), new SecureRandom());
-
-        kp = kpGen.generateKeyPair();
-
-        checkSig(kp, "GOST3411withECGOST3410");
-
-        kpGen = KeyPairGenerator.getInstance("GOST3410", "BC");
-
-        GOST3410ParameterSpec gost3410P = new GOST3410ParameterSpec(CryptoProObjectIdentifiers.gostR3410_94_CryptoPro_A.getId());
-
-        kpGen.initialize(gost3410P);
-        
-        kp = kpGen.generateKeyPair();
-
-        checkSig(kp, "GOST3411withGOST3410");
-    }
-
-    public String getName()
-    {
-        return "SigNameTest";
-    }
-
-    public static void main(
-        String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new SignatureTest());
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SipHashTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SipHashTest.java
deleted file mode 100644
index 5986141..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SipHashTest.java
+++ /dev/null

@@ -1,129 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.security.InvalidKeyException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.Security;
-
-import javax.crypto.KeyGenerator;
-import javax.crypto.Mac;
-import javax.crypto.SecretKey;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class SipHashTest
-    extends SimpleTest
-{
-    public void performTest()
-        throws Exception
-    {
-        testMac();
-        testKeyGenerator();
-    }
-
-    private void testKeyGenerator()
-        throws NoSuchAlgorithmException,
-        NoSuchProviderException
-    {
-        testKeyGen("SipHash");
-        testKeyGen("SipHash-2-4");
-        testKeyGen("SipHash-4-8");
-    }
-
-    private void testKeyGen(String algorithm)
-        throws NoSuchAlgorithmException,
-        NoSuchProviderException
-    {
-        KeyGenerator kg = KeyGenerator.getInstance(algorithm, "BC");
-
-        SecretKey key = kg.generateKey();
-
-        if (!key.getAlgorithm().equalsIgnoreCase("SipHash"))
-        {
-            fail("Unexpected algorithm name in key", "SipHash", key.getAlgorithm());
-        }
-        if (key.getEncoded().length != 16)
-        {
-            fail("Expected 128 bit key");
-        }
-    }
-
-    private void testMac()
-        throws NoSuchAlgorithmException,
-        NoSuchProviderException,
-        InvalidKeyException
-    {
-        byte[] key = Hex.decode("000102030405060708090a0b0c0d0e0f");
-        byte[] input = Hex.decode("000102030405060708090a0b0c0d0e");
-
-        byte[] expected = Hex.decode("e545be4961ca29a1");
-
-        Mac mac = Mac.getInstance("SipHash", "BC");
-
-        mac.init(new SecretKeySpec(key, "SipHash"));
-
-        mac.update(input, 0, input.length);
-
-        byte[] result = mac.doFinal();
-
-        if (!Arrays.areEqual(expected, result))
-        {
-            fail("Result does not match expected value for doFinal()");
-        }
-
-        mac.init(new SecretKeySpec(key, "SipHash-2-4"));
-
-        mac.update(input, 0, input.length);
-
-        result = mac.doFinal();
-        if (!Arrays.areEqual(expected, result))
-        {
-            fail("Result does not match expected value for second doFinal()");
-        }
-
-        mac = Mac.getInstance("SipHash-2-4", "BC");
-
-        mac.init(new SecretKeySpec(key, "SipHash-2-4"));
-
-        mac.update(input, 0, input.length);
-
-        result = mac.doFinal();
-        if (!Arrays.areEqual(expected, result))
-        {
-            fail("Result does not match expected value for alias");
-        }
-
-        // SipHash 4-8
-        expected = Hex.decode("e0a6a97dd589d383");
-
-        mac = Mac.getInstance("SipHash-4-8", "BC");
-
-        mac.init(new SecretKeySpec(key, "SipHash"));
-
-        mac.update(input, 0, input.length);
-
-        result = mac.doFinal();
-
-        if (!Arrays.areEqual(expected, result))
-        {
-            fail("Result does not match expected value for SipHash 4-8");
-        }
-    }
-
-    public String getName()
-    {
-        return "SipHash";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new SipHashTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SkeinTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SkeinTest.java
deleted file mode 100644
index 5bc5387..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SkeinTest.java
+++ /dev/null

@@ -1,316 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.security.MessageDigest;
-import java.security.Security;
-
-import javax.crypto.KeyGenerator;
-import javax.crypto.Mac;
-import javax.crypto.SecretKey;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.jcajce.spec.SkeinParameterSpec;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class SkeinTest
-    extends SimpleTest
-{
-    final static String provider = "BC";
-
-    static private byte[] nullMsg = new byte[0];
-
-    static private String[][] nullVectors =
-    {
-        { "Skein-256-128", "07e8ff2191c5052e1a25914c7c213078" },
-        { "Skein-256-160", "ff800bed6d2044ee9d604a674e3fda50d9b24a72" },
-        { "Skein-256-224", "0fadf1fa39e3837a95b3660b4184d9c2f3cfc94b55d8e7a083278bf8" },
-        { "Skein-256-256", "c8877087da56e072870daa843f176e9453115929094c3a40c463a196c29bf7ba" },
-        { "Skein-512-128", "7c9aff5c3738e3faadc7a5265768def1" },
-        { "Skein-512-160", "49daf1ccebb3544bc93cb5019ba91b0eea8876ee" },
-        { "Skein-512-224", "1541ae9fc3ebe24eb758ccb1fd60c2c31a9ebfe65b220086e7819e25" },
-        { "Skein-512-256", "39ccc4554a8b31853b9de7a1fe638a24cce6b35a55f2431009e18780335d2621" },
-        { "Skein-512-384", "dd5aaf4589dc227bd1eb7bc68771f5baeaa3586ef6c7680167a023ec8ce26980f06c4082c488b4ac9ef313f8cbe70808" },
-        { "Skein-512-512", "bc5b4c50925519c290cc634277ae3d6257212395cba733bbad37a4af0fa06af41fca7903d06564fea7a2d3730dbdb80c1f85562dfcc070334ea4d1d9e72cba7a" },
-        { "Skein-1024-384", "1fdb081963b960e89eaa11b87dda55e8a55a3e1066b30e38d8ae2a45242f7dadfaf06d80ca8a73cd8242ce5eab84c164" },
-        { "Skein-1024-512", "e2943eb0bc0efabd49503a76edf7cfcf072db25bad94ed44fe537284163f3119c47ac6f78699b4272255966e0aba65c75a0a64bd23df6996d1bc3174afd9fa8b" },
-        { "Skein-1024-1024", "0fff9563bb3279289227ac77d319b6fff8d7e9f09da1247b72a0a265cd6d2a62645ad547ed8193db48cff847c06494a03f55666d3b47eb4c20456c9373c86297d630d5578ebd34cb40991578f9f52b18003efa35d3da6553ff35db91b81ab890bec1b189b7f52cb2a783ebb7d823d725b0b4a71f6824e88f68f982eefc6d19c6" },
-    };
-
-    static private byte[] shortMsg = Hex.decode("fbd17c26b61a82e12e125f0d459b96c91ab4837dff22b39b78439430cdfc5dc8"
-            + "78bb393a1a5f79bef30995a85a12923339ba8ab7d8fc6dc5fec6f4ed22c122bb"
-            + "e7eb61981892966de5cef576f71fc7a80d14dab2d0c03940b95b9fb3a727c66a"
-            + "6e1ff0dc311b9aa21a3054484802154c1826c2a27a0914152aeb76f1168d4410");
-
-    static private String[][] shortVectors =
-    {
-        { "Skein-256-128", "9703382ea27dc2913e9d02cd976c582f" },
-        { "Skein-256-160", "0cd491b7715704c3a15a45a1ca8d93f8f646d3a1" },
-        { "Skein-256-224", "afd1e2d0f5b6cd4e1f8b3935fa2497d27ee97e72060adac099543487" },
-        { "Skein-256-256", "4de6fe2bfdaa3717a4261030ef0e044ced9225d066354610842a24a3eafd1dcf" },
-        { "Skein-512-128", "c901b1c04af3da4dce05d7975c419224" },
-        { "Skein-512-160", "ef03079d61b57c6047e15fa2b35b46fa24279539" },
-        { "Skein-512-224", "d9e3219b214e15246a2038f76a573e018ef69b385b3bd0576b558231" },
-        { "Skein-512-256", "809dd3f763a11af90912bbb92bc0d94361cbadab10142992000c88b4ceb88648" },
-        { "Skein-512-384", "825f5cbd5da8807a7b4d3e7bd9cd089ca3a256bcc064cd73a9355bf3ae67f2bf93ac7074b3b19907a0665ba3a878b262" },
-        { "Skein-512-512", "1a0d5abf4432e7c612d658f8dcfa35b0d1ab68b8d6bd4dd115c23cc57b5c5bcdde9bff0ece4208596e499f211bc07594d0cb6f3c12b0e110174b2a9b4b2cb6a9" },
-        { "Skein-1024-384", "9c3d0648c11f31c18395d5e6c8ebd73f43d189843fc45235e2c35e345e12d62bc21a41f65896ddc6a04969654c2e2ce9" },
-        { "Skein-1024-512", "5d0416f49c2d08dfd40a1446169dc6a1d516e23b8b853be4933513051de8d5c26baccffb08d3b16516ba3c6ccf3e9a6c78fff6ef955f2dbc56e1459a7cdba9a5" },
-        { "Skein-1024-1024", "96ca81f586c825d0360aef5acaec49ad55289e1797072eee198b64f349ce65b6e6ed804fe38f05135fe769cc56240ddda5098f620865ce4a4278c77fa2ec6bc31c0f354ca78c7ca81665bfcc5dc54258c3b8310ed421d9157f36c093814d9b25103d83e0ddd89c52d0050e13a64c6140e6388431961685734b1f138fe2243086" },
-    };
-    
-    static private String[][] shortMacVectors = 
-    {
-        { "Skein-Mac-256-128", "738f8b23541d50f691ab60af664c1583" },
-        { "Skein-Mac-256-160", "fe07fe50f99b7683bc16980041d8c045857f1189" },
-        { "Skein-Mac-256-224", "0bc19b185f5bfe50f0dba7ab49cd8ca9440260edd5a392d4bdcd2216" },
-        { "Skein-Mac-256-256", "9837ba53d23afcdabd9fcd614ce9e51c0ebecec7a210df4d3724ed591f026ef1" },
-        { "Skein-Mac-512-128", "6d34f46f2033947da7a9dfb068f4102d" },
-        { "Skein-Mac-512-160", "83cb2effecaa60674c2f9fb2fb6771a9899708ba" },
-        { "Skein-Mac-512-224", "e5f83c032875451f31977cd649c866708cb283a509e99cdfd4d995c5" },
-        { "Skein-Mac-512-256", "ed5507ec551ec944c6ed531990c32907eca885dd3af3d50dd09f1dbef422bb11" },
-        { "Skein-Mac-512-384", "b8f84a212723b92a591d6dc145c1655c70df710e9f3365064abdf79e9288dced2f0f895d81f465c811f1207b43b8cfce" },
-        { "Skein-Mac-512-512", "d13ba582467096a0f862114d97baa218512f39c82c984aa29deee724950d7f0929f726173dd42bc35566b0dbfbf5d2a1552ba6f132de301846714215b64e7f82" },
-        { "Skein-Mac-1024-384", "490dbbd049403e602ee3535181a70ee2eb5ade6d83b519953dd0d93c45729f098b679efcd64b5e3f03cd2fa9f1e70d69" },
-        { "Skein-Mac-1024-512", "ce7f1052fa486309d73058d1d4986f886d966a849c72d196bb2b97fc9fb0b1e69f43a521ebd979f5a5581bd12a0dbd0d1ee27af0929881f1d35c875cc0542ecf" },
-        { "Skein-Mac-1024-1024", "60cd8c755b331bcefe97be5a9fe6f63146d12520ca7b20dbc5c5370dae2ff9815c95fab564329a01eced76f0ecb1944ad52a74e89fa1b6cdcdcee4c71c2c18909c4d1324d279fac5ca2280eea0fa70521cf4ea8c616a3ac6082c2244bec5c1ab3a173faf29d84bec7fb852e278ed57785535c979b33b81465c437cd998c04b95" },
-    };
-
-    static private String[][] shortHMacVectors = 
-        {
-        { "HMAC-Skein-256-128", "926a445d5218605286dfe0542a437012" },
-        { "HMAC-Skein-256-160", "5ebc30295e4562a879f94db531ada465073b8bb7" },
-        { "HMAC-Skein-256-224", "a05b3cfc6b86fda7f5dcf0afbb707dc745fa55279a3f80e2c9977ff1" },
-        { "HMAC-Skein-256-256", "51741f6e8ebf133216ac8e05c7a75a6339351fd2dcc4db04e418521c628a2111" },
-        { "HMAC-Skein-512-128", "ad51f8c7b1b347fe52f0f5c71ae9b8eb" },
-        { "HMAC-Skein-512-160", "e0d06c2d406f32bb14dbb2129176219b62d4f89f" },
-        { "HMAC-Skein-512-224", "e7e5327e2aaa88d0038049e8112db31df223be4c31da24abf03731a8" },
-        { "HMAC-Skein-512-256", "30177414f6e35019cacc2e3ae474b25765e6e0e541e16d754c3dad19df763ab0" },
-        { "HMAC-Skein-512-384", "7f0ba3c1c642cf09eb03d0e3760fe172f22fb263006b1fba5bdea1bfaf6e971c17e039abb0030d1a40ac94a747732cce" },
-        { "HMAC-Skein-512-512", "70d864e7f6cbd446778914a951d1961e646ee17a3da8eae551d29f4fafc540b0457cc9f8064c511b80dc29f8369fb5dc258559542abb5342c4892f22934bf5f1" },
-        { "HMAC-Skein-1024-384", "e7d3465b30b5089e24244e747a91f7cb255596b49843466497c07e120c5c2232f51151b185a1e8a5610f041a85cc59ee" },
-        { "HMAC-Skein-1024-512", "c428059ae2d17ba13e461384c4a64cb0be694909e7a04e4983a4fc16476d644c7764e0019b33ea2a8719f731a579f4f7015da7ec1bc56a4920071ac41da836fe" },
-        { "HMAC-Skein-1024-1024", "3ebd13ec7bf1533c343ac78e1b5146225ce7629787f3997b646139c1b80d6f54cd562b7625419ede8710d76410dfb8617514ca3f7abf17657d2bc96722071adb2a6ecd9795a1ef5e4734b450d588efcbc3220faf53c880e61438bb953e024e48db6a745d2368375ac792be858cd01915e28590d4d6d599be95f6e6ceed7d7d91" },
-        };
-    
-    static private byte[] shortMacMessage = Hex.decode("d3090c72167517f7");
-    static private byte[] shortMacKey = Hex.decode("cb41f1706cde09651203c2d0efbaddf8");
-
-    static private byte[] keyIdentifier = "asecretkey".getBytes();
-    static private byte[] keyIdentifierVector = Hex.decode("ca9970a83997e1c346c4348b54cfc9ba7e19bfba");
-
-    public String getName()
-    {
-        return "Skein";
-    }
-
-    void test(String type, String algorithm, byte[] message, String expected) throws Exception
-    {
-        MessageDigest digest = MessageDigest.getInstance(algorithm, provider);
-
-        byte[] result = digest.digest(message);
-        byte[] result2 = digest.digest(message);
-
-        // test zero results valid
-        if (!MessageDigest.isEqual(result, Hex.decode(expected)))
-        {
-            fail(type + " result not equal for " + algorithm, expected, new String(Hex.encode(result)));
-        }
-
-        // test one digest the same message with the same instance
-        if (!MessageDigest.isEqual(result, result2))
-        {
-            fail(type + " result object 1 not equal");
-        }
-
-        if (!MessageDigest.isEqual(result, Hex.decode(expected)))
-        {
-            fail(type + " result object 1 not equal");
-        }
-
-        // test two, single byte updates
-        for (int i = 0; i < message.length; i++)
-        {
-            digest.update(message[i]);
-        }
-        result2 = digest.digest();
-
-        if (!MessageDigest.isEqual(result, result2))
-        {
-            fail(type + " result object 2 not equal");
-        }
-
-        // test three, two half updates
-        digest.update(message, 0, message.length / 2);
-        digest.update(message, message.length / 2, message.length - message.length / 2);
-        result2 = digest.digest();
-
-        if (!MessageDigest.isEqual(result, result2))
-        {
-            fail(type + " result object 3 not equal");
-        }
-
-        // test four, clone test
-        digest.update(message, 0, message.length / 2);
-        MessageDigest d = (MessageDigest)digest.clone();
-        digest.update(message, message.length / 2, message.length - message.length / 2);
-        result2 = digest.digest();
-
-        if (!MessageDigest.isEqual(result, result2))
-        {
-            fail(type + " result object 4(a) not equal");
-        }
-
-        d.update(message, message.length / 2, message.length - message.length / 2);
-        result2 = d.digest();
-
-        if (!MessageDigest.isEqual(result, result2))
-        {
-            fail(type + " result object 4(b) not equal");
-        }
-
-        // test five, check reset() method
-        digest.update(message, 0, message.length / 2);
-        digest.reset();
-        digest.update(message, 0, message.length / 2);
-        digest.update(message, message.length / 2, message.length - message.length / 2);
-        result2 = digest.digest();
-
-        if (!MessageDigest.isEqual(result, result2))
-        {
-            fail(type + " result object 5 not equal");
-        }
-    }
-
-    private void testMac(String algorithm, byte[] message, byte[] key, String expected) throws Exception
-    {
-        Mac mac = Mac.getInstance(algorithm, provider);
-
-        mac.init(new SecretKeySpec(key, algorithm));
-
-        byte[] result = mac.doFinal(message);
-        byte[] result2 = mac.doFinal(message);
-
-        // test zero results valid
-        if (!MessageDigest.isEqual(result, Hex.decode(expected)))
-        {
-            fail("null result not equal for " + algorithm, expected, new String(Hex.encode(result)));
-        }
-
-        // test one digest the same message with the same instance
-        if (!MessageDigest.isEqual(result, result2))
-        {
-            fail("Result object 1 not equal");
-        }
-
-        if (!MessageDigest.isEqual(result, Hex.decode(expected)))
-        {
-            fail("Result object 1 not equal");
-        }
-
-        // test two, single byte updates
-        for (int i = 0; i < message.length; i++)
-        {
-            mac.update(message[i]);
-        }
-        result2 = mac.doFinal();
-
-        if (!MessageDigest.isEqual(result, result2))
-        {
-            fail("Result object 2 not equal");
-        }
-
-        // test three, two half updates
-        mac.update(message, 0, message.length / 2);
-        mac.update(message, message.length / 2, message.length - message.length / 2);
-        result2 = mac.doFinal();
-
-        if (!MessageDigest.isEqual(result, result2))
-        {
-            fail("Result object 3 not equal");
-        }
-
-        // test five, check reset() method
-        mac.update(message, 0, message.length / 2);
-        mac.reset();
-        mac.update(message, 0, message.length / 2);
-        mac.update(message, message.length / 2, message.length - message.length / 2);
-        result2 = mac.doFinal();
-
-        if (!MessageDigest.isEqual(result, result2))
-        {
-            fail("Result object 5 not equal");
-        }
-
-        // test six, check KeyGenerator
-        KeyGenerator generator = KeyGenerator.getInstance(algorithm, provider);
-
-        mac = Mac.getInstance(algorithm, provider);
-        final SecretKey generatedKey = generator.generateKey();
-        if (generatedKey.getEncoded().length != mac.getMacLength())
-        {
-            fail("Default mac key length for " + algorithm);
-        }
-        mac.init(generatedKey);
-        mac.update(message);
-        mac.doFinal();
-    }
-
-    private void testParameters() throws Exception
-    {
-        Mac mac = Mac.getInstance("Skein-Mac-512-160", provider);
-
-        // test six, init using SkeinParameters
-        mac.init(new SecretKeySpec(shortMacKey, "Skein-Mac-512-160"),
-                new SkeinParameterSpec.Builder().setKeyIdentifier(keyIdentifier).build());
-        byte[] result = mac.doFinal(shortMacMessage);
-
-        if (!MessageDigest.isEqual(result, keyIdentifierVector))
-        {
-            fail("Mac with key identifier failed.", new String(Hex.encode(keyIdentifierVector)),  new String(Hex.encode(result)));
-        }
-    }
-
-    private void testMacKeyGenerators(String algorithm) throws Exception
-    {
-        KeyGenerator gen = KeyGenerator.getInstance(algorithm);
-        
-        int outputSize = Integer.parseInt(algorithm.substring(algorithm.lastIndexOf('-') + 1));
-        SecretKey key = gen.generateKey();
-        
-        if (key.getEncoded().length != (outputSize / 8)) {
-            fail(algorithm + " key length should be equal to output size " + (outputSize) + ", but was " + key.getEncoded().length * 8);
-        }
-    }
-
-    public void performTest() throws Exception
-    {
-        for (int i = 0; i < nullVectors.length; i++)
-        {
-            test("Null message", nullVectors[i][0], nullMsg, nullVectors[i][1]);
-        }
-        for (int i = 0; i < shortVectors.length; i++)
-        {
-            test("Short message", shortVectors[i][0], shortMsg, shortVectors[i][1]);
-        }
-        for (int i = 0; i < shortMacVectors.length; i++)
-        {
-            testMac(shortMacVectors[i][0], shortMacMessage, shortMacKey, shortMacVectors[i][1]);
-            testMacKeyGenerators(shortMacVectors[i][0]);
-        }
-
-        for (int i = 0; i < shortHMacVectors.length; i++)
-        {
-            testMac(shortHMacVectors[i][0], shortMacMessage, shortMacKey, shortHMacVectors[i][1]);
-            testMacKeyGenerators(shortHMacVectors[i][0]);
-        }
-        testParameters();
-    }
-
-    public static void main(String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new SkeinTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SlotTwoTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SlotTwoTest.java
deleted file mode 100644
index 7a2a880..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/SlotTwoTest.java
+++ /dev/null

@@ -1,90 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.security.Key;
-import java.security.SecureRandom;
-import java.security.Security;
-
-import javax.crypto.Cipher;
-import javax.crypto.KeyGenerator;
-import javax.crypto.spec.IvParameterSpec;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class SlotTwoTest 
-    extends SimpleTest
-{
-    byte[] plainData = "abcdefghijklmnopqrstuvwxyz".getBytes();
-
-    public String getName()
-    {
-        return "SlotTwo";
-    }
-
-    public void performTest() 
-        throws Exception
-    {
-        Security.removeProvider("BC");
-        Security.insertProviderAt(new BouncyCastleProvider(), 2);
-
-        KeyGenerator keyGen = KeyGenerator.getInstance("DESede", "BC");
-        
-        keyGen.init(new SecureRandom());
-
-        Key key = keyGen.generateKey();
-
-        testDesEde(key, "ECB", "PKCS7Padding");
-        testDesEde(key, "CBC", "PKCS7Padding");
-        testDesEde(key, "CTR", "NoPadding");
-        testDesEde(key, "CTR", "PKCS7Padding");
-        testDesEde(key, "OFB", "PKCS7Padding");
-        testDesEde(key, "CFB", "PKCS7Padding");
-        
-        Security.removeProvider("BC");
-        Security.addProvider(new BouncyCastleProvider());
-    }
-
-    private void testDesEde(
-        Key key, 
-        String mode, 
-        String padding) 
-        throws Exception
-    {
-        Cipher encrypt = Cipher.getInstance("DESede/" + mode + "/" + padding, "BC");
-        Cipher decrypt = Cipher.getInstance("DESede/" + mode + "/" + padding);
-        
-        if (!decrypt.getProvider().getName().equals("BC"))
-        {
-            fail("BC provider not returned for DESede/" + mode + "/" + padding + " got " + decrypt.getProvider().getName());
-        }
-
-        encrypt.init(Cipher.ENCRYPT_MODE, key);
-
-        byte[] encryptedBytes = encrypt.doFinal(plainData);
-        byte[] ivBytes = encrypt.getIV();
-        
-        if (ivBytes != null)
-        {
-            IvParameterSpec ivp = new IvParameterSpec(ivBytes);
-    
-            decrypt.init(Cipher.DECRYPT_MODE, key, ivp);
-        }
-        else
-        {
-            decrypt.init(Cipher.DECRYPT_MODE, key);
-        }
-
-        byte[] plainBytes = decrypt.doFinal(encryptedBytes, 0, encryptedBytes.length);
-        
-        if (!areEqual(plainData, plainBytes))
-        {
-            fail("decryption test failed.");
-        }
-    }
-    
-    public static void main(
-        String[]    args)
-    {
-        runTest(new SlotTwoTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/TLSKDFTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/TLSKDFTest.java
deleted file mode 100644
index 35e99bb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/TLSKDFTest.java
+++ /dev/null

@@ -1,159 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.security.Security;
-
-import javax.crypto.SecretKey;
-import javax.crypto.SecretKeyFactory;
-
-import org.bouncycastle.jcajce.spec.TLSKeyMaterialSpec;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class TLSKDFTest
-    extends SimpleTest
-{
-    public String getName()
-    {
-        return "TLSKDF";
-    }
-
-    private void testTls10()
-        throws Exception
-    {
-        byte[] pre_master_secret = Hex.decode("bded7fa5c1699c010be23dd06ada3a48349f21e5f86263d512c0c5cc379f0e780ec55d9844b2f1db02a96453513568d0");
-        byte[] serverHello_random = Hex.decode("135e4d557fdf3aa6406d82975d5c606a9734c9334b42136e96990fbd5358cdb2");
-        byte[] clientHello_random = Hex.decode("e5acaf549cd25c22d964c0d930fa4b5261d2507fad84c33715b7b9a864020693");
-        byte[] server_random = Hex.decode("67267e650eb32444119d222a368c191af3082888dc35afe8368e638c828874be");
-        byte[] client_random = Hex.decode("d58a7b1cd4fedaa232159df652ce188f9d997e061b9bf48e83b62990440931f6");
-        byte[] master_secret = Hex.decode("2f6962dfbc744c4b2138bb6b3d33054c5ecc14f24851d9896395a44ab3964efc2090c5bf51a0891209f46c1e1e998f62");
-        byte[] key_block = Hex.decode("3088825988e77fce68d19f756e18e43eb7fe672433504feaf99b3c503d9091b164f166db301d70c9fc0870b4a94563907bee1a61fb786cb717576890bcc51cb9ead97e01d0a2fea99c953377b195205ff07b369589178796edc963fd80fdbe518a2fc1c35c18ae8d");
-
-        SecretKeyFactory kFact = SecretKeyFactory.getInstance("TLS10KDF", "BC");
-
-        SecretKey keyMaterial = kFact.generateSecret(new TLSKeyMaterialSpec(pre_master_secret, TLSKeyMaterialSpec.MASTER_SECRET, master_secret.length, clientHello_random, serverHello_random));
-
-        isTrue("name mismatch (10): " + keyMaterial.getAlgorithm(), keyMaterial.getAlgorithm().equals("TLS10KDF"));
-
-        isTrue("key block error (pre)", Arrays.areEqual(master_secret, keyMaterial.getEncoded()));
-
-        keyMaterial = kFact.generateSecret(new TLSKeyMaterialSpec(master_secret, TLSKeyMaterialSpec.KEY_EXPANSION, key_block.length, server_random, client_random));
-
-        isTrue("key block error", Arrays.areEqual(key_block, keyMaterial.getEncoded()));
-    }
-
-    private void testTls11()
-        throws Exception
-    {
-        byte[] pre_master_secret = Hex.decode("bded7fa5c1699c010be23dd06ada3a48349f21e5f86263d512c0c5cc379f0e780ec55d9844b2f1db02a96453513568d0");
-        byte[] serverHello_random = Hex.decode("135e4d557fdf3aa6406d82975d5c606a9734c9334b42136e96990fbd5358cdb2");
-        byte[] clientHello_random = Hex.decode("e5acaf549cd25c22d964c0d930fa4b5261d2507fad84c33715b7b9a864020693");
-        byte[] server_random = Hex.decode("67267e650eb32444119d222a368c191af3082888dc35afe8368e638c828874be");
-        byte[] client_random = Hex.decode("d58a7b1cd4fedaa232159df652ce188f9d997e061b9bf48e83b62990440931f6");
-        byte[] master_secret = Hex.decode("2f6962dfbc744c4b2138bb6b3d33054c5ecc14f24851d9896395a44ab3964efc2090c5bf51a0891209f46c1e1e998f62");
-        byte[] key_block = Hex.decode("3088825988e77fce68d19f756e18e43eb7fe672433504feaf99b3c503d9091b164f166db301d70c9fc0870b4a94563907bee1a61fb786cb717576890bcc51cb9ead97e01d0a2fea99c953377b195205ff07b369589178796edc963fd80fdbe518a2fc1c35c18ae8d");
-
-        SecretKeyFactory kFact = SecretKeyFactory.getInstance("TLS11KDF", "BC");
-
-        SecretKey keyMaterial = kFact.generateSecret(new TLSKeyMaterialSpec(pre_master_secret, TLSKeyMaterialSpec.MASTER_SECRET, master_secret.length, clientHello_random, serverHello_random));
-
-        isTrue("name mismatch (11): " + keyMaterial.getAlgorithm(), keyMaterial.getAlgorithm().equals("TLS11KDF"));
-
-        isTrue("key block error (pre)", Arrays.areEqual(master_secret, keyMaterial.getEncoded()));
-
-        keyMaterial = kFact.generateSecret(new TLSKeyMaterialSpec(master_secret, TLSKeyMaterialSpec.KEY_EXPANSION, key_block.length, server_random, client_random));
-
-        isTrue("key block error", Arrays.areEqual(key_block, keyMaterial.getEncoded()));
-    }
-
-    private void testTls12Sha256()
-        throws Exception
-    {
-        byte[] pre_master_secret = Hex.decode("f8938ecc9edebc5030c0c6a441e213cd24e6f770a50dda07876f8d55da062bcadb386b411fd4fe4313a604fce6c17fbc");
-        byte[] serverHello_random = Hex.decode("f6c9575ed7ddd73e1f7d16eca115415812a43c2b747daaaae043abfb50053fce");
-        byte[] clientHello_random = Hex.decode("36c129d01a3200894b9179faac589d9835d58775f9b5ea3587cb8fd0364cae8c");
-        byte[] server_random = Hex.decode("ae6c806f8ad4d80784549dff28a4b58fd837681a51d928c3e30ee5ff14f39868");
-        byte[] client_random = Hex.decode("62e1fd91f23f558a605f28478c58cf72637b89784d959df7e946d3f07bd1b616");
-        byte[] master_secret = Hex.decode("202c88c00f84a17a20027079604787461176455539e705be730890602c289a5001e34eeb3a043e5d52a65e66125188bf");
-        byte[] key_block = Hex.decode("d06139889fffac1e3a71865f504aa5d0d2a2e89506c6f2279b670c3e1b74f531016a2530c51a3a0f7e1d6590d0f0566b2f387f8d11fd4f731cdd572d2eae927f6f2f81410b25e6960be68985add6c38445ad9f8c64bf8068bf9a6679485d966f1ad6f68b43495b10a683755ea2b858d70ccac7ec8b053c6bd41ca299d4e51928");
-
-        SecretKeyFactory kFact = SecretKeyFactory.getInstance("TLS12withSHA256KDF", "BC");
-
-        SecretKey keyMaterial = kFact.generateSecret(new TLSKeyMaterialSpec(pre_master_secret, TLSKeyMaterialSpec.MASTER_SECRET, master_secret.length, clientHello_random, serverHello_random));
-
-        isTrue("name mismatch (12-256)", keyMaterial.getAlgorithm().equals("TLS12withSHA256KDF"));
-
-        isTrue("key block error (pre)", Arrays.areEqual(master_secret, keyMaterial.getEncoded()));
-
-        keyMaterial = kFact.generateSecret(new TLSKeyMaterialSpec(master_secret, TLSKeyMaterialSpec.KEY_EXPANSION, key_block.length, server_random, client_random));
-
-        isTrue("key block error", Arrays.areEqual(key_block, keyMaterial.getEncoded()));
-    }
-
-    private void testTls12Sha384()
-        throws Exception
-    {
-        byte[] pre_master_secret = Hex.decode("a5e2642633f5b8c81ad3fe0c2fe3a8e5ef806b06121dd10df4bb0fe857bfdcf522558e05d2682c9a80c741a3aab1716f");
-        byte[] serverHello_random = Hex.decode("cb6e0b3eb02976b6466dfa9651c2919414f1648fd3a7838d02153e5bd39535b6");
-        byte[] clientHello_random = Hex.decode("abe4bf5527429ac8eb13574d2709e8012bd1a113c6d3b1d3aa2c3840518778ac");
-        byte[] server_random = Hex.decode("1b1c8568344a65c30828e7483c0e353e2c68641c9551efae6927d9cd627a107c");
-        byte[] client_random = Hex.decode("954b5fe1849c2ede177438261f099a2fcd884d001b9fe1de754364b1f6a6dd8e");
-        byte[] master_secret = Hex.decode("b4d49bfa87747fe815457bc3da15073d6ac73389e703079a3503c09e14bd559a5b3c7c601c7365f6ea8c68d3d9596827");
-        byte[] key_block = Hex.decode("10fd89ef689c7ef033387b8a8f3e5e8e7c11f680f6bdd71fbac3246a73e98d45d03185dde686e6b2369e4503e9dc5a6d2cee3e2bf2fa3f41d3de57dff3e197c8a9d5f74cc2d277119d894f8584b07a0a5822f0bd68b3433ec6adaf5c9406c5f3ddbb71bbe17ce98f3d4d5893d3179ef369f57aad908e2bf710639100c3ce7e0c");
-
-        SecretKeyFactory kFact = SecretKeyFactory.getInstance("TLS12withSHA384KDF", "BC");
-
-        SecretKey keyMaterial = kFact.generateSecret(new TLSKeyMaterialSpec(pre_master_secret, TLSKeyMaterialSpec.MASTER_SECRET, master_secret.length, clientHello_random, serverHello_random));
-
-        isTrue("name mismatch (12-384)", keyMaterial.getAlgorithm().equals("TLS12withSHA384KDF"));
-
-        isTrue("key block error (pre)", Arrays.areEqual(master_secret, keyMaterial.getEncoded()));
-
-        keyMaterial = kFact.generateSecret(new TLSKeyMaterialSpec(master_secret, TLSKeyMaterialSpec.KEY_EXPANSION, key_block.length, server_random, client_random));
-
-        isTrue("key block error", Arrays.areEqual(key_block, keyMaterial.getEncoded()));
-    }
-
-    private void testTls12Sha512()
-        throws Exception
-    {
-        byte[] pre_master_secret = Hex.decode("dfef39af25c12663a91ee5d27042b9644a16ef55b81055d1bd7dcb0b8f06eb001708cdefcf82591defca1a6f1ac693ab");
-        byte[] serverHello_random = Hex.decode("e2339a6c681eb30808883971b1ce5b9b1ece0f3d011a96a7fff1f5f9d80ffd4b");
-        byte[] clientHello_random = Hex.decode("78bc5298dfe9cf8ed336c2e2f0f6b46e2456f39f35f1143cd21eaa16277025b2");
-        byte[] server_random = Hex.decode("11cfbd3b45e5e917c4edbabc27b9feac833bbbacabd079465b2759fab3063330");
-        byte[] client_random = Hex.decode("b5c41ac5ebd55d136d916547fee741bc1b509f766d50b29d7378b0cebace3c8a");
-        byte[] master_secret = Hex.decode("a70c5fe8d34b645a20ce98969bd30858e729c77c8a5f05d3e289219d6b5752b75b75e1ca00d3329658d7f188ed1ab7e0");
-        byte[] key_block = Hex.decode("a56650076e6bdaad7e1ea42d68a0f5ffead9b6b5232ba538767e4cc6a3ae9abcae897b068645496cd620f865ce0879081a98901fb98b112ce1f00165e7d6b3288eb4d4ed9811fdbbc24e290b8e448c71da72498449ea67cfdafd66adc31a89d83cc44cf01c749fb531494ff8cb9a677762a7220e32b7f251fde09841bf97110e");
-
-        SecretKeyFactory kFact = SecretKeyFactory.getInstance("TLS12withSHA512KDF", "BC");
-
-        SecretKey keyMaterial = kFact.generateSecret(new TLSKeyMaterialSpec(pre_master_secret, TLSKeyMaterialSpec.MASTER_SECRET, master_secret.length, clientHello_random, serverHello_random));
-
-        isTrue("name mismatch (12-512)", keyMaterial.getAlgorithm().equals("TLS12withSHA512KDF"));
-
-        isTrue("key block error (pre)", Arrays.areEqual(master_secret, keyMaterial.getEncoded()));
-
-        keyMaterial = kFact.generateSecret(new TLSKeyMaterialSpec(master_secret, TLSKeyMaterialSpec.KEY_EXPANSION, key_block.length, server_random, client_random));
-
-        isTrue("key block error", Arrays.areEqual(key_block, keyMaterial.getEncoded()));
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        testTls10();
-        testTls11();
-        testTls12Sha256();
-        testTls12Sha384();
-        testTls12Sha512();
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new TLSKDFTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/TestUtils.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/TestUtils.java
deleted file mode 100644
index 1bc8d0a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/TestUtils.java
+++ /dev/null

@@ -1,457 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.math.BigInteger;
-import java.security.InvalidKeyException;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.Principal;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Signature;
-import java.security.SignatureException;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.CertificateException;
-import java.security.cert.CertificateExpiredException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.CertificateNotYetValidException;
-import java.security.cert.X509CRL;
-import java.security.cert.X509Certificate;
-import java.util.Date;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.Set;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
-import org.bouncycastle.asn1.x509.BasicConstraints;
-import org.bouncycastle.asn1.x509.CRLNumber;
-import org.bouncycastle.asn1.x509.CRLReason;
-import org.bouncycastle.asn1.x509.Certificate;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.Extensions;
-import org.bouncycastle.asn1.x509.ExtensionsGenerator;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.GeneralNames;
-import org.bouncycastle.asn1.x509.KeyUsage;
-import org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x509.TBSCertificate;
-import org.bouncycastle.asn1.x509.Time;
-import org.bouncycastle.asn1.x509.V1TBSCertificateGenerator;
-import org.bouncycastle.asn1.x509.V3TBSCertificateGenerator;
-import org.bouncycastle.asn1.x509.X509Extensions;
-import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.jce.PrincipalUtil;
-import org.bouncycastle.x509.X509V2CRLGenerator;
-import org.bouncycastle.x509.extension.AuthorityKeyIdentifierStructure;
-
-/**
- * Test Utils
- */
-class TestUtils
-{
-    private static AtomicLong serialNumber = new AtomicLong(System.currentTimeMillis());
-    private static Map algIds = new HashMap();
-
-    static
-    {
-        algIds.put("GOST3411withGOST3410", new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94));
-        algIds.put("SHA1withRSA", new AlgorithmIdentifier(PKCSObjectIdentifiers.sha1WithRSAEncryption, DERNull.INSTANCE));
-        algIds.put("SHA256withRSA", new AlgorithmIdentifier(PKCSObjectIdentifiers.sha256WithRSAEncryption, DERNull.INSTANCE));
-        algIds.put("SHA1withECDSA", new AlgorithmIdentifier(X9ObjectIdentifiers.ecdsa_with_SHA1));
-        algIds.put("SHA256withECDSA", new AlgorithmIdentifier(X9ObjectIdentifiers.ecdsa_with_SHA256));
-    }
-
-    public static X509Certificate createSelfSignedCert(String dn, String sigName, KeyPair keyPair)
-        throws Exception
-    {
-        return createSelfSignedCert(new X500Name(dn), sigName, keyPair);
-    }
-
-    public static X509Certificate createSelfSignedCert(X500Name dn, String sigName, KeyPair keyPair)
-        throws Exception
-    {
-        V1TBSCertificateGenerator certGen = new V1TBSCertificateGenerator();
-
-        long time = System.currentTimeMillis();
-
-        certGen.setSerialNumber(new ASN1Integer(serialNumber.getAndIncrement()));
-        certGen.setIssuer(dn);
-        certGen.setSubject(dn);
-        certGen.setStartDate(new Time(new Date(time - 5000)));
-        certGen.setEndDate(new Time(new Date(time + 30 * 60 * 1000)));
-        certGen.setSignature((AlgorithmIdentifier)algIds.get(sigName));
-        certGen.setSubjectPublicKeyInfo(SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded()));
-
-        Signature sig = Signature.getInstance(sigName, "BC");
-
-        sig.initSign(keyPair.getPrivate());
-
-        sig.update(certGen.generateTBSCertificate().getEncoded(ASN1Encoding.DER));
-
-        TBSCertificate tbsCert = certGen.generateTBSCertificate();
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(tbsCert);
-        v.add((AlgorithmIdentifier)algIds.get(sigName));
-        v.add(new DERBitString(sig.sign()));
-
-        return (X509Certificate)CertificateFactory.getInstance("X.509", "BC").generateCertificate(new ByteArrayInputStream(new DERSequence(v).getEncoded(ASN1Encoding.DER)));
-    }
-
-    public static X509Certificate createCert(X500Name signerName, PrivateKey signerKey, String dn, String sigName, Extensions extensions, PublicKey pubKey)
-        throws Exception
-    {
-        return createCert(signerName, signerKey, new X500Name(dn), sigName, extensions, pubKey);
-    }
-
-    public static X509Certificate createCert(X500Name signerName, PrivateKey signerKey, X500Name dn, String sigName, Extensions extensions, PublicKey pubKey)
-        throws Exception
-    {
-        V3TBSCertificateGenerator certGen = new V3TBSCertificateGenerator();
-
-        long time = System.currentTimeMillis();
-
-        certGen.setSerialNumber(new ASN1Integer(serialNumber.getAndIncrement()));
-        certGen.setIssuer(signerName);
-        certGen.setSubject(dn);
-        certGen.setStartDate(new Time(new Date(time - 5000)));
-        certGen.setEndDate(new Time(new Date(time + 30 * 60 * 1000)));
-        certGen.setSignature((AlgorithmIdentifier)algIds.get(sigName));
-        certGen.setSubjectPublicKeyInfo(SubjectPublicKeyInfo.getInstance(pubKey.getEncoded()));
-        certGen.setExtensions(extensions);
-
-        Signature sig = Signature.getInstance(sigName, "BC");
-
-        sig.initSign(signerKey);
-
-        sig.update(certGen.generateTBSCertificate().getEncoded(ASN1Encoding.DER));
-
-        TBSCertificate tbsCert = certGen.generateTBSCertificate();
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(tbsCert);
-        v.add((AlgorithmIdentifier)algIds.get(sigName));
-        v.add(new DERBitString(sig.sign()));
-
-        return (X509Certificate)CertificateFactory.getInstance("X.509", "BC").generateCertificate(new ByteArrayInputStream(new DERSequence(v).getEncoded(ASN1Encoding.DER)));
-    }
-
-    /**
-     * Create a random 1024 bit RSA key pair
-     */
-    public static KeyPair generateRSAKeyPair()
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("RSA", "BC");
-
-        kpGen.initialize(1024, new SecureRandom());
-
-        return kpGen.generateKeyPair();
-    }
-
-    public static X509Certificate generateRootCert(KeyPair pair)
-        throws Exception
-    {
-        return createSelfSignedCert("CN=Test CA Certificate", "SHA256withRSA", pair);
-    }
-
-    public static X509Certificate generateRootCert(KeyPair pair, X500Name dn)
-        throws Exception
-    {
-        return createSelfSignedCert(dn, "SHA256withRSA", pair);
-    }
-
-    public static X509Certificate generateIntermediateCert(PublicKey intKey, PrivateKey caKey, X509Certificate caCert)
-        throws Exception
-    {
-        return generateIntermediateCert(
-            intKey, new X500Name("CN=Test Intermediate Certificate"), caKey, caCert);
-    }
-
-    public static X509Certificate generateIntermediateCert(PublicKey intKey, X500Name subject, PrivateKey caKey, X509Certificate caCert)
-        throws Exception
-    {
-        Certificate caCertLw = Certificate.getInstance(caCert.getEncoded());
-
-        ExtensionsGenerator extGen = new ExtensionsGenerator();
-
-        extGen.addExtension(Extension.authorityKeyIdentifier, false, new AuthorityKeyIdentifier(getDigest(caCertLw.getSubjectPublicKeyInfo()),
-            new GeneralNames(new GeneralName(caCertLw.getIssuer())),
-            caCertLw.getSerialNumber().getValue()));
-        extGen.addExtension(Extension.subjectKeyIdentifier, false, new SubjectKeyIdentifier(getDigest(SubjectPublicKeyInfo.getInstance(intKey.getEncoded()))));
-        extGen.addExtension(Extension.basicConstraints, true, new BasicConstraints(0));
-        extGen.addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyCertSign | KeyUsage.cRLSign));
-
-        return createCert(
-            caCertLw.getSubject(),
-            caKey, subject, "SHA256withRSA", extGen.generate(), intKey);
-    }
-
-    public static X509Certificate generateEndEntityCert(PublicKey intKey, PrivateKey caKey, X509Certificate caCert)
-        throws Exception
-    {
-        return generateEndEntityCert(
-            intKey, new X500Name("CN=Test End Certificate"), caKey, caCert);
-    }
-
-    public static X509Certificate generateEndEntityCert(PublicKey entityKey, X500Name subject, PrivateKey caKey, X509Certificate caCert)
-        throws Exception
-    {
-        Certificate caCertLw = Certificate.getInstance(caCert.getEncoded());
-
-        ExtensionsGenerator extGen = new ExtensionsGenerator();
-
-        extGen.addExtension(Extension.authorityKeyIdentifier, false, new AuthorityKeyIdentifier(getDigest(caCertLw.getSubjectPublicKeyInfo()),
-            new GeneralNames(new GeneralName(caCertLw.getIssuer())),
-            caCertLw.getSerialNumber().getValue()));
-        extGen.addExtension(Extension.subjectKeyIdentifier, false, new SubjectKeyIdentifier(getDigest(entityKey.getEncoded())));
-        extGen.addExtension(Extension.basicConstraints, true, new BasicConstraints(0));
-        extGen.addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.digitalSignature | KeyUsage.keyCertSign | KeyUsage.cRLSign));
-
-        return createCert(
-            caCertLw.getSubject(),
-            caKey, subject, "SHA256withRSA", extGen.generate(), entityKey);
-    }
-
-    public static X509CRL createCRL(
-        X509Certificate caCert,
-        PrivateKey caKey,
-        BigInteger serialNumber)
-        throws Exception
-    {
-        X509V2CRLGenerator crlGen = new X509V2CRLGenerator();
-        Date now = new Date();
-        BigInteger revokedSerialNumber = BigInteger.valueOf(2);
-
-        crlGen.setIssuerDN(PrincipalUtil.getSubjectX509Principal(caCert));
-
-        crlGen.setThisUpdate(now);
-        crlGen.setNextUpdate(new Date(now.getTime() + 100000));
-        crlGen.setSignatureAlgorithm("SHA256WithRSAEncryption");
-
-        crlGen.addCRLEntry(serialNumber, now, CRLReason.privilegeWithdrawn);
-
-        crlGen.addExtension(Extension.authorityKeyIdentifier, false, new AuthorityKeyIdentifierStructure(caCert));
-        crlGen.addExtension(Extension.cRLNumber, false, new CRLNumber(BigInteger.valueOf(1)));
-
-        return crlGen.generate(caKey, "BC");
-    }
-
-    public static X509Certificate createExceptionCertificate(boolean exceptionOnEncode)
-    {
-        return new ExceptionCertificate(exceptionOnEncode);
-    }
-
-    public static X500Name getCertIssuer(X509Certificate x509Certificate)
-        throws CertificateEncodingException
-    {
-        return TBSCertificate.getInstance(x509Certificate.getTBSCertificate()).getIssuer();
-    }
-
-    public static X500Name getCertSubject(X509Certificate x509Certificate)
-        throws CertificateEncodingException
-    {
-        return TBSCertificate.getInstance(x509Certificate.getTBSCertificate()).getSubject();
-    }
-
-    private static class ExceptionCertificate
-        extends X509Certificate
-    {
-        private boolean _exceptionOnEncode;
-
-        public ExceptionCertificate(boolean exceptionOnEncode)
-        {
-            _exceptionOnEncode = exceptionOnEncode;
-        }
-
-        public void checkValidity()
-            throws CertificateExpiredException, CertificateNotYetValidException
-        {
-            throw new CertificateNotYetValidException();
-        }
-
-        public void checkValidity(Date date)
-            throws CertificateExpiredException, CertificateNotYetValidException
-        {
-            throw new CertificateExpiredException();
-        }
-
-        public int getVersion()
-        {
-            return 0;
-        }
-
-        public BigInteger getSerialNumber()
-        {
-            return null;
-        }
-
-        public Principal getIssuerDN()
-        {
-            return null;
-        }
-
-        public Principal getSubjectDN()
-        {
-            return null;
-        }
-
-        public Date getNotBefore()
-        {
-            return null;
-        }
-
-        public Date getNotAfter()
-        {
-            return null;
-        }
-
-        public byte[] getTBSCertificate()
-            throws CertificateEncodingException
-        {
-            throw new CertificateEncodingException();
-        }
-
-        public byte[] getSignature()
-        {
-            return new byte[0];
-        }
-
-        public String getSigAlgName()
-        {
-            return null;
-        }
-
-        public String getSigAlgOID()
-        {
-            return null;
-        }
-
-        public byte[] getSigAlgParams()
-        {
-            return new byte[0];
-        }
-
-        public boolean[] getIssuerUniqueID()
-        {
-            return new boolean[0];
-        }
-
-        public boolean[] getSubjectUniqueID()
-        {
-            return new boolean[0];
-        }
-
-        public boolean[] getKeyUsage()
-        {
-            return new boolean[0];
-        }
-
-        public int getBasicConstraints()
-        {
-            return 0;
-        }
-
-        public byte[] getEncoded()
-            throws CertificateEncodingException
-        {
-            if (_exceptionOnEncode)
-            {
-                throw new CertificateEncodingException();
-            }
-
-            return new byte[0];
-        }
-
-        public void verify(PublicKey key)
-            throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException
-        {
-            throw new CertificateException();
-        }
-
-        public void verify(PublicKey key, String sigProvider)
-            throws CertificateException, NoSuchAlgorithmException, InvalidKeyException, NoSuchProviderException, SignatureException
-        {
-            throw new CertificateException();
-        }
-
-        public String toString()
-        {
-            return null;
-        }
-
-        public PublicKey getPublicKey()
-        {
-            return null;
-        }
-
-        public boolean hasUnsupportedCriticalExtension()
-        {
-            return false;
-        }
-
-        public Set getCriticalExtensionOIDs()
-        {
-            return null;
-        }
-
-        public Set getNonCriticalExtensionOIDs()
-        {
-            return null;
-        }
-
-        public byte[] getExtensionValue(String oid)
-        {
-            return new byte[0];
-        }
-
-    }
-
-    private static byte[] getDigest(SubjectPublicKeyInfo spki)
-    {
-        return getDigest(spki.getPublicKeyData().getBytes());
-    }
-
-    private static byte[] getDigest(byte[] bytes)
-    {
-        Digest digest = new SHA1Digest();
-        byte[] resBuf = new byte[digest.getDigestSize()];
-
-        digest.update(bytes, 0, bytes.length);
-        digest.doFinal(resBuf, 0);
-        return resBuf;
-    }
-
-    private static class AtomicLong
-    {
-        private long value;
-
-        public AtomicLong(long value)
-        {
-            this.value = value;
-        }
-
-        public synchronized long getAndIncrement()
-        {
-            return value++;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/ThreefishTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/ThreefishTest.java
deleted file mode 100644
index c278787..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/ThreefishTest.java
+++ /dev/null

@@ -1,80 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.security.Security;
-
-import javax.crypto.Cipher;
-import javax.crypto.SecretKey;
-import javax.crypto.spec.IvParameterSpec;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class ThreefishTest
-    extends SimpleTest
-{
-
-    private static final byte[] SECRET_KEY_1024 =
-        {
-            -15, -32, 56, 110, 22, -42, -26, 34, 25, 17, -83, -2, -78, 112, 49, 127, -4, 70, -110, -21, -10, -114, -82, -122,
-            78, 53, -105, -44, 34, 45, -102, -19, -30, 73, 87, 19, 25, -92, -64, -72, 11, 125, -92, -124, -126, -70, -92, 54,
-            46, 3, 86, -108, 71, -42, 44, -110, -36, -31, -48, -84, -19, 102, 124, -118, 17, -84, -119, 126, 37, -8, -13, 21,
-            -4, 86, 104, -85, -44, 82, 60, -61, -95, -9, -92, 68, -123, -111, -53, -36, -47, 36, -92, 121, 95, 25, 73, 124,
-            -13, -7, -106, -32, 75, -30, -25, -95, 120, 88, 2, 55, 68, -113, -60, 104, 59, 57, -86, -79, -110, -126, -44,
-            -18, 73, -37, -128, -40, -62, -15, 23, 87
-        };
-
-    private static final byte[] TEST_BYTES = new byte[1536];
-
-    public String getName()
-    {
-        return "Threefish";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        // padding test at 128 pad bytes.
-
-        final SecretKey secretKey = new SecretKeySpec(SECRET_KEY_1024, "Threefish-1024");
-
-        Cipher cipher = Cipher.getInstance("Threefish-1024/CBC/ISO10126Padding", "BC");
-        cipher.init(Cipher.ENCRYPT_MODE, secretKey, new IvParameterSpec(new byte[128]));
-
-        byte[] iv = cipher.getIV();
-        byte[] ciphertext = cipher.doFinal(TEST_BYTES);
-
-        cipher.init(Cipher.DECRYPT_MODE, secretKey, new IvParameterSpec(iv));
-
-        byte[] cleartext = cipher.doFinal(ciphertext);
-
-        if (!Arrays.areEqual(TEST_BYTES, cleartext))
-        {
-            fail("Invalid cleartext - ISO10126Padding.");
-        }
-
-        cipher = Cipher.getInstance("Threefish-1024/CBC/PKCS7Padding", "BC");
-        cipher.init(Cipher.ENCRYPT_MODE, secretKey);
-
-        iv = cipher.getIV();
-        ciphertext = cipher.doFinal(TEST_BYTES);
-
-        cipher.init(Cipher.DECRYPT_MODE, secretKey, new IvParameterSpec(iv));
-
-        cleartext = cipher.doFinal(ciphertext);
-
-        if (!Arrays.areEqual(TEST_BYTES, cleartext))
-        {
-            fail("Invalid cleartext - PKCS7.");
-        }
-    }
-
-    public static void main(final String[] args)
-        throws Exception
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new ThreefishTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/WrapTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/WrapTest.java
deleted file mode 100644
index 118e182..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/WrapTest.java
+++ /dev/null

@@ -1,76 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import java.security.Key;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.MessageDigest;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-
-import javax.crypto.Cipher;
-import javax.crypto.KeyGenerator;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.test.SimpleTestResult;
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-public class WrapTest
-    implements Test
-{
-    public TestResult perform()
-    {
-        try
-        {
-            Cipher cipher = Cipher.getInstance("DES/ECB/PKCS5Padding", "BC");
-            KeyPairGenerator fact = KeyPairGenerator.getInstance("RSA", "BC");
-            fact.initialize(512, new SecureRandom());
-
-            KeyPair keyPair = fact.generateKeyPair();
-
-            PrivateKey  priKey = keyPair.getPrivate();
-            PublicKey   pubKey = keyPair.getPublic();
-
-            KeyGenerator keyGen = KeyGenerator.getInstance("DES", "BC");
-            Key wrapKey = keyGen.generateKey();
-            cipher.init(Cipher.WRAP_MODE, wrapKey);
-            byte[] wrappedKey = cipher.wrap(priKey);
-
-            cipher.init(Cipher.UNWRAP_MODE, wrapKey);
-            Key key = cipher.unwrap(wrappedKey, "RSA", Cipher.PRIVATE_KEY);
-
-            if (!MessageDigest.isEqual(priKey.getEncoded(), key.getEncoded()))
-            {
-                return new SimpleTestResult(false, "Unwrapped key does not match");
-            }
-
-            return new SimpleTestResult(true, getName() + ": Okay");
-        }
-        catch (Exception e)
-        {
-            return new SimpleTestResult(false, getName() + ": exception - " + e.toString(), e);
-        }
-    }
-
-    public String getName()
-    {
-        return "WrapTest";
-    }
-
-    public static void main(
-        String[]    args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        Test            test = new WrapTest();
-        TestResult      result = test.perform();
-
-        System.out.println(result.toString());
-        if (result.getException() != null)
-        {
-            result.getException().printStackTrace();
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/X509CertificatePairTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/X509CertificatePairTest.java
deleted file mode 100644
index 4eecef8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/X509CertificatePairTest.java
+++ /dev/null

@@ -1,147 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.x509.X509CertificatePair;
-
-import java.io.ByteArrayInputStream;
-import java.security.Security;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-
-public class X509CertificatePairTest
-    extends SimpleTest
-{
-    public void performTest()
-        throws Exception
-    {
-        CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
-
-        X509Certificate rootCert = (X509Certificate)cf.generateCertificate(
-                                        new ByteArrayInputStream(CertPathTest.rootCertBin));
-        X509Certificate interCert = (X509Certificate)cf.generateCertificate(
-                                         new ByteArrayInputStream(CertPathTest.interCertBin));
-        X509Certificate finalCert = (X509Certificate)cf.generateCertificate(
-                                          new ByteArrayInputStream(CertPathTest.finalCertBin));
-
-
-        X509CertificatePair pair1 = new X509CertificatePair(rootCert, interCert);
-        X509CertificatePair pair2 = new X509CertificatePair(rootCert, interCert);
-        X509CertificatePair pair3 = new X509CertificatePair(interCert, finalCert);
-        X509CertificatePair pair4 = new X509CertificatePair(rootCert, finalCert);
-        X509CertificatePair pair5 = new X509CertificatePair(rootCert, null);
-        X509CertificatePair pair6 = new X509CertificatePair(rootCert, null);
-        X509CertificatePair pair7 = new X509CertificatePair(null, rootCert);
-        X509CertificatePair pair8 = new X509CertificatePair(null, rootCert);
-
-        if (!pair1.equals(pair2))
-        {
-            fail("pair1 pair2 equality test");
-        }
-
-        if (!pair5.equals(pair6))
-        {
-            fail("pair1 pair2 equality test");
-        }
-
-        if (!pair7.equals(pair8))
-        {
-            fail("pair1 pair2 equality test");
-        }
-
-        if (pair1.equals(null))
-        {
-            fail("pair1 null equality test");
-        }
-
-        if (pair1.hashCode() != pair2.hashCode())
-        {
-            fail("pair1 pair2 hashCode equality test");
-        }
-
-        if (pair1.equals(pair3))
-        {
-            fail("pair1 pair3 inequality test");
-        }
-
-        if (pair1.equals(pair4))
-        {
-            fail("pair1 pair4 inequality test");
-        }
-
-        if (pair1.equals(pair5))
-        {
-            fail("pair1 pair5 inequality test");
-        }
-
-        if (pair1.equals(pair7))
-        {
-            fail("pair1 pair7 inequality test");
-        }
-
-        if (pair5.equals(pair1))
-        {
-            fail("pair5 pair1 inequality test");
-        }
-
-        if (pair7.equals(pair1))
-        {
-            fail("pair7 pair1 inequality test");
-        }
-
-        if (pair1.getForward() != rootCert)
-        {
-            fail("pair1 forward test");
-        }
-
-        if (pair1.getReverse() != interCert)
-        {
-            fail("pair1 reverse test");
-        }
-
-        if (!areEqual(pair1.getEncoded(), pair2.getEncoded()))
-        {
-            fail("encoding check");
-        }
-
-        pair4 = new X509CertificatePair(rootCert, TestUtils.createExceptionCertificate(false));
-
-        try
-        {
-            pair4.getEncoded();
-
-            fail("no exception on bad getEncoded()");
-        }
-        catch (CertificateEncodingException e)
-        {
-            // expected
-        }
-
-        pair4 = new X509CertificatePair(rootCert, TestUtils.createExceptionCertificate(true));
-
-        try
-        {
-            pair4.getEncoded();
-
-            fail("no exception on exception getEncoded()");
-        }
-        catch (CertificateEncodingException e)
-        {
-            // expected
-        }
-    }
-
-    public String getName()
-    {
-        return "X509CertificatePair";
-    }
-
-    public static void main(String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new X509CertificatePairTest());
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/X509LDAPCertStoreTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/X509LDAPCertStoreTest.java
deleted file mode 100644
index 2716712..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/X509LDAPCertStoreTest.java
+++ /dev/null

@@ -1,467 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import org.bouncycastle.jce.PrincipalUtil;
-import org.bouncycastle.jce.X509LDAPCertStoreParameters;
-import org.bouncycastle.jce.X509Principal;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.x509.X509CRLStoreSelector;
-import org.bouncycastle.x509.X509CertStoreSelector;
-import org.bouncycastle.x509.X509Store;
-
-import java.io.ByteArrayInputStream;
-import java.security.Security;
-import java.security.cert.CRLException;
-import java.security.cert.CertStore;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509CRL;
-import java.security.cert.X509CRLSelector;
-import java.security.cert.X509CertSelector;
-import java.security.cert.X509Certificate;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.Iterator;
-
-public class X509LDAPCertStoreTest extends SimpleTest
-{
-    private static final byte cert1[] = Base64
-        .decode("MIIDyTCCAzKgAwIBAgIEL64+8zANBgkqhkiG9w0BAQUFADBVMQswCQYDVQQGEwJE"
-            + "RTEcMBoGA1UEChQTRGV1dHNjaGUgVGVsZWtvbSBBRzEoMAwGBwKCBgEKBxQTATEw"
-            + "GAYDVQQDFBFUVEMgVGVzdCBDQSAxMTpQTjAeFw0wMzAzMjUxNDM1MzFaFw0wNjAz"
-            + "MjUxNDM1MzFaMGIxCzAJBgNVBAYTAkRFMRswGQYDVQQKDBJHRlQgU29sdXRpb25z"
-            + "IEdtYkgxEjAQBgNVBAsMCUhZUEFSQ0hJVjEWMBQGA1UEAwwNRGllZ2UsIFNpbW9u"
-            + "ZTEKMAgGA1UEBRMBMTCBoDANBgkqhkiG9w0BAQEFAAOBjgAwgYoCgYEAiEYsFbs4"
-            + "FesQpMjBkzJB92c0p8tJ02nbCNA5l17VVbbrv6/twnQHW4kgA+9lZlXfzI8iunT1"
-            + "KuiwVupWObHgFaGPkelIN/qIbuwbQzh7T+IUKdKETE12Lc+xk9YvQ6mJVgosmwpr"
-            + "nMMjezymh8DjPhe7MC7/H3AotrHVNM3mEJcCBEAAAIGjggGWMIIBkjAfBgNVHSME"
-            + "GDAWgBTQc8wTeltcAM3iTE63fk/wTA+IJTAdBgNVHQ4EFgQUq6ChBvXPiqhMHLS3"
-            + "kiKpSeGWDz4wDgYDVR0PAQH/BAQDAgQwMB8GA1UdEQQYMBaBFHNpbW9uZS5kaWVn"
-            + "ZUBnZnQuY29tMIHoBgNVHR8EgeAwgd0wgdqgaqBohjVsZGFwOi8vcGtzbGRhcC50"
-            + "dHRjLmRlOjM4OS9jPWRlLG89RGV1dHNjaGUgVGVsZWtvbSBBR4YvaHR0cDovL3d3"
-            + "dy50dHRjLmRlL3RlbGVzZWMvc2VydmxldC9kb3dubG9hZF9jcmyibKRqMGgxCzAJ"
-            + "BgNVBAYTAkRFMRwwGgYDVQQKFBNEZXV0c2NoZSBUZWxla29tIEFHMTswDAYHAoIG"
-            + "AQoHFBMBMTArBgNVBAMUJFRlbGVTZWMgRGlyZWN0b3J5IFNlcnZpY2UgU2lnRyAx"
-            + "MDpQTjA0BggrBgEFBQcBAQQoMCYwJAYIKwYBBQUHMAGGGGh0dHA6Ly93d3cudHR0"
-            + "Yy5kZS9vY3NwcjANBgkqhkiG9w0BAQUFAAOBgQBCPudAtrP9Bx7GRhHQgYS6kaoN"
-            + "vYb/yDss86pyn0uiFuwT+mT1popcAfxPo2yxL0jqqlsDNFBC2hJob5rjihsKPmqV"
-            + "rSaW0VJu/zBihsX7hLKOVMf5gvUYMS5ulq/bp8jOj8a+5SmxVY+WWZVFghWjISse"
-            + "T3WABdTS9S3zjnQiyg==");
-
-    private static final byte[] directCRL = Base64
-        .decode("MIIGXTCCBckCAQEwCgYGKyQDAwECBQAwdDELMAkGA1UEBhMCREUxHDAaBgNVBAoU"
-            + "E0RldXRzY2hlIFRlbGVrb20gQUcxFzAVBgNVBAsUDlQtVGVsZVNlYyBUZXN0MS4w"
-            + "DAYHAoIGAQoHFBMBMTAeBgNVBAMUF1QtVGVsZVNlYyBUZXN0IERJUiA4OlBOFw0w"
-            + "NjA4MDQwODQ1MTRaFw0wNjA4MDQxNDQ1MTRaMIIElTAVAgQvrj/pFw0wMzA3MjIw"
-            + "NTQxMjhaMBUCBC+uP+oXDTAzMDcyMjA1NDEyOFowFQIEL64/5xcNMDQwNDA1MTMx"
-            + "ODE3WjAVAgQvrj/oFw0wNDA0MDUxMzE4MTdaMBUCBC+uP+UXDTAzMDExMzExMTgx"
-            + "MVowFQIEL64/5hcNMDMwMTEzMTExODExWjAVAgQvrj/jFw0wMzAxMTMxMTI2NTZa"
-            + "MBUCBC+uP+QXDTAzMDExMzExMjY1NlowFQIEL64/4hcNMDQwNzEzMDc1ODM4WjAV"
-            + "AgQvrj/eFw0wMzAyMTcwNjMzMjVaMBUCBC+uP98XDTAzMDIxNzA2MzMyNVowFQIE"
-            + "L64/0xcNMDMwMjE3MDYzMzI1WjAVAgQvrj/dFw0wMzAxMTMxMTI4MTRaMBUCBC+u"
-            + "P9cXDTAzMDExMzExMjcwN1owFQIEL64/2BcNMDMwMTEzMTEyNzA3WjAVAgQvrj/V"
-            + "Fw0wMzA0MzAxMjI3NTNaMBUCBC+uP9YXDTAzMDQzMDEyMjc1M1owFQIEL64/xhcN"
-            + "MDMwMjEyMTM0NTQwWjAVAgQvrj/FFw0wMzAyMTIxMzQ1NDBaMBUCBC+uP8IXDTAz"
-            + "MDIxMjEzMDkxNlowFQIEL64/wRcNMDMwMjEyMTMwODQwWjAVAgQvrj++Fw0wMzAy"
-            + "MTcwNjM3MjVaMBUCBC+uP70XDTAzMDIxNzA2MzcyNVowFQIEL64/sBcNMDMwMjEy"
-            + "MTMwODU5WjAVAgQvrj+vFw0wMzAyMTcwNjM3MjVaMBUCBC+uP5MXDTAzMDQxMDA1"
-            + "MjYyOFowFQIEL64/khcNMDMwNDEwMDUyNjI4WjAVAgQvrj8/Fw0wMzAyMjYxMTA0"
-            + "NDRaMBUCBC+uPz4XDTAzMDIyNjExMDQ0NFowFQIEL64+zRcNMDMwNTIwMDUyNzM2"
-            + "WjAVAgQvrj7MFw0wMzA1MjAwNTI3MzZaMBUCBC+uPjwXDTAzMDYxNzEwMzQxNlow"
-            + "FQIEL64+OxcNMDMwNjE3MTAzNDE2WjAVAgQvrj46Fw0wMzA2MTcxMDM0MTZaMBUC"
-            + "BC+uPjkXDTAzMDYxNzEzMDEwMFowFQIEL64+OBcNMDMwNjE3MTMwMTAwWjAVAgQv"
-            + "rj43Fw0wMzA2MTcxMzAxMDBaMBUCBC+uPjYXDTAzMDYxNzEzMDEwMFowFQIEL64+"
-            + "MxcNMDMwNjE3MTAzNzQ5WjAVAgQvrj4xFw0wMzA2MTcxMDQyNThaMBUCBC+uPjAX"
-            + "DTAzMDYxNzEwNDI1OFowFQIEL649qRcNMDMxMDIyMTEzMjI0WjAVAgQvrjyyFw0w"
-            + "NTAzMTEwNjQ0MjRaMBUCBC+uPKsXDTA0MDQwMjA3NTQ1M1owFQIEL6466BcNMDUw"
-            + "MTI3MTIwMzI0WjAVAgQvrjq+Fw0wNTAyMTYwNzU3MTZaMBUCBC+uOqcXDTA1MDMx"
-            + "MDA1NTkzNVowFQIEL646PBcNMDUwNTExMTA0OTQ2WjAVAgQvrG3VFw0wNTExMTEx"
-            + "MDAzMjFaMBUCBC+uLmgXDTA2MDEyMzEwMjU1NVowFQIEL64mxxcNMDYwODAxMDk0"
-            + "ODQ0WqCBijCBhzALBgNVHRQEBAICEQwwHwYDVR0jBBgwFoAUA1vI26YMj3njkfCU"
-            + "IXbo244kLjkwVwYDVR0SBFAwToZMbGRhcDovL3Brc2xkYXAudHR0Yy5kZS9vdT1U"
-            + "LVRlbGVTZWMgVGVzdCBESVIgODpQTixvPURldXRzY2hlIFRlbGVrb20gQUcsYz1k"
-            + "ZTAKBgYrJAMDAQIFAAOBgQArj4eMlbAwuA2aS5O4UUUHQMKKdK/dtZi60+LJMiMY"
-            + "ojrMIf4+ZCkgm1Ca0Cd5T15MJxVHhh167Ehn/Hd48pdnAP6Dfz/6LeqkIHGWMHR+"
-            + "z6TXpwWB+P4BdUec1ztz04LypsznrHcLRa91ixg9TZCb1MrOG+InNhleRs1ImXk8"
-            + "MQ==");
-
-    private static final String ldapURL1 = "ldap://pksldap.tttc.de:389";
-
-    private static final X509LDAPCertStoreParameters params1 = new X509LDAPCertStoreParameters.Builder(
-        ldapURL1, "o=Deutsche Telekom AG, c=DE").
-        setAACertificateSubjectAttributeName("ou cn").
-        setAttributeAuthorityRevocationListIssuerAttributeName("cn").
-        setAttributeCertificateAttributeSubjectAttributeName("cn").
-        setAttributeCertificateRevocationListIssuerAttributeName("cn").
-        setAttributeDescriptorCertificateSubjectAttributeName("ou cn").
-        setAuthorityRevocationListIssuerAttributeName("cn").
-        setCACertificateSubjectAttributeName("ou cn").
-        setCertificateRevocationListIssuerAttributeName("cn").
-        setCrossCertificateSubjectAttributeName("cn").
-        setDeltaRevocationListIssuerAttributeName("cn").
-        setSearchForSerialNumberIn("cn")
-        .build();
-
-    private static final String ldapURL2 = "ldap://directory.d-trust.de:389";
-
-    private static final X509LDAPCertStoreParameters params2 = new X509LDAPCertStoreParameters.Builder(
-        ldapURL2, "o=D-Trust GmbH, c=DE").
-        setAACertificateSubjectAttributeName("cn o").
-        setAttributeAuthorityRevocationListIssuerAttributeName("cn").
-        setAttributeCertificateAttributeSubjectAttributeName("cn").
-        setAttributeCertificateRevocationListIssuerAttributeName("cn").
-        setAttributeDescriptorCertificateSubjectAttributeName("cn o").
-        setAuthorityRevocationListIssuerAttributeName("cn").
-        setCACertificateSubjectAttributeName("cn o").
-        setCertificateRevocationListIssuerAttributeName("cn").
-        setCrossCertificateSubjectAttributeName("cn o").
-        setDeltaRevocationListIssuerAttributeName("cn").
-        setSearchForSerialNumberIn("uid")
-        .build();
-
-    private static final byte[] cert2 = Base64
-        .decode("MIIEADCCAuigAwIBAgIDAJ/QMA0GCSqGSIb3DQEBBQUAMD8xCzAJBgNVBAYTAkRF"
-            + "MRUwEwYDVQQKDAxELVRydXN0IEdtYkgxGTAXBgNVBAMMEEQtVFJVU1QgRGVtbyBD"
-            + "QTEwHhcNMDYwMzAyMTYxNTU3WhcNMDgwMzEyMTYxNTU3WjB+MQswCQYDVQQGEwJE"
-            + "RTEUMBIGA1UECgwLTXVzdGVyIEdtYkgxFzAVBgNVBAMMDk1heCBNdXN0ZXJtYW5u"
-            + "MRMwEQYDVQQEDApNdXN0ZXJtYW5uMQwwCgYDVQQqDANNYXgxHTAbBgNVBAUTFERU"
-            + "UldFMTQxMjk5NDU1MTgwMTIxMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC"
-            + "AQEAjLDFeviSZDEZgLzTdptU4biPgNV7SvLqsNholfqkyQm2r5WSghGZSjhKYIne"
-            + "qKmZ08W59a51bGqDEsifYR7Tw9JC/AhH19fyK01+1ZAXHalgVthaRtLw31lcoTVJ"
-            + "R7j9fvrnW0sMPVP4m5gePb3P5/pYHVmN1MjdPIm38us5aJOytOO5Li2IwQIG0t4M"
-            + "bEC6/1horBR5TgRl7ACamrdaPHOvO1QVweOqYU7uVxLgDTK4mSV6heyrisFMfkbj"
-            + "7jT/c44kXM7dtgNcmESINudu6bnqaB1CxOFTJ/Jzv81R5lf7pBX2LOG1Bu94Yw2x"
-            + "cHUVROs2UWY8kQrNUozsBHzQ0QIDAKq5o4HFMIHCMBMGA1UdIwQMMAqACEITKrPL"
-            + "WuYiMDMGCCsGAQUFBwEBBCcwJTAjBggrBgEFBQcwAYYXaHR0cDovL29jc3AuZC10"
-            + "cnVzdC5uZXQwEAYDVR0gBAkwBzAFBgMqAwQwEQYDVR0OBAoECEvE8bXFHkFLMA4G"
-            + "A1UdDwEB/wQEAwIGQDAPBgUrJAgDCAQGDARUZXN0MB8GA1UdEQQYMBaBFG0ubXVz"
-            + "dGVybWFubkB0ZXN0LmRlMA8GBSskCAMPBAYMBFRlc3QwDQYJKoZIhvcNAQEFBQAD"
-            + "ggEBADD/X+UZZN30nCBDzJ7MtmgwvMBVDAU6HkPlzfyn9pxIKFrq3uR9wcY2pedM"
-            + "yQQk0NpTDCIhAYIjAHysMue0ViQnW5qq8uUCFn0+fsgMqqTQNRmE4NIqUrnYO40g"
-            + "WjcepCEApkTqGf3RFaDMf9zpRvj9qUx18De+V0GC22uD2vPKpqRcvS2dSw6pHBW2"
-            + "NwEU+RgNhoPXrHt332PEYdwO0zOL7eSLBD9AmkpP2uDjpMQ02Lu9kXG6OOfanwfS"
-            + "jHioCvDXyl5pwSHwrHNWQRb5dLF12Fg41LMapDwR7awAKE9h6qHBonvCMBPMvqrr"
-            + "NktqQcoQkluR9MItONJI5XHADtU=");
-
-    private static final String ldapURL3 = "ldap://dir.signtrust.de:389";
-
-    private static final X509LDAPCertStoreParameters params3 = new X509LDAPCertStoreParameters.Builder(
-        ldapURL3, "o=Deutsche Post AG, c=de").
-        setAACertificateSubjectAttributeName("ou").
-        setAttributeAuthorityRevocationListIssuerAttributeName("cn").
-        setAttributeCertificateAttributeSubjectAttributeName("cn").
-        setAttributeCertificateRevocationListIssuerAttributeName("o").
-        setAttributeDescriptorCertificateSubjectAttributeName("ou").
-        setAuthorityRevocationListIssuerAttributeName("o").
-        setCACertificateSubjectAttributeName("ou").
-        setCertificateRevocationListIssuerAttributeName("o").
-        setCrossCertificateSubjectAttributeName("o").
-        setDeltaRevocationListIssuerAttributeName("o").
-        setSearchForSerialNumberIn("serialNumber")
-        .build();
-
-    private static final byte[] cert3 = Base64
-        .decode("MIICwDCCAimgAwIBAgIBKzANBgkqhkiG9w0BAQUFADA6MRAwDgYDVQQDEwdQQ0Ex"
-            + "OlBOMRkwFwYDVQQKExBEZXV0c2NoZSBQb3N0IEFHMQswCQYDVQQGEwJERTAeFw0w"
-            + "MDA0MTkyMjAwMDBaFw0wMzA0MTkyMjAwMDBaMIGOMRAwDgYDVQQEFAdN5G5jaGVy"
-            + "MQ4wDAYDVQQqEwVLbGF1czEWMBQGA1UEAxQNS2xhdXMgTeRuY2hlcjEVMBMGA1UE"
-            + "CRMMV2llc2Vuc3RyLiAzMQ4wDAYDVQQREwU2MzMyOTESMBAGA1UEBxMJRWdlbHNi"
-            + "YWNoMQswCQYDVQQGEwJERTEKMAgGA1UEBRMBMTCBnzANBgkqhkiG9w0BAQEFAAOB"
-            + "jQAwgYkCgYEAn7z6Ba9wpv/mNBIaricY/d0KpxGpqGAXdqKlvqkk/seJEoBLvmL7"
-            + "wZz88RPELQqzDhc4oXYohS2dh3NHus9FpSPMq0JzKAcE3ArrVDxwtXtlcwN2v7iS"
-            + "TcHurgLOb9C/r8JdsMHNgwHMkkdp96cJk/sioyP5sLPYmgWxg1JH0vMCAwEAAaOB"
-            + "gDB+MAwGA1UdEwEB/wQCMAAwDwYDVR0PAQH/BAUDAwfAADBKBgNVHSMEQzBBoTyk"
-            + "OjEQMA4GA1UEAxMHUENBMTpQTjEZMBcGA1UEChMQRGV1dHNjaGUgUG9zdCBBRzEL"
-            + "MAkGA1UEBhMCREWCAQEwEQYDVR0OBAoECEAeJ6R3USjxMA0GCSqGSIb3DQEBBQUA"
-            + "A4GBADMRtdiQJF2fg7IcedTjnAW+QGl/wNSKy7A4oaBQeahcruo+hzH+ZU+DsiSu"
-            + "TJZaf2X1eUUEPmV+5zZlopGa3HvFfgmIYIXBw9ZO3Qb/HWGsPNgW0yg5eXEGwNEt"
-            + "vV85BTMGuMjiuDw841IuAZaMKqOKnVXHmd2pLJz7Wv0MLJhw");
-
-    private static final byte[] caCert3 = Base64
-        .decode("MIICUjCCAb6gAwIBAgIDD2ptMAoGBiskAwMBAgUAMG8xCzAJBgNVBAYTAkRFMT0w"
-            + "OwYDVQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21tdW5pa2F0"
-            + "aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjRSLUNBIDE6UE4w"
-            + "IhgPMjAwMDA0MTIwODIyMDNaGA8yMDA0MDQxMjA4MjIwM1owWzELMAkGA1UEBhMC"
-            + "REUxGTAXBgNVBAoUEERldXRzY2hlIFBvc3QgQUcxMTAMBgcCggYBCgcUEwExMCEG"
-            + "A1UEAxQaQ0EgREVSIERFVVRTQ0hFTiBQT1NUIDU6UE4wgZ8wDQYJKoZIhvcNAQEB"
-            + "BQADgY0AMIGJAoGBAIH3c+gig1KkY5ceR6n/AMq+xz7hi3f0PMdpwIe2v2w6Hu5k"
-            + "jipe++NvU3r6wakIY2royHl3gKWrExOisBico9aQmn8lMJnWZ7SUbB+WpRn0mAWN"
-            + "ZM9YT+/U5hRCffeeuLWClzrbScaWnAeaaI0G+N/QKnSSjrV/l64jogyADWCTAgMB"
-            + "AAGjEjAQMA4GA1UdDwEB/wQEAwIBBjAKBgYrJAMDAQIFAAOBgQAaV5WClEneXk9s"
-            + "LO8zTQAsf4KvDaLd1BFcFeYM7kLLRHKeWQ0MAd0xkuAMme5NVwWNpNZP74B4HX7Q"
-            + "/Q0h/wo/9LTgQaxw52lLs4Ml0HUyJbSFjoQ+sqgjg2fGNGw7aGkVNY5dQTAy8oSv"
-            + "iG8mxTsQ7Fxaush3cIB0qDDwXar/hg==");
-
-    private static final byte[] crossCert3 = Base64
-        .decode("MIICVDCCAcCgAwIBAgIDDIOsMAoGBiskAwMBAgUAMG8xCzAJBgNVBAYTAkRFMT0w"
-            + "OwYDVQQKFDRSZWd1bGllcnVuZ3NiZWjIb3JkZSBmyHVyIFRlbGVrb21tdW5pa2F0"
-            + "aW9uIHVuZCBQb3N0MSEwDAYHAoIGAQoHFBMBMTARBgNVBAMUCjRSLUNBIDE6UE4w"
-            + "IhgPMjAwMDAzMjIwOTQzNTBaGA8yMDA0MDEyMTE2MDQ1M1owbzELMAkGA1UEBhMC"
-            + "REUxPTA7BgNVBAoUNFJlZ3VsaWVydW5nc2JlaMhvcmRlIGbIdXIgVGVsZWtvbW11"
-            + "bmlrYXRpb24gdW5kIFBvc3QxITAMBgcCggYBCgcUEwExMBEGA1UEAxQKNVItQ0Eg"
-            + "MTpQTjCBoTANBgkqhkiG9w0BAQEFAAOBjwAwgYsCgYEAih5BUycfBpqKhU8RDsaS"
-            + "vV5AtzWeXQRColL9CH3t0DKnhjKAlJ8iccFtJNv+d3bh8bb9sh0maRSo647xP7hs"
-            + "HTjKgTE4zM5BYNfXvST79OtcMgAzrnDiGjQIIWv8xbfV1MqxxdtZJygrwzRMb9jG"
-            + "CAGoJEymoyzAMNG7tSdBWnUCBQDAAAABMAoGBiskAwMBAgUAA4GBAIBWrl6aEy4d"
-            + "2d6U/924YK8Tv9oChmaKVhklkiTzcKv1N8dhLnLTibq4/stop03CY3rKU4X5aTfu"
-            + "0J77FIV1Poy9jLT5Tm1NBpi71m4uO3AUoSeyhJXGQGsYFjAc3URqkznbTL/nr9re"
-            + "IoBhf6u9cX+idnN6Uy1q+j/LOrcy3zgj");
-
-    public void performTest() throws Exception
-    {
-        certStoretest();
-        x509StoreTest();
-    }
-
-    private void certStoretest() throws Exception
-    {
-        CertStore cs = CertStore.getInstance("X509LDAP", params1, "BC");
-        X509CertSelector sl = new X509CertSelector();
-        CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
-        X509Certificate xcert = (X509Certificate)cf
-            .generateCertificate(new ByteArrayInputStream(cert1));
-        sl.setCertificate(xcert);
-        Collection coll = cs.getCertificates(sl);
-        if (coll.isEmpty() || !coll.iterator().next().equals(xcert))
-        {
-            fail("certificate could not be picked from LDAP directory.");
-        }
-
-        // System.out.println(coll.toArray()[0]);
-
-        sl.setCertificate(null);
-        sl.setSubject(getSubject(xcert).getEncoded());
-        coll = cs.getCertificates(sl);
-        if (coll.isEmpty() || !coll.iterator().next().equals(xcert))
-        {
-            fail("certificate could not be picked from LDAP directory.");
-        }
-        X509CRLSelector sl2 = new X509CRLSelector();
-        X509CRL crl = (X509CRL)cf.generateCRL(new
-            ByteArrayInputStream(directCRL));
-        sl2.addIssuerName(getCRLIssuer(crl).getEncoded());
-        coll = cs.getCRLs(sl2);
-        if (!coll.iterator().hasNext())
-        {
-            fail("CRL could not be picked from LDAP directory.");
-        }
-        // System.out.println(coll.toArray()[0]);
-
-        cs = CertStore.getInstance("X509LDAP", params2, "BC");
-        sl = new X509CertSelector();
-        xcert = (X509Certificate)cf
-            .generateCertificate(new ByteArrayInputStream(cert2));
-        sl.setCertificate(xcert);
-        coll = cs.getCertificates(sl);
-        if (coll.isEmpty() || !coll.iterator().next().equals(xcert))
-        {
-            fail("Certificate could not be picked from LDAP directory.");
-        }
-
-        // System.out.println(coll.toArray()[0]);
-
-        cs = CertStore.getInstance("X509LDAP", params3, "BC");
-        sl = new X509CertSelector();
-        xcert = (X509Certificate)cf
-            .generateCertificate(new ByteArrayInputStream(cert3));
-        sl.setCertificate(xcert);
-        coll = cs.getCertificates(sl);
-        if (coll.isEmpty() || !coll.iterator().next().equals(xcert))
-        {
-            fail("Certificate could not be picked from LDAP directory.");
-        }
-
-        // System.out.println(coll.toArray()[0]);
-
-        xcert = (X509Certificate)cf
-            .generateCertificate(new ByteArrayInputStream(caCert3));
-        sl = new X509CertSelector();
-        sl.setSubject(getSubject(xcert).getEncoded());
-        coll = cs.getCertificates(sl);
-        boolean found = false;
-        if (coll.isEmpty())
-        {
-            fail("Certificate could not be picked from LDAP directory.");
-        }
-
-        for (Iterator it = coll.iterator(); it.hasNext();)
-        {
-            if (it.next().equals(xcert))
-            {
-                found = true;
-                break;
-            }
-        }
-        if (!found)
-        {
-            fail("Certificate could not be picked from LDAP directory.");
-        }
-
-        // System.out.println(coll.toArray()[0]);
-
-        sl = new X509CertSelector();
-        xcert = (X509Certificate)cf
-            .generateCertificate(new ByteArrayInputStream(crossCert3));
-        sl = new X509CertSelector();
-        sl.setSubject(getSubject(xcert).getEncoded());
-        coll = cs.getCertificates(sl);
-        if (coll.isEmpty())
-        {
-            fail("Cross certificate pair could not be picked from LDAP directory.");
-        }
-        found = false;
-        for (Iterator it = coll.iterator(); it.hasNext();)
-        {
-            if (it.next().equals(xcert))
-            {
-                found = true;
-                break;
-            }
-        }
-        if (!found)
-        {
-            fail("Cross certificate pair could not be picked from LDAP directory.");
-        }
-
-        // System.out.println(coll.toArray()[0]);
-    }
-
-    private void x509StoreTest() throws Exception
-    {
-        X509Store cs = X509Store.getInstance("CERTIFICATE/LDAP", params1, "BC");
-
-        X509CertStoreSelector sl = new X509CertStoreSelector();
-        CertificateFactory cf = CertificateFactory.getInstance("X.509", "BC");
-        X509Certificate xcert = (X509Certificate)cf
-            .generateCertificate(new ByteArrayInputStream(cert1));
-        sl.setCertificate(xcert);
-        Collection coll = cs.getMatches(sl);
-        if (coll.isEmpty() || !coll.iterator().next().equals(xcert))
-        {
-            fail("certificate could not be picked from LDAP directory.");
-        }
-
-        // System.out.println(coll.toArray()[0]);
-
-        sl.setCertificate(null);
-        sl.setSubject(getSubject(xcert).getEncoded());
-        coll = cs.getMatches(sl);
-        if (coll.isEmpty() || !coll.iterator().next().equals(xcert))
-        {
-            fail("certificate could not be picked from LDAP directory.");
-        }
-        X509CRLStoreSelector sl2 = new X509CRLStoreSelector();
-        X509CRL crl = (X509CRL)cf.generateCRL(new
-            ByteArrayInputStream(directCRL));
-        sl2.setIssuers(Collections.singleton(crl.getIssuerX500Principal()));
-        cs = X509Store.getInstance("CRL/LDAP", params1, "BC");
-        coll = cs.getMatches(sl2);
-        if (!coll.iterator().hasNext())
-        {
-            fail("CRL could not be picked from LDAP directory.");
-        }
-        // System.out.println(coll.toArray()[0]);
-
-        cs = X509Store.getInstance("CERTIFICATE/LDAP", params2, "BC");
-        sl = new X509CertStoreSelector();
-        xcert = (X509Certificate)cf
-            .generateCertificate(new ByteArrayInputStream(cert2));
-        sl.setCertificate(xcert);
-        coll = cs.getMatches(sl);
-        if (coll.isEmpty() || !coll.iterator().next().equals(xcert))
-        {
-            fail("Certificate could not be picked from LDAP directory.");
-        }
-
-        // System.out.println(coll.toArray()[0]);
-
-        cs = X509Store.getInstance("CERTIFICATE/LDAP", params3, "BC");
-        sl = new X509CertStoreSelector();
-        xcert = (X509Certificate)cf
-            .generateCertificate(new ByteArrayInputStream(cert3));
-        sl.setCertificate(xcert);
-        coll = cs.getMatches(sl);
-        if (coll.isEmpty() || !coll.iterator().next().equals(xcert))
-        {
-            fail("Certificate could not be picked from LDAP directory.");
-        }
-
-        // System.out.println(coll.toArray()[0]);
-
-        xcert = (X509Certificate)cf
-            .generateCertificate(new ByteArrayInputStream(caCert3));
-        sl = new X509CertStoreSelector();
-        sl.setSubject(getSubject(xcert).getEncoded());
-        coll = cs.getMatches(sl);
-        boolean found = false;
-        if (coll.isEmpty())
-        {
-            fail("Certificate could not be picked from LDAP directory.");
-        }
-
-        for (Iterator it = coll.iterator(); it.hasNext();)
-        {
-            if (it.next().equals(xcert))
-            {
-                found = true;
-                break;
-            }
-        }
-        if (!found)
-        {
-            fail("Certificate could not be picked from LDAP directory.");
-        }
-
-        // System.out.println(coll.toArray()[0]);
-
-        sl = new X509CertStoreSelector();
-        xcert = (X509Certificate)cf
-            .generateCertificate(new ByteArrayInputStream(crossCert3));
-        sl.setSubject(getSubject(xcert).getEncoded());
-        coll = cs.getMatches(sl);
-        if (coll.isEmpty())
-        {
-            fail("Cross certificate pair could not be picked from LDAP directory.");
-        }
-        found = false;
-        for (Iterator it = coll.iterator(); it.hasNext();)
-        {
-            if (it.next().equals(xcert))
-            {
-                found = true;
-                break;
-            }
-        }
-        if (!found)
-        {
-            fail("Cross certificate pair could not be picked from LDAP directory.");
-        }
-
-        // System.out.println(coll.toArray()[0]);
-
-    }
-
-    private X509Principal getSubject(X509Certificate cert)
-        throws CertificateEncodingException
-    {
-        return PrincipalUtil.getSubjectX509Principal(cert);
-    }
-
-    private X509Principal getCRLIssuer(X509CRL crl)
-        throws CRLException
-    {
-        return PrincipalUtil.getIssuerX509Principal(crl);
-    }
-
-    public String getName()
-    {
-        return "LDAPCertStoreTest";
-    }
-
-    public static void main(String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-        runTest(new X509LDAPCertStoreTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/X509StreamParserTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/X509StreamParserTest.java
deleted file mode 100644
index 8f3c7fe..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/X509StreamParserTest.java
+++ /dev/null

@@ -1,360 +0,0 @@
-package org.bouncycastle.jce.provider.test;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.DERSet;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.asn1.cms.CMSObjectIdentifiers;
-import org.bouncycastle.asn1.cms.ContentInfo;
-import org.bouncycastle.asn1.cms.SignedData;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-import org.bouncycastle.x509.X509AttributeCertificate;
-import org.bouncycastle.x509.X509CertificatePair;
-import org.bouncycastle.x509.X509StreamParser;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.security.Security;
-import java.security.cert.X509CRL;
-import java.security.cert.X509Certificate;
-import java.util.Collection;
-
-public class X509StreamParserTest
-    extends SimpleTest
-{
-    byte[]  attrCert = Base64.decode(
-        "MIIHQDCCBqkCAQEwgZChgY2kgYowgYcxHDAaBgkqhkiG9w0BCQEWDW1sb3JjaEB2"
-      + "dC5lZHUxHjAcBgNVBAMTFU1hcmt1cyBMb3JjaCAobWxvcmNoKTEbMBkGA1UECxMS"
-      + "VmlyZ2luaWEgVGVjaCBVc2VyMRAwDgYDVQQLEwdDbGFzcyAyMQswCQYDVQQKEwJ2"
-      + "dDELMAkGA1UEBhMCVVMwgYmkgYYwgYMxGzAZBgkqhkiG9w0BCQEWDHNzaGFoQHZ0"
-      + "LmVkdTEbMBkGA1UEAxMSU3VtaXQgU2hhaCAoc3NoYWgpMRswGQYDVQQLExJWaXJn"
-      + "aW5pYSBUZWNoIFVzZXIxEDAOBgNVBAsTB0NsYXNzIDExCzAJBgNVBAoTAnZ0MQsw"
-      + "CQYDVQQGEwJVUzANBgkqhkiG9w0BAQQFAAIBBTAiGA8yMDAzMDcxODE2MDgwMloY"
-      + "DzIwMDMwNzI1MTYwODAyWjCCBU0wggVJBgorBgEEAbRoCAEBMYIFORaCBTU8UnVs"
-      + "ZSBSdWxlSWQ9IkZpbGUtUHJpdmlsZWdlLVJ1bGUiIEVmZmVjdD0iUGVybWl0Ij4K"
-      + "IDxUYXJnZXQ+CiAgPFN1YmplY3RzPgogICA8U3ViamVjdD4KICAgIDxTdWJqZWN0"
-      + "TWF0Y2ggTWF0Y2hJZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjEuMDpmdW5j"
-      + "dGlvbjpzdHJpbmctZXF1YWwiPgogICAgIDxBdHRyaWJ1dGVWYWx1ZSBEYXRhVHlw"
-      + "ZT0iaHR0cDovL3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjc3RyaW5nIj4KICAg"
-      + "ICAgIENOPU1hcmt1cyBMb3JjaDwvQXR0cmlidXRlVmFsdWU+CiAgICAgPFN1Ympl"
-      + "Y3RBdHRyaWJ1dGVEZXNpZ25hdG9yIEF0dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFt"
-      + "ZXM6dGM6eGFjbWw6MS4wOnN1YmplY3Q6c3ViamVjdC1pZCIgRGF0YVR5cGU9Imh0"
-      + "dHA6Ly93d3cudzMub3JnLzIwMDEvWE1MU2NoZW1hI3N0cmluZyIgLz4gCiAgICA8"
-      + "L1N1YmplY3RNYXRjaD4KICAgPC9TdWJqZWN0PgogIDwvU3ViamVjdHM+CiAgPFJl"
-      + "c291cmNlcz4KICAgPFJlc291cmNlPgogICAgPFJlc291cmNlTWF0Y2ggTWF0Y2hJ"
-      + "ZD0idXJuOm9hc2lzOm5hbWVzOnRjOnhhY21sOjEuMDpmdW5jdGlvbjpzdHJpbmct"
-      + "ZXF1YWwiPgogICAgIDxBdHRyaWJ1dGVWYWx1ZSBEYXRhVHlwZT0iaHR0cDovL3d3"
-      + "dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjYW55VVJJIj4KICAgICAgaHR0cDovL3p1"
-      + "bmkuY3MudnQuZWR1PC9BdHRyaWJ1dGVWYWx1ZT4KICAgICA8UmVzb3VyY2VBdHRy"
-      + "aWJ1dGVEZXNpZ25hdG9yIEF0dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFtZXM6dGM6"
-      + "eGFjbWw6MS4wOnJlc291cmNlOnJlc291cmNlLWlkIiBEYXRhVHlwZT0iaHR0cDov"
-      + "L3d3dy53My5vcmcvMjAwMS9YTUxTY2hlbWEjYW55VVJJIiAvPiAKICAgIDwvUmVz"
-      + "b3VyY2VNYXRjaD4KICAgPC9SZXNvdXJjZT4KICA8L1Jlc291cmNlcz4KICA8QWN0"
-      + "aW9ucz4KICAgPEFjdGlvbj4KICAgIDxBY3Rpb25NYXRjaCBNYXRjaElkPSJ1cm46"
-      + "b2FzaXM6bmFtZXM6dGM6eGFjbWw6MS4wOmZ1bmN0aW9uOnN0cmluZy1lcXVhbCI+"
-      + "CiAgICAgPEF0dHJpYnV0ZVZhbHVlIERhdGFUeXBlPSJodHRwOi8vd3d3LnczLm9y"
-      + "Zy8yMDAxL1hNTFNjaGVtYSNzdHJpbmciPgpEZWxlZ2F0ZSBBY2Nlc3MgICAgIDwv"
-      + "QXR0cmlidXRlVmFsdWU+CgkgIDxBY3Rpb25BdHRyaWJ1dGVEZXNpZ25hdG9yIEF0"
-      + "dHJpYnV0ZUlkPSJ1cm46b2FzaXM6bmFtZXM6dGM6eGFjbWw6MS4wOmFjdGlvbjph"
-      + "Y3Rpb24taWQiIERhdGFUeXBlPSJodHRwOi8vd3d3LnczLm9yZy8yMDAxL1hNTFNj"
-      + "aGVtYSNzdHJpbmciIC8+IAogICAgPC9BY3Rpb25NYXRjaD4KICAgPC9BY3Rpb24+"
-      + "CiAgPC9BY3Rpb25zPgogPC9UYXJnZXQ+CjwvUnVsZT4KMA0GCSqGSIb3DQEBBAUA"
-      + "A4GBAGiJSM48XsY90HlYxGmGVSmNR6ZW2As+bot3KAfiCIkUIOAqhcphBS23egTr"
-      + "6asYwy151HshbPNYz+Cgeqs45KkVzh7bL/0e1r8sDVIaaGIkjHK3CqBABnfSayr3"
-      + "Rd1yBoDdEv8Qb+3eEPH6ab9021AsLEnJ6LWTmybbOpMNZ3tv");
-
-    public void performTest()
-        throws Exception
-    {
-        X509StreamParser parser = X509StreamParser.getInstance("Certificate", "BC");
-
-        parser.init(new ByteArrayInputStream(CertPathTest.rootCertBin));
-        X509Certificate rootCert = (X509Certificate)parser.read();
-
-        parser = X509StreamParser.getInstance("CRL", "BC");
-
-        parser.init(new ByteArrayInputStream(CertPathTest.rootCrlBin));
-
-
-        X509CRL rootCrl = (X509CRL)parser.read();
-
-        parser = X509StreamParser.getInstance("AttributeCertificate", "BC");
-
-        parser.init(new ByteArrayInputStream(attrCert));
-
-        X509AttributeCertificate aCert = (X509AttributeCertificate)parser.read();
-
-        ByteArrayOutputStream  bOut = new ByteArrayOutputStream();
-
-        bOut.write(CertPathTest.rootCertBin);
-        bOut.write(CertPathTest.interCertBin);
-        bOut.write(CertPathTest.finalCertBin);
-
-        parser = X509StreamParser.getInstance("Certificate", "BC");
-
-        parser.init(bOut.toByteArray());
-
-        Collection res = parser.readAll();
-
-        if (res.size() != 3)
-        {
-            fail("wrong number of certificates found");
-        }
-
-        bOut = new ByteArrayOutputStream();
-
-        bOut.write(CertPathTest.rootCrlBin);
-        bOut.write(CertPathTest.interCrlBin);
-
-        parser = X509StreamParser.getInstance("CRL", "BC");
-
-        parser.init(bOut.toByteArray());
-
-        res = parser.readAll();
-
-        if (res.size() != 2)
-        {
-            fail("wrong number of CRLs found");
-        }
-
-        bOut = new ByteArrayOutputStream();
-
-        bOut.write(attrCert);
-        bOut.write(attrCert);
-
-        parser = X509StreamParser.getInstance("AttributeCertificate", "BC");
-
-        parser.init(bOut.toByteArray());
-
-        res = parser.readAll();
-
-        if (res.size() != 2)
-        {
-            fail("wrong number of Attribute Certificates found");
-        }
-
-        //
-        // PEM tests
-        //
-        parser = X509StreamParser.getInstance("Certificate", "BC");
-
-        parser.init(PEMData.CERTIFICATE_1.getBytes("US-ASCII"));
-
-        res = parser.readAll();
-
-        if (res.size() != 1)
-        {
-            fail("wrong number of Certificates found");
-        }
-
-        parser = X509StreamParser.getInstance("Certificate", "BC");
-
-        parser.init(PEMData.CERTIFICATE_2.getBytes("US-ASCII"));
-
-        res = parser.readAll();
-
-        if (res.size() != 1)
-        {
-            fail("wrong number of Certificates found");
-        }
-
-        parser = X509StreamParser.getInstance("CRL", "BC");
-
-        parser.init(PEMData.CRL_1.getBytes("US-ASCII"));
-
-        res = parser.readAll();
-
-        if (res.size() != 1)
-        {
-            fail("wrong number of CRLs found");
-        }
-
-        parser = X509StreamParser.getInstance("CRL", "BC");
-
-        parser.init(PEMData.CRL_2.getBytes("US-ASCII"));
-
-        res = parser.readAll();
-
-        if (res.size() != 1)
-        {
-            fail("wrong number of CRLs found");
-        }
-
-        parser = X509StreamParser.getInstance("AttributeCertificate", "BC");
-
-        parser.init(PEMData.ATTRIBUTE_CERTIFICATE_1.getBytes("US-ASCII"));
-
-        res = parser.readAll();
-
-        if (res.size() != 1)
-        {
-            fail("wrong number of Attribute Certificates found");
-        }
-
-        parser = X509StreamParser.getInstance("AttributeCertificate", "BC");
-
-        parser.init(PEMData.ATTRIBUTE_CERTIFICATE_2.getBytes("US-ASCII"));
-
-        res = parser.readAll();
-
-        if (res.size() != 1)
-        {
-            fail("wrong number of Attribute Certificates found");
-        }
-
-        ASN1EncodableVector certs = new ASN1EncodableVector();
-
-        certs.add(new ASN1InputStream(CertPathTest.rootCertBin).readObject());
-        certs.add(new DERTaggedObject(false, 2, new ASN1InputStream(attrCert).readObject()));
-
-        ASN1EncodableVector crls = new ASN1EncodableVector();
-
-        crls.add(new ASN1InputStream(CertPathTest.rootCrlBin).readObject());
-
-        //
-        // cross certificate pairs
-        //
-        parser = X509StreamParser.getInstance("CertificatePair", "BC");
-
-        parser.init(new X509CertificatePair(rootCert, rootCert).getEncoded());
-
-        res = parser.readAll();
-
-        if (res.size() != 1)
-        {
-            fail("wrong number of CertificatePairs found");
-        }
-
-        //
-        // PKCS7
-        //
-        SignedData sigData = new SignedData(new DERSet(), new ContentInfo(CMSObjectIdentifiers.data, null), new DERSet(certs), new DERSet(crls), new DERSet());
-
-        ContentInfo info = new ContentInfo(CMSObjectIdentifiers.signedData, sigData);
-
-        parser = X509StreamParser.getInstance("Certificate", "BC");
-
-        parser.init(info.getEncoded());
-
-        res = parser.readAll();
-
-        if (res.size() != 1)
-        {
-            fail("wrong number of Certificates found");
-        }
-
-        parser = X509StreamParser.getInstance("CRL", "BC");
-
-        parser.init(info.getEncoded());
-
-        res = parser.readAll();
-
-        if (res.size() != 1)
-        {
-            fail("wrong number of CRLs found");
-        }
-
-        parser = X509StreamParser.getInstance("AttributeCertificate", "BC");
-
-        parser.init(info.getEncoded());
-
-        res = parser.readAll();
-
-        if (res.size() != 1)
-        {
-            fail("wrong number of Attribute Certificates found");
-        }
-
-        // data with no certificates or CRLs
-
-        sigData = new SignedData(new DERSet(), new ContentInfo(CMSObjectIdentifiers.data, null), new DERSet(), new DERSet(), new DERSet());
-
-        info = new ContentInfo(CMSObjectIdentifiers.signedData, sigData);
-
-        parser = X509StreamParser.getInstance("Certificate", "BC");
-
-        parser.init(info.getEncoded());
-
-        res = parser.readAll();
-
-        if (res.size() != 0)
-        {
-            fail("wrong number of Certificates found - expected 0");
-        }
-
-        parser = X509StreamParser.getInstance("CRL", "BC");
-
-        parser.init(info.getEncoded());
-
-        res = parser.readAll();
-
-        if (res.size() != 0)
-        {
-            fail("wrong number of CRLs found - expected 0");
-        }
-
-        parser = X509StreamParser.getInstance("AttributeCertificate", "BC");
-
-        parser.init(info.getEncoded());
-
-        res = parser.readAll();
-
-        if (res.size() != 0)
-        {
-            fail("wrong number of Attribute Certificates found - expected 0");
-        }
-
-        // data with absent certificates and CRLs
-        sigData = new SignedData(new DERSet(), new ContentInfo(CMSObjectIdentifiers.data, null), null, null, new DERSet());
-
-        info = new ContentInfo(CMSObjectIdentifiers.signedData, sigData);
-
-        parser = X509StreamParser.getInstance("Certificate", "BC");
-
-        parser.init(info.getEncoded());
-
-        res = parser.readAll();
-
-        if (res.size() != 0)
-        {
-            fail("wrong number of Certificates found - expected 0");
-        }
-
-        parser = X509StreamParser.getInstance("CRL", "BC");
-
-        parser.init(info.getEncoded());
-
-        res = parser.readAll();
-
-        if (res.size() != 0)
-        {
-            fail("wrong number of CRLs found - expected 0");
-        }
-
-        parser = X509StreamParser.getInstance("AttributeCertificate", "BC");
-
-        parser.init(info.getEncoded());
-
-        res = parser.readAll();
-
-        if (res.size() != 0)
-        {
-            fail("wrong number of Attribute Certificates found - expected 0");
-        }
-    }
-
-    public String getName()
-    {
-        return "X509StreamParser";
-    }
-
-    public static void main(String[] args)
-    {
-        Security.addProvider(new BouncyCastleProvider());
-
-        runTest(new X509StreamParserTest());
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/nist/AllTests.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/nist/AllTests.java
deleted file mode 100644
index 434631a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/nist/AllTests.java
+++ /dev/null

@@ -1,47 +0,0 @@
-package org.bouncycastle.jce.provider.test.nist;
-
-import java.security.Security;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-
-public class AllTests
-    extends TestCase
-{
-    public static void main (String[] args)
-    {
-        junit.textui.TestRunner.run(suite());
-    }
-    
-    public static Test suite()
-    {
-        TestSuite suite = new TestSuite("CertPath Tests");
-        
-        suite.addTestSuite(NistCertPathTest.class);
-        suite.addTestSuite(NistCertPathReviewerTest.class);
-
-        return new BCTestSetup(suite);
-    }
-
-    static class BCTestSetup
-        extends TestSetup
-    {
-        public BCTestSetup(Test test)
-        {
-            super(test);
-        }
-
-        protected void setUp()
-        {
-            Security.addProvider(new BouncyCastleProvider());
-        }
-
-        protected void tearDown()
-        {
-            Security.removeProvider("BC");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/nist/NistCertPathReviewerTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/nist/NistCertPathReviewerTest.java
deleted file mode 100644
index 1ee8ded..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/nist/NistCertPathReviewerTest.java
+++ /dev/null

@@ -1,713 +0,0 @@
-package org.bouncycastle.jce.provider.test.nist;
-
-import java.io.FileInputStream;
-import java.io.InputStream;
-import java.security.Security;
-import java.security.cert.CertPath;
-import java.security.cert.CertStore;
-import java.security.cert.CertificateFactory;
-import java.security.cert.CollectionCertStoreParameters;
-import java.security.cert.PKIXParameters;
-import java.security.cert.TrustAnchor;
-import java.security.cert.X509CRL;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.GregorianCalendar;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Locale;
-import java.util.Map;
-import java.util.Set;
-import java.util.TimeZone;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.x509.X509Extension;
-import org.bouncycastle.i18n.ErrorBundle;
-import org.bouncycastle.x509.PKIXCertPathReviewer;
-import org.bouncycastle.x509.extension.X509ExtensionUtil;
-
-/**
- * NIST CertPath test data for RFC 3280
- */
-public class NistCertPathReviewerTest
-    extends TestCase
-{
-    private static final String TEST_DATA_HOME = "bc.test.data.home";
-
-    private static final String GOOD_CA_CERT = "GoodCACert";
-
-    private static final String GOOD_CA_CRL = "GoodCACRL";
-
-    private static final String TRUST_ANCHOR_ROOT_CRL = "TrustAnchorRootCRL";
-
-    private static final String TRUST_ANCHOR_ROOT_CERTIFICATE = "TrustAnchorRootCertificate";
-
-    private static final char[] PKCS12_PASSWORD = "password".toCharArray();
-    
-    private static String NIST_TEST_POLICY_1 = "2.16.840.1.101.3.2.1.48.1";
-    private static String NIST_TEST_POLICY_2 = "2.16.840.1.101.3.2.1.48.2";
-    private static String NIST_TEST_POLICY_3 = "2.16.840.1.101.3.2.1.48.3";
-    
-    private static Map   certs = new HashMap();
-    private static Map   crls = new HashMap();
-    
-    private static Set   noPolicies = Collections.EMPTY_SET;
-    private static Set   nistTestPolicy1 = Collections.singleton(NIST_TEST_POLICY_1);
-    private static Set   nistTestPolicy2 = Collections.singleton(NIST_TEST_POLICY_2);
-    private static Set   nistTestPolicy3 = Collections.singleton(NIST_TEST_POLICY_3);
-    private static Set   nistTestPolicy1And2 = new HashSet(Arrays.asList(new String[] { NIST_TEST_POLICY_1, NIST_TEST_POLICY_2 }));
-        
-    public void testValidSignaturesTest1()
-        throws Exception
-    {
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { "ValidCertificatePathTest1EE", GOOD_CA_CERT}, 
-                new String[] { GOOD_CA_CRL, TRUST_ANCHOR_ROOT_CRL });
-    }
-    
-    public void testInvalidCASignatureTest2()
-        throws Exception
-    {
-        doErrorTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { "ValidCertificatePathTest1EE", "BadSignedCACert" }, 
-                new String[] { "BadSignedCACRL", TRUST_ANCHOR_ROOT_CRL},
-                1,
-                "CertPathReviewer.signatureNotVerified",
-                "The certificate signature is invalid. A java.security.SignatureException occurred.");
-    }
-    
-    public void testInvalidEESignatureTest3()
-        throws Exception
-    {
-        doErrorTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-            new String[] { GOOD_CA_CERT, "InvalidEESignatureTest3EE" }, 
-            new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL },
-            0,
-            "CertPathReviewer.signatureNotVerified",
-            "The certificate signature is invalid. A java.security.SignatureException occurred.");
-    }
-    
-    public void testValidDSASignaturesTest4()
-        throws Exception
-    {
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { "DSACACert", "ValidDSASignaturesTest4EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, "DSACACRL" });
-    }
-    /*
-    public void testValidDSAParameterInheritanceTest5()
-        throws Exception
-    {
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { "DSACACert", "DSAParametersInheritedCACert", "ValidDSAParameterInheritanceTest5EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, "DSACACRL", "DSAParametersInheritedCACRL" });
-    }
-    */
-    public void testInvalidDSASignaturesTest6()
-        throws Exception
-    {
-        doErrorTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { "DSACACert", "InvalidDSASignatureTest6EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, "DSACACRL" },
-                0,
-                "CertPathReviewer.signatureNotVerified",
-                "The certificate signature is invalid. A java.security.SignatureException occurred.");
-    }
-    
-    public void testCANotBeforeDateTest1()
-        throws Exception
-    {
-        doErrorTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { "BadnotBeforeDateCACert", "InvalidCAnotBeforeDateTest1EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, "BadnotBeforeDateCACRL" },
-                1,
-                "CertPathReviewer.certificateNotYetValid",
-                "Could not validate the certificate. Certificate is not valid until Jan 1, 2047 12:01:00 PM GMT.");
-    }
-    
-    public void testInvalidEENotBeforeDateTest2()
-        throws Exception
-    {
-        doErrorTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { GOOD_CA_CERT, "InvalidEEnotBeforeDateTest2EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL },
-                0,
-                "CertPathReviewer.certificateNotYetValid",
-                "Could not validate the certificate. Certificate is not valid until Jan 1, 2047 12:01:00 PM GMT.");
-    }
-    
-    public void testValidPre2000UTCNotBeforeDateTest3()
-        throws Exception
-    {
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { GOOD_CA_CERT, "Validpre2000UTCnotBeforeDateTest3EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL });
-    }
-    
-    public void testValidGeneralizedTimeNotBeforeDateTest4()
-        throws Exception
-    {
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { GOOD_CA_CERT, "ValidGeneralizedTimenotBeforeDateTest4EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL });
-    }
-    
-    public void testInvalidCANotAfterDateTest5()
-        throws Exception
-    {
-        doErrorTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { "BadnotAfterDateCACert", "InvalidCAnotAfterDateTest5EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, "BadnotAfterDateCACRL" },
-                1,
-                "CertPathReviewer.certificateExpired",
-                "Could not validate the certificate. Certificate expired on Jan 1, 2002 12:01:00 PM GMT.");
-    }
-    
-    public void testInvalidEENotAfterDateTest6()
-        throws Exception
-    {
-        doErrorTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { GOOD_CA_CERT, "InvalidEEnotAfterDateTest6EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL },
-                0,
-                "CertPathReviewer.certificateExpired",
-                "Could not validate the certificate. Certificate expired on Jan 1, 2002 12:01:00 PM GMT.");
-    }
-    
-    public void testInvalidValidPre2000UTCNotAfterDateTest7()
-        throws Exception
-    {
-        doErrorTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { GOOD_CA_CERT, "Invalidpre2000UTCEEnotAfterDateTest7EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL },
-                0,
-                "CertPathReviewer.certificateExpired",
-                "Could not validate the certificate. Certificate expired on Jan 1, 1999 12:01:00 PM GMT.");
-    }
-    
-    public void testInvalidNegativeSerialNumberTest15()
-        throws Exception
-    {
-        doErrorTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { "NegativeSerialNumberCACert", "InvalidNegativeSerialNumberTest15EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, "NegativeSerialNumberCACRL" },
-                0,
-                "CertPathReviewer.certRevoked",
-                "The certificate was revoked at Apr 19, 2001 2:57:20 PM GMT. Reason: Key Compromise.");
-    }
-    
-    //
-    // 4.8 Certificate Policies
-    //
-    public void testAllCertificatesSamePolicyTest1()
-        throws Exception
-    {
-        String[] certList = new String[] { GOOD_CA_CERT, "ValidCertificatePathTest1EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL };
-        
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                certList, 
-                crlList,
-                noPolicies); 
-        
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                certList, 
-                crlList,
-                nistTestPolicy1);
-        
-        doErrorTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                certList, 
-                crlList,
-                nistTestPolicy2,
-                -1,
-                "CertPathReviewer.invalidPolicy",
-                "Path processing failed on policy.");
-        
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                certList, 
-                crlList,
-                nistTestPolicy1And2);
-    }
-    
-    public void testAllCertificatesNoPoliciesTest2()
-        throws Exception
-    {
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { "NoPoliciesCACert", "AllCertificatesNoPoliciesTest2EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, "NoPoliciesCACRL" });
-        
-        doErrorTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { "NoPoliciesCACert", "AllCertificatesNoPoliciesTest2EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, "NoPoliciesCACRL" },
-                noPolicies,
-                -1,
-                "CertPathReviewer.noValidPolicyTree",
-                "Policy checking failed: no valid policy tree found when one expected.");
-    }
-    
-    public void testDifferentPoliciesTest3()
-        throws Exception
-    {
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { GOOD_CA_CERT, "PoliciesP2subCACert", "DifferentPoliciesTest3EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL, "PoliciesP2subCACRL" });
-        
-        doErrorTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { GOOD_CA_CERT, "PoliciesP2subCACert", "DifferentPoliciesTest3EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL, "PoliciesP2subCACRL" },
-                noPolicies,
-                -1,
-                "CertPathReviewer.noValidPolicyTree",
-                "Policy checking failed: no valid policy tree found when one expected.");
-        
-        doErrorTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { GOOD_CA_CERT, "PoliciesP2subCACert", "DifferentPoliciesTest3EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL, "PoliciesP2subCACRL" },
-                nistTestPolicy1And2,
-                -1,
-                "CertPathReviewer.noValidPolicyTree",
-                "Policy checking failed: no valid policy tree found when one expected.");
-    }
-    
-    public void testDifferentPoliciesTest4()
-        throws Exception
-    {
-        doErrorTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { GOOD_CA_CERT, "GoodsubCACert", "DifferentPoliciesTest4EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL, "GoodsubCACRL" },
-                -1,
-                "CertPathReviewer.noValidPolicyTree",
-                "Policy checking failed: no valid policy tree found when one expected."); 
-    }
-    
-    public void testDifferentPoliciesTest5()
-        throws Exception
-    {
-        doErrorTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { GOOD_CA_CERT, "PoliciesP2subCA2Cert", "DifferentPoliciesTest5EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL, "PoliciesP2subCA2CRL" },
-                -1,
-                "CertPathReviewer.noValidPolicyTree",
-                "Policy checking failed: no valid policy tree found when one expected."); 
-    }
-    
-    public void testOverlappingPoliciesTest6()
-        throws Exception
-    {
-        String[] certList = new String[] { "PoliciesP1234CACert", "PoliciesP1234subCAP123Cert", "PoliciesP1234subsubCAP123P12Cert", "OverlappingPoliciesTest6EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP1234CACRL", "PoliciesP1234subCAP123CRL", "PoliciesP1234subsubCAP123P12CRL" };
-        
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList);
-        
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
-        
-        doErrorTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2,
-                -1,
-                "CertPathReviewer.invalidPolicy",
-                "Path processing failed on policy.");
-    }
-    
-    public void testDifferentPoliciesTest7()
-        throws Exception
-    {
-        String[] certList = new String[] { "PoliciesP123CACert", "PoliciesP123subCAP12Cert", "PoliciesP123subsubCAP12P1Cert", "DifferentPoliciesTest7EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP123CACRL", "PoliciesP123subCAP12CRL", "PoliciesP123subsubCAP12P1CRL" };
-        
-        doErrorTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList,
-                -1,
-                "CertPathReviewer.noValidPolicyTree",
-                "Policy checking failed: no valid policy tree found when one expected."); 
-    }
-    
-    public void testDifferentPoliciesTest8()
-        throws Exception
-    {
-        String[] certList = new String[] { "PoliciesP12CACert", "PoliciesP12subCAP1Cert", "PoliciesP12subsubCAP1P2Cert", "DifferentPoliciesTest8EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP12CACRL", "PoliciesP12subCAP1CRL", "PoliciesP12subsubCAP1P2CRL" };
-        
-        doErrorTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList,
-                -1,
-                "CertPathReviewer.noValidPolicyTree",
-                "Policy checking failed: no valid policy tree found when one expected.");
-    }
-    
-    public void testDifferentPoliciesTest9()
-        throws Exception
-    {
-        String[] certList = new String[] { "PoliciesP123CACert", "PoliciesP123subCAP12Cert", "PoliciesP123subsubCAP12P2Cert", "PoliciesP123subsubsubCAP12P2P1Cert", "DifferentPoliciesTest9EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP123CACRL", "PoliciesP123subCAP12CRL", "PoliciesP123subsubCAP2P2CRL", "PoliciesP123subsubsubCAP12P2P1CRL" };
-        
-        doErrorTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList,
-                -1,
-                "CertPathReviewer.noValidPolicyTree",
-                "Policy checking failed: no valid policy tree found when one expected.");
-    }
-    
-    public void testAllCertificatesSamePoliciesTest10()
-        throws Exception
-    {
-        String[] certList = new String[] { "PoliciesP12CACert", "AllCertificatesSamePoliciesTest10EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP12CACRL" };
-        
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList);
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2);
-    }
-    
-    public void testAllCertificatesAnyPolicyTest11()
-        throws Exception
-    {
-        String[] certList = new String[] { "anyPolicyCACert", "AllCertificatesanyPolicyTest11EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "anyPolicyCACRL" };
-        
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList);
-
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
-    }
-    
-    public void testDifferentPoliciesTest12()
-        throws Exception
-    {
-        String[] certList = new String[] { "PoliciesP3CACert", "DifferentPoliciesTest12EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP3CACRL" };
-        
-        doErrorTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList,
-                -1,
-                "CertPathReviewer.noValidPolicyTree",
-                "Policy checking failed: no valid policy tree found when one expected.");
-    }
-    
-    public void testAllCertificatesSamePoliciesTest13()
-        throws Exception
-    {
-        String[] certList = new String[] { "PoliciesP123CACert", "AllCertificatesSamePoliciesTest13EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP123CACRL" };
-        
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2);
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy3);
-    }
-    
-    public void testAnyPolicyTest14()
-        throws Exception
-    {
-        String[] certList = new String[] { "anyPolicyCACert", "AnyPolicyTest14EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "anyPolicyCACRL" };
-        
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
-        doErrorTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2,
-                -1,
-                "CertPathReviewer.invalidPolicy",
-                "Path processing failed on policy.");
-    }
-    
-    public void testUserNoticeQualifierTest15()
-        throws Exception
-    {
-        String[] certList = new String[] { "UserNoticeQualifierTest15EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL };
-        
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList);
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
-        doErrorTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2,
-                -1,
-                "CertPathReviewer.invalidPolicy",
-                "Path processing failed on policy.");
-    }
-    
-    public void testUserNoticeQualifierTest16()
-        throws Exception
-    {
-        String[] certList = new String[] { GOOD_CA_CERT, "UserNoticeQualifierTest16EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL };
-        
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList);
-        
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
-        
-        doErrorTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2,
-                -1,
-                "CertPathReviewer.invalidPolicy",
-                "Path processing failed on policy.");
-    }
-    
-    public void testUserNoticeQualifierTest17()
-        throws Exception
-    {
-        String[] certList = new String[] { GOOD_CA_CERT, "UserNoticeQualifierTest17EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL };
-        
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList);
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
-        doErrorTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2,
-                -1,
-                "CertPathReviewer.invalidPolicy",
-                "Path processing failed on policy.");
-    }
-    
-    public void testUserNoticeQualifierTest18()
-        throws Exception
-    {
-        String[] certList = new String[] { "PoliciesP12CACert", "UserNoticeQualifierTest18EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP12CACRL" };
-        
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2);
-    }
-    
-    public void testUserNoticeQualifierTest19()
-        throws Exception
-    {
-        String[] certList = new String[] { "UserNoticeQualifierTest19EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL };
-        
-        doAcceptingTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
-        doErrorTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2,
-                -1,
-                "CertPathReviewer.invalidPolicy",
-                "Path processing failed on policy.");
-    }
-    
-    private void doAcceptingTest(
-        String      trustAnchor,
-        String[]    certs,
-        String[]    crls)
-        throws Exception
-    {
-        PKIXCertPathReviewer result = doTest(trustAnchor,certs,crls);
-        if (!result.isValidCertPath())
-        {
-            fail("path rejected when should be accepted");
-        }
-    }
-    
-    private void doAcceptingTest(
-        String      trustAnchor,
-        String[]    certs,
-        String[]    crls,
-        Set         policies)
-        throws Exception
-    {
-        PKIXCertPathReviewer result = doTest(trustAnchor,certs,crls,policies);
-        if (!result.isValidCertPath())
-        {
-            fail("path rejected when should be accepted");
-        }
-    }
-    
-    private void doErrorTest(
-        String      trustAnchor,
-        String[]    certs,
-        String[]    crls,
-        int         index,
-        String      messageId,
-        String      message)
-        throws Exception
-    {
-        PKIXCertPathReviewer result = doTest(trustAnchor, certs, crls);
-        if (result.isValidCertPath()) 
-        {
-            fail("path accepted when should be rejected");
-        }
-        else
-        {
-            ErrorBundle msg = (ErrorBundle) result.getErrors(index).iterator().next();
-            assertEquals(messageId,msg.getId());
-            assertEquals(message,msg.getText(Locale.ENGLISH,TimeZone.getTimeZone("GMT")));
-        }
-    }
-    
-    private void doErrorTest(
-        String      trustAnchor,
-        String[]    certs,
-        String[]    crls,
-        Set         policies,
-        int         index,
-        String      messageId,
-        String      message)
-        throws Exception
-    {
-        PKIXCertPathReviewer result = doTest(trustAnchor, certs, crls, policies);
-        if (result.isValidCertPath()) 
-        {
-            fail("path accepted when should be rejected");
-        }
-        else
-        {
-            ErrorBundle msg = (ErrorBundle) result.getErrors(index).iterator().next();
-            assertEquals(messageId,msg.getId());
-            assertEquals(message,msg.getText(Locale.ENGLISH,TimeZone.getTimeZone("GMT")));
-        }
-    }
-    
-    private PKIXCertPathReviewer doTest(
-        String      trustAnchor,
-        String[]    certs,
-        String[]    crls)
-        throws Exception
-    {
-        return doTest(trustAnchor, certs, crls, null);
-    }
-    
-    private PKIXCertPathReviewer doTest(
-        String      trustAnchor,
-        String[]    certs,
-        String[]    crls,
-        Set         policies)
-        throws Exception
-    {
-        Set  trustedSet = Collections.singleton(getTrustAnchor(trustAnchor));
-        List certsAndCrls = new ArrayList();
-        X509Certificate endCert = loadCert(certs[certs.length - 1]);
-        
-        for (int i = 0; i != certs.length - 1; i++)
-        {
-            certsAndCrls.add(loadCert(certs[i]));
-        }
-        
-        certsAndCrls.add(endCert);
-    
-        CertPath certPath = CertificateFactory.getInstance("X.509","BC").generateCertPath(certsAndCrls);
-    
-        for (int i = 0; i != crls.length; i++)
-        {
-            certsAndCrls.add(loadCrl(crls[i]));
-        }
-    
-        CertStore  store = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certsAndCrls), "BC");
-        
-        //CertPathValidator validator = CertPathValidator.getInstance("PKIX","BC");
-        PKIXCertPathReviewer reviewer;
-        PKIXParameters    params = new PKIXParameters(trustedSet);
-        
-        params.addCertStore(store);
-        params.setRevocationEnabled(true);
-        params.setDate(new GregorianCalendar(2010, 1, 1).getTime());
-
-        if (policies != null)
-        {
-            params.setExplicitPolicyRequired(true);
-            params.setInitialPolicies(policies);
-        }
-        
-        reviewer = new PKIXCertPathReviewer(certPath,params);
-        
-        return reviewer;
-    }
-
-    private X509Certificate loadCert(
-        String certName)
-    {
-        X509Certificate cert = (X509Certificate)certs.get(certName);
-        
-        if (cert != null)
-        {
-            return cert;
-        }
-        
-        try
-        {
-            InputStream in = new FileInputStream(getPkitsHome() + "/certs/" + certName + ".crt");
-            
-            CertificateFactory fact = CertificateFactory.getInstance("X.509", "BC");
-            
-            cert = (X509Certificate)fact.generateCertificate(in);
-    
-            certs.put(certName, cert);
-            
-            return cert;
-        }
-        catch (Exception e)
-        {
-            throw new IllegalStateException("exception loading certificate " + certName + ": " + e);
-        }
-    }
-    
-    private X509CRL loadCrl(
-        String crlName)
-        throws Exception
-    {
-        X509CRL crl = (X509CRL)certs.get(crlName);
-        
-        if (crl != null)
-        {
-            return crl;
-        }
-        
-        try
-        {
-            InputStream in = new FileInputStream(getPkitsHome() + "/crls/" + crlName + ".crl");
-            
-            CertificateFactory fact = CertificateFactory.getInstance("X.509", "BC");
-            
-            crl = (X509CRL)fact.generateCRL(in);
-            
-            crls.put(crlName, crl);
-            
-            return crl;
-        }
-        catch (Exception e)
-        {
-            throw new IllegalStateException("exception loading CRL: " + crlName);
-        }
-    }
-
-    private TrustAnchor getTrustAnchor(String trustAnchorName)
-        throws Exception
-    {
-        X509Certificate cert = loadCert(trustAnchorName);
-        byte[]          extBytes = cert.getExtensionValue(X509Extension.nameConstraints.getId());
-        
-        if (extBytes != null)
-        {
-            ASN1Primitive extValue = X509ExtensionUtil.fromExtensionValue(extBytes);
-            
-            return new TrustAnchor(cert, extValue.getEncoded(ASN1Encoding.DER));
-        }
-        
-        return new TrustAnchor(cert, null);
-    }
-    
-    private String getPkitsHome()
-    {
-        String dataHome = System.getProperty(TEST_DATA_HOME);
-        
-        if (dataHome == null)
-        {
-            throw new IllegalStateException(TEST_DATA_HOME + " property not set");
-        }
-        
-        return dataHome + "/PKITS";
-    }
-    
-    public static void main (String[] args) 
-        throws Exception
-    {   
-        junit.textui.TestRunner.run(suite());
-    }
-    
-    public void setUp()
-    {
-        if (Security.getProvider("BC") == null)
-        {
-            Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
-        }
-    }
-    
-    public static Test suite() 
-        throws Exception
-    {   
-        TestSuite suite = new TestSuite("NIST CertPath Tests");
-        
-        suite.addTestSuite(NistCertPathReviewerTest.class);
-        
-        return suite;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/nist/NistCertPathTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/nist/NistCertPathTest.java
deleted file mode 100644
index af94e4e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/nist/NistCertPathTest.java
+++ /dev/null

@@ -1,873 +0,0 @@
-package org.bouncycastle.jce.provider.test.nist;
-
-import java.io.FileInputStream;
-import java.io.InputStream;
-import java.security.Security;
-import java.security.cert.CertPath;
-import java.security.cert.CertPathBuilder;
-import java.security.cert.CertPathBuilderException;
-import java.security.cert.CertPathValidator;
-import java.security.cert.CertPathValidatorException;
-import java.security.cert.CertStore;
-import java.security.cert.CertificateFactory;
-import java.security.cert.CollectionCertStoreParameters;
-import java.security.cert.PKIXBuilderParameters;
-import java.security.cert.PKIXCertPathBuilderResult;
-import java.security.cert.PKIXCertPathValidatorResult;
-import java.security.cert.PKIXParameters;
-import java.security.cert.TrustAnchor;
-import java.security.cert.X509CRL;
-import java.security.cert.X509CertSelector;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Arrays;
-import java.util.Collections;
-import java.util.GregorianCalendar;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.x509.Extension;
-
-/**
- * NIST CertPath test data for RFC 3280
- */
-public class NistCertPathTest
-    extends TestCase
-{
-    private static final String TEST_DATA_HOME = "bc.test.data.home";
-
-    private static final String GOOD_CA_CERT = "GoodCACert";
-
-    private static final String GOOD_CA_CRL = "GoodCACRL";
-
-    private static final String TRUST_ANCHOR_ROOT_CRL = "TrustAnchorRootCRL";
-
-    private static final String TRUST_ANCHOR_ROOT_CERTIFICATE = "TrustAnchorRootCertificate";
-
-    private static final char[] PKCS12_PASSWORD = "password".toCharArray();
-
-    private static final String ANY_POLICY = "2.5.29.32.0";
-    private static final String NIST_TEST_POLICY_1 = "2.16.840.1.101.3.2.1.48.1";
-    private static final String NIST_TEST_POLICY_2 = "2.16.840.1.101.3.2.1.48.2";
-    private static final String NIST_TEST_POLICY_3 = "2.16.840.1.101.3.2.1.48.3";
-    
-    private static Map   certs = new HashMap();
-    private static Map   crls = new HashMap();
-    
-    private static Set   noPolicies = Collections.EMPTY_SET;
-    private static Set   anyPolicy = Collections.singleton(ANY_POLICY);
-    private static Set   nistTestPolicy1 = Collections.singleton(NIST_TEST_POLICY_1);
-    private static Set   nistTestPolicy2 = Collections.singleton(NIST_TEST_POLICY_2);
-    private static Set   nistTestPolicy3 = Collections.singleton(NIST_TEST_POLICY_3);
-    private static Set   nistTestPolicy1And2 = new HashSet(Arrays.asList(new String[] { NIST_TEST_POLICY_1, NIST_TEST_POLICY_2 }));
-    
-    public void setUp()
-    {
-        if (Security.getProvider("BC") == null)
-        {
-            Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
-        }
-    }
-
-    public void testValidSignaturesTest1()
-        throws Exception
-    {
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { "ValidCertificatePathTest1EE", GOOD_CA_CERT}, 
-                new String[] { GOOD_CA_CRL, TRUST_ANCHOR_ROOT_CRL });
-    }
-    
-    public void testInvalidCASignatureTest2()
-        throws Exception
-    {
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { "ValidCertificatePathTest1EE", "BadSignedCACert" }, 
-                new String[] { "BadSignedCACRL", TRUST_ANCHOR_ROOT_CRL},
-                1,
-                "TrustAnchor found but certificate validation failed.");
-    }
-    
-    public void testInvalidEESignatureTest3()
-        throws Exception
-    {
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-            new String[] { GOOD_CA_CERT, "InvalidEESignatureTest3EE" }, 
-            new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL },
-            0,
-            "Could not validate certificate signature.");
-    }
-    
-    public void testValidDSASignaturesTest4()
-        throws Exception
-    {
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { "DSACACert", "ValidDSASignaturesTest4EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, "DSACACRL" });
-    }
-
-    // 4.1.5
-    public void testValidDSAParameterInheritanceTest5()
-        throws Exception
-    {
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { "DSACACert", "DSAParametersInheritedCACert", "ValidDSAParameterInheritanceTest5EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, "DSACACRL", "DSAParametersInheritedCACRL" });
-    }
-
-    public void testInvalidDSASignaturesTest6()
-        throws Exception
-    {
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { "DSACACert", "InvalidDSASignatureTest6EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, "DSACACRL" },
-                0,
-                "Could not validate certificate signature.");
-    }
-    
-    public void testCANotBeforeDateTest1()
-        throws Exception
-    {
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { "BadnotBeforeDateCACert", "InvalidCAnotBeforeDateTest1EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, "BadnotBeforeDateCACRL" },
-                1,
-                "Could not validate certificate: certificate not valid till 20470101120100GMT+00:00");
-    }
-    
-    public void testInvalidEENotBeforeDateTest2()
-        throws Exception
-    {
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { GOOD_CA_CERT, "InvalidEEnotBeforeDateTest2EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL },
-                0,
-                "Could not validate certificate: certificate not valid till 20470101120100GMT+00:00");
-    }
-    
-    public void testValidPre2000UTCNotBeforeDateTest3()
-        throws Exception
-    {
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { GOOD_CA_CERT, "Validpre2000UTCnotBeforeDateTest3EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL });
-    }
-    
-    public void testValidGeneralizedTimeNotBeforeDateTest4()
-        throws Exception
-    {
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { GOOD_CA_CERT, "ValidGeneralizedTimenotBeforeDateTest4EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL });
-    }
-    
-    public void testInvalidCANotAfterDateTest5()
-        throws Exception
-    {
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { "BadnotAfterDateCACert", "InvalidCAnotAfterDateTest5EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, "BadnotAfterDateCACRL" },
-                1,
-                "Could not validate certificate: certificate expired on 20020101120100GMT+00:00");
-    }
-    
-    public void testInvalidEENotAfterDateTest6()
-        throws Exception
-    {
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { GOOD_CA_CERT, "InvalidEEnotAfterDateTest6EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL },
-                0,
-                "Could not validate certificate: certificate expired on 20020101120100GMT+00:00");
-    }
-    
-    public void testInvalidValidPre2000UTCNotAfterDateTest7()
-        throws Exception
-    {
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { GOOD_CA_CERT, "Invalidpre2000UTCEEnotAfterDateTest7EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL },
-                0,
-                "Could not validate certificate: certificate expired on 19990101120100GMT+00:00");
-    }
-    
-    public void testInvalidNegativeSerialNumberTest15()
-        throws Exception
-    {
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { "NegativeSerialNumberCACert", "InvalidNegativeSerialNumberTest15EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, "NegativeSerialNumberCACRL" },
-                0,
-                "Certificate revocation after 2001-04-19 14:57:20 +0000", "reason: keyCompromise");
-    }
-    
-    //
-    // 4.8 Certificate Policies
-    //
-    public void testAllCertificatesSamePolicyTest1()
-        throws Exception
-    {
-        String[] certList = new String[] { GOOD_CA_CERT, "ValidCertificatePathTest1EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL };
-        
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                certList, 
-                crlList,
-                noPolicies);
-        
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                certList, 
-                crlList,
-                nistTestPolicy1);
-        
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                certList, 
-                crlList,
-                nistTestPolicy2,
-                -1,
-                "Path processing failed on policy.");
-        
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                certList, 
-                crlList,
-                nistTestPolicy1And2);
-    }
-    
-    public void testAllCertificatesNoPoliciesTest2()
-        throws Exception
-    {
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { "NoPoliciesCACert", "AllCertificatesNoPoliciesTest2EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, "NoPoliciesCACRL" });
-        
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { "NoPoliciesCACert", "AllCertificatesNoPoliciesTest2EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, "NoPoliciesCACRL" },
-                noPolicies,
-                1,
-                "No valid policy tree found when one expected.");
-    }
-    
-    public void testDifferentPoliciesTest3()
-        throws Exception
-    {
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { GOOD_CA_CERT, "PoliciesP2subCACert", "DifferentPoliciesTest3EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL, "PoliciesP2subCACRL" });
-        
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { GOOD_CA_CERT, "PoliciesP2subCACert", "DifferentPoliciesTest3EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL, "PoliciesP2subCACRL" },
-                noPolicies,
-                1,
-                "No valid policy tree found when one expected.");
-        
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { GOOD_CA_CERT, "PoliciesP2subCACert", "DifferentPoliciesTest3EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL, "PoliciesP2subCACRL" },
-                nistTestPolicy1And2,
-                1,
-                "No valid policy tree found when one expected.");
-    }
-    
-    public void testDifferentPoliciesTest4()
-        throws Exception
-    {
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { GOOD_CA_CERT, "GoodsubCACert", "DifferentPoliciesTest4EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL, "GoodsubCACRL" },
-                0,
-                "No valid policy tree found when one expected."); 
-    }
-    
-    public void testDifferentPoliciesTest5()
-        throws Exception
-    {
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, 
-                new String[] { GOOD_CA_CERT, "PoliciesP2subCA2Cert", "DifferentPoliciesTest5EE" }, 
-                new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL, "PoliciesP2subCA2CRL" },
-                0,
-                "No valid policy tree found when one expected."); 
-    }
-    
-    public void testOverlappingPoliciesTest6()
-        throws Exception
-    {
-        String[] certList = new String[] { "PoliciesP1234CACert", "PoliciesP1234subCAP123Cert", "PoliciesP1234subsubCAP123P12Cert", "OverlappingPoliciesTest6EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP1234CACRL", "PoliciesP1234subCAP123CRL", "PoliciesP1234subsubCAP123P12CRL" };
-        
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList);
-        
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
-        
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2,
-                -1,
-                "Path processing failed on policy.");
-    }
-    
-    public void testDifferentPoliciesTest7()
-        throws Exception
-    {
-        String[] certList = new String[] { "PoliciesP123CACert", "PoliciesP123subCAP12Cert", "PoliciesP123subsubCAP12P1Cert", "DifferentPoliciesTest7EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP123CACRL", "PoliciesP123subCAP12CRL", "PoliciesP123subsubCAP12P1CRL" };
-        
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList,
-                0,
-                "No valid policy tree found when one expected."); 
-    }
-    
-    public void testDifferentPoliciesTest8()
-        throws Exception
-    {
-        String[] certList = new String[] { "PoliciesP12CACert", "PoliciesP12subCAP1Cert", "PoliciesP12subsubCAP1P2Cert", "DifferentPoliciesTest8EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP12CACRL", "PoliciesP12subCAP1CRL", "PoliciesP12subsubCAP1P2CRL" };
-        
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList,
-                1,
-                "No valid policy tree found when one expected.");
-    }
-    
-    public void testDifferentPoliciesTest9()
-        throws Exception
-    {
-        String[] certList = new String[] { "PoliciesP123CACert", "PoliciesP123subCAP12Cert", "PoliciesP123subsubCAP12P2Cert", "PoliciesP123subsubsubCAP12P2P1Cert", "DifferentPoliciesTest9EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP123CACRL", "PoliciesP123subCAP12CRL", "PoliciesP123subsubCAP2P2CRL", "PoliciesP123subsubsubCAP12P2P1CRL" };
-        
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList,
-                1,
-                "No valid policy tree found when one expected.");
-    }
-    
-    public void testAllCertificatesSamePoliciesTest10()
-        throws Exception
-    {
-        String[] certList = new String[] { "PoliciesP12CACert", "AllCertificatesSamePoliciesTest10EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP12CACRL" };
-        
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList);
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2);
-    }
-    
-    public void testAllCertificatesAnyPolicyTest11()
-        throws Exception
-    {
-        String[] certList = new String[] { "anyPolicyCACert", "AllCertificatesanyPolicyTest11EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "anyPolicyCACRL" };
-        
-        PKIXCertPathValidatorResult result = doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList);
-
-        result = doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
-    }
-    
-    public void testDifferentPoliciesTest12()
-        throws Exception
-    {
-        String[] certList = new String[] { "PoliciesP3CACert", "DifferentPoliciesTest12EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP3CACRL" };
-        
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList,
-                0,
-                "No valid policy tree found when one expected.");
-    }
-    
-    public void testAllCertificatesSamePoliciesTest13()
-        throws Exception
-    {
-        String[] certList = new String[] { "PoliciesP123CACert", "AllCertificatesSamePoliciesTest13EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP123CACRL" };
-        
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2);
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy3);
-    }
-    
-    public void testAnyPolicyTest14()
-        throws Exception
-    {
-        String[] certList = new String[] { "anyPolicyCACert", "AnyPolicyTest14EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "anyPolicyCACRL" };
-        
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2,
-                -1,
-                "Path processing failed on policy.");
-    }
-    
-    public void testUserNoticeQualifierTest15()
-        throws Exception
-    {
-        String[] certList = new String[] { "UserNoticeQualifierTest15EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL };
-        
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList);
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2,
-                -1,
-                "Path processing failed on policy.");
-    }
-    
-    public void testUserNoticeQualifierTest16()
-        throws Exception
-    {
-        String[] certList = new String[] { GOOD_CA_CERT, "UserNoticeQualifierTest16EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL };
-        
-        PKIXCertPathValidatorResult result = doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList);
-        
-        result = doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
-        
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2,
-                -1,
-                "Path processing failed on policy.");
-    }
-    
-    public void testUserNoticeQualifierTest17()
-        throws Exception
-    {
-        String[] certList = new String[] { GOOD_CA_CERT, "UserNoticeQualifierTest17EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, GOOD_CA_CRL };
-        
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList);
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2,
-                -1,
-                "Path processing failed on policy.");
-    }
-    
-    public void testUserNoticeQualifierTest18()
-        throws Exception
-    {
-        String[] certList = new String[] { "PoliciesP12CACert", "UserNoticeQualifierTest18EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "PoliciesP12CACRL" };
-        
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2);
-    }
-    
-    public void testUserNoticeQualifierTest19()
-        throws Exception
-    {
-        String[] certList = new String[] { "UserNoticeQualifierTest19EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL };
-        
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy2,
-                -1,
-                "Path processing failed on policy.");
-    }
-
-    public void testInvalidInhibitPolicyMappingTest1()
-        throws Exception
-    {
-        String[] certList = new String[] { "inhibitPolicyMapping0CACert", "inhibitPolicyMapping0subCACert", "InvalidinhibitPolicyMappingTest1EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "inhibitPolicyMapping0CACRL", "inhibitPolicyMapping0subCACRL" };
-
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null,
-                0,
-                "No valid policy tree found when one expected.");
-    }
-
-    public void testValidinhibitPolicyMappingTest2()
-        throws Exception
-    {
-        String[] certList = new String[] { "inhibitPolicyMapping1P12CACert", "inhibitPolicyMapping1P12subCACert", "ValidinhibitPolicyMappingTest2EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "inhibitPolicyMapping1P12CACRL", "inhibitPolicyMapping1P12subCACRL" };
-
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, nistTestPolicy1);
-    }
-
-    // 4.12.7
-    public void testValidSelfIssuedinhibitAnyPolicyTest7()
-        throws Exception
-    {
-        String[] certList = new String[] { "inhibitAnyPolicy1CACert", "inhibitAnyPolicy1SelfIssuedCACert", "inhibitAnyPolicy1subCA2Cert", "ValidSelfIssuedinhibitAnyPolicyTest7EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "inhibitAnyPolicy1CACRL", "inhibitAnyPolicy1subCA2CRL" };
-
-        doBuilderTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null, false, false);
-    }
-
-    // 4.4.19
-    public void testValidSeparateCertificateandCRLKeysTest19()
-        throws Exception
-    {
-        String[] certList = new String[] { "SeparateCertificateandCRLKeysCertificateSigningCACert", "SeparateCertificateandCRLKeysCRLSigningCert", "ValidSeparateCertificateandCRLKeysTest19EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "SeparateCertificateandCRLKeysCRL" };
-
-        doBuilderTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null, false, false);
-    }
-
-    public void testValidpathLenConstraintTest13()
-        throws Exception
-    {
-        String[] certList = new String[] { "pathLenConstraint6CACert", "pathLenConstraint6subCA4Cert", "pathLenConstraint6subsubCA41Cert", "pathLenConstraint6subsubsubCA41XCert", "ValidpathLenConstraintTest13EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "pathLenConstraint6CACRL", "pathLenConstraint6subCA4CRL", "pathLenConstraint6subsubCA41CRL", "pathLenConstraint6subsubsubCA41XCRL" };
-
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null);
-    }
-
-    // 4.4.10
-    public void testInvalidUnknownCRLExtensionTest10()
-        throws Exception
-    {
-        String[] certList = new String[] { "UnknownCRLExtensionCACert", "InvalidUnknownCRLExtensionTest10EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "UnknownCRLExtensionCACRL" };
-
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null,
-                0,
-                "CRL contains unsupported critical extensions.");
-        
-    }
-
-    // 4.14.3
-    public void testInvaliddistributionPointTest3()
-        throws Exception
-    {
-        String[] certList = new String[] { "distributionPoint1CACert", "InvaliddistributionPointTest3EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "distributionPoint1CACRL" };
-
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null,
-                0,
-                "No match for certificate CRL issuing distribution point name to cRLIssuer CRL distribution point.");
-    }
-
-    // 4.14.5
-    public void testValiddistributionPointTest5()
-        throws Exception
-    {
-        String[] certList = new String[] { "distributionPoint2CACert", "ValiddistributionPointTest5EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "distributionPoint2CACRL" };
-
-        doTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null);
-    }
-
-
-    // 4.14.8
-    public void testInvaliddistributionPointTest8()
-        throws Exception
-    {
-        String[] certList = new String[] { "distributionPoint2CACert", "InvaliddistributionPointTest8EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "distributionPoint2CACRL" };
-
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null,
-                0,
-                "No match for certificate CRL issuing distribution point name to cRLIssuer CRL distribution point.");
-    }
-
-    // 4.14.9
-    public void testInvaliddistributionPointTest9()
-        throws Exception
-    {
-        String[] certList = new String[] { "distributionPoint2CACert", "InvaliddistributionPointTest9EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "distributionPoint2CACRL" };
-
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null,
-                0,
-                "No match for certificate CRL issuing distribution point name to cRLIssuer CRL distribution point.");
-    }
-
-    // 4.14.17
-    public void testInvalidonlySomeReasonsTest17()
-        throws Exception
-    {
-        String[] certList = new String[] { "onlySomeReasonsCA2Cert", "InvalidonlySomeReasonsTest17EE" };
-        String[] crlList = new String[] { TRUST_ANCHOR_ROOT_CRL, "onlySomeReasonsCA2CRL1", "onlySomeReasonsCA2CRL2" };
-
-        doExceptionTest(TRUST_ANCHOR_ROOT_CERTIFICATE, certList, crlList, null,
-                0,
-                "Certificate status could not be determined.");
-    }
-
-    // section 4.14: tests 17, 24, 25, 30, 31, 32, 33, 35
-
-    // section 4.15: tests 5, 7
-    private void doExceptionTest(
-        String      trustAnchor,
-        String[]    certs,
-        String[]    crls,
-        int         index,
-        String      message)
-        throws Exception
-    {
-        try
-        {
-            doTest(trustAnchor, certs, crls);
-            
-            fail("path accepted when should be rejected");
-        }
-        catch (CertPathValidatorException e)
-        {
-            assertEquals(index, e.getIndex());
-            assertEquals(message, e.getMessage());
-        }
-    }
-    
-    private void doExceptionTest(
-        String      trustAnchor,
-        String[]    certs,
-        String[]    crls,
-        Set         policies,
-        int         index,
-        String      message)
-        throws Exception
-    {
-        try
-        {
-            doTest(trustAnchor, certs, crls, policies);
-            
-            fail("path accepted when should be rejected");
-        }
-        catch (CertPathValidatorException e)
-        {
-            assertEquals(index, e.getIndex());
-            assertEquals(message, e.getMessage());
-        }
-    }
-
-    private void doExceptionTest(
-        String      trustAnchor,
-        String[]    certs,
-        String[]    crls,
-        int         index,
-        String      mesStart,
-        String      mesEnd)
-        throws Exception
-    {
-        try
-        {
-            doTest(trustAnchor, certs, crls);
-            
-            fail("path accepted when should be rejected");
-        }
-        catch (CertPathValidatorException e)
-        {
-            assertEquals(index, e.getIndex());
-            assertTrue(e.getMessage().startsWith(mesStart));
-            assertTrue(e.getMessage().endsWith(mesEnd));
-        }
-    }
-    
-    private PKIXCertPathValidatorResult doTest(
-        String      trustAnchor,
-        String[]    certs,
-        String[]    crls)
-        throws Exception
-    {
-        return doTest(trustAnchor, certs, crls, null);
-    }
-    
-    private PKIXCertPathValidatorResult doTest(
-        String      trustAnchor,
-        String[]    certs,
-        String[]    crls,
-        Set         policies)
-        throws Exception
-    {
-        Set  trustedSet = Collections.singleton(getTrustAnchor(trustAnchor));
-        List certsAndCrls = new ArrayList();
-        X509Certificate endCert = loadCert(certs[certs.length - 1]);
-        
-        for (int i = 0; i != certs.length - 1; i++)
-        {
-            certsAndCrls.add(loadCert(certs[i]));
-        }
-        
-        certsAndCrls.add(endCert);
-
-        CertPath certPath = CertificateFactory.getInstance("X.509","BC").generateCertPath(certsAndCrls);
-
-        for (int i = 0; i != crls.length; i++)
-        {
-            certsAndCrls.add(loadCrl(crls[i]));
-        }
-    
-        CertStore  store = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certsAndCrls), "BC");
-        
-        CertPathValidator validator = CertPathValidator.getInstance("PKIX","BC");
-        PKIXParameters    params = new PKIXParameters(trustedSet);
-        
-        params.addCertStore(store);
-        params.setRevocationEnabled(true);
-        params.setDate(new GregorianCalendar(2010, 1, 1).getTime());
-
-        if (policies != null)
-        {
-            params.setExplicitPolicyRequired(true);
-            params.setInitialPolicies(policies);
-        }
-        
-        return (PKIXCertPathValidatorResult)validator.validate(certPath, params);
-    }
-
-    private PKIXCertPathBuilderResult doBuilderTest(
-        String trustAnchor,
-        String[] certs,
-        String[] crls,
-        Set initialPolicies,
-        boolean policyMappingInhibited,
-        boolean anyPolicyInhibited)
-        throws Exception
-    {
-        Set  trustedSet = Collections.singleton(getTrustAnchor(trustAnchor));
-        List certsAndCrls = new ArrayList();
-        X509Certificate endCert = loadCert(certs[certs.length - 1]);
-        
-        for (int i = 0; i != certs.length - 1; i++)
-        {
-            certsAndCrls.add(loadCert(certs[i]));
-        }
-        
-        certsAndCrls.add(endCert);
-
-        for (int i = 0; i != crls.length; i++)
-        {
-            certsAndCrls.add(loadCrl(crls[i]));
-        }
-    
-        CertStore  store = CertStore.getInstance("Collection", new CollectionCertStoreParameters(certsAndCrls), "BC");
-
-        CertPathBuilder builder = CertPathBuilder.getInstance("PKIX", "BC");
-
-        X509CertSelector endSelector = new X509CertSelector();
-
-        endSelector.setCertificate(endCert);
-
-        PKIXBuilderParameters builderParams = new PKIXBuilderParameters(trustedSet, endSelector);
-
-        if (initialPolicies != null)
-        {
-            builderParams.setInitialPolicies(initialPolicies);
-            builderParams.setExplicitPolicyRequired(true);
-        }
-        if (policyMappingInhibited)
-        {
-            builderParams.setPolicyMappingInhibited(policyMappingInhibited);
-        }
-        if (anyPolicyInhibited)
-        {
-            builderParams.setAnyPolicyInhibited(anyPolicyInhibited);
-        }
-
-        builderParams.addCertStore(store);
-        builderParams.setDate(new GregorianCalendar(2010, 1, 1).getTime());
-
-        try
-        {
-            return (PKIXCertPathBuilderResult)builder.build(builderParams);
-        }
-        catch (CertPathBuilderException e)
-        {
-            throw (Exception)e.getCause();
-        }
-    }
-
-    private X509Certificate loadCert(
-        String certName)
-    {
-        X509Certificate cert = (X509Certificate)certs.get(certName);
-        
-        if (cert != null)
-        {
-            return cert;
-        }
-        
-        try
-        {
-            InputStream in = new FileInputStream(getPkitsHome() + "/certs/" + certName + ".crt");
-            
-            CertificateFactory fact = CertificateFactory.getInstance("X.509", "BC");
-            
-            cert = (X509Certificate)fact.generateCertificate(in);
-    
-            certs.put(certName, cert);
-            
-            return cert;
-        }
-        catch (Exception e)
-        {
-            throw new IllegalStateException("exception loading certificate " + certName + ": " + e);
-        }
-    }
-    
-    private X509CRL loadCrl(
-        String crlName)
-        throws Exception
-    {
-        X509CRL crl = (X509CRL)certs.get(crlName);
-        
-        if (crl != null)
-        {
-            return crl;
-        }
-        
-        try
-        {
-            InputStream in = new FileInputStream(getPkitsHome() + "/crls/" + crlName + ".crl");
-            
-            CertificateFactory fact = CertificateFactory.getInstance("X.509", "BC");
-            
-            crl = (X509CRL)fact.generateCRL(in);
-            
-            crls.put(crlName, crl);
-            
-            return crl;
-        }
-        catch (Exception e)
-        {
-            throw new IllegalStateException("exception loading CRL: " + crlName);
-        }
-    }
-
-    private TrustAnchor getTrustAnchor(String trustAnchorName)
-        throws Exception
-    {
-        X509Certificate cert = loadCert(trustAnchorName);
-        byte[]          extBytes = cert.getExtensionValue(Extension.nameConstraints.getId());
-        
-        if (extBytes != null)
-        {
-            ASN1Encodable extValue = ASN1Primitive.fromByteArray(ASN1OctetString.getInstance(extBytes).getOctets());
-            
-            return new TrustAnchor(cert, extValue.toASN1Primitive().getEncoded(ASN1Encoding.DER));
-        }
-        
-        return new TrustAnchor(cert, null);
-    }
-    
-    private String getPkitsHome()
-    {
-        String dataHome = System.getProperty(TEST_DATA_HOME);
-        
-        if (dataHome == null)
-        {
-            throw new IllegalStateException(TEST_DATA_HOME + " property not set");
-        }
-        
-        return dataHome + "/PKITS";
-    }
-    
-    public static void main (String[] args) 
-        throws Exception
-    {
-        junit.textui.TestRunner.run(suite());
-    }
-    
-    public static Test suite() 
-        throws Exception
-    {   
-        TestSuite suite = new TestSuite("NIST CertPath Tests");
-        
-        suite.addTestSuite(NistCertPathTest.class);
-        
-        return suite;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/rsa3/AllTests.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/rsa3/AllTests.java
deleted file mode 100644
index c29e5ec..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/rsa3/AllTests.java
+++ /dev/null

@@ -1,46 +0,0 @@
-package org.bouncycastle.jce.provider.test.rsa3;
-
-import java.security.Security;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-
-public class AllTests
-    extends TestCase
-{
-    public static void main (String[] args)
-    {
-        junit.textui.TestRunner.run(suite());
-    }
-    
-    public static Test suite()
-    {
-        TestSuite suite = new TestSuite("Forgery Tests");
-        
-        suite.addTestSuite(RSA3CertTest.class);
-
-        return new BCTestSetup(suite);
-    }
-
-    static class BCTestSetup
-        extends TestSetup
-    {
-        public BCTestSetup(Test test)
-        {
-            super(test);
-        }
-
-        protected void setUp()
-        {
-            Security.addProvider(new BouncyCastleProvider());
-        }
-
-        protected void tearDown()
-        {
-            Security.removeProvider("BC");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/rsa3/RSA3CertTest.java b/bcprov/src/main/java/org/bouncycastle/jce/provider/test/rsa3/RSA3CertTest.java
deleted file mode 100644
index 08ca102..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/provider/test/rsa3/RSA3CertTest.java
+++ /dev/null

@@ -1,131 +0,0 @@
-package org.bouncycastle.jce.provider.test.rsa3;
-
-import java.security.Security;
-import java.security.Signature;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-
-/**
- * Marius Schilder's Bleichenbacher's Forgery Attack Tests
- */
-public class RSA3CertTest
-    extends TestCase
-{
-    public void setUp()
-    {
-        if (Security.getProvider("BC") == null)
-        {
-            Security.addProvider(new org.bouncycastle.jce.provider.BouncyCastleProvider());
-        }
-    }
-    
-    public void testA()
-        throws Exception
-    {
-        doTest("self-testcase-A.pem");
-    }
-
-    public void testB()
-        throws Exception
-    {
-        doTest("self-testcase-B.pem");
-    }
-    
-    public void testC()
-        throws Exception
-    {
-        doTest("self-testcase-C.pem");
-    }
-    
-    public void testD()
-        throws Exception
-    {
-        doTest("self-testcase-D.pem");
-    }
-    
-    public void testE()
-        throws Exception
-    {
-        doTest("self-testcase-E.pem");
-    }
-    
-    public void testF()
-        throws Exception
-    {
-        doTest("self-testcase-F.pem");
-    }
-    
-    public void testG()
-        throws Exception
-    {
-        doTest("self-testcase-G.pem");
-    }
-    
-    public void testH()
-        throws Exception
-    {
-        doTest("self-testcase-H.pem");
-    }
-    
-    public void testI()
-        throws Exception
-    {
-        doTest("self-testcase-I.pem");
-    }
-    
-    public void testJ()
-        throws Exception
-    {
-        doTest("self-testcase-J.pem");
-    }
-    
-    public void testL()
-        throws Exception
-    {
-        doTest("self-testcase-L.pem");
-    }
-    
-    private void doTest(
-        String      certName)
-        throws Exception
-    {
-        X509Certificate  cert = loadCert(certName);
-        byte[]           tbs = cert.getTBSCertificate();
-        Signature        sig = Signature.getInstance(cert.getSigAlgName(), "BC");
-        
-        sig.initVerify(cert.getPublicKey());
-        
-        sig.update(tbs);
-        
-        assertFalse(sig.verify(cert.getSignature()));
-    }
-
-    private X509Certificate loadCert(
-        String certName)
-        throws Exception
-    {
-        CertificateFactory rd = CertificateFactory.getInstance("X.509", "BC");
-        
-        return (X509Certificate)rd.generateCertificate(getClass().getResourceAsStream(certName));
-    }
-    
-    public static void main (String[] args) 
-        throws Exception
-    {
-        junit.textui.TestRunner.run(suite());
-    }
-    
-    public static Test suite() 
-        throws Exception
-    {   
-        TestSuite suite = new TestSuite("Bleichenbacher's Forgery Attack Tests");
-        
-        suite.addTestSuite(RSA3CertTest.class);
-        
-        return suite;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/spec/ElGamalGenParameterSpec.java b/bcprov/src/main/java/org/bouncycastle/jce/spec/ElGamalGenParameterSpec.java
deleted file mode 100644
index 200d2b4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/spec/ElGamalGenParameterSpec.java
+++ /dev/null

@@ -1,28 +0,0 @@
-package org.bouncycastle.jce.spec;
-
-import java.security.spec.AlgorithmParameterSpec;
-
-public class ElGamalGenParameterSpec
-    implements AlgorithmParameterSpec
-{
-    private int primeSize;
-
-    /*
-     * @param primeSize the size (in bits) of the prime modulus.
-     */
-    public ElGamalGenParameterSpec(
-        int     primeSize)
-    {
-        this.primeSize = primeSize;
-    }
-
-    /**
-     * Returns the size in bits of the prime modulus.
-     *
-     * @return the size in bits of the prime modulus
-     */
-    public int getPrimeSize()
-    {
-        return primeSize;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/spec/ElGamalKeySpec.java b/bcprov/src/main/java/org/bouncycastle/jce/spec/ElGamalKeySpec.java
deleted file mode 100644
index 5e3eb66..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/spec/ElGamalKeySpec.java
+++ /dev/null

@@ -1,20 +0,0 @@
-package org.bouncycastle.jce.spec;
-
-import java.security.spec.KeySpec;
-
-public class ElGamalKeySpec
-    implements KeySpec
-{
-    private ElGamalParameterSpec  spec;
-
-    public ElGamalKeySpec(
-        ElGamalParameterSpec  spec)
-    {
-        this.spec = spec;
-    }
-
-    public ElGamalParameterSpec getParams()
-    {
-        return spec;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/spec/ElGamalParameterSpec.java b/bcprov/src/main/java/org/bouncycastle/jce/spec/ElGamalParameterSpec.java
deleted file mode 100644
index 10ed1c5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/spec/ElGamalParameterSpec.java
+++ /dev/null

@@ -1,46 +0,0 @@
-package org.bouncycastle.jce.spec;
-
-import java.math.BigInteger;
-import java.security.spec.AlgorithmParameterSpec;
-
-public class ElGamalParameterSpec
-    implements AlgorithmParameterSpec
-{
-    private BigInteger  p;
-    private BigInteger  g;
-
-    /**
-     * Constructs a parameter set for Diffie-Hellman, using a prime modulus
-     * <code>p</code> and a base generator <code>g</code>.
-     * 
-     * @param p the prime modulus
-     * @param g the base generator
-     */
-    public ElGamalParameterSpec(
-        BigInteger  p,
-        BigInteger  g)
-    {
-        this.p = p;
-        this.g = g;
-    }
-
-    /**
-     * Returns the prime modulus <code>p</code>.
-     *
-     * @return the prime modulus <code>p</code>
-     */
-    public BigInteger getP()
-    {
-        return p;
-    }
-
-    /**
-     * Returns the base generator <code>g</code>.
-     *
-     * @return the base generator <code>g</code>
-     */
-    public BigInteger getG()
-    {
-        return g;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/spec/ElGamalPrivateKeySpec.java b/bcprov/src/main/java/org/bouncycastle/jce/spec/ElGamalPrivateKeySpec.java
deleted file mode 100644
index 3a3c6e4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/spec/ElGamalPrivateKeySpec.java
+++ /dev/null

@@ -1,33 +0,0 @@
-package org.bouncycastle.jce.spec;
-
-import java.math.BigInteger;
-
-/**
- * This class specifies an ElGamal private key with its associated parameters.
- *
- * @see ElGamalPublicKeySpec
- */
-public class ElGamalPrivateKeySpec
-    extends ElGamalKeySpec
-{
-    private BigInteger  x;
-
-    public ElGamalPrivateKeySpec(
-        BigInteger              x,
-        ElGamalParameterSpec    spec)
-    {
-        super(spec);
-
-        this.x = x;
-    }
-
-    /**
-     * Returns the private value <code>x</code>.
-     *
-     * @return the private value <code>x</code>
-     */
-    public BigInteger getX()
-    {
-        return x;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/spec/ElGamalPublicKeySpec.java b/bcprov/src/main/java/org/bouncycastle/jce/spec/ElGamalPublicKeySpec.java
deleted file mode 100644
index c0e6dba..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/spec/ElGamalPublicKeySpec.java
+++ /dev/null

@@ -1,33 +0,0 @@
-package org.bouncycastle.jce.spec;
-
-import java.math.BigInteger;
-
-/**
- * This class specifies an ElGamal public key with its associated parameters.
- *
- * @see ElGamalPrivateKeySpec
- */
-public class ElGamalPublicKeySpec
-    extends ElGamalKeySpec
-{
-    private BigInteger  y;
-
-    public ElGamalPublicKeySpec(
-        BigInteger              y,
-        ElGamalParameterSpec    spec)
-    {
-        super(spec);
-
-        this.y = y;
-    }
-
-    /**
-     * Returns the public value <code>y</code>.
-     *
-     * @return the public value <code>y</code>
-     */
-    public BigInteger getY()
-    {
-        return y;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/spec/GOST28147ParameterSpec.java b/bcprov/src/main/java/org/bouncycastle/jce/spec/GOST28147ParameterSpec.java
deleted file mode 100644
index d03fbfe..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/spec/GOST28147ParameterSpec.java
+++ /dev/null

@@ -1,48 +0,0 @@
-package org.bouncycastle.jce.spec;
-
-/**
- * A parameter spec for the GOST-28147 cipher.
- * @deprecated use  org.bouncycastle.jcajce.spec.GOST28147ParameterSpec
- */
-public class GOST28147ParameterSpec
-    extends org.bouncycastle.jcajce.spec.GOST28147ParameterSpec
-{
-    /**
-     * @deprecated
-     */
-    public GOST28147ParameterSpec(
-        byte[] sBox)
-    {
-        super(sBox);
-    }
-
-    /**
-     * @deprecated
-     */
-    public GOST28147ParameterSpec(
-        byte[] sBox,
-        byte[] iv)
-    {
-        super(sBox, iv);
-
-    }
-
-    /**
-     * @deprecated
-     */
-    public GOST28147ParameterSpec(
-        String  sBoxName)
-    {
-        super(sBoxName);
-    }
-
-    /**
-     * @deprecated
-     */
-    public GOST28147ParameterSpec(
-        String  sBoxName,
-        byte[]  iv)
-    {
-        super(sBoxName, iv);
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/spec/GOST3410ParameterSpec.java b/bcprov/src/main/java/org/bouncycastle/jce/spec/GOST3410ParameterSpec.java
deleted file mode 100644
index 6e0980d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/spec/GOST3410ParameterSpec.java
+++ /dev/null

@@ -1,133 +0,0 @@
-package org.bouncycastle.jce.spec;
-
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
-import org.bouncycastle.asn1.cryptopro.GOST3410NamedParameters;
-import org.bouncycastle.asn1.cryptopro.GOST3410ParamSetParameters;
-import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
-import org.bouncycastle.jce.interfaces.GOST3410Params;
-
-/**
- * ParameterSpec for a GOST 3410-94 key.
- */
-public class GOST3410ParameterSpec
-    implements AlgorithmParameterSpec, GOST3410Params
-{
-    private GOST3410PublicKeyParameterSetSpec keyParameters;
-    private String                            keyParamSetOID;
-    private String                            digestParamSetOID;
-    private String                            encryptionParamSetOID;
-    
-    public GOST3410ParameterSpec(
-        String  keyParamSetID,
-        String  digestParamSetOID,
-        String  encryptionParamSetOID)
-    {
-        GOST3410ParamSetParameters  ecP = null;
-        
-        try
-        {
-            ecP = GOST3410NamedParameters.getByOID(new ASN1ObjectIdentifier(keyParamSetID));
-        }
-        catch (IllegalArgumentException e)
-        {
-            ASN1ObjectIdentifier oid = GOST3410NamedParameters.getOID(keyParamSetID);
-            if (oid != null)
-            {
-                keyParamSetID = oid.getId();
-                ecP = GOST3410NamedParameters.getByOID(oid);
-            }
-        }
-        
-        if (ecP == null)
-        {
-            throw new IllegalArgumentException("no key parameter set for passed in name/OID.");
-        }
-
-        this.keyParameters = new GOST3410PublicKeyParameterSetSpec(
-                                        ecP.getP(),
-                                        ecP.getQ(),
-                                        ecP.getA());
-        
-        this.keyParamSetOID = keyParamSetID;
-        this.digestParamSetOID = digestParamSetOID;
-        this.encryptionParamSetOID = encryptionParamSetOID;
-    }
-    
-    public GOST3410ParameterSpec(
-        String  keyParamSetID,
-        String  digestParamSetOID)
-    {
-        this(keyParamSetID, digestParamSetOID, null);
-    }
-    
-    public GOST3410ParameterSpec(
-        String  keyParamSetID)
-    {
-        this(keyParamSetID, CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet.getId(), null);
-    }
-    
-    public GOST3410ParameterSpec(
-        GOST3410PublicKeyParameterSetSpec spec)
-    {
-        this.keyParameters = spec;
-        this.digestParamSetOID = CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet.getId();
-        this.encryptionParamSetOID = null;
-    }
-    
-    public String getPublicKeyParamSetOID()
-    {
-        return this.keyParamSetOID;
-    }
-
-    public GOST3410PublicKeyParameterSetSpec getPublicKeyParameters()
-    {
-        return keyParameters;
-    }
-    
-    public String getDigestParamSetOID()
-    {
-        return this.digestParamSetOID;
-    }
-
-    public String getEncryptionParamSetOID()
-    {
-        return this.encryptionParamSetOID;
-    }
-    
-    public boolean equals(Object o)
-    {
-        if (o instanceof GOST3410ParameterSpec)
-        {
-            GOST3410ParameterSpec other = (GOST3410ParameterSpec)o;
-            
-            return this.keyParameters.equals(other.keyParameters) 
-                && this.digestParamSetOID.equals(other.digestParamSetOID)
-                && (this.encryptionParamSetOID == other.encryptionParamSetOID
-                    || (this.encryptionParamSetOID != null && this.encryptionParamSetOID.equals(other.encryptionParamSetOID)));
-        }
-        
-        return false;
-    }
-    
-    public int hashCode()
-    {
-        return this.keyParameters.hashCode() ^ this.digestParamSetOID.hashCode() 
-                       ^ (this.encryptionParamSetOID != null ? this.encryptionParamSetOID.hashCode() : 0);
-    }
-
-    public static GOST3410ParameterSpec fromPublicKeyAlg(
-        GOST3410PublicKeyAlgParameters params)
-    {
-        if (params.getEncryptionParamSet() != null)
-        {
-            return new GOST3410ParameterSpec(params.getPublicKeyParamSet().getId(), params.getDigestParamSet().getId(), params.getEncryptionParamSet().getId());
-        }
-        else
-        {
-            return new GOST3410ParameterSpec(params.getPublicKeyParamSet().getId(), params.getDigestParamSet().getId());
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/spec/GOST3410PrivateKeySpec.java b/bcprov/src/main/java/org/bouncycastle/jce/spec/GOST3410PrivateKeySpec.java
deleted file mode 100644
index 5ea1385..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/spec/GOST3410PrivateKeySpec.java
+++ /dev/null

@@ -1,70 +0,0 @@
-package org.bouncycastle.jce.spec;
-
-import java.math.BigInteger;
-import java.security.spec.KeySpec;
-
-/**
- * This class specifies a GOST3410-94 private key with its associated parameters.
- */
-
-public class GOST3410PrivateKeySpec
-    implements KeySpec
-{
-    private BigInteger x;
-    private BigInteger p;
-    private BigInteger q;
-    private BigInteger a;
-
-    /**
-     * Creates a new GOST3410PrivateKeySpec with the specified parameter values.
-     *
-     * @param x the private key.
-     * @param p the prime.
-     * @param q the sub-prime.
-     * @param a the base.
-     */
-    public GOST3410PrivateKeySpec(BigInteger x, BigInteger p, BigInteger q,
-         BigInteger a)
-    {
-        this.x = x;
-        this.p = p;
-        this.q = q;
-        this.a = a;
-    }
-
-    /**
-     * Returns the private key <code>x</code>.
-     * @return the private key <code>x</code>.
-     */
-    public BigInteger getX()
-    {
-        return this.x;
-    }
-
-    /**
-     * Returns the prime <code>p</code>.
-     * @return the prime <code>p</code>.
-     */
-    public BigInteger getP()
-    {
-        return this.p;
-    }
-
-    /**
-     * Returns the sub-prime <code>q</code>.
-     * @return the sub-prime <code>q</code>.
-     */
-    public BigInteger getQ()
-    {
-        return this.q;
-    }
-
-    /**
-     * Returns the base <code>a</code>.
-     * @return the base <code>a</code>.
-     */
-    public BigInteger getA()
-    {
-        return this.a;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/spec/GOST3410PublicKeyParameterSetSpec.java b/bcprov/src/main/java/org/bouncycastle/jce/spec/GOST3410PublicKeyParameterSetSpec.java
deleted file mode 100644
index 9e4e650..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/spec/GOST3410PublicKeyParameterSetSpec.java
+++ /dev/null

@@ -1,78 +0,0 @@
-package org.bouncycastle.jce.spec;
-
-import java.math.BigInteger;
-
-/**
- * ParameterSpec for a GOST 3410-94 key parameters.
- */
-public class GOST3410PublicKeyParameterSetSpec
-{
-    private BigInteger p;
-    private BigInteger q;
-    private BigInteger a;
-    
-    /**
-     * Creates a new GOST3410ParameterSpec with the specified parameter values.
-     * 
-     * @param p the prime.
-     * @param q the sub-prime.
-     * @param a the base.
-     */
-    public GOST3410PublicKeyParameterSetSpec(
-        BigInteger p,
-        BigInteger q,
-        BigInteger a)
-    {
-        this.p = p;
-        this.q = q;
-        this.a = a;
-    }
-    
-    /**
-     * Returns the prime <code>p</code>.
-     *
-     * @return the prime <code>p</code>.
-     */
-    public BigInteger getP() 
-    {
-        return this.p;
-    }
-    
-    /**
-     * Returns the sub-prime <code>q</code>.
-     *
-     * @return the sub-prime <code>q</code>.
-     */
-    public BigInteger getQ() 
-    {
-        return this.q;
-    }
-    
-    /**
-     * Returns the base <code>a</code>.
-     *
-     * @return the base <code>a</code>.
-     */
-    public BigInteger getA() 
-    {
-        return this.a;
-    }
-    
-    public boolean equals(
-        Object o)
-    {
-        if (o instanceof GOST3410PublicKeyParameterSetSpec)
-        {
-            GOST3410PublicKeyParameterSetSpec other = (GOST3410PublicKeyParameterSetSpec)o;
-            
-            return this.a.equals(other.a) && this.p.equals(other.p) && this.q.equals(other.q);
-        }
-        
-        return false;
-    }
-    
-    public int hashCode()
-    {
-        return a.hashCode() ^ p.hashCode() ^ q.hashCode();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/spec/GOST3410PublicKeySpec.java b/bcprov/src/main/java/org/bouncycastle/jce/spec/GOST3410PublicKeySpec.java
deleted file mode 100644
index 7b65c06..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/spec/GOST3410PublicKeySpec.java
+++ /dev/null

@@ -1,78 +0,0 @@
-package org.bouncycastle.jce.spec;
-
-import java.math.BigInteger;
-import java.security.spec.KeySpec;
-
-/**
- * This class specifies a GOST3410-94 public key with its associated parameters.
- */
-
-public class GOST3410PublicKeySpec
-    implements KeySpec
-{
-
-    private BigInteger y;
-    private BigInteger p;
-    private BigInteger q;
-    private BigInteger a;
-
-    /**
-     * Creates a new GOST3410PublicKeySpec with the specified parameter values.
-     *
-     * @param y the public key.
-     * @param p the prime.
-     * @param q the sub-prime.
-     * @param a the base.
-     */
-    public GOST3410PublicKeySpec(
-        BigInteger y,
-        BigInteger p,
-        BigInteger q,
-        BigInteger a)
-    {
-        this.y = y;
-        this.p = p;
-        this.q = q;
-        this.a = a;
-    }
-
-    /**
-     * Returns the public key <code>y</code>.
-     *
-     * @return the public key <code>y</code>.
-     */
-    public BigInteger getY()
-    {
-        return this.y;
-    }
-
-    /**
-     * Returns the prime <code>p</code>.
-     *
-     * @return the prime <code>p</code>.
-     */
-    public BigInteger getP()
-    {
-        return this.p;
-    }
-
-    /**
-     * Returns the sub-prime <code>q</code>.
-     *
-     * @return the sub-prime <code>q</code>.
-     */
-    public BigInteger getQ()
-    {
-        return this.q;
-    }
-
-    /**
-     * Returns the base <code>g</code>.
-     *
-     * @return the base <code>g</code>.
-     */
-    public BigInteger getA()
-    {
-        return this.a;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/spec/IEKeySpec.java b/bcprov/src/main/java/org/bouncycastle/jce/spec/IEKeySpec.java
deleted file mode 100644
index 9859a22..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/spec/IEKeySpec.java
+++ /dev/null

@@ -1,70 +0,0 @@
-package org.bouncycastle.jce.spec;
-
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.spec.KeySpec;
-
-import org.bouncycastle.jce.interfaces.IESKey;
-
-/**
- * key pair for use with an integrated encryptor - together
- * they provide what's required to generate the message.
- */
-public class IEKeySpec
-    implements KeySpec, IESKey
-{
-    private PublicKey   pubKey;
-    private PrivateKey  privKey;
-
-    /**
-     * @param privKey our private key.
-     * @param pubKey the public key of the sender/recipient.
-     */
-    public IEKeySpec(
-        PrivateKey  privKey,
-        PublicKey   pubKey)
-    {
-        this.privKey = privKey;
-        this.pubKey = pubKey;
-    }
-
-    /**
-     * return the intended recipient's/sender's public key.
-     */
-    public PublicKey getPublic()
-    {
-        return pubKey;
-    }
-
-    /**
-     * return the local private key.
-     */
-    public PrivateKey getPrivate()
-    {
-        return privKey;
-    }
-
-    /**
-     * return "IES"
-     */
-    public String getAlgorithm()
-    {
-        return "IES";
-    }
-
-    /**
-     * return null
-     */
-    public String getFormat()
-    {
-        return null;
-    }
-
-    /**
-     * returns null
-     */
-    public byte[] getEncoded()
-    {
-        return null;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/spec/IESParameterSpec.java b/bcprov/src/main/java/org/bouncycastle/jce/spec/IESParameterSpec.java
deleted file mode 100644
index cc29c10..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/spec/IESParameterSpec.java
+++ /dev/null

@@ -1,158 +0,0 @@
-package org.bouncycastle.jce.spec;
-
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * Parameter spec for an integrated encryptor, as in IEEE P1363a
- */
-public class IESParameterSpec
-    implements AlgorithmParameterSpec
-{
-    private byte[] derivation;
-    private byte[] encoding;
-    private int macKeySize;
-    private int cipherKeySize;
-    private byte[] nonce;
-    private boolean usePointCompression;
-
-
-    /**
-     * Set the IES engine parameters.
-     *
-     * @param derivation the optional derivation vector for the KDF.
-     * @param encoding   the optional encoding vector for the KDF.
-     * @param macKeySize the key size (in bits) for the MAC.
-     */
-    public IESParameterSpec(
-        byte[] derivation,
-        byte[] encoding,
-        int macKeySize)
-    {
-        this(derivation, encoding, macKeySize, -1, null, false);
-    }
-
-    /**
-     * Set the IES engine parameters.
-     *
-     * @param derivation    the optional derivation vector for the KDF.
-     * @param encoding      the optional encoding vector for the KDF.
-     * @param macKeySize    the key size (in bits) for the MAC.
-     * @param cipherKeySize the key size (in bits) for the block cipher.
-     * @param nonce         an IV to use initialising the block cipher.
-     */
-    public IESParameterSpec(
-        byte[] derivation,
-        byte[] encoding,
-        int macKeySize,
-        int cipherKeySize,
-        byte[] nonce)
-    {
-        this(derivation, encoding, macKeySize, cipherKeySize, nonce, false);
-    }
-
-    /**
-     * Set the IES engine parameters.
-     *
-     * @param derivation    the optional derivation vector for the KDF.
-     * @param encoding      the optional encoding vector for the KDF.
-     * @param macKeySize    the key size (in bits) for the MAC.
-     * @param cipherKeySize the key size (in bits) for the block cipher.
-     * @param nonce         an IV to use initialising the block cipher.
-     * @param usePointCompression whether to use EC point compression or not (false by default)
-     */
-    public IESParameterSpec(
-        byte[] derivation,
-        byte[] encoding,
-        int macKeySize,
-        int cipherKeySize,
-        byte[] nonce,
-        boolean usePointCompression)
-    {
-        if (derivation != null)
-        {
-            this.derivation = new byte[derivation.length];
-            System.arraycopy(derivation, 0, this.derivation, 0, derivation.length);
-        }
-        else
-        {
-            this.derivation = null;
-        }
-
-        if (encoding != null)
-        {
-            this.encoding = new byte[encoding.length];
-            System.arraycopy(encoding, 0, this.encoding, 0, encoding.length);
-        }
-        else
-        {
-            this.encoding = null;
-        }
-
-        this.macKeySize = macKeySize;
-        this.cipherKeySize = cipherKeySize;
-        this.nonce = Arrays.clone(nonce);
-        this.usePointCompression = usePointCompression;
-    }
-
-    /**
-     * return the derivation vector.
-     */
-    public byte[] getDerivationV()
-    {
-        return Arrays.clone(derivation);
-    }
-
-    /**
-     * return the encoding vector.
-     */
-    public byte[] getEncodingV()
-    {
-        return Arrays.clone(encoding);
-    }
-
-    /**
-     * return the key size in bits for the MAC used with the message
-     */
-    public int getMacKeySize()
-    {
-        return macKeySize;
-    }
-
-    /**
-     * return the key size in bits for the block cipher used with the message
-     */
-    public int getCipherKeySize()
-    {
-        return cipherKeySize;
-    }
-
-    /**
-     * Return the nonce (IV) value to be associated with message.
-     *
-     * @return block cipher IV for message.
-     */
-    public byte[] getNonce()
-    {
-        return Arrays.clone(nonce);
-    }
-
-    /**
-     * Set the 'point compression' flag.
-     */
-    public void setPointCompression(boolean usePointCompression)
-    {
-        this.usePointCompression = usePointCompression;
-    }
-
-    /**
-     * Return the 'point compression' flag.
-     *
-     * @return the point compression flag
-     */
-    public boolean getPointCompression()
-    {
-        return usePointCompression;
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/spec/MQVPrivateKeySpec.java b/bcprov/src/main/java/org/bouncycastle/jce/spec/MQVPrivateKeySpec.java
deleted file mode 100644
index d103270..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/spec/MQVPrivateKeySpec.java
+++ /dev/null

@@ -1,94 +0,0 @@
-package org.bouncycastle.jce.spec;
-
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.spec.KeySpec;
-
-import org.bouncycastle.jce.interfaces.MQVPrivateKey;
-
-/**
- * Static/ephemeral private key (pair) for use with ECMQV key agreement
- * (Optionally provides the ephemeral public key)
- * @deprecated use MQVParameterSpec
- */
-public class MQVPrivateKeySpec
-    implements KeySpec, MQVPrivateKey
-{
-    private PrivateKey staticPrivateKey;
-    private PrivateKey ephemeralPrivateKey;
-    private PublicKey ephemeralPublicKey;
-
-    /**
-     * @param staticPrivateKey the static private key.
-     * @param ephemeralPrivateKey the ephemeral private key.
-     */
-    public MQVPrivateKeySpec(
-            PrivateKey  staticPrivateKey,
-            PrivateKey  ephemeralPrivateKey)
-    {
-        this(staticPrivateKey, ephemeralPrivateKey, null);
-    }
-
-    /**
-     * @param staticPrivateKey the static private key.
-     * @param ephemeralPrivateKey the ephemeral private key.
-     * @param ephemeralPublicKey the ephemeral public key (may be null).
-     */
-    public MQVPrivateKeySpec(
-        PrivateKey  staticPrivateKey,
-        PrivateKey  ephemeralPrivateKey,
-        PublicKey   ephemeralPublicKey)
-    {
-        this.staticPrivateKey = staticPrivateKey;
-        this.ephemeralPrivateKey = ephemeralPrivateKey;
-        this.ephemeralPublicKey = ephemeralPublicKey;
-    }
-
-    /**
-     * return the static private key
-     */
-    public PrivateKey getStaticPrivateKey()
-    {
-        return staticPrivateKey;
-    }
-
-    /**
-     * return the ephemeral private key
-     */
-    public PrivateKey getEphemeralPrivateKey()
-    {
-        return ephemeralPrivateKey;
-    }
-
-    /**
-     * return the ephemeral public key (may be null)
-     */
-    public PublicKey getEphemeralPublicKey()
-    {
-        return ephemeralPublicKey;
-    }
-
-    /**
-     * return "ECMQV"
-     */
-    public String getAlgorithm()
-    {
-        return "ECMQV";
-    }
-
-    /**
-     * return null
-     */
-    public String getFormat()
-    {
-        return null;
-    }
-
-    /**
-     * returns null
-     */
-    public byte[] getEncoded()
-    {
-        return null;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/spec/MQVPublicKeySpec.java b/bcprov/src/main/java/org/bouncycastle/jce/spec/MQVPublicKeySpec.java
deleted file mode 100644
index afc1f3f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/spec/MQVPublicKeySpec.java
+++ /dev/null

@@ -1,69 +0,0 @@
-package org.bouncycastle.jce.spec;
-
-import java.security.PublicKey;
-import java.security.spec.KeySpec;
-
-import org.bouncycastle.jce.interfaces.MQVPublicKey;
-
-/**
- * Static/ephemeral public key pair for use with ECMQV key agreement
- * @deprecated use MQVParameterSpec
- */
-public class MQVPublicKeySpec
-    implements KeySpec, MQVPublicKey
-{
-    private PublicKey staticKey;
-    private PublicKey ephemeralKey;
-
-    /**
-     * @param staticKey the static public key.
-     * @param ephemeralKey the ephemeral public key.
-     */
-    public MQVPublicKeySpec(
-        PublicKey staticKey,
-        PublicKey ephemeralKey)
-    {
-        this.staticKey = staticKey;
-        this.ephemeralKey = ephemeralKey;
-    }
-
-    /**
-     * return the static public key
-     */
-    public PublicKey getStaticKey()
-    {
-        return staticKey;
-    }
-    
-    /**
-     * return the ephemeral public key
-     */
-    public PublicKey getEphemeralKey()
-    {
-        return ephemeralKey;
-    }
-
-    /**
-     * return "ECMQV"
-     */
-    public String getAlgorithm()
-    {
-        return "ECMQV";
-    }
-
-    /**
-     * return null
-     */
-    public String getFormat()
-    {
-        return null;
-    }
-
-    /**
-     * returns null
-     */
-    public byte[] getEncoded()
-    {
-        return null;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/spec/OpenSSHPrivateKeySpec.java b/bcprov/src/main/java/org/bouncycastle/jce/spec/OpenSSHPrivateKeySpec.java
deleted file mode 100644
index 5b870e1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/spec/OpenSSHPrivateKeySpec.java
+++ /dev/null

@@ -1,60 +0,0 @@
-package org.bouncycastle.jce.spec;
-
-import java.security.spec.EncodedKeySpec;
-
-import org.bouncycastle.crypto.util.OpenSSHPrivateKeyUtil;
-
-/**
- * OpenSSHPrivateKeySpec holds and encoded OpenSSH private key.
- * The format of the key can be either ASN.1 or OpenSSH.
- */
-public class OpenSSHPrivateKeySpec
-    extends EncodedKeySpec
-{
-    private final String format;
-
-    /**
-     * Accept an encoded key and determine the format.
-     * <p>
-     * The encoded key should be the Base64 decoded blob between the "---BEGIN and ---END" markers.
-     * This constructor will endeavour to find the OpenSSH format magic value. If it can not then it
-     * will default to ASN.1. It does not attempt to validate the ASN.1
-     * <p>
-     * Example:
-     * OpenSSHPrivateKeySpec privSpec = new OpenSSHPrivateKeySpec(rawPriv);
-     * <p>
-     * KeyFactory kpf = KeyFactory.getInstance("RSA", "BC");
-     * PrivateKey prk = kpf.generatePrivate(privSpec);
-     * <p>
-     * OpenSSHPrivateKeySpec rcPrivateSpec = kpf.getKeySpec(prk, OpenSSHPrivateKeySpec.class);
-     *
-     * @param encodedKey The encoded key.
-     */
-    public OpenSSHPrivateKeySpec(byte[] encodedKey)
-    {
-        super(encodedKey);
-
-        if  (encodedKey[0] == 0x30)   // DER SEQUENCE
-        {
-            format = "ASN.1";
-        }
-        else if (encodedKey[0] == 'o')
-        {
-            format = "OpenSSH";
-        }
-        else
-        {
-            throw new IllegalArgumentException("unknown byte encoding");
-        }
-    }
-
-    /**
-     * Return the format, either OpenSSH for the OpenSSH propriety format or ASN.1.
-     *
-     * @return the format OpenSSH or ASN.1
-     */
-    public String getFormat()
-    {
-        return format;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/spec/OpenSSHPublicKeySpec.java b/bcprov/src/main/java/org/bouncycastle/jce/spec/OpenSSHPublicKeySpec.java
deleted file mode 100644
index 50fbde1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/spec/OpenSSHPublicKeySpec.java
+++ /dev/null

@@ -1,77 +0,0 @@
-package org.bouncycastle.jce.spec;
-
-import java.security.spec.EncodedKeySpec;
-
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-
-/**
- * Holds an OpenSSH encoded public key.
- */
-public class OpenSSHPublicKeySpec
-    extends EncodedKeySpec
-{
-    private static final String[] allowedTypes = new String[]{"ssh-rsa", "ssh-ed25519", "ssh-dss"};
-    private final String type;
-
-
-    /**
-     * Construct and instance and determine the OpenSSH public key type.
-     * The current types are ssh-rsa, ssh-ed25519, ssh-dss and ecdsa-*
-     * <p>
-     * It does not validate the key beyond identifying the type.
-     *
-     * @param encodedKey
-     */
-    public OpenSSHPublicKeySpec(byte[] encodedKey)
-    {
-        super(encodedKey);
-
-        //
-        // The type is encoded at the start of the blob.
-        //
-        int pos = 0;
-        int i = (encodedKey[pos++] & 0xFF) << 24;
-        i |= (encodedKey[pos++] & 0xFF) << 16;
-        i |= (encodedKey[pos++] & 0xFF) << 8;
-        i |= (encodedKey[pos++] & 0xFF);
-
-        if ((pos + i) >= encodedKey.length)
-        {
-            throw new IllegalArgumentException("invalid public key blob: type field longer than blob");
-        }
-
-        this.type = Strings.fromByteArray(Arrays.copyOfRange(encodedKey, pos, pos + i));
-
-        if (type.startsWith("ecdsa"))
-        {
-            return; // These have a curve name and digest in them and can't be compared exactly.
-        }
-
-        for (int t = 0; t < allowedTypes.length; t++)
-        {
-            if (allowedTypes[t].equals(this.type))
-            {
-                return;
-            }
-        }
-
-        throw new IllegalArgumentException("unrecognised public key type " + type);
-
-    }
-
-    public String getFormat()
-    {
-        return "OpenSSH";
-    }
-
-    /**
-     * The type of OpenSSH public key.
-     *
-     * @return the type.
-     */
-    public String getType()
-    {
-        return type;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/spec/RepeatedSecretKeySpec.java b/bcprov/src/main/java/org/bouncycastle/jce/spec/RepeatedSecretKeySpec.java
deleted file mode 100644
index 4111072..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/spec/RepeatedSecretKeySpec.java
+++ /dev/null

@@ -1,17 +0,0 @@
-package org.bouncycastle.jce.spec;
-
-/**
- * A simple object to indicate that a symmetric cipher should reuse the
- * last key provided.
- * @deprecated use super class org.bouncycastle.jcajce.spec.RepeatedSecretKeySpec
- */
-public class RepeatedSecretKeySpec
-    extends org.bouncycastle.jcajce.spec.RepeatedSecretKeySpec
-{
-    private String algorithm;
-
-    public RepeatedSecretKeySpec(String algorithm)
-    {
-        super(algorithm);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/jce/spec/package.html b/bcprov/src/main/java/org/bouncycastle/jce/spec/package.html
deleted file mode 100644
index 6f37057..0000000
--- a/bcprov/src/main/java/org/bouncycastle/jce/spec/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Parameter specifications for supporting El Gamal, and Elliptic Curve.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/DoubleAddMultiplier.java b/bcprov/src/main/java/org/bouncycastle/math/ec/DoubleAddMultiplier.java
deleted file mode 100644
index aae2e00..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/DoubleAddMultiplier.java
+++ /dev/null

@@ -1,24 +0,0 @@
-package org.bouncycastle.math.ec;
-
-import java.math.BigInteger;
-
-public class DoubleAddMultiplier extends AbstractECMultiplier
-{
-    /**
-     * Joye's double-add algorithm.
-     */
-    protected ECPoint multiplyPositive(ECPoint p, BigInteger k)
-    {
-        ECPoint[] R = new ECPoint[]{ p.getCurve().getInfinity(), p };
-
-        int n = k.bitLength();
-        for (int i = 0; i < n; ++i)
-        {
-            int b = k.testBit(i) ? 1 : 0;
-            int bp = 1 - b;
-            R[bp] = R[bp].twicePlus(R[b]);
-        }
-
-        return R[0];
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/MixedNafR2LMultiplier.java b/bcprov/src/main/java/org/bouncycastle/math/ec/MixedNafR2LMultiplier.java
deleted file mode 100644
index 6d5fe92..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/MixedNafR2LMultiplier.java
+++ /dev/null

@@ -1,77 +0,0 @@
-package org.bouncycastle.math.ec;
-
-import java.math.BigInteger;
-
-/**
- * Class implementing the NAF (Non-Adjacent Form) multiplication algorithm (right-to-left) using
- * mixed coordinates.
- */
-public class MixedNafR2LMultiplier extends AbstractECMultiplier
-{
-    protected int additionCoord, doublingCoord;
-
-    /**
-     * By default, addition will be done in Jacobian coordinates, and doubling will be done in
-     * Modified Jacobian coordinates (independent of the original coordinate system of each point).
-     */
-    public MixedNafR2LMultiplier()
-    {
-        this(ECCurve.COORD_JACOBIAN, ECCurve.COORD_JACOBIAN_MODIFIED);
-    }
-
-    public MixedNafR2LMultiplier(int additionCoord, int doublingCoord)
-    {
-        this.additionCoord = additionCoord;
-        this.doublingCoord = doublingCoord;
-    }
-
-    protected ECPoint multiplyPositive(ECPoint p, BigInteger k)
-    {
-        ECCurve curveOrig = p.getCurve();
-
-        ECCurve curveAdd = configureCurve(curveOrig, additionCoord);
-        ECCurve curveDouble = configureCurve(curveOrig, doublingCoord);
-
-        int[] naf = WNafUtil.generateCompactNaf(k);
-
-        ECPoint Ra = curveAdd.getInfinity();
-        ECPoint Td = curveDouble.importPoint(p);
-
-        int zeroes = 0;
-        for (int i = 0; i < naf.length; ++i)
-        {
-            int ni = naf[i];
-            int digit = ni >> 16;
-            zeroes += ni & 0xFFFF;
-
-            Td = Td.timesPow2(zeroes);
-
-            ECPoint Tj = curveAdd.importPoint(Td);
-            if (digit < 0)
-            {
-                Tj = Tj.negate();
-            }
-
-            Ra = Ra.add(Tj);
-
-            zeroes = 1;
-        }
-
-        return curveOrig.importPoint(Ra);
-    }
-
-    protected ECCurve configureCurve(ECCurve c, int coord)
-    {
-        if (c.getCoordinateSystem() == coord)
-        {
-            return c;
-        }
-
-        if (!c.supportsCoordinateSystem(coord))
-        {
-            throw new IllegalArgumentException("Coordinate system " + coord + " not supported by this curve");
-        }
-
-        return c.configure().setCoordinateSystem(coord).create();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/MontgomeryLadderMultiplier.java b/bcprov/src/main/java/org/bouncycastle/math/ec/MontgomeryLadderMultiplier.java
deleted file mode 100644
index cd969b5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/MontgomeryLadderMultiplier.java
+++ /dev/null

@@ -1,25 +0,0 @@
-package org.bouncycastle.math.ec;
-
-import java.math.BigInteger;
-
-public class MontgomeryLadderMultiplier extends AbstractECMultiplier
-{
-    /**
-     * Montgomery ladder.
-     */
-    protected ECPoint multiplyPositive(ECPoint p, BigInteger k)
-    {
-        ECPoint[] R = new ECPoint[]{ p.getCurve().getInfinity(), p };
-
-        int n = k.bitLength();
-        int i = n;
-        while (--i >= 0)
-        {
-            int b = k.testBit(i) ? 1 : 0;
-            int bp = 1 - b;
-            R[bp] = R[bp].add(R[b]);
-            R[b] = R[b].twice();
-        }
-        return R[0];
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/NafL2RMultiplier.java b/bcprov/src/main/java/org/bouncycastle/math/ec/NafL2RMultiplier.java
deleted file mode 100644
index 91d91d1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/NafL2RMultiplier.java
+++ /dev/null

@@ -1,30 +0,0 @@
-package org.bouncycastle.math.ec;
-
-import java.math.BigInteger;
-
-/**
- * Class implementing the NAF (Non-Adjacent Form) multiplication algorithm (left-to-right).
- */
-public class NafL2RMultiplier extends AbstractECMultiplier
-{
-    protected ECPoint multiplyPositive(ECPoint p, BigInteger k)
-    {
-        int[] naf = WNafUtil.generateCompactNaf(k);
-
-        ECPoint addP = p.normalize(), subP = addP.negate();
-
-        ECPoint R = p.getCurve().getInfinity();
-
-        int i = naf.length;
-        while (--i >= 0)
-        {
-            int ni = naf[i];
-            int digit = ni >> 16, zeroes = ni & 0xFFFF;
-
-            R = R.twicePlus(digit < 0 ? subP : addP);
-            R = R.timesPow2(zeroes);
-        }
-
-        return R;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/NafR2LMultiplier.java b/bcprov/src/main/java/org/bouncycastle/math/ec/NafR2LMultiplier.java
deleted file mode 100644
index aed2336..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/NafR2LMultiplier.java
+++ /dev/null

@@ -1,31 +0,0 @@
-package org.bouncycastle.math.ec;
-
-import java.math.BigInteger;
-
-/**
- * Class implementing the NAF (Non-Adjacent Form) multiplication algorithm (right-to-left).
- */
-public class NafR2LMultiplier extends AbstractECMultiplier
-{
-    protected ECPoint multiplyPositive(ECPoint p, BigInteger k)
-    {
-        int[] naf = WNafUtil.generateCompactNaf(k);
-
-        ECPoint R0 = p.getCurve().getInfinity(), R1 = p;
-
-        int zeroes = 0;
-        for (int i = 0; i < naf.length; ++i)
-        {
-            int ni = naf[i];
-            int digit = ni >> 16;
-            zeroes += ni & 0xFFFF;
-
-            R1 = R1.timesPow2(zeroes);
-            R0 = R0.add(digit < 0 ? R1.negate() : R1);
-
-            zeroes = 1;
-        }
-
-        return R0;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/ReferenceMultiplier.java b/bcprov/src/main/java/org/bouncycastle/math/ec/ReferenceMultiplier.java
deleted file mode 100644
index 107e193..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/ReferenceMultiplier.java
+++ /dev/null

@@ -1,11 +0,0 @@
-package org.bouncycastle.math.ec;
-
-import java.math.BigInteger;
-
-public class ReferenceMultiplier extends AbstractECMultiplier
-{
-    protected ECPoint multiplyPositive(ECPoint p, BigInteger k)
-    {
-        return ECAlgorithms.referenceMultiply(p, k);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/ScaleYPointMap.java b/bcprov/src/main/java/org/bouncycastle/math/ec/ScaleYPointMap.java
deleted file mode 100644
index a7a8790..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/ScaleYPointMap.java
+++ /dev/null

@@ -1,16 +0,0 @@
-package org.bouncycastle.math.ec;
-
-public class ScaleYPointMap implements ECPointMap
-{
-    protected final ECFieldElement scale;
-
-    public ScaleYPointMap(ECFieldElement scale)
-    {
-        this.scale = scale;
-    }
-
-    public ECPoint map(ECPoint p)
-    {
-        return p.scaleY(scale);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/SimpleLookupTable.java b/bcprov/src/main/java/org/bouncycastle/math/ec/SimpleLookupTable.java
deleted file mode 100644
index 98a903e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/SimpleLookupTable.java
+++ /dev/null

@@ -1,32 +0,0 @@
-package org.bouncycastle.math.ec;
-
-public class SimpleLookupTable
-    implements ECLookupTable
-{
-    private static ECPoint[] copy(ECPoint[] points, int off, int len)
-    {
-        ECPoint[] result = new ECPoint[len];
-        for (int i = 0; i < len; ++i)
-        {
-            result[i] = points[off + i];
-        }
-        return result;
-    }
-    
-    private final ECPoint[] points;
-
-    public SimpleLookupTable(ECPoint[] points, int off, int len)
-    {
-        this.points = copy(points, off, len);
-    }
-
-    public int getSize()
-    {
-        return points.length;
-    }
-
-    public ECPoint lookup(int index)
-    {
-        return points[index];
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/ZSignedDigitL2RMultiplier.java b/bcprov/src/main/java/org/bouncycastle/math/ec/ZSignedDigitL2RMultiplier.java
deleted file mode 100644
index b478dc7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/ZSignedDigitL2RMultiplier.java
+++ /dev/null

@@ -1,29 +0,0 @@
-package org.bouncycastle.math.ec;
-
-import java.math.BigInteger;
-
-public class ZSignedDigitL2RMultiplier extends AbstractECMultiplier
-{
-    /**
-     * 'Zeroless' Signed Digit Left-to-Right.
-     */
-    protected ECPoint multiplyPositive(ECPoint p, BigInteger k)
-    {
-        ECPoint addP = p.normalize(), subP = addP.negate();
-
-        ECPoint R0 = addP;
-
-        int n = k.bitLength();
-        int s = k.getLowestSetBit();
-
-        int i = n;
-        while (--i > s)
-        {
-            R0 = R0.twicePlus(k.testBit(i) ? addP : subP);
-        }
-
-        R0 = R0.timesPow2(s);
-
-        return R0;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/ZSignedDigitR2LMultiplier.java b/bcprov/src/main/java/org/bouncycastle/math/ec/ZSignedDigitR2LMultiplier.java
deleted file mode 100644
index baa702f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/ZSignedDigitR2LMultiplier.java
+++ /dev/null

@@ -1,30 +0,0 @@
-package org.bouncycastle.math.ec;
-
-import java.math.BigInteger;
-
-public class ZSignedDigitR2LMultiplier extends AbstractECMultiplier
-{
-    /**
-     * 'Zeroless' Signed Digit Right-to-Left.
-     */
-    protected ECPoint multiplyPositive(ECPoint p, BigInteger k)
-    {
-        ECPoint R0 = p.getCurve().getInfinity(), R1 = p;
-
-        int n = k.bitLength();
-        int s = k.getLowestSetBit();
-
-        R1 = R1.timesPow2(s);
-
-        int i = s;
-        while (++i < n)
-        {
-            R0 = R0.add(k.testBit(i) ? R1 : R1.negate());
-            R1 = R1.twice();
-        }
-
-        R0 = R0.add(R1);
-
-        return R0;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/djb/Curve25519.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/djb/Curve25519.java
deleted file mode 100644
index d9fa6c3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/djb/Curve25519.java
+++ /dev/null

@@ -1,126 +0,0 @@
-package org.bouncycastle.math.ec.custom.djb;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECLookupTable;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.raw.Nat256;
-import org.bouncycastle.util.encoders.Hex;
-
-public class Curve25519 extends ECCurve.AbstractFp
-{
-    public static final BigInteger q = Nat256.toBigInteger(Curve25519Field.P);
-
-    private static final int Curve25519_DEFAULT_COORDS = COORD_JACOBIAN_MODIFIED;
-
-    protected Curve25519Point infinity;
-
-    public Curve25519()
-    {
-        super(q);
-
-        this.infinity = new Curve25519Point(this, null, null);
-
-        this.a = fromBigInteger(new BigInteger(1,
-            Hex.decode("2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA984914A144")));
-        this.b = fromBigInteger(new BigInteger(1,
-            Hex.decode("7B425ED097B425ED097B425ED097B425ED097B425ED097B4260B5E9C7710C864")));
-        this.order = new BigInteger(1, Hex.decode("1000000000000000000000000000000014DEF9DEA2F79CD65812631A5CF5D3ED"));
-        this.cofactor = BigInteger.valueOf(8);
-
-        this.coord = Curve25519_DEFAULT_COORDS;
-    }
-
-    protected ECCurve cloneCurve()
-    {
-        return new Curve25519();
-    }
-
-    public boolean supportsCoordinateSystem(int coord)
-    {
-        switch (coord)
-        {
-        case COORD_JACOBIAN_MODIFIED:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    public BigInteger getQ()
-    {
-        return q;
-    }
-
-    public int getFieldSize()
-    {
-        return q.bitLength();
-    }
-
-    public ECFieldElement fromBigInteger(BigInteger x)
-    {
-        return new Curve25519FieldElement(x);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        return new Curve25519Point(this, x, y, withCompression);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        return new Curve25519Point(this, x, y, zs, withCompression);
-    }
-
-    public ECPoint getInfinity()
-    {
-        return infinity;
-    }
-
-    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
-    {
-        final int FE_INTS = 8;
-
-        final int[] table = new int[len * FE_INTS * 2];
-        {
-            int pos = 0;
-            for (int i = 0; i < len; ++i)
-            {
-                ECPoint p = points[off + i];
-                Nat256.copy(((Curve25519FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_INTS;
-                Nat256.copy(((Curve25519FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_INTS;
-            }
-        }
-
-        return new ECLookupTable()
-        {
-            public int getSize()
-            {
-                return len;
-            }
-
-            public ECPoint lookup(int index)
-            {
-                int[] x = Nat256.create(), y = Nat256.create();
-                int pos = 0;
-
-                for (int i = 0; i < len; ++i)
-                {
-                    int MASK = ((i ^ index) - 1) >> 31;
-
-                    for (int j = 0; j < FE_INTS; ++j)
-                    {
-                        x[j] ^= table[pos + j] & MASK;
-                        y[j] ^= table[pos + FE_INTS + j] & MASK;
-                    }
-
-                    pos += (FE_INTS * 2);
-                }
-
-                return createRawPoint(new Curve25519FieldElement(x), new Curve25519FieldElement(y), false);
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/djb/Curve25519Field.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/djb/Curve25519Field.java
deleted file mode 100644
index 2e8e335..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/djb/Curve25519Field.java
+++ /dev/null

@@ -1,254 +0,0 @@
-package org.bouncycastle.math.ec.custom.djb;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.raw.Nat;
-import org.bouncycastle.math.raw.Nat256;
-
-public class Curve25519Field
-{
-    private static final long M = 0xFFFFFFFFL;
-
-    // 2^255 - 2^4 - 2^1 - 1
-    static final int[] P = new int[]{ 0xFFFFFFED, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
-        0xFFFFFFFF, 0x7FFFFFFF };
-    private static final int P7 = 0x7FFFFFFF;
-    private static final int[] PExt = new int[]{ 0x00000169, 0x00000000, 0x00000000, 0x00000000, 0x00000000,
-        0x00000000, 0x00000000, 0x00000000, 0xFFFFFFED, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
-        0xFFFFFFFF, 0x3FFFFFFF };
-    private static final int PInv = 0x13;
-
-    public static void add(int[] x, int[] y, int[] z)
-    {
-        Nat256.add(x, y, z);
-        if (Nat256.gte(z, P))
-        {
-            subPFrom(z);
-        }
-    }
-
-    public static void addExt(int[] xx, int[] yy, int[] zz)
-    {
-        Nat.add(16, xx, yy, zz);
-        if (Nat.gte(16, zz, PExt))
-        {
-            subPExtFrom(zz);
-        }
-    }
-
-    public static void addOne(int[] x, int[] z)
-    {
-        Nat.inc(8, x, z);
-        if (Nat256.gte(z, P))
-        {
-            subPFrom(z);
-        }
-    }
-
-    public static int[] fromBigInteger(BigInteger x)
-    {
-        int[] z = Nat256.fromBigInteger(x);
-        while (Nat256.gte(z, P))
-        {
-            Nat256.subFrom(P, z);
-        }
-        return z;
-    }
-
-    public static void half(int[] x, int[] z)
-    {
-        if ((x[0] & 1) == 0)
-        {
-            Nat.shiftDownBit(8, x, 0, z);
-        }
-        else
-        {
-            Nat256.add(x, P, z);
-            Nat.shiftDownBit(8, z, 0);
-        }
-    }
-
-    public static void multiply(int[] x, int[] y, int[] z)
-    {
-        int[] tt = Nat256.createExt();
-        Nat256.mul(x, y, tt);
-        reduce(tt, z);
-    }
-
-    public static void multiplyAddToExt(int[] x, int[] y, int[] zz)
-    {
-        Nat256.mulAddTo(x, y, zz);
-        if (Nat.gte(16, zz, PExt))
-        {
-            subPExtFrom(zz);
-        }
-    }
-
-    public static void negate(int[] x, int[] z)
-    {
-        if (Nat256.isZero(x))
-        {
-            Nat256.zero(z);
-        }
-        else
-        {
-            Nat256.sub(P, x, z);
-        }
-    }
-
-    public static void reduce(int[] xx, int[] z)
-    {
-//        assert xx[15] >>> 30 == 0;
-
-        int xx07 = xx[7];
-        Nat.shiftUpBit(8, xx, 8, xx07, z, 0);
-        int c = Nat256.mulByWordAddTo(PInv, xx, z) << 1;
-        int z7 = z[7];
-        c += (z7 >>> 31) - (xx07 >>> 31);
-        z7 &= P7;
-        z7 += Nat.addWordTo(7, c * PInv, z);
-        z[7] = z7;
-        if (Nat256.gte(z, P))
-        {
-            subPFrom(z);
-        }
-    }
-
-    public static void reduce27(int x, int[] z)
-    {
-//        assert x >>> 26 == 0;
-
-        int z7 = z[7];
-        int c = (x << 1 | z7 >>> 31);
-        z7 &= P7;
-        z7 += Nat.addWordTo(7, c * PInv, z);
-        z[7] = z7;
-        if (Nat256.gte(z, P))
-        {
-            subPFrom(z);
-        }
-    }
-
-    public static void square(int[] x, int[] z)
-    {
-        int[] tt = Nat256.createExt();
-        Nat256.square(x, tt);
-        reduce(tt, z);
-    }
-
-    public static void squareN(int[] x, int n, int[] z)
-    {
-//        assert n > 0;
-
-        int[] tt = Nat256.createExt();
-        Nat256.square(x, tt);
-        reduce(tt, z);
-
-        while (--n > 0)
-        {
-            Nat256.square(z, tt);
-            reduce(tt, z);
-        }
-    }
-
-    public static void subtract(int[] x, int[] y, int[] z)
-    {
-        int c = Nat256.sub(x, y, z);
-        if (c != 0)
-        {
-            addPTo(z);
-        }
-    }
-
-    public static void subtractExt(int[] xx, int[] yy, int[] zz)
-    {
-        int c = Nat.sub(16, xx, yy, zz);
-        if (c != 0)
-        {
-            addPExtTo(zz);
-        }
-    }
-
-    public static void twice(int[] x, int[] z)
-    {
-        Nat.shiftUpBit(8, x, 0, z);
-        if (Nat256.gte(z, P))
-        {
-            subPFrom(z);
-        }
-    }
-
-    private static int addPTo(int[] z)
-    {
-        long c = (z[0] & M) - PInv;
-        z[0] = (int)c;
-        c >>= 32;
-        if (c != 0)
-        {
-            c = Nat.decAt(7, z, 1);
-        }
-        c += (z[7] & M) + ((P7 + 1) & M);
-        z[7] = (int)c;
-        c >>= 32;
-        return (int)c;
-    }
-
-    private static int addPExtTo(int[] zz)
-    {
-        long c = (zz[0] & M) + (PExt[0] & M);
-        zz[0] = (int)c;
-        c >>= 32;
-        if (c != 0)
-        {
-            c = Nat.incAt(8, zz, 1);
-        }
-        c += (zz[8] & M) - PInv;
-        zz[8] = (int)c;
-        c >>= 32;
-        if (c != 0)
-        {
-            c = Nat.decAt(15, zz, 9);
-        }
-        c += (zz[15] & M) + ((PExt[15] + 1) & M);
-        zz[15] = (int)c;
-        c >>= 32;
-        return (int)c;
-    }
-
-    private static int subPFrom(int[] z)
-    {
-        long c = (z[0] & M) + PInv;
-        z[0] = (int)c;
-        c >>= 32;
-        if (c != 0)
-        {
-            c = Nat.incAt(7, z, 1);
-        }
-        c += (z[7] & M) - ((P7 + 1) & M);
-        z[7] = (int)c;
-        c >>= 32;
-        return (int)c;
-    }
-
-    private static int subPExtFrom(int[] zz)
-    {
-        long c = (zz[0] & M) - (PExt[0] & M);
-        zz[0] = (int)c;
-        c >>= 32;
-        if (c != 0)
-        {
-            c = Nat.decAt(8, zz, 1);
-        }
-        c += (zz[8] & M) + PInv;
-        zz[8] = (int)c;
-        c >>= 32;
-        if (c != 0)
-        {
-            c = Nat.incAt(15, zz, 9);
-        }
-        c += (zz[15] & M) - ((PExt[15] + 1) & M);
-        zz[15] = (int)c;
-        c >>= 32;
-        return (int)c;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/djb/Curve25519FieldElement.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/djb/Curve25519FieldElement.java
deleted file mode 100644
index c8e6120..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/djb/Curve25519FieldElement.java
+++ /dev/null

@@ -1,234 +0,0 @@
-package org.bouncycastle.math.ec.custom.djb;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.raw.Mod;
-import org.bouncycastle.math.raw.Nat256;
-import org.bouncycastle.util.Arrays;
-
-public class Curve25519FieldElement extends ECFieldElement.AbstractFp
-{
-    public static final BigInteger Q = Curve25519.q;
-
-    // Calculated as ECConstants.TWO.modPow(Q.shiftRight(2), Q)
-    private static final int[] PRECOMP_POW2 = new int[]{ 0x4a0ea0b0, 0xc4ee1b27, 0xad2fe478, 0x2f431806,
-        0x3dfbd7a7, 0x2b4d0099, 0x4fc1df0b, 0x2b832480 };
-
-    protected int[] x;
-
-    public Curve25519FieldElement(BigInteger x)
-    {
-        if (x == null || x.signum() < 0 || x.compareTo(Q) >= 0)
-        {
-            throw new IllegalArgumentException("x value invalid for Curve25519FieldElement");
-        }
-
-        this.x = Curve25519Field.fromBigInteger(x);
-    }
-
-    public Curve25519FieldElement()
-    {
-        this.x = Nat256.create();
-    }
-
-    protected Curve25519FieldElement(int[] x)
-    {
-        this.x = x;
-    }
-
-    public boolean isZero()
-    {
-        return Nat256.isZero(x);
-    }
-
-    public boolean isOne()
-    {
-        return Nat256.isOne(x);
-    }
-
-    public boolean testBitZero()
-    {
-        return Nat256.getBit(x, 0) == 1;
-    }
-
-    public BigInteger toBigInteger()
-    {
-        return Nat256.toBigInteger(x);
-    }
-
-    public String getFieldName()
-    {
-        return "Curve25519Field";
-    }
-
-    public int getFieldSize()
-    {
-        return Q.bitLength();
-    }
-
-    public ECFieldElement add(ECFieldElement b)
-    {
-        int[] z = Nat256.create();
-        Curve25519Field.add(x, ((Curve25519FieldElement)b).x, z);
-        return new Curve25519FieldElement(z);
-    }
-
-    public ECFieldElement addOne()
-    {
-        int[] z = Nat256.create();
-        Curve25519Field.addOne(x, z);
-        return new Curve25519FieldElement(z);
-    }
-
-    public ECFieldElement subtract(ECFieldElement b)
-    {
-        int[] z = Nat256.create();
-        Curve25519Field.subtract(x, ((Curve25519FieldElement)b).x, z);
-        return new Curve25519FieldElement(z);
-    }
-
-    public ECFieldElement multiply(ECFieldElement b)
-    {
-        int[] z = Nat256.create();
-        Curve25519Field.multiply(x, ((Curve25519FieldElement)b).x, z);
-        return new Curve25519FieldElement(z);
-    }
-
-    public ECFieldElement divide(ECFieldElement b)
-    {
-//        return multiply(b.invert());
-        int[] z = Nat256.create();
-        Mod.invert(Curve25519Field.P, ((Curve25519FieldElement)b).x, z);
-        Curve25519Field.multiply(z, x, z);
-        return new Curve25519FieldElement(z);
-    }
-
-    public ECFieldElement negate()
-    {
-        int[] z = Nat256.create();
-        Curve25519Field.negate(x, z);
-        return new Curve25519FieldElement(z);
-    }
-
-    public ECFieldElement square()
-    {
-        int[] z = Nat256.create();
-        Curve25519Field.square(x, z);
-        return new Curve25519FieldElement(z);
-    }
-
-    public ECFieldElement invert()
-    {
-//        return new Curve25519FieldElement(toBigInteger().modInverse(Q));
-        int[] z = Nat256.create();
-        Mod.invert(Curve25519Field.P, x, z);
-        return new Curve25519FieldElement(z);
-    }
-
-    /**
-     * return a sqrt root - the routine verifies that the calculation returns the right value - if
-     * none exists it returns null.
-     */
-    public ECFieldElement sqrt()
-    {
-        /*
-         * Q == 8m + 5, so we use Pocklington's method for this case.
-         *
-         * First, raise this element to the exponent 2^252 - 2^1 (i.e. m + 1)
-         * 
-         * Breaking up the exponent's binary representation into "repunits", we get:
-         * { 251 1s } { 1 0s }
-         * 
-         * Therefore we need an addition chain containing 251 (the lengths of the repunits)
-         * We use: 1, 2, 3, 4, 7, 11, 15, 30, 60, 120, 131, [251]
-         */
-
-        int[] x1 = this.x;
-        if (Nat256.isZero(x1) || Nat256.isOne(x1))
-        {
-            return this;
-        }
-
-        int[] x2 = Nat256.create();
-        Curve25519Field.square(x1, x2);
-        Curve25519Field.multiply(x2, x1, x2);
-        int[] x3 = x2;
-        Curve25519Field.square(x2, x3);
-        Curve25519Field.multiply(x3, x1, x3);
-        int[] x4 = Nat256.create();
-        Curve25519Field.square(x3, x4);
-        Curve25519Field.multiply(x4, x1, x4);
-        int[] x7 = Nat256.create();
-        Curve25519Field.squareN(x4, 3, x7);
-        Curve25519Field.multiply(x7, x3, x7);
-        int[] x11 = x3;
-        Curve25519Field.squareN(x7, 4, x11);
-        Curve25519Field.multiply(x11, x4, x11);
-        int[] x15 = x7;
-        Curve25519Field.squareN(x11, 4, x15);
-        Curve25519Field.multiply(x15, x4, x15);
-        int[] x30 = x4;
-        Curve25519Field.squareN(x15, 15, x30);
-        Curve25519Field.multiply(x30, x15, x30);
-        int[] x60 = x15;
-        Curve25519Field.squareN(x30, 30, x60);
-        Curve25519Field.multiply(x60, x30, x60);
-        int[] x120 = x30;
-        Curve25519Field.squareN(x60, 60, x120);
-        Curve25519Field.multiply(x120, x60, x120);
-        int[] x131 = x60;
-        Curve25519Field.squareN(x120, 11, x131);
-        Curve25519Field.multiply(x131, x11, x131);
-        int[] x251 = x11;
-        Curve25519Field.squareN(x131, 120, x251);
-        Curve25519Field.multiply(x251, x120, x251);
-
-        int[] t1 = x251;
-        Curve25519Field.square(t1, t1);
-
-        int[] t2 = x120;
-        Curve25519Field.square(t1, t2);
-
-        if (Nat256.eq(x1, t2))
-        {
-            return new Curve25519FieldElement(t1);
-        }
-
-        /*
-         * If the first guess is incorrect, we multiply by a precomputed power of 2 to get the second guess,
-         * which is ((4x)^(m + 1))/2 mod Q
-         */
-        Curve25519Field.multiply(t1, PRECOMP_POW2, t1);
-
-        Curve25519Field.square(t1, t2);
-
-        if (Nat256.eq(x1, t2))
-        {
-            return new Curve25519FieldElement(t1);
-        }
-
-        return null;
-    }
-
-    public boolean equals(Object other)
-    {
-        if (other == this)
-        {
-            return true;
-        }
-
-        if (!(other instanceof Curve25519FieldElement))
-        {
-            return false;
-        }
-
-        Curve25519FieldElement o = (Curve25519FieldElement)other;
-        return Nat256.eq(x, o.x);
-    }
-
-    public int hashCode()
-    {
-        return Q.hashCode() ^ Arrays.hashCode(x, 0, 8);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/djb/Curve25519Point.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/djb/Curve25519Point.java
deleted file mode 100644
index b2700e3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/djb/Curve25519Point.java
+++ /dev/null

@@ -1,348 +0,0 @@
-package org.bouncycastle.math.ec.custom.djb;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.raw.Nat256;
-
-public class Curve25519Point extends ECPoint.AbstractFp
-{
-    /**
-     * Create a point which encodes with point compression.
-     * 
-     * @param curve the curve to use
-     * @param x affine x co-ordinate
-     * @param y affine y co-ordinate
-     * 
-     * @deprecated Use ECCurve.createPoint to construct points
-     */
-    public Curve25519Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
-    {
-        this(curve, x, y, false);
-    }
-
-    /**
-     * Create a point that encodes with or without point compresion.
-     * 
-     * @param curve the curve to use
-     * @param x affine x co-ordinate
-     * @param y affine y co-ordinate
-     * @param withCompression if true encode with point compression
-     * 
-     * @deprecated per-point compression property will be removed, refer {@link #getEncoded(boolean)}
-     */
-    public Curve25519Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        super(curve, x, y);
-
-        if ((x == null) != (y == null))
-        {
-            throw new IllegalArgumentException("Exactly one of the field elements is null");
-        }
-
-        this.withCompression = withCompression;
-    }
-
-    Curve25519Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        super(curve, x, y, zs);
-
-        this.withCompression = withCompression;
-    }
-
-    protected ECPoint detach()
-    {
-        return new Curve25519Point(null, getAffineXCoord(), getAffineYCoord());
-    }
-
-    public ECFieldElement getZCoord(int index)
-    {
-        if (index == 1)
-        {
-            return getJacobianModifiedW();
-        }
-
-        return super.getZCoord(index);
-    }
-
-    public ECPoint add(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return this;
-        }
-        if (this == b)
-        {
-            return twice();
-        }
-
-        ECCurve curve = this.getCurve();
-
-        Curve25519FieldElement X1 = (Curve25519FieldElement)this.x, Y1 = (Curve25519FieldElement)this.y,
-            Z1 = (Curve25519FieldElement)this.zs[0];
-        Curve25519FieldElement X2 = (Curve25519FieldElement)b.getXCoord(), Y2 = (Curve25519FieldElement)b.getYCoord(),
-            Z2 = (Curve25519FieldElement)b.getZCoord(0);
-
-        int c;
-        int[] tt1 = Nat256.createExt();
-        int[] t2 = Nat256.create();
-        int[] t3 = Nat256.create();
-        int[] t4 = Nat256.create();
-
-        boolean Z1IsOne = Z1.isOne();
-        int[] U2, S2;
-        if (Z1IsOne)
-        {
-            U2 = X2.x;
-            S2 = Y2.x;
-        }
-        else
-        {
-            S2 = t3;
-            Curve25519Field.square(Z1.x, S2);
-
-            U2 = t2;
-            Curve25519Field.multiply(S2, X2.x, U2);
-
-            Curve25519Field.multiply(S2, Z1.x, S2);
-            Curve25519Field.multiply(S2, Y2.x, S2);
-        }
-
-        boolean Z2IsOne = Z2.isOne();
-        int[] U1, S1;
-        if (Z2IsOne)
-        {
-            U1 = X1.x;
-            S1 = Y1.x;
-        }
-        else
-        {
-            S1 = t4;
-            Curve25519Field.square(Z2.x, S1);
-
-            U1 = tt1;
-            Curve25519Field.multiply(S1, X1.x, U1);
-
-            Curve25519Field.multiply(S1, Z2.x, S1);
-            Curve25519Field.multiply(S1, Y1.x, S1);
-        }
-
-        int[] H = Nat256.create();
-        Curve25519Field.subtract(U1, U2, H);
-
-        int[] R = t2;
-        Curve25519Field.subtract(S1, S2, R);
-
-        // Check if b == this or b == -this
-        if (Nat256.isZero(H))
-        {
-            if (Nat256.isZero(R))
-            {
-                // this == b, i.e. this must be doubled
-                return this.twice();
-            }
-
-            // this == -b, i.e. the result is the point at infinity
-            return curve.getInfinity();
-        }
-
-        int[] HSquared = Nat256.create();
-        Curve25519Field.square(H, HSquared);
-
-        int[] G = Nat256.create();
-        Curve25519Field.multiply(HSquared, H, G);
-
-        int[] V = t3;
-        Curve25519Field.multiply(HSquared, U1, V);
-
-        Curve25519Field.negate(G, G);
-        Nat256.mul(S1, G, tt1);
-
-        c = Nat256.addBothTo(V, V, G);
-        Curve25519Field.reduce27(c, G);
-
-        Curve25519FieldElement X3 = new Curve25519FieldElement(t4);
-        Curve25519Field.square(R, X3.x);
-        Curve25519Field.subtract(X3.x, G, X3.x);
-
-        Curve25519FieldElement Y3 = new Curve25519FieldElement(G);
-        Curve25519Field.subtract(V, X3.x, Y3.x);
-        Curve25519Field.multiplyAddToExt(Y3.x, R, tt1);
-        Curve25519Field.reduce(tt1, Y3.x);
-
-        Curve25519FieldElement Z3 = new Curve25519FieldElement(H);
-        if (!Z1IsOne)
-        {
-            Curve25519Field.multiply(Z3.x, Z1.x, Z3.x);
-        }
-        if (!Z2IsOne)
-        {
-            Curve25519Field.multiply(Z3.x, Z2.x, Z3.x);
-        }
-
-        int[] Z3Squared = (Z1IsOne && Z2IsOne) ? HSquared : null;
-
-        // TODO If the result will only be used in a subsequent addition, we don't need W3
-        Curve25519FieldElement W3 = calculateJacobianModifiedW((Curve25519FieldElement)Z3, Z3Squared);
-
-        ECFieldElement[] zs = new ECFieldElement[]{ Z3, W3 };
-
-        return new Curve25519Point(curve, X3, Y3, zs, this.withCompression);
-    }
-
-    public ECPoint twice()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement Y1 = this.y;
-        if (Y1.isZero()) 
-        {
-            return curve.getInfinity();
-        }
-
-        return twiceJacobianModified(true);
-    }
-
-    public ECPoint twicePlus(ECPoint b)
-    {
-        if (this == b)
-        {
-            return threeTimes();
-        }
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return twice();
-        }
-
-        ECFieldElement Y1 = this.y;
-        if (Y1.isZero()) 
-        {
-            return b;
-        }
-
-        return twiceJacobianModified(false).add(b);
-    }
-
-    public ECPoint threeTimes()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECFieldElement Y1 = this.y;
-        if (Y1.isZero())
-        {
-            return this;
-        }
-
-        return twiceJacobianModified(false).add(this);
-    }
-
-    public ECPoint negate()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        return new Curve25519Point(this.getCurve(), this.x, this.y.negate(), this.zs, this.withCompression);
-    }
-
-    protected Curve25519FieldElement calculateJacobianModifiedW(Curve25519FieldElement Z, int[] ZSquared)
-    {
-        Curve25519FieldElement a4 = (Curve25519FieldElement)this.getCurve().getA();
-        if (Z.isOne())
-        {
-            return a4;
-        }
-
-        Curve25519FieldElement W = new Curve25519FieldElement();
-        if (ZSquared == null)
-        {
-            ZSquared = W.x;
-            Curve25519Field.square(Z.x, ZSquared);
-        }
-        Curve25519Field.square(ZSquared, W.x);
-        Curve25519Field.multiply(W.x, a4.x, W.x);
-        return W;
-    }
-
-    protected Curve25519FieldElement getJacobianModifiedW()
-    {
-        Curve25519FieldElement W = (Curve25519FieldElement)this.zs[1];
-        if (W == null)
-        {
-            // NOTE: Rarely, twicePlus will result in the need for a lazy W1 calculation here
-            this.zs[1] = W = calculateJacobianModifiedW((Curve25519FieldElement)this.zs[0], null);
-        }
-        return W;
-    }
-
-    protected Curve25519Point twiceJacobianModified(boolean calculateW)
-    {
-        Curve25519FieldElement X1 = (Curve25519FieldElement)this.x, Y1 = (Curve25519FieldElement)this.y,
-            Z1 = (Curve25519FieldElement)this.zs[0], W1 = getJacobianModifiedW();
-
-        int c;
-
-        int[] M = Nat256.create();
-        Curve25519Field.square(X1.x, M);
-        c = Nat256.addBothTo(M, M, M);
-        c += Nat256.addTo(W1.x, M);
-        Curve25519Field.reduce27(c, M);
-
-        int[] _2Y1 = Nat256.create();
-        Curve25519Field.twice(Y1.x, _2Y1);
-
-        int[] _2Y1Squared = Nat256.create();
-        Curve25519Field.multiply(_2Y1, Y1.x, _2Y1Squared);
-
-        int[] S = Nat256.create();
-        Curve25519Field.multiply(_2Y1Squared, X1.x, S);
-        Curve25519Field.twice(S, S);
-
-        int[] _8T = Nat256.create();
-        Curve25519Field.square(_2Y1Squared, _8T);
-        Curve25519Field.twice(_8T, _8T);
-
-        Curve25519FieldElement X3 = new Curve25519FieldElement(_2Y1Squared);
-        Curve25519Field.square(M, X3.x);
-        Curve25519Field.subtract(X3.x, S, X3.x);
-        Curve25519Field.subtract(X3.x, S, X3.x);
-
-        Curve25519FieldElement Y3 = new Curve25519FieldElement(S);
-        Curve25519Field.subtract(S, X3.x, Y3.x);
-        Curve25519Field.multiply(Y3.x, M, Y3.x);
-        Curve25519Field.subtract(Y3.x, _8T, Y3.x);
-
-        Curve25519FieldElement Z3 = new Curve25519FieldElement(_2Y1);
-        if (!Nat256.isOne(Z1.x))
-        {
-            Curve25519Field.multiply(Z3.x, Z1.x, Z3.x);
-        }
-
-        Curve25519FieldElement W3 = null;
-        if (calculateW)
-        {
-            W3 = new Curve25519FieldElement(_8T);
-            Curve25519Field.multiply(W3.x, W1.x, W3.x);
-            Curve25519Field.twice(W3.x, W3.x);
-        }
-
-        return new Curve25519Point(this.getCurve(), X3, Y3, new ECFieldElement[]{ Z3, W3 }, this.withCompression);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/djb/package.html b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/djb/package.html
deleted file mode 100644
index 344418b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/djb/package.html
+++ /dev/null

@@ -1,7 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Experimental implementation of curve25519. Note that the curve implementation is in the short-Weierstrass form,
-which is not the recommended (nor most suitable) approach. In particular, the input/output conventions are not
-compliant with standard implementations, and point conversions would be needed to interoperate.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/gm/SM2P256V1Curve.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/gm/SM2P256V1Curve.java
deleted file mode 100644
index e88746f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/gm/SM2P256V1Curve.java
+++ /dev/null

@@ -1,127 +0,0 @@
-package org.bouncycastle.math.ec.custom.gm;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECLookupTable;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.raw.Nat256;
-import org.bouncycastle.util.encoders.Hex;
-
-public class SM2P256V1Curve extends ECCurve.AbstractFp
-{
-    public static final BigInteger q = new BigInteger(1,
-        Hex.decode("FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFF"));
-
-    private static final int SM2P256V1_DEFAULT_COORDS = COORD_JACOBIAN;
-
-    protected SM2P256V1Point infinity;
-
-    public SM2P256V1Curve()
-    {
-        super(q);
-
-        this.infinity = new SM2P256V1Point(this, null, null);
-
-        this.a = fromBigInteger(new BigInteger(1,
-            Hex.decode("FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF00000000FFFFFFFFFFFFFFFC")));
-        this.b = fromBigInteger(new BigInteger(1,
-            Hex.decode("28E9FA9E9D9F5E344D5A9E4BCF6509A7F39789F515AB8F92DDBCBD414D940E93")));
-        this.order = new BigInteger(1, Hex.decode("FFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFF7203DF6B21C6052B53BBF40939D54123"));
-        this.cofactor = BigInteger.valueOf(1);
-
-        this.coord = SM2P256V1_DEFAULT_COORDS;
-    }
-
-    protected ECCurve cloneCurve()
-    {
-        return new SM2P256V1Curve();
-    }
-
-    public boolean supportsCoordinateSystem(int coord)
-    {
-        switch (coord)
-        {
-        case COORD_JACOBIAN:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    public BigInteger getQ()
-    {
-        return q;
-    }
-
-    public int getFieldSize()
-    {
-        return q.bitLength();
-    }
-
-    public ECFieldElement fromBigInteger(BigInteger x)
-    {
-        return new SM2P256V1FieldElement(x);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        return new SM2P256V1Point(this, x, y, withCompression);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        return new SM2P256V1Point(this, x, y, zs, withCompression);
-    }
-
-    public ECPoint getInfinity()
-    {
-        return infinity;
-    }
-
-    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
-    {
-        final int FE_INTS = 8;
-
-        final int[] table = new int[len * FE_INTS * 2];
-        {
-            int pos = 0;
-            for (int i = 0; i < len; ++i)
-            {
-                ECPoint p = points[off + i];
-                Nat256.copy(((SM2P256V1FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_INTS;
-                Nat256.copy(((SM2P256V1FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_INTS;
-            }
-        }
-
-        return new ECLookupTable()
-        {
-            public int getSize()
-            {
-                return len;
-            }
-
-            public ECPoint lookup(int index)
-            {
-                int[] x = Nat256.create(), y = Nat256.create();
-                int pos = 0;
-
-                for (int i = 0; i < len; ++i)
-                {
-                    int MASK = ((i ^ index) - 1) >> 31;
-
-                    for (int j = 0; j < FE_INTS; ++j)
-                    {
-                        x[j] ^= table[pos + j] & MASK;
-                        y[j] ^= table[pos + FE_INTS + j] & MASK;
-                    }
-
-                    pos += (FE_INTS * 2);
-                }
-
-                return createRawPoint(new SM2P256V1FieldElement(x), new SM2P256V1FieldElement(y), false);
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/gm/SM2P256V1Field.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/gm/SM2P256V1Field.java
deleted file mode 100644
index 3304d0d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/gm/SM2P256V1Field.java
+++ /dev/null

@@ -1,308 +0,0 @@
-package org.bouncycastle.math.ec.custom.gm;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.raw.Nat;
-import org.bouncycastle.math.raw.Nat256;
-
-public class SM2P256V1Field
-{
-    private static final long M = 0xFFFFFFFFL;
-
-    // 2^256 - 2^224 - 2^96 + 2^64 - 1
-    static final int[] P = new int[]{ 0xFFFFFFFF, 0xFFFFFFFF, 0x00000000, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
-        0xFFFFFFFF, 0xFFFFFFFE };
-    static final int[] PExt = new int[]{ 00000001, 0x00000000, 0xFFFFFFFE, 0x00000001, 0x00000001,
-        0xFFFFFFFE, 0x00000000, 0x00000002, 0xFFFFFFFE, 0xFFFFFFFD, 0x00000003, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF,
-        0x00000000, 0xFFFFFFFE };
-    private static final int P7s1 = 0xFFFFFFFE >>> 1;
-    private static final int PExt15s1 = 0xFFFFFFFE >>> 1;
-
-    public static void add(int[] x, int[] y, int[] z)
-    {
-        int c = Nat256.add(x, y, z);
-        if (c != 0 || ((z[7] >>> 1) >= P7s1 && Nat256.gte(z, P)))
-        {
-            addPInvTo(z);
-        }
-    }
-
-    public static void addExt(int[] xx, int[] yy, int[] zz)
-    {
-        int c = Nat.add(16, xx, yy, zz);
-        if (c != 0 || ((zz[15] >>> 1) >= PExt15s1 && Nat.gte(16, zz, PExt)))
-        {
-            Nat.subFrom(16, PExt, zz);
-        }
-    }
-
-    public static void addOne(int[] x, int[] z)
-    {
-        int c = Nat.inc(8, x, z);
-        if (c != 0 || ((z[7] >>> 1) >= P7s1 && Nat256.gte(z, P)))
-        {
-            addPInvTo(z);
-        }
-    }
-
-    public static int[] fromBigInteger(BigInteger x)
-    {
-        int[] z = Nat256.fromBigInteger(x);
-        if ((z[7] >>> 1) >= P7s1 && Nat256.gte(z, P))
-        {
-            Nat256.subFrom(P, z);
-        }
-        return z;
-    }
-
-    public static void half(int[] x, int[] z)
-    {
-        if ((x[0] & 1) == 0)
-        {
-            Nat.shiftDownBit(8, x, 0, z);
-        }
-        else
-        {
-            int c = Nat256.add(x, P, z);
-            Nat.shiftDownBit(8, z, c);
-        }
-    }
-
-    public static void multiply(int[] x, int[] y, int[] z)
-    {
-        int[] tt = Nat256.createExt();
-        Nat256.mul(x, y, tt);
-        reduce(tt, z);
-    }
-
-    public static void multiplyAddToExt(int[] x, int[] y, int[] zz)
-    {
-        int c = Nat256.mulAddTo(x, y, zz);
-        if (c != 0 || ((zz[15] >>> 1) >= PExt15s1 && Nat.gte(16, zz, PExt)))
-        {
-            Nat.subFrom(16, PExt, zz);
-        }
-    }
-
-    public static void negate(int[] x, int[] z)
-    {
-        if (Nat256.isZero(x))
-        {
-            Nat256.zero(z);
-        }
-        else
-        {
-            Nat256.sub(P, x, z);
-        }
-    }
-
-    public static void reduce(int[] xx, int[] z)
-    {
-        long xx08 = xx[8] & M, xx09 = xx[9] & M, xx10 = xx[10] & M, xx11 = xx[11] & M;
-        long xx12 = xx[12] & M, xx13 = xx[13] & M, xx14 = xx[14] & M, xx15 = xx[15] & M;
-
-        long t0 = xx08 + xx09;
-        long t1 = xx10 + xx11;
-        long t2 = xx12 + xx15;
-        long t3 = xx13 + xx14;
-        long t4 = t3 + (xx15 << 1);
-
-        long ts = t0 + t3;
-        long tt = t1 + t2 + ts;
-
-        long cc = 0;
-        cc += (xx[0] & M) + tt + xx13 + xx14 + xx15;
-        z[0] = (int)cc;
-        cc >>= 32;
-        cc += (xx[1] & M) + tt - xx08 + xx14 + xx15;
-        z[1] = (int)cc;
-        cc >>= 32;
-        cc += (xx[2] & M) - ts;
-        z[2] = (int)cc;
-        cc >>= 32;
-        cc += (xx[3] & M) + tt - xx09 - xx10 + xx13;
-        z[3] = (int)cc;
-        cc >>= 32;
-        cc += (xx[4] & M) + tt - t1 - xx08 + xx14;
-        z[4] = (int)cc;
-        cc >>= 32;
-        cc += (xx[5] & M) + t4 + xx10;
-        z[5] = (int)cc;
-        cc >>= 32;
-        cc += (xx[6] & M) + xx11 + xx14 + xx15;
-        z[6] = (int)cc;
-        cc >>= 32;
-        cc += (xx[7] & M) + tt + t4 + xx12;
-        z[7] = (int)cc;
-        cc >>= 32;
-
-//        assert cc >= 0;
-
-        reduce32((int)cc, z);
-    }
-
-    public static void reduce32(int x, int[] z)
-    {
-        long cc = 0;
-
-        if (x != 0)
-        {
-            long xx08 = x & M;
-
-            cc += (z[0] & M) + xx08;
-            z[0] = (int)cc;
-            cc >>= 32;
-            if (cc != 0)
-            {
-                cc += (z[1] & M);
-                z[1] = (int)cc;
-                cc >>= 32;
-            }
-            cc += (z[2] & M) - xx08;
-            z[2] = (int)cc;
-            cc >>= 32;
-            cc += (z[3] & M) + xx08;
-            z[3] = (int)cc;
-            cc >>= 32;
-            if (cc != 0)
-            {
-                cc += (z[4] & M);
-                z[4] = (int)cc;
-                cc >>= 32;
-                cc += (z[5] & M);
-                z[5] = (int)cc;
-                cc >>= 32;
-                cc += (z[6] & M);
-                z[6] = (int)cc;
-                cc >>= 32;
-            }
-            cc += (z[7] & M) + xx08;
-            z[7] = (int)cc;
-            cc >>= 32;
-
-//          assert cc == 0 || cc == 1;
-        }
-
-        if (cc != 0 || ((z[7] >>> 1) >= P7s1 && Nat256.gte(z, P)))
-        {
-            addPInvTo(z);
-        }
-    }
-
-    public static void square(int[] x, int[] z)
-    {
-        int[] tt = Nat256.createExt();
-        Nat256.square(x, tt);
-        reduce(tt, z);
-    }
-
-    public static void squareN(int[] x, int n, int[] z)
-    {
-//        assert n > 0;
-
-        int[] tt = Nat256.createExt();
-        Nat256.square(x, tt);
-        reduce(tt, z);
-
-        while (--n > 0)
-        {
-            Nat256.square(z, tt);
-            reduce(tt, z);
-        }
-    }
-
-    public static void subtract(int[] x, int[] y, int[] z)
-    {
-        int c = Nat256.sub(x, y, z);
-        if (c != 0)
-        {
-            subPInvFrom(z);
-        }
-    }
-
-    public static void subtractExt(int[] xx, int[] yy, int[] zz)
-    {
-        int c = Nat.sub(16, xx, yy, zz);
-        if (c != 0)
-        {
-            Nat.addTo(16, PExt, zz);
-        }
-    }
-
-    public static void twice(int[] x, int[] z)
-    {
-        int c = Nat.shiftUpBit(8, x, 0, z);
-        if (c != 0 || ((z[7] >>> 1) >= P7s1 && Nat256.gte(z, P)))
-        {
-            addPInvTo(z);
-        }
-    }
-
-    private static void addPInvTo(int[] z)
-    {
-        long c = (z[0] & M) + 1;
-        z[0] = (int)c;
-        c >>= 32;
-        if (c != 0)
-        {
-            c += (z[1] & M);
-            z[1] = (int)c;
-            c >>= 32;
-        }
-        c += (z[2] & M) - 1;
-        z[2] = (int)c;
-        c >>= 32;
-        c += (z[3] & M) + 1;
-        z[3] = (int)c;
-        c >>= 32;
-        if (c != 0)
-        {
-            c += (z[4] & M);
-            z[4] = (int)c;
-            c >>= 32;
-            c += (z[5] & M);
-            z[5] = (int)c;
-            c >>= 32;
-            c += (z[6] & M);
-            z[6] = (int)c;
-            c >>= 32;
-        }
-        c += (z[7] & M) + 1;
-        z[7] = (int)c;
-//        c >>= 32;
-    }
-
-    private static void subPInvFrom(int[] z)
-    {
-        long c = (z[0] & M) - 1;
-        z[0] = (int)c;
-        c >>= 32;
-        if (c != 0)
-        {
-            c += (z[1] & M);
-            z[1] = (int)c;
-            c >>= 32;
-        }
-        c += (z[2] & M) + 1;
-        z[2] = (int)c;
-        c >>= 32;
-        c += (z[3] & M) - 1;
-        z[3] = (int)c;
-        c >>= 32;
-        if (c != 0)
-        {
-            c += (z[4] & M);
-            z[4] = (int)c;
-            c >>= 32;
-            c += (z[5] & M);
-            z[5] = (int)c;
-            c >>= 32;
-            c += (z[6] & M);
-            z[6] = (int)c;
-            c >>= 32;
-        }
-        c += (z[7] & M) - 1;
-        z[7] = (int)c;
-//        c >>= 32;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/gm/SM2P256V1FieldElement.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/gm/SM2P256V1FieldElement.java
deleted file mode 100644
index 2d5b06e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/gm/SM2P256V1FieldElement.java
+++ /dev/null

@@ -1,210 +0,0 @@
-package org.bouncycastle.math.ec.custom.gm;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.raw.Mod;
-import org.bouncycastle.math.raw.Nat256;
-import org.bouncycastle.util.Arrays;
-
-public class SM2P256V1FieldElement extends ECFieldElement.AbstractFp
-{
-    public static final BigInteger Q = SM2P256V1Curve.q;
-
-    protected int[] x;
-
-    public SM2P256V1FieldElement(BigInteger x)
-    {
-        if (x == null || x.signum() < 0 || x.compareTo(Q) >= 0)
-        {
-            throw new IllegalArgumentException("x value invalid for SM2P256V1FieldElement");
-        }
-
-        this.x = SM2P256V1Field.fromBigInteger(x);
-    }
-
-    public SM2P256V1FieldElement()
-    {
-        this.x = Nat256.create();
-    }
-
-    protected SM2P256V1FieldElement(int[] x)
-    {
-        this.x = x;
-    }
-
-    public boolean isZero()
-    {
-        return Nat256.isZero(x);
-    }
-
-    public boolean isOne()
-    {
-        return Nat256.isOne(x);
-    }
-
-    public boolean testBitZero()
-    {
-        return Nat256.getBit(x, 0) == 1;
-    }
-
-    public BigInteger toBigInteger()
-    {
-        return Nat256.toBigInteger(x);
-    }
-
-    public String getFieldName()
-    {
-        return "SM2P256V1Field";
-    }
-
-    public int getFieldSize()
-    {
-        return Q.bitLength();
-    }
-
-    public ECFieldElement add(ECFieldElement b)
-    {
-        int[] z = Nat256.create();
-        SM2P256V1Field.add(x, ((SM2P256V1FieldElement)b).x, z);
-        return new SM2P256V1FieldElement(z);
-    }
-
-    public ECFieldElement addOne()
-    {
-        int[] z = Nat256.create();
-        SM2P256V1Field.addOne(x, z);
-        return new SM2P256V1FieldElement(z);
-    }
-
-    public ECFieldElement subtract(ECFieldElement b)
-    {
-        int[] z = Nat256.create();
-        SM2P256V1Field.subtract(x, ((SM2P256V1FieldElement)b).x, z);
-        return new SM2P256V1FieldElement(z);
-    }
-
-    public ECFieldElement multiply(ECFieldElement b)
-    {
-        int[] z = Nat256.create();
-        SM2P256V1Field.multiply(x, ((SM2P256V1FieldElement)b).x, z);
-        return new SM2P256V1FieldElement(z);
-    }
-
-    public ECFieldElement divide(ECFieldElement b)
-    {
-//        return multiply(b.invert());
-        int[] z = Nat256.create();
-        Mod.invert(SM2P256V1Field.P, ((SM2P256V1FieldElement)b).x, z);
-        SM2P256V1Field.multiply(z, x, z);
-        return new SM2P256V1FieldElement(z);
-    }
-
-    public ECFieldElement negate()
-    {
-        int[] z = Nat256.create();
-        SM2P256V1Field.negate(x, z);
-        return new SM2P256V1FieldElement(z);
-    }
-
-    public ECFieldElement square()
-    {
-        int[] z = Nat256.create();
-        SM2P256V1Field.square(x, z);
-        return new SM2P256V1FieldElement(z);
-    }
-
-    public ECFieldElement invert()
-    {
-//        return new SM2P256V1FieldElement(toBigInteger().modInverse(Q));
-        int[] z = Nat256.create();
-        Mod.invert(SM2P256V1Field.P, x, z);
-        return new SM2P256V1FieldElement(z);
-    }
-
-    /**
-     * return a sqrt root - the routine verifies that the calculation returns the right value - if
-     * none exists it returns null.
-     */
-    public ECFieldElement sqrt()
-    {
-        /*
-         * Raise this element to the exponent 2^254 - 2^222 - 2^94 + 2^62
-         *
-         * Breaking up the exponent's binary representation into "repunits", we get:
-         * { 31 1s } { 1 0s } { 128 1s } { 31 0s } { 1 1s } { 62 0s}
-         *
-         * We use an addition chain for the beginning: [1], 2, 3, 6, 12, [24], 30, [31] 
-         */
-
-        int[] x1 = this.x;
-        if (Nat256.isZero(x1) || Nat256.isOne(x1))
-        {
-            return this;
-        }
-
-        int[] x2 = Nat256.create();
-        SM2P256V1Field.square(x1, x2);
-        SM2P256V1Field.multiply(x2, x1, x2);
-        int[] x4 = Nat256.create();
-        SM2P256V1Field.squareN(x2, 2, x4);
-        SM2P256V1Field.multiply(x4, x2, x4);
-        int[] x6 = Nat256.create();
-        SM2P256V1Field.squareN(x4, 2, x6);
-        SM2P256V1Field.multiply(x6, x2, x6);
-        int[] x12 = x2;
-        SM2P256V1Field.squareN(x6, 6, x12);
-        SM2P256V1Field.multiply(x12, x6, x12);
-        int[] x24 = Nat256.create();
-        SM2P256V1Field.squareN(x12, 12, x24);
-        SM2P256V1Field.multiply(x24, x12, x24);
-        int[] x30 = x12;
-        SM2P256V1Field.squareN(x24, 6, x30);
-        SM2P256V1Field.multiply(x30, x6, x30);
-        int[] x31 = x6;
-        SM2P256V1Field.square(x30, x31);
-        SM2P256V1Field.multiply(x31, x1, x31);
-
-        int[] t1 = x24;
-        SM2P256V1Field.squareN(x31, 31, t1);
-
-        int[] x62 = x30;
-        SM2P256V1Field.multiply(t1, x31, x62);
-
-        SM2P256V1Field.squareN(t1, 32, t1);
-        SM2P256V1Field.multiply(t1, x62, t1);
-        SM2P256V1Field.squareN(t1, 62, t1);
-        SM2P256V1Field.multiply(t1, x62, t1);
-        SM2P256V1Field.squareN(t1, 4, t1);
-        SM2P256V1Field.multiply(t1, x4, t1);
-        SM2P256V1Field.squareN(t1, 32, t1);
-        SM2P256V1Field.multiply(t1, x1, t1);
-        SM2P256V1Field.squareN(t1, 62, t1);
-
-        int[] t2 = x4;
-        SM2P256V1Field.square(t1, t2);
-
-        return Nat256.eq(x1, t2) ? new SM2P256V1FieldElement(t1) : null;
-    }
-
-    public boolean equals(Object other)
-    {
-        if (other == this)
-        {
-            return true;
-        }
-
-        if (!(other instanceof SM2P256V1FieldElement))
-        {
-            return false;
-        }
-
-        SM2P256V1FieldElement o = (SM2P256V1FieldElement)other;
-        return Nat256.eq(x, o.x);
-    }
-
-    public int hashCode()
-    {
-        return Q.hashCode() ^ Arrays.hashCode(x, 0, 8);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/gm/SM2P256V1Point.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/gm/SM2P256V1Point.java
deleted file mode 100644
index 7cc174a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/gm/SM2P256V1Point.java
+++ /dev/null

@@ -1,308 +0,0 @@
-package org.bouncycastle.math.ec.custom.gm;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.raw.Nat;
-import org.bouncycastle.math.raw.Nat256;
-
-public class SM2P256V1Point extends ECPoint.AbstractFp
-{
-    /**
-     * Create a point which encodes with point compression.
-     *
-     * @param curve
-     *            the curve to use
-     * @param x
-     *            affine x co-ordinate
-     * @param y
-     *            affine y co-ordinate
-     *
-     * @deprecated Use ECCurve.createPoint to construct points
-     */
-    public SM2P256V1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
-    {
-        this(curve, x, y, false);
-    }
-
-    /**
-     * Create a point that encodes with or without point compresion.
-     *
-     * @param curve
-     *            the curve to use
-     * @param x
-     *            affine x co-ordinate
-     * @param y
-     *            affine y co-ordinate
-     * @param withCompression
-     *            if true encode with point compression
-     *
-     * @deprecated per-point compression property will be removed, refer
-     *             {@link #getEncoded(boolean)}
-     */
-    public SM2P256V1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        super(curve, x, y);
-
-        if ((x == null) != (y == null))
-        {
-            throw new IllegalArgumentException("Exactly one of the field elements is null");
-        }
-
-        this.withCompression = withCompression;
-    }
-
-    SM2P256V1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        super(curve, x, y, zs);
-
-        this.withCompression = withCompression;
-    }
-
-    protected ECPoint detach()
-    {
-        return new SM2P256V1Point(null, getAffineXCoord(), getAffineYCoord());
-    }
-
-    public ECPoint add(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return this;
-        }
-        if (this == b)
-        {
-            return twice();
-        }
-
-        ECCurve curve = this.getCurve();
-
-        SM2P256V1FieldElement X1 = (SM2P256V1FieldElement)this.x, Y1 = (SM2P256V1FieldElement)this.y;
-        SM2P256V1FieldElement X2 = (SM2P256V1FieldElement)b.getXCoord(), Y2 = (SM2P256V1FieldElement)b.getYCoord();
-
-        SM2P256V1FieldElement Z1 = (SM2P256V1FieldElement)this.zs[0];
-        SM2P256V1FieldElement Z2 = (SM2P256V1FieldElement)b.getZCoord(0);
-
-        int c;
-        int[] tt1 = Nat256.createExt();
-        int[] t2 = Nat256.create();
-        int[] t3 = Nat256.create();
-        int[] t4 = Nat256.create();
-
-        boolean Z1IsOne = Z1.isOne();
-        int[] U2, S2;
-        if (Z1IsOne)
-        {
-            U2 = X2.x;
-            S2 = Y2.x;
-        }
-        else
-        {
-            S2 = t3;
-            SM2P256V1Field.square(Z1.x, S2);
-
-            U2 = t2;
-            SM2P256V1Field.multiply(S2, X2.x, U2);
-
-            SM2P256V1Field.multiply(S2, Z1.x, S2);
-            SM2P256V1Field.multiply(S2, Y2.x, S2);
-        }
-
-        boolean Z2IsOne = Z2.isOne();
-        int[] U1, S1;
-        if (Z2IsOne)
-        {
-            U1 = X1.x;
-            S1 = Y1.x;
-        }
-        else
-        {
-            S1 = t4;
-            SM2P256V1Field.square(Z2.x, S1);
-
-            U1 = tt1;
-            SM2P256V1Field.multiply(S1, X1.x, U1);
-
-            SM2P256V1Field.multiply(S1, Z2.x, S1);
-            SM2P256V1Field.multiply(S1, Y1.x, S1);
-        }
-
-        int[] H = Nat256.create();
-        SM2P256V1Field.subtract(U1, U2, H);
-
-        int[] R = t2;
-        SM2P256V1Field.subtract(S1, S2, R);
-
-        // Check if b == this or b == -this
-        if (Nat256.isZero(H))
-        {
-            if (Nat256.isZero(R))
-            {
-                // this == b, i.e. this must be doubled
-                return this.twice();
-            }
-
-            // this == -b, i.e. the result is the point at infinity
-            return curve.getInfinity();
-        }
-
-        int[] HSquared = t3;
-        SM2P256V1Field.square(H, HSquared);
-
-        int[] G = Nat256.create();
-        SM2P256V1Field.multiply(HSquared, H, G);
-
-        int[] V = t3;
-        SM2P256V1Field.multiply(HSquared, U1, V);
-
-        SM2P256V1Field.negate(G, G);
-        Nat256.mul(S1, G, tt1);
-
-        c = Nat256.addBothTo(V, V, G);
-        SM2P256V1Field.reduce32(c, G);
-
-        SM2P256V1FieldElement X3 = new SM2P256V1FieldElement(t4);
-        SM2P256V1Field.square(R, X3.x);
-        SM2P256V1Field.subtract(X3.x, G, X3.x);
-
-        SM2P256V1FieldElement Y3 = new SM2P256V1FieldElement(G);
-        SM2P256V1Field.subtract(V, X3.x, Y3.x);
-        SM2P256V1Field.multiplyAddToExt(Y3.x, R, tt1);
-        SM2P256V1Field.reduce(tt1, Y3.x);
-
-        SM2P256V1FieldElement Z3 = new SM2P256V1FieldElement(H);
-        if (!Z1IsOne)
-        {
-            SM2P256V1Field.multiply(Z3.x, Z1.x, Z3.x);
-        }
-        if (!Z2IsOne)
-        {
-            SM2P256V1Field.multiply(Z3.x, Z2.x, Z3.x);
-        }
-
-        ECFieldElement[] zs = new ECFieldElement[]{ Z3 };
-
-        return new SM2P256V1Point(curve, X3, Y3, zs, this.withCompression);
-    }
-
-    public ECPoint twice()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        SM2P256V1FieldElement Y1 = (SM2P256V1FieldElement)this.y;
-        if (Y1.isZero())
-        {
-            return curve.getInfinity();
-        }
-
-        SM2P256V1FieldElement X1 = (SM2P256V1FieldElement)this.x, Z1 = (SM2P256V1FieldElement)this.zs[0];
-
-        int c;
-        int[] t1 = Nat256.create();
-        int[] t2 = Nat256.create();
-
-        int[] Y1Squared = Nat256.create();
-        SM2P256V1Field.square(Y1.x, Y1Squared);
-
-        int[] T = Nat256.create();
-        SM2P256V1Field.square(Y1Squared, T);
-
-        boolean Z1IsOne = Z1.isOne();
-
-        int[] Z1Squared = Z1.x;
-        if (!Z1IsOne)
-        {
-            Z1Squared = t2;
-            SM2P256V1Field.square(Z1.x, Z1Squared);
-        }
-
-        SM2P256V1Field.subtract(X1.x, Z1Squared, t1);
-
-        int[] M = t2;
-        SM2P256V1Field.add(X1.x, Z1Squared, M);
-        SM2P256V1Field.multiply(M, t1, M);
-        c = Nat256.addBothTo(M, M, M);
-        SM2P256V1Field.reduce32(c, M);
-
-        int[] S = Y1Squared;
-        SM2P256V1Field.multiply(Y1Squared, X1.x, S);
-        c = Nat.shiftUpBits(8, S, 2, 0);
-        SM2P256V1Field.reduce32(c, S);
-
-        c = Nat.shiftUpBits(8, T, 3, 0, t1);
-        SM2P256V1Field.reduce32(c, t1);
-
-        SM2P256V1FieldElement X3 = new SM2P256V1FieldElement(T);
-        SM2P256V1Field.square(M, X3.x);
-        SM2P256V1Field.subtract(X3.x, S, X3.x);
-        SM2P256V1Field.subtract(X3.x, S, X3.x);
-
-        SM2P256V1FieldElement Y3 = new SM2P256V1FieldElement(S);
-        SM2P256V1Field.subtract(S, X3.x, Y3.x);
-        SM2P256V1Field.multiply(Y3.x, M, Y3.x);
-        SM2P256V1Field.subtract(Y3.x, t1, Y3.x);
-
-        SM2P256V1FieldElement Z3 = new SM2P256V1FieldElement(M);
-        SM2P256V1Field.twice(Y1.x, Z3.x);
-        if (!Z1IsOne)
-        {
-            SM2P256V1Field.multiply(Z3.x, Z1.x, Z3.x);
-        }
-
-        return new SM2P256V1Point(curve, X3, Y3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twicePlus(ECPoint b)
-    {
-        if (this == b)
-        {
-            return threeTimes();
-        }
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return twice();
-        }
-
-        ECFieldElement Y1 = this.y;
-        if (Y1.isZero())
-        {
-            return b;
-        }
-
-        return twice().add(b);
-    }
-
-    public ECPoint threeTimes()
-    {
-        if (this.isInfinity() || this.y.isZero())
-        {
-            return this;
-        }
-
-        // NOTE: Be careful about recursions between twicePlus and threeTimes
-        return twice().add(this);
-    }
-
-    public ECPoint negate()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        return new SM2P256V1Point(curve, this.x, this.y.negate(), this.zs, this.withCompression);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/gm/package.html b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/gm/package.html
deleted file mode 100644
index 1d0567e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/gm/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Custom implementation of SM2 EC curve, SM2-P256V1.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP128R1Curve.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP128R1Curve.java
deleted file mode 100644
index 59a9993..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP128R1Curve.java
+++ /dev/null

@@ -1,127 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECLookupTable;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.raw.Nat128;
-import org.bouncycastle.util.encoders.Hex;
-
-public class SecP128R1Curve extends ECCurve.AbstractFp
-{
-    public static final BigInteger q = new BigInteger(1,
-        Hex.decode("FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF"));
-
-    private static final int SecP128R1_DEFAULT_COORDS = COORD_JACOBIAN;
-
-    protected SecP128R1Point infinity;
-
-    public SecP128R1Curve()
-    {
-        super(q);
-
-        this.infinity = new SecP128R1Point(this, null, null);
-
-        this.a = fromBigInteger(new BigInteger(1,
-            Hex.decode("FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC")));
-        this.b = fromBigInteger(new BigInteger(1,
-            Hex.decode("E87579C11079F43DD824993C2CEE5ED3")));
-        this.order = new BigInteger(1, Hex.decode("FFFFFFFE0000000075A30D1B9038A115"));
-        this.cofactor = BigInteger.valueOf(1);
-
-        this.coord = SecP128R1_DEFAULT_COORDS;
-    }
-
-    protected ECCurve cloneCurve()
-    {
-        return new SecP128R1Curve();
-    }
-
-    public boolean supportsCoordinateSystem(int coord)
-    {
-        switch (coord)
-        {
-        case COORD_JACOBIAN:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    public BigInteger getQ()
-    {
-        return q;
-    }
-
-    public int getFieldSize()
-    {
-        return q.bitLength();
-    }
-
-    public ECFieldElement fromBigInteger(BigInteger x)
-    {
-        return new SecP128R1FieldElement(x);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        return new SecP128R1Point(this, x, y, withCompression);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        return new SecP128R1Point(this, x, y, zs, withCompression);
-    }
-
-    public ECPoint getInfinity()
-    {
-        return infinity;
-    }
-
-    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
-    {
-        final int FE_INTS = 4;
-
-        final int[] table = new int[len * FE_INTS * 2];
-        {
-            int pos = 0;
-            for (int i = 0; i < len; ++i)
-            {
-                ECPoint p = points[off + i];
-                Nat128.copy(((SecP128R1FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_INTS;
-                Nat128.copy(((SecP128R1FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_INTS;
-            }
-        }
-
-        return new ECLookupTable()
-        {
-            public int getSize()
-            {
-                return len;
-            }
-
-            public ECPoint lookup(int index)
-            {
-                int[] x = Nat128.create(), y = Nat128.create();
-                int pos = 0;
-
-                for (int i = 0; i < len; ++i)
-                {
-                    int MASK = ((i ^ index) - 1) >> 31;
-
-                    for (int j = 0; j < FE_INTS; ++j)
-                    {
-                        x[j] ^= table[pos + j] & MASK;
-                        y[j] ^= table[pos + FE_INTS + j] & MASK;
-                    }
-
-                    pos += (FE_INTS * 2);
-                }
-
-                return createRawPoint(new SecP128R1FieldElement(x), new SecP128R1FieldElement(y), false);
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP128R1Field.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP128R1Field.java
deleted file mode 100644
index f77ba39..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP128R1Field.java
+++ /dev/null

@@ -1,220 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.raw.Nat;
-import org.bouncycastle.math.raw.Nat128;
-import org.bouncycastle.math.raw.Nat256;
-
-public class SecP128R1Field
-{
-    private static final long M = 0xFFFFFFFFL;
-
-    // 2^128 - 2^97 - 1
-    static final int[] P = new int[] { 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFD };
-    static final int[] PExt = new int[] { 0x00000001, 0x00000000, 0x00000000, 0x00000004, 0xFFFFFFFE,
-        0xFFFFFFFF, 0x00000003, 0xFFFFFFFC };
-    private static final int[] PExtInv = new int[]{ 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFB,
-        0x00000001, 0x00000000, 0xFFFFFFFC, 0x00000003 };
-    private static final int P3s1 = 0xFFFFFFFD >>> 1;
-    private static final int PExt7s1 = 0xFFFFFFFC >>> 1;
-
-    public static void add(int[] x, int[] y, int[] z)
-    {
-        int c = Nat128.add(x, y, z);
-        if (c != 0 || ((z[3] >>> 1) >= P3s1 && Nat128.gte(z, P)))
-        {
-            addPInvTo(z);
-        }
-    }
-
-    public static void addExt(int[] xx, int[] yy, int[] zz)
-    {
-        int c = Nat256.add(xx, yy, zz);
-        if (c != 0 || ((zz[7] >>> 1) >= PExt7s1 && Nat256.gte(zz, PExt)))
-        {
-            Nat.addTo(PExtInv.length, PExtInv, zz);
-        }
-    }
-
-    public static void addOne(int[] x, int[] z)
-    {
-        int c = Nat.inc(4, x, z);
-        if (c != 0 || ((z[3] >>> 1) >= P3s1 && Nat128.gte(z, P)))
-        {
-            addPInvTo(z);
-        }
-    }
-
-    public static int[] fromBigInteger(BigInteger x)
-    {
-        int[] z = Nat128.fromBigInteger(x);
-        if ((z[3] >>> 1) >= P3s1 && Nat128.gte(z, P))
-        {
-            Nat128.subFrom(P, z);
-        }
-        return z;
-    }
-
-    public static void half(int[] x, int[] z)
-    {
-        if ((x[0] & 1) == 0)
-        {
-            Nat.shiftDownBit(4, x, 0, z);
-        }
-        else
-        {
-            int c = Nat128.add(x, P, z);
-            Nat.shiftDownBit(4, z, c);
-        }
-    }
-
-    public static void multiply(int[] x, int[] y, int[] z)
-    {
-        int[] tt = Nat128.createExt();
-        Nat128.mul(x, y, tt);
-        reduce(tt, z);
-    }
-
-    public static void multiplyAddToExt(int[] x, int[] y, int[] zz)
-    {
-        int c = Nat128.mulAddTo(x, y, zz);
-        if (c != 0 || ((zz[7] >>> 1) >= PExt7s1 && Nat256.gte(zz, PExt)))
-        {
-            Nat.addTo(PExtInv.length, PExtInv, zz);
-        }
-    }
-
-    public static void negate(int[] x, int[] z)
-    {
-        if (Nat128.isZero(x))
-        {
-            Nat128.zero(z);
-        }
-        else
-        {
-            Nat128.sub(P, x, z);
-        }
-    }
-
-    public static void reduce(int[] xx, int[] z)
-    {
-        long x0 = xx[0] & M, x1 = xx[1] & M, x2 = xx[2] & M, x3 = xx[3] & M;
-        long x4 = xx[4] & M, x5 = xx[5] & M, x6 = xx[6] & M, x7 = xx[7] & M;
-
-        x3 += x7; x6 += (x7 << 1);
-        x2 += x6; x5 += (x6 << 1);
-        x1 += x5; x4 += (x5 << 1);
-        x0 += x4; x3 += (x4 << 1);
-
-        z[0] = (int)x0; x1 += (x0 >>> 32);
-        z[1] = (int)x1; x2 += (x1 >>> 32);
-        z[2] = (int)x2; x3 += (x2 >>> 32);
-        z[3] = (int)x3;
-
-        reduce32((int)(x3 >>> 32), z);
-    }
-
-    public static void reduce32(int x, int[] z)
-    {
-        while (x != 0)
-        {
-            long c, x4 = x & M;
-
-            c = (z[0] & M) + x4;
-            z[0] = (int)c; c >>= 32;
-            if (c != 0)
-            {
-                c += (z[1] & M);
-                z[1] = (int)c; c >>= 32;
-                c += (z[2] & M);
-                z[2] = (int)c; c >>= 32;
-            }
-            c += (z[3] & M) + (x4 << 1);
-            z[3] = (int)c; c >>= 32;
-
-//            assert c >= 0 && c <= 2;
-
-            x = (int)c;
-        }
-    }
-
-    public static void square(int[] x, int[] z)
-    {
-        int[] tt = Nat128.createExt();
-        Nat128.square(x, tt);
-        reduce(tt, z);
-    }
-
-    public static void squareN(int[] x, int n, int[] z)
-    {
-//        assert n > 0;
-
-        int[] tt = Nat128.createExt();
-        Nat128.square(x, tt);
-        reduce(tt, z);
-
-        while (--n > 0)
-        {
-            Nat128.square(z, tt);
-            reduce(tt, z);
-        }
-    }
-
-    public static void subtract(int[] x, int[] y, int[] z)
-    {
-        int c = Nat128.sub(x, y, z);
-        if (c != 0)
-        {
-            subPInvFrom(z);
-        }
-    }
-
-    public static void subtractExt(int[] xx, int[] yy, int[] zz)
-    {
-        int c = Nat.sub(10, xx, yy, zz);
-        if (c != 0)
-        {
-            Nat.subFrom(PExtInv.length, PExtInv, zz);
-        }
-    }
-
-    public static void twice(int[] x, int[] z)
-    {
-        int c = Nat.shiftUpBit(4, x, 0, z);
-        if (c != 0 || ((z[3] >>> 1) >= P3s1 && Nat128.gte(z, P)))
-        {
-            addPInvTo(z);
-        }
-    }
-
-    private static void addPInvTo(int[] z)
-    {
-        long c = (z[0] & M) + 1;
-        z[0] = (int)c; c >>= 32;
-        if (c != 0)
-        {
-            c += (z[1] & M);
-            z[1] = (int)c; c >>= 32;
-            c += (z[2] & M);
-            z[2] = (int)c; c >>= 32;
-        }
-        c += (z[3] & M) + 2;
-        z[3] = (int)c;
-    }
-
-    private static void subPInvFrom(int[] z)
-    {
-        long c = (z[0] & M) - 1;
-        z[0] = (int)c; c >>= 32;
-        if (c != 0)
-        {
-            c += (z[1] & M);
-            z[1] = (int)c; c >>= 32;
-            c += (z[2] & M);
-            z[2] = (int)c; c >>= 32;
-        }
-        c += (z[3] & M) - 2;
-        z[3] = (int)c;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP128R1FieldElement.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP128R1FieldElement.java
deleted file mode 100644
index 7d490a4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP128R1FieldElement.java
+++ /dev/null

@@ -1,199 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.raw.Mod;
-import org.bouncycastle.math.raw.Nat128;
-import org.bouncycastle.util.Arrays;
-
-public class SecP128R1FieldElement extends ECFieldElement.AbstractFp
-{
-    public static final BigInteger Q = SecP128R1Curve.q;
-
-    protected int[] x;
-
-    public SecP128R1FieldElement(BigInteger x)
-    {
-        if (x == null || x.signum() < 0 || x.compareTo(Q) >= 0)
-        {
-            throw new IllegalArgumentException("x value invalid for SecP128R1FieldElement");
-        }
-
-        this.x = SecP128R1Field.fromBigInteger(x);
-    }
-
-    public SecP128R1FieldElement()
-    {
-        this.x = Nat128.create();
-    }
-
-    protected SecP128R1FieldElement(int[] x)
-    {
-        this.x = x;
-    }
-
-    public boolean isZero()
-    {
-        return Nat128.isZero(x);
-    }
-
-    public boolean isOne()
-    {
-        return Nat128.isOne(x);
-    }
-
-    public boolean testBitZero()
-    {
-        return Nat128.getBit(x, 0) == 1;
-    }
-
-    public BigInteger toBigInteger()
-    {
-        return Nat128.toBigInteger(x);
-    }
-
-    public String getFieldName()
-    {
-        return "SecP128R1Field";
-    }
-
-    public int getFieldSize()
-    {
-        return Q.bitLength();
-    }
-
-    public ECFieldElement add(ECFieldElement b)
-    {
-        int[] z = Nat128.create();
-        SecP128R1Field.add(x, ((SecP128R1FieldElement)b).x, z);
-        return new SecP128R1FieldElement(z);
-    }
-
-    public ECFieldElement addOne()
-    {
-        int[] z = Nat128.create();
-        SecP128R1Field.addOne(x, z);
-        return new SecP128R1FieldElement(z);
-    }
-
-    public ECFieldElement subtract(ECFieldElement b)
-    {
-        int[] z = Nat128.create();
-        SecP128R1Field.subtract(x, ((SecP128R1FieldElement)b).x, z);
-        return new SecP128R1FieldElement(z);
-    }
-
-    public ECFieldElement multiply(ECFieldElement b)
-    {
-        int[] z = Nat128.create();
-        SecP128R1Field.multiply(x, ((SecP128R1FieldElement)b).x, z);
-        return new SecP128R1FieldElement(z);
-    }
-
-    public ECFieldElement divide(ECFieldElement b)
-    {
-//        return multiply(b.invert());
-        int[] z = Nat128.create();
-        Mod.invert(SecP128R1Field.P, ((SecP128R1FieldElement)b).x, z);
-        SecP128R1Field.multiply(z, x, z);
-        return new SecP128R1FieldElement(z);
-    }
-
-    public ECFieldElement negate()
-    {
-        int[] z = Nat128.create();
-        SecP128R1Field.negate(x, z);
-        return new SecP128R1FieldElement(z);
-    }
-
-    public ECFieldElement square()
-    {
-        int[] z = Nat128.create();
-        SecP128R1Field.square(x, z);
-        return new SecP128R1FieldElement(z);
-    }
-
-    public ECFieldElement invert()
-    {
-//        return new SecP128R1FieldElement(toBigInteger().modInverse(Q));
-        int[] z = Nat128.create();
-        Mod.invert(SecP128R1Field.P, x, z);
-        return new SecP128R1FieldElement(z);
-    }
-
-    // D.1.4 91
-    /**
-     * return a sqrt root - the routine verifies that the calculation returns the right value - if
-     * none exists it returns null.
-     */
-    public ECFieldElement sqrt()
-    {
-        /*
-         * Raise this element to the exponent 2^126 - 2^95
-         *
-         * Breaking up the exponent's binary representation into "repunits", we get:
-         *     { 31 1s } { 95 0s }
-         *
-         * Therefore we need an addition chain containing 31 (the length of the repunit) We use:
-         *     1, 2, 4, 8, 10, 20, 30, [31]
-         */
-
-        int[] x1 = this.x;
-        if (Nat128.isZero(x1) || Nat128.isOne(x1))
-        {
-            return this;
-        }
-
-        int[] x2 = Nat128.create();
-        SecP128R1Field.square(x1, x2);
-        SecP128R1Field.multiply(x2, x1, x2);
-        int[] x4 = Nat128.create();
-        SecP128R1Field.squareN(x2, 2, x4);
-        SecP128R1Field.multiply(x4, x2, x4);
-        int[] x8 = Nat128.create();
-        SecP128R1Field.squareN(x4, 4, x8);
-        SecP128R1Field.multiply(x8, x4, x8);
-        int[] x10 = x4;
-        SecP128R1Field.squareN(x8, 2, x10);
-        SecP128R1Field.multiply(x10, x2, x10);
-        int[] x20 = x2;
-        SecP128R1Field.squareN(x10, 10, x20);
-        SecP128R1Field.multiply(x20, x10, x20);
-        int[] x30 = x8;
-        SecP128R1Field.squareN(x20, 10, x30);
-        SecP128R1Field.multiply(x30, x10, x30);
-        int[] x31 = x10;
-        SecP128R1Field.square(x30, x31);
-        SecP128R1Field.multiply(x31, x1, x31);
-
-        int[] t1 = x31;
-        SecP128R1Field.squareN(t1, 95, t1);
-
-        int[] t2 = x30;
-        SecP128R1Field.square(t1, t2);
-
-        return Nat128.eq(x1, t2) ? new SecP128R1FieldElement(t1) : null;
-    }
-
-    public boolean equals(Object other)
-    {
-        if (other == this)
-        {
-            return true;
-        }
-
-        if (!(other instanceof SecP128R1FieldElement))
-        {
-            return false;
-        }
-
-        SecP128R1FieldElement o = (SecP128R1FieldElement)other;
-        return Nat128.eq(x, o.x);
-    }
-
-    public int hashCode()
-    {
-        return Q.hashCode() ^ Arrays.hashCode(x, 0, 4);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP128R1Point.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP128R1Point.java
deleted file mode 100644
index b7934da..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP128R1Point.java
+++ /dev/null

@@ -1,308 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.raw.Nat;
-import org.bouncycastle.math.raw.Nat128;
-
-public class SecP128R1Point extends ECPoint.AbstractFp
-{
-    /**
-     * Create a point which encodes with point compression.
-     *
-     * @param curve
-     *            the curve to use
-     * @param x
-     *            affine x co-ordinate
-     * @param y
-     *            affine y co-ordinate
-     *
-     * @deprecated Use ECCurve.createPoint to construct points
-     */
-    public SecP128R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
-    {
-        this(curve, x, y, false);
-    }
-
-    /**
-     * Create a point that encodes with or without point compresion.
-     *
-     * @param curve
-     *            the curve to use
-     * @param x
-     *            affine x co-ordinate
-     * @param y
-     *            affine y co-ordinate
-     * @param withCompression
-     *            if true encode with point compression
-     *
-     * @deprecated per-point compression property will be removed, refer
-     *             {@link #getEncoded(boolean)}
-     */
-    public SecP128R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        super(curve, x, y);
-
-        if ((x == null) != (y == null))
-        {
-            throw new IllegalArgumentException("Exactly one of the field elements is null");
-        }
-
-        this.withCompression = withCompression;
-    }
-
-    SecP128R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        super(curve, x, y, zs);
-
-        this.withCompression = withCompression;
-    }
-
-    protected ECPoint detach()
-    {
-        return new SecP128R1Point(null, getAffineXCoord(), getAffineYCoord());
-    }
-
-    public ECPoint add(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return this;
-        }
-        if (this == b)
-        {
-            return twice();
-        }
-
-        ECCurve curve = this.getCurve();
-
-        SecP128R1FieldElement X1 = (SecP128R1FieldElement)this.x, Y1 = (SecP128R1FieldElement)this.y;
-        SecP128R1FieldElement X2 = (SecP128R1FieldElement)b.getXCoord(), Y2 = (SecP128R1FieldElement)b.getYCoord();
-
-        SecP128R1FieldElement Z1 = (SecP128R1FieldElement)this.zs[0];
-        SecP128R1FieldElement Z2 = (SecP128R1FieldElement)b.getZCoord(0);
-
-        int c;
-        int[] tt1 = Nat128.createExt();
-        int[] t2 = Nat128.create();
-        int[] t3 = Nat128.create();
-        int[] t4 = Nat128.create();
-
-        boolean Z1IsOne = Z1.isOne();
-        int[] U2, S2;
-        if (Z1IsOne)
-        {
-            U2 = X2.x;
-            S2 = Y2.x;
-        }
-        else
-        {
-            S2 = t3;
-            SecP128R1Field.square(Z1.x, S2);
-
-            U2 = t2;
-            SecP128R1Field.multiply(S2, X2.x, U2);
-
-            SecP128R1Field.multiply(S2, Z1.x, S2);
-            SecP128R1Field.multiply(S2, Y2.x, S2);
-        }
-
-        boolean Z2IsOne = Z2.isOne();
-        int[] U1, S1;
-        if (Z2IsOne)
-        {
-            U1 = X1.x;
-            S1 = Y1.x;
-        }
-        else
-        {
-            S1 = t4;
-            SecP128R1Field.square(Z2.x, S1);
-
-            U1 = tt1;
-            SecP128R1Field.multiply(S1, X1.x, U1);
-
-            SecP128R1Field.multiply(S1, Z2.x, S1);
-            SecP128R1Field.multiply(S1, Y1.x, S1);
-        }
-
-        int[] H = Nat128.create();
-        SecP128R1Field.subtract(U1, U2, H);
-
-        int[] R = t2;
-        SecP128R1Field.subtract(S1, S2, R);
-
-        // Check if b == this or b == -this
-        if (Nat128.isZero(H))
-        {
-            if (Nat128.isZero(R))
-            {
-                // this == b, i.e. this must be doubled
-                return this.twice();
-            }
-
-            // this == -b, i.e. the result is the point at infinity
-            return curve.getInfinity();
-        }
-
-        int[] HSquared = t3;
-        SecP128R1Field.square(H, HSquared);
-
-        int[] G = Nat128.create();
-        SecP128R1Field.multiply(HSquared, H, G);
-
-        int[] V = t3;
-        SecP128R1Field.multiply(HSquared, U1, V);
-
-        SecP128R1Field.negate(G, G);
-        Nat128.mul(S1, G, tt1);
-
-        c = Nat128.addBothTo(V, V, G);
-        SecP128R1Field.reduce32(c, G);
-
-        SecP128R1FieldElement X3 = new SecP128R1FieldElement(t4);
-        SecP128R1Field.square(R, X3.x);
-        SecP128R1Field.subtract(X3.x, G, X3.x);
-
-        SecP128R1FieldElement Y3 = new SecP128R1FieldElement(G);
-        SecP128R1Field.subtract(V, X3.x, Y3.x);
-        SecP128R1Field.multiplyAddToExt(Y3.x, R, tt1);
-        SecP128R1Field.reduce(tt1, Y3.x);
-
-        SecP128R1FieldElement Z3 = new SecP128R1FieldElement(H);
-        if (!Z1IsOne)
-        {
-            SecP128R1Field.multiply(Z3.x, Z1.x, Z3.x);
-        }
-        if (!Z2IsOne)
-        {
-            SecP128R1Field.multiply(Z3.x, Z2.x, Z3.x);
-        }
-
-        ECFieldElement[] zs = new ECFieldElement[]{ Z3 };
-
-        return new SecP128R1Point(curve, X3, Y3, zs, this.withCompression);
-    }
-
-    public ECPoint twice()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        SecP128R1FieldElement Y1 = (SecP128R1FieldElement)this.y;
-        if (Y1.isZero())
-        {
-            return curve.getInfinity();
-        }
-
-        SecP128R1FieldElement X1 = (SecP128R1FieldElement)this.x, Z1 = (SecP128R1FieldElement)this.zs[0];
-
-        int c;
-        int[] t1 = Nat128.create();
-        int[] t2 = Nat128.create();
-
-        int[] Y1Squared = Nat128.create();
-        SecP128R1Field.square(Y1.x, Y1Squared);
-
-        int[] T = Nat128.create();
-        SecP128R1Field.square(Y1Squared, T);
-
-        boolean Z1IsOne = Z1.isOne();
-
-        int[] Z1Squared = Z1.x;
-        if (!Z1IsOne)
-        {
-            Z1Squared = t2;
-            SecP128R1Field.square(Z1.x, Z1Squared);
-        }
-
-        SecP128R1Field.subtract(X1.x, Z1Squared, t1);
-
-        int[] M = t2;
-        SecP128R1Field.add(X1.x, Z1Squared, M);
-        SecP128R1Field.multiply(M, t1, M);
-        c = Nat128.addBothTo(M, M, M);
-        SecP128R1Field.reduce32(c, M);
-
-        int[] S = Y1Squared;
-        SecP128R1Field.multiply(Y1Squared, X1.x, S);
-        c = Nat.shiftUpBits(4, S, 2, 0);
-        SecP128R1Field.reduce32(c, S);
-
-        c = Nat.shiftUpBits(4, T, 3, 0, t1);
-        SecP128R1Field.reduce32(c, t1);
-
-        SecP128R1FieldElement X3 = new SecP128R1FieldElement(T);
-        SecP128R1Field.square(M, X3.x);
-        SecP128R1Field.subtract(X3.x, S, X3.x);
-        SecP128R1Field.subtract(X3.x, S, X3.x);
-
-        SecP128R1FieldElement Y3 = new SecP128R1FieldElement(S);
-        SecP128R1Field.subtract(S, X3.x, Y3.x);
-        SecP128R1Field.multiply(Y3.x, M, Y3.x);
-        SecP128R1Field.subtract(Y3.x, t1, Y3.x);
-
-        SecP128R1FieldElement Z3 = new SecP128R1FieldElement(M);
-        SecP128R1Field.twice(Y1.x, Z3.x);
-        if (!Z1IsOne)
-        {
-            SecP128R1Field.multiply(Z3.x, Z1.x, Z3.x);
-        }
-
-        return new SecP128R1Point(curve, X3, Y3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twicePlus(ECPoint b)
-    {
-        if (this == b)
-        {
-            return threeTimes();
-        }
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return twice();
-        }
-
-        ECFieldElement Y1 = this.y;
-        if (Y1.isZero())
-        {
-            return b;
-        }
-
-        return twice().add(b);
-    }
-
-    public ECPoint threeTimes()
-    {
-        if (this.isInfinity() || this.y.isZero())
-        {
-            return this;
-        }
-
-        // NOTE: Be careful about recursions between twicePlus and threeTimes
-        return twice().add(this);
-    }
-
-    public ECPoint negate()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        return new SecP128R1Point(curve, this.x, this.y.negate(), this.zs, this.withCompression);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160K1Curve.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160K1Curve.java
deleted file mode 100644
index 6bc7609..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160K1Curve.java
+++ /dev/null

@@ -1,124 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECLookupTable;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.raw.Nat160;
-import org.bouncycastle.util.encoders.Hex;
-
-public class SecP160K1Curve extends ECCurve.AbstractFp
-{
-    public static final BigInteger q = SecP160R2Curve.q;
-
-    private static final int SECP160K1_DEFAULT_COORDS = COORD_JACOBIAN;
-
-    protected SecP160K1Point infinity;
-
-    public SecP160K1Curve()
-    {
-        super(q);
-
-        this.infinity = new SecP160K1Point(this, null, null);
-
-        this.a = fromBigInteger(ECConstants.ZERO);
-        this.b = fromBigInteger(BigInteger.valueOf(7));
-        this.order = new BigInteger(1, Hex.decode("0100000000000000000001B8FA16DFAB9ACA16B6B3"));
-        this.cofactor = BigInteger.valueOf(1);
-        this.coord = SECP160K1_DEFAULT_COORDS;
-    }
-
-    protected ECCurve cloneCurve()
-    {
-        return new SecP160K1Curve();
-    }
-
-    public boolean supportsCoordinateSystem(int coord)
-    {
-        switch (coord)
-        {
-        case COORD_JACOBIAN:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    public BigInteger getQ()
-    {
-        return q;
-    }
-
-    public int getFieldSize()
-    {
-        return q.bitLength();
-    }
-
-    public ECFieldElement fromBigInteger(BigInteger x)
-    {
-        return new SecP160R2FieldElement(x);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        return new SecP160K1Point(this, x, y, withCompression);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        return new SecP160K1Point(this, x, y, zs, withCompression);
-    }
-
-    public ECPoint getInfinity()
-    {
-        return infinity;
-    }
-
-    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
-    {
-        final int FE_INTS = 5;
-
-        final int[] table = new int[len * FE_INTS * 2];
-        {
-            int pos = 0;
-            for (int i = 0; i < len; ++i)
-            {
-                ECPoint p = points[off + i];
-                Nat160.copy(((SecP160R2FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_INTS;
-                Nat160.copy(((SecP160R2FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_INTS;
-            }
-        }
-
-        return new ECLookupTable()
-        {
-            public int getSize()
-            {
-                return len;
-            }
-
-            public ECPoint lookup(int index)
-            {
-                int[] x = Nat160.create(), y = Nat160.create();
-                int pos = 0;
-
-                for (int i = 0; i < len; ++i)
-                {
-                    int MASK = ((i ^ index) - 1) >> 31;
-
-                    for (int j = 0; j < FE_INTS; ++j)
-                    {
-                        x[j] ^= table[pos + j] & MASK;
-                        y[j] ^= table[pos + FE_INTS + j] & MASK;
-                    }
-
-                    pos += (FE_INTS * 2);
-                }
-
-                return createRawPoint(new SecP160R2FieldElement(x), new SecP160R2FieldElement(y), false);
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160K1Point.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160K1Point.java
deleted file mode 100644
index 37a520a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160K1Point.java
+++ /dev/null

@@ -1,298 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.raw.Nat;
-import org.bouncycastle.math.raw.Nat160;
-
-public class SecP160K1Point extends ECPoint.AbstractFp
-{
-    /**
-     * Create a point which encodes with point compression.
-     *
-     * @param curve
-     *            the curve to use
-     * @param x
-     *            affine x co-ordinate
-     * @param y
-     *            affine y co-ordinate
-     *
-     * @deprecated Use ECCurve.createPoint to construct points
-     */
-    public SecP160K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
-    {
-        this(curve, x, y, false);
-    }
-
-    /**
-     * Create a point that encodes with or without point compresion.
-     *
-     * @param curve
-     *            the curve to use
-     * @param x
-     *            affine x co-ordinate
-     * @param y
-     *            affine y co-ordinate
-     * @param withCompression
-     *            if true encode with point compression
-     *
-     * @deprecated per-point compression property will be removed, refer
-     *             {@link #getEncoded(boolean)}
-     */
-    public SecP160K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        super(curve, x, y);
-
-        if ((x == null) != (y == null))
-        {
-            throw new IllegalArgumentException("Exactly one of the field elements is null");
-        }
-
-        this.withCompression = withCompression;
-    }
-
-    SecP160K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs,
-        boolean withCompression)
-    {
-        super(curve, x, y, zs);
-
-        this.withCompression = withCompression;
-    }
-
-    protected ECPoint detach()
-    {
-        return new SecP160K1Point(null, getAffineXCoord(), getAffineYCoord());
-    }
-
-    // B.3 pg 62
-    public ECPoint add(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return this;
-        }
-        if (this == b)
-        {
-            return twice();
-        }
-
-        ECCurve curve = this.getCurve();
-
-        SecP160R2FieldElement X1 = (SecP160R2FieldElement)this.x, Y1 = (SecP160R2FieldElement)this.y;
-        SecP160R2FieldElement X2 = (SecP160R2FieldElement)b.getXCoord(), Y2 = (SecP160R2FieldElement)b.getYCoord();
-
-        SecP160R2FieldElement Z1 = (SecP160R2FieldElement)this.zs[0];
-        SecP160R2FieldElement Z2 = (SecP160R2FieldElement)b.getZCoord(0);
-
-        int c;
-        int[] tt1 = Nat160.createExt();
-        int[] t2 = Nat160.create();
-        int[] t3 = Nat160.create();
-        int[] t4 = Nat160.create();
-
-        boolean Z1IsOne = Z1.isOne();
-        int[] U2, S2;
-        if (Z1IsOne)
-        {
-            U2 = X2.x;
-            S2 = Y2.x;
-        }
-        else
-        {
-            S2 = t3;
-            SecP160R2Field.square(Z1.x, S2);
-
-            U2 = t2;
-            SecP160R2Field.multiply(S2, X2.x, U2);
-
-            SecP160R2Field.multiply(S2, Z1.x, S2);
-            SecP160R2Field.multiply(S2, Y2.x, S2);
-        }
-
-        boolean Z2IsOne = Z2.isOne();
-        int[] U1, S1;
-        if (Z2IsOne)
-        {
-            U1 = X1.x;
-            S1 = Y1.x;
-        }
-        else
-        {
-            S1 = t4;
-            SecP160R2Field.square(Z2.x, S1);
-
-            U1 = tt1;
-            SecP160R2Field.multiply(S1, X1.x, U1);
-
-            SecP160R2Field.multiply(S1, Z2.x, S1);
-            SecP160R2Field.multiply(S1, Y1.x, S1);
-        }
-
-        int[] H = Nat160.create();
-        SecP160R2Field.subtract(U1, U2, H);
-
-        int[] R = t2;
-        SecP160R2Field.subtract(S1, S2, R);
-
-        // Check if b == this or b == -this
-        if (Nat160.isZero(H))
-        {
-            if (Nat160.isZero(R))
-            {
-                // this == b, i.e. this must be doubled
-                return this.twice();
-            }
-
-            // this == -b, i.e. the result is the point at infinity
-            return curve.getInfinity();
-        }
-
-        int[] HSquared = t3;
-        SecP160R2Field.square(H, HSquared);
-
-        int[] G = Nat160.create();
-        SecP160R2Field.multiply(HSquared, H, G);
-
-        int[] V = t3;
-        SecP160R2Field.multiply(HSquared, U1, V);
-
-        SecP160R2Field.negate(G, G);
-        Nat160.mul(S1, G, tt1);
-
-        c = Nat160.addBothTo(V, V, G);
-        SecP160R2Field.reduce32(c, G);
-
-        SecP160R2FieldElement X3 = new SecP160R2FieldElement(t4);
-        SecP160R2Field.square(R, X3.x);
-        SecP160R2Field.subtract(X3.x, G, X3.x);
-
-        SecP160R2FieldElement Y3 = new SecP160R2FieldElement(G);
-        SecP160R2Field.subtract(V, X3.x, Y3.x);
-        SecP160R2Field.multiplyAddToExt(Y3.x, R, tt1);
-        SecP160R2Field.reduce(tt1, Y3.x);
-
-        SecP160R2FieldElement Z3 = new SecP160R2FieldElement(H);
-        if (!Z1IsOne)
-        {
-            SecP160R2Field.multiply(Z3.x, Z1.x, Z3.x);
-        }
-        if (!Z2IsOne)
-        {
-            SecP160R2Field.multiply(Z3.x, Z2.x, Z3.x);
-        }
-
-        ECFieldElement[] zs = new ECFieldElement[] { Z3 };
-
-        return new SecP160K1Point(curve, X3, Y3, zs, this.withCompression);
-    }
-
-    // B.3 pg 62
-    public ECPoint twice()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        SecP160R2FieldElement Y1 = (SecP160R2FieldElement)this.y;
-        if (Y1.isZero())
-        {
-            return curve.getInfinity();
-        }
-
-        SecP160R2FieldElement X1 = (SecP160R2FieldElement)this.x, Z1 = (SecP160R2FieldElement)this.zs[0];
-
-        int c;
-
-        int[] Y1Squared = Nat160.create();
-        SecP160R2Field.square(Y1.x, Y1Squared);
-
-        int[] T = Nat160.create();
-        SecP160R2Field.square(Y1Squared, T);
-
-        int[] M = Nat160.create();
-        SecP160R2Field.square(X1.x, M);
-        c = Nat160.addBothTo(M, M, M);
-        SecP160R2Field.reduce32(c, M);
-
-        int[] S = Y1Squared;
-        SecP160R2Field.multiply(Y1Squared, X1.x, S);
-        c = Nat.shiftUpBits(5, S, 2, 0);
-        SecP160R2Field.reduce32(c, S);
-
-        int[] t1 = Nat160.create();
-        c = Nat.shiftUpBits(5, T, 3, 0, t1);
-        SecP160R2Field.reduce32(c, t1);
-
-        SecP160R2FieldElement X3 = new SecP160R2FieldElement(T);
-        SecP160R2Field.square(M, X3.x);
-        SecP160R2Field.subtract(X3.x, S, X3.x);
-        SecP160R2Field.subtract(X3.x, S, X3.x);
-
-        SecP160R2FieldElement Y3 = new SecP160R2FieldElement(S);
-        SecP160R2Field.subtract(S, X3.x, Y3.x);
-        SecP160R2Field.multiply(Y3.x, M, Y3.x);
-        SecP160R2Field.subtract(Y3.x, t1, Y3.x);
-
-        SecP160R2FieldElement Z3 = new SecP160R2FieldElement(M);
-        SecP160R2Field.twice(Y1.x, Z3.x);
-        if (!Z1.isOne())
-        {
-            SecP160R2Field.multiply(Z3.x, Z1.x, Z3.x);
-        }
-
-        return new SecP160K1Point(curve, X3, Y3, new ECFieldElement[] { Z3 }, this.withCompression);
-    }
-
-    public ECPoint twicePlus(ECPoint b)
-    {
-        if (this == b)
-        {
-            return threeTimes();
-        }
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return twice();
-        }
-
-        ECFieldElement Y1 = this.y;
-        if (Y1.isZero())
-        {
-            return b;
-        }
-
-        return twice().add(b);
-    }
-
-    public ECPoint threeTimes()
-    {
-        if (this.isInfinity() || this.y.isZero())
-        {
-            return this;
-        }
-
-        // NOTE: Be careful about recursions between twicePlus and threeTimes
-        return twice().add(this);
-    }
-
-    public ECPoint negate()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        return new SecP160K1Point(curve, this.x, this.y.negate(), this.zs, this.withCompression);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160R1Curve.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160R1Curve.java
deleted file mode 100644
index 74cad82..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160R1Curve.java
+++ /dev/null

@@ -1,127 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECLookupTable;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.raw.Nat160;
-import org.bouncycastle.util.encoders.Hex;
-
-public class SecP160R1Curve extends ECCurve.AbstractFp
-{
-    public static final BigInteger q = new BigInteger(1,
-        Hex.decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF"));
-
-    private static final int SecP160R1_DEFAULT_COORDS = COORD_JACOBIAN;
-
-    protected SecP160R1Point infinity;
-
-    public SecP160R1Curve()
-    {
-        super(q);
-
-        this.infinity = new SecP160R1Point(this, null, null);
-
-        this.a = fromBigInteger(new BigInteger(1,
-            Hex.decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC")));
-        this.b = fromBigInteger(new BigInteger(1,
-            Hex.decode("1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45")));
-        this.order = new BigInteger(1, Hex.decode("0100000000000000000001F4C8F927AED3CA752257"));
-        this.cofactor = BigInteger.valueOf(1);
-
-        this.coord = SecP160R1_DEFAULT_COORDS;
-    }
-
-    protected ECCurve cloneCurve()
-    {
-        return new SecP160R1Curve();
-    }
-
-    public boolean supportsCoordinateSystem(int coord)
-    {
-        switch (coord)
-        {
-        case COORD_JACOBIAN:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    public BigInteger getQ()
-    {
-        return q;
-    }
-
-    public int getFieldSize()
-    {
-        return q.bitLength();
-    }
-
-    public ECFieldElement fromBigInteger(BigInteger x)
-    {
-        return new SecP160R1FieldElement(x);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        return new SecP160R1Point(this, x, y, withCompression);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        return new SecP160R1Point(this, x, y, zs, withCompression);
-    }
-
-    public ECPoint getInfinity()
-    {
-        return infinity;
-    }
-
-    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
-    {
-        final int FE_INTS = 5;
-
-        final int[] table = new int[len * FE_INTS * 2];
-        {
-            int pos = 0;
-            for (int i = 0; i < len; ++i)
-            {
-                ECPoint p = points[off + i];
-                Nat160.copy(((SecP160R1FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_INTS;
-                Nat160.copy(((SecP160R1FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_INTS;
-            }
-        }
-
-        return new ECLookupTable()
-        {
-            public int getSize()
-            {
-                return len;
-            }
-
-            public ECPoint lookup(int index)
-            {
-                int[] x = Nat160.create(), y = Nat160.create();
-                int pos = 0;
-
-                for (int i = 0; i < len; ++i)
-                {
-                    int MASK = ((i ^ index) - 1) >> 31;
-
-                    for (int j = 0; j < FE_INTS; ++j)
-                    {
-                        x[j] ^= table[pos + j] & MASK;
-                        y[j] ^= table[pos + FE_INTS + j] & MASK;
-                    }
-
-                    pos += (FE_INTS * 2);
-                }
-
-                return createRawPoint(new SecP160R1FieldElement(x), new SecP160R1FieldElement(y), false);
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160R1Field.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160R1Field.java
deleted file mode 100644
index 91ba0e5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160R1Field.java
+++ /dev/null

@@ -1,187 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.raw.Nat;
-import org.bouncycastle.math.raw.Nat160;
-
-public class SecP160R1Field
-{
-    private static final long M = 0xFFFFFFFFL;
-
-    // 2^160 - 2^31 - 1
-    static final int[] P = new int[] { 0x7FFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF};
-    static final int[] PExt = new int[] { 0x00000001, 0x40000001, 0x00000000, 0x00000000, 0x00000000,
-        0xFFFFFFFE, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF };
-    private static final int[] PExtInv = new int[]{ 0xFFFFFFFF, 0xBFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF,
-        0xFFFFFFFF, 0x00000001, 0x00000001 };
-    private static final int P4 = 0xFFFFFFFF;
-    private static final int PExt9 = 0xFFFFFFFF;
-    private static final int PInv = 0x80000001;
-
-    public static void add(int[] x, int[] y, int[] z)
-    {
-        int c = Nat160.add(x, y, z);
-        if (c != 0 || (z[4] == P4 && Nat160.gte(z, P)))
-        {
-            Nat.addWordTo(5, PInv, z);
-        }
-    }
-
-    public static void addExt(int[] xx, int[] yy, int[] zz)
-    {
-        int c = Nat.add(10, xx, yy, zz);
-        if (c != 0 || (zz[9] == PExt9 && Nat.gte(10, zz, PExt)))
-        {
-            if (Nat.addTo(PExtInv.length, PExtInv, zz) != 0)
-            {
-                Nat.incAt(10, zz, PExtInv.length);
-            }
-        }
-    }
-
-    public static void addOne(int[] x, int[] z)
-    {
-        int c = Nat.inc(5, x, z);
-        if (c != 0 || (z[4] == P4 && Nat160.gte(z, P)))
-        {
-            Nat.addWordTo(5, PInv, z);
-        }
-    }
-
-    public static int[] fromBigInteger(BigInteger x)
-    {
-        int[] z = Nat160.fromBigInteger(x);
-        if (z[4] == P4 && Nat160.gte(z, P))
-        {
-            Nat160.subFrom(P, z);
-        }
-        return z;
-    }
-
-    public static void half(int[] x, int[] z)
-    {
-        if ((x[0] & 1) == 0)
-        {
-            Nat.shiftDownBit(5, x, 0, z);
-        }
-        else
-        {
-            int c = Nat160.add(x, P, z);
-            Nat.shiftDownBit(5, z, c);
-        }
-    }
-
-    public static void multiply(int[] x, int[] y, int[] z)
-    {
-        int[] tt = Nat160.createExt();
-        Nat160.mul(x, y, tt);
-        reduce(tt, z);
-    }
-
-    public static void multiplyAddToExt(int[] x, int[] y, int[] zz)
-    {
-        int c = Nat160.mulAddTo(x, y, zz);
-        if (c != 0 || (zz[9] == PExt9 && Nat.gte(10, zz, PExt)))
-        {
-            if (Nat.addTo(PExtInv.length, PExtInv, zz) != 0)
-            {
-                Nat.incAt(10, zz, PExtInv.length);
-            }
-        }
-    }
-
-    public static void negate(int[] x, int[] z)
-    {
-        if (Nat160.isZero(x))
-        {
-            Nat160.zero(z);
-        }
-        else
-        {
-            Nat160.sub(P, x, z);
-        }
-    }
-
-    public static void reduce(int[] xx, int[] z)
-    {
-        long x5 = xx[5] & M, x6 = xx[6] & M, x7 = xx[7] & M, x8 = xx[8] & M, x9 = xx[9] & M;
-
-        long c = 0;
-        c += (xx[0] & M) + x5 + (x5 << 31);
-        z[0] = (int)c; c >>>= 32;
-        c += (xx[1] & M) + x6 + (x6 << 31);
-        z[1] = (int)c; c >>>= 32;
-        c += (xx[2] & M) + x7 + (x7 << 31);
-        z[2] = (int)c; c >>>= 32;
-        c += (xx[3] & M) + x8 + (x8 << 31);
-        z[3] = (int)c; c >>>= 32;
-        c += (xx[4] & M) + x9 + (x9 << 31);
-        z[4] = (int)c; c >>>= 32;
-
-//        assert c >>> 32 == 0;
-
-        reduce32((int)c, z);
-    }
-
-    public static void reduce32(int x, int[] z)
-    {
-        if ((x != 0 && Nat160.mulWordsAdd(PInv, x, z, 0) != 0)
-            || (z[4] == P4 && Nat160.gte(z, P)))
-        {
-            Nat.addWordTo(5, PInv, z);
-        }
-    }
-
-    public static void square(int[] x, int[] z)
-    {
-        int[] tt = Nat160.createExt();
-        Nat160.square(x, tt);
-        reduce(tt, z);
-    }
-
-    public static void squareN(int[] x, int n, int[] z)
-    {
-//        assert n > 0;
-
-        int[] tt = Nat160.createExt();
-        Nat160.square(x, tt);
-        reduce(tt, z);
-
-        while (--n > 0)
-        {
-            Nat160.square(z, tt);
-            reduce(tt, z);
-        }
-    }
-
-    public static void subtract(int[] x, int[] y, int[] z)
-    {
-        int c = Nat160.sub(x, y, z);
-        if (c != 0)
-        {
-            Nat.subWordFrom(5, PInv, z);
-        }
-    }
-
-    public static void subtractExt(int[] xx, int[] yy, int[] zz)
-    {
-        int c = Nat.sub(10, xx, yy, zz);
-        if (c != 0)
-        {
-            if (Nat.subFrom(PExtInv.length, PExtInv, zz) != 0)
-            {
-                Nat.decAt(10, zz, PExtInv.length);
-            }
-        }
-    }
-
-    public static void twice(int[] x, int[] z)
-    {
-        int c = Nat.shiftUpBit(5, x, 0, z);
-        if (c != 0 || (z[4] == P4 && Nat160.gte(z, P)))
-        {
-            Nat.addWordTo(5, PInv, z);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160R1FieldElement.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160R1FieldElement.java
deleted file mode 100644
index 9999f48..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160R1FieldElement.java
+++ /dev/null

@@ -1,202 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.raw.Mod;
-import org.bouncycastle.math.raw.Nat160;
-import org.bouncycastle.util.Arrays;
-
-public class SecP160R1FieldElement extends ECFieldElement.AbstractFp
-{
-    public static final BigInteger Q = SecP160R1Curve.q;
-
-    protected int[] x;
-
-    public SecP160R1FieldElement(BigInteger x)
-    {
-        if (x == null || x.signum() < 0 || x.compareTo(Q) >= 0)
-        {
-            throw new IllegalArgumentException("x value invalid for SecP160R1FieldElement");
-        }
-
-        this.x = SecP160R1Field.fromBigInteger(x);
-    }
-
-    public SecP160R1FieldElement()
-    {
-        this.x = Nat160.create();
-    }
-
-    protected SecP160R1FieldElement(int[] x)
-    {
-        this.x = x;
-    }
-
-    public boolean isZero()
-    {
-        return Nat160.isZero(x);
-    }
-
-    public boolean isOne()
-    {
-        return Nat160.isOne(x);
-    }
-
-    public boolean testBitZero()
-    {
-        return Nat160.getBit(x, 0) == 1;
-    }
-
-    public BigInteger toBigInteger()
-    {
-        return Nat160.toBigInteger(x);
-    }
-
-    public String getFieldName()
-    {
-        return "SecP160R1Field";
-    }
-
-    public int getFieldSize()
-    {
-        return Q.bitLength();
-    }
-
-    public ECFieldElement add(ECFieldElement b)
-    {
-        int[] z = Nat160.create();
-        SecP160R1Field.add(x, ((SecP160R1FieldElement)b).x, z);
-        return new SecP160R1FieldElement(z);
-    }
-
-    public ECFieldElement addOne()
-    {
-        int[] z = Nat160.create();
-        SecP160R1Field.addOne(x, z);
-        return new SecP160R1FieldElement(z);
-    }
-
-    public ECFieldElement subtract(ECFieldElement b)
-    {
-        int[] z = Nat160.create();
-        SecP160R1Field.subtract(x, ((SecP160R1FieldElement)b).x, z);
-        return new SecP160R1FieldElement(z);
-    }
-
-    public ECFieldElement multiply(ECFieldElement b)
-    {
-        int[] z = Nat160.create();
-        SecP160R1Field.multiply(x, ((SecP160R1FieldElement)b).x, z);
-        return new SecP160R1FieldElement(z);
-    }
-
-    public ECFieldElement divide(ECFieldElement b)
-    {
-//        return multiply(b.invert());
-        int[] z = Nat160.create();
-        Mod.invert(SecP160R1Field.P, ((SecP160R1FieldElement)b).x, z);
-        SecP160R1Field.multiply(z, x, z);
-        return new SecP160R1FieldElement(z);
-    }
-
-    public ECFieldElement negate()
-    {
-        int[] z = Nat160.create();
-        SecP160R1Field.negate(x, z);
-        return new SecP160R1FieldElement(z);
-    }
-
-    public ECFieldElement square()
-    {
-        int[] z = Nat160.create();
-        SecP160R1Field.square(x, z);
-        return new SecP160R1FieldElement(z);
-    }
-
-    public ECFieldElement invert()
-    {
-//        return new SecP160R1FieldElement(toBigInteger().modInverse(Q));
-        int[] z = Nat160.create();
-        Mod.invert(SecP160R1Field.P, x, z);
-        return new SecP160R1FieldElement(z);
-    }
-
-    // D.1.4 91
-    /**
-     * return a sqrt root - the routine verifies that the calculation returns the right value - if
-     * none exists it returns null.
-     */
-    public ECFieldElement sqrt()
-    {
-        /*
-         * Raise this element to the exponent 2^158 - 2^29
-         *
-         * Breaking up the exponent's binary representation into "repunits", we get:
-         *     { 129 1s } { 29 0s }
-         *
-         * Therefore we need an addition chain containing 129 (the length of the repunit) We use:
-         *     1, 2, 4, 8, 16, 32, 64, 128, [129]
-         */
-
-        int[] x1 = this.x;
-        if (Nat160.isZero(x1) || Nat160.isOne(x1))
-        {
-            return this;
-        }
-
-        int[] x2 = Nat160.create();
-        SecP160R1Field.square(x1, x2);
-        SecP160R1Field.multiply(x2, x1, x2);
-        int[] x4 = Nat160.create();
-        SecP160R1Field.squareN(x2, 2, x4);
-        SecP160R1Field.multiply(x4, x2, x4);
-        int[] x8 = x2;
-        SecP160R1Field.squareN(x4, 4, x8);
-        SecP160R1Field.multiply(x8, x4, x8);
-        int[] x16 = x4;
-        SecP160R1Field.squareN(x8, 8, x16);
-        SecP160R1Field.multiply(x16, x8, x16);
-        int[] x32 = x8;
-        SecP160R1Field.squareN(x16, 16, x32);
-        SecP160R1Field.multiply(x32, x16, x32);
-        int[] x64 = x16;
-        SecP160R1Field.squareN(x32, 32, x64);
-        SecP160R1Field.multiply(x64, x32, x64);
-        int[] x128 = x32;
-        SecP160R1Field.squareN(x64, 64, x128);
-        SecP160R1Field.multiply(x128, x64, x128);
-        int[] x129 = x64;
-        SecP160R1Field.square(x128, x129);
-        SecP160R1Field.multiply(x129, x1, x129);
-
-        int[] t1 = x129;
-        SecP160R1Field.squareN(t1, 29, t1);
-
-        int[] t2 = x128;
-        SecP160R1Field.square(t1, t2);
-
-        return Nat160.eq(x1, t2) ? new SecP160R1FieldElement(t1) : null;
-    }
-
-    public boolean equals(Object other)
-    {
-        if (other == this)
-        {
-            return true;
-        }
-
-        if (!(other instanceof SecP160R1FieldElement))
-        {
-            return false;
-        }
-
-        SecP160R1FieldElement o = (SecP160R1FieldElement)other;
-        return Nat160.eq(x, o.x);
-    }
-
-    public int hashCode()
-    {
-        return Q.hashCode() ^ Arrays.hashCode(x, 0, 5);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160R1Point.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160R1Point.java
deleted file mode 100644
index 42aaa77..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160R1Point.java
+++ /dev/null

@@ -1,308 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.raw.Nat;
-import org.bouncycastle.math.raw.Nat160;
-
-public class SecP160R1Point extends ECPoint.AbstractFp
-{
-    /**
-     * Create a point which encodes with point compression.
-     *
-     * @param curve
-     *            the curve to use
-     * @param x
-     *            affine x co-ordinate
-     * @param y
-     *            affine y co-ordinate
-     *
-     * @deprecated Use ECCurve.createPoint to construct points
-     */
-    public SecP160R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
-    {
-        this(curve, x, y, false);
-    }
-
-    /**
-     * Create a point that encodes with or without point compresion.
-     *
-     * @param curve
-     *            the curve to use
-     * @param x
-     *            affine x co-ordinate
-     * @param y
-     *            affine y co-ordinate
-     * @param withCompression
-     *            if true encode with point compression
-     *
-     * @deprecated per-point compression property will be removed, refer
-     *             {@link #getEncoded(boolean)}
-     */
-    public SecP160R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        super(curve, x, y);
-
-        if ((x == null) != (y == null))
-        {
-            throw new IllegalArgumentException("Exactly one of the field elements is null");
-        }
-
-        this.withCompression = withCompression;
-    }
-
-    SecP160R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        super(curve, x, y, zs);
-
-        this.withCompression = withCompression;
-    }
-
-    protected ECPoint detach()
-    {
-        return new SecP160R1Point(null, getAffineXCoord(), getAffineYCoord());
-    }
-
-    public ECPoint add(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return this;
-        }
-        if (this == b)
-        {
-            return twice();
-        }
-
-        ECCurve curve = this.getCurve();
-
-        SecP160R1FieldElement X1 = (SecP160R1FieldElement)this.x, Y1 = (SecP160R1FieldElement)this.y;
-        SecP160R1FieldElement X2 = (SecP160R1FieldElement)b.getXCoord(), Y2 = (SecP160R1FieldElement)b.getYCoord();
-
-        SecP160R1FieldElement Z1 = (SecP160R1FieldElement)this.zs[0];
-        SecP160R1FieldElement Z2 = (SecP160R1FieldElement)b.getZCoord(0);
-
-        int c;
-        int[] tt1 = Nat160.createExt();
-        int[] t2 = Nat160.create();
-        int[] t3 = Nat160.create();
-        int[] t4 = Nat160.create();
-
-        boolean Z1IsOne = Z1.isOne();
-        int[] U2, S2;
-        if (Z1IsOne)
-        {
-            U2 = X2.x;
-            S2 = Y2.x;
-        }
-        else
-        {
-            S2 = t3;
-            SecP160R1Field.square(Z1.x, S2);
-
-            U2 = t2;
-            SecP160R1Field.multiply(S2, X2.x, U2);
-
-            SecP160R1Field.multiply(S2, Z1.x, S2);
-            SecP160R1Field.multiply(S2, Y2.x, S2);
-        }
-
-        boolean Z2IsOne = Z2.isOne();
-        int[] U1, S1;
-        if (Z2IsOne)
-        {
-            U1 = X1.x;
-            S1 = Y1.x;
-        }
-        else
-        {
-            S1 = t4;
-            SecP160R1Field.square(Z2.x, S1);
-
-            U1 = tt1;
-            SecP160R1Field.multiply(S1, X1.x, U1);
-
-            SecP160R1Field.multiply(S1, Z2.x, S1);
-            SecP160R1Field.multiply(S1, Y1.x, S1);
-        }
-
-        int[] H = Nat160.create();
-        SecP160R1Field.subtract(U1, U2, H);
-
-        int[] R = t2;
-        SecP160R1Field.subtract(S1, S2, R);
-
-        // Check if b == this or b == -this
-        if (Nat160.isZero(H))
-        {
-            if (Nat160.isZero(R))
-            {
-                // this == b, i.e. this must be doubled
-                return this.twice();
-            }
-
-            // this == -b, i.e. the result is the point at infinity
-            return curve.getInfinity();
-        }
-
-        int[] HSquared = t3;
-        SecP160R1Field.square(H, HSquared);
-
-        int[] G = Nat160.create();
-        SecP160R1Field.multiply(HSquared, H, G);
-
-        int[] V = t3;
-        SecP160R1Field.multiply(HSquared, U1, V);
-
-        SecP160R1Field.negate(G, G);
-        Nat160.mul(S1, G, tt1);
-
-        c = Nat160.addBothTo(V, V, G);
-        SecP160R1Field.reduce32(c, G);
-
-        SecP160R1FieldElement X3 = new SecP160R1FieldElement(t4);
-        SecP160R1Field.square(R, X3.x);
-        SecP160R1Field.subtract(X3.x, G, X3.x);
-
-        SecP160R1FieldElement Y3 = new SecP160R1FieldElement(G);
-        SecP160R1Field.subtract(V, X3.x, Y3.x);
-        SecP160R1Field.multiplyAddToExt(Y3.x, R, tt1);
-        SecP160R1Field.reduce(tt1, Y3.x);
-
-        SecP160R1FieldElement Z3 = new SecP160R1FieldElement(H);
-        if (!Z1IsOne)
-        {
-            SecP160R1Field.multiply(Z3.x, Z1.x, Z3.x);
-        }
-        if (!Z2IsOne)
-        {
-            SecP160R1Field.multiply(Z3.x, Z2.x, Z3.x);
-        }
-
-        ECFieldElement[] zs = new ECFieldElement[]{ Z3 };
-
-        return new SecP160R1Point(curve, X3, Y3, zs, this.withCompression);
-    }
-
-    public ECPoint twice()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        SecP160R1FieldElement Y1 = (SecP160R1FieldElement)this.y;
-        if (Y1.isZero())
-        {
-            return curve.getInfinity();
-        }
-
-        SecP160R1FieldElement X1 = (SecP160R1FieldElement)this.x, Z1 = (SecP160R1FieldElement)this.zs[0];
-
-        int c;
-        int[] t1 = Nat160.create();
-        int[] t2 = Nat160.create();
-
-        int[] Y1Squared = Nat160.create();
-        SecP160R1Field.square(Y1.x, Y1Squared);
-
-        int[] T = Nat160.create();
-        SecP160R1Field.square(Y1Squared, T);
-
-        boolean Z1IsOne = Z1.isOne();
-
-        int[] Z1Squared = Z1.x;
-        if (!Z1IsOne)
-        {
-            Z1Squared = t2;
-            SecP160R1Field.square(Z1.x, Z1Squared);
-        }
-
-        SecP160R1Field.subtract(X1.x, Z1Squared, t1);
-
-        int[] M = t2;
-        SecP160R1Field.add(X1.x, Z1Squared, M);
-        SecP160R1Field.multiply(M, t1, M);
-        c = Nat160.addBothTo(M, M, M);
-        SecP160R1Field.reduce32(c, M);
-
-        int[] S = Y1Squared;
-        SecP160R1Field.multiply(Y1Squared, X1.x, S);
-        c = Nat.shiftUpBits(5, S, 2, 0);
-        SecP160R1Field.reduce32(c, S);
-
-        c = Nat.shiftUpBits(5, T, 3, 0, t1);
-        SecP160R1Field.reduce32(c, t1);
-
-        SecP160R1FieldElement X3 = new SecP160R1FieldElement(T);
-        SecP160R1Field.square(M, X3.x);
-        SecP160R1Field.subtract(X3.x, S, X3.x);
-        SecP160R1Field.subtract(X3.x, S, X3.x);
-
-        SecP160R1FieldElement Y3 = new SecP160R1FieldElement(S);
-        SecP160R1Field.subtract(S, X3.x, Y3.x);
-        SecP160R1Field.multiply(Y3.x, M, Y3.x);
-        SecP160R1Field.subtract(Y3.x, t1, Y3.x);
-
-        SecP160R1FieldElement Z3 = new SecP160R1FieldElement(M);
-        SecP160R1Field.twice(Y1.x, Z3.x);
-        if (!Z1IsOne)
-        {
-            SecP160R1Field.multiply(Z3.x, Z1.x, Z3.x);
-        }
-
-        return new SecP160R1Point(curve, X3, Y3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twicePlus(ECPoint b)
-    {
-        if (this == b)
-        {
-            return threeTimes();
-        }
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return twice();
-        }
-
-        ECFieldElement Y1 = this.y;
-        if (Y1.isZero())
-        {
-            return b;
-        }
-
-        return twice().add(b);
-    }
-
-    public ECPoint threeTimes()
-    {
-        if (this.isInfinity() || this.y.isZero())
-        {
-            return this;
-        }
-
-        // NOTE: Be careful about recursions between twicePlus and threeTimes
-        return twice().add(this);
-    }
-
-    public ECPoint negate()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        return new SecP160R1Point(curve, this.x, this.y.negate(), this.zs, this.withCompression);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160R2Curve.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160R2Curve.java
deleted file mode 100644
index 01bb2cd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160R2Curve.java
+++ /dev/null

@@ -1,127 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECLookupTable;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.raw.Nat160;
-import org.bouncycastle.util.encoders.Hex;
-
-public class SecP160R2Curve extends ECCurve.AbstractFp
-{
-    public static final BigInteger q = new BigInteger(1,
-        Hex.decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73"));
-
-    private static final int SecP160R2_DEFAULT_COORDS = COORD_JACOBIAN;
-
-    protected SecP160R2Point infinity;
-
-    public SecP160R2Curve()
-    {
-        super(q);
-
-        this.infinity = new SecP160R2Point(this, null, null);
-
-        this.a = fromBigInteger(new BigInteger(1,
-            Hex.decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC70")));
-        this.b = fromBigInteger(new BigInteger(1,
-            Hex.decode("B4E134D3FB59EB8BAB57274904664D5AF50388BA")));
-        this.order = new BigInteger(1, Hex.decode("0100000000000000000000351EE786A818F3A1A16B"));
-        this.cofactor = BigInteger.valueOf(1);
-
-        this.coord = SecP160R2_DEFAULT_COORDS;
-    }
-
-    protected ECCurve cloneCurve()
-    {
-        return new SecP160R2Curve();
-    }
-
-    public boolean supportsCoordinateSystem(int coord)
-    {
-        switch (coord)
-        {
-        case COORD_JACOBIAN:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    public BigInteger getQ()
-    {
-        return q;
-    }
-
-    public int getFieldSize()
-    {
-        return q.bitLength();
-    }
-
-    public ECFieldElement fromBigInteger(BigInteger x)
-    {
-        return new SecP160R2FieldElement(x);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        return new SecP160R2Point(this, x, y, withCompression);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        return new SecP160R2Point(this, x, y, zs, withCompression);
-    }
-
-    public ECPoint getInfinity()
-    {
-        return infinity;
-    }
-
-    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
-    {
-        final int FE_INTS = 5;
-
-        final int[] table = new int[len * FE_INTS * 2];
-        {
-            int pos = 0;
-            for (int i = 0; i < len; ++i)
-            {
-                ECPoint p = points[off + i];
-                Nat160.copy(((SecP160R2FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_INTS;
-                Nat160.copy(((SecP160R2FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_INTS;
-            }
-        }
-
-        return new ECLookupTable()
-        {
-            public int getSize()
-            {
-                return len;
-            }
-
-            public ECPoint lookup(int index)
-            {
-                int[] x = Nat160.create(), y = Nat160.create();
-                int pos = 0;
-
-                for (int i = 0; i < len; ++i)
-                {
-                    int MASK = ((i ^ index) - 1) >> 31;
-
-                    for (int j = 0; j < FE_INTS; ++j)
-                    {
-                        x[j] ^= table[pos + j] & MASK;
-                        y[j] ^= table[pos + FE_INTS + j] & MASK;
-                    }
-
-                    pos += (FE_INTS * 2);
-                }
-
-                return createRawPoint(new SecP160R2FieldElement(x), new SecP160R2FieldElement(y), false);
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160R2Field.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160R2Field.java
deleted file mode 100644
index 70c5e0c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160R2Field.java
+++ /dev/null

@@ -1,177 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.raw.Nat;
-import org.bouncycastle.math.raw.Nat160;
-
-public class SecP160R2Field
-{
-    // 2^160 - 2^32 - 2^14 - 2^12 - 2^9 - 2^8 - 2^7 - 2^3 - 2^2 - 1
-    static final int[] P = new int[]{ 0xFFFFAC73, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF };
-    static final int[] PExt = new int[]{ 0x1B44BBA9, 0x0000A71A, 0x00000001, 0x00000000, 0x00000000,
-        0xFFFF58E6, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF };
-    private static final int[] PExtInv = new int[]{ 0xE4BB4457, 0xFFFF58E5, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF,
-        0x0000A719, 0x00000002 };
-    private static final int P4 = 0xFFFFFFFF;
-    private static final int PExt9 = 0xFFFFFFFF;
-    private static final int PInv33 = 0x538D;
-
-    public static void add(int[] x, int[] y, int[] z)
-    {
-        int c = Nat160.add(x, y, z);
-        if (c != 0 || (z[4] == P4 && Nat160.gte(z, P)))
-        {
-            Nat.add33To(5, PInv33, z);
-        }
-    }
-
-    public static void addExt(int[] xx, int[] yy, int[] zz)
-    {
-        int c = Nat.add(10, xx, yy, zz);
-        if (c != 0 || (zz[9] == PExt9 && Nat.gte(10, zz, PExt)))
-        {
-            if (Nat.addTo(PExtInv.length, PExtInv, zz) != 0)
-            {
-                Nat.incAt(10, zz, PExtInv.length);
-            }
-        }
-    }
-
-    public static void addOne(int[] x, int[] z)
-    {
-        int c = Nat.inc(5, x, z);
-        if (c != 0 || (z[4] == P4 && Nat160.gte(z, P)))
-        {
-            Nat.add33To(5, PInv33, z);
-        }
-    }
-
-    public static int[] fromBigInteger(BigInteger x)
-    {
-        int[] z = Nat160.fromBigInteger(x);
-        if (z[4] == P4 && Nat160.gte(z, P))
-        {
-            Nat160.subFrom(P, z);
-        }
-        return z;
-    }
-
-    public static void half(int[] x, int[] z)
-    {
-        if ((x[0] & 1) == 0)
-        {
-            Nat.shiftDownBit(5, x, 0, z);
-        }
-        else
-        {
-            int c = Nat160.add(x, P, z);
-            Nat.shiftDownBit(5, z, c);
-        }
-    }
-
-    public static void multiply(int[] x, int[] y, int[] z)
-    {
-        int[] tt = Nat160.createExt();
-        Nat160.mul(x, y, tt);
-        reduce(tt, z);
-    }
-
-    public static void multiplyAddToExt(int[] x, int[] y, int[] zz)
-    {
-        int c = Nat160.mulAddTo(x, y, zz);
-        if (c != 0 || (zz[9] == PExt9 && Nat.gte(10, zz, PExt)))
-        {
-            if (Nat.addTo(PExtInv.length, PExtInv, zz) != 0)
-            {
-                Nat.incAt(10, zz, PExtInv.length);
-            }
-        }
-    }
-
-    public static void negate(int[] x, int[] z)
-    {
-        if (Nat160.isZero(x))
-        {
-            Nat160.zero(z);
-        }
-        else
-        {
-            Nat160.sub(P, x, z);
-        }
-    }
-
-    public static void reduce(int[] xx, int[] z)
-    {
-        long cc = Nat160.mul33Add(PInv33, xx, 5, xx, 0, z, 0);
-        int c = Nat160.mul33DWordAdd(PInv33, cc, z, 0);
-
-        // assert c == 0 || c == 1;
-
-        if (c != 0 || (z[4] == P4 && Nat160.gte(z, P)))
-        {
-            Nat.add33To(5, PInv33, z);
-        }
-    }
-
-    public static void reduce32(int x, int[] z)
-    {
-        if ((x != 0 && Nat160.mul33WordAdd(PInv33, x, z, 0) != 0)
-            || (z[4] == P4 && Nat160.gte(z, P)))
-        {
-            Nat.add33To(5, PInv33, z);
-        }
-    }
-
-    public static void square(int[] x, int[] z)
-    {
-        int[] tt = Nat160.createExt();
-        Nat160.square(x, tt);
-        reduce(tt, z);
-    }
-
-    public static void squareN(int[] x, int n, int[] z)
-    {
-//        assert n > 0;
-
-        int[] tt = Nat160.createExt();
-        Nat160.square(x, tt);
-        reduce(tt, z);
-
-        while (--n > 0)
-        {
-            Nat160.square(z, tt);
-            reduce(tt, z);
-        }
-    }
-
-    public static void subtract(int[] x, int[] y, int[] z)
-    {
-        int c = Nat160.sub(x, y, z);
-        if (c != 0)
-        {
-            Nat.sub33From(5, PInv33, z);
-        }
-    }
-
-    public static void subtractExt(int[] xx, int[] yy, int[] zz)
-    {
-        int c = Nat.sub(10, xx, yy, zz);
-        if (c != 0)
-        {
-            if (Nat.subFrom(PExtInv.length, PExtInv, zz) != 0)
-            {
-                Nat.decAt(10, zz, PExtInv.length);
-            }
-        }
-    }
-
-    public static void twice(int[] x, int[] z)
-    {
-        int c = Nat.shiftUpBit(5, x, 0, z);
-        if (c != 0 || (z[4] == P4 && Nat160.gte(z, P)))
-        {
-            Nat.add33To(5, PInv33, z);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160R2FieldElement.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160R2FieldElement.java
deleted file mode 100644
index 943d260..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160R2FieldElement.java
+++ /dev/null

@@ -1,217 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.raw.Mod;
-import org.bouncycastle.math.raw.Nat160;
-import org.bouncycastle.util.Arrays;
-
-public class SecP160R2FieldElement extends ECFieldElement.AbstractFp
-{
-    public static final BigInteger Q = SecP160R2Curve.q;
-
-    protected int[] x;
-
-    public SecP160R2FieldElement(BigInteger x)
-    {
-        if (x == null || x.signum() < 0 || x.compareTo(Q) >= 0)
-        {
-            throw new IllegalArgumentException("x value invalid for SecP160R2FieldElement");
-        }
-
-        this.x = SecP160R2Field.fromBigInteger(x);
-    }
-
-    public SecP160R2FieldElement()
-    {
-        this.x = Nat160.create();
-    }
-
-    protected SecP160R2FieldElement(int[] x)
-    {
-        this.x = x;
-    }
-
-    public boolean isZero()
-    {
-        return Nat160.isZero(x);
-    }
-
-    public boolean isOne()
-    {
-        return Nat160.isOne(x);
-    }
-
-    public boolean testBitZero()
-    {
-        return Nat160.getBit(x, 0) == 1;
-    }
-
-    public BigInteger toBigInteger()
-    {
-        return Nat160.toBigInteger(x);
-    }
-
-    public String getFieldName()
-    {
-        return "SecP160R2Field";
-    }
-
-    public int getFieldSize()
-    {
-        return Q.bitLength();
-    }
-
-    public ECFieldElement add(ECFieldElement b)
-    {
-        int[] z = Nat160.create();
-        SecP160R2Field.add(x, ((SecP160R2FieldElement)b).x, z);
-        return new SecP160R2FieldElement(z);
-    }
-
-    public ECFieldElement addOne()
-    {
-        int[] z = Nat160.create();
-        SecP160R2Field.addOne(x, z);
-        return new SecP160R2FieldElement(z);
-    }
-
-    public ECFieldElement subtract(ECFieldElement b)
-    {
-        int[] z = Nat160.create();
-        SecP160R2Field.subtract(x, ((SecP160R2FieldElement)b).x, z);
-        return new SecP160R2FieldElement(z);
-    }
-
-    public ECFieldElement multiply(ECFieldElement b)
-    {
-        int[] z = Nat160.create();
-        SecP160R2Field.multiply(x, ((SecP160R2FieldElement)b).x, z);
-        return new SecP160R2FieldElement(z);
-    }
-
-    public ECFieldElement divide(ECFieldElement b)
-    {
-//        return multiply(b.invert());
-        int[] z = Nat160.create();
-        Mod.invert(SecP160R2Field.P, ((SecP160R2FieldElement)b).x, z);
-        SecP160R2Field.multiply(z, x, z);
-        return new SecP160R2FieldElement(z);
-    }
-
-    public ECFieldElement negate()
-    {
-        int[] z = Nat160.create();
-        SecP160R2Field.negate(x, z);
-        return new SecP160R2FieldElement(z);
-    }
-
-    public ECFieldElement square()
-    {
-        int[] z = Nat160.create();
-        SecP160R2Field.square(x, z);
-        return new SecP160R2FieldElement(z);
-    }
-
-    public ECFieldElement invert()
-    {
-//        return new SecP160R2FieldElement(toBigInteger().modInverse(Q));
-        int[] z = Nat160.create();
-        Mod.invert(SecP160R2Field.P, x, z);
-        return new SecP160R2FieldElement(z);
-    }
-
-    // D.1.4 91
-    /**
-     * return a sqrt root - the routine verifies that the calculation returns the right value - if
-     * none exists it returns null.
-     */
-    public ECFieldElement sqrt()
-    {
-        /*
-         * Raise this element to the exponent 2^158 - 2^30 - 2^12 - 2^10 - 2^7 - 2^6 - 2^5 - 2^1 - 2^0
-         *
-         * Breaking up the exponent's binary representation into "repunits", we get: { 127 1s } { 1
-         * 0s } { 17 1s } { 1 0s } { 1 1s } { 1 0s } { 2 1s } { 3 0s } { 3 1s } { 1 0s } { 1 1s }
-         *
-         * Therefore we need an addition chain containing 1, 2, 3, 17, 127 (the lengths of the repunits)
-         * We use: [1], [2], [3], 4, 7, 14, [17], 31, 62, 124, [127]
-         */
-
-        int[] x1 = this.x;
-        if (Nat160.isZero(x1) || Nat160.isOne(x1))
-        {
-            return this;
-        }
-
-        int[] x2 = Nat160.create();
-        SecP160R2Field.square(x1, x2);
-        SecP160R2Field.multiply(x2, x1, x2);
-        int[] x3 = Nat160.create();
-        SecP160R2Field.square(x2, x3);
-        SecP160R2Field.multiply(x3, x1, x3);
-        int[] x4 = Nat160.create();
-        SecP160R2Field.square(x3, x4);
-        SecP160R2Field.multiply(x4, x1, x4);
-        int[] x7 = Nat160.create();
-        SecP160R2Field.squareN(x4, 3, x7);
-        SecP160R2Field.multiply(x7, x3, x7);
-        int[] x14 = x4;
-        SecP160R2Field.squareN(x7, 7, x14);
-        SecP160R2Field.multiply(x14, x7, x14);
-        int[] x17 = x7;
-        SecP160R2Field.squareN(x14, 3, x17);
-        SecP160R2Field.multiply(x17, x3, x17);
-        int[] x31 = Nat160.create();
-        SecP160R2Field.squareN(x17, 14, x31);
-        SecP160R2Field.multiply(x31, x14, x31);
-        int[] x62 = x14;
-        SecP160R2Field.squareN(x31, 31, x62);
-        SecP160R2Field.multiply(x62, x31, x62);
-        int[] x124 = x31;
-        SecP160R2Field.squareN(x62, 62, x124);
-        SecP160R2Field.multiply(x124, x62, x124);
-        int[] x127 = x62;
-        SecP160R2Field.squareN(x124, 3, x127);
-        SecP160R2Field.multiply(x127, x3, x127);
-
-        int[] t1 = x127;
-        SecP160R2Field.squareN(t1, 18, t1);
-        SecP160R2Field.multiply(t1, x17, t1);
-        SecP160R2Field.squareN(t1, 2, t1);
-        SecP160R2Field.multiply(t1, x1, t1);
-        SecP160R2Field.squareN(t1, 3, t1);
-        SecP160R2Field.multiply(t1, x2, t1);
-        SecP160R2Field.squareN(t1, 6, t1);
-        SecP160R2Field.multiply(t1, x3, t1);
-        SecP160R2Field.squareN(t1, 2, t1);
-        SecP160R2Field.multiply(t1, x1, t1);
-
-        int[] t2 = x2;
-        SecP160R2Field.square(t1, t2);
-
-        return Nat160.eq(x1, t2) ? new SecP160R2FieldElement(t1) : null;
-    }
-
-    public boolean equals(Object other)
-    {
-        if (other == this)
-        {
-            return true;
-        }
-
-        if (!(other instanceof SecP160R2FieldElement))
-        {
-            return false;
-        }
-
-        SecP160R2FieldElement o = (SecP160R2FieldElement)other;
-        return Nat160.eq(x, o.x);
-    }
-
-    public int hashCode()
-    {
-        return Q.hashCode() ^ Arrays.hashCode(x, 0, 5);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160R2Point.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160R2Point.java
deleted file mode 100644
index 49350b8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecP160R2Point.java
+++ /dev/null

@@ -1,308 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.raw.Nat;
-import org.bouncycastle.math.raw.Nat160;
-
-public class SecP160R2Point extends ECPoint.AbstractFp
-{
-    /**
-     * Create a point which encodes with point compression.
-     *
-     * @param curve
-     *            the curve to use
-     * @param x
-     *            affine x co-ordinate
-     * @param y
-     *            affine y co-ordinate
-     *
-     * @deprecated Use ECCurve.createPoint to construct points
-     */
-    public SecP160R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
-    {
-        this(curve, x, y, false);
-    }
-
-    /**
-     * Create a point that encodes with or without point compresion.
-     *
-     * @param curve
-     *            the curve to use
-     * @param x
-     *            affine x co-ordinate
-     * @param y
-     *            affine y co-ordinate
-     * @param withCompression
-     *            if true encode with point compression
-     *
-     * @deprecated per-point compression property will be removed, refer
-     *             {@link #getEncoded(boolean)}
-     */
-    public SecP160R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        super(curve, x, y);
-
-        if ((x == null) != (y == null))
-        {
-            throw new IllegalArgumentException("Exactly one of the field elements is null");
-        }
-
-        this.withCompression = withCompression;
-    }
-
-    SecP160R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        super(curve, x, y, zs);
-
-        this.withCompression = withCompression;
-    }
-
-    protected ECPoint detach()
-    {
-        return new SecP160R2Point(null, getAffineXCoord(), getAffineYCoord());
-    }
-
-    public ECPoint add(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return this;
-        }
-        if (this == b)
-        {
-            return twice();
-        }
-
-        ECCurve curve = this.getCurve();
-
-        SecP160R2FieldElement X1 = (SecP160R2FieldElement)this.x, Y1 = (SecP160R2FieldElement)this.y;
-        SecP160R2FieldElement X2 = (SecP160R2FieldElement)b.getXCoord(), Y2 = (SecP160R2FieldElement)b.getYCoord();
-
-        SecP160R2FieldElement Z1 = (SecP160R2FieldElement)this.zs[0];
-        SecP160R2FieldElement Z2 = (SecP160R2FieldElement)b.getZCoord(0);
-
-        int c;
-        int[] tt1 = Nat160.createExt();
-        int[] t2 = Nat160.create();
-        int[] t3 = Nat160.create();
-        int[] t4 = Nat160.create();
-
-        boolean Z1IsOne = Z1.isOne();
-        int[] U2, S2;
-        if (Z1IsOne)
-        {
-            U2 = X2.x;
-            S2 = Y2.x;
-        }
-        else
-        {
-            S2 = t3;
-            SecP160R2Field.square(Z1.x, S2);
-
-            U2 = t2;
-            SecP160R2Field.multiply(S2, X2.x, U2);
-
-            SecP160R2Field.multiply(S2, Z1.x, S2);
-            SecP160R2Field.multiply(S2, Y2.x, S2);
-        }
-
-        boolean Z2IsOne = Z2.isOne();
-        int[] U1, S1;
-        if (Z2IsOne)
-        {
-            U1 = X1.x;
-            S1 = Y1.x;
-        }
-        else
-        {
-            S1 = t4;
-            SecP160R2Field.square(Z2.x, S1);
-
-            U1 = tt1;
-            SecP160R2Field.multiply(S1, X1.x, U1);
-
-            SecP160R2Field.multiply(S1, Z2.x, S1);
-            SecP160R2Field.multiply(S1, Y1.x, S1);
-        }
-
-        int[] H = Nat160.create();
-        SecP160R2Field.subtract(U1, U2, H);
-
-        int[] R = t2;
-        SecP160R2Field.subtract(S1, S2, R);
-
-        // Check if b == this or b == -this
-        if (Nat160.isZero(H))
-        {
-            if (Nat160.isZero(R))
-            {
-                // this == b, i.e. this must be doubled
-                return this.twice();
-            }
-
-            // this == -b, i.e. the result is the point at infinity
-            return curve.getInfinity();
-        }
-
-        int[] HSquared = t3;
-        SecP160R2Field.square(H, HSquared);
-
-        int[] G = Nat160.create();
-        SecP160R2Field.multiply(HSquared, H, G);
-
-        int[] V = t3;
-        SecP160R2Field.multiply(HSquared, U1, V);
-
-        SecP160R2Field.negate(G, G);
-        Nat160.mul(S1, G, tt1);
-
-        c = Nat160.addBothTo(V, V, G);
-        SecP160R2Field.reduce32(c, G);
-
-        SecP160R2FieldElement X3 = new SecP160R2FieldElement(t4);
-        SecP160R2Field.square(R, X3.x);
-        SecP160R2Field.subtract(X3.x, G, X3.x);
-
-        SecP160R2FieldElement Y3 = new SecP160R2FieldElement(G);
-        SecP160R2Field.subtract(V, X3.x, Y3.x);
-        SecP160R2Field.multiplyAddToExt(Y3.x, R, tt1);
-        SecP160R2Field.reduce(tt1, Y3.x);
-
-        SecP160R2FieldElement Z3 = new SecP160R2FieldElement(H);
-        if (!Z1IsOne)
-        {
-            SecP160R2Field.multiply(Z3.x, Z1.x, Z3.x);
-        }
-        if (!Z2IsOne)
-        {
-            SecP160R2Field.multiply(Z3.x, Z2.x, Z3.x);
-        }
-
-        ECFieldElement[] zs = new ECFieldElement[]{ Z3 };
-
-        return new SecP160R2Point(curve, X3, Y3, zs, this.withCompression);
-    }
-
-    public ECPoint twice()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        SecP160R2FieldElement Y1 = (SecP160R2FieldElement)this.y;
-        if (Y1.isZero())
-        {
-            return curve.getInfinity();
-        }
-
-        SecP160R2FieldElement X1 = (SecP160R2FieldElement)this.x, Z1 = (SecP160R2FieldElement)this.zs[0];
-
-        int c;
-        int[] t1 = Nat160.create();
-        int[] t2 = Nat160.create();
-
-        int[] Y1Squared = Nat160.create();
-        SecP160R2Field.square(Y1.x, Y1Squared);
-
-        int[] T = Nat160.create();
-        SecP160R2Field.square(Y1Squared, T);
-
-        boolean Z1IsOne = Z1.isOne();
-
-        int[] Z1Squared = Z1.x;
-        if (!Z1IsOne)
-        {
-            Z1Squared = t2;
-            SecP160R2Field.square(Z1.x, Z1Squared);
-        }
-
-        SecP160R2Field.subtract(X1.x, Z1Squared, t1);
-
-        int[] M = t2;
-        SecP160R2Field.add(X1.x, Z1Squared, M);
-        SecP160R2Field.multiply(M, t1, M);
-        c = Nat160.addBothTo(M, M, M);
-        SecP160R2Field.reduce32(c, M);
-
-        int[] S = Y1Squared;
-        SecP160R2Field.multiply(Y1Squared, X1.x, S);
-        c = Nat.shiftUpBits(5, S, 2, 0);
-        SecP160R2Field.reduce32(c, S);
-
-        c = Nat.shiftUpBits(5, T, 3, 0, t1);
-        SecP160R2Field.reduce32(c, t1);
-
-        SecP160R2FieldElement X3 = new SecP160R2FieldElement(T);
-        SecP160R2Field.square(M, X3.x);
-        SecP160R2Field.subtract(X3.x, S, X3.x);
-        SecP160R2Field.subtract(X3.x, S, X3.x);
-
-        SecP160R2FieldElement Y3 = new SecP160R2FieldElement(S);
-        SecP160R2Field.subtract(S, X3.x, Y3.x);
-        SecP160R2Field.multiply(Y3.x, M, Y3.x);
-        SecP160R2Field.subtract(Y3.x, t1, Y3.x);
-
-        SecP160R2FieldElement Z3 = new SecP160R2FieldElement(M);
-        SecP160R2Field.twice(Y1.x, Z3.x);
-        if (!Z1IsOne)
-        {
-            SecP160R2Field.multiply(Z3.x, Z1.x, Z3.x);
-        }
-
-        return new SecP160R2Point(curve, X3, Y3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twicePlus(ECPoint b)
-    {
-        if (this == b)
-        {
-            return threeTimes();
-        }
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return twice();
-        }
-
-        ECFieldElement Y1 = this.y;
-        if (Y1.isZero())
-        {
-            return b;
-        }
-
-        return twice().add(b);
-    }
-
-    public ECPoint threeTimes()
-    {
-        if (this.isInfinity() || this.y.isZero())
-        {
-            return this;
-        }
-
-        // NOTE: Be careful about recursions between twicePlus and threeTimes
-        return twice().add(this);
-    }
-
-    public ECPoint negate()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        return new SecP160R2Point(curve, this.x, this.y.negate(), this.zs, this.withCompression);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT113Field.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT113Field.java
deleted file mode 100644
index 17483b0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT113Field.java
+++ /dev/null

@@ -1,226 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.raw.Interleave;
-import org.bouncycastle.math.raw.Nat128;
-
-public class SecT113Field
-{
-    private static final long M49 = -1L >>> 15;
-    private static final long M57 = -1L >>> 7;
-
-    public static void add(long[] x, long[] y, long[] z)
-    {
-        z[0] = x[0] ^ y[0];
-        z[1] = x[1] ^ y[1];
-    }
-
-    public static void addExt(long[] xx, long[] yy, long[] zz)
-    {
-        zz[0] = xx[0] ^ yy[0];
-        zz[1] = xx[1] ^ yy[1];
-        zz[2] = xx[2] ^ yy[2];
-        zz[3] = xx[3] ^ yy[3];
-    }
-
-    public static void addOne(long[] x, long[] z)
-    {
-        z[0] = x[0] ^ 1L;
-        z[1] = x[1];
-    }
-
-    public static long[] fromBigInteger(BigInteger x)
-    {
-        long[] z = Nat128.fromBigInteger64(x);
-        reduce15(z, 0);
-        return z;
-    }
-
-    public static void invert(long[] x, long[] z)
-    {
-        if (Nat128.isZero64(x))
-        {
-            throw new IllegalStateException();
-        }
-
-        // Itoh-Tsujii inversion
-
-        long[] t0 = Nat128.create64();
-        long[] t1 = Nat128.create64();
-
-        square(x, t0);
-        multiply(t0, x, t0);
-        square(t0, t0);
-        multiply(t0, x, t0);
-        squareN(t0, 3, t1);
-        multiply(t1, t0, t1);
-        square(t1, t1);
-        multiply(t1, x, t1);
-        squareN(t1, 7, t0);
-        multiply(t0, t1, t0);
-        squareN(t0, 14, t1);
-        multiply(t1, t0, t1);
-        squareN(t1, 28, t0);
-        multiply(t0, t1, t0);
-        squareN(t0, 56, t1);
-        multiply(t1, t0, t1);
-        square(t1, z);
-    }
-
-    public static void multiply(long[] x, long[] y, long[] z)
-    {
-        long[] tt = Nat128.createExt64();
-        implMultiply(x, y, tt);
-        reduce(tt, z);
-    }
-
-    public static void multiplyAddToExt(long[] x, long[] y, long[] zz)
-    {
-        long[] tt = Nat128.createExt64();
-        implMultiply(x, y, tt);
-        addExt(zz, tt, zz);
-    }
-
-    public static void reduce(long[] xx, long[] z)
-    {
-        long x0 = xx[0], x1 = xx[1], x2 = xx[2], x3 = xx[3];
-
-        x1 ^= (x3 <<  15) ^ (x3 <<  24);
-        x2 ^= (x3 >>> 49) ^ (x3 >>> 40);
-
-        x0 ^= (x2 <<  15) ^ (x2 <<  24);
-        x1 ^= (x2 >>> 49) ^ (x2 >>> 40);
-
-        long t = x1 >>> 49;
-        z[0]   = x0 ^ t ^ (t << 9);
-        z[1]   = x1 & M49;
-    }
-
-    public static void reduce15(long[] z, int zOff)
-    {
-        long z1      = z[zOff + 1], t = z1 >>> 49;
-        z[zOff    ] ^= t ^ (t << 9);
-        z[zOff + 1]  = z1 & M49;
-    }
-
-    public static void sqrt(long[] x, long[] z)
-    {
-        long u0 = Interleave.unshuffle(x[0]), u1 = Interleave.unshuffle(x[1]);
-        long e0 = (u0 & 0x00000000FFFFFFFFL) | (u1 << 32);
-        long c0  = (u0 >>> 32) | (u1 & 0xFFFFFFFF00000000L);
-
-        z[0] = e0 ^ (c0 << 57) ^ (c0 << 5);
-        z[1] =      (c0 >>> 7) ^ (c0 >>> 59); 
-    }
-
-    public static void square(long[] x, long[] z)
-    {
-        long[] tt = Nat128.createExt64();
-        implSquare(x, tt);
-        reduce(tt, z);
-    }
-
-    public static void squareAddToExt(long[] x, long[] zz)
-    {
-        long[] tt = Nat128.createExt64();
-        implSquare(x, tt);
-        addExt(zz, tt, zz);
-    }
-
-    public static void squareN(long[] x, int n, long[] z)
-    {
-//        assert n > 0;
-
-        long[] tt = Nat128.createExt64();
-        implSquare(x, tt);
-        reduce(tt, z);
-
-        while (--n > 0)
-        {
-            implSquare(z, tt);
-            reduce(tt, z);
-        }
-    }
-
-    public static int trace(long[] x)
-    {
-        // Non-zero-trace bits: 0
-        return (int)(x[0]) & 1;
-    }
-
-    protected static void implMultiply(long[] x, long[] y, long[] zz)
-    {
-        /*
-         * "Three-way recursion" as described in "Batch binary Edwards", Daniel J. Bernstein.
-         */
-
-        long f0 = x[0], f1 = x[1];
-        f1  = ((f0 >>> 57) ^ (f1 <<  7)) & M57;
-        f0 &= M57;
-
-        long g0 = y[0], g1 = y[1];
-        g1  = ((g0 >>> 57) ^ (g1 <<  7)) & M57;
-        g0 &= M57;
-
-        long[] H = new long[6];
-
-        implMulw(f0, g0, H, 0);               // H(0)       57/56 bits
-        implMulw(f1, g1, H, 2);               // H(INF)     57/54 bits
-        implMulw(f0 ^ f1, g0 ^ g1, H, 4);     // H(1)       57/56 bits
-
-        long r  = H[1] ^ H[2];
-        long z0 = H[0],
-             z3 = H[3],
-             z1 = H[4] ^ z0 ^ r,
-             z2 = H[5] ^ z3 ^ r;
-
-        zz[0] =  z0         ^ (z1 << 57);
-        zz[1] = (z1 >>>  7) ^ (z2 << 50);
-        zz[2] = (z2 >>> 14) ^ (z3 << 43);
-        zz[3] = (z3 >>> 21);
-    }
-
-    protected static void implMulw(long x, long y, long[] z, int zOff)
-    {
-//        assert x >>> 57 == 0;
-//        assert y >>> 57 == 0;
-
-        long[] u = new long[8];
-//      u[0] = 0;
-        u[1] = y;
-        u[2] = u[1] << 1;
-        u[3] = u[2] ^ y;
-        u[4] = u[2] << 1;
-        u[5] = u[4] ^ y;
-        u[6] = u[3] << 1;
-        u[7] = u[6] ^ y;
-
-        int j = (int)x;
-        long g, h = 0, l = u[j & 7];
-        int k = 48;
-        do
-        {
-            j  = (int)(x >>> k);
-            g  = u[j & 7]
-               ^ u[(j >>> 3) & 7] << 3
-               ^ u[(j >>> 6) & 7] << 6;
-            l ^= (g << k);
-            h ^= (g >>> -k);
-        }
-        while ((k -= 9) > 0);
-
-        h ^= ((x & 0x0100804020100800L) & ((y << 7) >> 63)) >>> 8;
-
-//        assert h >>> 49 == 0;
-
-        z[zOff    ] = l & M57;
-        z[zOff + 1] = (l >>> 57) ^ (h << 7);
-    }
-
-    protected static void implSquare(long[] x, long[] zz)
-    {
-        Interleave.expand64To128(x[0], zz, 0);
-        Interleave.expand64To128(x[1], zz, 2);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT113FieldElement.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT113FieldElement.java
deleted file mode 100644
index ef9ecce..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT113FieldElement.java
+++ /dev/null

@@ -1,226 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.raw.Nat128;
-import org.bouncycastle.util.Arrays;
-
-public class SecT113FieldElement extends ECFieldElement.AbstractF2m
-{
-    protected long[] x;
-
-    public SecT113FieldElement(BigInteger x)
-    {
-        if (x == null || x.signum() < 0 || x.bitLength() > 113)
-        {
-            throw new IllegalArgumentException("x value invalid for SecT113FieldElement");
-        }
-
-        this.x = SecT113Field.fromBigInteger(x);
-    }
-
-    public SecT113FieldElement()
-    {
-        this.x = Nat128.create64();
-    }
-
-    protected SecT113FieldElement(long[] x)
-    {
-        this.x = x;
-    }
-
-//    public int bitLength()
-//    {
-//        return x.degree();
-//    }
-
-    public boolean isOne()
-    {
-        return Nat128.isOne64(x);
-    }
-
-    public boolean isZero()
-    {
-        return Nat128.isZero64(x);
-    }
-
-    public boolean testBitZero()
-    {
-        return (x[0] & 1L) != 0L;
-    }
-
-    public BigInteger toBigInteger()
-    {
-        return Nat128.toBigInteger64(x);
-    }
-
-    public String getFieldName()
-    {
-        return "SecT113Field";
-    }
-
-    public int getFieldSize()
-    {
-        return 113;
-    }
-
-    public ECFieldElement add(ECFieldElement b)
-    {
-        long[] z = Nat128.create64();
-        SecT113Field.add(x, ((SecT113FieldElement)b).x, z);
-        return new SecT113FieldElement(z);
-    }
-
-    public ECFieldElement addOne()
-    {
-        long[] z = Nat128.create64();
-        SecT113Field.addOne(x, z);
-        return new SecT113FieldElement(z);
-    }
-
-    public ECFieldElement subtract(ECFieldElement b)
-    {
-        // Addition and subtraction are the same in F2m
-        return add(b);
-    }
-
-    public ECFieldElement multiply(ECFieldElement b)
-    {
-        long[] z = Nat128.create64();
-        SecT113Field.multiply(x, ((SecT113FieldElement)b).x, z);
-        return new SecT113FieldElement(z);
-    }
-
-    public ECFieldElement multiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
-    {
-        return multiplyPlusProduct(b, x, y);
-    }
-
-    public ECFieldElement multiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
-    {
-        long[] ax = this.x, bx = ((SecT113FieldElement)b).x;
-        long[] xx = ((SecT113FieldElement)x).x, yx = ((SecT113FieldElement)y).x;
-
-        long[] tt = Nat128.createExt64();
-        SecT113Field.multiplyAddToExt(ax, bx, tt);
-        SecT113Field.multiplyAddToExt(xx, yx, tt);
-
-        long[] z = Nat128.create64();
-        SecT113Field.reduce(tt, z);
-        return new SecT113FieldElement(z);
-    }
-
-    public ECFieldElement divide(ECFieldElement b)
-    {
-        return multiply(b.invert());
-    }
-
-    public ECFieldElement negate()
-    {
-        return this;
-    }
-
-    public ECFieldElement square()
-    {
-        long[] z = Nat128.create64();
-        SecT113Field.square(x, z);
-        return new SecT113FieldElement(z);
-    }
-
-    public ECFieldElement squareMinusProduct(ECFieldElement x, ECFieldElement y)
-    {
-        return squarePlusProduct(x, y);
-    }
-
-    public ECFieldElement squarePlusProduct(ECFieldElement x, ECFieldElement y)
-    {
-        long[] ax = this.x;
-        long[] xx = ((SecT113FieldElement)x).x, yx = ((SecT113FieldElement)y).x;
-
-        long[] tt = Nat128.createExt64();
-        SecT113Field.squareAddToExt(ax, tt);
-        SecT113Field.multiplyAddToExt(xx, yx, tt);
-
-        long[] z = Nat128.create64();
-        SecT113Field.reduce(tt, z);
-        return new SecT113FieldElement(z);
-    }
-
-    public ECFieldElement squarePow(int pow)
-    {
-        if (pow < 1)
-        {
-            return this;
-        }
-
-        long[] z = Nat128.create64();
-        SecT113Field.squareN(x, pow, z);
-        return new SecT113FieldElement(z);
-    }
-
-    public int trace()
-    {
-        return SecT113Field.trace(x);
-    }
-
-    public ECFieldElement invert()
-    {
-        long[] z = Nat128.create64();
-        SecT113Field.invert(x, z);
-        return new SecT113FieldElement(z);
-    }
-
-    public ECFieldElement sqrt()
-    {
-        long[] z = Nat128.create64();
-        SecT113Field.sqrt(x, z);
-        return new SecT113FieldElement(z);
-    }
-
-    public int getRepresentation()
-    {
-        return ECFieldElement.F2m.TPB;
-    }
-
-    public int getM()
-    {
-        return 113;
-    }
-
-    public int getK1()
-    {
-        return 9;
-    }
-
-    public int getK2()
-    {
-        return 0;
-    }
-
-    public int getK3()
-    {
-        return 0;
-    }
-
-    public boolean equals(Object other)
-    {
-        if (other == this)
-        {
-            return true;
-        }
-
-        if (!(other instanceof SecT113FieldElement))
-        {
-            return false;
-        }
-
-        SecT113FieldElement o = (SecT113FieldElement)other;
-        return Nat128.eq64(x, o.x);
-    }
-
-    public int hashCode()
-    {
-        return 113009 ^ Arrays.hashCode(x, 0, 2);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT113R1Curve.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT113R1Curve.java
deleted file mode 100644
index b2a55f0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT113R1Curve.java
+++ /dev/null

@@ -1,148 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECCurve.AbstractF2m;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECLookupTable;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.raw.Nat128;
-import org.bouncycastle.util.encoders.Hex;
-
-public class SecT113R1Curve extends AbstractF2m
-{
-    private static final int SecT113R1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
-
-    protected SecT113R1Point infinity;
-
-    public SecT113R1Curve()
-    {
-        super(113, 9, 0, 0);
-
-        this.infinity = new SecT113R1Point(this, null, null);
-
-        this.a = fromBigInteger(new BigInteger(1, Hex.decode("003088250CA6E7C7FE649CE85820F7")));
-        this.b = fromBigInteger(new BigInteger(1, Hex.decode("00E8BEE4D3E2260744188BE0E9C723")));
-        this.order = new BigInteger(1, Hex.decode("0100000000000000D9CCEC8A39E56F"));
-        this.cofactor = BigInteger.valueOf(2);
-
-        this.coord = SecT113R1_DEFAULT_COORDS;
-    }
-
-    protected ECCurve cloneCurve()
-    {
-        return new SecT113R1Curve();
-    }
-
-    public boolean supportsCoordinateSystem(int coord)
-    {
-        switch (coord)
-        {
-        case COORD_LAMBDA_PROJECTIVE:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    public int getFieldSize()
-    {
-        return 113;
-    }
-
-    public ECFieldElement fromBigInteger(BigInteger x)
-    {
-        return new SecT113FieldElement(x);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        return new SecT113R1Point(this, x, y, withCompression);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        return new SecT113R1Point(this, x, y, zs, withCompression);
-    }
-
-    public ECPoint getInfinity()
-    {
-        return infinity;
-    }
-
-    public boolean isKoblitz()
-    {
-        return false;
-    }
-
-    public int getM()
-    {
-        return 113;
-    }
-
-    public boolean isTrinomial()
-    {
-        return true;
-    }
-
-    public int getK1()
-    {
-        return 9;
-    }
-
-    public int getK2()
-    {
-        return 0;
-    }
-
-    public int getK3()
-    {
-        return 0;
-    }
-
-    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
-    {
-        final int FE_LONGS = 2;
-
-        final long[] table = new long[len * FE_LONGS * 2];
-        {
-            int pos = 0;
-            for (int i = 0; i < len; ++i)
-            {
-                ECPoint p = points[off + i];
-                Nat128.copy64(((SecT113FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_LONGS;
-                Nat128.copy64(((SecT113FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_LONGS;
-            }
-        }
-
-        return new ECLookupTable()
-        {
-            public int getSize()
-            {
-                return len;
-            }
-
-            public ECPoint lookup(int index)
-            {
-                long[] x = Nat128.create64(), y = Nat128.create64();
-                int pos = 0;
-
-                for (int i = 0; i < len; ++i)
-                {
-                    long MASK = ((i ^ index) - 1) >> 31;
-
-                    for (int j = 0; j < FE_LONGS; ++j)
-                    {
-                        x[j] ^= table[pos + j] & MASK;
-                        y[j] ^= table[pos + FE_LONGS + j] & MASK;
-                    }
-
-                    pos += (FE_LONGS * 2);
-                }
-
-                return createRawPoint(new SecT113FieldElement(x), new SecT113FieldElement(y), false);
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT113R1Point.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT113R1Point.java
deleted file mode 100644
index 28226c2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT113R1Point.java
+++ /dev/null

@@ -1,308 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.ECPoint.AbstractF2m;
-
-public class SecT113R1Point extends AbstractF2m
-{
-    /**
-     * @deprecated Use ECCurve.createPoint to construct points
-     */
-    public SecT113R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
-    {
-        this(curve, x, y, false);
-    }
-
-    /**
-     * @deprecated per-point compression property will be removed, refer {@link #getEncoded(boolean)}
-     */
-    public SecT113R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        super(curve, x, y);
-
-        if ((x == null) != (y == null))
-        {
-            throw new IllegalArgumentException("Exactly one of the field elements is null");
-        }
-
-        this.withCompression = withCompression;
-    }
-
-    SecT113R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        super(curve, x, y, zs);
-
-        this.withCompression = withCompression;
-    }
-
-    protected ECPoint detach()
-    {
-        return new SecT113R1Point(null, getAffineXCoord(), getAffineYCoord());
-    }
-
-    public ECFieldElement getYCoord()
-    {
-        ECFieldElement X = x, L = y;
-
-        if (this.isInfinity() || X.isZero())
-        {
-            return L;
-        }
-
-        // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
-        ECFieldElement Y = L.add(X).multiply(X);
-
-        ECFieldElement Z = zs[0];
-        if (!Z.isOne())
-        {
-            Y = Y.divide(Z);
-        }
-
-        return Y;
-    }
-
-    protected boolean getCompressionYTilde()
-    {
-        ECFieldElement X = this.getRawXCoord();
-        if (X.isZero())
-        {
-            return false;
-        }
-
-        ECFieldElement Y = this.getRawYCoord();
-
-        // Y is actually Lambda (X + Y/X) here
-        return Y.testBitZero() != X.testBitZero();
-    }
-
-    public ECPoint add(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        ECFieldElement X2 = b.getRawXCoord();
-
-        if (X1.isZero())
-        {
-            if (X2.isZero())
-            {
-                return curve.getInfinity();
-            }
-
-            return b.add(this);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord(), Z2 = b.getZCoord(0);
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement U2 = X2, S2 = L2;
-        if (!Z1IsOne)
-        {
-            U2 = U2.multiply(Z1);
-            S2 = S2.multiply(Z1);
-        }
-
-        boolean Z2IsOne = Z2.isOne();
-        ECFieldElement U1 = X1, S1 = L1;
-        if (!Z2IsOne)
-        {
-            U1 = U1.multiply(Z2);
-            S1 = S1.multiply(Z2);
-        }
-
-        ECFieldElement A = S1.add(S2);
-        ECFieldElement B = U1.add(U2);
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        ECFieldElement X3, L3, Z3;
-        if (X2.isZero())
-        {
-            // TODO This can probably be optimized quite a bit
-            ECPoint p = this.normalize();
-            X1 = p.getXCoord();
-            ECFieldElement Y1 = p.getYCoord();
-
-            ECFieldElement Y2 = L2;
-            ECFieldElement L = Y1.add(Y2).divide(X1);
-
-            X3 = L.square().add(L).add(X1).add(curve.getA());
-            if (X3.isZero())
-            {
-                return new SecT113R1Point(curve, X3, curve.getB().sqrt(), this.withCompression);
-            }
-
-            ECFieldElement Y3 = L.multiply(X1.add(X3)).add(X3).add(Y1);
-            L3 = Y3.divide(X3).add(X3);
-            Z3 = curve.fromBigInteger(ECConstants.ONE);
-        }
-        else
-        {
-            B = B.square();
-
-            ECFieldElement AU1 = A.multiply(U1);
-            ECFieldElement AU2 = A.multiply(U2);
-
-            X3 = AU1.multiply(AU2);
-            if (X3.isZero())
-            {
-                return new SecT113R1Point(curve, X3, curve.getB().sqrt(), this.withCompression);
-            }
-
-            ECFieldElement ABZ2 = A.multiply(B);
-            if (!Z2IsOne)
-            {
-                ABZ2 = ABZ2.multiply(Z2);
-            }
-
-            L3 = AU2.add(B).squarePlusProduct(ABZ2, L1.add(Z1));
-
-            Z3 = ABZ2;
-            if (!Z1IsOne)
-            {
-                Z3 = Z3.multiply(Z1);
-            }
-        }
-
-        return new SecT113R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twice()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return curve.getInfinity();
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.multiply(Z1);
-        ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.square();
-        ECFieldElement a = curve.getA();
-        ECFieldElement aZ1Sq = Z1IsOne ? a : a.multiply(Z1Sq);
-        ECFieldElement T = L1.square().add(L1Z1).add(aZ1Sq);
-        if (T.isZero())
-        {
-            return new SecT113R1Point(curve, T, curve.getB().sqrt(), withCompression);
-        }
-
-        ECFieldElement X3 = T.square();
-        ECFieldElement Z3 = Z1IsOne ? T : T.multiply(Z1Sq);
-
-        ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.multiply(Z1);
-        ECFieldElement L3 = X1Z1.squarePlusProduct(T, L1Z1).add(X3).add(Z3);
-
-        return new SecT113R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twicePlus(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return twice();
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return b;
-        }
-
-        ECFieldElement X2 = b.getRawXCoord(), Z2 = b.getZCoord(0);
-        if (X2.isZero() || !Z2.isOne())
-        {
-            return twice().add(b);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord();
-
-        ECFieldElement X1Sq = X1.square();
-        ECFieldElement L1Sq = L1.square();
-        ECFieldElement Z1Sq = Z1.square();
-        ECFieldElement L1Z1 = L1.multiply(Z1);
-
-        ECFieldElement T = curve.getA().multiply(Z1Sq).add(L1Sq).add(L1Z1);
-        ECFieldElement L2plus1 = L2.addOne();
-        ECFieldElement A = curve.getA().add(L2plus1).multiply(Z1Sq).add(L1Sq).multiplyPlusProduct(T, X1Sq, Z1Sq);
-        ECFieldElement X2Z1Sq = X2.multiply(Z1Sq);
-        ECFieldElement B = X2Z1Sq.add(T).square();
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return b.twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        if (A.isZero())
-        {
-            return new SecT113R1Point(curve, A, curve.getB().sqrt(), withCompression);
-        }
-
-        ECFieldElement X3 = A.square().multiply(X2Z1Sq);
-        ECFieldElement Z3 = A.multiply(B).multiply(Z1Sq);
-        ECFieldElement L3 = A.add(B).square().multiplyPlusProduct(T, L2plus1, Z3);
-
-        return new SecT113R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint negate()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECFieldElement X = this.x;
-        if (X.isZero())
-        {
-            return this;
-        }
-
-        // L is actually Lambda (X + Y/X) here
-        ECFieldElement L = this.y, Z = this.zs[0];
-        return new SecT113R1Point(curve, X, L.add(Z), new ECFieldElement[]{ Z }, this.withCompression);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT113R2Curve.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT113R2Curve.java
deleted file mode 100644
index 92da298..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT113R2Curve.java
+++ /dev/null

@@ -1,148 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECCurve.AbstractF2m;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECLookupTable;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.raw.Nat128;
-import org.bouncycastle.util.encoders.Hex;
-
-public class SecT113R2Curve extends AbstractF2m
-{
-    private static final int SecT113R2_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
-
-    protected SecT113R2Point infinity;
-
-    public SecT113R2Curve()
-    {
-        super(113, 9, 0, 0);
-
-        this.infinity = new SecT113R2Point(this, null, null);
-
-        this.a = fromBigInteger(new BigInteger(1, Hex.decode("00689918DBEC7E5A0DD6DFC0AA55C7")));
-        this.b = fromBigInteger(new BigInteger(1, Hex.decode("0095E9A9EC9B297BD4BF36E059184F")));
-        this.order = new BigInteger(1, Hex.decode("010000000000000108789B2496AF93"));
-        this.cofactor = BigInteger.valueOf(2);
-
-        this.coord = SecT113R2_DEFAULT_COORDS;
-    }
-
-    protected ECCurve cloneCurve()
-    {
-        return new SecT113R2Curve();
-    }
-
-    public boolean supportsCoordinateSystem(int coord)
-    {
-        switch (coord)
-        {
-        case COORD_LAMBDA_PROJECTIVE:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    public int getFieldSize()
-    {
-        return 113;
-    }
-
-    public ECFieldElement fromBigInteger(BigInteger x)
-    {
-        return new SecT113FieldElement(x);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        return new SecT113R2Point(this, x, y, withCompression);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        return new SecT113R2Point(this, x, y, zs, withCompression);
-    }
-
-    public ECPoint getInfinity()
-    {
-        return infinity;
-    }
-
-    public boolean isKoblitz()
-    {
-        return false;
-    }
-
-    public int getM()
-    {
-        return 113;
-    }
-
-    public boolean isTrinomial()
-    {
-        return true;
-    }
-
-    public int getK1()
-    {
-        return 9;
-    }
-
-    public int getK2()
-    {
-        return 0;
-    }
-
-    public int getK3()
-    {
-        return 0;
-    }
-
-    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
-    {
-        final int FE_LONGS = 2;
-
-        final long[] table = new long[len * FE_LONGS * 2];
-        {
-            int pos = 0;
-            for (int i = 0; i < len; ++i)
-            {
-                ECPoint p = points[off + i];
-                Nat128.copy64(((SecT113FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_LONGS;
-                Nat128.copy64(((SecT113FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_LONGS;
-            }
-        }
-
-        return new ECLookupTable()
-        {
-            public int getSize()
-            {
-                return len;
-            }
-
-            public ECPoint lookup(int index)
-            {
-                long[] x = Nat128.create64(), y = Nat128.create64();
-                int pos = 0;
-
-                for (int i = 0; i < len; ++i)
-                {
-                    long MASK = ((i ^ index) - 1) >> 31;
-
-                    for (int j = 0; j < FE_LONGS; ++j)
-                    {
-                        x[j] ^= table[pos + j] & MASK;
-                        y[j] ^= table[pos + FE_LONGS + j] & MASK;
-                    }
-
-                    pos += (FE_LONGS * 2);
-                }
-
-                return createRawPoint(new SecT113FieldElement(x), new SecT113FieldElement(y), false);
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT113R2Point.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT113R2Point.java
deleted file mode 100644
index 6b7a2de..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT113R2Point.java
+++ /dev/null

@@ -1,308 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.ECPoint.AbstractF2m;
-
-public class SecT113R2Point extends AbstractF2m
-{
-    /**
-     * @deprecated Use ECCurve.createPoint to construct points
-     */
-    public SecT113R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
-    {
-        this(curve, x, y, false);
-    }
-
-    /**
-     * @deprecated per-point compression property will be removed, refer {@link #getEncoded(boolean)}
-     */
-    public SecT113R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        super(curve, x, y);
-
-        if ((x == null) != (y == null))
-        {
-            throw new IllegalArgumentException("Exactly one of the field elements is null");
-        }
-
-        this.withCompression = withCompression;
-    }
-
-    SecT113R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        super(curve, x, y, zs);
-
-        this.withCompression = withCompression;
-    }
-
-    protected ECPoint detach()
-    {
-        return new SecT113R2Point(null, getAffineXCoord(), getAffineYCoord());
-    }
-
-    public ECFieldElement getYCoord()
-    {
-        ECFieldElement X = x, L = y;
-
-        if (this.isInfinity() || X.isZero())
-        {
-            return L;
-        }
-
-        // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
-        ECFieldElement Y = L.add(X).multiply(X);
-
-        ECFieldElement Z = zs[0];
-        if (!Z.isOne())
-        {
-            Y = Y.divide(Z);
-        }
-
-        return Y;
-    }
-
-    protected boolean getCompressionYTilde()
-    {
-        ECFieldElement X = this.getRawXCoord();
-        if (X.isZero())
-        {
-            return false;
-        }
-
-        ECFieldElement Y = this.getRawYCoord();
-
-        // Y is actually Lambda (X + Y/X) here
-        return Y.testBitZero() != X.testBitZero();
-    }
-
-    public ECPoint add(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        ECFieldElement X2 = b.getRawXCoord();
-
-        if (X1.isZero())
-        {
-            if (X2.isZero())
-            {
-                return curve.getInfinity();
-            }
-
-            return b.add(this);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord(), Z2 = b.getZCoord(0);
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement U2 = X2, S2 = L2;
-        if (!Z1IsOne)
-        {
-            U2 = U2.multiply(Z1);
-            S2 = S2.multiply(Z1);
-        }
-
-        boolean Z2IsOne = Z2.isOne();
-        ECFieldElement U1 = X1, S1 = L1;
-        if (!Z2IsOne)
-        {
-            U1 = U1.multiply(Z2);
-            S1 = S1.multiply(Z2);
-        }
-
-        ECFieldElement A = S1.add(S2);
-        ECFieldElement B = U1.add(U2);
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        ECFieldElement X3, L3, Z3;
-        if (X2.isZero())
-        {
-            // TODO This can probably be optimized quite a bit
-            ECPoint p = this.normalize();
-            X1 = p.getXCoord();
-            ECFieldElement Y1 = p.getYCoord();
-
-            ECFieldElement Y2 = L2;
-            ECFieldElement L = Y1.add(Y2).divide(X1);
-
-            X3 = L.square().add(L).add(X1).add(curve.getA());
-            if (X3.isZero())
-            {
-                return new SecT113R2Point(curve, X3, curve.getB().sqrt(), this.withCompression);
-            }
-
-            ECFieldElement Y3 = L.multiply(X1.add(X3)).add(X3).add(Y1);
-            L3 = Y3.divide(X3).add(X3);
-            Z3 = curve.fromBigInteger(ECConstants.ONE);
-        }
-        else
-        {
-            B = B.square();
-
-            ECFieldElement AU1 = A.multiply(U1);
-            ECFieldElement AU2 = A.multiply(U2);
-
-            X3 = AU1.multiply(AU2);
-            if (X3.isZero())
-            {
-                return new SecT113R2Point(curve, X3, curve.getB().sqrt(), this.withCompression);
-            }
-
-            ECFieldElement ABZ2 = A.multiply(B);
-            if (!Z2IsOne)
-            {
-                ABZ2 = ABZ2.multiply(Z2);
-            }
-
-            L3 = AU2.add(B).squarePlusProduct(ABZ2, L1.add(Z1));
-
-            Z3 = ABZ2;
-            if (!Z1IsOne)
-            {
-                Z3 = Z3.multiply(Z1);
-            }
-        }
-
-        return new SecT113R2Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twice()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return curve.getInfinity();
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.multiply(Z1);
-        ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.square();
-        ECFieldElement a = curve.getA();
-        ECFieldElement aZ1Sq = Z1IsOne ? a : a.multiply(Z1Sq);
-        ECFieldElement T = L1.square().add(L1Z1).add(aZ1Sq);
-        if (T.isZero())
-        {
-            return new SecT113R2Point(curve, T, curve.getB().sqrt(), withCompression);
-        }
-
-        ECFieldElement X3 = T.square();
-        ECFieldElement Z3 = Z1IsOne ? T : T.multiply(Z1Sq);
-
-        ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.multiply(Z1);
-        ECFieldElement L3 = X1Z1.squarePlusProduct(T, L1Z1).add(X3).add(Z3);
-
-        return new SecT113R2Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twicePlus(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return twice();
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return b;
-        }
-
-        ECFieldElement X2 = b.getRawXCoord(), Z2 = b.getZCoord(0);
-        if (X2.isZero() || !Z2.isOne())
-        {
-            return twice().add(b);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord();
-
-        ECFieldElement X1Sq = X1.square();
-        ECFieldElement L1Sq = L1.square();
-        ECFieldElement Z1Sq = Z1.square();
-        ECFieldElement L1Z1 = L1.multiply(Z1);
-
-        ECFieldElement T = curve.getA().multiply(Z1Sq).add(L1Sq).add(L1Z1);
-        ECFieldElement L2plus1 = L2.addOne();
-        ECFieldElement A = curve.getA().add(L2plus1).multiply(Z1Sq).add(L1Sq).multiplyPlusProduct(T, X1Sq, Z1Sq);
-        ECFieldElement X2Z1Sq = X2.multiply(Z1Sq);
-        ECFieldElement B = X2Z1Sq.add(T).square();
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return b.twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        if (A.isZero())
-        {
-            return new SecT113R2Point(curve, A, curve.getB().sqrt(), withCompression);
-        }
-
-        ECFieldElement X3 = A.square().multiply(X2Z1Sq);
-        ECFieldElement Z3 = A.multiply(B).multiply(Z1Sq);
-        ECFieldElement L3 = A.add(B).square().multiplyPlusProduct(T, L2plus1, Z3);
-
-        return new SecT113R2Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint negate()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECFieldElement X = this.x;
-        if (X.isZero())
-        {
-            return this;
-        }
-
-        // L is actually Lambda (X + Y/X) here
-        ECFieldElement L = this.y, Z = this.zs[0];
-        return new SecT113R2Point(curve, X, L.add(Z), new ECFieldElement[]{ Z }, this.withCompression);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT131Field.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT131Field.java
deleted file mode 100644
index ab25c5d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT131Field.java
+++ /dev/null

@@ -1,332 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.raw.Interleave;
-import org.bouncycastle.math.raw.Nat;
-import org.bouncycastle.math.raw.Nat192;
-
-public class SecT131Field
-{
-    private static final long M03 = -1L >>> 61;
-    private static final long M44 = -1L >>> 20;
-
-    private static final long[] ROOT_Z = new long[]{ 0x26BC4D789AF13523L, 0x26BC4D789AF135E2L, 0x6L };
-
-    public static void add(long[] x, long[] y, long[] z)
-    {
-        z[0] = x[0] ^ y[0];
-        z[1] = x[1] ^ y[1];
-        z[2] = x[2] ^ y[2];
-    }
-
-    public static void addExt(long[] xx, long[] yy, long[] zz)
-    {
-        zz[0] = xx[0] ^ yy[0];
-        zz[1] = xx[1] ^ yy[1];
-        zz[2] = xx[2] ^ yy[2];
-        zz[3] = xx[3] ^ yy[3];
-        zz[4] = xx[4] ^ yy[4];
-    }
-
-    public static void addOne(long[] x, long[] z)
-    {
-        z[0] = x[0] ^ 1L;
-        z[1] = x[1];
-        z[2] = x[2];
-    }
-
-    public static long[] fromBigInteger(BigInteger x)
-    {
-        long[] z = Nat192.fromBigInteger64(x);
-        reduce61(z, 0);
-        return z;
-    }
-
-    public static void invert(long[] x, long[] z)
-    {
-        if (Nat192.isZero64(x))
-        {
-            throw new IllegalStateException();
-        }
-
-        // Itoh-Tsujii inversion
-
-        long[] t0 = Nat192.create64();
-        long[] t1 = Nat192.create64();
-
-        square(x, t0);
-        multiply(t0, x, t0);
-        squareN(t0, 2, t1);
-        multiply(t1, t0, t1);
-        squareN(t1, 4, t0);
-        multiply(t0, t1, t0);
-        squareN(t0, 8, t1);
-        multiply(t1, t0, t1);
-        squareN(t1, 16, t0);
-        multiply(t0, t1, t0);
-        squareN(t0, 32, t1);
-        multiply(t1, t0, t1);
-        square(t1, t1);
-        multiply(t1, x, t1);
-        squareN(t1, 65, t0);
-        multiply(t0, t1, t0);
-        square(t0, z);
-    }
-
-    public static void multiply(long[] x, long[] y, long[] z)
-    {
-        long[] tt = Nat192.createExt64();
-        implMultiply(x, y, tt);
-        reduce(tt, z);
-    }
-
-    public static void multiplyAddToExt(long[] x, long[] y, long[] zz)
-    {
-        long[] tt = Nat192.createExt64();
-        implMultiply(x, y, tt);
-        addExt(zz, tt, zz);
-    }
-
-    public static void reduce(long[] xx, long[] z)
-    {
-        long x0 = xx[0], x1 = xx[1], x2 = xx[2], x3 = xx[3], x4 = xx[4];
-
-        x1 ^= (x4 <<  61) ^ (x4 <<  63);
-        x2 ^= (x4 >>>  3) ^ (x4 >>>  1) ^ x4 ^ (x4 <<   5);
-        x3 ^=                                  (x4 >>> 59);
-
-        x0 ^= (x3 <<  61) ^ (x3 <<  63);
-        x1 ^= (x3 >>>  3) ^ (x3 >>>  1) ^ x3 ^ (x3 <<   5);
-        x2 ^=                                  (x3 >>> 59);
-
-        long t = x2 >>> 3;
-        z[0]   = x0 ^ t ^ (t << 2) ^ (t << 3) ^ (t <<   8);
-        z[1]   = x1                           ^ (t >>> 56);
-        z[2]   = x2 & M03;
-    }
-
-    public static void reduce61(long[] z, int zOff)
-    {
-        long z2      = z[zOff + 2], t = z2 >>> 3;
-        z[zOff    ] ^= t ^ (t << 2) ^ (t << 3) ^ (t <<   8);
-        z[zOff + 1] ^=                           (t >>> 56);
-        z[zOff + 2]  = z2 & M03;
-    }
-
-    public static void sqrt(long[] x, long[] z)
-    {
-        long[] odd = Nat192.create64();
-
-        long u0, u1;
-        u0 = Interleave.unshuffle(x[0]); u1 = Interleave.unshuffle(x[1]);
-        long e0 = (u0 & 0x00000000FFFFFFFFL) | (u1 << 32);
-        odd[0]  = (u0 >>> 32) | (u1 & 0xFFFFFFFF00000000L);
-
-        u0 = Interleave.unshuffle(x[2]);
-        long e1 = (u0 & 0x00000000FFFFFFFFL);
-        odd[1]  = (u0 >>> 32);
-
-        multiply(odd, ROOT_Z, z);
-
-        z[0] ^= e0;
-        z[1] ^= e1;
-    }
-
-    public static void square(long[] x, long[] z)
-    {
-        long[] tt = Nat.create64(5);
-        implSquare(x, tt);
-        reduce(tt, z);
-    }
-
-    public static void squareAddToExt(long[] x, long[] zz)
-    {
-        long[] tt = Nat.create64(5);
-        implSquare(x, tt);
-        addExt(zz, tt, zz);
-    }
-
-    public static void squareN(long[] x, int n, long[] z)
-    {
-//        assert n > 0;
-
-        long[] tt = Nat.create64(5);
-        implSquare(x, tt);
-        reduce(tt, z);
-
-        while (--n > 0)
-        {
-            implSquare(z, tt);
-            reduce(tt, z);
-        }
-    }
-
-    public static int trace(long[] x)
-    {
-        // Non-zero-trace bits: 0, 123, 129
-        return (int)(x[0] ^ (x[1] >>> 59) ^ (x[2] >>> 1)) & 1;
-    }
-
-    protected static void implCompactExt(long[] zz)
-    {
-        long z0 = zz[0], z1 = zz[1], z2 = zz[2], z3 = zz[3], z4 = zz[4], z5 = zz[5];
-        zz[0] =  z0         ^ (z1 << 44);
-        zz[1] = (z1 >>> 20) ^ (z2 << 24);
-        zz[2] = (z2 >>> 40) ^ (z3 <<  4)
-                            ^ (z4 << 48);
-        zz[3] = (z3 >>> 60) ^ (z5 << 28)
-              ^ (z4 >>> 16);
-        zz[4] = (z5 >>> 36);
-        zz[5] = 0;
-    }
-
-    protected static void implMultiply(long[] x, long[] y, long[] zz)
-    {
-        /*
-         * "Five-way recursion" as described in "Batch binary Edwards", Daniel J. Bernstein.
-         */
-
-        long f0 = x[0], f1 = x[1], f2 = x[2];
-        f2  = ((f1 >>> 24) ^ (f2 << 40)) & M44;
-        f1  = ((f0 >>> 44) ^ (f1 << 20)) & M44;
-        f0 &= M44;
-
-        long g0 = y[0], g1 = y[1], g2 = y[2];
-        g2  = ((g1 >>> 24) ^ (g2 << 40)) & M44;
-        g1  = ((g0 >>> 44) ^ (g1 << 20)) & M44;
-        g0 &= M44;
-
-        long[] H = new long[10];
-
-        implMulw(f0, g0, H, 0);               // H(0)       44/43 bits
-        implMulw(f2, g2, H, 2);               // H(INF)     44/41 bits
-
-        long t0 = f0 ^ f1 ^ f2;
-        long t1 = g0 ^ g1 ^ g2;
-
-        implMulw(t0, t1, H, 4);               // H(1)       44/43 bits
-
-        long t2 = (f1 << 1) ^ (f2 << 2);
-        long t3 = (g1 << 1) ^ (g2 << 2);
-
-        implMulw(f0 ^ t2, g0 ^ t3, H, 6);     // H(t)       44/45 bits
-        implMulw(t0 ^ t2, t1 ^ t3, H, 8);     // H(t + 1)   44/45 bits
-
-        long t4 = H[6] ^ H[8];
-        long t5 = H[7] ^ H[9];
-
-    //    assert t5 >>> 44 == 0;
-
-        // Calculate V
-        long v0 =      (t4 << 1) ^ H[6];
-        long v1 = t4 ^ (t5 << 1) ^ H[7];
-        long v2 = t5;
-
-        // Calculate U
-        long u0 = H[0];
-        long u1 = H[1] ^ H[0] ^ H[4];
-        long u2 =        H[1] ^ H[5];
-
-        // Calculate W
-        long w0 = u0 ^ v0 ^ (H[2] << 4) ^ (H[2] << 1);
-        long w1 = u1 ^ v1 ^ (H[3] << 4) ^ (H[3] << 1);
-        long w2 = u2 ^ v2;
-
-        // Propagate carries
-        w1 ^= (w0 >>> 44); w0 &= M44;
-        w2 ^= (w1 >>> 44); w1 &= M44;
-
-   //     assert (w0 & 1L) == 0;
-
-        // Divide W by t
-
-        w0 = (w0 >>> 1) ^ ((w1 & 1L) << 43);
-        w1 = (w1 >>> 1) ^ ((w2 & 1L) << 43);
-        w2 = (w2 >>> 1);
-
-        // Divide W by (t + 1)
-
-        w0 ^= (w0 << 1);
-        w0 ^= (w0 << 2);
-        w0 ^= (w0 << 4);
-        w0 ^= (w0 << 8);
-        w0 ^= (w0 << 16);
-        w0 ^= (w0 << 32);
-
-        w0 &= M44; w1 ^= (w0 >>> 43);
-
-        w1 ^= (w1 << 1);
-        w1 ^= (w1 << 2);
-        w1 ^= (w1 << 4);
-        w1 ^= (w1 << 8);
-        w1 ^= (w1 << 16);
-        w1 ^= (w1 << 32);
-
-        w1 &= M44; w2 ^= (w1 >>> 43);
-
-        w2 ^= (w2 << 1);
-        w2 ^= (w2 << 2);
-        w2 ^= (w2 << 4);
-        w2 ^= (w2 << 8);
-        w2 ^= (w2 << 16);
-        w2 ^= (w2 << 32);
-
-  //      assert w2 >>> 42 == 0;
-
-        zz[0] = u0;
-        zz[1] = u1 ^ w0      ^ H[2];
-        zz[2] = u2 ^ w1 ^ w0 ^ H[3];
-        zz[3] =      w2 ^ w1;
-        zz[4] =           w2 ^ H[2];
-        zz[5] =                H[3];
-
-        implCompactExt(zz);
-    }
-
-    protected static void implMulw(long x, long y, long[] z, int zOff)
-    {
-//        assert x >>> 45 == 0;
-//        assert y >>> 45 == 0;
-
-        long[] u = new long[8];
-//      u[0] = 0;
-        u[1] = y;
-        u[2] = u[1] << 1;
-        u[3] = u[2] ^  y;
-        u[4] = u[2] << 1;
-        u[5] = u[4] ^  y;
-        u[6] = u[3] << 1;
-        u[7] = u[6] ^  y;
-
-        int j = (int)x;
-        long g, h = 0, l = u[j & 7]
-                         ^ u[(j >>> 3) & 7] << 3
-                         ^ u[(j >>> 6) & 7] << 6;
-        int k = 33;
-        do
-        {
-            j  = (int)(x >>> k);
-            g  = u[j & 7]
-               ^ u[(j >>> 3) & 7] << 3
-               ^ u[(j >>> 6) & 7] << 6
-               ^ u[(j >>> 9) & 7] << 9;
-            l ^= (g <<   k);
-            h ^= (g >>> -k);
-        }
-        while ((k -= 12) > 0);
-
-//        assert h >>> 25 == 0;
-
-        z[zOff    ] = l & M44;
-        z[zOff + 1] = (l >>> 44) ^ (h << 20);
-    }
-
-    protected static void implSquare(long[] x, long[] zz)
-    {
-        Interleave.expand64To128(x[0], zz, 0);
-        Interleave.expand64To128(x[1], zz, 2);
-
-        zz[4] = Interleave.expand8to16((int)x[2]) & 0xFFFFFFFFL;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT131FieldElement.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT131FieldElement.java
deleted file mode 100644
index d0ac60c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT131FieldElement.java
+++ /dev/null

@@ -1,227 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.raw.Nat;
-import org.bouncycastle.math.raw.Nat192;
-import org.bouncycastle.util.Arrays;
-
-public class SecT131FieldElement extends ECFieldElement.AbstractF2m
-{
-    protected long[] x;
-
-    public SecT131FieldElement(BigInteger x)
-    {
-        if (x == null || x.signum() < 0 || x.bitLength() > 131)
-        {
-            throw new IllegalArgumentException("x value invalid for SecT131FieldElement");
-        }
-
-        this.x = SecT131Field.fromBigInteger(x);
-    }
-
-    public SecT131FieldElement()
-    {
-        this.x = Nat192.create64();
-    }
-
-    protected SecT131FieldElement(long[] x)
-    {
-        this.x = x;
-    }
-
-//    public int bitLength()
-//    {
-//        return x.degree();
-//    }
-
-    public boolean isOne()
-    {
-        return Nat192.isOne64(x);
-    }
-
-    public boolean isZero()
-    {
-        return Nat192.isZero64(x);
-    }
-
-    public boolean testBitZero()
-    {
-        return (x[0] & 1L) != 0L;
-    }
-
-    public BigInteger toBigInteger()
-    {
-        return Nat192.toBigInteger64(x);
-    }
-
-    public String getFieldName()
-    {
-        return "SecT131Field";
-    }
-
-    public int getFieldSize()
-    {
-        return 131;
-    }
-
-    public ECFieldElement add(ECFieldElement b)
-    {
-        long[] z = Nat192.create64();
-        SecT131Field.add(x, ((SecT131FieldElement)b).x, z);
-        return new SecT131FieldElement(z);
-    }
-
-    public ECFieldElement addOne()
-    {
-        long[] z = Nat192.create64();
-        SecT131Field.addOne(x, z);
-        return new SecT131FieldElement(z);
-    }
-
-    public ECFieldElement subtract(ECFieldElement b)
-    {
-        // Addition and subtraction are the same in F2m
-        return add(b);
-    }
-
-    public ECFieldElement multiply(ECFieldElement b)
-    {
-        long[] z = Nat192.create64();
-        SecT131Field.multiply(x, ((SecT131FieldElement)b).x, z);
-        return new SecT131FieldElement(z);
-    }
-
-    public ECFieldElement multiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
-    {
-        return multiplyPlusProduct(b, x, y);
-    }
-
-    public ECFieldElement multiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
-    {
-        long[] ax = this.x, bx = ((SecT131FieldElement)b).x;
-        long[] xx = ((SecT131FieldElement)x).x, yx = ((SecT131FieldElement)y).x;
-
-        long[] tt = Nat.create64(5);
-        SecT131Field.multiplyAddToExt(ax, bx, tt);
-        SecT131Field.multiplyAddToExt(xx, yx, tt);
-
-        long[] z = Nat192.create64();
-        SecT131Field.reduce(tt, z);
-        return new SecT131FieldElement(z);
-    }
-
-    public ECFieldElement divide(ECFieldElement b)
-    {
-        return multiply(b.invert());
-    }
-
-    public ECFieldElement negate()
-    {
-        return this;
-    }
-
-    public ECFieldElement square()
-    {
-        long[] z = Nat192.create64();
-        SecT131Field.square(x, z);
-        return new SecT131FieldElement(z);
-    }
-
-    public ECFieldElement squareMinusProduct(ECFieldElement x, ECFieldElement y)
-    {
-        return squarePlusProduct(x, y);
-    }
-
-    public ECFieldElement squarePlusProduct(ECFieldElement x, ECFieldElement y)
-    {
-        long[] ax = this.x;
-        long[] xx = ((SecT131FieldElement)x).x, yx = ((SecT131FieldElement)y).x;
-
-        long[] tt = Nat.create64(5);
-        SecT131Field.squareAddToExt(ax, tt);
-        SecT131Field.multiplyAddToExt(xx, yx, tt);
-
-        long[] z = Nat192.create64();
-        SecT131Field.reduce(tt, z);
-        return new SecT131FieldElement(z);
-    }
-
-    public ECFieldElement squarePow(int pow)
-    {
-        if (pow < 1)
-        {
-            return this;
-        }
-
-        long[] z = Nat192.create64();
-        SecT131Field.squareN(x, pow, z);
-        return new SecT131FieldElement(z);
-    }
-
-    public int trace()
-    {
-        return SecT131Field.trace(x);
-    }
-
-    public ECFieldElement invert()
-    {
-        long[] z = Nat192.create64();
-        SecT131Field.invert(x, z);
-        return new SecT131FieldElement(z);
-    }
-
-    public ECFieldElement sqrt()
-    {
-        long[] z = Nat192.create64();
-        SecT131Field.sqrt(x, z);
-        return new SecT131FieldElement(z);
-    }
-
-    public int getRepresentation()
-    {
-        return ECFieldElement.F2m.PPB;
-    }
-
-    public int getM()
-    {
-        return 131;
-    }
-
-    public int getK1()
-    {
-        return 2;
-    }
-
-    public int getK2()
-    {
-        return 3;
-    }
-
-    public int getK3()
-    {
-        return 8;
-    }
-
-    public boolean equals(Object other)
-    {
-        if (other == this)
-        {
-            return true;
-        }
-
-        if (!(other instanceof SecT131FieldElement))
-        {
-            return false;
-        }
-
-        SecT131FieldElement o = (SecT131FieldElement)other;
-        return Nat192.eq64(x, o.x);
-    }
-
-    public int hashCode()
-    {
-        return 131832 ^ Arrays.hashCode(x, 0, 3);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT131R1Curve.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT131R1Curve.java
deleted file mode 100644
index 6f45aeb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT131R1Curve.java
+++ /dev/null

@@ -1,148 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECCurve.AbstractF2m;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECLookupTable;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.raw.Nat192;
-import org.bouncycastle.util.encoders.Hex;
-
-public class SecT131R1Curve extends AbstractF2m
-{
-    private static final int SecT131R1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
-
-    protected SecT131R1Point infinity;
-
-    public SecT131R1Curve()
-    {
-        super(131, 2, 3, 8);
-
-        this.infinity = new SecT131R1Point(this, null, null);
-
-        this.a = fromBigInteger(new BigInteger(1, Hex.decode("07A11B09A76B562144418FF3FF8C2570B8")));
-        this.b = fromBigInteger(new BigInteger(1, Hex.decode("0217C05610884B63B9C6C7291678F9D341")));
-        this.order = new BigInteger(1, Hex.decode("0400000000000000023123953A9464B54D"));
-        this.cofactor = BigInteger.valueOf(2);
-
-        this.coord = SecT131R1_DEFAULT_COORDS;
-    }
-
-    protected ECCurve cloneCurve()
-    {
-        return new SecT131R1Curve();
-    }
-
-    public boolean supportsCoordinateSystem(int coord)
-    {
-        switch (coord)
-        {
-        case COORD_LAMBDA_PROJECTIVE:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    public int getFieldSize()
-    {
-        return 131;
-    }
-
-    public ECFieldElement fromBigInteger(BigInteger x)
-    {
-        return new SecT131FieldElement(x);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        return new SecT131R1Point(this, x, y, withCompression);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        return new SecT131R1Point(this, x, y, zs, withCompression);
-    }
-
-    public ECPoint getInfinity()
-    {
-        return infinity;
-    }
-
-    public boolean isKoblitz()
-    {
-        return false;
-    }
-
-    public int getM()
-    {
-        return 131;
-    }
-
-    public boolean isTrinomial()
-    {
-        return false;
-    }
-
-    public int getK1()
-    {
-        return 2;
-    }
-
-    public int getK2()
-    {
-        return 3;
-    }
-
-    public int getK3()
-    {
-        return 8;
-    }
-
-    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
-    {
-        final int FE_LONGS = 3;
-
-        final long[] table = new long[len * FE_LONGS * 2];
-        {
-            int pos = 0;
-            for (int i = 0; i < len; ++i)
-            {
-                ECPoint p = points[off + i];
-                Nat192.copy64(((SecT131FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_LONGS;
-                Nat192.copy64(((SecT131FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_LONGS;
-            }
-        }
-
-        return new ECLookupTable()
-        {
-            public int getSize()
-            {
-                return len;
-            }
-
-            public ECPoint lookup(int index)
-            {
-                long[] x = Nat192.create64(), y = Nat192.create64();
-                int pos = 0;
-
-                for (int i = 0; i < len; ++i)
-                {
-                    long MASK = ((i ^ index) - 1) >> 31;
-
-                    for (int j = 0; j < FE_LONGS; ++j)
-                    {
-                        x[j] ^= table[pos + j] & MASK;
-                        y[j] ^= table[pos + FE_LONGS + j] & MASK;
-                    }
-
-                    pos += (FE_LONGS * 2);
-                }
-
-                return createRawPoint(new SecT131FieldElement(x), new SecT131FieldElement(y), false);
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT131R1Point.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT131R1Point.java
deleted file mode 100644
index 4a276dd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT131R1Point.java
+++ /dev/null

@@ -1,308 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.ECPoint.AbstractF2m;
-
-public class SecT131R1Point extends AbstractF2m
-{
-    /**
-     * @deprecated Use ECCurve.createPoint to construct points
-     */
-    public SecT131R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
-    {
-        this(curve, x, y, false);
-    }
-
-    /**
-     * @deprecated per-point compression property will be removed, refer {@link #getEncoded(boolean)}
-     */
-    public SecT131R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        super(curve, x, y);
-
-        if ((x == null) != (y == null))
-        {
-            throw new IllegalArgumentException("Exactly one of the field elements is null");
-        }
-
-        this.withCompression = withCompression;
-    }
-
-    SecT131R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        super(curve, x, y, zs);
-
-        this.withCompression = withCompression;
-    }
-
-    protected ECPoint detach()
-    {
-        return new SecT131R1Point(null, getAffineXCoord(), getAffineYCoord());
-    }
-
-    public ECFieldElement getYCoord()
-    {
-        ECFieldElement X = x, L = y;
-
-        if (this.isInfinity() || X.isZero())
-        {
-            return L;
-        }
-
-        // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
-        ECFieldElement Y = L.add(X).multiply(X);
-
-        ECFieldElement Z = zs[0];
-        if (!Z.isOne())
-        {
-            Y = Y.divide(Z);
-        }
-
-        return Y;
-    }
-
-    protected boolean getCompressionYTilde()
-    {
-        ECFieldElement X = this.getRawXCoord();
-        if (X.isZero())
-        {
-            return false;
-        }
-
-        ECFieldElement Y = this.getRawYCoord();
-
-        // Y is actually Lambda (X + Y/X) here
-        return Y.testBitZero() != X.testBitZero();
-    }
-
-    public ECPoint add(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        ECFieldElement X2 = b.getRawXCoord();
-
-        if (X1.isZero())
-        {
-            if (X2.isZero())
-            {
-                return curve.getInfinity();
-            }
-
-            return b.add(this);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord(), Z2 = b.getZCoord(0);
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement U2 = X2, S2 = L2;
-        if (!Z1IsOne)
-        {
-            U2 = U2.multiply(Z1);
-            S2 = S2.multiply(Z1);
-        }
-
-        boolean Z2IsOne = Z2.isOne();
-        ECFieldElement U1 = X1, S1 = L1;
-        if (!Z2IsOne)
-        {
-            U1 = U1.multiply(Z2);
-            S1 = S1.multiply(Z2);
-        }
-
-        ECFieldElement A = S1.add(S2);
-        ECFieldElement B = U1.add(U2);
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        ECFieldElement X3, L3, Z3;
-        if (X2.isZero())
-        {
-            // TODO This can probably be optimized quite a bit
-            ECPoint p = this.normalize();
-            X1 = p.getXCoord();
-            ECFieldElement Y1 = p.getYCoord();
-
-            ECFieldElement Y2 = L2;
-            ECFieldElement L = Y1.add(Y2).divide(X1);
-
-            X3 = L.square().add(L).add(X1).add(curve.getA());
-            if (X3.isZero())
-            {
-                return new SecT131R1Point(curve, X3, curve.getB().sqrt(), this.withCompression);
-            }
-
-            ECFieldElement Y3 = L.multiply(X1.add(X3)).add(X3).add(Y1);
-            L3 = Y3.divide(X3).add(X3);
-            Z3 = curve.fromBigInteger(ECConstants.ONE);
-        }
-        else
-        {
-            B = B.square();
-
-            ECFieldElement AU1 = A.multiply(U1);
-            ECFieldElement AU2 = A.multiply(U2);
-
-            X3 = AU1.multiply(AU2);
-            if (X3.isZero())
-            {
-                return new SecT131R1Point(curve, X3, curve.getB().sqrt(), this.withCompression);
-            }
-
-            ECFieldElement ABZ2 = A.multiply(B);
-            if (!Z2IsOne)
-            {
-                ABZ2 = ABZ2.multiply(Z2);
-            }
-
-            L3 = AU2.add(B).squarePlusProduct(ABZ2, L1.add(Z1));
-
-            Z3 = ABZ2;
-            if (!Z1IsOne)
-            {
-                Z3 = Z3.multiply(Z1);
-            }
-        }
-
-        return new SecT131R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twice()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return curve.getInfinity();
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.multiply(Z1);
-        ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.square();
-        ECFieldElement a = curve.getA();
-        ECFieldElement aZ1Sq = Z1IsOne ? a : a.multiply(Z1Sq);
-        ECFieldElement T = L1.square().add(L1Z1).add(aZ1Sq);
-        if (T.isZero())
-        {
-            return new SecT131R1Point(curve, T, curve.getB().sqrt(), withCompression);
-        }
-
-        ECFieldElement X3 = T.square();
-        ECFieldElement Z3 = Z1IsOne ? T : T.multiply(Z1Sq);
-
-        ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.multiply(Z1);
-        ECFieldElement L3 = X1Z1.squarePlusProduct(T, L1Z1).add(X3).add(Z3);
-
-        return new SecT131R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twicePlus(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return twice();
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return b;
-        }
-
-        ECFieldElement X2 = b.getRawXCoord(), Z2 = b.getZCoord(0);
-        if (X2.isZero() || !Z2.isOne())
-        {
-            return twice().add(b);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord();
-
-        ECFieldElement X1Sq = X1.square();
-        ECFieldElement L1Sq = L1.square();
-        ECFieldElement Z1Sq = Z1.square();
-        ECFieldElement L1Z1 = L1.multiply(Z1);
-
-        ECFieldElement T = curve.getA().multiply(Z1Sq).add(L1Sq).add(L1Z1);
-        ECFieldElement L2plus1 = L2.addOne();
-        ECFieldElement A = curve.getA().add(L2plus1).multiply(Z1Sq).add(L1Sq).multiplyPlusProduct(T, X1Sq, Z1Sq);
-        ECFieldElement X2Z1Sq = X2.multiply(Z1Sq);
-        ECFieldElement B = X2Z1Sq.add(T).square();
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return b.twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        if (A.isZero())
-        {
-            return new SecT131R1Point(curve, A, curve.getB().sqrt(), withCompression);
-        }
-
-        ECFieldElement X3 = A.square().multiply(X2Z1Sq);
-        ECFieldElement Z3 = A.multiply(B).multiply(Z1Sq);
-        ECFieldElement L3 = A.add(B).square().multiplyPlusProduct(T, L2plus1, Z3);
-
-        return new SecT131R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint negate()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECFieldElement X = this.x;
-        if (X.isZero())
-        {
-            return this;
-        }
-
-        // L is actually Lambda (X + Y/X) here
-        ECFieldElement L = this.y, Z = this.zs[0];
-        return new SecT131R1Point(curve, X, L.add(Z), new ECFieldElement[]{ Z }, this.withCompression);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT131R2Curve.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT131R2Curve.java
deleted file mode 100644
index 7a1c985..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT131R2Curve.java
+++ /dev/null

@@ -1,148 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECCurve.AbstractF2m;
-import org.bouncycastle.math.raw.Nat192;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECLookupTable;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.util.encoders.Hex;
-
-public class SecT131R2Curve extends AbstractF2m
-{
-    private static final int SecT131R2_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
-
-    protected SecT131R2Point infinity;
-
-    public SecT131R2Curve()
-    {
-        super(131, 2, 3, 8);
-
-        this.infinity = new SecT131R2Point(this, null, null);
-
-        this.a = fromBigInteger(new BigInteger(1, Hex.decode("03E5A88919D7CAFCBF415F07C2176573B2")));
-        this.b = fromBigInteger(new BigInteger(1, Hex.decode("04B8266A46C55657AC734CE38F018F2192")));
-        this.order = new BigInteger(1, Hex.decode("0400000000000000016954A233049BA98F"));
-        this.cofactor = BigInteger.valueOf(2);
-
-        this.coord = SecT131R2_DEFAULT_COORDS;
-    }
-
-    protected ECCurve cloneCurve()
-    {
-        return new SecT131R2Curve();
-    }
-
-    public boolean supportsCoordinateSystem(int coord)
-    {
-        switch (coord)
-        {
-        case COORD_LAMBDA_PROJECTIVE:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    public int getFieldSize()
-    {
-        return 131;
-    }
-
-    public ECFieldElement fromBigInteger(BigInteger x)
-    {
-        return new SecT131FieldElement(x);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        return new SecT131R2Point(this, x, y, withCompression);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        return new SecT131R2Point(this, x, y, zs, withCompression);
-    }
-
-    public ECPoint getInfinity()
-    {
-        return infinity;
-    }
-
-    public boolean isKoblitz()
-    {
-        return false;
-    }
-
-    public int getM()
-    {
-        return 131;
-    }
-
-    public boolean isTrinomial()
-    {
-        return false;
-    }
-
-    public int getK1()
-    {
-        return 2;
-    }
-
-    public int getK2()
-    {
-        return 3;
-    }
-
-    public int getK3()
-    {
-        return 8;
-    }
-
-    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
-    {
-        final int FE_LONGS = 3;
-
-        final long[] table = new long[len * FE_LONGS * 2];
-        {
-            int pos = 0;
-            for (int i = 0; i < len; ++i)
-            {
-                ECPoint p = points[off + i];
-                Nat192.copy64(((SecT131FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_LONGS;
-                Nat192.copy64(((SecT131FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_LONGS;
-            }
-        }
-
-        return new ECLookupTable()
-        {
-            public int getSize()
-            {
-                return len;
-            }
-
-            public ECPoint lookup(int index)
-            {
-                long[] x = Nat192.create64(), y = Nat192.create64();
-                int pos = 0;
-
-                for (int i = 0; i < len; ++i)
-                {
-                    long MASK = ((i ^ index) - 1) >> 31;
-
-                    for (int j = 0; j < FE_LONGS; ++j)
-                    {
-                        x[j] ^= table[pos + j] & MASK;
-                        y[j] ^= table[pos + FE_LONGS + j] & MASK;
-                    }
-
-                    pos += (FE_LONGS * 2);
-                }
-
-                return createRawPoint(new SecT131FieldElement(x), new SecT131FieldElement(y), false);
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT131R2Point.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT131R2Point.java
deleted file mode 100644
index 7e85c63..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT131R2Point.java
+++ /dev/null

@@ -1,308 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.ECPoint.AbstractF2m;
-
-public class SecT131R2Point extends AbstractF2m
-{
-    /**
-     * @deprecated Use ECCurve.createPoint to construct points
-     */
-    public SecT131R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
-    {
-        this(curve, x, y, false);
-    }
-
-    /**
-     * @deprecated per-point compression property will be removed, refer {@link #getEncoded(boolean)}
-     */
-    public SecT131R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        super(curve, x, y);
-
-        if ((x == null) != (y == null))
-        {
-            throw new IllegalArgumentException("Exactly one of the field elements is null");
-        }
-
-        this.withCompression = withCompression;
-    }
-
-    SecT131R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        super(curve, x, y, zs);
-
-        this.withCompression = withCompression;
-    }
-
-    protected ECPoint detach()
-    {
-        return new SecT131R2Point(null, getAffineXCoord(), getAffineYCoord());
-    }
-
-    public ECFieldElement getYCoord()
-    {
-        ECFieldElement X = x, L = y;
-
-        if (this.isInfinity() || X.isZero())
-        {
-            return L;
-        }
-
-        // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
-        ECFieldElement Y = L.add(X).multiply(X);
-
-        ECFieldElement Z = zs[0];
-        if (!Z.isOne())
-        {
-            Y = Y.divide(Z);
-        }
-
-        return Y;
-    }
-
-    protected boolean getCompressionYTilde()
-    {
-        ECFieldElement X = this.getRawXCoord();
-        if (X.isZero())
-        {
-            return false;
-        }
-
-        ECFieldElement Y = this.getRawYCoord();
-
-        // Y is actually Lambda (X + Y/X) here
-        return Y.testBitZero() != X.testBitZero();
-    }
-
-    public ECPoint add(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        ECFieldElement X2 = b.getRawXCoord();
-
-        if (X1.isZero())
-        {
-            if (X2.isZero())
-            {
-                return curve.getInfinity();
-            }
-
-            return b.add(this);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord(), Z2 = b.getZCoord(0);
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement U2 = X2, S2 = L2;
-        if (!Z1IsOne)
-        {
-            U2 = U2.multiply(Z1);
-            S2 = S2.multiply(Z1);
-        }
-
-        boolean Z2IsOne = Z2.isOne();
-        ECFieldElement U1 = X1, S1 = L1;
-        if (!Z2IsOne)
-        {
-            U1 = U1.multiply(Z2);
-            S1 = S1.multiply(Z2);
-        }
-
-        ECFieldElement A = S1.add(S2);
-        ECFieldElement B = U1.add(U2);
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        ECFieldElement X3, L3, Z3;
-        if (X2.isZero())
-        {
-            // TODO This can probably be optimized quite a bit
-            ECPoint p = this.normalize();
-            X1 = p.getXCoord();
-            ECFieldElement Y1 = p.getYCoord();
-
-            ECFieldElement Y2 = L2;
-            ECFieldElement L = Y1.add(Y2).divide(X1);
-
-            X3 = L.square().add(L).add(X1).add(curve.getA());
-            if (X3.isZero())
-            {
-                return new SecT131R2Point(curve, X3, curve.getB().sqrt(), this.withCompression);
-            }
-
-            ECFieldElement Y3 = L.multiply(X1.add(X3)).add(X3).add(Y1);
-            L3 = Y3.divide(X3).add(X3);
-            Z3 = curve.fromBigInteger(ECConstants.ONE);
-        }
-        else
-        {
-            B = B.square();
-
-            ECFieldElement AU1 = A.multiply(U1);
-            ECFieldElement AU2 = A.multiply(U2);
-
-            X3 = AU1.multiply(AU2);
-            if (X3.isZero())
-            {
-                return new SecT131R2Point(curve, X3, curve.getB().sqrt(), this.withCompression);
-            }
-
-            ECFieldElement ABZ2 = A.multiply(B);
-            if (!Z2IsOne)
-            {
-                ABZ2 = ABZ2.multiply(Z2);
-            }
-
-            L3 = AU2.add(B).squarePlusProduct(ABZ2, L1.add(Z1));
-
-            Z3 = ABZ2;
-            if (!Z1IsOne)
-            {
-                Z3 = Z3.multiply(Z1);
-            }
-        }
-
-        return new SecT131R2Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twice()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return curve.getInfinity();
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.multiply(Z1);
-        ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.square();
-        ECFieldElement a = curve.getA();
-        ECFieldElement aZ1Sq = Z1IsOne ? a : a.multiply(Z1Sq);
-        ECFieldElement T = L1.square().add(L1Z1).add(aZ1Sq);
-        if (T.isZero())
-        {
-            return new SecT131R2Point(curve, T, curve.getB().sqrt(), withCompression);
-        }
-
-        ECFieldElement X3 = T.square();
-        ECFieldElement Z3 = Z1IsOne ? T : T.multiply(Z1Sq);
-
-        ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.multiply(Z1);
-        ECFieldElement L3 = X1Z1.squarePlusProduct(T, L1Z1).add(X3).add(Z3);
-
-        return new SecT131R2Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twicePlus(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return twice();
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return b;
-        }
-
-        ECFieldElement X2 = b.getRawXCoord(), Z2 = b.getZCoord(0);
-        if (X2.isZero() || !Z2.isOne())
-        {
-            return twice().add(b);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord();
-
-        ECFieldElement X1Sq = X1.square();
-        ECFieldElement L1Sq = L1.square();
-        ECFieldElement Z1Sq = Z1.square();
-        ECFieldElement L1Z1 = L1.multiply(Z1);
-
-        ECFieldElement T = curve.getA().multiply(Z1Sq).add(L1Sq).add(L1Z1);
-        ECFieldElement L2plus1 = L2.addOne();
-        ECFieldElement A = curve.getA().add(L2plus1).multiply(Z1Sq).add(L1Sq).multiplyPlusProduct(T, X1Sq, Z1Sq);
-        ECFieldElement X2Z1Sq = X2.multiply(Z1Sq);
-        ECFieldElement B = X2Z1Sq.add(T).square();
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return b.twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        if (A.isZero())
-        {
-            return new SecT131R2Point(curve, A, curve.getB().sqrt(), withCompression);
-        }
-
-        ECFieldElement X3 = A.square().multiply(X2Z1Sq);
-        ECFieldElement Z3 = A.multiply(B).multiply(Z1Sq);
-        ECFieldElement L3 = A.add(B).square().multiplyPlusProduct(T, L2plus1, Z3);
-
-        return new SecT131R2Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint negate()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECFieldElement X = this.x;
-        if (X.isZero())
-        {
-            return this;
-        }
-
-        // L is actually Lambda (X + Y/X) here
-        ECFieldElement L = this.y, Z = this.zs[0];
-        return new SecT131R2Point(curve, X, L.add(Z), new ECFieldElement[]{ Z }, this.withCompression);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT163Field.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT163Field.java
deleted file mode 100644
index 12eca28..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT163Field.java
+++ /dev/null

@@ -1,341 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.raw.Interleave;
-import org.bouncycastle.math.raw.Nat192;
-
-public class SecT163Field
-{
-    private static final long M35 = -1L >>> 29;
-    private static final long M55 = -1L >>> 9;
-
-    private static final long[] ROOT_Z = new long[]{ 0xB6DB6DB6DB6DB6B0L, 0x492492492492DB6DL, 0x492492492L };
-
-    public static void add(long[] x, long[] y, long[] z)
-    {
-        z[0] = x[0] ^ y[0];
-        z[1] = x[1] ^ y[1];
-        z[2] = x[2] ^ y[2];
-    }
-
-    public static void addExt(long[] xx, long[] yy, long[] zz)
-    {
-        zz[0] = xx[0] ^ yy[0];
-        zz[1] = xx[1] ^ yy[1];
-        zz[2] = xx[2] ^ yy[2];
-        zz[3] = xx[3] ^ yy[3];
-        zz[4] = xx[4] ^ yy[4];
-        zz[5] = xx[5] ^ yy[5];
-    }
-
-    public static void addOne(long[] x, long[] z)
-    {
-        z[0] = x[0] ^ 1L;
-        z[1] = x[1];
-        z[2] = x[2];
-    }
-
-    public static long[] fromBigInteger(BigInteger x)
-    {
-        long[] z = Nat192.fromBigInteger64(x);
-        reduce29(z, 0);
-        return z;
-    }
-
-    public static void invert(long[] x, long[] z)
-    {
-        if (Nat192.isZero64(x))
-        {
-            throw new IllegalStateException();
-        }
-
-        // Itoh-Tsujii inversion with bases { 2, 3 }
-
-        long[] t0 = Nat192.create64();
-        long[] t1 = Nat192.create64();
-
-        square(x, t0);
-
-        // 3 | 162
-        squareN(t0, 1, t1);
-        multiply(t0, t1, t0);
-        squareN(t1, 1, t1);
-        multiply(t0, t1, t0);
-
-        // 3 | 54
-        squareN(t0, 3, t1);
-        multiply(t0, t1, t0);
-        squareN(t1, 3, t1);
-        multiply(t0, t1, t0);
-
-        // 3 | 18
-        squareN(t0, 9, t1);
-        multiply(t0, t1, t0);
-        squareN(t1, 9, t1);
-        multiply(t0, t1, t0);
-
-        // 3 | 6
-        squareN(t0, 27, t1);
-        multiply(t0, t1, t0);
-        squareN(t1, 27, t1);
-        multiply(t0, t1, t0);
-
-        // 2 | 2
-        squareN(t0, 81, t1);
-        multiply(t0, t1, z);
-    }
-
-    public static void multiply(long[] x, long[] y, long[] z)
-    {
-        long[] tt = Nat192.createExt64();
-        implMultiply(x, y, tt);
-        reduce(tt, z);
-    }
-
-    public static void multiplyAddToExt(long[] x, long[] y, long[] zz)
-    {
-        long[] tt = Nat192.createExt64();
-        implMultiply(x, y, tt);
-        addExt(zz, tt, zz);
-    }
-
-    public static void reduce(long[] xx, long[] z)
-    {
-        long x0 = xx[0], x1 = xx[1], x2 = xx[2], x3 = xx[3], x4 = xx[4], x5 = xx[5];
-
-        x2 ^= (x5 <<  29) ^ (x5 <<  32) ^ (x5 <<  35) ^ (x5 <<  36);
-        x3 ^= (x5 >>> 35) ^ (x5 >>> 32) ^ (x5 >>> 29) ^ (x5 >>> 28);
-
-        x1 ^= (x4 <<  29) ^ (x4 <<  32) ^ (x4 <<  35) ^ (x4 <<  36);
-        x2 ^= (x4 >>> 35) ^ (x4 >>> 32) ^ (x4 >>> 29) ^ (x4 >>> 28);
-
-        x0 ^= (x3 <<  29) ^ (x3 <<  32) ^ (x3 <<  35) ^ (x3 <<  36);
-        x1 ^= (x3 >>> 35) ^ (x3 >>> 32) ^ (x3 >>> 29) ^ (x3 >>> 28);
-
-        long t = x2 >>> 35;
-        z[0]   = x0 ^ t ^ (t << 3) ^ (t << 6) ^ (t << 7);
-        z[1]   = x1;
-        z[2]   = x2 & M35;
-    }
-
-    public static void reduce29(long[] z, int zOff)
-    {
-        long z2      = z[zOff + 2], t = z2 >>> 35;
-        z[zOff    ] ^= t ^ (t << 3) ^ (t << 6) ^ (t << 7);
-        z[zOff + 2]  = z2 & M35;
-    }
-
-    public static void sqrt(long[] x, long[] z)
-    {
-        long[] odd = Nat192.create64();
-
-        long u0, u1;
-        u0 = Interleave.unshuffle(x[0]); u1 = Interleave.unshuffle(x[1]);
-        long e0 = (u0 & 0x00000000FFFFFFFFL) | (u1 << 32);
-        odd[0]  = (u0 >>> 32) | (u1 & 0xFFFFFFFF00000000L);
-
-        u0 = Interleave.unshuffle(x[2]);
-        long e1 = (u0 & 0x00000000FFFFFFFFL);
-        odd[1]  = (u0 >>> 32);
-
-        multiply(odd, ROOT_Z, z);
-
-        z[0] ^= e0;
-        z[1] ^= e1;
-    }
-
-    public static void square(long[] x, long[] z)
-    {
-        long[] tt = Nat192.createExt64();
-        implSquare(x, tt);
-        reduce(tt, z);
-    }
-
-    public static void squareAddToExt(long[] x, long[] zz)
-    {
-        long[] tt = Nat192.createExt64();
-        implSquare(x, tt);
-        addExt(zz, tt, zz);
-    }
-
-    public static void squareN(long[] x, int n, long[] z)
-    {
-//        assert n > 0;
-
-        long[] tt = Nat192.createExt64();
-        implSquare(x, tt);
-        reduce(tt, z);
-
-        while (--n > 0)
-        {
-            implSquare(z, tt);
-            reduce(tt, z);
-        }
-    }
-
-    public static int trace(long[] x)
-    {
-        // Non-zero-trace bits: 0, 157
-        return (int)(x[0] ^ (x[2] >>> 29)) & 1;
-    }
-
-    protected static void implCompactExt(long[] zz)
-    {
-        long z0 = zz[0], z1 = zz[1], z2 = zz[2], z3 = zz[3], z4 = zz[4], z5 = zz[5];
-        zz[0] =  z0         ^ (z1 << 55);
-        zz[1] = (z1 >>>  9) ^ (z2 << 46);
-        zz[2] = (z2 >>> 18) ^ (z3 << 37);
-        zz[3] = (z3 >>> 27) ^ (z4 << 28);
-        zz[4] = (z4 >>> 36) ^ (z5 << 19);
-        zz[5] = (z5 >>> 45);
-    }
-
-    protected static void implMultiply(long[] x, long[] y, long[] zz)
-    {
-        /*
-         * "Five-way recursion" as described in "Batch binary Edwards", Daniel J. Bernstein.
-         */
-
-        long f0 = x[0], f1 = x[1], f2 = x[2];
-        f2  = ((f1 >>> 46) ^ (f2 << 18));
-        f1  = ((f0 >>> 55) ^ (f1 <<  9)) & M55;
-        f0 &= M55;
-
-        long g0 = y[0], g1 = y[1], g2 = y[2];
-        g2  = ((g1 >>> 46) ^ (g2 << 18));
-        g1  = ((g0 >>> 55) ^ (g1 <<  9)) & M55;
-        g0 &= M55;
-
-        long[] H = new long[10];
-
-        implMulw(f0, g0, H, 0);               // H(0)       55/54 bits
-        implMulw(f2, g2, H, 2);               // H(INF)     55/50 bits
-
-        long t0 = f0 ^ f1 ^ f2;
-        long t1 = g0 ^ g1 ^ g2;
-
-        implMulw(t0, t1, H, 4);               // H(1)       55/54 bits
-
-        long t2 = (f1 << 1) ^ (f2 << 2);
-        long t3 = (g1 << 1) ^ (g2 << 2);
-
-        implMulw(f0 ^ t2, g0 ^ t3, H, 6);     // H(t)       55/56 bits
-        implMulw(t0 ^ t2, t1 ^ t3, H, 8);     // H(t + 1)   55/56 bits
-
-        long t4 = H[6] ^ H[8];
-        long t5 = H[7] ^ H[9];
-
-//        assert t5 >>> 55 == 0;
-
-        // Calculate V
-        long v0 =      (t4 << 1) ^ H[6];
-        long v1 = t4 ^ (t5 << 1) ^ H[7];
-        long v2 = t5;
-
-        // Calculate U
-        long u0 = H[0];
-        long u1 = H[1] ^ H[0] ^ H[4];
-        long u2 =        H[1] ^ H[5];
-
-        // Calculate W
-        long w0 = u0 ^ v0 ^ (H[2] << 4) ^ (H[2] << 1);
-        long w1 = u1 ^ v1 ^ (H[3] << 4) ^ (H[3] << 1);
-        long w2 = u2 ^ v2;
-
-        // Propagate carries
-        w1 ^= (w0 >>> 55); w0 &= M55;
-        w2 ^= (w1 >>> 55); w1 &= M55;
-
-//        assert (w0 & 1L) == 0;
-
-        // Divide W by t
-
-        w0 = (w0 >>> 1) ^ ((w1 & 1L) << 54);
-        w1 = (w1 >>> 1) ^ ((w2 & 1L) << 54);
-        w2 = (w2 >>> 1);
-
-        // Divide W by (t + 1)
-
-        w0 ^= (w0 << 1);
-        w0 ^= (w0 << 2);
-        w0 ^= (w0 << 4);
-        w0 ^= (w0 << 8);
-        w0 ^= (w0 << 16);
-        w0 ^= (w0 << 32);
-
-        w0 &= M55; w1 ^= (w0 >>> 54);
-
-        w1 ^= (w1 << 1);
-        w1 ^= (w1 << 2);
-        w1 ^= (w1 << 4);
-        w1 ^= (w1 << 8);
-        w1 ^= (w1 << 16);
-        w1 ^= (w1 << 32);
-
-        w1 &= M55; w2 ^= (w1 >>> 54);
-
-        w2 ^= (w2 << 1);
-        w2 ^= (w2 << 2);
-        w2 ^= (w2 << 4);
-        w2 ^= (w2 << 8);
-        w2 ^= (w2 << 16);
-        w2 ^= (w2 << 32);
-
-//        assert w2 >>> 52 == 0;
-
-        zz[0] = u0;
-        zz[1] = u1 ^ w0      ^ H[2];
-        zz[2] = u2 ^ w1 ^ w0 ^ H[3];
-        zz[3] =      w2 ^ w1;
-        zz[4] =           w2 ^ H[2];
-        zz[5] =                H[3];
-
-        implCompactExt(zz);
-    }
-
-    protected static void implMulw(long x, long y, long[] z, int zOff)
-    {
-//        assert x >>> 56 == 0;
-//        assert y >>> 56 == 0;
-
-        long[] u = new long[8];
-//      u[0] = 0;
-        u[1] = y;
-        u[2] = u[1] << 1;
-        u[3] = u[2] ^  y;
-        u[4] = u[2] << 1;
-        u[5] = u[4] ^  y;
-        u[6] = u[3] << 1;
-        u[7] = u[6] ^  y;
-
-        int j = (int)x;
-        long g, h = 0, l = u[j & 3];
-        int k = 47;
-        do
-        {
-            j  = (int)(x >>> k);
-            g  = u[j & 7]
-               ^ u[(j >>> 3) & 7] << 3
-               ^ u[(j >>> 6) & 7] << 6;
-            l ^= (g <<   k);
-            h ^= (g >>> -k);
-        }
-        while ((k -= 9) > 0);
-
-//        assert h >>> 47 == 0;
-
-        z[zOff    ] = l & M55;
-        z[zOff + 1] = (l >>> 55) ^ (h << 9);
-    }
-
-    protected static void implSquare(long[] x, long[] zz)
-    {
-        Interleave.expand64To128(x[0], zz, 0);
-        Interleave.expand64To128(x[1], zz, 2);
-
-        long x2 = x[2];
-        zz[4] = Interleave.expand32to64((int)x2);
-        zz[5] = Interleave.expand8to16((int)(x2 >>> 32)) & 0xFFFFFFFFL;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT163FieldElement.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT163FieldElement.java
deleted file mode 100644
index 51a88bc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT163FieldElement.java
+++ /dev/null

@@ -1,226 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.raw.Nat192;
-import org.bouncycastle.util.Arrays;
-
-public class SecT163FieldElement extends ECFieldElement.AbstractF2m
-{
-    protected long[] x;
-
-    public SecT163FieldElement(BigInteger x)
-    {
-        if (x == null || x.signum() < 0 || x.bitLength() > 163)
-        {
-            throw new IllegalArgumentException("x value invalid for SecT163FieldElement");
-        }
-
-        this.x = SecT163Field.fromBigInteger(x);
-    }
-
-    public SecT163FieldElement()
-    {
-        this.x = Nat192.create64();
-    }
-
-    protected SecT163FieldElement(long[] x)
-    {
-        this.x = x;
-    }
-
-//    public int bitLength()
-//    {
-//        return x.degree();
-//    }
-
-    public boolean isOne()
-    {
-        return Nat192.isOne64(x);
-    }
-
-    public boolean isZero()
-    {
-        return Nat192.isZero64(x);
-    }
-
-    public boolean testBitZero()
-    {
-        return (x[0] & 1L) != 0L;
-    }
-
-    public BigInteger toBigInteger()
-    {
-        return Nat192.toBigInteger64(x);
-    }
-
-    public String getFieldName()
-    {
-        return "SecT163Field";
-    }
-
-    public int getFieldSize()
-    {
-        return 163;
-    }
-
-    public ECFieldElement add(ECFieldElement b)
-    {
-        long[] z = Nat192.create64();
-        SecT163Field.add(x, ((SecT163FieldElement)b).x, z);
-        return new SecT163FieldElement(z);
-    }
-
-    public ECFieldElement addOne()
-    {
-        long[] z = Nat192.create64();
-        SecT163Field.addOne(x, z);
-        return new SecT163FieldElement(z);
-    }
-
-    public ECFieldElement subtract(ECFieldElement b)
-    {
-        // Addition and subtraction are the same in F2m
-        return add(b);
-    }
-
-    public ECFieldElement multiply(ECFieldElement b)
-    {
-        long[] z = Nat192.create64();
-        SecT163Field.multiply(x, ((SecT163FieldElement)b).x, z);
-        return new SecT163FieldElement(z);
-    }
-
-    public ECFieldElement multiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
-    {
-        return multiplyPlusProduct(b, x, y);
-    }
-
-    public ECFieldElement multiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
-    {
-        long[] ax = this.x, bx = ((SecT163FieldElement)b).x;
-        long[] xx = ((SecT163FieldElement)x).x, yx = ((SecT163FieldElement)y).x;
-
-        long[] tt = Nat192.createExt64();
-        SecT163Field.multiplyAddToExt(ax, bx, tt);
-        SecT163Field.multiplyAddToExt(xx, yx, tt);
-
-        long[] z = Nat192.create64();
-        SecT163Field.reduce(tt, z);
-        return new SecT163FieldElement(z);
-    }
-
-    public ECFieldElement divide(ECFieldElement b)
-    {
-        return multiply(b.invert());
-    }
-
-    public ECFieldElement negate()
-    {
-        return this;
-    }
-
-    public ECFieldElement square()
-    {
-        long[] z = Nat192.create64();
-        SecT163Field.square(x, z);
-        return new SecT163FieldElement(z);
-    }
-
-    public ECFieldElement squareMinusProduct(ECFieldElement x, ECFieldElement y)
-    {
-        return squarePlusProduct(x, y);
-    }
-
-    public ECFieldElement squarePlusProduct(ECFieldElement x, ECFieldElement y)
-    {
-        long[] ax = this.x;
-        long[] xx = ((SecT163FieldElement)x).x, yx = ((SecT163FieldElement)y).x;
-
-        long[] tt = Nat192.createExt64();
-        SecT163Field.squareAddToExt(ax, tt);
-        SecT163Field.multiplyAddToExt(xx, yx, tt);
-
-        long[] z = Nat192.create64();
-        SecT163Field.reduce(tt, z);
-        return new SecT163FieldElement(z);
-    }
-
-    public ECFieldElement squarePow(int pow)
-    {
-        if (pow < 1)
-        {
-            return this;
-        }
-
-        long[] z = Nat192.create64();
-        SecT163Field.squareN(x, pow, z);
-        return new SecT163FieldElement(z);
-    }
-
-    public int trace()
-    {
-        return SecT163Field.trace(x);
-    }
-
-    public ECFieldElement invert()
-    {
-        long[] z = Nat192.create64();
-        SecT163Field.invert(x, z);
-        return new SecT163FieldElement(z);
-    }
-
-    public ECFieldElement sqrt()
-    {
-        long[] z = Nat192.create64();
-        SecT163Field.sqrt(x, z);
-        return new SecT163FieldElement(z);
-    }
-
-    public int getRepresentation()
-    {
-        return ECFieldElement.F2m.PPB;
-    }
-
-    public int getM()
-    {
-        return 163;
-    }
-
-    public int getK1()
-    {
-        return 3;
-    }
-
-    public int getK2()
-    {
-        return 6;
-    }
-
-    public int getK3()
-    {
-        return 7;
-    }
-
-    public boolean equals(Object other)
-    {
-        if (other == this)
-        {
-            return true;
-        }
-
-        if (!(other instanceof SecT163FieldElement))
-        {
-            return false;
-        }
-
-        SecT163FieldElement o = (SecT163FieldElement)other;
-        return Nat192.eq64(x, o.x);
-    }
-
-    public int hashCode()
-    {
-        return 163763 ^ Arrays.hashCode(x, 0, 3);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT163K1Curve.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT163K1Curve.java
deleted file mode 100644
index f7dedab..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT163K1Curve.java
+++ /dev/null

@@ -1,155 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECCurve.AbstractF2m;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECLookupTable;
-import org.bouncycastle.math.ec.ECMultiplier;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.WTauNafMultiplier;
-import org.bouncycastle.math.raw.Nat192;
-import org.bouncycastle.util.encoders.Hex;
-
-public class SecT163K1Curve extends AbstractF2m
-{
-    private static final int SecT163K1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
-
-    protected SecT163K1Point infinity;
-
-    public SecT163K1Curve()
-    {
-        super(163, 3, 6, 7);
-
-        this.infinity = new SecT163K1Point(this, null, null);
-
-        this.a = fromBigInteger(BigInteger.valueOf(1));
-        this.b = this.a;
-        this.order = new BigInteger(1, Hex.decode("04000000000000000000020108A2E0CC0D99F8A5EF"));
-        this.cofactor = BigInteger.valueOf(2);
-
-        this.coord = SecT163K1_DEFAULT_COORDS;
-    }
-
-    protected ECCurve cloneCurve()
-    {
-        return new SecT163K1Curve();
-    }
-
-    public boolean supportsCoordinateSystem(int coord)
-    {
-        switch (coord)
-        {
-        case COORD_LAMBDA_PROJECTIVE:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    protected ECMultiplier createDefaultMultiplier()
-    {
-        return new WTauNafMultiplier();
-    }
-
-    public int getFieldSize()
-    {
-        return 163;
-    }
-
-    public ECFieldElement fromBigInteger(BigInteger x)
-    {
-        return new SecT163FieldElement(x);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        return new SecT163K1Point(this, x, y, withCompression);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        return new SecT163K1Point(this, x, y, zs, withCompression);
-    }
-
-    public ECPoint getInfinity()
-    {
-        return infinity;
-    }
-
-    public boolean isKoblitz()
-    {
-        return true;
-    }
-
-    public int getM()
-    {
-        return 163;
-    }
-
-    public boolean isTrinomial()
-    {
-        return false;
-    }
-
-    public int getK1()
-    {
-        return 3;
-    }
-
-    public int getK2()
-    {
-        return 6;
-    }
-
-    public int getK3()
-    {
-        return 7;
-    }
-
-    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
-    {
-        final int FE_LONGS = 3;
-
-        final long[] table = new long[len * FE_LONGS * 2];
-        {
-            int pos = 0;
-            for (int i = 0; i < len; ++i)
-            {
-                ECPoint p = points[off + i];
-                Nat192.copy64(((SecT163FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_LONGS;
-                Nat192.copy64(((SecT163FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_LONGS;
-            }
-        }
-
-        return new ECLookupTable()
-        {
-            public int getSize()
-            {
-                return len;
-            }
-
-            public ECPoint lookup(int index)
-            {
-                long[] x = Nat192.create64(), y = Nat192.create64();
-                int pos = 0;
-
-                for (int i = 0; i < len; ++i)
-                {
-                    long MASK = ((i ^ index) - 1) >> 31;
-
-                    for (int j = 0; j < FE_LONGS; ++j)
-                    {
-                        x[j] ^= table[pos + j] & MASK;
-                        y[j] ^= table[pos + FE_LONGS + j] & MASK;
-                    }
-
-                    pos += (FE_LONGS * 2);
-                }
-
-                return createRawPoint(new SecT163FieldElement(x), new SecT163FieldElement(y), false);
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT163K1Point.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT163K1Point.java
deleted file mode 100644
index 43dfd0a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT163K1Point.java
+++ /dev/null

@@ -1,306 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.ECPoint.AbstractF2m;
-
-public class SecT163K1Point extends AbstractF2m
-{
-    /**
-     * @deprecated Use ECCurve.createPoint to construct points
-     */
-    public SecT163K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
-    {
-        this(curve, x, y, false);
-    }
-
-    /**
-     * @deprecated per-point compression property will be removed, refer {@link #getEncoded(boolean)}
-     */
-    public SecT163K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        super(curve, x, y);
-
-        if ((x == null) != (y == null))
-        {
-            throw new IllegalArgumentException("Exactly one of the field elements is null");
-        }
-
-        this.withCompression = withCompression;
-    }
-
-    SecT163K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        super(curve, x, y, zs);
-
-        this.withCompression = withCompression;
-    }
-
-    protected ECPoint detach()
-    {
-        return new SecT163K1Point(null, this.getAffineXCoord(), this.getAffineYCoord());
-    }
-
-    public ECFieldElement getYCoord()
-    {
-        ECFieldElement X = x, L = y;
-
-        if (this.isInfinity() || X.isZero())
-        {
-            return L;
-        }
-
-        // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
-        ECFieldElement Y = L.add(X).multiply(X);
-
-        ECFieldElement Z = zs[0];
-        if (!Z.isOne())
-        {
-            Y = Y.divide(Z);
-        }
-
-        return Y;
-    }
-
-    protected boolean getCompressionYTilde()
-    {
-        ECFieldElement X = this.getRawXCoord();
-        if (X.isZero())
-        {
-            return false;
-        }
-
-        ECFieldElement Y = this.getRawYCoord();
-
-        // Y is actually Lambda (X + Y/X) here
-        return Y.testBitZero() != X.testBitZero();
-    }
-
-    public ECPoint add(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        ECFieldElement X2 = b.getRawXCoord();
-
-        if (X1.isZero())
-        {
-            if (X2.isZero())
-            {
-                return curve.getInfinity();
-            }
-
-            return b.add(this);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord(), Z2 = b.getZCoord(0);
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement U2 = X2, S2 = L2;
-        if (!Z1IsOne)
-        {
-            U2 = U2.multiply(Z1);
-            S2 = S2.multiply(Z1);
-        }
-
-        boolean Z2IsOne = Z2.isOne();
-        ECFieldElement U1 = X1, S1 = L1;
-        if (!Z2IsOne)
-        {
-            U1 = U1.multiply(Z2);
-            S1 = S1.multiply(Z2);
-        }
-
-        ECFieldElement A = S1.add(S2);
-        ECFieldElement B = U1.add(U2);
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        ECFieldElement X3, L3, Z3;
-        if (X2.isZero())
-        {
-            // TODO This can probably be optimized quite a bit
-            ECPoint p = this.normalize();
-            X1 = p.getXCoord();
-            ECFieldElement Y1 = p.getYCoord();
-
-            ECFieldElement Y2 = L2;
-            ECFieldElement L = Y1.add(Y2).divide(X1);
-
-            X3 = L.square().add(L).add(X1).addOne();
-            if (X3.isZero())
-            {
-                return new SecT163K1Point(curve, X3, curve.getB(), this.withCompression);
-            }
-
-            ECFieldElement Y3 = L.multiply(X1.add(X3)).add(X3).add(Y1);
-            L3 = Y3.divide(X3).add(X3);
-            Z3 = curve.fromBigInteger(ECConstants.ONE);
-        }
-        else
-        {
-            B = B.square();
-
-            ECFieldElement AU1 = A.multiply(U1);
-            ECFieldElement AU2 = A.multiply(U2);
-
-            X3 = AU1.multiply(AU2);
-            if (X3.isZero())
-            {
-                return new SecT163K1Point(curve, X3, curve.getB(), this.withCompression);
-            }
-
-            ECFieldElement ABZ2 = A.multiply(B);
-            if (!Z2IsOne)
-            {
-                ABZ2 = ABZ2.multiply(Z2);
-            }
-
-            L3 = AU2.add(B).squarePlusProduct(ABZ2, L1.add(Z1));
-
-            Z3 = ABZ2;
-            if (!Z1IsOne)
-            {
-                Z3 = Z3.multiply(Z1);
-            }
-        }
-
-        return new SecT163K1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twice()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return curve.getInfinity();
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.multiply(Z1);
-        ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.square();
-        ECFieldElement T = L1.square().add(L1Z1).add(Z1Sq);
-        if (T.isZero())
-        {
-            return new SecT163K1Point(curve, T, curve.getB(), withCompression);
-        }
-
-        ECFieldElement X3 = T.square();
-        ECFieldElement Z3 = Z1IsOne ? T : T.multiply(Z1Sq);
-
-        ECFieldElement t1 = L1.add(X1).square();
-        ECFieldElement L3 = t1.add(T).add(Z1Sq).multiply(t1).add(X3);
-
-        return new SecT163K1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twicePlus(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return twice();
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return b;
-        }
-
-        // NOTE: twicePlus() only optimized for lambda-affine argument
-        ECFieldElement X2 = b.getRawXCoord(), Z2 = b.getZCoord(0);
-        if (X2.isZero() || !Z2.isOne())
-        {
-            return twice().add(b);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord();
-
-        ECFieldElement X1Sq = X1.square();
-        ECFieldElement L1Sq = L1.square();
-        ECFieldElement Z1Sq = Z1.square();
-        ECFieldElement L1Z1 = L1.multiply(Z1);
-
-        ECFieldElement T = Z1Sq.add(L1Sq).add(L1Z1);
-        ECFieldElement A = L2.multiply(Z1Sq).add(L1Sq).multiplyPlusProduct(T, X1Sq, Z1Sq);
-        ECFieldElement X2Z1Sq = X2.multiply(Z1Sq);
-        ECFieldElement B = X2Z1Sq.add(T).square();
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return b.twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        if (A.isZero())
-        {
-            return new SecT163K1Point(curve, A, curve.getB(), withCompression);
-        }
-
-        ECFieldElement X3 = A.square().multiply(X2Z1Sq);
-        ECFieldElement Z3 = A.multiply(B).multiply(Z1Sq);
-        ECFieldElement L3 = A.add(B).square().multiplyPlusProduct(T, L2.addOne(), Z3);
-
-        return new SecT163K1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint negate()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECFieldElement X = this.x;
-        if (X.isZero())
-        {
-            return this;
-        }
-
-        // L is actually Lambda (X + Y/X) here
-        ECFieldElement L = this.y, Z = this.zs[0];
-        return new SecT163K1Point(curve, X, L.add(Z), new ECFieldElement[]{ Z }, this.withCompression);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT163R1Curve.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT163R1Curve.java
deleted file mode 100644
index bfc9634..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT163R1Curve.java
+++ /dev/null

@@ -1,148 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECCurve.AbstractF2m;
-import org.bouncycastle.math.raw.Nat192;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECLookupTable;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.util.encoders.Hex;
-
-public class SecT163R1Curve extends AbstractF2m
-{
-    private static final int SecT163R1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
-
-    protected SecT163R1Point infinity;
-
-    public SecT163R1Curve()
-    {
-        super(163, 3, 6, 7);
-
-        this.infinity = new SecT163R1Point(this, null, null);
-
-        this.a = fromBigInteger(new BigInteger(1, Hex.decode("07B6882CAAEFA84F9554FF8428BD88E246D2782AE2")));
-        this.b = fromBigInteger(new BigInteger(1, Hex.decode("0713612DCDDCB40AAB946BDA29CA91F73AF958AFD9")));
-        this.order = new BigInteger(1, Hex.decode("03FFFFFFFFFFFFFFFFFFFF48AAB689C29CA710279B"));
-        this.cofactor = BigInteger.valueOf(2);
-
-        this.coord = SecT163R1_DEFAULT_COORDS;
-    }
-
-    protected ECCurve cloneCurve()
-    {
-        return new SecT163R1Curve();
-    }
-
-    public boolean supportsCoordinateSystem(int coord)
-    {
-        switch (coord)
-        {
-        case COORD_LAMBDA_PROJECTIVE:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    public int getFieldSize()
-    {
-        return 163;
-    }
-
-    public ECFieldElement fromBigInteger(BigInteger x)
-    {
-        return new SecT163FieldElement(x);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        return new SecT163R1Point(this, x, y, withCompression);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        return new SecT163R1Point(this, x, y, zs, withCompression);
-    }
-
-    public ECPoint getInfinity()
-    {
-        return infinity;
-    }
-
-    public boolean isKoblitz()
-    {
-        return false;
-    }
-
-    public int getM()
-    {
-        return 163;
-    }
-
-    public boolean isTrinomial()
-    {
-        return false;
-    }
-
-    public int getK1()
-    {
-        return 3;
-    }
-
-    public int getK2()
-    {
-        return 6;
-    }
-
-    public int getK3()
-    {
-        return 7;
-    }
-
-    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
-    {
-        final int FE_LONGS = 3;
-
-        final long[] table = new long[len * FE_LONGS * 2];
-        {
-            int pos = 0;
-            for (int i = 0; i < len; ++i)
-            {
-                ECPoint p = points[off + i];
-                Nat192.copy64(((SecT163FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_LONGS;
-                Nat192.copy64(((SecT163FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_LONGS;
-            }
-        }
-
-        return new ECLookupTable()
-        {
-            public int getSize()
-            {
-                return len;
-            }
-
-            public ECPoint lookup(int index)
-            {
-                long[] x = Nat192.create64(), y = Nat192.create64();
-                int pos = 0;
-
-                for (int i = 0; i < len; ++i)
-                {
-                    long MASK = ((i ^ index) - 1) >> 31;
-
-                    for (int j = 0; j < FE_LONGS; ++j)
-                    {
-                        x[j] ^= table[pos + j] & MASK;
-                        y[j] ^= table[pos + FE_LONGS + j] & MASK;
-                    }
-
-                    pos += (FE_LONGS * 2);
-                }
-
-                return createRawPoint(new SecT163FieldElement(x), new SecT163FieldElement(y), false);
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT163R1Point.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT163R1Point.java
deleted file mode 100644
index 1c3355e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT163R1Point.java
+++ /dev/null

@@ -1,308 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.ECPoint.AbstractF2m;
-
-public class SecT163R1Point extends AbstractF2m
-{
-    /**
-     * @deprecated Use ECCurve.createPoint to construct points
-     */
-    public SecT163R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
-    {
-        this(curve, x, y, false);
-    }
-
-    /**
-     * @deprecated per-point compression property will be removed, refer {@link #getEncoded(boolean)}
-     */
-    public SecT163R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        super(curve, x, y);
-
-        if ((x == null) != (y == null))
-        {
-            throw new IllegalArgumentException("Exactly one of the field elements is null");
-        }
-
-        this.withCompression = withCompression;
-    }
-
-    SecT163R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        super(curve, x, y, zs);
-
-        this.withCompression = withCompression;
-    }
-
-    protected ECPoint detach()
-    {
-        return new SecT163R1Point(null, getAffineXCoord(), getAffineYCoord());
-    }
-
-    public ECFieldElement getYCoord()
-    {
-        ECFieldElement X = x, L = y;
-
-        if (this.isInfinity() || X.isZero())
-        {
-            return L;
-        }
-
-        // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
-        ECFieldElement Y = L.add(X).multiply(X);
-
-        ECFieldElement Z = zs[0];
-        if (!Z.isOne())
-        {
-            Y = Y.divide(Z);
-        }
-
-        return Y;
-    }
-
-    protected boolean getCompressionYTilde()
-    {
-        ECFieldElement X = this.getRawXCoord();
-        if (X.isZero())
-        {
-            return false;
-        }
-
-        ECFieldElement Y = this.getRawYCoord();
-
-        // Y is actually Lambda (X + Y/X) here
-        return Y.testBitZero() != X.testBitZero();
-    }
-
-    public ECPoint add(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        ECFieldElement X2 = b.getRawXCoord();
-
-        if (X1.isZero())
-        {
-            if (X2.isZero())
-            {
-                return curve.getInfinity();
-            }
-
-            return b.add(this);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord(), Z2 = b.getZCoord(0);
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement U2 = X2, S2 = L2;
-        if (!Z1IsOne)
-        {
-            U2 = U2.multiply(Z1);
-            S2 = S2.multiply(Z1);
-        }
-
-        boolean Z2IsOne = Z2.isOne();
-        ECFieldElement U1 = X1, S1 = L1;
-        if (!Z2IsOne)
-        {
-            U1 = U1.multiply(Z2);
-            S1 = S1.multiply(Z2);
-        }
-
-        ECFieldElement A = S1.add(S2);
-        ECFieldElement B = U1.add(U2);
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        ECFieldElement X3, L3, Z3;
-        if (X2.isZero())
-        {
-            // TODO This can probably be optimized quite a bit
-            ECPoint p = this.normalize();
-            X1 = p.getXCoord();
-            ECFieldElement Y1 = p.getYCoord();
-
-            ECFieldElement Y2 = L2;
-            ECFieldElement L = Y1.add(Y2).divide(X1);
-
-            X3 = L.square().add(L).add(X1).add(curve.getA());
-            if (X3.isZero())
-            {
-                return new SecT163R1Point(curve, X3, curve.getB().sqrt(), this.withCompression);
-            }
-
-            ECFieldElement Y3 = L.multiply(X1.add(X3)).add(X3).add(Y1);
-            L3 = Y3.divide(X3).add(X3);
-            Z3 = curve.fromBigInteger(ECConstants.ONE);
-        }
-        else
-        {
-            B = B.square();
-
-            ECFieldElement AU1 = A.multiply(U1);
-            ECFieldElement AU2 = A.multiply(U2);
-
-            X3 = AU1.multiply(AU2);
-            if (X3.isZero())
-            {
-                return new SecT163R1Point(curve, X3, curve.getB().sqrt(), this.withCompression);
-            }
-
-            ECFieldElement ABZ2 = A.multiply(B);
-            if (!Z2IsOne)
-            {
-                ABZ2 = ABZ2.multiply(Z2);
-            }
-
-            L3 = AU2.add(B).squarePlusProduct(ABZ2, L1.add(Z1));
-
-            Z3 = ABZ2;
-            if (!Z1IsOne)
-            {
-                Z3 = Z3.multiply(Z1);
-            }
-        }
-
-        return new SecT163R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twice()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return curve.getInfinity();
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.multiply(Z1);
-        ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.square();
-        ECFieldElement a = curve.getA();
-        ECFieldElement aZ1Sq = Z1IsOne ? a : a.multiply(Z1Sq);
-        ECFieldElement T = L1.square().add(L1Z1).add(aZ1Sq);
-        if (T.isZero())
-        {
-            return new SecT163R1Point(curve, T, curve.getB().sqrt(), withCompression);
-        }
-
-        ECFieldElement X3 = T.square();
-        ECFieldElement Z3 = Z1IsOne ? T : T.multiply(Z1Sq);
-
-        ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.multiply(Z1);
-        ECFieldElement L3 = X1Z1.squarePlusProduct(T, L1Z1).add(X3).add(Z3);
-
-        return new SecT163R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twicePlus(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return twice();
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return b;
-        }
-
-        ECFieldElement X2 = b.getRawXCoord(), Z2 = b.getZCoord(0);
-        if (X2.isZero() || !Z2.isOne())
-        {
-            return twice().add(b);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord();
-
-        ECFieldElement X1Sq = X1.square();
-        ECFieldElement L1Sq = L1.square();
-        ECFieldElement Z1Sq = Z1.square();
-        ECFieldElement L1Z1 = L1.multiply(Z1);
-
-        ECFieldElement T = curve.getA().multiply(Z1Sq).add(L1Sq).add(L1Z1);
-        ECFieldElement L2plus1 = L2.addOne();
-        ECFieldElement A = curve.getA().add(L2plus1).multiply(Z1Sq).add(L1Sq).multiplyPlusProduct(T, X1Sq, Z1Sq);
-        ECFieldElement X2Z1Sq = X2.multiply(Z1Sq);
-        ECFieldElement B = X2Z1Sq.add(T).square();
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return b.twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        if (A.isZero())
-        {
-            return new SecT163R1Point(curve, A, curve.getB().sqrt(), withCompression);
-        }
-
-        ECFieldElement X3 = A.square().multiply(X2Z1Sq);
-        ECFieldElement Z3 = A.multiply(B).multiply(Z1Sq);
-        ECFieldElement L3 = A.add(B).square().multiplyPlusProduct(T, L2plus1, Z3);
-
-        return new SecT163R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint negate()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECFieldElement X = this.x;
-        if (X.isZero())
-        {
-            return this;
-        }
-
-        // L is actually Lambda (X + Y/X) here
-        ECFieldElement L = this.y, Z = this.zs[0];
-        return new SecT163R1Point(curve, X, L.add(Z), new ECFieldElement[]{ Z }, this.withCompression);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT163R2Curve.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT163R2Curve.java
deleted file mode 100644
index 3b44d22..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT163R2Curve.java
+++ /dev/null

@@ -1,148 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECCurve.AbstractF2m;
-import org.bouncycastle.math.raw.Nat192;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECLookupTable;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.util.encoders.Hex;
-
-public class SecT163R2Curve extends AbstractF2m
-{
-    private static final int SecT163R2_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
-
-    protected SecT163R2Point infinity;
-
-    public SecT163R2Curve()
-    {
-        super(163, 3, 6, 7);
-
-        this.infinity = new SecT163R2Point(this, null, null);
-
-        this.a = fromBigInteger(BigInteger.valueOf(1));
-        this.b = fromBigInteger(new BigInteger(1, Hex.decode("020A601907B8C953CA1481EB10512F78744A3205FD")));
-        this.order = new BigInteger(1, Hex.decode("040000000000000000000292FE77E70C12A4234C33"));
-        this.cofactor = BigInteger.valueOf(2);
-
-        this.coord = SecT163R2_DEFAULT_COORDS;
-    }
-
-    protected ECCurve cloneCurve()
-    {
-        return new SecT163R2Curve();
-    }
-
-    public boolean supportsCoordinateSystem(int coord)
-    {
-        switch (coord)
-        {
-        case COORD_LAMBDA_PROJECTIVE:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    public int getFieldSize()
-    {
-        return 163;
-    }
-
-    public ECFieldElement fromBigInteger(BigInteger x)
-    {
-        return new SecT163FieldElement(x);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        return new SecT163R2Point(this, x, y, withCompression);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        return new SecT163R2Point(this, x, y, zs, withCompression);
-    }
-
-    public ECPoint getInfinity()
-    {
-        return infinity;
-    }
-
-    public boolean isKoblitz()
-    {
-        return false;
-    }
-
-    public int getM()
-    {
-        return 163;
-    }
-
-    public boolean isTrinomial()
-    {
-        return false;
-    }
-
-    public int getK1()
-    {
-        return 3;
-    }
-
-    public int getK2()
-    {
-        return 6;
-    }
-
-    public int getK3()
-    {
-        return 7;
-    }
-
-    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
-    {
-        final int FE_LONGS = 3;
-
-        final long[] table = new long[len * FE_LONGS * 2];
-        {
-            int pos = 0;
-            for (int i = 0; i < len; ++i)
-            {
-                ECPoint p = points[off + i];
-                Nat192.copy64(((SecT163FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_LONGS;
-                Nat192.copy64(((SecT163FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_LONGS;
-            }
-        }
-
-        return new ECLookupTable()
-        {
-            public int getSize()
-            {
-                return len;
-            }
-
-            public ECPoint lookup(int index)
-            {
-                long[] x = Nat192.create64(), y = Nat192.create64();
-                int pos = 0;
-
-                for (int i = 0; i < len; ++i)
-                {
-                    long MASK = ((i ^ index) - 1) >> 31;
-
-                    for (int j = 0; j < FE_LONGS; ++j)
-                    {
-                        x[j] ^= table[pos + j] & MASK;
-                        y[j] ^= table[pos + FE_LONGS + j] & MASK;
-                    }
-
-                    pos += (FE_LONGS * 2);
-                }
-
-                return createRawPoint(new SecT163FieldElement(x), new SecT163FieldElement(y), false);
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT163R2Point.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT163R2Point.java
deleted file mode 100644
index 00b6a2c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT163R2Point.java
+++ /dev/null

@@ -1,305 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.ECPoint.AbstractF2m;
-
-public class SecT163R2Point extends AbstractF2m
-{
-    /**
-     * @deprecated Use ECCurve.createPoint to construct points
-     */
-    public SecT163R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
-    {
-        this(curve, x, y, false);
-    }
-
-    /**
-     * @deprecated per-point compression property will be removed, refer {@link #getEncoded(boolean)}
-     */
-    public SecT163R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        super(curve, x, y);
-
-        if ((x == null) != (y == null))
-        {
-            throw new IllegalArgumentException("Exactly one of the field elements is null");
-        }
-
-        this.withCompression = withCompression;
-    }
-
-    SecT163R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        super(curve, x, y, zs);
-
-        this.withCompression = withCompression;
-    }
-
-    protected ECPoint detach()
-    {
-        return new SecT163R2Point(null, getAffineXCoord(), getAffineYCoord());
-    }
-
-    public ECFieldElement getYCoord()
-    {
-        ECFieldElement X = x, L = y;
-
-        if (this.isInfinity() || X.isZero())
-        {
-            return L;
-        }
-
-        // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
-        ECFieldElement Y = L.add(X).multiply(X);
-
-        ECFieldElement Z = zs[0];
-        if (!Z.isOne())
-        {
-            Y = Y.divide(Z);
-        }
-
-        return Y;
-    }
-
-    protected boolean getCompressionYTilde()
-    {
-        ECFieldElement X = this.getRawXCoord();
-        if (X.isZero())
-        {
-            return false;
-        }
-
-        ECFieldElement Y = this.getRawYCoord();
-
-        // Y is actually Lambda (X + Y/X) here
-        return Y.testBitZero() != X.testBitZero();
-    }
-
-    public ECPoint add(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        ECFieldElement X2 = b.getRawXCoord();
-
-        if (X1.isZero())
-        {
-            if (X2.isZero())
-            {
-                return curve.getInfinity();
-            }
-
-            return b.add(this);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord(), Z2 = b.getZCoord(0);
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement U2 = X2, S2 = L2;
-        if (!Z1IsOne)
-        {
-            U2 = U2.multiply(Z1);
-            S2 = S2.multiply(Z1);
-        }
-
-        boolean Z2IsOne = Z2.isOne();
-        ECFieldElement U1 = X1, S1 = L1;
-        if (!Z2IsOne)
-        {
-            U1 = U1.multiply(Z2);
-            S1 = S1.multiply(Z2);
-        }
-
-        ECFieldElement A = S1.add(S2);
-        ECFieldElement B = U1.add(U2);
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        ECFieldElement X3, L3, Z3;
-        if (X2.isZero())
-        {
-            // TODO This can probably be optimized quite a bit
-            ECPoint p = this.normalize();
-            X1 = p.getXCoord();
-            ECFieldElement Y1 = p.getYCoord();
-
-            ECFieldElement Y2 = L2;
-            ECFieldElement L = Y1.add(Y2).divide(X1);
-
-            X3 = L.square().add(L).add(X1).addOne();
-            if (X3.isZero())
-            {
-                return new SecT163R2Point(curve, X3, curve.getB().sqrt(), this.withCompression);
-            }
-
-            ECFieldElement Y3 = L.multiply(X1.add(X3)).add(X3).add(Y1);
-            L3 = Y3.divide(X3).add(X3);
-            Z3 = curve.fromBigInteger(ECConstants.ONE);
-        }
-        else
-        {
-            B = B.square();
-
-            ECFieldElement AU1 = A.multiply(U1);
-            ECFieldElement AU2 = A.multiply(U2);
-
-            X3 = AU1.multiply(AU2);
-            if (X3.isZero())
-            {
-                return new SecT163R2Point(curve, X3, curve.getB().sqrt(), this.withCompression);
-            }
-
-            ECFieldElement ABZ2 = A.multiply(B);
-            if (!Z2IsOne)
-            {
-                ABZ2 = ABZ2.multiply(Z2);
-            }
-
-            L3 = AU2.add(B).squarePlusProduct(ABZ2, L1.add(Z1));
-
-            Z3 = ABZ2;
-            if (!Z1IsOne)
-            {
-                Z3 = Z3.multiply(Z1);
-            }
-        }
-
-        return new SecT163R2Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twice()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return curve.getInfinity();
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.multiply(Z1);
-        ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.square();
-        ECFieldElement T = L1.square().add(L1Z1).add(Z1Sq);
-        if (T.isZero())
-        {
-            return new SecT163R2Point(curve, T, curve.getB().sqrt(), withCompression);
-        }
-
-        ECFieldElement X3 = T.square();
-        ECFieldElement Z3 = Z1IsOne ? T : T.multiply(Z1Sq);
-
-        ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.multiply(Z1);
-        ECFieldElement L3 = X1Z1.squarePlusProduct(T, L1Z1).add(X3).add(Z3);
-
-        return new SecT163R2Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twicePlus(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return twice();
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return b;
-        }
-
-        ECFieldElement X2 = b.getRawXCoord(), Z2 = b.getZCoord(0);
-        if (X2.isZero() || !Z2.isOne())
-        {
-            return twice().add(b);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord();
-
-        ECFieldElement X1Sq = X1.square();
-        ECFieldElement L1Sq = L1.square();
-        ECFieldElement Z1Sq = Z1.square();
-        ECFieldElement L1Z1 = L1.multiply(Z1);
-
-        ECFieldElement T = Z1Sq.add(L1Sq).add(L1Z1);
-        ECFieldElement A = L2.multiply(Z1Sq).add(L1Sq).multiplyPlusProduct(T, X1Sq, Z1Sq);
-        ECFieldElement X2Z1Sq = X2.multiply(Z1Sq);
-        ECFieldElement B = X2Z1Sq.add(T).square();
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return b.twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        if (A.isZero())
-        {
-            return new SecT163R2Point(curve, A, curve.getB().sqrt(), withCompression);
-        }
-
-        ECFieldElement X3 = A.square().multiply(X2Z1Sq);
-        ECFieldElement Z3 = A.multiply(B).multiply(Z1Sq);
-        ECFieldElement L3 = A.add(B).square().multiplyPlusProduct(T, L2.addOne(), Z3);
-
-        return new SecT163R2Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint negate()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECFieldElement X = this.x;
-        if (X.isZero())
-        {
-            return this;
-        }
-
-        // L is actually Lambda (X + Y/X) here
-        ECFieldElement L = this.y, Z = this.zs[0];
-        return new SecT163R2Point(curve, X, L.add(Z), new ECFieldElement[]{ Z }, this.withCompression);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT193Field.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT193Field.java
deleted file mode 100644
index 2e5e186..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT193Field.java
+++ /dev/null

@@ -1,306 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.raw.Interleave;
-import org.bouncycastle.math.raw.Nat256;
-
-public class SecT193Field
-{
-    private static final long M01 = 1L;
-    private static final long M49 = -1L >>> 15;
-
-    public static void add(long[] x, long[] y, long[] z)
-    {
-        z[0] = x[0] ^ y[0];
-        z[1] = x[1] ^ y[1];
-        z[2] = x[2] ^ y[2];
-        z[3] = x[3] ^ y[3];
-    }
-
-    public static void addExt(long[] xx, long[] yy, long[] zz)
-    {
-        zz[0] = xx[0] ^ yy[0];
-        zz[1] = xx[1] ^ yy[1];
-        zz[2] = xx[2] ^ yy[2];
-        zz[3] = xx[3] ^ yy[3];
-        zz[4] = xx[4] ^ yy[4];
-        zz[5] = xx[5] ^ yy[5];
-        zz[6] = xx[6] ^ yy[6];
-    }
-
-    public static void addOne(long[] x, long[] z)
-    {
-        z[0] = x[0] ^ 1L;
-        z[1] = x[1];
-        z[2] = x[2];
-        z[3] = x[3];
-    }
-
-    public static long[] fromBigInteger(BigInteger x)
-    {
-        long[] z = Nat256.fromBigInteger64(x);
-        reduce63(z, 0);
-        return z;
-    }
-
-    public static void invert(long[] x, long[] z)
-    {
-        if (Nat256.isZero64(x))
-        {
-            throw new IllegalStateException();
-        }
-
-        // Itoh-Tsujii inversion with bases { 2, 3 }
-
-        long[] t0 = Nat256.create64();
-        long[] t1 = Nat256.create64();
-
-        square(x, t0);
-
-        // 3 | 192
-        squareN(t0, 1, t1);
-        multiply(t0, t1, t0);
-        squareN(t1, 1, t1);
-        multiply(t0, t1, t0);
-
-        // 2 | 64
-        squareN(t0, 3, t1);
-        multiply(t0, t1, t0);
-
-        // 2 | 32
-        squareN(t0, 6, t1);
-        multiply(t0, t1, t0);
-
-        // 2 | 16
-        squareN(t0, 12, t1);
-        multiply(t0, t1, t0);
-
-        // 2 | 8
-        squareN(t0, 24, t1);
-        multiply(t0, t1, t0);
-
-        // 2 | 4
-        squareN(t0, 48, t1);
-        multiply(t0, t1, t0);
-
-        // 2 | 2
-        squareN(t0, 96, t1);
-        multiply(t0, t1, z);
-    }
-
-    public static void multiply(long[] x, long[] y, long[] z)
-    {
-        long[] tt = Nat256.createExt64();
-        implMultiply(x, y, tt);
-        reduce(tt, z);
-    }
-
-    public static void multiplyAddToExt(long[] x, long[] y, long[] zz)
-    {
-        long[] tt = Nat256.createExt64();
-        implMultiply(x, y, tt);
-        addExt(zz, tt, zz);
-    }
-
-    public static void reduce(long[] xx, long[] z)
-    {
-        long x0 = xx[0], x1 = xx[1], x2 = xx[2], x3 = xx[3], x4 = xx[4], x5 = xx[5], x6 = xx[6];
-
-        x2 ^= (x6 <<  63);
-        x3 ^= (x6 >>>  1) ^ (x6 <<  14);
-        x4 ^= (x6 >>> 50);
-
-        x1 ^= (x5 <<  63);
-        x2 ^= (x5 >>>  1) ^ (x5 <<  14);
-        x3 ^= (x5 >>> 50);
-
-        x0 ^= (x4 <<  63);
-        x1 ^= (x4 >>>  1) ^ (x4 <<  14);
-        x2 ^= (x4 >>> 50);
-
-        long t = x3 >>> 1;
-        z[0]   = x0 ^ t ^ (t <<  15);
-        z[1]   = x1     ^ (t >>> 49);
-        z[2]   = x2;
-        z[3]   = x3 & M01;
-    }
-
-    public static void reduce63(long[] z, int zOff)
-    {
-        long z3      = z[zOff + 3], t = z3 >>> 1;
-        z[zOff    ] ^= t ^ (t <<  15);
-        z[zOff + 1] ^=     (t >>> 49);
-        z[zOff + 3]  = z3 & M01;
-    }
-
-    public static void sqrt(long[] x, long[] z)
-    {
-        long u0, u1;
-        u0 = Interleave.unshuffle(x[0]); u1 = Interleave.unshuffle(x[1]);
-        long e0 = (u0 & 0x00000000FFFFFFFFL) | (u1 << 32);
-        long c0 = (u0 >>> 32) | (u1 & 0xFFFFFFFF00000000L);
-
-        u0 = Interleave.unshuffle(x[2]);
-        long e1 = (u0 & 0x00000000FFFFFFFFL) ^ (x[3] << 32);
-        long c1 = (u0 >>> 32);
-
-        z[0] = e0 ^ (c0 << 8);
-        z[1] = e1 ^ (c1 << 8) ^ (c0 >>> 56) ^ (c0 << 33);
-        z[2] =                  (c1 >>> 56) ^ (c1 << 33) ^ (c0 >>> 31);
-        z[3] =                                             (c1 >>> 31);
-    }
-
-    public static void square(long[] x, long[] z)
-    {
-        long[] tt = Nat256.createExt64();
-        implSquare(x, tt);
-        reduce(tt, z);
-    }
-
-    public static void squareAddToExt(long[] x, long[] zz)
-    {
-        long[] tt = Nat256.createExt64();
-        implSquare(x, tt);
-        addExt(zz, tt, zz);
-    }
-
-    public static void squareN(long[] x, int n, long[] z)
-    {
-//        assert n > 0;
-
-        long[] tt = Nat256.createExt64();
-        implSquare(x, tt);
-        reduce(tt, z);
-
-        while (--n > 0)
-        {
-            implSquare(z, tt);
-            reduce(tt, z);
-        }
-    }
-
-    public static int trace(long[] x)
-    {
-        // Non-zero-trace bits: 0
-        return (int)(x[0]) & 1;
-    }
-
-    protected static void implCompactExt(long[] zz)
-    {
-        long z0 = zz[0], z1 = zz[1], z2 = zz[2], z3 = zz[3], z4 = zz[4], z5 = zz[5], z6 = zz[6], z7 = zz[7];
-        zz[0] =  z0         ^ (z1 << 49);
-        zz[1] = (z1 >>> 15) ^ (z2 << 34);
-        zz[2] = (z2 >>> 30) ^ (z3 << 19);
-        zz[3] = (z3 >>> 45) ^ (z4 <<  4)
-                            ^ (z5 << 53);
-        zz[4] = (z4 >>> 60) ^ (z6 << 38)
-              ^ (z5 >>> 11);
-        zz[5] = (z6 >>> 26) ^ (z7 << 23);
-        zz[6] = (z7 >>> 41);
-        zz[7] = 0;
-    }
-
-    protected static void implExpand(long[] x, long[] z)
-    {
-        long x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3];
-        z[0] = x0 & M49;
-        z[1] = ((x0 >>> 49) ^ (x1 << 15)) & M49;
-        z[2] = ((x1 >>> 34) ^ (x2 << 30)) & M49;
-        z[3] = ((x2 >>> 19) ^ (x3 << 45));
-    }
-
-    protected static void implMultiply(long[] x, long[] y, long[] zz)
-    {
-        /*
-         * "Two-level seven-way recursion" as described in "Batch binary Edwards", Daniel J. Bernstein.
-         */
-
-        long[] f = new long[4], g = new long[4];
-        implExpand(x, f);
-        implExpand(y, g);
-
-        implMulwAcc(f[0], g[0], zz, 0);
-        implMulwAcc(f[1], g[1], zz, 1);
-        implMulwAcc(f[2], g[2], zz, 2);
-        implMulwAcc(f[3], g[3], zz, 3);
-
-        // U *= (1 - t^n)
-        for (int i = 5; i > 0; --i)
-        {
-            zz[i] ^= zz[i - 1];
-        }
-
-        implMulwAcc(f[0] ^ f[1], g[0] ^ g[1], zz, 1);
-        implMulwAcc(f[2] ^ f[3], g[2] ^ g[3], zz, 3);
-
-        // V *= (1 - t^2n)
-        for (int i = 7; i > 1; --i)
-        {
-            zz[i] ^= zz[i - 2];
-        }
-
-        // Double-length recursion
-        {
-            long c0 = f[0] ^ f[2], c1 = f[1] ^ f[3];
-            long d0 = g[0] ^ g[2], d1 = g[1] ^ g[3];
-            implMulwAcc(c0 ^ c1, d0 ^ d1, zz, 3);
-            long[] t = new long[3];
-            implMulwAcc(c0, d0, t, 0);
-            implMulwAcc(c1, d1, t, 1);
-            long t0 = t[0], t1 = t[1], t2 = t[2];
-            zz[2] ^= t0;
-            zz[3] ^= t0 ^ t1;
-            zz[4] ^= t2 ^ t1;
-            zz[5] ^= t2;
-        }
-
-        implCompactExt(zz);
-    }
-
-    protected static void implMulwAcc(long x, long y, long[] z, int zOff)
-    {
-//        assert x >>> 49 == 0;
-//        assert y >>> 49 == 0;
-
-        long[] u = new long[8];
-//        u[0] = 0;
-        u[1] = y;
-        u[2] = u[1] << 1;
-        u[3] = u[2] ^  y;
-        u[4] = u[2] << 1;
-        u[5] = u[4] ^  y;
-        u[6] = u[3] << 1;
-        u[7] = u[6] ^ y;
-
-        int j = (int)x;
-        long g, h = 0, l = u[j & 7]
-                         ^ (u[(j >>> 3) & 7] << 3);
-        int k = 36;
-        do
-        {
-            j  = (int)(x >>> k);
-            g  = u[j & 7]
-               ^ u[(j >>> 3) & 7] << 3
-               ^ u[(j >>> 6) & 7] << 6
-               ^ u[(j >>> 9) & 7] << 9
-               ^ u[(j >>> 12) & 7] << 12;
-            l ^= (g <<   k);
-            h ^= (g >>> -k);
-        }
-        while ((k -= 15) > 0);
-
-//        assert h >>> 33 == 0;
-
-        z[zOff    ] ^= l & M49;
-        z[zOff + 1] ^= (l >>> 49) ^ (h << 15);
-    }
-
-    protected static void implSquare(long[] x, long[] zz)
-    {
-        Interleave.expand64To128(x[0], zz, 0);
-        Interleave.expand64To128(x[1], zz, 2);
-        Interleave.expand64To128(x[2], zz, 4);
-        zz[6] = (x[3] & M01);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT193FieldElement.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT193FieldElement.java
deleted file mode 100644
index 118e4d8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT193FieldElement.java
+++ /dev/null

@@ -1,226 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.raw.Nat256;
-import org.bouncycastle.util.Arrays;
-
-public class SecT193FieldElement extends ECFieldElement.AbstractF2m
-{
-    protected long[] x;
-
-    public SecT193FieldElement(BigInteger x)
-    {
-        if (x == null || x.signum() < 0 || x.bitLength() > 193)
-        {
-            throw new IllegalArgumentException("x value invalid for SecT193FieldElement");
-        }
-
-        this.x = SecT193Field.fromBigInteger(x);
-    }
-
-    public SecT193FieldElement()
-    {
-        this.x = Nat256.create64();
-    }
-
-    protected SecT193FieldElement(long[] x)
-    {
-        this.x = x;
-    }
-
-//    public int bitLength()
-//    {
-//        return x.degree();
-//    }
-
-    public boolean isOne()
-    {
-        return Nat256.isOne64(x);
-    }
-
-    public boolean isZero()
-    {
-        return Nat256.isZero64(x);
-    }
-
-    public boolean testBitZero()
-    {
-        return (x[0] & 1L) != 0L;
-    }
-
-    public BigInteger toBigInteger()
-    {
-        return Nat256.toBigInteger64(x);
-    }
-
-    public String getFieldName()
-    {
-        return "SecT193Field";
-    }
-
-    public int getFieldSize()
-    {
-        return 193;
-    }
-
-    public ECFieldElement add(ECFieldElement b)
-    {
-        long[] z = Nat256.create64();
-        SecT193Field.add(x, ((SecT193FieldElement)b).x, z);
-        return new SecT193FieldElement(z);
-    }
-
-    public ECFieldElement addOne()
-    {
-        long[] z = Nat256.create64();
-        SecT193Field.addOne(x, z);
-        return new SecT193FieldElement(z);
-    }
-
-    public ECFieldElement subtract(ECFieldElement b)
-    {
-        // Addition and subtraction are the same in F2m
-        return add(b);
-    }
-
-    public ECFieldElement multiply(ECFieldElement b)
-    {
-        long[] z = Nat256.create64();
-        SecT193Field.multiply(x, ((SecT193FieldElement)b).x, z);
-        return new SecT193FieldElement(z);
-    }
-
-    public ECFieldElement multiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
-    {
-        return multiplyPlusProduct(b, x, y);
-    }
-
-    public ECFieldElement multiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
-    {
-        long[] ax = this.x, bx = ((SecT193FieldElement)b).x;
-        long[] xx = ((SecT193FieldElement)x).x, yx = ((SecT193FieldElement)y).x;
-
-        long[] tt = Nat256.createExt64();
-        SecT193Field.multiplyAddToExt(ax, bx, tt);
-        SecT193Field.multiplyAddToExt(xx, yx, tt);
-
-        long[] z = Nat256.create64();
-        SecT193Field.reduce(tt, z);
-        return new SecT193FieldElement(z);
-    }
-
-    public ECFieldElement divide(ECFieldElement b)
-    {
-        return multiply(b.invert());
-    }
-
-    public ECFieldElement negate()
-    {
-        return this;
-    }
-
-    public ECFieldElement square()
-    {
-        long[] z = Nat256.create64();
-        SecT193Field.square(x, z);
-        return new SecT193FieldElement(z);
-    }
-
-    public ECFieldElement squareMinusProduct(ECFieldElement x, ECFieldElement y)
-    {
-        return squarePlusProduct(x, y);
-    }
-
-    public ECFieldElement squarePlusProduct(ECFieldElement x, ECFieldElement y)
-    {
-        long[] ax = this.x;
-        long[] xx = ((SecT193FieldElement)x).x, yx = ((SecT193FieldElement)y).x;
-
-        long[] tt = Nat256.createExt64();
-        SecT193Field.squareAddToExt(ax, tt);
-        SecT193Field.multiplyAddToExt(xx, yx, tt);
-
-        long[] z = Nat256.create64();
-        SecT193Field.reduce(tt, z);
-        return new SecT193FieldElement(z);
-    }
-
-    public ECFieldElement squarePow(int pow)
-    {
-        if (pow < 1)
-        {
-            return this;
-        }
-
-        long[] z = Nat256.create64();
-        SecT193Field.squareN(x, pow, z);
-        return new SecT193FieldElement(z);
-    }
-
-    public int trace()
-    {
-        return SecT193Field.trace(x);
-    }
-
-    public ECFieldElement invert()
-    {
-        long[] z = Nat256.create64();
-        SecT193Field.invert(x, z);
-        return new SecT193FieldElement(z);
-    }
-
-    public ECFieldElement sqrt()
-    {
-        long[] z = Nat256.create64();
-        SecT193Field.sqrt(x, z);
-        return new SecT193FieldElement(z);
-    }
-
-    public int getRepresentation()
-    {
-        return ECFieldElement.F2m.TPB;
-    }
-
-    public int getM()
-    {
-        return 193;
-    }
-
-    public int getK1()
-    {
-        return 15;
-    }
-
-    public int getK2()
-    {
-        return 0;
-    }
-
-    public int getK3()
-    {
-        return 0;
-    }
-
-    public boolean equals(Object other)
-    {
-        if (other == this)
-        {
-            return true;
-        }
-
-        if (!(other instanceof SecT193FieldElement))
-        {
-            return false;
-        }
-
-        SecT193FieldElement o = (SecT193FieldElement)other;
-        return Nat256.eq64(x, o.x);
-    }
-
-    public int hashCode()
-    {
-        return 1930015 ^ Arrays.hashCode(x, 0, 4);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT193R1Curve.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT193R1Curve.java
deleted file mode 100644
index e977061..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT193R1Curve.java
+++ /dev/null

@@ -1,148 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECCurve.AbstractF2m;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECLookupTable;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.raw.Nat256;
-import org.bouncycastle.util.encoders.Hex;
-
-public class SecT193R1Curve extends AbstractF2m
-{
-    private static final int SecT193R1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
-
-    protected SecT193R1Point infinity;
-
-    public SecT193R1Curve()
-    {
-        super(193, 15, 0, 0);
-
-        this.infinity = new SecT193R1Point(this, null, null);
-
-        this.a = fromBigInteger(new BigInteger(1, Hex.decode("0017858FEB7A98975169E171F77B4087DE098AC8A911DF7B01")));
-        this.b = fromBigInteger(new BigInteger(1, Hex.decode("00FDFB49BFE6C3A89FACADAA7A1E5BBC7CC1C2E5D831478814")));
-        this.order = new BigInteger(1, Hex.decode("01000000000000000000000000C7F34A778F443ACC920EBA49"));
-        this.cofactor = BigInteger.valueOf(2);
-
-        this.coord = SecT193R1_DEFAULT_COORDS;
-    }
-
-    protected ECCurve cloneCurve()
-    {
-        return new SecT193R1Curve();
-    }
-
-    public boolean supportsCoordinateSystem(int coord)
-    {
-        switch (coord)
-        {
-        case COORD_LAMBDA_PROJECTIVE:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    public int getFieldSize()
-    {
-        return 193;
-    }
-
-    public ECFieldElement fromBigInteger(BigInteger x)
-    {
-        return new SecT193FieldElement(x);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        return new SecT193R1Point(this, x, y, withCompression);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        return new SecT193R1Point(this, x, y, zs, withCompression);
-    }
-
-    public ECPoint getInfinity()
-    {
-        return infinity;
-    }
-
-    public boolean isKoblitz()
-    {
-        return false;
-    }
-
-    public int getM()
-    {
-        return 193;
-    }
-
-    public boolean isTrinomial()
-    {
-        return true;
-    }
-
-    public int getK1()
-    {
-        return 15;
-    }
-
-    public int getK2()
-    {
-        return 0;
-    }
-
-    public int getK3()
-    {
-        return 0;
-    }
-
-    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
-    {
-        final int FE_LONGS = 4;
-
-        final long[] table = new long[len * FE_LONGS * 2];
-        {
-            int pos = 0;
-            for (int i = 0; i < len; ++i)
-            {
-                ECPoint p = points[off + i];
-                Nat256.copy64(((SecT193FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_LONGS;
-                Nat256.copy64(((SecT193FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_LONGS;
-            }
-        }
-
-        return new ECLookupTable()
-        {
-            public int getSize()
-            {
-                return len;
-            }
-
-            public ECPoint lookup(int index)
-            {
-                long[] x = Nat256.create64(), y = Nat256.create64();
-                int pos = 0;
-
-                for (int i = 0; i < len; ++i)
-                {
-                    long MASK = ((i ^ index) - 1) >> 31;
-
-                    for (int j = 0; j < FE_LONGS; ++j)
-                    {
-                        x[j] ^= table[pos + j] & MASK;
-                        y[j] ^= table[pos + FE_LONGS + j] & MASK;
-                    }
-
-                    pos += (FE_LONGS * 2);
-                }
-
-                return createRawPoint(new SecT193FieldElement(x), new SecT193FieldElement(y), false);
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT193R1Point.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT193R1Point.java
deleted file mode 100644
index 9997b8e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT193R1Point.java
+++ /dev/null

@@ -1,308 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.ECPoint.AbstractF2m;
-
-public class SecT193R1Point extends AbstractF2m
-{
-    /**
-     * @deprecated Use ECCurve.createPoint to construct points
-     */
-    public SecT193R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
-    {
-        this(curve, x, y, false);
-    }
-
-    /**
-     * @deprecated per-point compression property will be removed, refer {@link #getEncoded(boolean)}
-     */
-    public SecT193R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        super(curve, x, y);
-
-        if ((x == null) != (y == null))
-        {
-            throw new IllegalArgumentException("Exactly one of the field elements is null");
-        }
-
-        this.withCompression = withCompression;
-    }
-
-    SecT193R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        super(curve, x, y, zs);
-
-        this.withCompression = withCompression;
-    }
-
-    protected ECPoint detach()
-    {
-        return new SecT193R1Point(null, getAffineXCoord(), getAffineYCoord());
-    }
-
-    public ECFieldElement getYCoord()
-    {
-        ECFieldElement X = x, L = y;
-
-        if (this.isInfinity() || X.isZero())
-        {
-            return L;
-        }
-
-        // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
-        ECFieldElement Y = L.add(X).multiply(X);
-
-        ECFieldElement Z = zs[0];
-        if (!Z.isOne())
-        {
-            Y = Y.divide(Z);
-        }
-
-        return Y;
-    }
-
-    protected boolean getCompressionYTilde()
-    {
-        ECFieldElement X = this.getRawXCoord();
-        if (X.isZero())
-        {
-            return false;
-        }
-
-        ECFieldElement Y = this.getRawYCoord();
-
-        // Y is actually Lambda (X + Y/X) here
-        return Y.testBitZero() != X.testBitZero();
-    }
-
-    public ECPoint add(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        ECFieldElement X2 = b.getRawXCoord();
-
-        if (X1.isZero())
-        {
-            if (X2.isZero())
-            {
-                return curve.getInfinity();
-            }
-
-            return b.add(this);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord(), Z2 = b.getZCoord(0);
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement U2 = X2, S2 = L2;
-        if (!Z1IsOne)
-        {
-            U2 = U2.multiply(Z1);
-            S2 = S2.multiply(Z1);
-        }
-
-        boolean Z2IsOne = Z2.isOne();
-        ECFieldElement U1 = X1, S1 = L1;
-        if (!Z2IsOne)
-        {
-            U1 = U1.multiply(Z2);
-            S1 = S1.multiply(Z2);
-        }
-
-        ECFieldElement A = S1.add(S2);
-        ECFieldElement B = U1.add(U2);
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        ECFieldElement X3, L3, Z3;
-        if (X2.isZero())
-        {
-            // TODO This can probably be optimized quite a bit
-            ECPoint p = this.normalize();
-            X1 = p.getXCoord();
-            ECFieldElement Y1 = p.getYCoord();
-
-            ECFieldElement Y2 = L2;
-            ECFieldElement L = Y1.add(Y2).divide(X1);
-
-            X3 = L.square().add(L).add(X1).add(curve.getA());
-            if (X3.isZero())
-            {
-                return new SecT193R1Point(curve, X3, curve.getB().sqrt(), this.withCompression);
-            }
-
-            ECFieldElement Y3 = L.multiply(X1.add(X3)).add(X3).add(Y1);
-            L3 = Y3.divide(X3).add(X3);
-            Z3 = curve.fromBigInteger(ECConstants.ONE);
-        }
-        else
-        {
-            B = B.square();
-
-            ECFieldElement AU1 = A.multiply(U1);
-            ECFieldElement AU2 = A.multiply(U2);
-
-            X3 = AU1.multiply(AU2);
-            if (X3.isZero())
-            {
-                return new SecT193R1Point(curve, X3, curve.getB().sqrt(), this.withCompression);
-            }
-
-            ECFieldElement ABZ2 = A.multiply(B);
-            if (!Z2IsOne)
-            {
-                ABZ2 = ABZ2.multiply(Z2);
-            }
-
-            L3 = AU2.add(B).squarePlusProduct(ABZ2, L1.add(Z1));
-
-            Z3 = ABZ2;
-            if (!Z1IsOne)
-            {
-                Z3 = Z3.multiply(Z1);
-            }
-        }
-
-        return new SecT193R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twice()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return curve.getInfinity();
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.multiply(Z1);
-        ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.square();
-        ECFieldElement a = curve.getA();
-        ECFieldElement aZ1Sq = Z1IsOne ? a : a.multiply(Z1Sq);
-        ECFieldElement T = L1.square().add(L1Z1).add(aZ1Sq);
-        if (T.isZero())
-        {
-            return new SecT193R1Point(curve, T, curve.getB().sqrt(), withCompression);
-        }
-
-        ECFieldElement X3 = T.square();
-        ECFieldElement Z3 = Z1IsOne ? T : T.multiply(Z1Sq);
-
-        ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.multiply(Z1);
-        ECFieldElement L3 = X1Z1.squarePlusProduct(T, L1Z1).add(X3).add(Z3);
-
-        return new SecT193R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twicePlus(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return twice();
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return b;
-        }
-
-        ECFieldElement X2 = b.getRawXCoord(), Z2 = b.getZCoord(0);
-        if (X2.isZero() || !Z2.isOne())
-        {
-            return twice().add(b);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord();
-
-        ECFieldElement X1Sq = X1.square();
-        ECFieldElement L1Sq = L1.square();
-        ECFieldElement Z1Sq = Z1.square();
-        ECFieldElement L1Z1 = L1.multiply(Z1);
-
-        ECFieldElement T = curve.getA().multiply(Z1Sq).add(L1Sq).add(L1Z1);
-        ECFieldElement L2plus1 = L2.addOne();
-        ECFieldElement A = curve.getA().add(L2plus1).multiply(Z1Sq).add(L1Sq).multiplyPlusProduct(T, X1Sq, Z1Sq);
-        ECFieldElement X2Z1Sq = X2.multiply(Z1Sq);
-        ECFieldElement B = X2Z1Sq.add(T).square();
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return b.twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        if (A.isZero())
-        {
-            return new SecT193R1Point(curve, A, curve.getB().sqrt(), withCompression);
-        }
-
-        ECFieldElement X3 = A.square().multiply(X2Z1Sq);
-        ECFieldElement Z3 = A.multiply(B).multiply(Z1Sq);
-        ECFieldElement L3 = A.add(B).square().multiplyPlusProduct(T, L2plus1, Z3);
-
-        return new SecT193R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint negate()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECFieldElement X = this.x;
-        if (X.isZero())
-        {
-            return this;
-        }
-
-        // L is actually Lambda (X + Y/X) here
-        ECFieldElement L = this.y, Z = this.zs[0];
-        return new SecT193R1Point(curve, X, L.add(Z), new ECFieldElement[]{ Z }, this.withCompression);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT193R2Curve.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT193R2Curve.java
deleted file mode 100644
index f08e7c0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT193R2Curve.java
+++ /dev/null

@@ -1,148 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECCurve.AbstractF2m;
-import org.bouncycastle.math.raw.Nat256;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECLookupTable;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.util.encoders.Hex;
-
-public class SecT193R2Curve extends AbstractF2m
-{
-    private static final int SecT193R2_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
-
-    protected SecT193R2Point infinity;
-
-    public SecT193R2Curve()
-    {
-        super(193, 15, 0, 0);
-
-        this.infinity = new SecT193R2Point(this, null, null);
-
-        this.a = fromBigInteger(new BigInteger(1, Hex.decode("0163F35A5137C2CE3EA6ED8667190B0BC43ECD69977702709B")));
-        this.b = fromBigInteger(new BigInteger(1, Hex.decode("00C9BB9E8927D4D64C377E2AB2856A5B16E3EFB7F61D4316AE")));
-        this.order = new BigInteger(1, Hex.decode("010000000000000000000000015AAB561B005413CCD4EE99D5"));
-        this.cofactor = BigInteger.valueOf(2);
-
-        this.coord = SecT193R2_DEFAULT_COORDS;
-    }
-
-    protected ECCurve cloneCurve()
-    {
-        return new SecT193R2Curve();
-    }
-
-    public boolean supportsCoordinateSystem(int coord)
-    {
-        switch (coord)
-        {
-        case COORD_LAMBDA_PROJECTIVE:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    public int getFieldSize()
-    {
-        return 193;
-    }
-
-    public ECFieldElement fromBigInteger(BigInteger x)
-    {
-        return new SecT193FieldElement(x);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        return new SecT193R2Point(this, x, y, withCompression);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        return new SecT193R2Point(this, x, y, zs, withCompression);
-    }
-
-    public ECPoint getInfinity()
-    {
-        return infinity;
-    }
-
-    public boolean isKoblitz()
-    {
-        return false;
-    }
-
-    public int getM()
-    {
-        return 193;
-    }
-
-    public boolean isTrinomial()
-    {
-        return true;
-    }
-
-    public int getK1()
-    {
-        return 15;
-    }
-
-    public int getK2()
-    {
-        return 0;
-    }
-
-    public int getK3()
-    {
-        return 0;
-    }
-
-    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
-    {
-        final int FE_LONGS = 4;
-
-        final long[] table = new long[len * FE_LONGS * 2];
-        {
-            int pos = 0;
-            for (int i = 0; i < len; ++i)
-            {
-                ECPoint p = points[off + i];
-                Nat256.copy64(((SecT193FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_LONGS;
-                Nat256.copy64(((SecT193FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_LONGS;
-            }
-        }
-
-        return new ECLookupTable()
-        {
-            public int getSize()
-            {
-                return len;
-            }
-
-            public ECPoint lookup(int index)
-            {
-                long[] x = Nat256.create64(), y = Nat256.create64();
-                int pos = 0;
-
-                for (int i = 0; i < len; ++i)
-                {
-                    long MASK = ((i ^ index) - 1) >> 31;
-
-                    for (int j = 0; j < FE_LONGS; ++j)
-                    {
-                        x[j] ^= table[pos + j] & MASK;
-                        y[j] ^= table[pos + FE_LONGS + j] & MASK;
-                    }
-
-                    pos += (FE_LONGS * 2);
-                }
-
-                return createRawPoint(new SecT193FieldElement(x), new SecT193FieldElement(y), false);
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT193R2Point.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT193R2Point.java
deleted file mode 100644
index f3bbb70..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT193R2Point.java
+++ /dev/null

@@ -1,308 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.ECPoint.AbstractF2m;
-
-public class SecT193R2Point extends AbstractF2m
-{
-    /**
-     * @deprecated Use ECCurve.createPoint to construct points
-     */
-    public SecT193R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
-    {
-        this(curve, x, y, false);
-    }
-
-    /**
-     * @deprecated per-point compression property will be removed, refer {@link #getEncoded(boolean)}
-     */
-    public SecT193R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        super(curve, x, y);
-
-        if ((x == null) != (y == null))
-        {
-            throw new IllegalArgumentException("Exactly one of the field elements is null");
-        }
-
-        this.withCompression = withCompression;
-    }
-
-    SecT193R2Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        super(curve, x, y, zs);
-
-        this.withCompression = withCompression;
-    }
-
-    protected ECPoint detach()
-    {
-        return new SecT193R2Point(null, getAffineXCoord(), getAffineYCoord());
-    }
-
-    public ECFieldElement getYCoord()
-    {
-        ECFieldElement X = x, L = y;
-
-        if (this.isInfinity() || X.isZero())
-        {
-            return L;
-        }
-
-        // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
-        ECFieldElement Y = L.add(X).multiply(X);
-
-        ECFieldElement Z = zs[0];
-        if (!Z.isOne())
-        {
-            Y = Y.divide(Z);
-        }
-
-        return Y;
-    }
-
-    protected boolean getCompressionYTilde()
-    {
-        ECFieldElement X = this.getRawXCoord();
-        if (X.isZero())
-        {
-            return false;
-        }
-
-        ECFieldElement Y = this.getRawYCoord();
-
-        // Y is actually Lambda (X + Y/X) here
-        return Y.testBitZero() != X.testBitZero();
-    }
-
-    public ECPoint add(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        ECFieldElement X2 = b.getRawXCoord();
-
-        if (X1.isZero())
-        {
-            if (X2.isZero())
-            {
-                return curve.getInfinity();
-            }
-
-            return b.add(this);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord(), Z2 = b.getZCoord(0);
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement U2 = X2, S2 = L2;
-        if (!Z1IsOne)
-        {
-            U2 = U2.multiply(Z1);
-            S2 = S2.multiply(Z1);
-        }
-
-        boolean Z2IsOne = Z2.isOne();
-        ECFieldElement U1 = X1, S1 = L1;
-        if (!Z2IsOne)
-        {
-            U1 = U1.multiply(Z2);
-            S1 = S1.multiply(Z2);
-        }
-
-        ECFieldElement A = S1.add(S2);
-        ECFieldElement B = U1.add(U2);
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        ECFieldElement X3, L3, Z3;
-        if (X2.isZero())
-        {
-            // TODO This can probably be optimized quite a bit
-            ECPoint p = this.normalize();
-            X1 = p.getXCoord();
-            ECFieldElement Y1 = p.getYCoord();
-
-            ECFieldElement Y2 = L2;
-            ECFieldElement L = Y1.add(Y2).divide(X1);
-
-            X3 = L.square().add(L).add(X1).add(curve.getA());
-            if (X3.isZero())
-            {
-                return new SecT193R2Point(curve, X3, curve.getB().sqrt(), this.withCompression);
-            }
-
-            ECFieldElement Y3 = L.multiply(X1.add(X3)).add(X3).add(Y1);
-            L3 = Y3.divide(X3).add(X3);
-            Z3 = curve.fromBigInteger(ECConstants.ONE);
-        }
-        else
-        {
-            B = B.square();
-
-            ECFieldElement AU1 = A.multiply(U1);
-            ECFieldElement AU2 = A.multiply(U2);
-
-            X3 = AU1.multiply(AU2);
-            if (X3.isZero())
-            {
-                return new SecT193R2Point(curve, X3, curve.getB().sqrt(), this.withCompression);
-            }
-
-            ECFieldElement ABZ2 = A.multiply(B);
-            if (!Z2IsOne)
-            {
-                ABZ2 = ABZ2.multiply(Z2);
-            }
-
-            L3 = AU2.add(B).squarePlusProduct(ABZ2, L1.add(Z1));
-
-            Z3 = ABZ2;
-            if (!Z1IsOne)
-            {
-                Z3 = Z3.multiply(Z1);
-            }
-        }
-
-        return new SecT193R2Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twice()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return curve.getInfinity();
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.multiply(Z1);
-        ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.square();
-        ECFieldElement a = curve.getA();
-        ECFieldElement aZ1Sq = Z1IsOne ? a : a.multiply(Z1Sq);
-        ECFieldElement T = L1.square().add(L1Z1).add(aZ1Sq);
-        if (T.isZero())
-        {
-            return new SecT193R2Point(curve, T, curve.getB().sqrt(), withCompression);
-        }
-
-        ECFieldElement X3 = T.square();
-        ECFieldElement Z3 = Z1IsOne ? T : T.multiply(Z1Sq);
-
-        ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.multiply(Z1);
-        ECFieldElement L3 = X1Z1.squarePlusProduct(T, L1Z1).add(X3).add(Z3);
-
-        return new SecT193R2Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twicePlus(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return twice();
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return b;
-        }
-
-        ECFieldElement X2 = b.getRawXCoord(), Z2 = b.getZCoord(0);
-        if (X2.isZero() || !Z2.isOne())
-        {
-            return twice().add(b);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord();
-
-        ECFieldElement X1Sq = X1.square();
-        ECFieldElement L1Sq = L1.square();
-        ECFieldElement Z1Sq = Z1.square();
-        ECFieldElement L1Z1 = L1.multiply(Z1);
-
-        ECFieldElement T = curve.getA().multiply(Z1Sq).add(L1Sq).add(L1Z1);
-        ECFieldElement L2plus1 = L2.addOne();
-        ECFieldElement A = curve.getA().add(L2plus1).multiply(Z1Sq).add(L1Sq).multiplyPlusProduct(T, X1Sq, Z1Sq);
-        ECFieldElement X2Z1Sq = X2.multiply(Z1Sq);
-        ECFieldElement B = X2Z1Sq.add(T).square();
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return b.twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        if (A.isZero())
-        {
-            return new SecT193R2Point(curve, A, curve.getB().sqrt(), withCompression);
-        }
-
-        ECFieldElement X3 = A.square().multiply(X2Z1Sq);
-        ECFieldElement Z3 = A.multiply(B).multiply(Z1Sq);
-        ECFieldElement L3 = A.add(B).square().multiplyPlusProduct(T, L2plus1, Z3);
-
-        return new SecT193R2Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint negate()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECFieldElement X = this.x;
-        if (X.isZero())
-        {
-            return this;
-        }
-
-        // L is actually Lambda (X + Y/X) here
-        ECFieldElement L = this.y, Z = this.zs[0];
-        return new SecT193R2Point(curve, X, L.add(Z), new ECFieldElement[]{ Z }, this.withCompression);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT233Field.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT233Field.java
deleted file mode 100644
index f34081e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT233Field.java
+++ /dev/null

@@ -1,318 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.raw.Interleave;
-import org.bouncycastle.math.raw.Nat256;
-
-public class SecT233Field
-{
-    private static final long M41 = -1L >>> 23;
-    private static final long M59 = -1L >>> 5;
-
-    public static void add(long[] x, long[] y, long[] z)
-    {
-        z[0] = x[0] ^ y[0];
-        z[1] = x[1] ^ y[1];
-        z[2] = x[2] ^ y[2];
-        z[3] = x[3] ^ y[3];
-    }
-
-    public static void addExt(long[] xx, long[] yy, long[] zz)
-    {
-        zz[0] = xx[0] ^ yy[0];
-        zz[1] = xx[1] ^ yy[1];
-        zz[2] = xx[2] ^ yy[2];
-        zz[3] = xx[3] ^ yy[3];
-        zz[4] = xx[4] ^ yy[4];
-        zz[5] = xx[5] ^ yy[5];
-        zz[6] = xx[6] ^ yy[6];
-        zz[7] = xx[7] ^ yy[7];
-    }
-
-    public static void addOne(long[] x, long[] z)
-    {
-        z[0] = x[0] ^ 1L;
-        z[1] = x[1];
-        z[2] = x[2];
-        z[3] = x[3];
-    }
-
-    public static long[] fromBigInteger(BigInteger x)
-    {
-        long[] z = Nat256.fromBigInteger64(x);
-        reduce23(z, 0);
-        return z;
-    }
-
-    public static void invert(long[] x, long[] z)
-    {
-        if (Nat256.isZero64(x))
-        {
-            throw new IllegalStateException();
-        }
-
-        // Itoh-Tsujii inversion
-
-        long[] t0 = Nat256.create64();
-        long[] t1 = Nat256.create64();
-
-        square(x, t0);
-        multiply(t0, x, t0);
-        square(t0, t0);
-        multiply(t0, x, t0);
-        squareN(t0, 3, t1);
-        multiply(t1, t0, t1);
-        square(t1, t1);
-        multiply(t1, x, t1);
-        squareN(t1, 7, t0);
-        multiply(t0, t1, t0);
-        squareN(t0, 14, t1);
-        multiply(t1, t0, t1);
-        square(t1, t1);
-        multiply(t1, x, t1);
-        squareN(t1, 29, t0);
-        multiply(t0, t1, t0);
-        squareN(t0, 58, t1);
-        multiply(t1, t0, t1);
-        squareN(t1, 116, t0);
-        multiply(t0, t1, t0);
-        square(t0, z);
-    }
-
-    public static void multiply(long[] x, long[] y, long[] z)
-    {
-        long[] tt = Nat256.createExt64();
-        implMultiply(x, y, tt);
-        reduce(tt, z);
-    }
-
-    public static void multiplyAddToExt(long[] x, long[] y, long[] zz)
-    {
-        long[] tt = Nat256.createExt64();
-        implMultiply(x, y, tt);
-        addExt(zz, tt, zz);
-    }
-
-    public static void reduce(long[] xx, long[] z)
-    {
-        long x0 = xx[0], x1 = xx[1], x2 = xx[2], x3 = xx[3];
-        long x4 = xx[4], x5 = xx[5], x6 = xx[6], x7 = xx[7];
-
-        x3 ^= (x7 <<  23);
-        x4 ^= (x7 >>> 41) ^ (x7 <<  33);
-        x5 ^= (x7 >>> 31);
-
-        x2 ^= (x6 <<  23);
-        x3 ^= (x6 >>> 41) ^ (x6 <<  33);
-        x4 ^= (x6 >>> 31);
-
-        x1 ^= (x5 <<  23);
-        x2 ^= (x5 >>> 41) ^ (x5 <<  33);
-        x3 ^= (x5 >>> 31);
-
-        x0 ^= (x4 <<  23);
-        x1 ^= (x4 >>> 41) ^ (x4 <<  33);
-        x2 ^= (x4 >>> 31);
-
-        long t = x3 >>> 41;
-        z[0]   = x0 ^ t;
-        z[1]   = x1 ^ (t << 10);
-        z[2]   = x2;
-        z[3]   = x3 & M41;
-    }
-
-    public static void reduce23(long[] z, int zOff)
-    {
-        long z3      = z[zOff + 3], t = z3 >>> 41;
-        z[zOff    ] ^= t;
-        z[zOff + 1] ^= (t << 10);
-        z[zOff + 3]  = z3 & M41;
-    }
-
-    public static void sqrt(long[] x, long[] z)
-    {
-        long u0, u1;
-        u0 = Interleave.unshuffle(x[0]); u1 = Interleave.unshuffle(x[1]);
-        long e0 = (u0 & 0x00000000FFFFFFFFL) | (u1 << 32);
-        long c0 = (u0 >>> 32) | (u1 & 0xFFFFFFFF00000000L);
-
-        u0 = Interleave.unshuffle(x[2]); u1 = Interleave.unshuffle(x[3]);
-        long e1 = (u0 & 0x00000000FFFFFFFFL) | (u1 << 32);
-        long c1 = (u0 >>> 32) | (u1 & 0xFFFFFFFF00000000L);
-
-        long c2;
-        c2  = (c1 >>> 27);
-        c1 ^= (c0 >>> 27) | (c1 << 37);
-        c0 ^=               (c0 << 37);
-
-        long[] tt = Nat256.createExt64();
-
-        int[] shifts = { 32, 117, 191 };
-        for (int i = 0; i < shifts.length; ++i)
-        {
-            int w = shifts[i] >>> 6, s = shifts[i] & 63;
-//            assert s != 0;
-            tt[w    ] ^= (c0 << s);
-            tt[w + 1] ^= (c1 << s) | (c0 >>> -s);
-            tt[w + 2] ^= (c2 << s) | (c1 >>> -s);
-            tt[w + 3] ^=             (c2 >>> -s);
-        }
-
-        reduce(tt, z);
-
-        z[0] ^= e0;
-        z[1] ^= e1;
-    }
-
-    public static void square(long[] x, long[] z)
-    {
-        long[] tt = Nat256.createExt64();
-        implSquare(x, tt);
-        reduce(tt, z);
-    }
-
-    public static void squareAddToExt(long[] x, long[] zz)
-    {
-        long[] tt = Nat256.createExt64();
-        implSquare(x, tt);
-        addExt(zz, tt, zz);
-    }
-
-    public static void squareN(long[] x, int n, long[] z)
-    {
-//        assert n > 0;
-
-        long[] tt = Nat256.createExt64();
-        implSquare(x, tt);
-        reduce(tt, z);
-
-        while (--n > 0)
-        {
-            implSquare(z, tt);
-            reduce(tt, z);
-        }
-    }
-
-    public static int trace(long[] x)
-    {
-        // Non-zero-trace bits: 0, 159
-        return (int)(x[0] ^ (x[2] >>> 31)) & 1;
-    }
-
-    protected static void implCompactExt(long[] zz)
-    {
-        long z0 = zz[0], z1 = zz[1], z2 = zz[2], z3 = zz[3], z4 = zz[4], z5 = zz[5], z6 = zz[6], z7 = zz[7];
-        zz[0] =  z0         ^ (z1 << 59);
-        zz[1] = (z1 >>>  5) ^ (z2 << 54);
-        zz[2] = (z2 >>> 10) ^ (z3 << 49);
-        zz[3] = (z3 >>> 15) ^ (z4 << 44);
-        zz[4] = (z4 >>> 20) ^ (z5 << 39);
-        zz[5] = (z5 >>> 25) ^ (z6 << 34);
-        zz[6] = (z6 >>> 30) ^ (z7 << 29);
-        zz[7] = (z7 >>> 35);
-    }
-
-    protected static void implExpand(long[] x, long[] z)
-    {
-        long x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3];
-        z[0] = x0 & M59;
-        z[1] = ((x0 >>> 59) ^ (x1 <<  5)) & M59;
-        z[2] = ((x1 >>> 54) ^ (x2 << 10)) & M59;
-        z[3] = ((x2 >>> 49) ^ (x3 << 15));
-    }
-
-    protected static void implMultiply(long[] x, long[] y, long[] zz)
-    {
-        /*
-         * "Two-level seven-way recursion" as described in "Batch binary Edwards", Daniel J. Bernstein.
-         */
-
-        long[] f = new long[4], g = new long[4];
-        implExpand(x, f);
-        implExpand(y, g);
-
-        implMulwAcc(f[0], g[0], zz, 0);
-        implMulwAcc(f[1], g[1], zz, 1);
-        implMulwAcc(f[2], g[2], zz, 2);
-        implMulwAcc(f[3], g[3], zz, 3);
-
-        // U *= (1 - t^n)
-        for (int i = 5; i > 0; --i)
-        {
-            zz[i] ^= zz[i - 1];
-        }
-
-        implMulwAcc(f[0] ^ f[1], g[0] ^ g[1], zz, 1);
-        implMulwAcc(f[2] ^ f[3], g[2] ^ g[3], zz, 3);
-
-        // V *= (1 - t^2n)
-        for (int i = 7; i > 1; --i)
-        {
-            zz[i] ^= zz[i - 2];
-        }
-
-        // Double-length recursion
-        {
-            long c0 = f[0] ^ f[2], c1 = f[1] ^ f[3];
-            long d0 = g[0] ^ g[2], d1 = g[1] ^ g[3];
-            implMulwAcc(c0 ^ c1, d0 ^ d1, zz, 3);
-            long[] t = new long[3];
-            implMulwAcc(c0, d0, t, 0);
-            implMulwAcc(c1, d1, t, 1);
-            long t0 = t[0], t1 = t[1], t2 = t[2];
-            zz[2] ^= t0;
-            zz[3] ^= t0 ^ t1;
-            zz[4] ^= t2 ^ t1;
-            zz[5] ^= t2;
-        }
-
-        implCompactExt(zz);
-    }
-
-    protected static void implMulwAcc(long x, long y, long[] z, int zOff)
-    {
-//        assert x >>> 59 == 0;
-//        assert y >>> 59 == 0;
-
-        long[] u = new long[8];
-//      u[0] = 0;
-        u[1] = y;
-        u[2] = u[1] << 1;
-        u[3] = u[2] ^  y;
-        u[4] = u[2] << 1;
-        u[5] = u[4] ^  y;
-        u[6] = u[3] << 1;
-        u[7] = u[6] ^  y;
-
-        int j = (int)x;
-        long g, h = 0, l = u[j & 7]
-                         ^ (u[(j >>> 3) & 7] << 3);
-        int k = 54;
-        do
-        {
-            j  = (int)(x >>> k);
-            g  = u[j & 7]
-               ^ u[(j >>> 3) & 7] << 3;
-            l ^= (g <<   k);
-            h ^= (g >>> -k);
-        }
-        while ((k -= 6) > 0);
-
-//        assert h >>> 53 == 0;
-
-        z[zOff    ] ^= l & M59;
-        z[zOff + 1] ^= (l >>> 59) ^ (h << 5);
-    }
-
-    protected static void implSquare(long[] x, long[] zz)
-    {
-        Interleave.expand64To128(x[0], zz, 0);
-        Interleave.expand64To128(x[1], zz, 2);
-        Interleave.expand64To128(x[2], zz, 4);
-
-        long x3 = x[3];
-        zz[6] = Interleave.expand32to64((int)x3);
-        zz[7] = Interleave.expand16to32((int)(x3 >>> 32)) & 0xFFFFFFFFL;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT233FieldElement.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT233FieldElement.java
deleted file mode 100644
index 6ec68d8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT233FieldElement.java
+++ /dev/null

@@ -1,226 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.raw.Nat256;
-import org.bouncycastle.util.Arrays;
-
-public class SecT233FieldElement extends ECFieldElement.AbstractF2m
-{
-    protected long[] x;
-
-    public SecT233FieldElement(BigInteger x)
-    {
-        if (x == null || x.signum() < 0 || x.bitLength() > 233)
-        {
-            throw new IllegalArgumentException("x value invalid for SecT233FieldElement");
-        }
-
-        this.x = SecT233Field.fromBigInteger(x);
-    }
-
-    public SecT233FieldElement()
-    {
-        this.x = Nat256.create64();
-    }
-
-    protected SecT233FieldElement(long[] x)
-    {
-        this.x = x;
-    }
-
-//    public int bitLength()
-//    {
-//        return x.degree();
-//    }
-
-    public boolean isOne()
-    {
-        return Nat256.isOne64(x);
-    }
-
-    public boolean isZero()
-    {
-        return Nat256.isZero64(x);
-    }
-
-    public boolean testBitZero()
-    {
-        return (x[0] & 1L) != 0L;
-    }
-
-    public BigInteger toBigInteger()
-    {
-        return Nat256.toBigInteger64(x);
-    }
-
-    public String getFieldName()
-    {
-        return "SecT233Field";
-    }
-
-    public int getFieldSize()
-    {
-        return 233;
-    }
-
-    public ECFieldElement add(ECFieldElement b)
-    {
-        long[] z = Nat256.create64();
-        SecT233Field.add(x, ((SecT233FieldElement)b).x, z);
-        return new SecT233FieldElement(z);
-    }
-
-    public ECFieldElement addOne()
-    {
-        long[] z = Nat256.create64();
-        SecT233Field.addOne(x, z);
-        return new SecT233FieldElement(z);
-    }
-
-    public ECFieldElement subtract(ECFieldElement b)
-    {
-        // Addition and subtraction are the same in F2m
-        return add(b);
-    }
-
-    public ECFieldElement multiply(ECFieldElement b)
-    {
-        long[] z = Nat256.create64();
-        SecT233Field.multiply(x, ((SecT233FieldElement)b).x, z);
-        return new SecT233FieldElement(z);
-    }
-
-    public ECFieldElement multiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
-    {
-        return multiplyPlusProduct(b, x, y);
-    }
-
-    public ECFieldElement multiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
-    {
-        long[] ax = this.x, bx = ((SecT233FieldElement)b).x;
-        long[] xx = ((SecT233FieldElement)x).x, yx = ((SecT233FieldElement)y).x;
-
-        long[] tt = Nat256.createExt64();
-        SecT233Field.multiplyAddToExt(ax, bx, tt);
-        SecT233Field.multiplyAddToExt(xx, yx, tt);
-
-        long[] z = Nat256.create64();
-        SecT233Field.reduce(tt, z);
-        return new SecT233FieldElement(z);
-    }
-
-    public ECFieldElement divide(ECFieldElement b)
-    {
-        return multiply(b.invert());
-    }
-
-    public ECFieldElement negate()
-    {
-        return this;
-    }
-
-    public ECFieldElement square()
-    {
-        long[] z = Nat256.create64();
-        SecT233Field.square(x, z);
-        return new SecT233FieldElement(z);
-    }
-
-    public ECFieldElement squareMinusProduct(ECFieldElement x, ECFieldElement y)
-    {
-        return squarePlusProduct(x, y);
-    }
-
-    public ECFieldElement squarePlusProduct(ECFieldElement x, ECFieldElement y)
-    {
-        long[] ax = this.x;
-        long[] xx = ((SecT233FieldElement)x).x, yx = ((SecT233FieldElement)y).x;
-
-        long[] tt = Nat256.createExt64();
-        SecT233Field.squareAddToExt(ax, tt);
-        SecT233Field.multiplyAddToExt(xx, yx, tt);
-
-        long[] z = Nat256.create64();
-        SecT233Field.reduce(tt, z);
-        return new SecT233FieldElement(z);
-    }
-
-    public ECFieldElement squarePow(int pow)
-    {
-        if (pow < 1)
-        {
-            return this;
-        }
-
-        long[] z = Nat256.create64();
-        SecT233Field.squareN(x, pow, z);
-        return new SecT233FieldElement(z);
-    }
-
-    public int trace()
-    {
-        return SecT233Field.trace(x);
-    }
-
-    public ECFieldElement invert()
-    {
-        long[] z = Nat256.create64();
-        SecT233Field.invert(x, z);
-        return new SecT233FieldElement(z);
-    }
-
-    public ECFieldElement sqrt()
-    {
-        long[] z = Nat256.create64();
-        SecT233Field.sqrt(x, z);
-        return new SecT233FieldElement(z);
-    }
-
-    public int getRepresentation()
-    {
-        return ECFieldElement.F2m.TPB;
-    }
-
-    public int getM()
-    {
-        return 233;
-    }
-
-    public int getK1()
-    {
-        return 74;
-    }
-
-    public int getK2()
-    {
-        return 0;
-    }
-
-    public int getK3()
-    {
-        return 0;
-    }
-
-    public boolean equals(Object other)
-    {
-        if (other == this)
-        {
-            return true;
-        }
-
-        if (!(other instanceof SecT233FieldElement))
-        {
-            return false;
-        }
-
-        SecT233FieldElement o = (SecT233FieldElement)other;
-        return Nat256.eq64(x, o.x);
-    }
-
-    public int hashCode()
-    {
-        return 2330074 ^ Arrays.hashCode(x, 0, 4);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT233K1Curve.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT233K1Curve.java
deleted file mode 100644
index 724f9d6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT233K1Curve.java
+++ /dev/null

@@ -1,155 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECCurve.AbstractF2m;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECLookupTable;
-import org.bouncycastle.math.ec.ECMultiplier;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.WTauNafMultiplier;
-import org.bouncycastle.math.raw.Nat256;
-import org.bouncycastle.util.encoders.Hex;
-
-public class SecT233K1Curve extends AbstractF2m
-{
-    private static final int SecT233K1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
-
-    protected SecT233K1Point infinity;
-
-    public SecT233K1Curve()
-    {
-        super(233, 74, 0, 0);
-
-        this.infinity = new SecT233K1Point(this, null, null);
-
-        this.a = fromBigInteger(BigInteger.valueOf(0));
-        this.b = fromBigInteger(BigInteger.valueOf(1));
-        this.order = new BigInteger(1, Hex.decode("8000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF"));
-        this.cofactor = BigInteger.valueOf(4);
-
-        this.coord = SecT233K1_DEFAULT_COORDS;
-    }
-
-    protected ECCurve cloneCurve()
-    {
-        return new SecT233K1Curve();
-    }
-
-    public boolean supportsCoordinateSystem(int coord)
-    {
-        switch (coord)
-        {
-        case COORD_LAMBDA_PROJECTIVE:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    protected ECMultiplier createDefaultMultiplier()
-    {
-        return new WTauNafMultiplier();
-    }
-
-    public int getFieldSize()
-    {
-        return 233;
-    }
-
-    public ECFieldElement fromBigInteger(BigInteger x)
-    {
-        return new SecT233FieldElement(x);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        return new SecT233K1Point(this, x, y, withCompression);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        return new SecT233K1Point(this, x, y, zs, withCompression);
-    }
-
-    public ECPoint getInfinity()
-    {
-        return infinity;
-    }
-
-    public boolean isKoblitz()
-    {
-        return true;
-    }
-
-    public int getM()
-    {
-        return 233;
-    }
-
-    public boolean isTrinomial()
-    {
-        return true;
-    }
-
-    public int getK1()
-    {
-        return 74;
-    }
-
-    public int getK2()
-    {
-        return 0;
-    }
-
-    public int getK3()
-    {
-        return 0;
-    }
-
-    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
-    {
-        final int FE_LONGS = 4;
-
-        final long[] table = new long[len * FE_LONGS * 2];
-        {
-            int pos = 0;
-            for (int i = 0; i < len; ++i)
-            {
-                ECPoint p = points[off + i];
-                Nat256.copy64(((SecT233FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_LONGS;
-                Nat256.copy64(((SecT233FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_LONGS;
-            }
-        }
-
-        return new ECLookupTable()
-        {
-            public int getSize()
-            {
-                return len;
-            }
-
-            public ECPoint lookup(int index)
-            {
-                long[] x = Nat256.create64(), y = Nat256.create64();
-                int pos = 0;
-
-                for (int i = 0; i < len; ++i)
-                {
-                    long MASK = ((i ^ index) - 1) >> 31;
-
-                    for (int j = 0; j < FE_LONGS; ++j)
-                    {
-                        x[j] ^= table[pos + j] & MASK;
-                        y[j] ^= table[pos + FE_LONGS + j] & MASK;
-                    }
-
-                    pos += (FE_LONGS * 2);
-                }
-
-                return createRawPoint(new SecT233FieldElement(x), new SecT233FieldElement(y), false);
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT233K1Point.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT233K1Point.java
deleted file mode 100644
index ac29aa3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT233K1Point.java
+++ /dev/null

@@ -1,316 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.ECPoint.AbstractF2m;
-
-public class SecT233K1Point extends AbstractF2m
-{
-    /**
-     * @deprecated Use ECCurve.createPoint to construct points
-     */
-    public SecT233K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
-    {
-        this(curve, x, y, false);
-    }
-
-    /**
-     * @deprecated per-point compression property will be removed, refer {@link #getEncoded(boolean)}
-     */
-    public SecT233K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        super(curve, x, y);
-
-        if ((x == null) != (y == null))
-        {
-            throw new IllegalArgumentException("Exactly one of the field elements is null");
-        }
-
-        this.withCompression = withCompression;
-    }
-
-    SecT233K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        super(curve, x, y, zs);
-
-        this.withCompression = withCompression;
-    }
-
-    protected ECPoint detach()
-    {
-        return new SecT233K1Point(null, this.getAffineXCoord(), this.getAffineYCoord()); // earlier JDK
-    }
-
-    public ECFieldElement getYCoord()
-    {
-        ECFieldElement X = x, L = y;
-
-        if (this.isInfinity() || X.isZero())
-        {
-            return L;
-        }
-
-        // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
-        ECFieldElement Y = L.add(X).multiply(X);
-
-        ECFieldElement Z = zs[0];
-        if (!Z.isOne())
-        {
-            Y = Y.divide(Z);
-        }
-
-        return Y;
-    }
-
-    protected boolean getCompressionYTilde()
-    {
-        ECFieldElement X = this.getRawXCoord();
-        if (X.isZero())
-        {
-            return false;
-        }
-
-        ECFieldElement Y = this.getRawYCoord();
-
-        // Y is actually Lambda (X + Y/X) here
-        return Y.testBitZero() != X.testBitZero();
-    }
-
-    public ECPoint add(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        ECFieldElement X2 = b.getRawXCoord();
-
-        if (X1.isZero())
-        {
-            if (X2.isZero())
-            {
-                return curve.getInfinity();
-            }
-
-            return b.add(this);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord(), Z2 = b.getZCoord(0);
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement U2 = X2, S2 = L2;
-        if (!Z1IsOne)
-        {
-            U2 = U2.multiply(Z1);
-            S2 = S2.multiply(Z1);
-        }
-
-        boolean Z2IsOne = Z2.isOne();
-        ECFieldElement U1 = X1, S1 = L1;
-        if (!Z2IsOne)
-        {
-            U1 = U1.multiply(Z2);
-            S1 = S1.multiply(Z2);
-        }
-
-        ECFieldElement A = S1.add(S2);
-        ECFieldElement B = U1.add(U2);
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        ECFieldElement X3, L3, Z3;
-        if (X2.isZero())
-        {
-            // TODO This can probably be optimized quite a bit
-            ECPoint p = this.normalize();
-            X1 = p.getXCoord();
-            ECFieldElement Y1 = p.getYCoord();
-
-            ECFieldElement Y2 = L2;
-            ECFieldElement L = Y1.add(Y2).divide(X1);
-
-            X3 = L.square().add(L).add(X1);
-            if (X3.isZero())
-            {
-                return new SecT233K1Point(curve, X3, curve.getB(), this.withCompression);
-            }
-
-            ECFieldElement Y3 = L.multiply(X1.add(X3)).add(X3).add(Y1);
-            L3 = Y3.divide(X3).add(X3);
-            Z3 = curve.fromBigInteger(ECConstants.ONE);
-        }
-        else
-        {
-            B = B.square();
-
-            ECFieldElement AU1 = A.multiply(U1);
-            ECFieldElement AU2 = A.multiply(U2);
-
-            X3 = AU1.multiply(AU2);
-            if (X3.isZero())
-            {
-                return new SecT233K1Point(curve, X3, curve.getB(), this.withCompression);
-            }
-
-            ECFieldElement ABZ2 = A.multiply(B);
-            if (!Z2IsOne)
-            {
-                ABZ2 = ABZ2.multiply(Z2);
-            }
-
-            L3 = AU2.add(B).squarePlusProduct(ABZ2, L1.add(Z1));
-
-            Z3 = ABZ2;
-            if (!Z1IsOne)
-            {
-                Z3 = Z3.multiply(Z1);
-            }
-        }
-
-        return new SecT233K1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twice()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return curve.getInfinity();
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.square();
-        ECFieldElement T;
-        if (Z1IsOne)
-        {
-            T = L1.square().add(L1);
-        }
-        else
-        {
-            T = L1.add(Z1).multiply(L1);
-        }
-
-        if (T.isZero())
-        {
-            return new SecT233K1Point(curve, T, curve.getB(), withCompression);
-        }
-
-        ECFieldElement X3 = T.square();
-        ECFieldElement Z3 = Z1IsOne ? T : T.multiply(Z1Sq);
-
-        ECFieldElement t1 = L1.add(X1).square();
-        ECFieldElement t2 = Z1IsOne ? Z1 : Z1Sq.square();
-        ECFieldElement L3 = t1.add(T).add(Z1Sq).multiply(t1).add(t2).add(X3).add(Z3);
-
-        return new SecT233K1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twicePlus(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return twice();
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return b;
-        }
-
-        // NOTE: twicePlus() only optimized for lambda-affine argument
-        ECFieldElement X2 = b.getRawXCoord(), Z2 = b.getZCoord(0);
-        if (X2.isZero() || !Z2.isOne())
-        {
-            return twice().add(b);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord();
-
-        ECFieldElement X1Sq = X1.square();
-        ECFieldElement L1Sq = L1.square();
-        ECFieldElement Z1Sq = Z1.square();
-        ECFieldElement L1Z1 = L1.multiply(Z1);
-
-        ECFieldElement T = L1Sq.add(L1Z1);
-        ECFieldElement L2plus1 = L2.addOne();
-        ECFieldElement A = L2plus1.multiply(Z1Sq).add(L1Sq).multiplyPlusProduct(T, X1Sq, Z1Sq);
-        ECFieldElement X2Z1Sq = X2.multiply(Z1Sq);
-        ECFieldElement B = X2Z1Sq.add(T).square();
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return b.twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        if (A.isZero())
-        {
-            return new SecT233K1Point(curve, A, curve.getB(), withCompression);
-        }
-
-        ECFieldElement X3 = A.square().multiply(X2Z1Sq);
-        ECFieldElement Z3 = A.multiply(B).multiply(Z1Sq);
-        ECFieldElement L3 = A.add(B).square().multiplyPlusProduct(T, L2plus1, Z3);
-
-        return new SecT233K1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint negate()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECFieldElement X = this.x;
-        if (X.isZero())
-        {
-            return this;
-        }
-
-        // L is actually Lambda (X + Y/X) here
-        ECFieldElement L = this.y, Z = this.zs[0];
-        return new SecT233K1Point(curve, X, L.add(Z), new ECFieldElement[]{ Z }, this.withCompression);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT233R1Curve.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT233R1Curve.java
deleted file mode 100644
index 05b6fac..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT233R1Curve.java
+++ /dev/null

@@ -1,148 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECCurve.AbstractF2m;
-import org.bouncycastle.math.raw.Nat256;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECLookupTable;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.util.encoders.Hex;
-
-public class SecT233R1Curve extends AbstractF2m
-{
-    private static final int SecT233R1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
-
-    protected SecT233R1Point infinity;
-
-    public SecT233R1Curve()
-    {
-        super(233, 74, 0, 0);
-
-        this.infinity = new SecT233R1Point(this, null, null);
-
-        this.a = fromBigInteger(BigInteger.valueOf(1));
-        this.b = fromBigInteger(new BigInteger(1, Hex.decode("0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD")));
-        this.order = new BigInteger(1, Hex.decode("01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7"));
-        this.cofactor = BigInteger.valueOf(2);
-
-        this.coord = SecT233R1_DEFAULT_COORDS;
-    }
-
-    protected ECCurve cloneCurve()
-    {
-        return new SecT233R1Curve();
-    }
-
-    public boolean supportsCoordinateSystem(int coord)
-    {
-        switch (coord)
-        {
-        case COORD_LAMBDA_PROJECTIVE:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    public int getFieldSize()
-    {
-        return 233;
-    }
-
-    public ECFieldElement fromBigInteger(BigInteger x)
-    {
-        return new SecT233FieldElement(x);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        return new SecT233R1Point(this, x, y, withCompression);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        return new SecT233R1Point(this, x, y, zs, withCompression);
-    }
-
-    public ECPoint getInfinity()
-    {
-        return infinity;
-    }
-
-    public boolean isKoblitz()
-    {
-        return false;
-    }
-
-    public int getM()
-    {
-        return 233;
-    }
-
-    public boolean isTrinomial()
-    {
-        return true;
-    }
-
-    public int getK1()
-    {
-        return 74;
-    }
-
-    public int getK2()
-    {
-        return 0;
-    }
-
-    public int getK3()
-    {
-        return 0;
-    }
-
-    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
-    {
-        final int FE_LONGS = 4;
-
-        final long[] table = new long[len * FE_LONGS * 2];
-        {
-            int pos = 0;
-            for (int i = 0; i < len; ++i)
-            {
-                ECPoint p = points[off + i];
-                Nat256.copy64(((SecT233FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_LONGS;
-                Nat256.copy64(((SecT233FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_LONGS;
-            }
-        }
-
-        return new ECLookupTable()
-        {
-            public int getSize()
-            {
-                return len;
-            }
-
-            public ECPoint lookup(int index)
-            {
-                long[] x = Nat256.create64(), y = Nat256.create64();
-                int pos = 0;
-
-                for (int i = 0; i < len; ++i)
-                {
-                    long MASK = ((i ^ index) - 1) >> 31;
-
-                    for (int j = 0; j < FE_LONGS; ++j)
-                    {
-                        x[j] ^= table[pos + j] & MASK;
-                        y[j] ^= table[pos + FE_LONGS + j] & MASK;
-                    }
-
-                    pos += (FE_LONGS * 2);
-                }
-
-                return createRawPoint(new SecT233FieldElement(x), new SecT233FieldElement(y), false);
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT233R1Point.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT233R1Point.java
deleted file mode 100644
index 8493094..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT233R1Point.java
+++ /dev/null

@@ -1,305 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.ECPoint.AbstractF2m;
-
-public class SecT233R1Point extends AbstractF2m
-{
-    /**
-     * @deprecated Use ECCurve.createPoint to construct points
-     */
-    public SecT233R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
-    {
-        this(curve, x, y, false);
-    }
-
-    /**
-     * @deprecated per-point compression property will be removed, refer {@link #getEncoded(boolean)}
-     */
-    public SecT233R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        super(curve, x, y);
-
-        if ((x == null) != (y == null))
-        {
-            throw new IllegalArgumentException("Exactly one of the field elements is null");
-        }
-
-        this.withCompression = withCompression;
-    }
-
-    SecT233R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        super(curve, x, y, zs);
-
-        this.withCompression = withCompression;
-    }
-
-    protected ECPoint detach()
-    {
-        return new SecT233R1Point(null, getAffineXCoord(), getAffineYCoord());
-    }
-
-    public ECFieldElement getYCoord()
-    {
-        ECFieldElement X = x, L = y;
-
-        if (this.isInfinity() || X.isZero())
-        {
-            return L;
-        }
-
-        // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
-        ECFieldElement Y = L.add(X).multiply(X);
-
-        ECFieldElement Z = zs[0];
-        if (!Z.isOne())
-        {
-            Y = Y.divide(Z);
-        }
-
-        return Y;
-    }
-
-    protected boolean getCompressionYTilde()
-    {
-        ECFieldElement X = this.getRawXCoord();
-        if (X.isZero())
-        {
-            return false;
-        }
-
-        ECFieldElement Y = this.getRawYCoord();
-
-        // Y is actually Lambda (X + Y/X) here
-        return Y.testBitZero() != X.testBitZero();
-    }
-
-    public ECPoint add(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        ECFieldElement X2 = b.getRawXCoord();
-
-        if (X1.isZero())
-        {
-            if (X2.isZero())
-            {
-                return curve.getInfinity();
-            }
-
-            return b.add(this);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord(), Z2 = b.getZCoord(0);
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement U2 = X2, S2 = L2;
-        if (!Z1IsOne)
-        {
-            U2 = U2.multiply(Z1);
-            S2 = S2.multiply(Z1);
-        }
-
-        boolean Z2IsOne = Z2.isOne();
-        ECFieldElement U1 = X1, S1 = L1;
-        if (!Z2IsOne)
-        {
-            U1 = U1.multiply(Z2);
-            S1 = S1.multiply(Z2);
-        }
-
-        ECFieldElement A = S1.add(S2);
-        ECFieldElement B = U1.add(U2);
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        ECFieldElement X3, L3, Z3;
-        if (X2.isZero())
-        {
-            // TODO This can probably be optimized quite a bit
-            ECPoint p = this.normalize();
-            X1 = p.getXCoord();
-            ECFieldElement Y1 = p.getYCoord();
-
-            ECFieldElement Y2 = L2;
-            ECFieldElement L = Y1.add(Y2).divide(X1);
-
-            X3 = L.square().add(L).add(X1).addOne();
-            if (X3.isZero())
-            {
-                return new SecT233R1Point(curve, X3, curve.getB().sqrt(), this.withCompression);
-            }
-
-            ECFieldElement Y3 = L.multiply(X1.add(X3)).add(X3).add(Y1);
-            L3 = Y3.divide(X3).add(X3);
-            Z3 = curve.fromBigInteger(ECConstants.ONE);
-        }
-        else
-        {
-            B = B.square();
-
-            ECFieldElement AU1 = A.multiply(U1);
-            ECFieldElement AU2 = A.multiply(U2);
-
-            X3 = AU1.multiply(AU2);
-            if (X3.isZero())
-            {
-                return new SecT233R1Point(curve, X3, curve.getB().sqrt(), this.withCompression);
-            }
-
-            ECFieldElement ABZ2 = A.multiply(B);
-            if (!Z2IsOne)
-            {
-                ABZ2 = ABZ2.multiply(Z2);
-            }
-
-            L3 = AU2.add(B).squarePlusProduct(ABZ2, L1.add(Z1));
-
-            Z3 = ABZ2;
-            if (!Z1IsOne)
-            {
-                Z3 = Z3.multiply(Z1);
-            }
-        }
-
-        return new SecT233R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twice()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return curve.getInfinity();
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.multiply(Z1);
-        ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.square();
-        ECFieldElement T = L1.square().add(L1Z1).add(Z1Sq);
-        if (T.isZero())
-        {
-            return new SecT233R1Point(curve, T, curve.getB().sqrt(), withCompression);
-        }
-
-        ECFieldElement X3 = T.square();
-        ECFieldElement Z3 = Z1IsOne ? T : T.multiply(Z1Sq);
-
-        ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.multiply(Z1);
-        ECFieldElement L3 = X1Z1.squarePlusProduct(T, L1Z1).add(X3).add(Z3);
-
-        return new SecT233R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twicePlus(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return twice();
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return b;
-        }
-
-        ECFieldElement X2 = b.getRawXCoord(), Z2 = b.getZCoord(0);
-        if (X2.isZero() || !Z2.isOne())
-        {
-            return twice().add(b);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord();
-
-        ECFieldElement X1Sq = X1.square();
-        ECFieldElement L1Sq = L1.square();
-        ECFieldElement Z1Sq = Z1.square();
-        ECFieldElement L1Z1 = L1.multiply(Z1);
-
-        ECFieldElement T = Z1Sq.add(L1Sq).add(L1Z1);
-        ECFieldElement A = L2.multiply(Z1Sq).add(L1Sq).multiplyPlusProduct(T, X1Sq, Z1Sq);
-        ECFieldElement X2Z1Sq = X2.multiply(Z1Sq);
-        ECFieldElement B = X2Z1Sq.add(T).square();
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return b.twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        if (A.isZero())
-        {
-            return new SecT233R1Point(curve, A, curve.getB().sqrt(), withCompression);
-        }
-
-        ECFieldElement X3 = A.square().multiply(X2Z1Sq);
-        ECFieldElement Z3 = A.multiply(B).multiply(Z1Sq);
-        ECFieldElement L3 = A.add(B).square().multiplyPlusProduct(T, L2.addOne(), Z3);
-
-        return new SecT233R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint negate()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECFieldElement X = this.x;
-        if (X.isZero())
-        {
-            return this;
-        }
-
-        // L is actually Lambda (X + Y/X) here
-        ECFieldElement L = this.y, Z = this.zs[0];
-        return new SecT233R1Point(curve, X, L.add(Z), new ECFieldElement[]{ Z }, this.withCompression);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT239Field.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT239Field.java
deleted file mode 100644
index 5f5bf3f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT239Field.java
+++ /dev/null

@@ -1,329 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.raw.Interleave;
-import org.bouncycastle.math.raw.Nat256;
-
-public class SecT239Field
-{
-    private static final long M47 = -1L >>> 17;
-    private static final long M60 = -1L >>> 4;
-
-    public static void add(long[] x, long[] y, long[] z)
-    {
-        z[0] = x[0] ^ y[0];
-        z[1] = x[1] ^ y[1];
-        z[2] = x[2] ^ y[2];
-        z[3] = x[3] ^ y[3];
-    }
-
-    public static void addExt(long[] xx, long[] yy, long[] zz)
-    {
-        zz[0] = xx[0] ^ yy[0];
-        zz[1] = xx[1] ^ yy[1];
-        zz[2] = xx[2] ^ yy[2];
-        zz[3] = xx[3] ^ yy[3];
-        zz[4] = xx[4] ^ yy[4];
-        zz[5] = xx[5] ^ yy[5];
-        zz[6] = xx[6] ^ yy[6];
-        zz[7] = xx[7] ^ yy[7];
-    }
-
-    public static void addOne(long[] x, long[] z)
-    {
-        z[0] = x[0] ^ 1L;
-        z[1] = x[1];
-        z[2] = x[2];
-        z[3] = x[3];
-    }
-
-    public static long[] fromBigInteger(BigInteger x)
-    {
-        long[] z = Nat256.fromBigInteger64(x);
-        reduce17(z, 0);
-        return z;
-    }
-
-    public static void invert(long[] x, long[] z)
-    {
-        if (Nat256.isZero64(x))
-        {
-            throw new IllegalStateException();
-        }
-
-        // Itoh-Tsujii inversion
-
-        long[] t0 = Nat256.create64();
-        long[] t1 = Nat256.create64();
-
-        square(x, t0);
-        multiply(t0, x, t0);
-        square(t0, t0);
-        multiply(t0, x, t0);
-        squareN(t0, 3, t1);
-        multiply(t1, t0, t1);
-        square(t1, t1);
-        multiply(t1, x, t1);
-        squareN(t1, 7, t0);
-        multiply(t0, t1, t0);
-        squareN(t0, 14, t1);
-        multiply(t1, t0, t1);
-        square(t1, t1);
-        multiply(t1, x, t1);
-        squareN(t1, 29, t0);
-        multiply(t0, t1, t0);
-        square(t0, t0);
-        multiply(t0, x, t0);
-        squareN(t0, 59, t1);
-        multiply(t1, t0, t1);
-        square(t1, t1);
-        multiply(t1, x, t1);
-        squareN(t1, 119, t0);
-        multiply(t0, t1, t0);
-        square(t0, z);
-    }
-
-    public static void multiply(long[] x, long[] y, long[] z)
-    {
-        long[] tt = Nat256.createExt64();
-        implMultiply(x, y, tt);
-        reduce(tt, z);
-    }
-
-    public static void multiplyAddToExt(long[] x, long[] y, long[] zz)
-    {
-        long[] tt = Nat256.createExt64();
-        implMultiply(x, y, tt);
-        addExt(zz, tt, zz);
-    }
-
-    public static void reduce(long[] xx, long[] z)
-    {
-        long x0 = xx[0], x1 = xx[1], x2 = xx[2], x3 = xx[3];
-        long x4 = xx[4], x5 = xx[5], x6 = xx[6], x7 = xx[7];
-
-        x3 ^= (x7 <<  17);
-        x4 ^= (x7 >>> 47);
-        x5 ^= (x7 <<  47);
-        x6 ^= (x7 >>> 17);
-
-        x2 ^= (x6 <<  17);
-        x3 ^= (x6 >>> 47);
-        x4 ^= (x6 <<  47);
-        x5 ^= (x6 >>> 17);
-
-        x1 ^= (x5 <<  17);
-        x2 ^= (x5 >>> 47);
-        x3 ^= (x5 <<  47);
-        x4 ^= (x5 >>> 17);
-
-        x0 ^= (x4 <<  17);
-        x1 ^= (x4 >>> 47);
-        x2 ^= (x4 <<  47);
-        x3 ^= (x4 >>> 17);
-
-        long t = x3 >>> 47;
-        z[0]   = x0 ^ t;
-        z[1]   = x1;
-        z[2]   = x2 ^ (t << 30);
-        z[3]   = x3 & M47;
-    }
-
-    public static void reduce17(long[] z, int zOff)
-    {
-        long z3      = z[zOff + 3], t = z3 >>> 47;
-        z[zOff    ] ^= t;
-        z[zOff + 2] ^= (t << 30);
-        z[zOff + 3]  = z3 & M47;
-    }
-
-    public static void sqrt(long[] x, long[] z)
-    {
-        long u0, u1;
-        u0 = Interleave.unshuffle(x[0]); u1 = Interleave.unshuffle(x[1]);
-        long e0 = (u0 & 0x00000000FFFFFFFFL) | (u1 << 32);
-        long c0 = (u0 >>> 32) | (u1 & 0xFFFFFFFF00000000L);
-
-        u0 = Interleave.unshuffle(x[2]); u1 = Interleave.unshuffle(x[3]);
-        long e1 = (u0 & 0x00000000FFFFFFFFL) | (u1 << 32);
-        long c1 = (u0 >>> 32) | (u1 & 0xFFFFFFFF00000000L);
-
-        long c2, c3;
-        c3  = (c1 >>> 49);
-        c2  = (c0 >>> 49) | (c1 << 15);
-        c1 ^=               (c0 << 15);
-
-        long[] tt = Nat256.createExt64();
-
-        int[] shifts = { 39, 120 };
-        for (int i = 0; i < shifts.length; ++i)
-        {
-            int w = shifts[i] >>> 6, s = shifts[i] & 63;
-//            assert s != 0;
-            tt[w    ] ^= (c0 << s);
-            tt[w + 1] ^= (c1 << s) | (c0 >>> -s);
-            tt[w + 2] ^= (c2 << s) | (c1 >>> -s);
-            tt[w + 3] ^= (c3 << s) | (c2 >>> -s);
-            tt[w + 4] ^=             (c3 >>> -s);
-        }
-
-        reduce(tt, z);
-
-        z[0] ^= e0;
-        z[1] ^= e1;
-    }
-
-    public static void square(long[] x, long[] z)
-    {
-        long[] tt = Nat256.createExt64();
-        implSquare(x, tt);
-        reduce(tt, z);
-    }
-
-    public static void squareAddToExt(long[] x, long[] zz)
-    {
-        long[] tt = Nat256.createExt64();
-        implSquare(x, tt);
-        addExt(zz, tt, zz);
-    }
-
-    public static void squareN(long[] x, int n, long[] z)
-    {
-//        assert n > 0;
-
-        long[] tt = Nat256.createExt64();
-        implSquare(x, tt);
-        reduce(tt, z);
-
-        while (--n > 0)
-        {
-            implSquare(z, tt);
-            reduce(tt, z);
-        }
-    }
-
-    public static int trace(long[] x)
-    {
-        // Non-zero-trace bits: 0, 81, 162
-        return (int)(x[0] ^ (x[1] >>> 17) ^ (x[2] >>> 34)) & 1;
-    }
-
-    protected static void implCompactExt(long[] zz)
-    {
-        long z0 = zz[0], z1 = zz[1], z2 = zz[2], z3 = zz[3], z4 = zz[4], z5 = zz[5], z6 = zz[6], z7 = zz[7];
-        zz[0] =  z0         ^ (z1 << 60);
-        zz[1] = (z1 >>>  4) ^ (z2 << 56);
-        zz[2] = (z2 >>>  8) ^ (z3 << 52);
-        zz[3] = (z3 >>> 12) ^ (z4 << 48);
-        zz[4] = (z4 >>> 16) ^ (z5 << 44);
-        zz[5] = (z5 >>> 20) ^ (z6 << 40);
-        zz[6] = (z6 >>> 24) ^ (z7 << 36);
-        zz[7] = (z7 >>> 28);
-    }
-
-    protected static void implExpand(long[] x, long[] z)
-    {
-        long x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3];
-        z[0] = x0 & M60;
-        z[1] = ((x0 >>> 60) ^ (x1 <<  4)) & M60;
-        z[2] = ((x1 >>> 56) ^ (x2 <<  8)) & M60;
-        z[3] = ((x2 >>> 52) ^ (x3 << 12));
-    }
-
-    protected static void implMultiply(long[] x, long[] y, long[] zz)
-    {
-        /*
-         * "Two-level seven-way recursion" as described in "Batch binary Edwards", Daniel J. Bernstein.
-         */
-
-        long[] f = new long[4], g = new long[4];
-        implExpand(x, f);
-        implExpand(y, g);
-
-        implMulwAcc(f[0], g[0], zz, 0);
-        implMulwAcc(f[1], g[1], zz, 1);
-        implMulwAcc(f[2], g[2], zz, 2);
-        implMulwAcc(f[3], g[3], zz, 3);
-
-        // U *= (1 - t^n)
-        for (int i = 5; i > 0; --i)
-        {
-            zz[i] ^= zz[i - 1];
-        }
-
-        implMulwAcc(f[0] ^ f[1], g[0] ^ g[1], zz, 1);
-        implMulwAcc(f[2] ^ f[3], g[2] ^ g[3], zz, 3);
-
-        // V *= (1 - t^2n)
-        for (int i = 7; i > 1; --i)
-        {
-            zz[i] ^= zz[i - 2];
-        }
-
-        // Double-length recursion
-        {
-            long c0 = f[0] ^ f[2], c1 = f[1] ^ f[3];
-            long d0 = g[0] ^ g[2], d1 = g[1] ^ g[3];
-            implMulwAcc(c0 ^ c1, d0 ^ d1, zz, 3);
-            long[] t = new long[3];
-            implMulwAcc(c0, d0, t, 0);
-            implMulwAcc(c1, d1, t, 1);
-            long t0 = t[0], t1 = t[1], t2 = t[2];
-            zz[2] ^= t0;
-            zz[3] ^= t0 ^ t1;
-            zz[4] ^= t2 ^ t1;
-            zz[5] ^= t2;
-        }
-
-        implCompactExt(zz);
-    }
-
-    protected static void implMulwAcc(long x, long y, long[] z, int zOff)
-    {
-//        assert x >>> 60 == 0;
-//        assert y >>> 60 == 0;
-
-        long[] u = new long[8];
-//      u[0] = 0;
-        u[1] = y;
-        u[2] = u[1] << 1;
-        u[3] = u[2] ^  y;
-        u[4] = u[2] << 1;
-        u[5] = u[4] ^  y;
-        u[6] = u[3] << 1;
-        u[7] = u[6] ^  y;
-
-        int j = (int)x;
-        long g, h = 0, l = u[j & 7]
-                         ^ (u[(j >>> 3) & 7] << 3);
-        int k = 54;
-        do
-        {
-            j  = (int)(x >>> k);
-            g  = u[j & 7]
-               ^ u[(j >>> 3) & 7] << 3;
-            l ^= (g <<   k);
-            h ^= (g >>> -k);
-        }
-        while ((k -= 6) > 0);
-
-        h ^= ((x & 0x0820820820820820L) & ((y << 4) >> 63)) >>> 5;
-
-//        assert h >>> 55 == 0;
-
-        z[zOff    ] ^= l & M60;
-        z[zOff + 1] ^= (l >>> 60) ^ (h << 4);
-    }
-
-    protected static void implSquare(long[] x, long[] zz)
-    {
-        Interleave.expand64To128(x[0], zz, 0);
-        Interleave.expand64To128(x[1], zz, 2);
-        Interleave.expand64To128(x[2], zz, 4);
-
-        long x3 = x[3];
-        zz[6] = Interleave.expand32to64((int)x3);
-        zz[7] = Interleave.expand16to32((int)(x3 >>> 32)) & 0xFFFFFFFFL;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT239FieldElement.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT239FieldElement.java
deleted file mode 100644
index e148b8a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT239FieldElement.java
+++ /dev/null

@@ -1,226 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.raw.Nat256;
-import org.bouncycastle.util.Arrays;
-
-public class SecT239FieldElement extends ECFieldElement.AbstractF2m
-{
-    protected long[] x;
-
-    public SecT239FieldElement(BigInteger x)
-    {
-        if (x == null || x.signum() < 0 || x.bitLength() > 239)
-        {
-            throw new IllegalArgumentException("x value invalid for SecT239FieldElement");
-        }
-
-        this.x = SecT239Field.fromBigInteger(x);
-    }
-
-    public SecT239FieldElement()
-    {
-        this.x = Nat256.create64();
-    }
-
-    protected SecT239FieldElement(long[] x)
-    {
-        this.x = x;
-    }
-
-//    public int bitLength()
-//    {
-//        return x.degree();
-//    }
-
-    public boolean isOne()
-    {
-        return Nat256.isOne64(x);
-    }
-
-    public boolean isZero()
-    {
-        return Nat256.isZero64(x);
-    }
-
-    public boolean testBitZero()
-    {
-        return (x[0] & 1L) != 0L;
-    }
-
-    public BigInteger toBigInteger()
-    {
-        return Nat256.toBigInteger64(x);
-    }
-
-    public String getFieldName()
-    {
-        return "SecT239Field";
-    }
-
-    public int getFieldSize()
-    {
-        return 239;
-    }
-
-    public ECFieldElement add(ECFieldElement b)
-    {
-        long[] z = Nat256.create64();
-        SecT239Field.add(x, ((SecT239FieldElement)b).x, z);
-        return new SecT239FieldElement(z);
-    }
-
-    public ECFieldElement addOne()
-    {
-        long[] z = Nat256.create64();
-        SecT239Field.addOne(x, z);
-        return new SecT239FieldElement(z);
-    }
-
-    public ECFieldElement subtract(ECFieldElement b)
-    {
-        // Addition and subtraction are the same in F2m
-        return add(b);
-    }
-
-    public ECFieldElement multiply(ECFieldElement b)
-    {
-        long[] z = Nat256.create64();
-        SecT239Field.multiply(x, ((SecT239FieldElement)b).x, z);
-        return new SecT239FieldElement(z);
-    }
-
-    public ECFieldElement multiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
-    {
-        return multiplyPlusProduct(b, x, y);
-    }
-
-    public ECFieldElement multiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
-    {
-        long[] ax = this.x, bx = ((SecT239FieldElement)b).x;
-        long[] xx = ((SecT239FieldElement)x).x, yx = ((SecT239FieldElement)y).x;
-
-        long[] tt = Nat256.createExt64();
-        SecT239Field.multiplyAddToExt(ax, bx, tt);
-        SecT239Field.multiplyAddToExt(xx, yx, tt);
-
-        long[] z = Nat256.create64();
-        SecT239Field.reduce(tt, z);
-        return new SecT239FieldElement(z);
-    }
-
-    public ECFieldElement divide(ECFieldElement b)
-    {
-        return multiply(b.invert());
-    }
-
-    public ECFieldElement negate()
-    {
-        return this;
-    }
-
-    public ECFieldElement square()
-    {
-        long[] z = Nat256.create64();
-        SecT239Field.square(x, z);
-        return new SecT239FieldElement(z);
-    }
-
-    public ECFieldElement squareMinusProduct(ECFieldElement x, ECFieldElement y)
-    {
-        return squarePlusProduct(x, y);
-    }
-
-    public ECFieldElement squarePlusProduct(ECFieldElement x, ECFieldElement y)
-    {
-        long[] ax = this.x;
-        long[] xx = ((SecT239FieldElement)x).x, yx = ((SecT239FieldElement)y).x;
-
-        long[] tt = Nat256.createExt64();
-        SecT239Field.squareAddToExt(ax, tt);
-        SecT239Field.multiplyAddToExt(xx, yx, tt);
-
-        long[] z = Nat256.create64();
-        SecT239Field.reduce(tt, z);
-        return new SecT239FieldElement(z);
-    }
-
-    public ECFieldElement squarePow(int pow)
-    {
-        if (pow < 1)
-        {
-            return this;
-        }
-
-        long[] z = Nat256.create64();
-        SecT239Field.squareN(x, pow, z);
-        return new SecT239FieldElement(z);
-    }
-
-    public int trace()
-    {
-        return SecT239Field.trace(x);
-    }
-
-    public ECFieldElement invert()
-    {
-        long[] z = Nat256.create64();
-        SecT239Field.invert(x, z);
-        return new SecT239FieldElement(z);
-    }
-
-    public ECFieldElement sqrt()
-    {
-        long[] z = Nat256.create64();
-        SecT239Field.sqrt(x, z);
-        return new SecT239FieldElement(z);
-    }
-
-    public int getRepresentation()
-    {
-        return ECFieldElement.F2m.TPB;
-    }
-
-    public int getM()
-    {
-        return 239;
-    }
-
-    public int getK1()
-    {
-        return 158;
-    }
-
-    public int getK2()
-    {
-        return 0;
-    }
-
-    public int getK3()
-    {
-        return 0;
-    }
-
-    public boolean equals(Object other)
-    {
-        if (other == this)
-        {
-            return true;
-        }
-
-        if (!(other instanceof SecT239FieldElement))
-        {
-            return false;
-        }
-
-        SecT239FieldElement o = (SecT239FieldElement)other;
-        return Nat256.eq64(x, o.x);
-    }
-
-    public int hashCode()
-    {
-        return 23900158 ^ Arrays.hashCode(x, 0, 4);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT239K1Curve.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT239K1Curve.java
deleted file mode 100644
index 45b0a5e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT239K1Curve.java
+++ /dev/null

@@ -1,155 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECCurve.AbstractF2m;
-import org.bouncycastle.math.raw.Nat256;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECLookupTable;
-import org.bouncycastle.math.ec.ECMultiplier;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.WTauNafMultiplier;
-import org.bouncycastle.util.encoders.Hex;
-
-public class SecT239K1Curve extends AbstractF2m
-{
-    private static final int SecT239K1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
-
-    protected SecT239K1Point infinity;
-
-    public SecT239K1Curve()
-    {
-        super(239, 158, 0, 0);
-
-        this.infinity = new SecT239K1Point(this, null, null);
-
-        this.a = fromBigInteger(BigInteger.valueOf(0));
-        this.b = fromBigInteger(BigInteger.valueOf(1));
-        this.order = new BigInteger(1, Hex.decode("2000000000000000000000000000005A79FEC67CB6E91F1C1DA800E478A5"));
-        this.cofactor = BigInteger.valueOf(4);
-
-        this.coord = SecT239K1_DEFAULT_COORDS;
-    }
-
-    protected ECCurve cloneCurve()
-    {
-        return new SecT239K1Curve();
-    }
-
-    public boolean supportsCoordinateSystem(int coord)
-    {
-        switch (coord)
-        {
-        case COORD_LAMBDA_PROJECTIVE:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    protected ECMultiplier createDefaultMultiplier()
-    {
-        return new WTauNafMultiplier();
-    }
-
-    public int getFieldSize()
-    {
-        return 239;
-    }
-
-    public ECFieldElement fromBigInteger(BigInteger x)
-    {
-        return new SecT239FieldElement(x);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        return new SecT239K1Point(this, x, y, withCompression);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        return new SecT239K1Point(this, x, y, zs, withCompression);
-    }
-
-    public ECPoint getInfinity()
-    {
-        return infinity;
-    }
-
-    public boolean isKoblitz()
-    {
-        return true;
-    }
-
-    public int getM()
-    {
-        return 239;
-    }
-
-    public boolean isTrinomial()
-    {
-        return true;
-    }
-
-    public int getK1()
-    {
-        return 158;
-    }
-
-    public int getK2()
-    {
-        return 0;
-    }
-
-    public int getK3()
-    {
-        return 0;
-    }
-
-    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
-    {
-        final int FE_LONGS = 4;
-
-        final long[] table = new long[len * FE_LONGS * 2];
-        {
-            int pos = 0;
-            for (int i = 0; i < len; ++i)
-            {
-                ECPoint p = points[off + i];
-                Nat256.copy64(((SecT239FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_LONGS;
-                Nat256.copy64(((SecT239FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_LONGS;
-            }
-        }
-
-        return new ECLookupTable()
-        {
-            public int getSize()
-            {
-                return len;
-            }
-
-            public ECPoint lookup(int index)
-            {
-                long[] x = Nat256.create64(), y = Nat256.create64();
-                int pos = 0;
-
-                for (int i = 0; i < len; ++i)
-                {
-                    long MASK = ((i ^ index) - 1) >> 31;
-
-                    for (int j = 0; j < FE_LONGS; ++j)
-                    {
-                        x[j] ^= table[pos + j] & MASK;
-                        y[j] ^= table[pos + FE_LONGS + j] & MASK;
-                    }
-
-                    pos += (FE_LONGS * 2);
-                }
-
-                return createRawPoint(new SecT239FieldElement(x), new SecT239FieldElement(y), false);
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT239K1Point.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT239K1Point.java
deleted file mode 100644
index 1de2a29..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT239K1Point.java
+++ /dev/null

@@ -1,317 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.ECPoint.AbstractF2m;
-
-public class SecT239K1Point extends AbstractF2m
-{
-    /**
-     * @deprecated Use ECCurve.createPoint to construct points
-     */
-    public SecT239K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
-    {
-        this(curve, x, y, false);
-    }
-
-    /**
-     * @deprecated per-point compression property will be removed, refer {@link #getEncoded(boolean)}
-     */
-    public SecT239K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        super(curve, x, y);
-
-        if ((x == null) != (y == null))
-        {
-            throw new IllegalArgumentException("Exactly one of the field elements is null");
-        }
-
-        this.withCompression = withCompression;
-    }
-
-    SecT239K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        super(curve, x, y, zs);
-
-        this.withCompression = withCompression;
-    }
-
-    protected ECPoint detach()
-    {
-        return new SecT239K1Point(null, this.getAffineXCoord(), this.getAffineYCoord()); // earlier JDK
-    }
-
-    public ECFieldElement getYCoord()
-    {
-        ECFieldElement X = x, L = y;
-
-        if (this.isInfinity() || X.isZero())
-        {
-            return L;
-        }
-
-        // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
-        ECFieldElement Y = L.add(X).multiply(X);
-
-        ECFieldElement Z = zs[0];
-        if (!Z.isOne())
-        {
-            Y = Y.divide(Z);
-        }
-
-        return Y;
-    }
-
-    protected boolean getCompressionYTilde()
-    {
-        ECFieldElement X = this.getRawXCoord();
-        if (X.isZero())
-        {
-            return false;
-        }
-
-        ECFieldElement Y = this.getRawYCoord();
-
-        // Y is actually Lambda (X + Y/X) here
-        return Y.testBitZero() != X.testBitZero();
-    }
-
-    public ECPoint add(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        ECFieldElement X2 = b.getRawXCoord();
-
-        if (X1.isZero())
-        {
-            if (X2.isZero())
-            {
-                return curve.getInfinity();
-            }
-
-            return b.add(this);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord(), Z2 = b.getZCoord(0);
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement U2 = X2, S2 = L2;
-        if (!Z1IsOne)
-        {
-            U2 = U2.multiply(Z1);
-            S2 = S2.multiply(Z1);
-        }
-
-        boolean Z2IsOne = Z2.isOne();
-        ECFieldElement U1 = X1, S1 = L1;
-        if (!Z2IsOne)
-        {
-            U1 = U1.multiply(Z2);
-            S1 = S1.multiply(Z2);
-        }
-
-        ECFieldElement A = S1.add(S2);
-        ECFieldElement B = U1.add(U2);
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        ECFieldElement X3, L3, Z3;
-        if (X2.isZero())
-        {
-            // TODO This can probably be optimized quite a bit
-            ECPoint p = this.normalize();
-            X1 = p.getXCoord();
-            ECFieldElement Y1 = p.getYCoord();
-
-            ECFieldElement Y2 = L2;
-            ECFieldElement L = Y1.add(Y2).divide(X1);
-
-            X3 = L.square().add(L).add(X1);
-            if (X3.isZero())
-            {
-                return new SecT239K1Point(curve, X3, curve.getB(), this.withCompression);
-            }
-
-            ECFieldElement Y3 = L.multiply(X1.add(X3)).add(X3).add(Y1);
-            L3 = Y3.divide(X3).add(X3);
-            Z3 = curve.fromBigInteger(ECConstants.ONE);
-        }
-        else
-        {
-            B = B.square();
-
-            ECFieldElement AU1 = A.multiply(U1);
-            ECFieldElement AU2 = A.multiply(U2);
-
-            X3 = AU1.multiply(AU2);
-            if (X3.isZero())
-            {
-                return new SecT239K1Point(curve, X3, curve.getB(), this.withCompression);
-            }
-
-            ECFieldElement ABZ2 = A.multiply(B);
-            if (!Z2IsOne)
-            {
-                ABZ2 = ABZ2.multiply(Z2);
-            }
-
-            L3 = AU2.add(B).squarePlusProduct(ABZ2, L1.add(Z1));
-
-            Z3 = ABZ2;
-            if (!Z1IsOne)
-            {
-                Z3 = Z3.multiply(Z1);
-            }
-        }
-
-        return new SecT239K1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twice()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return curve.getInfinity();
-        }
-
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.square();
-        ECFieldElement T;
-        if (Z1IsOne)
-        {
-            T = L1.square().add(L1);
-        }
-        else
-        {
-            T = L1.add(Z1).multiply(L1);
-        }
-
-        if (T.isZero())
-        {
-            return new SecT239K1Point(curve, T, curve.getB(), withCompression);
-        }
-
-        ECFieldElement X3 = T.square();
-        ECFieldElement Z3 = Z1IsOne ? T : T.multiply(Z1Sq);
-
-        ECFieldElement t1 = L1.add(X1).square();
-        ECFieldElement t2 = Z1IsOne ? Z1 : Z1Sq.square();
-        ECFieldElement L3 = t1.add(T).add(Z1Sq).multiply(t1).add(t2).add(X3).add(Z3);
-
-        return new SecT239K1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twicePlus(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return twice();
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return b;
-        }
-
-        // NOTE: twicePlus() only optimized for lambda-affine argument
-        ECFieldElement X2 = b.getRawXCoord(), Z2 = b.getZCoord(0);
-        if (X2.isZero() || !Z2.isOne())
-        {
-            return twice().add(b);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord();
-
-        ECFieldElement X1Sq = X1.square();
-        ECFieldElement L1Sq = L1.square();
-        ECFieldElement Z1Sq = Z1.square();
-        ECFieldElement L1Z1 = L1.multiply(Z1);
-
-        ECFieldElement T = L1Sq.add(L1Z1);
-        ECFieldElement L2plus1 = L2.addOne();
-        ECFieldElement A = L2plus1.multiply(Z1Sq).add(L1Sq).multiplyPlusProduct(T, X1Sq, Z1Sq);
-        ECFieldElement X2Z1Sq = X2.multiply(Z1Sq);
-        ECFieldElement B = X2Z1Sq.add(T).square();
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return b.twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        if (A.isZero())
-        {
-            return new SecT239K1Point(curve, A, curve.getB(), withCompression);
-        }
-
-        ECFieldElement X3 = A.square().multiply(X2Z1Sq);
-        ECFieldElement Z3 = A.multiply(B).multiply(Z1Sq);
-        ECFieldElement L3 = A.add(B).square().multiplyPlusProduct(T, L2plus1, Z3);
-
-        return new SecT239K1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint negate()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECFieldElement X = this.x;
-        if (X.isZero())
-        {
-            return this;
-        }
-
-        // L is actually Lambda (X + Y/X) here
-        ECFieldElement L = this.y, Z = this.zs[0];
-        return new SecT239K1Point(curve, X, L.add(Z), new ECFieldElement[]{ Z }, this.withCompression);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT283Field.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT283Field.java
deleted file mode 100644
index 7b6679b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT283Field.java
+++ /dev/null

@@ -1,404 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.raw.Interleave;
-import org.bouncycastle.math.raw.Nat;
-import org.bouncycastle.math.raw.Nat320;
-
-public class SecT283Field
-{
-    private static final long M27 = -1L >>> 37;
-    private static final long M57 = -1L >>> 7;
-
-    private static final long[] ROOT_Z = new long[]{ 0x0C30C30C30C30808L, 0x30C30C30C30C30C3L, 0x820820820820830CL, 0x0820820820820820L, 0x2082082L };
-
-    public static void add(long[] x, long[] y, long[] z)
-    {
-        z[0] = x[0] ^ y[0];
-        z[1] = x[1] ^ y[1];
-        z[2] = x[2] ^ y[2];
-        z[3] = x[3] ^ y[3];
-        z[4] = x[4] ^ y[4];
-    }
-
-    public static void addExt(long[] xx, long[] yy, long[] zz)
-    {
-        zz[0] = xx[0] ^ yy[0];
-        zz[1] = xx[1] ^ yy[1];
-        zz[2] = xx[2] ^ yy[2];
-        zz[3] = xx[3] ^ yy[3];
-        zz[4] = xx[4] ^ yy[4];
-        zz[5] = xx[5] ^ yy[5];
-        zz[6] = xx[6] ^ yy[6];
-        zz[7] = xx[7] ^ yy[7];
-        zz[8] = xx[8] ^ yy[8];
-    }
-
-    public static void addOne(long[] x, long[] z)
-    {
-        z[0] = x[0] ^ 1L;
-        z[1] = x[1];
-        z[2] = x[2];
-        z[3] = x[3];
-        z[4] = x[4];
-    }
-
-    public static long[] fromBigInteger(BigInteger x)
-    {
-        long[] z = Nat320.fromBigInteger64(x);
-        reduce37(z, 0);
-        return z;
-    }
-
-    public static void invert(long[] x, long[] z)
-    {
-        if (Nat320.isZero64(x))
-        {
-            throw new IllegalStateException();
-        }
-
-        // Itoh-Tsujii inversion
-
-        long[] t0 = Nat320.create64();
-        long[] t1 = Nat320.create64();
-
-        square(x, t0);
-        multiply(t0, x, t0);
-        squareN(t0, 2, t1);
-        multiply(t1, t0, t1);
-        squareN(t1, 4, t0);
-        multiply(t0, t1, t0);
-        squareN(t0, 8, t1);
-        multiply(t1, t0, t1);
-        square(t1, t1);
-        multiply(t1, x, t1);
-        squareN(t1, 17, t0);
-        multiply(t0, t1, t0);
-        square(t0, t0);
-        multiply(t0, x, t0);
-        squareN(t0, 35, t1);
-        multiply(t1, t0, t1);
-        squareN(t1, 70, t0);
-        multiply(t0, t1, t0);
-        square(t0, t0);
-        multiply(t0, x, t0);
-        squareN(t0, 141, t1);
-        multiply(t1, t0, t1);
-        square(t1, z);
-    }
-
-    public static void multiply(long[] x, long[] y, long[] z)
-    {
-        long[] tt = Nat320.createExt64();
-        implMultiply(x, y, tt);
-        reduce(tt, z);
-    }
-
-    public static void multiplyAddToExt(long[] x, long[] y, long[] zz)
-    {
-        long[] tt = Nat320.createExt64();
-        implMultiply(x, y, tt);
-        addExt(zz, tt, zz);
-    }
-
-    public static void reduce(long[] xx, long[] z)
-    {
-        long x0 = xx[0], x1 = xx[1], x2 = xx[2], x3 = xx[3], x4 = xx[4];
-        long x5 = xx[5], x6 = xx[6], x7 = xx[7], x8 = xx[8];
-
-        x3 ^= (x8 <<  37) ^ (x8 <<  42) ^ (x8 <<  44) ^ (x8 <<  49);
-        x4 ^= (x8 >>> 27) ^ (x8 >>> 22) ^ (x8 >>> 20) ^ (x8 >>> 15);
-
-        x2 ^= (x7 <<  37) ^ (x7 <<  42) ^ (x7 <<  44) ^ (x7 <<  49);
-        x3 ^= (x7 >>> 27) ^ (x7 >>> 22) ^ (x7 >>> 20) ^ (x7 >>> 15);
-
-        x1 ^= (x6 <<  37) ^ (x6 <<  42) ^ (x6 <<  44) ^ (x6 <<  49);
-        x2 ^= (x6 >>> 27) ^ (x6 >>> 22) ^ (x6 >>> 20) ^ (x6 >>> 15);
-
-        x0 ^= (x5 <<  37) ^ (x5 <<  42) ^ (x5 <<  44) ^ (x5 <<  49);
-        x1 ^= (x5 >>> 27) ^ (x5 >>> 22) ^ (x5 >>> 20) ^ (x5 >>> 15);
-
-        long t = x4 >>> 27;
-        z[0]   = x0 ^ t ^ (t << 5) ^ (t << 7) ^ (t << 12);
-        z[1]   = x1;
-        z[2]   = x2;
-        z[3]   = x3;
-        z[4]   = x4 & M27;
-    }
-
-    public static void reduce37(long[] z, int zOff)
-    {
-        long z4      = z[zOff + 4], t = z4 >>> 27;
-        z[zOff    ] ^= t ^ (t << 5) ^ (t << 7) ^ (t << 12);
-        z[zOff + 4]  = z4 & M27;
-    }
-
-    public static void sqrt(long[] x, long[] z)
-    {
-        long[] odd = Nat320.create64();
-
-        long u0, u1;
-        u0 = Interleave.unshuffle(x[0]); u1 = Interleave.unshuffle(x[1]);
-        long e0 = (u0 & 0x00000000FFFFFFFFL) | (u1 << 32);
-        odd[0]  = (u0 >>> 32) | (u1 & 0xFFFFFFFF00000000L);
-
-        u0 = Interleave.unshuffle(x[2]); u1 = Interleave.unshuffle(x[3]);
-        long e1 = (u0 & 0x00000000FFFFFFFFL) | (u1 << 32);
-        odd[1]  = (u0 >>> 32) | (u1 & 0xFFFFFFFF00000000L);
-
-        u0 = Interleave.unshuffle(x[4]);
-        long e2 = (u0 & 0x00000000FFFFFFFFL);
-        odd[2]  = (u0 >>> 32);
-
-        multiply(odd, ROOT_Z, z);
-
-        z[0] ^= e0;
-        z[1] ^= e1;
-        z[2] ^= e2;
-    }
-
-    public static void square(long[] x, long[] z)
-    {
-        long[] tt = Nat.create64(9);
-        implSquare(x, tt);
-        reduce(tt, z);
-    }
-
-    public static void squareAddToExt(long[] x, long[] zz)
-    {
-        long[] tt = Nat.create64(9);
-        implSquare(x, tt);
-        addExt(zz, tt, zz);
-    }
-
-    public static void squareN(long[] x, int n, long[] z)
-    {
-//        assert n > 0;
-
-        long[] tt = Nat.create64(9);
-        implSquare(x, tt);
-        reduce(tt, z);
-
-        while (--n > 0)
-        {
-            implSquare(z, tt);
-            reduce(tt, z);
-        }
-    }
-
-    public static int trace(long[] x)
-    {
-        // Non-zero-trace bits: 0, 271
-        return (int)(x[0] ^ (x[4] >>> 15)) & 1;
-    }
-
-    protected static void implCompactExt(long[] zz)
-    {
-        long z0 = zz[0], z1 = zz[1], z2 = zz[2], z3 = zz[3], z4 = zz[4];
-        long z5 = zz[5], z6 = zz[6], z7 = zz[7], z8 = zz[8], z9 = zz[9];
-        zz[0] =  z0         ^ (z1 << 57);
-        zz[1] = (z1 >>>  7) ^ (z2 << 50);
-        zz[2] = (z2 >>> 14) ^ (z3 << 43);
-        zz[3] = (z3 >>> 21) ^ (z4 << 36);
-        zz[4] = (z4 >>> 28) ^ (z5 << 29);
-        zz[5] = (z5 >>> 35) ^ (z6 << 22);
-        zz[6] = (z6 >>> 42) ^ (z7 << 15);
-        zz[7] = (z7 >>> 49) ^ (z8 <<  8);
-        zz[8] = (z8 >>> 56) ^ (z9 <<  1);
-        zz[9] = (z9 >>> 63); // Zero!
-    }
-
-    protected static void implExpand(long[] x, long[] z)
-    {
-        long x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3], x4 = x[4];
-        z[0] = x0 & M57;
-        z[1] = ((x0 >>> 57) ^ (x1 <<  7)) & M57;
-        z[2] = ((x1 >>> 50) ^ (x2 << 14)) & M57;
-        z[3] = ((x2 >>> 43) ^ (x3 << 21)) & M57;
-        z[4] = ((x3 >>> 36) ^ (x4 << 28));
-    }
-
-//    protected static void addMs(long[] zz, int zOff, long[] p, int... ms)
-//    {
-//        long t0 = 0, t1 = 0;
-//        for (int m : ms)
-//        {
-//            int i = (m - 1) << 1;
-//            t0 ^= p[i    ];
-//            t1 ^= p[i + 1];
-//        }
-//        zz[zOff    ] ^= t0;
-//        zz[zOff + 1] ^= t1;
-//    }
-
-    protected static void implMultiply(long[] x, long[] y, long[] zz)
-    {
-        /*
-         * Formula (17) from "Some New Results on Binary Polynomial Multiplication",
-         * Murat Cenk and M. Anwar Hasan.
-         *
-         * The formula as given contained an error in the term t25, as noted below
-         */
-        long[] a = new long[5], b = new long[5];
-        implExpand(x, a);
-        implExpand(y, b);
-
-        long[] p = new long[26];
-
-        implMulw(a[0], b[0], p, 0);                                 // m1
-        implMulw(a[1], b[1], p, 2);                                 // m2
-        implMulw(a[2], b[2], p, 4);                                 // m3
-        implMulw(a[3], b[3], p, 6);                                 // m4
-        implMulw(a[4], b[4], p, 8);                                 // m5
-
-        long u0 = a[0] ^ a[1], v0 = b[0] ^ b[1];
-        long u1 = a[0] ^ a[2], v1 = b[0] ^ b[2];
-        long u2 = a[2] ^ a[4], v2 = b[2] ^ b[4];
-        long u3 = a[3] ^ a[4], v3 = b[3] ^ b[4];
-
-        implMulw(u1 ^ a[3], v1 ^ b[3], p, 18);                      // m10
-        implMulw(u2 ^ a[1], v2 ^ b[1], p, 20);                      // m11
-
-        long A4 = u0 ^ u3  , B4 = v0 ^ v3;
-        long A5 = A4 ^ a[2], B5 = B4 ^ b[2];
-
-        implMulw(A4, B4, p, 22);                                    // m12
-        implMulw(A5, B5, p, 24);                                    // m13
-
-        implMulw(u0, v0, p, 10);                                    // m6
-        implMulw(u1, v1, p, 12);                                    // m7
-        implMulw(u2, v2, p, 14);                                    // m8
-        implMulw(u3, v3, p, 16);                                    // m9
-
-
-        // Original method, corresponding to formula (16)
-//        addMs(zz, 0, p, 1);
-//        addMs(zz, 1, p, 1, 2, 6);
-//        addMs(zz, 2, p, 1, 2, 3, 7);
-//        addMs(zz, 3, p, 1, 3, 4, 5, 8, 10, 12, 13);
-//        addMs(zz, 4, p, 1, 2, 4, 5, 6, 9, 10, 11, 13);
-//        addMs(zz, 5, p, 1, 2, 3, 5, 7, 11, 12, 13);
-//        addMs(zz, 6, p, 3, 4, 5, 8);
-//        addMs(zz, 7, p, 4, 5, 9);
-//        addMs(zz, 8, p, 5);
-
-        // Improved method factors out common single-word terms
-        // NOTE: p1,...,p26 in the paper maps to p[0],...,p[25] here
-
-        zz[0]    = p[ 0];
-        zz[9]    = p[ 9];
-
-        long t1  = p[ 0] ^ p[ 1];
-        long t2  = t1    ^ p[ 2];
-        long t3  = t2    ^ p[10];
-
-        zz[1]    = t3;
-
-        long t4  = p[ 3] ^ p[ 4];
-        long t5  = p[11] ^ p[12];
-        long t6  = t4    ^ t5;
-        long t7  = t2    ^ t6;
-
-        zz[2]    = t7;
-
-        long t8  = t1    ^ t4;
-        long t9  = p[ 5] ^ p[ 6];
-        long t10 = t8    ^ t9;
-        long t11 = t10   ^ p[ 8];
-        long t12 = p[13] ^ p[14];
-        long t13 = t11   ^ t12;
-        long t14 = p[18] ^ p[22];
-        long t15 = t14   ^ p[24];
-        long t16 = t13   ^ t15;
-
-        zz[3]    = t16;
-
-        long t17 = p[ 7] ^ p[ 8];
-        long t18 = t17   ^ p[ 9];
-        long t19 = t18   ^ p[17];
-
-        zz[8]    = t19;
-
-        long t20 = t18   ^ t9;
-        long t21 = p[15] ^ p[16];
-        long t22 = t20   ^ t21;
-
-        zz[7]    = t22;
-
-        long t23 = t22   ^ t3;
-        long t24 = p[19] ^ p[20];
-//      long t25 = p[23] ^ p[24];
-        long t25 = p[25] ^ p[24];       // Fixes an error in the paper: p[23] -> p{25]
-        long t26 = p[18] ^ p[23];
-        long t27 = t24   ^ t25;
-        long t28 = t27   ^ t26;
-        long t29 = t28   ^ t23;
-
-        zz[4]    = t29;
-
-        long t30 = t7    ^ t19;
-        long t31 = t27   ^ t30;
-        long t32 = p[21] ^ p[22];
-        long t33 = t31   ^ t32;
-
-        zz[5]    = t33;
-
-        long t34 = t11   ^ p[0];
-        long t35 = t34   ^ p[9];
-        long t36 = t35   ^ t12;
-        long t37 = t36   ^ p[21];
-        long t38 = t37   ^ p[23];
-        long t39 = t38   ^ p[25];
-
-        zz[6]    = t39;
-
-        implCompactExt(zz);
-    }
-
-    protected static void implMulw(long x, long y, long[] z, int zOff)
-    {
-//        assert x >>> 57 == 0;
-//        assert y >>> 57 == 0;
-
-        long[] u = new long[8];
-//      u[0] = 0;
-        u[1] = y;
-        u[2] = u[1] << 1;
-        u[3] = u[2] ^  y;
-        u[4] = u[2] << 1;
-        u[5] = u[4] ^  y;
-        u[6] = u[3] << 1;
-        u[7] = u[6] ^  y;
-
-        int j = (int)x;
-        long g, h = 0, l = u[j & 7];
-        int k = 48;
-        do
-        {
-            j  = (int)(x >>> k);
-            g  = u[j & 7]
-               ^ u[(j >>> 3) & 7] << 3
-               ^ u[(j >>> 6) & 7] << 6;
-            l ^= (g <<   k);
-            h ^= (g >>> -k);
-        }
-        while ((k -= 9) > 0);
-
-        h ^= ((x & 0x0100804020100800L) & ((y << 7) >> 63)) >>> 8;
-
-//        assert h >>> 49 == 0;
-
-        z[zOff    ] = l & M57;
-        z[zOff + 1] = (l >>> 57) ^ (h << 7);
-    }
-
-    protected static void implSquare(long[] x, long[] zz)
-    {
-        for (int i = 0; i < 4; ++i)
-        {
-            Interleave.expand64To128(x[i], zz, i << 1);
-        }
-        zz[8] = Interleave.expand32to64((int)x[4]);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT283FieldElement.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT283FieldElement.java
deleted file mode 100644
index 91685fd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT283FieldElement.java
+++ /dev/null

@@ -1,227 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.raw.Nat;
-import org.bouncycastle.math.raw.Nat320;
-import org.bouncycastle.util.Arrays;
-
-public class SecT283FieldElement extends ECFieldElement.AbstractF2m
-{
-    protected long[] x;
-
-    public SecT283FieldElement(BigInteger x)
-    {
-        if (x == null || x.signum() < 0 || x.bitLength() > 283)
-        {
-            throw new IllegalArgumentException("x value invalid for SecT283FieldElement");
-        }
-
-        this.x = SecT283Field.fromBigInteger(x);
-    }
-
-    public SecT283FieldElement()
-    {
-        this.x = Nat320.create64();
-    }
-
-    protected SecT283FieldElement(long[] x)
-    {
-        this.x = x;
-    }
-
-//    public int bitLength()
-//    {
-//        return x.degree();
-//    }
-
-    public boolean isOne()
-    {
-        return Nat320.isOne64(x);
-    }
-
-    public boolean isZero()
-    {
-        return Nat320.isZero64(x);
-    }
-
-    public boolean testBitZero()
-    {
-        return (x[0] & 1L) != 0L;
-    }
-
-    public BigInteger toBigInteger()
-    {
-        return Nat320.toBigInteger64(x);
-    }
-
-    public String getFieldName()
-    {
-        return "SecT283Field";
-    }
-
-    public int getFieldSize()
-    {
-        return 283;
-    }
-
-    public ECFieldElement add(ECFieldElement b)
-    {
-        long[] z = Nat320.create64();
-        SecT283Field.add(x, ((SecT283FieldElement)b).x, z);
-        return new SecT283FieldElement(z);
-    }
-
-    public ECFieldElement addOne()
-    {
-        long[] z = Nat320.create64();
-        SecT283Field.addOne(x, z);
-        return new SecT283FieldElement(z);
-    }
-
-    public ECFieldElement subtract(ECFieldElement b)
-    {
-        // Addition and subtraction are the same in F2m
-        return add(b);
-    }
-
-    public ECFieldElement multiply(ECFieldElement b)
-    {
-        long[] z = Nat320.create64();
-        SecT283Field.multiply(x, ((SecT283FieldElement)b).x, z);
-        return new SecT283FieldElement(z);
-    }
-
-    public ECFieldElement multiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
-    {
-        return multiplyPlusProduct(b, x, y);
-    }
-
-    public ECFieldElement multiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
-    {
-        long[] ax = this.x, bx = ((SecT283FieldElement)b).x;
-        long[] xx = ((SecT283FieldElement)x).x, yx = ((SecT283FieldElement)y).x;
-
-        long[] tt = Nat.create64(9);
-        SecT283Field.multiplyAddToExt(ax, bx, tt);
-        SecT283Field.multiplyAddToExt(xx, yx, tt);
-
-        long[] z = Nat320.create64();
-        SecT283Field.reduce(tt, z);
-        return new SecT283FieldElement(z);
-    }
-
-    public ECFieldElement divide(ECFieldElement b)
-    {
-        return multiply(b.invert());
-    }
-
-    public ECFieldElement negate()
-    {
-        return this;
-    }
-
-    public ECFieldElement square()
-    {
-        long[] z = Nat320.create64();
-        SecT283Field.square(x, z);
-        return new SecT283FieldElement(z);
-    }
-
-    public ECFieldElement squareMinusProduct(ECFieldElement x, ECFieldElement y)
-    {
-        return squarePlusProduct(x, y);
-    }
-
-    public ECFieldElement squarePlusProduct(ECFieldElement x, ECFieldElement y)
-    {
-        long[] ax = this.x;
-        long[] xx = ((SecT283FieldElement)x).x, yx = ((SecT283FieldElement)y).x;
-
-        long[] tt = Nat.create64(9);
-        SecT283Field.squareAddToExt(ax, tt);
-        SecT283Field.multiplyAddToExt(xx, yx, tt);
-
-        long[] z = Nat320.create64();
-        SecT283Field.reduce(tt, z);
-        return new SecT283FieldElement(z);
-    }
-
-    public ECFieldElement squarePow(int pow)
-    {
-        if (pow < 1)
-        {
-            return this;
-        }
-
-        long[] z = Nat320.create64();
-        SecT283Field.squareN(x, pow, z);
-        return new SecT283FieldElement(z);
-    }
-
-    public int trace()
-    {
-        return SecT283Field.trace(x);
-    }
-
-    public ECFieldElement invert()
-    {
-        long[] z = Nat320.create64();
-        SecT283Field.invert(x, z);
-        return new SecT283FieldElement(z);
-    }
-
-    public ECFieldElement sqrt()
-    {
-        long[] z = Nat320.create64();
-        SecT283Field.sqrt(x, z);
-        return new SecT283FieldElement(z);
-    }
-
-    public int getRepresentation()
-    {
-        return ECFieldElement.F2m.PPB;
-    }
-
-    public int getM()
-    {
-        return 283;
-    }
-
-    public int getK1()
-    {
-        return 5;
-    }
-
-    public int getK2()
-    {
-        return 7;
-    }
-
-    public int getK3()
-    {
-        return 12;
-    }
-
-    public boolean equals(Object other)
-    {
-        if (other == this)
-        {
-            return true;
-        }
-
-        if (!(other instanceof SecT283FieldElement))
-        {
-            return false;
-        }
-
-        SecT283FieldElement o = (SecT283FieldElement)other;
-        return Nat320.eq64(x, o.x);
-    }
-
-    public int hashCode()
-    {
-        return 2831275 ^ Arrays.hashCode(x, 0, 5);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT283K1Curve.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT283K1Curve.java
deleted file mode 100644
index 84c3849..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT283K1Curve.java
+++ /dev/null

@@ -1,155 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECCurve.AbstractF2m;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECLookupTable;
-import org.bouncycastle.math.ec.ECMultiplier;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.WTauNafMultiplier;
-import org.bouncycastle.math.raw.Nat320;
-import org.bouncycastle.util.encoders.Hex;
-
-public class SecT283K1Curve extends AbstractF2m
-{
-    private static final int SecT283K1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
-
-    protected SecT283K1Point infinity;
-
-    public SecT283K1Curve()
-    {
-        super(283, 5, 7, 12);
-
-        this.infinity = new SecT283K1Point(this, null, null);
-
-        this.a = fromBigInteger(BigInteger.valueOf(0));
-        this.b = fromBigInteger(BigInteger.valueOf(1));
-        this.order = new BigInteger(1, Hex.decode("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61"));
-        this.cofactor = BigInteger.valueOf(4);
-
-        this.coord = SecT283K1_DEFAULT_COORDS;
-    }
-
-    protected ECCurve cloneCurve()
-    {
-        return new SecT283K1Curve();
-    }
-
-    public boolean supportsCoordinateSystem(int coord)
-    {
-        switch (coord)
-        {
-        case COORD_LAMBDA_PROJECTIVE:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    protected ECMultiplier createDefaultMultiplier()
-    {
-        return new WTauNafMultiplier();
-    }
-
-    public int getFieldSize()
-    {
-        return 283;
-    }
-
-    public ECFieldElement fromBigInteger(BigInteger x)
-    {
-        return new SecT283FieldElement(x);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        return new SecT283K1Point(this, x, y, withCompression);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        return new SecT283K1Point(this, x, y, zs, withCompression);
-    }
-
-    public ECPoint getInfinity()
-    {
-        return infinity;
-    }
-
-    public boolean isKoblitz()
-    {
-        return true;
-    }
-
-    public int getM()
-    {
-        return 283;
-    }
-
-    public boolean isTrinomial()
-    {
-        return false;
-    }
-
-    public int getK1()
-    {
-        return 5;
-    }
-
-    public int getK2()
-    {
-        return 7;
-    }
-
-    public int getK3()
-    {
-        return 12;
-    }
-
-    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
-    {
-        final int FE_LONGS = 5;
-
-        final long[] table = new long[len * FE_LONGS * 2];
-        {
-            int pos = 0;
-            for (int i = 0; i < len; ++i)
-            {
-                ECPoint p = points[off + i];
-                Nat320.copy64(((SecT283FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_LONGS;
-                Nat320.copy64(((SecT283FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_LONGS;
-            }
-        }
-
-        return new ECLookupTable()
-        {
-            public int getSize()
-            {
-                return len;
-            }
-
-            public ECPoint lookup(int index)
-            {
-                long[] x = Nat320.create64(), y = Nat320.create64();
-                int pos = 0;
-
-                for (int i = 0; i < len; ++i)
-                {
-                    long MASK = ((i ^ index) - 1) >> 31;
-
-                    for (int j = 0; j < FE_LONGS; ++j)
-                    {
-                        x[j] ^= table[pos + j] & MASK;
-                        y[j] ^= table[pos + FE_LONGS + j] & MASK;
-                    }
-
-                    pos += (FE_LONGS * 2);
-                }
-
-                return createRawPoint(new SecT283FieldElement(x), new SecT283FieldElement(y), false);
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT283K1Point.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT283K1Point.java
deleted file mode 100644
index a99936e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT283K1Point.java
+++ /dev/null

@@ -1,317 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.ECPoint.AbstractF2m;
-
-public class SecT283K1Point extends AbstractF2m
-{
-    /**
-     * @deprecated Use ECCurve.createPoint to construct points
-     */
-    public SecT283K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
-    {
-        this(curve, x, y, false);
-    }
-
-    /**
-     * @deprecated per-point compression property will be removed, refer {@link #getEncoded(boolean)}
-     */
-    public SecT283K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        super(curve, x, y);
-
-        if ((x == null) != (y == null))
-        {
-            throw new IllegalArgumentException("Exactly one of the field elements is null");
-        }
-
-        this.withCompression = withCompression;
-    }
-
-    SecT283K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        super(curve, x, y, zs);
-
-        this.withCompression = withCompression;
-    }
-
-    protected ECPoint detach()
-    {
-        return new SecT283K1Point(null, this.getAffineXCoord(), this.getAffineYCoord()); // earlier JDK
-    }
-
-    public ECFieldElement getYCoord()
-    {
-        ECFieldElement X = x, L = y;
-
-        if (this.isInfinity() || X.isZero())
-        {
-            return L;
-        }
-
-        // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
-        ECFieldElement Y = L.add(X).multiply(X);
-
-        ECFieldElement Z = zs[0];
-        if (!Z.isOne())
-        {
-            Y = Y.divide(Z);
-        }
-
-        return Y;
-    }
-
-    protected boolean getCompressionYTilde()
-    {
-        ECFieldElement X = this.getRawXCoord();
-        if (X.isZero())
-        {
-            return false;
-        }
-
-        ECFieldElement Y = this.getRawYCoord();
-
-        // Y is actually Lambda (X + Y/X) here
-        return Y.testBitZero() != X.testBitZero();
-    }
-
-    public ECPoint add(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        ECFieldElement X2 = b.getRawXCoord();
-
-        if (X1.isZero())
-        {
-            if (X2.isZero())
-            {
-                return curve.getInfinity();
-            }
-
-            return b.add(this);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord(), Z2 = b.getZCoord(0);
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement U2 = X2, S2 = L2;
-        if (!Z1IsOne)
-        {
-            U2 = U2.multiply(Z1);
-            S2 = S2.multiply(Z1);
-        }
-
-        boolean Z2IsOne = Z2.isOne();
-        ECFieldElement U1 = X1, S1 = L1;
-        if (!Z2IsOne)
-        {
-            U1 = U1.multiply(Z2);
-            S1 = S1.multiply(Z2);
-        }
-
-        ECFieldElement A = S1.add(S2);
-        ECFieldElement B = U1.add(U2);
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        ECFieldElement X3, L3, Z3;
-        if (X2.isZero())
-        {
-            // TODO This can probably be optimized quite a bit
-            ECPoint p = this.normalize();
-            X1 = p.getXCoord();
-            ECFieldElement Y1 = p.getYCoord();
-
-            ECFieldElement Y2 = L2;
-            ECFieldElement L = Y1.add(Y2).divide(X1);
-
-            X3 = L.square().add(L).add(X1);
-            if (X3.isZero())
-            {
-                return new SecT283K1Point(curve, X3, curve.getB(), this.withCompression);
-            }
-
-            ECFieldElement Y3 = L.multiply(X1.add(X3)).add(X3).add(Y1);
-            L3 = Y3.divide(X3).add(X3);
-            Z3 = curve.fromBigInteger(ECConstants.ONE);
-        }
-        else
-        {
-            B = B.square();
-
-            ECFieldElement AU1 = A.multiply(U1);
-            ECFieldElement AU2 = A.multiply(U2);
-
-            X3 = AU1.multiply(AU2);
-            if (X3.isZero())
-            {
-                return new SecT283K1Point(curve, X3, curve.getB(), this.withCompression);
-            }
-
-            ECFieldElement ABZ2 = A.multiply(B);
-            if (!Z2IsOne)
-            {
-                ABZ2 = ABZ2.multiply(Z2);
-            }
-
-            L3 = AU2.add(B).squarePlusProduct(ABZ2, L1.add(Z1));
-
-            Z3 = ABZ2;
-            if (!Z1IsOne)
-            {
-                Z3 = Z3.multiply(Z1);
-            }
-        }
-
-        return new SecT283K1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twice()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return curve.getInfinity();
-        }
-
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.square();
-        ECFieldElement T;
-        if (Z1IsOne)
-        {
-            T = L1.square().add(L1);
-        }
-        else
-        {
-            T = L1.add(Z1).multiply(L1);
-        }
-
-        if (T.isZero())
-        {
-            return new SecT283K1Point(curve, T, curve.getB(), withCompression);
-        }
-
-        ECFieldElement X3 = T.square();
-        ECFieldElement Z3 = Z1IsOne ? T : T.multiply(Z1Sq);
-
-        ECFieldElement t1 = L1.add(X1).square();
-        ECFieldElement t2 = Z1IsOne ? Z1 : Z1Sq.square();
-        ECFieldElement L3 = t1.add(T).add(Z1Sq).multiply(t1).add(t2).add(X3).add(Z3);
-
-        return new SecT283K1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twicePlus(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return twice();
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return b;
-        }
-
-        // NOTE: twicePlus() only optimized for lambda-affine argument
-        ECFieldElement X2 = b.getRawXCoord(), Z2 = b.getZCoord(0);
-        if (X2.isZero() || !Z2.isOne())
-        {
-            return twice().add(b);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord();
-
-        ECFieldElement X1Sq = X1.square();
-        ECFieldElement L1Sq = L1.square();
-        ECFieldElement Z1Sq = Z1.square();
-        ECFieldElement L1Z1 = L1.multiply(Z1);
-
-        ECFieldElement T = L1Sq.add(L1Z1);
-        ECFieldElement L2plus1 = L2.addOne();
-        ECFieldElement A = L2plus1.multiply(Z1Sq).add(L1Sq).multiplyPlusProduct(T, X1Sq, Z1Sq);
-        ECFieldElement X2Z1Sq = X2.multiply(Z1Sq);
-        ECFieldElement B = X2Z1Sq.add(T).square();
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return b.twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        if (A.isZero())
-        {
-            return new SecT283K1Point(curve, A, curve.getB(), withCompression);
-        }
-
-        ECFieldElement X3 = A.square().multiply(X2Z1Sq);
-        ECFieldElement Z3 = A.multiply(B).multiply(Z1Sq);
-        ECFieldElement L3 = A.add(B).square().multiplyPlusProduct(T, L2plus1, Z3);
-
-        return new SecT283K1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint negate()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECFieldElement X = this.x;
-        if (X.isZero())
-        {
-            return this;
-        }
-
-        // L is actually Lambda (X + Y/X) here
-        ECFieldElement L = this.y, Z = this.zs[0];
-        return new SecT283K1Point(curve, X, L.add(Z), new ECFieldElement[]{ Z }, this.withCompression);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT283R1Curve.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT283R1Curve.java
deleted file mode 100644
index 1562625..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT283R1Curve.java
+++ /dev/null

@@ -1,148 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECCurve.AbstractF2m;
-import org.bouncycastle.math.raw.Nat320;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECLookupTable;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.util.encoders.Hex;
-
-public class SecT283R1Curve extends AbstractF2m
-{
-    private static final int SecT283R1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
-
-    protected SecT283R1Point infinity;
-
-    public SecT283R1Curve()
-    {
-        super(283, 5, 7, 12);
-
-        this.infinity = new SecT283R1Point(this, null, null);
-
-        this.a = fromBigInteger(BigInteger.valueOf(1));
-        this.b = fromBigInteger(new BigInteger(1, Hex.decode("027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5")));
-        this.order = new BigInteger(1, Hex.decode("03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307"));
-        this.cofactor = BigInteger.valueOf(2);
-
-        this.coord = SecT283R1_DEFAULT_COORDS;
-    }
-
-    protected ECCurve cloneCurve()
-    {
-        return new SecT283R1Curve();
-    }
-
-    public boolean supportsCoordinateSystem(int coord)
-    {
-        switch (coord)
-        {
-        case COORD_LAMBDA_PROJECTIVE:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    public int getFieldSize()
-    {
-        return 283;
-    }
-
-    public ECFieldElement fromBigInteger(BigInteger x)
-    {
-        return new SecT283FieldElement(x);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        return new SecT283R1Point(this, x, y, withCompression);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        return new SecT283R1Point(this, x, y, zs, withCompression);
-    }
-
-    public ECPoint getInfinity()
-    {
-        return infinity;
-    }
-
-    public boolean isKoblitz()
-    {
-        return false;
-    }
-
-    public int getM()
-    {
-        return 283;
-    }
-
-    public boolean isTrinomial()
-    {
-        return false;
-    }
-
-    public int getK1()
-    {
-        return 5;
-    }
-
-    public int getK2()
-    {
-        return 7;
-    }
-
-    public int getK3()
-    {
-        return 12;
-    }
-
-    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
-    {
-        final int FE_LONGS = 5;
-
-        final long[] table = new long[len * FE_LONGS * 2];
-        {
-            int pos = 0;
-            for (int i = 0; i < len; ++i)
-            {
-                ECPoint p = points[off + i];
-                Nat320.copy64(((SecT283FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_LONGS;
-                Nat320.copy64(((SecT283FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_LONGS;
-            }
-        }
-
-        return new ECLookupTable()
-        {
-            public int getSize()
-            {
-                return len;
-            }
-
-            public ECPoint lookup(int index)
-            {
-                long[] x = Nat320.create64(), y = Nat320.create64();
-                int pos = 0;
-
-                for (int i = 0; i < len; ++i)
-                {
-                    long MASK = ((i ^ index) - 1) >> 31;
-
-                    for (int j = 0; j < FE_LONGS; ++j)
-                    {
-                        x[j] ^= table[pos + j] & MASK;
-                        y[j] ^= table[pos + FE_LONGS + j] & MASK;
-                    }
-
-                    pos += (FE_LONGS * 2);
-                }
-
-                return createRawPoint(new SecT283FieldElement(x), new SecT283FieldElement(y), false);
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT283R1Point.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT283R1Point.java
deleted file mode 100644
index 0718239..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT283R1Point.java
+++ /dev/null

@@ -1,305 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.ECPoint.AbstractF2m;
-
-public class SecT283R1Point extends AbstractF2m
-{
-    /**
-     * @deprecated Use ECCurve.createPoint to construct points
-     */
-    public SecT283R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
-    {
-        this(curve, x, y, false);
-    }
-
-    /**
-     * @deprecated per-point compression property will be removed, refer {@link #getEncoded(boolean)}
-     */
-    public SecT283R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        super(curve, x, y);
-
-        if ((x == null) != (y == null))
-        {
-            throw new IllegalArgumentException("Exactly one of the field elements is null");
-        }
-
-        this.withCompression = withCompression;
-    }
-
-    SecT283R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        super(curve, x, y, zs);
-
-        this.withCompression = withCompression;
-    }
-
-    protected ECPoint detach()
-    {
-        return new SecT283R1Point(null, getAffineXCoord(), getAffineYCoord());
-    }
-
-    public ECFieldElement getYCoord()
-    {
-        ECFieldElement X = x, L = y;
-
-        if (this.isInfinity() || X.isZero())
-        {
-            return L;
-        }
-
-        // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
-        ECFieldElement Y = L.add(X).multiply(X);
-
-        ECFieldElement Z = zs[0];
-        if (!Z.isOne())
-        {
-            Y = Y.divide(Z);
-        }
-
-        return Y;
-    }
-
-    protected boolean getCompressionYTilde()
-    {
-        ECFieldElement X = this.getRawXCoord();
-        if (X.isZero())
-        {
-            return false;
-        }
-
-        ECFieldElement Y = this.getRawYCoord();
-
-        // Y is actually Lambda (X + Y/X) here
-        return Y.testBitZero() != X.testBitZero();
-    }
-
-    public ECPoint add(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        ECFieldElement X2 = b.getRawXCoord();
-
-        if (X1.isZero())
-        {
-            if (X2.isZero())
-            {
-                return curve.getInfinity();
-            }
-
-            return b.add(this);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord(), Z2 = b.getZCoord(0);
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement U2 = X2, S2 = L2;
-        if (!Z1IsOne)
-        {
-            U2 = U2.multiply(Z1);
-            S2 = S2.multiply(Z1);
-        }
-
-        boolean Z2IsOne = Z2.isOne();
-        ECFieldElement U1 = X1, S1 = L1;
-        if (!Z2IsOne)
-        {
-            U1 = U1.multiply(Z2);
-            S1 = S1.multiply(Z2);
-        }
-
-        ECFieldElement A = S1.add(S2);
-        ECFieldElement B = U1.add(U2);
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        ECFieldElement X3, L3, Z3;
-        if (X2.isZero())
-        {
-            // TODO This can probably be optimized quite a bit
-            ECPoint p = this.normalize();
-            X1 = p.getXCoord();
-            ECFieldElement Y1 = p.getYCoord();
-
-            ECFieldElement Y2 = L2;
-            ECFieldElement L = Y1.add(Y2).divide(X1);
-
-            X3 = L.square().add(L).add(X1).addOne();
-            if (X3.isZero())
-            {
-                return new SecT283R1Point(curve, X3, curve.getB().sqrt(), this.withCompression);
-            }
-
-            ECFieldElement Y3 = L.multiply(X1.add(X3)).add(X3).add(Y1);
-            L3 = Y3.divide(X3).add(X3);
-            Z3 = curve.fromBigInteger(ECConstants.ONE);
-        }
-        else
-        {
-            B = B.square();
-
-            ECFieldElement AU1 = A.multiply(U1);
-            ECFieldElement AU2 = A.multiply(U2);
-
-            X3 = AU1.multiply(AU2);
-            if (X3.isZero())
-            {
-                return new SecT283R1Point(curve, X3, curve.getB().sqrt(), this.withCompression);
-            }
-
-            ECFieldElement ABZ2 = A.multiply(B);
-            if (!Z2IsOne)
-            {
-                ABZ2 = ABZ2.multiply(Z2);
-            }
-
-            L3 = AU2.add(B).squarePlusProduct(ABZ2, L1.add(Z1));
-
-            Z3 = ABZ2;
-            if (!Z1IsOne)
-            {
-                Z3 = Z3.multiply(Z1);
-            }
-        }
-
-        return new SecT283R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twice()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return curve.getInfinity();
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.multiply(Z1);
-        ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.square();
-        ECFieldElement T = L1.square().add(L1Z1).add(Z1Sq);
-        if (T.isZero())
-        {
-            return new SecT283R1Point(curve, T, curve.getB().sqrt(), withCompression);
-        }
-
-        ECFieldElement X3 = T.square();
-        ECFieldElement Z3 = Z1IsOne ? T : T.multiply(Z1Sq);
-
-        ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.multiply(Z1);
-        ECFieldElement L3 = X1Z1.squarePlusProduct(T, L1Z1).add(X3).add(Z3);
-
-        return new SecT283R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twicePlus(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return twice();
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return b;
-        }
-
-        ECFieldElement X2 = b.getRawXCoord(), Z2 = b.getZCoord(0);
-        if (X2.isZero() || !Z2.isOne())
-        {
-            return twice().add(b);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord();
-
-        ECFieldElement X1Sq = X1.square();
-        ECFieldElement L1Sq = L1.square();
-        ECFieldElement Z1Sq = Z1.square();
-        ECFieldElement L1Z1 = L1.multiply(Z1);
-
-        ECFieldElement T = Z1Sq.add(L1Sq).add(L1Z1);
-        ECFieldElement A = L2.multiply(Z1Sq).add(L1Sq).multiplyPlusProduct(T, X1Sq, Z1Sq);
-        ECFieldElement X2Z1Sq = X2.multiply(Z1Sq);
-        ECFieldElement B = X2Z1Sq.add(T).square();
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return b.twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        if (A.isZero())
-        {
-            return new SecT283R1Point(curve, A, curve.getB().sqrt(), withCompression);
-        }
-
-        ECFieldElement X3 = A.square().multiply(X2Z1Sq);
-        ECFieldElement Z3 = A.multiply(B).multiply(Z1Sq);
-        ECFieldElement L3 = A.add(B).square().multiplyPlusProduct(T, L2.addOne(), Z3);
-
-        return new SecT283R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint negate()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECFieldElement X = this.x;
-        if (X.isZero())
-        {
-            return this;
-        }
-
-        // L is actually Lambda (X + Y/X) here
-        ECFieldElement L = this.y, Z = this.zs[0];
-        return new SecT283R1Point(curve, X, L.add(Z), new ECFieldElement[]{ Z }, this.withCompression);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT409Field.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT409Field.java
deleted file mode 100644
index 9e58a2b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT409Field.java
+++ /dev/null

@@ -1,333 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.raw.Interleave;
-import org.bouncycastle.math.raw.Nat;
-import org.bouncycastle.math.raw.Nat448;
-
-public class SecT409Field
-{
-    private static final long M25 = -1L >>> 39;
-    private static final long M59 = -1L >>> 5;
-
-    public static void add(long[] x, long[] y, long[] z)
-    {
-        z[0] = x[0] ^ y[0];
-        z[1] = x[1] ^ y[1];
-        z[2] = x[2] ^ y[2];
-        z[3] = x[3] ^ y[3];
-        z[4] = x[4] ^ y[4];
-        z[5] = x[5] ^ y[5];
-        z[6] = x[6] ^ y[6];
-    }
-
-    public static void addExt(long[] xx, long[] yy, long[] zz)
-    {
-        for (int i = 0; i < 13; ++i)
-        {
-            zz[i] = xx[i] ^ yy[i];
-        }
-    }
-
-    public static void addOne(long[] x, long[] z)
-    {
-        z[0] = x[0] ^ 1L;
-        z[1] = x[1];
-        z[2] = x[2];
-        z[3] = x[3];
-        z[4] = x[4];
-        z[5] = x[5];
-        z[6] = x[6];
-    }
-
-    public static long[] fromBigInteger(BigInteger x)
-    {
-        long[] z = Nat448.fromBigInteger64(x);
-        reduce39(z, 0);
-        return z;
-    }
-
-    public static void invert(long[] x, long[] z)
-    {
-        if (Nat448.isZero64(x))
-        {
-            throw new IllegalStateException();
-        }
-
-        // Itoh-Tsujii inversion with bases { 2, 3 }
-
-        long[] t0 = Nat448.create64();
-        long[] t1 = Nat448.create64();
-        long[] t2 = Nat448.create64();
-
-        square(x, t0);
-
-        // 3 | 408
-        squareN(t0, 1, t1);
-        multiply(t0, t1, t0);
-        squareN(t1, 1, t1);
-        multiply(t0, t1, t0);
-
-        // 2 | 136
-        squareN(t0, 3, t1);
-        multiply(t0, t1, t0);
-
-        // 2 | 68
-        squareN(t0, 6, t1);
-        multiply(t0, t1, t0);
-
-        // 2 | 34
-        squareN(t0, 12, t1);
-        multiply(t0, t1, t2);
-
-        // ! {2,3} | 17
-        squareN(t2, 24, t0);
-        squareN(t0, 24, t1);
-        multiply(t0, t1, t0);
-
-        // 2 | 8
-        squareN(t0, 48, t1);
-        multiply(t0, t1, t0);
-
-        // 2 | 4
-        squareN(t0, 96, t1);
-        multiply(t0, t1, t0);
-
-        // 2 | 2
-        squareN(t0, 192, t1);
-        multiply(t0, t1, t0);
-
-        multiply(t0, t2, z);
-    }
-
-    public static void multiply(long[] x, long[] y, long[] z)
-    {
-        long[] tt = Nat448.createExt64();
-        implMultiply(x, y, tt);
-        reduce(tt, z);
-    }
-
-    public static void multiplyAddToExt(long[] x, long[] y, long[] zz)
-    {
-        long[] tt = Nat448.createExt64();
-        implMultiply(x, y, tt);
-        addExt(zz, tt, zz);
-    }
-
-    public static void reduce(long[] xx, long[] z)
-    {
-        long x00 = xx[0], x01 = xx[1], x02 = xx[2], x03 = xx[3];
-        long x04 = xx[4], x05 = xx[5], x06 = xx[6], x07 = xx[7];
-
-        long u = xx[12];
-        x05 ^= (u <<  39);
-        x06 ^= (u >>> 25) ^ (u <<  62);
-        x07 ^= (u >>>  2);
-
-        u = xx[11];
-        x04 ^= (u <<  39);
-        x05 ^= (u >>> 25) ^ (u <<  62);
-        x06 ^= (u >>>  2);
-
-        u = xx[10];
-        x03 ^= (u <<  39);
-        x04 ^= (u >>> 25) ^ (u <<  62);
-        x05 ^= (u >>>  2);
-
-        u = xx[9];
-        x02 ^= (u <<  39);
-        x03 ^= (u >>> 25) ^ (u <<  62);
-        x04 ^= (u >>>  2);
-
-        u = xx[8];
-        x01 ^= (u <<  39);
-        x02 ^= (u >>> 25) ^ (u <<  62);
-        x03 ^= (u >>>  2);
-
-        u = x07;
-        x00 ^= (u <<  39);
-        x01 ^= (u >>> 25) ^ (u <<  62);
-        x02 ^= (u >>>  2);
-
-        long t = x06 >>> 25;
-        z[0]   = x00 ^ t;
-        z[1]   = x01 ^ (t << 23);
-        z[2]   = x02;
-        z[3]   = x03;
-        z[4]   = x04;
-        z[5]   = x05;
-        z[6]   = x06 & M25;
-    }
-
-    public static void reduce39(long[] z, int zOff)
-    {
-        long z6 = z[zOff + 6], t = z6 >>> 25;
-        z[zOff    ] ^= t;
-        z[zOff + 1] ^= (t << 23);
-        z[zOff + 6]  = z6 & M25;
-    }
-
-    public static void sqrt(long[] x, long[] z)
-    {
-        long u0, u1;
-        u0 = Interleave.unshuffle(x[0]); u1 = Interleave.unshuffle(x[1]);
-        long e0 = (u0 & 0x00000000FFFFFFFFL) | (u1 << 32);
-        long c0 = (u0 >>> 32) | (u1 & 0xFFFFFFFF00000000L);
-
-        u0 = Interleave.unshuffle(x[2]); u1 = Interleave.unshuffle(x[3]);
-        long e1 = (u0 & 0x00000000FFFFFFFFL) | (u1 << 32);
-        long c1 = (u0 >>> 32) | (u1 & 0xFFFFFFFF00000000L);
-
-        u0 = Interleave.unshuffle(x[4]); u1 = Interleave.unshuffle(x[5]);
-        long e2 = (u0 & 0x00000000FFFFFFFFL) | (u1 << 32);
-        long c2 = (u0 >>> 32) | (u1 & 0xFFFFFFFF00000000L);
-
-        u0 = Interleave.unshuffle(x[6]);
-        long e3 = (u0 & 0x00000000FFFFFFFFL);
-        long c3 = (u0 >>> 32);
-
-        z[0] = e0 ^ (c0 << 44);
-        z[1] = e1 ^ (c1 << 44) ^ (c0 >>> 20);
-        z[2] = e2 ^ (c2 << 44) ^ (c1 >>> 20);
-        z[3] = e3 ^ (c3 << 44) ^ (c2 >>> 20) ^ (c0 << 13);
-        z[4] =                   (c3 >>> 20) ^ (c1 << 13) ^ (c0 >>> 51);
-        z[5] =                                 (c2 << 13) ^ (c1 >>> 51);
-        z[6] =                                 (c3 << 13) ^ (c2 >>> 51);
-        
-//        assert (c3 >>> 51) == 0;
-    }
-
-    public static void square(long[] x, long[] z)
-    {
-        long[] tt = Nat.create64(13);
-        implSquare(x, tt);
-        reduce(tt, z);
-    }
-
-    public static void squareAddToExt(long[] x, long[] zz)
-    {
-        long[] tt = Nat.create64(13);
-        implSquare(x, tt);
-        addExt(zz, tt, zz);
-    }
-
-    public static void squareN(long[] x, int n, long[] z)
-    {
-//        assert n > 0;
-
-        long[] tt = Nat.create64(13);
-        implSquare(x, tt);
-        reduce(tt, z);
-
-        while (--n > 0)
-        {
-            implSquare(z, tt);
-            reduce(tt, z);
-        }
-    }
-
-    public static int trace(long[] x)
-    {
-        // Non-zero-trace bits: 0
-        return (int)(x[0]) & 1;
-    }
-
-    protected static void implCompactExt(long[] zz)
-    {
-        long z00 = zz[ 0], z01 = zz[ 1], z02 = zz[ 2], z03 = zz[ 3], z04 = zz[ 4], z05 = zz[ 5], z06 = zz[ 6];
-        long z07 = zz[ 7], z08 = zz[ 8], z09 = zz[ 9], z10 = zz[10], z11 = zz[11], z12 = zz[12], z13 = zz[13];
-        zz[ 0] =  z00         ^ (z01 << 59);
-        zz[ 1] = (z01 >>>  5) ^ (z02 << 54);
-        zz[ 2] = (z02 >>> 10) ^ (z03 << 49);
-        zz[ 3] = (z03 >>> 15) ^ (z04 << 44);
-        zz[ 4] = (z04 >>> 20) ^ (z05 << 39);
-        zz[ 5] = (z05 >>> 25) ^ (z06 << 34);
-        zz[ 6] = (z06 >>> 30) ^ (z07 << 29);
-        zz[ 7] = (z07 >>> 35) ^ (z08 << 24);
-        zz[ 8] = (z08 >>> 40) ^ (z09 << 19);
-        zz[ 9] = (z09 >>> 45) ^ (z10 << 14);
-        zz[10] = (z10 >>> 50) ^ (z11 <<  9);
-        zz[11] = (z11 >>> 55) ^ (z12 <<  4)
-                              ^ (z13 << 63);
-        zz[12] = (z12 >>> 60)
-               ^ (z13 >>> 1);
-        zz[13] = 0;
-    }
-
-    protected static void implExpand(long[] x, long[] z)
-    {
-        long x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3], x4 = x[4], x5 = x[5], x6 = x[6];
-        z[0] = x0 & M59;
-        z[1] = ((x0 >>> 59) ^ (x1 <<  5)) & M59;
-        z[2] = ((x1 >>> 54) ^ (x2 << 10)) & M59;
-        z[3] = ((x2 >>> 49) ^ (x3 << 15)) & M59;
-        z[4] = ((x3 >>> 44) ^ (x4 << 20)) & M59;
-        z[5] = ((x4 >>> 39) ^ (x5 << 25)) & M59;
-        z[6] = ((x5 >>> 34) ^ (x6 << 30));
-    }
-
-    protected static void implMultiply(long[] x, long[] y, long[] zz)
-    {
-        long[] a = new long[7], b = new long[7];
-        implExpand(x, a);
-        implExpand(y, b);
-
-        for (int i = 0; i < 7; ++i)
-        {
-            implMulwAcc(a, b[i], zz, i);
-        }
-
-        implCompactExt(zz);
-    }
-
-    protected static void implMulwAcc(long[] xs, long y, long[] z, int zOff)
-    {
-//        assert y >>> 59 == 0;
-
-        long[] u = new long[8];
-//      u[0] = 0;
-        u[1] = y;
-        u[2] = u[1] << 1;
-        u[3] = u[2] ^  y;
-        u[4] = u[2] << 1;
-        u[5] = u[4] ^  y;
-        u[6] = u[3] << 1;
-        u[7] = u[6] ^  y;
-
-        for (int i = 0; i < 7; ++i)
-        {
-            long x = xs[i];
-
-//            assert x >>> 59 == 0;
-
-            int j = (int)x;
-            long g, h = 0, l = u[j & 7]
-                             ^ (u[(j >>> 3) & 7] << 3);
-            int k = 54;
-            do
-            {
-                j  = (int)(x >>> k);
-                g  = u[j & 7]
-                   ^ u[(j >>> 3) & 7] << 3;
-                l ^= (g <<   k);
-                h ^= (g >>> -k);
-            }
-            while ((k -= 6) > 0);
-
-//            assert h >>> 53 == 0;
-
-            z[zOff + i    ] ^= l & M59;
-            z[zOff + i + 1] ^= (l >>> 59) ^ (h << 5);
-        }
-    }
-
-    protected static void implSquare(long[] x, long[] zz)
-    {
-        for (int i = 0; i < 6; ++i)
-        {
-            Interleave.expand64To128(x[i], zz, i << 1);
-        }
-        zz[12] = Interleave.expand32to64((int)x[6]);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT409FieldElement.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT409FieldElement.java
deleted file mode 100644
index 6dee877..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT409FieldElement.java
+++ /dev/null

@@ -1,227 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.raw.Nat;
-import org.bouncycastle.math.raw.Nat448;
-import org.bouncycastle.util.Arrays;
-
-public class SecT409FieldElement extends ECFieldElement.AbstractF2m
-{
-    protected long[] x;
-
-    public SecT409FieldElement(BigInteger x)
-    {
-        if (x == null || x.signum() < 0 || x.bitLength() > 409)
-        {
-            throw new IllegalArgumentException("x value invalid for SecT409FieldElement");
-        }
-
-        this.x = SecT409Field.fromBigInteger(x);
-    }
-
-    public SecT409FieldElement()
-    {
-        this.x = Nat448.create64();
-    }
-
-    protected SecT409FieldElement(long[] x)
-    {
-        this.x = x;
-    }
-
-//    public int bitLength()
-//    {
-//        return x.degree();
-//    }
-
-    public boolean isOne()
-    {
-        return Nat448.isOne64(x);
-    }
-
-    public boolean isZero()
-    {
-        return Nat448.isZero64(x);
-    }
-
-    public boolean testBitZero()
-    {
-        return (x[0] & 1L) != 0L;
-    }
-
-    public BigInteger toBigInteger()
-    {
-        return Nat448.toBigInteger64(x);
-    }
-
-    public String getFieldName()
-    {
-        return "SecT409Field";
-    }
-
-    public int getFieldSize()
-    {
-        return 409;
-    }
-
-    public ECFieldElement add(ECFieldElement b)
-    {
-        long[] z = Nat448.create64();
-        SecT409Field.add(x, ((SecT409FieldElement)b).x, z);
-        return new SecT409FieldElement(z);
-    }
-
-    public ECFieldElement addOne()
-    {
-        long[] z = Nat448.create64();
-        SecT409Field.addOne(x, z);
-        return new SecT409FieldElement(z);
-    }
-
-    public ECFieldElement subtract(ECFieldElement b)
-    {
-        // Addition and subtraction are the same in F2m
-        return add(b);
-    }
-
-    public ECFieldElement multiply(ECFieldElement b)
-    {
-        long[] z = Nat448.create64();
-        SecT409Field.multiply(x, ((SecT409FieldElement)b).x, z);
-        return new SecT409FieldElement(z);
-    }
-
-    public ECFieldElement multiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
-    {
-        return multiplyPlusProduct(b, x, y);
-    }
-
-    public ECFieldElement multiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
-    {
-        long[] ax = this.x, bx = ((SecT409FieldElement)b).x;
-        long[] xx = ((SecT409FieldElement)x).x, yx = ((SecT409FieldElement)y).x;
-
-        long[] tt = Nat.create64(13);
-        SecT409Field.multiplyAddToExt(ax, bx, tt);
-        SecT409Field.multiplyAddToExt(xx, yx, tt);
-
-        long[] z = Nat448.create64();
-        SecT409Field.reduce(tt, z);
-        return new SecT409FieldElement(z);
-    }
-
-    public ECFieldElement divide(ECFieldElement b)
-    {
-        return multiply(b.invert());
-    }
-
-    public ECFieldElement negate()
-    {
-        return this;
-    }
-
-    public ECFieldElement square()
-    {
-        long[] z = Nat448.create64();
-        SecT409Field.square(x, z);
-        return new SecT409FieldElement(z);
-    }
-
-    public ECFieldElement squareMinusProduct(ECFieldElement x, ECFieldElement y)
-    {
-        return squarePlusProduct(x, y);
-    }
-
-    public ECFieldElement squarePlusProduct(ECFieldElement x, ECFieldElement y)
-    {
-        long[] ax = this.x;
-        long[] xx = ((SecT409FieldElement)x).x, yx = ((SecT409FieldElement)y).x;
-
-        long[] tt = Nat.create64(13);
-        SecT409Field.squareAddToExt(ax, tt);
-        SecT409Field.multiplyAddToExt(xx, yx, tt);
-
-        long[] z = Nat448.create64();
-        SecT409Field.reduce(tt, z);
-        return new SecT409FieldElement(z);
-    }
-
-    public ECFieldElement squarePow(int pow)
-    {
-        if (pow < 1)
-        {
-            return this;
-        }
-
-        long[] z = Nat448.create64();
-        SecT409Field.squareN(x, pow, z);
-        return new SecT409FieldElement(z);
-    }
-
-    public int trace()
-    {
-        return SecT409Field.trace(x);
-    }
-
-    public ECFieldElement invert()
-    {
-        long[] z = Nat448.create64();
-        SecT409Field.invert(x, z);
-        return new SecT409FieldElement(z);
-    }
-
-    public ECFieldElement sqrt()
-    {
-        long[] z = Nat448.create64();
-        SecT409Field.sqrt(x, z);
-        return new SecT409FieldElement(z);
-    }
-
-    public int getRepresentation()
-    {
-        return ECFieldElement.F2m.TPB;
-    }
-
-    public int getM()
-    {
-        return 409;
-    }
-
-    public int getK1()
-    {
-        return 87;
-    }
-
-    public int getK2()
-    {
-        return 0;
-    }
-
-    public int getK3()
-    {
-        return 0;
-    }
-
-    public boolean equals(Object other)
-    {
-        if (other == this)
-        {
-            return true;
-        }
-
-        if (!(other instanceof SecT409FieldElement))
-        {
-            return false;
-        }
-
-        SecT409FieldElement o = (SecT409FieldElement)other;
-        return Nat448.eq64(x, o.x);
-    }
-
-    public int hashCode()
-    {
-        return 4090087 ^ Arrays.hashCode(x, 0, 7);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT409K1Curve.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT409K1Curve.java
deleted file mode 100644
index 7d30467..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT409K1Curve.java
+++ /dev/null

@@ -1,155 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECCurve.AbstractF2m;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECLookupTable;
-import org.bouncycastle.math.ec.ECMultiplier;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.WTauNafMultiplier;
-import org.bouncycastle.math.raw.Nat448;
-import org.bouncycastle.util.encoders.Hex;
-
-public class SecT409K1Curve extends AbstractF2m
-{
-    private static final int SecT409K1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
-
-    protected SecT409K1Point infinity;
-
-    public SecT409K1Curve()
-    {
-        super(409, 87, 0, 0);
-
-        this.infinity = new SecT409K1Point(this, null, null);
-
-        this.a = fromBigInteger(BigInteger.valueOf(0));
-        this.b = fromBigInteger(BigInteger.valueOf(1));
-        this.order = new BigInteger(1, Hex.decode("7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF"));
-        this.cofactor = BigInteger.valueOf(4);
-
-        this.coord = SecT409K1_DEFAULT_COORDS;
-    }
-
-    protected ECCurve cloneCurve()
-    {
-        return new SecT409K1Curve();
-    }
-
-    public boolean supportsCoordinateSystem(int coord)
-    {
-        switch (coord)
-        {
-        case COORD_LAMBDA_PROJECTIVE:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    protected ECMultiplier createDefaultMultiplier()
-    {
-        return new WTauNafMultiplier();
-    }
-
-    public int getFieldSize()
-    {
-        return 409;
-    }
-
-    public ECFieldElement fromBigInteger(BigInteger x)
-    {
-        return new SecT409FieldElement(x);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        return new SecT409K1Point(this, x, y, withCompression);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        return new SecT409K1Point(this, x, y, zs, withCompression);
-    }
-
-    public ECPoint getInfinity()
-    {
-        return infinity;
-    }
-
-    public boolean isKoblitz()
-    {
-        return true;
-    }
-
-    public int getM()
-    {
-        return 409;
-    }
-
-    public boolean isTrinomial()
-    {
-        return true;
-    }
-
-    public int getK1()
-    {
-        return 87;
-    }
-
-    public int getK2()
-    {
-        return 0;
-    }
-
-    public int getK3()
-    {
-        return 0;
-    }
-
-    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
-    {
-        final int FE_LONGS = 7;
-
-        final long[] table = new long[len * FE_LONGS * 2];
-        {
-            int pos = 0;
-            for (int i = 0; i < len; ++i)
-            {
-                ECPoint p = points[off + i];
-                Nat448.copy64(((SecT409FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_LONGS;
-                Nat448.copy64(((SecT409FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_LONGS;
-            }
-        }
-
-        return new ECLookupTable()
-        {
-            public int getSize()
-            {
-                return len;
-            }
-
-            public ECPoint lookup(int index)
-            {
-                long[] x = Nat448.create64(), y = Nat448.create64();
-                int pos = 0;
-
-                for (int i = 0; i < len; ++i)
-                {
-                    long MASK = ((i ^ index) - 1) >> 31;
-
-                    for (int j = 0; j < FE_LONGS; ++j)
-                    {
-                        x[j] ^= table[pos + j] & MASK;
-                        y[j] ^= table[pos + FE_LONGS + j] & MASK;
-                    }
-
-                    pos += (FE_LONGS * 2);
-                }
-
-                return createRawPoint(new SecT409FieldElement(x), new SecT409FieldElement(y), false);
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT409K1Point.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT409K1Point.java
deleted file mode 100644
index 41155f3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT409K1Point.java
+++ /dev/null

@@ -1,317 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.ECPoint.AbstractF2m;
-
-public class SecT409K1Point extends AbstractF2m
-{
-    /**
-     * @deprecated Use ECCurve.createPoint to construct points
-     */
-    public SecT409K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
-    {
-        this(curve, x, y, false);
-    }
-
-    /**
-     * @deprecated per-point compression property will be removed, refer {@link #getEncoded(boolean)}
-     */
-    public SecT409K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        super(curve, x, y);
-
-        if ((x == null) != (y == null))
-        {
-            throw new IllegalArgumentException("Exactly one of the field elements is null");
-        }
-
-        this.withCompression = withCompression;
-    }
-
-    SecT409K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        super(curve, x, y, zs);
-
-        this.withCompression = withCompression;
-    }
-
-    protected ECPoint detach()
-    {
-        return new SecT409K1Point(null, this.getAffineXCoord(), this.getAffineYCoord()); // earlier JDK
-    }
-
-    public ECFieldElement getYCoord()
-    {
-        ECFieldElement X = x, L = y;
-
-        if (this.isInfinity() || X.isZero())
-        {
-            return L;
-        }
-
-        // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
-        ECFieldElement Y = L.add(X).multiply(X);
-
-        ECFieldElement Z = zs[0];
-        if (!Z.isOne())
-        {
-            Y = Y.divide(Z);
-        }
-
-        return Y;
-    }
-
-    protected boolean getCompressionYTilde()
-    {
-        ECFieldElement X = this.getRawXCoord();
-        if (X.isZero())
-        {
-            return false;
-        }
-
-        ECFieldElement Y = this.getRawYCoord();
-
-        // Y is actually Lambda (X + Y/X) here
-        return Y.testBitZero() != X.testBitZero();
-    }
-
-    public ECPoint add(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        ECFieldElement X2 = b.getRawXCoord();
-
-        if (X1.isZero())
-        {
-            if (X2.isZero())
-            {
-                return curve.getInfinity();
-            }
-
-            return b.add(this);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord(), Z2 = b.getZCoord(0);
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement U2 = X2, S2 = L2;
-        if (!Z1IsOne)
-        {
-            U2 = U2.multiply(Z1);
-            S2 = S2.multiply(Z1);
-        }
-
-        boolean Z2IsOne = Z2.isOne();
-        ECFieldElement U1 = X1, S1 = L1;
-        if (!Z2IsOne)
-        {
-            U1 = U1.multiply(Z2);
-            S1 = S1.multiply(Z2);
-        }
-
-        ECFieldElement A = S1.add(S2);
-        ECFieldElement B = U1.add(U2);
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        ECFieldElement X3, L3, Z3;
-        if (X2.isZero())
-        {
-            // TODO This can probably be optimized quite a bit
-            ECPoint p = this.normalize();
-            X1 = p.getXCoord();
-            ECFieldElement Y1 = p.getYCoord();
-
-            ECFieldElement Y2 = L2;
-            ECFieldElement L = Y1.add(Y2).divide(X1);
-
-            X3 = L.square().add(L).add(X1);
-            if (X3.isZero())
-            {
-                return new SecT409K1Point(curve, X3, curve.getB(), this.withCompression);
-            }
-
-            ECFieldElement Y3 = L.multiply(X1.add(X3)).add(X3).add(Y1);
-            L3 = Y3.divide(X3).add(X3);
-            Z3 = curve.fromBigInteger(ECConstants.ONE);
-        }
-        else
-        {
-            B = B.square();
-
-            ECFieldElement AU1 = A.multiply(U1);
-            ECFieldElement AU2 = A.multiply(U2);
-
-            X3 = AU1.multiply(AU2);
-            if (X3.isZero())
-            {
-                return new SecT409K1Point(curve, X3, curve.getB(), this.withCompression);
-            }
-
-            ECFieldElement ABZ2 = A.multiply(B);
-            if (!Z2IsOne)
-            {
-                ABZ2 = ABZ2.multiply(Z2);
-            }
-
-            L3 = AU2.add(B).squarePlusProduct(ABZ2, L1.add(Z1));
-
-            Z3 = ABZ2;
-            if (!Z1IsOne)
-            {
-                Z3 = Z3.multiply(Z1);
-            }
-        }
-
-        return new SecT409K1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twice()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return curve.getInfinity();
-        }
-
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.square();
-        ECFieldElement T;
-        if (Z1IsOne)
-        {
-            T = L1.square().add(L1);
-        }
-        else
-        {
-            T = L1.add(Z1).multiply(L1);
-        }
-
-        if (T.isZero())
-        {
-            return new SecT409K1Point(curve, T, curve.getB(), withCompression);
-        }
-
-        ECFieldElement X3 = T.square();
-        ECFieldElement Z3 = Z1IsOne ? T : T.multiply(Z1Sq);
-
-        ECFieldElement t1 = L1.add(X1).square();
-        ECFieldElement t2 = Z1IsOne ? Z1 : Z1Sq.square();
-        ECFieldElement L3 = t1.add(T).add(Z1Sq).multiply(t1).add(t2).add(X3).add(Z3);
-
-        return new SecT409K1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twicePlus(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return twice();
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return b;
-        }
-
-        // NOTE: twicePlus() only optimized for lambda-affine argument
-        ECFieldElement X2 = b.getRawXCoord(), Z2 = b.getZCoord(0);
-        if (X2.isZero() || !Z2.isOne())
-        {
-            return twice().add(b);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord();
-
-        ECFieldElement X1Sq = X1.square();
-        ECFieldElement L1Sq = L1.square();
-        ECFieldElement Z1Sq = Z1.square();
-        ECFieldElement L1Z1 = L1.multiply(Z1);
-
-        ECFieldElement T = L1Sq.add(L1Z1);
-        ECFieldElement L2plus1 = L2.addOne();
-        ECFieldElement A = L2plus1.multiply(Z1Sq).add(L1Sq).multiplyPlusProduct(T, X1Sq, Z1Sq);
-        ECFieldElement X2Z1Sq = X2.multiply(Z1Sq);
-        ECFieldElement B = X2Z1Sq.add(T).square();
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return b.twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        if (A.isZero())
-        {
-            return new SecT409K1Point(curve, A, curve.getB(), withCompression);
-        }
-
-        ECFieldElement X3 = A.square().multiply(X2Z1Sq);
-        ECFieldElement Z3 = A.multiply(B).multiply(Z1Sq);
-        ECFieldElement L3 = A.add(B).square().multiplyPlusProduct(T, L2plus1, Z3);
-
-        return new SecT409K1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint negate()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECFieldElement X = this.x;
-        if (X.isZero())
-        {
-            return this;
-        }
-
-        // L is actually Lambda (X + Y/X) here
-        ECFieldElement L = this.y, Z = this.zs[0];
-        return new SecT409K1Point(curve, X, L.add(Z), new ECFieldElement[]{ Z }, this.withCompression);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT409R1Curve.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT409R1Curve.java
deleted file mode 100644
index f96c179..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT409R1Curve.java
+++ /dev/null

@@ -1,148 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECCurve.AbstractF2m;
-import org.bouncycastle.math.raw.Nat448;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECLookupTable;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.util.encoders.Hex;
-
-public class SecT409R1Curve extends AbstractF2m
-{
-    private static final int SecT409R1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
-
-    protected SecT409R1Point infinity;
-
-    public SecT409R1Curve()
-    {
-        super(409, 87, 0, 0);
-
-        this.infinity = new SecT409R1Point(this, null, null);
-
-        this.a = fromBigInteger(BigInteger.valueOf(1));
-        this.b = fromBigInteger(new BigInteger(1, Hex.decode("0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F")));
-        this.order = new BigInteger(1, Hex.decode("010000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173"));
-        this.cofactor = BigInteger.valueOf(2);
-
-        this.coord = SecT409R1_DEFAULT_COORDS;
-    }
-
-    protected ECCurve cloneCurve()
-    {
-        return new SecT409R1Curve();
-    }
-
-    public boolean supportsCoordinateSystem(int coord)
-    {
-        switch (coord)
-        {
-        case COORD_LAMBDA_PROJECTIVE:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    public int getFieldSize()
-    {
-        return 409;
-    }
-
-    public ECFieldElement fromBigInteger(BigInteger x)
-    {
-        return new SecT409FieldElement(x);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        return new SecT409R1Point(this, x, y, withCompression);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        return new SecT409R1Point(this, x, y, zs, withCompression);
-    }
-
-    public ECPoint getInfinity()
-    {
-        return infinity;
-    }
-
-    public boolean isKoblitz()
-    {
-        return false;
-    }
-
-    public int getM()
-    {
-        return 409;
-    }
-
-    public boolean isTrinomial()
-    {
-        return true;
-    }
-
-    public int getK1()
-    {
-        return 87;
-    }
-
-    public int getK2()
-    {
-        return 0;
-    }
-
-    public int getK3()
-    {
-        return 0;
-    }
-
-    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
-    {
-        final int FE_LONGS = 7;
-
-        final long[] table = new long[len * FE_LONGS * 2];
-        {
-            int pos = 0;
-            for (int i = 0; i < len; ++i)
-            {
-                ECPoint p = points[off + i];
-                Nat448.copy64(((SecT409FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_LONGS;
-                Nat448.copy64(((SecT409FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_LONGS;
-            }
-        }
-
-        return new ECLookupTable()
-        {
-            public int getSize()
-            {
-                return len;
-            }
-
-            public ECPoint lookup(int index)
-            {
-                long[] x = Nat448.create64(), y = Nat448.create64();
-                int pos = 0;
-
-                for (int i = 0; i < len; ++i)
-                {
-                    long MASK = ((i ^ index) - 1) >> 31;
-
-                    for (int j = 0; j < FE_LONGS; ++j)
-                    {
-                        x[j] ^= table[pos + j] & MASK;
-                        y[j] ^= table[pos + FE_LONGS + j] & MASK;
-                    }
-
-                    pos += (FE_LONGS * 2);
-                }
-
-                return createRawPoint(new SecT409FieldElement(x), new SecT409FieldElement(y), false);
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT409R1Point.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT409R1Point.java
deleted file mode 100644
index 3d3566e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT409R1Point.java
+++ /dev/null

@@ -1,305 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.ECPoint.AbstractF2m;
-
-public class SecT409R1Point extends AbstractF2m
-{
-    /**
-     * @deprecated Use ECCurve.createPoint to construct points
-     */
-    public SecT409R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
-    {
-        this(curve, x, y, false);
-    }
-
-    /**
-     * @deprecated per-point compression property will be removed, refer {@link #getEncoded(boolean)}
-     */
-    public SecT409R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        super(curve, x, y);
-
-        if ((x == null) != (y == null))
-        {
-            throw new IllegalArgumentException("Exactly one of the field elements is null");
-        }
-
-        this.withCompression = withCompression;
-    }
-
-    SecT409R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        super(curve, x, y, zs);
-
-        this.withCompression = withCompression;
-    }
-
-    protected ECPoint detach()
-    {
-        return new SecT409R1Point(null, getAffineXCoord(), getAffineYCoord());
-    }
-
-    public ECFieldElement getYCoord()
-    {
-        ECFieldElement X = x, L = y;
-
-        if (this.isInfinity() || X.isZero())
-        {
-            return L;
-        }
-
-        // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
-        ECFieldElement Y = L.add(X).multiply(X);
-
-        ECFieldElement Z = zs[0];
-        if (!Z.isOne())
-        {
-            Y = Y.divide(Z);
-        }
-
-        return Y;
-    }
-
-    protected boolean getCompressionYTilde()
-    {
-        ECFieldElement X = this.getRawXCoord();
-        if (X.isZero())
-        {
-            return false;
-        }
-
-        ECFieldElement Y = this.getRawYCoord();
-
-        // Y is actually Lambda (X + Y/X) here
-        return Y.testBitZero() != X.testBitZero();
-    }
-
-    public ECPoint add(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        ECFieldElement X2 = b.getRawXCoord();
-
-        if (X1.isZero())
-        {
-            if (X2.isZero())
-            {
-                return curve.getInfinity();
-            }
-
-            return b.add(this);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord(), Z2 = b.getZCoord(0);
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement U2 = X2, S2 = L2;
-        if (!Z1IsOne)
-        {
-            U2 = U2.multiply(Z1);
-            S2 = S2.multiply(Z1);
-        }
-
-        boolean Z2IsOne = Z2.isOne();
-        ECFieldElement U1 = X1, S1 = L1;
-        if (!Z2IsOne)
-        {
-            U1 = U1.multiply(Z2);
-            S1 = S1.multiply(Z2);
-        }
-
-        ECFieldElement A = S1.add(S2);
-        ECFieldElement B = U1.add(U2);
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        ECFieldElement X3, L3, Z3;
-        if (X2.isZero())
-        {
-            // TODO This can probably be optimized quite a bit
-            ECPoint p = this.normalize();
-            X1 = p.getXCoord();
-            ECFieldElement Y1 = p.getYCoord();
-
-            ECFieldElement Y2 = L2;
-            ECFieldElement L = Y1.add(Y2).divide(X1);
-
-            X3 = L.square().add(L).add(X1).addOne();
-            if (X3.isZero())
-            {
-                return new SecT409R1Point(curve, X3, curve.getB().sqrt(), this.withCompression);
-            }
-
-            ECFieldElement Y3 = L.multiply(X1.add(X3)).add(X3).add(Y1);
-            L3 = Y3.divide(X3).add(X3);
-            Z3 = curve.fromBigInteger(ECConstants.ONE);
-        }
-        else
-        {
-            B = B.square();
-
-            ECFieldElement AU1 = A.multiply(U1);
-            ECFieldElement AU2 = A.multiply(U2);
-
-            X3 = AU1.multiply(AU2);
-            if (X3.isZero())
-            {
-                return new SecT409R1Point(curve, X3, curve.getB().sqrt(), this.withCompression);
-            }
-
-            ECFieldElement ABZ2 = A.multiply(B);
-            if (!Z2IsOne)
-            {
-                ABZ2 = ABZ2.multiply(Z2);
-            }
-
-            L3 = AU2.add(B).squarePlusProduct(ABZ2, L1.add(Z1));
-
-            Z3 = ABZ2;
-            if (!Z1IsOne)
-            {
-                Z3 = Z3.multiply(Z1);
-            }
-        }
-
-        return new SecT409R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twice()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return curve.getInfinity();
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.multiply(Z1);
-        ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.square();
-        ECFieldElement T = L1.square().add(L1Z1).add(Z1Sq);
-        if (T.isZero())
-        {
-            return new SecT409R1Point(curve, T, curve.getB().sqrt(), withCompression);
-        }
-
-        ECFieldElement X3 = T.square();
-        ECFieldElement Z3 = Z1IsOne ? T : T.multiply(Z1Sq);
-
-        ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.multiply(Z1);
-        ECFieldElement L3 = X1Z1.squarePlusProduct(T, L1Z1).add(X3).add(Z3);
-
-        return new SecT409R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twicePlus(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return twice();
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return b;
-        }
-
-        ECFieldElement X2 = b.getRawXCoord(), Z2 = b.getZCoord(0);
-        if (X2.isZero() || !Z2.isOne())
-        {
-            return twice().add(b);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord();
-
-        ECFieldElement X1Sq = X1.square();
-        ECFieldElement L1Sq = L1.square();
-        ECFieldElement Z1Sq = Z1.square();
-        ECFieldElement L1Z1 = L1.multiply(Z1);
-
-        ECFieldElement T = Z1Sq.add(L1Sq).add(L1Z1);
-        ECFieldElement A = L2.multiply(Z1Sq).add(L1Sq).multiplyPlusProduct(T, X1Sq, Z1Sq);
-        ECFieldElement X2Z1Sq = X2.multiply(Z1Sq);
-        ECFieldElement B = X2Z1Sq.add(T).square();
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return b.twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        if (A.isZero())
-        {
-            return new SecT409R1Point(curve, A, curve.getB().sqrt(), withCompression);
-        }
-
-        ECFieldElement X3 = A.square().multiply(X2Z1Sq);
-        ECFieldElement Z3 = A.multiply(B).multiply(Z1Sq);
-        ECFieldElement L3 = A.add(B).square().multiplyPlusProduct(T, L2.addOne(), Z3);
-
-        return new SecT409R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint negate()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECFieldElement X = this.x;
-        if (X.isZero())
-        {
-            return this;
-        }
-
-        // L is actually Lambda (X + Y/X) here
-        ECFieldElement L = this.y, Z = this.zs[0];
-        return new SecT409R1Point(curve, X, L.add(Z), new ECFieldElement[]{ Z }, this.withCompression);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT571Field.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT571Field.java
deleted file mode 100644
index 554304b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT571Field.java
+++ /dev/null

@@ -1,369 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.raw.Interleave;
-import org.bouncycastle.math.raw.Nat;
-import org.bouncycastle.math.raw.Nat576;
-
-public class SecT571Field
-{
-    private static final long M59 = -1L >>> 5;
-
-    private static final long RM = 0xEF7BDEF7BDEF7BDEL;
-
-    private static final long[] ROOT_Z = new long[]{ 0x2BE1195F08CAFB99L, 0x95F08CAF84657C23L, 0xCAF84657C232BE11L, 0x657C232BE1195F08L,
-        0xF84657C2308CAF84L, 0x7C232BE1195F08CAL, 0xBE1195F08CAF8465L, 0x5F08CAF84657C232L, 0x784657C232BE119L };
-
-    public static void add(long[] x, long[] y, long[] z)
-    {
-        for (int i = 0; i < 9; ++i)
-        {
-            z[i] = x[i] ^ y[i];
-        }
-    }
-
-    private static void add(long[] x, int xOff, long[] y, int yOff, long[] z, int zOff)
-    {
-        for (int i = 0; i < 9; ++i)
-        {
-            z[zOff + i] = x[xOff + i] ^ y[yOff + i];
-        }
-    }
-
-    public static void addBothTo(long[] x, long[] y, long[] z)
-    {
-        for (int i = 0; i < 9; ++i)
-        {
-            z[i] ^= x[i] ^ y[i];
-        }
-    }
-
-    private static void addBothTo(long[] x, int xOff, long[] y, int yOff, long[] z, int zOff)
-    {
-        for (int i = 0; i < 9; ++i)
-        {
-            z[zOff + i] ^= x[xOff + i] ^ y[yOff + i];
-        }
-    }
-
-    public static void addExt(long[] xx, long[] yy, long[] zz)
-    {
-        for (int i = 0; i < 18; ++i)
-        {
-            zz[i] = xx[i] ^ yy[i];
-        }
-    }
-
-    public static void addOne(long[] x, long[] z)
-    {
-        z[0] = x[0] ^ 1L;
-        for (int i = 1; i < 9; ++i)
-        {
-            z[i] = x[i];
-        }
-    }
-
-    public static long[] fromBigInteger(BigInteger x)
-    {
-        long[] z = Nat576.fromBigInteger64(x);
-        reduce5(z, 0);
-        return z;
-    }
-
-    public static void invert(long[] x, long[] z)
-    {
-        if (Nat576.isZero64(x))
-        {
-            throw new IllegalStateException();
-        }
-
-        // Itoh-Tsujii inversion with bases { 2, 3, 5 }
-
-        long[] t0 = Nat576.create64();
-        long[] t1 = Nat576.create64();
-        long[] t2 = Nat576.create64();
-
-        square(x, t2);
-
-        // 5 | 570
-        square(t2, t0);
-        square(t0, t1);
-        multiply(t0, t1, t0);
-        squareN(t0, 2, t1);
-        multiply(t0, t1, t0);
-        multiply(t0, t2, t0);
-
-        // 3 | 114
-        squareN(t0, 5, t1);
-        multiply(t0, t1, t0);
-        squareN(t1, 5, t1);
-        multiply(t0, t1, t0);
-
-        // 2 | 38
-        squareN(t0, 15, t1);
-        multiply(t0, t1, t2);
-
-        // ! {2,3,5} | 19
-        squareN(t2, 30, t0);
-        squareN(t0, 30, t1);
-        multiply(t0, t1, t0);
-
-        // 3 | 9
-        squareN(t0, 60, t1);
-        multiply(t0, t1, t0);
-        squareN(t1, 60, t1);
-        multiply(t0, t1, t0);
-
-        // 3 | 3
-        squareN(t0, 180, t1);
-        multiply(t0, t1, t0);
-        squareN(t1, 180, t1);
-        multiply(t0, t1, t0);
-
-        multiply(t0, t2, z);
-    }
-
-    public static void multiply(long[] x, long[] y, long[] z)
-    {
-        long[] tt = Nat576.createExt64();
-        implMultiply(x, y, tt);
-        reduce(tt, z);
-    }
-
-    public static void multiplyAddToExt(long[] x, long[] y, long[] zz)
-    {
-        long[] tt = Nat576.createExt64();
-        implMultiply(x, y, tt);
-        addExt(zz, tt, zz);
-    }
-
-    public static void multiplyPrecomp(long[] x, long[] precomp, long[] z)
-    {
-        long[] tt = Nat576.createExt64();
-        implMultiplyPrecomp(x, precomp, tt);
-        reduce(tt, z);
-    }
-
-    public static void multiplyPrecompAddToExt(long[] x, long[] precomp, long[] zz)
-    {
-        long[] tt = Nat576.createExt64();
-        implMultiplyPrecomp(x, precomp, tt);
-        addExt(zz, tt, zz);
-    }
-
-    public static long[] precompMultiplicand(long[] x)
-    {
-        /*
-         * Precompute table of all 4-bit products of x (first section)
-         */
-        int len = 9 << 4;
-        long[] t = new long[len << 1];
-        System.arraycopy(x, 0, t, 9, 9);
-//        reduce5(T0, 9);
-        int tOff = 0;
-        for (int i = 7; i > 0; --i)
-        {
-            tOff += 18;
-            Nat.shiftUpBit64(9, t, tOff >>> 1, 0L, t, tOff);
-            reduce5(t, tOff);
-            add(t, 9, t, tOff, t, tOff + 9);
-        }
-
-        /*
-         * Second section with all 4-bit products of B shifted 4 bits
-         */
-        Nat.shiftUpBits64(len, t, 0, 4, 0L, t, len);
-
-        return t;
-    }
-
-    public static void reduce(long[] xx, long[] z)
-    {
-        long xx09 = xx[9];
-        long u = xx[17], v = xx09;
-
-        xx09  = v ^ (u >>> 59) ^ (u >>> 57) ^ (u >>> 54) ^ (u >>> 49);
-        v = xx[8] ^ (u <<   5) ^ (u <<   7) ^ (u <<  10) ^ (u <<  15);
-
-        for (int i = 16; i >= 10; --i)
-        {
-            u = xx[i];
-            z[i - 8]  = v ^ (u >>> 59) ^ (u >>> 57) ^ (u >>> 54) ^ (u >>> 49);
-            v = xx[i - 9] ^ (u <<   5) ^ (u <<   7) ^ (u <<  10) ^ (u <<  15);
-        }
-
-        u = xx09;
-        z[1]  = v ^ (u >>> 59) ^ (u >>> 57) ^ (u >>> 54) ^ (u >>> 49);
-        v = xx[0] ^ (u <<   5) ^ (u <<   7) ^ (u <<  10) ^ (u <<  15);
-
-        long x08 = z[8];
-        long t   = x08 >>> 59;
-        z[0]     = v ^ t ^ (t << 2) ^ (t << 5) ^ (t << 10);
-        z[8]     = x08 & M59;
-    }
-
-    public static void reduce5(long[] z, int zOff)
-    {
-        long z8      = z[zOff + 8], t = z8 >>> 59;
-        z[zOff    ] ^= t ^ (t << 2) ^ (t << 5) ^ (t << 10);
-        z[zOff + 8]  = z8 & M59;
-    }
-
-    public static void sqrt(long[] x, long[] z)
-    {
-        long[] evn = Nat576.create64(), odd = Nat576.create64();
-
-        int pos = 0;
-        for (int i = 0; i < 4; ++i)
-        {
-            long u0 = Interleave.unshuffle(x[pos++]);
-            long u1 = Interleave.unshuffle(x[pos++]);
-            evn[i] = (u0 & 0x00000000FFFFFFFFL) | (u1 << 32);
-            odd[i] = (u0 >>> 32) | (u1 & 0xFFFFFFFF00000000L);
-        }
-        {
-            long u0 = Interleave.unshuffle(x[pos]);
-            evn[4] = (u0 & 0x00000000FFFFFFFFL);
-            odd[4] = (u0 >>> 32);
-        }
-
-        multiply(odd, ROOT_Z, z);
-        add(z, evn, z);
-    }
-
-    public static void square(long[] x, long[] z)
-    {
-        long[] tt = Nat576.createExt64();
-        implSquare(x, tt);
-        reduce(tt, z);
-    }
-
-    public static void squareAddToExt(long[] x, long[] zz)
-    {
-        long[] tt = Nat576.createExt64();
-        implSquare(x, tt);
-        addExt(zz, tt, zz);
-    }
-
-    public static void squareN(long[] x, int n, long[] z)
-    {
-//        assert n > 0;
-
-        long[] tt = Nat576.createExt64();
-        implSquare(x, tt);
-        reduce(tt, z);
-
-        while (--n > 0)
-        {
-            implSquare(z, tt);
-            reduce(tt, z);
-        }
-    }
-
-    public static int trace(long[] x)
-    {
-        // Non-zero-trace bits: 0, 561, 569
-        return (int)(x[0] ^ (x[8] >>> 49) ^ (x[8] >>> 57)) & 1;
-    }
-
-    protected static void implMultiply(long[] x, long[] y, long[] zz)
-    {
-//        for (int i = 0; i < 9; ++i)
-//        {
-//            implMulwAcc(x, y[i], zz, i);
-//        }
-
-        long[] precomp = precompMultiplicand(y);
-        
-        implMultiplyPrecomp(x, precomp, zz);
-    }
-
-    protected static void implMultiplyPrecomp(long[] x, long[] precomp, long[] zz)
-    {
-        int MASK = 0xF;
-
-        /*
-         * Lopez-Dahab algorithm
-         */
-
-        for (int k = 56; k >= 0; k -= 8)
-        {
-            for (int j = 1; j < 9; j += 2)
-            {
-                int aVal = (int)(x[j] >>> k);
-                int u = aVal & MASK;
-                int v = (aVal >>> 4) & MASK;
-                addBothTo(precomp, 9 * u, precomp, 9 * (v + 16), zz, j - 1);
-            }
-            Nat.shiftUpBits64(16, zz, 0, 8, 0L);
-        }
-
-        for (int k = 56; k >= 0; k -= 8)
-        {
-            for (int j = 0; j < 9; j += 2)
-            {
-                int aVal = (int)(x[j] >>> k);
-                int u = aVal & MASK;
-                int v = (aVal >>> 4) & MASK;
-                addBothTo(precomp, 9 * u, precomp, 9 * (v + 16), zz, j);
-            }
-            if (k > 0)
-            {
-                Nat.shiftUpBits64(18, zz, 0, 8, 0L);
-            }
-        }
-    }
-
-    protected static void implMulwAcc(long[] xs, long y, long[] z, int zOff)
-    {
-        long[] u = new long[32];
-//      u[0] = 0;
-        u[1] = y;
-        for (int i = 2; i < 32; i += 2)
-        {
-            u[i    ] = u[i >>> 1] << 1;
-            u[i + 1] = u[i      ] ^  y;
-        }
-
-        long l = 0;
-        for (int i = 0; i < 9; ++i)
-        {
-            long x = xs[i];
-
-            int j = (int)x;
-
-            l ^= u[j & 31];
-
-            long g, h = 0;
-            int k = 60;
-            do
-            {
-                j  = (int)(x >>> k);
-                g  = u[j & 31];
-                l ^= (g <<   k);
-                h ^= (g >>> -k);
-            }
-            while ((k -= 5) > 0);
-
-            for (int p = 0; p < 4; ++p)
-            {
-                x = (x & RM) >>> 1;
-                h ^= x & ((y << p) >> 63);
-            }
-
-            z[zOff + i] ^= l;
-
-            l = h;
-        }
-        z[zOff + 9] ^= l;
-    }
-
-    protected static void implSquare(long[] x, long[] zz)
-    {
-        for (int i = 0; i < 9; ++i)
-        {
-            Interleave.expand64To128(x[i], zz, i << 1);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT571FieldElement.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT571FieldElement.java
deleted file mode 100644
index 484ad8c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT571FieldElement.java
+++ /dev/null

@@ -1,226 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.raw.Nat576;
-import org.bouncycastle.util.Arrays;
-
-public class SecT571FieldElement extends ECFieldElement.AbstractF2m
-{
-    protected long[] x;
-
-    public SecT571FieldElement(BigInteger x)
-    {
-        if (x == null || x.signum() < 0 || x.bitLength() > 571)
-        {
-            throw new IllegalArgumentException("x value invalid for SecT571FieldElement");
-        }
-
-        this.x = SecT571Field.fromBigInteger(x);
-    }
-
-    public SecT571FieldElement()
-    {
-        this.x = Nat576.create64();
-    }
-
-    protected SecT571FieldElement(long[] x)
-    {
-        this.x = x;
-    }
-
-//    public int bitLength()
-//    {
-//        return x.degree();
-//    }
-
-    public boolean isOne()
-    {
-        return Nat576.isOne64(x);
-    }
-
-    public boolean isZero()
-    {
-        return Nat576.isZero64(x);
-    }
-
-    public boolean testBitZero()
-    {
-        return (x[0] & 1L) != 0L;
-    }
-
-    public BigInteger toBigInteger()
-    {
-        return Nat576.toBigInteger64(x);
-    }
-
-    public String getFieldName()
-    {
-        return "SecT571Field";
-    }
-
-    public int getFieldSize()
-    {
-        return 571;
-    }
-
-    public ECFieldElement add(ECFieldElement b)
-    {
-        long[] z = Nat576.create64();
-        SecT571Field.add(x, ((SecT571FieldElement)b).x, z);
-        return new SecT571FieldElement(z);
-    }
-
-    public ECFieldElement addOne()
-    {
-        long[] z = Nat576.create64();
-        SecT571Field.addOne(x, z);
-        return new SecT571FieldElement(z);
-    }
-
-    public ECFieldElement subtract(ECFieldElement b)
-    {
-        // Addition and subtraction are the same in F2m
-        return add(b);
-    }
-
-    public ECFieldElement multiply(ECFieldElement b)
-    {
-        long[] z = Nat576.create64();
-        SecT571Field.multiply(x, ((SecT571FieldElement)b).x, z);
-        return new SecT571FieldElement(z);
-    }
-
-    public ECFieldElement multiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
-    {
-        return multiplyPlusProduct(b, x, y);
-    }
-
-    public ECFieldElement multiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
-    {
-        long[] ax = this.x, bx = ((SecT571FieldElement)b).x;
-        long[] xx = ((SecT571FieldElement)x).x, yx = ((SecT571FieldElement)y).x;
-
-        long[] tt = Nat576.createExt64();
-        SecT571Field.multiplyAddToExt(ax, bx, tt);
-        SecT571Field.multiplyAddToExt(xx, yx, tt);
-
-        long[] z = Nat576.create64();
-        SecT571Field.reduce(tt, z);
-        return new SecT571FieldElement(z);
-    }
-
-    public ECFieldElement divide(ECFieldElement b)
-    {
-        return multiply(b.invert());
-    }
-
-    public ECFieldElement negate()
-    {
-        return this;
-    }
-
-    public ECFieldElement square()
-    {
-        long[] z = Nat576.create64();
-        SecT571Field.square(x, z);
-        return new SecT571FieldElement(z);
-    }
-
-    public ECFieldElement squareMinusProduct(ECFieldElement x, ECFieldElement y)
-    {
-        return squarePlusProduct(x, y);
-    }
-
-    public ECFieldElement squarePlusProduct(ECFieldElement x, ECFieldElement y)
-    {
-        long[] ax = this.x;
-        long[] xx = ((SecT571FieldElement)x).x, yx = ((SecT571FieldElement)y).x;
-
-        long[] tt = Nat576.createExt64();
-        SecT571Field.squareAddToExt(ax, tt);
-        SecT571Field.multiplyAddToExt(xx, yx, tt);
-
-        long[] z = Nat576.create64();
-        SecT571Field.reduce(tt, z);
-        return new SecT571FieldElement(z);
-    }
-
-    public ECFieldElement squarePow(int pow)
-    {
-        if (pow < 1)
-        {
-            return this;
-        }
-
-        long[] z = Nat576.create64();
-        SecT571Field.squareN(x, pow, z);
-        return new SecT571FieldElement(z);
-    }
-
-    public int trace()
-    {
-        return SecT571Field.trace(x);
-    }
-
-    public ECFieldElement invert()
-    {
-        long[] z = Nat576.create64();
-        SecT571Field.invert(x, z);
-        return new SecT571FieldElement(z);
-    }
-
-    public ECFieldElement sqrt()
-    {
-        long[] z = Nat576.create64();
-        SecT571Field.sqrt(x, z);
-        return new SecT571FieldElement(z);
-    }
-
-    public int getRepresentation()
-    {
-        return ECFieldElement.F2m.PPB;
-    }
-
-    public int getM()
-    {
-        return 571;
-    }
-
-    public int getK1()
-    {
-        return 2;
-    }
-
-    public int getK2()
-    {
-        return 5;
-    }
-
-    public int getK3()
-    {
-        return 10;
-    }
-
-    public boolean equals(Object other)
-    {
-        if (other == this)
-        {
-            return true;
-        }
-
-        if (!(other instanceof SecT571FieldElement))
-        {
-            return false;
-        }
-
-        SecT571FieldElement o = (SecT571FieldElement)other;
-        return Nat576.eq64(x, o.x);
-    }
-
-    public int hashCode()
-    {
-        return 5711052 ^ Arrays.hashCode(x, 0, 9);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT571K1Curve.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT571K1Curve.java
deleted file mode 100644
index 935fc39..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT571K1Curve.java
+++ /dev/null

@@ -1,155 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECCurve.AbstractF2m;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECLookupTable;
-import org.bouncycastle.math.ec.ECMultiplier;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.WTauNafMultiplier;
-import org.bouncycastle.math.raw.Nat576;
-import org.bouncycastle.util.encoders.Hex;
-
-public class SecT571K1Curve extends AbstractF2m
-{
-    private static final int SecT571K1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
-
-    protected SecT571K1Point infinity;
-
-    public SecT571K1Curve()
-    {
-        super(571, 2, 5, 10);
-
-        this.infinity = new SecT571K1Point(this, null, null);
-
-        this.a = fromBigInteger(BigInteger.valueOf(0));
-        this.b = fromBigInteger(BigInteger.valueOf(1));
-        this.order = new BigInteger(1, Hex.decode("020000000000000000000000000000000000000000000000000000000000000000000000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001"));
-        this.cofactor = BigInteger.valueOf(4);
-
-        this.coord = SecT571K1_DEFAULT_COORDS;
-    }
-
-    protected ECCurve cloneCurve()
-    {
-        return new SecT571K1Curve();
-    }
-
-    public boolean supportsCoordinateSystem(int coord)
-    {
-        switch (coord)
-        {
-        case COORD_LAMBDA_PROJECTIVE:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    protected ECMultiplier createDefaultMultiplier()
-    {
-        return new WTauNafMultiplier();
-    }
-
-    public int getFieldSize()
-    {
-        return 571;
-    }
-
-    public ECFieldElement fromBigInteger(BigInteger x)
-    {
-        return new SecT571FieldElement(x);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        return new SecT571K1Point(this, x, y, withCompression);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        return new SecT571K1Point(this, x, y, zs, withCompression);
-    }
-
-    public ECPoint getInfinity()
-    {
-        return infinity;
-    }
-
-    public boolean isKoblitz()
-    {
-        return true;
-    }
-
-    public int getM()
-    {
-        return 571;
-    }
-
-    public boolean isTrinomial()
-    {
-        return false;
-    }
-
-    public int getK1()
-    {
-        return 2;
-    }
-
-    public int getK2()
-    {
-        return 5;
-    }
-
-    public int getK3()
-    {
-        return 10;
-    }
-
-    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
-    {
-        final int FE_LONGS = 9;
-
-        final long[] table = new long[len * FE_LONGS * 2];
-        {
-            int pos = 0;
-            for (int i = 0; i < len; ++i)
-            {
-                ECPoint p = points[off + i];
-                Nat576.copy64(((SecT571FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_LONGS;
-                Nat576.copy64(((SecT571FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_LONGS;
-            }
-        }
-
-        return new ECLookupTable()
-        {
-            public int getSize()
-            {
-                return len;
-            }
-
-            public ECPoint lookup(int index)
-            {
-                long[] x = Nat576.create64(), y = Nat576.create64();
-                int pos = 0;
-
-                for (int i = 0; i < len; ++i)
-                {
-                    long MASK = ((i ^ index) - 1) >> 31;
-
-                    for (int j = 0; j < FE_LONGS; ++j)
-                    {
-                        x[j] ^= table[pos + j] & MASK;
-                        y[j] ^= table[pos + FE_LONGS + j] & MASK;
-                    }
-
-                    pos += (FE_LONGS * 2);
-                }
-
-                return createRawPoint(new SecT571FieldElement(x), new SecT571FieldElement(y), false);
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT571K1Point.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT571K1Point.java
deleted file mode 100644
index 8f1c4ca..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT571K1Point.java
+++ /dev/null

@@ -1,353 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.ECPoint.AbstractF2m;
-import org.bouncycastle.math.raw.Nat576;
-
-public class SecT571K1Point extends AbstractF2m
-{
-    /**
-     * @deprecated Use ECCurve.createPoint to construct points
-     */
-    public SecT571K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
-    {
-        this(curve, x, y, false);
-    }
-
-    /**
-     * @deprecated per-point compression property will be removed, refer {@link #getEncoded(boolean)}
-     */
-    public SecT571K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        super(curve, x, y);
-
-        if ((x == null) != (y == null))
-        {
-            throw new IllegalArgumentException("Exactly one of the field elements is null");
-        }
-
-        this.withCompression = withCompression;
-    }
-
-    SecT571K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        super(curve, x, y, zs);
-
-        this.withCompression = withCompression;
-    }
-
-    protected ECPoint detach()
-    {
-        return new SecT571K1Point(null, this.getAffineXCoord(), this.getAffineYCoord()); // earlier JDK
-    }
-
-    public ECFieldElement getYCoord()
-    {
-        ECFieldElement X = x, L = y;
-
-        if (this.isInfinity() || X.isZero())
-        {
-            return L;
-        }
-
-        // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
-        ECFieldElement Y = L.add(X).multiply(X);
-
-        ECFieldElement Z = zs[0];
-        if (!Z.isOne())
-        {
-            Y = Y.divide(Z);
-        }
-
-        return Y;
-    }
-
-    protected boolean getCompressionYTilde()
-    {
-        ECFieldElement X = this.getRawXCoord();
-        if (X.isZero())
-        {
-            return false;
-        }
-
-        ECFieldElement Y = this.getRawYCoord();
-
-        // Y is actually Lambda (X + Y/X) here
-        return Y.testBitZero() != X.testBitZero();
-    }
-
-    public ECPoint add(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        SecT571FieldElement X1 = (SecT571FieldElement)this.x;
-        SecT571FieldElement X2 = (SecT571FieldElement)b.getRawXCoord();
-
-        if (X1.isZero())
-        {
-            if (X2.isZero())
-            {
-                return curve.getInfinity();
-            }
-
-            return b.add(this);
-        }
-
-        SecT571FieldElement L1 = (SecT571FieldElement)this.y, Z1 = (SecT571FieldElement)this.zs[0];
-        SecT571FieldElement L2 = (SecT571FieldElement)b.getRawYCoord(), Z2 = (SecT571FieldElement)b.getZCoord(0);
-
-        long[] t1 = Nat576.create64();
-        long[] t2 = Nat576.create64();
-        long[] t3 = Nat576.create64();
-        long[] t4 = Nat576.create64();
-
-        long[] Z1Precomp = Z1.isOne() ? null : SecT571Field.precompMultiplicand(Z1.x);
-        long[] U2, S2;
-        if (Z1Precomp == null)
-        {
-            U2 = X2.x;
-            S2 = L2.x;
-        }
-        else
-        {
-            SecT571Field.multiplyPrecomp(X2.x, Z1Precomp, U2 = t2);
-            SecT571Field.multiplyPrecomp(L2.x, Z1Precomp, S2 = t4);
-        }
-
-        long[] Z2Precomp = Z2.isOne() ? null : SecT571Field.precompMultiplicand(Z2.x);
-        long[] U1, S1;
-        if (Z2Precomp == null)
-        {
-            U1 = X1.x;
-            S1 = L1.x;
-        }
-        else
-        {
-            SecT571Field.multiplyPrecomp(X1.x, Z2Precomp, U1 = t1);
-            SecT571Field.multiplyPrecomp(L1.x, Z2Precomp, S1 = t3);
-        }
-
-        long[] A = t3;
-        SecT571Field.add(S1, S2, A);
-
-        long[] B = t4;
-        SecT571Field.add(U1, U2, B);
-
-        if (Nat576.isZero64(B))
-        {
-            if (Nat576.isZero64(A))
-            {
-                return twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        SecT571FieldElement X3, L3, Z3;
-        if (X2.isZero())
-        {
-            // TODO This can probably be optimized quite a bit
-            ECPoint p = this.normalize();
-            X1 = (SecT571FieldElement)p.getXCoord();
-            ECFieldElement Y1 = p.getYCoord();
-
-            ECFieldElement Y2 = L2;
-            ECFieldElement L = Y1.add(Y2).divide(X1);
-
-            X3 = (SecT571FieldElement)L.square().add(L).add(X1);
-            if (X3.isZero())
-            {
-                return new SecT571K1Point(curve, X3, curve.getB(), this.withCompression);
-            }
-
-            ECFieldElement Y3 = L.multiply(X1.add(X3)).add(X3).add(Y1);
-            L3 = (SecT571FieldElement)Y3.divide(X3).add(X3);
-            Z3 = (SecT571FieldElement)curve.fromBigInteger(ECConstants.ONE);
-        }
-        else
-        {
-            SecT571Field.square(B, B);
-
-            long[] APrecomp = SecT571Field.precompMultiplicand(A);
-
-            long[] AU1 = t1;
-            long[] AU2 = t2;
-
-            SecT571Field.multiplyPrecomp(U1, APrecomp, AU1);
-            SecT571Field.multiplyPrecomp(U2, APrecomp, AU2);
-
-            X3 = new SecT571FieldElement(t1);
-            SecT571Field.multiply(AU1, AU2, X3.x);
-
-            if (X3.isZero())
-            {
-                return new SecT571K1Point(curve, X3, curve.getB(), this.withCompression);
-            }
-
-            Z3 = new SecT571FieldElement(t3);
-            SecT571Field.multiplyPrecomp(B, APrecomp, Z3.x);
-
-            if (Z2Precomp != null)
-            {
-                SecT571Field.multiplyPrecomp(Z3.x, Z2Precomp, Z3.x);
-            }
-
-            long[] tt = Nat576.createExt64();
-
-            SecT571Field.add(AU2, B, t4);
-            SecT571Field.squareAddToExt(t4, tt);
-
-            SecT571Field.add(L1.x, Z1.x, t4);
-            SecT571Field.multiplyAddToExt(t4, Z3.x, tt);
-
-            L3 = new SecT571FieldElement(t4);
-            SecT571Field.reduce(tt, L3.x);
-
-            if (Z1Precomp != null)
-            {
-                SecT571Field.multiplyPrecomp(Z3.x, Z1Precomp, Z3.x);
-            }
-        }
-
-        return new SecT571K1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twice()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return curve.getInfinity();
-        }
-
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-
-        boolean Z1IsOne = Z1.isOne();
-        ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.square();
-        ECFieldElement T;
-        if (Z1IsOne)
-        {
-            T = L1.square().add(L1);
-        }
-        else
-        {
-            T = L1.add(Z1).multiply(L1);
-        }
-
-        if (T.isZero())
-        {
-            return new SecT571K1Point(curve, T, curve.getB(), withCompression);
-        }
-
-        ECFieldElement X3 = T.square();
-        ECFieldElement Z3 = Z1IsOne ? T : T.multiply(Z1Sq);
-
-        ECFieldElement t1 = L1.add(X1).square();
-        ECFieldElement t2 = Z1IsOne ? Z1 : Z1Sq.square();
-        ECFieldElement L3 = t1.add(T).add(Z1Sq).multiply(t1).add(t2).add(X3).add(Z3);
-
-        return new SecT571K1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twicePlus(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return twice();
-        }
-
-        ECCurve curve = this.getCurve();
-
-        ECFieldElement X1 = this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return b;
-        }
-
-        // NOTE: twicePlus() only optimized for lambda-affine argument
-        ECFieldElement X2 = b.getRawXCoord(), Z2 = b.getZCoord(0);
-        if (X2.isZero() || !Z2.isOne())
-        {
-            return twice().add(b);
-        }
-
-        ECFieldElement L1 = this.y, Z1 = this.zs[0];
-        ECFieldElement L2 = b.getRawYCoord();
-
-        ECFieldElement X1Sq = X1.square();
-        ECFieldElement L1Sq = L1.square();
-        ECFieldElement Z1Sq = Z1.square();
-        ECFieldElement L1Z1 = L1.multiply(Z1);
-
-        ECFieldElement T = L1Sq.add(L1Z1);
-        ECFieldElement L2plus1 = L2.addOne();
-        ECFieldElement A = L2plus1.multiply(Z1Sq).add(L1Sq).multiplyPlusProduct(T, X1Sq, Z1Sq);
-        ECFieldElement X2Z1Sq = X2.multiply(Z1Sq);
-        ECFieldElement B = X2Z1Sq.add(T).square();
-
-        if (B.isZero())
-        {
-            if (A.isZero())
-            {
-                return b.twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        if (A.isZero())
-        {
-            return new SecT571K1Point(curve, A, curve.getB(), withCompression);
-        }
-
-        ECFieldElement X3 = A.square().multiply(X2Z1Sq);
-        ECFieldElement Z3 = A.multiply(B).multiply(Z1Sq);
-        ECFieldElement L3 = A.add(B).square().multiplyPlusProduct(T, L2plus1, Z3);
-
-        return new SecT571K1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint negate()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECFieldElement X = this.x;
-        if (X.isZero())
-        {
-            return this;
-        }
-
-        // L is actually Lambda (X + Y/X) here
-        ECFieldElement L = this.y, Z = this.zs[0];
-        return new SecT571K1Point(curve, X, L.add(Z), new ECFieldElement[]{ Z }, this.withCompression);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT571R1Curve.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT571R1Curve.java
deleted file mode 100644
index 00dd63b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT571R1Curve.java
+++ /dev/null

@@ -1,152 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECCurve.AbstractF2m;
-import org.bouncycastle.math.raw.Nat576;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECLookupTable;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.util.encoders.Hex;
-
-public class SecT571R1Curve extends AbstractF2m
-{
-    private static final int SecT571R1_DEFAULT_COORDS = COORD_LAMBDA_PROJECTIVE;
-
-    protected SecT571R1Point infinity;
-
-    static final SecT571FieldElement SecT571R1_B = new SecT571FieldElement(
-        new BigInteger(1, Hex.decode("02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A")));
-    static final SecT571FieldElement SecT571R1_B_SQRT = (SecT571FieldElement)SecT571R1_B.sqrt();
-
-    public SecT571R1Curve()
-    {
-        super(571, 2, 5, 10);
-
-        this.infinity = new SecT571R1Point(this, null, null);
-
-        this.a = fromBigInteger(BigInteger.valueOf(1));
-        this.b = SecT571R1_B;
-        this.order = new BigInteger(1, Hex.decode("03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47"));
-        this.cofactor = BigInteger.valueOf(2);
-
-        this.coord = SecT571R1_DEFAULT_COORDS;
-    }
-
-    protected ECCurve cloneCurve()
-    {
-        return new SecT571R1Curve();
-    }
-
-    public boolean supportsCoordinateSystem(int coord)
-    {
-        switch (coord)
-        {
-        case COORD_LAMBDA_PROJECTIVE:
-            return true;
-        default:
-            return false;
-        }
-    }
-
-    public int getFieldSize()
-    {
-        return 571;
-    }
-
-    public ECFieldElement fromBigInteger(BigInteger x)
-    {
-        return new SecT571FieldElement(x);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        return new SecT571R1Point(this, x, y, withCompression);
-    }
-
-    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        return new SecT571R1Point(this, x, y, zs, withCompression);
-    }
-
-    public ECPoint getInfinity()
-    {
-        return infinity;
-    }
-
-    public boolean isKoblitz()
-    {
-        return false;
-    }
-
-    public int getM()
-    {
-        return 571;
-    }
-
-    public boolean isTrinomial()
-    {
-        return false;
-    }
-
-    public int getK1()
-    {
-        return 2;
-    }
-
-    public int getK2()
-    {
-        return 5;
-    }
-
-    public int getK3()
-    {
-        return 10;
-    }
-
-    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
-    {
-        final int FE_LONGS = 9;
-
-        final long[] table = new long[len * FE_LONGS * 2];
-        {
-            int pos = 0;
-            for (int i = 0; i < len; ++i)
-            {
-                ECPoint p = points[off + i];
-                Nat576.copy64(((SecT571FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_LONGS;
-                Nat576.copy64(((SecT571FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_LONGS;
-            }
-        }
-
-        return new ECLookupTable()
-        {
-            public int getSize()
-            {
-                return len;
-            }
-
-            public ECPoint lookup(int index)
-            {
-                long[] x = Nat576.create64(), y = Nat576.create64();
-                int pos = 0;
-
-                for (int i = 0; i < len; ++i)
-                {
-                    long MASK = ((i ^ index) - 1) >> 31;
-
-                    for (int j = 0; j < FE_LONGS; ++j)
-                    {
-                        x[j] ^= table[pos + j] & MASK;
-                        y[j] ^= table[pos + FE_LONGS + j] & MASK;
-                    }
-
-                    pos += (FE_LONGS * 2);
-                }
-
-                return createRawPoint(new SecT571FieldElement(x), new SecT571FieldElement(y), false);
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT571R1Point.java b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT571R1Point.java
deleted file mode 100644
index 71766d6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/SecT571R1Point.java
+++ /dev/null

@@ -1,421 +0,0 @@
-package org.bouncycastle.math.ec.custom.sec;
-
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.math.ec.ECPoint.AbstractF2m;
-import org.bouncycastle.math.raw.Nat;
-import org.bouncycastle.math.raw.Nat576;
-
-public class SecT571R1Point extends AbstractF2m
-{
-    /**
-     * @deprecated Use ECCurve.createPoint to construct points
-     */
-    public SecT571R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
-    {
-        this(curve, x, y, false);
-    }
-
-    /**
-     * @deprecated per-point compression property will be removed, refer {@link #getEncoded(boolean)}
-     */
-    public SecT571R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
-    {
-        super(curve, x, y);
-
-        if ((x == null) != (y == null))
-        {
-            throw new IllegalArgumentException("Exactly one of the field elements is null");
-        }
-
-        this.withCompression = withCompression;
-    }
-
-    SecT571R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
-    {
-        super(curve, x, y, zs);
-
-        this.withCompression = withCompression;
-    }
-
-    protected ECPoint detach()
-    {
-        return new SecT571R1Point(null, getAffineXCoord(), getAffineYCoord());
-    }
-
-    public ECFieldElement getYCoord()
-    {
-        ECFieldElement X = x, L = y;
-
-        if (this.isInfinity() || X.isZero())
-        {
-            return L;
-        }
-
-        // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
-        ECFieldElement Y = L.add(X).multiply(X);
-
-        ECFieldElement Z = zs[0];
-        if (!Z.isOne())
-        {
-            Y = Y.divide(Z);
-        }
-
-        return Y;
-    }
-
-    protected boolean getCompressionYTilde()
-    {
-        ECFieldElement X = this.getRawXCoord();
-        if (X.isZero())
-        {
-            return false;
-        }
-
-        ECFieldElement Y = this.getRawYCoord();
-
-        // Y is actually Lambda (X + Y/X) here
-        return Y.testBitZero() != X.testBitZero();
-    }
-
-    public ECPoint add(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        SecT571FieldElement X1 = (SecT571FieldElement)this.x;
-        SecT571FieldElement X2 = (SecT571FieldElement)b.getRawXCoord();
-
-        if (X1.isZero())
-        {
-            if (X2.isZero())
-            {
-                return curve.getInfinity();
-            }
-
-            return b.add(this);
-        }
-
-        SecT571FieldElement L1 = (SecT571FieldElement)this.y, Z1 = (SecT571FieldElement)this.zs[0];
-        SecT571FieldElement L2 = (SecT571FieldElement)b.getRawYCoord(), Z2 = (SecT571FieldElement)b.getZCoord(0);
-
-        long[] t1 = Nat576.create64();
-        long[] t2 = Nat576.create64();
-        long[] t3 = Nat576.create64();
-        long[] t4 = Nat576.create64();
-
-        long[] Z1Precomp = Z1.isOne() ? null : SecT571Field.precompMultiplicand(Z1.x);
-        long[] U2, S2;
-        if (Z1Precomp == null)
-        {
-            U2 = X2.x;
-            S2 = L2.x;
-        }
-        else
-        {
-            SecT571Field.multiplyPrecomp(X2.x, Z1Precomp, U2 = t2);
-            SecT571Field.multiplyPrecomp(L2.x, Z1Precomp, S2 = t4);
-        }
-
-        long[] Z2Precomp = Z2.isOne() ? null : SecT571Field.precompMultiplicand(Z2.x);
-        long[] U1, S1;
-        if (Z2Precomp == null)
-        {
-            U1 = X1.x;
-            S1 = L1.x;
-        }
-        else
-        {
-            SecT571Field.multiplyPrecomp(X1.x, Z2Precomp, U1 = t1);
-            SecT571Field.multiplyPrecomp(L1.x, Z2Precomp, S1 = t3);
-        }
-
-        long[] A = t3;
-        SecT571Field.add(S1, S2, A);
-
-        long[] B = t4;
-        SecT571Field.add(U1, U2, B);
-
-        if (Nat576.isZero64(B))
-        {
-            if (Nat576.isZero64(A))
-            {
-                return twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        SecT571FieldElement X3, L3, Z3;
-        if (X2.isZero())
-        {
-            // TODO This can probably be optimized quite a bit
-            ECPoint p = this.normalize();
-            X1 = (SecT571FieldElement)p.getXCoord();
-            ECFieldElement Y1 = p.getYCoord();
-
-            ECFieldElement Y2 = L2;
-            ECFieldElement L = Y1.add(Y2).divide(X1);
-
-            X3 = (SecT571FieldElement)L.square().add(L).add(X1).addOne();
-            if (X3.isZero())
-            {
-                return new SecT571R1Point(curve, X3, SecT571R1Curve.SecT571R1_B_SQRT, this.withCompression);
-            }
-
-            ECFieldElement Y3 = L.multiply(X1.add(X3)).add(X3).add(Y1);
-            L3 = (SecT571FieldElement)Y3.divide(X3).add(X3);
-            Z3 = (SecT571FieldElement)curve.fromBigInteger(ECConstants.ONE);
-        }
-        else
-        {
-            SecT571Field.square(B, B);
-
-            long[] APrecomp = SecT571Field.precompMultiplicand(A);
-
-            long[] AU1 = t1;
-            long[] AU2 = t2;
-
-            SecT571Field.multiplyPrecomp(U1, APrecomp, AU1);
-            SecT571Field.multiplyPrecomp(U2, APrecomp, AU2);
-
-            X3 = new SecT571FieldElement(t1);
-            SecT571Field.multiply(AU1, AU2, X3.x);
-
-            if (X3.isZero())
-            {
-                return new SecT571R1Point(curve, X3, SecT571R1Curve.SecT571R1_B_SQRT, this.withCompression);
-            }
-
-            Z3 = new SecT571FieldElement(t3);
-            SecT571Field.multiplyPrecomp(B, APrecomp, Z3.x);
-
-            if (Z2Precomp != null)
-            {
-                SecT571Field.multiplyPrecomp(Z3.x, Z2Precomp, Z3.x);
-            }
-
-            long[] tt = Nat576.createExt64();
-
-            SecT571Field.add(AU2, B, t4);
-            SecT571Field.squareAddToExt(t4, tt);
-
-            SecT571Field.add(L1.x, Z1.x, t4);
-            SecT571Field.multiplyAddToExt(t4, Z3.x, tt);
-
-            L3 = new SecT571FieldElement(t4);
-            SecT571Field.reduce(tt, L3.x);
-
-            if (Z1Precomp != null)
-            {
-                SecT571Field.multiplyPrecomp(Z3.x, Z1Precomp, Z3.x);
-            }
-        }
-
-        return new SecT571R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twice()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECCurve curve = this.getCurve();
-
-        SecT571FieldElement X1 = (SecT571FieldElement)this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return curve.getInfinity();
-        }
-
-        SecT571FieldElement L1 = (SecT571FieldElement)this.y, Z1 = (SecT571FieldElement)this.zs[0];
-
-        long[] t1 = Nat576.create64();
-        long[] t2 = Nat576.create64();
-
-        long[] Z1Precomp = Z1.isOne() ? null : SecT571Field.precompMultiplicand(Z1.x);
-        long[] L1Z1, Z1Sq;
-        if (Z1Precomp == null)
-        {
-            L1Z1 = L1.x;
-            Z1Sq = Z1.x;
-        }
-        else
-        {
-            SecT571Field.multiplyPrecomp(L1.x, Z1Precomp, L1Z1 = t1);
-            SecT571Field.square(Z1.x, Z1Sq = t2);
-        }
-
-        long[] T = Nat576.create64();
-        SecT571Field.square(L1.x, T);
-        SecT571Field.addBothTo(L1Z1, Z1Sq, T);
-
-        if (Nat576.isZero64(T))
-        {
-            return new SecT571R1Point(curve, new SecT571FieldElement(T), SecT571R1Curve.SecT571R1_B_SQRT, withCompression);
-        }
-
-        long[] tt = Nat576.createExt64();
-        SecT571Field.multiplyAddToExt(T, L1Z1, tt);
-
-        SecT571FieldElement X3 = new SecT571FieldElement(t1);
-        SecT571Field.square(T, X3.x);
-
-        SecT571FieldElement Z3 = new SecT571FieldElement(T);
-        if (Z1Precomp != null)
-        {
-            SecT571Field.multiply(Z3.x, Z1Sq, Z3.x);
-        }
-
-        long[] X1Z1;
-        if (Z1Precomp == null)
-        {
-            X1Z1 = X1.x;
-        }
-        else
-        {
-            SecT571Field.multiplyPrecomp(X1.x, Z1Precomp, X1Z1 = t2);
-        }
-
-        SecT571Field.squareAddToExt(X1Z1, tt);
-        SecT571Field.reduce(tt, t2);
-        SecT571Field.addBothTo(X3.x, Z3.x, t2);
-        SecT571FieldElement L3 = new SecT571FieldElement(t2);
-
-        return new SecT571R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint twicePlus(ECPoint b)
-    {
-        if (this.isInfinity())
-        {
-            return b;
-        }
-        if (b.isInfinity())
-        {
-            return twice();
-        }
-
-        ECCurve curve = this.getCurve();
-
-        SecT571FieldElement X1 = (SecT571FieldElement)this.x;
-        if (X1.isZero())
-        {
-            // A point with X == 0 is it's own additive inverse
-            return b;
-        }
-
-        SecT571FieldElement X2 = (SecT571FieldElement)b.getRawXCoord(), Z2 = (SecT571FieldElement)b.getZCoord(0);
-        if (X2.isZero() || !Z2.isOne())
-        {
-            return twice().add(b);
-        }
-
-        SecT571FieldElement L1 = (SecT571FieldElement)this.y, Z1 = (SecT571FieldElement)this.zs[0];
-        SecT571FieldElement L2 = (SecT571FieldElement)b.getRawYCoord();
-
-        long[] t1 = Nat576.create64();
-        long[] t2 = Nat576.create64();
-        long[] t3 = Nat576.create64();
-        long[] t4 = Nat576.create64();
-
-        long[] X1Sq = t1;
-        SecT571Field.square(X1.x, X1Sq);
-
-        long[] L1Sq = t2;
-        SecT571Field.square(L1.x, L1Sq);
-
-        long[] Z1Sq = t3;
-        SecT571Field.square(Z1.x, Z1Sq);
-
-        long[] L1Z1 = t4;
-        SecT571Field.multiply(L1.x, Z1.x, L1Z1);
-
-        long[] T = L1Z1;
-        SecT571Field.addBothTo(Z1Sq, L1Sq, T);
-
-        long[] Z1SqPrecomp = SecT571Field.precompMultiplicand(Z1Sq);
-
-        long[] A = t3;
-        SecT571Field.multiplyPrecomp(L2.x, Z1SqPrecomp, A);
-        SecT571Field.add(A, L1Sq, A);
-
-        long[] tt = Nat576.createExt64();
-        SecT571Field.multiplyAddToExt(A, T, tt);
-        SecT571Field.multiplyPrecompAddToExt(X1Sq, Z1SqPrecomp, tt);
-        SecT571Field.reduce(tt, A);
-
-        long[] X2Z1Sq = t1;
-        SecT571Field.multiplyPrecomp(X2.x, Z1SqPrecomp, X2Z1Sq);
-
-        long[] B = t2;
-        SecT571Field.add(X2Z1Sq, T, B);
-        SecT571Field.square(B, B);
-
-        if (Nat576.isZero64(B))
-        {
-            if (Nat576.isZero64(A))
-            {
-                return b.twice();
-            }
-
-            return curve.getInfinity();
-        }
-
-        if (Nat576.isZero64(A))
-        {
-            return new SecT571R1Point(curve, new SecT571FieldElement(A), SecT571R1Curve.SecT571R1_B_SQRT, withCompression);
-        }
-
-        SecT571FieldElement X3 = new SecT571FieldElement();
-        SecT571Field.square(A, X3.x);
-        SecT571Field.multiply(X3.x, X2Z1Sq, X3.x);
-
-        SecT571FieldElement Z3 = new SecT571FieldElement(t1);
-        SecT571Field.multiply(A, B, Z3.x);
-        SecT571Field.multiplyPrecomp(Z3.x, Z1SqPrecomp, Z3.x);
-
-        SecT571FieldElement L3 = new SecT571FieldElement(t2);
-        SecT571Field.add(A, B, L3.x);
-        SecT571Field.square(L3.x, L3.x);
-
-        Nat.zero64(18, tt);
-        SecT571Field.multiplyAddToExt(L3.x, T, tt);
-        SecT571Field.addOne(L2.x, t4);
-        SecT571Field.multiplyAddToExt(t4, Z3.x, tt);
-        SecT571Field.reduce(tt, L3.x);
-
-        return new SecT571R1Point(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
-    }
-
-    public ECPoint negate()
-    {
-        if (this.isInfinity())
-        {
-            return this;
-        }
-
-        ECFieldElement X = this.x;
-        if (X.isZero())
-        {
-            return this;
-        }
-
-        // L is actually Lambda (X + Y/X) here
-        ECFieldElement L = this.y, Z = this.zs[0];
-        return new SecT571R1Point(curve, X, L.add(Z), new ECFieldElement[]{ Z }, this.withCompression);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/package.html b/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/package.html
deleted file mode 100644
index bb2845c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/custom/sec/package.html
+++ /dev/null

@@ -1,6 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Custom implementations of (most of) the curves over Fp from the SEC specification. Uses the new "raw" math classes
-in place of BigInteger, and includes customized modular reductions taking advantage of the special forms of the primes.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/package.html b/bcprov/src/main/java/org/bouncycastle/math/ec/package.html
deleted file mode 100644
index a02605b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Math support for Elliptic Curve.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/rfc7748/X25519.java b/bcprov/src/main/java/org/bouncycastle/math/ec/rfc7748/X25519.java
deleted file mode 100644
index fb69601..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/rfc7748/X25519.java
+++ /dev/null

@@ -1,162 +0,0 @@
-package org.bouncycastle.math.ec.rfc7748;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.math.ec.rfc8032.Ed25519;
-import org.bouncycastle.util.Arrays;
-
-public abstract class X25519
-{
-    public static class Friend
-    {
-        private static final Friend INSTANCE = new Friend();
-        private Friend() {}
-    }
-
-    public static final int POINT_SIZE = 32;
-    public static final int SCALAR_SIZE = 32;
-
-    private static final int C_A = 486662;
-    private static final int C_A24 = (C_A + 2)/4;
-
-//    private static final int[] SQRT_NEG_486664 = { 0x03457E06, 0x03812ABF, 0x01A82CC6, 0x028A5BE8, 0x018B43A7,
-//        0x03FC4F7E, 0x02C23700, 0x006BBD27, 0x03A30500, 0x001E4DDB };
-
-    public static boolean calculateAgreement(byte[] k, int kOff, byte[] u, int uOff, byte[] r, int rOff)
-    {
-        scalarMult(k, kOff, u, uOff, r, rOff);
-        return !Arrays.areAllZeroes(r, rOff, POINT_SIZE);
-    }
-
-    private static int decode32(byte[] bs, int off)
-    {
-        int n = bs[off] & 0xFF;
-        n |= (bs[++off] & 0xFF) << 8;
-        n |= (bs[++off] & 0xFF) << 16;
-        n |=  bs[++off]         << 24;
-        return n;
-    }
-
-    private static void decodeScalar(byte[] k, int kOff, int[] n)
-    {
-        for (int i = 0; i < 8; ++i)
-        {
-            n[i] = decode32(k, kOff + i * 4);
-        }
-
-        n[0] &= 0xFFFFFFF8;
-        n[7] &= 0x7FFFFFFF;
-        n[7] |= 0x40000000;
-    }
-
-    public static void generatePrivateKey(SecureRandom random, byte[] k)
-    {
-        random.nextBytes(k);
-
-        k[0] &= 0xF8;
-        k[SCALAR_SIZE - 1] &= 0x7F;
-        k[SCALAR_SIZE - 1] |= 0x40;
-    }
-
-    public static void generatePublicKey(byte[] k, int kOff, byte[] r, int rOff)
-    {
-        scalarMultBase(k, kOff, r, rOff);
-    }
-
-    private static void pointDouble(int[] x, int[] z)
-    {
-        int[] A = X25519Field.create();
-        int[] B = X25519Field.create();
-
-        X25519Field.apm(x, z, A, B);
-        X25519Field.sqr(A, A);
-        X25519Field.sqr(B, B);
-        X25519Field.mul(A, B, x);
-        X25519Field.sub(A, B, A);
-        X25519Field.mul(A, C_A24, z);
-        X25519Field.add(z, B, z);
-        X25519Field.mul(z, A, z);
-    }
-
-    public static void precompute()
-    {
-        Ed25519.precompute();
-    }
-
-    public static void scalarMult(byte[] k, int kOff, byte[] u, int uOff, byte[] r, int rOff)
-    {
-        int[] n = new int[8];   decodeScalar(k, kOff, n);
-
-        int[] x1 = X25519Field.create();        X25519Field.decode(u, uOff, x1);
-        int[] x2 = X25519Field.create();        X25519Field.copy(x1, 0, x2, 0);
-        int[] z2 = X25519Field.create();        z2[0] = 1;
-        int[] x3 = X25519Field.create();        x3[0] = 1;
-        int[] z3 = X25519Field.create();
-
-        int[] t1 = X25519Field.create();
-        int[] t2 = X25519Field.create();
-
-//        assert n[7] >>> 30 == 1;
-
-        int bit = 254, swap = 1;
-        do
-        {
-            X25519Field.apm(x3, z3, t1, x3);
-            X25519Field.apm(x2, z2, z3, x2);
-            X25519Field.mul(t1, x2, t1);
-            X25519Field.mul(x3, z3, x3);
-            X25519Field.sqr(z3, z3);
-            X25519Field.sqr(x2, x2);
-
-            X25519Field.sub(z3, x2, t2);
-            X25519Field.mul(t2, C_A24, z2);
-            X25519Field.add(z2, x2, z2);
-            X25519Field.mul(z2, t2, z2);
-            X25519Field.mul(x2, z3, x2);
-
-            X25519Field.apm(t1, x3, x3, z3);
-            X25519Field.sqr(x3, x3);
-            X25519Field.sqr(z3, z3);
-            X25519Field.mul(z3, x1, z3);
-
-            --bit;
-
-            int word = bit >>> 5, shift = bit & 0x1F;
-            int kt = (n[word] >>> shift) & 1;
-            swap ^= kt;
-            X25519Field.cswap(swap, x2, x3);
-            X25519Field.cswap(swap, z2, z3);
-            swap = kt;
-        }
-        while (bit >= 3);
-
-//        assert swap == 0;
-
-        for (int i = 0; i < 3; ++i)
-        {
-            pointDouble(x2, z2);
-        }
-
-        X25519Field.inv(z2, z2);
-        X25519Field.mul(x2, z2, x2);
-
-        X25519Field.normalize(x2);
-        X25519Field.encode(x2, r, rOff);
-    }
-
-    public static void scalarMultBase(byte[] k, int kOff, byte[] r, int rOff)
-    {
-        int[] y = X25519Field.create();
-        int[] z = X25519Field.create();
-
-        Ed25519.scalarMultBaseYZ(Friend.INSTANCE, k, kOff, y, z);
-
-        X25519Field.apm(z, y, y, z);
-
-        X25519Field.inv(z, z);
-        X25519Field.mul(y, z, y);
-
-        X25519Field.normalize(y);
-        X25519Field.encode(y, r, rOff);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/rfc7748/X25519Field.java b/bcprov/src/main/java/org/bouncycastle/math/ec/rfc7748/X25519Field.java
deleted file mode 100644
index 69f2bd3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/rfc7748/X25519Field.java
+++ /dev/null

@@ -1,634 +0,0 @@
-package org.bouncycastle.math.ec.rfc7748;
-
-public abstract class X25519Field
-{
-    public static final int SIZE = 10;
-
-    private static final int M24 = 0x00FFFFFF;
-    private static final int M25 = 0x01FFFFFF;
-    private static final int M26 = 0x03FFFFFF;
-
-    private static final int[] ROOT_NEG_ONE = new int[]{ 0x020EA0B0, 0x0386C9D2, 0x00478C4E, 0x0035697F, 0x005E8630,
-        0x01FBD7A7, 0x0340264F, 0x01F0B2B4, 0x00027E0E, 0x00570649 };
-
-    private X25519Field() {}
-
-    public static void add(int[] x, int[] y, int[] z)
-    {
-        for (int i = 0; i < SIZE; ++i)
-        {
-            z[i] = x[i] + y[i];
-        }
-    }
-
-    public static void addOne(int[] z)
-    {
-        z[0] += 1;
-    }
-
-    public static void addOne(int[] z, int zOff)
-    {
-        z[zOff] += 1;
-    }
-
-    public static void apm(int[] x, int[] y, int[] zp, int[] zm)
-    {
-        for (int i = 0; i < SIZE; ++i)
-        {
-            int xi = x[i], yi = y[i];
-            zp[i] = xi + yi;
-            zm[i] = xi - yi;
-        }
-    }
-
-    public static void carry(int[] z)
-    {
-        int z0 = z[0], z1 = z[1], z2 = z[2], z3 = z[3], z4 = z[4];
-        int z5 = z[5], z6 = z[6], z7 = z[7], z8 = z[8], z9 = z[9];
-
-        z3 += (z2 >> 25); z2 &= M25;
-        z5 += (z4 >> 25); z4 &= M25;
-        z8 += (z7 >> 25); z7 &= M25;
-//        z0 += (z9 >> 24) * 19; z9 &= M24;
-        z0 += (z9 >> 25) * 38; z9 &= M25;
-
-        z1 += (z0 >> 26); z0 &= M26;
-        z6 += (z5 >> 26); z5 &= M26;
-
-        z2 += (z1 >> 26); z1 &= M26;
-        z4 += (z3 >> 26); z3 &= M26;
-        z7 += (z6 >> 26); z6 &= M26;
-        z9 += (z8 >> 26); z8 &= M26;
-
-        z[0] = z0; z[1] = z1; z[2] = z2; z[3] = z3; z[4] = z4;
-        z[5] = z5; z[6] = z6; z[7] = z7; z[8] = z8; z[9] = z9;
-    }
-
-    public static void cnegate(int negate, int[] z)
-    {
-//      assert negate >>> 1 == 0;
-
-        int mask = 0 - negate;
-        for (int i = 0; i < SIZE; ++i)
-        {
-            z[i] = (z[i] ^ mask) - mask;
-        }
-    }
-
-    public static void copy(int[] x, int xOff, int[] z, int zOff)
-    {
-        for (int i = 0; i < SIZE; ++i)
-        {
-            z[zOff + i] = x[xOff + i];
-        }
-    }
-
-    public static int[] create()
-    {
-        return new int[SIZE];
-    }
-
-    public static int[] createTable(int n)
-    {
-        return new int[SIZE * n];
-    }
-
-    public static void cswap(int swap, int[] a, int[] b)
-    {
-//        assert swap >>> 1 == 0;
-//        assert a != b;
-
-        int mask = 0 - swap;
-        for (int i = 0; i < SIZE; ++i)
-        {
-            int ai = a[i], bi = b[i];
-            int dummy = mask & (ai ^ bi);
-            a[i] = ai ^ dummy; 
-            b[i] = bi ^ dummy; 
-        }
-    }
-
-    public static void decode(byte[] x, int xOff, int[] z)
-    {
-        decode128(x, xOff, z, 0);
-        decode128(x, xOff + 16, z, 5);
-        z[9] &= M24;
-    }
-
-    private static void decode128(byte[] bs, int off, int[] z, int zOff)
-    {
-        int t0 = decode32(bs, off + 0);
-        int t1 = decode32(bs, off + 4);
-        int t2 = decode32(bs, off + 8);
-        int t3 = decode32(bs, off + 12);
-
-        z[zOff + 0] = t0 & M26;
-        z[zOff + 1] = ((t1 <<  6) | (t0 >>> 26)) & M26;
-        z[zOff + 2] = ((t2 << 12) | (t1 >>> 20)) & M25;
-        z[zOff + 3] = ((t3 << 19) | (t2 >>> 13)) & M26;
-        z[zOff + 4] = t3 >>> 7;
-    }
-
-    private static int decode32(byte[] bs, int off)
-    {
-        int n = bs[off] & 0xFF;
-        n |= (bs[++off] & 0xFF) << 8;
-        n |= (bs[++off] & 0xFF) << 16;
-        n |=  bs[++off]         << 24;
-        return n;
-    }
-
-    public static void encode(int[] x, byte[] z, int zOff)
-    {
-        encode128(x, 0, z, zOff);
-        encode128(x, 5, z, zOff + 16);
-    }
-
-    private static void encode128(int[] x, int xOff, byte[] bs, int off)
-    {
-        int x0 = x[xOff + 0], x1 = x[xOff + 1], x2 = x[xOff + 2], x3 = x[xOff + 3], x4 = x[xOff + 4];
-
-        int t0 =  x0         | (x1 << 26);  encode32(t0, bs, off + 0);
-        int t1 = (x1 >>>  6) | (x2 << 20);  encode32(t1, bs, off + 4);
-        int t2 = (x2 >>> 12) | (x3 << 13);  encode32(t2, bs, off + 8);
-        int t3 = (x3 >>> 19) | (x4 <<  7);  encode32(t3, bs, off + 12);
-    }
-
-    private static void encode32(int n, byte[] bs, int off)
-    {
-        bs[  off] = (byte)(n       );
-        bs[++off] = (byte)(n >>>  8);
-        bs[++off] = (byte)(n >>> 16);
-        bs[++off] = (byte)(n >>> 24);
-    }
-
-    public static void inv(int[] x, int[] z)
-    {
-        // z = x^(p-2) = x^7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEB
-        // (250 1s) (1 0s) (1 1s) (1 0s) (2 1s)
-        // Addition chain: [1] [2] 3 5 10 15 25 50 75 125 [250]
-
-        int[] x2 = create();
-        int[] t = create();
-        powPm5d8(x, x2, t);
-        sqr(t, 3, t);
-        mul(t, x2, z);
-    }
-
-    public static boolean isZeroVar(int[] x)
-    {
-        int d = 0;
-        for (int i = 0; i < SIZE; ++i)
-        {
-            d |= x[i];
-        }
-        return d == 0;
-    }
-
-    public static void mul(int[] x, int y, int[] z)
-    {
-        int x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3], x4 = x[4];
-        int x5 = x[5], x6 = x[6], x7 = x[7], x8 = x[8], x9 = x[9];
-        long c0, c1, c2, c3;
-
-        c0  = (long)x2 * y; x2 = (int)c0 & M25; c0 >>= 25;
-        c1  = (long)x4 * y; x4 = (int)c1 & M25; c1 >>= 25;
-        c2  = (long)x7 * y; x7 = (int)c2 & M25; c2 >>= 25;
-//        c3  = (long)x9 * y; x9 = (int)c3 & M24; c3 >>= 24;
-//        c3 *= 19;
-        c3  = (long)x9 * y; x9 = (int)c3 & M25; c3 >>= 25;
-        c3 *= 38;
-
-        c3 += (long)x0 * y; z[0] = (int)c3 & M26; c3 >>= 26;
-        c1 += (long)x5 * y; z[5] = (int)c1 & M26; c1 >>= 26;
-
-        c3 += (long)x1 * y; z[1] = (int)c3 & M26; c3 >>= 26;
-        c0 += (long)x3 * y; z[3] = (int)c0 & M26; c0 >>= 26;
-        c1 += (long)x6 * y; z[6] = (int)c1 & M26; c1 >>= 26;
-        c2 += (long)x8 * y; z[8] = (int)c2 & M26; c2 >>= 26;
-
-        z[2] = x2 + (int)c3;
-        z[4] = x4 + (int)c0;
-        z[7] = x7 + (int)c1;
-        z[9] = x9 + (int)c2;
-    }
-
-    public static void mul(int[] x, int[] y, int[] z)
-    {
-        int x0 = x[0], y0 = y[0];
-        int x1 = x[1], y1 = y[1];
-        int x2 = x[2], y2 = y[2];
-        int x3 = x[3], y3 = y[3];
-        int x4 = x[4], y4 = y[4];
-
-        int u0 = x[5], v0 = y[5];
-        int u1 = x[6], v1 = y[6];
-        int u2 = x[7], v2 = y[7];
-        int u3 = x[8], v3 = y[8];
-        int u4 = x[9], v4 = y[9];
-
-        long a0  = (long)x0 * y0;
-        long a1  = (long)x0 * y1
-                 + (long)x1 * y0;
-        long a2  = (long)x0 * y2
-                 + (long)x1 * y1
-                 + (long)x2 * y0;
-        long a3  = (long)x1 * y2
-                 + (long)x2 * y1;
-        a3     <<= 1;
-        a3      += (long)x0 * y3
-                 + (long)x3 * y0;
-        long a4  = (long)x2 * y2;
-        a4     <<= 1;
-        a4      += (long)x0 * y4
-                 + (long)x1 * y3
-                 + (long)x3 * y1
-                 + (long)x4 * y0;
-        long a5  = (long)x1 * y4
-                 + (long)x2 * y3
-                 + (long)x3 * y2
-                 + (long)x4 * y1;
-        a5     <<= 1;
-        long a6  = (long)x2 * y4
-                 + (long)x4 * y2;
-        a6     <<= 1;
-        a6      += (long)x3 * y3;
-        long a7  = (long)x3 * y4
-                 + (long)x4 * y3;
-        long a8  = (long)x4 * y4;
-        a8     <<= 1;
-
-        long b0  = (long)u0 * v0;
-        long b1  = (long)u0 * v1
-                 + (long)u1 * v0;
-        long b2  = (long)u0 * v2
-                 + (long)u1 * v1
-                 + (long)u2 * v0;
-        long b3  = (long)u1 * v2
-                 + (long)u2 * v1;
-        b3     <<= 1;
-        b3      += (long)u0 * v3
-                 + (long)u3 * v0;
-        long b4  = (long)u2 * v2;
-        b4     <<= 1;
-        b4      += (long)u0 * v4
-                 + (long)u1 * v3
-                 + (long)u3 * v1
-                 + (long)u4 * v0;
-        long b5  = (long)u1 * v4
-                 + (long)u2 * v3
-                 + (long)u3 * v2
-                 + (long)u4 * v1;
-//        b5     <<= 1;
-        long b6  = (long)u2 * v4
-                 + (long)u4 * v2;
-        b6     <<= 1;
-        b6      += (long)u3 * v3;
-        long b7  = (long)u3 * v4
-                 + (long)u4 * v3;
-        long b8  = (long)u4 * v4;
-//        b8     <<= 1;
-
-        a0 -= b5 * 76;
-        a1 -= b6 * 38;
-        a2 -= b7 * 38;
-        a3 -= b8 * 76;
-
-        a5 -= b0;
-        a6 -= b1;
-        a7 -= b2;
-        a8 -= b3;
-//        long a9 = -b4;
-
-        x0 += u0; y0 += v0;
-        x1 += u1; y1 += v1;
-        x2 += u2; y2 += v2;
-        x3 += u3; y3 += v3;
-        x4 += u4; y4 += v4;
-
-        long c0  = (long)x0 * y0;
-        long c1  = (long)x0 * y1
-                 + (long)x1 * y0;
-        long c2  = (long)x0 * y2
-                 + (long)x1 * y1
-                 + (long)x2 * y0;
-        long c3  = (long)x1 * y2
-                 + (long)x2 * y1;
-        c3     <<= 1;
-        c3      += (long)x0 * y3
-                 + (long)x3 * y0;
-        long c4  = (long)x2 * y2;
-        c4     <<= 1;
-        c4      += (long)x0 * y4
-                 + (long)x1 * y3
-                 + (long)x3 * y1
-                 + (long)x4 * y0;
-        long c5  = (long)x1 * y4
-                 + (long)x2 * y3
-                 + (long)x3 * y2
-                 + (long)x4 * y1;
-        c5     <<= 1;
-        long c6  = (long)x2 * y4
-                 + (long)x4 * y2;
-        c6     <<= 1;
-        c6      += (long)x3 * y3;
-        long c7  = (long)x3 * y4
-                 + (long)x4 * y3;
-        long c8  = (long)x4 * y4;
-        c8     <<= 1;
-
-        int z8, z9;
-        long t;
-
-        t        = a8 + (c3 - a3);
-        z8       = (int)t & M26; t >>= 26;
-//        t       += a9 + (c4 - a4);
-        t       +=      (c4 - a4) - b4;
-//        z9       = (int)t & M24; t >>= 24;
-//        t        = a0 + (t + ((c5 - a5) << 1)) * 19;
-        z9       = (int)t & M25; t >>= 25;
-        t        = a0 + (t + c5 - a5) * 38;
-        z[0]     = (int)t & M26; t >>= 26;
-        t       += a1 + (c6 - a6) * 38;
-        z[1]     = (int)t & M26; t >>= 26;
-        t       += a2 + (c7 - a7) * 38;
-        z[2]     = (int)t & M25; t >>= 25;
-        t       += a3 + (c8 - a8) * 38;
-        z[3]     = (int)t & M26; t >>= 26;
-//        t       += a4 - a9 * 38;
-        t       += a4 + b4 * 38;
-        z[4]     = (int)t & M25; t >>= 25;
-        t       += a5 + (c0 - a0);
-        z[5]     = (int)t & M26; t >>= 26;
-        t       += a6 + (c1 - a1);
-        z[6]     = (int)t & M26; t >>= 26;
-        t       += a7 + (c2 - a2);
-        z[7]     = (int)t & M25; t >>= 25;
-        t       += z8;
-        z[8]     = (int)t & M26; t >>= 26;
-        z[9]     = z9 + (int)t;
-    }
-
-    public static void negate(int[] x, int[] z)
-    {
-        for (int i = 0; i < SIZE; ++i)
-        {
-            z[i] = -x[i];
-        }
-    }
-
-    public static void normalize(int[] z)
-    {
-        int x = ((z[9] >>> 23) & 1);
-        reduce(z, x);
-        reduce(z, -x);
-//        assert z[9] >>> 24 == 0;
-    }
-
-    public static void one(int[] z)
-    {
-        z[0] = 1;
-        for (int i = 1; i < SIZE; ++i)
-        {
-            z[i] = 0;
-        }
-    }
-
-    private static void powPm5d8(int[] x, int[] rx2, int[] rz)
-    {
-        // z = x^((p-5)/8) = x^FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFD
-        // (250 1s) (1 0s) (1 1s)
-        // Addition chain: [1] 2 3 5 10 15 25 50 75 125 [250]
-
-        int[] x2 = rx2;         sqr(x, x2);             mul(x, x2, x2);
-        int[] x3 = create();    sqr(x2, x3);            mul(x, x3, x3);
-        int[] x5 = x3;          sqr(x3, 2, x5);         mul(x2, x5, x5);
-        int[] x10 = create();   sqr(x5, 5, x10);        mul(x5, x10, x10);
-        int[] x15 = create();   sqr(x10, 5, x15);       mul(x5, x15, x15);
-        int[] x25 = x5;         sqr(x15, 10, x25);      mul(x10, x25, x25);
-        int[] x50 = x10;        sqr(x25, 25, x50);      mul(x25, x50, x50);
-        int[] x75 = x15;        sqr(x50, 25, x75);      mul(x25, x75, x75);
-        int[] x125 = x25;       sqr(x75, 50, x125);     mul(x50, x125, x125);
-        int[] x250 = x50;       sqr(x125, 125, x250);   mul(x125, x250, x250);
-
-        int[] t = x125;
-        sqr(x250, 2, t);
-        mul(t, x, rz);
-    }
-
-    private static void reduce(int[] z, int c)
-    {
-        int z9 = z[9], t = z9;
-                   z9   = t & M24; t >>= 24;
-        t += c;
-        t *= 19;
-        t += z[0]; z[0] = t & M26; t >>= 26;
-        t += z[1]; z[1] = t & M26; t >>= 26;
-        t += z[2]; z[2] = t & M25; t >>= 25;
-        t += z[3]; z[3] = t & M26; t >>= 26;
-        t += z[4]; z[4] = t & M25; t >>= 25;
-        t += z[5]; z[5] = t & M26; t >>= 26;
-        t += z[6]; z[6] = t & M26; t >>= 26;
-        t += z[7]; z[7] = t & M25; t >>= 25;
-        t += z[8]; z[8] = t & M26; t >>= 26;
-        t += z9;   z[9] = t;
-    }
-
-    public static void sqr(int[] x, int[] z)
-    {
-        int x0 = x[0];
-        int x1 = x[1];
-        int x2 = x[2];
-        int x3 = x[3];
-        int x4 = x[4];
-
-        int u0 = x[5];
-        int u1 = x[6];
-        int u2 = x[7];
-        int u3 = x[8];
-        int u4 = x[9];
-
-        int x1_2 = x1 * 2;
-        int x2_2 = x2 * 2;
-        int x3_2 = x3 * 2;
-        int x4_2 = x4 * 2;
-
-        long a0  = (long)x0 * x0;
-        long a1  = (long)x0 * x1_2;
-        long a2  = (long)x0 * x2_2
-                 + (long)x1 * x1;
-        long a3  = (long)x1_2 * x2_2
-                 + (long)x0 * x3_2;
-        long a4  = (long)x2 * x2_2
-                 + (long)x0 * x4_2
-                 + (long)x1 * x3_2;
-        long a5  = (long)x1_2 * x4_2
-                 + (long)x2_2 * x3_2;
-        long a6  = (long)x2_2 * x4_2
-                 + (long)x3 * x3;
-        long a7  = (long)x3 * x4_2;
-        long a8  = (long)x4 * x4_2;
-
-        int u1_2 = u1 * 2;
-        int u2_2 = u2 * 2;
-        int u3_2 = u3 * 2;
-        int u4_2 = u4 * 2;
-        
-        long b0  = (long)u0 * u0;
-        long b1  = (long)u0 * u1_2;
-        long b2  = (long)u0 * u2_2
-                 + (long)u1 * u1;
-        long b3  = (long)u1_2 * u2_2
-                 + (long)u0 * u3_2;
-        long b4  = (long)u2 * u2_2
-                 + (long)u0 * u4_2
-                 + (long)u1 * u3_2;
-        long b5  = (long)u1_2 * u4_2
-                 + (long)u2_2 * u3_2;
-        long b6  = (long)u2_2 * u4_2
-                 + (long)u3 * u3;
-        long b7  = (long)u3 * u4_2;
-        long b8  = (long)u4 * u4_2;
-
-        a0 -= b5 * 38;
-        a1 -= b6 * 38;
-        a2 -= b7 * 38;
-        a3 -= b8 * 38;
-
-        a5 -= b0;
-        a6 -= b1;
-        a7 -= b2;
-        a8 -= b3;
-//        long a9 = -b4;
-
-        x0 += u0;
-        x1 += u1;
-        x2 += u2;
-        x3 += u3;
-        x4 += u4;
-
-        x1_2 = x1 * 2;
-        x2_2 = x2 * 2;
-        x3_2 = x3 * 2;
-        x4_2 = x4 * 2;
-
-        long c0  = (long)x0 * x0;
-        long c1  = (long)x0 * x1_2;
-        long c2  = (long)x0 * x2_2
-                 + (long)x1 * x1;
-        long c3  = (long)x1_2 * x2_2
-                 + (long)x0 * x3_2;
-        long c4  = (long)x2 * x2_2
-                 + (long)x0 * x4_2
-                 + (long)x1 * x3_2;
-        long c5  = (long)x1_2 * x4_2
-                 + (long)x2_2 * x3_2;
-        long c6  = (long)x2_2 * x4_2
-                 + (long)x3 * x3;
-        long c7  = (long)x3 * x4_2;
-        long c8  = (long)x4 * x4_2;
-
-        int z8, z9;
-        long t;
-
-        t        = a8 + (c3 - a3);
-        z8       = (int)t & M26; t >>= 26;
-//        t       += a9 + (c4 - a4);
-        t       +=      (c4 - a4) - b4;
-//        z9       = (int)t & M24; t >>= 24;
-//        t        = a0 + (t + ((c5 - a5) << 1)) * 19;
-        z9       = (int)t & M25; t >>= 25;
-        t        = a0 + (t + c5 - a5) * 38;
-        z[0]     = (int)t & M26; t >>= 26;
-        t       += a1 + (c6 - a6) * 38;
-        z[1]     = (int)t & M26; t >>= 26;
-        t       += a2 + (c7 - a7) * 38;
-        z[2]     = (int)t & M25; t >>= 25;
-        t       += a3 + (c8 - a8) * 38;
-        z[3]     = (int)t & M26; t >>= 26;
-//        t       += a4 - a9 * 38;
-        t       += a4 + b4 * 38;
-        z[4]     = (int)t & M25; t >>= 25;
-        t       += a5 + (c0 - a0);
-        z[5]     = (int)t & M26; t >>= 26;
-        t       += a6 + (c1 - a1);
-        z[6]     = (int)t & M26; t >>= 26;
-        t       += a7 + (c2 - a2);
-        z[7]     = (int)t & M25; t >>= 25;
-        t       += z8;
-        z[8]     = (int)t & M26; t >>= 26;
-        z[9]     = z9 + (int)t;
-    }
-
-    public static void sqr(int[] x, int n, int[] z)
-    {
-//        assert n > 0;
-
-        sqr(x, z);
-
-        while (--n > 0)
-        {
-            sqr(z, z);
-        }
-    }
-
-    public static boolean sqrtRatioVar(int[] u, int[] v, int[] z)
-    {
-        int[] uv3 = create();
-        int[] uv7 = create();
-
-        mul(u, v, uv3);
-        sqr(v, uv7);
-        mul(uv3, uv7, uv3);
-        sqr(uv7, uv7);
-        mul(uv7, uv3, uv7);
-
-        int[] t = create();
-        int[] x = create();
-        powPm5d8(uv7, t, x);
-        mul(x, uv3, x);
-
-        int[] vx2 = create();
-        sqr(x, vx2);
-        mul(vx2, v, vx2);
-
-        sub(vx2, u, t);
-        normalize(t);
-        if (isZeroVar(t))
-        {
-            copy(x, 0, z, 0);
-            return true;
-        }
-
-        add(vx2, u, t);
-        normalize(t);
-        if (isZeroVar(t))
-        {
-            mul(x, ROOT_NEG_ONE, z);
-            return true;
-        }
-
-        return false;
-    }
-
-    public static void sub(int[] x, int[] y, int[] z)
-    {
-        for (int i = 0; i < SIZE; ++i)
-        {
-            z[i] = x[i] - y[i];
-        }
-    }
-
-    public static void subOne(int[] z)
-    {
-        z[0] -= 1;
-    }
-
-    public static void zero(int[] z)
-    {
-        for (int i = 0; i < SIZE; ++i)
-        {
-            z[i] = 0;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/rfc7748/X448.java b/bcprov/src/main/java/org/bouncycastle/math/ec/rfc7748/X448.java
deleted file mode 100644
index dda38b8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/rfc7748/X448.java
+++ /dev/null

@@ -1,169 +0,0 @@
-package org.bouncycastle.math.ec.rfc7748;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.math.ec.rfc8032.Ed448;
-import org.bouncycastle.util.Arrays;
-
-public abstract class X448
-{
-    public static class Friend
-    {
-        private static final Friend INSTANCE = new Friend();
-        private Friend() {}
-    }
-
-    public static final int POINT_SIZE = 56;
-    public static final int SCALAR_SIZE = 56;
-
-    private static final int C_A = 156326;
-    private static final int C_A24 = (C_A + 2)/4;
-
-//    private static final int[] SQRT_156324 = { 0x0551B193, 0x07A21E17, 0x0E635AD3, 0x00812ABB, 0x025B3F99, 0x01605224,
-//        0x0AF8CB32, 0x0D2E7D68, 0x06BA50FD, 0x08E55693, 0x0CB08EB4, 0x02ABEBC1, 0x051BA0BB, 0x02F8812E, 0x0829B611,
-//        0x0BA4D3A0 };
-
-    public static boolean calculateAgreement(byte[] k, int kOff, byte[] u, int uOff, byte[] r, int rOff)
-    {
-        scalarMult(k, kOff, u, uOff, r, rOff);
-        return !Arrays.areAllZeroes(r, rOff, POINT_SIZE);
-    }
-
-    private static int decode32(byte[] bs, int off)
-    {
-        int n = bs[  off] & 0xFF;
-        n |= (bs[++off] & 0xFF) << 8;
-        n |= (bs[++off] & 0xFF) << 16;
-        n |= bs[++off] << 24;
-        return n;
-    }
-
-    private static void decodeScalar(byte[] k, int kOff, int[] n)
-    {
-        for (int i = 0; i < 14; ++i)
-        {
-            n[i] = decode32(k, kOff + i * 4);
-        }
-
-        n[ 0] &= 0xFFFFFFFC;
-        n[13] |= 0x80000000;
-    }
-
-    public static void generatePrivateKey(SecureRandom random, byte[] k)
-    {
-        random.nextBytes(k);
-
-        k[0] &= 0xFC;
-        k[SCALAR_SIZE - 1] |= 0x80;
-    }
-
-    public static void generatePublicKey(byte[] k, int kOff, byte[] r, int rOff)
-    {
-        scalarMultBase(k, kOff, r, rOff);
-    }
-
-    private static void pointDouble(int[] x, int[] z)
-    {
-        int[] A = X448Field.create();
-        int[] B = X448Field.create();
-
-//        X448Field.apm(x, z, A, B);
-        X448Field.add(x, z, A);
-        X448Field.sub(x, z, B);
-        X448Field.sqr(A, A);
-        X448Field.sqr(B, B);
-        X448Field.mul(A, B, x);
-        X448Field.sub(A, B, A);
-        X448Field.mul(A, C_A24, z);
-        X448Field.add(z, B, z);
-        X448Field.mul(z, A, z);
-    }
-
-    public static void precompute()
-    {
-        Ed448.precompute();
-    }
-
-    public static void scalarMult(byte[] k, int kOff, byte[] u, int uOff, byte[] r, int rOff)
-    {
-        int[] n = new int[14];  decodeScalar(k, kOff, n);
-
-        int[] x1 = X448Field.create();        X448Field.decode(u, uOff, x1);
-        int[] x2 = X448Field.create();        X448Field.copy(x1, 0, x2, 0);
-        int[] z2 = X448Field.create();        z2[0] = 1;
-        int[] x3 = X448Field.create();        x3[0] = 1;
-        int[] z3 = X448Field.create();
-
-        int[] t1 = X448Field.create();
-        int[] t2 = X448Field.create();
-
-//        assert n[13] >>> 31 == 1;
-
-        int bit = 447, swap = 1;
-        do
-        {
-//            X448Field.apm(x3, z3, t1, x3);
-            X448Field.add(x3, z3, t1);
-            X448Field.sub(x3, z3, x3);
-//            X448Field.apm(x2, z2, z3, x2);
-            X448Field.add(x2, z2, z3);
-            X448Field.sub(x2, z2, x2);
-
-            X448Field.mul(t1, x2, t1);
-            X448Field.mul(x3, z3, x3);
-            X448Field.sqr(z3, z3);
-            X448Field.sqr(x2, x2);
-
-            X448Field.sub(z3, x2, t2);
-            X448Field.mul(t2, C_A24, z2);
-            X448Field.add(z2, x2, z2);
-            X448Field.mul(z2, t2, z2);
-            X448Field.mul(x2, z3, x2);
-
-//            X448Field.apm(t1, x3, x3, z3);
-            X448Field.sub(t1, x3, z3);
-            X448Field.add(t1, x3, x3);
-            X448Field.sqr(x3, x3);
-            X448Field.sqr(z3, z3);
-            X448Field.mul(z3, x1, z3);
-
-            --bit;
-
-            int word = bit >>> 5, shift = bit & 0x1F;
-            int kt = (n[word] >>> shift) & 1;
-            swap ^= kt;
-            X448Field.cswap(swap, x2, x3);
-            X448Field.cswap(swap, z2, z3);
-            swap = kt;
-        }
-        while (bit >= 2);
-
-//        assert swap == 0;
-
-        for (int i = 0; i < 2; ++i)
-        {
-            pointDouble(x2, z2);
-        }
-
-        X448Field.inv(z2, z2);
-        X448Field.mul(x2, z2, x2);
-
-        X448Field.normalize(x2);
-        X448Field.encode(x2, r, rOff);
-    }
-
-    public static void scalarMultBase(byte[] k, int kOff, byte[] r, int rOff)
-    {
-        int[] x = X448Field.create();
-        int[] y = X448Field.create();
-
-        Ed448.scalarMultBaseXY(Friend.INSTANCE, k, kOff, x, y);
-
-        X448Field.inv(x, x);
-        X448Field.mul(x, y, x);
-        X448Field.sqr(x, x);
-
-        X448Field.normalize(x);
-        X448Field.encode(x, r, rOff);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/rfc7748/X448Field.java b/bcprov/src/main/java/org/bouncycastle/math/ec/rfc7748/X448Field.java
deleted file mode 100644
index 8d0d14a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/rfc7748/X448Field.java
+++ /dev/null

@@ -1,1008 +0,0 @@
-package org.bouncycastle.math.ec.rfc7748;
-
-import org.bouncycastle.math.raw.Nat;
-
-public abstract class X448Field
-{
-    public static final int SIZE = 16;
-
-    private static final int M28 = 0x0FFFFFFF;
-
-    private X448Field() {}
-
-    public static void add(int[] x, int[] y, int[] z)
-    {
-        for (int i = 0; i < SIZE; ++i)
-        {
-            z[i] = x[i] + y[i];
-        }
-    }
-
-    public static void addOne(int[] z)
-    {
-        z[0] += 1;
-    }
-
-    public static void addOne(int[] z, int zOff)
-    {
-        z[zOff] += 1;
-    }
-
-//    public static void apm(int[] x, int[] y, int[] zp, int[] zm)
-//    {
-//        for (int i = 0; i < SIZE; ++i)
-//        {
-//            int xi = x[i], yi = y[i];
-//            zp[i] = xi + yi;
-//            zm[i] = xi - yi;
-//        }
-//    }
-
-    public static void carry(int[] z)
-    {
-        int z0 = z[0], z1 = z[1], z2 = z[2], z3 = z[3], z4 = z[4], z5 = z[5], z6 = z[6], z7 = z[7];
-        int z8 = z[8], z9 = z[9], z10 = z[10], z11 = z[11], z12 = z[12], z13 = z[13], z14 = z[14], z15 = z[15];
-
-        z2   += (z1 >>> 28); z1 &= M28;
-        z6   += (z5 >>> 28); z5 &= M28;
-        z10  += (z9 >>> 28); z9 &= M28;
-        z14  += (z13 >>> 28); z13 &= M28;
-
-        z3   += (z2 >>> 28); z2 &= M28;
-        z7   += (z6 >>> 28); z6 &= M28;
-        z11  += (z10 >>> 28); z10 &= M28;
-        z15  += (z14 >>> 28); z14 &= M28;
-
-        int t = z15 >>> 28; z15 &= M28;
-        z0   += t;
-        z8   += t;
-
-        z4   += (z3 >>> 28); z3 &= M28;
-        z8   += (z7 >>> 28); z7 &= M28;
-        z12  += (z11 >>> 28); z11 &= M28;
-
-        z1   += (z0 >>> 28); z0 &= M28;
-        z5   += (z4 >>> 28); z4 &= M28;
-        z9   += (z8 >>> 28); z8 &= M28;
-        z13  += (z12 >>> 28); z12 &= M28;
-        
-        z[0] = z0; z[1] = z1; z[2] = z2; z[3] = z3; z[4] = z4; z[5] = z5; z[6] = z6; z[7] = z7;
-        z[8] = z8; z[9] = z9; z[10] = z10; z[11] = z11; z[12] = z12; z[13] = z13; z[14] = z14; z[15] = z15;
-    }
-
-    public static void cnegate(int negate, int[] z)
-    {
-//        assert negate >>> 1 == 0;
-
-        int[] t = create();
-        sub(t, z, t);
-
-        Nat.cmov(SIZE, negate, t, 0, z, 0);
-    }
-
-    public static void copy(int[] x, int xOff, int[] z, int zOff)
-    {
-        for (int i = 0; i < SIZE; ++i)
-        {
-            z[zOff + i] = x[xOff + i];
-        }
-    }
-
-    public static int[] create()
-    {
-        return new int[SIZE];
-    }
-
-    public static int[] createTable(int n)
-    {
-        return new int[SIZE * n];
-    }
-
-    public static void cswap(int swap, int[] a, int[] b)
-    {
-//        assert swap >>> 1 == 0;
-//        assert a != b;
-
-        int mask = 0 - swap;
-        for (int i = 0; i < SIZE; ++i)
-        {
-            int ai = a[i], bi = b[i];
-            int dummy = mask & (ai ^ bi);
-            a[i] = ai ^ dummy; 
-            b[i] = bi ^ dummy; 
-        }
-    }
-
-    public static void decode(byte[] x, int xOff, int[] z)
-    {
-        decode56(x, xOff, z, 0);
-        decode56(x, xOff + 7, z, 2);
-        decode56(x, xOff + 14, z, 4);
-        decode56(x, xOff + 21, z, 6);
-        decode56(x, xOff + 28, z, 8);
-        decode56(x, xOff + 35, z, 10);
-        decode56(x, xOff + 42, z, 12);
-        decode56(x, xOff + 49, z, 14);
-    }
-
-    private static int decode24(byte[] bs, int off)
-    {
-        int n = bs[  off] & 0xFF;
-        n |= (bs[++off] & 0xFF) << 8;
-        n |= (bs[++off] & 0xFF) << 16;
-        return n;
-    }
-
-    private static int decode32(byte[] bs, int off)
-    {
-        int n = bs[  off] & 0xFF;
-        n |= (bs[++off] & 0xFF) << 8;
-        n |= (bs[++off] & 0xFF) << 16;
-        n |= bs[++off] << 24;
-        return n;
-    }
-
-    private static void decode56(byte[] bs, int off, int[] z, int zOff)
-    {
-        int lo = decode32(bs, off);
-        int hi = decode24(bs, off + 4);
-        z[zOff] = lo & M28;
-        z[zOff + 1] = (lo >>> 28) | (hi << 4);
-        
-    }
-
-    public static void encode(int[] x,  byte[] z , int zOff)
-    {
-        encode56(x, 0, z, zOff);
-        encode56(x, 2, z, zOff + 7);
-        encode56(x, 4, z, zOff + 14);
-        encode56(x, 6, z, zOff + 21);
-        encode56(x, 8, z, zOff + 28);
-        encode56(x, 10, z, zOff + 35);
-        encode56(x, 12, z, zOff + 42);
-        encode56(x, 14, z, zOff + 49);
-    }
-
-    private static void encode24(int n, byte[] bs, int off)
-    {
-        bs[  off] = (byte)(n       );
-        bs[++off] = (byte)(n >>>  8);
-        bs[++off] = (byte)(n >>> 16);
-    }
-
-    private static void encode32(int n, byte[] bs, int off)
-    {
-        bs[  off] = (byte)(n       );
-        bs[++off] = (byte)(n >>>  8);
-        bs[++off] = (byte)(n >>> 16);
-        bs[++off] = (byte)(n >>> 24);
-    }
-
-    private static void encode56(int[] x, int xOff, byte[] bs, int off)
-    {
-        int lo = x[xOff], hi = x[xOff + 1];
-        encode32(lo | (hi << 28), bs, off);
-        encode24(hi >>> 4, bs, off + 4);
-    }
-
-    public static void inv(int[] x, int[] z)
-    {
-        // z = x^(p-2) = x^(2^448 - 2^224 - 3)
-        // (223 1s) (1 0s) (222 1s) (1 0s) (1 1s)
-        // Addition chain: [1] 2 3 6 9 18 19 37 74 111 [222] [223]
-
-        int[] t = create();
-        powPm3d4(x, t);
-        sqr(t, 2, t);
-        mul(t, x, z);
-    }
-
-    public static boolean isZeroVar(int[] x)
-    {
-        int d = 0;
-        for (int i = 0; i < SIZE; ++i)
-        {
-            d |= x[i];
-        }
-        return d == 0;
-    }
-
-    public static void mul(int[] x, int y, int[] z)
-    {
-        int x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3], x4 = x[4], x5 = x[5], x6 = x[6], x7 = x[7];
-        int x8 = x[8], x9 = x[9], x10 = x[10], x11 = x[11], x12 = x[12], x13 = x[13], x14 = x[14], x15 = x[15];
-
-        int z1, z5, z9, z13;
-        long c, d, e, f;
-
-        c     = (long)x1 * y;
-        z1    = (int)c & M28; c >>>= 28;
-        d     = (long)x5 * y;
-        z5    = (int)d & M28; d >>>= 28;
-        e     = (long)x9 * y;
-        z9    = (int)e & M28; e >>>= 28;
-        f     = (long)x13 * y;
-        z13   = (int)f & M28; f >>>= 28;
-
-        c    += (long)x2 * y;
-        z[2]  = (int)c & M28; c >>>= 28;
-        d    += (long)x6 * y;
-        z[6]  = (int)d & M28; d >>>= 28;
-        e    += (long)x10 * y;
-        z[10] = (int)e & M28; e >>>= 28;
-        f    += (long)x14 * y;
-        z[14] = (int)f & M28; f >>>= 28;
-
-        c    += (long)x3 * y;
-        z[3]  = (int)c & M28; c >>>= 28;
-        d    += (long)x7 * y;
-        z[7]  = (int)d & M28; d >>>= 28;
-        e    += (long)x11 * y;
-        z[11] = (int)e & M28; e >>>= 28;
-        f    += (long)x15 * y;
-        z[15] = (int)f & M28; f >>>= 28;
-
-        d    += f;
-
-        c    += (long)x4 * y;
-        z[4]  = (int)c & M28; c >>>= 28;
-        d    += (long)x8 * y;
-        z[8]  = (int)d & M28; d >>>= 28;
-        e    += (long)x12 * y;
-        z[12] = (int)e & M28; e >>>= 28;
-        f    += (long)x0 * y;
-        z[0]  = (int)f & M28; f >>>= 28;
-
-        z[1]  = z1 + (int)f;
-        z[5]  = z5 + (int)c;
-        z[9]  = z9 + (int)d;
-        z[13] = z13 + (int)e;
-    }
-
-    public static void mul(int[] x, int[] y, int[] z)
-    {
-        int x0 = x[0];
-        int x1 = x[1];
-        int x2 = x[2];
-        int x3 = x[3];
-        int x4 = x[4];
-        int x5 = x[5];
-        int x6 = x[6];
-        int x7 = x[7];
-
-        int u0 = x[8];
-        int u1 = x[9];
-        int u2 = x[10];
-        int u3 = x[11];
-        int u4 = x[12];
-        int u5 = x[13];
-        int u6 = x[14];
-        int u7 = x[15];
-
-        int y0 = y[0];
-        int y1 = y[1];
-        int y2 = y[2];
-        int y3 = y[3];
-        int y4 = y[4];
-        int y5 = y[5];
-        int y6 = y[6];
-        int y7 = y[7];
-
-        int v0 = y[8];
-        int v1 = y[9];
-        int v2 = y[10];
-        int v3 = y[11];
-        int v4 = y[12];
-        int v5 = y[13];
-        int v6 = y[14];
-        int v7 = y[15];
-
-        int s0 = x0 + u0;
-        int s1 = x1 + u1;
-        int s2 = x2 + u2;
-        int s3 = x3 + u3;
-        int s4 = x4 + u4;
-        int s5 = x5 + u5;
-        int s6 = x6 + u6;
-        int s7 = x7 + u7;
-
-        int t0 = y0 + v0;
-        int t1 = y1 + v1;
-        int t2 = y2 + v2;
-        int t3 = y3 + v3;
-        int t4 = y4 + v4;
-        int t5 = y5 + v5;
-        int t6 = y6 + v6;
-        int t7 = y7 + v7;
-
-        int z0, z1, z2, z3, z4, z5, z6, z7, z8, z9, z10, z11, z12, z13, z14, z15;
-        long c, d;
-
-        long f0  = (long)x0 * y0;
-        long f8  = (long)x7 * y1
-                 + (long)x6 * y2
-                 + (long)x5 * y3
-                 + (long)x4 * y4
-                 + (long)x3 * y5
-                 + (long)x2 * y6
-                 + (long)x1 * y7;
-        long g0  = (long)u0 * v0;
-        long g8  = (long)u7 * v1
-                 + (long)u6 * v2
-                 + (long)u5 * v3
-                 + (long)u4 * v4
-                 + (long)u3 * v5
-                 + (long)u2 * v6
-                 + (long)u1 * v7;
-        long h0  = (long)s0 * t0;
-        long h8  = (long)s7 * t1
-                 + (long)s6 * t2
-                 + (long)s5 * t3
-                 + (long)s4 * t4
-                 + (long)s3 * t5
-                 + (long)s2 * t6
-                 + (long)s1 * t7;
-
-        c        = f0 + g0 + h8 - f8;
-        z0       = (int)c & M28; c >>>= 28;
-        d        = g8 + h0 - f0 + h8;
-        z8       = (int)d & M28; d >>>= 28;
-
-        long f1  = (long)x1 * y0
-                 + (long)x0 * y1;
-        long f9  = (long)x7 * y2
-                 + (long)x6 * y3
-                 + (long)x5 * y4
-                 + (long)x4 * y5
-                 + (long)x3 * y6
-                 + (long)x2 * y7;
-        long g1  = (long)u1 * v0
-                 + (long)u0 * v1;
-        long g9  = (long)u7 * v2
-                 + (long)u6 * v3
-                 + (long)u5 * v4
-                 + (long)u4 * v5
-                 + (long)u3 * v6
-                 + (long)u2 * v7;
-        long h1  = (long)s1 * t0
-                 + (long)s0 * t1;
-        long h9  = (long)s7 * t2
-                 + (long)s6 * t3
-                 + (long)s5 * t4
-                 + (long)s4 * t5
-                 + (long)s3 * t6
-                 + (long)s2 * t7;
-
-        c       += f1 + g1 + h9 - f9;
-        z1       = (int)c & M28; c >>>= 28;
-        d       += g9 + h1 - f1 + h9;
-        z9       = (int)d & M28; d >>>= 28;
-
-        long f2  = (long)x2 * y0
-                 + (long)x1 * y1
-                 + (long)x0 * y2;
-        long f10 = (long)x7 * y3
-                 + (long)x6 * y4
-                 + (long)x5 * y5
-                 + (long)x4 * y6
-                 + (long)x3 * y7;
-        long g2  = (long)u2 * v0
-                 + (long)u1 * v1
-                 + (long)u0 * v2;
-        long g10 = (long)u7 * v3
-                 + (long)u6 * v4
-                 + (long)u5 * v5
-                 + (long)u4 * v6
-                 + (long)u3 * v7;
-        long h2  = (long)s2 * t0
-                 + (long)s1 * t1
-                 + (long)s0 * t2;
-        long h10 = (long)s7 * t3
-                 + (long)s6 * t4
-                 + (long)s5 * t5
-                 + (long)s4 * t6
-                 + (long)s3 * t7;
-
-        c       += f2 + g2 + h10 - f10;
-        z2       = (int)c & M28; c >>>= 28;
-        d       += g10 + h2 - f2 + h10;
-        z10      = (int)d & M28; d >>>= 28;
-
-        long f3  = (long)x3 * y0
-                 + (long)x2 * y1
-                 + (long)x1 * y2
-                 + (long)x0 * y3;
-        long f11 = (long)x7 * y4
-                 + (long)x6 * y5
-                 + (long)x5 * y6
-                 + (long)x4 * y7;
-        long g3  = (long)u3 * v0
-                 + (long)u2 * v1
-                 + (long)u1 * v2
-                 + (long)u0 * v3;
-        long g11 = (long)u7 * v4
-                 + (long)u6 * v5
-                 + (long)u5 * v6
-                 + (long)u4 * v7;
-        long h3  = (long)s3 * t0
-                 + (long)s2 * t1
-                 + (long)s1 * t2
-                 + (long)s0 * t3;
-        long h11 = (long)s7 * t4
-                 + (long)s6 * t5
-                 + (long)s5 * t6
-                 + (long)s4 * t7;
-
-        c       += f3 + g3 + h11 - f11;
-        z3       = (int)c & M28; c >>>= 28;
-        d       += g11 + h3 - f3 + h11;
-        z11      = (int)d & M28; d >>>= 28;
-
-        long f4  = (long)x4 * y0
-                 + (long)x3 * y1
-                 + (long)x2 * y2
-                 + (long)x1 * y3
-                 + (long)x0 * y4;
-        long f12 = (long)x7 * y5
-                 + (long)x6 * y6
-                 + (long)x5 * y7;
-        long g4  = (long)u4 * v0
-                 + (long)u3 * v1
-                 + (long)u2 * v2
-                 + (long)u1 * v3
-                 + (long)u0 * v4;
-        long g12 = (long)u7 * v5
-                 + (long)u6 * v6
-                 + (long)u5 * v7;
-        long h4  = (long)s4 * t0
-                 + (long)s3 * t1
-                 + (long)s2 * t2
-                 + (long)s1 * t3
-                 + (long)s0 * t4;
-        long h12 = (long)s7 * t5
-                 + (long)s6 * t6
-                 + (long)s5 * t7;
-
-        c       += f4 + g4 + h12 - f12;
-        z4       = (int)c & M28; c >>>= 28;
-        d       += g12 + h4 - f4 + h12;
-        z12      = (int)d & M28; d >>>= 28;
-
-        long f5  = (long)x5 * y0
-                 + (long)x4 * y1
-                 + (long)x3 * y2
-                 + (long)x2 * y3
-                 + (long)x1 * y4
-                 + (long)x0 * y5;
-        long f13 = (long)x7 * y6
-                 + (long)x6 * y7;
-        long g5  = (long)u5 * v0
-                 + (long)u4 * v1
-                 + (long)u3 * v2
-                 + (long)u2 * v3
-                 + (long)u1 * v4
-                 + (long)u0 * v5;
-        long g13 = (long)u7 * v6
-                 + (long)u6 * v7;
-        long h5  = (long)s5 * t0
-                 + (long)s4 * t1
-                 + (long)s3 * t2
-                 + (long)s2 * t3
-                 + (long)s1 * t4
-                 + (long)s0 * t5;
-        long h13 = (long)s7 * t6
-                 + (long)s6 * t7;
-
-        c       += f5 + g5 + h13 - f13;
-        z5       = (int)c & M28; c >>>= 28;
-        d       += g13 + h5 - f5 + h13;
-        z13      = (int)d & M28; d >>>= 28;
-
-        long f6  = (long)x6 * y0
-                 + (long)x5 * y1
-                 + (long)x4 * y2
-                 + (long)x3 * y3
-                 + (long)x2 * y4
-                 + (long)x1 * y5
-                 + (long)x0 * y6;
-        long f14 = (long)x7 * y7;
-        long g6  = (long)u6 * v0
-                 + (long)u5 * v1
-                 + (long)u4 * v2
-                 + (long)u3 * v3
-                 + (long)u2 * v4
-                 + (long)u1 * v5
-                 + (long)u0 * v6;
-        long g14 = (long)u7 * v7;
-        long h6  = (long)s6 * t0
-                 + (long)s5 * t1
-                 + (long)s4 * t2
-                 + (long)s3 * t3
-                 + (long)s2 * t4
-                 + (long)s1 * t5
-                 + (long)s0 * t6;
-        long h14 = (long)s7 * t7;
-
-        c       += f6 + g6 + h14 - f14;
-        z6       = (int)c & M28; c >>>= 28;
-        d       += g14 + h6 - f6 + h14;
-        z14      = (int)d & M28; d >>>= 28;
-
-        long f7  = (long)x7 * y0
-                 + (long)x6 * y1
-                 + (long)x5 * y2
-                 + (long)x4 * y3
-                 + (long)x3 * y4
-                 + (long)x2 * y5
-                 + (long)x1 * y6
-                 + (long)x0 * y7;
-        long g7  = (long)u7 * v0
-                 + (long)u6 * v1
-                 + (long)u5 * v2
-                 + (long)u4 * v3
-                 + (long)u3 * v4
-                 + (long)u2 * v5
-                 + (long)u1 * v6
-                 + (long)u0 * v7;
-        long h7  = (long)s7 * t0
-                 + (long)s6 * t1
-                 + (long)s5 * t2
-                 + (long)s4 * t3
-                 + (long)s3 * t4
-                 + (long)s2 * t5
-                 + (long)s1 * t6
-                 + (long)s0 * t7;
-
-        c       += f7 + g7;
-        z7       = (int)c & M28; c >>>= 28;
-        d       += h7 - f7;
-        z15      = (int)d & M28; d >>>= 28;
-
-        c       += d;
-
-        c       += z8;
-        z8       = (int)c & M28; c >>>= 28;
-        d       += z0;
-        z0       = (int)d & M28; d >>>= 28;
-        z9      += (int)c;
-        z1      += (int)d;
-
-        z[0] = z0;
-        z[1] = z1;
-        z[2] = z2;
-        z[3] = z3;
-        z[4] = z4;
-        z[5] = z5;
-        z[6] = z6;
-        z[7] = z7;
-        z[8] = z8;
-        z[9] = z9;
-        z[10] = z10;
-        z[11] = z11;
-        z[12] = z12;
-        z[13] = z13;
-        z[14] = z14;
-        z[15] = z15;
-    }
-
-    public static void negate(int[] x, int[] z)
-    {
-        int[] zero = create();
-        sub(zero, x, z);
-    }
-
-    public static void normalize(int[] z)
-    {
-//        int x = ((z[15] >>> (28 - 1)) & 1);
-        reduce(z, 1);
-        reduce(z, -1);
-//        assert z[15] >>> 28 == 0;
-    }
-
-    public static void one(int[] z)
-    {
-        z[0] = 1;
-        for (int i = 1; i < SIZE; ++i)
-        {
-            z[i] = 0;
-        }
-    }
-
-    private static void powPm3d4(int[] x, int[] z)
-    {
-        // z = x^((p-3)/4) = x^(2^446 - 2^222 - 1)
-        // (223 1s) (1 0s) (222 1s)
-        // Addition chain: 1 2 3 6 9 18 19 37 74 111 [222] [223]
-        int[] x2 = create();    sqr(x, x2);             mul(x, x2, x2);
-        int[] x3 = create();    sqr(x2, x3);            mul(x, x3, x3);
-        int[] x6 = create();    sqr(x3, 3, x6);         mul(x3, x6, x6);
-        int[] x9 = create();    sqr(x6, 3, x9);         mul(x3, x9, x9);
-        int[] x18 = create();   sqr(x9, 9, x18);        mul(x9, x18, x18);
-        int[] x19 = create();   sqr(x18, x19);          mul(x, x19, x19);
-        int[] x37 = create();   sqr(x19, 18, x37);      mul(x18, x37, x37);
-        int[] x74 = create();   sqr(x37, 37, x74);      mul(x37, x74, x74);
-        int[] x111 = create();  sqr(x74, 37, x111);     mul(x37, x111, x111);
-        int[] x222 = create();  sqr(x111, 111, x222);   mul(x111, x222, x222);
-        int[] x223 = create();  sqr(x222, x223);        mul(x, x223, x223);
-
-        int[] t = create();
-        sqr(x223, 223, t);
-        mul(t, x222, z);
-    }
-
-    private static void reduce(int[] z, int c)
-    {
-        int t = z[15], z15 = t & M28;
-        t = (t >> 28) + c;
-        z[8] += t;
-        for (int i = 0; i < 15; ++i)
-        {
-            t += z[i]; z[i] = t & M28; t >>= 28;
-        }
-        z[15] = z15 + t;
-    }
-
-    public static void sqr(int[] x, int[] z)
-    {
-        int x0 = x[0];
-        int x1 = x[1];
-        int x2 = x[2];
-        int x3 = x[3];
-        int x4 = x[4];
-        int x5 = x[5];
-        int x6 = x[6];
-        int x7 = x[7];
-
-        int u0 = x[8];
-        int u1 = x[9];
-        int u2 = x[10];
-        int u3 = x[11];
-        int u4 = x[12];
-        int u5 = x[13];
-        int u6 = x[14];
-        int u7 = x[15];
-
-        int x0_2 = x0 * 2;
-        int x1_2 = x1 * 2;
-        int x2_2 = x2 * 2;
-        int x3_2 = x3 * 2;
-        int x4_2 = x4 * 2;
-        int x5_2 = x5 * 2;
-        int x6_2 = x6 * 2;
-
-        int u0_2 = u0 * 2;
-        int u1_2 = u1 * 2;
-        int u2_2 = u2 * 2;
-        int u3_2 = u3 * 2;
-        int u4_2 = u4 * 2;
-        int u5_2 = u5 * 2;
-        int u6_2 = u6 * 2;
-        
-        int s0 = x0 + u0;
-        int s1 = x1 + u1;
-        int s2 = x2 + u2;
-        int s3 = x3 + u3;
-        int s4 = x4 + u4;
-        int s5 = x5 + u5;
-        int s6 = x6 + u6;
-        int s7 = x7 + u7;
-
-        int s0_2 = s0 * 2;
-        int s1_2 = s1 * 2;
-        int s2_2 = s2 * 2;
-        int s3_2 = s3 * 2;
-        int s4_2 = s4 * 2;
-        int s5_2 = s5 * 2;
-        int s6_2 = s6 * 2;
-
-        int z0, z1, z2, z3, z4, z5, z6, z7, z8, z9, z10, z11, z12, z13, z14, z15;
-        long c, d;
-
-        long f0  = (long)x0 * x0;
-        long f8  = (long)x7 * x1_2
-                 + (long)x6 * x2_2
-                 + (long)x5 * x3_2
-                 + (long)x4 * x4;
-        long g0  = (long)u0 * u0;
-        long g8  = (long)u7 * u1_2
-                 + (long)u6 * u2_2
-                 + (long)u5 * u3_2
-                 + (long)u4 * u4;
-        long h0  = (long)s0 * s0;
-        long h8  = (long)s7 * s1_2
-                 + (long)s6 * s2_2
-                 + (long)s5 * s3_2
-                 + (long)s4 * s4;
-
-        c        = f0 + g0 + h8 - f8;
-        z0       = (int)c & M28; c >>>= 28;
-        d        = g8 + h0 - f0 + h8;
-        z8       = (int)d & M28; d >>>= 28;
-
-        long f1  = (long)x1 * x0_2;
-        long f9  = (long)x7 * x2_2
-                 + (long)x6 * x3_2
-                 + (long)x5 * x4_2;
-        long g1  = (long)u1 * u0_2;
-        long g9  = (long)u7 * u2_2
-                 + (long)u6 * u3_2
-                 + (long)u5 * u4_2;
-        long h1  = (long)s1 * s0_2;
-        long h9  = (long)s7 * s2_2
-                 + (long)s6 * s3_2
-                 + (long)s5 * s4_2;
-
-        c       += f1 + g1 + h9 - f9;
-        z1       = (int)c & M28; c >>>= 28;
-        d       += g9 + h1 - f1 + h9;
-        z9       = (int)d & M28; d >>>= 28;
-
-        long f2  = (long)x2 * x0_2
-                 + (long)x1 * x1;
-        long f10 = (long)x7 * x3_2
-                 + (long)x6 * x4_2
-                 + (long)x5 * x5;
-        long g2  = (long)u2 * u0_2
-                 + (long)u1 * u1;
-        long g10 = (long)u7 * u3_2
-                 + (long)u6 * u4_2
-                 + (long)u5 * u5;
-        long h2  = (long)s2 * s0_2
-                 + (long)s1 * s1;
-        long h10 = (long)s7 * s3_2
-                 + (long)s6 * s4_2
-                 + (long)s5 * s5;
-
-        c       += f2 + g2 + h10 - f10;
-        z2       = (int)c & M28; c >>>= 28;
-        d       += g10 + h2 - f2 + h10;
-        z10      = (int)d & M28; d >>>= 28;
-
-        long f3  = (long)x3 * x0_2
-                 + (long)x2 * x1_2;
-        long f11 = (long)x7 * x4_2
-                 + (long)x6 * x5_2;
-        long g3  = (long)u3 * u0_2
-                 + (long)u2 * u1_2;
-        long g11 = (long)u7 * u4_2
-                 + (long)u6 * u5_2;
-        long h3  = (long)s3 * s0_2
-                 + (long)s2 * s1_2;
-        long h11 = (long)s7 * s4_2
-                 + (long)s6 * s5_2;
-
-        c       += f3 + g3 + h11 - f11;
-        z3       = (int)c & M28; c >>>= 28;
-        d       += g11 + h3 - f3 + h11;
-        z11      = (int)d & M28; d >>>= 28;
-
-        long f4  = (long)x4 * x0_2
-                 + (long)x3 * x1_2
-                 + (long)x2 * x2;
-        long f12 = (long)x7 * x5_2
-                 + (long)x6 * x6;
-        long g4  = (long)u4 * u0_2
-                 + (long)u3 * u1_2
-                 + (long)u2 * u2;
-        long g12 = (long)u7 * u5_2
-                 + (long)u6 * u6;
-        long h4  = (long)s4 * s0_2
-                 + (long)s3 * s1_2
-                 + (long)s2 * s2;
-        long h12 = (long)s7 * s5_2
-                 + (long)s6 * s6;
-
-        c       += f4 + g4 + h12 - f12;
-        z4       = (int)c & M28; c >>>= 28;
-        d       += g12 + h4 - f4 + h12;
-        z12      = (int)d & M28; d >>>= 28;
-
-        long f5  = (long)x5 * x0_2
-                 + (long)x4 * x1_2
-                 + (long)x3 * x2_2;
-        long f13 = (long)x7 * x6_2;
-        long g5  = (long)u5 * u0_2
-                 + (long)u4 * u1_2
-                 + (long)u3 * u2_2;
-        long g13 = (long)u7 * u6_2;
-        long h5  = (long)s5 * s0_2
-                 + (long)s4 * s1_2
-                 + (long)s3 * s2_2;
-        long h13 = (long)s7 * s6_2;
-
-        c       += f5 + g5 + h13 - f13;
-        z5       = (int)c & M28; c >>>= 28;
-        d       += g13 + h5 - f5 + h13;
-        z13      = (int)d & M28; d >>>= 28;
-
-        long f6  = (long)x6 * x0_2
-                 + (long)x5 * x1_2
-                 + (long)x4 * x2_2
-                 + (long)x3 * x3;
-        long f14 = (long)x7 * x7;
-        long g6  = (long)u6 * u0_2
-                 + (long)u5 * u1_2
-                 + (long)u4 * u2_2
-                 + (long)u3 * u3;
-        long g14 = (long)u7 * u7;
-        long h6  = (long)s6 * s0_2
-                 + (long)s5 * s1_2
-                 + (long)s4 * s2_2
-                 + (long)s3 * s3;
-        long h14 = (long)s7 * s7;
-
-        c       += f6 + g6 + h14 - f14;
-        z6       = (int)c & M28; c >>>= 28;
-        d       += g14 + h6 - f6 + h14;
-        z14      = (int)d & M28; d >>>= 28;
-
-        long f7  = (long)x7 * x0_2
-                 + (long)x6 * x1_2
-                 + (long)x5 * x2_2
-                 + (long)x4 * x3_2;
-        long g7  = (long)u7 * u0_2
-                 + (long)u6 * u1_2
-                 + (long)u5 * u2_2
-                 + (long)u4 * u3_2;
-        long h7  = (long)s7 * s0_2
-                 + (long)s6 * s1_2
-                 + (long)s5 * s2_2
-                 + (long)s4 * s3_2;
-
-        c       += f7 + g7;
-        z7       = (int)c & M28; c >>>= 28;
-        d       += h7 - f7;
-        z15      = (int)d & M28; d >>>= 28;
-
-        c       += d;
-
-        c       += z8;
-        z8       = (int)c & M28; c >>>= 28;
-        d       += z0;
-        z0       = (int)d & M28; d >>>= 28;
-        z9      += (int)c;
-        z1      += (int)d;
-
-        z[0] = z0;
-        z[1] = z1;
-        z[2] = z2;
-        z[3] = z3;
-        z[4] = z4;
-        z[5] = z5;
-        z[6] = z6;
-        z[7] = z7;
-        z[8] = z8;
-        z[9] = z9;
-        z[10] = z10;
-        z[11] = z11;
-        z[12] = z12;
-        z[13] = z13;
-        z[14] = z14;
-        z[15] = z15;
-    }
-
-    public static void sqr(int[] x, int n, int[] z)
-    {
-//        assert n > 0;
-
-        sqr(x, z);
-
-        while (--n > 0)
-        {
-            sqr(z, z);
-        }
-    }
-
-    public static boolean sqrtRatioVar(int[] u, int[] v, int[] z)
-    {
-        int[] u3v = create();
-        int[] u5v3 = create();
-
-        sqr(u, u3v);
-        mul(u3v, v, u3v);
-        sqr(u3v, u5v3);
-        mul(u3v, u, u3v);
-        mul(u5v3, u, u5v3);
-        mul(u5v3, v, u5v3);
-
-        int[] x = create();
-        powPm3d4(u5v3, x);
-        mul(x, u3v, x);
-
-        int[] t = create();
-        sqr(x, t);
-        mul(t, v, t);
-
-        sub(u, t, t);
-        normalize(t);
-
-        if (isZeroVar(t))
-        {
-            copy(x, 0, z, 0);
-            return true;
-        }
-
-        return false;
-    }
-
-    public static void sub(int[] x, int[] y, int[] z)
-    {
-        int x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3], x4 = x[4], x5 = x[5], x6 = x[6], x7 = x[7];
-        int x8 = x[8], x9 = x[9], x10 = x[10], x11 = x[11], x12 = x[12], x13 = x[13], x14 = x[14], x15 = x[15];
-        int y0 = y[0], y1 = y[1], y2 = y[2], y3 = y[3], y4 = y[4], y5 = y[5], y6 = y[6], y7 = y[7];
-        int y8 = y[8], y9 = y[9], y10 = y[10], y11 = y[11], y12 = y[12], y13 = y[13], y14 = y[14], y15 = y[15];
-
-        int z0 = x0 + 0x1FFFFFFE - y0;
-        int z1 = x1 + 0x1FFFFFFE - y1;
-        int z2 = x2 + 0x1FFFFFFE - y2;
-        int z3 = x3 + 0x1FFFFFFE - y3;
-        int z4 = x4 + 0x1FFFFFFE - y4;
-        int z5 = x5 + 0x1FFFFFFE - y5;
-        int z6 = x6 + 0x1FFFFFFE - y6;
-        int z7 = x7 + 0x1FFFFFFE - y7;
-        int z8 = x8 + 0x1FFFFFFC - y8;
-        int z9 = x9 + 0x1FFFFFFE - y9;
-        int z10 = x10 + 0x1FFFFFFE - y10;
-        int z11 = x11 + 0x1FFFFFFE - y11;
-        int z12 = x12 + 0x1FFFFFFE - y12;
-        int z13 = x13 + 0x1FFFFFFE - y13;
-        int z14 = x14 + 0x1FFFFFFE - y14;
-        int z15 = x15 + 0x1FFFFFFE - y15;
-
-        z2   += z1 >>> 28; z1 &= M28;
-        z6   += z5 >>> 28; z5 &= M28;
-        z10  += z9 >>> 28; z9 &= M28;
-        z14  += z13 >>> 28; z13 &= M28;
-
-        z3   += z2 >>> 28; z2 &= M28;
-        z7   += z6 >>> 28; z6 &= M28;
-        z11  += z10 >>> 28; z10 &= M28;
-        z15  += z14 >>> 28; z14 &= M28;
-
-        int t = z15 >>> 28; z15 &= M28;
-        z0   += t;
-        z8   += t;
-
-        z4   += z3 >>> 28; z3 &= M28;
-        z8   += z7 >>> 28; z7 &= M28;
-        z12  += z11 >>> 28; z11 &= M28;
-
-        z1   += z0 >>> 28; z0 &= M28;
-        z5   += z4 >>> 28; z4 &= M28;
-        z9   += z8 >>> 28; z8 &= M28;
-        z13  += z12 >>> 28; z12 &= M28;
-
-        z[0] = z0;
-        z[1] = z1;
-        z[2] = z2;
-        z[3] = z3;
-        z[4] = z4;
-        z[5] = z5;
-        z[6] = z6;
-        z[7] = z7;
-        z[8] = z8;
-        z[9] = z9;
-        z[10] = z10;
-        z[11] = z11;
-        z[12] = z12;
-        z[13] = z13;
-        z[14] = z14;
-        z[15] = z15;
-    }
-
-    public static void subOne(int[] z)
-    {
-        int[] one = create();
-        one[0] = 1;
-
-        sub(z, one, z);
-    }
-
-    public static void zero(int[] z)
-    {
-        for (int i = 0; i < SIZE; ++i)
-        {
-            z[i] = 0;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/rfc8032/Ed25519.java b/bcprov/src/main/java/org/bouncycastle/math/ec/rfc8032/Ed25519.java
deleted file mode 100644
index bcfb427..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/rfc8032/Ed25519.java
+++ /dev/null

@@ -1,1132 +0,0 @@
-package org.bouncycastle.math.ec.rfc8032;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.math.ec.rfc7748.X25519;
-import org.bouncycastle.math.ec.rfc7748.X25519Field;
-import org.bouncycastle.math.raw.Interleave;
-import org.bouncycastle.math.raw.Nat;
-import org.bouncycastle.math.raw.Nat256;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-
-public abstract class Ed25519
-{
-    public static final class Algorithm
-    {
-        public static final int Ed25519 = 0;
-        public static final int Ed25519ctx = 1;
-        public static final int Ed25519ph = 2;
-    }
-
-    private static final long M28L = 0x0FFFFFFFL;
-    private static final long M32L = 0xFFFFFFFFL;
-
-    private static final int POINT_BYTES = 32;
-    private static final int SCALAR_INTS = 8;
-    private static final int SCALAR_BYTES = SCALAR_INTS * 4;
-
-    public static final int PREHASH_SIZE = 64;
-    public static final int PUBLIC_KEY_SIZE = POINT_BYTES;
-    public static final int SECRET_KEY_SIZE = 32;
-    public static final int SIGNATURE_SIZE = POINT_BYTES + SCALAR_BYTES;
-
-    private static final byte[] DOM2_PREFIX = Strings.toByteArray("SigEd25519 no Ed25519 collisions");
-
-    private static final int[] P = new int[]{ 0xFFFFFFED, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x7FFFFFFF };
-    private static final int[] L = new int[]{ 0x5CF5D3ED, 0x5812631A, 0xA2F79CD6, 0x14DEF9DE, 0x00000000, 0x00000000, 0x00000000, 0x10000000 };
-
-    private static final int L0 = 0xFCF5D3ED;   // L0:26/--
-    private static final int L1 = 0x012631A6;   // L1:24/22
-    private static final int L2 = 0x079CD658;   // L2:27/--
-    private static final int L3 = 0xFF9DEA2F;   // L3:23/--
-    private static final int L4 = 0x000014DF;   // L4:12/11
-
-    private static final int[] B_x = new int[]{ 0x0325D51A, 0x018B5823, 0x007B2C95, 0x0304A92D, 0x00D2598E, 0x01D6DC5C,
-        0x01388C7F, 0x013FEC0A, 0x029E6B72, 0x0042D26D };    
-    private static final int[] B_y = new int[]{ 0x02666658, 0x01999999, 0x00666666, 0x03333333, 0x00CCCCCC, 0x02666666,
-        0x01999999, 0x00666666, 0x03333333, 0x00CCCCCC, };
-    private static final int[] C_d = new int[]{ 0x035978A3, 0x02D37284, 0x018AB75E, 0x026A0A0E, 0x0000E014, 0x0379E898,
-        0x01D01E5D, 0x01E738CC, 0x03715B7F, 0x00A406D9 };
-    private static final int[] C_d2 = new int[]{ 0x02B2F159, 0x01A6E509, 0x01156EBD, 0x00D4141D, 0x0001C029, 0x02F3D130,
-        0x03A03CBB, 0x01CE7198, 0x02E2B6FF, 0x00480DB3 };
-    private static final int[] C_d4 = new int[]{ 0x0165E2B2, 0x034DCA13, 0x002ADD7A, 0x01A8283B, 0x00038052, 0x01E7A260,
-        0x03407977, 0x019CE331, 0x01C56DFF, 0x00901B67 };
-
-    private static final int WNAF_WIDTH_BASE = 7;
-
-    private static final int PRECOMP_BLOCKS = 8;
-    private static final int PRECOMP_TEETH = 4;
-    private static final int PRECOMP_SPACING = 8;
-    private static final int PRECOMP_POINTS = 1 << (PRECOMP_TEETH - 1);
-    private static final int PRECOMP_MASK = PRECOMP_POINTS - 1;
-
-    private static Object precompLock = new Object();
-    // TODO[ed25519] Convert to PointPrecomp
-    private static PointExt[] precompBaseTable = null;
-    private static int[] precompBase = null;
-
-    private static class PointAccum
-    {
-        int[] x = X25519Field.create();
-        int[] y = X25519Field.create();
-        int[] z = X25519Field.create();
-        int[] u = X25519Field.create();
-        int[] v = X25519Field.create();
-    }
-
-    private static class PointExt
-    {
-        int[] x = X25519Field.create();
-        int[] y = X25519Field.create();
-        int[] z = X25519Field.create();
-        int[] t = X25519Field.create();
-    }
-
-    private static class PointPrecomp
-    {
-        int[] ypx_h = X25519Field.create();
-        int[] ymx_h = X25519Field.create();
-        int[] xyd = X25519Field.create();
-    }
-
-    private static byte[] calculateS(byte[] r, byte[] k, byte[] s)
-    {
-        int[] t = new int[SCALAR_INTS * 2];     decodeScalar(r, 0, t);
-        int[] u = new int[SCALAR_INTS];         decodeScalar(k, 0, u);
-        int[] v = new int[SCALAR_INTS];         decodeScalar(s, 0, v);
-
-        Nat256.mulAddTo(u, v, t);
-
-        byte[] result = new byte[SCALAR_BYTES * 2];
-        for (int i = 0; i < t.length; ++i)
-        {
-            encode32(t[i], result, i * 4);
-        }
-        return reduceScalar(result);
-    }
-
-    private static boolean checkContextVar(byte[] ctx , byte phflag)
-    {
-        return ctx == null && phflag == 0x00 
-            || ctx != null && ctx.length < 256;
-    }
-
-    private static boolean checkPointVar(byte[] p)
-    {
-        int[] t = new int[8];
-        decode32(p, 0, t, 0, 8);
-        t[7] &= 0x7FFFFFFF;
-        return !Nat256.gte(t, P);
-    }
-
-    private static boolean checkScalarVar(byte[] s)
-    {
-        int[] n = new int[SCALAR_INTS];
-        decodeScalar(s, 0, n);
-        return !Nat256.gte(n, L);
-    }
-
-    private static Digest createDigest()
-    {
-        return new SHA512Digest();
-    }
-
-    public static Digest createPrehash()
-    {
-        return createDigest();
-    }
-
-    private static int decode24(byte[] bs, int off)
-    {
-        int n = bs[  off] & 0xFF;
-        n |= (bs[++off] & 0xFF) << 8;
-        n |= (bs[++off] & 0xFF) << 16;
-        return n;
-    }
-
-    private static int decode32(byte[] bs, int off)
-    {
-        int n = bs[off] & 0xFF;
-        n |= (bs[++off] & 0xFF) << 8;
-        n |= (bs[++off] & 0xFF) << 16;
-        n |=  bs[++off]         << 24;
-        return n;
-    }
-
-    private static void decode32(byte[] bs, int bsOff, int[] n, int nOff, int nLen)
-    {
-        for (int i = 0; i < nLen; ++i)
-        {
-            n[nOff + i] = decode32(bs, bsOff + i * 4);
-        }
-    }
-
-    private static boolean decodePointVar(byte[] p, int pOff, boolean negate, PointExt r)
-    {
-        byte[] py = Arrays.copyOfRange(p, pOff, pOff + POINT_BYTES);
-        if (!checkPointVar(py))
-        {
-            return false;
-        }
-
-        int x_0 = (py[POINT_BYTES - 1] & 0x80) >>> 7;
-        py[POINT_BYTES - 1] &= 0x7F;
-
-        X25519Field.decode(py, 0, r.y);
-
-        int[] u = X25519Field.create();
-        int[] v = X25519Field.create();
-
-        X25519Field.sqr(r.y, u);
-        X25519Field.mul(C_d, u, v);
-        X25519Field.subOne(u);
-        X25519Field.addOne(v);
-
-        if (!X25519Field.sqrtRatioVar(u, v, r.x))
-        {
-            return false;
-        }
-
-        X25519Field.normalize(r.x);
-        if (x_0 == 1 && X25519Field.isZeroVar(r.x))
-        {
-            return false;
-        }
-
-        if (negate ^ (x_0 != (r.x[0] & 1)))
-        {
-            X25519Field.negate(r.x, r.x);
-        }
-
-        pointExtendXY(r);
-        return true;
-    }
-
-    private static void decodeScalar(byte[] k, int kOff, int[] n)
-    {
-        decode32(k, kOff, n, 0, SCALAR_INTS);
-    }
-
-    private static void dom2(Digest d, byte phflag, byte[] ctx)
-    {
-        if (ctx != null)
-        {
-            d.update(DOM2_PREFIX, 0, DOM2_PREFIX.length);
-            d.update(phflag);
-            d.update((byte)ctx.length);
-            d.update(ctx, 0, ctx.length);
-        }
-    }
-
-    private static void encode24(int n, byte[] bs, int off)
-    {
-        bs[  off] = (byte)(n       );
-        bs[++off] = (byte)(n >>>  8);
-        bs[++off] = (byte)(n >>> 16);
-    }
-
-    private static void encode32(int n, byte[] bs, int off)
-    {
-        bs[  off] = (byte)(n       );
-        bs[++off] = (byte)(n >>>  8);
-        bs[++off] = (byte)(n >>> 16);
-        bs[++off] = (byte)(n >>> 24);
-    }
-
-    private static void encode56(long n, byte[] bs, int off)
-    {
-        encode32((int)n, bs, off);
-        encode24((int)(n >>> 32), bs, off + 4);
-    }
-
-    private static void encodePoint(PointAccum p, byte[] r, int rOff)
-    {
-        int[] x = X25519Field.create();
-        int[] y = X25519Field.create();
-
-        X25519Field.inv(p.z, y);
-        X25519Field.mul(p.x, y, x);
-        X25519Field.mul(p.y, y, y);
-        X25519Field.normalize(x);
-        X25519Field.normalize(y);
-
-        X25519Field.encode(y, r, rOff);
-        r[rOff + POINT_BYTES - 1] |= ((x[0] & 1) << 7);
-    }
-
-    public static void generatePrivateKey(SecureRandom random, byte[] k)
-    {
-        random.nextBytes(k);
-    }
-
-    public static void generatePublicKey(byte[] sk, int skOff, byte[] pk, int pkOff)
-    {
-        Digest d = createDigest();
-        byte[] h = new byte[d.getDigestSize()];
-
-        d.update(sk, skOff, SECRET_KEY_SIZE);
-        d.doFinal(h, 0);
-
-        byte[] s = new byte[SCALAR_BYTES];
-        pruneScalar(h, 0, s);
-
-        scalarMultBaseEncoded(s, pk, pkOff);
-    }
-
-    private static byte[] getWNAF(int[] n, int width)
-    {
-//        assert n[SCALAR_INTS - 1] >>> 31 == 0;
-
-        int[] t = new int[SCALAR_INTS * 2];
-        {
-            int tPos = t.length, c = 0;
-            int i = SCALAR_INTS;
-            while (--i >= 0)
-            {
-                int next = n[i];
-                t[--tPos] = (next >>> 16) | (c << 16);
-                t[--tPos] = c = next;
-            }
-        }
-
-        byte[] ws = new byte[256];
-
-        final int pow2 = 1 << width;
-        final int mask = pow2 - 1;
-        final int sign = pow2 >>> 1;
-
-        int j = 0, carry = 0;
-        for (int i = 0; i < t.length; ++i, j -= 16)
-        {
-            int word = t[i];
-            while (j < 16)
-            {
-                int word16 = word >>> j;
-                int bit = word16 & 1;
-
-                if (bit == carry)
-                {
-                    ++j;
-                    continue;
-                }
-
-                int digit = (word16 & mask) + carry;
-                carry = digit & sign;
-                digit -= (carry << 1);
-                carry >>>= (width - 1);
-
-                ws[(i << 4) + j] = (byte)digit;
-
-                j += width;
-            }
-        }
-
-//        assert carry == 0;
-
-        return ws;
-    }
-
-    private static void implSign(Digest d, byte[] h, byte[] s, byte[] pk, int pkOff, byte[] ctx, byte phflag,
-        byte[] m, int mOff, int mLen, byte[] sig, int sigOff)
-    {
-        dom2(d, phflag, ctx);
-        d.update(h, SCALAR_BYTES, SCALAR_BYTES);
-        d.update(m, mOff, mLen);
-        d.doFinal(h, 0);
-
-        byte[] r = reduceScalar(h);
-        byte[] R = new byte[POINT_BYTES];
-        scalarMultBaseEncoded(r, R, 0);
-
-        dom2(d, phflag, ctx);
-        d.update(R, 0, POINT_BYTES);
-        d.update(pk, pkOff, POINT_BYTES);
-        d.update(m, mOff, mLen);
-        d.doFinal(h, 0);
-
-        byte[] k = reduceScalar(h);
-        byte[] S = calculateS(r, k, s);
-
-        System.arraycopy(R, 0, sig, sigOff, POINT_BYTES);
-        System.arraycopy(S, 0, sig, sigOff + POINT_BYTES, SCALAR_BYTES);
-    }
-
-    private static void implSign(byte[] sk, int skOff, byte[] ctx, byte phflag, byte[] m, int mOff, int mLen,
-        byte[] sig, int sigOff)
-    {
-        if (!checkContextVar(ctx, phflag))
-        {
-            throw new IllegalArgumentException("ctx");
-        }
-
-        Digest d = createDigest();
-        byte[] h = new byte[d.getDigestSize()];
-
-        d.update(sk, skOff, SECRET_KEY_SIZE);
-        d.doFinal(h, 0);
-
-        byte[] s = new byte[SCALAR_BYTES];
-        pruneScalar(h, 0, s);
-
-        byte[] pk = new byte[POINT_BYTES];
-        scalarMultBaseEncoded(s, pk, 0);
-
-        implSign(d, h, s, pk, 0, ctx, phflag, m, mOff, mLen, sig, sigOff);
-    }
-
-    private static void implSign(byte[] sk, int skOff, byte[] pk, int pkOff, byte[] ctx, byte phflag,
-        byte[] m, int mOff, int mLen, byte[] sig, int sigOff)
-    {
-        if (!checkContextVar(ctx, phflag))
-        {
-            throw new IllegalArgumentException("ctx");
-        }
-
-        Digest d = createDigest();
-        byte[] h = new byte[d.getDigestSize()];
-
-        d.update(sk, skOff, SECRET_KEY_SIZE);
-        d.doFinal(h, 0);
-
-        byte[] s = new byte[SCALAR_BYTES];
-        pruneScalar(h, 0, s);
-
-        implSign(d, h, s, pk, pkOff, ctx, phflag, m, mOff, mLen, sig, sigOff);
-    }
-
-    private static boolean implVerify(byte[] sig, int sigOff, byte[] pk, int pkOff, byte[] ctx, byte phflag,
-        byte[] m, int mOff, int mLen)
-    {
-        if (!checkContextVar(ctx, phflag))
-        {
-            throw new IllegalArgumentException("ctx");
-        }
-
-        byte[] R = Arrays.copyOfRange(sig, sigOff, sigOff + POINT_BYTES);
-        byte[] S = Arrays.copyOfRange(sig, sigOff + POINT_BYTES, sigOff + SIGNATURE_SIZE);
-
-        if (!checkPointVar(R))
-        {
-            return false;
-        }
-        if (!checkScalarVar(S))
-        {
-            return false;
-        }
-
-        PointExt pA = new PointExt();
-        if (!decodePointVar(pk, pkOff, true, pA))
-        {
-            return false;
-        }
-
-        Digest d = createDigest();
-        byte[] h = new byte[d.getDigestSize()];
-
-        dom2(d, phflag, ctx);
-        d.update(R, 0, POINT_BYTES);
-        d.update(pk, pkOff, POINT_BYTES);
-        d.update(m, mOff, mLen);
-        d.doFinal(h, 0);
-
-        byte[] k = reduceScalar(h);
-
-        int[] nS = new int[SCALAR_INTS];
-        decodeScalar(S, 0, nS);
-
-        int[] nA = new int[SCALAR_INTS];
-        decodeScalar(k, 0, nA);
-
-        PointAccum pR = new PointAccum();
-        scalarMultStraussVar(nS, nA, pA, pR);
-
-        byte[] check = new byte[POINT_BYTES];
-        encodePoint(pR, check, 0);
-
-        return Arrays.areEqual(check, R);
-    }
-
-    private static void pointAddVar(boolean negate, PointExt p, PointAccum r)
-    {
-        int[] A = X25519Field.create();
-        int[] B = X25519Field.create();
-        int[] C = X25519Field.create();
-        int[] D = X25519Field.create();
-        int[] E = r.u;
-        int[] F = X25519Field.create();
-        int[] G = X25519Field.create();
-        int[] H = r.v;
-
-        int[] c, d, f, g;
-        if (negate)
-        {
-            c = D; d = C; f = G; g = F;
-        }
-        else
-        {
-            c = C; d = D; f = F; g = G;
-        }
-
-        X25519Field.apm(r.y, r.x, B, A);
-        X25519Field.apm(p.y, p.x, d, c);
-        X25519Field.mul(A, C, A);
-        X25519Field.mul(B, D, B);
-        X25519Field.mul(r.u, r.v, C);
-        X25519Field.mul(C, p.t, C);
-        X25519Field.mul(C, C_d2, C);
-        X25519Field.mul(r.z, p.z, D);
-        X25519Field.add(D, D, D);
-        X25519Field.apm(B, A, H, E);
-        X25519Field.apm(D, C, g, f);
-        X25519Field.carry(g);
-        X25519Field.mul(E, F, r.x);
-        X25519Field.mul(G, H, r.y);
-        X25519Field.mul(F, G, r.z);
-    }
-
-    private static void pointAddVar(boolean negate, PointExt p, PointExt q, PointExt r)
-    {
-        int[] A = X25519Field.create();
-        int[] B = X25519Field.create();
-        int[] C = X25519Field.create();
-        int[] D = X25519Field.create();
-        int[] E = X25519Field.create();
-        int[] F = X25519Field.create();
-        int[] G = X25519Field.create();
-        int[] H = X25519Field.create();
-
-        int[] c, d, f, g;
-        if (negate)
-        {
-            c = D; d = C; f = G; g = F;
-        }
-        else
-        {
-            c = C; d = D; f = F; g = G;
-        }
-
-        X25519Field.apm(p.y, p.x, B, A);
-        X25519Field.apm(q.y, q.x, d, c);
-        X25519Field.mul(A, C, A);
-        X25519Field.mul(B, D, B);
-        X25519Field.mul(p.t, q.t, C);
-        X25519Field.mul(C, C_d2, C);
-        X25519Field.mul(p.z, q.z, D);
-        X25519Field.add(D, D, D);
-        X25519Field.apm(B, A, H, E);
-        X25519Field.apm(D, C, g, f);
-        X25519Field.carry(g);
-        X25519Field.mul(E, F, r.x);
-        X25519Field.mul(G, H, r.y);
-        X25519Field.mul(F, G, r.z);
-        X25519Field.mul(E, H, r.t);
-    }
-
-    private static void pointAddPrecomp(PointPrecomp p, PointAccum r)
-    {
-        int[] A = X25519Field.create();
-        int[] B = X25519Field.create();
-        int[] C = X25519Field.create();
-        int[] E = r.u;
-        int[] F = X25519Field.create();
-        int[] G = X25519Field.create();
-        int[] H = r.v;
-
-        X25519Field.apm(r.y, r.x, B, A);
-        X25519Field.mul(A, p.ymx_h, A);
-        X25519Field.mul(B, p.ypx_h, B);
-        X25519Field.mul(r.u, r.v, C);
-        X25519Field.mul(C, p.xyd, C);
-        X25519Field.apm(B, A, H, E);
-        X25519Field.apm(r.z, C, G, F);
-        X25519Field.carry(G);
-        X25519Field.mul(E, F, r.x);
-        X25519Field.mul(G, H, r.y);
-        X25519Field.mul(F, G, r.z);
-    }
-
-    private static PointExt pointCopy(PointAccum p)
-    {
-        PointExt r = new PointExt();
-        X25519Field.copy(p.x, 0, r.x, 0);
-        X25519Field.copy(p.y, 0, r.y, 0);
-        X25519Field.copy(p.z, 0, r.z, 0);
-        X25519Field.mul(p.u, p.v, r.t);
-        return r;
-    }
-
-    private static PointExt pointCopy(PointExt p)
-    {
-        PointExt r = new PointExt();
-        X25519Field.copy(p.x, 0, r.x, 0);
-        X25519Field.copy(p.y, 0, r.y, 0);
-        X25519Field.copy(p.z, 0, r.z, 0);
-        X25519Field.copy(p.t, 0, r.t, 0);
-        return r;
-    }
-
-    private static void pointDouble(PointAccum r)
-    {
-        int[] A = X25519Field.create();
-        int[] B = X25519Field.create();
-        int[] C = X25519Field.create();
-        int[] E = r.u;
-        int[] F = X25519Field.create();
-        int[] G = X25519Field.create();
-        int[] H = r.v;
-
-        X25519Field.sqr(r.x, A);
-        X25519Field.sqr(r.y, B);
-        X25519Field.sqr(r.z, C);
-        X25519Field.add(C, C, C);
-        X25519Field.apm(A, B, H, G);
-        X25519Field.add(r.x, r.y, E);
-        X25519Field.sqr(E, E);
-        X25519Field.sub(H, E, E);
-        X25519Field.add(C, G, F);
-        X25519Field.carry(F);
-        X25519Field.mul(E, F, r.x);
-        X25519Field.mul(G, H, r.y);
-        X25519Field.mul(F, G, r.z);
-    }
-
-    private static void pointExtendXY(PointAccum p)
-    {
-        X25519Field.one(p.z);
-        X25519Field.copy(p.x, 0, p.u, 0);
-        X25519Field.copy(p.y, 0, p.v, 0);
-    }
-
-    private static void pointExtendXY(PointExt p)
-    {
-        X25519Field.one(p.z);
-        X25519Field.mul(p.x, p.y, p.t);
-    }
-
-    private static void pointLookup(int block, int index, PointPrecomp p)
-    {
-//        assert 0 <= block && block < PRECOMP_BLOCKS;
-//        assert 0 <= index && index < PRECOMP_POINTS;
-
-        int off = block * PRECOMP_POINTS * 3 * X25519Field.SIZE;
-
-        for (int i = 0; i < PRECOMP_POINTS; ++i)
-        {
-            int mask = ((i ^ index) - 1) >> 31;
-            Nat.cmov(X25519Field.SIZE, mask, precompBase, off, p.ypx_h, 0);    off += X25519Field.SIZE;
-            Nat.cmov(X25519Field.SIZE, mask, precompBase, off, p.ymx_h, 0);    off += X25519Field.SIZE;
-            Nat.cmov(X25519Field.SIZE, mask, precompBase, off, p.xyd,   0);    off += X25519Field.SIZE;
-        }
-    }
-
-    private static PointExt[] pointPrecompVar(PointExt p, int count)
-    {
-//        assert count > 0;
-
-        PointExt d = new PointExt();
-        pointAddVar(false, p, p, d);
-
-        PointExt[] table = new PointExt[count];
-        table[0] = pointCopy(p);
-        for (int i = 1; i < count; ++i)
-        {
-            pointAddVar(false, table[i - 1], d, table[i] = new PointExt());
-        }
-        return table;
-    }
-
-    private static void pointSetNeutral(PointAccum p)
-    {
-        X25519Field.zero(p.x);
-        X25519Field.one(p.y);
-        X25519Field.one(p.z);
-        X25519Field.zero(p.u);
-        X25519Field.one(p.v);
-    }
-
-    private static void pointSetNeutral(PointExt p)
-    {
-        X25519Field.zero(p.x);
-        X25519Field.one(p.y);
-        X25519Field.one(p.z);
-        X25519Field.zero(p.t);
-    }
-
-    public static void precompute()
-    {
-        synchronized (precompLock)
-        {
-            if (precompBase != null)
-            {
-                return;
-            }
-
-            // Precomputed table for the base point in verification ladder
-            {
-                PointExt b = new PointExt();
-                X25519Field.copy(B_x, 0, b.x, 0);
-                X25519Field.copy(B_y, 0, b.y, 0);
-                pointExtendXY(b);
-
-                precompBaseTable = pointPrecompVar(b, 1 << (WNAF_WIDTH_BASE - 2));
-            }
-
-            PointAccum p = new PointAccum();
-            X25519Field.copy(B_x, 0, p.x, 0);
-            X25519Field.copy(B_y, 0, p.y, 0);
-            pointExtendXY(p);
-
-            precompBase = new int[PRECOMP_BLOCKS * PRECOMP_POINTS * 3 * X25519Field.SIZE];
-
-            int off = 0;
-            for (int b = 0; b < PRECOMP_BLOCKS; ++b)
-            {
-                PointExt[] ds = new PointExt[PRECOMP_TEETH];
-
-                PointExt sum = new PointExt();
-                pointSetNeutral(sum);
-
-                for (int t = 0; t < PRECOMP_TEETH; ++t)
-                {
-                    PointExt q = pointCopy(p);
-                    pointAddVar(true, sum, q, sum);
-                    pointDouble(p);
-
-                    ds[t] = pointCopy(p);
-
-                    if (b + t != PRECOMP_BLOCKS + PRECOMP_TEETH - 2)
-                    {
-                        for (int s = 1; s < PRECOMP_SPACING; ++s)
-                        {
-                            pointDouble(p);
-                        }
-                    }
-                }
-
-                PointExt[] points = new PointExt[PRECOMP_POINTS];
-                int k = 0;
-                points[k++] = sum;
-
-                for (int t = 0; t < (PRECOMP_TEETH - 1); ++t)
-                {
-                    int size = 1 << t;
-                    for (int j = 0; j < size; ++j, ++k)
-                    {
-                        pointAddVar(false, points[k - size], ds[t], points[k] = new PointExt());
-                    }
-                }
-
-//                assert k == PRECOMP_POINTS;
-
-                for (int i = 0; i < PRECOMP_POINTS; ++i)
-                {
-                    PointExt q = points[i];
-
-                    int[] x = X25519Field.create();
-                    int[] y = X25519Field.create();
-
-                    X25519Field.add(q.z, q.z, x);
-                    // TODO[ed25519] Batch inversion
-                    X25519Field.inv(x, y);
-                    X25519Field.mul(q.x, y, x);
-                    X25519Field.mul(q.y, y, y);
-
-                    PointPrecomp r = new PointPrecomp();
-                    X25519Field.apm(y, x, r.ypx_h, r.ymx_h);
-                    X25519Field.mul(x, y, r.xyd);
-                    X25519Field.mul(r.xyd, C_d4, r.xyd);
-
-                    X25519Field.normalize(r.ypx_h);
-                    X25519Field.normalize(r.ymx_h);
-//                    X25519Field.normalize(r.xyd);
-
-                    X25519Field.copy(r.ypx_h, 0, precompBase, off);    off += X25519Field.SIZE;
-                    X25519Field.copy(r.ymx_h, 0, precompBase, off);    off += X25519Field.SIZE;
-                    X25519Field.copy(r.xyd,   0, precompBase, off);    off += X25519Field.SIZE;
-                }
-            }
-
-//            assert off == precompBase.length;
-        }
-    }
-
-    private static void pruneScalar(byte[] n, int nOff, byte[] r)
-    {
-        System.arraycopy(n, nOff, r, 0, SCALAR_BYTES);
-
-        r[0] &= 0xF8;
-        r[SCALAR_BYTES - 1] &= 0x7F;
-        r[SCALAR_BYTES - 1] |= 0x40;
-    }
-
-    private static byte[] reduceScalar(byte[] n)
-    {
-        long x00 =  decode32(n,  0)       & M32L;   // x00:32/--
-        long x01 = (decode24(n,  4) << 4) & M32L;   // x01:28/--
-        long x02 =  decode32(n,  7)       & M32L;   // x02:32/--
-        long x03 = (decode24(n, 11) << 4) & M32L;   // x03:28/--
-        long x04 =  decode32(n, 14)       & M32L;   // x04:32/--
-        long x05 = (decode24(n, 18) << 4) & M32L;   // x05:28/--
-        long x06 =  decode32(n, 21)       & M32L;   // x06:32/--
-        long x07 = (decode24(n, 25) << 4) & M32L;   // x07:28/--
-        long x08 =  decode32(n, 28)       & M32L;   // x08:32/--
-        long x09 = (decode24(n, 32) << 4) & M32L;   // x09:28/--
-        long x10 =  decode32(n, 35)       & M32L;   // x10:32/--
-        long x11 = (decode24(n, 39) << 4) & M32L;   // x11:28/--
-        long x12 =  decode32(n, 42)       & M32L;   // x12:32/--
-        long x13 = (decode24(n, 46) << 4) & M32L;   // x13:28/--
-        long x14 =  decode32(n, 49)       & M32L;   // x14:32/--
-        long x15 = (decode24(n, 53) << 4) & M32L;   // x15:28/--
-        long x16 =  decode32(n, 56)       & M32L;   // x16:32/--
-        long x17 = (decode24(n, 60) << 4) & M32L;   // x17:28/--
-        long x18 =  n[63]                 & 0xFFL;  // x18:08/--
-        long t;
-
-//        x18 += (x17 >> 28); x17 &= M28L;
-        x09 -= x18 * L0;                            // x09:34/28
-        x10 -= x18 * L1;                            // x10:33/30
-        x11 -= x18 * L2;                            // x11:35/28
-        x12 -= x18 * L3;                            // x12:32/31
-        x13 -= x18 * L4;                            // x13:28/21
-
-        x17 += (x16 >> 28); x16 &= M28L;            // x17:28/--, x16:28/--
-        x08 -= x17 * L0;                            // x08:54/32
-        x09 -= x17 * L1;                            // x09:52/51
-        x10 -= x17 * L2;                            // x10:55/34
-        x11 -= x17 * L3;                            // x11:51/36
-        x12 -= x17 * L4;                            // x12:41/--
-
-//        x16 += (x15 >> 28); x15 &= M28L;
-        x07 -= x16 * L0;                            // x07:54/28
-        x08 -= x16 * L1;                            // x08:54/53
-        x09 -= x16 * L2;                            // x09:55/53
-        x10 -= x16 * L3;                            // x10:55/52
-        x11 -= x16 * L4;                            // x11:51/41
-
-        x15 += (x14 >> 28); x14 &= M28L;            // x15:28/--, x14:28/--
-        x06 -= x15 * L0;                            // x06:54/32
-        x07 -= x15 * L1;                            // x07:54/53
-        x08 -= x15 * L2;                            // x08:56/--
-        x09 -= x15 * L3;                            // x09:55/54
-        x10 -= x15 * L4;                            // x10:55/53
-
-//        x14 += (x13 >> 28); x13 &= M28L;
-        x05 -= x14 * L0;                            // x05:54/28
-        x06 -= x14 * L1;                            // x06:54/53
-        x07 -= x14 * L2;                            // x07:56/--
-        x08 -= x14 * L3;                            // x08:56/51
-        x09 -= x14 * L4;                            // x09:56/--
-
-        x13 += (x12 >> 28); x12 &= M28L;            // x13:28/22, x12:28/--
-        x04 -= x13 * L0;                            // x04:54/49
-        x05 -= x13 * L1;                            // x05:54/53
-        x06 -= x13 * L2;                            // x06:56/--
-        x07 -= x13 * L3;                            // x07:56/52
-        x08 -= x13 * L4;                            // x08:56/52
-
-        x12 += (x11 >> 28); x11 &= M28L;            // x12:28/24, x11:28/--
-        x03 -= x12 * L0;                            // x03:54/49
-        x04 -= x12 * L1;                            // x04:54/51
-        x05 -= x12 * L2;                            // x05:56/--
-        x06 -= x12 * L3;                            // x06:56/52
-        x07 -= x12 * L4;                            // x07:56/53
-
-        x11 += (x10 >> 28); x10 &= M28L;            // x11:29/--, x10:28/--
-        x02 -= x11 * L0;                            // x02:55/32
-        x03 -= x11 * L1;                            // x03:55/--
-        x04 -= x11 * L2;                            // x04:56/55
-        x05 -= x11 * L3;                            // x05:56/52
-        x06 -= x11 * L4;                            // x06:56/53
-
-        x10 += (x09 >> 28); x09 &= M28L;            // x10:29/--, x09:28/--
-        x01 -= x10 * L0;                            // x01:55/28
-        x02 -= x10 * L1;                            // x02:55/54
-        x03 -= x10 * L2;                            // x03:56/55
-        x04 -= x10 * L3;                            // x04:57/--
-        x05 -= x10 * L4;                            // x05:56/53
-
-        x08 += (x07 >> 28); x07 &= M28L;            // x08:56/53, x07:28/--
-        x09 += (x08 >> 28); x08 &= M28L;            // x09:29/25, x08:28/--
-
-        t    = x08 >>> 27;
-        x09 += t;                                   // x09:29/26
-
-        x00 -= x09 * L0;                            // x00:55/53
-        x01 -= x09 * L1;                            // x01:55/54
-        x02 -= x09 * L2;                            // x02:57/--
-        x03 -= x09 * L3;                            // x03:57/--
-        x04 -= x09 * L4;                            // x04:57/42
-
-        x01 += (x00 >> 28); x00 &= M28L;
-        x02 += (x01 >> 28); x01 &= M28L;
-        x03 += (x02 >> 28); x02 &= M28L;
-        x04 += (x03 >> 28); x03 &= M28L;
-        x05 += (x04 >> 28); x04 &= M28L;
-        x06 += (x05 >> 28); x05 &= M28L;
-        x07 += (x06 >> 28); x06 &= M28L;
-        x08 += (x07 >> 28); x07 &= M28L;
-        x09  = (x08 >> 28); x08 &= M28L;
-
-        x09 -= t;
-
-//        assert x09 == 0L || x09 == -1L;
-
-        x00 += x09 & L0;
-        x01 += x09 & L1;
-        x02 += x09 & L2;
-        x03 += x09 & L3;
-        x04 += x09 & L4;
-
-        x01 += (x00 >> 28); x00 &= M28L;
-        x02 += (x01 >> 28); x01 &= M28L;
-        x03 += (x02 >> 28); x02 &= M28L;
-        x04 += (x03 >> 28); x03 &= M28L;
-        x05 += (x04 >> 28); x04 &= M28L;
-        x06 += (x05 >> 28); x05 &= M28L;
-        x07 += (x06 >> 28); x06 &= M28L;
-        x08 += (x07 >> 28); x07 &= M28L;
-
-        byte[] r = new byte[SCALAR_BYTES];
-        encode56(x00 | (x01 << 28), r,  0);
-        encode56(x02 | (x03 << 28), r,  7);
-        encode56(x04 | (x05 << 28), r, 14);
-        encode56(x06 | (x07 << 28), r, 21);
-        encode32((int)x08,          r, 28);
-        return r;
-    }
-
-    private static void scalarMultBase(byte[] k, PointAccum r)
-    {
-        precompute();
-
-        pointSetNeutral(r);
-
-        int[] n = new int[SCALAR_INTS];
-        decodeScalar(k, 0, n);
-
-        // Recode the scalar into signed-digit form, then group comb bits in each block
-        {
-//            int c1 = Nat.cadd(SCALAR_INTS, ~n[0] & 1, n, L, n);     assert c1 == 0;
-            Nat.cadd(SCALAR_INTS, ~n[0] & 1, n, L, n);
-//            int c2 = Nat.shiftDownBit(SCALAR_INTS, n, 1);           assert c2 == (1 << 31);
-            Nat.shiftDownBit(SCALAR_INTS, n, 1);
-
-            for (int i = 0; i < SCALAR_INTS; ++i)
-            {
-                n[i] = Interleave.shuffle2(n[i]);
-            }
-        }
-
-        PointPrecomp p = new PointPrecomp();
-
-        int cOff = (PRECOMP_SPACING - 1) * PRECOMP_TEETH;
-        for (;;)
-        {
-            for (int b = 0; b < PRECOMP_BLOCKS; ++b)
-            {
-                int w = n[b] >>> cOff;
-                int sign = (w >>> (PRECOMP_TEETH - 1)) & 1;
-                int abs = (w ^ -sign) & PRECOMP_MASK;
-
-//                assert sign == 0 || sign == 1;
-//                assert 0 <= abs && abs < PRECOMP_POINTS;
-
-                pointLookup(b, abs, p);
-
-                X25519Field.cswap(sign, p.ypx_h, p.ymx_h);
-                X25519Field.cnegate(sign, p.xyd);
-
-                pointAddPrecomp(p, r);
-            }
-
-            if ((cOff -= PRECOMP_TEETH) < 0)
-            {
-                break;
-            }
-
-            pointDouble(r);
-        }
-    }
-
-    private static void scalarMultBaseEncoded(byte[] k, byte[] r, int rOff)
-    {
-        PointAccum p = new PointAccum();
-        scalarMultBase(k, p);
-        encodePoint(p, r, rOff);
-    }
-
-    /**
-     * NOTE: Only for use by X25519
-     */
-    public static void scalarMultBaseYZ(X25519.Friend friend, byte[] k, int kOff, int[] y, int[] z)
-    {
-        if (null == friend)
-        {
-            throw new NullPointerException("This method is only for use by X25519");
-        }
-
-        byte[] n = new byte[SCALAR_BYTES];
-        pruneScalar(k, kOff, n);
-
-        PointAccum p = new PointAccum();
-        scalarMultBase(n, p);
-        X25519Field.copy(p.y, 0, y, 0);
-        X25519Field.copy(p.z, 0, z, 0);
-    }
-
-    private static void scalarMultStraussVar(int[] nb, int[] np, PointExt p, PointAccum r)
-    {
-        precompute();
-
-        final int width = 5;
-
-        byte[] ws_b = getWNAF(nb, WNAF_WIDTH_BASE);
-        byte[] ws_p = getWNAF(np, width);
-
-        PointExt[] tp = pointPrecompVar(p, 1 << (width - 2));
-
-        pointSetNeutral(r);
-
-        int bit = 255;
-        while (bit > 0 && (ws_b[bit] | ws_p[bit]) == 0)
-        {
-            --bit;
-        }
-
-        for (;;)
-        {
-            int wb = ws_b[bit];
-            if (wb != 0)
-            {
-                int sign = wb >> 31;
-                int index = (wb ^ sign) >>> 1;
-
-                pointAddVar((sign != 0), precompBaseTable[index], r);
-            }
-
-            int wp = ws_p[bit];
-            if (wp != 0)
-            {
-                int sign = wp >> 31;
-                int index = (wp ^ sign) >>> 1;
-
-                pointAddVar((sign != 0), tp[index], r);
-            }
-
-            if (--bit < 0)
-            {
-                break;
-            }
-
-            pointDouble(r);
-        }
-    }
-
-    public static void sign(byte[] sk, int skOff, byte[] m, int mOff, int mLen, byte[] sig, int sigOff)
-    {
-        byte[] ctx = null;
-        byte phflag = 0x00;
-
-        implSign(sk, skOff, ctx, phflag, m, mOff, mLen, sig, sigOff);
-    }
-
-    public static void sign(byte[] sk, int skOff, byte[] pk, int pkOff, byte[] m, int mOff, int mLen, byte[] sig, int sigOff)
-    {
-        byte[] ctx = null;
-        byte phflag = 0x00;
-
-        implSign(sk, skOff, pk, pkOff, ctx, phflag, m, mOff, mLen, sig, sigOff);
-    }
-
-    public static void sign(byte[] sk, int skOff, byte[] ctx, byte[] m, int mOff, int mLen, byte[] sig, int sigOff)
-    {
-        byte phflag = 0x00;
-
-        implSign(sk, skOff, ctx, phflag, m, mOff, mLen, sig, sigOff);
-    }
-
-    public static void sign(byte[] sk, int skOff, byte[] pk, int pkOff, byte[] ctx, byte[] m, int mOff, int mLen, byte[] sig, int sigOff)
-    {
-        byte phflag = 0x00;
-
-        implSign(sk, skOff, pk, pkOff, ctx, phflag, m, mOff, mLen, sig, sigOff);
-    }
-
-    public static void signPrehash(byte[] sk, int skOff, byte[] ctx, byte[] ph, int phOff, byte[] sig, int sigOff)
-    {
-        byte phflag = 0x01;
-
-        implSign(sk, skOff, ctx, phflag, ph, phOff, PREHASH_SIZE, sig, sigOff);
-    }
-
-    public static void signPrehash(byte[] sk, int skOff, byte[] pk, int pkOff, byte[] ctx, byte[] ph, int phOff, byte[] sig, int sigOff)
-    {
-        byte phflag = 0x01;
-
-        implSign(sk, skOff, pk, pkOff, ctx, phflag, ph, phOff, PREHASH_SIZE, sig, sigOff);
-    }
-
-    public static void signPrehash(byte[] sk, int skOff, byte[] ctx, Digest ph, byte[] sig, int sigOff)
-    {
-        byte[] m = new byte[PREHASH_SIZE];
-        if (PREHASH_SIZE != ph.doFinal(m, 0))
-        {
-            throw new IllegalArgumentException("ph");
-        }
-
-        byte phflag = 0x01;
-
-        implSign(sk, skOff, ctx, phflag, m, 0, m.length, sig, sigOff);
-    }
-
-    public static void signPrehash(byte[] sk, int skOff, byte[] pk, int pkOff, byte[] ctx, Digest ph, byte[] sig, int sigOff)
-    {
-        byte[] m = new byte[PREHASH_SIZE];
-        if (PREHASH_SIZE != ph.doFinal(m, 0))
-        {
-            throw new IllegalArgumentException("ph");
-        }
-
-        byte phflag = 0x01;
-
-        implSign(sk, skOff, pk, pkOff, ctx, phflag, m, 0, m.length, sig, sigOff);
-    }
-
-    public static boolean verify(byte[] sig, int sigOff, byte[] pk, int pkOff, byte[] m, int mOff, int mLen)
-    {
-        byte[] ctx = null;
-        byte phflag = 0x00;
-
-        return implVerify(sig, sigOff, pk, pkOff, ctx, phflag, m, mOff, mLen);
-    }
-
-    public static boolean verify(byte[] sig, int sigOff, byte[] pk, int pkOff, byte[] ctx, byte[] m, int mOff, int mLen)
-    {
-        byte phflag = 0x00;
-
-        return implVerify(sig, sigOff, pk, pkOff, ctx, phflag, m, mOff, mLen);
-    }
-
-    public static boolean verifyPrehash(byte[] sig, int sigOff, byte[] pk, int pkOff, byte[] ctx, byte[] ph, int phOff)
-    {
-        byte phflag = 0x01;
-
-        return implVerify(sig, sigOff, pk, pkOff, ctx, phflag, ph, phOff, PREHASH_SIZE);
-    }
-
-    public static boolean verifyPrehash(byte[] sig, int sigOff, byte[] pk, int pkOff, byte[] ctx, Digest ph)
-    {
-        byte[] m = new byte[PREHASH_SIZE];
-        if (PREHASH_SIZE != ph.doFinal(m, 0))
-        {
-            throw new IllegalArgumentException("ph");
-        }
-
-        byte phflag = 0x01;
-
-        return implVerify(sig, sigOff, pk, pkOff, ctx, phflag, m, 0, m.length);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/rfc8032/Ed448.java b/bcprov/src/main/java/org/bouncycastle/math/ec/rfc8032/Ed448.java
deleted file mode 100644
index a42cc59..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/rfc8032/Ed448.java
+++ /dev/null

@@ -1,1195 +0,0 @@
-package org.bouncycastle.math.ec.rfc8032;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.Xof;
-import org.bouncycastle.crypto.digests.SHAKEDigest;
-import org.bouncycastle.math.ec.rfc7748.X448;
-import org.bouncycastle.math.ec.rfc7748.X448Field;
-import org.bouncycastle.math.raw.Nat;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-
-public abstract class Ed448
-{
-    public static final class Algorithm
-    {
-        public static final int Ed448 = 0;
-        public static final int Ed448ph = 1;
-    }
-
-    private static final long M26L = 0x03FFFFFFL;
-    private static final long M28L = 0x0FFFFFFFL;
-    private static final long M32L = 0xFFFFFFFFL;
-
-    private static final int POINT_BYTES = 57;
-    private static final int SCALAR_INTS = 14;
-    private static final int SCALAR_BYTES = SCALAR_INTS * 4 + 1;
-
-    public static final int PREHASH_SIZE = 64;
-    public static final int PUBLIC_KEY_SIZE = POINT_BYTES;
-    public static final int SECRET_KEY_SIZE = 57;
-    public static final int SIGNATURE_SIZE = POINT_BYTES + SCALAR_BYTES;
-
-    private static final byte[] DOM4_PREFIX = Strings.toByteArray("SigEd448");
-
-    private static final int[] P = new int[] { 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
-        0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF };
-    private static final int[] L = new int[] { 0xAB5844F3, 0x2378C292, 0x8DC58F55, 0x216CC272, 0xAED63690, 0xC44EDB49, 0x7CCA23E9,
-        0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x3FFFFFFF };
-
-    private static final int L_0 = 0x04A7BB0D;      // L_0:26/24
-    private static final int L_1 = 0x0873D6D5;      // L_1:27/23
-    private static final int L_2 = 0x0A70AADC;      // L_2:27/26
-    private static final int L_3 = 0x03D8D723;      // L_3:26/--
-    private static final int L_4 = 0x096FDE93;      // L_4:27/25
-    private static final int L_5 = 0x0B65129C;      // L_5:27/26
-    private static final int L_6 = 0x063BB124;      // L_6:27/--
-    private static final int L_7 = 0x08335DC1;      // L_7:27/22
-
-    private static final int L4_0 = 0x029EEC34;     // L4_0:25/24
-    private static final int L4_1 = 0x01CF5B55;     // L4_1:25/--
-    private static final int L4_2 = 0x09C2AB72;     // L4_2:27/25
-    private static final int L4_3 = 0x0F635C8E;     // L4_3:28/--
-    private static final int L4_4 = 0x05BF7A4C;     // L4_4:26/25
-    private static final int L4_5 = 0x0D944A72;     // L4_5:28/--
-    private static final int L4_6 = 0x08EEC492;     // L4_6:27/24
-    private static final int L4_7 = 0x20CD7705;     // L4_7:29/24
-
-    private static final int[] B_x = new int[] { 0x070CC05E, 0x026A82BC, 0x00938E26, 0x080E18B0, 0x0511433B, 0x0F72AB66, 0x0412AE1A,
-        0x0A3D3A46, 0x0A6DE324, 0x00F1767E, 0x04657047, 0x036DA9E1, 0x05A622BF, 0x0ED221D1, 0x066BED0D, 0x04F1970C };
-    private static final int[] B_y = new int[] { 0x0230FA14, 0x008795BF, 0x07C8AD98, 0x0132C4ED, 0x09C4FDBD, 0x01CE67C3, 0x073AD3FF,
-        0x005A0C2D, 0x07789C1E, 0x0A398408, 0x0A73736C, 0x0C7624BE, 0x003756C9, 0x02488762, 0x016EB6BC, 0x0693F467 };
-    private static final int C_d = -39081;
-
-    private static final int WNAF_WIDTH_BASE = 7;
-
-    private static final int PRECOMP_BLOCKS = 5;
-    private static final int PRECOMP_TEETH = 5;
-    private static final int PRECOMP_SPACING = 18;
-    private static final int PRECOMP_POINTS = 1 << (PRECOMP_TEETH - 1);
-    private static final int PRECOMP_MASK = PRECOMP_POINTS - 1;
-
-    private static Object precompLock = new Object();
-    // TODO[ed448] Convert to PointPrecomp
-    private static PointExt[] precompBaseTable = null;
-    private static int[] precompBase = null;
-
-    private static class PointExt
-    {
-        int[] x = X448Field.create();
-        int[] y = X448Field.create();
-        int[] z = X448Field.create();
-    }
-
-    private static class PointPrecomp
-    {
-        int[] x = X448Field.create();
-        int[] y = X448Field.create();
-    }
-
-    private static byte[] calculateS(byte[] r, byte[] k, byte[] s)
-    {
-        int[] t = new int[SCALAR_INTS * 2];     decodeScalar(r, 0, t);
-        int[] u = new int[SCALAR_INTS];         decodeScalar(k, 0, u);
-        int[] v = new int[SCALAR_INTS];         decodeScalar(s, 0, v);
-
-        Nat.mulAddTo(14, u, v, t);
-
-        byte[] result = new byte[SCALAR_BYTES * 2];
-        for (int i = 0; i < t.length; ++i)
-        {
-            encode32(t[i], result, i * 4);
-        }
-        return reduceScalar(result);
-    }
-
-    private static boolean checkContextVar(byte[] ctx)
-    {
-        return ctx != null && ctx.length < 256;
-    }
-
-    private static boolean checkPointVar(byte[] p)
-    {
-        if ((p[POINT_BYTES - 1] & 0x7F) != 0x00)
-        {
-            return false;
-        }
-
-        int[] t = new int[14];
-        decode32(p, 0, t, 0, 14);
-        return !Nat.gte(14, t, P);
-    }
-
-    private static boolean checkScalarVar(byte[] s)
-    {
-        if (s[SCALAR_BYTES - 1] != 0x00)
-        {
-            return false;
-        }
-
-        int[] n = new int[SCALAR_INTS];
-        decodeScalar(s, 0, n);
-        return !Nat.gte(SCALAR_INTS, n, L);
-    }
-
-    public static Xof createPrehash()
-    {
-        return createXof();
-    }
-
-    private static Xof createXof()
-    {
-        return new SHAKEDigest(256);
-    }
-
-    private static int decode16(byte[] bs, int off)
-    {
-        int n = bs[off] & 0xFF;
-        n |= (bs[++off] & 0xFF) << 8;
-        return n;
-    }
-
-    private static int decode24(byte[] bs, int off)
-    {
-        int n = bs[  off] & 0xFF;
-        n |= (bs[++off] & 0xFF) << 8;
-        n |= (bs[++off] & 0xFF) << 16;
-        return n;
-    }
-
-    private static int decode32(byte[] bs, int off)
-    {
-        int n = bs[off] & 0xFF;
-        n |= (bs[++off] & 0xFF) << 8;
-        n |= (bs[++off] & 0xFF) << 16;
-        n |=  bs[++off]         << 24;
-        return n;
-    }
-
-    private static void decode32(byte[] bs, int bsOff, int[] n, int nOff, int nLen)
-    {
-        for (int i = 0; i < nLen; ++i)
-        {
-            n[nOff + i] = decode32(bs, bsOff + i * 4);
-        }
-    }
-
-    private static boolean decodePointVar(byte[] p, int pOff, boolean negate, PointExt r)
-    {
-        byte[] py = Arrays.copyOfRange(p, pOff, pOff + POINT_BYTES);
-        if (!checkPointVar(py))
-        {
-            return false;
-        }
-
-        int x_0 = (py[POINT_BYTES - 1] & 0x80) >>> 7;
-        py[POINT_BYTES - 1] &= 0x7F;
-
-        X448Field.decode(py, 0, r.y);
-
-        int[] u = X448Field.create();
-        int[] v = X448Field.create();
-
-        X448Field.sqr(r.y, u);
-        X448Field.mul(u, -C_d, v);
-        X448Field.negate(u, u);
-        X448Field.addOne(u);
-        X448Field.addOne(v);
-
-        if (!X448Field.sqrtRatioVar(u, v, r.x))
-        {
-            return false;
-        }
-
-        X448Field.normalize(r.x);
-        if (x_0 == 1 && X448Field.isZeroVar(r.x))
-        {
-            return false;
-        }
-
-        if (negate ^ (x_0 != (r.x[0] & 1)))
-        {
-            X448Field.negate(r.x, r.x);
-        }
-
-        pointExtendXY(r);
-        return true;
-    }
-
-    private static void decodeScalar(byte[] k, int kOff, int[] n)
-    {
-//        assert k[kOff + SCALAR_BYTES - 1] == 0x00;
-
-        decode32(k, kOff, n, 0, SCALAR_INTS);
-    }
-
-    private static void dom4(Xof d, byte x, byte[] y)
-    {
-        d.update(DOM4_PREFIX, 0, DOM4_PREFIX.length);
-        d.update(x);
-        d.update((byte)y.length);
-        d.update(y, 0, y.length);
-    }
-
-    private static void encode24(int n, byte[] bs, int off)
-    {
-        bs[  off] = (byte)(n       );
-        bs[++off] = (byte)(n >>>  8);
-        bs[++off] = (byte)(n >>> 16);
-    }
-
-    private static void encode32(int n, byte[] bs, int off)
-    {
-        bs[  off] = (byte)(n       );
-        bs[++off] = (byte)(n >>>  8);
-        bs[++off] = (byte)(n >>> 16);
-        bs[++off] = (byte)(n >>> 24);
-    }
-
-    private static void encode56(long n, byte[] bs, int off)
-    {
-        encode32((int)n, bs, off);
-        encode24((int)(n >>> 32), bs, off + 4);
-    }
-
-    private static void encodePoint(PointExt p, byte[] r, int rOff)
-    {
-        int[] x = X448Field.create();
-        int[] y = X448Field.create();
-
-        X448Field.inv(p.z, y);
-        X448Field.mul(p.x, y, x);
-        X448Field.mul(p.y, y, y);
-        X448Field.normalize(x);
-        X448Field.normalize(y);
-
-        X448Field.encode(y, r, rOff);
-        r[rOff + POINT_BYTES - 1] = (byte)((x[0] & 1) << 7);
-    }
-
-    public static void generatePrivateKey(SecureRandom random, byte[] k)
-    {
-        random.nextBytes(k);
-    }
-
-    public static void generatePublicKey(byte[] sk, int skOff, byte[] pk, int pkOff)
-    {
-        Xof d = createXof();
-        byte[] h = new byte[SCALAR_BYTES * 2];
-
-        d.update(sk, skOff, SECRET_KEY_SIZE);
-        d.doFinal(h, 0, h.length);
-
-        byte[] s = new byte[SCALAR_BYTES];
-        pruneScalar(h, 0, s);
-
-        scalarMultBaseEncoded(s, pk, pkOff);
-    }
-
-    private static byte[] getWNAF(int[] n, int width)
-    {
-//        assert n[SCALAR_INTS - 1] >>> 31 == 0;
-
-        int[] t = new int[SCALAR_INTS * 2];
-        {
-            int tPos = t.length, c = 0;
-            int i = SCALAR_INTS;
-            while (--i >= 0)
-            {
-                int next = n[i];
-                t[--tPos] = (next >>> 16) | (c << 16);
-                t[--tPos] = c = next;
-            }
-        }
-
-        byte[] ws = new byte[448];
-
-        final int pow2 = 1 << width;
-        final int mask = pow2 - 1;
-        final int sign = pow2 >>> 1;
-
-        int j = 0, carry = 0;
-        for (int i = 0; i < t.length; ++i, j -= 16)
-        {
-            int word = t[i];
-            while (j < 16)
-            {
-                int word16 = word >>> j;
-                int bit = word16 & 1;
-
-                if (bit == carry)
-                {
-                    ++j;
-                    continue;
-                }
-
-                int digit = (word16 & mask) + carry;
-                carry = digit & sign;
-                digit -= (carry << 1);
-                carry >>>= (width - 1);
-
-                ws[(i << 4) + j] = (byte)digit;
-
-                j += width;
-            }
-        }
-
-//        assert carry == 0;
-
-        return ws;
-    }
-
-    private static void implSign(Xof d, byte[] h, byte[] s, byte[] pk, int pkOff, byte[] ctx, byte phflag,
-        byte[] m, int mOff, int mLen, byte[] sig, int sigOff)
-    {
-        dom4(d, phflag, ctx);
-        d.update(h, SCALAR_BYTES, SCALAR_BYTES);
-        d.update(m, mOff, mLen);
-        d.doFinal(h, 0, h.length);
-
-        byte[] r = reduceScalar(h);
-        byte[] R = new byte[POINT_BYTES];
-        scalarMultBaseEncoded(r, R, 0);
-
-        dom4(d, phflag, ctx);
-        d.update(R, 0, POINT_BYTES);
-        d.update(pk, pkOff, POINT_BYTES);
-        d.update(m, mOff, mLen);
-        d.doFinal(h, 0, h.length);
-
-        byte[] k = reduceScalar(h);
-        byte[] S = calculateS(r, k, s);
-
-        System.arraycopy(R, 0, sig, sigOff, POINT_BYTES);
-        System.arraycopy(S, 0, sig, sigOff + POINT_BYTES, SCALAR_BYTES);
-    }
-
-    private static void implSign(byte[] sk, int skOff, byte[] ctx, byte phflag, byte[] m, int mOff, int mLen,
-        byte[] sig, int sigOff)
-    {
-        if (!checkContextVar(ctx))
-        {
-            throw new IllegalArgumentException("ctx");
-        }
-
-        Xof d = createXof();
-        byte[] h = new byte[SCALAR_BYTES * 2];
-
-        d.update(sk, skOff, SECRET_KEY_SIZE);
-        d.doFinal(h, 0, h.length);
-
-        byte[] s = new byte[SCALAR_BYTES];
-        pruneScalar(h, 0, s);
-
-        byte[] pk = new byte[POINT_BYTES];
-        scalarMultBaseEncoded(s, pk, 0);
-
-        implSign(d, h, s, pk, 0, ctx, phflag, m, mOff, mLen, sig, sigOff);
-    }
-
-    private static void implSign(byte[] sk, int skOff, byte[] pk, int pkOff, byte[] ctx, byte phflag,
-        byte[] m, int mOff, int mLen, byte[] sig, int sigOff)
-    {
-        if (!checkContextVar(ctx))
-        {
-            throw new IllegalArgumentException("ctx");
-        }
-
-        Xof d = createXof();
-        byte[] h = new byte[SCALAR_BYTES * 2];
-
-        d.update(sk, skOff, SECRET_KEY_SIZE);
-        d.doFinal(h, 0, h.length);
-
-        byte[] s = new byte[SCALAR_BYTES];
-        pruneScalar(h, 0, s);
-
-        implSign(d, h, s, pk, pkOff, ctx, phflag, m, mOff, mLen, sig, sigOff);
-    }
-
-    private static boolean implVerify(byte[] sig, int sigOff, byte[] pk, int pkOff, byte[] ctx, byte phflag,
-        byte[] m, int mOff, int mLen)
-    {
-        if (!checkContextVar(ctx))
-        {
-            throw new IllegalArgumentException("ctx");
-        }
-
-        byte[] R = Arrays.copyOfRange(sig, sigOff, sigOff + POINT_BYTES);
-        byte[] S = Arrays.copyOfRange(sig, sigOff + POINT_BYTES, sigOff + SIGNATURE_SIZE);
-
-        if (!checkPointVar(R))
-        {
-            return false;
-        }
-        if (!checkScalarVar(S))
-        {
-            return false;
-        }
-
-        PointExt pA = new PointExt();
-        if (!decodePointVar(pk, pkOff, true, pA))
-        {
-            return false;
-        }
-
-        Xof d = createXof();
-        byte[] h = new byte[SCALAR_BYTES * 2];
-
-        dom4(d, phflag, ctx);
-        d.update(R, 0, POINT_BYTES);
-        d.update(pk, pkOff, POINT_BYTES);
-        d.update(m, mOff, mLen);
-        d.doFinal(h, 0, h.length);
-
-        byte[] k = reduceScalar(h);
-
-        int[] nS = new int[SCALAR_INTS];
-        decodeScalar(S, 0, nS);
-
-        int[] nA = new int[SCALAR_INTS];
-        decodeScalar(k, 0, nA);
-
-        PointExt pR = new PointExt();
-        scalarMultStraussVar(nS, nA, pA, pR);
-
-        byte[] check = new byte[POINT_BYTES];
-        encodePoint(pR, check, 0);
-
-        return Arrays.areEqual(check, R);
-    }
-
-    private static void pointAddVar(boolean negate, PointExt p, PointExt r)
-    {
-        int[] A = X448Field.create();
-        int[] B = X448Field.create();
-        int[] C = X448Field.create();
-        int[] D = X448Field.create();
-        int[] E = X448Field.create();
-        int[] F = X448Field.create();
-        int[] G = X448Field.create();
-        int[] H = X448Field.create();
-
-        int[] b, e, f, g;
-        if (negate)
-        {
-            b = E; e = B; f = G; g = F;
-            X448Field.sub(p.y, p.x, H);
-        }
-        else
-        {
-            b = B; e = E; f = F; g = G;
-            X448Field.add(p.y, p.x, H);
-        }
-
-        X448Field.mul(p.z, r.z, A);
-        X448Field.sqr(A, B);
-        X448Field.mul(p.x, r.x, C);
-        X448Field.mul(p.y, r.y, D);
-        X448Field.mul(C, D, E);
-        X448Field.mul(E, -C_d, E);
-//        X448Field.apm(B, E, F, G);
-        X448Field.add(B, E, f);
-        X448Field.sub(B, E, g);
-        X448Field.add(r.x, r.y, E);
-        X448Field.mul(H, E, H);
-//        X448Field.apm(D, C, B, E);
-        X448Field.add(D, C, b);
-        X448Field.sub(D, C, e);
-        X448Field.carry(b);
-        X448Field.sub(H, B, H);
-        X448Field.mul(H, A, H);
-        X448Field.mul(E, A, E);
-        X448Field.mul(F, H, r.x);
-        X448Field.mul(E, G, r.y);
-        X448Field.mul(F, G, r.z);
-    }
-
-    private static void pointAddPrecomp(PointPrecomp p, PointExt r)
-    {
-        int[] B = X448Field.create();
-        int[] C = X448Field.create();
-        int[] D = X448Field.create();
-        int[] E = X448Field.create();
-        int[] F = X448Field.create();
-        int[] G = X448Field.create();
-        int[] H = X448Field.create();
-
-        X448Field.sqr(r.z, B);
-        X448Field.mul(p.x, r.x, C);
-        X448Field.mul(p.y, r.y, D);
-        X448Field.mul(C, D, E);
-        X448Field.mul(E, -C_d, E);
-//        X448Field.apm(B, E, F, G);
-        X448Field.add(B, E, F);
-        X448Field.sub(B, E, G);
-        X448Field.add(p.x, p.y, B);
-        X448Field.add(r.x, r.y, E);
-        X448Field.mul(B, E, H);
-//        X448Field.apm(D, C, B, E);
-        X448Field.add(D, C, B);
-        X448Field.sub(D, C, E);
-        X448Field.carry(B);
-        X448Field.sub(H, B, H);
-        X448Field.mul(H, r.z, H);
-        X448Field.mul(E, r.z, E);
-        X448Field.mul(F, H, r.x);
-        X448Field.mul(E, G, r.y);
-        X448Field.mul(F, G, r.z);
-    }
-
-    private static PointExt pointCopy(PointExt p)
-    {
-        PointExt r = new PointExt();
-        X448Field.copy(p.x, 0, r.x, 0);
-        X448Field.copy(p.y, 0, r.y, 0);
-        X448Field.copy(p.z, 0, r.z, 0);
-        return r;
-    }
-
-    private static void pointDouble(PointExt r)
-    {
-        int[] B = X448Field.create();
-        int[] C = X448Field.create();
-        int[] D = X448Field.create();
-        int[] E = X448Field.create();
-        int[] H = X448Field.create();
-        int[] J = X448Field.create();
-
-        X448Field.add(r.x, r.y, B);
-        X448Field.sqr(B, B);
-        X448Field.sqr(r.x, C);
-        X448Field.sqr(r.y, D);
-        X448Field.add(C, D, E);
-        X448Field.carry(E);
-        X448Field.sqr(r.z, H);
-        X448Field.add(H, H, H);
-        X448Field.carry(H);
-        X448Field.sub(E, H, J);
-        X448Field.sub(B, E, B);
-        X448Field.sub(C, D, C);
-        X448Field.mul(B, J, r.x);
-        X448Field.mul(E, C, r.y);
-        X448Field.mul(E, J, r.z);
-    }
-
-    private static void pointExtendXY(PointExt p)
-    {
-        X448Field.one(p.z);
-    }
-
-    private static void pointLookup(int block, int index, PointPrecomp p)
-    {
-//        assert 0 <= block && block < PRECOMP_BLOCKS;
-//        assert 0 <= index && index < PRECOMP_POINTS;
-
-        int off = block * PRECOMP_POINTS * 2 * X448Field.SIZE;
-
-        for (int i = 0; i < PRECOMP_POINTS; ++i)
-        {
-            int mask = ((i ^ index) - 1) >> 31;
-            Nat.cmov(X448Field.SIZE, mask, precompBase, off, p.x, 0);   off += X448Field.SIZE;
-            Nat.cmov(X448Field.SIZE, mask, precompBase, off, p.y, 0);   off += X448Field.SIZE;
-        }
-    }
-
-    private static PointExt[] pointPrecompVar(PointExt p, int count)
-    {
-//        assert count > 0;
-
-        PointExt d = pointCopy(p);
-        pointDouble(d);
-
-        PointExt[] table = new PointExt[count];
-        table[0] = pointCopy(p);
-        for (int i = 1; i < count; ++i)
-        {
-            table[i] = pointCopy(table[i - 1]);
-            pointAddVar(false, d, table[i]);
-        }
-        return table;
-    }
-
-    private static void pointSetNeutral(PointExt p)
-    {
-        X448Field.zero(p.x);
-        X448Field.one(p.y);
-        X448Field.one(p.z);
-    }
-
-    public static void precompute()
-    {
-        synchronized (precompLock)
-        {
-            if (precompBase != null)
-            {
-                return;
-            }
-
-            PointExt p = new PointExt();
-            X448Field.copy(B_x, 0, p.x, 0);
-            X448Field.copy(B_y, 0, p.y, 0);
-            pointExtendXY(p);
-
-            precompBaseTable = pointPrecompVar(p, 1 << (WNAF_WIDTH_BASE - 2));
-
-            precompBase = new int[PRECOMP_BLOCKS * PRECOMP_POINTS * 2 * X448Field.SIZE];
-
-            int off = 0;
-            for (int b = 0; b < PRECOMP_BLOCKS; ++b)
-            {
-                PointExt[] ds = new PointExt[PRECOMP_TEETH];
-
-                PointExt sum = new PointExt();
-                pointSetNeutral(sum);
-
-                for (int t = 0; t < PRECOMP_TEETH; ++t)
-                {
-                    pointAddVar(true, p, sum);
-                    pointDouble(p);
-
-                    ds[t] = pointCopy(p);
-
-                    if (b + t != PRECOMP_BLOCKS + PRECOMP_TEETH - 2)
-                    {
-                        for (int s = 1; s < PRECOMP_SPACING; ++s)
-                        {
-                            pointDouble(p);
-                        }
-                    }
-                }
-
-                PointExt[] points = new PointExt[PRECOMP_POINTS];
-                int k = 0;
-                points[k++] = sum;
-
-                for (int t = 0; t < (PRECOMP_TEETH - 1); ++t)
-                {
-                    int size = 1 << t;
-                    for (int j = 0; j < size; ++j, ++k)
-                    {
-                        points[k] = pointCopy(points[k - size]);
-                        pointAddVar(false, ds[t], points[k]);
-                    }
-                }
-
-//                assert k == PRECOMP_POINTS;
-
-                for (int i = 0; i < PRECOMP_POINTS; ++i)
-                {
-                    PointExt q = points[i];
-                    // TODO[ed448] Batch inversion
-                    X448Field.inv(q.z, q.z);
-                    X448Field.mul(q.x, q.z, q.x);
-                    X448Field.mul(q.y, q.z, q.y);
-
-//                    X448Field.normalize(q.x);
-//                    X448Field.normalize(q.y);
-
-                    X448Field.copy(q.x, 0, precompBase, off);   off += X448Field.SIZE;
-                    X448Field.copy(q.y, 0, precompBase, off);   off += X448Field.SIZE;
-                }
-            }
-
-//            assert off == precompBase.length;
-        }
-    }
-
-    private static void pruneScalar(byte[] n, int nOff, byte[] r)
-    {
-        System.arraycopy(n, nOff, r, 0, SCALAR_BYTES - 1);
-
-        r[0] &= 0xFC;
-        r[SCALAR_BYTES - 2] |= 0x80;
-        r[SCALAR_BYTES - 1]  = 0x00;
-    }
-
-    private static byte[] reduceScalar(byte[] n)
-    {
-        long x00 =  decode32(n,   0)       & M32L;  // x00:32/--
-        long x01 = (decode24(n,   4) << 4) & M32L;  // x01:28/--
-        long x02 =  decode32(n,   7)       & M32L;  // x02:32/--
-        long x03 = (decode24(n,  11) << 4) & M32L;  // x03:28/--
-        long x04 =  decode32(n,  14)       & M32L;  // x04:32/--
-        long x05 = (decode24(n,  18) << 4) & M32L;  // x05:28/--
-        long x06 =  decode32(n,  21)       & M32L;  // x06:32/--
-        long x07 = (decode24(n,  25) << 4) & M32L;  // x07:28/--
-        long x08 =  decode32(n,  28)       & M32L;  // x08:32/--
-        long x09 = (decode24(n,  32) << 4) & M32L;  // x09:28/--
-        long x10 =  decode32(n,  35)       & M32L;  // x10:32/--
-        long x11 = (decode24(n,  39) << 4) & M32L;  // x11:28/--
-        long x12 =  decode32(n,  42)       & M32L;  // x12:32/--
-        long x13 = (decode24(n,  46) << 4) & M32L;  // x13:28/--
-        long x14 =  decode32(n,  49)       & M32L;  // x14:32/--
-        long x15 = (decode24(n,  53) << 4) & M32L;  // x15:28/--
-        long x16 =  decode32(n,  56)       & M32L;  // x16:32/--
-        long x17 = (decode24(n,  60) << 4) & M32L;  // x17:28/--
-        long x18 =  decode32(n,  63)       & M32L;  // x18:32/--
-        long x19 = (decode24(n,  67) << 4) & M32L;  // x19:28/--
-        long x20 =  decode32(n,  70)       & M32L;  // x20:32/--
-        long x21 = (decode24(n,  74) << 4) & M32L;  // x21:28/--
-        long x22 =  decode32(n,  77)       & M32L;  // x22:32/--
-        long x23 = (decode24(n,  81) << 4) & M32L;  // x23:28/--
-        long x24 =  decode32(n,  84)       & M32L;  // x24:32/--
-        long x25 = (decode24(n,  88) << 4) & M32L;  // x25:28/--
-        long x26 =  decode32(n,  91)       & M32L;  // x26:32/--
-        long x27 = (decode24(n,  95) << 4) & M32L;  // x27:28/--
-        long x28 =  decode32(n,  98)       & M32L;  // x28:32/--
-        long x29 = (decode24(n, 102) << 4) & M32L;  // x29:28/--
-        long x30 =  decode32(n, 105)       & M32L;  // x30:32/--
-        long x31 = (decode24(n, 109) << 4) & M32L;  // x31:28/--
-        long x32 =  decode16(n, 112)       & M32L;  // x32:16/--
-
-//        x32 += (x31 >>> 28); x31 &= M28L;
-        x16 += x32 * L4_0;                          // x16:42/--
-        x17 += x32 * L4_1;                          // x17:41/28
-        x18 += x32 * L4_2;                          // x18:43/42
-        x19 += x32 * L4_3;                          // x19:44/28
-        x20 += x32 * L4_4;                          // x20:43/--
-        x21 += x32 * L4_5;                          // x21:44/28
-        x22 += x32 * L4_6;                          // x22:43/41
-        x23 += x32 * L4_7;                          // x23:45/41
-
-        x31 += (x30 >>> 28); x30 &= M28L;           // x31:28/--, x30:28/--
-        x15 += x31 * L4_0;                          // x15:54/--
-        x16 += x31 * L4_1;                          // x16:53/42
-        x17 += x31 * L4_2;                          // x17:55/54
-        x18 += x31 * L4_3;                          // x18:56/44
-        x19 += x31 * L4_4;                          // x19:55/--
-        x20 += x31 * L4_5;                          // x20:56/43
-        x21 += x31 * L4_6;                          // x21:55/53
-        x22 += x31 * L4_7;                          // x22:57/53
-
-//        x30 += (x29 >>> 28); x29 &= M28L;
-        x14 += x30 * L4_0;                          // x14:54/--
-        x15 += x30 * L4_1;                          // x15:54/53
-        x16 += x30 * L4_2;                          // x16:56/--
-        x17 += x30 * L4_3;                          // x17:57/--
-        x18 += x30 * L4_4;                          // x18:56/55
-        x19 += x30 * L4_5;                          // x19:56/55
-        x20 += x30 * L4_6;                          // x20:57/--
-        x21 += x30 * L4_7;                          // x21:57/56
-
-        x29 += (x28 >>> 28); x28 &= M28L;           // x29:28/--, x28:28/--
-        x13 += x29 * L4_0;                          // x13:54/--
-        x14 += x29 * L4_1;                          // x14:54/53
-        x15 += x29 * L4_2;                          // x15:56/--
-        x16 += x29 * L4_3;                          // x16:57/--
-        x17 += x29 * L4_4;                          // x17:57/55
-        x18 += x29 * L4_5;                          // x18:57/55
-        x19 += x29 * L4_6;                          // x19:57/52
-        x20 += x29 * L4_7;                          // x20:58/52
-
-//        x28 += (x27 >>> 28); x27 &= M28L;
-        x12 += x28 * L4_0;                          // x12:54/--
-        x13 += x28 * L4_1;                          // x13:54/53
-        x14 += x28 * L4_2;                          // x14:56/--
-        x15 += x28 * L4_3;                          // x15:57/--
-        x16 += x28 * L4_4;                          // x16:57/55
-        x17 += x28 * L4_5;                          // x17:58/--
-        x18 += x28 * L4_6;                          // x18:58/--
-        x19 += x28 * L4_7;                          // x19:58/53
-
-        x27 += (x26 >>> 28); x26 &= M28L;           // x27:28/--, x26:28/--
-        x11 += x27 * L4_0;                          // x11:54/--
-        x12 += x27 * L4_1;                          // x12:54/53
-        x13 += x27 * L4_2;                          // x13:56/--
-        x14 += x27 * L4_3;                          // x14:57/--
-        x15 += x27 * L4_4;                          // x15:57/55
-        x16 += x27 * L4_5;                          // x16:58/--
-        x17 += x27 * L4_6;                          // x17:58/56
-        x18 += x27 * L4_7;                          // x18:59/--
-
-//        x26 += (x25 >>> 28); x25 &= M28L;
-        x10 += x26 * L4_0;                          // x10:54/--
-        x11 += x26 * L4_1;                          // x11:54/53
-        x12 += x26 * L4_2;                          // x12:56/--
-        x13 += x26 * L4_3;                          // x13:57/--
-        x14 += x26 * L4_4;                          // x14:57/55
-        x15 += x26 * L4_5;                          // x15:58/--
-        x16 += x26 * L4_6;                          // x16:58/56
-        x17 += x26 * L4_7;                          // x17:59/--
-
-        x25 += (x24 >>> 28); x24 &= M28L;           // x25:28/--, x24:28/--
-        x09 += x25 * L4_0;                          // x09:54/--
-        x10 += x25 * L4_1;                          // x10:54/53
-        x11 += x25 * L4_2;                          // x11:56/--
-        x12 += x25 * L4_3;                          // x12:57/--
-        x13 += x25 * L4_4;                          // x13:57/55
-        x14 += x25 * L4_5;                          // x14:58/--
-        x15 += x25 * L4_6;                          // x15:58/56
-        x16 += x25 * L4_7;                          // x16:59/--
-
-        x21 += (x20 >>> 28); x20 &= M28L;           // x21:58/--, x20:28/--
-        x22 += (x21 >>> 28); x21 &= M28L;           // x22:57/54, x21:28/--
-        x23 += (x22 >>> 28); x22 &= M28L;           // x23:45/42, x22:28/--
-        x24 += (x23 >>> 28); x23 &= M28L;           // x24:28/18, x23:28/--
-
-        x08 += x24 * L4_0;                          // x08:54/--
-        x09 += x24 * L4_1;                          // x09:55/--
-        x10 += x24 * L4_2;                          // x10:56/46
-        x11 += x24 * L4_3;                          // x11:57/46
-        x12 += x24 * L4_4;                          // x12:57/55
-        x13 += x24 * L4_5;                          // x13:58/--
-        x14 += x24 * L4_6;                          // x14:58/56
-        x15 += x24 * L4_7;                          // x15:59/--
-
-        x07 += x23 * L4_0;                          // x07:54/--
-        x08 += x23 * L4_1;                          // x08:54/53
-        x09 += x23 * L4_2;                          // x09:56/53
-        x10 += x23 * L4_3;                          // x10:57/46
-        x11 += x23 * L4_4;                          // x11:57/55
-        x12 += x23 * L4_5;                          // x12:58/--
-        x13 += x23 * L4_6;                          // x13:58/56
-        x14 += x23 * L4_7;                          // x14:59/--
-
-        x06 += x22 * L4_0;                          // x06:54/--
-        x07 += x22 * L4_1;                          // x07:54/53
-        x08 += x22 * L4_2;                          // x08:56/--
-        x09 += x22 * L4_3;                          // x09:57/53
-        x10 += x22 * L4_4;                          // x10:57/55
-        x11 += x22 * L4_5;                          // x11:58/--
-        x12 += x22 * L4_6;                          // x12:58/56
-        x13 += x22 * L4_7;                          // x13:59/--
-
-        x18 += (x17 >>> 28); x17 &= M28L;           // x18:59/31, x17:28/--
-        x19 += (x18 >>> 28); x18 &= M28L;           // x19:58/54, x18:28/--
-        x20 += (x19 >>> 28); x19 &= M28L;           // x20:30/29, x19:28/--
-        x21 += (x20 >>> 28); x20 &= M28L;           // x21:28/03, x20:28/--
-
-        x05 += x21 * L4_0;                          // x05:54/--
-        x06 += x21 * L4_1;                          // x06:55/--
-        x07 += x21 * L4_2;                          // x07:56/31
-        x08 += x21 * L4_3;                          // x08:57/31
-        x09 += x21 * L4_4;                          // x09:57/56
-        x10 += x21 * L4_5;                          // x10:58/--
-        x11 += x21 * L4_6;                          // x11:58/56
-        x12 += x21 * L4_7;                          // x12:59/--
-
-        x04 += x20 * L4_0;                          // x04:54/--
-        x05 += x20 * L4_1;                          // x05:54/53
-        x06 += x20 * L4_2;                          // x06:56/53
-        x07 += x20 * L4_3;                          // x07:57/31
-        x08 += x20 * L4_4;                          // x08:57/55
-        x09 += x20 * L4_5;                          // x09:58/--
-        x10 += x20 * L4_6;                          // x10:58/56
-        x11 += x20 * L4_7;                          // x11:59/--
-
-        x03 += x19 * L4_0;                          // x03:54/--
-        x04 += x19 * L4_1;                          // x04:54/53
-        x05 += x19 * L4_2;                          // x05:56/--
-        x06 += x19 * L4_3;                          // x06:57/53
-        x07 += x19 * L4_4;                          // x07:57/55
-        x08 += x19 * L4_5;                          // x08:58/--
-        x09 += x19 * L4_6;                          // x09:58/56
-        x10 += x19 * L4_7;                          // x10:59/--
-
-        x15 += (x14 >>> 28); x14 &= M28L;           // x15:59/31, x14:28/--
-        x16 += (x15 >>> 28); x15 &= M28L;           // x16:59/32, x15:28/--
-        x17 += (x16 >>> 28); x16 &= M28L;           // x17:31/29, x16:28/--
-        x18 += (x17 >>> 28); x17 &= M28L;           // x18:28/04, x17:28/--
-
-        x02 += x18 * L4_0;                          // x02:54/--
-        x03 += x18 * L4_1;                          // x03:55/--
-        x04 += x18 * L4_2;                          // x04:56/32
-        x05 += x18 * L4_3;                          // x05:57/32
-        x06 += x18 * L4_4;                          // x06:57/56
-        x07 += x18 * L4_5;                          // x07:58/--
-        x08 += x18 * L4_6;                          // x08:58/56
-        x09 += x18 * L4_7;                          // x09:59/--
-
-        x01 += x17 * L4_0;                          // x01:54/--
-        x02 += x17 * L4_1;                          // x02:54/53
-        x03 += x17 * L4_2;                          // x03:56/53
-        x04 += x17 * L4_3;                          // x04:57/32
-        x05 += x17 * L4_4;                          // x05:57/55
-        x06 += x17 * L4_5;                          // x06:58/--
-        x07 += x17 * L4_6;                          // x07:58/56
-        x08 += x17 * L4_7;                          // x08:59/--
-
-        x16 *= 4;
-        x16 += (x15 >>> 26); x15 &= M26L;
-        x16 += 1;                                   // x16:30/01
-
-        x00 += x16 * L_0;
-        x01 += x16 * L_1;
-        x02 += x16 * L_2;
-        x03 += x16 * L_3;
-        x04 += x16 * L_4;
-        x05 += x16 * L_5;
-        x06 += x16 * L_6;
-        x07 += x16 * L_7;
-
-        x01 += (x00 >>> 28); x00 &= M28L;
-        x02 += (x01 >>> 28); x01 &= M28L;
-        x03 += (x02 >>> 28); x02 &= M28L;
-        x04 += (x03 >>> 28); x03 &= M28L;
-        x05 += (x04 >>> 28); x04 &= M28L;
-        x06 += (x05 >>> 28); x05 &= M28L;
-        x07 += (x06 >>> 28); x06 &= M28L;
-        x08 += (x07 >>> 28); x07 &= M28L;
-        x09 += (x08 >>> 28); x08 &= M28L;
-        x10 += (x09 >>> 28); x09 &= M28L;
-        x11 += (x10 >>> 28); x10 &= M28L;
-        x12 += (x11 >>> 28); x11 &= M28L;
-        x13 += (x12 >>> 28); x12 &= M28L;
-        x14 += (x13 >>> 28); x13 &= M28L;
-        x15 += (x14 >>> 28); x14 &= M28L;
-        x16  = (x15 >>> 26); x15 &= M26L;
-
-        x16 -= 1;
-
-//        assert x16 == 0L || x16 == -1L;
-
-        x00 -= x16 & L_0;
-        x01 -= x16 & L_1;
-        x02 -= x16 & L_2;
-        x03 -= x16 & L_3;
-        x04 -= x16 & L_4;
-        x05 -= x16 & L_5;
-        x06 -= x16 & L_6;
-        x07 -= x16 & L_7;
-
-        x01 += (x00 >> 28); x00 &= M28L;
-        x02 += (x01 >> 28); x01 &= M28L;
-        x03 += (x02 >> 28); x02 &= M28L;
-        x04 += (x03 >> 28); x03 &= M28L;
-        x05 += (x04 >> 28); x04 &= M28L;
-        x06 += (x05 >> 28); x05 &= M28L;
-        x07 += (x06 >> 28); x06 &= M28L;
-        x08 += (x07 >> 28); x07 &= M28L;
-        x09 += (x08 >> 28); x08 &= M28L;
-        x10 += (x09 >> 28); x09 &= M28L;
-        x11 += (x10 >> 28); x10 &= M28L;
-        x12 += (x11 >> 28); x11 &= M28L;
-        x13 += (x12 >> 28); x12 &= M28L;
-        x14 += (x13 >> 28); x13 &= M28L;
-        x15 += (x14 >> 28); x14 &= M28L;
-
-//        assert x15 >>> 26 == 0L;
-
-        byte[] r = new byte[SCALAR_BYTES];
-        encode56(x00 | (x01 << 28), r,  0);
-        encode56(x02 | (x03 << 28), r,  7);
-        encode56(x04 | (x05 << 28), r, 14);
-        encode56(x06 | (x07 << 28), r, 21);
-        encode56(x08 | (x09 << 28), r, 28);
-        encode56(x10 | (x11 << 28), r, 35);
-        encode56(x12 | (x13 << 28), r, 42);
-        encode56(x14 | (x15 << 28), r, 49);
-//        r[SCALAR_BYTES - 1] = 0;
-        return r;
-    }
-
-    private static void scalarMultBase(byte[] k, PointExt r)
-    {
-        precompute();
-
-        pointSetNeutral(r);
-
-        int[] n = new int[SCALAR_INTS + 1];
-        decodeScalar(k, 0, n);
-
-        // Recode the scalar into signed-digit form
-        {
-            n[SCALAR_INTS] = 4 + Nat.cadd(SCALAR_INTS, ~n[0] & 1, n, L, n);
-//            int c = Nat.shiftDownBit(n.length, n, 0);                           assert c == (1 << 31);
-            Nat.shiftDownBit(n.length, n, 0);
-        }
-
-        PointPrecomp p = new PointPrecomp();
-
-        int cOff = PRECOMP_SPACING - 1;
-        for (;;)
-        {
-            int tPos = cOff;
-
-            for (int b = 0; b < PRECOMP_BLOCKS; ++b)
-            {
-                int w = 0;
-                for (int t = 0; t < PRECOMP_TEETH; ++t)
-                {
-                    int tBit = n[tPos >>> 5] >>> (tPos & 0x1F);
-                    w &= ~(1 << t);
-                    w ^= (tBit << t);
-                    tPos += PRECOMP_SPACING;
-                }
-
-                int sign = (w >>> (PRECOMP_TEETH - 1)) & 1;
-                int abs = (w ^ -sign) & PRECOMP_MASK;
-
-//                assert sign == 0 || sign == 1;
-//                assert 0 <= abs && abs < PRECOMP_POINTS;
-
-                pointLookup(b, abs, p);
-
-                X448Field.cnegate(sign, p.x);
-
-                pointAddPrecomp(p, r);
-            }
-
-            if (--cOff < 0)
-            {
-                break;
-            }
-
-            pointDouble(r);
-        }
-    }
-
-    private static void scalarMultBaseEncoded(byte[] k, byte[] r, int rOff)
-    {
-        PointExt p = new PointExt();
-        scalarMultBase(k, p);
-        encodePoint(p, r, rOff);
-    }
-
-    /**
-     * NOTE: Only for use by X448
-     */
-    public static void scalarMultBaseXY(X448.Friend friend, byte[] k, int kOff, int[] x, int[] y)
-    {
-        if (null == friend)
-        {
-            throw new NullPointerException("This method is only for use by X448");
-        }
-
-        byte[] n = new byte[SCALAR_BYTES];
-        pruneScalar(k, kOff, n);
-
-        PointExt p = new PointExt();
-        scalarMultBase(n, p);
-        X448Field.copy(p.x, 0, x, 0);
-        X448Field.copy(p.y, 0, y, 0);
-    }
-
-    private static void scalarMultStraussVar(int[] nb, int[] np, PointExt p, PointExt r)
-    {
-        precompute();
-
-        final int width = 5;
-
-        byte[] ws_b = getWNAF(nb, WNAF_WIDTH_BASE);
-        byte[] ws_p = getWNAF(np, width);
-
-        PointExt[] tp = pointPrecompVar(p, 1 << (width - 2));
-
-        pointSetNeutral(r);
-
-        int bit = 447;
-        while (bit > 0 && (ws_b[bit] | ws_p[bit]) == 0)
-        {
-            --bit;
-        }
-
-        for (;;)
-        {
-            int wb = ws_b[bit];
-            if (wb != 0)
-            {
-                int sign = wb >> 31;
-                int index = (wb ^ sign) >>> 1;
-
-                pointAddVar((sign != 0), precompBaseTable[index], r);
-            }
-
-            int wp = ws_p[bit];
-            if (wp != 0)
-            {
-                int sign = wp >> 31;
-                int index = (wp ^ sign) >>> 1;
-
-                pointAddVar((sign != 0), tp[index], r);
-            }
-
-            if (--bit < 0)
-            {
-                break;
-            }
-
-            pointDouble(r);
-        }
-    }
-
-    public static void sign(byte[] sk, int skOff, byte[] ctx, byte[] m, int mOff, int mLen, byte[] sig, int sigOff)
-    {
-        byte phflag = 0x00;
-
-        implSign(sk, skOff, ctx, phflag, m, mOff, mLen, sig, sigOff);
-    }
-
-    public static void sign(byte[] sk, int skOff, byte[] pk, int pkOff, byte[] ctx, byte[] m, int mOff, int mLen, byte[] sig, int sigOff)
-    {
-        byte phflag = 0x00;
-
-        implSign(sk, skOff, pk, pkOff, ctx, phflag, m, mOff, mLen, sig, sigOff);
-    }
-
-    public static void signPrehash(byte[] sk, int skOff, byte[] ctx, byte[] ph, int phOff, byte[] sig, int sigOff)
-    {
-        byte phflag = 0x01;
-
-        implSign(sk, skOff, ctx, phflag, ph, phOff, PREHASH_SIZE, sig, sigOff);
-    }
-
-    public static void signPrehash(byte[] sk, int skOff, byte[] pk, int pkOff, byte[] ctx, byte[] ph, int phOff, byte[] sig, int sigOff)
-    {
-        byte phflag = 0x01;
-
-        implSign(sk, skOff, pk, pkOff, ctx, phflag, ph, phOff, PREHASH_SIZE, sig, sigOff);
-    }
-
-    public static void signPrehash(byte[] sk, int skOff, byte[] ctx, Xof ph, byte[] sig, int sigOff)
-    {
-        byte[] m = new byte[PREHASH_SIZE];
-        if (PREHASH_SIZE != ph.doFinal(m, 0, PREHASH_SIZE))
-        {
-            throw new IllegalArgumentException("ph");
-        }
-
-        byte phflag = 0x01;
-
-        implSign(sk, skOff, ctx, phflag, m, 0, m.length, sig, sigOff);
-    }
-
-    public static void signPrehash(byte[] sk, int skOff, byte[] pk, int pkOff, byte[] ctx, Xof ph, byte[] sig, int sigOff)
-    {
-        byte[] m = new byte[PREHASH_SIZE];
-        if (PREHASH_SIZE != ph.doFinal(m, 0, PREHASH_SIZE))
-        {
-            throw new IllegalArgumentException("ph");
-        }
-
-        byte phflag = 0x01;
-
-        implSign(sk, skOff, pk, pkOff, ctx, phflag, m, 0, m.length, sig, sigOff);
-    }
-
-    public static boolean verify(byte[] sig, int sigOff, byte[] pk, int pkOff, byte[] ctx, byte[] m, int mOff, int mLen)
-    {
-        byte phflag = 0x00;
-
-        return implVerify(sig, sigOff, pk, pkOff, ctx, phflag, m, mOff, mLen);
-    }
-
-    public static boolean verifyPrehash(byte[] sig, int sigOff, byte[] pk, int pkOff, byte[] ctx, byte[] ph, int phOff)
-    {
-        byte phflag = 0x01;
-
-        return implVerify(sig, sigOff, pk, pkOff, ctx, phflag, ph, phOff, PREHASH_SIZE);
-    }
-
-    public static boolean verifyPrehash(byte[] sig, int sigOff, byte[] pk, int pkOff, byte[] ctx, Xof ph)
-    {
-        byte[] m = new byte[PREHASH_SIZE];
-        if (PREHASH_SIZE != ph.doFinal(m, 0, PREHASH_SIZE))
-        {
-            throw new IllegalArgumentException("ph");
-        }
-
-        byte phflag = 0x01;
-
-        return implVerify(sig, sigOff, pk, pkOff, ctx, phflag, m, 0, m.length);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/tools/DiscoverEndomorphisms.java b/bcprov/src/main/java/org/bouncycastle/math/ec/tools/DiscoverEndomorphisms.java
deleted file mode 100644
index ca32d26..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/tools/DiscoverEndomorphisms.java
+++ /dev/null

@@ -1,433 +0,0 @@
-package org.bouncycastle.math.ec.tools;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.asn1.x9.ECNamedCurveTable;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.math.ec.ECAlgorithms;
-import org.bouncycastle.math.ec.ECConstants;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.math.ec.ECPoint;
-import org.bouncycastle.util.BigIntegers;
-
-public class DiscoverEndomorphisms
-{
-    private static final int radix = 16;
-
-    public static void main(String[] args)
-    {
-        if (args.length < 1)
-        {
-            System.err.println("Expected a list of curve names as arguments");
-            return;
-        }
-
-        for (int i = 0; i < args.length; ++i)
-        {
-            discoverEndomorphisms(args[i]);
-        }
-    }
-
-    public static void discoverEndomorphisms(X9ECParameters x9)
-    {
-        if (x9 == null)
-        {
-            throw new NullPointerException("x9");
-        }
-
-        ECCurve c = x9.getCurve();
-        if (ECAlgorithms.isFpCurve(c))
-        {
-            BigInteger characteristic = c.getField().getCharacteristic();
-
-            if (c.getA().isZero() && characteristic.mod(ECConstants.THREE).equals(ECConstants.ONE))
-            {
-                System.out.println("Curve has a 'GLV Type B' endomorphism with these parameters:");
-                printGLVTypeBParameters(x9);
-            }
-        }
-    }
-
-    private static void discoverEndomorphisms(String curveName)
-    {
-        X9ECParameters x9 = ECNamedCurveTable.getByName(curveName);
-        if (x9 == null)
-        {
-            System.err.println("Unknown curve: " + curveName);
-            return;
-        }
-
-        ECCurve c = x9.getCurve();
-        if (ECAlgorithms.isFpCurve(c))
-        {
-            BigInteger characteristic = c.getField().getCharacteristic();
-
-            if (c.getA().isZero() && characteristic.mod(ECConstants.THREE).equals(ECConstants.ONE))
-            {
-                System.out.println("Curve '" + curveName + "' has a 'GLV Type B' endomorphism with these parameters:");
-                printGLVTypeBParameters(x9);
-            }
-        }
-    }
-
-    private static void printGLVTypeBParameters(X9ECParameters x9)
-    {
-        // x^2 + x + 1 = 0 mod n
-        BigInteger[] lambdas = solveQuadraticEquation(x9.getN(), ECConstants.ONE, ECConstants.ONE);
-
-        /*
-         * The 'Beta' values are field elements of order 3. There are only two such values besides 1, each corresponding
-         * to one choice for 'Lambda'.
-         */
-        ECFieldElement[] betas = findBetaValues(x9.getCurve());
-
-        printGLVTypeBParameters(x9, lambdas[0], betas);
-        System.out.println("OR");
-        printGLVTypeBParameters(x9, lambdas[1], betas);
-    }
-
-    private static void printGLVTypeBParameters(X9ECParameters x9, BigInteger lambda, ECFieldElement[] betas)
-    {
-        /*
-         * Check the basic premise of the endomorphism: that multiplying a point by lambda preserves the y-coordinate
-         */
-        ECPoint G = x9.getG().normalize();
-        ECPoint mapG = G.multiply(lambda).normalize();
-        if (!G.getYCoord().equals(mapG.getYCoord()))
-        {
-            throw new IllegalStateException("Derivation of GLV Type B parameters failed unexpectedly");
-        }
-
-        /*
-         * Determine which of the beta values corresponds with this choice of lambda, by checking that it scales
-         * the x-coordinate the same way a point-multiplication by lambda does.
-         */
-        ECFieldElement beta = betas[0];
-        if (!G.getXCoord().multiply(beta).equals(mapG.getXCoord()))
-        {
-            beta = betas[1];
-            if (!G.getXCoord().multiply(beta).equals(mapG.getXCoord()))
-            {
-                throw new IllegalStateException("Derivation of GLV Type B parameters failed unexpectedly");
-            }
-        }
-
-        /*
-         * Now search for parameters to allow efficient decomposition of full-length scalars
-         */
-        BigInteger n = x9.getN();
-        BigInteger[] v1 = null;
-        BigInteger[] v2 = null;
-
-        BigInteger[] rt = extEuclidGLV(n, lambda);
-        v1 = new BigInteger[]{ rt[2], rt[3].negate() };
-        v2 = chooseShortest(new BigInteger[]{ rt[0], rt[1].negate() }, new BigInteger[]{ rt[4], rt[5].negate() });
-
-        /*
-         * If elements of v2 are not bounded by sqrt(n), then if r1/t1 are relatively prime there
-         * _may_ yet be a GLV generator, so search for it. See
-         * "Integer Decomposition for Fast Scalar Multiplication on Elliptic Curves", D. Kim, S. Lim
-         * (SAC 2002)
-         */
-        if (!isVectorBoundedBySqrt(v2, n) && areRelativelyPrime(v1[0], v1[1]))
-        {
-            BigInteger r = v1[0], t = v1[1], s = r.add(t.multiply(lambda)).divide(n);
-
-            BigInteger[] vw = extEuclidBezout(new BigInteger[]{ s.abs(), t.abs() });
-            if (vw != null)
-            {
-                BigInteger v = vw[0], w = vw[1];
-    
-                if (s.signum() < 0)
-                {
-                    v = v.negate();
-                }
-                if (t.signum() > 0)
-                {
-                    w = w.negate();
-                }
-    
-                BigInteger check = s.multiply(v).subtract(t.multiply(w));
-                if (!check.equals(ECConstants.ONE))
-                {
-                    throw new IllegalStateException();
-                }
-    
-                BigInteger x = w.multiply(n).subtract(v.multiply(lambda));
-    
-                BigInteger base1 = v.negate();
-                BigInteger base2 = x.negate();
-    
-                /*
-                 * We calculate the range(s) conservatively large to avoid messy rounding issues, so
-                 * there may be spurious candidate generators, but we won't miss any.
-                 */
-                BigInteger sqrtN = isqrt(n.subtract(ECConstants.ONE)).add(ECConstants.ONE);
-    
-                BigInteger[] I1 = calculateRange(base1, sqrtN, t);
-                BigInteger[] I2 = calculateRange(base2, sqrtN, r);
-    
-                BigInteger[] range = intersect(I1, I2);
-                if (range != null)
-                {
-                    for (BigInteger alpha = range[0]; alpha.compareTo(range[1]) <= 0; alpha = alpha.add(ECConstants.ONE))
-                    {
-                        BigInteger[] candidate = new BigInteger[]{ x.add(alpha.multiply(r)), v.add(alpha.multiply(t)) };
-                        if (isShorter(candidate, v2))
-                        {
-                            v2 = candidate;
-                        }
-                    }
-                }
-            }
-        }
-
-        BigInteger d = (v1[0].multiply(v2[1])).subtract(v1[1].multiply(v2[0]));
-
-        /*
-         * These parameters are used to avoid division when decomposing the scalar in a GLV point multiplication.
-         * The precision is determined by 'bits', even 2 bits is enough, but we try to get more whilst keeping it
-         * 8-bit aligned and limiting the possible growth of product sizes on a 32-bit machine.
-         */
-        int bits = n.bitLength() + 16 - (n.bitLength() & 7); 
-        BigInteger g1 = roundQuotient(v2[1].shiftLeft(bits), d);
-        BigInteger g2 = roundQuotient(v1[1].shiftLeft(bits), d).negate();
-
-        printProperty("Beta", beta.toBigInteger().toString(radix));
-        printProperty("Lambda", lambda.toString(radix));
-        printProperty("v1", "{ " + v1[0].toString(radix) + ", " + v1[1].toString(radix) + " }");
-        printProperty("v2", "{ " + v2[0].toString(radix) + ", " + v2[1].toString(radix) + " }");
-        printProperty("d", d.toString(radix));
-        printProperty("(OPT) g1", g1.toString(radix));
-        printProperty("(OPT) g2", g2.toString(radix));
-        printProperty("(OPT) bits", Integer.toString(bits));
-    }
-
-    private static void printProperty(String name, Object value)
-    {
-        StringBuffer sb = new StringBuffer("  ");
-        sb.append(name);
-        while (sb.length() < 20)
-        {
-            sb.append(' ');
-        }
-        sb.append("= ");
-        sb.append(value.toString());
-        System.out.println(sb.toString());
-    }
-
-    private static boolean areRelativelyPrime(BigInteger a, BigInteger b)
-    {
-        return a.gcd(b).equals(ECConstants.ONE);
-    }
-
-    private static BigInteger[] calculateRange(BigInteger mid, BigInteger off, BigInteger div)
-    {
-        BigInteger i1 = mid.subtract(off).divide(div);
-        BigInteger i2 = mid.add(off).divide(div);
-        return order(i1, i2);
-    }
-
-    private static BigInteger[] extEuclidBezout(BigInteger[] ab)
-    {
-        boolean swap = ab[0].compareTo(ab[1]) < 0;
-        if (swap)
-        {
-            swap(ab);
-        }
-
-        BigInteger r0 = ab[0], r1 = ab[1];
-        BigInteger s0 = ECConstants.ONE, s1 = ECConstants.ZERO;
-        BigInteger t0 = ECConstants.ZERO, t1 = ECConstants.ONE;
-
-        while (r1.compareTo(ECConstants.ONE) > 0)
-        {
-            BigInteger[] qr = r0.divideAndRemainder(r1);
-            BigInteger q = qr[0], r2 = qr[1];
-
-            BigInteger s2 = s0.subtract(q.multiply(s1));
-            BigInteger t2 = t0.subtract(q.multiply(t1));
-
-            r0 = r1;
-            r1 = r2;
-            s0 = s1;
-            s1 = s2;
-            t0 = t1;
-            t1 = t2;
-        }
-
-        if (r1.signum() <= 0)
-        {
-            /*
-             * NOTE: This case occurred while testing on curves over tiny fields; probably due to a 0 input.
-             */
-            return null;
-        }
-
-        BigInteger[] st = new BigInteger[]{ s1, t1 };
-        if (swap)
-        {
-            swap(st);
-        }
-        return st;
-    }
-
-    private static BigInteger[] extEuclidGLV(BigInteger n, BigInteger lambda)
-    {
-        BigInteger r0 = n, r1 = lambda;
-        // BigInteger s0 = ECConstants.ONE, s1 = ECConstants.ZERO;
-        BigInteger t0 = ECConstants.ZERO, t1 = ECConstants.ONE;
-
-        for (;;)
-        {
-            BigInteger[] qr = r0.divideAndRemainder(r1);
-            BigInteger q = qr[0], r2 = qr[1];
-
-            // BigInteger s2 = s0.subtract(q.multiply(s1));
-            BigInteger t2 = t0.subtract(q.multiply(t1));
-
-            if (isLessThanSqrt(r1, n))
-            {
-                return new BigInteger[]{ r0, t0, r1, t1, r2, t2 };
-            }
-
-            r0 = r1;
-            r1 = r2;
-            // s0 = s1;
-            // s1 = s2;
-            t0 = t1;
-            t1 = t2;
-        }
-    }
-
-    private static BigInteger[] chooseShortest(BigInteger[] u, BigInteger[] v)
-    {
-        return isShorter(u, v) ? u : v;
-    }
-
-    private static BigInteger[] intersect(BigInteger[] ab, BigInteger[] cd)
-    {
-        BigInteger min = ab[0].max(cd[0]);
-        BigInteger max = ab[1].min(cd[1]);
-        if (min.compareTo(max) > 0)
-        {
-            return null;
-        }
-        return new BigInteger[]{ min, max };
-    }
-
-    private static boolean isLessThanSqrt(BigInteger a, BigInteger b)
-    {
-        a = a.abs();
-        b = b.abs();
-        int target = b.bitLength(), maxBits = a.bitLength() * 2, minBits = maxBits - 1;
-        return minBits <= target && (maxBits < target || a.multiply(a).compareTo(b) < 0);
-    }
-
-    private static boolean isShorter(BigInteger[] u, BigInteger[] v)
-    {
-        BigInteger u1 = u[0].abs(), u2 = u[1].abs(), v1 = v[0].abs(), v2 = v[1].abs();
-
-        // TODO Check whether "shorter" just means by rectangle norm:
-        // return u1.max(u2).compareTo(v1.max(v2)) < 0;
-
-        boolean c1 = u1.compareTo(v1) < 0, c2 = u2.compareTo(v2) < 0;
-        if (c1 == c2)
-        {
-            return c1;
-        }
-
-        BigInteger du = u1.multiply(u1).add(u2.multiply(u2));
-        BigInteger dv = v1.multiply(v1).add(v2.multiply(v2));
-
-        return du.compareTo(dv) < 0;
-    }
-
-    private static boolean isVectorBoundedBySqrt(BigInteger[] v, BigInteger n)
-    {
-        BigInteger max = v[0].abs().max(v[1].abs());
-        return isLessThanSqrt(max, n);
-    }
-
-    private static BigInteger[] order(BigInteger a, BigInteger b)
-    {
-        if (a.compareTo(b) <= 0)
-        {
-            return new BigInteger[]{ a, b };
-        }
-        return new BigInteger[]{ b, a };
-    }
-
-    private static BigInteger roundQuotient(BigInteger x, BigInteger y)
-    {
-        boolean negative = (x.signum() != y.signum());
-        x = x.abs();
-        y = y.abs();
-        BigInteger result = x.add(y.shiftRight(1)).divide(y);
-        return negative ? result.negate() : result;
-    }
-
-    private static BigInteger[] solveQuadraticEquation(BigInteger n, BigInteger r, BigInteger s)
-    {
-        BigInteger det = r.multiply(r).subtract(s.shiftLeft(2)).mod(n);
-
-        BigInteger root1 = new ECFieldElement.Fp(n, det).sqrt().toBigInteger(), root2 = n.subtract(root1);
-        if (root1.testBit(0))
-        {
-            root2 = root2.add(n);
-        }
-        else
-        {
-            root1 = root1.add(n);
-        }
-
-//        assert root1.testBit(0);
-//        assert root2.testBit(0);
-
-        // NOTE: implicit -1 of the low-bits
-        return new BigInteger[]{ root1.shiftRight(1), root2.shiftRight(1) };
-    }
-
-    private static ECFieldElement[] findBetaValues(ECCurve c)
-    {
-        BigInteger q = c.getField().getCharacteristic();
-        BigInteger e = q.divide(ECConstants.THREE);
-
-        // Search for a random value that generates a non-trival cube root of 1
-        SecureRandom random = new SecureRandom();
-        BigInteger b;
-        do
-        {
-            BigInteger r = BigIntegers.createRandomInRange(ECConstants.TWO, q.subtract(ECConstants.TWO), random);
-            b = r.modPow(e, q);
-        }
-        while (b.equals(ECConstants.ONE));
-
-        ECFieldElement beta = c.fromBigInteger(b);
-
-        return new ECFieldElement[]{ beta, beta.square() }; 
-    }
-
-    private static BigInteger isqrt(BigInteger x)
-    {
-        BigInteger g0 = x.shiftRight(x.bitLength() / 2);
-        for (;;)
-        {
-            BigInteger g1 = g0.add(x.divide(g0)).shiftRight(1);
-            if (g1.equals(g0))
-            {
-                return g1;
-            }
-            g0 = g1;
-        }
-    }
-
-    private static void swap(BigInteger[] ab)
-    {
-        BigInteger tmp = ab[0];
-        ab[0] = ab[1];
-        ab[1] = tmp;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/tools/F2mSqrtOptimizer.java b/bcprov/src/main/java/org/bouncycastle/math/ec/tools/F2mSqrtOptimizer.java
deleted file mode 100644
index 31bac8a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/tools/F2mSqrtOptimizer.java
+++ /dev/null

@@ -1,72 +0,0 @@
-package org.bouncycastle.math.ec.tools;
-
-import java.math.BigInteger;
-import java.util.ArrayList;
-import java.util.Enumeration;
-import java.util.Iterator;
-import java.util.SortedSet;
-import java.util.TreeSet;
-
-import org.bouncycastle.asn1.x9.ECNamedCurveTable;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.crypto.ec.CustomNamedCurves;
-import org.bouncycastle.math.ec.ECAlgorithms;
-import org.bouncycastle.math.ec.ECFieldElement;
-
-public class F2mSqrtOptimizer
-{
-    public static void main(String[] args)
-    {
-        SortedSet names = new TreeSet(enumToList(ECNamedCurveTable.getNames()));
-        names.addAll(enumToList(CustomNamedCurves.getNames()));
-
-        Iterator it = names.iterator();
-        while (it.hasNext())
-        {
-            String name = (String)it.next();
-            X9ECParameters x9 = CustomNamedCurves.getByName(name);
-            if (x9 == null)
-            {
-                x9 = ECNamedCurveTable.getByName(name);
-            }
-            if (x9 != null && ECAlgorithms.isF2mCurve(x9.getCurve()))
-            {
-                System.out.print(name + ":");
-                implPrintRootZ(x9);
-            }
-        }
-    }
-
-    public static void printRootZ(X9ECParameters x9)
-    {
-        if (!ECAlgorithms.isF2mCurve(x9.getCurve()))
-        {
-            throw new IllegalArgumentException("Sqrt optimization only defined over characteristic-2 fields");
-        }
-
-        implPrintRootZ(x9);
-    }
-
-    private static void implPrintRootZ(X9ECParameters x9)
-    {
-        ECFieldElement z = x9.getCurve().fromBigInteger(BigInteger.valueOf(2));
-        ECFieldElement rootZ = z.sqrt();
-
-        System.out.println(rootZ.toBigInteger().toString(16).toUpperCase());
-
-        if (!rootZ.square().equals(z))
-        {
-            throw new IllegalStateException("Optimized-sqrt sanity check failed");
-        }
-    }
-
-    private static ArrayList enumToList(Enumeration en)
-    {
-        ArrayList rv = new ArrayList();
-        while (en.hasMoreElements())
-        {
-            rv.add(en.nextElement());
-        }
-        return rv;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/ec/tools/TraceOptimizer.java b/bcprov/src/main/java/org/bouncycastle/math/ec/tools/TraceOptimizer.java
deleted file mode 100644
index b21c9e0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/ec/tools/TraceOptimizer.java
+++ /dev/null

@@ -1,138 +0,0 @@
-package org.bouncycastle.math.ec.tools;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-import java.util.ArrayList;
-import java.util.Enumeration;
-import java.util.Iterator;
-import java.util.SortedSet;
-import java.util.TreeSet;
-
-import org.bouncycastle.asn1.x9.ECNamedCurveTable;
-import org.bouncycastle.asn1.x9.X9ECParameters;
-import org.bouncycastle.crypto.ec.CustomNamedCurves;
-import org.bouncycastle.math.ec.ECAlgorithms;
-import org.bouncycastle.math.ec.ECCurve;
-import org.bouncycastle.math.ec.ECFieldElement;
-import org.bouncycastle.util.Integers;
-
-public class TraceOptimizer
-{
-    private static final BigInteger ONE = BigInteger.valueOf(1);
-
-    private static final SecureRandom R = new SecureRandom();
-
-    public static void main(String[] args)
-    {
-        SortedSet names = new TreeSet(enumToList(ECNamedCurveTable.getNames()));
-        names.addAll(enumToList(CustomNamedCurves.getNames()));
-
-        Iterator it = names.iterator();
-        while (it.hasNext())
-        {
-            String name = (String)it.next();
-            X9ECParameters x9 = CustomNamedCurves.getByName(name);
-            if (x9 == null)
-            {
-                x9 = ECNamedCurveTable.getByName(name);
-            }
-            if (x9 != null && ECAlgorithms.isF2mCurve(x9.getCurve()))
-            {
-                System.out.print(name + ":");
-                implPrintNonZeroTraceBits(x9);
-            }
-        }
-    }
-
-    public static void printNonZeroTraceBits(X9ECParameters x9)
-    {
-        if (!ECAlgorithms.isF2mCurve(x9.getCurve()))
-        {
-            throw new IllegalArgumentException("Trace only defined over characteristic-2 fields");
-        }
-
-        implPrintNonZeroTraceBits(x9);
-    }
-
-    public static void implPrintNonZeroTraceBits(X9ECParameters x9)
-    {
-        ECCurve c = x9.getCurve();
-        int m = c.getFieldSize();
-
-        ArrayList nonZeroTraceBits = new ArrayList();
-
-        /*
-         * Determine which of the bits contribute to the trace.
-         * 
-         * See section 3.6.2 of "Guide to Elliptic Curve Cryptography" (Hankerson, Menezes, Vanstone)
-         */
-        {
-            for (int i = 0; i < m; ++i)
-            {
-                BigInteger zi = ONE.shiftLeft(i);
-                ECFieldElement fe = c.fromBigInteger(zi);
-                int tr = calculateTrace(fe);
-                if (tr != 0)
-                {
-                    nonZeroTraceBits.add(Integers.valueOf(i));
-                    System.out.print(" " + i);
-                }
-            }
-            System.out.println();
-        }
-
-        /*
-         *  Check calculation based on the non-zero-trace bits against explicit calculation, for random field elements
-         */
-        {
-            for (int i = 0; i < 1000; ++i)
-            {
-                BigInteger x = new BigInteger(m, R);
-                ECFieldElement fe = c.fromBigInteger(x);
-                int check = calculateTrace(fe);
-
-                int tr = 0;
-                for (int j = 0; j < nonZeroTraceBits.size(); ++j)
-                {
-                    int bit = ((Integer)nonZeroTraceBits.get(j)).intValue();
-                    if (x.testBit(bit))
-                    {
-                        tr ^= 1;
-                    }
-                }
-                
-                if (check != tr)
-                {
-                    throw new IllegalStateException("Optimized-trace sanity check failed");
-                }
-            }
-        }
-    }
-
-    private static int calculateTrace(ECFieldElement fe)
-    {
-        int m = fe.getFieldSize();
-        ECFieldElement tr = fe;
-        for (int i = 1; i < m; ++i)
-        {
-            fe = fe.square();
-            tr = tr.add(fe);
-        }
-        BigInteger b = tr.toBigInteger();
-        if (b.bitLength() > 1)
-        {
-            throw new IllegalStateException();
-        }
-        return b.intValue();
-    }
-
-    private static ArrayList enumToList(Enumeration en)
-    {
-        ArrayList rv = new ArrayList();
-        while (en.hasMoreElements())
-        {
-            rv.add(en.nextElement());
-        }
-        return rv;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/raw/Mont256.java b/bcprov/src/main/java/org/bouncycastle/math/raw/Mont256.java
deleted file mode 100644
index 750221f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/raw/Mont256.java
+++ /dev/null

@@ -1,152 +0,0 @@
-package org.bouncycastle.math.raw;
-
-public abstract class Mont256
-{
-    private static final long M = 0xFFFFFFFFL;
-
-    public static int inverse32(int x)
-    {
-        // assert (x & 1) == 1;
-        int z = x; // x.z == 1 mod 2**3
-        z *= 2 - x * z; // x.z == 1 mod 2**6
-        z *= 2 - x * z; // x.z == 1 mod 2**12
-        z *= 2 - x * z; // x.z == 1 mod 2**24
-        z *= 2 - x * z; // x.z == 1 mod 2**48
-        // assert x * z == 1;
-        return z;
-    }
-
-    public static void multAdd(int[] x, int[] y, int[] z, int[] m, int mInv32)
-    {
-        int z_8 = 0;
-        long y_0 = y[0] & M;
-
-        for (int i = 0; i < 8; ++i)
-        {
-            long z_0 = z[0] & M;
-            long x_i = x[i] & M;
-
-            long prod1 = x_i * y_0;
-            long carry = (prod1 & M) + z_0;
-
-            long t = ((int)carry * mInv32) & M;
-
-            long prod2 = t * (m[0] & M);
-            carry += (prod2 & M);
-            // assert (int)carry == 0;
-            carry = (carry >>> 32) + (prod1 >>> 32) + (prod2 >>> 32);
-
-            for (int j = 1; j < 8; ++j)
-            {
-                prod1 = x_i * (y[j] & M);
-                prod2 = t * (m[j] & M);
-
-                carry += (prod1 & M) + (prod2 & M) + (z[j] & M);
-                z[j - 1] = (int)carry;
-                carry = (carry >>> 32) + (prod1 >>> 32) + (prod2 >>> 32);
-            }
-
-            carry += (z_8 & M);
-            z[7] = (int)carry;
-            z_8 = (int)(carry >>> 32);
-        }
-
-        if (z_8 != 0 || Nat256.gte(z, m))
-        {
-            Nat256.sub(z, m, z);
-        }
-    }
-
-    public static void multAddXF(int[] x, int[] y, int[] z, int[] m)
-    {
-        // assert m[0] == M;
-
-        int z_8 = 0;
-        long y_0 = y[0] & M;
-
-        for (int i = 0; i < 8; ++i)
-        {
-            long x_i = x[i] & M;
-
-            long carry = x_i * y_0 + (z[0] & M);
-            long t = carry & M;
-            carry = (carry >>> 32) + t;
-
-            for (int j = 1; j < 8; ++j)
-            {
-                long prod1 = x_i * (y[j] & M);
-                long prod2 = t * (m[j] & M);
-
-                carry += (prod1 & M) + (prod2 & M) + (z[j] & M);
-                z[j - 1] = (int)carry;
-                carry = (carry >>> 32) + (prod1 >>> 32) + (prod2 >>> 32);
-            }
-
-            carry += (z_8 & M);
-            z[7] = (int)carry;
-            z_8 = (int)(carry >>> 32);
-        }
-
-        if (z_8 != 0 || Nat256.gte(z, m))
-        {
-            Nat256.sub(z, m, z);
-        }
-    }
-
-    public static void reduce(int[] z, int[] m, int mInv32)
-    {
-        for (int i = 0; i < 8; ++i)
-        {
-            int z_0 = z[0];
-
-            long t = (z_0 * mInv32) & M;
-
-            long carry = t * (m[0] & M) + (z_0 & M);
-            // assert (int)carry == 0;
-            carry >>>= 32;
-
-            for (int j = 1; j < 8; ++j)
-            {
-                carry += t * (m[j] & M) + (z[j] & M);
-                z[j - 1] = (int)carry;
-                carry >>>= 32;
-            }
-
-            z[7] = (int)carry;
-            // assert carry >>> 32 == 0;
-        }
-
-        if (Nat256.gte(z, m))
-        {
-            Nat256.sub(z, m, z);
-        }
-    }
-
-    public static void reduceXF(int[] z, int[] m)
-    {
-        // assert m[0] == M;
-
-        for (int i = 0; i < 8; ++i)
-        {
-            int z_0 = z[0];
-
-            long t = z_0 & M;
-            long carry = t;
-
-            for (int j = 1; j < 8; ++j)
-            {
-                carry += t * (m[j] & M) + (z[j] & M);
-                z[j - 1] = (int)carry;
-                carry >>>= 32;
-            }
-
-            z[7] = (int)carry;
-            // assert carry >>> 32 == 0;
-        }
-
-        if (Nat256.gte(z, m))
-        {
-            Nat256.sub(z, m, z);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/raw/Nat128.java b/bcprov/src/main/java/org/bouncycastle/math/raw/Nat128.java
deleted file mode 100644
index 5a4fbfc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/raw/Nat128.java
+++ /dev/null

@@ -1,880 +0,0 @@
-package org.bouncycastle.math.raw;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.util.Pack;
-
-public abstract class Nat128
-{
-    private static final long M = 0xFFFFFFFFL;
-
-    public static int add(int[] x, int[] y, int[] z)
-    {
-        long c = 0;
-        c += (x[0] & M) + (y[0] & M);
-        z[0] = (int)c;
-        c >>>= 32;
-        c += (x[1] & M) + (y[1] & M);
-        z[1] = (int)c;
-        c >>>= 32;
-        c += (x[2] & M) + (y[2] & M);
-        z[2] = (int)c;
-        c >>>= 32;
-        c += (x[3] & M) + (y[3] & M);
-        z[3] = (int)c;
-        c >>>= 32;
-        return (int)c;
-    }
-
-    public static int addBothTo(int[] x, int[] y, int[] z)
-    {
-        long c = 0;
-        c += (x[0] & M) + (y[0] & M) + (z[0] & M);
-        z[0] = (int)c;
-        c >>>= 32;
-        c += (x[1] & M) + (y[1] & M) + (z[1] & M);
-        z[1] = (int)c;
-        c >>>= 32;
-        c += (x[2] & M) + (y[2] & M) + (z[2] & M);
-        z[2] = (int)c;
-        c >>>= 32;
-        c += (x[3] & M) + (y[3] & M) + (z[3] & M);
-        z[3] = (int)c;
-        c >>>= 32;
-        return (int)c;
-    }
-
-    public static int addTo(int[] x, int[] z)
-    {
-        long c = 0;
-        c += (x[0] & M) + (z[0] & M);
-        z[0] = (int)c;
-        c >>>= 32;
-        c += (x[1] & M) + (z[1] & M);
-        z[1] = (int)c;
-        c >>>= 32;
-        c += (x[2] & M) + (z[2] & M);
-        z[2] = (int)c;
-        c >>>= 32;
-        c += (x[3] & M) + (z[3] & M);
-        z[3] = (int)c;
-        c >>>= 32;
-        return (int)c;
-    }
-
-    public static int addTo(int[] x, int xOff, int[] z, int zOff, int cIn)
-    {
-        long c = cIn & M;
-        c += (x[xOff + 0] & M) + (z[zOff + 0] & M);
-        z[zOff + 0] = (int)c;
-        c >>>= 32;
-        c += (x[xOff + 1] & M) + (z[zOff + 1] & M);
-        z[zOff + 1] = (int)c;
-        c >>>= 32;
-        c += (x[xOff + 2] & M) + (z[zOff + 2] & M);
-        z[zOff + 2] = (int)c;
-        c >>>= 32;
-        c += (x[xOff + 3] & M) + (z[zOff + 3] & M);
-        z[zOff + 3] = (int)c;
-        c >>>= 32;
-        return (int)c;
-    }
-
-    public static int addToEachOther(int[] u, int uOff, int[] v, int vOff)
-    {
-        long c = 0;
-        c += (u[uOff + 0] & M) + (v[vOff + 0] & M);
-        u[uOff + 0] = (int)c;
-        v[vOff + 0] = (int)c;
-        c >>>= 32;
-        c += (u[uOff + 1] & M) + (v[vOff + 1] & M);
-        u[uOff + 1] = (int)c;
-        v[vOff + 1] = (int)c;
-        c >>>= 32;
-        c += (u[uOff + 2] & M) + (v[vOff + 2] & M);
-        u[uOff + 2] = (int)c;
-        v[vOff + 2] = (int)c;
-        c >>>= 32;
-        c += (u[uOff + 3] & M) + (v[vOff + 3] & M);
-        u[uOff + 3] = (int)c;
-        v[vOff + 3] = (int)c;
-        c >>>= 32;
-        return (int)c;
-    }
-
-    public static void copy(int[] x, int[] z)
-    {
-        z[0] = x[0];
-        z[1] = x[1];
-        z[2] = x[2];
-        z[3] = x[3];
-    }
-
-    public static void copy(int[] x, int xOff, int[] z, int zOff)
-    {
-        z[zOff + 0] = x[xOff + 0];
-        z[zOff + 1] = x[xOff + 1];
-        z[zOff + 2] = x[xOff + 2];
-        z[zOff + 3] = x[xOff + 3];
-    }
-
-    public static void copy64(long[] x, long[] z)
-    {
-        z[0] = x[0];
-        z[1] = x[1];
-    }
-
-    public static void copy64(long[] x, int xOff, long[] z, int zOff)
-    {
-        z[zOff + 0] = x[xOff + 0];
-        z[zOff + 1] = x[xOff + 1];
-    }
-
-    public static int[] create()
-    {
-        return new int[4];
-    }
-
-    public static long[] create64()
-    {
-        return new long[2];
-    }
-
-    public static int[] createExt()
-    {
-        return new int[8];
-    }
-
-    public static long[] createExt64()
-    {
-        return new long[4];
-    }
-
-    public static boolean diff(int[] x, int xOff, int[] y, int yOff, int[] z, int zOff)
-    {
-        boolean pos = gte(x, xOff, y, yOff);
-        if (pos)
-        {
-            sub(x, xOff, y, yOff, z, zOff);
-        }
-        else
-        {
-            sub(y, yOff, x, xOff, z, zOff);
-        }
-        return pos;
-    }
-
-    public static boolean eq(int[] x, int[] y)
-    {
-        for (int i = 3; i >= 0; --i)
-        {
-            if (x[i] != y[i])
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    public static boolean eq64(long[] x, long[] y)
-    {
-        for (int i = 1; i >= 0; --i)
-        {
-            if (x[i] != y[i])
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    public static int[] fromBigInteger(BigInteger x)
-    {
-        if (x.signum() < 0 || x.bitLength() > 128)
-        {
-            throw new IllegalArgumentException();
-        }
-
-        int[] z = create();
-        int i = 0;
-        while (x.signum() != 0)
-        {
-            z[i++] = x.intValue();
-            x = x.shiftRight(32);
-        }
-        return z;
-    }
-
-    public static long[] fromBigInteger64(BigInteger x)
-    {
-        if (x.signum() < 0 || x.bitLength() > 128)
-        {
-            throw new IllegalArgumentException();
-        }
-
-        long[] z = create64();
-        int i = 0;
-        while (x.signum() != 0)
-        {
-            z[i++] = x.longValue();
-            x = x.shiftRight(64);
-        }
-        return z;
-    }
-
-    public static int getBit(int[] x, int bit)
-    {
-        if (bit == 0)
-        {
-            return x[0] & 1;
-        }
-        int w = bit >> 5;
-        if (w < 0 || w >= 4)
-        {
-            return 0;
-        }
-        int b = bit & 31;
-        return (x[w] >>> b) & 1;
-    }
-
-    public static boolean gte(int[] x, int[] y)
-    {
-        for (int i = 3; i >= 0; --i)
-        {
-            int x_i = x[i] ^ Integer.MIN_VALUE;
-            int y_i = y[i] ^ Integer.MIN_VALUE;
-            if (x_i < y_i)
-                return false;
-            if (x_i > y_i)
-                return true;
-        }
-        return true;
-    }
-
-    public static boolean gte(int[] x, int xOff, int[] y, int yOff)
-    {
-        for (int i = 3; i >= 0; --i)
-        {
-            int x_i = x[xOff + i] ^ Integer.MIN_VALUE;
-            int y_i = y[yOff + i] ^ Integer.MIN_VALUE;
-            if (x_i < y_i)
-                return false;
-            if (x_i > y_i)
-                return true;
-        }
-        return true;
-    }
-
-    public static boolean isOne(int[] x)
-    {
-        if (x[0] != 1)
-        {
-            return false;
-        }
-        for (int i = 1; i < 4; ++i)
-        {
-            if (x[i] != 0)
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    public static boolean isOne64(long[] x)
-    {
-        if (x[0] != 1L)
-        {
-            return false;
-        }
-        for (int i = 1; i < 2; ++i)
-        {
-            if (x[i] != 0L)
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    public static boolean isZero(int[] x)
-    {
-        for (int i = 0; i < 4; ++i)
-        {
-            if (x[i] != 0)
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    public static boolean isZero64(long[] x)
-    {
-        for (int i = 0; i < 2; ++i)
-        {
-            if (x[i] != 0L)
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    public static void mul(int[] x, int[] y, int[] zz)
-    {
-        long y_0 = y[0] & M;
-        long y_1 = y[1] & M;
-        long y_2 = y[2] & M;
-        long y_3 = y[3] & M;
-
-        {
-            long c = 0, x_0 = x[0] & M;
-            c += x_0 * y_0;
-            zz[0] = (int)c;
-            c >>>= 32;
-            c += x_0 * y_1;
-            zz[1] = (int)c;
-            c >>>= 32;
-            c += x_0 * y_2;
-            zz[2] = (int)c;
-            c >>>= 32;
-            c += x_0 * y_3;
-            zz[3] = (int)c;
-            c >>>= 32;
-            zz[4] = (int)c;
-        }
-
-        for (int i = 1; i < 4; ++i)
-        {
-            long c = 0, x_i = x[i] & M;
-            c += x_i * y_0 + (zz[i + 0] & M);
-            zz[i + 0] = (int)c;
-            c >>>= 32;
-            c += x_i * y_1 + (zz[i + 1] & M);
-            zz[i + 1] = (int)c;
-            c >>>= 32;
-            c += x_i * y_2 + (zz[i + 2] & M);
-            zz[i + 2] = (int)c;
-            c >>>= 32;
-            c += x_i * y_3 + (zz[i + 3] & M);
-            zz[i + 3] = (int)c;
-            c >>>= 32;
-            zz[i + 4] = (int)c;
-        }
-    }
-
-    public static void mul(int[] x, int xOff, int[] y, int yOff, int[] zz, int zzOff)
-    {
-        long y_0 = y[yOff + 0] & M;
-        long y_1 = y[yOff + 1] & M;
-        long y_2 = y[yOff + 2] & M;
-        long y_3 = y[yOff + 3] & M;
-
-        {
-            long c = 0, x_0 = x[xOff + 0] & M;
-            c += x_0 * y_0;
-            zz[zzOff + 0] = (int)c;
-            c >>>= 32;
-            c += x_0 * y_1;
-            zz[zzOff + 1] = (int)c;
-            c >>>= 32;
-            c += x_0 * y_2;
-            zz[zzOff + 2] = (int)c;
-            c >>>= 32;
-            c += x_0 * y_3;
-            zz[zzOff + 3] = (int)c;
-            c >>>= 32;
-            zz[zzOff + 4] = (int)c;
-        }
-
-        for (int i = 1; i < 4; ++i)
-        {
-            ++zzOff;
-            long c = 0, x_i = x[xOff + i] & M;
-            c += x_i * y_0 + (zz[zzOff + 0] & M);
-            zz[zzOff + 0] = (int)c;
-            c >>>= 32;
-            c += x_i * y_1 + (zz[zzOff + 1] & M);
-            zz[zzOff + 1] = (int)c;
-            c >>>= 32;
-            c += x_i * y_2 + (zz[zzOff + 2] & M);
-            zz[zzOff + 2] = (int)c;
-            c >>>= 32;
-            c += x_i * y_3 + (zz[zzOff + 3] & M);
-            zz[zzOff + 3] = (int)c;
-            c >>>= 32;
-            zz[zzOff + 4] = (int)c;
-        }
-    }
-
-    public static int mulAddTo(int[] x, int[] y, int[] zz)
-    {
-        long y_0 = y[0] & M;
-        long y_1 = y[1] & M;
-        long y_2 = y[2] & M;
-        long y_3 = y[3] & M;
-
-        long zc = 0;
-        for (int i = 0; i < 4; ++i)
-        {
-            long c = 0, x_i = x[i] & M;
-            c += x_i * y_0 + (zz[i + 0] & M);
-            zz[i + 0] = (int)c;
-            c >>>= 32;
-            c += x_i * y_1 + (zz[i + 1] & M);
-            zz[i + 1] = (int)c;
-            c >>>= 32;
-            c += x_i * y_2 + (zz[i + 2] & M);
-            zz[i + 2] = (int)c;
-            c >>>= 32;
-            c += x_i * y_3 + (zz[i + 3] & M);
-            zz[i + 3] = (int)c;
-            c >>>= 32;
-            c += zc + (zz[i + 4] & M);
-            zz[i + 4] = (int)c;
-            zc = c >>> 32;
-        }
-        return (int)zc;
-    }
-
-    public static int mulAddTo(int[] x, int xOff, int[] y, int yOff, int[] zz, int zzOff)
-    {
-        long y_0 = y[yOff + 0] & M;
-        long y_1 = y[yOff + 1] & M;
-        long y_2 = y[yOff + 2] & M;
-        long y_3 = y[yOff + 3] & M;
-
-        long zc = 0;
-        for (int i = 0; i < 4; ++i)
-        {
-            long c = 0, x_i = x[xOff + i] & M;
-            c += x_i * y_0 + (zz[zzOff + 0] & M);
-            zz[zzOff + 0] = (int)c;
-            c >>>= 32;
-            c += x_i * y_1 + (zz[zzOff + 1] & M);
-            zz[zzOff + 1] = (int)c;
-            c >>>= 32;
-            c += x_i * y_2 + (zz[zzOff + 2] & M);
-            zz[zzOff + 2] = (int)c;
-            c >>>= 32;
-            c += x_i * y_3 + (zz[zzOff + 3] & M);
-            zz[zzOff + 3] = (int)c;
-            c >>>= 32;
-            c += zc + (zz[zzOff + 4] & M);
-            zz[zzOff + 4] = (int)c;
-            zc = c >>> 32;
-            ++zzOff;
-        }
-        return (int)zc;
-    }
-
-    public static long mul33Add(int w, int[] x, int xOff, int[] y, int yOff, int[] z, int zOff)
-    {
-        // assert w >>> 31 == 0;
-
-        long c = 0, wVal = w & M;
-        long x0 = x[xOff + 0] & M;
-        c += wVal * x0 + (y[yOff + 0] & M);
-        z[zOff + 0] = (int)c;
-        c >>>= 32;
-        long x1 = x[xOff + 1] & M;
-        c += wVal * x1 + x0 + (y[yOff + 1] & M);
-        z[zOff + 1] = (int)c;
-        c >>>= 32;
-        long x2 = x[xOff + 2] & M;
-        c += wVal * x2 + x1 + (y[yOff + 2] & M);
-        z[zOff + 2] = (int)c;
-        c >>>= 32;
-        long x3 = x[xOff + 3] & M;
-        c += wVal * x3 + x2 + (y[yOff + 3] & M);
-        z[zOff + 3] = (int)c;
-        c >>>= 32;
-        c += x3;
-        return c;
-    }
-
-    public static int mulWordAddExt(int x, int[] yy, int yyOff, int[] zz, int zzOff)
-    {
-        // assert yyOff <= 4;
-        // assert zzOff <= 4;
-        long c = 0, xVal = x & M;
-        c += xVal * (yy[yyOff + 0] & M) + (zz[zzOff + 0] & M);
-        zz[zzOff + 0] = (int)c;
-        c >>>= 32;
-        c += xVal * (yy[yyOff + 1] & M) + (zz[zzOff + 1] & M);
-        zz[zzOff + 1] = (int)c;
-        c >>>= 32;
-        c += xVal * (yy[yyOff + 2] & M) + (zz[zzOff + 2] & M);
-        zz[zzOff + 2] = (int)c;
-        c >>>= 32;
-        c += xVal * (yy[yyOff + 3] & M) + (zz[zzOff + 3] & M);
-        zz[zzOff + 3] = (int)c;
-        c >>>= 32;
-        return (int)c;
-    }
-
-    public static int mul33DWordAdd(int x, long y, int[] z, int zOff)
-    {
-        // assert x >>> 31 == 0;
-        // assert zOff <= 0;
-
-        long c = 0, xVal = x & M;
-        long y00 = y & M;
-        c += xVal * y00 + (z[zOff + 0] & M);
-        z[zOff + 0] = (int)c;
-        c >>>= 32;
-        long y01 = y >>> 32;
-        c += xVal * y01 + y00 + (z[zOff + 1] & M);
-        z[zOff + 1] = (int)c;
-        c >>>= 32;
-        c += y01 + (z[zOff + 2] & M);
-        z[zOff + 2] = (int)c;
-        c >>>= 32;
-        c += (z[zOff + 3] & M);
-        z[zOff + 3] = (int)c;
-        c >>>= 32;
-        return (int)c;
-    }
-
-    public static int mul33WordAdd(int x, int y, int[] z, int zOff)
-    {
-        // assert x >>> 31 == 0;
-        // assert zOff <= 1;
-
-        long c = 0, xVal = x & M, yVal = y & M;
-        c += yVal * xVal + (z[zOff + 0] & M);
-        z[zOff + 0] = (int)c;
-        c >>>= 32;
-        c += yVal + (z[zOff + 1] & M);
-        z[zOff + 1] = (int)c;
-        c >>>= 32;
-        c += (z[zOff + 2] & M);
-        z[zOff + 2] = (int)c;
-        c >>>= 32;
-        return c == 0 ? 0 : Nat.incAt(4, z, zOff, 3);
-    }
-
-    public static int mulWordDwordAdd(int x, long y, int[] z, int zOff)
-    {
-        // assert zOff <= 1;
-        long c = 0, xVal = x & M;
-        c += xVal * (y & M) + (z[zOff + 0] & M);
-        z[zOff + 0] = (int)c;
-        c >>>= 32;
-        c += xVal * (y >>> 32) + (z[zOff + 1] & M);
-        z[zOff + 1] = (int)c;
-        c >>>= 32;
-        c += (z[zOff + 2] & M);
-        z[zOff + 2] = (int)c;
-        c >>>= 32;
-        return c == 0 ? 0 : Nat.incAt(4, z, zOff, 3);
-    }
-
-    public static int mulWordsAdd(int x, int y, int[] z, int zOff)
-    {
-        // assert zOff <= 2;
-
-        long c = 0, xVal = x & M, yVal = y & M;
-        c += yVal * xVal + (z[zOff + 0] & M);
-        z[zOff + 0] = (int)c;
-        c >>>= 32;
-        c += (z[zOff + 1] & M);
-        z[zOff + 1] = (int)c;
-        c >>>= 32;
-        return c == 0 ? 0 : Nat.incAt(4, z, zOff, 2);
-    }
-
-    public static int mulWord(int x, int[] y, int[] z, int zOff)
-    {
-        long c = 0, xVal = x & M;
-        int i = 0;
-        do
-        {
-            c += xVal * (y[i] & M);
-            z[zOff + i] = (int)c;
-            c >>>= 32;
-        }
-        while (++i < 4);
-        return (int)c;
-    }
-
-    public static void square(int[] x, int[] zz)
-    {
-        long x_0 = x[0] & M;
-        long zz_1;
-
-        int c = 0, w;
-        {
-            int i = 3, j = 8;
-            do
-            {
-                long xVal = (x[i--] & M);
-                long p = xVal * xVal;
-                zz[--j] = (c << 31) | (int)(p >>> 33);
-                zz[--j] = (int)(p >>> 1);
-                c = (int)p;
-            }
-            while (i > 0);
-
-            {
-                long p = x_0 * x_0;
-                zz_1 = ((c << 31) & M) | (p >>> 33);
-                zz[0] = (int)p;
-                c = (int)(p >>> 32) & 1;
-            }
-        }
-
-        long x_1 = x[1] & M;
-        long zz_2 = zz[2] & M;
-
-        {
-            zz_1 += x_1 * x_0;
-            w = (int)zz_1;
-            zz[1] = (w << 1) | c;
-            c = w >>> 31;
-            zz_2 += zz_1 >>> 32;
-        }
-
-        long x_2 = x[2] & M;
-        long zz_3 = zz[3] & M;
-        long zz_4 = zz[4] & M;
-        {
-            zz_2 += x_2 * x_0;
-            w = (int)zz_2;
-            zz[2] = (w << 1) | c;
-            c = w >>> 31;
-            zz_3 += (zz_2 >>> 32) + x_2 * x_1;
-            zz_4 += zz_3 >>> 32;
-            zz_3 &= M;
-        }
-
-        long x_3 = x[3] & M;
-        long zz_5 = (zz[5] & M) + (zz_4 >>> 32); zz_4 &= M;
-        long zz_6 = (zz[6] & M) + (zz_5 >>> 32); zz_5 &= M;
-        {
-            zz_3 += x_3 * x_0;
-            w = (int)zz_3;
-            zz[3] = (w << 1) | c;
-            c = w >>> 31;
-            zz_4 += (zz_3 >>> 32) + x_3 * x_1;
-            zz_5 += (zz_4 >>> 32) + x_3 * x_2;
-            zz_6 += zz_5 >>> 32;
-            zz_5 &= M;
-        }
-
-        w = (int)zz_4;
-        zz[4] = (w << 1) | c;
-        c = w >>> 31;
-        w = (int)zz_5;
-        zz[5] = (w << 1) | c;
-        c = w >>> 31;
-        w = (int)zz_6;
-        zz[6] = (w << 1) | c;
-        c = w >>> 31;
-        w = zz[7] + (int)(zz_6 >>> 32);
-        zz[7] = (w << 1) | c;
-    }
-
-    public static void square(int[] x, int xOff, int[] zz, int zzOff)
-    {
-        long x_0 = x[xOff + 0] & M;
-        long zz_1;
-
-        int c = 0, w;
-        {
-            int i = 3, j = 8;
-            do
-            {
-                long xVal = (x[xOff + i--] & M);
-                long p = xVal * xVal;
-                zz[zzOff + --j] = (c << 31) | (int)(p >>> 33);
-                zz[zzOff + --j] = (int)(p >>> 1);
-                c = (int)p;
-            }
-            while (i > 0);
-
-            {
-                long p = x_0 * x_0;
-                zz_1 = ((c << 31) & M) | (p >>> 33);
-                zz[zzOff + 0] = (int)p;
-                c = (int)(p >>> 32) & 1;
-            }
-        }
-
-        long x_1 = x[xOff + 1] & M;
-        long zz_2 = zz[zzOff + 2] & M;
-
-        {
-            zz_1 += x_1 * x_0;
-            w = (int)zz_1;
-            zz[zzOff + 1] = (w << 1) | c;
-            c = w >>> 31;
-            zz_2 += zz_1 >>> 32;
-        }
-
-        long x_2 = x[xOff + 2] & M;
-        long zz_3 = zz[zzOff + 3] & M;
-        long zz_4 = zz[zzOff + 4] & M;
-        {
-            zz_2 += x_2 * x_0;
-            w = (int)zz_2;
-            zz[zzOff + 2] = (w << 1) | c;
-            c = w >>> 31;
-            zz_3 += (zz_2 >>> 32) + x_2 * x_1;
-            zz_4 += zz_3 >>> 32;
-            zz_3 &= M;
-        }
-
-        long x_3 = x[xOff + 3] & M;
-        long zz_5 = (zz[zzOff + 5] & M) + (zz_4 >>> 32); zz_4 &= M;
-        long zz_6 = (zz[zzOff + 6] & M) + (zz_5 >>> 32); zz_5 &= M;
-        {
-            zz_3 += x_3 * x_0;
-            w = (int)zz_3;
-            zz[zzOff + 3] = (w << 1) | c;
-            c = w >>> 31;
-            zz_4 += (zz_3 >>> 32) + x_3 * x_1;
-            zz_5 += (zz_4 >>> 32) + x_3 * x_2;
-            zz_6 += zz_5 >>> 32;
-        }
-
-        w = (int)zz_4;
-        zz[zzOff + 4] = (w << 1) | c;
-        c = w >>> 31;
-        w = (int)zz_5;
-        zz[zzOff + 5] = (w << 1) | c;
-        c = w >>> 31;
-        w = (int)zz_6;
-        zz[zzOff + 6] = (w << 1) | c;
-        c = w >>> 31;
-        w = zz[zzOff + 7] + (int)(zz_6 >>> 32);
-        zz[zzOff + 7] = (w << 1) | c;
-    }
-
-    public static int sub(int[] x, int[] y, int[] z)
-    {
-        long c = 0;
-        c += (x[0] & M) - (y[0] & M);
-        z[0] = (int)c;
-        c >>= 32;
-        c += (x[1] & M) - (y[1] & M);
-        z[1] = (int)c;
-        c >>= 32;
-        c += (x[2] & M) - (y[2] & M);
-        z[2] = (int)c;
-        c >>= 32;
-        c += (x[3] & M) - (y[3] & M);
-        z[3] = (int)c;
-        c >>= 32;
-        return (int)c;
-    }
-
-    public static int sub(int[] x, int xOff, int[] y, int yOff, int[] z, int zOff)
-    {
-        long c = 0;
-        c += (x[xOff + 0] & M) - (y[yOff + 0] & M);
-        z[zOff + 0] = (int)c;
-        c >>= 32;
-        c += (x[xOff + 1] & M) - (y[yOff + 1] & M);
-        z[zOff + 1] = (int)c;
-        c >>= 32;
-        c += (x[xOff + 2] & M) - (y[yOff + 2] & M);
-        z[zOff + 2] = (int)c;
-        c >>= 32;
-        c += (x[xOff + 3] & M) - (y[yOff + 3] & M);
-        z[zOff + 3] = (int)c;
-        c >>= 32;
-        return (int)c;
-    }
-
-    public static int subBothFrom(int[] x, int[] y, int[] z)
-    {
-        long c = 0;
-        c += (z[0] & M) - (x[0] & M) - (y[0] & M);
-        z[0] = (int)c;
-        c >>= 32;
-        c += (z[1] & M) - (x[1] & M) - (y[1] & M);
-        z[1] = (int)c;
-        c >>= 32;
-        c += (z[2] & M) - (x[2] & M) - (y[2] & M);
-        z[2] = (int)c;
-        c >>= 32;
-        c += (z[3] & M) - (x[3] & M) - (y[3] & M);
-        z[3] = (int)c;
-        c >>= 32;
-        return (int)c;
-    }
-
-    public static int subFrom(int[] x, int[] z)
-    {
-        long c = 0;
-        c += (z[0] & M) - (x[0] & M);
-        z[0] = (int)c;
-        c >>= 32;
-        c += (z[1] & M) - (x[1] & M);
-        z[1] = (int)c;
-        c >>= 32;
-        c += (z[2] & M) - (x[2] & M);
-        z[2] = (int)c;
-        c >>= 32;
-        c += (z[3] & M) - (x[3] & M);
-        z[3] = (int)c;
-        c >>= 32;
-        return (int)c;
-    }
-
-    public static int subFrom(int[] x, int xOff, int[] z, int zOff)
-    {
-        long c = 0;
-        c += (z[zOff + 0] & M) - (x[xOff + 0] & M);
-        z[zOff + 0] = (int)c;
-        c >>= 32;
-        c += (z[zOff + 1] & M) - (x[xOff + 1] & M);
-        z[zOff + 1] = (int)c;
-        c >>= 32;
-        c += (z[zOff + 2] & M) - (x[xOff + 2] & M);
-        z[zOff + 2] = (int)c;
-        c >>= 32;
-        c += (z[zOff + 3] & M) - (x[xOff + 3] & M);
-        z[zOff + 3] = (int)c;
-        c >>= 32;
-        return (int)c;
-    }
-
-    public static BigInteger toBigInteger(int[] x)
-    {
-        byte[] bs = new byte[16];
-        for (int i = 0; i < 4; ++i)
-        {
-            int x_i = x[i];
-            if (x_i != 0)
-            {
-                Pack.intToBigEndian(x_i, bs, (3 - i) << 2);
-            }
-        }
-        return new BigInteger(1, bs);
-    }
-
-    public static BigInteger toBigInteger64(long[] x)
-    {
-        byte[] bs = new byte[16];
-        for (int i = 0; i < 2; ++i)
-        {
-            long x_i = x[i];
-            if (x_i != 0L)
-            {
-                Pack.longToBigEndian(x_i, bs, (1 - i) << 3);
-            }
-        }
-        return new BigInteger(1, bs);
-    }
-
-    public static void zero(int[] z)
-    {
-        z[0] = 0;
-        z[1] = 0;
-        z[2] = 0;
-        z[3] = 0;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/raw/Nat160.java b/bcprov/src/main/java/org/bouncycastle/math/raw/Nat160.java
deleted file mode 100644
index 9bfe1ce..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/raw/Nat160.java
+++ /dev/null

@@ -1,887 +0,0 @@
-package org.bouncycastle.math.raw;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.util.Pack;
-
-public abstract class Nat160
-{
-    private static final long M = 0xFFFFFFFFL;
-
-    public static int add(int[] x, int[] y, int[] z)
-    {
-        long c = 0;
-        c += (x[0] & M) + (y[0] & M);
-        z[0] = (int)c;
-        c >>>= 32;
-        c += (x[1] & M) + (y[1] & M);
-        z[1] = (int)c;
-        c >>>= 32;
-        c += (x[2] & M) + (y[2] & M);
-        z[2] = (int)c;
-        c >>>= 32;
-        c += (x[3] & M) + (y[3] & M);
-        z[3] = (int)c;
-        c >>>= 32;
-        c += (x[4] & M) + (y[4] & M);
-        z[4] = (int)c;
-        c >>>= 32;
-        return (int)c;
-    }
-
-    public static int addBothTo(int[] x, int[] y, int[] z)
-    {
-        long c = 0;
-        c += (x[0] & M) + (y[0] & M) + (z[0] & M);
-        z[0] = (int)c;
-        c >>>= 32;
-        c += (x[1] & M) + (y[1] & M) + (z[1] & M);
-        z[1] = (int)c;
-        c >>>= 32;
-        c += (x[2] & M) + (y[2] & M) + (z[2] & M);
-        z[2] = (int)c;
-        c >>>= 32;
-        c += (x[3] & M) + (y[3] & M) + (z[3] & M);
-        z[3] = (int)c;
-        c >>>= 32;
-        c += (x[4] & M) + (y[4] & M) + (z[4] & M);
-        z[4] = (int)c;
-        c >>>= 32;
-        return (int)c;
-    }
-
-    public static int addTo(int[] x, int[] z)
-    {
-        long c = 0;
-        c += (x[0] & M) + (z[0] & M);
-        z[0] = (int)c;
-        c >>>= 32;
-        c += (x[1] & M) + (z[1] & M);
-        z[1] = (int)c;
-        c >>>= 32;
-        c += (x[2] & M) + (z[2] & M);
-        z[2] = (int)c;
-        c >>>= 32;
-        c += (x[3] & M) + (z[3] & M);
-        z[3] = (int)c;
-        c >>>= 32;
-        c += (x[4] & M) + (z[4] & M);
-        z[4] = (int)c;
-        c >>>= 32;
-        return (int)c;
-    }
-
-    public static int addTo(int[] x, int xOff, int[] z, int zOff, int cIn)
-    {
-        long c = cIn & M;
-        c += (x[xOff + 0] & M) + (z[zOff + 0] & M);
-        z[zOff + 0] = (int)c;
-        c >>>= 32;
-        c += (x[xOff + 1] & M) + (z[zOff + 1] & M);
-        z[zOff + 1] = (int)c;
-        c >>>= 32;
-        c += (x[xOff + 2] & M) + (z[zOff + 2] & M);
-        z[zOff + 2] = (int)c;
-        c >>>= 32;
-        c += (x[xOff + 3] & M) + (z[zOff + 3] & M);
-        z[zOff + 3] = (int)c;
-        c >>>= 32;
-        c += (x[xOff + 4] & M) + (z[zOff + 4] & M);
-        z[zOff + 4] = (int)c;
-        c >>>= 32;
-        return (int)c;
-    }
-
-    public static int addToEachOther(int[] u, int uOff, int[] v, int vOff)
-    {
-        long c = 0;
-        c += (u[uOff + 0] & M) + (v[vOff + 0] & M);
-        u[uOff + 0] = (int)c;
-        v[vOff + 0] = (int)c;
-        c >>>= 32;
-        c += (u[uOff + 1] & M) + (v[vOff + 1] & M);
-        u[uOff + 1] = (int)c;
-        v[vOff + 1] = (int)c;
-        c >>>= 32;
-        c += (u[uOff + 2] & M) + (v[vOff + 2] & M);
-        u[uOff + 2] = (int)c;
-        v[vOff + 2] = (int)c;
-        c >>>= 32;
-        c += (u[uOff + 3] & M) + (v[vOff + 3] & M);
-        u[uOff + 3] = (int)c;
-        v[vOff + 3] = (int)c;
-        c >>>= 32;
-        c += (u[uOff + 4] & M) + (v[vOff + 4] & M);
-        u[uOff + 4] = (int)c;
-        v[vOff + 4] = (int)c;
-        c >>>= 32;
-        return (int)c;
-    }
-
-    public static void copy(int[] x, int[] z)
-    {
-        z[0] = x[0];
-        z[1] = x[1];
-        z[2] = x[2];
-        z[3] = x[3];
-        z[4] = x[4];
-    }
-
-    public static void copy(int[] x, int xOff, int[] z, int zOff)
-    {
-        z[zOff + 0] = x[xOff + 0];
-        z[zOff + 1] = x[xOff + 1];
-        z[zOff + 2] = x[xOff + 2];
-        z[zOff + 3] = x[xOff + 3];
-        z[zOff + 4] = x[xOff + 4];
-    }
-
-    public static int[] create()
-    {
-        return new int[5];
-    }
-
-    public static int[] createExt()
-    {
-        return new int[10];
-    }
-
-    public static boolean diff(int[] x, int xOff, int[] y, int yOff, int[] z, int zOff)
-    {
-        boolean pos = gte(x, xOff, y, yOff);
-        if (pos)
-        {
-            sub(x, xOff, y, yOff, z, zOff);
-        }
-        else
-        {
-            sub(y, yOff, x, xOff, z, zOff);
-        }
-        return pos;
-    }
-
-    public static boolean eq(int[] x, int[] y)
-    {
-        for (int i = 4; i >= 0; --i)
-        {
-            if (x[i] != y[i])
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    public static int[] fromBigInteger(BigInteger x)
-    {
-        if (x.signum() < 0 || x.bitLength() > 160)
-        {
-            throw new IllegalArgumentException();
-        }
-
-        int[] z = create();
-        int i = 0;
-        while (x.signum() != 0)
-        {
-            z[i++] = x.intValue();
-            x = x.shiftRight(32);
-        }
-        return z;
-    }
-
-    public static int getBit(int[] x, int bit)
-    {
-        if (bit == 0)
-        {
-            return x[0] & 1;
-        }
-        int w = bit >> 5;
-        if (w < 0 || w >= 5)
-        {
-            return 0;
-        }
-        int b = bit & 31;
-        return (x[w] >>> b) & 1;
-    }
-
-    public static boolean gte(int[] x, int[] y)
-    {
-        for (int i = 4; i >= 0; --i)
-        {
-            int x_i = x[i] ^ Integer.MIN_VALUE;
-            int y_i = y[i] ^ Integer.MIN_VALUE;
-            if (x_i < y_i)
-                return false;
-            if (x_i > y_i)
-                return true;
-        }
-        return true;
-    }
-
-    public static boolean gte(int[] x, int xOff, int[] y, int yOff)
-    {
-        for (int i = 4; i >= 0; --i)
-        {
-            int x_i = x[xOff + i] ^ Integer.MIN_VALUE;
-            int y_i = y[yOff + i] ^ Integer.MIN_VALUE;
-            if (x_i < y_i)
-                return false;
-            if (x_i > y_i)
-                return true;
-        }
-        return true;
-    }
-
-    public static boolean isOne(int[] x)
-    {
-        if (x[0] != 1)
-        {
-            return false;
-        }
-        for (int i = 1; i < 5; ++i)
-        {
-            if (x[i] != 0)
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    public static boolean isZero(int[] x)
-    {
-        for (int i = 0; i < 5; ++i)
-        {
-            if (x[i] != 0)
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    public static void mul(int[] x, int[] y, int[] zz)
-    {
-        long y_0 = y[0] & M;
-        long y_1 = y[1] & M;
-        long y_2 = y[2] & M;
-        long y_3 = y[3] & M;
-        long y_4 = y[4] & M;
-
-        {
-            long c = 0, x_0 = x[0] & M;
-            c += x_0 * y_0;
-            zz[0] = (int)c;
-            c >>>= 32;
-            c += x_0 * y_1;
-            zz[1] = (int)c;
-            c >>>= 32;
-            c += x_0 * y_2;
-            zz[2] = (int)c;
-            c >>>= 32;
-            c += x_0 * y_3;
-            zz[3] = (int)c;
-            c >>>= 32;
-            c += x_0 * y_4;
-            zz[4] = (int)c;
-            c >>>= 32;
-            zz[5] = (int)c;
-        }
-
-        for (int i = 1; i < 5; ++i)
-        {
-            long c = 0, x_i = x[i] & M;
-            c += x_i * y_0 + (zz[i + 0] & M);
-            zz[i + 0] = (int)c;
-            c >>>= 32;
-            c += x_i * y_1 + (zz[i + 1] & M);
-            zz[i + 1] = (int)c;
-            c >>>= 32;
-            c += x_i * y_2 + (zz[i + 2] & M);
-            zz[i + 2] = (int)c;
-            c >>>= 32;
-            c += x_i * y_3 + (zz[i + 3] & M);
-            zz[i + 3] = (int)c;
-            c >>>= 32;
-            c += x_i * y_4 + (zz[i + 4] & M);
-            zz[i + 4] = (int)c;
-            c >>>= 32;
-            zz[i + 5] = (int)c;
-        }
-    }
-
-    public static void mul(int[] x, int xOff, int[] y, int yOff, int[] zz, int zzOff)
-    {
-        long y_0 = y[yOff + 0] & M;
-        long y_1 = y[yOff + 1] & M;
-        long y_2 = y[yOff + 2] & M;
-        long y_3 = y[yOff + 3] & M;
-        long y_4 = y[yOff + 4] & M;
-
-        {
-            long c = 0, x_0 = x[xOff + 0] & M;
-            c += x_0 * y_0;
-            zz[zzOff + 0] = (int)c;
-            c >>>= 32;
-            c += x_0 * y_1;
-            zz[zzOff + 1] = (int)c;
-            c >>>= 32;
-            c += x_0 * y_2;
-            zz[zzOff + 2] = (int)c;
-            c >>>= 32;
-            c += x_0 * y_3;
-            zz[zzOff + 3] = (int)c;
-            c >>>= 32;
-            c += x_0 * y_4;
-            zz[zzOff + 4] = (int)c;
-            c >>>= 32;
-            zz[zzOff + 5] = (int)c;
-        }
-
-        for (int i = 1; i < 5; ++i)
-        {
-            ++zzOff;
-            long c = 0, x_i = x[xOff + i] & M;
-            c += x_i * y_0 + (zz[zzOff + 0] & M);
-            zz[zzOff + 0] = (int)c;
-            c >>>= 32;
-            c += x_i * y_1 + (zz[zzOff + 1] & M);
-            zz[zzOff + 1] = (int)c;
-            c >>>= 32;
-            c += x_i * y_2 + (zz[zzOff + 2] & M);
-            zz[zzOff + 2] = (int)c;
-            c >>>= 32;
-            c += x_i * y_3 + (zz[zzOff + 3] & M);
-            zz[zzOff + 3] = (int)c;
-            c >>>= 32;
-            c += x_i * y_4 + (zz[zzOff + 4] & M);
-            zz[zzOff + 4] = (int)c;
-            c >>>= 32;
-            zz[zzOff + 5] = (int)c;
-        }
-    }
-
-    public static int mulAddTo(int[] x, int[] y, int[] zz)
-    {
-        long y_0 = y[0] & M;
-        long y_1 = y[1] & M;
-        long y_2 = y[2] & M;
-        long y_3 = y[3] & M;
-        long y_4 = y[4] & M;
-
-        long zc = 0;
-        for (int i = 0; i < 5; ++i)
-        {
-            long c = 0, x_i = x[i] & M;
-            c += x_i * y_0 + (zz[i + 0] & M);
-            zz[i + 0] = (int)c;
-            c >>>= 32;
-            c += x_i * y_1 + (zz[i + 1] & M);
-            zz[i + 1] = (int)c;
-            c >>>= 32;
-            c += x_i * y_2 + (zz[i + 2] & M);
-            zz[i + 2] = (int)c;
-            c >>>= 32;
-            c += x_i * y_3 + (zz[i + 3] & M);
-            zz[i + 3] = (int)c;
-            c >>>= 32;
-            c += x_i * y_4 + (zz[i + 4] & M);
-            zz[i + 4] = (int)c;
-            c >>>= 32;
-            c += zc + (zz[i + 5] & M);
-            zz[i + 5] = (int)c;
-            zc = c >>> 32;
-        }
-        return (int)zc;
-    }
-
-    public static int mulAddTo(int[] x, int xOff, int[] y, int yOff, int[] zz, int zzOff)
-    {
-        long y_0 = y[yOff + 0] & M;
-        long y_1 = y[yOff + 1] & M;
-        long y_2 = y[yOff + 2] & M;
-        long y_3 = y[yOff + 3] & M;
-        long y_4 = y[yOff + 4] & M;
-
-        long zc = 0;
-        for (int i = 0; i < 5; ++i)
-        {
-            long c = 0, x_i = x[xOff + i] & M;
-            c += x_i * y_0 + (zz[zzOff + 0] & M);
-            zz[zzOff + 0] = (int)c;
-            c >>>= 32;
-            c += x_i * y_1 + (zz[zzOff + 1] & M);
-            zz[zzOff + 1] = (int)c;
-            c >>>= 32;
-            c += x_i * y_2 + (zz[zzOff + 2] & M);
-            zz[zzOff + 2] = (int)c;
-            c >>>= 32;
-            c += x_i * y_3 + (zz[zzOff + 3] & M);
-            zz[zzOff + 3] = (int)c;
-            c >>>= 32;
-            c += x_i * y_4 + (zz[zzOff + 4] & M);
-            zz[zzOff + 4] = (int)c;
-            c >>>= 32;
-            c += zc + (zz[zzOff + 5] & M);
-            zz[zzOff + 5] = (int)c;
-            zc = c >>> 32;
-            ++zzOff;
-        }
-        return (int)zc;
-    }
-
-    public static long mul33Add(int w, int[] x, int xOff, int[] y, int yOff, int[] z, int zOff)
-    {
-        // assert w >>> 31 == 0;
-
-        long c = 0, wVal = w & M;
-        long x0 = x[xOff + 0] & M;
-        c += wVal * x0 + (y[yOff + 0] & M);
-        z[zOff + 0] = (int)c;
-        c >>>= 32;
-        long x1 = x[xOff + 1] & M;
-        c += wVal * x1 + x0 + (y[yOff + 1] & M);
-        z[zOff + 1] = (int)c;
-        c >>>= 32;
-        long x2 = x[xOff + 2] & M;
-        c += wVal * x2 + x1 + (y[yOff + 2] & M);
-        z[zOff + 2] = (int)c;
-        c >>>= 32;
-        long x3 = x[xOff + 3] & M;
-        c += wVal * x3 + x2 + (y[yOff + 3] & M);
-        z[zOff + 3] = (int)c;
-        c >>>= 32;
-        long x4 = x[xOff + 4] & M;
-        c += wVal * x4 + x3 + (y[yOff + 4] & M);
-        z[zOff + 4] = (int)c;
-        c >>>= 32;
-        c += x4;
-        return c;
-    }
-
-    public static int mulWordAddExt(int x, int[] yy, int yyOff, int[] zz, int zzOff)
-    {
-        // assert yyOff <= 5;
-        // assert zzOff <= 5;
-        long c = 0, xVal = x & M;
-        c += xVal * (yy[yyOff + 0] & M) + (zz[zzOff + 0] & M);
-        zz[zzOff + 0] = (int)c;
-        c >>>= 32;
-        c += xVal * (yy[yyOff + 1] & M) + (zz[zzOff + 1] & M);
-        zz[zzOff + 1] = (int)c;
-        c >>>= 32;
-        c += xVal * (yy[yyOff + 2] & M) + (zz[zzOff + 2] & M);
-        zz[zzOff + 2] = (int)c;
-        c >>>= 32;
-        c += xVal * (yy[yyOff + 3] & M) + (zz[zzOff + 3] & M);
-        zz[zzOff + 3] = (int)c;
-        c >>>= 32;
-        c += xVal * (yy[yyOff + 4] & M) + (zz[zzOff + 4] & M);
-        zz[zzOff + 4] = (int)c;
-        c >>>= 32;
-        return (int)c;
-    }
-
-    public static int mul33DWordAdd(int x, long y, int[] z, int zOff)
-    {
-        // assert x >>> 31 == 0;
-        // assert zOff <= 1;
-
-        long c = 0, xVal = x & M;
-        long y00 = y & M;
-        c += xVal * y00 + (z[zOff + 0] & M);
-        z[zOff + 0] = (int)c;
-        c >>>= 32;
-        long y01 = y >>> 32;
-        c += xVal * y01 + y00 + (z[zOff + 1] & M);
-        z[zOff + 1] = (int)c;
-        c >>>= 32;
-        c += y01 + (z[zOff + 2] & M);
-        z[zOff + 2] = (int)c;
-        c >>>= 32;
-        c += (z[zOff + 3] & M);
-        z[zOff + 3] = (int)c;
-        c >>>= 32;
-        return c == 0 ? 0 : Nat.incAt(5, z, zOff, 4);
-    }
-
-    public static int mul33WordAdd(int x, int y, int[] z, int zOff)
-    {
-        // assert x >>> 31 == 0;
-        // assert zOff <= 2;
-
-        long c = 0, xVal = x & M, yVal = y & M;
-        c += yVal * xVal + (z[zOff + 0] & M);
-        z[zOff + 0] = (int)c;
-        c >>>= 32;
-        c += yVal + (z[zOff + 1] & M);
-        z[zOff + 1] = (int)c;
-        c >>>= 32;
-        c += (z[zOff + 2] & M);
-        z[zOff + 2] = (int)c;
-        c >>>= 32;
-        return c == 0 ? 0 : Nat.incAt(5, z, zOff, 3);
-    }
-
-    public static int mulWordDwordAdd(int x, long y, int[] z, int zOff)
-    {
-        // assert zOff <= 2;
-        long c = 0, xVal = x & M;
-        c += xVal * (y & M) + (z[zOff + 0] & M);
-        z[zOff + 0] = (int)c;
-        c >>>= 32;
-        c += xVal * (y >>> 32) + (z[zOff + 1] & M);
-        z[zOff + 1] = (int)c;
-        c >>>= 32;
-        c += (z[zOff + 2] & M);
-        z[zOff + 2] = (int)c;
-        c >>>= 32;
-        return c == 0 ? 0 : Nat.incAt(5, z, zOff, 3);
-    }
-
-    public static int mulWordsAdd(int x, int y, int[] z, int zOff)
-    {
-        // assert zOff <= 3;
-
-        long c = 0, xVal = x & M, yVal = y & M;
-        c += yVal * xVal + (z[zOff + 0] & M);
-        z[zOff + 0] = (int)c;
-        c >>>= 32;
-        c += (z[zOff + 1] & M);
-        z[zOff + 1] = (int)c;
-        c >>>= 32;
-        return c == 0 ? 0 : Nat.incAt(5, z, zOff, 2);
-    }
-
-    public static int mulWord(int x, int[] y, int[] z, int zOff)
-    {
-        long c = 0, xVal = x & M;
-        int i = 0;
-        do
-        {
-            c += xVal * (y[i] & M);
-            z[zOff + i] = (int)c;
-            c >>>= 32;
-        }
-        while (++i < 5);
-        return (int)c;
-    }
-
-    public static void square(int[] x, int[] zz)
-    {
-        long x_0 = x[0] & M;
-        long zz_1;
-
-        int c = 0, w;
-        {
-            int i = 4, j = 10;
-            do
-            {
-                long xVal = (x[i--] & M);
-                long p = xVal * xVal;
-                zz[--j] = (c << 31) | (int)(p >>> 33);
-                zz[--j] = (int)(p >>> 1);
-                c = (int)p;
-            }
-            while (i > 0);
-
-            {
-                long p = x_0 * x_0;
-                zz_1 = ((c << 31) & M) | (p >>> 33);
-                zz[0] = (int)p;
-                c = (int)(p >>> 32) & 1;
-            }
-        }
-
-        long x_1 = x[1] & M;
-        long zz_2 = zz[2] & M;
-
-        {
-            zz_1 += x_1 * x_0;
-            w = (int)zz_1;
-            zz[1] = (w << 1) | c;
-            c = w >>> 31;
-            zz_2 += zz_1 >>> 32;
-        }
-
-        long x_2 = x[2] & M;
-        long zz_3 = zz[3] & M;
-        long zz_4 = zz[4] & M;
-        {
-            zz_2 += x_2 * x_0;
-            w = (int)zz_2;
-            zz[2] = (w << 1) | c;
-            c = w >>> 31;
-            zz_3 += (zz_2 >>> 32) + x_2 * x_1;
-            zz_4 += zz_3 >>> 32;
-            zz_3 &= M;
-        }
-
-        long x_3 = x[3] & M;
-        long zz_5 = (zz[5] & M) + (zz_4 >>> 32); zz_4 &= M;
-        long zz_6 = (zz[6] & M) + (zz_5 >>> 32); zz_5 &= M;
-        {
-            zz_3 += x_3 * x_0;
-            w = (int)zz_3;
-            zz[3] = (w << 1) | c;
-            c = w >>> 31;
-            zz_4 += (zz_3 >>> 32) + x_3 * x_1;
-            zz_5 += (zz_4 >>> 32) + x_3 * x_2;
-            zz_4 &= M;
-            zz_6 += zz_5 >>> 32;
-            zz_5 &= M;
-        }
-
-        long x_4 = x[4] & M;
-        long zz_7 = (zz[7] & M) + (zz_6 >>> 32); zz_6 &= M;
-        long zz_8 = (zz[8] & M) + (zz_7 >>> 32); zz_7 &= M;
-        {
-            zz_4 += x_4 * x_0;
-            w = (int)zz_4;
-            zz[4] = (w << 1) | c;
-            c = w >>> 31;
-            zz_5 += (zz_4 >>> 32) + x_4 * x_1;
-            zz_6 += (zz_5 >>> 32) + x_4 * x_2;
-            zz_7 += (zz_6 >>> 32) + x_4 * x_3;
-            zz_8 += zz_7 >>> 32;
-        }
-
-        w = (int)zz_5;
-        zz[5] = (w << 1) | c;
-        c = w >>> 31;
-        w = (int)zz_6;
-        zz[6] = (w << 1) | c;
-        c = w >>> 31;
-        w = (int)zz_7;
-        zz[7] = (w << 1) | c;
-        c = w >>> 31;
-        w = (int)zz_8;
-        zz[8] = (w << 1) | c;
-        c = w >>> 31;
-        w = zz[9] + (int)(zz_8 >>> 32);
-        zz[9] = (w << 1) | c;
-    }
-
-    public static void square(int[] x, int xOff, int[] zz, int zzOff)
-    {
-        long x_0 = x[xOff + 0] & M;
-        long zz_1;
-
-        int c = 0, w;
-        {
-            int i = 4, j = 10;
-            do
-            {
-                long xVal = (x[xOff + i--] & M);
-                long p = xVal * xVal;
-                zz[zzOff + --j] = (c << 31) | (int)(p >>> 33);
-                zz[zzOff + --j] = (int)(p >>> 1);
-                c = (int)p;
-            }
-            while (i > 0);
-
-            {
-                long p = x_0 * x_0;
-                zz_1 = ((c << 31) & M) | (p >>> 33);
-                zz[zzOff + 0] = (int)p;
-                c = (int)(p >>> 32) & 1;
-            }
-        }
-
-        long x_1 = x[xOff + 1] & M;
-        long zz_2 = zz[zzOff + 2] & M;
-
-        {
-            zz_1 += x_1 * x_0;
-            w = (int)zz_1;
-            zz[zzOff + 1] = (w << 1) | c;
-            c = w >>> 31;
-            zz_2 += zz_1 >>> 32;
-        }
-
-        long x_2 = x[xOff + 2] & M;
-        long zz_3 = zz[zzOff + 3] & M;
-        long zz_4 = zz[zzOff + 4] & M;
-        {
-            zz_2 += x_2 * x_0;
-            w = (int)zz_2;
-            zz[zzOff + 2] = (w << 1) | c;
-            c = w >>> 31;
-            zz_3 += (zz_2 >>> 32) + x_2 * x_1;
-            zz_4 += zz_3 >>> 32;
-            zz_3 &= M;
-        }
-
-        long x_3 = x[xOff + 3] & M;
-        long zz_5 = (zz[zzOff + 5] & M) + (zz_4 >>> 32); zz_4 &= M;
-        long zz_6 = (zz[zzOff + 6] & M) + (zz_5 >>> 32); zz_5 &= M;
-        {
-            zz_3 += x_3 * x_0;
-            w = (int)zz_3;
-            zz[zzOff + 3] = (w << 1) | c;
-            c = w >>> 31;
-            zz_4 += (zz_3 >>> 32) + x_3 * x_1;
-            zz_5 += (zz_4 >>> 32) + x_3 * x_2;
-            zz_4 &= M;
-            zz_6 += zz_5 >>> 32;
-            zz_5 &= M;
-        }
-
-        long x_4 = x[xOff + 4] & M;
-        long zz_7 = (zz[zzOff + 7] & M) + (zz_6 >>> 32); zz_6 &= M;
-        long zz_8 = (zz[zzOff + 8] & M) + (zz_7 >>> 32); zz_7 &= M;
-        {
-            zz_4 += x_4 * x_0;
-            w = (int)zz_4;
-            zz[zzOff + 4] = (w << 1) | c;
-            c = w >>> 31;
-            zz_5 += (zz_4 >>> 32) + x_4 * x_1;
-            zz_6 += (zz_5 >>> 32) + x_4 * x_2;
-            zz_7 += (zz_6 >>> 32) + x_4 * x_3;
-            zz_8 += zz_7 >>> 32;
-        }
-
-        w = (int)zz_5;
-        zz[zzOff + 5] = (w << 1) | c;
-        c = w >>> 31;
-        w = (int)zz_6;
-        zz[zzOff + 6] = (w << 1) | c;
-        c = w >>> 31;
-        w = (int)zz_7;
-        zz[zzOff + 7] = (w << 1) | c;
-        c = w >>> 31;
-        w = (int)zz_8;
-        zz[zzOff + 8] = (w << 1) | c;
-        c = w >>> 31;
-        w = zz[zzOff + 9] + (int)(zz_8 >>> 32);
-        zz[zzOff + 9] = (w << 1) | c;
-    }
-
-    public static int sub(int[] x, int[] y, int[] z)
-    {
-        long c = 0;
-        c += (x[0] & M) - (y[0] & M);
-        z[0] = (int)c;
-        c >>= 32;
-        c += (x[1] & M) - (y[1] & M);
-        z[1] = (int)c;
-        c >>= 32;
-        c += (x[2] & M) - (y[2] & M);
-        z[2] = (int)c;
-        c >>= 32;
-        c += (x[3] & M) - (y[3] & M);
-        z[3] = (int)c;
-        c >>= 32;
-        c += (x[4] & M) - (y[4] & M);
-        z[4] = (int)c;
-        c >>= 32;
-        return (int)c;
-    }
-
-    public static int sub(int[] x, int xOff, int[] y, int yOff, int[] z, int zOff)
-    {
-        long c = 0;
-        c += (x[xOff + 0] & M) - (y[yOff + 0] & M);
-        z[zOff + 0] = (int)c;
-        c >>= 32;
-        c += (x[xOff + 1] & M) - (y[yOff + 1] & M);
-        z[zOff + 1] = (int)c;
-        c >>= 32;
-        c += (x[xOff + 2] & M) - (y[yOff + 2] & M);
-        z[zOff + 2] = (int)c;
-        c >>= 32;
-        c += (x[xOff + 3] & M) - (y[yOff + 3] & M);
-        z[zOff + 3] = (int)c;
-        c >>= 32;
-        c += (x[xOff + 4] & M) - (y[yOff + 4] & M);
-        z[zOff + 4] = (int)c;
-        c >>= 32;
-        return (int)c;
-    }
-
-    public static int subBothFrom(int[] x, int[] y, int[] z)
-    {
-        long c = 0;
-        c += (z[0] & M) - (x[0] & M) - (y[0] & M);
-        z[0] = (int)c;
-        c >>= 32;
-        c += (z[1] & M) - (x[1] & M) - (y[1] & M);
-        z[1] = (int)c;
-        c >>= 32;
-        c += (z[2] & M) - (x[2] & M) - (y[2] & M);
-        z[2] = (int)c;
-        c >>= 32;
-        c += (z[3] & M) - (x[3] & M) - (y[3] & M);
-        z[3] = (int)c;
-        c >>= 32;
-        c += (z[4] & M) - (x[4] & M) - (y[4] & M);
-        z[4] = (int)c;
-        c >>= 32;
-        return (int)c;
-    }
-
-    public static int subFrom(int[] x, int[] z)
-    {
-        long c = 0;
-        c += (z[0] & M) - (x[0] & M);
-        z[0] = (int)c;
-        c >>= 32;
-        c += (z[1] & M) - (x[1] & M);
-        z[1] = (int)c;
-        c >>= 32;
-        c += (z[2] & M) - (x[2] & M);
-        z[2] = (int)c;
-        c >>= 32;
-        c += (z[3] & M) - (x[3] & M);
-        z[3] = (int)c;
-        c >>= 32;
-        c += (z[4] & M) - (x[4] & M);
-        z[4] = (int)c;
-        c >>= 32;
-        return (int)c;
-    }
-
-    public static int subFrom(int[] x, int xOff, int[] z, int zOff)
-    {
-        long c = 0;
-        c += (z[zOff + 0] & M) - (x[xOff + 0] & M);
-        z[zOff + 0] = (int)c;
-        c >>= 32;
-        c += (z[zOff + 1] & M) - (x[xOff + 1] & M);
-        z[zOff + 1] = (int)c;
-        c >>= 32;
-        c += (z[zOff + 2] & M) - (x[xOff + 2] & M);
-        z[zOff + 2] = (int)c;
-        c >>= 32;
-        c += (z[zOff + 3] & M) - (x[xOff + 3] & M);
-        z[zOff + 3] = (int)c;
-        c >>= 32;
-        c += (z[zOff + 4] & M) - (x[xOff + 4] & M);
-        z[zOff + 4] = (int)c;
-        c >>= 32;
-        return (int)c;
-    }
-
-    public static BigInteger toBigInteger(int[] x)
-    {
-        byte[] bs = new byte[20];
-        for (int i = 0; i < 5; ++i)
-        {
-            int x_i = x[i];
-            if (x_i != 0)
-            {
-                Pack.intToBigEndian(x_i, bs, (4 - i) << 2);
-            }
-        }
-        return new BigInteger(1, bs);
-    }
-
-    public static void zero(int[] z)
-    {
-        z[0] = 0;
-        z[1] = 0;
-        z[2] = 0;
-        z[3] = 0;
-        z[4] = 0;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/raw/Nat320.java b/bcprov/src/main/java/org/bouncycastle/math/raw/Nat320.java
deleted file mode 100644
index 2ee3f64..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/raw/Nat320.java
+++ /dev/null

@@ -1,107 +0,0 @@
-package org.bouncycastle.math.raw;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.util.Pack;
-
-public abstract class Nat320
-{
-    public static void copy64(long[] x, long[] z)
-    {
-        z[0] = x[0];
-        z[1] = x[1];
-        z[2] = x[2];
-        z[3] = x[3];
-        z[4] = x[4];
-    }
-
-    public static void copy64(long[] x, int xOff, long[] z, int zOff)
-    {
-        z[zOff + 0] = x[xOff + 0];
-        z[zOff + 1] = x[xOff + 1];
-        z[zOff + 2] = x[xOff + 2];
-        z[zOff + 3] = x[xOff + 3];
-        z[zOff + 4] = x[xOff + 4];
-    }
-
-    public static long[] create64()
-    {
-        return new long[5];
-    }
-
-    public static long[] createExt64()
-    {
-        return new long[10];
-    }
-
-    public static boolean eq64(long[] x, long[] y)
-    {
-        for (int i = 4; i >= 0; --i)
-        {
-            if (x[i] != y[i])
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    public static long[] fromBigInteger64(BigInteger x)
-    {
-        if (x.signum() < 0 || x.bitLength() > 320)
-        {
-            throw new IllegalArgumentException();
-        }
-
-        long[] z = create64();
-        int i = 0;
-        while (x.signum() != 0)
-        {
-            z[i++] = x.longValue();
-            x = x.shiftRight(64);
-        }
-        return z;
-    }
-
-    public static boolean isOne64(long[] x)
-    {
-        if (x[0] != 1L)
-        {
-            return false;
-        }
-        for (int i = 1; i < 5; ++i)
-        {
-            if (x[i] != 0L)
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    public static boolean isZero64(long[] x)
-    {
-        for (int i = 0; i < 5; ++i)
-        {
-            if (x[i] != 0L)
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    public static BigInteger toBigInteger64(long[] x)
-    {
-        byte[] bs = new byte[40];
-        for (int i = 0; i < 5; ++i)
-        {
-            long x_i = x[i];
-            if (x_i != 0L)
-            {
-                Pack.longToBigEndian(x_i, bs, (4 - i) << 3);
-            }
-        }
-        return new BigInteger(1, bs);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/raw/Nat448.java b/bcprov/src/main/java/org/bouncycastle/math/raw/Nat448.java
deleted file mode 100644
index 3d93973..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/raw/Nat448.java
+++ /dev/null

@@ -1,111 +0,0 @@
-package org.bouncycastle.math.raw;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.util.Pack;
-
-public abstract class Nat448
-{
-    public static void copy64(long[] x, long[] z)
-    {
-        z[0] = x[0];
-        z[1] = x[1];
-        z[2] = x[2];
-        z[3] = x[3];
-        z[4] = x[4];
-        z[5] = x[5];
-        z[6] = x[6];
-    }
-
-    public static void copy64(long[] x, int xOff, long[] z, int zOff)
-    {
-        z[zOff + 0] = x[xOff + 0];
-        z[zOff + 1] = x[xOff + 1];
-        z[zOff + 2] = x[xOff + 2];
-        z[zOff + 3] = x[xOff + 3];
-        z[zOff + 4] = x[xOff + 4];
-        z[zOff + 5] = x[xOff + 5];
-        z[zOff + 6] = x[xOff + 6];
-    }
-
-    public static long[] create64()
-    {
-        return new long[7];
-    }
-
-    public static long[] createExt64()
-    {
-        return new long[14];
-    }
-
-    public static boolean eq64(long[] x, long[] y)
-    {
-        for (int i = 6; i >= 0; --i)
-        {
-            if (x[i] != y[i])
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    public static long[] fromBigInteger64(BigInteger x)
-    {
-        if (x.signum() < 0 || x.bitLength() > 448)
-        {
-            throw new IllegalArgumentException();
-        }
-
-        long[] z = create64();
-        int i = 0;
-        while (x.signum() != 0)
-        {
-            z[i++] = x.longValue();
-            x = x.shiftRight(64);
-        }
-        return z;
-    }
-
-    public static boolean isOne64(long[] x)
-    {
-        if (x[0] != 1L)
-        {
-            return false;
-        }
-        for (int i = 1; i < 7; ++i)
-        {
-            if (x[i] != 0L)
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    public static boolean isZero64(long[] x)
-    {
-        for (int i = 0; i < 7; ++i)
-        {
-            if (x[i] != 0L)
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    public static BigInteger toBigInteger64(long[] x)
-    {
-        byte[] bs = new byte[56];
-        for (int i = 0; i < 7; ++i)
-        {
-            long x_i = x[i];
-            if (x_i != 0L)
-            {
-                Pack.longToBigEndian(x_i, bs, (6 - i) << 3);
-            }
-        }
-        return new BigInteger(1, bs);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/raw/Nat576.java b/bcprov/src/main/java/org/bouncycastle/math/raw/Nat576.java
deleted file mode 100644
index 82e28e2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/raw/Nat576.java
+++ /dev/null

@@ -1,115 +0,0 @@
-package org.bouncycastle.math.raw;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.util.Pack;
-
-public abstract class Nat576
-{
-    public static void copy64(long[] x, long[] z)
-    {
-        z[0] = x[0];
-        z[1] = x[1];
-        z[2] = x[2];
-        z[3] = x[3];
-        z[4] = x[4];
-        z[5] = x[5];
-        z[6] = x[6];
-        z[7] = x[7];
-        z[8] = x[8];
-    }
-
-    public static void copy64(long[] x, int xOff, long[] z, int zOff)
-    {
-        z[zOff + 0] = x[xOff + 0];
-        z[zOff + 1] = x[xOff + 1];
-        z[zOff + 2] = x[xOff + 2];
-        z[zOff + 3] = x[xOff + 3];
-        z[zOff + 4] = x[xOff + 4];
-        z[zOff + 5] = x[xOff + 5];
-        z[zOff + 6] = x[xOff + 6];
-        z[zOff + 7] = x[xOff + 7];
-        z[zOff + 8] = x[xOff + 8];
-    }
-
-    public static long[] create64()
-    {
-        return new long[9];
-    }
-
-    public static long[] createExt64()
-    {
-        return new long[18];
-    }
-
-    public static boolean eq64(long[] x, long[] y)
-    {
-        for (int i = 8; i >= 0; --i)
-        {
-            if (x[i] != y[i])
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    public static long[] fromBigInteger64(BigInteger x)
-    {
-        if (x.signum() < 0 || x.bitLength() > 576)
-        {
-            throw new IllegalArgumentException();
-        }
-
-        long[] z = create64();
-        int i = 0;
-        while (x.signum() != 0)
-        {
-            z[i++] = x.longValue();
-            x = x.shiftRight(64);
-        }
-        return z;
-    }
-
-    public static boolean isOne64(long[] x)
-    {
-        if (x[0] != 1L)
-        {
-            return false;
-        }
-        for (int i = 1; i < 9; ++i)
-        {
-            if (x[i] != 0L)
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    public static boolean isZero64(long[] x)
-    {
-        for (int i = 0; i < 9; ++i)
-        {
-            if (x[i] != 0L)
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    public static BigInteger toBigInteger64(long[] x)
-    {
-        byte[] bs = new byte[72];
-        for (int i = 0; i < 9; ++i)
-        {
-            long x_i = x[i];
-            if (x_i != 0L)
-            {
-                Pack.longToBigEndian(x_i, bs, (8 - i) << 3);
-            }
-        }
-        return new BigInteger(1, bs);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/math/raw/package.html b/bcprov/src/main/java/org/bouncycastle/math/raw/package.html
deleted file mode 100644
index 061958b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/math/raw/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Math support for raw multi-precision calculations.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/ocsp/package.html b/bcprov/src/main/java/org/bouncycastle/ocsp/package.html
deleted file mode 100644
index ca4f531..0000000
--- a/bcprov/src/main/java/org/bouncycastle/ocsp/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Classes for dealing Online Certificate Status Protocol (OCSP) - RFC 2560.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/GMSSPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/asn1/GMSSPrivateKey.java
deleted file mode 100644
index 4e182c5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/GMSSPrivateKey.java
+++ /dev/null

@@ -1,1312 +0,0 @@
-package org.bouncycastle.pqc.asn1;
-
-import java.math.BigInteger;
-import java.util.Vector;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.pqc.crypto.gmss.GMSSLeaf;
-import org.bouncycastle.pqc.crypto.gmss.GMSSParameters;
-import org.bouncycastle.pqc.crypto.gmss.GMSSRootCalc;
-import org.bouncycastle.pqc.crypto.gmss.GMSSRootSig;
-import org.bouncycastle.pqc.crypto.gmss.Treehash;
-
-public class GMSSPrivateKey
-    extends ASN1Object
-{
-    private ASN1Primitive primitive;
-
-    private GMSSPrivateKey(ASN1Sequence mtsPrivateKey)
-    {
-        // --- Decode <index>.
-        ASN1Sequence indexPart = (ASN1Sequence)mtsPrivateKey.getObjectAt(0);
-        int[] index = new int[indexPart.size()];
-        for (int i = 0; i < indexPart.size(); i++)
-        {
-            index[i] = checkBigIntegerInIntRange(indexPart.getObjectAt(i));
-        }
-
-        // --- Decode <curSeeds>.
-        ASN1Sequence curSeedsPart = (ASN1Sequence)mtsPrivateKey.getObjectAt(1);
-        byte[][] curSeeds = new byte[curSeedsPart.size()][];
-        for (int i = 0; i < curSeeds.length; i++)
-        {
-            curSeeds[i] = ((DEROctetString)curSeedsPart.getObjectAt(i)).getOctets();
-        }
-
-        // --- Decode <nextNextSeeds>.
-        ASN1Sequence nextNextSeedsPart = (ASN1Sequence)mtsPrivateKey.getObjectAt(2);
-        byte[][] nextNextSeeds = new byte[nextNextSeedsPart.size()][];
-        for (int i = 0; i < nextNextSeeds.length; i++)
-        {
-            nextNextSeeds[i] = ((DEROctetString)nextNextSeedsPart.getObjectAt(i)).getOctets();
-        }
-
-        // --- Decode <curAuth>.
-        ASN1Sequence curAuthPart0 = (ASN1Sequence)mtsPrivateKey.getObjectAt(3);
-        ASN1Sequence curAuthPart1;
-
-        byte[][][] curAuth = new byte[curAuthPart0.size()][][];
-        for (int i = 0; i < curAuth.length; i++)
-        {
-            curAuthPart1 = (ASN1Sequence)curAuthPart0.getObjectAt(i);
-            curAuth[i] = new byte[curAuthPart1.size()][];
-            for (int j = 0; j < curAuth[i].length; j++)
-            {
-                curAuth[i][j] = ((DEROctetString)curAuthPart1.getObjectAt(j)).getOctets();
-            }
-        }
-
-        // --- Decode <nextAuth>.
-        ASN1Sequence nextAuthPart0 = (ASN1Sequence)mtsPrivateKey.getObjectAt(4);
-        ASN1Sequence nextAuthPart1;
-
-        byte[][][] nextAuth = new byte[nextAuthPart0.size()][][];
-        for (int i = 0; i < nextAuth.length; i++)
-        {
-            nextAuthPart1 = (ASN1Sequence)nextAuthPart0.getObjectAt(i);
-            nextAuth[i] = new byte[nextAuthPart1.size()][];
-            for (int j = 0; j < nextAuth[i].length; j++)
-            {
-                nextAuth[i][j] = ((DEROctetString)nextAuthPart1.getObjectAt(j)).getOctets();
-            }
-        }
-
-        // --- Decode <curTreehash>.
-        ASN1Sequence seqOfcurTreehash0 = (ASN1Sequence)mtsPrivateKey.getObjectAt(5);
-        ASN1Sequence seqOfcurTreehash1;
-        ASN1Sequence seqOfcurTreehashStat;
-        ASN1Sequence seqOfcurTreehashBytes;
-        ASN1Sequence seqOfcurTreehashInts;
-        ASN1Sequence seqOfcurTreehashString;
-
-        Treehash[][] curTreehash = new Treehash[seqOfcurTreehash0.size()][];
-        /*
-        for (int i = 0; i < curTreehash.length; i++)
-        {
-            seqOfcurTreehash1 = (ASN1Sequence)seqOfcurTreehash0.getObjectAt(i);
-            curTreehash[i] = new Treehash[seqOfcurTreehash1.size()];
-            for (int j = 0; j < curTreehash[i].length; j++)
-            {
-                seqOfcurTreehashStat = (ASN1Sequence)seqOfcurTreehash1.getObjectAt(j);
-                seqOfcurTreehashString = (ASN1Sequence)seqOfcurTreehashStat
-                    .getObjectAt(0);
-                seqOfcurTreehashBytes = (ASN1Sequence)seqOfcurTreehashStat
-                    .getObjectAt(1);
-                seqOfcurTreehashInts = (ASN1Sequence)seqOfcurTreehashStat
-                    .getObjectAt(2);
-
-                String[] name = new String[2];
-                name[0] = ((DERIA5String)seqOfcurTreehashString.getObjectAt(0)).getString();
-                name[1] = ((DERIA5String)seqOfcurTreehashString.getObjectAt(1)).getString();
-
-                int tailLength = checkBigIntegerInIntRange(seqOfcurTreehashInts.getObjectAt(1));
-                byte[][] statByte = new byte[3 + tailLength][];
-                statByte[0] = ((DEROctetString)seqOfcurTreehashBytes.getObjectAt(0)).getOctets();
-
-                if (statByte[0].length == 0)
-                { // if null was encoded
-                    statByte[0] = null;
-                }
-
-                statByte[1] = ((DEROctetString)seqOfcurTreehashBytes.getObjectAt(1)).getOctets();
-                statByte[2] = ((DEROctetString)seqOfcurTreehashBytes.getObjectAt(2)).getOctets();
-                for (int k = 0; k < tailLength; k++)
-                {
-                    statByte[3 + k] = ((DEROctetString)seqOfcurTreehashBytes
-                        .getObjectAt(3 + k)).getOctets();
-                }
-                int[] statInt = new int[6 + tailLength];
-                statInt[0] = checkBigIntegerInIntRange(seqOfcurTreehashInts.getObjectAt(0));
-                statInt[1] = tailLength;
-                statInt[2] = checkBigIntegerInIntRange(seqOfcurTreehashInts.getObjectAt(2));
-                statInt[3] = checkBigIntegerInIntRange(seqOfcurTreehashInts.getObjectAt(3));
-                statInt[4] = checkBigIntegerInIntRange(seqOfcurTreehashInts.getObjectAt(4));
-                statInt[5] = checkBigIntegerInIntRange(seqOfcurTreehashInts.getObjectAt(5));
-                for (int k = 0; k < tailLength; k++)
-                {
-                    statInt[6 + k] = checkBigIntegerInIntRange(seqOfcurTreehashInts.getObjectAt(6 + k));
-                }
-
-                // TODO: Check if we can do better than throwing away name[1] !!!
-                curTreehash[i][j] = new Treehash(DigestFactory.getDigest(name[0]).getClass(), statByte, statInt);
-            }
-        }
-
-
-        // --- Decode <nextTreehash>.
-        ASN1Sequence seqOfNextTreehash0 = (ASN1Sequence)mtsPrivateKey.getObjectAt(6);
-        ASN1Sequence seqOfNextTreehash1;
-        ASN1Sequence seqOfNextTreehashStat;
-        ASN1Sequence seqOfNextTreehashBytes;
-        ASN1Sequence seqOfNextTreehashInts;
-        ASN1Sequence seqOfNextTreehashString;
-
-        Treehash[][] nextTreehash = new Treehash[seqOfNextTreehash0.size()][];
-
-        for (int i = 0; i < nextTreehash.length; i++)
-        {
-            seqOfNextTreehash1 = (ASN1Sequence)seqOfNextTreehash0.getObjectAt(i);
-            nextTreehash[i] = new Treehash[seqOfNextTreehash1.size()];
-            for (int j = 0; j < nextTreehash[i].length; j++)
-            {
-                seqOfNextTreehashStat = (ASN1Sequence)seqOfNextTreehash1
-                    .getObjectAt(j);
-                seqOfNextTreehashString = (ASN1Sequence)seqOfNextTreehashStat
-                    .getObjectAt(0);
-                seqOfNextTreehashBytes = (ASN1Sequence)seqOfNextTreehashStat
-                    .getObjectAt(1);
-                seqOfNextTreehashInts = (ASN1Sequence)seqOfNextTreehashStat
-                    .getObjectAt(2);
-
-                String[] name = new String[2];
-                name[0] = ((DERIA5String)seqOfNextTreehashString.getObjectAt(0))
-                    .getString();
-                name[1] = ((DERIA5String)seqOfNextTreehashString.getObjectAt(1))
-                    .getString();
-
-                int tailLength = checkBigIntegerInIntRange(seqOfNextTreehashInts.getObjectAt(1));
-
-                byte[][] statByte = new byte[3 + tailLength][];
-                statByte[0] = ((DEROctetString)seqOfNextTreehashBytes.getObjectAt(0)).getOctets();
-                if (statByte[0].length == 0)
-                { // if null was encoded
-                    statByte[0] = null;
-                }
-
-                statByte[1] = ((DEROctetString)seqOfNextTreehashBytes.getObjectAt(1)).getOctets();
-                statByte[2] = ((DEROctetString)seqOfNextTreehashBytes.getObjectAt(2)).getOctets();
-                for (int k = 0; k < tailLength; k++)
-                {
-                    statByte[3 + k] = ((DEROctetString)seqOfNextTreehashBytes
-                        .getObjectAt(3 + k)).getOctets();
-                }
-                int[] statInt = new int[6 + tailLength];
-                statInt[0] = checkBigIntegerInIntRange(seqOfNextTreehashInts.getObjectAt(0));
-
-                statInt[1] = tailLength;
-                statInt[2] = checkBigIntegerInIntRange(seqOfNextTreehashInts.getObjectAt(2));
-
-                statInt[3] = checkBigIntegerInIntRange(seqOfNextTreehashInts.getObjectAt(3));
-
-                statInt[4] = checkBigIntegerInIntRange(seqOfNextTreehashInts.getObjectAt(4));
-
-                statInt[5] = checkBigIntegerInIntRange(seqOfNextTreehashInts.getObjectAt(5));
-
-                for (int k = 0; k < tailLength; k++)
-                {
-                    statInt[6 + k] = checkBigIntegerInIntRange(seqOfNextTreehashInts.getObjectAt(6 + k));
-
-                }
-                nextTreehash[i][j] = new Treehash(DigestFactory.getDigest(name[0]).getClass(), statByte, statInt);
-            }
-        }
-
-
-        // --- Decode <keep>.
-        ASN1Sequence keepPart0 = (ASN1Sequence)mtsPrivateKey.getObjectAt(7);
-        ASN1Sequence keepPart1;
-
-        byte[][][] keep = new byte[keepPart0.size()][][];
-        for (int i = 0; i < keep.length; i++)
-        {
-            keepPart1 = (ASN1Sequence)keepPart0.getObjectAt(i);
-            keep[i] = new byte[keepPart1.size()][];
-            for (int j = 0; j < keep[i].length; j++)
-            {
-                keep[i][j] = ((DEROctetString)keepPart1.getObjectAt(j)).getOctets();
-            }
-        }
-
-        // --- Decode <curStack>.
-        ASN1Sequence curStackPart0 = (ASN1Sequence)mtsPrivateKey.getObjectAt(8);
-        ASN1Sequence curStackPart1;
-
-        Vector[] curStack = new Vector[curStackPart0.size()];
-        for (int i = 0; i < curStack.length; i++)
-        {
-            curStackPart1 = (ASN1Sequence)curStackPart0.getObjectAt(i);
-            curStack[i] = new Vector();
-            for (int j = 0; j < curStackPart1.size(); j++)
-            {
-                curStack[i].addElement(((DEROctetString)curStackPart1.getObjectAt(j)).getOctets());
-            }
-        }
-
-        // --- Decode <nextStack>.
-        ASN1Sequence nextStackPart0 = (ASN1Sequence)mtsPrivateKey.getObjectAt(9);
-        ASN1Sequence nextStackPart1;
-
-        Vector[] nextStack = new Vector[nextStackPart0.size()];
-        for (int i = 0; i < nextStack.length; i++)
-        {
-            nextStackPart1 = (ASN1Sequence)nextStackPart0.getObjectAt(i);
-            nextStack[i] = new Vector();
-            for (int j = 0; j < nextStackPart1.size(); j++)
-            {
-                nextStack[i].addElement(((DEROctetString)nextStackPart1
-                    .getObjectAt(j)).getOctets());
-            }
-        }
-
-        // --- Decode <curRetain>.
-        ASN1Sequence curRetainPart0 = (ASN1Sequence)mtsPrivateKey.getObjectAt(10);
-        ASN1Sequence curRetainPart1;
-        ASN1Sequence curRetainPart2;
-
-        Vector[][] curRetain = new Vector[curRetainPart0.size()][];
-        for (int i = 0; i < curRetain.length; i++)
-        {
-            curRetainPart1 = (ASN1Sequence)curRetainPart0.getObjectAt(i);
-            curRetain[i] = new Vector[curRetainPart1.size()];
-            for (int j = 0; j < curRetain[i].length; j++)
-            {
-                curRetainPart2 = (ASN1Sequence)curRetainPart1.getObjectAt(j);
-                curRetain[i][j] = new Vector();
-                for (int k = 0; k < curRetainPart2.size(); k++)
-                {
-                    curRetain[i][j]
-                        .addElement(((DEROctetString)curRetainPart2
-                            .getObjectAt(k)).getOctets());
-                }
-            }
-        }
-
-        // --- Decode <nextRetain>.
-        ASN1Sequence nextRetainPart0 = (ASN1Sequence)mtsPrivateKey.getObjectAt(11);
-        ASN1Sequence nextRetainPart1;
-        ASN1Sequence nextRetainPart2;
-
-        Vector[][] nextRetain = new Vector[nextRetainPart0.size()][];
-        for (int i = 0; i < nextRetain.length; i++)
-        {
-            nextRetainPart1 = (ASN1Sequence)nextRetainPart0.getObjectAt(i);
-            nextRetain[i] = new Vector[nextRetainPart1.size()];
-            for (int j = 0; j < nextRetain[i].length; j++)
-            {
-                nextRetainPart2 = (ASN1Sequence)nextRetainPart1.getObjectAt(j);
-                nextRetain[i][j] = new Vector();
-                for (int k = 0; k < nextRetainPart2.size(); k++)
-                {
-                    nextRetain[i][j]
-                        .addElement(((DEROctetString)nextRetainPart2
-                            .getObjectAt(k)).getOctets());
-                }
-            }
-        }
-
-        // --- Decode <nextNextLeaf>.
-        ASN1Sequence seqOfLeafs = (ASN1Sequence)mtsPrivateKey.getObjectAt(12);
-        ASN1Sequence seqOfLeafStat;
-        ASN1Sequence seqOfLeafBytes;
-        ASN1Sequence seqOfLeafInts;
-        ASN1Sequence seqOfLeafString;
-
-        GMSSLeaf[] nextNextLeaf = new GMSSLeaf[seqOfLeafs.size()];
-
-        for (int i = 0; i < nextNextLeaf.length; i++)
-        {
-            seqOfLeafStat = (ASN1Sequence)seqOfLeafs.getObjectAt(i);
-            // nextNextAuth[i]= new byte[nextNextAuthPart1.size()][];
-            seqOfLeafString = (ASN1Sequence)seqOfLeafStat.getObjectAt(0);
-            seqOfLeafBytes = (ASN1Sequence)seqOfLeafStat.getObjectAt(1);
-            seqOfLeafInts = (ASN1Sequence)seqOfLeafStat.getObjectAt(2);
-
-            String[] name = new String[2];
-            name[0] = ((DERIA5String)seqOfLeafString.getObjectAt(0)).getString();
-            name[1] = ((DERIA5String)seqOfLeafString.getObjectAt(1)).getString();
-            byte[][] statByte = new byte[4][];
-            statByte[0] = ((DEROctetString)seqOfLeafBytes.getObjectAt(0))
-                .getOctets();
-            statByte[1] = ((DEROctetString)seqOfLeafBytes.getObjectAt(1))
-                .getOctets();
-            statByte[2] = ((DEROctetString)seqOfLeafBytes.getObjectAt(2))
-                .getOctets();
-            statByte[3] = ((DEROctetString)seqOfLeafBytes.getObjectAt(3))
-                .getOctets();
-            int[] statInt = new int[4];
-            statInt[0] = checkBigIntegerInIntRange(seqOfLeafInts.getObjectAt(0));
-            statInt[1] = checkBigIntegerInIntRange(seqOfLeafInts.getObjectAt(1));
-            statInt[2] = checkBigIntegerInIntRange(seqOfLeafInts.getObjectAt(2));
-            statInt[3] = checkBigIntegerInIntRange(seqOfLeafInts.getObjectAt(3));
-            nextNextLeaf[i] = new GMSSLeaf(DigestFactory.getDigest(name[0]).getClass(), statByte, statInt);
-        }
-
-        // --- Decode <upperLeaf>.
-        ASN1Sequence seqOfUpperLeafs = (ASN1Sequence)mtsPrivateKey.getObjectAt(13);
-        ASN1Sequence seqOfUpperLeafStat;
-        ASN1Sequence seqOfUpperLeafBytes;
-        ASN1Sequence seqOfUpperLeafInts;
-        ASN1Sequence seqOfUpperLeafString;
-
-        GMSSLeaf[] upperLeaf = new GMSSLeaf[seqOfUpperLeafs.size()];
-
-        for (int i = 0; i < upperLeaf.length; i++)
-        {
-            seqOfUpperLeafStat = (ASN1Sequence)seqOfUpperLeafs.getObjectAt(i);
-            seqOfUpperLeafString = (ASN1Sequence)seqOfUpperLeafStat.getObjectAt(0);
-            seqOfUpperLeafBytes = (ASN1Sequence)seqOfUpperLeafStat.getObjectAt(1);
-            seqOfUpperLeafInts = (ASN1Sequence)seqOfUpperLeafStat.getObjectAt(2);
-
-            String[] name = new String[2];
-            name[0] = ((DERIA5String)seqOfUpperLeafString.getObjectAt(0)).getString();
-            name[1] = ((DERIA5String)seqOfUpperLeafString.getObjectAt(1)).getString();
-            byte[][] statByte = new byte[4][];
-            statByte[0] = ((DEROctetString)seqOfUpperLeafBytes.getObjectAt(0))
-                .getOctets();
-            statByte[1] = ((DEROctetString)seqOfUpperLeafBytes.getObjectAt(1))
-                .getOctets();
-            statByte[2] = ((DEROctetString)seqOfUpperLeafBytes.getObjectAt(2))
-                .getOctets();
-            statByte[3] = ((DEROctetString)seqOfUpperLeafBytes.getObjectAt(3))
-                .getOctets();
-            int[] statInt = new int[4];
-            statInt[0] = checkBigIntegerInIntRange(seqOfUpperLeafInts.getObjectAt(0));
-            statInt[1] = checkBigIntegerInIntRange(seqOfUpperLeafInts.getObjectAt(1));
-            statInt[2] = checkBigIntegerInIntRange(seqOfUpperLeafInts.getObjectAt(2));
-            statInt[3] = checkBigIntegerInIntRange(seqOfUpperLeafInts.getObjectAt(3));
-            upperLeaf[i] = new GMSSLeaf(DigestFactory.getDigest(name[0]).getClass(), statByte, statInt);
-        }
-
-        // --- Decode <upperTreehashLeaf>.
-        ASN1Sequence seqOfUpperTHLeafs = (ASN1Sequence)mtsPrivateKey.getObjectAt(14);
-        ASN1Sequence seqOfUpperTHLeafStat;
-        ASN1Sequence seqOfUpperTHLeafBytes;
-        ASN1Sequence seqOfUpperTHLeafInts;
-        ASN1Sequence seqOfUpperTHLeafString;
-
-        GMSSLeaf[] upperTHLeaf = new GMSSLeaf[seqOfUpperTHLeafs.size()];
-
-        for (int i = 0; i < upperTHLeaf.length; i++)
-        {
-            seqOfUpperTHLeafStat = (ASN1Sequence)seqOfUpperTHLeafs.getObjectAt(i);
-            seqOfUpperTHLeafString = (ASN1Sequence)seqOfUpperTHLeafStat.getObjectAt(0);
-            seqOfUpperTHLeafBytes = (ASN1Sequence)seqOfUpperTHLeafStat.getObjectAt(1);
-            seqOfUpperTHLeafInts = (ASN1Sequence)seqOfUpperTHLeafStat.getObjectAt(2);
-
-            String[] name = new String[2];
-            name[0] = ((DERIA5String)seqOfUpperTHLeafString.getObjectAt(0))
-                .getString();
-            name[1] = ((DERIA5String)seqOfUpperTHLeafString.getObjectAt(1))
-                .getString();
-            byte[][] statByte = new byte[4][];
-            statByte[0] = ((DEROctetString)seqOfUpperTHLeafBytes.getObjectAt(0))
-                .getOctets();
-            statByte[1] = ((DEROctetString)seqOfUpperTHLeafBytes.getObjectAt(1))
-                .getOctets();
-            statByte[2] = ((DEROctetString)seqOfUpperTHLeafBytes.getObjectAt(2))
-                .getOctets();
-            statByte[3] = ((DEROctetString)seqOfUpperTHLeafBytes.getObjectAt(3))
-                .getOctets();
-            int[] statInt = new int[4];
-            statInt[0] = checkBigIntegerInIntRange(seqOfUpperTHLeafInts.getObjectAt(0));
-            statInt[1] = checkBigIntegerInIntRange(seqOfUpperTHLeafInts.getObjectAt(1));
-            statInt[2] = checkBigIntegerInIntRange(seqOfUpperTHLeafInts.getObjectAt(2));
-            statInt[3] = checkBigIntegerInIntRange(seqOfUpperTHLeafInts.getObjectAt(3));
-            upperTHLeaf[i] = new GMSSLeaf(DigestFactory.getDigest(name[0]).getClass(), statByte, statInt);
-        }
-
-        // --- Decode <minTreehash>.
-        ASN1Sequence minTreehashPart = (ASN1Sequence)mtsPrivateKey.getObjectAt(15);
-        int[] minTreehash = new int[minTreehashPart.size()];
-        for (int i = 0; i < minTreehashPart.size(); i++)
-        {
-            minTreehash[i] = checkBigIntegerInIntRange(minTreehashPart.getObjectAt(i));
-        }
-
-        // --- Decode <nextRoot>.
-        ASN1Sequence seqOfnextRoots = (ASN1Sequence)mtsPrivateKey.getObjectAt(16);
-        byte[][] nextRoot = new byte[seqOfnextRoots.size()][];
-        for (int i = 0; i < nextRoot.length; i++)
-        {
-            nextRoot[i] = ((DEROctetString)seqOfnextRoots.getObjectAt(i))
-                .getOctets();
-        }
-
-        // --- Decode <nextNextRoot>.
-        ASN1Sequence seqOfnextNextRoot = (ASN1Sequence)mtsPrivateKey.getObjectAt(17);
-        ASN1Sequence seqOfnextNextRootStat;
-        ASN1Sequence seqOfnextNextRootBytes;
-        ASN1Sequence seqOfnextNextRootInts;
-        ASN1Sequence seqOfnextNextRootString;
-        ASN1Sequence seqOfnextNextRootTreeH;
-        ASN1Sequence seqOfnextNextRootRetain;
-
-        GMSSRootCalc[] nextNextRoot = new GMSSRootCalc[seqOfnextNextRoot.size()];
-
-        for (int i = 0; i < nextNextRoot.length; i++)
-        {
-            seqOfnextNextRootStat = (ASN1Sequence)seqOfnextNextRoot.getObjectAt(i);
-            seqOfnextNextRootString = (ASN1Sequence)seqOfnextNextRootStat
-                .getObjectAt(0);
-            seqOfnextNextRootBytes = (ASN1Sequence)seqOfnextNextRootStat
-                .getObjectAt(1);
-            seqOfnextNextRootInts = (ASN1Sequence)seqOfnextNextRootStat.getObjectAt(2);
-            seqOfnextNextRootTreeH = (ASN1Sequence)seqOfnextNextRootStat
-                .getObjectAt(3);
-            seqOfnextNextRootRetain = (ASN1Sequence)seqOfnextNextRootStat
-                .getObjectAt(4);
-
-            // decode treehash of nextNextRoot
-            // ---------------------------------
-            ASN1Sequence seqOfnextNextRootTreeHStat;
-            ASN1Sequence seqOfnextNextRootTreeHBytes;
-            ASN1Sequence seqOfnextNextRootTreeHInts;
-            ASN1Sequence seqOfnextNextRootTreeHString;
-
-            Treehash[] nnRTreehash = new Treehash[seqOfnextNextRootTreeH.size()];
-
-            for (int k = 0; k < nnRTreehash.length; k++)
-            {
-                seqOfnextNextRootTreeHStat = (ASN1Sequence)seqOfnextNextRootTreeH
-                    .getObjectAt(k);
-                seqOfnextNextRootTreeHString = (ASN1Sequence)seqOfnextNextRootTreeHStat
-                    .getObjectAt(0);
-                seqOfnextNextRootTreeHBytes = (ASN1Sequence)seqOfnextNextRootTreeHStat
-                    .getObjectAt(1);
-                seqOfnextNextRootTreeHInts = (ASN1Sequence)seqOfnextNextRootTreeHStat
-                    .getObjectAt(2);
-
-                String[] name = new String[2];
-                name[0] = ((DERIA5String)seqOfnextNextRootTreeHString.getObjectAt(0))
-                    .getString();
-                name[1] = ((DERIA5String)seqOfnextNextRootTreeHString.getObjectAt(1))
-                    .getString();
-
-                int tailLength = checkBigIntegerInIntRange(seqOfnextNextRootTreeHInts.getObjectAt(1));
-
-                byte[][] statByte = new byte[3 + tailLength][];
-                statByte[0] = ((DEROctetString)seqOfnextNextRootTreeHBytes
-                    .getObjectAt(0)).getOctets();
-                if (statByte[0].length == 0)
-                { // if null was encoded
-                    statByte[0] = null;
-                }
-
-                statByte[1] = ((DEROctetString)seqOfnextNextRootTreeHBytes
-                    .getObjectAt(1)).getOctets();
-                statByte[2] = ((DEROctetString)seqOfnextNextRootTreeHBytes
-                    .getObjectAt(2)).getOctets();
-                for (int j = 0; j < tailLength; j++)
-                {
-                    statByte[3 + j] = ((DEROctetString)seqOfnextNextRootTreeHBytes
-                        .getObjectAt(3 + j)).getOctets();
-                }
-                int[] statInt = new int[6 + tailLength];
-                statInt[0] = checkBigIntegerInIntRange(seqOfnextNextRootTreeHInts.getObjectAt(0));
-
-                statInt[1] = tailLength;
-                statInt[2] = checkBigIntegerInIntRange(seqOfnextNextRootTreeHInts.getObjectAt(2));
-
-                statInt[3] = checkBigIntegerInIntRange(seqOfnextNextRootTreeHInts.getObjectAt(3));
-
-                statInt[4] = checkBigIntegerInIntRange(seqOfnextNextRootTreeHInts.getObjectAt(4));
-
-                statInt[5] = checkBigIntegerInIntRange(seqOfnextNextRootTreeHInts.getObjectAt(5));
-
-                for (int j = 0; j < tailLength; j++)
-                {
-                    statInt[6 + j] = checkBigIntegerInIntRange(seqOfnextNextRootTreeHInts
-                        .getObjectAt(6 + j));
-                }
-                nnRTreehash[k] = new Treehash(DigestFactory.getDigest(name[0]).getClass(), statByte, statInt);
-            }
-            // ---------------------------------
-
-            // decode retain of nextNextRoot
-            // ---------------------------------
-            // ASN1Sequence seqOfnextNextRootRetainPart0 =
-            // (ASN1Sequence)seqOfnextNextRootRetain.get(0);
-            ASN1Sequence seqOfnextNextRootRetainPart1;
-
-            Vector[] nnRRetain = new Vector[seqOfnextNextRootRetain.size()];
-            for (int j = 0; j < nnRRetain.length; j++)
-            {
-                seqOfnextNextRootRetainPart1 = (ASN1Sequence)seqOfnextNextRootRetain
-                    .getObjectAt(j);
-                nnRRetain[j] = new Vector();
-                for (int k = 0; k < seqOfnextNextRootRetainPart1.size(); k++)
-                {
-                    nnRRetain[j]
-                        .addElement(((DEROctetString)seqOfnextNextRootRetainPart1
-                            .getObjectAt(k)).getOctets());
-                }
-            }
-            // ---------------------------------
-
-            String[] name = new String[2];
-            name[0] = ((DERIA5String)seqOfnextNextRootString.getObjectAt(0))
-                .getString();
-            name[1] = ((DERIA5String)seqOfnextNextRootString.getObjectAt(1))
-                .getString();
-
-            int heightOfTree = checkBigIntegerInIntRange(seqOfnextNextRootInts.getObjectAt(0));
-            int tailLength = checkBigIntegerInIntRange(seqOfnextNextRootInts.getObjectAt(7));
-            byte[][] statByte = new byte[1 + heightOfTree + tailLength][];
-            statByte[0] = ((DEROctetString)seqOfnextNextRootBytes.getObjectAt(0))
-                .getOctets();
-            for (int j = 0; j < heightOfTree; j++)
-            {
-                statByte[1 + j] = ((DEROctetString)seqOfnextNextRootBytes
-                    .getObjectAt(1 + j)).getOctets();
-            }
-            for (int j = 0; j < tailLength; j++)
-            {
-                statByte[1 + heightOfTree + j] = ((DEROctetString)seqOfnextNextRootBytes
-                    .getObjectAt(1 + heightOfTree + j)).getOctets();
-            }
-            int[] statInt = new int[8 + heightOfTree + tailLength];
-            statInt[0] = heightOfTree;
-            statInt[1] = checkBigIntegerInIntRange(seqOfnextNextRootInts.getObjectAt(1));
-            statInt[2] = checkBigIntegerInIntRange(seqOfnextNextRootInts.getObjectAt(2));
-            statInt[3] = checkBigIntegerInIntRange(seqOfnextNextRootInts.getObjectAt(3));
-            statInt[4] = checkBigIntegerInIntRange(seqOfnextNextRootInts.getObjectAt(4));
-            statInt[5] = checkBigIntegerInIntRange(seqOfnextNextRootInts.getObjectAt(5));
-            statInt[6] = checkBigIntegerInIntRange(seqOfnextNextRootInts.getObjectAt(6));
-            statInt[7] = tailLength;
-            for (int j = 0; j < heightOfTree; j++)
-            {
-                statInt[8 + j] = checkBigIntegerInIntRange(seqOfnextNextRootInts.getObjectAt(8 + j));
-            }
-            for (int j = 0; j < tailLength; j++)
-            {
-                statInt[8 + heightOfTree + j] = checkBigIntegerInIntRange(seqOfnextNextRootInts.getObjectAt(8
-                    + heightOfTree + j));
-            }
-            nextNextRoot[i] = new GMSSRootCalc(DigestFactory.getDigest(name[0]).getClass(), statByte, statInt,
-                nnRTreehash, nnRRetain);
-        }
-
-        // --- Decode <curRootSig>.
-        ASN1Sequence seqOfcurRootSig = (ASN1Sequence)mtsPrivateKey.getObjectAt(18);
-        byte[][] curRootSig = new byte[seqOfcurRootSig.size()][];
-        for (int i = 0; i < curRootSig.length; i++)
-        {
-            curRootSig[i] = ((DEROctetString)seqOfcurRootSig.getObjectAt(i))
-                .getOctets();
-        }
-
-        // --- Decode <nextRootSig>.
-        ASN1Sequence seqOfnextRootSigs = (ASN1Sequence)mtsPrivateKey.getObjectAt(19);
-        ASN1Sequence seqOfnRSStats;
-        ASN1Sequence seqOfnRSStrings;
-        ASN1Sequence seqOfnRSInts;
-        ASN1Sequence seqOfnRSBytes;
-
-        GMSSRootSig[] nextRootSig = new GMSSRootSig[seqOfnextRootSigs.size()];
-
-        for (int i = 0; i < nextRootSig.length; i++)
-        {
-            seqOfnRSStats = (ASN1Sequence)seqOfnextRootSigs.getObjectAt(i);
-            // nextNextAuth[i]= new byte[nextNextAuthPart1.size()][];
-            seqOfnRSStrings = (ASN1Sequence)seqOfnRSStats.getObjectAt(0);
-            seqOfnRSBytes = (ASN1Sequence)seqOfnRSStats.getObjectAt(1);
-            seqOfnRSInts = (ASN1Sequence)seqOfnRSStats.getObjectAt(2);
-
-            String[] name = new String[2];
-            name[0] = ((DERIA5String)seqOfnRSStrings.getObjectAt(0)).getString();
-            name[1] = ((DERIA5String)seqOfnRSStrings.getObjectAt(1)).getString();
-            byte[][] statByte = new byte[5][];
-            statByte[0] = ((DEROctetString)seqOfnRSBytes.getObjectAt(0))
-                .getOctets();
-            statByte[1] = ((DEROctetString)seqOfnRSBytes.getObjectAt(1))
-                .getOctets();
-            statByte[2] = ((DEROctetString)seqOfnRSBytes.getObjectAt(2))
-                .getOctets();
-            statByte[3] = ((DEROctetString)seqOfnRSBytes.getObjectAt(3))
-                .getOctets();
-            statByte[4] = ((DEROctetString)seqOfnRSBytes.getObjectAt(4))
-                .getOctets();
-            int[] statInt = new int[9];
-            statInt[0] = checkBigIntegerInIntRange(seqOfnRSInts.getObjectAt(0));
-            statInt[1] = checkBigIntegerInIntRange(seqOfnRSInts.getObjectAt(1));
-            statInt[2] = checkBigIntegerInIntRange(seqOfnRSInts.getObjectAt(2));
-            statInt[3] = checkBigIntegerInIntRange(seqOfnRSInts.getObjectAt(3));
-            statInt[4] = checkBigIntegerInIntRange(seqOfnRSInts.getObjectAt(4));
-            statInt[5] = checkBigIntegerInIntRange(seqOfnRSInts.getObjectAt(5));
-            statInt[6] = checkBigIntegerInIntRange(seqOfnRSInts.getObjectAt(6));
-            statInt[7] = checkBigIntegerInIntRange(seqOfnRSInts.getObjectAt(7));
-            statInt[8] = checkBigIntegerInIntRange(seqOfnRSInts.getObjectAt(8));
-            nextRootSig[i] = new GMSSRootSig(DigestFactory.getDigest(name[0]).getClass(), statByte, statInt);
-        }
-
-        // --- Decode <name>.
-
-        // TODO: Really check, why there are multiple algorithms, we only
-        //       use the first one!!!
-        ASN1Sequence namePart = (ASN1Sequence)mtsPrivateKey.getObjectAt(20);
-        String[] name = new String[namePart.size()];
-        for (int i = 0; i < name.length; i++)
-        {
-            name[i] = ((DERIA5String)namePart.getObjectAt(i)).getString();
-        }
-        */
-    }
-
-    public GMSSPrivateKey(int[] index, byte[][] currentSeed,
-                          byte[][] nextNextSeed, byte[][][] currentAuthPath,
-                          byte[][][] nextAuthPath, Treehash[][] currentTreehash,
-                          Treehash[][] nextTreehash, Vector[] currentStack,
-                          Vector[] nextStack, Vector[][] currentRetain,
-                          Vector[][] nextRetain, byte[][][] keep, GMSSLeaf[] nextNextLeaf,
-                          GMSSLeaf[] upperLeaf, GMSSLeaf[] upperTreehashLeaf,
-                          int[] minTreehash, byte[][] nextRoot, GMSSRootCalc[] nextNextRoot,
-                          byte[][] currentRootSig, GMSSRootSig[] nextRootSig,
-                          GMSSParameters gmssParameterset, AlgorithmIdentifier digestAlg)
-    {
-        AlgorithmIdentifier[] names = new AlgorithmIdentifier[] { digestAlg };
-        this.primitive = encode(index, currentSeed, nextNextSeed, currentAuthPath, nextAuthPath, keep, currentTreehash, nextTreehash, currentStack, nextStack, currentRetain, nextRetain, nextNextLeaf, upperLeaf, upperTreehashLeaf, minTreehash, nextRoot, nextNextRoot, currentRootSig, nextRootSig, gmssParameterset, names);
-    }
-
-
-    // TODO: change method signature to something more integrated into BouncyCastle
-
-    /**
-     * @param index             tree indices
-     * @param currentSeeds      seed for the generation of private OTS keys for the
-     *                          current subtrees (TREE)
-     * @param nextNextSeeds     seed for the generation of private OTS keys for the
-     *                          subtrees after next (TREE++)
-     * @param currentAuthPaths  array of current authentication paths (AUTHPATH)
-     * @param nextAuthPaths     array of next authentication paths (AUTHPATH+)
-     * @param keep              keep array for the authPath algorithm
-     * @param currentTreehash   treehash for authPath algorithm of current tree
-     * @param nextTreehash      treehash for authPath algorithm of next tree (TREE+)
-     * @param currentStack      shared stack for authPath algorithm of current tree
-     * @param nextStack         shared stack for authPath algorithm of next tree (TREE+)
-     * @param currentRetain     retain stack for authPath algorithm of current tree
-     * @param nextRetain        retain stack for authPath algorithm of next tree (TREE+)
-     * @param nextNextLeaf      array of upcoming leafs of the tree after next (LEAF++) of
-     *                          each layer
-     * @param upperLeaf         needed for precomputation of upper nodes
-     * @param upperTreehashLeaf needed for precomputation of upper treehash nodes
-     * @param minTreehash       index of next treehash instance to receive an update
-     * @param nextRoot          the roots of the next trees (ROOT+)
-     * @param nextNextRoot      the roots of the tree after next (ROOT++)
-     * @param currentRootSig    array of signatures of the roots of the current subtrees
-     *                          (SIG)
-     * @param nextRootSig       array of signatures of the roots of the next subtree
-     *                          (SIG+)
-     * @param gmssParameterset  the GMSS Parameterset
-     * @param algorithms        An array of algorithm identifiers, containing the hash function details
-     */
-    private ASN1Primitive encode(int[] index, byte[][] currentSeeds,
-                                byte[][] nextNextSeeds, byte[][][] currentAuthPaths,
-                                byte[][][] nextAuthPaths, byte[][][] keep,
-                                Treehash[][] currentTreehash, Treehash[][] nextTreehash,
-                                Vector[] currentStack, Vector[] nextStack,
-                                Vector[][] currentRetain, Vector[][] nextRetain,
-                                GMSSLeaf[] nextNextLeaf, GMSSLeaf[] upperLeaf,
-                                GMSSLeaf[] upperTreehashLeaf, int[] minTreehash, byte[][] nextRoot,
-                                GMSSRootCalc[] nextNextRoot, byte[][] currentRootSig,
-                                GMSSRootSig[] nextRootSig, GMSSParameters gmssParameterset,
-                                AlgorithmIdentifier[] algorithms)
-    {
-
-        ASN1EncodableVector result = new ASN1EncodableVector();
-
-        // --- Encode <index>.
-        ASN1EncodableVector indexPart = new ASN1EncodableVector();
-        for (int i = 0; i < index.length; i++)
-        {
-            indexPart.add(new ASN1Integer(index[i]));
-        }
-        result.add(new DERSequence(indexPart));
-
-        // --- Encode <curSeeds>.
-        ASN1EncodableVector curSeedsPart = new ASN1EncodableVector();
-        for (int i = 0; i < currentSeeds.length; i++)
-        {
-            curSeedsPart.add(new DEROctetString(currentSeeds[i]));
-        }
-        result.add(new DERSequence(curSeedsPart));
-
-        // --- Encode <nextNextSeeds>.
-        ASN1EncodableVector nextNextSeedsPart = new ASN1EncodableVector();
-        for (int i = 0; i < nextNextSeeds.length; i++)
-        {
-            nextNextSeedsPart.add(new DEROctetString(nextNextSeeds[i]));
-        }
-        result.add(new DERSequence(nextNextSeedsPart));
-
-        // --- Encode <curAuth>.
-        ASN1EncodableVector curAuthPart0 = new ASN1EncodableVector();
-        ASN1EncodableVector curAuthPart1 = new ASN1EncodableVector();
-        for (int i = 0; i < currentAuthPaths.length; i++)
-        {
-            for (int j = 0; j < currentAuthPaths[i].length; j++)
-            {
-                curAuthPart0.add(new DEROctetString(currentAuthPaths[i][j]));
-            }
-            curAuthPart1.add(new DERSequence(curAuthPart0));
-            curAuthPart0 = new ASN1EncodableVector();
-        }
-        result.add(new DERSequence(curAuthPart1));
-
-        // --- Encode <nextAuth>.
-        ASN1EncodableVector nextAuthPart0 = new ASN1EncodableVector();
-        ASN1EncodableVector nextAuthPart1 = new ASN1EncodableVector();
-        for (int i = 0; i < nextAuthPaths.length; i++)
-        {
-            for (int j = 0; j < nextAuthPaths[i].length; j++)
-            {
-                nextAuthPart0.add(new DEROctetString(nextAuthPaths[i][j]));
-            }
-            nextAuthPart1.add(new DERSequence(nextAuthPart0));
-            nextAuthPart0 = new ASN1EncodableVector();
-        }
-        result.add(new DERSequence(nextAuthPart1));
-
-        // --- Encode <curTreehash>.
-        ASN1EncodableVector seqOfTreehash0 = new ASN1EncodableVector();
-        ASN1EncodableVector seqOfTreehash1 = new ASN1EncodableVector();
-        ASN1EncodableVector seqOfStat = new ASN1EncodableVector();
-        ASN1EncodableVector seqOfByte = new ASN1EncodableVector();
-        ASN1EncodableVector seqOfInt = new ASN1EncodableVector();
-
-        for (int i = 0; i < currentTreehash.length; i++)
-        {
-            for (int j = 0; j < currentTreehash[i].length; j++)
-            {
-                seqOfStat.add(new DERSequence(algorithms[0]));
-
-                int tailLength = currentTreehash[i][j].getStatInt()[1];
-
-                seqOfByte.add(new DEROctetString(currentTreehash[i][j]
-                    .getStatByte()[0]));
-                seqOfByte.add(new DEROctetString(currentTreehash[i][j]
-                    .getStatByte()[1]));
-                seqOfByte.add(new DEROctetString(currentTreehash[i][j]
-                    .getStatByte()[2]));
-                for (int k = 0; k < tailLength; k++)
-                {
-                    seqOfByte.add(new DEROctetString(currentTreehash[i][j]
-                        .getStatByte()[3 + k]));
-                }
-                seqOfStat.add(new DERSequence(seqOfByte));
-                seqOfByte = new ASN1EncodableVector();
-
-                seqOfInt.add(new ASN1Integer(
-                    currentTreehash[i][j].getStatInt()[0]));
-                seqOfInt.add(new ASN1Integer(tailLength));
-                seqOfInt.add(new ASN1Integer(
-                    currentTreehash[i][j].getStatInt()[2]));
-                seqOfInt.add(new ASN1Integer(
-                    currentTreehash[i][j].getStatInt()[3]));
-                seqOfInt.add(new ASN1Integer(
-                    currentTreehash[i][j].getStatInt()[4]));
-                seqOfInt.add(new ASN1Integer(
-                    currentTreehash[i][j].getStatInt()[5]));
-                for (int k = 0; k < tailLength; k++)
-                {
-                    seqOfInt.add(new ASN1Integer(currentTreehash[i][j]
-                        .getStatInt()[6 + k]));
-                }
-                seqOfStat.add(new DERSequence(seqOfInt));
-                seqOfInt = new ASN1EncodableVector();
-
-                seqOfTreehash1.add(new DERSequence(seqOfStat));
-                seqOfStat = new ASN1EncodableVector();
-            }
-            seqOfTreehash0.add(new DERSequence(seqOfTreehash1));
-            seqOfTreehash1 = new ASN1EncodableVector();
-        }
-        result.add(new DERSequence(seqOfTreehash0));
-
-        // --- Encode <nextTreehash>.
-        seqOfTreehash0 = new ASN1EncodableVector();
-        seqOfTreehash1 = new ASN1EncodableVector();
-        seqOfStat = new ASN1EncodableVector();
-        seqOfByte = new ASN1EncodableVector();
-        seqOfInt = new ASN1EncodableVector();
-
-        for (int i = 0; i < nextTreehash.length; i++)
-        {
-            for (int j = 0; j < nextTreehash[i].length; j++)
-            {
-                seqOfStat.add(new DERSequence(algorithms[0]));
-
-                int tailLength = nextTreehash[i][j].getStatInt()[1];
-
-                seqOfByte.add(new DEROctetString(nextTreehash[i][j]
-                    .getStatByte()[0]));
-                seqOfByte.add(new DEROctetString(nextTreehash[i][j]
-                    .getStatByte()[1]));
-                seqOfByte.add(new DEROctetString(nextTreehash[i][j]
-                    .getStatByte()[2]));
-                for (int k = 0; k < tailLength; k++)
-                {
-                    seqOfByte.add(new DEROctetString(nextTreehash[i][j]
-                        .getStatByte()[3 + k]));
-                }
-                seqOfStat.add(new DERSequence(seqOfByte));
-                seqOfByte = new ASN1EncodableVector();
-
-                seqOfInt
-                    .add(new ASN1Integer(nextTreehash[i][j].getStatInt()[0]));
-                seqOfInt.add(new ASN1Integer(tailLength));
-                seqOfInt
-                    .add(new ASN1Integer(nextTreehash[i][j].getStatInt()[2]));
-                seqOfInt
-                    .add(new ASN1Integer(nextTreehash[i][j].getStatInt()[3]));
-                seqOfInt
-                    .add(new ASN1Integer(nextTreehash[i][j].getStatInt()[4]));
-                seqOfInt
-                    .add(new ASN1Integer(nextTreehash[i][j].getStatInt()[5]));
-                for (int k = 0; k < tailLength; k++)
-                {
-                    seqOfInt.add(new ASN1Integer(nextTreehash[i][j]
-                        .getStatInt()[6 + k]));
-                }
-                seqOfStat.add(new DERSequence(seqOfInt));
-                seqOfInt = new ASN1EncodableVector();
-
-                seqOfTreehash1.add(new DERSequence(seqOfStat));
-                seqOfStat = new ASN1EncodableVector();
-            }
-            seqOfTreehash0.add(new DERSequence(new DERSequence(seqOfTreehash1)));
-            seqOfTreehash1 = new ASN1EncodableVector();
-        }
-        result.add(new DERSequence(seqOfTreehash0));
-
-        // --- Encode <keep>.
-        ASN1EncodableVector keepPart0 = new ASN1EncodableVector();
-        ASN1EncodableVector keepPart1 = new ASN1EncodableVector();
-        for (int i = 0; i < keep.length; i++)
-        {
-            for (int j = 0; j < keep[i].length; j++)
-            {
-                keepPart0.add(new DEROctetString(keep[i][j]));
-            }
-            keepPart1.add(new DERSequence(keepPart0));
-            keepPart0 = new ASN1EncodableVector();
-        }
-        result.add(new DERSequence(keepPart1));
-
-        // --- Encode <curStack>.
-        ASN1EncodableVector curStackPart0 = new ASN1EncodableVector();
-        ASN1EncodableVector curStackPart1 = new ASN1EncodableVector();
-        for (int i = 0; i < currentStack.length; i++)
-        {
-            for (int j = 0; j < currentStack[i].size(); j++)
-            {
-                curStackPart0.add(new DEROctetString((byte[])currentStack[i]
-                    .elementAt(j)));
-            }
-            curStackPart1.add(new DERSequence(curStackPart0));
-            curStackPart0 = new ASN1EncodableVector();
-        }
-        result.add(new DERSequence(curStackPart1));
-
-        // --- Encode <nextStack>.
-        ASN1EncodableVector nextStackPart0 = new ASN1EncodableVector();
-        ASN1EncodableVector nextStackPart1 = new ASN1EncodableVector();
-        for (int i = 0; i < nextStack.length; i++)
-        {
-            for (int j = 0; j < nextStack[i].size(); j++)
-            {
-                nextStackPart0.add(new DEROctetString((byte[])nextStack[i]
-                    .elementAt(j)));
-            }
-            nextStackPart1.add(new DERSequence(nextStackPart0));
-            nextStackPart0 = new ASN1EncodableVector();
-        }
-        result.add(new DERSequence(nextStackPart1));
-
-        // --- Encode <curRetain>.
-        ASN1EncodableVector currentRetainPart0 = new ASN1EncodableVector();
-        ASN1EncodableVector currentRetainPart1 = new ASN1EncodableVector();
-        ASN1EncodableVector currentRetainPart2 = new ASN1EncodableVector();
-        for (int i = 0; i < currentRetain.length; i++)
-        {
-            for (int j = 0; j < currentRetain[i].length; j++)
-            {
-                for (int k = 0; k < currentRetain[i][j].size(); k++)
-                {
-                    currentRetainPart0.add(new DEROctetString(
-                        (byte[])currentRetain[i][j].elementAt(k)));
-                }
-                currentRetainPart1.add(new DERSequence(currentRetainPart0));
-                currentRetainPart0 = new ASN1EncodableVector();
-            }
-            currentRetainPart2.add(new DERSequence(currentRetainPart1));
-            currentRetainPart1 = new ASN1EncodableVector();
-        }
-        result.add(new DERSequence(currentRetainPart2));
-
-        // --- Encode <nextRetain>.
-        ASN1EncodableVector nextRetainPart0 = new ASN1EncodableVector();
-        ASN1EncodableVector nextRetainPart1 = new ASN1EncodableVector();
-        ASN1EncodableVector nextRetainPart2 = new ASN1EncodableVector();
-        for (int i = 0; i < nextRetain.length; i++)
-        {
-            for (int j = 0; j < nextRetain[i].length; j++)
-            {
-                for (int k = 0; k < nextRetain[i][j].size(); k++)
-                {
-                    nextRetainPart0.add(new DEROctetString(
-                        (byte[])nextRetain[i][j].elementAt(k)));
-                }
-                nextRetainPart1.add(new DERSequence(nextRetainPart0));
-                nextRetainPart0 = new ASN1EncodableVector();
-            }
-            nextRetainPart2.add(new DERSequence(nextRetainPart1));
-            nextRetainPart1 = new ASN1EncodableVector();
-        }
-        result.add(new DERSequence(nextRetainPart2));
-
-        // --- Encode <nextNextLeaf>.
-        ASN1EncodableVector seqOfLeaf = new ASN1EncodableVector();
-        seqOfStat = new ASN1EncodableVector();
-        seqOfByte = new ASN1EncodableVector();
-        seqOfInt = new ASN1EncodableVector();
-
-        for (int i = 0; i < nextNextLeaf.length; i++)
-        {
-            seqOfStat.add(new DERSequence(algorithms[0]));
-
-            byte[][] tempByte = nextNextLeaf[i].getStatByte();
-            seqOfByte.add(new DEROctetString(tempByte[0]));
-            seqOfByte.add(new DEROctetString(tempByte[1]));
-            seqOfByte.add(new DEROctetString(tempByte[2]));
-            seqOfByte.add(new DEROctetString(tempByte[3]));
-            seqOfStat.add(new DERSequence(seqOfByte));
-            seqOfByte = new ASN1EncodableVector();
-
-            int[] tempInt = nextNextLeaf[i].getStatInt();
-            seqOfInt.add(new ASN1Integer(tempInt[0]));
-            seqOfInt.add(new ASN1Integer(tempInt[1]));
-            seqOfInt.add(new ASN1Integer(tempInt[2]));
-            seqOfInt.add(new ASN1Integer(tempInt[3]));
-            seqOfStat.add(new DERSequence(seqOfInt));
-            seqOfInt = new ASN1EncodableVector();
-
-            seqOfLeaf.add(new DERSequence(seqOfStat));
-            seqOfStat = new ASN1EncodableVector();
-        }
-        result.add(new DERSequence(seqOfLeaf));
-
-        // --- Encode <upperLEAF>.
-        ASN1EncodableVector seqOfUpperLeaf = new ASN1EncodableVector();
-        seqOfStat = new ASN1EncodableVector();
-        seqOfByte = new ASN1EncodableVector();
-        seqOfInt = new ASN1EncodableVector();
-
-        for (int i = 0; i < upperLeaf.length; i++)
-        {
-            seqOfStat.add(new DERSequence(algorithms[0]));
-
-            byte[][] tempByte = upperLeaf[i].getStatByte();
-            seqOfByte.add(new DEROctetString(tempByte[0]));
-            seqOfByte.add(new DEROctetString(tempByte[1]));
-            seqOfByte.add(new DEROctetString(tempByte[2]));
-            seqOfByte.add(new DEROctetString(tempByte[3]));
-            seqOfStat.add(new DERSequence(seqOfByte));
-            seqOfByte = new ASN1EncodableVector();
-
-            int[] tempInt = upperLeaf[i].getStatInt();
-            seqOfInt.add(new ASN1Integer(tempInt[0]));
-            seqOfInt.add(new ASN1Integer(tempInt[1]));
-            seqOfInt.add(new ASN1Integer(tempInt[2]));
-            seqOfInt.add(new ASN1Integer(tempInt[3]));
-            seqOfStat.add(new DERSequence(seqOfInt));
-            seqOfInt = new ASN1EncodableVector();
-
-            seqOfUpperLeaf.add(new DERSequence(seqOfStat));
-            seqOfStat = new ASN1EncodableVector();
-        }
-        result.add(new DERSequence(seqOfUpperLeaf));
-
-        // encode <upperTreehashLeaf>
-        ASN1EncodableVector seqOfUpperTreehashLeaf = new ASN1EncodableVector();
-        seqOfStat = new ASN1EncodableVector();
-        seqOfByte = new ASN1EncodableVector();
-        seqOfInt = new ASN1EncodableVector();
-
-        for (int i = 0; i < upperTreehashLeaf.length; i++)
-        {
-            seqOfStat.add(new DERSequence(algorithms[0]));
-
-            byte[][] tempByte = upperTreehashLeaf[i].getStatByte();
-            seqOfByte.add(new DEROctetString(tempByte[0]));
-            seqOfByte.add(new DEROctetString(tempByte[1]));
-            seqOfByte.add(new DEROctetString(tempByte[2]));
-            seqOfByte.add(new DEROctetString(tempByte[3]));
-            seqOfStat.add(new DERSequence(seqOfByte));
-            seqOfByte = new ASN1EncodableVector();
-
-            int[] tempInt = upperTreehashLeaf[i].getStatInt();
-            seqOfInt.add(new ASN1Integer(tempInt[0]));
-            seqOfInt.add(new ASN1Integer(tempInt[1]));
-            seqOfInt.add(new ASN1Integer(tempInt[2]));
-            seqOfInt.add(new ASN1Integer(tempInt[3]));
-            seqOfStat.add(new DERSequence(seqOfInt));
-            seqOfInt = new ASN1EncodableVector();
-
-            seqOfUpperTreehashLeaf.add(new DERSequence(seqOfStat));
-            seqOfStat = new ASN1EncodableVector();
-        }
-        result.add(new DERSequence(seqOfUpperTreehashLeaf));
-
-        // --- Encode <minTreehash>.
-        ASN1EncodableVector minTreehashPart = new ASN1EncodableVector();
-        for (int i = 0; i < minTreehash.length; i++)
-        {
-            minTreehashPart.add(new ASN1Integer(minTreehash[i]));
-        }
-        result.add(new DERSequence(minTreehashPart));
-
-        // --- Encode <nextRoot>.
-        ASN1EncodableVector nextRootPart = new ASN1EncodableVector();
-        for (int i = 0; i < nextRoot.length; i++)
-        {
-            nextRootPart.add(new DEROctetString(nextRoot[i]));
-        }
-        result.add(new DERSequence(nextRootPart));
-
-        // --- Encode <nextNextRoot>.
-        ASN1EncodableVector seqOfnextNextRoot = new ASN1EncodableVector();
-        ASN1EncodableVector seqOfnnRStats = new ASN1EncodableVector();
-        ASN1EncodableVector seqOfnnRStrings = new ASN1EncodableVector();
-        ASN1EncodableVector seqOfnnRBytes = new ASN1EncodableVector();
-        ASN1EncodableVector seqOfnnRInts = new ASN1EncodableVector();
-        ASN1EncodableVector seqOfnnRTreehash = new ASN1EncodableVector();
-        ASN1EncodableVector seqOfnnRRetain = new ASN1EncodableVector();
-
-        for (int i = 0; i < nextNextRoot.length; i++)
-        {
-            seqOfnnRStats.add(new DERSequence(algorithms[0]));
-            seqOfnnRStrings = new ASN1EncodableVector();
-
-            int heightOfTree = nextNextRoot[i].getStatInt()[0];
-            int tailLength = nextNextRoot[i].getStatInt()[7];
-
-            seqOfnnRBytes.add(new DEROctetString(
-                nextNextRoot[i].getStatByte()[0]));
-            for (int j = 0; j < heightOfTree; j++)
-            {
-                seqOfnnRBytes.add(new DEROctetString(nextNextRoot[i]
-                    .getStatByte()[1 + j]));
-            }
-            for (int j = 0; j < tailLength; j++)
-            {
-                seqOfnnRBytes.add(new DEROctetString(nextNextRoot[i]
-                    .getStatByte()[1 + heightOfTree + j]));
-            }
-
-            seqOfnnRStats.add(new DERSequence(seqOfnnRBytes));
-            seqOfnnRBytes = new ASN1EncodableVector();
-
-            seqOfnnRInts.add(new ASN1Integer(heightOfTree));
-            seqOfnnRInts.add(new ASN1Integer(nextNextRoot[i].getStatInt()[1]));
-            seqOfnnRInts.add(new ASN1Integer(nextNextRoot[i].getStatInt()[2]));
-            seqOfnnRInts.add(new ASN1Integer(nextNextRoot[i].getStatInt()[3]));
-            seqOfnnRInts.add(new ASN1Integer(nextNextRoot[i].getStatInt()[4]));
-            seqOfnnRInts.add(new ASN1Integer(nextNextRoot[i].getStatInt()[5]));
-            seqOfnnRInts.add(new ASN1Integer(nextNextRoot[i].getStatInt()[6]));
-            seqOfnnRInts.add(new ASN1Integer(tailLength));
-            for (int j = 0; j < heightOfTree; j++)
-            {
-                seqOfnnRInts.add(new ASN1Integer(
-                    nextNextRoot[i].getStatInt()[8 + j]));
-            }
-            for (int j = 0; j < tailLength; j++)
-            {
-                seqOfnnRInts.add(new ASN1Integer(nextNextRoot[i].getStatInt()[8
-                    + heightOfTree + j]));
-            }
-
-            seqOfnnRStats.add(new DERSequence(seqOfnnRInts));
-            seqOfnnRInts = new ASN1EncodableVector();
-
-            // add treehash of nextNextRoot object
-            // ----------------------------
-            seqOfStat = new ASN1EncodableVector();
-            seqOfByte = new ASN1EncodableVector();
-            seqOfInt = new ASN1EncodableVector();
-
-            if (nextNextRoot[i].getTreehash() != null)
-            {
-                for (int j = 0; j < nextNextRoot[i].getTreehash().length; j++)
-                {
-                    seqOfStat.add(new DERSequence(algorithms[0]));
-
-                    tailLength = nextNextRoot[i].getTreehash()[j].getStatInt()[1];
-
-                    seqOfByte.add(new DEROctetString(nextNextRoot[i]
-                        .getTreehash()[j].getStatByte()[0]));
-                    seqOfByte.add(new DEROctetString(nextNextRoot[i]
-                        .getTreehash()[j].getStatByte()[1]));
-                    seqOfByte.add(new DEROctetString(nextNextRoot[i]
-                        .getTreehash()[j].getStatByte()[2]));
-                    for (int k = 0; k < tailLength; k++)
-                    {
-                        seqOfByte.add(new DEROctetString(nextNextRoot[i]
-                            .getTreehash()[j].getStatByte()[3 + k]));
-                    }
-                    seqOfStat.add(new DERSequence(seqOfByte));
-                    seqOfByte = new ASN1EncodableVector();
-
-                    seqOfInt.add(new ASN1Integer(
-                        nextNextRoot[i].getTreehash()[j].getStatInt()[0]));
-                    seqOfInt.add(new ASN1Integer(tailLength));
-                    seqOfInt.add(new ASN1Integer(
-                        nextNextRoot[i].getTreehash()[j].getStatInt()[2]));
-                    seqOfInt.add(new ASN1Integer(
-                        nextNextRoot[i].getTreehash()[j].getStatInt()[3]));
-                    seqOfInt.add(new ASN1Integer(
-                        nextNextRoot[i].getTreehash()[j].getStatInt()[4]));
-                    seqOfInt.add(new ASN1Integer(
-                        nextNextRoot[i].getTreehash()[j].getStatInt()[5]));
-                    for (int k = 0; k < tailLength; k++)
-                    {
-                        seqOfInt.add(new ASN1Integer(nextNextRoot[i]
-                            .getTreehash()[j].getStatInt()[6 + k]));
-                    }
-                    seqOfStat.add(new DERSequence(seqOfInt));
-                    seqOfInt = new ASN1EncodableVector();
-
-                    seqOfnnRTreehash.add(new DERSequence(seqOfStat));
-                    seqOfStat = new ASN1EncodableVector();
-                }
-            }
-            // ----------------------------
-            seqOfnnRStats.add(new DERSequence(seqOfnnRTreehash));
-            seqOfnnRTreehash = new ASN1EncodableVector();
-
-            // encode retain of nextNextRoot
-            // ----------------------------
-            // --- Encode <curRetain>.
-            currentRetainPart0 = new ASN1EncodableVector();
-            if (nextNextRoot[i].getRetain() != null)
-            {
-                for (int j = 0; j < nextNextRoot[i].getRetain().length; j++)
-                {
-                    for (int k = 0; k < nextNextRoot[i].getRetain()[j].size(); k++)
-                    {
-                        currentRetainPart0.add(new DEROctetString(
-                            (byte[])nextNextRoot[i].getRetain()[j]
-                                .elementAt(k)));
-                    }
-                    seqOfnnRRetain.add(new DERSequence(currentRetainPart0));
-                    currentRetainPart0 = new ASN1EncodableVector();
-                }
-            }
-            // ----------------------------
-            seqOfnnRStats.add(new DERSequence(seqOfnnRRetain));
-            seqOfnnRRetain = new ASN1EncodableVector();
-
-            seqOfnextNextRoot.add(new DERSequence(seqOfnnRStats));
-            seqOfnnRStats = new ASN1EncodableVector();
-        }
-        result.add(new DERSequence(seqOfnextNextRoot));
-
-        // --- Encode <curRootSig>.
-        ASN1EncodableVector curRootSigPart = new ASN1EncodableVector();
-        for (int i = 0; i < currentRootSig.length; i++)
-        {
-            curRootSigPart.add(new DEROctetString(currentRootSig[i]));
-        }
-        result.add(new DERSequence(curRootSigPart));
-
-        // --- Encode <nextRootSig>.
-        ASN1EncodableVector seqOfnextRootSigs = new ASN1EncodableVector();
-        ASN1EncodableVector seqOfnRSStats = new ASN1EncodableVector();
-        ASN1EncodableVector seqOfnRSStrings = new ASN1EncodableVector();
-        ASN1EncodableVector seqOfnRSBytes = new ASN1EncodableVector();
-        ASN1EncodableVector seqOfnRSInts = new ASN1EncodableVector();
-
-        for (int i = 0; i < nextRootSig.length; i++)
-        {
-            seqOfnRSStats.add(new DERSequence(algorithms[0]));
-            seqOfnRSStrings = new ASN1EncodableVector();
-
-            seqOfnRSBytes.add(new DEROctetString(
-                nextRootSig[i].getStatByte()[0]));
-            seqOfnRSBytes.add(new DEROctetString(
-                nextRootSig[i].getStatByte()[1]));
-            seqOfnRSBytes.add(new DEROctetString(
-                nextRootSig[i].getStatByte()[2]));
-            seqOfnRSBytes.add(new DEROctetString(
-                nextRootSig[i].getStatByte()[3]));
-            seqOfnRSBytes.add(new DEROctetString(
-                nextRootSig[i].getStatByte()[4]));
-
-            seqOfnRSStats.add(new DERSequence(seqOfnRSBytes));
-            seqOfnRSBytes = new ASN1EncodableVector();
-
-            seqOfnRSInts.add(new ASN1Integer(nextRootSig[i].getStatInt()[0]));
-            seqOfnRSInts.add(new ASN1Integer(nextRootSig[i].getStatInt()[1]));
-            seqOfnRSInts.add(new ASN1Integer(nextRootSig[i].getStatInt()[2]));
-            seqOfnRSInts.add(new ASN1Integer(nextRootSig[i].getStatInt()[3]));
-            seqOfnRSInts.add(new ASN1Integer(nextRootSig[i].getStatInt()[4]));
-            seqOfnRSInts.add(new ASN1Integer(nextRootSig[i].getStatInt()[5]));
-            seqOfnRSInts.add(new ASN1Integer(nextRootSig[i].getStatInt()[6]));
-            seqOfnRSInts.add(new ASN1Integer(nextRootSig[i].getStatInt()[7]));
-            seqOfnRSInts.add(new ASN1Integer(nextRootSig[i].getStatInt()[8]));
-
-            seqOfnRSStats.add(new DERSequence(seqOfnRSInts));
-            seqOfnRSInts = new ASN1EncodableVector();
-
-            seqOfnextRootSigs.add(new DERSequence(seqOfnRSStats));
-            seqOfnRSStats = new ASN1EncodableVector();
-        }
-        result.add(new DERSequence(seqOfnextRootSigs));
-
-        // --- Encode <parameterset>.
-        ASN1EncodableVector parSetPart0 = new ASN1EncodableVector();
-        ASN1EncodableVector parSetPart1 = new ASN1EncodableVector();
-        ASN1EncodableVector parSetPart2 = new ASN1EncodableVector();
-        ASN1EncodableVector parSetPart3 = new ASN1EncodableVector();
-
-        for (int i = 0; i < gmssParameterset.getHeightOfTrees().length; i++)
-        {
-            parSetPart1.add(new ASN1Integer(
-                gmssParameterset.getHeightOfTrees()[i]));
-            parSetPart2.add(new ASN1Integer(gmssParameterset
-                .getWinternitzParameter()[i]));
-            parSetPart3.add(new ASN1Integer(gmssParameterset.getK()[i]));
-        }
-        parSetPart0.add(new ASN1Integer(gmssParameterset.getNumOfLayers()));
-        parSetPart0.add(new DERSequence(parSetPart1));
-        parSetPart0.add(new DERSequence(parSetPart2));
-        parSetPart0.add(new DERSequence(parSetPart3));
-        result.add(new DERSequence(parSetPart0));
-
-        // --- Encode <names>.
-        ASN1EncodableVector namesPart = new ASN1EncodableVector();
-
-        for (int i = 0; i < algorithms.length; i++)
-        {
-            namesPart.add(algorithms[i]);
-        }
-
-        result.add(new DERSequence(namesPart));
-        return new DERSequence(result);
-
-    }
-
-    private static int checkBigIntegerInIntRange(ASN1Encodable a)
-    {
-        BigInteger b = ((ASN1Integer)a).getValue();
-        if ((b.compareTo(BigInteger.valueOf(Integer.MAX_VALUE)) > 0) ||
-            (b.compareTo(BigInteger.valueOf(Integer.MIN_VALUE)) < 0))
-        {
-            throw new IllegalArgumentException("BigInteger not in Range: " + b.toString());
-        }
-        return b.intValue();
-    }
-
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        return this.primitive;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/GMSSPublicKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/asn1/GMSSPublicKey.java
deleted file mode 100644
index fc5c4f2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/GMSSPublicKey.java
+++ /dev/null

@@ -1,74 +0,0 @@
-package org.bouncycastle.pqc.asn1;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.util.Arrays;
-
-/**
- * This class implements an ASN.1 encoded GMSS public key. The ASN.1 definition
- * of this structure is:
- * <pre>
- *  GMSSPublicKey        ::= SEQUENCE{
- *      version         INTEGER
- *      publicKey       OCTET STRING
- *  }
- * </pre>
- */
-public class GMSSPublicKey
-    extends ASN1Object
-{
-    private ASN1Integer version;
-    private byte[] publicKey;
-
-    private GMSSPublicKey(ASN1Sequence seq)
-    {
-        if (seq.size() != 2)
-        {
-            throw new IllegalArgumentException("size of seq = " + seq.size());
-        }
-
-        this.version = ASN1Integer.getInstance(seq.getObjectAt(0));
-        this.publicKey = ASN1OctetString.getInstance(seq.getObjectAt(1)).getOctets();
-    }
-
-    public GMSSPublicKey(byte[] publicKeyBytes)
-    {
-        this.version = new ASN1Integer(0);
-        this.publicKey = publicKeyBytes;
-    }
-
-    public static GMSSPublicKey getInstance(Object o)
-    {
-        if (o instanceof GMSSPublicKey)
-        {
-            return (GMSSPublicKey)o;
-        }
-        else if (o != null)
-        {
-            return new GMSSPublicKey(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public byte[] getPublicKey()
-    {
-        return Arrays.clone(publicKey);
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(version);
-        v.add(new DEROctetString(publicKey));
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/McElieceCCA2PrivateKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/asn1/McElieceCCA2PrivateKey.java
deleted file mode 100644
index c00563e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/McElieceCCA2PrivateKey.java
+++ /dev/null

@@ -1,140 +0,0 @@
-package org.bouncycastle.pqc.asn1;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.pqc.math.linearalgebra.GF2mField;
-import org.bouncycastle.pqc.math.linearalgebra.Permutation;
-import org.bouncycastle.pqc.math.linearalgebra.PolynomialGF2mSmallM;
-
-/**
- * Return the keyData to encode in the PrivateKeyInfo structure.
- * <p>
- * The ASN.1 definition of the key structure is
- * </p>
- * <pre>
- *   McElieceCCA2PrivateKey ::= SEQUENCE {
- *     m             INTEGER                  -- extension degree of the field
- *     k             INTEGER                  -- dimension of the code
- *     field         OCTET STRING             -- field polynomial
- *     goppaPoly     OCTET STRING             -- irreducible Goppa polynomial
- *     p             OCTET STRING             -- permutation vector
- *     digest        AlgorithmIdentifier      -- algorithm identifier for CCA2 digest
- *   }
- * </pre>
- */
-public class McElieceCCA2PrivateKey
-    extends ASN1Object
-{
-    private int n;
-    private int k;
-    private byte[] encField;
-    private byte[] encGp;
-    private byte[] encP;
-    private AlgorithmIdentifier digest;
-
-
-    public McElieceCCA2PrivateKey(int n, int k, GF2mField field, PolynomialGF2mSmallM goppaPoly, Permutation p, AlgorithmIdentifier digest)
-    {
-        this.n = n;
-        this.k = k;
-        this.encField = field.getEncoded();
-        this.encGp = goppaPoly.getEncoded();
-        this.encP = p.getEncoded();
-        this.digest = digest;
-    }
-
-    private McElieceCCA2PrivateKey(ASN1Sequence seq)
-    {
-        BigInteger bigN = ((ASN1Integer)seq.getObjectAt(0)).getValue();
-        n = bigN.intValue();
-
-        BigInteger bigK = ((ASN1Integer)seq.getObjectAt(1)).getValue();
-        k = bigK.intValue();
-
-        encField = ((ASN1OctetString)seq.getObjectAt(2)).getOctets();
-
-        encGp = ((ASN1OctetString)seq.getObjectAt(3)).getOctets();
-
-        encP = ((ASN1OctetString)seq.getObjectAt(4)).getOctets();
-
-        digest = AlgorithmIdentifier.getInstance(seq.getObjectAt(5));
-    }
-
-    public int getN()
-    {
-        return n;
-    }
-
-    public int getK()
-    {
-        return k;
-    }
-
-    public GF2mField getField()
-    {
-        return new GF2mField(encField);
-    }
-
-    public PolynomialGF2mSmallM getGoppaPoly()
-    {
-        return new PolynomialGF2mSmallM(this.getField(), encGp);
-    }
-
-    public Permutation getP()
-    {
-        return new Permutation(encP);
-    }
-
-    public AlgorithmIdentifier getDigest()
-    {
-        return digest;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        // encode <n>
-        v.add(new ASN1Integer(n));
-
-        // encode <k>
-        v.add(new ASN1Integer(k));
-
-        // encode <field>
-        v.add(new DEROctetString(encField));
-
-        // encode <gp>
-        v.add(new DEROctetString(encGp));
-
-        // encode <p>
-        v.add(new DEROctetString(encP));
-
-        v.add(digest);
-
-        return new DERSequence(v);
-    }
-
-    public static McElieceCCA2PrivateKey getInstance(Object o)
-    {
-        if (o instanceof McElieceCCA2PrivateKey)
-        {
-            return (McElieceCCA2PrivateKey)o;
-        }
-        else if (o != null)
-        {
-            return new McElieceCCA2PrivateKey(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/McElieceCCA2PublicKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/asn1/McElieceCCA2PublicKey.java
deleted file mode 100644
index 918c12e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/McElieceCCA2PublicKey.java
+++ /dev/null

@@ -1,96 +0,0 @@
-package org.bouncycastle.pqc.asn1;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.pqc.math.linearalgebra.GF2Matrix;
-
-public class McElieceCCA2PublicKey
-    extends ASN1Object
-{
-    private final int n;
-    private final int t;
-    private final GF2Matrix g;
-    private final AlgorithmIdentifier digest;
-
-    public McElieceCCA2PublicKey(int n, int t, GF2Matrix g, AlgorithmIdentifier digest)
-    {
-        this.n = n;
-        this.t = t;
-        this.g = new GF2Matrix(g.getEncoded());
-        this.digest = digest;
-    }
-
-    private McElieceCCA2PublicKey(ASN1Sequence seq)
-    {
-        BigInteger bigN = ((ASN1Integer)seq.getObjectAt(0)).getValue();
-        n = bigN.intValue();
-
-        BigInteger bigT = ((ASN1Integer)seq.getObjectAt(1)).getValue();
-        t = bigT.intValue();
-
-        g = new GF2Matrix(((ASN1OctetString)seq.getObjectAt(2)).getOctets());
-
-        digest = AlgorithmIdentifier.getInstance(seq.getObjectAt(3));
-    }
-
-    public int getN()
-    {
-        return n;
-    }
-
-    public int getT()
-    {
-        return t;
-    }
-
-    public GF2Matrix getG()
-    {
-        return g;
-    }
-
-    public AlgorithmIdentifier getDigest()
-    {
-        return digest;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        // encode <n>
-        v.add(new ASN1Integer(n));
-
-        // encode <t>
-        v.add(new ASN1Integer(t));
-
-        // encode <matrixG>
-        v.add(new DEROctetString(g.getEncoded()));
-
-        v.add(digest);
-
-        return new DERSequence(v);
-    }
-
-    public static McElieceCCA2PublicKey getInstance(Object o)
-    {
-        if (o instanceof McElieceCCA2PublicKey)
-        {
-            return (McElieceCCA2PublicKey)o;
-        }
-        else if (o != null)
-        {
-            return new McElieceCCA2PublicKey(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/McEliecePrivateKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/asn1/McEliecePrivateKey.java
deleted file mode 100644
index 447e344..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/McEliecePrivateKey.java
+++ /dev/null

@@ -1,137 +0,0 @@
-package org.bouncycastle.pqc.asn1;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.pqc.math.linearalgebra.GF2Matrix;
-import org.bouncycastle.pqc.math.linearalgebra.GF2mField;
-import org.bouncycastle.pqc.math.linearalgebra.Permutation;
-import org.bouncycastle.pqc.math.linearalgebra.PolynomialGF2mSmallM;
-
-public class McEliecePrivateKey
-    extends ASN1Object
-{
-    private int n;
-    private int k;
-    private byte[] encField;
-    private byte[] encGp;
-    private byte[] encSInv;
-    private byte[] encP1;
-    private byte[] encP2;
-
-    public McEliecePrivateKey(int n, int k, GF2mField field, PolynomialGF2mSmallM goppaPoly, Permutation p1, Permutation p2, GF2Matrix sInv)
-    {
-        this.n = n;
-        this.k = k;
-        this.encField = field.getEncoded();
-        this.encGp = goppaPoly.getEncoded();
-        this.encSInv = sInv.getEncoded();
-        this.encP1 = p1.getEncoded();
-        this.encP2 = p2.getEncoded();
-    }
-
-    public static McEliecePrivateKey getInstance(Object o)
-    {
-        if (o instanceof McEliecePrivateKey)
-        {
-            return (McEliecePrivateKey)o;
-        }
-        else if (o != null)
-        {
-            return new McEliecePrivateKey(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    private McEliecePrivateKey(ASN1Sequence seq)
-    {
-        BigInteger bigN = ((ASN1Integer)seq.getObjectAt(0)).getValue();
-        n = bigN.intValue();
-
-        BigInteger bigK = ((ASN1Integer)seq.getObjectAt(1)).getValue();
-        k = bigK.intValue();
-
-        encField = ((ASN1OctetString)seq.getObjectAt(2)).getOctets();
-
-        encGp = ((ASN1OctetString)seq.getObjectAt(3)).getOctets();
-
-        encP1 = ((ASN1OctetString)seq.getObjectAt(4)).getOctets();
-
-        encP2 = ((ASN1OctetString)seq.getObjectAt(5)).getOctets();
-
-        encSInv = ((ASN1OctetString)seq.getObjectAt(6)).getOctets();
-    }
-
-    public int getN()
-    {
-        return n;
-    }
-
-    public int getK()
-    {
-        return k;
-    }
-
-    public GF2mField getField()
-    {
-        return new GF2mField(encField);
-    }
-
-    public PolynomialGF2mSmallM getGoppaPoly()
-    {
-        return new PolynomialGF2mSmallM(this.getField(), encGp);
-    }
-
-    public GF2Matrix getSInv()
-    {
-        return new GF2Matrix(encSInv);
-    }
-
-    public Permutation getP1()
-    {
-        return new Permutation(encP1);
-    }
-
-    public Permutation getP2()
-    {
-        return new Permutation(encP2);
-    }
-
-
-    public ASN1Primitive toASN1Primitive()
-    {
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        // encode <n>
-        v.add(new ASN1Integer(n));
-
-        // encode <k>
-        v.add(new ASN1Integer(k));
-
-        // encode <fieldPoly>
-        v.add(new DEROctetString(encField));
-
-        // encode <goppaPoly>
-        v.add(new DEROctetString(encGp));
-
-        // encode <p1>
-        v.add(new DEROctetString(encP1));
-
-        // encode <p2>
-        v.add(new DEROctetString(encP2));
-
-        // encode <sInv>
-        v.add(new DEROctetString(encSInv));
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/McEliecePublicKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/asn1/McEliecePublicKey.java
deleted file mode 100644
index 0a84365..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/McEliecePublicKey.java
+++ /dev/null

@@ -1,84 +0,0 @@
-package org.bouncycastle.pqc.asn1;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.pqc.math.linearalgebra.GF2Matrix;
-
-public class McEliecePublicKey
-    extends ASN1Object
-{
-    private final int n;
-    private final int t;
-    private final GF2Matrix g;
-
-    public McEliecePublicKey(int n, int t, GF2Matrix g)
-    {
-        this.n = n;
-        this.t = t;
-        this.g = new GF2Matrix(g);
-    }
-
-    private McEliecePublicKey(ASN1Sequence seq)
-    {
-        BigInteger bigN = ((ASN1Integer)seq.getObjectAt(0)).getValue();
-        n = bigN.intValue();
-
-        BigInteger bigT = ((ASN1Integer)seq.getObjectAt(1)).getValue();
-        t = bigT.intValue();
-
-        g = new GF2Matrix(((ASN1OctetString)seq.getObjectAt(2)).getOctets());
-    }
-
-    public int getN()
-    {
-        return n;
-    }
-
-    public int getT()
-    {
-        return t;
-    }
-
-    public GF2Matrix getG()
-    {
-        return new GF2Matrix(g);
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        // encode <n>
-        v.add(new ASN1Integer(n));
-
-        // encode <t>
-        v.add(new ASN1Integer(t));
-
-        // encode <matrixG>
-        v.add(new DEROctetString(g.getEncoded()));
-
-        return new DERSequence(v);
-    }
-
-    public static McEliecePublicKey getInstance(Object o)
-    {
-        if (o instanceof McEliecePublicKey)
-        {
-            return (McEliecePublicKey)o;
-        }
-        else if (o != null)
-        {
-            return new McEliecePublicKey(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/PQCObjectIdentifiers.java b/bcprov/src/main/java/org/bouncycastle/pqc/asn1/PQCObjectIdentifiers.java
deleted file mode 100644
index 52daba1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/PQCObjectIdentifiers.java
+++ /dev/null

@@ -1,129 +0,0 @@
-package org.bouncycastle.pqc.asn1;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.bc.BCObjectIdentifiers;
-
-/**
- * PQC:
- * <p>
- * { iso(1) identifier-organization(3) dod(6) internet(1) private(4) 1 8301 3 1 3 5 3 ... }
- */
-public interface PQCObjectIdentifiers
-{
-    /** 1.3.6.1.4.1.8301.3.1.3.5.3.2 */
-    public static final ASN1ObjectIdentifier rainbow = new ASN1ObjectIdentifier("1.3.6.1.4.1.8301.3.1.3.5.3.2");
-
-    /** 1.3.6.1.4.1.8301.3.1.3.5.3.2.1 */
-    public static final ASN1ObjectIdentifier rainbowWithSha1   = rainbow.branch("1");
-    /** 1.3.6.1.4.1.8301.3.1.3.5.3.2.2 */
-    public static final ASN1ObjectIdentifier rainbowWithSha224 = rainbow.branch("2");
-    /** 1.3.6.1.4.1.8301.3.1.3.5.3.2.3 */
-    public static final ASN1ObjectIdentifier rainbowWithSha256 = rainbow.branch("3");
-    /** 1.3.6.1.4.1.8301.3.1.3.5.3.2.4 */
-    public static final ASN1ObjectIdentifier rainbowWithSha384 = rainbow.branch("4");
-    /** 1.3.6.1.4.1.8301.3.1.3.5.3.2.5 */
-    public static final ASN1ObjectIdentifier rainbowWithSha512 = rainbow.branch("5");
-
-    /** 1.3.6.1.4.1.8301.3.1.3.3 */
-    public static final ASN1ObjectIdentifier gmss = new ASN1ObjectIdentifier("1.3.6.1.4.1.8301.3.1.3.3");
-
-    /** 1.3.6.1.4.1.8301.3.1.3.3.1 */
-    public static final ASN1ObjectIdentifier gmssWithSha1   = gmss.branch("1");
-    /** 1.3.6.1.4.1.8301.3.1.3.3.2 */
-    public static final ASN1ObjectIdentifier gmssWithSha224 = gmss.branch("2");
-    /** 1.3.6.1.4.1.8301.3.1.3.3.3 */
-    public static final ASN1ObjectIdentifier gmssWithSha256 = gmss.branch("3");
-    /** 1.3.6.1.4.1.8301.3.1.3.3.4 */
-    public static final ASN1ObjectIdentifier gmssWithSha384 = gmss.branch("4");
-    /** 1.3.6.1.4.1.8301.3.1.3.3.5 */
-    public static final ASN1ObjectIdentifier gmssWithSha512 = gmss.branch("5");
-
-    /** 1.3.6.1.4.1.8301.3.1.3.4.1 */
-    public static final ASN1ObjectIdentifier mcEliece       = new ASN1ObjectIdentifier("1.3.6.1.4.1.8301.3.1.3.4.1");
-
-    /** 1.3.6.1.4.1.8301.3.1.3.4.2 */
-    public static final ASN1ObjectIdentifier mcElieceCca2   = new ASN1ObjectIdentifier("1.3.6.1.4.1.8301.3.1.3.4.2");
-
-    public static final ASN1ObjectIdentifier mcElieceFujisaki    = new ASN1ObjectIdentifier("1.3.6.1.4.1.8301.3.1.3.4.2.1");
-    public static final ASN1ObjectIdentifier mcEliecePointcheval = new ASN1ObjectIdentifier("1.3.6.1.4.1.8301.3.1.3.4.2.2");
-    public static final ASN1ObjectIdentifier mcElieceKobara_Imai = new ASN1ObjectIdentifier("1.3.6.1.4.1.8301.3.1.3.4.2.3");
-
-    public static final ASN1ObjectIdentifier sphincs256 = BCObjectIdentifiers.sphincs256;
-    public static final ASN1ObjectIdentifier sphincs256_with_BLAKE512 = BCObjectIdentifiers.sphincs256_with_BLAKE512;
-    public static final ASN1ObjectIdentifier sphincs256_with_SHA512 = BCObjectIdentifiers.sphincs256_with_SHA512;
-    public static final ASN1ObjectIdentifier sphincs256_with_SHA3_512 = BCObjectIdentifiers.sphincs256_with_SHA3_512;
-
-    public static final ASN1ObjectIdentifier newHope = BCObjectIdentifiers.newHope;
-
-    /**
-     * XMSS
-     */
-    public static final ASN1ObjectIdentifier xmss                      = BCObjectIdentifiers.xmss;
-    public static final ASN1ObjectIdentifier xmss_SHA256ph             = BCObjectIdentifiers.xmss_SHA256ph;
-    public static final ASN1ObjectIdentifier xmss_SHA512ph             = BCObjectIdentifiers.xmss_SHA512ph;
-    public static final ASN1ObjectIdentifier xmss_SHAKE128ph           = BCObjectIdentifiers.xmss_SHAKE128ph;
-    public static final ASN1ObjectIdentifier xmss_SHAKE256ph           = BCObjectIdentifiers.xmss_SHAKE256ph;
-    public static final ASN1ObjectIdentifier xmss_SHA256               = BCObjectIdentifiers.xmss_SHA256;
-    public static final ASN1ObjectIdentifier xmss_SHA512               = BCObjectIdentifiers.xmss_SHA512;
-    public static final ASN1ObjectIdentifier xmss_SHAKE128             = BCObjectIdentifiers.xmss_SHAKE128;
-    public static final ASN1ObjectIdentifier xmss_SHAKE256             = BCObjectIdentifiers.xmss_SHAKE256;
-
-
-    /**
-     * XMSS^MT
-     */
-    public static final ASN1ObjectIdentifier xmss_mt                   = BCObjectIdentifiers.xmss_mt;
-    public static final ASN1ObjectIdentifier xmss_mt_SHA256ph          = BCObjectIdentifiers.xmss_mt_SHA256ph;
-    public static final ASN1ObjectIdentifier xmss_mt_SHA512ph          = BCObjectIdentifiers.xmss_mt_SHA512ph;
-    public static final ASN1ObjectIdentifier xmss_mt_SHAKE128ph        = BCObjectIdentifiers.xmss_mt_SHAKE128ph;
-    public static final ASN1ObjectIdentifier xmss_mt_SHAKE256ph        = BCObjectIdentifiers.xmss_mt_SHAKE256ph;
-    public static final ASN1ObjectIdentifier xmss_mt_SHA256            = BCObjectIdentifiers.xmss_mt_SHA256;
-    public static final ASN1ObjectIdentifier xmss_mt_SHA512            = BCObjectIdentifiers.xmss_mt_SHA512;
-    public static final ASN1ObjectIdentifier xmss_mt_SHAKE128          = BCObjectIdentifiers.xmss_mt_SHAKE128;
-    public static final ASN1ObjectIdentifier xmss_mt_SHAKE256          = BCObjectIdentifiers.xmss_mt_SHAKE256;
-
-    // old OIDs.
-    /**
-     * @deprecated use xmss_SHA256ph
-     */
-    public static final ASN1ObjectIdentifier xmss_with_SHA256          = xmss_SHA256ph;
-    /**
-     * @deprecated use xmss_SHA512ph
-     */
-    public static final ASN1ObjectIdentifier xmss_with_SHA512 = xmss_SHA512ph;
-    /**
-     * @deprecated use xmss_SHAKE128ph
-     */
-    public static final ASN1ObjectIdentifier xmss_with_SHAKE128 = xmss_SHAKE128ph;
-    /**
-     * @deprecated use xmss_SHAKE256ph
-     */
-    public static final ASN1ObjectIdentifier xmss_with_SHAKE256        = xmss_SHAKE256ph;
-
-    /**
-     * @deprecated use xmss_mt_SHA256ph
-     */
-    public static final ASN1ObjectIdentifier xmss_mt_with_SHA256          = xmss_mt_SHA256ph;
-    /**
-     * @deprecated use xmss_mt_SHA512ph
-     */
-    public static final ASN1ObjectIdentifier xmss_mt_with_SHA512          = xmss_mt_SHA512ph;
-    /**
-     * @deprecated use xmss_mt_SHAKE128ph
-     */
-    public static final ASN1ObjectIdentifier xmss_mt_with_SHAKE128        = xmss_mt_SHAKE128;
-    /**
-     * @deprecated use xmss_mt_SHAKE256ph
-     */
-    public static final ASN1ObjectIdentifier xmss_mt_with_SHAKE256        = xmss_mt_SHAKE256;
-
-    /**
-     * qTESLA
-     */
-    public static final ASN1ObjectIdentifier qTESLA = BCObjectIdentifiers.qTESLA;
-    public static final ASN1ObjectIdentifier qTESLA_I = BCObjectIdentifiers.qTESLA_I;
-    public static final ASN1ObjectIdentifier qTESLA_III_size = BCObjectIdentifiers.qTESLA_III_size;
-    public static final ASN1ObjectIdentifier qTESLA_III_speed = BCObjectIdentifiers.qTESLA_III_speed;
-    public static final ASN1ObjectIdentifier qTESLA_p_I = BCObjectIdentifiers.qTESLA_p_I;
-    public static final ASN1ObjectIdentifier qTESLA_p_III = BCObjectIdentifiers.qTESLA_p_III;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/ParSet.java b/bcprov/src/main/java/org/bouncycastle/pqc/asn1/ParSet.java
deleted file mode 100644
index dee56a5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/ParSet.java
+++ /dev/null

@@ -1,140 +0,0 @@
-package org.bouncycastle.pqc.asn1;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.util.Arrays;
-
-/**
- * <pre>
- *  ParSet              ::= SEQUENCE {
- *      T               INTEGER
- *      h               SEQUENCE OF INTEGER
- *      w               SEQUENCE OF INTEGER
- *      K               SEQUENCE OF INTEGER
- *  }
- * </pre>
- */
-public class ParSet
-    extends ASN1Object
-{
-    private static final BigInteger ZERO = BigInteger.valueOf(0);
-
-    private int   t;
-    private int[] h;
-    private int[] w;
-    private int[] k;
-
-    private static int checkBigIntegerInIntRangeAndPositive(BigInteger b)
-    {
-        if ((b.compareTo(BigInteger.valueOf(Integer.MAX_VALUE)) > 0) ||
-            (b.compareTo(ZERO) <= 0))
-        {
-            throw new IllegalArgumentException("BigInteger not in Range: " + b.toString());
-        }
-        return b.intValue();
-    }
-
-    private ParSet(ASN1Sequence seq)
-    {
-        if (seq.size() != 4)
-        {
-            throw new IllegalArgumentException("sie of seqOfParams = " + seq.size());
-        }
-        BigInteger asn1int = ((ASN1Integer)seq.getObjectAt(0)).getValue();
-
-        t = checkBigIntegerInIntRangeAndPositive(asn1int);
-
-        ASN1Sequence seqOfPSh = (ASN1Sequence)seq.getObjectAt(1);
-        ASN1Sequence seqOfPSw = (ASN1Sequence)seq.getObjectAt(2);
-        ASN1Sequence seqOfPSK = (ASN1Sequence)seq.getObjectAt(3);
-
-        if ((seqOfPSh.size() != t) ||
-            (seqOfPSw.size() != t) ||
-            (seqOfPSK.size() != t))
-        {
-            throw new IllegalArgumentException("invalid size of sequences");
-        }
-
-        h = new int[seqOfPSh.size()];
-        w = new int[seqOfPSw.size()];
-        k = new int[seqOfPSK.size()];
-
-        for (int i = 0; i < t; i++)
-        {
-            h[i] = checkBigIntegerInIntRangeAndPositive((((ASN1Integer)seqOfPSh.getObjectAt(i))).getValue());
-            w[i] = checkBigIntegerInIntRangeAndPositive((((ASN1Integer)seqOfPSw.getObjectAt(i))).getValue());
-            k[i] = checkBigIntegerInIntRangeAndPositive((((ASN1Integer)seqOfPSK.getObjectAt(i))).getValue());
-        }
-    }
-
-    public ParSet(int t, int[] h, int[] w, int[] k)
-    {
-        this.t = t;
-        this.h = h;
-        this.w = w;
-        this.k = k;
-    }
-
-    public static ParSet getInstance(Object o)
-    {
-        if (o instanceof ParSet)
-        {
-            return (ParSet)o;
-        }
-        else if (o != null)
-        {
-            return new ParSet(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public int getT()
-    {
-        return t;
-    }
-
-    public int[] getH()
-    {
-        return Arrays.clone(h);
-    }
-
-    public int[] getW()
-    {
-        return Arrays.clone(w);
-    }
-
-    public int[] getK()
-    {
-        return Arrays.clone(k);
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector seqOfPSh = new ASN1EncodableVector();
-        ASN1EncodableVector seqOfPSw = new ASN1EncodableVector();
-        ASN1EncodableVector seqOfPSK = new ASN1EncodableVector();
-
-        for (int i = 0; i < h.length; i++)
-        {
-            seqOfPSh.add(new ASN1Integer(h[i]));
-            seqOfPSw.add(new ASN1Integer(w[i]));
-            seqOfPSK.add(new ASN1Integer(k[i]));
-        }
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(new ASN1Integer(t));
-        v.add(new DERSequence(seqOfPSh));
-        v.add(new DERSequence(seqOfPSw));
-        v.add(new DERSequence(seqOfPSK));
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/RainbowPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/asn1/RainbowPrivateKey.java
deleted file mode 100644
index 7c21691..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/RainbowPrivateKey.java
+++ /dev/null

@@ -1,349 +0,0 @@
-package org.bouncycastle.pqc.asn1;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.pqc.crypto.rainbow.Layer;
-import org.bouncycastle.pqc.crypto.rainbow.util.RainbowUtil;
-
-/**
- * Return the key data to encode in the PrivateKeyInfo structure.
- * <p>
- * The ASN.1 definition of the key structure is
- * <pre>
- *   RainbowPrivateKey ::= SEQUENCE {
- *         CHOICE
- *         {
- *         oid        OBJECT IDENTIFIER         -- OID identifying the algorithm
- *         version    INTEGER                    -- 0
- *         }
- *     A1inv      SEQUENCE OF OCTET STRING  -- inversed matrix of L1
- *     b1         OCTET STRING              -- translation vector of L1
- *     A2inv      SEQUENCE OF OCTET STRING  -- inversed matrix of L2
- *     b2         OCTET STRING              -- translation vector of L2
- *     vi         OCTET STRING              -- num of elmts in each Set S
- *     layers     SEQUENCE OF Layer         -- layers of F
- *   }
- *
- *   Layer             ::= SEQUENCE OF Poly
- *
- *   Poly              ::= SEQUENCE {
- *     alpha      SEQUENCE OF OCTET STRING
- *     beta       SEQUENCE OF OCTET STRING
- *     gamma      OCTET STRING
- *     eta        INTEGER
- *   }
- * </pre>
- */
-public class RainbowPrivateKey
-    extends ASN1Object
-{
-    private ASN1Integer  version;
-    private ASN1ObjectIdentifier oid;
-
-    private byte[][] invA1;
-    private byte[] b1;
-    private byte[][] invA2;
-    private byte[] b2;
-    private byte[] vi;
-    private Layer[] layers;
-
-    private RainbowPrivateKey(ASN1Sequence seq)
-    {
-        // <oidString>  or version
-        if (seq.getObjectAt(0) instanceof ASN1Integer)
-        {
-            version = ASN1Integer.getInstance(seq.getObjectAt(0));
-        }
-        else
-        {
-            oid = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
-        }
-
-        // <A1inv>
-        ASN1Sequence asnA1 = (ASN1Sequence)seq.getObjectAt(1);
-        invA1 = new byte[asnA1.size()][];
-        for (int i = 0; i < asnA1.size(); i++)
-        {
-            invA1[i] = ((ASN1OctetString)asnA1.getObjectAt(i)).getOctets();
-        }
-
-        // <b1>
-        ASN1Sequence asnb1 = (ASN1Sequence)seq.getObjectAt(2);
-        b1 = ((ASN1OctetString)asnb1.getObjectAt(0)).getOctets();
-
-        // <A2inv>
-        ASN1Sequence asnA2 = (ASN1Sequence)seq.getObjectAt(3);
-        invA2 = new byte[asnA2.size()][];
-        for (int j = 0; j < asnA2.size(); j++)
-        {
-            invA2[j] = ((ASN1OctetString)asnA2.getObjectAt(j)).getOctets();
-        }
-
-        // <b2>
-        ASN1Sequence asnb2 = (ASN1Sequence)seq.getObjectAt(4);
-        b2 = ((ASN1OctetString)asnb2.getObjectAt(0)).getOctets();
-
-        // <vi>
-        ASN1Sequence asnvi = (ASN1Sequence)seq.getObjectAt(5);
-        vi = ((ASN1OctetString)asnvi.getObjectAt(0)).getOctets();
-
-        // <layers>
-        ASN1Sequence asnLayers = (ASN1Sequence)seq.getObjectAt(6);
-
-        byte[][][][] alphas = new byte[asnLayers.size()][][][];
-        byte[][][][] betas = new byte[asnLayers.size()][][][];
-        byte[][][] gammas = new byte[asnLayers.size()][][];
-        byte[][] etas = new byte[asnLayers.size()][];
-        // a layer:
-        for (int l = 0; l < asnLayers.size(); l++)
-        {
-            ASN1Sequence asnLayer = (ASN1Sequence)asnLayers.getObjectAt(l);
-
-            // alphas (num of alpha-2d-array = oi)
-            ASN1Sequence alphas3d = (ASN1Sequence)asnLayer.getObjectAt(0);
-            alphas[l] = new byte[alphas3d.size()][][];
-            for (int m = 0; m < alphas3d.size(); m++)
-            {
-                ASN1Sequence alphas2d = (ASN1Sequence)alphas3d.getObjectAt(m);
-                alphas[l][m] = new byte[alphas2d.size()][];
-                for (int n = 0; n < alphas2d.size(); n++)
-                {
-                    alphas[l][m][n] = ((ASN1OctetString)alphas2d.getObjectAt(n)).getOctets();
-                }
-            }
-
-            // betas ....
-            ASN1Sequence betas3d = (ASN1Sequence)asnLayer.getObjectAt(1);
-            betas[l] = new byte[betas3d.size()][][];
-            for (int mb = 0; mb < betas3d.size(); mb++)
-            {
-                ASN1Sequence betas2d = (ASN1Sequence)betas3d.getObjectAt(mb);
-                betas[l][mb] = new byte[betas2d.size()][];
-                for (int nb = 0; nb < betas2d.size(); nb++)
-                {
-                    betas[l][mb][nb] = ((ASN1OctetString)betas2d.getObjectAt(nb)).getOctets();
-                }
-            }
-
-            // gammas ...
-            ASN1Sequence gammas2d = (ASN1Sequence)asnLayer.getObjectAt(2);
-            gammas[l] = new byte[gammas2d.size()][];
-            for (int mg = 0; mg < gammas2d.size(); mg++)
-            {
-                gammas[l][mg] = ((ASN1OctetString)gammas2d.getObjectAt(mg)).getOctets();
-            }
-
-            // eta ...
-            etas[l] = ((ASN1OctetString)asnLayer.getObjectAt(3)).getOctets();
-        }
-
-        int numOfLayers = vi.length - 1;
-        this.layers = new Layer[numOfLayers];
-        for (int i = 0; i < numOfLayers; i++)
-        {
-            Layer l = new Layer(vi[i], vi[i + 1], RainbowUtil.convertArray(alphas[i]),
-                RainbowUtil.convertArray(betas[i]), RainbowUtil.convertArray(gammas[i]), RainbowUtil.convertArray(etas[i]));
-            this.layers[i] = l;
-
-        }
-    }
-
-    public RainbowPrivateKey(short[][] invA1, short[] b1, short[][] invA2,
-                                   short[] b2, int[] vi, Layer[] layers)
-    {
-        this.version = new ASN1Integer(1);
-        this.invA1 = RainbowUtil.convertArray(invA1);
-        this.b1 = RainbowUtil.convertArray(b1);
-        this.invA2 = RainbowUtil.convertArray(invA2);
-        this.b2 = RainbowUtil.convertArray(b2);
-        this.vi = RainbowUtil.convertIntArray(vi);
-        this.layers = layers;
-    }
-    
-    public static RainbowPrivateKey getInstance(Object o)
-    {
-        if (o instanceof RainbowPrivateKey)
-        {
-            return (RainbowPrivateKey)o;
-        }
-        else if (o != null)
-        {
-            return new RainbowPrivateKey(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public ASN1Integer getVersion()
-    {
-        return version;
-    }
-
-    /**
-     * Getter for the inverse matrix of A1.
-     *
-     * @return the A1inv inverse
-     */
-    public short[][] getInvA1()
-    {
-        return RainbowUtil.convertArray(invA1);
-    }
-
-    /**
-     * Getter for the translation part of the private quadratic map L1.
-     *
-     * @return b1 the translation part of L1
-     */
-    public short[] getB1()
-    {
-        return RainbowUtil.convertArray(b1);
-    }
-
-    /**
-     * Getter for the translation part of the private quadratic map L2.
-     *
-     * @return b2 the translation part of L2
-     */
-    public short[] getB2()
-    {
-        return RainbowUtil.convertArray(b2);
-    }
-
-    /**
-     * Getter for the inverse matrix of A2
-     *
-     * @return the A2inv
-     */
-    public short[][] getInvA2()
-    {
-        return RainbowUtil.convertArray(invA2);
-    }
-
-    /**
-     * Returns the layers contained in the private key
-     *
-     * @return layers
-     */
-    public Layer[] getLayers()
-    {
-        return this.layers;
-    }
-
-    /**
-     * Returns the array of vi-s
-     *
-     * @return the vi
-     */
-    public int[] getVi()
-    {
-        return RainbowUtil.convertArraytoInt(vi);
-    }
-    
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        // encode <oidString>  or version
-        if (version != null)
-        {
-            v.add(version);
-        }
-        else
-        {
-            v.add(oid);
-        }
-
-        // encode <A1inv>
-        ASN1EncodableVector asnA1 = new ASN1EncodableVector();
-        for (int i = 0; i < invA1.length; i++)
-        {
-            asnA1.add(new DEROctetString(invA1[i]));
-        }
-        v.add(new DERSequence(asnA1));
-
-        // encode <b1>
-        ASN1EncodableVector asnb1 = new ASN1EncodableVector();
-        asnb1.add(new DEROctetString(b1));
-        v.add(new DERSequence(asnb1));
-
-        // encode <A2inv>
-        ASN1EncodableVector asnA2 = new ASN1EncodableVector();
-        for (int i = 0; i < invA2.length; i++)
-        {
-            asnA2.add(new DEROctetString(invA2[i]));
-        }
-        v.add(new DERSequence(asnA2));
-
-        // encode <b2>
-        ASN1EncodableVector asnb2 = new ASN1EncodableVector();
-        asnb2.add(new DEROctetString(b2));
-        v.add(new DERSequence(asnb2));
-
-        // encode <vi>
-        ASN1EncodableVector asnvi = new ASN1EncodableVector();
-        asnvi.add(new DEROctetString(vi));
-        v.add(new DERSequence(asnvi));
-
-        // encode <layers>
-        ASN1EncodableVector asnLayers = new ASN1EncodableVector();
-        // a layer:
-        for (int l = 0; l < layers.length; l++)
-        {
-            ASN1EncodableVector aLayer = new ASN1EncodableVector();
-
-            // alphas (num of alpha-2d-array = oi)
-            byte[][][] alphas = RainbowUtil.convertArray(layers[l].getCoeffAlpha());
-            ASN1EncodableVector alphas3d = new ASN1EncodableVector();
-            for (int i = 0; i < alphas.length; i++)
-            {
-                ASN1EncodableVector alphas2d = new ASN1EncodableVector();
-                for (int j = 0; j < alphas[i].length; j++)
-                {
-                    alphas2d.add(new DEROctetString(alphas[i][j]));
-                }
-                alphas3d.add(new DERSequence(alphas2d));
-            }
-            aLayer.add(new DERSequence(alphas3d));
-
-            // betas ....
-            byte[][][] betas = RainbowUtil.convertArray(layers[l].getCoeffBeta());
-            ASN1EncodableVector betas3d = new ASN1EncodableVector();
-            for (int i = 0; i < betas.length; i++)
-            {
-                ASN1EncodableVector betas2d = new ASN1EncodableVector();
-                for (int j = 0; j < betas[i].length; j++)
-                {
-                    betas2d.add(new DEROctetString(betas[i][j]));
-                }
-                betas3d.add(new DERSequence(betas2d));
-            }
-            aLayer.add(new DERSequence(betas3d));
-
-            // gammas ...
-            byte[][] gammas = RainbowUtil.convertArray(layers[l].getCoeffGamma());
-            ASN1EncodableVector asnG = new ASN1EncodableVector();
-            for (int i = 0; i < gammas.length; i++)
-            {
-                asnG.add(new DEROctetString(gammas[i]));
-            }
-            aLayer.add(new DERSequence(asnG));
-
-            // eta
-            aLayer.add(new DEROctetString(RainbowUtil.convertArray(layers[l].getCoeffEta())));
-
-            // now, layer built up. add it!
-            asnLayers.add(new DERSequence(aLayer));
-        }
-
-        v.add(new DERSequence(asnLayers));
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/RainbowPublicKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/asn1/RainbowPublicKey.java
deleted file mode 100644
index febe538..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/RainbowPublicKey.java
+++ /dev/null

@@ -1,174 +0,0 @@
-package org.bouncycastle.pqc.asn1;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.pqc.crypto.rainbow.util.RainbowUtil;
-
-/**
- * This class implements an ASN.1 encoded Rainbow public key. The ASN.1 definition
- * of this structure is:
- * <pre>
- *       RainbowPublicKey ::= SEQUENCE {
- *         CHOICE
- *         {
- *         oid        OBJECT IDENTIFIER         -- OID identifying the algorithm
- *         version    INTEGER                    -- 0
- *         }
- *         docLength        Integer               -- length of the code
- *         coeffquadratic   SEQUENCE OF OCTET STRING -- quadratic (mixed) coefficients
- *         coeffsingular    SEQUENCE OF OCTET STRING -- singular coefficients
- *         coeffscalar    SEQUENCE OF OCTET STRING -- scalar coefficients
- *       }
- * </pre>
- */
-public class RainbowPublicKey
-    extends ASN1Object
-{
-    private ASN1Integer version;
-    private ASN1ObjectIdentifier oid;
-    private ASN1Integer docLength;
-    private byte[][] coeffQuadratic;
-    private byte[][] coeffSingular;
-    private byte[] coeffScalar;
-
-    private RainbowPublicKey(ASN1Sequence seq)
-    {
-        // <oidString>  or version
-        if (seq.getObjectAt(0) instanceof ASN1Integer)
-        {
-            version = ASN1Integer.getInstance(seq.getObjectAt(0));
-        }
-        else
-        {
-            oid = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
-        }
-
-        docLength = ASN1Integer.getInstance(seq.getObjectAt(1));
-
-        ASN1Sequence asnCoeffQuad = ASN1Sequence.getInstance(seq.getObjectAt(2));
-        coeffQuadratic = new byte[asnCoeffQuad.size()][];
-        for (int quadSize = 0; quadSize < asnCoeffQuad.size(); quadSize++)
-        {
-            coeffQuadratic[quadSize] = ASN1OctetString.getInstance(asnCoeffQuad.getObjectAt(quadSize)).getOctets();
-        }
-
-        ASN1Sequence asnCoeffSing = (ASN1Sequence)seq.getObjectAt(3);
-        coeffSingular = new byte[asnCoeffSing.size()][];
-        for (int singSize = 0; singSize < asnCoeffSing.size(); singSize++)
-        {
-            coeffSingular[singSize] = ASN1OctetString.getInstance(asnCoeffSing.getObjectAt(singSize)).getOctets();
-        }
-
-        ASN1Sequence asnCoeffScalar = (ASN1Sequence)seq.getObjectAt(4);
-        coeffScalar = ASN1OctetString.getInstance(asnCoeffScalar.getObjectAt(0)).getOctets();
-    }
-
-    public RainbowPublicKey(int docLength, short[][] coeffQuadratic, short[][] coeffSingular, short[] coeffScalar)
-    {
-        this.version = new ASN1Integer(0);
-        this.docLength = new ASN1Integer(docLength);
-        this.coeffQuadratic = RainbowUtil.convertArray(coeffQuadratic);
-        this.coeffSingular = RainbowUtil.convertArray(coeffSingular);
-        this.coeffScalar = RainbowUtil.convertArray(coeffScalar);
-    }
-
-    public static RainbowPublicKey getInstance(Object o)
-    {
-        if (o instanceof RainbowPublicKey)
-        {
-            return (RainbowPublicKey)o;
-        }
-        else if (o != null)
-        {
-            return new RainbowPublicKey(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public ASN1Integer getVersion()
-    {
-        return version;
-    }
-
-    /**
-     * @return the docLength
-     */
-    public int getDocLength()
-    {
-        return this.docLength.getValue().intValue();
-    }
-
-    /**
-     * @return the coeffquadratic
-     */
-    public short[][] getCoeffQuadratic()
-    {
-        return RainbowUtil.convertArray(coeffQuadratic);
-    }
-
-    /**
-     * @return the coeffsingular
-     */
-    public short[][] getCoeffSingular()
-    {
-        return RainbowUtil.convertArray(coeffSingular);
-    }
-
-    /**
-     * @return the coeffscalar
-     */
-    public short[] getCoeffScalar()
-    {
-        return RainbowUtil.convertArray(coeffScalar);
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        // encode <oidString>  or version
-        if (version != null)
-        {
-            v.add(version);
-        }
-        else
-        {
-            v.add(oid);
-        }
-
-        // encode <docLength>
-        v.add(docLength);
-
-        // encode <coeffQuadratic>
-        ASN1EncodableVector asnCoeffQuad = new ASN1EncodableVector();
-        for (int i = 0; i < coeffQuadratic.length; i++)
-        {
-            asnCoeffQuad.add(new DEROctetString(coeffQuadratic[i]));
-        }
-        v.add(new DERSequence(asnCoeffQuad));
-
-        // encode <coeffSingular>
-        ASN1EncodableVector asnCoeffSing = new ASN1EncodableVector();
-        for (int i = 0; i < coeffSingular.length; i++)
-        {
-            asnCoeffSing.add(new DEROctetString(coeffSingular[i]));
-        }
-        v.add(new DERSequence(asnCoeffSing));
-
-        // encode <coeffScalar>
-        ASN1EncodableVector asnCoeffScalar = new ASN1EncodableVector();
-        asnCoeffScalar.add(new DEROctetString(coeffScalar));
-        v.add(new DERSequence(asnCoeffScalar));
-
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/SPHINCS256KeyParams.java b/bcprov/src/main/java/org/bouncycastle/pqc/asn1/SPHINCS256KeyParams.java
deleted file mode 100644
index 77f32a3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/SPHINCS256KeyParams.java
+++ /dev/null

@@ -1,57 +0,0 @@
-package org.bouncycastle.pqc.asn1;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-public class SPHINCS256KeyParams
-    extends ASN1Object
-{
-    private final ASN1Integer version;
-    private final AlgorithmIdentifier treeDigest;
-
-    public SPHINCS256KeyParams(AlgorithmIdentifier treeDigest)
-    {
-        this.version = new ASN1Integer(0);
-        this.treeDigest = treeDigest;
-    }
-
-    private SPHINCS256KeyParams(ASN1Sequence sequence)
-    {
-        this.version = ASN1Integer.getInstance(sequence.getObjectAt(0));
-        this.treeDigest = AlgorithmIdentifier.getInstance(sequence.getObjectAt(1));
-    }
-
-    public static final SPHINCS256KeyParams getInstance(Object o)
-    {
-        if (o instanceof SPHINCS256KeyParams)
-        {
-            return (SPHINCS256KeyParams)o;
-        }
-        else if (o != null)
-        {
-            return new SPHINCS256KeyParams(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public AlgorithmIdentifier getTreeDigest()
-    {
-        return  treeDigest;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(version);
-        v.add(treeDigest);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/XMSSKeyParams.java b/bcprov/src/main/java/org/bouncycastle/pqc/asn1/XMSSKeyParams.java
deleted file mode 100644
index 0ceb6c7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/XMSSKeyParams.java
+++ /dev/null

@@ -1,76 +0,0 @@
-package org.bouncycastle.pqc.asn1;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * XMSSKeyParams
- * <pre>
- *     XMSSKeyParams ::= SEQUENCE {
- *     version INTEGER -- 0
- *     height INTEGER
- *     treeDigest AlgorithmIdentifier
- * }
- * </pre>
- */
-public class XMSSKeyParams
-    extends ASN1Object
-{
-    private final ASN1Integer version;
-    private final int height;
-    private final AlgorithmIdentifier treeDigest;
-
-    public XMSSKeyParams(int height, AlgorithmIdentifier treeDigest)
-    {
-        this.version = new ASN1Integer(0);
-        this.height = height;
-        this.treeDigest = treeDigest;
-    }
-
-    private XMSSKeyParams(ASN1Sequence sequence)
-    {
-        this.version = ASN1Integer.getInstance(sequence.getObjectAt(0));
-        this.height = ASN1Integer.getInstance(sequence.getObjectAt(1)).getValue().intValue();
-        this.treeDigest = AlgorithmIdentifier.getInstance(sequence.getObjectAt(2));
-    }
-
-    public static XMSSKeyParams getInstance(Object o)
-    {
-        if (o instanceof XMSSKeyParams)
-        {
-            return (XMSSKeyParams)o;
-        }
-        else if (o != null)
-        {
-            return new XMSSKeyParams(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public int getHeight()
-    {
-        return height;
-    }
-
-    public AlgorithmIdentifier getTreeDigest()
-    {
-        return treeDigest;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(version);
-        v.add(new ASN1Integer(height));
-        v.add(treeDigest);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/XMSSMTKeyParams.java b/bcprov/src/main/java/org/bouncycastle/pqc/asn1/XMSSMTKeyParams.java
deleted file mode 100644
index 664bcc5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/XMSSMTKeyParams.java
+++ /dev/null

@@ -1,86 +0,0 @@
-package org.bouncycastle.pqc.asn1;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-
-/**
- * XMMSMTKeyParams
- * <pre>
- *     XMMSMTKeyParams ::= SEQUENCE {
- *         version INTEGER -- 0
- *         height INTEGER
- *         layers INTEGER
- *         treeDigest AlgorithmIdentifier
- * }
- * </pre>
- */
-public class XMSSMTKeyParams
-    extends ASN1Object
-{
-    private final ASN1Integer version;
-    private final int height;
-    private final int layers;
-    private final AlgorithmIdentifier treeDigest;
-
-    public XMSSMTKeyParams(int height, int layers, AlgorithmIdentifier treeDigest)
-    {
-        this.version = new ASN1Integer(0);
-        this.height = height;
-        this.layers = layers;
-        this.treeDigest = treeDigest;
-    }
-
-    private XMSSMTKeyParams(ASN1Sequence sequence)
-    {
-        this.version = ASN1Integer.getInstance(sequence.getObjectAt(0));
-        this.height = ASN1Integer.getInstance(sequence.getObjectAt(1)).getValue().intValue();
-        this.layers = ASN1Integer.getInstance(sequence.getObjectAt(2)).getValue().intValue();
-        this.treeDigest = AlgorithmIdentifier.getInstance(sequence.getObjectAt(3));
-    }
-
-    public static XMSSMTKeyParams getInstance(Object o)
-    {
-        if (o instanceof XMSSMTKeyParams)
-        {
-            return (XMSSMTKeyParams)o;
-        }
-        else if (o != null)
-        {
-            return new XMSSMTKeyParams(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public int getHeight()
-    {
-        return height;
-    }
-
-    public int getLayers()
-    {
-        return layers;
-    }
-
-    public AlgorithmIdentifier getTreeDigest()
-    {
-        return treeDigest;
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(version);
-        v.add(new ASN1Integer(height));
-        v.add(new ASN1Integer(layers));
-        v.add(treeDigest);
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/XMSSMTPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/asn1/XMSSMTPrivateKey.java
deleted file mode 100644
index 79c5aec..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/XMSSMTPrivateKey.java
+++ /dev/null

@@ -1,147 +0,0 @@
-package org.bouncycastle.pqc.asn1;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.util.Arrays;
-
-/**
- * XMMSMTPrivateKey
- * <pre>
- *     XMMSMTPrivateKey ::= SEQUENCE {
- *         version INTEGER -- 0
- *         keyData SEQUENCE {
- *            index         INTEGER
- *            secretKeySeed OCTET STRING
- *            secretKeyPRF  OCTET STRING
- *            publicSeed    OCTET STRING
- *            root          OCTET STRING
- *         }
- *         bdsState CHOICE {
- *            platformSerialization [0] OCTET STRING
- *         } OPTIONAL
- *    }
- * </pre>
- */
-public class XMSSMTPrivateKey
-    extends ASN1Object
-{
-    private final int index;
-    private final byte[] secretKeySeed;
-    private final byte[] secretKeyPRF;
-    private final byte[] publicSeed;
-    private final byte[] root;
-    private final byte[] bdsState;
-
-    public XMSSMTPrivateKey(int index, byte[] secretKeySeed, byte[] secretKeyPRF, byte[] publicSeed, byte[] root, byte[] bdsState)
-    {
-        this.index = index;
-        this.secretKeySeed = Arrays.clone(secretKeySeed);
-        this.secretKeyPRF = Arrays.clone(secretKeyPRF);
-        this.publicSeed = Arrays.clone(publicSeed);
-        this.root = Arrays.clone(root);
-        this.bdsState = Arrays.clone(bdsState);
-    }
-
-    private XMSSMTPrivateKey(ASN1Sequence seq)
-    {
-        if (!ASN1Integer.getInstance(seq.getObjectAt(0)).getValue().equals(BigInteger.valueOf(0)))
-        {
-            throw new IllegalArgumentException("unknown version of sequence");
-        }
-
-        if (seq.size() != 2 && seq.size() != 3)
-        {
-            throw new IllegalArgumentException("key sequence wrong size");
-        }
-
-        ASN1Sequence keySeq = ASN1Sequence.getInstance(seq.getObjectAt(1));
-
-        this.index = ASN1Integer.getInstance(keySeq.getObjectAt(0)).getValue().intValue();
-        this.secretKeySeed = Arrays.clone(DEROctetString.getInstance(keySeq.getObjectAt(1)).getOctets());
-        this.secretKeyPRF = Arrays.clone(DEROctetString.getInstance(keySeq.getObjectAt(2)).getOctets());
-        this.publicSeed = Arrays.clone(DEROctetString.getInstance(keySeq.getObjectAt(3)).getOctets());
-        this.root = Arrays.clone(DEROctetString.getInstance(keySeq.getObjectAt(4)).getOctets());
-
-        if(seq.size() == 3)
-        {
-            this.bdsState = Arrays.clone(DEROctetString.getInstance(ASN1TaggedObject.getInstance(seq.getObjectAt(2)), true).getOctets());
-        }
-        else
-        {
-            this.bdsState = null;
-        }
-    }
-
-    public static XMSSMTPrivateKey getInstance(Object o)
-    {
-        if (o instanceof XMSSMTPrivateKey)
-        {
-            return (XMSSMTPrivateKey)o;
-        }
-        else if (o != null)
-        {
-            return new XMSSMTPrivateKey(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public int getIndex()
-    {
-        return index;
-    }
-
-    public byte[] getSecretKeySeed()
-    {
-        return Arrays.clone(secretKeySeed);
-    }
-
-    public byte[] getSecretKeyPRF()
-    {
-        return Arrays.clone(secretKeyPRF);
-    }
-
-    public byte[] getPublicSeed()
-    {
-        return Arrays.clone(publicSeed);
-    }
-
-    public byte[] getRoot()
-    {
-        return Arrays.clone(root);
-    }
-
-    public byte[] getBdsState()
-    {
-        return Arrays.clone(bdsState);
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(new ASN1Integer(0)); // version
-
-        ASN1EncodableVector vK = new ASN1EncodableVector();
-
-        vK.add(new ASN1Integer(index));
-        vK.add(new DEROctetString(secretKeySeed));
-        vK.add(new DEROctetString(secretKeyPRF));
-        vK.add(new DEROctetString(publicSeed));
-        vK.add(new DEROctetString(root));
-
-        v.add(new DERSequence(vK));
-        v.add(new DERTaggedObject(true, 0, new DEROctetString(bdsState)));
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/XMSSMTPublicKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/asn1/XMSSMTPublicKey.java
deleted file mode 100644
index 8c7c0a9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/XMSSMTPublicKey.java
+++ /dev/null

@@ -1,82 +0,0 @@
-package org.bouncycastle.pqc.asn1;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.util.Arrays;
-
-/**
- * XMSSMTPublicKey
- * <pre>
- *     XMSSMTPublicKey ::= SEQUENCE {
- *         version       INTEGER -- 0
- *         publicSeed    OCTET STRING
- *         root          OCTET STRING
- *    }
- * </pre>
- */
-public class XMSSMTPublicKey
-    extends ASN1Object
-{
-    private final byte[] publicSeed;
-    private final byte[] root;
-
-    public XMSSMTPublicKey(byte[] publicSeed, byte[] root)
-    {
-        this.publicSeed = Arrays.clone(publicSeed);
-        this.root = Arrays.clone(root);
-    }
-
-    private XMSSMTPublicKey(ASN1Sequence seq)
-    {
-        if (!ASN1Integer.getInstance(seq.getObjectAt(0)).getValue().equals(BigInteger.valueOf(0)))
-        {
-            throw new IllegalArgumentException("unknown version of sequence");
-        }
-
-        this.publicSeed = Arrays.clone(DEROctetString.getInstance(seq.getObjectAt(1)).getOctets());
-        this.root = Arrays.clone(DEROctetString.getInstance(seq.getObjectAt(2)).getOctets());
-    }
-
-    public static XMSSMTPublicKey getInstance(Object o)
-    {
-        if (o instanceof XMSSMTPublicKey)
-        {
-            return (XMSSMTPublicKey)o;
-        }
-        else if (o != null)
-        {
-            return new XMSSMTPublicKey(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public byte[] getPublicSeed()
-    {
-        return Arrays.clone(publicSeed);
-    }
-
-    public byte[] getRoot()
-    {
-        return Arrays.clone(root);
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(new ASN1Integer(0)); // version
-
-        v.add(new DEROctetString(publicSeed));
-        v.add(new DEROctetString(root));
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/XMSSPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/asn1/XMSSPrivateKey.java
deleted file mode 100644
index 8bcda79..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/XMSSPrivateKey.java
+++ /dev/null

@@ -1,147 +0,0 @@
-package org.bouncycastle.pqc.asn1;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.DERTaggedObject;
-import org.bouncycastle.util.Arrays;
-
-/**
- * XMMSPrivateKey
- * <pre>
- *     XMMSPrivateKey ::= SEQUENCE {
- *         version INTEGER -- 0
- *         keyData SEQUENCE {
- *            index         INTEGER
- *            secretKeySeed OCTET STRING
- *            secretKeyPRF  OCTET STRING
- *            publicSeed    OCTET STRING
- *            root          OCTET STRING
- *         }
- *         bdsState CHOICE {
- *            platformSerialization [0] OCTET STRING
- *         } OPTIONAL
- *    }
- * </pre>
- */
-public class XMSSPrivateKey
-    extends ASN1Object
-{
-    private final int index;
-    private final byte[] secretKeySeed;
-    private final byte[] secretKeyPRF;
-    private final byte[] publicSeed;
-    private final byte[] root;
-    private final byte[] bdsState;
-
-    public XMSSPrivateKey(int index, byte[] secretKeySeed, byte[] secretKeyPRF, byte[] publicSeed, byte[] root, byte[] bdsState)
-    {
-        this.index = index;
-        this.secretKeySeed = Arrays.clone(secretKeySeed);
-        this.secretKeyPRF = Arrays.clone(secretKeyPRF);
-        this.publicSeed = Arrays.clone(publicSeed);
-        this.root = Arrays.clone(root);
-        this.bdsState = Arrays.clone(bdsState);
-    }
-
-    private XMSSPrivateKey(ASN1Sequence seq)
-    {
-        if (!ASN1Integer.getInstance(seq.getObjectAt(0)).getValue().equals(BigInteger.valueOf(0)))
-        {
-            throw new IllegalArgumentException("unknown version of sequence");
-        }
-
-        if (seq.size() != 2 && seq.size() != 3)
-        {
-            throw new IllegalArgumentException("key sequence wrong size");
-        }
-
-        ASN1Sequence keySeq = ASN1Sequence.getInstance(seq.getObjectAt(1));
-
-        this.index = ASN1Integer.getInstance(keySeq.getObjectAt(0)).getValue().intValue();
-        this.secretKeySeed = Arrays.clone(DEROctetString.getInstance(keySeq.getObjectAt(1)).getOctets());
-        this.secretKeyPRF = Arrays.clone(DEROctetString.getInstance(keySeq.getObjectAt(2)).getOctets());
-        this.publicSeed = Arrays.clone(DEROctetString.getInstance(keySeq.getObjectAt(3)).getOctets());
-        this.root = Arrays.clone(DEROctetString.getInstance(keySeq.getObjectAt(4)).getOctets());
-
-        if (seq.size() == 3)
-        {
-            this.bdsState = Arrays.clone(DEROctetString.getInstance(ASN1TaggedObject.getInstance(seq.getObjectAt(2)), true).getOctets());
-        }
-        else
-        {
-            this.bdsState = null;
-        }
-    }
-
-    public static XMSSPrivateKey getInstance(Object o)
-    {
-        if (o instanceof XMSSPrivateKey)
-        {
-            return (XMSSPrivateKey)o;
-        }
-        else if (o != null)
-        {
-            return new XMSSPrivateKey(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public int getIndex()
-    {
-        return index;
-    }
-
-    public byte[] getSecretKeySeed()
-    {
-        return Arrays.clone(secretKeySeed);
-    }
-
-    public byte[] getSecretKeyPRF()
-    {
-        return Arrays.clone(secretKeyPRF);
-    }
-
-    public byte[] getPublicSeed()
-    {
-        return Arrays.clone(publicSeed);
-    }
-
-    public byte[] getRoot()
-    {
-        return Arrays.clone(root);
-    }
-
-    public byte[] getBdsState()
-    {
-        return Arrays.clone(bdsState);
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(new ASN1Integer(0)); // version
-
-        ASN1EncodableVector vK = new ASN1EncodableVector();
-
-        vK.add(new ASN1Integer(index));
-        vK.add(new DEROctetString(secretKeySeed));
-        vK.add(new DEROctetString(secretKeyPRF));
-        vK.add(new DEROctetString(publicSeed));
-        vK.add(new DEROctetString(root));
-
-        v.add(new DERSequence(vK));
-        v.add(new DERTaggedObject(true, 0, new DEROctetString(bdsState)));
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/XMSSPublicKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/asn1/XMSSPublicKey.java
deleted file mode 100644
index 2973322..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/XMSSPublicKey.java
+++ /dev/null

@@ -1,82 +0,0 @@
-package org.bouncycastle.pqc.asn1;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1Object;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.util.Arrays;
-
-/**
- * XMSSPublicKey
- * <pre>
- *     XMSSPublicKey ::= SEQUENCE {
- *         version       INTEGER -- 0
- *         publicSeed    OCTET STRING
- *         root          OCTET STRING
- *    }
- * </pre>
- */
-public class XMSSPublicKey
-    extends ASN1Object
-{
-    private final byte[] publicSeed;
-    private final byte[] root;
-
-    public XMSSPublicKey(byte[] publicSeed, byte[] root)
-    {
-        this.publicSeed = Arrays.clone(publicSeed);
-        this.root = Arrays.clone(root);
-    }
-
-    private XMSSPublicKey(ASN1Sequence seq)
-    {
-        if (!ASN1Integer.getInstance(seq.getObjectAt(0)).getValue().equals(BigInteger.valueOf(0)))
-        {
-            throw new IllegalArgumentException("unknown version of sequence");
-        }
-
-        this.publicSeed = Arrays.clone(DEROctetString.getInstance(seq.getObjectAt(1)).getOctets());
-        this.root = Arrays.clone(DEROctetString.getInstance(seq.getObjectAt(2)).getOctets());
-    }
-
-    public static XMSSPublicKey getInstance(Object o)
-    {
-        if (o instanceof XMSSPublicKey)
-        {
-            return (XMSSPublicKey)o;
-        }
-        else if (o != null)
-        {
-            return new XMSSPublicKey(ASN1Sequence.getInstance(o));
-        }
-
-        return null;
-    }
-
-    public byte[] getPublicSeed()
-    {
-        return Arrays.clone(publicSeed);
-    }
-
-    public byte[] getRoot()
-    {
-        return Arrays.clone(root);
-    }
-
-    public ASN1Primitive toASN1Primitive()
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(new ASN1Integer(0)); // version
-
-        v.add(new DEROctetString(publicSeed));
-        v.add(new DEROctetString(root));
-
-        return new DERSequence(v);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/package.html b/bcprov/src/main/java/org/bouncycastle/pqc/asn1/package.html
deleted file mode 100644
index af07617..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/asn1/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-ASN.1 Support classes for PQC algorithms.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/DigestingMessageSigner.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/DigestingMessageSigner.java
deleted file mode 100644
index 4060e63..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/DigestingMessageSigner.java
+++ /dev/null

@@ -1,111 +0,0 @@
-package org.bouncycastle.pqc.crypto;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-
-
-/**
- * Implements the sign and verify functions for a Signature Scheme using a hash function to allow processing of large messages.
- */
-public class DigestingMessageSigner
-    implements Signer
-{
-    private final Digest messDigest;
-    private final MessageSigner messSigner;
-    private boolean forSigning;
-
-    public DigestingMessageSigner(MessageSigner messSigner, Digest messDigest)
-    {
-        this.messSigner = messSigner;
-        this.messDigest = messDigest;
-    }
-
-    public void init(boolean forSigning,
-                     CipherParameters param)
-    {
-
-        this.forSigning = forSigning;
-        AsymmetricKeyParameter k;
-
-        if (param instanceof ParametersWithRandom)
-        {
-            k = (AsymmetricKeyParameter)((ParametersWithRandom)param).getParameters();
-        }
-        else
-        {
-            k = (AsymmetricKeyParameter)param;
-        }
-
-        if (forSigning && !k.isPrivate())
-        {
-            throw new IllegalArgumentException("Signing Requires Private Key.");
-        }
-
-        if (!forSigning && k.isPrivate())
-        {
-            throw new IllegalArgumentException("Verification Requires Public Key.");
-        }
-
-        reset();
-
-        messSigner.init(forSigning, param);
-    }
-
-
-    /**
-     * This function signs the message that has been updated, making use of the
-     * private key.
-     *
-     * @return the signature of the message.
-     */
-    public byte[] generateSignature()
-    {
-        if (!forSigning)
-        {
-            throw new IllegalStateException("DigestingMessageSigner not initialised for signature generation.");
-        }
-
-        byte[] hash = new byte[messDigest.getDigestSize()];
-        messDigest.doFinal(hash, 0);
-
-        return messSigner.generateSignature(hash);
-    }
-
-    public void update(byte b)
-    {
-        messDigest.update(b);
-    }
-
-    public void update(byte[] in, int off, int len)
-    {
-        messDigest.update(in, off, len);
-    }
-
-    public void reset()
-    {
-        messDigest.reset();
-    }
-
-    /**
-     * This function verifies the signature of the message that has been
-     * updated, with the aid of the public key.
-     *
-     * @param signature the signature of the message is given as a byte array.
-     * @return true if the signature has been verified, false otherwise.
-     */
-    public boolean verifySignature(byte[] signature)
-    {
-        if (forSigning)
-        {
-            throw new IllegalStateException("DigestingMessageSigner not initialised for verification");
-        }
-
-        byte[] hash = new byte[messDigest.getDigestSize()];
-        messDigest.doFinal(hash, 0);
-
-        return messSigner.verifySignature(hash, signature);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/DigestingStateAwareMessageSigner.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/DigestingStateAwareMessageSigner.java
deleted file mode 100644
index 8be0cfb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/DigestingStateAwareMessageSigner.java
+++ /dev/null

@@ -1,39 +0,0 @@
-package org.bouncycastle.pqc.crypto;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-
-
-/**
- * Implements the sign and verify functions for a Signature Scheme using a hash function to allow processing of large messages.
- * <p>
- *  This class can be used with algorithms where the state associated with the private key changes as each signature is
- *  generated. Calling getUpdatedPrivateKey() will recover the private key that can be used to initialize a signer
- *  next time around.
- * </p>
- */
-public class DigestingStateAwareMessageSigner
-    extends DigestingMessageSigner
-{
-    private final StateAwareMessageSigner signer;
-
-    public DigestingStateAwareMessageSigner(StateAwareMessageSigner messSigner, Digest messDigest)
-    {
-        super(messSigner, messDigest);
-
-        this.signer = messSigner;
-    }
-
-    /**
-     * Return the current version of the private key with the updated state.
-     * <p>
-     * <b>Note:</b> calling this method will effectively disable the Signer from being used for further
-     *  signature generation without another call to init().
-     * </p>
-     * @return an updated private key object, which can be used for later signature generation.
-     */
-    public AsymmetricKeyParameter getUpdatedPrivateKey()
-    {
-        return signer.getUpdatedPrivateKey();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ExchangePair.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ExchangePair.java
deleted file mode 100644
index 49f7691..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ExchangePair.java
+++ /dev/null

@@ -1,45 +0,0 @@
-package org.bouncycastle.pqc.crypto;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Pair for a value exchange algorithm where the responding party has no private key, such as NewHope.
- */
-public class ExchangePair
-{
-    private final AsymmetricKeyParameter publicKey;
-    private final byte[] shared;
-
-    /**
-     * Base constructor.
-     *
-     * @param publicKey The responding party's public key.
-     * @param shared the calculated shared value.
-     */
-    public ExchangePair(AsymmetricKeyParameter publicKey, byte[] shared)
-    {
-        this.publicKey = publicKey;
-        this.shared = Arrays.clone(shared);
-    }
-
-    /**
-     * Return the responding party's public key.
-     *
-     * @return the public key calculated for the exchange.
-     */
-    public AsymmetricKeyParameter getPublicKey()
-    {
-        return publicKey;
-    }
-
-    /**
-     * Return the shared value calculated with public key.
-     *
-     * @return the shared value.
-     */
-    public byte[] getSharedValue()
-    {
-        return Arrays.clone(shared);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ExchangePairGenerator.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ExchangePairGenerator.java
deleted file mode 100644
index 5909dab..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ExchangePairGenerator.java
+++ /dev/null

@@ -1,26 +0,0 @@
-package org.bouncycastle.pqc.crypto;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-
-/**
- * Interface for NewHope style key material exchange generators.
- */
-public interface ExchangePairGenerator
-{
-    /**
-     * Generate an exchange pair based on the sender public key.
-     *
-     * @param senderPublicKey the public key of the exchange initiator.
-     * @return An ExchangePair derived from the sender public key.
-     * @deprecated use generateExchange
-     */
-    ExchangePair GenerateExchange(AsymmetricKeyParameter senderPublicKey);
-
-    /**
-     * Generate an exchange pair based on the sender public key.
-     *
-     * @param senderPublicKey the public key of the exchange initiator.
-     * @return An ExchangePair derived from the sender public key.
-     */
-    ExchangePair generateExchange(AsymmetricKeyParameter senderPublicKey);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/MessageEncryptor.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/MessageEncryptor.java
deleted file mode 100644
index ada5138..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/MessageEncryptor.java
+++ /dev/null

@@ -1,34 +0,0 @@
-package org.bouncycastle.pqc.crypto;
-
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-
-/**
- * Base interface for a PQC encryption algorithm.
- */
-public interface MessageEncryptor
-{
-
-    /**
-     *
-     * @param forEncrypting true if we are encrypting a signature, false
-     * otherwise.
-     * @param param key parameters for encryption or decryption.
-     */
-    public void init(boolean forEncrypting, CipherParameters param);
-
-    /**
-     *
-     * @param message the message to be signed.
-     */
-    public byte[] messageEncrypt(byte[] message);
-
-    /**
-     *
-     * @param cipher the cipher text of the message
-     * @throws InvalidCipherTextException
-     */
-    public byte[] messageDecrypt(byte[] cipher)
-        throws InvalidCipherTextException;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/MessageSigner.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/MessageSigner.java
deleted file mode 100644
index 4b172c8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/MessageSigner.java
+++ /dev/null

@@ -1,35 +0,0 @@
-package org.bouncycastle.pqc.crypto;
-
-import org.bouncycastle.crypto.CipherParameters;
-
-/**
- * Base interface for a PQC signing algorithm.
- */
-public interface MessageSigner
-{
-    /**
-     * initialise the signer for signature generation or signature
-     * verification.
-     *
-     * @param forSigning true if we are generating a signature, false
-     *                   otherwise.
-     * @param param      key parameters for signature generation.
-     */
-    public void init(boolean forSigning, CipherParameters param);
-
-    /**
-     * sign the passed in message (usually the output of a hash function).
-     *
-     * @param message the message to be signed.
-     * @return the signature of the message
-     */
-    public byte[] generateSignature(byte[] message);
-
-    /**
-     * verify the message message against the signature value.
-     *
-     * @param message the message that was supposed to have been signed.
-     * @param signature the signature of the message
-     */
-    public boolean verifySignature(byte[] message, byte[] signature);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/StateAwareMessageSigner.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/StateAwareMessageSigner.java
deleted file mode 100644
index 18ca835..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/StateAwareMessageSigner.java
+++ /dev/null

@@ -1,21 +0,0 @@
-package org.bouncycastle.pqc.crypto;
-
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-
-/**
- * Base interface for a PQC stateful signature algorithm.
- */
-public interface StateAwareMessageSigner
-    extends MessageSigner
-{
-    /**
-     * Return the current version of the private key with the updated state.
-     * <p>
-     * <b>Note:</b> calling this method will effectively disable the Signer from being used for further
-     *  signature generation without another call to init().
-     * </p>
-     * @return an updated private key object, which can be used for later signature generation.
-     */
-    public AsymmetricKeyParameter getUpdatedPrivateKey();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSDigestProvider.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSDigestProvider.java
deleted file mode 100644
index 4af1a8b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSDigestProvider.java
+++ /dev/null

@@ -1,8 +0,0 @@
-package org.bouncycastle.pqc.crypto.gmss;
-
-import org.bouncycastle.crypto.Digest;
-
-public interface GMSSDigestProvider
-{
-    Digest get();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSKeyGenerationParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSKeyGenerationParameters.java
deleted file mode 100644
index eace4d0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSKeyGenerationParameters.java
+++ /dev/null

@@ -1,26 +0,0 @@
-package org.bouncycastle.pqc.crypto.gmss;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.KeyGenerationParameters;
-
-public class GMSSKeyGenerationParameters
-    extends KeyGenerationParameters
-{
-
-    private GMSSParameters params;
-
-    public GMSSKeyGenerationParameters(
-        SecureRandom random,
-        GMSSParameters params)
-    {
-        // XXX key size?
-        super(random, 1);
-        this.params = params;
-    }
-
-    public GMSSParameters getParameters()
-    {
-        return params;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSKeyPairGenerator.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSKeyPairGenerator.java
deleted file mode 100644
index 95fff30..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSKeyPairGenerator.java
+++ /dev/null

@@ -1,470 +0,0 @@
-package org.bouncycastle.pqc.crypto.gmss;
-
-import java.security.SecureRandom;
-import java.util.Vector;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.pqc.crypto.gmss.util.GMSSRandom;
-import org.bouncycastle.pqc.crypto.gmss.util.WinternitzOTSVerify;
-import org.bouncycastle.pqc.crypto.gmss.util.WinternitzOTSignature;
-
-
-/**
- * This class implements key pair generation of the generalized Merkle signature
- * scheme (GMSS).
- *
- * @see GMSSSigner
- */
-public class GMSSKeyPairGenerator
-    implements AsymmetricCipherKeyPairGenerator
-{
-    /**
-     * The source of randomness for OTS private key generation
-     */
-    private GMSSRandom gmssRandom;
-
-    /**
-     * The hash function used for the construction of the authentication trees
-     */
-    private Digest messDigestTree;
-
-    /**
-     * An array of the seeds for the PRGN (for main tree, and all current
-     * subtrees)
-     */
-    private byte[][] currentSeeds;
-
-    /**
-     * An array of seeds for the PRGN (for all subtrees after next)
-     */
-    private byte[][] nextNextSeeds;
-
-    /**
-     * An array of the RootSignatures
-     */
-    private byte[][] currentRootSigs;
-
-    /**
-     * Class of hash function to use
-     */
-    private GMSSDigestProvider digestProvider;
-
-    /**
-     * The length of the seed for the PRNG
-     */
-    private int mdLength;
-
-    /**
-     * the number of Layers
-     */
-    private int numLayer;
-
-
-    /**
-     * Flag indicating if the class already has been initialized
-     */
-    private boolean initialized = false;
-
-    /**
-     * Instance of GMSSParameterset
-     */
-    private GMSSParameters gmssPS;
-
-    /**
-     * An array of the heights of the authentication trees of each layer
-     */
-    private int[] heightOfTrees;
-
-    /**
-     * An array of the Winternitz parameter 'w' of each layer
-     */
-    private int[] otsIndex;
-
-    /**
-     * The parameter K needed for the authentication path computation
-     */
-    private int[] K;
-
-    private GMSSKeyGenerationParameters gmssParams;
-
-    /**
-     * The GMSS OID.
-     */
-    public static final String OID = "1.3.6.1.4.1.8301.3.1.3.3";
-
-    /**
-     * The standard constructor tries to generate the GMSS algorithm identifier
-     * with the corresponding OID.
-     *
-     * @param digestProvider     provider for digest implementations.
-     */
-    public GMSSKeyPairGenerator(GMSSDigestProvider digestProvider)
-    {
-        this.digestProvider = digestProvider;
-        messDigestTree = digestProvider.get();
-
-        // set mdLength
-        this.mdLength = messDigestTree.getDigestSize();
-        // construct randomizer
-        this.gmssRandom = new GMSSRandom(messDigestTree);
-
-    }
-
-    /**
-     * Generates the GMSS key pair. The public key is an instance of
-     * JDKGMSSPublicKey, the private key is an instance of JDKGMSSPrivateKey.
-     *
-     * @return Key pair containing a JDKGMSSPublicKey and a JDKGMSSPrivateKey
-     */
-    private AsymmetricCipherKeyPair genKeyPair()
-    {
-        if (!initialized)
-        {
-            initializeDefault();
-        }
-
-        // initialize authenticationPaths and treehash instances
-        byte[][][] currentAuthPaths = new byte[numLayer][][];
-        byte[][][] nextAuthPaths = new byte[numLayer - 1][][];
-        Treehash[][] currentTreehash = new Treehash[numLayer][];
-        Treehash[][] nextTreehash = new Treehash[numLayer - 1][];
-
-        Vector[] currentStack = new Vector[numLayer];
-        Vector[] nextStack = new Vector[numLayer - 1];
-
-        Vector[][] currentRetain = new Vector[numLayer][];
-        Vector[][] nextRetain = new Vector[numLayer - 1][];
-
-        for (int i = 0; i < numLayer; i++)
-        {
-            currentAuthPaths[i] = new byte[heightOfTrees[i]][mdLength];
-            currentTreehash[i] = new Treehash[heightOfTrees[i] - K[i]];
-
-            if (i > 0)
-            {
-                nextAuthPaths[i - 1] = new byte[heightOfTrees[i]][mdLength];
-                nextTreehash[i - 1] = new Treehash[heightOfTrees[i] - K[i]];
-            }
-
-            currentStack[i] = new Vector();
-            if (i > 0)
-            {
-                nextStack[i - 1] = new Vector();
-            }
-        }
-
-        // initialize roots
-        byte[][] currentRoots = new byte[numLayer][mdLength];
-        byte[][] nextRoots = new byte[numLayer - 1][mdLength];
-        // initialize seeds
-        byte[][] seeds = new byte[numLayer][mdLength];
-        // initialize seeds[] by copying starting-seeds of first trees of each
-        // layer
-        for (int i = 0; i < numLayer; i++)
-        {
-            System.arraycopy(currentSeeds[i], 0, seeds[i], 0, mdLength);
-        }
-
-        // initialize rootSigs
-        currentRootSigs = new byte[numLayer - 1][mdLength];
-
-        // -------------------------
-        // -------------------------
-        // --- calculation of current authpaths and current rootsigs (AUTHPATHS,
-        // SIG)------
-        // from bottom up to the root
-        for (int h = numLayer - 1; h >= 0; h--)
-        {
-            GMSSRootCalc tree;
-
-            // on lowest layer no lower root is available, so just call
-            // the method with null as first parameter
-            if (h == numLayer - 1)
-            {
-                tree = this.generateCurrentAuthpathAndRoot(null, currentStack[h], seeds[h], h);
-            }
-            else
-            // otherwise call the method with the former computed root
-            // value
-            {
-                tree = this.generateCurrentAuthpathAndRoot(currentRoots[h + 1], currentStack[h], seeds[h], h);
-            }
-
-            // set initial values needed for the private key construction
-            for (int i = 0; i < heightOfTrees[h]; i++)
-            {
-                System.arraycopy(tree.getAuthPath()[i], 0, currentAuthPaths[h][i], 0, mdLength);
-            }
-            currentRetain[h] = tree.getRetain();
-            currentTreehash[h] = tree.getTreehash();
-            System.arraycopy(tree.getRoot(), 0, currentRoots[h], 0, mdLength);
-        }
-
-        // --- calculation of next authpaths and next roots (AUTHPATHS+, ROOTS+)
-        // ------
-        for (int h = numLayer - 2; h >= 0; h--)
-        {
-            GMSSRootCalc tree = this.generateNextAuthpathAndRoot(nextStack[h], seeds[h + 1], h + 1);
-
-            // set initial values needed for the private key construction
-            for (int i = 0; i < heightOfTrees[h + 1]; i++)
-            {
-                System.arraycopy(tree.getAuthPath()[i], 0, nextAuthPaths[h][i], 0, mdLength);
-            }
-            nextRetain[h] = tree.getRetain();
-            nextTreehash[h] = tree.getTreehash();
-            System.arraycopy(tree.getRoot(), 0, nextRoots[h], 0, mdLength);
-
-            // create seed for the Merkle tree after next (nextNextSeeds)
-            // SEEDs++
-            System.arraycopy(seeds[h + 1], 0, this.nextNextSeeds[h], 0, mdLength);
-        }
-        // ------------
-
-        // generate JDKGMSSPublicKey
-        GMSSPublicKeyParameters publicKey = new GMSSPublicKeyParameters(currentRoots[0], gmssPS);
-
-        // generate the JDKGMSSPrivateKey
-        GMSSPrivateKeyParameters privateKey = new GMSSPrivateKeyParameters(currentSeeds, nextNextSeeds, currentAuthPaths,
-            nextAuthPaths, currentTreehash, nextTreehash, currentStack, nextStack, currentRetain, nextRetain, nextRoots, currentRootSigs, gmssPS, digestProvider);
-
-        // return the KeyPair
-        return (new AsymmetricCipherKeyPair(publicKey, privateKey));
-    }
-
-    /**
-     * calculates the authpath for tree in layer h which starts with seed[h]
-     * additionally computes the rootSignature of underlaying root
-     *
-     * @param currentStack stack used for the treehash instance created by this method
-     * @param lowerRoot    stores the root of the lower tree
-     * @param seed        starting seeds
-     * @param h            actual layer
-     */
-    private GMSSRootCalc generateCurrentAuthpathAndRoot(byte[] lowerRoot, Vector currentStack, byte[] seed, int h)
-    {
-        byte[] help = new byte[mdLength];
-
-        byte[] OTSseed = new byte[mdLength];
-        OTSseed = gmssRandom.nextSeed(seed);
-
-        WinternitzOTSignature ots;
-
-        // data structure that constructs the whole tree and stores
-        // the initial values for treehash, Auth and retain
-        GMSSRootCalc treeToConstruct = new GMSSRootCalc(this.heightOfTrees[h], this.K[h], digestProvider);
-
-        treeToConstruct.initialize(currentStack);
-
-        // generate the first leaf
-        if (h == numLayer - 1)
-        {
-            ots = new WinternitzOTSignature(OTSseed, digestProvider.get(), otsIndex[h]);
-            help = ots.getPublicKey();
-        }
-        else
-        {
-            // for all layers except the lowest, generate the signature of the
-            // underlying root
-            // and reuse this signature to compute the first leaf of acual layer
-            // more efficiently (by verifiing the signature)
-            ots = new WinternitzOTSignature(OTSseed, digestProvider.get(), otsIndex[h]);
-            currentRootSigs[h] = ots.getSignature(lowerRoot);
-            WinternitzOTSVerify otsver = new WinternitzOTSVerify(digestProvider.get(), otsIndex[h]);
-            help = otsver.Verify(lowerRoot, currentRootSigs[h]);
-        }
-        // update the tree with the first leaf
-        treeToConstruct.update(help);
-
-        int seedForTreehashIndex = 3;
-        int count = 0;
-
-        // update the tree 2^(H) - 1 times, from the second to the last leaf
-        for (int i = 1; i < (1 << this.heightOfTrees[h]); i++)
-        {
-            // initialize the seeds for the leaf generation with index 3 * 2^h
-            if (i == seedForTreehashIndex && count < this.heightOfTrees[h] - this.K[h])
-            {
-                treeToConstruct.initializeTreehashSeed(seed, count);
-                seedForTreehashIndex *= 2;
-                count++;
-            }
-
-            OTSseed = gmssRandom.nextSeed(seed);
-            ots = new WinternitzOTSignature(OTSseed, digestProvider.get(), otsIndex[h]);
-            treeToConstruct.update(ots.getPublicKey());
-        }
-
-        if (treeToConstruct.wasFinished())
-        {
-            return treeToConstruct;
-        }
-        System.err.println("Baum noch nicht fertig konstruiert!!!");
-        return null;
-    }
-
-    /**
-     * calculates the authpath and root for tree in layer h which starts with
-     * seed[h]
-     *
-     * @param nextStack stack used for the treehash instance created by this method
-     * @param seed      starting seeds
-     * @param h         actual layer
-     */
-    private GMSSRootCalc generateNextAuthpathAndRoot(Vector nextStack, byte[] seed, int h)
-    {
-        byte[] OTSseed = new byte[numLayer];
-        WinternitzOTSignature ots;
-
-        // data structure that constructs the whole tree and stores
-        // the initial values for treehash, Auth and retain
-        GMSSRootCalc treeToConstruct = new GMSSRootCalc(this.heightOfTrees[h], this.K[h], this.digestProvider);
-        treeToConstruct.initialize(nextStack);
-
-        int seedForTreehashIndex = 3;
-        int count = 0;
-
-        // update the tree 2^(H) times, from the first to the last leaf
-        for (int i = 0; i < (1 << this.heightOfTrees[h]); i++)
-        {
-            // initialize the seeds for the leaf generation with index 3 * 2^h
-            if (i == seedForTreehashIndex && count < this.heightOfTrees[h] - this.K[h])
-            {
-                treeToConstruct.initializeTreehashSeed(seed, count);
-                seedForTreehashIndex *= 2;
-                count++;
-            }
-
-            OTSseed = gmssRandom.nextSeed(seed);
-            ots = new WinternitzOTSignature(OTSseed, digestProvider.get(), otsIndex[h]);
-            treeToConstruct.update(ots.getPublicKey());
-        }
-
-        if (treeToConstruct.wasFinished())
-        {
-            return treeToConstruct;
-        }
-        System.err.println("N�chster Baum noch nicht fertig konstruiert!!!");
-        return null;
-    }
-
-    /**
-     * This method initializes the GMSS KeyPairGenerator using an integer value
-     * <code>keySize</code> as input. It provides a simple use of the GMSS for
-     * testing demands.
-     * <p>
-     * A given <code>keysize</code> of less than 10 creates an amount 2^10
-     * signatures. A keySize between 10 and 20 creates 2^20 signatures. Given an
-     * integer greater than 20 the key pair generator creates 2^40 signatures.
-     *
-     * @param keySize      Assigns the parameters used for the GMSS signatures. There are
-     *                     3 choices:<br>
-     *                     1. keysize &lt;= 10: creates 2^10 signatures using the
-     *                     parameterset<br>
-     *                     P = (2, (5, 5), (3, 3), (3, 3))<br>
-     *                     2. keysize &gt; 10 and &lt;= 20: creates 2^20 signatures using the
-     *                     parameterset<br>
-     *                     P = (2, (10, 10), (5, 4), (2, 2))<br>
-     *                     3. keysize &gt; 20: creates 2^40 signatures using the
-     *                     parameterset<br>
-     *                     P = (2, (10, 10, 10, 10), (9, 9, 9, 3), (2, 2, 2, 2))
-     * @param secureRandom not used by GMSS, the SHA1PRNG of the SUN Provider is always
-     *                     used
-     */
-    public void initialize(int keySize, SecureRandom secureRandom)
-    {
-
-        KeyGenerationParameters kgp;
-        if (keySize <= 10)
-        { // create 2^10 keys
-            int[] defh = {10};
-            int[] defw = {3};
-            int[] defk = {2};
-            // XXX sec random neede?
-            kgp = new GMSSKeyGenerationParameters(secureRandom, new GMSSParameters(defh.length, defh, defw, defk));
-        }
-        else if (keySize <= 20)
-        { // create 2^20 keys
-            int[] defh = {10, 10};
-            int[] defw = {5, 4};
-            int[] defk = {2, 2};
-            kgp = new GMSSKeyGenerationParameters(secureRandom, new GMSSParameters(defh.length, defh, defw, defk));
-        }
-        else
-        { // create 2^40 keys, keygen lasts around 80 seconds
-            int[] defh = {10, 10, 10, 10};
-            int[] defw = {9, 9, 9, 3};
-            int[] defk = {2, 2, 2, 2};
-            kgp = new GMSSKeyGenerationParameters(secureRandom, new GMSSParameters(defh.length, defh, defw, defk));
-        }
-
-        // call the initializer with the chosen parameters
-        this.initialize(kgp);
-
-    }
-
-
-    /**
-     * Initalizes the key pair generator using a parameter set as input
-     */
-    public void initialize(KeyGenerationParameters param)
-    {
-
-        this.gmssParams = (GMSSKeyGenerationParameters)param;
-
-        // generate GMSSParameterset
-        this.gmssPS = new GMSSParameters(gmssParams.getParameters().getNumOfLayers(), gmssParams.getParameters().getHeightOfTrees(),
-            gmssParams.getParameters().getWinternitzParameter(), gmssParams.getParameters().getK());
-
-        this.numLayer = gmssPS.getNumOfLayers();
-        this.heightOfTrees = gmssPS.getHeightOfTrees();
-        this.otsIndex = gmssPS.getWinternitzParameter();
-        this.K = gmssPS.getK();
-
-        // seeds
-        this.currentSeeds = new byte[numLayer][mdLength];
-        this.nextNextSeeds = new byte[numLayer - 1][mdLength];
-
-        // construct SecureRandom for initial seed generation
-        SecureRandom secRan = CryptoServicesRegistrar.getSecureRandom();
-
-        // generation of initial seeds
-        for (int i = 0; i < numLayer; i++)
-        {
-            secRan.nextBytes(currentSeeds[i]);
-            gmssRandom.nextSeed(currentSeeds[i]);
-        }
-
-        this.initialized = true;
-    }
-
-    /**
-     * This method is called by generateKeyPair() in case that no other
-     * initialization method has been called by the user
-     */
-    private void initializeDefault()
-    {
-        int[] defh = {10, 10, 10, 10};
-        int[] defw = {3, 3, 3, 3};
-        int[] defk = {2, 2, 2, 2};
-
-        KeyGenerationParameters kgp = new GMSSKeyGenerationParameters(CryptoServicesRegistrar.getSecureRandom(), new GMSSParameters(defh.length, defh, defw, defk));
-        this.initialize(kgp);
-
-    }
-
-    public void init(KeyGenerationParameters param)
-    {
-        this.initialize(param);
-
-    }
-
-    public AsymmetricCipherKeyPair generateKeyPair()
-    {
-        return genKeyPair();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSKeyParameters.java
deleted file mode 100644
index 53f6e43..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSKeyParameters.java
+++ /dev/null

@@ -1,22 +0,0 @@
-package org.bouncycastle.pqc.crypto.gmss;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-
-public class GMSSKeyParameters
-    extends AsymmetricKeyParameter
-{
-    private GMSSParameters params;
-
-    public GMSSKeyParameters(
-        boolean isPrivate,
-        GMSSParameters params)
-    {
-        super(isPrivate);
-        this.params = params;
-    }
-
-    public GMSSParameters getParameters()
-    {
-        return params;
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSLeaf.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSLeaf.java
deleted file mode 100644
index 8cbfe8d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSLeaf.java
+++ /dev/null

@@ -1,372 +0,0 @@
-package org.bouncycastle.pqc.crypto.gmss;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.pqc.crypto.gmss.util.GMSSRandom;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-
-
-/**
- * This class implements the distributed computation of the public key of the
- * Winternitz one-time signature scheme (OTSS). The class is used by the GMSS
- * classes for calculation of upcoming leafs.
- */
-public class GMSSLeaf
-{
-
-    /**
-     * The hash function used by the OTS and the PRNG
-     */
-    private Digest messDigestOTS;
-
-    /**
-     * The length of the message digest and private key
-     */
-    private int mdsize, keysize;
-
-    /**
-     * The source of randomness for OTS private key generation
-     */
-    private GMSSRandom gmssRandom;
-
-    /**
-     * Byte array for distributed computation of the upcoming leaf
-     */
-    private byte[] leaf;
-
-    /**
-     * Byte array for storing the concatenated hashes of private key parts
-     */
-    private byte[] concHashs;
-
-    /**
-     * indices for distributed computation
-     */
-    private int i, j;
-
-    /**
-     * storing 2^w
-     */
-    private int two_power_w;
-
-    /**
-     * Winternitz parameter w
-     */
-    private int w;
-
-    /**
-     * the amount of distributed computation steps when updateLeaf is called
-     */
-    private int steps;
-
-    /**
-     * the internal seed
-     */
-    private byte[] seed;
-
-    /**
-     * the OTS privateKey parts
-     */
-    byte[] privateKeyOTS;
-
-    /**
-     * This constructor regenerates a prior GMSSLeaf object
-     *
-     * @param digest   an array of strings, containing the name of the used hash
-     *                 function and PRNG and the name of the corresponding
-     *                 provider
-     * @param otsIndex status bytes
-     * @param numLeafs status ints
-     */
-    public GMSSLeaf(Digest digest, byte[][] otsIndex, int[] numLeafs)
-    {
-        this.i = numLeafs[0];
-        this.j = numLeafs[1];
-        this.steps = numLeafs[2];
-        this.w = numLeafs[3];
-
-        messDigestOTS = digest;
-
-        gmssRandom = new GMSSRandom(messDigestOTS);
-
-        // calulate keysize for private key and the help array
-        mdsize = messDigestOTS.getDigestSize();
-        int mdsizeBit = mdsize << 3;
-        int messagesize = (int)Math.ceil((double)(mdsizeBit) / (double)w);
-        int checksumsize = getLog((messagesize << w) + 1);
-        this.keysize = messagesize
-            + (int)Math.ceil((double)checksumsize / (double)w);
-        this.two_power_w = 1 << w;
-
-        // calculate steps
-        // ((2^w)-1)*keysize + keysize + 1 / (2^h -1)
-
-        // initialize arrays
-        this.privateKeyOTS = otsIndex[0];
-        this.seed = otsIndex[1];
-        this.concHashs = otsIndex[2];
-        this.leaf = otsIndex[3];
-    }
-
-    /**
-     * The constructor precomputes some needed variables for distributed leaf
-     * calculation
-     *
-     * @param digest   an array of strings, containing the digest of the used hash
-     *                 function and PRNG and the digest of the corresponding
-     *                 provider
-     * @param w        the winterniz parameter of that tree the leaf is computed
-     *                 for
-     * @param numLeafs the number of leafs of the tree from where the distributed
-     *                 computation is called
-     */
-    GMSSLeaf(Digest digest, int w, int numLeafs)
-    {
-        this.w = w;
-
-        messDigestOTS = digest;
-
-        gmssRandom = new GMSSRandom(messDigestOTS);
-
-        // calulate keysize for private key and the help array
-        mdsize = messDigestOTS.getDigestSize();
-        int mdsizeBit = mdsize << 3;
-        int messagesize = (int)Math.ceil((double)(mdsizeBit) / (double)w);
-        int checksumsize = getLog((messagesize << w) + 1);
-        this.keysize = messagesize
-            + (int)Math.ceil((double)checksumsize / (double)w);
-        this.two_power_w = 1 << w;
-
-        // calculate steps
-        // ((2^w)-1)*keysize + keysize + 1 / (2^h -1)
-        this.steps = (int)Math
-            .ceil((double)(((1 << w) - 1) * keysize + 1 + keysize)
-                / (double)(numLeafs));
-
-        // initialize arrays
-        this.seed = new byte[mdsize];
-        this.leaf = new byte[mdsize];
-        this.privateKeyOTS = new byte[mdsize];
-        this.concHashs = new byte[mdsize * keysize];
-    }
-
-    public GMSSLeaf(Digest digest, int w, int numLeafs, byte[] seed0)
-    {
-        this.w = w;
-
-        messDigestOTS = digest;
-
-        gmssRandom = new GMSSRandom(messDigestOTS);
-
-        // calulate keysize for private key and the help array
-        mdsize = messDigestOTS.getDigestSize();
-        int mdsizeBit = mdsize << 3;
-        int messagesize = (int)Math.ceil((double)(mdsizeBit) / (double)w);
-        int checksumsize = getLog((messagesize << w) + 1);
-        this.keysize = messagesize
-            + (int)Math.ceil((double)checksumsize / (double)w);
-        this.two_power_w = 1 << w;
-
-        // calculate steps
-        // ((2^w)-1)*keysize + keysize + 1 / (2^h -1)
-        this.steps = (int)Math
-            .ceil((double)(((1 << w) - 1) * keysize + 1 + keysize)
-                / (double)(numLeafs));
-
-        // initialize arrays
-        this.seed = new byte[mdsize];
-        this.leaf = new byte[mdsize];
-        this.privateKeyOTS = new byte[mdsize];
-        this.concHashs = new byte[mdsize * keysize];
-
-        initLeafCalc(seed0);
-    }
-
-    private GMSSLeaf(GMSSLeaf original)
-    {
-        this.messDigestOTS = original.messDigestOTS;
-        this.mdsize = original.mdsize;
-        this.keysize = original.keysize;
-        this.gmssRandom = original.gmssRandom;
-        this.leaf = Arrays.clone(original.leaf);
-        this.concHashs = Arrays.clone(original.concHashs);
-        this.i = original.i;
-        this.j = original.j;
-        this.two_power_w = original.two_power_w;
-        this.w = original.w;
-        this.steps = original.steps;
-        this.seed = Arrays.clone(original.seed);
-        this.privateKeyOTS = Arrays.clone(original.privateKeyOTS);
-    }
-
-    /**
-     * initialize the distributed leaf calculation reset i,j and compute OTSseed
-     * with seed0
-     *
-     * @param seed0 the starting seed
-     */
-    // TODO: this really looks like it should be either always called from a constructor or nextLeaf.
-    void initLeafCalc(byte[] seed0)
-    {
-        this.i = 0;
-        this.j = 0;
-        byte[] dummy = new byte[mdsize];
-        System.arraycopy(seed0, 0, dummy, 0, seed.length);
-        this.seed = gmssRandom.nextSeed(dummy);
-    }
-
-    GMSSLeaf nextLeaf()
-    {
-        GMSSLeaf nextLeaf = new GMSSLeaf(this);
-
-        nextLeaf.updateLeafCalc();
-
-        return nextLeaf;
-    }
-
-    /**
-     * Processes <code>steps</code> steps of distributed leaf calculation
-     *
-     * @return true if leaf is completed, else false
-     */
-    private void updateLeafCalc()
-    {
-        byte[] buf = new byte[messDigestOTS.getDigestSize()];
-
-        // steps times do
-        // TODO: this really needs to be looked at, the 10000 has been added as
-        // prior to this the leaf value always ended up as zeros.
-        for (int s = 0; s < steps + 10000; s++)
-        {
-            if (i == keysize && j == two_power_w - 1)
-            { // [3] at last hash the
-                // concatenation
-                messDigestOTS.update(concHashs, 0, concHashs.length);
-                leaf = new byte[messDigestOTS.getDigestSize()];
-                messDigestOTS.doFinal(leaf, 0);
-                return;
-            }
-            else if (i == 0 || j == two_power_w - 1)
-            { // [1] at the
-                // beginning and
-                // when [2] is
-                // finished: get the
-                // next private key
-                // part
-                i++;
-                j = 0;
-                // get next privKey part
-                this.privateKeyOTS = gmssRandom.nextSeed(seed);
-            }
-            else
-            { // [2] hash the privKey part
-                messDigestOTS.update(privateKeyOTS, 0, privateKeyOTS.length);
-                privateKeyOTS = buf;
-                messDigestOTS.doFinal(privateKeyOTS, 0);
-                j++;
-                if (j == two_power_w - 1)
-                { // after w hashes add to the
-                    // concatenated array
-                    System.arraycopy(privateKeyOTS, 0, concHashs, mdsize
-                        * (i - 1), mdsize);
-                }
-            }
-        }
-
-        throw new IllegalStateException("unable to updateLeaf in steps: " + steps + " " + i + " " + j);
-    }
-
-    /**
-     * Returns the leaf value.
-     *
-     * @return the leaf value
-     */
-    public byte[] getLeaf()
-    {
-        return Arrays.clone(leaf);
-    }
-
-    /**
-     * This method returns the least integer that is greater or equal to the
-     * logarithm to the base 2 of an integer <code>intValue</code>.
-     *
-     * @param intValue an integer
-     * @return The least integer greater or equal to the logarithm to the base 2
-     * of <code>intValue</code>
-     */
-    private int getLog(int intValue)
-    {
-        int log = 1;
-        int i = 2;
-        while (i < intValue)
-        {
-            i <<= 1;
-            log++;
-        }
-        return log;
-    }
-
-    /**
-     * Returns the status byte array used by the GMSSPrivateKeyASN.1 class
-     *
-     * @return The status bytes
-     */
-    public byte[][] getStatByte()
-    {
-
-        byte[][] statByte = new byte[4][];
-        statByte[0] = privateKeyOTS;
-        statByte[1] = seed;
-        statByte[2] = concHashs;
-        statByte[3] = leaf;
-
-        return statByte;
-    }
-
-    /**
-     * Returns the status int array used by the GMSSPrivateKeyASN.1 class
-     *
-     * @return The status ints
-     */
-    public int[] getStatInt()
-    {
-
-        int[] statInt = new int[4];
-        statInt[0] = i;
-        statInt[1] = j;
-        statInt[2] = steps;
-        statInt[3] = w;
-        return statInt;
-    }
-
-    /**
-     * Returns a String representation of the main part of this element
-     *
-     * @return a String representation of the main part of this element
-     */
-    public String toString()
-    {
-        String out = "";
-
-        for (int i = 0; i < 4; i++)
-        {
-            out = out + this.getStatInt()[i] + " ";
-        }
-        out = out + " " + this.mdsize + " " + this.keysize + " "
-            + this.two_power_w + " ";
-
-        byte[][] temp = this.getStatByte();
-        for (int i = 0; i < 4; i++)
-        {
-            if (temp[i] != null)
-            {
-                out = out + new String(Hex.encode(temp[i])) + " ";
-            }
-            else
-            {
-                out = out + "null ";
-            }
-        }
-        return out;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSParameters.java
deleted file mode 100644
index aa89f76..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSParameters.java
+++ /dev/null

@@ -1,155 +0,0 @@
-package org.bouncycastle.pqc.crypto.gmss;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * This class provides a specification for the GMSS parameters that are used by
- * the GMSSKeyPairGenerator and GMSSSignature classes.
- *
- * @see org.bouncycastle.pqc.crypto.gmss.GMSSKeyPairGenerator
- */
-public class GMSSParameters
-{
-    /**
-     * The number of authentication tree layers.
-     */
-    private int numOfLayers;
-
-    /**
-     * The height of the authentication trees of each layer.
-     */
-    private int[] heightOfTrees;
-
-    /**
-     * The Winternitz Parameter 'w' of each layer.
-     */
-    private int[] winternitzParameter;
-
-    /**
-     * The parameter K needed for the authentication path computation
-     */
-    private int[] K;
-
-    /**
-     * The constructor for the parameters of the GMSSKeyPairGenerator.
-     *
-     * @param layers              the number of authentication tree layers
-     * @param heightOfTrees       the height of the authentication trees
-     * @param winternitzParameter the Winternitz Parameter 'w' of each layer
-     * @param K                   parameter for authpath computation
-     */
-    public GMSSParameters(int layers, int[] heightOfTrees, int[] winternitzParameter, int[] K)
-        throws IllegalArgumentException
-    {
-        init(layers, heightOfTrees, winternitzParameter, K);
-    }
-
-    private void init(int layers, int[] heightOfTrees,
-                      int[] winternitzParameter, int[] K)
-        throws IllegalArgumentException
-    {
-        boolean valid = true;
-        String errMsg = "";
-        this.numOfLayers = layers;
-        if ((numOfLayers != winternitzParameter.length)
-            || (numOfLayers != heightOfTrees.length)
-            || (numOfLayers != K.length))
-        {
-            valid = false;
-            errMsg = "Unexpected parameterset format";
-        }
-        for (int i = 0; i < numOfLayers; i++)
-        {
-            if ((K[i] < 2) || ((heightOfTrees[i] - K[i]) % 2 != 0))
-            {
-                valid = false;
-                errMsg = "Wrong parameter K (K >= 2 and H-K even required)!";
-            }
-
-            if ((heightOfTrees[i] < 4) || (winternitzParameter[i] < 2))
-            {
-                valid = false;
-                errMsg = "Wrong parameter H or w (H > 3 and w > 1 required)!";
-            }
-        }
-
-        if (valid)
-        {
-            this.heightOfTrees = Arrays.clone(heightOfTrees);
-            this.winternitzParameter = Arrays.clone(winternitzParameter);
-            this.K = Arrays.clone(K);
-        }
-        else
-        {
-            throw new IllegalArgumentException(errMsg);
-        }
-    }
-
-    public GMSSParameters(int keySize)
-        throws IllegalArgumentException
-    {
-        if (keySize <= 10)
-        { // create 2^10 keys
-            int[] defh = {10};
-            int[] defw = {3};
-            int[] defk = {2};
-            this.init(defh.length, defh, defw, defk);
-        }
-        else if (keySize <= 20)
-        { // create 2^20 keys
-            int[] defh = {10, 10};
-            int[] defw = {5, 4};
-            int[] defk = {2, 2};
-            this.init(defh.length, defh, defw, defk);
-        }
-        else
-        { // create 2^40 keys, keygen lasts around 80 seconds
-            int[] defh = {10, 10, 10, 10};
-            int[] defw = {9, 9, 9, 3};
-            int[] defk = {2, 2, 2, 2};
-            this.init(defh.length, defh, defw, defk);
-        }
-    }
-
-    /**
-     * Returns the number of levels of the authentication trees.
-     *
-     * @return The number of levels of the authentication trees.
-     */
-    public int getNumOfLayers()
-    {
-        return numOfLayers;
-    }
-
-    /**
-     * Returns the array of height (for each layer) of the authentication trees
-     *
-     * @return The array of height (for each layer) of the authentication trees
-     */
-    public int[] getHeightOfTrees()
-    {
-        return Arrays.clone(heightOfTrees);
-    }
-
-    /**
-     * Returns the array of WinternitzParameter (for each layer) of the
-     * authentication trees
-     *
-     * @return The array of WinternitzParameter (for each layer) of the
-     *         authentication trees
-     */
-    public int[] getWinternitzParameter()
-    {
-        return Arrays.clone(winternitzParameter);
-    }
-
-    /**
-     * Returns the parameter K needed for authentication path computation
-     *
-     * @return The parameter K needed for authentication path computation
-     */
-    public int[] getK()
-    {
-        return Arrays.clone(K);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSPrivateKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSPrivateKeyParameters.java
deleted file mode 100644
index ffce88d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSPrivateKeyParameters.java
+++ /dev/null

@@ -1,1041 +0,0 @@
-package org.bouncycastle.pqc.crypto.gmss;
-
-import java.util.Vector;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.pqc.crypto.gmss.util.GMSSRandom;
-import org.bouncycastle.pqc.crypto.gmss.util.WinternitzOTSignature;
-import org.bouncycastle.util.Arrays;
-
-
-/**
- * This class provides a specification for a GMSS private key.
- */
-public class GMSSPrivateKeyParameters
-    extends GMSSKeyParameters
-{
-    private int[] index;
-
-    private byte[][] currentSeeds;
-    private byte[][] nextNextSeeds;
-
-    private byte[][][] currentAuthPaths;
-    private byte[][][] nextAuthPaths;
-
-    private Treehash[][] currentTreehash;
-    private Treehash[][] nextTreehash;
-
-    private Vector[] currentStack;
-    private Vector[] nextStack;
-
-    private Vector[][] currentRetain;
-    private Vector[][] nextRetain;
-
-    private byte[][][] keep;
-
-    private GMSSLeaf[] nextNextLeaf;
-    private GMSSLeaf[] upperLeaf;
-    private GMSSLeaf[] upperTreehashLeaf;
-
-    private int[] minTreehash;
-
-    private GMSSParameters gmssPS;
-
-    private byte[][] nextRoot;
-    private GMSSRootCalc[] nextNextRoot;
-
-    private byte[][] currentRootSig;
-    private GMSSRootSig[] nextRootSig;
-
-    private GMSSDigestProvider digestProvider;
-
-    private boolean used = false;
-
-    /**
-     * An array of the heights of the authentication trees of each layer
-     */
-    private int[] heightOfTrees;
-
-    /**
-     * An array of the Winternitz parameter 'w' of each layer
-     */
-    private int[] otsIndex;
-
-    /**
-     * The parameter K needed for the authentication path computation
-     */
-    private int[] K;
-
-    /**
-     * the number of Layers
-     */
-    private int numLayer;
-
-    /**
-     * The hash function used to construct the authentication trees
-     */
-    private Digest messDigestTrees;
-
-    /**
-     * The message digest length
-     */
-    private int mdLength;
-
-    /**
-     * The PRNG used for private key generation
-     */
-    private GMSSRandom gmssRandom;
-
-
-    /**
-     * The number of leafs of one tree of each layer
-     */
-    private int[] numLeafs;
-
-
-    /**
-     * Generates a new GMSS private key
-     *
-     * @param currentSeed      seed for the generation of private OTS keys for the
-     *                         current subtrees
-     * @param nextNextSeed     seed for the generation of private OTS keys for the next
-     *                         subtrees
-     * @param currentAuthPath  array of current authentication paths
-     * @param nextAuthPath     array of next authentication paths
-     * @param currentTreehash  array of current treehash instances
-     * @param nextTreehash     array of next treehash instances
-     * @param currentStack     array of current shared stacks
-     * @param nextStack        array of next shared stacks
-     * @param currentRetain    array of current retain stacks
-     * @param nextRetain       array of next retain stacks
-     * @param nextRoot         the roots of the next subtree
-     * @param currentRootSig   array of signatures of the roots of the current subtrees
-     * @param gmssParameterset the GMSS Parameterset
-     * @see org.bouncycastle.pqc.crypto.gmss.GMSSKeyPairGenerator
-     */
-
-    public GMSSPrivateKeyParameters(byte[][] currentSeed, byte[][] nextNextSeed,
-                                    byte[][][] currentAuthPath, byte[][][] nextAuthPath,
-                                    Treehash[][] currentTreehash, Treehash[][] nextTreehash,
-                                    Vector[] currentStack, Vector[] nextStack,
-                                    Vector[][] currentRetain, Vector[][] nextRetain, byte[][] nextRoot,
-                                    byte[][] currentRootSig, GMSSParameters gmssParameterset,
-                                    GMSSDigestProvider digestProvider)
-    {
-        this(null, currentSeed, nextNextSeed, currentAuthPath, nextAuthPath,
-            null, currentTreehash, nextTreehash, currentStack, nextStack,
-            currentRetain, nextRetain, null, null, null, null, nextRoot,
-            null, currentRootSig, null, gmssParameterset, digestProvider);
-    }
-
-    /**
-     * /**
-     *
-     * @param index             tree indices
-     * @param keep              keep array for the authPath algorithm
-     * @param currentTreehash   treehash for authPath algorithm of current tree
-     * @param nextTreehash      treehash for authPath algorithm of next tree (TREE+)
-     * @param currentStack      shared stack for authPath algorithm of current tree
-     * @param nextStack         shared stack for authPath algorithm of next tree (TREE+)
-     * @param currentRetain     retain stack for authPath algorithm of current tree
-     * @param nextRetain        retain stack for authPath algorithm of next tree (TREE+)
-     * @param nextNextLeaf      array of upcoming leafs of the tree after next (LEAF++) of
-     *                          each layer
-     * @param upperLeaf         needed for precomputation of upper nodes
-     * @param upperTreehashLeaf needed for precomputation of upper treehash nodes
-     * @param minTreehash       index of next treehash instance to receive an update
-     * @param nextRoot          the roots of the next trees (ROOT+)
-     * @param nextNextRoot      the roots of the tree after next (ROOT++)
-     * @param currentRootSig    array of signatures of the roots of the current subtrees
-     *                          (SIG)
-     * @param nextRootSig       array of signatures of the roots of the next subtree
-     *                          (SIG+)
-     * @param gmssParameterset  the GMSS Parameterset
-     */
-    public GMSSPrivateKeyParameters(int[] index, byte[][] currentSeeds,
-                                    byte[][] nextNextSeeds, byte[][][] currentAuthPaths,
-                                    byte[][][] nextAuthPaths, byte[][][] keep,
-                                    Treehash[][] currentTreehash, Treehash[][] nextTreehash,
-                                    Vector[] currentStack, Vector[] nextStack,
-                                    Vector[][] currentRetain, Vector[][] nextRetain,
-                                    GMSSLeaf[] nextNextLeaf, GMSSLeaf[] upperLeaf,
-                                    GMSSLeaf[] upperTreehashLeaf, int[] minTreehash, byte[][] nextRoot,
-                                    GMSSRootCalc[] nextNextRoot, byte[][] currentRootSig,
-                                    GMSSRootSig[] nextRootSig, GMSSParameters gmssParameterset,
-                                    GMSSDigestProvider digestProvider)
-    {
-
-        super(true, gmssParameterset);
-
-        // construct message digest
-
-        this.messDigestTrees = digestProvider.get();
-        this.mdLength = messDigestTrees.getDigestSize();
-
-
-        // Parameter
-        this.gmssPS = gmssParameterset;
-        this.otsIndex = gmssParameterset.getWinternitzParameter();
-        this.K = gmssParameterset.getK();
-        this.heightOfTrees = gmssParameterset.getHeightOfTrees();
-        // initialize numLayer
-        this.numLayer = gmssPS.getNumOfLayers();
-
-        // initialize index if null
-        if (index == null)
-        {
-            this.index = new int[numLayer];
-            for (int i = 0; i < numLayer; i++)
-            {
-                this.index[i] = 0;
-            }
-        }
-        else
-        {
-            this.index = index;
-        }
-
-        this.currentSeeds = currentSeeds;
-        this.nextNextSeeds = nextNextSeeds;
-
-        this.currentAuthPaths = Arrays.clone(currentAuthPaths);
-        this.nextAuthPaths = nextAuthPaths;
-
-        // initialize keep if null
-        if (keep == null)
-        {
-            this.keep = new byte[numLayer][][];
-            for (int i = 0; i < numLayer; i++)
-            {
-                this.keep[i] = new byte[(int)Math.floor(heightOfTrees[i] / 2)][mdLength];
-            }
-        }
-        else
-        {
-            this.keep = keep;
-        }
-
-        // initialize stack if null
-        if (currentStack == null)
-        {
-            this.currentStack = new Vector[numLayer];
-            for (int i = 0; i < numLayer; i++)
-            {
-                this.currentStack[i] = new Vector();
-            }
-        }
-        else
-        {
-            this.currentStack = currentStack;
-        }
-
-        // initialize nextStack if null
-        if (nextStack == null)
-        {
-            this.nextStack = new Vector[numLayer - 1];
-            for (int i = 0; i < numLayer - 1; i++)
-            {
-                this.nextStack[i] = new Vector();
-            }
-        }
-        else
-        {
-            this.nextStack = nextStack;
-        }
-
-        this.currentTreehash = currentTreehash;
-        this.nextTreehash = nextTreehash;
-
-        this.currentRetain = currentRetain;
-        this.nextRetain = nextRetain;
-
-        this.nextRoot = nextRoot;
-
-        this.digestProvider = digestProvider;
-
-        if (nextNextRoot == null)
-        {
-            this.nextNextRoot = new GMSSRootCalc[numLayer - 1];
-            for (int i = 0; i < numLayer - 1; i++)
-            {
-                this.nextNextRoot[i] = new GMSSRootCalc(
-                    this.heightOfTrees[i + 1], this.K[i + 1], this.digestProvider);
-            }
-        }
-        else
-        {
-            this.nextNextRoot = nextNextRoot;
-        }
-        this.currentRootSig = currentRootSig;
-
-        // calculate numLeafs
-        numLeafs = new int[numLayer];
-        for (int i = 0; i < numLayer; i++)
-        {
-            numLeafs[i] = 1 << heightOfTrees[i];
-        }
-        // construct PRNG
-        this.gmssRandom = new GMSSRandom(messDigestTrees);
-
-        if (numLayer > 1)
-        {
-            // construct the nextNextLeaf (LEAFs++) array for upcoming leafs in
-            // tree after next (TREE++)
-            if (nextNextLeaf == null)
-            {
-                this.nextNextLeaf = new GMSSLeaf[numLayer - 2];
-                for (int i = 0; i < numLayer - 2; i++)
-                {
-                    this.nextNextLeaf[i] = new GMSSLeaf(digestProvider.get(), otsIndex[i + 1], numLeafs[i + 2], this.nextNextSeeds[i]);
-                }
-            }
-            else
-            {
-                this.nextNextLeaf = nextNextLeaf;
-            }
-        }
-        else
-        {
-            this.nextNextLeaf = new GMSSLeaf[0];
-        }
-
-        // construct the upperLeaf array for upcoming leafs in tree over the
-        // actual
-        if (upperLeaf == null)
-        {
-            this.upperLeaf = new GMSSLeaf[numLayer - 1];
-            for (int i = 0; i < numLayer - 1; i++)
-            {
-                this.upperLeaf[i] = new GMSSLeaf(digestProvider.get(), otsIndex[i],
-                    numLeafs[i + 1], this.currentSeeds[i]);
-            }
-        }
-        else
-        {
-            this.upperLeaf = upperLeaf;
-        }
-
-        // construct the leafs for upcoming leafs in treehashs in tree over the
-        // actual
-        if (upperTreehashLeaf == null)
-        {
-            this.upperTreehashLeaf = new GMSSLeaf[numLayer - 1];
-            for (int i = 0; i < numLayer - 1; i++)
-            {
-                this.upperTreehashLeaf[i] = new GMSSLeaf(digestProvider.get(), otsIndex[i], numLeafs[i + 1]);
-            }
-        }
-        else
-        {
-            this.upperTreehashLeaf = upperTreehashLeaf;
-        }
-
-        if (minTreehash == null)
-        {
-            this.minTreehash = new int[numLayer - 1];
-            for (int i = 0; i < numLayer - 1; i++)
-            {
-                this.minTreehash[i] = -1;
-            }
-        }
-        else
-        {
-            this.minTreehash = minTreehash;
-        }
-
-        // construct the nextRootSig (RootSig++)
-        byte[] dummy = new byte[mdLength];
-        byte[] OTSseed = new byte[mdLength];
-        if (nextRootSig == null)
-        {
-            this.nextRootSig = new GMSSRootSig[numLayer - 1];
-            for (int i = 0; i < numLayer - 1; i++)
-            {
-                System.arraycopy(currentSeeds[i], 0, dummy, 0, mdLength);
-                gmssRandom.nextSeed(dummy);
-                OTSseed = gmssRandom.nextSeed(dummy);
-                this.nextRootSig[i] = new GMSSRootSig(digestProvider.get(), otsIndex[i],
-                    heightOfTrees[i + 1]);
-                this.nextRootSig[i].initSign(OTSseed, nextRoot[i]);
-            }
-        }
-        else
-        {
-            this.nextRootSig = nextRootSig;
-        }
-    }
-
-    // we assume this only gets called from nextKey so used is never copied.
-    private GMSSPrivateKeyParameters(GMSSPrivateKeyParameters original)
-    {
-        super(true, original.getParameters());
-
-        this.index = Arrays.clone(original.index);
-        this.currentSeeds = Arrays.clone(original.currentSeeds);
-        this.nextNextSeeds = Arrays.clone(original.nextNextSeeds);
-        this.currentAuthPaths = Arrays.clone(original.currentAuthPaths);
-        this.nextAuthPaths = Arrays.clone(original.nextAuthPaths);
-        this.currentTreehash = original.currentTreehash;
-        this.nextTreehash = original.nextTreehash;
-        this.currentStack = original.currentStack;
-        this.nextStack = original.nextStack;
-        this.currentRetain = original.currentRetain;
-        this.nextRetain = original.nextRetain;
-        this.keep = Arrays.clone(original.keep);
-        this.nextNextLeaf = original.nextNextLeaf;
-        this.upperLeaf = original.upperLeaf;
-        this.upperTreehashLeaf = original.upperTreehashLeaf;
-        this.minTreehash = original.minTreehash;
-        this.gmssPS = original.gmssPS;
-        this.nextRoot = Arrays.clone(original.nextRoot);
-        this.nextNextRoot = original.nextNextRoot;
-        this.currentRootSig = original.currentRootSig;
-        this.nextRootSig = original.nextRootSig;
-        this.digestProvider = original.digestProvider;
-        this.heightOfTrees = original.heightOfTrees;
-        this.otsIndex = original.otsIndex;
-        this.K = original.K;
-        this.numLayer = original.numLayer;
-        this.messDigestTrees = original.messDigestTrees;
-        this.mdLength = original.mdLength;
-        this.gmssRandom = original.gmssRandom;
-        this.numLeafs = original.numLeafs;
-    }
-
-    public boolean isUsed()
-    {
-        return this.used;
-    }
-
-    public void markUsed()
-    {
-        this.used = true;
-    }
-
-    public GMSSPrivateKeyParameters nextKey()
-    {
-        GMSSPrivateKeyParameters nKey = new GMSSPrivateKeyParameters(this);
-
-        nKey.nextKey(gmssPS.getNumOfLayers() - 1);
-
-        return nKey;
-    }
-
-    /**
-     * This method updates the GMSS private key for the next signature
-     *
-     * @param layer the layer where the next key is processed
-     */
-    private void nextKey(int layer)
-    {
-        // only for lowest layer ( other layers indices are raised in nextTree()
-        // method )
-        if (layer == numLayer - 1)
-        {
-            index[layer]++;
-        } // else System.out.println(" --- nextKey on layer " + layer + "
-        // index is now : " + index[layer]);
-
-        // if tree of this layer is depleted
-        if (index[layer] == numLeafs[layer])
-        {
-            if (numLayer != 1)
-            {
-                nextTree(layer);
-                index[layer] = 0;
-            }
-        }
-        else
-        {
-            updateKey(layer);
-        }
-    }
-
-    /**
-     * Switch to next subtree if the current one is depleted
-     *
-     * @param layer the layer where the next tree is processed
-     */
-    private void nextTree(int layer)
-    {
-        // System.out.println("NextTree method called on layer " + layer);
-        // dont create next tree for the top layer
-        if (layer > 0)
-        {
-            // raise index for upper layer
-            index[layer - 1]++;
-
-            // test if it is already the last tree
-            boolean lastTree = true;
-            int z = layer;
-            do
-            {
-                z--;
-                if (index[z] < numLeafs[z])
-                {
-                    lastTree = false;
-                }
-            }
-            while (lastTree && (z > 0));
-
-            // only construct next subtree if last one is not already in use
-            if (!lastTree)
-            {
-                gmssRandom.nextSeed(currentSeeds[layer]);
-
-                // last step of distributed signature calculation
-                nextRootSig[layer - 1].updateSign();
-
-                // last step of distributed leaf calculation for nextNextLeaf
-                if (layer > 1)
-                {
-                    nextNextLeaf[layer - 1 - 1] = nextNextLeaf[layer - 1 - 1].nextLeaf();
-                }
-
-                // last step of distributed leaf calculation for upper leaf
-                upperLeaf[layer - 1] = upperLeaf[layer - 1].nextLeaf();
-
-                // last step of distributed leaf calculation for all treehashs
-
-                if (minTreehash[layer - 1] >= 0)
-                {
-                    upperTreehashLeaf[layer - 1] = upperTreehashLeaf[layer - 1].nextLeaf();
-                    byte[] leaf = this.upperTreehashLeaf[layer - 1].getLeaf();
-                    // if update is required use the precomputed leaf to update
-                    // treehash
-                    try
-                    {
-                        currentTreehash[layer - 1][minTreehash[layer - 1]]
-                            .update(this.gmssRandom, leaf);
-                        // System.out.println("UUUpdated TH " +
-                        // minTreehash[layer - 1]);
-                        if (currentTreehash[layer - 1][minTreehash[layer - 1]]
-                            .wasFinished())
-                        {
-                            // System.out.println("FFFinished TH " +
-                            // minTreehash[layer - 1]);
-                        }
-                    }
-                    catch (Exception e)
-                    {
-                        System.out.println(e);
-                    }
-                }
-
-                // last step of nextNextAuthRoot calculation
-                this.updateNextNextAuthRoot(layer);
-
-                // ******************************************************** /
-
-                // NOW: advance to next tree on layer 'layer'
-
-                // NextRootSig --> currentRootSigs
-                this.currentRootSig[layer - 1] = nextRootSig[layer - 1]
-                    .getSig();
-
-                // -----------------------
-
-                // nextTreehash --> currentTreehash
-                // nextNextTreehash --> nextTreehash
-                for (int i = 0; i < heightOfTrees[layer] - K[layer]; i++)
-                {
-                    this.currentTreehash[layer][i] = this.nextTreehash[layer - 1][i];
-                    this.nextTreehash[layer - 1][i] = this.nextNextRoot[layer - 1]
-                        .getTreehash()[i];
-                }
-
-                // NextAuthPath --> currentAuthPath
-                // nextNextAuthPath --> nextAuthPath
-                for (int i = 0; i < heightOfTrees[layer]; i++)
-                {
-                    System.arraycopy(nextAuthPaths[layer - 1][i], 0,
-                        currentAuthPaths[layer][i], 0, mdLength);
-                    System.arraycopy(nextNextRoot[layer - 1].getAuthPath()[i],
-                        0, nextAuthPaths[layer - 1][i], 0, mdLength);
-                }
-
-                // nextRetain --> currentRetain
-                // nextNextRetain --> nextRetain
-                for (int i = 0; i < K[layer] - 1; i++)
-                {
-                    this.currentRetain[layer][i] = this.nextRetain[layer - 1][i];
-                    this.nextRetain[layer - 1][i] = this.nextNextRoot[layer - 1]
-                        .getRetain()[i];
-                }
-
-                // nextStack --> currentStack
-                this.currentStack[layer] = this.nextStack[layer - 1];
-                // nextNextStack --> nextStack
-                this.nextStack[layer - 1] = this.nextNextRoot[layer - 1]
-                    .getStack();
-
-                // nextNextRoot --> nextRoot
-                this.nextRoot[layer - 1] = this.nextNextRoot[layer - 1]
-                    .getRoot();
-                // -----------------------
-
-                // -----------------
-                byte[] OTSseed = new byte[mdLength];
-                byte[] dummy = new byte[mdLength];
-                // gmssRandom.setSeed(currentSeeds[layer]);
-                System
-                    .arraycopy(currentSeeds[layer - 1], 0, dummy, 0,
-                        mdLength);
-                OTSseed = gmssRandom.nextSeed(dummy); // only need OTSSeed
-                OTSseed = gmssRandom.nextSeed(dummy);
-                OTSseed = gmssRandom.nextSeed(dummy);
-                // nextWinSig[layer-1]=new
-                // GMSSWinSig(OTSseed,algNames,otsIndex[layer-1],heightOfTrees[layer],nextRoot[layer-1]);
-                nextRootSig[layer - 1].initSign(OTSseed, nextRoot[layer - 1]);
-
-                // nextKey for upper layer
-                nextKey(layer - 1);
-            }
-        }
-    }
-
-    /**
-     * This method computes the authpath (AUTH) for the current tree,
-     * Additionally the root signature for the next tree (SIG+), the authpath
-     * (AUTH++) and root (ROOT++) for the tree after next in layer
-     * <code>layer</code>, and the LEAF++^1 for the next next tree in the
-     * layer above are updated This method is used by nextKey()
-     *
-     * @param layer
-     */
-    private void updateKey(int layer)
-    {
-        // ----------current tree processing of actual layer---------
-        // compute upcoming authpath for current Tree (AUTH)
-        computeAuthPaths(layer);
-
-        // -----------distributed calculations part------------
-        // not for highest tree layer
-        if (layer > 0)
-        {
-
-            // compute (partial) next leaf on TREE++ (not on layer 1 and 0)
-            if (layer > 1)
-            {
-                nextNextLeaf[layer - 1 - 1] = nextNextLeaf[layer - 1 - 1].nextLeaf();
-            }
-
-            // compute (partial) next leaf on tree above (not on layer 0)
-            upperLeaf[layer - 1] = upperLeaf[layer - 1].nextLeaf();
-
-            // compute (partial) next leaf for all treehashs on tree above (not
-            // on layer 0)
-
-            int t = (int)Math
-                .floor((double)(this.getNumLeafs(layer) * 2)
-                    / (double)(this.heightOfTrees[layer - 1] - this.K[layer - 1]));
-
-            if (index[layer] % t == 1)
-            {
-                // System.out.println(" layer: " + layer + " index: " +
-                // index[layer] + " t : " + t);
-
-                // take precomputed node for treehash update
-                // ------------------------------------------------
-                if (index[layer] > 1 && minTreehash[layer - 1] >= 0)
-                {
-                    byte[] leaf = this.upperTreehashLeaf[layer - 1].getLeaf();
-                    // if update is required use the precomputed leaf to update
-                    // treehash
-                    try
-                    {
-                        currentTreehash[layer - 1][minTreehash[layer - 1]]
-                            .update(this.gmssRandom, leaf);
-                        // System.out.println("Updated TH " + minTreehash[layer
-                        // - 1]);
-                        if (currentTreehash[layer - 1][minTreehash[layer - 1]]
-                            .wasFinished())
-                        {
-                            // System.out.println("Finished TH " +
-                            // minTreehash[layer - 1]);
-                        }
-                    }
-                    catch (Exception e)
-                    {
-                        System.out.println(e);
-                    }
-                    // ------------------------------------------------
-                }
-
-                // initialize next leaf precomputation
-                // ------------------------------------------------
-
-                // get lowest index of treehashs
-                this.minTreehash[layer - 1] = getMinTreehashIndex(layer - 1);
-
-                if (this.minTreehash[layer - 1] >= 0)
-                {
-                    // initialize leaf
-                    byte[] seed = this.currentTreehash[layer - 1][this.minTreehash[layer - 1]]
-                        .getSeedActive();
-                    this.upperTreehashLeaf[layer - 1] = new GMSSLeaf(
-                        this.digestProvider.get(), this.otsIndex[layer - 1], t, seed);
-                    this.upperTreehashLeaf[layer - 1] = this.upperTreehashLeaf[layer - 1].nextLeaf();
-                    // System.out.println("restarted treehashleaf (" + (layer -
-                    // 1) + "," + this.minTreehash[layer - 1] + ")");
-                }
-                // ------------------------------------------------
-
-            }
-            else
-            {
-                // update the upper leaf for the treehash one step
-                if (this.minTreehash[layer - 1] >= 0)
-                {
-                    this.upperTreehashLeaf[layer - 1] = this.upperTreehashLeaf[layer - 1].nextLeaf();
-                    // if (minTreehash[layer - 1] > 3)
-                    // System.out.print("#");
-                }
-            }
-
-            // compute (partial) the signature of ROOT+ (RootSig+) (not on top
-            // layer)
-            nextRootSig[layer - 1].updateSign();
-
-            // compute (partial) AUTHPATH++ & ROOT++ (not on top layer)
-            if (index[layer] == 1)
-            {
-                // init root and authpath calculation for tree after next
-                // (AUTH++, ROOT++)
-                this.nextNextRoot[layer - 1].initialize(new Vector());
-            }
-
-            // update root and authpath calculation for tree after next (AUTH++,
-            // ROOT++)
-            this.updateNextNextAuthRoot(layer);
-        }
-        // ----------- end distributed calculations part-----------------
-    }
-
-    /**
-     * This method returns the index of the next Treehash instance that should
-     * receive an update
-     *
-     * @param layer the layer of the GMSS tree
-     * @return index of the treehash instance that should get the update
-     */
-    private int getMinTreehashIndex(int layer)
-    {
-        int minTreehash = -1;
-        for (int h = 0; h < heightOfTrees[layer] - K[layer]; h++)
-        {
-            if (currentTreehash[layer][h].wasInitialized()
-                && !currentTreehash[layer][h].wasFinished())
-            {
-                if (minTreehash == -1)
-                {
-                    minTreehash = h;
-                }
-                else if (currentTreehash[layer][h].getLowestNodeHeight() < currentTreehash[layer][minTreehash]
-                    .getLowestNodeHeight())
-                {
-                    minTreehash = h;
-                }
-            }
-        }
-        return minTreehash;
-    }
-
-    /**
-     * Computes the upcoming currentAuthpath of layer <code>layer</code> using
-     * the revisited authentication path computation of Dahmen/Schneider 2008
-     *
-     * @param layer the actual layer
-     */
-    private void computeAuthPaths(int layer)
-    {
-
-        int Phi = index[layer];
-        int H = heightOfTrees[layer];
-        int K = this.K[layer];
-
-        // update all nextSeeds for seed scheduling
-        for (int i = 0; i < H - K; i++)
-        {
-            currentTreehash[layer][i].updateNextSeed(gmssRandom);
-        }
-
-        // STEP 1 of Algorithm
-        int Tau = heightOfPhi(Phi);
-
-        byte[] OTSseed = new byte[mdLength];
-        OTSseed = gmssRandom.nextSeed(currentSeeds[layer]);
-
-        // STEP 2 of Algorithm
-        // if phi's parent on height tau + 1 if left node, store auth_tau
-        // in keep_tau.
-        // TODO check it, formerly was
-        // int L = Phi / (int) Math.floor(Math.pow(2, Tau + 1));
-        // L %= 2;
-        int L = (Phi >>> (Tau + 1)) & 1;
-
-        byte[] tempKeep = new byte[mdLength];
-        // store the keep node not in keep[layer][tau/2] because it might be in
-        // use
-        // wait until the space is freed in step 4a
-        if (Tau < H - 1 && L == 0)
-        {
-            System.arraycopy(currentAuthPaths[layer][Tau], 0, tempKeep, 0,
-                mdLength);
-        }
-
-        byte[] help = new byte[mdLength];
-        // STEP 3 of Algorithm
-        // if phi is left child, compute and store leaf for next currentAuthPath
-        // path,
-        // (obtained by veriying current signature)
-        if (Tau == 0)
-        {
-            // LEAFCALC !!!
-            if (layer == numLayer - 1)
-            { // lowest layer computes the
-                // necessary leaf completely at this
-                // time
-                WinternitzOTSignature ots = new WinternitzOTSignature(OTSseed,
-                    digestProvider.get(), otsIndex[layer]);
-                help = ots.getPublicKey();
-            }
-            else
-            { // other layers use the precomputed leafs in
-                // nextNextLeaf
-                byte[] dummy = new byte[mdLength];
-                System.arraycopy(currentSeeds[layer], 0, dummy, 0, mdLength);
-                gmssRandom.nextSeed(dummy);
-                help = upperLeaf[layer].getLeaf();
-                this.upperLeaf[layer].initLeafCalc(dummy);
-
-                // WinternitzOTSVerify otsver = new
-                // WinternitzOTSVerify(algNames, otsIndex[layer]);
-                // byte[] help2 = otsver.Verify(currentRoot[layer],
-                // currentRootSig[layer]);
-                // System.out.println(" --- " + layer + " " +
-                // ByteUtils.toHexString(help) + " " +
-                // ByteUtils.toHexString(help2));
-            }
-            System.arraycopy(help, 0, currentAuthPaths[layer][0], 0, mdLength);
-        }
-        else
-        {
-            // STEP 4a of Algorithm
-            // get new left currentAuthPath node on height tau
-            byte[] toBeHashed = new byte[mdLength << 1];
-            System.arraycopy(currentAuthPaths[layer][Tau - 1], 0, toBeHashed,
-                0, mdLength);
-            // free the shared keep[layer][tau/2]
-            System.arraycopy(keep[layer][(int)Math.floor((Tau - 1) / 2)], 0,
-                toBeHashed, mdLength, mdLength);
-            messDigestTrees.update(toBeHashed, 0, toBeHashed.length);
-            currentAuthPaths[layer][Tau] = new byte[messDigestTrees.getDigestSize()];
-            messDigestTrees.doFinal(currentAuthPaths[layer][Tau], 0);
-
-            // STEP 4b and 4c of Algorithm
-            // copy right nodes to currentAuthPath on height 0..Tau-1
-            for (int i = 0; i < Tau; i++)
-            {
-
-                // STEP 4b of Algorithm
-                // 1st: copy from treehashs
-                if (i < H - K)
-                {
-                    if (currentTreehash[layer][i].wasFinished())
-                    {
-                        System.arraycopy(currentTreehash[layer][i]
-                            .getFirstNode(), 0, currentAuthPaths[layer][i],
-                            0, mdLength);
-                        currentTreehash[layer][i].destroy();
-                    }
-                    else
-                    {
-                        System.err
-                            .println("Treehash ("
-                                + layer
-                                + ","
-                                + i
-                                + ") not finished when needed in AuthPathComputation");
-                    }
-                }
-
-                // 2nd: copy precomputed values from Retain
-                if (i < H - 1 && i >= H - K)
-                {
-                    if (currentRetain[layer][i - (H - K)].size() > 0)
-                    {
-                        // pop element from retain
-                        System.arraycopy(currentRetain[layer][i - (H - K)]
-                            .lastElement(), 0, currentAuthPaths[layer][i],
-                            0, mdLength);
-                        currentRetain[layer][i - (H - K)]
-                            .removeElementAt(currentRetain[layer][i
-                                - (H - K)].size() - 1);
-                    }
-                }
-
-                // STEP 4c of Algorithm
-                // initialize new stack at heights 0..Tau-1
-                if (i < H - K)
-                {
-                    // create stacks anew
-                    int startPoint = Phi + 3 * (1 << i);
-                    if (startPoint < numLeafs[layer])
-                    {
-                        // if (layer < 2) {
-                        // System.out.println("initialized TH " + i + " on layer
-                        // " + layer);
-                        // }
-                        currentTreehash[layer][i].initialize();
-                    }
-                }
-            }
-        }
-
-        // now keep space is free to use
-        if (Tau < H - 1 && L == 0)
-        {
-            System.arraycopy(tempKeep, 0,
-                keep[layer][(int)Math.floor(Tau / 2)], 0, mdLength);
-        }
-
-        // only update empty stack at height h if all other stacks have
-        // tailnodes with height >h
-        // finds active stack with lowest node height, choses lower index in
-        // case of tie
-
-        // on the lowest layer leafs must be computed at once, no precomputation
-        // is possible. So all treehash updates are done at once here
-        if (layer == numLayer - 1)
-        {
-            for (int tmp = 1; tmp <= (H - K) / 2; tmp++)
-            {
-                // index of the treehash instance that receives the next update
-                int minTreehash = getMinTreehashIndex(layer);
-
-                // if active treehash is found update with a leaf
-                if (minTreehash >= 0)
-                {
-                    try
-                    {
-                        byte[] seed = new byte[mdLength];
-                        System.arraycopy(
-                            this.currentTreehash[layer][minTreehash]
-                                .getSeedActive(), 0, seed, 0, mdLength);
-                        byte[] seed2 = gmssRandom.nextSeed(seed);
-                        WinternitzOTSignature ots = new WinternitzOTSignature(
-                            seed2, this.digestProvider.get(), this.otsIndex[layer]);
-                        byte[] leaf = ots.getPublicKey();
-                        currentTreehash[layer][minTreehash].update(
-                            this.gmssRandom, leaf);
-                    }
-                    catch (Exception e)
-                    {
-                        System.out.println(e);
-                    }
-                }
-            }
-        }
-        else
-        { // on higher layers the updates are done later
-            this.minTreehash[layer] = getMinTreehashIndex(layer);
-        }
-    }
-
-    /**
-     * Returns the largest h such that 2^h | Phi
-     *
-     * @param Phi the leaf index
-     * @return The largest <code>h</code> with <code>2^h | Phi</code> if
-     *         <code>Phi!=0</code> else return <code>-1</code>
-     */
-    private int heightOfPhi(int Phi)
-    {
-        if (Phi == 0)
-        {
-            return -1;
-        }
-        int Tau = 0;
-        int modul = 1;
-        while (Phi % modul == 0)
-        {
-            modul *= 2;
-            Tau += 1;
-        }
-        return Tau - 1;
-    }
-
-    /**
-     * Updates the authentication path and root calculation for the tree after
-     * next (AUTH++, ROOT++) in layer <code>layer</code>
-     *
-     * @param layer
-     */
-    private void updateNextNextAuthRoot(int layer)
-    {
-
-        byte[] OTSseed = new byte[mdLength];
-        OTSseed = gmssRandom.nextSeed(nextNextSeeds[layer - 1]);
-
-        // get the necessary leaf
-        if (layer == numLayer - 1)
-        { // lowest layer computes the necessary
-            // leaf completely at this time
-            WinternitzOTSignature ots = new WinternitzOTSignature(OTSseed,
-                digestProvider.get(), otsIndex[layer]);
-            this.nextNextRoot[layer - 1].update(nextNextSeeds[layer - 1], ots
-                .getPublicKey());
-        }
-        else
-        { // other layers use the precomputed leafs in nextNextLeaf
-            this.nextNextRoot[layer - 1].update(nextNextSeeds[layer - 1], nextNextLeaf[layer - 1].getLeaf());
-            this.nextNextLeaf[layer - 1].initLeafCalc(nextNextSeeds[layer - 1]);
-        }
-    }
-
-    public int[] getIndex()
-    {
-        return index;
-    }
-
-    /**
-     * @return The current index of layer i
-     */
-    public int getIndex(int i)
-    {
-        return index[i];
-    }
-
-    public byte[][] getCurrentSeeds()
-    {
-        return Arrays.clone(currentSeeds);
-    }
-
-    public byte[][][] getCurrentAuthPaths()
-    {
-        return Arrays.clone(currentAuthPaths);
-    }
-
-    /**
-     * @return The one-time signature of the root of the current subtree
-     */
-    public byte[] getSubtreeRootSig(int i)
-    {
-        return currentRootSig[i];
-    }
-
-
-    public GMSSDigestProvider getName()
-    {
-        return digestProvider;
-    }
-
-    /**
-     * @return The number of leafs of each tree of layer i
-     */
-    public int getNumLeafs(int i)
-    {
-        return numLeafs[i];
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSPublicKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSPublicKeyParameters.java
deleted file mode 100644
index 492802d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSPublicKeyParameters.java
+++ /dev/null

@@ -1,33 +0,0 @@
-package org.bouncycastle.pqc.crypto.gmss;
-
-
-public class GMSSPublicKeyParameters
-    extends GMSSKeyParameters
-{
-    /**
-     * The GMSS public key
-     */
-    private byte[] gmssPublicKey;
-
-    /**
-     * The constructor.
-     *
-     * @param key              a raw GMSS public key
-     * @param gmssParameterSet an instance of GMSSParameterset
-     */
-    public GMSSPublicKeyParameters(byte[] key, GMSSParameters gmssParameterSet)
-    {
-        super(false, gmssParameterSet);
-        this.gmssPublicKey = key;
-    }
-
-    /**
-     * Returns the GMSS public key
-     *
-     * @return The GMSS public key
-     */
-    public byte[] getPublicKey()
-    {
-        return gmssPublicKey;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSRootCalc.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSRootCalc.java
deleted file mode 100644
index d5e4bc2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSRootCalc.java
+++ /dev/null

@@ -1,522 +0,0 @@
-package org.bouncycastle.pqc.crypto.gmss;
-
-import java.util.Enumeration;
-import java.util.Vector;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Integers;
-import org.bouncycastle.util.encoders.Hex;
-
-
-/**
- * This class computes a whole Merkle tree and saves the needed values for
- * AuthPath computation. It is used for precomputation of the root of a
- * following tree. After initialization, 2^H updates are required to complete
- * the root. Every update requires one leaf value as parameter. While computing
- * the root all initial values for the authentication path algorithm (treehash,
- * auth, retain) are stored for later use.
- */
-public class GMSSRootCalc
-{
-
-    /**
-     * max height of the tree
-     */
-    private int heightOfTree;
-
-    /**
-     * length of the messageDigest
-     */
-    private int mdLength;
-
-    /**
-     * the treehash instances of the tree
-     */
-    private Treehash[] treehash;
-
-    /**
-     * stores the retain nodes for authPath computation
-     */
-    private Vector[] retain;
-
-    /**
-     * finally stores the root of the tree when finished
-     */
-    private byte[] root;
-
-    /**
-     * stores the authentication path y_1(i), i = 0..H-1
-     */
-    private byte[][] AuthPath;
-
-    /**
-     * the value K for the authentication path computation
-     */
-    private int K;
-
-    /**
-     * Vector element that stores the nodes on the stack
-     */
-    private Vector tailStack;
-
-    /**
-     * stores the height of all nodes laying on the tailStack
-     */
-    private Vector heightOfNodes;
-    /**
-     * The hash function used for the construction of the authentication trees
-     */
-    private Digest messDigestTree;
-
-    /**
-     * An array of strings containing the name of the hash function used to
-     * construct the authentication trees and used by the OTS.
-     */
-    private GMSSDigestProvider digestProvider;
-
-    /**
-     * stores the index of the current node on each height of the tree
-     */
-    private int[] index;
-
-    /**
-     * true if instance was already initialized, false otherwise
-     */
-    private boolean isInitialized;
-
-    /**
-     * true it instance was finished
-     */
-    private boolean isFinished;
-
-    /**
-     * Integer that stores the index of the next seed that has to be omitted to
-     * the treehashs
-     */
-    private int indexForNextSeed;
-
-    /**
-     * temporary integer that stores the height of the next treehash instance
-     * that gets initialized with a seed
-     */
-    private int heightOfNextSeed;
-
-    /**
-     * Constructor
-     *
-     * @param heightOfTree maximal height of the tree
-     * @param digestProvider       an array of strings, containing the name of the used hash
-     *                     function and PRNG and the name of the corresponding
-     *                     provider
-     */
-    public GMSSRootCalc(int heightOfTree, int K, GMSSDigestProvider digestProvider)
-    {
-        this.heightOfTree = heightOfTree;
-        this.digestProvider = digestProvider;
-        this.messDigestTree = digestProvider.get();
-        this.mdLength = messDigestTree.getDigestSize();
-        this.K = K;
-        this.index = new int[heightOfTree];
-        this.AuthPath = new byte[heightOfTree][mdLength];
-        this.root = new byte[mdLength];
-        // this.treehash = new Treehash[this.heightOfTree - this.K];
-        this.retain = new Vector[this.K - 1];
-        for (int i = 0; i < K - 1; i++)
-        {
-            this.retain[i] = new Vector();
-        }
-
-    }
-
-    /**
-     * Initializes the calculation of a new root
-     *
-     * @param sharedStack the stack shared by all treehash instances of this tree
-     */
-    public void initialize(Vector sharedStack)
-    {
-        this.treehash = new Treehash[this.heightOfTree - this.K];
-        for (int i = 0; i < this.heightOfTree - this.K; i++)
-        {
-            this.treehash[i] = new Treehash(sharedStack, i, this.digestProvider.get());
-        }
-
-        this.index = new int[heightOfTree];
-        this.AuthPath = new byte[heightOfTree][mdLength];
-        this.root = new byte[mdLength];
-
-        this.tailStack = new Vector();
-        this.heightOfNodes = new Vector();
-        this.isInitialized = true;
-        this.isFinished = false;
-
-        for (int i = 0; i < heightOfTree; i++)
-        {
-            this.index[i] = -1;
-        }
-
-        this.retain = new Vector[this.K - 1];
-        for (int i = 0; i < K - 1; i++)
-        {
-            this.retain[i] = new Vector();
-        }
-
-        this.indexForNextSeed = 3;
-        this.heightOfNextSeed = 0;
-    }
-
-    /**
-     * updates the root with one leaf and stores needed values in retain,
-     * treehash or authpath. Additionally counts the seeds used. This method is
-     * used when performing the updates for TREE++.
-     *
-     * @param seed the initial seed for treehash: seedNext
-     * @param leaf the height of the treehash
-     */
-    public void update(byte[] seed, byte[] leaf)
-    {
-        if (this.heightOfNextSeed < (this.heightOfTree - this.K)
-            && this.indexForNextSeed - 2 == index[0])
-        {
-            this.initializeTreehashSeed(seed, this.heightOfNextSeed);
-            this.heightOfNextSeed++;
-            this.indexForNextSeed *= 2;
-        }
-        // now call the simple update
-        this.update(leaf);
-    }
-
-    /**
-     * Updates the root with one leaf and stores the needed values in retain,
-     * treehash or authpath
-     */
-    public void update(byte[] leaf)
-    {
-
-        if (isFinished)
-        {
-            System.out.print("Too much updates for Tree!!");
-            return;
-        }
-        if (!isInitialized)
-        {
-            System.err.println("GMSSRootCalc not initialized!");
-            return;
-        }
-
-        // a new leaf was omitted, so raise index on lowest layer
-        index[0]++;
-
-        // store the nodes on the lowest layer in treehash or authpath
-        if (index[0] == 1)
-        {
-            System.arraycopy(leaf, 0, AuthPath[0], 0, mdLength);
-        }
-        else if (index[0] == 3)
-        {
-            // store in treehash only if K < H
-            if (heightOfTree > K)
-            {
-                treehash[0].setFirstNode(leaf);
-            }
-        }
-
-        if ((index[0] - 3) % 2 == 0 && index[0] >= 3)
-        {
-            // store in retain if K = H
-            if (heightOfTree == K)
-            // TODO: check it
-            {
-                retain[0].insertElementAt(leaf, 0);
-            }
-        }
-
-        // if first update to this tree is made
-        if (index[0] == 0)
-        {
-            tailStack.addElement(leaf);
-            heightOfNodes.addElement(Integers.valueOf(0));
-        }
-        else
-        {
-
-            byte[] help = new byte[mdLength];
-            byte[] toBeHashed = new byte[mdLength << 1];
-
-            // store the new leaf in help
-            System.arraycopy(leaf, 0, help, 0, mdLength);
-            int helpHeight = 0;
-            // while top to nodes have same height
-            while (tailStack.size() > 0
-                && helpHeight == ((Integer)heightOfNodes.lastElement())
-                .intValue())
-            {
-
-                // help <-- hash(stack top element || help)
-                System.arraycopy(tailStack.lastElement(), 0, toBeHashed, 0,
-                    mdLength);
-                tailStack.removeElementAt(tailStack.size() - 1);
-                heightOfNodes.removeElementAt(heightOfNodes.size() - 1);
-                System.arraycopy(help, 0, toBeHashed, mdLength, mdLength);
-
-                messDigestTree.update(toBeHashed, 0, toBeHashed.length);
-                help = new byte[messDigestTree.getDigestSize()];
-                messDigestTree.doFinal(help, 0);
-
-                // the new help node is one step higher
-                helpHeight++;
-                if (helpHeight < heightOfTree)
-                {
-                    index[helpHeight]++;
-
-                    // add index 1 element to initial authpath
-                    if (index[helpHeight] == 1)
-                    {
-                        System.arraycopy(help, 0, AuthPath[helpHeight], 0,
-                            mdLength);
-                    }
-
-                    if (helpHeight >= heightOfTree - K)
-                    {
-                        if (helpHeight == 0)
-                        {
-                            System.out.println("M���P");
-                        }
-                        // add help element to retain stack if it is a right
-                        // node
-                        // and not stored in treehash
-                        if ((index[helpHeight] - 3) % 2 == 0
-                            && index[helpHeight] >= 3)
-                        // TODO: check it
-                        {
-                            retain[helpHeight - (heightOfTree - K)]
-                                .insertElementAt(help, 0);
-                        }
-                    }
-                    else
-                    {
-                        // if element is third in his line add it to treehash
-                        if (index[helpHeight] == 3)
-                        {
-                            treehash[helpHeight].setFirstNode(help);
-                        }
-                    }
-                }
-            }
-            // push help element to the stack
-            tailStack.addElement(help);
-            heightOfNodes.addElement(Integers.valueOf(helpHeight));
-
-            // is the root calculation finished?
-            if (helpHeight == heightOfTree)
-            {
-                isFinished = true;
-                isInitialized = false;
-                root = (byte[])tailStack.lastElement();
-            }
-        }
-
-    }
-
-    /**
-     * initializes the seeds for the treehashs of the tree precomputed by this
-     * class
-     *
-     * @param seed  the initial seed for treehash: seedNext
-     * @param index the height of the treehash
-     */
-    public void initializeTreehashSeed(byte[] seed, int index)
-    {
-        treehash[index].initializeSeed(seed);
-    }
-
-    /**
-     * Method to check whether the instance has been initialized or not
-     *
-     * @return true if treehash was already initialized
-     */
-    public boolean wasInitialized()
-    {
-        return isInitialized;
-    }
-
-    /**
-     * Method to check whether the instance has been finished or not
-     *
-     * @return true if tree has reached its maximum height
-     */
-    public boolean wasFinished()
-    {
-        return isFinished;
-    }
-
-    /**
-     * returns the authentication path of the first leaf of the tree
-     *
-     * @return the authentication path of the first leaf of the tree
-     */
-    public byte[][] getAuthPath()
-    {
-        return GMSSUtils.clone(AuthPath);
-    }
-
-    /**
-     * returns the initial treehash instances, storing value y_3(i)
-     *
-     * @return the initial treehash instances, storing value y_3(i)
-     */
-    public Treehash[] getTreehash()
-    {
-        return GMSSUtils.clone(treehash);
-    }
-
-    /**
-     * returns the retain stacks storing all right nodes near to the root
-     *
-     * @return the retain stacks storing all right nodes near to the root
-     */
-    public Vector[] getRetain()
-    {
-        return GMSSUtils.clone(retain);
-    }
-
-    /**
-     * returns the finished root value
-     *
-     * @return the finished root value
-     */
-    public byte[] getRoot()
-    {
-        return Arrays.clone(root);
-    }
-
-    /**
-     * returns the shared stack
-     *
-     * @return the shared stack
-     */
-    public Vector getStack()
-    {
-        Vector copy = new Vector();
-        for (Enumeration en = tailStack.elements(); en.hasMoreElements();)
-        {
-            copy.addElement(en.nextElement());
-        }
-        return copy;
-    }
-
-    /**
-     * Returns the status byte array used by the GMSSPrivateKeyASN.1 class
-     *
-     * @return The status bytes
-     */
-    public byte[][] getStatByte()
-    {
-
-        int tailLength;
-        if (tailStack == null)
-        {
-            tailLength = 0;
-        }
-        else
-        {
-            tailLength = tailStack.size();
-        }
-        byte[][] statByte = new byte[1 + heightOfTree + tailLength][64]; //FIXME: messDigestTree.getByteLength()
-        statByte[0] = root;
-
-        for (int i = 0; i < heightOfTree; i++)
-        {
-            statByte[1 + i] = AuthPath[i];
-        }
-        for (int i = 0; i < tailLength; i++)
-        {
-            statByte[1 + heightOfTree + i] = (byte[])tailStack.elementAt(i);
-        }
-
-        return statByte;
-    }
-
-    /**
-     * Returns the status int array used by the GMSSPrivateKeyASN.1 class
-     *
-     * @return The status ints
-     */
-    public int[] getStatInt()
-    {
-
-        int tailLength;
-        if (tailStack == null)
-        {
-            tailLength = 0;
-        }
-        else
-        {
-            tailLength = tailStack.size();
-        }
-        int[] statInt = new int[8 + heightOfTree + tailLength];
-        statInt[0] = heightOfTree;
-        statInt[1] = mdLength;
-        statInt[2] = K;
-        statInt[3] = indexForNextSeed;
-        statInt[4] = heightOfNextSeed;
-        if (isFinished)
-        {
-            statInt[5] = 1;
-        }
-        else
-        {
-            statInt[5] = 0;
-        }
-        if (isInitialized)
-        {
-            statInt[6] = 1;
-        }
-        else
-        {
-            statInt[6] = 0;
-        }
-        statInt[7] = tailLength;
-
-        for (int i = 0; i < heightOfTree; i++)
-        {
-            statInt[8 + i] = index[i];
-        }
-        for (int i = 0; i < tailLength; i++)
-        {
-            statInt[8 + heightOfTree + i] = ((Integer)heightOfNodes
-                .elementAt(i)).intValue();
-        }
-
-        return statInt;
-    }
-
-    /**
-     * @return a human readable version of the structure
-     */
-    public String toString()
-    {
-        String out = "";
-        int tailLength;
-        if (tailStack == null)
-        {
-            tailLength = 0;
-        }
-        else
-        {
-            tailLength = tailStack.size();
-        }
-
-        for (int i = 0; i < 8 + heightOfTree + tailLength; i++)
-        {
-            out = out + getStatInt()[i] + " ";
-        }
-        for (int i = 0; i < 1 + heightOfTree + tailLength; i++)
-        {
-            out = out + new String(Hex.encode(getStatByte()[i])) + " ";
-        }
-        out = out + "  " + digestProvider.get().getDigestSize();
-        return out;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSRootSig.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSRootSig.java
deleted file mode 100644
index 8a4796f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSRootSig.java
+++ /dev/null

@@ -1,666 +0,0 @@
-package org.bouncycastle.pqc.crypto.gmss;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.pqc.crypto.gmss.util.GMSSRandom;
-import org.bouncycastle.util.encoders.Hex;
-
-
-/**
- * This class implements the distributed signature generation of the Winternitz
- * one-time signature scheme (OTSS), described in C.Dods, N.P. Smart, and M.
- * Stam, "Hash Based Digital Signature Schemes", LNCS 3796, pages 96&#8211;115,
- * 2005. The class is used by the GMSS classes.
- */
-public class GMSSRootSig
-{
-
-    /**
-     * The hash function used by the OTS
-     */
-    private Digest messDigestOTS;
-
-    /**
-     * The length of the message digest and private key
-     */
-    private int mdsize, keysize;
-
-    /**
-     * The private key
-     */
-    private byte[] privateKeyOTS;
-
-    /**
-     * The message bytes
-     */
-    private byte[] hash;
-
-    /**
-     * The signature bytes
-     */
-    private byte[] sign;
-
-    /**
-     * The Winternitz parameter
-     */
-    private int w;
-
-    /**
-     * The source of randomness for OTS private key generation
-     */
-    private GMSSRandom gmssRandom;
-
-    /**
-     * Sizes of the message
-     */
-    private int messagesize;
-
-    /**
-     * Some precalculated values
-     */
-    private int k;
-
-    /**
-     * Some variables for storing the actual status of distributed signing
-     */
-    private int r, test, counter, ii;
-
-    /**
-     * variables for storing big numbers for the actual status of distributed
-     * signing
-     */
-    private long test8, big8;
-
-    /**
-     * The necessary steps of each updateSign() call
-     */
-    private int steps;
-
-    /**
-     * The checksum part
-     */
-    private int checksum;
-
-    /**
-     * The height of the tree
-     */
-    private int height;
-
-    /**
-     * The current intern OTSseed
-     */
-    private byte[] seed;
-
-    /**
-     * This constructor regenerates a prior GMSSRootSig object used by the
-     * GMSSPrivateKeyASN.1 class
-     *
-     * @param digest     an array of strings, containing the digest of the used hash
-     *                 function, the digest of the PRGN and the names of the
-     *                 corresponding providers
-     * @param statByte status byte array
-     * @param statInt  status int array
-     */
-    public GMSSRootSig(Digest digest, byte[][] statByte, int[] statInt)
-    {
-        messDigestOTS = digest;
-        gmssRandom = new GMSSRandom(messDigestOTS);
-
-        this.counter = statInt[0];
-        this.test = statInt[1];
-        this.ii = statInt[2];
-        this.r = statInt[3];
-        this.steps = statInt[4];
-        this.keysize = statInt[5];
-        this.height = statInt[6];
-        this.w = statInt[7];
-        this.checksum = statInt[8];
-
-        this.mdsize = messDigestOTS.getDigestSize();
-
-        this.k = (1 << w) - 1;
-
-        int mdsizeBit = mdsize << 3;
-        this.messagesize = (int)Math.ceil((double)(mdsizeBit) / (double)w);
-
-        this.privateKeyOTS = statByte[0];
-        this.seed = statByte[1];
-        this.hash = statByte[2];
-
-        this.sign = statByte[3];
-
-        this.test8 = ((statByte[4][0] & 0xff))
-            | ((long)(statByte[4][1] & 0xff) << 8)
-            | ((long)(statByte[4][2] & 0xff) << 16)
-            | ((long)(statByte[4][3] & 0xff)) << 24
-            | ((long)(statByte[4][4] & 0xff)) << 32
-            | ((long)(statByte[4][5] & 0xff)) << 40
-            | ((long)(statByte[4][6] & 0xff)) << 48
-            | ((long)(statByte[4][7] & 0xff)) << 56;
-
-        this.big8 = ((statByte[4][8] & 0xff))
-            | ((long)(statByte[4][9] & 0xff) << 8)
-            | ((long)(statByte[4][10] & 0xff) << 16)
-            | ((long)(statByte[4][11] & 0xff)) << 24
-            | ((long)(statByte[4][12] & 0xff)) << 32
-            | ((long)(statByte[4][13] & 0xff)) << 40
-            | ((long)(statByte[4][14] & 0xff)) << 48
-            | ((long)(statByte[4][15] & 0xff)) << 56;
-    }
-
-    /**
-     * The constructor generates the PRNG and initializes some variables
-     *
-     * @param digest   an array of strings, containing the digest of the used hash
-     *               function, the digest of the PRGN and the names of the
-     *               corresponding providers
-     * @param w      the winternitz parameter
-     * @param height the heigth of the tree
-     */
-    public GMSSRootSig(Digest digest, int w, int height)
-    {
-        messDigestOTS = digest;
-        gmssRandom = new GMSSRandom(messDigestOTS);
-
-        this.mdsize = messDigestOTS.getDigestSize();
-        this.w = w;
-        this.height = height;
-
-        this.k = (1 << w) - 1;
-
-        int mdsizeBit = mdsize << 3;
-        this.messagesize = (int)Math.ceil((double)(mdsizeBit) / (double)w);
-    }
-
-    /**
-     * This method initializes the distributed sigature calculation. Variables
-     * are reseted and necessary steps are calculated
-     *
-     * @param seed0   the initial OTSseed
-     * @param message the massage which will be signed
-     */
-    public void initSign(byte[] seed0, byte[] message)
-    {
-
-        // create hash of message m
-        this.hash = new byte[mdsize];
-        messDigestOTS.update(message, 0, message.length);
-        this.hash = new byte[messDigestOTS.getDigestSize()];
-        messDigestOTS.doFinal(this.hash, 0);
-
-        // variables for calculation of steps
-        byte[] messPart = new byte[mdsize];
-        System.arraycopy(hash, 0, messPart, 0, mdsize);
-        int checkPart = 0;
-        int sumH = 0;
-        int checksumsize = getLog((messagesize << w) + 1);
-
-        // ------- calculation of necessary steps ------
-        if (8 % w == 0)
-        {
-            int dt = 8 / w;
-            // message part
-            for (int a = 0; a < mdsize; a++)
-            {
-                // count necessary hashs in 'sumH'
-                for (int b = 0; b < dt; b++)
-                {
-                    sumH += messPart[a] & k;
-                    messPart[a] = (byte)(messPart[a] >>> w);
-                }
-            }
-            // checksum part
-            this.checksum = (messagesize << w) - sumH;
-            checkPart = checksum;
-            // count necessary hashs in 'sumH'
-            for (int b = 0; b < checksumsize; b += w)
-            {
-                sumH += checkPart & k;
-                checkPart >>>= w;
-            }
-        } // end if ( 8 % w == 0 )
-        else if (w < 8)
-        {
-            long big8;
-            int ii = 0;
-            int dt = mdsize / w;
-
-            // first d*w bytes of hash (main message part)
-            for (int i = 0; i < dt; i++)
-            {
-                big8 = 0;
-                for (int j = 0; j < w; j++)
-                {
-                    big8 ^= (messPart[ii] & 0xff) << (j << 3);
-                    ii++;
-                }
-                // count necessary hashs in 'sumH'
-                for (int j = 0; j < 8; j++)
-                {
-                    sumH += (int)(big8 & k);
-                    big8 >>>= w;
-                }
-            }
-            // rest of message part
-            dt = mdsize % w;
-            big8 = 0;
-            for (int j = 0; j < dt; j++)
-            {
-                big8 ^= (messPart[ii] & 0xff) << (j << 3);
-                ii++;
-            }
-            dt <<= 3;
-            // count necessary hashs in 'sumH'
-            for (int j = 0; j < dt; j += w)
-            {
-                sumH += (int)(big8 & k);
-                big8 >>>= w;
-            }
-            // checksum part
-            this.checksum = (messagesize << w) - sumH;
-            checkPart = checksum;
-            // count necessary hashs in 'sumH'
-            for (int i = 0; i < checksumsize; i += w)
-            {
-                sumH += checkPart & k;
-                checkPart >>>= w;
-            }
-        }// end if(w<8)
-        else if (w < 57)
-        {
-            long big8;
-            int r = 0;
-            int s, f, rest, ii;
-
-            // first a*w bits of hash where a*w <= 8*mdsize < (a+1)*w (main
-            // message part)
-            while (r <= ((mdsize << 3) - w))
-            {
-                s = r >>> 3;
-                rest = r % 8;
-                r += w;
-                f = (r + 7) >>> 3;
-                big8 = 0;
-                ii = 0;
-                for (int j = s; j < f; j++)
-                {
-                    big8 ^= (messPart[j] & 0xff) << (ii << 3);
-                    ii++;
-                }
-                big8 >>>= rest;
-                // count necessary hashs in 'sumH'
-                sumH += (big8 & k);
-
-            }
-            // rest of message part
-            s = r >>> 3;
-            if (s < mdsize)
-            {
-                rest = r % 8;
-                big8 = 0;
-                ii = 0;
-                for (int j = s; j < mdsize; j++)
-                {
-                    big8 ^= (messPart[j] & 0xff) << (ii << 3);
-                    ii++;
-                }
-
-                big8 >>>= rest;
-                // count necessary hashs in 'sumH'
-                sumH += (big8 & k);
-            }
-            // checksum part
-            this.checksum = (messagesize << w) - sumH;
-            checkPart = checksum;
-            // count necessary hashs in 'sumH'
-            for (int i = 0; i < checksumsize; i += w)
-            {
-                sumH += (checkPart & k);
-                checkPart >>>= w;
-            }
-        }// end if(w<57)
-
-        // calculate keysize
-        this.keysize = messagesize
-            + (int)Math.ceil((double)checksumsize / (double)w);
-
-        // calculate steps: 'keysize' times PRNG, 'sumH' times hashing,
-        // (1<<height)-1 updateSign() calls
-        this.steps = (int)Math.ceil((double)(keysize + sumH)
-            / (double)((1 << height)));
-        // ----------------------------
-
-        // reset variables
-        this.sign = new byte[keysize * mdsize];
-        this.counter = 0;
-        this.test = 0;
-        this.ii = 0;
-        this.test8 = 0;
-        this.r = 0;
-        // define the private key messagesize
-        this.privateKeyOTS = new byte[mdsize];
-        // copy the seed
-        this.seed = new byte[mdsize];
-        System.arraycopy(seed0, 0, this.seed, 0, mdsize);
-
-    }
-
-    /**
-     * This Method performs <code>steps</code> steps of distributed signature
-     * calculaion
-     *
-     * @return true if signature is generated completly, else false
-     */
-    public boolean updateSign()
-    {
-        // steps times do
-
-        for (int s = 0; s < steps; s++)
-        { // do 'step' times
-
-            if (counter < keysize)
-            { // generate the private key or perform
-                // the next hash
-                oneStep();
-            }
-            if (counter == keysize)
-            {// finish
-                return true;
-            }
-        }
-
-        return false; // leaf not finished yet
-    }
-
-    /**
-     * @return The private OTS key
-     */
-    public byte[] getSig()
-    {
-
-        return sign;
-    }
-
-    /**
-     * @return The one-time signature of the message, generated step by step
-     */
-    private void oneStep()
-    {
-        // -------- if (8 % w == 0) ----------
-        if (8 % w == 0)
-        {
-            if (test == 0)
-            {
-                // get current OTSprivateKey
-                this.privateKeyOTS = gmssRandom.nextSeed(seed);
-                // System.arraycopy(privateKeyOTS, 0, hlp, 0, mdsize);
-
-                if (ii < mdsize)
-                { // for main message part
-                    test = hash[ii] & k;
-                    hash[ii] = (byte)(hash[ii] >>> w);
-                }
-                else
-                { // for checksum part
-                    test = checksum & k;
-                    checksum >>>= w;
-                }
-            }
-            else if (test > 0)
-            { // hash the private Key 'test' times (on
-                // time each step)
-                messDigestOTS.update(privateKeyOTS, 0, privateKeyOTS.length);
-                privateKeyOTS = new byte[messDigestOTS.getDigestSize()];
-                messDigestOTS.doFinal(privateKeyOTS, 0);
-                test--;
-            }
-            if (test == 0)
-            { // if all hashes done copy result to siganture
-                // array
-                System.arraycopy(privateKeyOTS, 0, sign, counter * mdsize,
-                    mdsize);
-                counter++;
-
-                if (counter % (8 / w) == 0)
-                { // raise array index for main
-                    // massage part
-                    ii++;
-                }
-            }
-
-        }// ----- end if (8 % w == 0) -----
-        // ---------- if ( w < 8 ) ----------------
-        else if (w < 8)
-        {
-
-            if (test == 0)
-            {
-                if (counter % 8 == 0 && ii < mdsize)
-                { // after every 8th "add
-                    // to signature"-step
-                    big8 = 0;
-                    if (counter < ((mdsize / w) << 3))
-                    {// main massage
-                        // (generate w*8 Bits
-                        // every time) part
-                        for (int j = 0; j < w; j++)
-                        {
-                            big8 ^= (hash[ii] & 0xff) << (j << 3);
-                            ii++;
-                        }
-                    }
-                    else
-                    { // rest of massage part (once)
-                        for (int j = 0; j < mdsize % w; j++)
-                        {
-                            big8 ^= (hash[ii] & 0xff) << (j << 3);
-                            ii++;
-                        }
-                    }
-                }
-                if (counter == messagesize)
-                { // checksum part (once)
-                    big8 = checksum;
-                }
-
-                test = (int)(big8 & k);
-                // generate current OTSprivateKey
-                this.privateKeyOTS = gmssRandom.nextSeed(seed);
-                // System.arraycopy(privateKeyOTS, 0, hlp, 0, mdsize);
-
-            }
-            else if (test > 0)
-            { // hash the private Key 'test' times (on
-                // time each step)
-                messDigestOTS.update(privateKeyOTS, 0, privateKeyOTS.length);
-                privateKeyOTS = new byte[messDigestOTS.getDigestSize()];
-                messDigestOTS.doFinal(privateKeyOTS, 0);
-                test--;
-            }
-            if (test == 0)
-            { // if all hashes done copy result to siganture
-                // array
-                System.arraycopy(privateKeyOTS, 0, sign, counter * mdsize,
-                    mdsize);
-                big8 >>>= w;
-                counter++;
-            }
-
-        }// ------- end if(w<8)--------------------------------
-        // --------- if w < 57 -----------------------------
-        else if (w < 57)
-        {
-
-            if (test8 == 0)
-            {
-                int s, f, rest;
-                big8 = 0;
-                ii = 0;
-                rest = r % 8;
-                s = r >>> 3;
-                // --- message part---
-                if (s < mdsize)
-                {
-                    if (r <= ((mdsize << 3) - w))
-                    { // first message part
-                        r += w;
-                        f = (r + 7) >>> 3;
-                    }
-                    else
-                    { // rest of message part (once)
-                        f = mdsize;
-                        r += w;
-                    }
-                    // generate long 'big8' with minimum w next bits of the
-                    // message array
-                    for (int i = s; i < f; i++)
-                    {
-                        big8 ^= (hash[i] & 0xff) << (ii << 3);
-                        ii++;
-                    }
-                    // delete bits on the right side, which were used already by
-                    // the last loop
-                    big8 >>>= rest;
-                    test8 = (big8 & k);
-                }
-                // --- checksum part
-                else
-                {
-                    test8 = (checksum & k);
-                    checksum >>>= w;
-                }
-                // generate current OTSprivateKey
-                this.privateKeyOTS = gmssRandom.nextSeed(seed);
-                // System.arraycopy(privateKeyOTS, 0, hlp, 0, mdsize);
-
-            }
-            else if (test8 > 0)
-            { // hash the private Key 'test' times (on
-                // time each step)
-                messDigestOTS.update(privateKeyOTS, 0, privateKeyOTS.length);
-                privateKeyOTS = new byte[messDigestOTS.getDigestSize()];
-                messDigestOTS.doFinal(privateKeyOTS, 0);
-                test8--;
-            }
-            if (test8 == 0)
-            { // if all hashes done copy result to siganture
-                // array
-                System.arraycopy(privateKeyOTS, 0, sign, counter * mdsize,
-                    mdsize);
-                counter++;
-            }
-
-        }
-    }
-
-    /**
-     * This method returns the least integer that is greater or equal to the
-     * logarithm to the base 2 of an integer <code>intValue</code>.
-     *
-     * @param intValue an integer
-     * @return The least integer greater or equal to the logarithm to the base 2
-     *         of <code>intValue</code>
-     */
-    public int getLog(int intValue)
-    {
-        int log = 1;
-        int i = 2;
-        while (i < intValue)
-        {
-            i <<= 1;
-            log++;
-        }
-        return log;
-    }
-
-    /**
-     * This method returns the status byte array
-     *
-     * @return statBytes
-     */
-    public byte[][] getStatByte()
-    {
-
-        byte[][] statByte = new byte[5][mdsize];
-        statByte[0] = privateKeyOTS;
-        statByte[1] = seed;
-        statByte[2] = hash;
-        statByte[3] = sign;
-        statByte[4] = this.getStatLong();
-
-        return statByte;
-    }
-
-    /**
-     * This method returns the status int array
-     *
-     * @return statInt
-     */
-    public int[] getStatInt()
-    {
-        int[] statInt = new int[9];
-        statInt[0] = counter;
-        statInt[1] = test;
-        statInt[2] = ii;
-        statInt[3] = r;
-        statInt[4] = steps;
-        statInt[5] = keysize;
-        statInt[6] = height;
-        statInt[7] = w;
-        statInt[8] = checksum;
-        return statInt;
-    }
-
-    /**
-     * Converts the long parameters into byte arrays to store it in
-     * statByte-Array
-     */
-    public byte[] getStatLong()
-    {
-        byte[] bytes = new byte[16];
-
-        bytes[0] = (byte)((test8) & 0xff);
-        bytes[1] = (byte)((test8 >> 8) & 0xff);
-        bytes[2] = (byte)((test8 >> 16) & 0xff);
-        bytes[3] = (byte)((test8 >> 24) & 0xff);
-        bytes[4] = (byte)((test8) >> 32 & 0xff);
-        bytes[5] = (byte)((test8 >> 40) & 0xff);
-        bytes[6] = (byte)((test8 >> 48) & 0xff);
-        bytes[7] = (byte)((test8 >> 56) & 0xff);
-
-        bytes[8] = (byte)((big8) & 0xff);
-        bytes[9] = (byte)((big8 >> 8) & 0xff);
-        bytes[10] = (byte)((big8 >> 16) & 0xff);
-        bytes[11] = (byte)((big8 >> 24) & 0xff);
-        bytes[12] = (byte)((big8) >> 32 & 0xff);
-        bytes[13] = (byte)((big8 >> 40) & 0xff);
-        bytes[14] = (byte)((big8 >> 48) & 0xff);
-        bytes[15] = (byte)((big8 >> 56) & 0xff);
-
-        return bytes;
-    }
-
-    /**
-     * returns a string representation of the instance
-     *
-     * @return a string representation of the instance
-     */
-    public String toString()
-    {
-        String out = "" + this.big8 + "  ";
-        int[] statInt = new int[9];
-        statInt = this.getStatInt();
-        byte[][] statByte = new byte[5][mdsize];
-        statByte = this.getStatByte();
-        for (int i = 0; i < 9; i++)
-        {
-            out = out + statInt[i] + " ";
-        }
-        for (int i = 0; i < 5; i++)
-        {
-            out = out + new String(Hex.encode(statByte[i])) + " ";
-        }
-
-        return out;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSSigner.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSSigner.java
deleted file mode 100644
index c7ab75c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSSigner.java
+++ /dev/null

@@ -1,404 +0,0 @@
-package org.bouncycastle.pqc.crypto.gmss;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.pqc.crypto.MessageSigner;
-import org.bouncycastle.pqc.crypto.gmss.util.GMSSRandom;
-import org.bouncycastle.pqc.crypto.gmss.util.GMSSUtil;
-import org.bouncycastle.pqc.crypto.gmss.util.WinternitzOTSVerify;
-import org.bouncycastle.pqc.crypto.gmss.util.WinternitzOTSignature;
-import org.bouncycastle.util.Arrays;
-
-/**
- * This class implements the GMSS signature scheme.
- */
-public class GMSSSigner
-    implements MessageSigner
-{
-
-    /**
-     * Instance of GMSSParameterSpec
-     */
-    //private GMSSParameterSpec gmssParameterSpec;
-
-    /**
-     * Instance of GMSSUtilities
-     */
-    private GMSSUtil gmssUtil = new GMSSUtil();
-
-
-    /**
-     * The raw GMSS public key
-     */
-    private byte[] pubKeyBytes;
-
-    /**
-     * Hash function for the construction of the authentication trees
-     */
-    private Digest messDigestTrees;
-
-    /**
-     * The length of the hash function output
-     */
-    private int mdLength;
-
-    /**
-     * The number of tree layers
-     */
-    private int numLayer;
-
-    /**
-     * The hash function used by the OTS
-     */
-    private Digest messDigestOTS;
-
-    /**
-     * An instance of the Winternitz one-time signature
-     */
-    private WinternitzOTSignature ots;
-
-    /**
-     * Array of strings containing the name of the hash function used by the OTS
-     * and the corresponding provider name
-     */
-    private GMSSDigestProvider digestProvider;
-
-    /**
-     * The current main tree and subtree indices
-     */
-    private int[] index;
-
-    /**
-     * Array of the authentication paths for the current trees of all layers
-     */
-    private byte[][][] currentAuthPaths;
-
-    /**
-     * The one-time signature of the roots of the current subtrees
-     */
-    private byte[][] subtreeRootSig;
-
-
-    /**
-     * The GMSSParameterset
-     */
-    private GMSSParameters gmssPS;
-
-    /**
-     * The PRNG
-     */
-    private GMSSRandom gmssRandom;
-
-    GMSSKeyParameters key;
-
-    // XXX needed? Source of randomness
-    private SecureRandom random;
-
-
-    /**
-     * The standard constructor tries to generate the MerkleTree Algorithm
-     * identifier with the corresponding OID.
-     *
-     * @param digest     the digest to use
-     */
-    // TODO
-    public GMSSSigner(GMSSDigestProvider digest)
-    {
-        digestProvider = digest;
-        messDigestTrees = digest.get();
-        messDigestOTS = messDigestTrees;
-        mdLength = messDigestTrees.getDigestSize();
-        gmssRandom = new GMSSRandom(messDigestTrees);
-    }
-
-    public void init(boolean forSigning,
-                     CipherParameters param)
-    {
-
-        if (forSigning)
-        {
-            if (param instanceof ParametersWithRandom)
-            {
-                ParametersWithRandom rParam = (ParametersWithRandom)param;
-
-                // XXX random needed?
-                this.random = rParam.getRandom();
-                this.key = (GMSSPrivateKeyParameters)rParam.getParameters();
-                initSign();
-
-            }
-            else
-            {
-
-                this.random = CryptoServicesRegistrar.getSecureRandom();
-                this.key = (GMSSPrivateKeyParameters)param;
-                initSign();
-            }
-        }
-        else
-        {
-            this.key = (GMSSPublicKeyParameters)param;
-            initVerify();
-
-        }
-
-    }
-
-
-    /**
-     * Initializes the signature algorithm for signing a message.
-     */
-    private void initSign()
-    {
-        messDigestTrees.reset();
-        // set private key and take from it ots key, auth, tree and key
-        // counter, rootSign
-        GMSSPrivateKeyParameters gmssPrivateKey = (GMSSPrivateKeyParameters)key;
-
-        if (gmssPrivateKey.isUsed())
-        {
-            throw new IllegalStateException("Private key already used");
-        }
-
-        // check if last signature has been generated
-        if (gmssPrivateKey.getIndex(0) >= gmssPrivateKey.getNumLeafs(0))
-        {
-            throw new IllegalStateException("No more signatures can be generated");
-        }
-
-        // get Parameterset
-        this.gmssPS = gmssPrivateKey.getParameters();
-        // get numLayer
-        this.numLayer = gmssPS.getNumOfLayers();
-
-        // get OTS Instance of lowest layer
-        byte[] seed = gmssPrivateKey.getCurrentSeeds()[numLayer - 1];
-        byte[] OTSSeed = new byte[mdLength];
-        byte[] dummy = new byte[mdLength];
-        System.arraycopy(seed, 0, dummy, 0, mdLength);
-        OTSSeed = gmssRandom.nextSeed(dummy); // secureRandom.nextBytes(currentSeeds[currentSeeds.length-1]);secureRandom.nextBytes(OTSseed);
-        this.ots = new WinternitzOTSignature(OTSSeed, digestProvider.get(), gmssPS.getWinternitzParameter()[numLayer - 1]);
-
-        byte[][][] helpCurrentAuthPaths = gmssPrivateKey.getCurrentAuthPaths();
-        currentAuthPaths = new byte[numLayer][][];
-
-        // copy the main tree authentication path
-        for (int j = 0; j < numLayer; j++)
-        {
-            currentAuthPaths[j] = new byte[helpCurrentAuthPaths[j].length][mdLength];
-            for (int i = 0; i < helpCurrentAuthPaths[j].length; i++)
-            {
-                System.arraycopy(helpCurrentAuthPaths[j][i], 0, currentAuthPaths[j][i], 0, mdLength);
-            }
-        }
-
-        // copy index
-        index = new int[numLayer];
-        System.arraycopy(gmssPrivateKey.getIndex(), 0, index, 0, numLayer);
-
-        // copy subtreeRootSig
-        byte[] helpSubtreeRootSig;
-        subtreeRootSig = new byte[numLayer - 1][];
-        for (int i = 0; i < numLayer - 1; i++)
-        {
-            helpSubtreeRootSig = gmssPrivateKey.getSubtreeRootSig(i);
-            subtreeRootSig[i] = new byte[helpSubtreeRootSig.length];
-            System.arraycopy(helpSubtreeRootSig, 0, subtreeRootSig[i], 0, helpSubtreeRootSig.length);
-        }
-
-        gmssPrivateKey.markUsed();
-    }
-
-    /**
-     * Signs a message.
-     *
-     * @return the signature.
-     */
-    public byte[] generateSignature(byte[] message)
-    {
-
-        byte[] otsSig = new byte[mdLength];
-        byte[] authPathBytes;
-        byte[] indexBytes;
-
-        otsSig = ots.getSignature(message);
-
-        // get concatenated lowest layer tree authentication path
-        authPathBytes = gmssUtil.concatenateArray(currentAuthPaths[numLayer - 1]);
-
-        // put lowest layer index into a byte array
-        indexBytes = gmssUtil.intToBytesLittleEndian(index[numLayer - 1]);
-
-        // create first part of GMSS signature
-        byte[] gmssSigFirstPart = new byte[indexBytes.length + otsSig.length + authPathBytes.length];
-        System.arraycopy(indexBytes, 0, gmssSigFirstPart, 0, indexBytes.length);
-        System.arraycopy(otsSig, 0, gmssSigFirstPart, indexBytes.length, otsSig.length);
-        System.arraycopy(authPathBytes, 0, gmssSigFirstPart, (indexBytes.length + otsSig.length), authPathBytes.length);
-        // --- end first part
-
-        // --- next parts of the signature
-        // create initial array with length 0 for iteration
-        byte[] gmssSigNextPart = new byte[0];
-
-        for (int i = numLayer - 1 - 1; i >= 0; i--)
-        {
-
-            // get concatenated next tree authentication path
-            authPathBytes = gmssUtil.concatenateArray(currentAuthPaths[i]);
-
-            // put next tree index into a byte array
-            indexBytes = gmssUtil.intToBytesLittleEndian(index[i]);
-
-            // create next part of GMSS signature
-
-            // create help array and copy actual gmssSig into it
-            byte[] helpGmssSig = new byte[gmssSigNextPart.length];
-            System.arraycopy(gmssSigNextPart, 0, helpGmssSig, 0, gmssSigNextPart.length);
-            // adjust length of gmssSigNextPart for adding next part
-            gmssSigNextPart = new byte[helpGmssSig.length + indexBytes.length + subtreeRootSig[i].length + authPathBytes.length];
-
-            // copy old data (help array) and new data in gmssSigNextPart
-            System.arraycopy(helpGmssSig, 0, gmssSigNextPart, 0, helpGmssSig.length);
-            System.arraycopy(indexBytes, 0, gmssSigNextPart, helpGmssSig.length, indexBytes.length);
-            System.arraycopy(subtreeRootSig[i], 0, gmssSigNextPart, (helpGmssSig.length + indexBytes.length), subtreeRootSig[i].length);
-            System.arraycopy(authPathBytes, 0, gmssSigNextPart, (helpGmssSig.length + indexBytes.length + subtreeRootSig[i].length), authPathBytes.length);
-
-        }
-        // --- end next parts
-
-        // concatenate the two parts of the GMSS signature
-        byte[] gmssSig = new byte[gmssSigFirstPart.length + gmssSigNextPart.length];
-        System.arraycopy(gmssSigFirstPart, 0, gmssSig, 0, gmssSigFirstPart.length);
-        System.arraycopy(gmssSigNextPart, 0, gmssSig, gmssSigFirstPart.length, gmssSigNextPart.length);
-
-        // return the GMSS signature
-        return gmssSig;
-    }
-
-    /**
-     * Initializes the signature algorithm for verifying a signature.
-     */
-    private void initVerify()
-    {
-        messDigestTrees.reset();
-
-        GMSSPublicKeyParameters gmssPublicKey = (GMSSPublicKeyParameters)key;
-        pubKeyBytes = gmssPublicKey.getPublicKey();
-        gmssPS = gmssPublicKey.getParameters();
-        // get numLayer
-        this.numLayer = gmssPS.getNumOfLayers();
-
-
-    }
-
-    /**
-     * This function verifies the signature of the message that has been
-     * updated, with the aid of the public key.
-     *
-     * @param message the message
-     * @param signature the signature associated with the message
-     * @return true if the signature has been verified, false otherwise.
-     */
-    public boolean verifySignature(byte[] message, byte[] signature)
-    {
-
-        boolean success = false;
-        // int halfSigLength = signature.length >>> 1;
-        messDigestOTS.reset();
-        WinternitzOTSVerify otsVerify;
-        int otsSigLength;
-
-        byte[] help = message;
-
-        byte[] otsSig;
-        byte[] otsPublicKey;
-        byte[][] authPath;
-        byte[] dest;
-        int nextEntry = 0;
-        int index;
-        // Verify signature
-
-        // --- begin with message = 'message that was signed'
-        // and then in each step message = subtree root
-        for (int j = numLayer - 1; j >= 0; j--)
-        {
-            otsVerify = new WinternitzOTSVerify(digestProvider.get(), gmssPS.getWinternitzParameter()[j]);
-            otsSigLength = otsVerify.getSignatureLength();
-
-            message = help;
-            // get the subtree index
-            index = gmssUtil.bytesToIntLittleEndian(signature, nextEntry);
-
-            // 4 is the number of bytes in integer
-            nextEntry += 4;
-
-            // get one-time signature
-            otsSig = new byte[otsSigLength];
-            System.arraycopy(signature, nextEntry, otsSig, 0, otsSigLength);
-            nextEntry += otsSigLength;
-
-            // compute public OTS key from the one-time signature
-            otsPublicKey = otsVerify.Verify(message, otsSig);
-
-            // test if OTSsignature is correct
-            if (otsPublicKey == null)
-            {
-                System.err.println("OTS Public Key is null in GMSSSignature.verify");
-                return false;
-            }
-
-            // get authentication path from the signature
-            authPath = new byte[gmssPS.getHeightOfTrees()[j]][mdLength];
-            for (int i = 0; i < authPath.length; i++)
-            {
-                System.arraycopy(signature, nextEntry, authPath[i], 0, mdLength);
-                nextEntry = nextEntry + mdLength;
-            }
-
-            // compute the root of the subtree from the authentication path
-            help = new byte[mdLength];
-
-            help = otsPublicKey;
-
-            int count = 1 << authPath.length;
-            count = count + index;
-
-            for (int i = 0; i < authPath.length; i++)
-            {
-                dest = new byte[mdLength << 1];
-
-                if ((count % 2) == 0)
-                {
-                    System.arraycopy(help, 0, dest, 0, mdLength);
-                    System.arraycopy(authPath[i], 0, dest, mdLength, mdLength);
-                    count = count / 2;
-                }
-                else
-                {
-                    System.arraycopy(authPath[i], 0, dest, 0, mdLength);
-                    System.arraycopy(help, 0, dest, mdLength, help.length);
-                    count = (count - 1) / 2;
-                }
-                messDigestTrees.update(dest, 0, dest.length);
-                help = new byte[messDigestTrees.getDigestSize()];
-                messDigestTrees.doFinal(help, 0);
-            }
-        }
-
-        // now help contains the root of the maintree
-
-        // test if help is equal to the GMSS public key
-        if (Arrays.areEqual(pubKeyBytes, help))
-        {
-            success = true;
-        }
-
-        return success;
-    }
-
-
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSStateAwareSigner.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSStateAwareSigner.java
deleted file mode 100644
index 77fe25a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSStateAwareSigner.java
+++ /dev/null

@@ -1,86 +0,0 @@
-package org.bouncycastle.pqc.crypto.gmss;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.pqc.crypto.StateAwareMessageSigner;
-import org.bouncycastle.util.Memoable;
-
-/**
- * This class implements the GMSS signature scheme, but allows multiple signatures to be generated.
- * <p>
- *     Note:  getUpdatedPrivateKey() needs to be called to fetch the current value of the usable private key.
- * </p>
- */
-public class GMSSStateAwareSigner
-    implements StateAwareMessageSigner
-{
-    private final GMSSSigner gmssSigner;
-
-    private GMSSPrivateKeyParameters key;
-
-    public GMSSStateAwareSigner(final Digest digest)
-    {
-        if (!(digest instanceof Memoable))
-        {
-            throw new IllegalArgumentException("digest must implement Memoable");
-        }
-
-        final Memoable dig = ((Memoable)digest).copy();
-        gmssSigner = new GMSSSigner(new GMSSDigestProvider()
-        {
-            public Digest get()
-            {
-                return (Digest)dig.copy();
-            }
-        });
-    }
-
-    public void init(boolean forSigning, CipherParameters param)
-    {
-        if (forSigning)
-        {
-            if (param instanceof ParametersWithRandom)
-            {
-                ParametersWithRandom rParam = (ParametersWithRandom)param;
-
-                this.key = (GMSSPrivateKeyParameters)rParam.getParameters();
-            }
-            else
-            {
-                this.key = (GMSSPrivateKeyParameters)param;
-            }
-        }
-
-        gmssSigner.init(forSigning, param);
-    }
-
-    public byte[] generateSignature(byte[] message)
-    {
-        if (key == null)
-        {
-            throw new IllegalStateException("signing key no longer usable");
-        }
-        
-        byte[] sig = gmssSigner.generateSignature(message);
-
-        key = key.nextKey();
-
-        return sig;
-    }
-
-    public boolean verifySignature(byte[] message, byte[] signature)
-    {
-        return gmssSigner.verifySignature(message, signature);
-    }
-
-    public AsymmetricKeyParameter getUpdatedPrivateKey()
-    {
-        AsymmetricKeyParameter k = key;
-
-        key = null;
-
-        return k;
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSUtils.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSUtils.java
deleted file mode 100644
index 9d28951..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/GMSSUtils.java
+++ /dev/null

@@ -1,145 +0,0 @@
-package org.bouncycastle.pqc.crypto.gmss;
-
-import java.util.Enumeration;
-import java.util.Vector;
-
-import org.bouncycastle.util.Arrays;
-
-class GMSSUtils
-{
-    static GMSSLeaf[] clone(GMSSLeaf[] data)
-    {
-        if (data == null)
-        {
-            return null;
-        }
-        GMSSLeaf[] copy = new GMSSLeaf[data.length];
-
-        System.arraycopy(data, 0, copy, 0, data.length);
-
-        return copy;
-    }
-
-    static GMSSRootCalc[] clone(GMSSRootCalc[] data)
-    {
-        if (data == null)
-        {
-            return null;
-        }
-        GMSSRootCalc[] copy = new GMSSRootCalc[data.length];
-
-        System.arraycopy(data, 0, copy, 0, data.length);
-
-        return copy;
-    }
-
-    static GMSSRootSig[] clone(GMSSRootSig[] data)
-    {
-        if (data == null)
-        {
-            return null;
-        }
-        GMSSRootSig[] copy = new GMSSRootSig[data.length];
-
-        System.arraycopy(data, 0, copy, 0, data.length);
-
-        return copy;
-    }
-
-    static byte[][] clone(byte[][] data)
-    {
-        if (data == null)
-        {
-            return null;
-        }
-        byte[][] copy = new byte[data.length][];
-
-        for (int i = 0; i != data.length; i++)
-        {
-            copy[i] = Arrays.clone(data[i]);
-        }
-
-        return copy;
-    }
-
-    static byte[][][] clone(byte[][][] data)
-    {
-        if (data == null)
-        {
-            return null;
-        }
-        byte[][][] copy = new byte[data.length][][];
-
-        for (int i = 0; i != data.length; i++)
-        {
-            copy[i] = clone(data[i]);
-        }
-
-        return copy;
-    }
-
-    static Treehash[] clone(Treehash[] data)
-    {
-        if (data == null)
-        {
-            return null;
-        }
-        Treehash[] copy = new Treehash[data.length];
-
-        System.arraycopy(data, 0, copy, 0, data.length);
-
-        return copy;
-    }
-
-    static Treehash[][] clone(Treehash[][] data)
-    {
-        if (data == null)
-        {
-            return null;
-        }
-        Treehash[][] copy = new Treehash[data.length][];
-
-        for (int i = 0; i != data.length; i++)
-        {
-            copy[i] = clone(data[i]);
-        }
-
-        return copy;
-    }
-
-    static Vector[] clone(Vector[] data)
-    {
-        if (data == null)
-        {
-            return null;
-        }
-        Vector[] copy = new Vector[data.length];
-
-        for (int i = 0; i != data.length; i++)
-        {
-            copy[i] = new Vector();
-            for (Enumeration en = data[i].elements(); en.hasMoreElements();)
-            {
-                copy[i].addElement(en.nextElement());
-            }
-        }
-
-        return copy;
-    }
-
-    static Vector[][] clone(Vector[][] data)
-    {
-        if (data == null)
-        {
-            return null;
-        }
-        Vector[][] copy = new Vector[data.length][];
-
-        for (int i = 0; i != data.length; i++)
-        {
-            copy[i] = clone(data[i]);
-        }
-
-        return copy;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/Treehash.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/Treehash.java
deleted file mode 100644
index 797355c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/Treehash.java
+++ /dev/null

@@ -1,525 +0,0 @@
-package org.bouncycastle.pqc.crypto.gmss;
-
-import java.util.Vector;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.pqc.crypto.gmss.util.GMSSRandom;
-import org.bouncycastle.util.Integers;
-import org.bouncycastle.util.encoders.Hex;
-
-
-/**
- * This class implements a treehash instance for the Merkle tree traversal
- * algorithm. The first node of the stack is stored in this instance itself,
- * additional tail nodes are stored on a tailstack.
- */
-public class Treehash
-{
-
-    /**
-     * max height of current treehash instance.
-     */
-    private int maxHeight;
-
-    /**
-     * Vector element that stores the nodes on the stack
-     */
-    private Vector tailStack;
-
-    /**
-     * Vector element that stores the height of the nodes on the stack
-     */
-    private Vector heightOfNodes;
-
-    /**
-     * the first node is stored in the treehash instance itself, not on stack
-     */
-    private byte[] firstNode;
-
-    /**
-     * seedActive needed for the actual node
-     */
-    private byte[] seedActive;
-
-    /**
-     * the seed needed for the next re-initialization of the treehash instance
-     */
-    private byte[] seedNext;
-
-    /**
-     * number of nodes stored on the stack and belonging to this treehash
-     * instance
-     */
-    private int tailLength;
-
-    /**
-     * the height in the tree of the first node stored in treehash
-     */
-    private int firstNodeHeight;
-
-    /**
-     * true if treehash instance was already initialized, false otherwise
-     */
-    private boolean isInitialized;
-
-    /**
-     * true if the first node's height equals the maxHeight of the treehash
-     */
-    private boolean isFinished;
-
-    /**
-     * true if the nextSeed has been initialized with index 3*2^h needed for the
-     * seed scheduling
-     */
-    private boolean seedInitialized;
-
-    /**
-     * denotes the Message Digest used by the tree to create nodes
-     */
-    private Digest messDigestTree;
-
-    /**
-     * This constructor regenerates a prior treehash object
-     *
-     * @param name     an array of strings, containing the name of the used hash
-     *                 function and PRNG and the name of the corresponding provider
-     * @param statByte status bytes
-     * @param statInt  status ints
-     */
-    public Treehash(Digest name, byte[][] statByte, int[] statInt)
-    {
-        this.messDigestTree = name;
-
-        // decode statInt
-        this.maxHeight = statInt[0];
-        this.tailLength = statInt[1];
-        this.firstNodeHeight = statInt[2];
-
-        if (statInt[3] == 1)
-        {
-            this.isFinished = true;
-        }
-        else
-        {
-            this.isFinished = false;
-        }
-        if (statInt[4] == 1)
-        {
-            this.isInitialized = true;
-        }
-        else
-        {
-            this.isInitialized = false;
-        }
-        if (statInt[5] == 1)
-        {
-            this.seedInitialized = true;
-        }
-        else
-        {
-            this.seedInitialized = false;
-        }
-
-        this.heightOfNodes = new Vector();
-        for (int i = 0; i < tailLength; i++)
-        {
-            this.heightOfNodes.addElement(Integers.valueOf(statInt[6 + i]));
-        }
-
-        // decode statByte
-        this.firstNode = statByte[0];
-        this.seedActive = statByte[1];
-        this.seedNext = statByte[2];
-
-        this.tailStack = new Vector();
-        for (int i = 0; i < tailLength; i++)
-        {
-            this.tailStack.addElement(statByte[3 + i]);
-        }
-    }
-
-    /**
-     * Constructor
-     *
-     * @param tailStack a vector element where the stack nodes are stored
-     * @param maxHeight maximal height of the treehash instance
-     * @param digest    an array of strings, containing the name of the used hash
-     *                  function and PRNG and the name of the corresponding provider
-     */
-    public Treehash(Vector tailStack, int maxHeight, Digest digest)
-    {
-        this.tailStack = tailStack;
-        this.maxHeight = maxHeight;
-        this.firstNode = null;
-        this.isInitialized = false;
-        this.isFinished = false;
-        this.seedInitialized = false;
-        this.messDigestTree = digest;
-
-        this.seedNext = new byte[messDigestTree.getDigestSize()];
-        this.seedActive = new byte[messDigestTree.getDigestSize()];
-    }
-
-    /**
-     * Method to initialize the seeds needed for the precomputation of right
-     * nodes. Should be initialized with index 3*2^i for treehash_i
-     *
-     * @param seedIn
-     */
-    public void initializeSeed(byte[] seedIn)
-    {
-        System.arraycopy(seedIn, 0, this.seedNext, 0, this.messDigestTree
-            .getDigestSize());
-        this.seedInitialized = true;
-    }
-
-    /**
-     * initializes the treehash instance. The seeds must already have been
-     * initialized to work correctly.
-     */
-    public void initialize()
-    {
-        if (!this.seedInitialized)
-        {
-            System.err.println("Seed " + this.maxHeight + " not initialized");
-            return;
-        }
-
-        this.heightOfNodes = new Vector();
-        this.tailLength = 0;
-        this.firstNode = null;
-        this.firstNodeHeight = -1;
-        this.isInitialized = true;
-        System.arraycopy(this.seedNext, 0, this.seedActive, 0, messDigestTree
-            .getDigestSize());
-    }
-
-    /**
-     * Calculates one update of the treehash instance, i.e. creates a new leaf
-     * and hashes if possible
-     *
-     * @param gmssRandom an instance of the PRNG
-     * @param leaf       The byte value of the leaf needed for the update
-     */
-    public void update(GMSSRandom gmssRandom, byte[] leaf)
-    {
-
-        if (this.isFinished)
-        {
-            System.err
-                .println("No more update possible for treehash instance!");
-            return;
-        }
-        if (!this.isInitialized)
-        {
-            System.err
-                .println("Treehash instance not initialized before update");
-            return;
-        }
-
-        byte[] help = new byte[this.messDigestTree.getDigestSize()];
-        int helpHeight = -1;
-
-        gmssRandom.nextSeed(this.seedActive);
-
-        // if treehash gets first update
-        if (this.firstNode == null)
-        {
-            this.firstNode = leaf;
-            this.firstNodeHeight = 0;
-        }
-        else
-        {
-            // store the new node in help array, do not push it on the stack
-            help = leaf;
-            helpHeight = 0;
-
-            // hash the nodes on the stack if possible
-            while (this.tailLength > 0
-                && helpHeight == ((Integer)heightOfNodes.lastElement())
-                .intValue())
-            {
-                // put top element of the stack and help node in array
-                // 'tobehashed'
-                // and hash them together, put result again in help array
-                byte[] toBeHashed = new byte[this.messDigestTree
-                    .getDigestSize() << 1];
-
-                // pop element from stack
-                System.arraycopy(this.tailStack.lastElement(), 0, toBeHashed,
-                    0, this.messDigestTree.getDigestSize());
-                this.tailStack.removeElementAt(this.tailStack.size() - 1);
-                this.heightOfNodes
-                    .removeElementAt(this.heightOfNodes.size() - 1);
-
-                System.arraycopy(help, 0, toBeHashed, this.messDigestTree
-                    .getDigestSize(), this.messDigestTree
-                    .getDigestSize());
-                messDigestTree.update(toBeHashed, 0, toBeHashed.length);
-                help = new byte[messDigestTree.getDigestSize()];
-                messDigestTree.doFinal(help, 0);
-
-                // increase help height, stack was reduced by one element
-                helpHeight++;
-                this.tailLength--;
-            }
-
-            // push the new node on the stack
-            this.tailStack.addElement(help);
-            this.heightOfNodes.addElement(Integers.valueOf(helpHeight));
-            this.tailLength++;
-
-            // finally check whether the top node on stack and the first node
-            // in treehash have same height. If so hash them together
-            // and store them in treehash
-            if (((Integer)heightOfNodes.lastElement()).intValue() == this.firstNodeHeight)
-            {
-                byte[] toBeHashed = new byte[this.messDigestTree
-                    .getDigestSize() << 1];
-                System.arraycopy(this.firstNode, 0, toBeHashed, 0,
-                    this.messDigestTree.getDigestSize());
-
-                // pop element from tailStack and copy it into help2 array
-                System.arraycopy(this.tailStack.lastElement(), 0, toBeHashed,
-                    this.messDigestTree.getDigestSize(),
-                    this.messDigestTree.getDigestSize());
-                this.tailStack.removeElementAt(this.tailStack.size() - 1);
-                this.heightOfNodes
-                    .removeElementAt(this.heightOfNodes.size() - 1);
-
-                // store new element in firstNode, stack is then empty
-                messDigestTree.update(toBeHashed, 0, toBeHashed.length);
-                this.firstNode = new byte[messDigestTree.getDigestSize()];
-                messDigestTree.doFinal(this.firstNode, 0);
-                this.firstNodeHeight++;
-
-                // empty the stack
-                this.tailLength = 0;
-            }
-        }
-
-        // check if treehash instance is completed
-        if (this.firstNodeHeight == this.maxHeight)
-        {
-            this.isFinished = true;
-        }
-    }
-
-    /**
-     * Destroys a treehash instance after the top node was taken for
-     * authentication path.
-     */
-    public void destroy()
-    {
-        this.isInitialized = false;
-        this.isFinished = false;
-        this.firstNode = null;
-        this.tailLength = 0;
-        this.firstNodeHeight = -1;
-    }
-
-    /**
-     * Returns the height of the lowest node stored either in treehash or on the
-     * stack. It must not be set to infinity (as mentioned in the paper) because
-     * this cases are considered in the computeAuthPaths method of
-     * JDKGMSSPrivateKey
-     *
-     * @return Height of the lowest node
-     */
-    public int getLowestNodeHeight()
-    {
-        if (this.firstNode == null)
-        {
-            return this.maxHeight;
-        }
-        else if (this.tailLength == 0)
-        {
-            return this.firstNodeHeight;
-        }
-        else
-        {
-            return Math.min(this.firstNodeHeight, ((Integer)heightOfNodes
-                .lastElement()).intValue());
-        }
-    }
-
-    /**
-     * Returns the top node height
-     *
-     * @return Height of the first node, the top node
-     */
-    public int getFirstNodeHeight()
-    {
-        if (firstNode == null)
-        {
-            return maxHeight;
-        }
-        return firstNodeHeight;
-    }
-
-    /**
-     * Method to check whether the instance has been initialized or not
-     *
-     * @return true if treehash was already initialized
-     */
-    public boolean wasInitialized()
-    {
-        return this.isInitialized;
-    }
-
-    /**
-     * Method to check whether the instance has been finished or not
-     *
-     * @return true if treehash has reached its maximum height
-     */
-    public boolean wasFinished()
-    {
-        return this.isFinished;
-    }
-
-    /**
-     * returns the first node stored in treehash instance itself
-     *
-     * @return the first node stored in treehash instance itself
-     */
-    public byte[] getFirstNode()
-    {
-        return this.firstNode;
-    }
-
-    /**
-     * returns the active seed
-     *
-     * @return the active seed
-     */
-    public byte[] getSeedActive()
-    {
-        return this.seedActive;
-    }
-
-    /**
-     * This method sets the first node stored in the treehash instance itself
-     *
-     * @param hash
-     */
-    public void setFirstNode(byte[] hash)
-    {
-        if (!this.isInitialized)
-        {
-            this.initialize();
-        }
-        this.firstNode = hash;
-        this.firstNodeHeight = this.maxHeight;
-        this.isFinished = true;
-    }
-
-    /**
-     * updates the nextSeed of this treehash instance one step needed for the
-     * schedulng of the seeds
-     *
-     * @param gmssRandom the prng used for the seeds
-     */
-    public void updateNextSeed(GMSSRandom gmssRandom)
-    {
-        gmssRandom.nextSeed(seedNext);
-    }
-
-    /**
-     * Returns the tailstack
-     *
-     * @return the tailstack
-     */
-    public Vector getTailStack()
-    {
-        return this.tailStack;
-    }
-
-    /**
-     * Returns the status byte array used by the GMSSPrivateKeyASN.1 class
-     *
-     * @return The status bytes
-     */
-    public byte[][] getStatByte()
-    {
-
-        byte[][] statByte = new byte[3 + tailLength][this.messDigestTree
-            .getDigestSize()];
-        statByte[0] = firstNode;
-        statByte[1] = seedActive;
-        statByte[2] = seedNext;
-        for (int i = 0; i < tailLength; i++)
-        {
-            statByte[3 + i] = (byte[])tailStack.elementAt(i);
-        }
-        return statByte;
-    }
-
-    /**
-     * Returns the status int array used by the GMSSPrivateKeyASN.1 class
-     *
-     * @return The status ints
-     */
-    public int[] getStatInt()
-    {
-
-        int[] statInt = new int[6 + tailLength];
-        statInt[0] = maxHeight;
-        statInt[1] = tailLength;
-        statInt[2] = firstNodeHeight;
-        if (this.isFinished)
-        {
-            statInt[3] = 1;
-        }
-        else
-        {
-            statInt[3] = 0;
-        }
-        if (this.isInitialized)
-        {
-            statInt[4] = 1;
-        }
-        else
-        {
-            statInt[4] = 0;
-        }
-        if (this.seedInitialized)
-        {
-            statInt[5] = 1;
-        }
-        else
-        {
-            statInt[5] = 0;
-        }
-        for (int i = 0; i < tailLength; i++)
-        {
-            statInt[6 + i] = ((Integer)heightOfNodes.elementAt(i)).intValue();
-        }
-        return statInt;
-    }
-
-    /**
-     * returns a String representation of the treehash instance
-     */
-    public String toString()
-    {
-        String out = "Treehash    : ";
-        for (int i = 0; i < 6 + tailLength; i++)
-        {
-            out = out + this.getStatInt()[i] + " ";
-        }
-        for (int i = 0; i < 3 + tailLength; i++)
-        {
-            if (this.getStatByte()[i] != null)
-            {
-                out = out + new String(Hex.encode((this.getStatByte()[i]))) + " ";
-            }
-            else
-            {
-                out = out + "null ";
-            }
-        }
-        out = out + "  " + this.messDigestTree.getDigestSize();
-        return out;
-    }
-
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/util/GMSSRandom.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/util/GMSSRandom.java
deleted file mode 100644
index c6d3022..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/util/GMSSRandom.java
+++ /dev/null

@@ -1,78 +0,0 @@
-package org.bouncycastle.pqc.crypto.gmss.util;
-
-import org.bouncycastle.crypto.Digest;
-
-/**
- * This class provides a PRNG for GMSS
- */
-public class GMSSRandom
-{
-    /**
-     * Hash function for the construction of the authentication trees
-     */
-    private Digest messDigestTree;
-
-    /**
-     * Constructor
-     *
-     * @param messDigestTree2
-     */
-    public GMSSRandom(Digest messDigestTree2)
-    {
-
-        this.messDigestTree = messDigestTree2;
-    }
-
-    /**
-     * computes the next seed value, returns a random byte array and sets
-     * outseed to the next value
-     *
-     * @param outseed byte array in which ((1 + SEEDin +RAND) mod 2^n) will be
-     *                stored
-     * @return byte array of H(SEEDin)
-     */
-    public byte[] nextSeed(byte[] outseed)
-    {
-        // RAND <-- H(SEEDin)
-        byte[] rand = new byte[outseed.length];
-        messDigestTree.update(outseed, 0, outseed.length);
-        rand = new byte[messDigestTree.getDigestSize()];
-        messDigestTree.doFinal(rand, 0);
-
-        // SEEDout <-- (1 + SEEDin +RAND) mod 2^n
-        addByteArrays(outseed, rand);
-        addOne(outseed);
-
-        // System.arraycopy(outseed, 0, outseed, 0, outseed.length);
-
-        return rand;
-    }
-
-    private void addByteArrays(byte[] a, byte[] b)
-    {
-
-        byte overflow = 0;
-        int temp;
-
-        for (int i = 0; i < a.length; i++)
-        {
-            temp = (0xFF & a[i]) + (0xFF & b[i]) + overflow;
-            a[i] = (byte)temp;
-            overflow = (byte)(temp >> 8);
-        }
-    }
-
-    private void addOne(byte[] a)
-    {
-
-        byte overflow = 1;
-        int temp;
-
-        for (int i = 0; i < a.length; i++)
-        {
-            temp = (0xFF & a[i]) + overflow;
-            a[i] = (byte)temp;
-            overflow = (byte)(temp >> 8);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/util/GMSSUtil.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/util/GMSSUtil.java
deleted file mode 100644
index 80f8828..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/util/GMSSUtil.java
+++ /dev/null

@@ -1,151 +0,0 @@
-package org.bouncycastle.pqc.crypto.gmss.util;
-
-/**
- * This class provides several methods that are required by the GMSS classes.
- */
-public class GMSSUtil
-{
-    /**
-     * Converts a 32 bit integer into a byte array beginning at
-     * <code>offset</code> (little-endian representation)
-     *
-     * @param value the integer to convert
-     */
-    public byte[] intToBytesLittleEndian(int value)
-    {
-        byte[] bytes = new byte[4];
-
-        bytes[0] = (byte)((value) & 0xff);
-        bytes[1] = (byte)((value >> 8) & 0xff);
-        bytes[2] = (byte)((value >> 16) & 0xff);
-        bytes[3] = (byte)((value >> 24) & 0xff);
-        return bytes;
-    }
-
-    /**
-     * Converts a byte array beginning at <code>offset</code> into a 32 bit
-     * integer (little-endian representation)
-     *
-     * @param bytes the byte array
-     * @return The resulting integer
-     */
-    public int bytesToIntLittleEndian(byte[] bytes)
-    {
-
-        return ((bytes[0] & 0xff)) | ((bytes[1] & 0xff) << 8)
-            | ((bytes[2] & 0xff) << 16) | ((bytes[3] & 0xff)) << 24;
-    }
-
-    /**
-     * Converts a byte array beginning at <code>offset</code> into a 32 bit
-     * integer (little-endian representation)
-     *
-     * @param bytes  the byte array
-     * @param offset the integer offset into the byte array
-     * @return The resulting integer
-     */
-    public int bytesToIntLittleEndian(byte[] bytes, int offset)
-    {
-        return ((bytes[offset++] & 0xff)) | ((bytes[offset++] & 0xff) << 8)
-            | ((bytes[offset++] & 0xff) << 16)
-            | ((bytes[offset] & 0xff)) << 24;
-    }
-
-    /**
-     * This method concatenates a 2-dimensional byte array into a 1-dimensional
-     * byte array
-     *
-     * @param arraycp a 2-dimensional byte array.
-     * @return 1-dimensional byte array with concatenated input array
-     */
-    public byte[] concatenateArray(byte[][] arraycp)
-    {
-        byte[] dest = new byte[arraycp.length * arraycp[0].length];
-        int indx = 0;
-        for (int i = 0; i < arraycp.length; i++)
-        {
-            System.arraycopy(arraycp[i], 0, dest, indx, arraycp[i].length);
-            indx = indx + arraycp[i].length;
-        }
-        return dest;
-    }
-
-    /**
-     * This method prints the values of a 2-dimensional byte array
-     *
-     * @param text  a String
-     * @param array a 2-dimensional byte array
-     */
-    public void printArray(String text, byte[][] array)
-    {
-        System.out.println(text);
-        int counter = 0;
-        for (int i = 0; i < array.length; i++)
-        {
-            for (int j = 0; j < array[0].length; j++)
-            {
-                System.out.println(counter + "; " + array[i][j]);
-                counter++;
-            }
-        }
-    }
-
-    /**
-     * This method prints the values of a 1-dimensional byte array
-     *
-     * @param text  a String
-     * @param array a 1-dimensional byte array.
-     */
-    public void printArray(String text, byte[] array)
-    {
-        System.out.println(text);
-        int counter = 0;
-        for (int i = 0; i < array.length; i++)
-        {
-            System.out.println(counter + "; " + array[i]);
-            counter++;
-        }
-    }
-
-    /**
-     * This method tests if an integer is a power of 2.
-     *
-     * @param testValue an integer
-     * @return <code>TRUE</code> if <code>testValue</code> is a power of 2,
-     *         <code>FALSE</code> otherwise
-     */
-    public boolean testPowerOfTwo(int testValue)
-    {
-        int a = 1;
-        while (a < testValue)
-        {
-            a <<= 1;
-        }
-        if (testValue == a)
-        {
-            return true;
-        }
-
-        return false;
-    }
-
-    /**
-     * This method returns the least integer that is greater or equal to the
-     * logarithm to the base 2 of an integer <code>intValue</code>.
-     *
-     * @param intValue an integer
-     * @return The least integer greater or equal to the logarithm to the base 2
-     *         of <code>intValue</code>
-     */
-    public int getLog(int intValue)
-    {
-        int log = 1;
-        int i = 2;
-        while (i < intValue)
-        {
-            i <<= 1;
-            log++;
-        }
-        return log;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/util/WinternitzOTSVerify.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/util/WinternitzOTSVerify.java
deleted file mode 100644
index d012ce7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/util/WinternitzOTSVerify.java
+++ /dev/null

@@ -1,344 +0,0 @@
-package org.bouncycastle.pqc.crypto.gmss.util;
-
-import org.bouncycastle.crypto.Digest;
-
-/**
- * This class implements signature verification of the Winternitz one-time
- * signature scheme (OTSS), described in C.Dods, N.P. Smart, and M. Stam, "Hash
- * Based Digital Signature Schemes", LNCS 3796, pages 96&#8211;115, 2005. The
- * class is used by the GMSS classes.
- */
-public class WinternitzOTSVerify
-{
-
-    private Digest messDigestOTS;
-
-    /**
-     * The Winternitz parameter
-     */
-    private int w;
-
-    /**
-     * The constructor
-     *
-     * @param digest the name of the hash function used by the OTS and the provider
-     *               name of the hash function
-     * @param w      the Winternitz parameter
-     */
-    public WinternitzOTSVerify(Digest digest, int w)
-    {
-        this.w = w;
-
-        messDigestOTS = digest;
-    }
-
-    /**
-     * @return The length of the one-time signature
-     */
-    public int getSignatureLength()
-    {
-        int mdsize = messDigestOTS.getDigestSize();
-        int size = ((mdsize << 3) + (w - 1)) / w;
-        int logs = getLog((size << w) + 1);
-        size += (logs + w - 1) / w;
-
-        return mdsize * size;
-    }
-
-    /**
-     * This method computes the public OTS key from the one-time signature of a
-     * message. This is *NOT* a complete OTS signature verification, but it
-     * suffices for usage with CMSS.
-     *
-     * @param message   the message
-     * @param signature the one-time signature
-     * @return The public OTS key
-     */
-    public byte[] Verify(byte[] message, byte[] signature)
-    {
-
-        int mdsize = messDigestOTS.getDigestSize();
-        byte[] hash = new byte[mdsize]; // hash of message m
-
-        // create hash of message m
-        messDigestOTS.update(message, 0, message.length);
-        hash = new byte[messDigestOTS.getDigestSize()];
-        messDigestOTS.doFinal(hash, 0);
-
-        int size = ((mdsize << 3) + (w - 1)) / w;
-        int logs = getLog((size << w) + 1);
-        int keysize = size + (logs + w - 1) / w;
-
-        int testKeySize = mdsize * keysize;
-
-        if (testKeySize != signature.length)
-        {
-            return null;
-        }
-
-        byte[] testKey = new byte[testKeySize];
-
-        int c = 0;
-        int counter = 0;
-        int test;
-
-        if (8 % w == 0)
-        {
-            int d = 8 / w;
-            int k = (1 << w) - 1;
-            byte[] hlp = new byte[mdsize];
-
-            // verify signature
-            for (int i = 0; i < hash.length; i++)
-            {
-                for (int j = 0; j < d; j++)
-                {
-                    test = hash[i] & k;
-                    c += test;
-
-                    System.arraycopy(signature, counter * mdsize, hlp, 0, mdsize);
-
-                    while (test < k)
-                    {
-                        messDigestOTS.update(hlp, 0, hlp.length);
-                        hlp = new byte[messDigestOTS.getDigestSize()];
-                        messDigestOTS.doFinal(hlp, 0);
-                        test++;
-                    }
-
-                    System.arraycopy(hlp, 0, testKey, counter * mdsize, mdsize);
-                    hash[i] = (byte)(hash[i] >>> w);
-                    counter++;
-                }
-            }
-
-            c = (size << w) - c;
-            for (int i = 0; i < logs; i += w)
-            {
-                test = c & k;
-
-                System.arraycopy(signature, counter * mdsize, hlp, 0, mdsize);
-
-                while (test < k)
-                {
-                    messDigestOTS.update(hlp, 0, hlp.length);
-                    hlp = new byte[messDigestOTS.getDigestSize()];
-                    messDigestOTS.doFinal(hlp, 0);
-                    test++;
-                }
-                System.arraycopy(hlp, 0, testKey, counter * mdsize, mdsize);
-                c >>>= w;
-                counter++;
-            }
-        }
-        else if (w < 8)
-        {
-            int d = mdsize / w;
-            int k = (1 << w) - 1;
-            byte[] hlp = new byte[mdsize];
-            long big8;
-            int ii = 0;
-            // create signature
-            // first d*w bytes of hash
-            for (int i = 0; i < d; i++)
-            {
-                big8 = 0;
-                for (int j = 0; j < w; j++)
-                {
-                    big8 ^= (hash[ii] & 0xff) << (j << 3);
-                    ii++;
-                }
-                for (int j = 0; j < 8; j++)
-                {
-                    test = (int)(big8 & k);
-                    c += test;
-
-                    System.arraycopy(signature, counter * mdsize, hlp, 0, mdsize);
-
-                    while (test < k)
-                    {
-                        messDigestOTS.update(hlp, 0, hlp.length);
-                        hlp = new byte[messDigestOTS.getDigestSize()];
-                        messDigestOTS.doFinal(hlp, 0);
-                        test++;
-                    }
-
-                    System.arraycopy(hlp, 0, testKey, counter * mdsize, mdsize);
-                    big8 >>>= w;
-                    counter++;
-                }
-            }
-            // rest of hash
-            d = mdsize % w;
-            big8 = 0;
-            for (int j = 0; j < d; j++)
-            {
-                big8 ^= (hash[ii] & 0xff) << (j << 3);
-                ii++;
-            }
-            d <<= 3;
-            for (int j = 0; j < d; j += w)
-            {
-                test = (int)(big8 & k);
-                c += test;
-
-                System.arraycopy(signature, counter * mdsize, hlp, 0, mdsize);
-
-                while (test < k)
-                {
-                    messDigestOTS.update(hlp, 0, hlp.length);
-                    hlp = new byte[messDigestOTS.getDigestSize()];
-                    messDigestOTS.doFinal(hlp, 0);
-                    test++;
-                }
-
-                System.arraycopy(hlp, 0, testKey, counter * mdsize, mdsize);
-                big8 >>>= w;
-                counter++;
-            }
-
-            // check bytes
-            c = (size << w) - c;
-            for (int i = 0; i < logs; i += w)
-            {
-                test = c & k;
-
-                System.arraycopy(signature, counter * mdsize, hlp, 0, mdsize);
-
-                while (test < k)
-                {
-                    messDigestOTS.update(hlp, 0, hlp.length);
-                    hlp = new byte[messDigestOTS.getDigestSize()];
-                    messDigestOTS.doFinal(hlp, 0);
-                    test++;
-                }
-
-                System.arraycopy(hlp, 0, testKey, counter * mdsize, mdsize);
-                c >>>= w;
-                counter++;
-            }
-        }// end if(w<8)
-        else if (w < 57)
-        {
-            int d = (mdsize << 3) - w;
-            int k = (1 << w) - 1;
-            byte[] hlp = new byte[mdsize];
-            long big8, test8;
-            int r = 0;
-            int s, f, rest, ii;
-            // create signature
-            // first a*w bits of hash where a*w <= 8*mdsize < (a+1)*w
-            while (r <= d)
-            {
-                s = r >>> 3;
-                rest = r % 8;
-                r += w;
-                f = (r + 7) >>> 3;
-                big8 = 0;
-                ii = 0;
-                for (int j = s; j < f; j++)
-                {
-                    big8 ^= (hash[j] & 0xff) << (ii << 3);
-                    ii++;
-                }
-
-                big8 >>>= rest;
-                test8 = (big8 & k);
-                c += test8;
-
-                System.arraycopy(signature, counter * mdsize, hlp, 0, mdsize);
-
-                while (test8 < k)
-                {
-                    messDigestOTS.update(hlp, 0, hlp.length);
-                    hlp = new byte[messDigestOTS.getDigestSize()];
-                    messDigestOTS.doFinal(hlp, 0);
-                    test8++;
-                }
-
-                System.arraycopy(hlp, 0, testKey, counter * mdsize, mdsize);
-                counter++;
-
-            }
-            // rest of hash
-            s = r >>> 3;
-            if (s < mdsize)
-            {
-                rest = r % 8;
-                big8 = 0;
-                ii = 0;
-                for (int j = s; j < mdsize; j++)
-                {
-                    big8 ^= (hash[j] & 0xff) << (ii << 3);
-                    ii++;
-                }
-
-                big8 >>>= rest;
-                test8 = (big8 & k);
-                c += test8;
-
-                System.arraycopy(signature, counter * mdsize, hlp, 0, mdsize);
-
-                while (test8 < k)
-                {
-                    messDigestOTS.update(hlp, 0, hlp.length);
-                    hlp = new byte[messDigestOTS.getDigestSize()];
-                    messDigestOTS.doFinal(hlp, 0);
-                    test8++;
-                }
-
-                System.arraycopy(hlp, 0, testKey, counter * mdsize, mdsize);
-                counter++;
-            }
-            // check bytes
-            c = (size << w) - c;
-            for (int i = 0; i < logs; i += w)
-            {
-                test8 = (c & k);
-
-                System.arraycopy(signature, counter * mdsize, hlp, 0, mdsize);
-
-                while (test8 < k)
-                {
-                    messDigestOTS.update(hlp, 0, hlp.length);
-                    hlp = new byte[messDigestOTS.getDigestSize()];
-                    messDigestOTS.doFinal(hlp, 0);
-                    test8++;
-                }
-
-                System.arraycopy(hlp, 0, testKey, counter * mdsize, mdsize);
-                c >>>= w;
-                counter++;
-            }
-        }// end if(w<57)
-
-        byte[] TKey = new byte[mdsize];
-        messDigestOTS.update(testKey, 0, testKey.length);
-        TKey = new byte[messDigestOTS.getDigestSize()];
-        messDigestOTS.doFinal(TKey, 0);
-
-        return TKey;
-
-    }
-
-    /**
-     * This method returns the least integer that is greater or equal to the
-     * logarithm to the base 2 of an integer <code>intValue</code>.
-     *
-     * @param intValue an integer
-     * @return The least integer greater or equal to the logarithm to the base
-     *         256 of <code>intValue</code>
-     */
-    public int getLog(int intValue)
-    {
-        int log = 1;
-        int i = 2;
-        while (i < intValue)
-        {
-            i <<= 1;
-            log++;
-        }
-        return log;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/util/WinternitzOTSignature.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/util/WinternitzOTSignature.java
deleted file mode 100644
index 23bf3fa..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/gmss/util/WinternitzOTSignature.java
+++ /dev/null

@@ -1,404 +0,0 @@
-package org.bouncycastle.pqc.crypto.gmss.util;
-
-import org.bouncycastle.crypto.Digest;
-
-/**
- * This class implements key pair generation and signature generation of the
- * Winternitz one-time signature scheme (OTSS), described in C.Dods, N.P. Smart,
- * and M. Stam, "Hash Based Digital Signature Schemes", LNCS 3796, pages
- * 96&#8211;115, 2005. The class is used by the GMSS classes.
- */
-
-public class WinternitzOTSignature
-{
-
-    /**
-     * The hash function used by the OTS
-     */
-    private Digest messDigestOTS;
-
-    /**
-     * The length of the message digest and private key
-     */
-    private int mdsize, keysize;
-
-    /**
-     * An array of strings, containing the name of the used hash function, the
-     * name of the PRGN and the names of the corresponding providers
-     */
-    // private String[] name = new String[2];
-    /**
-     * The private key
-     */
-    private byte[][] privateKeyOTS;
-
-    /**
-     * The Winternitz parameter
-     */
-    private int w;
-
-    /**
-     * The source of randomness for OTS private key generation
-     */
-    private GMSSRandom gmssRandom;
-
-    /**
-     * Sizes of the message and the checksum, both
-     */
-    private int messagesize, checksumsize;
-
-    /**
-     * The constructor generates an OTS key pair, using <code>seed0</code> and
-     * the PRNG
-     *
-     * @param seed0    the seed for the PRGN
-     * @param digest an array of strings, containing the name of the used hash
-     *                 function, the name of the PRGN and the names of the
-     *                 corresponding providers
-     * @param w        the Winternitz parameter
-     */
-    public WinternitzOTSignature(byte[] seed0, Digest digest, int w)
-    {
-        // this.name = name;
-        this.w = w;
-
-        messDigestOTS = digest;
-
-        gmssRandom = new GMSSRandom(messDigestOTS);
-
-        // calulate keysize for private and public key and also the help
-        // array
-
-        mdsize = messDigestOTS.getDigestSize();
-        int mdsizeBit = mdsize << 3;
-        messagesize = (int)Math.ceil((double)(mdsizeBit) / (double)w);
-
-        checksumsize = getLog((messagesize << w) + 1);
-
-        keysize = messagesize
-            + (int)Math.ceil((double)checksumsize / (double)w);
-
-        /*
-           * mdsize = messDigestOTS.getDigestLength(); messagesize =
-           * ((mdsize<<3)+(w-1))/w;
-           *
-           * checksumsize = getlog((messagesize<<w)+1);
-           *
-           * keysize = messagesize + (checksumsize+w-1)/w;
-           */
-        // define the private key messagesize
-        privateKeyOTS = new byte[keysize][mdsize];
-
-        // gmssRandom.setSeed(seed0);
-        byte[] dummy = new byte[mdsize];
-        System.arraycopy(seed0, 0, dummy, 0, dummy.length);
-
-        // generate random bytes and
-        // assign them to the private key
-        for (int i = 0; i < keysize; i++)
-        {
-            privateKeyOTS[i] = gmssRandom.nextSeed(dummy);
-        }
-    }
-
-    /**
-     * @return The private OTS key
-     */
-    public byte[][] getPrivateKey()
-    {
-        return privateKeyOTS;
-    }
-
-    /**
-     * @return The public OTS key
-     */
-    public byte[] getPublicKey()
-    {
-        byte[] helppubKey = new byte[keysize * mdsize];
-
-        byte[] help = new byte[mdsize];
-        int two_power_t = 1 << w;
-
-        for (int i = 0; i < keysize; i++)
-        {
-            // hash w-1 time the private key and assign it to the public key
-            messDigestOTS.update(privateKeyOTS[i], 0, privateKeyOTS[i].length);
-            help = new byte[messDigestOTS.getDigestSize()];
-            messDigestOTS.doFinal(help, 0);
-            for (int j = 2; j < two_power_t; j++)
-            {
-                messDigestOTS.update(help, 0, help.length);
-                help = new byte[messDigestOTS.getDigestSize()];
-                messDigestOTS.doFinal(help, 0);
-            }
-            System.arraycopy(help, 0, helppubKey, mdsize * i, mdsize);
-        }
-
-        messDigestOTS.update(helppubKey, 0, helppubKey.length);
-        byte[] tmp = new byte[messDigestOTS.getDigestSize()];
-        messDigestOTS.doFinal(tmp, 0);
-        return tmp;
-    }
-
-    /**
-     * @return The one-time signature of the message, generated with the private
-     *         key
-     */
-    public byte[] getSignature(byte[] message)
-    {
-        byte[] sign = new byte[keysize * mdsize];
-        // byte [] message; // message m as input
-        byte[] hash = new byte[mdsize]; // hash of message m
-        int counter = 0;
-        int c = 0;
-        int test = 0;
-        // create hash of message m
-        messDigestOTS.update(message, 0, message.length);
-        hash = new byte[messDigestOTS.getDigestSize()];
-        messDigestOTS.doFinal(hash, 0);
-
-        if (8 % w == 0)
-        {
-            int d = 8 / w;
-            int k = (1 << w) - 1;
-            byte[] hlp = new byte[mdsize];
-
-            // create signature
-            for (int i = 0; i < hash.length; i++)
-            {
-                for (int j = 0; j < d; j++)
-                {
-                    test = hash[i] & k;
-                    c += test;
-
-                    System.arraycopy(privateKeyOTS[counter], 0, hlp, 0, mdsize);
-
-                    while (test > 0)
-                    {
-                        messDigestOTS.update(hlp, 0, hlp.length);
-                        hlp = new byte[messDigestOTS.getDigestSize()];
-                        messDigestOTS.doFinal(hlp, 0);
-                        test--;
-                    }
-                    System.arraycopy(hlp, 0, sign, counter * mdsize, mdsize);
-                    hash[i] = (byte)(hash[i] >>> w);
-                    counter++;
-                }
-            }
-
-            c = (messagesize << w) - c;
-            for (int i = 0; i < checksumsize; i += w)
-            {
-                test = c & k;
-
-                System.arraycopy(privateKeyOTS[counter], 0, hlp, 0, mdsize);
-
-                while (test > 0)
-                {
-                    messDigestOTS.update(hlp, 0, hlp.length);
-                    hlp = new byte[messDigestOTS.getDigestSize()];
-                    messDigestOTS.doFinal(hlp, 0);
-                    test--;
-                }
-                System.arraycopy(hlp, 0, sign, counter * mdsize, mdsize);
-                c >>>= w;
-                counter++;
-            }
-        }
-        else if (w < 8)
-        {
-            int d = mdsize / w;
-            int k = (1 << w) - 1;
-            byte[] hlp = new byte[mdsize];
-            long big8;
-            int ii = 0;
-            // create signature
-            // first d*w bytes of hash
-            for (int i = 0; i < d; i++)
-            {
-                big8 = 0;
-                for (int j = 0; j < w; j++)
-                {
-                    big8 ^= (hash[ii] & 0xff) << (j << 3);
-                    ii++;
-                }
-                for (int j = 0; j < 8; j++)
-                {
-                    test = (int)(big8 & k);
-                    c += test;
-
-                    System.arraycopy(privateKeyOTS[counter], 0, hlp, 0, mdsize);
-
-                    while (test > 0)
-                    {
-                        messDigestOTS.update(hlp, 0, hlp.length);
-                        hlp = new byte[messDigestOTS.getDigestSize()];
-                        messDigestOTS.doFinal(hlp, 0);
-                        test--;
-                    }
-                    System.arraycopy(hlp, 0, sign, counter * mdsize, mdsize);
-                    big8 >>>= w;
-                    counter++;
-                }
-            }
-            // rest of hash
-            d = mdsize % w;
-            big8 = 0;
-            for (int j = 0; j < d; j++)
-            {
-                big8 ^= (hash[ii] & 0xff) << (j << 3);
-                ii++;
-            }
-            d <<= 3;
-            for (int j = 0; j < d; j += w)
-            {
-                test = (int)(big8 & k);
-                c += test;
-
-                System.arraycopy(privateKeyOTS[counter], 0, hlp, 0, mdsize);
-
-                while (test > 0)
-                {
-                    messDigestOTS.update(hlp, 0, hlp.length);
-                    hlp = new byte[messDigestOTS.getDigestSize()];
-                    messDigestOTS.doFinal(hlp, 0);
-                    test--;
-                }
-                System.arraycopy(hlp, 0, sign, counter * mdsize, mdsize);
-                big8 >>>= w;
-                counter++;
-            }
-
-            // check bytes
-            c = (messagesize << w) - c;
-            for (int i = 0; i < checksumsize; i += w)
-            {
-                test = c & k;
-
-                System.arraycopy(privateKeyOTS[counter], 0, hlp, 0, mdsize);
-
-                while (test > 0)
-                {
-                    messDigestOTS.update(hlp, 0, hlp.length);
-                    hlp = new byte[messDigestOTS.getDigestSize()];
-                    messDigestOTS.doFinal(hlp, 0);
-                    test--;
-                }
-                System.arraycopy(hlp, 0, sign, counter * mdsize, mdsize);
-                c >>>= w;
-                counter++;
-            }
-        }// end if(w<8)
-        else if (w < 57)
-        {
-            int d = (mdsize << 3) - w;
-            int k = (1 << w) - 1;
-            byte[] hlp = new byte[mdsize];
-            long big8, test8;
-            int r = 0;
-            int s, f, rest, ii;
-            // create signature
-            // first a*w bits of hash where a*w <= 8*mdsize < (a+1)*w
-            while (r <= d)
-            {
-                s = r >>> 3;
-                rest = r % 8;
-                r += w;
-                f = (r + 7) >>> 3;
-                big8 = 0;
-                ii = 0;
-                for (int j = s; j < f; j++)
-                {
-                    big8 ^= (hash[j] & 0xff) << (ii << 3);
-                    ii++;
-                }
-
-                big8 >>>= rest;
-                test8 = (big8 & k);
-                c += test8;
-
-                System.arraycopy(privateKeyOTS[counter], 0, hlp, 0, mdsize);
-                while (test8 > 0)
-                {
-                    messDigestOTS.update(hlp, 0, hlp.length);
-                    hlp = new byte[messDigestOTS.getDigestSize()];
-                    messDigestOTS.doFinal(hlp, 0);
-                    test8--;
-                }
-                System.arraycopy(hlp, 0, sign, counter * mdsize, mdsize);
-                counter++;
-
-            }
-            // rest of hash
-            s = r >>> 3;
-            if (s < mdsize)
-            {
-                rest = r % 8;
-                big8 = 0;
-                ii = 0;
-                for (int j = s; j < mdsize; j++)
-                {
-                    big8 ^= (hash[j] & 0xff) << (ii << 3);
-                    ii++;
-                }
-
-                big8 >>>= rest;
-                test8 = (big8 & k);
-                c += test8;
-
-                System.arraycopy(privateKeyOTS[counter], 0, hlp, 0, mdsize);
-                while (test8 > 0)
-                {
-                    messDigestOTS.update(hlp, 0, hlp.length);
-                    hlp = new byte[messDigestOTS.getDigestSize()];
-                    messDigestOTS.doFinal(hlp, 0);
-                    test8--;
-                }
-                System.arraycopy(hlp, 0, sign, counter * mdsize, mdsize);
-                counter++;
-            }
-            // check bytes
-            c = (messagesize << w) - c;
-            for (int i = 0; i < checksumsize; i += w)
-            {
-                test8 = (c & k);
-
-                System.arraycopy(privateKeyOTS[counter], 0, hlp, 0, mdsize);
-
-                while (test8 > 0)
-                {
-                    messDigestOTS.update(hlp, 0, hlp.length);
-                    hlp = new byte[messDigestOTS.getDigestSize()];
-                    messDigestOTS.doFinal(hlp, 0);
-                    test8--;
-                }
-                System.arraycopy(hlp, 0, sign, counter * mdsize, mdsize);
-                c >>>= w;
-                counter++;
-            }
-        }// end if(w<57)
-
-        return sign;
-    }
-
-    /**
-     * This method returns the least integer that is greater or equal to the
-     * logarithm to the base 2 of an integer <code>intValue</code>.
-     *
-     * @param intValue an integer
-     * @return The least integer greater or equal to the logarithm to the base 2
-     *         of <code>intValue</code>
-     */
-    public int getLog(int intValue)
-    {
-        int log = 1;
-        int i = 2;
-        while (i < intValue)
-        {
-            i <<= 1;
-            log++;
-        }
-        return log;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/Conversions.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/Conversions.java
deleted file mode 100644
index 752d51c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/Conversions.java
+++ /dev/null

@@ -1,236 +0,0 @@
-package org.bouncycastle.pqc.crypto.mceliece;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.pqc.math.linearalgebra.BigIntUtils;
-import org.bouncycastle.pqc.math.linearalgebra.GF2Vector;
-import org.bouncycastle.pqc.math.linearalgebra.IntegerFunctions;
-
-
-/**
- * Provides methods for CCA2-Secure Conversions of McEliece PKCS
- */
-final class Conversions
-{
-    private static final BigInteger ZERO = BigInteger.valueOf(0);
-    private static final BigInteger ONE = BigInteger.valueOf(1);
-    
-    /**
-     * Default constructor (private).
-     */
-    private Conversions()
-    {
-    }
-
-    /**
-     * Encode a number between 0 and (n|t) (binomial coefficient) into a binary
-     * vector of length n with weight t. The number is given as a byte array.
-     * Only the first s bits are used, where s = floor[log(n|t)].
-     *
-     * @param n integer
-     * @param t integer
-     * @param m the message as a byte array
-     * @return the encoded message as {@link GF2Vector}
-     */
-    public static GF2Vector encode(final int n, final int t, final byte[] m)
-    {
-        if (n < t)
-        {
-            throw new IllegalArgumentException("n < t");
-        }
-
-        // compute the binomial c = (n|t)
-        BigInteger c = IntegerFunctions.binomial(n, t);
-        // get the number encoded in m
-        BigInteger i = new BigInteger(1, m);
-        // compare
-        if (i.compareTo(c) >= 0)
-        {
-            throw new IllegalArgumentException("Encoded number too large.");
-        }
-
-        GF2Vector result = new GF2Vector(n);
-
-        int nn = n;
-        int tt = t;
-        for (int j = 0; j < n; j++)
-        {
-            c = c.multiply(BigInteger.valueOf(nn - tt)).divide(
-                BigInteger.valueOf(nn));
-            nn--;
-            if (c.compareTo(i) <= 0)
-            {
-                result.setBit(j);
-                i = i.subtract(c);
-                tt--;
-                if (nn == tt)
-                {
-                    c = ONE;
-                }
-                else
-                {
-                    c = (c.multiply(BigInteger.valueOf(tt + 1)))
-                        .divide(BigInteger.valueOf(nn - tt));
-                }
-            }
-        }
-
-        return result;
-    }
-
-    /**
-     * Decode a binary vector of length n and weight t into a number between 0
-     * and (n|t) (binomial coefficient). The result is given as a byte array of
-     * length floor[(s+7)/8], where s = floor[log(n|t)].
-     *
-     * @param n   integer
-     * @param t   integer
-     * @param vec the binary vector
-     * @return the decoded vector as a byte array
-     */
-    public static byte[] decode(int n, int t, GF2Vector vec)
-    {
-        if ((vec.getLength() != n) || (vec.getHammingWeight() != t))
-        {
-            throw new IllegalArgumentException(
-                "vector has wrong length or hamming weight");
-        }
-        int[] vecArray = vec.getVecArray();
-
-        BigInteger bc = IntegerFunctions.binomial(n, t);
-        BigInteger d = ZERO;
-        int nn = n;
-        int tt = t;
-        for (int i = 0; i < n; i++)
-        {
-            bc = bc.multiply(BigInteger.valueOf(nn - tt)).divide(
-                BigInteger.valueOf(nn));
-            nn--;
-
-            int q = i >> 5;
-            int e = vecArray[q] & (1 << (i & 0x1f));
-            if (e != 0)
-            {
-                d = d.add(bc);
-                tt--;
-                if (nn == tt)
-                {
-                    bc = ONE;
-                }
-                else
-                {
-                    bc = bc.multiply(BigInteger.valueOf(tt + 1)).divide(
-                        BigInteger.valueOf(nn - tt));
-                }
-
-            }
-        }
-
-        return BigIntUtils.toMinimalByteArray(d);
-    }
-
-    /**
-     * Compute a message representative of a message given as a vector of length
-     * <tt>n</tt> bit and of hamming weight <tt>t</tt>. The result is a
-     * byte array of length <tt>(s+7)/8</tt>, where
-     * <tt>s = floor[log(n|t)]</tt>.
-     *
-     * @param n integer
-     * @param t integer
-     * @param m the message vector as a byte array
-     * @return a message representative for <tt>m</tt>
-     */
-    public static byte[] signConversion(int n, int t, byte[] m)
-    {
-        if (n < t)
-        {
-            throw new IllegalArgumentException("n < t");
-        }
-
-        BigInteger bc = IntegerFunctions.binomial(n, t);
-        // finds s = floor[log(binomial(n,t))]
-        int s = bc.bitLength() - 1;
-        // s = sq*8 + sr;
-        int sq = s >> 3;
-        int sr = s & 7;
-        if (sr == 0)
-        {
-            sq--;
-            sr = 8;
-        }
-
-        // n = nq*8+nr;
-        int nq = n >> 3;
-        int nr = n & 7;
-        if (nr == 0)
-        {
-            nq--;
-            nr = 8;
-        }
-        // take s bit from m
-        byte[] data = new byte[nq + 1];
-        if (m.length < data.length)
-        {
-            System.arraycopy(m, 0, data, 0, m.length);
-            for (int i = m.length; i < data.length; i++)
-            {
-                data[i] = 0;
-            }
-        }
-        else
-        {
-            System.arraycopy(m, 0, data, 0, nq);
-            int h = (1 << nr) - 1;
-            data[nq] = (byte)(h & m[nq]);
-        }
-
-        BigInteger d = ZERO;
-        int nn = n;
-        int tt = t;
-        for (int i = 0; i < n; i++)
-        {
-            bc = (bc.multiply(new BigInteger(Integer.toString(nn - tt))))
-                .divide(new BigInteger(Integer.toString(nn)));
-            nn--;
-
-            int q = i >>> 3;
-            int r = i & 7;
-            r = 1 << r;
-            byte e = (byte)(r & data[q]);
-            if (e != 0)
-            {
-                d = d.add(bc);
-                tt--;
-                if (nn == tt)
-                {
-                    bc = ONE;
-                }
-                else
-                {
-                    bc = (bc
-                        .multiply(new BigInteger(Integer.toString(tt + 1))))
-                        .divide(new BigInteger(Integer.toString(nn - tt)));
-                }
-            }
-        }
-
-        byte[] result = new byte[sq + 1];
-        byte[] help = d.toByteArray();
-        if (help.length < result.length)
-        {
-            System.arraycopy(help, 0, result, 0, help.length);
-            for (int i = help.length; i < result.length; i++)
-            {
-                result[i] = 0;
-            }
-        }
-        else
-        {
-            System.arraycopy(help, 0, result, 0, sq);
-            result[sq] = (byte)(((1 << sr) - 1) & help[sq]);
-        }
-
-        return result;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceCCA2KeyGenerationParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceCCA2KeyGenerationParameters.java
deleted file mode 100644
index dbd5a82..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceCCA2KeyGenerationParameters.java
+++ /dev/null

@@ -1,25 +0,0 @@
-package org.bouncycastle.pqc.crypto.mceliece;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.KeyGenerationParameters;
-
-public class McElieceCCA2KeyGenerationParameters
-    extends KeyGenerationParameters
-{
-    private McElieceCCA2Parameters params;
-
-    public McElieceCCA2KeyGenerationParameters(
-        SecureRandom random,
-        McElieceCCA2Parameters params)
-    {
-        // XXX key size?
-        super(random, 128);
-        this.params = params;
-    }
-
-    public McElieceCCA2Parameters getParameters()
-    {
-        return params;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceCCA2KeyPairGenerator.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceCCA2KeyPairGenerator.java
deleted file mode 100644
index b52370d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceCCA2KeyPairGenerator.java
+++ /dev/null

@@ -1,114 +0,0 @@
-package org.bouncycastle.pqc.crypto.mceliece;
-
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.pqc.math.linearalgebra.GF2Matrix;
-import org.bouncycastle.pqc.math.linearalgebra.GF2mField;
-import org.bouncycastle.pqc.math.linearalgebra.GoppaCode;
-import org.bouncycastle.pqc.math.linearalgebra.GoppaCode.MaMaPe;
-import org.bouncycastle.pqc.math.linearalgebra.Permutation;
-import org.bouncycastle.pqc.math.linearalgebra.PolynomialGF2mSmallM;
-
-
-/**
- * This class implements key pair generation of the McEliece Public Key
- * Cryptosystem (McEliecePKC).
- */
-public class McElieceCCA2KeyPairGenerator
-    implements AsymmetricCipherKeyPairGenerator
-{
-
-
-    /**
-     * The OID of the algorithm.
-     */
-    public static final String OID = "1.3.6.1.4.1.8301.3.1.3.4.2";
-
-    private McElieceCCA2KeyGenerationParameters mcElieceCCA2Params;
-
-    // the extension degree of the finite field GF(2^m)
-    private int m;
-
-    // the length of the code
-    private int n;
-
-    // the error correction capability
-    private int t;
-
-    // the field polynomial
-    private int fieldPoly;
-
-    // the source of randomness
-    private SecureRandom random;
-
-    // flag indicating whether the key pair generator has been initialized
-    private boolean initialized = false;
-
-    /**
-     * Default initialization of the key pair generator.
-     */
-    private void initializeDefault()
-    {
-        McElieceCCA2KeyGenerationParameters mcCCA2Params = new McElieceCCA2KeyGenerationParameters(CryptoServicesRegistrar.getSecureRandom(), new McElieceCCA2Parameters());
-        init(mcCCA2Params);
-    }
-
-    // TODO
-    public void init(
-        KeyGenerationParameters param)
-    {
-        this.mcElieceCCA2Params = (McElieceCCA2KeyGenerationParameters)param;
-
-        // set source of randomness
-        this.random = CryptoServicesRegistrar.getSecureRandom();
-
-        this.m = this.mcElieceCCA2Params.getParameters().getM();
-        this.n = this.mcElieceCCA2Params.getParameters().getN();
-        this.t = this.mcElieceCCA2Params.getParameters().getT();
-        this.fieldPoly = this.mcElieceCCA2Params.getParameters().getFieldPoly();
-        this.initialized = true;
-    }
-
-
-    public AsymmetricCipherKeyPair generateKeyPair()
-    {
-
-        if (!initialized)
-        {
-            initializeDefault();
-        }
-
-        // finite field GF(2^m)
-        GF2mField field = new GF2mField(m, fieldPoly);
-
-        // irreducible Goppa polynomial
-        PolynomialGF2mSmallM gp = new PolynomialGF2mSmallM(field, t,
-            PolynomialGF2mSmallM.RANDOM_IRREDUCIBLE_POLYNOMIAL, random);
-
-        // generate canonical check matrix
-        GF2Matrix h = GoppaCode.createCanonicalCheckMatrix(field, gp);
-
-        // compute short systematic form of check matrix
-        MaMaPe mmp = GoppaCode.computeSystematicForm(h, random);
-        GF2Matrix shortH = mmp.getSecondMatrix();
-        Permutation p = mmp.getPermutation();
-
-        // compute short systematic form of generator matrix
-        GF2Matrix shortG = (GF2Matrix)shortH.computeTranspose();
-
-        // obtain number of rows of G (= dimension of the code)
-        int k = shortG.getNumRows();
-
-        // generate keys
-        McElieceCCA2PublicKeyParameters pubKey = new McElieceCCA2PublicKeyParameters(n, t, shortG, mcElieceCCA2Params.getParameters().getDigest());
-        McElieceCCA2PrivateKeyParameters privKey = new McElieceCCA2PrivateKeyParameters(n, k, field, gp, p, mcElieceCCA2Params.getParameters().getDigest());
-
-        // return key pair
-        return new AsymmetricCipherKeyPair(pubKey, privKey);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceCCA2KeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceCCA2KeyParameters.java
deleted file mode 100644
index 8e8ac0d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceCCA2KeyParameters.java
+++ /dev/null

@@ -1,25 +0,0 @@
-package org.bouncycastle.pqc.crypto.mceliece;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-
-
-public class McElieceCCA2KeyParameters
-    extends AsymmetricKeyParameter
-{
-    private String params;
-
-    public McElieceCCA2KeyParameters(
-        boolean isPrivate,
-        String params)
-    {
-        super(isPrivate);
-        this.params = params;
-    }
-
-
-    public String getDigest()
-    {
-        return params;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceCCA2Parameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceCCA2Parameters.java
deleted file mode 100644
index 5ba2d2b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceCCA2Parameters.java
+++ /dev/null

@@ -1,113 +0,0 @@
-package org.bouncycastle.pqc.crypto.mceliece;
-
-public class McElieceCCA2Parameters
-    extends McElieceParameters
-{
-    private final String digest;
-
-    /**
-     * Constructor. Set the default parameters: extension degree.
-     */
-    public McElieceCCA2Parameters()
-    {
-        this(DEFAULT_M, DEFAULT_T, "SHA-256");
-    }
-
-    public McElieceCCA2Parameters(String digest)
-    {
-        this(DEFAULT_M, DEFAULT_T, digest);
-    }
-
-    /**
-     * Constructor.
-     *
-     * @param keysize the length of a Goppa code
-     * @throws IllegalArgumentException if <tt>keysize &lt; 1</tt>.
-     */
-    public McElieceCCA2Parameters(int keysize)
-    {
-        this(keysize, "SHA-256");
-    }
-
-    /**
-     * Constructor.
-     *
-     * @param keysize the length of a Goppa code
-     * @param digest CCA2 mode digest
-     * @throws IllegalArgumentException if <tt>keysize &lt; 1</tt>.
-     */
-    public McElieceCCA2Parameters(int keysize, String digest)
-    {
-        super(keysize);
-        this.digest = digest;
-    }
-
-    /**
-     * Constructor.
-     *
-     * @param m degree of the finite field GF(2^m)
-     * @param t error correction capability of the code
-     * @throws IllegalArgumentException if <tt>m &lt; 1</tt> or <tt>m &gt; 32</tt> or
-     * <tt>t &lt; 0</tt> or <tt>t &gt; n</tt>.
-     */
-    public McElieceCCA2Parameters(int m, int t)
-    {
-        this(m, t, "SHA-256");
-    }
-
-    /**
-     * Constructor.
-     *
-     * @param m degree of the finite field GF(2^m)
-     * @param t error correction capability of the code
-     * @throws IllegalArgumentException if <tt>m &lt; 1</tt> or <tt>m &gt; 32</tt> or
-     * <tt>t &lt; 0</tt> or <tt>t &gt; n</tt>.
-     */
-    public McElieceCCA2Parameters(int m, int t, String digest)
-    {
-        super(m, t);
-        this.digest = digest;
-    }
-
-    /**
-     * Constructor.
-     *
-     * @param m    degree of the finite field GF(2^m)
-     * @param t    error correction capability of the code
-     * @param poly the field polynomial
-     * @throws IllegalArgumentException if <tt>m &lt; 1</tt> or <tt>m &gt; 32</tt> or
-     * <tt>t &lt; 0</tt> or <tt>t &gt; n</tt> or
-     * <tt>poly</tt> is not an irreducible field polynomial.
-     */
-    public McElieceCCA2Parameters(int m, int t, int poly)
-    {
-        this(m, t, poly, "SHA-256");
-    }
-
-    /**
-     * Constructor.
-     *
-     * @param m    degree of the finite field GF(2^m)
-     * @param t    error correction capability of the code
-     * @param poly the field polynomial
-     * @param digest CCA2 mode digest
-     * @throws IllegalArgumentException if <tt>m &lt; 1</tt> or <tt>m &gt; 32</tt> or
-     * <tt>t &lt; 0</tt> or <tt>t &gt; n</tt> or
-     * <tt>poly</tt> is not an irreducible field polynomial.
-     */
-    public McElieceCCA2Parameters(int m, int t, int poly, String digest)
-    {
-        super(m, t, poly);
-        this.digest = digest;
-    }
-
-    /**
-     * Return the CCA2 mode digest if set.
-     *
-     * @return the CCA2 digest to use, null if not present.
-     */
-    public String getDigest()
-    {
-        return digest;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceCCA2Primitives.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceCCA2Primitives.java
deleted file mode 100644
index d6dba73..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceCCA2Primitives.java
+++ /dev/null

@@ -1,86 +0,0 @@
-package org.bouncycastle.pqc.crypto.mceliece;
-
-import org.bouncycastle.pqc.math.linearalgebra.GF2Matrix;
-import org.bouncycastle.pqc.math.linearalgebra.GF2Vector;
-import org.bouncycastle.pqc.math.linearalgebra.GF2mField;
-import org.bouncycastle.pqc.math.linearalgebra.GoppaCode;
-import org.bouncycastle.pqc.math.linearalgebra.Permutation;
-import org.bouncycastle.pqc.math.linearalgebra.PolynomialGF2mSmallM;
-import org.bouncycastle.pqc.math.linearalgebra.Vector;
-
-/**
- * Core operations for the CCA-secure variants of McEliece.
- */
-final class McElieceCCA2Primitives
-{
-
-    /**
-     * Default constructor (private).
-     */
-    private McElieceCCA2Primitives()
-    {
-    }
-
-    /**
-     * The McEliece encryption primitive.
-     *
-     * @param pubKey the public key
-     * @param m      the message vector
-     * @param z      the error vector
-     * @return <tt>m*G + z</tt>
-     */
-
-
-    public static GF2Vector encryptionPrimitive(McElieceCCA2PublicKeyParameters pubKey,
-                                                GF2Vector m, GF2Vector z)
-    {
-
-        GF2Matrix matrixG = pubKey.getG();
-        Vector mG = matrixG.leftMultiplyLeftCompactForm(m);
-        return (GF2Vector)mG.add(z);
-    }
-
-    /**
-     * The McEliece decryption primitive.
-     *
-     * @param privKey the private key
-     * @param c       the ciphertext vector <tt>c = m*G + z</tt>
-     * @return the message vector <tt>m</tt> and the error vector <tt>z</tt>
-     */
-    public static GF2Vector[] decryptionPrimitive(
-        McElieceCCA2PrivateKeyParameters privKey, GF2Vector c)
-    {
-
-        // obtain values from private key
-        int k = privKey.getK();
-        Permutation p = privKey.getP();
-        GF2mField field = privKey.getField();
-        PolynomialGF2mSmallM gp = privKey.getGoppaPoly();
-        GF2Matrix h = privKey.getH();
-        PolynomialGF2mSmallM[] q = privKey.getQInv();
-
-        // compute inverse permutation P^-1
-        Permutation pInv = p.computeInverse();
-
-        // multiply c with permutation P^-1
-        GF2Vector cPInv = (GF2Vector)c.multiply(pInv);
-
-        // compute syndrome of cP^-1
-        GF2Vector syndVec = (GF2Vector)h.rightMultiply(cPInv);
-
-        // decode syndrome
-        GF2Vector errors = GoppaCode.syndromeDecode(syndVec, field, gp, q);
-        GF2Vector mG = (GF2Vector)cPInv.add(errors);
-
-        // multiply codeword and error vector with P
-        mG = (GF2Vector)mG.multiply(p);
-        errors = (GF2Vector)errors.multiply(p);
-
-        // extract plaintext vector (last k columns of mG)
-        GF2Vector m = mG.extractRightVector(k);
-
-        // return vectors
-        return new GF2Vector[]{m, errors};
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceCCA2PrivateKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceCCA2PrivateKeyParameters.java
deleted file mode 100644
index c83a8e2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceCCA2PrivateKeyParameters.java
+++ /dev/null

@@ -1,148 +0,0 @@
-package org.bouncycastle.pqc.crypto.mceliece;
-
-
-import org.bouncycastle.pqc.math.linearalgebra.GF2Matrix;
-import org.bouncycastle.pqc.math.linearalgebra.GF2mField;
-import org.bouncycastle.pqc.math.linearalgebra.GoppaCode;
-import org.bouncycastle.pqc.math.linearalgebra.Permutation;
-import org.bouncycastle.pqc.math.linearalgebra.PolynomialGF2mSmallM;
-import org.bouncycastle.pqc.math.linearalgebra.PolynomialRingGF2m;
-
-/**
- *
- *
- *
- */
-public class McElieceCCA2PrivateKeyParameters
-    extends McElieceCCA2KeyParameters
-{
-    // the length of the code
-    private int n;
-
-    // the dimension of the code
-    private int k;
-
-    // the finte field GF(2^m)
-    private GF2mField field;
-
-    // the irreducible Goppa polynomial
-    private PolynomialGF2mSmallM goppaPoly;
-
-    // the permutation
-    private Permutation p;
-
-    // the canonical check matrix
-    private GF2Matrix h;
-
-    // the matrix used to compute square roots in (GF(2^m))^t
-    private PolynomialGF2mSmallM[] qInv;
-
-    /**
-     * Constructor.
-     *
-     * @param n      the length of the code
-     * @param k      the dimension of the code
-     * @param field  the finite field <tt>GF(2<sup>m</sup>)</tt>
-     * @param gp     the irreducible Goppa polynomial
-     * @param p      the permutation
-     * @param digest name of digest algorithm
-     */
-    public McElieceCCA2PrivateKeyParameters(int n, int k, GF2mField field,
-                                            PolynomialGF2mSmallM gp, Permutation p, String digest)
-    {
-        this(n, k, field, gp, GoppaCode.createCanonicalCheckMatrix(field, gp), p, digest);
-    }
-    
-    /**
-     * Constructor.
-     *
-     * @param n                         the length of the code
-     * @param k                         the dimension of the code
-     * @param field                     the finite field <tt>GF(2<sup>m</sup>)</tt>
-     * @param gp                        the irreducible Goppa polynomial
-     * @param canonicalCheckMatrix      the canonical check matrix
-     * @param p                         the permutation
-     * @param digest                    name of digest algorithm
-     */
-    public McElieceCCA2PrivateKeyParameters(int n, int k, GF2mField field, PolynomialGF2mSmallM gp, 
-                                            GF2Matrix canonicalCheckMatrix, Permutation p, String digest)
-    {
-        super(true, digest);
-        
-        this.n = n;
-        this.k = k;
-        this.field = field;
-        this.goppaPoly = gp;
-        this.h = canonicalCheckMatrix;
-        this.p = p;
-        
-        PolynomialRingGF2m ring = new PolynomialRingGF2m(field, gp);
-
-        // matrix for computing square roots in (GF(2^m))^t
-        this.qInv = ring.getSquareRootMatrix();
-    }
-
-    /**
-     * @return the length of the code
-     */
-    public int getN()
-    {
-        return n;
-    }
-
-    /**
-     * @return the dimension of the code
-     */
-    public int getK()
-    {
-        return k;
-    }
-
-    /**
-     * @return the degree of the Goppa polynomial (error correcting capability)
-     */
-    public int getT()
-    {
-        return goppaPoly.getDegree();
-    }
-
-    /**
-     * @return the finite field
-     */
-    public GF2mField getField()
-    {
-        return field;
-    }
-
-    /**
-     * @return the irreducible Goppa polynomial
-     */
-    public PolynomialGF2mSmallM getGoppaPoly()
-    {
-        return goppaPoly;
-    }
-
-    /**
-     * @return the permutation P
-     */
-    public Permutation getP()
-    {
-        return p;
-    }
-
-    /**
-     * @return the canonical check matrix H
-     */
-    public GF2Matrix getH()
-    {
-        return h;
-    }
-
-    /**
-     * @return the matrix used to compute square roots in <tt>(GF(2^m))^t</tt>
-     */
-    public PolynomialGF2mSmallM[] getQInv()
-    {
-        return qInv;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceCCA2PublicKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceCCA2PublicKeyParameters.java
deleted file mode 100644
index 5910526..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceCCA2PublicKeyParameters.java
+++ /dev/null

@@ -1,69 +0,0 @@
-package org.bouncycastle.pqc.crypto.mceliece;
-
-import org.bouncycastle.pqc.math.linearalgebra.GF2Matrix;
-
-/**
- *
- *
- *
- */
-public class McElieceCCA2PublicKeyParameters
-    extends McElieceCCA2KeyParameters
-{
-    // the length of the code
-    private int n;
-
-    // the error correction capability of the code
-    private int t;
-
-    // the generator matrix
-    private GF2Matrix matrixG;
-
-    /**
-     * Constructor.
-     *  @param n      length of the code
-     * @param t      error correction capability
-     * @param matrix generator matrix
-     * @param digest McElieceCCA2Parameters
-     */
-    public McElieceCCA2PublicKeyParameters(int n, int t, GF2Matrix matrix, String digest)
-    {
-        super(false, digest);
-
-        this.n = n;
-        this.t = t;
-        this.matrixG = new GF2Matrix(matrix);
-    }
-
-    /**
-     * @return the length of the code
-     */
-    public int getN()
-    {
-        return n;
-    }
-
-    /**
-     * @return the error correction capability of the code
-     */
-    public int getT()
-    {
-        return t;
-    }
-
-    /**
-     * @return the generator matrix
-     */
-    public GF2Matrix getG()
-    {
-        return matrixG;
-    }
-
-    /**
-     * @return the dimension of the code
-     */
-    public int getK()
-    {
-        return matrixG.getNumRows();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceCipher.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceCipher.java
deleted file mode 100644
index 7223d45..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceCipher.java
+++ /dev/null

@@ -1,235 +0,0 @@
-package org.bouncycastle.pqc.crypto.mceliece;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.pqc.crypto.MessageEncryptor;
-import org.bouncycastle.pqc.math.linearalgebra.GF2Matrix;
-import org.bouncycastle.pqc.math.linearalgebra.GF2Vector;
-import org.bouncycastle.pqc.math.linearalgebra.GF2mField;
-import org.bouncycastle.pqc.math.linearalgebra.GoppaCode;
-import org.bouncycastle.pqc.math.linearalgebra.Permutation;
-import org.bouncycastle.pqc.math.linearalgebra.PolynomialGF2mSmallM;
-import org.bouncycastle.pqc.math.linearalgebra.Vector;
-
-/**
- * This class implements the McEliece Public Key cryptosystem (McEliecePKCS). It
- * was first described in R.J. McEliece, "A public key cryptosystem based on
- * algebraic coding theory", DSN progress report, 42-44:114-116, 1978. The
- * McEliecePKCS is the first cryptosystem which is based on error correcting
- * codes. The trapdoor for the McEliece cryptosystem using Goppa codes is the
- * knowledge of the Goppa polynomial used to generate the code.
- */
-public class McElieceCipher
-    implements MessageEncryptor
-{
-
-    /**
-     * The OID of the algorithm.
-     */
-    public static final String OID = "1.3.6.1.4.1.8301.3.1.3.4.1";
-
-
-    // the source of randomness
-    private SecureRandom sr;
-
-    // the McEliece main parameters
-    private int n, k, t;
-
-    // The maximum number of bytes the cipher can decrypt
-    public int maxPlainTextSize;
-
-    // The maximum number of bytes the cipher can encrypt
-    public int cipherTextSize;
-
-    private McElieceKeyParameters key;
-    private boolean forEncryption;
-
-
-    public void init(boolean forEncryption,
-                     CipherParameters param)
-    {
-        this.forEncryption = forEncryption;
-        if (forEncryption)
-        {
-            if (param instanceof ParametersWithRandom)
-            {
-                ParametersWithRandom rParam = (ParametersWithRandom)param;
-
-                this.sr = rParam.getRandom();
-                this.key = (McEliecePublicKeyParameters)rParam.getParameters();
-                this.initCipherEncrypt((McEliecePublicKeyParameters)key);
-
-            }
-            else
-            {
-                this.sr = CryptoServicesRegistrar.getSecureRandom();
-                this.key = (McEliecePublicKeyParameters)param;
-                this.initCipherEncrypt((McEliecePublicKeyParameters)key);
-            }
-        }
-        else
-        {
-            this.key = (McEliecePrivateKeyParameters)param;
-            this.initCipherDecrypt((McEliecePrivateKeyParameters)key);
-        }
-
-    }
-
-    /**
-     * Return the key size of the given key object.
-     *
-     * @param key the McElieceKeyParameters object
-     * @return the keysize of the given key object
-     */
-
-    public int getKeySize(McElieceKeyParameters key)
-    {
-
-        if (key instanceof McEliecePublicKeyParameters)
-        {
-            return ((McEliecePublicKeyParameters)key).getN();
-
-        }
-        if (key instanceof McEliecePrivateKeyParameters)
-        {
-            return ((McEliecePrivateKeyParameters)key).getN();
-        }
-        throw new IllegalArgumentException("unsupported type");
-
-    }
-
-
-    private void initCipherEncrypt(McEliecePublicKeyParameters pubKey)
-    {
-        this.sr = sr != null ? sr : CryptoServicesRegistrar.getSecureRandom();
-        n = pubKey.getN();
-        k = pubKey.getK();
-        t = pubKey.getT();
-        cipherTextSize = n >> 3;
-        maxPlainTextSize = (k >> 3);
-    }
-
-
-    private void initCipherDecrypt(McEliecePrivateKeyParameters privKey)
-    {
-        n = privKey.getN();
-        k = privKey.getK();
-
-        maxPlainTextSize = (k >> 3);
-        cipherTextSize = n >> 3;
-    }
-
-    /**
-     * Encrypt a plain text.
-     *
-     * @param input the plain text
-     * @return the cipher text
-     */
-    public byte[] messageEncrypt(byte[] input)
-    {
-        if (!forEncryption)
-        {
-            throw new IllegalStateException("cipher initialised for decryption");
-        }
-        GF2Vector m = computeMessageRepresentative(input);
-        GF2Vector z = new GF2Vector(n, t, sr);
-
-        GF2Matrix g = ((McEliecePublicKeyParameters)key).getG();
-        Vector mG = g.leftMultiply(m);
-        GF2Vector mGZ = (GF2Vector)mG.add(z);
-
-        return mGZ.getEncoded();
-    }
-
-    private GF2Vector computeMessageRepresentative(byte[] input)
-    {
-        byte[] data = new byte[maxPlainTextSize + ((k & 0x07) != 0 ? 1 : 0)];
-        System.arraycopy(input, 0, data, 0, input.length);
-        data[input.length] = 0x01;
-        return GF2Vector.OS2VP(k, data);
-    }
-
-    /**
-     * Decrypt a cipher text.
-     *
-     * @param input the cipher text
-     * @return the plain text
-     * @throws InvalidCipherTextException if the cipher text is invalid.
-     */
-    public byte[] messageDecrypt(byte[] input)
-        throws InvalidCipherTextException
-    {
-        if (forEncryption)
-        {
-            throw new IllegalStateException("cipher initialised for decryption");
-        }
-
-        GF2Vector vec = GF2Vector.OS2VP(n, input);
-        McEliecePrivateKeyParameters privKey = (McEliecePrivateKeyParameters)key;
-        GF2mField field = privKey.getField();
-        PolynomialGF2mSmallM gp = privKey.getGoppaPoly();
-        GF2Matrix sInv = privKey.getSInv();
-        Permutation p1 = privKey.getP1();
-        Permutation p2 = privKey.getP2();
-        GF2Matrix h = privKey.getH();
-        PolynomialGF2mSmallM[] qInv = privKey.getQInv();
-
-        // compute permutation P = P1 * P2
-        Permutation p = p1.rightMultiply(p2);
-
-        // compute P^-1
-        Permutation pInv = p.computeInverse();
-
-        // compute c P^-1
-        GF2Vector cPInv = (GF2Vector)vec.multiply(pInv);
-
-        // compute syndrome of c P^-1
-        GF2Vector syndrome = (GF2Vector)h.rightMultiply(cPInv);
-
-        // decode syndrome
-        GF2Vector z = GoppaCode.syndromeDecode(syndrome, field, gp, qInv);
-        GF2Vector mSG = (GF2Vector)cPInv.add(z);
-
-        // multiply codeword with P1 and error vector with P
-        mSG = (GF2Vector)mSG.multiply(p1);
-        z = (GF2Vector)z.multiply(p);
-
-        // extract mS (last k columns of mSG)
-        GF2Vector mS = mSG.extractRightVector(k);
-
-        // compute plaintext vector
-        GF2Vector mVec = (GF2Vector)sInv.leftMultiply(mS);
-
-        // compute and return plaintext
-        return computeMessage(mVec);
-    }
-
-    private byte[] computeMessage(GF2Vector mr)
-        throws InvalidCipherTextException
-    {
-        byte[] mrBytes = mr.getEncoded();
-        // find first non-zero byte
-        int index;
-        for (index = mrBytes.length - 1; index >= 0 && mrBytes[index] == 0; index--)
-        {
-            ;
-        }
-
-        // check if padding byte is valid
-        if (index<0 || mrBytes[index] != 0x01)
-        {
-            throw new InvalidCipherTextException("Bad Padding: invalid ciphertext");
-        }
-
-        // extract and return message
-        byte[] mBytes = new byte[index];
-        System.arraycopy(mrBytes, 0, mBytes, 0, index);
-        return mBytes;
-    }
-
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceFujisakiCipher.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceFujisakiCipher.java
deleted file mode 100644
index dcd3b7d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceFujisakiCipher.java
+++ /dev/null

@@ -1,219 +0,0 @@
-package org.bouncycastle.pqc.crypto.mceliece;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.prng.DigestRandomGenerator;
-import org.bouncycastle.pqc.crypto.MessageEncryptor;
-import org.bouncycastle.pqc.math.linearalgebra.ByteUtils;
-import org.bouncycastle.pqc.math.linearalgebra.GF2Vector;
-
-/**
- * This class implements the Fujisaki/Okamoto conversion of the McEliecePKCS.
- * Fujisaki and Okamoto propose hybrid encryption that merges a symmetric
- * encryption scheme which is secure in the find-guess model with an asymmetric
- * one-way encryption scheme which is sufficiently probabilistic to obtain a
- * public key cryptosystem which is CCA2-secure. For details, see D. Engelbert,
- * R. Overbeck, A. Schmidt, "A summary of the development of the McEliece
- * Cryptosystem", technical report.
- */
-public class McElieceFujisakiCipher
-    implements MessageEncryptor
-{
-    /**
-     * The OID of the algorithm.
-     */
-    public static final String OID = "1.3.6.1.4.1.8301.3.1.3.4.2.1";
-
-    private static final String DEFAULT_PRNG_NAME = "SHA1PRNG";
-
-    private Digest messDigest;
-
-    private SecureRandom sr;
-
-    /**
-     * The McEliece main parameters
-     */
-    private int n, k, t;
-
-    McElieceCCA2KeyParameters key;
-    private boolean forEncryption;
-
-
-    public void init(boolean forEncryption,
-                     CipherParameters param)
-    {
-        this.forEncryption = forEncryption;
-        if (forEncryption)
-        {
-            if (param instanceof ParametersWithRandom)
-            {
-                ParametersWithRandom rParam = (ParametersWithRandom)param;
-
-                this.sr = rParam.getRandom();
-                this.key = (McElieceCCA2PublicKeyParameters)rParam.getParameters();
-                this.initCipherEncrypt((McElieceCCA2PublicKeyParameters)key);
-
-            }
-            else
-            {
-                this.sr = CryptoServicesRegistrar.getSecureRandom();
-                this.key = (McElieceCCA2PublicKeyParameters)param;
-                this.initCipherEncrypt((McElieceCCA2PublicKeyParameters)key);
-            }
-        }
-        else
-        {
-            this.key = (McElieceCCA2PrivateKeyParameters)param;
-            this.initCipherDecrypt((McElieceCCA2PrivateKeyParameters)key);
-        }
-    }
-
-
-    public int getKeySize(McElieceCCA2KeyParameters key)
-        throws IllegalArgumentException
-    {
-
-        if (key instanceof McElieceCCA2PublicKeyParameters)
-        {
-            return ((McElieceCCA2PublicKeyParameters)key).getN();
-        }
-        if (key instanceof McElieceCCA2PrivateKeyParameters)
-        {
-            return ((McElieceCCA2PrivateKeyParameters)key).getN();
-        }
-        throw new IllegalArgumentException("unsupported type");
-
-    }
-
-
-    private void initCipherEncrypt(McElieceCCA2PublicKeyParameters pubKey)
-    {
-        this.sr = sr != null ? sr : CryptoServicesRegistrar.getSecureRandom();
-        this.messDigest = Utils.getDigest(pubKey.getDigest());
-        n = pubKey.getN();
-        k = pubKey.getK();
-        t = pubKey.getT();
-    }
-
-
-    private void initCipherDecrypt(McElieceCCA2PrivateKeyParameters privKey)
-    {
-        this.messDigest = Utils.getDigest(privKey.getDigest());
-        n = privKey.getN();
-        t = privKey.getT();
-    }
-
-
-    public byte[] messageEncrypt(byte[] input)
-    {
-        if (!forEncryption)
-        {
-            throw new IllegalStateException("cipher initialised for decryption");
-        }
-
-        // generate random vector r of length k bits
-        GF2Vector r = new GF2Vector(k, sr);
-
-        // convert r to byte array
-        byte[] rBytes = r.getEncoded();
-
-        // compute (r||input)
-        byte[] rm = ByteUtils.concatenate(rBytes, input);
-
-        // compute H(r||input)
-        messDigest.update(rm, 0, rm.length);
-        byte[] hrm = new byte[messDigest.getDigestSize()];
-        messDigest.doFinal(hrm, 0);
-
-        // convert H(r||input) to error vector z
-        GF2Vector z = Conversions.encode(n, t, hrm);
-
-        // compute c1 = E(r, z)
-        byte[] c1 = McElieceCCA2Primitives.encryptionPrimitive((McElieceCCA2PublicKeyParameters)key, r, z)
-            .getEncoded();
-
-        // get PRNG object
-        DigestRandomGenerator sr0 = new DigestRandomGenerator(new SHA1Digest());
-
-        // seed PRNG with r'
-        sr0.addSeedMaterial(rBytes);
-
-        // generate random c2
-        byte[] c2 = new byte[input.length];
-        sr0.nextBytes(c2);
-
-        // XOR with input
-        for (int i = 0; i < input.length; i++)
-        {
-            c2[i] ^= input[i];
-        }
-
-        // return (c1||c2)
-        return ByteUtils.concatenate(c1, c2);
-    }
-
-    public byte[] messageDecrypt(byte[] input)
-        throws InvalidCipherTextException
-    {
-        if (forEncryption)
-        {
-            throw new IllegalStateException("cipher initialised for decryption");
-        }
-
-        int c1Len = (n + 7) >> 3;
-        int c2Len = input.length - c1Len;
-
-        // split ciphertext (c1||c2)
-        byte[][] c1c2 = ByteUtils.split(input, c1Len);
-        byte[] c1 = c1c2[0];
-        byte[] c2 = c1c2[1];
-
-        // decrypt c1 ...
-        GF2Vector hrmVec = GF2Vector.OS2VP(n, c1);
-        GF2Vector[] decC1 = McElieceCCA2Primitives.decryptionPrimitive((McElieceCCA2PrivateKeyParameters)key, hrmVec);
-        byte[] rBytes = decC1[0].getEncoded();
-        // ... and obtain error vector z
-        GF2Vector z = decC1[1];
-
-        // get PRNG object
-        DigestRandomGenerator sr0 = new DigestRandomGenerator(new SHA1Digest());
-
-        // seed PRNG with r'
-        sr0.addSeedMaterial(rBytes);
-
-        // generate random sequence
-        byte[] mBytes = new byte[c2Len];
-        sr0.nextBytes(mBytes);
-
-        // XOR with c2 to obtain m
-        for (int i = 0; i < c2Len; i++)
-        {
-            mBytes[i] ^= c2[i];
-        }
-
-        // compute H(r||m)
-        byte[] rmBytes = ByteUtils.concatenate(rBytes, mBytes);
-        byte[] hrm = new byte[messDigest.getDigestSize()];
-        messDigest.update(rmBytes, 0, rmBytes.length);
-        messDigest.doFinal(hrm, 0);
-
-
-        // compute Conv(H(r||m))
-        hrmVec = Conversions.encode(n, t, hrm);
-
-        // check that Conv(H(m||r)) = z
-        if (!hrmVec.equals(z))
-        {
-            throw new InvalidCipherTextException("Bad Padding: invalid ciphertext");
-        }
-
-        // return plaintext m
-        return mBytes;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceKeyGenerationParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceKeyGenerationParameters.java
deleted file mode 100644
index 1b1fa65..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceKeyGenerationParameters.java
+++ /dev/null

@@ -1,25 +0,0 @@
-package org.bouncycastle.pqc.crypto.mceliece;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.KeyGenerationParameters;
-
-public class McElieceKeyGenerationParameters
-    extends KeyGenerationParameters
-{
-    private McElieceParameters params;
-
-    public McElieceKeyGenerationParameters(
-        SecureRandom random,
-        McElieceParameters params)
-    {
-        // XXX key size?
-        super(random, 256);
-        this.params = params;
-    }
-
-    public McElieceParameters getParameters()
-    {
-        return params;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceKeyPairGenerator.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceKeyPairGenerator.java
deleted file mode 100644
index 5285045..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceKeyPairGenerator.java
+++ /dev/null

@@ -1,154 +0,0 @@
-package org.bouncycastle.pqc.crypto.mceliece;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.pqc.math.linearalgebra.GF2Matrix;
-import org.bouncycastle.pqc.math.linearalgebra.GF2mField;
-import org.bouncycastle.pqc.math.linearalgebra.GoppaCode;
-import org.bouncycastle.pqc.math.linearalgebra.GoppaCode.MaMaPe;
-import org.bouncycastle.pqc.math.linearalgebra.Permutation;
-import org.bouncycastle.pqc.math.linearalgebra.PolynomialGF2mSmallM;
-import org.bouncycastle.pqc.math.linearalgebra.PolynomialRingGF2m;
-
-
-/**
- * This class implements key pair generation of the McEliece Public Key
- * Cryptosystem (McEliecePKC).
- */
-public class McElieceKeyPairGenerator
-    implements AsymmetricCipherKeyPairGenerator
-{
-
-
-    public McElieceKeyPairGenerator()
-    {
-
-    }
-
-
-    /**
-     * The OID of the algorithm.
-     */
-    private static final String OID = "1.3.6.1.4.1.8301.3.1.3.4.1";
-
-    private McElieceKeyGenerationParameters mcElieceParams;
-
-    // the extension degree of the finite field GF(2^m)
-    private int m;
-
-    // the length of the code
-    private int n;
-
-    // the error correction capability
-    private int t;
-
-    // the field polynomial
-    private int fieldPoly;
-
-    // the source of randomness
-    private SecureRandom random;
-
-    // flag indicating whether the key pair generator has been initialized
-    private boolean initialized = false;
-
-
-    /**
-     * Default initialization of the key pair generator.
-     */
-    private void initializeDefault()
-    {
-        McElieceKeyGenerationParameters mcParams = new McElieceKeyGenerationParameters(CryptoServicesRegistrar.getSecureRandom(), new McElieceParameters());
-        initialize(mcParams);
-    }
-
-    private void initialize(
-        KeyGenerationParameters param)
-    {
-        this.mcElieceParams = (McElieceKeyGenerationParameters)param;
-
-        // set source of randomness
-        this.random = param.getRandom();
-        if (this.random == null)
-        {
-            this.random = CryptoServicesRegistrar.getSecureRandom();
-        }
-
-        this.m = this.mcElieceParams.getParameters().getM();
-        this.n = this.mcElieceParams.getParameters().getN();
-        this.t = this.mcElieceParams.getParameters().getT();
-        this.fieldPoly = this.mcElieceParams.getParameters().getFieldPoly();
-        this.initialized = true;
-    }
-
-
-    private AsymmetricCipherKeyPair genKeyPair()
-    {
-
-        if (!initialized)
-        {
-            initializeDefault();
-        }
-
-        // finite field GF(2^m)
-        GF2mField field = new GF2mField(m, fieldPoly);
-
-        // irreducible Goppa polynomial
-        PolynomialGF2mSmallM gp = new PolynomialGF2mSmallM(field, t,
-            PolynomialGF2mSmallM.RANDOM_IRREDUCIBLE_POLYNOMIAL, random);
-        PolynomialRingGF2m ring = new PolynomialRingGF2m(field, gp);
-
-        // matrix used to compute square roots in (GF(2^m))^t
-        PolynomialGF2mSmallM[] sqRootMatrix = ring.getSquareRootMatrix();
-
-        // generate canonical check matrix
-        GF2Matrix h = GoppaCode.createCanonicalCheckMatrix(field, gp);
-
-        // compute short systematic form of check matrix
-        MaMaPe mmp = GoppaCode.computeSystematicForm(h, random);
-        GF2Matrix shortH = mmp.getSecondMatrix();
-        Permutation p1 = mmp.getPermutation();
-
-        // compute short systematic form of generator matrix
-        GF2Matrix shortG = (GF2Matrix)shortH.computeTranspose();
-
-        // extend to full systematic form
-        GF2Matrix gPrime = shortG.extendLeftCompactForm();
-
-        // obtain number of rows of G (= dimension of the code)
-        int k = shortG.getNumRows();
-
-        // generate random invertible (k x k)-matrix S and its inverse S^-1
-        GF2Matrix[] matrixSandInverse = GF2Matrix
-            .createRandomRegularMatrixAndItsInverse(k, random);
-
-        // generate random permutation P2
-        Permutation p2 = new Permutation(n, random);
-
-        // compute public matrix G=S*G'*P2
-        GF2Matrix g = (GF2Matrix)matrixSandInverse[0].rightMultiply(gPrime);
-        g = (GF2Matrix)g.rightMultiply(p2);
-
-
-        // generate keys
-        McEliecePublicKeyParameters pubKey = new McEliecePublicKeyParameters(n, t, g);
-        McEliecePrivateKeyParameters privKey = new McEliecePrivateKeyParameters(n, k, field, gp, p1, p2, matrixSandInverse[1]);
-
-        // return key pair
-        return new AsymmetricCipherKeyPair(pubKey, privKey);
-    }
-
-    public void init(KeyGenerationParameters param)
-    {
-        this.initialize(param);
-    }
-
-    public AsymmetricCipherKeyPair generateKeyPair()
-    {
-        return genKeyPair();
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceKeyParameters.java
deleted file mode 100644
index 007e743..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceKeyParameters.java
+++ /dev/null

@@ -1,25 +0,0 @@
-package org.bouncycastle.pqc.crypto.mceliece;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-
-
-public class McElieceKeyParameters
-    extends AsymmetricKeyParameter
-{
-    private McElieceParameters params;
-
-    public McElieceKeyParameters(
-        boolean isPrivate,
-        McElieceParameters params)
-    {
-        super(isPrivate);
-        this.params = params;
-    }
-
-
-    public McElieceParameters getParameters()
-    {
-        return params;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceKobaraImaiCipher.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceKobaraImaiCipher.java
deleted file mode 100644
index 7e75c21..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceKobaraImaiCipher.java
+++ /dev/null

@@ -1,327 +0,0 @@
-package org.bouncycastle.pqc.crypto.mceliece;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.prng.DigestRandomGenerator;
-import org.bouncycastle.pqc.crypto.MessageEncryptor;
-import org.bouncycastle.pqc.math.linearalgebra.ByteUtils;
-import org.bouncycastle.pqc.math.linearalgebra.GF2Vector;
-import org.bouncycastle.pqc.math.linearalgebra.IntegerFunctions;
-
-/**
- * This class implements the Kobara/Imai conversion of the McEliecePKCS. This is
- * a conversion of the McEliecePKCS which is CCA2-secure. For details, see D.
- * Engelbert, R. Overbeck, A. Schmidt, "A summary of the development of the
- * McEliece Cryptosystem", technical report.
- */
-public class McElieceKobaraImaiCipher
-    implements MessageEncryptor
-{
-
-    /**
-     * The OID of the algorithm.
-     */
-    public static final String OID = "1.3.6.1.4.1.8301.3.1.3.4.2.3";
-
-    private static final String DEFAULT_PRNG_NAME = "SHA1PRNG";
-
-    /**
-     * A predetermined public constant.
-     */
-    public static final byte[] PUBLIC_CONSTANT = "a predetermined public constant"
-        .getBytes();
-
-
-    private Digest messDigest;
-
-    private SecureRandom sr;
-
-    McElieceCCA2KeyParameters key;
-
-    /**
-     * The McEliece main parameters
-     */
-    private int n, k, t;
-    private boolean forEncryption;
-
-
-    public void init(boolean forEncryption,
-                     CipherParameters param)
-    {
-        this.forEncryption = forEncryption;
-        if (forEncryption)
-        {
-            if (param instanceof ParametersWithRandom)
-            {
-                ParametersWithRandom rParam = (ParametersWithRandom)param;
-
-                this.sr = rParam.getRandom();
-                this.key = (McElieceCCA2PublicKeyParameters)rParam.getParameters();
-                this.initCipherEncrypt((McElieceCCA2PublicKeyParameters)key);
-
-            }
-            else
-            {
-                this.sr = CryptoServicesRegistrar.getSecureRandom();
-                this.key = (McElieceCCA2PublicKeyParameters)param;
-                this.initCipherEncrypt((McElieceCCA2PublicKeyParameters)key);
-            }
-        }
-        else
-        {
-            this.key = (McElieceCCA2PrivateKeyParameters)param;
-            this.initCipherDecrypt((McElieceCCA2PrivateKeyParameters)key);
-        }
-
-    }
-
-    /**
-     * Return the key size of the given key object.
-     *
-     * @param key the McElieceCCA2KeyParameters object
-     * @return the key size of the given key object
-     */
-    public int getKeySize(McElieceCCA2KeyParameters key)
-    {
-        if (key instanceof McElieceCCA2PublicKeyParameters)
-        {
-            return ((McElieceCCA2PublicKeyParameters)key).getN();
-
-        }
-        if (key instanceof McElieceCCA2PrivateKeyParameters)
-        {
-            return ((McElieceCCA2PrivateKeyParameters)key).getN();
-        }
-        throw new IllegalArgumentException("unsupported type");
-    }
-
-    private void initCipherEncrypt(McElieceCCA2PublicKeyParameters pubKey)
-    {
-        this.messDigest = Utils.getDigest(pubKey.getDigest());
-        n = pubKey.getN();
-        k = pubKey.getK();
-        t = pubKey.getT();
-
-    }
-
-    private void initCipherDecrypt(McElieceCCA2PrivateKeyParameters privKey)
-    {
-        this.messDigest = Utils.getDigest(privKey.getDigest());
-        n = privKey.getN();
-        k = privKey.getK();
-        t = privKey.getT();
-    }
-
-    public byte[] messageEncrypt(byte[] input)
-    {
-        if (!forEncryption)
-        {
-            throw new IllegalStateException("cipher initialised for decryption");
-        }
-
-        int c2Len = messDigest.getDigestSize();
-        int c4Len = k >> 3;
-        int c5Len = (IntegerFunctions.binomial(n, t).bitLength() - 1) >> 3;
-
-
-        int mLen = c4Len + c5Len - c2Len - PUBLIC_CONSTANT.length;
-        if (input.length > mLen)
-        {
-            mLen = input.length;
-        }
-
-        int c1Len = mLen + PUBLIC_CONSTANT.length;
-        int c6Len = c1Len + c2Len - c4Len - c5Len;
-
-        // compute (m||const)
-        byte[] mConst = new byte[c1Len];
-        System.arraycopy(input, 0, mConst, 0, input.length);
-        System.arraycopy(PUBLIC_CONSTANT, 0, mConst, mLen,
-            PUBLIC_CONSTANT.length);
-
-        // generate random r of length c2Len bytes
-        byte[] r = new byte[c2Len];
-        sr.nextBytes(r);
-
-        // get PRNG object
-                // get PRNG object
-        DigestRandomGenerator sr0 = new DigestRandomGenerator(new SHA1Digest());
-
-        // seed PRNG with r'
-        sr0.addSeedMaterial(r);
-
-        // generate random sequence ...
-        byte[] c1 = new byte[c1Len];
-        sr0.nextBytes(c1);
-
-        // ... and XOR with (m||const) to obtain c1
-        for (int i = c1Len - 1; i >= 0; i--)
-        {
-            c1[i] ^= mConst[i];
-        }
-
-        // compute H(c1) ...
-        byte[] c2 = new byte[messDigest.getDigestSize()];
-        messDigest.update(c1, 0, c1.length);
-        messDigest.doFinal(c2, 0);
-
-        // ... and XOR with r
-        for (int i = c2Len - 1; i >= 0; i--)
-        {
-            c2[i] ^= r[i];
-        }
-
-        // compute (c2||c1)
-        byte[] c2c1 = ByteUtils.concatenate(c2, c1);
-
-        // split (c2||c1) into (c6||c5||c4), where c4Len is k/8 bytes, c5Len is
-        // floor[log(n|t)]/8 bytes, and c6Len is c1Len+c2Len-c4Len-c5Len (may be
-        // 0).
-        byte[] c6 = new byte[0];
-        if (c6Len > 0)
-        {
-            c6 = new byte[c6Len];
-            System.arraycopy(c2c1, 0, c6, 0, c6Len);
-        }
-
-        byte[] c5 = new byte[c5Len];
-        System.arraycopy(c2c1, c6Len, c5, 0, c5Len);
-
-        byte[] c4 = new byte[c4Len];
-        System.arraycopy(c2c1, c6Len + c5Len, c4, 0, c4Len);
-
-        // convert c4 to vector over GF(2)
-        GF2Vector c4Vec = GF2Vector.OS2VP(k, c4);
-
-        // convert c5 to error vector z
-        GF2Vector z = Conversions.encode(n, t, c5);
-
-        // compute encC4 = E(c4, z)
-        byte[] encC4 = McElieceCCA2Primitives.encryptionPrimitive((McElieceCCA2PublicKeyParameters)key,
-            c4Vec, z).getEncoded();
-
-        // if c6Len > 0
-        if (c6Len > 0)
-        {
-            // return (c6||encC4)
-            return ByteUtils.concatenate(c6, encC4);
-        }
-        // else, return encC4
-        return encC4;
-    }
-
-
-    public byte[] messageDecrypt(byte[] input)
-        throws InvalidCipherTextException
-    {
-        if (forEncryption)
-        {
-            throw new IllegalStateException("cipher initialised for decryption");
-        }
-
-        int nDiv8 = n >> 3;
-
-        if (input.length < nDiv8)
-        {
-            throw new InvalidCipherTextException("Bad Padding: Ciphertext too short.");
-        }
-
-        int c2Len = messDigest.getDigestSize();
-        int c4Len = k >> 3;
-        int c6Len = input.length - nDiv8;
-
-        // split cipher text (c6||encC4), where c6 may be empty
-        byte[] c6, encC4;
-        if (c6Len > 0)
-        {
-            byte[][] c6EncC4 = ByteUtils.split(input, c6Len);
-            c6 = c6EncC4[0];
-            encC4 = c6EncC4[1];
-        }
-        else
-        {
-            c6 = new byte[0];
-            encC4 = input;
-        }
-
-        // convert encC4 into vector over GF(2)
-        GF2Vector encC4Vec = GF2Vector.OS2VP(n, encC4);
-
-        // decrypt encC4Vec to obtain c4 and error vector z
-        GF2Vector[] c4z = McElieceCCA2Primitives.decryptionPrimitive((McElieceCCA2PrivateKeyParameters)key,
-            encC4Vec);
-        byte[] c4 = c4z[0].getEncoded();
-        GF2Vector z = c4z[1];
-
-        // if length of c4 is greater than c4Len (because of padding) ...
-        if (c4.length > c4Len)
-        {
-            // ... truncate the padding bytes
-            c4 = ByteUtils.subArray(c4, 0, c4Len);
-        }
-
-        // compute c5 = Conv^-1(z)
-        byte[] c5 = Conversions.decode(n, t, z);
-
-        // compute (c6||c5||c4)
-        byte[] c6c5c4 = ByteUtils.concatenate(c6, c5);
-        c6c5c4 = ByteUtils.concatenate(c6c5c4, c4);
-
-        // split (c6||c5||c4) into (c2||c1), where c2Len = mdLen and c1Len =
-        // input.length-c2Len bytes.
-        int c1Len = c6c5c4.length - c2Len;
-        byte[][] c2c1 = ByteUtils.split(c6c5c4, c2Len);
-        byte[] c2 = c2c1[0];
-        byte[] c1 = c2c1[1];
-
-        // compute H(c1) ...
-        byte[] rPrime = new byte[messDigest.getDigestSize()];
-        messDigest.update(c1, 0, c1.length);
-        messDigest.doFinal(rPrime, 0);
-
-        // ... and XOR with c2 to obtain r'
-        for (int i = c2Len - 1; i >= 0; i--)
-        {
-            rPrime[i] ^= c2[i];
-        }
-
-        // get PRNG object
-        DigestRandomGenerator sr0 = new DigestRandomGenerator(new SHA1Digest());
-
-        // seed PRNG with r'
-        sr0.addSeedMaterial(rPrime);
-
-        // generate random sequence R(r') ...
-        byte[] mConstPrime = new byte[c1Len];
-        sr0.nextBytes(mConstPrime);
-
-        // ... and XOR with c1 to obtain (m||const')
-        for (int i = c1Len - 1; i >= 0; i--)
-        {
-            mConstPrime[i] ^= c1[i];
-        }
-
-        if (mConstPrime.length < c1Len)
-        {
-            throw new InvalidCipherTextException("Bad Padding: invalid ciphertext");
-        }
-
-        byte[][] temp = ByteUtils.split(mConstPrime, c1Len
-            - PUBLIC_CONSTANT.length);
-        byte[] mr = temp[0];
-        byte[] constPrime = temp[1];
-
-        if (!ByteUtils.equals(constPrime, PUBLIC_CONSTANT))
-        {
-            throw new InvalidCipherTextException("Bad Padding: invalid ciphertext");
-        }
-
-        return mr;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceParameters.java
deleted file mode 100644
index 62beb33..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McElieceParameters.java
+++ /dev/null

@@ -1,230 +0,0 @@
-package org.bouncycastle.pqc.crypto.mceliece;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.pqc.math.linearalgebra.PolynomialRingGF2;
-
-public class McElieceParameters
-    implements CipherParameters
-{
-
-    /**
-     * The default extension degree
-     */
-    public static final int DEFAULT_M = 11;
-
-    /**
-     * The default error correcting capability.
-     */
-    public static final int DEFAULT_T = 50;
-
-    /**
-     * extension degree of the finite field GF(2^m)
-     */
-    private int m;
-
-    /**
-     * error correction capability of the code
-     */
-    private int t;
-
-    /**
-     * length of the code
-     */
-    private int n;
-
-    /**
-     * the field polynomial
-     */
-    private int fieldPoly;
-
-    private Digest digest;
-
-    /**
-     * Constructor. Set the default parameters: extension degree.
-     */
-    public McElieceParameters()
-    {
-        this(DEFAULT_M, DEFAULT_T);
-    }
-
-    public McElieceParameters(Digest digest)
-    {
-        this(DEFAULT_M, DEFAULT_T, digest);
-    }
-
-    /**
-     * Constructor.
-     *
-     * @param keysize the length of a Goppa code
-     * @throws IllegalArgumentException if <tt>keysize &lt; 1</tt>.
-     */
-    public McElieceParameters(int keysize)
-    {
-        this(keysize, null);
-    }
-
-    /**
-     * Constructor.
-     *
-     * @param keysize the length of a Goppa code
-     * @param digest CCA2 mode digest
-     * @throws IllegalArgumentException if <tt>keysize &lt; 1</tt>.
-     */
-    public McElieceParameters(int keysize, Digest digest)
-    {
-        if (keysize < 1)
-        {
-            throw new IllegalArgumentException("key size must be positive");
-        }
-        m = 0;
-        n = 1;
-        while (n < keysize)
-        {
-            n <<= 1;
-            m++;
-        }
-        t = n >>> 1;
-        t /= m;
-        fieldPoly = PolynomialRingGF2.getIrreduciblePolynomial(m);
-        this.digest = digest;
-    }
-
-    /**
-     * Constructor.
-     *
-     * @param m degree of the finite field GF(2^m)
-     * @param t error correction capability of the code
-     * @throws IllegalArgumentException if <tt>m &lt; 1</tt> or <tt>m &gt; 32</tt> or
-     * <tt>t &lt; 0</tt> or <tt>t &gt; n</tt>.
-     */
-    public McElieceParameters(int m, int t)
-    {
-        this(m, t, null);
-    }
-
-    /**
-     * Constructor.
-     *
-     * @param m degree of the finite field GF(2^m)
-     * @param t error correction capability of the code
-     * @throws IllegalArgumentException if <tt>m &lt; 1</tt> or <tt>m &gt; 32</tt> or
-     * <tt>t &lt; 0</tt> or <tt>t &gt; n</tt>.
-     */
-    public McElieceParameters(int m, int t, Digest digest)
-    {
-        if (m < 1)
-        {
-            throw new IllegalArgumentException("m must be positive");
-        }
-        if (m > 32)
-        {
-            throw new IllegalArgumentException("m is too large");
-        }
-        this.m = m;
-        n = 1 << m;
-        if (t < 0)
-        {
-            throw new IllegalArgumentException("t must be positive");
-        }
-        if (t > n)
-        {
-            throw new IllegalArgumentException("t must be less than n = 2^m");
-        }
-        this.t = t;
-        fieldPoly = PolynomialRingGF2.getIrreduciblePolynomial(m);
-        this.digest = digest;
-    }
-
-    /**
-     * Constructor.
-     *
-     * @param m    degree of the finite field GF(2^m)
-     * @param t    error correction capability of the code
-     * @param poly the field polynomial
-     * @throws IllegalArgumentException if <tt>m &lt; 1</tt> or <tt>m &gt; 32</tt> or
-     * <tt>t &lt; 0</tt> or <tt>t &gt; n</tt> or
-     * <tt>poly</tt> is not an irreducible field polynomial.
-     */
-    public McElieceParameters(int m, int t, int poly)
-    {
-        this(m, t, poly, null);
-    }
-
-    /**
-     * Constructor.
-     *
-     * @param m    degree of the finite field GF(2^m)
-     * @param t    error correction capability of the code
-     * @param poly the field polynomial
-     * @param digest CCA2 mode digest
-     * @throws IllegalArgumentException if <tt>m &lt; 1</tt> or <tt>m &gt; 32</tt> or
-     * <tt>t &lt; 0</tt> or <tt>t &gt; n</tt> or
-     * <tt>poly</tt> is not an irreducible field polynomial.
-     */
-    public McElieceParameters(int m, int t, int poly, Digest digest)
-    {
-        this.m = m;
-        if (m < 1)
-        {
-            throw new IllegalArgumentException("m must be positive");
-        }
-        if (m > 32)
-        {
-            throw new IllegalArgumentException(" m is too large");
-        }
-        this.n = 1 << m;
-        this.t = t;
-        if (t < 0)
-        {
-            throw new IllegalArgumentException("t must be positive");
-        }
-        if (t > n)
-        {
-            throw new IllegalArgumentException("t must be less than n = 2^m");
-        }
-        if ((PolynomialRingGF2.degree(poly) == m)
-            && (PolynomialRingGF2.isIrreducible(poly)))
-        {
-            this.fieldPoly = poly;
-        }
-        else
-        {
-            throw new IllegalArgumentException(
-                "polynomial is not a field polynomial for GF(2^m)");
-        }
-        this.digest = digest;
-    }
-
-    /**
-     * @return the extension degree of the finite field GF(2^m)
-     */
-    public int getM()
-    {
-        return m;
-    }
-
-    /**
-     * @return the length of the code
-     */
-    public int getN()
-    {
-        return n;
-    }
-
-    /**
-     * @return the error correction capability of the code
-     */
-    public int getT()
-    {
-        return t;
-    }
-
-    /**
-     * @return the field polynomial
-     */
-    public int getFieldPoly()
-    {
-        return fieldPoly;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McEliecePointchevalCipher.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McEliecePointchevalCipher.java
deleted file mode 100644
index 7fa02ed..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McEliecePointchevalCipher.java
+++ /dev/null

@@ -1,252 +0,0 @@
-package org.bouncycastle.pqc.crypto.mceliece;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.prng.DigestRandomGenerator;
-import org.bouncycastle.pqc.crypto.MessageEncryptor;
-import org.bouncycastle.pqc.math.linearalgebra.ByteUtils;
-import org.bouncycastle.pqc.math.linearalgebra.GF2Vector;
-
-/**
- * This class implements the Pointcheval conversion of the McEliecePKCS.
- * Pointcheval presents a generic technique to make a CCA2-secure cryptosystem
- * from any partially trapdoor one-way function in the random oracle model. For
- * details, see D. Engelbert, R. Overbeck, A. Schmidt, "A summary of the
- * development of the McEliece Cryptosystem", technical report.
- */
-public class McEliecePointchevalCipher
-    implements MessageEncryptor
-{
-
-
-    /**
-     * The OID of the algorithm.
-     */
-    public static final String OID = "1.3.6.1.4.1.8301.3.1.3.4.2.2";
-
-    private Digest messDigest;
-
-    private SecureRandom sr;
-
-    /**
-     * The McEliece main parameters
-     */
-    private int n, k, t;
-
-    McElieceCCA2KeyParameters key;
-    private boolean forEncryption;
-
-    public void init(boolean forEncryption,
-                     CipherParameters param)
-    {
-        this.forEncryption = forEncryption;
-
-        if (forEncryption)
-        {
-            if (param instanceof ParametersWithRandom)
-            {
-                ParametersWithRandom rParam = (ParametersWithRandom)param;
-
-                this.sr = rParam.getRandom();
-                this.key = (McElieceCCA2PublicKeyParameters)rParam.getParameters();
-                this.initCipherEncrypt((McElieceCCA2PublicKeyParameters)key);
-
-            }
-            else
-            {
-                this.sr = CryptoServicesRegistrar.getSecureRandom();
-                this.key = (McElieceCCA2PublicKeyParameters)param;
-                this.initCipherEncrypt((McElieceCCA2PublicKeyParameters)key);
-            }
-        }
-        else
-        {
-            this.key = (McElieceCCA2PrivateKeyParameters)param;
-            this.initCipherDecrypt((McElieceCCA2PrivateKeyParameters)key);
-        }
-
-    }
-
-    /**
-     * Return the key size of the given key object.
-     *
-     * @param key the McElieceCCA2KeyParameters object
-     * @return the key size of the given key object
-     * @throws IllegalArgumentException if the key is invalid
-     */
-    public int getKeySize(McElieceCCA2KeyParameters key)
-        throws IllegalArgumentException
-    {
-
-        if (key instanceof McElieceCCA2PublicKeyParameters)
-        {
-            return ((McElieceCCA2PublicKeyParameters)key).getN();
-
-        }
-        if (key instanceof McElieceCCA2PrivateKeyParameters)
-        {
-            return ((McElieceCCA2PrivateKeyParameters)key).getN();
-        }
-        throw new IllegalArgumentException("unsupported type");
-
-    }
-
-
-    protected int decryptOutputSize(int inLen)
-    {
-        return 0;
-    }
-
-    protected int encryptOutputSize(int inLen)
-    {
-        return 0;
-    }
-
-
-    private void initCipherEncrypt(McElieceCCA2PublicKeyParameters pubKey)
-    {
-        this.sr = sr != null ? sr : CryptoServicesRegistrar.getSecureRandom();
-        this.messDigest = Utils.getDigest(pubKey.getDigest());
-        n = pubKey.getN();
-        k = pubKey.getK();
-        t = pubKey.getT();
-    }
-
-    private void initCipherDecrypt(McElieceCCA2PrivateKeyParameters privKey)
-    {
-        this.messDigest = Utils.getDigest(privKey.getDigest());
-        n = privKey.getN();
-        k = privKey.getK();
-        t = privKey.getT();
-    }
-
-    public byte[] messageEncrypt(byte[] input)
-    {
-        if (!forEncryption)
-        {
-            throw new IllegalStateException("cipher initialised for decryption");
-        }
-
-        int kDiv8 = k >> 3;
-
-        // generate random r of length k div 8 bytes
-        byte[] r = new byte[kDiv8];
-        sr.nextBytes(r);
-
-        // generate random vector r' of length k bits
-        GF2Vector rPrime = new GF2Vector(k, sr);
-
-        // convert r' to byte array
-        byte[] rPrimeBytes = rPrime.getEncoded();
-
-        // compute (input||r)
-        byte[] mr = ByteUtils.concatenate(input, r);
-
-        // compute H(input||r)
-        messDigest.update(mr, 0, mr.length);
-        byte[] hmr = new byte[messDigest.getDigestSize()];
-        messDigest.doFinal(hmr, 0);
-
-
-        // convert H(input||r) to error vector z
-        GF2Vector z = Conversions.encode(n, t, hmr);
-
-        // compute c1 = E(rPrime, z)
-        byte[] c1 = McElieceCCA2Primitives.encryptionPrimitive((McElieceCCA2PublicKeyParameters)key, rPrime,
-            z).getEncoded();
-
-        // get PRNG object
-        DigestRandomGenerator sr0 = new DigestRandomGenerator(new SHA1Digest());
-
-        // seed PRNG with r'
-        sr0.addSeedMaterial(rPrimeBytes);
-
-        // generate random c2
-        byte[] c2 = new byte[input.length + kDiv8];
-        sr0.nextBytes(c2);
-
-        // XOR with input
-        for (int i = 0; i < input.length; i++)
-        {
-            c2[i] ^= input[i];
-        }
-        // XOR with r
-        for (int i = 0; i < kDiv8; i++)
-        {
-            c2[input.length + i] ^= r[i];
-        }
-
-        // return (c1||c2)
-        return ByteUtils.concatenate(c1, c2);
-    }
-
-    public byte[] messageDecrypt(byte[] input)
-        throws InvalidCipherTextException
-    {
-        if (forEncryption)
-        {
-            throw new IllegalStateException("cipher initialised for decryption");
-        }
-
-        int c1Len = (n + 7) >> 3;
-        int c2Len = input.length - c1Len;
-
-        // split cipher text (c1||c2)
-        byte[][] c1c2 = ByteUtils.split(input, c1Len);
-        byte[] c1 = c1c2[0];
-        byte[] c2 = c1c2[1];
-
-        // decrypt c1 ...
-        GF2Vector c1Vec = GF2Vector.OS2VP(n, c1);
-        GF2Vector[] c1Dec = McElieceCCA2Primitives.decryptionPrimitive((McElieceCCA2PrivateKeyParameters)key,
-            c1Vec);
-        byte[] rPrimeBytes = c1Dec[0].getEncoded();
-        // ... and obtain error vector z
-        GF2Vector z = c1Dec[1];
-
-        // get PRNG object
-        DigestRandomGenerator sr0 = new DigestRandomGenerator(new SHA1Digest());
-
-        // seed PRNG with r'
-        sr0.addSeedMaterial(rPrimeBytes);
-
-        // generate random sequence
-        byte[] mrBytes = new byte[c2Len];
-        sr0.nextBytes(mrBytes);
-
-        // XOR with c2 to obtain (m||r)
-        for (int i = 0; i < c2Len; i++)
-        {
-            mrBytes[i] ^= c2[i];
-        }
-
-        // compute H(m||r)
-        messDigest.update(mrBytes, 0, mrBytes.length);
-        byte[] hmr = new byte[messDigest.getDigestSize()];
-        messDigest.doFinal(hmr, 0);
-
-        // compute Conv(H(m||r))
-        c1Vec = Conversions.encode(n, t, hmr);
-
-        // check that Conv(H(m||r)) = z
-        if (!c1Vec.equals(z))
-        {
-            throw new InvalidCipherTextException("Bad Padding: Invalid ciphertext.");
-        }
-
-        // split (m||r) to obtain m
-        int kDiv8 = k >> 3;
-        byte[][] mr = ByteUtils.split(mrBytes, c2Len - kDiv8);
-
-        // return plain text m
-        return mr[0];
-    }
-
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McEliecePrivateKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McEliecePrivateKeyParameters.java
deleted file mode 100644
index a21de4e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McEliecePrivateKeyParameters.java
+++ /dev/null

@@ -1,189 +0,0 @@
-package org.bouncycastle.pqc.crypto.mceliece;
-
-import org.bouncycastle.pqc.math.linearalgebra.GF2Matrix;
-import org.bouncycastle.pqc.math.linearalgebra.GF2mField;
-import org.bouncycastle.pqc.math.linearalgebra.GoppaCode;
-import org.bouncycastle.pqc.math.linearalgebra.Permutation;
-import org.bouncycastle.pqc.math.linearalgebra.PolynomialGF2mSmallM;
-import org.bouncycastle.pqc.math.linearalgebra.PolynomialRingGF2m;
-
-
-public class McEliecePrivateKeyParameters
-    extends McElieceKeyParameters
-{
-
-    // the OID of the algorithm
-    private String oid;
-
-    // the length of the code
-    private int n;
-
-    // the dimension of the code, where <tt>k &gt;= n - mt</tt>
-    private int k;
-
-    // the underlying finite field
-    private GF2mField field;
-
-    // the irreducible Goppa polynomial
-    private PolynomialGF2mSmallM goppaPoly;
-
-    // a k x k random binary non-singular matrix
-    private GF2Matrix sInv;
-
-    // the permutation used to generate the systematic check matrix
-    private Permutation p1;
-
-    // the permutation used to compute the public generator matrix
-    private Permutation p2;
-
-    // the canonical check matrix of the code
-    private GF2Matrix h;
-
-    // the matrix used to compute square roots in <tt>(GF(2^m))^t</tt>
-    private PolynomialGF2mSmallM[] qInv;
-
-    /**
-     * Constructor.
-     *
-     * @param n         the length of the code
-     * @param k         the dimension of the code
-     * @param field     the field polynomial defining the finite field
-*                  <tt>GF(2<sup>m</sup>)</tt>
-     * @param gp the irreducible Goppa polynomial
-     * @param p1        the permutation used to generate the systematic check
-*                  matrix
-     * @param p2        the permutation used to compute the public generator
-*                  matrix
-     * @param sInv      the matrix <tt>S<sup>-1</sup></tt>
-     */
-    public McEliecePrivateKeyParameters(int n, int k, GF2mField field,
-                                        PolynomialGF2mSmallM gp, Permutation p1, Permutation p2, GF2Matrix sInv)
-    {
-        super(true, null);
-        this.k = k;
-        this.n = n;
-        this.field = field;
-        this.goppaPoly = gp;
-        this.sInv = sInv;
-        this.p1 = p1;
-        this.p2 = p2;
-        this.h = GoppaCode.createCanonicalCheckMatrix(field, gp);
-
-        PolynomialRingGF2m ring = new PolynomialRingGF2m(field, gp);
-
-          // matrix used to compute square roots in (GF(2^m))^t
-        this.qInv = ring.getSquareRootMatrix();
-    }
-
-    /**
-     * Constructor.
-     *
-     * @param n            the length of the code
-     * @param k            the dimension of the code
-     * @param encField     the encoded field polynomial defining the finite field
-     *                     <tt>GF(2<sup>m</sup>)</tt>
-     * @param encGoppaPoly the encoded irreducible Goppa polynomial
-     * @param encSInv      the encoded matrix <tt>S<sup>-1</sup></tt>
-     * @param encP1        the encoded permutation used to generate the systematic
-     *                     check matrix
-     * @param encP2        the encoded permutation used to compute the public
-     *                     generator matrix
-     * @param encH         the encoded canonical check matrix
-     * @param encQInv      the encoded matrix used to compute square roots in
-     *                     <tt>(GF(2<sup>m</sup>))<sup>t</sup></tt>
-     */
-    public McEliecePrivateKeyParameters(int n, int k, byte[] encField,
-                                        byte[] encGoppaPoly, byte[] encSInv, byte[] encP1, byte[] encP2,
-                                        byte[] encH, byte[][] encQInv)
-    {
-        super(true, null);
-        this.n = n;
-        this.k = k;
-        field = new GF2mField(encField);
-        goppaPoly = new PolynomialGF2mSmallM(field, encGoppaPoly);
-        sInv = new GF2Matrix(encSInv);
-        p1 = new Permutation(encP1);
-        p2 = new Permutation(encP2);
-        h = new GF2Matrix(encH);
-        qInv = new PolynomialGF2mSmallM[encQInv.length];
-        for (int i = 0; i < encQInv.length; i++)
-        {
-            qInv[i] = new PolynomialGF2mSmallM(field, encQInv[i]);
-        }
-    }
-
-    /**
-     * @return the length of the code
-     */
-    public int getN()
-    {
-        return n;
-    }
-
-    /**
-     * @return the dimension of the code
-     */
-    public int getK()
-    {
-        return k;
-    }
-
-    /**
-     * @return the finite field <tt>GF(2<sup>m</sup>)</tt>
-     */
-    public GF2mField getField()
-    {
-        return field;
-    }
-
-    /**
-     * @return the irreducible Goppa polynomial
-     */
-    public PolynomialGF2mSmallM getGoppaPoly()
-    {
-        return goppaPoly;
-    }
-
-    /**
-     * @return the k x k random binary non-singular matrix S^-1
-     */
-    public GF2Matrix getSInv()
-    {
-        return sInv;
-    }
-
-    /**
-     * @return the permutation used to generate the systematic check matrix
-     */
-    public Permutation getP1()
-    {
-        return p1;
-    }
-
-    /**
-     * @return the permutation used to compute the public generator matrix
-     */
-    public Permutation getP2()
-    {
-        return p2;
-    }
-
-    /**
-     * @return the canonical check matrix H
-     */
-    public GF2Matrix getH()
-    {
-        return h;
-    }
-
-    /**
-     * @return the matrix used to compute square roots in
-     *         <tt>(GF(2<sup>m</sup>))<sup>t</sup></tt>
-     */
-    public PolynomialGF2mSmallM[] getQInv()
-    {
-        return qInv;
-    }
-
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McEliecePublicKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McEliecePublicKeyParameters.java
deleted file mode 100644
index 507a8ce..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/McEliecePublicKeyParameters.java
+++ /dev/null

@@ -1,65 +0,0 @@
-package org.bouncycastle.pqc.crypto.mceliece;
-
-import org.bouncycastle.pqc.math.linearalgebra.GF2Matrix;
-
-
-public class McEliecePublicKeyParameters
-    extends McElieceKeyParameters
-{
-    // the length of the code
-    private int n;
-
-    // the error correction capability of the code
-    private int t;
-
-    // the generator matrix
-    private GF2Matrix g;
-
-    /**
-     * Constructor.
-     *
-     * @param n      the length of the code
-     * @param t      the error correction capability of the code
-     * @param g      the generator matrix
-     */
-    public McEliecePublicKeyParameters(int n, int t, GF2Matrix g)
-    {
-        super(false, null);
-        this.n = n;
-        this.t = t;
-        this.g = new GF2Matrix(g);
-    }
-
-    /**
-     * @return the length of the code
-     */
-    public int getN()
-    {
-        return n;
-    }
-
-    /**
-     * @return the error correction capability of the code
-     */
-    public int getT()
-    {
-        return t;
-    }
-
-    /**
-     * @return the generator matrix
-     */
-    public GF2Matrix getG()
-    {
-        return g;
-    }
-
-    /**
-     * @return the dimension of the code
-     */
-    public int getK()
-    {
-        return g.getNumRows();
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/Utils.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/Utils.java
deleted file mode 100644
index b3fba14..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/mceliece/Utils.java
+++ /dev/null

@@ -1,37 +0,0 @@
-package org.bouncycastle.pqc.crypto.mceliece;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA1Digest;
-import org.bouncycastle.crypto.digests.SHA224Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA384Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-
-class Utils
-{
-    static Digest getDigest(String digestName)
-    {
-        if (digestName.equals("SHA-1"))
-        {
-            return new SHA1Digest();
-        }
-        if (digestName.equals("SHA-224"))
-        {
-            return new SHA224Digest();
-        }
-        if (digestName.equals("SHA-256"))
-        {
-            return new SHA256Digest();
-        }
-        if (digestName.equals("SHA-384"))
-        {
-            return new SHA384Digest();
-        }
-        if (digestName.equals("SHA-512"))
-        {
-            return new SHA512Digest();
-        }
-
-        throw new IllegalArgumentException("unrecognised digest algorithm: " + digestName);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/ChaCha20.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/ChaCha20.java
deleted file mode 100644
index e21ea4d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/ChaCha20.java
+++ /dev/null

@@ -1,15 +0,0 @@
-package org.bouncycastle.pqc.crypto.newhope;
-
-import org.bouncycastle.crypto.engines.ChaChaEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-
-class ChaCha20
-{
-    static void process(byte[] key, byte[] nonce, byte[] buf, int off, int len)
-    {
-        ChaChaEngine e = new ChaChaEngine(20);
-        e.init(true, new ParametersWithIV(new KeyParameter(key), nonce));
-        e.processBytes(buf, off, len, buf, off);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/ErrorCorrection.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/ErrorCorrection.java
deleted file mode 100644
index e2af320..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/ErrorCorrection.java
+++ /dev/null

@@ -1,121 +0,0 @@
-package org.bouncycastle.pqc.crypto.newhope;
-
-import org.bouncycastle.util.Arrays;
-
-class ErrorCorrection
-{
-    static int abs(int v)
-    {
-        int mask = v >> 31;
-        return (v ^ mask) - mask;
-    }
-
-    static int f(int[] v, int off0, int off1, int x)
-    {
-        int xit, t, r, b;
-
-        // Next 6 lines compute t = x/Params.Q;
-        b = x * 2730;
-        t = b >> 25;
-        b = x - t * Params.Q;
-        b = 12288 - b;
-        b >>= 31;
-        t -= b;
-
-        r = t & 1;
-        xit =  t >> 1;
-        v[off0] = xit + r; // v0 = round(x/(2*Params.Q))
-
-        t -= 1;
-        r = t & 1;
-        v[off1] = (t >> 1) + r;
-
-        return abs(x-((v[off0]) * 2 * Params.Q));
-    }
-
-    static int g(int x)
-    {
-        int t, c, b;
-
-        // Next 6 lines compute t = x/(4 * Params.Q);
-        b = x * 2730;
-        t = b >> 27;
-        b = x - t * 49156;
-        b = 49155 - b;
-        b >>= 31;
-        t -= b;
-
-        c = t & 1;
-        t = (t >> 1) + c; // t = round(x/(8 * Params.Q))
-
-        t *= 8 * Params.Q;
-
-        return abs(t - x);
-    }
-
-    static void helpRec(short[] c, short[] v, byte[] seed, byte nonce)
-    {
-        byte[] iv = new byte[8];
-//        iv[7] = nonce;
-        iv[0] = nonce;
-
-        byte[] rand = new byte[32];
-        ChaCha20.process(seed, iv, rand, 0, rand.length);
-
-//      int32_t v0[4], v1[4], v_tmp[4], k;
-        int[] vs = new int[8], vTmp = new int[4];
-        int k;
-
-        for (int i = 0; i < 256; ++i)
-        {
-            int rBit = (rand[i >>> 3] >>> (i & 7)) & 1;
-
-            k  = f(vs, 0, 4, 8 * v[  0 + i] + 4 * rBit);
-            k += f(vs, 1, 5, 8 * v[256 + i] + 4 * rBit);
-            k += f(vs, 2, 6, 8 * v[512 + i] + 4 * rBit);
-            k += f(vs, 3, 7, 8 * v[768 + i] + 4 * rBit);
-
-            k = (2 * Params.Q - 1 - k) >> 31;
-
-            vTmp[0] = ((~k) & vs[0]) ^ (k & vs[4]);
-            vTmp[1] = ((~k) & vs[1]) ^ (k & vs[5]);
-            vTmp[2] = ((~k) & vs[2]) ^ (k & vs[6]);
-            vTmp[3] = ((~k) & vs[3]) ^ (k & vs[7]);
-
-            c[  0 + i] = (short)((vTmp[0] -     vTmp[3]) & 3);  
-            c[256 + i] = (short)((vTmp[1] -     vTmp[3]) & 3);
-            c[512 + i] = (short)((vTmp[2] -     vTmp[3]) & 3);
-            c[768 + i] = (short)((   -k   + 2 * vTmp[3]) & 3);
-        }
-    }
-
-    static short LDDecode(int xi0, int xi1, int xi2, int xi3)
-    {
-        int t;
-
-        t  = g(xi0);
-        t += g(xi1);
-        t += g(xi2);
-        t += g(xi3);
-
-        t -= 8 * Params.Q;
-
-        return (short)(t >>> 31);
-    }
-
-    static void rec(byte[] key, short[] v, short[] c)
-    {
-        Arrays.fill(key, (byte)0);
-
-        int[] tmp = new int[4];
-        for(int i = 0; i < 256; ++i)
-        {
-            tmp[0] = 16 * Params.Q + 8 * (int)v[  0 + i] - Params.Q * (2 * c[  0 + i] + c[768 + i]);
-            tmp[1] = 16 * Params.Q + 8 * (int)v[256 + i] - Params.Q * (2 * c[256 + i] + c[768 + i]);
-            tmp[2] = 16 * Params.Q + 8 * (int)v[512 + i] - Params.Q * (2 * c[512 + i] + c[768 + i]);
-            tmp[3] = 16 * Params.Q + 8 * (int)v[768 + i] - Params.Q * (                 c[768 + i]);
-
-            key[i >>> 3] |= LDDecode(tmp[0], tmp[1], tmp[2], tmp[3]) << (i & 7);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/NHAgreement.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/NHAgreement.java
deleted file mode 100644
index 47b2042..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/NHAgreement.java
+++ /dev/null

@@ -1,24 +0,0 @@
-package org.bouncycastle.pqc.crypto.newhope;
-
-import org.bouncycastle.crypto.CipherParameters;
-
-public class NHAgreement
-{
-    private NHPrivateKeyParameters privKey;
-
-    public void init(CipherParameters param)
-    {
-        privKey = (NHPrivateKeyParameters)param;
-    }
-
-    public byte[] calculateAgreement(CipherParameters otherPublicKey)
-    {
-        NHPublicKeyParameters pubKey = (NHPublicKeyParameters)otherPublicKey;
-
-        byte[] sharedValue = new byte[NewHope.AGREEMENT_SIZE];
-
-        NewHope.sharedA(sharedValue, privKey.secData, pubKey.pubData);
-
-        return sharedValue;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/NHExchangePairGenerator.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/NHExchangePairGenerator.java
deleted file mode 100644
index 678e93a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/NHExchangePairGenerator.java
+++ /dev/null

@@ -1,35 +0,0 @@
-package org.bouncycastle.pqc.crypto.newhope;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.pqc.crypto.ExchangePair;
-import org.bouncycastle.pqc.crypto.ExchangePairGenerator;
-
-public class NHExchangePairGenerator
-    implements ExchangePairGenerator
-{
-    private final SecureRandom random;
-
-    public NHExchangePairGenerator(SecureRandom random)
-    {
-        this.random = random;
-    }
-
-    public ExchangePair GenerateExchange(AsymmetricKeyParameter senderPublicKey)
-    {
-        return generateExchange(senderPublicKey);
-    }
-
-    public ExchangePair generateExchange(AsymmetricKeyParameter senderPublicKey)
-    {
-        NHPublicKeyParameters pubKey = (NHPublicKeyParameters)senderPublicKey;
-
-        byte[] sharedValue = new byte[NewHope.AGREEMENT_SIZE];
-        byte[] publicKeyValue = new byte[NewHope.SENDB_BYTES];
-
-        NewHope.sharedB(random, sharedValue, publicKeyValue, pubKey.pubData);
-
-        return new ExchangePair(new NHPublicKeyParameters(publicKeyValue), sharedValue);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/NHKeyPairGenerator.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/NHKeyPairGenerator.java
deleted file mode 100644
index e5115d7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/NHKeyPairGenerator.java
+++ /dev/null

@@ -1,28 +0,0 @@
-package org.bouncycastle.pqc.crypto.newhope;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-
-public class NHKeyPairGenerator
-    implements AsymmetricCipherKeyPairGenerator
-{
-    private SecureRandom random;
-
-    public void init(KeyGenerationParameters param)
-    {
-        this.random = param.getRandom();
-    }
-
-    public AsymmetricCipherKeyPair generateKeyPair()
-    {
-        byte[] pubData = new byte[NewHope.SENDA_BYTES];
-        short[] secData = new short[NewHope.POLY_SIZE];
-
-        NewHope.keygen(random, pubData, secData);
-
-        return new AsymmetricCipherKeyPair(new NHPublicKeyParameters(pubData), new NHPrivateKeyParameters(secData));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/NHOtherInfoGenerator.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/NHOtherInfoGenerator.java
deleted file mode 100644
index 409afe0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/NHOtherInfoGenerator.java
+++ /dev/null

@@ -1,164 +0,0 @@
-package org.bouncycastle.pqc.crypto.newhope;
-
-import java.io.IOException;
-import java.security.SecureRandom;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.crypto.util.DEROtherInfo;
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-import org.bouncycastle.pqc.crypto.ExchangePair;
-
-/**
- * OtherInfo Generator for which can be used for populating the SuppPrivInfo field used to provide shared
- * secret data used with NIST SP 800-56A agreement algorithms.
- */
-public class NHOtherInfoGenerator
-{
-    protected final DEROtherInfo.Builder otherInfoBuilder;
-    protected final SecureRandom random;
-
-    protected boolean used = false;
-    
-    /**
-     * Create a basic builder with just the compulsory fields.
-     *
-     * @param algorithmID the algorithm associated with this invocation of the KDF.
-     * @param partyUInfo  sender party info.
-     * @param partyVInfo  receiver party info.
-     * @param random a source of randomness.
-     */
-    public NHOtherInfoGenerator(AlgorithmIdentifier algorithmID, byte[] partyUInfo, byte[] partyVInfo, SecureRandom random)
-    {
-        this.otherInfoBuilder = new DEROtherInfo.Builder(algorithmID, partyUInfo, partyVInfo);
-        this.random = random;
-    }
-
-    /**
-     * Party U (initiator) generation.
-     */
-    public static class PartyU
-        extends NHOtherInfoGenerator
-    {
-        private AsymmetricCipherKeyPair aKp;
-        private NHAgreement agreement = new NHAgreement();
-
-        public PartyU(AlgorithmIdentifier algorithmID, byte[] partyUInfo, byte[] partyVInfo, java.security.SecureRandom random)
-        {
-            super(algorithmID, partyUInfo, partyVInfo, random);
-
-            NHKeyPairGenerator kpGen = new NHKeyPairGenerator();
-
-            kpGen.init(new KeyGenerationParameters(random, 2048));
-
-            aKp = kpGen.generateKeyPair();
-
-            agreement.init(aKp.getPrivate());
-        }
-
-        /**
-         * Add optional supplementary public info (DER tagged, implicit, 0).
-         *
-         * @param suppPubInfo supplementary public info.
-         * @return the current builder instance.
-         */
-        public NHOtherInfoGenerator withSuppPubInfo(byte[] suppPubInfo)
-        {
-            this.otherInfoBuilder.withSuppPubInfo(suppPubInfo);
-
-            return this;
-        }
-
-        public byte[] getSuppPrivInfoPartA()
-        {
-            return getEncoded((NHPublicKeyParameters)aKp.getPublic());
-        }
-
-        public DEROtherInfo generate(byte[] suppPrivInfoPartB)
-        {
-            if (used)
-            {
-                throw new IllegalStateException("builder already used");
-            }
-
-            used = true;
-
-            this.otherInfoBuilder.withSuppPrivInfo(agreement.calculateAgreement(NHOtherInfoGenerator.getPublicKey(suppPrivInfoPartB)));
-
-            return otherInfoBuilder.build();
-        }
-    }
-
-    /**
-     * Party V (responder) generation.
-     */
-    public static class PartyV
-        extends NHOtherInfoGenerator
-    {
-        public PartyV(AlgorithmIdentifier algorithmID, byte[] partyUInfo, byte[] partyVInfo, SecureRandom random)
-        {
-            super(algorithmID, partyUInfo, partyVInfo, random);
-        }
-
-        /**
-         * Add optional supplementary public info (DER tagged, implicit, 0).
-         *
-         * @param suppPubInfo supplementary public info.
-         * @return the current builder instance.
-         */
-        public NHOtherInfoGenerator withSuppPubInfo(byte[] suppPubInfo)
-        {
-            this.otherInfoBuilder.withSuppPubInfo(suppPubInfo);
-
-            return this;
-        }
-
-        public byte[] getSuppPrivInfoPartB(byte[] suppPrivInfoPartA)
-        {
-            NHExchangePairGenerator exchGen = new NHExchangePairGenerator(random);
-
-            ExchangePair bEp = exchGen.generateExchange(getPublicKey(suppPrivInfoPartA));
-
-            this.otherInfoBuilder.withSuppPrivInfo(bEp.getSharedValue());
-
-            return getEncoded((NHPublicKeyParameters)bEp.getPublicKey());
-        }
-
-        public DEROtherInfo generate()
-        {
-            if (used)
-            {
-                throw new IllegalStateException("builder already used");
-            }
-
-            used = true;
-
-            return otherInfoBuilder.build();
-        }
-    }
-
-    private static byte[] getEncoded(NHPublicKeyParameters pubKey)
-    {
-        SubjectPublicKeyInfo pki;
-        try
-        {
-            AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.newHope);
-            pki = new SubjectPublicKeyInfo(algorithmIdentifier, pubKey.getPubData());
-
-            return pki.getEncoded();
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-    }
-
-    private static NHPublicKeyParameters getPublicKey(byte[] enc)
-    {
-        SubjectPublicKeyInfo pki = SubjectPublicKeyInfo.getInstance(enc);
-
-        return new NHPublicKeyParameters(pki.getPublicKeyData().getOctets());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/NHPrivateKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/NHPrivateKeyParameters.java
deleted file mode 100644
index 49b0f5f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/NHPrivateKeyParameters.java
+++ /dev/null

@@ -1,22 +0,0 @@
-package org.bouncycastle.pqc.crypto.newhope;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.util.Arrays;
-
-public class NHPrivateKeyParameters
-    extends AsymmetricKeyParameter
-{
-    final short[] secData;
-
-    public NHPrivateKeyParameters(short[] secData)
-    {
-        super(true);
-
-        this.secData = Arrays.clone(secData);
-    }
-
-    public short[] getSecData()
-    {
-        return Arrays.clone(secData);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/NHPublicKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/NHPublicKeyParameters.java
deleted file mode 100644
index c0c5934..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/NHPublicKeyParameters.java
+++ /dev/null

@@ -1,26 +0,0 @@
-package org.bouncycastle.pqc.crypto.newhope;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.util.Arrays;
-
-public class NHPublicKeyParameters
-    extends AsymmetricKeyParameter
-{
-    final byte[] pubData;
-
-    public NHPublicKeyParameters(byte[] pubData)
-    {
-        super(false);
-        this.pubData = Arrays.clone(pubData);
-    }
-
-    /**
-     * Return the public key data.
-     *
-     * @return the public key values.
-     */
-    public byte[] getPubData()
-    {
-        return Arrays.clone(pubData);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/NTT.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/NTT.java
deleted file mode 100644
index 9f14029..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/NTT.java
+++ /dev/null

@@ -1,110 +0,0 @@
-package org.bouncycastle.pqc.crypto.newhope;
-
-class NTT
-{
-    private static final short[] BitReverseTable = { 0, 512, 256, 768, 128, 640, 384, 896, 64, 576, 320, 832, 192, 704,
-        448, 960, 32, 544, 288, 800, 160, 672, 416, 928, 96, 608, 352, 864, 224, 736, 480, 992, 16, 528, 272, 784, 144,
-        656, 400, 912, 80, 592, 336, 848, 208, 720, 464, 976, 48, 560, 304, 816, 176, 688, 432, 944, 112, 624, 368, 880,
-        240, 752, 496, 1008, 8, 520, 264, 776, 136, 648, 392, 904, 72, 584, 328, 840, 200, 712, 456, 968, 40, 552, 296,
-        808, 168, 680, 424, 936, 104, 616, 360, 872, 232, 744, 488, 1000, 24, 536, 280, 792, 152, 664, 408, 920, 88,
-        600, 344, 856, 216, 728, 472, 984, 56, 568, 312, 824, 184, 696, 440, 952, 120, 632, 376, 888, 248, 760, 504,
-        1016, 4, 516, 260, 772, 132, 644, 388, 900, 68, 580, 324, 836, 196, 708, 452, 964, 36, 548, 292, 804, 164, 676,
-        420, 932, 100, 612, 356, 868, 228, 740, 484, 996, 20, 532, 276, 788, 148, 660, 404, 916, 84, 596, 340, 852, 212,
-        724, 468, 980, 52, 564, 308, 820, 180, 692, 436, 948, 116, 628, 372, 884, 244, 756, 500, 1012, 12, 524, 268,
-        780, 140, 652, 396, 908, 76, 588, 332, 844, 204, 716, 460, 972, 44, 556, 300, 812, 172, 684, 428, 940, 108, 620,
-        364, 876, 236, 748, 492, 1004, 28, 540, 284, 796, 156, 668, 412, 924, 92, 604, 348, 860, 220, 732, 476, 988, 60,
-        572, 316, 828, 188, 700, 444, 956, 124, 636, 380, 892, 252, 764, 508, 1020, 2, 514, 258, 770, 130, 642, 386,
-        898, 66, 578, 322, 834, 194, 706, 450, 962, 34, 546, 290, 802, 162, 674, 418, 930, 98, 610, 354, 866, 226, 738,
-        482, 994, 18, 530, 274, 786, 146, 658, 402, 914, 82, 594, 338, 850, 210, 722, 466, 978, 50, 562, 306, 818, 178,
-        690, 434, 946, 114, 626, 370, 882, 242, 754, 498, 1010, 10, 522, 266, 778, 138, 650, 394, 906, 74, 586, 330,
-        842, 202, 714, 458, 970, 42, 554, 298, 810, 170, 682, 426, 938, 106, 618, 362, 874, 234, 746, 490, 1002, 26,
-        538, 282, 794, 154, 666, 410, 922, 90, 602, 346, 858, 218, 730, 474, 986, 58, 570, 314, 826, 186, 698, 442, 954,
-        122, 634, 378, 890, 250, 762, 506, 1018, 6, 518, 262, 774, 134, 646, 390, 902, 70, 582, 326, 838, 198, 710, 454,
-        966, 38, 550, 294, 806, 166, 678, 422, 934, 102, 614, 358, 870, 230, 742, 486, 998, 22, 534, 278, 790, 150, 662,
-        406, 918, 86, 598, 342, 854, 214, 726, 470, 982, 54, 566, 310, 822, 182, 694, 438, 950, 118, 630, 374, 886, 246,
-        758, 502, 1014, 14, 526, 270, 782, 142, 654, 398, 910, 78, 590, 334, 846, 206, 718, 462, 974, 46, 558, 302, 814,
-        174, 686, 430, 942, 110, 622, 366, 878, 238, 750, 494, 1006, 30, 542, 286, 798, 158, 670, 414, 926, 94, 606,
-        350, 862, 222, 734, 478, 990, 62, 574, 318, 830, 190, 702, 446, 958, 126, 638, 382, 894, 254, 766, 510, 1022, 1,
-        513, 257, 769, 129, 641, 385, 897, 65, 577, 321, 833, 193, 705, 449, 961, 33, 545, 289, 801, 161, 673, 417, 929,
-        97, 609, 353, 865, 225, 737, 481, 993, 17, 529, 273, 785, 145, 657, 401, 913, 81, 593, 337, 849, 209, 721, 465,
-        977, 49, 561, 305, 817, 177, 689, 433, 945, 113, 625, 369, 881, 241, 753, 497, 1009, 9, 521, 265, 777, 137, 649,
-        393, 905, 73, 585, 329, 841, 201, 713, 457, 969, 41, 553, 297, 809, 169, 681, 425, 937, 105, 617, 361, 873, 233,
-        745, 489, 1001, 25, 537, 281, 793, 153, 665, 409, 921, 89, 601, 345, 857, 217, 729, 473, 985, 57, 569, 313, 825,
-        185, 697, 441, 953, 121, 633, 377, 889, 249, 761, 505, 1017, 5, 517, 261, 773, 133, 645, 389, 901, 69, 581, 325,
-        837, 197, 709, 453, 965, 37, 549, 293, 805, 165, 677, 421, 933, 101, 613, 357, 869, 229, 741, 485, 997, 21, 533,
-        277, 789, 149, 661, 405, 917, 85, 597, 341, 853, 213, 725, 469, 981, 53, 565, 309, 821, 181, 693, 437, 949, 117,
-        629, 373, 885, 245, 757, 501, 1013, 13, 525, 269, 781, 141, 653, 397, 909, 77, 589, 333, 845, 205, 717, 461,
-        973, 45, 557, 301, 813, 173, 685, 429, 941, 109, 621, 365, 877, 237, 749, 493, 1005, 29, 541, 285, 797, 157,
-        669, 413, 925, 93, 605, 349, 861, 221, 733, 477, 989, 61, 573, 317, 829, 189, 701, 445, 957, 125, 637, 381, 893,
-        253, 765, 509, 1021, 3, 515, 259, 771, 131, 643, 387, 899, 67, 579, 323, 835, 195, 707, 451, 963, 35, 547, 291,
-        803, 163, 675, 419, 931, 99, 611, 355, 867, 227, 739, 483, 995, 19, 531, 275, 787, 147, 659, 403, 915, 83, 595,
-        339, 851, 211, 723, 467, 979, 51, 563, 307, 819, 179, 691, 435, 947, 115, 627, 371, 883, 243, 755, 499, 1011,
-        11, 523, 267, 779, 139, 651, 395, 907, 75, 587, 331, 843, 203, 715, 459, 971, 43, 555, 299, 811, 171, 683, 427,
-        939, 107, 619, 363, 875, 235, 747, 491, 1003, 27, 539, 283, 795, 155, 667, 411, 923, 91, 603, 347, 859, 219,
-        731, 475, 987, 59, 571, 315, 827, 187, 699, 443, 955, 123, 635, 379, 891, 251, 763, 507, 1019, 7, 519, 263, 775,
-        135, 647, 391, 903, 71, 583, 327, 839, 199, 711, 455, 967, 39, 551, 295, 807, 167, 679, 423, 935, 103, 615, 359,
-        871, 231, 743, 487, 999, 23, 535, 279, 791, 151, 663, 407, 919, 87, 599, 343, 855, 215, 727, 471, 983, 55, 567,
-        311, 823, 183, 695, 439, 951, 119, 631, 375, 887, 247, 759, 503, 1015, 15, 527, 271, 783, 143, 655, 399, 911,
-        79, 591, 335, 847, 207, 719, 463, 975, 47, 559, 303, 815, 175, 687, 431, 943, 111, 623, 367, 879, 239, 751, 495,
-        1007, 31, 543, 287, 799, 159, 671, 415, 927, 95, 607, 351, 863, 223, 735, 479, 991, 63, 575, 319, 831, 191, 703,
-        447, 959, 127, 639, 383, 895, 255, 767, 511, 1023 };
-
-    static void bitReverse(short[] poly)
-    {
-        for (int i = 0; i < Params.N; ++i)
-        {
-            int r = BitReverseTable[i];
-            if (i < r)
-            {
-                short t = poly[i];
-                poly[i] = poly[r];
-                poly[r] = t;
-            }
-        }
-    }
-
-    /*
-     * GS_bo_to_no; omegas need to be in Montgomery domain
-     */
-    static void core(short[] a, short[] omega)
-    {
-        int distance;
-        for (int i = 0; i < 10; i += 2)
-        {
-            // Even level
-            distance = 1 << i;
-            for (int start = 0; start < distance; ++start)
-            {
-                int jTwiddle = 0;
-                for (int j = start; j < Params.N - 1; j += 2 * distance)
-                {
-                    int u = a[j] & 0xFFFF, v = a[j + distance] & 0xFFFF, w = omega[jTwiddle++];
-                    a[j] = (short)(u + v); // Omit reduction (be lazy)
-                    a[j + distance] = Reduce.montgomery(w * (u + (3 * Params.Q) - v));
-                }
-            }
-
-            // Odd level
-            distance <<= 1;
-            for (int start = 0; start < distance; ++start)
-            {
-                int jTwiddle = 0;
-                for (int j = start; j < Params.N - 1; j += 2 * distance)
-                {
-                    int u = a[j] & 0xFFFF, v = a[j + distance] & 0xFFFF, w = omega[jTwiddle++];
-                    a[j] = Reduce.barrett((short)(u + v));
-                    a[j + distance] = Reduce.montgomery(w * (u + (3 * Params.Q) - v));
-                }
-            }
-        }
-    }
-
-    static void mulCoefficients(short[] poly, short[] factors)
-    {
-        for (int i = 0; i < Params.N; ++i)
-        {
-            int xi = poly[i] & 0xFFFF, yi = factors[i] & 0xFFFF;
-            poly[i] = Reduce.montgomery(xi * yi);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/NewHope.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/NewHope.java
deleted file mode 100644
index 8853aee..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/NewHope.java
+++ /dev/null

@@ -1,160 +0,0 @@
-package org.bouncycastle.pqc.crypto.newhope;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.digests.SHA3Digest;
-
-/**
- * This implementation is based heavily on the C reference implementation from https://cryptojedi.org/crypto/index.shtml.
- */
-class NewHope
-{
-    private static final boolean STATISTICAL_TEST = false;
-
-    public static final int AGREEMENT_SIZE = 32;
-    public static final int POLY_SIZE = Params.N;
-    public static final int SENDA_BYTES = Params.POLY_BYTES + Params.SEED_BYTES;
-    public static final int SENDB_BYTES = Params.POLY_BYTES + Params.REC_BYTES;
-
-    public static void keygen(SecureRandom rand, byte[] send, short[] sk)
-    {
-        byte[] seed = new byte[Params.SEED_BYTES];
-        rand.nextBytes(seed);
-        
-        sha3(seed);     // don't expose RNG output
-
-        short[] a = new short[Params.N];
-        generateA(a, seed);
-
-        byte[] noiseSeed = new byte[32];
-        rand.nextBytes(noiseSeed);
-
-        Poly.getNoise(sk, noiseSeed, (byte)0);
-        Poly.toNTT(sk);
-
-        short[] e = new short[Params.N];
-        Poly.getNoise(e, noiseSeed, (byte)1);
-        Poly.toNTT(e);
-
-        short[] r = new short[Params.N];
-        Poly.pointWise(a, sk, r);
-
-        short[] pk = new short[Params.N];
-        Poly.add(r, e, pk);
-
-        encodeA(send, pk, seed);
-    }
-
-    public static void sharedB(SecureRandom rand, byte[] sharedKey, byte[] send, byte[] received)
-    {
-        short[] pkA = new short[Params.N];
-        byte[] seed = new byte[Params.SEED_BYTES];
-        decodeA(pkA, seed, received);
-
-        short[] a = new short[Params.N];
-        generateA(a, seed);
-
-        byte[] noiseSeed = new byte[32];
-        rand.nextBytes(noiseSeed);
-
-        short[] sp = new short[Params.N];
-        Poly.getNoise(sp, noiseSeed, (byte)0);
-        Poly.toNTT(sp);
-
-        short[] ep = new short[Params.N];
-        Poly.getNoise(ep, noiseSeed, (byte)1);
-        Poly.toNTT(ep);
-
-        short[] bp = new short[Params.N];
-        Poly.pointWise(a, sp, bp);
-        Poly.add(bp, ep, bp);
-
-        short[] v = new short[Params.N];
-        Poly.pointWise(pkA, sp, v);
-        Poly.fromNTT(v);
-
-        short[] epp = new short[Params.N];
-        Poly.getNoise(epp, noiseSeed, (byte)2);
-        Poly.add(v, epp, v);
-
-        short[] c = new short[Params.N];
-        ErrorCorrection.helpRec(c, v, noiseSeed, (byte)3);
-
-        encodeB(send, bp, c);
-
-        ErrorCorrection.rec(sharedKey, v, c);
-
-        if (!STATISTICAL_TEST)
-        {
-            sha3(sharedKey);
-        }
-    }
-
-    public static void sharedA(byte[] sharedKey, short[] sk, byte[] received)
-    {
-        short[] bp = new short[Params.N];
-        short[] c = new short[Params.N];
-        decodeB(bp, c, received);
-
-        short[] v = new short[Params.N];
-        Poly.pointWise(sk, bp, v);
-        Poly.fromNTT(v);
-
-        ErrorCorrection.rec(sharedKey, v, c);
-
-        if (!STATISTICAL_TEST)
-        {
-            sha3(sharedKey);
-        }
-    }
-
-    static void decodeA(short[] pk, byte[] seed, byte[] r)
-    {
-        Poly.fromBytes(pk, r);
-        System.arraycopy(r, Params.POLY_BYTES, seed, 0, Params.SEED_BYTES);
-    }
-
-    static void decodeB(short[] b, short[] c, byte[] r)
-    {
-        Poly.fromBytes(b, r);
-
-        for (int i = 0; i < Params.N / 4; ++i)
-        {
-            int j = 4 * i;
-            int ri = r[Params.POLY_BYTES + i] & 0xFF;
-            c[j + 0] = (short)(ri & 0x03);
-            c[j + 1] = (short)((ri >>> 2) & 0x03);
-            c[j + 2] = (short)((ri >>> 4) & 0x03);
-            c[j + 3] = (short)(ri >>> 6);
-        }
-    }
-
-    static void encodeA(byte[] r, short[] pk, byte[] seed)
-    {
-        Poly.toBytes(r, pk);
-        System.arraycopy(seed, 0, r, Params.POLY_BYTES, Params.SEED_BYTES);        
-    }
-
-    static void encodeB(byte[] r, short[] b, short[] c)
-    {
-        Poly.toBytes(r, b);
-
-        for (int i = 0; i < Params.N / 4; ++i)
-        {
-            int j = 4 * i;
-            r[Params.POLY_BYTES + i] = (byte)(c[j] | (c[j + 1] << 2) | (c[j + 2] << 4) | (c[j + 3] << 6));
-        }
-    }
-
-    static void generateA(short[] a, byte[] seed)
-    {
-        Poly.uniform(a, seed);
-    }
-    
-    static void sha3(byte[] sharedKey)
-    {
-        SHA3Digest d = new SHA3Digest(256);
-        d.update(sharedKey, 0, 32);
-        d.doFinal(sharedKey, 0);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/Params.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/Params.java
deleted file mode 100644
index 8552f46..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/Params.java
+++ /dev/null

@@ -1,12 +0,0 @@
-package org.bouncycastle.pqc.crypto.newhope;
-
-class Params
-{
-    static final int N = 1024;
-    static final int K = 16; /* used in sampler */
-    static final int Q = 12289; 
-
-    static final int POLY_BYTES = 1792;
-    static final int REC_BYTES = 256;
-    static final int SEED_BYTES = 32;     // care changing this one - connected to digest size used.
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/Poly.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/Poly.java
deleted file mode 100644
index a1986ec..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/Poly.java
+++ /dev/null

@@ -1,144 +0,0 @@
-package org.bouncycastle.pqc.crypto.newhope;
-
-import org.bouncycastle.crypto.digests.SHAKEDigest;
-import org.bouncycastle.util.Pack;
-
-class Poly
-{
-    static void add(short[] x, short[] y, short[] z)
-    {
-        for (int i = 0; i < Params.N; ++i)
-        {
-            z[i] = Reduce.barrett((short)(x[i] + y[i]));
-        }
-    }
-
-    static void fromBytes(short[] r, byte[] a)
-    {
-        for (int i = 0; i < Params.N / 4; ++i)
-        {
-            int j = 7 * i;
-            int a0 = a[j + 0] & 0xFF, a1 = a[j + 1] & 0xFF, a2 = a[j + 2] & 0xFF, a3 = a[j + 3] & 0xFF,
-                a4 = a[j + 4] & 0xFF, a5 = a[j + 5] & 0xFF, a6 = a[j + 6] & 0xFF;
-
-            int k = 4 * i;
-            r[k + 0] = (short)( a0                    | ((a1 & 0x3F) <<  8));
-            r[k + 1] = (short)((a1 >>> 6) | (a2 << 2) | ((a3 & 0x0F) << 10));
-            r[k + 2] = (short)((a3 >>> 4) | (a4 << 4) | ((a5 & 0x03) << 12));
-            r[k + 3] = (short)((a5 >>> 2) | (a6 << 6));
-        }
-    }
-
-    static void fromNTT(short[] r)
-    {
-        NTT.bitReverse(r);
-        NTT.core(r, Precomp.OMEGAS_INV_MONTGOMERY);
-        NTT.mulCoefficients(r, Precomp.PSIS_INV_MONTGOMERY);
-    }
-
-    static void getNoise(short[] r, byte[] seed, byte nonce)
-    {
-        byte[] iv = new byte[8];
-        iv[0] = nonce;
-
-        byte[] buf = new byte[4 * Params.N];
-        ChaCha20.process(seed, iv, buf, 0, buf.length);
-
-        for (int i = 0; i < Params.N; ++i)
-        {
-            int t = Pack.bigEndianToInt(buf, i * 4);
-            //r[i] = (short)(bitCount(t) + Params.Q - Params.K);
-
-            int d = 0;
-            for (int j = 0; j < 8; ++j)
-            {
-                d += (t >> j) & 0x01010101;
-            }
-            int a = ((d >>> 24) + (d >>> 0)) & 0xFF;
-            int b = ((d >>> 16) + (d >>> 8)) & 0xFF;
-            r[i] = (short)(a + Params.Q - b);
-        }
-    }
-
-    static void pointWise(short[] x, short[] y, short[] z)
-    {
-        for (int i = 0; i < Params.N; ++i)
-        {
-            int xi = x[i] & 0xFFFF, yi = y[i] & 0xFFFF;
-            short t = Reduce.montgomery(3186 * yi);         // t is now in Montgomery domain
-            z[i] = Reduce.montgomery(xi * (t & 0xFFFF));    // z[i] is back in normal domain
-        }
-    }
-
-    static void toBytes(byte[] r, short[] p)
-    {
-        for (int i = 0; i < Params.N / 4; ++i)
-        {
-            int j = 4 * i;
-
-            // Make sure that coefficients are in [0,q]
-            short t0 = normalize(p[j + 0]);
-            short t1 = normalize(p[j + 1]);
-            short t2 = normalize(p[j + 2]);
-            short t3 = normalize(p[j + 3]);
-
-            int k = 7 * i;
-            r[k + 0] = (byte)t0;
-            r[k + 1] = (byte)((t0 >> 8) | (t1 << 6));
-            r[k + 2] = (byte)(t1 >> 2);
-            r[k + 3] = (byte)((t1 >> 10) | (t2 << 4));
-            r[k + 4] = (byte)(t2 >> 4);
-            r[k + 5] = (byte)((t2 >> 12) | (t3 << 2));
-            r[k + 6] = (byte)(t3 >> 6);
-        }
-    }
-
-    static void toNTT(short[] r)
-    {
-        NTT.mulCoefficients(r, Precomp.PSIS_BITREV_MONTGOMERY); 
-        NTT.core(r, Precomp.OMEGAS_MONTGOMERY);
-    }
-
-    static void uniform(short[] a, byte[] seed)
-    {
-        SHAKEDigest xof = new SHAKEDigest(128);
-        xof.update(seed, 0, seed.length);
-
-        int pos = 0;
-        for (;;)
-        {
-            byte[] output = new byte[256];
-            xof.doOutput(output, 0, output.length);
-
-            for (int i = 0; i < output.length; i += 2)
-            {
-                int val = (output[i] & 0xFF) | ((output[i + 1] & 0xFF) << 8);
-                if (val < 5 * Params.Q)
-                {
-                    a[pos++] = (short)val;
-                    if (pos == Params.N)
-                    {
-                        return;
-                    }
-                }
-            }
-        }
-    }
-
-//    private static int bitCount(int n)
-//    {
-////        return Integer.bitCount(n);
-//        n = n - ((n >>> 1) & 0x55555555);
-//        n = (n & 0x33333333) + ((n >>> 2) & 0x33333333);
-//        return ((n + (n >>> 4) & 0x0F0F0F0F) * 0x01010101) >>> 24;
-//    }
-
-    private static short normalize(short x)
-    {
-        int t = Reduce.barrett(x);
-        int m = t - Params.Q;
-        int c = m >> 31;
-        t = m ^ ((t ^ m) & c);
-        return (short)t;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/Precomp.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/Precomp.java
deleted file mode 100644
index d47d551..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/Precomp.java
+++ /dev/null

@@ -1,181 +0,0 @@
-package org.bouncycastle.pqc.crypto.newhope;
-
-class Precomp
-{
-    static final short[] OMEGAS_MONTGOMERY = { 4075, 6974, 7373, 7965, 3262, 5079, 522, 2169, 6364, 1018, 1041, 8775,
-        2344, 11011, 5574, 1973, 4536, 1050, 6844, 3860, 3818, 6118, 2683, 1190, 4789, 7822, 7540, 6752, 5456, 4449,
-        3789, 12142, 11973, 382, 3988, 468, 6843, 5339, 6196, 3710, 11316, 1254, 5435, 10930, 3998, 10256, 10367, 3879,
-        11889, 1728, 6137, 4948, 5862, 6136, 3643, 6874, 8724, 654, 10302, 1702, 7083, 6760, 56, 3199, 9987, 605, 11785,
-        8076, 5594, 9260, 6403, 4782, 6212, 4624, 9026, 8689, 4080, 11868, 6221, 3602, 975, 8077, 8851, 9445, 5681,
-        3477, 1105, 142, 241, 12231, 1003, 3532, 5009, 1956, 6008, 11404, 7377, 2049, 10968, 12097, 7591, 5057, 3445,
-        4780, 2920, 7048, 3127, 8120, 11279, 6821, 11502, 8807, 12138, 2127, 2839, 3957, 431, 1579, 6383, 9784, 5874,
-        677, 3336, 6234, 2766, 1323, 9115, 12237, 2031, 6956, 6413, 2281, 3969, 3991, 12133, 9522, 4737, 10996, 4774,
-        5429, 11871, 3772, 453, 5908, 2882, 1805, 2051, 1954, 11713, 3963, 2447, 6142, 8174, 3030, 1843, 2361, 12071,
-        2908, 3529, 3434, 3202, 7796, 2057, 5369, 11939, 1512, 6906, 10474, 11026, 49, 10806, 5915, 1489, 9789, 5942,
-        10706, 10431, 7535, 426, 8974, 3757, 10314, 9364, 347, 5868, 9551, 9634, 6554, 10596, 9280, 11566, 174, 2948,
-        2503, 6507, 10723, 11606, 2459, 64, 3656, 8455, 5257, 5919, 7856, 1747, 9166, 5486, 9235, 6065, 835, 3570, 4240,
-        11580, 4046, 10970, 9139, 1058, 8210, 11848, 922, 7967, 1958, 10211, 1112, 3728, 4049, 11130, 5990, 1404, 325,
-        948, 11143, 6190, 295, 11637, 5766, 8212, 8273, 2919, 8527, 6119, 6992, 8333, 1360, 2555, 6167, 1200, 7105,
-        7991, 3329, 9597, 12121, 5106, 5961, 10695, 10327, 3051, 9923, 4896, 9326, 81, 3091, 1000, 7969, 4611, 726,
-        1853, 12149, 4255, 11112, 2768, 10654, 1062, 2294, 3553, 4805, 2747, 4846, 8577, 9154, 1170, 2319, 790, 11334,
-        9275, 9088, 1326, 5086, 9094, 6429, 11077, 10643, 3504, 3542, 8668, 9744, 1479, 1, 8246, 7143, 11567, 10984,
-        4134, 5736, 4978, 10938, 5777, 8961, 4591, 5728, 6461, 5023, 9650, 7468, 949, 9664, 2975, 11726, 2744, 9283,
-        10092, 5067, 12171, 2476, 3748, 11336, 6522, 827, 9452, 5374, 12159, 7935, 3296, 3949, 9893, 4452, 10908, 2525,
-        3584, 8112, 8011, 10616, 4989, 6958, 11809, 9447, 12280, 1022, 11950, 9821, 11745, 5791, 5092, 2089, 9005, 2881,
-        3289, 2013, 9048, 729, 7901, 1260, 5755, 4632, 11955, 2426, 10593, 1428, 4890, 5911, 3932, 9558, 8830, 3637,
-        5542, 145, 5179, 8595, 3707, 10530, 355, 3382, 4231, 9741, 1207, 9041, 7012, 1168, 10146, 11224, 4645, 11885,
-        10911, 10377, 435, 7952, 4096, 493, 9908, 6845, 6039, 2422, 2187, 9723, 8643, 9852, 9302, 6022, 7278, 1002,
-        4284, 5088, 1607, 7313, 875, 8509, 9430, 1045, 2481, 5012, 7428, 354, 6591, 9377, 11847, 2401, 1067, 7188,
-        11516, 390, 8511, 8456, 7270, 545, 8585, 9611, 12047, 1537, 4143, 4714, 4885, 1017, 5084, 1632, 3066, 27, 1440,
-        8526, 9273, 12046, 11618, 9289, 3400, 9890, 3136, 7098, 8758, 11813, 7384, 3985, 11869, 6730, 10745, 10111,
-        2249, 4048, 2884, 11136, 2126, 1630, 9103, 5407, 2686, 9042, 2969, 8311, 9424, 9919, 8779, 5332, 10626, 1777,
-        4654, 10863, 7351, 3636, 9585, 5291, 8374, 2166, 4919, 12176, 9140, 12129, 7852, 12286, 4895, 10805, 2780, 5195,
-        2305, 7247, 9644, 4053, 10600, 3364, 3271, 4057, 4414, 9442, 7917, 2174 };
-
-    static final short[] OMEGAS_INV_MONTGOMERY = { 4075, 5315, 4324, 4916, 10120, 11767, 7210, 9027, 10316, 6715, 1278,
-        9945, 3514, 11248, 11271, 5925, 147, 8500, 7840, 6833, 5537, 4749, 4467, 7500, 11099, 9606, 6171, 8471, 8429,
-        5445, 11239, 7753, 9090, 12233, 5529, 5206, 10587, 1987, 11635, 3565, 5415, 8646, 6153, 6427, 7341, 6152, 10561,
-        400, 8410, 1922, 2033, 8291, 1359, 6854, 11035, 973, 8579, 6093, 6950, 5446, 11821, 8301, 11907, 316, 52, 3174,
-        10966, 9523, 6055, 8953, 11612, 6415, 2505, 5906, 10710, 11858, 8332, 9450, 10162, 151, 3482, 787, 5468, 1010,
-        4169, 9162, 5241, 9369, 7509, 8844, 7232, 4698, 192, 1321, 10240, 4912, 885, 6281, 10333, 7280, 8757, 11286, 58,
-        12048, 12147, 11184, 8812, 6608, 2844, 3438, 4212, 11314, 8687, 6068, 421, 8209, 3600, 3263, 7665, 6077, 7507,
-        5886, 3029, 6695, 4213, 504, 11684, 2302, 1962, 1594, 6328, 7183, 168, 2692, 8960, 4298, 5184, 11089, 6122,
-        9734, 10929, 3956, 5297, 6170, 3762, 9370, 4016, 4077, 6523, 652, 11994, 6099, 1146, 11341, 11964, 10885, 6299,
-        1159, 8240, 8561, 11177, 2078, 10331, 4322, 11367, 441, 4079, 11231, 3150, 1319, 8243, 709, 8049, 8719, 11454,
-        6224, 3054, 6803, 3123, 10542, 4433, 6370, 7032, 3834, 8633, 12225, 9830, 683, 1566, 5782, 9786, 9341, 12115,
-        723, 3009, 1693, 5735, 2655, 2738, 6421, 11942, 2925, 1975, 8532, 3315, 11863, 4754, 1858, 1583, 6347, 2500,
-        10800, 6374, 1483, 12240, 1263, 1815, 5383, 10777, 350, 6920, 10232, 4493, 9087, 8855, 8760, 9381, 218, 9928,
-        10446, 9259, 4115, 6147, 9842, 8326, 576, 10335, 10238, 10484, 9407, 6381, 11836, 8517, 418, 6860, 7515, 1293,
-        7552, 2767, 156, 8298, 8320, 10008, 5876, 5333, 10258, 10115, 4372, 2847, 7875, 8232, 9018, 8925, 1689, 8236,
-        2645, 5042, 9984, 7094, 9509, 1484, 7394, 3, 4437, 160, 3149, 113, 7370, 10123, 3915, 6998, 2704, 8653, 4938,
-        1426, 7635, 10512, 1663, 6957, 3510, 2370, 2865, 3978, 9320, 3247, 9603, 6882, 3186, 10659, 10163, 1153, 9405,
-        8241, 10040, 2178, 1544, 5559, 420, 8304, 4905, 476, 3531, 5191, 9153, 2399, 8889, 3000, 671, 243, 3016, 3763,
-        10849, 12262, 9223, 10657, 7205, 11272, 7404, 7575, 8146, 10752, 242, 2678, 3704, 11744, 5019, 3833, 3778,
-        11899, 773, 5101, 11222, 9888, 442, 2912, 5698, 11935, 4861, 7277, 9808, 11244, 2859, 3780, 11414, 4976, 10682,
-        7201, 8005, 11287, 5011, 6267, 2987, 2437, 3646, 2566, 10102, 9867, 6250, 5444, 2381, 11796, 8193, 4337, 11854,
-        1912, 1378, 404, 7644, 1065, 2143, 11121, 5277, 3248, 11082, 2548, 8058, 8907, 11934, 1759, 8582, 3694, 7110,
-        12144, 6747, 8652, 3459, 2731, 8357, 6378, 7399, 10861, 1696, 9863, 334, 7657, 6534, 11029, 4388, 11560, 3241,
-        10276, 9000, 9408, 3284, 10200, 7197, 6498, 544, 2468, 339, 11267, 9, 2842, 480, 5331, 7300, 1673, 4278, 4177,
-        8705, 9764, 1381, 7837, 2396, 8340, 8993, 4354, 130, 6915, 2837, 11462, 5767, 953, 8541, 9813, 118, 7222, 2197,
-        3006, 9545, 563, 9314, 2625, 11340, 4821, 2639, 7266, 5828, 6561, 7698, 3328, 6512, 1351, 7311, 6553, 8155,
-        1305, 722, 5146, 4043, 12288, 10810, 2545, 3621, 8747, 8785, 1646, 1212, 5860, 3195, 7203, 10963, 3201, 3014,
-        955, 11499, 9970, 11119, 3135, 3712, 7443, 9542, 7484, 8736, 9995, 11227, 1635, 9521, 1177, 8034, 140, 10436,
-        11563, 7678, 4320, 11289, 9198, 12208, 2963, 7393, 2366, 9238 };
-
-    static final short[] PSIS_BITREV_MONTGOMERY = { 4075, 6974, 7373, 7965, 3262, 5079, 522, 2169, 6364, 1018, 1041,
-        8775, 2344, 11011, 5574, 1973, 4536, 1050, 6844, 3860, 3818, 6118, 2683, 1190, 4789, 7822, 7540, 6752, 5456,
-        4449, 3789, 12142, 11973, 382, 3988, 468, 6843, 5339, 6196, 3710, 11316, 1254, 5435, 10930, 3998, 10256, 10367,
-        3879, 11889, 1728, 6137, 4948, 5862, 6136, 3643, 6874, 8724, 654, 10302, 1702, 7083, 6760, 56, 3199, 9987, 605,
-        11785, 8076, 5594, 9260, 6403, 4782, 6212, 4624, 9026, 8689, 4080, 11868, 6221, 3602, 975, 8077, 8851, 9445,
-        5681, 3477, 1105, 142, 241, 12231, 1003, 3532, 5009, 1956, 6008, 11404, 7377, 2049, 10968, 12097, 7591, 5057,
-        3445, 4780, 2920, 7048, 3127, 8120, 11279, 6821, 11502, 8807, 12138, 2127, 2839, 3957, 431, 1579, 6383, 9784,
-        5874, 677, 3336, 6234, 2766, 1323, 9115, 12237, 2031, 6956, 6413, 2281, 3969, 3991, 12133, 9522, 4737, 10996,
-        4774, 5429, 11871, 3772, 453, 5908, 2882, 1805, 2051, 1954, 11713, 3963, 2447, 6142, 8174, 3030, 1843, 2361,
-        12071, 2908, 3529, 3434, 3202, 7796, 2057, 5369, 11939, 1512, 6906, 10474, 11026, 49, 10806, 5915, 1489, 9789,
-        5942, 10706, 10431, 7535, 426, 8974, 3757, 10314, 9364, 347, 5868, 9551, 9634, 6554, 10596, 9280, 11566, 174,
-        2948, 2503, 6507, 10723, 11606, 2459, 64, 3656, 8455, 5257, 5919, 7856, 1747, 9166, 5486, 9235, 6065, 835, 3570,
-        4240, 11580, 4046, 10970, 9139, 1058, 8210, 11848, 922, 7967, 1958, 10211, 1112, 3728, 4049, 11130, 5990, 1404,
-        325, 948, 11143, 6190, 295, 11637, 5766, 8212, 8273, 2919, 8527, 6119, 6992, 8333, 1360, 2555, 6167, 1200, 7105,
-        7991, 3329, 9597, 12121, 5106, 5961, 10695, 10327, 3051, 9923, 4896, 9326, 81, 3091, 1000, 7969, 4611, 726,
-        1853, 12149, 4255, 11112, 2768, 10654, 1062, 2294, 3553, 4805, 2747, 4846, 8577, 9154, 1170, 2319, 790, 11334,
-        9275, 9088, 1326, 5086, 9094, 6429, 11077, 10643, 3504, 3542, 8668, 9744, 1479, 1, 8246, 7143, 11567, 10984,
-        4134, 5736, 4978, 10938, 5777, 8961, 4591, 5728, 6461, 5023, 9650, 7468, 949, 9664, 2975, 11726, 2744, 9283,
-        10092, 5067, 12171, 2476, 3748, 11336, 6522, 827, 9452, 5374, 12159, 7935, 3296, 3949, 9893, 4452, 10908, 2525,
-        3584, 8112, 8011, 10616, 4989, 6958, 11809, 9447, 12280, 1022, 11950, 9821, 11745, 5791, 5092, 2089, 9005, 2881,
-        3289, 2013, 9048, 729, 7901, 1260, 5755, 4632, 11955, 2426, 10593, 1428, 4890, 5911, 3932, 9558, 8830, 3637,
-        5542, 145, 5179, 8595, 3707, 10530, 355, 3382, 4231, 9741, 1207, 9041, 7012, 1168, 10146, 11224, 4645, 11885,
-        10911, 10377, 435, 7952, 4096, 493, 9908, 6845, 6039, 2422, 2187, 9723, 8643, 9852, 9302, 6022, 7278, 1002,
-        4284, 5088, 1607, 7313, 875, 8509, 9430, 1045, 2481, 5012, 7428, 354, 6591, 9377, 11847, 2401, 1067, 7188,
-        11516, 390, 8511, 8456, 7270, 545, 8585, 9611, 12047, 1537, 4143, 4714, 4885, 1017, 5084, 1632, 3066, 27, 1440,
-        8526, 9273, 12046, 11618, 9289, 3400, 9890, 3136, 7098, 8758, 11813, 7384, 3985, 11869, 6730, 10745, 10111,
-        2249, 4048, 2884, 11136, 2126, 1630, 9103, 5407, 2686, 9042, 2969, 8311, 9424, 9919, 8779, 5332, 10626, 1777,
-        4654, 10863, 7351, 3636, 9585, 5291, 8374, 2166, 4919, 12176, 9140, 12129, 7852, 12286, 4895, 10805, 2780, 5195,
-        2305, 7247, 9644, 4053, 10600, 3364, 3271, 4057, 4414, 9442, 7917, 2174, 3947, 11951, 2455, 6599, 10545, 10975,
-        3654, 2894, 7681, 7126, 7287, 12269, 4119, 3343, 2151, 1522, 7174, 7350, 11041, 2442, 2148, 5959, 6492, 8330,
-        8945, 5598, 3624, 10397, 1325, 6565, 1945, 11260, 10077, 2674, 3338, 3276, 11034, 506, 6505, 1392, 5478, 8778,
-        1178, 2776, 3408, 10347, 11124, 2575, 9489, 12096, 6092, 10058, 4167, 6085, 923, 11251, 11912, 4578, 10669,
-        11914, 425, 10453, 392, 10104, 8464, 4235, 8761, 7376, 2291, 3375, 7954, 8896, 6617, 7790, 1737, 11667, 3982,
-        9342, 6680, 636, 6825, 7383, 512, 4670, 2900, 12050, 7735, 994, 1687, 11883, 7021, 146, 10485, 1403, 5189, 6094,
-        2483, 2054, 3042, 10945, 3981, 10821, 11826, 8882, 8151, 180, 9600, 7684, 5219, 10880, 6780, 204, 11232, 2600,
-        7584, 3121, 3017, 11053, 7814, 7043, 4251, 4739, 11063, 6771, 7073, 9261, 2360, 11925, 1928, 11825, 8024, 3678,
-        3205, 3359, 11197, 5209, 8581, 3238, 8840, 1136, 9363, 1826, 3171, 4489, 7885, 346, 2068, 1389, 8257, 3163,
-        4840, 6127, 8062, 8921, 612, 4238, 10763, 8067, 125, 11749, 10125, 5416, 2110, 716, 9839, 10584, 11475, 11873,
-        3448, 343, 1908, 4538, 10423, 7078, 4727, 1208, 11572, 3589, 2982, 1373, 1721, 10753, 4103, 2429, 4209, 5412,
-        5993, 9011, 438, 3515, 7228, 1218, 8347, 5232, 8682, 1327, 7508, 4924, 448, 1014, 10029, 12221, 4566, 5836,
-        12229, 2717, 1535, 3200, 5588, 5845, 412, 5102, 7326, 3744, 3056, 2528, 7406, 8314, 9202, 6454, 6613, 1417,
-        10032, 7784, 1518, 3765, 4176, 5063, 9828, 2275, 6636, 4267, 6463, 2065, 7725, 3495, 8328, 8755, 8144, 10533,
-        5966, 12077, 9175, 9520, 5596, 6302, 8400, 579, 6781, 11014, 5734, 11113, 11164, 4860, 1131, 10844, 9068, 8016,
-        9694, 3837, 567, 9348, 7000, 6627, 7699, 5082, 682, 11309, 5207, 4050, 7087, 844, 7434, 3769, 293, 9057, 6940,
-        9344, 10883, 2633, 8190, 3944, 5530, 5604, 3480, 2171, 9282, 11024, 2213, 8136, 3805, 767, 12239, 216, 11520,
-        6763, 10353, 7, 8566, 845, 7235, 3154, 4360, 3285, 10268, 2832, 3572, 1282, 7559, 3229, 8360, 10583, 6105, 3120,
-        6643, 6203, 8536, 8348, 6919, 3536, 9199, 10891, 11463, 5043, 1658, 5618, 8787, 5789, 4719, 751, 11379, 6389,
-        10783, 3065, 7806, 6586, 2622, 5386, 510, 7628, 6921, 578, 10345, 11839, 8929, 4684, 12226, 7154, 9916, 7302,
-        8481, 3670, 11066, 2334, 1590, 7878, 10734, 1802, 1891, 5103, 6151, 8820, 3418, 7846, 9951, 4693, 417, 9996,
-        9652, 4510, 2946, 5461, 365, 881, 1927, 1015, 11675, 11009, 1371, 12265, 2485, 11385, 5039, 6742, 8449, 1842,
-        12217, 8176, 9577, 4834, 7937, 9461, 2643, 11194, 3045, 6508, 4094, 3451, 7911, 11048, 5406, 4665, 3020, 6616,
-        11345, 7519, 3669, 5287, 1790, 7014, 5410, 11038, 11249, 2035, 6125, 10407, 4565, 7315, 5078, 10506, 2840, 2478,
-        9270, 4194, 9195, 4518, 7469, 1160, 6878, 2730, 10421, 10036, 1734, 3815, 10939, 5832, 10595, 10759, 4423, 8420,
-        9617, 7119, 11010, 11424, 9173, 189, 10080, 10526, 3466, 10588, 7592, 3578, 11511, 7785, 9663, 530, 12150, 8957,
-        2532, 3317, 9349, 10243, 1481, 9332, 3454, 3758, 7899, 4218, 2593, 11410, 2276, 982, 6513, 1849, 8494, 9021,
-        4523, 7988, 8, 457, 648, 150, 8000, 2307, 2301, 874, 5650, 170, 9462, 2873, 9855, 11498, 2535, 11169, 5808,
-        12268, 9687, 1901, 7171, 11787, 3846, 1573, 6063, 3793, 466, 11259, 10608, 3821, 6320, 4649, 6263, 2929 };
-
-    static final short[] PSIS_INV_MONTGOMERY = { 256, 10570, 1510, 7238, 1034, 7170, 6291, 7921, 11665, 3422, 4000,
-        2327, 2088, 5565, 795, 10647, 1521, 5484, 2539, 7385, 1055, 7173, 8047, 11683, 1669, 1994, 3796, 5809, 4341,
-        9398, 11876, 12230, 10525, 12037, 12253, 3506, 4012, 9351, 4847, 2448, 7372, 9831, 3160, 2207, 5582, 2553, 7387,
-        6322, 9681, 1383, 10731, 1533, 219, 5298, 4268, 7632, 6357, 9686, 8406, 4712, 9451, 10128, 4958, 5975, 11387,
-        8649, 11769, 6948, 11526, 12180, 1740, 10782, 6807, 2728, 7412, 4570, 4164, 4106, 11120, 12122, 8754, 11784,
-        3439, 5758, 11356, 6889, 9762, 11928, 1704, 1999, 10819, 12079, 12259, 7018, 11536, 1648, 1991, 2040, 2047,
-        2048, 10826, 12080, 8748, 8272, 8204, 1172, 1923, 7297, 2798, 7422, 6327, 4415, 7653, 6360, 11442, 12168, 7005,
-        8023, 9924, 8440, 8228, 2931, 7441, 1063, 3663, 5790, 9605, 10150, 1450, 8985, 11817, 10466, 10273, 12001, 3470,
-        7518, 1074, 1909, 7295, 9820, 4914, 702, 5367, 7789, 8135, 9940, 1420, 3714, 11064, 12114, 12264, 1752, 5517,
-        9566, 11900, 1700, 3754, 5803, 829, 1874, 7290, 2797, 10933, 5073, 7747, 8129, 6428, 6185, 11417, 1631, 233,
-        5300, 9535, 10140, 11982, 8734, 8270, 2937, 10953, 8587, 8249, 2934, 9197, 4825, 5956, 4362, 9401, 1343, 3703,
-        529, 10609, 12049, 6988, 6265, 895, 3639, 4031, 4087, 4095, 585, 10617, 8539, 4731, 4187, 9376, 3095, 9220,
-        10095, 10220, 1460, 10742, 12068, 1724, 5513, 11321, 6884, 2739, 5658, 6075, 4379, 11159, 10372, 8504, 4726,
-        9453, 3106, 7466, 11600, 10435, 8513, 9994, 8450, 9985, 3182, 10988, 8592, 2983, 9204, 4826, 2445, 5616, 6069,
-        867, 3635, 5786, 11360, 5134, 2489, 10889, 12089, 1727, 7269, 2794, 9177, 1311, 5454, 9557, 6632, 2703, 9164,
-        10087, 1441, 3717, 531, 3587, 2268, 324, 5313, 759, 1864, 5533, 2546, 7386, 9833, 8427, 4715, 11207, 1601, 7251,
-        4547, 11183, 12131, 1733, 10781, 10318, 1474, 10744, 5046, 4232, 11138, 10369, 6748, 964, 7160, 4534, 7670,
-        8118, 8182, 4680, 11202, 6867, 981, 8918, 1274, 182, 26, 7026, 8026, 11680, 12202, 10521, 1503, 7237, 4545,
-        5916, 9623, 8397, 11733, 10454, 3249, 9242, 6587, 941, 1890, 270, 10572, 6777, 9746, 6659, 6218, 6155, 6146,
-        878, 1881, 7291, 11575, 12187, 1741, 7271, 8061, 11685, 6936, 4502, 9421, 4857, 4205, 7623, 1089, 10689, 1527,
-        8996, 10063, 11971, 10488, 6765, 2722, 3900, 9335, 11867, 6962, 11528, 5158, 4248, 4118, 5855, 2592, 5637, 6072,
-        2623, 7397, 8079, 9932, 4930, 5971, 853, 3633, 519, 8852, 11798, 3441, 11025, 1575, 225, 8810, 11792, 12218,
-        3501, 9278, 3081, 9218, 4828, 7712, 8124, 11694, 12204, 3499, 4011, 573, 3593, 5780, 7848, 9899, 10192, 1456,
-        208, 7052, 2763, 7417, 11593, 10434, 12024, 8740, 11782, 10461, 3250, 5731, 7841, 9898, 1414, 202, 3540, 7528,
-        2831, 2160, 10842, 5060, 4234, 4116, 588, 84, 12, 7024, 2759, 9172, 6577, 11473, 1639, 9012, 3043, 7457, 6332,
-        11438, 1634, 1989, 9062, 11828, 8712, 11778, 12216, 10523, 6770, 9745, 10170, 4964, 9487, 6622, 946, 8913, 6540,
-        6201, 4397, 9406, 8366, 9973, 8447, 8229, 11709, 8695, 10020, 3187, 5722, 2573, 10901, 6824, 4486, 4152, 9371,
-        8361, 2950, 2177, 311, 1800, 9035, 8313, 11721, 3430, 490, 70, 10, 1757, 251, 3547, 7529, 11609, 3414, 7510,
-        4584, 4166, 9373, 1339, 5458, 7802, 11648, 1664, 7260, 9815, 10180, 6721, 9738, 10169, 8475, 8233, 9954, 1422,
-        8981, 1283, 5450, 11312, 1616, 3742, 11068, 10359, 4991, 713, 3613, 9294, 8350, 4704, 672, 96, 7036, 9783,
-        11931, 3460, 5761, 823, 10651, 12055, 10500, 1500, 5481, 783, 3623, 11051, 8601, 8251, 8201, 11705, 10450, 5004,
-        4226, 7626, 2845, 2162, 3820, 7568, 9859, 3164, 452, 10598, 1514, 5483, 6050, 6131, 4387, 7649, 8115, 6426, 918,
-        8909, 8295, 1185, 5436, 11310, 8638, 1234, 5443, 11311, 5127, 2488, 2111, 10835, 5059, 7745, 2862, 3920, 560,
-        80, 1767, 2008, 3798, 11076, 6849, 2734, 10924, 12094, 8750, 1250, 10712, 6797, 971, 7161, 1023, 8924, 4786,
-        7706, 4612, 4170, 7618, 6355, 4419, 5898, 11376, 10403, 10264, 6733, 4473, 639, 5358, 2521, 9138, 3061, 5704,
-        4326, 618, 5355, 765, 5376, 768, 7132, 4530, 9425, 3102, 9221, 6584, 11474, 10417, 10266, 12000, 6981, 6264,
-        4406, 2385, 7363, 4563, 4163, 7617, 9866, 3165, 9230, 11852, 10471, 5007, 5982, 11388, 5138, 734, 3616, 11050,
-        12112, 6997, 11533, 12181, 10518, 12036, 3475, 2252, 7344, 9827, 4915, 9480, 6621, 4457, 7659, 9872, 6677, 4465,
-        4149, 7615, 4599, 657, 3605, 515, 10607, 6782, 4480, 640, 1847, 3775, 5806, 2585, 5636, 9583, 1369, 10729, 8555,
-        10000, 11962, 5220, 7768, 8132, 8184, 9947, 1421, 203, 29, 8782, 11788, 1684, 10774, 10317, 4985, 9490, 8378,
-        4708, 11206, 5112, 5997, 7879, 11659, 12199, 8765, 10030, 4944, 5973, 6120, 6141, 6144, 7900, 11662, 1666, 238,
-        34, 3516, 5769, 9602, 8394, 9977, 6692, 956, 10670, 6791, 9748, 11926, 8726, 11780, 5194, 742, 106, 8793, 10034,
-        3189, 10989, 5081, 4237, 5872, 4350, 2377, 10873, 6820, 6241, 11425, 10410, 10265, 3222, 5727, 9596, 4882, 2453,
-        2106, 3812, 11078, 12116, 5242, 4260, 11142, 8614, 11764, 12214, 5256, 4262, 4120, 11122, 5100, 11262, 5120,
-        2487, 5622, 9581, 8391, 8221, 2930, 10952, 12098, 6995, 6266, 9673, 4893, 699, 3611, 4027, 5842, 11368, 1624,
-        232, 8811, 8281, 1183, 169, 8802, 3013, 2186, 5579, 797, 3625, 4029, 11109, 1587, 7249, 11569, 8675, 6506, 2685,
-        10917, 12093, 12261, 12285, 1755, 7273, 1039, 1904, 272, 3550, 9285, 3082, 5707, 6082, 4380, 7648, 11626, 5172,
-        4250, 9385, 8363, 8217, 4685, 5936, 848, 8899, 6538, 934, 1889, 3781, 9318, 10109, 10222, 6727, 961, 5404, 772,
-        5377, 9546, 8386, 1198, 8949, 3034, 2189, 7335, 4559, 5918, 2601, 10905, 5069, 9502, 3113, 7467, 8089, 11689,
-        5181, 9518, 8382, 2953, 3933, 4073, 4093, 7607, 8109, 2914, 5683, 4323, 11151, 1593, 10761, 6804, 972, 3650,
-        2277, 5592, 4310, 7638, 9869, 4921, 703, 1856, 9043, 4803, 9464, 1352, 8971, 11815, 5199, 7765, 6376, 4422,
-        7654, 2849, 407, 8836, 6529, 7955, 2892, 9191, 1313, 10721, 12065, 12257, 1751, 9028, 8312, 2943, 2176, 3822,
-        546, 78, 8789, 11789, 10462, 12028, 6985, 4509, 9422, 1346, 5459, 4291, 613, 10621, 6784, 9747, 3148, 7472,
-        2823, 5670, 810, 7138, 8042, 4660, 7688, 6365, 6176, 6149, 2634, 5643, 9584, 10147, 11983, 5223, 9524, 11894,
-        10477, 8519, 1217, 3685, 2282, 326, 10580, 3267, 7489, 4581, 2410, 5611, 11335, 6886, 8006, 8166, 11700, 3427,
-        11023, 8597, 10006, 3185, 455, 65, 5276, 7776, 4622, 5927, 7869, 9902, 11948, 5218, 2501, 5624, 2559, 10899,
-        1557, 1978, 10816, 10323, 8497, 4725, 675, 1852, 10798, 12076, 10503, 3256, 9243, 3076, 2195, 10847, 12083,
-        10504, 12034, 10497 };
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/Reduce.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/Reduce.java
deleted file mode 100644
index d71e1ed..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/Reduce.java
+++ /dev/null

@@ -1,25 +0,0 @@
-package org.bouncycastle.pqc.crypto.newhope;
-
-class Reduce
-{
-    static final int QInv = 12287; // -inverse_mod(p,2^18)
-    static final int RLog = 18;
-    static final int RMask = (1 << RLog) - 1;
-
-    static short montgomery(int a)
-    {
-        int u = a * QInv;
-        u &= RMask;
-        u *= Params.Q;
-        u += a;
-        return (short)(u >>> RLog);
-    }
-
-    static short barrett(short a)
-    {
-        int t = a & 0xFFFF;
-        int u = (t * 5) >>> 16;
-        u *= Params.Q;
-        return (short)(t - u);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/package.html b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/package.html
deleted file mode 100644
index 86e86d6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/newhope/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Low level implementation of the NewHope key exchange algorithm.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/IndexGenerator.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/IndexGenerator.java
deleted file mode 100644
index a9c50ef..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/IndexGenerator.java
+++ /dev/null

@@ -1,237 +0,0 @@
-package org.bouncycastle.pqc.crypto.ntru;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.util.Arrays;
-
-/**
- * An implementation of the Index Generation Function in IEEE P1363.1.
- */
-public class IndexGenerator
-{
-    private byte[] seed;
-    private int N;
-    private int c;
-    private int minCallsR;
-    private int totLen;
-    private int remLen;
-    private BitString buf;
-    private int counter;
-    private boolean initialized;
-    private Digest hashAlg;
-    private int hLen;
-
-    /**
-     * Constructs a new index generator.
-     *
-     * @param seed   a seed of arbitrary length to initialize the index generator with
-     * @param params NtruEncrypt parameters
-     */
-    IndexGenerator(byte[] seed, NTRUEncryptionParameters params)
-    {
-        this.seed = seed;
-        N = params.N;
-        c = params.c;
-        minCallsR = params.minCallsR;
-
-        totLen = 0;
-        remLen = 0;
-        counter = 0;
-        hashAlg = params.hashAlg;
-
-        hLen = hashAlg.getDigestSize();   // hash length
-        initialized = false;
-    }
-
-    /*
-     * Returns a number <code>i</code> such that <code>0 &lt;= i &lt; N</code>.
-     */
-    int nextIndex()
-    {
-        if (!initialized)
-        {
-            buf = new BitString();
-            byte[] hash = new byte[hashAlg.getDigestSize()];
-            while (counter < minCallsR)
-            {
-                appendHash(buf, hash);
-                counter++;
-            }
-            totLen = minCallsR * 8 * hLen;
-            remLen = totLen;
-            initialized = true;
-        }
-
-        while (true)
-        {
-            totLen += c;
-            BitString M = buf.getTrailing(remLen);
-            if (remLen < c)
-            {
-                int tmpLen = c - remLen;
-                int cThreshold = counter + (tmpLen + hLen - 1) / hLen;
-                byte[] hash = new byte[hashAlg.getDigestSize()];
-                while (counter < cThreshold)
-                {
-                    appendHash(M, hash);
-                    counter++;
-                    if (tmpLen > 8 * hLen)
-                    {
-                        tmpLen -= 8 * hLen;
-                    }
-                }
-                remLen = 8 * hLen - tmpLen;
-                buf = new BitString();
-                buf.appendBits(hash);
-            }
-            else
-            {
-                remLen -= c;
-            }
-
-            int i = M.getLeadingAsInt(c);   // assume c<32
-            if (i < (1 << c) - ((1 << c) % N))
-            {
-                return i % N;
-            }
-        }
-    }
-
-    private void appendHash(BitString m, byte[] hash)
-    {
-        hashAlg.update(seed, 0, seed.length);
-
-        putInt(hashAlg, counter);
-
-        hashAlg.doFinal(hash, 0);
-
-        m.appendBits(hash);
-    }
-
-    private void putInt(Digest hashAlg, int counter)
-    {
-        hashAlg.update((byte)(counter >> 24));
-        hashAlg.update((byte)(counter >> 16));
-        hashAlg.update((byte)(counter >> 8));
-        hashAlg.update((byte)counter);
-    }
-
-    /**
-     * Represents a string of bits and supports appending, reading the head, and reading the tail.
-     */
-    public static class BitString
-    {
-        byte[] bytes = new byte[4];
-        int numBytes;   // includes the last byte even if only some of its bits are used
-        int lastByteBits;   // lastByteBits <= 8
-
-        /**
-         * Appends all bits in a byte array to the end of the bit string.
-         *
-         * @param bytes a byte array
-         */
-        void appendBits(byte[] bytes)
-        {
-            for (int i = 0; i != bytes.length; i++)
-            {
-                appendBits(bytes[i]);
-            }
-        }
-
-        /**
-         * Appends all bits in a byte to the end of the bit string.
-         *
-         * @param b a byte
-         */
-        public void appendBits(byte b)
-        {
-            if (numBytes == bytes.length)
-            {
-                bytes = copyOf(bytes, 2 * bytes.length);
-            }
-
-            if (numBytes == 0)
-            {
-                numBytes = 1;
-                bytes[0] = b;
-                lastByteBits = 8;
-            }
-            else if (lastByteBits == 8)
-            {
-                bytes[numBytes++] = b;
-            }
-            else
-            {
-                int s = 8 - lastByteBits;
-                bytes[numBytes - 1] |= (b & 0xFF) << lastByteBits;
-                bytes[numBytes++] = (byte)((b & 0xFF) >> s);
-            }
-        }
-
-        /**
-         * Returns the last <code>numBits</code> bits from the end of the bit string.
-         *
-         * @param numBits number of bits
-         * @return a new <code>BitString</code> of length <code>numBits</code>
-         */
-        public BitString getTrailing(int numBits)
-        {
-            BitString newStr = new BitString();
-            newStr.numBytes = (numBits + 7) / 8;
-            newStr.bytes = new byte[newStr.numBytes];
-            for (int i = 0; i < newStr.numBytes; i++)
-            {
-                newStr.bytes[i] = bytes[i];
-            }
-
-            newStr.lastByteBits = numBits % 8;
-            if (newStr.lastByteBits == 0)
-            {
-                newStr.lastByteBits = 8;
-            }
-            else
-            {
-                int s = 32 - newStr.lastByteBits;
-                newStr.bytes[newStr.numBytes - 1] = (byte)(newStr.bytes[newStr.numBytes - 1] << s >>> s);
-            }
-
-            return newStr;
-        }
-
-        /**
-         * Returns up to 32 bits from the beginning of the bit string.
-         *
-         * @param numBits number of bits
-         * @return an <code>int</code> whose lower <code>numBits</code> bits are the beginning of the bit string
-         */
-        public int getLeadingAsInt(int numBits)
-        {
-            int startBit = (numBytes - 1) * 8 + lastByteBits - numBits;
-            int startByte = startBit / 8;
-
-            int startBitInStartByte = startBit % 8;
-            int sum = (bytes[startByte] & 0xFF) >>> startBitInStartByte;
-            int shift = 8 - startBitInStartByte;
-            for (int i = startByte + 1; i < numBytes; i++)
-            {
-                sum |= (bytes[i] & 0xFF) << shift;
-                shift += 8;
-            }
-
-            return sum;
-        }
-
-        public byte[] getBytes()
-        {
-            return Arrays.clone(bytes);
-        }
-    }
-
-    private static byte[] copyOf(byte[] src, int len)
-    {
-        byte[] tmp = new byte[len];
-
-        System.arraycopy(src, 0, tmp, 0, len < src.length ? len : src.length);
-
-        return tmp;
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUEncryptionKeyGenerationParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUEncryptionKeyGenerationParameters.java
deleted file mode 100644
index e050fcb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUEncryptionKeyGenerationParameters.java
+++ /dev/null

@@ -1,463 +0,0 @@
-package org.bouncycastle.pqc.crypto.ntru;
-
-import java.io.DataInputStream;
-import java.io.DataOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.util.Arrays;
-
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-
-/**
- * A set of parameters for NtruEncrypt. Several predefined parameter sets are available and new ones can be created as well.
- */
-public class NTRUEncryptionKeyGenerationParameters
-    extends KeyGenerationParameters
-    implements Cloneable
-{
-    /**
-     * A conservative (in terms of security) parameter set that gives 256 bits of security and is optimized for key size.
-     */
-    public static final NTRUEncryptionKeyGenerationParameters EES1087EP2 = new NTRUEncryptionKeyGenerationParameters(1087, 2048, 120, 120, 256, 13, 25, 14, true, new byte[]{0, 6, 3}, true, false, new SHA512Digest());
-
-    /**
-     * A conservative (in terms of security) parameter set that gives 256 bits of security and is a tradeoff between key size and encryption/decryption speed.
-     */
-    public static final NTRUEncryptionKeyGenerationParameters EES1171EP1 = new NTRUEncryptionKeyGenerationParameters(1171, 2048, 106, 106, 256, 13, 20, 15, true, new byte[]{0, 6, 4}, true, false, new SHA512Digest());
-
-    /**
-     * A conservative (in terms of security) parameter set that gives 256 bits of security and is optimized for encryption/decryption speed.
-     */
-    public static final NTRUEncryptionKeyGenerationParameters EES1499EP1 = new NTRUEncryptionKeyGenerationParameters(1499, 2048, 79, 79, 256, 13, 17, 19, true, new byte[]{0, 6, 5}, true, false, new SHA512Digest());
-
-    /**
-     * A parameter set that gives 128 bits of security and uses simple ternary polynomials.
-     */
-    public static final NTRUEncryptionKeyGenerationParameters APR2011_439 = new NTRUEncryptionKeyGenerationParameters(439, 2048, 146, 130, 128, 9, 32, 9, true, new byte[]{0, 7, 101}, true, false, new SHA256Digest());
-
-    /**
-     * Like <code>APR2011_439</code>, this parameter set gives 128 bits of security but uses product-form polynomials and <code>f=1+pF</code>.
-     */
-    public static final NTRUEncryptionKeyGenerationParameters APR2011_439_FAST = new NTRUEncryptionKeyGenerationParameters(439, 2048, 9, 8, 5, 130, 128, 9, 32, 9, true, new byte[]{0, 7, 101}, true, true, new SHA256Digest());
-
-    /**
-     * A parameter set that gives 256 bits of security and uses simple ternary polynomials.
-     */
-    public static final NTRUEncryptionKeyGenerationParameters APR2011_743 = new NTRUEncryptionKeyGenerationParameters(743, 2048, 248, 220, 256, 10, 27, 14, true, new byte[]{0, 7, 105}, false, false, new SHA512Digest());
-
-    /**
-     * Like <code>APR2011_743</code>, this parameter set gives 256 bits of security but uses product-form polynomials and <code>f=1+pF</code>.
-     */
-    public static final NTRUEncryptionKeyGenerationParameters APR2011_743_FAST = new NTRUEncryptionKeyGenerationParameters(743, 2048, 11, 11, 15, 220, 256, 10, 27, 14, true, new byte[]{0, 7, 105}, false, true, new SHA512Digest());
-
-    public int N, q, df, df1, df2, df3;
-    public int dr;
-    public int dr1;
-    public int dr2;
-    public int dr3;
-    public int dg;
-    int llen;
-    public int maxMsgLenBytes;
-    public int db;
-    public int bufferLenBits;
-    int bufferLenTrits;
-    public int dm0;
-    public int pkLen;
-    public int c;
-    public int minCallsR;
-    public int minCallsMask;
-    public boolean hashSeed;
-    public byte[] oid;
-    public boolean sparse;
-    public boolean fastFp;
-    public int polyType;
-    public Digest hashAlg;
-
-    /**
-     * Constructs a parameter set that uses ternary private keys (i.e. <code>polyType=SIMPLE</code>).
-     *
-     * @param N            number of polynomial coefficients
-     * @param q            modulus
-     * @param df           number of ones in the private polynomial <code>f</code>
-     * @param dm0          minimum acceptable number of -1's, 0's, and 1's in the polynomial <code>m'</code> in the last encryption step
-     * @param db           number of random bits to prepend to the message
-     * @param c            a parameter for the Index Generation Function ({@link org.bouncycastle.pqc.crypto.ntru.IndexGenerator})
-     * @param minCallsR    minimum number of hash calls for the IGF to make
-     * @param minCallsMask minimum number of calls to generate the masking polynomial
-     * @param hashSeed     whether to hash the seed in the MGF first (true) or use the seed directly (false)
-     * @param oid          three bytes that uniquely identify the parameter set
-     * @param sparse       whether to treat ternary polynomials as sparsely populated ({@link org.bouncycastle.pqc.math.ntru.polynomial.SparseTernaryPolynomial} vs {@link org.bouncycastle.pqc.math.ntru.polynomial.DenseTernaryPolynomial})
-     * @param fastFp       whether <code>f=1+p*F</code> for a ternary <code>F</code> (true) or <code>f</code> is ternary (false)
-     * @param hashAlg      a valid identifier for a <code>java.security.MessageDigest</code> instance such as <code>SHA-256</code>. The <code>MessageDigest</code> must support the <code>getDigestLength()</code> method.
-     */
-    public NTRUEncryptionKeyGenerationParameters(int N, int q, int df, int dm0, int db, int c, int minCallsR, int minCallsMask, boolean hashSeed, byte[] oid, boolean sparse, boolean fastFp, Digest hashAlg)
-    {
-        super(CryptoServicesRegistrar.getSecureRandom(), db);
-        this.N = N;
-        this.q = q;
-        this.df = df;
-        this.db = db;
-        this.dm0 = dm0;
-        this.c = c;
-        this.minCallsR = minCallsR;
-        this.minCallsMask = minCallsMask;
-        this.hashSeed = hashSeed;
-        this.oid = oid;
-        this.sparse = sparse;
-        this.fastFp = fastFp;
-        this.polyType = NTRUParameters.TERNARY_POLYNOMIAL_TYPE_SIMPLE;
-        this.hashAlg = hashAlg;
-        init();
-    }
-
-    /**
-     * Constructs a parameter set that uses product-form private keys (i.e. <code>polyType=PRODUCT</code>).
-     *
-     * @param N            number of polynomial coefficients
-     * @param q            modulus
-     * @param df1          number of ones in the private polynomial <code>f1</code>
-     * @param df2          number of ones in the private polynomial <code>f2</code>
-     * @param df3          number of ones in the private polynomial <code>f3</code>
-     * @param dm0          minimum acceptable number of -1's, 0's, and 1's in the polynomial <code>m'</code> in the last encryption step
-     * @param db           number of random bits to prepend to the message
-     * @param c            a parameter for the Index Generation Function ({@link org.bouncycastle.pqc.crypto.ntru.IndexGenerator})
-     * @param minCallsR    minimum number of hash calls for the IGF to make
-     * @param minCallsMask minimum number of calls to generate the masking polynomial
-     * @param hashSeed     whether to hash the seed in the MGF first (true) or use the seed directly (false)
-     * @param oid          three bytes that uniquely identify the parameter set
-     * @param sparse       whether to treat ternary polynomials as sparsely populated ({@link org.bouncycastle.pqc.math.ntru.polynomial.SparseTernaryPolynomial} vs {@link org.bouncycastle.pqc.math.ntru.polynomial.DenseTernaryPolynomial})
-     * @param fastFp       whether <code>f=1+p*F</code> for a ternary <code>F</code> (true) or <code>f</code> is ternary (false)
-     * @param hashAlg      a valid identifier for a <code>java.security.MessageDigest</code> instance such as <code>SHA-256</code>
-     */
-    public NTRUEncryptionKeyGenerationParameters(int N, int q, int df1, int df2, int df3, int dm0, int db, int c, int minCallsR, int minCallsMask, boolean hashSeed, byte[] oid, boolean sparse, boolean fastFp, Digest hashAlg)
-    {
-        super(CryptoServicesRegistrar.getSecureRandom(), db);
-
-        this.N = N;
-        this.q = q;
-        this.df1 = df1;
-        this.df2 = df2;
-        this.df3 = df3;
-        this.db = db;
-        this.dm0 = dm0;
-        this.c = c;
-        this.minCallsR = minCallsR;
-        this.minCallsMask = minCallsMask;
-        this.hashSeed = hashSeed;
-        this.oid = oid;
-        this.sparse = sparse;
-        this.fastFp = fastFp;
-        this.polyType = NTRUParameters.TERNARY_POLYNOMIAL_TYPE_PRODUCT;
-        this.hashAlg = hashAlg;
-        init();
-    }
-
-    private void init()
-    {
-        dr = df;
-        dr1 = df1;
-        dr2 = df2;
-        dr3 = df3;
-        dg = N / 3;
-        llen = 1;   // ceil(log2(maxMsgLenBytes))
-        maxMsgLenBytes = N * 3 / 2 / 8 - llen - db / 8 - 1;
-        bufferLenBits = (N * 3 / 2 + 7) / 8 * 8 + 1;
-        bufferLenTrits = N - 1;
-        pkLen = db;
-    }
-
-    /**
-     * Reads a parameter set from an input stream.
-     *
-     * @param is an input stream
-     * @throws java.io.IOException
-     */
-    public NTRUEncryptionKeyGenerationParameters(InputStream is)
-        throws IOException
-    {
-        super(CryptoServicesRegistrar.getSecureRandom(), -1);
-        DataInputStream dis = new DataInputStream(is);
-        N = dis.readInt();
-        q = dis.readInt();
-        df = dis.readInt();
-        df1 = dis.readInt();
-        df2 = dis.readInt();
-        df3 = dis.readInt();
-        db = dis.readInt();
-        dm0 = dis.readInt();
-        c = dis.readInt();
-        minCallsR = dis.readInt();
-        minCallsMask = dis.readInt();
-        hashSeed = dis.readBoolean();
-        oid = new byte[3];
-        dis.readFully(oid);
-        sparse = dis.readBoolean();
-        fastFp = dis.readBoolean();
-        polyType = dis.read();
-
-        String alg = dis.readUTF();
-
-        if ("SHA-512".equals(alg))
-        {
-            hashAlg = new SHA512Digest();
-        }
-        else if ("SHA-256".equals(alg))
-        {
-            hashAlg = new SHA256Digest();
-        }
-
-        init();
-    }
-
-    public NTRUEncryptionParameters getEncryptionParameters()
-    {
-        if (polyType == NTRUParameters.TERNARY_POLYNOMIAL_TYPE_SIMPLE)
-        {
-            return new NTRUEncryptionParameters(N, q, df, dm0, db, c, minCallsR, minCallsMask, hashSeed, oid, sparse, fastFp, hashAlg);
-        }
-        else
-        {
-            return new NTRUEncryptionParameters(N, q, df1, df2, df3, dm0, db, c, minCallsR, minCallsMask, hashSeed, oid, sparse, fastFp, hashAlg);
-        }
-    }
-
-    public NTRUEncryptionKeyGenerationParameters clone()
-    {
-        if (polyType == NTRUParameters.TERNARY_POLYNOMIAL_TYPE_SIMPLE)
-        {
-            return new NTRUEncryptionKeyGenerationParameters(N, q, df, dm0, db, c, minCallsR, minCallsMask, hashSeed, oid, sparse, fastFp, hashAlg);
-        }
-        else
-        {
-            return new NTRUEncryptionKeyGenerationParameters(N, q, df1, df2, df3, dm0, db, c, minCallsR, minCallsMask, hashSeed, oid, sparse, fastFp, hashAlg);
-        }
-    }
-
-    /**
-     * Returns the maximum length a plaintext message can be with this parameter set.
-     *
-     * @return the maximum length in bytes
-     */
-    public int getMaxMessageLength()
-    {
-        return maxMsgLenBytes;
-    }
-
-    /**
-     * Writes the parameter set to an output stream
-     *
-     * @param os an output stream
-     * @throws java.io.IOException
-     */
-    public void writeTo(OutputStream os)
-        throws IOException
-    {
-        DataOutputStream dos = new DataOutputStream(os);
-        dos.writeInt(N);
-        dos.writeInt(q);
-        dos.writeInt(df);
-        dos.writeInt(df1);
-        dos.writeInt(df2);
-        dos.writeInt(df3);
-        dos.writeInt(db);
-        dos.writeInt(dm0);
-        dos.writeInt(c);
-        dos.writeInt(minCallsR);
-        dos.writeInt(minCallsMask);
-        dos.writeBoolean(hashSeed);
-        dos.write(oid);
-        dos.writeBoolean(sparse);
-        dos.writeBoolean(fastFp);
-        dos.write(polyType);
-        dos.writeUTF(hashAlg.getAlgorithmName());
-    }
-
-
-    public int hashCode()
-    {
-        final int prime = 31;
-        int result = 1;
-        result = prime * result + N;
-        result = prime * result + bufferLenBits;
-        result = prime * result + bufferLenTrits;
-        result = prime * result + c;
-        result = prime * result + db;
-        result = prime * result + df;
-        result = prime * result + df1;
-        result = prime * result + df2;
-        result = prime * result + df3;
-        result = prime * result + dg;
-        result = prime * result + dm0;
-        result = prime * result + dr;
-        result = prime * result + dr1;
-        result = prime * result + dr2;
-        result = prime * result + dr3;
-        result = prime * result + (fastFp ? 1231 : 1237);
-        result = prime * result + ((hashAlg == null) ? 0 : hashAlg.getAlgorithmName().hashCode());
-        result = prime * result + (hashSeed ? 1231 : 1237);
-        result = prime * result + llen;
-        result = prime * result + maxMsgLenBytes;
-        result = prime * result + minCallsMask;
-        result = prime * result + minCallsR;
-        result = prime * result + Arrays.hashCode(oid);
-        result = prime * result + pkLen;
-        result = prime * result + polyType;
-        result = prime * result + q;
-        result = prime * result + (sparse ? 1231 : 1237);
-        return result;
-    }
-
-    public boolean equals(Object obj)
-    {
-        if (this == obj)
-        {
-            return true;
-        }
-        if (obj == null)
-        {
-            return false;
-        }
-        if (getClass() != obj.getClass())
-        {
-            return false;
-        }
-        NTRUEncryptionKeyGenerationParameters other = (NTRUEncryptionKeyGenerationParameters)obj;
-        if (N != other.N)
-        {
-            return false;
-        }
-        if (bufferLenBits != other.bufferLenBits)
-        {
-            return false;
-        }
-        if (bufferLenTrits != other.bufferLenTrits)
-        {
-            return false;
-        }
-        if (c != other.c)
-        {
-            return false;
-        }
-        if (db != other.db)
-        {
-            return false;
-        }
-        if (df != other.df)
-        {
-            return false;
-        }
-        if (df1 != other.df1)
-        {
-            return false;
-        }
-        if (df2 != other.df2)
-        {
-            return false;
-        }
-        if (df3 != other.df3)
-        {
-            return false;
-        }
-        if (dg != other.dg)
-        {
-            return false;
-        }
-        if (dm0 != other.dm0)
-        {
-            return false;
-        }
-        if (dr != other.dr)
-        {
-            return false;
-        }
-        if (dr1 != other.dr1)
-        {
-            return false;
-        }
-        if (dr2 != other.dr2)
-        {
-            return false;
-        }
-        if (dr3 != other.dr3)
-        {
-            return false;
-        }
-        if (fastFp != other.fastFp)
-        {
-            return false;
-        }
-        if (hashAlg == null)
-        {
-            if (other.hashAlg != null)
-            {
-                return false;
-            }
-        }
-        else if (!hashAlg.getAlgorithmName().equals(other.hashAlg.getAlgorithmName()))
-        {
-            return false;
-        }
-        if (hashSeed != other.hashSeed)
-        {
-            return false;
-        }
-        if (llen != other.llen)
-        {
-            return false;
-        }
-        if (maxMsgLenBytes != other.maxMsgLenBytes)
-        {
-            return false;
-        }
-        if (minCallsMask != other.minCallsMask)
-        {
-            return false;
-        }
-        if (minCallsR != other.minCallsR)
-        {
-            return false;
-        }
-        if (!Arrays.equals(oid, other.oid))
-        {
-            return false;
-        }
-        if (pkLen != other.pkLen)
-        {
-            return false;
-        }
-        if (polyType != other.polyType)
-        {
-            return false;
-        }
-        if (q != other.q)
-        {
-            return false;
-        }
-        if (sparse != other.sparse)
-        {
-            return false;
-        }
-        return true;
-    }
-
-    public String toString()
-    {
-        StringBuilder output = new StringBuilder("EncryptionParameters(N=" + N + " q=" + q);
-        if (polyType == NTRUParameters.TERNARY_POLYNOMIAL_TYPE_SIMPLE)
-        {
-            output.append(" polyType=SIMPLE df=" + df);
-        }
-        else
-        {
-            output.append(" polyType=PRODUCT df1=" + df1 + " df2=" + df2 + " df3=" + df3);
-        }
-        output.append(" dm0=" + dm0 + " db=" + db + " c=" + c + " minCallsR=" + minCallsR + " minCallsMask=" + minCallsMask +
-            " hashSeed=" + hashSeed + " hashAlg=" + hashAlg + " oid=" + Arrays.toString(oid) + " sparse=" + sparse + ")");
-        return output.toString();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUEncryptionKeyPairGenerator.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUEncryptionKeyPairGenerator.java
deleted file mode 100644
index f2751ca..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUEncryptionKeyPairGenerator.java
+++ /dev/null

@@ -1,113 +0,0 @@
-package org.bouncycastle.pqc.crypto.ntru;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.pqc.math.ntru.polynomial.DenseTernaryPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.IntegerPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.Polynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.ProductFormPolynomial;
-import org.bouncycastle.pqc.math.ntru.util.Util;
-
-/**
- * Generates key pairs.<br>
- * The parameter p is hardcoded to 3.
- */
-public class NTRUEncryptionKeyPairGenerator
-    implements AsymmetricCipherKeyPairGenerator
-{
-    private NTRUEncryptionKeyGenerationParameters params;
-
-    /**
-     * Constructs a new instance with a set of encryption parameters.
-     *
-     * @param param encryption parameters
-     */
-    public void init(KeyGenerationParameters param)
-    {
-        this.params = (NTRUEncryptionKeyGenerationParameters)param;
-    }
-
-    /**
-     * Generates a new encryption key pair.
-     *
-     * @return a key pair
-     */
-    public AsymmetricCipherKeyPair generateKeyPair()
-    {
-        int N = params.N;
-        int q = params.q;
-        int df = params.df;
-        int df1 = params.df1;
-        int df2 = params.df2;
-        int df3 = params.df3;
-        int dg = params.dg;
-        boolean fastFp = params.fastFp;
-        boolean sparse = params.sparse;
-
-        Polynomial t;
-        IntegerPolynomial fq;
-        IntegerPolynomial fp = null;
-
-        // choose a random f that is invertible mod 3 and q
-        while (true)
-        {
-            IntegerPolynomial f;
-
-            // choose random t, calculate f and fp
-            if (fastFp)
-            {
-                // if fastFp=true, f is always invertible mod 3
-                t = params.polyType == NTRUParameters.TERNARY_POLYNOMIAL_TYPE_SIMPLE ? Util.generateRandomTernary(N, df, df, sparse, params.getRandom()) : ProductFormPolynomial.generateRandom(N, df1, df2, df3, df3, params.getRandom());
-                f = t.toIntegerPolynomial();
-                f.mult(3);
-                f.coeffs[0] += 1;
-            }
-            else
-            {
-                t = params.polyType == NTRUParameters.TERNARY_POLYNOMIAL_TYPE_SIMPLE ? Util.generateRandomTernary(N, df, df - 1, sparse, params.getRandom()) : ProductFormPolynomial.generateRandom(N, df1, df2, df3, df3 - 1, params.getRandom());
-                f = t.toIntegerPolynomial();
-                fp = f.invertF3();
-                if (fp == null)
-                {
-                    continue;
-                }
-            }
-
-            fq = f.invertFq(q);
-            if (fq == null)
-            {
-                continue;
-            }
-            break;
-        }
-
-        // if fastFp=true, fp=1
-        if (fastFp)
-        {
-            fp = new IntegerPolynomial(N);
-            fp.coeffs[0] = 1;
-        }
-
-        // choose a random g that is invertible mod q
-        DenseTernaryPolynomial g;
-        while (true)
-        {
-            g = DenseTernaryPolynomial.generateRandom(N, dg, dg - 1, params.getRandom());
-            if (g.invertFq(q) != null)
-            {
-                break;
-            }
-        }
-
-        IntegerPolynomial h = g.mult(fq, q);
-        h.mult3(q);
-        h.ensurePositive(q);
-        g.clear();
-        fq.clear();
-
-        NTRUEncryptionPrivateKeyParameters priv = new NTRUEncryptionPrivateKeyParameters(h, t, fp, params.getEncryptionParameters());
-        NTRUEncryptionPublicKeyParameters pub = new NTRUEncryptionPublicKeyParameters(h, params.getEncryptionParameters());
-        return new AsymmetricCipherKeyPair(pub, priv);
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUEncryptionKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUEncryptionKeyParameters.java
deleted file mode 100644
index 27a7987..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUEncryptionKeyParameters.java
+++ /dev/null

@@ -1,20 +0,0 @@
-package org.bouncycastle.pqc.crypto.ntru;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-
-public class NTRUEncryptionKeyParameters
-    extends AsymmetricKeyParameter
-{
-    final protected NTRUEncryptionParameters params;
-
-    public NTRUEncryptionKeyParameters(boolean privateKey, NTRUEncryptionParameters params)
-    {
-        super(privateKey);
-        this.params = params;
-    }
-
-    public NTRUEncryptionParameters getParameters()
-    {
-        return params;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUEncryptionParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUEncryptionParameters.java
deleted file mode 100644
index b387bc2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUEncryptionParameters.java
+++ /dev/null

@@ -1,410 +0,0 @@
-package org.bouncycastle.pqc.crypto.ntru;
-
-import java.io.DataInputStream;
-import java.io.DataOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.util.Arrays;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-
-/**
- * A set of parameters for NtruEncrypt. Several predefined parameter sets are available and new ones can be created as well.
- */
-public class NTRUEncryptionParameters
-    implements Cloneable
-{
-
-    public int N, q, df, df1, df2, df3;
-    public int dr;
-    public int dr1;
-    public int dr2;
-    public int dr3;
-    public int dg;
-    int llen;
-    public int maxMsgLenBytes;
-    public int db;
-    public int bufferLenBits;
-    int bufferLenTrits;
-    public int dm0;
-    public int pkLen;
-    public int c;
-    public int minCallsR;
-    public int minCallsMask;
-    public boolean hashSeed;
-    public byte[] oid;
-    public boolean sparse;
-    public boolean fastFp;
-    public int polyType;
-    public Digest hashAlg;
-
-    /**
-     * Constructs a parameter set that uses ternary private keys (i.e. <code>polyType=SIMPLE</code>).
-     *
-     * @param N            number of polynomial coefficients
-     * @param q            modulus
-     * @param df           number of ones in the private polynomial <code>f</code>
-     * @param dm0          minimum acceptable number of -1's, 0's, and 1's in the polynomial <code>m'</code> in the last encryption step
-     * @param db           number of random bits to prepend to the message
-     * @param c            a parameter for the Index Generation Function ({@link org.bouncycastle.pqc.crypto.ntru.IndexGenerator})
-     * @param minCallsR    minimum number of hash calls for the IGF to make
-     * @param minCallsMask minimum number of calls to generate the masking polynomial
-     * @param hashSeed     whether to hash the seed in the MGF first (true) or use the seed directly (false)
-     * @param oid          three bytes that uniquely identify the parameter set
-     * @param sparse       whether to treat ternary polynomials as sparsely populated ({@link org.bouncycastle.pqc.math.ntru.polynomial.SparseTernaryPolynomial} vs {@link org.bouncycastle.pqc.math.ntru.polynomial.DenseTernaryPolynomial})
-     * @param fastFp       whether <code>f=1+p*F</code> for a ternary <code>F</code> (true) or <code>f</code> is ternary (false)
-     * @param hashAlg      a valid identifier for a <code>java.security.MessageDigest</code> instance such as <code>SHA-256</code>. The <code>MessageDigest</code> must support the <code>getDigestLength()</code> method.
-     */
-    public NTRUEncryptionParameters(int N, int q, int df, int dm0, int db, int c, int minCallsR, int minCallsMask, boolean hashSeed, byte[] oid, boolean sparse, boolean fastFp, Digest hashAlg)
-    {
-        this.N = N;
-        this.q = q;
-        this.df = df;
-        this.db = db;
-        this.dm0 = dm0;
-        this.c = c;
-        this.minCallsR = minCallsR;
-        this.minCallsMask = minCallsMask;
-        this.hashSeed = hashSeed;
-        this.oid = oid;
-        this.sparse = sparse;
-        this.fastFp = fastFp;
-        this.polyType = NTRUParameters.TERNARY_POLYNOMIAL_TYPE_SIMPLE;
-        this.hashAlg = hashAlg;
-        init();
-    }
-
-    /**
-     * Constructs a parameter set that uses product-form private keys (i.e. <code>polyType=PRODUCT</code>).
-     *
-     * @param N            number of polynomial coefficients
-     * @param q            modulus
-     * @param df1          number of ones in the private polynomial <code>f1</code>
-     * @param df2          number of ones in the private polynomial <code>f2</code>
-     * @param df3          number of ones in the private polynomial <code>f3</code>
-     * @param dm0          minimum acceptable number of -1's, 0's, and 1's in the polynomial <code>m'</code> in the last encryption step
-     * @param db           number of random bits to prepend to the message
-     * @param c            a parameter for the Index Generation Function ({@link  org.bouncycastle.pqc.crypto.ntru.IndexGenerator})
-     * @param minCallsR    minimum number of hash calls for the IGF to make
-     * @param minCallsMask minimum number of calls to generate the masking polynomial
-     * @param hashSeed     whether to hash the seed in the MGF first (true) or use the seed directly (false)
-     * @param oid          three bytes that uniquely identify the parameter set
-     * @param sparse       whether to treat ternary polynomials as sparsely populated ({@link org.bouncycastle.pqc.math.ntru.polynomial.SparseTernaryPolynomial} vs {@link org.bouncycastle.pqc.math.ntru.polynomial.DenseTernaryPolynomial})
-     * @param fastFp       whether <code>f=1+p*F</code> for a ternary <code>F</code> (true) or <code>f</code> is ternary (false)
-     * @param hashAlg      a valid identifier for a <code>java.security.MessageDigest</code> instance such as <code>SHA-256</code>
-     */
-    public NTRUEncryptionParameters(int N, int q, int df1, int df2, int df3, int dm0, int db, int c, int minCallsR, int minCallsMask, boolean hashSeed, byte[] oid, boolean sparse, boolean fastFp, Digest hashAlg)
-    {
-        this.N = N;
-        this.q = q;
-        this.df1 = df1;
-        this.df2 = df2;
-        this.df3 = df3;
-        this.db = db;
-        this.dm0 = dm0;
-        this.c = c;
-        this.minCallsR = minCallsR;
-        this.minCallsMask = minCallsMask;
-        this.hashSeed = hashSeed;
-        this.oid = oid;
-        this.sparse = sparse;
-        this.fastFp = fastFp;
-        this.polyType = NTRUParameters.TERNARY_POLYNOMIAL_TYPE_PRODUCT;
-        this.hashAlg = hashAlg;
-        init();
-    }
-
-    private void init()
-    {
-        dr = df;
-        dr1 = df1;
-        dr2 = df2;
-        dr3 = df3;
-        dg = N / 3;
-        llen = 1;   // ceil(log2(maxMsgLenBytes))
-        maxMsgLenBytes = N * 3 / 2 / 8 - llen - db / 8 - 1;
-        bufferLenBits = (N * 3 / 2 + 7) / 8 * 8 + 1;
-        bufferLenTrits = N - 1;
-        pkLen = db;
-    }
-
-    /**
-     * Reads a parameter set from an input stream.
-     *
-     * @param is an input stream
-     * @throws IOException
-     */
-    public NTRUEncryptionParameters(InputStream is)
-        throws IOException
-    {
-        DataInputStream dis = new DataInputStream(is);
-        N = dis.readInt();
-        q = dis.readInt();
-        df = dis.readInt();
-        df1 = dis.readInt();
-        df2 = dis.readInt();
-        df3 = dis.readInt();
-        db = dis.readInt();
-        dm0 = dis.readInt();
-        c = dis.readInt();
-        minCallsR = dis.readInt();
-        minCallsMask = dis.readInt();
-        hashSeed = dis.readBoolean();
-        oid = new byte[3];
-        dis.read(oid);
-        sparse = dis.readBoolean();
-        fastFp = dis.readBoolean();
-        polyType = dis.read();
-
-        String alg = dis.readUTF();
-
-        if ("SHA-512".equals(alg))
-        {
-            hashAlg = new SHA512Digest();
-        }
-        else if ("SHA-256".equals(alg))
-        {
-            hashAlg = new SHA256Digest();
-        }
-
-        init();
-    }
-
-    public NTRUEncryptionParameters clone()
-    {
-        if (polyType == NTRUParameters.TERNARY_POLYNOMIAL_TYPE_SIMPLE)
-        {
-            return new NTRUEncryptionParameters(N, q, df, dm0, db, c, minCallsR, minCallsMask, hashSeed, oid, sparse, fastFp, hashAlg);
-        }
-        else
-        {
-            return new NTRUEncryptionParameters(N, q, df1, df2, df3, dm0, db, c, minCallsR, minCallsMask, hashSeed, oid, sparse, fastFp, hashAlg);
-        }
-    }
-
-    /**
-     * Returns the maximum length a plaintext message can be with this parameter set.
-     *
-     * @return the maximum length in bytes
-     */
-    public int getMaxMessageLength()
-    {
-        return maxMsgLenBytes;
-    }
-
-    /**
-     * Writes the parameter set to an output stream
-     *
-     * @param os an output stream
-     * @throws IOException
-     */
-    public void writeTo(OutputStream os)
-        throws IOException
-    {
-        DataOutputStream dos = new DataOutputStream(os);
-        dos.writeInt(N);
-        dos.writeInt(q);
-        dos.writeInt(df);
-        dos.writeInt(df1);
-        dos.writeInt(df2);
-        dos.writeInt(df3);
-        dos.writeInt(db);
-        dos.writeInt(dm0);
-        dos.writeInt(c);
-        dos.writeInt(minCallsR);
-        dos.writeInt(minCallsMask);
-        dos.writeBoolean(hashSeed);
-        dos.write(oid);
-        dos.writeBoolean(sparse);
-        dos.writeBoolean(fastFp);
-        dos.write(polyType);
-        dos.writeUTF(hashAlg.getAlgorithmName());
-    }
-
-
-    public int hashCode()
-    {
-        final int prime = 31;
-        int result = 1;
-        result = prime * result + N;
-        result = prime * result + bufferLenBits;
-        result = prime * result + bufferLenTrits;
-        result = prime * result + c;
-        result = prime * result + db;
-        result = prime * result + df;
-        result = prime * result + df1;
-        result = prime * result + df2;
-        result = prime * result + df3;
-        result = prime * result + dg;
-        result = prime * result + dm0;
-        result = prime * result + dr;
-        result = prime * result + dr1;
-        result = prime * result + dr2;
-        result = prime * result + dr3;
-        result = prime * result + (fastFp ? 1231 : 1237);
-        result = prime * result + ((hashAlg == null) ? 0 : hashAlg.getAlgorithmName().hashCode());
-        result = prime * result + (hashSeed ? 1231 : 1237);
-        result = prime * result + llen;
-        result = prime * result + maxMsgLenBytes;
-        result = prime * result + minCallsMask;
-        result = prime * result + minCallsR;
-        result = prime * result + Arrays.hashCode(oid);
-        result = prime * result + pkLen;
-        result = prime * result + polyType;
-        result = prime * result + q;
-        result = prime * result + (sparse ? 1231 : 1237);
-        return result;
-    }
-
-    public boolean equals(Object obj)
-    {
-        if (this == obj)
-        {
-            return true;
-        }
-        if (obj == null)
-        {
-            return false;
-        }
-        if (getClass() != obj.getClass())
-        {
-            return false;
-        }
-        NTRUEncryptionParameters other = (NTRUEncryptionParameters)obj;
-        if (N != other.N)
-        {
-            return false;
-        }
-        if (bufferLenBits != other.bufferLenBits)
-        {
-            return false;
-        }
-        if (bufferLenTrits != other.bufferLenTrits)
-        {
-            return false;
-        }
-        if (c != other.c)
-        {
-            return false;
-        }
-        if (db != other.db)
-        {
-            return false;
-        }
-        if (df != other.df)
-        {
-            return false;
-        }
-        if (df1 != other.df1)
-        {
-            return false;
-        }
-        if (df2 != other.df2)
-        {
-            return false;
-        }
-        if (df3 != other.df3)
-        {
-            return false;
-        }
-        if (dg != other.dg)
-        {
-            return false;
-        }
-        if (dm0 != other.dm0)
-        {
-            return false;
-        }
-        if (dr != other.dr)
-        {
-            return false;
-        }
-        if (dr1 != other.dr1)
-        {
-            return false;
-        }
-        if (dr2 != other.dr2)
-        {
-            return false;
-        }
-        if (dr3 != other.dr3)
-        {
-            return false;
-        }
-        if (fastFp != other.fastFp)
-        {
-            return false;
-        }
-        if (hashAlg == null)
-        {
-            if (other.hashAlg != null)
-            {
-                return false;
-            }
-        }
-        else if (!hashAlg.getAlgorithmName().equals(other.hashAlg.getAlgorithmName()))
-        {
-            return false;
-        }
-        if (hashSeed != other.hashSeed)
-        {
-            return false;
-        }
-        if (llen != other.llen)
-        {
-            return false;
-        }
-        if (maxMsgLenBytes != other.maxMsgLenBytes)
-        {
-            return false;
-        }
-        if (minCallsMask != other.minCallsMask)
-        {
-            return false;
-        }
-        if (minCallsR != other.minCallsR)
-        {
-            return false;
-        }
-        if (!Arrays.equals(oid, other.oid))
-        {
-            return false;
-        }
-        if (pkLen != other.pkLen)
-        {
-            return false;
-        }
-        if (polyType != other.polyType)
-        {
-            return false;
-        }
-        if (q != other.q)
-        {
-            return false;
-        }
-        if (sparse != other.sparse)
-        {
-            return false;
-        }
-        return true;
-    }
-
-    public String toString()
-    {
-        StringBuilder output = new StringBuilder("EncryptionParameters(N=" + N + " q=" + q);
-        if (polyType == NTRUParameters.TERNARY_POLYNOMIAL_TYPE_SIMPLE)
-        {
-            output.append(" polyType=SIMPLE df=" + df);
-        }
-        else
-        {
-            output.append(" polyType=PRODUCT df1=" + df1 + " df2=" + df2 + " df3=" + df3);
-        }
-        output.append(" dm0=" + dm0 + " db=" + db + " c=" + c + " minCallsR=" + minCallsR + " minCallsMask=" + minCallsMask +
-            " hashSeed=" + hashSeed + " hashAlg=" + hashAlg + " oid=" + Arrays.toString(oid) + " sparse=" + sparse + ")");
-        return output.toString();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUEncryptionPrivateKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUEncryptionPrivateKeyParameters.java
deleted file mode 100644
index bcf9418..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUEncryptionPrivateKeyParameters.java
+++ /dev/null

@@ -1,199 +0,0 @@
-package org.bouncycastle.pqc.crypto.ntru;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-
-import org.bouncycastle.pqc.math.ntru.polynomial.DenseTernaryPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.IntegerPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.Polynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.ProductFormPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.SparseTernaryPolynomial;
-
-/**
- * A NtruEncrypt private key is essentially a polynomial named <code>f</code>
- * which takes different forms depending on whether product-form polynomials are used,
- * and on <code>fastP</code><br>
- * The inverse of <code>f</code> modulo <code>p</code> is precomputed on initialization.
- */
-public class NTRUEncryptionPrivateKeyParameters
-    extends NTRUEncryptionKeyParameters
-{
-    public Polynomial t;
-    public IntegerPolynomial fp;
-    public IntegerPolynomial h;
-
-    /**
-     * Constructs a new private key from a polynomial
-     *
-     * @param h the public polynomial for the key.
-     * @param t      the polynomial which determines the key: if <code>fastFp=true</code>, <code>f=1+3t</code>; otherwise, <code>f=t</code>
-     * @param fp     the inverse of <code>f</code>
-     * @param params the NtruEncrypt parameters to use
-     */
-    public NTRUEncryptionPrivateKeyParameters(IntegerPolynomial h, Polynomial t, IntegerPolynomial fp, NTRUEncryptionParameters params)
-    {
-        super(true, params);
-
-        this.h = h;
-        this.t = t;
-        this.fp = fp;
-    }
-
-    /**
-     * Converts a byte array to a polynomial <code>f</code> and constructs a new private key
-     *
-     * @param b      an encoded polynomial
-     * @param params the NtruEncrypt parameters to use
-     * @see #getEncoded()
-     */
-    public NTRUEncryptionPrivateKeyParameters(byte[] b, NTRUEncryptionParameters params)
-        throws IOException
-    {
-        this(new ByteArrayInputStream(b), params);
-    }
-
-    /**
-     * Reads a polynomial <code>f</code> from an input stream and constructs a new private key
-     *
-     * @param is     an input stream
-     * @param params the NtruEncrypt parameters to use
-     * @see #writeTo(OutputStream)
-     */
-    public NTRUEncryptionPrivateKeyParameters(InputStream is, NTRUEncryptionParameters params)
-        throws IOException
-    {
-        super(true, params);
-
-        if (params.polyType == NTRUParameters.TERNARY_POLYNOMIAL_TYPE_PRODUCT)
-        {
-            int N = params.N;
-            int df1 = params.df1;
-            int df2 = params.df2;
-            int df3Ones = params.df3;
-            int df3NegOnes = params.fastFp ? params.df3 : params.df3 - 1;
-            h = IntegerPolynomial.fromBinary(is, params.N, params.q);
-            t = ProductFormPolynomial.fromBinary(is, N, df1, df2, df3Ones, df3NegOnes);
-        }
-        else
-        {
-            h = IntegerPolynomial.fromBinary(is, params.N, params.q);
-            IntegerPolynomial fInt = IntegerPolynomial.fromBinary3Tight(is, params.N);
-            t = params.sparse ? new SparseTernaryPolynomial(fInt) : new DenseTernaryPolynomial(fInt);
-        }
-
-        init();
-    }
-
-    /**
-     * Initializes <code>fp</code> from t.
-     */
-    private void init()
-    {
-        if (params.fastFp)
-        {
-            fp = new IntegerPolynomial(params.N);
-            fp.coeffs[0] = 1;
-        }
-        else
-        {
-            fp = t.toIntegerPolynomial().invertF3();
-        }
-    }
-
-    /**
-     * Converts the key to a byte array
-     *
-     * @return the encoded key
-     * @see #NTRUEncryptionPrivateKeyParameters(byte[], NTRUEncryptionParameters)
-     */
-    public byte[] getEncoded()
-    {
-        byte[] hBytes = h.toBinary(params.q);
-        byte[] tBytes;
-
-        if (t instanceof ProductFormPolynomial)
-        {
-            tBytes = ((ProductFormPolynomial)t).toBinary();
-        }
-        else
-        {
-            tBytes = t.toIntegerPolynomial().toBinary3Tight();
-        }
-
-        byte[] res = new byte[hBytes.length + tBytes.length];
-
-        System.arraycopy(hBytes, 0, res, 0, hBytes.length);
-        System.arraycopy(tBytes, 0, res, hBytes.length, tBytes.length);
-
-        return res;
-    }
-
-    /**
-     * Writes the key to an output stream
-     *
-     * @param os an output stream
-     * @throws IOException
-     * @see #NTRUEncryptionPrivateKeyParameters(InputStream, NTRUEncryptionParameters)
-     */
-    public void writeTo(OutputStream os)
-        throws IOException
-    {
-        os.write(getEncoded());
-    }
-
-    public int hashCode()
-    {
-        final int prime = 31;
-        int result = 1;
-        result = prime * result + ((params == null) ? 0 : params.hashCode());
-        result = prime * result + ((t == null) ? 0 : t.hashCode());
-        result = prime * result + ((h == null) ? 0 : h.hashCode());
-        return result;
-    }
-
-    public boolean equals(Object obj)
-    {
-        if (this == obj)
-        {
-            return true;
-        }
-        if (obj == null)
-        {
-            return false;
-        }
-        if (!(obj instanceof NTRUEncryptionPrivateKeyParameters))
-        {
-            return false;
-        }
-        NTRUEncryptionPrivateKeyParameters other = (NTRUEncryptionPrivateKeyParameters)obj;
-        if (params == null)
-        {
-            if (other.params != null)
-            {
-                return false;
-            }
-        }
-        else if (!params.equals(other.params))
-        {
-            return false;
-        }
-        if (t == null)
-        {
-            if (other.t != null)
-            {
-                return false;
-            }
-        }
-        else if (!t.equals(other.t))
-        {
-            return false;
-        }
-        if (!h.equals(other.h))
-        {
-            return false;
-        }
-        return true;
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUEncryptionPublicKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUEncryptionPublicKeyParameters.java
deleted file mode 100644
index 0aa0357..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUEncryptionPublicKeyParameters.java
+++ /dev/null

@@ -1,131 +0,0 @@
-package org.bouncycastle.pqc.crypto.ntru;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-
-import org.bouncycastle.pqc.math.ntru.polynomial.IntegerPolynomial;
-
-/**
- * A NtruEncrypt public key is essentially a polynomial named <code>h</code>.
- */
-public class NTRUEncryptionPublicKeyParameters
-    extends NTRUEncryptionKeyParameters
-{
-    public IntegerPolynomial h;
-
-    /**
-     * Constructs a new public key from a polynomial
-     *
-     * @param h      the polynomial <code>h</code> which determines the key
-     * @param params the NtruEncrypt parameters to use
-     */
-    public NTRUEncryptionPublicKeyParameters(IntegerPolynomial h, NTRUEncryptionParameters params)
-    {
-        super(false, params);
-
-        this.h = h;
-    }
-
-    /**
-     * Converts a byte array to a polynomial <code>h</code> and constructs a new public key
-     *
-     * @param b      an encoded polynomial
-     * @param params the NtruEncrypt parameters to use
-     * @see #getEncoded()
-     */
-    public NTRUEncryptionPublicKeyParameters(byte[] b, NTRUEncryptionParameters params)
-    {
-        super(false, params);
-
-        h = IntegerPolynomial.fromBinary(b, params.N, params.q);
-    }
-
-    /**
-     * Reads a polynomial <code>h</code> from an input stream and constructs a new public key
-     *
-     * @param is     an input stream
-     * @param params the NtruEncrypt parameters to use
-     * @see #writeTo(OutputStream)
-     */
-    public NTRUEncryptionPublicKeyParameters(InputStream is, NTRUEncryptionParameters params)
-        throws IOException
-    {
-        super(false, params);
-
-        h = IntegerPolynomial.fromBinary(is, params.N, params.q);
-    }
-
-    /**
-     * Converts the key to a byte array
-     *
-     * @return the encoded key
-     * @see #NTRUEncryptionPublicKeyParameters(byte[], NTRUEncryptionParameters)
-     */
-    public byte[] getEncoded()
-    {
-        return h.toBinary(params.q);
-    }
-
-    /**
-     * Writes the key to an output stream
-     *
-     * @param os an output stream
-     * @throws IOException
-     * @see #NTRUEncryptionPublicKeyParameters(InputStream, NTRUEncryptionParameters)
-     */
-    public void writeTo(OutputStream os)
-        throws IOException
-    {
-        os.write(getEncoded());
-    }
-
-    public int hashCode()
-    {
-        final int prime = 31;
-        int result = 1;
-        result = prime * result + ((h == null) ? 0 : h.hashCode());
-        result = prime * result + ((params == null) ? 0 : params.hashCode());
-        return result;
-    }
-
-    public boolean equals(Object obj)
-    {
-        if (this == obj)
-        {
-            return true;
-        }
-        if (obj == null)
-        {
-            return false;
-        }
-        if (!(obj instanceof NTRUEncryptionPublicKeyParameters))
-        {
-            return false;
-        }
-        NTRUEncryptionPublicKeyParameters other = (NTRUEncryptionPublicKeyParameters)obj;
-        if (h == null)
-        {
-            if (other.h != null)
-            {
-                return false;
-            }
-        }
-        else if (!h.equals(other.h))
-        {
-            return false;
-        }
-        if (params == null)
-        {
-            if (other.params != null)
-            {
-                return false;
-            }
-        }
-        else if (!params.equals(other.params))
-        {
-            return false;
-        }
-        return true;
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUEngine.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUEngine.java
deleted file mode 100644
index 4aeee2d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUEngine.java
+++ /dev/null

@@ -1,495 +0,0 @@
-package org.bouncycastle.pqc.crypto.ntru;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricBlockCipher;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.pqc.math.ntru.polynomial.DenseTernaryPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.IntegerPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.Polynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.ProductFormPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.SparseTernaryPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.TernaryPolynomial;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Encrypts, decrypts data and generates key pairs.<br>
- * The parameter p is hardcoded to 3.
- */
-public class NTRUEngine
-    implements AsymmetricBlockCipher
-{
-    private boolean forEncryption;
-    private NTRUEncryptionParameters params;
-    private NTRUEncryptionPublicKeyParameters pubKey;
-    private NTRUEncryptionPrivateKeyParameters privKey;
-    private SecureRandom random;
-
-    /**
-     * Constructs a new instance with a set of encryption parameters.
-     *
-     */
-    public NTRUEngine()
-    {
-    }
-
-    public void init(boolean forEncryption, CipherParameters parameters)
-    {
-        this.forEncryption = forEncryption;
-        if (forEncryption)
-        {
-            if (parameters instanceof ParametersWithRandom)
-            {
-                ParametersWithRandom p = (ParametersWithRandom)parameters;
-
-                this.random = p.getRandom();
-                this.pubKey = (NTRUEncryptionPublicKeyParameters)p.getParameters();
-            }
-            else
-            {
-                this.random = CryptoServicesRegistrar.getSecureRandom();
-                this.pubKey = (NTRUEncryptionPublicKeyParameters)parameters;
-            }
-
-            this.params = pubKey.getParameters();
-        }
-        else
-        {
-            this.privKey = (NTRUEncryptionPrivateKeyParameters)parameters;
-            this.params = privKey.getParameters();
-        }
-    }
-
-    public int getInputBlockSize()
-    {
-        return params.maxMsgLenBytes;
-    }
-
-    public int getOutputBlockSize()
-    {
-        return ((params.N * log2(params.q)) + 7) / 8;
-    }
-
-    public byte[] processBlock(byte[] in, int inOff, int len)
-        throws InvalidCipherTextException
-    {
-        byte[] tmp = new byte[len];
-
-        System.arraycopy(in, inOff, tmp, 0, len);
-
-        if (forEncryption)
-        {
-            return encrypt(tmp, pubKey);
-        }
-        else
-        {
-            return decrypt(tmp, privKey);
-        }
-    }
-
-    /**
-     * Encrypts a message.<br/>
-     * See P1363.1 section 9.2.2.
-     *
-     * @param m      The message to encrypt
-     * @param pubKey the public key to encrypt the message with
-     * @return the encrypted message
-     */
-    private byte[] encrypt(byte[] m, NTRUEncryptionPublicKeyParameters pubKey)
-    {
-        IntegerPolynomial pub = pubKey.h;
-        int N = params.N;
-        int q = params.q;
-
-        int maxLenBytes = params.maxMsgLenBytes;
-        int db = params.db;
-        int bufferLenBits = params.bufferLenBits;
-        int dm0 = params.dm0;
-        int pkLen = params.pkLen;
-        int minCallsMask = params.minCallsMask;
-        boolean hashSeed = params.hashSeed;
-        byte[] oid = params.oid;
-
-        int l = m.length;
-        if (maxLenBytes > 255)
-        {
-            throw new IllegalArgumentException("llen values bigger than 1 are not supported");
-        }
-        if (l > maxLenBytes)
-        {
-            throw new DataLengthException("Message too long: " + l + ">" + maxLenBytes);
-        }
-
-        while (true)
-        {
-            // M = b|octL|m|p0
-            byte[] b = new byte[db / 8];
-            random.nextBytes(b);
-            byte[] p0 = new byte[maxLenBytes + 1 - l];
-            byte[] M = new byte[bufferLenBits / 8];
-
-            System.arraycopy(b, 0, M, 0, b.length);
-            M[b.length] = (byte)l;
-            System.arraycopy(m, 0, M, b.length + 1, m.length);
-            System.arraycopy(p0, 0, M, b.length + 1 + m.length, p0.length);
-
-            IntegerPolynomial mTrin = IntegerPolynomial.fromBinary3Sves(M, N);
-
-            // sData = OID|m|b|hTrunc
-            byte[] bh = pub.toBinary(q);
-            byte[] hTrunc = copyOf(bh, pkLen / 8);
-            byte[] sData = buildSData(oid, m, l, b, hTrunc);
-
-            Polynomial r = generateBlindingPoly(sData, M);
-            IntegerPolynomial R = r.mult(pub, q);
-            IntegerPolynomial R4 = (IntegerPolynomial)R.clone();
-            R4.modPositive(4);
-            byte[] oR4 = R4.toBinary(4);
-            IntegerPolynomial mask = MGF(oR4, N, minCallsMask, hashSeed);
-            mTrin.add(mask);
-            mTrin.mod3();
-
-            if (mTrin.count(-1) < dm0)
-            {
-                continue;
-            }
-            if (mTrin.count(0) < dm0)
-            {
-                continue;
-            }
-            if (mTrin.count(1) < dm0)
-            {
-                continue;
-            }
-
-            R.add(mTrin, q);
-            R.ensurePositive(q);
-            return R.toBinary(q);
-        }
-    }
-
-    private byte[] buildSData(byte[] oid, byte[] m, int l, byte[] b, byte[] hTrunc)
-    {
-        byte[] sData = new byte[oid.length + l + b.length + hTrunc.length];
-
-        System.arraycopy(oid, 0, sData, 0, oid.length);
-        System.arraycopy(m, 0, sData, oid.length, m.length);
-        System.arraycopy(b, 0, sData, oid.length + m.length, b.length);
-        System.arraycopy(hTrunc, 0, sData, oid.length + m.length + b.length, hTrunc.length);
-        return sData;
-    }
-
-    protected IntegerPolynomial encrypt(IntegerPolynomial m, TernaryPolynomial r, IntegerPolynomial pubKey)
-    {
-        IntegerPolynomial e = r.mult(pubKey, params.q);
-        e.add(m, params.q);
-        e.ensurePositive(params.q);
-        return e;
-    }
-
-    /**
-     * Deterministically generates a blinding polynomial from a seed and a message representative.
-     *
-     * @param seed
-     * @param M    message representative
-     * @return a blinding polynomial
-     */
-    private Polynomial generateBlindingPoly(byte[] seed, byte[] M)
-    {
-        IndexGenerator ig = new IndexGenerator(seed, params);
-
-        if (params.polyType == NTRUParameters.TERNARY_POLYNOMIAL_TYPE_PRODUCT)
-        {
-            SparseTernaryPolynomial r1 = new SparseTernaryPolynomial(generateBlindingCoeffs(ig, params.dr1));
-            SparseTernaryPolynomial r2 = new SparseTernaryPolynomial(generateBlindingCoeffs(ig, params.dr2));
-            SparseTernaryPolynomial r3 = new SparseTernaryPolynomial(generateBlindingCoeffs(ig, params.dr3));
-            return new ProductFormPolynomial(r1, r2, r3);
-        }
-        else
-        {
-            int dr = params.dr;
-            boolean sparse = params.sparse;
-            int[] r = generateBlindingCoeffs(ig, dr);
-            if (sparse)
-            {
-                return new SparseTernaryPolynomial(r);
-            }
-            else
-            {
-                return new DenseTernaryPolynomial(r);
-            }
-        }
-    }
-
-    /**
-     * Generates an <code>int</code> array containing <code>dr</code> elements equal to <code>1</code>
-     * and <code>dr</code> elements equal to <code>-1</code> using an index generator.
-     *
-     * @param ig an index generator
-     * @param dr number of ones / negative ones
-     * @return an array containing numbers between <code>-1</code> and <code>1</code>
-     */
-    private int[] generateBlindingCoeffs(IndexGenerator ig, int dr)
-    {
-        int N = params.N;
-
-        int[] r = new int[N];
-        for (int coeff = -1; coeff <= 1; coeff += 2)
-        {
-            int t = 0;
-            while (t < dr)
-            {
-                int i = ig.nextIndex();
-                if (r[i] == 0)
-                {
-                    r[i] = coeff;
-                    t++;
-                }
-            }
-        }
-
-        return r;
-    }
-
-    /**
-     * An implementation of MGF-TP-1 from P1363.1 section 8.4.1.1.
-     *
-     * @param seed
-     * @param N
-     * @param minCallsR
-     * @param hashSeed  whether to hash the seed
-     */
-    private IntegerPolynomial MGF(byte[] seed, int N, int minCallsR, boolean hashSeed)
-    {
-        Digest hashAlg = params.hashAlg;
-        int hashLen = hashAlg.getDigestSize();
-        byte[] buf = new byte[minCallsR * hashLen];
-        byte[] Z = hashSeed ? calcHash(hashAlg, seed) : seed;
-        int counter = 0;
-        while (counter < minCallsR)
-        {
-            hashAlg.update(Z, 0, Z.length);
-            putInt(hashAlg, counter);
-
-            byte[] hash = calcHash(hashAlg);
-            System.arraycopy(hash, 0, buf, counter * hashLen, hashLen);
-            counter++;
-        }
-
-        IntegerPolynomial i = new IntegerPolynomial(N);
-        while (true)
-        {
-            int cur = 0;
-            for (int index = 0; index != buf.length; index++)
-            {
-                int O = (int)buf[index] & 0xFF;
-                if (O >= 243)   // 243 = 3^5
-                {
-                    continue;
-                }
-
-                for (int terIdx = 0; terIdx < 4; terIdx++)
-                {
-                    int rem3 = O % 3;
-                    i.coeffs[cur] = rem3 - 1;
-                    cur++;
-                    if (cur == N)
-                    {
-                        return i;
-                    }
-                    O = (O - rem3) / 3;
-                }
-
-                i.coeffs[cur] = O - 1;
-                cur++;
-                if (cur == N)
-                {
-                    return i;
-                }
-            }
-
-            if (cur >= N)
-            {
-                return i;
-            }
-
-            hashAlg.update(Z, 0, Z.length);
-            putInt(hashAlg, counter);
-
-            byte[] hash = calcHash(hashAlg);
-
-            buf = hash;
-
-            counter++;
-        }
-    }
-
-    private void putInt(Digest hashAlg, int counter)
-    {
-        hashAlg.update((byte)(counter >> 24));
-        hashAlg.update((byte)(counter >> 16));
-        hashAlg.update((byte)(counter >> 8));
-        hashAlg.update((byte)counter);
-    }
-
-    private byte[] calcHash(Digest hashAlg)
-    {
-        byte[] tmp = new byte[hashAlg.getDigestSize()];
-
-        hashAlg.doFinal(tmp, 0);
-
-        return tmp;
-    }
-
-    private byte[] calcHash(Digest hashAlg, byte[] input)
-    {
-        byte[] tmp = new byte[hashAlg.getDigestSize()];
-
-        hashAlg.update(input, 0, input.length);
-        hashAlg.doFinal(tmp, 0);
-
-        return tmp;
-    }
-    /**
-     * Decrypts a message.<br/>
-     * See P1363.1 section 9.2.3.
-     *
-     * @param data The message to decrypt
-     * @param privKey   the corresponding private key
-     * @return the decrypted message
-     * @throws InvalidCipherTextException if  the encrypted data is invalid, or <code>maxLenBytes</code> is greater than 255
-     */
-    private byte[] decrypt(byte[] data, NTRUEncryptionPrivateKeyParameters privKey)
-        throws InvalidCipherTextException
-    {
-        Polynomial priv_t = privKey.t;
-        IntegerPolynomial priv_fp = privKey.fp;
-        IntegerPolynomial pub = privKey.h;
-        int N = params.N;
-        int q = params.q;
-        int db = params.db;
-        int maxMsgLenBytes = params.maxMsgLenBytes;
-        int dm0 = params.dm0;
-        int pkLen = params.pkLen;
-        int minCallsMask = params.minCallsMask;
-        boolean hashSeed = params.hashSeed;
-        byte[] oid = params.oid;
-
-        if (maxMsgLenBytes > 255)
-        {
-            throw new DataLengthException("maxMsgLenBytes values bigger than 255 are not supported");
-        }
-
-        int bLen = db / 8;
-
-        IntegerPolynomial e = IntegerPolynomial.fromBinary(data, N, q);
-        IntegerPolynomial ci = decrypt(e, priv_t, priv_fp);
-
-        if (ci.count(-1) < dm0)
-        {
-            throw new InvalidCipherTextException("Less than dm0 coefficients equal -1");
-        }
-        if (ci.count(0) < dm0)
-        {
-            throw new InvalidCipherTextException("Less than dm0 coefficients equal 0");
-        }
-        if (ci.count(1) < dm0)
-        {
-            throw new InvalidCipherTextException("Less than dm0 coefficients equal 1");
-        }
-
-        IntegerPolynomial cR = (IntegerPolynomial)e.clone();
-        cR.sub(ci);
-        cR.modPositive(q);
-        IntegerPolynomial cR4 = (IntegerPolynomial)cR.clone();
-        cR4.modPositive(4);
-        byte[] coR4 = cR4.toBinary(4);
-        IntegerPolynomial mask = MGF(coR4, N, minCallsMask, hashSeed);
-        IntegerPolynomial cMTrin = ci;
-        cMTrin.sub(mask);
-        cMTrin.mod3();
-        byte[] cM = cMTrin.toBinary3Sves();
-
-        byte[] cb = new byte[bLen];
-        System.arraycopy(cM, 0, cb, 0, bLen);
-        int cl = cM[bLen] & 0xFF;   // llen=1, so read one byte
-        if (cl > maxMsgLenBytes)
-        {
-            throw new InvalidCipherTextException("Message too long: " + cl + ">" + maxMsgLenBytes);
-        }
-        byte[] cm = new byte[cl];
-        System.arraycopy(cM, bLen + 1, cm, 0, cl);
-        byte[] p0 = new byte[cM.length - (bLen + 1 + cl)];
-        System.arraycopy(cM, bLen + 1 + cl, p0, 0, p0.length);
-        if (!Arrays.constantTimeAreEqual(p0, new byte[p0.length]))
-        {
-           throw new InvalidCipherTextException("The message is not followed by zeroes");
-        }
-
-        // sData = OID|m|b|hTrunc
-        byte[] bh = pub.toBinary(q);
-        byte[] hTrunc = copyOf(bh, pkLen / 8);
-        byte[] sData = buildSData(oid, cm, cl, cb, hTrunc);
-
-        Polynomial cr = generateBlindingPoly(sData, cm);
-        IntegerPolynomial cRPrime = cr.mult(pub);
-        cRPrime.modPositive(q);
-        if (!cRPrime.equals(cR))
-        {
-            throw new InvalidCipherTextException("Invalid message encoding");
-        }
-
-        return cm;
-    }
-
-    /**
-     * @param e
-     * @param priv_t  a polynomial such that if <code>fastFp=true</code>, <code>f=1+3*priv_t</code>; otherwise, <code>f=priv_t</code>
-     * @param priv_fp
-     * @return an IntegerPolynomial representing the output.
-     */
-    protected IntegerPolynomial decrypt(IntegerPolynomial e, Polynomial priv_t, IntegerPolynomial priv_fp)
-    {
-        IntegerPolynomial a;
-        if (params.fastFp)
-        {
-            a = priv_t.mult(e, params.q);
-            a.mult(3);
-            a.add(e);
-        }
-        else
-        {
-            a = priv_t.mult(e, params.q);
-        }
-        a.center0(params.q);
-        a.mod3();
-
-        IntegerPolynomial c = params.fastFp ? a : new DenseTernaryPolynomial(a).mult(priv_fp, 3);
-        c.center0(3);
-        return c;
-    }
-
-    private byte[] copyOf(byte[] src, int len)
-    {
-        byte[] tmp = new byte[len];
-
-        System.arraycopy(src, 0, tmp, 0, len < src.length ? len : src.length);
-
-        return tmp;
-    }
-
-    private int log2(int value)
-    {
-        if (value == 2048)
-        {
-            return 11;
-        }
-
-        throw new IllegalStateException("log2 not fully implemented");
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUParameters.java
deleted file mode 100644
index 158c038..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUParameters.java
+++ /dev/null

@@ -1,7 +0,0 @@
-package org.bouncycastle.pqc.crypto.ntru;
-
-public class NTRUParameters
-{
-    public static final int TERNARY_POLYNOMIAL_TYPE_SIMPLE = 0;
-    public static final int TERNARY_POLYNOMIAL_TYPE_PRODUCT = 1;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUSigner.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUSigner.java
deleted file mode 100644
index 19bf802..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUSigner.java
+++ /dev/null

@@ -1,263 +0,0 @@
-package org.bouncycastle.pqc.crypto.ntru;
-
-import java.nio.ByteBuffer;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.pqc.math.ntru.polynomial.IntegerPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.Polynomial;
-
-/**
-* Signs, verifies data and generates key pairs.
-* @deprecated the NTRUSigner algorithm was broken in 2012 by Ducas and Nguyen. See
-* <a href="http://www.di.ens.fr/~ducas/NTRUSign_Cryptanalysis/DucasNguyen_Learning.pdf">
-* http://www.di.ens.fr/~ducas/NTRUSign_Cryptanalysis/DucasNguyen_Learning.pdf</a>
-* for details.
-*/
-public class NTRUSigner
-{
-    private NTRUSigningParameters params;
-    private Digest hashAlg;
-    private NTRUSigningPrivateKeyParameters signingKeyPair;
-    private NTRUSigningPublicKeyParameters verificationKey;
-
-    /**
-     * Constructs a new instance with a set of signature parameters.
-     *
-     * @param params signature parameters
-     */
-    public NTRUSigner(NTRUSigningParameters params)
-    {
-        this.params = params;
-    }
-
-    /**
-     * Resets the engine for signing a message.
-     *
-     * @param forSigning
-     * @param params
-     */
-    public void init(boolean forSigning, CipherParameters params)
-    {
-        if (forSigning)
-        {
-            this.signingKeyPair = (NTRUSigningPrivateKeyParameters)params;
-        }
-        else
-        {
-            this.verificationKey = (NTRUSigningPublicKeyParameters)params;
-        }
-        hashAlg = this.params.hashAlg;
-        hashAlg.reset();
-    }
-
-    /**
-      * Adds data to sign or verify.
-      *
-      * @param b data
-      */
-     public void update(byte b)
-     {
-         if (hashAlg == null)
-         {
-             throw new IllegalStateException("Call initSign or initVerify first!");
-         }
-
-         hashAlg.update(b);
-     }
-
-    /**
-     * Adds data to sign or verify.
-     *
-     * @param m data
-     * @param off offset
-     * @param length number of bytes
-     */
-    public void update(byte[] m, int off, int length)
-    {
-        if (hashAlg == null)
-        {
-            throw new IllegalStateException("Call initSign or initVerify first!");
-        }
-
-        hashAlg.update(m, off, length);
-    }
-
-    /**
-     * Adds data to sign and computes a signature over this data and any data previously added via {@link #update(byte[], int, int)}.
-     *
-     * @return a signature
-     * @throws IllegalStateException if <code>initSign</code> was not called
-     */
-    public byte[] generateSignature()
-    {
-        if (hashAlg == null || signingKeyPair == null)
-        {
-            throw new IllegalStateException("Call initSign first!");
-        }
-
-        byte[] msgHash = new byte[hashAlg.getDigestSize()];
-
-        hashAlg.doFinal(msgHash, 0);
-        return signHash(msgHash, signingKeyPair);
-    }
-
-    private byte[] signHash(byte[] msgHash, NTRUSigningPrivateKeyParameters kp)
-    {
-        int r = 0;
-        IntegerPolynomial s;
-        IntegerPolynomial i;
-
-        NTRUSigningPublicKeyParameters kPub = kp.getPublicKey();
-        do
-        {
-            r++;
-            if (r > params.signFailTolerance)
-            {
-                throw new IllegalStateException("Signing failed: too many retries (max=" + params.signFailTolerance + ")");
-            }
-            i = createMsgRep(msgHash, r);
-            s = sign(i, kp);
-        }
-        while (!verify(i, s, kPub.h));
-
-        byte[] rawSig = s.toBinary(params.q);
-        ByteBuffer sbuf = ByteBuffer.allocate(rawSig.length + 4);
-        sbuf.put(rawSig);
-        sbuf.putInt(r);
-        return sbuf.array();
-    }
-
-    private IntegerPolynomial sign(IntegerPolynomial i, NTRUSigningPrivateKeyParameters kp)
-    {
-        int N = params.N;
-        int q = params.q;
-        int perturbationBases = params.B;
-
-        NTRUSigningPrivateKeyParameters kPriv = kp;
-        NTRUSigningPublicKeyParameters kPub = kp.getPublicKey();
-
-        IntegerPolynomial s = new IntegerPolynomial(N);
-        int iLoop = perturbationBases;
-        while (iLoop >= 1)
-        {
-            Polynomial f = kPriv.getBasis(iLoop).f;
-            Polynomial fPrime = kPriv.getBasis(iLoop).fPrime;
-
-            IntegerPolynomial y = f.mult(i);
-            y.div(q);
-            y = fPrime.mult(y);
-
-            IntegerPolynomial x = fPrime.mult(i);
-            x.div(q);
-            x = f.mult(x);
-
-            IntegerPolynomial si = y;
-            si.sub(x);
-            s.add(si);
-
-            IntegerPolynomial hi = (IntegerPolynomial)kPriv.getBasis(iLoop).h.clone();
-            if (iLoop > 1)
-            {
-                hi.sub(kPriv.getBasis(iLoop - 1).h);
-            }
-            else
-            {
-                hi.sub(kPub.h);
-            }
-            i = si.mult(hi, q);
-
-            iLoop--;
-        }
-
-        Polynomial f = kPriv.getBasis(0).f;
-        Polynomial fPrime = kPriv.getBasis(0).fPrime;
-
-        IntegerPolynomial y = f.mult(i);
-        y.div(q);
-        y = fPrime.mult(y);
-
-        IntegerPolynomial x = fPrime.mult(i);
-        x.div(q);
-        x = f.mult(x);
-
-        y.sub(x);
-        s.add(y);
-        s.modPositive(q);
-        return s;
-    }
-
-    /**
-     * Verifies a signature for any data previously added via {@link #update(byte[], int, int)}.
-     *
-     * @param sig a signature
-     * @return whether the signature is valid
-     * @throws IllegalStateException if <code>initVerify</code> was not called
-     */
-    public boolean verifySignature(byte[] sig)
-    {
-        if (hashAlg == null || verificationKey == null)
-        {
-            throw new IllegalStateException("Call initVerify first!");
-        }
-
-        byte[] msgHash = new byte[hashAlg.getDigestSize()];
-
-        hashAlg.doFinal(msgHash, 0);
-
-        return verifyHash(msgHash, sig, verificationKey);
-    }
-
-    private boolean verifyHash(byte[] msgHash, byte[] sig, NTRUSigningPublicKeyParameters pub)
-    {
-        ByteBuffer sbuf = ByteBuffer.wrap(sig);
-        byte[] rawSig = new byte[sig.length - 4];
-        sbuf.get(rawSig);
-        IntegerPolynomial s = IntegerPolynomial.fromBinary(rawSig, params.N, params.q);
-        int r = sbuf.getInt();
-        return verify(createMsgRep(msgHash, r), s, pub.h);
-    }
-
-    private boolean verify(IntegerPolynomial i, IntegerPolynomial s, IntegerPolynomial h)
-    {
-        int q = params.q;
-        double normBoundSq = params.normBoundSq;
-        double betaSq = params.betaSq;
-
-        IntegerPolynomial t = h.mult(s, q);
-        t.sub(i);
-        long centeredNormSq = (long)(s.centeredNormSq(q) + betaSq * t.centeredNormSq(q));
-        return centeredNormSq <= normBoundSq;
-    }
-
-    protected IntegerPolynomial createMsgRep(byte[] msgHash, int r)
-    {
-        int N = params.N;
-        int q = params.q;
-
-        int c = 31 - Integer.numberOfLeadingZeros(q);
-        int B = (c + 7) / 8;
-        IntegerPolynomial i = new IntegerPolynomial(N);
-
-        ByteBuffer cbuf = ByteBuffer.allocate(msgHash.length + 4);
-        cbuf.put(msgHash);
-        cbuf.putInt(r);
-        NTRUSignerPrng prng = new NTRUSignerPrng(cbuf.array(), params.hashAlg);
-
-        for (int t = 0; t < N; t++)
-        {
-            byte[] o = prng.nextBytes(B);
-            int hi = o[o.length - 1];
-            hi >>= 8 * B - c;
-            hi <<= 8 * B - c;
-            o[o.length - 1] = (byte)hi;
-
-            ByteBuffer obuf = ByteBuffer.allocate(4);
-            obuf.put(o);
-            obuf.rewind();
-            // reverse byte order so it matches the endianness of java ints
-            i.coeffs[t] = Integer.reverseBytes(obuf.getInt());
-        }
-        return i;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUSignerPrng.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUSignerPrng.java
deleted file mode 100644
index 77ed63a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUSignerPrng.java
+++ /dev/null

@@ -1,64 +0,0 @@
-package org.bouncycastle.pqc.crypto.ntru;
-
-import java.nio.ByteBuffer;
-
-import org.bouncycastle.crypto.Digest;
-
-/**
- * An implementation of the deterministic pseudo-random generator in EESS section 3.7.3.1
- */
-public class NTRUSignerPrng
-{
-    private int counter;
-    private byte[] seed;
-    private Digest hashAlg;
-
-    /**
-     * Constructs a new PRNG and seeds it with a byte array.
-     *
-     * @param seed    a seed
-     * @param hashAlg the hash algorithm to use
-     */
-    NTRUSignerPrng(byte[] seed, Digest hashAlg)
-    {
-        counter = 0;
-        this.seed = seed;
-        this.hashAlg = hashAlg;
-    }
-
-    /**
-     * Returns <code>n</code> random bytes
-     *
-     * @param n number of bytes to return
-     * @return the next <code>n</code> random bytes
-     */
-    byte[] nextBytes(int n)
-    {
-        ByteBuffer buf = ByteBuffer.allocate(n);
-
-        while (buf.hasRemaining())
-        {
-            ByteBuffer cbuf = ByteBuffer.allocate(seed.length + 4);
-            cbuf.put(seed);
-            cbuf.putInt(counter);
-            byte[] array = cbuf.array();
-            byte[] hash = new byte[hashAlg.getDigestSize()];
-
-            hashAlg.update(array, 0, array.length);
-
-            hashAlg.doFinal(hash, 0);
-
-            if (buf.remaining() < hash.length)
-            {
-                buf.put(hash, 0, buf.remaining());
-            }
-            else
-            {
-                buf.put(hash);
-            }
-            counter++;
-        }
-
-        return buf.array();
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUSigningKeyGenerationParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUSigningKeyGenerationParameters.java
deleted file mode 100644
index 3aa4514..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUSigningKeyGenerationParameters.java
+++ /dev/null

@@ -1,407 +0,0 @@
-package org.bouncycastle.pqc.crypto.ntru;
-
-import java.io.DataInputStream;
-import java.io.DataOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.text.DecimalFormat;
-
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-
-/**
- * A set of parameters for NtruSign. Several predefined parameter sets are available and new ones can be created as well.
- */
-public class NTRUSigningKeyGenerationParameters
-    extends KeyGenerationParameters
-    implements Cloneable
-{   
-    public static final int BASIS_TYPE_STANDARD = 0;
-    public static final int BASIS_TYPE_TRANSPOSE = 1;
-
-    public static final int KEY_GEN_ALG_RESULTANT = 0;
-    public static final int KEY_GEN_ALG_FLOAT = 1;
-    
-    /**
-     * Gives 128 bits of security
-     */
-    public static final NTRUSigningKeyGenerationParameters APR2011_439 = new NTRUSigningKeyGenerationParameters(439, 2048, 146, 1, BASIS_TYPE_TRANSPOSE, 0.165, 490, 280, false, true, KEY_GEN_ALG_RESULTANT, new SHA256Digest());
-
-    /**
-     * Like <code>APR2011_439</code>, this parameter set gives 128 bits of security but uses product-form polynomials
-     */
-    public static final NTRUSigningKeyGenerationParameters APR2011_439_PROD = new NTRUSigningKeyGenerationParameters(439, 2048, 9, 8, 5, 1, BASIS_TYPE_TRANSPOSE, 0.165, 490, 280, false, true, KEY_GEN_ALG_RESULTANT, new SHA256Digest());
-
-    /**
-     * Gives 256 bits of security
-     */
-    public static final NTRUSigningKeyGenerationParameters APR2011_743 = new NTRUSigningKeyGenerationParameters(743, 2048, 248, 1, BASIS_TYPE_TRANSPOSE, 0.127, 560, 360, true, false, KEY_GEN_ALG_RESULTANT, new SHA512Digest());
-
-    /**
-     * Like <code>APR2011_439</code>, this parameter set gives 256 bits of security but uses product-form polynomials
-     */
-    public static final NTRUSigningKeyGenerationParameters APR2011_743_PROD = new NTRUSigningKeyGenerationParameters(743, 2048, 11, 11, 15, 1, BASIS_TYPE_TRANSPOSE, 0.127, 560, 360, true, false, KEY_GEN_ALG_RESULTANT, new SHA512Digest());
-
-    /**
-     * Generates key pairs quickly. Use for testing only.
-     */
-    public static final NTRUSigningKeyGenerationParameters TEST157 = new NTRUSigningKeyGenerationParameters(157, 256, 29, 1, BASIS_TYPE_TRANSPOSE, 0.38, 200, 80, false, false, KEY_GEN_ALG_RESULTANT, new SHA256Digest());
-    /**
-     * Generates key pairs quickly. Use for testing only.
-     */
-    public static final NTRUSigningKeyGenerationParameters TEST157_PROD = new NTRUSigningKeyGenerationParameters(157, 256, 5, 5, 8, 1, BASIS_TYPE_TRANSPOSE, 0.38, 200, 80, false, false, KEY_GEN_ALG_RESULTANT, new SHA256Digest());
-
-
-    public int N;
-    public int q;
-    public int d, d1, d2, d3, B;
-    double beta;
-    public double betaSq;
-    double normBound;
-    public double normBoundSq;
-    public int signFailTolerance = 100;
-    double keyNormBound;
-    public double keyNormBoundSq;
-    public boolean primeCheck;   // true if N and 2N+1 are prime
-    public int basisType;
-    int bitsF = 6;   // max #bits needed to encode one coefficient of the polynomial F
-    public boolean sparse;   // whether to treat ternary polynomials as sparsely populated
-    public int keyGenAlg;
-    public Digest hashAlg;
-    public int polyType;
-
-    /**
-     * Constructs a parameter set that uses ternary private keys (i.e. <code>polyType=SIMPLE</code>).
-     *
-     * @param N            number of polynomial coefficients
-     * @param q            modulus
-     * @param d            number of -1's in the private polynomials <code>f</code> and <code>g</code>
-     * @param B            number of perturbations
-     * @param basisType    whether to use the standard or transpose lattice
-     * @param beta         balancing factor for the transpose lattice
-     * @param normBound    maximum norm for valid signatures
-     * @param keyNormBound maximum norm for the ploynomials <code>F</code> and <code>G</code>
-     * @param primeCheck   whether <code>2N+1</code> is prime
-     * @param sparse       whether to treat ternary polynomials as sparsely populated ({@link org.bouncycastle.pqc.math.ntru.polynomial.SparseTernaryPolynomial} vs {@link org.bouncycastle.pqc.math.ntru.polynomial.DenseTernaryPolynomial})
-     * @param keyGenAlg    <code>RESULTANT</code> produces better bases, <code>FLOAT</code> is slightly faster. <code>RESULTANT</code> follows the EESS standard while <code>FLOAT</code> is described in Hoffstein et al: An Introduction to Mathematical Cryptography.
-     * @param hashAlg      a valid identifier for a <code>java.security.MessageDigest</code> instance such as <code>SHA-256</code>. The <code>MessageDigest</code> must support the <code>getDigestLength()</code> method.
-     */
-    public NTRUSigningKeyGenerationParameters(int N, int q, int d, int B, int basisType, double beta, double normBound, double keyNormBound, boolean primeCheck, boolean sparse, int keyGenAlg, Digest hashAlg)
-    {
-        super(CryptoServicesRegistrar.getSecureRandom(), N);
-        this.N = N;
-        this.q = q;
-        this.d = d;
-        this.B = B;
-        this.basisType = basisType;
-        this.beta = beta;
-        this.normBound = normBound;
-        this.keyNormBound = keyNormBound;
-        this.primeCheck = primeCheck;
-        this.sparse = sparse;
-        this.keyGenAlg = keyGenAlg;
-        this.hashAlg = hashAlg;
-        polyType = NTRUParameters.TERNARY_POLYNOMIAL_TYPE_SIMPLE;
-        init();
-    }
-
-    /**
-     * Constructs a parameter set that uses product-form private keys (i.e. <code>polyType=PRODUCT</code>).
-     *
-     * @param N            number of polynomial coefficients
-     * @param q            modulus
-     * @param d1           number of -1's in the private polynomials <code>f</code> and <code>g</code>
-     * @param d2           number of -1's in the private polynomials <code>f</code> and <code>g</code>
-     * @param d3           number of -1's in the private polynomials <code>f</code> and <code>g</code>
-     * @param B            number of perturbations
-     * @param basisType    whether to use the standard or transpose lattice
-     * @param beta         balancing factor for the transpose lattice
-     * @param normBound    maximum norm for valid signatures
-     * @param keyNormBound maximum norm for the ploynomials <code>F</code> and <code>G</code>
-     * @param primeCheck   whether <code>2N+1</code> is prime
-     * @param sparse       whether to treat ternary polynomials as sparsely populated ({@link org.bouncycastle.pqc.math.ntru.polynomial.SparseTernaryPolynomial} vs {@link org.bouncycastle.pqc.math.ntru.polynomial.DenseTernaryPolynomial})
-     * @param keyGenAlg    <code>RESULTANT</code> produces better bases, <code>FLOAT</code> is slightly faster. <code>RESULTANT</code> follows the EESS standard while <code>FLOAT</code> is described in Hoffstein et al: An Introduction to Mathematical Cryptography.
-     * @param hashAlg      a valid identifier for a <code>java.security.MessageDigest</code> instance such as <code>SHA-256</code>. The <code>MessageDigest</code> must support the <code>getDigestLength()</code> method.
-     */
-    public NTRUSigningKeyGenerationParameters(int N, int q, int d1, int d2, int d3, int B, int basisType, double beta, double normBound, double keyNormBound, boolean primeCheck, boolean sparse, int keyGenAlg, Digest hashAlg)
-    {
-        super(CryptoServicesRegistrar.getSecureRandom(), N);
-        this.N = N;
-        this.q = q;
-        this.d1 = d1;
-        this.d2 = d2;
-        this.d3 = d3;
-        this.B = B;
-        this.basisType = basisType;
-        this.beta = beta;
-        this.normBound = normBound;
-        this.keyNormBound = keyNormBound;
-        this.primeCheck = primeCheck;
-        this.sparse = sparse;
-        this.keyGenAlg = keyGenAlg;
-        this.hashAlg = hashAlg;
-        polyType = NTRUParameters.TERNARY_POLYNOMIAL_TYPE_PRODUCT;
-        init();
-    }
-
-    private void init()
-    {
-        betaSq = beta * beta;
-        normBoundSq = normBound * normBound;
-        keyNormBoundSq = keyNormBound * keyNormBound;
-    }
-
-    /**
-     * Reads a parameter set from an input stream.
-     *
-     * @param is an input stream
-     * @throws java.io.IOException
-     */
-    public NTRUSigningKeyGenerationParameters(InputStream is)
-        throws IOException
-    {
-        super(CryptoServicesRegistrar.getSecureRandom(), 0);     // TODO:
-        DataInputStream dis = new DataInputStream(is);
-        N = dis.readInt();
-        q = dis.readInt();
-        d = dis.readInt();
-        d1 = dis.readInt();
-        d2 = dis.readInt();
-        d3 = dis.readInt();
-        B = dis.readInt();
-        basisType = dis.readInt();
-        beta = dis.readDouble();
-        normBound = dis.readDouble();
-        keyNormBound = dis.readDouble();
-        signFailTolerance = dis.readInt();
-        primeCheck = dis.readBoolean();
-        sparse = dis.readBoolean();
-        bitsF = dis.readInt();
-        keyGenAlg = dis.read();
-        String alg = dis.readUTF();
-        if ("SHA-512".equals(alg))
-        {
-            hashAlg = new SHA512Digest();
-        }
-        else if ("SHA-256".equals(alg))
-        {
-            hashAlg = new SHA256Digest();
-        }
-        polyType = dis.read();
-        init();
-    }
-
-    /**
-     * Writes the parameter set to an output stream
-     *
-     * @param os an output stream
-     * @throws java.io.IOException
-     */
-    public void writeTo(OutputStream os)
-        throws IOException
-    {
-        DataOutputStream dos = new DataOutputStream(os);
-        dos.writeInt(N);
-        dos.writeInt(q);
-        dos.writeInt(d);
-        dos.writeInt(d1);
-        dos.writeInt(d2);
-        dos.writeInt(d3);
-        dos.writeInt(B);
-        dos.writeInt(basisType);
-        dos.writeDouble(beta);
-        dos.writeDouble(normBound);
-        dos.writeDouble(keyNormBound);
-        dos.writeInt(signFailTolerance);
-        dos.writeBoolean(primeCheck);
-        dos.writeBoolean(sparse);
-        dos.writeInt(bitsF);
-        dos.write(keyGenAlg);
-        dos.writeUTF(hashAlg.getAlgorithmName());
-        dos.write(polyType);
-    }
-
-    public NTRUSigningParameters getSigningParameters()
-    {
-        return new NTRUSigningParameters(N, q, d, B, beta, normBound, hashAlg);
-    }
-
-    public NTRUSigningKeyGenerationParameters clone()
-    {
-        if (polyType == NTRUParameters.TERNARY_POLYNOMIAL_TYPE_SIMPLE)
-        {
-            return new NTRUSigningKeyGenerationParameters(N, q, d, B, basisType, beta, normBound, keyNormBound, primeCheck, sparse, keyGenAlg, hashAlg);
-        }
-        else
-        {
-            return new NTRUSigningKeyGenerationParameters(N, q, d1, d2, d3, B, basisType, beta, normBound, keyNormBound, primeCheck, sparse, keyGenAlg, hashAlg);
-        }
-    }
-
-    public int hashCode()
-    {
-        final int prime = 31;
-        int result = 1;
-        result = prime * result + B;
-        result = prime * result + N;
-        result = prime * result + basisType;
-        long temp;
-        temp = Double.doubleToLongBits(beta);
-        result = prime * result + (int)(temp ^ (temp >>> 32));
-        temp = Double.doubleToLongBits(betaSq);
-        result = prime * result + (int)(temp ^ (temp >>> 32));
-        result = prime * result + bitsF;
-        result = prime * result + d;
-        result = prime * result + d1;
-        result = prime * result + d2;
-        result = prime * result + d3;
-        result = prime * result + ((hashAlg == null) ? 0 : hashAlg.getAlgorithmName().hashCode());
-        result = prime * result + keyGenAlg;
-        temp = Double.doubleToLongBits(keyNormBound);
-        result = prime * result + (int)(temp ^ (temp >>> 32));
-        temp = Double.doubleToLongBits(keyNormBoundSq);
-        result = prime * result + (int)(temp ^ (temp >>> 32));
-        temp = Double.doubleToLongBits(normBound);
-        result = prime * result + (int)(temp ^ (temp >>> 32));
-        temp = Double.doubleToLongBits(normBoundSq);
-        result = prime * result + (int)(temp ^ (temp >>> 32));
-        result = prime * result + polyType;
-        result = prime * result + (primeCheck ? 1231 : 1237);
-        result = prime * result + q;
-        result = prime * result + signFailTolerance;
-        result = prime * result + (sparse ? 1231 : 1237);
-        return result;
-    }
-
-    public boolean equals(Object obj)
-    {
-        if (this == obj)
-        {
-            return true;
-        }
-        if (obj == null)
-        {
-            return false;
-        }
-        if (!(obj instanceof NTRUSigningKeyGenerationParameters))
-        {
-            return false;
-        }
-        NTRUSigningKeyGenerationParameters other = (NTRUSigningKeyGenerationParameters)obj;
-        if (B != other.B)
-        {
-            return false;
-        }
-        if (N != other.N)
-        {
-            return false;
-        }
-        if (basisType != other.basisType)
-        {
-            return false;
-        }
-        if (Double.doubleToLongBits(beta) != Double.doubleToLongBits(other.beta))
-        {
-            return false;
-        }
-        if (Double.doubleToLongBits(betaSq) != Double.doubleToLongBits(other.betaSq))
-        {
-            return false;
-        }
-        if (bitsF != other.bitsF)
-        {
-            return false;
-        }
-        if (d != other.d)
-        {
-            return false;
-        }
-        if (d1 != other.d1)
-        {
-            return false;
-        }
-        if (d2 != other.d2)
-        {
-            return false;
-        }
-        if (d3 != other.d3)
-        {
-            return false;
-        }
-        if (hashAlg == null)
-        {
-            if (other.hashAlg != null)
-            {
-                return false;
-            }
-        }
-        else if (!hashAlg.getAlgorithmName().equals(other.hashAlg.getAlgorithmName()))
-        {
-            return false;
-        }
-        if (keyGenAlg != other.keyGenAlg)
-        {
-            return false;
-        }
-        if (Double.doubleToLongBits(keyNormBound) != Double.doubleToLongBits(other.keyNormBound))
-        {
-            return false;
-        }
-        if (Double.doubleToLongBits(keyNormBoundSq) != Double.doubleToLongBits(other.keyNormBoundSq))
-        {
-            return false;
-        }
-        if (Double.doubleToLongBits(normBound) != Double.doubleToLongBits(other.normBound))
-        {
-            return false;
-        }
-        if (Double.doubleToLongBits(normBoundSq) != Double.doubleToLongBits(other.normBoundSq))
-        {
-            return false;
-        }
-        if (polyType != other.polyType)
-        {
-            return false;
-        }
-        if (primeCheck != other.primeCheck)
-        {
-            return false;
-        }
-        if (q != other.q)
-        {
-            return false;
-        }
-        if (signFailTolerance != other.signFailTolerance)
-        {
-            return false;
-        }
-        if (sparse != other.sparse)
-        {
-            return false;
-        }
-        return true;
-    }
-
-    public String toString()
-    {
-        DecimalFormat format = new DecimalFormat("0.00");
-
-        StringBuilder output = new StringBuilder("SignatureParameters(N=" + N + " q=" + q);
-        if (polyType == NTRUParameters.TERNARY_POLYNOMIAL_TYPE_SIMPLE)
-        {
-            output.append(" polyType=SIMPLE d=" + d);
-        }
-        else
-        {
-            output.append(" polyType=PRODUCT d1=" + d1 + " d2=" + d2 + " d3=" + d3);
-        }
-        output.append(" B=" + B + " basisType=" + basisType + " beta=" + format.format(beta) +
-            " normBound=" + format.format(normBound) + " keyNormBound=" + format.format(keyNormBound) +
-            " prime=" + primeCheck + " sparse=" + sparse + " keyGenAlg=" + keyGenAlg + " hashAlg=" + hashAlg + ")");
-        return output.toString();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUSigningKeyPairGenerator.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUSigningKeyPairGenerator.java
deleted file mode 100644
index 66bb260..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUSigningKeyPairGenerator.java
+++ /dev/null

@@ -1,349 +0,0 @@
-package org.bouncycastle.pqc.crypto.ntru;
-
-import java.math.BigDecimal;
-import java.math.BigInteger;
-import java.util.ArrayList;
-import java.util.List;
-import java.util.concurrent.Callable;
-import java.util.concurrent.ExecutorService;
-import java.util.concurrent.Executors;
-import java.util.concurrent.Future;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.pqc.math.ntru.euclid.BigIntEuclidean;
-import org.bouncycastle.pqc.math.ntru.polynomial.BigDecimalPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.BigIntPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.DenseTernaryPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.IntegerPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.Polynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.ProductFormPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.Resultant;
-
-import static java.math.BigInteger.ONE;
-import static java.math.BigInteger.ZERO;
-
-public class NTRUSigningKeyPairGenerator
-    implements AsymmetricCipherKeyPairGenerator
-{
-    private NTRUSigningKeyGenerationParameters params;
-
-    public void init(KeyGenerationParameters param)
-    {
-        this.params = (NTRUSigningKeyGenerationParameters)param;
-    }
-
-    /**
-     * Generates a new signature key pair. Starts <code>B+1</code> threads.
-     *
-     * @return a key pair
-     */
-    public AsymmetricCipherKeyPair generateKeyPair()
-    {
-        NTRUSigningPublicKeyParameters pub = null;
-        ExecutorService executor = Executors.newCachedThreadPool();
-        List<Future<NTRUSigningPrivateKeyParameters.Basis>> bases = new ArrayList<Future<NTRUSigningPrivateKeyParameters.Basis>>();
-        for (int k = params.B; k >= 0; k--)
-        {
-            bases.add(executor.submit(new BasisGenerationTask()));
-        }
-        executor.shutdown();
-
-        List<NTRUSigningPrivateKeyParameters.Basis> basises = new ArrayList<NTRUSigningPrivateKeyParameters.Basis>();
-
-        for (int k = params.B; k >= 0; k--)
-        {
-            Future<NTRUSigningPrivateKeyParameters.Basis> basis = bases.get(k);
-            try
-            {
-                basises.add(basis.get());
-                if (k == params.B)
-                {
-                    pub = new NTRUSigningPublicKeyParameters(basis.get().h, params.getSigningParameters());
-                }
-            }
-            catch (Exception e)
-            {
-                throw new IllegalStateException(e);
-            }
-        }
-        NTRUSigningPrivateKeyParameters priv = new NTRUSigningPrivateKeyParameters(basises, pub);
-        AsymmetricCipherKeyPair kp = new AsymmetricCipherKeyPair(pub, priv);
-        return kp;
-    }
-
-    /**
-     * Generates a new signature key pair. Runs in a single thread.
-     *
-     * @return a key pair
-     */
-    public AsymmetricCipherKeyPair generateKeyPairSingleThread()
-    {
-        List<NTRUSigningPrivateKeyParameters.Basis> basises = new ArrayList<NTRUSigningPrivateKeyParameters.Basis>();
-        NTRUSigningPublicKeyParameters pub = null;
-        for (int k = params.B; k >= 0; k--)
-        {
-            NTRUSigningPrivateKeyParameters.Basis basis = generateBoundedBasis();
-            basises.add(basis);
-            if (k == 0)
-            {
-                pub = new NTRUSigningPublicKeyParameters(basis.h, params.getSigningParameters());
-            }
-        }
-        NTRUSigningPrivateKeyParameters priv = new NTRUSigningPrivateKeyParameters(basises, pub);
-        return new AsymmetricCipherKeyPair(pub, priv);
-    }
-
-
-    /*
-     * Implementation of the optional steps 20 through 26 in EESS1v2.pdf, section 3.5.1.1.
-     * This doesn't seem to have much of an effect and sometimes actually increases the
-     * norm of F, but on average it slightly reduces the norm.<br/>
-     * This method changes <code>F</code> and <code>g</code> but leaves <code>f</code> and
-     * <code>g</code> unchanged.
-     */
-    private void minimizeFG(IntegerPolynomial f, IntegerPolynomial g, IntegerPolynomial F, IntegerPolynomial G, int N)
-    {
-        int E = 0;
-        for (int j = 0; j < N; j++)
-        {
-            E += 2 * N * (f.coeffs[j] * f.coeffs[j] + g.coeffs[j] * g.coeffs[j]);
-        }
-
-        // [f(1)+g(1)]^2 = 4
-        E -= 4;
-
-        IntegerPolynomial u = (IntegerPolynomial)f.clone();
-        IntegerPolynomial v = (IntegerPolynomial)g.clone();
-        int j = 0;
-        int k = 0;
-        int maxAdjustment = N;
-        while (k < maxAdjustment && j < N)
-        {
-            int D = 0;
-            int i = 0;
-            while (i < N)
-            {
-                int D1 = F.coeffs[i] * f.coeffs[i];
-                int D2 = G.coeffs[i] * g.coeffs[i];
-                int D3 = 4 * N * (D1 + D2);
-                D += D3;
-                i++;
-            }
-            // f(1)+g(1) = 2
-            int D1 = 4 * (F.sumCoeffs() + G.sumCoeffs());
-            D -= D1;
-
-            if (D > E)
-            {
-                F.sub(u);
-                G.sub(v);
-                k++;
-                j = 0;
-            }
-            else if (D < -E)
-            {
-                F.add(u);
-                G.add(v);
-                k++;
-                j = 0;
-            }
-            j++;
-            u.rotate1();
-            v.rotate1();
-        }
-    }
-
-    /**
-     * Creates a NTRUSigner basis consisting of polynomials <code>f, g, F, G, h</code>.<br/>
-     * If <code>KeyGenAlg=FLOAT</code>, the basis may not be valid and this method must be rerun if that is the case.<br/>
-     *
-     * @see #generateBoundedBasis()
-     */
-    private FGBasis generateBasis()
-    {
-        int N = params.N;
-        int q = params.q;
-        int d = params.d;
-        int d1 = params.d1;
-        int d2 = params.d2;
-        int d3 = params.d3;
-        int basisType = params.basisType;
-
-        Polynomial f;
-        IntegerPolynomial fInt;
-        Polynomial g;
-        IntegerPolynomial gInt;
-        IntegerPolynomial fq;
-        Resultant rf;
-        Resultant rg;
-        BigIntEuclidean r;
-
-        int _2n1 = 2 * N + 1;
-        boolean primeCheck = params.primeCheck;
-
-        do
-        {
-            do
-            {
-                f = params.polyType== NTRUParameters.TERNARY_POLYNOMIAL_TYPE_SIMPLE ? DenseTernaryPolynomial.generateRandom(N, d + 1, d, CryptoServicesRegistrar.getSecureRandom()) : ProductFormPolynomial.generateRandom(N, d1, d2, d3 + 1, d3, CryptoServicesRegistrar.getSecureRandom());
-                fInt = f.toIntegerPolynomial();
-            }
-            while (primeCheck && fInt.resultant(_2n1).res.equals(ZERO));
-            fq = fInt.invertFq(q);
-        }
-        while (fq == null);
-        rf = fInt.resultant();
-
-        do
-        {
-            do
-            {
-                do
-                {
-                    g = params.polyType == NTRUParameters.TERNARY_POLYNOMIAL_TYPE_SIMPLE ? DenseTernaryPolynomial.generateRandom(N, d + 1, d, CryptoServicesRegistrar.getSecureRandom()) : ProductFormPolynomial.generateRandom(N, d1, d2, d3 + 1, d3, CryptoServicesRegistrar.getSecureRandom());
-                    gInt = g.toIntegerPolynomial();
-                }
-                while (primeCheck && gInt.resultant(_2n1).res.equals(ZERO));
-            }
-            while (gInt.invertFq(q) == null);
-            rg = gInt.resultant();
-            r = BigIntEuclidean.calculate(rf.res, rg.res);
-        }
-        while (!r.gcd.equals(ONE));
-
-        BigIntPolynomial A = (BigIntPolynomial)rf.rho.clone();
-        A.mult(r.x.multiply(BigInteger.valueOf(q)));
-        BigIntPolynomial B = (BigIntPolynomial)rg.rho.clone();
-        B.mult(r.y.multiply(BigInteger.valueOf(-q)));
-
-        BigIntPolynomial C;
-        if (params.keyGenAlg == NTRUSigningKeyGenerationParameters.KEY_GEN_ALG_RESULTANT)
-        {
-            int[] fRevCoeffs = new int[N];
-            int[] gRevCoeffs = new int[N];
-            fRevCoeffs[0] = fInt.coeffs[0];
-            gRevCoeffs[0] = gInt.coeffs[0];
-            for (int i = 1; i < N; i++)
-            {
-                fRevCoeffs[i] = fInt.coeffs[N - i];
-                gRevCoeffs[i] = gInt.coeffs[N - i];
-            }
-            IntegerPolynomial fRev = new IntegerPolynomial(fRevCoeffs);
-            IntegerPolynomial gRev = new IntegerPolynomial(gRevCoeffs);
-
-            IntegerPolynomial t = f.mult(fRev);
-            t.add(g.mult(gRev));
-            Resultant rt = t.resultant();
-            C = fRev.mult(B);   // fRev.mult(B) is actually faster than new SparseTernaryPolynomial(fRev).mult(B), possibly due to cache locality?
-            C.add(gRev.mult(A));
-            C = C.mult(rt.rho);
-            C.div(rt.res);
-        }
-        else
-        {   // KeyGenAlg.FLOAT
-            // calculate ceil(log10(N))
-            int log10N = 0;
-            for (int i = 1; i < N; i *= 10)
-            {
-                log10N++;
-            }
-
-            // * Cdec needs to be accurate to 1 decimal place so it can be correctly rounded;
-            // * fInv loses up to (#digits of longest coeff of B) places in fInv.mult(B);
-            // * multiplying fInv by B also multiplies the rounding error by a factor of N;
-            // so make #decimal places of fInv the sum of the above.
-            BigDecimalPolynomial fInv = rf.rho.div(new BigDecimal(rf.res), B.getMaxCoeffLength() + 1 + log10N);
-            BigDecimalPolynomial gInv = rg.rho.div(new BigDecimal(rg.res), A.getMaxCoeffLength() + 1 + log10N);
-
-            BigDecimalPolynomial Cdec = fInv.mult(B);
-            Cdec.add(gInv.mult(A));
-            Cdec.halve();
-            C = Cdec.round();
-        }
-
-        BigIntPolynomial F = (BigIntPolynomial)B.clone();
-        F.sub(f.mult(C));
-        BigIntPolynomial G = (BigIntPolynomial)A.clone();
-        G.sub(g.mult(C));
-
-        IntegerPolynomial FInt = new IntegerPolynomial(F);
-        IntegerPolynomial GInt = new IntegerPolynomial(G);
-        minimizeFG(fInt, gInt, FInt, GInt, N);
-
-        Polynomial fPrime;
-        IntegerPolynomial h;
-        if (basisType == NTRUSigningKeyGenerationParameters.BASIS_TYPE_STANDARD)
-        {
-            fPrime = FInt;
-            h = g.mult(fq, q);
-        }
-        else
-        {
-            fPrime = g;
-            h = FInt.mult(fq, q);
-        }
-        h.modPositive(q);
-
-        return new FGBasis(f, fPrime, h, FInt, GInt, params);
-    }
-
-    /**
-     * Creates a basis such that <code>|F| &lt; keyNormBound</code> and <code>|G| &lt; keyNormBound</code>
-     *
-     * @return a NTRUSigner basis
-     */
-    public NTRUSigningPrivateKeyParameters.Basis generateBoundedBasis()
-    {
-        while (true)
-        {
-            FGBasis basis = generateBasis();
-            if (basis.isNormOk())
-            {
-                return basis;
-            }
-        }
-    }
-
-    private class BasisGenerationTask
-        implements Callable<NTRUSigningPrivateKeyParameters.Basis>
-    {
-
-
-        public NTRUSigningPrivateKeyParameters.Basis call()
-            throws Exception
-        {
-            return generateBoundedBasis();
-        }
-    }
-
-    /**
-     * A subclass of Basis that additionally contains the polynomials <code>F</code> and <code>G</code>.
-     */
-    public class FGBasis
-        extends NTRUSigningPrivateKeyParameters.Basis
-    {
-        public IntegerPolynomial F;
-        public IntegerPolynomial G;
-
-        FGBasis(Polynomial f, Polynomial fPrime, IntegerPolynomial h, IntegerPolynomial F, IntegerPolynomial G, NTRUSigningKeyGenerationParameters params)
-        {
-            super(f, fPrime, h, params);
-            this.F = F;
-            this.G = G;
-        }
-
-        /*
-         * Returns <code>true</code> if the norms of the polynomials <code>F</code> and <code>G</code>
-         * are within {@link NTRUSigningKeyGenerationParameters#keyNormBound}.
-         */
-        boolean isNormOk()
-        {
-            double keyNormBoundSq = params.keyNormBoundSq;
-            int q = params.q;
-            return (F.centeredNormSq(q) < keyNormBoundSq && G.centeredNormSq(q) < keyNormBoundSq);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUSigningParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUSigningParameters.java
deleted file mode 100644
index 2f018b0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUSigningParameters.java
+++ /dev/null

@@ -1,269 +0,0 @@
-package org.bouncycastle.pqc.crypto.ntru;
-
-import java.io.DataInputStream;
-import java.io.DataOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.text.DecimalFormat;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-
-/**
- * A set of parameters for NtruSign. Several predefined parameter sets are available and new ones can be created as well.
- */
-public class NTRUSigningParameters
-    implements Cloneable
-{
-    public int N;
-    public int q;
-    public int d, d1, d2, d3, B;
-    double beta;
-    public double betaSq;
-    double normBound;
-    public double normBoundSq;
-    public int signFailTolerance = 100;
-    int bitsF = 6;   // max #bits needed to encode one coefficient of the polynomial F
-    public Digest hashAlg;
-
-    /**
-     * Constructs a parameter set that uses ternary private keys (i.e. <code>polyType=SIMPLE</code>).
-     *
-     * @param N            number of polynomial coefficients
-     * @param q            modulus
-     * @param d            number of -1's in the private polynomials <code>f</code> and <code>g</code>
-     * @param B            number of perturbations
-     * @param beta         balancing factor for the transpose lattice
-     * @param normBound    maximum norm for valid signatures
-     * @param hashAlg      a valid identifier for a <code>java.security.MessageDigest</code> instance such as <code>SHA-256</code>. The <code>MessageDigest</code> must support the <code>getDigestLength()</code> method.
-     */
-    public NTRUSigningParameters(int N, int q, int d, int B, double beta, double normBound, Digest hashAlg)
-    {
-        this.N = N;
-        this.q = q;
-        this.d = d;
-        this.B = B;
-        this.beta = beta;
-        this.normBound = normBound;
-        this.hashAlg = hashAlg;
-        init();
-    }
-
-    /**
-     * Constructs a parameter set that uses product-form private keys (i.e. <code>polyType=PRODUCT</code>).
-     *
-     * @param N            number of polynomial coefficients
-     * @param q            modulus
-     * @param d1           number of -1's in the private polynomials <code>f</code> and <code>g</code>
-     * @param d2           number of -1's in the private polynomials <code>f</code> and <code>g</code>
-     * @param d3           number of -1's in the private polynomials <code>f</code> and <code>g</code>
-     * @param B            number of perturbations
-     * @param beta         balancing factor for the transpose lattice
-     * @param normBound    maximum norm for valid signatures
-     * @param keyNormBound maximum norm for the ploynomials <code>F</code> and <code>G</code>
-     * @param hashAlg      a valid identifier for a <code>java.security.MessageDigest</code> instance such as <code>SHA-256</code>. The <code>MessageDigest</code> must support the <code>getDigestLength()</code> method.
-     */
-    public NTRUSigningParameters(int N, int q, int d1, int d2, int d3, int B, double beta, double normBound, double keyNormBound, Digest hashAlg)
-    {
-        this.N = N;
-        this.q = q;
-        this.d1 = d1;
-        this.d2 = d2;
-        this.d3 = d3;
-        this.B = B;
-        this.beta = beta;
-        this.normBound = normBound;
-        this.hashAlg = hashAlg;
-        init();
-    }
-
-    private void init()
-    {
-        betaSq = beta * beta;
-        normBoundSq = normBound * normBound;
-    }
-
-    /**
-     * Reads a parameter set from an input stream.
-     *
-     * @param is an input stream
-     * @throws IOException
-     */
-    public NTRUSigningParameters(InputStream is)
-        throws IOException
-    {
-        DataInputStream dis = new DataInputStream(is);
-        N = dis.readInt();
-        q = dis.readInt();
-        d = dis.readInt();
-        d1 = dis.readInt();
-        d2 = dis.readInt();
-        d3 = dis.readInt();
-        B = dis.readInt();
-        beta = dis.readDouble();
-        normBound = dis.readDouble();
-        signFailTolerance = dis.readInt();
-        bitsF = dis.readInt();
-        String alg = dis.readUTF();
-        if ("SHA-512".equals(alg))
-        {
-            hashAlg = new SHA512Digest();
-        }
-        else if ("SHA-256".equals(alg))
-        {
-            hashAlg = new SHA256Digest();
-        }
-        init();
-    }
-
-    /**
-     * Writes the parameter set to an output stream
-     *
-     * @param os an output stream
-     * @throws IOException
-     */
-    public void writeTo(OutputStream os)
-        throws IOException
-    {
-        DataOutputStream dos = new DataOutputStream(os);
-        dos.writeInt(N);
-        dos.writeInt(q);
-        dos.writeInt(d);
-        dos.writeInt(d1);
-        dos.writeInt(d2);
-        dos.writeInt(d3);
-        dos.writeInt(B);
-        dos.writeDouble(beta);
-        dos.writeDouble(normBound);
-        dos.writeInt(signFailTolerance);
-        dos.writeInt(bitsF);
-        dos.writeUTF(hashAlg.getAlgorithmName());
-    }
-
-    public NTRUSigningParameters clone()
-    {
-        return new NTRUSigningParameters(N, q, d, B, beta, normBound, hashAlg);
-    }
-
-    public int hashCode()
-    {
-        final int prime = 31;
-        int result = 1;
-        result = prime * result + B;
-        result = prime * result + N;
-        long temp;
-        temp = Double.doubleToLongBits(beta);
-        result = prime * result + (int)(temp ^ (temp >>> 32));
-        temp = Double.doubleToLongBits(betaSq);
-        result = prime * result + (int)(temp ^ (temp >>> 32));
-        result = prime * result + bitsF;
-        result = prime * result + d;
-        result = prime * result + d1;
-        result = prime * result + d2;
-        result = prime * result + d3;
-        result = prime * result + ((hashAlg == null) ? 0 : hashAlg.getAlgorithmName().hashCode());
-        temp = Double.doubleToLongBits(normBound);
-        result = prime * result + (int)(temp ^ (temp >>> 32));
-        temp = Double.doubleToLongBits(normBoundSq);
-        result = prime * result + (int)(temp ^ (temp >>> 32));
-        result = prime * result + q;
-        result = prime * result + signFailTolerance;
-        return result;
-    }
-
-    public boolean equals(Object obj)
-    {
-        if (this == obj)
-        {
-            return true;
-        }
-        if (obj == null)
-        {
-            return false;
-        }
-        if (!(obj instanceof NTRUSigningParameters))
-        {
-            return false;
-        }
-        NTRUSigningParameters other = (NTRUSigningParameters)obj;
-        if (B != other.B)
-        {
-            return false;
-        }
-        if (N != other.N)
-        {
-            return false;
-        }
-        if (Double.doubleToLongBits(beta) != Double.doubleToLongBits(other.beta))
-        {
-            return false;
-        }
-        if (Double.doubleToLongBits(betaSq) != Double.doubleToLongBits(other.betaSq))
-        {
-            return false;
-        }
-        if (bitsF != other.bitsF)
-        {
-            return false;
-        }
-        if (d != other.d)
-        {
-            return false;
-        }
-        if (d1 != other.d1)
-        {
-            return false;
-        }
-        if (d2 != other.d2)
-        {
-            return false;
-        }
-        if (d3 != other.d3)
-        {
-            return false;
-        }
-        if (hashAlg == null)
-        {
-            if (other.hashAlg != null)
-            {
-                return false;
-            }
-        }
-        else if (!hashAlg.getAlgorithmName().equals(other.hashAlg.getAlgorithmName()))
-        {
-            return false;
-        }
-        if (Double.doubleToLongBits(normBound) != Double.doubleToLongBits(other.normBound))
-        {
-            return false;
-        }
-        if (Double.doubleToLongBits(normBoundSq) != Double.doubleToLongBits(other.normBoundSq))
-        {
-            return false;
-        }
-        if (q != other.q)
-        {
-            return false;
-        }
-        if (signFailTolerance != other.signFailTolerance)
-        {
-            return false;
-        }
-
-        return true;
-    }
-
-    public String toString()
-    {
-        DecimalFormat format = new DecimalFormat("0.00");
-
-        StringBuilder output = new StringBuilder("SignatureParameters(N=" + N + " q=" + q);
-
-        output.append(" B=" + B + " beta=" + format.format(beta) +
-            " normBound=" + format.format(normBound) +
-            " hashAlg=" + hashAlg + ")");
-        return output.toString();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUSigningPrivateKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUSigningPrivateKeyParameters.java
deleted file mode 100644
index 451422e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUSigningPrivateKeyParameters.java
+++ /dev/null

@@ -1,388 +0,0 @@
-package org.bouncycastle.pqc.crypto.ntru;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-import java.util.ArrayList;
-import java.util.List;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.pqc.math.ntru.polynomial.DenseTernaryPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.IntegerPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.Polynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.ProductFormPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.SparseTernaryPolynomial;
-
-/**
- * A NtruSign private key comprises one or more {@link NTRUSigningPrivateKeyParameters.Basis} of three polynomials each,
- * except the zeroth basis for which <code>h</code> is undefined.
- */
-public class NTRUSigningPrivateKeyParameters
-    extends AsymmetricKeyParameter
-{
-    private List<Basis> bases;
-    private NTRUSigningPublicKeyParameters publicKey;
-
-    /**
-     * Constructs a new private key from a byte array
-     *
-     * @param b      an encoded private key
-     * @param params the NtruSign parameters to use
-     */
-    public NTRUSigningPrivateKeyParameters(byte[] b, NTRUSigningKeyGenerationParameters params)
-        throws IOException
-    {
-        this(new ByteArrayInputStream(b), params);
-    }
-
-    /**
-     * Constructs a new private key from an input stream
-     *
-     * @param is     an input stream
-     * @param params the NtruSign parameters to use
-     */
-    public NTRUSigningPrivateKeyParameters(InputStream is, NTRUSigningKeyGenerationParameters params)
-        throws IOException
-    {
-        super(true);
-        bases = new ArrayList<Basis>();
-        for (int i = 0; i <= params.B; i++)
-        // include a public key h[i] in all bases except for the first one
-        {
-            add(new Basis(is, params, i != 0));
-        }
-        publicKey = new NTRUSigningPublicKeyParameters(is, params.getSigningParameters());
-    }
-
-    public NTRUSigningPrivateKeyParameters(List<Basis> bases, NTRUSigningPublicKeyParameters publicKey)
-    {
-        super(true);
-        this.bases = new ArrayList<Basis>(bases);
-        this.publicKey = publicKey;
-    }
-
-    /**
-     * Adds a basis to the key.
-     *
-     * @param b a NtruSign basis
-     */
-    private void add(Basis b)
-    {
-        bases.add(b);
-    }
-
-    /**
-     * Returns the <code>i</code>-th basis
-     *
-     * @param i the index
-     * @return the basis at index <code>i</code>
-     */
-    public Basis getBasis(int i)
-    {
-        return bases.get(i);
-    }
-
-    public NTRUSigningPublicKeyParameters getPublicKey()
-    {
-        return publicKey;
-    }
-
-    /**
-     * Converts the key to a byte array
-     *
-     * @return the encoded key
-     */
-    public byte[] getEncoded()
-        throws IOException
-    {
-        ByteArrayOutputStream os = new ByteArrayOutputStream();
-        for (int i = 0; i < bases.size(); i++)
-        {
-            // all bases except for the first one contain a public key
-            bases.get(i).encode(os, i != 0);
-        }
-
-        os.write(publicKey.getEncoded());
-
-        return os.toByteArray();
-    }
-
-    /**
-     * Writes the key to an output stream
-     *
-     * @param os an output stream
-     * @throws IOException
-     */
-    public void writeTo(OutputStream os)
-        throws IOException
-    {
-        os.write(getEncoded());
-    }
-
-    @Override
-    public int hashCode()
-    {
-        final int prime = 31;
-        int result = 1;
-        result = prime * result;
-        if (bases==null) return result;
-        result += bases.hashCode();
-        for (Basis basis : bases)
-        {
-            result += basis.hashCode();
-        }
-        return result;
-    }
-
-    @Override
-    public boolean equals(Object obj)
-    {
-        if (this == obj)
-        {
-            return true;
-        }
-        if (obj == null)
-        {
-            return false;
-        }
-        if (getClass() != obj.getClass())
-        {
-            return false;
-        }
-        NTRUSigningPrivateKeyParameters other = (NTRUSigningPrivateKeyParameters)obj;
-        if ((bases == null) != (other.bases == null))
-        {
-            return false;
-        }
-        if (bases == null)
-        {
-            return true;
-        }
-        if (bases.size() != other.bases.size())
-        {
-            return false;
-        }
-        for (int i = 0; i < bases.size(); i++)
-        {
-            Basis basis1 = bases.get(i);
-            Basis basis2 = other.bases.get(i);
-            if (!basis1.f.equals(basis2.f))
-            {
-                return false;
-            }
-            if (!basis1.fPrime.equals(basis2.fPrime))
-            {
-                return false;
-            }
-            if (i != 0 && !basis1.h.equals(basis2.h))   // don't compare h for the 0th basis
-            {
-                return false;
-            }
-            if (!basis1.params.equals(basis2.params))
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    /**
-     * A NtruSign basis. Contains three polynomials <code>f, f', h</code>.
-     */
-    public static class Basis
-    {
-        public Polynomial f;
-        public Polynomial fPrime;
-        public IntegerPolynomial h;
-        NTRUSigningKeyGenerationParameters params;
-
-        /**
-         * Constructs a new basis from polynomials <code>f, f', h</code>.
-         *
-         * @param f
-         * @param fPrime
-         * @param h
-         * @param params NtruSign parameters
-         */
-        protected Basis(Polynomial f, Polynomial fPrime, IntegerPolynomial h, NTRUSigningKeyGenerationParameters params)
-        {
-            this.f = f;
-            this.fPrime = fPrime;
-            this.h = h;
-            this.params = params;
-        }
-
-        /**
-         * Reads a basis from an input stream and constructs a new basis.
-         *
-         * @param is        an input stream
-         * @param params    NtruSign parameters
-         * @param include_h whether to read the polynomial <code>h</code> (<code>true</code>) or only <code>f</code> and <code>f'</code> (<code>false</code>)
-         */
-        Basis(InputStream is, NTRUSigningKeyGenerationParameters params, boolean include_h)
-            throws IOException
-        {
-            int N = params.N;
-            int q = params.q;
-            int d1 = params.d1;
-            int d2 = params.d2;
-            int d3 = params.d3;
-            boolean sparse = params.sparse;
-            this.params = params;
-
-            if (params.polyType == NTRUParameters.TERNARY_POLYNOMIAL_TYPE_PRODUCT)
-            {
-                f = ProductFormPolynomial.fromBinary(is, N, d1, d2, d3 + 1, d3);
-            }
-            else
-            {
-                IntegerPolynomial fInt = IntegerPolynomial.fromBinary3Tight(is, N);
-                f = sparse ? new SparseTernaryPolynomial(fInt) : new DenseTernaryPolynomial(fInt);
-            }
-
-            if (params.basisType == NTRUSigningKeyGenerationParameters.BASIS_TYPE_STANDARD)
-            {
-                IntegerPolynomial fPrimeInt = IntegerPolynomial.fromBinary(is, N, q);
-                for (int i = 0; i < fPrimeInt.coeffs.length; i++)
-                {
-                    fPrimeInt.coeffs[i] -= q / 2;
-                }
-                fPrime = fPrimeInt;
-            }
-            else if (params.polyType == NTRUParameters.TERNARY_POLYNOMIAL_TYPE_PRODUCT)
-            {
-                fPrime = ProductFormPolynomial.fromBinary(is, N, d1, d2, d3 + 1, d3);
-            }
-            else
-            {
-                fPrime = IntegerPolynomial.fromBinary3Tight(is, N);
-            }
-
-            if (include_h)
-            {
-                h = IntegerPolynomial.fromBinary(is, N, q);
-            }
-        }
-
-        /**
-         * Writes the basis to an output stream
-         *
-         * @param os        an output stream
-         * @param include_h whether to write the polynomial <code>h</code> (<code>true</code>) or only <code>f</code> and <code>f'</code> (<code>false</code>)
-         * @throws IOException
-         */
-        void encode(OutputStream os, boolean include_h)
-            throws IOException
-        {
-            int q = params.q;
-
-            os.write(getEncoded(f));
-            if (params.basisType == NTRUSigningKeyGenerationParameters.BASIS_TYPE_STANDARD)
-            {
-                IntegerPolynomial fPrimeInt = fPrime.toIntegerPolynomial();
-                for (int i = 0; i < fPrimeInt.coeffs.length; i++)
-                {
-                    fPrimeInt.coeffs[i] += q / 2;
-                }
-                os.write(fPrimeInt.toBinary(q));
-            }
-            else
-            {
-                os.write(getEncoded(fPrime));
-            }
-            if (include_h)
-            {
-                os.write(h.toBinary(q));
-            }
-        }
-
-        private byte[] getEncoded(Polynomial p)
-        {
-            if (p instanceof ProductFormPolynomial)
-            {
-                return ((ProductFormPolynomial)p).toBinary();
-            }
-            else
-            {
-                return p.toIntegerPolynomial().toBinary3Tight();
-            }
-        }
-
-        @Override
-        public int hashCode()
-        {
-            final int prime = 31;
-            int result = 1;
-            result = prime * result + ((f == null) ? 0 : f.hashCode());
-            result = prime * result + ((fPrime == null) ? 0 : fPrime.hashCode());
-            result = prime * result + ((h == null) ? 0 : h.hashCode());
-            result = prime * result + ((params == null) ? 0 : params.hashCode());
-            return result;
-        }
-
-        @Override
-        public boolean equals(Object obj)
-        {
-            if (this == obj)
-            {
-                return true;
-            }
-            if (obj == null)
-            {
-                return false;
-            }
-            if (!(obj instanceof Basis))
-            {
-                return false;
-            }
-            Basis other = (Basis)obj;
-            if (f == null)
-            {
-                if (other.f != null)
-                {
-                    return false;
-                }
-            }
-            else if (!f.equals(other.f))
-            {
-                return false;
-            }
-            if (fPrime == null)
-            {
-                if (other.fPrime != null)
-                {
-                    return false;
-                }
-            }
-            else if (!fPrime.equals(other.fPrime))
-            {
-                return false;
-            }
-            if (h == null)
-            {
-                if (other.h != null)
-                {
-                    return false;
-                }
-            }
-            else if (!h.equals(other.h))
-            {
-                return false;
-            }
-            if (params == null)
-            {
-                if (other.params != null)
-                {
-                    return false;
-                }
-            }
-            else if (!params.equals(other.params))
-            {
-                return false;
-            }
-            return true;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUSigningPublicKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUSigningPublicKeyParameters.java
deleted file mode 100644
index be51d0a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/ntru/NTRUSigningPublicKeyParameters.java
+++ /dev/null

@@ -1,132 +0,0 @@
-package org.bouncycastle.pqc.crypto.ntru;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.OutputStream;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.pqc.math.ntru.polynomial.IntegerPolynomial;
-
-/**
- * A NtruSign public key is essentially a polynomial named <code>h</code>.
- */
-public class NTRUSigningPublicKeyParameters
-    extends AsymmetricKeyParameter
-{
-    private NTRUSigningParameters params;
-    public IntegerPolynomial h;
-
-    /**
-     * Constructs a new public key from a polynomial
-     *
-     * @param h      the polynomial <code>h</code> which determines the key
-     * @param params the NtruSign parameters to use
-     */
-    public NTRUSigningPublicKeyParameters(IntegerPolynomial h, NTRUSigningParameters params)
-    {
-        super(false);
-        this.h = h;
-        this.params = params;
-    }
-
-    /**
-     * Converts a byte array to a polynomial <code>h</code> and constructs a new public key
-     *
-     * @param b      an encoded polynomial
-     * @param params the NtruSign parameters to use
-     */
-    public NTRUSigningPublicKeyParameters(byte[] b, NTRUSigningParameters params)
-    {
-        super(false);
-        h = IntegerPolynomial.fromBinary(b, params.N, params.q);
-        this.params = params;
-    }
-
-    /**
-     * Reads a polynomial <code>h</code> from an input stream and constructs a new public key
-     *
-     * @param is     an input stream
-     * @param params the NtruSign parameters to use
-     */
-    public NTRUSigningPublicKeyParameters(InputStream is, NTRUSigningParameters params)
-        throws IOException
-    {
-        super(false);
-        h = IntegerPolynomial.fromBinary(is, params.N, params.q);
-        this.params = params;
-    }
-
-
-    /**
-     * Converts the key to a byte array
-     *
-     * @return the encoded key
-     */
-    public byte[] getEncoded()
-    {
-        return h.toBinary(params.q);
-    }
-
-    /**
-     * Writes the key to an output stream
-     *
-     * @param os an output stream
-     * @throws IOException
-     */
-    public void writeTo(OutputStream os)
-        throws IOException
-    {
-        os.write(getEncoded());
-    }
-
-    @Override
-    public int hashCode()
-    {
-        final int prime = 31;
-        int result = 1;
-        result = prime * result + ((h == null) ? 0 : h.hashCode());
-        result = prime * result + ((params == null) ? 0 : params.hashCode());
-        return result;
-    }
-
-    @Override
-    public boolean equals(Object obj)
-    {
-        if (this == obj)
-        {
-            return true;
-        }
-        if (obj == null)
-        {
-            return false;
-        }
-        if (getClass() != obj.getClass())
-        {
-            return false;
-        }
-        NTRUSigningPublicKeyParameters other = (NTRUSigningPublicKeyParameters)obj;
-        if (h == null)
-        {
-            if (other.h != null)
-            {
-                return false;
-            }
-        }
-        else if (!h.equals(other.h))
-        {
-            return false;
-        }
-        if (params == null)
-        {
-            if (other.params != null)
-            {
-                return false;
-            }
-        }
-        else if (!params.equals(other.params))
-        {
-            return false;
-        }
-        return true;
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/CommonFunction.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/CommonFunction.java
deleted file mode 100644
index f650347..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/CommonFunction.java
+++ /dev/null

@@ -1,286 +0,0 @@
-package org.bouncycastle.pqc.crypto.qtesla;
-
-class CommonFunction
-{
-
-    /****************************************************************************************************
-     * Description:	Checks Whether the Two Parts of Arrays are Equal to Each Other
-     *
-     * @param        left            Left Array
-     * @param        leftOffset        Starting Point of the Left Array
-     * @param        right            Right Array
-     * @param        rightOffset        Starting Point of the Right Array
-     * @param        length            Length to be Compared from the Starting Point
-     *
-     * @return true            Equal
-     *				false			Different
-     ****************************************************************************************************/
-    public static boolean memoryEqual(byte[] left, int leftOffset, byte[] right, int rightOffset, int length)
-    {
-
-        if ((leftOffset + length <= left.length) && (rightOffset + length <= right.length))
-        {
-
-            for (int i = 0; i < length; i++)
-            {
-
-                if (left[leftOffset + i] != right[rightOffset + i])
-                {
-
-                    return false;
-
-                }
-
-            }
-
-            return true;
-
-        }
-        else
-        {
-
-            return false;
-
-        }
-
-    }
-
-    /****************************************************************************
-     * Description:	Converts 2 Consecutive Bytes in "load" to A Number of "Short"
-     *				from A Known Position
-     *
-     * @param        load            Source Array
-     * @param        loadOffset        Starting Position
-     *
-     * @return A Number of "Short"
-     ****************************************************************************/
-    public static short load16(final byte[] load, int loadOffset)
-    {
-
-        short number = 0;
-
-        if (load.length - loadOffset >= Const.SHORT_SIZE / Const.BYTE_SIZE)
-        {
-
-            for (int i = 0; i < Const.SHORT_SIZE / Const.BYTE_SIZE; i++)
-            {
-
-                number ^= (short)(load[loadOffset + i] & 0xFF) << (Const.BYTE_SIZE * i);
-
-            }
-
-        }
-        else
-        {
-
-            for (int i = 0; i < load.length - loadOffset; i++)
-            {
-
-                number ^= (short)(load[loadOffset + i] & 0xFF) << (Const.BYTE_SIZE * i);
-
-            }
-
-        }
-
-        return number;
-
-    }
-
-    /******************************************************************************
-     * Description:	Converts 4 Consecutive Bytes in "load" to A Number of "Integer"
-     *				from A Known Position
-     *
-     * @param        load            Source Array
-     * @param        loadOffset        Starting Position
-     *
-     * @return A Number of "Integer"
-     ******************************************************************************/
-    public static int load32(final byte[] load, int loadOffset)
-    {
-
-        int number = 0;
-
-        if (load.length - loadOffset >= Const.INT_SIZE / Const.BYTE_SIZE)
-        {
-
-            for (int i = 0; i < Const.INT_SIZE / Const.BYTE_SIZE; i++)
-            {
-
-                number ^= (int)(load[loadOffset + i] & 0xFF) << (Const.BYTE_SIZE * i);
-
-            }
-
-        }
-        else
-        {
-
-
-            for (int i = 0; i < load.length - loadOffset; i++)
-            {
-
-                number ^= (int)(load[loadOffset + i] & 0xFF) << (Const.BYTE_SIZE * i);
-
-            }
-
-        }
-
-        return number;
-
-    }
-
-    /***************************************************************************
-     * Description:	Converts 8 Consecutive Bytes in "load" to A Number of "Long"
-     *				from A Known Position
-     *
-     * @param        load            Source Array
-     * @param        loadOffset        Starting Position
-     *
-     * @return A Number of "Long"
-     ***************************************************************************/
-    public static long load64(final byte[] load, int loadOffset)
-    {
-
-        long number = 0L;
-
-        if (load.length - loadOffset >= Const.LONG_SIZE / Const.BYTE_SIZE)
-        {
-
-            for (int i = 0; i < Const.LONG_SIZE / Const.BYTE_SIZE; i++)
-            {
-
-                number ^= (long)(load[loadOffset + i] & 0xFF) << (Const.BYTE_SIZE * i);
-
-            }
-
-        }
-        else
-        {
-
-            for (int i = 0; i < load.length - loadOffset; i++)
-            {
-
-                number ^= (long)(load[loadOffset + i] & 0xFF) << (Const.BYTE_SIZE * i);
-
-            }
-
-        }
-
-        return number;
-
-    }
-
-    /*****************************************************************************
-     * Description:	Converts A Number of "Short" to 2 Consecutive Bytes in "store"
-     *				from a known position
-     *
-     * @param        store            Destination Array
-     * @param        storeOffset        Starting position
-     * @param        number            Source Number
-     *
-     * @return none
-     *****************************************************************************/
-    public static void store16(byte[] store, int storeOffset, short number)
-    {
-
-        if (store.length - storeOffset >= Const.SHORT_SIZE / Const.BYTE_SIZE)
-        {
-
-            for (int i = 0; i < Const.SHORT_SIZE / Const.BYTE_SIZE; i++)
-            {
-
-                store[storeOffset + i] = (byte)((number >> (Const.BYTE_SIZE * i)) & 0xFF);
-
-            }
-
-        }
-        else
-        {
-
-            for (int i = 0; i < store.length - storeOffset; i++)
-            {
-
-                store[storeOffset + i] = (byte)((number >> (Const.BYTE_SIZE * i)) & 0xFF);
-
-            }
-
-        }
-
-    }
-
-    /*******************************************************************************
-     * Description:	Converts A Number of "Integer" to 4 Consecutive Bytes in "store"
-     * 				from A Known Position
-     *
-     * @param        store            Destination Array
-     * @param        storeOffset        Starting Position
-     * @param        number:			Source Number
-     *
-     * @return none
-     *******************************************************************************/
-    public static void store32(byte[] store, int storeOffset, int number)
-    {
-
-        if (store.length - storeOffset >= Const.INT_SIZE / Const.BYTE_SIZE)
-        {
-
-            for (int i = 0; i < Const.INT_SIZE / Const.BYTE_SIZE; i++)
-            {
-
-                store[storeOffset + i] = (byte)((number >> (Const.BYTE_SIZE * i)) & 0xFF);
-
-            }
-
-        }
-        else
-        {
-
-            for (int i = 0; i < store.length - storeOffset; i++)
-            {
-
-                store[storeOffset + i] = (byte)((number >> (Const.BYTE_SIZE * i)) & 0xFF);
-
-            }
-
-        }
-
-    }
-
-    /****************************************************************************
-     * Description:	Converts A Number of "Long" to 8 Consecutive Bytes in "store"
-     * 				from A Known Position
-     *
-     * @param        store            Destination Array
-     * @param        storeOffset        Starting Position
-     * @param        number            Source Number
-     *
-     * @return none
-     ****************************************************************************/
-    public static void store64(byte[] store, int storeOffset, long number)
-    {
-
-        if (store.length - storeOffset >= Const.LONG_SIZE / Const.BYTE_SIZE)
-        {
-
-            for (int i = 0; i < Const.LONG_SIZE / Const.BYTE_SIZE; i++)
-            {
-
-                store[storeOffset + i] = (byte)((number >> (Const.BYTE_SIZE * i)) & 0xFFL);
-
-            }
-
-        }
-        else
-        {
-
-            for (int i = 0; i < store.length - storeOffset; i++)
-            {
-
-                store[storeOffset + i] = (byte)((number >> (Const.BYTE_SIZE * i)) & 0xFFL);
-
-            }
-
-        }
-
-    }
-
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/Const.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/Const.java
deleted file mode 100644
index 76d3e6f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/Const.java
+++ /dev/null

@@ -1,9 +0,0 @@
-package org.bouncycastle.pqc.crypto.qtesla;
-
-class Const
-{
-    static final int BYTE_SIZE = 8;
-    static final int SHORT_SIZE = 16;
-    static final int INT_SIZE = 32;
-    static final int LONG_SIZE = 64;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/HashUtils.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/HashUtils.java
deleted file mode 100644
index 0ea9dba..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/HashUtils.java
+++ /dev/null

@@ -1,52 +0,0 @@
-package org.bouncycastle.pqc.crypto.qtesla;
-
-import org.bouncycastle.crypto.digests.CSHAKEDigest;
-import org.bouncycastle.crypto.digests.SHAKEDigest;
-
-class HashUtils
-{
-
-    public static final int SECURE_HASH_ALGORITHM_KECCAK_128_RATE = 168;
-    public static final int SECURE_HASH_ALGORITHM_KECCAK_256_RATE = 136;
-
-    /***************************************************************************************************************************************************************
-     * Description:	The Secure-Hash-Algorithm-3 Extendable-Output Function That Generally Supports 128 Bits of Security Strength, If the Output is Sufficiently Long
-     ***************************************************************************************************************************************************************/
-    static void secureHashAlgorithmKECCAK128(byte[] output, int outputOffset, int outputLength, byte[] input, int inputOffset, int inputLength)
-    {
-        SHAKEDigest dig = new SHAKEDigest(128);
-        dig.update(input, inputOffset, inputLength);
-
-        dig.doFinal(output, outputOffset, outputLength);
-    }
-
-    /***************************************************************************************************************************************************************
-     * Description:	The Secure-Hash-Algorithm-3 Extendable-Output Function That Generally Supports 256 Bits of Security Strength, If the Output is Sufficiently Long
-     ***************************************************************************************************************************************************************/
-    static void secureHashAlgorithmKECCAK256(byte[] output, int outputOffset, int outputLength, byte[] input, int inputOffset, int inputLength)
-    {
-        SHAKEDigest dig = new SHAKEDigest(256);
-        dig.update(input, inputOffset, inputLength);
-
-        dig.doFinal(output, outputOffset, outputLength);
-    }
-
-    /* Customizable Secure Hash Algorithm KECCAK 128 / Customizable Secure Hash Algorithm KECCAK 256 */
-
-
-    static void customizableSecureHashAlgorithmKECCAK128Simple(byte[] output, int outputOffset, int outputLength, short continuousTimeStochasticModelling, byte[] input, int inputOffset, int inputLength)
-    {
-        CSHAKEDigest dig = new CSHAKEDigest(128, null, new byte[] {(byte)continuousTimeStochasticModelling, (byte)(continuousTimeStochasticModelling >> 8) });
-        dig.update(input, inputOffset, inputLength);
-
-        dig.doFinal(output, outputOffset, outputLength);
-    }
-
-    static void customizableSecureHashAlgorithmKECCAK256Simple(byte[] output, int outputOffset, int outputLength, short continuousTimeStochasticModelling, byte[] input, int inputOffset, int inputLength)
-    {
-        CSHAKEDigest dig = new CSHAKEDigest(256, null, new byte[] {(byte)continuousTimeStochasticModelling, (byte)(continuousTimeStochasticModelling >> 8) });
-        dig.update(input, inputOffset, inputLength);
-
-        dig.doFinal(output, outputOffset, outputLength);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/Pack.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/Pack.java
deleted file mode 100644
index 26a9a12..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/Pack.java
+++ /dev/null

@@ -1,1370 +0,0 @@
-package org.bouncycastle.pqc.crypto.qtesla;
-
-class Pack
-{
-
-    /*******************************************************************************************************************************************************
-     * Description:	Encode Private Key for Heuristic qTESLA Security Category-1
-     *
-     * @param        privateKey                Private Key
-     * @param        secretPolynomial        Coefficients of the Secret Polynomial
-     * @param        errorPolynomial            Coefficients of the Error Polynomial
-     * @param        seed                    Kappa-Bit Seed
-     * @param        seedOffset                Starting Point of the Kappa-Bit Seed
-     *
-     * @return none
-     *******************************************************************************************************************************************************/
-    public static void encodePrivateKeyI(byte[] privateKey, final int[] secretPolynomial, final int[] errorPolynomial, final byte[] seed, int seedOffset)
-    {
-
-        int j = 0;
-
-        for (int i = 0; i < Parameter.N_I; i += 4)
-        {
-
-            privateKey[j + 0] = (byte)secretPolynomial[i + 0];
-            privateKey[j + 1] = (byte)(((secretPolynomial[i + 0] >> 8) & 0x03) | (secretPolynomial[i + 1] << 2));
-            privateKey[j + 2] = (byte)(((secretPolynomial[i + 1] >> 6) & 0x0F) | (secretPolynomial[i + 2] << 4));
-            privateKey[j + 3] = (byte)(((secretPolynomial[i + 2] >> 4) & 0x3F) | (secretPolynomial[i + 3] << 6));
-            privateKey[j + 4] = (byte)(secretPolynomial[i + 3] >> 2);
-
-            j += 5;
-
-        }
-
-        for (int i = 0; i < Parameter.N_I; i += 4)
-        {
-
-            privateKey[j + 0] = (byte)errorPolynomial[i + 0];
-            privateKey[j + 1] = (byte)(((errorPolynomial[i + 0] >> 8) & 0x03) | (errorPolynomial[i + 1] << 2));
-            privateKey[j + 2] = (byte)(((errorPolynomial[i + 1] >> 6) & 0x0F) | (errorPolynomial[i + 2] << 4));
-            privateKey[j + 3] = (byte)(((errorPolynomial[i + 2] >> 4) & 0x3F) | (errorPolynomial[i + 3] << 6));
-            privateKey[j + 4] = (byte)(errorPolynomial[i + 3] >> 2);
-
-            j += 5;
-
-        }
-
-        System.arraycopy(seed, seedOffset, privateKey, Parameter.N_I * Parameter.S_BIT_I * 2 / Const.BYTE_SIZE, Polynomial.SEED * 2);
-
-    }
-
-    /*************************************************************************************************************************************************************
-     * Description:	Encode Private Key for Heuristic qTESLA Security Category-3 (Option for Size)
-     *
-     * @param        privateKey                Private Key
-     * @param        secretPolynomial        Coefficients of the Secret Polynomial
-     * @param        errorPolynomial            Coefficients of the Error Polynomial
-     * @param        seed                    Kappa-Bit Seed
-     * @param        seedOffset                Starting Point of the Kappa-Bit Seed
-     *
-     * @return none
-     *************************************************************************************************************************************************************/
-    public static void encodePrivateKeyIIISize(byte[] privateKey, final int[] secretPolynomial, final int[] errorPolynomial, final byte[] seed, int seedOffset)
-    {
-
-        for (int i = 0; i < Parameter.N_III_SIZE; i++)
-        {
-
-            privateKey[i] = (byte)secretPolynomial[i];
-
-        }
-
-        for (int i = 0; i < Parameter.N_III_SIZE; i++)
-        {
-
-            privateKey[Parameter.N_III_SIZE + i] = (byte)errorPolynomial[i];
-
-        }
-
-        System.arraycopy(seed, seedOffset, privateKey, Parameter.N_III_SIZE * Parameter.S_BIT_III_SIZE * 2 / Const.BYTE_SIZE, Polynomial.SEED * 2);
-
-    }
-
-    /***********************************************************************************************************************************************************************************
-     * Description:	Encode Private Key for Heuristic qTESLA Security Category-3 (Option for Speed)
-     *
-     * @param        privateKey                Private Key
-     * @param        secretPolynomial        Coefficients of the Secret Polynomial
-     * @param        errorPolynomial            Coefficients of the Error Polynomial
-     * @param        seed                    Kappa-Bit Seed
-     * @param        seedOffset                Starting Point of the Kappa-Bit Seed
-     *
-     * @return none
-     ***********************************************************************************************************************************************************************************/
-    public static void encodePrivateKeyIIISpeed(byte[] privateKey, final int[] secretPolynomial, final int[] errorPolynomial, final byte[] seed, int seedOffset)
-    {
-
-        int j = 0;
-
-        for (int i = 0; i < Parameter.N_III_SPEED; i += 8)
-        {
-
-            privateKey[j + 0] = (byte)secretPolynomial[i + 0];
-            privateKey[j + 1] = (byte)(((secretPolynomial[i + 0] >> 8) & 0x01) | (secretPolynomial[i + 1] << 1));
-            privateKey[j + 2] = (byte)(((secretPolynomial[i + 1] >> 7) & 0x03) | (secretPolynomial[i + 2] << 2));
-            privateKey[j + 3] = (byte)(((secretPolynomial[i + 2] >> 6) & 0x07) | (secretPolynomial[i + 3] << 3));
-            privateKey[j + 4] = (byte)(((secretPolynomial[i + 3] >> 5) & 0x0F) | (secretPolynomial[i + 4] << 4));
-            privateKey[j + 5] = (byte)(((secretPolynomial[i + 4] >> 4) & 0x1F) | (secretPolynomial[i + 5] << 5));
-            privateKey[j + 6] = (byte)(((secretPolynomial[i + 5] >> 3) & 0x3F) | (secretPolynomial[i + 6] << 6));
-            privateKey[j + 7] = (byte)(((secretPolynomial[i + 6] >> 2) & 0x7F) | (secretPolynomial[i + 7] << 7));
-            privateKey[j + 8] = (byte)(secretPolynomial[i + 7] >> 1);
-
-            j += 9;
-
-        }
-
-        for (int i = 0; i < Parameter.N_III_SPEED; i += 8)
-        {
-
-            privateKey[j + 0] = (byte)errorPolynomial[i + 0];
-            privateKey[j + 1] = (byte)(((errorPolynomial[i + 0] >> 8) & 0x01) | (errorPolynomial[i + 1] << 1));
-            privateKey[j + 2] = (byte)(((errorPolynomial[i + 1] >> 7) & 0x03) | (errorPolynomial[i + 2] << 2));
-            privateKey[j + 3] = (byte)(((errorPolynomial[i + 2] >> 6) & 0x07) | (errorPolynomial[i + 3] << 3));
-            privateKey[j + 4] = (byte)(((errorPolynomial[i + 3] >> 5) & 0x0F) | (errorPolynomial[i + 4] << 4));
-            privateKey[j + 5] = (byte)(((errorPolynomial[i + 4] >> 4) & 0x1F) | (errorPolynomial[i + 5] << 5));
-            privateKey[j + 6] = (byte)(((errorPolynomial[i + 5] >> 3) & 0x3F) | (errorPolynomial[i + 6] << 6));
-            privateKey[j + 7] = (byte)(((errorPolynomial[i + 6] >> 2) & 0x7F) | (errorPolynomial[i + 7] << 7));
-            privateKey[j + 8] = (byte)(errorPolynomial[i + 7] >> 1);
-
-            j += 9;
-
-        }
-
-        System.arraycopy(seed, seedOffset, privateKey, Parameter.N_III_SPEED * Parameter.S_BIT_III_SPEED * 2 / Const.BYTE_SIZE, Polynomial.SEED * 2);
-
-    }
-
-    /*******************************************************************************************************************************
-     * Description:	Decode Private Key for Heuristic qTESLA Security Category-1
-     *
-     * @param        seed                    Kappa-Bit Seed
-     * @param        secretPolynomial        Coefficients of the Secret Polynomial
-     * @param        errorPolynomial            Coefficients of the Error Polynomial
-     * @param        privateKey                Private Key
-     *
-     * @return none
-     *******************************************************************************************************************************/
-    public static void decodePrivateKeyI(byte[] seed, short[] secretPolynomial, short[] errorPolynomial, final byte[] privateKey)
-    {
-
-        int j = 0;
-        int temporary = 0;
-
-        for (int i = 0; i < Parameter.N_I; i += 4)
-        {
-
-            temporary = privateKey[j + 0] & 0xFF;
-            secretPolynomial[i + 0] = (short)temporary;
-            temporary = privateKey[j + 1] & 0xFF;
-            temporary = (temporary << 30) >> 22;
-            secretPolynomial[i + 0] |= (short)temporary;
-
-            temporary = privateKey[j + 1] & 0xFF;
-            temporary = temporary >> 2;
-            secretPolynomial[i + 1] = (short)temporary;
-            temporary = privateKey[j + 2] & 0xFF;
-            temporary = (temporary << 28) >> 22;
-            secretPolynomial[i + 1] |= (short)temporary;
-
-            temporary = privateKey[j + 2] & 0xFF;
-            temporary = temporary >> 4;
-            secretPolynomial[i + 2] = (short)temporary;
-            temporary = privateKey[j + 3] & 0xFF;
-            temporary = (temporary << 26) >> 22;
-            secretPolynomial[i + 2] |= (short)temporary;
-
-            temporary = privateKey[j + 3] & 0xFF;
-            temporary = temporary >> 6;
-            secretPolynomial[i + 3] = (short)temporary;
-            temporary = privateKey[j + 4];
-            temporary = (short)temporary << 2;
-            secretPolynomial[i + 3] |= (short)temporary;
-
-            j += 5;
-
-        }
-
-        for (int i = 0; i < Parameter.N_I; i += 4)
-        {
-
-            temporary = privateKey[j + 0] & 0xFF;
-            errorPolynomial[i + 0] = (short)temporary;
-            temporary = privateKey[j + 1] & 0xFF;
-            temporary = (temporary << 30) >> 22;
-            errorPolynomial[i + 0] |= (short)temporary;
-
-            temporary = privateKey[j + 1] & 0xFF;
-            temporary = temporary >> 2;
-            errorPolynomial[i + 1] = (short)temporary;
-            temporary = privateKey[j + 2] & 0xFF;
-            temporary = (temporary << 28) >> 22;
-            errorPolynomial[i + 1] |= (short)temporary;
-
-            temporary = privateKey[j + 2] & 0xFF;
-            temporary = temporary >> 4;
-            errorPolynomial[i + 2] = (short)temporary;
-            temporary = privateKey[j + 3] & 0xFF;
-            temporary = (temporary << 26) >> 22;
-            errorPolynomial[i + 2] |= (short)temporary;
-
-            temporary = privateKey[j + 3] & 0xFF;
-            temporary = temporary >> 6;
-            errorPolynomial[i + 3] = (short)temporary;
-            temporary = privateKey[j + 4];
-            temporary = (short)temporary << 2;
-            errorPolynomial[i + 3] |= (short)temporary;
-
-            j += 5;
-
-        }
-
-        System.arraycopy(privateKey, Parameter.N_I * Parameter.S_BIT_I * 2 / Const.BYTE_SIZE, seed, 0, Polynomial.SEED * 2);
-
-    }
-
-    /*************************************************************************************************************************************
-     * Description:	Decode Private Key for Heuristic qTESLA Security Category-3 (Option for Size)
-     *
-     * @param        seed                    Kappa-Bit Seed
-     * @param        secretPolynomial        Coefficients of the Secret Polynomial
-     * @param        errorPolynomial            Coefficients of the Error Polynomial
-     * @param        privateKey                Private Key
-     *
-     * @return none
-     *************************************************************************************************************************************/
-    public static void decodePrivateKeyIIISize(byte[] seed, short[] secretPolynomial, short[] errorPolynomial, final byte[] privateKey)
-    {
-
-        for (int i = 0; i < Parameter.N_III_SIZE; i++)
-        {
-
-            secretPolynomial[i] = privateKey[i];
-
-        }
-
-        for (int i = 0; i < Parameter.N_III_SIZE; i++)
-        {
-
-            errorPolynomial[i] = privateKey[Parameter.N_III_SIZE + i];
-
-        }
-
-        System.arraycopy(privateKey, Parameter.N_III_SIZE * Parameter.S_BIT_III_SIZE * 2 / Const.BYTE_SIZE, seed, 0, Polynomial.SEED * 2);
-
-    }
-
-    /**************************************************************************************************************************************
-     * Description:	Decode Private Key for Heuristic qTESLA Security Category-3 (Option for Speed)
-     *
-     * @param        seed                    Kappa-Bit Seed
-     * @param        secretPolynomial        Coefficients of the Secret Polynomial
-     * @param        errorPolynomial            Coefficients of the Error Polynomial
-     * @param        privateKey                Private Key
-     *
-     * @return none
-     **************************************************************************************************************************************/
-    public static void decodePrivateKeyIIISpeed(byte[] seed, short[] secretPolynomial, short[] errorPolynomial, final byte[] privateKey)
-    {
-
-        int j = 0;
-        int temporary = 0;
-
-        for (int i = 0; i < Parameter.N_III_SPEED; i += 8)
-        {
-
-            temporary = privateKey[j + 0] & 0xFF;
-            secretPolynomial[i + 0] = (short)temporary;
-            temporary = privateKey[j + 1] & 0xFF;
-            temporary = (temporary << 31) >> 23;
-            secretPolynomial[i + 0] |= (short)temporary;
-
-            temporary = privateKey[j + 1] & 0xFF;
-            temporary = temporary >> 1;
-            secretPolynomial[i + 1] = (short)temporary;
-            temporary = privateKey[j + 2] & 0xFF;
-            temporary = (temporary << 30) >> 23;
-            secretPolynomial[i + 1] |= (short)temporary;
-
-            temporary = privateKey[j + 2] & 0xFF;
-            temporary = temporary >> 2;
-            secretPolynomial[i + 2] = (short)temporary;
-            temporary = privateKey[j + 3] & 0xFF;
-            temporary = (temporary << 29) >> 23;
-            secretPolynomial[i + 2] |= (short)temporary;
-
-            temporary = privateKey[j + 3] & 0xFF;
-            temporary = temporary >> 3;
-            secretPolynomial[i + 3] = (short)temporary;
-            temporary = privateKey[j + 4] & 0xFF;
-            temporary = (temporary << 28) >> 23;
-            secretPolynomial[i + 3] |= (short)temporary;
-
-            temporary = privateKey[j + 4] & 0xFF;
-            temporary = temporary >> 4;
-            secretPolynomial[i + 4] = (short)temporary;
-            temporary = privateKey[j + 5] & 0xFF;
-            temporary = (temporary << 27) >> 23;
-            secretPolynomial[i + 4] |= (short)temporary;
-
-            temporary = privateKey[j + 5] & 0xFF;
-            temporary = temporary >> 5;
-            secretPolynomial[i + 5] = (short)temporary;
-            temporary = privateKey[j + 6] & 0xFF;
-            temporary = (temporary << 26) >> 23;
-            secretPolynomial[i + 5] |= (short)temporary;
-
-            temporary = privateKey[j + 6] & 0xFF;
-            temporary = temporary >> 6;
-            secretPolynomial[i + 6] = (short)temporary;
-            temporary = privateKey[j + 7] & 0xFF;
-            temporary = (temporary << 25) >> 23;
-            secretPolynomial[i + 6] |= (short)temporary;
-
-            temporary = privateKey[j + 7] & 0xFF;
-            temporary = temporary >> 7;
-            secretPolynomial[i + 7] = (short)temporary;
-            temporary = privateKey[j + 8];
-            temporary = (short)temporary << 1;
-            secretPolynomial[i + 7] |= (short)temporary;
-
-            j += 9;
-
-        }
-
-        for (int i = 0; i < Parameter.N_III_SPEED; i += 8)
-        {
-
-            temporary = privateKey[j + 0] & 0xFF;
-            errorPolynomial[i + 0] = (short)temporary;
-            temporary = privateKey[j + 1] & 0xFF;
-            temporary = (temporary << 31) >> 23;
-            errorPolynomial[i + 0] |= (short)temporary;
-
-            temporary = privateKey[j + 1] & 0xFF;
-            temporary = temporary >> 1;
-            errorPolynomial[i + 1] = (short)temporary;
-            temporary = privateKey[j + 2] & 0xFF;
-            temporary = (temporary << 30) >> 23;
-            errorPolynomial[i + 1] |= (short)temporary;
-
-            temporary = privateKey[j + 2] & 0xFF;
-            temporary = temporary >> 2;
-            errorPolynomial[i + 2] = (short)temporary;
-            temporary = privateKey[j + 3] & 0xFF;
-            temporary = (temporary << 29) >> 23;
-            errorPolynomial[i + 2] |= (short)temporary;
-
-            temporary = privateKey[j + 3] & 0xFF;
-            temporary = temporary >> 3;
-            errorPolynomial[i + 3] = (short)temporary;
-            temporary = privateKey[j + 4] & 0xFF;
-            temporary = (temporary << 28) >> 23;
-            errorPolynomial[i + 3] |= (short)temporary;
-
-            temporary = privateKey[j + 4] & 0xFF;
-            temporary = temporary >> 4;
-            errorPolynomial[i + 4] = (short)temporary;
-            temporary = privateKey[j + 5] & 0xFF;
-            temporary = (temporary << 27) >> 23;
-            errorPolynomial[i + 4] |= (short)temporary;
-
-            temporary = privateKey[j + 5] & 0xFF;
-            temporary = temporary >> 5;
-            errorPolynomial[i + 5] = (short)temporary;
-            temporary = privateKey[j + 6] & 0xFF;
-            temporary = (temporary << 26) >> 23;
-            errorPolynomial[i + 5] |= (short)temporary;
-
-            temporary = privateKey[j + 6] & 0xFF;
-            temporary = temporary >> 6;
-            errorPolynomial[i + 6] = (short)temporary;
-            temporary = privateKey[j + 7] & 0xFF;
-            temporary = (temporary << 25) >> 23;
-            errorPolynomial[i + 6] |= (short)temporary;
-
-            temporary = privateKey[j + 7] & 0xFF;
-            temporary = temporary >> 7;
-            errorPolynomial[i + 7] = (short)temporary;
-            temporary = privateKey[j + 8];
-            temporary = (short)temporary << 1;
-            errorPolynomial[i + 7] |= (short)temporary;
-
-            j += 9;
-
-        }
-
-        System.arraycopy(privateKey, Parameter.N_III_SPEED * Parameter.S_BIT_III_SPEED * 2 / Const.BYTE_SIZE, seed, 0, Polynomial.SEED * 2);
-
-    }
-
-    /********************************************************************************************************************************************************************
-     * Description:	Pack Private Key for Provably-Secure qTESLA Security Category-1 and Security Category-3
-     *
-     * @param        privateKey                Private Key
-     * @param        secretPolynomial        Coefficients of the Secret Polynomial
-     * @param        errorPolynomial            Coefficients of the Error Polynomial
-     * @param        seed                    Kappa-Bit Seed
-     * @param        seedOffset                Starting Point of the Kappa-Bit Seed
-     * @param        n                        Polynomial Degree
-     * @param        k                        Number of Ring-Learning-With-Errors Samples
-     *
-     * @return none
-     ********************************************************************************************************************************************************************/
-    public static void packPrivateKey(byte[] privateKey, final long[] secretPolynomial, final long[] errorPolynomial, final byte[] seed, int seedOffset, int n, int k)
-    {
-
-        for (int i = 0; i < n; i++)
-        {
-
-            privateKey[i] = (byte)secretPolynomial[i];
-
-        }
-
-        for (int j = 0; j < k; j++)
-        {
-
-            for (int i = 0; i < n; i++)
-            {
-
-                privateKey[n + j * n + i] = (byte)errorPolynomial[j * n + i];
-
-            }
-
-        }
-
-        System.arraycopy(seed, seedOffset, privateKey, n + k * n, Polynomial.SEED * 2);
-
-    }
-
-    /**************************************************************************************************************************************************
-     * Description:	Encode Public Key for Heuristic qTESLA Security Category-1 and Category-3 (Option for Size)
-     *
-     * @param        publicKey            Public Key
-     * @param        T                    T_1, ..., T_k
-     * @param        seedA                Seed Used to Generate the Polynomials a_i for i = 1, ..., k
-     * @param        seedAOffset            Starting Point of the Seed A
-     * @param        n                    Polynomial Degree
-     * @param        qLogarithm            q <= 2 ^ qLogartihm
-     *
-     * @return none
-     **************************************************************************************************************************************************/
-    public static void encodePublicKey(byte[] publicKey, final int[] T, final byte[] seedA, int seedAOffset, int n, int qLogarithm)
-    {
-
-        int j = 0;
-
-        for (int i = 0; i < n * qLogarithm / Const.INT_SIZE; i += qLogarithm)
-        {
-
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 0), (int)(T[j + 0] | (T[j + 1] << 23)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 1), (int)((T[j + 1] >> 9) | (T[j + 2] << 14)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 2), (int)((T[j + 2] >> 18) | (T[j + 3] << 5) | (T[j + 4] << 28)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 3), (int)((T[j + 4] >> 4) | (T[j + 5] << 19)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 4), (int)((T[j + 5] >> 13) | (T[j + 6] << 10)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 5), (int)((T[j + 6] >> 22) | (T[j + 7] << 1) | (T[j + 8] << 24)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 6), (int)((T[j + 8] >> 8) | (T[j + 9] << 15)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 7), (int)((T[j + 9] >> 17) | (T[j + 10] << 6) | (T[j + 11] << 29)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 8), (int)((T[j + 11] >> 3) | (T[j + 12] << 20)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 9), (int)((T[j + 12] >> 12) | (T[j + 13] << 11)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 10), (int)((T[j + 13] >> 21) | (T[j + 14] << 2) | (T[j + 15] << 25)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 11), (int)((T[j + 15] >> 7) | (T[j + 16] << 16)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 12), (int)((T[j + 16] >> 16) | (T[j + 17] << 7) | (T[j + 18] << 30)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 13), (int)((T[j + 18] >> 2) | (T[j + 19] << 21)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 14), (int)((T[j + 19] >> 11) | (T[j + 20] << 12)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 15), (int)((T[j + 20] >> 20) | (T[j + 21] << 3) | (T[j + 22] << 26)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 16), (int)((T[j + 22] >> 6) | (T[j + 23] << 17)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 17), (int)((T[j + 23] >> 15) | (T[j + 24] << 8) | (T[j + 25] << 31)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 18), (int)((T[j + 25] >> 1) | (T[j + 26] << 22)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 19), (int)((T[j + 26] >> 10) | (T[j + 27] << 13)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 20), (int)((T[j + 27] >> 19) | (T[j + 28] << 4) | (T[j + 29] << 27)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 21), (int)((T[j + 29] >> 5) | (T[j + 30] << 18)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 22), (int)((T[j + 30] >> 14) | (T[j + 31] << 9)));
-
-            j += Const.INT_SIZE;
-
-        }
-
-        System.arraycopy(seedA, seedAOffset, publicKey, n * qLogarithm / Const.BYTE_SIZE, Polynomial.SEED);
-
-    }
-
-    /******************************************************************************************************************************************************
-     * Description:	Encode Public Key for Heuristic qTESLA Security Category-3 (Option for Speed)
-     *
-     * @param        publicKey            Public Key
-     * @param        T                    T_1, ..., T_k
-     * @param        seedA                Seed Used to Generate the Polynomials a_i for i = 1, ..., k
-     * @param        seedAOffset            Starting Point of the Seed A
-     *
-     * @return none
-     ******************************************************************************************************************************************************/
-    public static void encodePublicKeyIIISpeed(byte[] publicKey, final int[] T, final byte[] seedA, int seedAOffset)
-    {
-
-        int j = 0;
-
-        for (int i = 0; i < Parameter.N_III_SPEED * Parameter.Q_LOGARITHM_III_SPEED / Const.INT_SIZE; i += (Parameter.Q_LOGARITHM_III_SPEED / Const.BYTE_SIZE))
-        {
-
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 0), (int)(T[j + 0] | (T[j + 1] << 24)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 1), (int)((T[j + 1] >> 8) | (T[j + 2] << 16)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 2), (int)((T[j + 2] >> 16) | (T[j + 3] << 8)));
-
-            j += Const.INT_SIZE / Const.BYTE_SIZE;
-
-        }
-
-        System.arraycopy(seedA, seedAOffset, publicKey, Parameter.N_III_SPEED * Parameter.Q_LOGARITHM_III_SPEED / Const.BYTE_SIZE, Polynomial.SEED);
-
-    }
-
-    /*******************************************************************************************************************************************************
-     * Description:	Encode Public Key for Provably-Secure qTESLA Security Category-1
-     *
-     * @param        publicKey            Public Key
-     * @param        T                    T_1, ..., T_k
-     * @param        seedA                Seed Used to Generate the Polynomials a_i for i = 1, ..., k
-     * @param        seedAOffset            Starting Point of the Seed A
-     *
-     * @return none
-     *******************************************************************************************************************************************************/
-    public static void encodePublicKeyIP(byte[] publicKey, final long[] T, final byte[] seedA, int seedAOffset)
-    {
-
-        int j = 0;
-
-        for (int i = 0; i < Parameter.N_I_P * Parameter.K_I_P * Parameter.Q_LOGARITHM_I_P / Const.INT_SIZE; i += Parameter.Q_LOGARITHM_I_P)
-        {
-
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 0), (int)(T[j + 0] | (T[j + 1] << 29)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 1), (int)((T[j + 1] >> 3) | (T[j + 2] << 26)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 2), (int)((T[j + 2] >> 6) | (T[j + 3] << 23)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 3), (int)((T[j + 3] >> 9) | (T[j + 4] << 20)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 4), (int)((T[j + 4] >> 12) | (T[j + 5] << 17)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 5), (int)((T[j + 5] >> 15) | (T[j + 6] << 14)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 6), (int)((T[j + 6] >> 18) | (T[j + 7] << 11)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 7), (int)((T[j + 7] >> 21) | (T[j + 8] << 8)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 8), (int)((T[j + 8] >> 24) | (T[j + 9] << 5)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 9), (int)((T[j + 9] >> 27) | (T[j + 10] << 2) | (T[j + 11] << 31)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 10), (int)((T[j + 11] >> 1) | (T[j + 12] << 28)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 11), (int)((T[j + 12] >> 4) | (T[j + 13] << 25)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 12), (int)((T[j + 13] >> 7) | (T[j + 14] << 22)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 13), (int)((T[j + 14] >> 10) | (T[j + 15] << 19)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 14), (int)((T[j + 15] >> 13) | (T[j + 16] << 16)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 15), (int)((T[j + 16] >> 16) | (T[j + 17] << 13)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 16), (int)((T[j + 17] >> 19) | (T[j + 18] << 10)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 17), (int)((T[j + 18] >> 22) | (T[j + 19] << 7)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 18), (int)((T[j + 19] >> 25) | (T[j + 20] << 4)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 19), (int)((T[j + 20] >> 28) | (T[j + 21] << 1) | (T[j + 22] << 30)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 20), (int)((T[j + 22] >> 2) | (T[j + 23] << 27)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 21), (int)((T[j + 23] >> 5) | (T[j + 24] << 24)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 22), (int)((T[j + 24] >> 8) | (T[j + 25] << 21)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 23), (int)((T[j + 25] >> 11) | (T[j + 26] << 18)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 24), (int)((T[j + 26] >> 14) | (T[j + 27] << 15)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 25), (int)((T[j + 27] >> 17) | (T[j + 28] << 12)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 26), (int)((T[j + 28] >> 20) | (T[j + 29] << 9)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 27), (int)((T[j + 29] >> 23) | (T[j + 30] << 6)));
-            CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + 28), (int)((T[j + 30] >> 26) | (T[j + 31] << 3)));
-
-            j += Const.INT_SIZE;
-
-        }
-
-        System.arraycopy(seedA, seedAOffset, publicKey, Parameter.N_I_P * Parameter.K_I_P * Parameter.Q_LOGARITHM_I_P / Const.BYTE_SIZE, Polynomial.SEED);
-
-    }
-
-    /*************************************************************************************************************************************************************************************
-     * Description:	Encode Public Key for Provably-Secure qTESLA Security Category-3
-     *
-     * @param        publicKey            Public Key
-     * @param        T                    T_1, ..., T_k
-     * @param        seedA                Seed Used to Generate the Polynomials a_i for i = 1, ..., k
-     * @param        seedAOffset            Starting Point of the Seed A
-     *
-     * @return none
-     *************************************************************************************************************************************************************************************/
-    public static void encodePublicKeyIIIP(byte[] publicKey, final long[] T, final byte[] seedA, int seedAOffset)
-    {
-
-        int j = 0;
-
-        for (int i = 0; i < Parameter.N_III_P * Parameter.K_III_P * Parameter.Q_LOGARITHM_III_P / Const.INT_SIZE; i += Parameter.Q_LOGARITHM_III_P)
-        {
-
-            for (int index = 0; index < Parameter.Q_LOGARITHM_III_P; index++)
-            {
-
-                CommonFunction.store32(publicKey, Const.INT_SIZE / Const.BYTE_SIZE * (i + index), (int)((T[j + index] >> index) | (T[j + index + 1] << (Parameter.Q_LOGARITHM_III_P - index))));
-
-            }
-
-            j += Const.INT_SIZE;
-
-        }
-
-        System.arraycopy(seedA, seedAOffset, publicKey, Parameter.N_III_P * Parameter.K_III_P * Parameter.Q_LOGARITHM_III_P / Const.BYTE_SIZE, Polynomial.SEED);
-
-    }
-
-    /****************************************************************************************************************************************
-     * Description:	Decode Public Key for Heuristic qTESLA Security Category-1 and Category-3 (Option for Size)
-     *
-     * @param        publicKey            Decoded Public Key
-     * @param        seedA                Seed Used to Generate the Polynomials A_i for i = 1, ..., k
-     * @param        seedAOffset            Starting Point of the Seed A
-     * @param        publicKeyInput        Public Key to be Decoded
-     * @param        n                    Polynomial Degree
-     * @param        qLogarithm            q <= 2 ^ qLogartihm
-     *
-     * @return none
-     ****************************************************************************************************************************************/
-    public static void decodePublicKey(int[] publicKey, byte[] seedA, int seedAOffset, final byte[] publicKeyInput, int n, int qLogarithm)
-    {
-
-        int j = 0;
-
-        int mask = (1 << qLogarithm) - 1;
-
-        for (int i = 0; i < n; i += Const.INT_SIZE)
-        {
-
-            publicKey[i + 0] = CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 0)) & mask;
-
-            publicKey[i + 1] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 0)) >>> 23) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 1)) << 9)) & mask;
-
-            publicKey[i + 2] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 1)) >>> 14) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 2)) << 18)) & mask;
-
-            publicKey[i + 3] = (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 2)) >>> 5) & mask;
-
-            publicKey[i + 4] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 2)) >>> 28) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 3)) << 4)) & mask;
-
-            publicKey[i + 5] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 3)) >>> 19) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 4)) << 13)) & mask;
-
-            publicKey[i + 6] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 4)) >>> 10) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 5)) << 22)) & mask;
-
-            publicKey[i + 7] = (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 5)) >>> 1) & mask;
-
-            publicKey[i + 8] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 5)) >>> 24) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 6)) << 8)) & mask;
-
-            publicKey[i + 9] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 6)) >>> 15) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 7)) << 17)) & mask;
-
-            publicKey[i + 10] = (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 7)) >>> 6) & mask;
-
-            publicKey[i + 11] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 7)) >>> 29) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 8)) << 3)) & mask;
-
-            publicKey[i + 12] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 8)) >>> 20) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 9)) << 12)) & mask;
-
-            publicKey[i + 13] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 9)) >>> 11) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 10)) << 21)) & mask;
-
-            publicKey[i + 14] = (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 10)) >>> 2) & mask;
-
-            publicKey[i + 15] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 10)) >>> 25) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 11)) << 7)) & mask;
-
-            publicKey[i + 16] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 11)) >>> 16) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 12)) << 16)) & mask;
-
-            publicKey[i + 17] = (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 12)) >>> 7) & mask;
-
-            publicKey[i + 18] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 12)) >>> 30) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 13)) << 2)) & mask;
-
-            publicKey[i + 19] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 13)) >>> 21) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 14)) << 11)) & mask;
-
-            publicKey[i + 20] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 14)) >>> 12) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 15)) << 20)) & mask;
-
-            publicKey[i + 21] = (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 15)) >>> 3) & mask;
-
-            publicKey[i + 22] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 15)) >>> 26) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 16)) << 6)) & mask;
-
-            publicKey[i + 23] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 16)) >>> 17) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 17)) << 15)) & mask;
-
-            publicKey[i + 24] = (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 17)) >>> 8) & mask;
-
-            publicKey[i + 25] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 17)) >>> 31) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 18)) << 1)) & mask;
-
-            publicKey[i + 26] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 18)) >>> 22) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 19)) << 10)) & mask;
-
-            publicKey[i + 27] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 19)) >>> 13) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 20)) << 19)) & mask;
-
-            publicKey[i + 28] = (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 20)) >>> 4) & mask;
-
-            publicKey[i + 29] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 20)) >>> 27) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 21)) << 5)) & mask;
-
-            publicKey[i + 30] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 21)) >>> 18) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 22)) << 14)) & mask;
-
-            publicKey[i + 31] = CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 22)) >>> 9;
-
-            j += qLogarithm;
-
-        }
-
-        System.arraycopy(publicKeyInput, n * qLogarithm / Const.BYTE_SIZE, seedA, seedAOffset, Polynomial.SEED);
-
-    }
-
-    /*************************************************************************************************************************************************
-     * Description:	Decode Public Key for Heuristic qTESLA Security Category-3 (Option for Speed)
-     *
-     * @param        publicKey            Decoded Public Key
-     * @param        seedA                Seed Used to Generate the Polynomials A_i for i = 1, ..., k
-     * @param        seedAOffset            Starting Point of the Seed A
-     * @param        publicKeyInput        Public Key to be Decoded
-     *
-     * @return none
-     *************************************************************************************************************************************************/
-    public static void decodePublicKeyIIISpeed(int[] publicKey, byte[] seedA, int seedAOffset, final byte[] publicKeyInput)
-    {
-
-        int j = 0;
-
-        int mask = (1 << Parameter.Q_LOGARITHM_III_SPEED) - 1;
-
-        for (int i = 0; i < Parameter.N_III_SPEED; i += Const.INT_SIZE / Const.BYTE_SIZE)
-        {
-
-            publicKey[i + 0] = CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 0)) & mask;
-
-            publicKey[i + 1] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 0)) >>> 24) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 1)) << 8)) & mask;
-
-            publicKey[i + 2] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 1)) >>> 16) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 2)) << 16)) & mask;
-
-            publicKey[i + 3] = CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 2)) >>> 8;
-
-            j += Parameter.Q_LOGARITHM_III_SPEED / Const.BYTE_SIZE;
-
-        }
-
-        System.arraycopy(publicKeyInput, Parameter.N_III_SPEED * Parameter.Q_LOGARITHM_III_SPEED / Const.BYTE_SIZE, seedA, seedAOffset, Polynomial.SEED);
-
-    }
-
-    /************************************************************************************************************************************************************
-     * Description:	Decode Public Key for Provably-Secure qTESLA Security Category-1
-     *
-     * @param        publicKey            Decoded Public Key
-     * @param        seedA                Seed Used to Generate the Polynomials A_i for i = 1, ..., k
-     * @param        seedAOffset            Starting Point of the Seed A
-     * @param        publicKeyInput        Public Key to be Decoded
-     *
-     * @return none
-     ************************************************************************************************************************************************************/
-    public static void decodePublicKeyIP(int[] publicKey, byte[] seedA, int seedAOffset, final byte[] publicKeyInput)
-    {
-
-        int j = 0;
-
-        int mask = (1 << Parameter.Q_LOGARITHM_I_P) - 1;
-
-        for (int i = 0; i < Parameter.N_I_P * Parameter.K_I_P; i += Const.INT_SIZE)
-        {
-
-            publicKey[i + 0] = CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 0)) & mask;
-
-            publicKey[i + 1] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 0)) >>> 29) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 1)) << 3)) & mask;
-
-            publicKey[i + 2] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 1)) >>> 26) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 2)) << 6)) & mask;
-
-            publicKey[i + 3] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 2)) >>> 23) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 3)) << 9)) & mask;
-
-            publicKey[i + 4] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 3)) >>> 20) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 4)) << 12)) & mask;
-
-            publicKey[i + 5] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 4)) >>> 17) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 5)) << 15)) & mask;
-
-            publicKey[i + 6] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 5)) >>> 14) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 6)) << 18)) & mask;
-
-            publicKey[i + 7] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 6)) >>> 11) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 7)) << 21)) & mask;
-
-            publicKey[i + 8] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 7)) >>> 8) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 8)) << 24)) & mask;
-
-            publicKey[i + 9] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 8)) >>> 5) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 9)) << 27)) & mask;
-
-            publicKey[i + 10] = (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 9)) >>> 2) & mask;
-
-            publicKey[i + 11] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 9)) >>> 31) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 10)) << 1)) & mask;
-
-            publicKey[i + 12] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 10)) >>> 28) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 11)) << 4)) & mask;
-
-            publicKey[i + 13] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 11)) >>> 25) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 12)) << 7)) & mask;
-
-            publicKey[i + 14] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 12)) >>> 22) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 13)) << 10)) & mask;
-
-            publicKey[i + 15] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 13)) >>> 19) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 14)) << 13)) & mask;
-
-            publicKey[i + 16] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 14)) >>> 16) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 15)) << 16)) & mask;
-
-            publicKey[i + 17] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 15)) >>> 13) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 16)) << 19)) & mask;
-
-            publicKey[i + 18] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 16)) >>> 10) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 17)) << 22)) & mask;
-
-            publicKey[i + 19] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 17)) >>> 7) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 18)) << 25)) & mask;
-
-            publicKey[i + 20] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 18)) >>> 4) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 19)) << 28)) & mask;
-
-            publicKey[i + 21] = (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 19)) >>> 1) & mask;
-
-            publicKey[i + 22] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 19)) >>> 30) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 20)) << 2)) & mask;
-
-            publicKey[i + 23] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 20)) >>> 27) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 21)) << 5)) & mask;
-
-            publicKey[i + 24] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 21)) >>> 24) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 22)) << 8)) & mask;
-
-            publicKey[i + 25] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 22)) >>> 21) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 23)) << 11)) & mask;
-
-            publicKey[i + 26] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 23)) >>> 18) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 24)) << 14)) & mask;
-
-            publicKey[i + 27] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 24)) >>> 15) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 25)) << 17)) & mask;
-
-            publicKey[i + 28] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 25)) >>> 12) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 26)) << 20)) & mask;
-
-            publicKey[i + 29] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 26)) >>> 9) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 27)) << 23)) & mask;
-
-            publicKey[i + 30] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 27)) >>> 6) |
-                (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 28)) << 26)) & mask;
-
-            publicKey[i + 31] = CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + 28)) >>> 3;
-
-            j += Parameter.Q_LOGARITHM_I_P;
-
-        }
-
-        System.arraycopy(publicKeyInput, Parameter.N_I_P * Parameter.K_I_P * Parameter.Q_LOGARITHM_I_P / Const.BYTE_SIZE, seedA, seedAOffset, Polynomial.SEED);
-
-    }
-
-    /****************************************************************************************************************************************************************
-     * Description:	Decode Public Key for Provably-Secure qTESLA Security Category-3
-     *
-     * @param        publicKey            Decoded Public Key
-     * @param        seedA                Seed Used to Generate the Polynomials A_i for i = 1, ..., k
-     * @param        seedAOffset            Starting Point of the Seed A
-     * @param        publicKeyInput        Public Key to be Decoded
-     *
-     * @return none
-     ****************************************************************************************************************************************************************/
-    public static void decodePublicKeyIIIP(int[] publicKey, byte[] seedA, int seedAOffset, final byte[] publicKeyInput)
-    {
-
-        int j = 0;
-
-        int mask = (1 << Parameter.Q_LOGARITHM_III_P) - 1;
-
-        for (int i = 0; i < Parameter.N_III_P * Parameter.K_III_P; i += Const.INT_SIZE)
-        {
-
-            publicKey[i] = CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * j) & mask;
-
-            for (int index = 1; index < Parameter.Q_LOGARITHM_III_P; index++)
-            {
-
-                publicKey[i + index] = ((CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + index - 1)) >>> (Const.INT_SIZE - index)) |
-                    (CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + index)) << index)) & mask;
-
-            }
-
-            publicKey[i + Parameter.Q_LOGARITHM_III_P] = CommonFunction.load32(publicKeyInput, Const.INT_SIZE / Const.BYTE_SIZE * (j + Parameter.Q_LOGARITHM_III_P - 1)) >>> 1;
-
-            j += Parameter.Q_LOGARITHM_III_P;
-
-        }
-
-        System.arraycopy(publicKeyInput, Parameter.N_III_P * Parameter.K_III_P * Parameter.Q_LOGARITHM_III_P / Const.BYTE_SIZE, seedA, seedAOffset, Polynomial.SEED);
-
-    }
-
-
-    /***************************************************************************************************************************************************************************************************************
-     * Description:	Encode Signature for Heuristic qTESLA Security Category-1 and Category-3 (Option for Size)
-     *
-     * @param        signature            Output Package Containing Signature
-     * @param        signatureOffset        Starting Point of the Output Package Containing Signature
-     * @param        C
-     * @param        cOffset
-     * @param        Z
-     * @param        n                    Polynomial Degree
-     * @param        d                    Number of Rounded Bits
-     *
-     * @return none
-     ***************************************************************************************************************************************************************************************************************/
-    public static void encodeSignature(byte[] signature, int signatureOffset, byte[] C, int cOffset, int[] Z, int n, int d)
-    {
-
-        int j = 0;
-
-        for (int i = 0; i < (n * d / Const.INT_SIZE); i += d)
-        {
-
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 0), (int)(((Z[j + 0] & ((1 << 21) - 1))) | (Z[j + 1] << 21)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 1), (int)(((Z[j + 1] >>> 11) & ((1 << 10) - 1)) | ((Z[j + 2] & ((1 << 21) - 1)) << 10) | (Z[j + 3] << 31)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 2), (int)((((Z[j + 3] >>> 1) & ((1 << 20) - 1))) | (Z[j + 4] << 20)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 3), (int)(((Z[j + 4] >>> 12) & ((1 << 9) - 1)) | ((Z[j + 5] & ((1 << 21) - 1)) << 9) | (Z[j + 6] << 30)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 4), (int)((((Z[j + 6] >>> 2) & ((1 << 19) - 1))) | (Z[j + 7] << 19)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 5), (int)(((Z[j + 7] >>> 13) & ((1 << 8) - 1)) | ((Z[j + 8] & ((1 << 21) - 1)) << 8) | (Z[j + 9] << 29)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 6), (int)((((Z[j + 9] >>> 3) & ((1 << 18) - 1))) | (Z[j + 10] << 18)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 7), (int)(((Z[j + 10] >>> 14) & ((1 << 7) - 1)) | ((Z[j + 11] & ((1 << 21) - 1)) << 7) | (Z[j + 12] << 28)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 8), (int)((((Z[j + 12] >>> 4) & ((1 << 17) - 1))) | (Z[j + 13] << 17)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 9), (int)(((Z[j + 13] >>> 15) & ((1 << 6) - 1)) | ((Z[j + 14] & ((1 << 21) - 1)) << 6) | (Z[j + 15] << 27)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 10), (int)((((Z[j + 15] >>> 5) & ((1 << 16) - 1))) | (Z[j + 16] << 16)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 11), (int)(((Z[j + 16] >>> 16) & ((1 << 5) - 1)) | ((Z[j + 17] & ((1 << 21) - 1)) << 5) | (Z[j + 18] << 26)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 12), (int)((((Z[j + 18] >>> 6) & ((1 << 15) - 1))) | (Z[j + 19] << 15)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 13), (int)(((Z[j + 19] >>> 17) & ((1 << 4) - 1)) | ((Z[j + 20] & ((1 << 21) - 1)) << 4) | (Z[j + 21] << 25)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 14), (int)((((Z[j + 21] >>> 7) & ((1 << 14) - 1))) | (Z[j + 22] << 14)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 15), (int)(((Z[j + 22] >>> 18) & ((1 << 3) - 1)) | ((Z[j + 23] & ((1 << 21) - 1)) << 3) | (Z[j + 24] << 24)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 16), (int)((((Z[j + 24] >>> 8) & ((1 << 13) - 1))) | (Z[j + 25] << 13)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 17), (int)(((Z[j + 25] >>> 19) & ((1 << 2) - 1)) | ((Z[j + 26] & ((1 << 21) - 1)) << 2) | (Z[j + 27] << 23)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 18), (int)((((Z[j + 27] >>> 9) & ((1 << 12) - 1))) | (Z[j + 28] << 12)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 19), (int)(((Z[j + 28] >>> 20) & ((1 << 1) - 1)) | ((Z[j + 29] & ((1 << 21) - 1)) << 1) | (Z[j + 30] << 22)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 20), (int)((((Z[j + 30] >>> 10) & ((1 << 11) - 1))) | (Z[j + 31] << 11)));
-
-            j += Const.INT_SIZE;
-
-        }
-
-        System.arraycopy(C, cOffset, signature, signatureOffset + n * d / Const.BYTE_SIZE, Polynomial.HASH);
-
-    }
-
-    /*************************************************************************************************************************************************************************************************************
-     * Description:	Encode Signature for Heuristic qTESLA Security Category-3 (Option for Speed)
-     *
-     * @param        signature            Output Package Containing Signature
-     * @param        signatureOffset        Starting Point of the Output Package Containing Signature
-     * @param        C
-     * @param        cOffset
-     * @param        Z
-     *
-     * @return none
-     *************************************************************************************************************************************************************************************************************/
-    public static void encodeSignatureIIISpeed(byte[] signature, int signatureOffset, byte[] C, int cOffset, int[] Z)
-    {
-
-        int j = 0;
-
-        for (int i = 0; i < (Parameter.N_III_SPEED * Parameter.D_III_SPEED / Const.INT_SIZE); i += Parameter.D_III_SPEED / 2)
-        {
-
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 0), (int)(((Z[j + 0] & ((1 << 22) - 1))) | (Z[j + 1] << 22)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 1), (int)((((Z[j + 1] >>> 10) & ((1 << 12) - 1))) | (Z[j + 2] << 12)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 2), (int)(((Z[j + 2] >>> 20) & ((1 << 2) - 1)) | ((Z[j + 3] & ((1 << 22) - 1)) << 2) | (Z[j + 4] << 24)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 3), (int)((((Z[j + 4] >>> 8) & ((1 << 14) - 1))) | (Z[j + 5] << 14)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 4), (int)(((Z[j + 5] >>> 18) & ((1 << 4) - 1)) | ((Z[j + 6] & ((1 << 22) - 1)) << 4) | (Z[j + 7] << 26)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 5), (int)((((Z[j + 7] >>> 6) & ((1 << 16) - 1))) | (Z[j + 8] << 16)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 6), (int)(((Z[j + 8] >>> 16) & ((1 << 6) - 1)) | ((Z[j + 9] & ((1 << 22) - 1)) << 6) | (Z[j + 10] << 28)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 7), (int)((((Z[j + 10] >>> 4) & ((1 << 18) - 1))) | (Z[j + 11] << 18)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 8), (int)(((Z[j + 11] >>> 14) & ((1 << 8) - 1)) | ((Z[j + 12] & ((1 << 22) - 1)) << 8) | (Z[j + 13] << 30)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 9), (int)((((Z[j + 13] >>> 2) & ((1 << 20) - 1))) | (Z[j + 14] << 20)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 10), (int)((((Z[j + 14] >>> 12) & ((1 << 10) - 1))) | (Z[j + 15] << 10)));
-
-            j += Const.INT_SIZE / 2;
-
-        }
-
-        System.arraycopy(C, cOffset, signature, signatureOffset + Parameter.N_III_SPEED * Parameter.D_III_SPEED / Const.BYTE_SIZE, Polynomial.HASH);
-
-    }
-
-    /*************************************************************************************************************************************************************************************************************
-     * Description:	Encode Signature for Provably-Secure qTESLA Security Category-1
-     *
-     * @param        signature            Output Package Containing Signature
-     * @param        signatureOffset        Starting Point of the Output Package Containing Signature
-     * @param        C
-     * @param        cOffset
-     * @param        Z
-     *
-     * @return none
-     *************************************************************************************************************************************************************************************************************/
-    public static void encodeSignatureIP(byte[] signature, int signatureOffset, byte[] C, int cOffset, long[] Z)
-    {
-
-        int j = 0;
-
-        for (int i = 0; i < (Parameter.N_III_SPEED * Parameter.D_III_SPEED / Const.INT_SIZE); i += Parameter.D_III_SPEED / 2)
-        {
-
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 0), (int)(((Z[j + 0] & ((1 << 22) - 1))) | (Z[j + 1] << 22)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 1), (int)((((Z[j + 1] >>> 10) & ((1 << 12) - 1))) | (Z[j + 2] << 12)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 2), (int)(((Z[j + 2] >>> 20) & ((1 << 2) - 1)) | ((Z[j + 3] & ((1 << 22) - 1)) << 2) | (Z[j + 4] << 24)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 3), (int)((((Z[j + 4] >>> 8) & ((1 << 14) - 1))) | (Z[j + 5] << 14)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 4), (int)(((Z[j + 5] >>> 18) & ((1 << 4) - 1)) | ((Z[j + 6] & ((1 << 22) - 1)) << 4) | (Z[j + 7] << 26)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 5), (int)((((Z[j + 7] >>> 6) & ((1 << 16) - 1))) | (Z[j + 8] << 16)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 6), (int)(((Z[j + 8] >>> 16) & ((1 << 6) - 1)) | ((Z[j + 9] & ((1 << 22) - 1)) << 6) | (Z[j + 10] << 28)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 7), (int)((((Z[j + 10] >>> 4) & ((1 << 18) - 1))) | (Z[j + 11] << 18)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 8), (int)(((Z[j + 11] >>> 14) & ((1 << 8) - 1)) | ((Z[j + 12] & ((1 << 22) - 1)) << 8) | (Z[j + 13] << 30)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 9), (int)((((Z[j + 13] >>> 2) & ((1 << 20) - 1))) | (Z[j + 14] << 20)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 10), (int)((((Z[j + 14] >>> 12) & ((1 << 10) - 1))) | (Z[j + 15] << 10)));
-
-            j += Const.INT_SIZE / 2;
-
-        }
-
-        System.arraycopy(C, cOffset, signature, signatureOffset + Parameter.N_III_SPEED * Parameter.D_III_SPEED / Const.BYTE_SIZE, Polynomial.HASH);
-
-    }
-
-    /***************************************************************************************************************************************************************
-     * Description:	Encode Signature for Provably-Secure qTESLA Security Category-3
-     *
-     * @param        signature            Output Package Containing Signature
-     * @param        signatureOffset        Starting Point of the Output Package Containing Signature
-     * @param        C
-     * @param        cOffset
-     * @param        Z
-     *
-     * @return none
-     ***************************************************************************************************************************************************************/
-    public static void encodeSignatureIIIP(byte[] signature, int signatureOffset, byte[] C, int cOffset, long[] Z)
-    {
-
-        int j = 0;
-
-        for (int i = 0; i < (Parameter.N_III_P * Parameter.D_III_P / Const.INT_SIZE); i += Parameter.D_III_P / Const.BYTE_SIZE)
-        {
-
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 0), (int)(((Z[j + 0] & ((1 << 24) - 1))) | (Z[j + 1] << 24)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 1), (int)((((Z[j + 1] >>> 8) & ((1 << 16) - 1))) | (Z[j + 2] << 16)));
-            CommonFunction.store32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (i + 2), (int)((((Z[j + 2] >>> 16) & ((1 << 8) - 1))) | (Z[j + 3] << 8)));
-
-            j += Const.BYTE_SIZE / 2;
-
-        }
-
-        System.arraycopy(C, cOffset, signature, signatureOffset + Parameter.N_III_P * Parameter.D_III_P / Const.BYTE_SIZE, Polynomial.HASH);
-
-    }
-
-    /******************************************************************************************************************************
-     * Description:	Decode Signature for Heuristic qTESLA Security Category-1 and Category-3 (Option for Size)
-     *
-     * @param    C
-     * @param    Z
-     * @param    signature            Output Package Containing Signature
-     * @param    signatureOffset        Starting Point of the Output Package Containing Signature
-     * @param    n                    Polynomial Degree
-     * @param    d                    Number of Rounded Bits
-     *
-     * @return none
-     ******************************************************************************************************************************/
-    public static void decodeSignature(byte[] C, int[] Z, final byte[] signature, int signatureOffset, int n, int d)
-    {
-
-        int j = 0;
-
-        for (int i = 0; i < n; i += Const.INT_SIZE)
-        {
-
-            Z[i + 0] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 0)) << 11) >> 11;
-
-            Z[i + 1] = ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 0)) >>> 21) |
-                (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 1)) << 22) >> 11);
-
-            Z[i + 2] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 1)) << 1) >> 11;
-
-            Z[i + 3] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 1)) >>> 31) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 2)) << 12) >> 11);
-
-            Z[i + 4] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 2)) >>> 20) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 3)) << 23) >> 11);
-
-            Z[i + 5] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 3)) << 2) >> 11;
-
-            Z[i + 6] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 3)) >>> 30) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 4)) << 13) >> 11);
-
-            Z[i + 7] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 4)) >>> 19) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 5)) << 24) >> 11);
-
-            Z[i + 8] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 5)) << 3) >> 11;
-
-            Z[i + 9] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 5)) >>> 29) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 6)) << 14) >> 11);
-
-            Z[i + 10] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 6)) >>> 18) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 7)) << 25) >> 11);
-
-            Z[i + 11] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 7)) << 4) >> 11;
-
-            Z[i + 12] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 7)) >>> 28) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 8)) << 15) >> 11);
-
-            Z[i + 13] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 8)) >>> 17) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 9)) << 26) >> 11);
-
-            Z[i + 14] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 9)) << 5) >> 11;
-
-            Z[i + 15] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 9)) >>> 27) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 10)) << 16) >> 11);
-
-            Z[i + 16] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 10)) >>> 16) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 11)) << 27) >> 11);
-
-            Z[i + 17] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 11)) << 6) >> 11;
-
-            Z[i + 18] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 11)) >>> 26) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 12)) << 17) >> 11);
-
-            Z[i + 19] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 12)) >>> 15) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 13)) << 28) >> 11);
-
-            Z[i + 20] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 13)) << 7) >> 11;
-
-            Z[i + 21] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 13)) >>> 25) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 14)) << 18) >> 11);
-
-            Z[i + 22] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 14)) >>> 14) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 15)) << 29) >> 11);
-
-            Z[i + 23] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 15)) << 8) >> 11;
-
-            Z[i + 24] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 15)) >>> 24) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 16)) << 19) >> 11);
-
-            Z[i + 25] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 16)) >>> 13) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 17)) << 30) >> 11);
-
-            Z[i + 26] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 17)) << 9) >> 11;
-
-            Z[i + 27] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 17)) >>> 23) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 18)) << 20) >> 11);
-
-            Z[i + 28] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 18)) >>> 12) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 19)) << 31) >> 11);
-
-            Z[i + 29] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 19)) << 10) >> 11;
-
-            Z[i + 30] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 19)) >>> 22) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 20)) << 21) >> 11);
-
-            Z[i + 31] = CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 20)) >> 11;
-
-            j += d;
-
-        }
-
-        System.arraycopy(signature, signatureOffset + n * d / Const.BYTE_SIZE, C, 0, Polynomial.HASH);
-
-    }
-
-    /**************************************************************************************************************************************
-     * Description:	Decode Signature for Heuristic qTESLA Security Category-3 (Option for Speed)
-     *
-     * @param    C
-     * @param    Z
-     * @param    signature            Output Package Containing Signature
-     * @param    signatureOffset        Starting Point of the Output Package Containing Signature
-     *
-     * @return none
-     **************************************************************************************************************************************/
-    public static void decodeSignatureIIISpeed(byte[] C, int[] Z, final byte[] signature, int signatureOffset)
-    {
-
-        int j = 0;
-
-        for (int i = 0; i < Parameter.N_III_SPEED; i += Const.INT_SIZE / 2)
-        {
-
-            Z[i + 0] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 0)) << 10) >> 10;
-
-            Z[i + 1] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 0)) >>> 22) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 1)) << 20) >> 10);
-
-            Z[i + 2] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 1)) >>> 12) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 2)) << 30) >> 10);
-
-            Z[i + 3] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 2)) << 8) >> 10;
-
-            Z[i + 4] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 2)) >>> 24) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 3)) << 18) >> 10);
-
-            Z[i + 5] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 3)) >>> 14) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 4)) << 28) >> 10);
-
-            Z[i + 6] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 4)) << 6) >> 10;
-
-            Z[i + 7] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 4)) >>> 26) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 5)) << 16) >> 10);
-
-            Z[i + 8] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 5)) >>> 16) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 6)) << 26) >> 10);
-
-            Z[i + 9] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 6)) << 4) >> 10;
-
-            Z[i + 10] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 6)) >>> 28) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 7)) << 14) >> 10);
-
-            Z[i + 11] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 7)) >>> 18) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 8)) << 24) >> 10);
-
-            Z[i + 12] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 8)) << 2) >> 10;
-
-            Z[i + 13] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 8)) >>> 30) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 9)) << 12) >> 10);
-
-            Z[i + 14] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 9)) >>> 20) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 10)) << 22) >> 10);
-
-            Z[i + 15] = CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 10)) >> 10;
-
-            j += Parameter.D_III_SPEED / 2;
-
-        }
-
-        System.arraycopy(signature, signatureOffset + Parameter.N_III_SPEED * Parameter.D_III_SPEED / Const.BYTE_SIZE, C, 0, Polynomial.HASH);
-
-    }
-
-    /****************************************************************************************************************************
-     * Description:	Decode Signature for Provably-Secure qTESLA Security Category-1
-     *
-     * @param    C
-     * @param    Z
-     * @param    signature            Output Package Containing Signature
-     * @param    signatureOffset        Starting Point of the Output Package Containing Signature
-     *
-     * @return none
-     ****************************************************************************************************************************/
-    public static void decodeSignatureIP(byte[] C, long[] Z, final byte[] signature, int signatureOffset)
-    {
-
-        int j = 0;
-
-        for (int i = 0; i < Parameter.N_I_P; i += Const.INT_SIZE / 2)
-        {
-
-            Z[i + 0] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 0)) << 10) >> 10;
-
-            Z[i + 1] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 0)) >>> 22) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 1)) << 20) >> 10);
-
-            Z[i + 2] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 1)) >>> 12) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 2)) << 30) >> 10);
-
-            Z[i + 3] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 2)) << 8) >> 10;
-
-            Z[i + 4] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 2)) >>> 24) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 3)) << 18) >> 10);
-
-            Z[i + 5] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 3)) >>> 14) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 4)) << 28) >> 10);
-
-            Z[i + 6] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 4)) << 6) >> 10;
-
-            Z[i + 7] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 4)) >>> 26) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 5)) << 16) >> 10);
-
-            Z[i + 8] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 5)) >>> 16) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 6)) << 26) >> 10);
-
-            Z[i + 9] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 6)) << 4) >> 10;
-
-            Z[i + 10] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 6)) >>> 28) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 7)) << 14) >> 10);
-
-            Z[i + 11] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 7)) >>> 18) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 8)) << 24) >> 10);
-
-            Z[i + 12] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 8)) << 2) >> 10;
-
-            Z[i + 13] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 8)) >>> 30) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 9)) << 12) >> 10);
-
-            Z[i + 14] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 9)) >>> 20) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 10)) << 22) >> 10);
-
-            Z[i + 15] = CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 10)) >> 10;
-
-            j += Parameter.D_I_P / 2;
-
-        }
-
-        System.arraycopy(signature, signatureOffset + Parameter.N_I_P * Parameter.D_I_P / Const.BYTE_SIZE, C, 0, Polynomial.HASH);
-
-    }
-
-    /****************************************************************************************************************************************
-     * Description:	Decode Signature for Provably-Secure qTESLA Security Category-3
-     *
-     * @param    C
-     * @param    Z
-     * @param    signature            Output Package Containing Signature
-     * @param    signatureOffset        Starting Point of the Output Package Containing Signature
-     *
-     * @return none
-     ****************************************************************************************************************************************/
-    public static void decodeSignatureIIIP(byte[] C, long[] Z, final byte[] signature, int signatureOffset)
-    {
-
-        int j = 0;
-
-        for (int i = 0; i < Parameter.N_III_P; i += Const.BYTE_SIZE / 2)
-        {
-
-            Z[i + 0] = (CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 0)) << 8) >> 8;
-
-            Z[i + 1] = ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 0)) >>> 24) & ((1 << 8) - 1)) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 1)) << 16) >> 8);
-
-            Z[i + 2] = ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 1)) >>> 16) & ((1 << 16) - 1)) |
-                ((CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 2)) << 24) >> 8);
-
-            Z[i + 3] = CommonFunction.load32(signature, signatureOffset + Const.INT_SIZE / Const.BYTE_SIZE * (j + 2)) >> 8;
-
-            j += Const.BYTE_SIZE / 2 - 1;
-
-        }
-
-        System.arraycopy(signature, signatureOffset + Parameter.N_III_P * Parameter.D_III_P / Const.BYTE_SIZE, C, 0, Polynomial.HASH);
-
-    }
-
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/Parameter.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/Parameter.java
deleted file mode 100644
index aeae8cb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/Parameter.java
+++ /dev/null

@@ -1,413 +0,0 @@
-package org.bouncycastle.pqc.crypto.qtesla;
-
-final class Parameter
-{
-
-    /**
-     * Dimension, (Dimension - 1) is the Polynomial Degree for Heuristic qTESLA Security Category-1
-     */
-    public static final int N_I = 512;
-
-    /**
-     * Dimension, (Dimension - 1) is the Polynomial Degree for Provably-Secure qTESLA Security Category-1
-     */
-    public static final int N_I_P = 1024;
-
-    /**
-     * Dimension, (Dimension - 1) is the Polynomial Degree for Heuristic qTESLA Security Category-3 (Option for Size)
-     */
-    public static final int N_III_SIZE = 1024;
-
-    /**
-     * Dimension, (Dimension - 1) is the Polynomial Degree for Heuristic qTESLA Security Category-3 (Option for Speed)
-     */
-    public static final int N_III_SPEED = 1024;
-
-    /**
-     * Dimension, (Dimension - 1) is the Polynomial Degree for Provably-Secure qTESLA Security Category-3
-     */
-    public static final int N_III_P = 2048;
-
-    /**
-     * N_LOGARITHM = LOGARITHM (N) / LOGARITHM (2) for Heuristic qTESLA Security Category-1
-     */
-    public static final int N_LOGARITHM_I = 9;
-
-    /**
-     * N_LOGARITHM = LOGARITHM (N) / LOGARITHM (2) for Provably-Secure qTESLA Security Category-1
-     */
-    public static final int N_LOGARITHM_I_P = 10;
-
-    /**
-     * N_LOGARITHM = LOGARITHM (N) / LOGARITHM (2) for Heuristic qTESLA Security Category-3 (Option for Size)
-     */
-    public static final int N_LOGARITHM_III_SIZE = 10;
-
-    /**
-     * N_LOGARITHM = LOGARITHM (N) / LOGARITHM (2) for Heuristic qTESLA Security Category-3 (Option for Speed)
-     */
-    public static final int N_LOGARITHM_III_SPEED = 10;
-
-    /**
-     * N_LOGARITHM = LOGARITHM (N) / LOGARITHM (2) for Provably-Secure qTESLA Security Category-3
-     */
-    public static final int N_LOGARITHM_III_P = 11;
-
-    /**
-     * Modulus for Heuristic qTESLA Security Category-1
-     */
-    public static final int Q_I = 4205569;
-
-    /**
-     * Modulus for Provably-Secure qTESLA Security Category-1
-     */
-    public static final int Q_I_P = 485978113;
-
-    /**
-     * Modulus for Heuristic qTESLA Security Category-3 (Option for Size)
-     */
-    public static final int Q_III_SIZE = 4206593;
-
-    /**
-     * Modulus for Heuristic qTESLA Security Category-3 (Option for Speed)
-     */
-    public static final int Q_III_SPEED = 8404993;
-
-    /**
-     * Modulus for Provably-Secure qTESLA Security Category-3
-     */
-    public static final int Q_III_P = 1129725953;
-
-    /**
-     * Q <= 2 ^ Q_LOGARITHM for Heuristic qTESLA Security Category-1
-     */
-    public static final int Q_LOGARITHM_I = 23;
-
-    /**
-     * Q <= 2 ^ Q_LOGARITHM for Provably-Secure qTESLA Security Category-1
-     */
-    public static final int Q_LOGARITHM_I_P = 29;
-
-    /**
-     * Q <= 2 ^ Q_LOGARITHM for Heuristic qTESLA Security Category-3 (Option for Size)
-     */
-    public static final int Q_LOGARITHM_III_SIZE = 23;
-
-    /**
-     * Q <= 2 ^ Q_LOGARITHM for Heuristic qTESLA Security Category-3 (Option for Speed)
-     */
-    public static final int Q_LOGARITHM_III_SPEED = 24;
-
-    /**
-     * Q <= 2 ^ Q_LOGARITHM for Provably-Secure qTESLA Security Category-3
-     */
-    public static final int Q_LOGARITHM_III_P = 31;
-
-    public static final long Q_INVERSE_I = 3098553343L;
-    public static final long Q_INVERSE_I_P = 3421990911L;
-    public static final long Q_INVERSE_III_SIZE = 4148178943L;
-    public static final long Q_INVERSE_III_SPEED = 4034936831L;
-    public static final long Q_INVERSE_III_P = 861290495L;
-
-    /**
-     * B Determines the Interval the Randomness is Chosen in During Signing for Heuristic qTESLA Security Category-1
-     */
-    public static final int B_I = 1048575;
-
-    /**
-     * B Determines the Interval the Randomness is Chosen in During Signing for Provably-Secure qTESLA Security Category-1
-     */
-    public static final int B_I_P = 2097151;
-
-    /**
-     * B Determines the Interval the Randomness is Chosen in During Signing for Heuristic qTESLA Security Category-3 (Option for Size)
-     */
-    public static final int B_III_SIZE = 1048575;
-
-    /**
-     * B Determines the Interval the Randomness is Chosen in During Signing for Heuristic qTESLA Security Category-3 (Option for Speed)
-     */
-    public static final int B_III_SPEED = 2097151;
-
-    /**
-     * B Determines the Interval the Randomness is Chosen in During Signing for Provably-Secure qTESLA Security Category-3
-     */
-    public static final int B_III_P = 8388607;
-
-    /**
-     * B = 2 ^ B_BIT - 1 for Heuristic qTESLA Security Category-1
-     */
-    public static final int B_BIT_I = 20;
-
-    /**
-     * B = 2 ^ B_BIT - 1 for Provably-Secure qTESLA Security Category-1
-     */
-    public static final int B_BIT_I_P = 21;
-
-    /**
-     * B = 2 ^ B_BIT - 1 for Heuristic qTESLA Security Category-3 (Option for Size)
-     */
-    public static final int B_BIT_III_SIZE = 20;
-
-    /**
-     * B = 2 ^ B_BIT - 1 for Heuristic qTESLA Security Category-3 (Option for Speed)
-     */
-    public static final int B_BIT_III_SPEED = 21;
-
-    /**
-     * B = 2 ^ B_BIT - 1 for Provably-Secure qTESLA Security Category-3
-     */
-    public static final int B_BIT_III_P = 23;
-
-    public static final int S_BIT_I = 10;
-    public static final int S_BIT_I_P = 8;
-    public static final int S_BIT_III_SIZE = 8;
-    public static final int S_BIT_III_SPEED = 9;
-    public static final int S_BIT_III_P = 8;
-
-    /**
-     * Number of Ring-Learning-With-Errors Samples for Heuristic qTESLA Security Category-1
-     */
-    public static final int K_I = 1;
-
-    /**
-     * Number of Ring-Learning-With-Errors Samples for Provably-Secure qTESLA Security Category-1
-     */
-    public static final int K_I_P = 4;
-
-    /**
-     * Number of Ring-Learning-With-Errors Samples for Heuristic qTESLA Security Category-3 (Option for Size)
-     */
-    public static final int K_III_SIZE = 1;
-
-    /**
-     * Number of Ring-Learning-With-Errors Samples for Heuristic qTESLA Security Category-3 (Option for Speed)
-     */
-    public static final int K_III_SPEED = 1;
-
-    /**
-     * Number of Ring-Learning-With-Errors Samples for Provably-Secure qTESLA Security Category-3
-     */
-    public static final int K_III_P = 5;
-
-    /**
-     * Number of Non-Zero Entries of Output Elements of Encryption for Heuristic qTESLA Security Category-1
-     */
-    public static final int H_I = 30;
-
-    /**
-     * Number of Non-Zero Entries of Output Elements of Encryption for Provably-Secure qTESLA Security Category-1
-     */
-    public static final int H_I_P = 25;
-
-    /**
-     * Number of Non-Zero Entries of Output Elements of Encryption for Heuristic qTESLA Security Category-3 (Option for Size)
-     */
-    public static final int H_III_SIZE = 48;
-
-    /**
-     * Number of Non-Zero Entries of Output Elements of Encryption for Heuristic qTESLA Security Category-3 (Option for Speed)
-     */
-    public static final int H_III_SPEED = 48;
-
-    /**
-     * Number of Non-Zero Entries of Output Elements of Encryption for Provably-Secure qTESLA Security Category-3
-     */
-    public static final int H_III_P = 40;
-
-    /**
-     * Number of Rounded Bits for Heuristic qTESLA Security Category-1
-     */
-    public static final int D_I = 21;
-
-    /**
-     * Number of Rounded Bits for Provably-Secure qTESLA Security Category-1
-     */
-    public static final int D_I_P = 22;
-
-    /**
-     * Number of Rounded Bits for Heuristic qTESLA Security Category-3 (Option for Size)
-     */
-    public static final int D_III_SIZE = 21;
-
-    /**
-     * Number of Rounded Bits for Heuristic qTESLA Security Category-3 (Option for Speed)
-     */
-    public static final int D_III_SPEED = 22;
-
-    /**
-     * Number of Rounded Bits for Provably-Secure qTESLA Security Category-3
-     */
-    public static final int D_III_P = 24;
-
-    /**
-     * Bound in Checking Error Polynomial for Heuristic qTESLA Security Category-1
-     */
-    public static final int KEY_GENERATOR_BOUND_E_I = 1586;
-
-    /**
-     * Bound in Checking Error Polynomial for Provably-Secure qTESLA Security Category-1
-     */
-    public static final int KEY_GENERATOR_BOUND_E_I_P = 554;
-
-    /**
-     * Bound in Checking Error Polynomial for Heuristic qTESLA Security Category-3 (Option for Size)
-     */
-    public static final int KEY_GENERATOR_BOUND_E_III_SIZE = 910;
-
-    /**
-     * Bound in Checking Error Polynomial for Heuristic qTESLA Security Category-3 (Option for Speed)
-     */
-    public static final int KEY_GENERATOR_BOUND_E_III_SPEED = 1147;
-
-    /**
-     * Bound in Checking Error Polynomial for Provably-Secure qTESLA Security Category-3
-     */
-    public static final int KEY_GENERATOR_BOUND_E_III_P = 901;
-
-    public static final int REJECTION_I = KEY_GENERATOR_BOUND_E_I;
-    public static final int REJECTION_I_P = KEY_GENERATOR_BOUND_E_I_P;
-    public static final int REJECTION_III_SIZE = KEY_GENERATOR_BOUND_E_III_SIZE;
-    public static final int REJECTION_III_SPEED = KEY_GENERATOR_BOUND_E_III_SPEED;
-    public static final int REJECTION_III_P = KEY_GENERATOR_BOUND_E_III_P;
-
-    /**
-     * Bound in Checking Secret Polynomial for Heuristic qTESLA Security Category-1
-     */
-    public static final int KEY_GENERATOR_BOUND_S_I = 1586;
-
-    /**
-     * Bound in Checking Secret Polynomial for Provably-Secure qTESLA Security Category-1
-     */
-    public static final int KEY_GENERATOR_BOUND_S_I_P = 554;
-
-    /**
-     * Bound in Checking Secret Polynomial for Heuristic qTESLA Security Category-3 (Option for Size)
-     */
-    public static final int KEY_GENERATOR_BOUND_S_III_SIZE = 910;
-
-    /**
-     * Bound in Checking Secret Polynomial for Heuristic qTESLA Security Category-3 (Option for Speed)
-     */
-    public static final int KEY_GENERATOR_BOUND_S_III_SPEED = 1233;
-
-    /**
-     * Bound in Checking Secret Polynomial for Provably-Secure qTESLA Security Category-3
-     */
-    public static final int KEY_GENERATOR_BOUND_S_III_P = 901;
-
-    public static final int U_I = KEY_GENERATOR_BOUND_S_I;
-    public static final int U_I_P = KEY_GENERATOR_BOUND_S_I_P;
-    public static final int U_III_SIZE = KEY_GENERATOR_BOUND_S_III_SIZE;
-    public static final int U_III_SPEED = KEY_GENERATOR_BOUND_S_III_SPEED;
-    public static final int U_III_P = KEY_GENERATOR_BOUND_S_III_P;
-
-    /**
-     * Standard Deviation of Centered Discrete Gaussian Distribution for Heuristic qTESLA Security Category-1
-     */
-    public static final double SIGMA_I = 22.93;
-
-    /**
-     * Standard Deviation of Centered Discrete Gaussian Distribution for Provably-Secure qTESLA Security Category-1
-     */
-    public static final double SIGMA_I_P = 8.5;
-
-    /**
-     * Standard Deviation of Centered Discrete Gaussian Distribution for Heuristic qTESLA Security Category-3 (Option for Size)
-     */
-    public static final double SIGMA_III_SIZE = 7.64;
-
-    /**
-     * Standard Deviation of Centered Discrete Gaussian Distribution for Heuristic qTESLA Security Category-3 (Option for Speed)
-     */
-    public static final double SIGMA_III_SPEED = 10.2;
-
-    /**
-     * Standard Deviation of Centered Discrete Gaussian Distribution for Provably-Secure qTESLA Security Category-3
-     */
-    public static final double SIGMA_III_P = 8.5;
-
-    public static final double SIGMA_E_I = SIGMA_I;
-    public static final double SIGMA_E_I_P = SIGMA_I_P;
-    public static final double SIGMA_E_III_SIZE = SIGMA_III_SIZE;
-    public static final double SIGMA_E_III_SPEED = SIGMA_III_SPEED;
-    public static final double SIGMA_E_III_P = SIGMA_III_P;
-
-    /**
-     * XI = SIGMA * SQUARE_ROOT (2 * LOGARITHM (2) / LOGARITHM (e)) for Heuristic qTESLA Security Category-1
-     */
-    public static final double XI_I = 27;
-
-    /**
-     * XI = SIGMA * SQUARE_ROOT (2 * LOGARITHM (2) / LOGARITHM (e)) for Provably-Secure qTESLA Security Category-1
-     */
-    public static final double XI_I_P = 10;
-
-    /**
-     * XI = SIGMA * SQUARE_ROOT (2 * LOGARITHM (2) / LOGARITHM (e)) for Heuristic qTESLA Security Category-3 (Option for Size)
-     */
-    public static final double XI_III_SIZE = 9;
-
-    /**
-     * XI = SIGMA * SQUARE_ROOT (2 * LOGARITHM (2) / LOGARITHM (e)) for Heuristic qTESLA Security Category-3 (Option for Speed)
-     */
-    public static final double XI_III_SPEED = 12;
-
-    /**
-     * XI = SIGMA * SQUARE_ROOT (2 * LOGARITHM (2) / LOGARITHM (e)) for Provably-Secure qTESLA Security Category-3
-     */
-    public static final double XI_III_P = 10;
-
-    public static final int BARRETT_MULTIPLICATION_I = 1021;
-    public static final int BARRETT_MULTIPLICATION_I_P = 1;
-    public static final int BARRETT_MULTIPLICATION_III_SIZE = 1021;
-    public static final int BARRETT_MULTIPLICATION_III_SPEED = 511;
-    public static final int BARRETT_MULTIPLICATION_III_P = 15;
-
-    public static final int BARRETT_DIVISION_I = 32;
-    public static final int BARRETT_DIVISION_I_P = 29;
-    public static final int BARRETT_DIVISION_III_SIZE = 32;
-    public static final int BARRETT_DIVISION_III_SPEED = 32;
-    public static final int BARRETT_DIVISION_III_P = 34;
-
-    /**
-     * The Number of Blocks Requested in the First Extendable-Output Function Call
-     * for Heuristic qTESLA Security Category-1
-     */
-    public static final int GENERATOR_A_I = 19;
-
-    /**
-     * The Number of Blocks Requested in the First Extendable-Output Function Call
-     * for Provably-Secure qTESLA Security Category-1
-     */
-    public static final int GENERATOR_A_I_P = 108;
-
-    /**
-     * The Number of Blocks Requested in the First Extendable-Output Function Call
-     * for Provably-Secure qTESLA Security Category-3 (Option for Size)
-     */
-    public static final int GENERATOR_A_III_SIZE = 38;
-
-    /**
-     * The Number of Blocks Requested in the First Extendable-Output Function Call
-     * for Provably-Secure qTESLA Security Category-3 (Option for Speed)
-     */
-    public static final int GENERATOR_A_III_SPEED = 38;
-
-    /**
-     * The Number of Blocks Requested in the First Extendable-Output Function Call
-     * for Provably-Secure qTESLA Security Category-3
-     */
-    public static final int GENERATOR_A_III_P = 180;
-
-    public static final int INVERSE_NUMBER_THEORETIC_TRANSFORM_I = 113307;
-    public static final int INVERSE_NUMBER_THEORETIC_TRANSFORM_I_P = 472064468;
-    public static final int INVERSE_NUMBER_THEORETIC_TRANSFORM_III_SIZE = 1217638;
-    public static final int INVERSE_NUMBER_THEORETIC_TRANSFORM_III_SPEED = 237839;
-    public static final int INVERSE_NUMBER_THEORETIC_TRANSFORM_III_P = 851423148;
-
-    public static final int R_I = 1081347;
-    public static final int R_III_SIZE = 35843;
-    public static final int R_III_SPEED = 15873;
-
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/Polynomial.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/Polynomial.java
deleted file mode 100644
index cf81b3d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/Polynomial.java
+++ /dev/null

@@ -1,1303 +0,0 @@
-package org.bouncycastle.pqc.crypto.qtesla;
-
-import org.bouncycastle.util.Arrays;
-
-class Polynomial
-{
-
-    /**
-     * Size of A Random Number (in Byte)
-     */
-    public static final int RANDOM = 32;
-
-    /**
-     * Size of A Seed (in Byte)
-     */
-    public static final int SEED = 32;
-
-    /**
-     * Size of Hash Value C (in Byte) in the Signature Package
-     */
-    public static final int HASH = 32;
-
-    /**
-     * Size of Hashed Message
-     */
-    public static final int MESSAGE = 64;
-
-    /**
-     * Size of the Signature Package (Z, C) (in Byte) for Heuristic qTESLA Security Category-1.
-     * Z is A Polynomial Bounded by B and C is the Output of A Hashed String
-     */
-    public static final int SIGNATURE_I = (Parameter.N_I * Parameter.D_I + 7) / 8 + HASH;
-
-    /**
-     * Size of the Signature Package (Z, C) (in Byte) for Heuristic qTESLA Security Category-3 (Option for Size).
-     * Z is A Polynomial Bounded by B and C is the Output of A Hashed String
-     */
-    public static final int SIGNATURE_III_SIZE = (Parameter.N_III_SIZE * Parameter.D_III_SIZE + 7) / 8 + HASH;
-
-    /**
-     * Size of the Signature Package (Z, C) (in Byte) for Heuristic qTESLA Security Category-3 (Option for Speed).
-     * Z is A Polynomial Bounded by B and C is the Output of A Hashed String
-     */
-    public static final int SIGNATURE_III_SPEED = (Parameter.N_III_SPEED * Parameter.D_III_SPEED + 7) / 8 + HASH;
-
-    /**
-     * Size of the Signature Package (Z, C) (in Byte) for Provably-Secure qTESLA Security Category-1.
-     * Z is A Polynomial Bounded by B and C is the Output of A Hashed String
-     */
-    public static final int SIGNATURE_I_P = (Parameter.N_I_P * Parameter.D_I_P + 7) / 8 + HASH;
-
-    /**
-     * Size of the Signature Package (Z, C) (in Byte) for Provably-Secure qTESLA Security Category-3.
-     * Z is A Polynomial Bounded by B and C is the Output of A Hashed String
-     */
-    public static final int SIGNATURE_III_P = (Parameter.N_III_P * Parameter.D_III_P + 7) / 8 + HASH;
-
-    /**
-     * Size of the Public Key (in Byte) Containing seedA and Polynomial T for Heuristic qTESLA Security Category-1
-     */
-    public static final int PUBLIC_KEY_I = (Parameter.N_I * Parameter.K_I * Parameter.Q_LOGARITHM_I + 7) / 8 + SEED;
-
-    /**
-     * Size of the Public Key (in Byte) Containing seedA and Polynomial T for Heuristic qTESLA Security Category-3 (Option for Size)
-     */
-    public static final int PUBLIC_KEY_III_SIZE = (Parameter.N_III_SIZE * Parameter.K_III_SIZE * Parameter.Q_LOGARITHM_III_SIZE + 7) / 8 + SEED;
-
-    /**
-     * Size of the Public Key (in Byte) Containing seedA and Polynomial T for Heuristic qTESLA Security Category-3 (Option for Speed)
-     */
-    public static final int PUBLIC_KEY_III_SPEED = (Parameter.N_III_SPEED * Parameter.K_III_SPEED * Parameter.Q_LOGARITHM_III_SPEED + 7) / 8 + SEED;
-
-    /**
-     * Size of the Public Key (in Byte) Containing seedA and Polynomial T for Provably-Secure qTESLA Security Category-1
-     */
-    public static final int PUBLIC_KEY_I_P = (Parameter.N_I_P * Parameter.K_I_P * Parameter.Q_LOGARITHM_I_P + 7) / 8 + SEED;
-
-    /**
-     * Size of the Public Key (in Byte) Containing seedA and Polynomial T for Provably-Secure qTESLA Security Category-3
-     */
-    public static final int PUBLIC_KEY_III_P = (Parameter.N_III_P * Parameter.K_III_P * Parameter.Q_LOGARITHM_III_P + 7) / 8 + SEED;
-
-    /**
-     * Size of the Private Key (in Byte) Containing Polynomials (Secret Polynomial and Error Polynomial) and Seeds (seedA and seedY)
-     * for Heuristic qTESLA Security Category-1
-     */
-    public static final int PRIVATE_KEY_I = Parameter.N_I * Parameter.S_BIT_I / Const.BYTE_SIZE * 2 + SEED * 2;
-
-    /**
-     * Size of the Private Key (in Byte) Containing Polynomials (Secret Polynomial and Error Polynomial) and Seeds (seedA and seedY)
-     * for Heuristic qTESLA Security Category-3 (Option for Size)
-     */
-    public static final int PRIVATE_KEY_III_SIZE = Parameter.N_III_SIZE * Parameter.S_BIT_III_SIZE / Const.BYTE_SIZE * 2 + SEED * 2;
-
-    /**
-     * Size of the Private Key (in Byte) Containing Polynomials (Secret Polynomial and Error Polynomial) and Seeds (seedA and seedY)
-     * for Heuristic qTESLA Security Category-3 (Option for Speed)
-     */
-    public static final int PRIVATE_KEY_III_SPEED = Parameter.N_III_SPEED * Parameter.S_BIT_III_SPEED / Const.BYTE_SIZE * 2 + SEED * 2;
-
-    /**
-     * Size of the Private Key (in Byte) Containing Polynomials (Secret Polynomial and Error Polynomial) and Seeds (seedA and seedY)
-     * for Provably-Secure qTESLA Security Category-1
-     */
-    public static final int PRIVATE_KEY_I_P = Parameter.N_I_P + Parameter.N_I_P * Parameter.K_I_P + SEED * 2;
-
-    /**
-     * Size of the Private Key (in Byte) Containing Polynomials (Secret Polynomial and Error Polynomial) and Seeds (seedA and seedY)
-     * for Provably-Secure qTESLA Security Category-3
-     */
-    public static final int PRIVATE_KEY_III_P = Parameter.N_III_P + Parameter.N_III_P * Parameter.K_III_P + SEED * 2;
-
-    /****************************************************************************
-     * Description:	Montgomery Reduction for Heuristic qTESLA Security Category 1
-     * 				and Security Category-3 (Option for Size and Speed)
-     *
-     * @param        number        Number to be Reduced
-     * @param        q            Modulus
-     * @param        qInverse
-     *
-     * @return Reduced Number
-     ****************************************************************************/
-    private static int montgomery(long number, int q, long qInverse)
-    {
-
-        return (int)((number + ((number * qInverse) & 0xFFFFFFFFL) * q) >> 32);
-
-    }
-
-    /****************************************************************************
-     * Description:	Montgomery Reduction for Provably-Secure qTESLA
-     * 				Security Category-1 and Security Category-3
-     *
-     * @param        number        Number to be Reduced
-     * @param        q            Modulus
-     * @param        qInverse
-     *
-     * @return Reduced Number
-     ****************************************************************************/
-    private static long montgomeryP(long number, int q, long qInverse)
-    {
-
-        return (number + ((number * qInverse) & 0xFFFFFFFFL) * q) >> 32;
-
-    }
-
-    /**********************************************************************************************
-     * Description:	Barrett Reduction for Heuristic qTESLA Security Category-3
-     * 				(Option for Size or Speed)
-     *
-     * @param        number                    Number to be Reduced
-     * @param        barrettMultiplication
-     * @param        barrettDivision
-     * @param        q                        Modulus
-     *
-     * @return Reduced Number
-     **********************************************************************************************/
-    public static int barrett(int number, int q, int barrettMultiplication, int barrettDivision)
-    {
-
-        return number - (int)(((long)number * barrettMultiplication) >> barrettDivision) * q;
-
-    }
-
-    /*************************************************************************************************
-     * Description:	Barrett Reduction for Provably-Secure qTESLA Security Category-1 and
-     * 				Security Category-3
-     *
-     * @param        number                    Number to be Reduced
-     * @param        barrettMultiplication
-     * @param        barrettDivision
-     * @param        q                        Modulus
-     *
-     * @return Reduced Number
-     *************************************************************************************************/
-    public static long barrett(long number, int q, int barrettMultiplication, int barrettDivision)
-    {
-
-        return number - ((number * barrettMultiplication) >> barrettDivision) * q;
-
-    }
-
-    /************************************************************************************************************
-     * Description:	Forward Number Theoretic Transform for Heuristic qTESLA Security Category-1,
-     * 				Security Category-3 (Option for Size and Speed)
-     *
-     * @param        destination        Destination of Transformation
-     * @param        source            Source of Transformation
-     * @param        n                Polynomial Degree
-     * @param        q                Modulus
-     * @param        qInverse
-     *
-     * @return none
-     ************************************************************************************************************/
-    private static void numberTheoreticTransform(int destination[], int source[], int n, int q, long qInverse)
-    {
-
-        int jTwiddle = 0;
-        int numberOfProblem = n >> 1;
-
-        for (; numberOfProblem > 0; numberOfProblem >>= 1)
-        {
-
-            int j = 0;
-            int jFirst;
-
-            for (jFirst = 0; jFirst < n; jFirst = j + numberOfProblem)
-            {
-
-                long omega = source[jTwiddle++];
-
-                for (j = jFirst; j < jFirst + numberOfProblem; j++)
-                {
-
-                    int temporary = montgomery(omega * destination[j + numberOfProblem], q, qInverse);
-
-                    destination[j + numberOfProblem] = destination[j] - temporary;
-                    destination[j] = destination[j] + temporary;
-
-                }
-
-            }
-
-        }
-
-    }
-
-    /**************************************************************************************************************
-     * Description:	Forward Number Theoretic Transform for Provably-Secure qTESLA Security Category-1
-     *
-     * @param        destination        Destination of Transformation
-     * @param        source            Source of Transformation
-     *
-     * @return none
-     **************************************************************************************************************/
-    private static void numberTheoreticTransformIP(long destination[], long source[])
-    {
-
-        int numberOfProblem = Parameter.N_I_P >> 1;
-        int jTwiddle = 0;
-
-        for (; numberOfProblem > 0; numberOfProblem >>= 1)
-        {
-
-            int j = 0;
-            int jFirst;
-
-            for (jFirst = 0; jFirst < Parameter.N_I_P; jFirst = j + numberOfProblem)
-            {
-
-                long omega = source[jTwiddle++];
-
-                for (j = jFirst; j < jFirst + numberOfProblem; j++)
-                {
-
-                    long temporary = montgomeryP(
-                        omega * destination[j + numberOfProblem],
-                        Parameter.Q_I_P, Parameter.Q_INVERSE_I_P
-                    );
-
-                    destination[j + numberOfProblem] = destination[j] + (Parameter.Q_I_P - temporary);
-
-                    destination[j] = destination[j] + temporary;
-
-                }
-
-            }
-
-        }
-
-    }
-
-    /**************************************************************************************************************
-     * Description:	Forward Number Theoretic Transform for Provably-Secure qTESLA Security Category-3
-     *
-     * @param        destination        Destination of Transformation
-     * @param        source            Source of Transformation
-     *
-     * @return none
-     **************************************************************************************************************/
-    private static void numberTheoreticTransformIIIP(long destination[], long source[])
-    {
-
-        int jTwiddle = 0;
-        int numberOfProblem = Parameter.N_III_P >> 1;
-
-        for (; numberOfProblem > 0; numberOfProblem >>= 1)
-        {
-
-            int j = 0;
-            int jFirst;
-
-            for (jFirst = 0; jFirst < Parameter.N_III_P; jFirst = j + numberOfProblem)
-            {
-
-                int omega = (int)source[jTwiddle++];
-
-                for (j = jFirst; j < jFirst + numberOfProblem; j++)
-                {
-
-                    long temporary = barrett(
-                        montgomeryP(
-                            omega * destination[j + numberOfProblem],
-                            Parameter.Q_III_P,
-                            Parameter.Q_INVERSE_III_P
-                        ),
-                        Parameter.Q_III_P,
-                        Parameter.BARRETT_MULTIPLICATION_III_P,
-                        Parameter.BARRETT_DIVISION_III_P
-                    );
-
-                    destination[j + numberOfProblem] = barrett(
-                        destination[j] + (2L * Parameter.Q_III_P - temporary),
-                        Parameter.Q_III_P,
-                        Parameter.BARRETT_MULTIPLICATION_III_P,
-                        Parameter.BARRETT_DIVISION_III_P
-                    );
-
-                    destination[j] = barrett(
-                        destination[j] + temporary,
-                        Parameter.Q_III_P,
-                        Parameter.BARRETT_MULTIPLICATION_III_P,
-                        Parameter.BARRETT_DIVISION_III_P
-                    );
-
-                }
-
-            }
-
-        }
-
-    }
-
-    /******************************************************************************************************************
-     * Description:	Inverse Number Theoretic Transform for Heuristic qTESLA Security Category-1
-     *
-     * @param        destination            Destination of Inverse Transformation
-     * @param        source                Source of Inverse Transformation
-     *
-     * @return none
-     ******************************************************************************************************************/
-    private static void inverseNumberTheoreticTransformI(int destination[], int source[])
-    {
-
-        int jTwiddle = 0;
-
-        for (int numberOfProblem = 1; numberOfProblem < Parameter.N_I; numberOfProblem *= 2)
-        {
-
-            int j = 0;
-            int jFirst;
-
-            for (jFirst = 0; jFirst < Parameter.N_I; jFirst = j + numberOfProblem)
-            {
-
-                long omega = source[jTwiddle++];
-
-                for (j = jFirst; j < jFirst + numberOfProblem; j++)
-                {
-
-                    int temporary = destination[j];
-
-                    destination[j] = temporary + destination[j + numberOfProblem];
-
-                    destination[j + numberOfProblem] = montgomery(
-                        omega * (temporary - destination[j + numberOfProblem]),
-                        Parameter.Q_I, Parameter.Q_INVERSE_I
-                    );
-
-                }
-
-            }
-
-        }
-
-        for (int i = 0; i < Parameter.N_I / 2; i++)
-        {
-
-            destination[i] = montgomery((long)Parameter.R_I * destination[i], Parameter.Q_I, Parameter.Q_INVERSE_I);
-
-        }
-
-    }
-
-    /**************************************************************************************************************************************************************************
-     * Description:	Inverse Number Theoretic Transform for Heuristic qTESLA Security Category-3 (Option for Size and Speed)
-     *
-     * @param        destination                    Destination of Inverse Transformation
-     * @param        source                        Source of Inverse Transformation
-     * @param        n                            Polynomial Degree
-     * @param        q                            Modulus
-     * @param        qInverse
-     * @param        r
-     * @param        barrettMultiplication
-     * @param        barrettDivision
-     *
-     * @return none
-     **************************************************************************************************************************************************************************/
-    private static void inverseNumberTheoreticTransform(int destination[], int source[], int n, int q, long qInverse, int r, int barrettMultiplication, int barrettDivision)
-    {
-
-        int jTwiddle = 0;
-
-        for (int numberOfProblem = 1; numberOfProblem < n; numberOfProblem *= 2)
-        {
-
-            int j = 0;
-
-            for (int jFirst = 0; jFirst < n; jFirst = j + numberOfProblem)
-            {
-
-                long omega = source[jTwiddle++];
-
-                for (j = jFirst; j < jFirst + numberOfProblem; j++)
-                {
-
-                    int temporary = destination[j];
-
-                    if (numberOfProblem == 16)
-                    {
-
-                        destination[j] = barrett(temporary + destination[j + numberOfProblem], q, barrettMultiplication, barrettDivision);
-
-                    }
-                    else
-                    {
-
-                        destination[j] = temporary + destination[j + numberOfProblem];
-
-                    }
-
-                    destination[j + numberOfProblem] = montgomery(omega * (temporary - destination[j + numberOfProblem]), q, qInverse);
-
-                }
-
-            }
-
-        }
-
-        for (int i = 0; i < n / 2; i++)
-        {
-
-            destination[i] = montgomery((long)r * destination[i], q, qInverse);
-
-        }
-
-    }
-
-    /***********************************************************************************************************************************************************************************
-     * Description:	Inverse Number Theoretic Transform for Provably-Secure qTESLA Security Category-1
-     *
-     * @param        destination            Destination of Inverse Transformation
-     * @param        destinationOffset    Starting Point of the Destination
-     * @param        source                Source of Inverse Transformation
-     * @param        sourceOffset        Starting Point of the Source
-     *
-     * @return none
-     ***********************************************************************************************************************************************************************************/
-    private static void inverseNumberTheoreticTransformIP(long destination[], int destinationOffset, long source[], int sourceOffset)
-    {
-
-        int jTwiddle = 0;
-
-        for (int numberOfProblem = 1; numberOfProblem < Parameter.N_I_P; numberOfProblem *= 2)
-        {
-
-            int j = 0;
-            int jFirst;
-
-            for (jFirst = 0; jFirst < Parameter.N_I_P; jFirst = j + numberOfProblem)
-            {
-
-                long omega = source[sourceOffset + (jTwiddle++)];
-
-                for (j = jFirst; j < jFirst + numberOfProblem; j++)
-                {
-
-                    long temporary = destination[destinationOffset + j];
-
-                    destination[destinationOffset + j] = temporary + destination[destinationOffset + j + numberOfProblem];
-
-                    destination[destinationOffset + j + numberOfProblem] = montgomeryP(
-                        omega * (temporary + (2L * Parameter.Q_I_P - destination[destinationOffset + j + numberOfProblem])),
-                        Parameter.Q_I_P, Parameter.Q_INVERSE_I_P
-                    );
-
-                }
-
-            }
-
-            numberOfProblem *= 2;
-
-            for (jFirst = 0; jFirst < Parameter.N_I_P; jFirst = j + numberOfProblem)
-            {
-
-                long omega = source[sourceOffset + (jTwiddle++)];
-
-                for (j = jFirst; j < jFirst + numberOfProblem; j++)
-                {
-
-                    long temporary = destination[destinationOffset + j];
-
-                    destination[destinationOffset + j] = barrett(
-                        temporary + destination[destinationOffset + j + numberOfProblem],
-                        Parameter.Q_I_P, Parameter.BARRETT_MULTIPLICATION_I_P, Parameter.BARRETT_DIVISION_I_P
-                    );
-
-                    destination[destinationOffset + j + numberOfProblem] = montgomeryP(
-                        omega * (temporary + (2L * Parameter.Q_I_P - destination[destinationOffset + j + numberOfProblem])),
-                        Parameter.Q_I_P, Parameter.Q_INVERSE_I_P
-                    );
-
-                }
-
-            }
-
-        }
-
-    }
-
-    /******************************************************************************************************************************************************************************************
-     * Description:	Inverse Number Theoretic Transform for Provably-Secure qTESLA Security Category-3
-     *
-     * @param        destination            Destination of Inverse Transformation
-     * @param        destinationOffset    Starting Point of the Destination
-     * @param        source                Source of Inverse Transformation
-     * @param        sourceOffset        Starting Point of the Source
-     *
-     * @return none
-     ******************************************************************************************************************************************************************************************/
-    private static void inverseNumberTheoreticTransformIIIP(long destination[], int destinationOffset, long source[], int sourceOffset)
-    {
-
-        int jTwiddle = 0;
-
-        for (int numberOfProblem = 1; numberOfProblem < Parameter.N_III_P; numberOfProblem *= 2)
-        {
-
-            int j = 0;
-            int jFirst;
-
-            for (jFirst = 0; jFirst < Parameter.N_III_P; jFirst = j + numberOfProblem)
-            {
-
-                long omega = source[sourceOffset + (jTwiddle++)];
-
-                for (j = jFirst; j < jFirst + numberOfProblem; j++)
-                {
-
-                    long temporary = destination[destinationOffset + j];
-
-                    destination[destinationOffset + j] = barrett(
-                        temporary + destination[destinationOffset + j + numberOfProblem],
-                        Parameter.Q_III_P, Parameter.BARRETT_MULTIPLICATION_III_P, Parameter.BARRETT_DIVISION_III_P
-                    );
-
-                    destination[destinationOffset + j + numberOfProblem] = barrett(
-                        montgomeryP(
-                            omega * (temporary + (2L * Parameter.Q_III_P - destination[destinationOffset + j + numberOfProblem])),
-                            Parameter.Q_III_P, Parameter.Q_INVERSE_III_P
-                        ),
-                        Parameter.Q_III_P, Parameter.BARRETT_MULTIPLICATION_III_P, Parameter.BARRETT_DIVISION_III_P
-                    );
-
-                }
-
-            }
-
-        }
-
-    }
-
-    /****************************************************************************************************************************************************
-     * Description:	Component Wise Polynomial Multiplication for Heuristic qTESLA Security Category-1 and Security Category-3 (Option for Size and Speed)
-     *
-     * @param        product                    Product = Multiplicand (*) Multiplier
-     * @param        multiplicand            Multiplicand Array
-     * @param        multiplier                Multiplier Array
-     * @param        n                        Polynomial Degree
-     * @param        q                        Modulus
-     * @param        qInverse
-     *
-     * @return none
-     ****************************************************************************************************************************************************/
-    private static void componentWisePolynomialMultiplication(int[] product, int[] multiplicand, int[] multiplier, int n, int q, long qInverse)
-    {
-
-        for (int i = 0; i < n; i++)
-        {
-
-            product[i] = montgomery((long)multiplicand[i] * multiplier[i], q, qInverse);
-
-        }
-
-    }
-
-    /******************************************************************************************************************************************************************************************************************
-     * Description:	Component Wise Polynomial Multiplication for Provably-Secure qTESLA Security Category-1 and Security Category-3
-     *
-     * @param        product                    Product = Multiplicand (*) Multiplier
-     * @param        productOffset            Starting Point of the Product Array
-     * @param        multiplicand            Multiplicand Array
-     * @param        multiplicandOffset        Starting Point of the Multiplicand Array
-     * @param        multiplier                Multiplier Array
-     * @param        multiplierOffset        Starting Point of the Multiplier Array
-     * @param        n                        Polynomial Degree
-     * @param        q                        Modulus
-     * @param        qInverse
-     *
-     * @return none
-     ******************************************************************************************************************************************************************************************************************/
-    private static void componentWisePolynomialMultiplication(long[] product, int productOffset, long[] multiplicand, int multiplicandOffset, long[] multiplier, int multiplierOffset, int n, int q, long qInverse)
-    {
-
-        for (int i = 0; i < n; i++)
-        {
-
-            product[productOffset + i] = montgomeryP(multiplicand[multiplicandOffset + i] * multiplier[multiplierOffset + i], q, qInverse);
-
-        }
-
-    }
-
-    /***********************************************************************************************************************************************
-     * Description:	Polynomial Number Theoretic Transform for Provably-Secure qTESLA Security Category-1 and Category-3
-     *
-     * @param        arrayNumberTheoreticTransform        Transformed Array
-     * @param        array                                Array to be Transformed
-     * @param        n                                    Polynomial Degree
-     *
-     * @return none
-     ***********************************************************************************************************************************************/
-    public static void polynomialNumberTheoreticTransform(long[] arrayNumberTheoreticTransform, long[] array, int n)
-    {
-
-        for (int i = 0; i < n; i++)
-        {
-
-            arrayNumberTheoreticTransform[i] = array[i];
-
-        }
-
-        if (n == Parameter.N_I_P)
-        {
-
-            numberTheoreticTransformIP(arrayNumberTheoreticTransform, PolynomialProvablySecure.ZETA_I_P);
-
-        }
-
-        if (n == Parameter.N_III_P)
-        {
-
-            numberTheoreticTransformIIIP(arrayNumberTheoreticTransform, PolynomialProvablySecure.ZETA_III_P);
-
-        }
-
-    }
-
-    /*******************************************************************************************************************************************
-     * Description:	Polynomial Multiplication for Heuristic qTESLA Security Category-1 and Category-3 (Option for Size and Speed)
-     *
-     * @param        product                    Product = Multiplicand * Multiplier
-     * @param        multiplicand            Multiplicand Array
-     * @param        multiplier                Multiplier Array
-     * @param        n                        Polynomial Degree
-     * @param        q                        Modulus
-     * @param        qInverse
-     * @param        zeta
-     *
-     * @return none
-     *******************************************************************************************************************************************/
-    public static void polynomialMultiplication(int[] product, int[] multiplicand, int[] multiplier, int n, int q, long qInverse, int[] zeta)
-    {
-
-        int[] multiplierNumberTheoreticTransform = new int[n];
-
-        for (int i = 0; i < n; i++)
-        {
-
-            multiplierNumberTheoreticTransform[i] = multiplier[i];
-
-        }
-
-        numberTheoreticTransform(multiplierNumberTheoreticTransform, zeta, n, q, qInverse);
-
-        componentWisePolynomialMultiplication(product, multiplicand, multiplierNumberTheoreticTransform, n, q, qInverse);
-
-        if (q == Parameter.Q_I)
-        {
-
-            inverseNumberTheoreticTransformI(product, PolynomialHeuristic.ZETA_INVERSE_I);
-
-        }
-
-        if (q == Parameter.Q_III_SIZE)
-        {
-
-            inverseNumberTheoreticTransform(
-
-                product, PolynomialHeuristic.ZETA_INVERSE_III_SIZE,
-                Parameter.N_III_SIZE, Parameter.Q_III_SIZE, Parameter.Q_INVERSE_III_SIZE, Parameter.R_III_SIZE,
-                Parameter.BARRETT_MULTIPLICATION_III_SIZE, Parameter.BARRETT_DIVISION_III_SIZE
-
-            );
-
-        }
-
-        if (q == Parameter.Q_III_SPEED)
-        {
-
-            inverseNumberTheoreticTransform(
-
-                product, PolynomialHeuristic.ZETA_INVERSE_III_SPEED,
-                Parameter.N_III_SPEED, Parameter.Q_III_SPEED, Parameter.Q_INVERSE_III_SPEED, Parameter.R_III_SPEED,
-                Parameter.BARRETT_MULTIPLICATION_III_SPEED, Parameter.BARRETT_DIVISION_III_SPEED
-
-            );
-
-        }
-
-    }
-
-    /***************************************************************************************************************************************************************************************************
-     * Description:	Polynomial Multiplication for Provably-Secure qTESLA Security Category-1 and Category-3
-     *
-     * @param        product                    Product = Multiplicand * Multiplier
-     * @param        productOffset            Starting Point of the Product Array
-     * @param        multiplicand            Multiplicand Array
-     * @param        multiplicandOffset        Starting Point of the Multiplicand Array
-     * @param        multiplier                Multiplier Array
-     * @param        multiplierOffset        Starting Point of the Multiplier Array
-     * @param        n                        Polynomial Degree
-     * @param        q                        Modulus
-     * @param        qInverse
-     *
-     * @return none
-     ***************************************************************************************************************************************************************************************************/
-    public static void polynomialMultiplication(long[] product, int productOffset, long[] multiplicand, int multiplicandOffset, long[] multiplier, int multiplierOffset, int n, int q, long qInverse)
-    {
-
-        componentWisePolynomialMultiplication(product, productOffset, multiplicand, multiplicandOffset, multiplier, multiplierOffset, n, q, qInverse);
-
-        if (q == Parameter.Q_I_P)
-        {
-
-            inverseNumberTheoreticTransformIP(product, productOffset, PolynomialProvablySecure.ZETA_INVERSE_I_P, 0);
-
-        }
-
-        if (q == Parameter.Q_III_P)
-        {
-
-            inverseNumberTheoreticTransformIIIP(product, productOffset, PolynomialProvablySecure.ZETA_INVERSE_III_P, 0);
-
-        }
-
-    }
-
-    /****************************************************************************************************************************************************
-     * Description:	Polynomial Addition for Heuristic qTESLA Security Category-1 and Category-3 (Option for Size or Speed)
-     * 				Q + L_E < 2 ^ (CEIL (LOGARITHM (Q, 2)))
-     * 				No Necessary Reduction for Y + SC
-     *
-     * @param        summation            Summation = Augend + Addend
-     * @param        augend                Augend Array
-     * @param        addend                Addend Array
-     * @param        n                    Polynomial Degree
-     *
-     * @return none
-     ****************************************************************************************************************************************************/
-    public static void polynomialAddition(int[] summation, int[] augend, int[] addend, int n)
-    {
-
-        for (int i = 0; i < n; i++)
-        {
-
-            summation[i] = augend[i] + addend[i];
-
-        }
-
-    }
-
-    /********************************************************************************************************************************************************
-     * Description:	Polynomial Addition for Provably-Secure qTESLA Security Category-1 and Category-3
-     * 				Q + L_E < 2 ^ (CEIL (LOGARITHM (Q, 2)))
-     * 				No Necessary Reduction for Y + SC
-     *
-     * @param        summation            Summation = Augend + Addend
-     * @param        summationOffset        Starting Point of the Summation Array
-     * @param        augend                Augend Array
-     * @param        augendOffset        Starting Point of the Augend Array
-     * @param        addend                Addend Array
-     * @param        addendOffset        Starting Point of the Addend Array
-     * @param        n                    Polynomial Degree
-     *
-     * @return none
-     ********************************************************************************************************************************************************/
-    public static void polynomialAddition(long[] summation, int summationOffset, long[] augend, int augendOffset, long[] addend, int addendOffset, int n)
-    {
-
-        for (int i = 0; i < n; i++)
-        {
-
-            summation[summationOffset + i] = augend[augendOffset + i] + addend[addendOffset + i];
-
-        }
-
-    }
-
-    /*************************************************************************************************************
-     * Description:	Polynomial Addition with Correction for Heuristic qTESLA Security Category-1 and Category-3
-     * 				(Option for Size or Speed)
-     * 				Q + L_E < 2 ^ (CEIL (LOGARITHM (Q, 2)))
-     * 				No Necessary Reduction for Y + SC
-     *
-     * @param        summation            Summation = Augend + Addend
-     * @param        augend                Augend Array
-     * @param        addend                Addend Array
-     * @param        n                    Polynomial Degree
-     *
-     * @return none
-     ************************************************************************************************************/
-    public static void polynomialAdditionCorrection(int[] summation, int[] augend, int[] addend, int n, int q)
-    {
-
-        for (int i = 0; i < n; i++)
-        {
-
-            summation[i] = augend[i] + addend[i];
-            /* If summation[i] < 0 Then Add Q */
-            summation[i] += (summation[i] >> 31) & q;
-            summation[i] -= q;
-            /* If summation[i] >= Q Then Subtract Q */
-            summation[i] += (summation[i] >> 31) & q;
-
-        }
-
-    }
-
-    /**********************************************************************************************************************
-     * Description:	Polynomial Subtraction with Correction for Heuristic qTESLA Security Category-1 and Security Category-3
-     *				(Option for Size or Speed)
-     *
-     * @param        difference                    Difference = Minuend (-) Subtrahend
-     * @param        minuend                        Minuend Array
-     * @param        subtrahend                    Subtrahend Array
-     * @param        n                            Polynomial Degree
-     * @param        q                            Modulus
-     *
-     * @return none
-     ***********************************************************************************************************************/
-    public static void polynomialSubtractionCorrection(int[] difference, int[] minuend, int[] subtrahend, int n, int q)
-    {
-
-        for (int i = 0; i < n; i++)
-        {
-
-            difference[i] = minuend[i] - subtrahend[i];
-            /* If difference[i] < 0 Then Add Q */
-            difference[i] += (difference[i] >> 31) & q;
-
-        }
-
-    }
-
-    /*******************************************************************************************************************************************
-     * Description:	Polynomial Subtraction with Montgomery Reduction for Heuristic qTESLA Security Category-1 and Security Category-3
-     *				(Option for Size or Speed)
-     *
-     * @param        difference                    Difference = Minuend (-) Subtrahend
-     * @param        minuend                        Minuend Array
-     * @param        subtrahend                    Subtrahend Array
-     * @param        n                            Polynomial Degree
-     * @param        q                            Modulus
-     * @param        qInverse
-     * @param        r
-     *
-     * @return none
-     *******************************************************************************************************************************************/
-    public static void polynomialSubtractionMontgomery(int[] difference, int[] minuend, int[] subtrahend, int n, int q, long qInverse, int r)
-    {
-
-        for (int i = 0; i < n; i++)
-        {
-
-            difference[i] = montgomery((long)r * (minuend[i] - subtrahend[i]), q, qInverse);
-
-        }
-
-    }
-
-    /******************************************************************************************************************************************************************************************************************************
-     * Description:	Polynomial Subtraction for Provably-Secure qTESLA Security Category-1 and Security Category-3
-     *
-     * @param        difference                    Difference = Minuend (-) Subtrahend
-     * @param        differenceOffset            Starting Point of the Difference Array
-     * @param        minuend                        Minuend Array
-     * @param        minuendOffset                Starting Point of the Minuend Array
-     * @param        subtrahend                    Subtrahend Array
-     * @param        subtrahendOffset            Starting Point of the Subtrahend Array
-     * @param        n                            Polynomial Degree
-     * @param        q                            Modulus
-     * @param        barrettMultiplication
-     * @param        barrettDivision
-     *
-     * @return none
-     ******************************************************************************************************************************************************************************************************************************/
-    public static void polynomialSubtraction(long[] difference, int differenceOffset, long[] minuend, int minuendOffset, long[] subtrahend, int subtrahendOffset, int n, int q, int barrettMultiplication, int barrettDivision)
-    {
-
-        for (int i = 0; i < n; i++)
-        {
-
-            difference[differenceOffset + i] = barrett(minuend[minuendOffset + i] - subtrahend[subtrahendOffset + i], q, barrettMultiplication, barrettDivision);
-
-        }
-
-    }
-
-    /******************************************************************************************************************************************************************************
-     * Description:	Generation of Polynomial A for Heuristic qTESLA Security Category-1 and Security Category-3 (Option for Size or Speed)
-     *
-     * @param        A                                    Polynomial to be Generated
-     * @param        seed                                Kappa-Bit Seed
-     * @param        seedOffset                            Starting Point of the Kappa-Bit Seed
-     * @param        n                                    Polynomial Degree
-     * @param        q                                    Modulus
-     * @param        qInverse
-     * @param        qLogarithm                            q <= 2 ^ qLogarithm
-     * @param        generatorA
-     * @param        inverseNumberTheoreticTransform
-     *
-     * @return none
-     ******************************************************************************************************************************************************************************/
-    public static void polynomialUniform(int[] A, byte[] seed, int seedOffset, int n, int q, long qInverse, int qLogarithm, int generatorA, int inverseNumberTheoreticTransform)
-    {
-
-        int position = 0;
-        int i = 0;
-        int numberOfByte = (qLogarithm + 7) / 8;
-        int numberOfBlock = generatorA;
-        short dualModeSampler = 0;
-        int value1;
-        int value2;
-        int value3;
-        int value4;
-        int mask = (1 << qLogarithm) - 1;
-
-        byte[] buffer = new byte[HashUtils.SECURE_HASH_ALGORITHM_KECCAK_128_RATE * generatorA];
-
-        HashUtils.customizableSecureHashAlgorithmKECCAK128Simple(
-            buffer, 0, HashUtils.SECURE_HASH_ALGORITHM_KECCAK_128_RATE * generatorA,
-            dualModeSampler++,
-            seed, seedOffset, RANDOM
-        );
-
-        while (i < n)
-        {
-
-            if (position > (HashUtils.SECURE_HASH_ALGORITHM_KECCAK_128_RATE * numberOfBlock - Const.INT_SIZE / Const.BYTE_SIZE * numberOfByte))
-            {
-
-                numberOfBlock = 1;
-
-                HashUtils.customizableSecureHashAlgorithmKECCAK128Simple(
-                    buffer, 0, HashUtils.SECURE_HASH_ALGORITHM_KECCAK_128_RATE * numberOfBlock,
-                    dualModeSampler++,
-                    seed, seedOffset, RANDOM
-                );
-
-                position = 0;
-
-            }
-
-            value1 = CommonFunction.load32(buffer, position) & mask;
-            position += numberOfByte;
-
-            value2 = CommonFunction.load32(buffer, position) & mask;
-            position += numberOfByte;
-
-            value3 = CommonFunction.load32(buffer, position) & mask;
-            position += numberOfByte;
-
-            value4 = CommonFunction.load32(buffer, position) & mask;
-            position += numberOfByte;
-
-            if (value1 < q && i < n)
-            {
-
-                A[i++] = montgomery((long)value1 * inverseNumberTheoreticTransform, q, qInverse);
-
-            }
-
-            if (value2 < q && i < n)
-            {
-
-                A[i++] = montgomery((long)value2 * inverseNumberTheoreticTransform, q, qInverse);
-
-            }
-
-            if (value3 < q && i < n)
-            {
-
-                A[i++] = montgomery((long)value3 * inverseNumberTheoreticTransform, q, qInverse);
-
-            }
-
-            if (value4 < q && i < n)
-            {
-
-                A[i++] = montgomery((long)value4 * inverseNumberTheoreticTransform, q, qInverse);
-
-            }
-
-        }
-
-    }
-
-    /**************************************************************************************************************************************************************************************
-     * Description:	Generation of Polynomial A for Provably-Secure qTESLA Security Category-1 and Security Category-3
-     *
-     * @param        A                                    Polynomial to be Generated
-     * @param        seed                                Kappa-Bit Seed
-     * @param        seedOffset                            Starting Point of the Kappa-Bit Seed
-     * @param        n                                    Polynomial Degree
-     * @param        k                                    Number of Ring-Learning-With-Errors Samples
-     * @param        q                                    Modulus
-     * @param        qInverse
-     * @param        qLogarithm                            q <= 2 ^ qLogarithm
-     * @param        generatorA
-     * @param        inverseNumberTheoreticTransform
-     *
-     * @return none
-     **************************************************************************************************************************************************************************************/
-    public static void polynomialUniform(long[] A, byte[] seed, int seedOffset, int n, int k, int q, long qInverse, int qLogarithm, int generatorA, int inverseNumberTheoreticTransform)
-    {
-
-        int position = 0;
-        int i = 0;
-        int numberOfByte = (qLogarithm + 7) / 8;
-        int numberOfBlock = generatorA;
-        short dualModeSampler = 0;
-        int value1;
-        int value2;
-        int value3;
-        int value4;
-        int mask = (1 << qLogarithm) - 1;
-
-        byte[] buffer = new byte[HashUtils.SECURE_HASH_ALGORITHM_KECCAK_128_RATE * numberOfBlock];
-
-        HashUtils.customizableSecureHashAlgorithmKECCAK128Simple(
-            buffer, 0, HashUtils.SECURE_HASH_ALGORITHM_KECCAK_128_RATE * numberOfBlock,
-            dualModeSampler++,
-            seed, seedOffset, RANDOM
-        );
-
-        while (i < n * k)
-        {
-
-            if (position > (HashUtils.SECURE_HASH_ALGORITHM_KECCAK_128_RATE * numberOfBlock - Const.INT_SIZE / Const.BYTE_SIZE * numberOfByte))
-            {
-
-                numberOfBlock = 1;
-
-                HashUtils.customizableSecureHashAlgorithmKECCAK128Simple(
-                    buffer, 0, HashUtils.SECURE_HASH_ALGORITHM_KECCAK_128_RATE * numberOfBlock,
-                    dualModeSampler++,
-                    seed, seedOffset, RANDOM
-                );
-
-                position = 0;
-
-            }
-
-            value1 = CommonFunction.load32(buffer, position) & mask;
-            position += numberOfByte;
-
-            value2 = CommonFunction.load32(buffer, position) & mask;
-            position += numberOfByte;
-
-            value3 = CommonFunction.load32(buffer, position) & mask;
-            position += numberOfByte;
-
-            value4 = CommonFunction.load32(buffer, position) & mask;
-            position += numberOfByte;
-
-            if (value1 < q && i < n * k)
-            {
-
-                A[i++] = montgomeryP((long)value1 * inverseNumberTheoreticTransform, q, qInverse);
-
-            }
-
-            if (value2 < q && i < n * k)
-            {
-
-                A[i++] = montgomeryP((long)value2 * inverseNumberTheoreticTransform, q, qInverse);
-
-            }
-
-            if (value3 < q && i < n * k)
-            {
-
-                A[i++] = montgomeryP((long)value3 * inverseNumberTheoreticTransform, q, qInverse);
-
-            }
-
-            if (value4 < q && i < n * k)
-            {
-
-                A[i++] = montgomeryP((long)value4 * inverseNumberTheoreticTransform, q, qInverse);
-
-            }
-
-        }
-
-    }
-
-    /**************************************************************************************************************************************************************
-     * Description:	Performs Sparse Polynomial Multiplication for A Value Needed During Message Signification for Heuristic qTESLA Security Category-1 and
-     *				SecurityCategory-3 (Option for Size or Speed)
-     *
-     * @param        product                Product of Two Polynomials
-     * @param        privateKey            Part of the Private Key
-     * @param        positionList        List of Indices of Non-Zero Elements in C
-     * @param        signList            List of Signs of Non-Zero Elements in C
-     * @param        n                    Polynomial Degree
-     * @param        h                    Number of Non-Zero Entries of Output Elements of Encryption
-     *
-     * @return none
-     **************************************************************************************************************************************************************/
-    public static void sparsePolynomialMultiplication16(int[] product, final short[] privateKey, final int[] positionList, final short[] signList, int n, int h)
-    {
-
-        int position;
-
-        Arrays.fill(product, 0);
-
-        for (int i = 0; i < h; i++)
-        {
-
-            position = positionList[i];
-
-            for (int j = 0; j < position; j++)
-            {
-
-                product[j] -= signList[i] * privateKey[n + j - position];
-
-            }
-
-            for (int j = position; j < n; j++)
-            {
-
-                product[j] += signList[i] * privateKey[j - position];
-
-            }
-
-        }
-
-    }
-
-    /*****************************************************************************************************************************************************************************************************
-     * Description:	Performs Sparse Polynomial Multiplication for A Value Needed During Message Signification for Provably-Secure qTESLA Security Category-1 and Category-3
-     *
-     * @param        product                Product of Two Polynomials
-     * @param        productOffset        Starting Point of the Product of Two Polynomials
-     * @param        privateKey            Part of the Private Key
-     * @param        privateKeyOffset    Starting Point of the Private Key
-     * @param        positionList        List of Indices of Non-Zero Elements in C
-     * @param        signList            List of Signs of Non-Zero Elements in C
-     * @param        n                    Polynomial Degree
-     * @param        h                    Number of Non-Zero Entries of Output Elements of Encryption
-     *
-     * @return none
-     ******************************************************************************************************************************************************************************************************/
-    public static void sparsePolynomialMultiplication8(long[] product, int productOffset, final byte[] privateKey, int privateKeyOffset, final int[] positionList, final short[] signList, int n, int h)
-    {
-
-        int position;
-
-        Arrays.fill(product, 0L);
-
-        for (int i = 0; i < h; i++)
-        {
-
-            position = positionList[i];
-
-            for (int j = 0; j < position; j++)
-            {
-
-                product[productOffset + j] -= signList[i] * privateKey[privateKeyOffset + n + j - position];
-
-            }
-
-            for (int j = position; j < n; j++)
-            {
-
-                product[productOffset + j] += signList[i] * privateKey[privateKeyOffset + j - position];
-
-            }
-
-        }
-
-    }
-
-    /***********************************************************************************************************************************************************
-     * Description:	Performs Sparse Polynomial Multiplication for A Value Needed During Message Signification for Heuristic qTESLA Security Category-1 and
-     * 				Security Category-3 (Option for Size or Speed)
-     *
-     * @param        product                    Product of Two Polynomials
-     * @param        publicKey                Part of the Public Key
-     * @param        positionList            List of Indices of Non-Zero Elements in C
-     * @param        signList                List of Signs of Non-Zero Elements in C
-     * @param        n                        Polynomial Degree
-     * @param        h                        Number of Non-Zero Entries of Output Elements of Encryption
-     *
-     * @return none
-     ***********************************************************************************************************************************************************/
-    public static void sparsePolynomialMultiplication32(int[] product, final int[] publicKey, final int[] positionList, final short[] signList, int n, int h)
-    {
-
-        int position;
-
-        Arrays.fill(product, 0);
-
-        for (int i = 0; i < h; i++)
-        {
-
-            position = positionList[i];
-
-            for (int j = 0; j < position; j++)
-            {
-
-                product[j] -= signList[i] * publicKey[n + j - position];
-
-            }
-
-            for (int j = position; j < n; j++)
-            {
-
-                product[j] += signList[i] * publicKey[j - position];
-
-            }
-
-        }
-
-    }
-
-    /***********************************************************************************************************************************************************************************************************************************************************
-     * Description:	Performs Sparse Polynomial Multiplication for A Value Needed During Message Signification for Provably-Secure qTESLA Security Category-1 and Security Category-3
-     *
-     * @param        product                    Product of Two Polynomials
-     * @param        productOffset            Starting Point of the Product of Two Polynomials
-     * @param        publicKey                Part of the Public Key
-     * @param        publicKeyOffset            Starting Point of the Public Key
-     * @param        positionList            List of Indices of Non-Zero Elements in C
-     * @param        signList                List of Signs of Non-Zero Elements in C
-     * @param        n                        Polynomial Degree
-     * @param        h                        Number of Non-Zero Entries of Output Elements of Encryption
-     * @param        q                        Modulus
-     * @param        barrettMultiplication
-     * @param        barrettDivision
-     *
-     * @return none
-     ***********************************************************************************************************************************************************************************************************************************************************/
-    public static void sparsePolynomialMultiplication32(long[] product, int productOffset, final int[] publicKey, int publicKeyOffset, final int[] positionList, final short[] signList, int n, int h, int q, int barrettMultiplication, int barrettDivision)
-    {
-
-        int position;
-
-        Arrays.fill(product, 0L);
-
-        for (int i = 0; i < h; i++)
-        {
-
-            position = positionList[i];
-
-            for (int j = 0; j < position; j++)
-            {
-
-                product[productOffset + j] -= signList[i] * publicKey[publicKeyOffset + n + j - position];
-
-            }
-
-            for (int j = position; j < n; j++)
-            {
-
-                product[productOffset + j] += signList[i] * publicKey[publicKeyOffset + j - position];
-
-            }
-
-        }
-
-        for (int i = 0; i < n; i++)
-        {
-
-            product[productOffset + i] = barrett(product[productOffset + i], q, barrettMultiplication, barrettDivision);
-
-        }
-
-    }
-
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/PolynomialHeuristic.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/PolynomialHeuristic.java
deleted file mode 100644
index 5e16df5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/PolynomialHeuristic.java
+++ /dev/null

@@ -1,682 +0,0 @@
-package org.bouncycastle.pqc.crypto.qtesla;
-
-final class PolynomialHeuristic
-{
-
-    /* Heuristic qTESLA Security Category-1 */
-
-    public static final int[] ZETA_I = {                    /* 512-Entry */
-
-        3359531, 2189080, 370173, 677362, 3132616, 2989204, 2362181, 1720831,
-        1203721, 3239574, 641414, 3932234, 3634017, 2251707, 355329, 4152265,
-        1356023, 4021436, 1465601, 4145892, 3348341, 675693, 1598775, 2799365,
-        3336234, 3856839, 603157, 1381183, 1069471, 2142038, 2877387, 2653969,
-        2055310, 3837123, 3141231, 1951522, 2375048, 445122, 1689285, 3664328,
-        676319, 3844199, 3669724, 1009639, 3666694, 1585701, 2102892, 966523,
-        4069555, 3246046, 846643, 2088895, 4068915, 3715722, 4119007, 230501,
-        1626667, 2119752, 1171284, 3153846, 17941, 1316589, 1814059, 3185686,
-        1183551, 2533671, 4152595, 2616162, 3015757, 194860, 1601807, 1271569,
-        139534, 2581874, 2183200, 2060697, 1036874, 646550, 2823563, 3312274,
-        391700, 99391, 638903, 2397164, 3924868, 3315551, 1170767, 422539,
-        1801679, 166402, 742283, 222557, 522210, 3415900, 177835, 3243355,
-        4196855, 1821376, 1290490, 3624896, 1546898, 1282351, 3960516, 835944,
-        2251927, 90910, 3034838, 4082965, 2311377, 3512216, 2652413, 2191140,
-        302935, 3866228, 2007511, 744185, 2801160, 3993630, 592962, 795067,
-        2822609, 3471782, 3710854, 1824985, 1495256, 3906591, 3111335, 3902620,
-        11234, 1586236, 3698245, 492808, 2729660, 3369937, 1869963, 7244,
-        1453951, 1757304, 1005437, 3668653, 1821321, 4203686, 1192473, 113408,
-        2904803, 1346735, 4161890, 711442, 4020959, 1164150, 2139014, 4134238,
-        731747, 3856202, 2351090, 3382729, 2644693, 617098, 2796766, 1911274,
-        552932, 2476095, 1801797, 1381577, 2338697, 1336590, 2798544, 459121,
-        3555631, 741068, 2302686, 1883916, 2148181, 2471691, 2174195, 1684042,
-        3266036, 227434, 4107207, 2910899, 3427718, 2011049, 2706372, 4182237,
-        1243355, 2908998, 15068, 1966206, 2157082, 4114100, 1846352, 230880,
-        1161075, 1259576, 1212857, 1697580, 39500, 3079648, 2529577, 2082167,
-        50282, 476606, 1494601, 1334236, 3349015, 1600445, 413060, 3104844,
-        139283, 1688398, 3230017, 1009712, 614253, 2973529, 2077610, 2218429,
-        4185344, 254428, 506799, 196179, 3310395, 4183346, 3897905, 2234639,
-        1859699, 3322900, 2151737, 1904476, 2457045, 383438, 2543045, 2985636,
-        731083, 1609871, 2171434, 535413, 2666041, 405934, 3303186, 802974,
-        3573046, 1760267, 2758359, 2102800, 1512274, 3981750, 1838169, 2101846,
-        1363757, 1342163, 3608830, 321523, 1072908, 855117, 1679204, 3624675,
-        3183259, 2438624, 407591, 1549799, 490068, 2769318, 3185950, 990968,
-        3700398, 2715638, 3672301, 3203080, 1775408, 2071611, 778637, 2335351,
-        3317014, 3768001, 571163, 2618746, 1028702, 3174131, 764504, 1386439,
-        4188876, 1131998, 1057083, 39651, 2588805, 2519763, 3838931, 4130059,
-        1893001, 2066802, 572208, 2529031, 220967, 3880345, 1820301, 2205978,
-        3036090, 1648541, 4012391, 1432533, 3068186, 1645476, 1397186, 2112498,
-        4168213, 1234734, 1648052, 1803157, 2011730, 1648875, 2547914, 437873,
-        2460774, 3403214, 2690605, 2567052, 739775, 1854855, 520305, 3661464,
-        1120944, 1245195, 1147367, 2571134, 696367, 3009976, 834907, 1691662,
-        1384090, 2795844, 1813845, 3425954, 4194068, 1317042, 2056507, 470026,
-        3097617, 2678203, 3077203, 2116013, 4155561, 2844478, 1467696, 4150754,
-        992951, 471101, 4062883, 1584992, 2252609, 3322854, 1597940, 3581574,
-        1115369, 4153697, 3236495, 4075586, 2066340, 1262360, 2730720, 3664692,
-        2681478, 2929295, 3831713, 3683420, 2511172, 3689552, 2645837, 2414330,
-        857564, 3703853, 468246, 1574274, 3590547, 2348366, 1565207, 1815326,
-        2508730, 1749217, 465029, 260794, 1630097, 3019607, 3872759, 1053481,
-        3958758, 3415305, 54348, 2516, 3045515, 3011542, 1951553, 1882613,
-        1729323, 801736, 3662451, 909634, 2949838, 2598628, 1652685, 1945350,
-        3221627, 2879417, 2732226, 3883548, 1891328, 3215710, 3159721, 1318941,
-        2153764, 1870381, 4039453, 3375151, 2655219, 4089723, 1388508, 3436490,
-        3956335, 2748982, 4111030, 328986, 1780674, 2570336, 2608795, 2600572,
-        2748827, 790335, 1988956, 3946950, 1789942, 710384, 3900335, 457139,
-        2550557, 3042298, 1952120, 1998308, 259999, 2361900, 119023, 3680445,
-        1893737, 4050016, 2696786, 567472, 3085466, 1580931, 1360307, 3075154,
-        904205, 1306381, 3257843, 2926984, 2065676, 3221598, 2551064, 1580354,
-        1636374, 699891, 1821560, 670885, 947258, 2908840, 3049868, 1038075,
-        1701447, 2439140, 2048478, 3183312, 2224644, 320592, 3304074, 2611056,
-        422256, 1752180, 2217951, 2900510, 1321050, 2797671, 312886, 2624042,
-        3166863, 908176, 24947, 152205, 2891981, 189908, 1959427, 1365987,
-        2071767, 1932065, 3185693, 3889374, 3644713, 79765, 969178, 11268,
-        1992233, 1579325, 1224905, 3741957, 1894871, 3060100, 1787540, 4194180,
-        1396587, 2745514, 26822, 695515, 2348201, 249698, 2988539, 1081347
-
-    };
-
-    public static final int[] ZETA_INVERSE_I = {            /* 512-Entry */
-
-        1217030, 3955871, 1857368, 3510054, 4178747, 1460055, 2808982, 11389,
-        2418029, 1145469, 2310698, 463612, 2980664, 2626244, 2213336, 4194301,
-        3236391, 4125804, 560856, 316195, 1019876, 2273504, 2133802, 2839582,
-        2246142, 4015661, 1313588, 4053364, 4180622, 3297393, 1038706, 1581527,
-        3892683, 1407898, 2884519, 1305059, 1987618, 2453389, 3783313, 1594513,
-        901495, 3884977, 1980925, 1022257, 2157091, 1766429, 2504122, 3167494,
-        1155701, 1296729, 3258311, 3534684, 2384009, 3505678, 2569195, 2625215,
-        1654505, 983971, 2139893, 1278585, 947726, 2899188, 3301364, 1130415,
-        2845262, 2624638, 1120103, 3638097, 1508783, 155553, 2311832, 525124,
-        4086546, 1843669, 3945570, 2207261, 2253449, 1163271, 1655012, 3748430,
-        305234, 3495185, 2415627, 258619, 2216613, 3415234, 1456742, 1604997,
-        1596774, 1635233, 2424895, 3876583, 94539, 1456587, 249234, 769079,
-        2817061, 115846, 1550350, 830418, 166116, 2335188, 2051805, 2886628,
-        1045848, 989859, 2314241, 322021, 1473343, 1326152, 983942, 2260219,
-        2552884, 1606941, 1255731, 3295935, 543118, 3403833, 2476246, 2322956,
-        2254016, 1194027, 1160054, 4203053, 4151221, 790264, 246811, 3152088,
-        332810, 1185962, 2575472, 3944775, 3740540, 2456352, 1696839, 2390243,
-        2640362, 1857203, 615022, 2631295, 3737323, 501716, 3348005, 1791239,
-        1559732, 516017, 1694397, 522149, 373856, 1276274, 1524091, 540877,
-        1474849, 2943209, 2139229, 129983, 969074, 51872, 3090200, 623995,
-        2607629, 882715, 1952960, 2620577, 142686, 3734468, 3212618, 54815,
-        2737873, 1361091, 50008, 2089556, 1128366, 1527366, 1107952, 3735543,
-        2149062, 2888527, 11501, 779615, 2391724, 1409725, 2821479, 2513907,
-        3370662, 1195593, 3509202, 1634435, 3058202, 2960374, 3084625, 544105,
-        3685264, 2350714, 3465794, 1638517, 1514964, 802355, 1744795, 3767696,
-        1657655, 2556694, 2193839, 2402412, 2557517, 2970835, 37356, 2093071,
-        2808383, 2560093, 1137383, 2773036, 193178, 2557028, 1169479, 1999591,
-        2385268, 325224, 3984602, 1676538, 3633361, 2138767, 2312568, 75510,
-        366638, 1685806, 1616764, 4165918, 3148486, 3073571, 16693, 2819130,
-        3441065, 1031438, 3176867, 1586823, 3634406, 437568, 888555, 1870218,
-        3426932, 2133958, 2430161, 1002489, 533268, 1489931, 505171, 3214601,
-        1019619, 1436251, 3715501, 2655770, 3797978, 1766945, 1022310, 580894,
-        2526365, 3350452, 3132661, 3884046, 596739, 2863406, 2841812, 2103723,
-        2367400, 223819, 2693295, 2102769, 1447210, 2445302, 632523, 3402595,
-        902383, 3799635, 1539528, 3670156, 2034135, 2595698, 3474486, 1219933,
-        1662524, 3822131, 1748524, 2301093, 2053832, 882669, 2345870, 1970930,
-        307664, 22223, 895174, 4009390, 3698770, 3951141, 20225, 1987140,
-        2127959, 1232040, 3591316, 3195857, 975552, 2517171, 4066286, 1100725,
-        3792509, 2605124, 856554, 2871333, 2710968, 3728963, 4155287, 2123402,
-        1675992, 1125921, 4166069, 2507989, 2992712, 2945993, 3044494, 3974689,
-        2359217, 91469, 2048487, 2239363, 4190501, 1296571, 2962214, 23332,
-        1499197, 2194520, 777851, 1294670, 98362, 3978135, 939533, 2521527,
-        2031374, 1733878, 2057388, 2321653, 1902883, 3464501, 649938, 3746448,
-        1407025, 2868979, 1866872, 2823992, 2403772, 1729474, 3652637, 2294295,
-        1408803, 3588471, 1560876, 822840, 1854479, 349367, 3473822, 71331,
-        2066555, 3041419, 184610, 3494127, 43679, 2858834, 1300766, 4092161,
-        3013096, 1883, 2384248, 536916, 3200132, 2448265, 2751618, 4198325,
-        2335606, 835632, 1475909, 3712761, 507324, 2619333, 4194335, 302949,
-        1094234, 298978, 2710313, 2380584, 494715, 733787, 1382960, 3410502,
-        3612607, 211939, 1404409, 3461384, 2198058, 339341, 3902634, 2014429,
-        1553156, 693353, 1894192, 122604, 1170731, 4114659, 1953642, 3369625,
-        245053, 2923218, 2658671, 580673, 2915079, 2384193, 8714, 962214,
-        4027734, 789669, 3683359, 3983012, 3463286, 4039167, 2403890, 3783030,
-        3034802, 890018, 280701, 1808405, 3566666, 4106178, 3813869, 893295,
-        1382006, 3559019, 3168695, 2144872, 2022369, 1623695, 4066035, 2934000,
-        2603762, 4010709, 1189812, 1589407, 52974, 1671898, 3022018, 1019883,
-        2391510, 2888980, 4187628, 1051723, 3034285, 2085817, 2578902, 3975068,
-        86562, 489847, 136654, 2116674, 3358926, 959523, 136014, 3239046,
-        2102677, 2619868, 538875, 3195930, 535845, 361370, 3529250, 541241,
-        2516284, 3760447, 1830521, 2254047, 1064338, 368446, 2150259, 1551600,
-        1328182, 2063531, 3136098, 2824386, 3602412, 348730, 869335, 1406204,
-        2606794, 3529876, 857228, 59677, 2739968, 184133, 2849546, 53304,
-        3850240, 1953862, 571552, 273335, 3564155, 965995, 3001848, 2484738,
-        1843388, 1216365, 1072953, 3528207, 3835396, 2016489, 846038, 3124222
-
-    };
-
-    /* Heuristic qTESLA Security Category-3 (Option for Size) */
-
-    public static final int[] ZETA_III_SIZE = {            /* 1024-Entry */
-
-        671800, 4181291, 975654, 970836, 1459996, 2949013, 1578790, 3375131,
-        177347, 2024971, 3299069, 2879655, 1061156, 3772041, 1726661, 2646527,
-        224962, 3106510, 1764167, 3790159, 110295, 277183, 2296602, 1995237,
-        1574725, 1473236, 1081285, 144829, 114244, 719647, 4114328, 917441,
-        4188270, 3805772, 261389, 52393, 2185303, 1021265, 2167874, 2986441,
-        3886274, 2191966, 284211, 3446813, 1389427, 2107810, 1173125, 1597161,
-        3753261, 1373052, 793684, 4091628, 1677907, 4164049, 1948749, 2758369,
-        1027640, 1118203, 891820, 1309242, 1810791, 1863364, 2587868, 1541007,
-        4104068, 675426, 1402433, 2557508, 1068970, 1940808, 3957823, 798456,
-        4092960, 3262467, 1793460, 658044, 1978921, 1367494, 3136736, 2360480,
-        941550, 37800, 1919065, 3032526, 581001, 3323192, 299785, 3114533,
-        545048, 2845265, 1891473, 102035, 2256179, 221259, 1796623, 504470,
-        377401, 3184337, 3107383, 606431, 200460, 3770995, 986925, 207500,
-        3712747, 1696453, 4158053, 3530443, 32005, 3222743, 3918763, 3574153,
-        2768592, 2608835, 1856937, 905294, 214652, 4154226, 2876170, 2651799,
-        1098009, 3905542, 3763042, 3055325, 1438567, 969841, 2397140, 3637385,
-        3779810, 644984, 1638607, 498549, 3404792, 4055115, 9472, 315805,
-        1796876, 972163, 3025826, 3334639, 2290368, 2552107, 160996, 3282568,
-        2279239, 1305163, 2304247, 603598, 3803059, 2582009, 3202587, 1094032,
-        1195417, 2879417, 1648902, 542294, 3085586, 3325229, 4177450, 150226,
-        890698, 503530, 3122945, 1929018, 3309179, 1075767, 2185016, 276011,
-        1620579, 1349757, 454010, 3835301, 3658519, 2369797, 203221, 2116132,
-        1371940, 3499700, 2991078, 3597638, 942280, 506271, 701979, 1853372,
-        2165162, 2830558, 2083508, 3582128, 4177826, 2623861, 3740436, 725559,
-        791017, 595361, 2192451, 878351, 1919935, 1730363, 165115, 3011415,
-        539166, 4049306, 2512830, 3633034, 3743092, 1721797, 356766, 3860922,
-        551806, 520752, 1492250, 3020875, 296084, 3951086, 3702654, 1541222,
-        2760082, 2967699, 1811892, 1913148, 3121111, 2583448, 37791, 2289197,
-        228811, 315449, 2711375, 2035264, 998876, 684125, 1377229, 1723513,
-        2093137, 1181754, 3978572, 1168111, 1295590, 1870157, 2992279, 1610031,
-        2052968, 3195982, 3195020, 2498826, 2430997, 1447298, 2178224, 1573739,
-        3444420, 2425537, 3066466, 1895376, 3494178, 2341084, 2603206, 2810264,
-        3665075, 4030046, 232980, 3770527, 2425457, 3193512, 1906687, 3838549,
-        1081341, 3385499, 343154, 3648238, 3066045, 3502707, 903006, 2216085,
-        2477447, 3769256, 2700907, 2899931, 3094342, 404354, 2325640, 4161594,
-        1153616, 2601633, 624385, 56418, 4122920, 303574, 3474524, 3047326,
-        3446806, 1755473, 1289687, 3030484, 745529, 2037059, 1126174, 3508536,
-        3263841, 1057863, 2424516, 3666380, 2238799, 1918076, 1096624, 666757,
-        2414037, 4105141, 86489, 236751, 2175830, 2842379, 3751432, 366978,
-        1727916, 627613, 2576775, 231383, 2352896, 1039386, 650148, 3849095,
-        2893195, 2813545, 2172937, 1389954, 1261168, 1470030, 832830, 3548304,
-        2585258, 3650945, 3733752, 797947, 4183412, 261772, 374082, 3717015,
-        1306771, 591941, 3320862, 3969254, 3730288, 4153963, 2641916, 706453,
-        3574687, 687011, 3723863, 518936, 674472, 2242626, 174183, 3560884,
-        3969544, 425417, 789235, 4183047, 4027225, 982625, 2075760, 2392513,
-        2538340, 3022462, 1997528, 356548, 3730142, 1536313, 1202696, 1344848,
-        3103217, 2383022, 1762142, 2994989, 3102783, 3072599, 1517632, 2024436,
-        2534641, 147328, 2356097, 190578, 2587663, 440306, 2374767, 3182600,
-        680532, 484370, 4131095, 3009332, 3562207, 976019, 3613316, 3033006,
-        3743622, 4136404, 1605237, 66645, 3859240, 908865, 4051121, 2726336,
-        3637443, 2340134, 813357, 3985220, 2868243, 3650243, 1684957, 3023114,
-        2402323, 1820096, 1764462, 1049670, 2260628, 4976, 3760346, 3157996,
-        3573461, 1006628, 454916, 4159906, 337885, 22277, 520578, 2607705,
-        2561874, 503606, 1415232, 3823408, 3829828, 554510, 914738, 3838536,
-        653901, 664244, 3918457, 361056, 515834, 2583400, 2666144, 1562200,
-        2635470, 3523620, 2847787, 281762, 1416774, 4047010, 2739024, 1492985,
-        2613083, 2116726, 4076288, 4141191, 3357856, 741301, 977038, 4028938,
-        1661277, 2769449, 3571042, 2601104, 57237, 3026729, 3478919, 87366,
-        3697654, 2676961, 3932341, 2883942, 3200147, 623723, 871365, 763732,
-        2354543, 661482, 1442350, 148821, 966821, 2154509, 1229800, 2252524,
-        1712762, 687319, 1231124, 225814, 127675, 2786959, 2996601, 1997279,
-        1410197, 2759369, 254896, 2633749, 743622, 2420984, 594581, 1359068,
-        3724994, 3338166, 473524, 3323698, 110693, 2630130, 3742099, 1392129,
-        1263087, 1474128, 964094, 3338617, 2682625, 2350723, 4039051, 2437147,
-        2003303, 1029372, 3710675, 1198388, 4047402, 337401, 959139, 3673320,
-        3269977, 1757086, 3846011, 3052386, 1555886, 1213798, 1730449, 574426,
-        3730903, 4058825, 3075, 3232877, 597243, 584901, 3208277, 423060,
-        3216342, 3727213, 89571, 709528, 3722455, 112585, 4199553, 578587,
-        1727014, 3010665, 1118724, 3088559, 458307, 695931, 2551953, 3462204,
-        2654347, 2908501, 3034211, 3511237, 3734268, 2443875, 270514, 776347,
-        683036, 1526569, 521044, 2352920, 557737, 4056083, 2391161, 2389563,
-        2293979, 2581739, 2738173, 2545480, 1008072, 3577574, 1673061, 4116273,
-        133058, 1222352, 1144238, 882222, 3000625, 4046931, 141504, 1904001,
-        1035854, 3807884, 2398461, 446181, 2041489, 1148183, 2291458, 3675915,
-        255124, 369448, 3016249, 2025225, 3237403, 2220199, 3134791, 2587255,
-        3220754, 3366174, 132697, 3383227, 1358468, 1158291, 2321651, 2869559,
-        1425523, 4054733, 69091, 3521561, 2453355, 2968118, 2968833, 3185424,
-        988606, 3025251, 1154802, 24092, 1305476, 3938667, 3405455, 2280837,
-        2987149, 1576181, 3812113, 481232, 1911887, 2305037, 3637072, 515558,
-        3183843, 3460525, 2134536, 3376047, 849276, 912675, 3126131, 3349335,
-        1736653, 247313, 307171, 2906949, 2483567, 3951115, 449581, 3211241,
-        119780, 3050685, 312715, 129516, 1413964, 3626707, 1834389, 739674,
-        2166987, 1898439, 3247386, 543470, 3893129, 1952324, 4010533, 2663329,
-        1611039, 4159354, 3221090, 4011118, 456104, 4128401, 3481956, 1341852,
-        1346376, 1373597, 1886912, 2289124, 2035164, 3802432, 4020200, 1440583,
-        131860, 2447356, 1147783, 3884191, 36600, 1417517, 3115113, 4106357,
-        2209232, 3913295, 2079509, 2915453, 253356, 2093028, 3105753, 420898,
-        3641863, 2237777, 589597, 3471638, 1556385, 1574364, 2961455, 2414774,
-        2532838, 3894119, 2561579, 1825751, 2610770, 4095615, 2366084, 1696032,
-        2935352, 1982899, 3940806, 962691, 2874348, 2295425, 3088987, 1724605,
-        138760, 2611152, 2321223, 3862854, 977071, 3373271, 2119442, 2444640,
-        184156, 2401204, 2250096, 3883423, 24318, 1799015, 2709027, 2477092,
-        2937887, 872546, 348220, 49520, 266109, 1166709, 1470353, 712356,
-        4162049, 2520023, 1093919, 3371334, 1529777, 3549597, 3033168, 3626405,
-        317815, 972428, 3325840, 1416192, 1615043, 3225312, 49030, 591050,
-        3470933, 533400, 905783, 2128579, 2589779, 1556207, 3295501, 3128246,
-        1323037, 2836289, 1222103, 2635029, 764092, 1785154, 1271391, 407326,
-        3293361, 697832, 1957938, 26925, 1909470, 921060, 1189793, 452905,
-        177180, 3986522, 3612073, 2634482, 3811697, 2155464, 3184049, 3773906,
-        4155559, 890604, 965647, 946702, 2980153, 2514794, 1634712, 1413135,
-        2059115, 1095948, 1094602, 3286386, 1617289, 2234906, 2942756, 2831603,
-        2790364, 4110867, 3267277, 2818115, 997189, 3975212, 1919457, 3294782,
-        42631, 3979780, 677949, 1074671, 4007873, 2013224, 4064265, 1404667,
-        1266413, 1753048, 1480954, 2251688, 3671233, 3337348, 3023835, 704482,
-        1867102, 2290506, 1202801, 3686892, 3618479, 3297031, 2477670, 3415258,
-        2889498, 2106378, 361488, 1478812, 3536666, 645275, 2793501, 2983604,
-        3150760, 1136423, 2629214, 3144871, 1095947, 2432448, 3144124, 1562104,
-        3685583, 2519659, 1745378, 275993, 1028739, 4053547, 3139341, 791685,
-        205316, 940435, 3044250, 3537550, 2347550, 2748749, 216515, 2376693,
-        3994272, 758809, 336837, 4138282, 254982, 2087732, 1443586, 2090448,
-        2407213, 2192231, 584225, 1528366, 714102, 2781015, 1061159, 144894,
-        2251444, 1706143, 3064185, 1082774, 1212561, 1964667, 1808852, 1281436,
-        380192, 1938622, 3594224, 2865093, 1814198, 3709791, 3557452, 641073,
-        3449310, 2797672, 1886229, 2374072, 1947652, 910530, 4110612, 3688785,
-        2761424, 2192378, 1210992, 432423, 3990493, 3710041, 3364266, 1402625,
-        1430941, 466915, 2307343, 3969361, 3041855, 1636011, 2336989, 4083954,
-        1752367, 1468975, 4003767, 2752277, 2639144, 2435428, 168292, 2731409,
-        2173963, 313121, 1885409, 1792411, 105750, 1595875, 3535511, 1917121,
-        3348968, 3600516, 3025874, 1234611, 387230, 254793, 2267177, 423073,
-        3643782, 2241875, 720861, 3996710, 2066073, 1031892, 2436415, 3356685,
-        3628852, 1131491, 315588, 3085726, 4060906, 3713538, 561022, 142143,
-        137017, 4091465, 525060, 523088, 2581256, 2546361, 529201, 1724592,
-        3917913, 4096490, 1689933, 575672, 2633453, 2453964, 3882580, 236313,
-        394169, 2731312, 3191196, 135139, 1208112, 2180950, 4051722, 330078,
-        4161293, 3314132, 1075088, 3797989, 958522, 1974573, 3610471, 3368492,
-        629863, 3712506, 281606, 4189621, 1437509, 2515187, 1936773, 3150875,
-        797596, 4050969, 2506561, 2023050, 3235484, 2216101, 3003527, 569898,
-        2081018, 3678953, 3392925, 857476, 1224594, 2996526, 3160227, 35843
-
-    };
-
-    public static final int[] ZETA_INVERSE_III_SIZE = {    /* 1024-Entry */
-
-        1046366, 1210067, 2981999, 3349117, 813668, 527640, 2125575, 3636695,
-        1203066, 1990492, 971109, 2183543, 1700032, 155624, 3408997, 1055718,
-        2269820, 1691406, 2769084, 16972, 3924987, 494087, 3576730, 838101,
-        596122, 2232020, 3248071, 408604, 3131505, 892461, 45300, 3876515,
-        154871, 2025643, 2998481, 4071454, 1015397, 1475281, 3812424, 3970280,
-        324013, 1752629, 1573140, 3630921, 2516660, 110103, 288680, 2482001,
-        3677392, 1660232, 1625337, 3683505, 3681533, 115128, 4069576, 4064450,
-        3645571, 493055, 145687, 1120867, 3891005, 3075102, 577741, 849908,
-        1770178, 3174701, 2140520, 209883, 3485732, 1964718, 562811, 3783520,
-        1939416, 3951800, 3819363, 2971982, 1180719, 606077, 857625, 2289472,
-        671082, 2610718, 4100843, 2414182, 2321184, 3893472, 2032630, 1475184,
-        4038301, 1771165, 1567449, 1454316, 202826, 2737618, 2454226, 122639,
-        1869604, 2570582, 1164738, 237232, 1899250, 3739678, 2775652, 2803968,
-        842327, 496552, 216100, 3774170, 2995601, 2014215, 1445169, 517808,
-        95981, 3296063, 2258941, 1832521, 2320364, 1408921, 757283, 3565520,
-        649141, 496802, 2392395, 1341500, 612369, 2267971, 3826401, 2925157,
-        2397741, 2241926, 2994032, 3123819, 1142408, 2500450, 1955149, 4061699,
-        3145434, 1425578, 3492491, 2678227, 3622368, 2014362, 1799380, 2116145,
-        2763007, 2118861, 3951611, 68311, 3869756, 3447784, 212321, 1829900,
-        3990078, 1457844, 1859043, 669043, 1162343, 3266158, 4001277, 3414908,
-        1067252, 153046, 3177854, 3930600, 2461215, 1686934, 521010, 2644489,
-        1062469, 1774145, 3110646, 1061722, 1577379, 3070170, 1055833, 1222989,
-        1413092, 3561318, 669927, 2727781, 3845105, 2100215, 1317095, 791335,
-        1728923, 909562, 588114, 519701, 3003792, 1916087, 2339491, 3502111,
-        1182758, 869245, 535360, 1954905, 2725639, 2453545, 2940180, 2801926,
-        142328, 2193369, 198720, 3131922, 3528644, 226813, 4163962, 911811,
-        2287136, 231381, 3209404, 1388478, 939316, 95726, 1416229, 1374990,
-        1263837, 1971687, 2589304, 920207, 3111991, 3110645, 2147478, 2793458,
-        2571881, 1691799, 1226440, 3259891, 3240946, 3315989, 51034, 432687,
-        1022544, 2051129, 394896, 1572111, 594520, 220071, 4029413, 3753688,
-        3016800, 3285533, 2297123, 4179668, 2248655, 3508761, 913232, 3799267,
-        2935202, 2421439, 3442501, 1571564, 2984490, 1370304, 2883556, 1078347,
-        911092, 2650386, 1616814, 2078014, 3300810, 3673193, 735660, 3615543,
-        4157563, 981281, 2591550, 2790401, 880753, 3234165, 3888778, 580188,
-        1173425, 656996, 2676816, 835259, 3112674, 1686570, 44544, 3494237,
-        2736240, 3039884, 3940484, 4157073, 3858373, 3334047, 1268706, 1729501,
-        1497566, 2407578, 4182275, 323170, 1956497, 1805389, 4022437, 1761953,
-        2087151, 833322, 3229522, 343739, 1885370, 1595441, 4067833, 2481988,
-        1117606, 1911168, 1332245, 3243902, 265787, 2223694, 1271241, 2510561,
-        1840509, 110978, 1595823, 2380842, 1645014, 312474, 1673755, 1791819,
-        1245138, 2632229, 2650208, 734955, 3616996, 1968816, 564730, 3785695,
-        1100840, 2113565, 3953237, 1291140, 2127084, 293298, 1997361, 100236,
-        1091480, 2789076, 4169993, 322402, 3058810, 1759237, 4074733, 2766010,
-        186393, 404161, 2171429, 1917469, 2319681, 2832996, 2860217, 2864741,
-        724637, 78192, 3750489, 195475, 985503, 47239, 2595554, 1543264,
-        196060, 2254269, 313464, 3663123, 959207, 2308154, 2039606, 3466919,
-        2372204, 579886, 2792629, 4077077, 3893878, 1155908, 4086813, 995352,
-        3757012, 255478, 1723026, 1299644, 3899422, 3959280, 2469940, 857258,
-        1080462, 3293918, 3357317, 830546, 2072057, 746068, 1022750, 3691035,
-        569521, 1901556, 2294706, 3725361, 394480, 2630412, 1219444, 1925756,
-        801138, 267926, 2901117, 4182501, 3051791, 1181342, 3217987, 1021169,
-        1237760, 1238475, 1753238, 685032, 4137502, 151860, 2781070, 1337034,
-        1884942, 3048302, 2848125, 823366, 4073896, 840419, 985839, 1619338,
-        1071802, 1986394, 969190, 2181368, 1190344, 3837145, 3951469, 530678,
-        1915135, 3058410, 2165104, 3760412, 1808132, 398709, 3170739, 2302592,
-        4065089, 159662, 1205968, 3324371, 3062355, 2984241, 4073535, 90320,
-        2533532, 629019, 3198521, 1661113, 1468420, 1624854, 1912614, 1817030,
-        1815432, 150510, 3648856, 1853673, 3685549, 2680024, 3523557, 3430246,
-        3936079, 1762718, 472325, 695356, 1172382, 1298092, 1552246, 744389,
-        1654640, 3510662, 3748286, 1118034, 3087869, 1195928, 2479579, 3628006,
-        7040, 4094008, 484138, 3497065, 4117022, 479380, 990251, 3783533,
-        998316, 3621692, 3609350, 973716, 4203518, 147768, 475690, 3632167,
-        2476144, 2992795, 2650707, 1154207, 360582, 2449507, 936616, 533273,
-        3247454, 3869192, 159191, 3008205, 495918, 3177221, 2203290, 1769446,
-        167542, 1855870, 1523968, 867976, 3242499, 2732465, 2943506, 2814464,
-        464494, 1576463, 4095900, 882895, 3733069, 868427, 481599, 2847525,
-        3612012, 1785609, 3462971, 1572844, 3951697, 1447224, 2796396, 2209314,
-        1209992, 1419634, 4078918, 3980779, 2975469, 3519274, 2493831, 1954069,
-        2976793, 2052084, 3239772, 4057772, 2764243, 3545111, 1852050, 3442861,
-        3335228, 3582870, 1006446, 1322651, 274252, 1529632, 508939, 4119227,
-        727674, 1179864, 4149356, 1605489, 635551, 1437144, 2545316, 177655,
-        3229555, 3465292, 848737, 65402, 130305, 2089867, 1593510, 2713608,
-        1467569, 159583, 2789819, 3924831, 1358806, 682973, 1571123, 2644393,
-        1540449, 1623193, 3690759, 3845537, 288136, 3542349, 3552692, 368057,
-        3291855, 3652083, 376765, 383185, 2791361, 3702987, 1644719, 1598888,
-        3686015, 4184316, 3868708, 46687, 3751677, 3199965, 633132, 1048597,
-        446247, 4201617, 1945965, 3156923, 2442131, 2386497, 1804270, 1183479,
-        2521636, 556350, 1338350, 221373, 3393236, 1866459, 569150, 1480257,
-        155472, 3297728, 347353, 4139948, 2601356, 70189, 462971, 1173587,
-        593277, 3230574, 644386, 1197261, 75498, 3722223, 3526061, 1023993,
-        1831826, 3766287, 1618930, 4016015, 1850496, 4059265, 1671952, 2182157,
-        2688961, 1133994, 1103810, 1211604, 2444451, 1823571, 1103376, 2861745,
-        3003897, 2670280, 476451, 3850045, 2209065, 1184131, 1668253, 1814080,
-        2130833, 3223968, 179368, 23546, 3417358, 3781176, 237049, 645709,
-        4032410, 1963967, 3532121, 3687657, 482730, 3519582, 631906, 3500140,
-        1564677, 52630, 476305, 237339, 885731, 3614652, 2899822, 489578,
-        3832511, 3944821, 23181, 3408646, 472841, 555648, 1621335, 658289,
-        3373763, 2736563, 2945425, 2816639, 2033656, 1393048, 1313398, 357498,
-        3556445, 3167207, 1853697, 3975210, 1629818, 3578980, 2478677, 3839615,
-        455161, 1364214, 2030763, 3969842, 4120104, 101452, 1792556, 3539836,
-        3109969, 2288517, 1967794, 540213, 1782077, 3148730, 942752, 698057,
-        3080419, 2169534, 3461064, 1176109, 2916906, 2451120, 759787, 1159267,
-        732069, 3903019, 83673, 4150175, 3582208, 1604960, 3052977, 44999,
-        1880953, 3802239, 1112251, 1306662, 1505686, 437337, 1729146, 1990508,
-        3303587, 703886, 1140548, 558355, 3863439, 821094, 3125252, 368044,
-        2299906, 1013081, 1781136, 436066, 3973613, 176547, 541518, 1396329,
-        1603387, 1865509, 712415, 2311217, 1140127, 1781056, 762173, 2632854,
-        2028369, 2759295, 1775596, 1707767, 1011573, 1010611, 2153625, 2596562,
-        1214314, 2336436, 2911003, 3038482, 228021, 3024839, 2113456, 2483080,
-        2829364, 3522468, 3207717, 2171329, 1495218, 3891144, 3977782, 1917396,
-        4168802, 1623145, 1085482, 2293445, 2394701, 1238894, 1446511, 2665371,
-        503939, 255507, 3910509, 1185718, 2714343, 3685841, 3654787, 345671,
-        3849827, 2484796, 463501, 573559, 1693763, 157287, 3667427, 1195178,
-        4041478, 2476230, 2286658, 3328242, 2014142, 3611232, 3415576, 3481034,
-        466157, 1582732, 28767, 624465, 2123085, 1376035, 2041431, 2353221,
-        3504614, 3700322, 3264313, 608955, 1215515, 706893, 2834653, 2090461,
-        4003372, 1836796, 548074, 371292, 3752583, 2856836, 2586014, 3930582,
-        2021577, 3130826, 897414, 2277575, 1083648, 3703063, 3315895, 4056367,
-        29143, 881364, 1121007, 3664299, 2557691, 1327176, 3011176, 3112561,
-        1004006, 1624584, 403534, 3602995, 1902346, 2901430, 1927354, 924025,
-        4045597, 1654486, 1916225, 871954, 1180767, 3234430, 2409717, 3890788,
-        4197121, 151478, 801801, 3708044, 2567986, 3561609, 426783, 569208,
-        1809453, 3236752, 2768026, 1151268, 443551, 301051, 3108584, 1554794,
-        1330423, 52367, 3991941, 3301299, 2349656, 1597758, 1438001, 632440,
-        287830, 983850, 4174588, 676150, 48540, 2510140, 493846, 3999093,
-        3219668, 435598, 4006133, 3600162, 1099210, 1022256, 3829192, 3702123,
-        2409970, 3985334, 1950414, 4104558, 2315120, 1361328, 3661545, 1092060,
-        3906808, 883401, 3625592, 1174067, 2287528, 4168793, 3265043, 1846113,
-        1069857, 2839099, 2227672, 3548549, 2413133, 944126, 113633, 3408137,
-        248770, 2265785, 3137623, 1649085, 2804160, 3531167, 102525, 2665586,
-        1618725, 2343229, 2395802, 2897351, 3314773, 3088390, 3178953, 1448224,
-        2257844, 42544, 2528686, 114965, 3412909, 2833541, 453332, 2609432,
-        3033468, 2098783, 2817166, 759780, 3922382, 2014627, 320319, 1220152,
-        2038719, 3185328, 2021290, 4154200, 3945204, 400821, 18323, 3289152,
-        92265, 3486946, 4092349, 4061764, 3125308, 2733357, 2631868, 2211356,
-        1909991, 3929410, 4096298, 416434, 2442426, 1100083, 3981631, 1560066,
-        2479932, 434552, 3145437, 1326938, 907524, 2181622, 4029246, 831462,
-        2627803, 1257580, 2746597, 3235757, 3230939, 25302, 3534793, 4170750
-
-    };
-
-    /* Heuristic qTESLA Security Category-3 (Option for Speed) */
-
-    public static final int[] ZETA_III_SPEED = {            /* 1024-Entry */
-
-        4751355, 3795849, 4203855, 2135008, 6005859, 8231721, 5028848, 2129664,
-        7697675, 4755217, 4725508, 3239612, 6448681, 1076080, 3836135, 157994,
-        5620931, 7886062, 2890907, 5218426, 5961785, 6266756, 6428554, 5190121,
-        4542230, 1731429, 2223635, 4784194, 3466184, 2050685, 6391390, 2917454,
-        2117568, 5724978, 3127077, 96284, 5251989, 3298678, 7201703, 432021,
-        540694, 6011377, 6511091, 6136825, 215125, 6152822, 4121955, 6320948,
-        4723419, 3116754, 3645529, 4643271, 3249093, 3697259, 965302, 3790255,
-        413429, 835404, 7555714, 4708344, 980578, 8245349, 3583234, 5891188,
-        510086, 5483952, 4214513, 7522675, 1382737, 8097349, 2423268, 1978286,
-        5820434, 2985005, 1002240, 3252040, 5584283, 4027445, 3761478, 571563,
-        7926529, 5265675, 4705738, 1136608, 2087977, 4856723, 7896505, 2504130,
-        4175968, 5245926, 3848909, 3723902, 2181242, 6476735, 5922041, 2555482,
-        6087709, 1106974, 975919, 978505, 666303, 510879, 5043449, 4402981,
-        4204183, 6947226, 3519239, 7237093, 2533941, 1259684, 4897608, 2422013,
-        5398162, 3551190, 6378523, 1066751, 5216741, 6557683, 7171180, 7736022,
-        7762004, 7816398, 434930, 5685531, 7776512, 2136107, 4689096, 2604202,
-        981324, 6730872, 7113462, 4313227, 5315069, 2687514, 6464663, 6622027,
-        4919554, 3137828, 6662263, 180027, 1225049, 993103, 6035200, 4768729,
-        7594608, 7982166, 1506084, 1412996, 7294988, 6493396, 3679803, 707143,
-        5016089, 5893370, 7746168, 8284307, 2196442, 4506697, 5744441, 8155374,
-        2335696, 3358969, 4559736, 8378847, 7396599, 5613912, 5146767, 5609330,
-        7478110, 7007768, 1540167, 2082109, 4395136, 2443, 1730472, 6785605,
-        3689430, 7862069, 5994777, 2079150, 1569788, 3575961, 2449565, 7637802,
-        3223577, 7636917, 7014221, 3206599, 1033702, 2788915, 2962522, 5785994,
-        2935623, 8040165, 646639, 6994735, 1576929, 4976182, 1923760, 7349612,
-        7767222, 5695773, 2143434, 1957445, 6164911, 6325092, 3612819, 5415356,
-        6956649, 426840, 6748291, 3530533, 2487417, 7851363, 3671732, 7201581,
-        4717139, 4328822, 5046010, 6056773, 997476, 3549222, 1616322, 3335537,
-        2012692, 7475529, 2140630, 167787, 3791455, 3347958, 1263751, 2818658,
-        8280316, 4667491, 7207537, 6918648, 6602507, 1441518, 5135376, 1610367,
-        1016061, 6841480, 1841539, 2809077, 5412381, 1240493, 4442913, 2092171,
-        530239, 4308557, 3094305, 18124, 7247221, 5096652, 6892131, 3384856,
-        1435046, 3360331, 4908655, 1534384, 724138, 4632705, 7021901, 776577,
-        6462800, 658408, 6767742, 6323190, 163450, 3090558, 8264681, 6113406,
-        2256514, 2002774, 4157811, 1055743, 4272701, 50782, 506820, 2425609,
-        6121916, 7048118, 7211758, 7436523, 7921267, 8219231, 2113012, 5561555,
-        5402793, 6238877, 2785469, 6601179, 5379488, 8247469, 7039082, 8122949,
-        4032315, 7719142, 6412117, 1765474, 1423373, 3702073, 6814517, 4539579,
-        3714409, 3581714, 4818181, 4950204, 6549391, 6746510, 1332314, 6200219,
-        4026957, 4085009, 6474721, 6328096, 8097370, 821395, 4479068, 6408341,
-        1730278, 3865108, 131998, 3351400, 4527559, 4193606, 1952686, 3339484,
-        549242, 3890467, 3314638, 2970830, 7867854, 235273, 4948941, 3082658,
-        6487691, 6448908, 3822702, 5156099, 3762420, 359477, 1160634, 2545064,
-        2616573, 343964, 1277910, 8113538, 5564704, 6944366, 2663139, 2516714,
-        7942808, 5983628, 6727371, 7839582, 4671024, 5279277, 2488251, 5096610,
-        7584873, 1054559, 3389302, 5410955, 2700464, 7113783, 1182446, 681631,
-        7959149, 1325409, 3882231, 4559, 7653722, 2600940, 4354328, 6155200,
-        8125241, 629708, 1056841, 5566349, 6779032, 7067599, 5284661, 693330,
-        7111640, 6054764, 513663, 3702555, 3667331, 8053262, 3156410, 3207020,
-        6096921, 3226364, 425916, 1538990, 398369, 155207, 5962206, 3895624,
-        3506460, 4470299, 8132637, 7313282, 1829556, 3023684, 7819374, 258083,
-        4547318, 6274233, 4376026, 630321, 5354666, 3252030, 3347795, 5465400,
-        424523, 5150532, 4329513, 5096843, 2541091, 4590781, 5698802, 5642789,
-        6737542, 6616826, 6654175, 1804189, 2843875, 5019191, 2161010, 1581450,
-        7289320, 4525144, 2861293, 1184843, 6181826, 3408399, 6954125, 5897789,
-        899044, 983144, 996950, 2489509, 387143, 6743865, 6535741, 5316114,
-        2464958, 6452453, 6588356, 7749117, 3100483, 5451553, 6683005, 6153131,
-        2627493, 3750459, 6016367, 1854681, 5732487, 5756336, 8222984, 6286073,
-        4805023, 4851345, 5346259, 2571898, 7886466, 915166, 750162, 7786158,
-        3314583, 3691654, 8162728, 2964553, 934173, 2078087, 5894912, 103974,
-        2087696, 8074875, 5687948, 6220280, 5741269, 3408244, 5908533, 5524440,
-        405672, 2691224, 4107404, 1478212, 5069278, 1307718, 2701016, 5020579,
-        3281802, 173449, 7661012, 6737317, 2871182, 7099172, 8035102, 4259638,
-        676548, 1986555, 2711904, 72486, 1537417, 4903843, 6366739, 2767425,
-        4405806, 3939004, 6029482, 7042007, 7145803, 4423846, 5865280, 6985580,
-        4890457, 5525519, 3020926, 5286410, 2507470, 164000, 7418741, 3860720,
-        464246, 7532333, 2980645, 2208123, 1971493, 7819798, 4391480, 3562255,
-        1579560, 3499404, 3220123, 5084410, 2287245, 6505523, 7780056, 63470,
-        7361152, 6336292, 3791465, 1891129, 6121738, 6215206, 578317, 2487175,
-        2862407, 7213504, 175006, 850302, 4374314, 3335934, 5070337, 6404001,
-        6073674, 8339498, 2024643, 590809, 3871922, 7695009, 3420134, 2417242,
-        2441851, 510359, 6415975, 5966400, 1511640, 3278055, 7552659, 7251424,
-        299565, 4631182, 923500, 4565103, 1774136, 1514014, 504288, 7611114,
-        348434, 6179273, 6103289, 5512004, 6204874, 4163633, 4030619, 5442160,
-        5517078, 4979705, 1450139, 4955279, 6892996, 1378796, 7049658, 7482552,
-        2773460, 3700106, 5637962, 1306126, 1342831, 2876039, 2004802, 7911534,
-        7811881, 7092783, 2948733, 3985770, 4334975, 2089910, 4202878, 5889243,
-        2572806, 7276150, 3116397, 4610309, 4197207, 4524762, 3158380, 712800,
-        7767402, 2288328, 3468435, 4486610, 3258256, 4642983, 4397184, 3897150,
-        3551813, 5337205, 7602723, 882125, 4202004, 8272524, 4429435, 2663261,
-        1849803, 4271342, 947283, 5290695, 2673376, 7191822, 2383684, 5913757,
-        1682056, 4777883, 695434, 2390033, 5758581, 3482483, 6148624, 4372212,
-        1400527, 3325425, 3100142, 7502466, 6912369, 6564003, 187779, 6691298,
-        1850484, 1886083, 496958, 4353128, 6385269, 7972087, 3249950, 1216051,
-        2945392, 1716654, 974864, 2073675, 4221586, 3197564, 5970107, 2900682,
-        1387771, 1054897, 5018658, 4773826, 2772495, 3056563, 3437397, 1151634,
-        3999643, 4238788, 2370183, 7770204, 2300657, 4762800, 4526771, 4778855,
-        6276244, 2113067, 4081453, 4596532, 896126, 1589159, 5012357, 1884715,
-        3849142, 1866468, 1032092, 4847686, 5661618, 424095, 6396824, 6683872,
-        1861112, 2415218, 7008299, 7999725, 61635, 7831813, 1934052, 1635771,
-        5857904, 3890446, 3661009, 4427825, 1472600, 2675631, 3142762, 2889031,
-        6246428, 3402870, 890885, 300722, 6084442, 6218398, 6764876, 198422,
-        5203148, 1220540, 3348691, 7973167, 1045857, 5930282, 7686549, 4965437,
-        2645402, 3029580, 1825802, 4844838, 5808305, 3553948, 2913430, 4640069,
-        3231039, 5061776, 3388089, 5793791, 5210767, 6179591, 3259669, 208882,
-        7981542, 8176212, 8044267, 4362411, 8164807, 3882310, 4575856, 1654989,
-        2265125, 4993003, 1845358, 876204, 4604356, 6572234, 3709582, 2495322,
-        7769694, 925160, 5211127, 3071339, 8271814, 1715113, 5979772, 8317560,
-        2452182, 4560530, 2756321, 7541123, 2085235, 2131014, 7043807, 945796,
-        1043611, 2220162, 1519639, 1881321, 4596482, 136652, 8225264, 4442429,
-        3140394, 4274467, 2235364, 3403641, 181254, 2256107, 5402447, 274444,
-        2450384, 774651, 1007857, 488393, 7305342, 8006923, 6213033, 6045031,
-        7357074, 3686418, 2069641, 4827274, 6134510, 8182850, 6622239, 4957796,
-        5001496, 2676491, 2165891, 4258696, 1805202, 5978874, 5892091, 3081817,
-        8351892, 2919790, 6813596, 1226235, 7874664, 1597662, 445691, 7699844,
-        517985, 5142533, 583275, 2942212, 2005170, 2781492, 5325095, 5840485,
-        5904531, 1652696, 462001, 488382, 1483208, 3583371, 3903552, 4338246,
-        8102054, 4607027, 3097235, 5461223, 878707, 5641705, 3004044, 6269117,
-        8310809, 1068150, 3754674, 7419023, 2389012, 2672920, 7033357, 3299934,
-        5696831, 8333890, 6870124, 4248890, 7451238, 2996873, 969409, 4748469,
-        6761147, 7334152, 4608897, 6381766, 593469, 5060352, 7663929, 3490012,
-        5639842, 804562, 3554683, 1275119, 2464713, 584123, 1282802, 869246,
-        1698712, 460380, 2270294, 1082297, 5755881, 4164200, 3083595, 7232256,
-        6669791, 5297513, 7888160, 305159, 4943995, 4839451, 4607217, 4607189,
-        4027370, 6773057, 2930951, 7228212, 4930292, 5787132, 6979166, 3679768,
-        2488882, 7434774, 6751191, 4901863, 601751, 3772392, 4470584, 3139313,
-        2581011, 5344571, 2578160, 126930, 4080823, 5594812, 3191131, 2170321,
-        4703512, 3837804, 7417071, 2996858, 6019670, 5239573, 1770901, 7113857,
-        5965467, 8008016, 192380, 7790747, 867783, 2310931, 477474, 723267,
-        2025346, 7474446, 1992778, 5665730, 5375937, 1925098, 1772156, 7957977,
-        7842750, 4780661, 1703317, 4165961, 5256458, 4850569, 4937646, 1616991,
-        8229940, 128563, 1160620, 5109082, 4794032, 4890146, 4147576, 7912097,
-        927266, 450684, 7302719, 2598976, 5529718, 1041149, 4841395, 6276135,
-        7825395, 7621671, 6329777, 1955851, 6040427, 1035300, 2855476, 3258870,
-        3396861, 5274746, 2777694, 3359337, 4493563, 561924, 7215951, 2907115,
-        4547697, 5403413, 7025806, 2453538, 4137455, 971005, 4298903, 1271923,
-        7150549, 2833306, 8021667, 7587207, 833119, 2919663, 5306176, 659188,
-        4708953, 3799478, 5584025, 7305039, 5709959, 3562365, 965949, 15873
-
-    };
-
-    public static final int[] ZETA_INVERSE_III_SPEED = {    /* 1024-Entry */
-
-        7439044, 4842628, 2695034, 1099954, 2820968, 4605515, 3696040, 7745805,
-        3098817, 5485330, 7571874, 817786, 383326, 5571687, 1254444, 7133070,
-        4106090, 7433988, 4267538, 5951455, 1379187, 3001580, 3857296, 5497878,
-        1189042, 7843069, 3911430, 5045656, 5627299, 3130247, 5008132, 5146123,
-        5549517, 7369693, 2364566, 6449142, 2075216, 783322, 579598, 2128858,
-        3563598, 7363844, 2875275, 5806017, 1102274, 7954309, 7477727, 492896,
-        4257417, 3514847, 3610961, 3295911, 7244373, 8276430, 175053, 6788002,
-        3467347, 3554424, 3148535, 4239032, 6701676, 3624332, 562243, 447016,
-        6632837, 6479895, 3029056, 2739263, 6412215, 930547, 6379647, 7681726,
-        7927519, 6094062, 7537210, 614246, 8212613, 396977, 2439526, 1291136,
-        6634092, 3165420, 2385323, 5408135, 987922, 4567189, 3701481, 6234672,
-        5213862, 2810181, 4324170, 8278063, 5826833, 3060422, 5823982, 5265680,
-        3934409, 4632601, 7803242, 3503130, 1653802, 970219, 5916111, 4725225,
-        1425827, 2617861, 3474701, 1176781, 5474042, 1631936, 4377623, 3797804,
-        3797776, 3565542, 3460998, 8099834, 516833, 3107480, 1735202, 1172737,
-        5321398, 4240793, 2649112, 7322696, 6134699, 7944613, 6706281, 7535747,
-        7122191, 7820870, 5940280, 7129874, 4850310, 7600431, 2765151, 4914981,
-        741064, 3344641, 7811524, 2023227, 3796096, 1070841, 1643846, 3656524,
-        7435584, 5408120, 953755, 4156103, 1534869, 71103, 2708162, 5105059,
-        1371636, 5732073, 6015981, 985970, 4650319, 7336843, 94184, 2135876,
-        5400949, 2763288, 7526286, 2943770, 5307758, 3797966, 302939, 4066747,
-        4501441, 4821622, 6921785, 7916611, 7942992, 6752297, 2500462, 2564508,
-        3079898, 5623501, 6399823, 5462781, 7821718, 3262460, 7887008, 705149,
-        7959302, 6807331, 530329, 7178758, 1591397, 5485203, 53101, 5323176,
-        2512902, 2426119, 6599791, 4146297, 6239102, 5728502, 3403497, 3447197,
-        1782754, 222143, 2270483, 3577719, 6335352, 4718575, 1047919, 2359962,
-        2191960, 398070, 1099651, 7916600, 7397136, 7630342, 5954609, 8130549,
-        3002546, 6148886, 8223739, 5001352, 6169629, 4130526, 5264599, 3962564,
-        179729, 8268341, 3808511, 6523672, 6885354, 6184831, 7361382, 7459197,
-        1361186, 6273979, 6319758, 863870, 5648672, 3844463, 5952811, 87433,
-        2425221, 6689880, 133179, 5333654, 3193866, 7479833, 635299, 5909671,
-        4695411, 1832759, 3800637, 7528789, 6559635, 3411990, 6139868, 6750004,
-        3829137, 4522683, 240186, 4042582, 360726, 228781, 423451, 8196111,
-        5145324, 2225402, 3194226, 2611202, 5016904, 3343217, 5173954, 3764924,
-        5491563, 4851045, 2596688, 3560155, 6579191, 5375413, 5759591, 3439556,
-        718444, 2474711, 7359136, 431826, 5056302, 7184453, 3201845, 8206571,
-        1640117, 2186595, 2320551, 8104271, 7514108, 5002123, 2158565, 5515962,
-        5262231, 5729362, 6932393, 3977168, 4743984, 4514547, 2547089, 6769222,
-        6470941, 573180, 8343358, 405268, 1396694, 5989775, 6543881, 1721121,
-        2008169, 7980898, 2743375, 3557307, 7372901, 6538525, 4555851, 6520278,
-        3392636, 6815834, 7508867, 3808461, 4323540, 6291926, 2128749, 3626138,
-        3878222, 3642193, 6104336, 634789, 6034810, 4166205, 4405350, 7253359,
-        4967596, 5348430, 5632498, 3631167, 3386335, 7350096, 7017222, 5504311,
-        2434886, 5207429, 4183407, 6331318, 7430129, 6688339, 5459601, 7188942,
-        5155043, 432906, 2019724, 4051865, 7908035, 6518910, 6554509, 1713695,
-        8217214, 1840990, 1492624, 902527, 5304851, 5079568, 7004466, 4032781,
-        2256369, 4922510, 2646412, 6014960, 7709559, 3627110, 6722937, 2491236,
-        6021309, 1213171, 5731617, 3114298, 7457710, 4133651, 6555190, 5741732,
-        3975558, 132469, 4202989, 7522868, 802270, 3067788, 4853180, 4507843,
-        4007809, 3762010, 5146737, 3918383, 4936558, 6116665, 637591, 7692193,
-        5246613, 3880231, 4207786, 3794684, 5288596, 1128843, 5832187, 2515750,
-        4202115, 6315083, 4070018, 4419223, 5456260, 1312210, 593112, 493459,
-        6400191, 5528954, 7062162, 7098867, 2767031, 4704887, 5631533, 922441,
-        1355335, 7026197, 1511997, 3449714, 6954854, 3425288, 2887915, 2962833,
-        4374374, 4241360, 2200119, 2892989, 2301704, 2225720, 8056559, 793879,
-        7900705, 6890979, 6630857, 3839890, 7481493, 3773811, 8105428, 1153569,
-        852334, 5126938, 6893353, 2438593, 1989018, 7894634, 5963142, 5987751,
-        4984859, 709984, 4533071, 7814184, 6380350, 65495, 2331319, 2000992,
-        3334656, 5069059, 4030679, 7554691, 8229987, 1191489, 5542586, 5917818,
-        7826676, 2189787, 2283255, 6513864, 4613528, 2068701, 1043841, 8341523,
-        624937, 1899470, 6117748, 3320583, 5184870, 4905589, 6825433, 4842738,
-        4013513, 585195, 6433500, 6196870, 5424348, 872660, 7940747, 4544273,
-        986252, 8240993, 5897523, 3118583, 5384067, 2879474, 3514536, 1419413,
-        2539713, 3981147, 1259190, 1362986, 2375511, 4465989, 3999187, 5637568,
-        2038254, 3501150, 6867576, 8332507, 5693089, 6418438, 7728445, 4145355,
-        369891, 1305821, 5533811, 1667676, 743981, 8231544, 5123191, 3384414,
-        5703977, 7097275, 3335715, 6926781, 4297589, 5713769, 7999321, 2880553,
-        2496460, 4996749, 2663724, 2184713, 2717045, 330118, 6317297, 8301019,
-        2510081, 6326906, 7470820, 5440440, 242265, 4713339, 5090410, 618835,
-        7654831, 7489827, 518527, 5833095, 3058734, 3553648, 3599970, 2118920,
-        182009, 2648657, 2672506, 6550312, 2388626, 4654534, 5777500, 2251862,
-        1721988, 2953440, 5304510, 655876, 1816637, 1952540, 5940035, 3088879,
-        1869252, 1661128, 8017850, 5915484, 7408043, 7421849, 7505949, 2507204,
-        1450868, 4996594, 2223167, 7220150, 5543700, 3879849, 1115673, 6823543,
-        6243983, 3385802, 5561118, 6600804, 1750818, 1788167, 1667451, 2762204,
-        2706191, 3814212, 5863902, 3308150, 4075480, 3254461, 7980470, 2939593,
-        5057198, 5152963, 3050327, 7774672, 4028967, 2130760, 3857675, 8146910,
-        585619, 5381309, 6575437, 1091711, 272356, 3934694, 4898533, 4509369,
-        2442787, 8249786, 8006624, 6866003, 7979077, 5178629, 2308072, 5197973,
-        5248583, 351731, 4737662, 4702438, 7891330, 2350229, 1293353, 7711663,
-        3120332, 1337394, 1625961, 2838644, 7348152, 7775285, 279752, 2249793,
-        4050665, 5804053, 751271, 8400434, 4522762, 7079584, 445844, 7723362,
-        7222547, 1291210, 5704529, 2994038, 5015691, 7350434, 820120, 3308383,
-        5916742, 3125716, 3733969, 565411, 1677622, 2421365, 462185, 5888279,
-        5741854, 1460627, 2840289, 291455, 7127083, 8061029, 5788420, 5859929,
-        7244359, 8045516, 4642573, 3248894, 4582291, 1956085, 1917302, 5322335,
-        3456052, 8169720, 537139, 5434163, 5090355, 4514526, 7855751, 5065509,
-        6452307, 4211387, 3877434, 5053593, 8272995, 4539885, 6674715, 1996652,
-        3925925, 7583598, 307623, 2076897, 1930272, 4319984, 4378036, 2204774,
-        7072679, 1658483, 1855602, 3454789, 3586812, 4823279, 4690584, 3865414,
-        1590476, 4702920, 6981620, 6639519, 1992876, 685851, 4372678, 282044,
-        1365911, 157524, 3025505, 1803814, 5619524, 2166116, 3002200, 2843438,
-        6291981, 185762, 483726, 968470, 1193235, 1356875, 2283077, 5979384,
-        7898173, 8354211, 4132292, 7349250, 4247182, 6402219, 6148479, 2291587,
-        140312, 5314435, 8241543, 2081803, 1637251, 7746585, 1942193, 7628416,
-        1383092, 3772288, 7680855, 6870609, 3496338, 5044662, 6969947, 5020137,
-        1512862, 3308341, 1157772, 8386869, 5310688, 4096436, 7874754, 6312822,
-        3962080, 7164500, 2992612, 5595916, 6563454, 1563513, 7388932, 6794626,
-        3269617, 6963475, 1802486, 1486345, 1197456, 3737502, 124677, 5586335,
-        7141242, 5057035, 4613538, 8237206, 6264363, 929464, 6392301, 5069456,
-        6788671, 4855771, 7407517, 2348220, 3358983, 4076171, 3687854, 1203412,
-        4733261, 553630, 5917576, 4874460, 1656702, 7978153, 1448344, 2989637,
-        4792174, 2079901, 2240082, 6447548, 6261559, 2709220, 637771, 1055381,
-        6481233, 3428811, 6828064, 1410258, 7758354, 364828, 5469370, 2618999,
-        5442471, 5616078, 7371291, 5198394, 1390772, 768076, 5181416, 767191,
-        5955428, 4829032, 6835205, 6325843, 2410216, 542924, 4715563, 1619388,
-        6674521, 8402550, 4009857, 6322884, 6864826, 1397225, 926883, 2795663,
-        3258226, 2791081, 1008394, 26146, 3845257, 5046024, 6069297, 249619,
-        2660552, 3898296, 6208551, 120686, 658825, 2511623, 3388904, 7697850,
-        4725190, 1911597, 1110005, 6991997, 6898909, 422827, 810385, 3636264,
-        2369793, 7411890, 7179944, 8224966, 1742730, 5267165, 3485439, 1782966,
-        1940330, 5717479, 3089924, 4091766, 1291531, 1674121, 7423669, 5800791,
-        3715897, 6268886, 628481, 2719462, 7970063, 588595, 642989, 668971,
-        1233813, 1847310, 3188252, 7338242, 2026470, 4853803, 3006831, 5982980,
-        3507385, 7145309, 5871052, 1167900, 4885754, 1457767, 4200810, 4002012,
-        3361544, 7894114, 7738690, 7426488, 7429074, 7298019, 2317284, 5849511,
-        2482952, 1928258, 6223751, 4681091, 4556084, 3159067, 4229025, 5900863,
-        508488, 3548270, 6317016, 7268385, 3699255, 3139318, 478464, 7833430,
-        4643515, 4377548, 2820710, 5152953, 7402753, 5419988, 2584559, 6426707,
-        5981725, 307644, 7022256, 882318, 4190480, 2921041, 7894907, 2513805,
-        4821759, 159644, 7424415, 3696649, 849279, 7569589, 7991564, 4614738,
-        7439691, 4707734, 5155900, 3761722, 4759464, 5288239, 3681574, 2084045,
-        4283038, 2252171, 8189868, 2268168, 1893902, 2393616, 7864299, 7972972,
-        1203290, 5106315, 3153004, 8308709, 5277916, 2680015, 6287425, 5487539,
-        2013603, 6354308, 4938809, 3620799, 6181358, 6673564, 3862763, 3214872,
-        1976439, 2138237, 2443208, 3186567, 5514086, 518931, 2784062, 8246999,
-        4568858, 7328913, 1956312, 5165381, 3679485, 3649776, 707318, 6275329,
-        3376145, 173272, 2399134, 6269985, 4201138, 4609144, 3653638, 8389120
-
-    };
-
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/PolynomialProvablySecure.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/PolynomialProvablySecure.java
deleted file mode 100644
index 100812c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/PolynomialProvablySecure.java
+++ /dev/null

@@ -1,798 +0,0 @@
-package org.bouncycastle.pqc.crypto.qtesla;
-
-final class PolynomialProvablySecure
-{
-
-    /* Provably-Secure qTESLA Security Category-1 */
-
-    public static final long[] ZETA_I_P = {                    /* 1024-Entry */
-
-        152487987, 362708180, 151084668, 393585500, 285507339, 301982154, 215753424, 31155376,
-        233716852, 465705615, 128512487, 219324660, 50229578, 153034376, 215476824, 300536066,
-        335024578, 289187646, 164713195, 268061318, 189759369, 377168836, 116435874, 176113053,
-        431517196, 190900734, 338220498, 464878555, 173361289, 232250039, 454096337, 436656394,
-        195787662, 168565616, 114027909, 101482211, 122304260, 245339257, 270992315, 4286310,
-        284182633, 281862863, 467931137, 7603533, 87296419, 467325730, 121905925, 68965750,
-        7622021, 337743349, 393551614, 47124528, 159423746, 411556895, 272161997, 437233591,
-        145848369, 293644567, 483816172, 151632492, 404105953, 50166550, 146739314, 412145078,
-        15864543, 70750806, 129965017, 341088149, 316683907, 350635104, 130053135, 163148141,
-        121505175, 321911633, 208679484, 294431751, 453314132, 108343178, 347335911, 164705047,
-        162721550, 207020617, 292545544, 470584726, 172724538, 305647837, 149867383, 362637208,
-        452440748, 260522302, 286994319, 24740874, 202044444, 119470626, 478104674, 80911411,
-        414592412, 2221974, 246379318, 129955789, 28799678, 36003616, 152368173, 339611023,
-        223510693, 291221765, 193132933, 463217793, 331552134, 325636488, 203402489, 295759306,
-        248357734, 68229047, 81897305, 240159122, 118053748, 317468757, 422053445, 366729953,
-        437649988, 255661703, 483132783, 73941682, 473070031, 266941830, 273715645, 293305752,
-        97728261, 387416830, 466510576, 359483415, 350097663, 303812937, 61983368, 110765849,
-        174098312, 288799426, 21108638, 467492225, 174686783, 248408233, 45473451, 384747267,
-        405224388, 88952814, 320950556, 7845265, 96262921, 194785009, 345346400, 283984375,
-        141922183, 197095618, 350922677, 11272999, 89297173, 32109806, 274225692, 315879286,
-        447761615, 162801357, 472516440, 273754932, 433704551, 12277378, 129604129, 130765873,
-        341928374, 97220107, 381055612, 81197393, 281134974, 179347952, 39761035, 34072176,
-        156107747, 160521566, 445615052, 382999431, 114761104, 217307868, 361522659, 154828064,
-        108616610, 483961979, 7594235, 235284403, 243224032, 389934638, 100293270, 300649913,
-        252603238, 156952794, 476122165, 413580514, 276718826, 361292064, 361798877, 469444666,
-        478187612, 366087489, 58364362, 377641792, 464279854, 238407425, 414624898, 95101086,
-        321027398, 429694956, 464583265, 437187651, 60881585, 385486792, 312091683, 66834498,
-        233738788, 348037644, 233604363, 107253653, 131016429, 73947604, 169670982, 290195637,
-        119921194, 271135954, 190934119, 290478001, 458387655, 30555018, 243654544, 445824897,
-        428159318, 284210623, 380070942, 43667456, 346591135, 469657107, 229110312, 89859525,
-        279253247, 439931225, 229136222, 321034403, 246424219, 100693825, 214223676, 217294437,
-        256157960, 295265349, 79251464, 286824915, 454734790, 151846826, 92265815, 248302338,
-        324806913, 107169154, 198491413, 107136390, 135693521, 363861623, 129717151, 385117374,
-        341459776, 364530058, 331840615, 338653108, 179941421, 145194323, 232142444, 310117875,
-        245100240, 236651455, 321450096, 408132892, 459643284, 120999848, 331994388, 466033192,
-        444350281, 46244984, 349366459, 47312667, 210852290, 461907423, 473508756, 243941159,
-        334095768, 484392307, 87495054, 79707111, 10325325, 200821060, 83579595, 150963302,
-        117650353, 241599951, 324099496, 449053341, 36312493, 53120594, 297622605, 80558972,
-        378548649, 444726854, 381040843, 435710377, 437798831, 409728224, 337424109, 119488440,
-        361132895, 56096923, 105509808, 62508901, 220866000, 465933834, 134955292, 165152430,
-        461194453, 94958388, 126965781, 461323542, 383847206, 317476902, 163556720, 256017938,
-        72928042, 371345649, 72741296, 1132229, 282268470, 212115745, 379618538, 106905134,
-        239955357, 192105800, 279633365, 261297633, 471571564, 90968104, 459175544, 256276478,
-        349475049, 94611089, 471946846, 339973147, 179509745, 334215655, 348294589, 246487412,
-        338690430, 257410736, 386561992, 130193167, 10375815, 352823358, 66528931, 326800610,
-        5109748, 350056529, 248785466, 71808467, 91140754, 240803382, 46545554, 148468313,
-        217897756, 178220810, 477609665, 208790805, 132277867, 140742422, 254913327, 28667006,
-        128372915, 79301382, 407186666, 89552874, 246186501, 285455129, 391678316, 275180688,
-        128264018, 310322712, 204235493, 392483801, 82342680, 216812163, 464479351, 180360499,
-        444647478, 203271968, 245690827, 184373912, 109600517, 224566820, 28243984, 271488557,
-        21295878, 5023179, 37276402, 156173856, 216282463, 114627758, 400597776, 384792625,
-        105917732, 345779139, 120948814, 379908150, 352765486, 416168777, 56042296, 349589484,
-        144728793, 388255614, 261690821, 484844902, 12918385, 60552278, 302475143, 407425208,
-        184843522, 76793749, 43262192, 318572606, 192724017, 307990251, 164548393, 289980843,
-        119689917, 192248504, 86870040, 113677230, 207612114, 48663937, 453434248, 377339887,
-        132917063, 336896801, 106411814, 268777744, 109251604, 359574042, 467613823, 362251552,
-        400195434, 397227950, 447715984, 156476326, 407995653, 323955098, 143648649, 6572585,
-        61447842, 60823848, 132376333, 156552612, 447237682, 3352830, 437079412, 293474358,
-        288464703, 15328503, 138579659, 221291483, 380584037, 357161755, 205687364, 479414291,
-        173269786, 295661628, 1098184, 377981714, 433970464, 385767379, 200391723, 463310671,
-        470707303, 280545651, 289143978, 1390137, 320221838, 213802405, 52847233, 440579585,
-        361337171, 467447061, 278099177, 130391690, 112618414, 24013500, 144924227, 296806074,
-        251842387, 345992943, 284162718, 360902180, 420467337, 110656360, 350012131, 202820082,
-        130403434, 353559391, 97646151, 331494212, 207981153, 178821640, 6093504, 174655523,
-        25199097, 350851018, 171708038, 460816830, 103136904, 80524000, 275742304, 458552752,
-        472541551, 190172218, 362093141, 38733526, 9645818, 67304688, 67935446, 108377230,
-        311977539, 474309436, 444125532, 103441699, 3468252, 349723698, 97903160, 300076184,
-        267658035, 238838767, 242177661, 26606481, 135193080, 123327558, 344360834, 367595829,
-        356606282, 264791463, 257139528, 162368489, 211890949, 55564884, 438861649, 229441471,
-        237272101, 233185135, 277657399, 407149255, 91300697, 479685681, 430422637, 119519807,
-        421727840, 192635510, 93585631, 135381498, 18652441, 397908973, 188581729, 232327608,
-        69565403, 391762415, 326530182, 441347692, 230134217, 64984929, 478944650, 351581551,
-        190325639, 193670224, 149376075, 211003745, 282313407, 401282565, 142157967, 358980062,
-        420121767, 23490157, 334750456, 333888004, 267502025, 165819942, 232587558, 86202250,
-        302042598, 410443459, 257125477, 225677323, 414705770, 25685059, 301886182, 108044670,
-        22721383, 270234733, 79875762, 146613845, 419895311, 369960062, 103044731, 31676484,
-        286660070, 419993402, 364984450, 18133974, 446533052, 445715499, 406972835, 163019061,
-        450202465, 241240654, 188881609, 340298195, 253414624, 384263117, 228275432, 255596801,
-        10999354, 326104131, 470162945, 345212724, 481147036, 355238387, 445490028, 455415009,
-        260881193, 427862585, 132654052, 18007865, 59818933, 68142229, 461931681, 213097607,
-        330845761, 345671100, 445951421, 379951938, 351197187, 411141392, 7263182, 70699592,
-        365421264, 376472585, 461484665, 162243510, 31855741, 293625046, 335452299, 133496651,
-        449999480, 91675672, 274948339, 231546888, 5898807, 374453904, 415664585, 187816557,
-        366875998, 16795888, 358324214, 67223590, 208260807, 81751761, 331910299, 126163909,
-        197637544, 425142827, 380092754, 432163910, 455820426, 254980283, 256358636, 238549963,
-        394492520, 207988901, 382035000, 58514991, 406817321, 338951326, 85955701, 385883363,
-        199611595, 193846573, 242046917, 445871847, 194675932, 153430125, 126399473, 212399985,
-        131399120, 150281168, 241101682, 424624124, 463829369, 220399539, 250758923, 286498206,
-        389690457, 295269249, 379701698, 289778634, 337591505, 299401947, 408084588, 222627582,
-        436090373, 268654172, 96674628, 63939283, 63956567, 362372935, 443759942, 75655989,
-        451148002, 74813563, 245300859, 92113977, 235932323, 24871709, 445930061, 112311252,
-        382591591, 341672267, 192081751, 227249338, 104393113, 338268986, 206994950, 319724787,
-        213198392, 170478760, 37605185, 158287930, 411833228, 74675173, 290411522, 234950252,
-        147659191, 477676082, 302215477, 236037294, 396241956, 90037635, 71703941, 189694446,
-        127714437, 72581761, 388695298, 324058182, 307942478, 25250803, 430776557, 98441916,
-        244856801, 54851167, 334050668, 381066122, 91898087, 55879503, 447270860, 473167653,
-        219844498, 187193519, 266952433, 391729403, 53226126, 51780224, 371399487, 333787358,
-        56263300, 280390944, 162069765, 126088217, 254997184, 219544659, 290699753, 91930445,
-        262038894, 420981566, 460776098, 376255854, 282871085, 189434060, 447641051, 348987773,
-        393608679, 229566111, 403901447, 471446519, 411894730, 215726740, 484920069, 409829517,
-        306172231, 65880808, 272668213, 300554215, 165356547, 127919123, 432943738, 184462319,
-        474779995, 312870826, 103228518, 118983222, 470656522, 71417412, 480528917, 63072121,
-        276207594, 101611809, 92202812, 400978338, 316767039, 228776701, 96935521, 229917830,
-        205039402, 397476586, 344074695, 398615665, 107334948, 321477097, 84224896, 289704056,
-        337221600, 298175575, 221915312, 193369885, 426129039, 447853316, 54842415, 451086232,
-        182463979, 451831604, 247440983, 302608727, 173057620, 189163830, 406954853, 263838955,
-        390119120, 323062166, 209857219, 233847360, 397630721, 465926004, 10245195, 426687348,
-        106435173, 177694955, 463447907, 18002511, 30155910, 224512318, 357311179, 265219392,
-        299513685, 30291602, 60997329, 10326191, 138035293, 231111502, 414088384, 77026622,
-        174972782, 4116187, 52092276, 228872080, 15308807, 286405235, 414584533, 228392331,
-        399460999, 219125940, 337293712, 187192073, 183965759, 229399789, 51179285, 419512139,
-        28392143, 424986565, 69672656, 202415584, 216120556, 455470549, 76078626, 278191677,
-        228751917, 246802857, 389799018, 342470047, 313959017, 69383448, 340686475, 61470385,
-        26192776, 409901437, 119717553, 174793260, 123425866, 250300643, 429290586, 387248439,
-        183926914, 285901994, 391555377, 468207735, 22116415, 13034202, 399447558, 317569778,
-        269660832, 44359608, 57347786, 225367797, 253610604, 205790505, 20120029, 285335246,
-        351522795, 256987219, 358102627, 167191360, 50532216, 327731504, 369248325, 460123994,
-        266415358, 194297404, 175124754, 431803266, 172719791, 347394909, 478670700, 198769524,
-        172061925, 145181173, 153659180, 261113394, 234615141, 174150073, 188625016, 395363348,
-        356478592, 350375496, 185431871, 422914531, 144616554, 328948119, 417580486, 132620154,
-        208514724, 323125199, 169409944, 209437217, 147304756, 313577692, 467533131, 102365927,
-        353952516, 47854485, 378899191, 136952166, 46435149, 470355414, 328058320, 292689847,
-        24707084, 114822297, 272180086, 182640159, 7628028, 408073454, 377046674, 214221064,
-        472655903, 91461227, 453378209, 459785635, 126296748, 7369666, 52466342, 269961618,
-        231883972, 233439994, 228009066, 436059177, 355741338, 103186287, 391072528, 386169816,
-        317017329, 449528664, 378844336, 330396197, 137599363, 20911303, 288139426, 164788880,
-        266741184, 89618721, 54677577, 457226242, 208474107, 240521207, 158524358, 480614438,
-        226941889, 385643536, 326188597, 389903564, 264886102, 226747931, 258540220, 407142392
-
-    };
-
-    public static final long[] ZETA_INVERSE_I_P = {            /* 1024-Entry */
-
-        227437893, 259230182, 221092011, 96074549, 159789516, 100334577, 259036224, 5363675,
-        327453755, 245456906, 277504006, 28751871, 431300536, 396359392, 219236929, 321189233,
-        197838687, 465066810, 348378750, 155581916, 107133777, 36449449, 168960784, 99808297,
-        94905585, 382791826, 130236775, 49918936, 257969047, 252538119, 254094141, 216016495,
-        433511771, 478608447, 359681365, 26192478, 32599904, 394516886, 13322210, 271757049,
-        108931439, 77904659, 478350085, 303337954, 213798027, 371155816, 461271029, 193288266,
-        157919793, 15622699, 439542964, 349025947, 107078922, 438123628, 132025597, 383612186,
-        18444982, 172400421, 338673357, 276540896, 316568169, 162852914, 277463389, 353357959,
-        68397627, 157029994, 341361559, 63063582, 300546242, 135602617, 129499521, 90614765,
-        297353097, 311828040, 251362972, 224864719, 332318933, 340796940, 313916188, 287208589,
-        7307413, 138583204, 313258322, 54174847, 310853359, 291680709, 219562755, 25854119,
-        116729788, 158246609, 435445897, 318786753, 127875486, 228990894, 134455318, 200642867,
-        465858084, 280187608, 232367509, 260610316, 428630327, 441618505, 216317281, 168408335,
-        86530555, 472943911, 463861698, 17770378, 94422736, 200076119, 302051199, 98729674,
-        56687527, 235677470, 362552247, 311184853, 366260560, 76076676, 459785337, 424507728,
-        145291638, 416594665, 172019096, 143508066, 96179095, 239175256, 257226196, 207786436,
-        409899487, 30507564, 269857557, 283562529, 416305457, 60991548, 457585970, 66465974,
-        434798828, 256578324, 302012354, 298786040, 148684401, 266852173, 86517114, 257585782,
-        71393580, 199572878, 470669306, 257106033, 433885837, 481861926, 311005331, 408951491,
-        71889729, 254866611, 347942820, 475651922, 424980784, 455686511, 186464428, 220758721,
-        128666934, 261465795, 455822203, 467975602, 22530206, 308283158, 379542940, 59290765,
-        475732918, 20052109, 88347392, 252130753, 276120894, 162915947, 95858993, 222139158,
-        79023260, 296814283, 312920493, 183369386, 238537130, 34146509, 303514134, 34891881,
-        431135698, 38124797, 59849074, 292608228, 264062801, 187802538, 148756513, 196274057,
-        401753217, 164501016, 378643165, 87362448, 141903418, 88501527, 280938711, 256060283,
-        389042592, 257201412, 169211074, 84999775, 393775301, 384366304, 209770519, 422905992,
-        5449196, 414560701, 15321591, 366994891, 382749595, 173107287, 11198118, 301515794,
-        53034375, 358058990, 320621566, 185423898, 213309900, 420097305, 179805882, 76148596,
-        1058044, 270251373, 74083383, 14531594, 82076666, 256412002, 92369434, 136990340,
-        38337062, 296544053, 203107028, 109722259, 25202015, 64996547, 223939219, 394047668,
-        195278360, 266433454, 230980929, 359889896, 323908348, 205587169, 429714813, 152190755,
-        114578626, 434197889, 432751987, 94248710, 219025680, 298784594, 266133615, 12810460,
-        38707253, 430098610, 394080026, 104911991, 151927445, 431126946, 241121312, 387536197,
-        55201556, 460727310, 178035635, 161919931, 97282815, 413396352, 358263676, 296283667,
-        414274172, 395940478, 89736157, 249940819, 183762636, 8302031, 338318922, 251027861,
-        195566591, 411302940, 74144885, 327690183, 448372928, 315499353, 272779721, 166253326,
-        278983163, 147709127, 381585000, 258728775, 293896362, 144305846, 103386522, 373666861,
-        40048052, 461106404, 250045790, 393864136, 240677254, 411164550, 34830111, 410322124,
-        42218171, 123605178, 422021546, 422038830, 389303485, 217323941, 49887740, 263350531,
-        77893525, 186576166, 148386608, 196199479, 106276415, 190708864, 96287656, 199479907,
-        235219190, 265578574, 22148744, 61353989, 244876431, 335696945, 354578993, 273578128,
-        359578640, 332547988, 291302181, 40106266, 243931196, 292131540, 286366518, 100094750,
-        400022412, 147026787, 79160792, 427463122, 103943113, 277989212, 91485593, 247428150,
-        229619477, 230997830, 30157687, 53814203, 105885359, 60835286, 288340569, 359814204,
-        154067814, 404226352, 277717306, 418754523, 127653899, 469182225, 119102115, 298161556,
-        70313528, 111524209, 480079306, 254431225, 211029774, 394302441, 35978633, 352481462,
-        150525814, 192353067, 454122372, 323734603, 24493448, 109505528, 120556849, 415278521,
-        478714931, 74836721, 134780926, 106026175, 40026692, 140307013, 155132352, 272880506,
-        24046432, 417835884, 426159180, 467970248, 353324061, 58115528, 225096920, 30563104,
-        40488085, 130739726, 4831077, 140765389, 15815168, 159873982, 474978759, 230381312,
-        257702681, 101714996, 232563489, 145679918, 297096504, 244737459, 35775648, 322959052,
-        79005278, 40262614, 39445061, 467844139, 120993663, 65984711, 199318043, 454301629,
-        382933382, 116018051, 66082802, 339364268, 406102351, 215743380, 463256730, 377933443,
-        184091931, 460293054, 71272343, 260300790, 228852636, 75534654, 183935515, 399775863,
-        253390555, 320158171, 218476088, 152090109, 151227657, 462487956, 65856346, 126998051,
-        343820146, 84695548, 203664706, 274974368, 336602038, 292307889, 295652474, 134396562,
-        7033463, 420993184, 255843896, 44630421, 159447931, 94215698, 416412710, 253650505,
-        297396384, 88069140, 467325672, 350596615, 392392482, 293342603, 64250273, 366458306,
-        55555476, 6292432, 394677416, 78828858, 208320714, 252792978, 248706012, 256536642,
-        47116464, 430413229, 274087164, 323609624, 228838585, 221186650, 129371831, 118382284,
-        141617279, 362650555, 350785033, 459371632, 243800452, 247139346, 218320078, 185901929,
-        388074953, 136254415, 482509861, 382536414, 41852581, 11668677, 174000574, 377600883,
-        418042667, 418673425, 476332295, 447244587, 123884972, 295805895, 13436562, 27425361,
-        210235809, 405454113, 382841209, 25161283, 314270075, 135127095, 460779016, 311322590,
-        479884609, 307156473, 277996960, 154483901, 388331962, 132418722, 355574679, 283158031,
-        135965982, 375321753, 65510776, 125075933, 201815395, 139985170, 234135726, 189172039,
-        341053886, 461964613, 373359699, 355586423, 207878936, 18531052, 124640942, 45398528,
-        433130880, 272175708, 165756275, 484587976, 196834135, 205432462, 15270810, 22667442,
-        285586390, 100210734, 52007649, 107996399, 484879929, 190316485, 312708327, 6563822,
-        280290749, 128816358, 105394076, 264686630, 347398454, 470649610, 197513410, 192503755,
-        48898701, 482625283, 38740431, 329425501, 353601780, 425154265, 424530271, 479405528,
-        342329464, 162023015, 77982460, 329501787, 38262129, 88750163, 85782679, 123726561,
-        18364290, 126404071, 376726509, 217200369, 379566299, 149081312, 353061050, 108638226,
-        32543865, 437314176, 278365999, 372300883, 399108073, 293729609, 366288196, 195997270,
-        321429720, 177987862, 293254096, 167405507, 442715921, 409184364, 301134591, 78552905,
-        183502970, 425425835, 473059728, 1133211, 224287292, 97722499, 341249320, 136388629,
-        429935817, 69809336, 133212627, 106069963, 365029299, 140198974, 380060381, 101185488,
-        85380337, 371350355, 269695650, 329804257, 448701711, 480954934, 464682235, 214489556,
-        457734129, 261411293, 376377596, 301604201, 240287286, 282706145, 41330635, 305617614,
-        21498762, 269165950, 403635433, 93494312, 281742620, 175655401, 357714095, 210797425,
-        94299797, 200522984, 239791612, 396425239, 78791447, 406676731, 357605198, 457311107,
-        231064786, 345235691, 353700246, 277187308, 8368448, 307757303, 268080357, 337509800,
-        439432559, 245174731, 394837359, 414169646, 237192647, 135921584, 480868365, 159177503,
-        419449182, 133154755, 475602298, 355784946, 99416121, 228567377, 147287683, 239490701,
-        137683524, 151762458, 306468368, 146004966, 14031267, 391367024, 136503064, 229701635,
-        26802569, 395010009, 14406549, 224680480, 206344748, 293872313, 246022756, 379072979,
-        106359575, 273862368, 203709643, 484845884, 413236817, 114632464, 413050071, 229960175,
-        322421393, 168501211, 102130907, 24654571, 359012332, 391019725, 24783660, 320825683,
-        351022821, 20044279, 265112113, 423469212, 380468305, 429881190, 124845218, 366489673,
-        148554004, 76249889, 48179282, 50267736, 104937270, 41251259, 107429464, 405419141,
-        188355508, 432857519, 449665620, 36924772, 161878617, 244378162, 368327760, 335014811,
-        402398518, 285157053, 475652788, 406271002, 398483059, 1585806, 151882345, 242036954,
-        12469357, 24070690, 275125823, 438665446, 136611654, 439733129, 41627832, 19944921,
-        153983725, 364978265, 26334829, 77845221, 164528017, 249326658, 240877873, 175860238,
-        253835669, 340783790, 306036692, 147325005, 154137498, 121448055, 144518337, 100860739,
-        356260962, 122116490, 350284592, 378841723, 287486700, 378808959, 161171200, 237675775,
-        393712298, 334131287, 31243323, 199153198, 406726649, 190712764, 229820153, 268683676,
-        271754437, 385284288, 239553894, 164943710, 256841891, 46046888, 206724866, 396118588,
-        256867801, 16321006, 139386978, 442310657, 105907171, 201767490, 57818795, 40153216,
-        242323569, 455423095, 27590458, 195500112, 295043994, 214842159, 366056919, 195782476,
-        316307131, 412030509, 354961684, 378724460, 252373750, 137940469, 252239325, 419143615,
-        173886430, 100491321, 425096528, 48790462, 21394848, 56283157, 164950715, 390877027,
-        71353215, 247570688, 21698259, 108336321, 427613751, 119890624, 7790501, 16533447,
-        124179236, 124686049, 209259287, 72397599, 9855948, 329025319, 233374875, 185328200,
-        385684843, 96043475, 242754081, 250693710, 478383878, 2016134, 377361503, 331150049,
-        124455454, 268670245, 371217009, 102978682, 40363061, 325456547, 329870366, 451905937,
-        446217078, 306630161, 204843139, 404780720, 104922501, 388758006, 144049739, 355212240,
-        356373984, 473700735, 52273562, 212223181, 13461673, 323176756, 38216498, 170098827,
-        211752421, 453868307, 396680940, 474705114, 135055436, 288882495, 344055930, 201993738,
-        140631713, 291193104, 389715192, 478132848, 165027557, 397025299, 80753725, 101230846,
-        440504662, 237569880, 311291330, 18485888, 464869475, 197178687, 311879801, 375212264,
-        423994745, 182165176, 135880450, 126494698, 19467537, 98561283, 388249852, 192672361,
-        212262468, 219036283, 12908082, 412036431, 2845330, 230316410, 48328125, 119248160,
-        63924668, 168509356, 367924365, 245818991, 404080808, 417749066, 237620379, 190218807,
-        282575624, 160341625, 154425979, 22760320, 292845180, 194756348, 262467420, 146367090,
-        333609940, 449974497, 457178435, 356022324, 239598795, 483756139, 71385701, 405066702,
-        7873439, 366507487, 283933669, 461237239, 198983794, 225455811, 33537365, 123340905,
-        336110730, 180330276, 313253575, 15393387, 193432569, 278957496, 323256563, 321273066,
-        138642202, 377634935, 32663981, 191546362, 277298629, 164066480, 364472938, 322829972,
-        355924978, 135343009, 169294206, 144889964, 356013096, 415227307, 470113570, 73833035,
-        339238799, 435811563, 81872160, 334345621, 2161941, 192333546, 340129744, 48744522,
-        213816116, 74421218, 326554367, 438853585, 92426499, 148234764, 478356092, 417012363,
-        364072188, 18652383, 398681694, 478374580, 18046976, 204115250, 201795480, 481691803,
-        214985798, 240638856, 363673853, 384495902, 371950204, 317412497, 290190451, 49321719,
-        31881776, 253728074, 312616824, 21099558, 147757615, 295077379, 54460917, 309865060,
-        369542239, 108809277, 296218744, 217916795, 321264918, 196790467, 150953535, 185442047,
-        270501289, 332943737, 435748535, 266653453, 357465626, 20272498, 252261261, 454822737,
-        270224689, 183995959, 200470774, 92392613, 334893445, 123269933, 333490126, 78835721
-
-    };
-
-    /* Provably-Secure qTESLA Security Category-3 */
-
-    public static final long[] ZETA_III_P = {                /* 2048-Entry */
-
-        663045521, 592864312, 129934065, 177469925, 343322489, 76003277, 514174562, 190066344,
-        383213768, 787962888, 658937726, 1080673671, 1119184179, 711485619, 895353292, 741830559,
-        449748398, 882352834, 210564246, 513517678, 792274530, 1106148000, 447255681, 838374925,
-        817124617, 494866507, 801735296, 793510817, 270693858, 301435475, 260117255, 10836133,
-        1090140236, 870237322, 519619509, 74028645, 223438873, 115296996, 731671863, 711767285,
-        756344742, 432270821, 921367017, 743782190, 756600516, 403820997, 571909291, 809934428,
-        12306094, 1080752961, 1103853276, 848006190, 651623616, 1066528111, 991262313, 90376233,
-        1031639319, 16581402, 195692585, 764838834, 443651394, 397689573, 855192181, 464522040,
-        992536780, 1065244154, 280383996, 468397118, 363648899, 30284833, 136693103, 866826704,
-        684264872, 369300261, 147123393, 425272346, 947975751, 200848998, 207227922, 949139594,
-        347812886, 312530409, 270384680, 1035127685, 844540200, 354908220, 399963784, 771423554,
-        168982346, 111911899, 891254450, 606094727, 997954525, 531583148, 617069803, 183958096,
-        133356782, 708062096, 808380329, 644973028, 1122831312, 519547216, 764125907, 320659143,
-        557529771, 1016802360, 1043273438, 1045802164, 1034628659, 450715977, 741225144, 605149405,
-        1012579499, 651882116, 904529967, 300080999, 629210435, 173034527, 989077200, 1078174711,
-        110168090, 256388598, 610617659, 881033840, 608872901, 50037154, 640116890, 769511414,
-        738741272, 92678917, 442704510, 821794500, 142894162, 370261366, 899737750, 578322223,
-        983445865, 278101088, 320548969, 960437988, 847057645, 535264585, 1031091774, 384531787,
-        839679409, 791760948, 937608754, 64047905, 315242491, 690211684, 304945377, 127139900,
-        55322681, 615105519, 1057531084, 720717234, 1061452791, 1095429367, 975341664, 483335114,
-        346985754, 486624908, 954236263, 606609353, 374493515, 1026296717, 325660087, 901013385,
-        53959974, 212660347, 959289131, 1056916487, 1125908681, 840084518, 527647955, 143827226,
-        1054554933, 861883427, 114992875, 332264810, 1071780030, 502142509, 205074888, 328230624,
-        728399298, 6590787, 412294778, 821072942, 186833297, 86543585, 380686974, 684478338,
-        685483832, 170880254, 1049509911, 299404976, 355091877, 952129776, 345588044, 357652764,
-        1076734604, 924340986, 262332782, 562093746, 674846863, 869200402, 167429450, 230595565,
-        379519977, 64054402, 667864494, 252591944, 174034622, 45520823, 784274107, 752467928,
-        436711302, 1004905853, 329220738, 721523796, 169192713, 551217408, 907929323, 194805106,
-        62131815, 68055725, 545662009, 726339771, 10612113, 878659984, 675814719, 365783377,
-        951164276, 866711073, 684096262, 413270603, 702997992, 778608769, 127639044, 47216120,
-        744109445, 430463358, 1117777586, 424051168, 656374939, 1103725866, 14621181, 919164722,
-        915751418, 976196867, 260519617, 802701264, 977088018, 632721351, 20944803, 435584923,
-        672284530, 530447301, 1080372403, 969633414, 858453527, 467086140, 377506201, 201043187,
-        624606245, 356437339, 392100995, 997346375, 344147086, 1086111956, 718030456, 110621087,
-        452912731, 336746546, 621211472, 795046, 794852591, 919732385, 714562897, 692647493,
-        521856561, 892141810, 929164476, 178245765, 949027329, 511109867, 501815810, 855826969,
-        240246307, 1090455392, 871247558, 612287417, 200668298, 658636844, 62944986, 482777398,
-        714192478, 867140496, 199314763, 780516102, 571032048, 817693014, 607138429, 912533516,
-        774019587, 835671643, 168024255, 449898784, 964159534, 486792883, 1119449268, 6657041,
-        86939725, 764245347, 273343215, 777897095, 930426166, 788914763, 469974947, 178163195,
-        519599146, 886003889, 859825363, 1024222142, 888997684, 402918616, 146815556, 742952999,
-        908078470, 687435577, 647696655, 693593765, 766931890, 944985585, 394729082, 816013317,
-        392951623, 65907852, 96202750, 645391372, 795224730, 402710723, 863608137, 818970673,
-        545310222, 970699745, 913314065, 344644471, 195858177, 414360679, 357670948, 683445481,
-        833938949, 1027656845, 191164920, 78809923, 1041045426, 73270196, 101525688, 185383095,
-        583325181, 265134328, 467801210, 1096264575, 367433146, 474798672, 41386419, 8344607,
-        170218721, 635545135, 668716283, 348890991, 155290659, 123249926, 769501318, 244415064,
-        1050203259, 859568787, 237251392, 995643980, 522636185, 829867059, 324850649, 618298124,
-        650748178, 467147593, 524674833, 341426504, 402629779, 519829789, 805279247, 494226863,
-        508315225, 319600904, 48615828, 165396124, 328305874, 183239019, 878118280, 161754975,
-        715041085, 746274821, 961841131, 357826469, 97008202, 885304034, 352059292, 197879468,
-        25678065, 1028070136, 447949253, 962673193, 813464159, 17237594, 674670906, 959137288,
-        10286769, 182827874, 439769615, 875041932, 304463252, 374894049, 749497333, 38938778,
-        95615605, 323023572, 918611876, 207681758, 859164726, 97118122, 769881035, 360249017,
-        507250246, 223795463, 24153203, 927058118, 178686381, 765072252, 491103160, 30816153,
-        100214484, 554568910, 715304135, 93510037, 1021905527, 1045723816, 900771572, 1011589617,
-        558930760, 228903927, 41675196, 857737037, 1092385029, 1067405169, 526576034, 25638952,
-        1017160549, 1052660585, 364103167, 228705333, 566586884, 1126549926, 148651837, 217709216,
-        614537001, 773273483, 1097591846, 480172084, 365704498, 262321659, 937989155, 1036392392,
-        811974084, 132591218, 799370207, 255702709, 215218285, 632314426, 58376649, 483086198,
-        401012915, 839724879, 70449719, 502867571, 757507513, 1073691794, 215293647, 725537396,
-        398067214, 584143318, 392011063, 554158763, 730533625, 632408477, 259767996, 1124249847,
-        432958856, 1026767843, 237644370, 29926518, 131813155, 898001983, 581765490, 215126607,
-        937229093, 1030360940, 452462053, 645808548, 645402879, 379809569, 577012489, 1082786079,
-        572510912, 475330285, 152788398, 690858296, 876393456, 1002942486, 67723832, 132689262,
-        1030380537, 529311082, 41121650, 626066149, 866026053, 240011600, 574505003, 565608154,
-        414049009, 123706126, 80739723, 326160835, 476194893, 1126100881, 646887456, 987296393,
-        1119394953, 994979769, 133560363, 725327130, 850262599, 132796686, 1114247361, 1040894619,
-        562914322, 641645573, 817070125, 57537779, 59054681, 878878988, 307674440, 1001013577,
-        594860688, 879718195, 318482613, 698792051, 756144110, 204900318, 1031928100, 926221256,
-        695955308, 662601363, 408725276, 424272249, 110402404, 535365123, 226700293, 372920839,
-        1118626221, 1070521569, 639548808, 621533107, 260391977, 316354318, 362523650, 733090366,
-        456807669, 113808372, 399369653, 647539514, 165899708, 312376469, 213806296, 208149196,
-        937880087, 289692684, 580756218, 963782721, 1086045881, 705999228, 1115084349, 508210869,
-        893248141, 1109740411, 338975294, 752813515, 622466015, 372202503, 55041759, 338412385,
-        29530795, 689413481, 974303137, 605274799, 812143197, 121492617, 758223932, 200993249,
-        575018581, 1039577172, 1090395670, 612284976, 414561447, 886969, 685649488, 667914411,
-        183143190, 272811635, 104938162, 64626548, 404300448, 333824065, 399917080, 105374124,
-        329534966, 930231830, 187994078, 772453163, 81595362, 135380677, 536704334, 787124497,
-        554875178, 60344266, 790999625, 581578940, 72453408, 872892444, 204321645, 885844343,
-        942736233, 12824064, 23018086, 996569940, 818486394, 1484060, 349940348, 981882207,
-        855621323, 1034617940, 565456643, 745822751, 68273335, 578729865, 170455086, 173683666,
-        375983003, 128070235, 982298151, 650454518, 218561113, 1063878953, 541912322, 695738038,
-        232263685, 671557037, 584280432, 126161631, 394804150, 149748923, 670383088, 150214459,
-        409907258, 730673023, 452696559, 556617060, 271416278, 398913344, 793695740, 603610724,
-        620753264, 760650912, 867673149, 32169440, 106515963, 802984660, 859117007, 854436840,
-        736728629, 789197380, 1065424969, 689713946, 980964818, 605711034, 1105012640, 552261321,
-        980118632, 868407647, 247404352, 182421983, 1076188005, 324001412, 258504546, 973008126,
-        458306267, 216381363, 1099063604, 172774993, 897006405, 662034826, 827348922, 213283635,
-        712936407, 586286121, 133326382, 771279651, 77080161, 692598228, 272139235, 156805228,
-        184634865, 216660729, 331306952, 180435518, 1098019508, 642364354, 759605128, 444205747,
-        818119290, 697748488, 779633860, 1123069299, 628905992, 1093632915, 363341708, 896455329,
-        653929021, 348858884, 483831705, 248783457, 50018777, 527261991, 1108955766, 683741144,
-        838366046, 1040212608, 956504693, 441862460, 181267978, 415765896, 551409278, 866054366,
-        855141207, 141967451, 462022373, 903388714, 5583486, 624006881, 1027131584, 127103419,
-        227496735, 876597209, 1075725589, 13097576, 275925041, 46896293, 1047922947, 480370214,
-        979242782, 304620097, 88645237, 157252101, 1080960020, 1019514352, 910182857, 344499049,
-        841029348, 586201316, 561562804, 877577189, 774682172, 420802584, 243335866, 818233882,
-        1102088786, 910997938, 394459347, 114606856, 959148981, 304978043, 15246639, 410347623,
-        819777499, 304889937, 196333903, 294201539, 742724283, 136229739, 1095082129, 710673795,
-        303958022, 730529672, 330937766, 290549001, 975944911, 1012630530, 940739802, 428357654,
-        876150675, 270868991, 605451019, 692162505, 164423625, 414486664, 567335281, 60501334,
-        301815246, 988181982, 749960008, 971794624, 1044979874, 846257184, 944403720, 1028849636,
-        20676966, 402436874, 1038249855, 636703483, 52612884, 457266419, 404964279, 764097082,
-        73543501, 850137726, 543909567, 478253061, 341753973, 145701153, 816141937, 150699764,
-        1012159718, 996158125, 874816245, 140152812, 1046568846, 731360631, 165696325, 923351799,
-        373705673, 295885033, 571437494, 323580072, 535312031, 261690954, 128330254, 678037418,
-        730169337, 800223155, 493938662, 1035925088, 1086213401, 1029948847, 703929623, 1067237691,
-        203498545, 260171642, 489884813, 595714326, 717921496, 379455421, 739695761, 991791615,
-        1101866478, 768413486, 248059075, 641256446, 252045193, 383431807, 1098526663, 655518597,
-        868514850, 975851412, 607928997, 1015436331, 219860723, 248644475, 1100013490, 1059262194,
-        616750819, 706912112, 186194896, 371412253, 932777950, 605371544, 32806481, 41915372,
-        942949174, 657520226, 337575994, 767026353, 795340494, 602216057, 1051603235, 38167611,
-        383256063, 961974657, 643676937, 850900578, 1033468109, 791020067, 602254362, 742154500,
-        5280825, 557072845, 260014823, 274231000, 957875719, 620840911, 468091423, 844999033,
-        1097180885, 635575570, 741694428, 564249983, 1015743243, 179096376, 326642449, 737067396,
-        404230544, 164870855, 233971733, 25568965, 480191729, 304346683, 43284571, 600295394,
-        805273167, 1081440213, 132076275, 660273218, 115344223, 436181422, 581442439, 521590088,
-        278258022, 1016124223, 326820478, 833856285, 578613123, 981790341, 912622887, 677878660,
-        983305736, 582146018, 50261960, 421861087, 688852042, 1053015424, 638857404, 13988561,
-        613374169, 246804474, 354822706, 755945338, 48594230, 1112837032, 490266853, 331336539,
-        573470525, 482415512, 1066189384, 480749813, 340470541, 1087888528, 866254054, 328905420,
-        282987588, 772186429, 280721545, 827109021, 1065603359, 319039186, 632282960, 368180744,
-        103743324, 1039700039, 944775691, 35416271, 876336840, 387995308, 744351857, 1024873450,
-        846245765, 488549456, 793960147, 360822038, 1047746824, 70006457, 1081240530, 845224049,
-        158270603, 1040065115, 109153922, 842769347, 357450022, 745529551, 127101430, 1013053569,
-        653900906, 1066692138, 1026185333, 40127076, 888550251, 1074046165, 859190733, 172044729,
-        232991700, 856026028, 181368869, 11312168, 965826001, 718641942, 140897415, 300107020,
-        760832029, 454871649, 538869148, 209839945, 603404196, 1070516093, 362685617, 594598150,
-        706680144, 248566695, 624350428, 687354425, 108825926, 996763990, 768570600, 192652503,
-        1030980703, 285993613, 678456384, 666912839, 636939881, 724986064, 567331335, 1109690969,
-        786490830, 1041275289, 13569330, 310803565, 1018122073, 236560398, 625689685, 227532759,
-        773302523, 275485190, 151580837, 1097590370, 43338286, 709601963, 530263051, 696952520,
-        591327015, 779208675, 900380693, 779322099, 365008051, 816626432, 9177437, 715814813,
-        951132001, 978726879, 539618044, 330049876, 794850808, 75659606, 535871088, 1117571277,
-        1035668574, 737539534, 638053030, 1067376479, 817653745, 608323193, 952285144, 489088626,
-        643974231, 1100308604, 80188084, 1009055308, 528621558, 845717932, 574893980, 185963698,
-        304405106, 254075674, 885653667, 125272317, 310803515, 431578311, 49069840, 734649900,
-        64565269, 68004786, 877673289, 927546004, 379372125, 179774076, 313581255, 48547291,
-        669540902, 805507558, 458763285, 808407028, 467495228, 200042934, 286655832, 204624339,
-        1076184783, 580415818, 422842319, 130214533, 1019327141, 196299734, 544501682, 1039357725,
-        139924087, 1079672537, 517801387, 1103773407, 832398676, 971715180, 249998343, 17982966,
-        226812113, 1056456541, 429118671, 1115368643, 731996995, 114969826, 90081103, 503306049,
-        601600644, 221645888, 419902454, 366845662, 668188540, 595203705, 289744999, 311876332,
-        708499030, 814702169, 1038171811, 305413430, 1025269191, 401153805, 524933941, 244137773,
-        690611117, 1006016675, 368084114, 695256047, 400388115, 315582560, 240063473, 316625045,
-        193016450, 444532677, 490320790, 1007751505, 809310640, 335632874, 932973140, 879894932,
-        664689650, 582802605, 524248338, 381467584, 15568620, 102853205, 344510143, 244997234,
-        228087680, 804700227, 33671368, 202173391, 810352194, 941527027, 107007723, 250295846,
-        439491161, 385750316, 881611329, 305721499, 489662560, 253590441, 574217985, 187749275,
-        767834897, 577560416, 666585061, 536277466, 31104595, 459368906, 738728273, 395846485,
-        915511988, 152055976, 123475832, 434555954, 708682317, 873350950, 733405860, 594180445,
-        508539260, 411702537, 525230789, 245498406, 807139759, 421829267, 576175978, 671688378,
-        586113326, 717964200, 549178465, 340455344, 177498005, 185915353, 758077402, 35174925,
-        62477885, 432126554, 865525725, 94991243, 953163796, 64489669, 63466463, 1027121609,
-        603180773, 102927367, 328204523, 849484682, 1106252192, 166218129, 336284946, 115841434,
-        394987097, 1071354740, 1124188058, 756569276, 1109657140, 693362574, 582653179, 356054504,
-        10684879, 43556307, 683161419, 43248060, 311516690, 801263962, 259313122, 1076460000,
-        627348913, 723691023, 1029014449, 1100617454, 910402911, 804049172, 439314326, 277694586,
-        89508968, 45373766, 191679221, 573131182, 602365665, 620254956, 594424107, 763083130,
-        984103431, 746523686, 419387264, 1030279302, 774892955, 242854266, 102748733, 633218020,
-        205014651, 835462852, 458575555, 34062189, 765679808, 999547926, 509921953, 785947219,
-        966902522, 639941920, 244960006, 581685840, 1052422889, 674992133, 61665140, 451012255,
-        122965849, 190085617, 748838858, 349331162, 529980624, 16193587, 34516478, 42504381,
-        160246364, 173535194, 187379517, 111011381, 365394663, 102220644, 699473271, 366177836,
-        81692890, 659930501, 36322222, 896361190, 473670263, 1039987458, 412734344, 864218684,
-        138309539, 146538307, 1101721292, 898028054, 727055521, 601140835, 577133426, 451632863,
-        725601236, 388561051, 696130927, 299179408, 194132814, 104549843, 919472671, 900644523,
-        848766532, 557407329, 506005527, 529295823, 637231568, 840578154, 40752048, 1043021730,
-        940132528, 1635875, 390473136, 36409813, 938731454, 1005273567, 169556667, 456362115,
-        968015234, 385125443, 1033592386, 622268544, 824710397, 811874465, 1126356395, 1030647864,
-        1027801728, 1032615842, 990780079, 340414618, 431920306, 797512392, 36624143, 1039964580,
-        78368304, 725419125, 1031876274, 545277986, 400681087, 824700406, 916868477, 979226643,
-        327065594, 666022464, 692190875, 241031536, 486380927, 271722557, 903843361, 141586809,
-        747887461, 634534510, 613428929, 35052951, 519999706, 907994356, 122720932, 47771789,
-        111045658, 101409844, 478385667, 160271513, 709331396, 407803014, 233222181, 446853856,
-        325464420, 902760210, 272094082, 341360162, 749117421, 560701701, 963877946, 787641615,
-        205947725, 590645393, 232274153, 623635766, 912309623, 1120569701, 620395638, 104547179,
-        326785462, 462547537, 940416330, 25839620, 19867751, 37744827, 852776583, 515439522,
-        254321646, 368159144, 977334258, 457474804, 545693728, 590432747, 485742318, 929078943,
-        737942351, 275516935, 808617222, 720700675, 172457394, 549776288, 773237950, 425343903,
-        106571968, 735846275, 60428193, 122914286, 749764808, 987165321, 38777778, 78068884,
-        255797430, 533180457, 948660956, 48180746, 1126178511, 529625145, 556629751, 638195644,
-        832146389, 336969603, 525037491, 33022927, 179961503, 1111138669, 8606225, 744603862,
-        831709431, 936738778, 976276214, 628380488, 186998645, 1058798754, 681993880, 653924606,
-        946881757, 648359538, 739466740, 91286181, 294298084, 874448181, 197552840, 1095208028,
-        1044083721, 391228026, 525623627, 1098872860, 195023028, 787479821, 623295468, 953049875,
-        598245883, 53206653, 107774100, 1118437046, 444804586, 736921099, 245341091, 386750976,
-        133313309, 679691423, 1106023536, 311728621, 298633293, 401684808, 243635798, 110079800,
-        995741344, 323549381, 934619946, 561564543, 318482785, 437414717, 954436048, 120567824,
-        939556676, 96791826, 457592630, 938550164, 338458435, 235369986, 520146590, 367137669,
-        215447981, 816673608, 388257556, 367337840, 505745620, 16797457, 625598745, 670629880,
-        254936589, 910270385, 42251434, 163010455, 35446687, 313308255, 882198755, 1020005685,
-        629715947, 45305629, 160442570, 751826615, 839359276, 665790727, 1126866480, 206409968,
-        243347643, 601811321, 987009162, 748255207, 204576339, 60528047, 215906665, 956509919,
-        298034351, 23754044, 490568798, 458549410, 38365707, 66017494, 289322020, 23546127,
-        1110422453, 430589196, 451259509, 452129088, 246026906, 479959331, 657705765, 154141097,
-        545145366, 756619911, 1056054068, 305614614, 982437349, 733683110, 356219317, 138617825,
-        1077109241, 367006768, 107952142, 792745355, 1101149620, 190430549, 642564451, 1027811321,
-        529836063, 856677079, 136144741, 193585315, 759745460, 929992250, 670307004, 1127656802,
-        1006741766, 845736365, 936834519, 1017230852, 281391123, 580173947, 30327752, 1121201269,
-        1055919747, 182909919, 160816233, 602222114, 380162230, 868238592, 238843489, 626593576,
-        827265325, 474165116, 237320246, 663594943, 436318864, 1049025048, 70720879, 971089740,
-        88817691, 635640003, 121885571, 243941023, 2431313, 941718254, 799204753, 612476838,
-        941429841, 218425031, 62583588, 843195067, 826107237, 360474616, 699278259, 879607149,
-        103065937, 68048433, 88684453, 368247280, 352557675, 958077844, 188716852, 142753212,
-        187289952, 1075600752, 538047877, 79021856, 72991411, 855788038, 872392901, 230685283,
-        684292160, 1006193052, 389933214, 858196548, 879451470, 275454910, 233947442, 798039506,
-        522351014, 1028810225, 973496946, 459028464, 716757179, 299354781, 303032004, 378782749,
-        726394798, 822245773, 1112315820, 572181708, 792445736, 354854796, 391571531, 1120313604,
-        948219264, 683224878, 109721560, 210780537, 877361416, 837335205, 829228039, 710692263,
-        336548681, 1113948080, 500533488, 561629043, 1004877220, 538880595, 121199664, 933983782,
-        1012189335, 466644222, 948695748, 1030237630, 409196123, 831874921, 209931563, 472212875,
-        667493959, 374083498, 121993645, 135468879, 743372774, 445381601, 1056162737, 535313411,
-        731504361, 106330271, 449811720, 1025526021, 538706550, 384586636, 672759140, 214035474,
-        1061388936, 1083928033, 581161697, 343521559, 467089784, 918062822, 197840310, 276992034,
-        267922106, 626045501, 689381922, 1031751565, 453082931, 703374420, 543907459, 1101013667,
-        158907990, 531648771, 96624556, 1107736421, 653786417, 1020275778, 1100295652, 1080331394,
-        934499233, 1103133235, 665774139, 760309263, 583529543, 927074230, 109488746, 759686422,
-        658349346, 1121943871, 528665116, 800822916, 210288486, 526666123, 265162098, 797138998,
-        225170105, 773601444, 1074231036, 358050025, 792486275, 559918288, 931510368, 283561253,
-        929909084, 643871325, 165045098, 236482168, 27010690, 947252425, 762156229, 403915775,
-        226420583, 111771291, 457403715, 390913388, 417791477, 1051596236, 218412938, 231310973,
-        913814997, 1010678562, 1061436357, 402561769, 46161499, 194906871, 1106996555, 1044025883,
-        84769121, 958130074, 458164325, 75716319, 742943036, 662710618, 1015724782, 541305935,
-        887985887, 374173602, 667853276, 1118405527, 888897413, 806335907, 483810195, 94681964,
-        932049061, 419630532, 863884216, 258267823, 871542447, 748276380, 1089602035, 956286084,
-        452661681, 297101315, 292838603, 602202013, 59322052, 868600049, 695946675, 1119453722,
-        369279180, 571163895, 1076824823, 613633165, 1105924843, 970753160, 38059756, 230436803,
-        993075206, 825136859, 772252886, 665426090, 252341082, 81169114, 15411109, 1109435384,
-        169742336, 879343295, 637603710, 1050610062, 543393828, 360888011, 622980636, 538625088,
-        384365656, 954674344, 672395534, 822045489, 271453575, 379517678, 745140555, 64423305,
-        132805764, 730783710, 818513567, 1062263522, 633828399, 609441394, 952235218, 443525262,
-        408766329, 154648340, 321016488, 39971097, 975003097, 115001826, 929799112, 1079586908,
-        630403891, 883673758, 1017692831, 982184607, 1052333730, 732655912, 673402471, 144580658,
-        776541469, 599807837, 897876410, 750409126, 408883399, 800706291, 525848844, 1043397101,
-        546417436, 927622216, 923472422, 126273770, 976796416, 301390002, 640312848, 64953087,
-        850801014, 80099312, 344764299, 166353727, 304339056, 563820482, 620610256, 95176064,
-        436429135, 450761768, 1080607344, 554114394, 1051016002, 1094965858, 1044316801, 90082309,
-        802170370, 785939405, 96092255, 481999812, 399399466, 798786453, 1069910963, 1075397160,
-        645632403, 721614722, 81169724, 16732546, 256145620, 1032181185, 858152279, 261506136,
-        939613769, 1109259166, 1072545109, 893701664, 1076290454, 94376212, 1129486743, 496007349,
-        461211004, 215869774, 903345586, 185658758, 769007243, 973105742, 843449005, 531620573,
-        115498344, 118893063, 1080559132, 289993254, 729094212, 100228973, 970141524, 88018590,
-        401752692, 490667846, 120206196, 1053373040, 927137503, 109156130, 1099960359, 852051778,
-        542020710, 890761046, 935484975, 503476669, 247175418, 137646228, 122463313, 1098625172,
-        313612773, 1045687932, 942418016, 223296002, 613265129, 618070459, 210263615, 258537008,
-        687201993, 1069972265, 1092070505, 209044958, 705866604, 959480062, 37107231, 530334549,
-        940857114, 888162459, 550603427, 833686010, 914377969, 777858517, 823074720, 257780639,
-        682005406, 79684712, 1108405948, 546085914, 695245394, 296369184, 90008780, 876596576,
-        1060844810, 971909901, 180162302, 155422312, 913147941, 572392352, 172449506, 707256652,
-        379461286, 396142844, 341990080, 626969834, 156354367, 614031487, 682424885, 1092771510,
-        881893810, 1087158911, 85380176, 1044830162, 986021749, 619772632, 829678380, 1095084953,
-        726141659, 941134286, 949047185, 1013348374, 17076281, 979953556, 730262704, 692286875,
-        723405610, 879517616, 639675138, 319980056, 711102461, 564387868, 1089317723, 659400607,
-        372246588, 1035423048, 766956675, 186444638, 504211183, 871579167, 64189114, 905789437
-
-    };
-
-    public static final long[] ZETA_INVERSE_III_P = {        /* 2048-Entry */
-
-        1065536839, 258146786, 625514770, 943281315, 362769278, 94302905, 757479365, 470325346,
-        40408230, 565338085, 418623492, 809745897, 490050815, 250208337, 406320343, 437439078,
-        399463249, 149772397, 1112649672, 116377579, 180678768, 188591667, 403584294, 34641000,
-        300047573, 509953321, 143704204, 84895791, 1044345777, 42567042, 247832143, 36954443,
-        447301068, 515694466, 973371586, 502756119, 787735873, 733583109, 750264667, 422469301,
-        957276447, 557333601, 216578012, 974303641, 949563651, 157816052, 68881143, 253129377,
-        1039717173, 833356769, 434480559, 583640039, 21320005, 1050041241, 447720547, 871945314,
-        306651233, 351867436, 215347984, 296039943, 579122526, 241563494, 188868839, 599391404,
-        1092618722, 170245891, 423859349, 920680995, 37655448, 59753688, 442523960, 871188945,
-        919462338, 511655494, 516460824, 906429951, 187307937, 84038021, 816113180, 31100781,
-        1007262640, 992079725, 882550535, 626249284, 194240978, 238964907, 587705243, 277674175,
-        29765594, 1020569823, 202588450, 76352913, 1009519757, 639058107, 727973261, 1041707363,
-        159584429, 1029496980, 400631741, 839732699, 49166821, 1010832890, 1014227609, 598105380,
-        286276948, 156620211, 360718710, 944067195, 226380367, 913856179, 668514949, 633718604,
-        239210, 1035349741, 53435499, 236024289, 57180844, 20466787, 190112184, 868219817,
-        271573674, 97544768, 873580333, 1112993407, 1048556229, 408111231, 484093550, 54328793,
-        59814990, 330939500, 730326487, 647726141, 1033633698, 343786548, 327555583, 1039643644,
-        85409152, 34760095, 78709951, 575611559, 49118609, 678964185, 693296818, 1034549889,
-        509115697, 565905471, 825386897, 963372226, 784961654, 1049626641, 278924939, 1064772866,
-        489413105, 828335951, 152929537, 1003452183, 206253531, 202103737, 583308517, 86328852,
-        603877109, 329019662, 720842554, 379316827, 231849543, 529918116, 353184484, 985145295,
-        456323482, 397070041, 77392223, 147541346, 112033122, 246052195, 499322062, 50139045,
-        199926841, 1014724127, 154722856, 1089754856, 808709465, 975077613, 720959624, 686200691,
-        177490735, 520284559, 495897554, 67462431, 311212386, 398942243, 996920189, 1065302648,
-        384585398, 750208275, 858272378, 307680464, 457330419, 175051609, 745360297, 591100865,
-        506745317, 768837942, 586332125, 79115891, 492122243, 250382658, 959983617, 20290569,
-        1114314844, 1048556839, 877384871, 464299863, 357473067, 304589094, 136650747, 899289150,
-        1091666197, 158972793, 23801110, 516092788, 52901130, 558562058, 760446773, 10272231,
-        433779278, 261125904, 1070403901, 527523940, 836887350, 832624638, 677064272, 173439869,
-        40123918, 381449573, 258183506, 871458130, 265841737, 710095421, 197676892, 1035043989,
-        645915758, 323390046, 240828540, 11320426, 461872677, 755552351, 241740066, 588420018,
-        114001171, 467015335, 386782917, 1054009634, 671561628, 171595879, 1044956832, 85700070,
-        22729398, 934819082, 1083564454, 727164184, 68289596, 119047391, 215910956, 898414980,
-        911313015, 78129717, 711934476, 738812565, 672322238, 1017954662, 903305370, 725810178,
-        367569724, 182473528, 1102715263, 893243785, 964680855, 485854628, 199816869, 846164700,
-        198215585, 569807665, 337239678, 771675928, 55494917, 356124509, 904555848, 332586955,
-        864563855, 603059830, 919437467, 328903037, 601060837, 7782082, 471376607, 370039531,
-        1020237207, 202651723, 546196410, 369416690, 463951814, 26592718, 195226720, 49394559,
-        29430301, 109450175, 475939536, 21989532, 1033101397, 598077182, 970817963, 28712286,
-        585818494, 426351533, 676643022, 97974388, 440344031, 503680452, 861803847, 852733919,
-        931885643, 211663131, 662636169, 786204394, 548564256, 45797920, 68337017, 915690479,
-        456966813, 745139317, 591019403, 104199932, 679914233, 1023395682, 398221592, 594412542,
-        73563216, 684344352, 386353179, 994257074, 1007732308, 755642455, 462231994, 657513078,
-        919794390, 297851032, 720529830, 99488323, 181030205, 663081731, 117536618, 195742171,
-        1008526289, 590845358, 124848733, 568096910, 629192465, 15777873, 793177272, 419033690,
-        300497914, 292390748, 252364537, 918945416, 1020004393, 446501075, 181506689, 9412349,
-        738154422, 774871157, 337280217, 557544245, 17410133, 307480180, 403331155, 750943204,
-        826693949, 830371172, 412968774, 670697489, 156229007, 100915728, 607374939, 331686447,
-        895778511, 854271043, 250274483, 271529405, 739792739, 123532901, 445433793, 899040670,
-        257333052, 273937915, 1056734542, 1050704097, 591678076, 54125201, 942436001, 986972741,
-        941009101, 171648109, 777168278, 761478673, 1041041500, 1061677520, 1026660016, 250118804,
-        430447694, 769251337, 303618716, 286530886, 1067142365, 911300922, 188296112, 517249115,
-        330521200, 188007699, 1127294640, 885784930, 1007840382, 494085950, 1040908262, 158636213,
-        1059005074, 80700905, 693407089, 466131010, 892405707, 655560837, 302460628, 503132377,
-        890882464, 261487361, 749563723, 527503839, 968909720, 946816034, 73806206, 8524684,
-        1099398201, 549552006, 848334830, 112495101, 192891434, 283989588, 122984187, 2069151,
-        459418949, 199733703, 369980493, 936140638, 993581212, 273048874, 599889890, 101914632,
-        487161502, 939295404, 28576333, 336980598, 1021773811, 762719185, 52616712, 991108128,
-        773506636, 396042843, 147288604, 824111339, 73671885, 373106042, 584580587, 975584856,
-        472020188, 649766622, 883699047, 677596865, 678466444, 699136757, 19303500, 1106179826,
-        840403933, 1063708459, 1091360246, 671176543, 639157155, 1105971909, 831691602, 173216034,
-        913819288, 1069197906, 925149614, 381470746, 142716791, 527914632, 886378310, 923315985,
-        2859473, 463935226, 290366677, 377899338, 969283383, 1084420324, 500010006, 109720268,
-        247527198, 816417698, 1094279266, 966715498, 1087474519, 219455568, 874789364, 459096073,
-        504127208, 1112928496, 623980333, 762388113, 741468397, 313052345, 914277972, 762588284,
-        609579363, 894355967, 791267518, 191175789, 672133323, 1032934127, 190169277, 1009158129,
-        175289905, 692311236, 811243168, 568161410, 195106007, 806176572, 133984609, 1019646153,
-        886090155, 728041145, 831092660, 817997332, 23702417, 450034530, 996412644, 742974977,
-        884384862, 392804854, 684921367, 11288907, 1021951853, 1076519300, 531480070, 176676078,
-        506430485, 342246132, 934702925, 30853093, 604102326, 738497927, 85642232, 34517925,
-        932173113, 255277772, 835427869, 1038439772, 390259213, 481366415, 182844196, 475801347,
-        447732073, 70927199, 942727308, 501345465, 153449739, 192987175, 298016522, 385122091,
-        1121119728, 18587284, 949764450, 1096703026, 604688462, 792756350, 297579564, 491530309,
-        573096202, 600100808, 3547442, 1081545207, 181064997, 596545496, 873928523, 1051657069,
-        1090948175, 142560632, 379961145, 1006811667, 1069297760, 393879678, 1023153985, 704382050,
-        356488003, 579949665, 957268559, 409025278, 321108731, 854209018, 391783602, 200647010,
-        643983635, 539293206, 584032225, 672251149, 152391695, 761566809, 875404307, 614286431,
-        276949370, 1091981126, 1109858202, 1103886333, 189309623, 667178416, 802940491, 1025178774,
-        509330315, 9156252, 217416330, 506090187, 897451800, 539080560, 923778228, 342084338,
-        165848007, 569024252, 380608532, 788365791, 857631871, 226965743, 804261533, 682872097,
-        896503772, 721922939, 420394557, 969454440, 651340286, 1028316109, 1018680295, 1081954164,
-        1007005021, 221731597, 609726247, 1094673002, 516297024, 495191443, 381838492, 988139144,
-        225882592, 858003396, 643345026, 888694417, 437535078, 463703489, 802660359, 150499310,
-        212857476, 305025547, 729044866, 584447967, 97849679, 404306828, 1051357649, 89761373,
-        1093101810, 332213561, 697805647, 789311335, 138945874, 97110111, 101924225, 99078089,
-        3369558, 317851488, 305015556, 507457409, 96133567, 744600510, 161710719, 673363838,
-        960169286, 124452386, 190994499, 1093316140, 739252817, 1128090078, 189593425, 86704223,
-        1088973905, 289147799, 492494385, 600430130, 623720426, 572318624, 280959421, 229081430,
-        210253282, 1025176110, 935593139, 830546545, 433595026, 741164902, 404124717, 678093090,
-        552592527, 528585118, 402670432, 231697899, 28004661, 983187646, 991416414, 265507269,
-        716991609, 89738495, 656055690, 233364763, 1093403731, 469795452, 1048033063, 763548117,
-        430252682, 1027505309, 764331290, 1018714572, 942346436, 956190759, 969479589, 1087221572,
-        1095209475, 1113532366, 599745329, 780394791, 380887095, 939640336, 1006760104, 678713698,
-        1068060813, 454733820, 77303064, 548040113, 884765947, 489784033, 162823431, 343778734,
-        619804000, 130178027, 364046145, 1095663764, 671150398, 294263101, 924711302, 496507933,
-        1026977220, 886871687, 354832998, 99446651, 710338689, 383202267, 145622522, 366642823,
-        535301846, 509470997, 527360288, 556594771, 938046732, 1084352187, 1040216985, 852031367,
-        690411627, 325676781, 219323042, 29108499, 100711504, 406034930, 502377040, 53265953,
-        870412831, 328461991, 818209263, 1086477893, 446564534, 1086169646, 1119041074, 773671449,
-        547072774, 436363379, 20068813, 373156677, 5537895, 58371213, 734738856, 1013884519,
-        793441007, 963507824, 23473761, 280241271, 801521430, 1026798586, 526545180, 102604344,
-        1066259490, 1065236284, 176562157, 1034734710, 264200228, 697599399, 1067248068, 1094551028,
-        371648551, 943810600, 952227948, 789270609, 580547488, 411761753, 543612627, 458037575,
-        553549975, 707896686, 322586194, 884227547, 604495164, 718023416, 621186693, 535545508,
-        396320093, 256375003, 421043636, 695169999, 1006250121, 977669977, 214213965, 733879468,
-        390997680, 670357047, 1098621358, 593448487, 463140892, 552165537, 361891056, 941976678,
-        555507968, 876135512, 640063393, 824004454, 248114624, 743975637, 690234792, 879430107,
-        1022718230, 188198926, 319373759, 927552562, 1096054585, 325025726, 901638273, 884728719,
-        785215810, 1026872748, 1114157333, 748258369, 605477615, 546923348, 465036303, 249831021,
-        196752813, 794093079, 320415313, 121974448, 639405163, 685193276, 936709503, 813100908,
-        889662480, 814143393, 729337838, 434469906, 761641839, 123709278, 439114836, 885588180,
-        604792012, 728572148, 104456762, 824312523, 91554142, 315023784, 421226923, 817849621,
-        839980954, 534522248, 461537413, 762880291, 709823499, 908080065, 528125309, 626419904,
-        1039644850, 1014756127, 397728958, 14357310, 700607282, 73269412, 902913840, 1111742987,
-        879727610, 158010773, 297327277, 25952546, 611924566, 50053416, 989801866, 90368228,
-        585224271, 933426219, 110398812, 999511420, 706883634, 549310135, 53541170, 925101614,
-        843070121, 929683019, 662230725, 321318925, 670962668, 324218395, 460185051, 1081178662,
-        816144698, 949951877, 750353828, 202179949, 252052664, 1061721167, 1065160684, 395076053,
-        1080656113, 698147642, 818922438, 1004453636, 244072286, 875650279, 825320847, 943762255,
-        554831973, 284008021, 601104395, 120670645, 1049537869, 29417349, 485751722, 640637327,
-        177440809, 521402760, 312072208, 62349474, 491672923, 392186419, 94057379, 12154676,
-        593854865, 1054066347, 334875145, 799676077, 590107909, 150999074, 178593952, 413911140,
-        1120548516, 313099521, 764717902, 350403854, 229345260, 350517278, 538398938, 432773433,
-        599462902, 420123990, 1086387667, 32135583, 978145116, 854240763, 356423430, 902193194,
-        504036268, 893165555, 111603880, 818922388, 1116156623, 88450664, 343235123, 20034984,
-        562394618, 404739889, 492786072, 462813114, 451269569, 843732340, 98745250, 937073450,
-        361155353, 132961963, 1020900027, 442371528, 505375525, 881159258, 423045809, 535127803,
-        767040336, 59209860, 526321757, 919886008, 590856805, 674854304, 368893924, 829618933,
-        988828538, 411084011, 163899952, 1118413785, 948357084, 273699925, 896734253, 957681224,
-        270535220, 55679788, 241175702, 1089598877, 103540620, 63033815, 475825047, 116672384,
-        1002624523, 384196402, 772275931, 286956606, 1020572031, 89660838, 971455350, 284501904,
-        48485423, 1059719496, 81979129, 768903915, 335765806, 641176497, 283480188, 104852503,
-        385374096, 741730645, 253389113, 1094309682, 184950262, 90025914, 1025982629, 761545209,
-        497442993, 810686767, 64122594, 302616932, 849004408, 357539524, 846738365, 800820533,
-        263471899, 41837425, 789255412, 648976140, 63536569, 647310441, 556255428, 798389414,
-        639459100, 16888921, 1081131723, 373780615, 774903247, 882921479, 516351784, 1115737392,
-        490868549, 76710529, 440873911, 707864866, 1079463993, 547579935, 146420217, 451847293,
-        217103066, 147935612, 551112830, 295869668, 802905475, 113601730, 851467931, 608135865,
-        548283514, 693544531, 1014381730, 469452735, 997649678, 48285740, 324452786, 529430559,
-        1086441382, 825379270, 649534224, 1104156988, 895754220, 964855098, 725495409, 392658557,
-        803083504, 950629577, 113982710, 565475970, 388031525, 494150383, 32545068, 284726920,
-        661634530, 508885042, 171850234, 855494953, 869711130, 572653108, 1124445128, 387571453,
-        527471591, 338705886, 96257844, 278825375, 486049016, 167751296, 746469890, 1091558342,
-        78122718, 527509896, 334385459, 362699600, 792149959, 472205727, 186776779, 1087810581,
-        1096919472, 524354409, 196948003, 758313700, 943531057, 422813841, 512975134, 70463759,
-        29712463, 881081478, 909865230, 114289622, 521796956, 153874541, 261211103, 474207356,
-        31199290, 746294146, 877680760, 488469507, 881666878, 361312467, 27859475, 137934338,
-        390030192, 750270532, 411804457, 534011627, 639841140, 869554311, 926227408, 62488262,
-        425796330, 99777106, 43512552, 93800865, 635787291, 329502798, 399556616, 451688535,
-        1001395699, 868034999, 594413922, 806145881, 558288459, 833840920, 756020280, 206374154,
-        964029628, 398365322, 83157107, 989573141, 254909708, 133567828, 117566235, 979026189,
-        313584016, 984024800, 787971980, 651472892, 585816386, 279588227, 1056182452, 365628871,
-        724761674, 672459534, 1077113069, 493022470, 91476098, 727289079, 1109048987, 100876317,
-        185322233, 283468769, 84746079, 157931329, 379765945, 141543971, 827910707, 1069224619,
-        562390672, 715239289, 965302328, 437563448, 524274934, 858856962, 253575278, 701368299,
-        188986151, 117095423, 153781042, 839176952, 798788187, 399196281, 825767931, 419052158,
-        34643824, 993496214, 387001670, 835524414, 933392050, 824836016, 309948454, 719378330,
-        1114479314, 824747910, 170576972, 1015119097, 735266606, 218728015, 27637167, 311492071,
-        886390087, 708923369, 355043781, 252148764, 568163149, 543524637, 288696605, 785226904,
-        219543096, 110211601, 48765933, 972473852, 1041080716, 825105856, 150483171, 649355739,
-        81803006, 1082829660, 853800912, 1116628377, 54000364, 253128744, 902229218, 1002622534,
-        102594369, 505719072, 1124142467, 226337239, 667703580, 987758502, 274584746, 263671587,
-        578316675, 713960057, 948457975, 687863493, 173221260, 89513345, 291359907, 445984809,
-        20770187, 602463962, 1079707176, 880942496, 645894248, 780867069, 475796932, 233270624,
-        766384245, 36093038, 500819961, 6656654, 350092093, 431977465, 311606663, 685520206,
-        370120825, 487361599, 31706445, 949290435, 798419001, 913065224, 945091088, 972920725,
-        857586718, 437127725, 1052645792, 358446302, 996399571, 543439832, 416789546, 916442318,
-        302377031, 467691127, 232719548, 956950960, 30662349, 913344590, 671419686, 156717827,
-        871221407, 805724541, 53537948, 947303970, 882321601, 261318306, 149607321, 577464632,
-        24713313, 524014919, 148761135, 440012007, 64300984, 340528573, 392997324, 275289113,
-        270608946, 326741293, 1023209990, 1097556513, 262052804, 369075041, 508972689, 526115229,
-        336030213, 730812609, 858309675, 573108893, 677029394, 399052930, 719818695, 979511494,
-        459342865, 979977030, 734921803, 1003564322, 545445521, 458168916, 897462268, 433987915,
-        587813631, 65847000, 911164840, 479271435, 147427802, 1001655718, 753742950, 956042287,
-        959270867, 550996088, 1061452618, 383903202, 564269310, 95108013, 274104630, 147843746,
-        779785605, 1128241893, 311239559, 133156013, 1106707867, 1116901889, 186989720, 243881610,
-        925404308, 256833509, 1057272545, 548147013, 338726328, 1069381687, 574850775, 342601456,
-        593021619, 994345276, 1048130591, 357272790, 941731875, 199494123, 800190987, 1024351829,
-        729808873, 795901888, 725425505, 1065099405, 1024787791, 856914318, 946582763, 461811542,
-        444076465, 1128838984, 715164506, 517440977, 39330283, 90148781, 554707372, 928732704,
-        371502021, 1008233336, 317582756, 524451154, 155422816, 440312472, 1100195158, 791313568,
-        1074684194, 757523450, 507259938, 376912438, 790750659, 19985542, 236477812, 621515084,
-        14641604, 423726725, 43680072, 165943232, 548969735, 840033269, 191845866, 921576757,
-        915919657, 817349484, 963826245, 482186439, 730356300, 1015917581, 672918284, 396635587,
-        767202303, 813371635, 869333976, 508192846, 490177145, 59204384, 11099732, 756805114,
-        903025660, 594360830, 1019323549, 705453704, 721000677, 467124590, 433770645, 203504697,
-        97797853, 924825635, 373581843, 430933902, 811243340, 250007758, 534865265, 128712376,
-        822051513, 250846965, 1070671272, 1072188174, 312655828, 488080380, 566811631, 88831334,
-        15478592, 996929267, 279463354, 404398823, 996165590, 134746184, 10331000, 142429560,
-        482838497, 3625072, 653531060, 803565118, 1048986230, 1006019827, 715676944, 564117799,
-        555220950, 889714353, 263699900, 503659804, 1088604303, 600414871, 99345416, 997036691,
-        1062002121, 126783467, 253332497, 438867657, 976937555, 654395668, 557215041, 46939874,
-        552713464, 749916384, 484323074, 483917405, 677263900, 99365013, 192496860, 914599346,
-        547960463, 231723970, 997912798, 1099799435, 892081583, 102958110, 696767097, 5476106,
-        869957957, 497317476, 399192328, 575567190, 737714890, 545582635, 731658739, 404188557,
-        914432306, 56034159, 372218440, 626858382, 1059276234, 290001074, 728713038, 646639755,
-        1071349304, 497411527, 914507668, 874023244, 330355746, 997134735, 317751869, 93333561,
-        191736798, 867404294, 764021455, 649553869, 32134107, 356452470, 515188952, 912016737,
-        981074116, 3176027, 563139069, 901020620, 765622786, 77065368, 112565404, 1104087001,
-        603149919, 62320784, 37340924, 271988916, 1088050757, 900822026, 570795193, 118136336,
-        228954381, 84002137, 107820426, 1036215916, 414421818, 575157043, 1029511469, 1098909800,
-        638622793, 364653701, 951039572, 202667835, 1105572750, 905930490, 622475707, 769476936,
-        359844918, 1032607831, 270561227, 922044195, 211114077, 806702381, 1034110348, 1090787175,
-        380228620, 754831904, 825262701, 254684021, 689956338, 946898079, 1119439184, 170588665,
-        455055047, 1112488359, 316261794, 167052760, 681776700, 101655817, 1104047888, 931846485,
-        777666661, 244421919, 1032717751, 771899484, 167884822, 383451132, 414684868, 967970978,
-        251607673, 946486934, 801420079, 964329829, 1081110125, 810125049, 621410728, 635499090,
-        324446706, 609896164, 727096174, 788299449, 605051120, 662578360, 478977775, 511427829,
-        804875304, 299858894, 607089768, 134081973, 892474561, 270157166, 79522694, 885310889,
-        360224635, 1006476027, 974435294, 780834962, 461009670, 494180818, 959507232, 1121381346,
-        1088339534, 654927281, 762292807, 33461378, 661924743, 864591625, 546400772, 944342858,
-        1028200265, 1056455757, 88680527, 1050916030, 938561033, 102069108, 295787004, 446280472,
-        772055005, 715365274, 933867776, 785081482, 216411888, 159026208, 584415731, 310755280,
-        266117816, 727015230, 334501223, 484334581, 1033523203, 1063818101, 736774330, 313712636,
-        734996871, 184740368, 362794063, 436132188, 482029298, 442290376, 221647483, 386772954,
-        982910397, 726807337, 240728269, 105503811, 269900590, 243722064, 610126807, 951562758,
-        659751006, 340811190, 199299787, 351828858, 856382738, 365480606, 1042786228, 1123068912,
-        10276685, 642933070, 165566419, 679827169, 961701698, 294054310, 355706366, 217192437,
-        522587524, 312032939, 558693905, 349209851, 930411190, 262585457, 415533475, 646948555,
-        1066780967, 471089109, 929057655, 517438536, 258478395, 39270561, 889479646, 273898984,
-        627910143, 618616086, 180698624, 951480188, 200561477, 237584143, 607869392, 437078460,
-        415163056, 209993568, 334873362, 1128930907, 508514481, 792979407, 676813222, 1019104866,
-        411695497, 43613997, 785578867, 132379578, 737624958, 773288614, 505119708, 928682766,
-        752219752, 662639813, 271272426, 160092539, 49353550, 599278652, 457441423, 694141030,
-        1108781150, 497004602, 152637935, 327024689, 869206336, 153529086, 213974535, 210561231,
-        1115104772, 26000087, 473351014, 705674785, 11948367, 699262595, 385616508, 1082509833,
-        1002086909, 351117184, 426727961, 716455350, 445629691, 263014880, 178561677, 763942576,
-        453911234, 251065969, 1119113840, 403386182, 584063944, 1061670228, 1067594138, 934920847,
-        221796630, 578508545, 960533240, 408202157, 800505215, 124820100, 693014651, 377258025,
-        345451846, 1084205130, 955691331, 877134009, 461861459, 1065671551, 750205976, 899130388,
-        962296503, 260525551, 454879090, 567632207, 867393171, 205384967, 52991349, 772073189,
-        784137909, 177596177, 774634076, 830320977, 80216042, 958845699, 444242121, 445247615,
-        749038979, 1043182368, 942892656, 308653011, 717431175, 1123135166, 401326655, 801495329,
-        924651065, 627583444, 57945923, 797461143, 1014733078, 267842526, 75171020, 985898727,
-        602077998, 289641435, 3817272, 72809466, 170436822, 917065606, 1075765979, 228712568,
-        804065866, 103429236, 755232438, 523116600, 175489690, 643101045, 782740199, 646390839,
-        154384289, 34296586, 68273162, 409008719, 72194869, 514620434, 1074403272, 1002586053,
-        824780576, 439514269, 814483462, 1065678048, 192117199, 337965005, 290046544, 745194166,
-        98634179, 594461368, 282668308, 169287965, 809176984, 851624865, 146280088, 551403730,
-        229988203, 759464587, 986831791, 307931453, 687021443, 1037047036, 390984681, 360214539,
-        489609063, 1079688799, 520853052, 248692113, 519108294, 873337355, 1019557863, 51551242,
-        140648753, 956691426, 500515518, 829644954, 225195986, 477843837, 117146454, 524576548,
-        388500809, 679009976, 95097294, 83923789, 86452515, 112923593, 572196182, 809066810,
-        365600046, 610178737, 6894641, 484752925, 321345624, 421663857, 996369171, 945767857,
-        512656150, 598142805, 131771428, 523631226, 238471503, 1017814054, 960743607, 358302399,
-        729762169, 774817733, 285185753, 94598268, 859341273, 817195544, 781913067, 180586359,
-        922498031, 928876955, 181750202, 704453607, 982602560, 760425692, 445461081, 262899249,
-        993032850, 1099441120, 766077054, 661328835, 849341957, 64481799, 137189173, 665203913,
-        274533772, 732036380, 686074559, 364887119, 934033368, 1113144551, 98086634, 1039349720,
-        138463640, 63197842, 478102337, 281719763, 25872677, 48972992, 1117419859, 319791525,
-        557816662, 725904956, 373125437, 385943763, 208358936, 697455132, 373381211, 417958668,
-        398054090, 1014428957, 906287080, 1055697308, 610106444, 259488631, 39585717, 1118889820,
-        869608698, 828290478, 859032095, 336215136, 327990657, 634859446, 312601336, 291351028,
-        682470272, 23577953, 337451423, 616208275, 919161707, 247373119, 679977555, 387895394,
-        234372661, 418240334, 10541774, 49052282, 470788227, 341763065, 746512185, 939659609,
-        615551391, 1053722676, 786403464, 952256028, 999791888, 536861641, 466680432, 223936516
-
-    };
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/QTESLA.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/QTESLA.java
deleted file mode 100644
index 5d7fc94..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/QTESLA.java
+++ /dev/null

@@ -1,1948 +0,0 @@
-package org.bouncycastle.pqc.crypto.qtesla;
-
-import java.security.SecureRandom;
-
-public class QTESLA
-{
-
-    /******************************************************************************************************************************************
-     * Description:	Hash Function to Generate C' for Heuristic qTESLA Security Category-1 and Category-3 (Option for Size or Speed)
-     ******************************************************************************************************************************************/
-    private static void hashFunction(byte[] output, int outputOffset, int[] V, final byte[] message, int messageOffset, int n, int d, int q)
-    {
-
-        int mask;
-        int cL;
-
-        byte[] T = new byte[n + Polynomial.MESSAGE];
-
-        for (int i = 0; i < n; i++)
-        {
-            /* If V[i] > Q / 2 Then V[i] = V[i] - Q */
-            mask = (q / 2 - V[i]) >> 31;
-            V[i] = ((V[i] - q) & mask) | (V[i] & (~mask));
-            cL = V[i] & ((1 << d) - 1);
-            /* If cL > 2 ^ (d - 1) Then cL = cL - 2 ^ d */
-            mask = ((1 << (d - 1)) - cL) >> 31;
-            cL = ((cL - (1 << d)) & mask) | (cL & (~mask));
-            T[i] = (byte)((V[i] - cL) >> d);
-
-        }
-
-        System.arraycopy(message, messageOffset, T, n, Polynomial.MESSAGE);
-
-        if (q == Parameter.Q_I)
-        {
-
-            HashUtils.secureHashAlgorithmKECCAK128(output, outputOffset, Polynomial.HASH, T, 0, n + Polynomial.MESSAGE);
-
-        }
-
-        if (q == Parameter.Q_III_SIZE || q == Parameter.Q_III_SPEED)
-        {
-
-            HashUtils.secureHashAlgorithmKECCAK256(output, outputOffset, Polynomial.HASH, T, 0, n + Polynomial.MESSAGE);
-
-        }
-
-    }
-
-    /**************************************************************************************************************************************************
-     * Description:	Hash Function to Generate C' for Provably-Secure qTESLA Security Category-1 and Security Category-3
-     **************************************************************************************************************************************************/
-    private static void hashFunction(byte[] output, int outputOffset, long[] V, final byte[] message, int messageOffset, int n, int k, int d, int q)
-    {
-
-        int index;
-        long mask;
-        long cL;
-        long temporary;
-
-        byte[] T = new byte[n * k + Polynomial.MESSAGE];
-
-        for (int j = 0; j < k; j++)
-        {
-
-            index = n * j;
-
-            for (int i = 0; i < n; i++)
-            {
-
-                temporary = V[index];
-                /* If V[i] > Q / 2 Then V[i] = V[i] - Q */
-                mask = (q / 2 - temporary) >> 63;
-                temporary = ((temporary - q) & mask) | (temporary & (~mask));
-                cL = temporary & ((1 << d) - 1);
-                /* If cL > 2 ^ (d - 1) Then cL = cL - 2 ^ d */
-                mask = ((1 << (d - 1)) - cL) >> 63;
-                cL = ((cL - (1 << d)) & mask) | (cL & (~mask));
-                T[index++] = (byte)((temporary - cL) >> d);
-
-            }
-
-        }
-
-        System.arraycopy(message, messageOffset, T, n * k, Polynomial.MESSAGE);
-
-        if (q == Parameter.Q_I_P)
-        {
-
-            HashUtils.secureHashAlgorithmKECCAK128(output, outputOffset, Polynomial.HASH, T, 0, n * k + Polynomial.MESSAGE);
-
-        }
-
-        if (q == Parameter.Q_III_P)
-        {
-
-            HashUtils.secureHashAlgorithmKECCAK256(output, outputOffset, Polynomial.HASH, T, 0, n * k + Polynomial.MESSAGE);
-
-        }
-
-    }
-
-    /**************************************************************************************************************************************
-     * Description:	Computes Absolute Value for for Heuristic qTESLA Security Category-1 and Security Category-3 (Option for Size or Speed)
-     **************************************************************************************************************************************/
-    private static int absolute(int value)
-    {
-
-        return ((value >> 31) ^ value) - (value >> 31);
-
-    }
-
-    /*****************************************************************************************************************
-     * Description:	Computes Absolute Value for for Provably-Secure qTESLA Security Category-1 and Security Category-3
-     *****************************************************************************************************************/
-    private static long absolute(long value)
-    {
-
-        return ((value >> 63) ^ value) - (value >> 63);
-
-    }
-
-    /*********************************************************************************
-     * Description:	Checks Bounds for Signature Vector Z During Signification.
-     * 				Leaks the Position of the Coefficient that Fails the Test.
-     * 				The Position of the Coefficient is Independent of the Secret Data.
-     * 				Does not Leak the Signature of the Coefficients.
-     * 				For Heuristic qTESLA Security Category-1 and Security Category-3
-     * 				(Option for Size or Speed)
-     *
-     * @param        Z        Signature Vector
-     * @param        n        Polynomial Degree
-     * @param        b        Interval the Randomness is Chosen in During Signification
-     * @param        u        Bound in Checking Secret Polynomial
-     *
-     * @return false    Valid / Accepted
-     * 				true	Invalid / Rejected
-     ********************************************************************************/
-    private static boolean testRejection(int[] Z, int n, int b, int u)
-    {
-
-        for (int i = 0; i < n; i++)
-        {
-
-            if (absolute(Z[i]) > (b - u))
-            {
-
-                return true;
-
-            }
-
-        }
-
-        return false;
-
-    }
-
-    /*************************************************************************************
-     * Description:	Checks Bounds for Signature Vector Z During Signification.
-     * 				Leaks the Position of the Coefficient that Fails the Test.
-     * 				The Position of the Coefficient is Independent of the Secret Data.
-     * 				Does not Leak the Signature of the Coefficients.
-     * 				For Provably-Secure qTESLA Security Category-1 and Security Category-3
-     *
-     * @param        Z        Signature Vector
-     * @param        n        Polynomial Degree
-     * @param        b        Interval the Randomness is Chosen in During Signification
-     * @param        u        Bound in Checking Secret Polynomial
-     *
-     * @return false    Valid / Accepted
-     * 				true	Invalid / Rejected
-     *************************************************************************************/
-    private static boolean testRejection(long[] Z, int n, int b, int u)
-    {
-
-        for (int i = 0; i < n; i++)
-        {
-
-            if (absolute(Z[i]) > (b - u))
-            {
-
-                return true;
-
-            }
-
-        }
-
-        return false;
-
-    }
-
-    /**********************************************************************************
-     * Description:	Checks Bounds for Signature Vector Z During Signature Verification
-     * 				for Heuristic qTESLA Security Category-1 and Security Category-3
-     * 				(Option of Size of Speed)
-     *
-     * @param        Z        Signature Vector
-     * @param        n        Polynomial Degree
-     * @param        b        Interval the Randomness is Chosen in During Signification
-     * @param        u        Bound in Checking Secret Polynomial
-     *
-     * @return false    Valid / Accepted
-     * 				true	Invalid / Rejected
-     *********************************************************************************/
-    private static boolean testZ(int[] Z, int n, int b, int u)
-    {
-
-        for (int i = 0; i < n; i++)
-        {
-
-            if ((Z[i] < -(b - u)) || (Z[i] > b - u))
-            {
-
-                return true;
-
-            }
-
-        }
-
-        return false;
-
-    }
-
-    /*************************************************************************************
-     * Description:	Checks Bounds for Signature Vector Z During Signature Verification
-     * 				for Provably-Secure qTESLA Security Category-1 and Security Category-3
-     *
-     * @param        Z        Signature Vector
-     * @param        n        Polynomial Degree
-     * @param        b        Interval the Randomness is Chosen in During Signification
-     * @param        u        Bound in Checking Secret Polynomial
-     *
-     * @return false    Valid / Accepted
-     * 				true	Invalid / Rejected
-     *************************************************************************************/
-    private static boolean testZ(long[] Z, int n, int b, int u)
-    {
-
-        for (int i = 0; i < n; i++)
-        {
-
-            if ((Z[i] < -(b - u)) || (Z[i] > b - u))
-            {
-
-                return true;
-
-            }
-
-        }
-
-        return false;
-
-    }
-
-    /*********************************************************************************
-     * Description:	Checks Bounds for W = V - EC During Signature Verification.
-     * 				Leaks the Position of the Coefficient that Fails the Test.
-     * 				The Position of the Coefficient is Independent of the Secret Data.
-     * 				Does not Leak the Signature of the Coefficients.
-     * 				For Heuristic qTESLA Security Category-1 and Security Category-3
-     * 				(Option for Size or Speed)
-     *
-     * @param        V            Parameter to be Checked
-     * @param        n            Polynomial Degree
-     * @param        d            Number of Rounded Bits
-     * @param        q            Modulus
-     * @param        rejection    Bound in Checking Error Polynomial
-     *
-     * @return false        Valid / Accepted
-     * 				true		Invalid / Rejected
-     *********************************************************************************/
-    private static boolean testV(int[] V, int n, int d, int q, int rejection)
-    {
-
-        int mask;
-        int left;
-        int right;
-        int test1;
-        int test2;
-
-        for (int i = 0; i < n; i++)
-        {
-
-            mask = (q / 2 - V[i]) >> 31;
-            right = ((V[i] - q) & mask) | (V[i] & (~mask));
-            test1 = (~(absolute(right) - (q / 2 - rejection))) >>> 31;
-            left = right;
-            right = (right + (1 << (d - 1)) - 1) >> d;
-            right = left - (right << d);
-            test2 = (~(absolute(right) - ((1 << (d - 1)) - rejection))) >>> 31;
-
-            /* Two Tests Fail */
-            if ((test1 | test2) == 1)
-            {
-
-                return true;
-
-            }
-
-        }
-
-        return false;
-
-    }
-
-    /****************************************************************************************
-     * Description:	Checks Bounds for W = V - EC During Signature Verification.
-     * 				Leaks the Position of the Coefficient that Fails the Test.
-     * 				The Position of the Coefficient is Independent of the Secret Data.
-     * 				Does not Leak the Signature of the Coefficients.
-     * 				For Provably-Secure qTESLA Security Category-1 and Security Category-3
-     *
-     * @param        V            Parameter to be Checked
-     * @param        vOffset        Starting Point of V
-     * @param        n            Polynomial Degree
-     * @param        d            Number of Rounded Bits
-     * @param        q            Modulus
-     * @param        rejection    Bound in Checking Error Polynomial
-     *
-     * @return false        Valid / Accepted
-     * 				true		Invalid / Rejected
-     ****************************************************************************************/
-    private static boolean testV(long[] V, int vOffset, int n, int d, int q, int rejection)
-    {
-
-        long mask;
-        long left;
-        long right;
-        long test1;
-        long test2;
-
-        for (int i = 0; i < n; i++)
-        {
-
-            mask = (q / 2 - V[vOffset + i]) >> 63;
-            right = ((V[vOffset + i] - q) & mask) | (V[vOffset + i] & (~mask));
-            test1 = (~(absolute(right) - (q / 2 - rejection))) >>> 63;
-
-            left = right;
-            right = (int)((right + (1 << (d - 1)) - 1) >> d);
-            right = left - (right << d);
-            test2 = (~(absolute(right) - ((1 << (d - 1)) - rejection))) >>> 63;
-
-            /* Two Tests Fail */
-            if ((test1 | test2) == 1L)
-            {
-
-                return true;
-
-            }
-
-        }
-
-        return false;
-
-    }
-
-    /**********************************************************************************************************
-     * Description:	Checks Whether the Generated Error Polynomial or the Generated Secret Polynomial
-     *				Fulfills Certain Properties Needed in Key Generation Algorithm
-     *				For Heuristic qTESLA Security Category-1 and Security Category-3 (Option for Size or Speed)
-     *
-     * @param        polynomial        Parameter to be Checked
-     * @param        bound            Threshold of Summation
-     * @param        n                Polynomial Degree
-     * @param        h                Number of Non-Zero Entries of Output Elements of Encryption
-     *
-     * @return false            Fulfillment
-     * 				true			No Fulfillment
-     **********************************************************************************************************/
-    private static boolean checkPolynomial(int[] polynomial, int bound, int n, int h)
-    {
-
-        int summation = 0;
-        int limit = n;
-        int temporary;
-        int mask;
-        int[] list = new int[n];
-
-        for (int i = 0; i < n; i++)
-        {
-
-            list[i] = absolute(polynomial[i]);
-
-        }
-
-        for (int i = 0; i < h; i++)
-        {
-
-            for (int j = 0; j < limit - 1; j++)
-            {
-                /* If list[j + 1] > list[j] Then Exchanges Contents */
-                mask = (list[j + 1] - list[j]) >> 31;
-                temporary = (list[j + 1] & mask) | (list[j] & (~mask));
-                list[j + 1] = (list[j] & mask) | (list[j + 1] & (~mask));
-                list[j] = temporary;
-
-            }
-
-            summation += list[limit - 1];
-            limit--;
-
-        }
-
-        if (summation > bound)
-        {
-
-            return true;
-
-        }
-
-        return false;
-
-    }
-
-    /**********************************************************************************************************
-     * Description:	Checks Whether the Generated Error Polynomial or the Generated Secret Polynomial
-     *				Fulfills Certain Properties Needed in Key Generation Algorithm
-     *				For Provably-Secure qTESLA Security Category-1 and Security Category-3
-     *
-     * @param        polynomial        Parameter to be Checked
-     * @param        offset            Starting Point of the Polynomial to be Checked
-     * @param        bound            Threshold of Summation
-     * @param        n                Polynomial Degree
-     * @param        h                Number of Non-Zero Entries of Output Elements of Encryption
-     *
-     * @return false            Fulfillment
-     * 				true			No Fulfillment
-     **********************************************************************************************************/
-    private static boolean checkPolynomial(long[] polynomial, int offset, int bound, int n, int h)
-    {
-
-        int summation = 0;
-        int limit = n;
-        short temporary;
-        short mask;
-        short[] list = new short[n];
-
-        for (int i = 0; i < n; i++)
-        {
-
-            list[i] = (short)(absolute(polynomial[offset + i]));
-
-        }
-
-        for (int i = 0; i < h; i++)
-        {
-
-            for (int j = 0; j < limit - 1; j++)
-            {
-                /* If list[j + 1] > list[j] Then Exchanges Contents */
-                mask = (short)((list[j + 1] - list[j]) >> 15);
-                temporary = (short)((list[j + 1] & mask) | (list[j] & (~mask)));
-                list[j + 1] = (short)((list[j] & mask) | (list[j + 1] & (~mask)));
-                list[j] = temporary;
-
-            }
-
-            summation += (int)list[limit - 1];
-            limit--;
-
-        }
-
-        if (summation > bound)
-        {
-
-            return true;
-
-        }
-
-        return false;
-
-    }
-
-    /************************************************************************************************************************************************************
-     * Description:	Generates A Pair of Public Key and Private Key for qTESLA Signature Scheme for Heuristic qTESLA Security Category-1 and Security Category-3
-     *				(Option for Size or Speed)
-     *
-     * @param        publicKey                            Contains Public Key
-     * @param        privateKey                            Contains Private Key
-     * @param        secureRandom                        Source of Randomness
-     * @param        n                                    Polynomial Degree
-     * @param        h                                    Number of Non-Zero Entries of Output Elements of Encryption
-     * @param        q                                    Modulus
-     * @param        qInverse
-     * @param        qLogarithm                            q <= 2 ^ qLogarithm
-     * @param        generatorA
-     * @param        inverseNumberTheoreticTransform
-     * @param        xi
-     * @param        zeta
-     * @param        errorBound                            Bound in Checking Error Polynomial
-     * @param        secretBound                            Bound in Checking Secret Polynomial
-     *
-     * @return 0                                    Successful Execution
-     ************************************************************************************************************************************************************/
-    private static int generateKeyPair(
-
-        byte[] publicKey, byte[] privateKey, SecureRandom secureRandom,
-        int n, int h, int q, long qInverse, int qLogarithm, int generatorA, int inverseNumberTheoreticTransform, double xi,
-        int[] zeta,
-        int errorBound, int secretBound)
-    {
-
-        /* Initialize Domain Separator for Error Polynomial and Secret Polynomial */
-        int nonce = 0;
-
-        byte[] randomness = new byte[Polynomial.RANDOM];
-
-        /* Extend Random Bytes to Seed Generation of Error Polynomial and Secret Polynomial */
-        byte[] randomnessExtended = new byte[Polynomial.SEED * 4];
-
-        int[] secretPolynomial = new int[n];
-        int[] errorPolynomial = new int[n];
-        int[] A = new int[n];
-        int[] T = new int[n];
-
-        /* Get randomnessExtended <- seedErrorPolynomial, seedSecretPolynomial, seedA, seedY */
-        // this.rng.randomByte (randomness, (short) 0, Polynomial.RANDOM);
-        secureRandom.nextBytes(randomness);
-
-        if (q == Parameter.Q_I)
-        {
-
-            HashUtils.secureHashAlgorithmKECCAK128(randomnessExtended, 0, Polynomial.SEED * 4, randomness, 0, Polynomial.RANDOM);
-
-        }
-
-        if (q == Parameter.Q_III_SIZE || q == Parameter.Q_III_SPEED)
-        {
-
-            HashUtils.secureHashAlgorithmKECCAK256(randomnessExtended, 0, Polynomial.SEED * 4, randomness, 0, Polynomial.RANDOM);
-
-        }
-
-        /*
-         * Sample the Error Polynomial Fulfilling the Criteria
-         * Choose All Error Polynomial in R with Entries from D_SIGMA
-         * Repeat Step at Iteration if the h Largest Entries of Error Polynomial Summation to L_E
-         */
-        do
-        {
-
-            if (q == Parameter.Q_I)
-            {
-
-                Sample.polynomialGaussSamplerI(errorPolynomial, 0, randomnessExtended, 0, ++nonce);
-
-            }
-
-            if (q == Parameter.Q_III_SIZE)
-            {
-
-                Sample.polynomialGaussSamplerIII(errorPolynomial, 0, randomnessExtended, 0, ++nonce, n, xi, Sample.EXPONENTIAL_DISTRIBUTION_III_SIZE);
-
-            }
-
-            if (q == Parameter.Q_III_SPEED)
-            {
-
-                Sample.polynomialGaussSamplerIII(errorPolynomial, 0, randomnessExtended, 0, ++nonce, n, xi, Sample.EXPONENTIAL_DISTRIBUTION_III_SPEED);
-
-            }
-
-        }
-        while (checkPolynomial(errorPolynomial, errorBound, n, h) == true);
-
-        /*
-         * Sample the Secret Polynomial Fulfilling the Criteria
-         * Choose Secret Polynomial in R with Entries from D_SIGMA
-         * Repeat Step if the h Largest Entries of Secret Polynomial Summation to L_S
-         */
-        do
-        {
-
-            if (q == Parameter.Q_I)
-            {
-
-                Sample.polynomialGaussSamplerI(secretPolynomial, 0, randomnessExtended, Polynomial.SEED, ++nonce);
-
-            }
-
-            if (q == Parameter.Q_III_SIZE)
-            {
-
-                Sample.polynomialGaussSamplerIII(secretPolynomial, 0, randomnessExtended, Polynomial.SEED, ++nonce, n, xi, Sample.EXPONENTIAL_DISTRIBUTION_III_SIZE);
-
-            }
-
-            if (q == Parameter.Q_III_SPEED)
-            {
-
-                Sample.polynomialGaussSamplerIII(secretPolynomial, 0, randomnessExtended, Polynomial.SEED, ++nonce, n, xi, Sample.EXPONENTIAL_DISTRIBUTION_III_SPEED);
-
-            }
-
-        }
-        while (checkPolynomial(secretPolynomial, secretBound, n, h) == true);
-
-        /* Generate Uniform Polynomial A */
-        Polynomial.polynomialUniform(A, randomnessExtended, Polynomial.SEED * 2, n, q, qInverse, qLogarithm, generatorA, inverseNumberTheoreticTransform);
-
-        /* Compute the Public Key T = A * secretPolynomial + errorPolynomial */
-        Polynomial.polynomialMultiplication(T, A, secretPolynomial, n, q, qInverse, zeta);
-        Polynomial.polynomialAdditionCorrection(T, T, errorPolynomial, n, q);
-
-        /* Pack Public and Private Keys */
-        if (q == Parameter.Q_I)
-        {
-
-            Pack.encodePrivateKeyI(privateKey, secretPolynomial, errorPolynomial, randomnessExtended, Polynomial.SEED * 2);
-            Pack.encodePublicKey(publicKey, T, randomnessExtended, Polynomial.SEED * 2, Parameter.N_I, Parameter.Q_LOGARITHM_I);
-
-        }
-
-        if (q == Parameter.Q_III_SIZE)
-        {
-
-            Pack.encodePrivateKeyIIISize(privateKey, secretPolynomial, errorPolynomial, randomnessExtended, Polynomial.SEED * 2);
-            Pack.encodePublicKey(publicKey, T, randomnessExtended, Polynomial.SEED * 2, Parameter.N_III_SIZE, Parameter.Q_LOGARITHM_III_SIZE);
-
-        }
-
-        if (q == Parameter.Q_III_SPEED)
-        {
-
-            Pack.encodePrivateKeyIIISpeed(privateKey, secretPolynomial, errorPolynomial, randomnessExtended, Polynomial.SEED * 2);
-            Pack.encodePublicKeyIIISpeed(publicKey, T, randomnessExtended, Polynomial.SEED * 2);
-
-        }
-
-        return 0;
-
-    }
-
-    /****************************************************************************************************************************************************************
-     * Description:	Generates A Pair of Public Key and Private Key for qTESLA Signature Scheme for
-     * 				Heuristic qTESLA Security Category-1
-     *
-     * @param        publicKey                            Contains Public Key
-     * @param        privateKey                            Contains Private Key
-     * @param        secureRandom                        Source of Randomness
-     *
-     * @return 0                                    Successful Execution
-     *
-     ****************************************************************************************************************************************************************/
-    public static int generateKeyPairI(byte[] publicKey, byte[] privateKey, SecureRandom secureRandom)
-    {
-
-        return generateKeyPair(
-
-            publicKey, privateKey, secureRandom,
-            Parameter.N_I, Parameter.H_I, Parameter.Q_I, Parameter.Q_INVERSE_I, Parameter.Q_LOGARITHM_I,
-            Parameter.GENERATOR_A_I, Parameter.INVERSE_NUMBER_THEORETIC_TRANSFORM_I,
-            Parameter.XI_I,
-            PolynomialHeuristic.ZETA_I,
-            Parameter.KEY_GENERATOR_BOUND_E_I, Parameter.KEY_GENERATOR_BOUND_S_I
-
-        );
-
-    }
-
-    /****************************************************************************************************************************************************************
-     * Description:	Generates A Pair of Public Key and Private Key for qTESLA Signature Scheme for Heuristic qTESLA Security Category-3 (Option for Size)
-     *
-     * @param        publicKey                            Contains Public Key
-     * @param        privateKey                            Contains Private Key
-     * @param        secureRandom                        Source of Randomness
-     *
-     * @return 0                                    Successful Execution
-     ****************************************************************************************************************************************************************/
-    public static int generateKeyPairIIISize(byte[] publicKey, byte[] privateKey, SecureRandom secureRandom)
-    {
-
-        return generateKeyPair(
-
-            publicKey, privateKey, secureRandom,
-            Parameter.N_III_SIZE, Parameter.H_III_SIZE, Parameter.Q_III_SIZE, Parameter.Q_INVERSE_III_SIZE, Parameter.Q_LOGARITHM_III_SIZE,
-            Parameter.GENERATOR_A_III_SIZE, Parameter.INVERSE_NUMBER_THEORETIC_TRANSFORM_III_SIZE,
-            Parameter.XI_III_SIZE,
-            PolynomialHeuristic.ZETA_III_SIZE,
-            Parameter.KEY_GENERATOR_BOUND_E_III_SIZE, Parameter.KEY_GENERATOR_BOUND_S_III_SIZE
-
-        );
-
-    }
-
-    /****************************************************************************************************************************************************************
-     * Description:	Generates A Pair of Public Key and Private Key for qTESLA Signature Scheme for Heuristic qTESLA Security Category-3
-     * 				(Option for Speed)
-     *
-     * @param        publicKey                            Contains Public Key
-     * @param        privateKey                            Contains Private Key
-     * @param        secureRandom                        Source of Randomness
-     *
-     * @return 0                                    Successful Execution
-     *
-     ****************************************************************************************************************************************************************/
-    public static int generateKeyPairIIISpeed(byte[] publicKey, byte[] privateKey, SecureRandom secureRandom)
-    {
-
-        return generateKeyPair(
-
-            publicKey, privateKey, secureRandom,
-            Parameter.N_III_SPEED, Parameter.H_III_SPEED, Parameter.Q_III_SPEED, Parameter.Q_INVERSE_III_SPEED, Parameter.Q_LOGARITHM_III_SPEED,
-            Parameter.GENERATOR_A_III_SPEED, Parameter.INVERSE_NUMBER_THEORETIC_TRANSFORM_III_SPEED,
-            Parameter.XI_III_SPEED,
-            PolynomialHeuristic.ZETA_III_SPEED,
-            Parameter.KEY_GENERATOR_BOUND_E_III_SPEED, Parameter.KEY_GENERATOR_BOUND_S_III_SPEED
-
-        );
-
-    }
-
-    /*******************************************************************************************************************************************************
-     * Description:	Generates A Pair of Public Key and Private Key for qTESLA Signature Scheme for Provably-Secure qTESLA Security Category-1
-     * 				and Category-3
-     *
-     * @param        publicKey                            Contains Public Key
-     * @param        privateKey                            Contains Private Key
-     * @param        secureRandom                        Source of Randomness
-     * @param        n                                    Polynomial Degree
-     * @param        k                                    Number of Ring-Learning-With-Errors Samples
-     * @param        h                                    Number of Non-Zero Entries of Output Elements of Encryption
-     * @param        q                                    Modulus
-     * @param        qInverse
-     * @param        qLogarithm                            q <= 2 ^ qLogarithm
-     * @param        generatorA
-     * @param        inverseNumberTheoreticTransform
-     * @param        xi
-     * @param        zeta
-     * @param        errorBound                            Bound in Checking Error Polynomial
-     * @param        secretBound                            Bound in Checking Secret Polynomial
-     *
-     * @return 0                                    Successful Execution
-     *******************************************************************************************************************************************************/
-    private static int generateKeyPair(
-
-        byte[] publicKey, byte[] privateKey, SecureRandom secureRandom,
-        int n, int k, int h, int q, long qInverse, int qLogarithm, int generatorA, int inverseNumberTheoreticTransform, double xi,
-        long[] zeta,
-        int errorBound, int secretBound
-
-    )
-    {
-
-        /* Initialize Domain Separator for Error Polynomial and Secret Polynomial */
-        int nonce = 0;
-
-        long mask;
-
-        byte[] randomness = new byte[Polynomial.RANDOM];
-
-        /* Extend Random Bytes to Seed Generation of Error Polynomial and Secret Polynomial */
-        byte[] randomnessExtended = new byte[Polynomial.SEED * (k + 3)];
-
-        long[] secretPolynomial = new long[n];
-        long[] secretPolynomialNumberTheoreticTransform = new long[n];
-        long[] errorPolynomial = new long[n * k];
-        long[] A = new long[n * k];
-        long[] T = new long[n * k];
-
-        /* Get randomnessExtended <- seedErrorPolynomial, seedSecretPolynomial, seedA, seedY */
-//        rng.randomByte(randomness, 0, Polynomial.RANDOM);
-        secureRandom.nextBytes (randomness);
-
-        if (q == Parameter.Q_I_P)
-        {
-
-            HashUtils.secureHashAlgorithmKECCAK128(
-                randomnessExtended, 0, Polynomial.SEED * (k + 3), randomness, 0, Polynomial.RANDOM
-            );
-
-        }
-
-        if (q == Parameter.Q_III_P)
-        {
-
-            HashUtils.secureHashAlgorithmKECCAK256(
-                randomnessExtended, 0, Polynomial.SEED * (k + 3), randomness, 0, Polynomial.RANDOM
-            );
-
-        }
-
-        /*
-         * Sample the Error Polynomial Fulfilling the Criteria
-         * Choose All Error Polynomial_i in R with Entries from D_SIGMA
-         * Repeat Step at Iteration if the h Largest Entries of Error Polynomial_k Summation to L_E
-         */
-        for (int i = 0; i < k; i++)
-        {
-
-            do
-            {
-
-                if (q == Parameter.Q_I_P)
-                {
-
-                    Sample.polynomialGaussSamplerIP(errorPolynomial, n * i, randomnessExtended, Polynomial.SEED * i, ++nonce);
-
-                }
-
-                if (q == Parameter.Q_III_P)
-                {
-
-                    Sample.polynomialGaussSamplerIIIP(errorPolynomial, n * i, randomnessExtended, Polynomial.SEED * i, ++nonce);
-
-                }
-
-            }
-            while (checkPolynomial(errorPolynomial, n * i, errorBound, n, h) == true);
-
-        }
-
-        /*
-         * Sample the Secret Polynomial Fulfilling the Criteria
-         * Choose Secret Polynomial in R with Entries from D_SIGMA
-         * Repeat Step if the h Largest Entries of Secret Polynomial Summation to L_S
-         */
-        do
-        {
-
-            if (q == Parameter.Q_I_P)
-            {
-
-                Sample.polynomialGaussSamplerIP(secretPolynomial, 0, randomnessExtended, Polynomial.SEED * k, ++nonce);
-
-            }
-
-            if (q == Parameter.Q_III_P)
-            {
-
-                Sample.polynomialGaussSamplerIIIP(secretPolynomial, 0, randomnessExtended, Polynomial.SEED * k, ++nonce);
-
-            }
-
-        }
-        while (checkPolynomial(secretPolynomial, 0, secretBound, n, h) == true);
-
-        /* Generate Uniform Polynomial A */
-        Polynomial.polynomialUniform(
-            A, randomnessExtended, Polynomial.SEED * (k + 1), n, k, q, qInverse, qLogarithm, generatorA, inverseNumberTheoreticTransform
-        );
-
-        Polynomial.polynomialNumberTheoreticTransform(secretPolynomialNumberTheoreticTransform, secretPolynomial, n);
-
-        /* Compute the Public Key T = A * secretPolynomial + errorPolynomial */
-        for (int i = 0; i < k; i++)
-        {
-
-            Polynomial.polynomialMultiplication(T, n * i, A, n * i, secretPolynomialNumberTheoreticTransform, 0, n, q, qInverse);
-            Polynomial.polynomialAddition(T, n * i, T, n * i, errorPolynomial, n * i, n);
-
-            for (int j = 0; j < n; j++)
-            {
-
-                mask = (q - T[n * i + j]) >> 63;
-                T[n * i + j] -= (q & mask);
-
-            }
-
-        }
-
-        /* Pack Public and Private Keys */
-        Pack.packPrivateKey(privateKey, secretPolynomial, errorPolynomial, randomnessExtended, Polynomial.SEED * (k + 1), n, k);
-
-        if (q == Parameter.Q_I_P)
-        {
-
-            Pack.encodePublicKeyIP(publicKey, T, randomnessExtended, Polynomial.SEED * (k + 1));
-
-        }
-
-        if (q == Parameter.Q_III_P)
-        {
-
-            Pack.encodePublicKeyIIIP(publicKey, T, randomnessExtended, Polynomial.SEED * (k + 1));
-
-        }
-
-        return 0;
-
-    }
-
-    /****************************************************************************************************************************************************************
-     * Description:	Generates A Pair of Public Key and Private Key for qTESLA Signature Scheme for Provably-Secure qTESLA Security Category-1
-     *
-     * @param        publicKey                            Contains Public Key
-     * @param        privateKey                            Contains Private Key
-     * @param        secureRandom                        Source of Randomness
-     *
-     * @return 0                                    Successful Execution
-     ****************************************************************************************************************************************************************/
-    public static int generateKeyPairIP(byte[] publicKey, byte[] privateKey, SecureRandom secureRandom)
-    {
-
-        return generateKeyPair(
-
-            publicKey, privateKey, secureRandom,
-            Parameter.N_I_P, Parameter.K_I_P, Parameter.H_I_P, Parameter.Q_I_P, Parameter.Q_INVERSE_I_P, Parameter.Q_LOGARITHM_I_P,
-            Parameter.GENERATOR_A_I_P, Parameter.INVERSE_NUMBER_THEORETIC_TRANSFORM_I_P,
-            Parameter.XI_I_P,
-            PolynomialProvablySecure.ZETA_I_P,
-            Parameter.KEY_GENERATOR_BOUND_E_I_P, Parameter.KEY_GENERATOR_BOUND_S_I_P
-
-        );
-
-    }
-
-    /****************************************************************************************************************************************************************
-     * Description:	Generates A Pair of Public Key and Private Key for qTESLA Signature Scheme for Provably-Secure qTESLA Security Category-3
-     *
-     * @param        publicKey                            Contains Public Key
-     * @param        privateKey                            Contains Private Key
-     * @param        secureRandom                        Source of Randomness
-     *
-     * @return 0                                    Successful Execution
-     ****************************************************************************************************************************************************************/
-    public static int generateKeyPairIIIP(byte[] publicKey, byte[] privateKey, SecureRandom secureRandom)
-    {
-
-        return generateKeyPair(
-
-            publicKey, privateKey, secureRandom,
-            Parameter.N_III_P, Parameter.K_III_P, Parameter.H_III_P, Parameter.Q_III_P, Parameter.Q_INVERSE_III_P, Parameter.Q_LOGARITHM_III_P,
-            Parameter.GENERATOR_A_III_P, Parameter.INVERSE_NUMBER_THEORETIC_TRANSFORM_III_P,
-            Parameter.XI_III_P,
-            PolynomialProvablySecure.ZETA_III_P,
-            Parameter.KEY_GENERATOR_BOUND_E_III_P, Parameter.KEY_GENERATOR_BOUND_S_III_P
-
-        );
-
-    }
-
-    /******************************************************************************************************************************************************
-     * Description:	Generates A Signature for A Given Message According to the Ring-TESLA Signature Scheme for Heuristic qTESLA Security Category-1 and
-     * 				Security Category-3 (Option for Size or Speed)
-     *
-     * @param        message                                Message to be Signed
-     * @param        messageOffset                        Starting Point of the Message to be Signed
-     * @param        messageLength                        Length of the Message to be Signed
-     * @param        signature                            Output Package Containing Signature
-     * @param        privateKey                            Private Key
-     * @param        secureRandom                        Source of Randomness
-     * @param        n                                    Polynomial Degree
-     * @param        h                                    Number of Non-Zero Entries of Output Elements of Encryption
-     * @param        q                                    Modulus
-     * @param        qInverse
-     * @param        qLogarithm                            q <= 2 ^ qLogarithm
-     * @param        b                                    Determines the Interval the Randomness is Chosen in During Signing
-     * @param        bBit                                b = (2 ^ bBit) - 1
-     * @param        d                                    Number of Rounded Bits
-     * @param        u                                    Bound in Checking Secret Polynomial
-     * @param        rejection                            Bound in Checking Error Polynomial
-     * @param        generatorA
-     * @param        inverseNumberTheoreticTransform
-     * @param        barrettMultiplication
-     * @param        barrettDivision
-     * @param        zeta
-     *
-     * @return 0                                    Successful Execution
-     ******************************************************************************************************************************************************/
-    private static int signing(
-
-        byte[] signature,
-        final byte[] message, int messageOffset, int messageLength,
-        final byte[] privateKey, SecureRandom secureRandom,
-        int n, int h, int q, long qInverse, int qLogarithm, int b, int bBit, int d, int u, int rejection,
-        int generatorA, int inverseNumberTheoreticTransform,
-        int barrettMultiplication, int barrettDivision,
-        int[] zeta
-
-    )
-    {
-
-        byte[] C = new byte[Polynomial.HASH];
-        byte[] randomness = new byte[Polynomial.SEED];
-        byte[] randomnessInput = new byte[Polynomial.RANDOM + Polynomial.SEED + Polynomial.MESSAGE];
-        byte[] seed = new byte[Polynomial.SEED * 2];
-        byte[] temporaryRandomnessInput	= new byte[Polynomial.RANDOM];
-        int[] positionList = new int[h];
-        short[] signList = new short[h];
-        short[] secretPolynomial = new short[n];
-        short[] errorPolynomial = new short[n];
-
-        int[] A = new int[n];
-        int[] V = new int[n];
-        int[] Y = new int[n];
-        int[] Z = new int[n];
-        int[] SC = new int[n];
-        int[] EC = new int[n];
-
-        /* Domain Separator for Sampling Y */
-        int nonce = 0;
-
-        if (q == Parameter.Q_I)
-        {
-
-            Pack.decodePrivateKeyI(seed, secretPolynomial, errorPolynomial, privateKey);
-
-        }
-
-        if (q == Parameter.Q_III_SIZE)
-        {
-
-            Pack.decodePrivateKeyIIISize(seed, secretPolynomial, errorPolynomial, privateKey);
-
-        }
-
-        if (q == Parameter.Q_III_SPEED)
-        {
-
-            Pack.decodePrivateKeyIIISpeed(seed, secretPolynomial, errorPolynomial, privateKey);
-
-        }
-
-//        rng.randomByte(randomnessInput, Polynomial.RANDOM, Polynomial.RANDOM);
-         secureRandom.nextBytes (temporaryRandomnessInput);
-         System.arraycopy (temporaryRandomnessInput, 0, randomnessInput, Polynomial.RANDOM, Polynomial.RANDOM);
-
-        System.arraycopy(seed, Polynomial.SEED, randomnessInput, 0, Polynomial.SEED);
-
-        if (q == Parameter.Q_I)
-        {
-
-            HashUtils.secureHashAlgorithmKECCAK128(
-                randomnessInput, Polynomial.RANDOM + Polynomial.SEED, Polynomial.MESSAGE, message, 0, messageLength
-            );
-
-            HashUtils.secureHashAlgorithmKECCAK128(
-                randomness, 0, Polynomial.SEED, randomnessInput, 0, Polynomial.RANDOM + Polynomial.SEED + Polynomial.MESSAGE
-            );
-
-        }
-
-        if (q == Parameter.Q_III_SIZE || q == Parameter.Q_III_SPEED)
-        {
-
-            HashUtils.secureHashAlgorithmKECCAK256(
-                randomnessInput, Polynomial.RANDOM + Polynomial.SEED, Polynomial.MESSAGE, message, 0, messageLength
-            );
-
-            HashUtils.secureHashAlgorithmKECCAK256(
-                randomness, 0, Polynomial.SEED, randomnessInput, 0, Polynomial.RANDOM + Polynomial.SEED + Polynomial.MESSAGE
-            );
-
-        }
-
-        Polynomial.polynomialUniform(A, seed, 0, n, q, qInverse, qLogarithm, generatorA, inverseNumberTheoreticTransform);
-
-        /* Loop Due to Possible Rejection */
-        while (true)
-        {
-
-            /* Sample Y Uniformly Random from -B to B */
-            Sample.sampleY(Y, randomness, 0, ++nonce, n, q, b, bBit);
-
-            /* V = A * Y Modulo Q */
-            Polynomial.polynomialMultiplication(V, A, Y, n, q, qInverse, zeta);
-
-            hashFunction(C, 0, V, randomnessInput, Polynomial.RANDOM + Polynomial.SEED, n, d, q);
-
-            /* Generate C = EncodeC (C') Where C' is the Hashing of V Together with Message */
-            Sample.encodeC(positionList, signList, C, 0, n, h);
-
-            Polynomial.sparsePolynomialMultiplication16(SC, secretPolynomial, positionList, signList, n, h);
-
-            /* Z = Y + EC Modulo Q */
-            Polynomial.polynomialAddition(Z, Y, SC, n);
-
-            /* Rejection Sampling */
-            if (testRejection(Z, n, b, u) == true)
-            {
-
-                continue;
-
-            }
-
-            Polynomial.sparsePolynomialMultiplication16(EC, errorPolynomial, positionList, signList, n, h);
-
-            /* V = V - EC modulo Q */
-            Polynomial.polynomialSubtractionCorrection(V, V, EC, n, q);
-
-            if (testV(V, n, d, q, rejection) == true)
-            {
-                continue;
-            }
-
-            if (q == Parameter.Q_I)
-            {
-                /* Pack Signature */
-                Pack.encodeSignature(signature, 0, C, 0, Z, n, d);
-            }
-
-            if (q == Parameter.Q_III_SIZE)
-            {
-                /* Pack Signature */
-                Pack.encodeSignature(signature, 0, C, 0, Z, n, d);
-            }
-
-            if (q == Parameter.Q_III_SPEED)
-            {
-                /* Pack Signature */
-                Pack.encodeSignatureIIISpeed(signature, 0, C, 0, Z);
-            }
-
-            return 0;
-
-        }
-
-    }
-
-    /*****************************************************************************************************************************************************
-     * Description:	Generates A Signature for A Given Message According to the Ring-TESLA Signature Scheme for Heuristic qTESLA Security Category-1
-     *
-     * @param        message                                Message to be Signed
-     * @param        messageOffset                        Starting Point of the Message to be Signed
-     * @param        messageLength                        Length of the Message to be Signed
-     * @param        signature                            Output Package Containing Signature
-     * @param        privateKey                            Private Key
-     * @param        secureRandom                        Source of Randomness
-     *
-     * @return 0                                    Successful Execution
-     *****************************************************************************************************************************************************/
-    static int signingI(
-
-        byte[] signature,
-        final byte[] message, int messageOffset, int messageLength,
-        final byte[] privateKey, SecureRandom secureRandom
-
-    )
-    {
-
-        return signing(
-
-            signature,
-            message, messageOffset, messageLength,
-            privateKey, secureRandom,
-            Parameter.N_I, Parameter.H_I, Parameter.Q_I, Parameter.Q_INVERSE_I, Parameter.Q_LOGARITHM_I,
-            Parameter.B_I, Parameter.B_BIT_I, Parameter.D_I, Parameter.U_I, Parameter.REJECTION_I,
-            Parameter.GENERATOR_A_I, Parameter.INVERSE_NUMBER_THEORETIC_TRANSFORM_I,
-            Parameter.BARRETT_MULTIPLICATION_I, Parameter.BARRETT_DIVISION_I,
-            PolynomialHeuristic.ZETA_I
-
-        );
-
-    }
-
-    /*****************************************************************************************************************************************************
-     * Description:	Generates A Signature for A Given Message According to the Ring-TESLA Signature Scheme for Heuristic qTESLA Security Category-3
-     * 				(Option for Size)
-     *
-     * @param        message                                Message to be Signed
-     * @param        messageOffset                        Starting Point of the Message to be Signed
-     * @param        messageLength                        Length of the Message to be Signed
-     * @param        signature                            Output Package Containing Signature
-     * @param        privateKey                            Private Key
-     * @param        secureRandom                        Source of Randomness
-     *
-     * @return 0                                    Successful Execution
-     *****************************************************************************************************************************************************/
-    static int signingIIISize(
-
-        byte[] signature,
-        final byte[] message, int messageOffset, int messageLength,
-        final byte[] privateKey, SecureRandom secureRandom
-
-    )
-    {
-
-        return signing(
-
-            signature,
-            message, messageOffset, messageLength,
-            privateKey, secureRandom,
-            Parameter.N_III_SIZE, Parameter.H_III_SIZE, Parameter.Q_III_SIZE, Parameter.Q_INVERSE_III_SIZE, Parameter.Q_LOGARITHM_III_SIZE,
-            Parameter.B_III_SIZE, Parameter.B_BIT_III_SIZE, Parameter.D_III_SIZE, Parameter.U_III_SIZE, Parameter.REJECTION_III_SIZE,
-            Parameter.GENERATOR_A_III_SIZE, Parameter.INVERSE_NUMBER_THEORETIC_TRANSFORM_III_SIZE,
-            Parameter.BARRETT_MULTIPLICATION_III_SIZE, Parameter.BARRETT_DIVISION_III_SIZE,
-            PolynomialHeuristic.ZETA_III_SIZE
-
-        );
-
-    }
-
-    /****************************************************************************************************************************************************
-     * Description:	Generates A Signature for A Given Message According to the Ring-TESLA Signature Scheme for Heuristic qTESLA Security Category-3
-     *				(Option for Speed)
-     *
-     * @param        message                                Message to be Signed
-     * @param        messageOffset                        Starting Point of the Message to be Signed
-     * @param        messageLength                        Length of the Message to be Signed
-     * @param        signature                            Output Package Containing Signature
-     * @param        privateKey                            Private Key
-     * @param        secureRandom                        Source of Randomness
-     *
-     * @return 0                                    Successful Execution
-     ****************************************************************************************************************************************************/
-    static int signingIIISpeed(
-
-        byte[] signature,
-        final byte[] message, int messageOffset, int messageLength,
-        final byte[] privateKey, SecureRandom secureRandom
-
-    )
-    {
-
-        return signing(
-
-            signature,
-            message, messageOffset, messageLength,
-            privateKey, secureRandom,
-            Parameter.N_III_SPEED, Parameter.H_III_SPEED, Parameter.Q_III_SPEED, Parameter.Q_INVERSE_III_SPEED, Parameter.Q_LOGARITHM_III_SPEED,
-            Parameter.B_III_SPEED, Parameter.B_BIT_III_SPEED, Parameter.D_III_SPEED, Parameter.U_III_SPEED, Parameter.REJECTION_III_SPEED,
-            Parameter.GENERATOR_A_III_SPEED, Parameter.INVERSE_NUMBER_THEORETIC_TRANSFORM_III_SPEED,
-            Parameter.BARRETT_MULTIPLICATION_III_SPEED, Parameter.BARRETT_DIVISION_III_SPEED,
-            PolynomialHeuristic.ZETA_III_SPEED
-
-        );
-
-    }
-
-    /*****************************************************************************************************************************************************
-     * Description:	Generates A Signature for A Given Message According to the Ring-TESLA Signature Scheme for Provably-Secure qTESLA Security Category-1
-     *				and Category-3
-     *
-     * @param        message                                Message to be Signed
-     * @param        messageOffset                        Starting Point of the Message to be Signed
-     * @param        messageLength                        Length of the Message to be Signed
-     * @param        signature                            Output Package Containing Signature
-     * @param        privateKey                            Private Key
-     * @param        secureRandom                        Source of Randomness
-     * @param        n                                    Polynomial Degree
-     * @param        k                                    Number of Ring-Learning-With-Errors Samples
-     * @param        h                                    Number of Non-Zero Entries of Output Elements of Encryption
-     * @param        q                                    Modulus
-     * @param        qInverse
-     * @param        qLogarithm                            q <= 2 ^ qLogarithm
-     * @param        b                                    Determines the Interval the Randomness is Chosen in During Signing
-     * @param        bBit                                b = (2 ^ bBit) - 1
-     * @param        d                                    Number of Rounded Bits
-     * @param        u                                    Bound in Checking Secret Polynomial
-     * @param        rejection                            Bound in Checking Error Polynomial
-     * @param        generatorA
-     * @param        inverseNumberTheoreticTransform
-     * @param        privateKeySize                        Size of the Private Key
-     * @param        barrettMultiplication
-     * @param        barrettDivision
-     *
-     * @return 0                                    Successful Execution
-     *****************************************************************************************************************************************************/
-    private static int signing(
-
-        byte[] signature,
-        final byte[] message, int messageOffset, int messageLength,
-        final byte[] privateKey, SecureRandom secureRandom,
-        int n, int k, int h, int q, long qInverse, int qLogarithm, int b, int bBit, int d, int u, int rejection,
-        int generatorA, int inverseNumberTheoreticTransform, int privateKeySize,
-        int barrettMultiplication, int barrettDivision
-
-    )
-    {
-
-        byte[] C = new byte[Polynomial.HASH];
-        byte[] randomness = new byte[Polynomial.SEED];
-        byte[] randomnessInput = new byte[Polynomial.RANDOM + Polynomial.SEED + Polynomial.MESSAGE];
-        byte[] temporaryRandomnessInput	= new byte[Polynomial.RANDOM];
-        int[] positionList = new int[h];
-        short[] signList = new short[h];
-
-        long[] A = new long[n * k];
-        long[] V = new long[n * k];
-        long[] Y = new long[n];
-        long[] numberTheoreticTransformY = new long[n];
-        long[] Z = new long[n];
-        long[] SC = new long[n];
-        long[] EC = new long[n * k];
-
-        boolean response = false;
-
-        /* Domain Separator for Sampling Y */
-        int nonce = 0;
-
-//        rng.randomByte(randomnessInput, Polynomial.RANDOM, Polynomial.RANDOM);
-        secureRandom.nextBytes (temporaryRandomnessInput);
-        System.arraycopy (temporaryRandomnessInput, 0, randomnessInput, Polynomial.RANDOM, Polynomial.RANDOM);
-        System.arraycopy(privateKey, privateKeySize - Polynomial.SEED, randomnessInput, 0, Polynomial.SEED);
-
-        if (q == Parameter.Q_I_P)
-        {
-
-            HashUtils.secureHashAlgorithmKECCAK128(
-                randomnessInput, Polynomial.RANDOM + Polynomial.SEED, Polynomial.MESSAGE, message, 0, messageLength
-            );
-
-
-            HashUtils.secureHashAlgorithmKECCAK128(
-                randomness, 0, Polynomial.SEED, randomnessInput, 0, Polynomial.RANDOM + Polynomial.SEED + Polynomial.MESSAGE
-            );
-
-        }
-
-        if (q == Parameter.Q_III_P)
-        {
-
-            HashUtils.secureHashAlgorithmKECCAK256(
-                randomnessInput, Polynomial.RANDOM + Polynomial.SEED, Polynomial.MESSAGE, message, 0, messageLength
-            );
-
-
-            HashUtils.secureHashAlgorithmKECCAK256(
-                randomness, 0, Polynomial.SEED, randomnessInput, 0, Polynomial.RANDOM + Polynomial.SEED + Polynomial.MESSAGE
-            );
-
-        }
-
-        Polynomial.polynomialUniform(
-            A, privateKey, privateKeySize - 2 * Polynomial.SEED, n, k, q, qInverse, qLogarithm, generatorA, inverseNumberTheoreticTransform
-        );
-
-        /* Loop Due to Possible Rejection */
-        while (true)
-        {
-
-            /* Sample Y Uniformly Random from -B to B */
-            Sample.sampleY(Y, randomness, 0, ++nonce, n, q, b, bBit);
-
-            Polynomial.polynomialNumberTheoreticTransform(numberTheoreticTransformY, Y, n);
-
-            /* V_i = A_i * Y Modulo Q for All i */
-            for (int i = 0; i < k; i++)
-            {
-
-                Polynomial.polynomialMultiplication(V, n * i, A, n * i, numberTheoreticTransformY, 0, n, q, qInverse);
-
-            }
-
-            hashFunction(C, 0, V, randomnessInput, Polynomial.RANDOM + Polynomial.SEED, n, k, d, q);
-
-            /* Generate C = EncodeC (C') Where C' is the Hashing of V Together with Message */
-            Sample.encodeC(positionList, signList, C, 0, n, h);
-
-            Polynomial.sparsePolynomialMultiplication8(SC, 0, privateKey, 0, positionList, signList, n, h);
-
-            /* Z = Y + EC modulo Q */
-            Polynomial.polynomialAddition(Z, 0, Y, 0, SC, 0, n);
-
-            /* Rejection Sampling */
-            if (testRejection(Z, n, b, u) == true)
-            {
-
-                continue;
-
-            }
-
-            for (int i = 0; i < k; i++)
-            {
-
-                Polynomial.sparsePolynomialMultiplication8(EC, n * i, privateKey, n * (i + 1), positionList, signList, n, h);
-
-                /* V_i = V_i - EC_i Modulo Q for All k */
-                Polynomial.polynomialSubtraction(V, n * i, V, n * i, EC, n * i, n, q, barrettMultiplication, barrettDivision);
-
-                response = testV(V, n * i, n, d, q, rejection);
-
-                if (response == true)
-                {
-
-                    break;
-
-                }
-
-            }
-
-            if (response == true)
-            {
-
-                continue;
-
-            }
-
-            if (q == Parameter.Q_I_P)
-            {
-                /* Pack Signature */
-                Pack.encodeSignatureIP(signature, 0, C, 0, Z);
-
-            }
-
-            if (q == Parameter.Q_III_P)
-            {
-                /* Pack Signature */
-                Pack.encodeSignatureIIIP(signature, 0, C, 0, Z);
-            }
-
-            return 0;
-
-        }
-
-    }
-
-    /*****************************************************************************************************************************************************
-     * Description:	Generates A Signature for A Given Message According to the Ring-TESLA Signature Scheme for Provably-Secure qTESLA Security Category-1
-     *
-     * @param        message                                Message to be Signed
-     * @param        messageOffset                        Starting Point of the Message to be Signed
-     * @param        messageLength                        Length of the Message to be Signed
-     * @param        signature                            Output Package Containing Signature
-     * @param        privateKey                            Private Key
-     * @param        secureRandom                        Source of Randomness
-     *
-     * @return 0                                    Successful Execution
-     *****************************************************************************************************************************************************/
-    public static int signingIP(
-
-        byte[] signature,
-        final byte[] message, int messageOffset, int messageLength,
-        final byte[] privateKey, SecureRandom secureRandom
-
-    )
-    {
-
-        return signing(
-
-            signature,
-            message, messageOffset, messageLength,
-            privateKey, secureRandom,
-            Parameter.N_I_P, Parameter.K_I_P, Parameter.H_I_P, Parameter.Q_I_P, Parameter.Q_INVERSE_I_P, Parameter.Q_LOGARITHM_I_P,
-            Parameter.B_I_P, Parameter.B_BIT_I_P, Parameter.D_I_P, Parameter.U_I_P, Parameter.REJECTION_I_P,
-            Parameter.GENERATOR_A_I_P, Parameter.INVERSE_NUMBER_THEORETIC_TRANSFORM_I_P, Polynomial.PRIVATE_KEY_I_P,
-            Parameter.BARRETT_MULTIPLICATION_I_P, Parameter.BARRETT_DIVISION_I_P
-
-        );
-
-    }
-
-    /**********************************************************************************************************************************************
-     * Description:	Generates A Signature for A Given Message According to the Ring-TESLA Signature Scheme for Provably-Secure
-     * 				qTESLA Security Category-3
-     *
-     * @param        message                                Message to be Signed
-     * @param        messageOffset                        Starting Point of the Message to be Signed
-     * @param        messageLength                        Length of the Message to be Signed
-     * @param        signature                            Output Package Containing Signature
-     * @param        privateKey                            Private Key
-     * @param        secureRandom                        Source of Randomness
-     *
-     * @return 0                                    Successful Execution
-     **********************************************************************************************************************************************/
-    public static int signingIIIP(
-
-        byte[] signature,
-        final byte[] message, int messageOffset, int messageLength,
-        final byte[] privateKey, SecureRandom secureRandom
-
-    )
-    {
-
-        return signing(
-
-            signature,
-            message, messageOffset, messageLength,
-            privateKey, secureRandom,
-            Parameter.N_III_P, Parameter.K_III_P, Parameter.H_III_P, Parameter.Q_III_P, Parameter.Q_INVERSE_III_P, Parameter.Q_LOGARITHM_III_P,
-            Parameter.B_III_P, Parameter.B_BIT_III_P, Parameter.D_III_P, Parameter.U_III_P, Parameter.REJECTION_III_P,
-            Parameter.GENERATOR_A_III_P, Parameter.INVERSE_NUMBER_THEORETIC_TRANSFORM_III_P, Polynomial.PRIVATE_KEY_III_P,
-            Parameter.BARRETT_MULTIPLICATION_III_P, Parameter.BARRETT_DIVISION_III_P
-
-        );
-
-    }
-
-    /*********************************************************************************************************************************
-     * Description:	Extracts the Original Message and Checks Whether the Generated Signature is Valid for A Given Signature Package
-     * 				for Heuristic qTESLA Security Category-1 and Security Category-3 (Option for Size of Speed)
-     *
-     * @param        signature                            Given Signature Package
-     * @param        signatureOffset                        Starting Point of the Given Signature Package
-     * @param        signatureLength                        Length of the Given Signature Package
-     * @param        message                                Original (Signed) Message
-     * @param        publicKey                            Public Key
-     * @param        n                                    Polynomial Degree
-     * @param        h                                    Number of Non-Zero Entries of Output Elements of Encryption
-     * @param        q                                    Modulus
-     * @param        qInverse
-     * @param        qLogarithm                            q <= 2 ^ qLogarithm
-     * @param        b                                    Determines the Interval the Randomness is Chosen in During Signing
-     * @param        d                                    Number of Rounded Bits
-     * @param        u                                    Bound in Checking Secret Polynomial
-     * @param        r
-     * @param        signatureSize                        Size of the Given Signature Package
-     * @param        generatorA
-     * @param        inverseNumberTheoreticTransform
-     * @param        barrettMultiplication
-     * @param        barrettDivision
-     * @param        zeta
-     *
-     * @return 0                                    Valid Signature
-     * 				< 0									Invalid Signature
-     *********************************************************************************************************************************/
-    private static int verifying(
-
-        byte[] message,
-        final byte[] signature, int signatureOffset, int signatureLength,
-        final byte[] publicKey,
-        int n, int h, int q, long qInverse, int qLogarithm, int b, int d, int u, int r, int signatureSize,
-        int generatorA, int inverseNumberTheoreticTransform,
-        int barrettMultiplication, int barrettDivision,
-        int[] zeta
-
-    )
-    {
-
-        byte[] C = new byte[Polynomial.HASH];
-        byte[] cSignature = new byte[Polynomial.HASH];
-        byte[] seed = new byte[Polynomial.SEED];
-        byte[] hashMessage = new byte[Polynomial.MESSAGE];
-        int[] newPublicKey = new int[n];
-
-        int[] positionList = new int[h];
-        short[] signList = new short[h];
-
-        int[] W = new int[n];
-        int[] Z = new int[n];
-        int[] TC = new int[n];
-        int[] A = new int[n];
-
-        if (signatureLength < signatureSize)
-        {
-
-            return -1;
-
-        }
-
-        if (q == Parameter.Q_I || q == Parameter.Q_III_SIZE)
-        {
-
-            Pack.decodeSignature(C, Z, signature, signatureOffset, n, d);
-
-        }
-
-        if (q == Parameter.Q_III_SPEED)
-        {
-
-            Pack.decodeSignatureIIISpeed(C, Z, signature, signatureOffset);
-
-        }
-
-        /* Check Norm of Z */
-        if (testZ(Z, n, b, u) == true)
-        {
-
-            return -2;
-
-        }
-
-        if (q == Parameter.Q_I || q == Parameter.Q_III_SIZE)
-        {
-
-            Pack.decodePublicKey(newPublicKey, seed, 0, publicKey, n, qLogarithm);
-
-        }
-
-        if (q == Parameter.Q_III_SPEED)
-        {
-
-            Pack.decodePublicKeyIIISpeed(newPublicKey, seed, 0, publicKey);
-
-        }
-
-        /* Generate A Polynomial */
-        Polynomial.polynomialUniform(A, seed, 0, n, q, qInverse, qLogarithm, generatorA, inverseNumberTheoreticTransform);
-
-        Sample.encodeC(positionList, signList, C, 0, n, h);
-
-        /* W = A * Z - TC */
-        Polynomial.sparsePolynomialMultiplication32(TC, newPublicKey, positionList, signList, n, h);
-
-        Polynomial.polynomialMultiplication(W, A, Z, n, q, qInverse, zeta);
-
-        Polynomial.polynomialSubtractionMontgomery(W, W, TC, n, q, qInverse, r);
-
-        if (q == Parameter.Q_I)
-        {
-
-            HashUtils.secureHashAlgorithmKECCAK128(
-                hashMessage, 0, Polynomial.MESSAGE, message, 0, message.length
-            );
-
-        }
-
-        if (q == Parameter.Q_III_SIZE || q == Parameter.Q_III_SPEED)
-        {
-
-            HashUtils.secureHashAlgorithmKECCAK256(
-                hashMessage, 0, Polynomial.MESSAGE, message, 0, message.length
-            );
-
-        }
-
-        /* Obtain the Hash Symbol */
-        hashFunction(cSignature, 0, W, hashMessage, 0, n, d, q);
-
-        /* Check if Same With One from Signature */
-        if (CommonFunction.memoryEqual(C, 0, cSignature, 0, Polynomial.HASH) == false)
-        {
-            return -3;
-        }
-
-        return 0;
-
-    }
-
-    /*******************************************************************************************************
-     * Description:	Extracts the Original Message and Checks Whether the Generated Signature is Valid for
-     * 				A Given Signature Package for Heuristic qTESLA Security Category-1
-     *
-     * @param        signature                            Given Signature Package
-     * @param        signatureOffset                        Starting Point of the Given Signature Package
-     * @param        signatureLength                        Length of the Given Signature Package
-     * @param        message                                Original (Signed) Message
-     * @param        publicKey                            Public Key
-     *
-     * @return 0                                    Valid Signature
-     * 				< 0									Invalid Signature
-     *******************************************************************************************************/
-    static int verifyingI(
-
-        byte[] message,
-        final byte[] signature, int signatureOffset, int signatureLength,
-        final byte[] publicKey
-
-    )
-    {
-
-        return verifying(
-
-            message,
-            signature, signatureOffset, signatureLength,
-            publicKey,
-            Parameter.N_I, Parameter.H_I, Parameter.Q_I, Parameter.Q_INVERSE_I, Parameter.Q_LOGARITHM_I,
-            Parameter.B_I, Parameter.D_I, Parameter.U_I, Parameter.R_I,
-            Polynomial.SIGNATURE_I,
-            Parameter.GENERATOR_A_I, Parameter.INVERSE_NUMBER_THEORETIC_TRANSFORM_I,
-            Parameter.BARRETT_MULTIPLICATION_I, Parameter.BARRETT_DIVISION_I,
-            PolynomialHeuristic.ZETA_I
-
-        );
-
-    }
-
-    /******************************************************************************************************
-     * Description:	Extracts the Original Message and Checks Whether the Generated Signature is Valid for
-     *				A Given Signature Package for Heuristic qTESLA Security Category-3 (Option for Size)
-     *
-     * @param        signature                            Given Signature Package
-     * @param        signatureOffset                        Starting Point of the Given Signature Package
-     * @param        signatureLength                        Length of the Given Signature Package
-     * @param        message                                Original (Signed) Message
-     * @param        publicKey                            Public Key
-     *
-     * @return 0                                    Valid Signature
-     * 				< 0									Invalid Signature
-     ******************************************************************************************************/
-    static int verifyingIIISize(
-
-        byte[] message,
-        final byte[] signature, int signatureOffset, int signatureLength,
-        final byte[] publicKey
-
-    )
-    {
-
-        return verifying(
-
-            message,
-            signature, signatureOffset, signatureLength,
-            publicKey,
-            Parameter.N_III_SIZE, Parameter.H_III_SIZE,
-            Parameter.Q_III_SIZE, Parameter.Q_INVERSE_III_SIZE, Parameter.Q_LOGARITHM_III_SIZE,
-            Parameter.B_III_SIZE, Parameter.D_III_SIZE, Parameter.U_III_SIZE, Parameter.R_III_SIZE,
-            Polynomial.SIGNATURE_III_SIZE,
-            Parameter.GENERATOR_A_III_SIZE, Parameter.INVERSE_NUMBER_THEORETIC_TRANSFORM_III_SIZE,
-            Parameter.BARRETT_MULTIPLICATION_III_SIZE, Parameter.BARRETT_DIVISION_III_SIZE,
-            PolynomialHeuristic.ZETA_III_SIZE
-
-        );
-
-    }
-
-    /**********************************************************************************************************
-     * Description:	Extracts the Original Message and Checks Whether the Generated Signature is Valid for
-     * 				A Given Signature Package for Heuristic qTESLA Security Category-3 (Option for Speed)
-     *
-     * @param        signature                            Given Signature Package
-     * @param        signatureOffset                        Starting Point of the Given Signature Package
-     * @param        signatureLength                        Length of the Given Signature Package
-     * @param        message                                Original (Signed) Message
-     * @param        publicKey                            Public Key
-     *
-     * @return 0                                    Valid Signature
-     * 				< 0									Invalid Signature
-     **********************************************************************************************************/
-    static int verifyingIIISpeed(
-
-        byte[] message,
-        final byte[] signature, int signatureOffset, int signatureLength,
-        final byte[] publicKey
-
-    )
-    {
-
-        return verifying(
-
-            message,
-            signature, signatureOffset, signatureLength,
-            publicKey,
-            Parameter.N_III_SPEED, Parameter.H_III_SPEED,
-            Parameter.Q_III_SPEED, Parameter.Q_INVERSE_III_SPEED, Parameter.Q_LOGARITHM_III_SPEED,
-            Parameter.B_III_SPEED, Parameter.D_III_SPEED, Parameter.U_III_SPEED, Parameter.R_III_SPEED,
-            Polynomial.SIGNATURE_III_SPEED,
-            Parameter.GENERATOR_A_III_SPEED, Parameter.INVERSE_NUMBER_THEORETIC_TRANSFORM_III_SPEED,
-            Parameter.BARRETT_MULTIPLICATION_III_SPEED, Parameter.BARRETT_DIVISION_III_SPEED,
-            PolynomialHeuristic.ZETA_III_SPEED
-
-        );
-
-    }
-
-    /**************************************************************************************************************************
-     * Description:	Extracts the Original Message and Checks Whether the Generated Signature is Valid for A Given Signature
-     * 				Package for Provably-Secure qTESLA Security Category-1 and Category-3
-     *
-     * @param        signature                            Given Signature Package
-     * @param        signatureOffset                        Starting Point of the Given Signature Package
-     * @param        signatureLength                        Length of the Given Signature Package
-     * @param        message                                Original (Signed) Message
-     * @param        publicKey                            Public Key
-     * @param        n                                    Polynomial Degree
-     * @param        k                                    Number of Ring-Learning-With-Errors Samples
-     * @param        h                                    Number of Non-Zero Entries of Output Elements of Encryption
-     * @param        q                                    Modulus
-     * @param        qInverse
-     * @param        qLogarithm                            q <= 2 ^ qLogarithm
-     * @param        b                                    Determines the Interval the Randomness is Chosen in During Signing
-     * @param        d                                    Number of Rounded Bits
-     * @param        u                                    Bound in Checking Secret Polynomial
-     * @param        generatorA
-     * @param        inverseNumberTheoreticTransform
-     * @param        barrettMultiplication
-     * @param        barrettDivision
-     * @param        zeta
-     *
-     * @return 0                                    Valid Signature
-     * 				< 0									Invalid Signature
-     *************************************************************************************************************************/
-    private static int verifying(
-
-        byte[] message,
-        final byte[] signature, int signatureOffset, int signatureLength,
-        final byte[] publicKey,
-        int n, int k, int h, int q, long qInverse, int qLogarithm, int b, int d, int u, int signatureSize,
-        int generatorA, int inverseNumberTheoreticTransform,
-        int barrettMultiplication, int barrettDivision,
-        long[] zeta
-
-    )
-    {
-
-        byte[] C = new byte[Polynomial.HASH];
-        byte[] cSignature = new byte[Polynomial.HASH];
-        byte[] seed = new byte[Polynomial.SEED];
-        byte[] hashMessage = new byte[Polynomial.MESSAGE];
-        int[] newPublicKey = new int[n * k];
-
-        int[] positionList = new int[h];
-        short[] signList = new short[h];
-
-        long[] W = new long[n * k];
-        long[] Z = new long[n];
-        long[] numberTheoreticTransformZ = new long[n];
-        long[] TC = new long[n * k];
-        long[] A = new long[n * k];
-
-        if (signatureLength < signatureSize)
-        {
-
-            return -1;
-
-        }
-
-        if (q == Parameter.Q_I_P)
-        {
-
-            Pack.decodeSignatureIP(C, Z, signature, signatureOffset);
-
-        }
-
-        if (q == Parameter.Q_III_P)
-        {
-
-            Pack.decodeSignatureIIIP(C, Z, signature, signatureOffset);
-
-        }
-
-        /* Check Norm of Z */
-        if (testZ(Z, n, b, u) == true)
-        {
-
-            return -2;
-
-        }
-
-        if (q == Parameter.Q_I_P)
-        {
-
-            Pack.decodePublicKeyIP(newPublicKey, seed, 0, publicKey);
-
-        }
-
-        if (q == Parameter.Q_III_P)
-        {
-
-            Pack.decodePublicKeyIIIP(newPublicKey, seed, 0, publicKey);
-
-        }
-
-        /* Generate A Polynomial */
-        Polynomial.polynomialUniform(A, seed, 0, n, k, q, qInverse, qLogarithm, generatorA, inverseNumberTheoreticTransform);
-
-        Sample.encodeC(positionList, signList, C, 0, n, h);
-
-        Polynomial.polynomialNumberTheoreticTransform(numberTheoreticTransformZ, Z, n);
-
-        /* W_i = A_i * Z_i - TC_i for All i */
-        for (int i = 0; i < k; i++)
-        {
-
-            Polynomial.polynomialMultiplication(W, n * i, A, n * i, numberTheoreticTransformZ, 0, n, q, qInverse);
-
-            Polynomial.sparsePolynomialMultiplication32(
-                TC, n * i, newPublicKey, n * i, positionList, signList, n, h, q, barrettMultiplication, barrettDivision
-            );
-
-            Polynomial.polynomialSubtraction(W, n * i, W, n * i, TC, n * i, n, q, barrettMultiplication, barrettDivision);
-
-        }
-
-        if (q == Parameter.Q_I_P)
-        {
-
-            HashUtils.secureHashAlgorithmKECCAK128(
-                hashMessage, 0, Polynomial.MESSAGE, message, 0, message.length
-            );
-
-        }
-
-        if (q == Parameter.Q_III_P)
-        {
-
-            HashUtils.secureHashAlgorithmKECCAK256(
-                hashMessage, 0, Polynomial.MESSAGE, message, 0, message.length
-            );
-
-        }
-
-        /* Obtain the Hash Symbol */
-        hashFunction(cSignature, 0, W, hashMessage, 0, n, k, d, q);
-
-        /* Check if Same with One from Signature */
-        if (CommonFunction.memoryEqual(C, 0, cSignature, 0, Polynomial.HASH) == false)
-        {
-            return -3;
-        }
-
-        return 0;
-
-    }
-
-    /*****************************************************************************************************
-     * Description:	Extracts the Original Message and Checks Whether the Generated Signature is Valid for
-     * 				A Given Signature Package for Provably-Secure qTESLA Security Category-1
-     *
-     * @param        signature                            Given Signature Package
-     * @param        signatureOffset                        Starting Point of the Given Signature Package
-     * @param        signatureLength                        Length of the Given Signature Package
-     * @param        message                                Original (Signed) Message
-     * @param        publicKey                            Public Key
-     *
-     * @return 0                                    Valid Signature
-     * 				< 0									Invalid Signature
-     *****************************************************************************************************/
-    static int verifyingPI(
-        byte[] message,
-        final byte[] signature, int signatureOffset, int signatureLength,
-        final byte[] publicKey
-    )
-    {
-
-        return verifying(
-
-            message,
-            signature, signatureOffset, signatureLength,
-            publicKey,
-            Parameter.N_I_P, Parameter.K_I_P, Parameter.H_I_P,
-            Parameter.Q_I_P, Parameter.Q_INVERSE_I_P, Parameter.Q_LOGARITHM_I_P,
-            Parameter.B_I_P, Parameter.D_I_P, Parameter.U_I_P, Polynomial.SIGNATURE_I_P,
-            Parameter.GENERATOR_A_I_P, Parameter.INVERSE_NUMBER_THEORETIC_TRANSFORM_I_P,
-            Parameter.BARRETT_MULTIPLICATION_I_P, Parameter.BARRETT_DIVISION_I_P,
-            PolynomialProvablySecure.ZETA_I_P
-
-        );
-
-    }
-
-    /*****************************************************************************************************
-     * Description:	Extracts the Original Message and Checks Whether the Generated Signature is Valid for
-     * 				A Given Signature Package for Provably-Secure qTESLA Security Category-3
-     *
-     * @param        signature                            Given Signature Package
-     * @param        signatureOffset                        Starting Point of the Given Signature Package
-     * @param        signatureLength                        Length of the Given Signature Package
-     * @param        message                                Original (Signed) Message
-     * @param        publicKey                            Public Key
-     *
-     * @return 0                                    Valid Signature
-     * 				< 0									Invalid Signature
-     *****************************************************************************************************/
-    static int verifyingPIII(
-
-        byte[] message,
-        final byte[] signature, int signatureOffset, int signatureLength,
-        final byte[] publicKey
-
-    )
-    {
-        return verifying(
-            message,
-            signature, signatureOffset, signatureLength,
-            publicKey,
-            Parameter.N_III_P, Parameter.K_III_P, Parameter.H_III_P,
-            Parameter.Q_III_P, Parameter.Q_INVERSE_III_P, Parameter.Q_LOGARITHM_III_P,
-            Parameter.B_III_P, Parameter.D_III_P, Parameter.U_III_P, Polynomial.SIGNATURE_III_P,
-            Parameter.GENERATOR_A_III_P, Parameter.INVERSE_NUMBER_THEORETIC_TRANSFORM_III_P,
-            Parameter.BARRETT_MULTIPLICATION_III_P, Parameter.BARRETT_DIVISION_III_P,
-            PolynomialProvablySecure.ZETA_III_P
-        );
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/QTESLAKeyGenerationParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/QTESLAKeyGenerationParameters.java
deleted file mode 100644
index 7992330..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/QTESLAKeyGenerationParameters.java
+++ /dev/null

@@ -1,39 +0,0 @@
-package org.bouncycastle.pqc.crypto.qtesla;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.KeyGenerationParameters;
-
-/**
- * qTESLA key-pair generation parameters.
- */
-public class QTESLAKeyGenerationParameters
-    extends KeyGenerationParameters
-{
-    private final int securityCategory;
-
-    /**
-     * Base constructor - provide the qTESLA security category and a source of randomness.
-     *
-     * @param securityCategory the security category to generate the parameters for.
-     * @param random           the random byte source.
-     */
-    public QTESLAKeyGenerationParameters(int securityCategory, SecureRandom random)
-    {
-        super(random, -1);
-
-        QTESLASecurityCategory.getPrivateSize(securityCategory);  // check the category is valid
-
-        this.securityCategory = securityCategory;
-    }
-
-    /**
-      * Return the security category for these parameters.
-      *
-      * @return the security category for keys generated using these parameters.
-      */
-    public int getSecurityCategory()
-    {
-        return securityCategory;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/QTESLAKeyPairGenerator.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/QTESLAKeyPairGenerator.java
deleted file mode 100644
index b3b5dc3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/QTESLAKeyPairGenerator.java
+++ /dev/null

@@ -1,78 +0,0 @@
-package org.bouncycastle.pqc.crypto.qtesla;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-
-/**
- * Key-pair generator for qTESLA keys.
- */
-public final class QTESLAKeyPairGenerator
-    implements AsymmetricCipherKeyPairGenerator
-{
-    /**
-     * qTESLA Security Category
-     */
-    private int securityCategory;
-    private SecureRandom secureRandom;
-
-    /**
-     * Initialize the generator with a security category and a source of randomness.
-     *
-     * @param param a {@link QTESLAKeyGenerationParameters} object.
-     */
-    public void init(
-        KeyGenerationParameters param)
-    {
-        QTESLAKeyGenerationParameters parameters = (QTESLAKeyGenerationParameters)param;
-
-        this.secureRandom = parameters.getRandom();
-        this.securityCategory = parameters.getSecurityCategory();
-    }
-
-    /**
-     * Generate a key-pair.
-     *
-     * @return a matching key-pair consisting of (QTESLAPublicKeyParameters, QTESLAPrivateKeyParameters).
-     */
-    public AsymmetricCipherKeyPair generateKeyPair()
-    {
-        byte[] privateKey = allocatePrivate(securityCategory);
-        byte[] publicKey = allocatePublic(securityCategory);
-
-        switch (securityCategory)
-        {
-        case QTESLASecurityCategory.HEURISTIC_I:
-            QTESLA.generateKeyPairI(publicKey, privateKey, secureRandom);
-            break;
-        case QTESLASecurityCategory.HEURISTIC_III_SIZE:
-            QTESLA.generateKeyPairIIISize(publicKey, privateKey, secureRandom);
-            break;
-        case QTESLASecurityCategory.HEURISTIC_III_SPEED:
-            QTESLA.generateKeyPairIIISpeed(publicKey, privateKey, secureRandom);
-            break;
-        case QTESLASecurityCategory.PROVABLY_SECURE_I:
-            QTESLA.generateKeyPairIP(publicKey, privateKey, secureRandom);
-            break;
-        case QTESLASecurityCategory.PROVABLY_SECURE_III:
-            QTESLA.generateKeyPairIIIP(publicKey, privateKey, secureRandom);
-            break;
-        default:
-            throw new IllegalArgumentException("unknown security category: " + securityCategory);
-        }
-
-        return new AsymmetricCipherKeyPair(new QTESLAPublicKeyParameters(securityCategory, publicKey), new QTESLAPrivateKeyParameters(securityCategory, privateKey));
-    }
-
-    private byte[] allocatePrivate(int securityCategory)
-    {
-        return new byte[QTESLASecurityCategory.getPrivateSize(securityCategory)];
-    }
-
-    private byte[] allocatePublic(int securityCategory)
-    {
-        return new byte[QTESLASecurityCategory.getPublicSize(securityCategory)];
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/QTESLAPrivateKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/QTESLAPrivateKeyParameters.java
deleted file mode 100644
index 38c1ecb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/QTESLAPrivateKeyParameters.java
+++ /dev/null

@@ -1,60 +0,0 @@
-package org.bouncycastle.pqc.crypto.qtesla;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.util.Arrays;
-
-/**
- * qTESLA private key
- */
-public final class QTESLAPrivateKeyParameters
-    extends AsymmetricKeyParameter
-{
-    /**
-     * qTESLA Security Category (From 4 To 8)
-     */
-    private int securityCategory;
-
-    /**
-     * Text of the qTESLA Private Key
-     */
-    private byte[] privateKey;
-
-    /**
-     * Base constructor.
-     *
-     * @param securityCategory the security category for the passed in public key data.
-     * @param privateKey the private key data.
-     */
-    public QTESLAPrivateKeyParameters(int securityCategory, byte[] privateKey)
-    {
-        super(true);
-
-        if (privateKey.length != QTESLASecurityCategory.getPrivateSize(securityCategory))
-        {
-            throw new IllegalArgumentException("invalid key size for security category");
-        }
-
-        this.securityCategory = securityCategory;
-        this.privateKey = Arrays.clone(privateKey);
-    }
-
-    /**
-     * Return the security category for this key.
-     *
-     * @return the key's security category.
-     */
-    public int getSecurityCategory()
-    {
-        return this.securityCategory;
-    }
-
-    /**
-     * Return the key's secret value.
-     *
-     * @return key private data.
-     */
-    public byte[] getSecret()
-    {
-        return Arrays.clone(privateKey);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/QTESLAPublicKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/QTESLAPublicKeyParameters.java
deleted file mode 100644
index 6be4c6b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/QTESLAPublicKeyParameters.java
+++ /dev/null

@@ -1,61 +0,0 @@
-package org.bouncycastle.pqc.crypto.qtesla;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.util.Arrays;
-
-/**
- * qTESLA public key
- */
-public final class QTESLAPublicKeyParameters
-    extends AsymmetricKeyParameter
-{
-    /**
-     * qTESLA Security Category
-     */
-    private int securityCategory;
-
-    /**
-     * Text of the qTESLA Public Key
-     */
-    private byte[] publicKey;
-
-    /**
-     * Base constructor.
-     *
-     * @param securityCategory the security category for the passed in public key data.
-     * @param publicKey the public key data.
-     */
-    public QTESLAPublicKeyParameters(int securityCategory, byte[] publicKey)
-    {
-        super(false);
-
-        if (publicKey.length != QTESLASecurityCategory.getPublicSize(securityCategory))
-        {
-            throw new IllegalArgumentException("invalid key size for security category");
-        }
-
-        this.securityCategory = securityCategory;
-        this.publicKey = Arrays.clone(publicKey);
-
-    }
-
-    /**
-     * Return the security category for this key.
-     *
-     * @return the key's security category.
-     */
-    public int getSecurityCategory()
-    {
-        return this.securityCategory;
-    }
-
-    /**
-     * Return the key's public value.
-     *
-     * @return key public data.
-     */
-    public byte[] getPublicData()
-    {
-        return Arrays.clone(publicKey);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/QTESLASecurityCategory.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/QTESLASecurityCategory.java
deleted file mode 100644
index 7460741..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/QTESLASecurityCategory.java
+++ /dev/null

@@ -1,114 +0,0 @@
-package org.bouncycastle.pqc.crypto.qtesla;
-
-/**
- * The qTESLA security categories.
- */
-public class QTESLASecurityCategory
-{
-    public static final int HEURISTIC_I = 0;
-    public static final int HEURISTIC_III_SIZE = 1;
-    public static final int HEURISTIC_III_SPEED = 2;
-    public static final int PROVABLY_SECURE_I = 3;
-    public static final int PROVABLY_SECURE_III = 4;
-
-    private QTESLASecurityCategory()
-    {
-    }
-
-    static void validate(int securityCategory)
-    {
-        switch (securityCategory)
-        {
-        case HEURISTIC_I:
-        case HEURISTIC_III_SIZE:
-        case HEURISTIC_III_SPEED:
-        case PROVABLY_SECURE_I:
-        case PROVABLY_SECURE_III:
-            break;
-        default:
-            throw new IllegalArgumentException("unknown security category: " + securityCategory);
-        }
-    }
-
-    static int getPrivateSize(int securityCategory)
-    {
-        switch (securityCategory)
-        {
-        case HEURISTIC_I:
-            return Polynomial.PRIVATE_KEY_I;
-        case HEURISTIC_III_SIZE:
-            return Polynomial.PRIVATE_KEY_III_SIZE;
-        case HEURISTIC_III_SPEED:
-            return Polynomial.PRIVATE_KEY_III_SPEED;
-        case PROVABLY_SECURE_I:
-            return Polynomial.PRIVATE_KEY_I_P;
-        case PROVABLY_SECURE_III:
-            return Polynomial.PRIVATE_KEY_III_P;
-        default:
-            throw new IllegalArgumentException("unknown security category: " + securityCategory);
-        }
-    }
-
-    static int getPublicSize(int securityCategory)
-    {
-        switch (securityCategory)
-        {
-        case HEURISTIC_I:
-            return Polynomial.PUBLIC_KEY_I;
-        case HEURISTIC_III_SIZE:
-            return Polynomial.PUBLIC_KEY_III_SIZE;
-        case HEURISTIC_III_SPEED:
-            return Polynomial.PUBLIC_KEY_III_SPEED;
-        case PROVABLY_SECURE_I:
-            return Polynomial.PUBLIC_KEY_I_P;
-        case PROVABLY_SECURE_III:
-            return Polynomial.PUBLIC_KEY_III_P;
-        default:
-            throw new IllegalArgumentException("unknown security category: " + securityCategory);
-        }
-    }
-
-    static int getSignatureSize(int securityCategory)
-    {
-        switch (securityCategory)
-        {
-        case HEURISTIC_I:
-            return Polynomial.SIGNATURE_I;
-        case HEURISTIC_III_SIZE:
-            return Polynomial.SIGNATURE_III_SIZE;
-        case HEURISTIC_III_SPEED:
-            return Polynomial.SIGNATURE_III_SPEED;
-        case PROVABLY_SECURE_I:
-            return Polynomial.SIGNATURE_I_P;
-        case PROVABLY_SECURE_III:
-            return Polynomial.SIGNATURE_III_P;
-        default:
-            throw new IllegalArgumentException("unknown security category: " + securityCategory);
-        }
-    }
-
-    /**
-     * Return a standard name for the security category.
-     *
-     * @param securityCategory the category of interest.
-     * @return the name for the category.
-     */
-    public static String getName(int securityCategory)
-    {
-        switch (securityCategory)
-        {
-        case HEURISTIC_I:
-            return "qTESLA-I";
-        case HEURISTIC_III_SIZE:
-            return "qTESLA-III-size";
-        case HEURISTIC_III_SPEED:
-            return "qTESLA-III-speed";
-        case PROVABLY_SECURE_I:
-            return "qTESLA-p-I";
-        case PROVABLY_SECURE_III:
-            return "qTESLA-p-III";
-        default:
-            throw new IllegalArgumentException("unknown security category: " + securityCategory);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/QTESLASigner.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/QTESLASigner.java
deleted file mode 100644
index 2e64510..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/QTESLASigner.java
+++ /dev/null

@@ -1,135 +0,0 @@
-package org.bouncycastle.pqc.crypto.qtesla;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.pqc.crypto.MessageSigner;
-
-/**
- * Signer for the qTESLA algorithm (https://qtesla.org/)
- */
-public class QTESLASigner
-    implements MessageSigner
-{
-    /**
-     * The Public Key of the Identity Whose Signature Will be Generated
-     */
-    private QTESLAPublicKeyParameters publicKey;
-
-    /**
-     * The Private Key of the Identity Whose Signature Will be Generated
-     */
-    private QTESLAPrivateKeyParameters privateKey;
-
-    /**
-     * The Source of Randomness for private key operations
-     */
-    private SecureRandom secureRandom;
-
-    public QTESLASigner()
-    {
-    }
-
-    /**
-     * Initialise the signer.
-     *
-     * @param forSigning true if we are generating a signature, false
-     *                   otherwise.
-     * @param param      ParametersWithRandom containing a private key for signature generation, public key otherwise.
-     */
-    public void init(boolean forSigning, CipherParameters param)
-    {
-         if (forSigning)
-         {
-             if (param instanceof ParametersWithRandom)
-             {
-                 this.secureRandom = ((ParametersWithRandom)param).getRandom();
-                 privateKey = (QTESLAPrivateKeyParameters)((ParametersWithRandom)param).getParameters();
-             }
-             else
-             {
-                 this.secureRandom = CryptoServicesRegistrar.getSecureRandom();
-                 privateKey = (QTESLAPrivateKeyParameters)param;
-             }
-             publicKey = null;
-             QTESLASecurityCategory.validate(privateKey.getSecurityCategory());
-         }
-         else
-         {
-             privateKey = null;
-             publicKey = (QTESLAPublicKeyParameters)param;
-             QTESLASecurityCategory.validate(publicKey.getSecurityCategory());
-         }
-    }
-
-    /**
-     * Generate a signature directly for the passed in message.
-     *
-     * @param message the message to be signed.
-     * @return the signature generated.
-     */
-    public byte[] generateSignature(byte[] message)
-    {
-        byte[] sig = new byte[QTESLASecurityCategory.getSignatureSize(privateKey.getSecurityCategory())];
-
-        switch (privateKey.getSecurityCategory())
-        {
-        case QTESLASecurityCategory.HEURISTIC_I:
-            QTESLA.signingI(sig, message, 0, message.length, privateKey.getSecret(), secureRandom);
-            break;
-        case QTESLASecurityCategory.HEURISTIC_III_SIZE:
-            QTESLA.signingIIISize(sig, message, 0, message.length, privateKey.getSecret(), secureRandom);
-            break;
-        case QTESLASecurityCategory.HEURISTIC_III_SPEED:
-            QTESLA.signingIIISpeed(sig, message, 0, message.length, privateKey.getSecret(), secureRandom);
-            break;
-        case QTESLASecurityCategory.PROVABLY_SECURE_I:
-            QTESLA.signingIP(sig, message, 0, message.length, privateKey.getSecret(), secureRandom);
-            break;
-        case QTESLASecurityCategory.PROVABLY_SECURE_III:
-            QTESLA.signingIIIP(sig, message, 0, message.length, privateKey.getSecret(), secureRandom);
-            break;
-        default:
-            throw new IllegalArgumentException("unknown security category: " + privateKey.getSecurityCategory());
-        }
-
-        return sig;
-    }
-
-    /**
-     * Verify the signature against the passed in message.
-     *
-     * @param message the message that was supposed to have been signed.
-     * @param signature the signature of the message
-     * @return true if the signature passes, false otherwise.
-     */
-    public boolean verifySignature(byte[] message, byte[] signature)
-    {
-        int status;
-
-        switch (publicKey.getSecurityCategory())
-        {
-        case QTESLASecurityCategory.HEURISTIC_I:
-            status = QTESLA.verifyingI(message, signature, 0, signature.length, publicKey.getPublicData());
-            break;
-        case QTESLASecurityCategory.HEURISTIC_III_SIZE:
-            status = QTESLA.verifyingIIISize(message, signature, 0, signature.length, publicKey.getPublicData());
-            break;
-        case QTESLASecurityCategory.HEURISTIC_III_SPEED:
-            status = QTESLA.verifyingIIISpeed(message, signature, 0, signature.length, publicKey.getPublicData());
-            break;
-        case QTESLASecurityCategory.PROVABLY_SECURE_I:
-            status = QTESLA.verifyingPI(message, signature, 0, signature.length, publicKey.getPublicData());
-            break;
-        case QTESLASecurityCategory.PROVABLY_SECURE_III:
-            status = QTESLA.verifyingPIII(message, signature, 0, signature.length, publicKey.getPublicData());
-            break;
-        default:
-            throw new IllegalArgumentException("unknown security category: " + publicKey.getSecurityCategory());
-        }
-
-        return 0 == status;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/Sample.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/Sample.java
deleted file mode 100644
index 3ccd485..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/qtesla/Sample.java
+++ /dev/null

@@ -1,1373 +0,0 @@
-package org.bouncycastle.pqc.crypto.qtesla;
-
-import org.bouncycastle.util.Arrays;
-
-class Sample
-{
-
-    static final double[][] EXPONENTIAL_DISTRIBUTION_I = {
-        /* [3][32] */
-        {
-            1.0000000000000000000000000000000000000000, 0.9990496327075997720621566739241504871513,
-            0.9981001686131900082646604498429491608001, 0.9971516068584008799087793737854343387385,
-            0.9962039465856783249057599531380206128030, 0.9952571869382832724989228009014122394200,
-            0.9943113270602908687225570427678069689363, 0.9933663660965897025969132575731249565771,
-            0.9924223031928810330585953871541593536283, 0.9914791374956780166256527164832613053574,
-            0.9905368681523049357966736891640434381216, 0.9895954943108964281831839869512129866330,
-            0.9886550151203967163746519649066284074237, 0.9877154297305588385354051961226109899227,
-            0.9867767372919438797327625416330343864518, 0.9858389369559202039956868221933583419625,
-            0.9849020278746626871032638290431658501235, 0.9839660092011519501023140705695025630520,
-            0.9830308800891735935534443109670000387768, 0.9820966396933174325048466155419862577528,
-            0.9811632871689767321931532752331431453491, 0.9802308216723474444706566402213564033800,
-            0.9792992423604274449582035491768120172661, 0.9783685483910157709230746967427200384407,
-            0.9774387389227118598811599372828827520575, 0.9765098131149147889227411777252636721429,
-            0.9755817701278225147611951665163479411869, 0.9746546091224311145039291392620050672727,
-            0.9737283292605340271448629345703623656609, 0.9728029297047212957777718459314622781631,
-            0.9718784096183788105298051271677986565965, 0.9709547681656875522144957200697952895280
-        },
-
-        {
-            1.0000000000000000000000000000000000000000, 0.9700320045116228367035774232914930379400,
-            0.9409620897768370674212298508058219852849, 0.9127633421156708668942503744059309052528,
-            0.8854096543971923811501043960464255901147, 0.8588757018688517364879932717859212289637,
-            0.8331369187101692180902460141030849026557, 0.8081694752890624155161689578277768341910,
-            0.7839502560997556536888618983783791053116, 0.7604568383618460545183896873859249753543,
-            0.7376674712607126902372883387750345338472, 0.7155610558100490615694685434237323547987,
-            0.6941171253178751117406951384261687867164, 0.6733158264379437043232142381368341940533,
-            0.6531379007889984662634253213819854052726, 0.6335646671248656289427239706049936967143,
-            0.6145780040388724765036124496076447154217, 0.5961603331865797040852326968966728810261,
-            0.5782946030112948570545930362131434268247, 0.5609642729572995100665682618108293115511,
-            0.5441532981561743827978648643747061873131, 0.5278461145720445955231454653404664082188,
-            0.5120276245919921478529972155927751107378, 0.4966831830482948512984566287866591847562,
-            0.4817985836595507424420546966358580262381, 0.4673600458781348185224193866260805625424,
-            0.4533542021318111302275642196084653301628, 0.4397680854476881857303133336231578259611,
-            0.4265891174470596033395475021945475958821, 0.4138050967000153253100465421861800587782,
-            0.4014041874290417902572763743098032661210, 0.3893749085511525646401543103372782315254
-        },
-
-        {
-            1.0000000000000000000000000000000000000000000, 0.3777061230484043540417651455683576466650000,
-            0.1426619153882563708052119679085105421822000, 0.0538842789679578114076165050703859298545800,
-            0.0203524221022460198907862721163275696205800, 0.0076872344468839996101743286763347159496400,
-            0.0029035155198967005412614828182250511400990, 0.0010966755902310549151227158892825815595730,
-            0.0004142210854279922997296008273437255752956, 0.0001564538402619088712753422615493598849163,
-            5.909357344135995142394679824207999201121E-5, 2.232000452161222135025591154935960584027E-5,
-            8.430402374281007236700902260035220289887E-6, 3.184214596527742337148476455363347356131E-6,
-            1.202697350208632670782595114365065060885E-6, 4.542661533478916755570208360842380811059E-7,
-            1.715791076131440947144583312662638239090E-7, 6.480647953266561572601959656715022445021E-8,
-            2.447780413269889735078224512008720987199E-8, 9.245416499699910342143072277116651273927E-9,
-            3.492050422069402212293514861017928736701E-9, 1.318968826409377991494549187659977485249E-9,
-            4.981826018447900060525041555590742055479E-10, 1.881666191129624879723808164319051826703E-10,
-            7.107168419228284402686789774896404982106E-11, 2.684421029478771850078976357840397379201E-11,
-            1.013922259674033292202917547107956246173E-11, 3.829646457739566105989785588606755995719E-12,
-            1.446480916198866420590826731657500079699E-12, 5.463446989209777070985952848270039796153E-13,
-            2.063577380774902353530525926195322827410E-13, 7.794258121028692337871970872695782456164E-14
-        }
-
-    };
-
-    static final double[][] EXPONENTIAL_DISTRIBUTION_III_SIZE = {
-        /* [3][32] */
-        {
-            1.0000000000000000000000000000000000000000, 0.9914791374956780166256527164832613053571,
-            0.9830308800891735935534443109670000387763, 0.9746546091224311145039291392620050672719,
-            0.9663497112088951922951613058690022829314, 0.9581155781885929401990530331782558043141,
-            0.9499516070835989810875119461809064028436, 0.9418572000538799331122753584612083652659,
-            0.9338317643535151384510743106138183393464, 0.9258747122872904292046909607697858626681,
-            0.9179854611676617518466375609653990674902, 0.9101634332720854987115840832838713554612,
-            0.9024080558007124218622779514513692802555, 0.8947187608344420312994997523024746481561,
-            0.8870949852933344058775329566907233056474, 0.8795361708953763714606266672461444022383,
-            0.8720417641155990268059148554652540437481, 0.8646112161455436233871237462566364157436,
-            0.8572439828530728308830350554160731167048, 0.8499395247425244453469447315612369857573,
-            0.8426973069152046221501168284377584096225, 0.8355167990302177406553164840946716839800,
-            0.8283974752656300322277354108287439566785, 0.8213388142799641276318029906853001579399,
-            0.8143402991740217040952958306017837324709, 0.8074014174530314363485930132316684297705,
-            0.8005216609891194797686327175999898485396, 0.7937005259840997373758528196362056425534,
-            0.7869375129325811858498730937766509221324, 0.7802321265853895589476145632070372895529,
-            0.7735838759133007097276526159890746982448, 0.7669922740710829958085504579386416555178
-        },
-
-        {
-            1.0000000000000000000000000000000000000000000, 0.7604568383618460545183896873859249753475000,
-            0.5782946030112948570545930362131434268144000, 0.4397680854476881857303133336231578259493000,
-            0.3344246478719911187527828322027724928608000, 0.2543155103910080342970055083858543302085000,
-            0.1933959689783251774319131539973439846964000, 0.1470692871211828233002294902623869285186000,
-            0.1118398451043052539124374690378746581867000, 0.0850493750108985602659800234578596968909400,
-            0.0646763788254389154655681775607238774758000, 0.0491835945582863241156170683610789877042500,
-            0.0374020008170653143735533498156831735514100, 0.0284426072897526718347370026026486693779300,
-            0.0216293752143329118535087528015400204365400, 0.0164482062912336825104561988130156459132400,
-            0.0125081509529549918713848862125144537439400, 0.0095119089274368649464762531606995319241100,
-            0.0072333961897444564781616481310238106761860, 0.0055006855970716932734388078251246759697760,
-            0.0041830339779716833064716700383503988117580, 0.0031810167936485222816222493382931725715270,
-            0.0024190259736738921137934575940109408536480, 0.0018395648438552342443599128094977711325760,
-            0.0013989096651197544439950127319659303796870, 0.0010638104210907972987681203969116907947710,
-            0.0008089819094390918283473978621390203944673, 0.0006151958251439810374839895543363501050953,
-            0.0004678298721623988965815688638575721914033, 0.0003557644254758444808169155363704398225966,
-            0.0002705434901989792929582192527080744710506, 0.0002057366471960948784546183663182928059645
-        },
-
-        {
-            1.000000000000000000000000000000000000000, 0.0001564538402619088712753422615493598848717,
-            2.447780413269889735078224512008720985804E-8, 3.829646457739566105989785588606755992447E-12,
-            5.991628951587712183461314435723455239107E-16, 9.374133589003324437283071562544462897124E-20,
-            1.466619199127720628458909574032394007656E-23, 2.294582059053771218038974267927533833163E-27,
-            3.589961749350406706790987553377863179812E-31, 5.616633020792314645332222710264644857908E-35,
-            8.787438054448034835939954112296077697602E-39, 1.374828429682032112779050229478845154715E-42,
-            2.150971875250036652628677686695580621313E-46, 3.365278101782278104362461212648493483965E-50,
-            5.265106825731444425408506379787751403098E-54, 8.237461822748734749731771711361450782154E-58,
-            1.288782536179903234906819256928735424052E-61, 2.016349770478283712998453222332343703812E-65,
-            3.154656649025460159903286438614052035760E-69, 4.935581474477980619913950088312373997931E-73,
-            7.721906756076146364991353446502442654680E-77, 1.208121966132492313782281967679468463452E-80,
-            1.890153211061962317744312705074835436919E-84, 2.957217285540223765931001823632869648146E-88,
-            4.626680008116659240109379372702265238809E-92, 7.238618549328510447646200176448777448608E-96,
-            1.132509670233533294861752560334068442100E-99, 1.771854870417843101882482426208692422294E-103,
-            2.772134988636384669818807165401424398102E-107, 4.337111646965654912069237407317707678694E-111,
-            6.785577728124290751600099215097500773985E-115, 1.061629693960724289088455922591023103484E-118
-        }
-
-    };
-
-    static final double[][] EXPONENTIAL_DISTRIBUTION_III_SPEED = {
-        /* [3][32] */
-        {
-            1.0000000000000000000000000000000000000000, 0.9951980443443537316500388424172839303752,
-            0.9904191474668262564830185894967173613892, 0.9856631986401875746675941557587114196642,
-            0.9809300876689149347041557365309129923940, 0.9762197048866395987965541168345276706016,
-            0.9715319411536058687432894158212596709598, 0.9668666878541423134736924881553750396380,
-            0.9622238368941451396373408016639000521875, 0.9576032806985736469363056351479270970296,
-            0.9530049122089577101698314104664824876542, 0.9484286248809172302397073765744987564880,
-            0.9438743126816934966419131566675496907225, 0.9393418700876924042461092785035073150884,
-            0.9348311920820394674392081270253399758265, 0.9303421741521465749826061515830447550861,
-            0.9258747122872904292046909607697858626672, 0.9214287029762026134209634491584644007645,
-            0.9170040432046712317435415947941667461407, 0.9126006304531540657099452867877830194818,
-            0.9082183626944031924279067014123113094560, 0.9038571383911010091985145255388756529519,
-            0.8995168564935076098442888811876009946339, 0.8951974164371194582318032579854959087286,
-            0.8908987181403393047402262055905414183192, 0.8866206620021572916876550405654798379036,
-            0.8823631488998431939863624175501337704454, 0.8781260801866497415560803096876886684788,
-            0.8739093576895269702812107160640808580937, 0.8697128837068475485533842136704059167642,
-            0.8655365610061430266950922187780245940470, 0.8613802928218509568132024098758678171240
-        },
-
-        {
-            1.000000000000000000000000000000000000000000, 0.857243982853072830883035055416073116703300,
-            0.734867246137799425692104349091725698937400, 0.629960524947436582383605303639195946052600,
-            0.540029869446153084936465415644391919699900, 0.462937356143645214602345480384983067321600,
-            0.396850262992049868687926409818180089809000, 0.340197500043594241063920093831306311583500,
-            0.291632259894029145223423158665267961335500, 0.250000000000000000000000000000097352251700,
-            0.214310995713268207720758763854101733807800, 0.183716811534449856423026087273002965715400,
-            0.157490131236859145595901325909860314588700, 0.135007467361538271234116353911150553048700,
-            0.115734339035911303650586370096290834824400, 0.099212565748012467171981602454583656718920,
-            0.085049375010898560265980023457859696888520, 0.072908064973507286305855789666345381391030,
-            0.062500000000000000000000000000048676125830, 0.053577748928317051930189690963546297109930,
-            0.045929202883612464105756521818268626674130, 0.039372532809214786398975331477480410666060,
-            0.033751866840384567808529088477800781543110, 0.028933584758977825912646592524083975704600,
-            0.024803141437003116792995400613655572746400, 0.021262343752724640066495005864473203970290,
-            0.018227016243376821576463947416593443112050, 0.015625000000000000000000000000018253547190,
-            0.013394437232079262982547422740891790191980, 0.011482300720903116026439130454571627979850,
-            0.009843133202303696599743832869373935671238, 0.008437966710096141952132272119453481206014
-        },
-
-        {
-            1.000000000000000000000000000000000000000, 0.007233396189744456478161648131023810675775,
-            5.232202043780962102557587008169005410143E-5, 3.784659032745836912993682954976324658164E-7,
-            2.737593822694567686662466634421542264066E-9, 1.980210072614684707158711353745069372717E-11,
-            1.432364399414465384287735340977513952565E-13, 1.036085918905020069841154248521752033776E-15,
-            7.494419938055456100418425186702743722723E-18, 5.421010862427522170037264004417260251684E-20,
-            3.921231931684654880817938739668273317360E-22, 2.836382411375207747860568187463889509638E-24,
-            2.051667772709962123314993704273413823620E-26, 1.484052584974173558955043468582713624191E-28,
-            1.073474031353259824558654154333806911547E-30, 7.764862968180290824468612020607860317513E-33,
-            5.616633020792314645332222710264644852793E-35, 4.062733189179202535382045195211707654781E-37,
-            2.938735877055718769921841343128853888538E-39, 2.125704089576016965228859756656407540404E-41,
-            1.537605986206336992222535387300608525931E-43, 1.112211328195318530448364746285024038827E-45,
-            8.045065183558638234146057828832053516826E-48, 5.819314384499884015403474144560288801662E-50,
-            4.209340649576656799996170991423257963815E-52, 3.044782861598424467581974062513986546956E-54,
-            2.202412074968526631812431321732133496007E-56, 1.593091911132452277028880397827266782094E-58,
-            1.152346495989819456843455045622426762614E-60, 8.335378753358135655955994470664225877261E-63,
-            6.029309691461763611680553229574282672923E-65, 4.361238574900884540660050746922306538111E-67,
-        }
-
-    };
-
-    static final double[][] EXPONENTIAL_DISTRIBUTION_P = {
-        /* [3][32] */
-        {
-            1.0000000000000000000000000000000000000000, 0.9930924954370359015332102168880765048173,
-            0.9862327044933591729073804985266878802443, 0.9794202975869268710835182321094224250961,
-            0.9726549474122855185227020947295413763023, 0.9659363289248455510651443129204733029988,
-            0.9592641193252643901322834293949397264660, 0.9526379980439373889289005948680289570903,
-            0.9460576467255959075051119972754354254470, 0.9395227492140117766851490088262829075331,
-            0.9330329915368074159813432661499603336007, 0.9265880618903708756879317851202732375877,
-            0.9201876506248750783904312382017973974891, 0.9138314502294005401326428921359892449876,
-            0.9075191553171608564550809482180658363403, 0.9012504626108302434560060155923701020040,
-            0.8950250709279724289295293992056807493013, 0.8888426811665701935046683790031660959701,
-            0.8827029962906548665450116490541232503509, 0.8766057213160350863710299119436526437378,
-            0.8705505632961241391362700174797799990040, 0.8645372313078651954249311342751209858410,
-            0.8585654364377537683418658040230197384022, 0.8526348917679567215371033354114150564474,
-            0.8467453123625271602457822707284519309456, 0.8408964152537145430311254762332558266219,
-            0.8350879194283693564930171007187976000468, 0.8293195458144416997480650199452263126561,
-            0.8235910172675731299989737240342361894393, 0.8179020585577811249918276889374069238047,
-            0.8122523963562355226097093827753290960475, 0.8066417592221263022701629871861700330324
-        },
-
-        {
-            1.000000000000000000000000000000000000000000, 0.801069877589622077182576980035615205902700,
-            0.641712948781452099037917089781420222618900, 0.514056913328033254673172479396413573907600,
-            0.411795508633786564999486862017198273163900, 0.329876977693223564843500492807512798916800,
-            0.264254510140345093624873553521627364440900, 0.211686328090631790061445567682195415303500,
-            0.169575540930958985396762834141244920349500, 0.135841857815757262606900740466230788178000,
-            0.108818820412015517392033752185036062422000, 0.087171479146900338767218235365499637556050,
-            0.069830446129513747913186914700207350540810, 0.055939066932998276808095587450398613186620,
-            0.044811101500494605684562734558780780465070, 0.035896823593657343962457092086843785683310,
-            0.028755864082027346199700976193834163154190, 0.023035456520173456442055699495851578765410,
-            0.018453010334836412492976026695119689178670, 0.014782150730087436054767374957445947431420,
-            0.011841535675862485018337967197721359270050, 0.009485897534336303604787967133085469399049,
-            0.007598866776658480613458610115084898737984, 0.006087223278597655149117219956228990612855,
-            0.004876291206646921576592633968279399063782, 0.003906250000000000000000000000006084516053,
-            0.003129179209334461238994441328268996020587, 0.002506691206177547261866863631962577257343,
-            0.002008034817687629901067079997645368310618, 0.001608576205600728769529245554757186330929,
-            0.001288581944114154550169923800031354012535, 0.001032244180235723021972162318445464753156
-        },
-
-        {
-            1.000000000000000000000000000000000000000, 0.0008268997191040304299275217487598638498908,
-            6.837631454543244275598561791827450446268E-7, 5.654035529098691704742888887601969318770E-10,
-            4.675320390815916240837145591289455678271E-13, 3.866021117887026910581260785663924052584E-16,
-            3.196811776431032265107748321378670183434E-19, 2.643442759959277106397015416454182808165E-22,
-            2.185862075677909177530183421677021601630E-25, 1.807488736378216004902267757945329990433E-28,
-            1.494611928394845722509566662381681852231E-31, 1.235894183759231170477230799378805483584E-34,
-            1.021960553392813221805059629881904702629E-37, 8.450588945359167454685108853553438401193E-41,
-            6.987789625181120323479538530531788834637E-44, 5.778201278220326478541087516212630539830E-47,
-            4.777993013886937548374901071454718579294E-50, 3.950921081064128423947108109095179681258E-53,
-            3.267015532134120033414586853048549151733E-56, 2.701494225830208356330596231491229575841E-59,
-            2.233864816500159437321055999997722887780E-62, 1.847182189280358319436455385107649366142E-65,
-            1.527434433449896263866613728025637317872E-68, 1.263035103969543081968346060350962609985E-71,
-            1.044403372690945043917523022329044283453E-74, 8.636168555094444625386351863230863826745E-78,
-            7.141245352342656606906053992842560076147E-81, 5.905093775905105564186232605424573035226E-84,
-            4.882920384578890205960673105845289217904E-87, 4.037685494415628551550334502904113261957E-90,
-            3.338761001162701476381524668052565130775E-93, 2.760820534016929266476966660680800456743E-96
-        }
-
-    };
-
-    static final long[][] CUMULATIVE_DISTRIBUTION_TABLE_I = {
-        /* [12][2] */
-        {0x0200000000000000L, 0x0000000000000000L}, {0x0300000000000000L, 0x0000000000000000L},
-        {0x0320000000000000L, 0x0000000000000000L}, {0x0321000000000000L, 0x0000000000000000L},
-        {0x0321020000000000L, 0x0000000000000000L}, {0x0321020100000000L, 0x0000000000000000L},
-        {0x0321020100200000L, 0x0000000000000000L}, {0x0321020100200100L, 0x0000000000000000L},
-        {0x0321020100200100L, 0x0200000000000000L}, {0x0321020100200100L, 0x0200010000000000L},
-        {0x0321020100200100L, 0x0200010000200000L}, {0x0321020100200100L, 0x0200010000200001L},
-
-    };
-
-    static final long[][] CUMULATIVE_DISTRIBUTION_TABLE_III = {
-        /* [14][3] */
-        {0x0000020000000000L, 0x0000000000000000L, 0x0000000000000000L},
-        {0x0000030000000000L, 0x0000000000000000L, 0x0000000000000000L},
-        {0x0000032000000000L, 0x0000000000000000L, 0x0000000000000000L},
-        {0x0000032100000000L, 0x0000000000000000L, 0x0000000000000000L},
-        {0x0000032102000000L, 0x0000000000000000L, 0x0000000000000000L},
-        {0x0000032102010000L, 0x0000000000000000L, 0x0000000000000000L},
-        {0x0000032102010020L, 0x0000000000000000L, 0x0000000000000000L},
-        {0x0000032102010020L, 0x0100000000000000L, 0x0000000000000000L},
-        {0x0000032102010020L, 0x0100020000000000L, 0x0000000000000000L},
-        {0x0000032102010020L, 0x0100020001000000L, 0x0000000000000000L},
-        {0x0000032102010020L, 0x0100020001000020L, 0x0000000000000000L},
-        {0x0000032102010020L, 0x0100020001000020L, 0x0001000000000000L},
-        {0x0000032102010020L, 0x0100020001000020L, 0x0001000002000000L},
-        {0x0000032102010020L, 0x0100020001000020L, 0x0001000002000001L}
-
-    };
-
-    private static long modulus7(long number)
-    {
-
-        long temporary = number;
-
-        for (int i = 0; i < 2; i++)
-        {
-
-            temporary = (temporary & 7) + (temporary >> 3);
-
-        }
-
-        return ((temporary - 7) >> 3) & temporary;
-
-    }
-
-    /******************************************************************************************************************
-     * Description:	Samples Polynomial Y, Such That Each Coefficient is in the Range [-B, B], for Heuristic qTESLA
-     * 				Security Category-1 and Security Category-3 (Option for Size or Speed)
-     *
-     * @param        Y                Polynomial Y
-     * @param        seed            Kappa-Bit Seed
-     * @param        seedOffset        Starting Point of the Kappa-Bit Seed
-     * @param        nonce            Domain Separator for Error Polynomial and Secret Polynomial
-     * @param        n                Polynomial Degree
-     * @param        q                Modulus
-     * @param        b                Determines the Interval the Randomness is Chosen in During Signing
-     * @param        bBit            b = 2 ^ bBit - 1
-     *
-     * @return none
-     ******************************************************************************************************************/
-    public static void sampleY(int[] Y, final byte[] seed, int seedOffset, int nonce, int n, int q, int b, int bBit)
-    {
-
-        int i = 0;
-        int position = 0;
-        int numberOfByte = (bBit + 1 + 7) / 8;
-        int numberOfBlock = n;
-        byte[] buffer = new byte[n * numberOfByte];
-        int[] y = new int[4];
-
-        short dualModeSampler = (short)(nonce << 8);
-
-        if (q == Parameter.Q_I)
-        {
-
-            HashUtils.customizableSecureHashAlgorithmKECCAK128Simple(
-                buffer, 0, n * numberOfByte, dualModeSampler++, seed, seedOffset, Polynomial.RANDOM
-            );
-
-        }
-
-        if (q == Parameter.Q_III_SIZE || q == Parameter.Q_III_SPEED)
-        {
-
-            HashUtils.customizableSecureHashAlgorithmKECCAK256Simple(
-                buffer, 0, n * numberOfByte, dualModeSampler++, seed, seedOffset, Polynomial.RANDOM
-            );
-
-        }
-
-        while (i < n)
-        {
-
-            if (position > numberOfBlock * numberOfByte * 4)
-            {
-
-                if (q == Parameter.Q_I)
-                {
-
-                    numberOfBlock =
-                        HashUtils.SECURE_HASH_ALGORITHM_KECCAK_128_RATE /
-                            ((bBit + 1 + 7) / 8);
-
-                    HashUtils.customizableSecureHashAlgorithmKECCAK128Simple(
-                        buffer, 0, HashUtils.SECURE_HASH_ALGORITHM_KECCAK_128_RATE,
-                        dualModeSampler++,
-                        seed, seedOffset, Polynomial.RANDOM
-                    );
-
-                }
-
-                if (q == Parameter.Q_III_SIZE || q == Parameter.Q_III_SPEED)
-                {
-
-                    numberOfBlock =
-                        HashUtils.SECURE_HASH_ALGORITHM_KECCAK_256_RATE /
-                            ((bBit + 1 + 7) / 8);
-
-                    HashUtils.customizableSecureHashAlgorithmKECCAK256Simple(
-                        buffer, 0, HashUtils.SECURE_HASH_ALGORITHM_KECCAK_256_RATE,
-                        dualModeSampler++,
-                        seed, seedOffset, Polynomial.RANDOM
-                    );
-
-                }
-
-                position = 0;
-
-            }
-
-            y[0] = (CommonFunction.load32(buffer, position) & ((1 << (bBit + 1)) - 1)) - b;
-            y[1] = (CommonFunction.load32(buffer, position + numberOfByte) & ((1 << (bBit + 1)) - 1)) - b;
-            y[2] = (CommonFunction.load32(buffer, position + numberOfByte * 2) & ((1 << (bBit + 1)) - 1)) - b;
-            y[3] = (CommonFunction.load32(buffer, position + numberOfByte * 3) & ((1 << (bBit + 1)) - 1)) - b;
-
-            if (i < n && y[0] != (1 << bBit))
-            {
-
-                Y[i++] = y[0];
-
-            }
-
-            if (i < n && y[1] != (1 << bBit))
-            {
-
-                Y[i++] = y[1];
-
-            }
-
-            if (i < n && y[2] != (1 << bBit))
-            {
-
-                Y[i++] = y[2];
-
-            }
-
-            if (i < n && y[3] != (1 << bBit))
-            {
-
-                Y[i++] = y[3];
-
-            }
-
-            position += numberOfByte * 4;
-
-        }
-
-    }
-
-    /*******************************************************************************************************************
-     * Description:	Samples Polynomial Y, Such That Each Coefficient is in the Range [-B, B], for Provably-Secure qTESLA
-     *				Security Category-1 and Security Category-3
-     *
-     * @param        Y                Polynomial Y
-     * @param        seed            Kappa-Bit Seed
-     * @param        seedOffset        Starting Point of the Kappa-Bit Seed
-     * @param        nonce            Domain Separator for Error Polynomial and Secret Polynomial
-     * @param        n                Polynomial Degree
-     * @param        q                Modulus
-     * @param        b                Determines the Interval the Randomness is Chosen in During Signing
-     * @param        bBit            b = 2 ^ bBit - 1
-     *
-     * @return none
-     *******************************************************************************************************************/
-    public static void sampleY(long[] Y, final byte[] seed, int seedOffset, int nonce, int n, int q, int b, int bBit)
-    {
-
-        int i = 0;
-        int position = 0;
-        int numberOfByte = (bBit + 1 + 7) / 8;
-        int numberOfBlock = n;
-        byte[] buffer = new byte[n * numberOfByte];
-
-        short dualModeSampler = (short)(nonce << 8);
-
-        if (q == Parameter.Q_I_P)
-        {
-
-            HashUtils.customizableSecureHashAlgorithmKECCAK128Simple(
-                buffer, 0, n * numberOfByte, dualModeSampler++, seed, seedOffset, Polynomial.RANDOM
-            );
-
-        }
-
-        if (q == Parameter.Q_III_P)
-        {
-
-            HashUtils.customizableSecureHashAlgorithmKECCAK256Simple(
-                buffer, 0, n * numberOfByte, dualModeSampler++, seed, seedOffset, Polynomial.RANDOM
-            );
-
-        }
-
-        while (i < n)
-        {
-
-            if (position > numberOfBlock * numberOfByte)
-            {
-
-                if (q == Parameter.Q_I_P)
-                {
-
-                    numberOfBlock =
-                        HashUtils.SECURE_HASH_ALGORITHM_KECCAK_128_RATE /
-                            ((bBit + 1 + 7) / 8);
-
-                    HashUtils.customizableSecureHashAlgorithmKECCAK128Simple(
-                        buffer, 0, HashUtils.SECURE_HASH_ALGORITHM_KECCAK_128_RATE,
-                        dualModeSampler++,
-                        seed, seedOffset, Polynomial.RANDOM
-                    );
-
-                }
-
-                if (q == Parameter.Q_III_P)
-                {
-
-                    numberOfBlock =
-                        HashUtils.SECURE_HASH_ALGORITHM_KECCAK_256_RATE /
-                            ((bBit + 1 + 7) / 8);
-
-                    HashUtils.customizableSecureHashAlgorithmKECCAK256Simple(
-                        buffer, 0, HashUtils.SECURE_HASH_ALGORITHM_KECCAK_256_RATE,
-                        dualModeSampler++,
-                        seed, seedOffset, Polynomial.RANDOM
-                    );
-
-                }
-
-                position = 0;
-
-            }
-
-            Y[i] = (CommonFunction.load32(buffer, position) & ((1 << (bBit + 1)) - 1)) - b;
-
-            if (Y[i] != (1 << bBit))
-            {
-
-                i++;
-
-            }
-
-            position += numberOfByte;
-
-        }
-
-    }
-
-    /*****************************************************************************************************************
-     * Description:	Samples A Bit from Bernoulli with Restriction of 20-Bit Exponent
-     *****************************************************************************************************************/
-    private static int bernoulli(long result, long fractionOfExponent, double[][] exponentialDistribution)
-    {
-
-        /* *
-         * Computes the Actual Bernoulli Parameter = exp (-t / f)
-         * Yields A Fraction of 2^62, to Keep Only 62 Bits of Precision in This Implementation
-         * */
-        double bernoulliParameter = 4611686018427387904.0;
-
-        for (long i = 0, j = fractionOfExponent; i < 3; i++, j >>= 5)
-        {
-
-            bernoulliParameter *= exponentialDistribution[(int)i][(int)(j & 31)];
-
-        }
-
-        /* Sample from Bernoulli of bernoulliParameter */
-        return (int)(((result & 0x3FFFFFFFFFFFFFFFL) - round(bernoulliParameter)) >>> 63);
-
-    }
-
-    /**********************************************************************************************************************
-     * Description:	Gaussian Sampler for Heuristic qTESLA Security Category-1
-     *
-     * @param        data                        Data to be Sampled
-     * @param        dataOffset                    Starting Point of the Data to be Sampled
-     * @param        seed                        Kappa-Bit Seed
-     * @param        seedOffset                    Starting Point of the Kappa-Bit Seed
-     * @param        nonce                        Domain Separator for Error Polynomial and Secret Polynomial
-     *
-     * @return none
-     **********************************************************************************************************************/
-    public static void polynomialGaussSamplerI(int[] data, int dataOffset, final byte[] seed, int seedOffset, int nonce)
-    {
-
-        byte[] seedExpander = new byte[Parameter.N_I * Const.LONG_SIZE / Const.INT_SIZE];
-        short domainSeparator = (short)(nonce << 8);
-        int index;
-        int j = 0;
-        long k;
-        long sign;
-        long r;
-        long s;
-        long randomBit;
-        long bitRemained;
-        long y;
-        long z;
-        long buffer;
-
-        HashUtils.customizableSecureHashAlgorithmKECCAK128Simple(
-            seedExpander, 0, Parameter.N_I * Const.LONG_SIZE / Const.INT_SIZE, domainSeparator++, seed, seedOffset, Polynomial.RANDOM
-        );
-
-        for (index = 0; index < Parameter.N_I; index++)
-        {
-
-            if (j + 46 > Parameter.N_I)
-            {
-
-                HashUtils.customizableSecureHashAlgorithmKECCAK128Simple(
-                    seedExpander, 0, Parameter.N_I * Const.LONG_SIZE / Const.INT_SIZE, domainSeparator++, seed, seedOffset, Polynomial.RANDOM
-                );
-
-                j = 0;
-
-            }
-
-            do
-            {
-
-                randomBit = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-                bitRemained = 64;
-
-                do
-                {
-
-                    /* Sample x from D^+_{\SIGMA_2} and y from U ({0, ..., k - 1}) */
-                    do
-                    {
-
-                        r = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-                        s = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-
-                        if (bitRemained <= 64 - 6)
-                        {
-
-                            randomBit = (randomBit << 6) ^ ((r >>> 58) & 63L);
-                            bitRemained += 6;
-
-                        }
-
-                        r &= 0x03FFFFFFFFFFFFFFL;
-
-                        /*
-                         * Checks If r Exceeds A Maximum Value
-                         * Variation is Random ad Does not Depend on Private Data
-                         */
-                    }
-                    while (r > 0x0321020100200100L);
-
-                    y = 0;
-
-                    for (int i = 0; i < 12; i++)
-                    {
-
-                        long c = s - CUMULATIVE_DISTRIBUTION_TABLE_I[i][1];
-
-                        long b = (((c & CUMULATIVE_DISTRIBUTION_TABLE_I[i][1]) & 1) + (CUMULATIVE_DISTRIBUTION_TABLE_I[i][1] >> 1) + (c >>> 1)) >>> 63;
-
-                        c = r - (CUMULATIVE_DISTRIBUTION_TABLE_I[i][0] + b);
-
-                        y += ~(c >>> 63) & 1L;
-
-                    }
-
-                    /* The Next Sampler Works Exclusively for xi <= 28 */
-                    do
-                    {
-
-                        do
-                        {
-
-                            if (bitRemained < 6)
-                            {
-
-                                randomBit = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-                                bitRemained = 64;
-
-                            }
-
-                            z = randomBit & 63L;
-                            randomBit >>= 6;
-                            bitRemained -= 6;
-
-                        }
-                        while (z == 63);
-
-                        if (bitRemained < 2)
-                        {
-
-                            randomBit = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-                            bitRemained = 64;
-
-                        }
-
-                        z = (modulus7(z) << 2) + (randomBit & 3L);
-                        randomBit >>= 2;
-                        bitRemained -= 2;
-
-                        /*
-                         * Making Sure Random z Does not Exceed A Certain Limit
-                         * No Private Data is Leaked
-                         * It Varies Uniformly
-                         */
-                    }
-                    while (z >= Parameter.XI_I);
-
-                    /* Sample A Bit from Bernoulli_{exp (- y * (y + 2 * k * x) / (2 * k^2 * SIGMA_2^2))} */
-                    k = (long)(Parameter.XI_I * y + z);
-
-                    buffer = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-
-                }
-                while (bernoulli(buffer, z * ((k << 1) - z), EXPONENTIAL_DISTRIBUTION_I) == 0);
-
-                /* Put Last Random Bits into Sign Bit */
-                randomBit <<= (int)(64 - bitRemained);
-
-                if (bitRemained == 0)
-                {
-
-                    randomBit = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-                    bitRemained = 64;
-
-                }
-
-                sign = randomBit >> 63;
-                randomBit <<= 1;
-                bitRemained--;
-
-            }
-            while ((k | (sign & 1L)) == 0);
-
-            if (bitRemained == 0)
-            {
-
-                randomBit = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-                bitRemained = 64;
-
-            }
-
-            sign = randomBit >> 63;
-            randomBit <<= 1;
-            bitRemained--;
-            k = ((k << 1) & sign) - k;
-            data[dataOffset + index] = (int)((k << 48) >> 48);
-
-        }
-
-    }
-
-    /**********************************************************************************************************************
-     * Description:	Gaussian Sampler for Provably-Secure qTESLA Security Category-1
-     *
-     * @param        data                        Data to be Sampled
-     * @param        dataOffset                    Starting Point of the Data to be Sampled
-     * @param        seed                        Kappa-Bit Seed
-     * @param        seedOffset                    Starting Point of the Kappa-Bit Seed
-     * @param        nonce                        Domain Separator for Error Polynomial and Secret Polynomial
-     *
-     * @return none
-     **********************************************************************************************************************/
-    public static void polynomialGaussSamplerIP(long[] data, int dataOffset, final byte[] seed, int seedOffset, int nonce)
-    {
-
-        byte[] seedExpander = new byte[Parameter.N_I_P * Const.LONG_SIZE / Const.INT_SIZE];
-        short domainSeparator = (short)(nonce << 8);
-        int index;
-        int j = 0;
-        long k;
-        long sign;
-        long r;
-        long s;
-        long randomBit;
-        long bitRemained;
-        long y;
-        long z;
-        long buffer;
-
-        HashUtils.customizableSecureHashAlgorithmKECCAK128Simple(
-            seedExpander, 0, Parameter.N_I_P * Const.LONG_SIZE / Const.INT_SIZE, domainSeparator++, seed, seedOffset, Polynomial.RANDOM
-        );
-
-        for (index = 0; index < Parameter.N_I_P; index++)
-        {
-
-            if (j + 46 > Parameter.N_I_P)
-            {
-
-                HashUtils.customizableSecureHashAlgorithmKECCAK128Simple(
-                    seedExpander, 0, Parameter.N_I_P * Const.LONG_SIZE / Const.INT_SIZE, domainSeparator++, seed, seedOffset, Polynomial.RANDOM
-                );
-
-                j = 0;
-
-            }
-
-            do
-            {
-
-                randomBit = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-                bitRemained = 64;
-
-                do
-                {
-
-                    /* Sample x from D^+_{\SIGMA_2} and y from U ({0, ..., k - 1}) */
-                    do
-                    {
-
-                        r = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-                        s = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-
-                        if (bitRemained <= 64 - 6)
-                        {
-
-                            randomBit = (randomBit << 6) ^ ((r >>> 58) & 63L);
-                            bitRemained += 6;
-
-                        }
-
-                        r &= 0x03FFFFFFFFFFFFFFL;
-
-                        /*
-                         * Checks If r Exceeds A Maximum Value
-                         * Variation is Random ad Does not Depend on Private Data
-                         */
-                    }
-                    while (r > 0x0321020100200100L);
-
-                    y = 0;
-
-                    for (int i = 0; i < 12; i++)
-                    {
-
-                        long c = s - CUMULATIVE_DISTRIBUTION_TABLE_I[i][1];
-
-                        long b = (((c & CUMULATIVE_DISTRIBUTION_TABLE_I[i][1]) & 1) + (CUMULATIVE_DISTRIBUTION_TABLE_I[i][1] >> 1) + (c >>> 1)) >>> 63;
-
-                        c = r - (CUMULATIVE_DISTRIBUTION_TABLE_I[i][0] + b);
-
-                        y += ~(c >>> 63) & 1L;
-
-                    }
-
-                    /* The Next Sampler Works Exclusively for xi <= 28 */
-                    do
-                    {
-
-                        do
-                        {
-
-                            if (bitRemained < 6)
-                            {
-
-                                randomBit = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-                                bitRemained = 64;
-
-                            }
-
-                            z = randomBit & 63L;
-                            randomBit >>= 6;
-                            bitRemained -= 6;
-
-                        }
-                        while (z == 63);
-
-                        if (bitRemained < 2)
-                        {
-
-                            randomBit = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-                            bitRemained = 64;
-
-                        }
-
-                        z = (modulus7(z) << 2) + (randomBit & 3L);
-                        randomBit >>= 2;
-                        bitRemained -= 2;
-
-                        /*
-                         * Making Sure Random z Does not Exceed A Certain Limit
-                         * No Private Data is Leaked
-                         * It Varies Uniformly
-                         */
-                    }
-                    while (z >= Parameter.XI_I_P);
-
-                    /* Sample A Bit from Bernoulli_{exp (- y * (y + 2 * k * x) / (2 * k^2 * SIGMA_2^2))} */
-                    k = (long)(Parameter.XI_I_P * y + z);
-
-                    buffer = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-
-                }
-                while (bernoulli(buffer, z * ((k << 1) - z), EXPONENTIAL_DISTRIBUTION_P) == 0);
-
-                /* Put Last Random Bits into Sign Bit */
-                randomBit <<= (int)(64 - bitRemained);
-
-                if (bitRemained == 0)
-                {
-
-                    randomBit = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-                    bitRemained = 64;
-
-                }
-
-                sign = randomBit >> 63;
-                randomBit <<= 1;
-                bitRemained--;
-
-            }
-            while ((k | (sign & 1L)) == 0);
-
-            if (bitRemained == 0)
-            {
-
-                randomBit = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-                bitRemained = 64;
-
-            }
-
-            sign = randomBit >> 63;
-            randomBit <<= 1;
-            bitRemained--;
-            k = ((k << 1) & sign) - k;
-            data[dataOffset + index] = (k << 48) >> 48;
-
-        }
-
-    }
-
-    /*******************************************************************************************************************************************************************************
-     * Description:	Gaussian Sampler for Heuristic qTESLA Security Category-3 (Option for Size or Speed)
-     *
-     * @param        data                        Data to be Sampled
-     * @param        dataOffset                    Starting Point of the Data to be Sampled
-     * @param        seed                        Kappa-Bit Seed
-     * @param        seedOffset                    Starting Point of the Kappa-Bit Seed
-     * @param        nonce                        Domain Separator for Error Polynomial and Secret Polynomial
-     * @param        n                            Polynomial Degree
-     * @param        xi
-     * @param        exponentialDistribution        Exponential Distribution Table
-     *
-     * @return none
-     *******************************************************************************************************************************************************************************/
-    public static void polynomialGaussSamplerIII(int[] data, int dataOffset, final byte[] seed, int seedOffset, int nonce, int n, double xi, double[][] exponentialDistribution)
-    {
-
-        byte[] seedExpander = new byte[n * Const.LONG_SIZE / Const.INT_SIZE];
-        short domainSeparator = (short)(nonce << 8);
-        int index;
-        int j = 0;
-        long k;
-        long sign;
-        long r;
-        long s;
-        long t;
-        long randomBit;
-        long bitRemained;
-        long y;
-        long z;
-
-        HashUtils.customizableSecureHashAlgorithmKECCAK256Simple(
-            seedExpander, 0, n * Const.LONG_SIZE / Const.INT_SIZE, domainSeparator++, seed, seedOffset, Polynomial.RANDOM
-        );
-
-        for (index = 0; index < n; index++)
-        {
-
-            if (j + 46 > n)
-            {
-
-                HashUtils.customizableSecureHashAlgorithmKECCAK256Simple(
-                    seedExpander, 0, n * Const.LONG_SIZE / Const.INT_SIZE, domainSeparator++, seed, seedOffset, Polynomial.RANDOM
-                );
-
-                j = 0;
-
-            }
-
-            do
-            {
-
-                randomBit = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-                bitRemained = 64;
-
-                do
-                {
-
-                    /* Sample x from D^+_{\SIGMA_2} and y from U ({0, ..., k - 1}) */
-                    do
-                    {
-
-                        r = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-                        s = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-                        t = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-
-                        if (bitRemained <= 64 - 6)
-                        {
-
-                            randomBit = (randomBit << 6) ^ ((r >>> 58) & 63L);
-                            bitRemained += 6;
-
-                        }
-
-                        r &= 0x000003FFFFFFFFFFL;
-
-                        /*
-                         * Checks If r Exceeds A Maximum Value
-                         * Variation is Random ad Does not Depend on Private Data
-                         */
-                    }
-                    while (r > 0x0000032102010020L);
-
-                    y = 0;
-
-                    for (int i = 0; i < 14; i++)
-                    {
-
-                        long c = t - CUMULATIVE_DISTRIBUTION_TABLE_III[i][2];
-
-                        long b = ((c & CUMULATIVE_DISTRIBUTION_TABLE_III[i][2] & 1L) + (CUMULATIVE_DISTRIBUTION_TABLE_III[i][2] >> 1) + (c >>> 1)) >> 63;
-
-                        /* Least significant Bits of All CUMULATIVE_DISTRIBUTION_TABLE[i][1] are Zero: Overflow Cannot Occur at This Point */
-                        c = s - (CUMULATIVE_DISTRIBUTION_TABLE_III[i][1] + b);
-
-                        b = (((c & b) & 1L) + (CUMULATIVE_DISTRIBUTION_TABLE_III[i][1] >> 1) + (c >>> 1)) >> 63;
-
-                        /* Least significant Bits of All CUMULATIVE_DISTRIBUTION_TABLE[i][0] are Zero: Overflow Cannot Occur at This Point */
-                        c = r - (CUMULATIVE_DISTRIBUTION_TABLE_III[i][0] + b);
-
-                        y += ~(c >>> 63) & 1L;
-
-                    }
-
-                    /* The Next Sampler Works Exclusively for xi <= 28 */
-                    do
-                    {
-
-                        do
-                        {
-
-                            if (bitRemained < 6)
-                            {
-
-                                randomBit = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-                                bitRemained = 64;
-
-                            }
-
-                            z = randomBit & 63L;
-                            randomBit >>= 6;
-                            bitRemained -= 6;
-
-                        }
-                        while (z == 63L);
-
-                        if (bitRemained < 2)
-                        {
-
-                            randomBit = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-                            bitRemained = 64;
-
-                        }
-
-                        z = (modulus7(z) << 2) + (randomBit & 3L);
-                        randomBit >>= 2;
-                        bitRemained -= 2;
-
-                        /*
-                         * Making Sure Random z Does not Exceed A Certain Limit
-                         * No Private Data is Leaked
-                         * It Varies Uniformly
-                         */
-                    }
-                    while (z >= xi);
-
-                    /* Sample A Bit from Bernoulli_{exp (- y * (y + 2 * k * x) / (2 * k^2 * SIGMA_2^2))} */
-                    k = (long)(xi * y + z);
-
-                }
-                while (bernoulli(CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE), z * ((k << 1) - z), exponentialDistribution) == 0);
-
-                /* Put Last Random Bits into Sign Bit */
-                randomBit <<= (int)(64 - bitRemained);
-
-                if (bitRemained == 0L)
-                {
-
-                    randomBit = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-                    bitRemained = 64;
-
-                }
-
-                sign = randomBit >> 63;
-                randomBit <<= 1;
-                bitRemained--;
-
-            }
-            while ((k | (sign & 1L)) == 0);
-
-            if (bitRemained == 0)
-            {
-
-                randomBit = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-                bitRemained = 64;
-
-            }
-
-            sign = randomBit >> 63;
-            randomBit <<= 1;
-            bitRemained--;
-            k = ((k << 1) & sign) - k;
-            data[dataOffset + index] = (int)((k << 48) >> 48);
-
-        }
-
-    }
-
-    /**************************************************************************************************************************
-     * Description:	Gaussian Sampler for Provably-Secure qTESLA Security Category-3
-     *
-     * @param        data                        Data to be Sampled
-     * @param        dataOffset                    Starting Point of the Data to be Sampled
-     * @param        seed                        Kappa-Bit Seed
-     * @param        seedOffset                    Starting Point of the Kappa-Bit Seed
-     * @param        nonce                        Domain Separator for Error Polynomial and Secret Polynomial
-     *
-     * @return none
-     **************************************************************************************************************************/
-    public static void polynomialGaussSamplerIIIP(long[] data, int dataOffset, final byte[] seed, int seedOffset, int nonce)
-    {
-
-        byte[] seedExpander = new byte[Parameter.N_III_P * Const.LONG_SIZE / Const.INT_SIZE];
-        short domainSeparator = (short)(nonce << 8);
-        int index;
-        int j = 0;
-        long k;
-        long sign;
-        long r;
-        long s;
-        long t;
-        long randomBit;
-        long bitRemained;
-        long y;
-        long z;
-
-        HashUtils.customizableSecureHashAlgorithmKECCAK256Simple(
-            seedExpander, 0, Parameter.N_III_P * Const.LONG_SIZE / Const.INT_SIZE, domainSeparator++, seed, seedOffset, Polynomial.RANDOM
-        );
-
-        for (index = 0; index < Parameter.N_III_P; index++)
-        {
-
-            if (j + 46 > Parameter.N_III_P)
-            {
-
-                HashUtils.customizableSecureHashAlgorithmKECCAK256Simple(
-                    seedExpander, 0, Parameter.N_III_P * Const.LONG_SIZE / Const.INT_SIZE, domainSeparator++, seed, seedOffset, Polynomial.RANDOM
-                );
-
-                j = 0;
-
-            }
-
-            do
-            {
-
-                randomBit = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-                bitRemained = 64;
-
-                do
-                {
-
-                    /* Sample x from D^+_{\SIGMA_2} and y from U ({0, ..., k - 1}) */
-                    do
-                    {
-
-                        r = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-                        s = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-                        t = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-
-                        if (bitRemained <= 64 - 6)
-                        {
-
-                            randomBit = (randomBit << 6) ^ ((r >>> 58) & 63L);
-                            bitRemained += 6;
-
-                        }
-
-                        r &= 0x000003FFFFFFFFFFL;
-
-                        /*
-                         * Checks If r Exceeds A Maximum Value
-                         * Variation is Random ad Does not Depend on Private Data
-                         */
-                    }
-                    while (r > 0x0000032102010020L);
-
-                    y = 0;
-
-                    for (int i = 0; i < 14; i++)
-                    {
-
-                        long c = t - CUMULATIVE_DISTRIBUTION_TABLE_III[i][2];
-
-                        long b = ((c & CUMULATIVE_DISTRIBUTION_TABLE_III[i][2] & 1L) + (CUMULATIVE_DISTRIBUTION_TABLE_III[i][2] >> 1) + (c >>> 1)) >> 63;
-
-                        /* Least significant Bits of All CUMULATIVE_DISTRIBUTION_TABLE[i][1] are Zero: Overflow Cannot Occur at This Point */
-                        c = s - (CUMULATIVE_DISTRIBUTION_TABLE_III[i][1] + b);
-
-                        b = (((c & b) & 1L) + (CUMULATIVE_DISTRIBUTION_TABLE_III[i][1] >> 1) + (c >>> 1)) >> 63;
-
-                        /* Least significant Bits of All CUMULATIVE_DISTRIBUTION_TABLE[i][0] are Zero: Overflow Cannot Occur at This Point */
-                        c = r - (CUMULATIVE_DISTRIBUTION_TABLE_III[i][0] + b);
-
-                        y += ~(c >>> 63) & 1L;
-
-                    }
-
-                    /* The Next Sampler Works Exclusively for xi <= 28 */
-                    do
-                    {
-
-                        do
-                        {
-
-                            if (bitRemained < 6)
-                            {
-
-                                randomBit = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-                                bitRemained = 64;
-
-                            }
-
-                            z = randomBit & 63L;
-                            randomBit >>= 6;
-                            bitRemained -= 6;
-
-                        }
-                        while (z == 63L);
-
-                        if (bitRemained < 2)
-                        {
-
-                            randomBit = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-                            bitRemained = 64;
-
-                        }
-
-                        z = (modulus7(z) << 2) + (randomBit & 3L);
-                        randomBit >>= 2;
-                        bitRemained -= 2;
-
-                        /*
-                         * Making Sure Random z Does not Exceed A Certain Limit
-                         * No Private Data is Leaked
-                         * It Varies Uniformly
-                         */
-                    }
-                    while (z >= Parameter.XI_III_P);
-
-                    /* Sample A Bit from Bernoulli_{exp (- y * (y + 2 * k * x) / (2 * k^2 * SIGMA_2^2))} */
-                    k = (long)(Parameter.XI_III_P * y + z);
-
-                }
-                while (bernoulli(CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE), z * ((k << 1) - z), EXPONENTIAL_DISTRIBUTION_P) == 0);
-
-                /* Put Last Random Bits into Sign Bit */
-                randomBit <<= (int)(64 - bitRemained);
-
-                if (bitRemained == 0L)
-                {
-
-                    randomBit = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-                    bitRemained = 64;
-
-                }
-
-                sign = randomBit >> 63;
-                randomBit <<= 1;
-                bitRemained--;
-
-            }
-            while ((k | (sign & 1L)) == 0);
-
-            if (bitRemained == 0)
-            {
-
-                randomBit = CommonFunction.load64(seedExpander, (j++) * Const.LONG_SIZE / Const.INT_SIZE);
-                bitRemained = 64;
-
-            }
-
-            sign = randomBit >> 63;
-            randomBit <<= 1;
-            bitRemained--;
-            k = ((k << 1) & sign) - k;
-            data[dataOffset + index] = (k << 48) >> 48;
-
-        }
-
-    }
-
-    /*************************************************************************************************************************
-     * Description:	Encoding of C' by Mapping the Output of the Hash Function H to An N-Element Vector with Entries {-1, 0, 1}
-     *
-     * @param        positionList            {0, ..., n - 1} ^ h
-     * @param        signList            {-1, +1} ^ h
-     * @param        output                Result of the Hash Function H
-     * @param        outputOffset        Starting Point of the Result of the Hash Function H
-     * @param        n                    Polynomial Degree
-     * @param        h                    Number of Non-Zero Entries of Output Elements of Encryption
-     *
-     * @return none
-     *************************************************************************************************************************/
-    public static void encodeC(int[] positionList, short[] signList, byte[] output, int outputOffset, int n, int h)
-    {
-
-        int count = 0;
-        int position;
-        short domainSeparator = 0;
-        short[] C = new short[n];
-        byte[] randomness = new byte[HashUtils.SECURE_HASH_ALGORITHM_KECCAK_128_RATE];
-
-        /* Use the Hash Value as Key to Generate Some Randomness */
-        HashUtils.customizableSecureHashAlgorithmKECCAK128Simple(
-            randomness, 0, HashUtils.SECURE_HASH_ALGORITHM_KECCAK_128_RATE,
-            domainSeparator++,
-            output, outputOffset, Polynomial.RANDOM
-        );
-
-        /* Use Rejection Sampling to Determine Positions to be Set in the New Vector */
-        Arrays.fill(C, (short)0);
-
-        /* Sample A Unique Position k times.
-         * Use Two Bytes
-         */
-        for (int i = 0; i < h; )
-        {
-
-            if (count > HashUtils.SECURE_HASH_ALGORITHM_KECCAK_128_RATE - 3)
-            {
-
-                HashUtils.customizableSecureHashAlgorithmKECCAK128Simple(
-                    randomness, 0, HashUtils.SECURE_HASH_ALGORITHM_KECCAK_128_RATE,
-                    domainSeparator++,
-                    output, outputOffset, Polynomial.RANDOM
-                );
-
-                count = 0;
-
-            }
-
-            position = (randomness[count] << 8) | (randomness[count + 1] & 0xFF);
-            position &= (n - 1);
-
-            /* Position is between [0, n - 1] and Has not Been Set Yet
-             * Determine Signature
-             */
-            if (C[position] == 0)
-            {
-
-                if ((randomness[count + 2] & 1) == 1)
-                {
-
-                    C[position] = -1;
-
-                }
-                else
-                {
-
-                    C[position] = 1;
-
-                }
-
-                positionList[i] = position;
-                signList[i] = C[position];
-                i++;
-
-            }
-
-            count += 3;
-
-        }
-
-    }
-
-    private static long round(double v)
-    {
-        if (v < 0)
-        {
-            return (long)(v - 0.5);
-        }
-        else
-        {
-            return (long)(v + 0.5);
-        }
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/Layer.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/Layer.java
deleted file mode 100644
index ae76922..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/Layer.java
+++ /dev/null

@@ -1,322 +0,0 @@
-package org.bouncycastle.pqc.crypto.rainbow;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.pqc.crypto.rainbow.util.GF2Field;
-import org.bouncycastle.pqc.crypto.rainbow.util.RainbowUtil;
-import org.bouncycastle.util.Arrays;
-
-
-/**
- * This class represents a layer of the Rainbow Oil- and Vinegar Map. Each Layer
- * consists of oi polynomials with their coefficients, generated at random.
- * <p>
- * To sign a document, we solve a LES (linear equation system) for each layer in
- * order to find the oil variables of that layer and to be able to use the
- * variables to compute the signature. This functionality is implemented in the
- * RainbowSignature-class, by the aid of the private key.
- * <p>
- * Each layer is a part of the private key.
- * <p>
- * More information about the layer can be found in the paper of Jintai Ding,
- * Dieter Schmidt: Rainbow, a New Multivariable Polynomial Signature Scheme.
- * ACNS 2005: 164-175 (http://dx.doi.org/10.1007/11496137_12)
- */
-public class Layer
-{
-    private int vi; // number of vinegars in this layer
-    private int viNext; // number of vinegars in next layer
-    private int oi; // number of oils in this layer
-
-    /*
-      * k : index of polynomial
-      *
-      * i,j : indices of oil and vinegar variables
-      */
-    private short[/* k */][/* i */][/* j */] coeff_alpha;
-    private short[/* k */][/* i */][/* j */] coeff_beta;
-    private short[/* k */][/* i */] coeff_gamma;
-    private short[/* k */] coeff_eta;
-
-    /**
-     * Constructor
-     *
-     * @param vi         number of vinegar variables of this layer
-     * @param viNext     number of vinegar variables of next layer. It's the same as
-     *                   (num of oils) + (num of vinegars) of this layer.
-     * @param coeffAlpha alpha-coefficients in the polynomials of this layer
-     * @param coeffBeta  beta-coefficients in the polynomials of this layer
-     * @param coeffGamma gamma-coefficients in the polynomials of this layer
-     * @param coeffEta   eta-coefficients in the polynomials of this layer
-     */
-    public Layer(byte vi, byte viNext, short[][][] coeffAlpha,
-                 short[][][] coeffBeta, short[][] coeffGamma, short[] coeffEta)
-    {
-        this.vi = vi & 0xff;
-        this.viNext = viNext & 0xff;
-        this.oi = this.viNext - this.vi;
-
-        // the secret coefficients of all polynomials in this layer
-        this.coeff_alpha = coeffAlpha;
-        this.coeff_beta = coeffBeta;
-        this.coeff_gamma = coeffGamma;
-        this.coeff_eta = coeffEta;
-    }
-
-    /**
-     * This function generates the coefficients of all polynomials in this layer
-     * at random using random generator.
-     *
-     * @param sr the random generator which is to be used
-     */
-    public Layer(int vi, int viNext, SecureRandom sr)
-    {
-        this.vi = vi;
-        this.viNext = viNext;
-        this.oi = viNext - vi;
-
-        // the coefficients of all polynomials in this layer
-        this.coeff_alpha = new short[this.oi][this.oi][this.vi];
-        this.coeff_beta = new short[this.oi][this.vi][this.vi];
-        this.coeff_gamma = new short[this.oi][this.viNext];
-        this.coeff_eta = new short[this.oi];
-
-        int numOfPoly = this.oi; // number of polynomials per layer
-
-        // Alpha coeffs
-        for (int k = 0; k < numOfPoly; k++)
-        {
-            for (int i = 0; i < this.oi; i++)
-            {
-                for (int j = 0; j < this.vi; j++)
-                {
-                    coeff_alpha[k][i][j] = (short)(sr.nextInt() & GF2Field.MASK);
-                }
-            }
-        }
-        // Beta coeffs
-        for (int k = 0; k < numOfPoly; k++)
-        {
-            for (int i = 0; i < this.vi; i++)
-            {
-                for (int j = 0; j < this.vi; j++)
-                {
-                    coeff_beta[k][i][j] = (short)(sr.nextInt() & GF2Field.MASK);
-                }
-            }
-        }
-        // Gamma coeffs
-        for (int k = 0; k < numOfPoly; k++)
-        {
-            for (int i = 0; i < this.viNext; i++)
-            {
-                coeff_gamma[k][i] = (short)(sr.nextInt() & GF2Field.MASK);
-            }
-        }
-        // Eta
-        for (int k = 0; k < numOfPoly; k++)
-        {
-            coeff_eta[k] = (short)(sr.nextInt() & GF2Field.MASK);
-        }
-    }
-
-    /**
-     * This method plugs in the vinegar variables into the polynomials of this
-     * layer and computes the coefficients of the Oil-variables as well as the
-     * free coefficient in each polynomial.
-     * <p>
-     * It is needed for computing the Oil variables while signing.
-     *
-     * @param x vinegar variables of this layer that should be plugged into
-     *          the polynomials.
-     * @return coeff the coefficients of Oil variables and the free coeff in the
-     *         polynomials of this layer.
-     */
-    public short[][] plugInVinegars(short[] x)
-    {
-        // temporary variable needed for the multiplication
-        short tmpMult = 0;
-        // coeff: 1st index = which polynomial, 2nd index=which variable
-        short[][] coeff = new short[oi][oi + 1]; // gets returned
-        // free coefficient per polynomial
-        short[] sum = new short[oi];
-
-        /*
-           * evaluate the beta-part of the polynomials (it contains no oil
-           * variables)
-           */
-        for (int k = 0; k < oi; k++)
-        {
-            for (int i = 0; i < vi; i++)
-            {
-                for (int j = 0; j < vi; j++)
-                {
-                    // tmp = beta * xi (plug in)
-                    tmpMult = GF2Field.multElem(coeff_beta[k][i][j], x[i]);
-                    // tmp = tmp * xj
-                    tmpMult = GF2Field.multElem(tmpMult, x[j]);
-                    // accumulate into the array for the free coefficients.
-                    sum[k] = GF2Field.addElem(sum[k], tmpMult);
-                }
-            }
-        }
-
-        /* evaluate the alpha-part (it contains oils) */
-        for (int k = 0; k < oi; k++)
-        {
-            for (int i = 0; i < oi; i++)
-            {
-                for (int j = 0; j < vi; j++)
-                {
-                    // alpha * xj (plug in)
-                    tmpMult = GF2Field.multElem(coeff_alpha[k][i][j], x[j]);
-                    // accumulate
-                    coeff[k][i] = GF2Field.addElem(coeff[k][i], tmpMult);
-                }
-            }
-        }
-        /* evaluate the gama-part of the polynomial (containing no oils) */
-        for (int k = 0; k < oi; k++)
-        {
-            for (int i = 0; i < vi; i++)
-            {
-                // gamma * xi (plug in)
-                tmpMult = GF2Field.multElem(coeff_gamma[k][i], x[i]);
-                // accumulate in the array for the free coefficients (per
-                // polynomial).
-                sum[k] = GF2Field.addElem(sum[k], tmpMult);
-            }
-        }
-        /* evaluate the gama-part of the polynomial (but containing oils) */
-        for (int k = 0; k < oi; k++)
-        {
-            for (int i = vi; i < viNext; i++)
-            { // oils
-                // accumulate the coefficients of the oil variables (per
-                // polynomial).
-                coeff[k][i - vi] = GF2Field.addElem(coeff_gamma[k][i],
-                    coeff[k][i - vi]);
-            }
-        }
-        /* evaluate the eta-part of the polynomial */
-        for (int k = 0; k < oi; k++)
-        {
-            // accumulate in the array for the free coefficients per polynomial.
-            sum[k] = GF2Field.addElem(sum[k], coeff_eta[k]);
-        }
-
-        /* put the free coefficients (sum) into the coeff-array as last column */
-        for (int k = 0; k < oi; k++)
-        {
-            coeff[k][oi] = sum[k];
-        }
-        return coeff;
-    }
-
-    /**
-     * Getter for the number of vinegar variables of this layer.
-     *
-     * @return the number of vinegar variables of this layer.
-     */
-    public int getVi()
-    {
-        return vi;
-    }
-
-    /**
-     * Getter for the number of vinegar variables of the next layer.
-     *
-     * @return the number of vinegar variables of the next layer.
-     */
-    public int getViNext()
-    {
-        return viNext;
-    }
-
-    /**
-     * Getter for the number of Oil variables of this layer.
-     *
-     * @return the number of oil variables of this layer.
-     */
-    public int getOi()
-    {
-        return oi;
-    }
-
-    /**
-     * Getter for the alpha-coefficients of the polynomials in this layer.
-     *
-     * @return the coefficients of alpha-terms of this layer.
-     */
-    public short[][][] getCoeffAlpha()
-    {
-        return coeff_alpha;
-    }
-
-    /**
-     * Getter for the beta-coefficients of the polynomials in this layer.
-     *
-     * @return the coefficients of beta-terms of this layer.
-     */
-
-    public short[][][] getCoeffBeta()
-    {
-        return coeff_beta;
-    }
-
-    /**
-     * Getter for the gamma-coefficients of the polynomials in this layer.
-     *
-     * @return the coefficients of gamma-terms of this layer
-     */
-    public short[][] getCoeffGamma()
-    {
-        return coeff_gamma;
-    }
-
-    /**
-     * Getter for the eta-coefficients of the polynomials in this layer.
-     *
-     * @return the coefficients eta of this layer
-     */
-    public short[] getCoeffEta()
-    {
-        return coeff_eta;
-    }
-
-    /**
-     * This function compares this Layer with another object.
-     *
-     * @param other the other object
-     * @return the result of the comparison
-     */
-    public boolean equals(Object other)
-    {
-        if (other == null || !(other instanceof Layer))
-        {
-            return false;
-        }
-        Layer otherLayer = (Layer)other;
-
-        return  vi == otherLayer.getVi()
-                && viNext == otherLayer.getViNext()
-                && oi == otherLayer.getOi()
-                && RainbowUtil.equals(coeff_alpha, otherLayer.getCoeffAlpha())
-                && RainbowUtil.equals(coeff_beta, otherLayer.getCoeffBeta())
-                && RainbowUtil.equals(coeff_gamma, otherLayer.getCoeffGamma())
-                && RainbowUtil.equals(coeff_eta, otherLayer.getCoeffEta());
-    }
-
-    public int hashCode()
-    {
-        int hash = vi;
-        hash = hash * 37 + viNext;
-        hash = hash * 37 + oi;
-        hash = hash * 37 + Arrays.hashCode(coeff_alpha);
-        hash = hash * 37 + Arrays.hashCode(coeff_beta);
-        hash = hash * 37 + Arrays.hashCode(coeff_gamma);
-        hash = hash * 37 + Arrays.hashCode(coeff_eta);
-
-        return hash;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/RainbowKeyGenerationParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/RainbowKeyGenerationParameters.java
deleted file mode 100644
index b634f9c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/RainbowKeyGenerationParameters.java
+++ /dev/null

@@ -1,26 +0,0 @@
-package org.bouncycastle.pqc.crypto.rainbow;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.KeyGenerationParameters;
-
-public class RainbowKeyGenerationParameters
-    extends KeyGenerationParameters
-{
-    private RainbowParameters params;
-
-    public RainbowKeyGenerationParameters(
-        SecureRandom random,
-        RainbowParameters params)
-    {
-        // TODO: key size?
-        super(random, params.getVi()[params.getVi().length - 1] - params.getVi()[0]);
-        this.params = params;
-    }
-
-    public RainbowParameters getParameters()
-    {
-        return params;
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/RainbowKeyPairGenerator.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/RainbowKeyPairGenerator.java
deleted file mode 100644
index e537336..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/RainbowKeyPairGenerator.java
+++ /dev/null

@@ -1,418 +0,0 @@
-package org.bouncycastle.pqc.crypto.rainbow;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.pqc.crypto.rainbow.util.ComputeInField;
-import org.bouncycastle.pqc.crypto.rainbow.util.GF2Field;
-
-/**
- * This class implements AsymmetricCipherKeyPairGenerator. It is used
- * as a generator for the private and public key of the Rainbow Signature
- * Scheme.
- * <p>
- * Detailed information about the key generation is to be found in the paper of
- * Jintai Ding, Dieter Schmidt: Rainbow, a New Multivariable Polynomial
- * Signature Scheme. ACNS 2005: 164-175 (http://dx.doi.org/10.1007/11496137_12)
- */
-public class RainbowKeyPairGenerator
-    implements AsymmetricCipherKeyPairGenerator
-{
-    private boolean initialized = false;
-    private SecureRandom sr;
-    private RainbowKeyGenerationParameters rainbowParams;
-
-    /* linear affine map L1: */
-    private short[][] A1; // matrix of the lin. affine map L1(n-v1 x n-v1 matrix)
-    private short[][] A1inv; // inverted A1
-    private short[] b1; // translation element of the lin.affine map L1
-
-    /* linear affine map L2: */
-    private short[][] A2; // matrix of the lin. affine map (n x n matrix)
-    private short[][] A2inv; // inverted A2
-    private short[] b2; // translation elemt of the lin.affine map L2
-
-    /* components of F: */
-    private int numOfLayers; // u (number of sets S)
-    private Layer layers[]; // layers of polynomials of F
-    private int[] vi; // set of vinegar vars per layer.
-
-    /* components of Public Key */
-    private short[][] pub_quadratic; // quadratic(mixed) coefficients
-    private short[][] pub_singular; // singular coefficients
-    private short[] pub_scalar; // scalars
-
-    // TODO
-
-    /**
-     * The standard constructor tries to generate the Rainbow algorithm identifier
-     * with the corresponding OID.
-     */
-    public RainbowKeyPairGenerator()
-    {
-    }
-
-
-    /**
-     * This function generates a Rainbow key pair.
-     *
-     * @return the generated key pair
-     */
-    public AsymmetricCipherKeyPair genKeyPair()
-    {
-        RainbowPrivateKeyParameters privKey;
-        RainbowPublicKeyParameters pubKey;
-
-        if (!initialized)
-        {
-            initializeDefault();
-        }
-
-        /* choose all coefficients at random */
-        keygen();
-
-        /* now marshall them to PrivateKey */
-        privKey = new RainbowPrivateKeyParameters(A1inv, b1, A2inv, b2, vi, layers);
-
-
-        /* marshall to PublicKey */
-        pubKey = new RainbowPublicKeyParameters(vi[vi.length - 1] - vi[0], pub_quadratic, pub_singular, pub_scalar);
-
-        return new AsymmetricCipherKeyPair(pubKey, privKey);
-    }
-
-    // TODO
-    public void initialize(
-        KeyGenerationParameters param)
-    {
-        this.rainbowParams = (RainbowKeyGenerationParameters)param;
-
-        // set source of randomness
-        this.sr = rainbowParams.getRandom();
-
-        // unmarshalling:
-        this.vi = this.rainbowParams.getParameters().getVi();
-        this.numOfLayers = this.rainbowParams.getParameters().getNumOfLayers();
-
-        this.initialized = true;
-    }
-
-    private void initializeDefault()
-    {
-        RainbowKeyGenerationParameters rbKGParams = new RainbowKeyGenerationParameters(CryptoServicesRegistrar.getSecureRandom(), new RainbowParameters());
-        initialize(rbKGParams);
-    }
-
-    /**
-     * This function calls the functions for the random generation of the coefficients
-     * and the matrices needed for the private key and the method for computing the public key.
-     */
-    private void keygen()
-    {
-        generateL1();
-        generateL2();
-        generateF();
-        computePublicKey();
-    }
-
-    /**
-     * This function generates the invertible affine linear map L1 = A1*x + b1
-     * <p>
-     * The translation part b1, is stored in a separate array. The inverse of
-     * the matrix-part of L1 A1inv is also computed here.
-     * </p><p>
-     * This linear map hides the output of the map F. It is on k^(n-v1).
-     * </p>
-     */
-    private void generateL1()
-    {
-
-        // dimension = n-v1 = vi[last] - vi[first]
-        int dim = vi[vi.length - 1] - vi[0];
-        this.A1 = new short[dim][dim];
-        this.A1inv = null;
-        ComputeInField c = new ComputeInField();
-
-        /* generation of A1 at random */
-        while (A1inv == null)
-        {
-            for (int i = 0; i < dim; i++)
-            {
-                for (int j = 0; j < dim; j++)
-                {
-                    A1[i][j] = (short)(sr.nextInt() & GF2Field.MASK);
-                }
-            }
-            A1inv = c.inverse(A1);
-        }
-
-        /* generation of the translation vector at random */
-        b1 = new short[dim];
-        for (int i = 0; i < dim; i++)
-        {
-            b1[i] = (short)(sr.nextInt() & GF2Field.MASK);
-        }
-    }
-
-    /**
-     * This function generates the invertible affine linear map L2 = A2*x + b2
-     * <p>
-     * The translation part b2, is stored in a separate array. The inverse of
-     * the matrix-part of L2 A2inv is also computed here.
-     * </p><p>
-     * This linear map hides the output of the map F. It is on k^(n).
-     * </p>
-     */
-    private void generateL2()
-    {
-
-        // dimension = n = vi[last]
-        int dim = vi[vi.length - 1];
-        this.A2 = new short[dim][dim];
-        this.A2inv = null;
-        ComputeInField c = new ComputeInField();
-
-        /* generation of A2 at random */
-        while (this.A2inv == null)
-        {
-            for (int i = 0; i < dim; i++)
-            {
-                for (int j = 0; j < dim; j++)
-                { // one col extra for b
-                    A2[i][j] = (short)(sr.nextInt() & GF2Field.MASK);
-                }
-            }
-            this.A2inv = c.inverse(A2);
-        }
-        /* generation of the translation vector at random */
-        b2 = new short[dim];
-        for (int i = 0; i < dim; i++)
-        {
-            b2[i] = (short)(sr.nextInt() & GF2Field.MASK);
-        }
-
-    }
-
-    /**
-     * This function generates the private map F, which consists of u-1 layers.
-     * Each layer consists of oi polynomials where oi = vi[i+1]-vi[i].
-     * <p>
-     * The methods for the generation of the coefficients of these polynomials
-     * are called here.
-     * </p>
-     */
-    private void generateF()
-    {
-
-        this.layers = new Layer[this.numOfLayers];
-        for (int i = 0; i < this.numOfLayers; i++)
-        {
-            layers[i] = new Layer(this.vi[i], this.vi[i + 1], sr);
-        }
-    }
-
-    /**
-     * This function computes the public key from the private key.
-     * <p>
-     * The composition of F with L2 is computed, followed by applying L1 to the
-     * composition's result. The singular and scalar values constitute to the
-     * public key as is, the quadratic terms are compacted in
-     * <tt>compactPublicKey()</tt>
-     * </p>
-     */
-    private void computePublicKey()
-    {
-
-        ComputeInField c = new ComputeInField();
-        int rows = this.vi[this.vi.length - 1] - this.vi[0];
-        int vars = this.vi[this.vi.length - 1];
-        // Fpub
-        short[][][] coeff_quadratic_3dim = new short[rows][vars][vars];
-        this.pub_singular = new short[rows][vars];
-        this.pub_scalar = new short[rows];
-
-        // Coefficients of layers of Private Key F
-        short[][][] coeff_alpha;
-        short[][][] coeff_beta;
-        short[][] coeff_gamma;
-        short[] coeff_eta;
-
-        // Needed for counters;
-        int oils = 0;
-        int vins = 0;
-        int crnt_row = 0; // current row (polynomial)
-
-        short vect_tmp[] = new short[vars]; // vector tmp;
-        short sclr_tmp = 0;
-
-        // Composition of F and L2: Insert L2 = A2*x+b2 in F
-        for (int l = 0; l < this.layers.length; l++)
-        {
-            // get coefficients of current layer
-            coeff_alpha = this.layers[l].getCoeffAlpha();
-            coeff_beta = this.layers[l].getCoeffBeta();
-            coeff_gamma = this.layers[l].getCoeffGamma();
-            coeff_eta = this.layers[l].getCoeffEta();
-            oils = coeff_alpha[0].length;// this.layers[l].getOi();
-            vins = coeff_beta[0].length;// this.layers[l].getVi();
-            // compute polynomials of layer
-            for (int p = 0; p < oils; p++)
-            {
-                // multiply alphas
-                for (int x1 = 0; x1 < oils; x1++)
-                {
-                    for (int x2 = 0; x2 < vins; x2++)
-                    {
-                        // multiply polynomial1 with polynomial2
-                        vect_tmp = c.multVect(coeff_alpha[p][x1][x2],
-                            this.A2[x1 + vins]);
-                        coeff_quadratic_3dim[crnt_row + p] = c.addSquareMatrix(
-                            coeff_quadratic_3dim[crnt_row + p], c
-                            .multVects(vect_tmp, this.A2[x2]));
-                        // mul poly1 with scalar2
-                        vect_tmp = c.multVect(this.b2[x2], vect_tmp);
-                        this.pub_singular[crnt_row + p] = c.addVect(vect_tmp,
-                            this.pub_singular[crnt_row + p]);
-                        // mul scalar1 with poly2
-                        vect_tmp = c.multVect(coeff_alpha[p][x1][x2],
-                            this.A2[x2]);
-                        vect_tmp = c.multVect(b2[x1 + vins], vect_tmp);
-                        this.pub_singular[crnt_row + p] = c.addVect(vect_tmp,
-                            this.pub_singular[crnt_row + p]);
-                        // mul scalar1 with scalar2
-                        sclr_tmp = GF2Field.multElem(coeff_alpha[p][x1][x2],
-                            this.b2[x1 + vins]);
-                        this.pub_scalar[crnt_row + p] = GF2Field.addElem(
-                            this.pub_scalar[crnt_row + p], GF2Field
-                            .multElem(sclr_tmp, this.b2[x2]));
-                    }
-                }
-                // multiply betas
-                for (int x1 = 0; x1 < vins; x1++)
-                {
-                    for (int x2 = 0; x2 < vins; x2++)
-                    {
-                        // multiply polynomial1 with polynomial2
-                        vect_tmp = c.multVect(coeff_beta[p][x1][x2],
-                            this.A2[x1]);
-                        coeff_quadratic_3dim[crnt_row + p] = c.addSquareMatrix(
-                            coeff_quadratic_3dim[crnt_row + p], c
-                            .multVects(vect_tmp, this.A2[x2]));
-                        // mul poly1 with scalar2
-                        vect_tmp = c.multVect(this.b2[x2], vect_tmp);
-                        this.pub_singular[crnt_row + p] = c.addVect(vect_tmp,
-                            this.pub_singular[crnt_row + p]);
-                        // mul scalar1 with poly2
-                        vect_tmp = c.multVect(coeff_beta[p][x1][x2],
-                            this.A2[x2]);
-                        vect_tmp = c.multVect(this.b2[x1], vect_tmp);
-                        this.pub_singular[crnt_row + p] = c.addVect(vect_tmp,
-                            this.pub_singular[crnt_row + p]);
-                        // mul scalar1 with scalar2
-                        sclr_tmp = GF2Field.multElem(coeff_beta[p][x1][x2],
-                            this.b2[x1]);
-                        this.pub_scalar[crnt_row + p] = GF2Field.addElem(
-                            this.pub_scalar[crnt_row + p], GF2Field
-                            .multElem(sclr_tmp, this.b2[x2]));
-                    }
-                }
-                // multiply gammas
-                for (int n = 0; n < vins + oils; n++)
-                {
-                    // mul poly with scalar
-                    vect_tmp = c.multVect(coeff_gamma[p][n], this.A2[n]);
-                    this.pub_singular[crnt_row + p] = c.addVect(vect_tmp,
-                        this.pub_singular[crnt_row + p]);
-                    // mul scalar with scalar
-                    this.pub_scalar[crnt_row + p] = GF2Field.addElem(
-                        this.pub_scalar[crnt_row + p], GF2Field.multElem(
-                        coeff_gamma[p][n], this.b2[n]));
-                }
-                // add eta
-                this.pub_scalar[crnt_row + p] = GF2Field.addElem(
-                    this.pub_scalar[crnt_row + p], coeff_eta[p]);
-            }
-            crnt_row = crnt_row + oils;
-        }
-
-        // Apply L1 = A1*x+b1 to composition of F and L2
-        {
-            // temporary coefficient arrays
-            short[][][] tmp_c_quad = new short[rows][vars][vars];
-            short[][] tmp_c_sing = new short[rows][vars];
-            short[] tmp_c_scal = new short[rows];
-            for (int r = 0; r < rows; r++)
-            {
-                for (int q = 0; q < A1.length; q++)
-                {
-                    tmp_c_quad[r] = c.addSquareMatrix(tmp_c_quad[r], c
-                        .multMatrix(A1[r][q], coeff_quadratic_3dim[q]));
-                    tmp_c_sing[r] = c.addVect(tmp_c_sing[r], c.multVect(
-                        A1[r][q], this.pub_singular[q]));
-                    tmp_c_scal[r] = GF2Field.addElem(tmp_c_scal[r], GF2Field
-                        .multElem(A1[r][q], this.pub_scalar[q]));
-                }
-                tmp_c_scal[r] = GF2Field.addElem(tmp_c_scal[r], b1[r]);
-            }
-            // set public key
-            coeff_quadratic_3dim = tmp_c_quad;
-            this.pub_singular = tmp_c_sing;
-            this.pub_scalar = tmp_c_scal;
-        }
-        compactPublicKey(coeff_quadratic_3dim);
-    }
-
-    /**
-     * The quadratic (or mixed) terms of the public key are compacted from a n x
-     * n matrix per polynomial to an upper diagonal matrix stored in one integer
-     * array of n (n + 1) / 2 elements per polynomial. The ordering of elements
-     * is lexicographic and the result is updating <tt>this.pub_quadratic</tt>,
-     * which stores the quadratic elements of the public key.
-     *
-     * @param coeff_quadratic_to_compact 3-dimensional array containing a n x n Matrix for each of the
-     *                                   n - v1 polynomials
-     */
-    private void compactPublicKey(short[][][] coeff_quadratic_to_compact)
-    {
-        int polynomials = coeff_quadratic_to_compact.length;
-        int n = coeff_quadratic_to_compact[0].length;
-        int entries = n * (n + 1) / 2;// the small gauss
-        this.pub_quadratic = new short[polynomials][entries];
-        int offset = 0;
-
-        for (int p = 0; p < polynomials; p++)
-        {
-            offset = 0;
-            for (int x = 0; x < n; x++)
-            {
-                for (int y = x; y < n; y++)
-                {
-                    if (y == x)
-                    {
-                        this.pub_quadratic[p][offset] = coeff_quadratic_to_compact[p][x][y];
-                    }
-                    else
-                    {
-                        this.pub_quadratic[p][offset] = GF2Field.addElem(
-                            coeff_quadratic_to_compact[p][x][y],
-                            coeff_quadratic_to_compact[p][y][x]);
-                    }
-                    offset++;
-                }
-            }
-        }
-    }
-
-    public void init(KeyGenerationParameters param)
-    {
-        this.initialize(param);
-    }
-
-    public AsymmetricCipherKeyPair generateKeyPair()
-    {
-        return genKeyPair();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/RainbowKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/RainbowKeyParameters.java
deleted file mode 100644
index 9dec685..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/RainbowKeyParameters.java
+++ /dev/null

@@ -1,25 +0,0 @@
-package org.bouncycastle.pqc.crypto.rainbow;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-
-public class RainbowKeyParameters 
-    extends AsymmetricKeyParameter
-{
-    private int docLength;
-
-    public RainbowKeyParameters(
-            boolean         isPrivate,
-            int             docLength)
-    {
-        super(isPrivate);
-        this.docLength = docLength;
-    }
-
-    /**
-     * @return the docLength
-     */
-    public int getDocLength()
-    {
-        return this.docLength;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/RainbowParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/RainbowParameters.java
deleted file mode 100644
index 926f1ba..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/RainbowParameters.java
+++ /dev/null

@@ -1,104 +0,0 @@
-package org.bouncycastle.pqc.crypto.rainbow;
-
-import org.bouncycastle.crypto.CipherParameters;
-
-public class RainbowParameters
-    implements CipherParameters
-{
-
-    /**
-     * DEFAULT PARAMS
-     */
-    /*
-      * Vi = vinegars per layer whereas n is vu (vu = 33 = n) such that
-      *
-      * v1 = 6; o1 = 12-6 = 6
-      *
-      * v2 = 12; o2 = 17-12 = 5
-      *
-      * v3 = 17; o3 = 22-17 = 5
-      *
-      * v4 = 22; o4 = 33-22 = 11
-      *
-      * v5 = 33; (o5 = 0)
-      */
-    private final int[] DEFAULT_VI = {6, 12, 17, 22, 33};
-
-    private int[] vi;// set of vinegar vars per layer.
-
-    /**
-     * Default Constructor The elements of the array containing the number of
-     * Vinegar variables in each layer are set to the default values here.
-     */
-    public RainbowParameters()
-    {
-        this.vi = this.DEFAULT_VI;
-    }
-
-    /**
-     * Constructor with parameters
-     *
-     * @param vi The elements of the array containing the number of Vinegar
-     *           variables per layer are set to the values of the input array.
-     */
-    public RainbowParameters(int[] vi)
-    {
-        this.vi = vi;
-
-        checkParams();
-    }
-
-    private void checkParams()
-    {
-        if (vi == null)
-        {
-            throw new IllegalArgumentException("no layers defined.");
-        }
-        if (vi.length > 1)
-        {
-            for (int i = 0; i < vi.length - 1; i++)
-            {
-                if (vi[i] >= vi[i + 1])
-                {
-                    throw new IllegalArgumentException(
-                        "v[i] has to be smaller than v[i+1]");
-                }
-            }
-        }
-        else
-        {
-            throw new IllegalArgumentException(
-                "Rainbow needs at least 1 layer, such that v1 < v2.");
-        }
-    }
-
-    /**
-     * Getter for the number of layers
-     *
-     * @return the number of layers
-     */
-    public int getNumOfLayers()
-    {
-        return this.vi.length - 1;
-    }
-
-    /**
-     * Getter for the number of all the polynomials in Rainbow
-     *
-     * @return the number of the polynomials
-     */
-    public int getDocLength()
-    {
-        return vi[vi.length - 1] - vi[0];
-    }
-
-    /**
-     * Getter for the array containing the number of Vinegar-variables per layer
-     *
-     * @return the numbers of vinegars per layer
-     */
-    public int[] getVi()
-    {
-        return this.vi;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/RainbowPrivateKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/RainbowPrivateKeyParameters.java
deleted file mode 100644
index 9876882..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/RainbowPrivateKeyParameters.java
+++ /dev/null

@@ -1,117 +0,0 @@
-package org.bouncycastle.pqc.crypto.rainbow;
-
-public class RainbowPrivateKeyParameters
-    extends RainbowKeyParameters
-{
-    /**
-     * Constructor
-     *
-     * @param A1inv  the inverse of A1(the matrix part of the affine linear map L1)
-     *               (n-v1 x n-v1 matrix)
-     * @param b1     translation vector, part of the linear affine map L1
-     * @param A2inv  the inverse of A2(the matrix part of the affine linear map L2)
- *               (n x n matrix)
-     * @param b2     translation vector, part of the linear affine map L2
-     * @param vi     the number of Vinegar-variables per layer
-     * @param layers the polynomials with their coefficients of private map F
-     */
-    public RainbowPrivateKeyParameters(short[][] A1inv, short[] b1,
-                                       short[][] A2inv, short[] b2, int[] vi, Layer[] layers)
-    {
-        super(true, vi[vi.length - 1] - vi[0]);
-
-        this.A1inv = A1inv;
-        this.b1 = b1;
-        this.A2inv = A2inv;
-        this.b2 = b2;
-        this.vi = vi;
-        this.layers = layers;
-    }
-
-    /*
-      * invertible affine linear map L1
-      */
-    // the inverse of A1, (n-v1 x n-v1 matrix)
-    private short[][] A1inv;
-
-    // translation vector of L1
-    private short[] b1;
-
-    /*
-      * invertible affine linear map L2
-      */
-    // the inverse of A2, (n x n matrix)
-    private short[][] A2inv;
-
-    // translation vector of L2
-    private short[] b2;
-
-    /*
-      * components of F
-      */
-    // the number of Vinegar-variables per layer.
-    private int[] vi;
-
-    // contains the polynomials with their coefficients of private map F
-    private Layer[] layers;
-
-    /**
-     * Getter for the translation part of the private quadratic map L1.
-     *
-     * @return b1 the translation part of L1
-     */
-    public short[] getB1()
-    {
-        return this.b1;
-    }
-
-    /**
-     * Getter for the inverse matrix of A1.
-     *
-     * @return the A1inv inverse
-     */
-    public short[][] getInvA1()
-    {
-        return this.A1inv;
-    }
-
-    /**
-     * Getter for the translation part of the private quadratic map L2.
-     *
-     * @return b2 the translation part of L2
-     */
-    public short[] getB2()
-    {
-        return this.b2;
-    }
-
-    /**
-     * Getter for the inverse matrix of A2
-     *
-     * @return the A2inv
-     */
-    public short[][] getInvA2()
-    {
-        return this.A2inv;
-    }
-
-    /**
-     * Returns the layers contained in the private key
-     *
-     * @return layers
-     */
-    public Layer[] getLayers()
-    {
-        return this.layers;
-    }
-
-    /**
-     * /** Returns the array of vi-s
-     *
-     * @return the vi
-     */
-    public int[] getVi()
-    {
-        return vi;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/RainbowPublicKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/RainbowPublicKeyParameters.java
deleted file mode 100644
index 6f3e46f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/RainbowPublicKeyParameters.java
+++ /dev/null

@@ -1,53 +0,0 @@
-package org.bouncycastle.pqc.crypto.rainbow;
-
-public class RainbowPublicKeyParameters
-    extends RainbowKeyParameters
-{
-    private short[][] coeffquadratic;
-    private short[][] coeffsingular;
-    private short[] coeffscalar;
-
-    /**
-     * Constructor
-     *
-     * @param docLength
-     * @param coeffQuadratic
-     * @param coeffSingular
-     * @param coeffScalar
-     */
-    public RainbowPublicKeyParameters(int docLength,
-                                      short[][] coeffQuadratic, short[][] coeffSingular,
-                                      short[] coeffScalar)
-    {
-        super(false, docLength);
-
-        this.coeffquadratic = coeffQuadratic;
-        this.coeffsingular = coeffSingular;
-        this.coeffscalar = coeffScalar;
-
-    }
-
-    /**
-     * @return the coeffquadratic
-     */
-    public short[][] getCoeffQuadratic()
-    {
-        return coeffquadratic;
-    }
-
-    /**
-     * @return the coeffsingular
-     */
-    public short[][] getCoeffSingular()
-    {
-        return coeffsingular;
-    }
-
-    /**
-     * @return the coeffscalar
-     */
-    public short[] getCoeffScalar()
-    {
-        return coeffscalar;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/RainbowSigner.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/RainbowSigner.java
deleted file mode 100644
index fe0cd98..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/RainbowSigner.java
+++ /dev/null

@@ -1,311 +0,0 @@
-package org.bouncycastle.pqc.crypto.rainbow;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.pqc.crypto.MessageSigner;
-import org.bouncycastle.pqc.crypto.rainbow.util.ComputeInField;
-import org.bouncycastle.pqc.crypto.rainbow.util.GF2Field;
-
-/**
- * It implements the sign and verify functions for the Rainbow Signature Scheme.
- * Here the message, which has to be signed, is updated. The use of
- * different hash functions is possible.
- * <p>
- * Detailed information about the signature and the verify-method is to be found
- * in the paper of Jintai Ding, Dieter Schmidt: Rainbow, a New Multivariable
- * Polynomial Signature Scheme. ACNS 2005: 164-175
- * (http://dx.doi.org/10.1007/11496137_12)
- */
-public class RainbowSigner
-    implements MessageSigner
-{
-    private static final int MAXITS = 65536;
-    
-    // Source of randomness
-    private SecureRandom random;
-
-    // The length of a document that can be signed with the privKey
-    int signableDocumentLength;
-
-    // Container for the oil and vinegar variables of all the layers
-    private short[] x;
-
-    private ComputeInField cf = new ComputeInField();
-
-    RainbowKeyParameters key;
-
-    public void init(boolean forSigning,
-                     CipherParameters param)
-    {
-        if (forSigning)
-        {
-            if (param instanceof ParametersWithRandom)
-            {
-                ParametersWithRandom rParam = (ParametersWithRandom)param;
-
-                this.random = rParam.getRandom();
-                this.key = (RainbowPrivateKeyParameters)rParam.getParameters();
-
-            }
-            else
-            {
-
-                this.random = CryptoServicesRegistrar.getSecureRandom();
-                this.key = (RainbowPrivateKeyParameters)param;
-            }
-        }
-        else
-        {
-            this.key = (RainbowPublicKeyParameters)param;
-        }
-
-        this.signableDocumentLength = this.key.getDocLength();
-    }
-
-
-    /**
-     * initial operations before solving the Linear equation system.
-     *
-     * @param layer the current layer for which a LES is to be solved.
-     * @param msg   the message that should be signed.
-     * @return Y_ the modified document needed for solving LES, (Y_ =
-     * A1^{-1}*(Y-b1)) linear map L1 = A1 x + b1.
-     */
-    private short[] initSign(Layer[] layer, short[] msg)
-    {
-
-        /* preparation: Modifies the document with the inverse of L1 */
-        // tmp = Y - b1:
-        short[] tmpVec = new short[msg.length];
-
-        tmpVec = cf.addVect(((RainbowPrivateKeyParameters)this.key).getB1(), msg);
-
-        // Y_ = A1^{-1} * (Y - b1) :
-        short[] Y_ = cf.multiplyMatrix(((RainbowPrivateKeyParameters)this.key).getInvA1(), tmpVec);
-
-        /* generates the vinegar vars of the first layer at random */
-        for (int i = 0; i < layer[0].getVi(); i++)
-        {
-            x[i] = (short)random.nextInt();
-            x[i] = (short)(x[i] & GF2Field.MASK);
-        }
-
-        return Y_;
-    }
-
-    /**
-     * This function signs the message that has been updated, making use of the
-     * private key.
-     * <p>
-     * For computing the signature, L1 and L2 are needed, as well as LES should
-     * be solved for each layer in order to find the Oil-variables in the layer.
-     * <p>
-     * The Vinegar-variables of the first layer are random generated.
-     *
-     * @param message the message
-     * @return the signature of the message.
-     */
-    public byte[] generateSignature(byte[] message)
-    {
-        Layer[] layer = ((RainbowPrivateKeyParameters)this.key).getLayers();
-        int numberOfLayers = layer.length;
-
-        x = new short[((RainbowPrivateKeyParameters)this.key).getInvA2().length]; // all variables
-
-        short[] Y_; // modified document
-        short[] y_i; // part of Y_ each polynomial
-        int counter; // index of the current part of the doc
-
-        short[] solVec; // the solution of LES pro layer
-        short[] tmpVec;
-
-        // the signature as an array of shorts:
-        short[] signature;
-        // the signature as a byte-array:
-        byte[] S = new byte[layer[numberOfLayers - 1].getViNext()];
-
-        short[] msgHashVals = makeMessageRepresentative(message);
-        int itCount = 0;
-
-        // shows if an exception is caught
-        boolean ok;
-        do
-        {
-            ok = true;
-            counter = 0;
-            try
-            {
-                Y_ = initSign(layer, msgHashVals);
-
-                for (int i = 0; i < numberOfLayers; i++)
-                {
-
-                    y_i = new short[layer[i].getOi()];
-                    solVec = new short[layer[i].getOi()]; // solution of LES
-
-                    /* copy oi elements of Y_ into y_i */
-                    for (int k = 0; k < layer[i].getOi(); k++)
-                    {
-                        y_i[k] = Y_[counter];
-                        counter++; // current index of Y_
-                    }
-
-                    /*
-                     * plug in the vars of the previous layer in order to get
-                     * the vars of the current layer
-                     */
-                    solVec = cf.solveEquation(layer[i].plugInVinegars(x), y_i);
-
-                    if (solVec == null)
-                    { // LES is not solveable
-                        throw new Exception("LES is not solveable!");
-                    }
-
-                    /* copy the new vars into the x-array */
-                    for (int j = 0; j < solVec.length; j++)
-                    {
-                        x[layer[i].getVi() + j] = solVec[j];
-                    }
-                }
-
-                /* apply the inverse of L2: (signature = A2^{-1}*(b2+x)) */
-                tmpVec = cf.addVect(((RainbowPrivateKeyParameters)this.key).getB2(), x);
-                signature = cf.multiplyMatrix(((RainbowPrivateKeyParameters)this.key).getInvA2(), tmpVec);
-
-                /* cast signature from short[] to byte[] */
-                for (int i = 0; i < S.length; i++)
-                {
-                    S[i] = ((byte)signature[i]);
-                }
-            }
-            catch (Exception se)
-            {
-                // if one of the LESs was not solveable - sign again
-                ok = false;
-            }
-        }
-        while (!ok && ++itCount < MAXITS);
-        /* return the signature in bytes */
-
-        if (itCount == MAXITS)
-        {
-            throw new IllegalStateException("unable to generate signature - LES not solvable");
-        }
-
-        return S;
-    }
-
-    /**
-     * This function verifies the signature of the message that has been
-     * updated, with the aid of the public key.
-     *
-     * @param message   the message
-     * @param signature the signature of the message
-     * @return true if the signature has been verified, false otherwise.
-     */
-    public boolean verifySignature(byte[] message, byte[] signature)
-    {
-        short[] sigInt = new short[signature.length];
-        short tmp;
-
-        for (int i = 0; i < signature.length; i++)
-        {
-            tmp = (short)signature[i];
-            tmp &= (short)0xff;
-            sigInt[i] = tmp;
-        }
-
-        short[] msgHashVal = makeMessageRepresentative(message);
-
-        // verify
-        short[] verificationResult = verifySignatureIntern(sigInt);
-
-        // compare
-        boolean verified = true;
-        if (msgHashVal.length != verificationResult.length)
-        {
-            return false;
-        }
-        for (int i = 0; i < msgHashVal.length; i++)
-        {
-            verified = verified && msgHashVal[i] == verificationResult[i];
-        }
-
-        return verified;
-    }
-
-    /**
-     * Signature verification using public key
-     *
-     * @param signature vector of dimension n
-     * @return document hash of length n - v1
-     */
-    private short[] verifySignatureIntern(short[] signature)
-    {
-
-        short[][] coeff_quadratic = ((RainbowPublicKeyParameters)this.key).getCoeffQuadratic();
-        short[][] coeff_singular = ((RainbowPublicKeyParameters)this.key).getCoeffSingular();
-        short[] coeff_scalar = ((RainbowPublicKeyParameters)this.key).getCoeffScalar();
-
-        short[] rslt = new short[coeff_quadratic.length];// n - v1
-        int n = coeff_singular[0].length;
-        int offset = 0; // array position
-        short tmp = 0; // for scalar
-
-        for (int p = 0; p < coeff_quadratic.length; p++)
-        { // no of polynomials
-            offset = 0;
-            for (int x = 0; x < n; x++)
-            {
-                // calculate quadratic terms
-                for (int y = x; y < n; y++)
-                {
-                    tmp = GF2Field.multElem(coeff_quadratic[p][offset],
-                        GF2Field.multElem(signature[x], signature[y]));
-                    rslt[p] = GF2Field.addElem(rslt[p], tmp);
-                    offset++;
-                }
-                // calculate singular terms
-                tmp = GF2Field.multElem(coeff_singular[p][x], signature[x]);
-                rslt[p] = GF2Field.addElem(rslt[p], tmp);
-            }
-            // add scalar
-            rslt[p] = GF2Field.addElem(rslt[p], coeff_scalar[p]);
-        }
-
-        return rslt;
-    }
-
-    /**
-     * This function creates the representative of the message which gets signed
-     * or verified.
-     *
-     * @param message the message
-     * @return message representative
-     */
-    private short[] makeMessageRepresentative(byte[] message)
-    {
-        // the message representative
-        short[] output = new short[this.signableDocumentLength];
-
-        int h = 0;
-        int i = 0;
-        do
-        {
-            if (i >= message.length)
-            {
-                break;
-            }
-            output[i] = (short)message[h];
-            output[i] &= (short)0xff;
-            h++;
-            i++;
-        }
-        while (i < output.length);
-
-        return output;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/util/ComputeInField.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/util/ComputeInField.java
deleted file mode 100644
index c44a2de..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/util/ComputeInField.java
+++ /dev/null

@@ -1,493 +0,0 @@
-package org.bouncycastle.pqc.crypto.rainbow.util;
-
-/**
- * This class offers different operations on matrices in field GF2^8.
- * <p>
- * Implemented are functions:
- * - finding inverse of a matrix
- * - solving linear equation systems using the Gauss-Elimination method
- * - basic operations like matrix multiplication, addition and so on.
- */
-
-public class ComputeInField
-{
-
-    private short[][] A; // used by solveEquation and inverse
-    short[] x;
-
-    /**
-     * Constructor with no parameters
-     */
-    public ComputeInField()
-    {
-    }
-
-
-    /**
-     * This function finds a solution of the equation Bx = b.
-     * Exception is thrown if the linear equation system has no solution
-     *
-     * @param B this matrix is the left part of the
-     *          equation (B in the equation above)
-     * @param b the right part of the equation
-     *          (b in the equation above)
-     * @return x  the solution of the equation if it is solvable
-     * null otherwise
-     * @throws RuntimeException if LES is not solvable
-     */
-    public short[] solveEquation(short[][] B, short[] b)
-    {
-        if (B.length != b.length)
-        {
-            return null;   // not solvable in this form
-        }
-
-        try
-        {
-
-
-            /** initialize **/
-            // this matrix stores B and b from the equation B*x = b
-            // b is stored as the last column.
-            // B contains one column more than rows.
-            // In this column we store a free coefficient that should be later subtracted from b
-            A = new short[B.length][B.length + 1];
-            // stores the solution of the LES
-            x = new short[B.length];
-
-            /** copy B into the global matrix A **/
-            for (int i = 0; i < B.length; i++)
-            { // rows
-                for (int j = 0; j < B[0].length; j++)
-                { // cols
-                    A[i][j] = B[i][j];
-                }
-            }
-
-            /** copy the vector b into the global A **/
-            //the free coefficient, stored in the last column of A( A[i][b.length]
-            // is to be subtracted from b
-            for (int i = 0; i < b.length; i++)
-            {
-                A[i][b.length] = GF2Field.addElem(b[i], A[i][b.length]);
-            }
-
-            /** call the methods for gauss elimination and backward substitution **/
-            computeZerosUnder(false);     // obtain zeros under the diagonal
-            substitute();
-
-            return x;
-
-        }
-        catch (RuntimeException rte)
-        {
-            return null; // the LES is not solvable!
-        }
-    }
-
-    /**
-     * This function computes the inverse of a given matrix using the Gauss-
-     * Elimination method.
-     * <p>
-     * An exception is thrown if the matrix has no inverse
-     *
-     * @param coef the matrix which inverse matrix is needed
-     * @return inverse matrix of the input matrix.
-     * If the matrix is singular, null is returned.
-     * @throws RuntimeException if the given matrix is not invertible
-     */
-    public short[][] inverse(short[][] coef)
-    {
-        try
-        {
-            /** Initialization: **/
-            short factor;
-            short[][] inverse;
-            A = new short[coef.length][2 * coef.length];
-            if (coef.length != coef[0].length)
-            {
-                throw new RuntimeException(
-                    "The matrix is not invertible. Please choose another one!");
-            }
-
-            /** prepare: Copy coef and the identity matrix into the global A. **/
-            for (int i = 0; i < coef.length; i++)
-            {
-                for (int j = 0; j < coef.length; j++)
-                {
-                    //copy the input matrix coef into A
-                    A[i][j] = coef[i][j];
-                }
-                // copy the identity matrix into A.
-                for (int j = coef.length; j < 2 * coef.length; j++)
-                {
-                    A[i][j] = 0;
-                }
-                A[i][i + A.length] = 1;
-            }
-
-            /** Elimination operations to get the identity matrix from the left side of A. **/
-            // modify A to get 0s under the diagonal.
-            computeZerosUnder(true);
-
-            // modify A to get only 1s on the diagonal: A[i][j] =A[i][j]/A[i][i].
-            for (int i = 0; i < A.length; i++)
-            {
-                factor = GF2Field.invElem(A[i][i]);
-                for (int j = i; j < 2 * A.length; j++)
-                {
-                    A[i][j] = GF2Field.multElem(A[i][j], factor);
-                }
-            }
-
-            //modify A to get only 0s above the diagonal.
-            computeZerosAbove();
-
-            // copy the result (the second half of A) in the matrix inverse.
-            inverse = new short[A.length][A.length];
-            for (int i = 0; i < A.length; i++)
-            {
-                for (int j = A.length; j < 2 * A.length; j++)
-                {
-                    inverse[i][j - A.length] = A[i][j];
-                }
-            }
-            return inverse;
-
-        }
-        catch (RuntimeException rte)
-        {
-            // The matrix is not invertible! A new one should be generated!
-            return null;
-        }
-    }
-
-    /**
-     * Elimination under the diagonal.
-     * This function changes a matrix so that it contains only zeros under the
-     * diagonal(Ai,i) using only Gauss-Elimination operations.
-     * <p>
-     * It is used in solveEquaton as well as in the function for
-     * finding an inverse of a matrix: {@link}inverse. Both of them use the
-     * Gauss-Elimination Method.
-     * </p><p>
-     * The result is stored in the global matrix A
-     * </p>
-     *
-     * @param usedForInverse This parameter shows if the function is used by the
-     *                       solveEquation-function or by the inverse-function and according
-     *                       to this creates matrices of different sizes.
-     * @throws RuntimeException in case a multiplicative inverse of 0 is needed
-     */
-    private void computeZerosUnder(boolean usedForInverse)
-        throws RuntimeException
-    {
-
-        //the number of columns in the global A where the tmp results are stored
-        int length;
-        short tmp = 0;
-
-        //the function is used in inverse() - A should have 2 times more columns than rows
-        if (usedForInverse)
-        {
-            length = 2 * A.length;
-        }
-        //the function is used in solveEquation - A has 1 column more than rows
-        else
-        {
-            length = A.length + 1;
-        }
-
-        //elimination operations to modify A so that that it contains only 0s under the diagonal
-        for (int k = 0; k < A.length - 1; k++)
-        { // the fixed row
-            for (int i = k + 1; i < A.length; i++)
-            { // rows
-                short factor1 = A[i][k];
-                short factor2 = GF2Field.invElem(A[k][k]);
-
-                //The element which multiplicative inverse is needed, is 0
-                //in this case is the input matrix not invertible
-                if (factor2 == 0)
-                {
-                    throw new IllegalStateException("Matrix not invertible! We have to choose another one!");
-                }
-
-                for (int j = k; j < length; j++)
-                {// columns
-                    // tmp=A[k,j] / A[k,k]
-                    tmp = GF2Field.multElem(A[k][j], factor2);
-                    // tmp = A[i,k] * A[k,j] / A[k,k]
-                    tmp = GF2Field.multElem(factor1, tmp);
-                    // A[i,j]=A[i,j]-A[i,k]/A[k,k]*A[k,j];
-                    A[i][j] = GF2Field.addElem(A[i][j], tmp);
-                }
-            }
-        }
-    }
-
-    /**
-     * Elimination above the diagonal.
-     * This function changes a matrix so that it contains only zeros above the
-     * diagonal(Ai,i) using only Gauss-Elimination operations.
-     * <p>
-     * It is used in the inverse-function
-     * The result is stored in the global matrix A
-     * </p>
-     *
-     * @throws RuntimeException in case a multiplicative inverse of 0 is needed
-     */
-    private void computeZerosAbove()
-        throws RuntimeException
-    {
-        short tmp = 0;
-        for (int k = A.length - 1; k > 0; k--)
-        { // the fixed row
-            for (int i = k - 1; i >= 0; i--)
-            { // rows
-                short factor1 = A[i][k];
-                short factor2 = GF2Field.invElem(A[k][k]);
-                if (factor2 == 0)
-                {
-                    throw new RuntimeException("The matrix is not invertible");
-                }
-                for (int j = k; j < 2 * A.length; j++)
-                { // columns
-                    // tmp = A[k,j] / A[k,k]
-                    tmp = GF2Field.multElem(A[k][j], factor2);
-                    // tmp = A[i,k] * A[k,j] / A[k,k]
-                    tmp = GF2Field.multElem(factor1, tmp);
-                    // A[i,j] = A[i,j] - A[i,k] / A[k,k] * A[k,j];
-                    A[i][j] = GF2Field.addElem(A[i][j], tmp);
-                }
-            }
-        }
-    }
-
-
-    /**
-     * This function uses backward substitution to find x
-     * of the linear equation system (LES) B*x = b,
-     * where A a triangle-matrix is (contains only zeros under the diagonal)
-     * and b is a vector
-     * <p>
-     * If the multiplicative inverse of 0 is needed, an exception is thrown.
-     * In this case is the LES not solvable
-     * </p>
-     *
-     * @throws RuntimeException in case a multiplicative inverse of 0 is needed
-     */
-    private void substitute()
-        throws IllegalStateException
-    {
-
-        // for the temporary results of the operations in field
-        short tmp, temp;
-
-        temp = GF2Field.invElem(A[A.length - 1][A.length - 1]);
-        if (temp == 0)
-        {
-            throw new IllegalStateException("The equation system is not solvable");
-        }
-
-        /** backward substitution **/
-        x[A.length - 1] = GF2Field.multElem(A[A.length - 1][A.length], temp);
-        for (int i = A.length - 2; i >= 0; i--)
-        {
-            tmp = A[i][A.length];
-            for (int j = A.length - 1; j > i; j--)
-            {
-                temp = GF2Field.multElem(A[i][j], x[j]);
-                tmp = GF2Field.addElem(tmp, temp);
-            }
-
-            temp = GF2Field.invElem(A[i][i]);
-            if (temp == 0)
-            {
-                throw new IllegalStateException("Not solvable equation system");
-            }
-            x[i] = GF2Field.multElem(tmp, temp);
-        }
-    }
-
-
-    /**
-     * This function multiplies two given matrices.
-     * If the given matrices cannot be multiplied due
-     * to different sizes, an exception is thrown.
-     *
-     * @param M1 -the 1st matrix
-     * @param M2 -the 2nd matrix
-     * @return A = M1*M2
-     * @throws RuntimeException in case the given matrices cannot be multiplied
-     * due to different dimensions.
-     */
-    public short[][] multiplyMatrix(short[][] M1, short[][] M2)
-        throws RuntimeException
-    {
-
-        if (M1[0].length != M2.length)
-        {
-            throw new RuntimeException("Multiplication is not possible!");
-        }
-        short tmp = 0;
-        A = new short[M1.length][M2[0].length];
-        for (int i = 0; i < M1.length; i++)
-        {
-            for (int j = 0; j < M2.length; j++)
-            {
-                for (int k = 0; k < M2[0].length; k++)
-                {
-                    tmp = GF2Field.multElem(M1[i][j], M2[j][k]);
-                    A[i][k] = GF2Field.addElem(A[i][k], tmp);
-                }
-            }
-        }
-        return A;
-    }
-
-    /**
-     * This function multiplies a given matrix with a one-dimensional array.
-     * <p>
-     * An exception is thrown, if the number of columns in the matrix and
-     * the number of rows in the one-dim. array differ.
-     *
-     * @param M1 the matrix to be multiplied
-     * @param m  the one-dimensional array to be multiplied
-     * @return M1*m
-     * @throws RuntimeException in case of dimension inconsistency
-     */
-    public short[] multiplyMatrix(short[][] M1, short[] m)
-        throws RuntimeException
-    {
-        if (M1[0].length != m.length)
-        {
-            throw new RuntimeException("Multiplication is not possible!");
-        }
-        short tmp = 0;
-        short[] B = new short[M1.length];
-        for (int i = 0; i < M1.length; i++)
-        {
-            for (int j = 0; j < m.length; j++)
-            {
-                tmp = GF2Field.multElem(M1[i][j], m[j]);
-                B[i] = GF2Field.addElem(B[i], tmp);
-            }
-        }
-        return B;
-    }
-
-    /**
-     * Addition of two vectors
-     *
-     * @param vector1 first summand, always of dim n
-     * @param vector2 second summand, always of dim n
-     * @return addition of vector1 and vector2
-     * @throws RuntimeException in case the addition is impossible
-     * due to inconsistency in the dimensions
-     */
-    public short[] addVect(short[] vector1, short[] vector2)
-    {
-        if (vector1.length != vector2.length)
-        {
-            throw new RuntimeException("Multiplication is not possible!");
-        }
-        short rslt[] = new short[vector1.length];
-        for (int n = 0; n < rslt.length; n++)
-        {
-            rslt[n] = GF2Field.addElem(vector1[n], vector2[n]);
-        }
-        return rslt;
-    }
-
-    /**
-     * Multiplication of column vector with row vector
-     *
-     * @param vector1 column vector, always n x 1
-     * @param vector2 row vector, always 1 x n
-     * @return resulting n x n matrix of multiplication
-     * @throws RuntimeException in case the multiplication is impossible due to
-     * inconsistency in the dimensions
-     */
-    public short[][] multVects(short[] vector1, short[] vector2)
-    {
-        if (vector1.length != vector2.length)
-        {
-            throw new RuntimeException("Multiplication is not possible!");
-        }
-        short rslt[][] = new short[vector1.length][vector2.length];
-        for (int i = 0; i < vector1.length; i++)
-        {
-            for (int j = 0; j < vector2.length; j++)
-            {
-                rslt[i][j] = GF2Field.multElem(vector1[i], vector2[j]);
-            }
-        }
-        return rslt;
-    }
-
-    /**
-     * Multiplies vector with scalar
-     *
-     * @param scalar galois element to multiply vector with
-     * @param vector vector to be multiplied
-     * @return vector multiplied with scalar
-     */
-    public short[] multVect(short scalar, short[] vector)
-    {
-        short rslt[] = new short[vector.length];
-        for (int n = 0; n < rslt.length; n++)
-        {
-            rslt[n] = GF2Field.multElem(scalar, vector[n]);
-        }
-        return rslt;
-    }
-
-    /**
-     * Multiplies matrix with scalar
-     *
-     * @param scalar galois element to multiply matrix with
-     * @param matrix 2-dim n x n matrix to be multiplied
-     * @return matrix multiplied with scalar
-     */
-    public short[][] multMatrix(short scalar, short[][] matrix)
-    {
-        short[][] rslt = new short[matrix.length][matrix[0].length];
-        for (int i = 0; i < matrix.length; i++)
-        {
-            for (int j = 0; j < matrix[0].length; j++)
-            {
-                rslt[i][j] = GF2Field.multElem(scalar, matrix[i][j]);
-            }
-        }
-        return rslt;
-    }
-
-    /**
-     * Adds the n x n matrices matrix1 and matrix2
-     *
-     * @param matrix1 first summand
-     * @param matrix2 second summand
-     * @return addition of matrix1 and matrix2; both having the dimensions n x n
-     * @throws RuntimeException in case the addition is not possible because of
-     * different dimensions of the matrices
-     */
-    public short[][] addSquareMatrix(short[][] matrix1, short[][] matrix2)
-    {
-        if (matrix1.length != matrix2.length || matrix1[0].length != matrix2[0].length)
-        {
-            throw new RuntimeException("Addition is not possible!");
-        }
-
-        short[][] rslt = new short[matrix1.length][matrix1.length];//
-        for (int i = 0; i < matrix1.length; i++)
-        {
-            for (int j = 0; j < matrix2.length; j++)
-            {
-                rslt[i][j] = GF2Field.addElem(matrix1[i][j], matrix2[i][j]);
-            }
-        }
-        return rslt;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/util/GF2Field.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/util/GF2Field.java
deleted file mode 100644
index 8d54279..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/util/GF2Field.java
+++ /dev/null

@@ -1,139 +0,0 @@
-package org.bouncycastle.pqc.crypto.rainbow.util;
-
-/**
- * This class provides the basic operations like addition, multiplication and
- * finding the multiplicative inverse of an element in GF2^8.
- * <p>
- * The operations are implemented using the irreducible polynomial
- * 1+x^2+x^3+x^6+x^8 ( 1 0100 1101 = 0x14d )
- * <p>
- * This class makes use of lookup tables(exps and logs) for implementing the
- * operations in order to increase the efficiency of Rainbow.
- */
-public class GF2Field
-{
-
-    public static final int MASK = 0xff;
-
-    /*
-      * this lookup table is needed for multiplication and computing the
-      * multiplicative inverse
-      */
-    static final short exps[] = {1, 2, 4, 8, 16, 32, 64, 128, 77, 154, 121, 242,
-        169, 31, 62, 124, 248, 189, 55, 110, 220, 245, 167, 3, 6, 12, 24,
-        48, 96, 192, 205, 215, 227, 139, 91, 182, 33, 66, 132, 69, 138, 89,
-        178, 41, 82, 164, 5, 10, 20, 40, 80, 160, 13, 26, 52, 104, 208,
-        237, 151, 99, 198, 193, 207, 211, 235, 155, 123, 246, 161, 15, 30,
-        60, 120, 240, 173, 23, 46, 92, 184, 61, 122, 244, 165, 7, 14, 28,
-        56, 112, 224, 141, 87, 174, 17, 34, 68, 136, 93, 186, 57, 114, 228,
-        133, 71, 142, 81, 162, 9, 18, 36, 72, 144, 109, 218, 249, 191, 51,
-        102, 204, 213, 231, 131, 75, 150, 97, 194, 201, 223, 243, 171, 27,
-        54, 108, 216, 253, 183, 35, 70, 140, 85, 170, 25, 50, 100, 200,
-        221, 247, 163, 11, 22, 44, 88, 176, 45, 90, 180, 37, 74, 148, 101,
-        202, 217, 255, 179, 43, 86, 172, 21, 42, 84, 168, 29, 58, 116, 232,
-        157, 119, 238, 145, 111, 222, 241, 175, 19, 38, 76, 152, 125, 250,
-        185, 63, 126, 252, 181, 39, 78, 156, 117, 234, 153, 127, 254, 177,
-        47, 94, 188, 53, 106, 212, 229, 135, 67, 134, 65, 130, 73, 146,
-        105, 210, 233, 159, 115, 230, 129, 79, 158, 113, 226, 137, 95, 190,
-        49, 98, 196, 197, 199, 195, 203, 219, 251, 187, 59, 118, 236, 149,
-        103, 206, 209, 239, 147, 107, 214, 225, 143, 83, 166, 1};
-
-    /*
-      * this lookup table is needed for multiplication and computing the
-      * multiplicative inverse
-      */
-    static final short logs[] = {0, 0, 1, 23, 2, 46, 24, 83, 3, 106, 47, 147,
-        25, 52, 84, 69, 4, 92, 107, 182, 48, 166, 148, 75, 26, 140, 53,
-        129, 85, 170, 70, 13, 5, 36, 93, 135, 108, 155, 183, 193, 49, 43,
-        167, 163, 149, 152, 76, 202, 27, 230, 141, 115, 54, 205, 130, 18,
-        86, 98, 171, 240, 71, 79, 14, 189, 6, 212, 37, 210, 94, 39, 136,
-        102, 109, 214, 156, 121, 184, 8, 194, 223, 50, 104, 44, 253, 168,
-        138, 164, 90, 150, 41, 153, 34, 77, 96, 203, 228, 28, 123, 231, 59,
-        142, 158, 116, 244, 55, 216, 206, 249, 131, 111, 19, 178, 87, 225,
-        99, 220, 172, 196, 241, 175, 72, 10, 80, 66, 15, 186, 190, 199, 7,
-        222, 213, 120, 38, 101, 211, 209, 95, 227, 40, 33, 137, 89, 103,
-        252, 110, 177, 215, 248, 157, 243, 122, 58, 185, 198, 9, 65, 195,
-        174, 224, 219, 51, 68, 105, 146, 45, 82, 254, 22, 169, 12, 139,
-        128, 165, 74, 91, 181, 151, 201, 42, 162, 154, 192, 35, 134, 78,
-        188, 97, 239, 204, 17, 229, 114, 29, 61, 124, 235, 232, 233, 60,
-        234, 143, 125, 159, 236, 117, 30, 245, 62, 56, 246, 217, 63, 207,
-        118, 250, 31, 132, 160, 112, 237, 20, 144, 179, 126, 88, 251, 226,
-        32, 100, 208, 221, 119, 173, 218, 197, 64, 242, 57, 176, 247, 73,
-        180, 11, 127, 81, 21, 67, 145, 16, 113, 187, 238, 191, 133, 200,
-        161};
-
-    /**
-     * This function calculates the sum of two elements as an operation in GF2^8
-     *
-     * @param x the first element that is to be added
-     * @param y the second element that should be add
-     * @return the sum of the two elements x and y in GF2^8
-     */
-    public static short addElem(short x, short y)
-    {
-        return (short)(x ^ y);
-    }
-
-    /**
-     * This function computes the multiplicative inverse of a given element in
-     * GF2^8 The 0 has no multiplicative inverse and in this case 0 is returned.
-     *
-     * @param x the element which multiplicative inverse is to be computed
-     * @return the multiplicative inverse of the given element, in case it
-     *         exists or 0, otherwise
-     */
-    public static short invElem(short x)
-    {
-        if (x == 0)
-        {
-            return 0;
-        }
-        return (exps[255 - logs[x]]);
-    }
-
-    /**
-     * This function multiplies two elements in GF2^8. If one of the two
-     * elements is 0, 0 is returned.
-     *
-     * @param x the first element to be multiplied.
-     * @param y the second element to be multiplied.
-     * @return the product of the two input elements in GF2^8.
-     */
-    public static short multElem(short x, short y)
-    {
-        if (x == 0 || y == 0)
-        {
-            return 0;
-        }
-        else
-        {
-            return (exps[(logs[x] + logs[y]) % 255]);
-        }
-    }
-
-    /**
-     * This function returns the values of exps-lookup table which correspond to
-     * the input
-     *
-     * @param x the index in the lookup table exps
-     * @return exps-value, corresponding to the input
-     */
-    public static short getExp(short x)
-    {
-        return exps[x];
-    }
-
-    /**
-     * This function returns the values of logs-lookup table which correspond to
-     * the input
-     *
-     * @param x the index in the lookup table logs
-     * @return logs-value, corresponding to the input
-     */
-    public static short getLog(short x)
-    {
-        return logs[x];
-    }
-
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/util/RainbowUtil.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/util/RainbowUtil.java
deleted file mode 100644
index 2b073b1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/rainbow/util/RainbowUtil.java
+++ /dev/null

@@ -1,230 +0,0 @@
-package org.bouncycastle.pqc.crypto.rainbow.util;
-
-/**
- * This class is needed for the conversions while encoding and decoding, as well as for
- * comparison between arrays of some dimensions
- */
-public class RainbowUtil
-{
-
-    /**
-     * This function converts an one-dimensional array of bytes into a
-     * one-dimensional array of int
-     *
-     * @param in the array to be converted
-     * @return out
-     *         the one-dimensional int-array that corresponds the input
-     */
-    public static int[] convertArraytoInt(byte[] in)
-    {
-        int[] out = new int[in.length];
-        for (int i = 0; i < in.length; i++)
-        {
-            out[i] = in[i] & GF2Field.MASK;
-        }
-        return out;
-    }
-
-    /**
-     * This function converts an one-dimensional array of bytes into a
-     * one-dimensional array of type short
-     *
-     * @param in the array to be converted
-     * @return out
-     *         one-dimensional short-array that corresponds the input
-     */
-    public static short[] convertArray(byte[] in)
-    {
-        short[] out = new short[in.length];
-        for (int i = 0; i < in.length; i++)
-        {
-            out[i] = (short)(in[i] & GF2Field.MASK);
-        }
-        return out;
-    }
-
-    /**
-     * This function converts a matrix of bytes into a matrix of type short
-     *
-     * @param in the matrix to be converted
-     * @return out
-     *         short-matrix that corresponds the input
-     */
-    public static short[][] convertArray(byte[][] in)
-    {
-        short[][] out = new short[in.length][in[0].length];
-        for (int i = 0; i < in.length; i++)
-        {
-            for (int j = 0; j < in[0].length; j++)
-            {
-                out[i][j] = (short)(in[i][j] & GF2Field.MASK);
-            }
-        }
-        return out;
-    }
-
-    /**
-     * This function converts a 3-dimensional array of bytes into a 3-dimensional array of type short
-     *
-     * @param in the array to be converted
-     * @return out
-     *         short-array that corresponds the input
-     */
-    public static short[][][] convertArray(byte[][][] in)
-    {
-        short[][][] out = new short[in.length][in[0].length][in[0][0].length];
-        for (int i = 0; i < in.length; i++)
-        {
-            for (int j = 0; j < in[0].length; j++)
-            {
-                for (int k = 0; k < in[0][0].length; k++)
-                {
-                    out[i][j][k] = (short)(in[i][j][k] & GF2Field.MASK);
-                }
-            }
-        }
-        return out;
-    }
-
-    /**
-     * This function converts an array of type int into an array of type byte
-     *
-     * @param in the array to be converted
-     * @return out
-     *         the byte-array that corresponds the input
-     */
-    public static byte[] convertIntArray(int[] in)
-    {
-        byte[] out = new byte[in.length];
-        for (int i = 0; i < in.length; i++)
-        {
-            out[i] = (byte)in[i];
-        }
-        return out;
-    }
-
-
-    /**
-     * This function converts an array of type short into an array of type byte
-     *
-     * @param in the array to be converted
-     * @return out
-     *         the byte-array that corresponds the input
-     */
-    public static byte[] convertArray(short[] in)
-    {
-        byte[] out = new byte[in.length];
-        for (int i = 0; i < in.length; i++)
-        {
-            out[i] = (byte)in[i];
-        }
-        return out;
-    }
-
-    /**
-     * This function converts a matrix of type short into a matrix of type byte
-     *
-     * @param in the matrix to be converted
-     * @return out
-     *         the byte-matrix that corresponds the input
-     */
-    public static byte[][] convertArray(short[][] in)
-    {
-        byte[][] out = new byte[in.length][in[0].length];
-        for (int i = 0; i < in.length; i++)
-        {
-            for (int j = 0; j < in[0].length; j++)
-            {
-                out[i][j] = (byte)in[i][j];
-            }
-        }
-        return out;
-    }
-
-    /**
-     * This function converts a 3-dimensional array of type short into a 3-dimensional array of type byte
-     *
-     * @param in the array to be converted
-     * @return out
-     *         the byte-array that corresponds the input
-     */
-    public static byte[][][] convertArray(short[][][] in)
-    {
-        byte[][][] out = new byte[in.length][in[0].length][in[0][0].length];
-        for (int i = 0; i < in.length; i++)
-        {
-            for (int j = 0; j < in[0].length; j++)
-            {
-                for (int k = 0; k < in[0][0].length; k++)
-                {
-                    out[i][j][k] = (byte)in[i][j][k];
-                }
-            }
-        }
-        return out;
-    }
-
-    /**
-     * Compare two short arrays. No null checks are performed.
-     *
-     * @param left  the first short array
-     * @param right the second short array
-     * @return the result of the comparison
-     */
-    public static boolean equals(short[] left, short[] right)
-    {
-        if (left.length != right.length)
-        {
-            return false;
-        }
-        boolean result = true;
-        for (int i = left.length - 1; i >= 0; i--)
-        {
-            result &= left[i] == right[i];
-        }
-        return result;
-    }
-
-    /**
-     * Compare two two-dimensional short arrays. No null checks are performed.
-     *
-     * @param left  the first short array
-     * @param right the second short array
-     * @return the result of the comparison
-     */
-    public static boolean equals(short[][] left, short[][] right)
-    {
-        if (left.length != right.length)
-        {
-            return false;
-        }
-        boolean result = true;
-        for (int i = left.length - 1; i >= 0; i--)
-        {
-            result &= equals(left[i], right[i]);
-        }
-        return result;
-    }
-
-    /**
-     * Compare two three-dimensional short arrays. No null checks are performed.
-     *
-     * @param left  the first short array
-     * @param right the second short array
-     * @return the result of the comparison
-     */
-    public static boolean equals(short[][][] left, short[][][] right)
-    {
-        if (left.length != right.length)
-        {
-            return false;
-        }
-        boolean result = true;
-        for (int i = left.length - 1; i >= 0; i--)
-        {
-            result &= equals(left[i], right[i]);
-        }
-        return result;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/HashFunctions.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/HashFunctions.java
deleted file mode 100644
index 9bad955..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/HashFunctions.java
+++ /dev/null

@@ -1,110 +0,0 @@
-package org.bouncycastle.pqc.crypto.sphincs;
-
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.util.Strings;
-
-
-class HashFunctions
-{
-    private static final byte[] hashc = Strings.toByteArray("expand 32-byte to 64-byte state!");
-
-    private final Digest dig256;
-    private final Digest dig512;
-    private final Permute perm = new Permute();
-
-    // for key pair generation where message hash not required
-    HashFunctions(Digest dig256)
-    {
-        this(dig256, null);
-    }
-
-    HashFunctions(Digest dig256, Digest dig512)
-    {
-        this.dig256 = dig256;
-        this.dig512 = dig512;
-    }
-
-    int varlen_hash(byte[] out, int outOff, byte[] in, int inLen)
-    {
-        dig256.update(in, 0, inLen);
-
-        dig256.doFinal(out, outOff);
-
-        return 0;
-    }
-
-    Digest getMessageHash()
-    {
-        return dig512;
-    }
-
-    int hash_2n_n(byte[] out, int outOff, byte[] in, int inOff)
-    {
-        byte[] x = new byte[64];
-        int i;
-        for (i = 0; i < 32; i++)
-        {
-            x[i] = in[inOff + i];
-            x[i + 32] = hashc[i];
-        }
-        perm.chacha_permute(x, x);
-        for (i = 0; i < 32; i++)
-        {
-            x[i] = (byte)(x[i] ^ in[inOff + i + 32]);
-        }
-        perm.chacha_permute(x, x);
-        for (i = 0; i < 32; i++)
-        {
-            out[outOff + i] = x[i];
-        }
-
-        return 0;
-    }
-
-    int hash_2n_n_mask(byte[] out, int outOff, byte[] in, int inOff, byte[] mask, int maskOff)
-    {
-        byte[] buf = new byte[2 * SPHINCS256Config.HASH_BYTES];
-        int i;
-        for (i = 0; i < 2 * SPHINCS256Config.HASH_BYTES; i++)
-        {
-            buf[i] = (byte)(in[inOff + i] ^ mask[maskOff + i]);
-        }
-
-        int rv = hash_2n_n(out, outOff, buf, 0);
-
-        return rv;
-    }
-
-    int hash_n_n(byte[] out, int outOff, byte[] in, int inOff)
-    {
-
-        byte[] x = new byte[64];
-        int i;
-
-        for (i = 0; i < 32; i++)
-        {
-            x[i] = in[inOff + i];
-            x[i + 32] = hashc[i];
-        }
-        perm.chacha_permute(x, x);
-        for (i = 0; i < 32; i++)
-        {
-            out[outOff + i] = x[i];
-        }
-
-        return 0;
-    }
-
-    int hash_n_n_mask(byte[] out, int outOff, byte[] in, int inOff,  byte[] mask, int maskOff)
-    {
-        byte[] buf = new byte[SPHINCS256Config.HASH_BYTES];
-        int i;
-        for (i = 0; i < SPHINCS256Config.HASH_BYTES; i++)
-        {
-            buf[i] = (byte)(in[inOff + i] ^ mask[maskOff + i]);
-        }
-        return hash_n_n(out, outOff, buf, 0);
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/Horst.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/Horst.java
deleted file mode 100644
index a24341d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/Horst.java
+++ /dev/null

@@ -1,179 +0,0 @@
-package org.bouncycastle.pqc.crypto.sphincs;
-
-class Horst
-{
-    static final int HORST_LOGT = 16;
-    static final int HORST_T = (1<<HORST_LOGT);
-    static final int HORST_K = 32;
-    static final int HORST_SKBYTES = 32;
-    static final int HORST_SIGBYTES = (64* SPHINCS256Config.HASH_BYTES+(((HORST_LOGT-6)* SPHINCS256Config.HASH_BYTES)+HORST_SKBYTES)*HORST_K);
-
-    static final int N_MASKS = (2*(Horst.HORST_LOGT)); /* has to be the max of  (2*(SUBTREE_HEIGHT+WOTS_LOGL)) and (WOTS_W-1) and 2*HORST_LOGT */
-
-    static void expand_seed(byte[] outseeds, byte[] inseed)
-    {
-        Seed.prg(outseeds, 0, HORST_T * HORST_SKBYTES, inseed, 0);
-    }
-
-    static int horst_sign(HashFunctions hs,
-                          byte[] sig, int sigOff, byte[] pk,
-                   byte[] seed,
-                   byte[] masks,
-                   byte[] m_hash)
-    {
-        byte[] sk = new byte[ HORST_T * HORST_SKBYTES];
-        int idx;
-        int i, j, k;
-        int sigpos = sigOff;
-
-        byte[] tree = new byte[(2 * HORST_T - 1) * SPHINCS256Config.HASH_BYTES]; /* replace by something more memory-efficient? */
-
-        expand_seed(sk, seed);
-
-        // Build the whole tree and save it
-
-        // Generate pk leaves
-        for (i = 0; i < HORST_T; i++)
-        {
-            hs.hash_n_n(tree, (HORST_T - 1 + i) * SPHINCS256Config.HASH_BYTES, sk, i * HORST_SKBYTES);
-        }
-
-        long offset_in, offset_out;
-        for (i = 0; i < HORST_LOGT; i++)
-        {
-            offset_in = (1 << (HORST_LOGT - i)) - 1;
-            offset_out = (1 << (HORST_LOGT - i - 1)) - 1;
-            for (j = 0; j < (1 << (HORST_LOGT - i - 1)); j++)
-            {
-                hs.hash_2n_n_mask(tree, (int)((offset_out + j) * SPHINCS256Config.HASH_BYTES), tree, (int)((offset_in + 2 * j) * SPHINCS256Config.HASH_BYTES), masks, 2 * i * SPHINCS256Config.HASH_BYTES);
-            }
-        }
-
-        // First write 64 hashes from level 10 to the signature
-        for (j = 63 * SPHINCS256Config.HASH_BYTES; j < 127 * SPHINCS256Config.HASH_BYTES; j++)
-        {
-            sig[sigpos++] = tree[j];
-        }
-
-        // Signature consists of HORST_K parts; each part of secret key and HORST_LOGT-4 auth-path hashes
-        for (i = 0; i < HORST_K; i++)
-        {
-            idx = (m_hash[2 * i] & 0xff) + ((m_hash[2 * i + 1] & 0xff) << 8);
-
-            for (k = 0; k < HORST_SKBYTES; k++)
-                sig[sigpos++] = sk[idx * HORST_SKBYTES + k];
-
-            idx += (HORST_T - 1);
-            for (j = 0; j < HORST_LOGT - 6; j++)
-            {
-                idx = ((idx & 1) != 0) ? idx + 1 : idx - 1; // neighbor node
-                for (k = 0; k < SPHINCS256Config.HASH_BYTES; k++)
-                    sig[sigpos++] = tree[idx * SPHINCS256Config.HASH_BYTES + k];
-                idx = (idx - 1) / 2; // parent node
-            }
-        }
-
-        for (i = 0; i < SPHINCS256Config.HASH_BYTES; i++)
-        {
-            pk[i] = tree[i];
-        }
-
-        return HORST_SIGBYTES;
-    }
-
-    static int horst_verify(HashFunctions hs, byte[] pk, byte[] sig, int sigOff, byte[] masks, byte[] m_hash)
-    {
-        byte[] buffer = new byte[ 32 * SPHINCS256Config.HASH_BYTES];
-
-        int idx;
-        int i, j, k;
-
-        int sigOffset = sigOff + 64 * SPHINCS256Config.HASH_BYTES;
-
-        for (i = 0; i < HORST_K; i++)
-        {
-            idx = (m_hash[2 * i] & 0xff) + ((m_hash[2 * i + 1] & 0xff) << 8);
-
-            if ((idx & 1) == 0)
-            {
-                hs.hash_n_n(buffer, 0, sig, sigOffset);
-                for (k = 0; k < SPHINCS256Config.HASH_BYTES; k++)
-                    buffer[SPHINCS256Config.HASH_BYTES + k] = sig[sigOffset + HORST_SKBYTES + k];
-            }
-            else
-            {
-                hs.hash_n_n(buffer, SPHINCS256Config.HASH_BYTES, sig, sigOffset);
-                for (k = 0; k < SPHINCS256Config.HASH_BYTES; k++)
-                    buffer[k] = sig[sigOffset + HORST_SKBYTES + k];
-            }
-            sigOffset += HORST_SKBYTES + SPHINCS256Config.HASH_BYTES;
-
-            for (j = 1; j < HORST_LOGT - 6; j++)
-            {
-                idx = idx >>> 1; // parent node
-
-                if ((idx & 1) == 0)
-                {
-                    hs.hash_2n_n_mask(buffer, 0, buffer, 0, masks, 2 * (j - 1) * SPHINCS256Config.HASH_BYTES);
-                    for (k = 0; k < SPHINCS256Config.HASH_BYTES; k++)
-                        buffer[SPHINCS256Config.HASH_BYTES + k] = sig[sigOffset + k];
-                }
-                else
-                {
-
-                    hs.hash_2n_n_mask(buffer, SPHINCS256Config.HASH_BYTES, buffer, 0, masks, 2 * (j - 1) * SPHINCS256Config.HASH_BYTES);
-                    for (k = 0; k < SPHINCS256Config.HASH_BYTES; k++)
-                        buffer[k] = sig[sigOffset + k];
-                }
-                sigOffset += SPHINCS256Config.HASH_BYTES;
-            }
-
-            idx = idx >>> 1; // parent node
-            hs.hash_2n_n_mask(buffer, 0, buffer, 0, masks, 2 * (HORST_LOGT - 7) * SPHINCS256Config.HASH_BYTES);
-
-            for (k = 0; k < SPHINCS256Config.HASH_BYTES; k++)
-                if (sig[sigOff + idx * SPHINCS256Config.HASH_BYTES + k] != buffer[k])
-                {
-                    for (k = 0; k < SPHINCS256Config.HASH_BYTES; k++)
-                        pk[k] = 0;
-                    return -1;
-                }
-        }
-
-        // Compute root from level10
-        for (j = 0; j < 32; j++)
-        {
-            hs.hash_2n_n_mask(buffer, j * SPHINCS256Config.HASH_BYTES, sig, sigOff + 2 * j * SPHINCS256Config.HASH_BYTES, masks, 2 * (HORST_LOGT - 6) * SPHINCS256Config.HASH_BYTES);
-        }
-
-        // Hash from level 11 to 12
-        for (j = 0; j < 16; j++)
-        {
-            hs.hash_2n_n_mask(buffer, j * SPHINCS256Config.HASH_BYTES, buffer, 2 * j * SPHINCS256Config.HASH_BYTES, masks, 2 * (HORST_LOGT - 5) * SPHINCS256Config.HASH_BYTES);
-        }
-
-        // Hash from level 12 to 13
-        for (j = 0; j < 8; j++)
-        {
-            hs.hash_2n_n_mask(buffer, j * SPHINCS256Config.HASH_BYTES, buffer, 2 * j * SPHINCS256Config.HASH_BYTES, masks, 2 * (HORST_LOGT - 4) * SPHINCS256Config.HASH_BYTES);
-        }
-
-        // Hash from level 13 to 14
-        for (j = 0; j < 4; j++)
-        {
-            hs.hash_2n_n_mask(buffer, j * SPHINCS256Config.HASH_BYTES, buffer, 2 * j * SPHINCS256Config.HASH_BYTES, masks, 2 * (HORST_LOGT - 3) * SPHINCS256Config.HASH_BYTES);
-        }
-
-        // Hash from level 14 to 15
-        for (j = 0; j < 2; j++)
-        {
-            hs.hash_2n_n_mask(buffer, j * SPHINCS256Config.HASH_BYTES, buffer, 2 * j * SPHINCS256Config.HASH_BYTES, masks, 2 * (HORST_LOGT - 2) * SPHINCS256Config.HASH_BYTES);
-        }
-
-        // Hash from level 15 to 16
-        hs.hash_2n_n_mask(pk, 0, buffer, 0, masks, 2 * (HORST_LOGT - 1) * SPHINCS256Config.HASH_BYTES);
-
-        return 0;
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/Permute.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/Permute.java
deleted file mode 100644
index 0dadfb4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/Permute.java
+++ /dev/null

@@ -1,118 +0,0 @@
-package org.bouncycastle.pqc.crypto.sphincs;
-
-import org.bouncycastle.util.Pack;
-
-class Permute
-{
-    private static final int CHACHA_ROUNDS = 12;
-
-
-    protected static int rotl(int x, int y)
-    {
-        return (x << y) | (x >>> -y);
-    }
-
-    /**
-     * ChaCha core function
-     */
-    public static void permute(int rounds, int[] x)
-    {
-        if (x.length != 16)
-        {
-            throw new IllegalArgumentException();
-        }
-        if (rounds % 2 != 0)
-        {
-            throw new IllegalArgumentException("Number of rounds must be even");
-        }
-
-        int x00 = x[ 0];
-        int x01 = x[ 1];
-        int x02 = x[ 2];
-        int x03 = x[ 3];
-        int x04 = x[ 4];
-        int x05 = x[ 5];
-        int x06 = x[ 6];
-        int x07 = x[ 7];
-        int x08 = x[ 8];
-        int x09 = x[ 9];
-        int x10 = x[10];
-        int x11 = x[11];
-        int x12 = x[12];
-        int x13 = x[13];
-        int x14 = x[14];
-        int x15 = x[15];
-
-        for (int i = rounds; i > 0; i -= 2)
-        {
-            x00 += x04; x12 = rotl(x12 ^ x00, 16);
-            x08 += x12; x04 = rotl(x04 ^ x08, 12);
-            x00 += x04; x12 = rotl(x12 ^ x00, 8);
-            x08 += x12; x04 = rotl(x04 ^ x08, 7);
-            x01 += x05; x13 = rotl(x13 ^ x01, 16);
-            x09 += x13; x05 = rotl(x05 ^ x09, 12);
-            x01 += x05; x13 = rotl(x13 ^ x01, 8);
-            x09 += x13; x05 = rotl(x05 ^ x09, 7);
-            x02 += x06; x14 = rotl(x14 ^ x02, 16);
-            x10 += x14; x06 = rotl(x06 ^ x10, 12);
-            x02 += x06; x14 = rotl(x14 ^ x02, 8);
-            x10 += x14; x06 = rotl(x06 ^ x10, 7);
-            x03 += x07; x15 = rotl(x15 ^ x03, 16);
-            x11 += x15; x07 = rotl(x07 ^ x11, 12);
-            x03 += x07; x15 = rotl(x15 ^ x03, 8);
-            x11 += x15; x07 = rotl(x07 ^ x11, 7);
-            x00 += x05; x15 = rotl(x15 ^ x00, 16);
-            x10 += x15; x05 = rotl(x05 ^ x10, 12);
-            x00 += x05; x15 = rotl(x15 ^ x00, 8);
-            x10 += x15; x05 = rotl(x05 ^ x10, 7);
-            x01 += x06; x12 = rotl(x12 ^ x01, 16);
-            x11 += x12; x06 = rotl(x06 ^ x11, 12);
-            x01 += x06; x12 = rotl(x12 ^ x01, 8);
-            x11 += x12; x06 = rotl(x06 ^ x11, 7);
-            x02 += x07; x13 = rotl(x13 ^ x02, 16);
-            x08 += x13; x07 = rotl(x07 ^ x08, 12);
-            x02 += x07; x13 = rotl(x13 ^ x02, 8);
-            x08 += x13; x07 = rotl(x07 ^ x08, 7);
-            x03 += x04; x14 = rotl(x14 ^ x03, 16);
-            x09 += x14; x04 = rotl(x04 ^ x09, 12);
-            x03 += x04; x14 = rotl(x14 ^ x03, 8);
-            x09 += x14; x04 = rotl(x04 ^ x09, 7);
-        }
-
-        x[ 0] = x00;
-        x[ 1] = x01;
-        x[ 2] = x02;
-        x[ 3] = x03;
-        x[ 4] = x04;
-        x[ 5] = x05;
-        x[ 6] = x06;
-        x[ 7] = x07;
-        x[ 8] = x08;
-        x[ 9] = x09;
-        x[10] = x10;
-        x[11] = x11;
-        x[12] = x12;
-        x[13] = x13;
-        x[14] = x14;
-        x[15] = x15;
-    }
-
-    void chacha_permute(byte[] out, byte[] in)
-    {
-        int i;
-
-        int[] x = new int[16];
-        for (i = 0; i < 16; i++)
-        {
-            x[i] = Pack.littleEndianToInt(in, 4 * i);
-        }
-
-        permute(CHACHA_ROUNDS, x);
-
-        //  for (i = 0;i < 16;++i) x[i] = PLUS(x[i],input[i]); // XXX: Bad idea if we later xor the input to the state?
-        for (i = 0; i < 16; ++i)
-        {
-            Pack.intToLittleEndian(x[i], out, 4 * i);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/SPHINCS256Config.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/SPHINCS256Config.java
deleted file mode 100644
index 5fc0b68..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/SPHINCS256Config.java
+++ /dev/null

@@ -1,19 +0,0 @@
-package org.bouncycastle.pqc.crypto.sphincs;
-
-class SPHINCS256Config
-{
-    static final int SUBTREE_HEIGHT = 5;
-    static final int TOTALTREE_HEIGHT = 60;
-    static final int N_LEVELS = (TOTALTREE_HEIGHT / SUBTREE_HEIGHT);
-    static final int SEED_BYTES = 32;
-
-    static final int SK_RAND_SEED_BYTES = 32;
-    static final int MESSAGE_HASH_SEED_BYTES = 32;
-
-    static final int HASH_BYTES = 32; // Has to be log(HORST_T)*HORST_K/8
-    static final int MSGHASH_BYTES = 64;
-
-    static final int CRYPTO_PUBLICKEYBYTES = ((Horst.N_MASKS + 1) * HASH_BYTES);
-    static final int CRYPTO_SECRETKEYBYTES = (SEED_BYTES + CRYPTO_PUBLICKEYBYTES - HASH_BYTES + SK_RAND_SEED_BYTES);
-    static final int CRYPTO_BYTES = (MESSAGE_HASH_SEED_BYTES + (TOTALTREE_HEIGHT + 7) / 8 + Horst.HORST_SIGBYTES + (TOTALTREE_HEIGHT / SUBTREE_HEIGHT) * Wots.WOTS_SIGBYTES + TOTALTREE_HEIGHT * HASH_BYTES);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/SPHINCS256KeyGenerationParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/SPHINCS256KeyGenerationParameters.java
deleted file mode 100644
index cf10a7e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/SPHINCS256KeyGenerationParameters.java
+++ /dev/null

@@ -1,23 +0,0 @@
-package org.bouncycastle.pqc.crypto.sphincs;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-
-public class SPHINCS256KeyGenerationParameters
-    extends KeyGenerationParameters
-{
-    private final Digest treeDigest;
-
-    public SPHINCS256KeyGenerationParameters(SecureRandom random, Digest treeDigest)
-    {
-        super(random, SPHINCS256Config.CRYPTO_PUBLICKEYBYTES * 8);
-        this.treeDigest = treeDigest;
-    }
-
-    public Digest getTreeDigest()
-    {
-        return treeDigest;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/SPHINCS256KeyPairGenerator.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/SPHINCS256KeyPairGenerator.java
deleted file mode 100644
index 1e79f97..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/SPHINCS256KeyPairGenerator.java
+++ /dev/null

@@ -1,48 +0,0 @@
-package org.bouncycastle.pqc.crypto.sphincs;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-
-public class SPHINCS256KeyPairGenerator
-    implements AsymmetricCipherKeyPairGenerator
-{
-    private SecureRandom random;
-    private Digest treeDigest;
-
-    public void init(KeyGenerationParameters param)
-    {
-        random = param.getRandom();
-        treeDigest = ((SPHINCS256KeyGenerationParameters)param).getTreeDigest();
-    }
-
-    public AsymmetricCipherKeyPair generateKeyPair()
-    {
-        Tree.leafaddr a = new Tree.leafaddr();
-
-        byte[] sk = new byte[SPHINCS256Config.CRYPTO_SECRETKEYBYTES];
-
-        random.nextBytes(sk);
-
-        byte[] pk = new byte[SPHINCS256Config.CRYPTO_PUBLICKEYBYTES];
-
-        System.arraycopy(sk, SPHINCS256Config.SEED_BYTES, pk, 0, Horst.N_MASKS * SPHINCS256Config.HASH_BYTES);
-
-        // Initialization of top-subtree address
-        a.level = SPHINCS256Config.N_LEVELS - 1;
-        a.subtree = 0;
-        a.subleaf = 0;
-
-        HashFunctions hs = new HashFunctions(treeDigest);
-
-        // Format pk: [|N_MASKS*params.HASH_BYTES| Bitmasks || root]
-        // Construct top subtree
-        Tree.treehash(hs, pk, (Horst.N_MASKS * SPHINCS256Config.HASH_BYTES), SPHINCS256Config.SUBTREE_HEIGHT, sk, a, pk, 0);
-
-        return new AsymmetricCipherKeyPair(new SPHINCSPublicKeyParameters(pk, treeDigest.getAlgorithmName()),
-                            new SPHINCSPrivateKeyParameters(sk, treeDigest.getAlgorithmName()));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/SPHINCS256Signer.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/SPHINCS256Signer.java
deleted file mode 100644
index eb4ad23..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/SPHINCS256Signer.java
+++ /dev/null

@@ -1,414 +0,0 @@
-package org.bouncycastle.pqc.crypto.sphincs;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.pqc.crypto.MessageSigner;
-import org.bouncycastle.util.Pack;
-
-/**
- * SPHINCS-256 signer.
- * <p>
- * This implementation is heavily based on the reference implementation in SUPERCOP, the main difference being the digests used
- * for message hashing and tree construction are now configurable (within limits...) and that the implementation produces
- * detached signatures.
- * </p>
- * <p>
- * The SPHINCS reference implementation is public domain, as per the statement in the second last paragraph of
- * section 1 in https://eprint.iacr.org/2014/795.pdf
- * </p>
- */
-public class SPHINCS256Signer
-    implements MessageSigner
-{
-    private final HashFunctions hashFunctions;
-
-    private byte[] keyData;
-
-    /**
-     * Base constructor.
-     *
-     * @param nDigest  the "n-digest" must produce 32 bytes of output - used for tree construction.
-     * @param twoNDigest the "2n-digest" must produce 64 bytes of output - used for initial message/key/seed hashing.
-     */
-    public SPHINCS256Signer(Digest nDigest, Digest twoNDigest)
-    {
-        if (nDigest.getDigestSize() != 32)
-        {
-            throw new IllegalArgumentException("n-digest needs to produce 32 bytes of output");
-        }
-        if (twoNDigest.getDigestSize() != 64)
-        {
-            throw new IllegalArgumentException("2n-digest needs to produce 64 bytes of output");
-        }
-
-        this.hashFunctions = new HashFunctions(nDigest, twoNDigest);
-    }
-
-    public void init(boolean forSigning, CipherParameters param)
-    {
-         if (forSigning)
-         {
-             if (param instanceof ParametersWithRandom) {
-                 // SPHINCS-256 signatures are deterministic, RNG is not required.
-                 keyData = ((SPHINCSPrivateKeyParameters)((ParametersWithRandom) param).getParameters()).getKeyData();
-             } else {
-                 keyData = ((SPHINCSPrivateKeyParameters) param).getKeyData();
-             }
-         }
-         else
-         {
-             keyData = ((SPHINCSPublicKeyParameters)param).getKeyData();
-         }
-    }
-
-    public byte[] generateSignature(byte[] message)
-    {
-        return crypto_sign(hashFunctions, message, keyData);
-    }
-
-    public boolean verifySignature(byte[] message, byte[] signature)
-    {
-        return verify(hashFunctions, message, signature, keyData);
-    }
-
-    static void validate_authpath(HashFunctions hs, byte[] root, byte[] leaf, int leafidx, byte[] authpath, int auOff, byte[] masks, int height)
-    {
-        int i, j;
-        byte[] buffer = new byte[2 * SPHINCS256Config.HASH_BYTES];
-
-        if ((leafidx & 1) != 0)
-        {
-            for (j = 0; j < SPHINCS256Config.HASH_BYTES; j++)
-            {
-                buffer[SPHINCS256Config.HASH_BYTES + j] = leaf[j];
-            }
-            for (j = 0; j < SPHINCS256Config.HASH_BYTES; j++)
-            {
-                buffer[j] = authpath[auOff + j];
-            }
-        }
-        else
-        {
-            for (j = 0; j < SPHINCS256Config.HASH_BYTES; j++)
-            {
-                buffer[j] = leaf[j];
-            }
-            for (j = 0; j < SPHINCS256Config.HASH_BYTES; j++)
-            {
-                buffer[SPHINCS256Config.HASH_BYTES + j] = authpath[auOff + j];
-            }
-        }
-        int authOff = auOff + SPHINCS256Config.HASH_BYTES;
-
-        for (i = 0; i < height - 1; i++)
-        {
-            leafidx >>>= 1;
-            if ((leafidx & 1) != 0)
-            {
-                hs.hash_2n_n_mask(buffer, SPHINCS256Config.HASH_BYTES, buffer, 0, masks, 2 * (Wots.WOTS_LOG_L + i) * SPHINCS256Config.HASH_BYTES);
-                for (j = 0; j < SPHINCS256Config.HASH_BYTES; j++)
-                {
-                    buffer[j] = authpath[authOff + j];
-                }
-            }
-            else
-            {
-                hs.hash_2n_n_mask(buffer, 0, buffer, 0, masks, 2 * (Wots.WOTS_LOG_L + i) * SPHINCS256Config.HASH_BYTES);
-                for (j = 0; j < SPHINCS256Config.HASH_BYTES; j++)
-                {
-                    buffer[j + SPHINCS256Config.HASH_BYTES] = authpath[authOff + j];
-                }
-            }
-            authOff += SPHINCS256Config.HASH_BYTES;
-        }
-        hs.hash_2n_n_mask(root, 0, buffer, 0, masks, 2 * (Wots.WOTS_LOG_L + height - 1) * SPHINCS256Config.HASH_BYTES);
-    }
-
-
-    static void compute_authpath_wots(HashFunctions hs, byte[] root, byte[] authpath, int authOff, Tree.leafaddr a, byte[] sk, byte[] masks, int height)
-    {
-        int i, idx, j;
-        Tree.leafaddr ta = new Tree.leafaddr(a);
-
-        byte[] tree = new byte[2 * (1 << SPHINCS256Config.SUBTREE_HEIGHT) * SPHINCS256Config.HASH_BYTES];
-        byte[] seed = new byte[(1 << SPHINCS256Config.SUBTREE_HEIGHT) * SPHINCS256Config.SEED_BYTES];
-        byte[] pk = new byte[(1 << SPHINCS256Config.SUBTREE_HEIGHT) * Wots.WOTS_L * SPHINCS256Config.HASH_BYTES];
-
-        // level 0
-        for (ta.subleaf = 0; ta.subleaf < (1 << SPHINCS256Config.SUBTREE_HEIGHT); ta.subleaf++)
-        {
-            Seed.get_seed(hs, seed, (int)(ta.subleaf * SPHINCS256Config.SEED_BYTES), sk, ta);
-        }
-
-        Wots w = new Wots();
-
-        for (ta.subleaf = 0; ta.subleaf < (1 << SPHINCS256Config.SUBTREE_HEIGHT); ta.subleaf++)
-        {
-            w.wots_pkgen(hs, pk, (int)(ta.subleaf * Wots.WOTS_L * SPHINCS256Config.HASH_BYTES), seed, (int)(ta.subleaf * SPHINCS256Config.SEED_BYTES), masks, 0);
-        }
-
-        for (ta.subleaf = 0; ta.subleaf < (1 << SPHINCS256Config.SUBTREE_HEIGHT); ta.subleaf++)
-        {
-            Tree.l_tree(hs, tree, (int)((1 << SPHINCS256Config.SUBTREE_HEIGHT) * SPHINCS256Config.HASH_BYTES + ta.subleaf * SPHINCS256Config.HASH_BYTES),
-                pk, (int)(ta.subleaf * Wots.WOTS_L * SPHINCS256Config.HASH_BYTES), masks, 0);
-        }
-
-        int level = 0;
-
-        // tree
-        for (i = (1 << SPHINCS256Config.SUBTREE_HEIGHT); i > 0; i >>>= 1)
-        {
-            for (j = 0; j < i; j += 2)
-            {
-                hs.hash_2n_n_mask(tree, (i >>> 1) * SPHINCS256Config.HASH_BYTES + (j >>> 1) * SPHINCS256Config.HASH_BYTES,
-                    tree, i * SPHINCS256Config.HASH_BYTES + j * SPHINCS256Config.HASH_BYTES,
-                    masks, 2 * (Wots.WOTS_LOG_L + level) * SPHINCS256Config.HASH_BYTES);
-            }
-
-            level++;
-        }
-
-
-        idx = (int)a.subleaf;
-
-        // copy authpath
-        for (i = 0; i < height; i++)
-        {
-            System.arraycopy(tree, ((1 << SPHINCS256Config.SUBTREE_HEIGHT) >>> i) * SPHINCS256Config.HASH_BYTES + ((idx >>> i) ^ 1) * SPHINCS256Config.HASH_BYTES, authpath, authOff + i * SPHINCS256Config.HASH_BYTES, SPHINCS256Config.HASH_BYTES);
-        }
-
-        // copy root
-        System.arraycopy(tree, SPHINCS256Config.HASH_BYTES, root, 0,  SPHINCS256Config.HASH_BYTES);
-    }
-
-    byte[] crypto_sign(HashFunctions hs, byte[] m, byte[] sk)
-    {
-        byte[] sm = new byte[SPHINCS256Config.CRYPTO_BYTES];
-
-        int i;
-        long leafidx;
-        byte[] R = new byte[SPHINCS256Config.MESSAGE_HASH_SEED_BYTES];
-        byte[] m_h = new byte[SPHINCS256Config.MSGHASH_BYTES];
-        long[] rnd = new long[8];
-
-        byte[] root = new byte[SPHINCS256Config.HASH_BYTES];
-        byte[] seed = new byte[SPHINCS256Config.SEED_BYTES];
-        byte[] masks = new byte[Horst.N_MASKS * SPHINCS256Config.HASH_BYTES];
-        int pk;
-        byte[] tsk = new byte[SPHINCS256Config.CRYPTO_SECRETKEYBYTES];
-
-        for (i = 0; i < SPHINCS256Config.CRYPTO_SECRETKEYBYTES; i++)
-        {
-            tsk[i] = sk[i];
-        }
-
-        // create leafidx deterministically
-        {
-            // shift scratch upwards so we can reuse msg later
-            int scratch = SPHINCS256Config.CRYPTO_BYTES - SPHINCS256Config.SK_RAND_SEED_BYTES;
-
-            // Copy secret random seed to scratch
-            System.arraycopy(tsk, SPHINCS256Config.CRYPTO_SECRETKEYBYTES - SPHINCS256Config.SK_RAND_SEED_BYTES, sm, scratch, SPHINCS256Config.SK_RAND_SEED_BYTES);
-
-            Digest d = hs.getMessageHash();
-            byte[] bRnd = new byte[d.getDigestSize()];
-
-            d.update(sm, scratch, SPHINCS256Config.SK_RAND_SEED_BYTES);
-
-            d.update(m, 0, m.length);
-
-            d.doFinal(bRnd, 0);
-
-            // wipe sk
-            zerobytes(sm, scratch, SPHINCS256Config.SK_RAND_SEED_BYTES);
-
-            for (int j = 0; j != rnd.length; j++)
-            {
-                rnd[j] = Pack.littleEndianToLong(bRnd, j * 8);
-            }
-            leafidx = rnd[0] & 0xfffffffffffffffL;
-
-            System.arraycopy(bRnd, 16, R, 0, SPHINCS256Config.MESSAGE_HASH_SEED_BYTES);
-
-            // prepare msg_hash
-            scratch = SPHINCS256Config.CRYPTO_BYTES - SPHINCS256Config.MESSAGE_HASH_SEED_BYTES - SPHINCS256Config.CRYPTO_PUBLICKEYBYTES;
-
-            // cpy R
-            System.arraycopy(R, 0, sm, scratch, SPHINCS256Config.MESSAGE_HASH_SEED_BYTES);
-
-            // construct and cpy pk
-            Tree.leafaddr b = new Tree.leafaddr();
-            b.level = SPHINCS256Config.N_LEVELS - 1;
-            b.subtree = 0;
-            b.subleaf = 0;
-
-            pk = scratch + SPHINCS256Config.MESSAGE_HASH_SEED_BYTES;
-
-            System.arraycopy(tsk, SPHINCS256Config.SEED_BYTES, sm, pk, Horst.N_MASKS * SPHINCS256Config.HASH_BYTES);
-
-            Tree.treehash(hs, sm, pk + (Horst.N_MASKS * SPHINCS256Config.HASH_BYTES), SPHINCS256Config.SUBTREE_HEIGHT, tsk, b, sm, pk);
-
-            d = hs.getMessageHash();
-
-            d.update(sm, scratch, SPHINCS256Config.MESSAGE_HASH_SEED_BYTES + SPHINCS256Config.CRYPTO_PUBLICKEYBYTES);
-            d.update(m, 0, m.length);
-            d.doFinal(m_h, 0);
-        }
-
-        Tree.leafaddr a = new Tree.leafaddr();
-
-        a.level = SPHINCS256Config.N_LEVELS; // Use unique value $d$ for HORST address.
-        a.subleaf = (int)(leafidx & ((1 << SPHINCS256Config.SUBTREE_HEIGHT) - 1));
-        a.subtree = leafidx >>> SPHINCS256Config.SUBTREE_HEIGHT;
-
-        for (i = 0; i < SPHINCS256Config.MESSAGE_HASH_SEED_BYTES; i++)
-        {
-            sm[i] = R[i];
-        }
-
-        int smOff = SPHINCS256Config.MESSAGE_HASH_SEED_BYTES;
-
-        System.arraycopy(tsk, SPHINCS256Config.SEED_BYTES, masks, 0, Horst.N_MASKS * SPHINCS256Config.HASH_BYTES);
-        for (i = 0; i < (SPHINCS256Config.TOTALTREE_HEIGHT + 7) / 8; i++)
-        {
-            sm[smOff + i] = (byte)((leafidx >>> 8 * i) & 0xff);
-        }
-
-        smOff += (SPHINCS256Config.TOTALTREE_HEIGHT + 7) / 8;
-
-        Seed.get_seed(hs, seed, 0, tsk, a);
-        Horst ht = new Horst();
-
-        int horst_sigbytes = ht.horst_sign(hs, sm, smOff, root, seed, masks, m_h);
-
-        smOff += horst_sigbytes;
-
-        Wots w = new Wots();
-
-        for (i = 0; i < SPHINCS256Config.N_LEVELS; i++)
-        {
-            a.level = i;
-
-            Seed.get_seed(hs, seed, 0, tsk, a); //XXX: Don't use the same address as for horst_sign here!
-
-            w.wots_sign(hs, sm, smOff, root, seed, masks);
-
-            smOff += Wots.WOTS_SIGBYTES;
-
-            compute_authpath_wots(hs, root, sm, smOff, a, tsk, masks, SPHINCS256Config.SUBTREE_HEIGHT);
-            smOff += SPHINCS256Config.SUBTREE_HEIGHT * SPHINCS256Config.HASH_BYTES;
-
-            a.subleaf = (int)(a.subtree & ((1 << SPHINCS256Config.SUBTREE_HEIGHT) - 1));
-            a.subtree >>>= SPHINCS256Config.SUBTREE_HEIGHT;
-        }
-
-        zerobytes(tsk, 0, SPHINCS256Config.CRYPTO_SECRETKEYBYTES);
-
-        return sm;
-    }
-
-    private void zerobytes(byte[] tsk, int off, int cryptoSecretkeybytes)
-    {
-        for (int i = 0; i != cryptoSecretkeybytes; i++)
-        {
-            tsk[off + i] = 0;
-        }
-    }
-
-    boolean verify(HashFunctions hs, byte[] m, byte[] sm, byte[] pk)
-    {
-        int i;
-        int smlen = sm.length;
-        long leafidx = 0;
-        byte[] wots_pk = new byte[ Wots.WOTS_L * SPHINCS256Config.HASH_BYTES];
-        byte[] pkhash = new byte[ SPHINCS256Config.HASH_BYTES];
-        byte[] root = new byte[ SPHINCS256Config.HASH_BYTES];
-        byte[] sig = new byte[ SPHINCS256Config.CRYPTO_BYTES];
-        int sigp;
-        byte[] tpk = new byte[ SPHINCS256Config.CRYPTO_PUBLICKEYBYTES];
-
-        if (smlen != SPHINCS256Config.CRYPTO_BYTES)
-        {
-            throw new IllegalArgumentException("signature wrong size");
-        }
-
-        byte[] m_h = new byte[ SPHINCS256Config.MSGHASH_BYTES];
-
-        for (i = 0; i < SPHINCS256Config.CRYPTO_PUBLICKEYBYTES; i++)
-            tpk[i] = pk[i];
-
-        // construct message hash
-        {
-            byte[] R = new byte[ SPHINCS256Config.MESSAGE_HASH_SEED_BYTES];
-
-            for (i = 0; i < SPHINCS256Config.MESSAGE_HASH_SEED_BYTES; i++)
-                R[i] = sm[i];
-
-            System.arraycopy(sm, 0, sig, 0, SPHINCS256Config.CRYPTO_BYTES);
-
-            Digest mHash = hs.getMessageHash();
-
-            // input R
-            mHash.update(R, 0, SPHINCS256Config.MESSAGE_HASH_SEED_BYTES);
-
-            // input pub key
-            mHash.update(tpk, 0, SPHINCS256Config.CRYPTO_PUBLICKEYBYTES);
-
-            // input message
-            mHash.update(m, 0, m.length);
-
-            mHash.doFinal(m_h, 0);
-        }
-
-        sigp = 0;
-
-        sigp += SPHINCS256Config.MESSAGE_HASH_SEED_BYTES;
-        smlen -= SPHINCS256Config.MESSAGE_HASH_SEED_BYTES;
-
-
-        for (i = 0; i < (SPHINCS256Config.TOTALTREE_HEIGHT + 7) / 8; i++)
-        {
-            leafidx ^= ((long)(sig[sigp + i] & 0xff) << (8 * i));
-        }
-
-
-        new Horst().horst_verify(hs, root, sig, sigp + (SPHINCS256Config.TOTALTREE_HEIGHT + 7) / 8,
-            tpk, m_h);
-
-        sigp += (SPHINCS256Config.TOTALTREE_HEIGHT + 7) / 8;
-        smlen -= (SPHINCS256Config.TOTALTREE_HEIGHT + 7) / 8;
-
-        sigp += Horst.HORST_SIGBYTES;
-        smlen -= Horst.HORST_SIGBYTES;
-
-        Wots w = new Wots();
-
-        for (i = 0; i < SPHINCS256Config.N_LEVELS; i++)
-        {
-            w.wots_verify(hs, wots_pk, sig, sigp, root, tpk);
-
-            sigp += Wots.WOTS_SIGBYTES;
-            smlen -= Wots.WOTS_SIGBYTES;
-
-            Tree.l_tree(hs, pkhash, 0, wots_pk, 0, tpk, 0);
-            validate_authpath(hs, root, pkhash, (int)(leafidx & 0x1f), sig, sigp, tpk, SPHINCS256Config.SUBTREE_HEIGHT);
-            leafidx >>= 5;
-
-            sigp += SPHINCS256Config.SUBTREE_HEIGHT * SPHINCS256Config.HASH_BYTES;
-            smlen -= SPHINCS256Config.SUBTREE_HEIGHT * SPHINCS256Config.HASH_BYTES;
-        }
-
-        boolean verified = true;
-        for (i = 0; i < SPHINCS256Config.HASH_BYTES; i++)
-        {
-            if (root[i] != tpk[i + Horst.N_MASKS * SPHINCS256Config.HASH_BYTES])
-            {
-                verified = false;
-            }
-        }
-
-        return verified;
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/SPHINCSKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/SPHINCSKeyParameters.java
deleted file mode 100644
index 0bcfe31..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/SPHINCSKeyParameters.java
+++ /dev/null

@@ -1,30 +0,0 @@
-package org.bouncycastle.pqc.crypto.sphincs;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-
-public class SPHINCSKeyParameters
-    extends AsymmetricKeyParameter
-{
-    /**
-     * Use SHA512-256 for the tree generation function.
-     */
-    public static final String SHA512_256 = "SHA-512/256";
-
-    /**
-     * Use SHA3-256 for the tree generation function.
-     */
-    public static final String SHA3_256 = "SHA3-256";
-
-    private final String treeDigest;
-
-    protected SPHINCSKeyParameters(boolean isPrivateKey, String treeDigest)
-    {
-        super(isPrivateKey);
-        this.treeDigest = treeDigest;
-    }
-
-    public String getTreeDigest()
-    {
-        return treeDigest;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/SPHINCSPrivateKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/SPHINCSPrivateKeyParameters.java
deleted file mode 100644
index d79d774..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/SPHINCSPrivateKeyParameters.java
+++ /dev/null

@@ -1,26 +0,0 @@
-package org.bouncycastle.pqc.crypto.sphincs;
-
-import org.bouncycastle.util.Arrays;
-
-public class SPHINCSPrivateKeyParameters
-    extends SPHINCSKeyParameters
-{
-    private final byte[] keyData;
-
-    public SPHINCSPrivateKeyParameters(byte[] keyData)
-    {
-        super(true, null);
-        this.keyData = Arrays.clone(keyData);
-    }
-
-    public SPHINCSPrivateKeyParameters(byte[] keyData, String treeDigest)
-    {
-        super(true, treeDigest);
-        this.keyData = Arrays.clone(keyData);
-    }
-
-    public byte[] getKeyData()
-    {
-        return Arrays.clone(keyData);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/SPHINCSPublicKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/SPHINCSPublicKeyParameters.java
deleted file mode 100644
index 3aadea4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/SPHINCSPublicKeyParameters.java
+++ /dev/null

@@ -1,27 +0,0 @@
-package org.bouncycastle.pqc.crypto.sphincs;
-
-import org.bouncycastle.util.Arrays;
-
-public class SPHINCSPublicKeyParameters
-    extends SPHINCSKeyParameters
-{
-    private final byte[] keyData;
-
-    public SPHINCSPublicKeyParameters(byte[] keyData)
-    {
-        super(false, null);
-        this.keyData = Arrays.clone(keyData);
-    }
-
-    public SPHINCSPublicKeyParameters(byte[] keyData, String treeDigest)
-    {
-
-        super(false, treeDigest);
-        this.keyData = Arrays.clone(keyData);
-    }
-
-    public byte[] getKeyData()
-    {
-        return Arrays.clone(keyData);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/Seed.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/Seed.java
deleted file mode 100644
index f0fdf2e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/Seed.java
+++ /dev/null

@@ -1,49 +0,0 @@
-package org.bouncycastle.pqc.crypto.sphincs;
-
-import org.bouncycastle.crypto.StreamCipher;
-import org.bouncycastle.crypto.engines.ChaChaEngine;
-import org.bouncycastle.crypto.params.KeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithIV;
-import org.bouncycastle.util.Pack;
-
-class Seed
-{
-
-    static void get_seed(HashFunctions hs, byte[] seed, int seedOff, byte[] sk, Tree.leafaddr a)
-    {
-        byte[] buffer = new byte[SPHINCS256Config.SEED_BYTES + 8];
-        long t;
-        int i;
-
-        for (i = 0; i < SPHINCS256Config.SEED_BYTES; i++)
-        {
-            buffer[i] = sk[i];
-        }
-
-        //4 bits to encode level
-        t = a.level;
-        //55 bits to encode subtree
-        t |= a.subtree << 4;
-        //5 bits to encode leaf
-        t |= a.subleaf << 59;
-
-        Pack.longToLittleEndian(t, buffer, SPHINCS256Config.SEED_BYTES);
-
-        hs.varlen_hash(seed, seedOff, buffer, buffer.length);
-    }
-
-
-
-    static void prg(byte[] r, int rOff, long rlen, byte[] key, int keyOff)
-    {
-        byte[]  nonce = new byte[8];
-
-        StreamCipher cipher = new ChaChaEngine(12);
-
-        cipher.init(true, new ParametersWithIV(new KeyParameter(key, keyOff, 32), nonce));
-
-        cipher.processBytes(r, rOff, (int)rlen, r, rOff);
-
-        //crypto_stream_chacha12(r, rlen, nonce, key);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/Tree.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/Tree.java
deleted file mode 100644
index 2121ce0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/Tree.java
+++ /dev/null

@@ -1,93 +0,0 @@
-package org.bouncycastle.pqc.crypto.sphincs;
-
-class Tree
-{
-    static class leafaddr
-    {
-        int level;
-        long subtree;
-        long subleaf;
-
-        public leafaddr()
-        {
-
-        }
-
-        public leafaddr(leafaddr leafaddr)
-        {
-            this.level = leafaddr.level;
-            this.subtree = leafaddr.subtree;
-            this.subleaf = leafaddr.subleaf;
-        }
-    }
-
-    static void l_tree(HashFunctions hs, byte[] leaf, int leafOff, byte[] wots_pk, int pkOff, byte[] masks, int masksOff)
-    {
-        int l = Wots.WOTS_L;
-        int i, j = 0;
-        for (i = 0; i < Wots.WOTS_LOG_L; i++)
-        {
-            for (j = 0; j < (l >>> 1); j++)
-            {
-                hs.hash_2n_n_mask(wots_pk, pkOff + j * SPHINCS256Config.HASH_BYTES, wots_pk, pkOff + j * 2 * SPHINCS256Config.HASH_BYTES, masks, masksOff + i * 2 * SPHINCS256Config.HASH_BYTES);
-            }
-
-            if ((l & 1) != 0)
-            {
-                System.arraycopy(wots_pk, pkOff + (l - 1) * SPHINCS256Config.HASH_BYTES, wots_pk, pkOff + (l >>> 1) * SPHINCS256Config.HASH_BYTES, SPHINCS256Config.HASH_BYTES);
-                l = (l >>> 1) + 1;
-            }
-            else
-            {
-                l = (l >>> 1);
-            }
-        }
-        System.arraycopy(wots_pk, pkOff, leaf, leafOff, SPHINCS256Config.HASH_BYTES);
-    }
-
-    static void treehash(HashFunctions hs, byte[] node, int nodeOff, int height, byte[] sk, leafaddr leaf, byte[] masks, int masksOff)
-    {
-        leafaddr a = new leafaddr(leaf);
-        int lastnode, i;
-        byte[] stack = new byte[(height + 1) * SPHINCS256Config.HASH_BYTES];
-        int[] stacklevels = new int[height + 1];
-        int stackoffset = 0;
-
-        lastnode = (int)(a.subleaf + (1 << height));
-
-        for (; a.subleaf < lastnode; a.subleaf++)
-        {
-            gen_leaf_wots(hs, stack, stackoffset * SPHINCS256Config.HASH_BYTES, masks, masksOff, sk, a);
-            stacklevels[stackoffset] = 0;
-            stackoffset++;
-            while (stackoffset > 1 && stacklevels[stackoffset - 1] == stacklevels[stackoffset - 2])
-            {
-                //MASKS
-                int maskoffset = 2 * (stacklevels[stackoffset - 1] + Wots.WOTS_LOG_L) * SPHINCS256Config.HASH_BYTES;
-
-                hs.hash_2n_n_mask(stack, (stackoffset - 2) * SPHINCS256Config.HASH_BYTES, stack, (stackoffset - 2) * SPHINCS256Config.HASH_BYTES,
-                    masks, masksOff + maskoffset);
-                stacklevels[stackoffset - 2]++;
-                stackoffset--;
-            }
-        }
-        for (i = 0; i < SPHINCS256Config.HASH_BYTES; i++)
-        {
-            node[nodeOff + i] = stack[i];
-        }
-    }
-
-    static void gen_leaf_wots(HashFunctions hs, byte[] leaf, int leafOff, byte[] masks, int masksOff, byte[] sk, leafaddr a)
-    {
-        byte[] seed = new byte[SPHINCS256Config.SEED_BYTES];
-        byte[] pk = new byte[Wots.WOTS_L * SPHINCS256Config.HASH_BYTES];
-
-        Wots w = new Wots();
-
-        Seed.get_seed(hs, seed, 0, sk, a);
-
-        w.wots_pkgen(hs, pk, 0, seed, 0, masks, masksOff);
-
-        l_tree(hs, leaf, leafOff, pk, 0, masks, masksOff);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/Wots.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/Wots.java
deleted file mode 100644
index f1bc669..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/Wots.java
+++ /dev/null

@@ -1,97 +0,0 @@
-package org.bouncycastle.pqc.crypto.sphincs;
-
-class Wots
-{
-    static final int  WOTS_LOGW = 4;
-
-    static final int WOTS_W = (1 << WOTS_LOGW);
-    static final int WOTS_L1 = ((256 + WOTS_LOGW - 1) / WOTS_LOGW);
-    //#define WOTS_L 133  // for WOTS_W == 4
-    //#define WOTS_L 90  // for WOTS_W == 8
-    static final int WOTS_L = 67;  // for WOTS_W == 16
-    static final int WOTS_LOG_L = 7; // for WOTS_W == 16
-    static final int WOTS_SIGBYTES = (WOTS_L * SPHINCS256Config.HASH_BYTES);
-    
-    static void expand_seed(byte[] outseeds, int outOff, byte[] inseed, int inOff)
-    {
-        clear(outseeds, outOff, WOTS_L * SPHINCS256Config.HASH_BYTES);
-
-        Seed.prg(outseeds, outOff, WOTS_L * SPHINCS256Config.HASH_BYTES, inseed, inOff);
-    }
-
-    private static void clear(byte[] bytes, int offSet, int length)
-    {
-        for (int i = 0; i != length; i++)
-        {
-            bytes[i + offSet] = 0;
-        }
-    }
-
-    static void gen_chain(HashFunctions hs, byte[] out, int outOff, byte[] seed, int seedOff, byte[] masks, int masksOff, int chainlen)
-    {
-        int i, j;
-        for (j = 0; j < SPHINCS256Config.HASH_BYTES; j++)
-            out[j + outOff] = seed[j + seedOff];
-
-        for (i = 0; i < chainlen && i < WOTS_W; i++)
-            hs.hash_n_n_mask(out, outOff, out, outOff, masks, masksOff + (i * SPHINCS256Config.HASH_BYTES));
-    }
-
-
-    void wots_pkgen(HashFunctions hs, byte[] pk, int pkOff, byte[] sk, int skOff, byte[] masks, int masksOff)
-    {
-        int i;
-        expand_seed(pk, pkOff, sk, skOff);
-        for (i = 0; i < WOTS_L; i++)
-            gen_chain(hs, pk, pkOff + i * SPHINCS256Config.HASH_BYTES, pk, pkOff + i * SPHINCS256Config.HASH_BYTES, masks, masksOff, WOTS_W - 1);
-    }
-
-
-    void wots_sign(HashFunctions hs, byte[] sig, int sigOff, byte[] msg, byte[] sk, byte[] masks)
-    {
-        int[] basew = new int[WOTS_L];
-        int i, c = 0;
-
-        for (i = 0; i < WOTS_L1; i += 2)
-        {
-            basew[i] = msg[i / 2] & 0xf;
-            basew[i + 1] = (msg[i / 2] & 0xff) >>> 4;
-            c += WOTS_W - 1 - basew[i];
-            c += WOTS_W - 1 - basew[i + 1];
-        }
-
-        for (; i < WOTS_L; i++)
-        {
-            basew[i] = c & 0xf;
-            c >>>= 4;
-        }
-
-        expand_seed(sig, sigOff, sk, 0);
-
-        for (i = 0; i < WOTS_L; i++)
-            gen_chain(hs, sig, sigOff + i * SPHINCS256Config.HASH_BYTES, sig, sigOff + i * SPHINCS256Config.HASH_BYTES, masks, 0, basew[i]);
-    }
-
-    void wots_verify(HashFunctions hs, byte[] pk, byte[] sig, int sigOff, byte[] msg, byte[] masks)
-    {
-        int[] basew = new int[WOTS_L];
-        int i, c = 0;
-
-        for (i = 0; i < WOTS_L1; i += 2)
-        {
-            basew[i] = msg[i / 2] & 0xf;
-            basew[i + 1] = (msg[i / 2] & 0xff) >>> 4;
-            c += WOTS_W - 1 - basew[i];
-            c += WOTS_W - 1 - basew[i + 1];
-        }
-
-        for (; i < WOTS_L; i++)
-        {
-            basew[i] = c & 0xf;
-            c >>>= 4;
-        }
-
-        for (i = 0; i < WOTS_L; i++)
-            gen_chain(hs, pk, i * SPHINCS256Config.HASH_BYTES, sig, sigOff + i * SPHINCS256Config.HASH_BYTES, masks, (basew[i] * SPHINCS256Config.HASH_BYTES), WOTS_W - 1 - basew[i]);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/package.html b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/package.html
deleted file mode 100644
index 7b6c7f9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/sphincs/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Low level implementation of the SPHINCS-256 signature algorithm.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/AllTests.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/AllTests.java
deleted file mode 100644
index 3c2df4b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/AllTests.java
+++ /dev/null

@@ -1,86 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.util.test.SimpleTestResult;
-
-public class AllTests
-    extends TestCase
-{
-    public static void main (String[] args)
-    {
-        junit.textui.TestRunner.run(suite());
-    }
-    
-    public static Test suite()
-    {
-        TestSuite suite = new TestSuite("Lightweight PQ Crypto Tests");
-
-        suite.addTestSuite(BitStringTest.class);
-        suite.addTestSuite(EncryptionKeyTest.class);
-        suite.addTestSuite(NTRUEncryptionParametersTest.class);
-        suite.addTestSuite(NTRUEncryptTest.class);
-        suite.addTestSuite(NTRUSignatureParametersTest.class);
-        suite.addTestSuite(NTRUSignatureKeyTest.class);
-        suite.addTestSuite(NTRUSignerTest.class);
-        suite.addTestSuite(NTRUSigningParametersTest.class);
-        suite.addTestSuite(XMSSMTPrivateKeyTest.class);
-        suite.addTestSuite(XMSSMTPublicKeyTest.class);
-        suite.addTestSuite(XMSSMTSignatureTest.class);
-        suite.addTestSuite(XMSSMTTest.class);
-        suite.addTestSuite(XMSSOidTest.class);
-        suite.addTestSuite(XMSSPrivateKeyTest.class);
-        suite.addTestSuite(XMSSPublicKeyTest.class);
-        suite.addTestSuite(XMSSReducedSignatureTest.class);
-        suite.addTestSuite(XMSSSignatureTest.class);
-        suite.addTestSuite(XMSSTest.class);
-        suite.addTestSuite(XMSSUtilTest.class);
-        suite.addTestSuite(AllTests.SimpleTestTest.class);
-
-        return new BCTestSetup(suite);
-    }
-
-    public static class SimpleTestTest
-       extends TestCase
-    {
-        public void testPQC()
-        {
-            org.bouncycastle.util.test.Test[] tests = RegressionTest.tests;
-
-            for (int i = 0; i != tests.length; i++)
-            {
-                SimpleTestResult  result = (SimpleTestResult)tests[i].perform();
-
-                if (!result.isSuccessful())
-                {
-                    if (result.getException() != null)
-                    {
-                        result.getException().printStackTrace();
-                    }
-                    fail(result.toString());
-                }
-            }
-        }
-    }
-
-    static class BCTestSetup
-        extends TestSetup
-    {
-        public BCTestSetup(Test test)
-        {
-            super(test);
-        }
-
-        protected void setUp()
-        {
-
-        }
-
-        protected void tearDown()
-        {
-
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/BitStringTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/BitStringTest.java
deleted file mode 100644
index d5132db..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/BitStringTest.java
+++ /dev/null

@@ -1,88 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import junit.framework.TestCase;
-import org.bouncycastle.pqc.crypto.ntru.IndexGenerator.BitString;
-import org.bouncycastle.util.Arrays;
-
-public class BitStringTest
-    extends TestCase
-{
-    public void testAppendBitsByteArray()
-    {
-        BitString bs = new BitString();
-        bs.appendBits((byte)78);
-        assertBitStringEquals(bs, new byte[]{78});
-        bs.appendBits((byte)-5);
-        assertBitStringEquals(bs, new byte[]{78, -5});
-        bs.appendBits((byte)127);
-        assertBitStringEquals(bs, new byte[]{78, -5, 127});
-        bs.appendBits((byte)0);
-        assertBitStringEquals(bs, new byte[]{78, -5, 127, 0});
-        bs.appendBits((byte)100);
-        assertBitStringEquals(bs, new byte[]{78, -5, 127, 0, 100});
-    }
-
-    private void assertBitStringEquals(BitString bs, byte[] arr)
-    {
-        byte[] bsBytes = bs.getBytes();
-
-        assertTrue(bsBytes.length >= arr.length);
-        arr = copyOf(arr, bsBytes.length);
-        assertTrue(Arrays.areEqual(arr, bsBytes));
-    }
-
-    public void testGetTrailing()
-    {
-        BitString bs = new BitString();
-        bs.appendBits((byte)78);
-        BitString bs2 = bs.getTrailing(3);
-        assertBitStringEquals(bs2, new byte[]{6});
-
-        bs = new BitString();
-        bs.appendBits((byte)78);
-        bs.appendBits((byte)-5);
-        bs2 = bs.getTrailing(9);
-        assertBitStringEquals(bs2, new byte[]{78, 1});
-
-        bs2.appendBits((byte)100);
-        assertBitStringEquals(bs2, new byte[]{78, -55});
-        bs = bs2.getTrailing(13);
-        assertBitStringEquals(bs, new byte[]{78, 9});
-        bs2 = bs2.getTrailing(11);
-        assertBitStringEquals(bs2, new byte[]{78, 1});
-
-        bs2.appendBits((byte)100);
-        assertBitStringEquals(bs2, new byte[]{78, 33, 3});
-        bs2 = bs2.getTrailing(16);
-        assertBitStringEquals(bs2, new byte[]{78, 33});
-    }
-
-    public void testGetLeadingAsInt()
-    {
-        BitString bs = new BitString();
-        bs.appendBits((byte)78);
-        bs.appendBits((byte)42);
-        assertEquals(1, bs.getLeadingAsInt(3));
-        assertEquals(84, bs.getLeadingAsInt(9));
-        assertEquals(338, bs.getLeadingAsInt(11));
-
-        BitString bs2 = bs.getTrailing(11);
-        assertBitStringEquals(bs2, new byte[]{78, 2});
-        assertEquals(590, bs2.getLeadingAsInt(11));
-        assertEquals(9, bs2.getLeadingAsInt(5));
-
-        bs2.appendBits((byte)115);
-        assertEquals(230, bs2.getLeadingAsInt(9));
-        assertEquals(922, bs2.getLeadingAsInt(11));
-
-        bs2.appendBits((byte)-36);
-        assertEquals(55, bs2.getLeadingAsInt(6));
-    }
-
-    private byte[] copyOf(byte[] src, int length)
-    {
-        byte[] tmp = new byte[length];
-        System.arraycopy(src, 0, tmp, 0, tmp.length > src.length ? src.length : tmp.length);
-        return tmp;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/EncryptionKeyTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/EncryptionKeyTest.java
deleted file mode 100644
index 976f8af..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/EncryptionKeyTest.java
+++ /dev/null

@@ -1,51 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-
-import junit.framework.TestCase;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.pqc.crypto.ntru.NTRUEncryptionKeyGenerationParameters;
-import org.bouncycastle.pqc.crypto.ntru.NTRUEncryptionKeyPairGenerator;
-import org.bouncycastle.pqc.crypto.ntru.NTRUEncryptionPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.ntru.NTRUEncryptionPublicKeyParameters;
-
-public class EncryptionKeyTest
-    extends TestCase
-{
-    public void testEncode()
-        throws IOException
-    {
-        for (NTRUEncryptionKeyGenerationParameters params : new NTRUEncryptionKeyGenerationParameters[]{NTRUEncryptionKeyGenerationParameters.APR2011_743, NTRUEncryptionKeyGenerationParameters.APR2011_743_FAST, NTRUEncryptionKeyGenerationParameters.EES1499EP1})
-        {
-            testEncode(params);
-        }
-    }
-
-    private void testEncode(NTRUEncryptionKeyGenerationParameters params)
-        throws IOException
-    {
-        NTRUEncryptionKeyPairGenerator kpGen = new NTRUEncryptionKeyPairGenerator();
-
-        kpGen.init(params);
-
-        AsymmetricCipherKeyPair kp = kpGen.generateKeyPair();
-        byte[] priv = ((NTRUEncryptionPrivateKeyParameters)kp.getPrivate()).getEncoded();
-        byte[] pub = ((NTRUEncryptionPublicKeyParameters)kp.getPublic()).getEncoded();
-
-        AsymmetricCipherKeyPair kp2 = new AsymmetricCipherKeyPair(new NTRUEncryptionPublicKeyParameters(pub, params.getEncryptionParameters()), new NTRUEncryptionPrivateKeyParameters(priv, params.getEncryptionParameters()));
-        assertEquals(kp.getPublic(), kp2.getPublic());
-        assertEquals(kp.getPrivate(), kp2.getPrivate());
-
-        ByteArrayOutputStream bos1 = new ByteArrayOutputStream();
-        ByteArrayOutputStream bos2 = new ByteArrayOutputStream();
-        ((NTRUEncryptionPrivateKeyParameters)kp.getPrivate()).writeTo(bos1);
-        ((NTRUEncryptionPublicKeyParameters)kp.getPublic()).writeTo(bos2);
-        ByteArrayInputStream bis1 = new ByteArrayInputStream(bos1.toByteArray());
-        ByteArrayInputStream bis2 = new ByteArrayInputStream(bos2.toByteArray());
-        AsymmetricCipherKeyPair  kp3 = new AsymmetricCipherKeyPair(new NTRUEncryptionPublicKeyParameters(bis2, params.getEncryptionParameters()), new NTRUEncryptionPrivateKeyParameters(bis1, params.getEncryptionParameters()));
-        assertEquals(kp.getPublic(), kp3.getPublic());
-        assertEquals(kp.getPrivate(), kp3.getPrivate());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/GMSSSignerTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/GMSSSignerTest.java
deleted file mode 100644
index b7f9acc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/GMSSSignerTest.java
+++ /dev/null

@@ -1,140 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Signer;
-import org.bouncycastle.crypto.digests.SHA224Digest;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.pqc.crypto.DigestingMessageSigner;
-import org.bouncycastle.pqc.crypto.DigestingStateAwareMessageSigner;
-import org.bouncycastle.pqc.crypto.gmss.GMSSDigestProvider;
-import org.bouncycastle.pqc.crypto.gmss.GMSSKeyGenerationParameters;
-import org.bouncycastle.pqc.crypto.gmss.GMSSKeyPairGenerator;
-import org.bouncycastle.pqc.crypto.gmss.GMSSParameters;
-import org.bouncycastle.pqc.crypto.gmss.GMSSPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.gmss.GMSSSigner;
-import org.bouncycastle.pqc.crypto.gmss.GMSSStateAwareSigner;
-import org.bouncycastle.util.BigIntegers;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.FixedSecureRandom;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-public class GMSSSignerTest
-    extends SimpleTest
-{
-    byte[] keyData = Hex.decode("b5014e4b60ef2ba8b6211b4062ba3224e0427dd3");
-
-    SecureRandom keyRandom = new FixedSecureRandom(
-        new FixedSecureRandom.Source[]{new FixedSecureRandom.Data(keyData), new FixedSecureRandom.Data(keyData)});
-
-    public String getName()
-    {
-        return "GMSS";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-
-        GMSSParameters params = new GMSSParameters(3,
-            new int[]{15, 15, 10}, new int[]{5, 5, 4}, new int[]{3, 3, 2});
-
-        GMSSDigestProvider digProvider = new GMSSDigestProvider()
-        {
-            public Digest get()
-            {
-                return new SHA224Digest();
-            }
-        };
-
-        GMSSKeyPairGenerator gmssKeyGen = new GMSSKeyPairGenerator(digProvider);
-
-        GMSSKeyGenerationParameters genParam = new GMSSKeyGenerationParameters(keyRandom, params);
-
-        gmssKeyGen.init(genParam);
-
-        AsymmetricCipherKeyPair pair = gmssKeyGen.generateKeyPair();
-
-        GMSSPrivateKeyParameters privKey = (GMSSPrivateKeyParameters)pair.getPrivate();
-
-        ParametersWithRandom param = new ParametersWithRandom(privKey, keyRandom);
-
-        // TODO
-        Signer gmssSigner = new DigestingMessageSigner(new GMSSSigner(digProvider), new SHA224Digest());
-        gmssSigner.init(true, param);
-
-        byte[] message = BigIntegers.asUnsignedByteArray(new BigInteger("968236873715988614170569073515315707566766479517"));
-        gmssSigner.update(message, 0, message.length);
-        byte[] sig = gmssSigner.generateSignature();
-
-
-        gmssSigner.init(false, pair.getPublic());
-        gmssSigner.update(message, 0, message.length);
-        if (!gmssSigner.verifySignature(sig))
-        {
-            fail("verification fails");
-        }
-
-        if (!((GMSSPrivateKeyParameters)pair.getPrivate()).isUsed())
-        {
-            fail("private key not marked as used");
-        }
-
-        stateAwareTest(privKey.nextKey(), pair.getPublic());
-    }
-
-    private void stateAwareTest(GMSSPrivateKeyParameters privKey, AsymmetricKeyParameter pub)
-    {
-        DigestingStateAwareMessageSigner statefulSigner = new DigestingStateAwareMessageSigner(new GMSSStateAwareSigner(new SHA224Digest()), new SHA224Digest());
-        statefulSigner.init(true, new ParametersWithRandom(privKey, CryptoServicesRegistrar.getSecureRandom()));
-
-        byte[] mes1 = Strings.toByteArray("Message One");
-        statefulSigner.update(mes1, 0, mes1.length);
-        byte[] sig1 = statefulSigner.generateSignature();
-
-        isTrue(privKey.isUsed());
-
-        byte[] mes2 = Strings.toByteArray("Message Two");
-        statefulSigner.update(mes2, 0, mes2.length);
-        byte[] sig2 = statefulSigner.generateSignature();
-
-        GMSSPrivateKeyParameters recoveredKey = (GMSSPrivateKeyParameters)statefulSigner.getUpdatedPrivateKey();
-
-        isTrue(recoveredKey.isUsed() == false);
-
-        try
-        {
-            statefulSigner.generateSignature();
-        }
-        catch (IllegalStateException e)
-        {
-            isEquals("signing key no longer usable", e.getMessage());
-        }
-
-        statefulSigner.init(false, pub);
-        statefulSigner.update(mes2, 0, mes2.length);
-        if (!statefulSigner.verifySignature(sig2))
-        {
-            fail("verification two fails");
-        }
-
-        statefulSigner.update(mes1, 0, mes1.length);
-        if (!statefulSigner.verifySignature(sig1))
-        {
-            fail("verification one fails");
-        }
-    }
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new GMSSSignerTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/McElieceCipherTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/McElieceCipherTest.java
deleted file mode 100644
index 266463b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/McElieceCipherTest.java
+++ /dev/null

@@ -1,102 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import java.security.SecureRandom;
-import java.util.Random;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceCipher;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceKeyGenerationParameters;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceKeyPairGenerator;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceParameters;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class McElieceCipherTest
-    extends SimpleTest
-{
-
-    SecureRandom keyRandom = new SecureRandom();
-
-    public String getName()
-    {
-        return "McEliecePKCS";
-
-    }
-
-
-    public void performTest()
-        throws InvalidCipherTextException
-    {
-        int numPassesKPG = 1;
-        int numPassesEncDec = 10;
-        Random rand = new Random();
-        byte[] mBytes;
-        for (int j = 0; j < numPassesKPG; j++)
-        {
-
-            McElieceParameters params = new McElieceParameters();
-            McElieceKeyPairGenerator mcElieceKeyGen = new McElieceKeyPairGenerator();
-            McElieceKeyGenerationParameters genParam = new McElieceKeyGenerationParameters(keyRandom, params);
-
-            mcElieceKeyGen.init(genParam);
-            AsymmetricCipherKeyPair pair = mcElieceKeyGen.generateKeyPair();
-
-            ParametersWithRandom param = new ParametersWithRandom(pair.getPublic(), keyRandom);
-            Digest msgDigest = new SHA256Digest();
-            McElieceCipher mcEliecePKCSDigestCipher = new McElieceCipher();
-
-
-            for (int k = 1; k <= numPassesEncDec; k++)
-            {
-                System.out.println("############### test: " + k);
-                // initialize for encryption
-                mcEliecePKCSDigestCipher.init(true, param);
-
-                // generate random message
-                int mLength = (rand.nextInt() & 0x1f) + 1;
-                mBytes = new byte[mLength];
-                rand.nextBytes(mBytes);
-
-                // encrypt
-                msgDigest.update(mBytes, 0, mBytes.length);
-                byte[] hash = new byte[msgDigest.getDigestSize()];
-
-                msgDigest.doFinal(hash, 0);
-
-                byte[] enc = mcEliecePKCSDigestCipher.messageEncrypt(hash);
-
-                // initialize for decryption
-                mcEliecePKCSDigestCipher.init(false, pair.getPrivate());
-                byte[] constructedmessage = mcEliecePKCSDigestCipher.messageDecrypt(enc);
-
-                boolean verified = true;
-                for (int i = 0; i < hash.length; i++)
-                {
-                    verified = verified && hash[i] == constructedmessage[i];
-                }
-
-                if (!verified)
-                {
-                    fail("en/decryption fails");
-                }
-                else
-                {
-                    System.out.println("test okay");
-                    System.out.println();
-                }
-
-            }
-        }
-
-    }
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new McElieceCipherTest());
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/McElieceFujisakiCipherTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/McElieceFujisakiCipherTest.java
deleted file mode 100644
index 2e9d50d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/McElieceFujisakiCipherTest.java
+++ /dev/null

@@ -1,103 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import java.security.SecureRandom;
-import java.util.Random;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceCCA2KeyGenerationParameters;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceCCA2KeyPairGenerator;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceCCA2Parameters;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceFujisakiCipher;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class McElieceFujisakiCipherTest
-    extends SimpleTest
-{
-
-    SecureRandom keyRandom = new SecureRandom();
-
-    public String getName()
-    {
-        return "McElieceFujisaki";
-
-    }
-
-
-    public void performTest()
-        throws InvalidCipherTextException
-    {
-        int numPassesKPG = 1;
-        int numPassesEncDec = 10;
-        Random rand = new Random();
-        byte[] mBytes;
-        for (int j = 0; j < numPassesKPG; j++)
-        {
-            McElieceCCA2Parameters params = new McElieceCCA2Parameters();
-            McElieceCCA2KeyPairGenerator mcElieceCCA2KeyGen = new McElieceCCA2KeyPairGenerator();
-            McElieceCCA2KeyGenerationParameters genParam = new McElieceCCA2KeyGenerationParameters(keyRandom, params);
-
-            mcElieceCCA2KeyGen.init(genParam);
-            AsymmetricCipherKeyPair pair = mcElieceCCA2KeyGen.generateKeyPair();
-
-            ParametersWithRandom param = new ParametersWithRandom(pair.getPublic(), keyRandom);
-            Digest msgDigest = new SHA256Digest();
-            McElieceFujisakiCipher mcElieceFujisakiDigestCipher = new McElieceFujisakiCipher();
-
-
-            for (int k = 1; k <= numPassesEncDec; k++)
-            {
-                System.out.println("############### test: " + k);
-                // initialize for encryption
-                mcElieceFujisakiDigestCipher.init(true, param);
-
-                // generate random message
-                int mLength = (rand.nextInt() & 0x1f) + 1;;
-                mBytes = new byte[mLength];
-                rand.nextBytes(mBytes);
-
-                msgDigest.update(mBytes, 0, mBytes.length);
-                byte[] hash = new byte[msgDigest.getDigestSize()];
-                msgDigest.doFinal(hash, 0);
-
-                // encrypt
-                byte[] enc = mcElieceFujisakiDigestCipher.messageEncrypt(hash);
-
-                // initialize for decryption
-                mcElieceFujisakiDigestCipher.init(false, pair.getPrivate());
-                byte[] constructedmessage = mcElieceFujisakiDigestCipher.messageDecrypt(enc);
-
-                // XXX write in McElieceFujisakiDigestCipher?
-
-
-                boolean verified = true;
-                for (int i = 0; i < hash.length; i++)
-                {
-                    verified = verified && hash[i] == constructedmessage[i];
-                }
-
-                if (!verified)
-                {
-                    fail("en/decryption fails");
-                }
-                else
-                {
-                    System.out.println("test okay");
-                    System.out.println();
-                }
-
-            }
-        }
-
-    }
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new McElieceFujisakiCipherTest());
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/McElieceKobaraImaiCipherTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/McElieceKobaraImaiCipherTest.java
deleted file mode 100644
index 665e378..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/McElieceKobaraImaiCipherTest.java
+++ /dev/null

@@ -1,102 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import java.security.SecureRandom;
-import java.util.Random;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceCCA2KeyGenerationParameters;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceCCA2KeyPairGenerator;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceCCA2Parameters;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceKobaraImaiCipher;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class McElieceKobaraImaiCipherTest
-    extends SimpleTest
-{
-
-    SecureRandom keyRandom = new SecureRandom();
-
-    public String getName()
-    {
-        return "McElieceKobaraImai";
-
-    }
-
-
-    public void performTest()
-        throws Exception
-    {
-        int numPassesKPG = 0;   // TODO: this algorithm is broken
-        int numPassesEncDec = 10;
-        Random rand = new Random();
-        byte[] mBytes;
-        for (int j = 0; j < numPassesKPG; j++)
-        {
-
-            McElieceCCA2Parameters params = new McElieceCCA2Parameters("SHA-256");
-            McElieceCCA2KeyPairGenerator mcElieceCCA2KeyGen = new McElieceCCA2KeyPairGenerator();
-            McElieceCCA2KeyGenerationParameters genParam = new McElieceCCA2KeyGenerationParameters(keyRandom, params);
-
-            mcElieceCCA2KeyGen.init(genParam);
-            AsymmetricCipherKeyPair pair = mcElieceCCA2KeyGen.generateKeyPair();
-
-            ParametersWithRandom param = new ParametersWithRandom(pair.getPublic(), keyRandom);
-            Digest msgDigest = new SHA256Digest();
-            McElieceKobaraImaiCipher mcElieceKobaraImaiDigestCipher = new McElieceKobaraImaiCipher();
-
-
-            for (int k = 1; k <= numPassesEncDec; k++)
-            {
-                System.out.println("############### test: " + k);
-                // initialize for encryption
-                mcElieceKobaraImaiDigestCipher.init(true, param);
-
-                // generate random message
-                int mLength = (rand.nextInt() & 0x1f) + 1;
-                mBytes = new byte[mLength];
-                rand.nextBytes(mBytes);
-
-                msgDigest.update(mBytes, 0, mBytes.length);
-                byte[] hash = new byte[msgDigest.getDigestSize()];
-                msgDigest.doFinal(hash, 0);
-
-                // encrypt
-                byte[] enc = mcElieceKobaraImaiDigestCipher.messageEncrypt(hash);
-
-                // initialize for decryption
-                mcElieceKobaraImaiDigestCipher.init(false, pair.getPrivate());
-                byte[] constructedmessage = mcElieceKobaraImaiDigestCipher.messageDecrypt(enc);
-
-                // XXX write in McElieceFujisakiDigestCipher?
-
-                boolean verified = true;
-                for (int i = 0; i < hash.length; i++)
-                {
-                    verified = verified && hash[i] == constructedmessage[i];
-                }
-
-                if (!verified)
-                {
-                    fail("en/decryption fails");
-                }
-                else
-                {
-                    System.out.println("test okay");
-                    System.out.println();
-                }
-
-            }
-        }
-
-    }
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new McElieceKobaraImaiCipherTest());
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/McEliecePointchevalCipherTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/McEliecePointchevalCipherTest.java
deleted file mode 100644
index 862c492..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/McEliecePointchevalCipherTest.java
+++ /dev/null

@@ -1,102 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import java.security.SecureRandom;
-import java.util.Random;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceCCA2KeyGenerationParameters;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceCCA2KeyPairGenerator;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceCCA2Parameters;
-import org.bouncycastle.pqc.crypto.mceliece.McEliecePointchevalCipher;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class McEliecePointchevalCipherTest
-    extends SimpleTest
-{
-
-    SecureRandom keyRandom = new SecureRandom();
-
-    public String getName()
-    {
-        return "McElieceFujisaki";
-
-    }
-
-
-    public void performTest()
-        throws Exception
-    {
-        int numPassesKPG = 1;
-        int numPassesEncDec = 10;
-        Random rand = new Random();
-        byte[] mBytes;
-        for (int j = 0; j < numPassesKPG; j++)
-        {
-
-            McElieceCCA2Parameters params = new McElieceCCA2Parameters("SHA-256");
-            McElieceCCA2KeyPairGenerator mcElieceCCA2KeyGen = new McElieceCCA2KeyPairGenerator();
-            McElieceCCA2KeyGenerationParameters genParam = new McElieceCCA2KeyGenerationParameters(keyRandom, params);
-
-            mcElieceCCA2KeyGen.init(genParam);
-            AsymmetricCipherKeyPair pair = mcElieceCCA2KeyGen.generateKeyPair();
-
-            ParametersWithRandom param = new ParametersWithRandom(pair.getPublic(), keyRandom);
-            Digest msgDigest = new SHA256Digest();
-            McEliecePointchevalCipher mcEliecePointchevalDigestCipher = new McEliecePointchevalCipher();
-
-
-            for (int k = 1; k <= numPassesEncDec; k++)
-            {
-                System.out.println("############### test: " + k);
-                // initialize for encryption
-                mcEliecePointchevalDigestCipher.init(true, param);
-
-                // generate random message
-                int mLength = (rand.nextInt() & 0x1f) + 1;
-                mBytes = new byte[mLength];
-                rand.nextBytes(mBytes);
-
-                msgDigest.update(mBytes, 0, mBytes.length);
-                byte[] hash = new byte[msgDigest.getDigestSize()];
-                msgDigest.doFinal(hash, 0);
-
-                // encrypt
-                byte[] enc = mcEliecePointchevalDigestCipher.messageEncrypt(hash);
-
-                // initialize for decryption
-                mcEliecePointchevalDigestCipher.init(false, pair.getPrivate());
-                byte[] constructedmessage = mcEliecePointchevalDigestCipher.messageDecrypt(enc);
-
-                // XXX write in McElieceFujisakiDigestCipher?
-
-                boolean verified = true;
-                for (int i = 0; i < hash.length; i++)
-                {
-                    verified = verified && hash[i] == constructedmessage[i];
-                }
-
-                if (!verified)
-                {
-                    fail("en/decryption fails");
-                }
-                else
-                {
-                    System.out.println("test okay");
-                    System.out.println();
-                }
-
-            }
-        }
-
-    }
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new McEliecePointchevalCipherTest());
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/NTRUEncryptTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/NTRUEncryptTest.java
deleted file mode 100644
index e079b7d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/NTRUEncryptTest.java
+++ /dev/null

@@ -1,298 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import java.io.IOException;
-import java.security.SecureRandom;
-
-import junit.framework.TestCase;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.DataLengthException;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.pqc.crypto.ntru.NTRUEncryptionKeyGenerationParameters;
-import org.bouncycastle.pqc.crypto.ntru.NTRUEncryptionKeyPairGenerator;
-import org.bouncycastle.pqc.crypto.ntru.NTRUEncryptionPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.ntru.NTRUEncryptionPublicKeyParameters;
-import org.bouncycastle.pqc.crypto.ntru.NTRUEngine;
-import org.bouncycastle.pqc.crypto.ntru.NTRUParameters;
-import org.bouncycastle.pqc.math.ntru.polynomial.DenseTernaryPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.IntegerPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.Polynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.SparseTernaryPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.TernaryPolynomial;
-import org.bouncycastle.util.Arrays;
-
-public class NTRUEncryptTest
-    extends TestCase
-{
-    public void testEncryptDecrypt()
-        throws InvalidCipherTextException
-    {
-        NTRUEncryptionKeyGenerationParameters params = NTRUEncryptionKeyGenerationParameters.APR2011_743.clone();
-        // set df1..df3 and dr1..dr3 so params can be used for SIMPLE as well as PRODUCT
-        params.df1 = NTRUEncryptionKeyGenerationParameters.APR2011_743_FAST.df1;
-        params.df2 = NTRUEncryptionKeyGenerationParameters.APR2011_743_FAST.df2;
-        params.df3 = NTRUEncryptionKeyGenerationParameters.APR2011_743_FAST.df3;
-        params.dr1 = NTRUEncryptionKeyGenerationParameters.APR2011_743_FAST.dr1;
-        params.dr2 = NTRUEncryptionKeyGenerationParameters.APR2011_743_FAST.dr2;
-        params.dr3 = NTRUEncryptionKeyGenerationParameters.APR2011_743_FAST.dr3;
-
-        int[] values = new int[] { NTRUParameters.TERNARY_POLYNOMIAL_TYPE_SIMPLE, NTRUParameters.TERNARY_POLYNOMIAL_TYPE_PRODUCT };
-
-        for (int i = 0; i != values.length; i++)
-        {
-            int polyType = values[i];
-
-            boolean[] booleans = {true, false};
-            for (int j = 0; j != booleans.length; j++)
-            {
-                params.polyType = polyType;
-                params.fastFp = booleans[j];
-
-                VisibleNTRUEngine ntru = new VisibleNTRUEngine();
-                NTRUEncryptionKeyPairGenerator ntruGen = new NTRUEncryptionKeyPairGenerator();
-
-                ntruGen.init(params);
-
-                AsymmetricCipherKeyPair kp = ntruGen.generateKeyPair();
-
-                testPolynomial(ntru, kp, params);
-
-                testText(ntru, kp, params);
-                // sparse/dense
-                params.sparse = !params.sparse;
-                testText(ntru, kp, params);
-                params.sparse = !params.sparse;
-
-                testEmpty(ntru, kp, params);
-                testMaxLength(ntru, kp, params);
-                testTooLong(ntru, kp, params);
-                testInvalidEncoding(ntru, kp, params);
-            }
-        }
-    }
-
-    // encrypts and decrypts a polynomial
-    private void testPolynomial(VisibleNTRUEngine ntru, AsymmetricCipherKeyPair kp, NTRUEncryptionKeyGenerationParameters params)
-    {
-        SecureRandom random = new SecureRandom();
-        IntegerPolynomial m = DenseTernaryPolynomial.generateRandom(params.N, random);
-        SparseTernaryPolynomial r = SparseTernaryPolynomial.generateRandom(params.N, params.dr, params.dr, random);
-
-        ntru.init(true, kp.getPublic());  // just to set params
-
-        IntegerPolynomial e = ntru.encrypt(m, r, ((NTRUEncryptionPublicKeyParameters)kp.getPublic()).h);
-        IntegerPolynomial c = ntru.decrypt(e, ((NTRUEncryptionPrivateKeyParameters)kp.getPrivate()).t, ((NTRUEncryptionPrivateKeyParameters)kp.getPrivate()).fp);
-
-        assertTrue(Arrays.areEqual(m.coeffs, c.coeffs));
-    }
-
-    // encrypts and decrypts text
-    private void testText(NTRUEngine ntru, AsymmetricCipherKeyPair  kp, NTRUEncryptionKeyGenerationParameters params)
-        throws InvalidCipherTextException
-    {
-        byte[] plainText = "text to encrypt".getBytes();
-
-        ntru.init(true, kp.getPublic());
-
-        byte[] encrypted = ntru.processBlock(plainText, 0, plainText.length);
-
-        ntru.init(false, kp.getPrivate());
-
-        byte[] decrypted = ntru.processBlock(encrypted, 0, encrypted.length);
-
-        assertTrue(Arrays.areEqual(plainText, decrypted));
-    }
-
-    // tests an empty message
-    private void testEmpty(NTRUEngine ntru, AsymmetricCipherKeyPair kp, NTRUEncryptionKeyGenerationParameters params)
-        throws InvalidCipherTextException
-    {
-        byte[] plainText = "".getBytes();
-
-        ntru.init(true, kp.getPublic());
-
-        byte[] encrypted = ntru.processBlock(plainText, 0, plainText.length);
-
-        ntru.init(false, kp.getPrivate());
-
-        byte[] decrypted = ntru.processBlock(encrypted, 0, encrypted.length);
-
-        assertTrue(Arrays.areEqual(plainText, decrypted));
-    }
-
-    // tests a message of the maximum allowed length
-    private void testMaxLength(NTRUEngine ntru, AsymmetricCipherKeyPair kp, NTRUEncryptionKeyGenerationParameters params)
-        throws InvalidCipherTextException
-    {
-        byte[] plainText = new byte[params.maxMsgLenBytes];
-        System.arraycopy("secret encrypted text".getBytes(), 0, plainText, 0, 21);
-        ntru.init(true, kp.getPublic());
-
-        byte[] encrypted = ntru.processBlock(plainText, 0, plainText.length);
-
-        ntru.init(false, kp.getPrivate());
-
-        byte[] decrypted = ntru.processBlock(encrypted, 0, encrypted.length);
-
-        assertTrue(Arrays.areEqual(plainText, decrypted));
-    }
-
-    // tests a message that is too long
-    private void testTooLong(NTRUEngine ntru, AsymmetricCipherKeyPair kp, NTRUEncryptionKeyGenerationParameters params)
-    {
-        byte[] plainText = new byte[params.maxMsgLenBytes + 1];
-        try
-        {
-            System.arraycopy("secret encrypted text".getBytes(), 0, plainText, 0, 21);
-
-            ntru.init(true, kp.getPublic());
-
-            byte[] encrypted = ntru.processBlock(plainText, 0, plainText.length);
-
-            ntru.init(false, kp.getPrivate());
-
-            byte[] decrypted = ntru.processBlock(encrypted, 0, encrypted.length);
-
-            assertTrue(Arrays.areEqual(plainText, decrypted));
-            fail("An exception should have been thrown!");
-        }
-        catch (DataLengthException ex)
-        {
-            assertEquals("Message too long: " + plainText.length + ">" + params.maxMsgLenBytes, ex.getMessage());
-        }
-        catch (InvalidCipherTextException e)
-        {
-            e.printStackTrace();  //To change body of catch statement use File | Settings | File Templates.
-        }
-    }
-
-    // tests that altering the public key *AFTER* encryption causes the decrypted message to be rejected
-    private void testInvalidEncoding(NTRUEngine ntru, AsymmetricCipherKeyPair kp, NTRUEncryptionKeyGenerationParameters params)
-    {
-        try
-        {
-            byte[] plainText = "secret encrypted text".getBytes();
-            ntru.init(true, kp.getPublic());
-
-            byte[] encrypted = ntru.processBlock(plainText, 0, plainText.length);
-
-            NTRUEncryptionPrivateKeyParameters orig = (NTRUEncryptionPrivateKeyParameters)kp.getPrivate();
-            IntegerPolynomial h = (IntegerPolynomial)((NTRUEncryptionPublicKeyParameters)kp.getPublic()).h.clone();
-            h.coeffs[0] = (h.coeffs[0] + 111) % params.q;   // alter h
-            NTRUEncryptionPrivateKeyParameters privKey = new NTRUEncryptionPrivateKeyParameters(h, orig.t, orig.fp, params.getEncryptionParameters());
-
-            ntru.init(false, privKey);
-
-            ntru.processBlock(encrypted, 0, encrypted.length);
-
-            fail("An exception should have been thrown!");
-        }
-        catch (InvalidCipherTextException ex)
-        {
-            assertEquals("Invalid message encoding", ex.getMessage());
-        }
-    }
-
-    // encrypts and decrypts text using an encoded key pair (fastFp=false, simple ternary polynomials)
-    public void testEncodedKeysSlow()
-        throws IOException, InvalidCipherTextException
-    {
-        byte[] plainText = "secret encrypted text".getBytes();
-
-        // dense polynomials
-        NTRUEncryptionKeyGenerationParameters params = NTRUEncryptionKeyGenerationParameters.APR2011_743;
-        NTRUEngine ntru = new NTRUEngine();
-
-        byte[] privBytes = {2, -94, 95, 65, -107, 27, 98, 62, -15, -62, 21, -4, 119, -117, 7, 68, 100, 113, -36, -82, 87, -87, -82, 24, -45, -75, -74, -108, 105, 24, 123, 117, 124, 74, -27, 42, -106, -78, 114, 27, 18, 77, -41, 105, -113, 39, 49, 46, 109, -69, 61, 77, 49, 117, 14, -29, 42, 3, 120, -121, -120, -37, 95, 84, 60, -9, -31, -64, 31, 72, 115, -15, 21, -6, 27, -60, -73, -29, -33, -81, -43, 106, 65, 114, 102, -14, -115, -96, 9, 54, 23, -18, -24, -76, 84, -41, -79, 35, 88, 11, 41, 67, 44, -63, -28, 76, 84, -41, -103, 106, -22, 35, -2, -40, -48, -121, -128, 76, 63, 123, -11, 103, -35, -32, 21, -51, -99, -40, -103, -12, 64, -80, 57, -56, 1, -51, 103, 83, 50, 111, -87, -98, 7, -109, 25, -51, 23, -92};
-        byte[] pubBytes = {91, -66, -25, -81, -66, -33, 25, -31, 48, 23, -38, 20, -30, -120, -17, 1, 21, 51, -11, 102, -50, 62, 71, 79, 32, -49, -57, 105, 21, -34, -45, -67, 113, -46, -103, 57, 28, -54, -21, 94, -112, -63, 105, -100, -95, 21, -52, 50, 11, -22, -63, -35, -42, 50, 93, -40, 23, 0, 121, 23, -93, 111, -98, -14, 92, -24, -117, -8, -109, -118, -4, -107, -60, 100, -128, -47, -92, -117, -108, 39, -113, 43, 48, 68, 95, 123, -112, 41, -27, -99, 59, 33, -57, -120, -44, 72, -98, -105, -91, -52, -89, 107, 119, 87, -36, -102, -83, 67, -8, 30, -54, 74, 93, 119, -3, 126, 69, -104, -44, -24, 124, 108, -125, 73, 98, 121, -49, -37, -24, 87, -71, 91, 8, -31, -50, 95, 112, 27, 97, -93, 3, -73, -54, -16, -92, -108, -74, 88, -5, 23, 70, 69, -49, -46, -50, 65, 69, -54, -41, 109, 8, -80, -23, -84, 120, -77, 26, 99, -104, -33, 82, 91, 22, -17, 113, -29, 66, -7, -114, -101, -111, -47, -1, -3, -57, 62, 79, -70, -58, 45, 76, 28, -117, 59, -117, 113, 84, -55, 48, 119, 58, -105, -20, 80, 102, 14, -69, -69, 5, 11, -87, 107, 15, 105, -69, -27, -24, 47, -18, -54, -45, -67, 27, -52, -20, -94, 64, -26, -58, 98, 33, -61, 71, -101, 120, 28, 113, 72, 127, 50, 123, 36, -97, 78, 32, -74, 105, 62, 92, 84, -17, 21, -75, 24, -90, -78, -4, -121, 47, -82, 119, 27, -61, 17, -66, 43, 96, -49, -6, 66, -13, -75, -95, 64, -12, -39, 111, 46, -3, -123, 82, 12, -26, -30, -29, 71, -108, -79, -112, 13, 16, -70, 7, 100, 84, 89, -100, 114, 47, 56, 71, 83, 63, -61, -39, -53, -100, 23, -31, -52, -46, 36, -13, 62, 107, 28, -28, 92, 116, -59, 28, -111, -23, -44, 21, -2, 127, -112, 54, -126, 13, -104, 47, -43, -109, -19, 107, -94, -126, 50, 92, -69, 1, 115, -121, -52, -100, 25, 126, -7, 86, 77, 72, -2, -104, -42, 98, -16, 54, -67, 117, 14, -73, 4, 58, 121, 35, 1, 99, -127, -9, -60, 32, -37, -106, 6, -108, -13, -62, 23, -20, -9, 21, 15, 4, 126, -112, 123, 34, -67, -51, 43, -30, -75, 119, -112, -58, -55, -90, 2, -5, -46, -12, 119, 87, 24, -52, 2, -29, 113, 61, -82, -101, 57, -11, -107, -11, 67, -42, -43, -13, 112, -49, 82, 60, 13, -50, 108, 64, -64, 53, -107, -9, 102, -33, 75, -100, -115, 102, -113, -48, 19, -119, -72, -65, 22, -65, -93, 34, -71, 75, 101, 54, 126, 75, 34, -21, -53, -36, 127, -21, 70, 24, 89, -88, 63, -43, -4, 68, 97, -45, -101, -125, -38, 98, -118, -34, -63, 23, 78, 15, 17, 101, -107, 119, -41, 107, 117, 17, 108, 43, -93, -6, -23, -30, 49, -61, 27, 61, -125, -68, 51, 40, -106, -61, 51, 127, 2, 123, 7, -50, -115, -32, -95, -96, 67, 4, 5, 59, -45, 61, 95, 14, 2, -76, -121, 8, 125, 16, -126, 58, 118, -32, 19, -113, -113, 120, -101, 86, 76, -90, 50, -92, 51, -92, 1, 121, -74, -101, -33, 53, -53, -83, 46, 20, -87, -112, -61, -87, 106, -126, 64, 99, -60, 70, 120, 47, -53, 36, 20, -90, 110, 61, -93, 55, -10, 85, 45, 52, 79, 87, 100, -81, -85, 34, 55, -91, 27, 116, -18, -71, -11, 87, -11, 76, 48, 97, -78, 64, -100, -59, -12, 19, -90, 121, 48, -19, 64, 113, -70, -14, -70, 92, 124, 42, 95, 7, -115, 36, 127, 73, 33, 30, 121, 88, 16, -90, 99, 120, -68, 64, -125, -78, 76, 112, 68, 8, 105, 10, -47, -124, 39, -107, -101, 46, -61, 118, -74, 102, -62, -6, -128, 17, -45, 61, 76, 63, -10, -41, 50, -113, 75, -83, -59, -51, -23, -61, 47, 7, -80, 126, -2, 79, -53, 110, -93, -38, -91, -22, 20, -84, -113, -124, -73, 124, 0, 33, -58, 63, -26, 52, 7, 74, 65, 38, -33, 21, -9, -1, 120, -16, 47, -96, 59, -64, 74, 6, 48, -67, -32, -26, 35, 68, 47, 82, 36, 52, 41, 112, -28, -22, -51, -6, -49, 105, 16, -34, 99, -41, 75, 7, 79, -22, -125, -30, -126, 35, 119, -43, -30, 32, 8, 44, -42, -98, 78, -92, -95, -10, -94, -1, -91, -122, 77, 0, 40, -23, 36, 85, 123, -57, -74, -69, -90, 89, 111, -120, 22, 5, -48, 114, 59, 31, 31, -25, -3, 24, 110, -110, 73, -40, 92, -26, -12, 52, 83, -98, -119, -6, -117, -89, 95, 83, -25, 122, -26, 114, 81, 25, 110, 79, -49, -39, 10, -78, -65, 57, -90, -46, -126, 15, -124, -104, -89, -66, -87, 24, -45, 39, -34, -40, -13, 106, 12, -25, -116, -47, 79, -81, 64, -17, -31, -70, 87, 36, 46, 102, 107, 48, 88, 34, 46, 24, 63, -100, 106, 27, 58, -71, 38, 60, -66, 45, -89, 39, -60, -116, -14, -119, 118, 0, -24, -9, 38, -71, -79, 124, -119, -64, -9, 71, -56, -82, -73, -69, 127, -1, -20, 123, 32, -43, 49, 5, 49, 105, -5, -2, 5, -105, -111, 89, -30, -41, -49, 61, 80, 69, 44, -33, -116, -45, -96, 63, 28, -17, -106, -94, 90, -40, -88, 122, 116, 116, 113, -65, 104, 119, -3, 96, -45, 18, -120, -111, 83, 43, -5, 101, 71, 48, 104, -112, -95, -46, 53, -96, -93, -126, 96, 56, 104, -111, 114, -1, -44, -120, -112, -19, 100, 41, -122, 23, -78, 33, -35, 11, 57, -18, 106, -40, 74, 61, 66, 54, -77, 96, 70, 108, -128, 91, -97, -36, -23, -86, -91, 44, 58, 117, 2, 26, 44, 95, 79, -101, -81, -92, 110, -81, -12, -88, -21, -83, 60, 93, -121, -114, -48, -34, -119, -1, 127, -121, 54, -128, -106, -39, -108, 81, 17, -3, -13, -57, 74, 41, -122, -65, -107, -118, -65, -61, 103, -69, 19};
-
-        byte[] fullBytes = new byte[pubBytes.length + privBytes.length];
-
-        System.arraycopy(pubBytes, 0, fullBytes, 0, pubBytes.length);
-        System.arraycopy(privBytes, 0, fullBytes, pubBytes.length, privBytes.length);
-
-        NTRUEncryptionPrivateKeyParameters priv = new NTRUEncryptionPrivateKeyParameters(fullBytes, params.getEncryptionParameters());
-        NTRUEncryptionPublicKeyParameters pub = new NTRUEncryptionPublicKeyParameters(pubBytes, params.getEncryptionParameters());
-        AsymmetricCipherKeyPair kp = new AsymmetricCipherKeyPair(pub, priv);
-
-        ntru.init(true, kp.getPublic());
-
-        byte[] encrypted = ntru.processBlock(plainText, 0, plainText.length);
-
-        ntru.init(false, kp.getPrivate());
-
-        byte[] decrypted = ntru.processBlock(encrypted, 0, encrypted.length);
-        assertTrue(Arrays.areEqual(plainText, decrypted));
-
-        // sparse polynomials
-        params = NTRUEncryptionKeyGenerationParameters.EES1499EP1;
-        ntru = new NTRUEngine();
-        privBytes = new byte[] {116, 7, 118, 121, 6, 77, -36, 60, 65, 108, 10, -106, 12, 9, -22, -113, 122, -31, -31, 18, 120, 81, -33, 5, 122, -76, 109, -30, -101, -45, 21, 13, -11, -49, -111, 46, 91, 4, -28, -109, 121, -119, -121, -58, -113, -9, -10, -25, -53, 40, -86, -22, -50, 42, 52, 107, 119, 17, 33, 125, -26, 33, 55, 25, -77, -65, -106, 116, -67, 91, 105, -7, 42, -107, -54, 101, 12, -12, 57, -116, 45, -107, -17, 110, 35, -64, 19, -38, -122, 115, -93, 53, 69, 66, -106, 17, 20, -71, 121, 23, -21, -45, 108, 97, 23, -98, -12, -41, -31, -53, 30, -42, 15, 85, -21, -89, 118, 42, -117, -39, 69, 0, -63, 83, 48, -80, -14, -123, -4, -116, -90, -107, -89, 119, 29, -30, 69, 22, -84, 47, 117, -123, 102, -116, 35, 93, -13, 84, -9, -122, 58, 101, 93, -106, -119, -35, -75, 76, 27, -125, -22, 68, 101, 49, 103, -13, -98, 93, -56, -110, -19, -12, 74, 104, 7, 6, -11, 47, 57, 90, 75, -30, 47, 66, -58, 14, 14, 70, 11, -119, -36, -118, -55, -53, 101, -73, -77, 33, -29, 96, -86, 38, 47, 103, 19, -37, -17, -50, -82, -87, -119, 37, -54, 77, -69, -16, -48, -52, 110, -26, 111, 35, 26, -53, -10, 9, -108, -34, 102, 7, -18, -72, -26, 24, -50, -43, 92, 56, -94, 23, -36, 60, 28, -121, 27, 127, -93, -79, -45, -60, 105, -6, -88, 72, -41, 47, -51, 3, 91, 116, 75, 122, -94, -113, 28, -96, -62, -29, -74, -85, -93, 51, 58, 72, 44, 9, 18, -48, -24, 73, 122, 60, -23, 83, -110, -7, -111, -69, 106, 51, 118, -83, -18, 109, -32, 40, 22};
-
-        pubBytes = new byte[] {-62, 56, 59, -46, 30, -19, 22, -115, -20, 117, -14, 3, 2, -57, 85, -24, 27, 57, 49, -93, -52, 87, 49, 96, 15, 95, -95, -86, -61, 50, -18, 3, 109, -55, -110, -57, 82, 124, -5, -57, 68, -18, 126, 114, 6, -22, 8, 121, 125, 29, -16, 112, -81, 27, -7, 109, -44, -123, -15, -14, 74, -126, 95, -94, -91, 119, 80, -48, 41, 49, 6, 104, 93, -97, -108, -82, 93, 70, -127, -113, -22, -103, 35, -115, 20, -115, 63, 57, -84, -18, -107, 81, 44, -16, 83, 71, -27, -2, -125, 87, 26, 100, -116, 110, 94, -46, -56, -82, 119, -110, -127, -99, -8, -118, 90, 64, -29, 102, 99, 92, 86, -117, 26, -89, 32, 17, 55, -65, -10, -5, -74, 19, 13, 113, -15, -103, 17, 10, -127, -95, -79, 19, 11, -24, 59, 28, -70, -55, -69, -105, -20, -117, 66, 4, 77, 116, -124, -62, 19, 109, 49, -120, 10, -15, 108, 84, 126, 122, -46, -37, 114, -78, -72, 34, -12, 25, -104, -3, 114, -94, 16, 31, 31, -124, -109, -64, 57, -47, -113, -26, 97, -58, 112, -40, 49, 80, -54, -115, -98, -60, -123, 91, 14, 75, -86, 77, -93, 68, 112, 82, 79, 28, -25, 49, -27, -112, 103, 60, -128, 95, -63, 2, -51, 2, -107, 80, 113, 18, 123, 24, 70, 77, -56, -48, 33, 89, 88, 29, 112, -102, -15, 52, -96, 17, -9, 6, -11, -119, 29, -107, -84, -19, 84, 124, 19, 90, -60, -41, 123, -81, 96, -119, 17, -61, 62, 55, 95, -73, -13, -60, 56, 77, 24, -39, -107, -78, 47, -91, 88, 90, 34, 112, -80, 83, -58, 127, 76, -97, -40, 78, -20, -1, -62, 19, 6, -43, -46, -36, -53, -22, -28, -119, 8, 19, 79, -9, -54, -126, -3, -20, -110, -82, 51, 3, 1, -123, -41, -40, -11, 91, -52, 48, 104, -11, -2, 49, 45, 52, -33, 109, -44, -30, -44, -83, -108, -10, 77, 106, 82, 3, 14, -48, -18, -79, -64, -34, -63, -18, 122, 33, 25, 44, 82, -112, 111, 68, 97, -58, -38, 25, 62, 78, 97, -36, 57, -19, 122, -18, -74, 67, -127, -24, 32, -45, 67, -106, 90, 0, 1, 91, 30, -80, 95, 9, 78, -4, -14, 16, 111, -56, -102, -90, 52, -1, 116, 19, -127, -23, -87, 103, -94, -111, 118, 53, -69, 77, 17, -3, 31, -53, -21, -78, 124, -88, 52, 117, 34, -52, -77, -107, -38, -102, 23, 73, -76, -88, 95, 64, -85, 12, 36, -86, 86, -17, 77, 121, 90, 24, -49, -107, 33, -116, 65, 13, 91, 118, -107, -21, 65, -59, 18, 125, 61, -65, -68, -19, 23, 88, 60, -6, 78, -8, 69, -62, -118, -93, 97, -64, -67, 28, 28, -87, -97, 72, -125, -119, 4, -43, 7, 22, -15, 52, 52, -82, -5, -51, 99, 20, -59, -2, -54, -67, 40, -128, -20, -37, 50, 123, 32, 8, -39, -105, 93, 73, 77, 84, 43, 89, 88, -6, 7, -108, 81, 27, 1, 50, 16, -101, 67, 95, 119, 105, 70, 99, -127, 22, 127, -33, -19, -113, -55, -100, 122, -86, 98, 53, 27, -95, 4, -121, -96, 87, 67, -98, -37, -10, 92, 29, -3, -115, -23, 37, 8, -30, 99, -117, 62, 101, 83, 49, 60, -83, -47, -33, 41, -118, 76, -7, 111, -15, 123, -59, 53, 2, -20, -57, 24, 57, 62, 84, -26, -11, 93, -118, 54, -13, 56, 77, -66, 18, -62, -76, 80, 98, 26, 120, -93, 55, 103, -1, 78, -92, 120, -23, -60, -75, 11, 53, -62, -94, -80, 120, 113, 33, -24, -64, -5, 23, 120, -14, 61, 26, -1, 56, 79, 34, 116, -16, -95, -71, 40, -89, -50, 71, -117, -109, 2, -2, -34, 94, -78, -88, -27, 70, 94, -86, 123, -49, 107, -65, -67, 84, 90, 123, -61, -2, 43, -119, -93, 75, -4, -81, 98, -36, 125, -23, -37, 81, 104, 90, -63, -52, 88, -96, -44, 25, 3, -37, -123, -48, 113, -76, -94, -109, -115, 37, -39, 104, -124, 82, -73, 100, 48, -54, -40, -65, 81, 16, -85, -41, 60, 42, 117, 65, 77, 14, -8, -56, 52, -118, -109, 125, 13, 64, -20, 125, -37, -74, -28, 118, 112, -126, 18, -101, 11, 75, 30, -4, -121, -13, -65, -13, -122, -53, -52, 20, -2, 67, 18, -106, 67, 83, -111, 15, 106, 10, 113, 53, -112, -3, 118, 8, -56, 40, 53, 23, -123, 96, 87, -118, -97, -116, -47, 85, -73, -85, -82, 124, -55, 55, 61, 46, 12, -6, 34, 22, -22, 3, 115, -49, 102, 23, 46, 39, 0, 118, 3, -45, 48, -73, -38, 29, -36, 11, -127, -86, 30, 29, -2, -108, -114, 64, 110, 86, -46, -91, -64, 95, -40, -65, 49, -79, -126, -37, -103, -71, 53, -85, 45, -51, 33, -28, -126, 36, -77, -120, 55, -54, 72, -21, 58, -87, -73, 18, -12, 20, -100, 30, 118, -83, -22, -90, 71, -64, 108, 101, -46, 36, 105, -46, -91, 60, -113, 72, 100, 82, -90, 106, -127, 65, -94, 17, 77, -10, -112, 46, 118, 72, -84, 57, -86, -114, 88, 91, 79, 30, 107, -35, 61, 81, 71, 40, -29, -6, -107, 61, -62, -6, 65, -68, 118, 61, 110, -115, -119, -73, 104, 59, -66, -89, -127, -8, -67, 122, -38, 79, -13, 93, 1, -32, -47, -3, 62, 88, -112, 105, 73, 96, 73, -104, -126, -69, 21, -22, 16, -85, 116, 9, 82, 54, -15, -55, -67, 68, -23, 16, -89, 48, -17, -107, 60, -43, -34, 66, -114, 63, -3, -26, 68, 68, -86, 120, -111, 99, 61, 101, 27, 93, 31, 90, -33, -94, 29, -89, 41, -80, 26, -23, -80, 27, 107, 69, -45, -123, 62, 63, 80, 1, -28, 52, -8, 35, -86, -127, 76, 102, 83, -104, -79, -98, 77, -28, 118, 18, -15, -98, -39, 2, -58, 95, 64, 105, -82, -7, 96, 110, 104, 127, 126, -124, 26, 36, 33, -42, 59, 82, 127, 42, -24, -61, -50, -18, -87, 22, -32, -125, -70, 103, -121, -112, -94, 58, -95, -97, 53, 95, -61, -83, 42, 37, 80, 51, -118, 125, 15, 67, 41, -97, 41, -121, 29, -88, 100, -113, 39, 101, 47, 91, -36, 48, -56, -13, 12, 37, 0, 81, 3, -40, 8, 36, -65, -11, -32, 108, 62, 79, 70, 91, -83, 2, -47, 0, 91, 10, 87, -19, -40, 96, 106, 41, 120, -53, 40, -114, 90, 64, 59, -115, 39, 2, 53, -49, -72, -114, 94, 5, 49, 74, 13, 50, -14, 76, -123, -11, -81, 100, 120, 16, -41, -72, -118, 28, 41, 98, 122, 27, 18, -108, -43, 51, -71, 93, -13, -42, -64, -118, -106, 45, 108, 72, -128, 58, -123, -29, -114, 15, 52, -72, 108, -62, 75, -15, 105, -89, 25, 37, 13, -21, -109, 68, 5, -89, 69, 10, -46, 18, -57, 77, -103, -74, 57, -43, -110, 1, -80, 82, 5, -9, -49, -53, 83, 4, 44, 64, -117, -67, -11, 1, -65, -81, 34, -23, -71, 14, 105, -93, 2, -120, 90, 92, -6, -128, -16, -51, 27, 123, 71, -117, -72, -81, 26, 28, 5, -117, -30, 22, -72, -76, -32, -14, 82, 90, 69, 74, -94, -72, -30, -17, 12, -37, -3, -80, 72, 2, -40, 41, 0, -53, 48, -37, -117, -128, -120, -80, 28, 49, -52, 114, -119, 92, -42, -105, 125, -95, 78, 76, 123, -56, 32, -66, 69, -58, 57, -77, -100, -70, 125, 53, -115, 8, 116, 88, -34, 86, -75, 55, 64, 79, -113, -124, -91, 50, -82, -119, 50, 11, 87, -14, -25, 15, -1, -49, -127, -5, -50, 72, -29, -78, 101, -119, -21, -15, 97, -63, 57, -123, -94, -24, -8, 104, 86, 79, 49, 102, -8, -76, 8, 69, 99, -64, -108, 70, 36, 71, -127, 56, 39, 78, 109, 42, -42, -2, 126, 17, -88, -65, -23, -64, 78, 87, 7, 6, -82, -98, 41, -46, -10, -25, 90, -73, 24, 127, -27, 118, -9, 81, -3, 115, -4, 47, 86, -30, -9, -50, 32, 86, 114, 58, -5, 78, 74, 36, 29, -126, 116, 117, -114, -92, -121, -36, -86, -18, 55, 49, 112, 43, 111, -99, -116, 70, 60, -63, 87, -4, -35, 15, 28, -27, -65, 66, 115, -33, 112, 94, 74, -22, 104, -56, -27, 39, -8, -53, -120, 8, -109, 73, -68, 67, 40, -59, 59, 121, -76, -41, -80, -54, -88, -120, -121, -118, -58, 74, -120, 82, -88, -113, 30, -8, 54, -126, -106, 37, -43, -74, -56, 40, -76, 93, 91, 28, -59, -30, -2, 107, 6, -89, -69, -121, -125, -109, 5, -94, -7, -2, -5, -67, 54, -90, 39, 5, -80, 93, -99, 82, -100, -128, -8, -39, -109, 66, -11, 99, -41, 18, -32, -122, 69, 6, -95, -21, 9, 19, -117, -34, -42, 11, 20, 84, 89, 91, -61, -13, -7, 55, 90, -15, 62, 59, -4, 125, -127, -24, -124, -99, -63, -23, 52, 111, -52, -60, -113, -65, -26, 127, 57, 21, 102, 101, -77, 66, -116, 117, 80, 7, 1, -96, -29, -99, 75, -73, 44, -99, 61, -73, 15, -18, 89, 95, 104, -12, 94, 33, 13, -49, 118, -84, -122, -2, -121, 62, -32, -80, 11, -10, 102, -67, 20, -3, 25, -6, 51, -17, -123, -76, 103, 3, 127, -107, -5, 122, 65, 22, 113, 120, 6, -19, -110, 86, 55, -88, -124, 0, -54, 17, 112, 15, 105, -28, 111, -93, 85, -59, -88, 28, 123, 55, 117, 10, 76, 54, -98, 116, 40, -65, -53, -80, 46, 66, -8, -114, 102, 66, 67, -117, 46, 21, -116, -38, 58, -105, 101, 37, -16, 5, 55, -33, -87, 72, 122, -114, -91, 41, -114, 77, 50, 109, 35, -61, 9, -55, -118, 126, -35, -108, 5, 62, 125, -109, -115, -55, 32, -71, 69, 110, 87, -82, 119, 26, 103, -77, -38, -13, 113, 74, 69, 116, 94, -21, 5, 35, 73, -80, -87, 80, 13, 108, 1, 82, -56, -35, -21, -78, -98, 121, 112, -117, 72, 47, 76, -97, -84, -110, -35, -19, -120, -13, 127, 5, 56, 72, -22, 110, -8, -71, 0, -57, -125, -101, 60, -64, -32, 1, 126, -109, 9, 84, 117, 62, -68, -106, 28, -118, -52, -81, 112, 11, 55, 68, -86, -65, 123, 83, 55, -72, 110, 63, -90, 31, 11, 90, -60, 20, 14, -36, 5, -92, 11, -100, 64, -57, -72, -105, 7, 103, 125, 99, -88, 32, -5, 41, -115, -11, 89, 81, 77, -33, -7, -123, -17, 109, 59, 40, -12, -61, 98, -91, 19, -36, 108, 118, -124, -82, -40, -124, -66, 19, 127, -73, -39, 99, 43, -16, -44, -83, -77, -34, 68, -118, -71, -116, 114, 120, -34, -105, -32, -46, 102, 73, -79, 7, 42, 35, -66, 125, 34, 113, 66, 78, 71, 6, 44, -17, 4, -80, 38, -59, 12, -8, -78, 103, 8, 80, 18, -74, 20, 3, 56, -20, 106, -1, -12, 83, 4, 68, -119, 84, -87, 97, -53, 102, 119, 34, -85, 22, -26, 55, -107, 96, -70, 77, -68, -96, -15, -22, -77, -55, 5, 103, -42, -87, 122, -80, -103, -37, -120, -56, -16, -51, -7, -19, -104, 120, 9, 54, -85, 48, -76, -38, 58, -68, 116, -20, -44, 22, -32, 75, -46, -41, 13, -100, 16, -59, -93, -115, 54, 22, -110, -46, -119, 44, -98, -48, 4, -58, -115, -57, 103, -56, 36, -63, 104, -114, -125, 92, 65, 117, -21, -59, -31, 56, -98, -126, 56, 47, -116, 100, 122, -98, 4, 26, -29, -127, -113, 73, 48, 106, 125, -69, -127, 62, 56, -79, 76, 84, -46, -31, -17, 94, -98, 62, 63, 118, -24, 63, 123, -93, -46, 103, 117, -120, -35, 19, 25, 15, -110, -125, 12, -75, -50, 103, 49, 47, 98, 92, 10, -88, 54, -53, 19, 25, -90, 93, -49, 64, 126, -106, -30, -52, 58, 37, 68, -18, -60, 15, -27, 93, -124, 88, 110, -80, -106, 88, 55, 108, -58, -43, -70, 76, 85, 98, 27, -66, 18, 75, 69, 114, 90, -26, -10, -12, -126, 84, -109, 108, 15, -115, 90, 11, -127, 63, -7, 47, 92, -72, 38, -58, -35, 18, 25, 12, -103, 0};
-
-        fullBytes = new byte[pubBytes.length + privBytes.length];
-
-        System.arraycopy(pubBytes, 0, fullBytes, 0, pubBytes.length);
-        System.arraycopy(privBytes, 0, fullBytes, pubBytes.length, privBytes.length);
-
-        priv = new NTRUEncryptionPrivateKeyParameters(fullBytes, params.getEncryptionParameters());
-        pub = new NTRUEncryptionPublicKeyParameters(pubBytes, params.getEncryptionParameters());
-        kp = new AsymmetricCipherKeyPair(pub, priv);
-        ntru.init(true, kp.getPublic());
-
-        encrypted = ntru.processBlock(plainText, 0, plainText.length);
-
-        ntru.init(false, kp.getPrivate());
-
-        decrypted = ntru.processBlock(encrypted, 0, encrypted.length);
-
-        assertTrue(Arrays.areEqual(plainText, decrypted));
-    }
-
-    // encrypts and decrypts text using an encoded key pair (fastFp=true)
-    public void testEncodedKeysFast()
-        throws IOException, InvalidCipherTextException
-    {
-        byte[] plainText = "secret encrypted text".getBytes();
-
-        NTRUEncryptionKeyGenerationParameters params = NTRUEncryptionKeyGenerationParameters.APR2011_743_FAST;
-        NTRUEngine ntru = new NTRUEngine();
-        byte[] privBytes = {10, 16, 2, 30, -40, -63, -109, -77, -72, -122, 66, 23, -30, -44, -82, 0, 95, 64, 68, 48, -62, -14, 26, -19, -72, -25, 72, 123, 98, 84, -83, 0, 7, 40, 65, 35, 68, 113, 12, -112, 32, -123, 58, 85, -30, -109, -74, 0, 34, -8, -126, 57, 30, 98, -107, -45, -88, 102, 68, 42, -30, -108, -89, 0, 38, -40, -61, 37, 82, 113, -115, 123, -100, 5, 46, 125, -23, 78, -111, -76, 36, -90, 67, -31, 10, 2, 96, -127, 21, 50, -79, 13, -125, -124, 38, 55, -67, -95, 81, -107, 12, 117, -86, 99, -127, 11};
-        byte[] pubBytes = {108, -76, -104, -75, -87, -65, -18, -5, 45, -57, -100, -83, 51, 99, 94, 15, -73, 89, -100, 40, -114, 91, -107, 104, 127, 22, 13, 5, -16, 69, -104, -126, -44, 119, 47, -48, 75, 66, 83, -37, -66, -84, 73, 52, 23, -27, 53, 63, 56, 14, -2, 43, -59, -85, -80, 46, 38, -126, 75, -8, -63, 88, 104, 13, 72, -25, -10, -58, -51, 117, -84, 115, -24, -53, 83, -103, -97, 46, 90, -82, -61, 113, -49, -24, -72, 24, -124, -42, -36, 7, 41, 8, 14, -71, -75, -84, -24, -39, 56, 67, 88, 67, 66, -13, 70, -119, -64, 74, -100, -58, 35, 105, -20, 93, 80, -116, -55, 37, -52, 64, 0, -36, -71, 8, 77, -10, -41, -22, -73, 4, -115, -74, -74, -73, 23, -10, -26, 48, 125, -114, -32, -116, 74, 19, -104, 59, 43, 4, 97, -84, 112, 45, 16, 3, -110, -13, 119, -6, 29, -80, 109, 82, -31, 82, 30, 76, -111, -122, -50, -69, -41, -123, 107, 78, -35, 24, -121, -87, -108, 13, 70, 32, -74, 112, 104, -40, -61, 86, -125, 60, -94, -5, -18, 55, 54, -128, 83, -88, 71, 71, -66, 29, -113, 120, 30, 16, -38, 37, 96, -90, 38, -85, 88, 59, 15, -69, 6, -8, 1, 1, 71, 12, 60, -26, -110, 97, 77, 33, 58, 63, 104, 108, 83, 72, -21, -99, 115, -125, -16, 12, 99, 68, 39, -97, -6, 17, 26, -59, 123, -110, -37, -71, 47, 50, 5, 110, -34, 89, -74, 20, 79, -108, -7, 42, 106, -112, 44, 107, 106, -50, 55, 127, -124, 53, 123, -119, -46, -114, -52, -85, 75, 34, -39, -125, 58, -5, -31, -81, -37, -94, -123, 113, 11, -104, -124, 96, -103, 9, 108, 115, 97, -6, 98, -43, 26, -89, -23, 83, 60, 34, -86, -54, 107, 78, -48, 118, -31, -19, 29, -106, 108, 117, 83, 119, 51, -45, 115, 108, -13, -89, -29, 29, -120, 108, 20, 22, -3, 22, 78, -109, 95, 3, -68, -10, -53, -117, -96, -49, 9, 7, 38, 116, 33, -65, 31, 9, -5, -73, 127, 52, 113, 87, -39, 119, -96, 74, -105, 75, -89, 63, 69, -109, -127, 92, -54, 17, -98, -23, -69, 123, -125, 23, -93, 44, -11, -25, -101, 120, -29, 113, -33, 0, -117, -100, -114, 22, 41, -46, 29, -109, 107, 37, -94, 125, 46, 17, 16, -65, -14, 105, -118, 51, -21, 121, -5, 56, 29, 30, -69, -38, -10, -77, -74, 6, -105, 83, 110, 23, 114, -11, -123, -14, 30, -11, -9, 84, -90, -20, -29, 72, -85, 97, -74, -59, -112, -15, -51, -105, 117, 123, -17, -64, -127, 127, -33, -102, 88, 77, 122, -127, -15, 121, -125, -32, 53, 113, 45, -22, 84, -87, 20, 36, 65, 83, -84, -66, -22, 4, 15, -108, -92, 109, -128, -48, 4, -27, -13, 25, 51, -10, 34, 87, 88, 38, -87, 89, -64, -62, 20, 78, 35, -26, -2, 55, 3, -72, -64, 30, 28, -105, 6, -37, -38, -8, 26, -118, 105, -37, -30, 85, -66, 105, -46, -37, -11, -72, 71, 43, -65, -44, 17, -79, 98, 79, -77, -111, 95, 74, 101, -40, -106, 14, -108, -112, 86, 108, 49, 72, -38, -103, -31, 65, -119, 8, 78, -89, 100, -28, 116, 94, 15, -18, 108, 101, 85, 8, -6, 111, -82, -49, -66, -89, 28, -84, -85, -119, 111, 45, 83, -60, -40, -45, -101, -105, -35, 123, -1, 13, -112, 79, -80, -85, -109, -71, 69, 104, 95, -93, 121, -17, 83, 117, -73, -63, -65, -107, -72, 118, -102, -56, 38, 79, 121, -25, -86, -81, -38, 8, 122, 97, 37, 82, -40, 53, 11, 124, -94, -76, -107, -125, -9, -119, 63, 52, -34, -72, -21, 59, 3, -100, -127, 47, -102, 19, -37, -45, -114, -65, 39, -106, 6, -127, -110, -38, 96, -38, -51, 110, -3, 28, 8, 102, -102, 96, -127, 109, -56, -53, -13, 59, -98, 92, 80, 1, 55, -91, -122, -105, 28, 69, -85, 109, -38, 105, 87, -5, 3, -102, 62, -92, 60, 43, -20, -7, -23, -84, 106, 121, -48, 123, -112, 56, -17, -52, 14, -123, -122, 64, 14, -23, -71, 60, 70, -121, 6, 37, -15, 77, 96, 104, -34, 58, -125, -61, 1, -26, 118, -78, -35, -1, 0, 5, 33, -98, -86, -127, 25, 56, -91, 82, -33, 60, -64, -86, 27, 31, -80, -79, 118, -12, -18, 40, -72, 32, 119, -28, -62, 100, -121, -71, -79, -9, 38, -37, 25, 65, -46, 8, -112, 37, 9, -56, 123, -40, -44, -90, -21, -54, -2, -7, 107, -93, 24, -126, 69, 42, -111, -84, 57, 69, -119, 21, 60, 57, -122, 111, -99, 49, -46, -119, 100, 98, 24, -62, 112, 122, 46, 18, -35, -67, 89, 104, 82, 12, 125, 57, -70, -112, -109, 96, 51, -68, 1, -101, -59, -92, 54, 85, -41, 17, 31, 94, 75, -128, 53, 84, 0, -83, -94, -123, 49, -30, -24, 18, 46, 48, -33, 120, 66, -69, 70, 23, -124, -117, 81, 96, 46, 47, -33, 83, -13, -14, -94, 49, 66, -46, 84, -27, -77, 6, 0, -75, -18, 86, -119, -88, 82, -50, 55, -20, 63, 55, -57, 22, -108, -103, -17, -22, 64, 65, 90, -34, -96, -117, 51, 119, -103, -35, 95, -15, -118, 2, -31, 31, -9, -58, 84, -75, 80, 39, -101, -56, 16, -75, 59, 48, -63, -24, -95, 119, 73, -110, -115, 49, -18, 54, -124, 112, -61, -40, -105, -118, -66, 15, -107, 75, 82, -70, -87, -11, -11, 48, 41, 119, -42, -34, -33, 57, 23, -14, -45, -125, -108, -75, 3, 44, 44, 58, 126, -126, -20, -123, 58, 114, 79, -102, -115, 115, 12, 66, 108, 84, 43, -46, -80, -41, -70, 111, -114, 123, 21, 1, 34, -72, 23, 105, -52, -39, -54, -119, 45, 77, -16, -66, -105, -11, 91, -46, 77, -104, -93, 52, -3, 17, 55, -10, 67, -33, 43, 75, -103, 106, 7, -35, -65, -21, 68, 118, -38, 59, -115, 31};
-
-        byte[] fullBytes = new byte[pubBytes.length + privBytes.length];
-
-        System.arraycopy(pubBytes, 0, fullBytes, 0, pubBytes.length);
-        System.arraycopy(privBytes, 0, fullBytes, pubBytes.length, privBytes.length);
-
-        NTRUEncryptionPrivateKeyParameters priv = new NTRUEncryptionPrivateKeyParameters(fullBytes, params.getEncryptionParameters());
-        NTRUEncryptionPublicKeyParameters pub = new NTRUEncryptionPublicKeyParameters(pubBytes, params.getEncryptionParameters());
-        AsymmetricCipherKeyPair kp = new AsymmetricCipherKeyPair(pub, priv);
-
-        ntru.init(true, kp.getPublic());
-
-        byte[] encrypted = ntru.processBlock(plainText, 0, plainText.length);
-
-        assertEquals(encrypted.length, ntru.getOutputBlockSize());
-
-        ntru.init(false, kp.getPrivate());
-
-        byte[] decrypted = ntru.processBlock(encrypted, 0, encrypted.length);
-
-        assertTrue(Arrays.areEqual(plainText, decrypted));
-    }
-
-    private class VisibleNTRUEngine
-        extends NTRUEngine
-    {
-        public IntegerPolynomial encrypt(IntegerPolynomial m, TernaryPolynomial r, IntegerPolynomial pubKey)
-        {
-            return super.encrypt(m, r, pubKey);
-        }
-
-        public IntegerPolynomial decrypt(IntegerPolynomial e, Polynomial priv_t, IntegerPolynomial priv_fp)
-        {
-            return super.decrypt(e, priv_t, priv_fp);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/NTRUEncryptionParametersTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/NTRUEncryptionParametersTest.java
deleted file mode 100644
index 4b2c8be..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/NTRUEncryptionParametersTest.java
+++ /dev/null

@@ -1,48 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-
-import junit.framework.TestCase;
-import org.bouncycastle.pqc.crypto.ntru.NTRUEncryptionKeyGenerationParameters;
-
-public class NTRUEncryptionParametersTest
-    extends TestCase
-{
-    public void testLoadSave()
-        throws IOException
-    {
-        NTRUEncryptionKeyGenerationParameters params = NTRUEncryptionKeyGenerationParameters.EES1499EP1;
-        ByteArrayOutputStream os = new ByteArrayOutputStream();
-        params.writeTo(os);
-        ByteArrayInputStream is = new ByteArrayInputStream(os.toByteArray());
-        assertEquals(params, new NTRUEncryptionKeyGenerationParameters(is));
-    }
-
-    public void testEqualsHashCode()
-        throws IOException
-    {
-        ByteArrayOutputStream os = new ByteArrayOutputStream();
-        NTRUEncryptionKeyGenerationParameters.EES1499EP1.writeTo(os);
-        ByteArrayInputStream is = new ByteArrayInputStream(os.toByteArray());
-        NTRUEncryptionKeyGenerationParameters params = new NTRUEncryptionKeyGenerationParameters(is);
-
-        assertEquals(params, NTRUEncryptionKeyGenerationParameters.EES1499EP1);
-        assertEquals(params.hashCode(), NTRUEncryptionKeyGenerationParameters.EES1499EP1.hashCode());
-
-        params.N += 1;
-        assertFalse(params.equals(NTRUEncryptionKeyGenerationParameters.EES1499EP1));
-        assertFalse(NTRUEncryptionKeyGenerationParameters.EES1499EP1.equals(params));
-        assertFalse(params.hashCode() == NTRUEncryptionKeyGenerationParameters.EES1499EP1.hashCode());
-    }
-
-    public void testClone()
-    {
-        NTRUEncryptionKeyGenerationParameters params = NTRUEncryptionKeyGenerationParameters.APR2011_439;
-        assertEquals(params, params.clone());
-
-        params = NTRUEncryptionKeyGenerationParameters.APR2011_439_FAST;
-        assertEquals(params, params.clone());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/NTRUSignatureKeyTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/NTRUSignatureKeyTest.java
deleted file mode 100644
index c9150ac..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/NTRUSignatureKeyTest.java
+++ /dev/null

@@ -1,58 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-
-import junit.framework.TestCase;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.pqc.crypto.ntru.NTRUSigner;
-import org.bouncycastle.pqc.crypto.ntru.NTRUSigningKeyGenerationParameters;
-import org.bouncycastle.pqc.crypto.ntru.NTRUSigningKeyPairGenerator;
-import org.bouncycastle.pqc.crypto.ntru.NTRUSigningPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.ntru.NTRUSigningPublicKeyParameters;
-
-public class NTRUSignatureKeyTest
-    extends TestCase
-{
-    public void testEncode()
-        throws IOException
-    {
-        for (NTRUSigningKeyGenerationParameters params : new NTRUSigningKeyGenerationParameters[]{NTRUSigningKeyGenerationParameters.TEST157, NTRUSigningKeyGenerationParameters.TEST157_PROD})
-        {
-            testEncode(params);
-        }
-    }
-
-    private void testEncode(NTRUSigningKeyGenerationParameters params)
-        throws IOException
-    {
-        NTRUSigner ntru = new NTRUSigner(params.getSigningParameters());
-        NTRUSigningKeyPairGenerator kGen = new NTRUSigningKeyPairGenerator();
-
-        kGen.init(params);
-
-        AsymmetricCipherKeyPair kp = kGen.generateKeyPair();
-
-        NTRUSigningPrivateKeyParameters kPriv = (NTRUSigningPrivateKeyParameters)kp.getPrivate();
-        NTRUSigningPublicKeyParameters kPub = (NTRUSigningPublicKeyParameters)kp.getPublic();
-
-        // encode to byte[] and reconstruct
-        byte[] priv = kPriv.getEncoded();
-        byte[] pub = kPub.getEncoded();
-        AsymmetricCipherKeyPair kp2 = new AsymmetricCipherKeyPair(new NTRUSigningPublicKeyParameters(pub, params.getSigningParameters()), new NTRUSigningPrivateKeyParameters(priv, params));
-        assertEquals(kPub, kp2.getPublic());
-        assertEquals(kPriv, kp2.getPrivate());
-
-        // encode to OutputStream and reconstruct
-        ByteArrayOutputStream bos1 = new ByteArrayOutputStream();
-        ByteArrayOutputStream bos2 = new ByteArrayOutputStream();
-        kPriv.writeTo(bos1);
-        kPub.writeTo(bos2);
-        ByteArrayInputStream bis1 = new ByteArrayInputStream(bos1.toByteArray());
-        ByteArrayInputStream bis2 = new ByteArrayInputStream(bos2.toByteArray());
-        AsymmetricCipherKeyPair kp3 = new AsymmetricCipherKeyPair(new NTRUSigningPublicKeyParameters(bis2, params.getSigningParameters()), new NTRUSigningPrivateKeyParameters(bis1, params));
-        assertEquals(kPub, kp3.getPublic());
-        assertEquals(kPriv, kp3.getPrivate());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/NTRUSignatureParametersTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/NTRUSignatureParametersTest.java
deleted file mode 100644
index a5f7604..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/NTRUSignatureParametersTest.java
+++ /dev/null

@@ -1,64 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-
-import junit.framework.TestCase;
-import org.bouncycastle.pqc.crypto.ntru.NTRUSigningKeyGenerationParameters;
-
-public class NTRUSignatureParametersTest
-    extends TestCase
-{
-    public void testLoadSave()
-        throws IOException
-    {
-        for (NTRUSigningKeyGenerationParameters params : new NTRUSigningKeyGenerationParameters[]{NTRUSigningKeyGenerationParameters.TEST157, NTRUSigningKeyGenerationParameters.TEST157_PROD, NTRUSigningKeyGenerationParameters.APR2011_743, NTRUSigningKeyGenerationParameters.APR2011_743_PROD})
-        {
-            testLoadSave(params);
-        }
-    }
-
-    private void testLoadSave(NTRUSigningKeyGenerationParameters params)
-        throws IOException
-    {
-        ByteArrayOutputStream os = new ByteArrayOutputStream();
-        params.writeTo(os);
-        ByteArrayInputStream is = new ByteArrayInputStream(os.toByteArray());
-        assertEquals(params, new NTRUSigningKeyGenerationParameters(is));
-    }
-
-    public void testEqualsHashCode()
-        throws IOException
-    {
-        for (NTRUSigningKeyGenerationParameters params : new NTRUSigningKeyGenerationParameters[]{NTRUSigningKeyGenerationParameters.TEST157, NTRUSigningKeyGenerationParameters.TEST157_PROD, NTRUSigningKeyGenerationParameters.APR2011_743, NTRUSigningKeyGenerationParameters.APR2011_743_PROD})
-        {
-            testEqualsHashCode(params);
-        }
-    }
-
-    private void testEqualsHashCode(NTRUSigningKeyGenerationParameters params)
-        throws IOException
-    {
-        ByteArrayOutputStream os = new ByteArrayOutputStream();
-        params.writeTo(os);
-        ByteArrayInputStream is = new ByteArrayInputStream(os.toByteArray());
-        NTRUSigningKeyGenerationParameters params2 = new NTRUSigningKeyGenerationParameters(is);
-
-        assertEquals(params, params2);
-        assertEquals(params.hashCode(), params2.hashCode());
-
-        params.N += 1;
-        assertFalse(params.equals(params2));
-        assertFalse(params.equals(params2));
-        assertFalse(params.hashCode() == params2.hashCode());
-    }
-
-    public void testClone()
-    {
-        for (NTRUSigningKeyGenerationParameters params : new NTRUSigningKeyGenerationParameters[]{NTRUSigningKeyGenerationParameters.TEST157, NTRUSigningKeyGenerationParameters.TEST157_PROD, NTRUSigningKeyGenerationParameters.APR2011_743, NTRUSigningKeyGenerationParameters.APR2011_743_PROD})
-        {
-            assertEquals(params, params.clone());
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/NTRUSignerTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/NTRUSignerTest.java
deleted file mode 100644
index 06edc60..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/NTRUSignerTest.java
+++ /dev/null

@@ -1,317 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-
-import junit.framework.TestCase;
-
-/**
- * @deprecated algorithm no longer safe.
- */
-public class NTRUSignerTest
-    extends TestCase
-{
-    public void testStub()
-    {
-
-    }
-    /*
-    public void testCreateBasis()
-    {
-        for (NTRUSigningKeyGenerationParameters params : new NTRUSigningKeyGenerationParameters[]{NTRUSigningKeyGenerationParameters.TEST157.clone(), NTRUSigningKeyGenerationParameters.TEST157_PROD.clone()})
-        {
-            testCreateBasis(params);
-        }
-    }
-
-    private void testCreateBasis(NTRUSigningKeyGenerationParameters params)
-    {
-        NTRUSigningKeyPairGenerator ntru = new NTRUSigningKeyPairGenerator();
-
-        ntru.init(params);
-
-        NTRUSigningKeyPairGenerator.FGBasis basis = (NTRUSigningKeyPairGenerator.FGBasis)ntru.generateBoundedBasis();
-        assertTrue(equalsQ(basis.f, basis.fPrime, basis.F, basis.G, params.q, params.N));
-
-        // test KeyGenAlg.FLOAT (default=RESULTANT)
-        params.keyGenAlg = NTRUSigningKeyGenerationParameters.KEY_GEN_ALG_FLOAT;
-        ntru.init(params);
-        basis = (NTRUSigningKeyPairGenerator.FGBasis)ntru.generateBoundedBasis();
-        assertTrue(equalsQ(basis.f, basis.fPrime, basis.F, basis.G, params.q, params.N));
-    }
-
-    // verifies that f*G-g*F=q
-    private boolean equalsQ(Polynomial f, Polynomial g, IntegerPolynomial F, IntegerPolynomial G, int q, int N)
-    {
-        IntegerPolynomial x = f.mult(G);
-        x.sub(g.mult(F));
-        boolean equalsQ = true;
-        for (int i = 1; i < x.coeffs.length; i++)
-        {
-            equalsQ &= x.coeffs[i] == 0;
-        }
-        equalsQ &= x.coeffs[0] == q;
-        return equalsQ;
-    }
-
-    /**
-     * a test for the one-method-call variants: sign(byte, SignatureKeyPair) and verify(byte[], byte[], SignatureKeyPair)
-     *
-    public void testSignVerify157()
-        throws IOException
-    {
-        for (NTRUSigningKeyGenerationParameters params : new NTRUSigningKeyGenerationParameters[]{NTRUSigningKeyGenerationParameters.TEST157.clone(), NTRUSigningKeyGenerationParameters.TEST157_PROD.clone(), NTRUSigningKeyGenerationParameters.APR2011_439.clone(), NTRUSigningKeyGenerationParameters.APR2011_439_PROD.clone(), NTRUSigningKeyGenerationParameters.APR2011_743.clone(), NTRUSigningKeyGenerationParameters.APR2011_743_PROD.clone()})
-        {
-            testSignVerify(params);
-        }
-    }
-
-    public void testSignVerify439()
-        throws IOException
-    {
-        for (NTRUSigningKeyGenerationParameters params : new NTRUSigningKeyGenerationParameters[]{NTRUSigningKeyGenerationParameters.APR2011_439.clone(), NTRUSigningKeyGenerationParameters.APR2011_439_PROD.clone()})
-        {
-            testSignVerify(params);
-        }
-    }
-//
-//    public void testSignVerify743()
-//        throws IOException
-//    {
-//        for (NTRUSigningKeyGenerationParameters params :  new NTRUSigningKeyGenerationParameters[]{NTRUSigningKeyGenerationParameters.APR2011_743.clone(), NTRUSigningKeyGenerationParameters.APR2011_743_PROD.clone()})
-//        {
-//            testSignVerify(params);
-//        }
-//    }
-
-    private void testSignVerify(NTRUSigningKeyGenerationParameters params)
-        throws IOException
-    {
-        NTRUSigner ntru = new NTRUSigner(params.getSigningParameters());
-        NTRUSigningKeyPairGenerator kGen = new NTRUSigningKeyPairGenerator();
-
-        kGen.init(params);
-
-        AsymmetricCipherKeyPair kp = kGen.generateKeyPair();
-
-        Random rng = new Random();
-        byte[] msg = new byte[10 + rng.nextInt(1000)];
-        rng.nextBytes(msg);
-
-        // sign and verify
-        ntru.init(true, kp.getPrivate());
-
-        ntru.update(msg, 0, msg.length);
-
-        byte[] s = ntru.generateSignature();
-
-        ntru.init(false, kp.getPublic());
-
-        ntru.update(msg, 0, msg.length);
-
-        boolean valid = ntru.verifySignature(s);
-
-        assertTrue(valid);
-
-        // altering the signature should make it invalid
-        s[rng.nextInt(params.N)] += 1;
-        ntru.init(false, kp.getPublic());
-
-        ntru.update(msg, 0, msg.length);
-
-        valid = ntru.verifySignature(s);
-        assertFalse(valid);
-
-        // test that a random signature fails
-        rng.nextBytes(s);
-
-        ntru.init(false, kp.getPublic());
-
-        ntru.update(msg, 0, msg.length);
-
-        valid = ntru.verifySignature(s);
-        assertFalse(valid);
-
-        // encode, decode keypair, test
-        NTRUSigningPrivateKeyParameters priv = new NTRUSigningPrivateKeyParameters(((NTRUSigningPrivateKeyParameters)kp.getPrivate()).getEncoded(), params);
-        NTRUSigningPublicKeyParameters pub = new NTRUSigningPublicKeyParameters(((NTRUSigningPublicKeyParameters)kp.getPublic()).getEncoded(), params.getSigningParameters());
-        kp = new AsymmetricCipherKeyPair(pub, priv);
-
-        ntru.init(true, kp.getPrivate());
-        ntru.update(msg, 0, msg.length);
-
-        s = ntru.generateSignature();
-
-        ntru.init(false, kp.getPublic());
-        ntru.update(msg, 0, msg.length);
-
-        valid = ntru.verifySignature(s);
-        assertTrue(valid);
-
-        // altering the signature should make it invalid
-        s[rng.nextInt(s.length)] += 1;
-        ntru.init(false, kp.getPublic());
-        ntru.update(msg, 0, msg.length);
-        valid = ntru.verifySignature(s);
-        assertFalse(valid);
-
-        // sparse/dense
-        params.sparse = !params.sparse;
-
-        ntru.init(true, kp.getPrivate());
-        ntru.update(msg, 0, msg.length);
-
-        s = ntru.generateSignature();
-
-        ntru.init(false, kp.getPublic());
-        ntru.update(msg, 0, msg.length);
-        valid = ntru.verifySignature(s);
-        assertTrue(valid);
-
-        s[rng.nextInt(s.length)] += 1;
-        ntru.init(false, kp.getPublic());
-        ntru.update(msg, 0, msg.length);
-        valid = ntru.verifySignature(s);
-        assertFalse(valid);
-        params.sparse = !params.sparse;
-
-        // decrease NormBound to force multiple signing attempts
-        NTRUSigningKeyGenerationParameters params2 = params.clone();
-        params2.normBoundSq *= 4.0 / 9;
-        params2.signFailTolerance = 10000;
-        ntru = new NTRUSigner(params2.getSigningParameters());
-
-        ntru.init(true, kp.getPrivate());
-        ntru.update(msg, 0, msg.length);
-
-        s = ntru.generateSignature();
-
-        ntru.init(false, kp.getPublic());
-        ntru.update(msg, 0, msg.length);
-        valid = ntru.verifySignature(s);
-
-        assertTrue(valid);
-
-        // test KeyGenAlg.FLOAT (default=RESULTANT)
-        params2 = params.clone();
-        params.keyGenAlg = NTRUSigningKeyGenerationParameters.KEY_GEN_ALG_FLOAT;
-        ntru = new NTRUSigner(params.getSigningParameters());
-
-        kGen.init(params);
-
-        kp = kGen.generateKeyPair();
-        ntru.init(true, kp.getPrivate());
-        ntru.update(msg, 0, msg.length);
-
-        s = ntru.generateSignature();
-        ntru.init(false, kp.getPublic());
-        ntru.update(msg, 0, msg.length);
-        valid = ntru.verifySignature(s);
-        assertTrue(valid);
-        s[rng.nextInt(s.length)] += 1;
-        ntru.init(false, kp.getPublic());
-        ntru.update(msg, 0, msg.length);
-        valid = ntru.verifySignature(s);
-        assertFalse(valid);
-    }
-
-    /**
-     * test for the initSign/update/sign and initVerify/update/verify variant
-     *
-    public void testInitUpdateSign()
-    {
-        for (NTRUSigningKeyGenerationParameters params : new NTRUSigningKeyGenerationParameters[]{NTRUSigningKeyGenerationParameters.TEST157.clone(), NTRUSigningKeyGenerationParameters.TEST157_PROD.clone()})
-        {
-            testInitUpdateSign(params);
-        }
-    }
-
-    private void testInitUpdateSign(NTRUSigningKeyGenerationParameters params)
-    {
-        NTRUSigner ntru = new NTRUSigner(params.getSigningParameters());
-        NTRUSigningKeyPairGenerator kGen = new NTRUSigningKeyPairGenerator();
-
-        kGen.init(params);
-
-        AsymmetricCipherKeyPair kp = kGen.generateKeyPair();
-
-        Random rng = new Random();
-        byte[] msg = new byte[10 + rng.nextInt(1000)];
-        rng.nextBytes(msg);
-
-        // sign and verify a message in two pieces each
-        ntru.init(true, kp.getPrivate());
-        int splitIdx = rng.nextInt(msg.length);
-        ntru.update(msg[0]);   // first byte
-        ntru.update(msg, 1, splitIdx - 1);   // part 1 of msg
-        ntru.update(msg, splitIdx, msg.length - splitIdx);
-        byte[] s = ntru.generateSignature();   // part 2 of msg
-        ntru.init(false, kp.getPublic());
-        splitIdx = rng.nextInt(msg.length);
-        ntru.update(msg, 0, splitIdx);   // part 1 of msg
-        ntru.update(msg, splitIdx, msg.length - splitIdx);   // part 2 of msg
-        boolean valid = ntru.verifySignature(s);
-        assertTrue(valid);
-        // verify the same signature with the one-step method
-        ntru.init(false, (NTRUSigningPublicKeyParameters)kp.getPublic());
-        ntru.update(msg, 0, msg.length);   // part 1 of msg
-        valid = ntru.verifySignature(s);
-        assertTrue(valid);
-
-        // sign using the one-step method and verify using the multi-step method
-        ntru.init(true, kp.getPrivate());
-        ntru.update(msg, 0, msg.length);
-        s = ntru.generateSignature();
-        ntru.init(false, (NTRUSigningPublicKeyParameters)kp.getPublic());
-        splitIdx = rng.nextInt(msg.length);
-        ntru.update(msg, 0, splitIdx);   // part 1 of msg
-        ntru.update(msg, splitIdx, msg.length - splitIdx);   // part 2 of msg
-        valid = ntru.verifySignature(s);
-        assertTrue(valid);
-    }
-
-    public void testCreateMsgRep()
-    {
-        for (NTRUSigningKeyGenerationParameters params : new NTRUSigningKeyGenerationParameters[]{NTRUSigningKeyGenerationParameters.TEST157.clone(), NTRUSigningKeyGenerationParameters.TEST157_PROD.clone()})
-        {
-            testCreateMsgRep(params);
-        }
-    }
-
-    private void testCreateMsgRep(NTRUSigningKeyGenerationParameters params)
-    {
-        VisibleNTRUSigner ntru = new VisibleNTRUSigner(params.getSigningParameters());
-        byte[] msgHash = "adfsadfsdfs23234234".getBytes();
-
-        // verify that the message representative is reproducible
-        IntegerPolynomial i1 = ntru.createMsgRep(msgHash, 1);
-        IntegerPolynomial i2 = ntru.createMsgRep(msgHash, 1);
-        assertTrue(Arrays.areEqual(i1.coeffs, i2.coeffs));
-        i1 = ntru.createMsgRep(msgHash, 5);
-        i2 = ntru.createMsgRep(msgHash, 5);
-        assertTrue(Arrays.areEqual(i1.coeffs, i2.coeffs));
-
-        i1 = ntru.createMsgRep(msgHash, 2);
-        i2 = ntru.createMsgRep(msgHash, 3);
-        assertFalse(Arrays.areEqual(i1.coeffs, i2.coeffs));
-    }
-
-    private class VisibleNTRUSigner
-        extends NTRUSigner
-    {
-
-        /**
-         * Constructs a new instance with a set of signature parameters.
-         *
-         * @param params signature parameters
-         *
-        public VisibleNTRUSigner(NTRUSigningParameters params)
-        {
-            super(params);
-        }
-
-        public IntegerPolynomial createMsgRep(byte[] hash, int i)
-        {
-            return super.createMsgRep(hash, i);
-        }
-    }
-    */
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/NTRUSigningParametersTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/NTRUSigningParametersTest.java
deleted file mode 100644
index 5279312..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/NTRUSigningParametersTest.java
+++ /dev/null

@@ -1,65 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-
-import junit.framework.TestCase;
-import org.bouncycastle.pqc.crypto.ntru.NTRUSigningKeyGenerationParameters;
-
-public class NTRUSigningParametersTest
-    extends TestCase
-{
-
-    public void testLoadSave()
-        throws IOException
-    {
-        for (NTRUSigningKeyGenerationParameters params : new NTRUSigningKeyGenerationParameters[]{NTRUSigningKeyGenerationParameters.TEST157, NTRUSigningKeyGenerationParameters.TEST157_PROD})
-        {
-            testLoadSave(params);
-        }
-    }
-
-    private void testLoadSave(NTRUSigningKeyGenerationParameters params)
-        throws IOException
-    {
-        ByteArrayOutputStream os = new ByteArrayOutputStream();
-        params.writeTo(os);
-        ByteArrayInputStream is = new ByteArrayInputStream(os.toByteArray());
-        assertEquals(params, new NTRUSigningKeyGenerationParameters(is));
-    }
-
-    public void testEqualsHashCode()
-        throws IOException
-    {
-        for (NTRUSigningKeyGenerationParameters params : new NTRUSigningKeyGenerationParameters[]{NTRUSigningKeyGenerationParameters.TEST157, NTRUSigningKeyGenerationParameters.TEST157_PROD})
-        {
-            testEqualsHashCode(params);
-        }
-    }
-
-    private void testEqualsHashCode(NTRUSigningKeyGenerationParameters params)
-        throws IOException
-    {
-        ByteArrayOutputStream os = new ByteArrayOutputStream();
-        params.writeTo(os);
-        ByteArrayInputStream is = new ByteArrayInputStream(os.toByteArray());
-        NTRUSigningKeyGenerationParameters params2 = new NTRUSigningKeyGenerationParameters(is);
-
-        assertEquals(params, params2);
-        assertEquals(params.hashCode(), params2.hashCode());
-
-        params.N += 1;
-        assertFalse(params.equals(params2));
-        assertFalse(params.equals(params2));
-        assertFalse(params.hashCode() == params2.hashCode());
-    }
-
-    public void testClone()
-    {
-        for (NTRUSigningKeyGenerationParameters params : new NTRUSigningKeyGenerationParameters[]{NTRUSigningKeyGenerationParameters.TEST157, NTRUSigningKeyGenerationParameters.TEST157_PROD})
-        {
-            assertEquals(params, params.clone());
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/NewHopeTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/NewHopeTest.java
deleted file mode 100644
index c8ce567..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/NewHopeTest.java
+++ /dev/null

@@ -1,227 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import java.io.IOException;
-import java.security.SecureRandom;
-
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.crypto.util.DEROtherInfo;
-import org.bouncycastle.pqc.crypto.ExchangePair;
-import org.bouncycastle.pqc.crypto.newhope.NHAgreement;
-import org.bouncycastle.pqc.crypto.newhope.NHExchangePairGenerator;
-import org.bouncycastle.pqc.crypto.newhope.NHKeyPairGenerator;
-import org.bouncycastle.pqc.crypto.newhope.NHOtherInfoGenerator;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.SimpleTest;
-
-public class NewHopeTest
-    extends SimpleTest
-{
-//    private static final byte[] SECRETA = Hex.decode(
-//        "0823190c27cf2066195d13721d702f1e2248309e124927d5182f175e348a1e800791357825800808223e236e22c41d4e081a2499139e238814590f3d296e34d7"
-//            + "1eaa25fb37aa2dac36fa0bba1b0b113616df29a620150bdb12071636186c27ae1546264f33182e4e11330d8e3024138d2dff18de0f411d930f2f11840a6d1e3c"
-//            + "0b0b18a81a8014eb364514f00c3a1ab41295314233e2167b049c3481103f243910ac1eaf16da23322b83227738f02b4d26782f8d0e542e04087319981c760ba8"
-//            + "329c303f1b0223b429050ef8121220772cc91355309a36051da5282318fe34c60e7034872b10188e2bc1338e0e890a6a13e508cb12dc261d34bb15950fe82f32"
-//            + "1cc8090413ec2c1127b1369b28cd0ada154d307a0e582b85240e24e525af20371d6d0c7e0dcb08b60cc023f10afe166323230f3a0a87279f0cd70e8d29b22c95"
-//            + "160d13be312131b032103349346e324f1ff812001770269e31c0251a0ab4221a1cdd2d93215b226d19a12cb407cc287c11d821a00a8022182d1725cb13a50d79"
-//            + "303d1d680d111367188932891d771f552fb014d62d0214d534b023a70da30c753212167608ae1ac72e4d26c917491bb1204f23b734eb20171a1e26ae22ae2715"
-//            + "116933b60cce1d3717701d051d980b9512ca0eb1189e188f0e2c2cd30c800c6024b310d732d6124723c207b5184818e4308f1c1e22921dee32a91f4a0b8b2e28"
-//            + "2c290685063f192628701d701d68196f284a2664234d1aa42af7120d1b2532b3168930aa26a51acf2a8214a50c6b330e059315e205c6297f2fc10d420f8d0680"
-//            + "28652c0b1119307f09a30b881d5709d52b6e2a2e1eeb19260f521c77066c18ce27262f0b048428ab1eb20ee71e9c066408b909a5275a09da2ebe254b176518ba"
-//            + "12e723df13ef152d1d112d700e1622681fa1310a2000138b09f8315622612e492df60d222a430bac2abd06e125a91e1907c92c3a19f829312a6f2dad0aca1772"
-//            + "03f1142b0b2f0bfd17a009c60eb913fe32c908590e8f300521dd31880f2b12a8215f1dfa1d8f168228730fc11ae80ca015da0bd412271c8827512325311b1b83"
-//            + "1ef2227723b605af2d7015bd14bf17b712aa304c30821a181bff1f7b22d6323b067a232526720fd91ed8054730e714ad163220a11986213a1c2d1af22958207c"
-//            + "2d3428922d710d33207a23831f430a792658042719762dd50b811f412cb20486315219ed084c1b221570327226b60e1907b224b215911ab3266128cf21c623f4"
-//            + "08930e9230331dba23790b5c0fdb26530d97323712cd279612d40c7a14341fc323a32893131c2cf520412ca60c28059a09c8181b2303275e2c13119c22772d28"
-//            + "1f5304941900134f07d2085b1dd9107b03ab0ce118d206be2eb32d3c0d981bcb0b1920f80b6c0e7b311118cc16542bb61f1005dc0fa9319b25d1165f234d0fdc"
-//            + "08e41cc4035605ad04990a0a14142e81172228b31963098a20ac27b723e9161922432b4330ef102d1067316f239e107f071d11e4053b182817f715b72c3a1ab4"
-//            + "1b0213a419c618060d9e0ba01be010820ed41e8e28580cd12bd81f7a1f4505be21862ac1262601b814ad10241476048d211c2d541834319909dd0ed11c4c29b8"
-//            + "1ba22af20689271821210b22049c0e391f6e0a6406ae1a2d06f322f80db72973127719e70fbb17070f460f732999089523ae28dd1347263431831a932264294a"
-//            + "0dc005b6211116c42daf232623ef12fa08040bc8183e1bec1d0510bd2c5f11aa20d60e5405672d46244b2b5b2c5e18740e37304c13b311ac2fb5266129600af1"
-//            + "0edc0ccb1b5030bc1abf0c1913b425c0144711a922040f352d5a2c3610390db626142ea614430503062a252f030a20a22ec4308d14fd17be19b12bac06752f86"
-//            + "237330d7132006e5229106e52a3b1d64081503c40fd230cd19ae0be3243b2c0b02601e0809421bff0ed72ede16b5201a0a9f27871c4832e023d82a40056f0584"
-//            + "136204270dbf1b0103a627c00e9315ce02b004ac1e0e06e025b526cd0e60252231d706c01d5c32fb26fc31452d3a282b20a02c042eb721d10c1126d105702c27"
-//            + "21ed246f18482f0e1cf802632ec20da91a501217277516850e0321ab0a3f06d80bb3241d0fee170b247d1be804700cdb28831720108f2e9924312f9a232f197f"
-//            + "2aad15b91534092413621c6630f623280b36208014c92fe41d9306982d0d19141b0e053e09f915001fce27b90b521bf00502151114641c50066508f12a290bb4"
-//            + "2cb908c22ef225262ddc121a0b3c2a9829f40b8719e616520b1b1c250a94160b19690a552bc22e452086266b315e14bc1240038c31f0098005d22e4e073711ef"
-//            + "040d2df103f42555198d30d80eed31c71852035817a80788070c201f286017bc0f082a8b23412f9328f1166f147529e62c2f210e16be1ade0e821346103322f6"
-//            + "222d1178119d299a1fd6272415b80d390fd4131a0e6712dd197305a40fd43157302725b315961b952b0513ff0278266c3015077120542d991b7808882b750f3a"
-//            + "093906f61288181d269f10aa22782eb5280410d82dc132170e8d1ef71cb5068219491c7514db31420f7e2df627372e5713a8073d2817025d2b862b3004ac2f8f"
-//            + "22e11c8f03cc259520d427fb100218a522121be202a22e0f29080f1b23e524941efa21a80d350f76317811d01c7d101b24e10c9e0bed1bbc21e821e31eb7044e"
-//            + "2c80287609b123071daa0b93051b2dd205b515a325d92643087814fe1978286a02c03110301b31d121b6261002e91ecb275f090a2afb230612302fbf12f21d2a"
-//            + "23771846087324ed14930694317703ac278a249e19af11350e3f05882a5d2b3f26d229f628da06cf06732f7317cc230c2bda037609f5186e2a2e29882b3d1757");
-//
-//    private static final byte[] SENDB = Hex.decode(
-//        "8c06d4972b4521374d5ce3404823db20bd5b6288795faa324216a54e8cdcd20676ba83609f5db66a1967a6079f9126e512061cf9d58dea45e7814e22c9bc2ff3"
-//            + "661546a65985f70da5fb10d675352211e847387c1b5dc0badd34284a552d7904680528d0dbb74e69ab90d844b149d81613a09c46fa6690b845707a6970953755"
-//            + "10b2abfc4675a85e3b48908011e4b53bdce691ae64c7c48f35b8c7e02cd68a0eb745139ee560984d015d4d94252408a715f0e58306ad84532794a57a75859499"
-//            + "14c4ad68b74189f0ac4d7c8947299a12d981cc2ff3581636b1515cd7b73d103def24321a05a489b8849bb3fa64b5ab690e2a57d4359621d56be79c1f396ed3e2"
-//            + "63068c138e64a26be6851dd971a69fe07adea867f1323655ed934ce6ae103464cc2ba96ff038996b0bc9321e1fec6a9844c5389eb6897aa98755aebacbbf9379"
-//            + "258b8311a4c44e7287edc6bd8765840eccc7c8b322e57131908ab33985b79b9c1c91077c8d41dedcbad2505459293dba42d0bf56d8f298ad216f7ad26fa817f6"
-//            + "4f2e525604d4092f36014e0698660c804b28e1e03e98d391636516e11b7d8d4eb82b60bec3a3bbd4944068574159517028a5d06e721a187e0a9f294569964e96"
-//            + "9a56cd371ea8556ea76151a75a4bce622d885f9892c92537ab63c17d43a79704988443980c2cd35ac69c916457e3b230087bcc92c34c607b7a633ae32c39bbbd"
-//            + "ad4bf0f98a957e854078061991256da5cbc0d07d0a8a610b1be0063cc8271716866174c28810ad4d40d7d916bafb7a1c8253826569dd2e16d4c5f48baea82fd5"
-//            + "d3412f9c680eaf0de8001c8c8766eb87fb81a771c67a269b155ee6a2e158719d205b0a8b7b89480e5c8ef7da18b8437f618c402ef11c5e8a6d59110962c94a4b"
-//            + "83a4587b58152ba895deab6c52beb9572474de1cbda147b189cbd4f1c400f985505dcf8497f65408ade1677ab434ecdc19aad3ba558e83aa5200b5555e812d2b"
-//            + "3320812b9e4fb47b20948c40269a115118b941be5926ad77c09b89a72f56be50c716e4016d384dda5fd0ab014847dccdd3044a94a8537e2b8e20043cc19be364"
-//            + "128632016321456ab2f390e29a43e42155656d5b5fb96a9812f71323b88899279f9b4da45fc26a6c91f7dd868e4aa12abef11b21e59e6758fd9c8118fb4aaeed"
-//            + "6700a8bcdad2228f9dd15593a3b1207d24f2a0d40034de9265f609acaa17e93cca96899f67811ffa9265786217d340f42a09316766d3fc8829a71d8ce7213433"
-//            + "c6c515fbd8b9626bc1b67a0f6946de4b886792aa2f77030d08532eadfea21e80d902b9d24472e363a26a6dd8cee685b88517438949373e4a11a18002240e0341"
-//            + "2c6057a230b7b51354891a86407ec612f8fdf538d08fd925812815c2d4a78ab2268e0f283e76dced3a410f396501643dbc494c55c9fd5c5ed08e28472100df58"
-//            + "2da681fc71fa200e83d3a860d556c456614c93f5c69e013d6c53ee6fe9423b9d277d4da32b6681af7d9e890b8fb01700d679881e017edd142d32f3e5bee54050"
-//            + "3372519abcc796b2d830042b0f7b97e639188b21c7231552053ed508b5ed851c0681d850230879a7c46f185a5a54b7dc1933c782434158fc43480d80d65714ab"
-//            + "54452d5544987187c655a2a3f41bbe187988c1a0702ad03a8c530262141c75830a6e962bda4f208f7a7a6f4ead5995b985bd3c5a5029aa92f6f56405c2d08155"
-//            + "6d860441e077e0053ae74061f9351e7927871b75625d0cb2433e205bb97030c5ccc9fffe9cedc62a683db90e396f2eb485305d62a76c782cbe66508bf5b130b2"
-//            + "8c8da2c993865d667e22e789301a1a94506d995d6a11581f4f314e7cbfcc4c65e7d76e48062ecff6fa32af5ac58b00b738421b211ad9ad060a3b2b67903ad28e"
-//            + "4b2214c3a14429a0d68369f856132b24e183c48991c28c35e6be2e83c1ccf078199189f55d835798008270cdbe409a5c9954c63e400e6d91694850e2352e8559"
-//            + "c34f19f7fd4c429bcb0bba944d8c0c41706361b967c96ba1eaa266cea84cd37f0c6a40caafaae8d40a89d0ca06967ca910d6a20a29685dfc2be692b0f9b0ec96"
-//            + "9723bc5996926bb2d806d86369a04dd7c272752467922128b2966b868b4559fe936baaf5c8b6892c916dab935381387da2e0f71cb26abf089913820a33b564a5"
-//            + "2b625d810c570cd147d212e649f994a1a2a7ac2e30e310f1be5359cb892016123cd27dd4efd64227eb83a90e99a79fcbc9176be25c838eb6eabbee8bbb455259"
-//            + "269197ac4c66ea383e5e265aeb1bf64c34ffd4779a6800ac4e12b1277a8c59b89f4c728cc93e71ec93c7bfd09a8e9cbf19bde439aa95a2a35c31ab4b4314d252"
-//            + "b5702f1ed69573fe12315f3561efc22ddb4b98a747922b4944c79457e430e9adbe98dcc0231bdc88a58bf67c034da18584dc7c49c776892236b67c1762f3eb1d"
-//            + "7f2323aebbf211b2b8074d29273847e50f8d43bcae33db20678a3ed61f7ac49ea6a3f0361cd0c1752c7a0a78ad52d8c9ae755b575dd28bf05b7b0ef438b85d89"
-//            + "f9edd1f598c8e972211d971df25d64d9a29fecb4de3c828219434ade29509f6170142ac0756b7176658fa4f3f7e00f2cac901db5e0bc6c3d5c0028572ff0de3a"
-//            + "f09cf1935e7c3231ad025570a895e9edbbe8d509df51a7297e729cf24e83c1e5237536417c96bc265addcf7b9f6e4dccfe45a4219b533d5db3c596cc2eed06ae"
-//            + "de6f4a9d6935367e204127eeb4547c38d830e7e9e99cac5effef27b8f57dd07c2e60e4d79ab22e250829d347c5a80730ed957a83334b1a1470d08db01b9552dc"
-//            + "092b1d3597c97f34332d4e1e503a3b755ade39b68a5ef9b9c13efd7cc4f47484dab6000750222510cfee516c5f23efdf70fd196fcf136a0bdb23745707a95a4a");
-//
-//    private static final byte[] KEYB = Hex.decode("5946400eed4b18ce8d7fb1f744e46e5689009aa4672526c0c59a0adb3dd3ca37");
-
-    private static final int ROUNDS = 1000;
-
-    private void testKeyExchange() throws Exception
-    {
-        SecureRandom aliceRand = new SecureRandom();
-        SecureRandom bobRand = new SecureRandom();
-
-        for (int i = 0; i < ROUNDS; ++i)
-        {
-            NHKeyPairGenerator kpGen = new NHKeyPairGenerator();
-
-            kpGen.init(new KeyGenerationParameters(aliceRand, 2048));
-
-            AsymmetricCipherKeyPair aliceKp = kpGen.generateKeyPair();
-
-            NHExchangePairGenerator exchGen = new NHExchangePairGenerator(bobRand);
-
-            ExchangePair bobExchPair = exchGen.generateExchange(aliceKp.getPublic());
-
-            NHAgreement agreement = new NHAgreement();
-
-            agreement.init(aliceKp.getPrivate());
-
-            byte[] aliceSharedKey = agreement.calculateAgreement(bobExchPair.getPublicKey());
-
-            isTrue("value mismatch", Arrays.areEqual(aliceSharedKey, bobExchPair.getSharedValue()));
-        }
-    }
-
-    private void testPrivInfoGeneration()
-        throws IOException
-    {
-        SecureRandom random = new SecureRandom();
-        NHOtherInfoGenerator.PartyU partyU = new NHOtherInfoGenerator.PartyU(new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1), Hex.decode("beef"), Hex.decode("cafe"), random);
-
-        byte[] partA = partyU.getSuppPrivInfoPartA();
-
-        NHOtherInfoGenerator.PartyV partyV = new NHOtherInfoGenerator.PartyV(new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1), Hex.decode("beef"), Hex.decode("cafe"), random);
-
-        byte[] partB = partyV.getSuppPrivInfoPartB(partA);
-
-        DEROtherInfo otherInfoU = partyU.generate(partB);
-
-        DEROtherInfo otherInfoV = partyV.generate();
-
-        areEqual(otherInfoU.getEncoded(), otherInfoV.getEncoded());
-    }
-
-    private void testReuse()
-        throws IOException
-    {
-        SecureRandom random = new SecureRandom();
-        NHOtherInfoGenerator.PartyU partyU = new NHOtherInfoGenerator.PartyU(new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1), Hex.decode("beef"), Hex.decode("cafe"), random);
-
-        byte[] partA = partyU.getSuppPrivInfoPartA();
-
-        NHOtherInfoGenerator.PartyV partyV = new NHOtherInfoGenerator.PartyV(new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1), Hex.decode("beef"), Hex.decode("cafe"), random);
-
-        byte[] partB = partyV.getSuppPrivInfoPartB(partA);
-
-        DEROtherInfo otherInfoU = partyU.generate(partB);
-
-        DEROtherInfo otherInfoV = partyV.generate();
-
-        areEqual(otherInfoU.getEncoded(), otherInfoV.getEncoded());
-
-        try
-        {
-            partyV.generate();
-            fail("no exception");
-        }
-        catch (IllegalStateException e)
-        {
-            isEquals("builder already used", e.getMessage());
-        }
-
-        try
-        {
-            partyU.generate(partB);
-            fail("no exception");
-        }
-        catch (IllegalStateException e)
-        {
-            isEquals("builder already used", e.getMessage());
-        }
-    }
-
-    private void testInterop()
-    {
-        /*
-         * Test interoperability with the C reference implementation as of:
-         *
-         *     https://github.com/tpoeppelmann/newhope/commit/bc06c1ac04101449797ae8d1029e73cdcd82f79f
-         *
-         * (version corresponding to the newhope-20160328.pdf paper).
-         * 
-         * Note that 'SENDB' and 'KEYB' were both generated by the C implementation upon receipt of a
-         * 'SENDA' (not kept) generated together with 'SECRETA'.
-         */
-
-        // NOTE: This passes as of writing, but requires public access to NewHope (currently package scope)
-        /*
-        short[] secretA = new short[SECRETA.length / 2];
-        for (int i = 0; i < secretA.length; ++i)
-        {
-            secretA[i] = Pack.bigEndianToShort(SECRETA, 2 * i);
-        }
-
-        byte[] keyA = new byte[NewHope.AGREEMENT_SIZE];
-        NewHope.sharedA(keyA, secretA, SENDB);
-
-        isTrue("value mismatch", Arrays.areEqual(keyA, KEYB));
-        */
-    }
-
-    public String getName()
-    {
-        return "NewHope";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-        testKeyExchange();
-        testInterop();
-        testPrivInfoGeneration();
-        testReuse();
-    }
-
-    public static void main(
-            String[]    args)
-    {
-        runTest(new NewHopeTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/NullPRNG.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/NullPRNG.java
deleted file mode 100644
index 627ae73..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/NullPRNG.java
+++ /dev/null

@@ -1,27 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import java.security.SecureRandom;
-
-/**
- * Implementation of null PRNG returning zeroes only. For testing purposes
- * only(!).
- */
-public final class NullPRNG
-    extends SecureRandom
-{
-
-    private static final long serialVersionUID = 1L;
-
-    public NullPRNG()
-    {
-        super();
-    }
-    
-    public void nextBytes(byte[] bytes)
-    {
-        for (int i = 0; i < bytes.length; i++)
-        {
-            bytes[i] = 0x00;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/QTESLASecureRandomFactory.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/QTESLASecureRandomFactory.java
deleted file mode 100644
index 1532d91..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/QTESLASecureRandomFactory.java
+++ /dev/null

@@ -1,181 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import javax.crypto.Cipher;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.util.test.FixedSecureRandom;
-
-/**
- * Factory for producing FixedSecureRandom objects for use with testsing
- */
-class QTESLASecureRandomFactory
-{
-    private byte[] seed;
-    private byte[] personalization;
-    private byte[] key;
-    private byte[] v;
-    int reseed_counuter = 1;
-
-
-    /**
-     * Return a seeded FixedSecureRandom representing the result of processing a
-     * qTESLA test seed with the qTESLA RandomNumberGenerator.
-     *
-     * @param seed original qTESLA seed
-     * @param strength bit-strength of the RNG required.
-     * @return a FixedSecureRandom containing the correct amount of seed material for use with Java.
-     */
-    public static FixedSecureRandom getFixed(byte[] seed, int strength)
-    {
-        return getFixed(seed,null, strength, strength / 8, strength / 8);
-    }
-
-    public static FixedSecureRandom getFixed(byte[] seed, byte[] personalization, int strength, int discard, int size)
-    {
-        QTESLASecureRandomFactory teslaRNG = new QTESLASecureRandomFactory(seed, personalization);
-        teslaRNG.init(strength);
-        byte[] burn = new byte[discard];
-        teslaRNG.nextBytes(burn);
-        if (discard != size)
-        {
-            burn = new byte[size];
-        }
-        teslaRNG.nextBytes(burn);
-        return new FixedSecureRandom(burn);
-    }
-
-
-    private QTESLASecureRandomFactory(byte[] seed, byte[] personalization)
-    {
-        this.seed = seed;
-        this.personalization = personalization;
-    }
-
-
-    private void init(int strength)
-    {
-        randombytes_init(seed, personalization, strength);
-        reseed_counuter = 1;
-    }
-
-    private void nextBytes(byte[] x)
-    {
-        byte[] block = new byte[16];
-        int i = 0;
-
-        int xlen = x.length;
-
-        while (xlen > 0)
-        {
-            for (int j = 15; j >= 0; j--)
-            {
-                if ((v[j] & 0xFF) == 0xff)
-                {
-                    v[j] = 0x00;
-                }
-                else
-                {
-                    v[j]++;
-                    break;
-                }
-            }
-
-            AES256_ECB(key, v, block, 0);
-
-            if (xlen > 15)
-            {
-                System.arraycopy(block, 0, x, i, block.length);
-                i += 16;
-                xlen -= 16;
-            }
-            else
-            {
-                System.arraycopy(block, 0, x, i, xlen);
-                xlen = 0;
-            }
-        }
-
-        AES256_CTR_DRBG_Update(null, key, v);
-        reseed_counuter++;
-    }
-
-
-    private void AES256_ECB(byte[] key, byte[] ctr, byte[] buffer, int startPosition)
-    {
-        try
-        {
-            Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding");
-
-            cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(key, "AES"));
-
-            cipher.doFinal(ctr, 0, ctr.length, buffer, startPosition);
-        }
-        catch (Throwable ex)
-        {
-            ex.printStackTrace();
-        }
-    }
-
-
-    private void AES256_CTR_DRBG_Update(byte[] entropy_input, byte[] key, byte[] v)
-    {
-
-        byte[] tmp = new byte[48];
-
-        for (int i = 0; i < 3; i++)
-        {
-            //increment V
-            for (int j = 15; j >= 0; j--)
-            {
-                if ((v[j] & 0xFF) == 0xff)
-                {
-                    v[j] = 0x00;
-                }
-                else
-                {
-                    v[j]++;
-                    break;
-                }
-            }
-
-            AES256_ECB(key, v, tmp, 16 * i);
-        }
-
-        if (entropy_input != null)
-        {
-            for (int i = 0; i < 48; i++)
-            {
-                tmp[i] ^= entropy_input[i];
-            }
-        }
-
-        System.arraycopy(tmp, 0, key, 0, key.length);
-        System.arraycopy(tmp, 32, v, 0, v.length);
-
-
-    }
-
-
-    private void randombytes_init(byte[] entropyInput, byte[] personalization, int strength)
-    {
-        byte[] seedMaterial = new byte[48];
-
-        System.arraycopy(entropyInput, 0, seedMaterial, 0, seedMaterial.length);
-        if (personalization != null)
-        {
-            for (int i = 0; i < 48; i++)
-            {
-                seedMaterial[i] ^= personalization[i];
-            }
-        }
-
-        key = new byte[32];
-        v = new byte[16];
-
-
-        AES256_CTR_DRBG_Update(seedMaterial, key, v);
-
-        reseed_counuter = 1;
-
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/QTESLATest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/QTESLATest.java
deleted file mode 100644
index d35d56e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/QTESLATest.java
+++ /dev/null

@@ -1,207 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import java.security.SecureRandom;
-
-import junit.framework.TestCase;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.pqc.crypto.qtesla.QTESLAKeyGenerationParameters;
-import org.bouncycastle.pqc.crypto.qtesla.QTESLAKeyPairGenerator;
-import org.bouncycastle.pqc.crypto.qtesla.QTESLAPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.qtesla.QTESLAPublicKeyParameters;
-import org.bouncycastle.pqc.crypto.qtesla.QTESLASecurityCategory;
-import org.bouncycastle.pqc.crypto.qtesla.QTESLASigner;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-
-public class QTESLATest
-    extends TestCase
-{
-    static SecureRandom secureRandom = new SecureRandom();
-
-    private void doTestSig(AsymmetricCipherKeyPair kp)
-    {
-        byte[] seed = Hex.decode("061550234D158C5EC95595FE04EF7A25767F2E24CC2BC479D09D86DC9ABCFDE7056A8C266F9EF97ED08541DBD2E1FFA1");
-        byte[] msg = Hex.decode("D81C4D8D734FCBFBEADE3D3F8A039FAA2A2C9957E835AD55B22E75BF57BB556AC8");
-
-        QTESLAPublicKeyParameters qPub = (QTESLAPublicKeyParameters)kp.getPublic();
-        QTESLAPrivateKeyParameters qPriv = (QTESLAPrivateKeyParameters)kp.getPrivate();
-
-        QTESLASigner signer = new QTESLASigner();
-
-        signer.init(true, new ParametersWithRandom(qPriv, QTESLASecureRandomFactory.getFixed(seed, 256)));
-
-        byte[] sig = signer.generateSignature(msg);
-
-        signer.init(false, qPub);
-
-        assertTrue(signer.verifySignature(msg, sig));
-    }
-
-    public void testGenerateKeyPairSigningVerifyingI()
-    {
-        QTESLAKeyPairGenerator kpGen = new QTESLAKeyPairGenerator();
-
-        kpGen.init(new QTESLAKeyGenerationParameters(QTESLASecurityCategory.HEURISTIC_I, secureRandom));
-
-        AsymmetricCipherKeyPair kp = kpGen.generateKeyPair();
-
-        doTestSig(kp);
-    }
-
-    public void testGenerateKeyPairSigningVerifyingIIISize()
-    {
-        QTESLAKeyPairGenerator kpGen = new QTESLAKeyPairGenerator();
-
-        kpGen.init(new QTESLAKeyGenerationParameters(QTESLASecurityCategory.HEURISTIC_III_SIZE, secureRandom));
-
-        AsymmetricCipherKeyPair kp = kpGen.generateKeyPair();
-
-        doTestSig(kp);
-    }
-
-    public void testGenerateKeyPairSigningVerifyingIIISpeed()
-    {
-        QTESLAKeyPairGenerator kpGen = new QTESLAKeyPairGenerator();
-
-        kpGen.init(new QTESLAKeyGenerationParameters(QTESLASecurityCategory.HEURISTIC_III_SPEED, secureRandom));
-
-        AsymmetricCipherKeyPair kp = kpGen.generateKeyPair();
-
-        doTestSig(kp);
-    }
-
-    public void testGenerateKeyPairSigningVerifyingPI()
-    {
-        QTESLAKeyPairGenerator kpGen = new QTESLAKeyPairGenerator();
-
-        kpGen.init(new QTESLAKeyGenerationParameters(QTESLASecurityCategory.PROVABLY_SECURE_I, secureRandom));
-
-        AsymmetricCipherKeyPair kp = kpGen.generateKeyPair();
-
-        doTestSig(kp);
-    }
-
-    public void testGenerateKeyPairSigningVerifyingPIII()
-    {
-        QTESLAKeyPairGenerator kpGen = new QTESLAKeyPairGenerator();
-
-        kpGen.init(new QTESLAKeyGenerationParameters(QTESLASecurityCategory.PROVABLY_SECURE_III, secureRandom));
-
-        AsymmetricCipherKeyPair kp = kpGen.generateKeyPair();
-        
-        doTestSig(kp);
-    }
-
-    private void doTestKAT(int securityCategory, byte[] pubKey, byte[] privKey, byte[] seed, byte[] msg, byte[] expected)
-    {
-        QTESLAPublicKeyParameters qPub = new QTESLAPublicKeyParameters(securityCategory, pubKey);
-        QTESLAPrivateKeyParameters qPriv = new QTESLAPrivateKeyParameters(securityCategory, privKey);
-
-        QTESLASigner signer = new QTESLASigner();
-
-        signer.init(true, new ParametersWithRandom(qPriv, QTESLASecureRandomFactory.getFixed(seed,256)));
-
-        byte[] sig = signer.generateSignature(msg);
-
-        assertTrue(Arrays.areEqual(expected, org.bouncycastle.util.Arrays.concatenate(sig, msg)));
-
-        signer.init(false, qPub);
-
-        assertTrue(signer.verifySignature(msg, sig));
-    }
-
-    /**
-     * # qTesla-I
-     */
-    public void testCatIVector0()
-    {
-        byte[] seed = Hex.decode("061550234D158C5EC95595FE04EF7A25767F2E24CC2BC479D09D86DC9ABCFDE7056A8C266F9EF97ED08541DBD2E1FFA1");
-
-        byte[] publicKey = Hex.decode("D2F21F7B398701A369A10AB5CA5752324D01D2E4E85D7ADE9C21F2F41CAFDF25B15F173504C315EA250E1EFC243557E90C23509E7D2AE486518448EF18BA837DDE8DD6A30271E793D50DC7999485AE30A649636257E71DE6D65C9803A8FBB384181C6C28604C2B201C938A5198C01704B0F56ACEFD0CF58BC98F81E20CD233C6B5523C8A00F5DB1C934D2B4FB3609C0CB37543A42C4145CAA283C269B49C8EF323CE941F5FCEDB172CA9B5DD116DD6B2B6284DE55C2CC033426C84BD91D74837C6140E12D0C6B05765FD269BD23200FBE110D61856F8C5CE55FDF7269D6BE7D9FC213C885D74F2311A46BD5E32C06308C7C2E7F26BDDBDD10DD1F6DA004B8D28990D9A62276C4FFA90BF6D734DEAF116000CE004EAA0BB25640F9342E9C2FD40774DE360FA1560D478985BE9639F1E5BDD5B3000B364E12AEF3AAFECA99E4DD24530BB223663F095E3254E42A9E0D88639A946388331A4123CCB71A4D8925DF3EF6B6EADD257788B92E8C5E6596AEB77E0FBB86BCD03D0EE68D9B5C08E0E4B67273CCAA8544871276C9375AA0D0CE5681EBA576EF02A617879E2C27E137C8EC106B544D727CEC5B93F67CD4CB2016640B8FCE631243EB08FAD4F1237F3039376061B1AC3FE724C939CD00000EFC693C6D94828428E4CF1103B6BA8139724322ACC8832119F16528056E7D8CCCCFFE683E91AD84BBDC4D492E0215C45B5B75D1C01114DF952C731DB41D3673D80C21E901D06E898E4E6CC2CF3686ADB6760DBD0076ACD31F610C16B291EA1FB595B912ECC5F3E57CDE588CC14046D1D5AF625B0D52D61075082EF052F5F00B66C429E2B2977665E8719F4E4BE4D0EDFF5E6A793DEE09AC0589A6FECF7732684226E03A9520A472DE129A7EE74956FBA661610804F22C235BF5EA9B83D05C634215473309AC5E0BBCC30929AF45F6669340216DD0DCA2E04FA1697546EC1C93BE569068ADC39790435DB82DB3F3C21F16015CF17D1BAB83DACE254A37BC6E4871ED6031B9BA44EF7A71C1E5A709255A9CD226C0DE6733F1615403820C4B3DB50AAB082C04D0D922550DF4A940C9F20710D7B8208E0E97648F02B330EF436F436E011338523718D9DCFA2C6459DB1920A38E978D57D67D8D163313093C58E5A55F96D0DD7A170F3F255CEC4CCAAFA5044D1B21B2B5D44EA76CFC8F5B1A03A99D5DFD04A0ACE897CF480A008819FDBB7216313829CD14A9A1C9596F95ABB48D6F88AFB2B852F2E2CE687B0623D52A81001589EC05D7F6E582B79F2D036030BC6D1573618A83860A8A77C144D7B2DB988F84B16AF61E0931C27478C99B9A1C15801D0A01464DA0611318334238B2745653F14690E37699BAF5A7576FE451F5EAD46DEF2694711E018E37B24EDA8EBB9364553C5EB976DF38D9E4D21C2D174153ACBB0E2644C9C1EC56C3DB51514AED57AE8653C8361262CC21EFD6CF410160F8070753C59439465E62EAF8A34C17E8853C9817F327E273C2D2911C77C1BF9090D30C4243A39F9865545A83D089C5CB23880450E18A4B0036531164B004072E2EDCDF1A015323256BADBE8C1548F2A4CC00241B18825187015D322CE160BA48C4FAF070969A6F6CA9495E6A1959F0923394E7E5E4820B7C6358C61F4471128C67ACA4900728452BD64F6598DB9A421C8D4D33CA8C077C468DDF8FE8F387E950ED979EC2A1AF8FC473529EA069C21A9F26AA5811D343B0E3373183DB3CA9F10E63BA3FC7F81F4999BD0FBD0CA5D6C5546E9B7ABE2AC4D7A5C0FDC8C33A257A8F09281DE4C38D1273B5B37C88F8611CACD58C4E7F9BB916169104CCFA6FB7087FDA4150D5B84F4837C0DB5C6DB321FC7DC79FD90F707456330B37E0109F0ADE25433D3637112E2D96901E22C734407BD988AD203CA805AE8F757EEA09F327DD49710B471CFC197724948A011E597F3A4564CE00FF701B9B240347F227F2BE01582E07680AC993699D2E1536A155B96AE4E461E3D019F0350CBC52EC12186069382FDBD19CE7D70734FD72F8E61361D6BF9EEDEFEA6D44B6B50E1612ADA4E42033329B098318DD9CF695A2921A332204044994F244C0944993B08009265B8004398CF119F95FCC217D38228F1D1F14BCFC5B7160986C339");
-        byte[] secretKey = Hex.decode("2074F000FEEE3B804206EEEB4FFE07FBEF2FC006FB839F4101076400BFFA09AC6F00FE2228C080FE0944CF7FFEE16BD0FEF80D20A0BFF912102080FBEDF7BF0000FE5F9FBD05CCBF2F3FFFDEAB3F00001F48E000032A648F8104F5EBBFBFFFF92FB0400DF78380C1FAF53FD07FFEDC27C03D00D3FB5F8002F153C080030FD88FFEFA139C5F410CFF5FF000081F38D07D01E137A08002120050FF08D4EF1F42010BBC6FFFFE0EE4AF4103D23F0042FE061C60C2F8F5BF8FFDF9111C604200270010BDF8025CB04107F387C07F06EC0770C201FC53003FF60B5070C1011BE0BF800518485000F9F8FF9F81061E6410BCFCE42F60BFFAF4DF5F80FA020450C0EEB0DBFFBDF9DFDBFF8100F42F00FF091068A04101F2DFCF41F90B28B07FF10FCC2F80FFE73BD03FF9F4F35F3F07FF6BC0C2031AECCF7D04F467E03FF2EDDBDFFF0C02804F3F0608D02F3F060C28407DFD2F54AFFFF905D02FBEFCFB8340FE040C885F8103EA1FA001F8F2F36FBCFF1FDC2F42012D1020C0FEF8DBAFC1061E2CB00103F7CF20BE032E5810420417AC1FBEF3F537F0FC05F807603E02FDFFBF7DF2EA13A07FFDF84F40FE070908A0C1FBE523A0810A04703080FEFEDFFF3D01FB4730020A033440BE0AF86F8F42F6E99BA0C1FFF5BF1001F9F15FC0FEFE06E4AF81FDFA4F90FEFC27B02FBFF702DCEF00F7FB83807F04F0CB3F80FDE09F8F3F01E553A0C006016CA0FFF438983F3E05F5D7DF3FF71A10F03E030BBC8F7FFB19C84F81FCFF03D0BEF9EEDBF0BE02E9C71F3E05201830FF03EC17C0800028741F0000D97B60C004F34F60FE0206788042FD04CCDF00081A8CAF800401708F7F10EE0B70C1F411D0AF00011CDCEF3EFA1654C081FCDC7F907FFB0104508208FDAFBFC0F815B0307FFED417B0C0FFF0471081FFD8ABFF8205134C90FD03EC4FA07FFF1434F08003FE9B507F01DD932F3FF6DC833F81FAF6EBCFC1FC0274F07C0201F4DF3EFB203850FEFF0BE4EF4008F71B20FF04E3FBDF7E030A608FC0FF1904E0BFF5FC0B50BFFF18AC3F3FFA08C8BFFF04EED31F41FD0B78CFBE030B38507F0302DC4FBE00E85B300000ECD78F410105C02FFFFAF393CF8102EF278040F20A288080FF0FD03F7FFCFCF78F8009104070FEFDDF2F80FFFD1DE4CFC0FEEE57D03EFA06E48F400103E89F010228DCFF7F07FC9F3F41FEF4235040F309A4E03F041D980FC1FFF85BD07E00C88BDF0008F5EB7FFEF7DFDB9FBFF7F43B307EF60B688042052B982F83040AE89FBEF2E51BF0C00621CC0FC40817BCF0FD00F3D3EF00FBE75B2001F8170C3041FBFEBFBFFEFDE487C0FEFD318C3FC0FEEE6B8F80FAF4834000F8FDF37FC0051A0C00C200FCB78F0000F2DB1F42F812649F3FF9266CD0C1FC0B8CB0C2F8E5B7CFC0F6062440FE0304F8EF4009145CE03FF5F73350BFF80C9480BEFAEAFB2F02FEF9CF6040FC0E6C403F09016040BE0109A0403F01FFDFCFFE072C48CF00F8FFBFCFBFF80AA04F0103E6A3FF40F706ACEFC0032AE09FBF0C0948CF3E012914303EFD1518904106C917907EF9F56BC000FF1650D0C0FF008CE07F050F28913D0126B44F4205FAC3AFC0F40134D07D0CE93BB03E04EC735FC202035C1F40FE0810A08103E8DF0FBDFD22D8AFFE080A5050C10007186000FE06DC5FBDFA0DC8EF020300EC6F3F071248B080FEF9D71F800B0D3C208008F9975F41F902BCAF01FDF06F9000FC17A0B0C1FA17A42F41F8FABBB03D090108707FFCF5BF2FC107ECB390FE05E25FD03DFF11706040FDEFE34F80F62F30E0FF060E3060FFFC993B08009265B8004398CF119F95FCC217D38228F1D1F14BCFC5B7160986C339F23EB15423271EF1CF476289657DBBB1460665D3944B78BEE92D15AA609768F9");
-        byte[] msg = Hex.decode("D81C4D8D734FCBFBEADE3D3F8A039FAA2A2C9957E835AD55B22E75BF57BB556AC8");
-        byte[] sm = Hex.decode("AF8718AB747CEFA75F4A5F26B5392113BDE8CAF1DDDF1D45B473CB64DFFC255B2E211588DAB5D5D2C5407EBBB684E7D8F0C6AB8EB3AB874CEEB87C9CE32568D0ADA6A3B9716EF9AB92BB9F02424D91DD5C3768E4598D2DA954D0664EA3D61070FA4304983B44D6098FB74B55FE40F156F07D0E39F11DBDE5E0549854ACBD65B2F6EFDBF3CEFB27DB44FA18EAF9BDA9F4409FE020B8FB0C7E9A1C17F5A1D59D6996FC1EC43AE246AAE1A8FC777EF5912EEC95A6F9A2B32A91C2EEBD733E0EAA43C3A33E989D1DEF0B1F412C6299628DF5AEEB599391C411942873FDCE0FA701C58FD2FB383A7FEF455AE12F415496BB0F6E75441BB0F670910F207CFC372B823A099EA84105E1B316CA33587FE990017BA0C52C1EA85C9E0F030B63168B093EE83D81C47EE70D5EEE3F5603E00C3FD306DF8D58C594B4E2047397FAE4BB83FCAC0D3A8BF7896770017860E9612BC4FE5E416AD961C277836C89E29B22C9C6A1F2F8A55FD84D57F4C3550EC14E9B30BFD18A3E479217DB48B65B9E3ACF731C08F8655D2D2F689EB6547C5241887CF017FF9F0EFC49D3448D623353C6846F2C547090873903DC281D2D327C1DD8B49BF87CDF28DDAB0BE1D48B8874D8693DACFEE07E51D5137B57F58D1EDFA374C5FC2A9C42FCA63393C8F24160BF54110D8721BADFA288F304E345FBDF179AC43FE45DFE55D98683A8B7E0A7B48BA4193B01294D6666688EA4099E842F78402874FB1CE5A52FB14B6C6BA3343941E0012556C1BC8184DB46B1E49161E5504815ADB45987E7EABC1C5657D5D8F23847B728F5AD51290995BB742EFB99528147D423FB56EE1118E4C170523E4CE2734219902FB54457BDC111F54497002C0D06D4EB11FED96683DD3F5E1A938F4D141DB638BEC5C8A5BBD5E7F4BDCFB8D03C4D003BC0DEA33119015FC6D2468C0A5635049A04055B542463B4AC17FF4AEB339E674A1E5EEE7C0FACB7E6CE7D2B990C4E5EAA29030F5CB76BD83CB59D215875439F68BD8731A4D5F54B1D27B905AC42D381AC8A1C6BF1F785CCAC2CCA0D08411A2845A920DBC51C82105205F1772DBB0914030BF06115CAC3596E0BE6F97ABBEEB6FC10A84819C84507348F2C887366A82B6FA5DB6B34111066DA4A41A709AA7EE8622A3B3AD5C854381440D08C49BBAA025E7F1D459A2606368285B12E50330DA0FDFB9B50D34CC3664B9F13A4B9E0E65F7F5390A4D8D25353CA2DDC5BFF4A1238321AFE33BBA3318D5984AE57799ACBAB7B5A0C52120CA6014B89B3BEE993183703BC717871A1D080E57ED5E4FB5C64AA4620B5F78DD4144C1005ED3D4D2F1E94FF01DBDF0107B52D5FD3B212A72AAE32BD32846E0B31AEB2064A30361E8F58A82937AAE4C3E74A61C9953406B946809B11379411C910A9E9B7E2384D0E9C09A78763CB2DFF356941B2D863C35FCF0D5735B478D62D1D90DC21E833C871A77E533EACDB08081105BA3B65E8953EFECB9C2096DEEEEDACAD630133A6D35AAADF07019EEBE7D1C9EA1CD25F55454D861C1A4A17BDE58FAEE5696FA4DD496A4C0AE443524BB33B98D8F254ACB9CCB852CA4561BB4E3830A24E5EDB9233A20B37F42B323DFA6DC1A891F0C306A121EA94AD8071D107C4B4CDB294FD524014339CBB821F60CE298EABABFD3D64F6F5237DBC14BA7867740F047325691DEC988E401E8CF1427CD040AFA8A33B8BFFC2AC080ECFD7BD4F22646CC7013210B80A99B1F7D6031FE4F50768531C604E7AE9349E87A0006566B61EFE18DF34C385B1B5E8D35946D8E53A75A7412DEC7E8A28A06E8DA2BA3B860AF01455359C01EEDBFB96D6881E5EEAEA7E1B2663A18410218B1588DE897E8E01DFCD72D08757FE1CAEAEDF71F7303CB91E91EE7ED7C7BC3BA6F72A3C8382FC3ED355C6F56CDC8630B2C3A06EA9DF197823448E70C01F349FB0E6D69958AF7347D81C4D8D734FCBFBEADE3D3F8A039FAA2A2C9957E835AD55B22E75BF57BB556AC8");
-
-        doTestKAT(QTESLASecurityCategory.HEURISTIC_I, publicKey, secretKey, seed, msg, sm);
-    }
-
-    /**
-     * # qTesla-I
-     */
-    public void testCatIVector1()
-    {
-        byte[] seed = Hex.decode("64335BF29E5DE62842C941766BA129B0643B5E7121CA26CFC190EC7DC3543830557FDD5C03CF123A456D48EFEA43C868");
-
-        byte[] publicKey = Hex.decode("6B8495B1C393966CE20EE722515892480FDDA8F7848245573308D4F1C3C93C4F31B262002E32BCBFBCE58F58C95322F9158CB10F30ED2DE4E1F202DDE2C4F68143F354A52F2C27B12B8E434E14EABC9C61B421708B809CDB3908B75106A11B09AC4EFC19662DDC818D4D2A50827D6197B8405C3C9D1AED8A513D3BED08CC60BD04B028D50CD55D9ECD3640EF81047F505B3705AFBDE294DF42EE9E488D647E9C7D532724ECF6501B18680F4376EEE1E0ED1CB4DAF5861F19AFFCA2092C8A6845224008B437F352695B7827E55C7F0BE5A49B464B4654280FE67A137F69924F8529FD947C5B1E9953BC86808243FECE6E03682FE46396D5B174148059703694A74D9DD399B64714EFD666874AE771E1C8A7C2E73D03EBB82731DE05324BFDC8356D5809A40835393B78CF577778B6DA061B2E640A083E5748A6D88CA3A1B106BE566B86C3293886CAF38BA93E16267BE96A0E91E08FD8683406779C1528298FC98101B1ABE625200B1296C50170388B5A5432A020E2D6DD7B40524B52FB960B8FF3FDDE3526842D355AB860B78F9A4AAE588F548F7EA05F94ED711646D82D4BBF8A22244FD9C466DD71E4C314B98235D819321052039F5996C216DA9A1B0BC897A1DA04F2DB48944CAA0C0F5BDCDC10498FD1E3B6A76EC8158ADB9280F7C0F43E1E835C178B114C939F94DE20974301D9AFB3D5D4CD9D3C24152F891E8019BBDF5B74E7212B85E5C6C90614219F54E674334D1D3A57EE5889F2E6C334D2475FF899FC50DA49C0B106F05810868F850A95411E6B616F56397221E45A363A2A4066AFB5A56CCFCFC3419F99B5CF87C977B6AD926504062CCEAF1EFB578EE1A2EC6CD6D1244EB20604E94D37C283238105B0F4834FB2946B8523F308D0020B1C8557403EF85235CF9F547842D6D94A8DD380BB06732EFF51FD315CF111BE138A7D118643B5A8921FE03EF309169539D7779CBA09C6079BCBBDCF84C383939E55C9F042FE5130E4E31EA33E2412A9F3B308F781E8353F7261DE83B20A5DD66210F05B71B49BFB499D60D8C67E2CC72B67D25E6B550BAF745F0E11F29A185406752B0109EEE7CB503B6F785DBEBA42270E9AAE1991FA41B5758A9D0CD74C6823EF23D4D62ECE67370E0732C43A1D54DC61F54CF507C251758E6C78D6DAA5120E202CAFEBD58A25A933B4B48E1A78ECF36104467A7167231918E93AC356C4AE2FCDF284A3B0E9F19038F8985204BC35839804484D3D4194E1E72A7B22FBBFE03F00072A3C05689FBC6E11C71DE2748826A40261A6357904B76ABA722AB91DE9B3C9FC66034B2C06AE45625E8071552A80A807F20A3ABD1D094512C64B57212941D3190638CE3FE69E5CC8759FEBEDDFA46FCE02B822DD32F1751BC41F4EDCDA63BE023154FE075275A28548450494D9743AC52DAB26971C78371AAA3D87B8F000E95FD79EA6F17B5F614FD0626C236F87072C56D8F7F7EEC167323F79A26E32048BF7C43C00904697F1E4C93D018D7F0845EACC01D3989D3502E2891B776B11CB349AF9C462E83AB1039B30688E153D7C1AA62C46B8889E404936912BCCA2517C059B89EFFC1FE1488C2EE3473C27805715ADE619BD3645D540C84D187441A46C0D904C3C9E2A92A92FCDD6D86380395A934DB93979AEA13C428EAFD9259CB3E2478DB643D0D6913AC275ACD2387808669D2FC40FC6011A87AA1F03639D02692BB18322D6417808A902A403068A7A45DC62A5ADBEC18458AD4F91BEBF7FF60494AA7C0A02AA6E067A86430CAAA3536056EE44944CBA38B7AE9016D66621703A77BCD36BD104BC2A040A12577DBA2FBF4B89AE4F49D202C27681B05BAA8C4026E0A60D44140A2213CAF78BEE9047A10569ABE5C568FBEBEA276DFDCF905F8398432129A82AF45CBD10BE668D0C60F4B64327388B830B1EDFE4ADB67EC5472541AD29C16B732A5F2F6B8EB1DA671B6F1ACC4AB510694F2AAE8055127734591BCEDC1077B757C036ECA8E4A114A649EA4730EAC4309B07DF98A5D8EA838C84675A7D10EC93E1D36704B23BD04E27F635AC6DA31959BEA5A10CA37B7193664419926D965E7F1916EC44B52B4BA993C5FBE705800B2C070B09CF36E0908FB89F71E2F7AD9448");
-        byte[] secretKey = Hex.decode("E2FB4F00FFFF37F07F1016B87FFE00DAD38F3D08E9BFBF7F040634B0C2FF340490FF0205F87F8106F3075080FE0F105080FEE9679F0006FA4720C110F4EBFF7FFD13840080FFE60B80BC04003C307F00F827807F05EFD77F800217CC5FFDFF0AC0B0BE0500701F80F4D48B9FFEFF184C70FF00E9DF7F4110180810FEFFE1F31F3E03F79B3F3E00FAEBBF7E0508D0AF80F52BF0807EFFEC3F203EF61CC0F07E04EEE30FC1FF02E42FBF00E65300000A2674E03FFD1460607F0714F08F3E050E9CF07E03FB7B7F7EFBF4B76F3FFCFF6B303DFB0D981F0202E56F60C000E37BB08106FFFB1F80020808F0BFF6CD43D081032354A040F8CE63C081FC070820800401E8CF7DFA106480C000F5DB507DFD0C7400400515D81FC1F8E32B10BE02F06B9F3FFDE947908002F41F50FF07E44FD0FDFDDE2F91C2F9DB23F0BCFD020850BF05E4DFFFFE00F5B76F020DED573043FAEFC72F80FF0B4000BE04C8A77082FC22A45040F9E7570040FBF713D04000160050C0040E884F81FEDF9F0081FB12D02FFF0211980FBFFD1768F080F8E313803EFEEA6B2002FEF9B3BFBFF10B7820C001EA0FE00001F5D37FC1FA04A0EFFEFC3CE4EF7E02D9234080FC198070C100E417504203057860BF07F68360FFFFF82380C1FD1C90B0BF051328203F02F9F70F8107EC435080F9FDAB2F40FEF21B20C10302F02F4104F27BDFC0010258F0BFFB01986F7E02E7AFEF7F0418C4CF3FF4EE0F10C007CED36F4209FE5B10C0FB02F47FBEFEF867E07F00F9BB1F41F40540407D01ED6F0F41FEE48B8F01FFE43BC0820CEFA38040FB01AC2F40020F54E080F412D4CFBF0118A44F0305EE67A03F010B04A03F0819B80F8004F09350C1FC10544FBF00FA7F800107FC9BCFC00724F82FC10A2F74C0BFFB0AE05F8103C9D78F3F0601F02F7DFEF66F107F00E85F70FFFB1678CFC1FAFC338F7FF701E86FC1FFEA27C081FAE81FD03FFCEF87C07E080BE4AF81FDEE63208002F41BF00201F83BC0FFFA0BE4CFBE0416E8BF4004109C408008F5A72F7E00DE835FC0FEDE93B03CFFC7E7AF81FFF03B500101EC5FA03F01E0F33F3E0600B44FBF00F01F200001211C40FC010D8C200005F7DB9F7F09FBA3FFC002070C7080F80388AFBFFEF297C0BE0AF92F507EFBE3F79FC0F7071C5040FE00E0DF02FA1FB85FC0FE0F504001FE15846F8003036830C0F7DE6FB0FEF3FFAB4F40060FDC7F010DE80B7081F70D741080F813CCAF7FFEFFCF3F81FCEFEF2FBFFE07E0DF7CFE017C30C1F9DF673FFE02F11F900004203C7000F9E04B40C205F107B0BE0225EC9F41F8F9D77FBFFDFE13D0FEFEF5CFDF4000F433C0FEFDE3CB9FC2FBED4740FFF608E80F01FF022C8040FAEF13A07D02F4DFBF800331548FFEF9FD03903F0312B46FBFFE10C0EF010224F0BF7EF90834D0FFF620705000F4F55F10420021DC6F41000D2C5080FFF11BB07E021CA0CF42FE2FF08F8012FEB3807E07CE571080FFEF9F5F3EFEE30B80C00512CC7F41FAF96BE000FBFB13B07EFF0BA0DF8202E00B9041FDED4F30C001F2CB60BE01EC0B20800102E07FC2FE1710D0BF0B231C903F03FF1FE03F0533F0DFBFF807EC2F000917445040001A58EF0001FFF36F40FFE627B0BC030E3C907EF5F2AF4FFF08F2D72F40020E683F7DFD049C5F80FC13F42F7C0006949080013118207DF6FCE36FC0FD0D348FC002E4B7F040F9076490BFF7E56FB0BE0903B04FC1FEF623208408F06F303FFC128C4F7E01F967603E14F447908009D7E70F830BF1F30F7F07F9B31F42FDF57FF04004E3D3BF81FB1916EC44B52B4BA993C5FBE705800B2C070B09CF36E0908FB89F71E2F7AD944898B305452F9EFEA0237F6BACBE4022FC80E5DE2D66D398814A7C835419435744");
-        byte[] msg = Hex.decode("225D5CE2CEAC61930A07503FB59F7C2F936A3E075481DA3CA299A80F8C5DF9223A073E7B90E02EBF98CA2227EBA38C1AB2568209E46DBA961869C6F83983B17DCD49");
-        byte[] sm = Hex.decode("553082050F6A8BD54C40E296C67011C2765199D81304F22C3CE306AE9C05235FC8EE08D851E2397C2956795D02F1AF944E54E2D270ED89FD6F89FE9BEC269B5CBE7F0184B244F89455876E181F39E1221F962B34FAE1A8F6E4EEFBE882DCD5BE4941EAC3ADAE263EBFE5AA9E0BCE6D2AEF44A12710B4301F07545EE129974B27536C2DD6C38FE9D5F7B725DA66C8B7A92F439C6721AD2CFC389176BC6A39FF44483C06B9D1A554164F5FCEAB5BF317983E8525ABF7EF291DE0FA281791680F61012A06742836CC6E0CAA87BDEC0C7D451801979D3A993068DE6F601DA81615FA56CB0A4B315CA2CE06F21925D088DE4DF0CAAC3DD33E51FDBE8C0DD187BAA82216009DD2819D524BCFF70012A734FE9D936A413AED15B3D652258CF6C3B0FD5BF4F64B7EC9BDBC9251C01A34AFBA707B35BA4EB6C392DFD6F93EEA454DCD2BDFDD689B5A980C21EEF124843F5571E31A69AE097A25B3CB1F04ABE269E78E098B658201B8BECC456147F759B14C3A3CBC00D1D7E3344F05E433C1C82DBD4001C6AFA8D948E92D1686C64F57436F6DD9ADFA82F35CB3814DDAD7AD0912B62B6B412A40D70F49E05B305BB5DD319C5C89775F27D3DD1884B5936A54738F816AC81FE328AB344FB39CDA6EC0B64D47556733815D2D83818D88D65094933E6E9A9FEB7E433D3EFE0B4C98D7ACCB9EA851AC72134283116513EDE0802BF959ECD5A8AFA9407D8EBBBD8ECB48B24CD034C3FA763E83782D6B0B2115929F94645F9378411251692C8858BE725B9D8AB880054956E71A75D5DD3A88D1476C36064A3C62EFD861C4A25943037ABFCA2DA9363F34371E868ED76D48E068C3A078757FD8E8588B356530F098ED81E3C21652E1071A6DE3F8610B94BEF7EFFA5C5A955EA3987B0EEFD16E6996BBDB563BFAE6C769AAF95E4CC4E42634A0CA641297642C92A57AA8A704E35CD8A759366E1DFD2006C173D31BC853A1089284F043E1648DB047E944EE26AED13A07DFE7C6893998A43CDBF9520A9E077DE27B36F03FFF08FCF4C4F6F4076C54EE6CD7F93C7C1297A4917B3E430981B312C2E1ACD923A419175C735F80F3957418BBACFF5F09425F047564E2F9FE4A9445FDEA63657FD25D2177A9C5A2BA11E54B3D0C06B2323735622AA23A69C14B4AA78BC4310481067E68C0225CBAC0C40A21E8676B5D2E82DE06BB5BC95A3A4269747E9BD3895C0C29A4B25BF85AE0C46959B6AC8BCEBF6CC3039FA0AD7E4698CDCB73C44A10A3469520C5967C2B491777711DFF1F311FF16639A5C35F10FF7DE14EAB5A786E7CCF152BC45600CB3565BF69477EE7BFB508F3259C75EC87B7F57561ECBBC8178497F6B77D5C8D6C2D3DCADBD7B2C21B59333FAAED20C5152E35886B1C672F6AC4BE7FB0DC6D9F4478428141FD35E30691677A1E6B866CB91BB9962D4BD5462275D5932820FD104BF0E1D4E08F0CC2B7B1FF36D2A694B848F1B84475FB647A828CEE4DB1566CA35A908562DCD45AFD107453E4FD18B571B2F64B077DB9AE3BFA15F0C10BAEC410805EDBD34B6638138651F24F91F9D82D8E7CC07F1F5AD93B1017A375A4A9EACC85A96403442BF1D5D9BF18204011E666569B6F280B268BBF339B607D7C33BB59EC7E12E7F20B14BE770547F797E990E70A8F4F1B738B4EFC7CE124B919537CCDEB5F0CA8DC2EA9649640EEEED11489C0A1C110DEB64BDA50C756A3EAF34C4E1059560D3788FDACBC2E352F2B93BAE31DE89C0D19277BB8AAAF0A419C2C4C1B265BBA1B41A9719AE53A7DB5F051E3B08836E5D3087A94315C8B83E21B1217E1276FB90252F56E72CF9C406A9539F782B4BCF95CE4E55340A00899CEDA7A0C020AFBBA1DEF8C394CE2354E86B7752DC57D1CC94ED32A27F12A06AF8C72AD2BB0A4D619C7F1569EA066B8231BA0CDFFA761F54F1A574C99E1B24C53F33F3D1F34225D5CE2CEAC61930A07503FB59F7C2F936A3E075481DA3CA299A80F8C5DF9223A073E7B90E02EBF98CA2227EBA38C1AB2568209E46DBA961869C6F83983B17DCD49");
-
-        doTestKAT(QTESLASecurityCategory.HEURISTIC_I, publicKey, secretKey, seed, msg, sm);
-    }
-
-    /**
-     * # qTesla-III-size
-     */
-    public void testCatIIISizeVector0()
-    {
-        byte[] seed = Hex.decode("061550234D158C5EC95595FE04EF7A25767F2E24CC2BC479D09D86DC9ABCFDE7056A8C266F9EF97ED08541DBD2E1FFA1");
-        int mlen = 33;
-        byte[] msg = Hex.decode("D81C4D8D734FCBFBEADE3D3F8A039FAA2A2C9957E835AD55B22E75BF57BB556AC8");
-        byte[] pk = Hex.decode("2773A7AD9D114C05E70C654102216989125420019CD31541E8A191B142C2732FB3CEC5C9C070A830C50A960E4B07C8108AAD0C044AEA0CCCA544422AD17966A52704BEFF1F2BC92423D79C128B891392824FD4EACDBD5DEF0CC2733BDF9D0D0835CF08640BB61DF4006340013144DC913AA00D411FBBEC59D5A3D20E1A3656319718F82F683978FE820C2AE48349FF42B63F44E71DA1678C2ADDD8447E9B30AA7D083A9FAB6CDE4B44AA9668F1CC4F58432D55340041792C06F3ACE7515DC1BDAE4DAE329B49FB3C4F086A0CAA846AF3C52721C1DDBD2A88093563A6F9FA11695CAC38C838024008B10AE0C76DE6272E0198209E133FAE50410192782130B838E56EC611E707140595C9B9620FB0E547C10A757EDE0FA29606028E8200740307E9ED8870D9199E0976E30F7C4233646209684B2AAC28E4B343C28008B4A4FFB8E02AF2D01E61E20F9C5E02886DA498AAFAB60A702AA4C2E050A4691FA6DF8ECE316AB75A61B55E5381606877488C630D33CE27382BC5EE368C5579F2620673E79789B1C79C405B97A426E09E49090BCEA3FE40E01513EEDD9081129C0A0A3B5884FCE5CB3FE7E6B37BD08FF1324ED390E507CCB3271150B1D02F9F15ADC205ED0068E141D50DC078D37E4E7E283510115811AE1205CDD1A109BB114771C0D4FA9E8129556F1F505CDE6E0507B73BB32B0AB3EB84AD99586E3E3326A0B1BAD6C7A8E0053D18368AA8BAAD7D702618EAF33A3B5F17E5EA410803E552E4262256682CD27005C054103B41EC37EEE354CAF7AE0F19A75EA470616F94174C72F95ABB4B9523CC4F291FC787A990E8EF43D2B8C1A76AAEC10C095F1BB0111E1A4046F6D131E307B960523D1884ACF914CBE40FD3130272510A13133123AB70356430620A3EBB2728172BC56C0F55064C7031D6A461693C80495930C25A04F61E223DFECF29526CF8BF261FCD8AF44CD13AF9E8AB227A579F35B0955AD56EAF7C012265B0A839D951B93C0E6A2108942B82C2658FCF12E165ECB57B74DABC2D30CA246F9B4FBADF654C011D00FA144170C9E9EBE1A935D620C43EBDDD8D1E60C29EFDA04CC17407514887F8198CCF58092CC75C241CB34AC2F9477DC0675E8CDB2D6934EC7B3EC25EBB370CDFB79072300575597754E5609BBB94788FFC5E12E713222BA5D6A22BED445E13E170AAD9ECA0D26E22CD0B808E1090EF44D9BE210E426765B9CB2D75954316160A44C3D936EEB21DAAB7AB1E60A4F651F3F5003061D80E0E17C0530D4F15474C2B861B72B3FBA058CCBD14568236D40E6B3C359FAE089388639703057DD09806C9108EE6843F02F03492C6B70A421B01DB32C10DF88AEBAA3CB45D4CC0604479AC1CCF0C9CD76250AC3345BB60BA081462B1667A1A5C772B505B5D705223E8AC30FF1C423783E1977E62277D196517636CDA83A80A87AA54087CF099B1494DB8F63C166E183CD3E8528557038D9D826DE01963B471E3337093139CEC888E6C5B1249826D966355BDE17CF989254C8C35036714852B24D89BB666EA8AB5AA68506125ACD8A51848478A2C14C94F189578C0ADC8D04AC0E896F6357DF3AC17172B06B5B25BC4A41CE3AFB266E17F7990327CC174001F71ADAF8F5EC08404A3A74B80E4974D20B631C11477BCCC1164AB8F49F7D6F57AA4A77F724435C218108DDBA508285D3E412A8778035FED2E516DA7BF990AEA03FD7E91F05537FB5A962A9259A0750DEC465687304925CFE5BD8F044A7A1EE638D2C448235D2BC2C9958C21DBE152B8D9865E336B57911AF86F404723CC995AE595F888FB675C47C2BC311F60BB3E47B4125CCCE51AD3A231A9792DB6788A54FC2935E22313A744065387AE450F0168BC00F60BECE76FA41E5383B0B45F950B27D327379865A73C6239B481FFB4AE78757CF51F5ED4CE20A4C31E89E19FDA2959158578439EC56CF6D29B0B2F8C307D63A13E8073E5AA7CD2C0FBE55EC4348AB807E773D726754F72EDD526B788ED61D031B3C2F64803AD34CDDDD8DB86C0078AD3CDC728B0399401A0C28E3D322FBD576FD97CCA4EAED9146CB3F83D0139024C14E249ED6996FC6182E739C72B177149EA08FC991CAA73DC8D6729649F395658B33D49B21D221D65E0BC90A0AD85E0F714D06E2CFEBE84F163843B7854F9E83A0409C07CBD22646C1A841FAA6FDA61FECC495CB2C881CAEF7EF4D8CF54B52241DB36B68093D40880822E808D40C2DE6D0488F476FC79064A0C8E03A05C02C6DB20F3EBA8E0067C154F2CBC7C4849CF87F7F1C92B4EA8BA70177FD1A31F691168317A3D4CCF9B9EDE02DB044645622313807E49BEE1D481136EB26803CFA5756E177EDBE1AAE6B0C8541B4FC48CF01014E54B2C789241DE9C54ECEC921AE7AF8A427213689A4A2CAB6376719C25A896B45CC414CF762B91A9840210095A46F3281A6DA086B254C916663B7941E4CE5281E33D8E3712226B201DAEFF4ACAB7C504C727F16D2F11C14885A2ED080638B153A40B3B12457A6A3AEF950BEFF282A079185C64FB1CACF19B8182900F2C4EBE28B7E370A3235D45C6F484FE3F75449E499F07F2F0A4FB1AD6508ED8CEDA34EC98A4957EAEBF25FB8F43D16F6DF3E32705A82979E221CC11E63B0C883D1EDABD4CD5A0855812477BCC726D68F0B211420C068D60BEB2D2CE9DA32EA68657432CB2014904BE4248FD08DA1F9C5E455B32A1A1C9AC31C7E7A1ABD8BD363A38AD78734D1EBED954871C274A5D54C1B492F01149BC90848E04D026118E9DDD0B84C1FF22473C08D267F1581D566C5F62EAD72C79D75F565BEC6C3275ABE3638D2D003CBA666B5AE85AA6E33D807F72AC157F64390320F3D4203D0FE2B70EECA8BC174D98AE7461444CB33688FA8BB82CB81F84DE6085BA9B63A9098A07E78DBFE5A20161366ED941116C790C67D7BE28680D3372C19E7BB17433903ED4688D63D4CE54DBC0BABBEA4916FA49AC71377A7E2812BE6512D504C04F51A6B01E625E806DECB5D3F6E19C726EDE8428DCE04677B2D8A7083A8C5A9304B06302F01973A169CD4A0D04473F769BA8B08E069F96EB07AFA0A5A061723B5C537BB6B41AAEB03F736F1B00210CDB816109D148692D49854DDA515DF53E9F737E594EFAA8033D576401CAF82ACD6CC7E8E913BCFF0CECF25D6C8BE37CA3B0D05EFB405EC144E4BA8B43814814B3488C6C7844924F77D06ED8E9D4090F758C13226577265B20898D40EF82D8410AC9C807D6BD0DB7124D4F23468736555B584BAD6864130027C825F8F15AD4A6550A5BD9AA04C69D38D44BDE53B5DF9EB202347876643C250278D786F8D8C4A8C9EC33FA57D8803909FB0991D370AD2FE3B6BE7E0798D4282C05B27410DA4B1718F05C82269C3717392580BF0391F20BA083057D3AA392E29D5C81CADA50069F812E6B8EFF77C59CEF51D27098AAA219BC59D4E549767435766344B754AA70FD43877CCBBDCAE4D0D6FE8F30C94B87C82ADC3BF62DFC6683D910B13D4ABC4B6B68C47AE51317F1F51B16918E7D9E851C653330B01838ED10601494C8BD86328405C18FD20A62F384129DC5AC3EFC58A915A182369F1A1F088608F64B314FE1BA543325B72986612765D3A474CC9A6CE04E1ACFA49BBEF23DD0B0E4E40C320578C985E8C29A653AE7046016E067887E85C9C3CDCC456CF811A256FDD8F1E9E8660466372EB85BE369D3B496991A7D99198794DDCA7B64B4BA91BFD7A3C258B170213639302B4EB45A8C9CE7C2A79FE3E3FCB0C23B057025CC207A6D02FABA9E299FD95525B4DA20250A1B54FA196210681961A04B9F6862C5F87586BB90027C06E9B769D15CB06A7867F7329731AD18DB714980DB021C8A93D32A20858AB61A741FE8B6CEB89E6DCA0960B06286AE297A5FF8B99A42660B3B802C330B91F686E6F314B62B2C83E8512D93C5E29D689AA1AB43401D0A866586BC937F66A3D0711C20C9AC36426AE20041358AE8C3E1E6AF31E4DF0157EE582210B6C32F346481B7D888D34DA15238C62E1B43FA4D5C1C67F6EC4F25A62B810418D3512B81CB107D9E88711E64C4F224894CF80D09997744FD7AE52446A7DA4E10051D597833AE1B36C86A0CB69B51C27FEE1B0A126FD88AE54BC04291183C0919C4912DD5D4E9EEC9C40B65D58DC33CB0289B0FB60D11B60E7FB7708849FEDB54F41A68314805A5C0766ACC9F338A46B29EAAC00087AD");
-        byte[] sk = Hex.decode("F60AF7FEF8F7FE08FBF50300F8030CFEFFF9F5F60103FF0FF601FE00FBFA0E0003FC030007FE0201F401FE0404FFFEF6F9FC0209F705F7090E0002FDF1FA02FB08FA010602FA00020B06F804FDFFFD0601F60400070100FD02FBFE000B02090308F9FF080005FC08060103030801F90B03FA060704F9FA0FFB050CFAF412FB0114EC070BF4FBFC03F204F606FD0400FBF400020806FBFC0CFFEF010CFFF9FEFCFC01120909030CFDF303FE0200FC0600FCF4FE0504130D010CFC0208FFFC00090A01FDFBF111050911FCFE010BEE0302FCFE07050A04F616FDF8040D03F7FB03FD080503FAF90003F70A00FD0AFBFBFDFA040EFCFAFDFFF100F507080109FFF7FFFD01FF0506FE04060B01F7F9FCFBF305FF08060604FC0DFA01FCEDF5FA020707EF06F8F00D0800080EF0F6FA04F8FC01FE0102FCFCFEFE000306FD030601FF0308040104000302FFF5FBF60AF7F0010B00FF0009FE090002F402FD02040F0100FA0606030205F71200FBF70909FD07FFFBF107F703FFF5F70FFB0D01F90301FEF30802FAFDFE010608F80BF603F8FB0E04F905FF0CF9F40EFB0B04FF06F7FD08FF04020103FB03060208FEFA0CFC0A09FC070BF5FBF903F3FEFF0312FE09F9FC040A0EF5FF03FFFBF8FD010E03F708FC08FDFCFB0C0AF805F90EFE07F5FDFCFEFE0502010801010601EEFDF307FBFAFDF903060B0C07F800FDFFFF04FBFBFD06FEF8090A050A05FE0A0602F102FC03FDF711F70401FDFB00F4030DFF0808FC070405FC05FA0AFF0EF200F6FCFFF8F20E0AFFF8F7FCFF06F708090FFAF6FB04010207F30402FF05F8F2F0F8FFFF060206FAFD040107FC0AF305110E0502060B11FA0500FC0BFCF7FCFF09FFF510F802FD00F4F807F5F8FC0EF9FF0AFBFFFEF6F902010BFCFCFC04EBF30703F7F30204FFF10A0BF80D01F7FC0B0701FDFAF300F60204F60EF41103FAFA06F7F7F80304FEEDF205F9F9FF08EF05F90DF6FF0307FDF206FD07FEF7010307FF0600FAF7140300FDF70410F601F80C01FB06FF0BFAFB0209FC07F506FD040A040C0DFAFCFF08F5FDFAFF03000503FA07FF0601F8F30A020201F5F8F9F4F704F60203FE0505FC0A0C02EF020204F7F5F60405F7FDF702050202FA0B06FEFD0FF7FFF201FE08F806FB020100F904F302F503FFFB00FEFBF6FB08F9FCFE0407F60609FE01FE020105FEFFFBFAFA07EEFE0E02FA01FAFFF7FDFF0403000207FEFBF804020008FAEFF6FC0E0C0604FE04060DFE0D13F5EB06FE000A05FF0E02F7EFF700050107F5FF03FE01F209FD0301FCF00204040203060208070AFCFC00F2F40BF6FAFFFF02F90701FD030405F50606070600FCF6F609F5F504FD0D0A08FBFD0207F3F601F503FEF404F7090403F90101100E0000F303050104F4F20C04FC01FAFB01FF08FA02F304F3040A0BFE0CFB08F80B09FEFC0105FC0B03FCF1FB0904FAF30204FFF2F9FD0B0201FDF602EAF1F9F708010000FA06090301FEFCFBFEF4FCF9FFF8FCFB03020A06FB00F5060704FF08FEFDFBFE11FEFB010202FCF300F90C0105FC0604090402F8060A0A03FA07FF0C0F0C04FDFBF7F7FF0402F8FD050B02F801FBF9090C02FBFBF1F30B0901FA03FB070300FA010403FD01F303FDFF0F0209F7F506FFFD01EBFE06FD100F000EFDFDFC03FBFD03F8090104060A0900F508FD090D0105E9050305FBF500F707F70503F90706F10801FEF805030B02FBF701F60007FF03FD03FEFD000808FEF4FE04FF0CFAF500FB13F600F5050BF50CFF01ED09F6030305071B070C040C0206090205F103020508F207FB09070A00FB110502FF06000811FFFD0B0D060401FFFDF702FEFA001209FE09FFFE00FE0BFA01040308F6FAFFF6070309F5F408FFFC02FCFEF7F80B03FEF8FFFE01FB04030304FDFF02F90AFC0A070407FD09FEF5F9F3040002F2FE0D03EDFF0305FE010B08FFFA00FAF7020106010D0A061913FD00FA05FBF808F404F9FDFDF0FD0403FA020200FEFEFB0004EF03FD0B0301FF010A02F0FEFF06F6F400FEFFFC06050603021005FD0603FCFC050A04F9F804F40E060100FCF3F3030BFFFFFF04FA0705FC0E04F401F9FFECF9050C07FAFDF7040EFE04F9F6F900FD18F7F5FEF6F4040307FE02060302ECED02FFF902FFFB06FAFE0BF90100020BF8060008FFFB01F5F3FD0501F60D0B04090204FB0508000CFA02000AFC06F8060200020606FB03F80A0D0800F501FF01F90DFD0203F4FCFDF8FBFAF0050107FD0101FD07FBFE00FC080807F600FD0801F20200000CFEF5100802010206FEF006F9F8070B0712F6FF0600070309E8FCF7FC0BF8FC00FD030F0307010807FD04FCFA08F8F6FE06F8F6FCFCFF06FD09F5FCFFFC04010F01FDFE050E0D06FD0AFFFDFC03FD08FB00F7FFFD03F607F80707FBF8F90108FBE603040406F0F303FEFA01FEFEF303FFF202050203FB0407021104F5F7FEFB07FEFC070B05FBF9FE0CFEFB00010CF80C00FBFCF609FF06FFFCF9FC000201FF04FC03FB040004F8FB0B0301001001090003FD09F9070002FA06000D0D100508F2FCF4F10B090501F90509030104EFF2FAFDF903FEFCFE0906FD00070802FA0304050C050A05F90AF7FFF9F704FFEF100005070113050CFBFCF8F30212F8FDFE030505040C09020201F70BF3FFFF01020FF7FE0005F8FBFA0B04010801FD02FDF601F9FF09FD04FD02FBF7FCFAFDEF04F90801F4FE0FF7FD08FDFCFE05010306020EF70201FFFE02FE040705FB0905FFFB04F100FA0A13FBFBF60AF8050803FC07030AF9FE0D01F7090E0009F8F4FD020401FC060607FE0206FFFCF8FEFD0004FFFE0704FDF5FB00010403FA02FF0005FA02FE000AF207FA05FD05020504000BF70FFCF8FDFBFB00FFF5FAFD0309B60E7FB7708849FEDB54F41A68314805A5C0766ACC9F338A46B29EAAC00087AD394D1695059DFF40AE256C5D5EDABFB69F5F40F37A588F50532CA408A8168AB1");
-        int smlen = 2753;
-        byte[] sm = Hex.decode("FB07A3E1D8B107FCA922CAC88C668B69F9BD54330712E3788663FFB44310B4D5057F5F479039A87C3B0564A2474D1A97B944E852300044C68751C09A7A5B8394D4D388456DE8535EE57238F2364DAAB11BE3983AE492D5AD2C9508CFA2A138F4666871BFBD394BBFD69E577E812A13D973E20D8B3E63976021D946B0B3DD53D343C344306B85942927A75EF08D7DA4BC31DA2B0F727B997BA243BC1294B30CF5399F58D9A1EBF5F2D4E5D3D3FBC580FCF2F6EC2457EA4C713B5B0CC6FC565331E9DC92CA419CC73A4D618ECF6A5B2EE146B28A87458D332768D93C3E01A43DF628E1EA0B539040B6D5566189FE8260A22F701EF93907B061275637359DB9BB6361A680DF9FF38B4FBFB2BB31CE0D1891CBE07C6C2F8E0832038239E92FD4F70F5BCC28BCCA1E9F800266EDD0CE007FE86052F1506DC45A8A9405F13EE63C963019776D11311AD44A01E5B27CA4C51E051BEDFE0DBB5A3A7ABEE5B245689AAE0470D5803D1308D78D8A15167F31D87A89E186CA8B5F6566CFC7148209485AEF22B1735FD487138A261D35BDDA857BC0A966A8D407463D1BE9EEF2387F2F93B1A835AAB97A17F496AD92654F5F70DE317120365DFF755077168DD6C3E2320BC025E361A6EB98873DE8F9228A223BAE4138EE114B926C48494CBE6065C08E759109BD18C41FC740057ECA699369737E78C15FBECCD29D1C6406819511B4D115C238469E7D0722D0F17756F2F9AFDAC4343500AEE4C24D39F7C932270796E110FDC2739DE152A42B494C69E38A2909CDF0FEB6E4DC8EC028562EDA3109ADD188CE142B8189565802D648067BDF6497E61758F9C893100C2FCD678DD5CB17699ABBD670EFFDAEE6BDBC510727A48ACF0E4FAAE0E7D9A04A27BB375671048CCB3CB2C69AB232A9C31F617B7608ED88EE44696A2F75F8F35D1938430D482C67861E7E63FB71BC6925F66D793C9BC30D0F11DEB80BC23E1AC43E5D2F91F4DD216AC0FC0379A8F50F290789E72D322E9F75433857D99E5B25DA53F181B52C61E1ED59B99D7D86333C69D8E7989F37FF92D3B51125ACA0C477765D2710DCB52804C620E39E85EF9F01F9C49E5C123B898952CCFDBBCE985CE9D3E3D9D7A3F254FD10614899B694AD59520CDA87DAD998A7F0F4118E14EF50470F3B970C89702849EBD5FFE168E387AE970318CB5642D46D8582013779EA03C956B893BD2374DDB002A14BB0FC8E2098E1612E47703EFE0A75F35B751EBA9539E02915AF108821C3C908315F1C34F578D077A78F91EB6DA12CB4CBAE937CB7246A0C56A9F997D58A180653FE8B5DEFCEF1BC6BA41DEEDEBA6F3D6B695A91C270AAC086D9CEBE4D04D6D939EE0A0C1201F10C39AC3708264DDBD4B1A1B7D245304F8A6AA4229A0F7599837D9ED334246B719C102239C7BB93C0E9EE6EC9DDD57C59D7B88E43E1C19206F356BDC92873F8D7A687FEA9408507B32C2F4103936FDA2A694F486E05129D69F36563ACACDE2D60F9E114502751C2C5A5EB27D8DA8F497260A7BA003A858802F26A630B69A554CE006D78223D400E7E757AD8760D1EE7C8A6AC629E28C5CC0BA8242FE96203D970637578BBEE77466A6ADB19BBEE0B3C894EFC692D200106967F53AD26BE7ACFEF2D3ECE609B89F6A940FCB948D458E89798E5DBB2D5EA7C75957FD9F53F58050CDACA4CF5613C4460C4E3638663D4E2A4975B8271BFD26C48207ECAB05712E1651C352B0621C3376BD713CF3A81DB0D4AB2C3BDB1EF54775BC980BB04E3872C9119890037AD8BA2A984F7F090D8621D442383A2EBB4667F885772163978B346ABECA297D983919D80745B061154543E1C36271D9F5E82D929D2AA007025E8718324E260E992528D0213FD5A5659398FCBDA4080B34D6AE7C7C7DB595BC0A7E0887EA5FC7FCC76668214DB2BA457C2FECC69A37D39C7C2009BC52F7F4304C26A260994395BCADE9072351DAF81D484876ABCDD876FA87CE76E5F024CC8D098351B777D9B908FA5D903EDA4BD732173E974DD36BA039FC30BA6F5EC7C60C507E1EC4A7100CC3042EC30FEA3905998483CDB77D18118C547805C41A26DD0007F73BE9447590DC544EBF8D6880E7E61104DDCEEF39866DB0868CF9C8C0EA3BEC50B2E608540C3BA1AC7D4C9C945EC830A002C15AF68BD349E5E2704F6C244EBC927051B1F04072411AA7299FE88A38D1963FE778F5D86C34DAE4983BC2B6152E84A65E820AACE1FD7BDB5E22606AEB8590EFE2A7A40D4159EAE17D5F4239BA3D2ECC659DCDD7406D76493D4092F0D4FFFBE97553A26D94B4DB223A8B62A135AAA6C692BA1DAE42929B9D4988BB0D7B06B14A60607115AAB791A3AE54D5FC0437954B9917EF638F0EAFBDA8C4AD68C997E732C071A49E6AB0FC66238629C6E027C1EBAE1FEF45874CB28C12298734F0E0BBF838BE199BEC0CE52D206EBA2C4AC6230762B476A36042ACEDC9DECA3D36C92492D998230155D08522D8E11952A3BB06128D11EF142A15376EC172B66294A7006647DD1831ABC0034F0E0FEF507D988F0E60625AA76A535C2388F8E7F5DE8F59997883280BE1BA98B7CE54C797582933B688CD48460ADB2602A82912768A34F9E911F31BFD39094E7D8918F6DA0955F03CF44C0D4B37FB331727F1C36CD130A9CD0CFB88B1F274EB3D58E82E0852DD6C80E0F368C43BA2BEE67139ACA77ADD2633788AB994A29A565380118FE843A74178FDAD308BA5F6A570FA337A6B1E9BD5B6018AAD8BC8C993FFBFA7015D7337477E28EC09D6D9AB9AFA9CBB96DC46F9F9304B0AD829D54812B8FCBEDE58CECEB89E7A992AC0400E7BF0AE2F90768D6EE308C78DBC7F8D0BABB8AEE8BBAD5DF00B04C4C7D70F8B3F0B6A4BEAFAE07295C27EB2FDA2E15C1D0BB5B4318944117FEF36A0A94BEEE967D56A679116151FA916727B66D174824D13DC80024EF0FFDE2C4C24781F6D24ED091F4CFE61B2151E6BC6F5DC08AFB5DEE5E53C9897805D76363DCC57B42472C57C8DD5AD2D028AC0AC9640C14BFB18E8D6D4E6CC505F68AD65C49693C42043595098DA51B7AFFF60D7B26EEF522B7C5D1281B5962E3DE06EE6A09253897379DCE3285DA42DF236431EFD2E60E255DB71F380FC58DA34CA88E86A243B20486FE52B6774CC17C58BF1A2E3978A61FB046EB18014F9485752A9BBA5D9A434F51D0C0A2AAEFF67B801A996E1189BF68A0D3390B94595018FF6F925ABC9F4E12C90B8DEC1BC7D2720F658826CC53082397E19806DED90481E73F99578AD4B1D21FADF9E9D808BA8ED362B3F86E6EF491B13F48F064C22D278016DB5DDB264A4A0A18382913723E8E3FAA13057872D75C158A056176DBEBA30D7C62984E046E2188DFC3AF9C56149187BBA63CBD1D52798B4FC90B95081F5152E4686D3B9293F379F2ED37F365FDEA9E15024FB028C4C1F76A49EAB005FC92692A09BE757CEC084F4856D28A13C36637688FF369695A1FBE9991CF2CA3A10C6646B36B0ACC0CB00BE7BDE17682842690CA18C17E690D937E55098C82FEB02907B83BE2069B336425277E3BAB065614A44FCFA606CE390D504E72A8CB79745C82AE0A259713243BBE863ADAC3496E9254F2BA2AF5007EEA92413327FAC766600619DFBF7C82D4A8B53C50EFEDBC76A199A8CA003D5BBF56BAFC0DBCAA0BF43E4EE53A0DCBC4C10945CFFF2398377EB3DBA89710C0AC3C38E484645A629833B204E68E03D9C02322313E70F20B2E0655146FC8E4D94464DDAB904534FF4A53FB8D5FF9C5B6787AAF969275E817D66525C07ED7966FF96E906FF6F9A3F0B61788389C1F779DC4E6457DB0C2E1056F28F589021211450772BF97643DC8351809DED81C4D8D734FCBFBEADE3D3F8A039FAA2A2C9957E835AD55B22E75BF57BB556AC8");
-
-        doTestKAT(QTESLASecurityCategory.HEURISTIC_III_SIZE, pk, sk, seed, msg, sm);
-    }
-
-    /*
-    # qTesla-III-speed
-    */
-    public void testCatIIISpeedVector0()
-    {
-        byte[] seed = Hex.decode("061550234D158C5EC95595FE04EF7A25767F2E24CC2BC479D09D86DC9ABCFDE7056A8C266F9EF97ED08541DBD2E1FFA1");
-        int mlen = 33;
-        byte[] msg = Hex.decode("D81C4D8D734FCBFBEADE3D3F8A039FAA2A2C9957E835AD55B22E75BF57BB556AC8");
-        byte[] pk = Hex.decode("624563CB6E4499327172AF7F15FE1893614871835EA6F3330DD94337204F88D911FFB91B06CF2F07240203F75353906FB7EA7BCD0A4362546D94E60D32833623CD73B1D055DD1C2533CE5B81DE05C02966275D289D25134EF8577C7A489B383D3FA769DD3C1C033325034B731F7F678E5E58426F372F0F24DCEE455A8C6B0E6A68796E7B8D36317B23641E7D4EDDFA1E4F4A5012F50E70222E36527A14A559F4132F025F2C20BD3C2C023AE2E249E94D23460C80B94006CB1E38769A510911672D2E48AA5E5DD54F38746C195CA954D6A909CE33759A222399F209FBCF26641029D08D4C0C3D51D2FD7DAB2A6A3779365B06720B686F052A1FC5A54C5B4A26962F224C194096FA7048372F037D5E9772315B956881615C72EB57A0B661E9851F5BB61A17755BBFB571CDD90FFE562C4F147846407266A43AD9D063CD7710256D69FF6F07164E7A41D13E66C60614EB7F69B621F83237633E36E7F16605DC0A89A774E425323BCA551F211D4AC6110C314F39B873E48062C00255EE6E7E5BCF75A94F6DAC0E182C44532468658A2A6A9A9B72BAD7715E0765A10B520CED236A4D3343FE2A347D726D6107046877FE583F09FC50F4804CAD603810A15C7BB655400533721E4D38E020EFA64E3DA8277DAA437465033C486FCAFB5235B44C76AB27ED5E5D7BFA6CB2EF6EC7AE008AB5320CF861DB605321406ECDB56837572048175831343A1A192E7844225B6A72E66B42C98C7A3C513D2B5A71BCCC329BCF20246C241C4B5EBD5F37ED144C1CFD173F6330F78D40C9A952192201126F79EB1E444BE27E3FF500FDFA0BC27706FF2A4381454634540D3BF44CF418613C087776C940F5EC1928E1190F710909EB43EA715FBAFA3E3C140396EB516C9664A87277AAFC139D343D512C65776056A1C31104645033E03EBEC24D99837D1A427CFB7B72DDF86054744ABBD62B57A8355C8D3994F84B2A4B2CC1B731529E495F811A73414C03FC1B66BB0C58105283F42AF9B2521A5B717D8A3E8DF411A85C68F706006E8B7D1114769E2103FB2B7601DB1BC28B0355D909AAAB3702904F96BA6FCA3152C4F042596A7854B13827222DE0925A47CE40F2AF3FAE9F19395D70DBAD28DA8E7AC34F5BD36E174CA352807F2C49645B05015B389B3666A679AF7A033C8C0659600F6761263ABB6B4BC2360F29267AC82D80905502B7557A295406D605D75828565046DAAE09B12080EEAE67179D53B05A54444B4CC77C1E2DAB2D298D785B841047B5665D3C36E3181CD7AB2DD49F78633661949F585E0A18530D7940046E140D684C033915EE5DBC3A07C34A4178516F43964F0E2E04647324D26107980F68FF990C7B8C0C47F12FC1AC384520485EF061DF373B78A12D80810834AE36E5BA37397D35AA5C4625B708C51066F5C54CB1C52E0A9D3CBB772819D44A875B78AC4A65D3EA7621BE271914770B8D363CA911B8874CA1C16FDE314725B409391933DBD96B5BB013C2723E307D7D9C1C41654049204837D4074FA12B46E25D39E1EB3F74194C08CA47453E2092AF3142D06950FE14087E1A80970ADE4E7C6F6D70294F3710743854AF2D0A1776DDE166895950DDF06B2ACD11E5A248D8CE52EFF276AF9414B0DE264B315D61413EB731154CEC10F0FC230801229311566E781A57F65EBDCA4EB0CA71C62F281AD139D105108FFD5345016734F37C039377F71B36B649661F425A2CF3132CD40FF6DD5668C25808441EB86415136A55F57A1DC5991463A00BB3C67CED334979BE64A192471EC95F9F591014D607BD23585E5F0E03B33AA6E11E70F3314E7305336F5BF5E25E25D33C985B2D86BA0C41980199C506CE420F12523269D62949904174B86B383E41255F64940029094C0E9BAF76636E6E37B6711DA70ED1510E6BE35DE7C34FF8613BF3AD2358161E0E7F58696A669FD50ABEA278872C58BC3B1387F93DA26245E1DF1A35D32BB51F372F1133975E5DA27B5E112B43508D5588EE21D7A2704A9F7B1E7C62454D6D4321171C3647841D4A7BBB3B25DF019F856B7DE1652F26132C55049BF85AAEF21FDDFA03BB873761A72B389B3217C238B1EF315D4778EF4643431E1327350F240040CCF90C324370843554E9C23F6075089FB94677E85377B74FDD6A174F3B628B3F30778A629F6A5D9D8274943110095C3B763E4BC9862DD3F1441DE30256F20FE5DF629DBA55AF182C373D03D1E707253360E69455388554FC8140E97377B38024DB1C1CFAD014949552BDE132F8BC1D066166B48566C4A672B9F07A3C32399CF351AC073665FE4D52D11077CC6E823516920843FDF62FAD5D7D081B17470F16122317C3C84A7BA54B988E77952D1ECD012F90BC3C1E4152FD577E927847A8F943F5B87170A933C7DD5C8DEB4D0D02615E7B66D5CD399D0613CD111784C27A27A71516174B0D9534CFB51B6EE67D77767B818D79444F4FF519397E4C7B87EF06B0826DAE7031CFA63B835D4E2FC5035F3118463977458C6F5EB97F9CC87D77F107C28402F9D616681C108FF14C432315A368071A6F19C18108833137A4DF25764754FCF509EB6B1B118029CD7425566F4569020F5EEA7C3F5A6B0F3B62E8B615333F5FA43E15484C4F71496420D331D7FD74445816273113BBDA6DD5434DA9537EAD8479F20C2B4AE7648B9B04EAFA3A36143F0AB364552A482B766ABCB33274C832F5B3687B4802E3E369804275A0F443C5B76113E7380ADF03BF7057BAA575521D75F1EB5F774A7353A94D9BEB1BE70D174E602435FE55B8863CF5F71782B83F1AB62C222D5DDC8E04B20D5EDE755CB89E61855A160CBA7F60D708238267FE727DBDF67B8F160280A363F04B5EA62F79ECA260A0DA31B0C016DCF509A32E80A2B91176534A36B345FB2018C17540D14D569CAD14644F1135E779D360078F1D3DD4790757E035A4466B1C097751C01FC0E32D6A0C24ECD16D027441A38D26A9125F0D13039F9B2650E64C31322DE2743FB5306D057C1AE9B2051D916C0E076439070328344C970E47651B2D9E826DF12C6724347FCB3E13C61E0B79AD1E67D747C1BD3A9FF274B5EF0143126EEE3F6A72E10F75A70A77EF46B40B1A2D5A39BC2A2933DC3222787C60AC73ABBD110E73698E6A00C8BD031B626583832490B67647A3499A9431F3446DB4710E24F32F3F321E6C87427ADE28DEE2287D6120C6D633E1036A1B72067B955C3F873026E01957491B5F8D60888C13A91136FAAC24DF284668B31602C24EA4EC4BB0AF4A444C3AD22620E0B046E0CE3B28186265BD34C2EF34A74A56CFF15F230F308C6547D7252D340412F37F279B033C068961CA220A6855624EB860BEE53E8D0C492EA668A81164A87F042D9749DF8B493E4F2564D437ED53183ECB06961A09A3E30C4CDF37013A7435316DD6877CF3E2556689320CBF6B504205CDCF0B5F600EEF300669F65123B60972CA14785E4B54514143193B889D17415769413927235A24BA7D3828A844798179A44914C9F94B47701E07233E5B4050B6044270930583E5381AAD35E1C906952C1CAB143777C26208F90AAFBB6586295F168758400655DFB852BD314E5F5935735D66090521395B56CC60029B752D5D0E2B69F70043DA3A620D6A089661060B04E7402D33B77E726A49AC7C4D8EF52819E704B8B41745811774611BA3F108CD3143BE976A4A310D13320FB3C92B41C353C3725DB54B091B1E2CD9BB474360159BB615AD614399D7635465761748078FFB19828B72A1B57001CE20289E0F02BD15BB5E109FDE3E92BA495C660332337B94EC05568E4AE9065D1B0664CD4D11CA9A0BECDC7AD4041E2C044456B77E4E3C2066A33AAC412D53E66E2AFB12B946079B330BF0852D033342F2914337AE04425A02F80E1CC55C60530C08692008AFC758749726B5340B29F74A3F8F4045436293870A91746FAC025EF07C7D1D065B9D120962F87255E21E6EC73277D66B353D741F2D3ED099670C560D929D5E352D7CB5BB2A529F35FE8E514E4D72779256CBAF0B382A2E082E08294E6CC83955B2FD0ED1C65AC2355674823854F807EE707F83F42120375D4AEA21D076503CEC7DD539645B527856973BC0F06597081B7DCC48D428130A9F3230065632201FFA404FEFBB7EAAD60FA6AE57CE312CF7A51703610B6B9D0BDAD64A09D402C8D670DBEC4146816D80723CDF8E4BC6DA4CD5AA540FF510626F12FCA9485DEF65045257B5B24E896C647FD61C5D12013B3277DAD75B21243AFDA11109826B7B7F5873503323EC665D8C11E5CB441C4065FE1763BF302B21DF7FFBD021763F6031AA36369B198D761FD1FF1925583733EB325F845D754426B60E7FB7708849FEDB54F41A68314805A5C0766ACC9F338A46B29EAAC00087AD");
-        byte[] sk = Hex.decode("1C002800F0A040010E0AE60380A0400001000406101850408100020FFA0F98AF9F7E000701F22F08C060BE81F9FFFFDB1730208002FFF60F0070903E018006F917F8B72F60417FF9F1E7BB3FC0FF8100060000CCCF8FFF7FFD001412B8EF6FE03EFF04090A0CB0EFDF0003FF063A10C82F7F8002040604C89FF03F8082FCE9EBFF0F50C0000304FC0104E81FC0BEFD07F8FB03C04FE0C002FCF611DCFF6F5F4081FBF90128F0FF3F00010609D41710F080C004030AFCF397105F400203FB03FC3F80BFFDFA06FC032CE0AF6041FD07F4FD3F40EF5F817EFBF8F733D00F1FFF7FFAF81F00E8EFE03E85F40A06F407C07FC17EFBF70BA0E71FA1810103FCF90FD05F6000FE03F8F707F02F60FE0403FFE3EB5700FF7E7DFE081C08282081C08008F92D2C2030A0FE8103FEE5236000C07FFEFC0EE60FC00FE080FDF712FC078090A03E7CFC0C1640A01F5F81FB0D00E01B809FBF7E7FFD0508F0B78F20417E00FE01C4A73FC1BF8100F901F0F74F1F800208000014803F1F427BFA101A2C10D06080FEFC111AC4DF7F40C07CFF01120C581020C1FDFC07FE03286060FFFDFBFE173038801F828202FA07F417307F3E7D05FC1B50E8AFDFFF8306F005DC172040808004ECE5E33FB080418304FFFF27889FDF0103FCF5FBF73F0021FF8300FD152020B0FF817D04FD0D3C90E0FFBF080008E03FE8CF60C07A00F9E30788D01F8280FB10F22B686FC0407A00FDFF4B40F09F817E000F16D8BF4F4041FF0602E0D70FD07FFF8301020204B03F20828203F721BC47801F7F01FFFEE7FBD7FF1FC0FCFA0BDAF75F30DF000406FDFBF3DFDF7F3C7FFCF31F886F5FBF8181F904043840F040817FFDF80DA4A76FDF00020A06F02BE0BF9F0202FB03040058D09F037E0100E0FFFFBF803F7E0006FAC3BF1FA182FDFA0E16C0EF0F014182F5071440B0EF9F4183FEF909D4EF5FE0FFFFFE06F81B1840E08002FB0E0814103000007FFB13F403F8DFDF3F00FFED13E89FAFDFC0FE010DE4378850600002FE12F6335810DF410203F5F9CBD78F7F0080FF00E023E0EFE080040206DAD34710BF3D010204ECE7DFCF9F80FD02FC170490DF20FE010107EC0BD86F9E417F03F2274038201F7E7EFF050CF4671FC0C08100FE0B14F8FFFFFF82F9001838881F213FFEFD05E4F3077060BF7E04F9FBEBEF0F1F827DFEFB0BD8C77FC0C07DF600F42F980F60FFFEFC00F257E02F21FFFDFD01E653F0CFBF80FFFBF703E86FF01FBF81FA04FCFFD79F2040FEF9000A0410406042FC0606F4DB67BF5F0284070A0218C8BFBF0201FCF90D3838E0DF41FFFFF2E5FBAFBF1F40800300FC0380D0FFC181011024F47F0F6000810102120CE86F8181810200E0C7D7BFFFBFFEFEF8F1F3CF6FE0FE00FD011634F87F40C17FFC0DEEFBC73FFF3F060A01000818C03F408302FCF90F60209F7F7F06FDE7FFE73F60C005030EF69B476F600082FF1202F4F7DF7F3F0402F22D0080007FC0FCFDE607280820018001FD051EB4B76F204000FEFC21E49F8F1F7F0105EE0FF82F70BF81040500FA3FB00F60FFFE010BE013F04FBF7F7D0210F26F287FC0817C071302E81F20603F030119CAFB4F1060C0FDF9FCF717F00FA081FFFDF601DC1FD0607E83FE12E6EB0FD0E13E82FE00041840E040FEFF00F0190410DF203FFAFBF6F903E00FE03F8403FCF52FC00FE0BF7F02FCFDF39F4F40C381FA020AE417409F810004F1EFFBCFFF7FC07EFB070010809FA0407CFC010624A01FE1FF00FD08EC0BE81F003F84030F02083040FFBF7DFFF81B0CD04F60817F06030C0490C01F408108FC0F10A8BF3F3F7A041200FC1700A081FA03FA21D43730E0BE7FFDFA0BF447B0BF7F7EFBF51138F83F21BFFA0706FE1FA83F40C1000001D433E80FE0C07C0502F2070020C00003FBFBDBDFB7DF60FE82FC010AE4DFCFC0FE800A02E4BB3FE0DF7D0400F4FB0F402000007A03FE21CC3F1FE0417F03E8ED2FC0706001030402D62B38F01F0100010D0C1828B0DFC08401FF073CF01F404102FBF40F1020A03FBE81FF0000FC87CF808002FDF8EB0340A05F407F08F11B10F83FBF3F010001F013084020FF800101FC4300705E807E01EAF51360FF3F3FFE090A0C28D03FA00000FD07F617F8BFDF7FFAF9FD051028B09EC07F01F7F11F2800BE01FA09F20334C0FF3F017E06F9F92FA84F1FBE84F600FE2BD87F5FC08208F72D2430A06040FD02F5F10B20A0FE7F7DF906F4F7B73FE07FFD00F00510F04F3F00FE040702BCA760BF41FCFF0004F00F6040BE8100FDE907686000C1FFFFF8D7FF176020C0FD0000F017981FA080FFFF0204FC4F805E0102FB03D6EB0710DF007FFCFD0704D8AF1F01FEFE0AEAF73FC0FF3F80FB0D100CE8BF1F0004FD0714C00F40A040010002F2EB1FE0BFBE8100F11F08C84FC03F7E02F50F1C50B0DF82FEFEF9F55718C040C07BF8FFE90BD04F7F417F0114FC0378F0DF80FA02EFE91FA07F9F3E7CFC0BF24F906FDF3D01FEF709ECB75001FF800601D2D7FF9F3F80FF09010AE8AF7F80C081010FEA0350F0C0007EF8FDF70BA86FDF0001FA0E162428D0A03EFFFE07FA1B28E0DF807C050A082848F03F407DFCFCE9F33760C0FEFF00FF0B18B81F000102FD05FE53C8DF5F007B00FD191CB03F01807FF5FB07B0D72F403D83FFF807A8D7DF807D8001FA0B10889FBFC1FCFA08F0FF2FC09FBEFFFF07F8D74FD0DF3D03F300E4D337B03F827F0AF41104D0D01F807F02F4E7F7D7EFFF7FFDFF12FA3BF0EF7F81FEFD0006ECAFAF207F06F907F82FE8AFDFC07EFE0612F83F301FBF7C010124F84F50A0018204F9EF0F0820007EFFFC07EE2BC07FA080000005FA3BE0CFBFBF7F0705FACF07A0E0C07CFDF4D93BC8BFDF3E0102EDE52758F0808082FF0C0CF4BFD0803E0204F7FFF7173000BFFDFA13163470CFFE81FAFB04DA1B70E01F7F8003140830D8AF1F417F03022CE4CF9F60BF01FCF9E5EB4F1000BF7A080BDC0FC8FF1FC0830BF7E7E3E7DF200084FEF301D0DF2F00828201F2072818C0803EFF0300F4D77FD0DF3E80050306E40F60A0C101FFFDDD0B809F603DFB04001EE0AFFFDFFD81FBF1110CE0CFA07E7F00F807E04F903F000104FC17E03F501F007F0BFDD7E73F60C0FEFDFF03E41F987FC0807FFB0414E41740C07EFFFE0516EC2F9000C1010703E6EB675F000202FE00ECC31FD01EC17EF60028C49700FE3F01FF001C0490901FBF7C00F40700D86FDFBF7DFAF80360D04F9FFF8003B60E7FB7708849FEDB54F41A68314805A5C0766ACC9F338A46B29EAAC00087AD394D1695059DFF40AE256C5D5EDABFB69F5F40F37A588F50532CA408A8168AB1");
-        int smlen = 2881;
-        byte[] sm = Hex.decode("820713D8B1371DF090139185CCD8653129882FDC98C3FFE2E84BC7F2D80EBAA1ED2EF0270809C60D2AFA9E4250A237AA3432E612FC95427E40740031C6B8A6AFAC01A4D4430A8BF6A54F262C57E0235FBC4981EAC6514DDD8A92C551597E2E3C700C85C26FF62DEE5B72CE035F2B7457CE02556A6ACFDA6E985733E6062CC0AC1175DB2EC9D3D37F8984B315954C79EDEAB5B0B1432F6F25EC553971CB4DF7E012F19B9FDC5451EFD313FF71E8E97AB9EDE423A0F7D700F212B7A703735592298ACC16CA62BE985301E3B9C12D076E3C168A14F6FD5901934BED20199687B5236772A36596EEC99EDAD3362538FAC2CB46E0D1D546D112C90082307D41EB91AFEE0012E389D09ADAFAB94BC6C270087E769E9F1EF51B6F37E26F0329C925C87CFC661C65CC0CDDCB8955438DEC61BF2F0A1E644F4E8072DBDA1D3E03CB45C79B14DFBF8DFC9C220482B88AE60C1161B6D5B55E8B1126AD84C05C021A69408EC230ED2E377671E3E8662F57ED83D6C295E45A35B19E494BD75D0C2BC0FDC517D40B066E78A5F1FF99D948644A590998B6DE51BDCECEA27E13A118B8A33AB276563B203366F8790FF8FF6C617957FEF2873C32FA658D8F5C7D25F4665B25C73F7D4EF3CE91077285EB031ED4668A0692C3926E16AC928C4A331D8C79C8E93C2B93A2571D171B383E339608B3213462B20E56B6DFB14A6642CE0E2244C770EFFB68AB4D039AB34C172CA497F57F272030C376950157A32708E343F1AC11207254FE6A8F7CB958AD8934A5195C8D07378ABA0FAE7242CE322848BFB9B70EF852943E92A4AA8D604909DD0C3FFE9688B323E9126BD1D9E1365AE7243A0458C90269B565C09692C1FF6E72A5E687ADF21555427B77296AD64872F9BE9AE6556BF8A6FD9EF87BBD4C1D9D211598ECC04915387E3613A5530A3866B0084C25F3093796B92AC377F817E09E9E84B65AEE54E7D4C2D4E166F18ADB33A4F3886198A140BD7129722CEF4AC8B5E506DBDC4FF140F71B7B87B02410A25E5DBF25E94F8CA8E6E5DF3687CA1622F144E23A1859E59E45897002697B672D11D614AFCD9691607804AF9C8D7D165078265D9F16FDFCA92FA9AC36E6102BB5E4FBD25D771BB877A2105B03591D5A0805345440B1742DC9AB8979C09847EF3A92E40ADC3C6EE87A003955D688F0B99906185B9F4D31C34094AE8DA9189E828A235A7768900FAB1B192EC3A127586FBB1FBE7BFC7CEAE5738CA5654244CC0AE90ADCA3525F336CD557B293065D9457C1D64B400D1EC567863872F917E7D35CA192FD56A2119D3C3970512AAA3F20DF198E9D10C3938312461E2DBC93A2917BDD427DD92EA49CA4CA4BD2BBC1766AFE446805010683151817B73B26E71D48D9D11E5C5358CF5B366D6BC2206081C1603BCC6DE2429D0DD55DBD8244237A465DAC87184C366553320CFD4E5D14DB498D16A9CDCCC7029AB3F93CEBD090958CA3FD2062DD780B21705F77F7A6DD2517B3C2E23A950BCFD568C0D7AADB35CAB9FBABBF876E48819E1FCC137849F02FC9355BC9DB13CDB6C2AA9CF9EECB82AAB2A36F4105205EE3E9F098706ED2B5A2D7EA1A9378849D1B0690DD8898455E51DB42BF52EAA1005DD84476033995AD13A86DA7A2E388A929E0318F37C53C2D502DC0A4C21C88313726056F33039EF835F5491A2B0118C4263ACE4FABC611B0BEF2C355ABCA5E7DA1EFBD6D9CB570261B4EC5CA9F9BAC1AF7FB25DBF12D77D5BAE9EAEE0266000002F3BF104799157918F6227082E39317C7B48F93A9DCD2D5F6DB8F0D958E9F5DD9EB46E195366AAA188429BD99D33DC15E27047583DBD6A131B2BF98EE022003F124D8D6C82266236DBB4DDC44113784C7F821D58C75511AD9BEB9DEEDECC3DA9521895CAEB33660D9B95F66FA8A2C4048E7C1202E0A959E0CDB4E1D6FC304F7AA48B605C099824E7890B841589B49E91B0223F5B51862E5315D96E50348A74949F9F11AEE6C49C077DD119990F2F46676102738497B79E5959981A625A3CD5D8EF1086C6B7FB95F44B071CD18FA64052CA5E29062813ABAFE51063B94C6DB6DC70DF9E9B9C82F41B2C8E03B6BAAD9F5E484BC219AAD819D58F65C13BAB464DDA67C07D20E2F23ADA7610786FB20D8B6520DFD2535427C53FCCB3B66924322897DE74A10CFF1112FADE0B16D0012FEE2F852B3C8AA734CC413DFDEA0838C2F4821DC7EDD31D16C23AD7CA6B4E8E09AB764810BD741E0A7BA4A86A9F72B17CA2194C6BF62E315312F8D94B0D3D0F6D293D64F9D146DF8E08640E23855429D3F23D3860F63CEEE1E3F1B0E726F0DFFC74B494C1EBE52EA725089CE4F9F7B4F939B936F0592E5507C45B30C75844C97FAD4E446361347B38ACB22334EB7F79A6827754395C6EBFFAE5FABF096647C69D251829A50657E9B2A0EB455DCDAB45B52964C6339837D28BB76ADD4C44684C9D7FC8B3A559EBEF40EE5A2CC4DCA67BFF35DA1B736DE23AB3C994EE458A25B246A60BD602CF6428CBFA300320C1D78FF6498E8D2A504AAC0DC07E5A0D077445A78875F20275242F1D5290EB3B98171C272D4D686948D33CA4F3626D35C3C9376670AD9ACA8C420E5C43156A2CAB9D870E1D06EDD85E652D962BE186D96B2F9CD84585F67424D74004407C291DC1F454644B96E003BD562658D9B9C07807FCDDBEBE761223500B43792EA77AF20525EA0C1897368FC97097DB6CA4554D1AB78126EF40D6AE4A6961F8E90C4D3B10741B6D2AA3C89F0BC24985EEBDF691779BF1CC69B27E076424AC71DAF713295B6D6A620DBC1D6B9C8BE196CAC12E97970FF14A139D5AE21F9D802C695EC4AD957CB340760612894FD76C1537B0E87EE28B56B52A3276063A7E96E48C3108ECDFB2FF37BBD3E1B8AAB2D7407C91DFD7BB6F8CDBDEFBAACCC8D74E1E75B0298F0820DBB02EB372EB42EA768BEEEE93C891F2B768133D90A32D60FCC59BB9E62848F7D3C145ADBADA260461D0FE0D080990CF5C1DE9EC5104CDA10D6F1410A4693B5EED91E4F8275E86E18C2604374D1675EE902A5F8790BB55656ED228640E9043CFB7BDBC6E38850680F69FE51C60F6DB689911505F398B6991C19E5D9A04C4853749E9B5D90F8F627B47B9A490EB657E0576C587EF1D7A1E3005738BCB5503BA34B55888AC6D0E037D26463F827F67705860FADC524A50411E22B544988B15884DEC6FC463526FEF1459A1A47DEDA883B36FEE3C0915C42609B8B719D1E7D0AB1137D101FCBF22EDDD6A148D9EDB29A47128E13AE50F11B8AF5946532E85FD1F6F24D3084AD1F672EE9EF4C33C71AC6C7C8144589984E31A56E48CDE12B51007F4559C2DBD0031448E9A648F1A31AE84B9C457C59000AFE43576AEEFD34A8900CA19121C5B18BB8475F88967DA7AC8F5CDDC8F46B9D1DF7EFF843E65845AA03D3EF3AF35F6223B973DCC2367BE4CDE98464C51FE4556412664E1C506C86D9F691A494E70263CB841F1F0736AAA306F0A06673B6526CDE65478D7DB0FD9E4F49E7436D910FBF3BBD72FFA34823B83B78A7AB8754E9C6E76D0CC5033EC64391906A1B023949384F72FCCD85B4BE279FE5F69D04A6108CBC1706A49EC180EB6B9A93049F517CFC0E9EE45749889CD86C76B3E371BA5D9AF10E9F04911F6A46D734980A9B1D63C05C2276C5756FBB39015526008C3196FAA5C698B41F953045D0E366CA96DA5D46072B5AC836A2F87A5BF577453103EA9DB0816C9A46874DA2699777D071B27315C972C99E6453ABA11DECA1866E4296E451AAD416F1139118E4F544DBAC1993834CD5BF4CE3A83DDBF2177C2FE66BE72A13C93140DEAD9F9EBAAC1178B128D0A2726A91D3C07C388C40D1F000D251370E5AB73D5F429565A5B1431E9B4C0714E61F58C2918E73D381A38AC42181D3DEE092948A761232386CE273DD7B1F8B7C002CB8D9AFDA95CFC116A3DBABCEC7FA991726BE4AE4FE5D547C0B7206E9D53EF329BCF40A84C339C8394C8998B69ED6B372A4672DD79E068FBD7782CB3873526D43D8CCF4A4D81C4D8D734FCBFBEADE3D3F8A039FAA2A2C9957E835AD55B22E75BF57BB556AC8");
-
-        doTestKAT(QTESLASecurityCategory.HEURISTIC_III_SPEED, pk, sk, seed, msg, sm);
-    }
-
-    /*
-    # qTesla-p-I
-    */
-    public void testCatPIVector0()
-    {
-        byte[] seed = Hex.decode("061550234D158C5EC95595FE04EF7A25767F2E24CC2BC479D09D86DC9ABCFDE7056A8C266F9EF97ED08541DBD2E1FFA1");
-        int mlen = 33;
-        byte[] msg = Hex.decode("D81C4D8D734FCBFBEADE3D3F8A039FAA2A2C9957E835AD55B22E75BF57BB556AC8");
-        byte[] pk = Hex.decode("EA7347183E405433EFF49CB63A9E736B39A86CB67125110ADF35536A44940BAAFAFAB19FCA5B8F11CF72F7199E051A9A607D75D093FD1DD7F7038F4EBB172F9549747FBEDB2EDCF24BD007610C111E032C1852E4A92A8EA33057606200B17C785B8BB0B2A08DBE93185F3B931371B256CEF871167BD21876B1D62FEF325BE2D0A716A6ACC3D3CCF516DCB267093035DA9359E8A698C3946D88200E9033AFA1E87A30A7A626056F944010A5CFD972399AB7C52FC0E87D255A589EE0D3E14C4BABCD5CA50A561E71428C98B72D413B117F827F0FB557559FB16FF4EBC73C539C43040ACD34FD676C1868F59F84AA1398A61E99C090A8E1A7C5A19CC23CD21BE2B9CA6E23F6A7E05E3E69AD6516A085D2C58FFA0883EEC30C04B648414C3D4DF1C87AE2C5F06CCEE989ABE455ADCABB6C84FD17D8A9D1158E91C4A2598A153595B4C2F0921ED24A49F758CCF7FC170B3959B2F26791572ED54AA80368D5800025F6138B595C7D8B6B8AB5F340399AAE0C821C4B0A3D677B530227B33525D9A48AEE067368A81305FFCB2E8615035CD56203EBBED33B5B1F5B575F920A627A770F0644610094EDA55FDB7C7BB7A723DFD4662780ADA0BA214D91AAA9C832FC29DB0B59EC14F4681FF05B6E5D087E91F891416CF8150604DF06BC7901B6ED33A5967E91799BAF9E903EB7967D393772F7C170D4ACFA36AA333BBE00AA2A40FB3A8D1EBE9D88926207677BC27BFEA91ACF49E009725D1CC9CA4566FDFEB762F4DADA0ED3323A5D48FE9D19B0B60809DE4182EBAAD5113019C9FB4F9216DAF2574EDE87B41E14590AF2B6E71950881DF07B5303C13EDD4D516FB059C7B7F1DC5CE6BEF6D2ABB65BC6B2D5A0BD555914BCF21FAB87D417F66C87C0F007DFC6DD6FDF22DB646F887037227A20AA1CDACE683FB7F9E4D4959FD9D361C073D22DBD89C4BA32CA1B9BA803BB8EAAE6495269030C24C08C8844427CA72F321303F112EAD94E3823D354730EF3CB2F561728227BDC2321FAAD7ED43B54603F94CDC42A06CFED0F44CF34F357CE3019973988AE101746513DC8054EE0464A8FA8654A724277C511D0EC41EA009F837116E9B51C9491E0D6E7D4796BBB84E854C6097156F8A77CC8913F3D05E8A478667071AC757557FA30958314499E377262C79EE8EF891201A7E13710F4F6B252EF970B9B71A050681CFB0B2147D6108F7415A55FF1E70CEEF738272B8EAFAE18907E6D64F6729F5EDA8FE2E779554B41846521DC530C3CFD36A60EC145D0FDB6AA61800A534D9853A6B364F48F54558DE0132A39B4E5BC1ABC5BF376A5BC02439498B4C21FA9C64A72A9A55E51078724BD235E3D75D8AA12D4186C2D8E65CFF70E93211D996556B67A0231CF46E80B1F258C8FADD5662BB8D23B84C8C5EEB2612B0BC2A7B432B321AF2253AB16EBA0D24CCBEBC6D9DD83DF22DEB57EDDE1677CA943FAEC92E560E58FA0009F7DC4673722DF8FD38299FBB34FB61239611DC97A6D24B1ECB4CD6DF5EC4658304D34EEC218A55876A338BFF8BB2470B7F8275DE34863B27D5DA1AFAC7A24039DC53ECB99079E0D7DA4E3A5632D97AB065D11EF17BED267CC88EAC42A9A7C119D1211724D0E3A68A54A6220CE471EC3CF49FA21B4541FBD0CB8257B6396E4F2CFC8BD0756D4C0703F5B5CD656268E98C043CE4ECF34A377B8846817DEB391CACC4050E797873A1F88E974106471944D8A2A25E80FD54024C95A2B5E496FFA076F7930EA29AED839AA58954E5228F2EF55420C048E3AD1EA894EBBD4851AAF0A8C99CACA3057C486A0E0C2F1763B4F3440C87BAA44705F563EFA435FC68D165D0544902A3FB3B84FA8D74001F4C314F106D4AF37BFC54191598D2A28869F46D76B68D72D5FF91AC1F0E31F556F2030C816EBADFC9F72A55B9CB5F9D4C881DDF35448140025651B9D0EAD4C59845119C8D3FDBFEB219142C3C6820032BFA7644DF7E7D2783E27E8786053B02EC68EB4CE6DF29BF9FA8B1BA2E8A6015419D0A3D491E884C4059184B9C6E7BC35908EA60BAF531EFEC1D2379389291BC5E17A31F1ADBB5AC09EB3EB845F3044D31706543F063644F6D5E7D6DC686750134C9811B4BC230EB1EF7E8B214D82E444B0D3EC367D5D5D0912B5D6EF40F3D36302D726D9A988C208567067B5C5D9521EAD36A23C8E9C956443141FF78569A8E0D9EA2BD815A3A9746CF4F1CE603E0894529948D873A67C8F244DC10D9B706E127D508C0A814E9132E1AAD7DEC1BFFFCBB98EC65F1BDD6A8A03DD08256EE50869EA3509C2797184BACAD88798492F8958327D5F1071A90F0698EEA7676B4A86DA0ECDF4F3EB5553599514CA78773CBDFC9F091124E62181C637793A98E02847143ADC41CB3987334566846E4D201CE926D23AD382CA2E5E153342E7AE8CDE9FDD76148251F09C7290ABCCA43037BEE98947BD673B1FE28C0951298BDC45317AF1896D0E4B91BDC2AC886D18DB6008D8565FDE10D5D87322A5777C66A910FA2710F83BF61B396E9F82C2D68FF4B524616261D444F7AE05B57B4A86E23C6B759504812C305906ADFB5C900360E79EF73F0BF0233F5181608ADD756B40EA15DBA12B4AF06B1952F3ACE3908F6AE4625202DB122B5087E7808963426B23CE9B85260C924A677812EFD1A55E08CE2ED673BA2D6DAC7222A336CA6F0A05996DA63269EC3F5BA62E24593472AD7818C1800DB5A727D0C8A492EEEB22AB981CB688853751DA34F34A6723591909E2197D1A4D065737AE476831C19F92953CB7F889EBAC46A31D247A9108B3450A8F3B4437D0208B0D21558AF4E31DA942CEA458DD88A605DBCF1136A2E47897CE17030984952ABC600B8F30292DA4274593CC71497E9BCEB9CF84986E4C2047BE8821F406F1E000E18F050E3DD8E7F3FBC923D0830D1A84DB2B08F8E0623E3480A20A48E20A2F0F37E144CA58283A97A20E12DBE95327D69CAE4234381457CBA8FA237F88C466E8DAA72BF89E9517C28BBF4744D3214EE8B3263DD64C06C78AD9D0CC42517048DAF4AAD330BE626F23338FB6819329D11C10D928C11FDB96BC2A00C269D7839DEF20580F82F7D9B48CE896C45F568A6B38F123BE6B0690722DE463690EAF8C8336F829D4D48E001A7DB63470A39430E6929BEA765B3E8127C4213658C6938CE5D566546528D60C8B938196BE5B3378755580816C8120803A46084BA1980D9F129D47462874022454DA5E040456B2F406218E315149D1B79F7115C81B7F98E1A1A3F61C96138152C0A1B3E124E630902E6033742F7C74946B5D2B4D08DFDFD29FF7479C313FE889B1CCDA14904E0CADD9963F21E564EC09202A1B263440E9CD8EF3C25F2F5D58D278DF530F3940B79D7AAD270497DB9EAB1536C2F59549CFED6E5F4A9AC9907E586357C7CA305170B622CC3A571E45E1891690EF11C1BE641A2E4169C2D037EF6130C7C70104D4BF844CDBBB6C805A9B210B853417F6E2E4C85CF4D6053DDCC94122D5F2CEBAB51E0232E0DE9B19FC5CE0B78D569884F4F2E33BC4B1BF6A370B7F2E317670A136FADB81873EA13178798FA48E9E1123DC5B31D88301054F0D964C3939C0CF1201DBE5B43C1CA9E95698AD80AF3EE0633F973665468039EB73C63FAC0E70DAFD81F17492B022E98C61950A5D50846FB707CB7CDC7C51BA2EB7B2648C22BDF81C17A8EBEAA351C396E2BAA27D014F16388F215C5DD5CF53D077A4BECD1F57D0BCE1CC415C52052934179366443F80EC1D2266A80EF5A4CC09BA0E2301219CB9DCD88F30639B0A5363CEC3847CDC0207FE65B260EC1A4B5D40E3870EBFC1C02F2F4591A4D666E2754A523D9F1A5E79B69FE553B8405E338E4587EE2D03336EC2675A95AE9A35D9FA2D91FF934D30D3FFE4C7635C2DDD2FBF852859AA91EF913263070E238AF16D140A470A8A4A2A38720BD667EEB08E3436EFC4B74A9CC9725A7F0ED64B55B084E8EA7EBD1ABCB8A21E03CEB0F9CE5E3445F226B5797613C030F4ED5C445DFDF886AA6D7230962548B53CB551F3E6CB2FFF4799AE47E2293AD0FB30AD70417BB9F12CE5E7CBF9835B593F8659D98840D5F93FD67E0C48268F770E13726687DDDF8FD41D5B729B1B800892BC46D46154449A230139E80B59BC827B7638E1DDB20C366583892B8FC40E5B038772E4055BB625996969CFBCD95374F5966B5CCCDE8EC98CA3170A43417A941FD1CD00348E12465568A3DBD075A08D282D84401553B658FC64E233C5D3E5BC383606C737A3581CD38CC7BC362A7E79D46CBAAC8A76C2093879E2EAD94A9E9CA4703ED884E56FCA8B4EFF34BA4A002C31C2A15258879610551BCDDC393C0E1E4CDB543BF3273C4AA541D107D3EAE2DC643993779E15D214B7FC318970FCC976C344ED4D147BC226D1F193A7026E949778E67B395B111F943D44CA98E5A4EED33272B13986D48902692325FF749F546A9E6674FD6B8F67901725B8A0543C81AAB10228ACF3AB5F7EB2CA870DB85A69E4E63153DA7F5F8D8CBCB254E2CF003E04362F4E94C6EAB08F53200158B8F3CC8E8333E2EC6D5A4DBB607D6B180D45CBF05A7A9A60FE9ABD902A2EF248B9CA9C516D5871C88AF24C5376A4B3DA19B96E454DC969BD4DFA81170C627A2F6A0F0D3D9C65BB03DC24C470944CE27E108F3402062614F878088945A201EAAE842C20AC99D743E650DAAC82970709EC2D1A6CD5A49A36C434496ED6F5E1558C0580B61312F63C195C4FE5CBF43BD8C3B189FD5F0766041E8DCF336C550EB66C4C0F2B9AA420F260D1458448D4AA5CCBE22340058D60BB0C7B21231ECB2AEB51CFAADD4D10B683248F8ED6D2B61D4D5C66EDA259B30101F71F1C19A60C987019F236C35259E7C39DE6709806D24BCACA2897CEC81BAF76205A488E6920A3792A0B906BA71B9B5095C85F6FC368ED0214F026A6342359CF05C768EF34F1CA5E1F30E76D57ABEF961EA7097B82F8B81B9219D9D5EAA4143F23FB4812CC8E8AA5C089F35E697F1FAE5F45B725560892EA7A99F9C8AFAB2ED9033262780AA97DFD88B0E810EF4ED113494B8B4556C46C287BED57E7F60E0FE2A93938C25F910ECCAAE27293243956F9D8E14F08FC0D6CF1E1F43E5FE5FEA8A1156C94DC94EAC01D61A47966CB7819AC17E8A6C9CB361F4B13DD43A61156D378EC627B0E7414A29BA7CB0300FF1EFA20CDC4A2D2CE25C628B5A6109F4542C23B6E2D3E27C808AD2B706399C23E392D350BF6D7C02F0926D9E40B2CDFB98971AA06DBE751854D8DA832824A68CDD67ADF855541F9B1004B48E921E69FFA23271AB2AC3F2F170035553B8A8A00C8C248E2D8A763A4C95A709A38C56622FB8F4E3694D5B923A2CD8E538F113E8A08DCF19655C3E5818586C334D4E09BC4703573D24DC77804B24EABCF3841F372CECC9954A56ECFCEE60431CB015C84FC6B61C11E15B5899A81D07EA453DE77551070EA5B484FD937CF5C3BA7E8380D38B474379AD0211E35281A4FF6A2291188853439D472E476B2E93FA44F707FB7BE136CA62AB3E9F02D2B864EE25B357621AC7C08AFFBE1B7D6C184428E7A59C0D5365E21DEA5328B183D540DA779A38CDF2B55B710A3B8181A853D04482829AA656C77B94DDEE372B77CAC11D8781F3C554D54C3A74583E630C3FF32063672E903DD4382A85E577043B0ED269D9A5523E1DD32974640BE7AE82E94A13906B19DC3521F1950E1A5FF054C593D413446B3646E738636878C5D2FC64BD602F7D731F7CFCBC297A979A4B2922972EFC28BFF3EA51CA87B504AB011FDECF3344216DC8C99921BBED2E697203B4E994E4F88CCD491329A4E15BA8D757E6804C0F13C0D37D9064B1648C435229CBA60E53A764D9CD4047FED34209F16005BA94D07E0C12E1C27C38406181C347096472AB7145FE3B24069CE1BAF274408FA690391B73CFA1CA56ECD497D5770E01BBB2B8BD424873CFDD8B3D1A28AEDD7DC4172A5489194529A880F1115AFEFF020224FFC7F1B199D7408D888F765CA6F75F4F000508A9707BEEC60E144572D8E13FEE95956968628003148332ECF06136A9504E4DFDAC8BB6BD4A1267809478E43D693A6E8ED6C104A05908A37C75087BDB5954CC6D0FABAA841B86F5DB6473134015F75D28CEC95E0CB87B0A687D37A704B9B7EA7BB9DEB76BA63DEEB2F0ACD7C1140AD02A7FF1422B3FB8CED19962738FFE453F561E908519451F884A015003E65D98D81A61CD8FD7DA2AD14BB4EB2E7FA80E28BFF59DCD12D9065B9549641FE599F41E582E1821C2CCAC0C4DBA6159E0BE7F0BB2847F2299EE23010B7114925C4AC8C2BBA87EDF43694A1824B08745686EA845C02A7BCE2D98F973D49500E79F563B8F0DC054C5F1D30E4826093BB5944D7095E662CF008628278D85C869A69B634AEA2735D4AD59CE0DAB044D6D2F94004A2B9C1591F2FB1F7F88ACD7F5AB252B7E72922287E4473014D26CC43AA3D631B6A0E98444AA8E31186F8A7922C3A6F911A3AD2F03F4372F143F89AF8B758DF20FF26255C31E5E8C3DA86816318AEE2DAAD6655A36CC36A375EDBDFDA241BE8DE13080163D59E6221A90299AF4D070D6658D8EEAA88553DDC03778EF9872DCAF19114F8D6D8B0C13ACB647C49FB0102D79A388148C52BAE905C9D787015463125B336193B495F16C8E35F2146F496EBF780C859EDFD95773B6A19E9E5E582220D2DADD167379F632D8AAD683CC9B1EAA77F141DA66B6F002339C6DAF929F67A57B14191A2829CC55EC5A940716F09FC5A9B08C23881D956A36E2BADFC84E5427A866E2E76B476B2A0DE1B9CD3FB6AE156C74A7689B08D25DCA0AEC4191E33CC091B181F8C67BFE2A5DD82EDFC226D49A1AC7BE8936C27DE05D243209276003A63875B43E20BDBF79D8CA81F7AC56AE94EF46CB3FC9BE5473DC0C9715BF8DAC744D093350B4C75560CB1C099681F0E440FD682A387E7AA70B3F335546F026C5351440A5D61E3C83BF96F07A46DE986A21F7E5A2EB0A28AAC2087C3896E933B708B4A44234EA8AE48946C6A10213521A553A020D7C9991CC31526A4E94D210F97E4216BD88504779F3EA21D52C2A205FA47CCD2405D26F411A9312D561D4CBCA0763311A0EBA45FA48CCE15C80419FE5CA04BF416395D25265280E0382BFDCC868C719874DDC795329E07CBF5C8FE83A3CCC4DDA4B31B15702AEBF561F53634315EC8B1A5423470DAB46963403E10EEC58E9E1C5C4DCB3935B518D4623E6C8C68A4FB13B492B155E06EE3D16BCE6C3E79AC891742AF3B8D01767542EB6B7BC8EC71579136ADE2BC39FD07AFA207C3D3012229267DCDF6CC3E9DB25AD378F836763BC517DDA13CD264C90983D73E2C9E2703740DB4C38773B49625967933F41FF0220F40C976385367675005FE20AECB7FBC1EF5C71255BEFE4A39CE59ADA83F148C5E4383BC65F0440A1F5826537EE40CD55862E7239ABFAA1D458F64F7423668EFE8E1E979B34EE18A71F82BD1975E09EE1613D9F45870B98B9855D28F3C00DA8B9740F50E0C51E506DF1C7C804FBD2A1DD912DEE604B2080069AFC5095D23D726D94552EB7986C14C86ADB5A1306C6B074F5D3605A6C2189C4D22E1C8795FDB77803C60E3CC04B82A021BB89BE2E3C45AC5B914966D4A3DDCBC32A760ED7BA6291B6C728F13AC684A6B6F0ECBEFC06B54249FDB3633A786E0822B1A2E43C3F59011263DA540FE2B4B5D31F5FE2A0954E45E106E1255EEFF02A717BB9061BDB528CBBB7854956824311A755B68EC1C179213C418AE21B7DCFFA9F9DFD8CAE58FA1D0B88670E5A25934E7F07916844AC026CD5E1F768978FC0F3AF91922014D75E50F4253A2C2E3420DB1856C206CA20651703D4AE01AE22B8C3DAC60B8961586986F17A93258ED44C83DA6276E04A9D0E03B04E93939FBBDBCAD6833960F02337AB1211E72BC180EED3DC605052CF86F31F1960DD8DD46E848584E909800DCF13146B6A71A79AA92F2BF8D254132423794FC2416A412B001C47A9875FA4B866868A9A88487FE410F81BE5236B13BCFE9302BA9443F3C4523CD3ACE7DE93CBEF6D9E4E6090214494027F065AA834CF24F6CBA9293A02934E52F20C1C2BC9609B559846B643BF49CAE7FB8332BB91B719E1F1838D7F63F5C3A7D5107431E3B854E03EBA795DE9C717B0C9D692B566138CB338C3E5C6F5931DC33214B74F3A116BED19B91E27572A5EB875F14EE81A8B5F2CA2C98739C93C04611335D221EE922C62F02E304BBE507E82E329B4359807F595D11BB5CF761619FF685034004A5ABC89BA4DE82FFAAD693221002F399A5F1D11302B68291F85079D10AA2D1C4536C70C7739CD16293EAD510CE3A04D91AB80D5BD2D02A93C6CF5BEF703A2273E628EA272987167F8A3E2F8E53C3FBC907C2A5AB051653051266470D74F14B632AFBEE256AB24CFC2C7F6E035A0580EC3D1DC11DB98C7FE605183884CF3D7F24C4B3A3D05A697F95601C367EDE314FD3D7CDCD618DB63BB7599E4577D6ED62E891CFD85C9B0E43F0CA588CF282A5E5070AF8E9CBEA9F1AA1FEC53CF411C3EC301967130267B769177AF5508DAFB62F5AD7D8AC9445C62E59612A54F77B1606BD9EEA24998726ACA7EBBCE63F73C143A56435B3EEFD63310A6DF908979DE38D04D7CC75B5FAD9548071D7D1647EC6AAD9663DB156622FBA093B1C470C535BA155FF88EB90BB7CAC9BF4CD367F8CF68CBC5129A577C31BAEFDA834CABB52E0D02FF1A44FF9E85BC88F4BE69DD5C1EB9D4A547395DCDF8DD82C1F98252266BA21395B4272A50420000A40A50CCB22546CB50617F2D7FCE96DA0DAA8FD668D3DF70F3639B45D25910B8970A6F26ADB6001DBEC9D78E94D020307793CAC8A4E69865CD8B7565765C4C4686B0941F7945095A4ECF808A46930AC66F0B569908E97E9557400D265AD10D2A4CDD023D421922BAF3DFD93D7120E4F2C4D20900BB32AE8242295B3EC9D61252BDCE14AC6EF5B2F73895DC27E5CDBD878F24369A533B33DD67ED239C61C333C9FD879D267446F1DEE3837B66C410E3AB8B8BC4C782CBD8449C7B2CC89E81C0CD0DBBC2DD6FE3AE7F2537DC3BE3E7EBCE49EB63A76FEE5ED0209650BF6E06344FE0A46693855AF3D87FC61DFA621D5CDCF0A39C80F2715392DF2C12685F37390982BAF96FF6475CB436DBC6DBCE4716781BE983393D197902C1C757B831BA1564149711D3D8231E908C8458AEFE45C3147A71F87E046193C6BF35FCCAABF592E48724C7E0582077FF94EF1DAE47D911BDBCC43876978BA38C7D6372B23DF650AD5F27C95BDBBA2352D492B5873C3835ECD142C5D3007A4D16FA35DEFD4C21F929A8B02ACB71CFCFB9540B489F9F0C2609CC2E26C5E85847D06E82B7E53B37C698659482300A18B9C42E962E9CDA8968ACAB266CF1340298693C87CC18AF9A52832449EAB89E84FE63BCBD45AC3F9BDAE65E62EE8F97F1165E40D874E9EF75763972A9413C81D18A1E551AE0208053B6276841F8470C23BF48F493BE5A0AA94AC10CB69F0E60267BDAE69EEE405312F8056A54C47A80CD01DC81EEABEBD8336FFEDBE19E8D66C566658D0F8EBE7999BFDD8FBC9BCCC59480F98B5701C8CA3156A94794ABFCF3132445832DC9A582AFC83BA2E41B6D64C8A1560880B7DA9976FB61F1C33ED52506570AC3BC65E345629A00A611A442928BD908A93CDDACC7D8D997ADC9AD9EDC836A803FB392593D03A79440D4F2F812B4C76CBD8F01D3B7119E42B98C64865EB2AA1626EF1B4C1877F6E484BC4D776C6C47712E88E9AF422D676103A71EB6CB31F360FC0EE898A6C28950A448D77CC07D513CB6A58D6364CB1480892DEEA7585CC9774A42F6AE49468A65A7215D4112C5B38AE6516798CA6A1281042F435AA4D6872A2AD8FD600638F0297B9C732E3D08AF5EAA9E24334E56C57C931B3D5AD37C5E5A5255B3038311A89C600944C0946008FA7F433EFDF3C60B8CB0083DCE9A46247E7B8C790E9ECCD03CAA10379C13D171B2C912927324A818D3EB762ED56B1B1C6EF068453A75B2C3757AED2D04333A11E21F12060EA5FE58B4649970A194E223CEC7B9D2BE63D57742317E93AA66F422E0AD7689878224E921CC95B53511069CA6C5492779864E3657CAE50AA46CD8BAE0B29D8DDEA69F05D41EEF627749BA606F1A614166D143923E0A43A1822D726613B24F4B7C691205F6C6F569EDC542228BB244A6A133D6A97BA66018F9AC0D79884B2623442536F17D9A3EDCBD00975A5890A34FE87C37B718A67A085A2B3579822D6673A3041BB61EE24072B5B67961B01DE05F348A63E15BFCB48D3EE991BE1699E11A06E02255F522BDBB1F74A5E90BC7F46FAA51EC84D1473BD47A9DDF9B0C226DB8602EF74D9D6A54E2685D6631EF6AC744F51BE6609B30BAA0DFADABAC90F6322C4D6D0CCE589F09A659FD2B4FCD7F70874FC1E32C7602D4A70EE1F1A0424445A3A2015185C80838391C80637B369F43896BB990A00D55D0C44CE10A5BF10C853E7702B9B03AEC1CFEB983ECEB22C22F199776CC7EC01DE1782D27359DE58A4B177B138D59934A2308E937F4A6EDDE167113E87001C6D485974DC7ACD95BD3A0C79436EF4A9305EAF894889CE7AA3FB758C2C98800EE51C37F4204C11716384A997FDD4F9CFDF71723B37B8D4F4B15E457126BB98ED49099F0881E0386F4CCBFB86F246AEA4A2790D1B62B6430E35271025CE8C710A1413D293959B8264F6C41FEA8EB007FFAF1FE0B57A0672F9ADB6734C2F8FBE051DE3B3E80670F8169DCFB30CB6EA4A7A9A7E56ECAFD79B4A8C7E35796F94E89A1795D9B7E19FC40253E27967338BC4883E7205E2D70765C38D8256BB2504BAB38274CD9645F3F9C65CDA32A50D09C1B7F98F0467D9FFE3A7385B6473EC2012F265D06BCD1522BC9B82019163632C63049D60C8F79DAD64BD92EA183B3FEDC67B450B88FFB825E0F3C36443394D6FD02D61D42881823D8E224FB0D93F68D39FE0C8AF40C08C7E5A438B9B686F3280B67CF7998532F53DFC01299C7732A69DE3076F28D14769A324620C5535EED84289AA55B06FFBF2BB4D73FA75AC8EB66609C5486559FCB920A2F4217F7FC25184A27D75B197F6C2A479D6900D1D56CFADAB446F002615736C9D541981928E08B4C4A75B6D9E0ADFA6795E374D71640EB096BD017BC16B9A6E71EFECABECC9E85040D9803C88A5F11F2DAFD49B506CDA6AE0EA5BBA9A627C0E89FA6B0D35FA493E4C853D728B1AB214EFE14E39A999E4872857F039C67024E106454328641577DBC7B74F441B01A613576BF0A21950B079937BC9427464CF4428CA5EC21AA34F55A0F42005845D62355FEA077B9E6111DD2402C715A972F8FA43C317713C71255D834588DBDB63B8F8C1DC5D672B346135E138D835B36334A38B0B1514FDD87EBB6D8FB8DC41D13DA74BE01A1823E417D3F932083FAD5F2FAA0B099DD03A002B5BDA0F1997B65B62E2097B948B406968CF7759AA75936CAA33B3279A1A92882A9C9A7109090E0FACF49790B1AD1BD606D551A806B1EF434D491AE50FCE2FD7B17BD605236E4E20616F7B7E27CA1C0592F25F3AA967EA41A73D72F4FE4F241610D4F7806E603A1A188EED49D4C7EB6F34CEC63F7E8B82F33B16D7CCE26CAC7151F4A7674667406941291FB0B6315CFEDCA1039B1B28C0E3F29FD3AD285B044C3C24D317A4D83D47985A2EB0F661AF5589F647D92554407AB5664187871F4D22869948A11E31E59ABCD8A14E314CC46D88FD8E2F4679C473B02C3FA0B5704BD2ABB65BD4917C3E6ED2CDB400CC4C82F9A7B9BC71C02E0AC7A029C159E894A88426E60599BE62F97223D12E318037A16DF3C2AB4F90A76F6594297CD5580DFC287D080AC03B445A9278F51C61E8D693123262014A2802201D92241C1269ABB4AD0ECC02FFBAE5AF52D2BA5AB08DF8CEF1D5116C809497279E7D4D9754AA5BD616BF0B5EFFD40195FD0BD17A180BCFE0585F8ADB1741F52DC34D403993C71519314F103FC207AED3F205DC546CD7996E2A2CD2712E26008A74B292A75A1011BA15E8D567BFC19A97C4359F5209A93600B81CA32A0CB1333BB535B699C0CE95496EA897292410D8C89B2FB9157002F82CCE582D62ADC159C08C85357FCAA0F9A10D137F09C5CB1F427725732BF1AE5D12C95045DC4B8F04BADF4A3BD6DA9D99E30D0C79C3FC49763883F77397D1908A74D84FC9BE14BE0AE638B4CB261FAC04EE77AA2BAA5745BCB4282ACBFEB4945EC820CF507B834C70DB6ADAD6A3E5D0796B375B6A29B42D7564EF51E43943C708FA28C4F565D5867FD7E6260D44FCDBB491B4F1394120002271EAD1C1DEC08CE3E942EB8D681D837EF9387E960B33762B59459CC1812E8A847F7EAD81E0220F4F0A4896DAE94C2C6967EC578AA4D56D0D7CF72C53D17D57DD00079D10CF2E98282C2060B483735BFEF6197619182D592E3D9D7540929DEA260D6BEE7F38A21C267AD0B7194A1FD37082117529F2DBC64A39E170343ED8B8717796D802A57B57975A1232ECD48C79D2713EC1EF8F6FC731118B78F081B680CCB79A0A4232DE73D1EACA3455AF0331921195A8E70DA28D8BD04C178198D55D6DF1C5A8C1B641C26FCE25270A6D07D2C1B52A824A2C089988C35191A98A6085EF3A000D22452AD2C55DB0B87CF00C6BF2AB7E66E341C03BAEA55899AC814DC988391250A4D666A9F98F4A1CB16C80B23C4A97309AD0D42EA85A2776D3F097587648CE0564826CE4127DD1E7314EA9A9CF4910E17EBDCC40B4CEC74647B7271C3B735DC5AE8E958CC30617F01C3BD61B5515C91C75B98EFD8DF09D8BA8DBD513C5CCDBF7C5152C340500B09EDFBA42EBCA260DA419FE8856B4B1F904782815261B3924A5F9347673C02CA252B666D6498518A79682B321A8BCF2514CFE07E387DE3CCA6F92AFD4C31D2E83381A1FA741F5760845202EDFBB55582D3CFF2FF2B04A7D469825F1976CD2A8C388FF958F88B4E52C5916B30E6FE03BB9FF6D721ABAC2E7EC46CF6DAC3362929F00321FBB0BA622E1E87A279D5B01D43326D4AD95574CCB2B77E5C8F5E7E9670F4F1EAC11DC3716E070A8BA20E1FFB4FDBB0B75FDACEEC6E4C426C31CDCFA95DF4A1E4E6FCA2D6D674E641CD707281B9D5EDB5DEF9AC42A212A1DCC342DE5C1057E49763A791EE7635F8194533BB2541A690688CAC2293FF19F26B12E2CAAD572B616DCD9058918866155347FC3B7DCFC5A9FD84A9E020126E57CB6DBB5C3788D8B20C9D00EA68DCB344988BC7D92AC98E3E6A278CB536F0AD1A0D0DD8A60D2EE9775347EA0654566734F3687FC669D270A4FD2574770740E1E85D8453E4C7A8A97BEB84F229A630632B1CC90857FE2666E08FB105AAEC690B22B9035766D5A2ECDD63326AF9B48A3247D7F4007947B9BEC525611223B0957532B818B5A686A027FC0C5DB24A849EB573CCC55C204A2EA6927CB1E811F17E4E23D11399C3F88874B79B455D9470FB47833B10258B6739C120533FCC0A64E97B87DFFAABC3982A62DAD557F01F926B2D01A44DA5845BAB6C784D1E226539663F9AB7C59FAC757CF8C930D0BA7CC74CD98B7A60C755BF63B2362F854BD0D4327C6829E53421122BE8E46C54687958B142857039E565DABBC660F289F40E3036E5FCB332644C9BFE40F88DD932FAAF338188D4B7DE60C3D9C2153BD024ECC1BF3E7B653A3704A14B7EA6437B03FF83DBFB25413528AE9D4E8BACE91B93323BF6006A982D34981AD395D3E52BD33337D02A8370C088C2616B9CFA71CEA8B1AC23D3053F85C4B4B195B7F1F7B2BC11D0CD5FB5FA4FA64D95D14F0FBC26873F31703E15A74EA25CDACE3D8AD595A2EEFF6385406A2CD9F182C24B05D842DA26AD7CB762C76E5B255803BC6A281243700ED74093B6974B88EF179FE09D70483CDE0282E26EE377D526B088CAE8B72AF4D82DC178D71FD05BA2DDF7A912602EDB6153F45E3250571D1CA84D49E543B3717DE7E876D19C543F0A0EB8AF9774A6E2E7A17C679DCF2345D4775F292B150FD5789DEAD85DD1536E5FBD9D3445FD5A78FD7A9761A8D588A8CC97720523513DED7D6E95CDF640C7F7D0667B3A09134571A2E741DF8A007EA56765AE6EC046BEE94439E675BB49B6E32EA14F56AA3FAB2AA45FEAF65938EFA7D83934B5487896152F7C0409BA2572C18C7EE4EF61A5484963586E10F709A1396AA2565DCD9C0B4736B56D205851D2452CEC5E324FA4CB6B8698EAC2C9CE9074A17558F23FB7BC14868B8E73B424C8CABFADCD4C5A3EBB6903CEB7543FFCC5585B85BFFA94DD2AA324C505D7F08EDBCC0024DA4E5C1671B6CE012E605AA6B1BFD58D92E8353F05DA5893E3D3822D76338A4D8013297C5F643D648A53F62E8920674B58675C64D0C662FA08FBBC1E9FBC088FCA457E14608CB0D0272A4C77735BA3A7A26D1DB6DD2D0845178F4FE627EBA84ABD7679B2F86E3D9AF2171927FC74104A9F198733FDECEE23D2D51431641F657A85D63244E96D2636096315F291C019197E73C9E11B5C5A015C12A43D176F6D33E34D9C423C1050545E4CB89DAB3E6A58A8E2FF3415B4831A91E72718E5D09832C4970D3C3D600CAE926FF8A24ED9D14A5E5A623C7A777639C145D306F20A9A5B4DB24C99F824F40B5BF387A0E1B6B49468A62755CC437E787DF96748EA3FA5E537922307E7C0694699D227350BA020A5DECF680599AD95F00C0D73F50B13E8385C04BA03C0F52BEED8F4C1C1D9132A3B9608AA1039169A8FA850DDB4CF01966CF881C64EBFD758CFB245B486FE5689C20FDA833F67DDDAD4CFE4638BFC7F6D967F039786A330D8393EAC7A52150DD7D5D30F79A09CFA383A5B7E96E3B2EB6BBD66CB3D6D844B0BEE333E06D027E4379259465A38516686255550A6074B1814100A60F84BBC3CE560AAD08B21821CE740D90EF12452BD53516DC90E60A4480CA758401660FE1A6EE8A88B433C14698CCC86C4A270338DDEA2DE2A5ABBE1C5CDA9F2C222590AC705A0C86F927D830EE91FD1A3B9ADF35C4EA05915FAB0F988D17C522971B7FD2431088020CABA03543C1E76255045A198EF900099FF2A982D626A4DD09F0E3B573E0660E2B09A8C0E7000DDCFAD466E890A4746D92AC1877A53215E35B9D3EE718B92A14706FBBC87B18A42D91CD4017AF5C6D2F549A052A09B57CBF186D1E9C004624D4A3A7A8A03A89C47353EACFB90647B2C6B29F73C506835E320DB751A1EAD0538B74DFD39B383FD7042B51CD82CF10DCE0C984AE75C12DE1A5BD614045DC91989095D32250EB1137827EC5E0FF91D5AE8807389D238AC331185DDC332C90CC9EE4394FD9EB81CDF04DE8D22F6856C5BEE1B4E5739FFB19CC8A948D24D764947FCBC99218B4DA2C439DC410BE7262C062486D55AEF977C09A36D9262E2BAA088383422BAAA20F4D8F86C3A4D8422851B6343AA15C4A1DD5EF0ACDE63937BE7D7F7444286BF00621CB279F49B47835925D71E07FCFED911E94D378A73548539CEAA7D8D84EEF4BE67EADF7C7B57452CDC106033D2B22DBB25D05856C4617E144F4E23094ED4D2BCB7A5DD1DEDD661432CD2AA369EC0B32169D52314A8646699B49DA27FC6C233C449884F540068127850D6E383DA6CA607A0806561363928FBB259AB5D98ECCF00B697E1810CB5422AC9B2F12AF205CB3721B5FE1680BE7C8E9B89A6EEE126E75866EB44B48B3DB48CA63818E6EB691002B2130B6C591F2605152E382251153A042708781773146D57C7B16D62D5FCC2252CCDCFF10EFFA1BCF2D4305C34E4F19F07595102B0A23929CC5470B9E16060DFB7D0F28956492A5DCC8825FAB6133D490BE3BCA7141F049A52548BB792E8A84B0C6A2F7B13196BB8C27DBCDAE620019EC8E480E6521393C98866B04863B8736039F42C23CA001E3B83178E1A65FAC153CC2F32EAD32440FF6A8A4AC29762903B32140B49BB59E591B6480BACEDEC7CDC77D89C82F60E23B5B127B72B9A271996E2C9FE310346D739045EDC020668D69D7EFA248FD6F786FDC4A5199685D68084A1B4ECB0719A8781EA366B630F0C18D023F57CB302D92F8153FB99ACA4EC2E16C943FCB944650EF9733C97F66F986945B8531B65CA531798CA139D8A31A1CC2657515B0FF4235F0EA527E0EFF2E83B9F160857956C894E60AD59345C95D2319CA82ED49306307B75800036D0CFE6689BF9672F9D065678861F7E174489B789FAC5D6942A792ABAC3D85359C36D35286A51DB42C022B305D182E65A9D11602B6D2E88AEC5A556EDF3979E1660F162409FA90C3FC1377370C9389CDCB305772A225671345D30055A528F27AAA77819A7819F64AD7185202827EBE0D92A1E30B05BC17F45E8422E2A0DFCD3BF1347841339842F908E30502CEDFFBDBF01E2A1CA4C8F8BFD8489FB6A60F1EA4A2BEA49A9F986A9BFE1792F97D0842B74AFAD6E97902FA043A087F2DF276C5D30DBB274A824208EEC77AF7B84B0D4D18DB495E976EE802AD61672EACD514F7CBD355FC7F11673D9198447BD142B6AC1A6225851BA2D7CD3565CBD3D8A7341915B40F713165D6B4B949140B91AF9F89E46FD45CE4ECCB2C259BAC0DE91ACC11442A8C146623A0A64ABA992816FBCE99C835554B6ECA8C53A04CF70E81067BA2854FD2332E9A3813F9A3F1E039D4CE9F349FC1BF9327492DA648740E5ADB7E470B513B9375D439FADDB93A6B928440A31FF6F1184C33E1342CD3B29AD04C22AA2D68F4F3613450B7CDB2A3590CF60C03401949AEA3AF2060047A25F37B6B4D81783A6E3BEB0E6F3EDF523667F25D6093FFC23C0B38C99DFEAA9A6EECA7A7322ACA8417F80F819CE53A3090811733E71EA07B5D3773553335EA7BDED1128D48087FCC05E5860546186B657233B4A370B26969D7E179C49BE552B0D17DB34537645DA06F6B1E40A897FA632D1623303671A20F38971357C139602A03BD170783F6F061FA433986AE9747F3D235B662D29D1DB7F077004E34133EEBA14B2C271F3C160AB1FEA528C85404EF08A33A23256BB47A0E55AFF01ADB49845AF72057F2B9FCC6C9927EC5EFC0B510D65D81A123D082B3AA20CBAAA1301C425CA97CD8EBB2FC9D0DFA17C8F0010343BE3E4B2764A269C598B8E541E02295707B6D30968C75B5EF76A1E27B6C5190B818AB5D543E3E8525D007AE95B948B53E81E96D349041DD97AC579ABC59FE1AC5302691FA88F8453D90BA87796491EDE09F70C67422AE3BA6A5914219321E3EE34DD59379E412009869E6A611D4E0CFC7A56D645AF62E130779438BB89CA54BD04ECF012C94B59A800987B449BA086C859C91F1FF5D4C2C5A558342B2B836DD427D45C07D8789EBAD66C2445F5931EFCDD4EEC651EE22081953C30F7DFFBE1B98A8295A545F829C256060A36849FD80D4BEA694A404B4252D86496521EA0EF4BA1415BE3C3A4FE687E67E715D15C7DA44CD7FA18A010F46E8F9221466CE53503D3A9840FB77D7765B84D5D4CA19223CCB22FE81BE7215C8DD0E49C84D787FA921456A6943C5892539062313FE024A0C2E24D15D75A8097D0D393C422099BED9259878E4EA02ECF174CA3B8F5C80D01E998487123C10EC2E04043A4D87154BEB2087C7194F74201BDC8FAE3D8F202EE83A21DF9E5B3B0908C9321F4431CF108444CF5A93175B4563B253F84897E3F720E8EE87E6B268DCABA7017BB07C5DD29133B5878B6CBEF6DDE103E3E34D8BF6DF151A3A24C077D8529BCD02681DC9E5701F93939B5AAC45FACE46A5855E4B4C3AF82C303999937C48CF3D88734EAF75E3EAF171768F6F48FE2CD5FA9BF40328E642D2510E331BE5C3AD6632875A9BD51D6904B95BD5C17B24C43971D45055C7AC0299017249A936BA40E3BD17B63B510F4B7A3B4F236BC073EEF4F61CE561D893AB5B0A720D70AC138D47CCD5426C827E1AB13B2C140FD6E6903EEAE7B30A06851759FDAA28810A258306160452486199EDD0F2B44F32361E8EDD4A458A93012DDB8B4C08A565DC49EC6BAFCC759237AE69DA0DA41251D9E7E8509E4A09A8917418C6B2705CF7C463CFE64A67F88749CCB80B8B1B20A33B5D9DC3F1E74BAE981AC670EE2D86D7B4C8E891F3D5C98B3F5455423412C641C0315F27A263DE975D8D6DE1F17D6FA51262D8E6B3F32AFD9EFB72958460B5D58F4BB5CBF5AE1CFF2D2835FA294760854FF53522E2D52981FC276793EE5EDA989EDC921CCDC50D4B63A908BF47587E4FAAE3A8A1BCE3A21E331D9230B6B1C4CEC7743AEBB83EE003690D2CCB27301D88518A43B266A2E2DA78742230B2258E5D1855A990827B3A8B900362791AE617A3DC0BA2D12766A70316229028E09F96EAD7C773158A549AD9E500751D812D3F759468E22B86FF85DFB0C7C79148CE152A813D0B2D3979A3DBE3765102204ECDA68D24FA6330D599481516603607FA04439B9A0498BCB359F1EE20D65A5A84816AD43750AD1838EF4597876291C98E82E1F46A6963C7726C89470E778BD0A65CAD07E2A167AF6067CD058152E9C14979152103A7235DCD0755BDD793F9B23AE031133756EE3448CD1F93985B40EBE72F7F54124838E3787182147B84C3B3BF8CA901253E04BF808E3F3AEB84C05AB5CCA8D0C755D7B0CB02BF9E06F3113FFC098557DA3F439D397251D48D2FADEBC40286A17C66E0A8533328DB4DFCE9BE32F115A293567E4EA004157045D6996C7B73F27ED2F25536C2A381996257FD23EE4D962B663940C2A57442F5A7CB41B4E6615B223E91B55A7F98B416B2A6003D3A27B496F5E1A446DA9F0DED6A5AA0D7C283F34DEF97065049150B136B2D0F7A4207C904D836EB1E35BCA84EF2780068ACEF1942C2B31BF1F89CF218044A30CED4AF8743EF034D7F526989B99390D79D7454961C4606F6AD659487A803F4CF5FDA4F0A039664F3EA84AC4D7E0E805759A79B959906655FFE28609963BD8BEF5C82A50922A9836ADB18C9416358C092D69292C40FB3BA288D4029FC6B200E59C7C2FC9423360B11F157E5286D0A796A74A088E257F00954CA0789E3507E572EF3DBA68E3CDC7AE328F2072BEABC0E901D5F5DB1A1F41D14732F471F089FEA9D022660949C80D350B37B7F2F551DC22F665DE00FDA868F131E30C110CCB4C746663513E9DA22E143796EE2E241CDC47E2BBC148A230157C0378193F75248FE64858899B3B357CDC21CE8A6C79D2438569CDBE5A44015038C0CB8C260EA75698C272C9D5B169A4D2FDA21AAAB502DE3C4609707BA7C1B2E118F3F5B8A17DEE019465C6EA6B098139BCA2E6873D9945791F7D5488EDC2FD08E09973A55415ECC21556C422F2E0057387363A3D762FE41B054D3C5ED107C4628C15A409C0ECF77AA5AB911A7D896C9D106DB44720A42E0F89447B9E8D277859C941A5E49F4A577C0B6B0049972DBEA98A1E57991F6C0D239BA052CF369D94CEA0D2AC4A0F178D0652F9E028E12423D8D14D7C8ACE33F7E9FA9C2F8B987F89B1BC22190146FBF99B124D028A5AC57D4B21A8F2A2C9BF1F67841BCF3F47051EBD205822DD7F13AEF2D9EEC54D465D89C987851630D0F7930B4451914393C31468126AE0C607ADF304433E581A71C5A19356231A9C7D9810D282F3DBE109F6789BB997BB73E97650844F62FA1954D9BA9C227A23A65F500AB459AEC13D0D25DAC9DC885A01912C70005F440B0EB1A2C0FAD96C7D597DA59AD0199F7978D8DC871BCD4B8143420F5F9900600FEEF0D8C908CD259AAF1D446841B2F76827CE888E1B8A2C2C2FA63AA0C63764E173FF170526FA3D7973931E6C1317F9E7175BEC6F2D6D9FB36730A604879CE7B2FF5350D1A689A57C5D366EA0C219A8E839838A0FCF45A2ED7FD08AEFD2BEC15C47391D9D18E42C18F03B068DE6FC160C176499D06ADBBAD50F1773D036CE5AAA26247B4ED0B68415D4CD101C8B97567290CE4068F4CAE9A778F996A3831FFEF44CA682100850BB5B6290AD8CAA7C10878352C707C0E7D0D0D90462DD46C6317755E4151FAF1755106983B75B6F0A3FCB923D56BE32573D59062008A48AD6A4A87D6242FB13DCC2A7354D470633D292F3EC598A24AF75362BF3A4096C7400A1E97E31FFD716D75BDE945F8FE5A2A40C8C557A5181E7C4CF155F0E1F168A0F25F3FBD0D24C743977C12F1B6D0B4CA5042017194AC81EDE63A324CFE149482AEB04CE5209F0BD768C7CE90508DFBF5EA9A66A5A6FE038746852359919DDC76795A68A4B522C86D5CFDBA46BBE140DCC5B377F70FFD7B776AD3A7885C43A9A7B5BCE599415FCAEB0CA7EBC1D51573F95822CB3135B602ADF40AEDE049501F6BA26EFC18D4A5E9814EA2C2C4CF301AF331672896A9B383F7E582F3A09BAE7BBCB9AB088A0D7FE43827C393E5EC27F08BC5E85C4705EDDA2862BEC9A4DD0ED9BC56D592F6062F75719ADB6A9CF1C8C2526D6B79E4F53932AEF6031D30498587788B0569F6C0FB226105FE5CA0B8B5239C3D11C795674DFE2C8B46FE16DFE5C389888775E56BD14DAE9985960D0817E5354FAE5F20147B30001A9E8D89E5BDEC5567561A27A08A84E2DEF8182060C003A8CF5DD667AC830497A9D4BD1D003019630FCA28C1E272C8C2EADB1DBECEF8E2CAB9B60BAFDFBD6D75562294E0E169506FACDFDC559581B86559720FB517AD8A010D64D03ADDD2CF9CFE8D2FD244A4378DE585F2DC009B2ED6DAC2FEC87D6097A25CC720E7DC989332C5A341503B7D03CC57A875A1A26DBA88D840F24EF8C86DBBEF37905CBA382A8A5C9980504D0CD6CEBCF00F7335705BFAFDE3C3F82EB3225E5EC63D6D69EFD015C9C51AF71B23215E4BBA667AD525852CA6C29AE3AB303AFDE0279C45668D02A2AA96625FA7B41B268E783F829A3A2464F22436917940E6EB3B1D313F794BAD2514B35954718CB2D92CD7865EBA847D388F046CC7D5D3E3B57D12714E9BFD4A09A18A8A626CDDBB21FB599EBE030CED022E16D6C65085EFC6911F7D154B8C9787D3C4107110809219414377EB07AF5441DFAF02EED0B6C7A6BAB1D9902D7A3211F22536AEC7A0A365BAC29BF69021B46EC80143CFC6B92DF4B09954DD20371C1E88087D73F0C885A68327486A812A1C9C36DA7E");
-        byte[] sk = Hex.decode("FFEB02F6010609070CF80CFCFD01F7FBFBFE02010004FFF002020900F2020602FC090000FEFC12F6F6F9F601F6F904F9030101FE04FF020203010B0706FEFFF7040A040900F8050805FDF3FE070D060C0A00FE0CFE0D0D02FBFE0B04EFF90002F7FDFF030307F303FFF8F5F4F60505F9150304FD0AFFFA1500FBF409F801FEF909F3F3010201FCF90B17FDFD0101FC00F002F000FB08050EFEFD06F504F5F906EDFEFEF3FB07FB01FC0106FB0304FBF6080005FDF605FA00FB07FAFFFA07F8FAFF050810EC0001FDF107F9F2EC03F408ED06FFF70009F80C06F60102F6FBF4FB010207FB0A0304F9F6F90C02F80007F30D0C04F5FA0702FDFDFBFE0607FFF0FFF803F30D07FBFB010300FEF9FEFB0A13F007030A06FCFE03FD00FEFCFFFF070B1004F8FAFFFC0D0605FE0306F803FCF30506FD0211FD060507F8FCEF0CFE00FBF80DF20A0F02F8080011FD01EEFDECFDFBFDF5F8F4011210FF0403F8F3EB0D050212F3F80609FFF903F5F309F8FEFF0AFCF6000EF80BF6FEFA0C01F4F3F2F508FA02F8FF0A060009F9F70EFD04FB060005F3FD02FE01FC0DF30AF706090CFC0006FDF80AFD03FFF80BFA0CF30B070B0B07FC1003FB1404F5EC0709030EF701F705FB00FAF2F500000A0406FF08F5F202F8150F070BFFFEFA0603F9040303FC0206F8FCFDF6030507FF03F4070409080C1106F107F20AFAF3FEFF070CFCFFF4F5F10710FDFC070EF7F803FE060103FFF4F6F50D0B0202EFF30CFAF5F80C05FEFE070802F8FCFCFD02F81B100404080213F8F90C04FFFA080AFCFBFAF903F600FB00F60503FB0106F2FEE80003FBF9FFFD14FE04F50C03F70103F2FE00F5FAF600FDEF03F70AF70604FAECFBF70EFF01FAFE080803F20F0D1704FC08ED00F304F904FA020403F207FE0DFDFA040B1006F7F9EF06FCF909F903F7FD06F602080501FDF9FAF40106FA07FB0CF50C07FF12F702080A0900FDFFF8040A0BF20D04FD0F00F8F8FBFC00FAF0F91705F901EAFCFE0304FBF7F6FF0E0802FF0FFC020B02FC0801FE03F2FEFCFBF7FFEFFBF503F8F707000612FD0605040404F7F3F9F6040B01000009F5F901050202FCFCFA03FD1501F6F104000DFBF7000DFF0EFFFE0000030804F1FDF313F403FCFEF7090E0708F702FE0C040BFE0812FBFE0EFB0311F7FBFF00FC01F8F20405F502F40008F8F70FF705FA06E8FD09F8FBF2FB0704FCF4F3F5F9FE0AFFFF05020D06F4020413F500F703E7FFE30401FB04F9EFF407F9FF04000EFDFF0707EF0509FB03F506F9FCFC0400FF0900F3050AF50CEAF7030905EEF50C06FDF8FBFDFBF40400F902FC0300F6FFFDF7FCF1F014FB03FB09FE15FCFD02FAFF07FA05FE01070E0402FDF31102FE010802F902F4F90AF60408F9FBFCFBF503140FFB0DF80B0DFAF9FBFC0102FC06FA03FDFC04F90DFEFB0301F3010C0FFE0FF90207F80703FEEDFF0A000407F1F8000807F7051306FA090800FE0EF4F6F6080AF503F112F106FCFCFEFD0BFE020CF40DFEFFFE0F01F6FF08FE03F40B02F50406F401020301ED01080508F70907FA02FDFEFC030108FE08F708F6FBFD02FFFF0000FBF9F7030505F6060809000BF8FB00FC02FFEAFAFB030309F806020109070DFC030104FDF701F3030518F9FD0800F9F60DFCFF04F8F41108FF0202FE03F6FC02FCF706FCFDFE08FAFB04FA0B01FAFA080209FB0CF1050C0EFB03FE02FEF80CFFFD150803F7FDEB09F8EEF1F2EFFDFBFAFD0A08FEF7ED06FDF4FC03F7FAFBEF07FF06050A0307F710FB04F5FD0100E901FE09F0EBF6F203FBFCFBFA0008FE02FF0A00FA16FBFFF70BF80FEDFB0000EF01FEF900F9140C0E0901010606FDF2F4FC0FFF0EFF0EF8FF06F9080403FC04080BF7FA01F4040705FEFEFC0203010C090AF1FC01FC06FB01ECF3000B010E08EDF0FEF9FBF4FB0DF506F4F007F6FCF3030D0A04FBF9FDFA00000D010C00FBF0010100EAF7030DFFF608FCFEFB0207F601FCF80109020010FF100702F9EFF800F40109FCFE08F8FDF508F2F6FBF6010EFC02FE0101020D030BFCFBF2ED01F8010210080EFCFA000B120017FF051711FF03FAFBFB17F805FAF9FB0102FD09000CF90B1A0AF500FCF60EF7FCFC09F1050DFAF9FEFAFEF7F50CEBF5F8F3FAFCF6F6FAF308F6F505F6F9060A00EC05020AFAFDF9F50200FA0306F707F9FC150A000D0702070B03FAF5FE0EF7160D06FF050004F9FCFB05010107F2F50103F60305030610FF0B070A03F704F602EEF411FFF9F5FBF2F5F00101FE080BF303FB090402F30509031107020102FDF502F5030301F2F8FCFC07EE0A04F4FE030406040802F406F4060FF2020DFDF803FE01FC030AFF06F50A00FDFB12FB00F4EC04FB000B05FFFFF60EEE02FFFFF7F301FC0CFC08FB06EE06F8F9FAFCF5F30BEF01F4FE090400FDFF01F8F20BFCF40D0001F708F20304F906F20201FA0BFBF4FDF309060BF6FCFE1007ECF30202F907FEFA0AFBFB05FDF60BFEF5070CFCF60C00F5FB0AF909F1F40302F90D000503010705EDFFFE0103FC1004090C0007F80012010DEBF3ECFE09000807EFEF09010EF202FD0A04FFFBFFFD02F3010906F808030409F9FC0D010C0200060703040606F407FF0006FE05FBFA00FB0FF6FEF9F8091105EF09010300051304070DF80702FF06F30A01000102F7FF0EFD010500EEFBF802F8F6F9FC0602FE100105FBFFF7F8F00AFCF906FF0401FE02050A0205FB03140B040806FAF900F5F3F906F90FF9F604F602F705FFF8FE0A020C09FF08FE0FFDF6F3F6F2070002F8FEF1F90709000301F307EEFCFB06F9F7FBFEF9F50EFDFFFFFFF508FF00FEF6FEEDF7FC02F3150106F60803FCFD030FF9FF0CFD02EF0510F6020801F70AF7F8080502FFFCFC04F7FB090BF1FBFE0AFEEA0407F8F4FAFFFD0FF5EFFBFAF7EFF7FF000E00F906FBFD01F9F91A00EF0C0502FF050BFAFB09FE04FA0703FCFCEE0507010707EBF3130103FD04EFFE0DFB0503020C0D0AF7FB010000FDF409FDFFFDFB010BFBF404F0FC00F8F007030FF8F5FAFAFB00F700071205FEFF02FCFCFFF2FE01F00C020BFB04FB020206FA04021008FA00F609FD0C06FAF009F60FFDFA07FC090E0C090CFDF9F7FAFA07FB04F20BFFFC0500F8050DFF08FB09F30104FDFCFE02FE0AFC0CF9F70903FA06F6FBFF01F305F8000807F1F9040E07010A03010301010D11F502FDFFFEF2F9F904FE02FEFF09F4FF05E9110309F3F504F3F807F2FCFAFFFA0BF501FD040107FDF816FDFCFF040404F9F7060AEBFEFD07F50000050B00FFFDFD0108FFF806F5F60D09F909F610FB05FD09FF0C06080EFFFDFEFAF7F9F70B05FA01F4FE03FFFEFD00FFFCF8030D07040B00FE03F3EF03FE00F5F8FF00FAF9F80CF9FC0102FFFEFE0B0108FAF7F8FFF805FBFE02FF06FD0311F8FF0CFBFEFE060CFE00060200FDFFFA0C00F30EFC060608EFFEFDF2FA0405030707000108FE05FC050403FEF800060408F301EE03100CFFF700F9F2FEFC040800F8F8070104FA07FCFE01EDFE020A09F00EFA0C04F70CFFF002070BF908F50201FDF8F80AF90CF205020BF41103100205FB0104FDF50502FB02F7F907EDF3FBFC0E0E09FF0C0505050E020700FE00090609F60C03040FFCF8FB090AEDFEF4070AF3050D02EDFF05FC0503040A0AED0803FF09F50201150F0CFFFE0604FAFF0EF801F90CFCFBF9FD04FFFC06FF06F6EF01F811F807FFF9060407FEFF00FF060B030100FF02F902FD08F905FCF50700FC0D09FA0302F901040AEE0602F401FDF6021703F50406F803FEEAF10AFB01070916F0FD11000E060204F707F60802040302F60F0B09F802030001040114FC09FCFC0A0B05F5FEF80F04FDF8FFFD01F8F3F6FBFB00070704FF0FF70A06F3050D06F3FEFB040001F103100F06FA03FD04F4FD02FE05FA06FBF40FFC10F11407F8FB0AF6FEFB0303FBF7FCF4FFFFFFFD00FD05050900F20600FC0601F40D070403FFFA0505FB06F806FF01F4FC030910F70A03F20809FEF0FF04FFEC06FA090404FE01EB010106FFFBFDF9FAF4F91703F7FCFC07FD0DFCFF07000AFD07FBFB050CFA0702FCF60E04F9010603FB0501070AF806F6000BF6F4F9100BF4F90904FA0EFE0203FEFE09FAF3FD03F908FCFFFB05FC06FA0DFC0001FEF803F60200FEF80D10F80E0B030503FEF103140A02FB12FD0301FFFAF8F905000408FD070C03FEECFC01FFFA000F0C050203F9090404FA0710FE0DFE0FF4F8080808EEF404030909FE07F805F800F7FFF9F4EFFA0307FE06070005FA0FF5F3050A0400F8FCFDF001F2F312FB0D030E000C00FDF4050904010602F705F20207F708FA050E0B0206EF04F8FC000410F0F30DF7FFF508F7EAFFF9FDFFFA0504FFFE09F5FEFE1607FCFF0AFEF40206FC03F401FBF7FAF7F50402F3F8F9FCF8000903FEFAF801090504060307FEFE070E0AF6F501030FF501F40407031007F90206FF14F7F9F300FCF008FC0C060AFE04F905FEFC080704F6FDFE01F8FBF0FE080A0509FC05F803FF0E02FE0E05FA02FF1000FE050814FFFB03FBFBFF060CECFD01F901060705FC030B0BFE08F5F70300FDEE08F1F5F70204FDFAF4F6FF0705F50AF5030610F90F0C040DFE050001FBF9FCF60A05FE05060107FE0304F11104E3FCFD03FCFAF7FF0805FF0FFDF8FFFF050101FEFCFAF30C08F2F30107FBFEFF10F0080403F40309FF030B00FB04F50DFC09ECFBF506F711FDFEF401FF06ECFA0600020108F70CFC000DF9FBFD0111FA0002FA01F90008FF0B09000AEEFDEF01F506FFFEF909F80CF806FF0503100206F0F700F602F901F202F9FA1402F705F8FEF80A07FF0CFF000DF808FA0FF7110701FDFE0CFE100500FCFE03F1080EF60B080603FA06FB0802F9F30D03FB03FB020903FD080700FAF8FAF8F9F2FC0707FAFF0208F4FFF7FC140001FD090108F80D0AF1EC0AF909FDEE0500F1060507FAFDF9F6F8EE0204F3ED0308FE0B0101FE0C02F303F5FD0BF9F5F00C040102FAFF05FE0C010408FC06FD03F5FEFA030700F9090109FF0A000108FA0901F5FF00EDFEFD070705FB0600FEF2000E09FDFDF1020500EE0503F2F8FFFEFAF8F803050B0602FDFCFA0C00F708F40602EFED04FF0B04FB0115FEFEF6FF0AF7FB190006EF01FA0BFF02FEFE05FB010107FE02F7FD00F10EF4FEFE01010302FEF4030700030BFDF5F903F503F10D0904000A0A09000106FD0DFF02FA03F701FA02FD0C080F0D04FDF603F6F7F900F8FD0609EE0BF702EEF5F4F4F70105FBFA14F708EEFDF1FBF901F7FDFCF3F40204F9030401FA0203F103F90EF4110704FD00FBF001F60905FA04FD11F305FB0A0C0406F7FB04F6030A03020AFB02FD02FEFF0DFDFB04FDF9FC060B0905FBFBFB0BFF01EDF50200FBFD110D070803FDED0D010C0B0006EE0302040108FFFFFE0304F6070102EA0EF90701FD0711FCFDFBFF08FB06FCFD09EFFB0DFDFF01FFFA04FEFB0DF90A060D0407F8060D02FEFF05F90AF60DFEFEFC0F08FA0102FC01F6F6020501F407F90DFBF500030800FDFC02FC020AFE08F909F0F8FEFFFB03FD10F5F3FD04FEF80BF4F5FFF6FCF5FE03F8030107F500FDFF0DF2F2010AF90007010B07F2FFFB05FA080EFB07E9080614F6FE0E020206FA01F4F5FEF4FFFB03F6F2FD0000F60007090103EB0211F1040203F5F90901050D0F05E5F307F909FAF8FEFD00FEFEF9030C0BF2070605FF0806FC0011040309FF02FDFCFF01F404F80AF9F807FB00F5FF04FC0DF3F504F90DFFF900FD05FA0908F90303F50AFE0CFC0DFB0FFD120906FAFA0813FB02F7030107F700FC05FDFBFBFB020D030BFAFCFE1000F9FEFE050303FFFB10FB0104040B0B09FE0102FCF7FCFC02F6F9FFF90BFFF90F01FFFEFEF9F6F2EFFC0309FBFDF701FA12F605F7EE06FCFE04FFFB03EF0814FA05EFFCFBF0FF0BFB18FEF7090BF3F50011020C060604FDF015F706F30EF30206FE0A0403010507F5FB00F902FC0C03F901F718FD02000703FAFCF70B00FCF3040602FDF8090106F800FBFAFF0BF9F902FB0615F9FF00F401F9030709FF0305FCFB08FFFFF505FB00FBFA00F611F9FC0A0A04FE11FF021207F7FBF702FA010305FE01ED07FD030E11F900FE000101FBF608FD080F0D0DFC0BFDF900080F020FFCFBFC030513FDFFFC0EF7FF07FE0C09F4140602F70201030501FB07F30C040D0603FFFE010603F2F90CF70203FBFCFFF2FE0801F507F8FB0405F8FD07000C0102F4010009FDF5FFF2FE08FE01FF07070908F7FD0E0601120205FB010606F8EEF9FDFBFD04F80304150AFFF9FC09FA0BFFFB03F80B07FDFE02080DFC020CFA01FDFA0B0702FDFBFAFF05EB04FC03F1F90C03F9EE0F030B1202FA12060505FFFEFDFBFC01FE02FEFE1400070AF8FD0204F7F80DF10714020805FE02040106050C0315F60704FC1201080A0307FE0004100A05F407FDF60AFEFFFCF40400F9FFFCF9F810F00203FBFFFF07030A00010E04F5F106FDFA0EF80D12FAFAF20EFB05F20307FEFFF2F809FE05070800020009F0F6FEF7EC0A0601F2FEFA0AF508FE060004F606FBFBFC05FDFBFE02F9FCF7011100F6FAECFAF7EF030EF9FD0DFC000202FA0B0103FAFD03FCFAF8000F0703FBFDF4FD08FDED09F70B07FE0006F5F508F202FDFD0BF2020807FB0FFAFFFD04010408FA0803FFFDF7F00001FEF4FD01FDFB0E05F4F8F9F6F3F40406F709FA0EF805F7FE010B0309FBFBFE0706FE0B03000D0701FCF30610F3FEFAFFF6F80311FF09F60804EFFD0F080706F805F104FFFF0605FCFD05F9FB040BF614F5FC0502FA0705F4F6FCF407F4FAFE03F6130600FF06FE05FD0208FEF90AF7FCFFFEFDFC0EF6011101DC12FDF70407F609080D0CFD02030AF4000305FAFAFBF10C05F6F0F9FCFE0009F7000100FC08010DFDF805FDFDF5F7F7EC11011103F9060505F4FE07FE03FC0308040E04FEFB0305F9F5040AEFF9F50601FF010AFE0C00FEF6F9FE0BF80303FE0303FEF40A070D080308FE05FFFCFC11FFF501F9FAFAFBFAF9F701F9F5070703FAF7FCFFFA0C02FE0D07FEF20FFDF8F80705FAFF02FE0308FEFC01010C00F70813061103FFFC01F90CF3050C010F05F50101FB1202F805080D0701F7F302ED0AF40B0CFCFD0005F707F813F9FE02FC0101100401F90CF70B08FE0108010000170004FD06FEFCFB010106F9FFF80702150D02F902F8F1FA10FE03F9FB09F1F6FEFF0906FEEB10FB06FE04FBF5FBF806CFC6B92DF4B09954DD20371C1E88087D73F0C885A68327486A812A1C9C36DA7E4F5C254B6292FB5C3DB9561B8793D8AE3E1611423AC0A9F8CFC13E1C85FEC6B5");
-        int smlen = 2881;
-        byte[] sm = Hex.decode("498A996E2B6C14E9C84617F4D63149C4676855D15CDC54A85F1BA00CD5FE550C6120227A77605DE227878113DF3137E13ACEC54F42856C0AECCEB53E1E96760ED6DE0E3F353ED4E4BCDB6B1AAA5CAD3CE1DD882C6BB12D3CF9D1C9888624A54D3E024783DD2C39DD54EA4FFEB280B0E546008CA0C779C8917E8FBBC7A79BEEA32D5E6652FE93D8B4737D47D8DD0C1600D5DB9135B74C0ED6E94D9FF02D06F951FB680902009EB68C34028EEE5176E1D64EF869E14C0AB577197444149CC6EFC60871899B1AC9DA86F8373A1273A97BCE318F40BC6A2AF35CEB52A5EA853BA0588531B87B0E1170EA6F464948A55A84920C97AA9D3960B9A099E947608A1E393C634DBE5DCBC6F0BD55E853470F6AB286CDD126B52A29BE7465542D477E3386821901595597E4D6583B6E16326D4AE71A2967FE20BB755A12CB7037614D3600A2B02D4C8DBEE17670CE7B4B144C3D2BEEE9FF6049B94DE4011DC401687E83211AA37E7A9D043A0582A9A7DFDB0B5A3A4AC8CC58F9634DAD9730311F2CDDEE205FDFBF160DA631FB11D0D0DA9FB42223194B18A5850E80C3537F8148A965EEF7B9A2A81C69DDA4797B28A0FBF4FDB31559F940AB7F47021CCD5881934487A6CB751845BBABCF3D213BAB2C61D21F06927DFAD28581E2F8377E2A36319240DD8380BD85DD1A5BF4828AA4F8F5E11534F4ADFCD1B881DD8A094890B20C4F67F5C1545B4065B84F0B28A64630E332ED2426CE04754BD23E52A90299FF399B240D04CD6677E782409D7AE46F5CF718BA1227CE673C42B1CC0E759429F6486AEEF5CF9BE96087ADAC32606B3D2FA53254C62B9617FE0C8D0490C7C7A77C9D54DFF076D44DE2864E3AF3037511C05D2603354C2AC19D94B6CCB6C6362D57B85C6D3E40E5960F7D3DD00ACE24B07AC41014CDF58B106A6D61B0909DDABE19AB78FA29C5987E7CDE6D5D084C278417645995976C74CB7D9A7D6597A83CE1654209325B788F056220F672CCB16051EC94B34F89B6DD33859F6961432294DAA66805488E894BBCE31BD4BF29BBEFA3B987857A4EA2F87AE9F6B5EECB8BC3DF90547833F3240071AD5A5464CBC9F42DC0E9E96DBBFE1AB2681CE2DC100F07CFF7480DE919AB27A2F51204BBF779380B337A550371960757D3BEFEE45AC13792F9F885AC22AAB4A5263364078AD1474B206BC54795B69380B0056F9CE8325B7B780B6AF7DB44F3AFEC558CD93FA268A6AB9AB6714ADD72C93B5BB011D974F8D2D778BC476C5F41ECF7C7D48E632716EA393973BD67F7496078F937AA45FB33E8ADA4CE5192DFB244A1D8290BBD29F239CBCADAC9E1D260D22781B7B41E8A42ABE21FD0D3E3517AB941AD09013EDE52EB9081F731A7935B14E1A9132FF2EEB2C53ADDBCDD3A9656F5E22B0F6470DC961BC0C1B38BACE2F16649536D28271D7BB9C76BE5B63ED2663C5842335A783C524FCEE69D6964874D4BB56418EDB945EFB097001506561A1ACFCD03B15B42A009C9B150CD1FF57104737E7978185F980B333523FCD89F522A59055515A4895E68C07161C47320CF1E542F03EEA4CEBC76266E2C85916638CA4C054F0F085BDCF2A84B5666932A23FF8A40EA90F6CE2888731E88FB7D90CC24D66934B2FF378E662CC57D516072698CAF09EE3759AD305A30C0C222992D3A22DA664A25B74043D338DCFC6A70C786853AABF31B6B5C49D2BE0BFB0CF214467B511643106E729F4756B147467530F9477503BFB9393D36D4A9F964956DCC0C6ADA0A4CDA17D794F7C6A32C7D8E146C6769B810F97F9FF47BC187C57158684280AAED7807D2FF6B9AC3F4E11CEB29F112C30903983FBF38F5D118F084A5ED22E020F066BD458716B491DB9A9A26AFA5C187FEC28BB67C878F82EFAC22675C0D2B6D62DC1804D7933D68441A9F66419314D66540F30BC7B1A8D1F10F5677BC3C6E236F6D5827F70E3F471686F640A8253582F0E5FF146C3BCA53CAEF22BE026BE891BDB96697549DB993B9A4A1FB4B8034FA9EBE42F7A953155A050CE106EAA94C885E225F2FE61E254BECD43E34DE41385DEBB456CFB70FF8C0E46E19224D5FDB7A38F4D2BFA314DA933D8A93CC8ADB99344641DED33E8AAFE639FB38AA9026DBFA1F0C754192A57B8933C99181DF62C9F8101B86A743BF7D07924EBD6C14EF54CC8ED397D73AE2EAE7E2FB4D6456EE7C68FE6DC0912DF23414FC15575E7B84C161A5BF8CE69738211BA13614B1A40E7507701DF29D3B50C26C547C8E49537D10AACE95424520340A57F1B5B35CE62DC693694A2A68A95409D52DD0A0F167F4212826811993D4F245E56CC36A87C404C3218388947BA63814D3CD5DB8666EC2E2551E8E130E1A1C998F301005A645BFE2EF1D208412F3937246A5A41AA4F3D3A5FA2833B4A30637EA569EE3B2E6B72D90BCB4D79A7022824BD22FCE98905D2DBED895C069031D08B69E0B710B4472BE7BE2DB52898BFFAD6F65D73FD28C8BE578A152E53C9D2F04E206F9BD0714CDFC5FE8E17AE4CDFF12B9CB2EA5CD8CE7FE81B0033C9E1E91A88D3F475012BF6882F3D5A25C1E5BC92B89229D38CAF7314DCBA05636232E8409CEE11E7EA607FEA2FB2E2FDF07EA3994A3129DA426D64DE74186A1F8B432E106B786BBD302FE40889DF80A5B1CCFD129EE0B0DBA5C1D506A8CC69106D6BD5006D2BAF26D51DC9BE072E4BF5EE4D1DF9D7B4235CBC7DEA9813244122DFA753479CB66128753E5C4352D0CAACFC8CC577E2D689028025D72EB6A6BBEFD22F2CB01D5013D86A5F92A1AD6AF48F5B7C9F6AA8BDABC760CA25C0ED93986183F00CF3B9F37385DE183EB614D267DFD6E48C7AE1CFFBF6F977512C756103FBC5AA332F8647CE46D12CCD597A0D982C0CB30D7EC954515793CDB3CEB143DFEE2552ED21EA089A486CA6137CBE87DA4F27008B3758668DE776C46794303E316A3480ECDDC2CD5A97421EF9369CAF27E6AC5A56B7C9D42C64096EE13A1F8795042F24B92566021CAB8A988EA5E5BE324A19CF96BCBE0E5B1E32E932C7F45470D99D785BBEC8F9DA12EF268B330D43238637A16D699EC842CEA24E9BA3F2C58D642C9DC7C482FA73644B5E48B127573237D1F1821206081B7C34809F9839569EE2D2C650347B0EB48B76F1387CB79AC0C6306B9206A65E9C7B1DA55C153FC9D509F5B56AF7DFF6D3909F94E1F7FB57BBAF68555D2203B33F459B5C449113B559EB0272EA9C0D73469B72256C3D730E2752CF64D1AB0B47196FD8C07EC32D2E337242874397A0D5A37ECD4BFBC88C96B1655460FDD63B265D822A13DD20B8837F727BC1ACD58AC33603C73A214E90A59133A72B126240FDBB4BC450FCC19ED6E9FB9DBDA4CA3860A2EAB2CEE7D8A4534D2786695D6DF754F5EF52ADBF642C5F3A46C9A3CCF949A6E6B025856C07F801DEB544BD70C46FE86D4824246E56F171A81CDFD44730D55F89821A0BBFA449B9D0FBA039731AE81CF0612CD4316B0BAA743CB7E9DB42708D40C60A95973DC9CED8C5FEBCA232B093D7A5D6342325233187B9B2593288F6ECC0F163315598AE526861DEB3FE0A1DB1BD649D9550BFFFF90AE242DA3E2D67DB09C248C74C60EA83BBD56490E539C5D486EDD707CCF6C310C3E3A713A09183AD749D6FDCA2959AAF0B9FE73C2FF4373EEF3D4085951EB92ED015733D35DA818F48946648140A01951FA411FDE51792036B04A4A4CD3E5166DCAF152346FEEEE3F585F24532582CFE064DBADC33FF102A39BB4BC05247A3C78820B2639CE455866A344B557ED08172184BE286B0F8611236B68A9A97969795A6DF73F55D9D740B21C7D4832972EB79E033BB48F39B4560B0CA338D85577F76F38BD69626CFCF6969D40102291DA41BD67E7BCECA8BEE6D3AD58681630DDF7EEAE5A50F19AA0D1C353F36377D0628E0EB299F0464063AB8B1CB89CF512001949E1E66C68A750871AE0A3A5FA2108AB4E2920A08892D68719E092B48C3043325E5944F62D4098452B4A8CC63CC0792E256448F42C8DF5AB191A13DD00033600D81C4D8D734FCBFBEADE3D3F8A039FAA2A2C9957E835AD55B22E75BF57BB556AC8");
-
-        doTestKAT(QTESLASecurityCategory.PROVABLY_SECURE_I, pk, sk, seed, msg, sm);
-    }
-
-    /*
-    # qTesla-p-III
-    */
-    public void testCatPIIIVector0()
-    {
-        byte[] seed = Hex.decode("061550234D158C5EC95595FE04EF7A25767F2E24CC2BC479D09D86DC9ABCFDE7056A8C266F9EF97ED08541DBD2E1FFA1");
-        int mlen = 33;
-        byte[] msg = Hex.decode("D81C4D8D734FCBFBEADE3D3F8A039FAA2A2C9957E835AD55B22E75BF57BB556AC8");
-        byte[] pk = Arrays.concatenate(Hex.decode("14BE5C398A69D45B0E7A63672036E007981E846337FEE6A01789E7CAFDCD43B59471207B844CCA4240A56CF1DC37941B8669BB2E93B7A84687411425B04ADFDD81011B8DF309F9BC8069B5A0F53292F6F6D1A6B9191CFA8FE8DE932A1403296B3D6492B457849EF361481655174882C2A899482AC9236901E094BE6BE9113E9EB7B18E0018C46CAB21F14502C63553D383BDC53CA1064CE6BC6704EA05161F0C9071428340DD0342F66F0422AAB29950ED8A95363404759A8E08677223A08806814EBC824D40D89F7560175631533BCA8DF81DCED3828EA539BE87328C14183C91A6C24E496227C6F6A98197A8ECE46D5912D99F72D17651F5850901CF4C060B4D1E5C860C12FA479342652B54D5E5F58AC2449C6248483B900E8F7A2654DF3ECD76453450BC4162FD1AA9A36B6468C0E37A18F54A572E9E35C2047513466BE99BCBCAA678E0FBE657488CC110A27393BEC4841A4E7B784DAC3F840DA102438041AEC6BEC4AC261FE118994D38CC1461927D3C08AA4B3A22E2393FC49B5A5C408182FF943C1F59B143BF0F11420C78FC29162F9E2EB81277FD7DD8779F3FCC9FDB0E6065B1C41272709A716DC204C51B47533CE1B3BAE15EB050073E878F70696B92E6C20870E8F3C290CE4812E00C1341D4E36A9ED8BB974EF13A8CECD32F4D36A1E912CBC1A65458454BF58A874245EEEBB41F7FE6D30CAF412010D91F1D455F904459FC9E259C812D584EAAAA200395D23868E838DC7F78C1CFB23BAC26788C10A0DEC2AE358DF79980543B274C096D194D1750CCB74C0DCBE3C30B50B74C8FF33EC1C0C93B65747A01A85D56B17FC2F0CF091E7D98979028FC0151E3E3A3BAE05D0FA5BB9FB9B62F031E8DD9D597E5758DC1632B6040D72B0D65B1C566AB9F846C547C8809E678D86EAE55280F2E365C0B6539D3108763D7D6A3821992B9F0052152D8A4469CFA02B332DA1A41A340452D481660DDD8B2107FF8968113DAE0C4BDAEDB087B9868AC0E3DA8E8B7F54D5FA4EC26C94B18F1919E4E5181079A8C4DD2C2F6FB416D302FC298D943EB43A6B588EF9C9498036A0D59C85FB37FC4EA9C8084DA4C25193330359483EF8D9603B38E9A7107478762557A590D1DC1D07FCEFC9EC969F6811A92B69B184F8E605A489D0872232702464AC8616BF9EBD7ED82657541C3D96C3922B7E2C31A7722CA36B4DDA4CB775071AED78E2829241C9E20096BD64AA69FBB47571BAF11EF42918BC0606486AD5838EA8794B2519A5289C48517AABA1E51217C49718DE8040875D1E1049B0372A2C307E2EF6E43503314540D3C0D054ABFDC85FC8BB4E5B48FF071F0FCFE3BAD96E02108302EFECD21380FE59E1038D7E7D79EBFBC4DEB14CFD1114367EA1E64DD950A84B11E9C1815CA4AD3971EB20752EEF63E2F2A188277A93CA022C1AC3E0CDBE94110240F3D7FA1264385CA9B997BF24C086897D8B23E585D3BFA4F8B611C578F789BE382502A2A14D2CFD899842FC88B300D5E929DCF9388E9F60782DE92F344598901225B94B48C7CDDA04C5141A7296C3046173161A8B902FA9C830FAFD04CA53F62B11403E1D96906ECDDD190C77DDA4350F2FC8A33AF7C5C9BE9DB0C73F726F2730D27A32B85845032A20BFC5454E8C8E3A4501C7A04B5AE82140A65511CF68CBBA3A82F18448B84C0E576BDCC94C2482C08B95E03A66ED9D0206DAB74C32E160A16BCCE9F699AC3E9872BE87774168891C148314C1500B506B6272C87AFA7034899BA202E66DC224A60F824E9FF51C846D651C5FF5215F828093458D60BA1488FE84494A2D26F5BE5A484AE6B57CA2E5502C101A1C4C828A70AC1E7AD3D71CF8E5A4847A56F3D110D18FD501A0A60AF0950518ADD4008540799CC1D1D66DF821D92877B80A6C58780EC34B1C97CBE9ADDF79F923ACD142FBBDF39293A0ECB17F2424C2AEB5714710D2749DBC02351656F54B5268E114B549D1111CE4BA441974AC989AD24B5E1B07C2A74802F1C09014C752A898E0EE9D51485E370644988FC3DC0A531EB6609962AE8C583179833700E944BC002394A5A93F11B69D9F90E5EA56C139873241A8EA824C8ADA018A5A4247D8C46BCE6768FC310C2C4C3E6D3A91158A2F21B37AAE306860C60B890B4EA1F2A3ACBA3BA2D256031E0BC8683A41F454DD5E4929C6201C639A9C6BC26628ABF45B1540BB2F94D0D5D7515B8A553A0CBE3504F76EB5B5A3EA8FC6E115807303199A5ED93E1170F021CD9F48D5E7C260348754E4079926C69D6B911FCB5BA642A68D81477C4631A089037CF95C623C52BB59D697300E0919307E21CF9B0116C009FB38ED08380E2E3C26320A29BC2A01379E202BA115CEB0D61C299F71DD8E153AF3EBDEC1D0187836F6771FB71923CE6E1ED3265492E4728CCD62267B1D49F84200BC094769860C3409F5B07C55CA5A046BA1089CF0685B6BA6804335E8F196FBDCD01174EED8B35338C44CA3B666A5E7620C822E1D14449763FEBBA08840D446987A9308C02F307BF645F00A63888101535C3E256147BFE3A1B93992FA132B95CF3DA5CA76EBC1B1118D4469274628C047C647E76E69A21DA235B837F0EC5DB7A684E28FA38229704E38C012B82F5FC2329B7B8C32643D606C923D4D1CF945361A4E86F637107DD98DDE0767BE55991E42F422D7136CB12989434C2E2D73F9D6089AEAD7B002DA0C823877F102DAF2D827488BC5047F932828EC1598277A68C0A043EE333C25E8BA09B513B71053136C43AC637DE604A801B5D031053957F2AAFABE3B322466393C38B3E79FD3883D4B26952579C7FBF27BA3161BE47EC05C36274C486B28069B85F3A1CCC0729B67D4065CFCAF822314FE481A97410EECB6E629196CA2B4936FDABE460F9323C541220F6B81097DE9F2243598577EE8A931E02A7A4C99019C95A8D981B0DFD84E14FFD36651748B9B39358809587AA66ACE6F700727B16649545E3EF19A88C5840BD1993ABF60DAA5E75F3A8479EEEE400DACE2B9B56A010F5B704A45A9CF67123F3B72E00E3218B08D01EC3E62CA297B95777993D30E7ECEBB84E2C89F3008AABC787E2F463A0E8AD93708B441791389B447999044F2C297F300A09955F7FDE9312696728C4D57C41CD0D6DD171E1DC8ED13C71FEBDCC6E11FAF5661A4762AF1E481D290A99B714A5A9943210F686DDC15F52135DA1C324FE13AB500EF8990A7DA916D36704C0A2770172706F76559377B6B698235A2CA0950603E3664C2B18139E964F8A65EEDF920766960D7AF2C454EA459C8C8A8A0BAC144026EF3E07655E0468FDB0A070D02766ECE413F0CC6B0E8AB6141DCEC4B7176F747CA888BDE34072025FC5903954033E8C2E238C863DF874AE2352E69D6481D3EBA028CC82DAEED636307E25019613B69BFB3C3E789889F12120D6F82E6F147199D426448FB133DA20E2EA35916831652017E7D549BDCF3B2847457021F10F9EECAFE9D8F6B603AAB7C6D66204555BBA86C30F6411720BA1387C7420E39FAE827F454B851B1B6D7FF850338B9F6621F1C00D0160A61B1A5B2C1F416C6B3BF455A4C3E675E5C2CDFCE355C08513A06691497DD1A317DA84C14CC5FCBC8FF1F49DCD820117CD4E11FB545D5503BA4BD4B479A76FC62A30D3202E22643C4151874AD5A4394277246F72BD4F5D09C98112BAE11B037B00125E1BD1E20BA234DD5400A72A63342CDB726EC5AF987CA91330D77F3BD4CEAC2FFAD7579E8112C81758D9140FFD0AFAE0B6BB60CB78F40FDAD784F9085E2134F778FFA2FF71121D9D07E48DBF28864052D851831DF4EB89BD661882C4207E3F5685068D89D0DFD3F73C8072C946125A64B6EBF957C94D4A04409EF9B17FB5A1A7916C4610CBFED3474E563387B69793B3528650FD68C741E260A2CC5D2A229FB00CF4DADC7ABF168EF983F613F2B508A8C465171035D8FF0616BC319BD2B98C88C5728EF92086E4AD316247A199F6A123AFBAC048ACB1E0DAF62A0E17730674F61A801EFC2E6505E9E6029C862C29E79FBEDDEE69F8FCAB716723D6A99B8B091216259185A65C5A9461413EF8616B9102F0BB6FE68E014C62290345C2C89E77511D9746052A188A41AB3E1E141684B38020051EF0E4EE77C979A7B7EE08B91338ED742E30E91250741BE8D1EA6B4B105F428528506B646A027E82711C56D7503049021809C050E2FF3FF1001AEA49FAD40AF255713D431DD7BF6BB62B15B3F22EE53B4FECC7E865B3881A15488C18AC052C1DD90F21637D1E06034649DC8CED834F4A95C511AC19815C86BCE452CE0A9C15BA0B7E98E92280C9F8C7F2260CCE46687B46702F2EC81926B3A4BC9BF7C6E28247B5E248C231B84CCD95131D63DFCD33652D2C1B89025EC954F6C9987412F707846201BA2A07D80AEF7612E2CEA5B473980380736076583D140C71BAFF5C46023D03AFBEDF45132E16D02FA0152A0505DD9E20A4624CFCDB09737E08DD5FD1CF20C1896B7660163B564FCE0CC7B1339D74138550CCED7C7B950CAE55706EDAD6BFCF3C9447AD3D4D2CDE6B952702C0C1E1C3E3272959EC3F82233562959608B8DD7501D1BE022326331AC674D71C01883A216D8801880D14D2934A2BFF3087D3B4E28851C86180F474A4937DCCD901F3BADB1148946EB6FD8E50CAFA588749AA6987B2DB6EC838EA3712D09DF128C6D6810079C2EF26CF4F2082CC539A7B569455AD124E42347195C641B4291C6AE909119DA25E8C99B966B2EB3B009208971C159E4B03DEFD15052E53C398952988548F8D2470371D4142E80D074877E115735135478DA878947939BFB19D4B8410B7AE39B6EC7A7AB040BE4113848B806834DA4DFE8FBCA104D061D884C491DDBE44EF645DF53D89E468884C8692C8F5AFE3CAC08ABE231E721D93F76234604207D1B243FE4C9E69739D49E69ED4E68BB249EA4AE384A811B8005823BB893E8504DB7F0257A13F6DA14DFED71AC59FDB02603D11968F8631F4BC4F0548F51807F22CEB49A932AA154A9CB31318CB2C86413589177E97FB308092EFA08AAF8C4CF0316ABCC8BBB55DA9410721B5B90DFDE4682496CB040240B900A00BDF7D3E19796FF6378333D95D609EADF839E7E9BB05636C5B68DAB394E059844FDBB26DB9013F34FFAA96C88799A3B3CC8F192442A03FEA9F69E5E000D0B2E1EFD05B4D3953C63C0B71E7EED50A97F725542DB6B0D451C64971A9A600CDD5AA8EC6252E2AE8F73C16CADC0786CD970262780642FA8C320896980D596887B76476307A41820A008FBFDA15EE8126027B188092C4AEA08A734558DC1F680D8CE12C25F315421B7CB353C7D5363F06CCCB2806045E2663716188F439A9F654F8736D06BD0F98E1B53F5A5B1444F0CF43F1672DDCCA7AEB76ED2061124B5870C62C4AA66C03EE94DE1615627747D1D930A8DF250E9351FC8CB88E451FEAB0550DC351111F3DFBCA5B58F71A635F68F101F9FC5208084E75C4FD5E7C5664452A9733E481FEC874D17E85DF09FEC044B0ED303930F20600BCE3A9715654A13BC9194822E1008256B8482C6FDDA2E5A342D8CD120638152D48D7F3E25AA7589599B82E4AD175C5C4B09261337EA014AFF273F026F27019E2BC917CFDE737179BF8B8D9F563D4275F9BAA21D17AB16A5B8B93505F6C95BE36CD7277401EBAD6EFA0303678432227E125E6759270593C4903A7C8ABF8F7246E9A070A01C10BAE9168E261C1FCF8D8AE558A3050358F1D389445181A6F1BAE1685B66D1EA41B294CEDED9458325FEC7C0291762DD7CE6219B1D1615082C472CAEB7D616BFE1756622F212AFDAB6A0A597F03A7779ACAA95A4E385E36D4288A72123ED083BD8D9B939F6CA155E29451C81698B8236BAB70127029A258A6B0D6434F02CCB26A846457440990A72EC9EF332851197B6325E2D8499B8C70057F0C8BA6763404EACB43489E2F301B233FD66FE7D47B199A93CC355E1CFC350754D09104938A17F287C88E916AB3E45CE0A44987385E0E56B923BAC0D80EFE37779E570C20470B9B019A60C471D425437F8665B15D3287D02D4E93964778225A1428B579F4C68DA0B3BDE33C2A5014B34D93DA567BF52D11F530E032B0388F8964BBF09AA58FA6B64F4B463E2C3735DA10519312E98D5A55A01A326E6DCBA3F036AEC91206B089E3A1C19785C582263EF808860C79311A10E6E3F77C70FE96A0FE25C85C08A1CD43FF0D9A5447CC7601EBBB429D030AD2E28110258DAF68B9F90C92D4ADEBD0065CC9D1B090F57C93F8C773B913F8C150C6337FB6B32E4216105C91F13188A65E870DC3CCF8EBE18C19865D98645CC4CA866B04E55D8CCB25F6C3AB52DB299BF304D34EBD68C184D552C899DC57A03C783A46E01A8F82AAA35296930A687E6A99250641DC62E9A02D7CA5C96174198753BBE09C1A2A36F09B1A7CA42A787C16D2FB9BF739CCDEFED80CE40BE9EADB69DDEF02B6860A240E4A216A4D50A917D523C9CE43C26B56E4F87B7EAA8960283117D5B396989719476036E7C9DCCB3277192A502177F2FD5A24403C747D70E26B7D824988369517631223EC3B6D7233001020A54C2414C0C4FE3CF37057C59A4B2268197E17D097E24945D95508F23B10794DC904684E33203A6B074A466AFFB3AFA48A830EE6F1AE1DF35C703D5910AC3E71EC4805E402C2743D3BC9D824B02D0760525B5F738196A7E575D921331A61D2F5BD838A3A8A287E2718E538A22D57525AF21854A1B1F0C8044C756618ACAE9B294D5E36D84F720303600C8241CA2C117726CF6E5550DE534892A14115F7920491B9A54A84BE3C2A0E168D3E9ECF1BE3E7E7CFEC206CB22D97273A830514FAE42FF5B2D7FC1589E097217C16D658FFC1C08FA3FB37445B75A3AAEB0CFE91D234037DF9C824EFCB05034C1C2C89949032E90C760D038DDD894205EA12B1E6033F185AE335E0FFA129C19C435490DF53EC30C1B6B7261D1FB89E5427B8D0103BC8D8370ABC42A9B0CDC301D4B9827D27D2FFD361C93976234BC699108DB4B540EF89329CAC0933C1274487C80E4E8F128F54E5EDEC60A102585F408E890B52E590393318359EBCB710586261EDC1E66646B514660D006A2C126CBEFC21EC431D1E99D706BEAC7EC79D06A909D02AD7A694C672F13A16FEB9D51C3F11465A51512F14D23413CD10D7F9D47FAC45B751086E084CB1CBC39E64994C9696B0A3337B9A6E07151E85D91B46AB81E716798604FAEA1830C8EA55082C7F6206FC50ED18FA013934665F21233485597FB9767663E548E60A07ED62AB3A704D7950612032ACF4F811157B292F6FEA408F56CD1EFE1A6D3B8E616EBFE756F5055817F857073E69709B538CD7E863020FD0139FBA6AB3343B88E8A2C25EF716091E41F7B6022F3C06C148F2E819106CA03FA29A6B50E18BD16C347F7C3BBB4A331B98A4DDE7FFD3E6B7A70933844EF37A4F576B14FED215FA4747145CD5008CF90A996CCB7CCABE698566B97A4EF00B605792EF99E260CB9A5D86A0B153E6991A8720457A003003DB44D39EBD567FE9CCF84CCD6C59A765C272A15C683082282D3B103D556FC6160F4126FBC57FED0C183515D5C423229F1805BD2868E3AD8B901455CF8C7A1D2DD6225277C613ABCB6B6F3105C423D502669F729FFED2B857C7979C21CB74403024F3141534294AAF0C5B9C9E4ECD542BF31860009C24E4746D0A3ADB396B91F362F4C3FB5DEB7AEDE2B470487F2EACB3649264AF0C8154A3DC085497EB95DD60D4E6D8F82321BC84945FEE29CC232005E4506127A26FF094F11AB5E63FE9A9F328E817490907FB60DEC2CA22CB435F5562BE22A376A75C0965FF209C7CFEF14F3483D890FE0B659CAD716497C5377EFEE0BC2018581FE10A580A76BE0430A0015F4172DD42E1DB4684ECD7E43C6AB7F18F999591050F46FBC6E92E11A59167423B52D0F820267D604AD671732ABB111CC0AE8C4ED2899B070C7D3DC7D68DFA2154D6906964901414788D29C7F3501B61133E0DA145FD88B0487DA2B9466C988E30BFA9634D35646A81071D3FC599CFB0DFDAAC0D1EC9605BBFE4158E0F63D542728CE577AE346DED77D6C3202808E653E1D4F11461E764DE863E4D2FD87F715630B39C8DD867580572D8C4970AC640022B0CB82897D3779156ED9A10734CCA402EF088DAD77A12242F003453512399794C688E9347CE657424738B335C49D59E7AA2B422B327849484418CE24C45621E6C07D1D5E816D3A6D6A9A65DDB4D1BB04EAA72F37C7B4DB39EA71B99192D7587A5BBF51328412797E1902999C4579903A302F9831EDBEBB3795DD1D09B288CC1A257C4349EAF7E334E9B966C34699B6685BC80DFC1AA1A5DE83306195562AC896840516973777AF437EAADF751714892D84B63517E187731C34A11402204438CF587B8CC19DCF05C826049C0E3304C5A0E3029FC16D2F8B3DA03C2B169A6F6D6A44ED0F35826EBCE85BE7F4DBEBF1302CB042E0AFC3A349FFF98B50C8993FC24131B3DA02B5DC1155DF5FA3CF0B884D9F0892E26B1FD140BA03C4F877BB9C58A99FEB3322F26D5272CA6D000A83BADFE9585385078CAC90E7301F2AFB393147327793BD0A4DC2578846A4E7D69C0F5419D272F1F022DAAE4CF662E9CF59B972AE8A20FA21845A3A5009C23402EA65C2E3DE16209260909A6CAC11FC5A05F61EB20D2C888E3091E0044B80FEB0E3B96292E6AD661FA9B6F7ED9915538D42D44F182CF103956C59C3C6140606DC18F93BE449DC1E2F20986BE14D67EE1BD0003BB18181CB441D070D74EB4E26F9BAC32E64C1EEA97A26C88BD264FDF1A12EC31FD0553E66478425E453B82E0C13DA9DEDA7328C28C278765D1D3B022B2B5B3FB7CEE42C254811E85105D39ACE8E2B64F0BCCEF03571039B7FD9CC2886CDD057EEB9C8C5A47122FBC9B192843B861433113DCAED72885B1F8644A68D21444E59A4ED3E474B1753B4CE034E9E6DBDB4F41CA00BF45A8D1F0B229642082F87D266EA02A972C0D314276236CA5F2013E15092DE373C6F144BE76002843C2C0EE081EBA4A4C59A20FE826F4BD0FCA63C9C06B3DFAB222221D1BD4CBB603AEA2DBFBD6BC722CF479709788D3F518A6D0B542772208E0478F19D00276057D4D7A3C7C391D10C715333011096D1CB7A3646AE5168E3085FC987A0729FCE0D35808667C4F76C7FCB2410BDD80126E56A3C5C72522489D2593F95A862BD5803A0CB0A4843AFFF2400825D41F421B5E7E29D68737273A5645C2142CDA30AD09F0ACB3B720B9C28732C9291442F9502861197CABE46753797A57ED183983F4D940C80043702EB0068F74C514A3A9DEE904EC3854E91E6C33C5BE6770F57ED0540AED19DE64D3304B53EF5F0120E96A4DB66CB4FFC9B3FA79B8D29966AA2CD4522E84DB0DA115EEB79C1457341729C4E91768E92F0FDB0B7E2DC0725E6A98409A73C6400BA4180B4F00C8701090D34017B3C8CB3A6308BB44E843416FD6ECE1773FFDFCA953835945B67BFCCD563A47044F238F00E1CC82095B649BE6176F7A67F5FE8032EB8F155428C7C6635EEDE69176847AB40D2E60BAEB3018395A60BC3AE9AE32B06153A8AAB22FC2C944D8887E0B8A6BE6E3DD39CCE2E0C85C38B8EFD0A08B06F941A86E17800A88CC036021F9D023014C80DC9CA772079A2CB23EAC1F8D78B284D15CEDE7E5367546B1D71CC0332F09ED4BE7C9F0E62F5A80FF462D477AC30D282269A433E36508C6495BEBE3115ED517A24270F048216508D8C20887CF524AC40980E3766E028D553EB34AB7DEC4CB96A940DD15218AA17B8444B4934DE09F0C87D89923B7227F5AEBAE3AA6146B3BFA1A790B3C98CB8F8F711D349E5A524EA9DC5128862AB31F7AF61BE71CE9893044B0770877258685260D5E0AF6B69FF034212B72134B17F4BF2948BD12BB087E82416595A4E92AEFDC505956A449239927BA368220336CE8CE8928A1B997BEB69A42817C44C13CA0DE4FF65FCD100197338877DCA198D7C4DF1484AEECB4107833407751904A83BF8F39269A8EDC405E285E2854B84DA2B200371E126CEDA464B0600EBC9A89BA0A36EAA063F5F442440E669A48A76CC5F9A63105D06FB801B3968CB3BCF5C4C7263088A1712E1777870C5A3240A85500E3ED0B6BA588096C082D07049053DBC16DAAE9828F1B0576E5B003927AF8FD04CA0E38E7BD50FF1CFDB59E794F46520AE42270189176750DE56BC996AF0D47581A18CDFB469717E8861BE49807F38AE1ACCE1036B695D8F67AD2C7963951646EA6D792723894B70ED65368141A4C09CEC5A43812359E0ED2AF1FCB2198FB0C129D2E60EB7F3384460BF79A0F94FA20C97D602008D1408100D37B1563437DB470037C57E2E21D0C011A618E350C203CF459A3F8FE514236183A200BC90658AFEE37F0B94AB329A00361827B7C08D2F2A3B7153C9568426DC1D44D1E07EBF2BC07BCEFC31B5519690C4FD6758DC0AC5FE0E5CFBAF3641267503E0DFB689C4463567996A285FADB4D58F437A66455D5D38A648083FE6E5E0568A03274306D5BC413F1AF7DAAB5C283A22F0AE3498211EE4AD2680A3DE270F89F9F40A53329F91A6E0947244C6181C155A4E2E74C770A684B3B3F8C6E456F2E43F4EB2D0D3C5B07390D9E011E8D2D20E0842A84912185298022B627E87D7D04154960486150C9A721A750A035F601C701C7984296B71ED3680FEE28E5A47D4A78AF3142D4E034D26C431377C81D2201B87D52E57075A1D908A2E0200F9D16B602300A2316A19A1F9996A441D46BF4D1701335F742A8785CE099A948E1A8A12B867F8358BDB7FE440DCCC234A1A81C23D6CAD1D8129D815CD4B4E6073BAC8A78F6CCBE8CD0ABE28D65F309103DEB98F3FBAE877AFBB549D44E2399B8A07C4544985D9C88EA99C679F6177091ED64C374CBB54940771A59E4FB36D241F0764756F29428600961A0FB52E1E6B86012E74654B04337616067BA23B8BBB76C922C7B224614179F3199C007A7FCF534051B40A25DB8B20921C8DF46993D1D0BCD2D175DDB5F04905E9EA93C175754821DD2E07A38F06072A43ADA69A441EFE77AAC95327B869570970E8260F36401C4C7401077ACF0C2F7D3BC23B846BCE0D61F50911CDCFE1A11707565E4D52BCA7B78C61D96296D29B30E483E6C1EEA2534A783439E2D23740730092B170215427A78E079453565EFFA6EBD79EF6D03A39ABA3DC4C6165FA01DCC81E354FB986A09E543488C61F746F6BD7449666DA0D2A267C70C22B52E79E8A5270045EBDBC36A06E6F7AEB85635E91998F2DEC2D8F9FCDD5C955EE34CF4D4E039D59B9171AF084A7E1537C42C8A82B6FEBF3A528165DC465259E1CF7668F33A8D3E03927983AC29B1D052D4E12918A9FFB56C803A10ACDA79F00EE70967776D285CB7A1CC4D99F96B54B2B33429EAE0BF84FC914C182FFE66796DE6F06320B68B398DD92D757B80B4292141D6ABAD1A62394E0E5B71DE09588778741559E37A4FFC2780FCA13284C4BA15E0CA6CBBE2925C448D9D0C8C07699F30CDECC811707B4314C94CC6C2EB1A80346CB4338906CC013B532249260119E518227EE8149A7EB04C349CF4BADA1FE48D38B33B52648B59DB2A85F88C46B61BC37A3245C2B87566231A5AE26D645124993E8CB3FE1604C8CFE35737A654A248DAA21A20760DA210FFCC343B316FEA913658ADD411AE53EA837DA8B2E79DC92CAC6B4986543F5255206B807B9FBE07B56B3E211E337D71EBC1EF53A5C5E51EF044384995C87E1DEEB1DB610EAAF1A1EA866BC8B2E9560C2CCF522333E699E91C92CB4C9A615B967D2D4E992B1A8170428151AD7847849D713B41AF5D44802BECFA50F7DBCA626C5F60C5E9BAAAC67109570175944384E65AA6B624A73034F1C4459624A3D826E97848A0339417AC185B4DF9144E9EF9B691080E20B9BE8452D4633D106E65146EA35F7B12A9105A986FB8B68E31B301F8DB3ABB804244DC01C76E52C4C6972DFACDA999D48AF3561E849B10F00D06916172F27A490BFEF1E8D0FF3CB21F013409A7C1F2CE475B62CC5A86E527BBF369FBCF605BA881401DF460E0EDE1347FB49BBCCD01A0E12D7D97C771F30768E8AEDA387E3AE6E01615EB00F34734AC6DD320C8D97DDBC8F71D64438213D17147B9A0E188BF1C09D1686809F383384BB7101DCA45137C07632D5BF488013EA2D7FBEC4B2538B491081F90C47DA522D919EBCB87D83D941D06832A51C3D51F3439ABD64DB94EF540B86F627AFAB8779E0A52DA8ADC5285CD427965E223F2ECFBEEF8E41540381DA43D8A754B68F78D644A020BBFD295836E854B785CBC0B781CEA596D12ED21B0423368DF51A4252B0E2C4E73BA50841E36B8712A31166C935A4E41F6BBDDC2FD215496F1778C57C233C45B721069A5316D152F98689AE2A9383C9E7453B463F22E21BC78940944D9DF3301136FD829EA11E33A17B22505A2E0A34833E88B28650F67332D244E99587D8A528F891B1AA55A0A54FBE434E8815BB466D0CD0E2663892A0571775D1E513785CDC9938913309B15088C4D90A94C670CA65264791909EA3ACD5EEB929012DF6961400A53E0893EDBE432B0C595FB9CDC288523E70271AF36696A1D2E78DB6D7D3887A17F7C02D277185E7DA1521B7A45BA29AFB235048A403D86DAA6F9289F1612C440263A239254C219E695C402C56011D8AA75C163493B9BD37264A7F452208422988220A1D4A075AEF58E86A778149CB17D094BBDD10A61F94362295EB0D543411DCC6E5FDEED7F400CDD5EBC1BF8F7058B9FDFA71200157A10051D7E1753F92C14C0AC15198D82D7CAAC166B684F719E5F99730CC881A62AAE7351D0DA0C0052EE2D4BCD6D1AE038D0EF496F9F453DE414DBD5207EC64B5591291373D401E13A6AA04C4FF71D46E6657A6E888B9F480B340B160477CE7637816174BB060AF9039409DCC68950C74143080CA9B3BCCECE0DF5FD9A2F42FFD515C82606B324C997F0DB44653A83084A7C4EDB0A2E9D7C8630F5ECEE75313CC5FFB722A9F4FC45FCBEF0CA06384C22C1BD468A5CE5469369A50882254F79A63600B6D17360A318BD243050255A1B05921192D6A69211C26C68AFBEB94FB8C9CF9BE2068A5B0C9507BD2EFF6285473FC6A81AB96002E75792270E39EBC1C0258A63863E7CC9E58D8BF24D1E45B76E2C311F0F7420AB3156C4E7D5326045D861C3C2A25E344E41E11C61254462436A2C1D352990A3DA220E41B23017ABD92FD0C414C08C7C0F9754476D771EF6D542D09A61D025C34540BB18F143E80FCD41EA4A2B21E626E11AC84D1DFFCFA69DF901711FE916EEC4F8F0D131B7762F037BCCCB5DD818CF3292A17EBB0A83B02E8BE29827CB97C68025B6E36767762A854A334D07D46684A530332240BE0BA2B44F48FBDE026D1FD33D22650A2DA2331CAF89E4604A6ED8E262E31E23955D6660DDD5C028E841599E56210008F93D18EA746A8B0964037958B3F4CAB95CAE5201F664A68D2FBBFF221000AAFA138D8758FADD641ADD4931C261E218C7947BD7E79E7365E056BEF562A66299DFD2217C68F22568E8E64BBC228601E8D9915EEE3272E31DDB00F156539CC2C8964600608EC3D87CA3248EBB2CB5AE59C05C1294C22E5E2A22282BD7BC71AAEC0DE44D9FBF542A5B15429A95B6A1FA6EC76E171449EB682795F89D326227B05201652B89162C3035A368BF32DBEC955CD854DEED3E74B313ACA18508EBF16C8562A9E6CA624E1134589C3849B2E35AE1C569E736D7B6F11FF136AA6E61534D6EB96866139E7967102A095D4D9FA0B89817A156DAE43671818759A159BA1D3D894A7C9640091BF18B15B3419B0410A00ECBF11E70015AF7A3E0284547091BCFD92275FB2878FF78ABA5952741FE5EF76DCB5986B403945E9BBE3D681415F6FB106B684A88BBBE0E8311C1DBE95236846427F20583CE4F50C1E40750E074036EA7883184A4B1BF1C480141A082F62C112771B3C33517F2CD20B5E869F1D996BD7F62013F29BF8FD8C6A0324E1ED064D9B207D6A8434B104F4335806092B80EDF84D4A39B4173183A86317B77B0D1D13927251185A91896CC313775D466CCDF52250A6D36EDFB97419225F544BF0F0F179FD0E0EAACBF5DD87B76A31603BE31627EB12EF466EACAD5B3BDE7385F6AE1C4390D6248EB03A689DF78D4D63B53BCEE6117139ADF8AE3AD2249FD181F6554003999BC98F571B0B39930BAD526C1C0F1AF3F358B4F1228FF03FA69A8262C4AEA024B3E4984FC3DF5CA639410A70947216B0A82476E8BF4ADF0A52F18EBC0F79000B0854479349D5ADF2276C3FFDDB86B907D9A3E6F202CAE8178E20B656EA1B5FD4B686D6D4F9A5F106341A0CFB85FBFF11C1F285CE0C9C7C33322B28103406469689CA2AF8CF68D1F6226C08EA72F6813BD8D8A8B3FEED6D1CEE51CE8807781A4CA7125B8857A520FD126B663081642EA95E8CA9D76D1D2052CB60AB54C6CB9DA1C0AC094A46E1ECABD8AC28B4C93E76DFDA534975F36529BCB1B1827AEEC5F55C82CA9645AD172298FC2C1BFC38AA1066B2EE6AB32132058F34C5F17F66D0CE4863FE636EA2EF032C9B77696E37F1261C80E3AC7C7633393C68B29E809000A2C266A51FCF085B24DC4F55ED477A8878904D080E55471AB3CFA53E5730EE3AE85E52EEC2235BDA6267A18684FC1309F11C5E60FFCCD739107A649F2D760A4496E289CE4BE12A5AF1C16F53B4F88388447E13EE2B789E31F1DE44572A01A187F0D8A1D9FB3F4EB2A0938CFEEED42618AB5FC161AF9A89E54C476D24E30D6046864A3BE2829BDE851DDC11CCD255D5D961F3DDD1B8887D7D5642D2C787E9343B494A691E9474E86BA7D14A1B77DEBD1F6871960F48C42691789E718D69A58C94503ADE097B7C35AD8A44B1ECC51F60D4BC5FB08D5955C83B34FB8D90A2E2306791F7EE9FE820F204005746A79F6B34F33BB0D01AF35EDAB77BC3CAB56B3612F34574CCD94A9AFAFC6F12EFFD2B4BB5C3A540A052ABAFB5A58EB4A061BB575345A8546E1EB2E94AEA8569883A674206C6E3F370400D40E6A2582785FC2A62865FB96CC9F5588452D6210B0286F3C5B80DD613D8EBB934A53910F90AC21091B340243CBA168E42C481BC0E8A72414C9DE279581AFF1CE44BA05E7C04A8F0EBC9B1AC4539D2FBE519186173B0B8CAA9CFB39E75A9C3E172961CBD68D2ACAA37FD9FB238947CF34E220C06BCA10EABA0718B4EA77AC24E94985E7941A787108134F2AEB8596482671540E3C03A51F68F0CA1757E64F2F8159B285061C9BA19CF22B6D0C6E455D146824F3100B69E1914E4448200C330C05930D1F5457A34CE4EB08D0BCD5F1445455E259337E2E30920342009AF94E63B6ED85D399524EF3149C10F5C5A086F9FC26F2A9B273FC5915E73CF4A628BFD4513C7983024410EFF8A30C3380F2E50AAC7821F11DE55F9A3B2C81BD0F2CBBAD36E2B9C45FB28260CB8663A953C4E766918F1AFF791DBFA682E2786BF33F4CB170922E43200274A45D57E4F1FE8A2FC2ACD5591C903D4E0C8874700984F0B8D196568133E60BA5A3C4B1A4C688CF7184ED4E9C078E2B14A576842933F12B5779D606ECC64FCE28262AF818E70DD813CB32D9CFECAE0E4E62696E5C300459D1D71B3F39500097EA25A81FD840CB6BE80EB5AA72C8F04164221E77A12DDFCB980489E73D82D6F1C2024FD39AA14FF870E4CD3C8F2CEF2D1DB745AAC14E80B1DF21D7640872706511A39F300BDE1C215C3C4C040E00F579E852E3AD6D79A7CEDD8DF5C9F11FC0C459A3CDD0206EF21459767D98B558783F9880932FAB544B89BC844EABEE7C94308DE1334DCA8A2964812B76EFF74C44172B0665AD790CB8EF74A8A080E9C728BE030115CB39ACE40E44FEC1A95025C46937C7BB67013E4FD84B569EDEB29BF4028C7685C181229E5ADC18E72C2AF605043B42425CBB0A546E92B4F347115DDBF28BEDA859D46550B4F8531C873F960DA53B590AC354FAC61B124EA0880E4D728EA1DC61A7360DDB38EA0D08AC7A0063FF988065A66A709E03110812F8040B713AF9656D4C5B34460C2181772B1D7A57E188DD40ED6598E741B14B70B9EB14B6160DDF3C7B00A57B5B092405A4BC98C99EF51D22D06CAED110C7E8F09329793CCCC913CECA91E73EB605C08066D5E05FC5692B291BCB3B700C6310F2374DC515125E6B884D5167CD87F1A244C37CCF7BFB8F4BA23A516284B396EAB7E533E19F77FFF8C62684906637BB770B2001E786B2001CE07241A3A079319AAFB635120A7C029D3C70109B6DB7F9AB61E00DA79EE8EF06EF056F3628317E571C254F99078E09305854D6721E406926DA57994BB0FA93EB23D00D0EB1860FD33550DD43FC7F967850621691B313C799B1C196CDF53D5A65EF497133F589C3C96322843EE1404EFDF86609B764B9DD34064F6D2EECAE7697E75B004BD11079577D614A89B16E1AD58E010672BF8C2BC227AD9F1FC3F2B05243F0DB236F08804A42F63F663404772F85FC695591E69AA6019CD6B31024CC1C4264391E0C9D08EC4E896B59F6FA181FF6F477911E4C10EC6353C7131744E09842B0B9401DD2C5B89655339303A79C425C8C13547B9A29441119F682801DD11FA26AFDA02858A6F6421472C3200894060C9D671C4B7034A149E8C873E79B0800CE347B83E93EB5A42CF433488B16416819CBEBA38919B80A91968FCD32A00859D50D96F8F63651444BF0600E368C6B1870BAFFC845D8E4E59729A60995FF74805CE47D7A1EA847C174C1C130F20B18290C9C4CE8764D66DABF4FFA83D2F979ED313474B5934D22125E847147F65A76D106CE89225AD2975582CBC4C1DB1108EC59964CE839560FB924D7722D5F177AD6C37A3F116520127C88905F2994F70DB17A5EFF068F45CC3362F467191FFE4A42129A6404FDF61C73278DF985388FA20265B01EC5890405CFE6AED7748FB68226FB6247B3E989028DA71690B1F7211EAD7C1A5B5EE2915121D145CF2B3F2132D49547FAF752A157434C3DB8F69386B55F4354743C093EB7B996C4EC3B4E046158D7C937321178864499FFF8C890C286239E51F480DA10F0DD0F38CA84D4DFBCE2394F981AF92C93ECF3AAEE468E0E4D3A0EA1A33DF4EB95112A9482FF323204A9C230D9DAE43E18A6D0F290FC174E93EBCA3D3DE2CDC14DE43001106CC04783BEF86A45BD596C7138686E4C09233B78E19F7193F3135F49BC89E43386F2C1DB34215FB6918C9DDA989A760101BBD2E010DFBD4AC20FE04F676F46CF4255236F52108812D97D3CC64AC48B4DEB7BE327F61AAA4D52C6AC2BCCFB2ED8A894F7523C7F2F84887D0A310C9A57824831B6E09A31037F093081E97A4401FA23221B415F7B2853832A861AC5692B2921BD4A829D8C46176CB0D9AFA4E2A613B6ABEF0C421562D74AB6B7EC530C4CAF36F4AC70D4A6BC48C998D830E6AA167AA9E92A8975968FADEE4A8431556FEFA5CD8216005A225605B24DC095568166BB728401AD5418C062F81F83B6EEA6AD9DA335DC07B84CAA1C75525108640A1CF2A27DE5DCACC1741E7A627AD640A18B8783CE7E371C23968A8205AC7EFC4A6844DFED2A8FE126266A41E67494887EABAF60C3FC744C2FCFE09239FCFE91A6C034CC1FA5240858BB0174736387BE896EDFC6606FA39ADA03E886E5F660F9BA3688C07ECEB02D0944910DEB1B5ED6C65699E8DF4C973F2E0131D28AC2B9DCA39D10A7DB6050FC4C2111C41EF1967382EEFAE507E88553E2DB6AB50358600AD0FE8A0A4B00C81117CEFA33F93AC918DB4F758BD8B59F05265CE533B9FC67316C739922DB96783745F531A663DF80C703F5CE7C34AD57165583E219693291058AFD0C1EBC180E89F7A47E5B15CE41E1A70D6D43D2F6B60DD7605EB50C7E3AFF67CA9BD348D9790291F5C4D30D0DA8DE07FE303C576A5B39A39E55C615F83348DACA47264CDF4136037569D2CF0484E52C461AC8D22E7F91250B9B306ACE71DED5637263955538D04AC316123807C9286ABBD14538223CF2A446ED8110615280F015EB0330C3E9AA77DD7C11938F434CE346943E06913AE4CE6CE112B4F6DD95124F4233BD27E897C05C441A6F36DB3B565212FC1A8E9771C968E826CC1B9E6AA4AF5F3ACCBF6518B38FF4026FD247158505CC109F60CC4D4DFEDB0E9B885309B5DB3F48CA00128EEB4CCBB8AFA45758CAE49122DC109DFB171F4A85D40460BCFCBA5A9487196420DC858EDA59E30C52F2883A5DA570099CF4C225DA6500D869AE955BE49FA22C62AE7C710974F1236F59AC43222114F9AD6E6E9945309FEC819D23E146D8F643C61BA50291C6701920DE883970502641CED2F342D13E059A5061F1DD117961AA5ADBB190AD4BD5781D2AF9992CF3A09E52FD2E867FB180665C0A059637328B9FE2F4560216034104E1BB00E5C82C46B274291C0EA50320214BC228398C27AD8F8C82D746083A04F934E4DC2C0B7070710803C1F9B9084CA91ACDF2DC0A34B53EF39143E88835A104487CEAF380A7C00DACE48A3728D2048438FD3EC255D68A566DA4180490A3CCD5788603CDD559606EC5EFB8861CC1CDC5BA49301BD5163498B37DA0CFD8A8E585380F7237A319AD7F1EA1C32BD49C561451A17EDFA47485BE0BE077725C9560A0C262A8B534A9716483123BA790CDD9094BEFCEAEB7C093E571198796C4A21517523B2D091E2FCF42AD241ACA64D980CA44FDA91098E0F688E3A081706D43D460CE9403236AED42BB55DF1D5672DE8871CCE42464920E98D316F7F4FDBF930A1F0D828127B1931965B499257A8E8533C6CA30CCF312EC468E0A70004A45B073A163A3B943159552D6DEC090C822BC8093A467C7831818D6FB5CACA20347AF117E79F555348EAA278F1493AD684C973AE1B5B1DD1BEB92A771890E43E078F08300BE9B3394B18B1CAA976A034830C43679C3D831C416DF4C3334A9EA6253630131451AC729609BB45AF9AD6FF27E570EA438E33787F29040AFD12A7B1C770FC39A9274B3605419B4A641FB61AD1442B223C8A7C58980BAF33864C87B1C41E25200D880B4D26CAB5BCB3B5460A6940A222986672CF947B473CAF496386F510EBC49532C8993F2856DF67FF8205E3C0F9104D997906D24CEC47FF9339760C4AD1191D192F145188E4683F8B41C7E7A43BB118B44384622F2281C6C0CF74B849A673357A768D524C0D5C57681230B8B681FEB2C027DCCDA83ED450E7B6726436BE85BB645B16FD8DE7D67FE20ECC380AC5459F878AA0E8D418527882EA23F6431941367CF8BA6F9E763CFFDD811BFC4F7C5D4FE2CC8F7E31A172B1503F0B1DFC4271CEB480983E6B1E42F36539D1E6AFCF646890AC4924063565EAA55ACFFD9ED231A68BC0CC1E198C05C4B3A98E8612DA8740E09F92D488EC9201D4EE6DB698437A8AD8D393645AC72B20270FCE1C139984E4D790387BC7AB8F8960ACD6A6A79D07102DEE1488124CB28B382AC997FCACE34785E95768BA9273D7B8F4A1BFD64B76049464656D7C3467CA9441F99AF5E8DAA0B0DD66F2C8EB2BE46FDA405EC84C9B013F7063C38920083B1B54A183A313B3DD1AFB62DA777F180EDED072209104C0238C12FCB0A0FCB45CC7179FCC7B9516FC787BD0A8B235BA225C7EB8DF92BD14D2E1880AFD08C68FA9E43462F2E8465E8299C25F0ED4C9457E0C42BEA4F13465A0922A8C3BF445CA8DEBC442F6FF8142AC2D2F192152F97B0E79C44A4A42B57C23152693A31EF631286FAA44E51729A28D63784CC425DD30B5FA97781D575FA125C16DB0CAAC298C6E9DC57F38DF5BE47C26102D326A64CAB4C0932F9B909A3C3EF473CBEA1FAEA6BF97DC7EC0F1AAB05F855E8DC4CADD0B9473416BA30D0D52CBA5D45778DEC65172CC0782FA328FE58007529EAA28AD270F69117C062CE48636DD7F8B56012E626033FC0928BD4E016E5905D22E34ED7B0FB5622B1B0889F1033F3939A18B15F79FFF981A8AC831AB36C70685A641F759B6663B1F1E7A25119B6BFA2696B5109D0F82E2C685F51148CF94D6C993BE07872BC40E0538C74F7C0DC9C32CF6F9D887DBFF48168DF7EEC618484894850734BE482D7AE8AC92E5989943489523E1AAF9A8055D1509CDB3409EC497A472E51DCC8417818768A8CB2C2AB08334FB2BD14A8AB091BA153AFE1EDD671C14ADC068A31980D1D66097C2AFF335C68097EAF985892CBB52B9CE86C9A09A0D839F2904BD9FECCB2C7AF44041634B014CE0013520E84E63EEDA9BACD8D562031B9696C285CB5E9B644263F1A0F5553B0BEBAF708577ED5ADCA02C235B1E1D1168249D14AB0C9744DEAF03A4E15880837C13BB9D5344EC101434835A21AB034529FC496A4838FCCDE9D48501DBD9A3BC1868B80207EDEE6B67A883324A243B9314480C1F5F9096A5B147B87C4672914C2FF585DE510A194F730B33308BDB063DCD924FD4207083FF23C19739332632F899E0818F68960712EC0B41DDD220706F9A16B0757E6B6C759BCF54A9F42A3C212AEB60FA3881E6D26CCD92912F2F877C5FACE9640A6EF1DF1BB453CA111965B75E479CEA035D963EC59062B871834F8448593AA5B0951BFC927B495CFA796F11079C0047F3DE6823DA6E2C01414E0B55C3E949734678E6116A91F0C9B181251D18B02F515D07AAF37709A6308AEC77829D0411020C3BC10278499E947F8EC8EEA659CF1A5618208B01C2DE8ACF88C6AE4F45669FF6A541CE73132D8F87DA60A4C99AC33189CB9532E77A0B0027D11F2C3D709F972FB82E552F1C70B1CDD683BE63746DBDE3E82E27A91940FA80528CFE358741896361D783D92B110936397085CE25198E4C0EDDAEF80DD80FBC2B4D45F77C763BEFADB2FDD37E6258C2ADDB563D716F8CAE3D7352C863AC96AF178642E3C0115FC515D8397212BC4ACA838A01ED3448AB7524A611937437A73863B8407DE0C925D291F227C3ECD98169FE7A7A00A89A8477B083E0BA548B5D81AF84EF7A0F58E571C305D26A0D1A9B175AA9A0BC00C6DEA795A42E3046BDF4B26C89B3BA4402E983B6FACE5B0067460EA8E12494EAE0A34C5642902695815AC8DA4A5DD7D4C023CE3F32231B6B743CA9DFFB34E5814B99350A5028C0E012754FFA7F8EC955201091C41268E88860A26075138CFB8398F540746ECB74FB8F45233A7BA9398B36B372C7B5E4C60D5006B21A0BEF8D443C66CE4398F31A2150FA53ACD8B91E2A5B1A71C3108B849F4EBA1B2018DCCB7A041CAD0492A5B2B7D31509C411FA6D424CC248B80412423EDB3BE697C016D42C2500CAC819A4003B2E588020EF0EF8E8F7B0A432060881C81055FA2F573F1DD0A3030327869F704FC1795C6B9B4F9038AAF1771A0F83962D6BF12340B8DB0E49B8086A6051BB1EE112C0534229043ABCA1262877BC858AD98936D71D1004EB193244201DB0D014947141D0C42A1696283B02E5D23722696B1D092220874543405356BAC809B34E50EF1614202F48A3F78A82D8A885792CAA4B77F9CF09BF3715D0A25C1C604CC5266BBB1405EFDBEB4F21D80E9F2716B652763A2E87E854E174BEBC2D52C610B8B707D8419E01211440B86A9F2625E6C0FEB16D2ECF45843867132BDA4C3433F8BD6269FAAEFD21E5B101472700FA6DBB5D28E9B0F7936BDD220C036F04159DD3888C4BC8F017FF020183B8DB45822F3303E3DE3188DC6351D6BAF425AD15D47CC3095ACC6B747015A821AAF5DD10407DEB3337CCB403C0E94133994E989F785A642CB90794E91B8F36BC520FD74BC727582649AA698BE7F640982F17FE1C64CF07E51D1E307B16C8765D9596DBEFE0A1E3EC39234BADFA6D58214A91FA01900DE41BA8E22BB49456E61700D0A38D97C4E7C4A23A574866D481A9C606FC83A2D117932B73B2B541A1527DB1DDCD52B6ABEB81A8BC52C4D9CAC3081804264CCF66F775E0258510DC4045CB802CC8A111FD18EBDC79F661B929E33E347AD48562FA5579BB35D694C759EE500645842718DC91A2B9FEB4D72F4624BDB4D5EB5E02529F3E03F51917503FE008B585D03DB4BC1BF29F6590DC37DA1F445A282E44A3C3836708E3014D5516852E1276A2815895639D31DC3F95C22969FCCD643182F83EA2607BDA84B2E84252B7004839C1C2B5AF1803319A2CF87458726E748AB78B35D12C15FBC0BC84ECF20EB85098508307210AF120B4E1B4ECA176FC605FC13FDD73486D00A9FC6996DCDE6139C10DDF4DC868E79215D588B35100D03044AF5838538B093A6E78B5070EFEA4038397708AEB21DE1B81872947196E24B9280B4387D1F03DE22E21309C58C3E108A4E5E4D408DE170494304325388721724E8C5251C233869F80F6E7A9692720DF0C3C5C8B8C21D5CD177E9F47F722D96819C98785B1CAFB87EA6B0269F6B3641209523E643CD045F31A980DD2323BADA84E14FE9289F48617B95D0ACBAE4C6083EC9F5C092013D32658DD482039ACE8CBE64557C9BC742D29E0531F6FAC091738772836DB264852FDF89788513F2F5D6378D5CFAA62BA68F7A119981BE1C014886C0644DD2F28E469E3395DCAE1D4563122A4D2B2B0ED14A35C66873970A1DEEEFECA97BE750C08C514D05520DD7C89F5C588068FBF21229A6F86ADBC0AC79272E102C4055EEF9590CA0FC907D44C2466F3E075DED383772A1E894C244E2AEAED44766B9C910EBB858B169C8C8B70621156D0EC12833566E0C8E7441FA68918D6C91A0471A0C8D6E99299DDC6CE636ED2A0698898AC65DE14C04D505EE658FCCB3AD4346B1CEEED208940EF0EE2F3A1719BD6F0C8DF1F91756C47FA5843CA3351DD12509670605CE2394EDC2A19071C89CE827991DDEC83631422487B3AFA34876F1C0424B34753CEC2E82B76D02CF73828014DA48885CD6098707728C75B1C3FE23EB47633CB724C098D937176C07FBAF6C4909945BDDD62D068D70D54B2DE5C2474923042C7B4C32C8FC63A2BA2D41453154"), Hex.decode("CA09DF7F89B9B339C8D506B4E0E73FF145F5F87FE26354532E7EED21C6FE3355A737BFA0264CF661B9CE14128695D598254BAF3EC5C44273B375B70FE7E6457358C2459C1C19D589DFCD9895498E28A94D7BCEB9EB4C1CD113012AA3719165B7CD0507DCEB55F284CE537E82F60C0F83834833D02B6D825DA2AF1BCC6007B13F4F3666F02248A83843DE6ABAC5CC4A68608C261AE7CF5D8809956C9EA249AB005D0571D7399F7E51E5C730A15AB556E87C08067EC122998E0B4EA0C7D51B681FC82A8640333401C37179007B3DF4648D221CF2601F0B4223619F7474682A2607AF01FC5E6D40BD78E10982EF070C16706093A2B408583277D42D76DCE0D2607695A48254E8533E48DDBEFA39AA25060FF3BDB9B234964DC82B662DEA346505375A42A1405A78F294D4402ECA92C725F243E2B9D0C2974C05D45BCA30B97072CED73B30837F13EC7FC0F80000D26DD73D5E90F707C60157A7CBEC0749DA50CA136D517D1445FCFE770711F172854881BA302EC27A960F2CAB2BDE5B0631D2CA040CCB2850E85A868E0217384A46F266141EB354413F08D1EECD054632846123B83C9C15A03D83D9446A6127273F943538D60B8D7E98C9A9703CA87605F3BAA03D8BE3049F05394059DE0141541F3F08C298D05B0C3030CC6984077D5CDF9AE9D42DB1FB342CBEBC411A53A51438984B3B4CE07B272FB6D2FF5680E0BB6325CB137A3F26A6C86E5715B3C3E41A84DE438A94754DB0A19A1D18CF587680FFA2C435454C148040DE321E13E31929B348810F95852E0B6855F8E31E227C71C1062C8C61EC404A1F4F2CF73EBF86E92050368794E2388F5C58D171251BE631CCE534FF0437675B630A2473AA239F1ECA4E641369E9C67382D41A5111BDE590202A2336CA8FDB8132767C0D59E3081586C665802899275448463FF284AC49205500ADE4E93F7040725399509BB692C8EA04A092311030594C51730517D3C96D79EF3014AC404595D70E764F83D5B871C8678C0819239D3D8D63B1E29515E4AC731CCD93421EE6FC3AE78F520F40DBEB6B74ABFBD4355923B9F66E2ECDC39832420D7C575B89C82F3679EED6460D6249AB4CE037E8C835F18406ACF8CAB6DA80333B1B8201E0AAD1B3C8DFD828D1CF50B60FA5672F7091ABA26A21996B27A0ADB819F1B03785C83D004F8E000D8FA81956A378DBBC03154F766D536B1EFE75BB1C3BE660209E5D1E4ED205DE0B856138B57451DFEB1592ABC9625D8352738D50A1D1BA0ECE4CB4854CC187C7F35467879294D66B95F022C1ACCE296CF76D780770EC9CEEC099111BEC60E6BCB031D45318156BD59AD2F05A0264282C167326E07ABBD40D924D8A3C314D586B5F4423C081EA3EB8F9D4F85240106C55074BF1B38D335FDAC2BBEDFC6F61F02DD6F5472DDAB4CB5F84C09E804C35E35AC9637428D7BBFC889D32E78E2E0174F792D66C2940FFF090108D26E2FAAE166A92538B761C1C8FBDF4882102C2F607ADF275C20943D16527BD748A83B04BB8FD5018C5C5DF0A985644CEEBE3C200741EE8A39BD6247C662D7C1A24B500F08BF11E8E460203BCA47406D48D82502A41DEF1DC7FC9295E193FAE94057244B0F786F7A24E454699432CFE2F3F7472C63FC21131C7B9F6DF8BCE2D930CE65FCA9014A732D7BDED658D1A6CC154D7D995A9B1CBCA84DF26A2B65B080E462D1799E85575413D61A38C260E25B69E9C3A039BEE3395FC1DAE10B2C158CDDF4319C347074D89B27848AA6B05A13ACD6C51187313FDA50882E6B83B30CFB2319B4F3B3F5AC3A95B0E8A5C9B85E60E79AB7483DAA8B4769C14B75E28923839BC9A50AC8B2D424624A9F3A1B531F0921330B7B9D97C839AD64B1D2F9DA93B3A8E1A2C9A72F0D647C8D2E5004164B18130C39F54678E73E22F716CFA467918E440A159A8514A40ED2F0DA6873B9952F5D25414D2B2F4C21FFF321EEC20AB81E24B106AC33C648E96AFF7F293B7A8D676E21CFFF481EEF83F61674398AA01669004B5F7F86E54A7AFA6301392BABACECB2C18E0D14039514F982FFA26E024B5927E6DDCCCED9FEDB07A3FABA8C6445D0D63099832B133089E79388D62EF391D6CC089A742662A5898D7314C901D71004ED6C6D85B4E4561AFB8AC3CA25B1179474CA69D0E7AD185D9F1A3D8D066F8399BECBA4D430906446C3622F920826437E642CEFD375783C7D5A2A31326C0634F2A88422C456065D8BB515D818FF1ECD30FFD6A377103E933C086BAA9A12C068302E281739709008E2CFE66186A0471501082D1417EED5D233301683D2939B3D4C8A92FD5C4C3B28182FED67CFDA6A0D61269E2E123457BF8E436F57224C7F8BF7B63718DAA975C0681DB31508AC84634FFD75E55ECF9EBF27A59BD3D06BB909077D16C1A8C82F6340301FBECA553183CD09D72C320B97F1EF43C96F7DCFE0076DDAFC532C6057EE06C16120AC0145CD02DFD64106AC7AFF4F555E0ECC0CB244A21919E8EC955C18D320BE0B336FCA69D3FCFEBE59CD11D23D048102CB13879DF6C1A325B97534C5C4720411D490458ED1C5C04342E25CA0C94C2ADD754F672F80FD2E3EE424F7891AB751F27259EA65889B92FFA7C04B24D4076166ABA495F969944E6C41A3815AFA860B1465BAAF4A0FB2E139D366980B47E9F72D723A00D4D26AF88248DA3494B939D70352131D3D994E2E988E25CFA3DA83A53CA9B4215CF894AE103770BD04A4C75CBB423829D82E959D29BF84E83C5280DA95E27B5EBB45767C5CBE425A6B431FBD9EE12D694AC45268E81C26716255162288A20622ECFAE30724329A136D714DEF2B8AF842831F3472BD071414EAF694A8524369E97FAE312ACA6498DF1834CE9D8F96D1265AA59EA68124C32F75CB8C1259DED4D7FD0F5212DA0B2828B74FFF17D4FE475D81A9BF87C5F539A934025C6E07D853C2DC58A4AF75461D94BB5C32FD4A98D37F1DC90418F3F1EA9220CF6807B505A503F628A8969751161254226A93F20E1D042748E873296C1492D1ED5FC9AB7A8EECAFF71F114A49C8C192971AAFDE226C93EA168065FB0F03703D3B24247DCC7293AD97C1710CCAEA9FBA6FAC896A8ED9449AA16A76FB53B20C0C80EBC53F109F6E37582ACB14C916068B288052CA8389F456401D84FB3117552969A693669526E62D48ADCF24B2BC60381BDC3B138B25E2832409800FF7AD3009DECA801F408C8B251EC39BB4DCE6179119563F6FB451E43F93A83DA917C81E5C77809243F212865AE369996D62660F3AB34BCEE7F6FD8D1A23B0A8318211D16F4AEBD258B70F3C7E2D8DC69F2B52CCA0B7EE70B10B6C2D910A62BDB02160582C0641043A84F9AE710DB30E718245111CE2DCB00B82B1DA1D29F5D059BCF062DBFCB5DA4674E14947E8138B127D2DD201C4859035E4E92FE7B7717E971E3801827B7436E7FBC790791A2010A8232BA0BF3129B9C54BE3DE5DE4DA1D4CF6347D8287671C65E91E5BD86C5E69AC636C25511F6226DB92A5B6E92272E3342D3B605E2BAEA289121B14B19A4DF74D4941B24DBA840330BFFEF87F906BEC30A48AE50C9721CABDD5F12ADAA1D33A0391D7FE225BD111FC4A85447248C6033D9B531CB387FA3B29C70A4314F0C88DFD8070529BA8A52033B4379ADA6E37263D6301CADD83A9900ED804A628D98772577DCD8D8BFCFA64814983F96A90F9536E68BC05869EF1A1F99FC90EAE48E55066AEEEF9CB156142007037BADEF631DF535340188F5F2E7A415EB79889E6283256F4223FCC58D484D75F987EE3BF546C6070053C66D779C0F210925E30A152E80B19ED8FBBFDDE55801CA44E435481E27C5E04F27C57DC147E026290510BC09331B0EDFFFDBCD2A66AD13898E223818F4806196DA24F9B91AFC4E9B571581E0002DD6BF91331F3A640952ECE5DD244FE1474838595D8308B22DB80D560F4E37D3954859C074456446851D91E9E99E53FE2C3D9D0BF95A36C882092C40060AD0884D17295F7D454397B515FEBAB538C3BDA2BC4C1F93A0CCAF2C77E400347A6A31A1DBCEB24F008318957CE9D399E4ADD2A5844D2FCCDEA92D5CD3789F624AB34F2A387D600BACD5443AA18DEBF5096228F6F249C6632676ABD554875E7C3E8DCCC89F00B16343E164BF643825FC40DCBFD909A188B93985951D3D281441202D3D75C27CBAB4D20A5CCA82403FD5A4AD92ECE876177CD2C7B140A479BD55E9066BE4BF1AC453AD389C3311DC40311C590241B6B612BCEDF7987B8CFD11D65D3F249C9D7C638445C6092243099681F502303AA7766C7D1314F575BDDB3F388AEBDE83A6C1514F4C881C3698AC89BDA978BB9B04637BE90F1867F7126CF5EB458F681016556BC551514BC8B90ECF78DCB2914BBC40A925D2401A07AA6D1AE6085D710106B6433A1CD1A34C4CB1A752CBA1536E5C30279E7775DCA27ABC86EF7A26067C801631AD6BFD286AECCFBAB22532F51EF33ACA53FF8F80AB55CE2C0502F798FE4E727BCCD8B99364DA5417E24836F97B98EF05878C9CAD1CCB42A1443023173FD11EA32C5570F031686AC51C0FB9259336892E863EFBD7AE5691C69046CA1A6B11D7D16D528A89864258131F85F0C0A9F51F07DC3A8FC3ADE3B817D2DB1769745E4E59FD5AA1DC7F1C6422C7A51C23846DD21429AC07DB6769923B4650F9DCD06D25DC524912DA42567BFCFB1A9A0EA98BA0526C6BE7FCBC86CED7CBCAC9AB6CFC261675187DE67B3950861F58E47E0742D8F5CF35CCEE41622D0584F89F0C829F8191A2D33D68A64F518E2F50D44BD616D721DEC74E6597AAB4002FC87DBD9679014F9A887715CB2515559FD80946B41A4D27490AB25560E4A1FADA6834CF2D543EB9DE5378D07842BB8450104D39342E21B522E3A0FAAFC9D0771AC27B1706AF93B13C8AEBCC8D46EF5392760967A3B31E4900D5A4CB080B793558A56C1F1C4CDC41FEB54E85FA8444C7DCD7C364D8411EA0ABBCAEC8FC06EA482B59987226B025B6B455C31A1FDA8F6BCC1F00E5D2E9B605B330EA0A407B58AC110DCF1E7476A9DF332752EC63D50DAC7B4380D1ED52F080B060F79F2F145D318E9A09BA567B9863C23D943D58B3EE7B2A07D80402D11F1FB0B4CFEA9170AB3430AF016E08DA6A1AE4DE84E0BEF97C43FA2FDAA6EF9336E8F7D18D7DD0B953D832BE2C4FC05498BD8EFF0BDA01B065A0D0CE54E6C580031A79F19C1536BB261E43028AD8A0A4D4AADA0D5E7C498960289F462672AE9AE4C2A11973D0DC5A66F628BCCBC580D0D507874D01A68BC2720F82847FAD98E5BC13444663B246F5C269146F64A0F4FD6FC1F4AB9105C19A92566F8F341410C7788164A97D8ABF531C2860DB9004950BE0A92EE7E5D7B88D20183479419B5B2520AEE1EDDC951A4E6D4290BA2387A003609E5C826C470EE476F9D0109826F16415B0B746D87D093A006022A6F38E4EFC21548DFE5030C7BB45248067F5F9904A8FB874725D5BB4137D2E427C170845CC2C8DB4F20FB0A6BBF368AA9C4F206FEC9A4A567E65060DC133DCEE08DFC67656EB917BBBF1CFDBD1F315D71A75E8754A4AA9AB6D35BC618CFFB2DF03E796CC00D687CA807BB974CB1B298F1D31ED2FFE0D273460BF10BC99FDFF602C619E6A42EC55817C0CE483598EBFD917DD06451E96466DFA089D67EE1157F2C9D7C409EE5B50C048DE8BD31F0F297774B226661645719A8B8045EB2912820780A49A7C5EC24CAB39A218FF6C74576C5810B1788417CA180552BDDD82F2ADC38CF91192E2F268EF78827DA8A5754A6AC6D2F860EAA20A863E54694DB6C27D2DB37CAB532319F64804A5CA5C311A26BE6699830AE8B4B2DD67980CE9B51D828F6B1887B81681014C9874C50E043F2E0A8D7D36B914A6EAC8E0DD581384CD66E87A43760C838896AF808C33122356AB7C0680249EAD3A291C90883EDD4BA914DEE43DF13E1A70844C08326882A818CA5BD068C58AC34BA919D25EDCE6211866772FCEC1B985D651BD472DDAE6B03A6A9E0BA00DDB3FA2D62B07B82E05A3A7A7933CF0FB8EC22399B3EC77849B8D53BD7781971352EC1359951E8D4FD06244BBC2C6EA645BC37C491DE1C2EFCB1A88D903960EFA4C461CA21B4059164012537260B060652BD9ACC36D0223D575866530A9FD7DE11DCF18FE44BB84C0C6205D77196F349DC914736AB83CB87506989F83A627F3DE150523C1BEEFD9528489017C023B6738516692CE73CB32E13AA3B902DD2D0A7908760D12D6B170E3D04048ADCD8B8DF55FD18082F911F87E93113E1A66611F176AA53DC6EA272D6B76115AA6E210B9F1C23EB8E06EE521A3806917D584ED58CAA992C340660725EABA1DEA69C5AB8F05395B7B0BA8F414BC63E6FD42AF6AAF2A5CBC0AB15D57E7211E02A8344056E53A665F20EB760237A5CFF3547F84F4098936C4C05BAAAA6B6D7D64F07F9A047CE77E5B2E6234ACD3279386C6FDD5233141F8A799D62DA14D03869C6DCEF12883DA4A846FA286C8D5B09522619FA037D88EC559101C42A3B4379142EA7520513A51ACC3EB818C00450CB7F485E4FF855A9224FA37A89177C09DE1246FE245C366F4A96513C2E8A1CD77C4DE2F6422FE7204C4E501EF7273A1192AD5B2E6D974C472562BE666BF1261CB15CE9F9E24709AEB55A96FD838FD041F1274554046222BAE29F29666D3FEB06145BD3481A1B82B65D3FEF880491F39C21EBB2C03C70648ABFA376749E9FB3BC3997CF4A7F94932F37D35BEE18597C85A223A45D1A3D3A426D0D7060CC412483495EC11A0535DF8D8A6B92DAE50FB18E37848364E6D97E2D4B7CC63BBF3CFA62AB2E32321016A48B8193E82A2D3984ED573CADFFB90CB8357D85F6220E99EB60063A84B3E3841A34FF102075F90672A3AB1055D016DB70557AD7FD0D02DAC7D6794625010E685FA19F2334AF6F660473D066E280359DD5D2AC4080CE28D228066BA663A8040FDF8E72AD16ACB7661C993813E5AA016131BFAAA80437E04167E6759F93C453D64A0EF4DDA10057FB60D522F059A994E679027037BEC7F60DB81281007CFA16176569A663413265B7C308E04192E9D87E48D8C15259BC288672969A94AA2954E2D210AAE043E02C030A11E96C9D0983B2ECF3BEDECE727F834615731C26D5F187AE0423F5B34408288876254129112778DC998B713490346C955AC0E0CC86D52423A8C552E815902E686E28FA466190B2FE042A23835A45B3045CF300AB66DF4A0615C93164EBA72FF460EBC6A728A7B304E6719C719FB18410D3DEDAA751C02FF06FE18E8C26485580ABE81784D3C73CE72F734ED688EDAE3A06D8529FCF7900C029FB0AE926A601FF3739FE6EC7C5891D32F91DBF47985004A766B3C93611DCCC47D3E6F435EE0D21BBC0281D4D273172B3952617E24AC292037D6047982A6BDD0BCED4653CF5E07F7662A250107AD9EDFF0396913048030F87ECAF23310B9A83E01A46EC9CDD028CAEBB3DA078553C3FB3C61F7D41ADB0AA0B890447A0C07BF9FEB04DBC5C7162A036007D5C8E3199B21AC6498DDCB5760292783B0C8FF3D88431ADF9ADB23209197B5A1460F7BE09826EF91D1B6A6F011BF52CAAEF9AD34488C0594A3A4EB34CF41527EF56DCA2EAB729518984A1E30FA5296759F08EC6DEBDBF5D1ADC02C6DAF13B2D69020ABE3419DFB38FA3A9A8F7782A30F980B09BB1242DF82413B2FFF6640126088E213C9F8C3C2A6EC4DB005907AB48D1DF60382C61A14683A5030D2F81A89CBA572EECCCF26976EF2D61BED698F127392E71C5CA93C0C61217E92ED22FB1870E425100E46EB34B06819DFA694AECBD922A0187853C8BF33BC07EC68CCE254D4F6B5918A0297F6DF27C62313B4C67878C91A0410AA1B6142C0BB263AF02FF80BF4154BF14CC29C5ADF9BEC2A205031148B634B8D65E688D3C4431529C03B91784C7EAD5ECF020842A47F327142AACBB901586BC571BA17F2BDEE218C53A9E58333033182A667273AEC10D1CF900858DCC504694459D0840528C2F52FF2D0C080DE481B0B169696E3B36866E50CDDEB398B63989382DC2734E032179F2084FEDDE0CDAF2837E8C11444C1470DF1E054CDA96DE7971AFFB6A1E8B34D84F4408BDC7E932F5A2C63214891E0C16CBF8C20C145D18371B1DC6A339FD19116EB884AEDA668D8EE2CB85F68CD0B9488E24C06C75F53A6D9BFDBC71C8BB17E1202EEB10B7D3AA7F9AAF31457DD4981426D21E91DD76CEB24EA982E68A12F77850297B0592C9287996834958C2560BAEA0F3BB8E76BBB1224FDED7AF1D4A6ED880BD95F128F32BD392B3FD343D58E8C5BCC9B1424BBDBEAE26A2120AD759136DA7F28381B9F84CC902C4BA639294255F6344483CE34B37FDEEC50544A1D26184E76D05A6B0FCE9606870FD32E0E2619C7D6E280DED92194A60D5E7CCD7487E0602BABB62FE3A4EF15846B7683E7F0D262AC233C735ED78DE58194D288435700A78661B753ED26054DF4FEEE0923EEE786E5F6FA1A6666697D33436A4E9A3054CC82ACF0BD2FCF903464A2389C87A67D669538696E658D1CE6DDCA9AEE1131AFCA2DB21376D43E382A4B9810C454E1B613ECB972B9BD60FF35AE698B653864DFBE219E9205FFABA6700B514F41936440D926B3D1DD2AD696E8E86107AF6663A43FB4F199E5F271ED3F6759C54FAF4843B9EA3F0814C7301C77995A43DE6793E15027DF52FD7EAF2AF3811667430E52451F56DDF85BF290F8811D586A3184836217DFFBD78CE485E72D209AE267BB4952DF8D301A55A6BB1368FC522A398D35B59FECCA5F89C0635D83E6730990983D47AC6AB7E7DA85F57599C3C69F85DFF280BCCB38C2F515AA60957ECBB2F2010958C234ABE4CC7D755A82B017BDC2BAC5FCAFA7C9D392CD32769641DBC5D8C8CC3E376C66991A0CCB4B440015B3084665163C4876F488224AB6E8E0B2C215C541084A4A15CD774FD71F110121570E8C05A06064F8FDD1442BC841A78D6FD42B3D398EF2470231BBC717619E01144E51952F8F1EC605DF00F6D98D5F18C1D26E0271BD9D51CB27C09F99CB749286A46DA3DA77F3645D181DD9E24D3DCD01FC0BE2347E588A4042A49526BF89ECDB3B6A1DB48760C03B6362F42852FD49AA903840F557EA0FF6920C678F1AD06BD5C8E7BBC1343673FBA164218E09720F453E54273DD42BE2B20DE1870C7BB6312F833F76F2C5F2250414A5F3554AD28548F29C4273AE67830B361ED8ACAD7A4E13C7C832DA0958A9178BAFB4A40017CEB4E9697F8B0C055904D1DAFB539D48DE75A3D2BDA6B7E00510968CD9C5F4B290E25C79E46BB9562C5999B4762B053660FCE627FC6E92CB6288C529A72938EF591413371E263D8D71949F64C3001BC323F8F03F2834E34FE4CDD96E61305ED478CF278D3598E07960B6B749C34C22F5875FC0F5BB93EBB3A157EE54200C2360F08A03196FEFCD8471360384F32314E2F90CBBF887BD63C444A097A04F9679E373E9A6A0FE0FC730E471483485891261A1579A54B76BC8165E243E4CB7377DF346237CB311D6E1758F4BFA3FE6A0FF05D3B82BA44BDCD5E8C9E418DF41F81DC989967D329C3D53454D6A4D58D41B8AFA036DE038ED2D8E9132E9357740B33B918C8CF243DB3460092FB6E5E264A1924AC4F249B9A774493C4C3D2AC7B672B1E998540A2609D4049D8F5F63CDB1ACA366B7278CF90579926B3C55230C64246A65FDCBDEE57C8BDB34E36508999A9856B1CF748DFC999827D58558B77B322E0091E1A630C1C486997FF7B56E9CAA0621E569D11E0C3325CE6076F1A30F812A0692BACB338BA1F55B82FF39D7498BEAABA06AFEEC76FEDD62F97BA9027666DE9F49FAB64B54107B51988801325D9B51119E4AC32EFFBE13D1FE28ABFABA759A04781FE98E6881F29C994AA1BC5E9D0DD9EFEB18484D717176903A74D3EE1B27D54CB0E33CCD93887828523E41D115F7B51E7E0D5D43DC484F1BAE8111100C3F30E72968DFF0462780AAE01168088FB3EFCC30F329667489018AB35A9691FB76A6AACE8B02B872437127962AE12BFD8C82DBEF2DD89EFBA3DB2B63C2801C0EE6BD331D21105C1431FB867FCDC51C02DB248861348C543012A8878A6056C8D047270461D51EA4D0A85FEDF1AAA416029B523FABD44E3E25D9F555A1DDBD2C030F3527F758A0EAC9F69428D3F74BE6D8427AF8B0C407E0E7818764AB42004829C8F102AC9822F7766AE94A40A8F8F74F0C0FC1D601702319530BA0AA86326A6C555845D1C85DC723A07FDFD4C6F85C2F5C4D912CDEA186D12EE418839CE1F9456A42C603605D42BDD9C41DC40DD0720BF99AA3FB0E2A807EA3A406894C81570A323DD8DC67F445A53FE0DCB0C0835293EDBD4F850116D2B3896D1ED631455D9C9C5255BFB20453A2DF76E9EE3460A09C24D08CAAC998A080677D755283BCF4E4EBED728A81A6713B1A988164586DA4A96E666F5ED8AB824D7931C4E5EC3B6AF1D623A3ADDA1EAB6E7ACE419CD63E81CD93E81EA4D2A64D25A59DA51999707157A512B4033F52C89ABA4DEAC79217F725F8D881E3ECA42FD0A7C08520E273C9E2EE15D3E704AE06312116D3668E85E41E94DAD2FB0F4A506FD40431251AB643E4A866B361CC42963DFA57E9249904EFCFB430F30346A02EC19997F96A3FE2AEB5574C9D065B68804109F32ED27CC6DDFA24D86583C58494960A78AA820D143542694708F53973150FFA3C3EB73B04592CBE8EC365EFF2EBB491298E16E11125D37B6072D67C21E87EBC8B410943AEB7D8E23C17E2C45C05F46AA6F852759A78B07CD5463CB30395A5B407765D9CD99B00D40176D050D0AB736D663BFDA7110520639D1536022A0F99C9A4995DE1D6AAFC7F8C33423ADE5376E95744DBC797742F7F24258FB3AC93249B5BB7112A23E2D1F8316803D2FA940C5B5D3D66D13819370DE2FDC4A90494EB5CCC69A1421D0DF68424A0CCB0E53A7BD18682556A540436A8B43B0213F27958CCB5D5A474CBA693567663521140F3A4BBF5848CB4D77932A1050299404ADFA629566CDB21F91358CD918AA65109C971335E041A0661BEB972AC835A451A66B6AF503148DB5587540D4137A770B16412C9709AA6500364A38A24CB9C826EA367A62D330403E90A0BE83BB4E3980487F0B67A046B2876032524B5F185A6E4A9410CA7D9231DB109AB0EE09B25024F570C2B57192AE98AB0466A20D634F266413FE8F3E702DA112B6DA139191CD5D398ED9D1445A83E237954E9921C55308DCB34EE24B7068B69DC4A7E096A18FD968C2C3E23FE75249341C79366F4806436EA5EA1E7CBAEE87EE61E50A08EA13666C241A2F35B04FA20EA1D52C809F0C30D9D80A8BE6903C93CC448608FA51ED25A02A9D3DF93024BF9D262EB032A16DAA0F16D60BBD333E7E211059947CA4B794D581C56B8DB4E46921D2928C6A9AB5F58BDD0C8D9660CB9304A5FA488F46B54D65161AB28B2354B341A694D0D0BE2C6847BD19A532D5E34129D917CC1534B1EF2A3B69317DA0A5740262DA7626252A11B4F49D6C95E215762B642384373C4931EB8B879EF1FF2355702DDB6A367C9D82DF33539F9C15B38C764A1AD42C627A691423702064EF10C105B54BC05EB2CEF02BBC15F05A6E0DD6208E61AAD7D95422BA752DF35B71EAF8CCF4710B7908C7BDD42E52DE294BA2844CD5F801242BA10BE8A9839C5F4E51F9994D0C147C392FFEED44D66FE8AA8E5DF1FFF1FD88D7A2ECD4780D6586B128F6406E5299C7B5C903654B0D098D6D0C605009FF29249D6FA05015A3D8FCA3476F09097832ABBF8C5709DC14F167F4B256DB7B29199F481060BBDD60C3BA82C1051A5D4D8B6D6C81CCF9149720FA74C54DD17C3729E63D1AF55CF4F29A854D1339746C20B6BFA5C9A6408DDEA5C76EF52051BB31B2EC2145C9CE79F7E8377BA78043CB3E2B64463950FE6CF5865844520276378A55C34D2E861072D6A405FB28AAB1C32E6702FC93A3AB9A45FB51A0287E5286B94525DA50F0E95CDE3D82F6D8B65B13ABDF66B018D760F7C51C78EC19EF0BE026D237170AE0FB000EDC54790357C4015DC70BF1478627A3D021483D6ED3907FEC1094F10E03E30C3EC0A1AFF76120EE48D042E12BC6F27BDB7910CAD39D562B74B056E6E87132B46105AC0739CF50176FC6232AE0E673AF496C6201C95CC46254164498735CC12198C50C925E9259F041445ED012D31E10631782C8D69143A0FA5B0DFF7324D33D0C419FAD821F41392823D7E00BC923554002D0F88179BEE302EBFF417120DA81CA9797D29A92AD4DA741B0E12E81E09CC209C90095BC99EB7C172E1221A208E771B293CFD706660260635DA6AAFAFCEAF97CD119D6279C0EDB5841E7C9135C563D9A6152D6E548A408BC8F82AC2D9F1827653864872440C86B35DD2F3621F23E59D5B005641735AEB8F51296D5D5083DDD16846AF1F871752A3CD23B8F132BC97769B7684AB075F4E2F216249F68B0C9961A63A836684A439AC01EF6A93D49B09184EB0695D38908F25A734C782982803EB09042B15BC7E7CE2FB717A10771C76207E066B945A03A97A9857C44F1312C5C6BB57C8BE69609B1EA9C241F4A2E6063A92746B5E6FAC9AEA6941E78468A9D464473206CAEECAE33BFCB807CC8C548CD557AEE0E63CBF87971005E435A0E0EF7CB7ED136E8850DFDE05C5A1E5909EBE4DBA52E38038785458FB6E2E6582988D56EF366FA168586F2C3A24B4EE89631D7EF231A46CB78F50FBA33F05AE10F484CBA51DACF02FDA944191C074097A527249D485498B3356CFA2436ACAA4E0E31DEFDA70E2A4936040BFA3443A8A09771DE9180AC6AA017E952B8D2D0023C3AA2C70C89C78B7691C36853013FF77155D6427BFBB4FDF338B4F245607B5B2A1D0A6A1E1774C640D760948DE243AE11CFD829BDA12D117898686162EBAD1B41D6E7B2743FD6D3134313445E409B4732C1FD7FF5E03E797E7C758ED22A1A660A56BB8C53D11FB1F47944C281BA6805642E1FD4D46057C1A86E4D300F64FE88FF0939F154DAD8F31224A790F72A83C83E2F23FC93D3855C24A3027C531DC4C92797A33554468CAE2B88073ACE64A8B506260606540F5024BFE03627AF72FBA4ABF713CC7DD6F90FDAB5490544F936BF2F44E1D501DD010415783C04E735A620FF4195B5D911CCB470161E2B88D42A3D84392A814C668FE08754A97009366DCA99038B81E30E5FC53F4A09F2A10E4B8C40E687687FD93B931C2329EB26742EC6907ABA5600C9415D7B9341896DF4508B9C6FAC0D41E92B72604B0307AFA7EB9BB7B32DED98C62713971BAE10BD258B435AA24CFD91956BC7F96128981EDB49ED70E6A20FD233282C23DBD99AB4787E12FAC6EB42A289A5DF4737A9DAC91079D85F4E14F28387C7C2D0237625E5AE3642A8071AA15740A2B11E49C152687A4E346B243529DE6EB9C9780E9DA5093CEC7A0D74BF5581C1B934827023AC4A618BCFF934B65CEFF21DFAEB2151C7E0C4D64F91AC082801078E97BF131838A3D585B661E691F31AE0B7AB306C91AA6269DA4940352BD7E70CB55AE2483B37FFA8D4F6282935834BD2A171D798A924A78424E56F9881F0C98C2D154B32412B0927A00DEC8F42FC3AB694D6B3503EBD5908385BFF6AAF8FB92DC01D9C67A204A4403F89255A9B06AEA4F8F781383DF3E6BA5ABA36DB31DFAC3F8AAD0F1089DBC8148BB1886D27F4AD398A8C3C4D3BB6077C63ECEC218AA3F8D9CD6E0264B6465BF67869A9CC723500EB937028FC93EE67071DCD10FD50AC8F8D706239BAB3987499A2F0AA916C5C98DF02EF68149F28F2C01111A0AF50996D4026AE1A93CE35C32B23FADBF9010609261BD25C8661BBE64F1CB2F1926027E80F4A3466F04F94B34CB6C3E08771210E306CA8090A32B9861B4B4BB9859548C0A9C3D3D39C4BCB5E55854006037C026904829F30752EC29644F089A0CBEAC2A2E8873A081EA9E5B00FD97E77AF722A15809918033B48080F2C8B9FEC4EDE29C636E013FB4B17738CECAD690E2E8160FE8B299E912CA5E109FB53BD663CED0406D28F1D39AD70201906FA36DB09CD5EA20A9D6411811B169A0C81FDE92EA8F436507DEC21086320CF297070932DBE117427FE13BB4BECC713310609CF0D0077743D618AD60761580D40E8169698DE22934613B13CF86243589709AE6D717F78197AD045EEA1978AA11B0DDE84D347670E4F8CEBD5CF44719D1C2E7D2271446852DEBD3BC14B96F9C82F81B1D460C2637C9D435A544C556785A000A00F8A7033174746581AA4925C923BCE4C0CED41402AA1D107A5D7AAA667B19582DDD31864146D75DD3844042C1E994D6A2E2690A53DA29659B09854674863837B013803961074A6CEABBE1A4954B606FFE63C10F5B716409B876B8F4525A338802B34CA2668FDF2E978EBF82984205E2019BBFD865249A560817DB872B03D000174B7EE0452BA00E20840A1338DAF31679233BFED0C4CC538462062079BC8005DE87199B0DD680E9ECC5037287EB18C08BF1691987637AF6D08736D6E0D8905E2E1ED8CED21CC15FF3F61465CE2C808BB7DAF1F21B08C614762E4D3F42191767D41CB62E32F049DDC6D2FC51F680E4D89CDD6C48A9D2492D1696A05C1470EB680C8F90884B604E25C169F53C8A39FBC6D5BA02C5A474712BA56741236BADC59497F3A7A251CC52A82AFCCBE8B5E729115AF56324EC1F12A59F143ED014BA5F252E2A8CE75B449462002A49977F7C888FD4291E24EA1D0ABDFD8BE24494045EDF43264DADBDE2310A51923CF474C1FD9AF84E877F7C745A2887501EC70C394490ADF817B9134F84DF5B1C0FA17942E374D854B73841E464C2AB9F258252EDA66921804375862E6578EAAEB419417BA21488397E9BB68C99F4127491F5F894089F16A4303D3BB862C17BF225DEBB6258810B317632DEB21F9A9ECB11C5FBEA95AAEAB286377E5B12A71C11CC44B2D656873E6903C729402D2912F37387028655C975D7139248E06726DD12667C8074391789B11E0C68EC2011A7BBAB648FB754C20CA7F3C13D710C4611587D9A1B9D404802F8186963400D6A163D306697C072E638AF78B0E852E917170869E30C81F09C5DBB216367C009F6824D596AEA12F54F1074128ABC68E2F02A5ADBA25377BF1F2D3363619D55999C6C00DC8EC2A3053E28E3FA31BD2C9FD52E5A8A34BEE7F6BFB3A6AADECCE36DA5B77B77D7F5B12449CFB45C3971ED679ACD1427C5BFACAE6A03C3C8EB83CB6A73BB6DE3C5028110EEB4754CCEF4644C1E43809F22EA8EA5B2FD49E3783762494FA7D6FF65496115B993581A0283E686E66A5EC6F6B30CE8CC4258CE23CDA81B19839A5DD7A957515960F2875802388F58B7E5439CD06E56445A708E4F31899DA1DDA68FF0EE90100C9516364A1CE8045D7862B094BA4859DE7378B03A30495405BA7D2316EBCDB5C5292AFECA096A273EE3BE5EDAC093B3675E6AB19EC3C0BC7B1D88DE28CEE9377F9AAAF31769AD4432131A73218B3A11FCE061C9F297581A84E1B277A9FC4EC25D9627574F749D3F843ED73A46C8F0390F6599D335B3A7F591E0F9AC9DAAFBD43E9D056E568C3A2DD3C169052A33D94692CA33E784219C7240A537559AF9FBCC0089453129069F62F27D1F70CB3EB0BE9C555731C47EE166EF9500891513BE587683DA88A9AE9C34C1DF208417625B792997E1AED962BD2719541378C78205DE1F0B38813D2208121F46D36C000047E35098410132DCD171FD2168ADA258EA16641272A19A044D9142C7A861161818F8AC23CD3B07DBFA21AF9663C465340272A7E6932F1EF702DED1ADA76E01BC8054A906B8A11E7128950C05E777773E172831B4143B1C55D34679A6F2167DB63012B480E94956E46BFA5A664AD836ADEDEA8E02FCC1D01129854B3107025726862511339BF37D8BFA97D014B43A5F5AE93621CC7E21B362478725C092A534320B4A0C7902F686578CFAC97845964728AAE31EFD4875B2E0EE4738950693A4221AB31FCFFDCDB6EBE4EE727EF0D60E968DA6CB8B503E7CC293D59FA38170329B67F3D4C059BD0C09321F40719DFC839C00584E86C3B7C52FC88332B3AAE13132A6556566F56FFA0CF65F4311B98A29114A89EE48166DA8A7DEA2AAB7586A0338B3E5ECAE3F8A284B4E1F5B4F13BA7B1C5043FB4AA22F226F3242C7AF2AEF552885081FFE62278268C1FF5A3F24A1BE8F5863A867F136F2646FFB231A8C0CC65CBBA7FD0437BA1A80BD29A1FF18F08FC74BA1875BABE3361BAE394AE78851E4161CC354D16579C1F3DA19B5E8C4DBFBC6F625D75527A595969CE1F59764080B0D7882C99884F6F3A8BCB3AB63616804CB6F7F728D0110D827D8995DDF29731D4AC6F2E91BBE034A85F6434E4A6E93AA30FFC349C3ED2F7021A4421842348C90D606096D10E4392F8210BD5A78EC80C9CAC88005F381152322B40F3031AD300A1F7B0A118F83BF17F05E568F468FE0CE9ABDA646125CA920A10FF9020B384A2CF8767601C2A6CEC71553CA54ADA7954784D74B43E6237C8A3BE4CDAD7342F6603E159F4882F13261D43D41F8ED6B392603FEF00498ACAD5DEC2DA528D6460D2281628F8A76946895A18D318184A40A81CD50A90060DA062C8BBF15E4907821E986191DDB63AAC26E8CCD870C0CF1B7BE5C33ABAE6BAEF55A9FD89E59E3417DA25020A08AF5604179A2232F45A712691C3740F2817A71C5B69E3642BF57E35CDBA612BA5B5A0BF05F2D7C65F51785F90ED2C17898D4D2F62E76999C653768A03763E6D85C643FBACB833DBB1716C9F9E9E86E7A9986B375A2D40727146627A3B5B93CDA240E592942556A42834F76388485C1ED23B0752ED21836EEB731909783A19AE2CB4E487A157CA2C1AF6ED99B75885065FE273005435E85EC66962922C4C8C246160A6AE31CE13D04E48A27DA835948B3288E762C687FE16B160F27C54E1DDAF2E2901E28C1690A90118B7A04B4FA87ECBA45494B3E77E183646F8087F3821266E66127C5A0729BCA1D874C8521526966F3CE1094437287A88234D956B85000C54F654756304C23C4E1E979F985E134C4E4057D89710D3CA2DBE0CCC8B96DD989B0B5DE5ED2E85D9BD9AC48CA0826D1B00024C4D788361DB80F995DDBC23DDF0350F04A67F35AD819397B01210C6AB63D98AC308CF8EF0790E5DEE9883D11D9E0AB8C097ADFA2B2ED761C52B86FBE81DCC1C89A73B76D98E3C694099540C2A2941AD89B713F5EF4CCA5477ACBB646F8AB74B2384EA7DCD7A5D20D5B29DBC49B2646732AE6EF051C879C8AB11E16EF80E2241E7852DA941B8042D08EEE22DF4ABB708B2DEEECE28A9AEA56BB7A1654DE8A77D2AE487099EDE575A5316558E3D099A0E6649D3BF37DB4077D807E7D1C82D9D3BBDF162CD486EFCEB1975696B9B21FDA1A60FFF76304A07841C05ECBADDFFA6443902AD94163464E51DC489A1295FA0F29E5323C6CDC7F85930EA3B12B89CA5A808150430B1E6933975FF37993E65658B212167C8F0A359A33470986C8985B82F15FA9E0839837146605D392FD8ADCBEA9BBB8500B792BDC5B0633E98DDCB5A7B50C798B09C2EA5045694E6E1A1ECE77681C278C68A014EE030CDA031377D2F7EEE3B4558151A03CF2C9AFF390589F0CB3F772454395F63E1FC6B151BB3AE6218FB7F3B6A5AAED22A0944CD916023EAC65FB7A47C919B53AFCC0D1EA295B09777A4191D647B95153E70596D8D3671EEAF863FC6A0D956D0EB38DC91A72C6F68960731A17BC99EA47FA484D041A2AD6A861E0CD9C0EE4CF618989A3B146158088907584F0C2B1350E9163465CA8168B45E5288E8FEFCAD919D1CC54AEF5C82973A7EC74C23E3A64D0D2C94D845C360E43A9C38D8E26BCC3BE901DC89B98CA50C71453110E0D587D1BFF8B72D3066C8079C08FC8C179E09CB9F02FC3677A07689F2212B0793FB9303F9414152E80C24EFF0C5D7AEC991BC42BA622D309D2EA4716E31A50739DCC97A6269D3E66B7D3959AB40B8ED047B4FB20D58C7E067D28520BB2F2DA582D9EEAB21BBC66B6B3BBB6EA1F6C5BF1E4B3707C3D00A53F636A40AE882F101916397A32B8502DF50494A304688A189A4BE736F56227A73E4A5BCC68FBD548CCB46EF5E52C65CC5B3CC52295C77777B323BE13C5F0FF5B9EB1DDEA64B4A5DD7E84BB1870AB5DB087056AA2C8570BD444656545C4E41BE2D0AD22D1658372AC4E100524392CABBB49305B21FC643C1090A065224A74118C9D2F90E8CA3B40A21E631FBDC87B8C0A585DCB7D841F4996B15146C709C728BA7682E1CCE7F6D29E387DC918F51E3DC2FFD19186538B7D7D14F5BB021322A88B9BD145C2152424076C513561C1B3EAD8CE7BFD850D1957C5A2546542F332E320A525BED6BC94DC6FAC1511B3810200DCDAD2A22800819350E93FE7A967E0DE29BDFBDFF40E851774B73D93B0F62D07FFA18827E0565A043EA9CA41EF5C5D8578303AC0F3EF83A19F592A216F1E8ECDE9B8E2FD466DE77A1D2951B4FEB21C121EB8F032A2196383499DA9838C802322B72D8D64A837B831FFA32305CECDE8860BEE3AB03EE2159C2D8C083A889D7670E14643FC9620101281382359546F190E0EE29D546D546A0B45F42E4590265AAE23B9A877AC0A38321AE6FC787BC7868804E431D4290805475699860B827981F75386E7CA6A90A1A18C6D9533A72320649368E6577B1D9BAD80DA0F673E0669A4D3545AFB7F0810A03B218BB02F6E69B63DE570FE001F3FEF952FBBF30F85A0F0A72479ADB8BD4ED5D840335DA8D8656D1D39CA0C216DDBD0D276BA8D80DE10975C9EF520E8E1BF01796111FCDC33533AE0A338CAEAC146E218AE2B49F9CB021BFCA75B619D74A5BBAF305C213F4D7D2306B24D00E18A57BF95C8079AF0C31A6B979AEE3690E43CA70AB4E8798020FE173A49E3C855FBA4048E860E6647F5B9F10A05457459B4C07B58817E6C2CF4A230564F2020CF6D2B0DBAED99805E5BFEA9434DD7B45C892472D12E2E43D6BD13DD3A81C045BD6D8927295CD5D32F06180ECB43CC76CA0A8CEB5B0296B5E80E35FCFA4599B2DA64A3A2DD63ED64F680076111908444B94E124457654C1EA646638B8018344B4B82D1A6F59022C0E8817FF891195663F8A2AD043F6F59199CB17C5CAA9EBCA040BE65E617B7FD40BD0E97B0B66CA53E8F7D4943822313623F3748F61D4EC04396B9C01D2033CB097FFA4C076D81E82264336B1AA73F55433114D52B534A11203F97CAA7028383EA61807B4E88F85B491562423094C517044786A09EA4B808CF67748E34A13BDCF805BCB3A2A0F4326A8ED902ACA98A3456B3CEAC037DB88A0488E9973016B28060CE70378A86C51523071E3F4B91B08E8D97C0C9DCCAF6D3A143ADC3220DFD5C75301032D9A10D01E4A2AAF88E8D9B39ED25A5B2E9E336271E7C3949DA8F7D70C7501ED7DE7A400C2902D242BE5A78DE6140D7B4D1B625462D5254E9D83130CB7B5CEE943926B3F33B84F0FBD65A8D03C309B4F6F136DE8DB9E6653909EA5D65D6A5065514AD5B2F84509D456925B2C9F938D9D217F2962855D09AE1C836E54AA3C125FDFA020CA7DCD50CE2BD712EAD879A24533F8AFBB1E0AF0C54D60935E7F87BD9DD2CA3F49554CED5BE81897AA398301F7C0FF2894680A0042B52C88D8324E4DE5816C81407920E2A2E70196C0C00028C02B4315C00FD38BDAE9A72852923A77BC03FE28C07CA3CCF8087A22924B0FC18C9BBF774F55B8A5E30FF5478DAC9B28D390C7F82EB327F8EAFEF4AC0E9E25C9316F72E0D2D985C84381F3EAA924500A86CA4995E68A361A2D7CCE7DD05891007FD44A9E43776963DE127679D07C1E6D3BA9D4F2AD943244C18B4E869D273240366958A6E588A6CBA3E6F8D4F8E1C021D0BDAAE3B40E92A7B63AC343094957F2F4517AAAC843EA56159AB85948FA98DCD6BE81664C2DD2C882DBB91C9BCD29C1157C2C47883197D64179F12E3CB4BD0B778EC63DE092DA4FEC408045780D7F15C2712ACE9701802D3B50449550915701FF00F32CEA32565299F5137E6BFFDCF2B1540467712CDAA4C87CEBB42D7088AF4EA726B583449223E01BB125AB9C821B4F824F24791BBD01BF252BBCEC50060A69EE1F977BA62CCE1BF92C2181963DA86F7790A34C367A293F459C2EC4D488C9E574D1704D8FB112196F160C046E4C4AC0F6EF271AA947D88F7DC0EC7D7819780F3243A74BFAA6B66C2A9322D959219F465D8294EAC9A12285B4E2896A87F2E0BC51295C553E323F6D4E133FEA0E5E545FFDB971D1FF36CA1B45B6E44E1213DE0461C5CB01272039605361F620D431CEB205AA6A1F07F9FF9A4B2F0963522B476600A619C4F40319CEE9DEEF8E6635BF4F84056E97102329ECC6DFB80DA921D3B57122B8E5D9CA835BF4CE7431DD5F659AE22D3130F1C6290AEBE862EA4AB896C5BCA7935345D605A12E9EB45C21CEC26C2BBFA5E961F6CA943724F384319D252DBC66EB9210E8CA0032F5A54EAAF856AB7FA10F417310D09EFE3B44D9E55918141388427E5B4883B1F06035EE69E2A04D48D258C730FF178CC73B40415C9324723B59DBF07FE376A1255405CACD341EE9754024403E9215A73C33D9199DC35D3F9788C40E8CB6443F2040D216A522C1EE1612127D04454154255B501FCE244C5FFCD92FC7FF846E34CEDA2BC1F4A2132158C06A0999DB4B97A8E7A91751B750391F5AE003859A13AEA355CED13C8DA4E7AE3755AE942DB818F8AA1FD0B485131A53E823B81C316FD0D1185A452EE57FA09514B6464E64BCB92642F0FA43B71FA30C6918111053F957A91B41A478C7663D7A389D7E206843A83CE3E05218564ACA2BB6E1A283F3CE0533483A4D14AC54740528394F6158B12B0EE1D28CB26AE56231BA4EF9F3890AC41CE4D86792660E67AF491B46A6324954149AF79E12E452F5353F75E0A8DADF3C0779C3E63435E1438C320986236626000CCFC182896DC07CB36478B2A8453536277EEABA63E2E0515816D03C6DB95A05A32B984D50B0633535B2BD64AEF002B7F60C9370F844074715FBA08D34FD800F570F80FD269895ECF007BC37988AF09D14DF303C367160B6D09AC1E5640FBD1990272D363BD8EAAC07C03AEC98C49A80697B2D09338692734DE4B928107545AFC9CB62E081EF19ACD2688D6F29A3A8E6179C835A5118E129604BF94A75D08F96EF9591FF82DB016F1B8562F4DF888B170D175E50683AA19F4E94D8B730EBC75F50F3345DE17F98F73D17CED558BDEA0C4C689C3B4E3A46F3001A28E62B2CF337B5C28332EA5C046213643EE8F45D416447E84CE62AE4F6F853F068FBC70B821578B8BA41C3C5E0BD6B110A3B6CB0EA698D0010A45B8A7594F8077BE609138EDA8903AB3E7BD5AD6DE2D237AC92C7300076C3180A89BF8526EB6047B91114456FC813C20169E4E1BDEEB08A3FD15C51FD010890EA56856C42494C6F725031E0189F06ED80967707C22C9762C98A43BC07BA4CD13F911D6F342D3D663D5F60F9FAE435942E0DD7B64D197A082F080500291D79EF923A9CFACDDE43F059312A0DE76E7978ED69C70B4962ED8555DDC11452D33B163A508DC1DFC7940BCE7974B549A906F8B6AAF455131200E29EDC113CEA11D9F82CE643DD4511BCA5FA39DEE315E483601CDEBFC9196D92208FBAB0155FCD2A09C903F0018AA9B3913E6CFDCC307DC2B6A25FC7F21154821BADFD3A0252ADA968824AE2B88498A0948AE26D421AA6347C28901B5A437C1988FD8F6558A2A2176DCC41F6D42C2BCDA8374A0F3428B4E2B04E630E2E53E791028479C1132C37AA04E35A83F74C0BE0B71DC67B7E846E4B654972863C9D011737670C54A94E6B87E0196961B831D8BC89BE14CED0D69172CD5897AB87B2C1443B8FC46A7D8D91686BBBB1C1768B4D2439E9455271A4205C6F5EE26C45C627CD835B4CE0ADA396DA301641C7880E28A3145C841939B59B08F02B8C22C9D8EB02F4AED5E1A575DAADC17040B93B9069C10E985AC22DDF080A44458904D87A1AA106DE4B93F1648D36ABC89C80353C5C261A96C976AB63607FA22095C088C62C46550D7D15571076BB1F55A45D70D55A146EC430A31763255D290A0A5E8E7B5E366FBC616D528D022A39F6611723D43AC3E212B880F970E2196E692F8DDC9A09C122C5A57E6ED8A5EF4FB1F3ABE1FEE93D8FFF5140E0E096F38F3B94A53ED8071F544C3EE5B91CBB4EE9DBE7757C6736D83B6857D8ED8FC4220912E0495384C99542FB2D4A397EEAAE1D7161DEFFB35ACA0FA6FACFBC3F0A49018AE3A0A3D2907783D3186F0FF415E853E6C2887E01B033183210B8B0D910069CDA654AA6473F83C8CB217C6858369F73FAF6FBAC0052F5905839EAB7F55A9AF05E4CFD311DD2A212AC971791E6F89E621CF9FB193341207A20901597CD39EF0EE43D182B9AA11BFD18FA894D08522C038762027C49F37930A6D4B442D8450101A265FDDDAFA9138352E15C376068270769413110DE83A559EA8FCD0749B760818174207E713A80F54860CC4248A33721F57E531B579829D97408EB3666E47BC3407608EB076586801C686576440DF0FD0814B1704FAED76F01E8A3DA8664A1B3B070A3BB214C006AD0ED54B7C1724B28CA86008D961A094037EEEC0CF3330995AFF8FD9E3CACD820256F0D5E21B788ABCAA5282D74B3442581D18F4FB843F238AAD72B25A5E64376C2394ACE2308710B1799B0586040A135F5248DC0C9F0A6914C51C9FE1C9A4AC6C4C4D2A71E7535BB9643D87B5184B2774E1224269CDB787C403A9CB9C71B764965AD754D58601F29E1D403181EDC29A57F172EAD40723DF6DBEE0975337A0ED3CA20740359A892758062E97AAC98A6B9422BE031F119D910083FE7D780F50D55DE53B502C7BB623A8EDAD819AFA8FE82BFFA63289697795479C88396AC59157D6A5604350ADAF6975C45BB564486C46EA20E61F94CF3E0168D3CBCF3588B406AA1AADE22CF3129E91C998E62EAD3211A851ACCD13FD8232AD344C4147CDD1C338308130ECFEFDA8746ED0CD790596F142887F3A1B4F09C34B4F0327DCE6E46BEE1265D6C749622A1A0619D363FEF1390B5BADEC4D204B278820386BC20F8459730512D658EB11F150C58F2E01F21F262E3609577C80C580D0A896F309DB48EB998EA9CDD84535483DE96A46CA9738D91E00899436C24A32B6373616530EC33BDC39404ECA1682DE771BD6CAEB399CA3AB0851C4A62E6325DF72AC6EF548FA6E30584F52FA82123A72558C0E2FC632934924421E808FC306556BAF84E1B0218620FA3CAC343982615A5CB180B61D659EF1D26F6DE302EB71A3B4F562C22024018F2BEBA680C07957FDEF2EA4CBD813D786D1665A41F4723D2BAD5220178355361F0C2459390F2A8DF121AEAB228FEACE5702BE8A24A2824F5F710DD6E5E52301B152EA673778F0BE3EFA55314F43C577002ACF31E0FA904EA130712268270D867EC9A40E5671510FF23D0F81F70FED27B8EFFE44EFCCAC0B37BE7BDC146FD4A46D8B6F50ACF08CC21FBF17C44FBC0E2382D3551FB7B91105315BFC032004F968F31400B7D418778F52903149E143A0452DD731614DBBA337444417357DB8E6372BB5447715841952D7F72BE2E8C7FF56B5B1C017A4E83084519676B1F8345670B5E7773CDF61905CF1173CE0DC3703045214E6BBC32FB7397C6E0C6669001ADDAC54B7E29D06486FBB650F06ECA51385BFF5EA4CF84E3CA90D1F2646182F6977A93D4BB41BDCB4AAC7EAEB82EB80343910EBAD848C6DFBB70CB021296F47EA773F31C03ECB6920DF8C904D00640F8AF6A20E3194D5F42CAD2EB5DA0436478F09398FEB609F07C930CB756005A30EBBE192025614C409D84CBEC1821D7477814C687F4A8A7670C54161A222EFB9C09385720AD26F23EA7A1BE11842AD6CB7AB0C931475AE33618CB7F695AAF3E9DBF5C0689D13BF78DC4F7D0DD50AF00BB2328A160B26C5C8171C9AE61271321A6A54A5A4AC45A9682D4E699E9876BF7CF9A289EA0F6CE572FB2DF712C54C78735DAEE5AA413F808B933E82240B2BD937298A6196B88A70EE8CF4FD8C5710F898F61C186476D4BB77457FA71FC3278D7CC93100E124F597322570192D14EE1FCB65B56879A2CB8F7BF784AE8D1A66330BD9257443BED893F38044024A4D264251FB9214DE3B4378D4EC413644D751E1C96B3202DC79643164DF41E2591110F85C1F825E47185F43919F3391730E120187E4AE521CC75320970CB99CDC60E0C6FD9B04D33978683AAD36ED35B8873420D2C0297F91C4174F0D6B448EFF31286FB6ACD30E71C6B40C33084B5B9BC1EDFA241294E7841A7C03116922A2DC332D41284C0A0C2D85D89358061E560D4F634B0A9145358BBC9059D1B51E91F959E25815AB851F676A2C868D8E1A4C52CB6250348965DCE3DD13ECA9BCE89ACFC748559879AD070ABE3489024FA8EC9009232C7C858A22D559FA421F19FBDED910DCB6209E45062D1454B51DDBFF1F078A4532539C43019C7866ABBD5DFBBFF8DE61140F9E59A46ED3B91F83E1F2A20AFEF525E9BBA573A2D8B8944E9F350635232426A902329F805E590A49A44B011FBD34364378A123D086989F69639E77B968EFCADEBAAA00E59790681F624F8E32D7D31070430C5B0775BD9CC1D2CD4C0FEB8961B0D3E6465F3AF9EC89802B56C748BD4971CAC0AB14889B952AB25047215AC93DDABAE2DDA4276CC9EC74F732381608A302CD1AD95BC47384DFC13592DD5795544B8FA092A176C70D1148F176C8B1780159D4B1E2F9B264731C74BE745B3499DFB3D8980588E66C548136513CDDC14731FF59256DCFB696772A1480063BFB31B158B17862D0C913F0949C0848A84AAD08E456C71B4A9912242991168BEFC1B788E1CFAC0D29402750CE40895B536ACE81BA85AE7490FE43D2EDBD1D0F3261463612096992D5D8304F5F50BACB94447CDB617E62588916365C1123323F52C53D9DB7A8A1DA4A21F90A9BA345838285A43BBD1AB43472DF326437B8F619CAA6CAA6698FA223B1777F64FAC391FA387B4807A23AF218309F952E93C6F60108781003EEBA89F522FE0ADB82C1128EC57DA4E652A462FA7745A483A3195B8EEF2ACDB16B123418FEB3587490104861F0AF6E1C8A66A9FE3FB002EA26C3BF4D4A6577F651A50D15F53870305FDC40C610282DB9741A5E062D91F7E70034B4D5285D9EABD5426FF6DA4F4CE4F50772A0A61D98309A6F2CADCB76985FC00A570DAA0770207AA76D0B9988816C1FF5E1AC4B8C4169042916EEB683DE186DD390C49946C5A02CF5810888A369FF41FB1EAB5D28D1DC1A2AC0314D81EB5363C97D2FB6267D26D34A3658E66517CDB1F0BA512338D0C6374473C004FFF464A882810D97FCEE3669B6407F8CFEC4947237AF003CADB48E1981D3884E2C5907054F2D32B9E797F2C1BD271DDD030DF634E45D777510399D91EA105523B30C917407220F67B210C4D8EAF1CAFCE19AAAD17B8C803D9FA03A0241CD392083C0B517F3B5C17A1ACF7FC570985C303A562722AA0AF0800C633559D5801A0A45AFD4C4AFB1D93237A3870916FEA1BC05C34678A42F00BEB1BA03727C9BE887E7AAD67DBD192A31E6FD204E86922CFB3A27926955B96AF2AD03F781CB29A483C143E36A9ACA2C9F8354CAA89E96E9F03958E5BBB905E037A1513B0C90F7B9EE55E0CEDAC0D3A078AD5BE57EDC90FD10C2164D2EB5F0A8D92E7EA3217930E6648B0C48C23BDE188E584F48024DE64BF7A3498528EF0F105C6601A9810D4887D98FB940B27458A0A3D10C7808C778680401BF9B3CA4D40FB00582E6701311DC3B3FE34C5D28C5E27FA0581D8372246D253618B37602ED05B360DDDB03B1F29E30AC7D35BA507B75B1CE915D6C3A8567B01885C394CE083C213E977D06F8C0E34B5EBDB3CCD0D30849F3FC3EF00316AFF02DE794366FD1E51BE8C68142C8E673F8EF7E7C3357C042CA017E97EFCE31759AF3431CFBB9E5618383B259FF449A577B18C1475D22184BE92171A3D3B479B2279269856D6308E11341FFAC0294875F4A25A6616002AEA328BD9E17970EC589C7EB5BBEC2E57F94962B6455407727B59187126D2C84A17706429693885EFB98302680E2C4B391E6C5FBF14B0E1626E1914E3DAA24F365179A8B41AAE02C44A03883EE6F2F615286B47F0282B82764EEAC83CE825B704079B4A4F608DF52D5BC5BE0EDA7CD030402E4485569B8B4C6AF9EE25C7A6FB78A28985F0AA2964828FE648C60A1C44EBFEC99BF514A75CF170CF5CBA2153199E124B8CAA5091616CA3084E01AF0FF18C3309FBF9C0C52E76B5C368B5767FBEB09E872ABC9420D10ACCCD679C02DCF86726EF0D348FEB9B4BCACA463E61DE6B20D7AC1C3ED649704D87A56018ABDCE091A714B88F88C3F4E8F18020AC56F1357C0535615C3C94B8D912E81ED5D77F2CE121366B96F5290BDE36B7FD8FF01A4BC0A0005EE4163828B9CE06542DC11DC0108C5EAF4598CD07D6F05157A04FA7A79488EB6D429CF1BF6A45218C93A1DFDFA016900C2EAC81840906C512EDFD1828C7146D14E9993EB14A4EB3F6350D27B502D4B0D65547A28DA8C0BB46D947954CF8DEAC0AC65FC2175EEF882A4344559E4EB3A22FF081BFC52CD8110B8A2C0C9AEF20A7D89386888F6C061CA6B5F546B8F2D84FC42335BD6B0BDE86E6517FE1EBFCD5E84E6226770C41A903BF094D1F32A1C48973B0E257C281B07C2850B85B20491EEA77483EE11A357A182D9581888BC358834D349D1B77BC33C9D8F5993CDED3F3A44195B6CF18E3244E18C6AA9284EA677FB25B1363848D2545A7DE701A7DF13E59FC857B973B24469643855A0B4CF1104F9CA9A51DBD1596069E2CDD50E1536E0086441958BF43C3CDB51C236D36C9A1C64AD34DA5CC4AF4DC562CDDDB34100398F4BFD5E46E1A163ECB2B3905D28B4F2A32367AF138BE4C2AADDD341A4D1313958DD26E0FDF136EF84A60314C1530D079B453750CEA10E26D0696457CD5E7B601160C55DC0598CDA15EC094CD07A986E04D69C4464AFC7154049F620428F63088B0ED525242CDE9F6D116A7D150E6A04A51BAA36AC8EB33124849B255FB3AEFF612494AD0652208C2490F0A42FA55DD3CDEA6566A8074DD783226E7308A15350B80288104250A46F8351F3BF5ED1649DBC1F6CEAA9548BC0CAA19AA09B43562DBFCD4258F72B37643CCD8F9766C994D6A15966DF8BC281C942BDD8F94DC038C30F639A77FC2CA67D723A82ED02C38A3ADBC13CFBC403465698C90952CFCD8D0911FE18807FEABE9FC07D21D8C4C0A15B2A13061A282C64EB91945132D0DB70966273E20A0110768717BEC389E8921864FED429326935B960262880C0759478FCE67B3A6B3AA09839863102EF31D72A4840141632B75401C152FEC0C9B7C87088D67F70B339384970618F584325A238AA52034A11D4E2185182B5E4F778E02BC16279CC56BFBA0B93DC30ECAC64C5F121D4EFDDA6F36491F4E8BBFDE0AE82007BEC87AA960F0F4CC51C645CCF35DE6640F8B18A9BEC0497948BE1B3AAFC8B5F9DC6138297CC9B47DAD38DB0379AD9B5F4E289C20F1D34010CBEB012BFBF4CCA7322A20D340FC9B96C1C50F381D5565FD680A2F91169ACCC136B243E9F100BA3B2AD484D3CDEB999B3E686194FA19EC6A4BB71883BDC965E6C94ABCB2AD4EE1F3302C2968D7794424DF8ED0862AD4F59C99B2F9678A623FF2023FE2424250E9519C3C095FC83B6206CF44AA8207407AB5A2364ED9BB0904AD53A3B12F467C0C61319C8B85A7BC10D6E2C30C10F271A7C254FDC0729018B16B734039B7C9353692416DB1FDEAE1F6BD6116021BC884B10C1E8F4B1783451D8218AB372BEB89762D127372F8E276344119B24F35B04648A755B0AB4DCB2B920F6CA7E2C4D4C9D985F79ACA6D7A09A154FCB4393D4ACC949E86D21DC8A5B60A1E7F2AF3B5984D3CF8238EBB4C099321B0AE61BFF564CA411C2324A64491B88442916D6BC5E5F92AA5E445BBC9F379DFAAD01CABB1CD16D3FA9A0DAE3360817B3306FE07399985C0184E2EB6985177433BCFBDC42E08C90E8EC11C5033A1D9294EBB0B8D34E6668E1422046E6A3413EEA78344FA0DE3E929C739B5EA75DE9ADC43E5AC5C75DEC03679FDC85434A38B981C8BCF1CD53006D69416CADFB1C0E89AE314291E50740A289A0D035850FB0CFE2AD082FF6C45A572F549CEA96142C2D06855DC18CA64FA80FE0BFB9C323CEA8EEB8887652E2926732BCC85D1874A58886C6955322966F1B5655648309E3B2A26105CC819A33ED2477CAFF9B83271E50221073828070A4F3E33CF919B64469E0B8A893D24DAB1762EEEF8CA43C64027FC5E32D701C9736C9CC6CAB1269493D17B2875E4AEC2CAA5ADB052D341F5820E31E6940C0983560A5CDD816C2907004D2FFFEAEAA5B1E5F08A615FE1FCEEAFC136051E40E360D15C10B01D3781CD684D5EE9BC642D07CE4361C7F588DAC40CC6B80485632E9C1A46BCCCC4D2CFD39AA00B34E293429831BBD56C2430EE5614B96A5C036329451001396757D59204DC2EAFB5DE7BBFA09B4574E09D96F8E4CC4387E97075B436B7B1A125AEFB483ECD818596FC393AE6C8E9319D8CA5A6B55C64BB4351A8462E3F7050A2068AB58BA7D101D25822E70D3FA4FC4EBB5EE373874E400313531DF74A84C8239C464C53C334C359B34025CFDC4743FF229AF5391A6CE1D928BBBFB7FA1245902A2D4024B04736D838310254786D33BC97D42317743DE29E15971DA694059280C8EF92D80AF930A67B529DF55799CC0CAFAFF440DB8EE20B05B62E92FF447786F393416ADE380F2F7448C26CB5245DC51D3D2301AA12BBA23DDFCA473030F0EFA1CEA7764BBB5DB7212C4BAF1ED33501D6260CFEDE17A65291C1A87950E0279690E26472321AF5A9EFC5420AB4B860475C9DA1DE8F981CDFC79AFA684908D00F83D3E3CD1F07C9DB029C842796085D0663F4CDB373FF6A08002588EB1F77FFF4B9CC1A010289C9FDAF2A4DFE46F873562D26377F8B38104496698C6BF788F5A209A991B1ED84655462E3C8D29B83A99081C59FB3FADE0E9C75089D64E0DC93E8A58E95E4338544A89EC42AE145A7D95F9F590C8250F5D3F96ECC242B1870DB664A26BDA04E1DEEEC8C1BC44802F1D5C7434BC24759991C272836CFD0552B422AACEDFFC38C1A0F605E900903950136F97EAB802E392BE90451F25D04806B835549B113F9D6CCC88CF63E9F0872AA74FFE918D79EE2A2FAC79214E59023CEAA90E5EE5A34EDB93B9829DD672D1E3CA3BB159265BE00282183F28231309AAD2066FD6B32F0FC759980C905C50E2CB70546CFD876810490A40C29301C29A2C4DB2494D2DD5E3FC23E6AA8DFBDD820C41B1EF24C815A140A0B5950E22DB2BD7D74018A7C62C72150C95BD1AF7A5E88D244D5292102D6BF9719F9A6ED97B007DAAAC0B957110A4857B0FEAB94A0AC86A1A1978D4FA78E093238CD2C1C703FF256741F6F88151AC4B0DFCE627FD95D296019254147E5171BB3E59E6820D03F1B00B8116A295E7791B418D459DD57A21CC86500252DC8AB5B54DEB4CC7EB095FEF08AF51164708C54246BB912DA8EC424A6F853D0219D41C281C75C80A5258809DFEEBA702392F79E22100345046B86A17877B25E6DC2F8ABC1C53518247C0DA07B9D62C6C8308D61102C07E9D8B6CF3500A2830E186768D5385BD412BD0E3813026673FAA80DF47DEA18A8428FC1C266F30E93BBC2EAA32984189D249EBFB1312BC033530156DFF0C245B224E8F9A23A16AB089F8CAC35740665A2CE53847C559721D2903E9985D4093C6BE582054551422099DDC250581ECCBCDF9A89A062A1763214ABDA2A15E61B822E6BD7EB38998AC120E158233C34D2123A304111BB015A45C33D8F0C5DA622E35F955C0CECCBF9518421932870B2DDA10E6D2B3521D43260D8A19478C7DD0FFF96A51466B2E2701AD14E6D93667E61E78F1B89B3CC06515DADC48D46786742A71F9EB99B32A0FD8191EFAB70BEDBA9A07A8BD95FA35E162F5E95BB52666455C7214DF84BBE5EBD6285EC904D7F1F8B5B43EB7137FFFFA484CE26EF63DAA836137EB886B873514B84CA4708C7AE3F2973D6F2AF0246B99C930110CA9D456E99CDF275981575BBC2CCEE86956D971FF8DE8099BECE101DDF2772C266C2C5F2FB010528B21566B6CF0E8160DD495D6104CFA36448FD077124724C9C084A737093ED6ADEDD846F2B640F426C5D10E30598BF08D70CD114B8C8CCDFF36EED37599E6DD630C6AB7A28B23C55613AC4484A1C53D5B911A570F6E2F45122840929CA2E1BF0654ED678009B835F3425110E3EF2B5D746DB38024A0422BF2468F8F995C02DB9464E7E7D3CF71D677ACC109C5CF90DDBB58D2A096D30487B61E8659675E97C959CA822C92D872102CC6B90608CEE167D9B132D23429BEBCCA3A46301DD7415474A90F274406BA79343AA36A1DE8340C9402D4E519441D861478F0C5C3AE06C2A0CFB50436C473E2C2E2DB86A5828CC32884022D13E8CD42C09FCE8AE291228224FB5052F28F5A70EE2419E4A596E15236F10C36FFC09ACAA7E497BDB1C1293F2C7C3225D07969761B60198CB4C662A8E50EF8F5D8B9A03E7F93DF84C727A3A005D82ABB842124C87B9DD25800525B5E6748D5CC3932E8EDD092466201C6121A55F3090FCC3F81DFA48341BFF0A3AF4A3B38E73413E979C14AE201640E7E5EF7191037900B2331710A9AF82C5FD70CF9AA49168004531033593684FABD0190A64CFD2B458A9FD4B07E54BA1CE053F093841C84736BC28C5C4E050AFD58521FF9EA090C040B3ABE2DD4AAAD0C197921D03C3543889B5D1C7AA9850236A3B4DA07EC2FBDC309E058035CF5241D239BF090491028C1983A3560A93B028017D1E9538B688B487D0ADA40D0B71B6BED780A9EEFAB9402DB6B21644FEEE7000664F1AC6BE81900873C92345F50651C15901B41CD0A5BF5C742ED5D96F651582A2898A350198525AA32197A3C232A9B383DA9DD8C81567AAAADE83C66487DD6F24819178CD280252CC1AB5CBE515D2FC757AA9BABAB3A4F45AB0CB8682E86D3DBFA6084A5B77E78D17810ACBB55ACCD7EE74FBE624EA81E8B1804BEF83E426B76E004B228CA84DF4106DC33629D5CD45D4E345ED466FD3EB9E35E0F20D96FD6652DC6BEB8AE21BF46A1873BB6512FE102CB825FA4DA430A641045AD787B770006256DC8E845B33EB29FB82AB6D96D988FB428A25C61639272C261F2EC32AB60DE093C66E71D73CA586BA027DAE901839AF404EF7E01E4D2A30148DA9802C2C91DA78A02B41423BBBB011C29790ADC46FD4A488D23B8D473A21876B204ECEE0A50AC8EB5403973888265090F4A6F6F6ACB489CFB2173154928B19C849596F815B06EA270318CE585BF748BD8E1218090107B9887F83AF018B6A4E791247042C208D71A49EEE71620BACC8831398C302C752F95E4C79BAB3709323C04036068797532393509B6ACF47ACFD5F2DE0684C13C7824D6FC8984F25400A0E437AAA3F3556909B093709F5618C3301DAA5F52F2F3202F34083C248031CB88E54E138427A863959135C7F61E95A8BB0937B646F27B471772B78200E2BDB77CA6F5D373C2A7BA08EFAD330AC8A08C4810A1AD52E6033C738B15E3B471A9C550E26061A6947B2B1B36945F85A205C20B25CF4730064A1B05C5CF1D4453498271D560E7CA4F3868BD279CE2743464B58F38480F1B9728220630D4F09E09C32BFD7AACF46F0C730DCDDACE8FF2C781A929A59C0AF4E237050F418637353666B90B574F901686C18088990E2BCC1424327800C630641C315D89E2DD2FB6ABC7385077E1BBDCAB92C20FB27B8D3D1A34E25284C8EBAC0C00CA0791A9F443C53BC13FCC8C3C1E1F40E12BAFA69E1661E17F58B4F05362511955DD23ACD62A3ACCDBF800CB1CCD8785EE66CA60514DB48D6EC5CB9E3E64ADBBA43FEE5AB077DCDE6D295796330BCF3FA9A0D58A437561CC9C00D6B3230418CA4D5E82231C07624495EA8AA899DC8F42E5E99CA542ECCFAFBBF2E8149C824E466E40B35141F07332600C98DE345C3DED7EC0BB3437ABB9E14428CDD5E3DA0CB3FFA21007921CBF1F32B04E7372D4AE4F83D557887D2678FD6229150F64E1DC21B34EBA49A2BA7C3F02D586E53645828E1AE7E42FC9931D1FC61D391ECDCEB3EA0A48ACD2A6BD6CC69481D76D024BD139041E16AF196BF3095A59C79ECA55DA7EDEB74C99AE836BC4CCD81F632C6258006CDE3BE0AFAC92386BC841C2291C7915BFE630E1D3124F4EB90CA4FE87CE8507BE49394C7AFF19E33E0CCEA628477B461641224D3B05931128C4D34C57E65F2B8D78E050DE20CF506B1EA44E345250A5267A0A61576484A8E92E43B4306AB2F3E85646BB386019516AAE9927EDADEF34E29C0390AC4203EBA0488B3624A34FD9927B31B5C606170EB94E83A91BB284E1C8CDCB0F4B360200AF4B659943D388653F85C9352AE19488DB79A2FE1305E2BB8FD331A397E1985743E789E4C63912E06B14B66C82285AE4357FACEA39E7F82083EA60194CDB07A7C7700804527712F4708BFB430C38C102BA6BF437C608A61AECFEC2C5AFE516E0C9941884DBBD1BCC3165121209025A39429A312A03C1DCD1A69B0DAFFA9246FA3F869B62975FC8601162B240F677CF56C2158BD5A9D835EB8E07D1A8DA24A7EA24723223B56543DDB4B42BAC5CCD94AE87333058CE939E590599DF0F85A3BF02B02B67EB303C59FB86195034D560E225E70F5E55B4F43386004D9CE6AE430C3AD91D76C1CB4315680CF71C7F2B4B86068E225CE232342E9FC1AD173721A3CB94FB6C34F5E9E00A68DB4D3B597F092020E51BF4F5BA6C434450D896274AC2A021C675DF5E43868169573B0BCABC9B7C79C781F0AC0C108B18773B1EDA20E8583E59048E5D4A603310C94687BAB4FFED461E045A4BC3A3B15744A5188337A98555C70E11F018DC6CC6DD4A3EBB5BF00CA901B7A207E6C021C66DB8926D09F9151E800878979D15A2ED571750222E095A4A1546BF319561639E988981F5513410CCC60EF95C5C6768D83F980423433E0A4322458E6B007F43AB7342969B99790F094BEFDC2DE15FA1871E494B503802BAC8CB842563182321621C210975CEC766A0FFC308D808E5BD8D56666192144621A208AA516A71D3F9C2CEF6F02511900229B46DF8BC708C44E3D8A298F708196BC66F75F91732E5AF062775A9ACA36CE2DA64BC"));
-        byte[] sk = Hex.decode("07FEFF0702FB0106EFFCF40401F9FA0B03FF04FDF2FA0F0201F40810FC02FB0D140204050CF617FF00FD0805FDFB060007F2F2F6FA08FB05080504FF0801F306EEF5F8F607070202FDF9F3F6FAF5FF0703FCF1FBFD05FBFE03FBFD0509EFFF090BFFF903F20002F309FE0302F7F3050906FE110207F5F1060DEDFAF909FBFC1502FD010707FBFEF3FD03000A0301FCFAFAF50500FE06F50D030008F1FA130006F804030AFEFF08F5050800F603F60700FB08F80D0AFC06FF0FFF01FB00F7FE05FEF9F60301FBFE0A04F9FD05F402FC00FF09F70EFDFEF7F10808FB01FD030203F3FE0EF8F5080207FFF30D0201080A03EEF60104FC02FEF9FA0A02021000040705FEFF03FD06020009FD05FC06050204020A0D08FAF9F1050DFB07080A0405FC09FD1003090E0C000703060204FBF806000AFDF7F4FE0A0104FF04FBF6FA02F7EDFDEF050710EC0B0209F90600FF0703070509FA0CFCF9FC0304F6FFFA03F3FE0202FBFF0812FD1409FE02FBF5F80B08FF07FDFF06050209F609F90BF6FC0013EF020E0F0B04F4FA050DFF0BF8F5EF0AFCFEFBF70512EF10F505FAF7FFF9FCF7FAFDFC0808FE0A030CF8F50C02FD03F108040612F80214F6FC030C00F30B0EFA00FDF80C000603F809FF0304040AFEF807F60B05F5FAF6FBFA0A0A12FE0007FE0AFC06FE040606FC08F9FFF6FE0AF6FB04F6FB060C00FAFCFDFE0800FBFB05F7F20004FDF6FD02FC0210FB040DF604FC06EFFCFAFBF7F6F9F003FCF9FB050801F900FE0A02FF09FA0203F1F900FA06F501FA10FAF806FCFA03000908FC020AFCF70102F9FE05F202F2FF0900F702F4F1FE06FAFBFD08040705FFE9FCF90907FDFAF00F010B010B02F4FFF90FFB0401FF05FE08FF02F3FDF3FFFF10FB000FFF07030B0205020D0B01040BFBFFF9F71AF00306FEF704F3020AFE03F0FE1801000AFBFAF7FEF7EB03FB08060A020109FC0E0107FB020BF80506FA0CFD0116F603070E0808040AF60808FB04F903FEF1020204FB060FEBFD04FF07F8040708F807FEFCF9020A0A00F6F80A0D01FB02F5FEF40908F401FF02F8F50B060205FC11FA0404FBFF0305FF01FD0303FC0DFF030A0AFD0009FD06FB03010BFE0B0A0D0003F3FA07EEFF070008F7090206EDFAF9040709F50D07FEF50EF9F7FFF8040208FB03F6FDFEEB06F5EF03FCF506110200F6000D030603F3FCFB0E0EFFFA02F504030B090B02F90806FE0D04FC06F6FE04F90607170106FEFCF6FA05FBF0F6030600F4EF03FAF802F30004F30703F5F8FD05FEF0ECF9FC0209F906F5FA05070CF60FF709FEFAFB0D0305FF0102F807F703F0F40D0204FD02FDF108F80D0CF7FAFA070503FB0307FDFAFEFE08FA02F80D0B0AF7F710FC03FBFDEF07F9FD010104F1FEF1F4090507FA1101ED0B050212F80E02FE000708F5FFF202F500F7040DF303F3FEF4FC0D050105FFFF0A01F4F6FFFCF6FA0001F908FFF3F3F8060AFD150107FBF3FFFB05FA08F6000DFD11EEF9FEFF000CF600FA020204F70F0909FFF3FBFD0906F7F5060512020803FC0001FF0C05F8FEFBFBFEFE05F90307FEF7EA081105070102FAF706FFF41407FEF901F806FCF105030F0100FDFA01010807FFFB07F50DF4FBF70D01F805FAFCFF000AE6FE0D00F80AFB0007000009F8F8EEF3FA13FBFCFD05F9F503040EF608050CFC0E060304FBF80E00080901F7050C0007F9F009FCFD0001F9FB180EFFF9EFF400FA0206FE05FE06F6FEFE00F207F0F9030A0AFF00F6FE01FE0C090404F7F0FF04060F0B0806FDFDF6FBFBF2FFF4FAF80CF9FFFAFFFE000703060BF900F80A01FEFFFF0201FA00FE0BEC03F7FA00F8F60C040300F6FC03FC000014FD09F80203F7FC0A0D0007F806EFFF0409FF0007FF06ED0A0A02F3F1EF0403F8070405EF0102EA06FA0206000308FA0205010FFFFCF6EF0C16FAF7FA010DFD0503150EF903060803040004FD01FE010607FC15020808020406FDF5F304F7F8F6060AF7F7030CFC01050404FB01F8F8080905F70607060AF3F303F50501031200F502001205FE01030503FF0400F2F2080AF7F9F8020DFFF5FF03F8070806FB06020704EF02FD0C0108F90808FF0109F70BFC0BFFF30801130A09080202040EFFF504F5010704050A01EDFB0DFB1109FA0605FB030CFD01FC1601FAF9FD09FF0CFFFDFCFCF5F8F50606F9F8060102FBFFFBFB080CF913FB0409F9F90C0EFCF8F9FDFEF602F4FCFDFC040902050AF8FCF9FEF40C0A04100701F60E0901FC0200FF08FAFFFA05F70803FC0E0707F9010A0600FB010CFA06FD010EFEF7F7030011F202FFF5FFF20706F7FD03F50205F70500FAFFF705EEF7080C0A03020C0001000702FE02000404FC0105F0F7FFF0F7F6FB020DFEFBFDF0FF07FD090202FE080201000B0409070AF807020EF402FE1003FE02061202F8FF02F200EBF90BF8FDFBFF04000704FF0306F7F3FA04FD04FE0CFDF80BF804020501F3000403FAF8F704FEF80FFEFF06FCFA0109FE0AF200FC05F3FEF90701F40E00F1F8FD020BFA0B09ECF2FC090800FD05F109FAF708EB0C0D01F30AFD0B06F70004F9FF0902F604FAFC02FFFB02F5F50900FFF811FCFFFF09041402F5F604FC07FE01F4FD02F0FAFC0005FCF8FD06F80003FDF9FD0EF7FDF907F5FF07030B03FDFE00FE000F000A0D0303031508FAFA07FD0314FF0CFA0B0206FAFCFA02FE01F7FB03F70004F7F409FB04FFFE0601FF0AFA05F90401F51005020A08FF0A0CF805F5FF02FF0501F503F8FCFD000403F5FDF1F805EDFEF9FD0B04000008FF07FB0C14F8F9FB08F8FFFA05EFFBFF0002FDFAF2F802F8FB1A0202FC0010FBFBFEF9F705FDFCFA07FE14FA010D070B0105000008FCEF04F6FD0B04F9FFF00DFC0A050608F9FAFAFE00F7030BF50BFD10F5FA0F0100080C10FD0600FBF30A0A0CF4FF01F20A0E0D0CF4150000FC00FC00FF0E07FCFAF90CFDFDFCFDFCFEFCFEEE0A03FC07F80205F902F60A0208F3F7FEF90202FD00030004F2FAF903FBF80103060FFFF9EFFF01F412EC0A0105F901FF0E0A03080202F6FF09FBF209FA0DE805F4FBF506060110FC00050FF5EFF50A0BFEFF04FE14F3FF020EF802020508F5F9FEF90806FCFD050E0711070D01FA060205FF0204EFFEFDFB07FEFD00F90B030508F6EF02FE16F400FDFB060304F701F3F4F90501FB03F8F404E5FF02FB0A00F8FE0C0B000AFBFCFBFF00FAF2F5FFEB05F0FA05F5FFFA0408FB00F90204FF01FEF00C12FF01F8F6070402000502FCFC0B04010E021103FF0BEF09EAFDFB06FDF9FA080CFF11F90AFCFAFFFE0301030001EE0EF3FF0000F40FFEFB08EA00000F08FBFD10F307F1F5F200050105F9FB0AFD031302F4FFEEFE00F709080BF7FD06FE0EF5EB010DFD0607F707FA08EE08FB0007FF08010102FA00FB00000803FD04F806020500F8060CF4F9060EF9FE020A05FB0CFC0006070202F6F20003FD0DF106FA0206F10304FDF80F00FDF6EEFFFDFE0FEBFC0D1BFB05FDFF02FA0806F7FCF1FAFD0403FF06F80E01FBFBFC0C02F203F90B0B02FA0CF815FFFE080201FB16FA02040802F50503FDFFF8F7FBFD020202F8060D0601FC04F1030202F30FFEFCF50BF60901F306FE0605F9F8F502020A0406FAF80208FDF8F9FCFFFD0EF30B04FFF5FD040001F8040105010100FE0E00FDFB0606FA04F505F9F811040607FD080500FA07F300FFFBFEF0F5FD0209F802FF04FFF9FCF9FF0AFBF800F80AF9FC09F9F6FB0EF80805130B06FFFF0104F40603F10001FAFD06EDE5F8F90C05FF1202FEF000EA0006F801FFFAF1130CFDF9FCF806F913FFFE120609FAFB06000CFBF804F40BF4FCEC00FEFD01FB0307111206F9F1FF06FE020CFDF802FC0003F9FEFE06FEFBFBFB0BF8FB0C04030BFB00FC0405F8FD16FBFF0207EA08FEF5FA0F07F50506FE00F3F20BFC0A07F702080FF509060203FD0505FD0BF6F905021206FAFDFF03FFFC01F20204FEF6010009FF0BFDFC0C120402FF0602FC0106F40601FDF6010B0611FFFFFFFFF8F5F7FEFCF5FB02F805F50105FEFF0202FF09EC0408FC03EDFA00F306FCF8FD0301FBFA08F8FD0007FCFFF6061011F80E090D07050506FAF00AF8FFF40304FE020AFCFF0CFFFB0BFD0E0C05F50C02F60EFEFDEDFF090802FE09000BFF06F208FAF9FF07F500050901F508F1EC0BF9F6F30FF8F006F6F50007F107EBFFF80406FA090401FBF812F608F4FB09FB0FF8F0F1EEFBFE050011FF0AF7FDF201070C050EFEF5EFFD01FF08F500F3090BFCF201FEF90BFA0DEE01FDF8F5040109FA03FE0601F30D02F904FEF804FE070700FB12FAFDF9FA13030A02FAFFF60407FA02FCFEF3010E04FC04FAFCF4F7F802090307070F03F808F911F4FBF004FCF704FB0B13F8030B01F307FBF405FFF30105FAFC07040605FB0006F7031001FE120600FB02FD08FFF60C0709050108FC0CEEF41AF40DFD02FAF50AF6FEF10000F2FEFDF0F6FBF9F30BEE0D0E0105F6FF01F105070E06FEFF0713FBEBF8FF06F50100F504FDFBFD080AF9F6EDF9EBF60B09FE0C00FDFDFE00F51EF9050E0A030101F70A01FF02071BF2FEFCFF040309FA03FBFEFC14FCFDF6FC01FB0AFF020206F6FA0D11F7090BF9FCFD07FC080709FE06F4FDF5FDFBFF01FA0F0607FC02080601FF0506F7010808030006FCF8080F0200F2EF0AFF03EDFB03EEFA02F00AFFF80DFA11FDFA0FF801010BEE0103FA02F5FE03010704FCF6FEFF07FC0901FEFFFDFAFDFCF002EF02080506091208FA0B0AFB0116FD00FE0416FE01F70B0DF60110FF0608F60507F701F6FF06F3FFFE0BFCFCFBFBF80204FDFF11F307010301F6FAF003FE050704FD02FFFAF503000103F0FDFF1006060EF1FAFE00F8FE0A08FC02F8FA051406F508F8080306FEF8FE0F0108001305030DEE07060608FF07FE1107FDF80105F20A10FA03010C02FAFEEDF3FBFCFE060104FCFF01FF06F6F5FDF4FD0904F702FB0EF6FEFE01F8FAFB0003FBFB01F915F407FDFDFA01F9FC0A000807F5F8F4FDEFFE09050B0BFCF9FA030103F2FDF907FEFAF70502000FF50605FCFDFE0A05FDF5000201FE0EFAF613F9FB000404EF00FE0D04F901FBF60CF7FFFD0203F8FDF70301F2EB020405FFFD03FB09020405F5FD06FD10FD06F5F5F808090404FFFDFE08F9EFFF05040CF5F412FF03F4EE0308001007EF0BEE05FAF80FFA02080807F90001F8020906F4F2FAF901F501060800FC0306081601FAFD07010EF606FD05F9F305FDF504FDFF060F0606110A0002FA030007F80E040BFFFF070100F6050008FB05F8EEF70005FC0409FE0007FFFA1000FE08FD030B0104030D0106F8F9F4FA0901F8F7FEFE000D0FEB08FF020B0605010B010EFDF500F6FB02F6F8070000030AF6FC0702FAF90DFDF80009F901060B07FEFDF002F206F109000DFDF1FCFCFBEF07F7F307F608FD00F803F809F9010408FCFFF807FD00FC0DFDEDF90706FFF7FF0DFA02FA00F60000100205050B00F602FFFBF70BF60001000A09060A0A0A05F7FD01EE0EF8020BF5F006070AFD040B01F2040EF0F60AF90BFC03F9F102FDF50000F3FB090FFC0705F209090304FFFA07FDFA02060507F705EFFF0BFA01F2FBFDF503FEF5050E01F908F406030005FDFC1603F601FE00FE03F407F50308FEFF0403F90204F509F1FDFD0503FB05090802070D07F9F8EE050E0107FB00FB03FA07FBEE0012F310E4FF04FE000C01FDFF0206FBFDFEFD0802F6FC030702FB0203F7FE00FAF6F8ECF5010DFE00040BF3FF05FD0807F2FFF9FEF9FB08F7F7F6FBFE010708EEFD04FEFFED0209F703EF07FB0AEC020BFF060AFC040308FE030D05F109120CF80001F4F708FDFDFCF80B00F203F8F6040203020010030BF9FAF9FFF404F6F9FBFDF6FEF8F7FC01F2FCF8F3FFFFFCF7F20B0F0A00FBFCFD0408F50DFEFF08F504ECFD13FD10FD08FD05FF06F70407000C1005FAF7FBFBF304050DEC0101FF0CF1060010FDF9FF0705F404EF0307F9000106F801FB06F802F8FF080C0CECFE07F5F4FD06FCFC0401F7FE050EF3F9FE03FCF10302FF08040907000104F90303FE11F80602F5F70201FDFA060FFD03F40A1205F205070AFDFC0A0002FE01F902FFECF9000D00060EF0FB0D06EBF50C02F614F4080402FB000704FBF706020814FF0A01FC0A0E00F0F8F607F8F608F1050C04060213030BF60606F9040C03FBFFF3120403FDE70003F4010EEB090001F40903F8F9F5EF06110D08FD03FF0408FDF50D0407F9070201F9FEF4140F04000A07FA08FEE907030A05F6F8F4F7FC09F502FAF808F6F6FF06FA0100FF0B0D03ECF50AF7F0FAFD0A040901FD0FEFF70BFDF104F600FDF5F1F80DED0D070009F907EDEDEFF201F90B03F90D0301F5F706F402F5F7FFFF0AFBFFFAFF08F9FEF5120405FEF808FF05010A0AF9FD0DFDFAFAFBFD01EAF6FE0BF3F7080306F60D000403FEF90AFB03F70D06F907FDF811FDF806F707ED03FE0900F508FF0C07F704130805F6FA0300FCF900F804FCFB010309FAF9FE04F505F501FEFB00F4FA0A0500FF020A03F90EFFF80305F8FCFC03F20408F5FE00FA0009FAF80EFD0A0311FBFF0D00F9060505F60504FFFEFEFE0AEE0A010EFCF701FFF80302F0F9FCFDF5011209F8F80500F4EC090CFD0601F612FEFB0F0201FCF31007F7FCFFFD0F09F01013010707FB020307020402F9FF00FB00000E050600F7FAFB02FAFE0CFFEE050E020D07010304FFFCF9FB1101060907F606FCFAF9FFF90408FAFE080DF8F7040C07EFFCF7FBFE0CFCF40DF908F0FFF80803FD13FE000208FC0EF6040AF1FD01F2FDFF0800F80FFD0FF807FFF9FB01FAF8F9FCF8F7030CF7FC0305FE04010003080AFC0300F5FE04060AFAF114FFFDF5FFFFF70AF7170416FE0AF70207FB0AF5FDFA06F3FC10FD01FB040A03F9030707F708070507F308FB0AFA04020404F8EBFA06FCF403FDF7F7FC0D070306F5FA000AF0FDF300010EF8F9FEFEF904F801FBFDFEFE04F2F0FAF8F2F005020FFEF7F9F4040AFF000BFB03FD02F9FDFCF6FD11F815F701F2FF000CF7FF000AFB0F06FF011400FD04FE050209FC03FAF807FBF8FD060201FD07F607FF010E110AF2FBFBFD17F11508FC0202FA06F90B0A0602EF02FCF0F203F4F8FFFDEEFBFC0512FF01FB0103FFFCF5FCFB00F703FC0A09FD02F8FDF4FA07FFF404FBFB0CFDFFF1030610F3F6F5010017F501F505F4F603F1FF0A04060209FC010608EEFF05F60604FAF90202FB030502F4FD05F70312FAFF0007FCFB0B020C07090AF9F2F6F8F203F1FBFF000207030411FA01FFFE0303EFFE0606FEF6FD000901F900FD07FD0B00FC050004070DFD050CF50B0D03000104FC0002FCF6FCFFF008050D0002F00CFC0506FA030DF604EEFDF90609E902F5060AF7FA0A0309F90BFE02010E0B0405FFF6FAF80307FD09FFFDFFEE06E8FF090805F5FDF6F90C07F40C04FB0BFA04FBE604040DFFFEEF05ED020108FA00F804FEF00304FBFDF702FB02FAFA06E208040402F2F4080501FDFA00070DFAEF11030F10FDFB08FE0B08090101F1FEF7F5FF02FDF8FA02F8FEF8FAFDF4F5FF0809010108F80106FC0701FA0C0B0DFD050301EFEFF7FE04070A050C0BF6F308FC06090207FF0AF4FF09000A020304F5FE0204FC01000101E9FBFFFF090303F5EB1802011204090EF80004F9FEFFECF2FCFCF303F8F505FF07F80700040D08FE08F00006040006F9FAF7000C09F804FFFC00F910EAF8F80700FCF5F6FF0213F8FEFAF8150208FBF80803EE06FAF504EEF50F0800FAFCFFFA02030211F50CF6F8F004FBFC01FD0BF20CF7F60100F7FA05FFEE0507030807F8FCF6FB01FA010600FC05010308F61402F605FCF9FFF40601FCF9F605FF05FE0011F80AF9FC03FD00010B11F8F90802F9FC0600F50A02120501FA11FD03010AFC030C040405FB02FB04F0FAFCFBF700FC10FCF6FC01F301FCF803090DFA18FB0701030DFD02F204080806F106FEE9FDF507FF1505F8F8F8010C030909FD050306F40F08FE120A0C050102F7FBFB000604F8FDF8FEF8FE080AFDFD08FF00F007FC0003000401FDFFFAFC030401F2F6020CFDF80401F7F807FB07020C000C0101FEF6FEFDF60811140E08011407F905FA04F504F60AEDFB0210EFE405FBFFF9F0FB04F9F311F7FAF104F0F6000009F8F5F8F7F303FD0201041A04FC0509050301FE03F109F1F7F9F10311FFF3FB01F8F9F6F6F8F80AFBFDF20AFCFF0CFF01FBF8F4080DF502F201F0F7FC0AEC0713F6F90206F7FEF502FD05F9EB110001F8020706FA02F80105F404FD13F8F5FAF104FB0E0301FCFD04FBFF02F5FDEF03FEFBFD010D0708FFF4F6FEFFFEFD0CFEFD01F8FA1207090001050AF20909F50513FA06F3FBF4F7F40301010307FBF60103FB0B0AEDFC0D08FE09060A03120CFCFC1800F5FA030AF901F2E8F903F201F7050DF8F9FDED06FEF8F0F5060507F5031001FD05F3F008FE0BF9FE03F5000600FA0103FD06F8FDF9090CFDF60CFE050A05FFF8F206FD0904FC0200000106EF07F301FD08F701EDFD0300070F1404F30BF506F4FC09FAFFECF8F7FCFDFAFB07F60AFD0AFD03EE090900F80207F0FE04FE060A0B0603FDF9FC0000FBF3080B07F90904F0F808FC00F9FEFA04FFFE05FDF3F206F8FDFB03FB07FA010CF60DF7010FFEFFF40407F302FEF0F80D011306FE06F905F312FCF10107F3060310FFFDF507FF02F3FEF1FBF700FB060305050803F90703FA0405020BFC02FE03F315FF12F80806F80201FA020E00F9F9F90309FF080D0501FBF512050201FD08010AFBF606F00908FD09FBF30810FBF7FD130109FCEDFBFEF901FC01FC0FFC0403F51A1603F20812EB0404F9FDF700FB08F5EDFF01F108FE030CFCFDE9FF040703FC061100020C04FDEDF9F8FC0A0603FC02FE0AF806FA04050AFB0AF2F4F6FBF4090E060504FF0703FB010401040606F9010C00FC0B080400FBFD0B0C0505FBF3FCFCFEF610040D0808FEF4F001FB000EFF070806FFFCFEF406F9F4F8EFFFFC0605F80805EB0403F91313FF0303FC010206FE06F4F7FF000AFDFBF707FAFE04EE090A08EE0AF8F9FCF7F50C0308020C02F3FB030701FF0D08050BFBFCF9FE1200030704FFFCF9F3F00CF7FDF805F501050302F7F9F3F8F608FEF105FE05EFF6F7FBFF05FE0713FCF80D0B0303FC05020B13FEFEF9F1FD15FFFE01FAF508FAF703FDF81208FFF9F90700F4FDFFFEF502FDF90B0C05070701FE0AFAF9FD0706100007FEFA0DFEFC0BF8FDF6FD0104FB0309F706FC0606F101F9FEFCFB1302FCF4FFFCFA03FCFF07FFFD1509EF13030001EE040105F901F908EF09F7FE05FEF1F60CFEF7F50704EE05F801F70208FD01FEF812FEFAF50102F4EE0102F10906F902FA1316F3F60406EDFAFBF7F5F808FD04F807060701FF09FAF4F604F60002EEFCF2FC13FEFA02FDFA0814030207F6150004F6F501F10708FA0FF7F9FA0108F2F705020101F30E0906F50F0BFAF7EF0907FA0003F4F8040A08FC03FFFAF4F8060605FCF807FB0DFFF6FDFBF7FEF8060F05FFF700F1090907F403EC03F705FB10030E0AFAF7F7FD030AF6F205F603F3FB0AFAFF07F40BFF03FC08FE04FAFA0001F60903F602060DF6FBFF0801EF02F7FE000E0BFEFAFDF506F503FAEAFDF5FEF50C09FFFD00F9F6F809F9FA090102F5FF0000050A0400FD0DFD0705ECEFFFF7030200F2EBFAFA02040E0CFCFBFD00F90600FBEF0609F0FE03FCF9FDFC05FB08F3FB130DFF0F0208FB1006FDFA02F902FB1108FDFFF8FEFD0311FFFA0502FBF905FD0AFEF50C08FC06F1FBF7F40003FD07FF060809FBFEF30A0500F6080BF60D0CFC030707F5F413F903FE040006040A0C0403F612090002050E0AF610FB0401FDECFBF7020DF9030405F609F0F0ED0103050FFD0B070506F808FBF6FB0519020703F808000609F402FF0907F3F9FC0704F7FCF7FBFB0D070AFA0BFCFC130AF804F2FF040105F0F1020408FDFCF9F407F7FBFDF300FBFC050A0E12F4031504FAFD0214FDF103F2FEFC0801FEFEFEF91502F10700FF08FCFB01FD060C01F6FC01FD070107FFEEF010FD0B0208FA00F7040103FF0BF904FEFF02FC07FEFE0007F80305030204FA03F9E8000D02FFF4F4F60408040105F2FC0DFD0504110102FE0F00E706F301F7FF0108F90305FA0202F3FCF612F101FEFBF80E0C09FDFD000013FEF6FEF6FE0BFF03170001EC0501FBF4FDF0F80BFEFD111C02FFFC06F801F8FDF9010BFE09F6050602020BFB0C05F90401ED0FF6060E02E9FFFFF700FE0E0304F2F5F6FBFAFCFD03FCF5040417FDF506FB05000BF8FFF1FE0405F102FEFCFE08040C0F06ECF6F6F9F4FFF9F9FBF8F1FE00FFF40CF4FD07FB0503010B15F3FEF90CEEF80AFF0BFE08FFFAF3FB0AF301FEFDFD01020706FEF5F714F601FD040A0A0D0A0BFF07FA0700EFFDFDFBFC06FDFE00F804F3FF00FF0AFAF9F801050F07FC0310F7FA08FAFF0203FEF6EEEBFF000009F906FA0A0CEEFFF1F7F4FEF3F5F4FFFC10FB080608FFF6F906FCF6FE0D00FF040B02FC0BFF00060D01060A0AF600F50CFFFCFBFFFBF9F8FE070EF5FEF8FBF606FB000DF706EE04FBF0030BF000F3F8FDF002FA070A0603FB02FC01FEFA0407FA00F2FFFDF2F80BF607F70402FC07F211FDF8FF0101FDEDF601F4FBEB04F0FB04FCFD050101080A0AF50302FC0803FE1200FEFDFDF3EE090E050DF9F803EEF1F4F802FCFD11FB02F4FE02040A0C03FF1506F806FEF9FCFE01FCF4FD0104FA02FCF9EC0911FAF2FD06FD03030A05F50A04F4FEF7FF0B050001FB07F80601FEFE0CF9F7EF0C1209FE06FF07FEFA0600FF02080207FFFAF5F407F5FAF500F90303F81106F90BFC050FF900000D07FD02F9090306F90107F407F3F7000007FDFC090003FEFA00F307FDEEF0F9FFF70CFF0BFAF9EB0B040605F70504FA00020CFEFF09FD0CFD03FB00FF0CFE0205FC02FB08FE06FCFF06FD070108FC0DF60E070EF7040D00FF00F1FE0108FBFD090008F7F812F006F7F2F60916F0FD0F02030404010502FEF6F0FBF10BFDFCF3FD0F0FFE08FF00FD02FD0602FE00040CF100010AFCFFF90818F800FC010F0AF60A0403FAFBFF030803080DFDF9FEFC070E0AF30200FBFCFBF913FBF3F9F9F1F7EB0C06FCFF040D01F0FF080009FA0C0AFF0505040008FDF6FE01FDF8FAFD01F9F90708010908FEFAFEFC010C000312040804F6F8FD0406020D0004000405F8F8070EF8F4FC070706F80A05F4F90803FEF3FC00F6F206FA0CFAEB00FC00000AF2FBF705FF0AFFFF0604FF040709040401FE1505F1000EFA030F0BFFFE0602FD03FEF5FF03FBF0000F07FB030000EF01FDFA09F80A0606F804F5EB10F502080606FE0A0703FFFC0308F40806FEFFF9F6FDFBFFF1FD090501FAFB050E0BF9FEF8FFFE00F701FFFAFE04FF0204FE0CFCFF00FCEB0F0D0006070606FB0802FB07FB060306F907EFFFFFF8FA0AFE02FEF70F06F8010100041211020608F505030407F400FEEE09F9F3040D0B00F703FDFD01FA0004050E01FCF801F6010806060308FC0AFE070BF813F9FE0F0EF8F700F708FBFCF2FDFC0DFEF4F7F70BF9F4FEFCFCFC0BFFFE0AFFFFF6FDFAFEF7FD0C1005040AFBFC10F9F907FE0AFB090808050100FCF901FB190FF20C00F8090106000C050AFC0A0201FA0902FE0503F2FAFF06F0FAF6FB050204F905F604F6FCF90005FDFB00FC0B05F1FDFEFB00FEF703F705F8080A12FCFEFA08120001ECFEF7F40FFC05060008FBFFF607FAFDF403FAF616F8F402F9ED1204090A05EB00EEFC10FD03F602FA0FFD010807060504FCFFFFFE0C0BFEF7F7F4010C0AFDFA040EFE0415F702F3F3F905FC0A0102010B05F4FFF7FBFBF701F80EF400FA03F8FEFC08F9F91BFC05FEECF90B06F907F9FBF409FA02F70605F5F6FC09F5FC0BFFFEF007FC0B080001FAEFFA0DFBFEFD0504FD0CFA0205F6F908ECEEF8EFFFFA02FC03020BFFFAFA0E03FE08F400EF0102F8F1FD0002FDEB060AF9060808060712030401F603F5EB01F6F604FBF8F0FDF201F50AFD000606FB03FF010E01F9F707FD000C04FD020F0600020AF403FE0707F902FA0CF8000503FFFA09041019FF0CFDF8F0F5FCEC0BF7FEF80610FF04000504F5F907F204ED0009F70002FF03010208FE08070404F606FE11F4020C0505FD05FDFF00FAFDFD03FDF10A0103FCF801FEF4FD0604FAFDF2020004FB0A021DF90308FB03030109F008FF01FF05090007F107FFF70607070600FBF602FC09FEEE00F7ECF201FCFB00FE0000FA0803FAFCF8FB03FAF8FAFC0B0903FF0906041003FBF901F900FE05FCFEF5FB020203FB00FFFB050B0503050003FEF8FB050105F9FE00F9070802FC0BF6FC0FEF08F406FE0313070404FFF8FBF9FA090AFBF9FD01F4020504FE020FF8F3FA00080308000C0FF6FD010BE603F305FBFFFB0111FCF5FC09F5FC0D111200FD0306FF1101030608FF04FF07FFF6F40301F303FEFD0903FE13F201FF03FFF5F703FD0A10FAFB0105FDFD0D040FFEFEF8F60CFA10F2FE00F404F7000DF304FCFCF40F0209FB020300F7F1FDFEF5FCF8F9F7FE0DFA04F20D02FF0B0EF80AFB0AF90A01FBF303FDF2FAF706F802F806F60209FB010702F5F502F9FAFCFCFEF9FCFDFAF80108FDF609FB00F6F1F7F607FB0C0101FB0BF00BFFF71A0104F004FEF3FD01F90DFB04F507010B09FDFBFC18FFFAFC040EFE09040004060708F8FDFFFD01050703FDEDFA08F5F4F0F2090811030701140AF9FC03050306FF0A0D0109F5F1FF0107FC0200030DF801F5ED0613FFFEEE0C0A030705FB0A0E00F8F5FC0A0C02FCFEF9070F0208030E01EFFB08F5090A05F8FEF7FDFD1001FEFB0209F70F0202FA02F900FCFE0208FCFFF4FAEBF7F6FE010801F606EB04FC0BFC04FC00F8F805F10FFA050DF30407FD04F0FBFA01F602F8FD04FD060EFC080F070F0014FB050F0106FEF00503F4F5FEFAF600F0FDFA0FF604FA0F09020010EFF5FEF904FC090904FE050900FFFA05FE0BFB00F9FAF4FDF4FEFA0CFC0D040701060204080E06040402FAFB00000006FE04F0FB1200FCFDFBFE020C0A0BFA010C0CF2FB030404F90D0208FD0900F7F9FC030CF3EE0416FE08FF0DFEF0F3F4070DF904F907EF07FFFA04060406F0000D00F3070406F6F5F808F4F8FB0B05F90EFD0705FEF0F9FB0803090C02FBFEF6FCF1F3F9020405FD07F30EDE000108FB06FCFEFEFDF3FDFBF4FC0302010204F2FBF50309FFFCFFF500FE0C0A0A0E05E9FEF90609F80405EEF8FD020303FE0AFE16FEFFFDFEF6FB07ECF308FFFF07FB0A03F6FD0004080FF902FEFEF70A09030A0910F80E000E11060DF505FDFF0402090C0FF708F6F2FDF505F5010706F90606040704FDFAFF00FBF7FAFF0D0A0110010201FAFAFB1706FE0203FD03F6F5FCF8F20D021205FD050BF6F1F10205040BFEF3FCFBFEF9FEF1FD0500F9F9000106EF08000908F4F8F0F4F8F90602FF0601F3ECFD04F6FE0C010202F4030001F900080704FB030108F9FDFEF8030602FE04070BF8F50713F8FAF102FB0DE6FC07FB04F707FC0E01EFF80B00FC05FAFEFDFCFDF703FF0706F8EE0308FAFDF501FF02FCFDFFF2F5020B0B10010D000A0A01FEFDFD02F60205FAFFF109FA0804FB040F02050012F603FEFC06000FFF01F8000A0613FD0BFAF6FDF806ECFD09F20000F2F8FFFEFD14FFFCFDFE16050C03FC030D0811FD16FE12FFFF140CFEF2FA0806F205FD08EBF2020905F9F2F9090601060300FFF9FA14FA0B05F4FEFD08FE0D0A0003FE07F7FBF8F7FCF502F70204110C1101F601FDF1080D02FF06000403FAF90701040AF0FB0103F5F903F4F0F510F5FEEF0A0107F505FF0401FCFD05FD030B060FF9F602FCF8EBFE06010DF70DFDFA06FDFDFDFA04FD00FB08FAFF090108FB05F00C0BF700FB04FD05F6FEF2F80608FC03FEF7F7020B050FF60EEF0600F7F50A0C0305F7F6FBF3FD06FB06FAFF0012FB0602FF0705F700FB06FF09FD040206F202F401FF07030105F8F305000E04FFF7F8F804FA04F70006FA0BFEFBF8FDFFEF08FBFE02ED03020BF506F7FC03070400020E0608FE04E9FB0106FCFEECF902FE041700F6F605F6FF05FE00030404000D0500F8050200FBEF0AFF01FEFCF40604FEFD0A080008EFFAF7FC0607F9FE0106060108F4F7F3F004FAEDF7FD06F8EC03FD030E031108090A090301FEF60603FDF501060A06F9F9FBFDEE0D0805040902F403FBF901F8FA0602F602FAFEFC02050C0902030A030D0D08F30609F80CF70507FBF6FD08FEF7FEF909F6F90808F8FEF904000BF809FC01FC0C0DFB0AF20404F912FFF501F60A05F2030B0614FF030000FC0008F60C05F200FA070104FE0FFB090C0E0806F0FEFEF8010000FA0305090507F6FFFAFD0D020BF80511FB01160A03FA04F309F9FB0D0D0302FFFAFE05FEF901FD09F51201FF0F05130503F8F7FD02FAFAF903070D0BFD0D0C0605EB07060909FE0D0CF500FCFEFD1306010502FBF4FCFA100DF0FEF9030009020009040901F607F8FBFFF70CFD04020708FEF506FCFEFEFAF702FDF705030902F9FA01FF0110FCFB0702F9FA0BF70C0A02020B0705FB0000FB11FFF2F80BFEFA14F7F6030108080001F111030715FDED0A0B05FAF5F7FBF605FCFD0401F3FEE7F20007060E020503090608060306FA0DF4F202F4F2FD05010B0005F7F7FE05FBF50BFFFAF80707F706EDF8FDFEFAF3FF010905FE0B000909FB0AFFF801FA0D0C05F7E1090200030B00090BFA06FAFBFA0A03051201FB0600F4010F03F80B0AF1FCFFFEF101F704F4F201030214FBE0FCFFFE0CFEF2F5FB0B02FBF8FD02F5F2FA0405FEF60BF705FD00F909FEFFF301000902F510F000010001FBFBFDF0FFFD0E05FFFAF1F91304FE04FF0201FD0A06090305FA03F0FE01F6F802FBFFFFFB01F4FB0AEB080308F9F201FFF403FC0C0AFDEF0F010203EDF3FF09030606FFFCFE040101FB02FEF3FD06F6EF02F6FDFFFD0100FB12FDFEFFF604020F07050B0F1AFD0406F7FAFEF2F70F0A090BF108FFFA0402F2FEF7FDF9F5F500F9F5FF0F06F50A0204FBF6F70A06F707FD06FA03080306FDFB0905FEFA08F00B0FFF11010403040600FFFA02070202F30A03FBF1040C0F0008FBF904F70E02060A08FDFEF5F3F6FBF80807090AF6FBF7F601FCF41700F806FA0201FBFC0B0BFBFC08F1F401FAFE0D0406000407FA090505090BFD0B0507F4FD0A09F90408090AF8FCF40CFA0B0218FBFD0411FEFE1004FDF201F80213000509FF110CFA01FA0201F602060811F30900FEFBFFFCF10106080A081107F1FF0C0303F506F6F703030AFCFBFA0EFD02F4020102E805F90501030FF4FA0409020109F2080BFE01F91302FCF61803000CF4050BFBF5FA11FE03FC031402F8F0F802F9F6FA0D1508060605070AF406FDFBFA000C0A04F90003FBFA0E0007FF0000060600FCFF01FD0009FDFFFDFFF50D00FCF5F5F3061308F1FEFD060903FF03FCF7F2FEFF06010904F214F703FE0104000B0405FA06FBFDFE03F50202110EFEEF041205EA070607FB00F9FE03F8F7FCF60F0512FCF70200FDF804FD0702FF030804160803FD0C0906FE03F7FF070E0219F5FAFF05F20401F904FDF2FA050C00FDF102F4F60BF90CF307F9F6FCF5010BFA0601FFEE07FBFEFE15FEFA0CFFF5010DFE06F60700F6FB05F708ED1201FCEB0AFD01ECF7FDF5FC010300FE02FDFEF7F50803F4FC05110400E90211020901F705F606F802FC09FF0B0AF9F9F7FEFFFB0CFFFDF309FCFD03FD0F0FFD09FB02010CF30001FD0103FEF1FF08F8FDF3100AF908EA07070201FD050C03FA0D1104FBF7FB08F20EF9FF01FCFF080313F70001F8FD0B05FB11F7FD0109FE000DFCF603F8F80A02F905FFF80CF9050607F80204FE100000FF020B04FDFB0109FB1001F7FFF8EBF4F408FD0F0BF9030EFCF4FCF600FE030807FD04F8F3F8FB0A08EE050304020606FF03F80AF006F1FFF806170305FCF507F704F80A10F7FC01F900F602FCF8FB0009F10704FA0404FE0FF70400F000FFF701FAFD09030203070901FCECF206090109000B0FFE0A040203F7FA0BFBFF02F800F9F8F9FCFC0C0504F9010FF9FF08030504FE050104F8F813FBFE0B00FFFA050603100505070003FF0D020FFE01FB05EC12FDFEF009F4F4050BF6FDF20802FAFC020C02ECFE010602FE01FBEFFFFE06FC100EFEF6F6070AF9FC05FB05F701040909FD03F1FAF400FB07F908000A03EF01031005F511F9FEFBFC06050812EBFCF90103060516F8FBFAFEF9FD020AFE0A0C01FEFEFF05F40303EB07FD0106F9F601051206FE0E00FD03FD0E050C05F3FCF400F110F804FEFC0902080807F80CFAEF0A0F01EFF40D0305FBFF02020B040000F50706FD04FBFCFDFAFEF604FEF905FB0B08F6000C0E0700FFFB040209FD04F5F202030309FF02030D0A060B0404F0140201F7FEFE06F3030F06FD06F2FC04EFF6FDFA060407FCF30508070703EB03F9F70A010C0C020EFDF8FEFEFD0B0C0BF0FFF90714FB01F90FF60AFEFAF407FC0BEF1205F001FF0508FBF0F5FCFFFD04FBF9FE00FA0A090E0CFAF7F3FF0200020905F8FF050CFFFCF8FBFE110200FB060AEEFE15FD0BFB09070FFEFC12EEF80D06FD0108FB0805FA02FA110A0607FFECFA00F904F3FF06FB0C08050A000AF212FFFEF5F50204120305F803F5010508FCF80202F90F02F81705000007FB07FB120300FF07F7FA01F9FD0A0212F8FAFCF7FBF40705FB0B070204FAFFFEFC04020D08F5F70C04100FF9FCFDFBF7FFF3000A0800ED02000A0304FFFB00F7F80A0706070115FFFA01FAFAFBFD01F8FBFD02020204010AFDF703FDF2F10801FBF8F9FCFDF7FEFB12FC06FD0AEBF6F600FA0BFBFE06FFFEF9F9F3FD0701F3FF080CED10F500FC01F4090E050407010903040807060404F8F5FB05FFF1090CF0080BFDF30903F9F804FBEC00F60201F50302F6FF07060807F4EC05F8FE060DF8E208F300FDFCFDFEEB08F4090104F50106040E0B0D031608FDFF0E09F80DFE05F603FD10F705F9FB0609FCFA02030C03F806F806060506030807FE0107060005FA0EF81108F6EF0C06FC04F707FC04F202F7F60B0307F3030306080EFF0B0BF8F9FF0106FF07060104FE0A00F00204F9FE100708FCFCFDF002F4FAF6FE02FF07F30B08FE0E0CFAFA09FEFE0508100CFB0C030F0306FDF9010FFA03F6FDFA08F605FA08FFFDF407FCFF0600F416FB07FA0206FAFA03FA0507F3070E03100BFA01F602000C090004FCF6F30FFAF2FAF804F8FD00FE06060601030307060002000105FD04F608FF0101F90AF6100900FA0500F601F70909FDF1070C09FC02F4FC0805090DF10BF9010F05FBFB130DF20106F104F202FF06FCF1130CF8BC708C44E3D8A298F708196BC66F75F91732E5AF062775A9ACA36CE2DA64BCF62CAA4F63293C7A8F894856E9F263EB9CA4A0648141B4B0EA3A2D3364C36A83");
-        int smlen = 6209;
-        byte[] sm = Hex.decode("3FB2759E1BCA07730566D4FBBF3FC19A39C68F190095789EC555884EE97E9ACDB09109C5A9CA96658603D63A5A23C9D8DB7D8C54D07738E958BDA1E631ADED4329AE16B183374E1C3976DF1EC94BC79B773E8569973EDA418AC903B534A83B8B2F7CF7856ECED63F2626530EBBE3D22A734B457F2B1F168225753A0F3B030251CE7F414740D707D10A65BA6F7464E0291749AB9CC694A81CF54AB8AA21F3687D197FD3AD1EB37EAB1A19A67B1C396BC480B2CA19D650FCD9335FF245863787275540D7D1F5FCB278C558AD6CF15C154073A846B51754D45A2439FC08382E93CB657E1CFD3B3DEE5394C5F81513041A356D2EB938CF196B1B4BF96186ED75697745A3304BFA7ED23F77DFEBEC60A2C2441EE6B695CD17E2166956CACA25B09DE505187CBA23F62D86D0871BD6B8FD2D116743110DA3386A7401DAEF39506C9091B5D32675660A7380C5E837FB7206604C1A4931B8D6D452C5F4095EC1B7EF0CD11710DCB6A18749B788079AB1902135B62280D928167559696A3A2EAEFADE345F91D8CE49EBB109CC926C28077AB5B1B9BA946D929C2BB969061829A6E58A0FA5B168F5A1A7722CDF9A23CD75946CFAD9D624F4DB6A47C78EDA05EDBFE164F6FCB4C32BED70FC7D04BEAD5392F26ACF330B99A9A4140B5ACD0F215A16CC463F6BC4B7BD5D81B51F98C586E58C68BE97ADA48CED599933F2CDD994B9B52B3D93C44D9ACA191FDC0FD894C8AFD58B05D73432D6A90991FA87089B68D7CD7D1B136F7E3BF0FD266F82D13B1E456FBB6E29DF3D330E2D9440AC0AB5805C524463EDCA6D27ACB13B1B4F0881FF3A5A19E2D512A84192FDEA959FB87A555610DD44497EF3AAE91D075EECF7945FC2B8FC531B53FCD236687D05457999E1B3510D92FA433205E4E42E5B474E2FE7EAFD88BCD3375DAEDA0FAE4D40A63E09F2C99CD9620279BD1C34A8AD5B014CE8898B17AB33C1BD311CBF3CA6EBE0C9217AE3D09D978C0A8A41FC558A8D31BF37FEF59D1F46575CCEEA07F500E1CD85CD00FC20B449892E9C463C60342F526CA6F25F6291DC72330B5DA6C24CBC0CC75D8146CCFBD1FA47D36250EE5113BD9A54846E40FCDE4CF33E38328B48BCA3953C99495AB14B5AE2ADAE893181B1AD49EFF63D3A432DAA67572006A4001179363EAAA1701FF939D69FAA27EBD7BF71DA1029C84B4980251ED9C19AE67591AC719D2038D39BBF95B29B217A95CE10DDADF65CCD90A6BE492CFE0345D5AB3BA26F44846E96E330E853D68132B6F5B1B8913C02997551E55EF4A2C48B0EED24060FD549087E85ABDFADFB35B13D9A44EC677818EC64CF1446EB9F012160E5998272993377D8B751F87F8F370D904642EE9AEAEECF498ABEFD14FDFF1DB90C41401FC4F6DF93429A944ED1F90D834D7C5FBE5651FE291488605872926ED853C0B23E958DF376C75AE1909BCE043EA6AC3B035ED0350C07DE7749F7181E2DB5C5A4CFF983634AC34A4D416CBECAB4BC40C96EE2AB20A513E865B792F2BFCCDE4F9107CB9887F3FA77F4FA9D625EB32FB856036768F6E89424345BEC0CE938D71C37DE7C0CC130957C15D06E764D819AEB5E05328C50BBF7B01EA9F2952D5861705FE66A8EF3F22295C408259901ADF5E675A9D72125467B18C75A0CA5C84BE77E8A678FCB1A98EFD90496527B509CEE1DF01B1C535273B109E5ED1F8C6012EB79C7F5F5B9412A4F7DE6FFDE45F10F79BF1135A370C953BEF71EECBA75718A56441049B8C306E371B02250B179ADC42B9DC0963C9D6F991F66AFAF05B7ADFE8FFA71E8FF3BF14B08550A8499F543A8FA45C4BEF6D4635EAF889652E4EC4E24B7343C48F32C61C661291747B6FF99057C797B7FE93A58FC219D44C3973E1C11973F8CC00A29EB43235E0B9DE326F134FA55CFEF1B7D1AA00FFFCD8A3F9AFA1127EDD97C5D20D642203F65D5C5151AE773B3683ECE96726CC61C13997CC8C8F291D77779686E33BC09EEA6B8739122D2B90B78022F368B01833D94ECB2091BB45A45AA7784603502B1C54657F8A7F6E122C7B46393A466933BD806FB4411288DCABEA5E2788AB0C088AC9A45C587C087CA9FD4C131969BC9F2025DB8FA4484CBEF0C6C7D887FC22599C28593DC8D586ED81D38D35249D7E01FF6DB898CEE78B6214EF2C215B76E55FB0A65CA3EBBB5586F4255AA2BD802C5E2B60A6051B5C4BFDB48C4520290F2FB1BD5A6D156CA375C1E700765F9923ACA126D41CDBA2F2DF339D143870CDC2964B20483154EB8E8D59651C17FA7898176073DD353B629D327BA130F2E56A9594D177A1EE82847BA8F8AFDC669F7BE160F1EA6C6EFB747D9BAB0AC58DCDC8D33B5F7BAABE5274DD7D4B5AA439C713615D4B255814A5D2AF44D5382264F3F9F48872A38D36D1F15C90FB768C9B690EC989FF28CC135D29330D84EA33EB173271DDF8F5DF885076251370F59AC0E4DEEF640D5C04ECE8778C1D8F839462C5504916CBF555167836076C88A848903B3779E007745F3CCC8282CC526306DD63492F0A004A99821D1BBC065A255F4FDCF426BF97CF9933DA6A79B577919F7605446A25CB549A3057785522EF5A56E3288D42D714163F16A36EBC6607779691C7A1E5C420E24A64299AA03930DE872575A18A0D004CE7CCBE85BE4227F2146E176F0B0689BF51988ACAC366444E2281B5A81FA505E01223818185BE05074AF0C94C4B99F1AE6CB4033487DB1EA46B3A59A1B840845570F468F6E8BE1CEC813148FC421A4A62BEC0D8CE9DBE73AC17D44FE36C93DDCAB402EDB129BAA93795AE54608169F58BD8D115EC6392DBC2BEF8BBFB820827E76B266F480D4E7229B4119C35AE0AE1F222DAD22DD9CB3DBC76D80722F74E6BA87C7918BF33811850F3C9300E0FC880B889CD3EF2C3E2D63B21AB7A05867B460D7B96050BA8F812B79B29851CE5EA92202BB553972EB1ED8CB82289987EF0B314D2E787DDE3CAD96238D7BD182CC404F8B19F3FD4AA55C75DFEAFBF6228A37B72CF57152B4CF7A65872ECAACA21FAC42849BD2D1A5812196AC6A52EB51709710AE1BE2345465DD98D42135BDF67C1A022A338F4E60686746B62B2624FCA52A46DBE515714A2C8E9CF76B14D2A7FA3A734D27657DE99C8A0A5883A1A9ACD6568A0F5926E93AF2017CCF8623C7363CB52390A93FD1143C575AD3B35EEC387321EC87B93C16FF30DC8848DAD229B0CC561F75F64D948A0CD82AC62DDE0AB9DD13973E9B6A19DEC429620A6BD52F0203820F3D2DB2369D121A093E64071E926919BB8B7BB0C3E58EDD9A69F5ED8A1C7210290BFADCE31284BB69C5F02B5E8D13F19E159FF334DFC5AC94798E1C87230424AD32FAC495299F357F74D914FBA9349F0D26491444C5A7B2F0388ED098A182122BA1C1A8FB751C52376E4385449B06F92C3005EF39BDB758AB542F7B3BA43A9D6D3B1B88977712E0A8F08C898AF5DEA1DD4E83BFB763DCDDFD34EF33E208F98AF8F90AC173ADDAC9E701B3F014560A1D029598D91C6A5715A4102F2162B8FA44A4B9F002E0E1C8D2C5906745708648A690B8CA89E6ECDF1BA155EF1D256305D94D790A856C79E39A22470824AD09A52F96D15CA3B0C09D19CE23C7880D774AC00D59C3009183163FC98FF74F99E03A550283A8D300E1C618678E2F8EC2D69B15E822571ED7A5F35D6FCBE5AEEDB56FFB6352D60434CCA2C5DBA90E82AD9298FB1369A06A1FE93098C86AAEDBF846F59A3390845B8EDD2FB8D08622AF52DFF43F1918EFCE00D5184BC19D4C782027248DCD875EC1B9BDBFDC7DE08A92E4838AE7871B897D9F5BD23256B9686CB001B5B2DBE7D79B2094E2B26C103C38E81F51A75DB8871A6AD28AB5AADF94BECF43D928B155FD4900A3F0F2332B992C0091B8B21D8609BFE9A1EA84313ACB83ADBC8478320BEBEDA9AEF0BC1A9B3FC4BCEEC226D13AE4A5163DEA4D019B148EF98285717AC45A935CB71B103FFFD9B6739CF1916AF5F3D61AC37CD9584DB4A2F9A24D38F61B83232DD33680DC30C32CFB9DBA27A6BA2BB8B2159F3EDA7F37402212755225CD99CC1A37A99F2413A4C57D1A73D9BA1DD02E310DAD355A14FD01A3EED8F73008607775AF0A5BE621EC16F2111A5148F977E9F79460450CC21AC5FCD8EB04BBA536385563D288BF592D3ED7BFA3A12CD9F914CD0C35770A4A928705D25E13AB4A05C437E009595B14381A5E215870EB468B06607F30FD88CACD1C11478BAB4372B9438AE4DB6C606941BCE98322E0FDCF59009DFC5E7A4C483B00DDF2386A236272DBA0D8064F27B7C1BE90DA8B592CEA17EB33ABD5A7E19DD69A805A6AEB6773D0E8CF6450C3C2FE55E0B7180CDD8863106D75431482BDF9C182977B91330B0F0ABF796D5348CD84FE0036E52860F7801ECD8EA9E69784994D425CD5ED09A63251835A233ECA4CA9B9AF6CF154AE4465EBF089F19D32024AA2C144DA004F84A7A6F22C3D71600245AFF5F1E5A1D9D5CF24FCFC0228A534E9E6447CE7DDEBD8DCCAB3BC0933DB333A39031EEA2EF6B81A9BB34A7F67554FDFCA8048FCD97E76CC082A93FC4F98D32910B895682D1FB3F5E97E463131F56364283ECF2AE029149B9CB73817AEECA497360C23ADCE8111D86E2C7005ADD2C8C0503A99DC91D30F9D20866C17E296649B161416C181F136608A05434074D567CDE728F7B31B60B97C04055698E108E6A2A65A77EDBFBB2F05AEABABF166B6DF25DC3A70062050C779CBBA550A62F021CD6222165082EC37858901D0A46C815579AA998EEBF4B3387B6BD71B0F16EF5B68CBC6A47E1A3DE015331953F3D3510385F1E048ECB84E7EF929142225DF16234EBD672B686D297E5A9168C6F97EF6C97501D4E086E9D73D1994D3C38C912691D8F0E00E0E2F0CD95B42F3F70194E3183BF9537188D1105D44839F7F3EDAB0E10232DAA9FC673D6071F3589095B6C392A766F0DC9D9B8DD563B1EB82076CBBB7C5636C516D3F200A3B43D384E79042E936E51C3D1A4D3F621CF738EE51D6D29F22D658E2370410E841A5CA7C3122AC26BF26730AEC0B23D8CDB46B6F3E0C4EF15410B15D83BCDF67BF2AD9EDBBC3890F70670FBFF86A4645A58F1EB5C49C8F6973CFEE2E1E38879F59D1740172A52744BCD839CACAC94BC3DBDA37A97A2FBDAD6AE0CCDF080B57CDE454092D763A1020E176515075DCC37148AEDAC1C7BA090B12DBA260F08F04C689661EB926716ADF5FB7159822E226BD3DE2EBEE1F98685CBD99CCFB09A6C9FBFBE377A122FDC01B9B7FD82F759129A6D0B0FCC9E8AD566A19FA04C12B95C4154E35215F5F11255493AFD5E66B73D4E0572F01454D1848A13BC0A9374BDC90994B0004D9D2EAC8FB506E7CD764A1B2A9016BEDDBFB987741FB68265E5B05CDFA46A4A7A1BC25ABFEF37118CE8118BCF92F32C433E5252D8DFC195D4CE5699A2CDC1612EAA171423E6299F86C2A976DB4C1E421E140BFEE8406DC649C57FE27A77CAF3481B8687DB07F9921790AB5D502CED457C3538E688F143A69175A535101E1DEE82C5E39A579DA178CE233105BA5275E27E79441548D9E0F70CBEC5C7E179D6FD8E167F90C3A79D964CC23CFE18D6BC300753961BAEF0EC6AEDDDCFB1760B6DB3D0B667B8E120CD3F867017507783F223106CA7753D94BC60E65538589FA87807F7AB8791C1957C9510A9FBB91D513DE0ED7166155E911A5622A6A49DCF1DE3DEA4072E5DA75583B6EFE781FBFE31F7AE50F4FB8897586B8078144CAE9842CEDA34EB9E0B996E3CA46F11BCCA46ECB81DFB191236046294BB0120ADFDA2EC0DBB7D4CC6353BE9E64FD668710B1CCD305349C0B7877566E3DDC4E21985FA6000229004DFEA9F39421476A5E33C9163CDAE4C7676B1097E48C70DCBD4B39CE4AAC3ACFE73CE9C0D826B8A61CCA0DD2340C860E57496A1915BF065AA6557E26A151603D31CA94410E6C3E6D5AC80FF6F71DAE371D020CEBFB58EC73017C8D2D6D6221598678D752DBBA95113CDF71848D2E05D22613451627456A96D15BD277EE04884F3F296B0DC5314EBA22356CE09D4C0BB7246419D8674E4D10EF64B3F057D95E70BF1086ADDB100453D81E19939BB18AAC1343FABE39E308284A8D6A38BE238B6E0503A504727AC20B48A2C26C130E7A9678BEF07A1828ADDAB90740526F99C11D3217E001172CDD33D6D6E949A8ECB963C0A5283189AE8C98B21933FF691931758E842977A4F3F337252105CF22AD836F91E4FE5CE97FE4CE59EBCC4DA2A56D9413BD356BF65EF6FB2CA2201EB31BA56D717D2F9C038BFA76A52610AEA57D45500A1408AA8876AFF585A2FF309C3EC852B9568AE1CF9D97635759932E61D61DD6E67402912EC538BD0DF9D0BF25C862C91E301AC499E64C061FC14E89EC361A10FA0C85132BCEE7AF028C663BE3B0E12EAC52F691FB66E58E34EF2AF4C5A9DB0A0AB01DA372E39BB824F9D6AF847DF6A08F680B4F99466D6E6F404F0B92210D641375ECBC0C10A38DD1CF449A75BF2420A294EECD649013E160D793A247D1649E03A535292ED3D88EF7901DC845CD9703BF0948DB61C08EA89C33A3DA436874AD22ABEC43A5F2896833E15B3102A66E2A7D69D272FFFD4CC8979B9733718B95B605166DBE16ED1FD1C5CB2571E7D9FEAB2BAF693448C1E9613E8FBB25E05E2838390F3D9D2CA88D4B1739AEF4039A168E908D245ED38CA96F98569FFEA949946B76BF6F1DCA0B866CF0AE157314A28B76654EFECBABBA1C58ACB48E61587B42DE0F5BF8D5A3DB6C2E1D1632894D940CF10F71390B1DE07A4DEC38EA93A67439361E71FD8149D26DD8A21E9B98DA1FCC014052D0FF54DA3B2A335D0122FAA1332B193043A9119BAB7BC8F3209812B5280625C44ADBCB92907B6C387E0BDB1B9EDC0377C03E305C7333897588C2EFDDDC82E95ACAA329839EAE514F8E8A46A9126847933E73820922CF62528DB950EAF940F72A7383A486F5E210120987173A75A7D1B12097287F9146735A7BA110E22BE8B2FE720B2DA6CD8D59C8A32E5B43BCB9B42B78103BA2C25C13693AD4F2CF49A93D4B543AD7E4BE7E7304074E906D114E77C9448A8318E71F67C3C5A3B3379B40D44D9D1740C8D5003B03AA614099CB77B97A1B121DE9F75A69CCE3B7F1A2AF7B2B7702919F45544F778D5DFB9B7DB1C5AD98B36ECF231300178EF1154F4B93CE197815F6C5D2C3A3EC2A3E6F9FCC360B47D5A362BF4A41982ADE9C1377EE1162A9ADA02B966F502931045537D5CFA700C5EE0B818C8B280CDC07B1C34046A908D31CAE7681AB7A59AC371326211C170E9240B4B00222F628ED734ED39D5D0A4D1D4937202F82A531B94084FFB7033595460B41C5DC021D955C8EBDD8787140F60FFA21BFE680234BF5EE2F3F998FD9662A657BABDF4FE4A3191D7456B928BA2C0F08596015B803CE938522A88B44292223DA54BB1A0318ED439C5E0B1513AF667D1AEB8A0228AACDADDB02F689CD43FD15B8B10B12359EB83936F9191BD4671A3EF7F5998B70EBE29E551CBC4EEB214DD776AB62B20D1DB533CB2621AC0D00D88BE1E21243DCEAA1494EBD581992F6F9171B9FEBE919DA5B61A99D2D5C3A23EB447EAD4857F217CE80CC5765E014B851CDB56518160B69C56F4A1FB9542792390FF4DF407E1BE94408A2C856DAF3F95EF4E1D3CDFCD5ADC8F9BFC95F5D7A9AF8835DF3205FD81BCBB06DC10A72E57855DF16794F3B0F0EC83B36922267755777517875390D7E5520D46610B5008ECE82C08E20888C4785A1CADA07E929E1324EF710D48212B739EB5276A4C895C46BE8A405332DF93E93BED6C2075261F90DB4ABA03B4F7884B663268AE18C11479098611FCB7B0F9645E315819995DF3F3A45221A6DB71874A0585A197A01E67CBC85DB02A4B3ED2BEEE43031E7065BEB838C601BF2B161633BC9C04B506564E5DF517F1445140029665EFB724F5F5D88FF654AB18A6D65AB04E3F36720A26E4D9676148020D634FF0B74DCC828394F9AFCE7C8443097A0091FE8255F03D5A9B5AA00FE9E6056B11BB772AA6361C51938447B57F3195081483AA1DF6B5A71D050AAD3C855A770A1636019DB9EE75875D542848A285140B1B7FE054B4FFC719CAAA3B21FC5BE4B92F45D7A99254733303DDDA18AB271CCB2DACA27B600CB5CA50E857070CDB657FE559B21CFB3C596B24727501707B64A657E3B46FF1DA18842E0227C02261F88EBA6F9502856752D5D5B6208FE660645860E42A32786C3E54E8AF6DCD3E9ADB76BC0200A4A17B1CD89815301AC45EA3070EA99FEFA310B7FDBCFBE817EF28A04F44A76B38015A27985E5D9D706997C1DF67CCAC869D4FC9972AF47FE2908C3B1349728796903DA78F67562D693418345E041FC6F9E3A991299EC387C53CA9DDC0428001216637F92AA19BED77CAEBBC2BD3972AF5B07FADF92F54E82210ADFD3623939BDEB5D5BDB019D89A1EBDDD98C1B1D6BDD854EBB594516183B32C24F4C8DF07943CE77857AA0F10D27D3FF0DEDE7026F924E34153F9741CB2D7394401B20BCC53965ABDD26881FD3CF2AC83825E1DC1D1402F679BA8AC57737EDF7FE7860580424559DFD9042C88DFDE010943F3C3BFF61283143C46BA1E85CDE3284AE526CD5DEA7A401F07AF0A88586C599FF640B4B9C4C601E650D7E9E4092A940F9E4771084112F8D8A7FA8E5DC43DF8214242AB81E8FB5A097F80E01C9B436C125DD616FF680DBB16A24F90F45A42CC1A05111E062348D14C1EFFAD81C4D8D734FCBFBEADE3D3F8A039FAA2A2C9957E835AD55B22E75BF57BB556AC8");
-
-        doTestKAT(QTESLASecurityCategory.PROVABLY_SECURE_III, pk, sk, seed, msg, sm);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/RainbowSignerTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/RainbowSignerTest.java
deleted file mode 100644
index e692e5a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/RainbowSignerTest.java
+++ /dev/null

@@ -1,62 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.digests.SHA224Digest;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.pqc.crypto.DigestingMessageSigner;
-import org.bouncycastle.pqc.crypto.rainbow.RainbowKeyGenerationParameters;
-import org.bouncycastle.pqc.crypto.rainbow.RainbowKeyPairGenerator;
-import org.bouncycastle.pqc.crypto.rainbow.RainbowParameters;
-import org.bouncycastle.pqc.crypto.rainbow.RainbowSigner;
-import org.bouncycastle.util.BigIntegers;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-public class RainbowSignerTest
-extends SimpleTest
-{
-    public String getName()
-    {
-        return "Rainbow";
-    }
-
-    public void performTest()
-    {
-        RainbowParameters params = new RainbowParameters();
-
-        RainbowKeyPairGenerator rainbowKeyGen = new RainbowKeyPairGenerator();
-        RainbowKeyGenerationParameters genParam = new RainbowKeyGenerationParameters(new SecureRandom(), params);
-
-        rainbowKeyGen.init(genParam);
-
-        AsymmetricCipherKeyPair pair = rainbowKeyGen.generateKeyPair();
-
-        ParametersWithRandom param = new ParametersWithRandom(pair.getPrivate(), new SecureRandom());
-
-        DigestingMessageSigner rainbowSigner = new DigestingMessageSigner(new RainbowSigner() , new SHA224Digest());
-
-        rainbowSigner.init(true, param);
-
-        byte[] message = BigIntegers.asUnsignedByteArray(new BigInteger("968236873715988614170569073515315707566766479517"));
-        rainbowSigner.update(message, 0, message.length);
-        byte[] sig = rainbowSigner.generateSignature();
-
-        rainbowSigner.init(false, pair.getPublic());
-        rainbowSigner.update(message, 0, message.length);
-
-        if (!rainbowSigner.verifySignature(sig))
-        {
-            fail("verification fails");
-        }
-    }
-
-    public static void main(
-            String[]    args)
-    {
-        runTest(new RainbowSignerTest());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/RegressionTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/RegressionTest.java
deleted file mode 100644
index 2e51e7b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/RegressionTest.java
+++ /dev/null

@@ -1,35 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import org.bouncycastle.util.test.Test;
-import org.bouncycastle.util.test.TestResult;
-
-public class RegressionTest
-{
-    public static Test[]    tests = {
-        new GMSSSignerTest(),
-        new McElieceFujisakiCipherTest(),
-        new McElieceKobaraImaiCipherTest(),
-        new McElieceCipherTest(),
-        new McEliecePointchevalCipherTest(),
-        new RainbowSignerTest() ,
-        new Sphincs256Test(),
-        new NewHopeTest()
-    };
-
-    public static void main(
-        String[]    args)
-    {
-        for (int i = 0; i != tests.length; i++)
-        {
-            TestResult  result = tests[i].perform();
-            
-            if (result.getException() != null)
-            {
-                result.getException().printStackTrace();
-            }
-            
-            System.out.println(result);
-        }
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/Sphincs256Test.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/Sphincs256Test.java
deleted file mode 100644
index 2c90160..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/Sphincs256Test.java
+++ /dev/null

@@ -1,1679 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.digests.SHA3Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.digests.SHA512tDigest;
-import org.bouncycastle.pqc.crypto.MessageSigner;
-import org.bouncycastle.pqc.crypto.sphincs.SPHINCS256KeyGenerationParameters;
-import org.bouncycastle.pqc.crypto.sphincs.SPHINCS256KeyPairGenerator;
-import org.bouncycastle.pqc.crypto.sphincs.SPHINCS256Signer;
-import org.bouncycastle.pqc.crypto.sphincs.SPHINCSPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.sphincs.SPHINCSPublicKeyParameters;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Base64;
-import org.bouncycastle.util.test.SimpleTest;
-
-
-public class Sphincs256Test
-    extends SimpleTest
-{
-    // test vector courtesy the "Yawning Angel" GO implementation and the SUPERCOP reference implementation.
-    byte[] msg = Strings.toByteArray("Cthulhu Fthagn --What a wonderful phrase!Cthulhu Fthagn --Say it and you're crazed!");
-
-    byte[] expBlakePub = Base64.decode(
-        "ICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6Ozw9Pj9AQUJDREVGR0hJSktM"
-            + "TU5PUFFSU1RVVldYWVpbXF1eX2BhYmNkZWZnaGlqa2xtbm9wcXJzdHV2d3h5"
-            + "ent8fX5/gIGCg4SFhoeIiYqLjI2Oj5CRkpOUlZaXmJmam5ydnp+goaKjpKWm"
-            + "p6ipqqusra6vsLGys7S1tre4ubq7vL2+v8DBwsPExcbHyMnKy8zNzs/Q0dLT"
-            + "1NXW19jZ2tvc3d7f4OHi4+Tl5ufo6err7O3u7/Dx8vP09fb3+Pn6+/z9/v8A"
-            + "AQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRobHB0eHyAhIiMkJSYnKCkqKywt"
-            + "Li8wMTIzNDU2Nzg5Ojs8PT4/QEFCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFla"
-            + "W1xdXl9gYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXp7fH1+f4CBgoOEhYaH"
-            + "iImKi4yNjo+QkZKTlJWWl5iZmpucnZ6foKGio6SlpqeoqaqrrK2ur7CxsrO0"
-            + "tba3uLm6u7y9vr/AwcLDxMXGx8jJysvMzc7P0NHS09TV1tfY2drb3N3e3+Dh"
-            + "4uPk5ebn6Onq6+zt7u/w8fLz9PX29/j5+vv8/f7/AAECAwQFBgcICQoLDA0O"
-            + "DxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4vMDEyMzQ1Njc4OTo7"
-            + "PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWltcXV5fYGFiY2RlZmdo"
-            + "aWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKDhIWGh4iJiouMjY6PkJGSk5SV"
-            + "lpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+wsbKztLW2t7i5uru8vb6/wMHC"
-            + "w8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd3t/g4eLj5OXm5+jp6uvs7e7v"
-            + "8PHy8/T19vf4+fr7/P3+/wABAgMEBQYHCAkKCwwNDg8QERITFBUWFxgZGhsc"
-            + "HR4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6Ozw9Pj9AQUJDREVGR0hJ"
-            + "SktMTU5PUFFSU1RVVldYWVpbXF1eX2BhYmNkZWZnaGlqa2xtbm9wcXJzdHV2"
-            + "d3h5ent8fX5/gIGCg4SFhoeIiYqLjI2Oj5CRkpOUlZaXmJmam5ydnp+goaKj"
-            + "pKWmp6ipqqusra6vsLGys7S1tre4ubq7vL2+v8DBwsPExcbHyMnKy8zNzs/Q"
-            + "0dLT1NXW19jZ2tvc3d7f4OHi4+Tl5ufo6err7O3u7/Dx8vP09fb3+Pn6+/z9"
-            + "/v8AAQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRobHB0eHweosZZTNIli4FJn"
-            + "DJwDmiT955i6r8DOENuXZL6Be24i");
-
-    byte[] expBlakePriv = Base64.decode(
-        "AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKiss"
-            + "LS4vMDEyMzQ1Njc4OTo7PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZ"
-            + "WltcXV5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKDhIWG"
-            + "h4iJiouMjY6PkJGSk5SVlpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+wsbKz"
-            + "tLW2t7i5uru8vb6/wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd3t/g"
-            + "4eLj5OXm5+jp6uvs7e7v8PHy8/T19vf4+fr7/P3+/wABAgMEBQYHCAkKCwwN"
-            + "Dg8QERITFBUWFxgZGhscHR4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6"
-            + "Ozw9Pj9AQUJDREVGR0hJSktMTU5PUFFSU1RVVldYWVpbXF1eX2BhYmNkZWZn"
-            + "aGlqa2xtbm9wcXJzdHV2d3h5ent8fX5/gIGCg4SFhoeIiYqLjI2Oj5CRkpOU"
-            + "lZaXmJmam5ydnp+goaKjpKWmp6ipqqusra6vsLGys7S1tre4ubq7vL2+v8DB"
-            + "wsPExcbHyMnKy8zNzs/Q0dLT1NXW19jZ2tvc3d7f4OHi4+Tl5ufo6err7O3u"
-            + "7/Dx8vP09fb3+Pn6+/z9/v8AAQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRob"
-            + "HB0eHyAhIiMkJSYnKCkqKywtLi8wMTIzNDU2Nzg5Ojs8PT4/QEFCQ0RFRkdI"
-            + "SUpLTE1OT1BRUlNUVVZXWFlaW1xdXl9gYWJjZGVmZ2hpamtsbW5vcHFyc3R1"
-            + "dnd4eXp7fH1+f4CBgoOEhYaHiImKi4yNjo+QkZKTlJWWl5iZmpucnZ6foKGi"
-            + "o6SlpqeoqaqrrK2ur7CxsrO0tba3uLm6u7y9vr/AwcLDxMXGx8jJysvMzc7P"
-            + "0NHS09TV1tfY2drb3N3e3+Dh4uPk5ebn6Onq6+zt7u/w8fLz9PX29/j5+vv8"
-            + "/f7/AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygp"
-            + "KissLS4vMDEyMzQ1Njc4OTo7PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVW"
-            + "V1hZWltcXV5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKD"
-            + "hIWGh4iJiouMjY6PkJGSk5SVlpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+w"
-            + "sbKztLW2t7i5uru8vb6/wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd"
-            + "3t/g4eLj5OXm5+jp6uvs7e7v8PHy8/T19vf4+fr7/P3+/wABAgMEBQYHCAkK"
-            + "CwwNDg8QERITFBUWFxgZGhscHR4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY3"
-            + "ODk6Ozw9Pj8=");
-
-    byte[] expBlakeSig = Base64.decode(
-        "rflldCn6HfDvP3o+MjcBEmveu8ICu9KFow7QygXKQMcZcaylqTeDDGFt+wq7xhGHNVtkVxj9iUf6HbjVWgvgaESIjnFyf+O7ChIJkI9QVwvAOaEnnkOV7lWj"
-            + "S0Je3PwHHV+E3brp8XNBGQOyh044YkwZXQordFyKHSYWUJIT0XcB8Vd02FnDri/97ZsYMTzLVB4tsoVORjBnNf4jQrO5LtqQ3v5djROiJhVxSfhvKUd1hGHJ"
-            + "ut/QvxtfEPwPnZ5oPq4T/qYQUIOo1QnxQBVNTCeZRpluzwG0nM6bqncPYTZulxmLtslmQO8+AvDG+tob18h3FEgles+PaJXVrHbsAeesCV/urvMndsalVrKc"
-            + "wUPMvEDG1GlzGXu1w5TdBj4iaUU3wcwNdLuLee6mjcyH/NdfvjDm8xA0qQMW/104whUUyvQwQ5tMetIcncXCQ4HcYM1KEgkLo7ySLpnCrBcYEUCmnlgjyr7y"
-            + "3gEJZICsiL8FYGjsxddccCqvtwlTeZVdQMnevquzt+nKo8eDM1N8JKHLq6WMwP03XUD0CEYmj9J/d1DVO9BOqpAURNTo8dKWgL70D139Kn5KeiuscYFppbnX"
-            + "mDhZ8pcfjv2tCFGCG4Rf1pDDkYWl6hVg/QCDMS7ZStFJ2nhyILdsRf7sYVVDEKdsELV3azQU37yOITWncvX8YO0yMOZ2fvKYI9BziiIck0u0PAjPYva6WfFx"
-            + "irMElAs0Ro+Hrzcvi4d9UwQvuY7HNKcJJfwoaAVbet3sn1T2WPk2ZgkSguo4CYKsWgxp+/PL3FxTnBpG5HNmUEJe8Yvcw9fdwhhhPRxaYggpDdOH2OKSYgPw"
-            + "1De7QKqsOI/mqHAge8nO4cRCLEI/AmKyjKxKYaOW6nARLGOBjYnCj/81oHrTclKDXmO4DfCcQWzn1HOc11RMHZN5ERRnGIzMcXU1RVIMC0T7HCGGquaCPnvQ"
-            + "6pjAzyXkMWFpihqevKGe6sn/NmgF+MZxboy2+cz5yysESiqnmMvsfdLl+rOb7+fwbYsYeeEVtaM7bZIGZZ4z9Hn7yfkxwGmzgfFqNglrrINMOHo8YVKMny3d"
-            + "Wkm/2CyOvMSQE5nPQYzlqPodrBoR88XjAN54zOjknT2lmBy3RzdnINtFZczcvYmADUop40Vfz0pNtI68aJJDCeGJpAd2iYkWRugsXYkAODTk5LBrjZ0dI+mU"
-            + "yRLn7FCpgLnSXu6JppuNMnTTUMrWLGXtywznMFRDZ7fbIXHvT+Ezs7y6GbOZaSGON6RhAyKRpwGQdjBJeK0bCjPmcoLPaJEjo2rcvdAsxdSrExrREc+oeKtV"
-            + "B0mIaJRyrF91R9uXWu1ltm7zqeoIDv/jfV+Mi1lTllbiO5FIcAfmAoQU9nU4/GLCD4VGnEJCzxtwOsuNUD/mIREGAdmM3TOjXZZw5rceoAQy43lncTUon7GI"
-            + "TiZxlANu/pZTOHVdYcQclywv0RvofIB901C+PqWEhXWXbxjP38mWpz4tOI3GGR9G051HlWk+udIdwxWyaCt/n21DPhS7btIcr4lPTDu6A+C9jin+yIoafixj"
-            + "+hHIJmx5OWfCgxjkRyRZhtgCeXAn47AWCEShnlcvzTzJ9Fma/nOotiIJV89unuxtSnuT3fel0UgiAMgrsj4BW4arpx7s1dp4ve2PI9eaGUoybK2/nC/xuQez"
-            + "I5yDHbTHDamBtlIU8of0ubgiTLKn/sSeR5N3D9Fm7adanJXuF4pRQXl5zLLEySHWKYo72BksgPkKrTvhJGltjmKd1Fgcp1o+7Z8khcMKlegkP1uQzNpkaUll"
-            + "4O+r/jj511iG3ynNN7nHd7dZkjlsWh6XECHQ9VqM+gwDMR6YzfRaVEpg0amVQDUzi7JBo453xV8HtZRzxZrybzku4c+3sc6B4V9NNtPWIDQvYlo5fizBacBr"
-            + "GQLoMD+Y/2pMbeccwN1uRcHm3IcFlRLOCUP28cTn6x7PZBY9KLENeu94AhM8ExJG1hoZXCo9BnfHpcJi2z+kqv2wXR6tgALk5BZ/OAO0CIDR/vAeh7u4q44p"
-            + "op4EI2KZxFQzE+EI/fBf461ILn3pjPUOKNaMNfcSVfnL1Zi+O3Qbm8n84lIfO12WxuYJososbJfa9fhscmVqqqAV+Qc1l5LGFDzqX3afwbmaNK3u+fVf5Myb"
-            + "6ldMWE5Ft02QBcQfQkalu7Bnwwrj+i0VxwelssR/SDspYl5tHgUoar5p6wXDmHRStwq/xVybCnAXk0LcOmNZAmIrwOfkIy0nKwTrkJjChE4BiUzqtsytLSO1"
-            + "t45FmEi4KSJnBUxE++uU1aLoyCaBxjr61Z7R8KXIaF5F6xPdOh233/hZGdc6mBktMUm4nmliD6V33BAZcgqidH0VI/LfOR+uSBtEF/dvm1rxa1DfviYqTAuW"
-            + "V8G6WzVLn75E9BWuEOX6Ba9Hj2DjZ4xu5NrHJ2ycQoiUrHYKlB1nLZboJqW7qXmhm1Y/SR/BYuPc5Jl7ftTCdbUj0xRvl3hnRZk/WHZweaPguqAp/rewjmGn"
-            + "ua3GQ13FUnQnKb3iQDfKT2UCxC0jnqLGwNj4RS7fuzaIAvH8QcvTmM/gTMs2Mq71T5xVS0kYRcIpmyupdMY3tXiWOhLhyBef0Wh0XcddR7rJ5dyNeCmBul4q"
-            + "tAZ/3f4vECDVe9VL+oqhT/WRCbDymqIov4ZvOpyxirbOeXI/hkiweHsWN9YWmJazMSB+1vt96SmF0ZVP/AvCenK2G1qNlgcBkb7jDdBgziAHL3+Joq2hInOg"
-            + "Ikb8HIVWQOAmR9GCFQFOFWxCO0iuAQ1S4g9muDrq2vP/hWKdqGwQMeVaC4GVVdf9rhSQQrHjp/SX8RfmP+hLmW53u0cY9Q1FyY9JCzRaEtf8vX2fMaRm3yLc"
-            + "w1/ASpB2sdoSpEGS8AYwqXS/iNJ9X7CC3GMTZBgWGSKXmmGpbMcplVfJysHg2q46ZqL3ls5lqdOG1R9Qpmlovzj4HomszOfk3yApOA6rYiPbx9MI9ovwg6MM"
-            + "vfaqLzBNgOjYGVtOhQjK87+v/5SleKesAzvh45aRaDaIqqZu9ZzxTrjTxavsdOC9kuoeUapG9LCktZSgC6L8CtHwoyHuwJ/sqhVMLYnP+78vmJdXXmvHLKXw"
-            + "Rvj6Ea/VEiq1+eYzuLNYrawAG++tg2SkiUPlmUctf0gkzokSj8VjiFv/b8eB9kXmyLhp4KJiMVyAfzjy/5XL5VanWcZ9JvCp38T33GaAeXOnjdsCiSHZ59C8"
-            + "+rw9SZP96tMU5xiw5Nd1fwQcAR7EDzWqakSgu9IUhd8v/giceqk7ZI8USJNCgqAON50FGh+qgIFObRNbnVqBOa8vv040t+4J6Kcgl/9G3FunPnZ3J3wpr4Hm"
-            + "jzMTB9cGuBxZxz8d4iyw1UcRAwJe3pjxs3f743MqEechy2WHiJdaXqhd3cZrIRr+SWHMCDDdEtUvCvFWt9B6tOeTGqxnm6r/Q0KaB/kwNb1rDZI0ohRkFXys"
-            + "Pwxyo4WPUEpAJCqN3qNANJq52IvL9U+KCX0AjfAYQEXhshmqDhk9VpRtajABKRRIK5qUDWJPQcyTKXIIR7pop6GdTYSq5OMfLm8ApWI98lefaP/aBf5VLAiw"
-            + "cVUQzCvuu4YfKCG53qx4dEmL7+h/xs0mnSM8ZK5Mz4kTrsE2pShZg6Mp6B7nppibBrmSIFoNMptEwI/PPJ8YiAIGgcSkKNUgGkjG+lbTgqvucZk9LqqoLq6p"
-            + "+JqNFhvyJ0aWhuT2KY02pKr0WyqCsj/A3l+yoUogjqva6eSxqpDaERNjfY7JZRnOyH3kLOQkPkG/pdMNMWpoMpTKF88BA3XeJXvNX/2ogbmsa8EtGeXzsz8O"
-            + "feZIIwvQnHbVulGdY79tFtmLgyZgIuQXLcR3g2rI5e20Asa2JUwJQtBTmg0j0vsH7hVvYwgc8+2yB1Yzw0O9LhJfXOJxCB+75DM9IlAr0zR34/UHCxriS7x3"
-            + "eADRrE0WnYumxfLTHxTSV16C/qsdR7bSHokHn4XGPL4lwKbcF7TWjo2JUHCv6rjUonyrFjN0XxUctY49VFAWbDObK8V8IaNbydJsh/tQfffG0Jp1l0+XVNml"
-            + "j8QN1YyQqvXU4u6yrDQZ/8EudBgAMpfYDBYYqXJx/iG6eGQ17CQ9rS12SKT4rSbwGdPRm4bkLR1tiJYCyLV3AByKH0XtzmSl5UYZeT0iJC0QPysjhq42DfoX"
-            + "IBnoGRSoQ/6D4f/qiQB+l/4VBsME0y7zXK0YflcvSemKCc60fE0oKQQDNpux5qp7hvelZt0YpgIDHCpnV0X5HqnE4cEsOM008RI9xeBQhn8AnZTUsPmWK6zc"
-            + "iAXGc031p/Ocs1lG/KAi4ba+nWCc/3O/6DjAI3x91Ga+sl5hrI7IwNbWCXUMz4jY5YDbtC5g7MmvN/78Av4hyZL1Ll0Yl5s0FMeMAMq89ZY4LAxUH+uOfnDi"
-            + "EZ0W4cl/j9YKJpv23h7Wjhj2bzTAHB2J7mklEX3/N/sVaroJTuPy+4fP6sZfB+zAHHlHdjj+Avn9KJzvbWLcMijIU0YEzeWXW8VagYv+dB+ns/gmqY3Lcv/K"
-            + "4erV4u89Huv3qiISoIch1AFH/pFZDuloCsTNKOFH54t/2D1xI616RTR1iX4EVN3rQ+080BF7Upo4PrISD+igX3eNYJC6wRSol0gvLPGGBTBe4Pcj3yQk8Cbq"
-            + "/iVP4mQM8scPXxOfiuLbYQz0nQQLJEGsVto5IreUCMApKn2BHkyxOV3k0jDQ8MBIp3SEkEjANWGV+t22aaZauyn2PJnN0le8oVqb2jiM57s6MMrPT3KPJbQp"
-            + "2AzNJLy3378FjNZW2T/ft8wS9oLAS2Vz+4ke2SquI/YRVgK7Cvq0Dnb+CXkp8qibiqmISSc26BQKe6AYjqskVoGf915sqweSkdduX1Q6tdQNUtVB/6QneF8d"
-            + "vFHAzpqAvQ5cxzGh5+aRfwtADWRKWRmR/+JfhNvWaFRp0hhGtGR/uCyudOnVzBITuoPtL8pLnaHn4aFvsimi/FlMwMZdDhHo+ZWH3we4B7e9T3bRuNi02bUT"
-            + "ewV3jWw1btK6ZEef2Vv9TrAn26D3ZF2Vp556YCovd9JXx45IkhsqBS66yoiB7z7weob9EXqbGm/R03yaCjuwDXiar9v5EaEorbpmT4Ot8zXtOFUEdNcoGqps"
-            + "1zP/WDHsX79+bSgrvGjkzix0YL9poPf7JjZVbHNp9usn1tJeiSPA/10TEsGdA08y/iiiH8IAjnkANZEOjfwSqTqfT/sTONsum6UoAmWLLwCHHM1tF/5s9gJJ"
-            + "mEY+TavKHVNiUvljldo2lOQwS9RjUerbEx/b4wGVUbVped9zC5qNFBbNChE77PHoTRxEsKSbVLkbiVHQbt17yIC4XfKEOcWEkjy+n7X2K5YCOmaUBnStCAo4"
-            + "q1xuGH6y6ckEchi23nH6bJqD6mHGIvqSLf/jTKQvztVHwZv+djR623UDyn9f+uoNORO0T9tRsY/Cn7ouklO/nBCYWtWkqXC2U8sA+1Bim+EUd2woHQrcoLBS"
-            + "dhYivg2p7jZliIWrzT8oLeqR3ZoIp+NqfsBvaADPD2FIYrfE2VoinPv6qOr7wd2kTuCzlE1G0X25XQHgp1GokLCyIMVkfpjrQ82vTq7fVAPMdfoTwfnqsRCY"
-            + "VlD6MV1RGA+vAaazwi5OHtHh9pyudLht3FLdTP0jJfEDAL5zLP45CsmuF+mUdwczXWCeQ7EgQGk1DWw3h67inzhiT6KEBz01SZnFgXgTusuKCBPfEKWSaICZ"
-            + "6USZkHyCPIdtF43H8gqRTMXBaYvk+0JamuOnjJ1H3p80X2G8HhWZZLW/HTuqTOzxVUXU/6ZLqlXK0EmxSzRUX7Gt6nidxZH9sUaFqIhsa6qvsGQ3cyJJnlHe"
-            + "CD7irUAXewoxJPzIU2z/jyPp0WYwLvj2ufm8LomzYFDPXJYNDi5avhOCD41LI/l2dDzKW9yI1pGQu5HJTEadPnJGWhS2Da5q7Q09Uvp3RNI28/nMeAQ482az"
-            + "XoVQybYk/NK2K0eExVEBNHxzn/dY648FNE6owq5f9k7lZSJA0kW0/I65Lt5KlyeiAcWbw11Dt3h8NlMJnh94tBSOJkTK0o7ApeuPa7moUR373+Ka0XzXkgkd"
-            + "nPIc7up6RBYDBeeZ032EJ+7D5GI17m+5a3YI73EOj172DEyPqjAbPWgQChZJRg6BUiWTpOu0guQZa2+ZdC7Df+onc2PRICMyFCAzC5s2NDvzElIfANfm3+sj"
-            + "gCV0ZaWw9NSOC3I+nuziLQ4YMf4RDwdkSB3zpGu9DcbOzNrGvEjlDfARLIRtzqFcS5EpraDCFASnAeIhvh3i6ulHXfVyhsNltxDs8Uqa0igd+zh7AgJU10Wx"
-            + "T4/jmwvvsJMPB0tXNZs1hr1rrpVdy5TVIqKh+plW5rV0w+N8rVSzkOV9V7UQlerIjhlmi7zLrCp64g5guJ1h0/gRtqXoz+AOGvAsPL2xJ+nMnIcDNHMxwtJv"
-            + "SB7l2WhXHYjcT7mBAM8PYUhit8TZWiKc+/qo6vvB3aRO4LOUTUbRfbldAeD/lR5qjQfcRLf6yXO3SeJMuk5mWzT+Ly8kuIOhnImfaU6HV58c8Cucqce9lDK2"
-            + "0Mv6YzU8fgeTdJ1D1VOXE+aYgTaCn0skY0AQbWikNGWDo+Ks9RcC+0oroxW58Prh5rukfIXy6OqQFJDprlNti6aqqydUpH4hfrT/GOELpDzfnTcIpav9leD2"
-            + "+sobxlL3euP0I/zhWEiZpdncy4BVxYVjtx7JnLJ+BT/oykyhGyIcVs4AMry7lf4PXLv5jD2lh1CqcZpHx65kr5a4cXZyjx8hvuEzM0kL0iUoAA1eySnzMpCN"
-            + "EhqQTa88/h8ZxLRP/sUQe86s9OIN01ZcsdhW7JFaEQkckeHN2KGsrVSI/ghSY/glUjfUFIFAdGTEFMzwADALXt0lWGvwV9SXsZ2RnG7gp5tNZO0GfRM93bGY"
-            + "YZZ/A2IggOYRtsO5gsK+1VSsDhlcpt1pbBMY9eqzqCDQKcfBuFcbuU/EJr+lsmRLZVQ8wMuvcMAfEanv64iDG+8tFs0sUZ9OK/GyYuym6D+IxEOM56GfxyLO"
-            + "pKJVTVQUrw24e0VlEuGTBVymUPw+t9V+ycEMc2nUOAGiSQrYLHT8obokmJ7d6GjNEDwhxoxTXoqPWgH+QL0Iw1jxRRuDKsYYTa93coWLRoYw5usQJltlk2O2"
-            + "YEJm3WO1eJ6wHk0ObmYdwIptPOmfZr17CXJJdLdJbmcTIas3xuXT9mDYFJYo4RGW7kBIkIRZbMr4TROy51XwAbjHn2oMDG8Yjtr3DllojJRIA0Gy/igTeG4S"
-            + "Ow2F1g5eqPBhIguyXBZanDNet6awabQmGMtu1keuBdf/U82Gw1AeV59pg1wuKdqhaGGKMmLvMcQvaL++MkoMnjZRBgow3DWbC5QcloJLK+1aZtHKeAg7x0ri"
-            + "Lk4+RECV5PHrZxM9nZW2yZ/k+MHzKzFUhzygeDiUX/jz6/UxmiyK9zvjNMSFEa+wgg6unCLW+NUNbWyHd8kGRD85GKyxPW1EwEykIrZ17wZciyDd6kpVFP2G"
-            + "gV1eUM9heamcgxqwf+aJh80y9joGEuu0ST2gVCEXqzpjfJnnjJzL1rtlVrS4LzVpumyZjwQ0l0BfXetJ+163dstwVYb5rfxj5mTDbPAjBKLmwJRJNYPmqgIU"
-            + "JVTqV5IDLhMGm+vy1qvfaSRLUf6SVuxQrE2jsa9EHrGskFe4ziRjNTiKbQfnfSMSGjIFVHuFRxKkZ4hBjcg5mXmCk2uGPkfGncusatuikzLRGJvgRnKjQ9Bp"
-            + "N6RyA7/WqGeMImx9St86IYuC5JHiQjy/aU2oVI7p7zf13Z6hwk0Y0iY6zwgq4i6y7NwoLabnNu89OfQAgnG0nRr1Xdt8XCQm0sGItDizH25CTW9Ozz8PUf92"
-            + "9oN9sBypZuT8kdeDIXeWaDjpDjn9T9d5dnNS+KKt1wTQUtVcYX62lFiGBDAvMCT9IlUD1sVuf1QE6bG0PJo+jo+oz5D0tqEWxGNZPun1KGEK9fJ3NHtf6HM1"
-            + "aBZBf8ECR7lMDe9MZwljeB4oRwqj0nZuvCy0VEBzEnOpp4nyCpR15ZIar586Zp5kWbXwWxU/9BYjiH+uPRPY1rGdYLtoNOfcESHJSQBSG+41dV2MGAdgcGL7"
-            + "/4Pk2oI1VFMN0wIB0Q5vxXTcq7QIjxFCxkEJxdpSbqR39NvD1MQm7StuXKXPGb7Uq83lB8IMAf8FIas7XlGQEeNvX6Tfn0F/4WYipYjdq7ZGTSLCbQ+zHMri"
-            + "G64Y2a4t2uxs9IILzlnRkIjdw/FR5AEXNh1DkUvP3nlRfJnsb1ANnx6VAGV04EzJ40TKTmwx0kGtzoWt8X+CzTuy4R0CmSfxWu+Qz+m8pipX/jRY229n9/b1"
-            + "kX/8wU9kV46X+OSsknRz5zjPQqM2i8VKamZvX7mHYBaQSr16mPl6oJDwMibJ4TwKH6tVUFuwrXTXNc5U2dbrd9O925DILxqp7ahOIH3qXoUBBgGmFjeJc3sZ"
-            + "sgOL0O5EHr4iS+GI61B0S0FDlSePcuvocIjfZVf1BuUhB7IKotnJEhGpkpHkogXM3VR8SXRX/ZnB9cVf47MwWvM4ch1tmyh9wkHom5ySuHBRiRek5/Y6/5i0"
-            + "9A8WFUcwiA52kY62DZel2Bh7JSdJsdRYOn+w1lpUpnJc2xachzIc0DpWtK573/h+uf9DOX1jEuq4FxYaqJNxdT9xu27w39oGlBkIx0NjKruO3MDd4J8QiTJf"
-            + "vdG/s+4mcltuRtzMVuIJGfsSnXMbex+yT61dMWeKE9GdgEh0suELbD8TCxxRJZ34hwQHB63Wls5fbEVx2dwIr/evhH5Ny7QuRdNDqzn67i+958Wvoce5Rg8k"
-            + "4oAOcbj23yaubnqruyvbt/T/j+eQ6u1HUqBB2WExN6B15gNoRCDjermQ4uK8afY/3Yr6JqR0lFj59OKoN6xoDoUxN0Uz+4JRkMOxOvETns2RdqOji9B0vbfv"
-            + "ET/fwmJ0qCPot43iZ9VL39KrJp8Bu1Hwf9TjZacBk25K+fYwX79gzGJGAehfp5pO4pOH8owiDP5zmKYlol793/6/DkMnpdaZE1ditXe1aDR8O5i8yJW1n1RU"
-            + "VmvkyOBiEadK7/i3oHTusd3MrYIE3YaxcbOOnTRHMuaqgWxiyVKkv4D+979QQp5lhW4e7DsRQdaoeOWHMPu8D4lUPBmNkZrvUAIKjabb88vdtpMOEImCa5KR"
-            + "Z018FfkrecysQ3bKUavhG8Rc6sKHjY0LDfTtXtAZyHGK/YxsEDlZ8L8j6UfjSK7ZgcYTWILP7ZQmSHQrucMbohYvErQVlGAG67ZWcsHVS4iXyDDc6svexxEy"
-            + "e7F3GDBoZOHQYgWdeaD4Zta9Ccc4Qr5rx/Hxa8ipTTMqo9elNUvwOIlfrAb07dudjG80JaUhG+3qsj9lGd0N7fU0T2Li5N41FrIVcE88I0mVducgYUs+oD9C"
-            + "478x0xyqaKTgOp4uFxAhjgxdwA6bIg9MRafk8bNNgMA7jG6lra6U3+nNw558R76nPz1ZCP5HlxfonSkm/SibArF933WClVN6fCD/fRX5C5HFhMRc+uliH21A"
-            + "SzAAOokA0Mi3D4mAZXXLM6ci5YeVmO6N2SLKsoDeMUsEfXzeBq55lBMLyxMiSXQC7dyfpUCKlLbpMj73UR7G0mswMf8STgBECPgB/6jH0P9Yw+CL5E+xFVhy"
-            + "FxVZMLSDmrj6YzIqQULT8rPSwwM+8lvhnt7LdGLSIp628rqB/J90b1LOCG7SmBoLgZjO4EfkZQw04oGo0qUT4MqCM2OPBFwn8cI0gRP59olvbsEH5ul63aLg"
-            + "MtWmQZ/TKWI3Ld7ps4jQD5ofCCKjl2UrPW51guNU2cMDbCLK7O/BeALlhdfkgplWj2v9vzCx6oZXuunb8qfWOtvn9vWV9gHxZyd7ZqqA4CR4VLxSnLt9+csW"
-            + "t6tneWl1TBI4djbWYuGjuNLau/uGn7M4eThTokgspYaquqCupUw5zPL1MbWFo8gEYgTy7xiGlKxDOYCjoVbvdkCdBljh+Ggu80KZXEXy1mcOOD2OEON8ixMm"
-            + "+WxMHnaGzuhsX7A6N1AYJQw894nW4Gm5rbuHulTvRWO2CFZDLvHANLdUU8VCD6pXZkSMqEzvY/LOSpJdh1NbEuuFIRJCL7cx8dJf6/OmypUvLq1zs86qzOYK"
-            + "zDwpItDkZxDU76yQVYAmglZzKkdhTUkGDi4o7JuhX4wTCPnizYZVOOk+wEoXHRVfi/C1LXwbHfitQTqy8umneMJNqsLdBWyArNDA74MKw4nC1G8WjoqPIG3+"
-            + "fESTgqGylxKH/7DCRWT247+R3Vh+4i4QfqWMOKbR/qIE6xikL0Q41HAcOek9aKzQg6pE3GFNyMGnKP4aPPyIKB0YZv8IDJtEPzBBZWjqNUHmy8C/FpjmtUwk"
-            + "En7wjV4aaEvdAZJRIHV3gH3IXzyZubqBqzsgOMXryEaexD2V9pypZW0nWYyNTHL4OrmWMzFSnOtepiwzGBqpeQZFbpNHmA6G/iy5GcO1JpckgqY2+oP6AKDn"
-            + "GIv1Y7mLvR7CzcWeOWnozatDEYMzRtG7orbFHMDQvExJiHw6q/AztocPIUfFB73Cmf84WSaX2Cn7CgQ3gGXngtznEbMM5eB7JBh83m+4agB9adB6nzP7eX/6"
-            + "/lIGapu3//PzaBcp4ppJgRzgpBgbenAsmtGUoSDtVTjpPsBKFx0VX4vwtS18Gx34rUE6svLpp3jCTarC3QWkCoCO0lo+7WFJ4wZQxImFdYvcDZ2xCiuNHTE3"
-            + "2oo4GgoKC32/eIndO3aTBV2VxaF6hDhN0gGOxyD7tym69y/QcNqFfF6jJ3mVDvh3GskwZ4KisVK206E0NYneJbCXld/CUEb3nSXog3QJwnHifWrcjA1mvRNw"
-            + "DIPtZSSMD3ecS4CsYGBQsJw9FbrmlzVK+/4hEUoOVRorLtt+gt7WfpblHSbhyJQ4WGrWcCGRF0PoAPjmVprBOpMHPEE2x2hERqXserCQC/WtFNmrsBbU1a4s"
-            + "0LvT/CRjUZdLBtHAyJOkEKzyQLrl/cppns7k7NGQkzNXMSSemDnVaG0SWt14s8+YaHsFL/Lj1DcSJ8l25VpkNMNRdlnSHkT9yC7e5TYncS0MX10QNV2fFeYF"
-            + "1Tmk97dDmZrAloZQjS2VUxdKzTisTRpIggb1qtGL1nbbiXWrrxXle6Ftb15ffQJfjjbL96AO0KKi0Yq9gy2dAXueXr8r2FNEVJm9EuWPavqcwJF6VMCpkGOq"
-            + "hvfuiFHQRW9q3QWEZYGOwxQCXNTbMe6SGXhYCBsCP158eXWDkRAGwgL7efYLun+aWoO3Q+OkOYspJAHo7RgY5dfOPeuBQNUESHXo5cUsZko5onUzcNjaHza/"
-            + "9B9eRhcsfpKuCLA8SOjqlsy1Uh87RXd2O7KvAI5O5VJQ5qiX9vabL8yzbKczE9N70gv5hahM7rHXC1hFJYGzCzvk69WASFJsq3lvtOCDk5zaUHIBZdvton1b"
-            + "DkQi+xWORkcKu9HTrQ8uyEkhqoTX79DUhEx0xFqREFL6QBwCwWZTucZ/j+QqshQPmM4IzOFwlShWAJ17QBQgT8d0NbRDLJDtEEw8B8uzlduPVBzeSbxBKNcK"
-            + "2bWb5XU4Ibxhi3uHWzMwhAHTXYcYn8nQhSdMupBq0I1E75VG2VG8aJTlqL9Sny+c3KeGeiOqBVrX/7yt7l4z5zX7uDWBx/Wh+hkMELXBY/hAxG/tKhMKDPCM"
-            + "FA4ZfBP69KGW/5vxCHEbpprcyzPla2y+/+E2rxQsElQDuSwLYCJlRwlCOOCIJKkulKNDsjaiJBuFUMtqjNTKPktPNyRFbKhXMDXKt7CZ/gs8I21Fz3CfzWrb"
-            + "1T+V9AmeEkFrQKNm3seUmaVh/o/+JTf69qw5B3rzaO0IcoiAUoRdPqSCqJ4fZMgDBNsCwfHlSBodMQrKPp5abnVakv47LPtEy/qFRuTjkApxS/76rWOclMUr"
-            + "pcPrLRkccA6C8DFnio8ovl61sRjhKDcvbpLlu2D0PyoM/VQFo1eRMM42meKaMVQNe0t2U2Nd/YnAzE3H0SjCRo/erxqUMEv0bm9a3p+Q4Bf205IuwZLt4rsU"
-            + "5T+P3bJdkrqE1SIaq47WKbx9+R4Xjktg7oqhc7bv5/BEdiWtixHYtC3v4O8KH0W+DAj/53Ch/qnxiz2iEp2jlG9lhYTvV+Asq/4p4Bucdl6Hk9IRva8MNfBe"
-            + "BoS4e3/x/JMbSs6fNtB2UqrRgm3vDUD+pD/Ge247rEAAOclNM4pT55nWvyltT1/NsfrJo410KLN8aL5kQekcJB+sjlHVQe0p+YqbyoBWhqE7SJY4F65rneg7"
-            + "2VK/jHxMf7sIiS5af49rUwRd99N1d8YRmOjp8gfonylatMCKvs+hIT0EZvYFEF72JvNSNUcM4vpRr8Aebutr4MumnAL5SPmPdyccDFdwhKqVUiqYGVEOh/nv"
-            + "wQ03rm+LvWGgfqXQBA+T88c7Q0EXRtRwlC1gduwco8pH0QgSIU/NcdTYTjt3ouxpcn0wUq2QMN7HsH8En3O60hUuM5qSXnKRaQhVwi5fCc5EkQLqphsHW5X5"
-            + "wUNqE/AAcgZvhmOdLcA+IXx3KLaYfsu00SQqQFV6/2/YZgr1byG1X6G2YyUKy/CFWKMKb2cCEjxn0cz12G/XqxD6yRdu27putzl8gl/JMeDp3jI9cBz5H9RF"
-            + "WlAT6bHSGorJv0YIhcbrd1K+2yFG0uaECKRfvYAKwZpqoPZX4kyntlFcba0n3jHfXnTizU+hbhJXHQ2vyB+nLIRddOaFqKLcsq0D2kLTu+8R+mzDRblwP2yV"
-            + "CRjIPK10QrTOZjVo5CDxJTJp5UFegB1z6WkbdSeTsP6eCL6jsT7Jc+vBqL+cQvM0C189044JX4RK1w9VqpSGlrWrAkp93MY5AzQ3n8v1+VveQfrqidp9inh2"
-            + "yboZ9zOhshBKpPbb9t+ZtPuzV7a73nd3bGcdIff4KNppogWJi+xLYi9vs0cxjCpAugBFr26yb07i3F/AAmsjYwpHWwa5vSyPLGrpixCbkd7hs6Y2pCeT6DbH"
-            + "ecv9FbUFqWOD6jWHFAtCfn38k0qO0IBpD1muxVmdFDfhfNv7IfScOukWiwDry8YKo1s8ROzv0pYMdb2Fa+rX4eHEw36oFgjsWP7dt0yWvkDrQv1duaw10L0N"
-            + "1aRLz0da1Zp+0lVJmNIAWb9BWdgriJ3VaTArL63ynq8Oxq8rLNZp3z/J68ei+6fV6bl7BOyQ4ulSjztJNIMCmf82ndiaLs0aUOFeuXqjncEn8e1Hz/A9JvHq"
-            + "kQm66eN16kp/uDCh3gSzanbphjchLwDQQm/FdntU1YG8M9/stnxE85dxMOo6IjbcG+srZHuRY22ZH1CbwDRLtf2sff9xVfA+QSea65i0T+WhhVkPN1awIVCa"
-            + "wsmCDBxguQZNStylwegsDH80jLeQtZ2PR4Xvs8kNVM3oF0jvJ6NwY4O+Q1UOVXeSLDdKymmW269W2xmzNu/fPWGa7w2//719jvB5luHTfqju5DmPjJJEhJEI"
-            + "N3I357uBwZdpbzrj6hUxDQO6CKS8j9sLI5otwtJBC6jQ1O4i6H/XHUj9t36aDVE9AaKYdm/3mlCC5dzbc0REyxOsPeiz+06flKTx+bWLEOSqLvxXe7aGgDmI"
-            + "nR4JFuE53bdqm98t09h/KX6QLPnsxcTts7+XjG4fWoOhrpo9eyIm8VzYRzfPAmQZKzXOB4D49+pZtYF6oFRsNU420q8qZDrrMztUjoCNFSVUE9gAfl0lwUI+"
-            + "jUDXIQYNo1HzC6sK5wsc6yS8DBZVtccMYtlY8a3apLs65Y9HMZhtQpgM2q+QCK+8mStJL1jTJd18IQYDdpPrnR8wZ2R3ez52fT/C/iOAmRsSKP2MPPHh9Ee9"
-            + "y4oKNy9+zBBsXSyU/8P6WC17Vsjd+9wgaryp5I926niSwwIpsAJ5REMMQ+65vKjs+QayloMkfzprLdhEij4YY90RhSj8WjNBwCax/h4Y8Ry7eysHu67gLN25"
-            + "6660NnusUUN+isEH4ZnFwnc6HvHZNEmSH+LsLhefG9SdS4k68gh7smr9MiAC00HBvZVTQgxL5tXo59uBMMiouoeDlV+HsbKDplwNL5vP5AV72ZqI7UAG0QSq"
-            + "iofvZu9t9vTzToJHGwlx12Pd2EIMM/kPZzsbYc2PWbdjfkfbyNUtkQKSSB5BG5qrQTsoC6YEIQRVqcflJQHQEFVxwrdnwJEDyZKyiu+RASAbmwpkmGsCb9F2"
-            + "x1VowYoo58CR8LmY7ntqvVlASsaIiUfuceKp4WaEHA8nQYzKgOVeynoi1nKwPQbx+hF4fo+VMTG51wHZFkVF+m9cYZBN7XKQe3243v49UoUjucRCzzBATcws"
-            + "ILXbzopuInnHOjicNcrvUR2H6QEEyFwD0gqlkcqf7K6MdhXe1pdaGSE8Wil2PBvc+ZNcanAX5zuh/SewpYIgAm0leiTIh4GfX498SYKCSfjc5ErBvgOGKWy5"
-            + "rCefedVpRplpc2gVBnZ69AB538XCmQesCkUEBBKHB1yVXxl40119jKxj7EHtjs1tleVEMI/X7lT9LLWRa5eaZfb8BdjLKhggwMW3reAzQmLxBRJRYeQMDrpU"
-            + "HQD5acCsnda8W444lfP1mKYgTUEQbwm7FIKlfOZWUeh+6S+bJHHdJJA2EeSJvsSzAit6it0VVMmkgdB8LVZ2NytlJaEGG8YfnQTLHS76VxikvM2GwqMhKm5K"
-            + "uuxUVCU6csMgJPnxbqsAHIuUlXnBa5oqqOGV7GQg7MisCyqi4VQYPtP3KJHmJMDSfDtNrP7zS9GZ6yD6VoyWUaSI3ypYKS1ImYLhEsKKKdzkcGnq4LeTmHZU"
-            + "2vXrnZCcrgYEokeWbK3dYbHqexNwyO4BghvBO4mAWEs5xM1r/UVyyy4st6bp4fhmc7w3wD8CAn+/CB7DQdwMfgnzmzjJdCoZPjFnOqep74+fp0Dmgr1hikhd"
-            + "tIIa3oQKW60Da+gBLa033/L0KA0Nvu6eyR+uSa3SdDIWKmjX3Xp5MsQdfnyBnf7dLn4oGglarjf8ByqTgIrXVrjwhFp33poNcMFcgBj8Mn8F2nnTAVwwgz/v"
-            + "SY9Y5HyS8TWf7mvNE/rXoQH3qeHsuB2gE5o3c98F9fIbbE/aoJX4lCHhaJABTGnsBGnux64PpvvkQZaKrrYWpRPAZa8avYI7CUdd0NJw/OCNNbfUTBlxTvMY"
-            + "kbSmgAfVUFIvea43sygFtqhgBSDj0RTdEUWcPe5ExmtVAOTRgpzdUlbfvvRXwLZk92dsBOJoozoWPLElDT2cNV7Tq4YKwGdhDGWuTSaJCvQUuALwvfyBkfhf"
-            + "1jxnhoA526S+ns1qHxaJFfGaF+kCRaLl4jm3YKbXNcpNtLHg4A9s0PBXQXIJNObS75Df4QFN9FAcClSBDiCGi/3UtFLXbD5UuYacjzWym1xk71201zGJDmkG"
-            + "xMvKubqg6ZxBHp1aMgshDku0sZN3sxyLGg4m+k6ZlvpyM4myIwpSxOJC87TOWjMqem2UJgSDpxqANgVPE+IorHZQ57EJQ1JI1wqILdkJFEEDlb3xfnIZm5Yy"
-            + "OcLTGp4vsk0kSj7TEMYqrFpL5yG5r5r+CDoxIVaedyId/oKIwMygPJy/EaxX+TQ7qQa/FJt5PNeDOSzP+YTpDTs3v4aJiAJwebkmYZ9sA4sJAHSaJHsRmcha"
-            + "z2S3IwZktXFUWg3NSsASZlJ9IkdCCEy2QJIegQHbwGeIJFp9YLkxO+fcAip7hr25xEGtg192moRSymgkBQxViOC5urN2XLeOZoDwlre5p65tmtX8iTld3IBR"
-            + "PtZLacvehPMY6w0Q/gcIHhRxkXEUS1Q9zD4pwdSHK4mvEa3fIwWZKfv7eGpnHYiw6cmbiK5RmUFFwN7FqyO+ogAMu9WeNjs3SWfD2dIM5nnYKZq+bwXKMvaV"
-            + "BThVJvEHcMjL5acFh2HpCLfCq91bFPVnNMc1zUVyQY7bHkaB68eGTpWutgefp5uG457f+6tiDNt1AbFdgR/32Sapw4wiE89qNncpZjq07enBIl9kBpBDWdyA"
-            + "aE/LSXiItY1PFEf1Ad1B1iwwcjmWyZNSbI6rSjZFW6LOK1RZ5yiR1q3HopEfIT4K0mMxoI9PW5FHvVnb6AUP5b7o4/kuqh+xmllAFwqgjO/NfXIh0svQvPPf"
-            + "Igl9yLXhBZjJVxJMi4aWWKzvSqSueCQHEw3VUJP5WpTBWjTWGPZxb4xGW3X35PIyaYBlgUUtVTN55JxUC+yxjM/RvEU2JjRror97sxvXH1Bk/VoifTB/M0KR"
-            + "qSgqU7/DFS7SqsTZThUIj8Skaf2AOhvZOWqlMecyoQgJiCnK5Y7Q86MPWktPz35vprMZS3QH4lcy4fnbfj0KOSb+5yq4mVnv+ymH+r1SBKh+8EGepQL7W8aH"
-            + "PC1kzu0c/nYPSKNdk5Qr3wlEN7zNQ9gFCGYnFjtAHuBB3zTxtKgTLuleqNaWyEc5XIw2NkZfa9cVPDwMDSEkCzq0xyqJVEXnKcvhxIR0nx/eP+8rK8WnpKJm"
-            + "kXXQEIhAfzovw4Dp+lMyk2sm+KqdIec5sG2xY9feg5wg9vb7QQJ5nvewYiIvASeVZhckXGu2VLflZUDDFKyySUlsnxQz+eu/DMIURh3QnmbylXezl6JXFRRr"
-            + "k7AHjjoUXnu7Mw9mqUNesa2OpU9Mib5zmJIkWEj6TMEWGKPPHXhgDbmbs2YWxJpwOsewVrlX+Y0WmtaDmhpwTzyQHqS8rZlmefUtnH2ItH655R6vBaAdDC7V"
-            + "VpUENgOTYjyZIX9XG7D3Ac8Pqs9QSMKauUaSBFR1Y5RV3qL8T+0RwIh3vhmwdlxap/Ro8kkMH0QIFOTVCMENajIEaUsEDRgLqK40DK13Z/NcrvDxXXflZzLG"
-            + "Q9wsuzHnqYHm7ZUkZSX68WHMt36zISJeRnxNreowN6Eu5MkliiE5cS1EyMiUZjYjL+B77zk4K1n1qQR9MdweATk2Qdmx84kerG53VnwHbD/w5B9FPS/ivRM4"
-            + "vih9Y5/GA926ltZPPuX3bWKY26l4KL+XpXFg++RyMr5vITdxTsk/P1ftUm5JrnIARPxXOpV6ZxVmCqvjyPrhfFaWSS7UUTbjDrQIk+EplUzoUCahZU9XQ1C0"
-            + "5VzA6PbzzwFZce9LHxT/CxS3HchbgdkT3MMDXh+aV+H7dJtR//QmEemOCy5gqdgo5iZNDQ6c4XGCY1ASALtfQ3K9tojwugC7X8PtS7YC9gp6tG0JUzpQBDMn"
-            + "cbdaqUAO6XY6sF7iHe/aijJdhSy6RLxq7lsxR20qcH4J1L4/67h25h9ciAHymhMKN+6XVibQfyZ14nXhFxgOjLQtGGxNhvqQZc6klIUJJSLM/FaYKOAl7A5U"
-            + "Y2+7nFpPJyPPWdEqYarpSNWkw5wKydRvcWlAml0Rdn7aZG4pIGXaMv7gDJJcQFZXo5IMrD+UofPGWHBKzmhEDXIUDrP9xy/60v0qsjjve2pq4swkR8HJ4uXj"
-            + "QEbkME3FiXF+g4M87QL48ISa/v+C3N9aJUcbc2mHAMqS5PfAkbBG6K5wZ5YNPMxj/XachD3xsAVfad03gEX2/y5zRoBxp64qSL0W8jVD9Z2ahofv/+DjhkEj"
-            + "TVUHoF5N8v1PHYVBBTPMP3bS74Iuw7emP6MFNL64H3yxhNugevEipDLa4+spcD1HpJRPNfW54adVGMtmhZyU08hIbJrYz06xHLBsOlA/o6sFQ2JCIH+vAedN"
-            + "FqwReRKAuC9ERLse4W+GJZdIiyz5SKUYIJYCevxVkD8p9N95UdA+s3Vhy01cCz5Llzyz/jehiRwRPWA1KN1U6OZPmd87nZGzSPlZAmsSjronuqT4/EC7pxPD"
-            + "zAn2qlSvSHMPqCLW8X1IzQW1zK+WqBoIfd9K4U73OPiVSkZpkbMddmuStKEVByxa2SrAbUqKuzmIjDtloVRsDY/y7HMl6o5NaNq2tefeeo8GOThiXJtHP7Dm"
-            + "ab6/0KKnmEIh51dtZrbsRBS4SVD64XsgABTQRxqAJsFne0u20gwmO3CIUAGqjHMFC/xL9V70Bylg6EsXDM8CRs2mQfC11vh+KvtUH7XLPmizJ1IRXRSgQ6e7"
-            + "WEqIp5QOqRTBSuvw8/57ZGssi6SSvuTBCd98ukvv9MmpoNRMQNk5qQtXh36vjRQm+9oFTjNbu72g4l1WVXhW0IsI1XAXlMFuW7lzxv+HNBVbdLsOF2LPOrB4"
-            + "sEaIosCN3CYg+LavTCJHWqfAt/BawuR97wqPDjg2ldJU2ASTTHND6SuDX8fOO6/NL+1z7X7TVD6/MqJv9ZhAbxyjKWyL8z6SvD+EOy+TN+38vmI4UXMGrigA"
-            + "ZYAWwecax8GwBmESTc2zewVrLxm/umUc5BcbDNozwfYwV/1ouJXP3eYiWzLK6Suuy90nNmkSwPzX8dsIHL9WqLRrjDq0+U8IFFl9GGe2BnivfnUMpICfliAG"
-            + "JyIqYZ5TNF7A3Dpqjvxbz30ifdKszzj0VRYzwhlSV1XQseqxKD0Iw695AKTM7AuWuZ1YGIla3MSIc4RWmUDqJFfnLTac5+yQ/LsSDUf47OMfN5XxPSlVj4M2"
-            + "hQio4aIaiiX2N3C9ZKF5N2TtGkl9UVhcyWEEPLCbvfEtK0BNyVYn5ijjpathskcKAAYvNeU5/7PKi2rwE63Twd6Ygu+1wChWPa9UKqZpaLzRIQ+zwPRoBmax"
-            + "joytMKq+LpXwvh9ydRQ3bYUL7DHNinUH411oq2q+GMTamCEN83+JN3MQcWiPEVePZ+vUuYpJA79m89zYBetAnI0PT1pWYsrQrfGJ81RIbXz44SDbVIf/rrtr"
-            + "rgZc6pUGfNjyjy38dhSwE4UJX0ryTStu0gA7Gad1XiqIuSX9hDyEV1uS6IU68Qyf/mbgx92bMC6OMEIrYvIfzdjnbb1a46JcUyqTaRPIk14icX5B/W+5ETpy"
-            + "eeVeawdnLV6fn4R0BcUH1lhpqfkwBRO0DisSs49XizmlFRe2VUOXf60DQ1zkddwezqqblFHfjbb2ByWcQsgMPenQTmuAh6O3uz3cwao2SqzlzGpT4rF3JkHD"
-            + "m1AFUmVD6FsaDU+fXG9k4W26zF1XRThE71REYmQqiuIqOdrc7RLSpmLCoAgJLWsbv8UpjNCrOPVQLSfKeoCm7qpNjrwvCXEGC5DmSujGxWnRH9bolcpOClPx"
-            + "/UW17YrgdLVdFBZ49ICvFwzc61EpMPNcZ0iSrFRACRMPQNrnOIuwR5Pc4p6hc1nbTsDuQ0mknZN3lJQELPk4bPKPtWh/5E2hepAiHE+sZyMPvMHPjCv9LdQu"
-            + "mU5FGYLAfg5LYfk5FnNnYE/0MI7p+YSr77Knw9ykrLS1x0yqOiLJUIeceULR6SymNxv7tpF+XHNJLEUh66PdXmfXefdxBZsjL1laKpAmR2k241Fu2p25w4M1"
-            + "2qBHAhoxKp8MnKfXzB8rfa9U4G51sIol2dgDaY4OnlGOGBTLh1ASqQnsvaAxK2EMmJLsk3wQ3F+mLsW7EpvwfG654K0ykmwdn6yiW+3UrJaQlTTIZoHdDRFz"
-            + "elS9nFjo/cn85yIox7f7RPVBMyGHtO+w2BJg3amIfSD561iWaI+omjkO/PfM0nTUFE7LasPOY8+mKpHHLb9CyV7wrrBHO9m57Iug1HtizC5rs4puo0zYs1+E"
-            + "sm+PVy3u6yNoGJ9UruQmdlDKwm4WTTIQa9dILSjCJCmYxy59JE1GNjwuIq/5UepdL2qtMlVQRXkWmAyFQf3POblVsi1MTtAMeObq5XkWv3FbhHx01cnqU9nu"
-            + "PnPn0qeSYdug1ULz4ba01uiIDwECwgm4XSQvbpuz6t6utNHCPPo4jBxVKzC+tOJTV5+2MtWbkvh8tjtqRuDtlxm3/OZuV2GafrHoUV476EsDNCHe9+8Vtbo8"
-            + "HYZ1ILN4I15xGNTnuMgv9VISQXP0zjH6JMvle5qlNul0+lU9lmg5uObF9MmeDC+XB1FydRA+ZwTYVm4n1S/Vbn4xQjtqH5SaTsaU1N6Zx7f2m4k1iO/h6hyS"
-            + "sxZHFVfCV8hENWNGgOaibgR9zvKxnJNmomL0fHaQH3qJEswrVCyy86iVpEm+bt1tQsGoYfLy8+cfdgT2LgSxNecw5qWWiA7VvUIpGHHZIE/0cJQt0f5Z44Er"
-            + "mH78NsYIZggdYDqLpgnAmfJd6Wrpz5XpbqwVvjQcsGCgWbobMXy5LR4sGw07eoMY3eKJYkuXNAlf/Ar3n4gxvmGZCxHMZikmmZgxGXeKo852A8UFniWl1sa/"
-            + "ctU/F+8mlL+J1UJLDoIHtIR9w14vOMggljYGFxmutEmUSyzk3NQg0qQtYOjhxvSd7U6b5QdIots7s+qXitpafkAwCe6scvl3E+phKngUkXPrRHBkHLioPru7"
-            + "6foYBlLL7icUVuw5W5aqzyUytYG9Reko4/n1BME8jlGqCJgh9FBvs19MdDeOFRAyu8ZFKdM69LO2OTcMnDoLUHiKm6kET6G9fJ+ua9x0xlRdczMPI9h3m00B"
-            + "PktOJu7JYFlwIbvZa90UKmWcbunY65DaGVYF1GQqK37zlE2XKm47cuRUrtILukSCQw4CUyeankU2waaLlVKsKyo95G9h9Z3hv3v1Ji3brqWixsMwVO2qyP6K"
-            + "jzSKdTtjyskVAh8TYhlg0YTM39xVmp/y79/OAqo19/oGp90SmqwccEn5mow2ZwlrQR+ea0fela7cHM9+NNfl9Qdr2Kbv18hi75bgVx4ib5yJ1Tn/pM94BEr7"
-            + "6KAMlMRlCOirCbWadq+utaVDy+VSsD8NOQanJyicrjRO2exssEZK4A/Nuo9ngzHJN7fPpBf+XhEKqw0ztSG18ZKv+LgGjtujpQNGIDF1UGFftuKJ8bC3uIcS"
-            + "oR7hj8fLvTQpBYOram4Sldyjpt6jqlA/UQQ2UScyfk7XfnCsJyi4cBpd0xpuXkIxul7mnoshH6KoVYgyQtynzSjcHTbHtrHBiu3iDbCEfwqZ1KwibpRbhweT"
-            + "hr85Qk0QMBjI1ggObD4g9ly6BhTHdZy1DC+lmYZe190j7T9zFLItG9UkBK8UzP0Uc11HiK4yaZP3q2nHXl/QOalnQAaqWBO8MUtTa8OR/FbRc/a+SmNI8KsC"
-            + "TFTnaf4XAgSxCzdikLBZTzhbTgrMG7dYGdiNHsvtQkyevE6ehcXz2jwbGbnxCG3X8g33pHEbumJoTg2FGCTS5assFEC5XMWPl68HXfZn5cNUlXFk7NWRUqFJ"
-            + "FZSM4DBOq33cPei72NvwCt+hElepKeWah09YnlcHRhVHsFZPNV157wBNjMwXMfteTdfy0T1Vg/FzW6VFDpDtf5+oOEPPXGwG6koadMmRNQKTUVHpp30GYC8Y"
-            + "7G7lC+anPK0I6XHsHNFm7LWc6c4GyhdI3/ghAowZlAdZUzlLt2xGz8e+gjejnpMaiqZT0Jme+ny4LZGjjIkGm97nHMTOxxmjnFmSuuwJXhW2Bstag0TGv3vN"
-            + "WjqrqEArnOuVUkDokZLRQhdustLWhYH9uiLQFPCoHMyvpC1VN1QeIACUWYHBq4lTAHs28wIwe6s2tt8PcfHAlsqUbPI/1YciLY3Gsc2B6k2EGBJ61VxBOi/P"
-            + "rANLb56J7vxmVvmeQcCuRKlTSZM2LQQiQZOAVQFm1EOFlFS/BmAZNWMb3ze7/WLo9n9YcJyuLH+7eicFZszq8uhVUFsA0EeTWfuc5MHdP7wWljcgVLxb0SYX"
-            + "VrYo0hILX63Xh6uw0YtbdJ88U9rt4yObLCcFJ0qAfK6k/I0pXkIOz9zH9cnTMzRUs8oQDFUWSORYRYb4GL6Va5hwIsKQAU5fblducUDzFt7F/Pb0k/OFk/jh"
-            + "a/wdR0uLZvb1aTmBznolYGDcISkX/vd2p/hIMp3kXk3xdlrtKQ11l0j+T1xQGh+uy2X9USB92GXcLZujSpIDNgoOcPKJ7G6x+E21NqDF4uvCMe2yt3lr9cu9"
-            + "urDWw0/m2L4tetCxbBaxjduwWU7ydtw3972vjjNVvb/tt9+i0yrCRD/ddJ+bOfjc70O0Gic6fPfCgqYtkrTbmwovMZl5xSDoNekxunZQRGHUJ2tSIdRhfGzG"
-            + "BjjqHH/e1kA0x8DeVCNlriRhcfML2BVNHvIMPP73fA33ldvrJQhzm/r0kh9uu+iVFPJrQMB9ssVtYlOewhjNW7Bdi6QlgqKkvU1Lw6Mh7tbcqkR/GBPM54nP"
-            + "b28j2F0N9Jh6ik661CdBEx0a5CHM2MyID1yCA+/mBBhReHX+cdTWlh3GZijIJdqZRyLGe74JIcTTB0mgHgmD28bGR8CaHM2Wa7CSbfdmCqdPtteV6CaDOuV6"
-            + "nqtwf4RQenJaZdCqpMiXOdXkBIt8g63eB1CBtgCdEG10ls+TS3esFy2w7wdpfpMyTWlfqZ77Tv0GCoJUHWOAfn2cFfwMKPQFa/Bm1dUU3J8iUCdb+fPiHOl7"
-            + "AzPwNceJTFH09N7nToyVCtSfXKbhAaadHc4iSuXPBK+0QF9xPNzyGPWYtAFTLQ+uE7a2IOib1lAsH/Z+ADyJkg0m+eqXAvTSrMzDzqabQ6+b6bsif5TnUUly"
-            + "EywtQgoBW2F0lEZcu8TP6f/RacpN5hcYzM/zq3IiVXSU10LzA7ncI2h2LJMDJvIh/AT3P27gAkd7KljHJxr7da9BxsqutKGGYQWAbv4R+8OzTE7ykycwXHQ6"
-            + "sIV2M4JfV3kETvQqoMnHbUwPGKxS+OD9nBH/oygWAOCZbqYPGgODTuDgIX+yHk9TSyXDzeAdtvEjc5Gkndu54V7NnsJKwlEXeR2IkmQoMpioGGzGvngL7+5M"
-            + "aMdGexMCKPchN3eJ03Cr0VN6UiQDiTXo/nS81HadiQep/bXHE+3oiuoYZhm0U6Cibg+jc+fjH9doMsrrCHRzHj/kRLyns7tC7U91fPeXrXcjfBWHqLvkVbKB"
-            + "ZWWCDcWraQZFH9dazdDQLiEobqP6clYsV5e21hlFPmNwDXhqZ3UQ/nJlYhQamJZ7RTm9QeUQsTS4Y/NsbzJgZiaOWIdGNOvrSwtnID+1THCimgeuUjiGkxSu"
-            + "RLl5/5cItBwJKbDE0av/0EkxunbARiIVIScLIjWNA0PZX79KnME8nvXHgGK+NY6auc9BR8dR1RWAkig3eD25/SYmJep+0URJRaVWPb/HXBw9nVxI4nX+a24y"
-            + "nJh/rWTiZsuEIENmGF7TDS76YK90WFNKB/xiuPf8ttNsWmqPg0iC3qTM+Bmculfb5bCNHsOsn1ioNl5tk7ObcJ7ngcounp9YnAyxO+gxav3hkOUhsY2nenrn"
-            + "vuxsDh8yYgAecbXWY/jN0/uL7HobncpBltXTMT7FMEjdqYlF5EpGnumG5+CQFKPAzPtmLn5SlqgpM7FfBFdyzW7yE7pKmm8EMK03wq0j0kWQrVdWcmCa6yWk"
-            + "ZT2kLzHAzV+/jIGVOcwVXTOd/bQYIXc5/ZT8Va0vrQM0RR3BA1Cc4KIK4eYPtD6ZHdPsVy8gXDfKYkAKxc5I4DahGVbNQ4Y1rxRDzRnAYHJEGUJaK/CD7LuT"
-            + "dSsmnh6Y3GEaQ7CKeRLV6YRHintsEIcpVwsS5IW/rVbxFfw+0ZcSXcoBNDBvqowzI02/Ttadn+Y8za7eITbKOx9i39solNWouznXjL2nZlobyA+z/hckWLaP"
-            + "uFILRL6oZfftRmaRCTI2aEwOZMeu7YnL4nHPVNT3KFwf5gQo27M2Yebp6qx7krdbmiP/gc6UGqGB+B94se5ydlydui6xK2xY6Vr9Dl4z39cHNRWm5kJgrq5y"
-            + "xAu1JmoGbmFXTLCRDo+8B3saSftXDj39+1rc3488IrTS0bCubnvutUmLpZeP/M5Vcj0Npkexp4IdeuhtOzKydbZSfw1Fr7ttqG+4PdP33Vf+mYOu/AqJ9rLs"
-            + "nuBuqpdgduHfrIKHG6XOFQY8/LjkM8XGw8xKz+a2/Do0oJAtomJiRWjEsDPhpe1gWHlU59AF6fDrQHLsromP/T5XA2KTK23ChEMKnTryD5evhH4FC4KUOVh6"
-            + "PjBJtAHpjTzHGY5/MQ0+hqDXVksabkEPaVFaCwSsK+XYJaY7fXY6FGHYN14ssUdCkSOKfsMSB9eLBOSjWStCyoSHxZ8Ys6dfe5VCvFmQTHvMh9HBIpp3kcDZ"
-            + "tFn6FVvLgEo+IEptYp6RHweD9tvJeRIRLXU2eJgkw3gNMPzpnUZHZRQU2GfVssmmvyAQ0XXK36LZW9lVPqAAkjvx/Hm4RxTKg5ejGSNvNGsYM0VhwSsdAip8"
-            + "E2EHv9cCl0f480t0JsBBU+Dh3puc6nIuIdsPxnUEFOE/T5vnxcRU4Qpvb+wtax7Hb6S4luTSdAmnPGQXCSZSfca44WI59FxOi/Glf1KkR82i/HExwWmPkHKs"
-            + "15+2YsdtLkZFbLYm2fNgzzi43od0DrAbKYhn/GZgaY85kHNHt5n67cnVMlomzIKZgNUR1GKYOeFdn2Y2i7j/zxNLmrD1juemSh2e9w0L8/JRIzhSsI6ke2XE"
-            + "C5tUd9SS+WYBZ0wigh8WQ/8B8y6yuwDGqW3xmzyhnGKfhbmcLvJEAK4DEg8XxVkuqe7qTcEXgG9PqqwgZx9xmK5U2tIwifFA1gQGfP1PkkTrhK3UuJjYs7WV"
-            + "ienomP1PIS0S5d1c3oHkGC2MtNb//KYXHmObIpuRrGn4U2CcR/fYS1Mm+rnVRn/D7nYLTPWxn9k3iY+Lu4Kuh7EcHlrVWkFTDaLK7L1pvbttT9hHd5mSL+st"
-            + "bJ+NPROhRK5ajC46/iCV+wl9IaJK0gXxKKIha8ReRcCr9cXZ7Cyfe/3YxPukzViVSRkXHdrdQzbIz6Q/QAsk9+L3U8xoQgtVzKUSvkDuwc7xP0WkW25nyUO8"
-            + "oHCUEB1E1hs+GlTLGPlB9szoDpuhSQ/sJanzpMYYKP4jG1iq3VCYpdshrnufwWj+d57fKnoyuuVP9Ncr1Ima+BBmBqngp8ycDHLSmJ4W6OwwxVXPbXzP4Vlx"
-            + "JF1rsj6+a8tobGOJ4Ra+gqxQF8cYROoma9runVTixfGr6BjhvhAlrxV5y6o29uwILLHOaqgKYr/X+/2WXitPuOan0BOKGhqINjOCCfIDFsT5tX3Zox7B0ppO"
-            + "Uuymho0I2USb4e4FTgQ7O/m70DCaajDvmHXxvZtzvAhOaRY5LS5gdvhKZT4SaocMVl7X1jrEQKMQY22AKAWbBf44UO9eyDkhizPFaZk4QdC92rA7bsCy1BJ2"
-            + "aFC0YaKRfk/IcvepW7tYF6Y/Vk96vwEFNVXUF7YjNUFzT4UsLWwLqF/rlY+g26QvKaAwPilu/PUORlNQgPV4XMMBa+M0ZOGRdt88rW4uIwNDvRZoUMLfbfQ2"
-            + "lqawtkuv0EEBz5byCAvM9F7b0r7kZ36ODFDEC5CNpw3iVkAsCnjChWpSZ5DKIPu4MyAf60iFTnb38hqyscjqrKcNqJY/W75sxdrsk20alM60sAJgSxNBsCeP"
-            + "/mXO3uVR/xVrdWjdw6SrIBKNypMCv7QfhJughq1jbAT13ee9FRNk2guMxXwNpNnSMgJM/i11T1y4vPufOsp1rGJbZ1eAXguo0ZrLnuLGgL11h7cwhhAo+KwC"
-            + "/s6pSAOPHZdBHjxMRwgENPHzAMEmiBxBIPbClrC9PvHpkEHPLS4Fofs53JfYubfLgiOZuzeQxC95bbbWir/EibZyyHCSI6FTMTKJpJfwwlPkLgq1H5umu9LP"
-            + "lxdaD/y803UtXXsETiM9ccKye3zHqgaSYdIvwoJQ2DZDh2JxQWkj8lhA5ieUmtKV91VG1lUP+BvZQejh2Bk6njsDHnepbc3wQgUtEkVQdT7hjXTeyHJcznX0"
-            + "XgErqDlBK685FcK/yJRnZQ9COiPWABn2YygGwT+1Ascxys7RMxAQq3Dt2MnbChU0YxmzNQjVtc5v1w0/9bY+toVe4jk5QrTdZJFfNVjK/hMnuuA9VOTeyJ1h"
-            + "2pZ0TkjgwpegcI+a/EqdhpICbZuAHTOE3qXf2hAr794RCCG3/3OQdtPWFFNB53F5w6RLxIv6QLm4fby4jMQ1SAxlZXCfkywUv86eQqqM0bVcF/+hBvadTAZ3"
-            + "t0GLeSBO0XrC7WwyE/m3hFtG+NfIw1GQI8A1XkASFC2TGwVwqR8I8jbebepJJZYI9ps1dtN1GkiI0x9FaPlHGx0mdimbmePqkroQIsBgtm2CwIs+haAWLW8j"
-            + "k9qkDd8lrUOtoxJiJd6cQVKNJ9epAuoeatzKn+yvFz9S87PM0liWzlNWIAbZpWUlWnX7jCPHAknRgKWZcuDwPGbQBMXkIEEBVtNT54t+JdCr729usCI0xVw4"
-            + "kidZksb/blZOt2i/RqBbAHdDkJesTbDqdwoTe1D/V+hSOmpbz1YuUMPe7rHHX1jTfBHNqMHV4GxFblwpEiyCUbJxurDBT/50T7WDPR8QY4q9lV8LvkYiMgxi"
-            + "8LIM1duuVVe0/T5C/IHQPZeMabrEZ/wbC6IWXGk6OLxSdSKO9xJvRPehhsqoYpKTcBeoxzYtlDDDHw5lWxQ6bHXfz4Cv0faHxnQYdRhO3sEkq9fk1tZAJob7"
-            + "ehqUfV3ieBJu1eCJcbfyknxdh0QIiOMPbbELKz3GINWvwjcabJlVEsXl6oh7EDpaqTiGsLfSxpMHxPmjy/7fjXKbKS1Agm7+g/PLzOWGC47YkJmo8gWRoaJw"
-            + "cy7I60np4afyoEKbMw16nBPDbiHBIBkL4DgaENvSkokaUlG1g+a2DDVVkSVSucvTVbtUT8lG0KMo2u++iWfhV1md0JilzWMPmNH0O+50x+B5q6jmduAO1Jzk"
-            + "4PgJYf2CJvq9EB1F9WgIC9TQIsso0K7vuvU46kr+7HEnQLROMQ0EN9BOUItvmJios0/i9L03SY+uReLBgNzVs9cBBHFENiguXC2YbWgSnDjUcvAO7txXCRzJ"
-            + "woCKwOP2KPalbQwfv+KNJO9Gl8zh26af6A5tSIysMdadHSaspRLgEg9nVZpehHq8gJd8Ih3Yiup/yrWFrStgq6hjcaGDkeoqcPh+BOzxYBX+oL1576XCtwsk"
-            + "42cfQvDye0HbsGCSmsE9EEidkmEKiTxVdT4Hop3zzPNCpJdAHFavF9/xvOhhqqRQ77i/oiOceiFRz69gO2W0D1ZIhG+O1eLMxEsO3+bVLPaQIbb1EeeAbyay"
-            + "jZ8t5h5rOqT/OcnIu/5Qebn6/cXRIpwsMeMOo5z1M64LfipD8O5WSs8vZmQlycJeycyYxh2Tf2iV6tjHEzNCCdz3puFc3Q/qCwDegruiAlfGxSAjv5oqilll"
-            + "UZCcI2Ve2B8k9kc6uqixjjce6MDZ4T3mnG7SAJpZYTQk2Q4cHQo0kyCqDYpJHjxg/ubo1x7UyZxSSvnoRkk2dte1xJZx9yqNohW7ruYL0GKXHu8OGka18jkI"
-            + "w00kBAkmx5chIHSD5u/GfLSnD/obiiWN1m+grE1arSk9JmKasSNwVG1nfKzmD8aZRqVYlnrdoPQ9yswklCcvOAfO4eEY3fnmlOpsU6FhTd/YBTRUX4q7sEso"
-            + "TiKjfWVUl3Q9Ds6eYcTJHMfJNnpwhjHFfIHBvn6M5tURC34u5Iq2buSManDCaIbSUCxbeqeSIhwb85mAYVBFFRvimkvoFTu6fmueswJwsHnlqYZi30MIlfiI"
-            + "ejUfHbD3ScQaLJayECdiTg5kmX7hbLT9240AVQHT/sf5lwsMfTIrRr/LOfb067iS6TGeE8vdcpK00JaB+8qUgsob7BJmqtjI2kvfwxcSkHpBjy8svL8mB+Fy"
-            + "j7EtFYBpFCiHMJa0IUMW5C8xa4x1NErPUpY/NgjhA+EK9dRCVWo4TYfuONnT35KtdM6pzgupuTr9dSdOFcP6fwYziust69OG6VhGOHhimdGztYz9de4FqxnP"
-            + "OEvczRQlNZQbP4UJw7olFGfD4pddDxbt8yYxjpe1n4v3Uypc2sf2xhE9MGdGHr4rtHu5ko1UgMj5eGuNO2gJNh7bloJpZNj7SGJ2C7OCiW/cusQYRCOuAF0z"
-            + "QJAWtPCO+NIpvSzAdX20TKpAAHlJEFIw1u6SwolnQcFEV4uDHUscYW7Y/VVibCJVZyE3WDDuPehEvh/nYt3kpMexyXvebPap+vt9sk78KLmwWF/wtyYkQ8lI"
-            + "dIfdbP05U34GUwApQ/G5XtoJlY76MCv5YXlsbp5GaK+sVERFrr4PUtEZqJ4v7KlwJN17ldBm1xJC+hIED2erAHeLuZMqGEIA6kTxjcKjDZdRaFF+c4Jzanss"
-            + "nf39Y23Ib0WyJe+slW5q0uS06knbsZz8IPWZaB8GPEg0o2zKNhLAyVsSkJ3gq/YiqptdR1eoJnLgR3q5iq4zG+R5P7n8htdh5wNtOFujWOV4TRNBHRsP2IgB"
-            + "Pg2sjnvnaykjBQlveBXrT4u09NW/fKsEmCsi9rCde9cun4PJtxvtz0BZW9x0mli18D9LTXbEP4l4NZBh1jdgLcYcxBJkogsqaftfzN+0UnUG4mNDisW2OaMn"
-            + "u03HUQUtGqIUHX9ITpCjz4QYpSZ3l4VjMiybkhkwtNaMbHzCgbW30124Fm9ZVt2cHjDeoQJ0tNoOzeiwzrY6+nuhzYOe6MWQTVZcUPgu3eXpVgVhOHhT5FyZ"
-            + "x+pnDnc4TS1IolSEJXJJy/ZBMG5njcov5M/Vkd0TPBgV6UwPHVmbH0MjxoLsdQnrMk+M7M2AxGPns284BCCE1Ti9kFlVjKJfOndvPpNzKGDOkvSQ23Zcczm3"
-            + "6F6jsndIBLESLe7vO0cxgp7ziXbexB7o+OEurnirJDa4Btg+sdVADivyyniQEDT0N9zcGDL9RBn31mQwvFa+GKw61MCn+sS0khwKx8Lh6fFl7Ru6YD/H8d5p"
-            + "nR2Id38jtcnGfS6Jf6Fcveq9fh5zkmaSPAfhd02m0QpMXxwwjD564Pswb0A1GkQSzm/anfw4CipPzx13rk1kooLoFeDFSn/VF8MnFBlkhye0befTlukKXMBE"
-            + "3TRnQuL7KEW7loKmwXJM9i8Cg2a4hiUeGGQc/aAVNa94BI1sh4hut0fPWAn32iZjkrz7OnCOMH/VtrUPHboTF9KMBFgtw6Xk2qjijzCJhLMYs4p3ovA8eP0Y"
-            + "m8agoKaEg+76EsyAhVt735Poq1C+DZoLz3F7G16ujOEwGAiKVT5zcwLQhTGRo2ypU5vK0Aad/18at4jnRcmHLL/WY2SgGiUnPel8Wf2y2UPceGmLg78gUKPg"
-            + "IheWH/Cnn5TXtPh3vGZD5oAG736pUEKbldMGKQ3zSMt8anW6i6OfSL/YkJAPOEgJukBMjPq5vQdksoa7NVEwnFUQKJm1V/Vu+chqzMJ4gjL5Li7W8i1xzz6A"
-            + "+hvLAiW0SJHxp4CZSsIw7jQEeEtPTLLlpdKomfG9lWjzLiIAOv3zcy5LVA/LWT9y2gtyr8gsudEt8rAXnSCU87on8TkTMglmPc2T+OVGxBHaKTbFGZO3erPP"
-            + "z97FxPIYXjOYPZTduHT/Cv94/81RTwQLG1EFIdIZyojG9MsHeVtMhjcDpbKvde2/SwxfA4CIFmznRKjoWdl6iP9fwyltiJZ/1sFMdYMBtHe0dCioTe02KtWx"
-            + "N13Bp7+LU07VyUErjJrKB9rvSVUK0iBvYABIujml7K3ldKYLk6XQ5ePejslccodDqE6lHTWmCee5MEII+3WgxTQUeIjoWXHG424/8h5HSUR/slbLp3793fRg"
-            + "bWcLVZ+JDayPldxxvTtwp7aCifrCSh+6laE4THkHW5rmWAn9Q1hfA3lKjhboRprTcuNVa64DPNz6hWepQmfOTweiTOHKbRLsWLeD/4xQMVwHlk41c49qKhqb"
-            + "Gobs2Td9tKCQGNghvseirjOPb9UOhIQwyjRaHL5smAAIW4ILqFfnsj3QRQnC7owXxAOyy8TfEs/korw5Yk/589d4lVEZD5vzG++P+GrABb7SYnMFkSHegKew"
-            + "Ezr1icTroawUqVp3VyMyu7HT9+C6DvEbVCE4GzgC5SmlDJtowUhKIyWkPiYkbK87O5GTHOXgoxQDCZklfhPj0UQ91hk3hsUvS7twMTsuDQxdyKxR/9wGVxVe"
-            + "JL6hqz9lemREXwFQ3Y36AMXcfchxONtCoddpBSO0ExhkUu31TwlgSfugtyBlJQEwam9Ga0Mn06cTpEpgumn5fIzTiEo9jhuUa4bWG5MGXLJY3wVxg/dTPCFL"
-            + "EBtgCu6SZyykpdyo4qD9+ld7r8NROsmSNG/ys3sWTwxWjMq31m2tYiDpYdSzxUrHrNaS04qODHadA/gGwPmKCiXRBOWE4GD11keyuwoWex9tzinWtLjUOYcJ"
-            + "gy0yk0J7J1Zotjc3JS+dE7X4qw10KjJKIWPjYMUTex8vX+0CNP1IOhBiudoqZc0Idf22+kRrar9d582W4S5ZTrVcWzOhASccuPIxgg687Ds6Xx5KZRBuOpMn"
-            + "xifSSfqRGnthagFqonQNzsIdxfemlIcMtxL5DAyvp4UPIvrBkGnLVQhFOXNsqvO8uXJOitJcpxHOGeVOWEG2XmKW8Ww7zhXpsOXlbnpeNLYuaadhU8t4lm5U"
-            + "12GDbqEFjSoSwmPwiomGUObpALP53cMJ1/JxJ0SbncFZf05p5AcU3O7900+c1eS8DyTscsWWL57NeeVlMQII9ONt6desU6z8XQtV8MDv+dL1sEzkFJ7+zz1y"
-            + "/Mp+7PxGaB8eCWtMMemNdT4K5NjRp2139k6Ah9rLwTjDORutIt7RaO7URvnWnZmwEmHpamkgIe+jNJPjBevQGZPX2iVVng4nbYFMlZTi1gdNOP8605Ms248N"
-            + "xV7gF+tJY5hUq2aN2wDGChqt5pzKA5SSaEdJD+GiorC8GEzS9jGnTf8ZoAejo7hW2/sF0uyaLmi+X43orz5bzlH0Y2yl7sCHeooRwqaLeolJ0YsaSlu38Not"
-            + "ioEFj5RAqsXImzznSO23gknYVzVPQJgFkDqU6orrMpSvvZFNNTpAC8L09ZKn4kvhcCidTShjAgLtBhJe15L/OEVYrRs8KKPbXSf+q0A/lGBskIkyWVbpRkmC"
-            + "jCZCxWKqjm80nEkrMr5Cd/awLAIK0LeL9nAJ4SsVX08J+sEnQNKS/r72jRGVyiqSZUAseUM0lKrwYDT3ZHPwlNFC7ZZSOlUnYaQc6oUznprt2UcrwEFRl3h/"
-            + "HvxFSg+/trFD8gPdVIy+Wh537SlCzYFNNPgBHbSOHo3GnaOiDXSeB7Xtk8heg5Jr3F68GcJ2r2Xo5nTTCpz0ouBGmJgkNgK8QKVF+x4vKhJeB4M1w9vlTLik"
-            + "X1dlp6wY6wbFFFdb40Ni6cQB9fdSmPFFeqq3M3JzkhiWDuN3JcVub7QKjMMkVpeINPK+BnOFetjpCBeyohzOygl5FdYFddsUib1lCdKchZvM8BQrqkEKS9ts"
-            + "FOmKXeln1en2GwmpFJK+dX1MWchNvAUDr66YOBxbgh9rizFgdIag227dWcT9+q1WmyyhwkeB6+64NuI4tH+Y8At21CUjvIOF1/C/FzzHdZ5loOoNOpYtYfI4"
-            + "yu5YGEV+lt2DOEcNJtaGh3RfLcaswMIcdDTc2nak9znT4Py7enHiQ1LE9nW4VP9ZiTPM0aRgmF7rO5E/AIUobpJGbApLeGxzdUQK83Lxsb3EJMu0ov9OMZCS"
-            + "FaJzOO41J8GVusxVIWC/7z6iOCr/x8fVmIQjkZNxD/vIE+24+bmftqVUJkU5zPvK8SR+ek4rO7YDEuMIE1ewI06ave0mIv5Pvi5rywQba5zDe/AdNBgX4D+W"
-            + "6QGqJpnhfSsk3dCSvb/dtZUwqPajmppBRZJH/tvKjFMV3/EBoTWVebgoT7mbXGoJLWJu5SJ0TGTI8GOAWUx6gipNjZVLDrN8Nvx36PX887Ea1aU5mQ9/623n"
-            + "IH/JZJ2sDOsaYFoMXgTjeKyDFe3dwyCo1gf5rIG0x05ulVkjtrHHYOOTKQJlnypxj0F7VwyNO49P004qqg/Z7y4ZDaLfR88YelTppLzd6DDj5QQSsIuU0Gnl"
-            + "AHX2h5wERyecqOU2OYFzp5YaQXud2boHr1TIdXCskF2wv76k67nqGQ2m4gPwC6NMJp/+lPh/ZTDJOTXxd4Jfle3t6oWGtPMPmnsaMarZ9vTDlO92/dwUONRc"
-            + "kE271RfxK2gsg29RBAjID18aYpOXcHsWGb2f16dmgnN+NNroWKD4tCZFABsVfSEafZ0s3YWNxQI3ROpcnPSdwYinM7xEOZeWN7jVkIe4Zb2DndmNdf9GfnIn"
-            + "2ZL1cPvuvRiXG9LxR1L///tXsAfxvduKSMBlkD7T4kqmtjCmrxboZp2OdKDg7fTRFT6B2BBw9UDi8KZamBWIfq+XSggCIrre1FUvI3+0VPqqQv20NrZrAroU"
-            + "ShKwrl3Z+/kodr6FPlh296AxG4A6IohNQH8Bf/rBvv1kZMEyMTdlZYo1JKuYVueeePappxdIUAQkks34erxzEVt1N84At2vYQY9nQzoEQFnbUiGC7W8nbEb3"
-            + "x7rfbYXQDAnrJ73kF/5+141RliWrkbIwYkKdGldKkO/0+RRdF1csfVpCaHjyYp49vxhvqtylcf+Y/843sWIa6DW4jl7hi1JeV3x/1HM1SC5XK6JCy2OQ6qXj"
-            + "M7GxRQNgYQzhnkzCzv0R8E3xxxX4bLRpvQfXu1O6l1bFiN81I9mE2h+pPJGpPfrFvRObgmNA/QUjJqddbNFMLkCuLxFW+FVPs2zyWOq0Zkyei2Sx6FNimUU+"
-            + "nxBYYy+GMPQUcwIp4fBiScahqliEoMnEhXNye2xm9WNkA1GNHjb0db+HdEjtlkxHi4W2Zo0lwgZ+9jyZgHMV/wgtxu+lMTWrW92sY7/d0AvKZ7sJCsWZn832"
-            + "1QYp/Zn0mo7ZGcNN/Uy4PZS5rPotUqI85CPzm2laIZP/MqK3vj0nhsbE0EwX4Ob6PQGi7ZOs8JPer8dlxBP/NRMDBKmzgoki0jagle+jHDnrCq+yQVImzR+Q"
-            + "nt/WXC/5w4y4Rx2k2l8Un1hGidYS6cJrT6Lymb5xzLTgQJ1uFV06haNGd+4H4ZOlbJj45386c0QEXmW39R20AB0/rgBKL/pcy9AS3pSQRaRKfLxOiRYFPXX0"
-            + "+mI4guLwDptoOORmjeHa7H3JUfhLBTJMmXb1Aa8OMaq1mElAaQO2dzS9UUvQaJ9a+NR/PW5QegjpfVtzkkvjYuVjqH0ovLBqVfxgCLmB2/TNDuKBmil20bsP"
-            + "29fQfO/cIK5+VT4eG+3FjlEiZhckHb/EYj+UUnk3trLQibawn1KLcqRJAUi42fnzIjH0vVpuPm0k9uLj3z/dC1ShkGchyD/VdGLB58BZq0LO6JsnglcNHR8h"
-            + "ZH463sNWjvaN8oDsIHNTy6vYmqRfBIzHPFOwuNtpKQw2uTIAbwSOeSGSw3na/UpziqCGuIMqnCvmuD9tz3V1DDkxykVsFGLYMcCjJbDA9o8YeA4wzysJLcMu"
-            + "SOSkMbUGvMEzijATSfoHZ9kQdBE96PAhMn1Ck/Xb4ek/iyRAhpF6y8/j/VX+IIUZ0VI7HVG+Q5uQpQMTmaUY5kFnLlz/M6pBGITPi4P43UGAyvZcdo1cpEpm"
-            + "3ChyZq53tBajHVLOMBgJpXZBsvmT96vA6UxmUdDELQs8K/cupLkIFwxvxDBHgmGHhXrUSEtjR3xPyx1drLsvIX1T1ZBZKZGsEMBFIioCeKbh7C6V4lTNznnu"
-            + "79OXmpYHwYB6Yg4WSdD+gkMHa8qoVXIueL1IGzq8oPh/gKBhXaz7qKegNAlamSCIMrT77vy3qHmSDE8uhjmm7lpds1UkyFZOT3qy4zVTTiuIVrtnL6GKFF3e"
-            + "9Vw1PEz3Zko6D1a024AipOTf3wafiq8PXinSy24MX18iBNgolKMoAjYxKqU+ValBc2R9Epy2H0TwdYmvNR1ASxq8qO/DeoEbEPN2tlicv9HTkrqpVhSvDjuq"
-            + "3Ck8Yo8falySr+RSD55jSmEhM8xW8pPi3aLCLbQF7SQXq208eGJdytwFp2NxOiOz1zReIQXL0Q/be/SDod/hI/LIu92Fsc0xtcSB6iaSC5m4d0TdBb21tvns"
-            + "xms0tnDUPO6HiZt9iCFYyIAFnHsHJH7EWw7rrZUCMsobQBmwTLcqrfVv0PaxES3JkGbAY6y8CGbSuwgEYh8DnAL1G5pGuSpN8gbdowFwpAridHNHXmF+8cWl"
-            + "jNyjPDNHXeTLPPP8b2+LsRkmVKTpF2mxMsosU+SdnxVEVGlq3h5AN/e/SJUSpZjp+/7gsYGAlPErew7vyrVuhAlY4whvqAXMc0XVldFhYESGzbZuhdMNWgyp"
-            + "Oclj8BhPxiVv1ZcK7OKR0AIYbFwtvaNUl5o7Pcs4mdVLdJvV7gzcW7DLbEVN6XD7P8g0TIR2xXvsUh4PPLGIQWYNg/PyiiY8LCirXbKA2hD8aPHimFMupbdp"
-            + "4lXrwP1pMT+kcNi+DmJaztOp/mll+WeTh4dpxs7vskT9Z2zPwHkjGoJa3YgiWkDinSq+CvMTkCRmBw7kil8v2ZlCs07W6KtpB1JJ4Vi4MRgNpxTGWJ71ozUb"
-            + "DEap8/OWlzZHaJ3uzZX+KgyYVJCp7BTEvnUJfF/QUrenrA/PdHa40h1NYXvyAXUzKNUMJKd5becWBuw0u/QVZHButZkS4eISxNOZC6KZA7kFC+UVc1KN/RCC"
-            + "kDE5SHgWkUeILPi3irSfLI8viXMlss56vSwJFEp8b+yc+yas/w/Jwbus12eFIpXITHPFNOYZHHzhof75A5fW3TNJjFw0JyWlQ34a00oRGFLixbv8b3LKJbYK"
-            + "RItlM02jbOaVl8m+jQovobQaacVwHI3XW3Ab1EqMbeXrn85HfvsM1OY7PCSxhWqXK+SzDKanNgLPhdZMKvhUTI5ycy3GF1mFLNhBO3rGiLAgY/DDo382jGb1"
-            + "VHvhlJnIt3T0LsgF1tr0yUxfqBYxGd9AANlRuDAU46CGp6ey4yEj47s2AyrTSnQyoM3c/+D7eDhbl3quMTQuX/QRWhTM/tfJbtks+XTv6TRJqIiyEDly7Q7Y"
-            + "wo2CgK6Wi7K7oaqVFymcpU0PukYuto/+7XdNh6UjVETiaApa2yK1FaOdtIQ7Hak1VitnCKq7WOrAmkiM0QrprsVaqLDv+A8L6truMKmfwGFcz9nrI+eJMtMB"
-            + "cf9HnxN7J1g2g9J5DqL8pbYpFRGqsQ+ynOxnEYL3Xw4/Qcc8R7HrmU3uv/HwY6g67zDWflX+0Y6txzaeIy+fdkI7yeoXJkmAdQ0U6tmFf2tDFR5zpW/wALY+"
-            + "K8ffLCE6DPhgKrFQJihlS2YXjWH6N9opNmkRpxuPXzxbudWr73M8/nosW9QDKvSlnmpKt114QBL/0QUUqeGAYy5nrWMcQlXn5XA8RhhQfmMGkD5Egw7781Hz"
-            + "LnmX5dIhp45hb1s5an/kVLN1WLTM7Fcw1dSgG9tNJ2R/4UxWL6l0XVTrxZE2AYKjgfjY6p7MUPA+tA4iGXJdiIUQx6gW/zCr9eEGeFyQK1NT76dYCWmM9Gnw"
-            + "7wUyYIFIv7hIg6zcUzzHmmOxVUNBQENiRnRk4lVvz0akYHKxU2gWnms2fC8lSGXfm5yU7CcluJTEzCDqsScUUsAz+6frpviBiapUjaXQvEcxT7nWKWf8JzwE"
-            + "DSPDzdgVL0iG5rbdRZdzVfCvKVtewurTlag3O10Rm3QXhnGJPY6qp4GGHkAil6uhBIuSSc87UfhG1sLLuTpH3OuHNRjSrD1eSxCmzALl0L+LgUPWJiE5obt3"
-            + "njagM0FA+tmxlUOYr5mA0CfHJQ9U4YJBQGfSUlPf7QyFEhioGZe5VSJkEIBOkdd30wPJEuqqI2KHRnovg7q2+ex65S8vPACRo7xXreRcwBVssR6sA0wKnH24"
-            + "TUNC4heWAzWzi679zYAEgb9uY445Tp/HKaRz4e7OyUsDABDXnNS96GmwZtSZfU6QbfyLQkFl806CgntVyigrVuetKTharFa8/gD29IMYih/go3Kbcl8U7wlk"
-            + "T0oLagPSCLE8hj0iXGDp5NngJhLQH30CNcNyG9yc2o0cJGIfawJU0IoxNR2T4MOJYwRzYdNWEKe9lUck3DE0h5aKHdauMCIgwjsPY7BV1pzqFTyOLIMREHhc"
-            + "b6GXrDverTKplN0VRAGDOkom1mJv7OyZacWluD1nNEvRGCm+V6ZkhW6zGxEhb/lmH+0F4Zg89rudE6DAJFxFPdZLwgpqBJ4JKoc3n856U+dxYa1DDZxEepnv"
-            + "6nygeqlmL11IZ4PipT/G1PAvNynZKDuEVR8uRI9k2zXVr53C90YXsDklB1j8sVUq5noOZe0NF2Z79CGk2YzmW9Qv5li6Aw+V91VwhbL2+CRS58K6UMV/ZW3s"
-            + "89stpo/xuPO5RN2dK3xAsX1Tv/Hf7Tp9J96rGg1tsP39Zu79xlF/+TpkIqL1tx8+x9Ef1QinZvrIrx6pNMJXqUGBKzZjBss8v9BHX4O6ljBm/q3C/Y6DuB7i"
-            + "yzwSmx6ES8VpoQ6xe6nyGkn+AF3/NYKWLkU9yeNcJ/cCTpxVL/SvP0ug0krVhQpXvJtry5iS8oULwFQOKxid7BdGxX3+YLcRhZwnJRAR1idyPkaxFoi1aea6"
-            + "aeMg5kMmXfV9emUHg0Ny7+S5Q/Oa9EKXv72XcqBSVySUo2S4lXM1XWvghh6z/TaZ8d4CrBsNN1G8iUQLgvoizfHeRvUQnv7jIUOfsN5iIsPcYDQWnjT501g7"
-            + "tNdhTsO8MItBE1lmCIESV26ApZzUbSXWwT9C0d9RGHWslQHwIu7ypM9B/Xm4rEfhIC9u0/6CH+jiz2iTOrrpoCbaPFdeDgiy7NomMPFnA/pIAR9pXRySTWpU"
-            + "tr5jJt6ejhZqWTIMjJweHkTykb63aqjgBJxg4JLmZeBrnQQI7RfyifYr/87FPO7oPX+LUiahg93F5DKjTDQkuvFgvPcVnKL2HrfQ0mFneuLOim5KH36e5gXh"
-            + "aevY6mkPPYza5AiLR1vCR6mbh8rgJCoDlbkh2u62iI2JZrXvF8KjPgXX/Lo+uhtUF+1NYNTqYjvx8p7tSAjFRGm++W8YDFAaE3atLSDoBfx9Uugd7tFl7tPV"
-            + "Vzl3poQPWbBl/r81teKIl/xboSlyOGBzWCyvndqkJoIFzK6ZKwiMMxlz0Lnj2uUPWtP1MRQCbBPi3qRA43q6w+J52FB95B9o4LaS3jjBf90tkgyuBpFzP6wS"
-            + "uk/9Mqqx5C99lfaJJPPeny9MPlghoxfQCJtA6gVUr45JVkdugVNLiOWQFmf+JTIEPGExDS64pg5EABu4YmGvp3JJx+0F1tUuvspN6/J2cGw9QR1TBJQ/L3W+"
-            + "J8WmQ3eUKd2MVwTe8G3Kd74lSGFgmKi4r+smz1U+nlSwsnBFWKl1kNhEyfxNTVW2EXAyBNiXvRcx0VWPJv+CPidIqw2qhxYMj35AlYf3ksRVi1yTWWBrjn5a"
-            + "SR3Iet+oh8ABreyZ6VC+odepeD0IfTm0vCJxoPNnaSMdUWlZM5UG7fglGH9c3NEAU/QMpxLbII0k+CjCFL1j7RDpZcrg69BDBV1lhXb01pqZqCjacjei/aBt"
-            + "UqJGcQOGJ1K1WOuvhVob1H9oO49cB9Qn9kvezK4RGXr9y2qlySy/brwlf60velBLm6NhooBLJe4rlZauLnnLt36lxyP/5y2Ndmi2QVRKh+/5H+wWBEeZ2m4K"
-            + "Jf5v1rZCwTMT/gNW5ry0CVky8z3mJWLCIPf7mF5UtafAHUN3j/TB5p/yw5Fcx4ioZVv5xRt7L+M7RPnzi93NhAtsJD31XpPgY9vW8gXUwHX0o7LAiWtE1kUN"
-            + "HV5FFHZW5Jq+dakTJiqr7jVwSeP9R9xpXW5MmWlfHIo3p4JLF1uVD9lFCBGMcPTnDrL5iYoxHtBFywiOCua8QGnZoZnrUXElThbTm8yiu6ThtXAiFpQsjgYs"
-            + "6izEkB+RQ6cuTyqEF9+amBee4tVqAavS93vwHlaCLrZZTvgjBbgoFl/LCo4wGo0v9HwAOBvxGIItSmOhhpIrZ9kOqcKvu9NEa1tU8mn5H+gwQUbOCXa358Mx"
-            + "maMuhnCBXcAbetRcTa6E5yT6J4jetPQjgIXjOTh33ceuT/xWRsrZCKXbb48Ld/6C0MQArLRLXlybLd5zult2aiqfkpOA6bQ+xuZc+Fe7emFGGZGoJVlTZcGE"
-            + "ltoGOniQ8n7FhmdFHfe5hV+8M9U53a1nduHbaUjdFP2PsH+GnHoDQWQan+9VbYptUBNLi4mLBBi8A/1BiNWZ6FtQpa8jWFo5wWQTbhGwz2VZH6YQZtrigNA4"
-            + "XE039APhmYEDjLp6UsYadf+xCgk10hETlngNd/iW2j/Qb5xQcCyDHozMomlhdIdhtwkGH7h7bZJdW6LlSO+2XeyijYBCtBs9jVTNisausGIseqzFVO54QK4h"
-            + "IHpslPOq21D6RnHBjhQ+GusmeHrOu7WYpfJvOwex2z0wbAQIn63moxbb36Gvi5fwi9HN+sTwBuqBmfMB4IW/klTRXi1oSM8zJms8E1k2Bm7ePTQlpeyUQTwW"
-            + "3I1xUfIpxJecNAMpvwhhww2aMEFsN1616zS74Qhrp6JGCvEVUaW/txE2StwP1YLQdknPjB8IkIvH2bUomcFj2wpb+uMRmuPrCimDvrP/GoUyrMd1BsP5gc1d"
-            + "j3F484ivqwSxMAsauf1Q8qAQTmH4WlcKZHL3jpf0rG1IFf5e8hLvBLudJp7lOtjvEZX2+Iy1QU9zFt4GGhNIVInYb3d24Gxyg2uAUzW/Rk9Gs4lsbJbYRiS8"
-            + "bkWa3O75a0QC7X4TKZR+yYXX3aIpeu+S1foyh9bhgo1uEg2dxQTq/evc0clZdbd5WU1CFDOxYLEM/Kql34DQfdckYFcl7MDFySvMF9fFtDvIlwAXw0XjPEX3"
-            + "pFJjhIoOhS+7c5yjQ/Vo/P41lTHcGPesHhGXqnlPVwEhNtwAtQ+REe6gbrMC/5smlnA2LKf1voOvCHXVT1J5bzCq8uE8duu8ilmvTJOFkLWzOIHVsEOgeYob"
-            + "pFILKoJF1nZCTUkVXfOPm0/GaihOzFUyMpKHkot6TJeWXGTvz8+qVPS9k5Ui+9G65ZWPXYTTdG6rE6Y4Z7duKBqQ30zYg6x55LWpuTKRqO5kRnzQecWFnyU4"
-            + "H/5KT5Ke5tZAyotNtAKlxWqEjjrKbrZCMkQl0etL3/A0l1IrQpXMF7ggCAQAFEeDAESJJZTs8Pxd1zHwiO2/pimAIlBy+NXR+QkKoVcSZ0qpX0Xf/QOiLEiT"
-            + "gvEHNqmaUa583aGcybZYRL7wjdVpGzCeBmXEsPkxuZehvVpYc5Ld/A7ABRViDxhQWMjy6EiGiZl+O4D0kKQaUBZSRDuLNvPXtXVRZMMzLbc0XDfTEIyj4g93"
-            + "w6+dkUr4ju9EcdO+XxDdeVo7WI1D8hupDDQl4uXo4OpV6zAOqU0j2HkZDUBClqJ/6IT4V9aKYzZutfhbiewPojpPwucFgOQ2fh7MiwC0U0u8T+fz+sEDInF7"
-            + "a/2lrUgqKYhTZhr1OIMlffpxR0lDWgWw5NkmNU/hNA/a10fej+YRji6BPwXjImX5mUWqFDErd+fxOlt32vZ0dqJUE9KEk3a5jdW3Jo8B4V1T9wNbYjiddhk1"
-            + "Vc3+wK/a6YrIbPGzyGa4pcFIUiwZORl6Ui8Dt4K69yo4h66zS9fX48X0RDA2K5R8OJmqivh5+OLScCwnCDuUXRFFdQ5wOw3wNvpfXaNd0JHttF46966H7iGF"
-            + "IR1IweInA1mM1R8TAS/XW/NFc4RA9fqGRMT5FnGQ1E9YRVXcr9mf4W+zciLl8Wn1o4cO533NoKjTmA7V1FdsU3zKa0bXb6zTVUmjE082JHzBcqlgM5LAPbcR"
-            + "Aunx7N3GEuu2FjyWkpoyhtSNd0Dq8ypTOEgpyKDlSqVlQyCf+Sci1yjf8OrnH8nZyGvSVN4sRyauFeRkRz7Yeb0j02g0oiuKmA9VXhR9zR9ryOPGiZGM8br9"
-            + "uZ+BB3pEK5R/2HGR1Jr1WxOsERQ5OBwUTQmqjPSulYP1Il6q6zOzcxRMkjjVLB/FA83cDBUNopSHfuuODOeHCE7a/+LeKAwUeCbr0JRcbv6tsg/727UJs3+Y"
-            + "WUn4CXkREWOQ2WrU/LI/L7Ke3JGDQQsWT9SipgY+ZOV7b9FjSlBg3Zk7ynIO046bTFYtQaXoGVx7MZWKIYoFtcbFnOLEm0+5Cq42vCx8FoSov5wF4DwhJwDt"
-            + "X2nM9iFsTLkd0GA/tEoHX+yzYkHS6kaaMB98R2G/E9evoa2HQW6508KYNdGT7TZ41L2t3wGqfqU5Ihp1IQa1DtBC0p0WWIJzhGfWmagKgmPYpzfRo76KiTcu"
-            + "0s5fO7xdnplfAn3ZO+hKGC/CSs8zp0ShaqPxk2YkHYBj/sVGRYtCTIwyGTi82MjKAz1/5gpZqSDIaHUkX92DCuLuOqzhuwd2rgfhYRWFjiR1byhhJbSMEQ6z"
-            + "6syQC4W55VbyBZZnDMQ6e+/iVYyu1hQLVeFJem6vm0SY6EpWa8UYjsVzZiwbUwAR5A1DXounsmcg7dNtOy8Sgg56B212643zNazTmM8Vvu2i8GgcgpOpT5Ll"
-            + "FUKI+pYOmpX8VH+b0Qx4DYA+OqV6tEmqPlxEQj2AcAyIQvw5d5AL+v0GZGuZSs6efbL2uKawJJ7HAu41/8OnyHQw4cMDYzXN5tCaC/4PRrWrBqTPL9DS3gdk"
-            + "bH5AT/mDW+wL1kRvFun773F9UwhF86LaN/c6KNwBpww4oiZFCe+lnogeTVXwmFYug5TKY5mMFr4Wg3SbjLuAIqy6IwawZNUe/4QIYAvWycawQ7IkWsZEB599"
-            + "qWhAMBv3xh7qgngvchymD2Rg4eXOmtCYJmi051FLq5EGsgnINWKBG2N30LLbW3RAeepVr/TJF82OKVoqS/Wc9QFKKMS9AblpHGwmUadtttPb4lS9njHjhnXN"
-            + "n3lWJ3FndIqA6u9SqUXiQDAabaQVzP+JE2Vj2YlUvLI1eal16CRkYLZqgYDZlTkFgwS6sQ50Pd8TzLVZVcvTpEJ2VmuBD9i8xBA70QQg4/Yh1cGZq3HBx5BF"
-            + "n46l3ZkR6bUNgag3Yf8vHeettal1ZnMv9Djp9/t0H46HArZMbTXib9mVQhs32MfOiNIMWORb26t2YsdCEbFgxTeoRswFUnGslnnXdbWXuS5t67WVq7p+oBhN"
-            + "aiiOqaCvao4JNwYYit4FtW4mE93kAs1OcEqNpEdaBb9Li5OCulDe7trYWCPXsWXwI2QX+fUdB14cnl+ojwEZC1PPA0aipSGZ0cufkD9S5uVfj7JHf2bzOM1+"
-            + "wTZVcOWFGxgV2q/44HYrlEuyYtWAcfKFy/28EIWce1gYa6XjiX6GZmTHSIkUWe+/+mEbypohD1A2Uu86HDyAI/TfqloHS0QQVBgjnHF9of0eOjCvAWf+/M3Q"
-            + "GP/k6x0FqiTuhDBOp4tXDKeU/BgAPIdiL5E8TQzoP9QFAmtmIeBpNhFr8qWF21Ee2pACch0GzOAnPfnagWhlbf+28nkdwVuzoNdO+zaXEpQHpvsr0iKhZDQv"
-            + "2gru5Y4OklHLctHHHP0q71B7k+9d7Fw76HVaheLEuGVaMRmw6eEy6IA8TH5DUQc83BS7W/nYVlOlFh5ucDfxBH6gtN1ut0LX+lItw6ZxphCO6AMuVMrdebJS"
-            + "H2kGTwtBQkFbLsXzkGeQvvTnalYzBikRMWTJ1BzBZC26Mzw2vwxUD14fwgtFyY/9lTR9qBrELy1tLOjcDgipH3C6vjKugB/FZPnEg/WqZjDt7Oba1aLub+1N"
-            + "xHHkDThPrdgt1gjPhK6HGo568mGy65s29IAwOfSIXAOBOc/uD5BsQ3wN0DTQY4chM4yyV/suoUvISIKgT6JqU4bx87bf0YxOWJAkAo6u5J8sWw4F8JNGhx88"
-            + "7G2YcZdiP/h6ht8fnk2Uvk9TPfSPnthpWccrdDSIMFzZoRRokMiCxGMC3mvMquZgJjHwgzjmjOyE0C3ipN0dZYi+SkyODvE7d1/uBbzJ1mxUKzMoEnOYGj3y"
-            + "o5XUvedQ8SlGWhX0LeNtR1yL0HMfkQxr9w/Xmj7dYs0mj+O7OD89gDt/6UmcPhKYIzWButxCPZE97oydVtWys9kPHJ8idCjRZ4BaZmXFhRbA6h73ZDXevZ8c"
-            + "qi/skLF3cCalF/t1SIhCslxCqlGFdrFDawLKx+Jaq9OqplWgO6LvnPAzYKh/ZOqTMLkW00K5iq6aSF2F4BXWxxSq4MwmXMz5HSejg7k3PhPzwmqgBXXbY6Yt"
-            + "+nZS2CYiQDhWQPIFodrBCHmlHxrzI7P95Rz4xeF5e+OtVzA2Z5lEKWgvXfkn4OdNJGM7jS1mn6/NPQ9mLoKu8cGXqPF4P8CvkaGL0jKbXdJyMjY/v2teR5AT"
-            + "2wNFhAs/AAisk8qa9za06d6GOgaj+EEAK7cDpsIBrKJ2Xf8+xPGUaq+ApQ5UiMVCYdLdjH1gu7aLUAO4dccvcb43G7+ec12lfZRYC6NZe9LHEYKvq6XOXnC/"
-            + "HUsJ6u+jQpQb6WbMJ/gn2E4J7GgE8cV2e1zs8dKxCC0xwSc8ZatSCWxUxBAz6HCjDbqxvQxFPPwYy7BEIRAKV3Cdofu4CwYMvBCy64M/WKvFaRtCOkNS3gIE"
-            + "qgNWa3yEH3K9xW4gwyKwnIkl811YzFBKzcZil5G+gLP4i8AUbS4W3PLlM44dokkQqInoLntFMY/YyqM9NvOxlhhr9UX4rOakoB9oUn2c8ib/1pyF8ATqg06Z"
-            + "/CArVzmYsaGjkO1X6tifZyZbz6qqR1HlN99cCglMmEads+omv7zQ+r8lWRI5Mh0fb1kxzAia/xKRPbjzj2DbSfrt+LtcHmULbQyZa6zcchme9CvuwTIpK8LY"
-            + "e+/xByDMUJgrcg0jcnblRHwXoYrNMOufW/y8QUdJA3MqlVI1zQ4Hmwp6fo5cyQsxgp/eCl2p49fghYGPtU4tCKKKe2tDzp4CjVW52oUyGpSnAqHwopzEeu70"
-            + "qJKnvHs2fdKEmG6ZfoNidIkc4HlA5EZlCyTcdtS3ga1K3w0qecUO/hGdd103zMYgLsYWhOmOn/btPTgXCrU/UXyFdjJNFHkHxoebOr5bEtDBBC7EBxeenoTk"
-            + "wOoHoBY7AKucMVj/59dbeqaolBTx7FY7BjPzwmwEeN76xz5bm/HaGuU9+M+qlzNmkAZy7XeQUz8OTOIqp5yoeQpAM1rVNEhGOyp6XKQLkA9sDY09ptNKnTPg"
-            + "RUfm3hLzgkJ84nsbgZFnCvghywoGytRFJ8ob5r96ReOsznSimLBAmvHh1nUdeeqmeivl9toyUa0dykzBdWxOpy7IdwBe1KtfB2KsIAc+7uQhqPiqdycznMny"
-            + "2+vjV3DiJVpPD0WRqfdWsCfb0QTcFEvaTfP9kl2X857ZxqCPCBKNE+mGszrsmDxAJ8bPBrIF6cCtY4KNw52nr6DgdfwmDZObf5znC0yxUT3C/k9280e58ncl"
-            + "W1YZ4wYt+aoXrg8PjziJ9PE0R5zQKuXmY5XOqnw/fA9tV4fCMgBudQd1UFaEKgie+K55weQJR3GfWPlbPxsRWyx5fFV+5BQBtcvGY8QgH44Uzbjr5S+JR7kx"
-            + "YaLUDiSlAKpG6LbhS2lchFXdhG8lHoz4XnxqvFyvaxuStBx1j0zH11JqFZX31Me+iBQBXi1tkNR8jFgdQbiTkxUY/I1QU6eQyb1Qg6HkJpLXY3Oa9xlREwMd"
-            + "TFSHnIo2HUCC2AZlW7+7I965vTDjrH5bi8DzKdqUc5KFuzx0IlYvOM1vwauww13gEV9nfymdP2985wvSMPiJ0lGzZAxsjK2wYA5PflH3xL/rnIFexciDOgCt"
-            + "lCBHWe3unckZTv59BbC63CekHG733dCs1KSdY3IjuB+lGm8035sQBZJdL+4bbAvAejdwHET+s6GIy3n1Ucm9vbRqJ4lKtIYZA7xSQpvdNVTknI7XcK9Bz4L/"
-            + "noP3Ga3PG5naCkcddgR2qyYw17FZnE7ZFj2vXnNTk4CB/AyOwyaJzjjERDygfR6UDbCk5RF5PLFhnLyvBFH6eBY+dYuG/uryUJpnfVslZDT8yPa/qSr7x+1b"
-            + "xXdv34+CHw3saYlOvEJABPuwBFYyBgeYZ9yvHAfJGCj1SbLympYs1QDwbzvXtxz+goZ7YvN80Yybqx7GRpKKYf81e8cr2ZIJs7d1LaXopB7ZcyCB9zpLevF6"
-            + "8Z2NqwMcuhN0CmsRK+kQvhnCaZ+uzK1seW8KsUx6Yp3Gu2QEPKk7fQZGjST8e/PhQkWovbbEirZjvbXjeHHYhqB6ObFwH+PXsao3C26ITr+q08S2L8Cc6bwk"
-            + "cTOHnKnONxLT7pxxVSmbR/uk+c5pWGqR00grhzeYQMJdR6d442OCQUQNhpuujx7p3SFe13jgrrf+9h2m+doF7RYWqZNhoEaZYqtxzYw7URA+4os3q1Pm2q/O"
-            + "9MumHknrhVZ4rdaAjXtzURR4L0Gq8ZpbR6S0PBHukNDACK0FfGgtY0HLVscMZutEBKFere1JSQPsSsffCPaY6pcrwt2YMUPXyfI83gr9EpJHlHWct+3FdSwI"
-            + "PxXBuIAXJRPCnnJ+O9Ssvq8oLQdhc9y6KLBwzN9OJQ5xuTFQvfWr5xbNNyQbwqy5xM66V+qIPhuMuxAHTC2gf9hJxBE9LtZY4+O2U25hUNavBNXLtA4gkYPS"
-            + "xJNx1ICcOSMCjkCe9tIvexNWNUWWT/hnVsIF3o0HeBHQ9ryeWyi0jrOSohKN8IDzO6H3IlJ9UDSKHOb66dIgNbEM8iY0smzUudf2kuozOjOssVh8CEO/C+Cd"
-            + "S+YqL3hOph87jUQcyiGY+sJp7ZHtvWIX4BqwiQTJUO3wFQ3cCuvKpVgOBanRjNi/rd3C4yEV6vIF1RjVj2PD+Lmb76GCNBpohNmbo0EXw0pkUoTLRSq68sLi"
-            + "9PZx7FVjrxHk6ZdoBA3jvvypHo/rahFyRHxg8d5YewSZl7VOgKimlcDpO43GnVNg5wnRk47PdNWRik/E+ZHbg4lniJ/wnJNadHbKlF8LweKq3gFt91FR0qhI"
-            + "63jpMPlyYYrRVgCiEULt7QDnoO7btFb2uPFjNtjhDwTh1zTNJp6GpIBjfsKhYEBu7KafcAD4exJOWtVYGMnykpsCx56FFhEnDh/bFDLPE0q//SlYZnRngsix"
-            + "xpmT4w2m1rfJUj/146+UKObtM9w2tFHhPjOoVyUCOUNA5DP5gUthRUkYPI1s1qikXQ7/T7M8AmDdnGIQm0aA+e6oj+gdEjg6456HRkn+O/Q2PgVH/r2I6KL/"
-            + "VAYLDKnu3iVHk8UQRiIphuUmKhxZJ75Vxv6hvfFoAysK9U/VbHTK04tUxLJlbkdb9zcn50jqrSuwipOmqzRnJOUk66jgN2eNm/bIP49GEL+VQqE3CneR7Raz"
-            + "e1cbtP3ZMIaBJ0PcuNcSjIgP44jhSgXvxf7JMT0voj+EqVGX4vax59i+kQnqOPV0D2czHoL4JD9UBayEh4kCVOCSfLkswRg7sSU13qRdEmudnXMXRw0h52Fb"
-            + "2GbR614flGFWj/DVbh9d8kSCABTas3yTRYFSt8k87ZtORBEbGSbgJ0pXaniOU1bdhYxzJpYydDS0zZwytJ0OyRcDfx2/TGYvxJH1N7rRyuMxT6iUL6FaN9qy"
-            + "we9JSoPHgk9tkNRYLUqJhdflduI7V+ULjW8HlUn0Jan/90CU0zYFhyRHT6DTp3qMMhB7crpk8TLWtZgdhy56dcUBEDY7f1bVWEXzl6X4fOOhlelGhLYacEbm"
-            + "l5JRdVXUCPpS83o5MIx0aMoNdyycS6rLMeQioIEM8mkHIHQAOu5b2ac3mdNyfiPHmaam2W7KLN3ehHLmtZhDaflfbCYSVjBKCiZK2WjMHVngW4moQUQkwvZv"
-            + "GapSNh63Vim+Oxyow5X4BCr44ES3eYxpVxViKNzt0RdWgZBZhJHqzoYXqsEPn/pC+bOP2rpAqO37/+zgR0L59h6fTPQYPqHxQJhD6MdAlfocMHbv0uEwZ8CD"
-            + "MkPTp1C49ioJowF/y6KMlTSdJrKhUKjPHfCcPbOgWEUJRdYm4OSBjajeexCNwkFURg4j7aG91qvZhey4LA0WUgrnrxqrwA+O3UghXpnBDUQNPvLyr99593Tk"
-            + "7FccWO9r/I3l5S2mCNkr/0dBUKuKNQYeGQKvXTOfwy4EyDyS1BRC6ezkh8XphcNmOzRDcwMVgxFiEUNOqksuxgiyMEH4JgG7d/aW8KL3nd+DLpbS1yO8F2pR"
-            + "TYunvxjFj8be2gjFc5cclMSKIMg7UyKRUaLeOACAFMNy/UCBbicBwTa9xZ2ZX2vgGp5VIqzsxc2029xMXMj4G9uXpxo2UddeiQHUvRvRuRaw2vfufQWKHPVe"
-            + "yTl5htnH11rFiAh6q/ElPZE6/rvudh+LQ/cReUB2W+/PH12rycrKfG9uc6mBUGnZsK2bInqe0w5PDCPkjm7Q+He7v192UGUWqXCnFhyZa+R+sjCT4rzY6mPL"
-            + "u359rb05T7jwq/BsLeeu0IYgvMxmuWpM0VBIJ+gp738F7sSyuNAm5wHb8sLbrfMXJMoMN6X4ELhyoDSi1PHGCMS5GegH+47YzQaxTWswtyhlftuR96bOFJ7c"
-            + "tMeJdHHfr33lUsEHAsAgn3fVT6Rg4xvEEHLARsbMGbE3fwDGWqF+bKc42IL2Ha1AVihO/XAQkipAlkDPHxTxBej4ymspObGfvSG/6P3CVC23THW+OAUQL9Rd"
-            + "f+vgPH7Xzxw3UkH2fkIa5n5Sa3OB8XthVe/vUBnDzzat38PEr/uao3R4lmWqsbHwiMqMH2dvq9/dKSswnPja4aHZTrk9/sIWgLf5CMS4Wk3swl7w42DBJ76t"
-            + "Jax29tn+k5MtBfBUlmhwXcMahhnNMM3VhFYnjR17yB4cJZW9okQeXrnrcwOpc8v93BRl9I7Jh2EyiuAQe6CiJAfdyWdYQweW8U/QKeHIvB8OGheK0hy6ud6p"
-            + "v/zDkgz1wsgxaGhPfbsNOZ9CvVejT+cmsOR1oB33RcRO4W8s3xhCxbyX2HO88tb5D3gK/Ll+klOkPFdV/rC1Ag2qIpVuH/UP7HcsN49/3n928FKBqjdv7YtB"
-            + "7yUMWHNpRMJRjqDcokggPRP0ol5cRaR9Yz9tXdZ/lBrORP7ITGy0s52LUlHebaO2U7XPi4eWCz7YxgRF6PNsIHd5jtHjLodd0HaymqXW/ttBgky9sB4niPVS"
-            + "4ZsjSV2zbmmx1MWzrZz2bitFTQ9H1DDWoqft9bju4VlTHFFT+AdwzDchw09YbypRD8d23G224wsKUtFQ7z21aW0EVISn224kwbGKm7G6F5FGA09cldWwfT1C"
-            + "8YDPY8ETMyvo9IDj0UNeccf7eF6rZ4K24dVx1EioRhsMOD/yigFB6yRsl6riLuLFF4g4CfucPo+6pkPHuGrbyqwXlAHCGAfRq0VXVeez5UmNYu90NRXcV9HT"
-            + "rOvTLxyTC3N3NOYT/VUxLiNHOKIiB4XEV+eN07TBbmqWPv7KayNcntexJirpNW7vys4h32CpAFmHEXzPeq6IriQARLLy0K8TeD654kG4uTxn2aEoV3boAPMs"
-            + "EbLWVqafRlciCWUOI+QWEujNQeZLu/vL6Lip3Y2wFfV0T0m4c6WPC3vCMkOQCo2StwHimY3X9fYAWyMgLqoAhXTloQ2Atyfc99AUb1mI5qD/BmERnze5QcmO"
-            + "TAOWs34xemwTRR3U8UbpU1y5S4iW9h5dMzghbLE3h8gwZATIRUUVpJe2l7HD1IPZjtq7J5f8WIp+50wpTzlevjUDqCvrg3ljDTIDToolZh1NAAQQjVyS0nGT"
-            + "dtB3OVN02yBgIJeRn9d4Ey+xMkROsijYmMi0QZcj/DR39GbgobOYRWEVj70KF2IiOdEJt122yLnAEXqF59NO3X6H3is+/DAQw2eIv1/HOI8VW0kP8SxTiI32"
-            + "JsaNmxvHcsk5PX76iorBWwDkA3PcW4nJ0ZwTsZca11YawQR1TlZBF25J+CTPgn2Hs8RMxlGjymYgZY1NuccZw6aCerhtdF1yoloiMmzB8g/cYKHjQqDpGj5k"
-            + "g86MXYNU8Skt2igEZaeEk0tGg5KUJ13fYqb2YHixuJf9HGOfkQ1Q6i28ue8scDRYzD/Jz0HiGJW3FwQDt3dBnDsbNq4PHKGWYwVtS6D1Qr2BAitFGv8OxFpM"
-            + "j4U624aLxZhC11uJEcdZmeJ2QgG1K20qLHsfUYwClUSmyVEh0ayUq86HnboYBaloS7wHTJVRdfM2XJzYwPB9Xu2B64+4r3WvmfFkTn4mKMakgJ3tCOjjVK0l"
-            + "1J9WxGx2LntOvKKDtLCFt30yitc1RZ9qiUm/H/4tr/qRJ8JjXfV/qf72+C0sRJsoF5jyo4wI0EMbf83bKwWyAytxkD+rpySteiOm0EKJwIPJVo8UHnh/q6jt"
-            + "kFSCyvFICHrCDgxjanrJ3nS53dYrI8zBerJwEi4+KenWMCpRElnIo+ddmYie6HF8vQqsng78nOQI629hu9+xC0Xr7rBTbHW1poGi+Gbo2m9epWZaQJRCkP3P"
-            + "9+bC8k7f07DmwQVuH+Exzv1J4LwudmsNSu1pbOB61gu4BGeqfYFNnxa46tJVtwL2nB0Rfb6cyZ11tyw1CjH5o5yu8ss/fRKdiVYnpflxDV1PEpznk2EOeLJ5"
-            + "ywpWDo724uzjeAfwMBF9eIKdDqMFDajByCYhDr2bob8Cc8s0zRhI9VkxIo7kfWfKoFUieWDCteVMuyoMkQ922hrc1ljTnLIU75wtDB2LqY9smwpCRHXtLb/P"
-            + "84MZY8WVIRA/7SXEvjdyOuCzckKesROVZ2JROk4TWXWeo/PvyeIouWKD59KDz+PHRaW6GABn4gvmrEathxsSLxwtKj0TDaIhAqsI9nic8oyjGnJaVLqTI4fu"
-            + "SzkHvjMvFAyUy+Y9Vw65jWzmqTiFgWZTCpFnw8qaDF/KiJETYpjVJlNLfegYgKa/sFkpwGM4kYep91B7uL5S1G0aovY2dg83CGuiUcVgSgl/Zgu/yi7eeltX"
-            + "Okf6t09zdhVY9O+cZcLVrrXqSnBrQ24l12P2DAlOB4kkQHyYFOmzQRG7A3PC1cPZCbqkpGSqVT0Fn4CIwx/NKl0/Q71loKONKSSksfDAEP4FUcgfFMHvFfjD"
-            + "T39mK5RsH+J4v9HtlhZQ/LHNsWJvvfMuo6jH3Y4eUffrjG3QlPS9soCcEPNse+pC9MXxTnRzTuRZAQfwVrAS7OcyfIFEV0BGDd6zVOpDclAj6R4CBvtVQ8pm"
-            + "26v2hrMfR3dkp17RXvyuKZJ4aPyQ211pQi83sNM+AYXBE572PAOzSPolbujRcNtRXm0s5OypQA2ZVCM+8A1+qrlRr6lOPvClFdiJOjPRc8utCC52FTbqh9mA"
-            + "i70SbSkN3SrGFYr5iauOyFpXp7UB8D2snPBWCS2rB/yFDOy0h0p7+VLui5btyhf9EF0vrSzDW1EUtXXQf3UDRdUL9vETia7Jtr/gFztrI34i1FWVIgRVBYBr"
-            + "rdNJww53iXqk/VbDHg5a/3S51gWA9FHC/0xVQO+jWN2TqXAGutXIdp8xGopgrwR34IK8iCGhWM7enrpSuB0jxNfe5EbJkpTArsNZUx0yXsOXhCmvr52mP8Un"
-            + "tERBrYI+EnGMcJYoAW6K1O3ONv65j8Bx4f8gVjtAlKx7+PUZJkle//n4i/M9vMUui5327SsiYWLqsPEdykjn95nZRU77hkJPazv9ovS5KOK7H28b81PZBwEu"
-            + "HrkyDUtJybMe+CzCV51fOHdhMkQf2ETbSi5Dd0fR3y3GAheaZBYh4wnIlpCowUGJ6biWTTaNn6l8pKE/iS7HkY2dEzln3lBIAM2H4SR2dXYrF+/RSQaUaJUm"
-            + "F1FtDWBG3n6YFMDpP+1168/1h48IfZlWc/Ojqn0Lfb+wjz+Nuno9pK3J6ClW8hxYbWA6dvXDn03C6P3ntSsauLl9Sy4Iv+jTBeWVR/9WsgWCwhhGR+FQAS2U"
-            + "6D+CcG1Vns5ul9+3xWLggZaaLui/rsD/4p371s/1Pj2X+VC3uvETC5H1Kf6LjrR+FtkRKDU5T/HzbydZvpd6cvS3WL+ZPPov7V35bDlR6a+ro6MojCx3Q/op"
-            + "lanACsA+w+oUZgMVRwhfcxCQxdGCDg+eHZp/LF5U8Ys/HE3xt9ht3trA13nTjSw1ahPNUx7Ni8BUNIF5wkyAC179AmntlQBY9ixkNKtQykaDT72zbtWskCNl"
-            + "phzGL6bOk8Nxy+H888WBnC2VKDQAm0ABzBHq3H6iR9xzbBr5NMEdBASFfFHtmPgN9GyW3rbrbZuWpiSO8vtaVVGrv6AgV2PY/2WgWWvlrtBABhwQvtYD8wIV"
-            + "/9MGWCoW2qRoJyeNZMmJ14LhPauArhdzUcBVrbGqJbIUs9uxVVeIQHThtG7ms2vZkeufuQEWcClc1rfIdyb/Cazalclvd/RXYgQj81O9iFHKLwOZDoTYX6X7"
-            + "D1UFoMHVypOEvk/+W/UJBJBSk7I+1OzVsNUyLCcBfBIaBMUP5uIf4DxHWFM1+XYFCnp9BykmgVrPIuAKH9OWu31K3E4ZrY2tWk975whAXiTcTjeZWZyAHXOq"
-            + "kQprr7VO6QYB5OvGrsE939LwA/nE4bFEqJMCntvSEMkaT556lvMOXZDj+WjxbJqfnbbm3ZcKOGa09AnlHwf/tV91LNzvA6PTG+saUE1jPyfn6Aj36y33JyFs"
-            + "L25QfylFe1L+uuxi1JyLze/NrmyOfz3aTSP2Hvsjy+5TwtZVr3TUGgvZCzKg8NFx5yqpTWUuX4/tNzUgF560yLwn4BigUG73C99x1wSySfbo1nMXLQmyYWjo"
-            + "NX/t6lnjHdxLCmAtwrjXdYmlzyAxPNns/eDtN5x5scVRUSj/TwkLX+8rIlmJLdYTPWoHbUBhc8WM/Who6SlWDjiXCIa5bZiH1B7B9qy0vpHr/EqOLkYI1vbG"
-            + "45mTMb5+RyLt+nuq9p5xfRmZploXyXVGhbInUYFBpd2Fu7F7ba9K6dn4nJx36wx5nMiX+kcsPpHUmSujzpMOe+roYeFxQXnwUcRBjixB8+O/P/dkkzUN82Ke"
-            + "kfX+rhkPTvYsJ8NfXqOT62LUbhD3s/du7T6vxgGY9VQ57kG/wK3m1+CFoc0ddgvhMwJEZpyv40qz5+74WIlPvwMCJdquRWpcHuU4LiwaGerOk9czYk0uqXY+"
-            + "XEW+3wGpWoiSxOrNsPEXSB6ygf4j48x7Iy/05F1SNt3JU4258eUtbX3YoKe/uFoOepEZN2PfeH8w4lIXm7jLXA9hifIYrsipYf5KTK9CDkcoMxLEInYfcojf"
-            + "ocnQFe4G874P653rfplFr6EXl246Zs8OgFR5WhGWBn0HoXr/G876x13ikqq69t36+egZHtbNHurHmR4Dc8ifXpw7frH4SE1bARkMyzmlxTAKktCAlwp2pNCe"
-            + "eUER0yI+RbklRDf+jsVHoLFG5E/uNF0o5DEjV+h5R19Elvs9cG9iZjvDlVZCMxJdaqH0RN0fJs2pHqi0jQrWhoDQQSf+JVAPFbiyhulOYxx2EN1JbndBkBTq"
-            + "9lFx5DF89qFCI3qMZDbZ52vFd2Nt3csYha24V4wEXJyEQtBzzSiduynbtn9D8ydmQTCSEHbwH2jQhWOuoSwA3kBXW+v/aGMOT1QvLlNSNvRSgLUyrO3dZvWv"
-            + "6xVT5xUgEg8CuLSHZB/rNyadpkNpL8aNKz9J6A6hCdt+lW7gnOZPX/WYNakeZUJ8LS9hKxDzlloyTiTZLDePkrWg4kIK2pGdOahsN5AyAiSkYBF31pntjvJn"
-            + "n2/bDFebePlLQi+P8+mwHJ+95GrXgWIB1k42bj4ot4fB9sMql1Ae9g0xA7u31430kUOUQFkM7fNOg2zMHXh3Iu0qd50hfTDZyZuB+Up7fizlNpx9ghwPUyam"
-            + "tLtWVN1nLedYOc8iMnoNCS+/UN19fMxd6n0+5Qh16sXr+vssNRzoAQpk5/s9X+Y8bjPL7h13xiv7MTbPgi4OFR+3wqNM98rrtSGN+dhbg6FX54XdwvdZiouF"
-            + "4Vc8NGdIyBqSQ69qNnneTYKJYGrAjNUorAmNBxKj/5dQHUnLKBCiSikLskQ8xHerun7mDlJRAYRjwAUIWZHHHYg6JNsE/FjLkxTWsmCkBr47FwhiYpPCs5YZ"
-            + "betlNxm8TsGly1Na+f0QoUgqWJa43g0nkxfSQDWLUSY8shWBKtzDCS/XyHEY3jq8bFQmtHMi7PKHwM1Mgd6C9RYR12tCSJL9CUkVIeJWFfgImJpC+tKQBL//"
-            + "cK41ZpxdLlAjoZXxj9Ky79h6utEHc6/1jv8uBKibrBJmcHNGGro+3IBWGoSyMXRnwbKfTzuafXJ3BvHJQkN/lEoG6wsvUQ+4vjo/pplswd8vJTKERG1nuB+h"
-            + "m9CEvkXyJ8LIUZmDgKq+x/cg/FjB7M6CnNie9x47aIYrvsj8fsEANOo3ma3Ew87dlY6nkv0F+BZec1th3s9kH48PPyU6BpAH/xJSkmt6FQKc67CHfaadrPY4"
-            + "wdU0NHqXxyGBeUyxj6ulcnjQJFQh5E37CcZkr6rww4E2Ha+L+UKF+k9+AbpDBm142hy4Tet533ryZIfmNyxWTdxMWwE8cmLZ2mO2Pk6mpMJOAyMyw/vuTlx1"
-            + "oYrzuGG9ANx6Da84k+A7wVso3PrkF4e4xNor+CRAVKZBFByCHh8q5lwIYEWal1Ix+rpJJaFt2dL9vRbrtKvZM6EjvGejOlSYDft7/KTJjAYHjrQVYCNZDJ7U"
-            + "Xd0wz2PMEwpgTQ649GFe6vJnacbwbRF9NCJ3sljseLef4dqdtO65dc+1wcqCFaX1khlqvIWdZGgS1mRyWOsy+BgvjJbTSRVGO9BEUId9pRIKMsJSJLQHt8EV"
-            + "VTcI7QbFRvq88tkXH4h+NasHyFtG+E6AqFu1A9cEat5qyhrIQY6kOnlGPQBIq4i6rkvGQL62EyBZiyfaOVoKlIw58CpErpH5KQEfbfArgWrifUZoCIzFlQnv"
-            + "1Ifjk7ak0W3K4y+ATdqxekbr3nnthW7sk6ZD8lHIO89ksAJD7aBdVHlrGloff7IrgnpfXSMuvb1YXohbkAsOmWdVH1JMi+9TYiAUZdKr3GETKfOActXtLcF9"
-            + "go1R9WRKVXHBiBQeU+h34Y7oJCH6MLweMcxdT8RrfjMSyLtVy+z/bJWhfTQMijoqUUItckhJmAiNIrLcFjIRTC7GkQ108rpbpurm4BLaXvk2dTm6hdPc19Nm"
-            + "Y1nZ/1zPdhxICK8SRWTpzivCa/l2a5iNdMUvkjBzcri2+UlwmvTooK7hVoLAoQHsBcoXlVhurVVjbFBmAzHfH4MulE3Npr1vsqoNErCCnIUtMphWgyPGr8Dx"
-            + "jP3HBFU5KeD1epOaTxqLtbF2d/qN0cf6+ttPzJ8dyC+6tpWQse6kThQcQHW7UwJJIYo2alsIAOOyCb+fRj2IqiZCzG9ccJppjVVQnYg+/ghRgsXqBAz5RDYO"
-            + "yMzfSDeXb+sIUqMbrSjvaR9JU5dArTYqGuHnPjlRmjzf82P35BB/BWCzWbxz5IcuMRHoVwMitnmBJMBbOFse+Zgik7UsrPMoijIKq8FO+qJMjXjIYIQ+xyhO"
-            + "TvofB0yIwjbJgp6dedx6S3gjiaSmem2H7/6rYHSqaN16Wk9tF+YhB9Yb+2myAFY4Bv2zyNZ4M4mj0hcTh/lusNROYEhghbjcw3cEzq/4Ghotdi9Z7mGzmI5Y"
-            + "nCVT1cctbhL1D0xazd0cZI3PprjdiNFrCERi1n4zUXkQFI9fgHjQkWrK74jFD/7ahPi9E8H7YoLyX97XErLok1xMz0XU4ieSetD9Cy/m1Th5AogxfCjNBWQT"
-            + "iJASs+lNZ0KIIo6+7JeQxeif+PNRtpaODFAZgwbHtFsC6WJPAfZJE7KvoiH95xrv6GeuvNqVNOm9ElQ8lBmMzLZfqSa2WvLPvYRNqazHxTHG2Re8dO26eENS"
-            + "FAE3aTjMWcDf0/v9vWexyAfYqmorTEZDK/kQHvfvD4/9SkYuLip7O21+10sUnvBLsEQ7s4F/CqKnFM7LJb+PMS/g21MylF3O+BDuyP3CqtKVnt1mIAJ+/mSd"
-            + "dmNodBo1W/6R9T9sdVHXltAvuJ8ZbRz6zqtmXyNjep34mvMLG8QO0PvM3BsDFifdB/QaCYnwcHLXWFU0+fL6M50l4uhTs+6Yip89YP0rTYjbT55mV0fDaNgO"
-            + "heTErtEi8Xj8ZKGaFE27N6DSwn2PPNJ8XXbZfm83hx9OHlYe4WGPRHbvYq8KEQvMVvfY5+2Hwll/SSwhFRpykZW8ggJsQFiddKyfprsRf2DKXEWWEM9wJ/PC"
-            + "zc3+6RGwZ8X80vJJaRHVWAEBMIcqVRwoL0ld3koCDxBbVTKOWI2HOWK2vFyHib1V/F212wjIq7wNz1dPB/xyVpc5knURug2eaQ10GcUKK+LcuwPcKum4AB5n"
-            + "QnFhBdWxch/bFSoD8UPk2HcHm8kRjWxzuvu8mGNYLQD6V5r4J7pRdii8ha4r6ftHK05N0/8CP8yigtR3fL84CDeX6geLHNWNMDG+UYYWgsv90CyPWUOE/mwh"
-            + "sla/ME8B98LJLKykN+KJbeTQMu9vJ0PBlW3+xxOopWstnSsH8ypskHTLmT1MsbwlJQ/89XSsBxUaC8SSIOGZ6+CQ0elsjmvBeV7u4UMdIQp8AEv8JKxGwbM8"
-            + "WMJOIzuP6ZVucHRpTf3SwPJ5pQC/MaXeLJbyeQ1DX22Q/+P80M5XcLC7RQ9EHcBxN6ks8icXUVdIkaS5/wbuy/ap+WcwzC9SZufpHqxdVccnAmEswUHKUmyO"
-            + "tS1tAdG6rNNUc4N9P3IWcpcF72nkdgMASITQS2c9uTAf5kWFNSNwQ93x+eRM+RICcOM=");
-
-    byte[] expSha2Pub = Base64.decode(
-        "ICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6Ozw9Pj9AQUJDREVGR0hJSktMTU5PUFFSU1RVVldYWVpbXF1eX2BhYmNkZWZnaGlqa2xtbm9wcXJzdHV2d3h5"
-         + "ent8fX5/gIGCg4SFhoeIiYqLjI2Oj5CRkpOUlZaXmJmam5ydnp+goaKjpKWmp6ipqqusra6vsLGys7S1tre4ubq7vL2+v8DBwsPExcbHyMnKy8zNzs/Q0dLT"
-         + "1NXW19jZ2tvc3d7f4OHi4+Tl5ufo6err7O3u7/Dx8vP09fb3+Pn6+/z9/v8AAQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRobHB0eHyAhIiMkJSYnKCkqKywt"
-         + "Li8wMTIzNDU2Nzg5Ojs8PT4/QEFCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaW1xdXl9gYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXp7fH1+f4CBgoOEhYaH"
-         + "iImKi4yNjo+QkZKTlJWWl5iZmpucnZ6foKGio6SlpqeoqaqrrK2ur7CxsrO0tba3uLm6u7y9vr/AwcLDxMXGx8jJysvMzc7P0NHS09TV1tfY2drb3N3e3+Dh"
-         + "4uPk5ebn6Onq6+zt7u/w8fLz9PX29/j5+vv8/f7/AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4vMDEyMzQ1Njc4OTo7"
-         + "PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWltcXV5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKDhIWGh4iJiouMjY6PkJGSk5SV"
-         + "lpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+wsbKztLW2t7i5uru8vb6/wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd3t/g4eLj5OXm5+jp6uvs7e7v"
-         + "8PHy8/T19vf4+fr7/P3+/wABAgMEBQYHCAkKCwwNDg8QERITFBUWFxgZGhscHR4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6Ozw9Pj9AQUJDREVGR0hJ"
-         + "SktMTU5PUFFSU1RVVldYWVpbXF1eX2BhYmNkZWZnaGlqa2xtbm9wcXJzdHV2d3h5ent8fX5/gIGCg4SFhoeIiYqLjI2Oj5CRkpOUlZaXmJmam5ydnp+goaKj"
-         + "pKWmp6ipqqusra6vsLGys7S1tre4ubq7vL2+v8DBwsPExcbHyMnKy8zNzs/Q0dLT1NXW19jZ2tvc3d7f4OHi4+Tl5ufo6err7O3u7/Dx8vP09fb3+Pn6+/z9"
-         + "/v8AAQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRobHB0eH6oCyxVnw+pTAdU/b4PWLQU4M29Fe8TFHP+s9whN/N+Y");
-
-    byte[] expSha2Priv = Base64.decode(
-        "AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4vMDEyMzQ1Njc4OTo7PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZ"
-         + "WltcXV5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKDhIWGh4iJiouMjY6PkJGSk5SVlpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+wsbKz"
-         + "tLW2t7i5uru8vb6/wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd3t/g4eLj5OXm5+jp6uvs7e7v8PHy8/T19vf4+fr7/P3+/wABAgMEBQYHCAkKCwwN"
-         + "Dg8QERITFBUWFxgZGhscHR4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6Ozw9Pj9AQUJDREVGR0hJSktMTU5PUFFSU1RVVldYWVpbXF1eX2BhYmNkZWZn"
-         + "aGlqa2xtbm9wcXJzdHV2d3h5ent8fX5/gIGCg4SFhoeIiYqLjI2Oj5CRkpOUlZaXmJmam5ydnp+goaKjpKWmp6ipqqusra6vsLGys7S1tre4ubq7vL2+v8DB"
-         + "wsPExcbHyMnKy8zNzs/Q0dLT1NXW19jZ2tvc3d7f4OHi4+Tl5ufo6err7O3u7/Dx8vP09fb3+Pn6+/z9/v8AAQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRob"
-         + "HB0eHyAhIiMkJSYnKCkqKywtLi8wMTIzNDU2Nzg5Ojs8PT4/QEFCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaW1xdXl9gYWJjZGVmZ2hpamtsbW5vcHFyc3R1"
-         + "dnd4eXp7fH1+f4CBgoOEhYaHiImKi4yNjo+QkZKTlJWWl5iZmpucnZ6foKGio6SlpqeoqaqrrK2ur7CxsrO0tba3uLm6u7y9vr/AwcLDxMXGx8jJysvMzc7P"
-         + "0NHS09TV1tfY2drb3N3e3+Dh4uPk5ebn6Onq6+zt7u/w8fLz9PX29/j5+vv8/f7/AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygp"
-         + "KissLS4vMDEyMzQ1Njc4OTo7PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWltcXV5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKD"
-         + "hIWGh4iJiouMjY6PkJGSk5SVlpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+wsbKztLW2t7i5uru8vb6/wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd"
-         + "3t/g4eLj5OXm5+jp6uvs7e7v8PHy8/T19vf4+fr7/P3+/wABAgMEBQYHCAkKCwwNDg8QERITFBUWFxgZGhscHR4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY3"
-         + "ODk6Ozw9Pj8=");
-
-    byte[] expSha2Sig = Base64.decode(
-           "A+k8LRbu5H1MAwuOS48aX/kVbxXUmiVyuUYC4M5gbWfn+kuBYmUDALVXLdJn5IQipi+Ff0DtaSA41Efyo6ODWdwxAHCic7Fb8uRBq0+5wySank8ZtAwYWLqz"
-         + "TbJxqYzqdb7W3lxiSwhNsw8B66LqDDtSM0jHp3fXPF0oTc3Wb6BF4q9j/gD2LAk/jq+UTiRzn5ZMfDQ+IgFO34r5jGEVL+nITT+5g5Ig3E1D3ky2uK2pqV0I"
-         + "RYDRrEPXkgS9mrlimWFFtQplgvnPQmEUkjhpL843Qn4ccQUz7jie6TQaoTrOU/Mxp0bnXlquIuHHTSmwBC2luYtZ6aC2YxKELMVfkyIRI2TNho18LXpwwnv0"
-         + "Wnfolxg1FPxHHG+jSJlpoPTZJ3OyoyuoDk7WwSVOt80yag187Yn6bnkBiRY/qIxfArcZiUMKu+bl2bj7rmK/XZrDlcu2gRGMN0XvuYqnBRMb8/ruCQ7b0n3h"
-         + "69hEFZNJpADusCZQwiGJLGQgXxFi+hT1nanmLeGuzr9jFbyBZPLUL2J9asgBk5ejodVSEYwzk038RqZ4sSxDyZSUUkajJ8yeBbqqehXemu4G90KSssxlT4AT"
-         + "9XUAKqpnqpWynASfE1UDR75FSoyFqCAE8T6fdyjBY4IxDSdNvzuX0I0366C35b163Em1MQDUMY4ZHpJ7GhnOfkGT+vFCNQDAnLTQDbiIDRvivLzJ7Oe84VNZ"
-         + "izvZKgDWFK96pWIWTRjZ+oy3TUIF7cv/nBPxEorgv5CDQFb83hi5bMSnOCf2y8+7sKIbkzQJuQdleJu9nA39Um6t2KMR0dyg1sMuSV7CIk6y0JLucqtiijx6"
-         + "aQE4BeKyE42MlZB9yRohbollp1ZOVYy4056+e8tBwUCoCJBPBVY0t/AvOpOsn5Hud8qCmN5d/IWtY9ymKazXUbyawwDXCb12xmb9Pz0tFRItFKgkd7g5JQAw"
-         + "NKhBVLo+JOWG0SQSTKUE5mQW0vBeh0AZBEagBgg+00YNN3OpxIy7Jmj8/1XxrLrWOvCuk8RKrbtG43jXyza5sNiSuytFpEs4EoLiC0IzgC4McfNF6Vo7fuQo"
-         + "XbT7SjZ4NfMS74VagqmR301yezJmQqcwKH7CK6HL6e7ARr8x63L8lYYKiYMnn6ZzIab3FMnAxSsrxd3cJaWYOJGe976pGUTG72MC0/iIuMi9LMGr95OiltzD"
-         + "E9/R5QMplSgfpTnqbbczB5OXGXBIJi1a6kGuWTXEZxtHsBB97AjfCl5MFd+n+MLwjH15Id9h2VAnVRvA3eHHEY5iAhwBCzSuljOVupB+0yOXYMVBytNCdYJm"
-         + "vhW0bgmV3LYsgvSqz+MVHLxfoF5zpE/CnWvw/sF1MT3TJDVpHQn4xNCllje0Nn2F1W35ZI7TZ45JPyJapohGLbkBymuLJrySwbX5G2dBAHWJ6QoEYA+Ec91y"
-         + "dWC3nrac+s/zDMQAvJuHs+WClVYboPQ12p9N9+yn0MNVZKVO0HEivH/rISq7RIZRqyjbvS5fW44fwBIyM81wXR7IZJdPOme25DvMphlpJobsmwTmt8DeenwH"
-         + "D7B5TevxMraJdURTqNRA15EuTd4foKxJDaYUvgQW728nuIuXtxteaevKkWKA07ga6YBPix+GHKOGFNLJaM+gfBTx8ZD66iLTVJrt1ZqrqmrUpVV64JTn27Ls"
-         + "Kml8vWPYdrSoq8krxQbs3bsSw4RCx2k3i4NgjWJ8dYV+4sjdsCxgBB71FZatbcaB+juvYlPSF67bTCa6zoU/nswYT3j530bp5Oi6b4078lL74Nctbk/QgggH"
-         + "yhcgbWiQNS0+Cy24b5+leuM9y00nz3hJ/s1IMb5k7BTL59Pw2Rwk+716dAc6E6M3W0kaYRs04GYBXyzdoi7a2Z5SRhGITnkFLmYWNudVHnMWQx0mmPq95a71"
-         + "NcordtSmTNWHWEMaTZCRWYczIAlzuZ6c2I8Gqhfq6QzcofWvvcNc54ng6WSibpr2Rq7p+o47yGaaW4JgJtolSTSdgEzeIPuZaVY/lJIgW5olDGdBUET3Fgk7"
-         + "0zX7jaNowBw31Ys77TY8V5VexfUGTsQ83dV1LUA7MRqFpcnQ4u6FC3tI3WiPB4828RPshNncqbvIACFXdmFk5nZyfWnuVlgWahfDvtVWzithkBcHtEmH444p"
-         + "L8O8ysKVgTWyV41/4VM2g5Oamd/oWG8uSqdX+5E8BOKGB1adY3Sz+bWViEtPjlxuC9ZPezvxYtEOkSRaXnMnvaSYr3ydubqyVYnGi7jVQoQcPQ7SgWXI6w6L"
-         + "rZdftZeusbUfplVZBu66xwnHchJs7auiBfVLEVzIIhj1CPBBZwoHDIxGlBgFBh1Ofc6jo6YEChuZ2CiQaCC7ETGJsTfbBPPrg43CPR0Hd+oGCd5OIAc75wmG"
-         + "mBf1N47eRFd0B2fLNUsHuRJQmclV7NPUilYJnIPS2IUdfYCkkCapGeeN+Dqgn6FS0VRGf9KVqAH7w2/tvl5SjtIvEej8po2FdrZviB2u4yw/0Uh9bbF4nxVO"
-         + "mVH0sODFmHgDEJk9RY/rmdm6rplLuOPWb68lay/4IgO5uV3LO4VRbVcGQDgn9OeGRsbJbOTkmyR6Fj58CFzS4Yfyzi+DJnmQH/mrGjZwycUn7wuVRPsZwzBP"
-         + "dKVELVM89nsZcqv2k79eHYQjMsoN6/pegOui35kSBDDEZla86Z1wlmQf1qE3yEzD2tePmGqwEBeeoqoG3xuqkPOuAidxsHWwcR54d5fV43pTQ5P7bjF0ILgY"
-         + "WHAycgHE9RziGyzNaE0o5iXcC3vCqp9SyhAycbIDuJsS4v8FfXevYF7XAt3/H+xFPGDBAstnHBZKXW4P5nhmUpafII57yRNONZtYAu1inVHlv72eb574XOVD"
-         + "cGjcECUz99GjD5Bx+3YskmixZ3uh1/MaNyjqLjplJZMIzcTKfnfYBjAMvgvkDLPr/yl0UE5rMaW/SwcLKfmpIfs1eOz1C+g60GZAIzFFDogTycJayUBeSgi9"
-         + "mgKa17quSGqKiNcYNe15sMdho2GDp0PVLg4RF4xwQo54AuryiTu++I+YArZxQGvPzwDdu42eqj3OaitQ8ZltmVTxzKA8exfqc++aNUMsucXvZxk2q+9907C5"
-         + "1B0W0643KFLUUiQ2A/SyG4okJbaLZ7aqcmPYRHVO+N6Rkza+hIUMV7+WiQnQwJFKWgyb4nqhimivX3U80HBZvJ5H8xKtzzoE4zV80lAbPFvORxT9HGwzyaSv"
-         + "N0sFpK7cLinVAPVVaJe5WA/jgwNUQ1cAr7s7si76/4MrjHU+boqaEWcGVwfaN19JbabhGd0mw7iuvWYlf2Y2Tv6lj/5CAt/0fCnyW7zndePt+BetdzdPJ2AP"
-         + "MKvK7EgHcUAe1C9GjIHeeBnrsxAY6+HnEmPmBw4fZ1eVQpfSHV5tUzTVLy6QfU/IlnnWQfLtkk3szIbBSFUI0Uy5YOYb5llMoPXKD9aOpXMDn4T7NuiomJZe"
-         + "RdBp9ujdn9GSv4e2I5jhxPTzN89ANVgFxpmQKAqjaLEMVNTOQ8uKNn3MMQ/bzxHOHonyg3lEtDbYkLcJD0p+Lkr6gUT52rC7FEphngHUTAFBiVar5E3eW5BF"
-         + "61wLIMvdbZRiumB11Z+aHLuLZTDN28zSLyVuRLLR8j3cXi4oWSVdVgdkDiQsRpZwtT3//uPlkotoZEYSUKlY45Sqao5MMU+z9XW5hZW4ovF5hrRsi/8V077U"
-         + "9nnQzks2oegxwj+FMHyywzrd6QwgwFef/WDiz4McqerY+U2Ve1LaIsvmoJQ9MjuXHoq4213axWmkz7dIznb99psO3zmKnW8U3WMI/huBi9lOVETTD+0kue2z"
-         + "vDQ6z/2vRQdIcpk87dbQ0J8DuZelxQAh+Ogk59wM7X2kvd0LwseWz6RPh8CxDmTWfRykkz4UrCe16fn3QSamvN9b7ZpnNlJG8voCUqHWu9LCDPLe9JLWXKLw"
-         + "Z0vnIrFALTmzP8cRiSGg4bz+9doOUd/AZ54bvUntA4yf6QsUtPI3ffcDM1UBazhINpPcgYWDJ6/jwww40ymQ4SzyjVu2DE7o6DgrNg6mmj+Fan1tUf5gqYVA"
-         + "gCLsvodVVtX7wCG2n6c4NFWPsjorkOGAmfY648yr5u1zOI+dCosMgcnWdQFWePdRMJRLjgCvjnWTMfK08My7OuugV5P0yOlzFHf7xKUOv3c+KCE2XxL9ytSQ"
-         + "nKV2EqifHnWkd/sYezBMJYWoee8c/xZcfuS/qdbdbot2rIVXK3rq0+JNLexugOsei3h8PZkqtgOlOb2hTAQ62s7IM8W2WvZcb3wAVubzv1dEOQg43IJBsXhG"
-         + "o0kRbgM4zYkvBwCFEBXMsPYvczpYrV+DyM9oolEH2dk8NbK0Je2FP1fgqBq7pCKJ7/cmfr3iHWBUgWq0k4x30GkXBxQe4cenBqebVBnPFFWP26v3u2K8w5TR"
-         + "dFFIAFYC2V9I5rqVdn3ZJtMWV178yddKNKZP+URA6jbB0/GMkc5+IIVtm6IQRPMT4hF3GQWBqpjvUyExzaLjNdcIYGpbtEPJhpRqu7pC8IvWF9pDUb4bGozy"
-         + "bbfdpQtOIfpCAaCVa5+IA7hZiud4LEJyLFde+82ILqBXk/bGaBbbBZIAHT3adoTQGnqHB5rYQdkvuzfyjoA9ul+j281rrGB4UH5Wjte4njZDaEFBOI6sqLZJ"
-         + "uhBNP6JA9O3EiUzXRNYjmIY6ESE/MkCWFuonwhIZPjNL49IhHBbPAs7O94LSnIAr+zDxMpEOVIy+a5QKHQNoeGruAlXlfCMtm4PIDwUvMMxS+E6taYrnzhp6"
-         + "UTUAVLxwhg623vtW6M4JINF/ij5wIQhqkJTSsPKR5C6SS9tEFnHy7ozHtjGHCCkvvwbU9/Jhbj+CKFXENmKUo5LtqTSIrjcg6EQ6d+7UCxE9byikBurNsN29"
-         + "rBW+d/LCKvIrXTFXwz+XmKiMfw5iLosV2Dq/CdzHALzcPL4gqNShTfg8eWKfiY107/1u0qXIM8LkmiqdW/G+bpxVqzkaNcC80G3f+zKVQmuz2+mE+yUOeOOH"
-         + "5bHYUnqiyAvl1SAkawh/QFV6QMT/kq8BAXp0rfcv46i/rXDmk7EtU0OzUmNfJMTpelF4KO613+1FTdwYu2HejlVdS3DlG/mSCrAyaTtkZDToF+g4M8oHnqPA"
-         + "9UjzsY3DCiJAxyY8usOIUdCgyXY4YaNFhQt9XSCwWw3VaMfnBZqdiLL+uVWp+S0c44G0nm00itRaCrL0rK0on31RxkwE9r1GX6luALYpQ5GSaSiafiyIb8a/"
-         + "5DXBWXEnfzY/fcNN7T4gmysPFW9Xz8s/t3LqTY4AqXL7B1xn8Y169TjFFMJAv50ZYicje/n/a/tGI058J+pRrvsZZU4QG9qvOmLSbo0J7Lemh07WGKO8PdMC"
-         + "vgLdnMGV7EnBTtMYHoSjLK6N2Ms/8k/Ka24xcWSuW2YYODvtoQonM0YHsJFjrz67fY/h271GXbGQIYAmJsDI0mDJQj1I823jMgb+XM/ckokHJ6qUeyIOwjuW"
-         + "5YHg0FvbuXKLvAz97k5pWJXsalfQ4XbdVbbOKw/oVkAfSovrgxeE6kJ8EwSwr+TuicmBodUjw29n7qp0ZgbjZw50B997WcHTPRIsACmIjFTMDz5W4HQjwDIg"
-         + "Rl28sR89iBEZ5hWT0+hSMb72tnEy+QO6CH1i4EFlUNFZYsZYO/gX4d7ly4vMiX8fN9sqHAGaoR00nKrwbclcqtrMU4t5JOPpw/nBf83Aj87zPzJD+arO6mV8"
-         + "k3AExon0sxsMQrDgz6jNlQq7Ja9neJ37jvThF4pPdrugSFQdLXOwKAPH1BDnOJdKbQxi39E7uyauOocR4WjbooO/S9oZ+adLnStGkDN6dXzvCJqTH5L7msxj"
-         + "BTSKSKzvfmtO/SkyFjG+JyI7lELrw8ZHFGrCVDTnmB9ciiBmDy2XsOkYcrbYCxF3cLbb+UbryYXN0ECg9Z9h2OGfBKgo+MtGS9wR4vRguVikiLtTxEGgLFrw"
-         + "l6fmhDEhLwfuwf3HWf1En+0afHfT8ue7nBfaGfZ4f9f1t0ps0q3KnYoiSD69lNk6fTkMn3OXOpjlDwQciYUV+CXZTg1kRyo53JKnA+mdWO3K7G0Tp9Yw6OZI"
-         + "ASbh/xGCI0JKEIIVXvhCRqUqH1MP7iR2hyX6BTK9/WLt0p+mKmKldSHPciGGzIX/GEsh142HdiNDwbaryaDCtiQDRjzs7sv90JlC2lfAn3Lr4m8YBX2JKwl+"
-         + "jh7C8xjaJbAjKeGBLco3ulY0tPsLl/DsFQTOZi4d9Ssk9hNgAvc8P8VdUSd+4xPc7nPlW0UiWYqW7m6zw2kFOgpq6W6o2eOkBtcmtfMPSgGir85DkDJs1crt"
-         + "BEWRRHY1JXVsRf9Dbtf665oY2mGQdHyF4BT5B0LbUBb0cab+mr8FKYwPyES/ICH5EGANtlYKQQMIaGqaxODsfHHVRukFpoPhTUuASqCiAgfQiZIdv6Z2CPZb"
-         + "1JaOhK5dWcH20+tGPbxk4yfycVhCnTIUSaMFfEojFZfgXqgGNrUm+ecmCnW2xhYyzmgOsJUQC51uzSHbd0u+4pRXEvIZCHXq1Sa+6b/fkviXCBX9+pZKFLhf"
-         + "0Xw2Xss9CiAP9+PK71H0Cnhk658zUsIQ1y/+JVwSZrzMMPUxCtrVIwexufh3H9w4mTjGDbGgNPBqIxxgm6JJxAKZtNnQ0PioxAL+/ejSB8GffYp+h+ufvuAC"
-         + "WDIK7FAMFEOIF1fTpaOzEq+TnCRXYVEZJ+pn2cohAUtj/12e4C/5qguGZkXL2IDpL3Wj4HpOEKLHVPpOzw3lDmQFOGt1dCT0/aeM+z5Fu/yhUyt8b847LtSP"
-         + "cgtb78jqbjnlDguaArd+XXTjeUp95ccZGDlZb0zVeDSl0feHedPbEqRkzkQiFgG0bD4FsVGm9EMQ8s632rzlgh52JhP7915la9Rs/gQ5P5PFJpY/G+MdLq4w"
-         + "7gY+b5jQKQpDQgr2XViewy9cIeDBRplgkil/mzpjbZ7noEnTSjBRANfmcUiwHNfl8+SJMxg2EZ7HZg4d7NFOUzQEUKphPerwVm3OdXysxQwxOPRKO6AvuAox"
-         + "07gt4fqBuTe6R/DU7D3XiUTUNbC0l3GeBy/LhG5WklQTNcd7pbVc0y8ZSaaH+jqt5m5OBI6I39wMTYL2vRDF3/Z+B19SmC36j5lKQ9Ft57pw//VRjzWotJ0a"
-         + "yNfyEzo9a5GUOs9Y/NBgmxF1fu9jMGxuw42wbnJyAeMiP5cJNV1M0OK19rTx7FNKn4+65gsK6ys7e4bwfuTflH0bYGv2yxRP8usMsxZQoacKkj3mi/4quKZ/"
-         + "6GHy9mtRMWSeYivillW2ohP2JwpmO77VDoM9wc4w7mloUHndCfyrNtcARAmuNJz+mQSuM0h81VYqpKqDaOvTukULyYOiwOx7BIQ1b35i1kuhDlDfLOvW/f/L"
-         + "5xwkvsGQf31+MZtJl68X86ikrlRM6JdxuNPb2EbawKjO09O7WFRMmx5DkOlOmu0PGj8MdQNa8NJD0pZd9eHi/xxfunYqldYTXUvjcVZdGmlphkmSBKNeQ2iJ"
-         + "kv8edraBcXDdCvnmqC4BoxEOFqLlsEWc3ot5dnZV0fkVDmUeGGq7iVsJDW2239WFIWbWd0cqe+fIEcyGztAe6ZzbosIZZ1YyCrrJ08cpI66dOiDN0lpIRi0R"
-         + "LCUT8t49lIE2vn5UJKL5tmkbP1oKATVR6AKYhbAE4BJ9Mg8WPqu7ON0TnrRM62GsO8npOzHmA8dphgnVq9V3UMEFcUbQbJ7G+2lEb1acnOu+7kxf33LbfNQC"
-         + "u37ZdOEEoiLJ9u+SaglThhR2KMOChSDUscbxGanlJ5l6aMWPGlqHVkHAhhT6hAH8osaoXaDMqeBHWhHzNHKGDTk9iUA5B4DKSzsi0+OyBv7bKjzBNzHoFYfp"
-         + "rbuUXScuUid2dKJncaCuNMLKA/OYUTmtwHRqPbI3XAirOOhm1+VWtlm8D1ppxSNFdsdFKT3gO8kcu3UOiglpk3/6AwMi68qDD8+2ZqTxY/DsIvC92jHo+r1B"
-         + "R/6gNU0zywmoYa2yroyI6bvo1BFSiKPQDMQVAZNKtupEhKwL5bswmV8+B0cEFlSe7+8uunBu7VYoWVineBaanD0P72FW1QVChc2iwsH5Pm1VtNM8aYTtqJ/3"
-         + "gctBH0AAKE87IbImQ8XreMuUuWzO5nHpp3UTynJL55x6aeHf/NO5j47Q5JvnoFdx8uVOTYNbvWEBQ2Do33o6B9kcH+Z59Kfg33J1KA/uSHkwQMDiCCAqVgqk"
-         + "q9oO4wy0QXmI10HfNW6VKECobJ187MNxmUjG2irOwhOmZZvSbGyOCFGaYUbP+FRjzZkmuLdMkoV6IKy7Hv9WroOxhXJaOSu24F9+js7pMXr+xcN1pSAfALAn"
-         + "0Y6qC1NqANnRw+b14L3fWy15gaQSGI1Q71GZzw2GndM3/jfq0W26AQLpFj3KpwbkdcO5q9dKn34TWnJA6kwWJT0AlT9IV63Cnci//uKuMel0TecQohZgqWow"
-         + "PT2ur9UP50fgxRiv9/UsHzVUvNyjNuqF9lSbXxcemFyXgoGu77Zgp1WOc+m9MTsGH7+qp5eva/KbwpxkWmOoRUi3jyvowN3UWLvRkpj7tE/39tmoZhvT7mm7"
-         + "f8jO8S6VWZ954+1q639Q4GMNDYr1KRT4qFqYqSegu69D9zXFNKBqnDEIU7894RVMLD465wSKKx/LgTdbtgafNWfT2alAgKDiFnSUqahdqdJQ+X+0YzOo+F43"
-         + "PkyKt/5OFrjLegPGSOj7QDm23JoZ/1468PyTdfR5TjT772YBKK/ZcgI7Za5/EBEnGXYhjEGKSvl05R1vEzCt/2+X/g5ff0csFOUQWg9xrofMr+GsvXpNt1Fi"
-         + "7fpc1/5NYEoNLogpc5dmTGjRjWca3M2Ec9tE87S24i4Z+AVZ38oijx1Sfl4Fec9gmhhf9zSWQxr7uJ4r2lFf/c56fuEiGV2iJgebO1wl/MC/oSP9ezlHfp6L"
-         + "/zQRxBKzJRHEr+vQXBVpjKpVXb56m2CdF1DPDvsYADWUWMTkwWirCNkRUdYqoGjtGQrG8kv9r93/Pp3aJqqpeZoKv9MuOrdgCHkp9kfqjkkrGUgyPCVu0k2C"
-         + "zzC1eHDj6AxIQqhMNyn8IoxadTwQsneXTbx2CP7FBX9ELAt0IKHX4w5sXg1xtJqOlsP8/tgn8RQvh2DUKezVg9SEELgUR9EoCXCBjTdkqyvncbpluJJO2HjK"
-         + "v0zfMgbDlJHNi25YwnBh0DuevutcIIsdRaixvzcVHm5YDhrswrqd6/T8VaTS/02lW5V8PtjwXZErcKMwnmLQIDCL3MNHBeDnwYeRzgNKeoAhEmP6VTL/cWIJ"
-         + "hsUUDcCKvUwS52WrNMJFuSprh8Sys3TvQ14hIoYkm6etPIVVrc0nQzvqmLFMmYsN5ZLgFYP7O+Qjy6W8XEM8jDns+Sgl15r5izIG/OWfmdV2ozOMi/qoK32d"
-         + "gZOHBHLWItkQXVAyN2/3Cqd9OoafmMMIkAihSwInLzBDoDsfil0zoNBMs7cFkV3dmNz2qAusFFCSmBZhl+e9/oTf9I7mukhEkkJReDX3Xt9EADUnLxueVtuP"
-         + "i4c6XCEfevuOpluxpTS432EGFP32cPMYTr8LuSfelKlNlZYgqNnOGDd757aRCmoSLM5qTHZaGn4OJIHOYir/ELjOSzA15rOShF/C/TP7EVr5ZrFM8xi0nuxl"
-         + "2/l8jFT/jAI//tja4/vrsQzPYeEUUbW0LLbliHM8Du9+xgwpASN2jnp7WFEQJUzhuzhe1GfOtspA+OeMvWyDIwU6uJcCV4OFPRbMsl3WGKynAQ4ciRWl5VUI"
-         + "RDPnidHNPR/Z7gsLbLtjqZYsQaN4bv8ryoZIPwYD7guoBmuhu3x5Kmyasny1bPTR7YCVraTN5GDwPowtl1nfxoVzg+J57DmvMopzM6OqIBqWuP2hYRS/0mfP"
-         + "8FyEUCSrgKw9ggyqLoITb5PkvJu0BZ/U4+zW/4Hte05tS4K4I2j/lNuFbOJ6ODcrQKwzVz13qhIBSkVdg7pmT59B6gUOUHLX68g1VsjPfry3x+etCo6MmE5l"
-         + "LJg6AzNnTAjxRnAuOlHk0GSAKTGrfLkK7QqmOzAtCpqhyYt+XI2PEMjzNKVUf7yLGvRVFzHoItkBk5rZ4sNIvsR88epKF+KLYeyLB8Rhov4J7Cl5bEkr1H8+"
-         + "HGreZQioRj0LbP9PA3DSoOb02zXMjS8Zd5ReM8qQcnpkbl0O/2WfSR1Xwm7J3WEBlf+ihphZ88yRCKEumgiOHgBi2ikBhiVLw4rETcgIghwQySmLgtP9pJmB"
-         + "NBoxJXuZ5wy6hJjs9u53qRg7KahGXayI6c5RuqeQOnOwUNToKnHg1LYD+yqhUDEoafJ0R4g86tSGgs7RKQ6/hwINwa5SHu8Q9HyKKdss5EBzy+v3Ban7xXpC"
-         + "GENGdWUQ5hVKIhp+oo05x/XK4mdMWsZHPXHsChOFwsFGR2QpQ/i45ZGxBNfGtR/cBMIiqQJygcqy3HqSNk5Scc5PyrMAjRTM4Ety7gk0LjpuhzkDbjbv7vZd"
-         + "y+kkFjGENku4uG2vlIPV0ZEQMlqrit935kG7unyqpBkhaXhXOowf76kerxU29ovbWgwqTZay+uZjVaT75syhLpfBEpRfoa8nfT0V5nL0os9rSP7XjoNkZVKQ"
-         + "wMaE2wnrMo3n85IafCf0MWVxSiD0bcnrKfEeyNKy1AGULA36yknCFXqypUk+YBWNvpR+/3kUrC3AxHSo0E3QAJA6Qk8q/+/h6neROYS2zzrraYiTidBlykuh"
-         + "+/E8URW6o1UszKAZIPkXWQa/kwZaa4+HjZNtguyJBOZGqp5s7i0n6APaHsSi7eihUOiJO2bNJskhstwfCrCxhPqLe00z5hUP1PvZzDPBneK8w+WxYZt7rIG/"
-         + "NibV5KMT4fZLEWBYCi64l70e7uWQgMCrrHhrcig/sBnQ5E63G5vr21jP/X5KfuvcSuwQR50u91ulsrZdhJsFbeM0zU154jZ2GBRp5DPkqTsDJq1VCxiFhJfB"
-         + "DJZkjLV/e0YLORG66Z6/O95M3FZFdj3yZR7uuE2A9BwSkgufMLrKtcl9qt1t0j47pg19yTMK1m2YQqxrN5MyZfufZdUjd40SVp2Jk88NrB9B3WAW3MnqPrG/"
-         + "T6Aw1iRda95zjRLMjYHj9N+qtmjeaqN3+qjwxDHHMb05WN0ZPdiBtS12HpLRbR4bQT2/knfgWUw8kt7kJvTjKIDgmtfsgvwrm+Q7L8WjNsBvMrkzFyUTJ4QM"
-         + "mZ5bhK6btZ1POM6a13vjMn2AX8hxi/Fq0WGQN3MJZ7eXAJkBxdyujgAM1j9C2ImCL3WhVg+T06lBQLlMqfEAnyCYUJ036yLb8EYTAzX++ie+aauhJj7zvauG"
-         + "KT4DN4L7SNqPxJ2pYEDEtSUmT1Qu8JDcxvdyJf9hI/D23fc1/ozPSnvXf14bGCbkcth8iFtCSddOJPDTURK7Nj9GRRuCfvLCSEwzWEFb3rrBYlCp8g/Z7mGm"
-         + "2KsCpVUl6U4+8ctTVytJpLBNpkMh4At31tIEMMmvPnrNWvzsm3dtJ5JeQfqOrncOWx1yYC5hCTwTayJurFRJ9LXMvz00+IXMo+3xq5CCFrjArIwhg5EKXl2F"
-         + "HeQesLS3+HDNU7ot5zbyeTbTTWEKw0qLAH3539fcjOVLnnStRURbS26okfmomuErx2HyOEoLL8rQAYXF2O9ESwMaPoafaV0ihDuyu1LNF2AYwvunxhrHjnW2"
-         + "SxIl2H4lUBo4wq4yudQf94Py/bORpmxsb6csh2rdc3SWciWd4ufIFv4geyO1pL1B81suV39ys2l/opUXvdINOTjUuXhqDlSBEQOUXEGjA7oj0ejmXjI3Hcxz"
-         + "epP0MBSheZxzfJF8y4GhSSZZ8HHg8V8AlyR1GfQ+ZRwbSXnVO0oUNkXcsZtPJHKt4+/6Tkfg2cDeKt0ygBbTLOolG0hM9SXIwjNqevc5XJBkENSZGETHuW5C"
-         + "fF89E+R4SAQCi10Xl/BEp3HB/aJTzHZ4jJ6jy1kym1JQDsPYQY0pJfFyot9Az6J3CzZ7O0LQaw3zY3k9QJNzHT+gKXCt8kNge+iXkq0bb2BnIVj3T4bkOrIE"
-         + "RTb9kwZ8Pbxk4yfycVhCnTIUSaMFfEojFZfgXqgGNrUm+ecmCnWlQ0Ugk6pe+QbC9xQAeLYkDf5bc7O4k10fYO01BBtssI5uoXDCpQ+A1SbQKrNJvz+NBwGQ"
-         + "Nwr2EHL8P2rYeg+gUM+WJDBYhZR2TYj474eBgX3skGE1p0fOJsIyuN+OoLkQ0HSkThkIkYqxyH+sNUwIKyp605QN7DjQ7oNnuhcbbmtIO47FqfeBiyi6e2EE"
-         + "eGxPOxGsze+DvdimX4WHobVRa90KHcdcBVthhB3BMi6gmeXX1y2/F8I3HDAJqFhIJkmGzHcephUUeKTFfFKJXtv14QQfUXnUxmsDln1PEsBGXJn1zLtUYF5L"
-         + "QfIQm82qpcOZqOQAUYApw7Gtpe/s1rZpDHUxYeHU4zeps8gqnPvRwbSovJ8dulnhDrduvZ5NBHu9sFD8UW7Lc2A6+nU3GA5Z1/r7k2DGXXl20v7R2iPJxdhT"
-         + "feXKEom85RY7L1LNgOkJ/v6gWcQYh/7NYfP8P1ixWBeyyEQmRi3n2GhteVTRD3T6bsBjtE2kgjsLDFVZrxlfndk6V0oi/gD+CeRNxvFnyx5q0qKo47uHct/d"
-         + "reahGhqWcrg8b3YvaTEmk672YvLQu8Uo0DARNTNxmgVYU/LNuER+HR8ImZVFuCiY39eyWeD+qDzmViMlYnYnSiW+GI0l3HtlNyUXA3Cni8/W5P6jMb6jBTWn"
-         + "Uk9DhswD0bXm/tJgZAQE3ZcAMQAPadvji0x0BqdzOMygDKI6pvRvt03Lx4nI93zPh1WVv+uRE7LnYm1vPVdZ4wHv6qk0s6KaaIFXPqTkF/xnmWgQUjGTUEbN"
-         + "benXnSkiJ+uARI1fq/cyPMHwBX2jKdIAwbUYp6BCUDxIEfEA/+Jo2U469Z2F7YOd9MzVey3TZ8JBYGXLVGfofjDZIk/XuQrcinoK/CSUuOw+sgB0RerENwPT"
-         + "5Dy9zQS+gf+T6UI/zsBYpRyqYdOBvJ3U8xPov3Xhef/kcf0aFQqrHMPuLHBWRR0Hd6iCbdPhXOM96E3jsl9Yq4SsAXR3duvF9n/86TW66M7fQOkd3rrY+Bzr"
-         + "vELMwkouZApLD8mg0Osudg9SnKYUOwPHOuRt+jdVI8f6B/eZfJY/RCLGJLl8Zoz/XYEm393rKxlYOWw0sEWmiUDkNJM3ZGhARGr0Af+/3mzfdStZiLBWeUuw"
-         + "AFI35Towa+rG/aWnchw8WXzePTZMcPgMJ0qQpMZwbCUh2ffCLhDf3wNApZ2ixAfSYYl7H4fAj7cDbkhj6B0SseLiLCEuKdJRYNb41UqkCC9gRLK31yvF9ldL"
-         + "sKtMlC+PYBaQB+7GiZ6IpOrYRX9QB76kE2asuftQE1X2HJcKXpL2xPmN/MAnJMQSQWuRe/IousaL9aX4J1mA7TJhzHFLgi0p5dwoxj61YEEMsatliFTalcdg"
-         + "WVFkvseN2LBtHwtAEy9rQJA77m+KrpUoWYE8BV6gl61HanXSG+z0uCQCrXD0iwawtpqiWHgCn8C77Pe/ZbzTdten5kd/QsfFOvaDzUajLc0zwc2pfhBLQYUK"
-         + "EtmCmuK7ta0uuBUvuMiIXXIr22uAtTNY6n3iIgPhp9J3gs5RKUQmPU6aYFPJeHOx22Al7gAK7dn1b3/CeNUJXH3hjMqDjNh7V4DOKqlVN3/6gcJmXRnJSuj+"
-         + "9aCgTYQLpucPZBLC/sUvNZ4Qq7VIYfkxOOjUpNWd47KDM52LwkLItHx58KXBXfwVEt2lzKPTc37cr/g/KGdoI0F73eFndEp9poDVPZNs0JOhvU4rQRlWnDpK"
-         + "P4dnubra9CZlrT8MssJs2hsPQW4LpQSRQhG19ITXUYniLfB8lKaUlAVx89AIByrlTzAWpKs5ZL5yjgU4RmYwaUijzzUvKB4t7Anx5Vt/qhSB4fK7jizB7h7D"
-         + "/RHhSUE4qpn8x/Jbpn+VKEsBCBzLm2MuzCuusUKM13vfPa9B9EyEeh8v4JEZCaCzWXNzGA35bKk9PWdR7E+JN/3iE6iHAydAPFLO+45zcHo9hHCjKPpgJLSL"
-         + "wwfyTaAVPQv+T3XkiQfE+3WXM63QM1bkeCX47hSwF/ET4vHeLWljCmI3Y6JZm4mT6Kyj3SYk1N0Rud4L2zhiY4GXctuSD238Pnzrm+H1iHi5pM9InO3jXXk9"
-         + "mXy815Igk8Vd7bJzsuVoWKglTR7eHJ2qvjgmurqXJTWkDHCC3gMW51pL+PyNqsLpFLFgHqMVv2l2ICEwSzPCG2yuwBSgEbOoVt7KysyVnFrwsrhtCsDdOoQw"
-         + "bmgh4n7rJxbF/OYjf802N8b/vBhdc+tUhOK6PBucH3R5QKvaXxuVK462VizwIrbSHoqq4bPQqmP9GyoHTVzVn5d/jO3s5IsMHn3UyaDO6mLQwN7OsLJco8g7"
-         + "oqYZQokPsu9v2mHOsJSXOQsrC7Z8BXk0ckP/Lnf7rMoGBFafKmfLNTq+kEDNGobpy5AZyWDRuXfXNr1DvLnLS8ri9+eR0QONSne8Cgdn0z9Bda5LHrZ5exKe"
-         + "imBF6AC6v+6rC0BKg6vq1eOK6EX+hHKaACtKSVYttIAfaepCIIhZpnyG/4dyNc7sRm9dx5jc68/nM3imghpW/WgMols0h9dI76eKis9NdGDqIXM1qS/XKwyl"
-         + "UDEyR8iRgtGwNPJjXmHnmiaPxcxonXV5xLwBgIGPngion7B507dt0/w4e4XKRCQScPYnDUYjU456pdfEqsQHPuHstBjKBpcCp3jfDHcG2Ol8tuqidMIJ5ARv"
-         + "2jBj7D3XYGEDYEz+Uf/l6HVgpvbFCxuY6GysWStEbxTV7ExpGqKrON38JYcpgrIwcOf+kGcTSFDhjUWEngByiJhUJ82xu01YtKzLXRgqswXFQVRKg+n/YMaM"
-         + "ywMkdksXn+7XRF4ieQ4YWXz75QV07aYbhEEJ3bvfHomJRPsCZP3t1OManjQj+SDhWO05TvglUNed2ft9DK+WYDoiRw+PFz0JIQxMwNTXTBjumhEI62fINuDY"
-         + "c1wrj/cP7GVmZJjGUEREN+MijVkOFh2yaCSge2oTyNBNa00etlEdKpXpwMP9NiUFoRknrHEY3qgbl8Ugcr3GsrBlVQUw/2bLCyLoVf9Ay65EUDpBh7l06grl"
-         + "kWhzY4OXQmwdki4oOP64R6VUCR4POyH8jy8y1jTwPDo8yThdZBwgS+jKD0dbmgZi2TATim8QXdLf2EuVfIKDOsYpusFtK09TszkXGRQr0Qcih0FlOZfotLJR"
-         + "fZM0Yi3Llw0Nxqjmd43O1fDRSbOKuYKRWtKdbHEPaxjrjUQOhh4ocv0bKgdNXNWfl3+M7ezkiwwefdTJoM7qYtDA3s6wslyjGh95gLTEF4QO/EDJO4A7QGiJ"
-         + "qXEfYj4cO73boBdqnbfmmVTNxVIl6MNHAs+ylGBxpPSQg8kVzGpWbgdZRZo+d5ebmtnzZYB53yeq1cQH3jIu05E447IQsDc2UPEnX/7G4uHLnJSJFq1Ys4BW"
-         + "AVcTcsB60hrcVj0wtmy/CRyDA2f35RypsJa14KUOFVmEMhJJGK5VGBa8fpYMWR1W2JBZEdPW7dnRLa0a5rxd1XWT+ryrFrhMtM/6wjoAm3SlNE4Z/iXVcWj9"
-         + "DwngIljt7ZOtpEx6WyAddNMAu/h4S6+k1vatQ8Xj39qcZUIgQV6HW2cy8jzfi81CTKxm9Ew3qVrv9XVUVAFzXNvvjJsJ6rG1AyTh0nSGtQgNvGBEemAdrHqf"
-         + "5XpWsUpdjG3xJS6PwZikESkufSkw5SMKMxUsUAZxmqFkvxZRRI2FSz5B0AjPHeHX9iEzl6x2x0/NCYL2eFEQsPDgJx07940lBx7ureFHYyacxG02YhWiOBIY"
-         + "plqlUtu6i1WqMV7sAf09r1O2RtdQ4rBpAqrLQnHjN3DTU2h8evOEM4ijTNzOyopg5yP+O/lgb7iklGuuGJihOVPhlS72grIiSQYT08DvoNQ/YhjzjBXc/xqP"
-         + "nHPBb+M8Lb/fJnjXhi9Be/1uXaiQxeV84VVmDQa68ppdnFV+x8K9OrGdtsr2AFMlen1miMU/nNRMKgUJk0lmJPawCDeky0IN2YHNy7ns3Mson46OQ50oDv6M"
-         + "JBbe7a4r5JubC+EZ/hzXiHUuZkInSXZD9roE8U7WYSnT8FPt5TbV4RWdiKghbPEQseI/r9xnXe+usqt9l/tc5xH8SJ6vEOK5kzVk6ZJYpw6WxsTYjfvOyjnd"
-         + "d3I/4aYXLbSTmXa7UmZlrqv69it0vHfuf82ORyM26JDq5rDho83oSu5ud3L7iFG6zIpAe9ITvfNknRr0X0obo1oq4gdrlFwn+MnM/UTBCTQsxV7zasO7mhmU"
-         + "QcWcmA99/UUfyoRFigNkOBfCa1EQupAeYw28J5NCXONR+Lue7ZDt899OgYxNK3HCUW2F/p4wYw/fCoXKPgmRd/tmLPgl6nmDdhlSwiuK/+a4zQJTWL++EHno"
-         + "vmTZc81f7a5qtazZPLKKJuH5fzz7hl7yX2n3SvKXyzhIPnKC2OTJ1RIdR89VMGuPUHxj34/4DeDxyy1aVVHfpZ7uO7RmU/Q8NPaVrU9NtS3aH70YT5aiMZP7"
-         + "OT8rTBjolVtmLWTrXZT0p70GGCSagMuVbwhuBaPS3dASbP+wMnomX5DtX6PVmnYCV1qlkI0ImY0VZeVOC86rYzEvWkgwXlLK4YImaKt/dVERy2mbJqK7IAq3"
-         + "9FKQSQe+7w/f0CKYwa1JaADzW+/N0Dx5iMJ69P3vGAW2Ea/bBKj5mDWc6XtAqgtzAhSLtwRsWkdB7pZq2US3odeQtxvYbZ31UMe4nDeb5a6xD4KRj0Z1isO5"
-         + "sSdRHqdB2QxC2UVansn8wm9j7IIfFy4XLwmgnglQHTij5sstJzzW73Fj9bXb8kw98Em364+YfAJugvBDolhgCbTKYJKHlIM6qj4rC0ILZ9ObQFMZB2EJ6QCg"
-         + "sUPyVX0FGWCASC7z+sacXJRN0VbQlIwNCxXOkVBXy84/OkckL/IA2PgOEaBaftnOq0gbJCrOI3U8D5jZoNnm13050zYByo78Mg+pniY8rk9ft8Ctb8yT3lEB"
-         + "Azm6vYj4+/N42exTIu+ZbLEyZhTxjlBiXmu4ZNm6phJW/LNaDeeP0Fr9/dw6D2iZaOwup+6Xh8JnZwkc0F5gT303Qd1gFtzJ6j6xv0+gMNYkXWvec40SzI2B"
-         + "4/TfqrZo3mqjd/qo8MQxxzG9OVjdGT3YgbUtdh6S0W0eG0E9v5J34NntB3e9erjvdxrEnftgPmdYOYHGLwXvrV7gu6Im42kBLh7M6y3ibqHEGZWrNJi2fEDM"
-         + "KPDGLFHDn4GKDNLkwJaVlDH90DPQAA0vNiu+VaFkjEU3+U1DoSOSayhGaXPVOaKJJqw0QTEpNA6OH7CgYGfDTHAXXPpEMlD795iXdNTGESo7/xxd1ktsSqee"
-         + "Lj36QHOjcR1ylh48t43vbdgNmf4Q7e8kR3/p88RkXDeppPbHcgMzS6ds2vhy7HmUOSBHpKzXpxfzZbCs/OWX3sND3PmBX2Cv2uYSOrmLlVnyjbXI4A0WiFPg"
-         + "WiasYyfIkfs74My72OdoP0hz+qmvVIxaMZymDX3JMwrWbZhCrGs3kzJl+59l1SN3jRJWnYmTzw2sH0HdYBbcyeo+sb9PoDDWJF1r3nONEsyNgeP036q2aN5q"
-         + "o3f6qPDEMccxvTlY3Rk92IG1LXYektFtHhtBPb+Sd+A+f2wn6mRZ2OBZKr/zu7QDRTuZ981fF13p8s8PQGQ/dXTk3bdyx7eWp78xSsiqNQ5Zr7UgZ3fmdhUL"
-         + "W2hQnpCapJjsCTK5YnVKrUNYZ+GMbFrnmcXemlEx7bSiGCnLvE5sOf3FFC9687Sk3Vgqd41Il3hKjUAwWbHdy5zflzqc5BaVa4d3jQsekf4aa0vVJodZhDGL"
-         + "UP58TpCuwMG4fz1MF375qQqVE8rfKyE62qOwHPEg0rTtJtHY7xEeiDuNh6KvjriCUyvXhWaC21oKx2jHEttZ95uhYOt5zyVv809a2c7gbuWXwqgPDC8bwH58"
-         + "xDIKmPpm/ut+m0Rko8bpIsS3Qczo3I7s6NnEbBPLbSHNZrzJ92tfuzGetVYH+J1euDMnLUW2LOlLA9+6CkFL/eiZR4Dm0eiOwsr0lmKjEcbV6po7ZNmXvoa4"
-         + "JrS+S2mUxMCc4bFVbZSwFE4X3ThH2XKDUIOMoK+TaW1TZLuZ9W1H3G5mycdpuH4qf9+VoZ8q26rhLvvt2DJvc4ZMZlPO5oqncWzLMHuRmA0kH63KgtYNhpUN"
-         + "be1ie1KjpFnp6n5/b5PUss4r26qSJVp/TiEZKGgI6/Xfz5NqBhKroBp6iOu2R3iide7FKT+cA89Yd3LebNBRdzyGu4R5LS5ivvLX3Zyrn52kaTk3uuFdsEvr"
-         + "4CoB7aU8nxnOgaXEc8jJbYlr4PDrMTQP2gpaWDkdI/FiN8x5KghjxX/hdWIh9XloDY0H8ovx3LlYD2Krk5dFNLqwRh5RbHJ4goWzOCqn4Kba/K6PqH986cs4"
-         + "mHak18ErpRdHnnUeqijRC/bfg7H1ZFGJROxpi7aHFee48VdFTWAmu96M/i/s9d+QWnm5mBbjnkyLvP+ed3mBJxOQXSEIwn0YaapUk5GF0RX+eYgMEynWHa4L"
-         + "S+e+cNX2d/f7nhP+FVTm68xnJcumYqB6Yzz24qCdUDA1xOznfHKzIILv6uGDTzJeCUyNGchQ3wRxgLYoa/nLDGkUGjWCkv0SlD86HAUkGh292/gy7u48D/7h"
-         + "NP/HEFP0OmtapDO8b2TrRRSvCE7ujTCOOZUuLJ/Z6SCFVauRHe63km2OYHat7u17UzAP6Q+IJCIaTpPXVVjCSJ/Nqs4bbQjasY9d5Mxhl69iVIU4KutD039m"
-         + "MKkxwV4J7+FEjyv+xv3TiE+mPoBeYQLFh1n4xOOjlMmicFueh+odZ4IQPd4BlJsZ75NnF+pYwwDiKSPek3w3eCMLibRI2fQsgRwPgjqkVKAMcoz40W18b2Sh"
-         + "STeM9/QNu+Yf7/xhrh25fnd/0qumiORS4bU+BpCUvmy63xzLBfm72vNygWqdw05QN8Bx3MW6HU13yXxi+iwpLvXo1Egghm3o0S2eYaHUzfXPvbcv+56uQ1Fg"
-         + "33+kcjpXdkF0a5LdF9kzeAmc0U9hPIaMV9CtHHfLPhrbr8NaeoOsiotwZba8jBBku4Bdn4ocU7uJyten9X1iriNYMTsCXRx7zqv0rXH52As2jGC/ATIYBx+S"
-         + "KDH5btC75LHZKs+7dtL2lJoZVpZDB4SPnr3SXndIVd5vEvxiwphISxeRjcFPTRYfpPlm0eTntm1TO9Q+KI59FIpSD3VE2so5VuYLS20V1Y4nHTlmQd5Fph0E"
-         + "vXakzYWhGity+eYrhlQz7woSWdXaa15SX0gUxgFiIu6veajEb45+u0h0M6aY/+13M/s+dhpSXUixW8WB5AGlVJJEJUVRyRynJsmUpjVNvY6y+YjxXXJVHKBb"
-         + "wY4fMvBewyd3wbr4B6TAk8VUMSVXkUGc0mUkk+SI6turrlTI/snoW6e+wK607v0jmqSCM5WzrvVDx+yKf9U26vikncL5oHOLYwdI2RpWnsqgrdStmkQw5AgW"
-         + "8vxnRGjoPVayvnH+oY7MfXMH+Tfyt8TFkXj0wWU2ewXjtJVRdF9YvKK/fGj1gEU8oJUck6SbP2W49NAtzxxWgSyLj0kGKRt51aqvwasZpbZ1G4nqZnZIioNp"
-         + "w6vMfBbPyxgfhfOoswwfWmFWmRgu+IlcGwdBvGqNN4dhoLEApARkP/aR4kBWmZc0Umv23lXDxcyWpIGSeTsCH0OnRqCQj9lh4foWu0zrzm5eD/EqvOqwvISX"
-         + "+jh6CP9v6tyG7h1177s0ixE5rP1ujGzEugsO/Ged2IXP7oEUItSvtidCydvADXuUbcRd1E+nXP5AnrQUO/lURNsSIjocevm7uXTal8tT2Axj065JSZLPbC6d"
-         + "JmFgDll/ipdvEkp/ei9Vf5Mbozo/OwydYYAO+dBdsrnY5O+pgwT71RY6/lRcF/LUjQ+f7VHF9ZvYNHW5v+/JVFRG3Bb+PTOmqATaQ927303QIXvU9g6cHUHY"
-         + "rTy4Jyouzm+eV4iU/mZOkiEKowf6DN6cJWcSgV2wP3sXcF++pNtdDhNo+NockV9zX4JjRpROPA8usj5qbu69RWs2KMdHX+1E9zQiaO25PK6D1G1rNSKhoGSS"
-         + "k1FHPppNMd27XIm2Q07NryTkuCQrAgZ7Q5WjmoxoovbeUED+VEs1fMN/IySXkzQgyXQaWVXUnKZ96ROCzgRKegtT/xlciqFeOHayzkwaWXscstC5JxwZsTT8"
-         + "O8fJLUjh+wWWnI2cmL3ZYnzsQ0dS3kMCm6jk4tVbvo4YrhCOnvnk37C4JLEeWuTvdYyCN/5rmGDJNOb9jPJdzmgMS6aKrmFQ6SsAhjNlewntGWjR57XwGxTS"
-         + "8b1PbYITu3+Ox4lz0IBx7kpDwxrMHRyXMxLKUkgjK9rtyNYvzqqpeaepBwVHbSk3bjXHVTdEabFRQ+zQtrEuKh/7k8Mc0Lh+Oi3YLa/ulSUJWZ0OmewgQDnf"
-         + "GpGuFwr5LCf3t7g1ZF6LtXG+PjC0pa7r6SyuXJey97vedxnnZQlb0htSbHcUYmN4lJoeN/T2ltgxu2sx8iwTHePrDy3mS4RWVQ3pAIaHN0OBGchRvpmME6XO"
-         + "66SgXKJxqXXOZzwTPcu3RDKOfFoJQuNzSwFeRXQuprfRmQA1gejmhkDkZ9htpWEAUP1nUAg7GenygNSScpmXNRkOBQS2V/SLXQLuyug1DlhLDxK1K6DrTQfq"
-         + "tWFj97taNx+AyFdMkFg2BAMz25TDeckiRqrPfZoJZqE0oF2EeyYPvyxuIsIq4c0H+JbHbEYKeOGouBqfSGjliBAZ5xD73PQ1W4qBKKWq3x2gQ9P02o2Tt7M6"
-         + "M9hhjxV38QrCeZN8WjvuyV1L0Lg0DrXOWRtFRjaGgzo77AyxhXasj03KwJvlfg5SgTJiNbicn3zS4ZvHl+ZFmByFWZfXkQ/wZSFR0ScyQnB4twjURraywbha"
-         + "4rF5u/1QVh6E6BRvbzkcgLXdBfKXaUZCq5jnLcwFy58N8Sd97x6CzDW++2k2jxWavksKtay1jGbduc0XEMdAls3HbFcB+gqlWkm45Y3j1y7KI6jAVJRjL0m/"
-         + "jiqJ0p1Y406MAcrj5RCKo0BtZjPTfX15ac2iORF5QeP2C990/WsfPUqmLnpj4p7znE2ZNGb23rURln13nmyowwGIZNJ3TZkMI/bVTYNLN7sSTBDhM98xVk6r"
-         + "+E4jzdlWb+MsUSAmMi054o/Ei4EfTe+MYtBhakBGu2A0orYBKDMaGMC/td3qCWzJD+xFJM+WKGBZQbpXCfcYnQEsNDHWsoRywrBe3p8BeDWHvLWc05Ey0ml0"
-         + "sTHGutJ9LmT8SfzJzQJKWtCax4al9K8wGabm4WeYSfcznLV6UsAngs65R3GNIRtgob2I3lYWb/3IUjFz1qR9hwdA4ft28n1fVzYcdLWSMrOBE1uJ/ZJ1tBmp"
-         + "lDV0m77kAEY1J6xy6QYGcHMaXoG4C4cuFvtfuepqzhmcCF7B7ah0TQFwsRYYowCinmb8Cb+/uxg5+lql9772WLm+0ucPTPDTcMWBrNxfUvupJQarW8V5hGu1"
-         + "WUpU3c5GhUaGzXYhvUJblBDElC4EEWFfLSypWOzN+GCUay84zCZ+S396JXwdtx2LrMAg9QiTSIagNOGKYPuXO2ksQmh88TXvD9Y3Pv8P+FfHjPyj/we4hGxs"
-         + "uk7BL50cPOnt+ZC0qQOAd26YJqO9TJjgTorhRuE5XG0eadAGslz8n8XuwJn0z5YcYq4riBe5+totw8fVLMMsl3lGuk5SpaykEqO3UkeSwBxQs3BPkCPYXp8R"
-         + "QZdCyLMoFfNuAM66lhRvEKu0QldNkb57r3iDQojTp6FxzvJXWRKIrCFujTwESltiMxBiPgBQy7JywF68TfwlVF7lZ2rCBqKpMo3gZmudsJvP82JxSfAdmSD+"
-         + "OIhayNPD9XHe+AuJUFNv7Pq+1DaQ+k19dIlymSuepX4s1+0NR2QNVqQJH3B7BBrzeM1E4MEZJ02S4hdDyKHVRUi1ByzYc5eXTi31BAf8rdF9iOrEW3JbQ2w+"
-         + "Rzvkl/99ZmTqU4ECPzjEyCcwTZ2dfqj9IheT5hoLkH3GenFbWLpgKoeVZbcf6bMWWebSxB8HXd+UGON0q0Ium69TWyo3AVBGMk5lWzGAo7FwDW9UY7krzqXt"
-         + "JPZdfAzs7vAb0MTNxjEJWVcaDkJsPbjUC7tEUFG3iO9FvF193JbQZ5kLKMXFkUWZIc/JsZVU255nWG+yIUI/eH42+iv2+OJ17EKQ19oyVfccmcee/FBoREr2"
-         + "Pz5j1zIaVr0cxuB+xxqXLI1K/MTQl/2s15oNw9TO8OP3q0qyH0s3/K5qsnN4avz48BxOjT/xpUbLSUlq5s75K+oDF4IyBt4z457Op6/MblEB6wAVEyTTyfx6"
-         + "zOgTasmr/Gzm0LWiDxisA7wv+e6NBonkE2Qzvh/XXclCwXRDbqhvk2X3x28UZL2hFdRNLWnoQX14LunwyMbFvUXlngqnoRsTpMz5/JyCSMSzj5E7RCN173np"
-         + "yMrhI0KO5yB3Or3OxSQayRAMCJ6Ll/ntChWX3JxGL7YTYyCpluNEycnpS61Uup7cLb/VIsCF3unMF2UTk9RJoowmYzSQyg0BrHhmYv/CEKTzaKC4oKV+Uao6"
-         + "uWOxDr7rpx6DLlX4kYQ4BoaLH0UmZ2OurszRTqfSKE9XdpN8FO4WEA7vLojlqOfxQhiajfd6SAi4j0Rh7pgRhXrRuJjZQJqvDEGW+C5LKSXeI5kftAE9/RpV"
-         + "Vyggggz8hUe6igRwHGNdY8SXQSi8XgtE+saKcLXISXfy3snl2HIk+3V+ZReyVJxR3hD+LOYsQ8cfzVk9Cov8yrDSg0QxmGjsPBFCvdDioFrwU7Tdz/TS5CJK"
-         + "2TqiLcSjFQuT50VcY+vTaiQa++ayrwuFX+T0rTJaa0q8142mImUQhdYdE9XWo38cQSVSLsz4PvPvRtKBupdNrWX/Y/QsMf0y+aqzL2M6xHG/Wsz3M1ksjvB4"
-         + "DT5+gwBIwKMM4zUKTGFWEUJRxr3Vl10Sz2OTNVqH8aw+luBi4RZHshwns8Kmxwuo5vsAd8p0PFDHeIsdwMJ27mLvVPFbSqoZhbYaX36G0bZPtwKHhdtIxR0G"
-         + "ShkK+auMNOAsG32W80nP6RdSghhACW/JkXjEty4WRtVynk1VrXdQ09eDBZShhtE1r0KI9N7noimo00spquAzwmaCbDT9aSalagDQbxWLwNZZaI9NWpMTzqz2"
-         + "jSiURSW6TnJgyklEhGQclL/K8SHuuAWWQAC0A00DBjEL5AHRqavXSE0AXtQZaGvs9CQke3WElc4SjWjXLzie+VqUc5LAtWvepL8kKUmS77um126RB/d7UMrR"
-         + "OhvG2DYwxtjU5nV4v7lP/6irSZArwkVh4rsxWsOuf3yYi0hfmasaWLBZdsYTM6/UeO7Hcq4xdDnN1FgLt7owD+AtTIdNoD3SgR4CGU/yDIlwb9LQg/drgXZX"
-         + "7eGu4MrR/sf1A89CTJSCS/TxOk4Y/8Vw4qgdWELbXGiXRgpl4w9WPMXgdwBIkEtrKE0Miun7qWjhPLdO1DGY0JMYQtqIOr/lCVUVVWOos+WchfsDtOsxDBdJ"
-         + "DviUW864LUb+f04l8B5iGM0okOJosJWaqpVVWRcRaUEAqFyGiJGOxWodd2aXM3ys+Wwc9y9zhmAVVVYt8TlKJbSX+YQnymLXCrFZox8b6ihfXTNZPssPHGfo"
-         + "BpZpQFfR0yO0s0rjZ+Ed+JLZm+n9yuYgzMeBL0ECXj0BVkSjqVZDYimDuukPK1kGkA6ucgJGKSMbUBWHpQNO3I/cKjJ3sOApQj6J9H0FGn0tcnIMkJEFlXAf"
-         + "/Te5yc829FxlG+rqXMf0cSHcVRjOB/w/1nzj13cv5r+XA3HeQdkOZTGEoLb5iMBV6CGIswMiID7GpYbBM+0KnK37kFBl2zWOl17ZpDa1v4Oozwnf8XinAOCx"
-         + "p23yRRQwh9iBubkPqVXTMj1ApcqAYRCB4qn18Q/j6EEZrxxck0WV4v3v4RHseWpp/TOPyEYfd/ZB4DLA8Xu1kYvV7QQ/NA/z8SnPEkJT95HxMfTOB1G9HojB"
-         + "C1zZ8WkNCL4kUk2oKJxD+BktMSTM2xXuGz2xSJjOIUHhhWWK5DnJ+DkKVi6fBhhDrhvXEj+pv0wPKD+iOAAOESaOE4oO9xvSWT1NoPRfIwz0F/lpPmgKGRQ+"
-         + "N6d5Q+CorrUFjH8cQ0vdPkzSUvfBALTpLLTazZEtbJuVaoKHfHBjqHwDwDU3+xUXj2Q0FX5viijwWWCOY8va/lC3QOZF6RDw3l8/KacFLjTzeJq2itRI5n97"
-         + "nviI6eZGbqTSw/U23D11zhT36VHT9kKCFvY0RAyuZFKGN+xczXsYA4S7oCzs2TilXvS2Dz4qpkpx0nPSBBuFhaQnRu9ELCPK1om1RT1NVQDT9OajstDroY/1"
-         + "DiqxwxkT5EWFOj9RZWqHD+kdyDXfstMyF+O47JPYqb5U0AKQGDvUdxSDB6UO39PkrjeP4ngKtLl3Fmmm7D17sgeiH+N390zyxQML6XJTXzz9enH/KdfqylWm"
-         + "wya2AdhGYx4xJrSPNll1O3bQ7JxF9CMqggpKDHrxY6TqVltTt5hKp2GhmNyWJakib11SFOWh8sYEq2Eu/l2EgI5fCmv4mGBRLAE1LzTFUsETS3v6ovKLI3DY"
-         + "mPrXdAq7JVa0ub2lDBkLqy3pCCJ2LsT54rc0CW6FdPaviZeFSom2IRXk6q0J7vb5dHh7LBNx5vBtcvcxbtM14a7qMyiruJSA4POYDRGyOkLuIxVorgwAmwAJ"
-         + "8+pOmHMwCL/+bVGcx4CwfgCfUXrLU1JObCs28fFnH0iUH7uzzb9uVpVaTYJYCb8BJ+fuNpU+wyigMrlWfB5cKIkisRXf7v+clQKX0q4ufcj77N39yO4VthaW"
-         + "ILYJK8DDXLv2DLNUO/64kosJiLXBGsCgr4FTvHP0XUiPw7j42SbPofUVkyK4QjASNSJLdYDDIL7wsbmWF65Wug/eQJN4lHtPNMpGyfXheMt2cDdBosCoxwxf"
-         + "8OD5KsFpJRpZp3MCQ+2FXSExaxOiZYTflsDP40B+IDAUa+kCmT7qcK8ARZL3ldfy3LcbjFEdzPnKJoSSyyaXr0dm5xWGsCfNfbCkz6PXYRJB+X1DVbGg88RP"
-         + "fZ7SfdqW9kIyzI8ALkes5t/qAejwCrimBrI9kTV3z5eL1WPouvL0Mh56NYhcWIOZceZr+VlSkAliV0ZrXGVVBtCeStvxTIEE/wGJ7YumS61gDnAX0FFOislA"
-         + "zZwnV8qfChyVqc8t2fXfAIeRQBDY2Rnu+/q/xxF5YdbyRjg/4c86esIQ0wQ0YRMjC+PNOfDW8jVtEYkdvK1GLQ5oqFccN2rFi73mD0AYHazSVSyYjHE/PnHP"
-         + "D5KSBP1FZXlHc4K0DiXeb4OdUU+s4ffnQMK9DT92o1HTB77NgTs/U/nq/LaOx9PKWaDPZwoyCpDM9psGrfw3JrZ5N+us6Dsc60TzqmWx+Y7KVF+d4fbFaDz0"
-         + "QUuL1AWV5LgubKkskTBDZ2PbZfw9EKTezl4nHNZ0t0IgyvDsY6WkP03O2N1oUxgbRqkUe4EGD6I9THycVwjZ0uIngdeLmxHIC63GyRnyDPTKMwks/DWqNCdV"
-         + "qt5vb+QExD0bAT533Rq1WqUqARu6TdrKyCN/RqgwEHws0Rgw/yLltJMq8Oe/wo4S4d8SeZjy5HpJRZhVSYJ14povNNOJj3kHz+EQcqvU33hBQzh3Uwdt9Mz0"
-         + "tCWzePOtzKjKV47uFYebyQQKIBbKQusox+QOy5ylcqaKm27W9WYRjkXmabvpR5OPELOICdh6xZvaO1esrHtUY8JJx1I7RuYE4gp7/B3tqaqabF25VIwKqVoT"
-         + "8wfEZU5K5RIGksOzgjzf7RazSXmY/PePo5RiLYxHtc+zP+8u5pD8Rd2YM8UAqnDqXJtUC1kboeLrlpcWrl1zN071WL8dlQpBsDf+haGnFIeliOh3UMtXRE7i"
-         + "QAOGVr+T6jbyjKVHCbIocJeGtkRkxkElhfBGxXWgNpC/0C+G7l1Hl/Kr/ilMXB26xg9hzECwGKyeV3nqGaMmUnBHVpZaasAaZpGn2n5MBcXcWjI7dMpnYp1u"
-         + "on/rNYQpci1xwW7X4QEHoSLijFRt/sDIDCeOd6luoW75qQwqBlQCT1JhVd9ZYneNo/KlzpCpHjDg3Bi1pTlqeoX4qlgO0lJm0NdXD9FCMFMI2m+hDnYoPOwg"
-         + "5mvH+y+8bZ7wpWTd+3CSeKRnNiCb4sNaOgkW1yoCxETpl73RrMztEhx/X3AT5Xs8N6SnXKsYRQiqtRyEqknEjBwGdeONiP27jlplOZhk4+pZwT+Hb2FTh0lV"
-         + "SmGVZ6zRudUffYS/ouHsn5e6X7+FBcwEvc8F76DrjyzjPyCHrw9MSVi5XhIWdsrwj5sKe07o41umXF37izeTExQBkPWG6xSptVOtHFEAuIIXFa6LJHrr3sqw"
-         + "lFUObDakwwbMiW2jAr/Id3juviMiTnqum35UQvbskaJK5NLeE0qCys9vZgoxPP7QG5eCZE5bLtVADeVE+f9TAhmUIJYbQmT/ZD66LCGBYmbicWRjm4lPz9Aq"
-         + "OX3DO8BDzqcD29rVdwtzf/ZpHkSuH8X0OE36y4KT9eyiQJ81v3AabkBrU4W3ogC29MLlHogi5cJgZcw/C25sEruYe4osaVqpPgTkE3Okg44HgszKHqujmGLj"
-         + "BQHr/bBjBUjVA6ggsg5cmr1EAPHeeYbE6qeIe+f2UD1+qUNrwQ9DCRBlg/z8cPG44QnlmIgL93mpoiOlIrph8DW2VP6dhalv/HVEBV+AJnYcj5Q3WOe6nO9z"
-         + "m/qJEJPWyjEA38O1MYcbD0CX4xBOfecTfZjiq5sNh0Oq2QC2W7cWaI7agqHtg3+P5na+zDEG3C24GZvffYRdBZSrNIOpQpG7YPS3mJK6RPZt2pLuKFUKbV8V"
-         + "/GEdRO1NOkH3YO2wEUkBiXFhtZZnjMUwD7vbeIkIM6OPa7+/Zvc9Rha7kGygne0G4HEdiBo8Tn0QQ0k2RfhltMefIyxVx4MBEFp6zOFddZMeHKkdxZc9PPnq"
-         + "hie2HsMxNbcCzD3YpGo8p5rqTKg+h47416NGsHw1ARTPewwFR9AWGfNjjf+rNyh6pLhNjPl2nEax/hOBmkHBKnPFJwKjxUKK/KF90EvvTsIcx8U2gTKYct9r"
-         + "id4lYhxq9jMfSsj3imJPoOtHkScnTGJ0La17FSG1MqQ3FHnE9Jgi0bHljabWzQddJLqKyDZiuJ6Mxy6DO5QuxZKJLMb7UPAzNvTLasZZ/KazQp5WcBjLjgEI"
-         + "e/driqRQJNVe4ouIXkFYgDcSGfnQrct0h6Y70vBcL3ciMMxSot7fef3f9ljHyxyOJ2hNmIhghTPABEJ/h8bfqPf3ne1G3cLIxmlm2v+Mjy1dNbC4JzFlIySO"
-         + "FLXmL+l6TPVDAooXJ/ZPYecqFQcQApphcmmX2pngliynX6IJtpcTypDb3UM+M2EZ8CAZFQAyZD686bov7CboDqAE/jMc8S/zQa3oqzG1gC6bwR3ilFu/OY+E"
-         + "pjuimVFrNYxpMpULA4VaEJ3xAzdqcQ8OUvHdizLWCC16gTfbJ4+d6hyMhT1bRw3gNcI1mq3aCOcg8K2jozv/gbt8I6TOmknSTHePJLMFFC2AHGqePqLFOC1i"
-         + "xzWSDgXQydMEdyebsI9iBmn86qDje6znHkbz+7XrU2UrrBzGFlHzW+eX2xhNl5lGGKMFQjfB1CehlNLnGYjVQlJAbSZCNA8wABJM+IaNMD4bJF5o+nPvjmoG"
-         + "N4mM5NkUN8tqeR31clLx6JasuYyNo6H0/ND3424dmCihrxwhyUsaM/rxgX/k8/yl9vnvvCzJkPrB4TjGzOzx6M1FvoLUB52J4GAuyC16bloYD0fzm4naIiz8"
-         + "8ROzFsitOcs/T+wY76s9PW/lcqaTV9hREDgCAwrpGHCBaGFXZMV0797EGG9eResFt4UhJrGy3YBMgLGURMALeRh3jBc8my0zvcu1WxKPNR+vPDjql9GghIwX"
-         + "zB9RamhlYHq36nH4IwqnviVEcWJoAakfYnOR90YG+xKwSMiDU+bi52MYSFyr+vcFWJYFlFixazOarNVxyvo7+cpSOtEfBgA15BYP9QrmBdkOpDirIgSfkAmk"
-         + "7I7G/6lGpMLL6Xdzjhq/CavM/xRDW7FCLj8JzgNL6bEACOrVuSfxcBI3XzAf6foo/YSZUQjABKy1zDpW28Rn0hSq9ta7Rh/9a0e7EaclfSlxJp8/bXkTRvDI"
-         + "c7b3sqqPkFEVVNradxLf9jWDvtopwCFPt/s/tsNJfxUBO8fWsgn5BKZjHz+JbFHoBOrJvoYQGhFD6ecvqpPJQs04sGqTzQ3BsywIzlDq2OOTL42KvQk1MgdB"
-         + "cq3pmi6ceXCWoysnU0XYCKLFFFvsgaheenTCiAH2nOXKw5ATyJ1W0+t3jcM7V0yZChGhmk3BU9m3v92u+N9SxzaDB/BaI86iKgCTzISL5SV/20oLz3oLlu/N"
-         + "WQr3ns7VBjGdXrRbnRWduYNYRnAd+HglKmdU9CmWPjxKKHer+8K5dn1KJyWSPzcoRyidgz8oXxThMbx24ZTy0uJrICpRA7WDYXvPDwH3t4/ClbJmhJ/Pdknb"
-         + "A/kfaBGUVMB4OrCwcDTtuFmvm1q7rNr+qbdwUKleheHuW+jOLLgsceBTeHtBpIxp0Ql3wiaaqvsx7qRSlL/dj72LMOmB3q9zAFKq7jqcokYE0a2+zq7hSTV7"
-         + "vF1j0aW9mMsZAqBNCQPiD84DGbVtQ6RfGFC2tDfaAjhFafC8ioOH0Eb1c5+FLA7GyeRrxm2yYjeQsBM6GgLDSNu82dGtZmC0fn40fbRGUlMhBcrVGo9x95gE"
-         + "nIVwkQ9ucj0R/wLIU7dJ5LPfULM4pD++zJtmaLbNatGXgtDsALX2OVFeqOtXEZhsk8ZXkUjYxMjqpM+3JPhHgYPxpp43qnJqTmwde32by8wAiKTgFpPRO0o3"
-         + "WYMhaKA1AGngv3c2P6DERTbSsdnufNYg2lk3++rJ7NCzFjsGPK5eIrjeZEyr10feuMymlQvij/54UFaeeasiFueNOBusnLxukOmZ2yM163nk1OJt3IXphFdW"
-         + "7MwPyI98tja9WXg2d3HfIfaF80jMVs5FMgfSB7l9rxaA4oOUHUqYoC8csmitg8AgLhGlzbor7+Q44e6u8rUAyy+WcE9TlNSr1x/kDUHU9q/MKa9HBeSlOUvT"
-         + "j8gRetlVXfDZf9PU0oY6BKrkwJ03kXRMYRpJMI2InuBh08eg5eWJVC/sUi5IeZUhjVHvZ7GpjU8B+sfCDUKie97dv/DxlYg454wrObV7SKZG40YLJaRKVmAO"
-         + "zuCoyWUervx97yyzAcurBC+nGVLGBnBF+C28c81ytsltuuU0YeAI37HsJXBrz4rruxJ4iSG1laXafgCVYUoJaE00l84N6wjQEgf7f6VRdeza/H+l8D2x2jJN"
-         + "cw2Br+Hj4XI2nbzv/HpqoNZZzHh1taTnXHQeFuOyLj+zFEBc+7BQxrKvGY4CeVuktlAtvUcjQ3wwhCu0Cmf2W1poM9LtzrOzle3VipbyBIkyg3e6Xg2fJm8Q"
-         + "Wvi5m8YilM4q5YrpNBuoeSYF1tlKXzdRlSjlWI1AONDhIb17xhnoWV2pso2Flc0XmiM+37wiL+GuW1bLMDwJx9YztBZpAUmlXfvBr+MgzXo4veheBu6W00ZL"
-         + "j+FNMomWQCecsDHZWcUVoRAnL4zVT4n7hym+mRDeLAzkLU8YGtKWA7MwjtXWqakjn0+iuOuLwa/4c/bCyZzvAFoPZb+wm9+7OSUGjcRQuR1FM50G5l/j6dfa"
-         + "mflw1uF2Ruln6uq0oS9PFQHoK+iYwHYHE75mku/7/F3AqRy38j7mtg2mIM6urxX3h7Q256oZhpe+Mx7gCNLyjfnEWjrmxv/zPpEWhTiCILP0BMLpFJy427/A"
-         + "s27wM8JOsxIZEV+6Gho0Yt8weny/lVtLEw+JF92Ns6VAd8hI+wb+NM/sy8Uzlhak6OuL3vFbwY2oA8MlRwLo/YiKNYfkvTYV0HjXCPgOnjGyRBPJ64CR8iH8"
-         + "SWkea7w1koEAE9lXpApdhZGZw7qkKJ3J/nahCCHDuRLzvmahYRcpp67M7pHbLP0JSGKI/vPV0+uUCxLzTkOoEialG5dIHMtDrFmRRKw5CaZuPuwniGh//VXw"
-         + "4eDbaGUMxUhKvo7lh2RzfEMQl+2gyGMr2ptlpwbQGrMUTVekXMKfwo5bep+GQ0HXS2dVJ0HifejGTpxyizXgk4DW2v4moR/E+qEwY+0kvbiXvBgxqnJDc5V6"
-         + "RwnDRGpoCF1M252YUOoCtUnLjhnI7mIKOm8XWonwD9KJkdDhX71Xm06pIze4LqIz+jRrOQ/tSQ3Q4/fi/QGrNeQV7EbYCb9euClfs4kfqWsLfzZuj72+0TSZ"
-         + "sqQymhsmiLNfBhTzY2a0hj6SxQ9imPypaevI1MYAweRY+fIq44NNTlQ+iicDKUVAP6Vs8dC7cmrjY2jLhsBmydGVeKRw1+RTXqvj1189zgycgMzfZeMOpW9X"
-         + "jpGgjrIPheht1LrWoVUDQejV681Ecrw4k844zR9YpWkyu7/iO0FfucNUZGFY7lVML+/sVIPM5M5kPBzTUv0cgT/EiVsnmyYPXUJl88WPInOFKlerxRJ7itEU"
-         + "WxqHbvN+8IX91RMYlyo2c9z/LygzMg4ncZ8lI6/n/+acM8mrdrkkExPuHsVsChYeMEqKDoCxCYdpYOcxBomzjCWjFOcq77SCAwZO00OoIybvFlpbTpYZXanP"
-         + "WUZMeLz0/KYQkS76S3bAWeQl0u0ph0F4Q1J24TW2ZG6+IWaHi4+PWSNOjcs36329Z2Pm8CxQ3TV4Qf1BlOpgXSwBPQYckKjKVFJC52zrvKuUZUNznTdwOj0l"
-         + "rD/vV//y8wUh0jI6XEJxF8dNaMsQ+SBlsNyJTABOzhBy6n6R6ZUGxy92hzzLj12FKcFrUwurYJWM+MaTBldWlsddxKv+uwlwEkE0iZLNTRrVXRQlZ9Pp0EWj"
-         + "wpAZoh4pZ5Ok2K2DRtbFnPrJFd7J8wCsvT3WUt43arkFFR5KK0yXk7ZjRmzMKXI6TnLVcLrU0MZXtyWcygkidV3X9LE6DyFB3iNvemR1id8qlFUEInBpkfa2"
-         + "efbmvK8NVWzrgE4D9zWm4vNt8BCWIqWv6wubv/Fe+pU524pVuaVqtVg+HY9zzBK1u4CysIiDzkYxZ5+RDTG7c16fyKvdHjLCjflYHlO9MFNontc2q3XEKjtR"
-         + "5DwChT5pC1NfD9cu1x4wOGR+sPcaJGK1vhAva+1ThonsU80tjp4I9sUdMgEc2qjyKXBjlg8zo/Hvj8FuyOc/rS99VBcvVu944qNek+t56T5BlHn1v/0VZQCk"
-         + "/q/FId9iVYO7Hvt0hZRFZ1GJYCt2/SGuOqoSOa1BRcF+FKa26AFSeQbsvhnVAh3LxzoInCDMOx9A7qoJTr/XcDWkRbbYsLsx0OpWbQYyeGrUf5CanHjoaN/l"
-         + "D0qeYyxyIknfNBri/rCAVZcJJKv9bb2EZ2LlnjqFOHzphluf/983r9uC/zpIktM/2ye/bKQKqMdHzP6CctvlVtE1IC1W0+tezCw/NJoZbAlFtTx4YILcG88Y"
-         + "S4Gb0HAK0lRwyTHPlhApoX3vD0u6fTb77W/ofkpA5MQzfYIWwj6q17LlJZ/FQ/Xmc7FUZerDRYSqQAq2a/XWD8suSmEk6dKShblklD3d99n8QRyLQhPlzS9h"
-         + "l/3wi4yJDJ6TZBesfUtSpCETHG6bioagSMuykefR5CdpRzX9SoiNYJmdlQAFqxZlBysOLmMTrOxQOHkJ5qGXgwrDjxTc09plvDe4cfU+w4IlaClgWOti6TXe"
-         + "bJaLd1ENwTvaK5WPHjdvsMcqaVpDM2HmA74AKPkNy57UfGYMnuzG9cr3nGGBbaivqPnvg1xsA2cD3pwsnqWFxqsTlVyxjymbpogKILvh8Qa0mFHx8e+HdYGN"
-         + "c82xe9AymVt0KqWnaN8SDjfM9D3ikb2VjpAi7iRo8f2yZuIuna8awM2Gh4BrkQzudUh08MEMqS/yua0vFBad36vax0YfhKHC0qI9zraluYeYrMsWerEclhqh"
-         + "gIoYHhKi/y37rBOs6zUDEYBlxw8sSbgWDUXK5WZoE55uQz9peyk/fwwOaM0kqL/4Tmq8HzFi+OmNbms4/Nml1kHCdxePbWA9OlRp/GaL1l5PIWdUYXzG02k3"
-         + "TNKNCFfeVrMOYmRe5Btli4him07IezZrGSsl1uO8ge69X0/0Idfli827CUQDmn2MNwPmGrExrymFjjuh8BHc3rcvfiFIxXE5HcyKbn/nHEvpOJ/ZR9kZoR6H"
-         + "5CcwlsyrwP/U4MbaXAF/FN2cVvtx6xhKhNP4NsP0Ff1JrXz7EKHIwSwbRAQGRovZe61PQ4qT18pE0J8RxBVrW+h04T/hhkzwilzPhkh7nNp832/bn/wsj4gn"
-         + "Ij18q88rCSxskrA0b7QaLSI+DYdOsg6Kpi0tjAcPGeWK55U1bTWIZwgzmq2C+5bpn4KdERcb0HbI97w4GIN4SB1SaCEK8RWLdjxzhzJMIwKJ5wM9HhNT5n5H"
-         + "VLln5nWkds5OBFZ4KM9xkX28fKgFssj9pgvuBf3v6yqOvY1dMBtfz05/k8QP4v9nnI4ZPV4WxeoOsQ9YCQNq6hHrxpdYfQ5VzEVrnoiVTKZpuDHLfVxjblwO"
-         + "iQ3TLEyV4WsbJd7M/Z9ANeWZTVlkUc0aWG5a4M6ZJHDCPMuQQshelV27ZJYYVJ7GkvfkHwADm5V0WTRSDMDH428pZKyCZtkoZ9J+TA4sWzhyezJlvj7GxT3X"
-         + "Wcjc6g9JCCviMYeccOmkrWEHf8opARG63rOpKehNMIh6byANFhwNLhEmlJpv7e2pxoJFvs5w0WcVQRnWJVkpLmPZJ8YV3sPpATVXSnm2/G6j+fBVXCaprjEV"
-         + "sZSoeQnXQ6443FAJew3ANhEp9O/PeDPObz1zQ2Nqsrueq8OxZbKZ/OLbp2zPbQRWqIMAAH4drv9NIg8SblJ5PjFROlZvGbYs7v9Ifin5uHy/3jyw2KAk3I4b"
-         + "iI+GZyzSkHpiuS9JLWN30peSsRpIecov4110MNTk6YiUEmRhg4rMKoHcXTXo9r1pIXxFSZiiezTG1hh/NY76REmLw7I3RBzIHRveDxF3Dya5aWUJlb8s5IjV"
-         + "rQblJa/lRTM5eme5i3dYY6Eu5GH8seWVhsh0WGPyAnm8erwTr2NeG8JaxGytmmWThoAULjZuyAfj4FLegbzqH2+xZRvQqXnSNCaRsKkdIZ0xvqhtOsvh5M6B"
-         + "UHj0+SG+3YwlzGzBRRcs7nAEKglsrKpddNBvJ6CmsZw7IyuejO2Sd61EZo6kogIz1jO/GlKvIxMm8SxngtnNXK7eSrlx48HZVNFml1dBduZ0AnUKpDKvo902"
-         + "agO2hCwZg2AntC0U25jz2dS7ladf8xyF/Ft6+YuhNKEJPBZbgAJWa1wKO+iTMIHfp7QZ6KJ7Ynzvy8O/1kigl+MPrdA/OH+ZpMsbbMnsxQuu1zku8eFdUsaN"
-         + "wVB6Dv58l8aO7roSM/Om9CjUJ9q4oaOiFVPf6Kk6s2lwu/H6RN4cNH6RFlpA3cb7rrLUCZXry5stm7h5xOlzCbyO4NgUsCecUBlgk8iJs3Kxjn2wKno5YYvn"
-         + "D7jCy5eCLHxZzqY7Y3yfW4XznQ/9DYcsWfx1GphqZetSrNW/2VI0hhOyNgKQSwPautq5XU02glYccg0W+4C+4mnTRd3HllJJAPzO2ZvA+JU6WsYD8Yz5WrFz"
-         + "zDaKl0u6ULio6LHpwSlx1rHWuemSK0fxUWuCegq+vOUBPAdeDX1+qMWhzD++NPz6EnUQ1xSiPHQ+1M1B0O2dp2BR4B5WTv4uAK6f6v0xL7zWKC6bYtNGwsyO"
-         + "rFq2OvmJ2suOBAh3RUaZUUfytx7xRoUOWRlCfZWqnOT1xYKyJ3UDKPYigF0IBXkvmmCGYoNyQmQQjxdbhe8lmziNueIkIsQ/ToMKXZcvxPEdN5h7pafLp42Q"
-         + "daWntLbZ1We/+DgyY4UfHrTBUnR1BSbdkgc84Lu3TGioEd75vVSnzZtUyU52UBc2rlfwlY3Wkpfa50UFPbHV6dBp3asahe84y+14GeR1LlGuKAoCqDnfL7MH"
-         + "yxkDA/JcGHjyRj5gqT1p77KI9lu8JbnWphYXMe6vHN8I3cg1msuXM+eI9crrv1FHe33j9aLEMkkGLoSMOtMVwPyB60g7OWlcPrFfhv2ZVs5pmLO7kVcOdCtq"
-         + "T9UY1SO17M4BEaT+ji4WwuLVWbSUKDnVEyG5RjHYcSZtMsVKWm3fqWpHv5KrLLUr+fapqr6cucLhBogKEOu2Pa+gmIN8OHIBwWlJELlLx3M9GqradoCzvaNz"
-         + "oABGYTGsJ2ios1j8u6WfuUSGNYV/CTZ4ZWF5vJtPF4oaeaLeSUa2kaHF4HuFf9c4qhjzHi5geg507fOSEy+oOqmQ2aH2YBZk1iYvBEOTSOQGBvNrkVlW2T3q"
-         + "+cfoosiChzbLL5psTouuQCJE9oV5hYPN80yyWuxakNZI+A2U+IM9TPG/nzfsuuyErKvzNGvgFOWIlPmzsE+AF36gzuiU9dUYvZzpr7LvdAcnRuTwydf4i0ZW"
-         + "Bfc6afb5V9WoFYd4mcRSC3cBgUIumIxblMzGwptgZgOuHTBXPxVVXRijfc8sGC7/Pi6DUaiUvzOkcnrBoe+niV92j4DEVXCb+3T4mbnkHRsUcpdOVRCSMRZt"
-         + "/KOJFqZxm3pqz2mLBH+VastpHlu3DiIhD/XYB2T29pa/m7K+Vefv8PCO9uLOanfciwFXMTafrLyL6FJX8fpVcMOOGAHsystjbpbDiOF1w2zh7W8Bfzw5joAQ"
-         + "eVkzZmE3DtGROAzJpAtTYfx1mTF+08n/pg9fvt8g2WvUeWtrI1gj86IwGcMuaKhL2d/QW5wNrniPteasmY1YCn1srPasxnqmvCucf0b3Pxv9SHUS7l4jIhhs"
-         + "W/4/9OPQ8YRJCTJ/uGnMGstEfC1TLW6//Wktx+012x7ycGyxL56sUBMcjgKS9pz3bY/2TAxFGjfyhUu2f0VneHpm1BKPEj1w2J9Suo5UHLwquHWEiy60DLeV"
-         + "2DyaVqtmjH/5ftx7h8Odo85DKYEOqVcLhFhxUTtAEEXu7lxFEgTgipZWyYKzESww2VYZykyEGyvQAirhJ7SM39U0t+BxtCeLPr6bsriEe60omEzfI0Hlqxjc"
-         + "rHCmMLnYcdkfz3eIFdw70DrDqAQWQgx+Ll29SOdj2jBWcAuBYygmHLbn3yYFYMJA5GNgNFqQRUXVahaADQBckMSqK1KmAh+KSsJKjyEQY+zgyrZewVEBmVgb"
-         + "bPdVRQLj+nABdba9bLCwZvEWwf8DDLq87JC21VNy6YRke6rt16hSEIXqDdBUsQQETD9ycC3Jfql3Xd+D4GH6T7JR9ZTgSq4sqO8PaZ4hl0W2cXSmAnqqzYbi"
-         + "UIAx0iAfxcPPCxD+v9Qc60LdSOxzxTbIxIwKM8uqRklkrrEHk1nCe4APcojcGTBj0ZE2jZKmoJRfPOuhjS/14I9iKn83DYlikS6uI4PVLa6b0NjMBYFE+zxs"
-         + "AJS4XC0SWPXXq6lLqOwwhVVZeBT+0hiGZDGDZaGn9/RNiqjcv5ukI05VIqebIAjQvnMV2IS9pg0PW5IlbWb3es99V0UgPFL6Z1+NvLVN045v40LhTG0YP+/P"
-         + "3TnJCtFNpYfVO5GxzcoMrwzHLbPLC+o/TcUxwm9UTU4xD1cCkjssrLmWJlAJmShji1sQ4cb0QsF+DTvy9JJ7cLG5waQmBYEvWblpaSYmO9ykRfEkhbgociG/"
-         + "GRlbVABPFl+wp77CV6SfqVsSILO6CNySld1q+MBZHG304gVupSqz2tfciTEVM6VB1WaLA0XuCDMBL1lG9A8IIg1bClQJi9YZlry8nSDBM/lhPxBI2jXppqYV"
-         + "+qvbuUGbOhdo5gaMPZm9my2XYiqrRRnNV2NSJPflTenNFR6MsMca0OYhKxzt+WgbZ50CiPyeS2nQRfZ0vFN1soZkKiatpJctAiyC0KtNZn6/n+pcjUAKCDDX"
-         + "2c9JNGMNRMK7AudNA0yPmjr4UDGcZ6w6+vsAO/65FBD+hCKE0WqtWdlVH+Nlb35B4O/WWffPXpLIr5WEk4UAIB+yyLXSyPobwT1PxvyTjRlT3oROU64F9rV/"
-         + "DdxtVZ7YxS30kp3afRxg9UD0FmfL+5tpQholttKafsAGCrXzaSLwJy1/KIkapG5qX7o2s3KJooouUhp2ExrgVr3xnhnriz8a3YkvkpkHlfhWNu2TUSgvrbiw"
-         + "lbD4QraYp46vvoQIRcWRbB1KSd6UwwzYi1mOVBC191NZlzPML9/m7HeuqbXiIxeqBDxHz3NKdPW4Ko5VPa87OmH8GcVTMmq2elzz8UP5yH3NxYhBL1RnfrRi"
-         + "i1okrz8JR6SZrsPfPvhJBVrM41kOFl2D1685lXFai4I6KvaLHclcNFHbZOj+yS2uURCYDiDZFIV+Iz1PRHqgiuh5M48hogk+4tWkL9wHQaP7EB6cSkPo19Ef"
-         + "DIFAdscRvxoOkKvbogSnUCnK1rhvZcYtK2U4z9+0S/FJqnEmCIJVcksG67/6Vd44h84PsOVnOUAI3px6nkcLodUSGy54ZjA+KRX3QJM2zl+NmVmMTdUF0kuI"
-         + "dCQvebG4dkkg+I8SNvEU2RC6u3W4AOvzSPs/U0sPuxwe5b1UtLApfCaoFlIF+VMTIkj41Eld03Yjek/Kvo1Wkugc1Lq709s2P7qg5k0OcXkj3UYv8xe2LnpP"
-         + "5otUrryrpQcR4W8ZZ9bBiKPg71/KKUknA0K5Fgl8h50rhvrYrfgg4lcWj2vNGYj9CmlO21xFMLpurcZ/qqgVFcAJWCRVf591XuNlK7+o1tyI+D/Yrx+Lf5QX"
-         + "wwxIpH/v2ArUH7MNQmeFPArJiAqxw56GlJdTHc2ZQi+o6yf0mLCGu1qG+04X0fq0XJCTmHAGv9J+FbtbulNHObQXF714Jufm2OwN7k5+7iuv1LbM3FVyyE7F"
-         + "ZGiumw9jlf+K6pVHu/nAcuTCAP/K5NFrPArlGzVR74Hd3FhbvCxA4g1HjLdpls4qzSDcKPltscpttl94s54oF/k5Ei6PyikrmugM0mKwAm2cOQORcTX5PzVd"
-         + "ZFZKrDdXr5W00m03NfZ5ksOJjcYhnwuuKjko3ntBSBkpypIkZWw1NI+ASHQVi44nX2b967IYbX0D91/EPHq6kfOSTxBZKJb2XclczpjgdlbkrKXyAIIu34xF"
-         + "szUQ0CABBYLsWALkuAj77cZ9soyukcuF329eFnT+axn+jazYFg8vsw+BPcgH8JdW5kVazcyG+/kgTXA+ioWsmdpPGRvv4MzjtfxnIxSdXvVDlEDVMt0xuFlA"
-         + "oayUyyYkl7TH9yK/BeScj71WLQaPWLp0RI1YXVeuxHcecbXD59IdPou1dCCQFRuS2wJe9AdsywVPUba7eKeE9sK2cNs4e6CHS95aQf5F8Kt01xbClQpZoYlR"
-         + "OeTZLwfd8u214Vq7OIfdv5+/XnkXnO6XFOa7xMCMklKYEw+BybvD57MHj4QAqw6OMVeqRelPbuSgs8r1rQdqa2BbbOEqdtnvruh5N1VazZX4xwEt33Q55wa3"
-         + "R2Clfl34cWmiRHV8qqLdhmkMmTRRywGBy1GNSYIYFoVRohGjQXtKLe+EfVLcEn8V1rLTijcxaDccsjjLDpvOHxgkWdPZlweSU29P/F9zUVzVOb7vTfq6OMB2"
-         + "iveWiwhSq+/7Py6FTpchM+S6Sl5af2f1loNYzRr8O0CC+Cvi2fC5oUiNq3caGNdUt4fGiuAuQNbdV+65EfdYIldzCNIwaH4Ii+ooljsWhEFvPLT1Zex964J4"
-         + "/Bf5FAm3bYoSj/43WtmIipmExcPOA1Ql/PBWRyglXJ7eHIgO0MwVg4oGU8DEsk2NxCL3iW0meXXbs+8xqRyIkO9HawLUpbINJm45f2DRfDk7iuVMtQUv+aby"
-         + "KZQm/oxsu1xYdbxkPrQ0QMxVcRQ1nFd+rXuCZvTlHhwEEtgvL02By6oDp21zyEc7w5veDNHK8YHt5Vn7hKG2dwU6ytZ9ZgExAFKBGcP8x8bXiR5/oimq+7xt"
-         + "meq1HCinngHc7ZeiCmVHURIDHr0cwrSfkhQRGuOtFw9pFkSgd4UyyaShSqN81ZSLKx3UJZpXPAseaWMlcJa3x0A/QJzMZPGM0B38s35fLvW/aB1fUmKLsmIk"
-         + "91cX3Z5sp96LzGOwbwIBzCHNhgukmyvoql8Dn9BIGTjlxICmFaOL8EoahhceJMAENauO7spT7Qx5gGZgzRQZKvdzAPq+dqhngL8ZEwWJPo8/MYqBvM39zHpb"
-         + "SLuN29+VBLNARNM4md9J9JQkPGQYy3OO9X7DrUhgIRHwEuqTM8SunsHMAiOji75L99btSteHHY+J/Xoi5PZ1MhNvgxCzaoU+cY04TQHhyYBjZl5sihNJaMQN"
-         + "7eIZ4dXEQ+P710KOyVOw0k3simOF7e5ivA7p/3MeYt9eyewkdfNZh7d3ypyhcWTBTaxkh+g0EboEEF+lbp/kyGg5qapvXu1MDPC4JEhgpiU+02AD55yVAVtd"
-         + "c4k7D8jgBmEdYAZMVKI3XJ69LuM1IXE6OwuEkiOiN8d6GQ8UuElpK1tblB2pvIZh7fhKgh44L+7FySPzRD56SmbmKLU6DN/dAS2mFwbdOqmAnzOPi8+tzYq8"
-         + "w2kzpuOHiJwSW0madQDsf5V0FyEwCd0yxdrN+rxuJcij/dCOsHaluuq6KP1I+uf7F247X5FN+l1Lw+PPzfuWtgcaaRbmxxHAeYbWIfbEe5UHhLnQspe8J3HE"
-         + "CKe8Khc+Q2CnRRUF1+MkMvt/moWj5hwyx31TSR0lQCTbRpI1/5IVtSrqWaFny5xqX5YWNZcMfQll7pRmqJhjJ3N2kTs5LlpOkXjN/GsFtlWDB4OTmRr8+PqA"
-         + "cRonw5FaxaUo7fL534wyVlZ7axdn0arejYk3M6n2qGZOR20IQ+6S7DR4saAtv2auEjDBaUrjJqiBv9ZeWbmL8PlDTN8IMI+hkXLCYzs7v2smfFzGR+97JocT"
-         + "rRQ1BCgy4vZYZ/AIwPcbkATmcuFKIEREK+L2Wfm5Sr6hBQtzDnd9Cgo/sl9Y7mOPeRakwmiiv+WsCZKNMbj3MWuaQDLQ1CVlCsIFo6tV3oG1c+icPBz9+Xb3"
-         + "m98BOROatLWLKuFcNdVD2+XGy3n2BBF7HaKMZjqGYS+vt2EXxL75LIbEvMhFtaILgXGeXuYPhxMKLemWM9hUvCLjGSopb/RAYBcv8f3A/YCjIJIRYXzdUZs6"
-         + "waPjT666Mlmjsj/fZkH019qaLEUV/bXkHpGjppknjx+yJDN5AknVe2CJ7ZI3nD8iSgmrug2TsKKqYJCmVGaeB5g2abDCOi4Unlz4p3pm6y+O5rcIMgIZmDwF"
-         + "uQexqQy2Ub4GrxjUcn7G52EjOTsAgYtu7jxQARVcUrB1pnORiOonaEsYzoz5D1hZv/E6LQlsGSod92/mz0fLnwJ5YiLjEbrHJ381sc8U2XJgeDS1o7svXN6N"
-         + "lJ1FQ8hNdL4kn0ULL/dxkeo9704W7dCDVW7/asvQF5DVmrwaaHiwfzY6TQSZtPw4Q9/qPb/a+cvzxcfR/Yf1I9M42F3frPr5VTpcA6hYNyMTnpok4sISm4ed"
-         + "D9xBtX6oX7z8tryg9UmF76CanSmi1Z8SWTTOKIRmgpa2vFc+L8y3JW+z51/3oDQ90C3ZRfxS+ttaZZ73qPFx2OK85JVhyiWDy7QFjlyzqyH8W4EHDJvjNHEX"
-         + "bgT/qUxYgIgPWOgbTXT3+KNZJvfuZjQBMh3kymJUy8DWb3VOWkYXinxqWV/0LsokXWcgiz4NiQomK8gKeGoXHtbeUI1KJu3anPaYf/THYmd7jwu0UTTI/34p"
-         + "JbQZ1/Xg+l9Ah475YJU5/8voaUki3kTCRvUI1ZwFE7Ao5ov8BVEnVWJq+f9zoLYxjS7cifOfEg498acs7Ll9htb8PCfF/Y9lQodAxeImUdSeuom6pYORie6m"
-         + "/qVFDMhq5vGgGXfeUsRun4htJwUteFgHe0YF7mpQrRoQXjGIadG0NXl1cJJv9hthBcFmY1KcPNdgQXCt13z5vCkj+kXa3+Ta9nL0VjBpa3ysuh3c9T0apdOx"
-         + "1AQ8dQ5gSgDy+9l8hyZGVdWCEJ6L6bRwsw7YMS+ChvhXjp9sE4lSg7BhRtRvW1kPFRJDFwDJiXYgqTPKqGELFSwEfO6+e/K23iH27KBZtoidKsdlTTJcrNsf"
-         + "So/dsYr1zaepVkXsYb/VnL81VMefPQKyW9nz41lNN4/M7GK9zAumwN934An4jQDe90mBuwPaXjmaYofPJCG0SkXw6zlKQqinH97dGWrTnr2fbVKOmE8HRUU2"
-         + "pybHXVPy2NcEi35YiLE9KVQZkz56+m5jgD8BAa+jvD+g1TG74HepoRDBlQh1PzM2K8BMxziSGDNfRIVxSlOkWLeK9UhNYR3+x61JjGqaRqmeF9lKZPAbHAIK"
-         + "ZLQKUvyQvKhTxBcVobKbI4wHfickIZc1VcF4bYx5hvjTxe1SSpsS2CCnQs81RjeV/NAnDJpBOjV9PSLiqtJU845wqi79yMEAI+7iiOgCyBZcz9kOHpwRSGoZ"
-         + "NhzuyQN1C/h5P/Sbu7MieS/0/RkZDfXFb6+5rE/nOG40D6ePqQqSWbrcmRgnziNW51NIWgvJJRGuI6dBdo/tMnZZzvZ5NOEfFRVJ3fnpDGAVpXPOZImDRfvM"
-         + "Ow+hpZfRXqTEmjp3OD/K5qJTubygvUbYlH3gLVwe5X7S6QQBdBM2smcLTDgzbitsPu+bXbZnJPL0BEcmQCAda3+aOOPVJ/9Y+C4b4ZR6HqKGbj5oEhiK7h9S"
-         + "1QXmouL1jwue+yCp9HWhs5Onwlch3hPZ11gUXoquIjQiIKDQBidrDelimXmWm+YB34Xf1yDMKrQW5omwLAh6gq72is5ZP+q9O3ST9PE/dzlltRoasioycA6D"
-         + "Ro6ZrTKUadVPIiZOj8ID0FrgBQ6KJnbSNYl65TYA7DYubudYwPB2J7uuNASqJChdc/cDOzvXdJQGmKuUdbk04OMBiXnqUTYgDR0eYu4ZW6GTG6YCApi9Obtd"
-         + "63igSoEYENMZzStiYX50E0sgRFJJvLqJryfEoYqfaXXH3OFr0/EFiBi4BO3hghTWGQ3tsih0msz9Uy+bGkoKp86BP2zKJeneZt98E+1Pps7jzy9M/Xz5A1xz"
-         + "3BXsiDHutOycRKojsOGVQ2C8JjJzn+yrxkLIZqufsVA7gW33vmvThNiBswKrhvCPk5G6B5azicgTkia5Gz8yftbYRwjxao/dvF0q058SXS4UVUmnWREKcxN9"
-         + "vMIu9IgKk7Bnlt3lUByzVgR7gmQhjH3KPr87jsGFXAsmE3xLU9D5hRl98fKvdMOYJStE/LZZwSvyg86qeo6YU0vBALObG0Jsuhx1NFfAS1peM92/OzOwnoZ0"
-         + "Bzy1+Tms+s61+drHDwCiQG7S6KxatGfkJVgDZzv77HB0pZMxXkJHfXngE5Dl8jdBJEVDKCpb8usyLJ+G3bnKfzNkw5eR/vVUnts/tCwo7SP4qlx0rYe/A9Ch"
-         + "MLP6TZphmz5pzfaMDwiiQM+5kAxh6QEMIlOAe+2FTPvo9ki9UrsTcYDl715ty1XNOnYlNbFhTbtWmj6rRGEl/HeAguoo4zAUrk6A6+4+9LpS8QgON14tP12C"
-         + "AB1hXtJOACy/DLsk68eM0RmufI3cB/S0tP2Fl+PO72bqzYO3e+gx4uwO18L5RpgAJ2NJhowoqxBoYQgCnZhpdDaTDWLHavP8mewLpK+EiPv6GjWBzkIa6Q+e"
-         + "6w9hKLDI5B2Uo3nVaAPf51NXlqiLlsogoUNu+p2Cq9y4p1kppub+Md3yr10G7+OirkB1a3prAenZu5/Ege7dump4U9EO47RvwOVbeMwb8eXgKMsUb0fzyY17"
-         + "9PbT/SNwF0HhI2lJfzjkMd9j7naqRdYv56FfhxtXuQrVFbBm1/9IIYzHljKdAQ2ZjcBVBmYCIUCa9pwnlvXkig2t+SmWThIek4P1IJHhVSESUlJAdbG19GlA"
-         + "lv5LY5pq6Yb3gjrhi/CYa5d6cxX3XfFZY5HPKZ+2g8VOYjpe3K8JsmZZ0RmqWALHI9JwFJuFZV05sdviIFvfVrS/cqRihpZMVoIWXjuUXAm/wlN/mGb+8pc4"
-         + "VLGaOpnM8VjoFeAPaLnySLEMvrBdpzv1j4gYbnGm7TDtnguWHu/RtWIrOWsg/eeyVzyxqeVWRZRxDK7l7Fnv1kRlVZ+AgebzOKEWRfJ934OnGCA9TqI/jgG4"
-         + "02T9l0yfFaSozyASHRW7ZOyYpe6eXp+egopl/bTGR+Ipcnsjt+6f2MBXTNo/yUczHLZB+Jsa9/lSjpcOq4/293xqe1wnC0Qqa6Blar2BoRhHvynUEDLskVku"
-         + "UfVfvckIG0qzoFeA/wAplBxMNQUFGHy55N2puMRPj2u1IXZMkUElkL4M5yqhs+TJVpGN9/LuIxzsGo1Kw8rCUYDJtPudRKaBLYj33XIXaMBrhpQuEU8GKy3c"
-         + "0DMdXsQCZwaZP0BnDYySKemHnE0S6rul4b8dZQqI0A2yecIZ9ojz6coSFFIhsZFJPCQFENWIR7fCWTgazlgoNuAK2R/hyDj2Ias/YEK/B7TMs+8ZpqcfBuxp"
-         + "vyCqyqXrc2HgxMPX6ZjZ2rL9Ayg3I9DFmE2LZrkbwHx2/LOQBadHI6FTnUVytontFVzpMknOkrhZBZpy4ZB9ReMLkKnpv+Y8+bXf+0gInuhYFWNhEF987n07"
-         + "PgE0gEAwaDPoIAeravJXNOza+p99syqtduzVCqPpaT8ZY+WP223ulxoUm+7vI4db7bxUS5XUXbfYSHrBMPwo36CKnqQ10BMqCLGc4EmUvFWXM+WqtqDUAzJo"
-         + "exRSlRmihNJo9mJUo6Azqc8Zw2Jc7Hxt3McW8nFa3HK5WyY4zJ+jBDg2ybmSBQfYEyedT7laHQCpVIhXS8ecQqHparSCf1uuJGH6SBh1ZFTtW2v1sYlOcE6A"
-         + "+JgkJUw+LXShtCXkn07Gp+pZEy1UyWwkg80jIVk+Jw51X6Ft9e7qyjQYE5PqlXOmiG0az24E31EEx2ZUTXo4NGiZAoS+yuKxNpL1KaQokdfdh9NU+/UWA+N6"
-         + "QfUzRALTn/vinCv9S5kI4l2IwUE9SluRXUQ91/59FyYiom7zxoG7+uGfYVyoJJhohWPCxNpoP+qtIBti3NJj9cnnXg0wrkm/+70zxOqnjI7fBova6D1suJwZ"
-         + "6PFfhd83LGNKrh7A53+sIhZ+Y6oSsq1b+q1Mm1SUHFNm6oxcjA/om66vEGcq/ybtUze3P90hkn18HKY47lwPDsqvjEXV/7hEoDkEKxaWsJ/JuRgQPi4q2Y/R"
-         + "7ecjdiLSI5i3qSv3KFlKAGRirNbI95ZghB5RGVWT3/ip6blyeMbTsoXVhgCwl6ekXA5Su39SVk+QwwcL7IyP+zakgSumZn2VOsHQp/MZJVLbvmPqirO/au3e"
-         + "x0zb/Z0lcNp48reTnSI9C6p/7JlFclrOYffMspdI3zTlleT9zdNxPQCamL2i2+69j/A6v6VxseKBffN9etzOmUhcaSiv5/ozmOsAgRkHRr3fyAmLplVWdzzE"
-         + "KCbhwq8TNcqBwkyDuNBakERhKzCVctgG5E9s7mx1Rbl1oFOyinQtYvCpV1imWyQ9k/JleAGgtyWszTiWFR3fBt3swNv4eIGV7YvZs9/VCcpMYeLsQoAeFc81"
-         + "eEjAsr12kbqmG8HiOi0kWDlXb2LATsqFrpbbGI9I3b9xA//OC4QW6tYs2BGAiylLSifKeml0vtTtqF9c+iLT6SqzNIJtKBoFR/6f3g3W0h7YJ24P0Ufm9ppu"
-         + "sXbZER2EuPmqrb3CRKKpS50e5Abf7DIu/jFxv36/luQjo1jYxoDcaFbNlASERJ8ZTKk2n3NqetJ+Apii7gQpqiieDsHIZaOilNBvt0rxZuA52jnjzvLd8fsl"
-         + "SyTEBi8Crl9cOyyf6F8jZfxtKiAV3H8bZr+smAUSLwjlaJ1Pan1hpUPWrT0V+tMQlWMFhhRAeavDIjuXLNseLsbVA3VhpqzpiuPP+F43fYF2vWslC7TsTmko"
-         + "vrKnTQ0yZZqQHjXR+/o9Pxp3B0QGSGcvlXYj47vDnodCbzpgevOE3OD3AZF2pg0ZXfXPKVAI/GrG/0r96YkyPBPJi9e1/eG81EFb5eHIqwVPhTrNSflsqV4x"
-         + "Q+9PfA5hCxtN6vqsIbEosB5lBtjj9R7N8jRmj7f6KZRd4rC//E+/9GSS4wTHHfCG5uEpss+iFHI8++MS7Me0iFkgTtRfXktITgYyUUMt+UfGAthgVNpj9aWB"
-         + "1WvHHM1meFYNDaIFRnWaGY1XuQ7fVCTesOjALnnQkRvZMWiH3mRtqUlLCN8jEunQfwW9ZqWAtQVDEWqgxOo4mnf/kS1eRVshPu2gRl+OYO8Wtf87eC2wEgz0"
-         + "SgA6oz9/8OWsAhzKnz4E3xoTQETR47nqLPqnvyX1dfvdlOg6XK3pmSPNtaWqWYcKHrt0J/WtKgGJQirimoTizeAUCO99ZA0dcUF+pdU9u1U+BKcdCSaPcJdX"
-         + "qH/fummZoHY0rwx9HrEXtNjD+RvQ6uX3qsrEr6LVOlofi2DAE6vtINsyBMSsM0rqyZtYfo4iWIJ5jrwV9F/kFcCwKi2mb3YwLp70Q1XkwqwEB4wo2ecX8sAS"
-         + "FjlD1mTCSdi5aTnBu+dNll7/HwlCPCi+MzrYF15eAXabaQcBJ4RIfRoEAMmJBOu2GTl38U0SIe/PXMJcCmKOvxN0NrG72ERGqcSGD1x65kgC5z8obURh9Ahu"
-         + "lWzbiQqIp839RlXGHHGu+1hVCrUfLYLyvJ9uhJq2CyYHa3eZxWzDm15aPA1/uk2ig3GlZ92zNY32e0ILdy4bZcqoaL6qLzqSRzTA/nhH5EpWchBJrVX4+KjR"
-         + "Nkx4IfhB0PZv67lFwIysYoOAdf7wGIjlNyiQoIdBhecLsYxfin0MNgrjP3fy7ity7CvOKxwl5uZkM1TZEBG7uzfMdJj8iEBeRpXtTaNR6tSjzJLO3O6naDTF"
-         + "EnClof255Lb8nMF2rdqQ2obxb1iAjNkUBenDmYe6+lFmNoFbY4p3okyWSCgeJIGGB7cYwyoZtXcFOxL/dDeHcvDODDhdt5vmjRzhQLJ4DCSbi7l830gPr7rt"
-         + "vPiSeeu160MAc4hGdsWI9mtYTi8P7hAI1a5JftKID3laW+knEcgDKoCzHEe1geTvJ5inHGsovd9+keFkc52cFqObwk8UOSmDVHjccqy4iBUBAm35ldnMn7zI"
-         + "nhFxKAwBwTBaVtJaTshIxb6UOXCIsSOLDzyGOJLroiwYCU60obWUxfnfwfATI86MvZYHv7cJPOmq1t88gGpck/2AtBTBVf7YIiHWcx4BMMn21HkjyzwBKTmb"
-         + "3nOLYEnfUYq/kneu4di3A4QEzMQ4kBdzSSMHLxYo2u01ffljOtS851wLhxbiqB2Th06iHRcCr2ZH++JyEkvoCM6YZ/vhZStysKnRtZDIOutUa+CS2Zpl+2gk"
-         + "Ie5vuBXbDsN07lAnAf56Bm+KFWlkmqHAaz7wwkhEhNmTNkC1VceinbOVWT5rwonhL0a9ywoH+Ci2jfkr41UOPNdr/stitW7XFXIzzouBCuhHeysNVTQw8iVP"
-         + "vfOG0qpEHtumIRJQpw9v+XwCnH6KijmSkqkWj3xzcQKphPb8/wSnlrOPHBs5RzzegghOC8treWkzWg7uKjapf+hDx1y+SrUE3t7SiRw2DDnIdBJgkrc05c/N"
-         + "HeHFC7ysai9gcu6yGJz27B0FKoBLRFQqFRTVnFWzd3U7V8Mx712CBZQ6iWCo9CKuHm2WzW8wKHQgBhxU5ghXkS+d5KcJl3ORAs9EBKzZvgfm4YcFFAT9rDKa"
-         + "TbkIGL5d+oOd94YYMs1vDk0LGj5GzHGjsvR8gYbX/V1AHKKs0UChsGr98xkpmmgoP1y/xK0NykBvFCXmbHw1H4yCXCSyhzAxmwETl15zH4M3U5wb5b4I7WrQ"
-         + "ehXg3haWU4yHTvMPh4LmlVWT4t5JkE1kAX5bEfmeOovIhiH6ONvF//oNH2vP1700vWTycmkRUJoF8B+UW3rksnDVsC5Sj9De9SKt1gAvHm2qAoIpYgfRA4T9"
-         + "2EBCtq8RDQOe4/KeGOzxcI/FSCRnK1YoOHSC5FW4x3L3lIRoCDYrr1IF9eCyI2qz7UPW7L3FRcbu0TH/dfJHnUEpcFUaVNSQRu8ULbpzvvrWyuekA/GnIn1T"
-         + "RG7PkUK2kQzYgfAAykkbOPN1v4yUuvIfPlWrWBYjXs76UQF9LI1ttH3WqAqlu7qtLfmkLw/3uO9mCtcIwqPAY4HORKHtYdClBHEMSzdvwv4KycURoWwcie22"
-         + "dlcdrb/YpU7QL2ntgLzUrl2PUo8m6uak2LgXdkrLL1AOMNigiQ8i39KKLdQ/ZYvcbnuaowGX/iyYy4wlWLRgRVUkN9S0abzoRvcT7qkrJ0kGyIgUXsOa27gf"
-         + "+H+Htw6tSOFeL5oEkLU3l2zO/VJVUmkWAxDJWw9PDrjFd5eTmKqyC/mCG4XXZW+h84tFLIpUvwV1jBDE7FB+Rc2w6O/acnYmBtnGSq1XxyHcw+H+CWMlcHg0"
-         + "Un1TjWqF0lEeReWQllkxMxR1o+TIhNrFiTq2pmpoFUiYgMejkRtPaFdeSL9l0HeZpeEz8DOL/rVu8hqeSYRDq73NGhY8GqKRn5GEIQCZs3CeNfKEbr7rkn6v"
-         + "+SF63RE91zN2ZHhY0xPGoz5K8NDCz0lMcgxU/fsGxSmvvX0hnJD4bqQN9osq8rGL7aOuc/cpzDPZX1DkBtn0mK7/txAYAryCJcLU0BmfJxJSH0sPi6tVXOjC"
-         + "yFGRCnsjUKzNNssxzWplYVPhmc6KpGM3Xh8Mo+Ke8MgtUOGO2WjWcSlXXAraQHNYtjIbk2zbpBZVrCzhyPiyRdR40p1u+RK8ty9Ymu/IX7hxkOyoy+zY18WR"
-         + "wMW0j1NS3wSL/ox1ss9LGCsue0Vmo7K2S+ubo79Fe8b7tJUdmU+FFLrmkGfwPz1ROrgyVjp3lC7OxNqe2yVZDD5KOUb4T4TMVV016Ky6ssDLWXZc4VIAPwP2"
-         + "VLqskCy5wKQyJHqN6UDIMlCcqK/i4nM++6lZaC/CDnWmW/djwN14bmwoiyyl8neLeySwbVFJ6CaLvPgxygNDeL/Jr2jjZQfWgyo2rs4tX8Ia7vq4pBCtnkDs"
-         + "mvOgCGHPb6Bs+uWRdubfKVZfQl2uuYk5c41bwe1iYazlAd+mPIXbsja95ltLFO0MHivOTlppdf9Hw+UoWyrsgKxsIPNkCtvyexcl6lT49U8QHl0mN8C6J3Gj"
-         + "Hc8d1JC7olxbvromovJPf4dlCVRCaOIT7bqJnQjnbPyxBB4rO3dAiZLNQ1mhSthWfXIkDafthFuL+okceTxTxhyIgTAUQuTCHQHY5Kkdz1UiImmujNZJTqYS"
-         + "bw7756ZJ8bhfL2OrVumWqBKWeCa2D8EvYUFqfImxZSxpCpgG3E11tt3sKQ4ILWDS7iWLE37ckhfDjUvb0ZcMQcYXF0BCQz/IWTy9wtMXuHHTbsWAfwElgGAw"
-         + "UCqCMYNBY0XjncSwT6b+YE7BVRFVRrchLHOcLJdcV7B3nV5dg0Ah8BiL6fPwWVlvYePjdbaP+JIwmIh1HL1DszZylVZpQl9GI+3yWpsA0dLdoqHmhD01Lzmy"
-         + "b588XYUTPDFSV8BfVG7/hqdUIV8H58EcciTqjXReGSS/lFX4H+xBgNQH2yxU1uuoO5Lds4cHBp/QGCUDEa3Df/YilqSahxMpph8xA848avpfuj4lXeaAd9h+"
-         + "o/46be7/7sEuI8Su6P2N/hzLFTWuM39KFw0fe/pjqxfNoHbK4X7cdp8xz18rASCcNMyNwTnqnRiiiUbAoQWsN7DHBRMhma9pB/EH0KeddRZI8abrqjyh2nDa"
-         + "4C2MPUgCR7fH2Np1lLoYKsh2AV9tN73jncluBqlIbEjqctW0jaLogNykV7ZzaAw8e30zTmzAMgSPwbY40fklsWnyZRmA3J6KANz5EaPVi2RxYYZfv4t+pikX"
-         + "uyHWOUlqNp6EBRDLi9K4VC0r0WWM2v7HIGRZhu0UIsAymZQSS4f3ivpPYETFiBvrQEqu5YNtVrRaj4ZmMyLVsMjmG0vkCIJ/oiwPwRQjinElGhTEM5WoB0kl"
-         + "eb1+4mhzZ5333PNJshT9paEikmMH1PRe8LLBY091T4B+BcUxgM4m1rexM15jMX42moHq2SdR/pj90plObwAzk6VLGEs7Ojpe5wta9nWDP60rftDg9hfm+GKt"
-         + "xLRvXIYnN0HhyihK2lMa5JtnBR0QKPApI6ksM/+53/qvLlgO8Vsea4IsElFozgqcRrlMlRk+/Q5G+2YxpmQ2HSiuUCswxVxdeoQqkRmh8Mp1noElsGbIiwwc"
-         + "8ial/Z7zFDmQSAkZ/iR4rDo7/pu2a3k+MOM2vcSjpCmkLtwmeRTRqd6YbZXLOKrdAzzcGc+65xcsyjmrUOQ0wCyjy0A3zc4oNtxStMhZvA2oqSiBT+8fGWwj"
-         + "rCWzshaI6NWSnQpzCjYt6SbDw+kliD6Vx2F8JHHmQwPpenYNvkNmUAQWLsbhsbI9U3a4nF/rlZvUQ1qZx7J9cPKB62B2DVK0RpbpFyxFzdbLTjS3espK53go"
-         + "OChQJZxyL3U1zsdMPz3LLKHGc8tgVJKUM0/ZPyNvLMbVauGFDhG53U62/uXprI/7mYO2AIPLRjXd8RLqG891tGvmoHkDMDcAyixPO/n1Zt+e4iB9huO/tR5p"
-         + "wIgCgymEU0HLH6uJtpJYfUX+Kr5WQ9AhdPio21wPWHyNA3rcK5j11v+06pxd/+lLysuqLIljbAqiYBxIzxD5yrbHZz5K9NvxtcCKFJFJWnL7Zu2wcV/XcJUo"
-         + "46X5fT7cbEg0Uye10A6q1aFvn/4V488oPfzLp8244EY5/CBNxeGW0t9hEk3I8vfUbKTisRs4C3lnknmhZaQ/mPgqtRLcaKqgAKnbaED7oaJEhSyq/R9SH72u"
-         + "D3YTzmChCawj8wpNc+AHNai5qWdSEc0LR6Oi3DGH9OHBGSe4/aHle+l0RwwvyF+cEqQpnTJPoV+W5/poQxP0jtm1NQi3zc20w/Q8UYbjNEhNUZy3YKkQfxbg"
-         + "EVXcQ2r5ZGrFaJfHybaaEyPh0CYCB5MO638Q1kVKMjouWyP+jWLooZUjsiN6Wh/kRsAChmLmHPQng5bsxgUk1ar4nISpOgyI92gikjqE6Q4wlwF6FBjoUUOr"
-         + "K/+2GICj6bDfYjXelwdDSCvuVlDL9b29RiXN0FivvACDLxzCcVQ0HgQh5zjwtV2oRiiJz0Gdhkh+MbTWEIE4tcXmYwX42TDsVQfe4Ms4gRBCjFL2syq6zKwf"
-         + "UgdrALc2eVEd3ui6W9s/Ji4uKFvxMDq4YTajuXrrtGXIU9HPrUwb3GpS+tIZ0qmHdMbbeI/XDkqAjGn0HmiEWu3hT9fT35tEHqt0gugb9PhCdrF1ldi66Ixd"
-         + "ubPu1122XAB+u7rruHk4b5t1bOOmdJM7PEwKo+K3sFYAUD6hcgCIWqSDNU+SZaeXEAZ69ZPMLSCKHvipseqqqsTAqG7BbAViDZ6k83oyDAhuuCjTWo3erkDm"
-         + "GFrWmB816aKjTutzeLN6s4A7fwQLblhK0LpCSrrVBBIg9L31M1N2zNQnOKRkORkMwlLtpCYE0ZMgwScuvjUe38KA2pqE7I57wTHsVGHkGuWmkb6mfrxo88HA"
-         + "wlPXMW9CDyOa+C7r69oEIAnL5euoLCunTI0V4s1e9pz2Xi+VdLZc5ZJuTf1reX56Jhzg0Kwl8nvs0vlV9SEL9Tyuopy0ATj4C2OuQUKHJQGe84wDAV6dx4ho"
-         + "XEr9I/10ZdK+AQFqu+luqESNGCKkMislJiAKG+EsHsJ+vqagP5pLOnm4NK+NpJszVYL/fijREcMXOgd9EAJ6HrKtf/C/Vx3GUP95jxXVB3Wi9BJIOe56cU+F"
-         + "JtVVQ6R9w1kD/2vah6qHDdCl3kd2wHaFJ34PUBy21kJeU1k7R3O9j3BG09u53/Kx60WE3amH2SeJmUyYunBmvzVQTducnO2IST7IV/ArmTvgMFlIJPfgR+mo"
-         + "+jsuLpLOW6GcLYZQS+a6UktbkBdyeFSRCGq6qF3faxWsulI57+H7/RKsrQ4OP5rxRbMo+nCuaPMWXEHeS3/q8Njz9/Sud7iDeZ60Ks9tfVrs0Mym/AIYjKcS"
-         + "ZEl89A8Lf802AZ7j6Op18lS5OEP3BKEGleTIuJXOlnoNeQMD3F1j8YVFyH0R7vqATaE0mu5/V0WV9zQSFrm2CoxBFpGRcuGKb+OpAuWHXjSfHc5FFLzxrkUC"
-         + "KIiG4jSR2ErIdt4ft4TPkRfofjQA5WHvq+Z0qY/vcnH4FzALPlITkbdHGfShuMZhNSTuzwfP1GAgmXsFNpbJiGPNrrvPTJbm3AVLXxLLSHTjQu9cM7cLZ0zq"
-         + "SSUxpI3nMuzyeETh+i16q2iIcdHrL3wcfRUp+MrxcgjQsyxIfregiLsqnR/vTrlYUOQJQ23hO50QeqKSVCFTkWF0SPrIJoHA5vzeMo8fZaH2FOTJ0w7HqWAh"
-         + "+dXFVAktXrKaDt1cvbvnnaclEb7xqFy/JNa7eDVnGu8lhhp2vsz20TmH8l3kVq/t9RGbAiN+RwUESNUcOBSo8GpfBOddmj2AF4XVALB9sY+2u0p68ABJQPw2"
-         + "fEVfvbpJTzu/oj9QwAgWhMearjsFcCKoClxLe42SUIHFGZznkBfQ2yZ9qBxh9POvaR+0Vt7cUaVY1qsVv67mE6tApP4cxpAxFqBhCmalVQMuUPYw8HPXaL6R"
-         + "fNF6d4WGxGTPj519yeFAnTC8XqNW+4r7jzNZQi6FWhpxHCsHl9AwX/hvyb4pNB0l+AI5BbJjmwrNetVjhOAVp/ofB8URV/xcT7jwaRxm57/lFjfhnGJWfIh0"
-         + "AG/qaf29Hwgviq+CeSwCFwImVu04yoxXhhOtdhIaNPkJDH2r+/yv8TVwSFZqKpWsZXnNX6sSBYknZbCCsvZVwGkaqlJf160bDTVtINW6on8sXOaURIgLzfee"
-         + "4gZRnvru6F59Cm4l6SlsoXdpOo1f1hwfZSZlweKo5m2b8pyzhq6UVtGJSMIFpfonqxWjXCcoCIoT03ADSVSO+CVI7EOd5OKrcZRaI35J1VJ9em3XTzWeVGsa"
-         + "hEOhVjHLmxs+Ywx5lGkffXmV/pXF6jkE8IHGZiPewJp1wFaYcIY/9Il5detJ3S6wKI2JFwsnQ3WN5mXd2ArOmTw9gaK+8G/rcRtzQoGq/qoVkF3UzrqaPBUm"
-         + "h+IA/xMp5bc8QJQpsEsYBzS65ILFyH9vHME9x6vJMa5AnKVYtV81H2vdxFJYtzBUu8ytQ0NTwhDbvrjgoG0agbR+kv2oN8lOowgvPyuQGuxu5cZYJzKiEkmj"
-         + "7yWieJ3AaztPYVnQtPLyXXRn5XwF54sgAMjhih50Fh9Z3nVWi/JcdrFt1amgLuYR3wSRwJN3L5TK3cSSF/8sSVpgc1s8iZ0gcn51a+Yy6KYxUIL6uSMNoY4C"
-         + "Wo8vcNLZpJQ0iI2PqFwIHxTJN/dneaP2PC/M8SsOKZ/lKsHGvNh6Y9bYZm6bo6JjnHm7gHMaldelcRc/DoFbsyhtI1uXunxttxOR8F3UsANRoOvhkQW2hwWp"
-         + "JFb3PMJGIyAsPSm48aaHqsFpGIn8E/myaNYCQcp/zrbAWJNaEldf3MOB+d2rEgvgHJcyX2PAH7XaZEWnGreZaI6iOF5ARzRWdakt+uThPpls8jOfQEHQlPiY"
-         + "w6N6ZKmmlKQVbZwMo0TZcGbXWgy6jp4C5rQ/Eq1t1XwMrVCqfl57Sl31cP/mTFv9dMwUeZyHzcfCxOU44oo1JMhAT1MWC5Hj0xJs9I6smEihiamf5dcZsmNQ"
-         + "xKpIux6Jewov+BXCQf6kCFuqdMeh7JWBo6u1nNKSBnYhjMsTfu3dDvLtdPuO4/mf07srOZ4hL8HNhamE/pdlRM/+dQ13fbZYFTtddsDEmzJfnh9FFsHp1gXZ"
-         + "AlesUR4VJVAqqyBsWhUSPKa/y8T7N9a2uFATPwVuy4SL5rbWYKnZeaLb2WHRq24s3GIWYZaUfUrwoMEC+eFzmw2QytZOvN6xnDTSHcIx7AXP+31pOCzobZ9c"
-         + "bUkl7YXieH2az5/uUW3uqv9KE1B/b9XXlzKZxlvWaZFD6J5aPPAtAHHL2RbULAfpOEEhwDQpxmCXXANMJq8XT6bXEIMOtIehIjEu8RBGP1Pqn9nvaReNuTJk"
-         + "9drF/tExr1uJUDQcI5mmDf0ZQQOtHSKxrDDE/vtaGuvImVEo2F5fOsN1ejGQHBsDrawICCq7pZ2ToB+c2jL1F/ek0abQ5CYk0zF6Q/kw2SEPVTrKYV2JTaaA"
-         + "2Nx38opz+GaDh/azM5TZI7FMySSiyxw0POVPZcGaptupmT2FkD39c7ZDAxLwsLBoS1XbJuNXNVQ90cJEzTpydOl188TeYpj2E1uvmfARPDV6XMCFAxRGmqkg"
-         + "wy3HWhjbeIYuHCulwHRjI/vL35JhBAQgHXw5FaD+p4JlZW4HQvwhH1zSIaInY78ypuIcqa0iEVfP9Soh8LKq81mGf8uWgXx5rtwfTi2seGrIWyTVDNjyi5k3"
-         + "+iA0mlzla6Yi1BlEpdk++NmGHF4JcR9ZdZ+8GGqivdvo5sW+3zJTJ0q4fFxADacsrORrZvJRkz60xOwnlwWdu+ybQkPCrVBjB9IdVbfhoWYhvde4A5+pL/Il"
-         + "X9AqfF2tHL0polTbpio8guVMarC1Y4un290wL23z2eSg24U+vGu5RWBUuCbdG9o/Ti04fIuYM4JRANwAB+lV8IyDsuj6bYRWvt/oxWhjuAOYQWEC7PxBAb0L"
-         + "Y5Ze27VqeQwDcjh4ZHvIkTnhl8YZ9j0/UuTyNQxTavvJuRPnNogaxCSL92gEF9bexZ+bJMa3sFzw61rMJBz4jQyX9bJiJpXu+dAL82HOvFN9tqmSLjhoAPgw"
-         + "lTc5D8XpiDC053tRSVYDqLgaIsUgPm5POWf4nhbkGIRU2YV1J8wzQEjvbt7MkpcVuX6R8Ww/4gPK6bDBeuuvC14tbmauyJsmyyfjGd/mIF2Jwy5QUTdQc9DI"
-         + "1LvfaK5lbUxUa1rjMa8QrsYAkifHdTJgPW88yMmCMkPRReB2UycUkDQ8TdVoevzJ0wB6qYIGJbR00S5nYm5DJmtBdxSGtDBnn6oLfFISMjaxViBK746TnD0c"
-         + "2hyzoCU9Up4Pg9eV2VZE+wGka0uDdBv6p2m3DpDv9i9WX1OM46THRs43vMFjC0DXB8X2r7TQh/2OYBXCviR7D7+UsoFKmIEOp3Oq2hKr4HMhG6GVuNbqPbQu"
-         + "GRJ/DPQJRwtZ310KH24u8euIKBUEVa4ljOBzL+oTSH2Ip7h50ZodxJcDiE2adD2v8vzJTXMMw+eyStur4d1D4RJo3irWE91/jt259iBpaoKbDUB1ESu2aKnu"
-         + "nqV1GSYJXtFo0h7L4rRk6zSDJnV5fYjuHWaBVGJqRIbJT4xPo/6IoKZ19PmkPWgBCcSxAIhtMHYbEcLbVKlSHMLQFKAJKaCssiIM3aOZ0tSZov2f7jSroH1I"
-         + "EYhZfWuK9MMcyPs6xsq6+18254UiBsldPdA1gguG9tieW4c8zbDj6D1PS4xp3ZUGjXYENyUzB1Cu+vgZ0/H+KJIfhSa07Qhpii69XaeHCEIjfnj9iXlnH6cc"
-         + "5hPJX8w75edF9yJ7CBlGv4wSyDOUtkoeTZH1codczlgWYV3djcZRYEtnUq5/sC9jdYoNDJv0996YTfdmZDQ5TAvG8JqhxColGEBySbHgpkR0TTfR3BnqRE9T"
-         + "st7n6lFHu34U/wefjyvpD4f6nmYUL6CBIsMokPGG2YyucWEJB8wxkEXK1YNTSqWnhgevP9+ql29i0nmxl00ANa1axuRXYCotiMT8Cl+lAxtHD3NYmm3g8xfL"
-         + "5mld3dyPs4LQ3OTrxAmF5vYzuJUclJLZAZZWJwh/OVuDDaZmFRD+vrcTVOF7cB5jZpGOgbFD1pvpqEuuZzapG8Zs2SQ3O9A169epysSxKoKoxCCP8tUEkBuq"
-         + "ZaT9fWpVvUr921s/Y/oCQ3PwZm4nfq3pthZZSNx2S3RlaMa0ok5Oyn9xCsmlY+eXql/4T8t0QUQscLaDnBA2s8llUkh4tW/cfXUWw0V+GUk3N1eqN+VxAuT7"
-         + "iaL02ptHKSInalPm3KoQ1DPCcO7IqiupH0zTjjgIsDJ+iL6nW5smt3qXwKP8/DfgCF5hCduvGCxIN27aD4t6kXap/ETIsCJuEpjnGDF1E/ZYFO/iEUaKskkV"
-         + "/EDWUTBCz2JtHP5wloaKYCzjEmVGJvb1gXXo5mlfsopbhMKXU/tmcjyUOZugapNtMCpnnTaFzIf0b0hPKPiEraybjg9f+uQx+5lv6XmB/CkNOj2lkRi9rHe4"
-         + "1qJfHeaf0gsWcsCByhy6mJNyp45Aqwh1DGIEqoWfEmM/wOBCAiG7T4sAQDzbxZV6+hg=");
-
-    byte[] expSha3Pub = Base64.decode(
-        "ICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6Ozw9Pj9AQUJDREVGR0hJSktMTU5PUFFSU1RVVldYWVpbXF1eX2BhYmNkZWZnaGlqa2xtbm9wcXJzdHV2d3h5"
-      + "ent8fX5/gIGCg4SFhoeIiYqLjI2Oj5CRkpOUlZaXmJmam5ydnp+goaKjpKWmp6ipqqusra6vsLGys7S1tre4ubq7vL2+v8DBwsPExcbHyMnKy8zNzs/Q0dLT"
-      + "1NXW19jZ2tvc3d7f4OHi4+Tl5ufo6err7O3u7/Dx8vP09fb3+Pn6+/z9/v8AAQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRobHB0eHyAhIiMkJSYnKCkqKywt"
-      + "Li8wMTIzNDU2Nzg5Ojs8PT4/QEFCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaW1xdXl9gYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXp7fH1+f4CBgoOEhYaH"
-      + "iImKi4yNjo+QkZKTlJWWl5iZmpucnZ6foKGio6SlpqeoqaqrrK2ur7CxsrO0tba3uLm6u7y9vr/AwcLDxMXGx8jJysvMzc7P0NHS09TV1tfY2drb3N3e3+Dh"
-      + "4uPk5ebn6Onq6+zt7u/w8fLz9PX29/j5+vv8/f7/AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4vMDEyMzQ1Njc4OTo7"
-      + "PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWltcXV5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKDhIWGh4iJiouMjY6PkJGSk5SV"
-      + "lpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+wsbKztLW2t7i5uru8vb6/wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd3t/g4eLj5OXm5+jp6uvs7e7v"
-      + "8PHy8/T19vf4+fr7/P3+/wABAgMEBQYHCAkKCwwNDg8QERITFBUWFxgZGhscHR4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6Ozw9Pj9AQUJDREVGR0hJ"
-      + "SktMTU5PUFFSU1RVVldYWVpbXF1eX2BhYmNkZWZnaGlqa2xtbm9wcXJzdHV2d3h5ent8fX5/gIGCg4SFhoeIiYqLjI2Oj5CRkpOUlZaXmJmam5ydnp+goaKj"
-      + "pKWmp6ipqqusra6vsLGys7S1tre4ubq7vL2+v8DBwsPExcbHyMnKy8zNzs/Q0dLT1NXW19jZ2tvc3d7f4OHi4+Tl5ufo6err7O3u7/Dx8vP09fb3+Pn6+/z9"
-      + "/v8AAQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRobHB0eHzzFqLKvvsdZOxldDTvCy40RGXZFsOAMP1jw0XlUMqq9");
-
-    byte[] expSha3Priv = Base64.decode(
-         "AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4vMDEyMzQ1Njc4OTo7PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZ"
-          + "WltcXV5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKDhIWGh4iJiouMjY6PkJGSk5SVlpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+wsbKz"
-          + "tLW2t7i5uru8vb6/wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd3t/g4eLj5OXm5+jp6uvs7e7v8PHy8/T19vf4+fr7/P3+/wABAgMEBQYHCAkKCwwN"
-          + "Dg8QERITFBUWFxgZGhscHR4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6Ozw9Pj9AQUJDREVGR0hJSktMTU5PUFFSU1RVVldYWVpbXF1eX2BhYmNkZWZn"
-          + "aGlqa2xtbm9wcXJzdHV2d3h5ent8fX5/gIGCg4SFhoeIiYqLjI2Oj5CRkpOUlZaXmJmam5ydnp+goaKjpKWmp6ipqqusra6vsLGys7S1tre4ubq7vL2+v8DB"
-          + "wsPExcbHyMnKy8zNzs/Q0dLT1NXW19jZ2tvc3d7f4OHi4+Tl5ufo6err7O3u7/Dx8vP09fb3+Pn6+/z9/v8AAQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRob"
-          + "HB0eHyAhIiMkJSYnKCkqKywtLi8wMTIzNDU2Nzg5Ojs8PT4/QEFCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaW1xdXl9gYWJjZGVmZ2hpamtsbW5vcHFyc3R1"
-          + "dnd4eXp7fH1+f4CBgoOEhYaHiImKi4yNjo+QkZKTlJWWl5iZmpucnZ6foKGio6SlpqeoqaqrrK2ur7CxsrO0tba3uLm6u7y9vr/AwcLDxMXGx8jJysvMzc7P"
-          + "0NHS09TV1tfY2drb3N3e3+Dh4uPk5ebn6Onq6+zt7u/w8fLz9PX29/j5+vv8/f7/AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygp"
-          + "KissLS4vMDEyMzQ1Njc4OTo7PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWltcXV5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKD"
-          + "hIWGh4iJiouMjY6PkJGSk5SVlpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+wsbKztLW2t7i5uru8vb6/wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd"
-          + "3t/g4eLj5OXm5+jp6uvs7e7v8PHy8/T19vf4+fr7/P3+/wABAgMEBQYHCAkKCwwNDg8QERITFBUWFxgZGhscHR4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY3"
-          + "ODk6Ozw9Pj8=");
-
-    byte[] expSha3Sig = Base64.decode(
-        "NnelQqrAxoXAVDwNqlUnwcj8Gx9VKMlKJ3z9ipYLWo1L3vBDIB+ACK7/1Nzeqpu/Pi6AQOM290kG7n+aIuV1gJI9w1iqUqxfm64OOlUqGk6XcfGNJDYHQLCM"
-      + "2Miq6KLmLb1tC1W+oIaMb7WGNnlHpy8kLh3J1QIf3mXp0hqvPEFp098vr3zGgoZexexgyRJ1p8KKuKBt951fWaBXr04n1QwBclt1tQGlJpMmxa/ttRuEFYLn"
-      + "t4yj8Iuuo67C2o0jeOo/L0JYMqQPa7AoBdtn+ODdkQNJB8ss+DRt1cRAWxZRus50lJ5daICBCuvemS8+P0v2IsvUNFs4T5qT3fwP0NPdH36iqYTytzYEFW71"
-      + "PyZ1RBaL858TTrjEbhFbRj4VpTdbe/HV/YKWsiDdLsRouKImDCON4krFgn860Nm5A5YQ1uLFIAEycS+Y+7t2HaPVehoJ9sz3tkK++ucJN8mVzl9GJAtnKKtS"
-      + "j+SoNlS8Ov4jq3UWZf4eIxDCY4uFXI2rSpMX8E2ZJV7JqbCK5InDH2mWkKcVMpIuXavTBloMNQKMMyoBchsZc5ZXVSj9olGqkYY4cEKpMwEUf3sGx4HuKeUR"
-      + "z9RW+4+0RFOUMXu7udlFcXaPpsaS10/u9CBezY4+UQgXPSxwwI31mxKMWqduyZPzQZeQcg8EIyU7usJrhsBoiGp05Aj8+Fxk719JUu4+ftatCV6F6z8KL2r1"
-      + "w2w7uQwLeIjtpLdAxHVABG3crVuEnJay+KKZm61DZjL9av+l8uDq4nso7OojpKipvDlxvsbSArT9iEZpBaUCXz3bjF0p6u8lEcdPVI3lGjmslikW//j0rpQd"
-      + "QzW8ORkM0ysFz5BN8gzmfxiwWmBH377u4Jgm+szzr0kNvjb7mWGbn5DvOxzOmArUst4OPWX7orcGCs/XKQtg9KW3FAm8sxXRvjIQLggvYINcZm8mzqVruEIf"
-      + "vAXDw8Abl4tBhM/fxltsJPqlByLtdihWVNOL4agOWfToq7+A/MSueX38wZDuJxEKVxekCTYFIqIKRSEz7Rhww5MfxCob6q+Lblv9N2OKQhxu9t8Q+hUFY6md"
-      + "6eBH08/0eP0Yt6r/3mtczejG0F+vNYa4z8fbj2pPrisv3LtlB137ULltq10ahFHyyEt3M8PFYhfIwR/6e6RNttqJ3XWGCCTo4fmbLxi5BqTbn27TkywcA2AU"
-      + "9lZZthFod50946zjxWYpaRLlsSPjElld4BTf0fVUtnagPMip3g/yIS27Q570E6vD+43s0B1vTYmTwVWQ71DRatjv3CoKi6uhiJesVrY6JC2smFIt8CxmbAYb"
-      + "mRPM0akR1sYZQC6Af6MQ9wMSEH79MkWlWz0oIfK4VBtE2HzlR2LWxyg5u9uTBZiORKuNZOlg90cWloV94IV/HypiqEQ1k2Y3Wa2n/pIiNNUQe6PdNXmZunnc"
-      + "y1f79sBfjP6J4l45OrUtUIYj9lu9ChcT1OXWiVeJE8dnDaGvqMa0thB0DiKn0wxTL1j0QjZe5P9diQHAkBECRb7HBxJ6z4Qeielj5aiWAy2E83+ND4D0x8ru"
-      + "Vi/uf+gCpJ98O3iE1hGvFoJs1CgBX0e7IjlJDnpsUHikw4D0KYciH3+a77AqdaLTrkMLPds/Z50Q6sBt6ts5v9Ns7k/oZU7uUIln8RNzfKzBzW0skVqmmfNU"
-      + "LD5frojNcc3dMepPjfwNjVf3cS6XToR/A5DEOYUldeumvKvF3eJ0O/zLqo4+YtoQh1OPFPOfbZF9wY1Lndb4Lq6zv1AUftwjjKmbt+FdLpnU1KQq1d++PF9/"
-      + "N+v9Zs5GHDyAYqbYwtFlPUCBIABQn/zoE6CAQ5D8WtpSGb5IWm3qgTMnoSEU4kwTvlx+Y14WMxPENHIXitDwJbjkMOx90OQpXjIMYpIaPdle6M5vGnZ0gKG5"
-      + "HsyfKKogjJK/K9fQXqFiPgL+guMSyz7HuZFRQPknbfSQg6dYrY/MICNbw+vZUnn5svdwv6mkloLOYK2tzYOcJa288lGGZGfRXI6WavHaBa0z1tTSvpHxix24"
-      + "nfk7HVOtGIihJWly+pc27LvlyNVBtWdO0SBGcwsGCeRz8VT8X0QlxsmcofjNfmg+jcxKrsiT6uB9AxN1WckXboHhtudFQGy0cUEFjiOEIhYjEvZ6wLDYD+Z7"
-      + "nQRbAXH72TSv0hxVIkuVQxTyJqtIUQ98qsOjP/3kSd9gTJNf55aZ0nDWQ94WDmIdkGhVrWTxM+Fx/XR0A+zEFIjbC/BWvtGM1ulrCokmgTSCduDzJcNr0dRI"
-      + "1RlakJDWmtntt55KtgOoHuR+rXTBvlWWmYLkS/vH1qiEdi127zbTPyFh1s4LNtChj9UgiHU1xjyLo2aw5I7sQOToEi1K/zagLasjj+zwqdjCrmtA27d3Cazz"
-      + "Vh83luRLXIgxsoLaL42YjUuLeRS2EaFEFYslgUwlU4fGwH/pkEoq9FinOyf2ySCCNRoXIwh1YaFDsm3Zj4Njm2ipLWVLQKCvSJrE/ESyHt6cDJVgRw0HitLH"
-      + "3xXoXF68EzuYLTEvEyeC2NXyerfwOdaZUoWAFm/iZKNjrdk7r7Zrz0lwjqOuMNuhDdoGSRwbKzedfwyCMw0l5PNcI35ehnsA5mJBmtN4957NXBMW8u2a5wH2"
-      + "KOIx7O2rm6apqeRInyJAC7ELAouJPrCkhvaprqK1duADscMYzQXK937fRVctrfJWWlLW418qIVJn57pPJ3W0lXfCHVLRP+KJvWDpe/abEvYmawMh+I2BnF/3"
-      + "CBBsZElo8p54BfeeX3rlxxuw4+j6yKder83CfVTi6+DpJygAVWYCeI3qskMGXlDVaTcrton6P/u60sFMYv62LlJu3ZkxBjXEKAX5omGvpYIohKVE50m9DD9+"
-      + "7PIpziuQ8pykHVf1QAdwadj3REDFATuOdFINCD11yDyupL1uNWhswMCPlF2dT2N7Hix3gfEnY8yMk68PBbSn4C020ql2ErntrMxYwxhIIkz0TD2iNpabHev+"
-      + "8zO8UoGXElCIzASaJjKtWJegTnqQCKXBEO0DnlqbfVeZs/r8KGo82MNe+/x4LSod4lC205PxruDga3riiRMrO7KDo1HwiDJ0q1hDWXUmfCfXNQipvLiAs6Wf"
-      + "YhWHb+EZ1ihP6g+dbmKV/LdSCakbTsUKjaoSpfso4MIdun3YLcj+3WhpnDxRUgcHocpJ6/7NvUNyJzzfz+wZu7joN1XVjkSDt/TBwOwfzwYIMgrE/qg+Srfi"
-      + "38cN2wSW+hxsfzehrn/17zv/pOASF+2+K+bguMYSGtighVkZbVJeMZae3CUoPAOx8OzhB7dPB2qzsZxpRlV9m+naQpf1Rxa2YaW0Xm4G1s3XAg8oGc8mCjKr"
-      + "J89tpsJFa2a+3HcN+6SwNyCPlqWmJzaUqXcaXOjbh2rfqLsVotZ9/8AX+hKI7+amOP+xe2eQaIN7/1ejVzKunBiUEk8P8JsJ2yZbuj3x11zevVzDZEx2p1pq"
-      + "nHtbwjGjUk2KzLLkv4XDuZrguTXIQ44pHam3CjOr3+27cU+O6q7O5JfcZlUulrASgc/i72DsTlqAwL8MeTaLyeVWAYm4iiPbLrDYQyLPlcPw14XmP7Qv1AmV"
-      + "Om7sl1xKcdJuYFeUkw9p17spGvjRF4frPwTGzxG5MAcFxLi8hXUQNfnGLZoz8wSn48/yUveucvctMa5xp3eaNn8ZUIuKsgNkLRctv2UW3xVYZzAs/CEyryp4"
-      + "BZcGagO53lTmJukbKU6Dl5KAHrTlGBMtBHh8XQe1Vbn612VRJbuRcCc/aQr1FlQgYVqGqr4B+h0A45fO3n8szmPstG93KF+Z53oosWohLaWzViLgJIuDYNSN"
-      + "EjoflP+5JAL0ate/7B8zpe9WSfkx3NoRCqLS6G695i3tVwKcO5aQac7V7CRmBSmxO8MYQt90f4YCKoDaFdYq7sX7jhlPNjrwcq2hOESrc1SqW0q5JX2Bvhp5"
-      + "fR4+4nveKpYeOEkUvc6Z0bdN8E1Ln9+XUa+0Eez2go4AGjokz46RuUc7pWqoMN6LbFk+UFDhoJOJkKCtPhxFU9RGrtODcOqB7c/+ZKiisOb4Lg9Pd9obpMYN"
-      + "HQnwtxJkhrRhs8FdP3bJnHvPZDto9OyeHKzaw+sDqty09q0NVTp+cnnsE7hjI+bv6HUxwpK4PcfdDIiimvn+CseKLpI4icw/jJ5lrMqjc4te2J4sTK3l4vr/"
-      + "uvH5ubOMwukBmAK1IS0/5eMdTWrfGHgPwUvp4Zql6k/Qwm4f42qjqi+/h8gXqMy0/ZQ1Sv0eRJ1flGLL+NKhTPHVbEIgotCrafSJbTrNpOJc1jrJcDfeaNJ4"
-      + "ou8J2xsyrTGTHcuaV63vJkSYVOF7jAZ2TDYk68DCFaQdoKUSZYf0AkAJMAFZwB9Mr7gidsgLlUskvuNTUnVQPr5oqR5J38fKHpDADhnPEY8BAdHvvUcDHvP8"
-      + "X3tijM8e/0Wz+a479lzdtisQJ2oSgguQl/NISR+apddPekSUaiHyg63HNR75GVcN6zPl/ua99k0Fdd6LOFMvi1MR70MrOge2aM/t8K415t8beJnbUsIeWRkc"
-      + "yZ8sVErSf2tb6671ho6dxNn0Wvf/EE3bVuN0ocmbYwvClwCKsR1yyCFM4pjedKCTW/N0a+60ITjSi6EdBL2N0KA34tsGtpI1p9xNJ38S96Onzuh8+xUAxn9z"
-      + "SI5Z4tqkU9EDhORelEOTzsUWo0AiNJIoCZSOJvdOkqp31vxMZAbO6QWwGkMjrUgIaIshsyZ3WQam/g9PMuWb8/l3ZzdOUYY8h0oNj15wy3pUzpQNZHIU7MZL"
-      + "p1qeFO65FURqFgrDn38k7dR8jOsw3LqKNcJNxFMxfzDiKx4LPQ3i396adCCpSoLJKUxLea3XmZVkdz2fSg6ISaxOej/TG2cGO+HPC2ESd5D1FMDsqx16SU2D"
-      + "MrSrGSv8P4p+acKUY9w9w8ccdm8cxsfWiI6BF9e0oTNl6E7wNNUbBNdzmLmfgBYiG+7182tI3S4m9YsJN4JNIhmVLuLSZZMlyekoHQOCmPaz/KLOsyEPB21M"
-      + "V63NcBUZrPnCraWUcQxeFcGIWu7N/EW3g7kBcfiuE4Ylnt+Xn0EU9f/0YJbx+hlqmKJOfNXn/MoNI6TjlJa04GhjMxo4O41N8fh8lDkOYbCwtXeTen5FJ4JK"
-      + "1sPSIWHktGb5mXqFIKWFOl+KNb/Koz0O0UJU9RJkaWmyoBk/B0trzwKE0venydKFdN6a53hQrYpvmm1AaiV8XOMc/f4k6/ooDg5HGJRYmlLIK3Fm+J4/N55F"
-      + "roR3VqL2w2r25qCp5ySXR2d3+eLWgjvglMoGk33jlLzASrGMtyh/z/WczAZi2htvIsV9VV8/LiKbwSFhHY3PNftK9INgiC9nbvUuGmN9mCsbJutHJPE2Zg7S"
-      + "V2j0XbqO/T5P8THisfBcSBWxzxcqh4ta3y+GrYP6lj/eAcoz6+c3JkUcdC6+v7GPa6jLBkgMU9isyWq9IfXNIVY+8rknm3ejOH/DE/HA91D3cML+uuE+rqhf"
-      + "Hlkp6bs3twAf6cEw1XSB2Y2d9XgUVNHsRVFPXOVkIR1c3brqjkDyL7QhJ133YDOlbn9q59S9KUF4yaB7LKMsYVcUf/zn/kphj1WvQ+8mpqRh1gLrShTngDYI"
-      + "v4m+EstiDwOYzwz9t4mPHBPlDBVkzmX6cMWGX4jwORwdiqLB7zC7p/kkBhbxD7lZrEGF81a3REdyCR2s7qyoidY49vphGU9P12ENW1oNzkGqtDr+zbIDhoEG"
-      + "7rPIYr+JnG3WJ4QGQfgsfF5c/+9g/DdKBg5SJ88F3DDL6tfmsbFYaUnDb8DwFwEL1q4i9yHG6XJvPO6Z4pLl+4r7v1HnP3djj3KVFg+oP8oLim6Mwqkquzf5"
-      + "Rs3ww9kTYO/+Wb9IHjZX2C7VkCki3J2tIoF3rbOZDDglsWomQNC/vc4w6Z/1/6PGac2EYvPuaVk9JmP1DjteX1dK+Lvll+SwMBqkmuzYZc+hOdBnolIjcxMN"
-      + "QCOvTGYNrkRYDMt3G0t+yb9htocHIfe5h8Gv1i3bYuWo+6b5venIQlVCBmKdJM/+4IwOJ2BVINheuhk/v4jAV4mAvq8gN6ZDH5km/bhvGQuIZSb0iMCPLe3G"
-      + "MRM1cbiXAWzVnThTBvFQH56MH+6z2/o85xySuagDua3l4B5B7mmDRoggrqVtwylPMm9IJ8LO7YV9b5uuBGlM7YDXzc5xuyVYCHR5MbPA62RT793RV7v6jmVc"
-      + "VTA2QNuhe+C4cuMM/ph922etbHlQSEv4pByRYO0TkcxCeKFqqUS5niQ68XUNgurzEljf0y5L0/wemG/GedA9TU6R+wxO3RIK7GRevbB51r23IHcMwdiVZ5nT"
-      + "Vj5ue3iGLDQxddGQzHK2UuOg8JRhYp4cv5V5xFOp7x9vMXAamcyOPtzYzCoB9NFZXN9rCcPrm4ki+7iiLnkQ4779SRsF4iopDGtqAfdV9xaHvsdT/Gljpab4"
-      + "lU6uGsTo79nfCLVhgtPx+JUcTjYjtM8DksHaGJAK5mOcRcvBJT28O0kKN4V5On9pxst++VUqitJykPNOy+MCHdvM73xGfKzxh0qfwZ2HN76H+51nOe+ek0in"
-      + "DaFvghbd5ZQdKJo7xuptj9IlV2XblBdqYbxH7cKL70sybhuRUUfYuRrlIwo0YbcfAotEdymOalDn7uifqsixeX+hESMBPL+kMbnjn/3n8IRjgNYjIKeGtA2d"
-      + "MsuGAsgzqFbLcJInkCGgg2aIvl4o9L+ufarsBjtKcV+lXgXzD3lohYUZni8hWRY/m93drS08F1p7wibBEq07VaAfzlC89Rq/aMLn8ZYIVcqD3P2XuNNAYDfz"
-      + "W45PLVMtZBHWSCMy3JYXIHxSVQG7KwAYmVxaId3+Lxu8p0cIik5TFSJj3yJZYdd7gQgtvr4uUoGOPDP3CxOQvftnMNTcTSptNn+xWSF2cTTJwFctrqaSvC9k"
-      + "fxdVMGWwPbg73esbEagrEPXLPU4lq8xEGhb8QZ46OfUUoIcJfYAJFgx/SEPjIm+4zxOTZ09t487frZNv3tch7xR6M1MTeEcXvJQZZw4w7pS4IF3b89M3bP5Q"
-      + "quzMpHSO/oJRk+fcdNWYdOUB3bbjfv7AIrzBGIZRXMBvFMn9Lubz/kaDI1C7L9IC8vzipgbEQkCfGLr3d/zwIDQ++CF8OfyCYmVMMV5HnXm8FFTw/Nk48xm8"
-      + "Coc1LySNZEC0sbRExyFalgEQxWjmxHVJdp/ZvzStXSfi9D/EhI6lxhzxec+TVKMYbYXq3tuT9W+3749WMbUYEw6rQ/Q53WJWyXmXrsExFbdnmrfJowDlJNep"
-      + "TvertILNAWpx6GbeF3j7rdBTdX+kVVaOgbonShIgrE+mrcvK6dVr6tH+ctAqY4yGnXPnwXscSLyMxujPNg6c09gMa0TOSH2jDdXG1XT0E2UzYD8rK42E15Lr"
-      + "i9EB6t8fA5T6KhajOFXb0eDKq/wcd6OdY18sF2MSm7RCL0ewhW1xLYch1srni+zANdUExuXKoN/50Q9t4tFDK4IQJmdb6yRD70EIz/ocVUnhuEgEYSMBsqP5"
-      + "ZLy9s3MsbaqNaKakHgUHoh3dsjONGrOzxaMQ+bjwQbhyhOFJmpW+KD3jvHGj6jJFWQrm2Oy1AtLvz7e8ThOPQ/VX76FNLRV9jS2mNV19KFKMP0vFCv1TRd02"
-      + "h4fnDZyMZIV+pYCJwiwvZBQMS18VYTK/OWeVHbMFJyo7E/AeD3DvR40Q9JZ5Ww6N+9UX2GW3Tv4+MbYMwrVkQZ2N17o5aNTTgbT7coP8UdCfXeeTUBpL2v8D"
-      + "F24njR6hfi00IIPDzRNcFdajNMGhsClhl3ZCnNEO6SuQJOXtyqScPxjc7H2Pm/vTgQSal3K48zD/YJzCsU0w9/Cw/jjJvLyoVsBUkJFaSZzBHWlMW1OTlC0k"
-      + "ARikibd9sUk17V0Z1zxxuykY4rXDEAIF3Hf+xLcv6tyBCDrPOPhy6nRUjiZ1YzYdQ5Xywo+fqqnJs7PIncPdXEuXQYsNkUcp+sHKlD6/4SJ9vTv5p5VblcOz"
-      + "bSibHw4eUQFSaiAYPId+MDgUXaqMBaYC/SB175EdCUeJk1O4fgb4v1SM4BOVYCpEQSKt5rUROTp3U+lhP+ZiZz9/wfy+6ykBG6n0jkzYkrB5odxCTRg2ze3b"
-      + "7juGxI2x5S/5qJX+k/Kjj2fX3I+FwpOIxkLmrAIBsDjhOMMAuu8NSGINUJ0c6DtKJa+Gg5uSYuc+uBregPfmJ9YFUrOUdkukGqCel/1rXt2GXO3vH42Hb1Hm"
-      + "M6eSv+tGm1zZ41xB8dfxtR3kzBjtjn6y06JYsVTkOCgBe0q7/8xuPowZPz657OvrmDwlb30jH6GvXXxbCi+x//PUyCS/7GkE779SsRa0tx5icV6fKvDFqoSI"
-      + "40kAyCGemxm27gDU+XGhn4V08HXVsFSHP8yIKibvBLmGh6BpcBHeQgRa8ZAXhtuqeULU7T4YHSR982cMKqvA1qgvNNXtsHIPJHDr66nigNbmrVlVnqaVkZ3x"
-      + "JV8Fta4Rsow57YhPlCEKNbzfMKCRsFqNqRODs9meid6odKrtiSp6sNu6WmLmOBa1JkmTjAj0h8KZGFgUfhEVKiVweygdjnMzBKBZYOO4gTiuZKx4pOChLM6W"
-      + "bxcvHH9krhjo8tg4qYGYo7jVomR70ELSSlPjvFdxMrxFk4xbvet6ARPw73h53qGCHUlzw7m2jgN4E24zGwtgVB7t/7WiNTQFv2JMzLyABGJUE/gjrM+ASDtO"
-      + "jiccU0mpZwD+nQJIGkG/oJWy0NcQ/95W79b2RYCQD05CTcmh25IIJVhwuXZe3q4ZJRIayGNeWKwvVp95j5ksxe2B7IO1k2IAUuSA2olTNvBjK9+WwXMvE79/"
-      + "wC67YlPtEK9cjiUSmQL55UVXmJrRUufjhtg3copQduFdv3mNirEX5m9cL2DPm03ts+CNo41VMJmIuiCzeg/E80p0V8LoNH6WZKSMtqeCgwwXSc57xOt5XDl2"
-      + "ZBo/y/M1F4+lYg+zJF30oVG35ZWIwkL4BdWU8LkGX3zIkjAuKLDL8RwaiKgDeqFHSkaCqo1sdkTJ31U3bA47E50gpARs//kmsTA85HxdlZXvBw/Wda3lHTYi"
-      + "zqsJzf+5h47RR/8Ia7t/yBtjM6E4d62t8a/KaCQ+2RP5NGuxnvDjGSMjMOQrjq+pCcVUFL9ApGWErZB3zOpPWwUpYspmPhXmDaO3sx1m8LdZNZClFLCn9pta"
-      + "n+i2TDXHWOuP1RQfWwFk8zpR3IQ4sHYjpkJJRWHmeDW9XVaxGYUo44UbKkTT32iBXqgNBilQFIEXR5JZHZOyN5+/wkZ+tDAIzdi7yKLqBjliKfPOClYWQ16I"
-      + "yBjSIvqZp80yuARVUCG/Wfw9LouYTqDs87tUQvhDBAgrsgw8xnlJAjDAHDn2YaLp+57gkXYedtaffYqKKdD2rCH9Fceg2KWIxe6MKjtz/Hf+60RO3Qe/UeM8"
-      + "xDLHzSZFE9qEVTr9uJTOI6SFL1005VUEcIl5+cnAPv43Bg3OHmphsrXfqMAlBnUBAu0lr8kF0lhKE9p2aVBY1eK9aU7lhf4/d/YIq1n+FzgN6WTbs+lqzuEP"
-      + "HMR1fA973xZ0vSfb+ZifM/zySjgSvSUr53YKmRZop9hI/8lPX1QaHDXRVn4fVZdv3xZLysU2qO4b8RYcD0NBIOEqomqKLtq9YEBAwPEd+MN7K8sk7RbkWdgO"
-      + "tj9qj/8tqbzh7RzQrWn2NEaOXMPyTu3UvH8hTbNGfhLUBG+BGG5Tf5jABTtT/ugs3kkG1qhx49PHVUOO4R4jqQJ4gmYA4T7ToodcuOcI7vKQ1pKwYuEyDNsD"
-      + "CXVnq7zf+nGkuSbCDP1GG4lAQy77DjZrQOXK+4VRaWfnubJ7Z5jgPfafBIxSaK8ca8nvc625vzHA1K1BBJWW+iqRs7ZTMG5Mk9g9XHP1e3GI7an/G2iXl9EA"
-      + "NLWMB6UbsoJVG6/9lS8ZzR8qyk3ecNysZqOgB2A0eqwWEizPok/sGdC6YrP+I3J5zYQWMz+OCp3PQyoCyLf3u8FQrMkyhcPBPBxpXuC/i4CaVjhy5NYS+X/Y"
-      + "5tL59Tpp0ikFM2+LHSCOgLEYd4zMbrzlmYUldvuZoYpaB6TTWAV1vyteToQNdF+E/Ojppuf7fzRE/rjfra0safMRV6SnG/TGUppFuZTr89cFbHmWZZ7UB6ba"
-      + "9nFvWwMxC4v4bHBl4GHmbs07EYdT2v5KBdPQGpK85jKR4Wuy9SoFVLTzQQaukzdfJp1EvaoRt7PmCac6+ymQlCpZQPItfVXcQrO4NNeBccQYPjVcPj3jixm0"
-      + "NBRE6sMsijvoe8/AZjZQjWFNNjRTqxO48V0TGN0U7EoeNlmbhI9K+TpctX5GaR2kxQLG/z+9kYGNDfCSlVhKLN/NlecOpri5v2jPnQl7yVJcMVDKryGtPDr5"
-      + "YKA6HO5jEKS9CQWf8fhQdzF1/S53JHrekXk+oSUfTIUq2jLq1So5aFjQVrBYNIrW7vn95Wx99nCY3BX+gy92fJsLUq2ENMUmm2yHLCEmpPSN+c9C4R+wdMX4"
-      + "VbW7UtrWsXxB5eDy9l2j+3/18XFVGfZmgPl6AnX4fsNobOFzekr2mdZlzPkXtxN835puV4FgrP6yA9ah0Hppa3XnQhuJ3LJ7VmUR9CIcNVPwZIQa1VK39Nts"
-      + "jxYmDIcFSa5DuqKAc1KQhrurNrLN9fUKTGP2n7EvPsDy0ZJZwEoLujbBzADFhMA9JOfKnqPJcRRnhtIC7F15/Z78++o+YpH+S9NAvS+6tPtTH4cwekY9MImf"
-      + "WstOEk0/3TVnnRHHO9Pafsy1myRA1XIyPkJchIw/WU5uMHCX6KnPKnLBWNMay81HRCAMmC4BA9+sNbIPK88ujgfL5HE73aAg4I6H/9XIkd3V8RsPl+7/032B"
-      + "ri7IJwSXxsLk8yGnSmL7YPI9NGp+wFU99aIRlJLffHTmPIQexv0y1Nf8kfvWY/urdexRQ9l2s74ylX8+sT1fhUsNh0hdeEHkpcOyG40qkzzhVVPeZp1UW6vG"
-      + "Ln14zAbRwD2xeDIZPtX+1ANrAUUbNMv2X3LFhjlARulWirJJT2M/qfcoDwOg12NITRLsbMlOzg4gTbzX9sPFr7lMUA3W1No6oHpBvHjrACDrb0Yns85fYoAU"
-      + "OhbRdSID8cLd2IrcphJ7QW9T59t4YCddYPf0Mcj5O8wJkIEvMNz7HdkEnZpD0zssrSWYX3gEq2a0RBDG4lR4WDQ6WBCC9+tj4aFWlGm2OdS52Vr7VrOcFoa1"
-      + "aYJdg09/1T9mUu44KUhA+CoNZu5l9MeaMtp6Z3Bs2M53EmWt+vQwdBQOExbEi0QFHCFI6qqYy8mnJO5LuDcnN/n9GQytaYnHH1zth6FfEGkSGFuxKBCEij69"
-      + "6KyD7TgZ9P4G9PGFcT5ZYVwC2k3Ld3Jl/Yf6/RBXP0WYiu9foAMWpzXIzBJecHnFq6XNC6MRpKrqj9kLBwf+x+Xs6UDM2m8KU666/WrFRFOYgOBvt2zyPmlr"
-      + "fkZmQIlgWyAzQTnRopTlJuxa5S4ZYKXq8LFHLDTYgJTiVCvcue31WcfmJ9EJ8R9Pr09lRpk7asUab2s0TnkjBXnhnT0FOetOqoEyLiZfr1I+xaZ7nJMalz1W"
-      + "aDpA1B5+H5evYQ0/MVSD+w1AW6rm7NmINXH142O9ws9zAmF9XawRr9z4f9t10YjB97F7TaZL1U/yBFEbOJvxIH3q8dOAgihOu8TUPXs33WQltjNLvnY52VAs"
-      + "bSIK4moyHh+zSbvHFiW4MofPnkzK27blxNU5e1hy7mhOoKnsd8N2KJ62N0/OBfBBOkeqkXKf3ArFqNEfJ1myiuyAASgSg1I9TQVpF+Pp8SFfNvYZDOUEsChU"
-      + "UCf8q2vpjhWUK/1TU0XVZVzguesu0U2+kVrQObtA8KzbPIJ1aao/Snm/rbDX0o2lwnDwmLmJ8rVp5I9ylRYPqD/KC4pujMKpKrs3+UbN8MPZE2Dv/lm/SB42"
-      + "V9gu1ZApItydrSKBd62zmQw4JbFqJkDQv73OMOmf9f+jxmnNhGLz7mlZPSZj9Q47Xl9XSvi75ZfksDAapJrs2GXPoTnQZ6JSI3MTDUAjr0xmDa5EWAzLdxtL"
-      + "fsm/YbaHByH3uYfBr9Yt22LlqPum+b3pyEJVQgZinSTP/uCMDicxK+V0BqvTTClsV+kLU2PysyxbwQqIxB8n07Z89KxIrBxHogYnRFtTiHY4E96synSYdIgI"
-      + "mA/te99fFzNkLOHI/kdbTUuElgVfcpCQXiXFNB3WRu/p3RKRExpEpSES/GDKldICNqoICfUImZJhz5Z2ADwQ+dQofWqRHdTU4l1w18tXrIEbAdeTVqTRwFFm"
-      + "V83uHTbR0DmMPhIuLah9C8CWxMxkC+lS90cVXiVPfjvd6f6LWnaI/3iS2RTYZPFNVQBHG3lhMh4ZY3bTzUROsyEFzuWY7MJqJ+a/ce0B/UDBS743UtpuNzWt"
-      + "ByBItW0ZGWgGYIlosHBLF8yzB5JdA3DPfFSHmxl14Gp+ZmqIjn/Kd6qWeSViKC/wTPJUyxyQby0Sdlbt5+TEi9KM8KKFF3uH75lLzrk4y6+fzMV3e9y6V4wO"
-      + "joMP1tgsW7ybWrRAo3ui3zSxb9sc5WxRIoo6qQQf/i52dCKSaokwmZQvR2F9XrZ7ZMRda7m9gbPTYcNAVjl9D8E+vLhey4gbwGFh2Ve0HueDNcNWP+droI9V"
-      + "/amI/3xp6+a32Kw2ClcoMzmz1Wy4Wm9ZVmeTOUXfmTkpr2KruN8M8Cf+z2RL0cUp0184k+uyxTVsRfMfmId5Oz5nK0osR7iwVgV2U4YxuAlyLG4w1tW0KDOP"
-      + "3lsqUFUHCB3inev7Ul2jE0PIwrpi6FYT7Rci+xhm9mAwvRGPALWJHJAVj2dy+2Co4GBR4tbYkg3VrMNQeIOchVNlDasPvwNlVWhm6XJ9kS8tfAXui9aTiEym"
-      + "P0DwAfAZBOwD9CRKT2V8+1pINfBpmhFd6rCumoXkyYX9GBJWEt07iR9KpmxIDPv9mwgd5sYQXBy2Nf+dAoJhWm8mMR2fCDKG+l6LzmgMybhcauE8bKHGQMY5"
-      + "lLvMiyAUUdMLAzvVv39LDE2JpcdgWjHJNXy46Dl6AMwDAuEin77gv0NdGWKSWGYsuik0fkLBMqs+0i0If+S0ph7uUKlqXPart9qHuwIBDsOnG1alb1XIE05i"
-      + "QxApFuSc0J+auiQRlBEYsTfM8oUSRfM1DG6Wh6ZovkkZZGiyrhPk4Ta6xYmsM0c3b0bu3kKSD0+j31WWtqurjYvFQCTp1i88Ik0zDBwGTM0IR5VoiLQ2LsiC"
-      + "xqJNmQ75AFbgU1vZKA3mKDQ5nmVbjTdqfaFSdokzQZkR8r+/uJsFuGIGwybZfAFq4e8a3Mry9eXv5ylDGa2uv5byw4MIVWcCxMj65XonxWLZmzxPNK9hsICY"
-      + "HTJBTvV8MKxFYQRA47zD14oWUEsfQEl1RqgpiLq/FgB0dAeHovYU3LQ6Mwd0AwaIiu/vWaZPRvLseA7S0bhhXL17sGiN6jvFgY73CodJ05IKMlDto7B4l4UB"
-      + "9kq9RQhm4rlOEAMXu0gUZhUlradfD3N8Fr6/lneubfKyrTW2H80fvgmCVNsWBvsJvA4Xf0Fx51FAxnFhOeXc4dJHEdPIFo4RqSWZUAix3e1OyQwoYZU42SOy"
-      + "Aa3RElAQ1oxR+XqBaMkf5jCpYHq6KAvgNJ6oOwSoXipppI9Xyq3PKalQoEYznHUTPicJMcfcFc3Wyc/DoRIAnooMaGQB4yuCydwNNo4545731sSuTiCp3b6I"
-      + "J2B3UKblBlFlSKwEgpj105usgFS91+JbJJbagifLSZX7VTjzWhU7XFnMptVBAkW5H8Vjklvjw28I9IHYrmAVYK7oI39dXVog9GHnEcZBumOP8YxQqBCuFATK"
-      + "7fq/vC+9sfDa5DWWR64SfFB/pERwvm66XCJO3sCovO0uhNsT/ZJQwalWkfIHlAUu/Lfn1Yx4MLnPbuPYf/4jnWWwPbg73esbEagrEPXLPU4lq8xEGhb8QZ46"
-      + "OfUUoIcJeFjlDFQldHBrNqEwMSofDleygAW9nBjTAXg4uv585s5f673yaAaJsHH8mSU2kkZAXD/QWwbVOReJm+VJvHXMywfyBVJunQZWoqOrw5CK1oWLhWo6"
-      + "3++o6kpfxGmI9Fm3K7Kdz8pIog4w+uLlX6ubNH3Q3wiQtieNd9E+nVWE4e923ehrVylJbr+r/LYet2Beqn5SbAotT8s5CRgX1iICE1QPnuIwKte2QUKu/XJ1"
-      + "LOaN18PaRsettwqf4T86HDfrGybrRyTxNmYO0ldo9F26jv0+T/Ex4rHwXEgVsc8XKoeLWt8vhq2D+pY/3gHKM+vnNyZFHHQuvr+xj2uoywZIDFPYrMlqvSH1"
-      + "zSFWPvK5J5t3ozh/wxPxwPdQ93DC/rrhPq6oXx5ZKem7N7cAH+nBMNV0gdmNnfV4FFTR7EVRT1zlZCEdXN266o5A8i+0ISdd92AzpW5/aufUvSlBeMmge/yM"
-      + "rKDskSAvpTKjzNpDcrMOK+CWUBTCuNuM9zvulBTh/dBCx1RR8DSs0UDmFNe7KujfNRIbqRM4RiZFM0CQVBVsoRsLLchCZklz37fFCgrDSpaspD2UDOyPYWQq"
-      + "Nb7OlbMHFhwppRmplUaeikB7m/iBptJnZDxpnkjQucTbxraCrvN3kmtwBMxGVvvXMxBIeK7S8j2DIIMxqz3UkLesM02xoRb4n1KHNR6jLU5plo1shR2Vb90h"
-      + "ClGQp3cMOB1nuzEGBrhHfCozX7QDrXoPa/Zqaan2fBx46Tpv62qRbf6aVIfr+cxejNGzM5N4JzXlLKDCtLkjeWdZPKnE874d85wO9lcTvrZGPDLhDnATgwr+"
-      + "cIEyLGWyxpiQUskioxnGSgOl0chfbMJBTdYQUAdmGU+dcD5MYw0gerQHQdPtpxb/45RAmPgiSoLjyOUaNlXy2PcUW5QzgtOlVAB6sZbVQL7WJQnif56VGndA"
-      + "610cIkqSGkGzfgaoHV6WldqzCM/l0NwMfzq2bl7mqC6i43JT3VoXf0e6kck90/JFI04MvXGDZU+TpZ+gFpMoixBGgKHX+f8ee/yJdn+Tz/S9bmOeEHETg2l6"
-      + "X2zu/ZxHJsu04pZkz6qJTnNhUKQAQkw4viiKYKGXgxiC7G/BDttXyMJMNswg2puonTXzJgAEwousboEU11HMzbzP+rv96KWyDxx2ukUt6lq6wwAe4kbW8Tir"
-      + "HwpujVn62IC0ejcZIQ8lBor9a+32MUqgK+ZI3NK1jchr0yenYWDznOJE0qGl2P/lqI5TjcSdVFC4OC7vKHqmpt2kiYZESB8LxQ5dthwmUmKQNoGXjziwGaWh"
-      + "5jJLX9gxMlyjS1rVvxSD9vT6N8YGgBd3Hq79imBBLH0p6OW7plBQqVN2aeI2+GAQ5NYtkDuA3zjF8u97ZJhLCcCByB+3jEYE/nRPfSr0BHrVjNfu7K6RS51o"
-      + "9/TSmIQb72507zLuHhvWaL04JWILDcLPbFy5oi/1EX/+lIn71Vb/JEaEGDLsGOEil1EtiASByEMVVfRAk3myBhFLHLcHbk+nh+lyOkKTKpl0V4SlZi5+Ox2U"
-      + "a++OTz9fCWF1PYig6FzBGjDOy+oiQLyivk5M/4/Ta5NyC9eTl9mNQGCd+D+CO0Y1hHqmxYcaND+67CHs5ccjyHfW9w5BF140vgyWFjnnqfIQwxlajccvSUtv"
-      + "/OdEq/T8jhnT2ps3cgF6lu1LUcJeoa1NzbG7OVCneHYyTjeCYa5YVr4uiq82NCLXRmvu5CmXHwZ4+pAGOwL6k2O4Lcug7eo3xCHOW1+oyJKGb38ssIraEnL9"
-      + "14NYuI0LiMeBuXVEnX3bO0rsL59WutBdCSjOLCZrMNdB6caAVOcqq+Tp5jM9pt7a5kvg7szxL5s7XGaA/gSiFF7CqLgq2wctD71CI2lg8gW5xfKmQHi+12mn"
-      + "XyU6fqqvYVatmcr5LX8IsxJbg90zpkk/4D8CGCvvUzy1f7XWI4RraRJUAjUbfqD2Zo2JEhrjLRlAX68cyhfmsxHSW7BS9Wb2RPJO4zw2dURfbclVX/QBPwiO"
-      + "xX9XwK0Z/27mBiWux4TSkwUsGvh92qYOm99Dkz1oFLuu2ZL52wMfdKuE4QtObS+6gUQnnhyytANAacdVaVhvPGSIkOvurgdl4n/d6WrzTzj7nOuDqP5RzJhY"
-      + "PZYa9skEw+cR0PiBv367NWWumhBN8xVsSxeEayNoNv3uDGZvXTs5JZesGGsDsjSW1x1VBCSGNRy2VL9V5LWwtvOzU43jpzUZSM9/1hyrD9Ll4ZdQiQMIPCCY"
-      + "BRQDCcvT5apZOQkQrMPbbWhvI5rGZZvh5hP0ZcMrYWoW+NmoNMlPUS+Q8xieTxDp8OWkqUvDL2CsB1qz57ECA1UUe5y4J/OPliOS+nReYeS8LyqCVv5RKC3X"
-      + "p5NJSrh0qOqA29hirVWsUnIL6F4PpQ22pSnbOYMGr1Xf23B106nC0D+EO6HvAyh/oC4EjMlS8AfRLcI0VefJxI3N1xBExRTwFpVrmEoVKu/USI+qKYlE12jH"
-      + "gVaRm8FIS8lSQINQJIcLVD704Uiatft5xuYt7XbdhoViI8wR0BPkRjrw5mjhIO+tPKD9XS+fISVgBhYX80RadBhrGj+akY/7cDFPuV77ZNwF2eMV0uQNBLRB"
-      + "biJ7IyMCKj+cA0wNbydNmXegv6sICFEoI20qgjeiHtp5u6KuHPQgYELR50Im0eIK+bbOdgah1zC/Q+cH0lI+Axt6W5MOorBX9TI+wzbtJgVOFwexJG082t3S"
-      + "0/I6+OBmknmmws+hPSlSdEbLGRVchwFb66A9o7TskjaObArdt2Ia+GBJ+QUiV2qjyRP7Q3Adujw2LEgqux9FX7HIxnUWw4rbaxdFr3QbAQVbxaaBLuQ9DsI5"
-      + "NL08nPUbb/JpIjGU4nnXHiKnSRynux1AkVhRf/BIa3FFHDZX4saQ/XF0FqM1n2ZZ8iBR33m5ver82lPWcbi1h5mgiaWip1T6B/jICf/NAX/5rdby2SE7Xn+4"
-      + "TxdjhwGZgW2XCV3M8LCLlrofsA4whCqBq0MYdTbII41nHhZ0HAErEvr4JLydFnlbVEYOvykgLq+JJcHvveE8gmSc2CT83vU5MMZwX4bT+Ec/Z74d/4HarS1E"
-      + "KFwLv5XSb6jLH5pl8LzYn7Y12LZfwI3zb5UrsPcKlaXd356E9+BpYSexub2kPKdFElL3fgIbkakfX8XVE3+WDQdab7fj+KZThuez08xFTl0ycxBR4hAKCwwL"
-      + "tTvlNk/8KW6HNPPLhW9LDmGvoRLrMWM/Qx+OKUMru9S1WBc7wb0Haa1o7NjK9AZHWJ00wqDTqlb09yRXhB1KWBwSOsXviadyXYLeOgBwbyyrg6SyC5WIW3nN"
-      + "iGgJ62jHced57GgqOXcuCPVKbObkR8yYmqt2TItNKtITvqw8tH2shX6mmciP+Nw8twPIBqBVadH1rnLBxNulKngiS2u5yQIl9VVsur0WtQjcQ5V2KS7E3yr+"
-      + "qJBvE1c17Fe/hLBRbMC+c3FeEqdx+WZZUalpp0anwHHf6G4R00EDRZabF6nASNWFE3kZpj4rHgWXOcsvnO3Bc0/G16SSkzv5SYvGHTkcssa5GiZ6y99dDBjf"
-      + "9CH8Lhp40Q6MHLi8Pk5CYGeSXynwyGdyfak03zzybxYkPHcMMQtWevFvhaKxTpuSy2Xvpgt+haU3RjPRIAuq8zFBGmFsO/zYnYOGhHj9sTEs7dXIPS5MvfFc"
-      + "5Un2RyXXyH5mnzkn+ELqZWuV5YrfuWALPS5KcEc9I6wXN5JC5VqUmwbcErmeYae9MviwjbDdfZW2YUAb49Tng4ljyr4Sol7hByJLCJMGUJiRom0rkYdgnWLG"
-      + "c2mkW8zEH4GM4+bPMxN8H2SotWMqchMOxP9ivpDAfGXWjnkh4SEenjOYGAX2P3PAG3xltvRFq3FNNIRww6K7eKIMosru8+m1ZldQBdOg/0d1caoeRNa3Srxf"
-      + "fUno7fYAUl7qRejmzcHiNX9FnKVFmUHfl6VgdI+ZG1UBZrh7d+UcITYMTPaO9xVLfBR+otn2w9J3DyJoXLV7IW4Pdcl6CqZSVZegAvVvLr375hR0ODbund3Y"
-      + "4ii9KQlkRVeH/2gs+BcLkIonKLysHVZU0PXd/IvKu9y0fVcKIBYBNTIkqn1y4X9qJKrvX8/qbsRHFoCgFlvjy5tRedWo3zlRajgHbpHGd8whB66cmm2dOyhp"
-      + "pZOkOjZcQYg8ATcH46n+FRt4Sxq3I3FKv9TFJT4E3N5kiYgUVwbQUgdieYuBN84RoFCfQImDqwPciBjItE8x0y1ybeBhzHO1CnMnEuD/Q9p3wYXtvgXf+ok1"
-      + "w9rbLruhbwdp379OXKejBnhB9TYB4r7ORfqF2eoMeRr3dF9Ybva41fo3o0w8jM3PeV52nMgCiBt5GJxEXEiJ7zY+Jc40PJFdQnmgpaMUHBmOkbVNDtDS0I6S"
-      + "dZwZAfc5NUNE5fXwiFtfZg0NgXSVUrr0viTV27tEx2L71C01Ce5jsRyeSDjgXbB/IAqxCBuDtMyMsdMI8FxwSL1eq7iSIMm9fUnPCW4iEeKgBXAtwRmUBb0B"
-      + "VTTMAJgl3qXMrXPEZbVWyYuwpOL4gBPapZzwdKS7VG3vcp+OaGsoCqoa+oVc7lDcD108N/vS7XpxvqCQSSzhBaUgaD2s4aAcGLUBwhrUPKu14CzzTEtV3XxS"
-      + "jzHMo9p3/riD2mTLQ+fvls3V8WMsATcN6b5LJvGfCRjJ69+TBaeJbXZKZcaCG5+3g6f2NTWk+WxSCZ2WHWKI0s+rsXXM+Omv19hMimUjsoSvJ+rHkNQS6svl"
-      + "ZJlTf2I1VH9r4I4GTMbBKI6YKKDYITSiJUPEbO5CCEUTF+8h41ECeGWniWRAxDC8N5vhBJCkCrYF7ZjPjoJzVGwgwbvF3jDbcyuWJR5UHPdI8DOEwocfmZh0"
-      + "MFFzphskyYSeP7yVzfvwlOPda8l5t9a14PZ378J3TH3xArPeg/66uNxv9/FFs1cXqFzfPuXfNEquP2l3O7evs/Ob9rarOcc9i/BxZWGuyfhP7H3cpmdiZffC"
-      + "GeVSl4YsCmrden8+w2n2Pjx4aBCcR92p9qpgM/YGf26i1infjHp673cvIjcYVzlx3IRiOEMWBK+gGeRri+OoWHhYKwG5UOjgnmyykFTUBqgIMK4Dfp4P/5ZN"
-      + "vSJFiF9EmBJqUoivZc99BNQe0XZYqo3pAA+FXpiy0KxOTH13Lhi5yDEt7VrCssXiw/DCFSLN7UOPwVqRBlkwR7SiaFPlob93rI5jCW3A2+++G49BGr/uE9XY"
-      + "iDBujM2CNDyY2kEcqPteKVR9/A3+bLPGQn+J5r9Vl4IHIjaoE/lulKWOyCdJVuXjQXJqd+ahWinwi9BvPUlLomFCqLQZFM++q1Mym7LycI3znRr/FrVsmHus"
-      + "Vz4m+VCHNC3EVqK3LJqeGSgzNdFr8KSS2XqjIefTsMZZ9EMLadzhuQ9s/GHM80IJqXj5tsbR5cHjJtPn2HR1y1NHqbeXN2nd8E1UxmFCU9f6xNDKMt1G3IPW"
-      + "KkmIAQ6PxRWQUQ5DA5PPQyPBDgnoYILQnzP0G/3Rp904r4UznKhZmK07IuUlGMwkIjFyKNOBnRe/VdTfQtajUX8yUdyfxeUhXZz/eo+wgiPSemizfpet1h9o"
-      + "VJ0alE65hJjzwWKWw6Fb305EqTbbno+6BLTncBIhgJsQ7JEbiWfUXAGUDQII81eYXwoxWVc+b3YIJ01vSI+OmXyK8LVFcPALkrhBH+67sSMVhacOESJN88hQ"
-      + "+IJjeAj+60OZ4Muuj2vsv8BdDYNUqlYy9byi2lfgr7+qkmqVH5JqVsbB0E4r0yH8YBj+N1Dv0TxCZyUJKo2Mt2qDF8rbPP12Im/TU5x4cLMHne/WXo7A4SOp"
-      + "FHfSV7flHpFFFnZMx0jsfCylFVorxLoZio8q/S4z6FkV7FpcrIo+o95DJ1F27DRpxBX4nVArQ7x/va3jpg5PEz2Pqo5Jd59ymvFgsPlJdC3R2xejgSwArWfU"
-      + "1RHstxnDf92JuSquM4kh1fvLbXscPpeAQ9oIGKhwD8mcRFkd6O1pnf3PKftu/ZMXU504nhal4zdw61UeMnui9OXtK3ADJ3BRqXZNDXbcijDl0l2xSbO+l26m"
-      + "HREUYFF+CdHy9KvCK612LeV+27uc8kxFj2P1qgOJtSxF071eNO6pcHIENIPGbl37Qk8N+E3+/7zo96jthTu7IM9N74nHvgHJX7sA3njc/hfl+K1c3pkA6vcA"
-      + "x6gSIKyC2tdHhMI9GXqrhL8fw6C9r1AQeJeUENYr23QlcaJv2HQ+NwtTcp0H5V1wqDDXiWR4BgBL8IA1hB8ueZiQTE47kRAX0RYZlRDYIR5kyIQxJoiZpomB"
-      + "KkeG9nIzxcJik+ORI+OzATrvoKJFd+fYODqu/aH3GRXgVFkaecbWP9kIHBrwNxHCfpidX9zW+lxBLZYog4en0BaTVnOnqVOF8nuLWUfOlNuJ/qxYXc1bZH1J"
-      + "L8NjM4FywuvpwrKvvvOPk8DaO0gcyEO3HL/OkOq8EcLgwqmY5cFTHD2EccShZTpm/43Mv2W6m7sBNllb/i+4hlz2iL0D0ZiKqYmIPgjs6SRYjBCFHNHDgcvh"
-      + "/CJAJDYYh4iJAVbdcqv1ris9K1UJ7cmH53iRGkpECY4zxKRfuWwK+wUfT6/F4RL+iGONIF15ePDMVHb+5AHWPbaiwGwDfnxFGBtfSU3TQdPxrK9QyMtYgcfg"
-      + "pugohZztAhv2s117BtxAru2VGcYNEvl0YGjV+eCgGelX5l6L33TVN56v1F6uU3MtnmQe4M80Azo7mhv7cL3NOr/7ThvAYz6M3ANlUDlLf4IplMJ6dJtsLE/9"
-      + "xrLjSngE1lVuaEtLT5rUKJEeeMwS83cfq65FUv4bPF0nwAgebb3qr426274Kr1gFaciFpuwufcUaFnJM3P2GFYAmIRm3YM8acGNzwCok4z901GYId/1cnh79"
-      + "k2tJmTxeAliRfTUfJfibzu//DcR8yBi5gSKR50y4vBQjMVUYzehE/iDJneaG/rSZ8gV/f6ZxRrT1jUlXUU1sMIdy5dyrGFuK6kG4hEmXTnrHHAjgL7UzMntT"
-      + "ALWTznrpfSH9vGeQ/0wFYohGSKXfrtfL+y/NXlG4q9Ai9G4kML4IvV6DFeCfCmuIMieV2CCOfmQ0RFsLUAvj7F64g9rs9BYfUnF4a6IEkAPWaBRIn//kY7XZ"
-      + "b2EzBiqPJqfy3egwkhfs5JtuhtbWAgdYDPBQc1yKYEMdDIjHja5J+Wd9Wd/UrGUVG1bK0BN3dlqKXSvz3pRPuk/OOvxlw11VZ2rV/G6BvEZMFhFNgMwabIqL"
-      + "zk2GffQoCncwIuEbAi7KU2P6kMeh1eUUKwIKiBuQ/dEcN5XqLkRK7CKtEOKPMJeqmFJCNQQ97QFz8kmYIWY7zjBEeo9sK/dMuqxdQjgMMCtZiShE3tBoXAMD"
-      + "GFhwiasl5iTMPLhnAgR0Bm1khcwx1MtQ8tYO/Dys3t3JOTOtZXCm7gUu4C5RPSGRsubfK2gXzDuSVB9dS50SqQzJQVCB3i/hjldZygXlKXxvQ+wMQ2si4Ozu"
-      + "mPppRGyrOvtAGuBREYWeKvumZQbrPACdnhWyjEcMaBPIsbVkKy4aSsqHiimGVewYlaVowNVYBxdlnA1qEnXeNbgPAYqmWZGfANg1GbjV1BM7XlrmmGtetSBC"
-      + "8X/Tot+loQaWTqPoOQ4DA/u4XwBXJcDfLKW3/Trsvqim4eLyOTKXI/VeuUNwsxxpyX4RnYl0FxdM2GpD4RfD0fJSBnEx30Zcp2TOMPtIlqLKpD3q9VYYQSHq"
-      + "gnWo12k8pDahJX9r+1bIPK0QKg5zXjU/Z8svYHipeYMAn940AoM0fW/3/MO+K4u2pCEaOsapHGXHsZxIW8W1/6dXVm0/wibnxckIcZd42GCcMLDCqT9jBHfl"
-      + "QRBiTCqSBQwEbjSdKwcRxAHDy6nxKGoTPv2Cuv9isQYYv+0WvDCQZ+TDItm/piGF3HGhY5PAP42hmJ8UvKSBoO+os99OXB+f505B7X4ZBJLfa0ps0HvtW4jP"
-      + "1tYA8Jy5qD/49m+/qHi72G7YwOxXoy+K+U4Gh6FBiBJyXgHUlP05DoVyNjaCS4xJJlYHDEUYY1gDYoqBFtI5tPPuVYX2TnW/X78yhndhcESIUCiNjsEThFCi"
-      + "vdcdWM5/+tICtJQMmaiNeluu9qsCOyxtv8eu6ErMnNXteDb9qjmIaNqWS7HqsxFYQIywSgC3T/MxuTBm0OmbnoEc48aDROOXzYgR1gmr2uGoStLLk1t37pMy"
-      + "80GQxGCRYcNK3llxg7bKknarytD8E/kEJp+UmW2azWja8dtGy2u0Ghp0bPlpaJYCMv8uYVC9xwV52XGWf5JvkJ+y+tKHo5LKkxH/Qwe13s+M8S2jJMg5kdbc"
-      + "XoXS7y4Xz25AzR2oMgKUNmllycpNMxbzvxdW+1OLJ+Av30qfMk3pDz+0FexNPczqA2dKb24XMdN7T+2PqbJgrPUsb6k29Cszz2b5pX++QURO7R4jSktd+Uyn"
-      + "um7H2NQ4LhPcxszVD+e3xUWl/fASrGfGBHFMojJYrsNoXn1oAxqtq1p2KyJ4Yma+6vd3ZUA5gL1uUpHxOdGIVVJRQ5mwRk5TZL3u0hSsnG/1/ao/DYLOTsit"
-      + "r+dM2h2aRM8tyEu1L6gSnXZJyRxqAdi3g6rSdbH5S2LCxFp2aXckG0/adGozr9B9xagdv4CITmCL9Z/+JC6KX6FRplCXAH8h2yTYM4iyUO/ENeNvzBaT097U"
-      + "efEqxifrL8DBC++/7SaUDfHDSylmNcjOwl5R5zdr8a7ZUSz2HM9Wiq9mjpci7ciNz3QDRT8O6MSvvAS2Q2I6cj7psm7sCPeJH0+CjaLtXTsaRyKAsRrCQj5Z"
-      + "bSqaPm+qCh1gQG1zrNjs0tzrblGnQJa1eoS6gRURVumjqBywwPo/gGSu7CBrDg83Fzf1TRKWOpLvPDpWv0oONuuM2bG5I5VnQL897eWR49dJNVHpD6POzb8H"
-      + "01ZAL3Rsnoj4Pp4RZVR3bKCTvbSTd7+9dodUsRL3W1MtBzpSLRF1xsiUjB1U+A/IXvSBceKR74A5ek7pH7/iZ4ocsrYKAtykndDM9LUK8OwdV34XkCY6x8rF"
-      + "7raY6jZbF/zBGXOdrzxwxbrS+G8NZwcJmUtndra8hfKqfLyuw8jBxoMBLXUH27ufMqlLCtyTDScwgo0z6hFiMxYJUJuse8ce4tYQh2BSqXnkaoGOB5SeO8sh"
-      + "pdAEU6OjD4imFqJAuKJVV+finQ2pKxSfU2SkTNuEtVP9sTUvk4ZSo4o+tbO2iO9e90AyhFH4lBQb1g3qVVtb1Xd6xuQ3M0u+3yREucLC9Hn7K3HtyZw0urCe"
-      + "PsqV5odUqN+wbODKUC+gnlqyZLloG69kIUSawHtesQTXrh1/fAJhWU8ghb69TF01WYxtAx/0Y09Wb2b6GfkqHT3nxBP1F5znb0cABw6HwVfDyDGbpF2DhztX"
-      + "KM/KQyYY8WTPRX9pcm/3IRh9jg/51C/053SdUOU/i1iKVSbQWV3iXQhlQ/W29aww1fPe37OOZAxLcaw1pAM42FT3NNoy/lpe1JErbt1gE8Sz9Wev3Eq9pE+b"
-      + "WFiCZXJqF/vmddbFR98ttC06q/beJg7bXq9tLEQ66UyFsshbXBCLuayhoz5qTa2w9XV9LhVVKcUBbkePFALpdEXj0RNaLvcPfp3LpuDplQv4WjpnGW24S8FG"
-      + "VID9R6ltzK1Da0xtr63aJCsQslQ64gJdUlM9Qxb5mEQRhxNtWnz0RKB6XK9uMOOSvUtdz/hAqs5Rr8VPSYbC3PMQpPOwXDmXxVsDkIuvlqM98JpDecnP/Btt"
-      + "zmLnax6QAoHJlQZQxyFkydjRQCyWLJMDUWuxHR68EEu1xOs8/w+LGOZElOdjQdI62o8UrQnwWkYjdAFZkZw5Y2i2pTMgm2fpAhwF2h2e1QwcFgzVfAuNNCW5"
-      + "qx63tbGv4ftyGB8I7Zsaqf1Ii0a6A7dxFBsEyaPo0JRRjjjMGcXiGILt7hNFKmiozyvp7o+N6FBa0iGhzq70IPxzM109QR6+AmTFslUIuNKvkaCw9Pv/J61w"
-      + "uTZ6ZBMWQsEE8sGr9SxyyoiMAavSj/gAVWP0EF3EBxzk3z5L2bOVGRTQx5cGfnaOKguv52sXOzBAlaZ71pk0Oc/PusoOA1kzIxUknKEW6ZkTfJSpiGaFwEG6"
-      + "W9sIliJNloYKgqAjWCS0xC3eL5iBbybwGcLWa6I6dCUZQWT1oGlcBTacTmpieMsbeOrewWtFzic/zxi0EVu84GMCSmkcWB/9eJBzvqvMcu+2f74LiBOf+AWZ"
-      + "l+mQwmFqugX6VWlTdJMd6oB4e7Q/emsLDxTyr1m2Qcn99BdP+wum9jcDpzSxW2yQDkPsgMeQJHt1EDZUB0OMdx1Vry4CPSK7/Q0BPMYcndCvjH3x2oxVGTZn"
-      + "ofVsYVoCukcG6RdYQFheHWz05Ixihl1goWCyMPXkDMBbRWZ8SmLHSXakYYiXtyVH0jB/JRn77GVjLQYS+M48tjheO7kRDOC0UY5pN3iZPddlN6Q5+tJfVMVC"
-      + "dR1GhkRJ05o7CQSO/eM8o1XuaZaIf0FgRK+x1gIvqjBY78M8WGDVAkggBz7ajaYQ5xiVkU51ozz4N0KsgiqLzAQhM0mVsgdKvpB2osviHMwQEc1d6erMvcJ9"
-      + "3QHsQ0R8SlJIUNIQ3obEYrfc0xWetCOoi/ETY2xTA0Yu/6Dcgpub8C2GDImb42qzH/n2PxRyhNr1W8zCbxtvK5WrHUpzzJwS83ZJhndN5d2W5uge+rFyFMwk"
-      + "UPGta8CEhdUWTbEPYAPC6oAHs7CIxqyoTZBal6Mubpe/CpHKGG/ikHpThWHD2RCPGIxi4UPUJgPz7e+WhzGoXKaE8dJebqWs+iCjEilKyAuHUM66Sq11qZT7"
-      + "rdvtz+oTwA2mHjbU7peMlGl1h96bToyJmHQwR5MMRSv+dNhBAApMOSVhbwtNKC1KXd7ksAu0XRqs/AhLh5CI1vfwLKrcYsMJZnwHCHOAwZpVubLBZh0NsTmN"
-      + "ERyYr15TZn2wRE8OP56hS/jx6nNjE4wV7jcoWZhOBfjYip36HHobXrECnStlrcar+YRtk9AdGJgRJYpHUUKWDxB074YXShKiR4UFXZzKbKzBodpmi2+R4CKU"
-      + "P/IASKGjubOn1vfxWQkOO5uI6EKHM5+OqN7CRPsz9IF1i6WRIHL+qZS0NXCQrWNTqPpzahKECYrfVEVfFjIDcjYK1cYg4eEZXgf7siQxKytHp3xGiEdewnYh"
-      + "JrdjPOzSiTkjaIendpafEnXEEaxgT9DYevKp83amEE1MvKn7H9wrhgkHUbIpt0si80AsZvFE6vjBsiC6TjYWoD5pz4jfmMS9z3hXwvnGuNsFhWae+UGpjhDp"
-      + "bWqxOZrZuyHR/wo2Q9vo8hV9BUrkGyPqQozLeE95rNS4N3lliwB7kwPL1UTK8EDWfEaF62oOi5uDh/SjWovRtVSWtGF3Nl5ExpwVh9JebYmp6IxVO1Hj4Cjv"
-      + "TvJ7SSDn+uem5ByE+vhptBz7yOKZHC8htwUGrSwYMGQ99B/dWuj+OLhjns062gDsd+jHvwHXynl3k1pGT5QfIXXZlvnxZ5eJ6sSAhgoLIDKXaIK21Q1kXM4t"
-      + "bQu4yTbnhmlhp8loebI+KQ4Q2CBLihbLrEIQvkTtEgonMTuk7D5vdteEjqajwfk0dF0cXBQsqe+ftpTi5aL0j2/hl8eoS8bqDxgAVNdrP6FLDeUBqCuJFzkY"
-      + "cXXqLGfryfEQH2W02RIcqdft7eH9DpaATTP9cS1Y+M1cx02g2om+FrIjBdal+C7k3c06+a9NM3XPLCyPBsXRw7cK8XHRLapQjV7b8iWGzMbcRce8esxXvpqO"
-      + "ZWl+mRemfRPG7NR7vMuYQOXdqxzAoKch9s+t16rrGMzWiQB2tuBGFDJr6vj3R1dgHwp+VX3h79LzCqk7gGXYV800tj6z1FQ5ck4+UQSD24556c01GqhyIe8p"
-      + "z3EBvHNrnlGCcCEDFypl7XbAfiZltcLG3XB85LJn1Jipdkbvl13nHMMAChpYCnVwdflGyqtKU/SY7X0rB95j5tka4mC6rXvCdW3C58ioPRMl0NB/RbHGuUW3"
-      + "xnOH/ii/uzb+4HEmjP6ckj08bhlr8FRwHjsvvIubWFPQFALXKS7nB/AV52UU0rsJXVpZ2V9BmPtySjs/Pske6pW0r0xvxUhKDInpXGMwEtiXNnG8JLZObLnF"
-      + "r9iQ2EkY3JK050soLJlpnY1dJkzLzb8PXAW10MbkXl2ZyCVf1aVOntbGPXTa9Q96DoEltKq9eliQXm/kzSeHsGcSXDuWlZuLPCir68ag508IVV3hVVE6uRom"
-      + "CyHTKT1VDV90Jub3k+l3Zh+iLo6k0mxLMbIOGnVgWF++SjxMO7o7N9aTVIjaFMDJwjVFeCCkcdqcSyZSfi6DcVzLt5434tYD/ZwT7fs6nMYZmcRemk3m0qLK"
-      + "z9uJZtteBuMq7WThR9ad0+FQlhNERHPziJnKBJRKhSAzXeXaVkEtQCqoqAbbFYjTlz81NVbV3wW8eGmQD26DSRmvUKgoiH97/ZLMX8rAeWSj1KBqNn0oqoKs"
-      + "V9N4EzdMviRhDW1la5v7iLUfvEh8xYl4xl6EBcrRvjvedg9k7kQmCTCJITMMezU25cD3Gp/Y1bzb2crl+j+wZ/6W2Y15fUACFHuQ0fd+Der+FMqwpKu5IVZM"
-      + "/5TeNp8bND+hC9T0klV2epsueRy2F9rN9uPbugfcoUfDK2UyDcnBS4edDJ+HEwxFHdbVn9puqvgkfHUJbzzW097EYt25vzr39TbgvpRWnUQUx3J0zYTRRpcL"
-      + "MfON3COxo6AoP2grkhsdbfSEH/S9PExjaVoZ6y2bI91pgdDpG2+AGIRnOi58Uk5g30pV4BzBl4a52jnPRg0M8bRaM7MoaGeobwix2iVvqNC25fWJsXNzhT5A"
-      + "5hauXOT4no1lAuCFLpgseizfYbI1TXE6h44ELmj0xRspoiXaF2HdycgROfWeiMG+WokJW8i5vcmY5FNnwQVgSOVnV5/ptsBOaNrUoov5PFVkWW2E/C4Q4kup"
-      + "hI70O2NB+ZGRLXyM35GJ3/xhxdc2lqSdsDMWXU8jHfFINyYcxmSlxYG1NETBlEwJmg/eSKbDaqHNO7WMNuyOFcZLlT2xsFLtf5X+uRf0GdtBVOV3QxGVhfsC"
-      + "QFI7xWJJ6mm+r7SE0zoBGPKf+OOo1Pdqx08UhNslgIKUxdV5KzCZrcprVUgsC4vzgZydMOc5jV+iNrwSDRLYrPLo47Jcuuko7CKsZ3RbWHTGt+lgcRIFumP1"
-      + "2Jl8+UgG7xaoadsR/5O/HQDEq7Awg3R//gwMMi2hlSZ3YtxAtosL5L23DXblyNMx8Rr/S2T5zs6tpWgtLSu58PJyxwzxZZIctx2UEX62NMVzHh1KtQw0ALqZ"
-      + "enc0Il8RVJmvEdNhTOwYpzY3xePs5bg5/s+XcNcYKlXeUkbHhe8OK7Z2mZrz9gjRjZD+wokaM2W2Ndr6WqhvE/F1o+CGKEwNR0LzmRIm2KOUZMjTM1G2jthU"
-      + "4jQlOqq/b2EzJTQgBBucq/ykipvpddNNgdv5sQT8qoue6P/eV0HzZNP6vtocouFI+Mm5tn0z34j/Ng9YUmgJ6NOnbqCYZJdvcQMwMMISmPQ631tZu7qlv0KS"
-      + "dF5PoOM7D0dHrzdxaq9u7KXA726NBTPixSzDAKrG4FPNvENNIhJybqYkpvgobmBp3sfgEryODBGy3BiYshI9wVIVtMpYlxSonAhVb27oEPSAu+YAVeDBx3U+"
-      + "90/OEA1BBlxYRemNIdyP3H/JragkYiVCp+eC5Q8IpfIEOx0F3SUtFmtHfaWOKvxgci6+jzCEzXhrT4fAyJtdgsJ9SgvVGzXxRYvm2crMYgn6pyz02rHi3Syb"
-      + "mQB6xUkqiml9qjfpDiveiHg1RBaGzzZr382Z612RvLwWnbC9BVt2Hg1rvxMT20D2yZLPv6jCkg/DfxB99YoQO2JGotv4CxNvIyBablefe8h7IQchzAuQREp4"
-      + "G3klIR1M3UQRomTo3On6JBx2NNLNsizBppWovqWluqyW5+SXXApfg1t/HXPPZywJzxZe58PV/1qK4d7P3f7Flj/V4OZhPMU3Ht+jdc1N9yZtMFTB+Kr6ejqB"
-      + "/1anH5R6N/F3qwAldWKWS8s355GI1RnOgHXWco0g6eVn47r7l9ZrLWC8Rx9oi3nus6IyuWK9rSzWlA4lzSoqcP+VcqZG4xkkL/gQqy/EEhleHxXKxm/ts9mx"
-      + "DPF4wj1onaF5HIwINDg89Z10TqW54RxaDHxyoNFLq1gbMO7b+BQyZoWeE+Thstgvb2eo1FXOSQdl6KhgBxghJy0j6WZTPoKYPk83WZvJkUJYqQs1IJq7pRnU"
-      + "r1n+5FT7HFefVeuj+reIS7uF+ftZLe7eVxoq6GzfIF5qUWQAJEEMi8bcWQiop2J2FYWWo2EDbNHgw4BsOUZ+Umty0P62uVPDC7mc+cm7rdoDHK5vMgadHDVT"
-      + "pR55DQNQ/HAxbfgpIY8MR8ka1ai9xkCTqZ2fHZ4rT/xWvFde/j2ngwuTlLwZdk6xXbmkvwjWkeZeKdomRdMgyNLj/WSM2F+bC8FNanWbHA+f6V2dXmtbob6U"
-      + "3yUIZ3zBvXAbnEg7HJY/krNTqI8GkYAar6BlXbAMumW0iVk9Sxn5/MxMwl2ytPdT7zwZ2ER4Ldi7L+Gvqg5fTBtdgDPBQmYmQimH/U5YX0bjEqK5DBK/ynCQ"
-      + "7CyUjCxJGEdt6H+LEM43bpD+JsSiaFuwV2NLFALq+zefDy3Wt5oOBrbmAmLecuiqv/1coS+s0gya03U8CqZf3PUQaZAzfYq9uiivRjY9r5FmoiSeZxKLDDDZ"
-      + "3oBmuMIJrmJUWWgCOBPX5OY3I+3vm7zQwq9OGOvpwyfOegRM/y+lEHc1kUj3Eo1a59unVIiZy5GhQmyGFige1VSvetVju554ZTG8dDZc3Yn9nUPEqZR/Tvhs"
-      + "TmbgovT8GypfFK7EVm5t4THZPZnCKYBN+y5SJSll9rTCjB3wqX9XfMpsFRxZA84swkvR+MEPPgIQNWrv4Bx+Vi1fjdYy4oD9QyUQOGnNxShXZNDAji8ul8Qh"
-      + "OS6tF5vfYCK3ey1TPPK+kNx8vsyx9PJZxMhiw+ILN9xvBvwA2IJKFdtoqn9invgv6DH/hK8Gbiw5nfbaqjsA/ZlV7+b1fq8B4yjqEBo8O1wEEq3BtTsfwmjQ"
-      + "san6Bkzo54b4aDMMC4puywjcYyU6ONQ9wMzrsCjTHQJuztswhJx+0s66WvfcC7BveiCCwvWMtUa6XlBFgUUeqnpIoXSulmdh3CRp1ZcBsXuP6Zs/L10EAyCg"
-      + "CP6eF5nNAzjN2G9LnLFBUKF7oqPpArl/f2ZR/Nb/JxBcT2j1vxg0Ns7snLcdnAyfLJAhhNzgWMMMxlwC2kU999u8jjOPXnIOzJfaup53GV1dDsCzAaRG9fxn"
-      + "DrOi4WJLPo2HNL/6zpcBGi0sz0QeYsZOYquVukB0I+Cu4V/BAfNXjCZp9mn0Q37b7nZ5Y05ee7bKHVWj/eZOnqLtPx8umEZD9K1T+G4qE9yFjrR+hfwAYgr/"
-      + "OM4KJ/tgwM5xCMxSwt9PqACiwT8fFLQlBxJnSEbBJo7htmEmw1fmM1t3TxseH8Kc44XPYCVBQQU7fJuyw5OnMxLZmjbpPdBRDknWRsefthOGZhHa/W7Z8nsJ"
-      + "92m4kZ8ulV90DyAiLYRmSO1PlcSmmEI3ppAXtRgZiXSjGtdBwm4RxI/eTBtj2VLQxPw//6ntg+yf9CrfqlTPM94a9jmtDcbF6kV9hQ02AS/xpmlYS9o04Lu8"
-      + "fuYv8cL49au8JzDWFthQGzCNasfEKhDWEZzjUJACZcxdEDSLQWe5YCqW9CJW0VymnhRCVQX8XnQmgbts0efrO6NApxQjVHzCR07eGGkv50Az6z4mPDXYvy1s"
-      + "0NmnaCdmlG6bCHDWMg1ikUYTdBWpdUk7CUMTsPdMUunLnZZ08YXvuqJWAQyLTsIyvswcKvQPJo2XERTFKE73JctWGh5Ebky0EOd2QcMHKf1y9/p3zCa8kBLj"
-      + "XfqnJnE+YhYf3rfleMfQvs+CtKkwXDnTf9PGZPCDdFRgC2wi1AdJz54kp3r8bnom3jzRt+7CTcJ9/E3SoW3GYF0UcxPBZucVxQ0PBDBpQJmVrg88C0v7dI/8"
-      + "sCzY2nnRFuOxTaNKY56I8CDTPhjDC/mGTmVJbzqsTasKAZCeROX5kQq9Wk0KNaf+KTw3ZaJMaaRcJlUi8A8BbRhd4DrnzmYv1bqe6BfQwkcFuMUuGeXG/ulP"
-      + "6xl/XTqyEV2gNY1r5VOmiUWThyyUkyKaV7/WuJI2ladkP9RVhFl2piACtTBfQhyJfYUX+5wJZV7MoOmnMIyvm/d13PxJmmEgEUF1wcFNi9+Pp9vbNNFBDlSo"
-      + "sm1vfiiD2wBKO8nlziHM2G5Z94NEvBfmMfKJSKTKYAtgNw3xknd1QpVc0966/hupo8faSmd7vEPpYyjrbA4hMP0unLOzPAneGTrW+zNQiWGvBvnr/qNM6pOq"
-      + "FeSU+RkN9IT9xDAMJLLzI4XXL431aN8CfcQu0EzBHGYV3kygihCOdA4yCRFz7t3fKh3L1U5gpk45wKOG00aTQaX4LnBPOXPuNKb1+JiGsTmfQDwh9HM32zJ1"
-      + "6gyGuF0TvOx99QP8raXZNhAfak+IDBRGe1kO7fwskjLq54esm5zoIbJlFR72wtAq6lqt5B5ujmD8gZUqYyDtjgRw6qhnnDeCd5oth1qk5gNe5K6EuZIQHrV3"
-      + "c/HvBA4pwscWjQ8U7m7VqGZoDmaNHQ2PIGG0j/lzwOVTUUFvbQLfkoSIAwW4qnDKqdF8WJ3zVoD2mTnVo7+/RhepMaXcAPUGLrBRQmzFNqCOyytDHZwU4t0t"
-      + "4vSTcPceBIXVeln9ZcOGmzWY4w5OujUhCfy5n6AyG5RVM7250oorS/QTW3piROGOSqwE3Gn2oVla6Umf2NKr6pmoxJgcx7MayIK3p7a6kdotKpCuE6j8seNJ"
-      + "PenAGt0m719UgTHnhe/WniV5CfK93przkLYk3d8+DJmSWuCWQLKwGWKVyer7tWIx3TaU9wS6NYXQ/vJswlAQ0A3hAiYYyxjGBw6IrOYOda9WDrUClAIM0BJA"
-      + "gmhCvdxUuQz1OdPgon49MgUyNWIzffvbY2ETsn0vQ+6EWb3l/LpgnKL2mM7MIeef7rbDUYYNDrCkFcBzPHpbuOLUCEV/ZVuE6crC0+bDvgtapF77j6TgmR8g"
-      + "NigSbp04++7Sm14nXEvjOKOjWfSvBZdFUm5r0o3HI1wbj0SH9iu2hO35U/3cyklNI4zEHgynKPTUPeBqaN2jkxEHE84mML3NSqE7CwLEWx5bb8cRPgtm/s+x"
-      + "OlUlxsD4AvvX58NIk60gJPb+qWn42ZFfKTVY73sTApJIHSPx01sPZH7ex4USzJ0cmLEfJDrKkBHj/GUJYnx4QgLvFZzsJmYU+NFty0u7yv42RnKZ1PgV7qSt"
-      + "zfRpZI9nEO10hjXYbgsiDV4J3X9UJ6qIuLAi7AejZjTkUPVj/kG33PDTcx+1sCeJ5SaRHZabL0jkNenNORuSycOg0HOV75N0FWeGRql9Fdr5Hqn5KVuhT0ML"
-      + "jU/Ex7oh0KDaqKzD5kIWx7QCpGQf0XuMt8xWB81ShpXyhm1/PJqgB+qTJWOsZfNduus7+EEVuufrkEztAL7kzvPK7A2wWZgdhUosJMl7p3WL7dGCdbIZi5uf"
-      + "Fx4d3TYg4LRT8fy6wYIUVXlSdlsOrgZTUL6GXg78Wx+CKJcbTG1jnXhPbUXE/eN5OlI8BfoX1R0rtgO27R9hCWAKaTLAgPOeLrMbQh0l2PrFbtIcIjpuBPLV"
-      + "g9I6LDdY94Nyz15nuk91Q9/fZ2fbS0oiCtSid5mg+/pnP8+ysSHNMQmx+fRuOd9LGxH3hOlYdGvh71cU/6MRYp48kQ1wpPvyzRJkCWXmLnEExxF6MhCnwrXZ"
-      + "pkcuZOljmzoY4mWaBDkB7XlbPQjr0hqgdJN6GpCFYPt39HA0jpXg0MMP/6b7xDt50w5OxrxVctqIzg2GwUiuvoEvKL0a66SvF6N1bZ+vvB9U3zGDhTlUaSA9"
-      + "I/5Ufx9mBq0f6FqMnyo28WFlQSv0GdAHwKoJYL6DDw+4E4RkRj1KDQ/xRWb7RFC38pUzc4QOk4fjvtQ6TrqCY4OdFxgMnkIwpEidV52cL8muYJ1awTY9+Zq4"
-      + "S30VxqL306shbAu7/todhWOV7PhMJ9SpFYJJBo5sOBsIsOO/NK5MZnUw7/NG9+P6rTJ2DEcMUKt/wvVkBanX80SOl+EEV3HHknwTD34oCkyxJWmfm67xVhPG"
-      + "/EGs/ynZ8jiwV8/710bzEkO1p+vgxCDokwvuOU4X77HLCP5HScoXWgwo+43GMHan8pE0PiET6nAXtA4CgPfmQLjVolqOIAvVE4Y49wHN0rIQyi84guFbT/BN"
-      + "0QtA3XECB6F6JGPVLV3PIRkOuzeIVygIwJrcLTW2fhPADy6lWvN/bnEhC+5vDVPPmwgF2+6Pw7G3aoTMIZaxMM3TAdDGrbSzgsa8HBYjV1a30g/COOHzzY6V"
-      + "Kq2yHfvrehKmhfSOMkBYq/mMRiN6A43Eib9fdP7Rr66lQ+plDc/ig/GSzVFLyOiCHYMSgUxG3HHrMWtKk45J6FcygP1S6xfjToWYihm0uGuPuXn16R4OmyjB"
-      + "SOqjmyS4y9m7ZVfYIa7aertNrl8FYbtWmHlbb1lysuPHZKiGOeD894yXXD8rsDUkZ987pIQR0TJxy30bifF6cy5M23wKHP6+FDIsEnkdzC30cLY2Cqoboleo"
-      + "YZRoBDLQ72RmCowrt+JmzOn4qT4jIXV5ouoxBR/YwhlFKc2L3xVeHv6x7LPOfqWDbQvcnjjHhF4jzZgVCfiWIW45sfswqwjRvnmlKKg47Q5MG+gxfHM/cbI0"
-      + "jGKbMzYOY5JngdQfnh+KfOAuAsqMF0MyOgOzgvCfGxyXcQYRNMJuwdeo8RVqlM3GqXzg8H9NQYhutAESoIEekdOoxx8G7PhBeuacPvq5TxAvZWB0sLw6RRR9"
-      + "Se157nn96kEwMRHQMeMwnnmGKlW8fqaBOqdH1CAXJooaasHbAV2eur9fhAtORKT9RVdhfkAYIJ3Q67Z8ppSxof+w1HctxnwPwTG9mjTWUtEgEMzeV7LO/AF7"
-      + "SKvhA8w072J1ywu15JQU7o5Y5E0UvDJyG/vW2j2raXL+xyoxmvmWhhv73+yOKTNfS3zBSrNduiCAQPgAJQQtZACPUEiSUY64Dj4xUKhTfLEqyGRxb3cexxEk"
-      + "VFocr48pI0EIhpQCyBTbR1WgBEjdEFuw0U6LD6tgmUaydSid7mjE5EDrfUoku2+s/XLVUMTND7UVUKynh7lOWOPoYxSRsIw4fEbMeMFJDjHMJDPJ7GjtKNjI"
-      + "aflH9zNPLelqYHNw6Jg5DZqXd9oha6jedi1dHw1WhYJ11x5VNemkq4areQY/GZB23tXMywzusktOUMTVDueatcNjR1hSbf3HJ9lm4CwiePUTuPNmq6J0l5f/"
-      + "Xms8ZhJJ4WfnAiIPTTjeOlv7xRDjW+yMLHY9CkS/3zRQjrjdmEfLOxwF+Qgd7cr4yApK7P8GscW7Q7Wue8BVN71YZZpj4E4OMlQmf4CUKsTt+FpGlLf/xoIE"
-      + "6SBAeaq+FUdi09+Sea1JWczgo5BTNdy6f3HrvcfaGKyplPBvp/j+sNT/JK+VQ6fPikdIXpUIm4gFZmKeGS5XkvIOYfPJdlRM0nXaOVZq3DL1YhVS1mXV/9vg"
-      + "fM0Ms1OntfgqPk0tnC0yhMnqKNFps6+OVYvX/z9lA7m+jTAs4k2khC1CzpUyO2KEm8qnULrn9p5NJqjkxw7iM+s/lIojrm/MsHn2Bk60KGyeQevflbbYd2fF"
-      + "FZECiuZqgXC71urWz6W27ayOYB7gEQpU7661jVws892BEHPnjHBDdTMjhJckpp9eHrcmP7b4Deb3DbsG0ugQVvDjXdWPyKEiHhinmhV0sgFi1jsMsZZrJ3JN"
-      + "caTx5Ad+JM85SZyWvd7KmQVW/yfAAxoGTIDB4jqwwkBQNTHJDO5M9WdmGqXYtkUkj17s7kgEggvBtZ8X68ui86oPrzbUKrxagS38tfGc5d1r0aJEGHnEkGjw"
-      + "G+Uealr0m+sRuvCv22DwvMvjBnhlJzDwmf4F/DDii/7xnZDa3Z35Wvebesh+6F0E9azOKRCzeT+2Axr+4ClRpBMEefyrHcRd4P5hVhQt++COOvCycmNrQRtB"
-      + "M1ElpX0pTncECkz17t/7A9PCWAZhuWoWdl1LPVSxZPZoR3RWBNvaaPJcdKxxxzPxQN6whZgxRHW1419RWtdaudZQ7IOAUNv/smog5jyVPMP+ShTqBShzzXLf"
-      + "/YHUHuB//noWehY9cm9vc2ILYvY948strO32+UzVlWZjvmOhyvSKJMtuvt0w1gObtkUPOFi5FQJpOpohVL/u+74J+CStPsOvfg3g4OvUNqNae/mzEOPsqA6C"
-      + "5KHdewqI3yM7ysA6xKOEGGN7HS+ZSBHJ43cRFQxvQeil9o3SiNxN/+BCBHxEZieNnZr8IKkno88vsGADITvcQE2BaGERir5hC4RhWnXu5FR6L0hcejPnFh74"
-      + "ZIDJqE9IRXqpa1ruv9CEQoyhpUNfm+DdJXbfvseckFMygXXR544AfcE9joQaL4+gpV7MDv5vKH2g3fmZisWkBfI9cUPV263mngDbGMGPQxlTLFj1k7TdXXom"
-      + "DtzKjtMt6qg7kUYZW8N+RN+aIGvH5VEu3lvk4hYZisS0OdoMC0p2SzQ/fhB0R6OvnsLOMNyKqrVGXLoj8m4SYDfY3Xh3/NuFLqFfkWbH/puLT4AQyES6C4Si"
-      + "NRBesscpnsu8WFDMmM93hXBg5c+IwFSE8idiVIgcivx6IgjH462rpB0paLumY/Vj0Yn043D7FkAxgQVaq7eq+Eh2QDZNFEOuOxHJtqtnsrM9vOSBtpLy/LrK"
-      + "J7yRFKpWXp7rmdNYagMDU38n21RnUuLRUUVTPAuSGyW/5R/imJeSdc4MLMm8QZGNbBH58zQR+9fzWBj9cKXNm/82lskZtO29WocWloxB7nNbyIFVRXcEyXB3"
-      + "oZdor/PJju92zDypimsabxVBMLG+2C9x6haWyuo2M4ahMJFFTjRiHeZ3X1C+QdTGNdhi4/OoE1v/u5UAwAoGnnuhm/CODNwStq7VjptrxarkGBgFT5aZKyfJ"
-      + "3HkbkQ+5kDv+KKoR8Eo1xwA9lkWykF0Bm+oANcvHPiAJB0AWwkvjRMf9T7mwftzZF2ZGxTKaPP6a1B8CgkkiPFjHVf/hJb5N0n5vC6FPvKI/B67rJYlbcTJI"
-      + "ZVffXOoD9IZoYsgb1UFOV3zX6ElbHKbFJfYIGw6gyx5THX2/a62bF1iA+JaGicjGnkJzzdu8QMVMESmadOLOg2Mmf/oWk1kUBZVJEfgRGyFRXolc658UEuJw"
-      + "RS/2ZkSxy1Gw8nOy+JhZksNZaA8ks8UIGwmp5uiRO9myS7vRtAuhfQuPgjqv2NKz2Zz4ojL3WjaMjiGOlohldcdTuzQhg1DvycLQlRgjrK4j3rttZTPQo3e6"
-      + "0f0IpHs2L/FVtyIiTdTDckzeYcSu4I3F2uJM0NzHQtYjrx3IF9waCoxxO39Ln93Q2EY6I7azxWYg9MJDF8vTfyIyBTL0I4uwH6ybBygRCrnnqpYr+luBXX4/"
-      + "bBeLOaSfLMLGnG8a1Z02TqPENd4suuU508nIuTYZAoWxp8+bZjaR3vXiqPCOF5Jx/4Kk8WxjDt51YN2N3qROyjuyCthH/5j6SGIIFg6TaOA8YMlykCux1yHe"
-      + "UsBtA0mUkN+AKTa0quDJpBw+D1GFdeHlzldPXeKD0dRkWW+khNKT20BEPf9pM+gGgvkA75tlIlNwM1N9RWg5zYS03aVFVt9ZAsjpzol/yt1eUxEB3WNt+Isb"
-      + "I9/HDq40Vu+puoVs0YB6pn9pUIc5EJaQpX+4NSizFRSxIIUG+G0PIyBscjMsllAimj6kH082q/kTWKaKKvg9N6d1MzY+V3Rltte8QgVwoGP+aMMUM6E0BYzw"
-      + "i74BnI0et4iizVdnXg1Nl+y2QqcN8z35B5Rxouto3it3VWZOU10vA14iTpkapn5RUQFDnIdNfM1qa/MpuUvKx7IEd3vvH1LFKaCWd+NsEOb/GGxf2KHX5kos"
-      + "R3/R4SmiZ65co4iHoqA0D8SFizwcnr1XpZPnzU6cptNwmEUau6fB1xXvbU7xlJoylNmFavOUY/5+YiCfPNUQTccz94KXtbKwj46qVCnIJDIa7cy0cxrzoho7"
-      + "rEDKvjlADKvK/1v92NnMBc6zCpkAncFMIBAJJcTJHoxGYDLr96N0tC4g2gsO8nsWB0HXdjbl4dJF+ZG6G+q3hNo0SpoHcjWAw5lr7RGCCKX7PvfwME3SF13B"
-      + "iP53EOk/Lz7mw84hQcWPfnCEq90kjKp3h6q1/X9SiWpd/FOZAmp69E6WWOixfzfOny7OMK5wFuCci8iIbM/Hqo2Z8zyR6NaQ/IK+qbEUD9iatfdd5AgvO8g2"
-      + "YJxC68Pi4xl0+iVjhSLeRH4A3ZixmaLLd2QGKUiNTW1kfFO7+31kNuFydeLRvwEROdA6FCaTZO5EJp//C54B1irc99LyBxC12SLBbCQ3Ai6Z8EqQatV2imnD"
-      + "gC3pqybbs/pYkOlRkO5sS43EGj1rF62LmsKkXRwwTzsDwvp8gWxznLWmTsZw8nlaWWplzSsWrJ9wnwvC9REDzPJGLvtP1VsCam6kojsYHkLmVRZsMkzl0nOD"
-      + "XfWVr0vUqoA3mhs0aXK5spnK+xzCr2mQrqn0XfiuSmWoCHEtiPEy4C4vxFVoBtgSHZftdqhambNU5mQrQbs/XBsQjrto8IgbIyXyw62uFLrN2Fsjvf1MbXJ8"
-      + "3vPGYQ0/Rqu0MbALpFDwVTSRlKbmpcl7TNSfQWI9rOS3hwWTnTcUgXl2cXpIvorqfybwvbPAXsanc7CoZdvjYQk8bSoryDs+iaF0WWbJTiQLLJ55+yLY/9wA"
-      + "3TV+mmvo0zDa3eSWE1Sijdu06xXB6UFd39/Ej1Ugd4V9SkLyopcIJwKqUJ7m8jOopuk3RMWFT2T+CtZYFXcPiPs6wcTUIvpiY/E048yNRxLpkKZKxmuGakMZ"
-      + "hKuE14EpvGNX4CRmcAo6HDdZV44ScgXZIN4Eot5EWIQc0eURaZSfMKi9G5e0G7sp6cMQAupTESMYMbLuwI3N0NrrfXmLIyQ839Q4CfuTkyR/7reafnmcurQg"
-      + "GJFxxdkVyp43A9n19LLZLGo4soogDhmCmN9RKulE2OPF9Yhd/n0WJFWl8eWvRttCStjshnYGprfBX+hf9yO46CW1DqZ6HLx+yrpy9NiolvC0ZHJ0MIPJ94H1"
-      + "a19+B/ynSXyNwfvaVBoiWssw0rBEgiaXENdp7zJNk0CMb/7gQZs1lqTKsIJilX2w/tsJ3l5RgygmeZXZc4JM3xtfIsV922uPQ23hX/yG18q3fYHaP6mlPJ2e"
-      + "f91EpCmJr49+2prkIX1EXVPZj057Uis23X5WlMYtYWMuGO15Y+JOMOhqUMopSIgrxUHzmb7gp/Axq1nL1js9NnVzJr73KLk9XIdKjkhSZZdkK4mRwmrhy0wX"
-      + "upYaynitUD0ayzsGXsuLX4h1nL7PWSEhik9qW9SOTjOU+xwxzi2y67c+XVyk3lWVBuFfjHHSd9xjXeO01iBFZZT+6ySSM0GnzSPz3FSap1ZRyDUaSsDjZiEX"
-      + "dwfsQWCmA16CTIXif4VDSBctMnRY+znXd7nBRmuYxrIaCULDs3Mwqz/lMP0cCdI1gy4O2NBMv1es6gGLDVzwSQoU+nhD28ZZnpTW2y9uNMHMY3fzXp5GFyOA"
-      + "EUJ6hdFGHinqMWchMAmIe9d6jsFZdOmqWSFwltrexk9F7fZ//D17iO+Y9zjhmt+51ihwu4pAC1RAAhXWhQ7CAOz9phs7IN5QVVL1G/Pgw0d5AxVzIBFYTPGi"
-      + "LNYWqjr5SePfnO4nHy6U9MytrGWMaT1U6HoSKrfys2RuCNJ+VukwYSnvoAzQ71A5xWoOeBT858EjTp/Tlvby8KY8dWz00oWV7qv1+yzA4RJsMYkNUhNFOVv6"
-      + "uYYdfHG5zKv+su+SaH/8s1r99/lbNNj+FtWQU1jzrb2Ynhe2MLajBmT6U3GtJ8ObkDDqiOH4JMJS+zWIEGdiIAi//G1gRCoFBpA0iT1+OpBDVj9bQ4on6uSI"
-      + "hQCPRZysRCLQlcyZEEsiG/1wlQbNk1uF6PtKn+zS6RxxRhB5HL6nhgGuSNrRFQHMkpNj98FXVp695kkFca9hTwd0I6fYPW8GITkiQ3s1Jb3JSJsL57aer8aC"
-      + "KEgMe3YCT4fLIb7/oTbwyiBy8f3dU5uG6HFKo9l+fBeW8MMtgr2aKI/Ycg27eLDbUWSwj50vY08M8pspZV4UqLhcX0g92bXOwcZhnbC3yEPphMjdJ5rtrdkU"
-      + "o4tVtQex8M6epzm0LE6OXlrDAebnhYa5H1lynqw8KrK86BXn+Wb6ecF+NbpoSTdacOT0Pn29riQA4CWJMa6berQGmJDpnmYVsoFIwWD7LhaOlXhCbO8fG3oK"
-      + "DMt6NeSFpi1Ld6exqoGqSTLzYezqCuRcRCycx01aA3I2g+CZjzZu/uzJkDeGOAtcsK3t9XBqT/27lsd7SStJNtk76OvqZbsuK2DLiA/LLCqwdceqDDlZGS2Y"
-      + "3IjXHSgok0mifYGeeA3n+C2e2zVoo0YAtop26YU5sWu29RDhwE8AHPfZWvpk1lTbznJSf2Dzxp4zHIuuUvY7DyUCu8L64ePm16SeZPIVzxBQ3qEFbL3TW391"
-      + "L5Zq0Z+tFCME+f+omZKDDSKYE3jN/0vBUfqOKtXQ6MMckbxrTY6GfoE+rgEjJA1rqw+5rZpnmk6S6dOQpAIfOfkq9ImBLtZUqetkChQk/7dxpFgWgAwztZtz"
-      + "2pelual4JSOzBK5e6rgLGxCHI8fxaebLajuYhYp2O/RsScJg9IWLAJwqvaz60XYfRBbT/M3A8Iucyt7E47Lv/yCuWqd11HDPii1t+okC1VnMztHChfiZ7y/i"
-      + "bxn74R3KJQi62Vu7RjTSi2Luw0HBdtRA3F3XhshpODVHH6UOFhStKh2MIR4Ynd74vaAMXBZjn6pQJaGdsgYmI268BnhkahA0NK5/mjoeQgkCyM+liz8AL243"
-      + "L0p7lHrvwO3OZOGsnDtGWMMtXxtmMwywH5GAZ3JEDXqonXTqGQpNbBnPctvWHuamFcQX3lV0s5K9ErOSuasgn8ui9ayIM9XGg3aSB6Q0qJcK8qs7XcYQw7uU"
-      + "hmVmwo1sdPQS8IyhNyceF9qJqeheFV3s6ICp15jNgUtzfKwiJzdeO5IxV9JHEwwfmJGruuscDdWsCgwLD7OZCb5L0/IVX8Y4RXeEZgxm4QxjpbJq5HsF8ybG"
-      + "QLadBwOElt6fXV7lKs8i5qa+Oi1b2RcxJDNIRPv30oTM+02ikI0NyIdc54o+SAl0UaowzgmdVktc9v1+8cQtQjIC28N6Lt9TUI9CayJQzQP1xTLpBj9HLA09"
-      + "3Jo0bzZlga4lIQQDbMSRyfrEbFkaUBJb5W9WFAEy3ZchXLk031P7z41GJ4Di+hgdBCCJ9JXtiwA4gpfbaWprZj6zrddmGDImqEXO6UtDFb4/riN6xzfmuZ0J"
-      + "GsCs67HkAJce3GJJUlmsqZid8bpu0VUbhH8RwVWsMu9wuL0HEDRAPSa126C1kDSDDMChiVxrm0dLF5LN4oZqUCDGL1vkb42medpPzabnl4nHync31PvtvecF"
-      + "zOakxDGiC3HjnF4ziwWLUyvPNTTLI6rYYLhDKrSZ3wETqlO6LdYWcgprGMZOJ/KXnrIBcwa2i8wE58LNId3fVHtKcsgLm1Wrg7f3q8hNjSHNFkzjE7ioxeqO"
-      + "cEggy2aKeQRF2Lv6mg6XuHAP78u2FgmNATMdJj5ILA+FRccmFTjImS1QDyici19OX0ab/xh4weITMZzNc4mcciSSVgmkGf4cTrMzN9pHudoMwcZw+J9RI1ZT"
-      + "+ctIRJgS0QiuvdgG9XzX7OJfgz9XPGFGv5koedTIEVps1GpcqYlmFpgLP1o7UsyKTXBttyJVcljNKYqYJ7t34fThFs0+FYp3tiH6F16YWXHZPEDYSAHRDCoZ"
-      + "t9he40YsHXihg8+cp3n7c/XF02mXCadl7Mowd3NYJMD5BpLr3FNRjEKPfq+5BH82FpeoLhDLjQPb5X72VaRa814kJD2jbply2B3lfz1RFAXGp8UZlYYV/7mh"
-      + "g/LcPJTL06DGPw2xAgF5CWjV2sydCaJwMNpKwdkCm61JpdkMw6djKdrMJ3KJ8YYfEt68zUXsCJ240BrKRBX+R1au1bSdz6jZY5ytflWhMDlVTLuvUNYSLxLY"
-      + "2pt/sy3Dx8VdCmoc8C853es2ol5/jHGWcZgiH2fixrFNmtdUFHqHObjHqIypY0TvABKN/bfYFKNcrvwBoNk5maM/rOk4SEQZIJLW8AJvBzsNXDP9nXmfVGUF"
-      + "AiNmrNw/bwDd7EJbuOqhrl1xMHOsikU8WkmHH0rwBkeE+upmdZ2HMvFi7igVInIzuKJ68l/qJ4qARhsy8i25n6hxHpW8SKYQEdhsjl2xW/jH0EUy7S0d9kDz"
-      + "MzNgSM1b7eiM60x3FHneCtSgiXOgBwknJztOkN6UN39E1kz9ADZaqoilQhLkPea7GCqwhKJnuONYxsLiHk6eE3YGqzJGQhg69TOqLRhajF0ZIgyvtQpWumSb"
-      + "LOmDDhpfTdkd8IdwsYRFNa0rKV7lzckAJ/D0q2iBWO9Q0XC96lLJkaBOavdEStq34OHyivL/xNrmfwt/vDDy7/gXUltl9TC7FmBSKjAjZWO3Fcme7LGLyq6A"
-      + "N7s86bLCOYMBxyU6pPKPTCCb2b2KhimD0xvIq7euXXHUfn/ohbNTpBmo/91+UrGaVMi8UnpjUwFYRs67LbtjPZBH7YCceWAAY89x/igO7ZlOJVlEGcVN8bEK"
-      + "HVMtntluYVF1P2iW4YP8zoBHPN37F/Wi2XVRweaTAOTErvgaWoiC2vwA3slAKgWhpIP61x3xKcNHr5jXBVfw/us14hEOHFLHqXv6kD1w7E3FR8UFSAZs2KqZ"
-      + "1wbT7KstLRUjgP4QLYjkBAZFGfz+0WTvdtHHCcH4S9FXYkmQPFdll2z7g1eoUFzbFCL8Drw7KaBLZusz6PwoWNdrxiYo4PdspDN4tvqTarJgrHbwPa0Fkbee"
-      + "NBr9oQ5s/sCcOlJLRCVTq1gG3OncrC637hkFILjuN2hXom3EGKNcMqKkl4AXwBkS9R2jyujdqbI5RwUtxK4AIjYjRwAZ1kVgZIm3IPNzBcBEO+Gy8kdeEx+p"
-      + "uYZ3tzvh9zRhfv9R8BtbZg6QWoXVBOAyPw5PQLPNAVVT8FebMZZ6It2nV738rjKprhD6/WVe8GpO2c1SlBx0VmSdFMfe1blp1+6atW6Jx/1HVqwYydMO4IS8"
-      + "CYRhWUqtbcjrwlgK2qjumHUKhzTHNpaeB+OZ6hm4TAIz+d4nxmXVCulgYKJ3CeBNpO1oScenMczI3LNUIdxfNYWDCfEq0zI8MNRfGmR6NByODr/SJNmYzuE5"
-      + "EWz6SsIGiT+tvSXZuPctoPsbElcTogedNpweolGkePct12wClE9EgWKjUXecrKqYskahWy9NFSNYCi3oRCn6JgVWquqTK+9ZKX97E4ehepoW1RvDWRZPQQpm"
-      + "gnS20H3H09NHlsaw20GnKjbry7ONZOC04NJFmLMfX6BuTMBsvqr4Etpf9HFoS5Iip49CfcVoyk13e3GY+PzpB4I3KEq53GdeRW0zbb6KdMBuLxp/bhWwJYAX"
-      + "A55AejJTMoBhRiKvHMMXIVn8cIbd1bG7Zgl5+OJCGjv5cDBAa48MoagSOTe0hCUyLQO37vgitQYDtZOYMulGpGmU/+nv5XtKi//TFVItULNUSjOz/+up7ucw"
-      + "BPayWTR2+Y3jFUZtoJE0kPn/tcdCapPCUk3S7iALf5G4ffsAE2iUE/fl4l7kQceg7aGb6bTo2sYBwP1wB1+akZ7l5SpcFiA/+i7cq6lh6j2d/7z0yyjC35lh"
-      + "A/jesDIoZ2Q1Rl8eNT1QQwQbuiTNw6uwOcDZtB3kObvfxKA2l/CuPwYyNt6tOMpseuuIouZWFMxKuCdcmq/gcfKXkxtKLCPBul96PofuBFF2IVVozxhi20ae"
-      + "yMOU3VL/RD9sAOfU2E+a1rxUuw+XpHJbqhiWkg298lEcwKEweDiMy4pQDZb9Lg4d4z/ooygLW5GpTdXY/9/owUHEy//8rRk9Dxw3kXdPc/qFlgXqws/sebkQ"
-      + "GiYLWIkRVWmYki1hA4B+gz0CuEZyoCQprijMnMQrSvFe25IqdLb+z/8I807Pyaxg160xJ9qufVRJzJlzQK6SiVHqpKSKlrsL13FEwcLbHejOYSp/t+aobf+S"
-      + "AgM0BapbnBQajid4UIWKnvrbYiBdGT09xHyjsiAdjF95vatTyZx1jit0+rZvZTbvICVQVdOPIl/B/wAxEZNs26+kwqCac09DZHXU5x8C0bo1H9SHVW/0pgTE"
-      + "SraH7uZIGOPtdLzmZCwb+1wESZwl6kJZOlYnLSqzG86e3NbRTAUoZkkEEyw8OJKkjlCzw8dqp2gYepdOdZz4VEGeAMGsFE30NWTMgPJPf9PQE3YR1HV4OvfN"
-      + "OUOQGl1eDWy0tad3DBXATRzaYXgCjg2Ml7gRYt/u3UjSOxWVuu/LMHQQ+76lw5IlnhWhUZm+VgoulbngdzQf0aFA3uYuNrS95KXzF+HRFiZUSEERqnpjqBF3"
-      + "rf/Sit5g+vAMfVME0V4PpwJe8nSwzwzc1pJO+nk3JVyYOLxblig7F2s6K5dapSAw2B7b8K5ARsBqzd8V+KTQ3FkMHhDYqd8EY47urfCBLhUBBkXtzJ0t4N2O"
-      + "nq0m+dHtLh3eVK5uqF7jBMXSka4KPDMx2dTHzvwVJ69weMFurp6cc3iol69wDMMXvzL67tfsnmKEnVgkgRc0NJko2jH1mWmGNTMYWd4DJvFgu9Tw6LlpJ8q8"
-      + "91xdZHUiuv7x19B9DrE3PqUAqjazKTiTfEzdCghOePjcd1S8Sgc6lIBFBl1/G0jKStklnt6OLP28GLgDDPgFXed7tskzzR0VxvOpHOm6yH7OtwAvce/qQ20u"
-      + "frgbPh2/3mxuklBOKGP3oWZ3tSIwb1AgDZsh/Nx4RggA6o41QMQn3AsCINy7jMeVXHT+q7zoh604qUZoufJ/pD6BqU1iqI0Go69eIY5kIpMIqnVGuQorhAlD"
-      + "yyzZrYgUccJgl0IlZJc/mTaIwlLJoEERNC1/MsmThyS3w6Uvblpldzfz+27qEUT+obDef1OoOi3fhIFiArneMF83XFv42RwQ4/orJhAqcMpXZVNCCrU6+vq1"
-      + "MZJjSKjMTjGpY7Z1ibyMP6cJXi+VfX+rnqGEnYfYWabE36ElkT//mxVo2KVAfkkBwgzthklmPvIyCcVKCPyZMvpTxMECBC5N+erlWRLxj4WYWW1UH1UK/1au"
-      + "Gq4DMKoWAQ1lFGHD8VeV5+FN5xX/J2dk5Y6lt9yX2n5SoAwfFueoDLpqwadp5vXY07uci9HWzbZC3QL8xrmofikecyaR818hs+PHBW85S5Ovr2xj0DjTJgtw"
-      + "xVcfUWXEp8T2awAJhQ3nrVS+R+zD59S3a0F5WIwNRqHHwKmkGwfMDq4RHB4ENdEQvpjNL6cTXyqVt16oUQDvQi9pMz/byAmJ1PRc9q91/ydxWdyaZqyBL6fY"
-      + "tb1t1a7NOK1YdwPi4oknCfr8nRB1Z8fGOqc8plUIvZmsepwMDcSlG4cHjFktN2YKB5b7yA5iNANXlm+Iw36WxxIU34b1YsJppaYY2WISp2XByHJmiQy1rGrF"
-      + "lvD72d4MS2eCcHe4sAntlUgR36wP2Uv+VPPcv4rcqOGhnQW3My8gFtYwKCQ+gcjLgFlRQbpSi2LiRXtJmpJm64vmjGW/H0uhDMwWCUSh3BEVH2fEKq9AVAOG"
-      + "8RcyIWhZK15YrRWKYLBuZKZhNo0AM+LM4M+z27FJ3wrs3wqSIORJ9ElvnIlFXFW5p9du35qPRdwJTaEVHCqrnkWfXcZhMxCCi2zHG96upHGMHN+HZY7VgWPv"
-      + "1FHeShdjeX/Q+jFYRt/jKWLxuRfzoR2t5FVSHEwt/8ux16JqobAfAwieiH0B0HOiRW1sj9YmzivDT4u2T3py42Wy9Y4eT2Lc9Tc8pSu5hI+gIght2BWHRS35"
-      + "GFEbhEi+c6txChbdB5uIlt0XLSiUdSFWE7fNG/hME1ygKq/G2ctsn5R/MDNSIkLxa2wx5SgEfx0zJMq1bV4M1eWkmax6FMAl4wO7V+oJ96rHT7YQkpImdWwX"
-      + "dTxN0WJRZtw4MxJ0Xixt5Nx7qWSWgNgDxuepDEPQ8GacCTFwO4o3h72fJVk/gxMs+QMVHkoWLQHMLcgB4jdl3u65i1D6KFR+SWBYSIYkwLYjZ208nRvIlYDe"
-      + "bS6juXnTUABFflyHNBZtHp2jtSBCO6NCx1t8WDBfCKtyHyxomhQIohXdSgq2Qi/UkHaYAvRU4mOi5HNUkxymjkbJ7vTT+IJ8+alR2d221TExYzQ/BkxeACeG"
-      + "OMa67cxJQaN6L8eOKZgOKStMSHnO7gkrqQy0EhhTKEzFJwvC8YoMSF5xpA/nSkM/LHibtpcQ9OsUVS9kyc6Llr0VHPcrWpkuM53Wi/syKdNCWAt4wpn2y02X"
-      + "oW6Z2eQTOKKTm1gMj3f63y3dS1MT2ycjJzuzVSllE7vfIhhWImbQXFcPT3BTFi3jUAV5srcfeFmCJq061UBWNSjsbKzSvTMBZEXgj1G7JRg3kgSqtIdBNZR1"
-      + "p3vumrVE18z1g/Qdr+E5LNlANxFDfafmWVplPImxtA/g3wG5mN2vehT78p/FVHasqrXefqT5YMxP1jVKILIHsNwh6buS/+iyKkTB53NhE8ea+9kC5YWZ5QaP"
-      + "BxWs4KoLkYsL/x1AAoySSGWYwrp4y/JOQQNAnwegp0WHy/dcDkfJ+K74pcOIdsD8rNP2xKp/qlpVlAlhK1SodB5oOIZGKhppJ5DN4XI6dm+UbYtJ0qTJX9Wz"
-      + "CnfvqLjaVmxZe0lg++wTH6LJ+DcVFo5NHBwZbbuDC/VS/D9a80JJpT7JfKYwMrtmFJiW6XZiq8t0JCClLB19DvDPNd+gRv4tKpIKJFozq9hP304zChDQF/go"
-      + "7BgKdfcTzYJ45x07gJY+ngcAcla8lx7i1XVrX5Hdi+GQd88GP+cG85KEAS9gE/u6uoYBCaRPVUpXutiVqVKrpFPe6JWdRZ0Ai6dM1e2LH2q7zZ6lbM2KGw5y"
-      + "OXmCPIs0GpzlkhdbyzVvEQW5owJ511e90qk2X1PD7c/Pbv8kN0+Mj3IZpACv/7qdgZzB6YwNBXfKscV7WZMw9EVpK49SOW05za3ZCJQWcYBPJNCbB7caaa6N"
-      + "dD4nmVFK73AG39bIdBzCBKSw8ntm/Nfa9ZfFkHXPbp2xCQEE1jCVVF0w00V2Tm/YzRf7JNY/OneiGv1aLYfKI2O7Jjx7VvmcInm3kC7GnzbWaV7QSIQpYwo3"
-      + "AB4a9+DFwj9AvGhBxzl4+TVzbA3rj1B2O7a7jRaHK5RvZd1FECpOmQq5S7aEGbC0gjk4hgIPn4A7jzSvLkjR78M0wM0wmgD82wRkhHE4euvxtW2Fo81RrZFz"
-      + "tTm2w7r/tp3GxxMt/8OyA1Y+WW/Jy4DYDcCgskXCLqDk8CDhWiVnHddqkzVmAR+bjXO1brvc6MhoYAW5YVl8R4z7tvd0RLeFu/irSQEMv5B3KfW05lvm1rhX"
-      + "BZbRTgM8Jt4PxmaM9qLE6QEcxrh2+nfbmWIRNTC7oDOx1BedVH8KuUmeT56Xn7KB7FEXnN69AyF1TAR+pyQgL3hNdyYxXWekvqxLZmIYyIVDkOeS85tzWrck"
-      + "j6CHsoU28BWcnuHgnkjRb3jgrPxgdg9GUkeGvFzhceKZ2M95qEGO/EMd18eEZydP6VZy3rlgBvppcY+lemlKC5N+n6KXDqXAtF+2li31TRWvTO6SzDG2LEnt"
-      + "AblF3b/kx/DWCRlBWaSonCwePM8lubdYKSp7aZRVNbw3SdHlM2TPnD3aMvr+ribBkgHnu7H5qUDdSvp9tSXT9WLZ4X8fGm3SH1GCbb3eO35TpDAPLWyNq0mD"
-      + "Xo5HDwVmKTeAEcCCX0WrHZHsfszYrn+HgAQmUjdgt3BnDTrPyi3NbkM0g8huP4qyXgvMwW3MA1ZeF+HcScj6mSoqkH2FBopkjmNagDBv59ubMQoQZwNxrwOT"
-      + "TrwnC42AM5o7oliEjS91LqNvbNyoQu695SfYJk3D3F9sbgJgTKD8V4u48QOpD0gU4Hs8mj/qOdn0R828+WS6sIkU8jaPsDL3x/Ww+P5DUoa8DMIgK0NALXH9"
-      + "GWaM0iwtBWRfXXk/aJ4rkJMrVFIjXPfykyMTQ3cVW5xPy+X7PC1yPrUcDoKYo6uHDtLIJp6d4CC3cngbOo7on4CmBJlByRs7ctOrSUUFJa0tQrcD+UslYHrW"
-      + "mzBsIS+9YuoTBBZyUbq79mxe4OW2EewiJaunD6KUmhC+/4sbyS8mdg8XDniwv1okDV0Uo1t8bhfv88/U2f0riL4t22rmSH58FTNFC94hz9217GMX39cKbLRu"
-      + "WhCLnigfnDnt25NxFn4bLfLUBTcgw3NDXWkDkmbKkKYo3s4yTd7yH0fiMWiVR2lfpV1LRQPZthgVVklZ7pySxmDHJI2xx7SQeQV9VujgAeY48U3Bw+idk5Wm"
-      + "VHdQXojHDUUXUbVVt3D8CeBmvEdtWrlCFmLJYdCALXu6bKGYjxQLeakDvM0KtzyStVziWC1azu6ZAG7/SRp7iMdzQSBiFlQE4WLGWPm8s1FrNiZ/+Z9EC9/V"
-      + "JGBxZq6LleILkaoYaw5lyhv9bCMwjFlAg5/pTs4I7QDOulklSPuG/TdLlzGOg8ICOn82Xei8Xw1piTD2L+l9gksASekCKo9TUJ5l9b2Cg6TiDh6XvVkYdmdI"
-      + "PW2AUgL8lsUYGEMzw5aS6T7LXJ+oWMmhx4zxk+37+bpFgsreXg/kQlcMqI5TubAPBYMjkpQL7lecJc+HAHxlPBU0WN4tN55I46sujfhyKgyjII6XkMx+F/ms"
-      + "et4stmjzRxCg84F/NcbtAZXR0lEqQGpilP2/jZ5Duh72X2fl4K4J2JjRpVYY/Mdr4Vf97otagJrDG+XFjcCOFNkpYDaLJYzI8xIczvxWwaa2CrrvNVvXTmUl"
-      + "oGpRTk3vN33tMoMv3WQqHi8QMCcLBx5FkSavinoGmBA3idzxQEzO7ZufBYlDeaZLs2a7n2I5GyST33k/dggMRpvr9ghbdqppKIFzTs8bHJxTKz6Rph91xuKO"
-      + "xMjtnHVIZjNQDzGf7h5oqWA0YYW8pDSadFaFEweTcP8IEIk6ugkBwwhHz/S0uNSaIiHl1ncsWItCJY7oe5s8FQANpMhMGvLggY5kbYM+os+ynTr6+cQIlavC"
-      + "xP5Z2Pd6u9tZcAg0bQLZ0Pu4KbEluN5lGWwNRyAtgkvYVTJbtxOsDxOS59cmTesJRPDwqRPIy4rkeDPWF8LUfRUqwxzJcGrJVO/uzpM/4bGVwlKfGtrR5nMJ"
-      + "8Ot2PDxUPode1mem8xgwpuJHcMAI1mGC9fyCd/cszfZ8X7HDpzA2/aoKRqTnFe6I1qFc61qustdwdINwnTPlrAPgUa7/4U2r5pT0KJD7JJZRiIO0B15Rv+V6"
-      + "bzDT+7S+mIAkLutba/cIqBR2nn5HuVy2TwPILLwzkW+SgQSAMHCdyj4atztd2SfFx8peK5JfEzvH+hNFkfYASk48CKRC9uTzenbckre1p5FPpaXAC+gRbEKw"
-      + "JZH+3vrykeLSKokJZzfMy2q7JlDTS5bQgwGtC/P6/NrikGtbWtJ3YAzqUC1xhG+ixFpP/UWl798YRWLByG6RYkWm9e0ITlkogcUxFnFQh7Xw6jOOyWB8+CGH"
-      + "id6CKXyzI3BrTEpjcO5b79Q6YIvR6Ep+YUFK7jt70SXHbStcxhZGo0YFmQfPjjqYgmoLds0leKz9cpwYUPd9jOdy7pK2hvLUmvyBGUNYZQhxgkvwj7i7RALB"
-      + "a37DKUCokNYkAp5r76y6QZTRkUS16FAg3IS/uI7mvWCl7x7JTLOuKT4L7C2nNN+cvDu5ts4fXtM0U7/y7EnYTMHKm5PQu0/h6qMDLWwkPL1kiiTvwrsc8Vl7"
-      + "DId98yNImT7ewl/C4N8wzpp3UnGHe4lS40aYpWDt0Zu0lqQwRWGM5P6KwmfaAkGQ1nSazS3LCAZaGVH9IWADEjdpbyekOT8llapspjIrcM9lnaXZ+0Ae4r9f"
-      + "0yxlx0e8v2NxyTWOZbVlcVwJXta7ZeDjhO6BYCCNeNLYm5HlAvccyR62zhm1dizPaCXLaX/S4H5ersVmP5Zc1jKG+iieUKNJcyWxefr/IXrD4PNIDD1OZGU8"
-      + "9/jVmc/02KKly2DlVPbtifxqw1nW1KXeoKJFmBkUDc+L4jiOEic8Lr6bnzzpBbh4laSY+zT45ZXeFOCXOH0a96YSqsKwsNHbUhOI5PzEobKJ6LQCYt+2f7yp"
-      + "X3gbVSbDAKBVfO+V4pabljPCnyAVg6HeHNW3h89ptDOt7f4I7JGxfsP2VosTJYmCxvaH2w9fGaMEhci7OaVeSZfUCAxrdNh1VlXPYio9dNanj5jYJLTXin3w"
-      + "bq/NqDEXWLqk34BGun7h9fdRyj7LkC03ymjlYdnDfvOP5GY2sZA9H1ieQShe28Z5qPG96X9HFAGtHWkh9a1YYcFwIsbZz+cc1ffgCqb+xuPwTwI5YWY8ipZo"
-      + "ElWZ84hLTuSrXwcXD+2Qfz+obXqszKRXxhz3DdX8gbwMdQ0a14OHDc20zVMVNMfJLIvo7BXUS9vxKIr2yVuIR5n87SFXohPi6RXcUaQB5W4G+h3fWU42xpRZ"
-      + "QMnbdnY1vi2w4Mrf8PYLPPCZkyX/KwkB2MSU5V0ZiHTJ0//TzFQVjdSsZWRMqA/n5GTrBLNiL/s8ZijOwNBtoNJkknk+tyLU2WztGlYGicOdRml9XDdMM9fh"
-      + "zzF/gMzJrX9saofSrDMRGWSRlNjylnZBt7tb6+f6Lvwxe2KH5KjaQh6Pla8qM/sZDBDoucSArVKFByXupluPIrWAF6rlY005i6M6pDk9F8MZAfcVUWQ7hhci"
-      + "ycSlnkFy6NpFYqnakWozLuc0PInSk8ZG8F/14+3HvOYGMGRsSYNzebOhi0uwzM9pX5QiXNDJupE62ejr9f2hWTmFkr8IuoCFAZVFB9fwpFzSnPtJp3TEcyqu"
-      + "4eonFF5PJFk3KlXSBifIqmtzoF3QNkwqRl4y9RCfzVF6m6EPtEJm4GlfooSw7cVYMe9ZqjJdI8/JAmH7yny3ewe5P1tAvZxrmEd9KvDIHnAwv5mkeqG+3z0v"
-      + "fxrBbtEOtfzQp2T7di1PgBhTGF/ucXkP7JMhcq6mS5nANrpwrpSpImZTaRHHuxMD3EuXYsPZxgt1S+e652wYOn37vPkz50d084U1sPaAYrADlyHVJPRaoefW"
-      + "y+fsx6IIjDumQFRQKTyGsYTAY/S3GzkOJVNHwgp4MLbCWDaQNsJsx31Yhqy/CAXNtMnvrJu493mxYLqBEtvr+zbKgYL95kahksuW947VafdgCg2gpJHLyG28"
-      + "eEXfh+WZv0Y6XhAcP3CbKw73vPQtUx73I09zYmDDtdnh2cojbxS2ARnDIWZAuz7c2oXfIqdxEB9s2hwpwwkxTsDlF/klE2qezZjuU+BZTsdmOYDapoat7TM6"
-      + "xi95rcbJRSp58/UMDchUDVmNeEhx7xWMDJXO/f6/hFdZf2WzxVO3OgbB+MOOQqI1BYS9iL0sutIUTcBGUxsMGdQMBFVsLWGgRxYWBbhWwutQEhRmm3Tc1wIy"
-      + "mYlaCEqXqfRzAKuB6zWGEdHbiRVH1S0dhaXfQ2NKq/f99OAI2QHJPFB3ERBamQeJ0cq5zGLAj6uPiO04C6GXvQ74XYTfTbNZbuQI3Zc9IR8tCXJjGGoQ1D65"
-      + "KFtwhmMtrT6UUr1tQZqYF1WaXoFZbPgiB3By3fsFAXg52iwTHbnthcez7h/Ee3leEKOAIzJrrPiX9JI+FBJhkOkuq+ogqWWOuCT72PAXzo4L7ki3wyZSa6o1"
-      + "QVlMKfbupLlw31dFATKL2Z3ekg3D9Yez4rpJNmfJjOxE1ue/62wBcF+rcuYSGKuFSyrWYXPhzI3yekRnbKxtq9Q58o70r5SLULaAim4ZhfR3lnU0ln8cPBFN"
-      + "TWeEiXHpwSa6ANlW+q9GHBwZmtOzbj77h/Nl5Pu4f6WFavw7eICxRc6prGPJDRG2m8OpRFIw86ADAbTjgSoUIp2LGOIunfKdRqKFvgxDPAGdUEt+ikpbXT4O"
-      + "jjIFQyIhmBnqzJq/rnKLi83CjN9h2dFDZwugtw8SQO6vzuDxytBB3nUIzC3AHbSeo6ojUtLFfAODVzn1Z6HUCNjmP5twKWG13lMeLbEy0D5isUwe+qf5lNIQ"
-      + "6oj9TaBVTUeU/Zh67FTgz/AJMPFq2Es7Ze8Nl4nCO1tcc1GyyLwQARFKRBbddMbbEZ8Y3ohKW0/6P3tXn9cDyv5z8DgzcVZUGfe7fw2UsfrfWnkv5Ig+c719"
-      + "umJnnoUWOBdFF1lCbfd9FwP6IMygqlv/qEqs5Wrvs0ozR3r14FTnQo8LArC9VWC/ABpYv+sPW2dMjz3P1nHacbuFuf84QWhJMXSQzn79OLNIPxKP7597UmXD"
-      + "tcXoKRI5rWm9Q//YHrXzpyNu5KgYR1UjXIZF3SjYYTGA2Oj0X3hQvRDlOZVAFc+KAM8xCMQ3bAuymTFE/POXq0JYzUb5tR2G0KF1FX/iaRTKKfQoR5KlaNX8"
-      + "SKqzit5oGMmnfyCWlVkYVc1t2ZPkE4Y5ZzFx3zokzxZo6ZfT1LoniToPPqGMYLEjHRRTsDR3Aq7wbsZ73glgJ+SNI8OYK56Ur7SzX+K0EPV+AX6SI1mge/CZ"
-      + "hCuO4wBPXBERCSibHljh1UFacghrRmTGYiRhATbm8LPiM5dFLxmEighVNFTa1MBohXIf88zRrMAt008xlDuUOkeGwiWnj4+VHqpR2/i/bmfOFKpswuuCMfuc"
-      + "S8so5nTvCZ1FNoOyAq52VP49MWTIcIhd9+Ej4vw2HO5dKkpbyvyB3q9qy0GQ7AFnYy9B9JjQFa/9sTj2SgqDbgMsq4pBgJGOCE2Z4o0yUsyxGWvTlCQl0cZM"
-      + "1tIOy4/3CJe/0g6VB3qepbEw3Ov+iASlqlWqwCTAVy8Hs7UrFDTSCtoChJaB0VbDs63oVljlamCOzrL4pqXea/WQW8WpiML/v50N7V5RpjMMXsGSBE+yNt7c"
-      + "nGte31z3Mej02VgLfRj9ocmPb1kKvon15meS92O95z55ZlC5BNzjUtUa9Dno129H4UTyGzBnIyLmq80QxroDQpfgawlv+LP23HHEVn1SYN2odPt8M20jXAsW"
-      + "GLAY8nSi6dQ4CJkLmJ/qcH+V5QqoH5FpF1MIqgJCseNRJv4tJH6eM7IXb4ngumO4oahs43qRctDbgnFzEQicBswF02T2cyzJIqljlGw5vep+vDDRsPww+THq"
-      + "BNAtQd6lCrOLDIi26JCNbd5W4f4xm7p3kUbj9CagWMYztTAn5Ks2IQiQEsldziyoGNNG+UZwj0rkF1s1+GF9FEq2poYZ3ATfBR/+oVTGpUXoA9aCq+dRzXJR"
-      + "yRNH1J8Xii9qe4/0wsEb03QWmn//EuU5/8i1aTxRPPAfzsNvloSxN/wK2jhOuwSB7wRkgH7wP6nroqBSA+IH2mPkgOUQSBg6xQgGU3ribwxkBNSc98gv0aHy"
-      + "z83bjZQYFQgzv0fnsT/pwjgIjBPPSlcxVFDnBmnVG6y/HyGsEtaMcPZ1uKzd+jcAYqj9iRCdqE+IzzLiHjzlPYKRMjkjEE4jE5e0YRNikHhgYETpMNrQYzw9"
-      + "i4/fCPKEsgj9nzix9q0R1SNUvG1RezBBgkZDycnv/LIRyoqRCckqFEiDNpjnkXmAEcvgV2I7Fea740UFEK7ADVMZ5UtkVhu96C+50m1KwlAbRbkGTCgGjILK"
-      + "eumPt/NLjRPUP39wUiGxdRByd+mqsCmyGdQNpOGaBMLUSP4A79t3otRqxGfDG/fYogSYq8zt5SscU/ENJtIsHmU1I1oxPbwLD+HB0WP5ccUNF3qfsg7neAKA"
-      + "6R4G4d373m0UV3qMKSyaCPEE0cDJAzxFl1Pi/Y616J1baAo+dYcTkRTHno1sRT+2p+H92SYfRaL+vz8MWHH8L07JmcsXqCn4jt9AxHgNor/jNfBGdVN0wIbe"
-      + "+Ju2OBmmuJL3SuTAz4b0pHzCugauGvw+PVBGXBcU7d7MzT2i1712DaSduIVgB9apFSS6Mh5/HDGWxfa5Jjlolt4H7ZKE5uqRoLNWfiaFEnegOtfR1UA+QgEM"
-      + "Oa3TsF9WNX8PIVZF1n9MVHvAdxKmfU4AYzWOfVBNd7PmQU3PMjWawTc0wixcI6++iRnCPJNZMtUSbQTrH6ujqqyIbqjFoA/hnZeBn0umWoRivffpltaZmBjt"
-      + "r1D57Mq8ZISvs41p9uvUGdjs9AIz4f2YQhLZ4XvjkhXEUsAZBcZLGxR4gHrbanLKeXNAwF7E5vq8IYDZWSD5azWD5l6rxk1QwwnTEx7QnavNZfn7vc+Yb1eB"
-      + "FiDAp8fq6ShmE3q18xd2S73u1dUfwV2J6pkoc7LzUIMzv3kQ05mAbSFOFNPL3/8Ftgc6Xo25FbVZv/DnWZM4o4BcqE9g/MbJNGdAK5iBVYQGQSYkgCLJnowl"
-      + "v2KdZVLKdejHMqqVIKEuXGV0xmUIjMbQT4rCntNs6y4pXe2jtct1EcRARsbuqbBMZzKuCzzMIg1V96UO8IH9IMW4I+GIFQ2/OMYjdawDI9pM9Zi8m6VFjvXc"
-      + "xbk6zr9W889mq0KOLMMBHvsabFK50CqetoZfDLl7uF5JczwNpU6YA/dgbKQ7bRml2juKbyG6d6RgTm93V4F4Bv51yzPM7MWU726CD+o5jLLcKIrjcjyzPSjy"
-      + "iqAHWZJUV5UxvOyjL62ASIRC7aM0DUv+siFVZGxpvsV/9XfNAzojAajpdETnnN0LbwzqBn1Oey+lDBR8/Fol180oFa22vRCw+kYAg5rt0EduaTngpfn+MCnd"
-      + "LoI6o1vEpOE17BDv8oKUOIcwITawf8wVR506DzwWOLTv07b/JLbFQ16WfMkZkU2XR2SuawoTygBa/YYee0b7PmWvh3x8c4qFEEM5+U8DE25HlL3ncNOL3ExW"
-      + "7BwxdMkFOxsokjHBF7osfkir4tTf7b3AkYw1Oia0bLpv2tz52zGaNplFuwTSCW100B3sW787/cufu2j6PPkGivL4bI0LxK1AMAvW3qBq5PQQ9/Hcd20UPrrj"
-      + "EXPrYWIkIQv6QcPsYdPuiNuBvW0y5bBHnwV4r3FRPZYkjxlvzoyDdhVVXPqK7py3UvN1fGm5LMi7zT6pMcC9I/szeSieruDLtU/Ynls5b3JFMwYBOb22GrQF"
-      + "ka9HVaAssbICnjmivJE7yTs942PI4tC6gM5qQk+NOR98MxTuNslgg6tJxEwUqrW2LeDx6I3bZkLkZZ2ccWYUzC8YpTurLKZbxlhTUbvVV1I8baB6Bt9SXK7o"
-      + "FI/VEFlj9H2e/yEgFObfVZOVkE2mjUzxI1erPa3TFpRZtai7g/h53dlYeTQcgQwVxY5ZMOZsCQ2DR8InRfiWT59nR/eyR9ZoGAj+tlFmaZkANXNdt0O0Y2I5"
-      + "ZLynsAwqRFxBltz2hRyxTErbp4jnOE9kBH0Gxr2LMNkKDPgJfw5RELKCkbBUu8MZRljgxB7tq+EYABeSCKphqBbKSSGpzBy3LstEcnOumUpn1xw5SHUL8Pcv"
-      + "l3Rv3l6Xf0SH+6JCrUMCxXqm7DI+zbUOoZVwrU4nKALqntvKK8WCsuk9EqNmuY6wpZ+tkol/jz8UtdgqpOXvaQn5HTyXXJlPu+n9XnwQZvY/S/SpLNZGrXwT"
-      + "hbUraB9LrF0TdVEd3DKMGjV7F13Z9nZmzQeb1YHE9+bp/sufBiQ/vw09cV+xumGPf9IpnsN6TU7y5h7FGrxo3F9hJ86zgvdOmaHgkG+WLNTCrrPIGK4dQJui"
-      + "sytXlsQKaVq+GKLl/MUXAEHJ/Trgq4cQl2cDtYMUWJbEaUw363vFIK4EmpasEnsNWKh8xpsgOKrkWu3ZuzEvlTQZf0Hnv9ESy4RDzWD9ZUX6YffdeFiXjooo"
-      + "IT79m8BrkwWoaigrzMmYduHQ3RrOMLeMrg1Ip5BC5+pB7hjQ0sPR2HEG4KO6ga4Z1D2/jntBvvQD5AP7387OQyDlnhQokTAEukV9LvyCwJjsf+nIUqzCP3AU"
-      + "PNiQsYvtgXTXk6J4YUratb65a7bcYTAwCWoKNcp73fZKmmq9xim7NksjmAaUAj3Ifwgr4WPpO7WMtSUZZvTuZ6J9MYwKt6mNafinBHQ44i/5Sq6QXFVCX9/R"
-      + "37v7v/fMc5qjN1+JnqnLqEYu6OsUhT0RUO1/R1Q9d+h/pweWxtpnt0tX4cT0A2g89ZP8nJODfDxXsg96A+d9CHSFHJnQpq5nDF8Tm7A7mg8cqd0D3AZEhREf"
-      + "IPYmpFOmt+LoJzBfBcjZHUQ+Q5BCdoUMW42ORYyOab8Q1VsaCxl8QabLQCYt7YK4DxI=");
-
-    public String getName()
-    {
-        return "Sphincs256";
-    }
-
-    public void performTest()
-        throws Exception
-    {
-       // doBlakeKatTest();    TODO: we only support Blake2...
-        doSHA2KatTest();
-        doSHA2RandomTest();
-        doSHA3KatTest();
-        doSHA3RandomTest();
-    }
-     /*
-    private void doBlakeKatTest()
-    {
-        Sphincs256KeyPairGenerator generator = new Sphincs256KeyPairGenerator();
-
-        generator.init(new Sphincs256KeyGenerationParameters(new RiggedRandom(), new Blake256Digest()));
-
-        AsymmetricCipherKeyPair kp = generator.generateKeyPair();
-
-        SphincsPrivateKeyParameters priv = (SphincsPrivateKeyParameters)kp.getPrivate();
-
-        SphincsPublicKeyParameters pub = (SphincsPublicKeyParameters)kp.getPublic();
-
-        isTrue("blake pub mismatch", areEqual(expBlakePub, pub.getKeyData()));
-        isTrue("blake priv mismatch", areEqual(expBlakePriv, priv.getKeyData()));
-
-        MessageSigner sphincsSigner = new Sphincs256Signer(new Blake256Digest(), new Blake512Digest());
-
-        sphincsSigner.init(true, priv);
-
-        byte[] sig = sphincsSigner.generateSignature(msg);
-
-        isTrue("blake sig mismatch", areEqual(expBlakeSig, sig));
-
-        sphincsSigner.init(false, pub);
-
-        isTrue("blake sig verify failed", sphincsSigner.verifySignature(msg, sig));
-        isTrue("blake wrong verify failed", !sphincsSigner.verifySignature(msg, expSha2Sig));
-    }
-    */
-
-    private void doSHA2KatTest()
-    {
-        SPHINCS256KeyPairGenerator generator = new SPHINCS256KeyPairGenerator();
-
-        generator.init(new SPHINCS256KeyGenerationParameters(new RiggedRandom(), new SHA512tDigest(256)));
-
-        AsymmetricCipherKeyPair kp = generator.generateKeyPair();
-
-        SPHINCSPrivateKeyParameters priv = (SPHINCSPrivateKeyParameters)kp.getPrivate();
-
-        SPHINCSPublicKeyParameters pub = (SPHINCSPublicKeyParameters)kp.getPublic();
-
-        isTrue("sha2 pub mismatch", areEqual(expSha2Pub, pub.getKeyData()));
-        isTrue("sha2 priv mismatch", areEqual(expSha2Priv, priv.getKeyData()));
-
-        MessageSigner sphincsSigner = new SPHINCS256Signer(new SHA512tDigest(256), new SHA512Digest());
-
-        sphincsSigner.init(true, priv);
-
-        byte[] sig = sphincsSigner.generateSignature(msg);
-
-        isTrue("sha2 sig mismatch", areEqual(expSha2Sig, sig));
-
-        sphincsSigner.init(false, pub);
-
-        isTrue("sha2 sig verify failed", sphincsSigner.verifySignature(msg, sig));
-        isTrue("sha2 wrong verify failed", !sphincsSigner.verifySignature(msg, expBlakeSig));
-    }
-
-    private void doSHA3KatTest()
-    {
-        SPHINCS256KeyPairGenerator generator = new SPHINCS256KeyPairGenerator();
-
-        generator.init(new SPHINCS256KeyGenerationParameters(new RiggedRandom(), new SHA3Digest(256)));
-
-        AsymmetricCipherKeyPair kp = generator.generateKeyPair();
-
-        SPHINCSPrivateKeyParameters priv = (SPHINCSPrivateKeyParameters)kp.getPrivate();
-
-        SPHINCSPublicKeyParameters pub = (SPHINCSPublicKeyParameters)kp.getPublic();
-
-        isTrue("sha3 pub mismatch", areEqual(expSha3Pub, pub.getKeyData()));
-        isTrue("sha3 priv mismatch", areEqual(expSha3Priv, priv.getKeyData()));
-
-        MessageSigner sphincsSigner = new SPHINCS256Signer(new SHA3Digest(256), new SHA3Digest(512));
-
-        sphincsSigner.init(true, priv);
-
-        byte[] sig = sphincsSigner.generateSignature(msg);
-
-        isTrue("sha3 sig mismatch", areEqual(expSha3Sig, sig));
-
-        sphincsSigner.init(false, pub);
-
-        isTrue("sha3 sig verify failed", sphincsSigner.verifySignature(msg, sig));
-        isTrue("sha3 wrong verify failed", !sphincsSigner.verifySignature(msg, expBlakeSig));
-    }
-
-    private void doSHA2RandomTest()
-    {
-        SPHINCS256KeyPairGenerator generator = new SPHINCS256KeyPairGenerator();
-
-        generator.init(new SPHINCS256KeyGenerationParameters(new SecureRandom(), new SHA512tDigest(256)));
-
-        AsymmetricCipherKeyPair kp = generator.generateKeyPair();
-
-        SPHINCSPrivateKeyParameters priv = (SPHINCSPrivateKeyParameters)kp.getPrivate();
-
-        SPHINCSPublicKeyParameters pub = (SPHINCSPublicKeyParameters)kp.getPublic();
-
-        MessageSigner sphincsSigner = new SPHINCS256Signer(new SHA512tDigest(256), new SHA512Digest());
-
-        sphincsSigner.init(true, priv);
-
-        byte[] sig = sphincsSigner.generateSignature(msg);
-
-        sphincsSigner.init(false, pub);
-
-        isTrue("sha2 r sig verify failed", sphincsSigner.verifySignature(msg, sig));
-        isTrue("sha2 r wrong verify failed", !sphincsSigner.verifySignature(msg, expBlakeSig));
-    }
-
-    private void doSHA3RandomTest()
-    {
-        SPHINCS256KeyPairGenerator generator = new SPHINCS256KeyPairGenerator();
-
-        generator.init(new SPHINCS256KeyGenerationParameters(new SecureRandom(), new SHA3Digest(256)));
-
-        AsymmetricCipherKeyPair kp = generator.generateKeyPair();
-
-        SPHINCSPrivateKeyParameters priv = (SPHINCSPrivateKeyParameters)kp.getPrivate();
-
-        SPHINCSPublicKeyParameters pub = (SPHINCSPublicKeyParameters)kp.getPublic();
-
-        MessageSigner sphincsSigner = new SPHINCS256Signer(new SHA3Digest(256), new SHA3Digest(512));
-
-        sphincsSigner.init(true, priv);
-
-        byte[] sig = sphincsSigner.generateSignature(msg);
-
-        sphincsSigner.init(false, pub);
-
-        isTrue("sha3 r sig verify failed", sphincsSigner.verifySignature(msg, sig));
-        isTrue("sha3 r wrong verify failed", !sphincsSigner.verifySignature(msg, expBlakeSig));
-    }
-
-    private static class RiggedRandom
-        extends SecureRandom
-    {
-        public void nextBytes(byte[] bytes)
-        {
-            for (int i = 0; i != bytes.length; i++)
-            {
-                bytes[i] = (byte)(i & 0xff);
-            }
-        }
-    }
-
-    public static void main(
-        String[] args)
-    {
-        runTest(new Sphincs256Test());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSMTPrivateKeyTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSMTPrivateKeyTest.java
deleted file mode 100644
index 1ec0337..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSMTPrivateKeyTest.java
+++ /dev/null

@@ -1,74 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import java.io.IOException;
-import java.security.SecureRandom;
-
-import junit.framework.TestCase;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.pqc.crypto.xmss.XMSS;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMT;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMTParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSPrivateKeyParameters;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Base64;
-
-/**
- * Test cases for XMSSMTPrivateKey class.
- */
-public class XMSSMTPrivateKeyTest
-    extends TestCase
-{
-    public void testPrivateKeySerialisation()
-        throws Exception
-    {
-        String stream = "AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAArO0ABXNyACJzdW4ucm1pLnNlcnZlci5BY3RpdmF0aW9uR3JvdXBJbXBsT+r9SAwuMqcCAARaAA1ncm91cEluYWN0aXZlTAAGYWN0aXZldAAVTGphdmEvdXRpbC9IYXNodGFibGU7TAAHZ3JvdXBJRHQAJ0xqYXZhL3JtaS9hY3RpdmF0aW9uL0FjdGl2YXRpb25Hcm91cElEO0wACWxvY2tlZElEc3QAEExqYXZhL3V0aWwvTGlzdDt4cgAjamF2YS5ybWkuYWN0aXZhdGlvbi5BY3RpdmF0aW9uR3JvdXCVLvKwBSnVVAIAA0oAC2luY2FybmF0aW9uTAAHZ3JvdXBJRHEAfgACTAAHbW9uaXRvcnQAJ0xqYXZhL3JtaS9hY3RpdmF0aW9uL0FjdGl2YXRpb25Nb25pdG9yO3hyACNqYXZhLnJtaS5zZXJ2ZXIuVW5pY2FzdFJlbW90ZU9iamVjdEUJEhX14n4xAgADSQAEcG9ydEwAA2NzZnQAKExqYXZhL3JtaS9zZXJ2ZXIvUk1JQ2xpZW50U29ja2V0RmFjdG9yeTtMAANzc2Z0AChMamF2YS9ybWkvc2VydmVyL1JNSVNlcnZlclNvY2tldEZhY3Rvcnk7eHIAHGphdmEucm1pLnNlcnZlci5SZW1vdGVTZXJ2ZXLHGQcSaPM5+wIAAHhyABxqYXZhLnJtaS5zZXJ2ZXIuUmVtb3RlT2JqZWN002G0kQxhMx4DAAB4cHcSABBVbmljYXN0U2VydmVyUmVmeAAAFbNwcAAAAAAAAAAAcHAAcHBw";
-
-        XMSSParameters params = new XMSSParameters(10, new SHA256Digest());
-
-        byte[] output = Base64.decode(new String(stream).getBytes("UTF-8"));
-
-
-        //Simple Exploit
-
-        try
-        {
-            new XMSSPrivateKeyParameters.Builder(params).withPrivateKey(output, params).build();
-        }
-        catch (IllegalArgumentException e)
-        {
-            assertTrue(e.getCause() instanceof IOException);
-        }
-
-        //Same Exploit other method
-
-        XMSS xmss2 = new XMSS(params, new SecureRandom());
-
-        xmss2.generateKeys();
-
-        byte[] publicKey = xmss2.exportPublicKey();
-
-        try
-        {
-            xmss2.importState(output, publicKey);
-        }
-        catch (IllegalArgumentException e)
-        {
-            assertTrue(e.getCause() instanceof IOException);
-        }
-    }
-
-    public void testPrivateKeyParsingSHA256()
-        throws Exception
-    {
-        XMSSMTParameters params = new XMSSMTParameters(20, 10, new SHA256Digest());
-        XMSSMT mt = new XMSSMT(params, new SecureRandom());
-        mt.generateKeys();
-        byte[] privateKey = mt.exportPrivateKey();
-        byte[] publicKey = mt.exportPublicKey();
-
-        mt.importState(privateKey, publicKey);
-
-        assertTrue(Arrays.areEqual(privateKey, mt.exportPrivateKey()));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSMTPublicKeyTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSMTPublicKeyTest.java
deleted file mode 100644
index fa96e05..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSMTPublicKeyTest.java
+++ /dev/null

@@ -1,41 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import java.io.IOException;
-import java.security.SecureRandom;
-
-import junit.framework.TestCase;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMT;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMTParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMTPublicKeyParameters;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Test cases for XMSSMTPublicKey class.
- * 
- */
-public class XMSSMTPublicKeyTest extends TestCase {
-
-	public void testPublicKeyParsingSHA256() throws IOException, ClassNotFoundException {
-		XMSSMTParameters params = new XMSSMTParameters(20, 10, new SHA256Digest());
-		XMSSMT mt = new XMSSMT(params, new SecureRandom());
-		mt.generateKeys();
-		byte[] privateKey = mt.exportPrivateKey();
-		byte[] publicKey = mt.exportPublicKey();
-
-		mt.importState(privateKey, publicKey);
-
-		assertTrue(Arrays.areEqual(publicKey, mt.exportPublicKey()));
-	}
-
-	public void testConstructor() {
-		XMSSMTParameters params = new XMSSMTParameters(20, 10, new SHA256Digest());
-		XMSSMTPublicKeyParameters pk = new XMSSMTPublicKeyParameters.Builder(params).build();
-
-		byte[] pkByte = pk.toByteArray();
-		/* check everything is 0 */
-		for (int i = 0; i < pkByte.length; i++) {
-			assertEquals(0x00, pkByte[i]);
-		}
-	}
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSMTSignatureTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSMTSignatureTest.java
deleted file mode 100644
index 89cf25f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSMTSignatureTest.java
+++ /dev/null

@@ -1,50 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import junit.framework.TestCase;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMT;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMTParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMTSignature;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Test cases for XMSS^MT signature class.
- */
-public class XMSSMTSignatureTest
-    extends TestCase
-{
-
-    public void testSignatureParsingSHA256()
-    {
-        int totalHeight = 6;
-        int layers = 3;
-        byte[] message = new byte[1024];
-        XMSSMTParameters params = new XMSSMTParameters(totalHeight, layers, new SHA256Digest());
-        XMSSMT xmssMT = new XMSSMT(params, new NullPRNG());
-        xmssMT.generateKeys();
-        byte[] signature1 = xmssMT.sign(message);
-        XMSSMTSignature mtSignature = new XMSSMTSignature.Builder(params).withSignature(signature1).build();
-        byte[] signature2 = mtSignature.toByteArray();
-        assertTrue(Arrays.areEqual(signature1, signature2));
-    }
-
-    public void testConstructor()
-    {
-        XMSSMTParameters params = new XMSSMTParameters(20, 10, new SHA256Digest());
-        XMSSMTSignature sig = null;
-        try
-        {
-            sig = new XMSSMTSignature.Builder(params).build();
-        }
-        catch (IllegalArgumentException ex)
-        {
-            ex.printStackTrace();
-        }
-        byte[] sigByte = sig.toByteArray();
-        /* check everything is 0 */
-        for (int i = 0; i < sigByte.length; i++)
-        {
-            assertEquals(0x00, sigByte[i]);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSMTTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSMTTest.java
deleted file mode 100644
index 92e220f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSMTTest.java
+++ /dev/null

@@ -1,17684 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import java.io.IOException;
-import java.security.SecureRandom;
-import java.text.ParseException;
-
-import junit.framework.TestCase;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMT;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMTKeyGenerationParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMTKeyPairGenerator;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMTParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMTSigner;
-import org.bouncycastle.pqc.crypto.xmss.XMSSUtil;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-
-/**
- * Test cases for XMSS^MT class.
- */
-public class XMSSMTTest
-    extends TestCase
-{
-
-    public void testGenKeyPairSHA256()
-    {
-        XMSSMTParameters params = new XMSSMTParameters(20, 10, new SHA256Digest());
-        XMSSMT xmssMT = new XMSSMT(params, new NullPRNG());
-        xmssMT.generateKeys();
-        byte[] privateKey = xmssMT.exportPrivateKey();
-        byte[] publicKey = xmssMT.exportPublicKey();
-        String expectedPrivateKey = "000000000000000000000000000000000000000000000000000000000000000000000000"
-            + "000000000000000000000000000000000000000000000000000000000000000000000000"
-            + "0000000000000000000000000000000000000000000000000000001f5bb70f454d7c7bda"
-            + "84d207c5a0d47211af7b489e839d2294cc8c9d5522a8ae";
-        String expectedPublicKey = "1f5bb70f454d7c7bda84d207c5a0d47211af7b489e839d2294cc8c9d5522a8ae00000000"
-            + "00000000000000000000000000000000000000000000000000000000";
-        byte[] strippedPrivateKey = XMSSUtil.extractBytesAtOffset(privateKey, 0, (Hex.decode(expectedPrivateKey).length));
-        assertEquals(true, Arrays.areEqual(Hex.decode(expectedPrivateKey), strippedPrivateKey));
-        assertEquals(true, Arrays.areEqual(Hex.decode(expectedPublicKey), publicKey));
-    }
-
-    public void testGenKeyPairSHA512()
-    {
-        XMSSMTParameters params = new XMSSMTParameters(20, 10, new SHA512Digest());
-        XMSSMT xmssMT = new XMSSMT(params, new NullPRNG());
-        xmssMT.generateKeys();
-        byte[] privateKey = xmssMT.exportPrivateKey();
-        byte[] publicKey = xmssMT.exportPublicKey();
-        String expectedPrivateKey = "000000000000000000000000000000000000000000000000000000000000000000000000"
-            + "000000000000000000000000000000000000000000000000000000000000000000000000"
-            + "000000000000000000000000000000000000000000000000000000000000000000000000"
-            + "000000000000000000000000000000000000000000000000000000000000000000000000"
-            + "000000000000000000000000000000000000000000000000000000000000000000000000"
-            + "000000000000000000000000000000e5a47fa691568971bdef45d4c9a7db69fe8a691df7"
-            + "f70a9341e33dba98a215fe9651933da16a3524124dc4c3f1baf35d6f03369ff3800346bb"
-            + "d8c2e179ae4abd";
-        String expectedPublicKey = "e5a47fa691568971bdef45d4c9a7db69fe8a691df7f70a9341e33dba98a215fe9651933d"
-            + "a16a3524124dc4c3f1baf35d6f03369ff3800346bbd8c2e179ae4abd0000000000000000"
-            + "000000000000000000000000000000000000000000000000000000000000000000000000"
-            + "0000000000000000000000000000000000000000";
-        byte[] strippedPrivateKey = XMSSUtil.extractBytesAtOffset(privateKey, 0, (Hex.decode(expectedPrivateKey).length));
-        assertEquals(true, Arrays.areEqual(Hex.decode(expectedPrivateKey), strippedPrivateKey));
-        assertEquals(true, Arrays.areEqual(Hex.decode(expectedPublicKey), publicKey));
-    }
-
-    public void testSignSHA256()
-    {
-        XMSSMTParameters params = new XMSSMTParameters(20, 10, new SHA256Digest());
-        XMSSMT xmssMT = new XMSSMT(params, new NullPRNG());
-        xmssMT.generateKeys();
-        byte[] message = new byte[1024];
-        byte[] sig1 = xmssMT.sign(message);
-        byte[] sig2 = xmssMT.sign(message);
-        byte[] sig3 = xmssMT.sign(message);
-        String expectedSig1 = "0000006945a6f13aa83e598cb8d0abebb5cddbd87e576226517f9001c1d36bb320bf8072"
-            + "61bcd177ddc133bb0e43bfef03f25536a685cd509a5c8f2ee46c23e2d46149d0de58feaf"
-            + "910909d213823f98c5b8eda2522139675fd7a82deed6b795aa1d8eeb0fb5295e6d15c410"
-            + "c6b9dcacbac9879a55cf139c09dbc57456adee05a8075870b5ba92aecfc2f289d47e1def"
-            + "fbf10cd01a278bad1bd063813b63f79db79c38c357707a0c31c3a9d0d58ddeb2317440ae"
-            + "05edc55f2643b53c6b18160747fb27b5f24f2b0b2f8840b489d51a6adcd3d74d90a6e9e3"
-            + "c96630ff5afa8de978e03f117b1082a0d877aa0ef75b90b425b0e22acb8633b6404be938"
-            + "969ae16d926b8aa4e16eb13f8d8b9ae8f7eb16e0ca7fb69b428011d3bd9390836d46f971"
-            + "b83f093dd14b9df1165b8e256bd9d80354ce4c60c077f21bcad49ec4fc0ce33212c45460"
-            + "899ad83421a98fa5b6c153d1d3aeced17702e266353acd195d408da05eb38c550feacd40"
-            + "4a38f6657360c9f7d373d25ecdd885daa76aa3798ad57d756f0aafcb6bd46d58c78322ef"
-            + "e0c94ca8be6a35ccbb75fa14b913965ee02792b021c99dd60a81333feaab0757ee5ab0bc"
-            + "c7a5541e7871b1efbbbdf97e1f455c44327e846c856c3c2cadadd77b3fd4043a0ccb02f2"
-            + "527abc4be9a878ae61d78891f3b26b838c162ed24f90605f1ff34a25d8518b5ad57c897c"
-            + "a7ff01246712f04d1c85fcc89531d423ab4d1359b2e42037211516e096a90ea956a5ce83"
-            + "b423403945dfc613239d2defa006c04a9084f27487f81ef85b7cd75e4a0df87c57343caa"
-            + "9805ad886aba0877dd6b123775b51104c45097d15f2cfe2c8622f229d7e83440e3f48e1b"
-            + "507d47a07065f091af9bd30d24a5ea7aafeef7537d05d896192e18422792b7d57fe63489"
-            + "c05c36614378bda9cd9aba1c2f64a45ee0851d8f88dd9e531c39f1e2479b81631919fa75"
-            + "b12d864d49e03902a495965e72c99ea101ca2d02b08b0ccbdf8c38dfccbde27510ac37a4"
-            + "0ff4737aa9304e67477c0215f496f5b5f83716f44106b2d1f609eb1731093757cb4f6d3f"
-            + "5d3062b38f55fb7e2a39ecfba7dc601329dcaf8181caf7412ee160aca1ed3c99932f6a67"
-            + "3a08031a11bb64f641a2728e2fe973cabc7ba40783e422270de34919fabac4126a6dc035"
-            + "531efc2ca61271ee0fb33c95d4d4f7a00abf39f98557d5f7bf080848792996fbe0b6a0d7"
-            + "83b647de6a3fcbfbc76481c79e2d94d660c81eb108875fa8ec3263f868b1da745064667d"
-            + "742b53af85731707aa8790fe40e1b06e1bf9efc9c6ca01ff879ff74729513d346007f9bb"
-            + "71800d128f6da23ecc6babed12bad95b3694f19921f7135a37ebea9d27a8cf1323b0e691"
-            + "739fa44350e4f6afe6d16acdfafadab222878899294946b6854294d15b68e9f7f93d4ed8"
-            + "c11d020e0581b9a464081ec7f5fed13a19cb33f32baa974e2558299b6f3a1546e25eea06"
-            + "a7cd780f58f2483459a4dadf9752dcd529d09e96028c6bb62c1e08607b3e27ac235d6ce3"
-            + "b267a27170f1f438be2ee415957b105979497a702b788f7908209fe6b6335e833e2f725b"
-            + "9b95a3a72babfc451b64f55aaba51bd160f857a64e428943e03e723873753da48b300a19"
-            + "87585af96cafd52ac09e13fc989c08516a252354b0a38120715629805a215564df944580"
-            + "205ebbdb56b5dcaf84875af5e943c2694914908681e0cb42334b6f433689dc94a9201f0c"
-            + "5b33e726d7bb2334011d728cdeaa34241b01e9cb9bcae0381451179a178803814c427a6f"
-            + "16ee1a885069ddc37679b5019993d90e1c11bdb007ad4300fcc577f00cf37115a02f5148"
-            + "d663715732219817c2b82071c1ddf65e696b58c455b41f576efb23be40652fa3750075aa"
-            + "88bfb63978347741d77efdee423563165f92083b2388212b2a97f4c075a4cb10fdfd50f2"
-            + "0914fd9410fec1d180f2bdbd717388dd7b65a3edada491ab6e9dc572caf564e4c3295c98"
-            + "216a005cf0e018db54f85e1229f02c1475b25f3a01064c87f2cb82152c12e806173774cc"
-            + "ff810f1c037dfe7fad1e7f9087d4f5d4c7986aea352e862a06f49842247c296683c0c13a"
-            + "837e5359681425913b4052daebde3963b4682bc8a4d977a50e02c44c3a4a7b90f25ac452"
-            + "733012dda1daa631af5d6336ddf743ec1fb5d54ea6fdc9f463c4577f4031602b8a0ccced"
-            + "a6f634b6d6024f7b07995cde12b118da114a1218d0f3fb86b5ef600fc06a244db3f93dcd"
-            + "4f7761d2d3fa3d9bd461fedb4353000e6b39cdd4b7c8431abdfa7945727ef046208525c5"
-            + "4c128679606af8b290d52d9e224803449e5de2b3837623afc7539230840dbcd2f317dbb3"
-            + "32abd082d7fd7a06f56073f08c49fd3b1706b3586ffbb5aa0964c3edafec744d32e41732"
-            + "ac4cd4cb9de2150f42f7d80dfa0b3a50b2c2b9aefb8d613572dbe808057f45d366aec13a"
-            + "30d385f93c830cd330ca3f13b43d6ebf7d98ba8547b9eb1b6b5247d67571e0c97c215c3f"
-            + "49dcca4a5ca83bc78795149352b04b4ed9ea0d3aac261571c0a70aa86cc3650ee0609230"
-            + "4393a4cbc4abdb367b48024e2edf22885fd0a3154f9d33253426c200c5b58e93eeec4fd5"
-            + "cf80cad508d9005fb29ae4c50c54d6a5f9d8baad72ce566b3ff638fb62e3d166de11aad5"
-            + "53dad08d3c7a2bbc4a1bcddf96b3f319f74377b61b734a67b58ce9780d5ed4d0e8a823bb"
-            + "0b5fb5ce325a1d5c69a6709fc76032180f0fe7f2e7c98ddc0ae9654f609e80acfc27a087"
-            + "e54fb9753a12f12e6ff064cbcc9195190a85b779e79b87bacf85abb62f41d4c95eef2a06"
-            + "2abb0dc014290bf53bbed19a2eed94fdddbf289210669ec240face374bd200ed9769d320"
-            + "fd694dab4ef862ee24d76ac2c024a60a246cbf9ed2c82ced5b3ccd0567a333a2ccd37375"
-            + "39b0608a79c0228d579589dc48d5c1d762d90871c329b3226c8d08d420749b609c7a9918"
-            + "9675c5e67460c3e20da7c2ccf55c8e447fcd46650ed010085025437cf1ab53993be63841"
-            + "6c338245b39e4b754bef2df63a94fa02f99e1b0f0f6ae60d632c4b6e3dcb165a2c22b075"
-            + "909dfb80e26fdb08bd57ee5222ec65ff19b344e0e81477f50e2b8719d1d9a3c1a55d5460"
-            + "711b88eb4f2c8df8d17d38832de9d4251142aa2cdb5a9d81a0c7a98e2c3c95bf96e73c68"
-            + "c78d467186eeac1dffce382df7f539590f78d0173d3acb9a7bbda54a6a4076d336b5c085"
-            + "7fde4e1e6dbc6cfa548668cbdd655e2fa2b4a13aa93fc46b4bb8bf3cad806fdf2b8e6a76"
-            + "153038370eeb6024ec9cd86b07d85167e5e502c424d56512c2d24a8bb30c822cdff17ca1"
-            + "a311e94d4f049163678cf51e2f6162b06e62c171ddd7f18314bdce08936cf7815b9ec824"
-            + "0e8e693dc9e567fb7238b6d492e602aa4582434eb270d53f66898b6bb6a1d8f4ee2fbeaa"
-            + "244604dd1340ed2fd6f0ae22f872a40d61c334473b2cd3c1a9433979a0c1a3f5a483e026"
-            + "d7b052c5651fdf224651ccdf2b0922685778a77679d7a7d8eff40afdc275f475d4298de7"
-            + "404df9e8b98dc81694837fe74e5845a71c23e6f03c98528e7518706b90098e391e380c7a"
-            + "89893a04c191358d15e1642ef942cd7be0cc978f58ede44df855ea01dc8e9292a7d1fb26"
-            + "c47a6b1a394c2ed171e13a70a15d86713531be57538d0baf2c3806a9298e7411de821bba"
-            + "15ad13ffb9782faf718c3ae85e48b69324926ec5d87783ec00ebeec771dcb9fa1133503d"
-            + "294c8bbdbf3dcd08a2e117857200005270ea2c9869d871c3f027127a4f6354c87c095339"
-            + "34b8523104eeff0b15893d78fb6bc65b7cfb1cd711214b70849e4c07f137eca3a98a68d2"
-            + "b5e21fb8f0b8bb275f5b551ca77373066a7fbc0b8fff4925d69482ea20e10f56bdf42354"
-            + "24678d203aab87c22473e3d7a6bfecc69f29134b5267bf710c0b0c08f6e92a3d98f4c076"
-            + "e15457ec5a8683aa8b42ff2b400a294433432add3db210b56bf6e358662a3f70825c43ff"
-            + "893b1baabaf5fbe8f6d5ad8d10f01405e9c88a81373dff3f59e757094cf5a243548e8db9"
-            + "770d99fa4f039234025790e29f36fdf3d2cdb1b702881e9d0e5dca476cb5006713e6e793"
-            + "faa92466381b8c1152b254b8a002888a558da3a10cd03b40c3121825520c3af0fe188cb6"
-            + "6a1c27d3d2d0a6e5b7fc91d2d71ae5212088f337ea64bbfee2d32f81dbf579ed0b8b36eb"
-            + "13cbabf043a74ae836682e48ec90b73a1d43e562296a5fd290558bb0b54cbfbdcc598677"
-            + "a062264798ec80d8fccd138444dc5f788a83fc72f0422959e942d4823453c811c93dbef3"
-            + "eaa25cf95a6c52ce4dd99191f3993d2602e35a494aa930b89ec817200405fb9a51a34ea1"
-            + "b34e2110c396776717dc7e84ecb95352f81e7f00698ce48fc30fead202d2bd0d7d9d3ac8"
-            + "2e8d4582588a6073a8255eb5760d28a1e136ad40b842a18b0acb5c475141bcd6633b8cc8"
-            + "67d8abe2f8faff2ab992fe32abad052bdff6a16f2a6a0e8babfa68e59c862ec7a1c25544"
-            + "39c735e1c42310f649109cea6a8efc58130037a3a5f25966520e85321aa826a4c5c684eb"
-            + "4f7d1dc74c97b4603419df4f257c613a00c351962f4c154897328109494629e64a3984cf"
-            + "42c9b0b58e9cf65613040a20a63b4aa24f4844c2b6cd99049298bebbaad1e96f98811cbb"
-            + "7fce15c3370c86b383386d6b3f17d46fd5a998f0d7f3315459f6b0601eb5af6d4c73d8ac"
-            + "29bf03eb11f0bb5b528202404a5f02766f0dd60772e8435bf2e996c7e488a8508d8aa30e"
-            + "e3ecdfc5053f14fd70b2b11a75d60c2ecc557411d1fc6bf6ee2dededa3b016cfc680895a"
-            + "2f3733f57f9a69368101f10bea1d862c71e45a3c9e78bcf164b0c18070794187f0f998e1"
-            + "d38b03503121f5759c298ee10aaf083ed7ffea7573fc4e7ae46563229979e8bcae0ea5ca"
-            + "6bee5f7d7c7c1515056df6db5252d043730434d4900408dca27fe2628847002db7671de7"
-            + "79e350273236a614716d8dd0971816fdba911f82e35c4dd85e3d60d74c968e623f661a25"
-            + "0489a77ec2e04005dc09630d0d3c40fbbe567c19378587f1850c9161335b0c62a2dcd7b9"
-            + "ea3cf9cc8693989705e19c24324120a789b2e02a67b86c89a1a753c536027d1a7290d16a"
-            + "0bccdbab19e1f0b855852be5744c4fd3fb3cedcee941e89af8b2664611899c9031ac23e5"
-            + "5c9cb583c1dc185f0ca3f562e4c15440d66e3e173ce4f1feb0ab3b12668b9670e3ed6487"
-            + "2ac5c26fa422ee686aceb141b642c25281409114596eab784c263acf5cfdc25ced796c1c"
-            + "660b71acd00d8eebc3b9343aad88cc9072abc1d0a0bf9b39a0513a85ded70261b4dc5a30"
-            + "c8b77625944e50dc3bad22d1e864d9298aeb58f257ebee0edf742111f0d41889bad23705"
-            + "81d3e8953857822b8dc368b73f04c22e4d83f3b3c155a53cbc33da680535b6ed236cf26f"
-            + "a4ae5ab5e0b244c0c054e203aed4d661e9b6c79e43a43337ef5510401d01cde4556b0af8"
-            + "46833f0b97f1d8a06aa0d97f20f39fc16bb1056f599cb9fbc25299397c277a059429c463"
-            + "f1ceaf360d75601dd0f975e88dd60381ef0db76fdca1b55889a9f770857fada11e17894e"
-            + "c3c849cc6cb264ec9fb93853402e888482f28f4a57faaeef5ea9676137a7cc855dde32e8"
-            + "57ed52874d3066c7965dce2f0301dfa47faa3c9eeff43f10ac6a374deff4a06d7cfabeab"
-            + "463bfe6bbcf14d1081f8d5ba889cef409bb5da1959c74b40c5048b8861b4fe34cddcb663"
-            + "10a9126722bb297df7e8144d0e714165becf777dc8200365c73b5b86a8b7684817334427"
-            + "3e3ffc29191f2b51b39521f9419d604f67b1a628e3ac9eb2fde8f29367cce39fb31e32f1"
-            + "4dc4c64e6fdbca12bffd249ea16bc2314ebb184fc7065f083ccb7d1d8a78d6d3e0a3c747"
-            + "2254f9566c334dccbb17df4adacf24e2682559989cf0209b80f1fbd141b0a8de8ca2e8af"
-            + "f3ba7b2d5947e751341747430ed57b02519bdddf42f2701389fd3249809dd0a7bbdb6d3b"
-            + "8ab9f9639d51dc9bbf201f6575a02319b4948039b423633c92c0f51c6fd32c1d2a52f7ef"
-            + "925d33443521dc228d7ccef0f1ea20433ab928157443677f15460ba97ef79979ed53c6c2"
-            + "59fc0b016c7aecbd997bdae8c0366656dd979074ba42c31b8664995e5e384c941f4798d9"
-            + "d67c0ec89599466ef2048f67dac2462014ae463a3a5b8322638a329799b1223c98ce5ccf"
-            + "e1a4cb682a2f5f08d9fccf05b5e38c9882b49a6ae467b8232f1652fbfa90c66190fbe8f7"
-            + "debd0653fbff088a039d833f9e98d853648543bb60eb4ed5c4e3ec2c0480a7b2fe85c324"
-            + "c4869aa01b67a73204b8f0cbaadb040ed9dc55385c60d3dcd27ffe50373117a2e90185e2"
-            + "cdd4c636e705493ba1a31ccd162862510c0eced86a4c855db8438d59727705feb2533f6b"
-            + "4d520028d4d76fff9ffc3beca001547c5a60c2275f2cacf4c0cfb039579dfaf49c7b2641"
-            + "c5799576ce34d342535ee5fb0217eb2fa11e97497f0db7a370dfcf5f62af311eeb33711c"
-            + "febc494919332b30a705273d0e81affe2570e2d7fa60b7f8bee710f05fda3cf2f2b0ffe8"
-            + "cb0d58a8d0d7e3d0261052970b75d6cc1d359f631f4057506d80da72a7aacbbd2c4b4595"
-            + "197a04b000ee19968ba5330f09928d323e6ee9e79d29a5a782284ff77c0548e734836a3e"
-            + "267d7f400ba036d2307f8046ee354c7e38ece1c56d287f97ff8e15b863098124a8db672f"
-            + "b34d03d643985e792db059c186ba0d942dd9c8f07edee0fbc32a306a665d12fcf1604c64"
-            + "f8907cd11fbcb6b2b10aba8360487da02a36afb3394cda20a86831da07ad163903accd4f"
-            + "187c04e8f7338d530e26b8900dc7498e2ca5e0a5a1c0ec5c3fb6e88add97b0494c050f89"
-            + "36c1e47556abefb089e47e4c52d5295494507a6c2986587362e0a38cef01abb5e1869b72"
-            + "4da3e4c663311bc7f8690fde3620846175d0bd8ca8b8b988ac5164534fecca9f27e23fc1"
-            + "d69d01b7fc57a3607584318adeee92cdf84316662e8c44336a73fb034b2179e22bfed2be"
-            + "8038184520a30e3f957fe14a9094f02e2ffdeb2f957ad30cc76fd1d87e979bed9eae662b"
-            + "f90f9402ea80103a4f0d443c1bf8b9c849bd2d8e926278ca480cf35f9c25d5ccf9b2de06"
-            + "1b76f31e47e9e5dd94bc0d46e89b5a7d39eeff7c450f527fad774238b0555b1aaf3241f1"
-            + "27adbbce858153e7a0c53054f0de415c9e9822f50d707cd54c3adafc517b6f83009b02c7"
-            + "faf1b891467dbe41671a164d265122e9e77330e480292b1454b6b52ab209e4a69245d3f7"
-            + "b91c2b2387368acf126f8e59dfa1d60a601b11c1f06f2b77b4a955cfc993938920584c86"
-            + "067bce8a9e8c8820d45f2e74223b3f84586cac70e59848171b546b450227d68e802878f3"
-            + "c8b2abffb375b8ea6c3b5ef1cd6c93ff514664504d7c16e6c53b7b6377528d865581a631"
-            + "76d5e5748251f5e5876008d95aad25dd6d3420505a973b99ccb45b8318cc3b7fdfdc2b61"
-            + "c46634b3eb9cbaca52cba4deea66480e72ab109ab9125c9084ae912770cda9a71d4e33e8"
-            + "fbaf8ad2420dd751a71497bdef1bae3bf76ee27ac2d2654ff72a2d0a924de7f4aef3a573"
-            + "4d1c4dada0f9e4783a29a831299af80dfe1ef0387e9c268ecd25acc6c6dd3b1fa3f9d9b5"
-            + "ded2b9c4cd1835c2eebf659b87d91ea29ecfd35405463168b8227636365110eb35093947"
-            + "35f4ef9b97e8e724b463ef5478401ea9ea67cb66b14b2ecbdd77eb62bde4ed9f04a22d0e"
-            + "05d0b97151810724b0ede85ed777e149c6d4fee3d68cba3455fc8b4f0b52011b12c1f4d6"
-            + "62417bbdd549c7beec11303559f656b9cbec18ff0960febba208a2b7d532197506e0c228"
-            + "82d7b63c0a3ea6d2501bfdbbc904b8a2e080685b8591348e5443942a1a7459c60e2a661d"
-            + "2e6b60e95e79d0b34e54e7346580775352a8342e7f8017d8082a0a124d8cc39dff4ba8ea"
-            + "67b5b80af215a6d9db612ee4f3864e309874d5f7623af92ac013144fff8f7f4dcf1ad1c4"
-            + "a34c3a5507cf897f6df7a942bc1bd04bbd25793c68d25be9bc4bc170b15d0dba42f02ff2"
-            + "cfa4ad68a359cce4818e5d4a3199cc4b9bfb61de9c636e85f1553b895fd2fa25efa9aa2d"
-            + "487004eb9a91a869085b3854ae7b08c1909d32d4609895482d64616c59dc2ad593646372"
-            + "cd83a0f836eb6e9cf9b0a6ceb8d585eb615f7e9910d5b551501c2041625f8ffc3ed84d89"
-            + "c0dd7a44e9fd95960cfb24041df762e494dfb3ea59f3da398051032cf7a4ed69c86340db"
-            + "4054b44248224bd4414d6321e5f62767a0b8e171f3aa93fb282712a226bdff9601529248"
-            + "f5f01d6cd849bce142ef25cdf9bbda6d7c41f9ea28c86f918e1884fc59cb249a1495c90b"
-            + "8bc80bf7e040544145c39f30d9929ce5af1eff90eaab34a6b403311e8dba9526ed62a2ef"
-            + "f62abfef405ebba921a3cfa227d7df759f291fc681696be8ccd751acea7d73c5a46c612d"
-            + "c283598ad1f900a84426b22ded887f4d86894221eb08fbda9ac7e16117af2099427aa2a9"
-            + "c80c5e257cceade53dd5263a82bb50b2c5ac2c7152d30a94a15013965083e5e6acea191b"
-            + "d96305845d52748490e0d7b6f2021fd87d58c3cb0f98674633f2d1948cbcf26283f93d96"
-            + "e3d190dec4597cea0d901094152211e8bac1caea98399777a78d50b004dedcd9898a344b"
-            + "0f183bb92cd443ee23217d72ff2452322358fce49b933cebd7ae38738995ee717b6caf23"
-            + "5daa7e0fb142baf37ec671223bfc3cdf1c72033dfd99cf99bfd2f0d6bb036f238208933f"
-            + "c5cd15aeb2c368902e718d5d56dc838668af67e6a31558570ba94b7b0ad4996fc2ce0207"
-            + "44615b6f8f54e4a9a8698b6c668a763429ad9ce67ae3564707cc67cdcf1a204eb1524e40"
-            + "6a6b0322f31dff65b3c24be95f2a2a41a5374a0296df8bbf26f6c91f35bed4f3cca93602"
-            + "161b85c6df668c6b3fb0b64856e7ed6b92dce7bbc22d113c47fb83d73a292574dcb83e48"
-            + "5c9658cadbe9a5ffe3cf7bdad2cb8c2353f7cbd532afdc145418d8da7a120c4eb76b96da"
-            + "e4171ef38de5fc358c018e7ae5cb19114d561f0f8d8c694681835a00f24e6b96ee17018e"
-            + "f4c55a89a6c2e809f84e9ef44eda5b3fbaf555ac559f4bc2f4fdd15db78a71a2703e8391"
-            + "4933c02fba48f662d7132f53c36bcf5e368e3c229f65185ade9fe3c7c22b35b9c2baf66a"
-            + "6d634ff38ff6323500b06b156dd979fa95069e04920ae4cfe3ebdf4a1e9989f2a05fa671"
-            + "f1aee8530aad437486955e8dd550dfa6d14581ec96a461e3c8dfd7e665a48055d75c9d18"
-            + "dd90e25f07b7da7655a00c7772a10cdc20971df1a40e717df3218915b482b4391be25346"
-            + "ec316fd383b073f3cbfc4cb8010d0bcbe46d40547114a965cde92378948d70ad0ad303d9"
-            + "09996d3647076b0ab34f416eb0de2ff650e88fe262a89798e3b4a67800af38e9f4e9708a"
-            + "ba2d8d1241814161a5ea8e8f5419f62d3e1cba998a1fd7e558900baf4884a621c26af5ee"
-            + "596cb9912168a8cb7f794599c132a4f30ec650cf861df285e4ff09b6dbaef83283bac83a"
-            + "1e4d0e748f809c22b95f3ea77ebd158a43c5dfbb4d298975d4f80d7b2af65efbc7631de0"
-            + "2eafc1bdd75c9c604322ed146f8da3d9a605b1e69ec0d22318ebfde140b1af07990c1843"
-            + "4653fde6a6b3705db69abb161f9745c56281e7bb28f12f2d6e8936a64ebb9e6c7f884047"
-            + "5d850d216372ba1a3e024abd90a5fe81aec6e254c516e830b437f94f17b32552eb3b2e16"
-            + "d8c3973d349d7ee99d4b95118e1df2c6b583bebf64a2dcd7b4441b23b9023262f27479d8"
-            + "d4082b2f2f6f7d46e1a8a521a4a504f5f342b92406db51ff275f25b256fce44ee22d1c43"
-            + "8976e9fd64b9dc31c96b72483c22583ef2fc7a975133f0625f8dddf203d526d9380c46e4"
-            + "ad1d78808b5b767a628a78595db123676f094267e89d493294415ab339b8f510417bcca9"
-            + "ec8ac819a70c396a86e7589736179b7bf8f4a454162af1e8415a179be0fe91c30d9c3267"
-            + "7c112b6ef56b69c87dcdef27c68f711d1c5fdc27f5e0a5b2f426753a946413bfa22df63a"
-            + "bef7e141e2d85e5c6ccee03931466455d498542179b52a19352cb5578b8a66210e1db37d"
-            + "efd5b1c973d8dd91e2d996ad67e3e4df65495d6b250df29a4e17fd2ba03cb8d6e5c0b88a"
-            + "25978d921e88fe1f68cbba6fab401bc1e0d092b0cc05180afb6cef33a9202a4841bb089e"
-            + "fe2384d926542fa3dc6eb8ef06aeee4373cf1d3eb62dbcc0a97dc4bab0a66396b8af9389"
-            + "24ff416c6627c1dfc7b9917d5c7c0d23625d6e5c82b938b72b21329b2e89ea867fe10054"
-            + "e01ee7c3692e796788d236af325020b3a24c4cdcc02762ad5e6ea70d5d6a1afb34137ba4"
-            + "77a464cd13c033a8e493a613307b7ee5b2dd06912ec0a9a64d2d81ea4454773ce21d8eb4"
-            + "19daf7686b12f13bf296f959c040cdc4c43a69a580679e61a503ae92ad8d3beb250c9731"
-            + "cd567c7b65ec13154d0b78e38e8c782262895c78f3293a0a1f88910c55fb45ecdd2e333b"
-            + "f1b08cc4e4e5ec856786b549eaebf7c8a56b8a0801cc12c785888b59459551276a5b5ee3"
-            + "932ef0801fd41a977cae1967d3c1e6f9d3b031b3cd01948eee0e11bb504b19b7b04968da"
-            + "9f2157ecced3f493fc0c0f5f22bce33e4b343ac849fcd9d90c133540079d743054f7e021"
-            + "11cc2ee9c239db904ec2d2e8371308163bd104b36fa4c8fab5d9e7845f87e73c83503872"
-            + "35b1b184a29fe6addbf3d33bacb79597a96ec68b2ad564ab631c58d2e613af2a3afc0069"
-            + "2d9c2f6957e9e3713dc942c15162c85658443002dbc22fde900b1b610e4cc1c3c9be6e62"
-            + "30fa3e401f9fe2efc8c58e805ffbad01c28159211026e25e168b7eff128a6d0d4f223785"
-            + "21e3d2b71c936bba99436401ee53066a49a5897c1790f0648df0bbd724b00e28b70e9252"
-            + "528c2319a82a28e97c829c000afbeb414aa0121eac2928c1df2569eb887b97d0f8238c50"
-            + "41afcc539eac5cdf7c2bbd44995a11486d201780359010bdecd3de2eb7ef056e5a376d97"
-            + "2e359fb835b10b3fbf44c965764f8ce1a1a0be53105c316e12ad635287122be7a9b96571"
-            + "bb84749178f0e30cbcbffac9998786424b231c1b83b6afe5e8d256678d019b700cf268b4"
-            + "b780fa0c54de7d5c6d73aa631970e615a3640de59c7e05deb3b575ce031b07520a3cbc67"
-            + "bdf077ec8cafd5d1ee3fc327bf5650371de243dace406685c44f1c49726258927491b93f"
-            + "c7b6c5124414fd5f412448ea50cc9f5114d9eb029dc042bb414496c44ca41845b2d95013"
-            + "d44bca0fe0e6206d0e996cfa2d55a2ec8c3812624581087518f524c243652a957be58319"
-            + "125ac0f1df744bf3feeaf0e51242bf5888232d98fc8eb22fe4d4bf0afb7bb6088e7622a1"
-            + "3a02c68dc99d85158a43ba8de8e14c4d2f3b7c7f7cfc5f2a2a2bb64117c917f3f47c8ea4"
-            + "cdce442dc0f1e6434fce047103a5a2abcaed39f631ba9b939f064666b9a42037d9ccdbfa"
-            + "ee2a84d01affcf8d1c1f6c6729cdd68da6c7fbdf21337d1a04b2b23353b3f0c471db3470"
-            + "f5cba3cb85804a414e0f47bf1959935ab7da803f70eefa76b8a52c9ce07da009da4eb3b6"
-            + "afee77bc4661c4a84c0c433ad1dd3342fd09e5fe76d1e19f53ac72daa711f40259306ae6"
-            + "bcce4d909f0673f8350c3b809c47cb34e40362185f78b0b1614d870872658c944e53e84f"
-            + "de3ea5fdcf649d7299cd74a108b89c3685135752932924a7e435af3bfe5b0c06f8c91735"
-            + "24c77ac95b83bade1a46d8b05f3b0ce3aefc97d6d80d9cf20f4c512cb9a535ca70266d73"
-            + "293cc410e485f745680cecd5fc2f6ed427101a83bee570429775af27d9f10cdb789efe76"
-            + "470425d5db1049952f7f09cd1bf0c4117446a49ffdc7baefa63500d44924a0d0d710834c"
-            + "c12cf9839584d11884ea1e3695a82a3e4aab26e52433a6807ed9ff3183a629bfb66b0680"
-            + "cd2fc1a42cdbdb961c143b0a73838eb4f868d75eef5e1caf4d6537e713ede3bea66c400e"
-            + "c92b13ac0fe873d1b6ce1e341f26ba63676fc8ad1dd685918d32da2fcb1a1c8d506bc33b"
-            + "c71101dc63c5d1933c5010b4cdbcee468f78ad6df53fe0228b4a61e58d0e41d922f6b443"
-            + "71bfca2b0c733fbd41141636752c7e67f478fc59b8286f0edecd2a6418e876ad0e5ed79c"
-            + "c32067798b19cbd6f886e27d3b454a4fb716d21b674ff67baf68653a86bb565d69c36dba"
-            + "6bc96c4b291f56931cf933a2e6e02438359669ddf5e9ec2f45f8d63bc12ebc4653e41061"
-            + "4a1c75cb94fcce34a9436142c3d835948bb23244e7a78f8d88283a142abea4938d673e9e"
-            + "0df348e5c65575095257e87d6491a9ef96458d698068c63620e4d6bc7042c8d43571d2b3"
-            + "9d3e833b4db28c8aee0ac286ec3a372b9cba32f4f15d66ae625974cb7347a1dfddba2479"
-            + "f5eebcb95c8cb33aae8cad5f2a804288266cd766e1b1184fc31bd339a8d81f61c013674f"
-            + "a27447c2bfcfd2fb6c8939e834f6e49063a9ad044eab87d3b9ca0ab5684de341b3edd450"
-            + "da0d6e9c2c635705535c8dcd022979f9517de188e7473155f2ba3c7e217f115661d56d7c"
-            + "86c3e490271c2f965803eeb76db142250b7a73691d238dd254954a32a2804e5c52799862"
-            + "4de030b746af16e8d2682bcccdc68e2d59aebd32901bd22353199ba3ad1b7c2504778aed"
-            + "55f9b5bcdc8cf218d3a6e19f9225e42b8e0935065aa49c831f4216742e201f16c62d2bd1"
-            + "528004d517956fda9dccaae3887179aaf65749151d36eecac985fa0310a61d815ab1b5cc"
-            + "e36756baaacff6151c8b428ea46a036511ba3db424922900f27b7a85715a17bf77d08074"
-            + "12b79dc7e22698aa1b615547ffc18bbcfbf66f54c82e222c066fe627f8997e204ffff035"
-            + "5f68d91a25d07cca0f38705aa8df9103b48ce62b85d0fad764b72b8f020f522c854e191d"
-            + "45c7e10576420279c912f8d3d16e4e95630ba8db0f59c9169019522da8015976b9a2e7da"
-            + "8ef68316acf9b09efb9fcdd712622fa7c2a4255cc89d1bfabd9c48ef7b15af536692c820"
-            + "6ae39ba495a4d07be2a9a574b55639a7d064bc3e555c0da2cb5134560d6dede9d9944a83"
-            + "ff3ac7a839df311a190f5d9b2ee3ea032921e2b7d1df36c0f5239a81927dbcea14d402b5"
-            + "75ffb9d7402de2f4c6b03a6e7a709115ae160087ebe31bc6d96754a3583272072d2dab1b"
-            + "ba21a04872641f86c279e44c8b898fd2fba0472728582f0916a1f2df6e646997b0223638"
-            + "a23405b408aecddd5b1ad27a0e425353ef5ef8bdd282aaafcd96ba2c4f03517829b08e2c"
-            + "a34d922358ca460845276b61f75feacc12942a6cb685193aa246ee91de431d31e4f5573a"
-            + "d5403bc67dbc695561c6888f16cabf67bc240479b628581123c2508ec640ad8b68e0ff9b"
-            + "a7a88c0383dabaa460bb248465a72742d158629fe77c7d54f86487135543f5dbcec02960"
-            + "dee118edd5971f31b2860e271451018288c3bd3e8f60a0b521c48c55b0e3ec1135c50738"
-            + "740aa465d0a00f5d8c072d3823a669262cdd7a76b1696d04d94566caf49091d587c41945"
-            + "c8c3da080c633cf24a7541bb7a888074dc3c145155c2e55870f59d980cb275a926b4b498"
-            + "9994904d35249697e2d8f3a03ad2828ae298c91da45073fe68fbe8b148183c38d5514ac5"
-            + "c27aa4bc300280450c42eb53000bd789cf466613e1f799c6cd8c89a88a155308f732237e"
-            + "3c4aa75adefa0e376d4b6549680aef721f2d1f6499f1869c5d19a1e4638489a5dd76bbf4"
-            + "30f62d98af552e1e323b906a4f297ea41ed799c448c632cd0831352cf61dc5d292b1d354"
-            + "3a23a4df7cf769a4546b627901032ece8a0f7bcbfcda27b1b22bba825049a702492236e4"
-            + "d2de20996c6f80936a8ae1c8d09a8de958916275d3fed29de01a2ac5d467382595300eae"
-            + "cad859f58910775f6621f0189c771189abd494885186d0075dc623bfb716f976bb3097be"
-            + "6c30675096a2da480650a6af6de5677105c808aaf67db6bee7b2d7e8d1b8e754893d4ff9"
-            + "bd0f06cf92d38083eb3a9a1a107209ed75b97b0ac8b033129b489e78a54723d082dab46d"
-            + "1359bdd868d489f471a6aa389757fd990d713c76ecba3f86f6de4e7deb61f59c997b4ab2"
-            + "b313b662bb4a41e8e73ed19f8923629e28af37d986ef4a1d56cbad336f952896256b0004"
-            + "b3310fd55eebb3e2e8b2783efbcbf564b335073d6b54a09fb108e8f385e271514032eed6"
-            + "f095ade61c9287ec968f253d520371cfe732569f52ab9d1f77887f7e737e6b2fe721f3d6"
-            + "c6b09b82b91c8b4212e50aee1a89e6d7f60d9b73f2f59796cc3f1d8e34afc30cc2520092"
-            + "ca11e03a141d45b01cedfd219a7c2e03475475c50000516cf51786c5c87aca790ea53297"
-            + "8bbb106734fe46e51e69faa68daf9d4b0830db5dcc57908abe92535a90e573c60bb65b1e"
-            + "5464c8a60dc4d97068c4fb9647e57ba8208aeea49e2b9a37b79eb01233df8ec8d110a71e"
-            + "f8ec9276b96683a1595ace86f2e6dfbb0514deb91935824fb9b47032740796cd8d90fbcf"
-            + "a899c1011fdff1be10b65d201b92bf7f89cf1ab6b09e925dfaeb43c4febd6941cbc67245"
-            + "5405e8bceea0962549ca51f8081f508cdf9d0ebab48a63942d38f2c2d759489b97e234a3"
-            + "d78a35f8ff140c64e5409d8198264291793e7c5d2b25ae63d62b12de69eabd00d8499273"
-            + "2ae1080ffdd91ca97e5c396f98ffc9b3702c5ae2d9ecf9fc328f0b412dc8b87801acbbcb"
-            + "06067985e3fe7143578fcafd391b62e8e4929969f989d9a6b36b3de7bd1b5d927acf9cb0"
-            + "914ccc051efc9f6a6b1dd9105c9cd8a04e209e59bbe2105c5ec0c39188dcf830b59e05f9"
-            + "a29e39024872f21c634230989a09064b4795affeb43c6827102e1a3d6d9f6d39ae3302d5"
-            + "5af7c941802d1f57bdc1927e46307439e7bfd2366a0bb8efe51f488d88ac523010ec17ee"
-            + "bf976d3d0b9295b04a15a1d74d603fc040d7c39c7496d9118e8315a0cc59bab9670bd2e4"
-            + "bb5a13ddf1c9059acc06483409e8fc6df94b186f1bd91b34c650534620fd0dbc01bb3387"
-            + "7d90be97e16d1c1539933a3f70ef2f47d474a45e270fb230a0381b04cd174cb37a6193c3"
-            + "a21d15ef1d648d147b8054ffda79e6768853cd1cedf6c0abde8b188ed61ae757f62c1e91"
-            + "ebcef592225e2a906b927cbea0561e745477095686e79c8827464297bf57f3047f853399"
-            + "bcc4e623a0a2aad1e027dd3ebbbdbaa56d39f5265efee6362b0609a60b5d2de0a0b7014a"
-            + "d7b4c1b2c1b6b0c66ffb52391859d69929b8e14580398c9b582b4ee30a8e32859ea51a8e"
-            + "e87b9a19a38f43d61e9ba849a02e5383330f213c3ccc95c1fceba1514e21e978cc7fc821"
-            + "7a47fe3bcf8da76f7b73d903d1b4b2bc9e19ce2abc293300d877e339e233a89cf9b848b8"
-            + "412fb2b28478ee71f793a8acc0be59df1ebfc0e9cfaaab420f34e1ed986eb59bdcab725a"
-            + "1df3311c5cc15d1a9e95d4abd02cd554573a8fea97109bf1d71d19009314c0eeb0a47a7d"
-            + "a5f4d30f124f3b3a878375a3f40a35a6229ada4f8ba424b1ca3359e71747c3c4328eb173"
-            + "1523ae0b5e8e9ce200901502db37c216bd8ee04c5ac13b934868dc4cce31b799198ba2ec"
-            + "3dcf38e8ff87a822c6338d529aec616af9c85cabba08c51ae112ca72a2edd9c6bab17540"
-            + "f0d12906a332ac3676df445ac81ac7515d19074b590ba0e09f7f5810e90ec65feda16d5f"
-            + "8faaa335411a6d75d5ea5afeaab398e48f8cd3a29397c8dd33ca3a37c767b702970f4214"
-            + "f54be7c195ce3a7057672f0a372a0a3bd28a4029cb86a0135db6662b577c0e4c22336bda"
-            + "69a525476689329fff05de538dcf42c511602923ec8b6795a40aa62b3bdbd90116671dc8"
-            + "5c2d85d7316a8be107260e66b60d12cb0e264dc6cb95025d0a3ba4e97a19ae8e78588dd7"
-            + "8428f0a6eef5df595811f6163a97f6ce70c64bb25dd6c986477e40e342fe059b241c1266"
-            + "c34e5c02aeb413e1ec8aa74429f5d19392d1f10fc69749e23869f11bc4aefa6456c8e5ce"
-            + "6e39b88bedcd9a7272c9e50fe187c374a36d9343dc2d77b1487a8a50e80f4ad9631d77e8"
-            + "82b44579a9ef3694074b68d3b4698913ac2e3e58e4d53d358d2e578bb93aa15d0532584b"
-            + "86e78a3356e6bdf0f0c6b7d76eb282932436b7658f0deedd2906bf2497b193fe10bc6d4f"
-            + "f1e9ca2f525c3922565b55e176bc55996976db45c8955b45e649f111e0ab6167b291d306"
-            + "1bcc8dbaac26895eb8d753e7db7ab5c49d48f6d8b70ee8e4d58259df5a312d38422273ed"
-            + "b85db0565f1cdb7fbac26101904fa5685ff61993783031c0eebba04e4bb9b8ce016f47d9"
-            + "54ee8ad65acab924eb86f6b742e8cf714313f80d8916a1c80ddabc9b195948b29a82323a"
-            + "158479c0b521be15cd62c46d2d61a7b78fc648b4b7fe594f5cfbb99f8e42b6444612fecc"
-            + "4cfc0a2f9d74797fe73bb8116bfd24478d6d632a250ab166246f8da2dcde53c41cf0f905"
-            + "cf3ec5399ed44976361326c17adec177adadc2fa9b60fc2ff2e3612fc15f703a39bfe796"
-            + "e1aa0db055ea63ab393868b2d211930fd67165cf378ea0ad8de0c629b045a7443fa41297"
-            + "f352d4e577eadffec65b40ef8a598dd9a5a60bd8b6b8bc99c408c05b522498691a29b381"
-            + "06a919a0931019e9d7060dc618275772993a3d747d31f1b463fc9265b746c3d0e964b2c0"
-            + "ed781d2c3a2e3ae08279dff29fed0a5e49a4d70000eca6932abc913317d2bd10ff73cf40"
-            + "141d0adab9460b7ceced7a72569b4810fc34459038e718bbe5d856cfbf09e7f7531d28fc"
-            + "417d14bdb4fdd7ab0156eb637986272cf7d265b0a266826c49f7a6a22b51695bb8b45b22"
-            + "da51950af3fc1d45cb1604af954fbe130255ee7c4a9c72f452a0c4da085f63d00a8ec843"
-            + "c4e28215aa44a048c209178398031ea670e7cbcf13b46eb9b0b14d7bfed4cd311104b2cf"
-            + "bf67963a2a83e334b2ab635c7ca1acfc40d031cba1baaba6fafa28de8a9681838087c746"
-            + "464e1fa8bdad156f3fed84dcdf2e79f37c8448f7972490ebfa5f1fb19685d85303ecedda"
-            + "e64027d4e01eff6bb92314606b7f94d036b048b0f229844d1a1fb27e795d2051eb050d99"
-            + "0be0a9a44061ad3668350844537d2df7f21b5705bbd509c3e2d8e2a5b857f3286b2c42ec"
-            + "d17c56972dc46f81aa042b7d3f3188e1b929cf013d7260565a19e1bcff60bb3f2264b97c"
-            + "55727e732df6ee2ce9dc33768aea3d17eebd7b996d0fd615808ecc224035b21e9d28023b"
-            + "193d60188fa640380f602c87d545376ac5c1649f05d6d2353aa97dea9f01121305f14c0a"
-            + "422066be370c707ede7f7062731d60f191f0ef59c1d9f4c80d33a112cd0dbae024ef0c9d"
-            + "48f9ccf9092f26d5f32fd584211c545c80fe7a3d025d47952682bf3a001a4a007298dbea"
-            + "eb3e30ce86403107caae1559c455110dec4e2b1438c1fe41231786fd0728b2687ffbd323"
-            + "3050be657c6a3949cdc1284b88a9d830a7f3cd30bf4cdf8fc71838a03fea1affe19961e3"
-            + "53482676208856def69f41b71898841b814bb9d1e364d18ee02376dbbad47dd64ad50b41"
-            + "15bb5c40b25602fde40ce05245c343aa430734dd768a3faff36861949af2bb8b6154f70c"
-            + "839a5789e2b4ee2717b90f068e7336139e2fdbb6ce8698be055276aba2904b71d91b02f0"
-            + "eed6edf51d6dfefca76c5f338383b2456fc4c262a45bbc77a2c0ec5fa31df5d299933ebe"
-            + "5e7ff03c0c6a3ec4da17913e7d4a66f575e1041cba43210b367f670a5552e1c0aec43938"
-            + "fca0a0269d2f90adfa36f9dfc1ed826e1b6d5c235c56a0cdda40f135678367e2b31c88de"
-            + "0f246af962b89bd5da8791154e49a359fb3c7fc9d89b6ee260a426d6ce26c896ce1b73eb"
-            + "31a73779b666e343b4dfe65ba11bf5a7ab1d6ef21822c39de91414698b459d0f81c72a27"
-            + "05bc08c76190f32d67ff8be902508c9eff388ffd1bfbf7c601e59aa129b90f875e45dda9"
-            + "107eda2dc9d15478785ce6121938bd299aaf634d9628cd3f8495364f8b6cfb8c5617073c"
-            + "e17818df7bd4c73484ba953277c74becc0943b842bbf42cfa5a0e811f4b66da54f8e4327"
-            + "e0c335ab23bc9e4cdb8b05e6f82fff9df63d949b2897e1dfe9754a8a0616fa32d55e25cd"
-            + "2620f7ef549f9566c51cff7365db7a2e53bb09319e021f5ef265ebdef164fe844d0f7276"
-            + "dcec42ae714388e1aff665a32e6b810e30c65f70b96b4fc9651331f1e549bb51a9d72fed"
-            + "5b9de4802b4da8cef46b4902f5188b0004936324a967dbed9b70f4edae090f43dd963b13"
-            + "2265be0d897092f8310bcb092cd50f6ce6fb133c756c2448b495ba2d4eef0dcd3d6467fe"
-            + "a737af12d41ce47570d1b2b9aea75328d0d684721986cd66bb4333842bb50b69b367ea8a"
-            + "5d0695d690a345f0258012f3e3db9d74b4372f647d6d08141d71216624b2ffa71142d202"
-            + "64d8839b8be50d47247a8302ff2d52524acee80efff9f1f4f0eff23e9255b73b35eaf456"
-            + "d481ddb17a915ca5b29cc530f66e1664815d1f16d3591948c393b5c97ce9fe3a81eb0029"
-            + "b3fe498e611f33bfd84ce434ce49357e42087330b0c01c2c16e6155396444a4b5e8d6c75"
-            + "a001b43b43b4b0d60739a4f78fad4703c2a68b701bdbaee522cde5bf5abcd9413350858f"
-            + "e38025c23d17db8da158989fcfb9e52c283c4dd48112c3817df41f207ab75a6f7536fca7"
-            + "701fb87a24d40da59042bc2a4562133d940d4641653b51d15297f2518ea671cc789e61e0"
-            + "8f5fab391c7eb1f121b7d41c34ba97a47581f81dfcd08e7fdb5256da725bf1b2973d9932"
-            + "add08604b2fd3595eab51752767a900c3977b024f223bd2c4e90fa98afb7d39ae0c1478a"
-            + "6d8592290e59b3858449008f18f249bdd1e50b0a9127e437004469738e15535baa8d0e00"
-            + "1997b4c642ede79aae666b2582305da7000a327014e487c2996455aad3e12746fde8291c"
-            + "7147d29c5de976df6f326d9bb2b520b3672c82310d629d270fbd5834e2773080630e33b0"
-            + "51e8fd1dadc8cec7271726e9f7a02b070263a40a4608b66c5f32a026f5e2aa81e5271c4c"
-            + "bda381223f9a9fe149789440ca9e871a79708e84ff2669580d6baea2f343ba4c340eff43"
-            + "e37d8e226166f6a7127c87a6184936187089fddbc9f7881eaf66fd1743b2b3a4ed274250"
-            + "ea0bd98b9743aa73a438da5929e53456f58165941996b19e2790caec5e7f8007f881de14"
-            + "22bff2d00b217175c595e058dedb4aefec91549f15c626e7b86a65bda898178fa639d0ec"
-            + "03253bf7eb3ccbdf03d1bb29fc0a89fa24a40713d1bed82f27b19e275c76513f73db70d3"
-            + "f9ac37d3177df3e5f8e9aa9991775a8c20e1c14ec6a8ed46c4dce8540fd28f9f824bb571"
-            + "0c8cbc8000c77f1e7be647883420e930a94e18fa6e10b376141f6e19ea09d2e36a1460bd"
-            + "2a0c9d915020cee0d2b6e5f7bf34c34f7a4c98b1c3e3d7b742f0ea4a46e07a7b1203758f"
-            + "0e50fd846bd2201d6a4384dec0fe198a08a8e1ac1ca180b0fbd0e384f2a5eb81044d3920"
-            + "6f1662e9aa45e02066aac78e7a4a6f0a5bbafda32844e70ab313ced85b67c8ce157f4f0e"
-            + "02123a79fbb8f1e99929120e465c0df45d60e580882d4bef28f1d17ad76a3a711f88336b"
-            + "c8f0728c6d859504e1fa58e23f4db8085c55f05d42cf0789e0ed86fb0abcc28a65462de9"
-            + "3b3235eef13cf335bbd840908e5e39680700a52b6df5a27f949463a90e057c534619f571"
-            + "3f624bef9e7486541d011eecf69d2688f250f1035f18ea0d05b5753d6b26bbda5189790f"
-            + "fb7245037e8555a9b459563bc8dc3e374941d3d8fa4780e57e2b14dce8de1270b1b960a9"
-            + "9a93934b02306e449287eaf8f53eb959713a064411527a17316746a310e1098cde49e61c"
-            + "cc69cbdb99ffecc82fdabf8d4c77d19761910a7c08c6700e0ae38a1f8c66335c10fe3de4"
-            + "b2d1e069e6d33493b1257888a62013a3e2930e29d0f34e759a4ed44a7952fd555586cc5e"
-            + "22128894cb6857d9ed1458cdcbc51d6a588a5c1704f2e288a026f7c87b031789bca53749"
-            + "61f64042144f1f4f73756d453c774fb7393c1217e8753a4eff8b52f935a003494eb2064b"
-            + "7a2bbd1825d95be8ac2430e97720b963eb2ebc2cf9bf2710eaef878b84447354174c8edd"
-            + "84e03c107756c49524be4e3eea266a32215a2f789e429c241f6bb4b3fc7c56a954a47aab"
-            + "149b458f1b1865f019bef028aa50bea52d9d34f3890c1e00fd182e6de248d00f45b152c8"
-            + "87dbe63b6837b79cbcea44747ea52564fa661486a769fce752665a059722709a13d23010"
-            + "70b7bd5112b09484f9f281142541d1a664ff7525df6ef255778bb9952b6dd1be63eea311"
-            + "91188a8057620d3a0a396dccc3e4ad11797a113492407b5038ed52fb93df9d79a96b8dca"
-            + "55df98f619e6447a7bdb94e3243cb70fc067d7e87e63d4855957c180ecf92980eece0cb6"
-            + "fec9643d98d66b6ac2cac8313a8e47092f63d963df6ec87c02fcf2bf14c7768fe3ddbd51"
-            + "fbc1321d968266ec524e12f2fad86e6df61e2b38011aebc31d86c6e2616cda44539d6823"
-            + "e73a0966b787f0ec97cde096cb4d96ce93f0dd59c5902660a0b72760c887fc8cc887c5e6"
-            + "591b8b1527a80e039fa85efaf9c146e744da525f41cde7379c0fbe61be15de8012ea00c9"
-            + "1ef0522e9c7f37792819efa1d18583b5afb8f93cf19268ef59a5c89f67d92a6fe5e75070"
-            + "579f0e7f50d81508c78cffc9ced04a3dcee9fe2f31e3153e37fc75f90226c1cf577842ff"
-            + "261ccb3923c499de877a7447200f7bde3077ec129940a69bb7905ee6359d969f20def3a5"
-            + "1edf5b63d265b65abb5e60f845c56da01fd251c76e9fb75e1d8fc91fe34f8c450fc4f08f"
-            + "a6291da634501d6a6ec5ab5aa9f6855852f8ec3d419702c4c84a1fcade037304331bb6bb"
-            + "735680eb30799eda5b53999d3e5941658935b8f289c296701b2fc6e546a2c5eaee9dd9f2"
-            + "c20f645136adcbb9e0588c5f1df68cb5409282655c124115af588693739d34b2c7b16ad0"
-            + "d8255c793c9b2319a8ac9382cf2c7c1ba6739acb1c9d6a382905872ebbfbda447bd773a5"
-            + "e7779c05d49cc9b458d2942d2f2d40eab65da9830d52bbb89d315deaa93b78f3b7fde79b"
-            + "803c3db01e0083a6d8d7fc7dce8e3850e3cf8104f1dd799b81dbaacd11a50ba8b02b2060"
-            + "90ae2d166f5ff1e8cabd8a4559a5e42ec3aafc370bbd856ab20f43871004f43c05ad0be0"
-            + "e3ee5737be57ba4fc831b877178cc591dbb3fea6e925b807aa1acf226efaedab4095b1ca"
-            + "2a2a816d3f46d97ea8fa55c7384fd05b4ac078909d446ab0eb5775320e8e7019cb44b997"
-            + "8a83131b72c6a89d0b58d5ee47459607324229c0868f8bb3af52ee107a2b62ba13a9c259"
-            + "dbd55563d033effcebe2216770fa8aa25d311c744a32f9e527ca4d953122ac7b9b2a815b"
-            + "3a0e02bbb223a7417e97e19f30c4e40f733588dc3d1a69e6da5b0e7dd6d2ab8c82ac60df"
-            + "b55a38ac1ce907a8e915cc8564c1d85b3d74bfe0fe6a1e483230cce75a9a8075bbb897f4"
-            + "ad2bf6d6841078ef43ed414bdd1ae9d6cf7abe4adb8579a4c92abd3c002875ea20228106"
-            + "36f0ecbf5c40e43dc9191710643ce06076dbd1d4aeb38702fa83da29cb567a20e60fb8da"
-            + "fb9552251f1a908ee260bebd8bd1f81aefbc2ecd389a499162aca830e81a60e62a1b3fee"
-            + "0e9b4cf07c2717bbc4209cb7ff4b4f0d26b14cf605a75497bb111a14de7e6fc3fa963960"
-            + "026b9b0db19c6f314c32efdcbd8ec9545fb786dbc3ca1dc1b4e9b1dae53f817c313829fc"
-            + "b43a3b7e7e783cd1fbaa63f2367c5d51cb4f936a84bc7ab004d4be3c137ceabb5252edab"
-            + "0749c067cae8a8ed3e85d160d0dd10564a9587c639121fd4139df98168356341a40fa321"
-            + "dd6e6e76ef65c2967b41e9f8402b6319f8cc5de2a1ec98ca28356a44bae39b66b90666d6"
-            + "213e34909964530189249e91e9e7b899247b278308766d780c4b77fbfbcced4cc39f1247"
-            + "7a266f006ece0ef8695473f108c55b8c1037f037a8f872fa4095b396735ef28227deb33f"
-            + "53928584eef27076fd3c705e114907ff995faf0538534bed514db765a9d209379b4a28e6"
-            + "2077d7a25c8cc9d02563e8fdd5c0ec6d3e7e59ff0a2684bc054a2a9f053ad44e0de02225"
-            + "95eb693d5e06b596a0fb5120a94266c66cc498806ddb359d6de1d7321550d64feca08007"
-            + "ed025ea77eb3ad0d1f2dd47d1dbcf2f6839c274e1059181634a6aa6c683c648c7397b608"
-            + "7e26ad7848e332080e51fef34236ccd8a21b670ee4b6e7cc90af38f2e03d8ba94cc1b23e"
-            + "58260fa0ad6d97842c97cfb5eb0bde115eff312e58fd92268cbeb6e9018c9040776ef4af"
-            + "99a437d995e8e204315212b93ce27d7134f0e11cf0aa1ea35ce02ac2217859e15d97d294"
-            + "4b83f3c2637f5d7da6787f5e65bc6d970c0ea503fd72269459484d7dbc0b386a9971c34b"
-            + "be78357553dabeb0e06a927059c4192a47d2bfc46d71988347d9402f09f94bf723d1fc83"
-            + "a86d80ec8608183f46e59dcda34e6051a8b69d57a067156d21582da03e986c0d01a67507"
-            + "0615980bb80d582697431af346d66fd0b936f15a5edf9e67062c4792f373abc0db65710a"
-            + "74b64a984e3b588a822c96ac1a0bd51ebc7cdea67a73582c26b2005c5b2e886b5cb9d1a2"
-            + "fe8dff7833da419763d144c14b12e0ca3df6e19fc9adbe734a8d7869a25d5f7684a24dab"
-            + "d73400feac894dbbf2aa75f9ea2d3cdfcb9666024cff8395bd4c01488081a3b0facfbf5b"
-            + "82c0c78e9801b68e5e8c5f0e921a587de219f2527911e3b60deffc6b3bcba00ef2e93e86"
-            + "6ecc01e23304ba4cbe362c93c8e8374da81f1452bec07c7f2a6ffcbc9c621f0c9be3c0a2"
-            + "b5880dcc748541e40ab2537940527dc2189528adbe0be9fd17e2704c29beba00b3d7a469"
-            + "e610cc262e0d4b9fe78099822e84da9ed66eac2a567da9ce7a92d8767293bd45a3c29c04"
-            + "7dc10cb0792b224b0eb5e7d590a74a44cc10098595189d3089505b48e4af0bf61780c20b"
-            + "fc82ee694c1ec4b04391a5a302b8529433bf1061db6ab2b2373755f5c6f4e49e3d244ef0"
-            + "80356270a46e94234890a4ada01a26860ae657ba7483a3069d61b2328d9f9b9e9239e726"
-            + "a4cb80bfdb760e8ae3e6d39d7e069e83b872bc709298505406f73de6c1134c6c76552ba0"
-            + "e0d60322476b983ea0f83a37e3c2aa04a95adcdf70144eff8ef4490862acf728b7a8dfde"
-            + "3bbb384e166eea0baba1a261b7302855e69e0c1dd7074e600616c5d987e5b3d4aee7dd91"
-            + "73eaf6d8b63d789b104249790566d942de3757f0b2f07efdfa02cd1ac37d9e0da9ab1e31"
-            + "60b8ef80d48a30d9195bb984f18241afb9e788d81b589a00204f9eaa424dafe0fa18e81d"
-            + "414400b38db77366292a2a202e26bad1fae0e61dbb314dfabbfb5c3bc058645bc03de881"
-            + "c5006c66871541546020c5b27a4cd122c7e61dc1a82ab347810e7751ec76a68c8b63cdaf"
-            + "4e4095e80c78c516e78b298e1d01384895f73f4be1a0fef2771ce52bc16508bb9d1ba140"
-            + "518df0c26e87af648e95d216e035c4af1a1f90c0465082f97d966f5ebeb68cc94bf7c608"
-            + "39ef39cc0dc8975017b02bd690dfa805fab9e8c02c1c617c760dc07c3576708905d266c2"
-            + "5aa0e926e0b0f972d1e4bbecb75baf734f74f939d1a6c54a9481cec48ed05aeabd071fdc"
-            + "accd724446d4aef8c9e58605d9353dfc445af6f9d4f0bd754e8c7173ab52bd3f5f56bf91"
-            + "efa253df4fe7167f72586b2f5fe49715b57571f95bc3d620d5b36d42fc81d4046e19024b"
-            + "4193080c347a294b852e5df41a8f4ca0828eb9ea267fc2ccad50dcd4e2cd14af2cbc6522"
-            + "32c40d36c4bf6ce0f0e71f7b2c2ddb905796a427d8985be173e1b954252df929a59ff559"
-            + "7eb4712d23280bbb87ade4dae58ac3177b553ef9469543330dc1d7bcfa5731e7a6f9ffce"
-            + "5739d1d82a6a67165b0bc29574ee3c7c77b7d36787199bf701ed373cf90c3de9f406c5a8"
-            + "c382f0e2977a3dba618bbcf828e46f148d6bedb9bde07166b6dff4df32c7a781363b793f"
-            + "9f11aa55fe8babbfd068d33466161a3d25fb8e393169647ab6de7e28b5b366c817e8b55c"
-            + "61360b8ef55a090391e4f9d009cc98ef87ffa51965dce5455f1c1cd68d7a8a38e06ec8f4"
-            + "ba32404842f6a0edfd3644e490fff75452ca7c0fa40c9fb1b5ed68888f44858ec4926c60"
-            + "745a49dac5232ae4cc8151c12a586c88ade23cd4088cababe20ef2b4f5986f6cdc809c18"
-            + "cd6808667e8e6e26799fdff35065e90217b0c767b44d7ae18d2c66f51559e1e440126b44"
-            + "8113cf99090fe73644f5ee34b44d3b89e7e08f41420ecadb0b6744c77e4c7aa2a8a787be"
-            + "35c431264b193404b358fee6513962683dd02cfeec587d369c3c37594b4fcaf75aa2674d"
-            + "7e3850d34054b46aae9069964b4c067d37f4f663e21dec921df78cbb26ae40eb3805fdf9"
-            + "cf1a4010db009f1a8d32e67aaecd0a15a54c27f0d16ecd4932809b492861a063a9bb5171"
-            + "79f9c4c9e16d3a413b9bec849d6c22123efe07c860ac4c21c58028d584f5dfefdec531cf"
-            + "5ade3e5ab6b4c7dcfd08d59c86524a0f906615042fe24a53a8ba8f9acdba1a537206732b"
-            + "64c50afbf251feaf5b94287db89c85b2bdbe71269cef67ff40f9bd13a97a018c9597d937"
-            + "8ed078e88faad09fcc52ff9e327bc316dc9f5b38f9f2c97a36ada9b57dcc85a0f6b75c1c"
-            + "04d43db1ed2d5b37002e4c44bbbfc44f6139042deff50c1ee90fb979178437fcfa2561ed"
-            + "131abfe476a3cf937ba9565637d239efe875088098d265a9abd2977f43d84828e010ac00"
-            + "88de136c791ef2bcf0db608b08b7fbf856e19ad699cf3f24459f5f29e5c8aedfbf50c0f2"
-            + "e258ee6322eda0c134c1eb8f800ce6e51e4458d809938182fd2d99b4866acd6d0208ccc1"
-            + "c7eb0393fdd6ad37a8655987c2f0dc3211d65a5e2586c58d66b5743b47c6b8bf0b98bce2"
-            + "30096c054d53e10215bf5c3f370b377a871ea9c5473d66cbcdb81f3a4ae07c20ec55d8aa"
-            + "7975a3a1ba41263656bc3ce30e9cd91084087e3826cbd505289851e9fb025df72c0338f1"
-            + "568c5d5f88e0f8e2cc74c019f412b9fe5911e92875e01550c1d3fae00bc1de65cb32fb57"
-            + "2edb3b37f4f059c1fe17c2b1a71a9c086232747688ec6beb1bc47e2163eddac447070141"
-            + "3f6d5cf4f8ee9b10de94aa8ab9674a728ed80254c44241591c6b6d2aec099ead36a6b755"
-            + "5f83ee5707a85c50aa48b16b975fa354ec409ad2a505241314812da2e89c445d79e79539"
-            + "9fef4a6c23d21d106e347630f83728600a7afd592b5f16122ee3bb77c030b45b88728acc"
-            + "4c64caec3e68c84c15212e6371102c5aa110e83315b4ccc3f3482fe2132e88458dd448f4"
-            + "29ba064027f02029822f2d8b715b014262a1ff26fc3b7fbb9ad99e7a449730e3028ab19a"
-            + "22c2a02659931b194628cb3225b74e72923db77e706b3a1b5038e11ca72ef5a2e4d9d849"
-            + "6321b7baa61a23f7256c085e2f335f5783a71bbf639bbe0de48ebee4a3282ca195a4b9cd"
-            + "7cdac434ab4d34a6252e103559c7d5da26adaf8b78ec65f7208d5ed8de17233317dfd547"
-            + "00de63e548d9580b0c82bbbc345242cc805a6d16c8c774ddde350e4f4a44dd65cdfaf461"
-            + "4bdbc2f07e7d648bfe75b208c455f78f33ef10c96e3c591b5fd6922301b9eff2741013b0"
-            + "3f8deffbae8a391be54fbf3adb2e82c821dad090e5d1cc4c1a9706f6c26f526b59ea5920"
-            + "bd5beb0f797fca552892c84f6e4217ee73940804da4a10bd1ccef2c69ef05d62e418f15e"
-            + "abed1a6faaa755431e5216e320e82e211bc7cca779a87a8c194cf34f7ac87282fb979300"
-            + "4140e16ff2948409418a885b4a5c8cdffa16ea49b60ea25d5f25fd90b100ee1adf81681a"
-            + "9fc8db142d729466325eea688f1216d209f2f58ed12a77d74708079fd959881ebae4a35c"
-            + "106c9996a396db73fd57fc6760dc7e77ec0a11ec6ed99796d84482e7093e1262796a153a"
-            + "10fd8cb1ae7d095bb7b5f7a14d06bb891756a1422662b346696b52b5ba7e55a6a15c8442"
-            + "dbba583bb35fa8ba9767b095c660f3586d20901e0cc8eab6b278c05069f4bc14f745ec6c"
-            + "448497e0c899752a8bebd7410611f7ae2f3bdcaaa437e6d4d5ce0540bcefbd9bbe97bb77"
-            + "52daa87d67efa06c96574a591508bd5f612ceec5637db28ac9a87846213a701642739a90"
-            + "702f2a82cac103a098ff8a7d83452eb0c73d1ca8be74434f96b5928fd5b80d7b9a295c62"
-            + "903bf8b891e499473bdd6fb81c0041cd1c4f2c0519624b7e6514b97dc46d0734c3da6b75"
-            + "baf6e9e1ec6a0bbd19f7584fe106f242cb33cf7073225d7f21ebae5cf4af47626a568607"
-            + "1fa535ba0292b418821cfc881921a44dcd8a1924d628ebcdf6ae2bcbecbb8fcbb01a547b"
-            + "ef79e7299f3723112deb17a8c48c13ebbf597aad43614774ea6b0d94a04d01604cc69a89"
-            + "69e20c46b4aa4e65c86e6d8f1f2eafbac2f6871bb48f5ba95be5070c2ed34e971423352d"
-            + "631b916740ca924e32a3e37bf3b562973bfa921085a8ef11c23f49dcab48f41650c2ff05"
-            + "d01ea7d6c8a3f4cc508caae16d1cd22c6dd9b0ab3b00d17964dc49a0a3cd46c6de66b535"
-            + "cc21859ecda555705d836625493f566aa5bd466bd608a80181fd332b48f4476c00541cae"
-            + "890ffdbd39e7b031b9cfa869ed6d164adcd209d28a23020ac2d84418f8902cef15cf88e6"
-            + "6a61b462db846c1c286a4ec0ddf72b415f6df41cd8a1f399a8929c1be3e33d557dd94b15"
-            + "272543346c474a10f55cc789090994fada9147912759976478c56f9797b72c0e8ad11292"
-            + "2d0da0134c32d494a648dddba3fd3ede4cce6dac13fe12eb73cc6e2caf3cf4b0f605d165"
-            + "13e327c4d0f259f2b7b74ef12bbcaeac489dda8d9221a67ac2b2e8f7e6a3fa26e0a8c70e"
-            + "865a702327bc643c509942133e0234958829dde872eb1b9563dbf8410690dcdd1c2f6b33"
-            + "3112d10d1fbc139e60d6b28be628bf0f6b4daba3f703b1415b83234404e40029244b0afc"
-            + "7908b9470c2761c57f7dde1c2bcf0ded8e8e582d1d55e16bb3c488b21e526ffe79674346"
-            + "a464dc905dfaa9e31f509c4e7674d0867b775a2c05df3d24139cb630aa3a5427c49a9a1b"
-            + "77a9e2c9e6d31864bf7421fb2444e65c0e82828ec9df8163df91dba7cec6c9c2dea44fb9"
-            + "bb76e05326e00816f379ded481ebd86beb8e31cf2cfd5414e9b667ee1df4bfc1325b4bc1"
-            + "960023b9be593a79d9fd77bdc4645dac8cdea884e8e91dc5eb0c566ffb6d5dc0c76f914b"
-            + "a1f906fb47187a2b51b18b5ffa9b5dee44fb5190cfb0bfe7b88da4940edf319981090a9e"
-            + "1d47a490f0ea0384b778231974d5e00fac373a180987419f520d971a4c62e8dc275ec883"
-            + "d0566059cbe85329ea7063d4d7d8bf3f43f0baade5693c00c1db1d9f1fc43fea35b0e133"
-            + "5ebae28d07411d27a010b7bf5fcd8a31467ae051e12793864c9f8c33a1bdc9c345e65a7b"
-            + "82ca1c47a8a7cf1cd5a394ca0ce47d0d3a92266a645d52ed6597742597b4c82e90439be2"
-            + "62473e9de0520fab2bdf89d1da3232c8d0c41a356c62486931f0fef50bd6c583e52e9db5"
-            + "cec0ae3a20c5ad66303648c8e92861ac62024dfe483a9636b2300c71c0a362b59ff0ad82"
-            + "ab356802d6347be916066bc47be137a745aa550bb429c8af3890002bcd2ec56d62c83a34"
-            + "d2c7e0d6985f2dd9d4c5917f659f2fa05f461693d012a25b24bbbde2a97557895a3d639c"
-            + "99e1b8d91c9dc356bfeda2856d8ddc9e8552b436202efec45c586dcf51c98fc2d0996b77"
-            + "c2c620e5692922307c7e37ae8180dff59d9b751a04b8e102f485fe8676e78f162d36940c"
-            + "b15a0371da7cda3312db6b22e068368f90b2cd7eab97e391867de4e93f57e897f90d23e0"
-            + "67de85417bb01c6259e56c2c2e4236246f35f0b30dbbe836c342ed5123fa68ea3502a772"
-            + "3d212561e74b1127aa82def3052b2050fa6144e7ff8c462410ab81f2a291ab09ce7a7aa3"
-            + "3e6a7a72080a4d3f0edea734f016077127c29a205d8eb1eeb2bf9cd14182ec2e390e33e5"
-            + "e8cf086a3fa0cf5ef1cf6ca9df5dbae8aa0651a590e2b1f8d7f8d97ca9c7041452916ce2"
-            + "78669e701edb863b7eb4841f43cf89e53f50dcc58446aa9c1c4807ae7cb6923ac35e6f31"
-            + "7f77022d3bec14d2380ee869c2a5fe784c3f2948a085e8691151f09f9e1e8482d24de7ff"
-            + "e55d7dea8636fd6e7d7caf6fbc04fbbae849b9a9dcf3652fb5f8933f062a44ec5f4118d6"
-            + "4cf44ffb304c1fdd007c3be159be6190304801e5398fbaf83e89558441aec2e939be744a"
-            + "cf9444e44579b7a4948a3d4f95c0763de6a44ea062aefb1d19202d0c8cb28767e9c8dcda"
-            + "f558200656de27146d53295bb10ccb534e2aeebe0d79f8f7f3e9efaa7c21b2274d3d63e2"
-            + "047cf0760fa4c697f905207285ae08faff5b49058e817d2445e68b4672cf14fa18de51d3"
-            + "d18ea2377b35786b93b9549b5d328e565a4d7ff9a91ac293d881925849bf41c9df7478c9"
-            + "8aeb9d7ae2955a514e8135d62f473a54a974ffce5afb935d3ef64070dc0dfa797b278ad2"
-            + "980381c7eb53768bfaaacc4f67686d04d0d213f6fa8c4269e7d496ac9703b3ef2670961c"
-            + "dd4bf4330bfd51cb6c5b29725b87ec02f83998c6f8794e95ceb68d2ba476c5ebe4727e3e"
-            + "f02780ecadfe1398caef054ecd302857fa7e08464c3e5a17f30925be183629472c05723b"
-            + "cd5cd903c83049401da96c0e27f50f43657bd4a7b142d52752a8dd75b7ab99f3579f88dd"
-            + "f2d065db84b413286a5756edaa81f7c6c16e0be5065c13073c7d494a10912a005b25807c"
-            + "baed97792be1b31c81176218d3b83f13f233e138ef791268578fcfde4c7256e718d33d8e"
-            + "6c8b8a1a206ad6b7e4eec170e185487cf119bb14afc356ac2acf3a0bc4b4f4f89c790e35"
-            + "3e58506b25ab38e957414880c5bf407fa07479d301594b141348301ac76773cab2673b57"
-            + "4357262fa6410700e950d1997e2bb603422a4f3948545acaad7fc20f7460b89656ef45a5"
-            + "8d2f552c671df53132cc308e6a245e081840a302c789297cce8534e568d7d5872caf135e"
-            + "df67b793349e4cfe9e89f19ebefbfdaad8553c0d568eafa64a21e44d4ccd121ac03c3df0"
-            + "ace06819f6ccba41887c14e8a1331b1f58cc015368e1fb2463aba6db95604373114b19b9"
-            + "6853ceb93078e345bf857b347823aeaa0c6ea2d0f0380bf1e614d70ca14069b75e5dd596"
-            + "f79a1adfd41fd6be048d50d1fe7a1cedbf49f2e06000fd3022aaec322fe384d78e0b784d"
-            + "69eb257a1b5fd07463d446b2be9491c79ffcab9701272c5cacb14a9a87aa46a920b78e47"
-            + "5bb0fcca727d7987c67c71091c4c9e639c536625955d19bfb79a57d49731dddf77c25ae9"
-            + "d2af26a67074536eb75282509ed6009126a88facbd12d159b073ed31eacc07cb1e8805e4"
-            + "1cee8e546343b2aa018520a15c58c515c4d6d4480b1fdf0fdfd4c7dd2d5124724d2ae3db"
-            + "ffead157c5e85d3420d383e84fbe966ceb1760dc29c65c7bf3b9f922b98b2c9e9bff5c4d"
-            + "a4c8a4cb1b9d6ac794278fba2f9b4e7d5f13d0fe524ef62600b85454ce22a23e64258784"
-            + "f67e74cb2b2e3ebcd6fceb8f830dce7fa8a067acda25cf66838d8e43a2b503c0d416af6f"
-            + "2c0380702153e6d4a95c4dee6034a855248c46b6c646333e4a0d40bef18dfef7a087b904"
-            + "d0215533087be78b695903406100d48e51a721b8c3ba3c833580cfb6580390bf329285a8"
-            + "afdc6e7cfa54641d871a8c116ca5761980aa4293207c74bb88a95642733b046c2395eed9"
-            + "143aeae81fd7d1b66d1b91ccb6d5fa402315bb496ba52ce381e4d285950a43c53264a56b"
-            + "9fb5e4e135fc229715889a89b3cbda934224319b570e5b452745decbaa8d2e4d4729624d"
-            + "37ebf5a331a3e3083525e9dc4aad677936183a600372b403c80a04feccb178fbde3826dc"
-            + "d275bb096b6429c8c0bacc09dd401c68df3ed4e7528a5e4345ab2d071f851f0468feff0b"
-            + "bbf361dbbefc076a9a6c740fe2dd16be72338bae45cf624bc00766b8ac51b2db11ef7d50"
-            + "6271a5b6c3c376a606e988c6881d0c1b3b968058223792039d0b1e9c849cc2b08214369d"
-            + "c0e91c8ea5b6fd087d1a0d71d6335eab4c9abd4645914f252e0aa7459071b0bdff263b89"
-            + "3c35d136493aa4ab4035e63ce50cd8392b98e0dbaef300b5b96339d08fc00809d593bfb0"
-            + "5d74d389ae722854e716599ee841fe41aeb34ee811ca30f189f175d8a06b5151ccf35ce0"
-            + "36a8fe18b3f97647a17e730f8220c5cb3b43580c6863639c7a43684bac602d20387ecf70"
-            + "f6799c2e8c4cb1cdeef1fc13c76bce9539928e5b860713a86d586df751cef82837fefda1"
-            + "a289da5abe79b77bde4e8f4b6e76e20b5507e632663ee1fdfef1b1d40ada4c97d14533fc"
-            + "97f457a929519fc611bb305d0a3b09b5633b9b7ee2200d97515d12813236868299d7c8b2"
-            + "83ad064f26d1824423ff8b70adae9b280ce3541753a6d94c3e8ce173ac14e514b287fca6"
-            + "8e28bb038a6ac0b2b5d949492243433c0b386e3076296e15760ed5786df4fdea9d6c4bbd"
-            + "86269fd48455390ef0af422b75f2470d57a4ccc1413ad77f0d2b2faf733ab3952a97f3f1"
-            + "8b8000acb1655bcd159ab8aaeccff7c4dda98bdbc6fcdc71c64f2d22d173191e42dbeb1b"
-            + "18c3f30cc26caf75b880f07aa0a4454974ac07de1e293940a179e30d31b29018f385d9b4"
-            + "1d0e4671ffc30bbf15044cb856e44d2553ae294f39917961687423cafa89761d113b925c"
-            + "4f6b21c240511c2fbacd4e086723aa930f35beae975df7fa2fef1c48790357d75b642364"
-            + "8a4f56d3a9ff26b85588a69a50325cd812b9fdfc70c7f16a78b5b13c2e11e78ca213a075"
-            + "e1ea48cff23b1b0bb73580228b1d16b311f90a33ba8e09a6fae75930d353b3c9b57b25c2"
-            + "be8d3962fd8ee81a168762d73fcd42f444228324394238d78626267e3b8145c73cecd6ed"
-            + "a56682eb495d13fb6de81ec70197b02c5ec77ebe30c07f0a530a31d66a36ae25041774f1"
-            + "25bfade76f33a985857c9b2ae7194dc43667d25e8fb4eac1e2d84b6137a64b5c1ed392df"
-            + "d430b66aef559a621a4e0c469e908634d94e39337beedffa41d7638d3dfd432faa157898"
-            + "2f32208038675a9d9846fd6cf2acecd22f72d07ad0fadce4791478780c1d8df0ffa59aa1"
-            + "a9e06827b053cd51b5a84a3b3ca459c31d2ad48d0a69782798308d1864e097b04e3a0440"
-            + "42520a7bbd8949ef7d8080ad396ac086ea1820600015d0224222b6fdb9d5f62595e486d1"
-            + "f59fc9e8d83f0bd777bd0d92bdcf1aaf28d4f1bf1a0add96a23457eb053f383cb0a61920"
-            + "0a7d2735e0d87e8d1f4af946895ff1933b7ecb909d85a143a78ad7d113bd79ecb880d7bc"
-            + "ef0633516e3cd91aa50d9254dfb1a8b6b85d648d9031777ddd0c5d6a7fd01727e89d308e"
-            + "1c1cfcb576332e0b1726b724c6dbe784b450d81d82afc417d288c25febc9a61c99f475f2"
-            + "b7b788dd988fb929e2f4538436c08038cab0cb3770f6cec07074fa23e2b20204bc865114"
-            + "203232b492e0681a31dfb3";
-        String expectedSig2 = "000001994b105a9224e5edcbc265ef0a76939005cecbe87097134c0b52f1d1a41270c2ae"
-            + "1d54c9a9c7b7def19a3bf459fdbc5c47275e9e4c2aa37bfc97839d9996710cd50ceab45f"
-            + "a2ec26ae272a2a3797b580ac874bda3345cf56e069b6540ff8f6032eb07d62659944eb57"
-            + "3c33d71058e500018bc8776f1c003171c8e962d41051f29ea36dd569ca57b3ffead498f1"
-            + "081ffb38cfae75b368721f67ec1d9b5d7f8e2913d63f309cb0aba8c572728b11dace05e5"
-            + "a00180073940b13ccbbbbbc1f8228c9bb0ffca4ed14934fbdf189888c9d6f9b53fe29727"
-            + "019cfd06da3ee308870f2e980e2279409587909ca6970a57267233d8856fc9d53e7be095"
-            + "8bdbd3f465429fc1c5d50f6ba64525ad06a238a3959a84c2a1e95e95a59582089114ac49"
-            + "7f13b24d035e01580f0f861b78df39f21fb4448e61c9a30baa20ac8694ce84606c7e63ac"
-            + "0aa380cde7a0d30ffda28d9753088163966cbd11b6f55533801d953e787bd8544b97f6b9"
-            + "3149ef0227e0ae15a900e70f71d1f16374474bd99023fab5eed63e2be6da822d975719e1"
-            + "3e81bb4890503ba9c222bc8a448d51fd233fbb104f80f5c66c55962241bcf85221586ee2"
-            + "a390e6220367c9cefccbd66d4c3ce2cf38bbcacb77a359eec38c5b99dffb4896ae34fcf0"
-            + "4db3f9a85cb8225317631d22dc0735addf0d84b8f2d3d9010a3be169f41296afe814f2ae"
-            + "d28076479140d2cbe60c237cc7fcb1ecde0a7d6f11f11e748cee5dd5393a31435a45fbde"
-            + "a245aef1993391d18c79005f1b3074edbe08ffaa2c73262080702f28e6c0a9f408aff784"
-            + "814c37526cad7c5904c3af0b5e5da7e3135191dc4884ad167b5ae1c86a28e5a0c635b2c5"
-            + "43465bfb2966874561c246ef224d0719aea811b63a91191990213cbfd8ae463eda47b2f0"
-            + "43afc2540d3afb0e4e0b5edffe0a8e906e557c3b84c154ce0ddbf44ee38d0c274e5bea1c"
-            + "6b6f36e83ce2374ab0aa09d51d881e768dd35fdd5dc0b208eca802e241626385ec46cd04"
-            + "f57110e12dad60b89eb0dcde05dccbf7c06718f5e211382af998107730aef24245b89ef6"
-            + "765456502e9af89e59b625ddfb50114c3db753eb15eace8e4871f2b4a49d7e67b0bec3c8"
-            + "f649c46183ae53b516454bc55ac1c79a6f97ed70d530ad84e371e3c8f3dc92407cb94f8c"
-            + "e14f76799c58f7f2fe8313cc33578764c849fb1ea20e58ad35e5471ba50b665390c76f31"
-            + "30ecc7811e84e394a35bf0859a119f97258de1833565d8ef142c842b3a27a17169841f21"
-            + "00740f8f0b55c90ec1573e660079653bfb0a45d17f5396aa2220e55c1d23dd9b79df765a"
-            + "c64fc2a9442ec286422e0af685e1ab72394934ee2dff1801a5859202c015e30f60ec155d"
-            + "0b0ec39cfbf66eb7ffcb3b46940c0aef409adc181c55c5328f671b6e0b5d18edff0bc335"
-            + "ebd2ca9afdc73dab4955f250874ff7325655ba9b3b83ebb460193e323bd86c7a5799f863"
-            + "816b6cf12006a2d114c252807eac1eea86a25e81d51728b6271aff7dce942044fa5f48e9"
-            + "4493e250c6f62d0f0a39cd90b499c85f059b2e8cc6bf85e0f2fbfd5b306088c13384757a"
-            + "9f6d053e682dd57aa1690b4bbb878f0142cf1fb2b9934be9a6c3638f4e360de688083fbf"
-            + "f64bec3b33762de91fb61571f754c2e6484234162b2f2d17368a44051b4d3c460077e227"
-            + "eb148c67f555bbbad500bef99dec034f6126cd16fcd6372e243f72dcf15bcb00e3e9c760"
-            + "0d6d31a48b97106f8a2cfc09e96254dd6474969304d3eaa4566c96fd7f0bcf20570a5a40"
-            + "1a51d368c775f81b58b4c55f8c7375ed9c644454a09740a7b92faf985fa64783323895cd"
-            + "914cb6c88c9f1d58baee856151e1bb042fae42aeb3c8a1aa1e0b6fd26cfd8158c25af30f"
-            + "b98aba4b1caaf5dda81fc4c8327286572a8a230e5fd8755e6770bafb3a0bf1f85b700c98"
-            + "5f53d9713e7a9e5ef04856c896a10a339402553033f36aef7f1d79e6c46ce0398e0504a2"
-            + "487feae2095ffa48139673a4cdc293333dd58ef482f38176de306f921e69bc234f599972"
-            + "636e8c16889ec9e1096767674f9724ced0597ed754123cf301c97ed763d537750f079351"
-            + "019448ea2897fb51df298c1e2eb4c2e27300a4924d7ba5eb33596589d34722068c6da4f6"
-            + "df3b9f98899812f47f799e8fcdba4988e38e933c3f751085890c164557228543f2862e78"
-            + "6e579bc5be47ff69096cf9677468dc96b364e1e7bdf9492d254539aea7b9c4a646859fff"
-            + "5c56443087ec4c9bf6ba8a523d630cb6974697183a3009ad8bf5d74749e5707ca39bd818"
-            + "e42d47f93e68938e8194411a1498065f3ba1b2c755c2f702eea34bd6ecbe7d3e1dbb0108"
-            + "152bc8822714984cd750a0a7ec6bbbd70593e515a445176e989fff9f6afd7daa6d7e7df7"
-            + "1612d196396603653b949e86642d13c953eea461507b91367a9a31cafa464d250de18f25"
-            + "719a601e7b3a730673103d7dbf20cea73421ffcf62339c352f69eb289b681d78f9f1a256"
-            + "c2941c40e2ce2b85c2474b7bc7aae399751ecf1b2ac8fdba9c4725fa8b6db283614cd13b"
-            + "b55966b7eb7ecd9a97dfcdbf1f669333258f65846d72c0b2245135d58e59435ea5a3855a"
-            + "cbaae2f725cc6b4f35a82a38da8927c0410516173552d054d0fb69808401ae1df88fee5c"
-            + "cea1876aae0960860bc46b21504c4ddad287a4b51dbc0490d1c948f8c95d7f793f5f6491"
-            + "356138d54641476fcf4fd0cc70a2e854fca947ddc79a823af0b3ea0d73a5f5e9e6102772"
-            + "0b9171c6830aca146e8cddbaa77a1501ab51a76d278fe2ccd9cdf2257468b7be7e64326c"
-            + "6083369bb86d9eec23dea1644cec11db72bbc842ab5ddee8eda08d0348267d48cecc9e37"
-            + "ef85d5ad0f93dd623a2db5537210b2762ad77a51ed8bb9019185c001f9f1e0de6fa0d8fb"
-            + "1d796f0e4e975468922e452b9cb4cb00eedff3416a03c80610d970b4ea5169ce43524857"
-            + "313a22a32b58d2b68fbbd99fff526793ab2ddecdabac479b14dad1a5adc3c5e82a34f307"
-            + "277b9a09c038aca00a99ff63060dad783e060e4cd9d59cbcb2076d6293d19fcea9b90c00"
-            + "398e7740910f425703a0da099490e3b0472db2a5b2d2934fff8302e88ee8c6fec5456a05"
-            + "676c14a53ca7eed5485f4e4ea42198251142aa2cdb5a9d81a0c7a98e2c3c95bf96e73c68"
-            + "c78d467186eeac1dffce382df7f539590f78d0173d3acb9a7bbda54a6a4076d336b5c085"
-            + "7fde4e1e6dbc6cfa548668cbdd655e2fa2b4a13aa93fc46b4bb8bf3cad806fdf2b8e6a76"
-            + "153038370eeb6024ec9cd86b07d85167e5e502c424d56512c2d24a8bb30c822cdff17ca1"
-            + "a311e94d4f049163678cf51e2f6162b06e62c171ddd7f18314bdce08936cf7815b9ec824"
-            + "0e8e693dc9e567fb7238b6d492e602aa4582434eb270d53f66898b6bb6a1d8f4ee2fbeaa"
-            + "244604dd1340ed2fd6f0ae22f872a40d61c334473b2cd3c1a9433979a0c1a3f5a483e026"
-            + "d7b052c5651fdf224651ccdf2b0922685778a77679d7a7d8eff40afdc275f475d4298de7"
-            + "404df9e8b98dc81694837fe74e5845a71c23e6f03c98528e7518706b90098e391e380c7a"
-            + "89893a04c191358d15e1642ef942cd7be0cc978f58ede44df855ea01dc8e9292a7d1fb26"
-            + "c47a6b1a394c2ed171e13a70a15d86713531be57538d0baf2c3806a9298e7411de821bba"
-            + "15ad13ffb9782faf718c3ae85e48b69324926ec5d87783ec00ebeec771dcb9fa1133503d"
-            + "294c8bbdbf3dcd08a2e117857200005270ea2c9869d871c3f027127a4f6354c87c095339"
-            + "34b8523104eeff0b15893d78fb6bc65b7cfb1cd711214b70849e4c07f137eca3a98a68d2"
-            + "b5e21fb8f0b8bb275f5b551ca77373066a7fbc0b8fff4925d69482ea20e10f56bdf42354"
-            + "24678d203aab87c22473e3d7a6bfecc69f29134b5267bf710c0b0c08f6e92a3d98f4c076"
-            + "e15457ec5a8683aa8b42ff2b400a294433432add3db210b56bf6e358662a3f70825c43ff"
-            + "893b1baabaf5fbe8f6d5ad8d10f01405e9c88a81373dff3f59e757094cf5a243548e8db9"
-            + "770d99fa4f039234025790e29f36fdf3d2cdb1b702881e9d0e5dca476cb5006713e6e793"
-            + "faa92466381b8c1152b254b8a002888a558da3a10cd03b40c3121825520c3af0fe188cb6"
-            + "6a1c27d3d2d0a6e5b7fc91d2d71ae5212088f337ea64bbfee2d32f81dbf579ed0b8b36eb"
-            + "13cbabf043a74ae836682e48ec90b73a1d43e562296a5fd290558bb0b54cbfbdcc598677"
-            + "a062264798ec80d8fccd138444dc5f788a83fc72f0422959e942d4823453c811c93dbef3"
-            + "eaa25cf95a6c52ce4dd99191f3993d2602e35a494aa930b89ec817200405fb9a51a34ea1"
-            + "b34e2110c396776717dc7e84ecb95352f81e7f00698ce48fc30fead202d2bd0d7d9d3ac8"
-            + "2e8d4582588a6073a8255eb5760d28a1e136ad40b842a18b0acb5c475141bcd6633b8cc8"
-            + "67d8abe2f8faff2ab992fe32abad052bdff6a16f2a6a0e8babfa68e59c862ec7a1c25544"
-            + "39c735e1c42310f649109cea6a8efc58130037a3a5f25966520e85321aa826a4c5c684eb"
-            + "4f7d1dc74c97b4603419df4f257c613a00c351962f4c154897328109494629e64a3984cf"
-            + "42c9b0b58e9cf65613040a20a63b4aa24f4844c2b6cd99049298bebbaad1e96f98811cbb"
-            + "7fce15c3370c86b383386d6b3f17d46fd5a998f0d7f3315459f6b0601eb5af6d4c73d8ac"
-            + "29bf03eb11f0bb5b528202404a5f02766f0dd60772e8435bf2e996c7e488a8508d8aa30e"
-            + "e3ecdfc5053f14fd70b2b11a75d60c2ecc557411d1fc6bf6ee2dededa3b016cfc680895a"
-            + "2f3733f57f9a69368101f10bea1d862c71e45a3c9e78bcf164b0c18070794187f0f998e1"
-            + "d38b03503121f5759c298ee10aaf083ed7ffea7573fc4e7ae46563229979e8bcae0ea5ca"
-            + "6bee5f7d7c7c1515056df6db5252d043730434d4900408dca27fe2628847002db7671de7"
-            + "79e350273236a614716d8dd0971816fdba911f82e35c4dd85e3d60d74c968e623f661a25"
-            + "0489a77ec2e04005dc09630d0d3c40fbbe567c19378587f1850c9161335b0c62a2dcd7b9"
-            + "ea3cf9cc8693989705e19c24324120a789b2e02a67b86c89a1a753c536027d1a7290d16a"
-            + "0bccdbab19e1f0b855852be5744c4fd3fb3cedcee941e89af8b2664611899c9031ac23e5"
-            + "5c9cb583c1dc185f0ca3f562e4c15440d66e3e173ce4f1feb0ab3b12668b9670e3ed6487"
-            + "2ac5c26fa422ee686aceb141b642c25281409114596eab784c263acf5cfdc25ced796c1c"
-            + "660b71acd00d8eebc3b9343aad88cc9072abc1d0a0bf9b39a0513a85ded70261b4dc5a30"
-            + "c8b77625944e50dc3bad22d1e864d9298aeb58f257ebee0edf742111f0d41889bad23705"
-            + "81d3e8953857822b8dc368b73f04c22e4d83f3b3c155a53cbc33da680535b6ed236cf26f"
-            + "a4ae5ab5e0b244c0c054e203aed4d661e9b6c79e43a43337ef5510401d01cde4556b0af8"
-            + "46833f0b97f1d8a06aa0d97f20f39fc16bb1056f599cb9fbc25299397c277a059429c463"
-            + "f1ceaf360d75601dd0f975e88dd60381ef0db76fdca1b55889a9f770857fada11e17894e"
-            + "c3c849cc6cb264ec9fb93853402e888482f28f4a57faaeef5ea9676137a7cc855dde32e8"
-            + "57ed52874d3066c7965dce2f0301dfa47faa3c9eeff43f10ac6a374deff4a06d7cfabeab"
-            + "463bfe6bbcf14d1081f8d5ba889cef409bb5da1959c74b40c5048b8861b4fe34cddcb663"
-            + "10a9126722bb297df7e8144d0e714165becf777dc8200365c73b5b86a8b7684817334427"
-            + "3e3ffc29191f2b51b39521f9419d604f67b1a628e3ac9eb2fde8f29367cce39fb31e32f1"
-            + "4dc4c64e6fdbca12bffd249ea16bc2314ebb184fc7065f083ccb7d1d8a78d6d3e0a3c747"
-            + "2254f9566c334dccbb17df4adacf24e2682559989cf0209b80f1fbd141b0a8de8ca2e8af"
-            + "f3ba7b2d5947e751341747430ed57b02519bdddf42f2701389fd3249809dd0a7bbdb6d3b"
-            + "8ab9f9639d51dc9bbf201f6575a02319b4948039b423633c92c0f51c6fd32c1d2a52f7ef"
-            + "925d33443521dc228d7ccef0f1ea20433ab928157443677f15460ba97ef79979ed53c6c2"
-            + "59fc0b016c7aecbd997bdae8c0366656dd979074ba42c31b8664995e5e384c941f4798d9"
-            + "d67c0ec89599466ef2048f67dac2462014ae463a3a5b8322638a329799b1223c98ce5ccf"
-            + "e1a4cb682a2f5f08d9fccf05b5e38c9882b49a6ae467b8232f1652fbfa90c66190fbe8f7"
-            + "debd0653fbff088a039d833f9e98d853648543bb60eb4ed5c4e3ec2c0480a7b2fe85c324"
-            + "c4869aa01b67a73204b8f0cbaadb040ed9dc55385c60d3dcd27ffe50373117a2e90185e2"
-            + "cdd4c636e705493ba1a31ccd162862510c0eced86a4c855db8438d59727705feb2533f6b"
-            + "4d520028d4d76fff9ffc3beca001547c5a60c2275f2cacf4c0cfb039579dfaf49c7b2641"
-            + "c5799576ce34d342535ee5fb0217eb2fa11e97497f0db7a370dfcf5f62af311eeb33711c"
-            + "febc494919332b30a705273d0e81affe2570e2d7fa60b7f8bee710f05fda3cf2f2b0ffe8"
-            + "cb0d58a8d0d7e3d0261052970b75d6cc1d359f631f4057506d80da72a7aacbbd2c4b4595"
-            + "197a04b000ee19968ba5330f09928d323e6ee9e79d29a5a782284ff77c0548e734836a3e"
-            + "267d7f400ba036d2307f8046ee354c7e38ece1c56d287f97ff8e15b863098124a8db672f"
-            + "b34d03d643985e792db059c186ba0d942dd9c8f07edee0fbc32a306a665d12fcf1604c64"
-            + "f8907cd11fbcb6b2b10aba8360487da02a36afb3394cda20a86831da07ad163903accd4f"
-            + "187c04e8f7338d530e26b8900dc7498e2ca5e0a5a1c0ec5c3fb6e88add97b0494c050f89"
-            + "36c1e47556abefb089e47e4c52d5295494507a6c2986587362e0a38cef01abb5e1869b72"
-            + "4da3e4c663311bc7f8690fde3620846175d0bd8ca8b8b988ac5164534fecca9f27e23fc1"
-            + "d69d01b7fc57a3607584318adeee92cdf84316662e8c44336a73fb034b2179e22bfed2be"
-            + "8038184520a30e3f957fe14a9094f02e2ffdeb2f957ad30cc76fd1d87e979bed9eae662b"
-            + "f90f9402ea80103a4f0d443c1bf8b9c849bd2d8e926278ca480cf35f9c25d5ccf9b2de06"
-            + "1b76f31e47e9e5dd94bc0d46e89b5a7d39eeff7c450f527fad774238b0555b1aaf3241f1"
-            + "27adbbce858153e7a0c53054f0de415c9e9822f50d707cd54c3adafc517b6f83009b02c7"
-            + "faf1b891467dbe41671a164d265122e9e77330e480292b1454b6b52ab209e4a69245d3f7"
-            + "b91c2b2387368acf126f8e59dfa1d60a601b11c1f06f2b77b4a955cfc993938920584c86"
-            + "067bce8a9e8c8820d45f2e74223b3f84586cac70e59848171b546b450227d68e802878f3"
-            + "c8b2abffb375b8ea6c3b5ef1cd6c93ff514664504d7c16e6c53b7b6377528d865581a631"
-            + "76d5e5748251f5e5876008d95aad25dd6d3420505a973b99ccb45b8318cc3b7fdfdc2b61"
-            + "c46634b3eb9cbaca52cba4deea66480e72ab109ab9125c9084ae912770cda9a71d4e33e8"
-            + "fbaf8ad2420dd751a71497bdef1bae3bf76ee27ac2d2654ff72a2d0a924de7f4aef3a573"
-            + "4d1c4dada0f9e4783a29a831299af80dfe1ef0387e9c268ecd25acc6c6dd3b1fa3f9d9b5"
-            + "ded2b9c4cd1835c2eebf659b87d91ea29ecfd35405463168b8227636365110eb35093947"
-            + "35f4ef9b97e8e724b463ef5478401ea9ea67cb66b14b2ecbdd77eb62bde4ed9f04a22d0e"
-            + "05d0b97151810724b0ede85ed777e149c6d4fee3d68cba3455fc8b4f0b52011b12c1f4d6"
-            + "62417bbdd549c7beec11303559f656b9cbec18ff0960febba208a2b7d532197506e0c228"
-            + "82d7b63c0a3ea6d2501bfdbbc904b8a2e080685b8591348e5443942a1a7459c60e2a661d"
-            + "2e6b60e95e79d0b34e54e7346580775352a8342e7f8017d8082a0a124d8cc39dff4ba8ea"
-            + "67b5b80af215a6d9db612ee4f3864e309874d5f7623af92ac013144fff8f7f4dcf1ad1c4"
-            + "a34c3a5507cf897f6df7a942bc1bd04bbd25793c68d25be9bc4bc170b15d0dba42f02ff2"
-            + "cfa4ad68a359cce4818e5d4a3199cc4b9bfb61de9c636e85f1553b895fd2fa25efa9aa2d"
-            + "487004eb9a91a869085b3854ae7b08c1909d32d4609895482d64616c59dc2ad593646372"
-            + "cd83a0f836eb6e9cf9b0a6ceb8d585eb615f7e9910d5b551501c2041625f8ffc3ed84d89"
-            + "c0dd7a44e9fd95960cfb24041df762e494dfb3ea59f3da398051032cf7a4ed69c86340db"
-            + "4054b44248224bd4414d6321e5f62767a0b8e171f3aa93fb282712a226bdff9601529248"
-            + "f5f01d6cd849bce142ef25cdf9bbda6d7c41f9ea28c86f918e1884fc59cb249a1495c90b"
-            + "8bc80bf7e040544145c39f30d9929ce5af1eff90eaab34a6b403311e8dba9526ed62a2ef"
-            + "f62abfef405ebba921a3cfa227d7df759f291fc681696be8ccd751acea7d73c5a46c612d"
-            + "c283598ad1f900a84426b22ded887f4d86894221eb08fbda9ac7e16117af2099427aa2a9"
-            + "c80c5e257cceade53dd5263a82bb50b2c5ac2c7152d30a94a15013965083e5e6acea191b"
-            + "d96305845d52748490e0d7b6f2021fd87d58c3cb0f98674633f2d1948cbcf26283f93d96"
-            + "e3d190dec4597cea0d901094152211e8bac1caea98399777a78d50b004dedcd9898a344b"
-            + "0f183bb92cd443ee23217d72ff2452322358fce49b933cebd7ae38738995ee717b6caf23"
-            + "5daa7e0fb142baf37ec671223bfc3cdf1c72033dfd99cf99bfd2f0d6bb036f238208933f"
-            + "c5cd15aeb2c368902e718d5d56dc838668af67e6a31558570ba94b7b0ad4996fc2ce0207"
-            + "44615b6f8f54e4a9a8698b6c668a763429ad9ce67ae3564707cc67cdcf1a204eb1524e40"
-            + "6a6b0322f31dff65b3c24be95f2a2a41a5374a0296df8bbf26f6c91f35bed4f3cca93602"
-            + "161b85c6df668c6b3fb0b64856e7ed6b92dce7bbc22d113c47fb83d73a292574dcb83e48"
-            + "5c9658cadbe9a5ffe3cf7bdad2cb8c2353f7cbd532afdc145418d8da7a120c4eb76b96da"
-            + "e4171ef38de5fc358c018e7ae5cb19114d561f0f8d8c694681835a00f24e6b96ee17018e"
-            + "f4c55a89a6c2e809f84e9ef44eda5b3fbaf555ac559f4bc2f4fdd15db78a71a2703e8391"
-            + "4933c02fba48f662d7132f53c36bcf5e368e3c229f65185ade9fe3c7c22b35b9c2baf66a"
-            + "6d634ff38ff6323500b06b156dd979fa95069e04920ae4cfe3ebdf4a1e9989f2a05fa671"
-            + "f1aee8530aad437486955e8dd550dfa6d14581ec96a461e3c8dfd7e665a48055d75c9d18"
-            + "dd90e25f07b7da7655a00c7772a10cdc20971df1a40e717df3218915b482b4391be25346"
-            + "ec316fd383b073f3cbfc4cb8010d0bcbe46d40547114a965cde92378948d70ad0ad303d9"
-            + "09996d3647076b0ab34f416eb0de2ff650e88fe262a89798e3b4a67800af38e9f4e9708a"
-            + "ba2d8d1241814161a5ea8e8f5419f62d3e1cba998a1fd7e558900baf4884a621c26af5ee"
-            + "596cb9912168a8cb7f794599c132a4f30ec650cf861df285e4ff09b6dbaef83283bac83a"
-            + "1e4d0e748f809c22b95f3ea77ebd158a43c5dfbb4d298975d4f80d7b2af65efbc7631de0"
-            + "2eafc1bdd75c9c604322ed146f8da3d9a605b1e69ec0d22318ebfde140b1af07990c1843"
-            + "4653fde6a6b3705db69abb161f9745c56281e7bb28f12f2d6e8936a64ebb9e6c7f884047"
-            + "5d850d216372ba1a3e024abd90a5fe81aec6e254c516e830b437f94f17b32552eb3b2e16"
-            + "d8c3973d349d7ee99d4b95118e1df2c6b583bebf64a2dcd7b4441b23b9023262f27479d8"
-            + "d4082b2f2f6f7d46e1a8a521a4a504f5f342b92406db51ff275f25b256fce44ee22d1c43"
-            + "8976e9fd64b9dc31c96b72483c22583ef2fc7a975133f0625f8dddf203d526d9380c46e4"
-            + "ad1d78808b5b767a628a78595db123676f094267e89d493294415ab339b8f510417bcca9"
-            + "ec8ac819a70c396a86e7589736179b7bf8f4a454162af1e8415a179be0fe91c30d9c3267"
-            + "7c112b6ef56b69c87dcdef27c68f711d1c5fdc27f5e0a5b2f426753a946413bfa22df63a"
-            + "bef7e141e2d85e5c6ccee03931466455d498542179b52a19352cb5578b8a66210e1db37d"
-            + "efd5b1c973d8dd91e2d996ad67e3e4df65495d6b250df29a4e17fd2ba03cb8d6e5c0b88a"
-            + "25978d921e88fe1f68cbba6fab401bc1e0d092b0cc05180afb6cef33a9202a4841bb089e"
-            + "fe2384d926542fa3dc6eb8ef06aeee4373cf1d3eb62dbcc0a97dc4bab0a66396b8af9389"
-            + "24ff416c6627c1dfc7b9917d5c7c0d23625d6e5c82b938b72b21329b2e89ea867fe10054"
-            + "e01ee7c3692e796788d236af325020b3a24c4cdcc02762ad5e6ea70d5d6a1afb34137ba4"
-            + "77a464cd13c033a8e493a613307b7ee5b2dd06912ec0a9a64d2d81ea4454773ce21d8eb4"
-            + "19daf7686b12f13bf296f959c040cdc4c43a69a580679e61a503ae92ad8d3beb250c9731"
-            + "cd567c7b65ec13154d0b78e38e8c782262895c78f3293a0a1f88910c55fb45ecdd2e333b"
-            + "f1b08cc4e4e5ec856786b549eaebf7c8a56b8a0801cc12c785888b59459551276a5b5ee3"
-            + "932ef0801fd41a977cae1967d3c1e6f9d3b031b3cd01948eee0e11bb504b19b7b04968da"
-            + "9f2157ecced3f493fc0c0f5f22bce33e4b343ac849fcd9d90c133540079d743054f7e021"
-            + "11cc2ee9c239db904ec2d2e8371308163bd104b36fa4c8fab5d9e7845f87e73c83503872"
-            + "35b1b184a29fe6addbf3d33bacb79597a96ec68b2ad564ab631c58d2e613af2a3afc0069"
-            + "2d9c2f6957e9e3713dc942c15162c85658443002dbc22fde900b1b610e4cc1c3c9be6e62"
-            + "30fa3e401f9fe2efc8c58e805ffbad01c28159211026e25e168b7eff128a6d0d4f223785"
-            + "21e3d2b71c936bba99436401ee53066a49a5897c1790f0648df0bbd724b00e28b70e9252"
-            + "528c2319a82a28e97c829c000afbeb414aa0121eac2928c1df2569eb887b97d0f8238c50"
-            + "41afcc539eac5cdf7c2bbd44995a11486d201780359010bdecd3de2eb7ef056e5a376d97"
-            + "2e359fb835b10b3fbf44c965764f8ce1a1a0be53105c316e12ad635287122be7a9b96571"
-            + "bb84749178f0e30cbcbffac9998786424b231c1b83b6afe5e8d256678d019b700cf268b4"
-            + "b780fa0c54de7d5c6d73aa631970e615a3640de59c7e05deb3b575ce031b07520a3cbc67"
-            + "bdf077ec8cafd5d1ee3fc327bf5650371de243dace406685c44f1c49726258927491b93f"
-            + "c7b6c5124414fd5f412448ea50cc9f5114d9eb029dc042bb414496c44ca41845b2d95013"
-            + "d44bca0fe0e6206d0e996cfa2d55a2ec8c3812624581087518f524c243652a957be58319"
-            + "125ac0f1df744bf3feeaf0e51242bf5888232d98fc8eb22fe4d4bf0afb7bb6088e7622a1"
-            + "3a02c68dc99d85158a43ba8de8e14c4d2f3b7c7f7cfc5f2a2a2bb64117c917f3f47c8ea4"
-            + "cdce442dc0f1e6434fce047103a5a2abcaed39f631ba9b939f064666b9a42037d9ccdbfa"
-            + "ee2a84d01affcf8d1c1f6c6729cdd68da6c7fbdf21337d1a04b2b23353b3f0c471db3470"
-            + "f5cba3cb85804a414e0f47bf1959935ab7da803f70eefa76b8a52c9ce07da009da4eb3b6"
-            + "afee77bc4661c4a84c0c433ad1dd3342fd09e5fe76d1e19f53ac72daa711f40259306ae6"
-            + "bcce4d909f0673f8350c3b809c47cb34e40362185f78b0b1614d870872658c944e53e84f"
-            + "de3ea5fdcf649d7299cd74a108b89c3685135752932924a7e435af3bfe5b0c06f8c91735"
-            + "24c77ac95b83bade1a46d8b05f3b0ce3aefc97d6d80d9cf20f4c512cb9a535ca70266d73"
-            + "293cc410e485f745680cecd5fc2f6ed427101a83bee570429775af27d9f10cdb789efe76"
-            + "470425d5db1049952f7f09cd1bf0c4117446a49ffdc7baefa63500d44924a0d0d710834c"
-            + "c12cf9839584d11884ea1e3695a82a3e4aab26e52433a6807ed9ff3183a629bfb66b0680"
-            + "cd2fc1a42cdbdb961c143b0a73838eb4f868d75eef5e1caf4d6537e713ede3bea66c400e"
-            + "c92b13ac0fe873d1b6ce1e341f26ba63676fc8ad1dd685918d32da2fcb1a1c8d506bc33b"
-            + "c71101dc63c5d1933c5010b4cdbcee468f78ad6df53fe0228b4a61e58d0e41d922f6b443"
-            + "71bfca2b0c733fbd41141636752c7e67f478fc59b8286f0edecd2a6418e876ad0e5ed79c"
-            + "c32067798b19cbd6f886e27d3b454a4fb716d21b674ff67baf68653a86bb565d69c36dba"
-            + "6bc96c4b291f56931cf933a2e6e02438359669ddf5e9ec2f45f8d63bc12ebc4653e41061"
-            + "4a1c75cb94fcce34a9436142c3d835948bb23244e7a78f8d88283a142abea4938d673e9e"
-            + "0df348e5c65575095257e87d6491a9ef96458d698068c63620e4d6bc7042c8d43571d2b3"
-            + "9d3e833b4db28c8aee0ac286ec3a372b9cba32f4f15d66ae625974cb7347a1dfddba2479"
-            + "f5eebcb95c8cb33aae8cad5f2a804288266cd766e1b1184fc31bd339a8d81f61c013674f"
-            + "a27447c2bfcfd2fb6c8939e834f6e49063a9ad044eab87d3b9ca0ab5684de341b3edd450"
-            + "da0d6e9c2c635705535c8dcd022979f9517de188e7473155f2ba3c7e217f115661d56d7c"
-            + "86c3e490271c2f965803eeb76db142250b7a73691d238dd254954a32a2804e5c52799862"
-            + "4de030b746af16e8d2682bcccdc68e2d59aebd32901bd22353199ba3ad1b7c2504778aed"
-            + "55f9b5bcdc8cf218d3a6e19f9225e42b8e0935065aa49c831f4216742e201f16c62d2bd1"
-            + "528004d517956fda9dccaae3887179aaf65749151d36eecac985fa0310a61d815ab1b5cc"
-            + "e36756baaacff6151c8b428ea46a036511ba3db424922900f27b7a85715a17bf77d08074"
-            + "12b79dc7e22698aa1b615547ffc18bbcfbf66f54c82e222c066fe627f8997e204ffff035"
-            + "5f68d91a25d07cca0f38705aa8df9103b48ce62b85d0fad764b72b8f020f522c854e191d"
-            + "45c7e10576420279c912f8d3d16e4e95630ba8db0f59c9169019522da8015976b9a2e7da"
-            + "8ef68316acf9b09efb9fcdd712622fa7c2a4255cc89d1bfabd9c48ef7b15af536692c820"
-            + "6ae39ba495a4d07be2a9a574b55639a7d064bc3e555c0da2cb5134560d6dede9d9944a83"
-            + "ff3ac7a839df311a190f5d9b2ee3ea032921e2b7d1df36c0f5239a81927dbcea14d402b5"
-            + "75ffb9d7402de2f4c6b03a6e7a709115ae160087ebe31bc6d96754a3583272072d2dab1b"
-            + "ba21a04872641f86c279e44c8b898fd2fba0472728582f0916a1f2df6e646997b0223638"
-            + "a23405b408aecddd5b1ad27a0e425353ef5ef8bdd282aaafcd96ba2c4f03517829b08e2c"
-            + "a34d922358ca460845276b61f75feacc12942a6cb685193aa246ee91de431d31e4f5573a"
-            + "d5403bc67dbc695561c6888f16cabf67bc240479b628581123c2508ec640ad8b68e0ff9b"
-            + "a7a88c0383dabaa460bb248465a72742d158629fe77c7d54f86487135543f5dbcec02960"
-            + "dee118edd5971f31b2860e271451018288c3bd3e8f60a0b521c48c55b0e3ec1135c50738"
-            + "740aa465d0a00f5d8c072d3823a669262cdd7a76b1696d04d94566caf49091d587c41945"
-            + "c8c3da080c633cf24a7541bb7a888074dc3c145155c2e55870f59d980cb275a926b4b498"
-            + "9994904d35249697e2d8f3a03ad2828ae298c91da45073fe68fbe8b148183c38d5514ac5"
-            + "c27aa4bc300280450c42eb53000bd789cf466613e1f799c6cd8c89a88a155308f732237e"
-            + "3c4aa75adefa0e376d4b6549680aef721f2d1f6499f1869c5d19a1e4638489a5dd76bbf4"
-            + "30f62d98af552e1e323b906a4f297ea41ed799c448c632cd0831352cf61dc5d292b1d354"
-            + "3a23a4df7cf769a4546b627901032ece8a0f7bcbfcda27b1b22bba825049a702492236e4"
-            + "d2de20996c6f80936a8ae1c8d09a8de958916275d3fed29de01a2ac5d467382595300eae"
-            + "cad859f58910775f6621f0189c771189abd494885186d0075dc623bfb716f976bb3097be"
-            + "6c30675096a2da480650a6af6de5677105c808aaf67db6bee7b2d7e8d1b8e754893d4ff9"
-            + "bd0f06cf92d38083eb3a9a1a107209ed75b97b0ac8b033129b489e78a54723d082dab46d"
-            + "1359bdd868d489f471a6aa389757fd990d713c76ecba3f86f6de4e7deb61f59c997b4ab2"
-            + "b313b662bb4a41e8e73ed19f8923629e28af37d986ef4a1d56cbad336f952896256b0004"
-            + "b3310fd55eebb3e2e8b2783efbcbf564b335073d6b54a09fb108e8f385e271514032eed6"
-            + "f095ade61c9287ec968f253d520371cfe732569f52ab9d1f77887f7e737e6b2fe721f3d6"
-            + "c6b09b82b91c8b4212e50aee1a89e6d7f60d9b73f2f59796cc3f1d8e34afc30cc2520092"
-            + "ca11e03a141d45b01cedfd219a7c2e03475475c50000516cf51786c5c87aca790ea53297"
-            + "8bbb106734fe46e51e69faa68daf9d4b0830db5dcc57908abe92535a90e573c60bb65b1e"
-            + "5464c8a60dc4d97068c4fb9647e57ba8208aeea49e2b9a37b79eb01233df8ec8d110a71e"
-            + "f8ec9276b96683a1595ace86f2e6dfbb0514deb91935824fb9b47032740796cd8d90fbcf"
-            + "a899c1011fdff1be10b65d201b92bf7f89cf1ab6b09e925dfaeb43c4febd6941cbc67245"
-            + "5405e8bceea0962549ca51f8081f508cdf9d0ebab48a63942d38f2c2d759489b97e234a3"
-            + "d78a35f8ff140c64e5409d8198264291793e7c5d2b25ae63d62b12de69eabd00d8499273"
-            + "2ae1080ffdd91ca97e5c396f98ffc9b3702c5ae2d9ecf9fc328f0b412dc8b87801acbbcb"
-            + "06067985e3fe7143578fcafd391b62e8e4929969f989d9a6b36b3de7bd1b5d927acf9cb0"
-            + "914ccc051efc9f6a6b1dd9105c9cd8a04e209e59bbe2105c5ec0c39188dcf830b59e05f9"
-            + "a29e39024872f21c634230989a09064b4795affeb43c6827102e1a3d6d9f6d39ae3302d5"
-            + "5af7c941802d1f57bdc1927e46307439e7bfd2366a0bb8efe51f488d88ac523010ec17ee"
-            + "bf976d3d0b9295b04a15a1d74d603fc040d7c39c7496d9118e8315a0cc59bab9670bd2e4"
-            + "bb5a13ddf1c9059acc06483409e8fc6df94b186f1bd91b34c650534620fd0dbc01bb3387"
-            + "7d90be97e16d1c1539933a3f70ef2f47d474a45e270fb230a0381b04cd174cb37a6193c3"
-            + "a21d15ef1d648d147b8054ffda79e6768853cd1cedf6c0abde8b188ed61ae757f62c1e91"
-            + "ebcef592225e2a906b927cbea0561e745477095686e79c8827464297bf57f3047f853399"
-            + "bcc4e623a0a2aad1e027dd3ebbbdbaa56d39f5265efee6362b0609a60b5d2de0a0b7014a"
-            + "d7b4c1b2c1b6b0c66ffb52391859d69929b8e14580398c9b582b4ee30a8e32859ea51a8e"
-            + "e87b9a19a38f43d61e9ba849a02e5383330f213c3ccc95c1fceba1514e21e978cc7fc821"
-            + "7a47fe3bcf8da76f7b73d903d1b4b2bc9e19ce2abc293300d877e339e233a89cf9b848b8"
-            + "412fb2b28478ee71f793a8acc0be59df1ebfc0e9cfaaab420f34e1ed986eb59bdcab725a"
-            + "1df3311c5cc15d1a9e95d4abd02cd554573a8fea97109bf1d71d19009314c0eeb0a47a7d"
-            + "a5f4d30f124f3b3a878375a3f40a35a6229ada4f8ba424b1ca3359e71747c3c4328eb173"
-            + "1523ae0b5e8e9ce200901502db37c216bd8ee04c5ac13b934868dc4cce31b799198ba2ec"
-            + "3dcf38e8ff87a822c6338d529aec616af9c85cabba08c51ae112ca72a2edd9c6bab17540"
-            + "f0d12906a332ac3676df445ac81ac7515d19074b590ba0e09f7f5810e90ec65feda16d5f"
-            + "8faaa335411a6d75d5ea5afeaab398e48f8cd3a29397c8dd33ca3a37c767b702970f4214"
-            + "f54be7c195ce3a7057672f0a372a0a3bd28a4029cb86a0135db6662b577c0e4c22336bda"
-            + "69a525476689329fff05de538dcf42c511602923ec8b6795a40aa62b3bdbd90116671dc8"
-            + "5c2d85d7316a8be107260e66b60d12cb0e264dc6cb95025d0a3ba4e97a19ae8e78588dd7"
-            + "8428f0a6eef5df595811f6163a97f6ce70c64bb25dd6c986477e40e342fe059b241c1266"
-            + "c34e5c02aeb413e1ec8aa74429f5d19392d1f10fc69749e23869f11bc4aefa6456c8e5ce"
-            + "6e39b88bedcd9a7272c9e50fe187c374a36d9343dc2d77b1487a8a50e80f4ad9631d77e8"
-            + "82b44579a9ef3694074b68d3b4698913ac2e3e58e4d53d358d2e578bb93aa15d0532584b"
-            + "86e78a3356e6bdf0f0c6b7d76eb282932436b7658f0deedd2906bf2497b193fe10bc6d4f"
-            + "f1e9ca2f525c3922565b55e176bc55996976db45c8955b45e649f111e0ab6167b291d306"
-            + "1bcc8dbaac26895eb8d753e7db7ab5c49d48f6d8b70ee8e4d58259df5a312d38422273ed"
-            + "b85db0565f1cdb7fbac26101904fa5685ff61993783031c0eebba04e4bb9b8ce016f47d9"
-            + "54ee8ad65acab924eb86f6b742e8cf714313f80d8916a1c80ddabc9b195948b29a82323a"
-            + "158479c0b521be15cd62c46d2d61a7b78fc648b4b7fe594f5cfbb99f8e42b6444612fecc"
-            + "4cfc0a2f9d74797fe73bb8116bfd24478d6d632a250ab166246f8da2dcde53c41cf0f905"
-            + "cf3ec5399ed44976361326c17adec177adadc2fa9b60fc2ff2e3612fc15f703a39bfe796"
-            + "e1aa0db055ea63ab393868b2d211930fd67165cf378ea0ad8de0c629b045a7443fa41297"
-            + "f352d4e577eadffec65b40ef8a598dd9a5a60bd8b6b8bc99c408c05b522498691a29b381"
-            + "06a919a0931019e9d7060dc618275772993a3d747d31f1b463fc9265b746c3d0e964b2c0"
-            + "ed781d2c3a2e3ae08279dff29fed0a5e49a4d70000eca6932abc913317d2bd10ff73cf40"
-            + "141d0adab9460b7ceced7a72569b4810fc34459038e718bbe5d856cfbf09e7f7531d28fc"
-            + "417d14bdb4fdd7ab0156eb637986272cf7d265b0a266826c49f7a6a22b51695bb8b45b22"
-            + "da51950af3fc1d45cb1604af954fbe130255ee7c4a9c72f452a0c4da085f63d00a8ec843"
-            + "c4e28215aa44a048c209178398031ea670e7cbcf13b46eb9b0b14d7bfed4cd311104b2cf"
-            + "bf67963a2a83e334b2ab635c7ca1acfc40d031cba1baaba6fafa28de8a9681838087c746"
-            + "464e1fa8bdad156f3fed84dcdf2e79f37c8448f7972490ebfa5f1fb19685d85303ecedda"
-            + "e64027d4e01eff6bb92314606b7f94d036b048b0f229844d1a1fb27e795d2051eb050d99"
-            + "0be0a9a44061ad3668350844537d2df7f21b5705bbd509c3e2d8e2a5b857f3286b2c42ec"
-            + "d17c56972dc46f81aa042b7d3f3188e1b929cf013d7260565a19e1bcff60bb3f2264b97c"
-            + "55727e732df6ee2ce9dc33768aea3d17eebd7b996d0fd615808ecc224035b21e9d28023b"
-            + "193d60188fa640380f602c87d545376ac5c1649f05d6d2353aa97dea9f01121305f14c0a"
-            + "422066be370c707ede7f7062731d60f191f0ef59c1d9f4c80d33a112cd0dbae024ef0c9d"
-            + "48f9ccf9092f26d5f32fd584211c545c80fe7a3d025d47952682bf3a001a4a007298dbea"
-            + "eb3e30ce86403107caae1559c455110dec4e2b1438c1fe41231786fd0728b2687ffbd323"
-            + "3050be657c6a3949cdc1284b88a9d830a7f3cd30bf4cdf8fc71838a03fea1affe19961e3"
-            + "53482676208856def69f41b71898841b814bb9d1e364d18ee02376dbbad47dd64ad50b41"
-            + "15bb5c40b25602fde40ce05245c343aa430734dd768a3faff36861949af2bb8b6154f70c"
-            + "839a5789e2b4ee2717b90f068e7336139e2fdbb6ce8698be055276aba2904b71d91b02f0"
-            + "eed6edf51d6dfefca76c5f338383b2456fc4c262a45bbc77a2c0ec5fa31df5d299933ebe"
-            + "5e7ff03c0c6a3ec4da17913e7d4a66f575e1041cba43210b367f670a5552e1c0aec43938"
-            + "fca0a0269d2f90adfa36f9dfc1ed826e1b6d5c235c56a0cdda40f135678367e2b31c88de"
-            + "0f246af962b89bd5da8791154e49a359fb3c7fc9d89b6ee260a426d6ce26c896ce1b73eb"
-            + "31a73779b666e343b4dfe65ba11bf5a7ab1d6ef21822c39de91414698b459d0f81c72a27"
-            + "05bc08c76190f32d67ff8be902508c9eff388ffd1bfbf7c601e59aa129b90f875e45dda9"
-            + "107eda2dc9d15478785ce6121938bd299aaf634d9628cd3f8495364f8b6cfb8c5617073c"
-            + "e17818df7bd4c73484ba953277c74becc0943b842bbf42cfa5a0e811f4b66da54f8e4327"
-            + "e0c335ab23bc9e4cdb8b05e6f82fff9df63d949b2897e1dfe9754a8a0616fa32d55e25cd"
-            + "2620f7ef549f9566c51cff7365db7a2e53bb09319e021f5ef265ebdef164fe844d0f7276"
-            + "dcec42ae714388e1aff665a32e6b810e30c65f70b96b4fc9651331f1e549bb51a9d72fed"
-            + "5b9de4802b4da8cef46b4902f5188b0004936324a967dbed9b70f4edae090f43dd963b13"
-            + "2265be0d897092f8310bcb092cd50f6ce6fb133c756c2448b495ba2d4eef0dcd3d6467fe"
-            + "a737af12d41ce47570d1b2b9aea75328d0d684721986cd66bb4333842bb50b69b367ea8a"
-            + "5d0695d690a345f0258012f3e3db9d74b4372f647d6d08141d71216624b2ffa71142d202"
-            + "64d8839b8be50d47247a8302ff2d52524acee80efff9f1f4f0eff23e9255b73b35eaf456"
-            + "d481ddb17a915ca5b29cc530f66e1664815d1f16d3591948c393b5c97ce9fe3a81eb0029"
-            + "b3fe498e611f33bfd84ce434ce49357e42087330b0c01c2c16e6155396444a4b5e8d6c75"
-            + "a001b43b43b4b0d60739a4f78fad4703c2a68b701bdbaee522cde5bf5abcd9413350858f"
-            + "e38025c23d17db8da158989fcfb9e52c283c4dd48112c3817df41f207ab75a6f7536fca7"
-            + "701fb87a24d40da59042bc2a4562133d940d4641653b51d15297f2518ea671cc789e61e0"
-            + "8f5fab391c7eb1f121b7d41c34ba97a47581f81dfcd08e7fdb5256da725bf1b2973d9932"
-            + "add08604b2fd3595eab51752767a900c3977b024f223bd2c4e90fa98afb7d39ae0c1478a"
-            + "6d8592290e59b3858449008f18f249bdd1e50b0a9127e437004469738e15535baa8d0e00"
-            + "1997b4c642ede79aae666b2582305da7000a327014e487c2996455aad3e12746fde8291c"
-            + "7147d29c5de976df6f326d9bb2b520b3672c82310d629d270fbd5834e2773080630e33b0"
-            + "51e8fd1dadc8cec7271726e9f7a02b070263a40a4608b66c5f32a026f5e2aa81e5271c4c"
-            + "bda381223f9a9fe149789440ca9e871a79708e84ff2669580d6baea2f343ba4c340eff43"
-            + "e37d8e226166f6a7127c87a6184936187089fddbc9f7881eaf66fd1743b2b3a4ed274250"
-            + "ea0bd98b9743aa73a438da5929e53456f58165941996b19e2790caec5e7f8007f881de14"
-            + "22bff2d00b217175c595e058dedb4aefec91549f15c626e7b86a65bda898178fa639d0ec"
-            + "03253bf7eb3ccbdf03d1bb29fc0a89fa24a40713d1bed82f27b19e275c76513f73db70d3"
-            + "f9ac37d3177df3e5f8e9aa9991775a8c20e1c14ec6a8ed46c4dce8540fd28f9f824bb571"
-            + "0c8cbc8000c77f1e7be647883420e930a94e18fa6e10b376141f6e19ea09d2e36a1460bd"
-            + "2a0c9d915020cee0d2b6e5f7bf34c34f7a4c98b1c3e3d7b742f0ea4a46e07a7b1203758f"
-            + "0e50fd846bd2201d6a4384dec0fe198a08a8e1ac1ca180b0fbd0e384f2a5eb81044d3920"
-            + "6f1662e9aa45e02066aac78e7a4a6f0a5bbafda32844e70ab313ced85b67c8ce157f4f0e"
-            + "02123a79fbb8f1e99929120e465c0df45d60e580882d4bef28f1d17ad76a3a711f88336b"
-            + "c8f0728c6d859504e1fa58e23f4db8085c55f05d42cf0789e0ed86fb0abcc28a65462de9"
-            + "3b3235eef13cf335bbd840908e5e39680700a52b6df5a27f949463a90e057c534619f571"
-            + "3f624bef9e7486541d011eecf69d2688f250f1035f18ea0d05b5753d6b26bbda5189790f"
-            + "fb7245037e8555a9b459563bc8dc3e374941d3d8fa4780e57e2b14dce8de1270b1b960a9"
-            + "9a93934b02306e449287eaf8f53eb959713a064411527a17316746a310e1098cde49e61c"
-            + "cc69cbdb99ffecc82fdabf8d4c77d19761910a7c08c6700e0ae38a1f8c66335c10fe3de4"
-            + "b2d1e069e6d33493b1257888a62013a3e2930e29d0f34e759a4ed44a7952fd555586cc5e"
-            + "22128894cb6857d9ed1458cdcbc51d6a588a5c1704f2e288a026f7c87b031789bca53749"
-            + "61f64042144f1f4f73756d453c774fb7393c1217e8753a4eff8b52f935a003494eb2064b"
-            + "7a2bbd1825d95be8ac2430e97720b963eb2ebc2cf9bf2710eaef878b84447354174c8edd"
-            + "84e03c107756c49524be4e3eea266a32215a2f789e429c241f6bb4b3fc7c56a954a47aab"
-            + "149b458f1b1865f019bef028aa50bea52d9d34f3890c1e00fd182e6de248d00f45b152c8"
-            + "87dbe63b6837b79cbcea44747ea52564fa661486a769fce752665a059722709a13d23010"
-            + "70b7bd5112b09484f9f281142541d1a664ff7525df6ef255778bb9952b6dd1be63eea311"
-            + "91188a8057620d3a0a396dccc3e4ad11797a113492407b5038ed52fb93df9d79a96b8dca"
-            + "55df98f619e6447a7bdb94e3243cb70fc067d7e87e63d4855957c180ecf92980eece0cb6"
-            + "fec9643d98d66b6ac2cac8313a8e47092f63d963df6ec87c02fcf2bf14c7768fe3ddbd51"
-            + "fbc1321d968266ec524e12f2fad86e6df61e2b38011aebc31d86c6e2616cda44539d6823"
-            + "e73a0966b787f0ec97cde096cb4d96ce93f0dd59c5902660a0b72760c887fc8cc887c5e6"
-            + "591b8b1527a80e039fa85efaf9c146e744da525f41cde7379c0fbe61be15de8012ea00c9"
-            + "1ef0522e9c7f37792819efa1d18583b5afb8f93cf19268ef59a5c89f67d92a6fe5e75070"
-            + "579f0e7f50d81508c78cffc9ced04a3dcee9fe2f31e3153e37fc75f90226c1cf577842ff"
-            + "261ccb3923c499de877a7447200f7bde3077ec129940a69bb7905ee6359d969f20def3a5"
-            + "1edf5b63d265b65abb5e60f845c56da01fd251c76e9fb75e1d8fc91fe34f8c450fc4f08f"
-            + "a6291da634501d6a6ec5ab5aa9f6855852f8ec3d419702c4c84a1fcade037304331bb6bb"
-            + "735680eb30799eda5b53999d3e5941658935b8f289c296701b2fc6e546a2c5eaee9dd9f2"
-            + "c20f645136adcbb9e0588c5f1df68cb5409282655c124115af588693739d34b2c7b16ad0"
-            + "d8255c793c9b2319a8ac9382cf2c7c1ba6739acb1c9d6a382905872ebbfbda447bd773a5"
-            + "e7779c05d49cc9b458d2942d2f2d40eab65da9830d52bbb89d315deaa93b78f3b7fde79b"
-            + "803c3db01e0083a6d8d7fc7dce8e3850e3cf8104f1dd799b81dbaacd11a50ba8b02b2060"
-            + "90ae2d166f5ff1e8cabd8a4559a5e42ec3aafc370bbd856ab20f43871004f43c05ad0be0"
-            + "e3ee5737be57ba4fc831b877178cc591dbb3fea6e925b807aa1acf226efaedab4095b1ca"
-            + "2a2a816d3f46d97ea8fa55c7384fd05b4ac078909d446ab0eb5775320e8e7019cb44b997"
-            + "8a83131b72c6a89d0b58d5ee47459607324229c0868f8bb3af52ee107a2b62ba13a9c259"
-            + "dbd55563d033effcebe2216770fa8aa25d311c744a32f9e527ca4d953122ac7b9b2a815b"
-            + "3a0e02bbb223a7417e97e19f30c4e40f733588dc3d1a69e6da5b0e7dd6d2ab8c82ac60df"
-            + "b55a38ac1ce907a8e915cc8564c1d85b3d74bfe0fe6a1e483230cce75a9a8075bbb897f4"
-            + "ad2bf6d6841078ef43ed414bdd1ae9d6cf7abe4adb8579a4c92abd3c002875ea20228106"
-            + "36f0ecbf5c40e43dc9191710643ce06076dbd1d4aeb38702fa83da29cb567a20e60fb8da"
-            + "fb9552251f1a908ee260bebd8bd1f81aefbc2ecd389a499162aca830e81a60e62a1b3fee"
-            + "0e9b4cf07c2717bbc4209cb7ff4b4f0d26b14cf605a75497bb111a14de7e6fc3fa963960"
-            + "026b9b0db19c6f314c32efdcbd8ec9545fb786dbc3ca1dc1b4e9b1dae53f817c313829fc"
-            + "b43a3b7e7e783cd1fbaa63f2367c5d51cb4f936a84bc7ab004d4be3c137ceabb5252edab"
-            + "0749c067cae8a8ed3e85d160d0dd10564a9587c639121fd4139df98168356341a40fa321"
-            + "dd6e6e76ef65c2967b41e9f8402b6319f8cc5de2a1ec98ca28356a44bae39b66b90666d6"
-            + "213e34909964530189249e91e9e7b899247b278308766d780c4b77fbfbcced4cc39f1247"
-            + "7a266f006ece0ef8695473f108c55b8c1037f037a8f872fa4095b396735ef28227deb33f"
-            + "53928584eef27076fd3c705e114907ff995faf0538534bed514db765a9d209379b4a28e6"
-            + "2077d7a25c8cc9d02563e8fdd5c0ec6d3e7e59ff0a2684bc054a2a9f053ad44e0de02225"
-            + "95eb693d5e06b596a0fb5120a94266c66cc498806ddb359d6de1d7321550d64feca08007"
-            + "ed025ea77eb3ad0d1f2dd47d1dbcf2f6839c274e1059181634a6aa6c683c648c7397b608"
-            + "7e26ad7848e332080e51fef34236ccd8a21b670ee4b6e7cc90af38f2e03d8ba94cc1b23e"
-            + "58260fa0ad6d97842c97cfb5eb0bde115eff312e58fd92268cbeb6e9018c9040776ef4af"
-            + "99a437d995e8e204315212b93ce27d7134f0e11cf0aa1ea35ce02ac2217859e15d97d294"
-            + "4b83f3c2637f5d7da6787f5e65bc6d970c0ea503fd72269459484d7dbc0b386a9971c34b"
-            + "be78357553dabeb0e06a927059c4192a47d2bfc46d71988347d9402f09f94bf723d1fc83"
-            + "a86d80ec8608183f46e59dcda34e6051a8b69d57a067156d21582da03e986c0d01a67507"
-            + "0615980bb80d582697431af346d66fd0b936f15a5edf9e67062c4792f373abc0db65710a"
-            + "74b64a984e3b588a822c96ac1a0bd51ebc7cdea67a73582c26b2005c5b2e886b5cb9d1a2"
-            + "fe8dff7833da419763d144c14b12e0ca3df6e19fc9adbe734a8d7869a25d5f7684a24dab"
-            + "d73400feac894dbbf2aa75f9ea2d3cdfcb9666024cff8395bd4c01488081a3b0facfbf5b"
-            + "82c0c78e9801b68e5e8c5f0e921a587de219f2527911e3b60deffc6b3bcba00ef2e93e86"
-            + "6ecc01e23304ba4cbe362c93c8e8374da81f1452bec07c7f2a6ffcbc9c621f0c9be3c0a2"
-            + "b5880dcc748541e40ab2537940527dc2189528adbe0be9fd17e2704c29beba00b3d7a469"
-            + "e610cc262e0d4b9fe78099822e84da9ed66eac2a567da9ce7a92d8767293bd45a3c29c04"
-            + "7dc10cb0792b224b0eb5e7d590a74a44cc10098595189d3089505b48e4af0bf61780c20b"
-            + "fc82ee694c1ec4b04391a5a302b8529433bf1061db6ab2b2373755f5c6f4e49e3d244ef0"
-            + "80356270a46e94234890a4ada01a26860ae657ba7483a3069d61b2328d9f9b9e9239e726"
-            + "a4cb80bfdb760e8ae3e6d39d7e069e83b872bc709298505406f73de6c1134c6c76552ba0"
-            + "e0d60322476b983ea0f83a37e3c2aa04a95adcdf70144eff8ef4490862acf728b7a8dfde"
-            + "3bbb384e166eea0baba1a261b7302855e69e0c1dd7074e600616c5d987e5b3d4aee7dd91"
-            + "73eaf6d8b63d789b104249790566d942de3757f0b2f07efdfa02cd1ac37d9e0da9ab1e31"
-            + "60b8ef80d48a30d9195bb984f18241afb9e788d81b589a00204f9eaa424dafe0fa18e81d"
-            + "414400b38db77366292a2a202e26bad1fae0e61dbb314dfabbfb5c3bc058645bc03de881"
-            + "c5006c66871541546020c5b27a4cd122c7e61dc1a82ab347810e7751ec76a68c8b63cdaf"
-            + "4e4095e80c78c516e78b298e1d01384895f73f4be1a0fef2771ce52bc16508bb9d1ba140"
-            + "518df0c26e87af648e95d216e035c4af1a1f90c0465082f97d966f5ebeb68cc94bf7c608"
-            + "39ef39cc0dc8975017b02bd690dfa805fab9e8c02c1c617c760dc07c3576708905d266c2"
-            + "5aa0e926e0b0f972d1e4bbecb75baf734f74f939d1a6c54a9481cec48ed05aeabd071fdc"
-            + "accd724446d4aef8c9e58605d9353dfc445af6f9d4f0bd754e8c7173ab52bd3f5f56bf91"
-            + "efa253df4fe7167f72586b2f5fe49715b57571f95bc3d620d5b36d42fc81d4046e19024b"
-            + "4193080c347a294b852e5df41a8f4ca0828eb9ea267fc2ccad50dcd4e2cd14af2cbc6522"
-            + "32c40d36c4bf6ce0f0e71f7b2c2ddb905796a427d8985be173e1b954252df929a59ff559"
-            + "7eb4712d23280bbb87ade4dae58ac3177b553ef9469543330dc1d7bcfa5731e7a6f9ffce"
-            + "5739d1d82a6a67165b0bc29574ee3c7c77b7d36787199bf701ed373cf90c3de9f406c5a8"
-            + "c382f0e2977a3dba618bbcf828e46f148d6bedb9bde07166b6dff4df32c7a781363b793f"
-            + "9f11aa55fe8babbfd068d33466161a3d25fb8e393169647ab6de7e28b5b366c817e8b55c"
-            + "61360b8ef55a090391e4f9d009cc98ef87ffa51965dce5455f1c1cd68d7a8a38e06ec8f4"
-            + "ba32404842f6a0edfd3644e490fff75452ca7c0fa40c9fb1b5ed68888f44858ec4926c60"
-            + "745a49dac5232ae4cc8151c12a586c88ade23cd4088cababe20ef2b4f5986f6cdc809c18"
-            + "cd6808667e8e6e26799fdff35065e90217b0c767b44d7ae18d2c66f51559e1e440126b44"
-            + "8113cf99090fe73644f5ee34b44d3b89e7e08f41420ecadb0b6744c77e4c7aa2a8a787be"
-            + "35c431264b193404b358fee6513962683dd02cfeec587d369c3c37594b4fcaf75aa2674d"
-            + "7e3850d34054b46aae9069964b4c067d37f4f663e21dec921df78cbb26ae40eb3805fdf9"
-            + "cf1a4010db009f1a8d32e67aaecd0a15a54c27f0d16ecd4932809b492861a063a9bb5171"
-            + "79f9c4c9e16d3a413b9bec849d6c22123efe07c860ac4c21c58028d584f5dfefdec531cf"
-            + "5ade3e5ab6b4c7dcfd08d59c86524a0f906615042fe24a53a8ba8f9acdba1a537206732b"
-            + "64c50afbf251feaf5b94287db89c85b2bdbe71269cef67ff40f9bd13a97a018c9597d937"
-            + "8ed078e88faad09fcc52ff9e327bc316dc9f5b38f9f2c97a36ada9b57dcc85a0f6b75c1c"
-            + "04d43db1ed2d5b37002e4c44bbbfc44f6139042deff50c1ee90fb979178437fcfa2561ed"
-            + "131abfe476a3cf937ba9565637d239efe875088098d265a9abd2977f43d84828e010ac00"
-            + "88de136c791ef2bcf0db608b08b7fbf856e19ad699cf3f24459f5f29e5c8aedfbf50c0f2"
-            + "e258ee6322eda0c134c1eb8f800ce6e51e4458d809938182fd2d99b4866acd6d0208ccc1"
-            + "c7eb0393fdd6ad37a8655987c2f0dc3211d65a5e2586c58d66b5743b47c6b8bf0b98bce2"
-            + "30096c054d53e10215bf5c3f370b377a871ea9c5473d66cbcdb81f3a4ae07c20ec55d8aa"
-            + "7975a3a1ba41263656bc3ce30e9cd91084087e3826cbd505289851e9fb025df72c0338f1"
-            + "568c5d5f88e0f8e2cc74c019f412b9fe5911e92875e01550c1d3fae00bc1de65cb32fb57"
-            + "2edb3b37f4f059c1fe17c2b1a71a9c086232747688ec6beb1bc47e2163eddac447070141"
-            + "3f6d5cf4f8ee9b10de94aa8ab9674a728ed80254c44241591c6b6d2aec099ead36a6b755"
-            + "5f83ee5707a85c50aa48b16b975fa354ec409ad2a505241314812da2e89c445d79e79539"
-            + "9fef4a6c23d21d106e347630f83728600a7afd592b5f16122ee3bb77c030b45b88728acc"
-            + "4c64caec3e68c84c15212e6371102c5aa110e83315b4ccc3f3482fe2132e88458dd448f4"
-            + "29ba064027f02029822f2d8b715b014262a1ff26fc3b7fbb9ad99e7a449730e3028ab19a"
-            + "22c2a02659931b194628cb3225b74e72923db77e706b3a1b5038e11ca72ef5a2e4d9d849"
-            + "6321b7baa61a23f7256c085e2f335f5783a71bbf639bbe0de48ebee4a3282ca195a4b9cd"
-            + "7cdac434ab4d34a6252e103559c7d5da26adaf8b78ec65f7208d5ed8de17233317dfd547"
-            + "00de63e548d9580b0c82bbbc345242cc805a6d16c8c774ddde350e4f4a44dd65cdfaf461"
-            + "4bdbc2f07e7d648bfe75b208c455f78f33ef10c96e3c591b5fd6922301b9eff2741013b0"
-            + "3f8deffbae8a391be54fbf3adb2e82c821dad090e5d1cc4c1a9706f6c26f526b59ea5920"
-            + "bd5beb0f797fca552892c84f6e4217ee73940804da4a10bd1ccef2c69ef05d62e418f15e"
-            + "abed1a6faaa755431e5216e320e82e211bc7cca779a87a8c194cf34f7ac87282fb979300"
-            + "4140e16ff2948409418a885b4a5c8cdffa16ea49b60ea25d5f25fd90b100ee1adf81681a"
-            + "9fc8db142d729466325eea688f1216d209f2f58ed12a77d74708079fd959881ebae4a35c"
-            + "106c9996a396db73fd57fc6760dc7e77ec0a11ec6ed99796d84482e7093e1262796a153a"
-            + "10fd8cb1ae7d095bb7b5f7a14d06bb891756a1422662b346696b52b5ba7e55a6a15c8442"
-            + "dbba583bb35fa8ba9767b095c660f3586d20901e0cc8eab6b278c05069f4bc14f745ec6c"
-            + "448497e0c899752a8bebd7410611f7ae2f3bdcaaa437e6d4d5ce0540bcefbd9bbe97bb77"
-            + "52daa87d67efa06c96574a591508bd5f612ceec5637db28ac9a87846213a701642739a90"
-            + "702f2a82cac103a098ff8a7d83452eb0c73d1ca8be74434f96b5928fd5b80d7b9a295c62"
-            + "903bf8b891e499473bdd6fb81c0041cd1c4f2c0519624b7e6514b97dc46d0734c3da6b75"
-            + "baf6e9e1ec6a0bbd19f7584fe106f242cb33cf7073225d7f21ebae5cf4af47626a568607"
-            + "1fa535ba0292b418821cfc881921a44dcd8a1924d628ebcdf6ae2bcbecbb8fcbb01a547b"
-            + "ef79e7299f3723112deb17a8c48c13ebbf597aad43614774ea6b0d94a04d01604cc69a89"
-            + "69e20c46b4aa4e65c86e6d8f1f2eafbac2f6871bb48f5ba95be5070c2ed34e971423352d"
-            + "631b916740ca924e32a3e37bf3b562973bfa921085a8ef11c23f49dcab48f41650c2ff05"
-            + "d01ea7d6c8a3f4cc508caae16d1cd22c6dd9b0ab3b00d17964dc49a0a3cd46c6de66b535"
-            + "cc21859ecda555705d836625493f566aa5bd466bd608a80181fd332b48f4476c00541cae"
-            + "890ffdbd39e7b031b9cfa869ed6d164adcd209d28a23020ac2d84418f8902cef15cf88e6"
-            + "6a61b462db846c1c286a4ec0ddf72b415f6df41cd8a1f399a8929c1be3e33d557dd94b15"
-            + "272543346c474a10f55cc789090994fada9147912759976478c56f9797b72c0e8ad11292"
-            + "2d0da0134c32d494a648dddba3fd3ede4cce6dac13fe12eb73cc6e2caf3cf4b0f605d165"
-            + "13e327c4d0f259f2b7b74ef12bbcaeac489dda8d9221a67ac2b2e8f7e6a3fa26e0a8c70e"
-            + "865a702327bc643c509942133e0234958829dde872eb1b9563dbf8410690dcdd1c2f6b33"
-            + "3112d10d1fbc139e60d6b28be628bf0f6b4daba3f703b1415b83234404e40029244b0afc"
-            + "7908b9470c2761c57f7dde1c2bcf0ded8e8e582d1d55e16bb3c488b21e526ffe79674346"
-            + "a464dc905dfaa9e31f509c4e7674d0867b775a2c05df3d24139cb630aa3a5427c49a9a1b"
-            + "77a9e2c9e6d31864bf7421fb2444e65c0e82828ec9df8163df91dba7cec6c9c2dea44fb9"
-            + "bb76e05326e00816f379ded481ebd86beb8e31cf2cfd5414e9b667ee1df4bfc1325b4bc1"
-            + "960023b9be593a79d9fd77bdc4645dac8cdea884e8e91dc5eb0c566ffb6d5dc0c76f914b"
-            + "a1f906fb47187a2b51b18b5ffa9b5dee44fb5190cfb0bfe7b88da4940edf319981090a9e"
-            + "1d47a490f0ea0384b778231974d5e00fac373a180987419f520d971a4c62e8dc275ec883"
-            + "d0566059cbe85329ea7063d4d7d8bf3f43f0baade5693c00c1db1d9f1fc43fea35b0e133"
-            + "5ebae28d07411d27a010b7bf5fcd8a31467ae051e12793864c9f8c33a1bdc9c345e65a7b"
-            + "82ca1c47a8a7cf1cd5a394ca0ce47d0d3a92266a645d52ed6597742597b4c82e90439be2"
-            + "62473e9de0520fab2bdf89d1da3232c8d0c41a356c62486931f0fef50bd6c583e52e9db5"
-            + "cec0ae3a20c5ad66303648c8e92861ac62024dfe483a9636b2300c71c0a362b59ff0ad82"
-            + "ab356802d6347be916066bc47be137a745aa550bb429c8af3890002bcd2ec56d62c83a34"
-            + "d2c7e0d6985f2dd9d4c5917f659f2fa05f461693d012a25b24bbbde2a97557895a3d639c"
-            + "99e1b8d91c9dc356bfeda2856d8ddc9e8552b436202efec45c586dcf51c98fc2d0996b77"
-            + "c2c620e5692922307c7e37ae8180dff59d9b751a04b8e102f485fe8676e78f162d36940c"
-            + "b15a0371da7cda3312db6b22e068368f90b2cd7eab97e391867de4e93f57e897f90d23e0"
-            + "67de85417bb01c6259e56c2c2e4236246f35f0b30dbbe836c342ed5123fa68ea3502a772"
-            + "3d212561e74b1127aa82def3052b2050fa6144e7ff8c462410ab81f2a291ab09ce7a7aa3"
-            + "3e6a7a72080a4d3f0edea734f016077127c29a205d8eb1eeb2bf9cd14182ec2e390e33e5"
-            + "e8cf086a3fa0cf5ef1cf6ca9df5dbae8aa0651a590e2b1f8d7f8d97ca9c7041452916ce2"
-            + "78669e701edb863b7eb4841f43cf89e53f50dcc58446aa9c1c4807ae7cb6923ac35e6f31"
-            + "7f77022d3bec14d2380ee869c2a5fe784c3f2948a085e8691151f09f9e1e8482d24de7ff"
-            + "e55d7dea8636fd6e7d7caf6fbc04fbbae849b9a9dcf3652fb5f8933f062a44ec5f4118d6"
-            + "4cf44ffb304c1fdd007c3be159be6190304801e5398fbaf83e89558441aec2e939be744a"
-            + "cf9444e44579b7a4948a3d4f95c0763de6a44ea062aefb1d19202d0c8cb28767e9c8dcda"
-            + "f558200656de27146d53295bb10ccb534e2aeebe0d79f8f7f3e9efaa7c21b2274d3d63e2"
-            + "047cf0760fa4c697f905207285ae08faff5b49058e817d2445e68b4672cf14fa18de51d3"
-            + "d18ea2377b35786b93b9549b5d328e565a4d7ff9a91ac293d881925849bf41c9df7478c9"
-            + "8aeb9d7ae2955a514e8135d62f473a54a974ffce5afb935d3ef64070dc0dfa797b278ad2"
-            + "980381c7eb53768bfaaacc4f67686d04d0d213f6fa8c4269e7d496ac9703b3ef2670961c"
-            + "dd4bf4330bfd51cb6c5b29725b87ec02f83998c6f8794e95ceb68d2ba476c5ebe4727e3e"
-            + "f02780ecadfe1398caef054ecd302857fa7e08464c3e5a17f30925be183629472c05723b"
-            + "cd5cd903c83049401da96c0e27f50f43657bd4a7b142d52752a8dd75b7ab99f3579f88dd"
-            + "f2d065db84b413286a5756edaa81f7c6c16e0be5065c13073c7d494a10912a005b25807c"
-            + "baed97792be1b31c81176218d3b83f13f233e138ef791268578fcfde4c7256e718d33d8e"
-            + "6c8b8a1a206ad6b7e4eec170e185487cf119bb14afc356ac2acf3a0bc4b4f4f89c790e35"
-            + "3e58506b25ab38e957414880c5bf407fa07479d301594b141348301ac76773cab2673b57"
-            + "4357262fa6410700e950d1997e2bb603422a4f3948545acaad7fc20f7460b89656ef45a5"
-            + "8d2f552c671df53132cc308e6a245e081840a302c789297cce8534e568d7d5872caf135e"
-            + "df67b793349e4cfe9e89f19ebefbfdaad8553c0d568eafa64a21e44d4ccd121ac03c3df0"
-            + "ace06819f6ccba41887c14e8a1331b1f58cc015368e1fb2463aba6db95604373114b19b9"
-            + "6853ceb93078e345bf857b347823aeaa0c6ea2d0f0380bf1e614d70ca14069b75e5dd596"
-            + "f79a1adfd41fd6be048d50d1fe7a1cedbf49f2e06000fd3022aaec322fe384d78e0b784d"
-            + "69eb257a1b5fd07463d446b2be9491c79ffcab9701272c5cacb14a9a87aa46a920b78e47"
-            + "5bb0fcca727d7987c67c71091c4c9e639c536625955d19bfb79a57d49731dddf77c25ae9"
-            + "d2af26a67074536eb75282509ed6009126a88facbd12d159b073ed31eacc07cb1e8805e4"
-            + "1cee8e546343b2aa018520a15c58c515c4d6d4480b1fdf0fdfd4c7dd2d5124724d2ae3db"
-            + "ffead157c5e85d3420d383e84fbe966ceb1760dc29c65c7bf3b9f922b98b2c9e9bff5c4d"
-            + "a4c8a4cb1b9d6ac794278fba2f9b4e7d5f13d0fe524ef62600b85454ce22a23e64258784"
-            + "f67e74cb2b2e3ebcd6fceb8f830dce7fa8a067acda25cf66838d8e43a2b503c0d416af6f"
-            + "2c0380702153e6d4a95c4dee6034a855248c46b6c646333e4a0d40bef18dfef7a087b904"
-            + "d0215533087be78b695903406100d48e51a721b8c3ba3c833580cfb6580390bf329285a8"
-            + "afdc6e7cfa54641d871a8c116ca5761980aa4293207c74bb88a95642733b046c2395eed9"
-            + "143aeae81fd7d1b66d1b91ccb6d5fa402315bb496ba52ce381e4d285950a43c53264a56b"
-            + "9fb5e4e135fc229715889a89b3cbda934224319b570e5b452745decbaa8d2e4d4729624d"
-            + "37ebf5a331a3e3083525e9dc4aad677936183a600372b403c80a04feccb178fbde3826dc"
-            + "d275bb096b6429c8c0bacc09dd401c68df3ed4e7528a5e4345ab2d071f851f0468feff0b"
-            + "bbf361dbbefc076a9a6c740fe2dd16be72338bae45cf624bc00766b8ac51b2db11ef7d50"
-            + "6271a5b6c3c376a606e988c6881d0c1b3b968058223792039d0b1e9c849cc2b08214369d"
-            + "c0e91c8ea5b6fd087d1a0d71d6335eab4c9abd4645914f252e0aa7459071b0bdff263b89"
-            + "3c35d136493aa4ab4035e63ce50cd8392b98e0dbaef300b5b96339d08fc00809d593bfb0"
-            + "5d74d389ae722854e716599ee841fe41aeb34ee811ca30f189f175d8a06b5151ccf35ce0"
-            + "36a8fe18b3f97647a17e730f8220c5cb3b43580c6863639c7a43684bac602d20387ecf70"
-            + "f6799c2e8c4cb1cdeef1fc13c76bce9539928e5b860713a86d586df751cef82837fefda1"
-            + "a289da5abe79b77bde4e8f4b6e76e20b5507e632663ee1fdfef1b1d40ada4c97d14533fc"
-            + "97f457a929519fc611bb305d0a3b09b5633b9b7ee2200d97515d12813236868299d7c8b2"
-            + "83ad064f26d1824423ff8b70adae9b280ce3541753a6d94c3e8ce173ac14e514b287fca6"
-            + "8e28bb038a6ac0b2b5d949492243433c0b386e3076296e15760ed5786df4fdea9d6c4bbd"
-            + "86269fd48455390ef0af422b75f2470d57a4ccc1413ad77f0d2b2faf733ab3952a97f3f1"
-            + "8b8000acb1655bcd159ab8aaeccff7c4dda98bdbc6fcdc71c64f2d22d173191e42dbeb1b"
-            + "18c3f30cc26caf75b880f07aa0a4454974ac07de1e293940a179e30d31b29018f385d9b4"
-            + "1d0e4671ffc30bbf15044cb856e44d2553ae294f39917961687423cafa89761d113b925c"
-            + "4f6b21c240511c2fbacd4e086723aa930f35beae975df7fa2fef1c48790357d75b642364"
-            + "8a4f56d3a9ff26b85588a69a50325cd812b9fdfc70c7f16a78b5b13c2e11e78ca213a075"
-            + "e1ea48cff23b1b0bb73580228b1d16b311f90a33ba8e09a6fae75930d353b3c9b57b25c2"
-            + "be8d3962fd8ee81a168762d73fcd42f444228324394238d78626267e3b8145c73cecd6ed"
-            + "a56682eb495d13fb6de81ec70197b02c5ec77ebe30c07f0a530a31d66a36ae25041774f1"
-            + "25bfade76f33a985857c9b2ae7194dc43667d25e8fb4eac1e2d84b6137a64b5c1ed392df"
-            + "d430b66aef559a621a4e0c469e908634d94e39337beedffa41d7638d3dfd432faa157898"
-            + "2f32208038675a9d9846fd6cf2acecd22f72d07ad0fadce4791478780c1d8df0ffa59aa1"
-            + "a9e06827b053cd51b5a84a3b3ca459c31d2ad48d0a69782798308d1864e097b04e3a0440"
-            + "42520a7bbd8949ef7d8080ad396ac086ea1820600015d0224222b6fdb9d5f62595e486d1"
-            + "f59fc9e8d83f0bd777bd0d92bdcf1aaf28d4f1bf1a0add96a23457eb053f383cb0a61920"
-            + "0a7d2735e0d87e8d1f4af946895ff1933b7ecb909d85a143a78ad7d113bd79ecb880d7bc"
-            + "ef0633516e3cd91aa50d9254dfb1a8b6b85d648d9031777ddd0c5d6a7fd01727e89d308e"
-            + "1c1cfcb576332e0b1726b724c6dbe784b450d81d82afc417d288c25febc9a61c99f475f2"
-            + "b7b788dd988fb929e2f4538436c08038cab0cb3770f6cec07074fa23e2b20204bc865114"
-            + "203232b492e0681a31dfb3";
-        String expectedSig3 = "0000029200f6d2d656430e2c49eda24923d91c484885f9e626e8e76cad5fd2f7d875cc1c"
-            + "e556901faa3fadf6e97db78040156ebdb2e7bf2ced2b6aecc9337747a7c11b90d77683be"
-            + "059022e8b4eae2196632e270235ccf92b9da827f31070fde1c7646feb15df59b17f97fe8"
-            + "2bf9d574a85366c19f48cf32e9c04f7366d5ee7899f48f94b7d84d5890340f377e9aa295"
-            + "ec2b356b78ed6ce99ac8ad8ce5bbeb00280d28eef208dd63602130aadd66cca458a21e43"
-            + "47c7008e937d773c7ae46117706a1cf43d566cbbf92bd7c45cd3a56f52223439bfe06a8b"
-            + "136aa35c76381ed5576e8e1ffe6e9fa145cde1fb377560ad07a109552c08090a8f355192"
-            + "aabd1f3fdc112350c794af5d165e432d777d7b83b40663be13b990c85e602d9ee85e65f1"
-            + "3a96d203f0d3abd11fcd7eb17dbad445d7d13c94d3d75d3cd0dea624e231e867a2f1c237"
-            + "0aaaf4ea6dcc2b226beaab6b814e7021a6bfb9536aa4745a09a375468a450c7c29b7fcdf"
-            + "24f248ad7bf8ba0f0379f9486b33b1c656662f139aaaaa917648568943207b7690222796"
-            + "1981a8b9269ccb70bf4c88a097639ff4fdd736a006a5416a8cfe2f7685e175c1ee30e2f8"
-            + "878e165a2693f0355cbbb3874d29fe6ef76ee992122323e957211920d1e06178a51897b7"
-            + "ad577215de589c24d23411aca8ae2b76adac59897ece299db3da7b4a250244c278e8c4ef"
-            + "0b31f1079980e2b9f5f2229f6352fe258df489ece62aa76f5557a0bdd295ac403da918ea"
-            + "f4d8e7a48d102e0ef71e06193ffc698a42f4da29427c74564bdd11dd3d32803d6007b1cd"
-            + "cc26dd1390f8ed4cea650e870886724a3db11309f48682ebb700832cde372d09620eed82"
-            + "c39c2eea41520419bfea541ba2815ba1f539275ce944fb66f94f72c47383350cbcfba29e"
-            + "b33eec09b53cfc896c3cb089e72d2734b08a605df3c09a6e7cc40f14007e5535b59a48e2"
-            + "4ddc2921492fbf90136f3bc051a32bb02e043ec20b7c4da5ae92dba6089a76f1bffe50a2"
-            + "2dbfab004eb38dd3b11df574a7344d2f418a2eb8bf1c172fa9bd04ca573ddf8f137200da"
-            + "ad36ecbafbb79602d6ef2f996d02e692d10b4c2c5e6c7d0129d85e3ea79e6b13c2af471a"
-            + "2192e8ab8a6f4c96185468fa763a3ec418950bbede0f53ebf0182e5a5ee299130e7420ab"
-            + "bda1ce2e4948121b6756f03816b07b5578293e4d14da9ab6f67eec0b0cc1a9b8285760d0"
-            + "ea3eadde48c32a1cf5159611845e3962990c998cf1928a7e4d1a44f079f25a1a3047c2f3"
-            + "495231a7612b9628e17fc7758f020fa42df2dcedb74b4844481aed37c108bbf9bfe44c7b"
-            + "e12c34d661573a8f7fec1424ccc2607295d7dc3f21bd6bec75f098d7d1551f1e88453418"
-            + "6c284a5633b3e3c5e942d5544339cbe5d03f1bf4701fa4b0533f25a45d768e74a6d8b3bb"
-            + "b1dd2b38e5fccca5c49ea6dcf9a08288cb53889f73a8ac7b049d480227570a73c44602c5"
-            + "7238c4aef9184fa40ef719d8a0e2942faa96cbd12855923a0af0d3dcb17dff0f114f107b"
-            + "5cc2994acbddcb6938b789e2fef0dd5457bd12cf7ef8eaa450d27f554e447040602b1a0a"
-            + "02396f3c9a6c90c3b2b531f7ffb1be0354dfddd27388a771a912b6b8cddcce92bbee1755"
-            + "3276aec5a66e0cf9af9a5e304d6880f4239858ed7afd93368125a822bc930e827b9ce31e"
-            + "043c1c729741248186bed44f1a791ce136d9713b537d7ad336f9516f0bfa22a09a2f21df"
-            + "d24b86e16a30ec471bfef6675e72ed2d450309144da61655c6c37026cf108af5628c32fd"
-            + "0f36cf214275aa8961b22fb1e042959d81bff3c1bf2128d698c37c2cced73b6defa76f56"
-            + "49c2374da804550cf7a7d68f43c6c810ee467fa6224f0dc7dc8f94dd45eeb137157304a8"
-            + "5031790dbb065c708887a0b8c1e1f038d42bcf909174373846976e27208e5561de43052a"
-            + "6d901aef041adb39b24448cdfe62d988836b7128679358afc3898b83093ff7891c92a60f"
-            + "5f5fe9266ceefb73421c43b2b1dfa08a180bb4dad83dcdacd97a63add143d640de6ba4a6"
-            + "b5d62e29cdb74dbab64162782da7b72c0f3d5dc4fbb351eaaa423026842a7fa340fcab11"
-            + "c61a647ce183ea5b647ccb3fef9eb104ac9faa0a4366160a7887e65e0fdf4f879b7feff2"
-            + "020646088d1601a69e97780456beaa20db6db621445387c736786214485b97a09fa79e2f"
-            + "818a21eb6c5de7661b67c91bde23b6b9e3365582db91c853b770f7e4b87dfe35b875129e"
-            + "1c7f81e7102e4a774a3f7dce92a3d6322724d27aba6e162e9a75212a0bfaeee94082a87f"
-            + "01690a974b60690c83f08a31cc6fd7329a6b03327eb07b3d93db67a7ac0f3bbafd8c9ffe"
-            + "0876cc7308817a8ddbdb26b91266e40ba7668d30a02085db64cc1dac1936c88b3035cfcb"
-            + "394e82f80bf4a629353f8a1136447ac61e3f81b37532ee969be56df9d5be0048ba38ee17"
-            + "ae460dc51df1044d01d3ae1806653b1dc235c63d516af4cf5cfe7a44ee19794df9956419"
-            + "9a5f98d0a7fa6f534fe2bc6d930ed46b9f795d01f23d8d5ce859451f59fda1eb9787c6a4"
-            + "c59a68a3ba658a936e0dd7ac6adf311ff7b0824b62d079bd8197ea10c6099eed16b3b98a"
-            + "ba3003d6e24b35116f9ebb1240c01ed6aecb164f705c390fc984aa900b9d41eda3b3ff33"
-            + "ae3ab737c99e059402822c2e8e40a93bd500f75c03e4fad42268f05d84ec8a6480751d77"
-            + "9a70b45996ee27cae86e78c12b8e7d1cf123d6e861682557c95c4b0c2bc9368312b8409a"
-            + "4e52affbcdadc5af2c972243390d1074a64c90b2ef4e670c7acee106eecc06a1c51451ea"
-            + "8e7531d84c72cb593c1558cf5d36e9a59d275f88fef060f3aa60ac06e0c15f4ca4690155"
-            + "3d27ebbaf3ee098628ce948b82e3b0a6f0ffd334a28b8b1d93557499b3778159e8a320e5"
-            + "4e22ad4f063765739722ed89ac07c9738803ffc999afb8f2527436c690032206196b15d9"
-            + "09a709df1ad319de092e30f3d373595c704192d1b9f6330dc1631bdef5fb01d9ba7c0790"
-            + "cd840f3de0d0cc48b5c6640b3b7729ff9c1dc23e3b44ed3814db7352eb7d2a5da6cee5f7"
-            + "c906743319dd75098fd2c5dadf4e55b4a461969be4aa2007955dfe8862983d252d8b79a3"
-            + "3e9b1c531003f1cd3a8bcc6d29ff8aac0062bbc479ad59262cc6bce4048859718988b62e"
-            + "2c4511ed65f659cf8c579a2df7f539590f78d0173d3acb9a7bbda54a6a4076d336b5c085"
-            + "7fde4e1e6dbc6cfa548668cbdd655e2fa2b4a13aa93fc46b4bb8bf3cad806fdf2b8e6a76"
-            + "153038370eeb6024ec9cd86b07d85167e5e502c424d56512c2d24a8bb30c822cdff17ca1"
-            + "a311e94d4f049163678cf51e2f6162b06e62c171ddd7f18314bdce08936cf7815b9ec824"
-            + "0e8e693dc9e567fb7238b6d492e602aa4582434eb270d53f66898b6bb6a1d8f4ee2fbeaa"
-            + "244604dd1340ed2fd6f0ae22f872a40d61c334473b2cd3c1a9433979a0c1a3f5a483e026"
-            + "d7b052c5651fdf224651ccdf2b0922685778a77679d7a7d8eff40afdc275f475d4298de7"
-            + "404df9e8b98dc81694837fe74e5845a71c23e6f03c98528e7518706b90098e391e380c7a"
-            + "89893a04c191358d15e1642ef942cd7be0cc978f58ede44df855ea01dc8e9292a7d1fb26"
-            + "c47a6b1a394c2ed171e13a70a15d86713531be57538d0baf2c3806a9298e7411de821bba"
-            + "15ad13ffb9782faf718c3ae85e48b69324926ec5d87783ec00ebeec771dcb9fa1133503d"
-            + "294c8bbdbf3dcd08a2e117857200005270ea2c9869d871c3f027127a4f6354c87c095339"
-            + "34b8523104eeff0b15893d78fb6bc65b7cfb1cd711214b70849e4c07f137eca3a98a68d2"
-            + "b5e21fb8f0b8bb275f5b551ca77373066a7fbc0b8fff4925d69482ea20e10f56bdf42354"
-            + "24678d203aab87c22473e3d7a6bfecc69f29134b5267bf710c0b0c08f6e92a3d98f4c076"
-            + "e15457ec5a8683aa8b42ff2b400a294433432add3db210b56bf6e358662a3f70825c43ff"
-            + "893b1baabaf5fbe8f6d5ad8d10f01405e9c88a81373dff3f59e757094cf5a243548e8db9"
-            + "770d99fa4f039234025790e29f36fdf3d2cdb1b702881e9d0e5dca476cb5006713e6e793"
-            + "faa92466381b8c1152b254b8a002888a558da3a10cd03b40c3121825520c3af0fe188cb6"
-            + "6a1c27d3d2d0a6e5b7fc91d2d71ae5212088f337ea64bbfee2d32f81dbf579ed0b8b36eb"
-            + "13cbabf043a74ae836682e48ec90b73a1d43e562296a5fd290558bb0b54cbfbdcc598677"
-            + "a062264798ec80d8fccd138444dc5f788a83fc72f0422959e942d4823453c811c93dbef3"
-            + "eaa25cf95a6c52ce4dd99191f3993d2602e35a494aa930b89ec817200405fb9a51a34ea1"
-            + "b34e2110c396776717dc7e84ecb95352f81e7f00698ce48fc30fead202d2bd0d7d9d3ac8"
-            + "2e8d4582588a6073a8255eb5760d28a1e136ad40b842a18b0acb5c475141bcd6633b8cc8"
-            + "67d8abe2f8faff2ab992fe32abad052bdff6a16f2a6a0e8babfa68e59c862ec7a1c25544"
-            + "39c735e1c42310f649109cea6a8efc58130037a3a5f25966520e85321aa826a4c5c684eb"
-            + "4f7d1dc74c97b4603419df4f257c613a00c351962f4c154897328109494629e64a3984cf"
-            + "42c9b0b58e9cf65613040a20a63b4aa24f4844c2b6cd99049298bebbaad1e96f98811cbb"
-            + "7fce15c3370c86b383386d6b3f17d46fd5a998f0d7f3315459f6b0601eb5af6d4c73d8ac"
-            + "29bf03eb11f0bb5b528202404a5f02766f0dd60772e8435bf2e996c7e488a8508d8aa30e"
-            + "e3ecdfc5053f14fd70b2b11a75d60c2ecc557411d1fc6bf6ee2dededa3b016cfc680895a"
-            + "2f3733f57f9a69368101f10bea1d862c71e45a3c9e78bcf164b0c18070794187f0f998e1"
-            + "d38b03503121f5759c298ee10aaf083ed7ffea7573fc4e7ae46563229979e8bcae0ea5ca"
-            + "6bee5f7d7c7c1515056df6db5252d043730434d4900408dca27fe2628847002db7671de7"
-            + "79e350273236a614716d8dd0971816fdba911f82e35c4dd85e3d60d74c968e623f661a25"
-            + "0489a77ec2e04005dc09630d0d3c40fbbe567c19378587f1850c9161335b0c62a2dcd7b9"
-            + "ea3cf9cc8693989705e19c24324120a789b2e02a67b86c89a1a753c536027d1a7290d16a"
-            + "0bccdbab19e1f0b855852be5744c4fd3fb3cedcee941e89af8b2664611899c9031ac23e5"
-            + "5c9cb583c1dc185f0ca3f562e4c15440d66e3e173ce4f1feb0ab3b12668b9670e3ed6487"
-            + "2ac5c26fa422ee686aceb141b642c25281409114596eab784c263acf5cfdc25ced796c1c"
-            + "660b71acd00d8eebc3b9343aad88cc9072abc1d0a0bf9b39a0513a85ded70261b4dc5a30"
-            + "c8b77625944e50dc3bad22d1e864d9298aeb58f257ebee0edf742111f0d41889bad23705"
-            + "81d3e8953857822b8dc368b73f04c22e4d83f3b3c155a53cbc33da680535b6ed236cf26f"
-            + "a4ae5ab5e0b244c0c054e203aed4d661e9b6c79e43a43337ef5510401d01cde4556b0af8"
-            + "46833f0b97f1d8a06aa0d97f20f39fc16bb1056f599cb9fbc25299397c277a059429c463"
-            + "f1ceaf360d75601dd0f975e88dd60381ef0db76fdca1b55889a9f770857fada11e17894e"
-            + "c3c849cc6cb264ec9fb93853402e888482f28f4a57faaeef5ea9676137a7cc855dde32e8"
-            + "57ed52874d3066c7965dce2f0301dfa47faa3c9eeff43f10ac6a374deff4a06d7cfabeab"
-            + "463bfe6bbcf14d1081f8d5ba889cef409bb5da1959c74b40c5048b8861b4fe34cddcb663"
-            + "10a9126722bb297df7e8144d0e714165becf777dc8200365c73b5b86a8b7684817334427"
-            + "3e3ffc29191f2b51b39521f9419d604f67b1a628e3ac9eb2fde8f29367cce39fb31e32f1"
-            + "4dc4c64e6fdbca12bffd249ea16bc2314ebb184fc7065f083ccb7d1d8a78d6d3e0a3c747"
-            + "2254f9566c334dccbb17df4adacf24e2682559989cf0209b80f1fbd141b0a8de8ca2e8af"
-            + "f3ba7b2d5947e751341747430ed57b02519bdddf42f2701389fd3249809dd0a7bbdb6d3b"
-            + "8ab9f9639d51dc9bbf201f6575a02319b4948039b423633c92c0f51c6fd32c1d2a52f7ef"
-            + "925d33443521dc228d7ccef0f1ea20433ab928157443677f15460ba97ef79979ed53c6c2"
-            + "59fc0b016c7aecbd997bdae8c0366656dd979074ba42c31b8664995e5e384c941f4798d9"
-            + "d67c0ec89599466ef2048f67dac2462014ae463a3a5b8322638a329799b1223c98ce5ccf"
-            + "e1a4cb682a2f5f08d9fccf05b5e38c9882b49a6ae467b8232f1652fbfa90c66190fbe8f7"
-            + "debd0653fbff088a039d833f9e98d853648543bb60eb4ed5c4e3ec2c0480a7b2fe85c324"
-            + "c4869aa01b67a73204b8f0cbaadb040ed9dc55385c60d3dcd27ffe50373117a2e90185e2"
-            + "cdd4c636e705493ba1a31ccd162862510c0eced86a4c855db8438d59727705feb2533f6b"
-            + "4d520028d4d76fff9ffc3beca001547c5a60c2275f2cacf4c0cfb039579dfaf49c7b2641"
-            + "c5799576ce34d342535ee5fb0217eb2fa11e97497f0db7a370dfcf5f62af311eeb33711c"
-            + "febc494919332b30a705273d0e81affe2570e2d7fa60b7f8bee710f05fda3cf2f2b0ffe8"
-            + "cb0d58a8d0d7e3d0261052970b75d6cc1d359f631f4057506d80da72a7aacbbd2c4b4595"
-            + "197a04b000ee19968ba5330f09928d323e6ee9e79d29a5a782284ff77c0548e734836a3e"
-            + "267d7f400ba036d2307f8046ee354c7e38ece1c56d287f97ff8e15b863098124a8db672f"
-            + "b34d03d643985e792db059c186ba0d942dd9c8f07edee0fbc32a306a665d12fcf1604c64"
-            + "f8907cd11fbcb6b2b10aba8360487da02a36afb3394cda20a86831da07ad163903accd4f"
-            + "187c04e8f7338d530e26b8900dc7498e2ca5e0a5a1c0ec5c3fb6e88add97b0494c050f89"
-            + "36c1e47556abefb089e47e4c52d5295494507a6c2986587362e0a38cef01abb5e1869b72"
-            + "4da3e4c663311bc7f8690fde3620846175d0bd8ca8b8b988ac5164534fecca9f27e23fc1"
-            + "d69d01b7fc57a3607584318adeee92cdf84316662e8c44336a73fb034b2179e22bfed2be"
-            + "8038184520a30e3f957fe14a9094f02e2ffdeb2f957ad30cc76fd1d87e979bed9eae662b"
-            + "f90f9402ea80103a4f0d443c1bf8b9c849bd2d8e926278ca480cf35f9c25d5ccf9b2de06"
-            + "1b76f31e47e9e5dd94bc0d46e89b5a7d39eeff7c450f527fad774238b0555b1aaf3241f1"
-            + "27adbbce858153e7a0c53054f0de415c9e9822f50d707cd54c3adafc517b6f83009b02c7"
-            + "faf1b891467dbe41671a164d265122e9e77330e480292b1454b6b52ab209e4a69245d3f7"
-            + "b91c2b2387368acf126f8e59dfa1d60a601b11c1f06f2b77b4a955cfc993938920584c86"
-            + "067bce8a9e8c8820d45f2e74223b3f84586cac70e59848171b546b450227d68e802878f3"
-            + "c8b2abffb375b8ea6c3b5ef1cd6c93ff514664504d7c16e6c53b7b6377528d865581a631"
-            + "76d5e5748251f5e5876008d95aad25dd6d3420505a973b99ccb45b8318cc3b7fdfdc2b61"
-            + "c46634b3eb9cbaca52cba4deea66480e72ab109ab9125c9084ae912770cda9a71d4e33e8"
-            + "fbaf8ad2420dd751a71497bdef1bae3bf76ee27ac2d2654ff72a2d0a924de7f4aef3a573"
-            + "4d1c4dada0f9e4783a29a831299af80dfe1ef0387e9c268ecd25acc6c6dd3b1fa3f9d9b5"
-            + "ded2b9c4cd1835c2eebf659b87d91ea29ecfd35405463168b8227636365110eb35093947"
-            + "35f4ef9b97e8e724b463ef5478401ea9ea67cb66b14b2ecbdd77eb62bde4ed9f04a22d0e"
-            + "05d0b97151810724b0ede85ed777e149c6d4fee3d68cba3455fc8b4f0b52011b12c1f4d6"
-            + "62417bbdd549c7beec11303559f656b9cbec18ff0960febba208a2b7d532197506e0c228"
-            + "82d7b63c0a3ea6d2501bfdbbc904b8a2e080685b8591348e5443942a1a7459c60e2a661d"
-            + "2e6b60e95e79d0b34e54e7346580775352a8342e7f8017d8082a0a124d8cc39dff4ba8ea"
-            + "67b5b80af215a6d9db612ee4f3864e309874d5f7623af92ac013144fff8f7f4dcf1ad1c4"
-            + "a34c3a5507cf897f6df7a942bc1bd04bbd25793c68d25be9bc4bc170b15d0dba42f02ff2"
-            + "cfa4ad68a359cce4818e5d4a3199cc4b9bfb61de9c636e85f1553b895fd2fa25efa9aa2d"
-            + "487004eb9a91a869085b3854ae7b08c1909d32d4609895482d64616c59dc2ad593646372"
-            + "cd83a0f836eb6e9cf9b0a6ceb8d585eb615f7e9910d5b551501c2041625f8ffc3ed84d89"
-            + "c0dd7a44e9fd95960cfb24041df762e494dfb3ea59f3da398051032cf7a4ed69c86340db"
-            + "4054b44248224bd4414d6321e5f62767a0b8e171f3aa93fb282712a226bdff9601529248"
-            + "f5f01d6cd849bce142ef25cdf9bbda6d7c41f9ea28c86f918e1884fc59cb249a1495c90b"
-            + "8bc80bf7e040544145c39f30d9929ce5af1eff90eaab34a6b403311e8dba9526ed62a2ef"
-            + "f62abfef405ebba921a3cfa227d7df759f291fc681696be8ccd751acea7d73c5a46c612d"
-            + "c283598ad1f900a84426b22ded887f4d86894221eb08fbda9ac7e16117af2099427aa2a9"
-            + "c80c5e257cceade53dd5263a82bb50b2c5ac2c7152d30a94a15013965083e5e6acea191b"
-            + "d96305845d52748490e0d7b6f2021fd87d58c3cb0f98674633f2d1948cbcf26283f93d96"
-            + "e3d190dec4597cea0d901094152211e8bac1caea98399777a78d50b004dedcd9898a344b"
-            + "0f183bb92cd443ee23217d72ff2452322358fce49b933cebd7ae38738995ee717b6caf23"
-            + "5daa7e0fb142baf37ec671223bfc3cdf1c72033dfd99cf99bfd2f0d6bb036f238208933f"
-            + "c5cd15aeb2c368902e718d5d56dc838668af67e6a31558570ba94b7b0ad4996fc2ce0207"
-            + "44615b6f8f54e4a9a8698b6c668a763429ad9ce67ae3564707cc67cdcf1a204eb1524e40"
-            + "6a6b0322f31dff65b3c24be95f2a2a41a5374a0296df8bbf26f6c91f35bed4f3cca93602"
-            + "161b85c6df668c6b3fb0b64856e7ed6b92dce7bbc22d113c47fb83d73a292574dcb83e48"
-            + "5c9658cadbe9a5ffe3cf7bdad2cb8c2353f7cbd532afdc145418d8da7a120c4eb76b96da"
-            + "e4171ef38de5fc358c018e7ae5cb19114d561f0f8d8c694681835a00f24e6b96ee17018e"
-            + "f4c55a89a6c2e809f84e9ef44eda5b3fbaf555ac559f4bc2f4fdd15db78a71a2703e8391"
-            + "4933c02fba48f662d7132f53c36bcf5e368e3c229f65185ade9fe3c7c22b35b9c2baf66a"
-            + "6d634ff38ff6323500b06b156dd979fa95069e04920ae4cfe3ebdf4a1e9989f2a05fa671"
-            + "f1aee8530aad437486955e8dd550dfa6d14581ec96a461e3c8dfd7e665a48055d75c9d18"
-            + "dd90e25f07b7da7655a00c7772a10cdc20971df1a40e717df3218915b482b4391be25346"
-            + "ec316fd383b073f3cbfc4cb8010d0bcbe46d40547114a965cde92378948d70ad0ad303d9"
-            + "09996d3647076b0ab34f416eb0de2ff650e88fe262a89798e3b4a67800af38e9f4e9708a"
-            + "ba2d8d1241814161a5ea8e8f5419f62d3e1cba998a1fd7e558900baf4884a621c26af5ee"
-            + "596cb9912168a8cb7f794599c132a4f30ec650cf861df285e4ff09b6dbaef83283bac83a"
-            + "1e4d0e748f809c22b95f3ea77ebd158a43c5dfbb4d298975d4f80d7b2af65efbc7631de0"
-            + "2eafc1bdd75c9c604322ed146f8da3d9a605b1e69ec0d22318ebfde140b1af07990c1843"
-            + "4653fde6a6b3705db69abb161f9745c56281e7bb28f12f2d6e8936a64ebb9e6c7f884047"
-            + "5d850d216372ba1a3e024abd90a5fe81aec6e254c516e830b437f94f17b32552eb3b2e16"
-            + "d8c3973d349d7ee99d4b95118e1df2c6b583bebf64a2dcd7b4441b23b9023262f27479d8"
-            + "d4082b2f2f6f7d46e1a8a521a4a504f5f342b92406db51ff275f25b256fce44ee22d1c43"
-            + "8976e9fd64b9dc31c96b72483c22583ef2fc7a975133f0625f8dddf203d526d9380c46e4"
-            + "ad1d78808b5b767a628a78595db123676f094267e89d493294415ab339b8f510417bcca9"
-            + "ec8ac819a70c396a86e7589736179b7bf8f4a454162af1e8415a179be0fe91c30d9c3267"
-            + "7c112b6ef56b69c87dcdef27c68f711d1c5fdc27f5e0a5b2f426753a946413bfa22df63a"
-            + "bef7e141e2d85e5c6ccee03931466455d498542179b52a19352cb5578b8a66210e1db37d"
-            + "efd5b1c973d8dd91e2d996ad67e3e4df65495d6b250df29a4e17fd2ba03cb8d6e5c0b88a"
-            + "25978d921e88fe1f68cbba6fab401bc1e0d092b0cc05180afb6cef33a9202a4841bb089e"
-            + "fe2384d926542fa3dc6eb8ef06aeee4373cf1d3eb62dbcc0a97dc4bab0a66396b8af9389"
-            + "24ff416c6627c1dfc7b9917d5c7c0d23625d6e5c82b938b72b21329b2e89ea867fe10054"
-            + "e01ee7c3692e796788d236af325020b3a24c4cdcc02762ad5e6ea70d5d6a1afb34137ba4"
-            + "77a464cd13c033a8e493a613307b7ee5b2dd06912ec0a9a64d2d81ea4454773ce21d8eb4"
-            + "19daf7686b12f13bf296f959c040cdc4c43a69a580679e61a503ae92ad8d3beb250c9731"
-            + "cd567c7b65ec13154d0b78e38e8c782262895c78f3293a0a1f88910c55fb45ecdd2e333b"
-            + "f1b08cc4e4e5ec856786b549eaebf7c8a56b8a0801cc12c785888b59459551276a5b5ee3"
-            + "932ef0801fd41a977cae1967d3c1e6f9d3b031b3cd01948eee0e11bb504b19b7b04968da"
-            + "9f2157ecced3f493fc0c0f5f22bce33e4b343ac849fcd9d90c133540079d743054f7e021"
-            + "11cc2ee9c239db904ec2d2e8371308163bd104b36fa4c8fab5d9e7845f87e73c83503872"
-            + "35b1b184a29fe6addbf3d33bacb79597a96ec68b2ad564ab631c58d2e613af2a3afc0069"
-            + "2d9c2f6957e9e3713dc942c15162c85658443002dbc22fde900b1b610e4cc1c3c9be6e62"
-            + "30fa3e401f9fe2efc8c58e805ffbad01c28159211026e25e168b7eff128a6d0d4f223785"
-            + "21e3d2b71c936bba99436401ee53066a49a5897c1790f0648df0bbd724b00e28b70e9252"
-            + "528c2319a82a28e97c829c000afbeb414aa0121eac2928c1df2569eb887b97d0f8238c50"
-            + "41afcc539eac5cdf7c2bbd44995a11486d201780359010bdecd3de2eb7ef056e5a376d97"
-            + "2e359fb835b10b3fbf44c965764f8ce1a1a0be53105c316e12ad635287122be7a9b96571"
-            + "bb84749178f0e30cbcbffac9998786424b231c1b83b6afe5e8d256678d019b700cf268b4"
-            + "b780fa0c54de7d5c6d73aa631970e615a3640de59c7e05deb3b575ce031b07520a3cbc67"
-            + "bdf077ec8cafd5d1ee3fc327bf5650371de243dace406685c44f1c49726258927491b93f"
-            + "c7b6c5124414fd5f412448ea50cc9f5114d9eb029dc042bb414496c44ca41845b2d95013"
-            + "d44bca0fe0e6206d0e996cfa2d55a2ec8c3812624581087518f524c243652a957be58319"
-            + "125ac0f1df744bf3feeaf0e51242bf5888232d98fc8eb22fe4d4bf0afb7bb6088e7622a1"
-            + "3a02c68dc99d85158a43ba8de8e14c4d2f3b7c7f7cfc5f2a2a2bb64117c917f3f47c8ea4"
-            + "cdce442dc0f1e6434fce047103a5a2abcaed39f631ba9b939f064666b9a42037d9ccdbfa"
-            + "ee2a84d01affcf8d1c1f6c6729cdd68da6c7fbdf21337d1a04b2b23353b3f0c471db3470"
-            + "f5cba3cb85804a414e0f47bf1959935ab7da803f70eefa76b8a52c9ce07da009da4eb3b6"
-            + "afee77bc4661c4a84c0c433ad1dd3342fd09e5fe76d1e19f53ac72daa711f40259306ae6"
-            + "bcce4d909f0673f8350c3b809c47cb34e40362185f78b0b1614d870872658c944e53e84f"
-            + "de3ea5fdcf649d7299cd74a108b89c3685135752932924a7e435af3bfe5b0c06f8c91735"
-            + "24c77ac95b83bade1a46d8b05f3b0ce3aefc97d6d80d9cf20f4c512cb9a535ca70266d73"
-            + "293cc410e485f745680cecd5fc2f6ed427101a83bee570429775af27d9f10cdb789efe76"
-            + "470425d5db1049952f7f09cd1bf0c4117446a49ffdc7baefa63500d44924a0d0d710834c"
-            + "c12cf9839584d11884ea1e3695a82a3e4aab26e52433a6807ed9ff3183a629bfb66b0680"
-            + "cd2fc1a42cdbdb961c143b0a73838eb4f868d75eef5e1caf4d6537e713ede3bea66c400e"
-            + "c92b13ac0fe873d1b6ce1e341f26ba63676fc8ad1dd685918d32da2fcb1a1c8d506bc33b"
-            + "c71101dc63c5d1933c5010b4cdbcee468f78ad6df53fe0228b4a61e58d0e41d922f6b443"
-            + "71bfca2b0c733fbd41141636752c7e67f478fc59b8286f0edecd2a6418e876ad0e5ed79c"
-            + "c32067798b19cbd6f886e27d3b454a4fb716d21b674ff67baf68653a86bb565d69c36dba"
-            + "6bc96c4b291f56931cf933a2e6e02438359669ddf5e9ec2f45f8d63bc12ebc4653e41061"
-            + "4a1c75cb94fcce34a9436142c3d835948bb23244e7a78f8d88283a142abea4938d673e9e"
-            + "0df348e5c65575095257e87d6491a9ef96458d698068c63620e4d6bc7042c8d43571d2b3"
-            + "9d3e833b4db28c8aee0ac286ec3a372b9cba32f4f15d66ae625974cb7347a1dfddba2479"
-            + "f5eebcb95c8cb33aae8cad5f2a804288266cd766e1b1184fc31bd339a8d81f61c013674f"
-            + "a27447c2bfcfd2fb6c8939e834f6e49063a9ad044eab87d3b9ca0ab5684de341b3edd450"
-            + "da0d6e9c2c635705535c8dcd022979f9517de188e7473155f2ba3c7e217f115661d56d7c"
-            + "86c3e490271c2f965803eeb76db142250b7a73691d238dd254954a32a2804e5c52799862"
-            + "4de030b746af16e8d2682bcccdc68e2d59aebd32901bd22353199ba3ad1b7c2504778aed"
-            + "55f9b5bcdc8cf218d3a6e19f9225e42b8e0935065aa49c831f4216742e201f16c62d2bd1"
-            + "528004d517956fda9dccaae3887179aaf65749151d36eecac985fa0310a61d815ab1b5cc"
-            + "e36756baaacff6151c8b428ea46a036511ba3db424922900f27b7a85715a17bf77d08074"
-            + "12b79dc7e22698aa1b615547ffc18bbcfbf66f54c82e222c066fe627f8997e204ffff035"
-            + "5f68d91a25d07cca0f38705aa8df9103b48ce62b85d0fad764b72b8f020f522c854e191d"
-            + "45c7e10576420279c912f8d3d16e4e95630ba8db0f59c9169019522da8015976b9a2e7da"
-            + "8ef68316acf9b09efb9fcdd712622fa7c2a4255cc89d1bfabd9c48ef7b15af536692c820"
-            + "6ae39ba495a4d07be2a9a574b55639a7d064bc3e555c0da2cb5134560d6dede9d9944a83"
-            + "ff3ac7a839df311a190f5d9b2ee3ea032921e2b7d1df36c0f5239a81927dbcea14d402b5"
-            + "75ffb9d7402de2f4c6b03a6e7a709115ae160087ebe31bc6d96754a3583272072d2dab1b"
-            + "ba21a04872641f86c279e44c8b898fd2fba0472728582f0916a1f2df6e646997b0223638"
-            + "a23405b408aecddd5b1ad27a0e425353ef5ef8bdd282aaafcd96ba2c4f03517829b08e2c"
-            + "a34d922358ca460845276b61f75feacc12942a6cb685193aa246ee91de431d31e4f5573a"
-            + "d5403bc67dbc695561c6888f16cabf67bc240479b628581123c2508ec640ad8b68e0ff9b"
-            + "a7a88c0383dabaa460bb248465a72742d158629fe77c7d54f86487135543f5dbcec02960"
-            + "dee118edd5971f31b2860e271451018288c3bd3e8f60a0b521c48c55b0e3ec1135c50738"
-            + "740aa465d0a00f5d8c072d3823a669262cdd7a76b1696d04d94566caf49091d587c41945"
-            + "c8c3da080c633cf24a7541bb7a888074dc3c145155c2e55870f59d980cb275a926b4b498"
-            + "9994904d35249697e2d8f3a03ad2828ae298c91da45073fe68fbe8b148183c38d5514ac5"
-            + "c27aa4bc300280450c42eb53000bd789cf466613e1f799c6cd8c89a88a155308f732237e"
-            + "3c4aa75adefa0e376d4b6549680aef721f2d1f6499f1869c5d19a1e4638489a5dd76bbf4"
-            + "30f62d98af552e1e323b906a4f297ea41ed799c448c632cd0831352cf61dc5d292b1d354"
-            + "3a23a4df7cf769a4546b627901032ece8a0f7bcbfcda27b1b22bba825049a702492236e4"
-            + "d2de20996c6f80936a8ae1c8d09a8de958916275d3fed29de01a2ac5d467382595300eae"
-            + "cad859f58910775f6621f0189c771189abd494885186d0075dc623bfb716f976bb3097be"
-            + "6c30675096a2da480650a6af6de5677105c808aaf67db6bee7b2d7e8d1b8e754893d4ff9"
-            + "bd0f06cf92d38083eb3a9a1a107209ed75b97b0ac8b033129b489e78a54723d082dab46d"
-            + "1359bdd868d489f471a6aa389757fd990d713c76ecba3f86f6de4e7deb61f59c997b4ab2"
-            + "b313b662bb4a41e8e73ed19f8923629e28af37d986ef4a1d56cbad336f952896256b0004"
-            + "b3310fd55eebb3e2e8b2783efbcbf564b335073d6b54a09fb108e8f385e271514032eed6"
-            + "f095ade61c9287ec968f253d520371cfe732569f52ab9d1f77887f7e737e6b2fe721f3d6"
-            + "c6b09b82b91c8b4212e50aee1a89e6d7f60d9b73f2f59796cc3f1d8e34afc30cc2520092"
-            + "ca11e03a141d45b01cedfd219a7c2e03475475c50000516cf51786c5c87aca790ea53297"
-            + "8bbb106734fe46e51e69faa68daf9d4b0830db5dcc57908abe92535a90e573c60bb65b1e"
-            + "5464c8a60dc4d97068c4fb9647e57ba8208aeea49e2b9a37b79eb01233df8ec8d110a71e"
-            + "f8ec9276b96683a1595ace86f2e6dfbb0514deb91935824fb9b47032740796cd8d90fbcf"
-            + "a899c1011fdff1be10b65d201b92bf7f89cf1ab6b09e925dfaeb43c4febd6941cbc67245"
-            + "5405e8bceea0962549ca51f8081f508cdf9d0ebab48a63942d38f2c2d759489b97e234a3"
-            + "d78a35f8ff140c64e5409d8198264291793e7c5d2b25ae63d62b12de69eabd00d8499273"
-            + "2ae1080ffdd91ca97e5c396f98ffc9b3702c5ae2d9ecf9fc328f0b412dc8b87801acbbcb"
-            + "06067985e3fe7143578fcafd391b62e8e4929969f989d9a6b36b3de7bd1b5d927acf9cb0"
-            + "914ccc051efc9f6a6b1dd9105c9cd8a04e209e59bbe2105c5ec0c39188dcf830b59e05f9"
-            + "a29e39024872f21c634230989a09064b4795affeb43c6827102e1a3d6d9f6d39ae3302d5"
-            + "5af7c941802d1f57bdc1927e46307439e7bfd2366a0bb8efe51f488d88ac523010ec17ee"
-            + "bf976d3d0b9295b04a15a1d74d603fc040d7c39c7496d9118e8315a0cc59bab9670bd2e4"
-            + "bb5a13ddf1c9059acc06483409e8fc6df94b186f1bd91b34c650534620fd0dbc01bb3387"
-            + "7d90be97e16d1c1539933a3f70ef2f47d474a45e270fb230a0381b04cd174cb37a6193c3"
-            + "a21d15ef1d648d147b8054ffda79e6768853cd1cedf6c0abde8b188ed61ae757f62c1e91"
-            + "ebcef592225e2a906b927cbea0561e745477095686e79c8827464297bf57f3047f853399"
-            + "bcc4e623a0a2aad1e027dd3ebbbdbaa56d39f5265efee6362b0609a60b5d2de0a0b7014a"
-            + "d7b4c1b2c1b6b0c66ffb52391859d69929b8e14580398c9b582b4ee30a8e32859ea51a8e"
-            + "e87b9a19a38f43d61e9ba849a02e5383330f213c3ccc95c1fceba1514e21e978cc7fc821"
-            + "7a47fe3bcf8da76f7b73d903d1b4b2bc9e19ce2abc293300d877e339e233a89cf9b848b8"
-            + "412fb2b28478ee71f793a8acc0be59df1ebfc0e9cfaaab420f34e1ed986eb59bdcab725a"
-            + "1df3311c5cc15d1a9e95d4abd02cd554573a8fea97109bf1d71d19009314c0eeb0a47a7d"
-            + "a5f4d30f124f3b3a878375a3f40a35a6229ada4f8ba424b1ca3359e71747c3c4328eb173"
-            + "1523ae0b5e8e9ce200901502db37c216bd8ee04c5ac13b934868dc4cce31b799198ba2ec"
-            + "3dcf38e8ff87a822c6338d529aec616af9c85cabba08c51ae112ca72a2edd9c6bab17540"
-            + "f0d12906a332ac3676df445ac81ac7515d19074b590ba0e09f7f5810e90ec65feda16d5f"
-            + "8faaa335411a6d75d5ea5afeaab398e48f8cd3a29397c8dd33ca3a37c767b702970f4214"
-            + "f54be7c195ce3a7057672f0a372a0a3bd28a4029cb86a0135db6662b577c0e4c22336bda"
-            + "69a525476689329fff05de538dcf42c511602923ec8b6795a40aa62b3bdbd90116671dc8"
-            + "5c2d85d7316a8be107260e66b60d12cb0e264dc6cb95025d0a3ba4e97a19ae8e78588dd7"
-            + "8428f0a6eef5df595811f6163a97f6ce70c64bb25dd6c986477e40e342fe059b241c1266"
-            + "c34e5c02aeb413e1ec8aa74429f5d19392d1f10fc69749e23869f11bc4aefa6456c8e5ce"
-            + "6e39b88bedcd9a7272c9e50fe187c374a36d9343dc2d77b1487a8a50e80f4ad9631d77e8"
-            + "82b44579a9ef3694074b68d3b4698913ac2e3e58e4d53d358d2e578bb93aa15d0532584b"
-            + "86e78a3356e6bdf0f0c6b7d76eb282932436b7658f0deedd2906bf2497b193fe10bc6d4f"
-            + "f1e9ca2f525c3922565b55e176bc55996976db45c8955b45e649f111e0ab6167b291d306"
-            + "1bcc8dbaac26895eb8d753e7db7ab5c49d48f6d8b70ee8e4d58259df5a312d38422273ed"
-            + "b85db0565f1cdb7fbac26101904fa5685ff61993783031c0eebba04e4bb9b8ce016f47d9"
-            + "54ee8ad65acab924eb86f6b742e8cf714313f80d8916a1c80ddabc9b195948b29a82323a"
-            + "158479c0b521be15cd62c46d2d61a7b78fc648b4b7fe594f5cfbb99f8e42b6444612fecc"
-            + "4cfc0a2f9d74797fe73bb8116bfd24478d6d632a250ab166246f8da2dcde53c41cf0f905"
-            + "cf3ec5399ed44976361326c17adec177adadc2fa9b60fc2ff2e3612fc15f703a39bfe796"
-            + "e1aa0db055ea63ab393868b2d211930fd67165cf378ea0ad8de0c629b045a7443fa41297"
-            + "f352d4e577eadffec65b40ef8a598dd9a5a60bd8b6b8bc99c408c05b522498691a29b381"
-            + "06a919a0931019e9d7060dc618275772993a3d747d31f1b463fc9265b746c3d0e964b2c0"
-            + "ed781d2c3a2e3ae08279dff29fed0a5e49a4d70000eca6932abc913317d2bd10ff73cf40"
-            + "141d0adab9460b7ceced7a72569b4810fc34459038e718bbe5d856cfbf09e7f7531d28fc"
-            + "417d14bdb4fdd7ab0156eb637986272cf7d265b0a266826c49f7a6a22b51695bb8b45b22"
-            + "da51950af3fc1d45cb1604af954fbe130255ee7c4a9c72f452a0c4da085f63d00a8ec843"
-            + "c4e28215aa44a048c209178398031ea670e7cbcf13b46eb9b0b14d7bfed4cd311104b2cf"
-            + "bf67963a2a83e334b2ab635c7ca1acfc40d031cba1baaba6fafa28de8a9681838087c746"
-            + "464e1fa8bdad156f3fed84dcdf2e79f37c8448f7972490ebfa5f1fb19685d85303ecedda"
-            + "e64027d4e01eff6bb92314606b7f94d036b048b0f229844d1a1fb27e795d2051eb050d99"
-            + "0be0a9a44061ad3668350844537d2df7f21b5705bbd509c3e2d8e2a5b857f3286b2c42ec"
-            + "d17c56972dc46f81aa042b7d3f3188e1b929cf013d7260565a19e1bcff60bb3f2264b97c"
-            + "55727e732df6ee2ce9dc33768aea3d17eebd7b996d0fd615808ecc224035b21e9d28023b"
-            + "193d60188fa640380f602c87d545376ac5c1649f05d6d2353aa97dea9f01121305f14c0a"
-            + "422066be370c707ede7f7062731d60f191f0ef59c1d9f4c80d33a112cd0dbae024ef0c9d"
-            + "48f9ccf9092f26d5f32fd584211c545c80fe7a3d025d47952682bf3a001a4a007298dbea"
-            + "eb3e30ce86403107caae1559c455110dec4e2b1438c1fe41231786fd0728b2687ffbd323"
-            + "3050be657c6a3949cdc1284b88a9d830a7f3cd30bf4cdf8fc71838a03fea1affe19961e3"
-            + "53482676208856def69f41b71898841b814bb9d1e364d18ee02376dbbad47dd64ad50b41"
-            + "15bb5c40b25602fde40ce05245c343aa430734dd768a3faff36861949af2bb8b6154f70c"
-            + "839a5789e2b4ee2717b90f068e7336139e2fdbb6ce8698be055276aba2904b71d91b02f0"
-            + "eed6edf51d6dfefca76c5f338383b2456fc4c262a45bbc77a2c0ec5fa31df5d299933ebe"
-            + "5e7ff03c0c6a3ec4da17913e7d4a66f575e1041cba43210b367f670a5552e1c0aec43938"
-            + "fca0a0269d2f90adfa36f9dfc1ed826e1b6d5c235c56a0cdda40f135678367e2b31c88de"
-            + "0f246af962b89bd5da8791154e49a359fb3c7fc9d89b6ee260a426d6ce26c896ce1b73eb"
-            + "31a73779b666e343b4dfe65ba11bf5a7ab1d6ef21822c39de91414698b459d0f81c72a27"
-            + "05bc08c76190f32d67ff8be902508c9eff388ffd1bfbf7c601e59aa129b90f875e45dda9"
-            + "107eda2dc9d15478785ce6121938bd299aaf634d9628cd3f8495364f8b6cfb8c5617073c"
-            + "e17818df7bd4c73484ba953277c74becc0943b842bbf42cfa5a0e811f4b66da54f8e4327"
-            + "e0c335ab23bc9e4cdb8b05e6f82fff9df63d949b2897e1dfe9754a8a0616fa32d55e25cd"
-            + "2620f7ef549f9566c51cff7365db7a2e53bb09319e021f5ef265ebdef164fe844d0f7276"
-            + "dcec42ae714388e1aff665a32e6b810e30c65f70b96b4fc9651331f1e549bb51a9d72fed"
-            + "5b9de4802b4da8cef46b4902f5188b0004936324a967dbed9b70f4edae090f43dd963b13"
-            + "2265be0d897092f8310bcb092cd50f6ce6fb133c756c2448b495ba2d4eef0dcd3d6467fe"
-            + "a737af12d41ce47570d1b2b9aea75328d0d684721986cd66bb4333842bb50b69b367ea8a"
-            + "5d0695d690a345f0258012f3e3db9d74b4372f647d6d08141d71216624b2ffa71142d202"
-            + "64d8839b8be50d47247a8302ff2d52524acee80efff9f1f4f0eff23e9255b73b35eaf456"
-            + "d481ddb17a915ca5b29cc530f66e1664815d1f16d3591948c393b5c97ce9fe3a81eb0029"
-            + "b3fe498e611f33bfd84ce434ce49357e42087330b0c01c2c16e6155396444a4b5e8d6c75"
-            + "a001b43b43b4b0d60739a4f78fad4703c2a68b701bdbaee522cde5bf5abcd9413350858f"
-            + "e38025c23d17db8da158989fcfb9e52c283c4dd48112c3817df41f207ab75a6f7536fca7"
-            + "701fb87a24d40da59042bc2a4562133d940d4641653b51d15297f2518ea671cc789e61e0"
-            + "8f5fab391c7eb1f121b7d41c34ba97a47581f81dfcd08e7fdb5256da725bf1b2973d9932"
-            + "add08604b2fd3595eab51752767a900c3977b024f223bd2c4e90fa98afb7d39ae0c1478a"
-            + "6d8592290e59b3858449008f18f249bdd1e50b0a9127e437004469738e15535baa8d0e00"
-            + "1997b4c642ede79aae666b2582305da7000a327014e487c2996455aad3e12746fde8291c"
-            + "7147d29c5de976df6f326d9bb2b520b3672c82310d629d270fbd5834e2773080630e33b0"
-            + "51e8fd1dadc8cec7271726e9f7a02b070263a40a4608b66c5f32a026f5e2aa81e5271c4c"
-            + "bda381223f9a9fe149789440ca9e871a79708e84ff2669580d6baea2f343ba4c340eff43"
-            + "e37d8e226166f6a7127c87a6184936187089fddbc9f7881eaf66fd1743b2b3a4ed274250"
-            + "ea0bd98b9743aa73a438da5929e53456f58165941996b19e2790caec5e7f8007f881de14"
-            + "22bff2d00b217175c595e058dedb4aefec91549f15c626e7b86a65bda898178fa639d0ec"
-            + "03253bf7eb3ccbdf03d1bb29fc0a89fa24a40713d1bed82f27b19e275c76513f73db70d3"
-            + "f9ac37d3177df3e5f8e9aa9991775a8c20e1c14ec6a8ed46c4dce8540fd28f9f824bb571"
-            + "0c8cbc8000c77f1e7be647883420e930a94e18fa6e10b376141f6e19ea09d2e36a1460bd"
-            + "2a0c9d915020cee0d2b6e5f7bf34c34f7a4c98b1c3e3d7b742f0ea4a46e07a7b1203758f"
-            + "0e50fd846bd2201d6a4384dec0fe198a08a8e1ac1ca180b0fbd0e384f2a5eb81044d3920"
-            + "6f1662e9aa45e02066aac78e7a4a6f0a5bbafda32844e70ab313ced85b67c8ce157f4f0e"
-            + "02123a79fbb8f1e99929120e465c0df45d60e580882d4bef28f1d17ad76a3a711f88336b"
-            + "c8f0728c6d859504e1fa58e23f4db8085c55f05d42cf0789e0ed86fb0abcc28a65462de9"
-            + "3b3235eef13cf335bbd840908e5e39680700a52b6df5a27f949463a90e057c534619f571"
-            + "3f624bef9e7486541d011eecf69d2688f250f1035f18ea0d05b5753d6b26bbda5189790f"
-            + "fb7245037e8555a9b459563bc8dc3e374941d3d8fa4780e57e2b14dce8de1270b1b960a9"
-            + "9a93934b02306e449287eaf8f53eb959713a064411527a17316746a310e1098cde49e61c"
-            + "cc69cbdb99ffecc82fdabf8d4c77d19761910a7c08c6700e0ae38a1f8c66335c10fe3de4"
-            + "b2d1e069e6d33493b1257888a62013a3e2930e29d0f34e759a4ed44a7952fd555586cc5e"
-            + "22128894cb6857d9ed1458cdcbc51d6a588a5c1704f2e288a026f7c87b031789bca53749"
-            + "61f64042144f1f4f73756d453c774fb7393c1217e8753a4eff8b52f935a003494eb2064b"
-            + "7a2bbd1825d95be8ac2430e97720b963eb2ebc2cf9bf2710eaef878b84447354174c8edd"
-            + "84e03c107756c49524be4e3eea266a32215a2f789e429c241f6bb4b3fc7c56a954a47aab"
-            + "149b458f1b1865f019bef028aa50bea52d9d34f3890c1e00fd182e6de248d00f45b152c8"
-            + "87dbe63b6837b79cbcea44747ea52564fa661486a769fce752665a059722709a13d23010"
-            + "70b7bd5112b09484f9f281142541d1a664ff7525df6ef255778bb9952b6dd1be63eea311"
-            + "91188a8057620d3a0a396dccc3e4ad11797a113492407b5038ed52fb93df9d79a96b8dca"
-            + "55df98f619e6447a7bdb94e3243cb70fc067d7e87e63d4855957c180ecf92980eece0cb6"
-            + "fec9643d98d66b6ac2cac8313a8e47092f63d963df6ec87c02fcf2bf14c7768fe3ddbd51"
-            + "fbc1321d968266ec524e12f2fad86e6df61e2b38011aebc31d86c6e2616cda44539d6823"
-            + "e73a0966b787f0ec97cde096cb4d96ce93f0dd59c5902660a0b72760c887fc8cc887c5e6"
-            + "591b8b1527a80e039fa85efaf9c146e744da525f41cde7379c0fbe61be15de8012ea00c9"
-            + "1ef0522e9c7f37792819efa1d18583b5afb8f93cf19268ef59a5c89f67d92a6fe5e75070"
-            + "579f0e7f50d81508c78cffc9ced04a3dcee9fe2f31e3153e37fc75f90226c1cf577842ff"
-            + "261ccb3923c499de877a7447200f7bde3077ec129940a69bb7905ee6359d969f20def3a5"
-            + "1edf5b63d265b65abb5e60f845c56da01fd251c76e9fb75e1d8fc91fe34f8c450fc4f08f"
-            + "a6291da634501d6a6ec5ab5aa9f6855852f8ec3d419702c4c84a1fcade037304331bb6bb"
-            + "735680eb30799eda5b53999d3e5941658935b8f289c296701b2fc6e546a2c5eaee9dd9f2"
-            + "c20f645136adcbb9e0588c5f1df68cb5409282655c124115af588693739d34b2c7b16ad0"
-            + "d8255c793c9b2319a8ac9382cf2c7c1ba6739acb1c9d6a382905872ebbfbda447bd773a5"
-            + "e7779c05d49cc9b458d2942d2f2d40eab65da9830d52bbb89d315deaa93b78f3b7fde79b"
-            + "803c3db01e0083a6d8d7fc7dce8e3850e3cf8104f1dd799b81dbaacd11a50ba8b02b2060"
-            + "90ae2d166f5ff1e8cabd8a4559a5e42ec3aafc370bbd856ab20f43871004f43c05ad0be0"
-            + "e3ee5737be57ba4fc831b877178cc591dbb3fea6e925b807aa1acf226efaedab4095b1ca"
-            + "2a2a816d3f46d97ea8fa55c7384fd05b4ac078909d446ab0eb5775320e8e7019cb44b997"
-            + "8a83131b72c6a89d0b58d5ee47459607324229c0868f8bb3af52ee107a2b62ba13a9c259"
-            + "dbd55563d033effcebe2216770fa8aa25d311c744a32f9e527ca4d953122ac7b9b2a815b"
-            + "3a0e02bbb223a7417e97e19f30c4e40f733588dc3d1a69e6da5b0e7dd6d2ab8c82ac60df"
-            + "b55a38ac1ce907a8e915cc8564c1d85b3d74bfe0fe6a1e483230cce75a9a8075bbb897f4"
-            + "ad2bf6d6841078ef43ed414bdd1ae9d6cf7abe4adb8579a4c92abd3c002875ea20228106"
-            + "36f0ecbf5c40e43dc9191710643ce06076dbd1d4aeb38702fa83da29cb567a20e60fb8da"
-            + "fb9552251f1a908ee260bebd8bd1f81aefbc2ecd389a499162aca830e81a60e62a1b3fee"
-            + "0e9b4cf07c2717bbc4209cb7ff4b4f0d26b14cf605a75497bb111a14de7e6fc3fa963960"
-            + "026b9b0db19c6f314c32efdcbd8ec9545fb786dbc3ca1dc1b4e9b1dae53f817c313829fc"
-            + "b43a3b7e7e783cd1fbaa63f2367c5d51cb4f936a84bc7ab004d4be3c137ceabb5252edab"
-            + "0749c067cae8a8ed3e85d160d0dd10564a9587c639121fd4139df98168356341a40fa321"
-            + "dd6e6e76ef65c2967b41e9f8402b6319f8cc5de2a1ec98ca28356a44bae39b66b90666d6"
-            + "213e34909964530189249e91e9e7b899247b278308766d780c4b77fbfbcced4cc39f1247"
-            + "7a266f006ece0ef8695473f108c55b8c1037f037a8f872fa4095b396735ef28227deb33f"
-            + "53928584eef27076fd3c705e114907ff995faf0538534bed514db765a9d209379b4a28e6"
-            + "2077d7a25c8cc9d02563e8fdd5c0ec6d3e7e59ff0a2684bc054a2a9f053ad44e0de02225"
-            + "95eb693d5e06b596a0fb5120a94266c66cc498806ddb359d6de1d7321550d64feca08007"
-            + "ed025ea77eb3ad0d1f2dd47d1dbcf2f6839c274e1059181634a6aa6c683c648c7397b608"
-            + "7e26ad7848e332080e51fef34236ccd8a21b670ee4b6e7cc90af38f2e03d8ba94cc1b23e"
-            + "58260fa0ad6d97842c97cfb5eb0bde115eff312e58fd92268cbeb6e9018c9040776ef4af"
-            + "99a437d995e8e204315212b93ce27d7134f0e11cf0aa1ea35ce02ac2217859e15d97d294"
-            + "4b83f3c2637f5d7da6787f5e65bc6d970c0ea503fd72269459484d7dbc0b386a9971c34b"
-            + "be78357553dabeb0e06a927059c4192a47d2bfc46d71988347d9402f09f94bf723d1fc83"
-            + "a86d80ec8608183f46e59dcda34e6051a8b69d57a067156d21582da03e986c0d01a67507"
-            + "0615980bb80d582697431af346d66fd0b936f15a5edf9e67062c4792f373abc0db65710a"
-            + "74b64a984e3b588a822c96ac1a0bd51ebc7cdea67a73582c26b2005c5b2e886b5cb9d1a2"
-            + "fe8dff7833da419763d144c14b12e0ca3df6e19fc9adbe734a8d7869a25d5f7684a24dab"
-            + "d73400feac894dbbf2aa75f9ea2d3cdfcb9666024cff8395bd4c01488081a3b0facfbf5b"
-            + "82c0c78e9801b68e5e8c5f0e921a587de219f2527911e3b60deffc6b3bcba00ef2e93e86"
-            + "6ecc01e23304ba4cbe362c93c8e8374da81f1452bec07c7f2a6ffcbc9c621f0c9be3c0a2"
-            + "b5880dcc748541e40ab2537940527dc2189528adbe0be9fd17e2704c29beba00b3d7a469"
-            + "e610cc262e0d4b9fe78099822e84da9ed66eac2a567da9ce7a92d8767293bd45a3c29c04"
-            + "7dc10cb0792b224b0eb5e7d590a74a44cc10098595189d3089505b48e4af0bf61780c20b"
-            + "fc82ee694c1ec4b04391a5a302b8529433bf1061db6ab2b2373755f5c6f4e49e3d244ef0"
-            + "80356270a46e94234890a4ada01a26860ae657ba7483a3069d61b2328d9f9b9e9239e726"
-            + "a4cb80bfdb760e8ae3e6d39d7e069e83b872bc709298505406f73de6c1134c6c76552ba0"
-            + "e0d60322476b983ea0f83a37e3c2aa04a95adcdf70144eff8ef4490862acf728b7a8dfde"
-            + "3bbb384e166eea0baba1a261b7302855e69e0c1dd7074e600616c5d987e5b3d4aee7dd91"
-            + "73eaf6d8b63d789b104249790566d942de3757f0b2f07efdfa02cd1ac37d9e0da9ab1e31"
-            + "60b8ef80d48a30d9195bb984f18241afb9e788d81b589a00204f9eaa424dafe0fa18e81d"
-            + "414400b38db77366292a2a202e26bad1fae0e61dbb314dfabbfb5c3bc058645bc03de881"
-            + "c5006c66871541546020c5b27a4cd122c7e61dc1a82ab347810e7751ec76a68c8b63cdaf"
-            + "4e4095e80c78c516e78b298e1d01384895f73f4be1a0fef2771ce52bc16508bb9d1ba140"
-            + "518df0c26e87af648e95d216e035c4af1a1f90c0465082f97d966f5ebeb68cc94bf7c608"
-            + "39ef39cc0dc8975017b02bd690dfa805fab9e8c02c1c617c760dc07c3576708905d266c2"
-            + "5aa0e926e0b0f972d1e4bbecb75baf734f74f939d1a6c54a9481cec48ed05aeabd071fdc"
-            + "accd724446d4aef8c9e58605d9353dfc445af6f9d4f0bd754e8c7173ab52bd3f5f56bf91"
-            + "efa253df4fe7167f72586b2f5fe49715b57571f95bc3d620d5b36d42fc81d4046e19024b"
-            + "4193080c347a294b852e5df41a8f4ca0828eb9ea267fc2ccad50dcd4e2cd14af2cbc6522"
-            + "32c40d36c4bf6ce0f0e71f7b2c2ddb905796a427d8985be173e1b954252df929a59ff559"
-            + "7eb4712d23280bbb87ade4dae58ac3177b553ef9469543330dc1d7bcfa5731e7a6f9ffce"
-            + "5739d1d82a6a67165b0bc29574ee3c7c77b7d36787199bf701ed373cf90c3de9f406c5a8"
-            + "c382f0e2977a3dba618bbcf828e46f148d6bedb9bde07166b6dff4df32c7a781363b793f"
-            + "9f11aa55fe8babbfd068d33466161a3d25fb8e393169647ab6de7e28b5b366c817e8b55c"
-            + "61360b8ef55a090391e4f9d009cc98ef87ffa51965dce5455f1c1cd68d7a8a38e06ec8f4"
-            + "ba32404842f6a0edfd3644e490fff75452ca7c0fa40c9fb1b5ed68888f44858ec4926c60"
-            + "745a49dac5232ae4cc8151c12a586c88ade23cd4088cababe20ef2b4f5986f6cdc809c18"
-            + "cd6808667e8e6e26799fdff35065e90217b0c767b44d7ae18d2c66f51559e1e440126b44"
-            + "8113cf99090fe73644f5ee34b44d3b89e7e08f41420ecadb0b6744c77e4c7aa2a8a787be"
-            + "35c431264b193404b358fee6513962683dd02cfeec587d369c3c37594b4fcaf75aa2674d"
-            + "7e3850d34054b46aae9069964b4c067d37f4f663e21dec921df78cbb26ae40eb3805fdf9"
-            + "cf1a4010db009f1a8d32e67aaecd0a15a54c27f0d16ecd4932809b492861a063a9bb5171"
-            + "79f9c4c9e16d3a413b9bec849d6c22123efe07c860ac4c21c58028d584f5dfefdec531cf"
-            + "5ade3e5ab6b4c7dcfd08d59c86524a0f906615042fe24a53a8ba8f9acdba1a537206732b"
-            + "64c50afbf251feaf5b94287db89c85b2bdbe71269cef67ff40f9bd13a97a018c9597d937"
-            + "8ed078e88faad09fcc52ff9e327bc316dc9f5b38f9f2c97a36ada9b57dcc85a0f6b75c1c"
-            + "04d43db1ed2d5b37002e4c44bbbfc44f6139042deff50c1ee90fb979178437fcfa2561ed"
-            + "131abfe476a3cf937ba9565637d239efe875088098d265a9abd2977f43d84828e010ac00"
-            + "88de136c791ef2bcf0db608b08b7fbf856e19ad699cf3f24459f5f29e5c8aedfbf50c0f2"
-            + "e258ee6322eda0c134c1eb8f800ce6e51e4458d809938182fd2d99b4866acd6d0208ccc1"
-            + "c7eb0393fdd6ad37a8655987c2f0dc3211d65a5e2586c58d66b5743b47c6b8bf0b98bce2"
-            + "30096c054d53e10215bf5c3f370b377a871ea9c5473d66cbcdb81f3a4ae07c20ec55d8aa"
-            + "7975a3a1ba41263656bc3ce30e9cd91084087e3826cbd505289851e9fb025df72c0338f1"
-            + "568c5d5f88e0f8e2cc74c019f412b9fe5911e92875e01550c1d3fae00bc1de65cb32fb57"
-            + "2edb3b37f4f059c1fe17c2b1a71a9c086232747688ec6beb1bc47e2163eddac447070141"
-            + "3f6d5cf4f8ee9b10de94aa8ab9674a728ed80254c44241591c6b6d2aec099ead36a6b755"
-            + "5f83ee5707a85c50aa48b16b975fa354ec409ad2a505241314812da2e89c445d79e79539"
-            + "9fef4a6c23d21d106e347630f83728600a7afd592b5f16122ee3bb77c030b45b88728acc"
-            + "4c64caec3e68c84c15212e6371102c5aa110e83315b4ccc3f3482fe2132e88458dd448f4"
-            + "29ba064027f02029822f2d8b715b014262a1ff26fc3b7fbb9ad99e7a449730e3028ab19a"
-            + "22c2a02659931b194628cb3225b74e72923db77e706b3a1b5038e11ca72ef5a2e4d9d849"
-            + "6321b7baa61a23f7256c085e2f335f5783a71bbf639bbe0de48ebee4a3282ca195a4b9cd"
-            + "7cdac434ab4d34a6252e103559c7d5da26adaf8b78ec65f7208d5ed8de17233317dfd547"
-            + "00de63e548d9580b0c82bbbc345242cc805a6d16c8c774ddde350e4f4a44dd65cdfaf461"
-            + "4bdbc2f07e7d648bfe75b208c455f78f33ef10c96e3c591b5fd6922301b9eff2741013b0"
-            + "3f8deffbae8a391be54fbf3adb2e82c821dad090e5d1cc4c1a9706f6c26f526b59ea5920"
-            + "bd5beb0f797fca552892c84f6e4217ee73940804da4a10bd1ccef2c69ef05d62e418f15e"
-            + "abed1a6faaa755431e5216e320e82e211bc7cca779a87a8c194cf34f7ac87282fb979300"
-            + "4140e16ff2948409418a885b4a5c8cdffa16ea49b60ea25d5f25fd90b100ee1adf81681a"
-            + "9fc8db142d729466325eea688f1216d209f2f58ed12a77d74708079fd959881ebae4a35c"
-            + "106c9996a396db73fd57fc6760dc7e77ec0a11ec6ed99796d84482e7093e1262796a153a"
-            + "10fd8cb1ae7d095bb7b5f7a14d06bb891756a1422662b346696b52b5ba7e55a6a15c8442"
-            + "dbba583bb35fa8ba9767b095c660f3586d20901e0cc8eab6b278c05069f4bc14f745ec6c"
-            + "448497e0c899752a8bebd7410611f7ae2f3bdcaaa437e6d4d5ce0540bcefbd9bbe97bb77"
-            + "52daa87d67efa06c96574a591508bd5f612ceec5637db28ac9a87846213a701642739a90"
-            + "702f2a82cac103a098ff8a7d83452eb0c73d1ca8be74434f96b5928fd5b80d7b9a295c62"
-            + "903bf8b891e499473bdd6fb81c0041cd1c4f2c0519624b7e6514b97dc46d0734c3da6b75"
-            + "baf6e9e1ec6a0bbd19f7584fe106f242cb33cf7073225d7f21ebae5cf4af47626a568607"
-            + "1fa535ba0292b418821cfc881921a44dcd8a1924d628ebcdf6ae2bcbecbb8fcbb01a547b"
-            + "ef79e7299f3723112deb17a8c48c13ebbf597aad43614774ea6b0d94a04d01604cc69a89"
-            + "69e20c46b4aa4e65c86e6d8f1f2eafbac2f6871bb48f5ba95be5070c2ed34e971423352d"
-            + "631b916740ca924e32a3e37bf3b562973bfa921085a8ef11c23f49dcab48f41650c2ff05"
-            + "d01ea7d6c8a3f4cc508caae16d1cd22c6dd9b0ab3b00d17964dc49a0a3cd46c6de66b535"
-            + "cc21859ecda555705d836625493f566aa5bd466bd608a80181fd332b48f4476c00541cae"
-            + "890ffdbd39e7b031b9cfa869ed6d164adcd209d28a23020ac2d84418f8902cef15cf88e6"
-            + "6a61b462db846c1c286a4ec0ddf72b415f6df41cd8a1f399a8929c1be3e33d557dd94b15"
-            + "272543346c474a10f55cc789090994fada9147912759976478c56f9797b72c0e8ad11292"
-            + "2d0da0134c32d494a648dddba3fd3ede4cce6dac13fe12eb73cc6e2caf3cf4b0f605d165"
-            + "13e327c4d0f259f2b7b74ef12bbcaeac489dda8d9221a67ac2b2e8f7e6a3fa26e0a8c70e"
-            + "865a702327bc643c509942133e0234958829dde872eb1b9563dbf8410690dcdd1c2f6b33"
-            + "3112d10d1fbc139e60d6b28be628bf0f6b4daba3f703b1415b83234404e40029244b0afc"
-            + "7908b9470c2761c57f7dde1c2bcf0ded8e8e582d1d55e16bb3c488b21e526ffe79674346"
-            + "a464dc905dfaa9e31f509c4e7674d0867b775a2c05df3d24139cb630aa3a5427c49a9a1b"
-            + "77a9e2c9e6d31864bf7421fb2444e65c0e82828ec9df8163df91dba7cec6c9c2dea44fb9"
-            + "bb76e05326e00816f379ded481ebd86beb8e31cf2cfd5414e9b667ee1df4bfc1325b4bc1"
-            + "960023b9be593a79d9fd77bdc4645dac8cdea884e8e91dc5eb0c566ffb6d5dc0c76f914b"
-            + "a1f906fb47187a2b51b18b5ffa9b5dee44fb5190cfb0bfe7b88da4940edf319981090a9e"
-            + "1d47a490f0ea0384b778231974d5e00fac373a180987419f520d971a4c62e8dc275ec883"
-            + "d0566059cbe85329ea7063d4d7d8bf3f43f0baade5693c00c1db1d9f1fc43fea35b0e133"
-            + "5ebae28d07411d27a010b7bf5fcd8a31467ae051e12793864c9f8c33a1bdc9c345e65a7b"
-            + "82ca1c47a8a7cf1cd5a394ca0ce47d0d3a92266a645d52ed6597742597b4c82e90439be2"
-            + "62473e9de0520fab2bdf89d1da3232c8d0c41a356c62486931f0fef50bd6c583e52e9db5"
-            + "cec0ae3a20c5ad66303648c8e92861ac62024dfe483a9636b2300c71c0a362b59ff0ad82"
-            + "ab356802d6347be916066bc47be137a745aa550bb429c8af3890002bcd2ec56d62c83a34"
-            + "d2c7e0d6985f2dd9d4c5917f659f2fa05f461693d012a25b24bbbde2a97557895a3d639c"
-            + "99e1b8d91c9dc356bfeda2856d8ddc9e8552b436202efec45c586dcf51c98fc2d0996b77"
-            + "c2c620e5692922307c7e37ae8180dff59d9b751a04b8e102f485fe8676e78f162d36940c"
-            + "b15a0371da7cda3312db6b22e068368f90b2cd7eab97e391867de4e93f57e897f90d23e0"
-            + "67de85417bb01c6259e56c2c2e4236246f35f0b30dbbe836c342ed5123fa68ea3502a772"
-            + "3d212561e74b1127aa82def3052b2050fa6144e7ff8c462410ab81f2a291ab09ce7a7aa3"
-            + "3e6a7a72080a4d3f0edea734f016077127c29a205d8eb1eeb2bf9cd14182ec2e390e33e5"
-            + "e8cf086a3fa0cf5ef1cf6ca9df5dbae8aa0651a590e2b1f8d7f8d97ca9c7041452916ce2"
-            + "78669e701edb863b7eb4841f43cf89e53f50dcc58446aa9c1c4807ae7cb6923ac35e6f31"
-            + "7f77022d3bec14d2380ee869c2a5fe784c3f2948a085e8691151f09f9e1e8482d24de7ff"
-            + "e55d7dea8636fd6e7d7caf6fbc04fbbae849b9a9dcf3652fb5f8933f062a44ec5f4118d6"
-            + "4cf44ffb304c1fdd007c3be159be6190304801e5398fbaf83e89558441aec2e939be744a"
-            + "cf9444e44579b7a4948a3d4f95c0763de6a44ea062aefb1d19202d0c8cb28767e9c8dcda"
-            + "f558200656de27146d53295bb10ccb534e2aeebe0d79f8f7f3e9efaa7c21b2274d3d63e2"
-            + "047cf0760fa4c697f905207285ae08faff5b49058e817d2445e68b4672cf14fa18de51d3"
-            + "d18ea2377b35786b93b9549b5d328e565a4d7ff9a91ac293d881925849bf41c9df7478c9"
-            + "8aeb9d7ae2955a514e8135d62f473a54a974ffce5afb935d3ef64070dc0dfa797b278ad2"
-            + "980381c7eb53768bfaaacc4f67686d04d0d213f6fa8c4269e7d496ac9703b3ef2670961c"
-            + "dd4bf4330bfd51cb6c5b29725b87ec02f83998c6f8794e95ceb68d2ba476c5ebe4727e3e"
-            + "f02780ecadfe1398caef054ecd302857fa7e08464c3e5a17f30925be183629472c05723b"
-            + "cd5cd903c83049401da96c0e27f50f43657bd4a7b142d52752a8dd75b7ab99f3579f88dd"
-            + "f2d065db84b413286a5756edaa81f7c6c16e0be5065c13073c7d494a10912a005b25807c"
-            + "baed97792be1b31c81176218d3b83f13f233e138ef791268578fcfde4c7256e718d33d8e"
-            + "6c8b8a1a206ad6b7e4eec170e185487cf119bb14afc356ac2acf3a0bc4b4f4f89c790e35"
-            + "3e58506b25ab38e957414880c5bf407fa07479d301594b141348301ac76773cab2673b57"
-            + "4357262fa6410700e950d1997e2bb603422a4f3948545acaad7fc20f7460b89656ef45a5"
-            + "8d2f552c671df53132cc308e6a245e081840a302c789297cce8534e568d7d5872caf135e"
-            + "df67b793349e4cfe9e89f19ebefbfdaad8553c0d568eafa64a21e44d4ccd121ac03c3df0"
-            + "ace06819f6ccba41887c14e8a1331b1f58cc015368e1fb2463aba6db95604373114b19b9"
-            + "6853ceb93078e345bf857b347823aeaa0c6ea2d0f0380bf1e614d70ca14069b75e5dd596"
-            + "f79a1adfd41fd6be048d50d1fe7a1cedbf49f2e06000fd3022aaec322fe384d78e0b784d"
-            + "69eb257a1b5fd07463d446b2be9491c79ffcab9701272c5cacb14a9a87aa46a920b78e47"
-            + "5bb0fcca727d7987c67c71091c4c9e639c536625955d19bfb79a57d49731dddf77c25ae9"
-            + "d2af26a67074536eb75282509ed6009126a88facbd12d159b073ed31eacc07cb1e8805e4"
-            + "1cee8e546343b2aa018520a15c58c515c4d6d4480b1fdf0fdfd4c7dd2d5124724d2ae3db"
-            + "ffead157c5e85d3420d383e84fbe966ceb1760dc29c65c7bf3b9f922b98b2c9e9bff5c4d"
-            + "a4c8a4cb1b9d6ac794278fba2f9b4e7d5f13d0fe524ef62600b85454ce22a23e64258784"
-            + "f67e74cb2b2e3ebcd6fceb8f830dce7fa8a067acda25cf66838d8e43a2b503c0d416af6f"
-            + "2c0380702153e6d4a95c4dee6034a855248c46b6c646333e4a0d40bef18dfef7a087b904"
-            + "d0215533087be78b695903406100d48e51a721b8c3ba3c833580cfb6580390bf329285a8"
-            + "afdc6e7cfa54641d871a8c116ca5761980aa4293207c74bb88a95642733b046c2395eed9"
-            + "143aeae81fd7d1b66d1b91ccb6d5fa402315bb496ba52ce381e4d285950a43c53264a56b"
-            + "9fb5e4e135fc229715889a89b3cbda934224319b570e5b452745decbaa8d2e4d4729624d"
-            + "37ebf5a331a3e3083525e9dc4aad677936183a600372b403c80a04feccb178fbde3826dc"
-            + "d275bb096b6429c8c0bacc09dd401c68df3ed4e7528a5e4345ab2d071f851f0468feff0b"
-            + "bbf361dbbefc076a9a6c740fe2dd16be72338bae45cf624bc00766b8ac51b2db11ef7d50"
-            + "6271a5b6c3c376a606e988c6881d0c1b3b968058223792039d0b1e9c849cc2b08214369d"
-            + "c0e91c8ea5b6fd087d1a0d71d6335eab4c9abd4645914f252e0aa7459071b0bdff263b89"
-            + "3c35d136493aa4ab4035e63ce50cd8392b98e0dbaef300b5b96339d08fc00809d593bfb0"
-            + "5d74d389ae722854e716599ee841fe41aeb34ee811ca30f189f175d8a06b5151ccf35ce0"
-            + "36a8fe18b3f97647a17e730f8220c5cb3b43580c6863639c7a43684bac602d20387ecf70"
-            + "f6799c2e8c4cb1cdeef1fc13c76bce9539928e5b860713a86d586df751cef82837fefda1"
-            + "a289da5abe79b77bde4e8f4b6e76e20b5507e632663ee1fdfef1b1d40ada4c97d14533fc"
-            + "97f457a929519fc611bb305d0a3b09b5633b9b7ee2200d97515d12813236868299d7c8b2"
-            + "83ad064f26d1824423ff8b70adae9b280ce3541753a6d94c3e8ce173ac14e514b287fca6"
-            + "8e28bb038a6ac0b2b5d949492243433c0b386e3076296e15760ed5786df4fdea9d6c4bbd"
-            + "86269fd48455390ef0af422b75f2470d57a4ccc1413ad77f0d2b2faf733ab3952a97f3f1"
-            + "8b8000acb1655bcd159ab8aaeccff7c4dda98bdbc6fcdc71c64f2d22d173191e42dbeb1b"
-            + "18c3f30cc26caf75b880f07aa0a4454974ac07de1e293940a179e30d31b29018f385d9b4"
-            + "1d0e4671ffc30bbf15044cb856e44d2553ae294f39917961687423cafa89761d113b925c"
-            + "4f6b21c240511c2fbacd4e086723aa930f35beae975df7fa2fef1c48790357d75b642364"
-            + "8a4f56d3a9ff26b85588a69a50325cd812b9fdfc70c7f16a78b5b13c2e11e78ca213a075"
-            + "e1ea48cff23b1b0bb73580228b1d16b311f90a33ba8e09a6fae75930d353b3c9b57b25c2"
-            + "be8d3962fd8ee81a168762d73fcd42f444228324394238d78626267e3b8145c73cecd6ed"
-            + "a56682eb495d13fb6de81ec70197b02c5ec77ebe30c07f0a530a31d66a36ae25041774f1"
-            + "25bfade76f33a985857c9b2ae7194dc43667d25e8fb4eac1e2d84b6137a64b5c1ed392df"
-            + "d430b66aef559a621a4e0c469e908634d94e39337beedffa41d7638d3dfd432faa157898"
-            + "2f32208038675a9d9846fd6cf2acecd22f72d07ad0fadce4791478780c1d8df0ffa59aa1"
-            + "a9e06827b053cd51b5a84a3b3ca459c31d2ad48d0a69782798308d1864e097b04e3a0440"
-            + "42520a7bbd8949ef7d8080ad396ac086ea1820600015d0224222b6fdb9d5f62595e486d1"
-            + "f59fc9e8d83f0bd777bd0d92bdcf1aaf28d4f1bf1a0add96a23457eb053f383cb0a61920"
-            + "0a7d2735e0d87e8d1f4af946895ff1933b7ecb909d85a143a78ad7d113bd79ecb880d7bc"
-            + "ef0633516e3cd91aa50d9254dfb1a8b6b85d648d9031777ddd0c5d6a7fd01727e89d308e"
-            + "1c1cfcb576332e0b1726b724c6dbe784b450d81d82afc417d288c25febc9a61c99f475f2"
-            + "b7b788dd988fb929e2f4538436c08038cab0cb3770f6cec07074fa23e2b20204bc865114"
-            + "203232b492e0681a31dfb3";
-        assertEquals(true, Arrays.areEqual(Hex.decode(expectedSig1), sig1));
-        assertEquals(true, Arrays.areEqual(Hex.decode(expectedSig2), sig2));
-        assertEquals(true, Arrays.areEqual(Hex.decode(expectedSig3), sig3));
-    }
-
-    public void testSignSHA256Complete1()
-    {
-        final String[] signatures = {
-            "006945a6f13aa83e598cb8d0abebb5cddbd87e576226517f9001c1d36bb320bf804a4744"
-                + "898d77fafd84eeb618115067f23f5f9d5d882269b5987de5d5428bee7784e049da83c891"
-                + "856b5fb20f17e1ecb6873c3a87e1a630e327b36981a5622aad6d9f5c557d7132a99e3c5e"
-                + "ffc1abe17560b3152bbc98a0dd701b491e62e281824c43848a0d958ab132ea905b4d5a0b"
-                + "f4f65eded991b01b3839cd188a90d76bc2b7e96be674af7638436b3a535dd0e8e3501e19"
-                + "34a674671cedefc300e7add098ee28caff5d9606f92e22c7769720f54aa4849528cd4837"
-                + "47edc348c81eb8f159b9e395166f34db8a19539dca8f00c1620a45920a1412a6ea88f734"
-                + "a4bef32d400b33bd98d97054a6c56dd93df2b3a316713f67aa59051405c5d5d19785fd47"
-                + "f6149e3993e2476c87dae826bed2f5319878cc8db6bf515022a5658b06e08e4900a93935"
-                + "27765d9fa852ae7621ce5aa0648413bba1c650ba3a82d1863c17785f4b65e3dee8c385db"
-                + "41331f6f1ffaa7fc0ca86400aa4bdae6fb713d4445ebba37b4423c30e601c567f90e3f14"
-                + "31497667f9102256a69876d47202dc6f734e27af4a69e44ca7959d50704b22451bb2bb8f"
-                + "8ccccdc46cee70c14b6afacd715aa25ad38801e0f556e2e5cc204c5a995eea1ddc65c385"
-                + "512b41294b5912ef3e4dc94ffac6294bfd7acf2415bf765859cd9fba85b8f451809f4283"
-                + "42e5b56097122f1fc7a022b8032971814761062634671375b2052b06471391653c5c3214"
-                + "dc96ef984a100d28521f2a28bc6d7132929f8eea1481ac636bfc728c9c819c193e98ca73"
-                + "3497c72fee51d5d822d75acf9944db04e5d1cbaf50f83550c6fd4a360cf30621ff2912cf"
-                + "72b9aecb43ee8ad5985c2241253d2a5b265e64af505d87fe317517e83a81fe07fe056fd8"
-                + "db3e41dbf48a161b55c5d47278c6f9c6f333fba22886632acb8c2f3ba8263052e7e9a0b1"
-                + "02032cd9de760e38764f3fb6cd3652eb548be64fba09caf0c6ecc065430a3c7a65810213"
-                + "e42253966b9a8ab1dac361021d0c55513586596462c99a1f5b79e8dff022ecd0d2338835"
-                + "6f8bd3d22b28307f96d84a3dca78deb2ef353a16b706df68aa468a8f9f69f97c9bbcd358"
-                + "fa980f6a356f1ff38d2386ee3060e63d104193a7eb3ce1aa69504f5fc565052e060f229b"
-                + "90c9a6ba81924aa582087c3c2719cbb6bac10aa57a5f487b9b3b433eb2bd57f90e156604"
-                + "23d88ed013033ec1fc50990df8f775721a40044dd89c0b5913d7e7711a980cb014d2a2a0"
-                + "07e3d9968d5e3454be6138badc5d9efe53eda4ef225b1fec37a555a7e9346007f9bb7180"
-                + "0d128f6da23ecc6babed12bad95b3694f19921f7135a37ebea09d83abc314c79cbf3cd12"
-                + "64029f713c79586c386dcd20e6b18c1d7bf196dc7bd2154baedec9d9ebf262ca81bf7739"
-                + "ad02cc6fd58924d0f526bc7da6cb7501dec26ccbb61248830ddabdd60df3a14b4c0a1d45"
-                + "5b24c47a784a8b527a7c39ef79d08247b9621baa7d29ea8d2eacf77f787c9d028b95c7c8"
-                + "aae0ef9153fecb980779fb5bec3015caef9f5a6941a778faf418a0dd4da88c5b10e8c651"
-                + "08de5f2b00ce093c50bdab5dda9bb571dcc88c06196f1ac23feef71feb5940116a7c4842"
-                + "59a214065afdcc4b56440a5d5779574882aef274dde27f411967ce80e511b1870d2765ab"
-                + "31ba5a096e2a1596a1b06cbe867be177213d920fe60bf08d22b4dbaf8f2b18409145ca5b"
-                + "b8f8e1bd87cc2cadfeef75743affdd3288ad8b0890c472d783394a85316f08e722f8b91c"
-                + "a88c8dbfb764e81c2d7f71521c339a4467bef9a786b5bdaf79e9042cef62b9e49023440f"
-                + "e37e4e4e50924275c2977f48a5fba67e901aafa9f9c2457030920fc5f6848c6f637f312e"
-                + "b11264c2f9928dcb697a308ed8fde7091720a53f1054cb824bdc8d6e44661c3d3fecfa0d"
-                + "4037f858a5363300d76b44febc85ce8966c014579eb6905522db9b679e29f995b36be3b9"
-                + "412e4d384db76c6764748f7c5361750d1f5dc2d8aedaa39f2d58aa6559fae1f63fe85cf8"
-                + "67923bdb2643716e365fe04a507a3cd3518dfecda3e51b861090dfce7d7c1b3cc6f0fdfd"
-                + "9b64364c37f9f1293fa60c8f5111bc21118932b0a7223fdb680aeabfed18804594ffdae7"
-                + "4d289c1ea58a33cf3ab8807deda2c9e1d39eb78c44e53afbdf0deff99b308cada91a327b"
-                + "6af600e51ad6214f4d16a4d5e0c2d84ade4bfa973dda97bfa8081b1cbd453e3d1fe1a7cc"
-                + "582ac459eb4ca25b81586d17b5dd50f7fa4e015073871aa935b76730399ceaa99b71ace7"
-                + "1d729742d95ce95a93b699ce1a9aba27adc797438742ea8910059867c28f6e5725b66c8b"
-                + "4ae938ab5fde7e1b9b8799b5e5fd0014437ad01691deb6e970fe429d0978a797e6b973c9"
-                + "0cbe55f57f28674e11c0118297f7fba8f400d40f82bfb61abffa766ef724547a9fd5d2a2"
-                + "f64d8bb33d53a7187b27f3310c0c772a93c920cf17b78726a0f2736001c2d7950baca885"
-                + "e2a212a3062d8ed9c4c4bf8060d4297133be148973bc27d6e3fd2d7c489a34cbe3a9b7c4"
-                + "6de2a6db68aa2229f8985c832ea2b9b73177013a69a12f1f0f5e502537504675fa47fecd"
-                + "3b27c580f7697d47e02235629824b363c348943d28c50fb200c8fbaa0e9b801d692112a3"
-                + "8cb125398b5847776b4cb0937f857f69ae3c82bd969c9e2a51954af0bc9529fc180f2155"
-                + "f7f94fe79799ff878956a51dc09edc775da42908b94b2ad3ce16cb2f994b5486b332caea"
-                + "b4409d47f6c39ed00c4c5d460f44708dde11c6fd26e1237581a2c6b81741446b0144fca8"
-                + "603ead4acc7f49a261e1ecfe797203f607eadb54fa5765542d39de25d0b2b3ab04411b03"
-                + "4b31eb324c00f013927b24c33d70525f410498be2d7358ea01474861341c508622cab0f1"
-                + "663dcf17beaf051071d6545190452d78252d8968b0d8cab0257bcf0ca1609c7a99189675"
-                + "c5e67460c3e20da7c2ccf55c8e447fcd46650ed010085025437e7f64e396e89cebc106e7"
-                + "bf6c54b886c8197f19d9a7245be704ef119c787cda0d632c4b6e3dcb165a2c22b075909d"
-                + "fb80e26fdb08bd57ee5222ec65ff19b344e0e81477f50e2b8719d1d9a3c1a55d5460711b"
-                + "88eb4f2c8df8d17d38832de9d4251142aa2cdb5a9d81a0c7a98e2c3c95bf96e73c68c78d"
-                + "467186eeac1dffce3853a6a544a1331bf650758d64bb8fab1104170824894fdd8a284d28"
-                + "1aec9d627055bba150d47c43ac58f099040e06ba3fcf42a08dae32984bf4099c6ae94670"
-                + "013f2d14375d9b56e64c069c67ab3e15658c8336d1b7327f83f8e5daee3ddc76b369f3cc"
-                + "354c7a4685852cfd47e4d8724090d5d629ed3c2b672c61f2a0d14c178a4d9eaed7fe9d1d"
-                + "e7bac3ea2d8d94148694fe1993770fd56de255b75ae30069d3d93744fe7f82d106a54784"
-                + "329a4c73c548232dbf6bae651655eb3b3f62c85f698f0d86655d01f65d3566c9d2d3fb59"
-                + "42b2e3d846e173417f7a8c57ba38a7fd443eecd76fee81a1520c8e9e660e75b23eb7ece5"
-                + "88a577fdfcf06e09ef5c9a99499d52a1310358893639b5b346ee21d1fc2ce91619be31e6"
-                + "1c5f7821dde339476055039cc1a8f045434bc512ff74fc75e451aa20c174ee7a5fb6f686"
-                + "04830e72b903c957fa86dead167fe8df5cc67a3411f6e44a2e96ecdcc314cd6f7c659021"
-                + "8da02182c16ea1c87fc258f30e4c3368fb924a6e73738c2e534832855d8ea0cd1c002b89"
-                + "01cb40b66c7e3646b1dc14ed70da0e3d8a120bbc1eb4e4d81003c7ee2464cfa9169b18b5"
-                + "290cb0a443281ef3ec3bd9e6926c778f15320876cef162a07ba8cc6e61216e2a54d45d7a"
-                + "33d361bae1839ca8e62b4b4e4905b216bdccdb167807f137eca3a98a68d2b5e21fb8f0b8"
-                + "bb275f5b551ca77373066a7fbc0b8fff4969ee54e5e4cb946e8d5163e1b65fdca260915b"
-                + "834794419117c2614f0c835522a77a19dc3127378eeff43ba94689b2177801b00f2fac68"
-                + "61bc1b461dee1c53e5861de9a21f5eb45f87dcbfdb8189f972ddc970f98d903e5d08f9f5"
-                + "663cfaf400ccbeaa9777c9ae178583ee09b5a88a6f970d527658322ed87f1c8d2cb1df60"
-                + "07241440221447b6d9307c978cd964d90d076d516f02c258bcf2eaf6e7720ee365fbbd39"
-                + "96342d2edeb87b8ce38abe9b3a51b56f92384c3d8e3ad9770be26a60af23095474a368ae"
-                + "cbad10e93b8607500d2553d07b52a3cfb6b9d13d98fb5b5a4916d89849f0f37ae2290367"
-                + "6f26a1b2088b4912dd62f17f05f02e45eebe33a0b514412c18a6e39819b3e92f7c2901bb"
-                + "1dfc375e927afe468993400da91c590a19ebe5b8047d2780176b1341928691cd8ef916e2"
-                + "f8bbcee52d02aabe5a1155e186bff3af82245f9c5f24a647662dffb193f3f0a11006a05b"
-                + "7e9fb035e55b4cea67db00a65daa87ad8a64fd37e17150e73cbc0619a09453201789a655"
-                + "884002fd6e93aa49513a914fe5460bc4804158ed90231c811b928b5064c36ca9bd29e8f2"
-                + "db2ab992fe32abad052bdff6a16f2a6a0e8babfa68e59c862ec7a1c2554439c735aa1aee"
-                + "b9dc98b58c6a0269785f54253bee831361c3140255b755a8c42b978edbd21c99fdaaf736"
-                + "90cfc684e7885fb19dbbbe90b108fcae3748d4421d9ff44bc9ea2b4f28d5ae451a89f7a2"
-                + "fe184ede5e448acf22de728ab6e3310802835869ccf772bfa5c9794978481480d0522aa9"
-                + "7ea4a3b7636c53da9fd390453158482fbc3f9692b4e6a8c7530d6b2c3546da72b639e4be"
-                + "34991d32035a846d074a040ffa6d39610593fdb023188f9fe238e392c9e6687b2226f467"
-                + "78b1d378a306332ecabed3546867108d132cf51737d0513c91d0bd4db23e2157abe891f1"
-                + "25518416f1bb70230a1e629e948ab31cc03c53cbc2eb5f485b8868490243b9e37533b522"
-                + "6c759c298ee10aaf083ed7ffea7573fc4e7ae46563229979e8bcae0ea5ca6bee5f7d7c7c"
-                + "1515056df6db5252d043730434d4900408dca27fe2628847002db7671dcf1f959fc4b7da"
-                + "3253c62dc0b680a3854070d321aeed508be02cbb51e4f23734d337c152ec688ba863fdec"
-                + "58493e03925913fe0214cc1fcffb23f0fdd6ff13cf98e9caff86eb89a3ed8412b0e8212f"
-                + "04e83c56181e80df54f3d22753de597ab1800784cae7b55eab78cfaf6c9f9e6d587fdaca"
-                + "3ce632ef17d03411f34c6bf05707e957c7d2a3a801961d9dd44c1affee6c6274f8c4ea78"
-                + "3492dfdb6cc0e3a41e40d66e3e173ce4f1feb0ab3b12668b9670e3ed64872ac5c26fa422"
-                + "ee686aceb1a99e89dbbb07cc61b945389e76454d7feb4690d5a5785958a67b8f018f4df3"
-                + "17ebc3b9343aad88cc9072abc1d0a0bf9b39a0513a85ded70261b4dc5a30c8b776989e13"
-                + "e6232a978ca50954d9f7caa964a46d62eefc8c448cefd16f2bada187d674cc4aeeae5af5"
-                + "b2063963a180c41bc0fe3a82be90bd08aa74abf08a588cd2dca2e2d256ef5165081a1068"
-                + "dd608d722c42ea612f394df8915af997ef54e95be44e401948131c23637153174b62743f"
-                + "e5b6b104bb01b3365a82ba4e4ded915bbf9b47675936feeb9198164787ea2c97164286a4"
-                + "da425a705cc553d575641b7970333f334f44462f8cb9bb0969d7a35d3a2091d63735f651"
-                + "ced99a2f5edf917841b3d2000ad65227f7f226a1220d61a062fe981b699153f57522726f"
-                + "91924aae820689497df4fca303a7a2f02ed762a75f083f261d144c7d937cc8ec9825875a"
-                + "6e9e1fc763373ebd097edaf9644a7b3d2355fa5b69172a26a4af6587626e3c0d9ae0a4eb"
-                + "982ec6bc3353c504baad39f51d5657e32d760dc5ad35582c44b5aa78130e0ac01ae32be6"
-                + "41371a93813755cece24eab2339142748c055a31e13f1529e5ddd0924e92343a5280bfd0"
-                + "5f3a44d116fe436422b470075c05b5eba896848ab73579515e1c2a2b5163d3eebb35accf"
-                + "e3cc0242c6b90ee2a4dc99ea534147d317112dd2ca051f1df61aecedcea981979341a6b1"
-                + "05952988fba768bfddf4d8a880091ac114a4fe137a8f0856f5521d27cbb628cb6c8c5fe5"
-                + "a307966d8531f3316e2770d883bf0186d1debc6861141633e3c2d1f4fb62b2d3b16a9eff"
-                + "6c71e1ed34de8660731439527c7ff66f8994bff0919298818b7717197f0fdd5470f4c123"
-                + "3c3eaf66ce632cbbf501148734e7c58022be9f515d9dbb3fa0e1657082799c268724db4e"
-                + "2d534a9bd6e243efc22a749c97a53e72d8f4429423245f625164a060bdcfe1a4cb682a2f"
-                + "5f08d9fccf05b5e38c9882b49a6ae467b8232f1652fbfa90c66190fbe8f7debd0653fbff"
-                + "088a039d833f9e98d853648543bb60eb4ed5c4e3ec2c0480a7b2fe85c324c4869aa01b67"
-                + "a73204b8f0cbaadb040ed9dc55385c60d342f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "01994b105a9224e5edcbc265ef0a76939005cecbe87097134c0b52f1d1a41270c299747f"
-                + "908e53b302e4bc0117975de9992ad3fffbea32b86ecab009951f08d2d830f850796c3c67"
-                + "ffbf48f370cd19b6f8d6baeebd2b8b13661dda7220559e211bdf5c480847e3c00fa13252"
-                + "edf3da2441f05e9d4761138ddbca836cd39a2f444e87aa676c266eb2c251742b59129c16"
-                + "4ae1776547db60fcd71eb605e798de79fd48b54736511b7fe1b561eb28f0c316ae7697d0"
-                + "65384c5f98dea2dec130352181285786b091f2b166383c55a58a7aad54a1520a74a74515"
-                + "aef636deb77b9fd8fbc8cd982243d503ee360b84303623d9280f9b379fb8f0183e3a7f87"
-                + "698db93af07a79469b25d0c90c79f389ff1247a968056b8e9f6c123d0c3455f41c786726"
-                + "6f4d035e01580f0f861b78df39f21fb4448e61c9a30baa20ac8694ce84606c7e6322868b"
-                + "0dd3c3439f7c01d49603b5d56f27dfb5316ec1376583d578be061f88bda49568d71f3b6e"
-                + "1d72013fda003781c1e3f7a2d84f0a5dd3b1a06c56cfaf64e6f1bc1ce02403c5b0f79300"
-                + "33dd6f813ebac9335865d03893d99caae239c17ff9ede587d58ad0042357ec654e1d4992"
-                + "ca85fe67435e94f7202678f4a0bb5d98066a8c34a617dfeba3d60bec876f6f06f5c0bb6b"
-                + "b77142cdf44021d5e7d44e2fe34f4e72ee73e6cd68d4cfca61e8e7caf64230fc9b270dca"
-                + "d54de7cbd7c6deade777a292088ad1c76a79b0dcc26f4080aa39967db9dcd659c2ec9ecf"
-                + "8f5a7dd0abe0dd74b99cb5cc9a17517a053652a8afbf8bd56a76304071bcd9b0ad1d0df3"
-                + "6f65f17338b83aac6fd9900b1ac613c3af74f327eeeb749a53f6777d0f5e71f529c54346"
-                + "5bfb2966874561c246ef224d0719aea811b63a91191990213cbfd8ae46fd0b9e1085d56d"
-                + "7ccc968bae0dc0d1f94700f788ce48449a90ab4c2727d14224b0d2703e5b220b62862da2"
-                + "af2cd7eecd7d4483246ab87612bbe1401ed07decb7337efee2b50bfb0690e1d76b81003c"
-                + "0db62b9be498aa11731c0186bd68c30566c4ff56957ae29cbf197dd7a218d753541c2f63"
-                + "2772219c3d25c2e900ff7d685d4c3db753eb15eace8e4871f2b4a49d7e67b0bec3c8f649"
-                + "c46183ae53b516454b04e1a3f3a854de28469ffd213b783fe0128a5c12982d2993d51771"
-                + "97f102d4bd26d932ebb0d5c3fc6c93a57e185fb719e3449b878ef63ec3ecda13b385bc82"
-                + "0568baba5a58524e2da63a0628f5ef530b5823312f0e3cd0270ba3928d95e89a13975979"
-                + "319554c204d4e893fd7dc3d59d14fe806a01896f7b0fd7d445dacc08a39b79df765ac64f"
-                + "c2a9442ec286422e0af685e1ab72394934ee2dff1801a58592ac207a9f15f32db4802e78"
-                + "1beb41be0b97653f1c36daffde0345e6b74fadce3ae24d7ffab9efedb9ecb5cba9592825"
-                + "b605d379a3b32f0200145f1895de8322ed32fc26f338718d55a8e278945c877ba42c462c"
-                + "0cbdf7975df9583be83a2db540d8d9fa6ef2db037c63cdf6b6f42ecea0f2a1da1b4d69ca"
-                + "ec25420fc842a4c57fdb3394886f8d1cef3ef6762bdc6dea1f93446273d2f6926a920d64"
-                + "1f58c742bbc04827384c6ae02e96ed314d515903936a3dfe118ab5b391325cbcf3c8b020"
-                + "df1db6fc5ba5d3d6888d64bbba1cb963466baf66070edf20f31af6d24da2244ae329c147"
-                + "60b1f36b137c75d9ae4bc5f26f7c747fc373c20ac4d4c038587e1a92dcf60708752da440"
-                + "5f242b9a024b9733709b4125cefa5709b210dd5a96178af6bb017ebf8761e91fdb27f189"
-                + "afff065ad0303ee1340b62283de4604f329643148fa7b92faf985fa64783323895cd914c"
-                + "b6c88c9f1d58baee856151e1bb042fae4281f10a9d8089304e7e05d8420197caa981907e"
-                + "609993ff7f4214327cab1d64d0bb97febde0283b3a7cbc788bd2a73e70f7f4495c380b4b"
-                + "8a2a49a53c0042ca04b92ebcac3aace002cea307286cf66357e5e097edf4a50b8d14f56f"
-                + "d26a2b22d061ea4a33d54472be18efdf9a587cc6e93ca31ca010d7389593585b77c6df62"
-                + "a97e7d0d9d09cd1c397a5a7299c13dbb449f8d54d1b2eef2eee0d659d0c94a8bf7b3c5da"
-                + "71fe6713b51a6fa17a6f0b2caed679a15ff38ef120df61704119d0cb21d6a17a15fe5393"
-                + "5f317e5b77479c4c18eb2f9dfe757f87094cb430739e23ee4066644a2232dd8b0b140e22"
-                + "5dbb8914622a4fbd1461f46dce6db746e716328b56e38e166e48d873ae6a1f7c08b4050a"
-                + "afb4b21f992922fbb30c0c9d9d59586036003d2f2d2cd78574f7f68e2f48833a61574a09"
-                + "7ca3ffcbdf688d217619ebfc5b5f3ba1b2c755c2f702eea34bd6ecbe7d3e1dbb0108152b"
-                + "c8822714984cd750a09520ee27b090a28a7306fb1aa76f5235283013bc3fc8734dfe644d"
-                + "31514cd1517a05393b5342182ea2b2cc2a9fdbb502e2c2ec2dd4ff4e84fbcb28e3d8c07f"
-                + "ebc2301119fa36cc1124e08d4c5e3744c0a1f9421bde2b81a2906245c830a086909f61bd"
-                + "3c205219bb0f63cb42afe6517db96f3f5d939cf0ced8d8a7ec2656c13230e998b04aee35"
-                + "673d3b10acc64588e0d3e74ed61f8ca878fd3b2ae919659e0a01783f9c3c228a1c24af30"
-                + "ac4f5cce260de21bcf6879e8eedca12908e6440f3054d0fb69808401ae1df88fee5ccea1"
-                + "876aae0960860bc46b21504c4ddad287a4b51dbc0490d1c948f8c95d7f793f5f64913561"
-                + "38d54641476fcf4fd0cc70a2e8e1343c5ed6f0d49f2679a9c12836a33d11deca674bc60b"
-                + "01389316faf9fdb093f64937f134a3fb592d40b3f6af83df06e834ba00d9eb899506be4d"
-                + "9bf25871c00395c3e28cd168fbd6c6d4e146f5bff31c8876085bdc09663fb8387378293a"
-                + "8dad0f93dd623a2db5537210b2762ad77a51ed8bb9019185c001f9f1e0de6fa0d80fb23b"
-                + "2b7bf8e523f711e0ac88d3a98a64156219a59f5c2df88a61d37eb05bafce43524857313a"
-                + "22a32b58d2b68fbbd99fff526793ab2ddecdabac479b14dad1a5adc3c5e82a34f307277b"
-                + "9a09c038aca00a99ff63060dad783e060e4cd9d59c9f340e78488b0090ef1cf16991be0f"
-                + "f81271288c9232be17b7d604f875dacfa6a5b2d2934fff8302e88ee8c6fec5456a05676c"
-                + "14a53ca7eed5485f4e4ea42198251142aa2cdb5a9d81a0c7a98e2c3c95bf96e73c68c78d"
-                + "467186eeac1dffce3853a6a544a1331bf650758d64bb8fab1104170824894fdd8a284d28"
-                + "1aec9d627055bba150d47c43ac58f099040e06ba3fcf42a08dae32984bf4099c6ae94670"
-                + "013f2d14375d9b56e64c069c67ab3e15658c8336d1b7327f83f8e5daee3ddc76b369f3cc"
-                + "354c7a4685852cfd47e4d8724090d5d629ed3c2b672c61f2a0d14c178a4d9eaed7fe9d1d"
-                + "e7bac3ea2d8d94148694fe1993770fd56de255b75ae30069d3d93744fe7f82d106a54784"
-                + "329a4c73c548232dbf6bae651655eb3b3f62c85f698f0d86655d01f65d3566c9d2d3fb59"
-                + "42b2e3d846e173417f7a8c57ba38a7fd443eecd76fee81a1520c8e9e660e75b23eb7ece5"
-                + "88a577fdfcf06e09ef5c9a99499d52a1310358893639b5b346ee21d1fc2ce91619be31e6"
-                + "1c5f7821dde339476055039cc1a8f045434bc512ff74fc75e451aa20c174ee7a5fb6f686"
-                + "04830e72b903c957fa86dead167fe8df5cc67a3411f6e44a2e96ecdcc314cd6f7c659021"
-                + "8da02182c16ea1c87fc258f30e4c3368fb924a6e73738c2e534832855d8ea0cd1c002b89"
-                + "01cb40b66c7e3646b1dc14ed70da0e3d8a120bbc1eb4e4d81003c7ee2464cfa9169b18b5"
-                + "290cb0a443281ef3ec3bd9e6926c778f15320876cef162a07ba8cc6e61216e2a54d45d7a"
-                + "33d361bae1839ca8e62b4b4e4905b216bdccdb167807f137eca3a98a68d2b5e21fb8f0b8"
-                + "bb275f5b551ca77373066a7fbc0b8fff4969ee54e5e4cb946e8d5163e1b65fdca260915b"
-                + "834794419117c2614f0c835522a77a19dc3127378eeff43ba94689b2177801b00f2fac68"
-                + "61bc1b461dee1c53e5861de9a21f5eb45f87dcbfdb8189f972ddc970f98d903e5d08f9f5"
-                + "663cfaf400ccbeaa9777c9ae178583ee09b5a88a6f970d527658322ed87f1c8d2cb1df60"
-                + "07241440221447b6d9307c978cd964d90d076d516f02c258bcf2eaf6e7720ee365fbbd39"
-                + "96342d2edeb87b8ce38abe9b3a51b56f92384c3d8e3ad9770be26a60af23095474a368ae"
-                + "cbad10e93b8607500d2553d07b52a3cfb6b9d13d98fb5b5a4916d89849f0f37ae2290367"
-                + "6f26a1b2088b4912dd62f17f05f02e45eebe33a0b514412c18a6e39819b3e92f7c2901bb"
-                + "1dfc375e927afe468993400da91c590a19ebe5b8047d2780176b1341928691cd8ef916e2"
-                + "f8bbcee52d02aabe5a1155e186bff3af82245f9c5f24a647662dffb193f3f0a11006a05b"
-                + "7e9fb035e55b4cea67db00a65daa87ad8a64fd37e17150e73cbc0619a09453201789a655"
-                + "884002fd6e93aa49513a914fe5460bc4804158ed90231c811b928b5064c36ca9bd29e8f2"
-                + "db2ab992fe32abad052bdff6a16f2a6a0e8babfa68e59c862ec7a1c2554439c735aa1aee"
-                + "b9dc98b58c6a0269785f54253bee831361c3140255b755a8c42b978edbd21c99fdaaf736"
-                + "90cfc684e7885fb19dbbbe90b108fcae3748d4421d9ff44bc9ea2b4f28d5ae451a89f7a2"
-                + "fe184ede5e448acf22de728ab6e3310802835869ccf772bfa5c9794978481480d0522aa9"
-                + "7ea4a3b7636c53da9fd390453158482fbc3f9692b4e6a8c7530d6b2c3546da72b639e4be"
-                + "34991d32035a846d074a040ffa6d39610593fdb023188f9fe238e392c9e6687b2226f467"
-                + "78b1d378a306332ecabed3546867108d132cf51737d0513c91d0bd4db23e2157abe891f1"
-                + "25518416f1bb70230a1e629e948ab31cc03c53cbc2eb5f485b8868490243b9e37533b522"
-                + "6c759c298ee10aaf083ed7ffea7573fc4e7ae46563229979e8bcae0ea5ca6bee5f7d7c7c"
-                + "1515056df6db5252d043730434d4900408dca27fe2628847002db7671dcf1f959fc4b7da"
-                + "3253c62dc0b680a3854070d321aeed508be02cbb51e4f23734d337c152ec688ba863fdec"
-                + "58493e03925913fe0214cc1fcffb23f0fdd6ff13cf98e9caff86eb89a3ed8412b0e8212f"
-                + "04e83c56181e80df54f3d22753de597ab1800784cae7b55eab78cfaf6c9f9e6d587fdaca"
-                + "3ce632ef17d03411f34c6bf05707e957c7d2a3a801961d9dd44c1affee6c6274f8c4ea78"
-                + "3492dfdb6cc0e3a41e40d66e3e173ce4f1feb0ab3b12668b9670e3ed64872ac5c26fa422"
-                + "ee686aceb1a99e89dbbb07cc61b945389e76454d7feb4690d5a5785958a67b8f018f4df3"
-                + "17ebc3b9343aad88cc9072abc1d0a0bf9b39a0513a85ded70261b4dc5a30c8b776989e13"
-                + "e6232a978ca50954d9f7caa964a46d62eefc8c448cefd16f2bada187d674cc4aeeae5af5"
-                + "b2063963a180c41bc0fe3a82be90bd08aa74abf08a588cd2dca2e2d256ef5165081a1068"
-                + "dd608d722c42ea612f394df8915af997ef54e95be44e401948131c23637153174b62743f"
-                + "e5b6b104bb01b3365a82ba4e4ded915bbf9b47675936feeb9198164787ea2c97164286a4"
-                + "da425a705cc553d575641b7970333f334f44462f8cb9bb0969d7a35d3a2091d63735f651"
-                + "ced99a2f5edf917841b3d2000ad65227f7f226a1220d61a062fe981b699153f57522726f"
-                + "91924aae820689497df4fca303a7a2f02ed762a75f083f261d144c7d937cc8ec9825875a"
-                + "6e9e1fc763373ebd097edaf9644a7b3d2355fa5b69172a26a4af6587626e3c0d9ae0a4eb"
-                + "982ec6bc3353c504baad39f51d5657e32d760dc5ad35582c44b5aa78130e0ac01ae32be6"
-                + "41371a93813755cece24eab2339142748c055a31e13f1529e5ddd0924e92343a5280bfd0"
-                + "5f3a44d116fe436422b470075c05b5eba896848ab73579515e1c2a2b5163d3eebb35accf"
-                + "e3cc0242c6b90ee2a4dc99ea534147d317112dd2ca051f1df61aecedcea981979341a6b1"
-                + "05952988fba768bfddf4d8a880091ac114a4fe137a8f0856f5521d27cbb628cb6c8c5fe5"
-                + "a307966d8531f3316e2770d883bf0186d1debc6861141633e3c2d1f4fb62b2d3b16a9eff"
-                + "6c71e1ed34de8660731439527c7ff66f8994bff0919298818b7717197f0fdd5470f4c123"
-                + "3c3eaf66ce632cbbf501148734e7c58022be9f515d9dbb3fa0e1657082799c268724db4e"
-                + "2d534a9bd6e243efc22a749c97a53e72d8f4429423245f625164a060bdcfe1a4cb682a2f"
-                + "5f08d9fccf05b5e38c9882b49a6ae467b8232f1652fbfa90c66190fbe8f7debd0653fbff"
-                + "088a039d833f9e98d853648543bb60eb4ed5c4e3ec2c0480a7b2fe85c324c4869aa01b67"
-                + "a73204b8f0cbaadb040ed9dc55385c60d342f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "029200f6d2d656430e2c49eda24923d91c484885f9e626e8e76cad5fd2f7d875cc8e3038"
-                + "926c4b98780fd65b4a33c723d041c203a9e1c5c4bf2739b45d5840870c72ca7ccdcd6916"
-                + "d5e6b5fbcac59fc5b6c05b1559b7893eacb5b48d8dbd5120c2ae99988b49d7c580ca3ce4"
-                + "673f8700b55de80c0dc68b914f800efba17bd6baa3344858712ec0cdf54ba393c71d69af"
-                + "46d0f65640435bd0200e943a27ea01152bdff5aba3abab82b1a2dedab39d9f0bab23407d"
-                + "a278fdf6ded66ff8285473a9fcf43d566cbbf92bd7c45cd3a56f52223439bfe06a8b136a"
-                + "a35c76381ed5576e8e9da70f0fa7919b3d1445abcae14473558434a927c009d1568da24e"
-                + "3c1d93256a50c794af5d165e432d777d7b83b40663be13b990c85e602d9ee85e65f13a96"
-                + "d203f0d3abd11fcd7eb17dbad445d7d13c94d3d75d3cd0dea624e231e867a2f1c2370aaa"
-                + "f4ea6dcc2b226beaab6b814e7021a6bfb9536aa4745a09a375468a450c990d9fd04315a9"
-                + "61de8bc1d2cd717a4848cfca8f8e331e97ea3ebc55cad91355ef793bef8ec9436397b959"
-                + "559560706d1b792d3be14de924cc04f71d99e0e3163cd41669467b781f2759ec517a58c4"
-                + "b7a11ca7d13142a7a5be04f87cebe9827a2457cf41db224cd508a5ffcde62a2a54ef967d"
-                + "12991ec9357a57333098df55239d2a2ba42e84fa80cad014d04b138014767c5be3877a6c"
-                + "130a10f9f5c8e83ec65628de86f6904f7dcfa79686e38922b40d656f54e7b3e8d8b22fa6"
-                + "975037cbc50ef71e06193ffc698a42f4da29427c74564bdd11dd3d32803d6007b1cdcc26"
-                + "dd3095df49e3dcf05fdf4905b206c00c4bf7a8661adbe20b04f8a31134e2f386ffde1cde"
-                + "c317fa5aec343d0c832a754c5348b1a1c89e79a57135ed80c4f3ac3eb0380c475b80e7d5"
-                + "e4f3b3af94bc599e34cba6cdfe390497f5b9e9eeffd54587c0ab05606b1c90ddd35d1e61"
-                + "8db21d6044b214f8453faa84225a251aaafa4df78b27067c877cb428f840b3199fbe73fe"
-                + "1c120085cffaf86a00c317391f30312209e6d9cb8b4c813115dd1fa0517928be1aa4222b"
-                + "9f64f6ff8eb01dc2ddcbf758c95d7c077be001d182daa82b956c473e32d2ec75ba61e998"
-                + "b10ce5ad205b8ceee821f36b2959f083749d924e7779fe7d83bc6146812290822579bcca"
-                + "0e8b3b550b21214cf1e0e5c67b352075b9c5628756376feb6aeb779d2a59352c5a2a8521"
-                + "bc20fb2cbda4c3953983c56394a20b9004769ab280aa5effd5dd6c0380a077767c318e5b"
-                + "f07fae3392b1cd42a5c4f29b906d8ad611bf809f1d424eb5fa3f0e6f7a0c3c57439aa22d"
-                + "650cf4d9c4af79eac7b8193bbccb75a94fc00957db274e4512514351415448a7f2917fa0"
-                + "efb75cf03864b5e74c82d166d0682da6fea6c3001eeee520c85d6565456d97db5a261466"
-                + "8b2ab4d475f97ab1f5afe8ac20b46a2bc8d2707e836d0b67afcb25b7be36c90608b0f756"
-                + "cec5c3bedbfaa02387bb5e4dc0bf7ae4d42c0548641250fd19c7a256d5f23879e3144d7c"
-                + "339fc1964ab767c401769dc878df1b388110f46071fbcf1390cea1d0ab42f860700495cc"
-                + "8b00bedbe28e6afde5e8421a991159e1f57160affba05ee2c45efe882fed3653d1837f38"
-                + "9755aa658384ab68eaacb36077516507f849a136ba5dafa4b65b80975ac9f8119418a99b"
-                + "3e2bd518e1e7a9eb8af7f5eba849afba85260e312839c8f3020802f5b0a09a2f21dfd24b"
-                + "86e16a30ec471bfef6675e72ed2d450309144da61655c6c3706bfd3ab7025d37daf17d0e"
-                + "852ad884a98394ff7a08bcb63f6c3a2b1c9a06c494f8bb926335a31bc1684185e4c5c736"
-                + "3d7240ddd7bd1700dace25f48e548ce21d65f7decfcf5baae126d7131248b67ce5cc471f"
-                + "e815abbb40798bd53b8e25b9559eb0c556d18f42dbfb7c3b42389d09fed688731e20befa"
-                + "a039b9fed20f6ffebbe31e01b543be905e9a998991fb44e82b8e6bcd88d09ba15ee58b38"
-                + "0a44ebc18229828a55e37ccd7299afc57eec259cec93baa8703f4fccf1ac4f0b689d9ec7"
-                + "b2d31d09893aaa6e3ae084009cf8ed266227aec31d3eb0fcb2725f72aeba4e09a806143c"
-                + "0bd3b265310831dadd6929909d7f3f6d17fbf17ec3888e3c2789dfad83b43344577510f9"
-                + "74a39fe48d922c2a22c6fafebfa549473d9432df34836163cf60a66b4c24a94a0917600f"
-                + "92ccde90b81d5e5fd70e567e8a89edb0560e164928ee96a35fad758f18f0571959626930"
-                + "948bcbe47cfb642792ccd83bc11d8f883b6143c8eb738480131502027ca456fca88d89c1"
-                + "0dba6d346978d1b5f60b271dad4df49e780c1ccf71d8e6a6b3a1d0ee2e6d33b72b4d7112"
-                + "f7fd8883031a882189eff767a5d42b8ad26f8d386dfdf8005da8afbb4f8ab0d94c416c5c"
-                + "dd07ec8fa389e3d81394eef2198ea5876d413ff67606a551ac9afc117ff9089b50d725c7"
-                + "1ba357f770948fcff0392c314dfc777f37d2317839a443314ef2b91f69276696de1724a1"
-                + "f207f94dea2910a2c3303ac0f89befba9d94b3d73940e6fcd7142135577aeec7b419c655"
-                + "c8e85830d403fce77a59e5fcb7701d2f24716b63d313a6f2e27ff492d450890d61d5f92b"
-                + "b9962502d1651467a795fab27c874b4ffbbe201ba4b02ad79a1fe2acb7002b6056bad4dc"
-                + "9433beaf8f2c6e6b0ce5b1ec4f1d3478aa2147ba2d65e355638bf465fff4c2f634043867"
-                + "5d8e7ff8ca30df1e400260bb09f11169db9cc1575dd1c55e8b41edc066f770f1a4c9ce43"
-                + "a4927242d0eae4342e2220ba0d5b02fc1431a720f189116d0994dc734189feea865e49c7"
-                + "f0f6c7a1bdf2934690c2e6b03b3d4c618cbca4cfed4e3a5bc0204aa307b023e24f17cf41"
-                + "cb8a0a9df14a4ee68cf62766a0d49a07e662ab75a4bac93db013d911878947f9e2c2399f"
-                + "df7ae9f2c9e421f1751f5ed1abdb4a16b25878b67f4b56c23b904c58238c944f61f837d0"
-                + "0baa017230a5630ba293c3f1f2c0594c6e8a9f55e995f38d82473fa78bdf8387b0fbcb02"
-                + "9c564db2906d29b8a1d40b1d36ece89f25c0c6a42bb045058b00511ed549f6cbd1b1e102"
-                + "ddbc84ce321c841a5f8dcbeb8a7bdf3b839be4aa2007955dfe8862983d252d8b79a33e9b"
-                + "1c531003f1cd3a8bcc6d29ff8aac0062bbc479ad59262cc6bce4048859718988b62e2c45"
-                + "11ed65f659cf8c579a53a6a544a1331bf650758d64bb8fab1104170824894fdd8a284d28"
-                + "1aec9d627055bba150d47c43ac58f099040e06ba3fcf42a08dae32984bf4099c6ae94670"
-                + "013f2d14375d9b56e64c069c67ab3e15658c8336d1b7327f83f8e5daee3ddc76b369f3cc"
-                + "354c7a4685852cfd47e4d8724090d5d629ed3c2b672c61f2a0d14c178a4d9eaed7fe9d1d"
-                + "e7bac3ea2d8d94148694fe1993770fd56de255b75ae30069d3d93744fe7f82d106a54784"
-                + "329a4c73c548232dbf6bae651655eb3b3f62c85f698f0d86655d01f65d3566c9d2d3fb59"
-                + "42b2e3d846e173417f7a8c57ba38a7fd443eecd76fee81a1520c8e9e660e75b23eb7ece5"
-                + "88a577fdfcf06e09ef5c9a99499d52a1310358893639b5b346ee21d1fc2ce91619be31e6"
-                + "1c5f7821dde339476055039cc1a8f045434bc512ff74fc75e451aa20c174ee7a5fb6f686"
-                + "04830e72b903c957fa86dead167fe8df5cc67a3411f6e44a2e96ecdcc314cd6f7c659021"
-                + "8da02182c16ea1c87fc258f30e4c3368fb924a6e73738c2e534832855d8ea0cd1c002b89"
-                + "01cb40b66c7e3646b1dc14ed70da0e3d8a120bbc1eb4e4d81003c7ee2464cfa9169b18b5"
-                + "290cb0a443281ef3ec3bd9e6926c778f15320876cef162a07ba8cc6e61216e2a54d45d7a"
-                + "33d361bae1839ca8e62b4b4e4905b216bdccdb167807f137eca3a98a68d2b5e21fb8f0b8"
-                + "bb275f5b551ca77373066a7fbc0b8fff4969ee54e5e4cb946e8d5163e1b65fdca260915b"
-                + "834794419117c2614f0c835522a77a19dc3127378eeff43ba94689b2177801b00f2fac68"
-                + "61bc1b461dee1c53e5861de9a21f5eb45f87dcbfdb8189f972ddc970f98d903e5d08f9f5"
-                + "663cfaf400ccbeaa9777c9ae178583ee09b5a88a6f970d527658322ed87f1c8d2cb1df60"
-                + "07241440221447b6d9307c978cd964d90d076d516f02c258bcf2eaf6e7720ee365fbbd39"
-                + "96342d2edeb87b8ce38abe9b3a51b56f92384c3d8e3ad9770be26a60af23095474a368ae"
-                + "cbad10e93b8607500d2553d07b52a3cfb6b9d13d98fb5b5a4916d89849f0f37ae2290367"
-                + "6f26a1b2088b4912dd62f17f05f02e45eebe33a0b514412c18a6e39819b3e92f7c2901bb"
-                + "1dfc375e927afe468993400da91c590a19ebe5b8047d2780176b1341928691cd8ef916e2"
-                + "f8bbcee52d02aabe5a1155e186bff3af82245f9c5f24a647662dffb193f3f0a11006a05b"
-                + "7e9fb035e55b4cea67db00a65daa87ad8a64fd37e17150e73cbc0619a09453201789a655"
-                + "884002fd6e93aa49513a914fe5460bc4804158ed90231c811b928b5064c36ca9bd29e8f2"
-                + "db2ab992fe32abad052bdff6a16f2a6a0e8babfa68e59c862ec7a1c2554439c735aa1aee"
-                + "b9dc98b58c6a0269785f54253bee831361c3140255b755a8c42b978edbd21c99fdaaf736"
-                + "90cfc684e7885fb19dbbbe90b108fcae3748d4421d9ff44bc9ea2b4f28d5ae451a89f7a2"
-                + "fe184ede5e448acf22de728ab6e3310802835869ccf772bfa5c9794978481480d0522aa9"
-                + "7ea4a3b7636c53da9fd390453158482fbc3f9692b4e6a8c7530d6b2c3546da72b639e4be"
-                + "34991d32035a846d074a040ffa6d39610593fdb023188f9fe238e392c9e6687b2226f467"
-                + "78b1d378a306332ecabed3546867108d132cf51737d0513c91d0bd4db23e2157abe891f1"
-                + "25518416f1bb70230a1e629e948ab31cc03c53cbc2eb5f485b8868490243b9e37533b522"
-                + "6c759c298ee10aaf083ed7ffea7573fc4e7ae46563229979e8bcae0ea5ca6bee5f7d7c7c"
-                + "1515056df6db5252d043730434d4900408dca27fe2628847002db7671dcf1f959fc4b7da"
-                + "3253c62dc0b680a3854070d321aeed508be02cbb51e4f23734d337c152ec688ba863fdec"
-                + "58493e03925913fe0214cc1fcffb23f0fdd6ff13cf98e9caff86eb89a3ed8412b0e8212f"
-                + "04e83c56181e80df54f3d22753de597ab1800784cae7b55eab78cfaf6c9f9e6d587fdaca"
-                + "3ce632ef17d03411f34c6bf05707e957c7d2a3a801961d9dd44c1affee6c6274f8c4ea78"
-                + "3492dfdb6cc0e3a41e40d66e3e173ce4f1feb0ab3b12668b9670e3ed64872ac5c26fa422"
-                + "ee686aceb1a99e89dbbb07cc61b945389e76454d7feb4690d5a5785958a67b8f018f4df3"
-                + "17ebc3b9343aad88cc9072abc1d0a0bf9b39a0513a85ded70261b4dc5a30c8b776989e13"
-                + "e6232a978ca50954d9f7caa964a46d62eefc8c448cefd16f2bada187d674cc4aeeae5af5"
-                + "b2063963a180c41bc0fe3a82be90bd08aa74abf08a588cd2dca2e2d256ef5165081a1068"
-                + "dd608d722c42ea612f394df8915af997ef54e95be44e401948131c23637153174b62743f"
-                + "e5b6b104bb01b3365a82ba4e4ded915bbf9b47675936feeb9198164787ea2c97164286a4"
-                + "da425a705cc553d575641b7970333f334f44462f8cb9bb0969d7a35d3a2091d63735f651"
-                + "ced99a2f5edf917841b3d2000ad65227f7f226a1220d61a062fe981b699153f57522726f"
-                + "91924aae820689497df4fca303a7a2f02ed762a75f083f261d144c7d937cc8ec9825875a"
-                + "6e9e1fc763373ebd097edaf9644a7b3d2355fa5b69172a26a4af6587626e3c0d9ae0a4eb"
-                + "982ec6bc3353c504baad39f51d5657e32d760dc5ad35582c44b5aa78130e0ac01ae32be6"
-                + "41371a93813755cece24eab2339142748c055a31e13f1529e5ddd0924e92343a5280bfd0"
-                + "5f3a44d116fe436422b470075c05b5eba896848ab73579515e1c2a2b5163d3eebb35accf"
-                + "e3cc0242c6b90ee2a4dc99ea534147d317112dd2ca051f1df61aecedcea981979341a6b1"
-                + "05952988fba768bfddf4d8a880091ac114a4fe137a8f0856f5521d27cbb628cb6c8c5fe5"
-                + "a307966d8531f3316e2770d883bf0186d1debc6861141633e3c2d1f4fb62b2d3b16a9eff"
-                + "6c71e1ed34de8660731439527c7ff66f8994bff0919298818b7717197f0fdd5470f4c123"
-                + "3c3eaf66ce632cbbf501148734e7c58022be9f515d9dbb3fa0e1657082799c268724db4e"
-                + "2d534a9bd6e243efc22a749c97a53e72d8f4429423245f625164a060bdcfe1a4cb682a2f"
-                + "5f08d9fccf05b5e38c9882b49a6ae467b8232f1652fbfa90c66190fbe8f7debd0653fbff"
-                + "088a039d833f9e98d853648543bb60eb4ed5c4e3ec2c0480a7b2fe85c324c4869aa01b67"
-                + "a73204b8f0cbaadb040ed9dc55385c60d342f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "0386edf8472409c6a0fe2f3da07457868477f3f745d6717aec4a4ba8c7ab1647489bbf7a"
-                + "4c5b7b7904296d3be50258e80a4ca6b59a6a22a1c63576ee508e2407cfb66454d3e4fb31"
-                + "0c896480822cc3800f0769622463743c17601947db673131d542d7800af123d2ac2d7058"
-                + "44b093404f2072dd430f48bdb09438a21119e1b3730ad685a39c4e8c67750bf56795a43d"
-                + "93be6d5d6181d05922a13aa08d95fba85bca65919b91eff118c81038214df51fd883fb56"
-                + "e353334d0e3cdca46afefd63780c4a7919a28e3e827f67951feac797e39e96e7c3ba1919"
-                + "6f0f0175b91d5c7c5976a1a1d928fad412c4e2a9cd8c841970fe3055797a5dbdaaf32f4d"
-                + "e79602dbe35d0fe38b3f5ee7dbe1f6942ec427d8b15cdeac92278b2a105e647c3ad49169"
-                + "48d22a6df03aad05a9c5f476bc4e70169ab50710c2177cd78598fea88681d34a7e4f9c4c"
-                + "b8ff3fb1dcea06f624c0fc879cc5e307ed78eecc6f9aa44d382016ee472ebe19b30716e5"
-                + "5e380065ba32927ca73bfbdad670f191876e671787e859cca6e4c895dda8730a40d0c73b"
-                + "0487ce327eaa9c85815d308ee08ed25cc5f1b48d302eea1568fee7d44f8a40b4496cbcc2"
-                + "5b6dd7b199323db3873709c2e6bb8dfc7edc95724b541840a32d6ca4465e335c4bc8fdf5"
-                + "aa5ebdc3b3ad9874954771a734c9bd9ec525c081b95802534cc71cab2d9a3d3bca09403c"
-                + "9d6dfd7d7d35c0e4ba866c9ff837c3d538b270aae8d8152db295b20b7a19e2a3aa383163"
-                + "d9162fdbb7ef5341887a5eb94828253f6977a251607fa2e6853159f0b64d5c8fcde6d18c"
-                + "c6dd02e72f7ed723b74da9f3129230a75980bb9697bbed6475f974c20b12a02ed7313ef4"
-                + "ca5f473774e0e4b5f520cdeb4fed526ea10375656c18b349f984119fe43133794c2c7e26"
-                + "72503f150b5a740c04e3a763af2ee0c3b14de8e0516222ae91bf50b7e5cf92f5cc6df8ff"
-                + "ec7584f88a9deea3b5ab4a8d8ba79c42b9bcb028ec911c4c93526315ad80b1efb97e11a6"
-                + "92c4160d6f9f6821c0625889b524fe437112df5845df7fe8d9ebf47dd29ec45448dbce81"
-                + "dc4efab911477ed9408cb7a15978f2cdd7b779aacf3a4d4f44d0d87b60e4bd6dc145b0c4"
-                + "0fcc6ddfad114281d87b68d4f51e9bcb317ae7436f2cce963a327bda95e9e460ab660696"
-                + "a528c393ed21f92e38402dd50f3d643563214546d0e4037501b3456b4dc5a02d1e4b9b59"
-                + "c18d0c341170d73841ff7ace5c7f1dae32da6bd6f97adf3a52dbdb30a46424abc17a4a89"
-                + "340d3345ebb08fc03a7ad4578a64d1488b879823a35afbda39dd9ee9d0ab8ce94bf864f3"
-                + "cb1105ce74bd99e85b6fdd97fc3c54393ce901e43344d05f31a8376265777b18d853553b"
-                + "95a11f2bb099be5d433fefa7c97b8d3b229e423bcd1832ce5bd731854fd5e31d0ccb4421"
-                + "e4f73f121f4b79404d06786e3318fb337dfed40359c63aa685457ad21b69d365da9ba2cf"
-                + "1e665d02995180df2f35312c4e45c8f3ce7215be2ef053807341c00acab30a0c7dffe8e7"
-                + "5fdc71704f35f13de8ac21b6e39482271d036fe5b8fd6020eb0ef06f80490915de57255a"
-                + "3f9a31d2d6750f86ba57ee7320cde75c4a49bd4d5efe393775dafe2f209abfbdf7762c56"
-                + "0106006f4905dc938f91bb88a5f3f6c0176e38b4bae238f34b2f1319c2d48a8be83e5395"
-                + "9b26e6109f8ac292b9a88cbb51dd3369dca35e58774a9a02d7fa47d47557bdcec261a7fd"
-                + "6dd60437fa9af3324a36ba88c0ac652c3760f5a35a585245a0c5978591b1ff73ac058ed4"
-                + "38e359b09feebc290d3d3a5ba3670d62887ee338099e94d14fc40257e36bfec7d5f3b192"
-                + "062a003965acd650f8285c2d9b5a1ba46ac46042b985d5f631188b2fe1a5624a92752d33"
-                + "17d177089b68a35966fa021dd0f8e4acbce56d1643650c64ecba2243431c06d4065cf738"
-                + "e5cb0980da72a35425f568e3e48e9c7b73ec5394e45842607a4fea3be2853ba6bb6b3d27"
-                + "f7af28f0e41cd6b42ae977f09bf4f2a1d594afcb83a2f0ca20c7e442bd7052a9ac85fe67"
-                + "cb537250ce91a255d3b7fe4b2d052312b839aa59d306afadcfd503b303bd2dba7da45ce8"
-                + "dc8eaa303a1f9495038a3e2fb77e4bc35c5399556b58004d9cad13db1c1fe7ad4c66c888"
-                + "82396aa36c267227441cdfdb5a5c89dd23616a7563b5249483ec60e25e36024b5251ed6e"
-                + "0557a7414180b084266c1d731d2e42544513fd2d53d4eb964ba1c67a4e13b192c5e41f5c"
-                + "5b4160e8336a2956c1396e55b2c417fb5855d4aa56dcfc54f8e19c6eebf9eef09ac5c387"
-                + "35090d692b837cd08e50738e106cdb3a5b95314744b8d67bcf40645ab09f1233559173ae"
-                + "a688279d0c31cc885227e88bb3e02064762052fa3b0e69f70e44dcb1410ac1fc604f27e8"
-                + "6796c6d3819c82d0971df6b5cd89f2403623c4bb252e60af6717d4c2cedcf5dc96015c5b"
-                + "700e7e915e60aab7a1f85bc19e2b6a5307a51988aa1abab57a201a488b7d8f18716f0bf8"
-                + "aafd9c7660dc46a29665836e0aeab04806bd0fc5989c4f63f7ba4a58834d8d5447f70ebf"
-                + "67d33c57ddbee6574d5b741af87217f3c0ffe4f87c48e2d49a274968b87a254eb41e3461"
-                + "dfb92f63bf91f42f43f33f7ce9af91ab8f28d2fba20dd005a1c04633f3c5478b93bf6583"
-                + "f3f7da072dce7ba305b717af5930ff609084e1f4c1e7b2725517188a734e7dfc69db20e4"
-                + "f33408611ebe4dcd039074bed4698035c36336daee42097c826a0352278dfd649d7ce54e"
-                + "5b18060fd25679d745d701d24aa7efffd56419df616dabad7380353034f639a981931fc2"
-                + "e6c2e54414fc3bdfb77c15f5b5181120e745215d126be23f8cc9bf2ecebe045fccd5d3d1"
-                + "e67dbfdccaf54004460e013c27cc86975f3edb844be4d037b07cff57cd14ef994df7541b"
-                + "1650f50d02c77b79d34204fd67c3f2b1649bafabe7bed873702c06d5d0e49d1b372fd3c3"
-                + "8453e9bd59d04ff5409825280d38e100f29eccc045ecbb69cc2c9f37f898b2612c524f38"
-                + "09415d3a07297d5264bfd1c8c914b49f8e6088c80bf1700adbdce7bba60518c29485c0a9"
-                + "998d34d2065628eea51d4005b39785ca870e09710e1c93982cf716daa1c350b4dbbaa17a"
-                + "95a2251cf702fdc87c03e410d9ac0062bbc479ad59262cc6bce4048859718988b62e2c45"
-                + "11ed65f659cf8c579a53a6a544a1331bf650758d64bb8fab1104170824894fdd8a284d28"
-                + "1aec9d627055bba150d47c43ac58f099040e06ba3fcf42a08dae32984bf4099c6ae94670"
-                + "013f2d14375d9b56e64c069c67ab3e15658c8336d1b7327f83f8e5daee3ddc76b369f3cc"
-                + "354c7a4685852cfd47e4d8724090d5d629ed3c2b672c61f2a0d14c178a4d9eaed7fe9d1d"
-                + "e7bac3ea2d8d94148694fe1993770fd56de255b75ae30069d3d93744fe7f82d106a54784"
-                + "329a4c73c548232dbf6bae651655eb3b3f62c85f698f0d86655d01f65d3566c9d2d3fb59"
-                + "42b2e3d846e173417f7a8c57ba38a7fd443eecd76fee81a1520c8e9e660e75b23eb7ece5"
-                + "88a577fdfcf06e09ef5c9a99499d52a1310358893639b5b346ee21d1fc2ce91619be31e6"
-                + "1c5f7821dde339476055039cc1a8f045434bc512ff74fc75e451aa20c174ee7a5fb6f686"
-                + "04830e72b903c957fa86dead167fe8df5cc67a3411f6e44a2e96ecdcc314cd6f7c659021"
-                + "8da02182c16ea1c87fc258f30e4c3368fb924a6e73738c2e534832855d8ea0cd1c002b89"
-                + "01cb40b66c7e3646b1dc14ed70da0e3d8a120bbc1eb4e4d81003c7ee2464cfa9169b18b5"
-                + "290cb0a443281ef3ec3bd9e6926c778f15320876cef162a07ba8cc6e61216e2a54d45d7a"
-                + "33d361bae1839ca8e62b4b4e4905b216bdccdb167807f137eca3a98a68d2b5e21fb8f0b8"
-                + "bb275f5b551ca77373066a7fbc0b8fff4969ee54e5e4cb946e8d5163e1b65fdca260915b"
-                + "834794419117c2614f0c835522a77a19dc3127378eeff43ba94689b2177801b00f2fac68"
-                + "61bc1b461dee1c53e5861de9a21f5eb45f87dcbfdb8189f972ddc970f98d903e5d08f9f5"
-                + "663cfaf400ccbeaa9777c9ae178583ee09b5a88a6f970d527658322ed87f1c8d2cb1df60"
-                + "07241440221447b6d9307c978cd964d90d076d516f02c258bcf2eaf6e7720ee365fbbd39"
-                + "96342d2edeb87b8ce38abe9b3a51b56f92384c3d8e3ad9770be26a60af23095474a368ae"
-                + "cbad10e93b8607500d2553d07b52a3cfb6b9d13d98fb5b5a4916d89849f0f37ae2290367"
-                + "6f26a1b2088b4912dd62f17f05f02e45eebe33a0b514412c18a6e39819b3e92f7c2901bb"
-                + "1dfc375e927afe468993400da91c590a19ebe5b8047d2780176b1341928691cd8ef916e2"
-                + "f8bbcee52d02aabe5a1155e186bff3af82245f9c5f24a647662dffb193f3f0a11006a05b"
-                + "7e9fb035e55b4cea67db00a65daa87ad8a64fd37e17150e73cbc0619a09453201789a655"
-                + "884002fd6e93aa49513a914fe5460bc4804158ed90231c811b928b5064c36ca9bd29e8f2"
-                + "db2ab992fe32abad052bdff6a16f2a6a0e8babfa68e59c862ec7a1c2554439c735aa1aee"
-                + "b9dc98b58c6a0269785f54253bee831361c3140255b755a8c42b978edbd21c99fdaaf736"
-                + "90cfc684e7885fb19dbbbe90b108fcae3748d4421d9ff44bc9ea2b4f28d5ae451a89f7a2"
-                + "fe184ede5e448acf22de728ab6e3310802835869ccf772bfa5c9794978481480d0522aa9"
-                + "7ea4a3b7636c53da9fd390453158482fbc3f9692b4e6a8c7530d6b2c3546da72b639e4be"
-                + "34991d32035a846d074a040ffa6d39610593fdb023188f9fe238e392c9e6687b2226f467"
-                + "78b1d378a306332ecabed3546867108d132cf51737d0513c91d0bd4db23e2157abe891f1"
-                + "25518416f1bb70230a1e629e948ab31cc03c53cbc2eb5f485b8868490243b9e37533b522"
-                + "6c759c298ee10aaf083ed7ffea7573fc4e7ae46563229979e8bcae0ea5ca6bee5f7d7c7c"
-                + "1515056df6db5252d043730434d4900408dca27fe2628847002db7671dcf1f959fc4b7da"
-                + "3253c62dc0b680a3854070d321aeed508be02cbb51e4f23734d337c152ec688ba863fdec"
-                + "58493e03925913fe0214cc1fcffb23f0fdd6ff13cf98e9caff86eb89a3ed8412b0e8212f"
-                + "04e83c56181e80df54f3d22753de597ab1800784cae7b55eab78cfaf6c9f9e6d587fdaca"
-                + "3ce632ef17d03411f34c6bf05707e957c7d2a3a801961d9dd44c1affee6c6274f8c4ea78"
-                + "3492dfdb6cc0e3a41e40d66e3e173ce4f1feb0ab3b12668b9670e3ed64872ac5c26fa422"
-                + "ee686aceb1a99e89dbbb07cc61b945389e76454d7feb4690d5a5785958a67b8f018f4df3"
-                + "17ebc3b9343aad88cc9072abc1d0a0bf9b39a0513a85ded70261b4dc5a30c8b776989e13"
-                + "e6232a978ca50954d9f7caa964a46d62eefc8c448cefd16f2bada187d674cc4aeeae5af5"
-                + "b2063963a180c41bc0fe3a82be90bd08aa74abf08a588cd2dca2e2d256ef5165081a1068"
-                + "dd608d722c42ea612f394df8915af997ef54e95be44e401948131c23637153174b62743f"
-                + "e5b6b104bb01b3365a82ba4e4ded915bbf9b47675936feeb9198164787ea2c97164286a4"
-                + "da425a705cc553d575641b7970333f334f44462f8cb9bb0969d7a35d3a2091d63735f651"
-                + "ced99a2f5edf917841b3d2000ad65227f7f226a1220d61a062fe981b699153f57522726f"
-                + "91924aae820689497df4fca303a7a2f02ed762a75f083f261d144c7d937cc8ec9825875a"
-                + "6e9e1fc763373ebd097edaf9644a7b3d2355fa5b69172a26a4af6587626e3c0d9ae0a4eb"
-                + "982ec6bc3353c504baad39f51d5657e32d760dc5ad35582c44b5aa78130e0ac01ae32be6"
-                + "41371a93813755cece24eab2339142748c055a31e13f1529e5ddd0924e92343a5280bfd0"
-                + "5f3a44d116fe436422b470075c05b5eba896848ab73579515e1c2a2b5163d3eebb35accf"
-                + "e3cc0242c6b90ee2a4dc99ea534147d317112dd2ca051f1df61aecedcea981979341a6b1"
-                + "05952988fba768bfddf4d8a880091ac114a4fe137a8f0856f5521d27cbb628cb6c8c5fe5"
-                + "a307966d8531f3316e2770d883bf0186d1debc6861141633e3c2d1f4fb62b2d3b16a9eff"
-                + "6c71e1ed34de8660731439527c7ff66f8994bff0919298818b7717197f0fdd5470f4c123"
-                + "3c3eaf66ce632cbbf501148734e7c58022be9f515d9dbb3fa0e1657082799c268724db4e"
-                + "2d534a9bd6e243efc22a749c97a53e72d8f4429423245f625164a060bdcfe1a4cb682a2f"
-                + "5f08d9fccf05b5e38c9882b49a6ae467b8232f1652fbfa90c66190fbe8f7debd0653fbff"
-                + "088a039d833f9e98d853648543bb60eb4ed5c4e3ec2c0480a7b2fe85c324c4869aa01b67"
-                + "a73204b8f0cbaadb040ed9dc55385c60d342f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "044798030320ee0d4f25de3b7b6f578e0b4c930b7ed068a65c53dbff8ad4d730736706cb"
-                + "adf5497ad1a81f2bf7f3b557cb6bbbd5d978bf852b88a085e9cf4a5eb5ec10cffeb17a96"
-                + "74d3b049db297acd8bbc53127aa6b8c1d8a75f5cf30f63dcc540901e5160e2398d80b465"
-                + "926d043481b1378fbc29a6e10576b9dddea2cd568b1817517cea8b70f0060292bf0f5e01"
-                + "8c9a6565b290093f97cf3b554ffe3c288eaac2da5c29ee03f0f3d9f9f22e3cab56122645"
-                + "5b8d36436efabbdd3d17b2acca5cc37a571a6989f0068d0200ea3ea68ea58630606fca85"
-                + "8b76ea64532d6f6414ad68f3797efd3072d3990abdc7c9af995dd021d4329e150041267f"
-                + "9e60db55309c5725a249a6cedade7493df0a9f5a689b502c672859b8a19e6e09ed9271d2"
-                + "575a3c40e58a2bd97e7cedbb5b62c58b68ff0299b56e3669bfc3c1762f0c3cf5090a82fd"
-                + "00a18fa308caba36c6071216fff96d9fa47f89a4c543d20f3091a770fe22961b72f265e9"
-                + "ae09a1f590b163968ffd8ac4888531b2d5b89c9b64756c07f34c1a9463b3ce2995e4d67c"
-                + "bb8061163f5ea86254aa3a9ef9c2df31d03f9f47fb0a48232c5d6eb223852d7312052f18"
-                + "1aaf4a1f4c0c7f791bf51eee3941b020a28e2fddd367d7c42ed36eded94e11716744a06a"
-                + "e864b279a67ae6dd5cfa8b520f7e71ad9836dee9b6ea564b36c1a62b092524a3fd872430"
-                + "cc5e6a6a35a467c6cf4b9f9ca780adcdc0285ff33e976621ff78d26da6d2b66cebe39229"
-                + "0fb0ddd76ec55b72120eb909adffa19cf4e33cc4b3128ecfbce1e3ffcd37deafc13f6538"
-                + "4bf4c2a7e9b5749cc9e6155287ee53fe83251048bd8f926e6f21a34fd0f760186572e8c7"
-                + "a307cac394c3968c6e2b0f2a8bc822c9ec2c6ffcca5167b53a5923b6b5ea6f555cf6ff45"
-                + "70fe1716170c3bb1660b01cd19951c5ec0cc40a91c68a9382866a46eacc2eb88d05f2724"
-                + "f37845a62ea87c67056e1eb4128e88b9687b02b4dc4aa0156f649832cccf4f79dbc06fb3"
-                + "1697c66c46281993ae4ab53de1b1fa57432cb2f0a8b46d920bbe5ba26153c2f52e2ffcbd"
-                + "9331776c162f7832ddc91734b944200459426697104296c18da11dab66ee3159f2de1fad"
-                + "4ced3c9f5b512ddfa526614e4b91f7c9d19c8c1bd7ee9f415834c0f6cd849327a057ebbe"
-                + "9b86fb0354feb682209df2b6ff81af9d5272d3785cc6a195e01db7c1c25cf50351927f8d"
-                + "560ebd6f120889e45bae8ecf90b82c22779b431d1aa6bd9d772a9c0af93e245dbe9ea2ca"
-                + "05be0a4c521167583e99215b2bea53e7393ab9f7195dac2395a782c6b36ad395d4cbc42e"
-                + "6d64b61a7f655ef39caf328d0a17c1aa4d8feb0291f8246fb6b74da7c7de45547dbaa64d"
-                + "ef8f08c193a5cf512324f075a648e951d50d02f9fa463f7d4b0c27e999c35751e011d88b"
-                + "b0c4b5fe8d2ef3b1c27b0a207260d58fc172e66590b4d71563395df3ca5e740039ae85e1"
-                + "d4a93c8e285f7beadde875dec895a9ca624cfed01f34c167cd6299e358b0b1b77df69710"
-                + "4b14b6b0793305c9017acc469e7ca8c76405010b6d3b1edf561330b8149a3e5b5cacda07"
-                + "e5ac5bbdb0c3a71705e7e8ae5c2476d254fcd25f1c17cd27d90da52969b4da165b83394e"
-                + "6b845a24142ba057444bae362f78130b8fa9d2812a24a2c729d23563cada0257ca32f552"
-                + "561ec70203951d8d3f35f3e8d33cc3a53fb683cccbc7e82bc53a20f9cb21d07c243e4cab"
-                + "727d11d9652ef8af29e6083a5e5b6b2bc7106a022e4b59e93aa70153ed1db4593a4cea98"
-                + "4a159b313867ca7493589d364707aac2c88028f472e6bc1eb56d40901719727d8725bf98"
-                + "e101c2f225010ce0a2234f1363949c612087630c54d1cf340ab9a6c565cb17c59d58e488"
-                + "274cd4fb5aa50371dc0f70cdb7ff71b9d6521ed30d68d41104300164b160cb36c4ca606c"
-                + "ab9861b7b7017b837ae3e2922d5ba35b3acc543900e4e1c28ce98ed71155ec342285a6e6"
-                + "e00e6902a125f149063d36e8e4938b57f0742fb62ab729ba4902953dd09d72f4338043f7"
-                + "f2b14c2b4f84efd29329fb23c41a2816d3efe74a6153f84afb29b8e5a7c6b72ef7bad3eb"
-                + "23cc9f40ebdacd55454622ea1a4f7a76be76a4a19c5e30b28b8f90d50fe8c1aa9f1adb64"
-                + "4fe49449e08ac8d112bc7cf42e0bfa9cfe40c04af153f1c07b63bb44550772e6507b6aa4"
-                + "ded6e01bcb704a1b71efbd27e63153d30fd91101242f1f19c73a50738461d68bda9e855a"
-                + "51b6a9f379714859cca45d68d93e6a5259ee9a794322e6f5f7588ddf5ff7f9a23c41913f"
-                + "44d8427480b9de69ae18e340a12ea1369cd3907a85e7f30469e0341cb75fe4af0cc0ba47"
-                + "5159322ea2db6d4fbb48d3e8292de5e4b2d6fedf0af22e00ca81285348cf5e556fe743d0"
-                + "e83cff826ca1a032e26155f81431d5f40f8d95b066ac7ee17988b0254dcc35aaf2ec1140"
-                + "8ddcf8ab534b1e980dc956906f760c818158cf383a903de3707687a3e6e247c01e3f8209"
-                + "6fdccf12381b514b47555e0a25a52b8dedbcdcfdf196d9d108ac98b2cdf9c54ec6d94c3a"
-                + "0a2725a0c6a4caa101519d474714bb08f07846be64a263c869a8f85daf3203a0fe7e589c"
-                + "b488bbda15f8dce2e3bb94ce7164b44ff839f874d701bae37f5ead88186f8cd88586da5d"
-                + "efa7b4bc6e2db81ec9dbc3d29b333b6d9f6b1a2b241c8f6275a5422a929ee18c6ce964a8"
-                + "96d6a0d495de1eaf456cf6e7ea8369ef85903eb119d9e72150ef62baabfdab6b9e4b1bca"
-                + "ad34e1a6a6e2afd04fc8d0d256a4c3ce2f275990e8cd563ffb37cc2da9f7f778231f061d"
-                + "58bf5d150f52b4df852e887c9deafe3f1154627493658bcbb42f0121ed32f98fac0ff8ab"
-                + "ebc10cb1e52504fb85be939733e873c56117af98c0c071f27b51229db32c2379a900bfc6"
-                + "81f09ea829f13989fdc033f4a9be89b3a48a6cf198f4c3c64fff5c459c4f4c4082adde4d"
-                + "b31635bf7ea4d5b96721f268e2e87c7677a823f4e20edd4f4906e7b9b90ce9de6632ee02"
-                + "b01f1b6e291e4dab42a74de484820c9b4209cf13d17fc0e6e61b2e5fd921d1bbb3f442f5"
-                + "aa0b18eb54307494812d5d24189ab71f8ad57c99c84626730b1c2841fcc0a53b3b8fd5ac"
-                + "637c7ad4897c5b711488c6f93b0260a3dfec76e39f79af59578604fca6af74968331e470"
-                + "9c7fa58f7f87a838de2949d12550d82e2ae617e0057668b0ee946c373880e5e50eb4a482"
-                + "6b2c83dc9055bba150d47c43ac58f099040e06ba3fcf42a08dae32984bf4099c6ae94670"
-                + "013f2d14375d9b56e64c069c67ab3e15658c8336d1b7327f83f8e5daee3ddc76b369f3cc"
-                + "354c7a4685852cfd47e4d8724090d5d629ed3c2b672c61f2a0d14c178a4d9eaed7fe9d1d"
-                + "e7bac3ea2d8d94148694fe1993770fd56de255b75ae30069d3d93744fe7f82d106a54784"
-                + "329a4c73c548232dbf6bae651655eb3b3f62c85f698f0d86655d01f65d3566c9d2d3fb59"
-                + "42b2e3d846e173417f7a8c57ba38a7fd443eecd76fee81a1520c8e9e660e75b23eb7ece5"
-                + "88a577fdfcf06e09ef5c9a99499d52a1310358893639b5b346ee21d1fc2ce91619be31e6"
-                + "1c5f7821dde339476055039cc1a8f045434bc512ff74fc75e451aa20c174ee7a5fb6f686"
-                + "04830e72b903c957fa86dead167fe8df5cc67a3411f6e44a2e96ecdcc314cd6f7c659021"
-                + "8da02182c16ea1c87fc258f30e4c3368fb924a6e73738c2e534832855d8ea0cd1c002b89"
-                + "01cb40b66c7e3646b1dc14ed70da0e3d8a120bbc1eb4e4d81003c7ee2464cfa9169b18b5"
-                + "290cb0a443281ef3ec3bd9e6926c778f15320876cef162a07ba8cc6e61216e2a54d45d7a"
-                + "33d361bae1839ca8e62b4b4e4905b216bdccdb167807f137eca3a98a68d2b5e21fb8f0b8"
-                + "bb275f5b551ca77373066a7fbc0b8fff4969ee54e5e4cb946e8d5163e1b65fdca260915b"
-                + "834794419117c2614f0c835522a77a19dc3127378eeff43ba94689b2177801b00f2fac68"
-                + "61bc1b461dee1c53e5861de9a21f5eb45f87dcbfdb8189f972ddc970f98d903e5d08f9f5"
-                + "663cfaf400ccbeaa9777c9ae178583ee09b5a88a6f970d527658322ed87f1c8d2cb1df60"
-                + "07241440221447b6d9307c978cd964d90d076d516f02c258bcf2eaf6e7720ee365fbbd39"
-                + "96342d2edeb87b8ce38abe9b3a51b56f92384c3d8e3ad9770be26a60af23095474a368ae"
-                + "cbad10e93b8607500d2553d07b52a3cfb6b9d13d98fb5b5a4916d89849f0f37ae2290367"
-                + "6f26a1b2088b4912dd62f17f05f02e45eebe33a0b514412c18a6e39819b3e92f7c2901bb"
-                + "1dfc375e927afe468993400da91c590a19ebe5b8047d2780176b1341928691cd8ef916e2"
-                + "f8bbcee52d02aabe5a1155e186bff3af82245f9c5f24a647662dffb193f3f0a11006a05b"
-                + "7e9fb035e55b4cea67db00a65daa87ad8a64fd37e17150e73cbc0619a09453201789a655"
-                + "884002fd6e93aa49513a914fe5460bc4804158ed90231c811b928b5064c36ca9bd29e8f2"
-                + "db2ab992fe32abad052bdff6a16f2a6a0e8babfa68e59c862ec7a1c2554439c735aa1aee"
-                + "b9dc98b58c6a0269785f54253bee831361c3140255b755a8c42b978edbd21c99fdaaf736"
-                + "90cfc684e7885fb19dbbbe90b108fcae3748d4421d9ff44bc9ea2b4f28d5ae451a89f7a2"
-                + "fe184ede5e448acf22de728ab6e3310802835869ccf772bfa5c9794978481480d0522aa9"
-                + "7ea4a3b7636c53da9fd390453158482fbc3f9692b4e6a8c7530d6b2c3546da72b639e4be"
-                + "34991d32035a846d074a040ffa6d39610593fdb023188f9fe238e392c9e6687b2226f467"
-                + "78b1d378a306332ecabed3546867108d132cf51737d0513c91d0bd4db23e2157abe891f1"
-                + "25518416f1bb70230a1e629e948ab31cc03c53cbc2eb5f485b8868490243b9e37533b522"
-                + "6c759c298ee10aaf083ed7ffea7573fc4e7ae46563229979e8bcae0ea5ca6bee5f7d7c7c"
-                + "1515056df6db5252d043730434d4900408dca27fe2628847002db7671dcf1f959fc4b7da"
-                + "3253c62dc0b680a3854070d321aeed508be02cbb51e4f23734d337c152ec688ba863fdec"
-                + "58493e03925913fe0214cc1fcffb23f0fdd6ff13cf98e9caff86eb89a3ed8412b0e8212f"
-                + "04e83c56181e80df54f3d22753de597ab1800784cae7b55eab78cfaf6c9f9e6d587fdaca"
-                + "3ce632ef17d03411f34c6bf05707e957c7d2a3a801961d9dd44c1affee6c6274f8c4ea78"
-                + "3492dfdb6cc0e3a41e40d66e3e173ce4f1feb0ab3b12668b9670e3ed64872ac5c26fa422"
-                + "ee686aceb1a99e89dbbb07cc61b945389e76454d7feb4690d5a5785958a67b8f018f4df3"
-                + "17ebc3b9343aad88cc9072abc1d0a0bf9b39a0513a85ded70261b4dc5a30c8b776989e13"
-                + "e6232a978ca50954d9f7caa964a46d62eefc8c448cefd16f2bada187d674cc4aeeae5af5"
-                + "b2063963a180c41bc0fe3a82be90bd08aa74abf08a588cd2dca2e2d256ef5165081a1068"
-                + "dd608d722c42ea612f394df8915af997ef54e95be44e401948131c23637153174b62743f"
-                + "e5b6b104bb01b3365a82ba4e4ded915bbf9b47675936feeb9198164787ea2c97164286a4"
-                + "da425a705cc553d575641b7970333f334f44462f8cb9bb0969d7a35d3a2091d63735f651"
-                + "ced99a2f5edf917841b3d2000ad65227f7f226a1220d61a062fe981b699153f57522726f"
-                + "91924aae820689497df4fca303a7a2f02ed762a75f083f261d144c7d937cc8ec9825875a"
-                + "6e9e1fc763373ebd097edaf9644a7b3d2355fa5b69172a26a4af6587626e3c0d9ae0a4eb"
-                + "982ec6bc3353c504baad39f51d5657e32d760dc5ad35582c44b5aa78130e0ac01ae32be6"
-                + "41371a93813755cece24eab2339142748c055a31e13f1529e5ddd0924e92343a5280bfd0"
-                + "5f3a44d116fe436422b470075c05b5eba896848ab73579515e1c2a2b5163d3eebb35accf"
-                + "e3cc0242c6b90ee2a4dc99ea534147d317112dd2ca051f1df61aecedcea981979341a6b1"
-                + "05952988fba768bfddf4d8a880091ac114a4fe137a8f0856f5521d27cbb628cb6c8c5fe5"
-                + "a307966d8531f3316e2770d883bf0186d1debc6861141633e3c2d1f4fb62b2d3b16a9eff"
-                + "6c71e1ed34de8660731439527c7ff66f8994bff0919298818b7717197f0fdd5470f4c123"
-                + "3c3eaf66ce632cbbf501148734e7c58022be9f515d9dbb3fa0e1657082799c268724db4e"
-                + "2d534a9bd6e243efc22a749c97a53e72d8f4429423245f625164a060bdcfe1a4cb682a2f"
-                + "5f08d9fccf05b5e38c9882b49a6ae467b8232f1652fbfa90c66190fbe8f7debd0653fbff"
-                + "088a039d833f9e98d853648543bb60eb4ed5c4e3ec2c0480a7b2fe85c324c4869aa01b67"
-                + "a73204b8f0cbaadb040ed9dc55385c60d342f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "05b8763e46e573e82d661c123228225d57b4b1645954acc7e0455e04594a529b520aab69"
-                + "aba86a4676d6cb0bccda97e23a4feebd480f62f50c298b5f8b4dc8407b36cc0e762ca9c3"
-                + "adabf18bdd1e06a3f6f16ffc9b7a58b02d29f917ce5e98318151357b29fa50328c1c8aba"
-                + "336ecea624fb63cfa145c1490b4d7a503a0719df0e9220ac1aab57c77ce87c9e23ab0801"
-                + "27302d6fde978bc12cd17f6f817a184ea6e71fff019329e5f26644fa36bb95def273bcd7"
-                + "153c359e00d8ac6005acb2e2d6d5042ad5482bb43aaf0b9beace816ada62b51023775ce2"
-                + "6a367ccf29675ff2ee0e6f3b64227eca734775e5ea84566f43ef63c0e5d5af30626ed9ab"
-                + "65327325b4c3f9b4031f70571980c4e85cd90b8314e0199e9ed7fade4c0e2b9a67286a29"
-                + "39b4093109d5494c7608c58e0beedf22fb15c68ba8de2e0f2a687a5a70e29a59c237ca23"
-                + "c28dcaf6e0e5f6be5367465787bb067854da40642211930d28980d36b8012d1a7fd64f9b"
-                + "bfc4e4627c902cdbdadfe3a1e362e713dfef1472f9dbcffac6c05d6cd4f82ea17d1cc910"
-                + "e5fc113e8142c7527c2e14194b622df786f5fd16722e5904cd62cd565838e1667217f462"
-                + "8d259bd59a06cdaae9c90d77000b31e3b584ccc7f30962b0ee5deabfbd71f806a28d18ac"
-                + "45320e3876744809fc8926764f6de7d33f56b78a0049450d76c64253c5645e88b30167bf"
-                + "368d19c3b9555d39af09baa425e9f1f9fbedc1a23d052d50b41fc4110b8edbceb20c0c64"
-                + "99e76811dcd6180db65c9f9f4f24a6f2b4b96915645d9fffca2917bda8fe6a0674722181"
-                + "fd4687b2e52700bab560da72ced49c0b73c2cd0580fb6e2a19bcd2d81c75a06a56f207ca"
-                + "08e332ba06e64ad8c5c9acdb0e67dd35747adf74aa66d3543486852246eb17addc277e26"
-                + "65a96e43c99f671d70bf489fc9a44e6e7dfead15d35b7bcc1be658639fb247be6b4ed49b"
-                + "0addbac3e3be56149ffcbc694144c7a9c54ee5264d02c4f55906ecc748b2c0efb1372bb2"
-                + "df547cde72affa6d085846a3cf3036af5d74a7a75be309e9b83e76d927bef3b21dcafda7"
-                + "831e484ecaea0d969c96f7a69ca42f807534257c1cab421e29d63c52b3bf8c4542bd11e5"
-                + "7c60827c1004d74a644d7539bb8d8563c1453912ef23317b4e6814c7a1fa2f16bceeaee8"
-                + "c15491b9bc4abdc27047eea25882428dcffbe72dea42f564b3e236561346b87b793f599e"
-                + "3fb4c733c9ac1661309bfc955ee74fb524ce903bb200700326348db4e3871a6d3fb2e362"
-                + "f6d91ee2a402b886be661b91a9b3841432cfcfea7c67ceeb412047f3d1423a7276e508bc"
-                + "fd73989cbd87e659d123554fad15d0f0b4db23fef82e57f36b0924315e1e175bd4c78653"
-                + "91d72124cfe1da4782597fd5307f3c071ca2b03f27bd682d20c88002356b4ef86926311f"
-                + "338f7fcaec94b2142612ea1f1a013f7b2775fa611d52e2388dce088139eff39061597fe2"
-                + "483bc5da820adba2d81dc3553d409863a73dd62b41743cac6c16bcc5fcff4b2a65331c09"
-                + "49999c7d781d2115f92e10240b5a62adf4c7f7161d8830ea92a7199c567e34e8b7912bf4"
-                + "20791b10f861e5a6aadb299646cd77280a0600659f5b87c737ae1aba713c3cdcf7bcc316"
-                + "65761adeb5ea23131f6ad80f9571d2b22886e6185d7a11392950513a98dd34a0382cb5ce"
-                + "67870ff192503b4dcc6f1055bf80a609a034b05a7bb6b006775a92de29b125ee3e1749df"
-                + "c4f0ad20a27e8ba5205e1ea52ce5b01dbe0a517f76c31bbb60aa359a23f2eac13bcefa2d"
-                + "8ab231a37a97c094fd20e0dafc784579afe8ebd4589048ce9901e1702da1111f5082d673"
-                + "45432fb3a062c3d723cc0c8768438ea6a53070670a96ca678b93f16f9347f6452686dca8"
-                + "f18a0772df206b32b3c0f8650a01374ad3ed27d4b348417c7f0c8af885e0e13cd68c3734"
-                + "5a323611ec73cafc409f7b239afd52c58a78e7065dae7772facc096ce4e7d1eb92302850"
-                + "4ca79802e4bd3e04bdd3b900d01eb598595723baf4827599014eff32d17c0df91aac123b"
-                + "01df9895c932ea4f623085d0fcb632d88993a1e7b5e1e1871c2c160819d8e8f8942e258b"
-                + "ca25f89d8ab4c1153156aa7432ddf33d136be1851a51c4fb456da7ea95502d823ad9bb62"
-                + "90049954fed47f92de0a1cbe4d651813de5fea790f5b25eeae4f5004a3bbdc6d4b367527"
-                + "6962f86b041ee8391455ee394b3ef3d95bf4fc424f0ef3b476152041e881f29aa771dd7f"
-                + "1863341ff102b7606ec9393955427c53ae7dab1bfcae26b6c01de4fad27f870a0a55a083"
-                + "e5b672ff7182548af516eb8b116ce2e1e29212159d683d1e2fbc301c86123751a5991ce0"
-                + "2fb0dbe2ea4d71241ea4617d55fc5a684bc083b6f55de23f6954529e1daa478a8a64a9b9"
-                + "cdd0af5131d3881903f9113245f28fdb139ac17509a825366247fe1d99937e13deee8a50"
-                + "bf239bd623ba6b3ee93cc39a44e4907c995c7ed3b3ccbc028aa2f7e2a9052f9ad3a81561"
-                + "d65bdac7b57372dcfa6e34ed2f2bdcf254767af5bd999b5ad48c6ea9793c0ca5192fcb50"
-                + "3c9639da0ce98f8ba127f6e8f89159e28ab1bd10a5c3155958bf2b7cf4c9435b7254e969"
-                + "cadf2523acf1960d8e13febd2f219d9cc872df960dee1177bef9ea1585e150b753129502"
-                + "105c5b4ea532b0b8aa294721545d89d6d3d527b2e572e17d1d45d1e49ccca48bec5df70a"
-                + "a506c3cd7ea1f0345ba72f00f0d3e0b0f13cd3465376b85ed41ecae2f48a5e3590a5cfc3"
-                + "9f3fefeee6a57ddf9c204f56ba885c61a21a1ca9b6072fc2923d9373e3a991f8ec9eaa54"
-                + "8d79ee137b515be0744ce2a301a3af36aa09dc3aa8905ea03884ccbcce7386e816fc5f7f"
-                + "dfad404b067a5182f468bab857b295f1fed4fe3f8db5acd2e1f9721f6bb3f5b2c05e3690"
-                + "caa77a7f556073308a124f4a4caf0f878d8778c9333b7b48b381780544fcb6705df4a3fc"
-                + "01a33d69d29ca85e6111fad72abe215ddbb6d715be8a39d19812a8840a31e17f88d8c118"
-                + "de29f8e5b0b4360c3220a80e9b777a6f9aa5187657a484aea6a3f8c7209740a326293777"
-                + "9e353b7ecc5a7b73e2938ff7983c4effb41e5a9cc210f552cb304dd14ec5d92e8c1d7200"
-                + "b2e0a7063dfa3c7b36fd9b0acf0260a3dfec76e39f79af59578604fca6af74968331e470"
-                + "9c7fa58f7f87a838de2949d12550d82e2ae617e0057668b0ee946c373880e5e50eb4a482"
-                + "6b2c83dc9055bba150d47c43ac58f099040e06ba3fcf42a08dae32984bf4099c6ae94670"
-                + "013f2d14375d9b56e64c069c67ab3e15658c8336d1b7327f83f8e5daee3ddc76b369f3cc"
-                + "354c7a4685852cfd47e4d8724090d5d629ed3c2b672c61f2a0d14c178a4d9eaed7fe9d1d"
-                + "e7bac3ea2d8d94148694fe1993770fd56de255b75ae30069d3d93744fe7f82d106a54784"
-                + "329a4c73c548232dbf6bae651655eb3b3f62c85f698f0d86655d01f65d3566c9d2d3fb59"
-                + "42b2e3d846e173417f7a8c57ba38a7fd443eecd76fee81a1520c8e9e660e75b23eb7ece5"
-                + "88a577fdfcf06e09ef5c9a99499d52a1310358893639b5b346ee21d1fc2ce91619be31e6"
-                + "1c5f7821dde339476055039cc1a8f045434bc512ff74fc75e451aa20c174ee7a5fb6f686"
-                + "04830e72b903c957fa86dead167fe8df5cc67a3411f6e44a2e96ecdcc314cd6f7c659021"
-                + "8da02182c16ea1c87fc258f30e4c3368fb924a6e73738c2e534832855d8ea0cd1c002b89"
-                + "01cb40b66c7e3646b1dc14ed70da0e3d8a120bbc1eb4e4d81003c7ee2464cfa9169b18b5"
-                + "290cb0a443281ef3ec3bd9e6926c778f15320876cef162a07ba8cc6e61216e2a54d45d7a"
-                + "33d361bae1839ca8e62b4b4e4905b216bdccdb167807f137eca3a98a68d2b5e21fb8f0b8"
-                + "bb275f5b551ca77373066a7fbc0b8fff4969ee54e5e4cb946e8d5163e1b65fdca260915b"
-                + "834794419117c2614f0c835522a77a19dc3127378eeff43ba94689b2177801b00f2fac68"
-                + "61bc1b461dee1c53e5861de9a21f5eb45f87dcbfdb8189f972ddc970f98d903e5d08f9f5"
-                + "663cfaf400ccbeaa9777c9ae178583ee09b5a88a6f970d527658322ed87f1c8d2cb1df60"
-                + "07241440221447b6d9307c978cd964d90d076d516f02c258bcf2eaf6e7720ee365fbbd39"
-                + "96342d2edeb87b8ce38abe9b3a51b56f92384c3d8e3ad9770be26a60af23095474a368ae"
-                + "cbad10e93b8607500d2553d07b52a3cfb6b9d13d98fb5b5a4916d89849f0f37ae2290367"
-                + "6f26a1b2088b4912dd62f17f05f02e45eebe33a0b514412c18a6e39819b3e92f7c2901bb"
-                + "1dfc375e927afe468993400da91c590a19ebe5b8047d2780176b1341928691cd8ef916e2"
-                + "f8bbcee52d02aabe5a1155e186bff3af82245f9c5f24a647662dffb193f3f0a11006a05b"
-                + "7e9fb035e55b4cea67db00a65daa87ad8a64fd37e17150e73cbc0619a09453201789a655"
-                + "884002fd6e93aa49513a914fe5460bc4804158ed90231c811b928b5064c36ca9bd29e8f2"
-                + "db2ab992fe32abad052bdff6a16f2a6a0e8babfa68e59c862ec7a1c2554439c735aa1aee"
-                + "b9dc98b58c6a0269785f54253bee831361c3140255b755a8c42b978edbd21c99fdaaf736"
-                + "90cfc684e7885fb19dbbbe90b108fcae3748d4421d9ff44bc9ea2b4f28d5ae451a89f7a2"
-                + "fe184ede5e448acf22de728ab6e3310802835869ccf772bfa5c9794978481480d0522aa9"
-                + "7ea4a3b7636c53da9fd390453158482fbc3f9692b4e6a8c7530d6b2c3546da72b639e4be"
-                + "34991d32035a846d074a040ffa6d39610593fdb023188f9fe238e392c9e6687b2226f467"
-                + "78b1d378a306332ecabed3546867108d132cf51737d0513c91d0bd4db23e2157abe891f1"
-                + "25518416f1bb70230a1e629e948ab31cc03c53cbc2eb5f485b8868490243b9e37533b522"
-                + "6c759c298ee10aaf083ed7ffea7573fc4e7ae46563229979e8bcae0ea5ca6bee5f7d7c7c"
-                + "1515056df6db5252d043730434d4900408dca27fe2628847002db7671dcf1f959fc4b7da"
-                + "3253c62dc0b680a3854070d321aeed508be02cbb51e4f23734d337c152ec688ba863fdec"
-                + "58493e03925913fe0214cc1fcffb23f0fdd6ff13cf98e9caff86eb89a3ed8412b0e8212f"
-                + "04e83c56181e80df54f3d22753de597ab1800784cae7b55eab78cfaf6c9f9e6d587fdaca"
-                + "3ce632ef17d03411f34c6bf05707e957c7d2a3a801961d9dd44c1affee6c6274f8c4ea78"
-                + "3492dfdb6cc0e3a41e40d66e3e173ce4f1feb0ab3b12668b9670e3ed64872ac5c26fa422"
-                + "ee686aceb1a99e89dbbb07cc61b945389e76454d7feb4690d5a5785958a67b8f018f4df3"
-                + "17ebc3b9343aad88cc9072abc1d0a0bf9b39a0513a85ded70261b4dc5a30c8b776989e13"
-                + "e6232a978ca50954d9f7caa964a46d62eefc8c448cefd16f2bada187d674cc4aeeae5af5"
-                + "b2063963a180c41bc0fe3a82be90bd08aa74abf08a588cd2dca2e2d256ef5165081a1068"
-                + "dd608d722c42ea612f394df8915af997ef54e95be44e401948131c23637153174b62743f"
-                + "e5b6b104bb01b3365a82ba4e4ded915bbf9b47675936feeb9198164787ea2c97164286a4"
-                + "da425a705cc553d575641b7970333f334f44462f8cb9bb0969d7a35d3a2091d63735f651"
-                + "ced99a2f5edf917841b3d2000ad65227f7f226a1220d61a062fe981b699153f57522726f"
-                + "91924aae820689497df4fca303a7a2f02ed762a75f083f261d144c7d937cc8ec9825875a"
-                + "6e9e1fc763373ebd097edaf9644a7b3d2355fa5b69172a26a4af6587626e3c0d9ae0a4eb"
-                + "982ec6bc3353c504baad39f51d5657e32d760dc5ad35582c44b5aa78130e0ac01ae32be6"
-                + "41371a93813755cece24eab2339142748c055a31e13f1529e5ddd0924e92343a5280bfd0"
-                + "5f3a44d116fe436422b470075c05b5eba896848ab73579515e1c2a2b5163d3eebb35accf"
-                + "e3cc0242c6b90ee2a4dc99ea534147d317112dd2ca051f1df61aecedcea981979341a6b1"
-                + "05952988fba768bfddf4d8a880091ac114a4fe137a8f0856f5521d27cbb628cb6c8c5fe5"
-                + "a307966d8531f3316e2770d883bf0186d1debc6861141633e3c2d1f4fb62b2d3b16a9eff"
-                + "6c71e1ed34de8660731439527c7ff66f8994bff0919298818b7717197f0fdd5470f4c123"
-                + "3c3eaf66ce632cbbf501148734e7c58022be9f515d9dbb3fa0e1657082799c268724db4e"
-                + "2d534a9bd6e243efc22a749c97a53e72d8f4429423245f625164a060bdcfe1a4cb682a2f"
-                + "5f08d9fccf05b5e38c9882b49a6ae467b8232f1652fbfa90c66190fbe8f7debd0653fbff"
-                + "088a039d833f9e98d853648543bb60eb4ed5c4e3ec2c0480a7b2fe85c324c4869aa01b67"
-                + "a73204b8f0cbaadb040ed9dc55385c60d342f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "06cf8ff0f024235b55d75057e926a8966475b49d7c6a2cb1b43ce9c6969683526e2e6654"
-                + "2dc1c07bd65fef62f2a8b9c32de71638298dd0f69dcdc748a51e143d800f629943c49a56"
-                + "566cf13d72c0d19744c75af1f46ccac678385ce852b0aa9e6c00dd19360b3ccb3a110523"
-                + "f18cc02492e221ef624a312fa3234bf17b2df012748b690871cf1b0f68e8dc2df0627e6b"
-                + "95a2bbbca7a2fc851548b112439a36103dcbffcf658fc22344463a6286966a4b1ac88310"
-                + "75bfdaa3847a13eaafed8b4480077e7c9ba19f6d91220f2999842ee9d743b0413fb06410"
-                + "5f0a0824358974d4bc1519e8f83fc3a7e83f3be5ea03e4475680dd31a7c1fd4e99e8b303"
-                + "570241469cc1cde6353ad7c97763baec7890ae4d7a2199a0744114545fe773765218fab3"
-                + "6ffce6ef4e98f6d7b24ace8705aa81b534225a0f2bbbad16c79a07d0cdc9b4fb86f023f0"
-                + "8b484af868f82ea9e3dd49816a4d54a507c5dede45570717d551a8453dce4d6570e5e457"
-                + "69656f471e486adb0178229bd0b1417c114e2737c76dfdbe3f7a96af33b6a0478e02d076"
-                + "927410078ca60b3bad250f01e39be83c3a45fdc26ae0ab1e4d80cd92a06aec6d8ef436aa"
-                + "a356d4b35ae297b98ff3602fb1cd7b295118c2607cdcb34eccdec9dccd3f2ac2688e7261"
-                + "b2d4130325851eec469b378ef1694510262ac4685afd6edb38438a7d62f189df75985e04"
-                + "2fbc5c8f7035e05790ab7d95bb2866547b98785e029ad95a11014a8749406398875c5893"
-                + "c4acdbab24153abc3b33f85a5a2096d04b981017e80384e8a5366ce823ac9bdc357a9d01"
-                + "8d12d0b8f4e6da201dd14ebdbce809b1c76af800c23fe6e4ea92aa80287c38d77cc2e906"
-                + "7d0dfec357f4ccf49f5b5305f8dfbd37e2383cbd11b8ef1c1556ccbb96d474bab8c353f6"
-                + "2d87b6fa0786b655e25bd1ee72aebb4319e9fc65a6e7cd4c285d991b606bb6028c4c7eb2"
-                + "db7723457328fa1d5e2f6c157c4e869d6f605a2d244c98e669f1609e073b5a01e33c764c"
-                + "5e50228ffcb77ed7783706a99c9c760510d5e118036453dacadb96a2a11cc43a12078e2c"
-                + "c0bc7286963250ddec578180722f9dd53dc73f5811ab9675f3001ac2cda5080b0d5cd6b4"
-                + "36df526fd9907621cc235a3caec728dd8755f02747d0e8055e202e509bbfbc92c5c50dce"
-                + "18c1e3fe7af4c6a83700b04fffd0475ef08b02b9c083a7bfbc835b2da937b7527ce6d183"
-                + "cd9895ab498577253ccc8b5b57905c4ad7be3746821de2d3421b49f789fd9354d1ebe763"
-                + "2fba9e71e79f7d760c8d71c80013743ccffd78664d7bbc32683f676194c2aa95b7ec953f"
-                + "a9eb9d81d49a061ed7cd4102e079912b890a3e28e55ecb4df30987ff6ec74a6446dc64ef"
-                + "41f329346de509a4ea95e61198ab527a7e37a46bac1c1ee6e3d8b91213a440f908ac1119"
-                + "f287b10f4ec0546a418deb1c065aea3c1fce7a326a7edbca9f0c71e43b8852e0ee2e2161"
-                + "fa22392be9ce42515e77161a0a719071fe07c3c311b9599df2149c136fdb4d1e748d134e"
-                + "49990503bf9c05f96121af7512bd4a56a6d4cb2ec949d622e1747686412364a8bb5485c3"
-                + "32412fb6a24eed1bb22fb4401db7ab742515ceaaa0a604fe7d0d9a01c86fc2da90db9dd9"
-                + "ce265d492f0257ab1ad56e3f3777a1826a028df443943322abb11b4a179ef559a0809eb1"
-                + "68d810af7ec52c45692d208474a4567a72d697e2d325de4c8f6177ad3cbf54f72c39de5c"
-                + "cad2a8f7d885641fe14dd7898f64c28d295977e6b2cd74707c6ef739106abe9378009d10"
-                + "389fee45c34b86040c83d3b8b066da957c0ad4a039d91f03da10444014c47f38e61aaa68"
-                + "5382a540a6d903bfdb339eccf25591135e1be33249afd2bcf1dfa9add5ffe0cfaa4a866b"
-                + "cdcece58c029fad29233542f4d01bda72e2ae40f06c1268033ffa86d9f55361932c72af8"
-                + "70797c663dd7295d54fb5d4888bb9a0c07f73940a7b77c2cbd59928c84c73bd55683673f"
-                + "da7993c2895530538945b24600f85227a2cea8a8e393716f5597175dd9028b34ad245f6b"
-                + "3981df04011dde743081703679bb523588e7e51ba9a02025e46fd35dbc2c1de6ede0c741"
-                + "e66f287b483c415d9c5cd46fc2ae6c7e888a433003ec4dd13c42a06b4d7e9dc0f735866a"
-                + "fe825507b6440a282d6f0977316d3b35a0ba5e903820d058cde5f96232fbc64422b66ac5"
-                + "8d6e35d8b9078ecd596d40d836447b3fe4e38cdf1cec5eec0e21a8e89a966952c68b78e0"
-                + "333660cfad6aaabe466343128ce43ea8a00e6ee0c21d22bf15194a68a97273cfce94ee39"
-                + "9dca71a0995d319d928df962b7c21587004152257298646e093e4fe6301740f32eb0d0fa"
-                + "c7a68e88fa8f7e6a03759ad379afca083239cced9f19b4e1e45dafa49874751e2a11bdcf"
-                + "43a5034d4262b254ed8d605e10b162c48f8268be77b563305d6e516105f147612a9243e2"
-                + "fdecc0db5eed59b7119009915a92396a3cc7d8daaf2f457c6c4f77119628abec045c33f0"
-                + "29310c5e1010bd940777f89632520ecc96e2b926ae92bcbd4e4f7037ed56f196c9e495b9"
-                + "b1fd54859110c7179944b015fa4581fdf709be02a8fa58a1e07e749d5bf64edfb166a722"
-                + "84bcd4b548c0efe1ea0fef7e65deaa7e4a47871785d8725f7aff0a8b8f19552845a6c1ae"
-                + "25ad74628a93b00b23632698850f341c66985cd203448527a5cb608a661ca800ecba14d7"
-                + "53a4f64578be106808966065a1e6501a539adba2124fd5a7d5ffe053806ecc6998e76e78"
-                + "7f23a8111687461cb11d7c1ea39d828d3b29cf796c3ef65a9a2c4f455a0dd2a8adae4f1d"
-                + "164b3c5cd5ed5c5006547df0d7953d56518ece379c9258863c539f96846da074198fd3a0"
-                + "ab0b0792d56590c0ba57e11ad52dc9496f8b7ec2ef8dc5d810eef944f972e9c3d43c9ad6"
-                + "6b9e5ebe3e1f9c2a985a1e1a09ce5863699ae7413237ed774901166abd7dffab0af42037"
-                + "62e5353445587cda22c6674d896cf813767dbcffb7c4e877274ae1922de5fc37ed041174"
-                + "48ec2a6c19b0c8cea3bd32603da50df8a25aa0246da7d1add751f79a7d08755599be7678"
-                + "4ca22962058b1e50c481aee05a90b0db8a85c07d21a1dcd9db42f4e6ae0e503a5cf94b2a"
-                + "2983f55a7d3713cc9ed56ce326a229a4f448ce6b78ceb4d81bbbd2b36bfe66e393a9d7ed"
-                + "7fb47c2a4117036d6c2949d12550d82e2ae617e0057668b0ee946c373880e5e50eb4a482"
-                + "6b2c83dc9055bba150d47c43ac58f099040e06ba3fcf42a08dae32984bf4099c6ae94670"
-                + "013f2d14375d9b56e64c069c67ab3e15658c8336d1b7327f83f8e5daee3ddc76b369f3cc"
-                + "354c7a4685852cfd47e4d8724090d5d629ed3c2b672c61f2a0d14c178a4d9eaed7fe9d1d"
-                + "e7bac3ea2d8d94148694fe1993770fd56de255b75ae30069d3d93744fe7f82d106a54784"
-                + "329a4c73c548232dbf6bae651655eb3b3f62c85f698f0d86655d01f65d3566c9d2d3fb59"
-                + "42b2e3d846e173417f7a8c57ba38a7fd443eecd76fee81a1520c8e9e660e75b23eb7ece5"
-                + "88a577fdfcf06e09ef5c9a99499d52a1310358893639b5b346ee21d1fc2ce91619be31e6"
-                + "1c5f7821dde339476055039cc1a8f045434bc512ff74fc75e451aa20c174ee7a5fb6f686"
-                + "04830e72b903c957fa86dead167fe8df5cc67a3411f6e44a2e96ecdcc314cd6f7c659021"
-                + "8da02182c16ea1c87fc258f30e4c3368fb924a6e73738c2e534832855d8ea0cd1c002b89"
-                + "01cb40b66c7e3646b1dc14ed70da0e3d8a120bbc1eb4e4d81003c7ee2464cfa9169b18b5"
-                + "290cb0a443281ef3ec3bd9e6926c778f15320876cef162a07ba8cc6e61216e2a54d45d7a"
-                + "33d361bae1839ca8e62b4b4e4905b216bdccdb167807f137eca3a98a68d2b5e21fb8f0b8"
-                + "bb275f5b551ca77373066a7fbc0b8fff4969ee54e5e4cb946e8d5163e1b65fdca260915b"
-                + "834794419117c2614f0c835522a77a19dc3127378eeff43ba94689b2177801b00f2fac68"
-                + "61bc1b461dee1c53e5861de9a21f5eb45f87dcbfdb8189f972ddc970f98d903e5d08f9f5"
-                + "663cfaf400ccbeaa9777c9ae178583ee09b5a88a6f970d527658322ed87f1c8d2cb1df60"
-                + "07241440221447b6d9307c978cd964d90d076d516f02c258bcf2eaf6e7720ee365fbbd39"
-                + "96342d2edeb87b8ce38abe9b3a51b56f92384c3d8e3ad9770be26a60af23095474a368ae"
-                + "cbad10e93b8607500d2553d07b52a3cfb6b9d13d98fb5b5a4916d89849f0f37ae2290367"
-                + "6f26a1b2088b4912dd62f17f05f02e45eebe33a0b514412c18a6e39819b3e92f7c2901bb"
-                + "1dfc375e927afe468993400da91c590a19ebe5b8047d2780176b1341928691cd8ef916e2"
-                + "f8bbcee52d02aabe5a1155e186bff3af82245f9c5f24a647662dffb193f3f0a11006a05b"
-                + "7e9fb035e55b4cea67db00a65daa87ad8a64fd37e17150e73cbc0619a09453201789a655"
-                + "884002fd6e93aa49513a914fe5460bc4804158ed90231c811b928b5064c36ca9bd29e8f2"
-                + "db2ab992fe32abad052bdff6a16f2a6a0e8babfa68e59c862ec7a1c2554439c735aa1aee"
-                + "b9dc98b58c6a0269785f54253bee831361c3140255b755a8c42b978edbd21c99fdaaf736"
-                + "90cfc684e7885fb19dbbbe90b108fcae3748d4421d9ff44bc9ea2b4f28d5ae451a89f7a2"
-                + "fe184ede5e448acf22de728ab6e3310802835869ccf772bfa5c9794978481480d0522aa9"
-                + "7ea4a3b7636c53da9fd390453158482fbc3f9692b4e6a8c7530d6b2c3546da72b639e4be"
-                + "34991d32035a846d074a040ffa6d39610593fdb023188f9fe238e392c9e6687b2226f467"
-                + "78b1d378a306332ecabed3546867108d132cf51737d0513c91d0bd4db23e2157abe891f1"
-                + "25518416f1bb70230a1e629e948ab31cc03c53cbc2eb5f485b8868490243b9e37533b522"
-                + "6c759c298ee10aaf083ed7ffea7573fc4e7ae46563229979e8bcae0ea5ca6bee5f7d7c7c"
-                + "1515056df6db5252d043730434d4900408dca27fe2628847002db7671dcf1f959fc4b7da"
-                + "3253c62dc0b680a3854070d321aeed508be02cbb51e4f23734d337c152ec688ba863fdec"
-                + "58493e03925913fe0214cc1fcffb23f0fdd6ff13cf98e9caff86eb89a3ed8412b0e8212f"
-                + "04e83c56181e80df54f3d22753de597ab1800784cae7b55eab78cfaf6c9f9e6d587fdaca"
-                + "3ce632ef17d03411f34c6bf05707e957c7d2a3a801961d9dd44c1affee6c6274f8c4ea78"
-                + "3492dfdb6cc0e3a41e40d66e3e173ce4f1feb0ab3b12668b9670e3ed64872ac5c26fa422"
-                + "ee686aceb1a99e89dbbb07cc61b945389e76454d7feb4690d5a5785958a67b8f018f4df3"
-                + "17ebc3b9343aad88cc9072abc1d0a0bf9b39a0513a85ded70261b4dc5a30c8b776989e13"
-                + "e6232a978ca50954d9f7caa964a46d62eefc8c448cefd16f2bada187d674cc4aeeae5af5"
-                + "b2063963a180c41bc0fe3a82be90bd08aa74abf08a588cd2dca2e2d256ef5165081a1068"
-                + "dd608d722c42ea612f394df8915af997ef54e95be44e401948131c23637153174b62743f"
-                + "e5b6b104bb01b3365a82ba4e4ded915bbf9b47675936feeb9198164787ea2c97164286a4"
-                + "da425a705cc553d575641b7970333f334f44462f8cb9bb0969d7a35d3a2091d63735f651"
-                + "ced99a2f5edf917841b3d2000ad65227f7f226a1220d61a062fe981b699153f57522726f"
-                + "91924aae820689497df4fca303a7a2f02ed762a75f083f261d144c7d937cc8ec9825875a"
-                + "6e9e1fc763373ebd097edaf9644a7b3d2355fa5b69172a26a4af6587626e3c0d9ae0a4eb"
-                + "982ec6bc3353c504baad39f51d5657e32d760dc5ad35582c44b5aa78130e0ac01ae32be6"
-                + "41371a93813755cece24eab2339142748c055a31e13f1529e5ddd0924e92343a5280bfd0"
-                + "5f3a44d116fe436422b470075c05b5eba896848ab73579515e1c2a2b5163d3eebb35accf"
-                + "e3cc0242c6b90ee2a4dc99ea534147d317112dd2ca051f1df61aecedcea981979341a6b1"
-                + "05952988fba768bfddf4d8a880091ac114a4fe137a8f0856f5521d27cbb628cb6c8c5fe5"
-                + "a307966d8531f3316e2770d883bf0186d1debc6861141633e3c2d1f4fb62b2d3b16a9eff"
-                + "6c71e1ed34de8660731439527c7ff66f8994bff0919298818b7717197f0fdd5470f4c123"
-                + "3c3eaf66ce632cbbf501148734e7c58022be9f515d9dbb3fa0e1657082799c268724db4e"
-                + "2d534a9bd6e243efc22a749c97a53e72d8f4429423245f625164a060bdcfe1a4cb682a2f"
-                + "5f08d9fccf05b5e38c9882b49a6ae467b8232f1652fbfa90c66190fbe8f7debd0653fbff"
-                + "088a039d833f9e98d853648543bb60eb4ed5c4e3ec2c0480a7b2fe85c324c4869aa01b67"
-                + "a73204b8f0cbaadb040ed9dc55385c60d342f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "071df262e3499222639eb7e7246a3c91de4f4e1beb944bcbc52e7507f482631e633bd325"
-                + "591368b31ba0624dd6ad1234a1fde1529ab6072963caa8d85b08c9b874d2e9e85634e67d"
-                + "7ec2faf99438f55406b5652e876b33cd216bfd508bfe86e1906eb873bfa619450507c418"
-                + "a361e791d47114d4d5425100c984ce80a8f4e647c9e3312e49a6a32bca660edb9edcaa29"
-                + "c7f06a85e42cd78e70687ca67f18b107868e94f4bd3b91fb4d7743f77456bb13eb459cf1"
-                + "4d6ac88b473d5d1b05099150c1daf8a10de0041c72ba1789d88392276ae1d7f9c24a210d"
-                + "650c9b58dc58a437fd4e8f20a23f2c42056ba556c88f37e60d6eb710e6e6ff27aaa874ea"
-                + "14cf210f3bf0ea399d5c7c515080bddba5a141f89eb99984582a0c3378c05f2f58645ae4"
-                + "532dc3e4bf7b1f345f2be89f44b575e7d16abe9c68fe2c8885bc2de13bc66aa85ed2a6c6"
-                + "499264c52a99a90a6144db80d80a20675eb11ff8d237bebf08a571a70ec81248073f8459"
-                + "bde59242a529e6e81069776e0535441d18a3e839966219e3202b530cbce34a314c6f6082"
-                + "40f8d90cf1ec07add9ee0910cd8e819f5baa53f0b082386f98d5e6c6c6a435d3f6d02a66"
-                + "89cec23d406fdbca9ebf392d1315caa1b3b5d5b8cb0c6bb7375c64b935708f0012dfb6f6"
-                + "33ed2234af72a154c110fc41c2a8a5548db2d8ef102f607881aeda6ee24b0f5c4f598c7d"
-                + "d9656b57583f05dcffc57f99e126abd32c4ffc3e2a59ae6313a8a7455c9f2027dc23a124"
-                + "316d04c9ac9121b29079aaca516f35f02bd5cdc599276c8fb5e43ae5b54738054d6ae6b9"
-                + "d534e8839a6368a61dded9769841a896271411349ee66a8229111d10c88dc21f4dd84ab5"
-                + "aab5b6a42db9be5dd15bcc505c569e41bf5b15bbcbd43896d61e70fd758f389bc11aa9de"
-                + "2c0d0ab7e6f2e48f921ea5ae08352f2469939b0f95b50aeb7c29768ee2799a7050f6baa3"
-                + "21b70267838f8d78dffaa93368493e8971f22e0811496e8bbbf247dbe9fde951d8a5b025"
-                + "3515d62673ed9bc06eebd5c0a779027cd124c5218298be9f8e3e47334bf5341976c18816"
-                + "1bc4e95ef24e54dadc5c6ae911698f45c958c1a3c3f77a61774cd2307248e4a9d0e8d077"
-                + "f6686d172eca303980228823b1332f56b8eb54ffc0b179dcc578dd5d571adab2cc9b423a"
-                + "4b8b6d3f6c6d39673eb1e688659b003381f490bbf58a66986857ac5641db508f4a0d1e11"
-                + "35284778bfc2086ab1254a8d0307f3288bfeb835dede235c9ea30aae45962dd049063c87"
-                + "1738dffe8aed893477a2fb309b3839f99176aea300a7c06a18c67b2076c244e79f3400ae"
-                + "adc1549ee8a3bf7bda1590c3d15fca713e509873cc90867915f3886ab14b575d047e2ed6"
-                + "178f952c41a59d12ac0e6ab97fbc9c4644a5e1a30bbd05d52c912a63298f3087de45b8dd"
-                + "4ee871da19f3a7298e1f62eb1872959d52f2517f1b4d2db257b699ebe1be75292c1da59c"
-                + "e870ca2876da22976c2c8f8cb5d85ff85e667c3c56e0eb78c76ec4d17f4f110c4eff8685"
-                + "4aad12604b8de317bb913f2a96ade99f44037b2ce0c8c9193ebb6c4f492f0edccebedf6d"
-                + "3c465e45f1454a5b282e5367e6edec3d6d0e8e7e715c93919b576d22249a6ad1b9d9fd5b"
-                + "213137fcd070aa5ee73f16055b0486e2eb00ce0ace65ee2dd20f8e2ededa7b3768b8c4b9"
-                + "b0d4413a8ab796f44fb406f20b853f516ad05ed4536d8940dbcf405f946956f4a0ff13f5"
-                + "02ad758e95bb0961f3895ca68da6f433cf49df9297b44477fc57c63a19092c39e23afa22"
-                + "05565debb9e5c5e7a7ece41f5ac17711ad03d3ce87179f2cf485bb8e554afbe0df808b9e"
-                + "5d4e6c02adfe0d744cce0674990d4830df5105ead5dd97e20af446829ccdc39b03e27bb8"
-                + "927e15f59c7f8a35e3bde8877f2a84fd07f17fa8939ed51ad5169852d9aa90598bbab435"
-                + "1be9eb4c4d39badead509d04b7b9499ba27167a85d68d10076eb2b57349b16858edcf93d"
-                + "43a061a0caa35c2697f5af586acbe3c8c305d80cc9e34b25ec19b1e66cd654e4dd826bb6"
-                + "70725cd4aea7c085db37e308e302917a22877f5b5219328b1a656083bbd37d456115ac4a"
-                + "859452bedc7e39e79e2257b8a861d3572ff7c0a65f82fd2980d35972cc4ddff28379ccb3"
-                + "427f96113171b1087841d32f6f2a611c8d43cdfa36fb2c9b91dccdcfc8228aa26bd41b86"
-                + "a01a9caa3107c3f8ed9c79d7e5861afcdbc75e7e4cb53a9378f1826efcfb0b8730606f82"
-                + "6c046a5e24f4e19fd0beac27555f334316bfe175138626b21810017dca03531ffa5959f3"
-                + "b9653b3b3f4617c91f4f1ad20b1074fc7adfbaabf59fb9d25784826b5748f359cc35ba12"
-                + "2a7719493830ec31e6d9a8408c4bc516c4c3ed334b2cb4b98fd8eb42b59717e431965e73"
-                + "22b7fc67b1f150f845da131dccccf32f55975d6b7b898d5c749578b44e2301c2644c23d7"
-                + "77cd8321ac0d9378ea6d1ba251e1811fdbd698712cb9763d2616a2f09b6d8829ea94b658"
-                + "32b77349dd527985cf208baaa75ad45e788579ce1d71f19ea79d4d721ec8d519d22888c2"
-                + "86209001457bf61550fe5170587b99fdb0d2ea3165cb0df8090facddf036aea0fc1ce535"
-                + "c656c790430f5695a1c552579548e4b716ea84a2c84129b05b2582102edf979735c2b5cd"
-                + "f9a06247d668980229aa506bd32263400a1d9faf888cc270b1111a63892f88d244c57180"
-                + "d27e26c34063d49fbe776cfeb54979cdd7934e0a6609b40a9129a9df73ba6bc36a78eb3c"
-                + "acd808461fb41da93edd42dee2fb6211422b6ab9fc005ade80c5d846f1a1b83bf92f5884"
-                + "d82f6e8ebe0b3f9596c3e01edf24c89af2659a6aa4183ca8ff5075c9eb29da35bd700787"
-                + "28422a684ed76d095da1337b4110e4839665f56c95a35174ee946fc8f37cd585054d3907"
-                + "94048a24f667cb74f9279f83aac70ebc364a7ce5e2a356c1bf73f7b8b598a99b6deed765"
-                + "f8867451d62723ddfc04797ff7deef3aa27782813c182c2946ee0106f95f2ad4d7f670ed"
-                + "12208f9d138754a0eba619a6f4fd45d299cd7f08152fd5b7a2f3c9fe3911de6eee1d59ed"
-                + "bbb07e903d5fd6af134f159714dbd00686f75800c820b8cef25c2edb7e82dae38e1e5e64"
-                + "3eb7045ac256e9e93e471c051aa229a4f448ce6b78ceb4d81bbbd2b36bfe66e393a9d7ed"
-                + "7fb47c2a4117036d6c2949d12550d82e2ae617e0057668b0ee946c373880e5e50eb4a482"
-                + "6b2c83dc9055bba150d47c43ac58f099040e06ba3fcf42a08dae32984bf4099c6ae94670"
-                + "013f2d14375d9b56e64c069c67ab3e15658c8336d1b7327f83f8e5daee3ddc76b369f3cc"
-                + "354c7a4685852cfd47e4d8724090d5d629ed3c2b672c61f2a0d14c178a4d9eaed7fe9d1d"
-                + "e7bac3ea2d8d94148694fe1993770fd56de255b75ae30069d3d93744fe7f82d106a54784"
-                + "329a4c73c548232dbf6bae651655eb3b3f62c85f698f0d86655d01f65d3566c9d2d3fb59"
-                + "42b2e3d846e173417f7a8c57ba38a7fd443eecd76fee81a1520c8e9e660e75b23eb7ece5"
-                + "88a577fdfcf06e09ef5c9a99499d52a1310358893639b5b346ee21d1fc2ce91619be31e6"
-                + "1c5f7821dde339476055039cc1a8f045434bc512ff74fc75e451aa20c174ee7a5fb6f686"
-                + "04830e72b903c957fa86dead167fe8df5cc67a3411f6e44a2e96ecdcc314cd6f7c659021"
-                + "8da02182c16ea1c87fc258f30e4c3368fb924a6e73738c2e534832855d8ea0cd1c002b89"
-                + "01cb40b66c7e3646b1dc14ed70da0e3d8a120bbc1eb4e4d81003c7ee2464cfa9169b18b5"
-                + "290cb0a443281ef3ec3bd9e6926c778f15320876cef162a07ba8cc6e61216e2a54d45d7a"
-                + "33d361bae1839ca8e62b4b4e4905b216bdccdb167807f137eca3a98a68d2b5e21fb8f0b8"
-                + "bb275f5b551ca77373066a7fbc0b8fff4969ee54e5e4cb946e8d5163e1b65fdca260915b"
-                + "834794419117c2614f0c835522a77a19dc3127378eeff43ba94689b2177801b00f2fac68"
-                + "61bc1b461dee1c53e5861de9a21f5eb45f87dcbfdb8189f972ddc970f98d903e5d08f9f5"
-                + "663cfaf400ccbeaa9777c9ae178583ee09b5a88a6f970d527658322ed87f1c8d2cb1df60"
-                + "07241440221447b6d9307c978cd964d90d076d516f02c258bcf2eaf6e7720ee365fbbd39"
-                + "96342d2edeb87b8ce38abe9b3a51b56f92384c3d8e3ad9770be26a60af23095474a368ae"
-                + "cbad10e93b8607500d2553d07b52a3cfb6b9d13d98fb5b5a4916d89849f0f37ae2290367"
-                + "6f26a1b2088b4912dd62f17f05f02e45eebe33a0b514412c18a6e39819b3e92f7c2901bb"
-                + "1dfc375e927afe468993400da91c590a19ebe5b8047d2780176b1341928691cd8ef916e2"
-                + "f8bbcee52d02aabe5a1155e186bff3af82245f9c5f24a647662dffb193f3f0a11006a05b"
-                + "7e9fb035e55b4cea67db00a65daa87ad8a64fd37e17150e73cbc0619a09453201789a655"
-                + "884002fd6e93aa49513a914fe5460bc4804158ed90231c811b928b5064c36ca9bd29e8f2"
-                + "db2ab992fe32abad052bdff6a16f2a6a0e8babfa68e59c862ec7a1c2554439c735aa1aee"
-                + "b9dc98b58c6a0269785f54253bee831361c3140255b755a8c42b978edbd21c99fdaaf736"
-                + "90cfc684e7885fb19dbbbe90b108fcae3748d4421d9ff44bc9ea2b4f28d5ae451a89f7a2"
-                + "fe184ede5e448acf22de728ab6e3310802835869ccf772bfa5c9794978481480d0522aa9"
-                + "7ea4a3b7636c53da9fd390453158482fbc3f9692b4e6a8c7530d6b2c3546da72b639e4be"
-                + "34991d32035a846d074a040ffa6d39610593fdb023188f9fe238e392c9e6687b2226f467"
-                + "78b1d378a306332ecabed3546867108d132cf51737d0513c91d0bd4db23e2157abe891f1"
-                + "25518416f1bb70230a1e629e948ab31cc03c53cbc2eb5f485b8868490243b9e37533b522"
-                + "6c759c298ee10aaf083ed7ffea7573fc4e7ae46563229979e8bcae0ea5ca6bee5f7d7c7c"
-                + "1515056df6db5252d043730434d4900408dca27fe2628847002db7671dcf1f959fc4b7da"
-                + "3253c62dc0b680a3854070d321aeed508be02cbb51e4f23734d337c152ec688ba863fdec"
-                + "58493e03925913fe0214cc1fcffb23f0fdd6ff13cf98e9caff86eb89a3ed8412b0e8212f"
-                + "04e83c56181e80df54f3d22753de597ab1800784cae7b55eab78cfaf6c9f9e6d587fdaca"
-                + "3ce632ef17d03411f34c6bf05707e957c7d2a3a801961d9dd44c1affee6c6274f8c4ea78"
-                + "3492dfdb6cc0e3a41e40d66e3e173ce4f1feb0ab3b12668b9670e3ed64872ac5c26fa422"
-                + "ee686aceb1a99e89dbbb07cc61b945389e76454d7feb4690d5a5785958a67b8f018f4df3"
-                + "17ebc3b9343aad88cc9072abc1d0a0bf9b39a0513a85ded70261b4dc5a30c8b776989e13"
-                + "e6232a978ca50954d9f7caa964a46d62eefc8c448cefd16f2bada187d674cc4aeeae5af5"
-                + "b2063963a180c41bc0fe3a82be90bd08aa74abf08a588cd2dca2e2d256ef5165081a1068"
-                + "dd608d722c42ea612f394df8915af997ef54e95be44e401948131c23637153174b62743f"
-                + "e5b6b104bb01b3365a82ba4e4ded915bbf9b47675936feeb9198164787ea2c97164286a4"
-                + "da425a705cc553d575641b7970333f334f44462f8cb9bb0969d7a35d3a2091d63735f651"
-                + "ced99a2f5edf917841b3d2000ad65227f7f226a1220d61a062fe981b699153f57522726f"
-                + "91924aae820689497df4fca303a7a2f02ed762a75f083f261d144c7d937cc8ec9825875a"
-                + "6e9e1fc763373ebd097edaf9644a7b3d2355fa5b69172a26a4af6587626e3c0d9ae0a4eb"
-                + "982ec6bc3353c504baad39f51d5657e32d760dc5ad35582c44b5aa78130e0ac01ae32be6"
-                + "41371a93813755cece24eab2339142748c055a31e13f1529e5ddd0924e92343a5280bfd0"
-                + "5f3a44d116fe436422b470075c05b5eba896848ab73579515e1c2a2b5163d3eebb35accf"
-                + "e3cc0242c6b90ee2a4dc99ea534147d317112dd2ca051f1df61aecedcea981979341a6b1"
-                + "05952988fba768bfddf4d8a880091ac114a4fe137a8f0856f5521d27cbb628cb6c8c5fe5"
-                + "a307966d8531f3316e2770d883bf0186d1debc6861141633e3c2d1f4fb62b2d3b16a9eff"
-                + "6c71e1ed34de8660731439527c7ff66f8994bff0919298818b7717197f0fdd5470f4c123"
-                + "3c3eaf66ce632cbbf501148734e7c58022be9f515d9dbb3fa0e1657082799c268724db4e"
-                + "2d534a9bd6e243efc22a749c97a53e72d8f4429423245f625164a060bdcfe1a4cb682a2f"
-                + "5f08d9fccf05b5e38c9882b49a6ae467b8232f1652fbfa90c66190fbe8f7debd0653fbff"
-                + "088a039d833f9e98d853648543bb60eb4ed5c4e3ec2c0480a7b2fe85c324c4869aa01b67"
-                + "a73204b8f0cbaadb040ed9dc55385c60d342f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "081a9c735975bb5b31a16c39a9e6768dfae7a3caba528dbd84947896ec2001d70f8c81f2"
-                + "b04f4a9765554e8b8022eae8f9f655303d6491284e4ba7d5e8222f2822a7a7c1367853e1"
-                + "5e647d3b64bb2979693f3d1b82f01e9eda03ee11d0c816a485cfeba334a38e8656b9a973"
-                + "f85d47a53b138a545585799db9b45289f014576663033daecaaa72010b62db7491c9b430"
-                + "fcb00e7aaa181bd962d357a0a7e20f858a2fcc7e7567e85c3abba47794609dfee73196ab"
-                + "ab814d619194d5185feb85c6476fe88a82243e0cc60f2b415dcd86a04090e03620f1eff3"
-                + "b8cf062aa967c603d29dac6213bbfc78b48a47c5a8831e987b2646d46447144d365e93f8"
-                + "d464e32bcf7667028f551bc6c3e3076a70a3b6c4ee82ff0be7741b4e5f2bf5373c77b9ec"
-                + "59ca5481e6288ea2f9d1b0e0fc88613595212b1a95706da32347e434046e0efc188e9914"
-                + "945cc988e6bb04f6ae63703da43ab4876f522bc5a464cf9181244e9c144f8a68e66db5d0"
-                + "169c49bddccb9698ecaecbf3ab7ca77a2962e2dcd22e43246a1d4353c67bab65219f1754"
-                + "1ee33534f67f258bf358448f98511fa2a14c07f76f234666abb81f404342435d62c4560e"
-                + "c49757260aabff7abdc12bc3cbe643386eba0cdf7ae1828a437256ef19ff3d37ea0db347"
-                + "da8dc122b4675016583b073fd88aa31ee0aa6a051447b765b5a8a0148b3b4cc49d47c0c7"
-                + "588d9ad6cb74298cdfced510345da53e9565731a203fbddb454539bbf5525f715f1dd73c"
-                + "ce1d1dcf63f592d930d0e43b0dfc1b0e3a0fe5de76c825bb6cd548a4e34701b70b0fbf37"
-                + "50cb0a195126e49ab69033ad12761b3eced4e2b7f447b3703ccb66addb585b5353af7544"
-                + "eb7fba6636bd12ab396c3dfacfb070d3b8999306a5e42b59226b55dbb78164f43259cac3"
-                + "1ae4aa66b5427da4b6f39088988a305ec5f177e683d8a35e29672fd9d2495425fd477350"
-                + "f3af1b936900e322a3a679f239a127e5adaa345e6f80925242980a78aab55e13143b99a8"
-                + "08b080cfe94c92fd17d5058c06ca45ba9d70f1afbee59ce586e33783b589254a9b23c923"
-                + "ff6f25ab78b0e925c0ab608fda05f99611f29d0b27a2353fc25eec2233eb2dcd6bb00517"
-                + "66668fbc15a2a2e279513f4e1fde1d6cea589cbb30a19be843f7b7a4e5a9d38508bd2346"
-                + "dcf7083582904c6440b13a1b39fa83051feb96940b266a92084c4ca7cdcd475615e3252b"
-                + "ea92f2078ffc38e08803c9192839d0f938af61c7f63446bf935eba51f4cf0d731f11e54b"
-                + "c6c132c29b126a4392030b02951772d64bd1cf9391b5336f3c0d02351f5bc88cbf2cef7a"
-                + "7ceae0c22f14353dd72e5c639f37d84125963196187837d0a5c940abb61a1b4fbf3c68a2"
-                + "6c2e86160fd21a9f870de378ff95765c8cc0ff405ba66aa86569c5765e0c902c3e354498"
-                + "fc212d60591164ac943688352fb14b559749d4252c338a943cf827b8ea16aa7f5fa1fa8b"
-                + "da51cd282221e3a03f2f7902c79de8f469cc5f46067abb0ce06bddf66780748318996ed6"
-                + "07634c4e919c62ea3b2fb6425634c6b349b6160ea397abd78cfd49918df3b451165fe3b1"
-                + "baf23cef3fbc899186e66fa96824fa25e2171acdaf19abdea3b6626570dccdc427dad3f2"
-                + "585c3aaec29647247facf840f27183095b2ec7b7e3d394b354dcc3463585c17eea4229a9"
-                + "f7d3059f29978d482fe71755e0ab7ee3f0df7deeb1d4327737547403815021ebf7e0f382"
-                + "050c843d03602f513cd4780c8dd74bb830662a4ccf4dd8387d7ea1f4bbb4e843ebd6da5b"
-                + "8c3e7504b9b151b2573305d2ce18936408fd7fb4d5934f6149496e11c4993e771a52aa45"
-                + "b2ec387c796d941ee04cf5a0680b2a1b5897243c62c3e36422de8bb150530bdd5b3b717e"
-                + "31a58906dcd87b7ace50cfc3a12344bf9c6929afd7fedda234464831845550d517062dbc"
-                + "7635b717c05b7b9adc5d94ec3522895a4035718eb6cbd5ec2c117ad1d870b9250b06c776"
-                + "ce34ae4f554e612722ed1fdc4186d5dab9e955a488f02dfb88a3bbef28aac15dc238d53c"
-                + "185532861bdff752a6d73614724024325ea4f13b2d538d2a5a659176ea7b1dbd658ccf96"
-                + "23016411ddfa62a23c46f9aca242e83b8cf5dd27accc0683d5d8ec2925344c8e986e4908"
-                + "21b58cdd50b14619a4c257d46a12bcbcce5aa21e16543c60f200996bce780d50287d8290"
-                + "c24dc1651ab131b44b2a2ebc7f13c40ba2edff496c385f62a512de14172244a7a4641d87"
-                + "a7d7ab65c5230553297472165bb3ac97e20a0d03a3fcd786c717d0cbaf058933403716bb"
-                + "181907a9bc0fd615a307f7d9fb9b9bac6a009ce184a2bcbf789b3467e40c2b2214b9d0f0"
-                + "e3d14348cf3c1fde628cfd9fbba66ec2f502ea95e49e38bcba72e4aabe21eaf50a7ac92e"
-                + "d8560288d1f24fc185de19316e6c2e300d1d05f67e497089fde120f701856ba8e4005ecd"
-                + "50f46a213e2e29ef742276b6228f80ff79568d226cda6e749143407c17d67f3c6309b383"
-                + "0f9599ce20926615088212ae770fa58b17286152ea1fad5c9755b33e9efcc43f62eceffb"
-                + "fe15c8130691e2c745332d195d9f975cf0a787b33c9f95f1b668e7c3abb5d1ccf30090b2"
-                + "4017a62334a12916681d7544652d8df41c38ddd2c6afafa42bc84b0ca2353ed9023cc2a9"
-                + "75ba2da748693a0b70dd782e9c706f1a065ffd3f056abe63167975c6b1b362cbe4250f7c"
-                + "5ccc6afdd98752a07161731985ace9060782754311a7a619538afb535645f109c35bc51e"
-                + "13f4ca259139729f8b18d4dfef0279736257f7ebc0efb38cc00ffee9c48506579cad0703"
-                + "f2255e63c0495708a4e0c20776794f39f76c3230341121bd3431637f4b0cd1de7dd1a6f6"
-                + "e092b627367de6908d5a87c8229352cc4f3633efd4139289d1c5344428a20ce7596ccb0e"
-                + "e2270d59e6baac1c5349cab5d3a3c90291f1c1359090e1b267396cdd01aebd8aee397c95"
-                + "09fdf6755091b4075164901de8d9c453d64f8189714aa0481ab52f9257eeb4e9bb4cf651"
-                + "79b15513c075efad49f8feb4db9f9aa209f0772e985a68aa4fd78b39aa696512dee444b3"
-                + "adc140415e4f8753ec2fb1f93c041e15ac7e266c042ca507cfb1155fa4acf95331ec45a0"
-                + "ace6c12f9105d877028f4df37f8585e8b6fb71782fdb9fcab34528e286e26d5b77c8e52a"
-                + "8ff881ef6fb928c0d4a44103d8e30cd3bd2eebafc5b78b4f4e2d489233af2e529860a7fd"
-                + "5c91aaaabb0c04dcb08f86fce7280a31b8cfe9845d58378fc70842721c2f8dfe14dd7fcc"
-                + "2e980cfd62a1902259eac55859b5cb807065f709c7c9383bdea1f48a85b81fb0577bbe0c"
-                + "f7812f9918037fc8e460cf3489a39f5b5d62d2b3003ad7d3320b10c15bd575d375882c3a"
-                + "cfe716256c7eaed48400af04a47ccde1498662bae27d3e2d56bfba5fd7c48753a374d0a9"
-                + "96e7d41b020b4ab4df7b30af072d092dafb1517a299431d2c23a73c32556001eadd61cfe"
-                + "e7c0026ccd059ebe61eabeb8cafaf206ff36adc213aaf21026dec33cf2a7674d76de0f3a"
-                + "497f850fbba15be620812dd21204a49cbf25a01fa872dcf5b17ec6c2d5396fc5637eb853"
-                + "1e40501c38f40b755f036fb7b51d0b52a02fbf8b24a7a7ecf87d67cd82d2f6b620747ddf"
-                + "3ce6d51547771142c270c5ac4220b7ea68875f8891256ae7d8956e7b2f6b44e174e99b59"
-                + "10f1e963430f84c8ad2e2ee4351e81f0fa4de0ec24db10c9fc9f41a990a53817c952fc6d"
-                + "eb4d6531577244f6c9ef6439f8bcebb60fda5902e5a824f1e8486a7b889747fc31e420dd"
-                + "062e95ab332ae173721a68a887de05e5e1a53d4c2440215f1ccfe84000425cce294f5a41"
-                + "61fd4ec5be1c4b86e81325b40ccedeecd16bff28015982fafe08543ee9e3fd0b2bd80840"
-                + "95e03ce5b75cf5d56dd77f369e3fbd9a66cc1e174e5f101cf3e968ba82b386ec966ac42a"
-                + "e298062172af68e46502d7699b224d05624b19e83c7325a6cdb9c7cb74ab3da4db374902"
-                + "9ca651debeb36c5e5d046ff9bb89edb0d9807e2c7453bfb651c15f57ba9f995b83a7d9ef"
-                + "415c494f0222df56cb54c8a260161df8743f3eb218319ca9e566894065184390defbd673"
-                + "3d6ed2dd6bf330fe5a3fcdd35be1f998184e2964d3e0cc73e0eedb888148f3054843bb7b"
-                + "e79f079961261d913988b6bf5957489ccc2f41173a47866cd5db993453b67663f677778c"
-                + "fba1396332f863d4c20c3ae0e11df868dcaf088f4ba5003177c8e02dbd9188cf4dec2d1b"
-                + "caccc3d856d44d2df68ebdc5e0955913040b441a2830ae755d84bc9c0acc58a7c60e677c"
-                + "1892c430bdfe91e8c277b502b6cfe55f01bce382949ad5ab07a7c7235ac6fd2c797a273c"
-                + "5e6d8e8e88792a5026ff43872ba51927d362f5a3f07e5907848fe9836aeeb300d74efd4c"
-                + "7f49e54da688a0a8daaab3d7e6ac5123d50d9ddfa55ff067e79102024edddbb975bb1ad2"
-                + "d965aedba0de43abaf111d17d7e31ff7284bed34e5315bb5bad0a10f2d4c59dc0f32a02b"
-                + "d44d4170b7c84d5bab6792400c1a02320075529ac15aa5226ba325f91dc32088fc23ce69"
-                + "899d87ba5d40abda982612064cbed6c494b6912e2a25da7d883298ffb50d93486da5d099"
-                + "d78174ab11a0b9313ce48b584a0abecc66b7cd881dbec10b76e382922e4bddcdf6ed8d1b"
-                + "5e42985d539d48873a2ce79f825605684280018125987450666fbe707a7465023aec06ec"
-                + "aeb5bcfe6f4d8173c581627a2aa7bafab417c8c772df17942d821a3367110e5827f84440"
-                + "b708c080321f926cecc33f281d93acae7310b8de0a9c686a92ee4d06dd641ea4f3ee3e08"
-                + "12f38b80cc8c85185c71372b2cb349f5f1b03f3b7fb5f6ad44339fad30e97b076b2c243d"
-                + "22def5d3708e0f934a5b000b2229fe966af39c302babc89638933345ea65e7f050b57049"
-                + "f6957a5ecb5db3cdac641a951ceb4ad29e08ae6a9ecfe2b6476e0eda521421dbde48493b"
-                + "54684c0de25064f5c3c9a1ef33f47d6d23dd045356e018331c0c3e4c8bd9d5e259084843"
-                + "95a1d63cdbf534bd93d7cf2e0ed93105640bfdd1a8f2e7d7e125562c8a0a792084dca8e6"
-                + "239bb9e63cc4c2f2f29d477dd1210d5a715feb863c2267517ada556489ac2d9e111969c1"
-                + "79cce329feb5c5d974357af3a683e6a54c296124852d844236a063316e04754b0a80340e"
-                + "bd1550ab34227edc6e0afc96800cad73a26d1e9a29134bc914e38cf6427abaf463ae1dcf"
-                + "62ca8f60034772e6aa1c3c53e2f5b5b1659e44b3185ea908ab9d49ee524418fe603aaa51"
-                + "7f7d9e2ce586c69b00372d1e5b4d72947a6e1c1ae684a355ae1fc996c55d207156fa164e"
-                + "06f73eeaf14374d8f60cb7c956dca0a778317de3636b9f6d052dd6df969cae29d1ab1697"
-                + "2f59336444a758552fd60eb02b47e60bb2bb04d540f3e957444187e95b0e3a3be7cf8fe4"
-                + "136d3fac803d552cafcedf0c0ff505b4fc9719550d17842a702cbac71ea5e59932c11473"
-                + "f7b2e06331ebcedddc590c9699bcce9e9f092a267e6a3937522ccadad7c1e62f2c49fce3"
-                + "86a02d82f933f96c35fe91b338bfbae01f059123f410cd77f3f64d33d4c49de444f95642"
-                + "1e2fc46174f15c0335e6165f289438968612f6b0d67ca5e1ab4a01787134f97a828bdf49"
-                + "7e582eca52343b1bfa189f4c0fd96393494f768fce4c9257c78ba33af3e75a1212ec49e1"
-                + "02093bc179b16903062627c6e9a301b0750d208bcb182d13e63b932cc936ca59a2fdea97"
-                + "0e8908413480c8d5d040e11c94555e47bbcf369a2589297b993fc66b0394d67e536752b2"
-                + "2b091e8dd59d3b99e06d1d4c667fd1d2d4be5969ebcad5e4d45da5a8b7f921260569c758"
-                + "04cf1925617df102e29afc0661b0383fcdd4467a65cdcd1661d77a274f0a96b5cde9bbae"
-                + "07442279b4bc97fe7456117ff89b8b83b8833fe56d598a8a9e6bd94c371320999e16970c"
-                + "f10a9910d001aef59471280056e2644a2eaaf5e973e5281d26d1329053f40768d69fe882"
-                + "1d81c2bcccea1442fe26640c36bd7db0ea61da449ea340b22e4818097972a352390a9abd"
-                + "ecb7170653bea3d8e71375f62656155a251ea6317adf5f3b24db23fa75150770812aae91"
-                + "ad06f56316c266528c8141359ae3d077c483d06989d75bebdd3986750863627d7f2d9ec2"
-                + "2c7c6d2fe8b2e7f15a0892a7bfd8a92cc4d91247f9ce4662609f6faac17517bbae3e8491"
-                + "7783a35f14e2632866fae7603d5cedccf5ff6f3cf8013e35b1e1edbcfda3254a21006b50"
-                + "52a84580e718e4b35d27bef768945c5c8ac1ddf811c48e26ff3397ef63c08a112ae23cd6"
-                + "6779b7d12eafeb1236818d3cf92c01c8e4e2ea1e8e2c0480a7b2fe85c324c4869aa01b67"
-                + "a73204b8f0cbaadb040ed9dc55385c60d342f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "09cf09b10e11406f1fbcd4d5b5ad2bcbcc61c1a0804ac9c39a40390c916319c1016ca454"
-                + "596562a3818c3f411c52092c52812e78516952fd9d0f04ca41b211d58ac01333d7b4b9a3"
-                + "6f4a974d79ccac3194b8d5ea4b5273b3b8a4acd1cc9519c67ccf05a9707e4b06d954f82d"
-                + "e481834ac12e1c4551d796f9c32afe9a0087b24038967c748b7183c76d59e53b2b903ff1"
-                + "b56bc56011528d66d4817226ae123d139d7a1c64857154cf762fb6da2791655744f9adcb"
-                + "c169b5a6eea13081f2b2c67d65c8162dc004a04d50ad491610a83fb71e0e38df13c2c582"
-                + "6333ac327299476c5805095da9ae395759e82b65290b7fc518efc10c1a67aa9e28b546f4"
-                + "fe88658fe55e51b2d204ef13c12ed71a135b62b5b14082f16e532caaa1f3bd3d3c2e96e1"
-                + "c09441feaa7eb90c5772d2bf29138cac502347e5d259cb6a1c86fe77d54ecb8d8d1f4071"
-                + "2b3b29fc41c90889cb6f46b7c4584122e8dde577506cb73633433e3a08078abdef167ca3"
-                + "38d62b6bfeef700ac1c932b0508f6d39103f691b9b29468d16258e6135df930a1edc1e89"
-                + "e2fbf425cfdcf6da1bda291e9ff187592cfe70ebb5c94380e7fab5048f19a25e211eba05"
-                + "4636564b86545fd2068a750cfc0a51f45f7b9ff0c73dcaca2702290610303aa2b311007b"
-                + "299427dbfa9ae978a4f433eca6d99584f7687a1667580934d90ea391c5a35f6e22d9ea9d"
-                + "ec2cd39006f3eb4e6a8d259f48d6d19d010cf2c1e232d92b56a05d7ad9f1464aca7f2eb5"
-                + "1339d4e08463c1e4532f5a5f6553d4ff5224d74b263c4e7c18bd6697d6550ce2193c9e05"
-                + "4e4cdd6ef902d8ca554a3189c00808e0a6b595d029f32ac45d9dc67dcf5bf223720aa95c"
-                + "f9ae45089eed114bc2077cafe7aea348f3686527a1c74f827a5cf77468c7fd131dc55da4"
-                + "a5fe9f54188b1f4d1e6cb3299fcf891697212142ef82823dacdb21a26dfbdf4262795f1c"
-                + "ebb1171580ace52980c2f0b8ede17ded4e5f634a2cb6557da1d47ac4d7ef37e780c10583"
-                + "1116ea283174d93682b44d1300d863aa3c4267f924ad88305f1edd68ce6bf9cc610dbb19"
-                + "235309faeadbbfc3853e1e2bb0de3f3fd4110db82c910365efdaac8c9c3ce826a2ce70b2"
-                + "c745478a24ffaa7598dc14d97981e0d87e74fd40ac74ddc4cfaeb56c7813ea5f51401e7a"
-                + "be2b6523a0c40e77ebc263236d1d4dfea7b922595c7666755ce2d7cf18e49f8bf4b10a28"
-                + "e129f01fdc0ce6b5898752845d22a5e3d6ba09c79f8e5dc8cd46cfba62d7594cd665eba5"
-                + "e5b04428e57b12afd524689c9bf0de9452ec17d9d54b22efaf8507ab964e66b60e8746a8"
-                + "aa19e9e71185534649f1c08fdc93f17d77cedb705eba9555d95bc105c9b658316cb0930f"
-                + "cb324070095c52862656ec4b9512b7f869ff428292d9a1bf13825021b65a3aa5c0f8ba72"
-                + "2a53033f4d9d50afc17164cc34b7a0719d72797eb32a714dea3b33bd9365665d0bbdafdb"
-                + "c883a8912325a7ab24deb29d7a3e2ae8ec32c26dfd4399e1730c6c19eed5dcb6a9c8a522"
-                + "54d538ca3ea66853cf9d328f832b932319d2fc691cbaaf3fb13a6f47b10b5960e7de1d81"
-                + "c1d88df33069e710672b4efd281a2946de4efcd8f03e9b4f185f0bef25b9c51d96d985f5"
-                + "2911e0c8f0a8634bed247dcff60bfdb783615b510f0f827341554e663ab7642408584788"
-                + "2fac5183f35e9f53155df6ceb37d7cb09a16933a63ca01ed56b2839c8fa0c45f6b0a699d"
-                + "2d08dd7e432b9d6fbf30768c3097c45f466b7956f9bab245825a04aec288a08bc1147108"
-                + "0ddfa397d5bf528b2af991e04e726da808c5683d42a73119c0e50fa92af50c62ef2d9108"
-                + "8b71f9bd8032a4d7ab5a6ec67ef5de3bd0aa1a9f1b8b143487d477f9c0a38cc9a68d23ef"
-                + "51df6a6d45e5f77f918bbce6c4261e4c9c8e9de904a977a1a51cef2535ac4beb77e6e75b"
-                + "b468776d51f9c2deab3b08ef107c8f246611686774c9af9e10d783dd14258fa60118f337"
-                + "581210d26015993e11de60a72fd0e57dfa8cbbccdf3699b5d8208c98903906962ec23a4d"
-                + "e0af1e9c627598fecaeab3d87a72dfaddaf222210452388a7bdd461f18eddb006b04dd5c"
-                + "699975b5616e5e6eba0fe579fd2ea1361ebe36fd3d3245a437dc68748cfe6f113e2e012b"
-                + "e11b4aecbc9f8e02b7441640fcb806d47226de37d7791f2485121f2397b45f34935ce45e"
-                + "223fbabcf93b434281bb732772fe4430da125ef281c7570bac5b69a8b89cdaf8e1c1aa52"
-                + "d9d4c33d5af0715d6d809cbc93e977a78fd7f382480a09b4e2e48e9d2e0fa04eb1701209"
-                + "0dc61d42ef5bd9ba3189784955645a588d296f38d3ce654c3893c070818cce03551bf810"
-                + "827bfaff75378cc8ea1a53c23504e96e88b31f3947214ad2b826bf62ba15543432201fb7"
-                + "95cf63c5c8fbb0f04bf01cc4ca8e2d295ebb261aa40bbefc6f0896f8b9885945fb1d401a"
-                + "87a2464669b4c02e8ce2fa588c5dbd46acaeac200783eb39123354ed97d6e27019325425"
-                + "705ab8d70b8dd595eb2aa27e2a4ebf933fdaa9f2f17d76845b5b94c71d26a3e75b558bd0"
-                + "3b7f95bacbc21bc6581ef4d38c61fae5e38a2bc94d652775b6f82b8818457237cdcc39b0"
-                + "9442526d43531db8bc779722e13300de3491292ffa093141f9d50cd3a92c3991aabb9e30"
-                + "200c329f59391434bde8a52c7f54d917a3ddf4ff27b66b162ff2e90561957177fc80a32a"
-                + "5804d2ca9c938d01bfcebd721976c0fc64b335c6b845a5ad3d7d3aff748e4b781febdeb7"
-                + "b427ad97a8793cd9708c7cacaa75ca72f167e4a1f60ce6b6785fe1d636f414f325642265"
-                + "2558729411a99c30147d8636d09e3e580b8e65434573def99636590322b00904888892f9"
-                + "d8dec07ef77e9d5652a2b77484f634056902b0474d7b108a44499bc93a7e767ef0c6f3f4"
-                + "3df40da99742a0fd06ed2e372502f4e8bb6e2742e6d037223b45f39eabf25a92759b1255"
-                + "933706c6c66bcb89e468c01f005225c62c22afd7573a069d297a2c7932dbd967d71e545f"
-                + "52537ed2dd359a6216363782593e8f698d1b171a160acee104cd3707b095782c3b9b4299"
-                + "482af5f7247e52dcb81268ada19a8eed5d17d512aeb134a08e0a84b79b62c2c1de14c982"
-                + "b71ffcc9965b7321dacfbb60368585e8b6fb71782fdb9fcab34528e286e26d5b77c8e52a"
-                + "8ff881ef6fb928c0d4a44103d8e30cd3bd2eebafc5b78b4f4e2d489233af2e529860a7fd"
-                + "5c91aaaabb0c04dcb08f86fce7280a31b8cfe9845d58378fc70842721c2f8dfe14dd7fcc"
-                + "2e980cfd62a1902259eac55859b5cb807065f709c7c9383bdea1f48a85b81fb0577bbe0c"
-                + "f7812f9918037fc8e460cf3489a39f5b5d62d2b3003ad7d3320b10c15bd575d375882c3a"
-                + "cfe716256c7eaed48400af04a47ccde1498662bae27d3e2d56bfba5fd7c48753a374d0a9"
-                + "96e7d41b020b4ab4df7b30af072d092dafb1517a299431d2c23a73c32556001eadd61cfe"
-                + "e7c0026ccd059ebe61eabeb8cafaf206ff36adc213aaf21026dec33cf2a7674d76de0f3a"
-                + "497f850fbba15be620812dd21204a49cbf25a01fa872dcf5b17ec6c2d5396fc5637eb853"
-                + "1e40501c38f40b755f036fb7b51d0b52a02fbf8b24a7a7ecf87d67cd82d2f6b620747ddf"
-                + "3ce6d51547771142c270c5ac4220b7ea68875f8891256ae7d8956e7b2f6b44e174e99b59"
-                + "10f1e963430f84c8ad2e2ee4351e81f0fa4de0ec24db10c9fc9f41a990a53817c952fc6d"
-                + "eb4d6531577244f6c9ef6439f8bcebb60fda5902e5a824f1e8486a7b889747fc31e420dd"
-                + "062e95ab332ae173721a68a887de05e5e1a53d4c2440215f1ccfe84000425cce294f5a41"
-                + "61fd4ec5be1c4b86e81325b40ccedeecd16bff28015982fafe08543ee9e3fd0b2bd80840"
-                + "95e03ce5b75cf5d56dd77f369e3fbd9a66cc1e174e5f101cf3e968ba82b386ec966ac42a"
-                + "e298062172af68e46502d7699b224d05624b19e83c7325a6cdb9c7cb74ab3da4db374902"
-                + "9ca651debeb36c5e5d046ff9bb89edb0d9807e2c7453bfb651c15f57ba9f995b83a7d9ef"
-                + "415c494f0222df56cb54c8a260161df8743f3eb218319ca9e566894065184390defbd673"
-                + "3d6ed2dd6bf330fe5a3fcdd35be1f998184e2964d3e0cc73e0eedb888148f3054843bb7b"
-                + "e79f079961261d913988b6bf5957489ccc2f41173a47866cd5db993453b67663f677778c"
-                + "fba1396332f863d4c20c3ae0e11df868dcaf088f4ba5003177c8e02dbd9188cf4dec2d1b"
-                + "caccc3d856d44d2df68ebdc5e0955913040b441a2830ae755d84bc9c0acc58a7c60e677c"
-                + "1892c430bdfe91e8c277b502b6cfe55f01bce382949ad5ab07a7c7235ac6fd2c797a273c"
-                + "5e6d8e8e88792a5026ff43872ba51927d362f5a3f07e5907848fe9836aeeb300d74efd4c"
-                + "7f49e54da688a0a8daaab3d7e6ac5123d50d9ddfa55ff067e79102024edddbb975bb1ad2"
-                + "d965aedba0de43abaf111d17d7e31ff7284bed34e5315bb5bad0a10f2d4c59dc0f32a02b"
-                + "d44d4170b7c84d5bab6792400c1a02320075529ac15aa5226ba325f91dc32088fc23ce69"
-                + "899d87ba5d40abda982612064cbed6c494b6912e2a25da7d883298ffb50d93486da5d099"
-                + "d78174ab11a0b9313ce48b584a0abecc66b7cd881dbec10b76e382922e4bddcdf6ed8d1b"
-                + "5e42985d539d48873a2ce79f825605684280018125987450666fbe707a7465023aec06ec"
-                + "aeb5bcfe6f4d8173c581627a2aa7bafab417c8c772df17942d821a3367110e5827f84440"
-                + "b708c080321f926cecc33f281d93acae7310b8de0a9c686a92ee4d06dd641ea4f3ee3e08"
-                + "12f38b80cc8c85185c71372b2cb349f5f1b03f3b7fb5f6ad44339fad30e97b076b2c243d"
-                + "22def5d3708e0f934a5b000b2229fe966af39c302babc89638933345ea65e7f050b57049"
-                + "f6957a5ecb5db3cdac641a951ceb4ad29e08ae6a9ecfe2b6476e0eda521421dbde48493b"
-                + "54684c0de25064f5c3c9a1ef33f47d6d23dd045356e018331c0c3e4c8bd9d5e259084843"
-                + "95a1d63cdbf534bd93d7cf2e0ed93105640bfdd1a8f2e7d7e125562c8a0a792084dca8e6"
-                + "239bb9e63cc4c2f2f29d477dd1210d5a715feb863c2267517ada556489ac2d9e111969c1"
-                + "79cce329feb5c5d974357af3a683e6a54c296124852d844236a063316e04754b0a80340e"
-                + "bd1550ab34227edc6e0afc96800cad73a26d1e9a29134bc914e38cf6427abaf463ae1dcf"
-                + "62ca8f60034772e6aa1c3c53e2f5b5b1659e44b3185ea908ab9d49ee524418fe603aaa51"
-                + "7f7d9e2ce586c69b00372d1e5b4d72947a6e1c1ae684a355ae1fc996c55d207156fa164e"
-                + "06f73eeaf14374d8f60cb7c956dca0a778317de3636b9f6d052dd6df969cae29d1ab1697"
-                + "2f59336444a758552fd60eb02b47e60bb2bb04d540f3e957444187e95b0e3a3be7cf8fe4"
-                + "136d3fac803d552cafcedf0c0ff505b4fc9719550d17842a702cbac71ea5e59932c11473"
-                + "f7b2e06331ebcedddc590c9699bcce9e9f092a267e6a3937522ccadad7c1e62f2c49fce3"
-                + "86a02d82f933f96c35fe91b338bfbae01f059123f410cd77f3f64d33d4c49de444f95642"
-                + "1e2fc46174f15c0335e6165f289438968612f6b0d67ca5e1ab4a01787134f97a828bdf49"
-                + "7e582eca52343b1bfa189f4c0fd96393494f768fce4c9257c78ba33af3e75a1212ec49e1"
-                + "02093bc179b16903062627c6e9a301b0750d208bcb182d13e63b932cc936ca59a2fdea97"
-                + "0e8908413480c8d5d040e11c94555e47bbcf369a2589297b993fc66b0394d67e536752b2"
-                + "2b091e8dd59d3b99e06d1d4c667fd1d2d4be5969ebcad5e4d45da5a8b7f921260569c758"
-                + "04cf1925617df102e29afc0661b0383fcdd4467a65cdcd1661d77a274f0a96b5cde9bbae"
-                + "07442279b4bc97fe7456117ff89b8b83b8833fe56d598a8a9e6bd94c371320999e16970c"
-                + "f10a9910d001aef59471280056e2644a2eaaf5e973e5281d26d1329053f40768d69fe882"
-                + "1d81c2bcccea1442fe26640c36bd7db0ea61da449ea340b22e4818097972a352390a9abd"
-                + "ecb7170653bea3d8e71375f62656155a251ea6317adf5f3b24db23fa75150770812aae91"
-                + "ad06f56316c266528c8141359ae3d077c483d06989d75bebdd3986750863627d7f2d9ec2"
-                + "2c7c6d2fe8b2e7f15a0892a7bfd8a92cc4d91247f9ce4662609f6faac17517bbae3e8491"
-                + "7783a35f14e2632866fae7603d5cedccf5ff6f3cf8013e35b1e1edbcfda3254a21006b50"
-                + "52a84580e718e4b35d27bef768945c5c8ac1ddf811c48e26ff3397ef63c08a112ae23cd6"
-                + "6779b7d12eafeb1236818d3cf92c01c8e4e2ea1e8e2c0480a7b2fe85c324c4869aa01b67"
-                + "a73204b8f0cbaadb040ed9dc55385c60d342f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "0a211e27887cc2ce5f2b079e955e262546ab48cf80c317898c376721cd65397ebd35e62a"
-                + "3bf8be2a7bc32bc6bb3fcf82f9439de3243963a7f5e8859b009f59f68fa6dfd33cedf8e8"
-                + "82ab560a26e99d6e9ff9b21545443d114aa106f144b73c221d7304128c88642f0bda4963"
-                + "7743cced0694b69bc232d1657d7357a0ad1c4b95c761bfc02a33908582f8ada2444902b6"
-                + "1be98c878d7dedfdeb2eb43ef0a618799572b5682eea5aeedf1610f3461f894265fa7b08"
-                + "bfdd96c32c6a6fe297edff73fcfc679ef59c4568bdfe9ed44c199640a70bb5952d16c816"
-                + "4c02940e7c2df9eaa9fac4fa8a2b7426349ec487ce3e3399ea70e7c562fc8433de693021"
-                + "0fdc1306ee6907a7e7d98ef0c0082ac78b4fa8cd824afb8d55e4a11dffe8f0a39904b739"
-                + "5007f370dcd3ddaeb9d51b38b55e8b3b50f63879fe3702be4d3197e9927cad54bc9cf97f"
-                + "d866189db5cc17c5cbeb98ab6c66d159e83422969fdbaf6746e297e608671d57c2a9b056"
-                + "d6e01883e54073556147d11aaac3c681713defc05a8dec10c6700f9956bf10f3789a5677"
-                + "2536740f7b9956524fc2ed56028e2c3584e41d702a36a76adb749d66c65a0438cf2529b3"
-                + "2da4460d24e6e24b0276b73bfaf0b644d8c0bcbdf422963eaf1091f96ed3738490e1f4f1"
-                + "fb610b9d9d84658c07da28c42cdf46a08a6e2197689a08ddbc3d71227725dca51083be9b"
-                + "9c60cded369a9c83d5d4e173e2340148054cb6eada9359680d7d3b82037a2d56e4183145"
-                + "2f222a1ffecdb5f789fa71d23477c1502a22a9d1ac2a3d57645b09ba338618ea587879db"
-                + "b0afdce7d9853995511a7ed342c76a40eb124b868f2761f393eff0843221ca470481a240"
-                + "f4d7cd5441d5c0eea4b113df0fc103c6b2078029f778e6edaa4d7147e6a5838eaa7b5e8e"
-                + "c0448b09fc610ac07e1315d7a933e6b5c0a9e46b424fc582d98554063f70981e73de0a74"
-                + "9f69853aaa896cd8999ed8079f5476f224e429c8a01158a36400955f10db68ea44855a6f"
-                + "b0cd9c41f4d6adea377b75187ae085e15b893be55e72100f630ce7a7ffee3ff2ee6c35a1"
-                + "cb493c37b1138f503930270adab0d43be8a378f0e9b510b185c72995a06ac69d43a1183b"
-                + "97770cdffa935e26cf9459043ec2ee308bb569d4fc24b04cb84d604a4c2ff28d2acd64bd"
-                + "f18dde078d414ba922cf58a49d3f34ebec076ffe9e2ede4974b8ed3d32a7ef1321b7593f"
-                + "1cfd8d0657eafd77d7718f91788f2339545a69a08883dd33987ca1632e856b2a437427cb"
-                + "fd5d52bd15f408aedc23f4990c2a8d66a8c811a78602745a5982f4750c41163527f6325d"
-                + "a328aa5e4b3c203938f88605efc7200ae74d310e30f37d3680026f1f40aec7e226612de1"
-                + "8486278c551bc76a58319bdd02bf631265d02c849f87b419e1440f45b5555b2d8aadc1c4"
-                + "a6e55584f642ada8bedfa0d4546cc8c0a1848587e034c320a7db1fafc6a1515854764326"
-                + "a3ac4885d948f7a65ac8ada9cbcda5d8129dad40fc46917af2da711d79cac915c990a660"
-                + "ae36249e4ef920538528a5555d0317052d13f6c48bf14761dc9ac8171d2867a81acce2f5"
-                + "9bb740f8f7d63bb3faefdad93e695172e858f94a9b7c324ebff72ea0837dce9dbf0b8816"
-                + "9769e188b8cabcd9a8c004ec3fbfcd45592a58f13b20274ce6ec9c424a14671ed7fb2703"
-                + "5791e159c7f89a95af51142618e34392faafb09271f324648428c34eda8e0a67c8a47eb6"
-                + "5781f18dde0d3f3e1663c2681fef6dddf4a0865c15cf20044146155a4fc61cccf95f7c66"
-                + "d9ecc45b886eff4c2a9aa268bfd4fe83dafe9f77db70a64908eb32c864f58bfea9ef7f42"
-                + "f90a002a87066343494221f648c6bdd471bfe0460b00c9c163bfbc5cbd08808951892a29"
-                + "2f0bb8ec07c4a9d1e7cad52c085069fb4cea253c25f397e898977f3960cdda5d7e276dce"
-                + "c8150aa1e90fe0b7c4d4fb88767be2cc643da803da16e625b930e9cac781fd5df7265b8c"
-                + "30cfc06d4f9c3ea10df4f3fc2b09de24717b6ee4f37f6ae0461776ab425e5eebdbbbe4be"
-                + "ace99d57b537483acd1268429fa18a17368937109508f783e6ceb302b973a2ce41937b44"
-                + "78c97d7acf46fca2736b75067836a0f5c90d7247359c2e790966613db3ce44f76cbe8d2d"
-                + "c5f4ba6bd48eaa05479215cfd7315daf830b249e89821c73a93d3a1942466f1118fa55c9"
-                + "1f682c0ab498bbeb0161be5cf5912bdade63a3ca1b1add9b6d34f79a6902b3e43dcfdaf9"
-                + "4c8abc470b79abc0011d83db29ea975d5f7227f8ff5dbe9ff4ffdace89dadf7002f8f12b"
-                + "bf62446367f380c58200e2800f6a87a81699a7121f30c22b06315f0251f21afaf0044c17"
-                + "d93d074a5d9bd4ed829ba9e69bbf3d5462040487bb9a0f865df3edd370a8dea32fa9a4cf"
-                + "9c82427fc5e2fe1832a000c767b24dc0e920654950a3eebc57e96cdcf4c1355a12c84b6a"
-                + "58646ee809ecce5cbfd6700866b865b28fbf87c9820eadc183a097bc81cd176df7fada7e"
-                + "d7754844038b3a77371e1d7a47989e662dc76231aad1f93b33ac933b90129c5ed4c8c850"
-                + "54cc3c4299e3d80bf994d0b5ba667cd3f0cf19b01fd3c5774e08cde192fa010c3567c0c5"
-                + "8089d499a02f91ecc1d0d44ede178714b42b5b086860a584f3b54f93d2368fa6bf6e6d37"
-                + "1d674abb336692c207132def03f01444094826c30fa009159e80a84717babd7d2d1d2ada"
-                + "ad57e845f8ff0bab8b1244bd8434c0df243dd120a26a3582705ed6f296396dc82e0ea149"
-                + "17df201ef0f0c17b4fc0e9e093029a669e64b6356f5ab810b5088b20b42a82d3c1cd7892"
-                + "c59177274e2572ab9e6d1f6e76965af1bd53e4c115d4d9fde6d475e99186bde72fb21b30"
-                + "45f9712530976c4fb260f3b98a4753b37eb1c667818428caedf8d2212bb79d0669e661cc"
-                + "e2f2d1adcd08f19bb68e39ae4b3f9c0ce772f46406b354fc94f2e7f5f29845f92d64e6ad"
-                + "cd0be9c7ea610e6c85e04630d0449b14063fe8efc247a392d8efcf94f2e1546a637fe787"
-                + "16e9a40c03664cfcb26188303d0812f9d708a99c84f45a29e7e7483fc6a23613dd2ee325"
-                + "59863d45eb5954905ae83f57094eaff4a349896f6272430eead83bac308803c2b75eb835"
-                + "2e21f23e7ebd4212e102fed4f7cc4ee5760610346e0075c8f87e164a71831ddfc31f12f0"
-                + "f554bf393bc6565486a44103d8e30cd3bd2eebafc5b78b4f4e2d489233af2e529860a7fd"
-                + "5c91aaaabb0c04dcb08f86fce7280a31b8cfe9845d58378fc70842721c2f8dfe14dd7fcc"
-                + "2e980cfd62a1902259eac55859b5cb807065f709c7c9383bdea1f48a85b81fb0577bbe0c"
-                + "f7812f9918037fc8e460cf3489a39f5b5d62d2b3003ad7d3320b10c15bd575d375882c3a"
-                + "cfe716256c7eaed48400af04a47ccde1498662bae27d3e2d56bfba5fd7c48753a374d0a9"
-                + "96e7d41b020b4ab4df7b30af072d092dafb1517a299431d2c23a73c32556001eadd61cfe"
-                + "e7c0026ccd059ebe61eabeb8cafaf206ff36adc213aaf21026dec33cf2a7674d76de0f3a"
-                + "497f850fbba15be620812dd21204a49cbf25a01fa872dcf5b17ec6c2d5396fc5637eb853"
-                + "1e40501c38f40b755f036fb7b51d0b52a02fbf8b24a7a7ecf87d67cd82d2f6b620747ddf"
-                + "3ce6d51547771142c270c5ac4220b7ea68875f8891256ae7d8956e7b2f6b44e174e99b59"
-                + "10f1e963430f84c8ad2e2ee4351e81f0fa4de0ec24db10c9fc9f41a990a53817c952fc6d"
-                + "eb4d6531577244f6c9ef6439f8bcebb60fda5902e5a824f1e8486a7b889747fc31e420dd"
-                + "062e95ab332ae173721a68a887de05e5e1a53d4c2440215f1ccfe84000425cce294f5a41"
-                + "61fd4ec5be1c4b86e81325b40ccedeecd16bff28015982fafe08543ee9e3fd0b2bd80840"
-                + "95e03ce5b75cf5d56dd77f369e3fbd9a66cc1e174e5f101cf3e968ba82b386ec966ac42a"
-                + "e298062172af68e46502d7699b224d05624b19e83c7325a6cdb9c7cb74ab3da4db374902"
-                + "9ca651debeb36c5e5d046ff9bb89edb0d9807e2c7453bfb651c15f57ba9f995b83a7d9ef"
-                + "415c494f0222df56cb54c8a260161df8743f3eb218319ca9e566894065184390defbd673"
-                + "3d6ed2dd6bf330fe5a3fcdd35be1f998184e2964d3e0cc73e0eedb888148f3054843bb7b"
-                + "e79f079961261d913988b6bf5957489ccc2f41173a47866cd5db993453b67663f677778c"
-                + "fba1396332f863d4c20c3ae0e11df868dcaf088f4ba5003177c8e02dbd9188cf4dec2d1b"
-                + "caccc3d856d44d2df68ebdc5e0955913040b441a2830ae755d84bc9c0acc58a7c60e677c"
-                + "1892c430bdfe91e8c277b502b6cfe55f01bce382949ad5ab07a7c7235ac6fd2c797a273c"
-                + "5e6d8e8e88792a5026ff43872ba51927d362f5a3f07e5907848fe9836aeeb300d74efd4c"
-                + "7f49e54da688a0a8daaab3d7e6ac5123d50d9ddfa55ff067e79102024edddbb975bb1ad2"
-                + "d965aedba0de43abaf111d17d7e31ff7284bed34e5315bb5bad0a10f2d4c59dc0f32a02b"
-                + "d44d4170b7c84d5bab6792400c1a02320075529ac15aa5226ba325f91dc32088fc23ce69"
-                + "899d87ba5d40abda982612064cbed6c494b6912e2a25da7d883298ffb50d93486da5d099"
-                + "d78174ab11a0b9313ce48b584a0abecc66b7cd881dbec10b76e382922e4bddcdf6ed8d1b"
-                + "5e42985d539d48873a2ce79f825605684280018125987450666fbe707a7465023aec06ec"
-                + "aeb5bcfe6f4d8173c581627a2aa7bafab417c8c772df17942d821a3367110e5827f84440"
-                + "b708c080321f926cecc33f281d93acae7310b8de0a9c686a92ee4d06dd641ea4f3ee3e08"
-                + "12f38b80cc8c85185c71372b2cb349f5f1b03f3b7fb5f6ad44339fad30e97b076b2c243d"
-                + "22def5d3708e0f934a5b000b2229fe966af39c302babc89638933345ea65e7f050b57049"
-                + "f6957a5ecb5db3cdac641a951ceb4ad29e08ae6a9ecfe2b6476e0eda521421dbde48493b"
-                + "54684c0de25064f5c3c9a1ef33f47d6d23dd045356e018331c0c3e4c8bd9d5e259084843"
-                + "95a1d63cdbf534bd93d7cf2e0ed93105640bfdd1a8f2e7d7e125562c8a0a792084dca8e6"
-                + "239bb9e63cc4c2f2f29d477dd1210d5a715feb863c2267517ada556489ac2d9e111969c1"
-                + "79cce329feb5c5d974357af3a683e6a54c296124852d844236a063316e04754b0a80340e"
-                + "bd1550ab34227edc6e0afc96800cad73a26d1e9a29134bc914e38cf6427abaf463ae1dcf"
-                + "62ca8f60034772e6aa1c3c53e2f5b5b1659e44b3185ea908ab9d49ee524418fe603aaa51"
-                + "7f7d9e2ce586c69b00372d1e5b4d72947a6e1c1ae684a355ae1fc996c55d207156fa164e"
-                + "06f73eeaf14374d8f60cb7c956dca0a778317de3636b9f6d052dd6df969cae29d1ab1697"
-                + "2f59336444a758552fd60eb02b47e60bb2bb04d540f3e957444187e95b0e3a3be7cf8fe4"
-                + "136d3fac803d552cafcedf0c0ff505b4fc9719550d17842a702cbac71ea5e59932c11473"
-                + "f7b2e06331ebcedddc590c9699bcce9e9f092a267e6a3937522ccadad7c1e62f2c49fce3"
-                + "86a02d82f933f96c35fe91b338bfbae01f059123f410cd77f3f64d33d4c49de444f95642"
-                + "1e2fc46174f15c0335e6165f289438968612f6b0d67ca5e1ab4a01787134f97a828bdf49"
-                + "7e582eca52343b1bfa189f4c0fd96393494f768fce4c9257c78ba33af3e75a1212ec49e1"
-                + "02093bc179b16903062627c6e9a301b0750d208bcb182d13e63b932cc936ca59a2fdea97"
-                + "0e8908413480c8d5d040e11c94555e47bbcf369a2589297b993fc66b0394d67e536752b2"
-                + "2b091e8dd59d3b99e06d1d4c667fd1d2d4be5969ebcad5e4d45da5a8b7f921260569c758"
-                + "04cf1925617df102e29afc0661b0383fcdd4467a65cdcd1661d77a274f0a96b5cde9bbae"
-                + "07442279b4bc97fe7456117ff89b8b83b8833fe56d598a8a9e6bd94c371320999e16970c"
-                + "f10a9910d001aef59471280056e2644a2eaaf5e973e5281d26d1329053f40768d69fe882"
-                + "1d81c2bcccea1442fe26640c36bd7db0ea61da449ea340b22e4818097972a352390a9abd"
-                + "ecb7170653bea3d8e71375f62656155a251ea6317adf5f3b24db23fa75150770812aae91"
-                + "ad06f56316c266528c8141359ae3d077c483d06989d75bebdd3986750863627d7f2d9ec2"
-                + "2c7c6d2fe8b2e7f15a0892a7bfd8a92cc4d91247f9ce4662609f6faac17517bbae3e8491"
-                + "7783a35f14e2632866fae7603d5cedccf5ff6f3cf8013e35b1e1edbcfda3254a21006b50"
-                + "52a84580e718e4b35d27bef768945c5c8ac1ddf811c48e26ff3397ef63c08a112ae23cd6"
-                + "6779b7d12eafeb1236818d3cf92c01c8e4e2ea1e8e2c0480a7b2fe85c324c4869aa01b67"
-                + "a73204b8f0cbaadb040ed9dc55385c60d342f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "0bd892ca9e8f0bb84fdd9bb9eb8636b6138c66d530bb03c8054c0c66a1063971c0a4571d"
-                + "f5426261d040767bf18d804c9f1eb4d258d7eb0cd45df70d9feec00ecf4fd422f24aba95"
-                + "0e45ad45b0a3768c46f5427a55c4eb4d2bbd0ae03ed6eb06a6551b2aec848ed9b6179b2e"
-                + "cfc62b472b80dd4c2b514eb8a4fa67bd9486f6e00bc838c49336f0e6b6bc09c1abeef1a2"
-                + "63116f2b49f6074a40c52d786c64e5f3885ec4a8045eac951f0405b4a1d14ac6a72d392a"
-                + "eb153bf3b1a58d3ca0b2a5528fdc87aa01f5167504173dc677d0ef20af95be736f34456f"
-                + "8f8ab9af4167d7c9f393340d187726ec8f99d444b7bb6f5d79fc6ea4ec3c45a6b6b723a3"
-                + "e0bd6c159354aa69bdab614903dde06a9c95b02b22c5249cd50a4db5d03f45347a38d8db"
-                + "b80a9525eb7cd823e0c8cba1a009ec4eea9e2bae0dee4e18052cfaf7c1e8bbc5e52a0765"
-                + "ad3692105fe101ddd2190cf4ba3c0c0ba94b665cb0f68a3ff6509fffe1e9db94b9681999"
-                + "7f4cc88d008582734d0e4dd050d56ce2de68596fc53a1a052a8d2af32d997812ca09b03a"
-                + "b55252afc4f7fe8a5753306f41aba25a8921d6306d6df18ee1ceee1f83e887cbf6dceb28"
-                + "34352803527dcd0e67b98e4fa6815e291c39455da08811686a1861ff10cd14e4f11d2a18"
-                + "5829a6944ab4d231dfd439b731167c168603c0fa9548948244b32e9cabea3f2e4de6eb00"
-                + "01644a1bba6a7b04be72cd2b136125fab2f397ffd2c2ff5a27b5fd8eaa694d043a10d495"
-                + "04f3a4e259f317e76c80599e4953d8dd0bbad7cf33a8864258d7f967a0c48bb3885e29f8"
-                + "ec97ead44cfd4812c4316982c1a5fb6bc6f625a1dc9ae568ff191fed64e2f39904d49a8f"
-                + "ae9618cf83566b8ca2847ef6d0cb8234282eef3152a8d516e4a91a58bd998602765a5902"
-                + "d6cda1e601dfb45d1775ba17597ecf657e0a1f83bd4895aa2842e86addb93c876b6b5903"
-                + "ddd9ecfd38df321c6882d8220d58d979428fc2e3acf880b7d29af181a5de7a6370db1d67"
-                + "c6b2d6ec29e556938604e17dcf36e017914efc8c9b06c24d65274512446ec2eca74ddf73"
-                + "8607fbfcf5e4cc3e5810fc0348249d1b0fc4fb36b5465089dde9583813df57726620d79f"
-                + "0283b785d9dcbd4f041c46ca18985f8c6c01954c0ecd1283f985ec40ff9818de7783ddd8"
-                + "eae9c19c6ada78feca20f56aa0440d96e9d5cbb3e621ccc4e79e6ce6df27bfdf95676633"
-                + "64de5ee75c5bb76cc3ecc09a1732af0d119d45e076e48c75c4aad82d420aa3dc52622f5e"
-                + "6d2be9ae089a91da6b467784148d09b0cffbc582cb4ede2a7320e03bf8cd2b237b341bec"
-                + "9f54e6d49f7797eb53836b1cec068e126a074b510e61620f3352da9b98ad1380de751f52"
-                + "403d5c6c8f3d2391e8b2cc5b6f71edb2ac94b01f113a2759d3c55abdabd3fe819a54c517"
-                + "f37b0a6fb307244fd5d4ea1f17d442bdcc49cabe55afb5f128a85f3f9741d19b1a81e0f8"
-                + "9911a6b74abd9b4c592be6b4b18d21346316445e2c7c284189f908cbadc3e103515ebcc0"
-                + "45142d2f7e0566b663509a2736a4c765f248c85b780f42bdbc213630516a250faa5797f5"
-                + "c3adbdccffb0c60441c80582abdfbfcc6849dcb0e18ec46635276a9514fc39f7bc5232df"
-                + "ebcc2ecd66b9690ea5d335a0e6adb7add31b1f4a151df084f76691b7ad48840c8397bec5"
-                + "4c660190948aa949306f31b4d468086c7a47113b7c024e618199470c86673b51a7f9c3f1"
-                + "f83d5979f3769c4246cbe2db66bf4a410dfc9ccc043dcb6d66fc6d1d20f5567f4c028c22"
-                + "330b05f55aac3ce5048a1309293ebd8de60d2d95297bbfcf921b4492313742185336b5ef"
-                + "206c7b5e2c4b2efb1c25a56d7fc6d3e6e697b81e894d0e8beac6e4ae48338dc4b82174c0"
-                + "57ce3d96c84a0ce7dc639f8ae796b578feff427485efcfcccbf3b6a052fd9bfece616a08"
-                + "e4253305cdab740ab18b16a2b059e68f02a763ecebd684924f3c2b51a029d036f575f525"
-                + "be694e50f6d392c46bb06d40d254f4e565e7ae7c6f6fbe2ae93a96a61e5ab229b3e1c5a4"
-                + "fb3f3739461c53e372e583ed6aea784b49c65dde2e317f02b04a1fedc1a406e5ed0af1de"
-                + "7620ed75a2582123989e87b4685b6178c38658d85f0da6f0df9bd217f087deb4c6d4def3"
-                + "8baf0b20c98326fe43cfd062e37c109101211add82c5e5ad0b4e8a80bbb567516c158549"
-                + "c893d889c82e6b6727b3d3532d2da5d50b86a4f5b4502d990f107303a8141caf12aea749"
-                + "9c2b6af8b4951cd99c88e6e77da8e0399a4781fb5ffeeadc74196aa11efdf9cbafb9cb71"
-                + "d040112e61cea55e37cf89f15f4b7916254b6124ca5f0f46f6cf5fcd5d76ab35ed7a9df5"
-                + "e527d3c87de55e108964147deeab03f906309137ee4acbf14bf240a69d43a7cd9dc8518e"
-                + "fad0b2db71064172691efd2c4b7f18d81bdd8db3df39eed97aa5a404023b972ad5ba4550"
-                + "9c60e78a7842f062631bce472cecb104188a444a9435670acb1a0fc355dfead888304877"
-                + "a39e216b619f0e922d8f4e33b3d17122695241d7e1433c78d9f6c7b9e9d7c5d12984ca02"
-                + "b3c87e90b6f2af4f4974a30297bc5ae2bfc812b45a72d43568181795729513e3c9d9c6b0"
-                + "981262678ba5eac9bc16ec23efab4ea696f28a195086b51037dc2fd433e283d0ccee1bb6"
-                + "c07d72b0a49c141a1b5c5e195c5efa02da9d5638d0f23996f73c19d6359e4b1ff761d042"
-                + "e9b9737a4f8e6d3b126b19633837a9ccbd7de5d3f288e5aa9fa71493e3e8ca2f0d1f5e3a"
-                + "31c029a1dd5d00c1cb2100c2ab14ffcb1f7162216806db0e4ac52bbd4372130a1c888d02"
-                + "447063cb0bd869a483f4a8f07a61f9d9eb0207478f23194d1f230d237ad50e23bd184ac5"
-                + "a5213310aa6704cd8e6da622588a4c16fd44a54c1dc1ba6f7bfc9bcdcc1c661523fd2f6c"
-                + "577713a8f7498981619ecab95ec42f1e1759932a3cdc5ba049fbb3856a2e18cbda268fc5"
-                + "99146eba584f45a2b7acd9057c00417bda24cfbc798ff87dcca42e0ed4c56c5827eca22d"
-                + "09b9feedec97addad5ffc75e2a38c78ef9a7f7d47dd4e2113a5035c87994efb5dc2e3014"
-                + "2ddfd1e1fe0a3443ed7308df2dce03f3526c0b9c06a40338ec77d33ffee72441c334e3b6"
-                + "62e6663476b89ef26abb232542cc4ee5760610346e0075c8f87e164a71831ddfc31f12f0"
-                + "f554bf393bc6565486a44103d8e30cd3bd2eebafc5b78b4f4e2d489233af2e529860a7fd"
-                + "5c91aaaabb0c04dcb08f86fce7280a31b8cfe9845d58378fc70842721c2f8dfe14dd7fcc"
-                + "2e980cfd62a1902259eac55859b5cb807065f709c7c9383bdea1f48a85b81fb0577bbe0c"
-                + "f7812f9918037fc8e460cf3489a39f5b5d62d2b3003ad7d3320b10c15bd575d375882c3a"
-                + "cfe716256c7eaed48400af04a47ccde1498662bae27d3e2d56bfba5fd7c48753a374d0a9"
-                + "96e7d41b020b4ab4df7b30af072d092dafb1517a299431d2c23a73c32556001eadd61cfe"
-                + "e7c0026ccd059ebe61eabeb8cafaf206ff36adc213aaf21026dec33cf2a7674d76de0f3a"
-                + "497f850fbba15be620812dd21204a49cbf25a01fa872dcf5b17ec6c2d5396fc5637eb853"
-                + "1e40501c38f40b755f036fb7b51d0b52a02fbf8b24a7a7ecf87d67cd82d2f6b620747ddf"
-                + "3ce6d51547771142c270c5ac4220b7ea68875f8891256ae7d8956e7b2f6b44e174e99b59"
-                + "10f1e963430f84c8ad2e2ee4351e81f0fa4de0ec24db10c9fc9f41a990a53817c952fc6d"
-                + "eb4d6531577244f6c9ef6439f8bcebb60fda5902e5a824f1e8486a7b889747fc31e420dd"
-                + "062e95ab332ae173721a68a887de05e5e1a53d4c2440215f1ccfe84000425cce294f5a41"
-                + "61fd4ec5be1c4b86e81325b40ccedeecd16bff28015982fafe08543ee9e3fd0b2bd80840"
-                + "95e03ce5b75cf5d56dd77f369e3fbd9a66cc1e174e5f101cf3e968ba82b386ec966ac42a"
-                + "e298062172af68e46502d7699b224d05624b19e83c7325a6cdb9c7cb74ab3da4db374902"
-                + "9ca651debeb36c5e5d046ff9bb89edb0d9807e2c7453bfb651c15f57ba9f995b83a7d9ef"
-                + "415c494f0222df56cb54c8a260161df8743f3eb218319ca9e566894065184390defbd673"
-                + "3d6ed2dd6bf330fe5a3fcdd35be1f998184e2964d3e0cc73e0eedb888148f3054843bb7b"
-                + "e79f079961261d913988b6bf5957489ccc2f41173a47866cd5db993453b67663f677778c"
-                + "fba1396332f863d4c20c3ae0e11df868dcaf088f4ba5003177c8e02dbd9188cf4dec2d1b"
-                + "caccc3d856d44d2df68ebdc5e0955913040b441a2830ae755d84bc9c0acc58a7c60e677c"
-                + "1892c430bdfe91e8c277b502b6cfe55f01bce382949ad5ab07a7c7235ac6fd2c797a273c"
-                + "5e6d8e8e88792a5026ff43872ba51927d362f5a3f07e5907848fe9836aeeb300d74efd4c"
-                + "7f49e54da688a0a8daaab3d7e6ac5123d50d9ddfa55ff067e79102024edddbb975bb1ad2"
-                + "d965aedba0de43abaf111d17d7e31ff7284bed34e5315bb5bad0a10f2d4c59dc0f32a02b"
-                + "d44d4170b7c84d5bab6792400c1a02320075529ac15aa5226ba325f91dc32088fc23ce69"
-                + "899d87ba5d40abda982612064cbed6c494b6912e2a25da7d883298ffb50d93486da5d099"
-                + "d78174ab11a0b9313ce48b584a0abecc66b7cd881dbec10b76e382922e4bddcdf6ed8d1b"
-                + "5e42985d539d48873a2ce79f825605684280018125987450666fbe707a7465023aec06ec"
-                + "aeb5bcfe6f4d8173c581627a2aa7bafab417c8c772df17942d821a3367110e5827f84440"
-                + "b708c080321f926cecc33f281d93acae7310b8de0a9c686a92ee4d06dd641ea4f3ee3e08"
-                + "12f38b80cc8c85185c71372b2cb349f5f1b03f3b7fb5f6ad44339fad30e97b076b2c243d"
-                + "22def5d3708e0f934a5b000b2229fe966af39c302babc89638933345ea65e7f050b57049"
-                + "f6957a5ecb5db3cdac641a951ceb4ad29e08ae6a9ecfe2b6476e0eda521421dbde48493b"
-                + "54684c0de25064f5c3c9a1ef33f47d6d23dd045356e018331c0c3e4c8bd9d5e259084843"
-                + "95a1d63cdbf534bd93d7cf2e0ed93105640bfdd1a8f2e7d7e125562c8a0a792084dca8e6"
-                + "239bb9e63cc4c2f2f29d477dd1210d5a715feb863c2267517ada556489ac2d9e111969c1"
-                + "79cce329feb5c5d974357af3a683e6a54c296124852d844236a063316e04754b0a80340e"
-                + "bd1550ab34227edc6e0afc96800cad73a26d1e9a29134bc914e38cf6427abaf463ae1dcf"
-                + "62ca8f60034772e6aa1c3c53e2f5b5b1659e44b3185ea908ab9d49ee524418fe603aaa51"
-                + "7f7d9e2ce586c69b00372d1e5b4d72947a6e1c1ae684a355ae1fc996c55d207156fa164e"
-                + "06f73eeaf14374d8f60cb7c956dca0a778317de3636b9f6d052dd6df969cae29d1ab1697"
-                + "2f59336444a758552fd60eb02b47e60bb2bb04d540f3e957444187e95b0e3a3be7cf8fe4"
-                + "136d3fac803d552cafcedf0c0ff505b4fc9719550d17842a702cbac71ea5e59932c11473"
-                + "f7b2e06331ebcedddc590c9699bcce9e9f092a267e6a3937522ccadad7c1e62f2c49fce3"
-                + "86a02d82f933f96c35fe91b338bfbae01f059123f410cd77f3f64d33d4c49de444f95642"
-                + "1e2fc46174f15c0335e6165f289438968612f6b0d67ca5e1ab4a01787134f97a828bdf49"
-                + "7e582eca52343b1bfa189f4c0fd96393494f768fce4c9257c78ba33af3e75a1212ec49e1"
-                + "02093bc179b16903062627c6e9a301b0750d208bcb182d13e63b932cc936ca59a2fdea97"
-                + "0e8908413480c8d5d040e11c94555e47bbcf369a2589297b993fc66b0394d67e536752b2"
-                + "2b091e8dd59d3b99e06d1d4c667fd1d2d4be5969ebcad5e4d45da5a8b7f921260569c758"
-                + "04cf1925617df102e29afc0661b0383fcdd4467a65cdcd1661d77a274f0a96b5cde9bbae"
-                + "07442279b4bc97fe7456117ff89b8b83b8833fe56d598a8a9e6bd94c371320999e16970c"
-                + "f10a9910d001aef59471280056e2644a2eaaf5e973e5281d26d1329053f40768d69fe882"
-                + "1d81c2bcccea1442fe26640c36bd7db0ea61da449ea340b22e4818097972a352390a9abd"
-                + "ecb7170653bea3d8e71375f62656155a251ea6317adf5f3b24db23fa75150770812aae91"
-                + "ad06f56316c266528c8141359ae3d077c483d06989d75bebdd3986750863627d7f2d9ec2"
-                + "2c7c6d2fe8b2e7f15a0892a7bfd8a92cc4d91247f9ce4662609f6faac17517bbae3e8491"
-                + "7783a35f14e2632866fae7603d5cedccf5ff6f3cf8013e35b1e1edbcfda3254a21006b50"
-                + "52a84580e718e4b35d27bef768945c5c8ac1ddf811c48e26ff3397ef63c08a112ae23cd6"
-                + "6779b7d12eafeb1236818d3cf92c01c8e4e2ea1e8e2c0480a7b2fe85c324c4869aa01b67"
-                + "a73204b8f0cbaadb040ed9dc55385c60d342f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "0c89414abfb71950a59e162325388b50a78a43e1341f141cb6e15916f061021ce7b7df95"
-                + "6797bca627ab03e01bbbda8c37cd5b7591226b7c5af8405cf76a0f97a7963fd35f115daa"
-                + "9474c2de662c9406b505b3dbaa877edc9750c1ac1e145dcbf7a9a065561c1adea5c6ce70"
-                + "b26ed74fdda3f156f3bf5ab6befb0d79f1c79e3df8c036ade5c916115378e7d9ee2b5d2c"
-                + "ebd94e53fdae54e0a22c37f1581e323bfcaec2d30baec9938ea398721a3f05c4c23eae04"
-                + "3a3ee5851ca98bb83e9a96d270e767f4123f81f7771c0d2e426f053fb7e18c69102aa567"
-                + "dcb1732109329508ad7b1ff3f0ce4875e37a47128929cfd7decc9a93b29ac0679c6177cd"
-                + "7cc62584b6795dbeea8e406f4ca4388389f68d6d35ef511986696170a51143342d2445a5"
-                + "08279b98986e43dcca106ccd2f1b69127b8c22ce090937e79d650dcf93eb47e0e4c74127"
-                + "183bb38f7a855797a6bdf873454aa208032d06ad982500f7f917aa44c5b294d792a65c5e"
-                + "d4c0140d0ef0292d504255df0fa49feb1b75ac08d1a842400420df6f116b74cd1c8cece0"
-                + "81c295ad7bccc722992b88d8f43e4022049a18080fb5103241f5fb770b91adefb80da805"
-                + "1bcbd7a54a6c8a450bfcb7e4d55897f81692d52c1706c51257cffc7c17af02f7d18423ef"
-                + "d85c5c9cb9041f0487ee8aebee1fedee12c6041209dcbb9528dd5d927789d291bde3edb1"
-                + "77743c2ac0df6f973d238a0b5aac65685de044f0d44c78c080b19f734f699012af17fc0e"
-                + "d95e425a2cc45522d06f1a02c746b717a980e61f90568b3e246fbc2f7ad43097eaee464d"
-                + "747078ce8caaba482b12b1f5323b8612abb31948f744f9cc615dae60c4ea39b95f6ac863"
-                + "f68ff68e3e637219ad2adfcfe1d5917c83d3ac10f71964e71c40a4a12a541ffcff34eb45"
-                + "d541c4881671ad7d48b55d62eb260844aaa32b6307fe59fe8e68e0bcbaec5e74268a969a"
-                + "9710b2f5cdf5451bbab88064bb23a0d716174177a24f8e617da9dfd81b43bd13611e8077"
-                + "37fd00e4cdd4f697a4a4f3cff8f3402b1f06a2e48cd54481fe0c775a09a9274a312834d5"
-                + "25312908e493e4ff58e81e3fc1305cf0f7b65f830bb433873ff0c991509959f83546c29e"
-                + "b126b64121997fd58b39a35a0995c7376e334336fff12b6407f934ab702e4e1ccb48fe0b"
-                + "98a5f8fd64e49e0a6319b6837ce65b5197230c5788e4b87af6e3a80396bd299f4752e206"
-                + "7fad434dee3d593f9f536ff1a2cc1a03e791fe69c788cd3d31356d8c5eb0a96256f4fdfc"
-                + "1ea632c2a3f4cc9245619738bd3f80107e1acbca5fe67d760fa047e86ea68017f3c0adec"
-                + "b7b7cb8a602c405f36d58100b79c8729f71b1d7b357ef8689f7979f3963c1649896c5da6"
-                + "f2b83a10cf09d42c47cb4edbd432a99011548c7d5e257a2c1d42ba19fdc9c1d6e7275d91"
-                + "870368c62173e4be75f939e7e7933be2434e6aa7cb335de9344dccf1d4b47f3be1409926"
-                + "7910b2a7e8ee8616054f1b431a5e8d007fe6caf468e4235efe6730d99c900ac6b80de38d"
-                + "4154aa9749d75bdd6521fa1235c2ac17cee5128ae707c2a01e789adc2641057c897be134"
-                + "dd6c38342bf7b4bf64a763a4119ecdb4fb5decb588ff0ef7a20ad6319729db446e27beb9"
-                + "8ee39b20ea5ac6ffbbadaafece100c6ddaa63b0e45bcca30adb8428bae82073b2c494c68"
-                + "c737091b01d731d61883a57f4262aad733defe7f13323df029463430674ff40c4b35583e"
-                + "1c47fe18044893631d5aca6083cced498f285990d852d925a93e2ea8c9027b2fb7d88615"
-                + "3cf0781cdfe498502b13d1ff546449d721a5fb4909ab2389f9c33fc1276b238a5f927129"
-                + "c82360e430a1d539bd54fafa2da6b5f71cc1341ffcb7b700bfd6a6dbfc8b2ebee5dece3d"
-                + "c1d4a5c9b58ef40bfd9f7edbe8d17d934b82345d354500177dd77b4b3c7ade83bf1017c0"
-                + "7f939083c2248dbd0080845403ca0959e2fabc2592e834d60e17dad433c30b677cf71d2f"
-                + "ee5e84869b67c6b13fc72dbdab9aab06fd90f1dd20dfc41d97fe93503f5a667510815608"
-                + "c7feb81140cb1944024fec6a0911156f60b7bde770269f5fdbfd1366ce063d1acb805318"
-                + "4ef1db98332a888bba29d9f63a88d520d40f167fb8ef40c6ab0bd6447b4f1050f092c249"
-                + "96e16311801fdb87a1647b0f953b6b510fe3c4f41872df454f48ef086784a40a550725a6"
-                + "a485a925cd90b0fcdfbd6335273fe013166f00802461d87d7909922522b0a13195b9381e"
-                + "7ead39dfc7993a4951702a1dfadf79fee29edc250a215424fa486bdc073ca00c6f0c50c7"
-                + "164cddf7051bde7d63d97bf5fd780ab0caae727f72aac817afe71e20987f6e2ae0918068"
-                + "b47e40c5fef233454caaeb087433bcd909c1c5bbd8ab2be682a2b7d33267034ac16402ee"
-                + "7e92a0193e8e43f4da7e6fe5f0fb8689ceacc5f530d615d5b5a5db1155d30e4f2187d721"
-                + "731246d809c4f620a34f0d6393597fa5ef7079393a0bb810536235ba15591c5f6e695462"
-                + "bbdf9f5dab32760bcc1a91bda6aedb4b497889dd9115d63206ea34cc87db7ae893498eaa"
-                + "7842ee3b0e7de627c2a73fa1dab8befb78904a65bacb6baa340235532b6e5a69eb4e27e7"
-                + "bda343dab41c05fe4c3b68d2252db55610e56889dd708b8d9e3b09a0a8c748cfe0eebb07"
-                + "eec5eca66b5016d497519eedacb6bcba9aebf407900d3f690a6fc367d9fe985c1425e8d7"
-                + "f880eedbfcd14abab2847f0b4fdd5e593c87929704ad2413b41a6bb6e3d9aba0378dbeef"
-                + "1f233ecb06db0b6cb55dfd9ae7f29344a01cfae710e9f19a06de10ade20b9bb75fd8fad7"
-                + "8ff97592cad02ec2ac0700835a5b617ac64f0a2e5daf9b367e70fb76eab49b36c53c6d3a"
-                + "8e96049b25416f77acd7d6c2125eb2572d20d56e5329152ddb9169b1dc95354c4e403a7b"
-                + "4397495b5f8afe35b62de4bd059afeed08612d28c96d802037e8b4660fc48ba6d703fa4b"
-                + "48d7d4ebc6d2a7ab9146d0e9ec79335395f7fe3b5279ac55245b2b40e8353ee6a0b414bd"
-                + "6338fb46efe2bd8321a9f3f47a3d5f9c4e8837b3f9e9ebb9049cc716f23a877c1db75cc6"
-                + "4607cb3edfbc9e3da395d890b4015c5430d2dcf6f4ac29fc555f3381c24001e0688dbb5d"
-                + "1982225172c042a5d7fa4aa0087a75012cc3d52a2ab3f6fcd2b48cbde8f791c8c4e21ae3"
-                + "a1de22f9c762381b2a4e07f7b9d5e779bea4e0a53d3181805c90e9402ad7e86ff5adfec1"
-                + "958b30ea390c04dcb08f86fce7280a31b8cfe9845d58378fc70842721c2f8dfe14dd7fcc"
-                + "2e980cfd62a1902259eac55859b5cb807065f709c7c9383bdea1f48a85b81fb0577bbe0c"
-                + "f7812f9918037fc8e460cf3489a39f5b5d62d2b3003ad7d3320b10c15bd575d375882c3a"
-                + "cfe716256c7eaed48400af04a47ccde1498662bae27d3e2d56bfba5fd7c48753a374d0a9"
-                + "96e7d41b020b4ab4df7b30af072d092dafb1517a299431d2c23a73c32556001eadd61cfe"
-                + "e7c0026ccd059ebe61eabeb8cafaf206ff36adc213aaf21026dec33cf2a7674d76de0f3a"
-                + "497f850fbba15be620812dd21204a49cbf25a01fa872dcf5b17ec6c2d5396fc5637eb853"
-                + "1e40501c38f40b755f036fb7b51d0b52a02fbf8b24a7a7ecf87d67cd82d2f6b620747ddf"
-                + "3ce6d51547771142c270c5ac4220b7ea68875f8891256ae7d8956e7b2f6b44e174e99b59"
-                + "10f1e963430f84c8ad2e2ee4351e81f0fa4de0ec24db10c9fc9f41a990a53817c952fc6d"
-                + "eb4d6531577244f6c9ef6439f8bcebb60fda5902e5a824f1e8486a7b889747fc31e420dd"
-                + "062e95ab332ae173721a68a887de05e5e1a53d4c2440215f1ccfe84000425cce294f5a41"
-                + "61fd4ec5be1c4b86e81325b40ccedeecd16bff28015982fafe08543ee9e3fd0b2bd80840"
-                + "95e03ce5b75cf5d56dd77f369e3fbd9a66cc1e174e5f101cf3e968ba82b386ec966ac42a"
-                + "e298062172af68e46502d7699b224d05624b19e83c7325a6cdb9c7cb74ab3da4db374902"
-                + "9ca651debeb36c5e5d046ff9bb89edb0d9807e2c7453bfb651c15f57ba9f995b83a7d9ef"
-                + "415c494f0222df56cb54c8a260161df8743f3eb218319ca9e566894065184390defbd673"
-                + "3d6ed2dd6bf330fe5a3fcdd35be1f998184e2964d3e0cc73e0eedb888148f3054843bb7b"
-                + "e79f079961261d913988b6bf5957489ccc2f41173a47866cd5db993453b67663f677778c"
-                + "fba1396332f863d4c20c3ae0e11df868dcaf088f4ba5003177c8e02dbd9188cf4dec2d1b"
-                + "caccc3d856d44d2df68ebdc5e0955913040b441a2830ae755d84bc9c0acc58a7c60e677c"
-                + "1892c430bdfe91e8c277b502b6cfe55f01bce382949ad5ab07a7c7235ac6fd2c797a273c"
-                + "5e6d8e8e88792a5026ff43872ba51927d362f5a3f07e5907848fe9836aeeb300d74efd4c"
-                + "7f49e54da688a0a8daaab3d7e6ac5123d50d9ddfa55ff067e79102024edddbb975bb1ad2"
-                + "d965aedba0de43abaf111d17d7e31ff7284bed34e5315bb5bad0a10f2d4c59dc0f32a02b"
-                + "d44d4170b7c84d5bab6792400c1a02320075529ac15aa5226ba325f91dc32088fc23ce69"
-                + "899d87ba5d40abda982612064cbed6c494b6912e2a25da7d883298ffb50d93486da5d099"
-                + "d78174ab11a0b9313ce48b584a0abecc66b7cd881dbec10b76e382922e4bddcdf6ed8d1b"
-                + "5e42985d539d48873a2ce79f825605684280018125987450666fbe707a7465023aec06ec"
-                + "aeb5bcfe6f4d8173c581627a2aa7bafab417c8c772df17942d821a3367110e5827f84440"
-                + "b708c080321f926cecc33f281d93acae7310b8de0a9c686a92ee4d06dd641ea4f3ee3e08"
-                + "12f38b80cc8c85185c71372b2cb349f5f1b03f3b7fb5f6ad44339fad30e97b076b2c243d"
-                + "22def5d3708e0f934a5b000b2229fe966af39c302babc89638933345ea65e7f050b57049"
-                + "f6957a5ecb5db3cdac641a951ceb4ad29e08ae6a9ecfe2b6476e0eda521421dbde48493b"
-                + "54684c0de25064f5c3c9a1ef33f47d6d23dd045356e018331c0c3e4c8bd9d5e259084843"
-                + "95a1d63cdbf534bd93d7cf2e0ed93105640bfdd1a8f2e7d7e125562c8a0a792084dca8e6"
-                + "239bb9e63cc4c2f2f29d477dd1210d5a715feb863c2267517ada556489ac2d9e111969c1"
-                + "79cce329feb5c5d974357af3a683e6a54c296124852d844236a063316e04754b0a80340e"
-                + "bd1550ab34227edc6e0afc96800cad73a26d1e9a29134bc914e38cf6427abaf463ae1dcf"
-                + "62ca8f60034772e6aa1c3c53e2f5b5b1659e44b3185ea908ab9d49ee524418fe603aaa51"
-                + "7f7d9e2ce586c69b00372d1e5b4d72947a6e1c1ae684a355ae1fc996c55d207156fa164e"
-                + "06f73eeaf14374d8f60cb7c956dca0a778317de3636b9f6d052dd6df969cae29d1ab1697"
-                + "2f59336444a758552fd60eb02b47e60bb2bb04d540f3e957444187e95b0e3a3be7cf8fe4"
-                + "136d3fac803d552cafcedf0c0ff505b4fc9719550d17842a702cbac71ea5e59932c11473"
-                + "f7b2e06331ebcedddc590c9699bcce9e9f092a267e6a3937522ccadad7c1e62f2c49fce3"
-                + "86a02d82f933f96c35fe91b338bfbae01f059123f410cd77f3f64d33d4c49de444f95642"
-                + "1e2fc46174f15c0335e6165f289438968612f6b0d67ca5e1ab4a01787134f97a828bdf49"
-                + "7e582eca52343b1bfa189f4c0fd96393494f768fce4c9257c78ba33af3e75a1212ec49e1"
-                + "02093bc179b16903062627c6e9a301b0750d208bcb182d13e63b932cc936ca59a2fdea97"
-                + "0e8908413480c8d5d040e11c94555e47bbcf369a2589297b993fc66b0394d67e536752b2"
-                + "2b091e8dd59d3b99e06d1d4c667fd1d2d4be5969ebcad5e4d45da5a8b7f921260569c758"
-                + "04cf1925617df102e29afc0661b0383fcdd4467a65cdcd1661d77a274f0a96b5cde9bbae"
-                + "07442279b4bc97fe7456117ff89b8b83b8833fe56d598a8a9e6bd94c371320999e16970c"
-                + "f10a9910d001aef59471280056e2644a2eaaf5e973e5281d26d1329053f40768d69fe882"
-                + "1d81c2bcccea1442fe26640c36bd7db0ea61da449ea340b22e4818097972a352390a9abd"
-                + "ecb7170653bea3d8e71375f62656155a251ea6317adf5f3b24db23fa75150770812aae91"
-                + "ad06f56316c266528c8141359ae3d077c483d06989d75bebdd3986750863627d7f2d9ec2"
-                + "2c7c6d2fe8b2e7f15a0892a7bfd8a92cc4d91247f9ce4662609f6faac17517bbae3e8491"
-                + "7783a35f14e2632866fae7603d5cedccf5ff6f3cf8013e35b1e1edbcfda3254a21006b50"
-                + "52a84580e718e4b35d27bef768945c5c8ac1ddf811c48e26ff3397ef63c08a112ae23cd6"
-                + "6779b7d12eafeb1236818d3cf92c01c8e4e2ea1e8e2c0480a7b2fe85c324c4869aa01b67"
-                + "a73204b8f0cbaadb040ed9dc55385c60d342f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "0da714e82f54dfd7f6c178572d168289c560985042e67c45781d7e940aa1a33f47c0d5b2"
-                + "c7731d6aa5632ee1cac7d6c4409fb7c2e64772f6ad6df2d9f38d830a963e55c7b80375ec"
-                + "0059984c13627a6deeae3db4013afb15747568915f816e6f464d8455973a1f92762abf8d"
-                + "eedff1274e501d04a61f66e2c8db2c88f4260715626970d4f06158f11631040143f32160"
-                + "38b4096ac719301f761308fcd50360356e1068e71f6c7bb22c0c8bbcca3ef3f401caa88f"
-                + "d4b71b382d642f7f1610faf04eff88361e8b057fd2385140260119e222c1a14316b64354"
-                + "f0159007ecc6c02f5da72af3b307987a1a96eb685bd85cbaf549a5ec3761af543e43a661"
-                + "b8f18b845e6f5b8ca18bd68529f93e786e2e2b9e26fc1eb31f8f6c8d4df2274267ea8433"
-                + "664959e98668c3e0ee1a30516234f31ec5dd92da42ade1f287592b5440777118949ebf1c"
-                + "e67779ad7e136337a0499903a4240e4b1894ce378e2fa7060c13b2b3734f1034e09ea62c"
-                + "7ab3b82e9540a4d8a46ccefb0e4ab0acf4416a47ea4f70310d8fce41515d944fc0906a62"
-                + "f0dcd7ed8b4b94c0a108836ba2088d889d3b8dcb386fc5018fc81e86016418f7b05f42ac"
-                + "afbaff45963f98916f63506e4b0f5b95b1c72d194070099f1f3063c40c18d89a506430d2"
-                + "783aeb0b4b2730ad344a317ff1ed320d90f4bc46ae23f28679bff44de77fad17ece6fc92"
-                + "634e53660df9dd8ab2456399a123a0687cf2a870ef95a1d01a1329cb342a10967578e570"
-                + "42ae856dc940126dcb24ef8fa3a4bd2e1be36a3b8ec2b90937d79ecc1bc1f0a83f7e9924"
-                + "0281758f222889ed5b14e1cd0481d0a4b1d292aa740ad99740f4276405589f9b2cf30791"
-                + "1018a3e7ba89902a4af49d5170b698742f6b6fc86e0663bcff144c9e27a5fdd824b12d58"
-                + "1533bf42b4d4ec51974ca71aa07e6b4948dd78305e97d97cdedad00a338f497486e3dc02"
-                + "c45b1a5510054ac5cd255fc288be0692ac964be6971d735118aa7b8c0140a41ff700d6a6"
-                + "eb55cb810345b9260838fb266476136097a923de32047798b0aa60ee5c3cbe1bfb9901da"
-                + "e729c8bef75d6dbc830b50b38cc0b52648283ebe41e6e50c28896cab0be3b1130ef39262"
-                + "a3c85fcc50c81d53ad80b6af5fe01f50f20bca81490e41cfd755c68446be3c6bc4908e99"
-                + "ddad9ea4c793415fe34a17cdba200c3e879d233c4f077af252a4fb5ca91e5f151baf6f6f"
-                + "61028e5173e83623ac8c2249761ee79f7ae06ac11d10ee305f20021147c571a26fcd5c83"
-                + "6943c388c42fd74f9e5d6176d22f246f22489a866ac5fa9edd375d273bd9d3913d09cebd"
-                + "44153f1828adbe4bb82bdb52e35cd221b0b5ee9ddd2020b07c884b3649a99dfe15e4cbf3"
-                + "0a32125928bb24998634842743aa616b1cee296657a8e9e1d0a43d4c920860b68ce0d2cb"
-                + "0cea57a1468f99f09d8a60c40150ca4b4cae16c7292f586ed269f75f275d47f51550d68c"
-                + "701766da5d46dd8108267fd861907d41086746406d5fb916ad3da0bfc854b9b9073afb3a"
-                + "23e5e70dae66c0bdac1ca9a18cc77bac100e462a4e8c25ddf93748afab3b15952634a802"
-                + "d99415eabf68e8114d5b2f0b905cae3a8d7174d5cba05eea9d184695f64fac6a4e2b4615"
-                + "01f3f06c65dc52b315791ea35ddc7720f06497489b1344b902fc6c4866eeed6c816b6153"
-                + "68cf76f17bcdb12a02834ac2bee3fd3c3fa64060029c183742a756022dedad385548f85b"
-                + "d5762abc43a30ec5e99673c40f5544dafbf679a564c97c85f1abc18943fcef75000dfa73"
-                + "6f94e9b38678f38d73c18799c4c0a7e998b1761ee03395383c1f47578f2f8e6c2c02279a"
-                + "ee9961c86a3153b270caf6c787fa89b112e2c97cbe4c3dcbe6efdc470c4795660ef597f6"
-                + "059d60948cbf9241fd17d6a8c1591808703312c2019280ee1435be38aba70efd1c83c81a"
-                + "7632fe826b2673b78134ec163747695792008c18eefee0d6ab50ead1aa8c523933b8fa00"
-                + "34b5b54407341da8f7528f54f8bce44608e36663ed37870abdd7cd80639973bcbbceef86"
-                + "702149190a85ebcc25b4fa81c8f34af0e6f5a5969d6392d28b7bc4f290c6cfa28955b7a8"
-                + "571632edcc600b39a1ebb370c6351a08f1d8117ed7a841e8e65225c8650a6c4249c35ca2"
-                + "197b88a1e5ace362121fb2019e505d4b2a2b75d44cfb08bae09bd7b11c0cbcd6af1e0b59"
-                + "6f7b1e4f86834cf1224a56aa4c8ed61f54d273e1e950bc75829b6b80a583481be847eeb4"
-                + "3f60a7c0b3693945ddfefe62970a478127a3533c906825f411fcfd2d44af091f2f20a723"
-                + "aa842800a0df19fa8618806e73de39001978697b311bb776182ef7c78aeeba5cb2328357"
-                + "72d46cf9eb22f7704a885bd7a6fadf6eb2ef4ea92b6ed1a2348dbd89db0eb1f2225ca1f8"
-                + "a6f6f2b40fba42b0d16f7fae7539fee269ae60d97a5fc0cfe2310b2c827d023219cf635e"
-                + "f336389506842995d90f75309fb00142dc995cb883f248fc98c5f04c958836f2c3ccc83c"
-                + "1f35b49f3acb98b858b3b4e6519142521243d9ed73326ece1f2a74f289ce59ab11c60712"
-                + "67406b80134df30f8f574cc1c0f844d4deb642668f5f76fb507cd70711f901ad1d3122a9"
-                + "3e5b5114e100ddbef35cb8d8f75f4807b665da528727bb9caf8d370d409b7ff745c50aa0"
-                + "26a6d8a10220eaca5a51d3552c1423facc0bb428c70d5f24571efd589e89d2785132e93a"
-                + "5afcd566a114190cbc2819d089decfb93f51e0a0bdd2dbba76fa571b781a1af4ab08b0ca"
-                + "e4d9b25a0fa475f40afaac2abf7c73bb340c839d43cee5c71939d7643b5d43e3d6278300"
-                + "b8e087f5248139ab2b3804e77f20fe5a2377b83908f07f99b5bc9eabcd758d322b3cbc6b"
-                + "3073446858e60ab2c91a40385a4ea8f0008d21755b8f2de9084acdb332b0701b476d6bf8"
-                + "dadc695d6d4c5c86490a9e018d05bf57528ca004ee78149db7a5484ec821dfc81cef3ffd"
-                + "c1c01720f77c8d9aa38dd2936d376b67f9ec1f6dd9281ebf0279df4a3b7cdaf62e475b42"
-                + "8e47b1dff67f3d2dc9a329cefe8afe353fd5c1d38ecff1e5f2a31c230c837cae048167b3"
-                + "bced8e52717d46c19ed37b193ddbf6bd6eedebef0869e49153d193edc1f0820f7f1143fc"
-                + "2f7e2f2893790feff22d218a7b7a75012cc3d52a2ab3f6fcd2b48cbde8f791c8c4e21ae3"
-                + "a1de22f9c762381b2a4e07f7b9d5e779bea4e0a53d3181805c90e9402ad7e86ff5adfec1"
-                + "958b30ea390c04dcb08f86fce7280a31b8cfe9845d58378fc70842721c2f8dfe14dd7fcc"
-                + "2e980cfd62a1902259eac55859b5cb807065f709c7c9383bdea1f48a85b81fb0577bbe0c"
-                + "f7812f9918037fc8e460cf3489a39f5b5d62d2b3003ad7d3320b10c15bd575d375882c3a"
-                + "cfe716256c7eaed48400af04a47ccde1498662bae27d3e2d56bfba5fd7c48753a374d0a9"
-                + "96e7d41b020b4ab4df7b30af072d092dafb1517a299431d2c23a73c32556001eadd61cfe"
-                + "e7c0026ccd059ebe61eabeb8cafaf206ff36adc213aaf21026dec33cf2a7674d76de0f3a"
-                + "497f850fbba15be620812dd21204a49cbf25a01fa872dcf5b17ec6c2d5396fc5637eb853"
-                + "1e40501c38f40b755f036fb7b51d0b52a02fbf8b24a7a7ecf87d67cd82d2f6b620747ddf"
-                + "3ce6d51547771142c270c5ac4220b7ea68875f8891256ae7d8956e7b2f6b44e174e99b59"
-                + "10f1e963430f84c8ad2e2ee4351e81f0fa4de0ec24db10c9fc9f41a990a53817c952fc6d"
-                + "eb4d6531577244f6c9ef6439f8bcebb60fda5902e5a824f1e8486a7b889747fc31e420dd"
-                + "062e95ab332ae173721a68a887de05e5e1a53d4c2440215f1ccfe84000425cce294f5a41"
-                + "61fd4ec5be1c4b86e81325b40ccedeecd16bff28015982fafe08543ee9e3fd0b2bd80840"
-                + "95e03ce5b75cf5d56dd77f369e3fbd9a66cc1e174e5f101cf3e968ba82b386ec966ac42a"
-                + "e298062172af68e46502d7699b224d05624b19e83c7325a6cdb9c7cb74ab3da4db374902"
-                + "9ca651debeb36c5e5d046ff9bb89edb0d9807e2c7453bfb651c15f57ba9f995b83a7d9ef"
-                + "415c494f0222df56cb54c8a260161df8743f3eb218319ca9e566894065184390defbd673"
-                + "3d6ed2dd6bf330fe5a3fcdd35be1f998184e2964d3e0cc73e0eedb888148f3054843bb7b"
-                + "e79f079961261d913988b6bf5957489ccc2f41173a47866cd5db993453b67663f677778c"
-                + "fba1396332f863d4c20c3ae0e11df868dcaf088f4ba5003177c8e02dbd9188cf4dec2d1b"
-                + "caccc3d856d44d2df68ebdc5e0955913040b441a2830ae755d84bc9c0acc58a7c60e677c"
-                + "1892c430bdfe91e8c277b502b6cfe55f01bce382949ad5ab07a7c7235ac6fd2c797a273c"
-                + "5e6d8e8e88792a5026ff43872ba51927d362f5a3f07e5907848fe9836aeeb300d74efd4c"
-                + "7f49e54da688a0a8daaab3d7e6ac5123d50d9ddfa55ff067e79102024edddbb975bb1ad2"
-                + "d965aedba0de43abaf111d17d7e31ff7284bed34e5315bb5bad0a10f2d4c59dc0f32a02b"
-                + "d44d4170b7c84d5bab6792400c1a02320075529ac15aa5226ba325f91dc32088fc23ce69"
-                + "899d87ba5d40abda982612064cbed6c494b6912e2a25da7d883298ffb50d93486da5d099"
-                + "d78174ab11a0b9313ce48b584a0abecc66b7cd881dbec10b76e382922e4bddcdf6ed8d1b"
-                + "5e42985d539d48873a2ce79f825605684280018125987450666fbe707a7465023aec06ec"
-                + "aeb5bcfe6f4d8173c581627a2aa7bafab417c8c772df17942d821a3367110e5827f84440"
-                + "b708c080321f926cecc33f281d93acae7310b8de0a9c686a92ee4d06dd641ea4f3ee3e08"
-                + "12f38b80cc8c85185c71372b2cb349f5f1b03f3b7fb5f6ad44339fad30e97b076b2c243d"
-                + "22def5d3708e0f934a5b000b2229fe966af39c302babc89638933345ea65e7f050b57049"
-                + "f6957a5ecb5db3cdac641a951ceb4ad29e08ae6a9ecfe2b6476e0eda521421dbde48493b"
-                + "54684c0de25064f5c3c9a1ef33f47d6d23dd045356e018331c0c3e4c8bd9d5e259084843"
-                + "95a1d63cdbf534bd93d7cf2e0ed93105640bfdd1a8f2e7d7e125562c8a0a792084dca8e6"
-                + "239bb9e63cc4c2f2f29d477dd1210d5a715feb863c2267517ada556489ac2d9e111969c1"
-                + "79cce329feb5c5d974357af3a683e6a54c296124852d844236a063316e04754b0a80340e"
-                + "bd1550ab34227edc6e0afc96800cad73a26d1e9a29134bc914e38cf6427abaf463ae1dcf"
-                + "62ca8f60034772e6aa1c3c53e2f5b5b1659e44b3185ea908ab9d49ee524418fe603aaa51"
-                + "7f7d9e2ce586c69b00372d1e5b4d72947a6e1c1ae684a355ae1fc996c55d207156fa164e"
-                + "06f73eeaf14374d8f60cb7c956dca0a778317de3636b9f6d052dd6df969cae29d1ab1697"
-                + "2f59336444a758552fd60eb02b47e60bb2bb04d540f3e957444187e95b0e3a3be7cf8fe4"
-                + "136d3fac803d552cafcedf0c0ff505b4fc9719550d17842a702cbac71ea5e59932c11473"
-                + "f7b2e06331ebcedddc590c9699bcce9e9f092a267e6a3937522ccadad7c1e62f2c49fce3"
-                + "86a02d82f933f96c35fe91b338bfbae01f059123f410cd77f3f64d33d4c49de444f95642"
-                + "1e2fc46174f15c0335e6165f289438968612f6b0d67ca5e1ab4a01787134f97a828bdf49"
-                + "7e582eca52343b1bfa189f4c0fd96393494f768fce4c9257c78ba33af3e75a1212ec49e1"
-                + "02093bc179b16903062627c6e9a301b0750d208bcb182d13e63b932cc936ca59a2fdea97"
-                + "0e8908413480c8d5d040e11c94555e47bbcf369a2589297b993fc66b0394d67e536752b2"
-                + "2b091e8dd59d3b99e06d1d4c667fd1d2d4be5969ebcad5e4d45da5a8b7f921260569c758"
-                + "04cf1925617df102e29afc0661b0383fcdd4467a65cdcd1661d77a274f0a96b5cde9bbae"
-                + "07442279b4bc97fe7456117ff89b8b83b8833fe56d598a8a9e6bd94c371320999e16970c"
-                + "f10a9910d001aef59471280056e2644a2eaaf5e973e5281d26d1329053f40768d69fe882"
-                + "1d81c2bcccea1442fe26640c36bd7db0ea61da449ea340b22e4818097972a352390a9abd"
-                + "ecb7170653bea3d8e71375f62656155a251ea6317adf5f3b24db23fa75150770812aae91"
-                + "ad06f56316c266528c8141359ae3d077c483d06989d75bebdd3986750863627d7f2d9ec2"
-                + "2c7c6d2fe8b2e7f15a0892a7bfd8a92cc4d91247f9ce4662609f6faac17517bbae3e8491"
-                + "7783a35f14e2632866fae7603d5cedccf5ff6f3cf8013e35b1e1edbcfda3254a21006b50"
-                + "52a84580e718e4b35d27bef768945c5c8ac1ddf811c48e26ff3397ef63c08a112ae23cd6"
-                + "6779b7d12eafeb1236818d3cf92c01c8e4e2ea1e8e2c0480a7b2fe85c324c4869aa01b67"
-                + "a73204b8f0cbaadb040ed9dc55385c60d342f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "0e8fc52c68779f742a04ba2effbdbf8a5033169921b204d3518907e5e8ce7b051b924b20"
-                + "28c3eaadcf1aac3e9e17079590fb454a78519c591aa4f434c57d569104b327c180072d7e"
-                + "54d55668159d637b2206dc4b0e62b8d4db4fc324cfd134a9895f8a9d00db48cf05384032"
-                + "93ed4cb278c2c2164bf2c6b73b12d4beff5e13bbda6cd2592afacaf0aacaa09943213426"
-                + "10963197d24ba3dddd4c8d73a9fffcad563e1f3a5c14bbd832bf8b07b3c9b5e9efbaa44c"
-                + "388682860b3435f9692265b615d6002b4b8733bf7d2b7413ab603f64a3438b1fe1c3c642"
-                + "853f3d610f35dfb12b93069e3d73018cc1da74dd95ba798f54a31ba8c5c65d3234bb3786"
-                + "d51e5dd87806cc963a2845e513119e8570dffcf2c5e9debc027ef43a02be40180b6d548e"
-                + "f3abfabe6c43aada3337a9014f7ec236f0331c068d388b121cb13da57e73173a69e1cfd9"
-                + "434b9ae36ea4613b118ca05d45f28e419fccff3157f5af8e33ced2af3ba149a4a08285ff"
-                + "9385955e966bd2af4891d385d707bde3df8cfe2d2bc77527a70bc9ecdf42ec3d046cc9e5"
-                + "3445df9380f9e19d11d4a9d38920378c2e6f3185189f5e5080295ad807bf2fa5ae0b777f"
-                + "29a4a5925e3b00b4be8af26aafe9780079ca4833d6f5a1b7a3d498b38d12b4c327299c09"
-                + "e0e18528119fe49c98ebeccc2beb54aa649118870f2db2b497891f6882cf3e2d52387485"
-                + "82602fa9bf4bc20bbd7962b113c13b296d591815e78ed09fc113fddcae7817a7ae323a0f"
-                + "7443aaebfd0c3d19d8f505ddf1dc2f63d2d344c3785978de0e6555c5587c5bc30f6f3a14"
-                + "152764abbdee93671659abe43e6c03dde1f8fcfae36a79981d020e339b3ac94fe4353930"
-                + "74da7685ba143695f7d90f54a6f63bfa83a0a2596348bba7c1570d5ce9b2e6498672f30c"
-                + "4d4c8a5374ccfb166ae7a4ba91d439d35c42e73b3b1e925c6094b07a994626cd6c5f1eeb"
-                + "e07134fa5d47044702edbee817e6c1a49397838f4589b736f59a96bcff60739231ec325f"
-                + "e9adae43a58f1a0c3c9364510c206bf31453abe9d26bf7180ad24250c224558c6bb2ce74"
-                + "af2c952dbc5c77767a92db8375db70dccb087ac63264968017c7179540fb123d55872ff4"
-                + "41233fcf66fc7ad6035255052a731ab9ec2d3322d6d2e167311bd0c2672b9f5b04d7b7d8"
-                + "7685e79a322c6d849403f48204bd3e001c300f88f0d84e86364eb6e8b956156ea7cc5c67"
-                + "a38182cd24d057214b02da32cbab42ba240a04040c940d9758a8d081387f6815e646f428"
-                + "67cfc9e8fa08697c3ab66740c756678be7ecdcb0c5114afaff488e9078a32c2c660e247d"
-                + "be018f004bbdd68fefd8fa68ed952020cc34d366d260fa47bf8eff2ef8ab3995c6f99adf"
-                + "a8da3c3887b46a3fd7a1536667caff0df421e64022854a951e5ad65405f85d245b5d0906"
-                + "ecc4cd59c5e7265aa43d1ea522bf144786153ccf0cf1ed1d0ca5230850be8d1172c35abc"
-                + "69562f00525e02ff7d8ef409cab89a4f5bc77f27604fe07e94ec34c92e56662247840365"
-                + "35a244a6530d6ac6a7bcf5c4b3496875620f2baf8ff44284a1bcb7fa2e740f3d9bf17cc0"
-                + "8338420f9b0ff4018bea0289572330fa9fae364dab581b5f8830139602cfa9f00eb3bee0"
-                + "7ccaa37711b1c1dbf61f6988f3b42fd965932e1496b601ae8eaa959b9a7db66e03cf0cff"
-                + "91f820d2ba11d74746f3ca61e14aeb7708177365496037bc6f3f3c3d79affcd68fee476c"
-                + "14bc7e530be355388c1f6ed0fd6393982a3bf9e4a7569553de3baac54e6fd144113dc600"
-                + "dbcd7066cb3a6eaf099a90c627887b94b5a2b37044a38d181fa9e61013afeb952e0a0374"
-                + "cc8574ff774c714f9e3bc976062cce7445a7a06c27598f7e7097d17fb02dba8ac0761c63"
-                + "508688d07ccf869853265b3eacadbf3c8418f95666f9d13c4a6e31bd4abf4fafcb02df21"
-                + "370e4c090e4f32b1f03f083516d07db38b5a6fbf9baee1d80be4ef2f6a5e35f66fe9e944"
-                + "be2f1b89252a295365381e4e95b3dc0a6db4f44d95c64e72e8f0eea55aff71e222ee1c69"
-                + "c23a89512c56b59bc24c13c5091199fce38d330dcefae71afedf5b6adb6b929cc082769d"
-                + "e544ebe42fea0ee19920688e6623b14b91c050508b65a656b9fd3a8cda0c80ef64da2381"
-                + "f8320b5998e249d3c3a4cc3e43058014a9df9477fab2c0b3c93da8023e4ea106f03366fb"
-                + "1ea35e09b3b282b6d9279bf6f715b519f4f8ad2bd7d0cceffd063a9aa196092a5ae6cfd5"
-                + "96abd6d24c6f05e23bfa0bca63fdc20bdafbca6487707fa2a8f258800ccc8e00c761b889"
-                + "23255ed6e359950dbed3e19ac8d3bb69ae1082b697b59eab6b2a101b5d7169fbc03940f4"
-                + "117f27a11a95d162821c4ce463eb69f738d81734616166a21258d57646191fa20e119072"
-                + "782a1c35698c957e3df14df213e7ff19b24980578e883daf7cc9e80c768b44927ae08fa0"
-                + "59e1b8d922230cc216e0cf9efbf40d2b2c5a4189f633ac754aa4f1ed0cf9f61423fab0b1"
-                + "36473c0c6969748666acd5480ebe08d50003b7ab86feb615c5c57098968c9994a7ecd2ab"
-                + "bdb9e9f39f046eef25aa6acb4a4af40834dee75e3ac0dad86d6cad26ff23758dead83c7d"
-                + "b7a84e0e0725cc92cffc942c5cdf750bb44bb3531fc90db88f3f0bf35da16ccb56af77b6"
-                + "675b0ed811925e8738c79ecd735ef866dc1ca0f27e850ec56ac2de54602b59e5ec85cf07"
-                + "7bc32781c1ffd0a5ed68a20d8d08d7003182d961ebdd5fb5e2131a1f93c1e9110b261b78"
-                + "d8282d4104babd68ae69ec88b0b7cc2103d6966c1f920d6446ca3ef0b9ed0cdb6ff390ab"
-                + "f67675d6acb99257c0d4a2579fb53d876db0fe0a652f24a2de95e4c30d9e9b3d16bbfcb4"
-                + "ce7d6fae22ad1bb375a43c32f57d3e7f13fa910d8701d862f0ad9e79448e6e452bd96616"
-                + "67f8bc99bb64eb57f869036f7ea0ee91e2fb24f76611c5716f3230a962d2bb7e67232eb2"
-                + "799da035a536e5325c054a4596029eef23eface2d09b445b98a24d5d308dd575cb1ffc48"
-                + "296635e5575f20c064a0b7392cb893eea7203b42a92081f864c1fea4055fc17552207873"
-                + "c1cd9fc2d063fbd5bff115dbbd8536be1ea6e11989fe66962a32d5b876b18b8c700115bf"
-                + "8594732e66d1726c38d4d835d0c1f4f6b291e011185b7dea770409e01d0d5a455218f1bf"
-                + "cbd1ea1b593baed37f4e07f7b9d5e779bea4e0a53d3181805c90e9402ad7e86ff5adfec1"
-                + "958b30ea390c04dcb08f86fce7280a31b8cfe9845d58378fc70842721c2f8dfe14dd7fcc"
-                + "2e980cfd62a1902259eac55859b5cb807065f709c7c9383bdea1f48a85b81fb0577bbe0c"
-                + "f7812f9918037fc8e460cf3489a39f5b5d62d2b3003ad7d3320b10c15bd575d375882c3a"
-                + "cfe716256c7eaed48400af04a47ccde1498662bae27d3e2d56bfba5fd7c48753a374d0a9"
-                + "96e7d41b020b4ab4df7b30af072d092dafb1517a299431d2c23a73c32556001eadd61cfe"
-                + "e7c0026ccd059ebe61eabeb8cafaf206ff36adc213aaf21026dec33cf2a7674d76de0f3a"
-                + "497f850fbba15be620812dd21204a49cbf25a01fa872dcf5b17ec6c2d5396fc5637eb853"
-                + "1e40501c38f40b755f036fb7b51d0b52a02fbf8b24a7a7ecf87d67cd82d2f6b620747ddf"
-                + "3ce6d51547771142c270c5ac4220b7ea68875f8891256ae7d8956e7b2f6b44e174e99b59"
-                + "10f1e963430f84c8ad2e2ee4351e81f0fa4de0ec24db10c9fc9f41a990a53817c952fc6d"
-                + "eb4d6531577244f6c9ef6439f8bcebb60fda5902e5a824f1e8486a7b889747fc31e420dd"
-                + "062e95ab332ae173721a68a887de05e5e1a53d4c2440215f1ccfe84000425cce294f5a41"
-                + "61fd4ec5be1c4b86e81325b40ccedeecd16bff28015982fafe08543ee9e3fd0b2bd80840"
-                + "95e03ce5b75cf5d56dd77f369e3fbd9a66cc1e174e5f101cf3e968ba82b386ec966ac42a"
-                + "e298062172af68e46502d7699b224d05624b19e83c7325a6cdb9c7cb74ab3da4db374902"
-                + "9ca651debeb36c5e5d046ff9bb89edb0d9807e2c7453bfb651c15f57ba9f995b83a7d9ef"
-                + "415c494f0222df56cb54c8a260161df8743f3eb218319ca9e566894065184390defbd673"
-                + "3d6ed2dd6bf330fe5a3fcdd35be1f998184e2964d3e0cc73e0eedb888148f3054843bb7b"
-                + "e79f079961261d913988b6bf5957489ccc2f41173a47866cd5db993453b67663f677778c"
-                + "fba1396332f863d4c20c3ae0e11df868dcaf088f4ba5003177c8e02dbd9188cf4dec2d1b"
-                + "caccc3d856d44d2df68ebdc5e0955913040b441a2830ae755d84bc9c0acc58a7c60e677c"
-                + "1892c430bdfe91e8c277b502b6cfe55f01bce382949ad5ab07a7c7235ac6fd2c797a273c"
-                + "5e6d8e8e88792a5026ff43872ba51927d362f5a3f07e5907848fe9836aeeb300d74efd4c"
-                + "7f49e54da688a0a8daaab3d7e6ac5123d50d9ddfa55ff067e79102024edddbb975bb1ad2"
-                + "d965aedba0de43abaf111d17d7e31ff7284bed34e5315bb5bad0a10f2d4c59dc0f32a02b"
-                + "d44d4170b7c84d5bab6792400c1a02320075529ac15aa5226ba325f91dc32088fc23ce69"
-                + "899d87ba5d40abda982612064cbed6c494b6912e2a25da7d883298ffb50d93486da5d099"
-                + "d78174ab11a0b9313ce48b584a0abecc66b7cd881dbec10b76e382922e4bddcdf6ed8d1b"
-                + "5e42985d539d48873a2ce79f825605684280018125987450666fbe707a7465023aec06ec"
-                + "aeb5bcfe6f4d8173c581627a2aa7bafab417c8c772df17942d821a3367110e5827f84440"
-                + "b708c080321f926cecc33f281d93acae7310b8de0a9c686a92ee4d06dd641ea4f3ee3e08"
-                + "12f38b80cc8c85185c71372b2cb349f5f1b03f3b7fb5f6ad44339fad30e97b076b2c243d"
-                + "22def5d3708e0f934a5b000b2229fe966af39c302babc89638933345ea65e7f050b57049"
-                + "f6957a5ecb5db3cdac641a951ceb4ad29e08ae6a9ecfe2b6476e0eda521421dbde48493b"
-                + "54684c0de25064f5c3c9a1ef33f47d6d23dd045356e018331c0c3e4c8bd9d5e259084843"
-                + "95a1d63cdbf534bd93d7cf2e0ed93105640bfdd1a8f2e7d7e125562c8a0a792084dca8e6"
-                + "239bb9e63cc4c2f2f29d477dd1210d5a715feb863c2267517ada556489ac2d9e111969c1"
-                + "79cce329feb5c5d974357af3a683e6a54c296124852d844236a063316e04754b0a80340e"
-                + "bd1550ab34227edc6e0afc96800cad73a26d1e9a29134bc914e38cf6427abaf463ae1dcf"
-                + "62ca8f60034772e6aa1c3c53e2f5b5b1659e44b3185ea908ab9d49ee524418fe603aaa51"
-                + "7f7d9e2ce586c69b00372d1e5b4d72947a6e1c1ae684a355ae1fc996c55d207156fa164e"
-                + "06f73eeaf14374d8f60cb7c956dca0a778317de3636b9f6d052dd6df969cae29d1ab1697"
-                + "2f59336444a758552fd60eb02b47e60bb2bb04d540f3e957444187e95b0e3a3be7cf8fe4"
-                + "136d3fac803d552cafcedf0c0ff505b4fc9719550d17842a702cbac71ea5e59932c11473"
-                + "f7b2e06331ebcedddc590c9699bcce9e9f092a267e6a3937522ccadad7c1e62f2c49fce3"
-                + "86a02d82f933f96c35fe91b338bfbae01f059123f410cd77f3f64d33d4c49de444f95642"
-                + "1e2fc46174f15c0335e6165f289438968612f6b0d67ca5e1ab4a01787134f97a828bdf49"
-                + "7e582eca52343b1bfa189f4c0fd96393494f768fce4c9257c78ba33af3e75a1212ec49e1"
-                + "02093bc179b16903062627c6e9a301b0750d208bcb182d13e63b932cc936ca59a2fdea97"
-                + "0e8908413480c8d5d040e11c94555e47bbcf369a2589297b993fc66b0394d67e536752b2"
-                + "2b091e8dd59d3b99e06d1d4c667fd1d2d4be5969ebcad5e4d45da5a8b7f921260569c758"
-                + "04cf1925617df102e29afc0661b0383fcdd4467a65cdcd1661d77a274f0a96b5cde9bbae"
-                + "07442279b4bc97fe7456117ff89b8b83b8833fe56d598a8a9e6bd94c371320999e16970c"
-                + "f10a9910d001aef59471280056e2644a2eaaf5e973e5281d26d1329053f40768d69fe882"
-                + "1d81c2bcccea1442fe26640c36bd7db0ea61da449ea340b22e4818097972a352390a9abd"
-                + "ecb7170653bea3d8e71375f62656155a251ea6317adf5f3b24db23fa75150770812aae91"
-                + "ad06f56316c266528c8141359ae3d077c483d06989d75bebdd3986750863627d7f2d9ec2"
-                + "2c7c6d2fe8b2e7f15a0892a7bfd8a92cc4d91247f9ce4662609f6faac17517bbae3e8491"
-                + "7783a35f14e2632866fae7603d5cedccf5ff6f3cf8013e35b1e1edbcfda3254a21006b50"
-                + "52a84580e718e4b35d27bef768945c5c8ac1ddf811c48e26ff3397ef63c08a112ae23cd6"
-                + "6779b7d12eafeb1236818d3cf92c01c8e4e2ea1e8e2c0480a7b2fe85c324c4869aa01b67"
-                + "a73204b8f0cbaadb040ed9dc55385c60d342f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "0fcc0e7a5d3665e526f3bfa0c4f79a87d0345c71d81e75cdc41e9fdd0a09838103574457"
-                + "0b2f06cdda0bed27b0fa68939197a2a9bc5297fd75fea460d8f473a17511a8485aaf7f4a"
-                + "92526816d0202df8e08de6cbbb9ef233e032e685e660726e00e400631794036889e30822"
-                + "601bc8bc1c04f10f4e380ec7647c05af4ff603bede69f323488e55f2d0945ab69ee50c8a"
-                + "738508c3244594bc607ae8784fd2411474e493e02e5c854dd4ba2585ab96ffdfc0ccb612"
-                + "820f12dea8a4c398b8610183175a1d740b62a3631412ead199ecbd62a76ab4bd009e6db6"
-                + "5c537b00c15e156443bee98d0cf8292ff0af572e3ce8153ac58b12fa086d342c606043e3"
-                + "352a272a84ca131455b068b4016bfdecae4c38218991a1488e4480bab656ee22842771be"
-                + "cd807afb99f5a036679071b5e4e73f2cc759e357aaa5285456cb90f33cf663498072cb9c"
-                + "717490fc2650b17ca28c8df5ce97d468e2e5998bc48181019cc040915c0f451597a65720"
-                + "3361345d751c0ff445d0ddc81331df3141341b8f141b7fe3ba7770ebc107798cc4d6b91b"
-                + "429522f3a07769b4cf05630a663c740e6249c90aa7f1a5aed19de1d1d4e1a18e45bc7241"
-                + "e1681712acf421d13e49e8d6cc05029dd7a2d3346f37d2aa4bd250da3fde62935d83a554"
-                + "dec973730cc9e5d56d377570fe2ab7ef965703e7c80dd193e94e1907270004ecf7c64ab2"
-                + "2529e3cf44cddbcfcf1454a3b2b59c29dd72a82e36fb5e86118678cb668f4fdd12daf5ec"
-                + "c44eb65a8213278c831b1580fd553b0b62ca2b1232cdca1b2c06c75c22750967dfcc570c"
-                + "42e471350a2b7e733216b3a199051cc475b6fd92ae045823bf358936294210b81ff83ebc"
-                + "18d4cb93efbc70feb6c1b2aa8594e62abb872c956dbc0304501e0605226ba939834ec266"
-                + "66c2e5761e02348c46cce8979db9ddd303f2d8b6830ca7d7ddbf78a3302ad8db1e79e354"
-                + "596fa13ba392ff70a0cd5d9760a56c74e220c657a91117a3ff864182a27ad6092ee94d90"
-                + "80eab46c6a8e78c8f2be5e4c4343ec9fa08ae14dc56c6689b4e60f243ea8d9a895f7f387"
-                + "e3076f203a90b3ff734b4fa643fe460d9f96969659ea63e0eec63b463ff710d927134609"
-                + "a6880ac61949abea0b5dad3d8139e87be6f9ef063ceeca433f594af823d223b047705dc4"
-                + "7955a9a3187ce42ace4b629bb731687c903e2048622cdb7c6d4096473802e1e1ddcde60a"
-                + "1230302e1e205e3aca460847899f4996bb8bd2a53b95e7b3a52e6da59c2ce4ea2413cc8b"
-                + "5e3c610d115977069db9c56f0e561844cc2e5f3419df3a9cbf523f3110116ba13bb6a7a6"
-                + "99eb680fc702ab131712d9972a7580a99cca6adc30d3d5f4c61410affa821d267ccd85be"
-                + "6c1779b6f7e488ead2cbe271d2aab5d21bd9cad69c645f2ed0d6c87b27f719b1172d25fb"
-                + "e7a6b3fa87e9b35499a872ecb699b1a6f921061ce70bb71fbbcdc998efb1f85766bef0b8"
-                + "2672fc32ef73b0d9d9a5debe283c0e548b8fcc25fdc814d309c4152dcd1dc7f743f03de3"
-                + "95d580dfd2890293d3099af9a605a686fb4fca35d64c12d70af73beb36bdfbc841e85cd2"
-                + "01ee1477e23da37f82fe2050b60b63dce75af2cc0d37509d2b63069b09c39595a8d77d3f"
-                + "0f7738ea14f6f860ca84ad8ea53a0030e88efaef3866291c453e3a4ec151e4c2b7b9a720"
-                + "e4eb37d0d51d0d5515a04024009afc739930381a85e5ec88e8b193c27b54bd4e0ef12707"
-                + "5e944393ca32d253e0da7117e33c77b04d29deb5718414d22579f59ec83ed7c66c7c6959"
-                + "ee54074f0c0d6cec55b9efe59cf5918bcd7f78113ea8fd5439b7097bce922ffb7c7195d9"
-                + "89a9d0d09ec5648894c0eb3ac9e9f883361beecf9f9248d6c357b59b8f813b3ab5f882ff"
-                + "a96f1d68e107f277012ebf906ac6b30dd0b807b35f4a3f52e5f4797a42f3bc17c50dec41"
-                + "1b84a107303cc86f7aca05e844dfc356cf3f62d8299575fbff3583dd3d5b7b3c8dae1d3a"
-                + "5513ba60d1940fe054d7352e914099c1a3f98d5917777ef98582fd5bd62cfedc0ca10f79"
-                + "d126301b54c7ed2f59fa046f96c6a647b6868c2663fa6cf864e8a4abe18193ab14c5582c"
-                + "533eaa59befc5f44749f55526d9ef881b2605e6cf9f583417f527aa677bce30efe21bca5"
-                + "4a11056e51dec9973eafc9bee22ada665c152ac5a06ea981a3c71f33f6e633af2468a7ae"
-                + "2a1ffecbc501b8e462cbf36944a819bdca04bd3d7b21ef11bbff3d003298a8bf984591ce"
-                + "5af6f9d8d2b6b05daeabbb1cd215f43a1c7c1ce67c3e16e7797ce56895ed9405fc60f3a1"
-                + "e29da46db8f10831f6cacd5758e6712e3c8f9d84cc04add1fcad6d039b4aa3289d62bcc7"
-                + "d3253421b80e178b1878cc7c9db39ebc717755045850f70432e5d7628dfff4871b125bee"
-                + "5140673ba5ee5663ec2c46ba8c634f93a926aef32d15706ad18e95b9f7fdb431a07481cd"
-                + "2f3fecc88792aa2c8881fd6bc655cfc92415c5127c4c5d74cd942c4ab43cfe8afa3dfb65"
-                + "bdc4c5a015fbea401e5d8152e14095a9a54338dd4bcad18d322cbfc2be7df4d13cce9b69"
-                + "3cf859e44741f1d904591a0d39f262c5d85f2c542f8d7882d41b3ad407e13a6ffb7c3bab"
-                + "2a30141a44910b80219d1e32421ead5530f35aebe125321b510320cf86cc8e68b5473e81"
-                + "5d5624be8035651713a317699f7ecbbee107ab4eef59275defb939e02d42b740bf140591"
-                + "bcbba3c4345d440313c7df7c850119660fd9b2daa4c029736e5c1616306d5ac987f91cd1"
-                + "8cbc15d12becbd9eb445966445d2d1435043ffb287c6b01ac328e445e03ef24563915d94"
-                + "baa7372f46c1d508f2c8b3428d643d405179b88bdd29bb4f42d37dee05ac3de3e8ee29ad"
-                + "cfd70029a798c9f2f93fe818740cf75490bfc43be2373d2051f76832b428fcb52e538dd5"
-                + "2065720c6275f2f94463c37d276595be9bc5aaf7df8422c03ff964cd3056717225d8cd02"
-                + "0ac00b04edfd498ff0a1fd1cf8d67bb02af36f8b723c155df4b19d672f5faa32885a2775"
-                + "2a09779f09f3a41f20b87cb63eb2dc9266980a65d3f206bf5079815e0b2dce5ff09c1ad0"
-                + "c7d35cb8ddf75e7ef52adb0d6897773953b1d1e25b81b16b1182fdc1cc2967d626d3fe0a"
-                + "eb767f3f607cc6c0cd7adbc13cc1f4f6b291e011185b7dea770409e01d0d5a455218f1bf"
-                + "cbd1ea1b593baed37f4e07f7b9d5e779bea4e0a53d3181805c90e9402ad7e86ff5adfec1"
-                + "958b30ea390c04dcb08f86fce7280a31b8cfe9845d58378fc70842721c2f8dfe14dd7fcc"
-                + "2e980cfd62a1902259eac55859b5cb807065f709c7c9383bdea1f48a85b81fb0577bbe0c"
-                + "f7812f9918037fc8e460cf3489a39f5b5d62d2b3003ad7d3320b10c15bd575d375882c3a"
-                + "cfe716256c7eaed48400af04a47ccde1498662bae27d3e2d56bfba5fd7c48753a374d0a9"
-                + "96e7d41b020b4ab4df7b30af072d092dafb1517a299431d2c23a73c32556001eadd61cfe"
-                + "e7c0026ccd059ebe61eabeb8cafaf206ff36adc213aaf21026dec33cf2a7674d76de0f3a"
-                + "497f850fbba15be620812dd21204a49cbf25a01fa872dcf5b17ec6c2d5396fc5637eb853"
-                + "1e40501c38f40b755f036fb7b51d0b52a02fbf8b24a7a7ecf87d67cd82d2f6b620747ddf"
-                + "3ce6d51547771142c270c5ac4220b7ea68875f8891256ae7d8956e7b2f6b44e174e99b59"
-                + "10f1e963430f84c8ad2e2ee4351e81f0fa4de0ec24db10c9fc9f41a990a53817c952fc6d"
-                + "eb4d6531577244f6c9ef6439f8bcebb60fda5902e5a824f1e8486a7b889747fc31e420dd"
-                + "062e95ab332ae173721a68a887de05e5e1a53d4c2440215f1ccfe84000425cce294f5a41"
-                + "61fd4ec5be1c4b86e81325b40ccedeecd16bff28015982fafe08543ee9e3fd0b2bd80840"
-                + "95e03ce5b75cf5d56dd77f369e3fbd9a66cc1e174e5f101cf3e968ba82b386ec966ac42a"
-                + "e298062172af68e46502d7699b224d05624b19e83c7325a6cdb9c7cb74ab3da4db374902"
-                + "9ca651debeb36c5e5d046ff9bb89edb0d9807e2c7453bfb651c15f57ba9f995b83a7d9ef"
-                + "415c494f0222df56cb54c8a260161df8743f3eb218319ca9e566894065184390defbd673"
-                + "3d6ed2dd6bf330fe5a3fcdd35be1f998184e2964d3e0cc73e0eedb888148f3054843bb7b"
-                + "e79f079961261d913988b6bf5957489ccc2f41173a47866cd5db993453b67663f677778c"
-                + "fba1396332f863d4c20c3ae0e11df868dcaf088f4ba5003177c8e02dbd9188cf4dec2d1b"
-                + "caccc3d856d44d2df68ebdc5e0955913040b441a2830ae755d84bc9c0acc58a7c60e677c"
-                + "1892c430bdfe91e8c277b502b6cfe55f01bce382949ad5ab07a7c7235ac6fd2c797a273c"
-                + "5e6d8e8e88792a5026ff43872ba51927d362f5a3f07e5907848fe9836aeeb300d74efd4c"
-                + "7f49e54da688a0a8daaab3d7e6ac5123d50d9ddfa55ff067e79102024edddbb975bb1ad2"
-                + "d965aedba0de43abaf111d17d7e31ff7284bed34e5315bb5bad0a10f2d4c59dc0f32a02b"
-                + "d44d4170b7c84d5bab6792400c1a02320075529ac15aa5226ba325f91dc32088fc23ce69"
-                + "899d87ba5d40abda982612064cbed6c494b6912e2a25da7d883298ffb50d93486da5d099"
-                + "d78174ab11a0b9313ce48b584a0abecc66b7cd881dbec10b76e382922e4bddcdf6ed8d1b"
-                + "5e42985d539d48873a2ce79f825605684280018125987450666fbe707a7465023aec06ec"
-                + "aeb5bcfe6f4d8173c581627a2aa7bafab417c8c772df17942d821a3367110e5827f84440"
-                + "b708c080321f926cecc33f281d93acae7310b8de0a9c686a92ee4d06dd641ea4f3ee3e08"
-                + "12f38b80cc8c85185c71372b2cb349f5f1b03f3b7fb5f6ad44339fad30e97b076b2c243d"
-                + "22def5d3708e0f934a5b000b2229fe966af39c302babc89638933345ea65e7f050b57049"
-                + "f6957a5ecb5db3cdac641a951ceb4ad29e08ae6a9ecfe2b6476e0eda521421dbde48493b"
-                + "54684c0de25064f5c3c9a1ef33f47d6d23dd045356e018331c0c3e4c8bd9d5e259084843"
-                + "95a1d63cdbf534bd93d7cf2e0ed93105640bfdd1a8f2e7d7e125562c8a0a792084dca8e6"
-                + "239bb9e63cc4c2f2f29d477dd1210d5a715feb863c2267517ada556489ac2d9e111969c1"
-                + "79cce329feb5c5d974357af3a683e6a54c296124852d844236a063316e04754b0a80340e"
-                + "bd1550ab34227edc6e0afc96800cad73a26d1e9a29134bc914e38cf6427abaf463ae1dcf"
-                + "62ca8f60034772e6aa1c3c53e2f5b5b1659e44b3185ea908ab9d49ee524418fe603aaa51"
-                + "7f7d9e2ce586c69b00372d1e5b4d72947a6e1c1ae684a355ae1fc996c55d207156fa164e"
-                + "06f73eeaf14374d8f60cb7c956dca0a778317de3636b9f6d052dd6df969cae29d1ab1697"
-                + "2f59336444a758552fd60eb02b47e60bb2bb04d540f3e957444187e95b0e3a3be7cf8fe4"
-                + "136d3fac803d552cafcedf0c0ff505b4fc9719550d17842a702cbac71ea5e59932c11473"
-                + "f7b2e06331ebcedddc590c9699bcce9e9f092a267e6a3937522ccadad7c1e62f2c49fce3"
-                + "86a02d82f933f96c35fe91b338bfbae01f059123f410cd77f3f64d33d4c49de444f95642"
-                + "1e2fc46174f15c0335e6165f289438968612f6b0d67ca5e1ab4a01787134f97a828bdf49"
-                + "7e582eca52343b1bfa189f4c0fd96393494f768fce4c9257c78ba33af3e75a1212ec49e1"
-                + "02093bc179b16903062627c6e9a301b0750d208bcb182d13e63b932cc936ca59a2fdea97"
-                + "0e8908413480c8d5d040e11c94555e47bbcf369a2589297b993fc66b0394d67e536752b2"
-                + "2b091e8dd59d3b99e06d1d4c667fd1d2d4be5969ebcad5e4d45da5a8b7f921260569c758"
-                + "04cf1925617df102e29afc0661b0383fcdd4467a65cdcd1661d77a274f0a96b5cde9bbae"
-                + "07442279b4bc97fe7456117ff89b8b83b8833fe56d598a8a9e6bd94c371320999e16970c"
-                + "f10a9910d001aef59471280056e2644a2eaaf5e973e5281d26d1329053f40768d69fe882"
-                + "1d81c2bcccea1442fe26640c36bd7db0ea61da449ea340b22e4818097972a352390a9abd"
-                + "ecb7170653bea3d8e71375f62656155a251ea6317adf5f3b24db23fa75150770812aae91"
-                + "ad06f56316c266528c8141359ae3d077c483d06989d75bebdd3986750863627d7f2d9ec2"
-                + "2c7c6d2fe8b2e7f15a0892a7bfd8a92cc4d91247f9ce4662609f6faac17517bbae3e8491"
-                + "7783a35f14e2632866fae7603d5cedccf5ff6f3cf8013e35b1e1edbcfda3254a21006b50"
-                + "52a84580e718e4b35d27bef768945c5c8ac1ddf811c48e26ff3397ef63c08a112ae23cd6"
-                + "6779b7d12eafeb1236818d3cf92c01c8e4e2ea1e8e2c0480a7b2fe85c324c4869aa01b67"
-                + "a73204b8f0cbaadb040ed9dc55385c60d342f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "1018221950446e8726a50c6c39dc45cc0f3e07a16341212470105183f4d65533d2e40413"
-                + "796b28dda8e6cbcf11114d7f8541c788de2619b47ab45ec20becc2c8d918ff13a55de58a"
-                + "8f48f2a1a2d49b6bd8b805c41d931c7c98e8908dd84f576a5e5b35154e232940dbb83997"
-                + "f9f3288ef8351148264ba7137a854a401c16b0e4c82b42b97e19b9acf0631cf7c4f919b9"
-                + "a398f01096c577c71a12bc431f95e36482c64a34780fea0393ef639251948e105b304ace"
-                + "0bfe9534b2b330647a50841a8236a7aa6d595da82c5a3576c22c5e51f4059753724f9e24"
-                + "71c575984966533c0db248905969f40d7c0897f7bb747991b2f5d86c8d41182185c540aa"
-                + "7183201b0c03816c62c977925276c75d9d9916b9790d69a7acc0c97d2fad3c9c979bc3bf"
-                + "ce319b9b90f2b8748e1f6adc71ca50f5f4e99286e45a2842677c4cfc6749030824832ae4"
-                + "9b9e0cc60872a52c66c61976945e96d3d4b3e2caf06d9f1fc2ca85c04542536269813552"
-                + "d51fcb3036215140ec0a5776300ec5eb8fd356f7c753f37edd9f5277dcfd450d21d0b406"
-                + "13657f8f59694cc4d10929c06d6b04e56807358c2a99e25bbfc1074b476cfc609fd25630"
-                + "cc1a7adefd0bd1a70354f52bcfbbebd1d71ad82ae168a0a2761f55ca357ed4c05daa393a"
-                + "eb5401f2abea8d545bd7d7e9e0d2614f9d16ff08ab03929f1dec723355403c93422dca44"
-                + "5dda3865136368bbbbf5b20ba7025a773b01c3502c5866cd55db03cc7a7862163d02ebc9"
-                + "58253246689300a95196f44e68093f4d38ada684c17458d302499c070892e67b3bb7aad0"
-                + "1acdb0adcd4b4448a08ee5cd447466b7f0c9e62dc2ddcd7573d20c5bc32cd6e55ce43033"
-                + "71a63db5dace631894696e323997b388dede168f230ef0463e1b06f507b4e4efb5bc59f7"
-                + "bdbda6b6c125745de752714147b8bb4c7025c9e1e7c4c27bf9eb4e7a73704db66e388218"
-                + "bf1b9a64379879d93d89a72b6fe21f1984ff4061fb7c82172768911c1f5116fc627c1d8f"
-                + "e6243c3a357ddb14fe45ff224aa0bf729b5194258396dc62218c7a2fa8ed2338d4dabf3d"
-                + "f8e860953c17b268fb9e83211935f60e6c3efd12980987a884f5ba393e7f4e718bab519d"
-                + "7202d206a54585396230c58d50f31b8afa30299cd3ae381bdecbcd6d1036274127d91378"
-                + "570de56e0699e643f36f8b3ff0abc026e3034c3345ac20c3b7853e004edbffaa2b58f0ba"
-                + "ed14654ad0e68cab878b3858981d7241174aab9abf2710de264cfebfb91d6e18d84d477b"
-                + "ebdfc66ca1b1cf59dbe1b1720ad52aedf893ed1e18bf0a96645d8748f98c03839ec1a90b"
-                + "5b6e44b1d90e58328e9260ef56d5c459df6ed69c8111ed1e9f067d1380a568a26b9a2156"
-                + "6f43445edbbd8e6c135d2f8d261261549aed0cf9ccd2cefd51a75b8cd5979e7844f662e9"
-                + "f39f074f768da87c7134fb13c2cc6e117c20d5a7a158e0252fda8304eb79db219b6b8bd7"
-                + "9299607cfc225d16e7ecaaccbad45e2acc8208c650f6ac6885443b0035dab6c47c6e4470"
-                + "93cf4b6c2fa563419949064dc5e74da1e8d191d4ce5cc0ec6ee5ee1a6e793d90696d2855"
-                + "0ddf2906eef517725def5b4724bef626d49f4124df951f0f9ca9006754eb5e192a1e8761"
-                + "7d382c73a9d5d174277796a7a7b1a2db7d12b640738c761ebd6b7feccd1fb9ef933250aa"
-                + "ec3fe0328d4e25737d47c365b82c47f2874ea09d5fb9fba8e6afe33729d181faaa1dc302"
-                + "ed8b8c4cc67a27c7e4839b80ea9308b9f0f289cf57f44b0f6d36ccd45cb0ae5f06d94d1a"
-                + "0598a4e3079a43075be450771589fedebd9532dd2b87decd5448571db9b01c66226bed20"
-                + "d4bc776cef6105edfba39b37247b8cc17906032ecdcbb0007364d8a12a15bb8187533ad2"
-                + "e1f8ddd31a82e17b99844d66afbbb70ec955dbc0c26df74eb35ab2f0a3756f249ab90fdc"
-                + "b325eb903504551f34793029f2f22fe013b07c7711fa477131dc7ee229af3a075a66b3b9"
-                + "390d70456b64f933181de87bfc61b6d0a50e3729cea96d05d2f51922d193b1493c834181"
-                + "5a3b5dfd2936cbdae30a06105568a0156bd19f752c680bfd2ca3abb69619313e604bf9da"
-                + "49979dba6e84d6756ef54b63192958efb6d323a00b9e1cf4b6f5397a2967f9406b828c43"
-                + "ac982b28e3cb03721be46b0c18718b710fb2ddb29c00d9c75f292a00ae285c168aee071b"
-                + "606877e7cad1b405bd88322c0b0851f92d59ddfc506300ba3506302229d7dc19d094efe3"
-                + "59c4f608ca5aa6a71990b36cdcfc5af6afdd84dee63f810146d1172aead09a8f0ae66f06"
-                + "041b030cffe76c22fe9b91bb86d2bce3a205be0d1b0bbbac34e9b3802a0424077508b32a"
-                + "cae03f4617ac184e63b45f8399c4001d4591e858a98bdf41d45f36934173e162df807b16"
-                + "3b3ca43a650b866a6539728c01627775a9e04c0ffa5b338a525c039bb8c069cc88f20cee"
-                + "f0efedd86254fa5a7ed668da7224bbae2937a30ca3fd6295302570a46ac85b4697ff6443"
-                + "e5cf3669ae25b2e87fc1360b76d8cf31cfa478bdbc49f5ab015581d026fae8b0940e3a64"
-                + "afc9e6344fbf54101411af7119960bdda4ee7610087ec60bf3277ed4bec40cc8f0b237ea"
-                + "a267801364ad865b6d6465215bc39b2018aa06f9a3d3ad3f719afc1144376da88aa9256e"
-                + "eaaeea2f47fad24972d9042e7f3bfab53a9e6e67f6890b651c2cf2aa144225ea8a59250c"
-                + "72072035908bc40fb6cf588a6ff8795a25f6a07c7f14451641bb3c71795e4386331d412e"
-                + "995a4a322948fac3c8607f69dcea30e26a7ab40df2d0a2b108f3788b430ccf30a712e4b0"
-                + "65fd76a1185e8bb50c4b6bb3b5d49c9dd1e63781820b156b069181166d5e2c0969e81499"
-                + "08005428c67e6e31199370174d9709397b932647ed8279ee66943410e275f633a578b1a3"
-                + "22b4a38863d272e16530c8458e0db07867d2ef233b641f554266ec5b2577c3c380c075c2"
-                + "42d71a05d3ea402a783a0cbc6cbf51c6a5606177f9408f56d2b009e8e2fa81d7cfd767aa"
-                + "342f655a991cac57a1d3451508016b70a21d17144a4f5c4d5d7804e34bce09bc36723541"
-                + "24e05482ba2e625070ee4fe2c480c399b174c151a622c2279e73ea1fabf9317cdce950fd"
-                + "50dfc18d95c18fdb071ce28907f4bb37a67b19624250e2ac1f372397dfeb8e63349e3243"
-                + "134dfbdde74521a6e0d8b32f2f839f10ebdafd50de18e34242e5ba64a9c36363976292a7"
-                + "d1129c0dc4de408c2053d71fa4a02f68e2b7ce49c66f25f1b06c5f700df036615b34b7a8"
-                + "9280b388531f3d942dfc0cc6cd13db48f07195b5336fd4fbbfc09167e5e911990c763ed2"
-                + "48b2a6e029fb55fe62911ce2b25c775858cb1d77c953d306569c36a8218eef73f6245180"
-                + "172ca23e05958b038cf4ca7e58ababef4f5804ac7d4f71bba810b5a9224781c142777281"
-                + "df1330159a77f685ce17bfcace901b7a18a45413ce7250097a5b09b54b7013dd0f5d6527"
-                + "0ada384eaabcf10117b15fa2534d2068d48bf793d6e312493bb54642262b396532466e2f"
-                + "d80597efe641cdf3fcd5426e2b79e3b744d7c9b03a9296bee0492d7c7cb80ed7d45f5e7a"
-                + "bf9a05e9f68e552ae98a41a5bc726d3793d0f36238eea0c807d0009dee53d30e37830b66"
-                + "9657ee848532ed18d5df9f90e3ed668dae422b79bd60b88a3e2ea05dfab475b16218983c"
-                + "7f4a97262e6ff753f1a27c7cb36accf10d2099223624ac199fd42d2b838853b2601cd8a9"
-                + "3380982e233fd34dbdd6f169592fd29bdbc388beb736bd3e0ab85600aaf7c16775df634d"
-                + "a22fcd9cf94e175c4dcd0486119a6b98cd364eed478609a575084bce3db89cc39878f241"
-                + "70d1684f388f5fdfc4f57aa7a2d6a00a41d27ef8feb5c03a5b8e0b24e690ab6794715cec"
-                + "771cf31c07a4f27c5bb2a57ec294fbf30928424b4dc5126011ee41a5b978c89f7577d717"
-                + "cad1e7651a87e775c0439c90a5edb75914baa818efcd1d718e3af6d502fdfb7ca3786582"
-                + "480105f9acb14cfb6467f84344cf7598c0809d0e6f84565f8fe2f2ea1992adfac576f614"
-                + "86cd3408c9b855e5d6782baa895ae4c358e03af41bdca3e566894fbede74972bef286673"
-                + "913d19c79978d8d3aa7d5727cf06100b87e8d0e7f3bf921f45868bb3bb65e2a213dd8ff1"
-                + "cc731758ed8768969ce2ead4535af777e01457923ab3c503de662e8f46cf01f26396ec02"
-                + "285ca196f2d2e173e62173c418c5c6bab4ac991f56eba8aa112bd08a97b926db2bb03964"
-                + "1113cc1db9a8dcc43d3fafec37f03cfd60d0315f556d240366c5f6a5da092e7dd51b1b69"
-                + "f14a94de058d05d2b6245cc3b6455895598459a50a17cac5507a91ba3173aaf65ae8ab34"
-                + "3b2cd0cae32f775015937cf90bc8ea768d35fedd4703216e12c2088c6427b5b2e7d1fd61"
-                + "2df88a8d5b55f51c054c083c701848d4364d02ff0c906c566c995f1b244265f3e2e55a6c"
-                + "b3e6ddc35e928f11556b14cf2bce9da84d2b9913ed15a6b05775270d23f52d4ce480091f"
-                + "63d42a169fee253087e60621fc2f1af3a89834bab301ef40cc8a4d62233dab31660341f5"
-                + "8410e21463605ca59116c57cdabfc15c2ef37687b3edc6d17b1e6fb4ff9ac07234bcd5c0"
-                + "199bb9a189c5f2e52703206a4d3b4d1e3ee9a4fc30768179e64280e37b616bd0544dd67b"
-                + "98b349d859b20ac230206c03c042e16fd34a29667c3fe174bfe2c9c2e7f0fcf7b323ccad"
-                + "aa563d50f98972bf07c2f5d65841afa898c38048287f21fd27154ee4ffbc4b1068321af2"
-                + "6af8dafdfde73a18ac4f69a114b521d541b41d25a9c0fe60b32e84519582e90fb4250cd7"
-                + "fd01b9798484e91759eecbeb409844b5cf3483297af2b7e175ebdfb7989d13619df83135"
-                + "1b8169777011e83989fc319b4adcd1fc9c7cb9843934ea166d318df5aba90234c8e0e1bf"
-                + "60f9df24b9aa0387fd0cdc40c0874d72702bba1dcf74fff4f95e321ad43255afc0e43638"
-                + "cc286baf822b9beb0a379148c2960704914d75b4ee30d6a715d28fda1a1499d5c99d7790"
-                + "03792496e78fec2028de27ba83a7610f9da89fcd13fff235e3cbdad71067b0bf4bae3b45"
-                + "6971ec92e4f288ee2f42d11c23c61075f8c34a51246030867f94dea95170db78f96079f8"
-                + "57c176e5ea1386cb97368f13d6dd6caabe907e47ac1d6f128a9b8448c4fca4719fba6c1a"
-                + "3b1700cdd79c697bf8ab7ebf427087ca98a5aaf66995d994be6012a54deaead8c50a0c81"
-                + "3dab15fed0d505d484961d2d5ee66aea45edf6a1d4d43f768d1eca94ee6a84a089cf5448"
-                + "0184afe6d7030a057fe6d6d5baa64debc0da934fc6f3b76d60b7887b484b652c7364fedb"
-                + "d09a9856ee28f26d0b1d6c8120db5e28c0ea5c3018a89528ba3e9253e01c6413559fd95d"
-                + "fdfca4f5e38e764662a8ef882f620f8936c848e7070b02b871c3e0aa89def96ecddc4021"
-                + "e2432097460f5ad3dfbb6d63b6919356401a4d61972449d88c19e9de15dad6b4e5ca8064"
-                + "709b36377fee9a366f3e401ff4085c8980e345a6c0b90f3f349429e67e7aaa649470b409"
-                + "b1fba7bc85f1703e5cc875547de495cd11b99768dcf15fce0d5093d2a6809b08960c41bc"
-                + "c7e4d3ed02662edec79d6166fe957bd54f71fdf8db6fd3bbbef0b5ba37ba98d5aeebad2d"
-                + "184e95bddbdf842b84140b10c8e9acf2ecdd89766fe0387681cefbfa576edc7622e1639e"
-                + "be8f762569ba3704edc26dc704a5c01d03f128e8785470ed6516b5dcef55b82da77ee0b0"
-                + "c08dcf9edca28fa04702041960d874c994b62c8eadbb3cbd6267b9fc568ec06d4f79cdcd"
-                + "496c4df22fe3a9bc0df149f39d83c8690e7d8d0af6362778393cacf32710e43657df466a"
-                + "6a37e0032b7aec14a96ec109b68b85763f402b1d69a8f54b700515983bf3a964eb002a5a"
-                + "88050c4965cce9574ef402a05b529fa1aec5a92bfe688036df8316515f5ed7bcacd14d38"
-                + "a2484940b34996b6c0a103ca0bb041a80e19d38741c2b39db1c188a9bf47916231d43f52"
-                + "46de6340ebc8bee8d7d9e73f1f80aee0a7a7137b191fa91ba00d876470fdf38bb93125ad"
-                + "7fb033dbab4e5aba83cc55202c63639e5d2efde3a63db4789082d9cafdb283ef1c224551"
-                + "2af3a48742ad6b20a01ad330c2615aa9b4c52adc28c0edbd3f16dbb235aad854e0ba4dac"
-                + "350d6ca1797218d37a24dd4b91fa46f28eb69b943be42e08363055ab7cb36b04d5a27192"
-                + "e3da65441f820dc54a8f35b7fb38842b1af99b74347df3170cf463a77ca430790a66ea72"
-                + "62c462e85d8c3079d951b75dadf5f24c471078bdf4d50461ff8e1ebebea1539bec4f97e0"
-                + "4d579558868d95029221d5ea68546d99a41b371372090b2877a8b62d171d25bf8e38b0a9"
-                + "a089fac89496294a8542198d67836112a242f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "112d9f54baa2e5a127ae6876be1157072d10fcb5d0aa1a2c20bdfeae57588880bcbb9a4b"
-                + "bafb6dfc6d5fde84efd20165941b397a9b4252bd5300d01dd49ce04f1276812d6ba47f45"
-                + "2046b2d14a259b69f8f59d5f18f7eb94e79802a2e274ef2a5fd22654dc431ced07d39e8f"
-                + "1ceb4ff753cca6a09d14e4690ceb7ac720686e76b24d781cf20aaa868597728695742fdf"
-                + "07cf03f6f0020c1d0d3880644871f23e24a88e7525085950cc70d45e86823ae135bd3cc9"
-                + "4692b43545ce08cccf22b40c25819bfb439cf28ad38fdf202b9eb25c918ef8d8c6a23959"
-                + "4ee58e72de20701bdd3c46987ef28cef61d77d7aa38670b7aa7145bf83540afde0e4f51c"
-                + "9c8ca639c48133c9d79f656d1bc429b74e28c6ab8fc4b28a650c2dc22a801d89041e2e74"
-                + "2692dbcefff895d84ccbd6617853a15b7465cc2c9d31bf4490ffa3bc3b2264b1be3525b7"
-                + "956c95d8aaaa245ad1057c2f10eb8fc5695ea87b37536d2aba97b35246bc76f71493bc59"
-                + "38cc159cdbf6299b25b6fd451fdf2476e031ae490838f111e62b609d970a6848ab72326d"
-                + "6940628cc31cbdea1d165001fefd08a2cb6e8df476b3402ecc1def57080629ba454af2c1"
-                + "4b73aafaf26f7191966170a98f65f6c3566c381d4e236fdd4eec5d426a19f3dfced96573"
-                + "96c4dfff45ad72019764a5ca8bb3806acfe9f6261f3c6a94a8015b231541bfc19a86ddb7"
-                + "494994c22f175736cce9d2e25921aafef6f7359a10fcd2f8581a99e4ba34c803c9308d5d"
-                + "0d6a8c8b9a5c327f2a4cdeecaf64a99fb5ea9345ee02c999c3b02c4fe8954255ed1bfc58"
-                + "ead7d40af492c40318bdfef6ba6708abcd0f152b4d042280b9d7c1198540b9cbdef6e7be"
-                + "71d9022256d184c99bd6127f679553b73380b56e341917d0e14ff96d95cad886ce4b23eb"
-                + "466bcd1922c51e0b6e3c7e550755563f582e0b607a3bc7f9e2791f3bcad679139a9881aa"
-                + "43a04dc5fb7f4e18da33081f08edc320cd22f1a38c5f4d3edafc7c8458c7e04669f876ba"
-                + "41388c923506daafa8c77398d292fdf6ea020d778d92bd723ab13743f54c457456712bcd"
-                + "e27d2b2ee5e755d753224d2e8f0525d4d3d30efbbe9a3a7967be98e9f3d67564eca294c8"
-                + "a1f856045531d3362abbc2c47f50708b1170921fd1cae4778fb19ef922792ab823196c4d"
-                + "f775cc2524b91c3079b03ae97339d323f29e7f0698fe1cef3f782f9052c91d3d59db381d"
-                + "5b31d007a464fa41f18c079c8b6eb113fc1b87154e8bb3007aa2c6cf8d2843a035ca50db"
-                + "4b91b2d2c66fd458deb486e3173a0ffb787663c2f923134cf171bf91c39b0d16f17fa225"
-                + "a7a0f2c42c6c63dda7b4ef56b5fe9a2725fece75061c50143a01c8f659b55a1a229ebe88"
-                + "1a00451680f590096fc49a89a8e922863e879f87d60b8d3cf13cc43bfb571c59dd53c396"
-                + "fcdaeb71048a739d09eb5554079e0099cdd864d55bcf77ba1f471c1f5bc0b01e1f64cc09"
-                + "2691d6364bfc52806f01c7baf47c605ee7c02df24104cdf996e7bc3f56eb8ebfbedff1af"
-                + "8b0ecb9ab9b155e6a273019e568210fb55f14bebcd0c0701d66188e1da9fd1be4db5720e"
-                + "41aae0579c320c259db4c17f526f67441044f0ceb346cec70b77c522853310f9051aa3f3"
-                + "f1e5f80caa522926b1cafd9b0198433782605ceb03e106e8437b162f750904c94151d762"
-                + "58fc3a1c53bd11a9e3ac96d1509f3fa1556bc8c7470f44e24c94546692ba00adbcf28038"
-                + "43969dc5eed6e1df63cee15d4262c42107e60d5909783cffb3fdce3c1a577d24d63831b8"
-                + "87588ec6c94d62195dc8294b739ae9513d9c4d7fc80dcfe3590d1bda2d17cacab8c4d3ff"
-                + "28df24379d63b41501c93e293e2b44ce75e2afc0c5d8006dd2324b7bc39230696215d7b5"
-                + "ddf3de2d0fcad99ae0e0609575dd59c1819a606b155a86fbdabd892fa060714ec49711de"
-                + "59d75b7a5c667eab7f3a81214cfafbda33e2fe2eca7b469d37d1185c9072bfe35533b473"
-                + "dd701ed357926244f824d9fa01887de1b5cd131f7c577ab7519763fcc17a324fa8eb9490"
-                + "ea983008210e6f351f6273cfe755ba4e3ca62acee62d0e4a90844aae7a9e19c1fe67f7c5"
-                + "08b597af14be61399218fd9a743c8269ec4d33dba3316f19d54cdcc92f7f804321c93ca8"
-                + "c21595fca4a847e5aa53aeab519b28fad58b3832ca77a39295cfa4857e2cf4ed6f619b73"
-                + "aab40fe2bbd64b90e24df5e5972f5b2d5d70cb404e55b33cbb39a1586c12a6231e9e6b57"
-                + "95156362224796b622536b65efc941567f81c791b188f686d0b8105e56cc075e01593996"
-                + "2ec4a28039088474906126fb85dbb21e63ae0d8832ab8366858d9eff26b05d93d14be61c"
-                + "7ff3c58ac7765cea3104bf69af09f5e15579b2a324a6051a5c8cd82b3aa514dad139dccb"
-                + "23e189d547d15a83801a7ba5762cfba46523c80026a5d7030543e2c0db98def7d34ffc9d"
-                + "fe42f471214d46f761b9f433cd25629e423bf92cb01d5202ffa61e7a0ebd8deae02f27a3"
-                + "db30d8ae2ff4116198fe24ca12e1e8243ccbc0172e7949c2a6f40cf0f3f0bcaa71fb9f39"
-                + "7a70c44ea2289853bd60ff8ae5227369fac701c8629cdf5e97e8c0acce98738740a36093"
-                + "8d3b0ed0e583bd1c6b61669b155bbd3c4ad375c05a7b7d55d5c98be66797128f294242ac"
-                + "faada9fc8e9d8e07bd203dc89f7eb3e1e3e13c58716c09347c09fc8765de3b066aead654"
-                + "0bcc818010b19d37d13da4377f5fe2757d76215637b0e9bdb735d42b97ac586c41c3868b"
-                + "5d1226cb5f27e9c7f37e8d49df4f9a6303dd1ab3f8e24c28703430c77beb3d7041612d79"
-                + "844382c36f7c24aa183e40b3a646f6636be77f1241a4790d73898773a4e34363ee9e6d98"
-                + "6ed86c4a67695e14a68f31875208dbdf909c551e75150ec8bb46016e17a576cbeedf95fb"
-                + "8f20bed662c87e011990c66dab9bdaf412ffdc0d9bfa4a376fc75ef800ffff35da20e4bc"
-                + "97a1c43eea60ff3bdf3677f890da0284b666968e769bb94dc63a79d902db591035d449d9"
-                + "599db8bd1c82a8417a52db7cc576db8b32dcbf6537f78dd1d406ecd0baec8d2c31cc73b2"
-                + "e5dfe34b3ead72853d387e4964622578ea79d90d77875e1ee92ed681543f2edff426ca83"
-                + "d072b3d74853c6bb354f3fb304f4bb37a67b19624250e2ac1f372397dfeb8e63349e3243"
-                + "134dfbdde74521a6e0d8b32f2f839f10ebdafd50de18e34242e5ba64a9c36363976292a7"
-                + "d1129c0dc4de408c2053d71fa4a02f68e2b7ce49c66f25f1b06c5f700df036615b34b7a8"
-                + "9280b388531f3d942dfc0cc6cd13db48f07195b5336fd4fbbfc09167e5e911990c763ed2"
-                + "48b2a6e029fb55fe62911ce2b25c775858cb1d77c953d306569c36a8218eef73f6245180"
-                + "172ca23e05958b038cf4ca7e58ababef4f5804ac7d4f71bba810b5a9224781c142777281"
-                + "df1330159a77f685ce17bfcace901b7a18a45413ce7250097a5b09b54b7013dd0f5d6527"
-                + "0ada384eaabcf10117b15fa2534d2068d48bf793d6e312493bb54642262b396532466e2f"
-                + "d80597efe641cdf3fcd5426e2b79e3b744d7c9b03a9296bee0492d7c7cb80ed7d45f5e7a"
-                + "bf9a05e9f68e552ae98a41a5bc726d3793d0f36238eea0c807d0009dee53d30e37830b66"
-                + "9657ee848532ed18d5df9f90e3ed668dae422b79bd60b88a3e2ea05dfab475b16218983c"
-                + "7f4a97262e6ff753f1a27c7cb36accf10d2099223624ac199fd42d2b838853b2601cd8a9"
-                + "3380982e233fd34dbdd6f169592fd29bdbc388beb736bd3e0ab85600aaf7c16775df634d"
-                + "a22fcd9cf94e175c4dcd0486119a6b98cd364eed478609a575084bce3db89cc39878f241"
-                + "70d1684f388f5fdfc4f57aa7a2d6a00a41d27ef8feb5c03a5b8e0b24e690ab6794715cec"
-                + "771cf31c07a4f27c5bb2a57ec294fbf30928424b4dc5126011ee41a5b978c89f7577d717"
-                + "cad1e7651a87e775c0439c90a5edb75914baa818efcd1d718e3af6d502fdfb7ca3786582"
-                + "480105f9acb14cfb6467f84344cf7598c0809d0e6f84565f8fe2f2ea1992adfac576f614"
-                + "86cd3408c9b855e5d6782baa895ae4c358e03af41bdca3e566894fbede74972bef286673"
-                + "913d19c79978d8d3aa7d5727cf06100b87e8d0e7f3bf921f45868bb3bb65e2a213dd8ff1"
-                + "cc731758ed8768969ce2ead4535af777e01457923ab3c503de662e8f46cf01f26396ec02"
-                + "285ca196f2d2e173e62173c418c5c6bab4ac991f56eba8aa112bd08a97b926db2bb03964"
-                + "1113cc1db9a8dcc43d3fafec37f03cfd60d0315f556d240366c5f6a5da092e7dd51b1b69"
-                + "f14a94de058d05d2b6245cc3b6455895598459a50a17cac5507a91ba3173aaf65ae8ab34"
-                + "3b2cd0cae32f775015937cf90bc8ea768d35fedd4703216e12c2088c6427b5b2e7d1fd61"
-                + "2df88a8d5b55f51c054c083c701848d4364d02ff0c906c566c995f1b244265f3e2e55a6c"
-                + "b3e6ddc35e928f11556b14cf2bce9da84d2b9913ed15a6b05775270d23f52d4ce480091f"
-                + "63d42a169fee253087e60621fc2f1af3a89834bab301ef40cc8a4d62233dab31660341f5"
-                + "8410e21463605ca59116c57cdabfc15c2ef37687b3edc6d17b1e6fb4ff9ac07234bcd5c0"
-                + "199bb9a189c5f2e52703206a4d3b4d1e3ee9a4fc30768179e64280e37b616bd0544dd67b"
-                + "98b349d859b20ac230206c03c042e16fd34a29667c3fe174bfe2c9c2e7f0fcf7b323ccad"
-                + "aa563d50f98972bf07c2f5d65841afa898c38048287f21fd27154ee4ffbc4b1068321af2"
-                + "6af8dafdfde73a18ac4f69a114b521d541b41d25a9c0fe60b32e84519582e90fb4250cd7"
-                + "fd01b9798484e91759eecbeb409844b5cf3483297af2b7e175ebdfb7989d13619df83135"
-                + "1b8169777011e83989fc319b4adcd1fc9c7cb9843934ea166d318df5aba90234c8e0e1bf"
-                + "60f9df24b9aa0387fd0cdc40c0874d72702bba1dcf74fff4f95e321ad43255afc0e43638"
-                + "cc286baf822b9beb0a379148c2960704914d75b4ee30d6a715d28fda1a1499d5c99d7790"
-                + "03792496e78fec2028de27ba83a7610f9da89fcd13fff235e3cbdad71067b0bf4bae3b45"
-                + "6971ec92e4f288ee2f42d11c23c61075f8c34a51246030867f94dea95170db78f96079f8"
-                + "57c176e5ea1386cb97368f13d6dd6caabe907e47ac1d6f128a9b8448c4fca4719fba6c1a"
-                + "3b1700cdd79c697bf8ab7ebf427087ca98a5aaf66995d994be6012a54deaead8c50a0c81"
-                + "3dab15fed0d505d484961d2d5ee66aea45edf6a1d4d43f768d1eca94ee6a84a089cf5448"
-                + "0184afe6d7030a057fe6d6d5baa64debc0da934fc6f3b76d60b7887b484b652c7364fedb"
-                + "d09a9856ee28f26d0b1d6c8120db5e28c0ea5c3018a89528ba3e9253e01c6413559fd95d"
-                + "fdfca4f5e38e764662a8ef882f620f8936c848e7070b02b871c3e0aa89def96ecddc4021"
-                + "e2432097460f5ad3dfbb6d63b6919356401a4d61972449d88c19e9de15dad6b4e5ca8064"
-                + "709b36377fee9a366f3e401ff4085c8980e345a6c0b90f3f349429e67e7aaa649470b409"
-                + "b1fba7bc85f1703e5cc875547de495cd11b99768dcf15fce0d5093d2a6809b08960c41bc"
-                + "c7e4d3ed02662edec79d6166fe957bd54f71fdf8db6fd3bbbef0b5ba37ba98d5aeebad2d"
-                + "184e95bddbdf842b84140b10c8e9acf2ecdd89766fe0387681cefbfa576edc7622e1639e"
-                + "be8f762569ba3704edc26dc704a5c01d03f128e8785470ed6516b5dcef55b82da77ee0b0"
-                + "c08dcf9edca28fa04702041960d874c994b62c8eadbb3cbd6267b9fc568ec06d4f79cdcd"
-                + "496c4df22fe3a9bc0df149f39d83c8690e7d8d0af6362778393cacf32710e43657df466a"
-                + "6a37e0032b7aec14a96ec109b68b85763f402b1d69a8f54b700515983bf3a964eb002a5a"
-                + "88050c4965cce9574ef402a05b529fa1aec5a92bfe688036df8316515f5ed7bcacd14d38"
-                + "a2484940b34996b6c0a103ca0bb041a80e19d38741c2b39db1c188a9bf47916231d43f52"
-                + "46de6340ebc8bee8d7d9e73f1f80aee0a7a7137b191fa91ba00d876470fdf38bb93125ad"
-                + "7fb033dbab4e5aba83cc55202c63639e5d2efde3a63db4789082d9cafdb283ef1c224551"
-                + "2af3a48742ad6b20a01ad330c2615aa9b4c52adc28c0edbd3f16dbb235aad854e0ba4dac"
-                + "350d6ca1797218d37a24dd4b91fa46f28eb69b943be42e08363055ab7cb36b04d5a27192"
-                + "e3da65441f820dc54a8f35b7fb38842b1af99b74347df3170cf463a77ca430790a66ea72"
-                + "62c462e85d8c3079d951b75dadf5f24c471078bdf4d50461ff8e1ebebea1539bec4f97e0"
-                + "4d579558868d95029221d5ea68546d99a41b371372090b2877a8b62d171d25bf8e38b0a9"
-                + "a089fac89496294a8542198d67836112a242f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "127e83bd4dea423df79468b9cfbe24893609795d3a712defbe1b6b32a04e273ebff19024"
-                + "25f4d2dc78be2d07af1176320f68b294eea6668d92b31525d501fec8b198a9409d7bc845"
-                + "6b64d5af87e334a03bdc02b5b42db43358554ac50b0c7ee306b0e0b4e7e6a040e314e858"
-                + "11a24f06db8cb36f87108835d7c15e3293d08f943dc720de04dfa6b0fd101939f0383eee"
-                + "dc21aae2a836a86ec029d6fb8b777dc38b371b88d314a2e528f5c93b37d28e531143c81c"
-                + "6fe92dc5a9837ace6b73d4b7a6991374e12133df267333739b2aed412311565f668a6538"
-                + "3bfc0a3bed6202cc305e59fa7f327406cae3b53be57ab26a8cf2c5103d5e62e3293c2ae4"
-                + "2e071155444300eb35dc575d8aea948730e49a4fb3f2239a6521e3d284367524b4cf9233"
-                + "785aded231643046a5592032debf93012eb81e6322211fef8a878f322c065f87ff26b62e"
-                + "2481f8d80f6580fae5de14dbc17e4bdc782b0fc39617d55098873a83f5d21a53d701e66a"
-                + "b4f4a94cdf13244788c7d158d71d6675cd427d6390f07c117987e46ce5b5b4203a5c7ed6"
-                + "c6397c01fecb40fd4184d704cb02b6d720eb54c660ae3fbfbaa6d5ad4475cfcf144d933e"
-                + "55cf85bdc128c6cab20128467cee7080e600bb960ab459c5c9a4bbece85fba5689b4db7d"
-                + "4484e46984ef468ff6d1630af6074896bf490590ed0934373da2db32a63a0d57a0023b06"
-                + "49d0ec8c51797abef288fbdc35dc2a29bea0712258cbb23071e6c0df34a1d0c9abfb00f5"
-                + "3272e770ed4354e0b799532598dfdcfc798f1136ac53c43d1d93185b43c637f7e1cc5571"
-                + "f82d5c4d6c0e77c4382ffdab05e62d4b1eefed6e66bb55c7fbd8914b22ef7c9f97c4672e"
-                + "10a6394770ca4121a41e5ec9f557f9399a3451a3fb106450079e269ed804bbf9ec46f403"
-                + "8ff60eb8fe5538f7e54ec354527e095ba9b8b00b786e3737f335c222281de7f57482ce89"
-                + "f5ac443ed0ab3f109ef444610230b7945ac0c310f14032832ec4beba6d7eae42994b0dd0"
-                + "a5960315379416b93b46560993229c0687d9517c39954f6e4fcf059e971fec6eb386ce4e"
-                + "093ddb512106eaaa3eaee5f2aa0b47ac1d574e06b52c0fdbbaed9bf68e10cbb80998e3f6"
-                + "568fe688feefe1b69f0b7866fcc9276a054e2b907a58445e75ac6197a1e5ea145d0c241e"
-                + "d8c49b444d6121cbb34b6edda5b13d788bc5c5be8776f536dcedf969c44b07c217e6b317"
-                + "8dfd94562766fe1accbfda15c2a839c12f2118e4bbf20581e6ef3503c36f9d782087a5f2"
-                + "bd6f02117c95371ecca6f5ce5ef8b448ae93e22ebbaba20eb8f589d95dc6be819b9f5bc3"
-                + "4928ff447021912d6960acc16865a0758b60234dec2ae38f81b301ced861350ab2bcbdf8"
-                + "7f235fb67d184bc4223ca514fcd7415526ad4851c1718441cbdd68920c3491e18c686a04"
-                + "63b8d872bff97ed3f4b58a03bbd18588a6effed47f6553ad76c966af3dca17754594ddd2"
-                + "9c7b0c3cbbfe322383dc226b328957a3c44a91f4d8a6ee38b96409101d4e400f90b6f9a6"
-                + "2b1e3ff0a09f3cda9d65a02c0a099ad9166029ccf5c458af0d1395246905a4ab926358a2"
-                + "3dc981c1cc84639e28e48a88823915812860fb4db342c520e4d1fd44dddbd0e4d5af623f"
-                + "e51b3cf81ac9f79e052533aaa468cc2886e6e4dc0b24add5b578dc2d103814db57fd0a16"
-                + "5becf8d63628d13d497fbe907e2ad9ec1b44efe4c01183e4770c7f9e68ae5409c75269e4"
-                + "883bc6bedca454d07d7d6b380cab14f8fb670765b62c40e7dcd5ac1b6d9fa6bae26cd04a"
-                + "46f63b77b8edd28c2351455938464fec10f1224c4d575fd2752d7df433e99b9d21d727a9"
-                + "e9c38d8d25e5ff18d73cc01604701489e9ceeb64eabf9585d80270cd46007bc33dbfbdab"
-                + "cb6bb90cc97338e83b39c24b2b7365770cf4a8bd81d142eceb2847fcb9431ac1440b4603"
-                + "2232a4d0837ea2dca57a860736ae2d9c18479c542c1aee8e28cb5884c651774539529bd9"
-                + "c930d8e6313cd45eaf7846488e17568b244d35eec1c1c1f5e82b3734051fad22fa92fc1d"
-                + "b58b27963fec1ca9ff923a39778aeb90bd6fac28191d23ff2b7c3f1e3548e1f2e7c9e837"
-                + "f1b7c9869853aa2c553f60a28a314891dec0c29fa2c165bcf9aad261374efe3742e1c8a4"
-                + "6152fe3b0b6f0055f78f3f630c51c1831664d3235431bee09a640819c66d66276ba5179f"
-                + "e8e42d3a3104ef97aadce12ae48a4279a4687d99f01b27c4956b85ed48ca0b4a243dce98"
-                + "a5c4d5e64284cd2b1c2de43ea906ad21193a0b4011df559c9768cb5f8ad5db4972bffbdf"
-                + "d4188146ecd95ea0445311bf116159bcf5885e1baa382a610a71c1083d6d4cce0a2447c6"
-                + "9235cc25f2ab096442a6d7122456f0c933ab1ccbda77c3b6197dbddcd539987e51041fb3"
-                + "a1ec150bd8f84e821caed229a07f493b6a4506e7903f768d8d6f98f723f3183944bdf52b"
-                + "843ca4393ad586bac30f9b8438649dca25998ac65d56a13fabc86b8f64d7f905520a6618"
-                + "d3ff74c34554f4f767fa6d339cbc79a70e8770646db529cfb1b283f348f859ca66349e45"
-                + "506d5a5088eff622db0aece9da781c8df6c0a6ac85fc24035dee94e5a1ec758ea15a0688"
-                + "079213a40065221d55cc188d34fdc75c93d0883f88aed51daf4a9b3fe2f0729bf43ec5ba"
-                + "590067855814c043eec60fc2839e5b730d52514e0c69d21f69a682f2c32461ee1c9e4e82"
-                + "d63ca620f81f7da3151cedba158f0ac33634ef46bd3573940c485749729eb7db1409aec0"
-                + "1f09d6cc9ee7714f95c787d28c06ed0b4cb1b209a99a584f1ced187343c7155ea0b4722e"
-                + "4484ffede6013b35a6556df7d300356322244e8ffdfee70f362f3cdebeb2aed1bb066c33"
-                + "7ace478158f12344f1210388c47a576f5f1cf1322874944828c8d7d6329d099387e447ab"
-                + "0e3c8b86bfdbcd752bbb0a9996aa63cadcfba05aa6028dd49ffbd2fee1cd8e105ba82871"
-                + "5a51f34cdd3ea3ea3904097bf6a71b4a35cfd158bd9879bfc2dc390d6e5d494713b14044"
-                + "1eb27dd4f34bc34ee87efcc511777a465cef2461227de3f96d24452316c1490f37898dcf"
-                + "e204791af7c1854dff85b2cf7a147eef4437d1b74a1e32b7ffd97755b8b8bb77ff8e2213"
-                + "61df97e56677f0950aec8aa57fad5276bed7a48cd04e194eb54e2cb2ec31d426aef2280b"
-                + "f411e823ca0e4a693dd8b32f2f839f10ebdafd50de18e34242e5ba64a9c36363976292a7"
-                + "d1129c0dc4de408c2053d71fa4a02f68e2b7ce49c66f25f1b06c5f700df036615b34b7a8"
-                + "9280b388531f3d942dfc0cc6cd13db48f07195b5336fd4fbbfc09167e5e911990c763ed2"
-                + "48b2a6e029fb55fe62911ce2b25c775858cb1d77c953d306569c36a8218eef73f6245180"
-                + "172ca23e05958b038cf4ca7e58ababef4f5804ac7d4f71bba810b5a9224781c142777281"
-                + "df1330159a77f685ce17bfcace901b7a18a45413ce7250097a5b09b54b7013dd0f5d6527"
-                + "0ada384eaabcf10117b15fa2534d2068d48bf793d6e312493bb54642262b396532466e2f"
-                + "d80597efe641cdf3fcd5426e2b79e3b744d7c9b03a9296bee0492d7c7cb80ed7d45f5e7a"
-                + "bf9a05e9f68e552ae98a41a5bc726d3793d0f36238eea0c807d0009dee53d30e37830b66"
-                + "9657ee848532ed18d5df9f90e3ed668dae422b79bd60b88a3e2ea05dfab475b16218983c"
-                + "7f4a97262e6ff753f1a27c7cb36accf10d2099223624ac199fd42d2b838853b2601cd8a9"
-                + "3380982e233fd34dbdd6f169592fd29bdbc388beb736bd3e0ab85600aaf7c16775df634d"
-                + "a22fcd9cf94e175c4dcd0486119a6b98cd364eed478609a575084bce3db89cc39878f241"
-                + "70d1684f388f5fdfc4f57aa7a2d6a00a41d27ef8feb5c03a5b8e0b24e690ab6794715cec"
-                + "771cf31c07a4f27c5bb2a57ec294fbf30928424b4dc5126011ee41a5b978c89f7577d717"
-                + "cad1e7651a87e775c0439c90a5edb75914baa818efcd1d718e3af6d502fdfb7ca3786582"
-                + "480105f9acb14cfb6467f84344cf7598c0809d0e6f84565f8fe2f2ea1992adfac576f614"
-                + "86cd3408c9b855e5d6782baa895ae4c358e03af41bdca3e566894fbede74972bef286673"
-                + "913d19c79978d8d3aa7d5727cf06100b87e8d0e7f3bf921f45868bb3bb65e2a213dd8ff1"
-                + "cc731758ed8768969ce2ead4535af777e01457923ab3c503de662e8f46cf01f26396ec02"
-                + "285ca196f2d2e173e62173c418c5c6bab4ac991f56eba8aa112bd08a97b926db2bb03964"
-                + "1113cc1db9a8dcc43d3fafec37f03cfd60d0315f556d240366c5f6a5da092e7dd51b1b69"
-                + "f14a94de058d05d2b6245cc3b6455895598459a50a17cac5507a91ba3173aaf65ae8ab34"
-                + "3b2cd0cae32f775015937cf90bc8ea768d35fedd4703216e12c2088c6427b5b2e7d1fd61"
-                + "2df88a8d5b55f51c054c083c701848d4364d02ff0c906c566c995f1b244265f3e2e55a6c"
-                + "b3e6ddc35e928f11556b14cf2bce9da84d2b9913ed15a6b05775270d23f52d4ce480091f"
-                + "63d42a169fee253087e60621fc2f1af3a89834bab301ef40cc8a4d62233dab31660341f5"
-                + "8410e21463605ca59116c57cdabfc15c2ef37687b3edc6d17b1e6fb4ff9ac07234bcd5c0"
-                + "199bb9a189c5f2e52703206a4d3b4d1e3ee9a4fc30768179e64280e37b616bd0544dd67b"
-                + "98b349d859b20ac230206c03c042e16fd34a29667c3fe174bfe2c9c2e7f0fcf7b323ccad"
-                + "aa563d50f98972bf07c2f5d65841afa898c38048287f21fd27154ee4ffbc4b1068321af2"
-                + "6af8dafdfde73a18ac4f69a114b521d541b41d25a9c0fe60b32e84519582e90fb4250cd7"
-                + "fd01b9798484e91759eecbeb409844b5cf3483297af2b7e175ebdfb7989d13619df83135"
-                + "1b8169777011e83989fc319b4adcd1fc9c7cb9843934ea166d318df5aba90234c8e0e1bf"
-                + "60f9df24b9aa0387fd0cdc40c0874d72702bba1dcf74fff4f95e321ad43255afc0e43638"
-                + "cc286baf822b9beb0a379148c2960704914d75b4ee30d6a715d28fda1a1499d5c99d7790"
-                + "03792496e78fec2028de27ba83a7610f9da89fcd13fff235e3cbdad71067b0bf4bae3b45"
-                + "6971ec92e4f288ee2f42d11c23c61075f8c34a51246030867f94dea95170db78f96079f8"
-                + "57c176e5ea1386cb97368f13d6dd6caabe907e47ac1d6f128a9b8448c4fca4719fba6c1a"
-                + "3b1700cdd79c697bf8ab7ebf427087ca98a5aaf66995d994be6012a54deaead8c50a0c81"
-                + "3dab15fed0d505d484961d2d5ee66aea45edf6a1d4d43f768d1eca94ee6a84a089cf5448"
-                + "0184afe6d7030a057fe6d6d5baa64debc0da934fc6f3b76d60b7887b484b652c7364fedb"
-                + "d09a9856ee28f26d0b1d6c8120db5e28c0ea5c3018a89528ba3e9253e01c6413559fd95d"
-                + "fdfca4f5e38e764662a8ef882f620f8936c848e7070b02b871c3e0aa89def96ecddc4021"
-                + "e2432097460f5ad3dfbb6d63b6919356401a4d61972449d88c19e9de15dad6b4e5ca8064"
-                + "709b36377fee9a366f3e401ff4085c8980e345a6c0b90f3f349429e67e7aaa649470b409"
-                + "b1fba7bc85f1703e5cc875547de495cd11b99768dcf15fce0d5093d2a6809b08960c41bc"
-                + "c7e4d3ed02662edec79d6166fe957bd54f71fdf8db6fd3bbbef0b5ba37ba98d5aeebad2d"
-                + "184e95bddbdf842b84140b10c8e9acf2ecdd89766fe0387681cefbfa576edc7622e1639e"
-                + "be8f762569ba3704edc26dc704a5c01d03f128e8785470ed6516b5dcef55b82da77ee0b0"
-                + "c08dcf9edca28fa04702041960d874c994b62c8eadbb3cbd6267b9fc568ec06d4f79cdcd"
-                + "496c4df22fe3a9bc0df149f39d83c8690e7d8d0af6362778393cacf32710e43657df466a"
-                + "6a37e0032b7aec14a96ec109b68b85763f402b1d69a8f54b700515983bf3a964eb002a5a"
-                + "88050c4965cce9574ef402a05b529fa1aec5a92bfe688036df8316515f5ed7bcacd14d38"
-                + "a2484940b34996b6c0a103ca0bb041a80e19d38741c2b39db1c188a9bf47916231d43f52"
-                + "46de6340ebc8bee8d7d9e73f1f80aee0a7a7137b191fa91ba00d876470fdf38bb93125ad"
-                + "7fb033dbab4e5aba83cc55202c63639e5d2efde3a63db4789082d9cafdb283ef1c224551"
-                + "2af3a48742ad6b20a01ad330c2615aa9b4c52adc28c0edbd3f16dbb235aad854e0ba4dac"
-                + "350d6ca1797218d37a24dd4b91fa46f28eb69b943be42e08363055ab7cb36b04d5a27192"
-                + "e3da65441f820dc54a8f35b7fb38842b1af99b74347df3170cf463a77ca430790a66ea72"
-                + "62c462e85d8c3079d951b75dadf5f24c471078bdf4d50461ff8e1ebebea1539bec4f97e0"
-                + "4d579558868d95029221d5ea68546d99a41b371372090b2877a8b62d171d25bf8e38b0a9"
-                + "a089fac89496294a8542198d67836112a242f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "13e6a6cba48b9f747b6d47bdf7be588c5f82fcb13612f16838d88d7be681ad14ebc78848"
-                + "c9e053887ed436a6470bb99f7f34357811e280409fef6c81ecf07c47772bd52d7ef3333a"
-                + "be7844455951d380c0aa440a11a7fc7208219c1022032fb6aa38d6dc06a5a93c03af45fc"
-                + "74ad049336ae77e28492605b6d429d44dfe4099cd935d16bfd7b1aeb0d4bd06ae0e58149"
-                + "7a600805c6c56e214e01b18e023ece14cc72e1c497311d633faaa52c37160871d008c282"
-                + "ebbbe397ac6ceed1269cb19299317c59521b0676e9afd6c30b893393f38e3eb078937f0e"
-                + "4a5d27f8e2d3770d30e4340d0ffebf72c34275a71ea2d9c4f7a9cc88df9c290625a62e47"
-                + "db8f8b64daaddcbeaeefcc3d6c859023b80fb20bfc145dbfb7a1fd179e5e33a54b8a94f6"
-                + "86f693523a9897e4fb92cbaf3f84a97f4386f105d78ee6101114557c5033695837c9e9e8"
-                + "e72ebd79f52606b83ebf961134c8fa1c743c23ca98c4daa349df008fe3e01b6c49b408dd"
-                + "7e666108a75082e105d9b6a63f1719d2e209ff4ce6e0599b00c8a6a10f2a49e42f6db064"
-                + "e37d08a240592aa3caa535e71f5267fed1b8067281de2dcffdb5c99f16946ac23369d993"
-                + "39e95332843a4beac243e12f5fa7f7d77d8ef8bf9937178da72bfd616da632505f4ab6bf"
-                + "a2d4af7ccf9e54e5e2dd83992c2f68c470a5248d219db5dc1d27a3adacb2926d03e68416"
-                + "3c7f36d5aca0e6c264e7861d870c2dcc0c9c17d344471837430e337e3267ebd4117703d6"
-                + "72e9a7172317387cac46b241dea72dd19a2ba88fd6f296074e9eacbdb3fdb7505ca194cf"
-                + "02416a1824c51ccd5b71aae79513880fa35037cce0015b188752130ba1bb4d92dab1394c"
-                + "b79850e837b30c41fbdd9ec6d8bc4c4adf136b4800eda945eac0d43b60bfb29c802779b7"
-                + "4d3234809b720d3bdb2acf4f5512b1bb3a2a7b6d858440dee143b8f4ba71972ba2816e6e"
-                + "2480318ec9e7b973be3c4c0e5b9a30e083c58a50697dfb3cbde13074f571d01656cf11b4"
-                + "67624f7b1740f8bb114dd44d16ef9d7831af3e9746a1e7706eab43c56614028c44fb0299"
-                + "f558a4c3a5434f8268b1fba1722153b56f5de6d7dfcb456627e6afb1f63720af52d5989e"
-                + "7a88949b9f169831a5e6017931cc201a26bb00babe22c8b3542e9b99f4c2b6d48cf0426a"
-                + "097c4a330c989aa386a6177b17e53c57d0a89694ccc58e2ca6d54cd35eabb478e5f09d07"
-                + "7ee482bb7e01eb28d7bdcc824590fe09f255936c404bec936307771078f06e85ebb5152a"
-                + "cf43f221daa12632b74624ee7bb49f276c807755c7d735bdd3235a5060548edca8b30de8"
-                + "53ac790562c18729a42ce7cadf6349beb2c544a2e65963d7ff135d37f7ae7c21f3952762"
-                + "a458c5005a4be652a51fb9b0a70a61855260785f7cfd6d66ea17aed9d0eb10f296e1f6cd"
-                + "637b3d0a27cce2d68b2d7d194d28501d7ee1aeb0bbf68d028f1b4fc9d15e1a51916294ff"
-                + "658960678128e1922233ba8f53edd120184ad0a84b8c594c5f832ae8ec9dd9f0e543a674"
-                + "791e6bcbd9b7587d70a0343f00fc0d68cc36ec951c965f7f37ea126148de1becce4b301d"
-                + "d8e1e25b9ce2801786eddd06431ebc0f031e5bb2805592c1d67ccab71ab2a7a804d98c8a"
-                + "84f4bf77742256ea78fa7827fabd6c90b58b9637267a16c67f736cb31ed657c60bf2a598"
-                + "4236ccc04005a3da98fb19e3299a7cd5c17fb64fcabd25f6ccc6ebc2fe51c2ce102c368d"
-                + "f9f24601070bccb5d7c72a33c4459635e8f94ea9d9880951ba8315e4a9ab6357388b8ea5"
-                + "21e0966863c9867ff343c1d6700c06f7ba7a2b60b47f19d18dd045473cc5fa30a8e2c1b2"
-                + "4df20b780a5e7c9bf8fa93ff2bc92dc35c36fa52810b96223c1c766bff08f5072c519e8f"
-                + "47d4125e98347ec5b32bc6dca864949b5f6da8df69d469e9b54aca9c033b0461a7bcdc7e"
-                + "22513db7f62f0743c813dfc0b5b314f65f693cc43faab4a2ffe3b3dcf110025dc28d93aa"
-                + "bb827fbe9271d4b4018cafc61c375654db368d06c74078ffe4b91604961f8b616165af6e"
-                + "4a8db517cee0fb6c1d0b9e158570cd82a88dd1774a9985e8839f4cd310e9fa7205662847"
-                + "cd7cb0990794ce6ef4bded0440a82562716bb0f0d3a35b3e33399f2bd790d22917cf7de5"
-                + "d10e829bb648c1bdcd8bd08d484221e8b70ef450f9bb15c711e32800539e95ed9418e2ec"
-                + "bea61e9296dc40dd373c21a5d589f706eed240416dc9c0f3a9775f004f53b741ce420826"
-                + "5ad09618ebe9cbbf1ff62b09d5bfe546d86a4e51159e5fc2a3f66e8c765ee84c8d8a1758"
-                + "89e438c0e7a8f18ceaa2eb53d65136eb83f5cd6bd0ba68bbeacaeb5f624f4e477b9aa5c5"
-                + "0e95dbf2b7a2fea25928228afce1df649720781d2ce81e504bda3a15008f139e96232135"
-                + "116488058175a9395ca594004b9f6417c7bf0b051e9550aa7b51e97ee078330cba85fffc"
-                + "f68d66b8caa8e591e8836d16afecad56205fc3c97eb9f99843507d1201ce2f33863006d7"
-                + "4de14e428556f507cc7630d30791e520c8e80a8f0d56ca9222b2ea5cadcb3f94216b4e25"
-                + "4475cccfa1d01e7a44c87ed2760798d7b1de7c54246bd9d708b4f2f7be13115f50a4f90f"
-                + "f917149633055edc3084b38cf4eb3418ee8bdc6e2106915d056904cba9ac144d1086574a"
-                + "f015515a5e53696683349633e9090ba0fb2c7bfd83cd4e3cf63d4adeae46ba870c3b414d"
-                + "4730f7def55aa56769046686f20e977ba385750a0a7fd2be4d4915eb6458848deb0b6c54"
-                + "f59d95ba69bdc4dbfc9099ad723add5a79753f9ae1fe9f7e4c884fcd06c56bba9dfd6a6e"
-                + "af7df8fa9b7214dc6d5108c7c5301b38557520a86c514906d839525624ac569543d4a19b"
-                + "0ff6012d5ed5be35139e3b3f6324396bf81d1ff382bc352d91727a843e3730ea0c4b2da4"
-                + "1e0b71cf5e6c074fc00103a1521953fa52a3bfe7db0c3f5287a4a89a76c93b429687dc54"
-                + "eb8bb1be1799caf2a6a837fea49011c052ad502112060810f827d9fec19f71a951404930"
-                + "2ee79551c2de36850e5739eba676bc906d0a4939e451ce274906cb848e68558566180f3e"
-                + "4237f3a3332d8080e4f7e570b5ff72481d0cc87792ec9feedf1f241427b60015f4cbdf89"
-                + "5d9577c3e6be45c5a72f25d342ad5276bed7a48cd04e194eb54e2cb2ec31d426aef2280b"
-                + "f411e823ca0e4a693dd8b32f2f839f10ebdafd50de18e34242e5ba64a9c36363976292a7"
-                + "d1129c0dc4de408c2053d71fa4a02f68e2b7ce49c66f25f1b06c5f700df036615b34b7a8"
-                + "9280b388531f3d942dfc0cc6cd13db48f07195b5336fd4fbbfc09167e5e911990c763ed2"
-                + "48b2a6e029fb55fe62911ce2b25c775858cb1d77c953d306569c36a8218eef73f6245180"
-                + "172ca23e05958b038cf4ca7e58ababef4f5804ac7d4f71bba810b5a9224781c142777281"
-                + "df1330159a77f685ce17bfcace901b7a18a45413ce7250097a5b09b54b7013dd0f5d6527"
-                + "0ada384eaabcf10117b15fa2534d2068d48bf793d6e312493bb54642262b396532466e2f"
-                + "d80597efe641cdf3fcd5426e2b79e3b744d7c9b03a9296bee0492d7c7cb80ed7d45f5e7a"
-                + "bf9a05e9f68e552ae98a41a5bc726d3793d0f36238eea0c807d0009dee53d30e37830b66"
-                + "9657ee848532ed18d5df9f90e3ed668dae422b79bd60b88a3e2ea05dfab475b16218983c"
-                + "7f4a97262e6ff753f1a27c7cb36accf10d2099223624ac199fd42d2b838853b2601cd8a9"
-                + "3380982e233fd34dbdd6f169592fd29bdbc388beb736bd3e0ab85600aaf7c16775df634d"
-                + "a22fcd9cf94e175c4dcd0486119a6b98cd364eed478609a575084bce3db89cc39878f241"
-                + "70d1684f388f5fdfc4f57aa7a2d6a00a41d27ef8feb5c03a5b8e0b24e690ab6794715cec"
-                + "771cf31c07a4f27c5bb2a57ec294fbf30928424b4dc5126011ee41a5b978c89f7577d717"
-                + "cad1e7651a87e775c0439c90a5edb75914baa818efcd1d718e3af6d502fdfb7ca3786582"
-                + "480105f9acb14cfb6467f84344cf7598c0809d0e6f84565f8fe2f2ea1992adfac576f614"
-                + "86cd3408c9b855e5d6782baa895ae4c358e03af41bdca3e566894fbede74972bef286673"
-                + "913d19c79978d8d3aa7d5727cf06100b87e8d0e7f3bf921f45868bb3bb65e2a213dd8ff1"
-                + "cc731758ed8768969ce2ead4535af777e01457923ab3c503de662e8f46cf01f26396ec02"
-                + "285ca196f2d2e173e62173c418c5c6bab4ac991f56eba8aa112bd08a97b926db2bb03964"
-                + "1113cc1db9a8dcc43d3fafec37f03cfd60d0315f556d240366c5f6a5da092e7dd51b1b69"
-                + "f14a94de058d05d2b6245cc3b6455895598459a50a17cac5507a91ba3173aaf65ae8ab34"
-                + "3b2cd0cae32f775015937cf90bc8ea768d35fedd4703216e12c2088c6427b5b2e7d1fd61"
-                + "2df88a8d5b55f51c054c083c701848d4364d02ff0c906c566c995f1b244265f3e2e55a6c"
-                + "b3e6ddc35e928f11556b14cf2bce9da84d2b9913ed15a6b05775270d23f52d4ce480091f"
-                + "63d42a169fee253087e60621fc2f1af3a89834bab301ef40cc8a4d62233dab31660341f5"
-                + "8410e21463605ca59116c57cdabfc15c2ef37687b3edc6d17b1e6fb4ff9ac07234bcd5c0"
-                + "199bb9a189c5f2e52703206a4d3b4d1e3ee9a4fc30768179e64280e37b616bd0544dd67b"
-                + "98b349d859b20ac230206c03c042e16fd34a29667c3fe174bfe2c9c2e7f0fcf7b323ccad"
-                + "aa563d50f98972bf07c2f5d65841afa898c38048287f21fd27154ee4ffbc4b1068321af2"
-                + "6af8dafdfde73a18ac4f69a114b521d541b41d25a9c0fe60b32e84519582e90fb4250cd7"
-                + "fd01b9798484e91759eecbeb409844b5cf3483297af2b7e175ebdfb7989d13619df83135"
-                + "1b8169777011e83989fc319b4adcd1fc9c7cb9843934ea166d318df5aba90234c8e0e1bf"
-                + "60f9df24b9aa0387fd0cdc40c0874d72702bba1dcf74fff4f95e321ad43255afc0e43638"
-                + "cc286baf822b9beb0a379148c2960704914d75b4ee30d6a715d28fda1a1499d5c99d7790"
-                + "03792496e78fec2028de27ba83a7610f9da89fcd13fff235e3cbdad71067b0bf4bae3b45"
-                + "6971ec92e4f288ee2f42d11c23c61075f8c34a51246030867f94dea95170db78f96079f8"
-                + "57c176e5ea1386cb97368f13d6dd6caabe907e47ac1d6f128a9b8448c4fca4719fba6c1a"
-                + "3b1700cdd79c697bf8ab7ebf427087ca98a5aaf66995d994be6012a54deaead8c50a0c81"
-                + "3dab15fed0d505d484961d2d5ee66aea45edf6a1d4d43f768d1eca94ee6a84a089cf5448"
-                + "0184afe6d7030a057fe6d6d5baa64debc0da934fc6f3b76d60b7887b484b652c7364fedb"
-                + "d09a9856ee28f26d0b1d6c8120db5e28c0ea5c3018a89528ba3e9253e01c6413559fd95d"
-                + "fdfca4f5e38e764662a8ef882f620f8936c848e7070b02b871c3e0aa89def96ecddc4021"
-                + "e2432097460f5ad3dfbb6d63b6919356401a4d61972449d88c19e9de15dad6b4e5ca8064"
-                + "709b36377fee9a366f3e401ff4085c8980e345a6c0b90f3f349429e67e7aaa649470b409"
-                + "b1fba7bc85f1703e5cc875547de495cd11b99768dcf15fce0d5093d2a6809b08960c41bc"
-                + "c7e4d3ed02662edec79d6166fe957bd54f71fdf8db6fd3bbbef0b5ba37ba98d5aeebad2d"
-                + "184e95bddbdf842b84140b10c8e9acf2ecdd89766fe0387681cefbfa576edc7622e1639e"
-                + "be8f762569ba3704edc26dc704a5c01d03f128e8785470ed6516b5dcef55b82da77ee0b0"
-                + "c08dcf9edca28fa04702041960d874c994b62c8eadbb3cbd6267b9fc568ec06d4f79cdcd"
-                + "496c4df22fe3a9bc0df149f39d83c8690e7d8d0af6362778393cacf32710e43657df466a"
-                + "6a37e0032b7aec14a96ec109b68b85763f402b1d69a8f54b700515983bf3a964eb002a5a"
-                + "88050c4965cce9574ef402a05b529fa1aec5a92bfe688036df8316515f5ed7bcacd14d38"
-                + "a2484940b34996b6c0a103ca0bb041a80e19d38741c2b39db1c188a9bf47916231d43f52"
-                + "46de6340ebc8bee8d7d9e73f1f80aee0a7a7137b191fa91ba00d876470fdf38bb93125ad"
-                + "7fb033dbab4e5aba83cc55202c63639e5d2efde3a63db4789082d9cafdb283ef1c224551"
-                + "2af3a48742ad6b20a01ad330c2615aa9b4c52adc28c0edbd3f16dbb235aad854e0ba4dac"
-                + "350d6ca1797218d37a24dd4b91fa46f28eb69b943be42e08363055ab7cb36b04d5a27192"
-                + "e3da65441f820dc54a8f35b7fb38842b1af99b74347df3170cf463a77ca430790a66ea72"
-                + "62c462e85d8c3079d951b75dadf5f24c471078bdf4d50461ff8e1ebebea1539bec4f97e0"
-                + "4d579558868d95029221d5ea68546d99a41b371372090b2877a8b62d171d25bf8e38b0a9"
-                + "a089fac89496294a8542198d67836112a242f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "1454676496210dda18357eff3f7814ffaade88533c14bfad4b7b6c0fdc1a8f24bf30dd84"
-                + "0a8e52f7da39d007f92b9c15514ac428de42cd810f95ac656c8454c62c9200884b507014"
-                + "7c24a1391706ac006916aeaaf6e1d53d8957f734907e876e109b8055a48bf68fd544d18f"
-                + "df055f2c4fd5900ef4364b525dad68c3ea2b920010478584fd75bcdb492301e66cb5c908"
-                + "ae7d8b4b2c1f9b21ccf19684392623b1c8f72d7f16ac53b48fe50f109053977b02d7027f"
-                + "6591aa0f33ffd04594843ce08b71bd911cca255af7cfdbea2ebce4d3df1409f501ae5d45"
-                + "015e310ae14e7a08d1bc2121c2b1995781492170fac1d10dbb8a0a9c73ca0b89b850da5e"
-                + "16defe8ab18ba8964191f2baa507a8ef09fd2ab4ecaa13bea6afaf0f8e0ec646fb037c23"
-                + "0bba547dc2b4196a2d4608a55dfb6c3c611bca9c8cea05218f7f4abc1faa24ace2c567a9"
-                + "35533a6027f7391d4301e6852349a690a3d9bacfbccfdb39feaaa34bec6116e824824153"
-                + "6a3b7b02002f407f8c2dcf5c3da99d8d4cd228f963f9714952ff87796614cd049b05b320"
-                + "e6e66fe208d4a0a507e8ddb406e9d1b505f1295c1c00a8b0173ecfd079c4fe66ee3d9f50"
-                + "1b19afa594682cbb19a516360a7de00847892a7c01ba000dd2b27bf0488e73d2d6540bc8"
-                + "a93b6ab98f372bf916e2cacc27c487bfa9340ddf706f870723d973705c027568850b5dcf"
-                + "a99e509dd97bd4385a138bc48981fb24ba3e758a66b19e1dc79044e77d3040d898ce347b"
-                + "45bd8c818970ba69b238101da0571d8e5ec21095287af8837d71b6d58264ae89911f7ff6"
-                + "9d0c2f3c188957951ac33a25a65065f5759c28e97a0490507a849861276cb181a01eb79a"
-                + "4d58d44855ed51bdb4aad2d3b3f1277cc918af2b922e5761da214c317f82a18f90b6bb69"
-                + "a3d0c698bfd6d6bae147415168079af05ad566101bae93b9992c62c415009ecea68a7eca"
-                + "09ec1b891b01706729456f194d45c610bcc15e79388103a81706f3c83c853c1252624df7"
-                + "712699b6e00e0b6960d355e9364d1b5246a2fc35823eb5c4752d795fda761c9c41259fd4"
-                + "4a1d6f558ac10d01f799975f897754b5dedde0dd8de461c465ad97fc47b970833e880b38"
-                + "2fe2e556155890824a019e7fd6c8f0f37b592d7f477377b9af5b7d132a38e0e7f4ddad5a"
-                + "abab130f8c47f443bd3dbad545d157b10096f4dab0b790bce1eb227884ffaf318ba0c830"
-                + "28b2523cba86bbd2fe35e048d03e213c4d46d7ac4f3287df3dafa13b2d8c8aff82da5185"
-                + "e5e3f208b1bf6a74cf20dd872cbafdce3c85f5f8581f30306b8c65aaed69c714b89eea9b"
-                + "2cb3004d277d8129cad0e8d79575c23705850742cb608ce37b5862e7a406e89ee18fabc5"
-                + "ac3d491355a52e2e45037fa6b471a377d217b3e86f5cf9b4d0162cdd1fc458ec05671881"
-                + "c34fb833a37591e1d12f9b4897aabf7ff949f247653032a08d50e2aac74baf3914aa8bef"
-                + "8670a92074c09cd7671e83db2a3a3a10c7afe2278f2247ed71709b5f3acdb0742b5fb34b"
-                + "dc5fc5452fa330ad7f1a1233db65baf8dfbfdec5ff9f6229cbe2f66971e5ae99688dc0f9"
-                + "0ddda8a4ab319743377f005900dfe78414c11ad5cfa841d86c62ef7bd9029ab7655ae83e"
-                + "1f46822435eb777f5087238575a2cf5528bd4fe8283d1bbc0c72ef6a68e09ab67e5f59dd"
-                + "4c2bd3677dadc97435955a5b3e3329fc66c9ef5f4922aecd297a69305db66d1552f39709"
-                + "c8448e5c599025af7f1668cb00c42e3438e725432b644972c52a3149b16289319777c08f"
-                + "acca8ca8f6e79e9aa0ba4bf513b7ba3aa401fab006c5e1b12b43cb13d383f33ea760aae1"
-                + "9c5bd28f2decb6f624f4962102a416be1be6bfef71d705620aac9b1852a000102ab82e3b"
-                + "7e27b293f1c9f623d45a875c4b05a186b36dd67684ae87b485eb840589e95a98416bad95"
-                + "2afb22692e0237a20501aacb9b9215076e1349c012cf62272d41c203caeca1ef91a0c860"
-                + "70c577db32c638f4cd32a2bc4162f78cfc1be99bb40a7f1223384c3352b3876aa396daa2"
-                + "28f9c06f5c1873c46bdd8963e4f191b6561e507058af2411f62f879ea3dd502097aa2582"
-                + "c3954094551a0ffcf44f9ef46a24aa3b11f802633691d4817f07ff20318bf1c57f61ce24"
-                + "271eab4b70b66b10453d24632bf5846aff38bdb5290b4f3600ccdd1a3adeab8f5ed5455b"
-                + "0236c3152990cd536a3fa19468728553a51daf65e89fe403117a8379aefbbb1a06a732a7"
-                + "98e0164e1ce93e7b0b5349b32a79f350d4b80554f8e4b4c210547a6dd48c1a4942d15991"
-                + "500154f2c5d11193925a5eba4f1c72b1ff051c619fde1a77300ac523f0f7698e77ca65b2"
-                + "cc13547a2dad2a2652bb15aa0285d30b4fe3524b13574bcf7f37589e5020716a4df71eaa"
-                + "16cecbee355daa29eeb34b4803bfd25727e1db1f2ac35ea4d2d2e82c41c1ece63052b60c"
-                + "3bfaec2485e9e902ade31e456c81318637b64208f398dcb1a83005237d6356a877f0c096"
-                + "db1985bd29ef4cbdbd945a5c4833222dc5239949cb807f352284a2d187d675ccd4b71d13"
-                + "fdd7d3d250561f091a0fec36d8fdacd2665540baa66adbff3abc78e9195cee255808aa14"
-                + "786148755bf7f25537919b06a2143801ccb2bc547019f4d48cc4745b62662683c1275ea9"
-                + "b216049bc7a76f86cdd3810b9071f2112090281020fd20ae9d4b1822861883e796e5c6e9"
-                + "010658a130e3a9f0fbe7e5487bfb9c7aa742d882baa843ec87052a1e798901c0595b4bd2"
-                + "7fb0ae50ab56b7b3bbe96d3598dbb736bfb3eaf900ba2969009268e04f81b31b3f29e97e"
-                + "c70471975f8227fae58e7d6321bd0048a7b438aa06b7390141597033061ea2872eb3146d"
-                + "1d3f84d60a68ea49ba3ad520925169bc4bae951511af51cdc274fe84680152dc3762cd8e"
-                + "0d7a7a5b808e7189cd063e265df583e8365e78d433ea0452412b0e0ccbcac0f4d81f179b"
-                + "86a9759d9fd972a7b6a661a1b1d3acefab07fa337c9c21c6a919ab95580f6f2659bd74e0"
-                + "28ac52e9ed07c4287a8b38861e33c8ec934407fe4aba59537323b15e279d48da39c5ce9c"
-                + "7ee641e1a53bed794ef62b5dc24e9d5c871671fbc746439b17326bc00f91c44719a102ef"
-                + "8728fdd497224505c02249bef26f24bfa8a4478311b58152b2cc8099be1c1b6ed72861a5"
-                + "cdda7d7474144c88eec207bed1b94f8aa2f5c5039a8066ef158e4b6bd66065fcae02997f"
-                + "9b44175f8cde408c2053d71fa4a02f68e2b7ce49c66f25f1b06c5f700df036615b34b7a8"
-                + "9280b388531f3d942dfc0cc6cd13db48f07195b5336fd4fbbfc09167e5e911990c763ed2"
-                + "48b2a6e029fb55fe62911ce2b25c775858cb1d77c953d306569c36a8218eef73f6245180"
-                + "172ca23e05958b038cf4ca7e58ababef4f5804ac7d4f71bba810b5a9224781c142777281"
-                + "df1330159a77f685ce17bfcace901b7a18a45413ce7250097a5b09b54b7013dd0f5d6527"
-                + "0ada384eaabcf10117b15fa2534d2068d48bf793d6e312493bb54642262b396532466e2f"
-                + "d80597efe641cdf3fcd5426e2b79e3b744d7c9b03a9296bee0492d7c7cb80ed7d45f5e7a"
-                + "bf9a05e9f68e552ae98a41a5bc726d3793d0f36238eea0c807d0009dee53d30e37830b66"
-                + "9657ee848532ed18d5df9f90e3ed668dae422b79bd60b88a3e2ea05dfab475b16218983c"
-                + "7f4a97262e6ff753f1a27c7cb36accf10d2099223624ac199fd42d2b838853b2601cd8a9"
-                + "3380982e233fd34dbdd6f169592fd29bdbc388beb736bd3e0ab85600aaf7c16775df634d"
-                + "a22fcd9cf94e175c4dcd0486119a6b98cd364eed478609a575084bce3db89cc39878f241"
-                + "70d1684f388f5fdfc4f57aa7a2d6a00a41d27ef8feb5c03a5b8e0b24e690ab6794715cec"
-                + "771cf31c07a4f27c5bb2a57ec294fbf30928424b4dc5126011ee41a5b978c89f7577d717"
-                + "cad1e7651a87e775c0439c90a5edb75914baa818efcd1d718e3af6d502fdfb7ca3786582"
-                + "480105f9acb14cfb6467f84344cf7598c0809d0e6f84565f8fe2f2ea1992adfac576f614"
-                + "86cd3408c9b855e5d6782baa895ae4c358e03af41bdca3e566894fbede74972bef286673"
-                + "913d19c79978d8d3aa7d5727cf06100b87e8d0e7f3bf921f45868bb3bb65e2a213dd8ff1"
-                + "cc731758ed8768969ce2ead4535af777e01457923ab3c503de662e8f46cf01f26396ec02"
-                + "285ca196f2d2e173e62173c418c5c6bab4ac991f56eba8aa112bd08a97b926db2bb03964"
-                + "1113cc1db9a8dcc43d3fafec37f03cfd60d0315f556d240366c5f6a5da092e7dd51b1b69"
-                + "f14a94de058d05d2b6245cc3b6455895598459a50a17cac5507a91ba3173aaf65ae8ab34"
-                + "3b2cd0cae32f775015937cf90bc8ea768d35fedd4703216e12c2088c6427b5b2e7d1fd61"
-                + "2df88a8d5b55f51c054c083c701848d4364d02ff0c906c566c995f1b244265f3e2e55a6c"
-                + "b3e6ddc35e928f11556b14cf2bce9da84d2b9913ed15a6b05775270d23f52d4ce480091f"
-                + "63d42a169fee253087e60621fc2f1af3a89834bab301ef40cc8a4d62233dab31660341f5"
-                + "8410e21463605ca59116c57cdabfc15c2ef37687b3edc6d17b1e6fb4ff9ac07234bcd5c0"
-                + "199bb9a189c5f2e52703206a4d3b4d1e3ee9a4fc30768179e64280e37b616bd0544dd67b"
-                + "98b349d859b20ac230206c03c042e16fd34a29667c3fe174bfe2c9c2e7f0fcf7b323ccad"
-                + "aa563d50f98972bf07c2f5d65841afa898c38048287f21fd27154ee4ffbc4b1068321af2"
-                + "6af8dafdfde73a18ac4f69a114b521d541b41d25a9c0fe60b32e84519582e90fb4250cd7"
-                + "fd01b9798484e91759eecbeb409844b5cf3483297af2b7e175ebdfb7989d13619df83135"
-                + "1b8169777011e83989fc319b4adcd1fc9c7cb9843934ea166d318df5aba90234c8e0e1bf"
-                + "60f9df24b9aa0387fd0cdc40c0874d72702bba1dcf74fff4f95e321ad43255afc0e43638"
-                + "cc286baf822b9beb0a379148c2960704914d75b4ee30d6a715d28fda1a1499d5c99d7790"
-                + "03792496e78fec2028de27ba83a7610f9da89fcd13fff235e3cbdad71067b0bf4bae3b45"
-                + "6971ec92e4f288ee2f42d11c23c61075f8c34a51246030867f94dea95170db78f96079f8"
-                + "57c176e5ea1386cb97368f13d6dd6caabe907e47ac1d6f128a9b8448c4fca4719fba6c1a"
-                + "3b1700cdd79c697bf8ab7ebf427087ca98a5aaf66995d994be6012a54deaead8c50a0c81"
-                + "3dab15fed0d505d484961d2d5ee66aea45edf6a1d4d43f768d1eca94ee6a84a089cf5448"
-                + "0184afe6d7030a057fe6d6d5baa64debc0da934fc6f3b76d60b7887b484b652c7364fedb"
-                + "d09a9856ee28f26d0b1d6c8120db5e28c0ea5c3018a89528ba3e9253e01c6413559fd95d"
-                + "fdfca4f5e38e764662a8ef882f620f8936c848e7070b02b871c3e0aa89def96ecddc4021"
-                + "e2432097460f5ad3dfbb6d63b6919356401a4d61972449d88c19e9de15dad6b4e5ca8064"
-                + "709b36377fee9a366f3e401ff4085c8980e345a6c0b90f3f349429e67e7aaa649470b409"
-                + "b1fba7bc85f1703e5cc875547de495cd11b99768dcf15fce0d5093d2a6809b08960c41bc"
-                + "c7e4d3ed02662edec79d6166fe957bd54f71fdf8db6fd3bbbef0b5ba37ba98d5aeebad2d"
-                + "184e95bddbdf842b84140b10c8e9acf2ecdd89766fe0387681cefbfa576edc7622e1639e"
-                + "be8f762569ba3704edc26dc704a5c01d03f128e8785470ed6516b5dcef55b82da77ee0b0"
-                + "c08dcf9edca28fa04702041960d874c994b62c8eadbb3cbd6267b9fc568ec06d4f79cdcd"
-                + "496c4df22fe3a9bc0df149f39d83c8690e7d8d0af6362778393cacf32710e43657df466a"
-                + "6a37e0032b7aec14a96ec109b68b85763f402b1d69a8f54b700515983bf3a964eb002a5a"
-                + "88050c4965cce9574ef402a05b529fa1aec5a92bfe688036df8316515f5ed7bcacd14d38"
-                + "a2484940b34996b6c0a103ca0bb041a80e19d38741c2b39db1c188a9bf47916231d43f52"
-                + "46de6340ebc8bee8d7d9e73f1f80aee0a7a7137b191fa91ba00d876470fdf38bb93125ad"
-                + "7fb033dbab4e5aba83cc55202c63639e5d2efde3a63db4789082d9cafdb283ef1c224551"
-                + "2af3a48742ad6b20a01ad330c2615aa9b4c52adc28c0edbd3f16dbb235aad854e0ba4dac"
-                + "350d6ca1797218d37a24dd4b91fa46f28eb69b943be42e08363055ab7cb36b04d5a27192"
-                + "e3da65441f820dc54a8f35b7fb38842b1af99b74347df3170cf463a77ca430790a66ea72"
-                + "62c462e85d8c3079d951b75dadf5f24c471078bdf4d50461ff8e1ebebea1539bec4f97e0"
-                + "4d579558868d95029221d5ea68546d99a41b371372090b2877a8b62d171d25bf8e38b0a9"
-                + "a089fac89496294a8542198d67836112a242f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "150b194ad8be8ef61afcbab20228f63cf3daac7181e52ff00def82994cac8cadbc0afd20"
-                + "03db8617889a0023296ec9d028cf0dab03f5a6ac2c5626c62d536decacf9ad52f5b4363b"
-                + "3ae3a3a3451658248edbe61993cc7fd9b6e620f40573c307fdd45100b4454e53f2c3ec13"
-                + "3a04aa9fd652313b434351d996ae76f85016461773ad3b75c23af84670708e414e6e7269"
-                + "72352bff2246f6c0f57b2cedc376a8a8cb1df74d83e7aafc10545a521f31f6e5945ae14e"
-                + "f4f0e973e9fbdaafc57d41eb0ae8b277c10f9029c90be5c50c6b400fc0decae22b5d3eeb"
-                + "3fda02765058b4dafd6d861a54526e51efd1b5cea8d7994fe7293b86dc601d6140b9d3f7"
-                + "f083984c7bddea56acd6b0a381a59db4fb97cb3074a7dce6cc8087c832b5b1c71909bfed"
-                + "4efd41bcef99defd1e6e7b86efdf813c23322cb7083eabb538ee0c105fbb42a33484b223"
-                + "2b4728af68665322e62a515a0c16e12b9bab4443f7aab5d5555814e1cb3791dc3ec2eb14"
-                + "39fe4a7db79d119db0557e3900afedf808bb636e1ddf5fa15e5cd406410771b5de007684"
-                + "37bc29f3242437d94141b28cd5eff641b21be2254074651e4e0e0888d0cf81e6f5b9c3f5"
-                + "6b1a932eb852aad78120866511318298437fbd3c58e7af626dbd32e2033e5eaa5fc16860"
-                + "97e515bd69715d05d9eeff926515a754d3d0684696ea28f8eb88bc8271b839778588d16b"
-                + "56603d1db5534f20cfe0616f2db4e35e0624bb03c99329758a28ff722d3c676025e1780e"
-                + "d3a3c1124a49090b0930dd621e43eda3cdd731a46b3a9724ad32fa32c2901ed0b3925aca"
-                + "cc9cdd9d3d3a196a60a83d83acfe1a9cbf4ca1bb29ec264b94b4bc510736d9916d8dd841"
-                + "2188710e0ea928c566b95b23eb556bfdce5befd3edde10244e98f07e6e3914f366aa6c5c"
-                + "326504baf1c38c97d20b7f447359a213b8e34c0f34556b19380a5477b768200ddaa2ef6a"
-                + "c4b47b9aedb389309aecd9386e9ff169eee2a6fb5436bf4d11742752e4179bfe90b58b07"
-                + "5212e82b073ae89b142069e348af3db79510eb975aa478e4a0b948957b34642e3c521d6f"
-                + "5281d7c8b969f265edc3febff1eae7eb1a6ae68cc2c0e012343eb5b13c466f6df5152dbe"
-                + "c1f3ff7348c6f35c9b9dcd22cfe9f6d7ed39653b16c816b57a99057467eab40ca1fbc48e"
-                + "27d2abb23306068b1a468322ec54a7bf26d4d0f716104bd890a7e40bda60ea55ec2c8035"
-                + "61379fb4d531e510b9d2caf0455e86d1dc1015c87da07288466607ce1981641c9dc8ef56"
-                + "545e394095e1ae7b94fa672017c5360c7d0ea62f09e96b301f7846d9c949ace8bb9d64bc"
-                + "670531f081d90c8b06b1024c41d98b7bf2d45c5f9eab78f473dca5152182391bae24fec6"
-                + "154e0b52512101065e9e5d627676c1b63f3426a2881b184125b4ed06e85bc69cf7203985"
-                + "f083e7f7c30ccfbabf4655ebc350c94325ec9e4bb84f8c8b3b7b5b8696afa1f520fbc200"
-                + "839da20cbccdc72273c3994bd34721684d09743cfe4c751d9f141679c1f504b188b38b46"
-                + "59018d4d2d3feed1ceaf8725faee719528c697156c59d806ff2a05b74f95c654f301c5ad"
-                + "e813f72c9b6a951e2b3d694619aa0825005395282e9bd7d8fcce2c57846d8ce337b7f8d7"
-                + "7de1130682cb93372d18120f27a062e3636e759487edb2ac8a5c9e851f58545c218e97e1"
-                + "e5b623373054a70d6a9ee4b98980380130b572e82b0b7041c71782ac50a9f7287c9da9f0"
-                + "4ed05317b10170f1572f9d6614df8659704af759b899ea2a5918b885bce49cd218f31163"
-                + "1079315566fdb4d6e425910dc6ecfc604312bce7b96121f4324dfc629b08bfe5c109696e"
-                + "7dfb47ff14b764eb0556ad4ce454bb3472322efa28c5867951bcb559120ede8e139a1acc"
-                + "c52eda02c78b32e40608b095b7a629cdd2e8f5a94c06e8cbded10981600812f857d89068"
-                + "61a728ed5d7574823be6fd270d28cb11a1b1729387ebf9e933130a7bf73d4322a11a43e0"
-                + "1c47bf06d76f2422d8c9079d3e93ebae2f5857d27d2fe33bd351cee66d3ff5906a10165f"
-                + "79f4b383f67b9815589a9707eadc16f09585e488dc1f54c93e87158c5841d32bfc0b4118"
-                + "80d3cfc09157b69a3af10bae29040d4db2c5925aa6f4a3cb36c89f026287ca05fcd645c3"
-                + "267d365cb5ebd613311e817d4417248dfe49fd3fafcba7fdeeca699c3c4396c7fd7a1ba7"
-                + "3433ec745c9ee1c7f6479be808716eb9ba1e2724a247967fea7dcecf0e14356c2aa863fd"
-                + "5d42d5234679c07893f4c7c7f10721378b2a6acb034dbe4d7082b700bbab28466fb960fd"
-                + "bdeeff90cdd3ca53b171380b16dfd8c7cc560aa8d6b6db5659a73f34f0cfec292f100a3b"
-                + "ca4783a168e5cd287033bc6b19b361e0c5f6c90e7f0a21cdc1a0baedc4cfc5abd00eb85c"
-                + "6123f1de1cbe334e1455090ab719545d744c90d0aacc37b15c03fecfce830bf47b058ac3"
-                + "e191b7ffb2306461060daf7ee368775acc6ec5281bc79a21492e15885b238dedd0ce33f7"
-                + "3a00f08400330b6df02f9de2519e52c32b08dcefeba3f738be726c7932be0de263fbd0cf"
-                + "26503400b6de7e7842875df7dadd48af7a709797a8268fe64cb0d8ba10ab1d0f7ca396ac"
-                + "707dcb512f753173c2098a5f0338dcdcd72a11e6576fecb4d7921461af44500bc2f64a23"
-                + "2ccf3888a17171c6b8b53c28a0c606bf208a9cf2b7126ba4b65410e96dd7e3dedd4bc3bd"
-                + "c8b334b0e2656047eef365d23d538ae179d2657d1da099eddf792a528d7666278c12b512"
-                + "ed604b0f4c928d2ecdd3aa30296919e0583a64dfec68ab2ec22b2ef5e25b0cc1318e9e5c"
-                + "8c75c3c442f642a6bc9b3292e0ae1368d0b4d38e9a065ce2a2774eda18f702fc7e756383"
-                + "e45f595b50d57e44d9dbff60861e261e9ee42c1543a1a2a5a0d3cacb0731a2f56b321faa"
-                + "8ea7811f90878acf15eca61751c2ea90957902f4c7838542466e59918d3591dac0a85473"
-                + "47a3e3a3c5e0ceaece465a8fcf404af49e736d12b01b47573761d7bcb509aadf1e966025"
-                + "f7bd397c153bc54dbc6d798281d2d37ec52f63cb04cbc9941de9fdb2c10c2376ae1b885b"
-                + "395d73ea478891e281d832372d81e8ac44b87a6aa87e6a2a2b3e44431ec1daa25832067d"
-                + "1c38b9a9379e2cc9e2452faae56f24bfa8a4478311b58152b2cc8099be1c1b6ed72861a5"
-                + "cdda7d7474144c88eec207bed1b94f8aa2f5c5039a8066ef158e4b6bd66065fcae02997f"
-                + "9b44175f8cde408c2053d71fa4a02f68e2b7ce49c66f25f1b06c5f700df036615b34b7a8"
-                + "9280b388531f3d942dfc0cc6cd13db48f07195b5336fd4fbbfc09167e5e911990c763ed2"
-                + "48b2a6e029fb55fe62911ce2b25c775858cb1d77c953d306569c36a8218eef73f6245180"
-                + "172ca23e05958b038cf4ca7e58ababef4f5804ac7d4f71bba810b5a9224781c142777281"
-                + "df1330159a77f685ce17bfcace901b7a18a45413ce7250097a5b09b54b7013dd0f5d6527"
-                + "0ada384eaabcf10117b15fa2534d2068d48bf793d6e312493bb54642262b396532466e2f"
-                + "d80597efe641cdf3fcd5426e2b79e3b744d7c9b03a9296bee0492d7c7cb80ed7d45f5e7a"
-                + "bf9a05e9f68e552ae98a41a5bc726d3793d0f36238eea0c807d0009dee53d30e37830b66"
-                + "9657ee848532ed18d5df9f90e3ed668dae422b79bd60b88a3e2ea05dfab475b16218983c"
-                + "7f4a97262e6ff753f1a27c7cb36accf10d2099223624ac199fd42d2b838853b2601cd8a9"
-                + "3380982e233fd34dbdd6f169592fd29bdbc388beb736bd3e0ab85600aaf7c16775df634d"
-                + "a22fcd9cf94e175c4dcd0486119a6b98cd364eed478609a575084bce3db89cc39878f241"
-                + "70d1684f388f5fdfc4f57aa7a2d6a00a41d27ef8feb5c03a5b8e0b24e690ab6794715cec"
-                + "771cf31c07a4f27c5bb2a57ec294fbf30928424b4dc5126011ee41a5b978c89f7577d717"
-                + "cad1e7651a87e775c0439c90a5edb75914baa818efcd1d718e3af6d502fdfb7ca3786582"
-                + "480105f9acb14cfb6467f84344cf7598c0809d0e6f84565f8fe2f2ea1992adfac576f614"
-                + "86cd3408c9b855e5d6782baa895ae4c358e03af41bdca3e566894fbede74972bef286673"
-                + "913d19c79978d8d3aa7d5727cf06100b87e8d0e7f3bf921f45868bb3bb65e2a213dd8ff1"
-                + "cc731758ed8768969ce2ead4535af777e01457923ab3c503de662e8f46cf01f26396ec02"
-                + "285ca196f2d2e173e62173c418c5c6bab4ac991f56eba8aa112bd08a97b926db2bb03964"
-                + "1113cc1db9a8dcc43d3fafec37f03cfd60d0315f556d240366c5f6a5da092e7dd51b1b69"
-                + "f14a94de058d05d2b6245cc3b6455895598459a50a17cac5507a91ba3173aaf65ae8ab34"
-                + "3b2cd0cae32f775015937cf90bc8ea768d35fedd4703216e12c2088c6427b5b2e7d1fd61"
-                + "2df88a8d5b55f51c054c083c701848d4364d02ff0c906c566c995f1b244265f3e2e55a6c"
-                + "b3e6ddc35e928f11556b14cf2bce9da84d2b9913ed15a6b05775270d23f52d4ce480091f"
-                + "63d42a169fee253087e60621fc2f1af3a89834bab301ef40cc8a4d62233dab31660341f5"
-                + "8410e21463605ca59116c57cdabfc15c2ef37687b3edc6d17b1e6fb4ff9ac07234bcd5c0"
-                + "199bb9a189c5f2e52703206a4d3b4d1e3ee9a4fc30768179e64280e37b616bd0544dd67b"
-                + "98b349d859b20ac230206c03c042e16fd34a29667c3fe174bfe2c9c2e7f0fcf7b323ccad"
-                + "aa563d50f98972bf07c2f5d65841afa898c38048287f21fd27154ee4ffbc4b1068321af2"
-                + "6af8dafdfde73a18ac4f69a114b521d541b41d25a9c0fe60b32e84519582e90fb4250cd7"
-                + "fd01b9798484e91759eecbeb409844b5cf3483297af2b7e175ebdfb7989d13619df83135"
-                + "1b8169777011e83989fc319b4adcd1fc9c7cb9843934ea166d318df5aba90234c8e0e1bf"
-                + "60f9df24b9aa0387fd0cdc40c0874d72702bba1dcf74fff4f95e321ad43255afc0e43638"
-                + "cc286baf822b9beb0a379148c2960704914d75b4ee30d6a715d28fda1a1499d5c99d7790"
-                + "03792496e78fec2028de27ba83a7610f9da89fcd13fff235e3cbdad71067b0bf4bae3b45"
-                + "6971ec92e4f288ee2f42d11c23c61075f8c34a51246030867f94dea95170db78f96079f8"
-                + "57c176e5ea1386cb97368f13d6dd6caabe907e47ac1d6f128a9b8448c4fca4719fba6c1a"
-                + "3b1700cdd79c697bf8ab7ebf427087ca98a5aaf66995d994be6012a54deaead8c50a0c81"
-                + "3dab15fed0d505d484961d2d5ee66aea45edf6a1d4d43f768d1eca94ee6a84a089cf5448"
-                + "0184afe6d7030a057fe6d6d5baa64debc0da934fc6f3b76d60b7887b484b652c7364fedb"
-                + "d09a9856ee28f26d0b1d6c8120db5e28c0ea5c3018a89528ba3e9253e01c6413559fd95d"
-                + "fdfca4f5e38e764662a8ef882f620f8936c848e7070b02b871c3e0aa89def96ecddc4021"
-                + "e2432097460f5ad3dfbb6d63b6919356401a4d61972449d88c19e9de15dad6b4e5ca8064"
-                + "709b36377fee9a366f3e401ff4085c8980e345a6c0b90f3f349429e67e7aaa649470b409"
-                + "b1fba7bc85f1703e5cc875547de495cd11b99768dcf15fce0d5093d2a6809b08960c41bc"
-                + "c7e4d3ed02662edec79d6166fe957bd54f71fdf8db6fd3bbbef0b5ba37ba98d5aeebad2d"
-                + "184e95bddbdf842b84140b10c8e9acf2ecdd89766fe0387681cefbfa576edc7622e1639e"
-                + "be8f762569ba3704edc26dc704a5c01d03f128e8785470ed6516b5dcef55b82da77ee0b0"
-                + "c08dcf9edca28fa04702041960d874c994b62c8eadbb3cbd6267b9fc568ec06d4f79cdcd"
-                + "496c4df22fe3a9bc0df149f39d83c8690e7d8d0af6362778393cacf32710e43657df466a"
-                + "6a37e0032b7aec14a96ec109b68b85763f402b1d69a8f54b700515983bf3a964eb002a5a"
-                + "88050c4965cce9574ef402a05b529fa1aec5a92bfe688036df8316515f5ed7bcacd14d38"
-                + "a2484940b34996b6c0a103ca0bb041a80e19d38741c2b39db1c188a9bf47916231d43f52"
-                + "46de6340ebc8bee8d7d9e73f1f80aee0a7a7137b191fa91ba00d876470fdf38bb93125ad"
-                + "7fb033dbab4e5aba83cc55202c63639e5d2efde3a63db4789082d9cafdb283ef1c224551"
-                + "2af3a48742ad6b20a01ad330c2615aa9b4c52adc28c0edbd3f16dbb235aad854e0ba4dac"
-                + "350d6ca1797218d37a24dd4b91fa46f28eb69b943be42e08363055ab7cb36b04d5a27192"
-                + "e3da65441f820dc54a8f35b7fb38842b1af99b74347df3170cf463a77ca430790a66ea72"
-                + "62c462e85d8c3079d951b75dadf5f24c471078bdf4d50461ff8e1ebebea1539bec4f97e0"
-                + "4d579558868d95029221d5ea68546d99a41b371372090b2877a8b62d171d25bf8e38b0a9"
-                + "a089fac89496294a8542198d67836112a242f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "1685e55780241c3bfeae16e9aa47ca1781a8a32313637cf47a90a8020128c40c18235c78"
-                + "24578da3ed4ec6eff8a0ee0405e65555151d5e247b7d9b8fc2905e20b4aa91eb87381884"
-                + "a972e21020d2ae661b52f31c54a2fc5d1d09aa8d6f3220907c18d08f3b14042e8d745cb7"
-                + "033b1c6a44d75c91dbf823109d831685d77dcff6aec9fab81f8b7d8a07fabfd26f1fea44"
-                + "7194d6ea01ab1a6640be5cf00eded97b52c7635aff9a71275f429ec63a292b5a849a3db4"
-                + "e991bc44601b45de6e2faeb6f8d436d0943f99e79827193e66855d5dd6e34a9984a210fd"
-                + "d3a2c7e7fe61eb7404e4159c496d720c50f2906a427b4a9edf4598c294d274e302095093"
-                + "5a05d17c6cdd9dee2d00f969d071b269117304f2edee613f7b1826647a427c53ea7b9f19"
-                + "56153214add3d243adc6dee5dacdcd87632265ecba21488af414f026c52cd480d7bc094d"
-                + "8e01b82c814539db6e7cd7be6e74d0b53e156195ce2b7fbcbca345ff7eff58131d931ee1"
-                + "1ac6a46c7d2070a4ed72d3a4d25323b34b793bbe13a6f841639e3829f682a82be037cfef"
-                + "7541a1e211ed637be1e2728f8bb3aae333aff2edb22fa1a832f8075aa3a93e6f282d7e60"
-                + "c987bf0fae9cf5620c3480a5f8f9cf181f455ca40866dd5632dfca464e9a42040de9ac7b"
-                + "aff04a9b530ba11d4378b5c79226bc4fec29002a9fd62f2e5d1b8ca6a635296e2b4dfe1d"
-                + "aee421157d764f9a9cb0b9e0d0ae66479eb3ebe17b82b78f104e308db92df5332d60f74c"
-                + "ac97dbdfe6b6d0b1da4a79e77bde280cabfd11bbfc2297a81bb964b207e82252108738a6"
-                + "013c593d58e231f9830c75f4acd2c44e89af2afe2c2cae2f8d98ac05caacf6c815a7ee7b"
-                + "ee050d87d7acee8a38d8c04d5bf42b7c69f72a2c0097087e03e62767acb8898d14f04455"
-                + "f5eb4d90eb0f49981d7e386e956288de2c2a2acd67b4ce765c491e730750dd81c075e74a"
-                + "f5f03f3a9a25f4c1258ec830075dfb5fbfa9db24da5ad5028b01b485fc717997eb21692b"
-                + "04bef44305708d95f8394db55e82f631fc0e049915a10bbff2b0725adc407ddf5efde0c9"
-                + "a30d3b101dfdc31306862c45829625383bc60fcef4f2f6415a354d34ac9b3914c1a571f9"
-                + "edb034f87e38de2046210950633239c9700b8c8a3bc260ac013d24a42743302a612434f7"
-                + "6b22fbb9f2a6ab9ff0d66f8ce88a176688941f966d79601720e66beab479698aa9caa415"
-                + "cd27b7ab48c5407e20d460c0912630de3d2ca4e9ba2d331a67e3001d8acf56e7f7d4de83"
-                + "df9537a86d3fd41737408934b36898b860543265e21e6aef6992ac39c20def0d2c58339c"
-                + "79ffc8a021604098876327635b53db331cf6e4615251a5bea6df9fec81bf9380e2706f17"
-                + "368de1d931be2f60c002b259455f10065e701bbf4b39303b5c361df424a95b5941ae2b64"
-                + "8ea58457d61ab4b7ae7bce45d02988900bcdb4d362a9652154cf29b90e4525c8e84f9c2a"
-                + "ce19928b94554a5400405c405b51d1f4b081fed1f0457cc3ac0b30cbd20128ed31d10a2f"
-                + "a873a5304f6cc51bc724b3e27c177d7638b236a10cc918caeec08480ebcb120d911b02d4"
-                + "597383f5433bb6ff487c64d22fd4f110acd4f786afbdbd1ca174ed70b74aa6a60ef1ebd3"
-                + "72e78364286f358bb7e8bb711ef30bf6d5d15c54e8ad357e63572bf5c731f7b04c028656"
-                + "676af572578926e51d450146cf9f3ded5cf658ae5fe54012953c5a107f49be08b18595c8"
-                + "f50524e422cb506d9cf9ef89dca3a074f1e5bf693695c70ae32996a50823ec1e54a11702"
-                + "5e514cd6e13c4fb89e994b9572b64e4424506a442bc95f1424da7f0288b2ddce32a7b9cd"
-                + "2cf5358b04dba85baab9139f5d3461ed62b335ce202396450ac163dce5d4dc5285d3a458"
-                + "bd615109ba569ebd03f9c3b77aa5ea33113d8802c994db68cc201aade5e713cef415eeb4"
-                + "4409d534e90a7f7ae6602d7d5411640d6bb86b6002d3c5aef6911e5f1bc9a268be4790f1"
-                + "9fcb44c36a5eb3df8a2660416381e6c422579d3b17bd7e6b0dde78b9e50c8dd97c760a64"
-                + "6e21decd60b84cef479d5eaef1a95dd2c82051a77b7758b63e0549d0f9f05b21acfa684e"
-                + "76d94f2132d7f3d14a0feb639b6756f3f44e33dee5c08413f1cf7a655ad28cf77113578d"
-                + "846eb3071bda1a46d5a5da44503e972d4c4a30107d586bc42f197080bc98dc286a6baf0b"
-                + "90169bea1c27fca5cba27f48ea2c88c0c5010bd37575f1927e7e41423c849f6beb420b40"
-                + "8421b231961afbe816d4cf184613c8607a343762ba7cb8918b81a437b9ba5607da28ca41"
-                + "5cb0946416832cf2773c60397c629780ec97d12dd387e33225996479ba51eb0420b37a91"
-                + "dbc01cc02ac39443a2f324bee1e242e40e5dbe21e630f5acee6f637631f07add8f5e0808"
-                + "79067e862f23a07eef9fc995295657e31557e8f83b1542ee598ac37c7db0b4c4ff9072f8"
-                + "cca1a250f1a5bb59445e2d7539b598fe73517c0ed0814a19db909f4cbb31f14420c7b830"
-                + "784aa5411af0c0e44d577f40f1db3ca0b107385d7da7f1f59d5adb6afc6c284e7e2a64dd"
-                + "e3ccb4332f89417e91fe2c8d734147310e697d3432047c9028194a3cbc00c4e9f2fa230e"
-                + "e11e74bbbfb26854bb26bb8a82e362ad4f6184ff77657eae62401eec537d0f4c01a66b23"
-                + "f0a4d7d96d46ca904cf4a4d4df15e5160f7905fc367f72ced01f1bb918b392376b0682b9"
-                + "d6c4feedeeb675cb3328abff32659632d2258b7a984ab8bc870a39b6da66af28bed791e2"
-                + "85bcf7f964857487d20781e7e5663b71972a5e79faea12f557bcbde684f10bbe49265cbb"
-                + "38a7ca60c2f62a2f0311cb9625f873e43e06f1019d0eabbc3821296b7f322457b1c05e22"
-                + "83b76b0d4cd21f9c9c5ef963c3b16a37a3149310d5186bfbd951343a47b0bcc6163ae387"
-                + "51f7ff5a4c97a3d372c2d953753821c2a048e203bac4a108db3efcd6bd176654b0e3b124"
-                + "871be273d03acb80f076f80868becfbebfa3fe1dca553f11995500ae6b6ca68ee57bc1d9"
-                + "b8490a5f1bbf602b1a2b6ef0e6cc2d7eef7da6039ca9ae8c5d102f840630ba4309335c3a"
-                + "5194bbfe4592a2d03d4cff422cd59cc98f59e839c0e119fe7776ec0341ba89817f708105"
-                + "d398de01b41bfa2c185c2001de672d8f9c83410df28d79dd6a4244e5e902acd5d7818a01"
-                + "986c3689be07c82d33c207bed1b94f8aa2f5c5039a8066ef158e4b6bd66065fcae02997f"
-                + "9b44175f8cde408c2053d71fa4a02f68e2b7ce49c66f25f1b06c5f700df036615b34b7a8"
-                + "9280b388531f3d942dfc0cc6cd13db48f07195b5336fd4fbbfc09167e5e911990c763ed2"
-                + "48b2a6e029fb55fe62911ce2b25c775858cb1d77c953d306569c36a8218eef73f6245180"
-                + "172ca23e05958b038cf4ca7e58ababef4f5804ac7d4f71bba810b5a9224781c142777281"
-                + "df1330159a77f685ce17bfcace901b7a18a45413ce7250097a5b09b54b7013dd0f5d6527"
-                + "0ada384eaabcf10117b15fa2534d2068d48bf793d6e312493bb54642262b396532466e2f"
-                + "d80597efe641cdf3fcd5426e2b79e3b744d7c9b03a9296bee0492d7c7cb80ed7d45f5e7a"
-                + "bf9a05e9f68e552ae98a41a5bc726d3793d0f36238eea0c807d0009dee53d30e37830b66"
-                + "9657ee848532ed18d5df9f90e3ed668dae422b79bd60b88a3e2ea05dfab475b16218983c"
-                + "7f4a97262e6ff753f1a27c7cb36accf10d2099223624ac199fd42d2b838853b2601cd8a9"
-                + "3380982e233fd34dbdd6f169592fd29bdbc388beb736bd3e0ab85600aaf7c16775df634d"
-                + "a22fcd9cf94e175c4dcd0486119a6b98cd364eed478609a575084bce3db89cc39878f241"
-                + "70d1684f388f5fdfc4f57aa7a2d6a00a41d27ef8feb5c03a5b8e0b24e690ab6794715cec"
-                + "771cf31c07a4f27c5bb2a57ec294fbf30928424b4dc5126011ee41a5b978c89f7577d717"
-                + "cad1e7651a87e775c0439c90a5edb75914baa818efcd1d718e3af6d502fdfb7ca3786582"
-                + "480105f9acb14cfb6467f84344cf7598c0809d0e6f84565f8fe2f2ea1992adfac576f614"
-                + "86cd3408c9b855e5d6782baa895ae4c358e03af41bdca3e566894fbede74972bef286673"
-                + "913d19c79978d8d3aa7d5727cf06100b87e8d0e7f3bf921f45868bb3bb65e2a213dd8ff1"
-                + "cc731758ed8768969ce2ead4535af777e01457923ab3c503de662e8f46cf01f26396ec02"
-                + "285ca196f2d2e173e62173c418c5c6bab4ac991f56eba8aa112bd08a97b926db2bb03964"
-                + "1113cc1db9a8dcc43d3fafec37f03cfd60d0315f556d240366c5f6a5da092e7dd51b1b69"
-                + "f14a94de058d05d2b6245cc3b6455895598459a50a17cac5507a91ba3173aaf65ae8ab34"
-                + "3b2cd0cae32f775015937cf90bc8ea768d35fedd4703216e12c2088c6427b5b2e7d1fd61"
-                + "2df88a8d5b55f51c054c083c701848d4364d02ff0c906c566c995f1b244265f3e2e55a6c"
-                + "b3e6ddc35e928f11556b14cf2bce9da84d2b9913ed15a6b05775270d23f52d4ce480091f"
-                + "63d42a169fee253087e60621fc2f1af3a89834bab301ef40cc8a4d62233dab31660341f5"
-                + "8410e21463605ca59116c57cdabfc15c2ef37687b3edc6d17b1e6fb4ff9ac07234bcd5c0"
-                + "199bb9a189c5f2e52703206a4d3b4d1e3ee9a4fc30768179e64280e37b616bd0544dd67b"
-                + "98b349d859b20ac230206c03c042e16fd34a29667c3fe174bfe2c9c2e7f0fcf7b323ccad"
-                + "aa563d50f98972bf07c2f5d65841afa898c38048287f21fd27154ee4ffbc4b1068321af2"
-                + "6af8dafdfde73a18ac4f69a114b521d541b41d25a9c0fe60b32e84519582e90fb4250cd7"
-                + "fd01b9798484e91759eecbeb409844b5cf3483297af2b7e175ebdfb7989d13619df83135"
-                + "1b8169777011e83989fc319b4adcd1fc9c7cb9843934ea166d318df5aba90234c8e0e1bf"
-                + "60f9df24b9aa0387fd0cdc40c0874d72702bba1dcf74fff4f95e321ad43255afc0e43638"
-                + "cc286baf822b9beb0a379148c2960704914d75b4ee30d6a715d28fda1a1499d5c99d7790"
-                + "03792496e78fec2028de27ba83a7610f9da89fcd13fff235e3cbdad71067b0bf4bae3b45"
-                + "6971ec92e4f288ee2f42d11c23c61075f8c34a51246030867f94dea95170db78f96079f8"
-                + "57c176e5ea1386cb97368f13d6dd6caabe907e47ac1d6f128a9b8448c4fca4719fba6c1a"
-                + "3b1700cdd79c697bf8ab7ebf427087ca98a5aaf66995d994be6012a54deaead8c50a0c81"
-                + "3dab15fed0d505d484961d2d5ee66aea45edf6a1d4d43f768d1eca94ee6a84a089cf5448"
-                + "0184afe6d7030a057fe6d6d5baa64debc0da934fc6f3b76d60b7887b484b652c7364fedb"
-                + "d09a9856ee28f26d0b1d6c8120db5e28c0ea5c3018a89528ba3e9253e01c6413559fd95d"
-                + "fdfca4f5e38e764662a8ef882f620f8936c848e7070b02b871c3e0aa89def96ecddc4021"
-                + "e2432097460f5ad3dfbb6d63b6919356401a4d61972449d88c19e9de15dad6b4e5ca8064"
-                + "709b36377fee9a366f3e401ff4085c8980e345a6c0b90f3f349429e67e7aaa649470b409"
-                + "b1fba7bc85f1703e5cc875547de495cd11b99768dcf15fce0d5093d2a6809b08960c41bc"
-                + "c7e4d3ed02662edec79d6166fe957bd54f71fdf8db6fd3bbbef0b5ba37ba98d5aeebad2d"
-                + "184e95bddbdf842b84140b10c8e9acf2ecdd89766fe0387681cefbfa576edc7622e1639e"
-                + "be8f762569ba3704edc26dc704a5c01d03f128e8785470ed6516b5dcef55b82da77ee0b0"
-                + "c08dcf9edca28fa04702041960d874c994b62c8eadbb3cbd6267b9fc568ec06d4f79cdcd"
-                + "496c4df22fe3a9bc0df149f39d83c8690e7d8d0af6362778393cacf32710e43657df466a"
-                + "6a37e0032b7aec14a96ec109b68b85763f402b1d69a8f54b700515983bf3a964eb002a5a"
-                + "88050c4965cce9574ef402a05b529fa1aec5a92bfe688036df8316515f5ed7bcacd14d38"
-                + "a2484940b34996b6c0a103ca0bb041a80e19d38741c2b39db1c188a9bf47916231d43f52"
-                + "46de6340ebc8bee8d7d9e73f1f80aee0a7a7137b191fa91ba00d876470fdf38bb93125ad"
-                + "7fb033dbab4e5aba83cc55202c63639e5d2efde3a63db4789082d9cafdb283ef1c224551"
-                + "2af3a48742ad6b20a01ad330c2615aa9b4c52adc28c0edbd3f16dbb235aad854e0ba4dac"
-                + "350d6ca1797218d37a24dd4b91fa46f28eb69b943be42e08363055ab7cb36b04d5a27192"
-                + "e3da65441f820dc54a8f35b7fb38842b1af99b74347df3170cf463a77ca430790a66ea72"
-                + "62c462e85d8c3079d951b75dadf5f24c471078bdf4d50461ff8e1ebebea1539bec4f97e0"
-                + "4d579558868d95029221d5ea68546d99a41b371372090b2877a8b62d171d25bf8e38b0a9"
-                + "a089fac89496294a8542198d67836112a242f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "17e9855cb60d93bb2d02481af386e18eda208da07a6d54dbc916d1e3adef6a0774b5147a"
-                + "2c4c33b244babd82ffbd7b427e5dba03b2f03d37cbc67a77fb098e29afb7093ee22c3524"
-                + "c2d9102e86c25cb10969f4242d8e2892749f0f2d1187a689db7e21462253fc4295dec37d"
-                + "bb5a5ef7990f6f133e76a8f8310dc53a2a19da091765dcf87b8f66fd203309360ab016cf"
-                + "5ea6cf73565502ab2353311a9d6f27c1b46b6d232aee48756c44fc161e78a33b253f10c9"
-                + "d5b7d93ba81b6658f4b08e6823c4639273bfa5052047bc34cea1c83f4f5843d05ff0f60a"
-                + "7293117d2efba1f4f5d1c1f0ed21c57b39024f8b53d31c58bd8facd0e781660000e1acd3"
-                + "60966a1f021c9b4399a4e81f5ddb877f76949275be657444dded8a2108c65783631f9ea7"
-                + "699de7a8a45c2eb8f0a578afe09eaca68c14dd287fd82eed58805e7e5ad848442055c4ac"
-                + "57f775790b7ff28dbfe44006fb9f76a13f928f02c0d72062baa4b0a85c1eef7c3e794343"
-                + "ff8a3733226004bea8614444ca071b097229d2f394ea7815b80b1c21553096c6e6ac0914"
-                + "ec22be15021ccc730959c8a350cca9e0ad2076017102f1c06cb5651ec5c18d5ee6bc6287"
-                + "28004dbb8479529bd317382fd2e60b98328c945e3a500b7c6f979cc64089d839a163be6e"
-                + "03b235670d66ad4f77adcf6f5f542280a21b357fecbe4f63e9875893fc9e3f6694a73d1e"
-                + "3a2a14c8ce8e3259fffa8593aab69f8d72c10ca43f7406634f7e2f14ad4be425aedba884"
-                + "b8347cde4d16421e65392d0c634556a31d0c374757141a759287ccbeecd1a7300e9933d9"
-                + "8a8cce53d28a511df7d1b9436f7f1698e44e46a36d41500ea04428c634cfc45eb5c8320b"
-                + "6f465bb309ce57cb2202e5fa3e7e96985e1e8e92091a9c80862660e4c992f4d2ec3525c9"
-                + "9cb167c2de4aa94ccab3903f394c944f34356e551c5f99bda18687536859fce93d2b6934"
-                + "5b43f550c4f41192c81720e8173af23913e1807657e8bdef97847c4f1376663f41c2caac"
-                + "249c10bf58fe9f64018b0aff45c36f1e9a88fce2f7dc53721b4e009cfebd60cc75f438f3"
-                + "2785a032059f23804c3990a5ecf48aad9eba74fbeea0c8764af325ef39d6c2d6c5aa2b16"
-                + "d8b3d1b5a34a379d14e7c6d4d292f6eb8db6daf8e3a54e2b94b2b74596f0c9cd605be31d"
-                + "2c2f48ae41e4b63a149a46d1f6246c99f80c8663a52e07547c9915433139ea009d5c04c9"
-                + "76f039fd77c006cca0b3d52f4cc5a5fa0d135ec5d503c474ccbd248871cbf32c83dbba1f"
-                + "28a2f6ffd97e4409cc471094b2d17e0ba0bc11e3d023c055695a881dcc35be0e9297688c"
-                + "dd232a56377757992582c94b0037afee28cb74022f92b197fba4a39864b767649ac2a59c"
-                + "1c3ceb1e7397cc977d7e4324c497814dc2361bf5448f4fa97ddd345bd162e6f19036140e"
-                + "158846d32d4d764a3248d59b11a8fcf833ab9eb73bf41b0f14d2f48189951d343192e5f7"
-                + "975ec2283270fa63c47e2bb2e20599d7b2fbca5e6c8145e9570cdc3fec9f1745124c34c1"
-                + "ab679c048e4a5d690b14ba4d5df6329ecd9d68351fb80fb6bec68725012818c7dbcdb81d"
-                + "a42a6df3f2370d23c781313cb6f3c13d6e2044211c6ca9aab77ae19b0c3f3a045b325c0d"
-                + "55e374992f19b508cc25d84341accb92c5eb07a49809483219b16f6020de242bd0e11ee6"
-                + "062d2e7873d56035d65f8a745aa94f70a76f779c379b4d3aa07a70f00cb89d15634b88fb"
-                + "7bdd4809f55f24277cd33ccac1d41b2b850700b71a0bb460e73e84d42e51f513d94e9320"
-                + "050b5e6ff308ab7ccbbc6758c8d4282c17963b67326c513a753de6e14b2778dee8538fdd"
-                + "6806a7abefcc7d85473444b46fa263201c27b84ae995eeea5ec0bc3d2e259a770cdd0f53"
-                + "fb1f5e5118f5de94b04fe96d3b22fb5debd36e5a398a0a630203be681f6f3ffaea4b86ea"
-                + "54b4c34578d4e3156863387936a9d7dfd5fdee46dee058fb9ae38e3d9e3c855846ed5a1d"
-                + "94e46e719c9ff53b21619c16ded399df4e08413d3c5cfa9973aea539b54878f9f23dfdd9"
-                + "e86c531d9e5355256730649d20464ed112b9bd553c2b89fb81d12e622edb5a09097ca740"
-                + "2f19a713202ec57a28bd56cead573b1033c415f5fdbcec3bbcf09e59fb4fcbdab6143dd2"
-                + "0dbea544aaa92c1420fb90c106751fc049def24fded46d55c8262d8cd70737fd50e0fe0e"
-                + "3605015d53545b17164d6854eb9c402517c9b1eedf213f898c9f0a8bc644bea4e6f05b21"
-                + "0cc7f0668968ece6e831e5d7c01fd5ed88e127c146538c42249ea0266960eb011b4d444b"
-                + "f114b654ceeb2fb5bc38a2c033741f0b2779c9e56d6e2715cc7fa639139dc065cf2e9bce"
-                + "c1eecf01b5a9650a6a6833f3c23503c6518d151de857400c69382b2c3d4b2fed81ebf0d7"
-                + "2a71ac7e14105bd5aef4f612c1a23be4471e7623bcebeecb3291426582e59b3dc027ce49"
-                + "ec976e1bda4e2f33528ea2a1a6b960d14478262b15e736af16d92b2f2b4cb4e8c9d2865f"
-                + "33f29fddf4d5f6a4b91ac1022cf502c062523146f9fcb9c17410b45a59e7dbeb911cd22c"
-                + "742504ce7fdd3cfa6e6c7b243b9fa9117ab459ce5b1f829954e9a25dfbdf9daf3e6d57e0"
-                + "216e13b3ec68c87e31ed1a4316567e6a8c445bb8df2766b14a428f3206c2194eeabe9d4e"
-                + "f53305901f4cd344da483876e21fad770df3e86736e264837286a958b15c78caa7812152"
-                + "a59e5ec6512a51aed06d3678d90a040e738710410aeee82d54b8681ac4ec6d0431fe3ae4"
-                + "221a634cff6c0c32a50a1e6e80b2d0fc95573e84ffa136a36f1e362254200ccc23471cf9"
-                + "ac5748edb87b3269e15471d03da47eaef41051a7fe3c3b13daa81c05e12dfa53f699b2b5"
-                + "c07c6654d7f24768fd86e5ac62356df93b621cc0981c4f5d3125c704391be0077934134f"
-                + "8288afcbdec8ee2c17bf3d3fd231262ffec37c4bf3e95f85b4cc924bba067a6470cf7f13"
-                + "d6c5605cfd4fc92136af2c464fc5bdc81209d732d95ac4dc0a43391ff885b7b2837433b6"
-                + "1cf819c11de8d1c09f28effe0c2352dd0d1da8fe2df05c54c0150917d6a86d2e37790381"
-                + "33f233ae3a4f3cd8504751c1f4e5b47a27b3a80371aac2386785819e5d9d46511d2c94cc"
-                + "54ccc05d3ec86d98c8ce8139fe672d8f9c83410df28d79dd6a4244e5e902acd5d7818a01"
-                + "986c3689be07c82d33c207bed1b94f8aa2f5c5039a8066ef158e4b6bd66065fcae02997f"
-                + "9b44175f8cde408c2053d71fa4a02f68e2b7ce49c66f25f1b06c5f700df036615b34b7a8"
-                + "9280b388531f3d942dfc0cc6cd13db48f07195b5336fd4fbbfc09167e5e911990c763ed2"
-                + "48b2a6e029fb55fe62911ce2b25c775858cb1d77c953d306569c36a8218eef73f6245180"
-                + "172ca23e05958b038cf4ca7e58ababef4f5804ac7d4f71bba810b5a9224781c142777281"
-                + "df1330159a77f685ce17bfcace901b7a18a45413ce7250097a5b09b54b7013dd0f5d6527"
-                + "0ada384eaabcf10117b15fa2534d2068d48bf793d6e312493bb54642262b396532466e2f"
-                + "d80597efe641cdf3fcd5426e2b79e3b744d7c9b03a9296bee0492d7c7cb80ed7d45f5e7a"
-                + "bf9a05e9f68e552ae98a41a5bc726d3793d0f36238eea0c807d0009dee53d30e37830b66"
-                + "9657ee848532ed18d5df9f90e3ed668dae422b79bd60b88a3e2ea05dfab475b16218983c"
-                + "7f4a97262e6ff753f1a27c7cb36accf10d2099223624ac199fd42d2b838853b2601cd8a9"
-                + "3380982e233fd34dbdd6f169592fd29bdbc388beb736bd3e0ab85600aaf7c16775df634d"
-                + "a22fcd9cf94e175c4dcd0486119a6b98cd364eed478609a575084bce3db89cc39878f241"
-                + "70d1684f388f5fdfc4f57aa7a2d6a00a41d27ef8feb5c03a5b8e0b24e690ab6794715cec"
-                + "771cf31c07a4f27c5bb2a57ec294fbf30928424b4dc5126011ee41a5b978c89f7577d717"
-                + "cad1e7651a87e775c0439c90a5edb75914baa818efcd1d718e3af6d502fdfb7ca3786582"
-                + "480105f9acb14cfb6467f84344cf7598c0809d0e6f84565f8fe2f2ea1992adfac576f614"
-                + "86cd3408c9b855e5d6782baa895ae4c358e03af41bdca3e566894fbede74972bef286673"
-                + "913d19c79978d8d3aa7d5727cf06100b87e8d0e7f3bf921f45868bb3bb65e2a213dd8ff1"
-                + "cc731758ed8768969ce2ead4535af777e01457923ab3c503de662e8f46cf01f26396ec02"
-                + "285ca196f2d2e173e62173c418c5c6bab4ac991f56eba8aa112bd08a97b926db2bb03964"
-                + "1113cc1db9a8dcc43d3fafec37f03cfd60d0315f556d240366c5f6a5da092e7dd51b1b69"
-                + "f14a94de058d05d2b6245cc3b6455895598459a50a17cac5507a91ba3173aaf65ae8ab34"
-                + "3b2cd0cae32f775015937cf90bc8ea768d35fedd4703216e12c2088c6427b5b2e7d1fd61"
-                + "2df88a8d5b55f51c054c083c701848d4364d02ff0c906c566c995f1b244265f3e2e55a6c"
-                + "b3e6ddc35e928f11556b14cf2bce9da84d2b9913ed15a6b05775270d23f52d4ce480091f"
-                + "63d42a169fee253087e60621fc2f1af3a89834bab301ef40cc8a4d62233dab31660341f5"
-                + "8410e21463605ca59116c57cdabfc15c2ef37687b3edc6d17b1e6fb4ff9ac07234bcd5c0"
-                + "199bb9a189c5f2e52703206a4d3b4d1e3ee9a4fc30768179e64280e37b616bd0544dd67b"
-                + "98b349d859b20ac230206c03c042e16fd34a29667c3fe174bfe2c9c2e7f0fcf7b323ccad"
-                + "aa563d50f98972bf07c2f5d65841afa898c38048287f21fd27154ee4ffbc4b1068321af2"
-                + "6af8dafdfde73a18ac4f69a114b521d541b41d25a9c0fe60b32e84519582e90fb4250cd7"
-                + "fd01b9798484e91759eecbeb409844b5cf3483297af2b7e175ebdfb7989d13619df83135"
-                + "1b8169777011e83989fc319b4adcd1fc9c7cb9843934ea166d318df5aba90234c8e0e1bf"
-                + "60f9df24b9aa0387fd0cdc40c0874d72702bba1dcf74fff4f95e321ad43255afc0e43638"
-                + "cc286baf822b9beb0a379148c2960704914d75b4ee30d6a715d28fda1a1499d5c99d7790"
-                + "03792496e78fec2028de27ba83a7610f9da89fcd13fff235e3cbdad71067b0bf4bae3b45"
-                + "6971ec92e4f288ee2f42d11c23c61075f8c34a51246030867f94dea95170db78f96079f8"
-                + "57c176e5ea1386cb97368f13d6dd6caabe907e47ac1d6f128a9b8448c4fca4719fba6c1a"
-                + "3b1700cdd79c697bf8ab7ebf427087ca98a5aaf66995d994be6012a54deaead8c50a0c81"
-                + "3dab15fed0d505d484961d2d5ee66aea45edf6a1d4d43f768d1eca94ee6a84a089cf5448"
-                + "0184afe6d7030a057fe6d6d5baa64debc0da934fc6f3b76d60b7887b484b652c7364fedb"
-                + "d09a9856ee28f26d0b1d6c8120db5e28c0ea5c3018a89528ba3e9253e01c6413559fd95d"
-                + "fdfca4f5e38e764662a8ef882f620f8936c848e7070b02b871c3e0aa89def96ecddc4021"
-                + "e2432097460f5ad3dfbb6d63b6919356401a4d61972449d88c19e9de15dad6b4e5ca8064"
-                + "709b36377fee9a366f3e401ff4085c8980e345a6c0b90f3f349429e67e7aaa649470b409"
-                + "b1fba7bc85f1703e5cc875547de495cd11b99768dcf15fce0d5093d2a6809b08960c41bc"
-                + "c7e4d3ed02662edec79d6166fe957bd54f71fdf8db6fd3bbbef0b5ba37ba98d5aeebad2d"
-                + "184e95bddbdf842b84140b10c8e9acf2ecdd89766fe0387681cefbfa576edc7622e1639e"
-                + "be8f762569ba3704edc26dc704a5c01d03f128e8785470ed6516b5dcef55b82da77ee0b0"
-                + "c08dcf9edca28fa04702041960d874c994b62c8eadbb3cbd6267b9fc568ec06d4f79cdcd"
-                + "496c4df22fe3a9bc0df149f39d83c8690e7d8d0af6362778393cacf32710e43657df466a"
-                + "6a37e0032b7aec14a96ec109b68b85763f402b1d69a8f54b700515983bf3a964eb002a5a"
-                + "88050c4965cce9574ef402a05b529fa1aec5a92bfe688036df8316515f5ed7bcacd14d38"
-                + "a2484940b34996b6c0a103ca0bb041a80e19d38741c2b39db1c188a9bf47916231d43f52"
-                + "46de6340ebc8bee8d7d9e73f1f80aee0a7a7137b191fa91ba00d876470fdf38bb93125ad"
-                + "7fb033dbab4e5aba83cc55202c63639e5d2efde3a63db4789082d9cafdb283ef1c224551"
-                + "2af3a48742ad6b20a01ad330c2615aa9b4c52adc28c0edbd3f16dbb235aad854e0ba4dac"
-                + "350d6ca1797218d37a24dd4b91fa46f28eb69b943be42e08363055ab7cb36b04d5a27192"
-                + "e3da65441f820dc54a8f35b7fb38842b1af99b74347df3170cf463a77ca430790a66ea72"
-                + "62c462e85d8c3079d951b75dadf5f24c471078bdf4d50461ff8e1ebebea1539bec4f97e0"
-                + "4d579558868d95029221d5ea68546d99a41b371372090b2877a8b62d171d25bf8e38b0a9"
-                + "a089fac89496294a8542198d67836112a242f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "1801c8a57f1d1ded9d0b09250625293a2b0077a3b657e0d05a2f2334bc7f5c1bf2c5bad8"
-                + "20e92b262ecc22563d59767592e4e57ae62a939f8bdb1e6470cfffe7020b927c6678decc"
-                + "ce203186f411321861288fb7c6c511b245669a379c97a57ea9a481b7bc8086f80a4359ca"
-                + "427af425245afee5845530fa792ef34fb2323f098710acb0ed85a25ff101b5bd6ab3d05f"
-                + "28b979622d91ede3c616b79a67166e58037793369a03c20b1f0519567805089d14ae0379"
-                + "c91020bb68652bd798ecf63f72865c517629abc0764b5da3a4b97091804a355fa23f3313"
-                + "b84e0a9b46f1976e3d4a196e7b9db6ea0f09c16f483e17141942702d7d54f08e5624a3a0"
-                + "cb7801321f0de200f75ddf848554dadfc6f4145d943860762097a52a5e53c3c5b07b32a2"
-                + "1aa9363e2762c16c590284f83136e7d97a5787075bf4b427d8d02b4bb2b2ec08da17ca4e"
-                + "8ef862deb2fd3dd74d4f6c94bbc94340f8a100e0e8015dc2965e973a972c1bad8de8bbf8"
-                + "d3e3359afa2924ec71d00d84de2740336e73a50aa200e1fca4ee16af6d5ccd9c1812ea62"
-                + "874a93e33667cd8bbe9e4d1ccc70adfe02a4bae1d8f685666d8caba1a1c0f9bfd24aab46"
-                + "2bb52481e7b3c119d4f2b4432edaceda7865c42034bfbb926cd40d210bf83253d01e2b64"
-                + "54811579ec21c1d9b4204fbaa6405ae523d862763418b872c19715d835abfbecd2ee30c4"
-                + "a4f1b5aeb777f87b8e046906b21e242728e51f21f41801ad72ba44ac090f68fa86bc55e6"
-                + "e59a2ff7366ed8cf1ab79bbb4c5d7b95f06ad3858750b02b03e94abe302e32cb2e742488"
-                + "e72912f66fe8a2aaf6ea19ed4bf6d8d5d1e2353ca34224b1506aec88fcbf8816145f8c07"
-                + "a4577d299b4fda5c03b6a5fdf18b4d40d0d91f21f4141e1abd66e933d75a5734ba1c3ade"
-                + "a089d3d74561ff757aa1587cfba5ce7257602ec99713949e153dff27665c7dc6c8dd460f"
-                + "d9fc06b745ef32edced2e62da31ad2627544ea794d03e7bbafc6229ae50e2eb0012ff0b1"
-                + "fc19272985f23deecb0c9047fae214a290099539519e742409561408f3d45bcffe71b31c"
-                + "8eb16af21c5cc1f5eed8c682bea75c7eceb1d165aaa928485cac93e94036c488ff224aea"
-                + "7ae89ac52c56f0e20139a6daca48c937455ce342de3251c4fb599f965f5eff6b887a12c2"
-                + "df124f536a8d2ca8f1b0955467dc50d30d5d3f0163d1239e495670598e45a05a415bad2a"
-                + "4d879eea20a2bb9860be2ddd94811b2505957f5eb3b673964385241ae4f2b0df8a887580"
-                + "dc2b131066a559b9437fdd3802518a79309143da5393b534325c5f928823c1704d0dc54b"
-                + "a36ea5b6c7c6e8152bc250ad6493401ffc0501b0712cf2c4a96059ea7e0305acdf15eea0"
-                + "ca7c43a0c5074bbc14103519c59aff3590404525bae8ce552df78559354d60d36aa6315c"
-                + "ad27dcaa25ff673b2dd587e4a55dd78040b7dae6e24ca332ea30908abe9e943e0a9a0098"
-                + "e196f6b00e13c772db8a96a72ad0d64aefb66901890227d25291dd44a91123bde979a31e"
-                + "23e41334d6369ff0f82662ec93ea2728de895d82280ce13bf6c1293e36ca4d9efb455670"
-                + "57ce6f151f39d94c564a975193a2e09fbe7afedc7d1e387e8fb20a78e20b76840011cec2"
-                + "3c0d1b3bcd4c6dd99c3388187760d5448d26b8f4abe29afcf4eb84aa7bbcfce9e7034fe0"
-                + "3b16b201035d4a476093cefa4c636c24abddb1fecaf20666aec676df9a35fcc56346bb1b"
-                + "541837a38f2f6403b364e3f51d1080821614e705b2322dca06712703c8d1da1995ce66e1"
-                + "033d2bd06732950cceaf6acc885d0de8b4353a749905407da79b9ad1901c5e69f3aba9a8"
-                + "5d8c4dea4d0fac468e73037cc2c12205fe6671a3be8f33ad83896876509a7b918c969c31"
-                + "0f6b9fde22aeb86a4ad0eb8160f8cedcaf2d77857c84c9af63e7d539d0dc968582e45bc4"
-                + "c29252d1a33940dd73b0e64242d65e94b43c7a3075dadbd1b1986163a0dac36176bcebab"
-                + "2bd3c7fe279e885e22e3586af8009fd064b75d1c84e62fdfc7444a79c038f8d6788d187b"
-                + "c123d6df6ffeee5f6615f51c6c3a1817afe6b564fdf9820536ee3c922f98051739fd5e5a"
-                + "7c36dcafd4c948527e4bcdeea40ed157b05477890fbf505d5bc24d026fd01316ad7a6ee8"
-                + "1cd6e92db7d47fff83efa61e1684fc901dc57c5cc9a1e5be232db5e4fc72ba121ad43ba3"
-                + "79a14a4061ed7eaf68b564d79dc27ed40c027b0ce2186f548c0c081a00cff2835a0c22bf"
-                + "4b4246684cbea03d967dd6c928695c18d14243f7871a17350bd27e147f7114a27d2639b2"
-                + "f4eb1864104b180ffc2a7937441de99b90573462815861b672a8b9ee5441c246521c200a"
-                + "5a79767d9abbd9e4e736b0e29158c43e07012bfbdb4d07f6e77834408e44ad6eb1a6c9e8"
-                + "721153db53f58d46457cfa6c762d986eac10f725f53f7359b7c30d6a176d70ab370c837d"
-                + "1f1356e9a9861d0014df9a253ec61c781ea5d0bf252baa5c980d984502f3305be82f8a8d"
-                + "20e7496188e8243a0a3d8e07e276d4e3ebd4898b885e723920b9fca0596557079698af24"
-                + "4456f09aa365e72d9854c3082256bc8d6ecbeba1e215fe19e1cd02aee1a934cfcf88fe8c"
-                + "d9f237d6fb7f3cec60ceb15968fd88dc52b166e71431a0606aa7db40f555c6631f6b0101"
-                + "9c274a5e035817fc6a46002c0d1be9ef69a640241f5a5df1716fc331f9c5bef0b7ca0d90"
-                + "593cc94ecc27c526aa88565c436a44e28a981f100a5ed0dd32f78963c37f9e58b283de52"
-                + "48d980b62bf798f1fcbec1b18983cdb66fe532409a714ba683aaa24f824aaf9d39b839b4"
-                + "2e940dfa56ead4e8e814c256d12b695dc97050fe15804c425950d8b12e634369ecfac032"
-                + "b35f176155db6d8cc92cac661fe97280467da2ae8b8f0ca86bd62e31ec55dac2184a159c"
-                + "5062cc2856efa777a133428a7e93c4b2da399573b267e81e4014e1b7be77beae8a909fcd"
-                + "e9436a66acb8c3d0eaffb1d94396373fcc47c162fc7ddaf3e44c6840540b37f80128092a"
-                + "71dd68579d20fb19ca698417e6f36130a6061d89386098fd9543bd9af63b0c9a036a35b1"
-                + "5733894e99251e8a8260b6b15afda7da017571a6c396596b3676e62fc35d9d336dfb10de"
-                + "120b730f5e668ea7fa9ab309702f0030d0436282667f9f2b4fb849088b139e035728c3bb"
-                + "ba3e613731974cb83198d1c50173d66966ead89987cac392387220ca93481f0be699e2bf"
-                + "139c25fe3b25f1debb766a079c2703e91009895d5fe90df1a8e36d4f10dd486d713ad164"
-                + "9a3ebcbc5931b22b1aca257648731ed7a4efb0d0466b6629f9e76dd81d2c556ad9d41027"
-                + "8a54beace99aa5ee5979279bbfddde31d581cdea96278dff17937bc7432b3e85a14946f4"
-                + "f1882eb111796a6f30de022d40fd200af0d5745a05001a7bd6dc827c4adbfcfd2df3a9d3"
-                + "e88b41732e16729c693c1a0f9d481e2e50fbede3fdda21d695531246165354f89d0108d0"
-                + "88a78da4687725f80c77988371144c7229400a3a2ea5e67c071cb0b904cab486674bcc21"
-                + "a8ebd7e25601958d78de76f6db7624c8f9a88ae6e432f978ba90b9a956be2a600df5bd26"
-                + "a8771e564e2dec9af2ac3030180398cd88664633f2150d5d6d2a6010ae55d3b8d478fd3f"
-                + "4faf333cc1f5cf0c10dbd0eeb59340e2cf7586246e774448d1ec525f4ed06a7fc026dcc2"
-                + "c1fe29ef62c05c02dea8a778f244d27d85a7634ba95a609fb2591feedd7f3c9b48822f9a"
-                + "725a2ee20616174d36c0d831ae67e18d838a9ffb9ca9ca7a19683dd041e5bb425803df99"
-                + "dbe9ebe9baa082cf3d1c6a126cdf642e42ed0d70bd8aba5af4039a01c6ce9d11c2752194"
-                + "67845bac3602e5eb9e461bfd61044f566650c5622e352eb8c1c7ba0f55748a3b802c2e4e"
-                + "e7b349766942d4bacea1ffc1c1179295b2e5ed38b1d8784c8457eceea725728a168466b9"
-                + "980dd0f67742d67ac9945f332a901abb0a3b22fa12023554bda2896e530f87334a1a6369"
-                + "384f8c0b1371f420958b629fdc9a645e3f7c9068d4a1b542b003a894654ad0841138c230"
-                + "a8e9f9ea4525481441f2936290729ab969182768a570bb7ae9283ec9ef00190dd9063df4"
-                + "5d4e4748b6000d5587cd931a554b9322a7f03dedfe4c931eeeac64bfbffa650034b0fd8e"
-                + "1b0869312936f1a85a104ac2fc2b121a9778471c2dd75bf4ecb2115431bc930a4fbac930"
-                + "137c0a69ae963bd6e4f0a123208c3616a555bd3c00a5c3212523378ac572186d11cc283d"
-                + "e165c8da14e4b9f7691243041f004f8c64558d3087e89307dc222d154037ea14132b2a99"
-                + "ffffa664d7642277f99ac4d3ed3463324aa31f82e5f07a3e2825fc90117b6eca0cbb64b8"
-                + "f19c474860e01e0153c628cede2a5b9013ff55e5fce193453673ce1690e09b3a04df2fa4"
-                + "dff313c90ecce32165b578db16fff29d5a61dc9ab3b4bebcfd048189e06dac530e0c724d"
-                + "1e8b7814ab19ba2076f4a53c6d21c953e1d1b130e2112066fe7fd38972f3f2adc440bbdc"
-                + "d2ff6054c68d97d656e37cb211c48e3219235d192e7849b90b9ca803750c56b11fe0f12a"
-                + "696eb9d31526d006625782ba1c79ba26d54f1705cc3491e8a49d33288f0acb0afff1462f"
-                + "821fbd7830ded258e9cffd50764ea66178d0307e91817688d9368381cdede8d632a1fcc5"
-                + "713d039cc0034c701ec8f2ed8455201c24067fad2341bf48b022912617ddcc04af8ba427"
-                + "9d0d2a4f3578458a56ab697e1c3102f19a5baf90f1238801b1016efbb7d3c6e577a53911"
-                + "116ac306d65e5dbe82e0a217c8c4f5b7ef90d146d0c7078e13b51784a6ca9b02ece29a67"
-                + "6dc150127c1cabdf49168a9ad6a261e2af7293598e73decf9ad74e06258fc1deb06df697"
-                + "5fbd287851c9b1a79f80c77832ffe4e015bcb905b8a196ba8bc7e97b2f6f6711c25ec582"
-                + "cbe3d62aed3182fd25deb2f032b211738cf03c3c090468588221e8dcdc53d43c3eadd85a"
-                + "bebe565f43ae23a24e53826c620aeb71c6bbfa838dbdc4f6d17a9d15d43b65c56807c010"
-                + "01e734dc158b522d01ae541010229308a7069715b2c5c2d2739fcbd13794331e0afae203"
-                + "40514d4c1f8e3661a5491822e3013cf6c6656f262a7b2c4d85c3f508d73b3a1e7d9ffe96"
-                + "52a18b334b72e9ff5efee892e9754dec7ba2aa0539a1a333919a58ebb91daa89e2c6605d"
-                + "16a04bec8cec4868e4c6ed46631f2f33e3340c4436a259641b8faf7fea7c35c455aacbc3"
-                + "5f3bc3b8ea98e1e305c068479ff4a753a29ab12824a0ce914f789864fd92d9c4c6e81461"
-                + "1cee034ab78bc772ab1a289b94c2feb51c205dc1c9443fe5f53d99adb71970614670df9d"
-                + "807cdc99a01a13a7bbda52b73787b154ee3c389ee200aa7cb0a9f9478a02c127e5e75fc5"
-                + "18e3913ffa79e3a897a3772ccd096950c394e8a658c6725fa3e610cf2232fbcdb4f369eb"
-                + "b934ea53eab93f40c11e63ab51aba65c4386181dea6b09508f4747557ffc41579ef696dd"
-                + "bdf7a199bde2705d3d6ff13a67229862f2dc796da8ae0ec99ca0a310665d5a062f0fb910"
-                + "bab41d07229a339da8da6afed23bb93c8d9b88a3cbab6ad05e2295668355fc6aaa8caec4"
-                + "d880841651e440fd2b8c18e1acf6b953672e0f6f5f681192a14eb366acf4e36f9892841b"
-                + "65c4795c1daaad3a803bc71c059179e969a789879e0753575fb96fc1c4a6bc79e9d0bf3c"
-                + "50d51b844a7278bdd2a78d30d6899eca4002355833f80b09e9d307f752c6891b09ae906d"
-                + "561eb898cbbd912fb72bf86757a7c4333d2a0e3a26843ed43f65edd8138739bdb43e63d6"
-                + "fd5115185312c864aeee827234af3dfd7e1eef04a5c251a4017d77d1c976a8dd17ed2a22"
-                + "1c058b6b94f47c0fa0fa06aa764c9fd88d782889609a4b6b5f60658e4beb322bec08805b"
-                + "69c44eb8fae138f6e535e6517f1f510aec81793f04720271715a2f38ec751009fb9ebc85"
-                + "96cf49cb159b2bf3d33fdb61b88c1691ff0c6f2ec7d98f8776778bb094cc5271cd3960cd"
-                + "39163bf31c5aec1949491aa0c2d2ef2f12593db9b36cd2206616e9fd545a2ebe39998a4b"
-                + "2043afabc334c332f4a5407cb07bf467aaad82f077d969d2c2a052acb316a6c5fab0bc97"
-                + "a42f5f76165f52d1a2b312282e61d13aa84a44d4ba102346b01977b5190d938f533f31d3"
-                + "e60c00999bae61133683832494792296b2aa00be848317c69a7fc4bd7b2bd06e1bd821a5"
-                + "57b2c39c584d173c1136b1043bf2912b079b7f42ee71a8d70858e0368676c0637b70399f"
-                + "c827c1a08301ddc0f2e0ccafdb15a18034120c48b38472209d75124912f7b4355ec14bff"
-                + "14174f644d20d9715f82bdb36928e837191ef586f3090b2877a8b62d171d25bf8e38b0a9"
-                + "a089fac89496294a8542198d67836112a242f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "1906488a14d9b3e773cd340156d50e69aea8d1e56a889cd9a8196ffb0daf83226b1b50fc"
-                + "17e100982928a7bff45ded1e73d891929bb6d57150ba61c575f2dc6b97f88a1d681aa8bc"
-                + "75416a9be5d1e478f6c8268172110c1dae6c6821f4bc3b36e93e60496430113054b9d55f"
-                + "804640296b412d1651948b7e9229ab6114e8fd72b95619646dfaa893cb81993ea95911ed"
-                + "ffb1d340b725f993e044debcaca3897700c72cf633b4f4ab891df6ce001e699bc077f348"
-                + "1d4a9d0887bddc533a383c93578c77c050bb4ba0137f2b20de8515730414cc79dbb5e528"
-                + "b5cef3adc1c71960e2997cb22b8172d906778e17e1df502c25a439b193e136e926132154"
-                + "fc9256feecdc84a0bbe507ae1afcca1e36461d0bf285deaea9b3b51fa8ab43d64a6f959c"
-                + "2364c2c411ba6347cb57bec581234ccfb23d87d3aea815ed33950b8c057302d22eec37c6"
-                + "652fa5b590edf8274bf84414bb84543ca06ca72a1ee62c7b53d27a5de9bb0112d9f67b50"
-                + "f566b5314da5721f93d534aac23d6363703940e66b1966a3c9855c167a82d06f42bff6c3"
-                + "64dada10218f313e8b63c5d4ec6884c4b3efcc30fe9bf94887610c5f89ad2f5c4c04109f"
-                + "db53e04f47d6abbf5d5d41ad2e48d8eb6e225201aa5216b5acb5dcda178d18f0dffb43ca"
-                + "a5f2cfba3352932a092b4897cb9026f19f8e2c7c902c08fbc6a9d7d857441708781f0764"
-                + "20a1fb606c517d65fbfc29de2c1d6f935afe6c1ae6ca1e299a2a5eabcf1dad2361f715ff"
-                + "6571ed59ef25c8ee31c31ddd8293e034eac7d51d954034c852228b87d9b371b196c27847"
-                + "0cc686e452b73a82a3cdf049c2e14bd006e5ca7cc075e1ed5627b65053a83db1496cd921"
-                + "f95b8dbb3ea5623508e1a4d8d4d63c6fa5283b4c5e6ed3c5e838ade06eacfe623e00b5e0"
-                + "b6a9cff5e56fbaa92c221a5888830fea13f323787f6ac6148dd9be520bddb2f1584d02b1"
-                + "1b0385a4e011d27c46a5aa236c0bf37901cde0437b8859ea39d902f540eac55b1e3eb04d"
-                + "398ecfdbfb1be2683f7b13e760c526637f33719686f4435a5876851cd656d39f26a9dd66"
-                + "a11530ed9591fe5d9cba3e5a32607d591795b20c30495c3c97bf67e6b0d3b7a37a4ec880"
-                + "9a231685ba999d4786bb8f5c00910ec601b04aacb87c9a7e8a49e2b14e684cfcec971ef8"
-                + "a90636ed01622e5a43908d4c0f43d3b9e2166fb99fbcde24a42adb7c46792b43101ab564"
-                + "85dfff106bdf8c71d9926ebd5c353d321649eb7f16c46e5d5c87ad9b729e1abe4cd587a7"
-                + "6bac24a21e2df697f94b3714e5fe3ba7db4ea57b59c3cdd994e939f3e7130f85cce9b4b1"
-                + "a86f32f0fd5800567a797ff9a35f395fadf51c0687a5096c04b3e3930b7493a6e916e6ca"
-                + "ef5f38cf28d7ff1fdd97f237771f06d24aec61c168e08023a57b1c3f5914cd37920f7246"
-                + "713387391ea6f522e222bdefd71938902e5ed70403966a3af7254b5333298881d7fae9ab"
-                + "abbd043b8a4e2404859f1806e0f876f4c907d749b232b8b537de2465cc9bcea607c0cc91"
-                + "2b3d331a6f8a0a6d384218bb82bb5ff8b5c7f754a6d90acb4f2981a5f8676b6fbba58398"
-                + "a30e49b8d49accaa6f1051744a23d9947d74b8a401d9b42dd41e688ee000ada73c10fd7f"
-                + "6228056e2a5e9c98c1ba264ed0b6b10359eb8f4dd9acc3214ad9cc3a9aeae4085d3f97b1"
-                + "829a902be22a9ae7dbfd8347220b34b1d1b4625a3eb5af1d6cbd690682788fe71bfba34c"
-                + "9af34ed4df7f9952c05ae29e6febf0f463e142e344aaec2bf039879d3a036440a4840d8f"
-                + "3420dc04294bc64abbc33c7b4832da145f24d9036798db73cb99070f51c8d414e377d9c0"
-                + "59060f32beb25694756154568fafe52f32a92735b3553daf4c6ec45e9f212d1c0f50beb3"
-                + "8a12cb9c643101c1232febc9a82f30ee657bfe0563c817fa995342a3428173113ea350ea"
-                + "121d2bf0757f24c8035b38f5abecddb67260b24a1e124353c69eb02d900363c137e82a86"
-                + "9ba34abcdfb5af1c3d8f6158170f238082423f72513ed672d78831470aa681626615d0ae"
-                + "6dbc91180b674e000308277fc0cc7ee964e9ee24ddae6d57043298765da895d1644e425a"
-                + "a100bf88e19e3bdff4204ce5e15e11d24a8b4f53a36b41e6865ee97b9035e0f60bb80781"
-                + "98e1aafeffab03a99b826e89be0a08b22dfafe1dfb58f2a8ee24d0d709558a2e1cff8887"
-                + "b5a3382493658aadf7ccb2a09143bc320670836e083f6c4d5bf4c8841de216639e02c23c"
-                + "c2031af9f34145369384484feb23ba731808a48f3661bea0257cfb8031cf1533b8421ce4"
-                + "e829084d34bf56a8cefdc3b68e850cb9a175b61778c1af6f71af59b3a08cf5ae16b1f94e"
-                + "bb630f5f320f28ad44a46b19605ea776b1c85819c716e51d4907bd24b4598f9a4090e322"
-                + "bdf36302b008325f34fa3aa1645ed13cbcc69907413fbe6459b1faea31e08fbe88102cc3"
-                + "b1ecc24d8401e53bfe7e4687a18cdb5170977f86e84e4249558f0a1cc6095d1e273c086c"
-                + "bbae6526fd81b303f00aad9b5d1fd25b772231a613d08f020640ae675b189cc203e1afd6"
-                + "71b1c024841f24c9c78a78c3a2635b8289cfb7f46500bec7921220c128b14231ac0fa8af"
-                + "2f1a8df3d0ecc407a43e48b5aaf5dd823befa8b94b4d9a57ae60f587c541d2fe403a60f0"
-                + "843262e367952a576f2a7d3401353e8be0c3e3709115d4c92938a52524d5334457b2a817"
-                + "5f157a4d48429e9edc613956151331f20a504c448c0a6d6dcdca8ce9a36bb159a27f1d44"
-                + "459bf22e3ba24ce83b616c6829a5d9699779a27b5c63a38a8b4cf5111b54c04fcf3c94a9"
-                + "7acdce93ea5e0e60b89de0c1a053ad3bece4995554a41a04cdc198addea346fceab70926"
-                + "57954890d70c1ae74662b749fb9316cdc00989253e3f6fd2a0fc5fdb89177b3de8635cee"
-                + "f13a2cf985c7ce2bbc2a737ca426bdd24533b9fca54274928c312ac7997349778a685acd"
-                + "672b0ef09270b693bb00fb4f41578380d43540834cf990bbe7894aecc94870b0ed659eb3"
-                + "05438dbe1f954ac4556e3c07c09dec930891b2fed95599c76be50c9ce888e90395cb74e1"
-                + "a99e94bc42842d153e0c677ec5a4213ef1cb7bf48452d347dfbb6c60a28d0f34a475c247"
-                + "80ed4ee656ba8ac4c3947667c12f0030d0436282667f9f2b4fb849088b139e035728c3bb"
-                + "ba3e613731974cb83198d1c50173d66966ead89987cac392387220ca93481f0be699e2bf"
-                + "139c25fe3b25f1debb766a079c2703e91009895d5fe90df1a8e36d4f10dd486d713ad164"
-                + "9a3ebcbc5931b22b1aca257648731ed7a4efb0d0466b6629f9e76dd81d2c556ad9d41027"
-                + "8a54beace99aa5ee5979279bbfddde31d581cdea96278dff17937bc7432b3e85a14946f4"
-                + "f1882eb111796a6f30de022d40fd200af0d5745a05001a7bd6dc827c4adbfcfd2df3a9d3"
-                + "e88b41732e16729c693c1a0f9d481e2e50fbede3fdda21d695531246165354f89d0108d0"
-                + "88a78da4687725f80c77988371144c7229400a3a2ea5e67c071cb0b904cab486674bcc21"
-                + "a8ebd7e25601958d78de76f6db7624c8f9a88ae6e432f978ba90b9a956be2a600df5bd26"
-                + "a8771e564e2dec9af2ac3030180398cd88664633f2150d5d6d2a6010ae55d3b8d478fd3f"
-                + "4faf333cc1f5cf0c10dbd0eeb59340e2cf7586246e774448d1ec525f4ed06a7fc026dcc2"
-                + "c1fe29ef62c05c02dea8a778f244d27d85a7634ba95a609fb2591feedd7f3c9b48822f9a"
-                + "725a2ee20616174d36c0d831ae67e18d838a9ffb9ca9ca7a19683dd041e5bb425803df99"
-                + "dbe9ebe9baa082cf3d1c6a126cdf642e42ed0d70bd8aba5af4039a01c6ce9d11c2752194"
-                + "67845bac3602e5eb9e461bfd61044f566650c5622e352eb8c1c7ba0f55748a3b802c2e4e"
-                + "e7b349766942d4bacea1ffc1c1179295b2e5ed38b1d8784c8457eceea725728a168466b9"
-                + "980dd0f67742d67ac9945f332a901abb0a3b22fa12023554bda2896e530f87334a1a6369"
-                + "384f8c0b1371f420958b629fdc9a645e3f7c9068d4a1b542b003a894654ad0841138c230"
-                + "a8e9f9ea4525481441f2936290729ab969182768a570bb7ae9283ec9ef00190dd9063df4"
-                + "5d4e4748b6000d5587cd931a554b9322a7f03dedfe4c931eeeac64bfbffa650034b0fd8e"
-                + "1b0869312936f1a85a104ac2fc2b121a9778471c2dd75bf4ecb2115431bc930a4fbac930"
-                + "137c0a69ae963bd6e4f0a123208c3616a555bd3c00a5c3212523378ac572186d11cc283d"
-                + "e165c8da14e4b9f7691243041f004f8c64558d3087e89307dc222d154037ea14132b2a99"
-                + "ffffa664d7642277f99ac4d3ed3463324aa31f82e5f07a3e2825fc90117b6eca0cbb64b8"
-                + "f19c474860e01e0153c628cede2a5b9013ff55e5fce193453673ce1690e09b3a04df2fa4"
-                + "dff313c90ecce32165b578db16fff29d5a61dc9ab3b4bebcfd048189e06dac530e0c724d"
-                + "1e8b7814ab19ba2076f4a53c6d21c953e1d1b130e2112066fe7fd38972f3f2adc440bbdc"
-                + "d2ff6054c68d97d656e37cb211c48e3219235d192e7849b90b9ca803750c56b11fe0f12a"
-                + "696eb9d31526d006625782ba1c79ba26d54f1705cc3491e8a49d33288f0acb0afff1462f"
-                + "821fbd7830ded258e9cffd50764ea66178d0307e91817688d9368381cdede8d632a1fcc5"
-                + "713d039cc0034c701ec8f2ed8455201c24067fad2341bf48b022912617ddcc04af8ba427"
-                + "9d0d2a4f3578458a56ab697e1c3102f19a5baf90f1238801b1016efbb7d3c6e577a53911"
-                + "116ac306d65e5dbe82e0a217c8c4f5b7ef90d146d0c7078e13b51784a6ca9b02ece29a67"
-                + "6dc150127c1cabdf49168a9ad6a261e2af7293598e73decf9ad74e06258fc1deb06df697"
-                + "5fbd287851c9b1a79f80c77832ffe4e015bcb905b8a196ba8bc7e97b2f6f6711c25ec582"
-                + "cbe3d62aed3182fd25deb2f032b211738cf03c3c090468588221e8dcdc53d43c3eadd85a"
-                + "bebe565f43ae23a24e53826c620aeb71c6bbfa838dbdc4f6d17a9d15d43b65c56807c010"
-                + "01e734dc158b522d01ae541010229308a7069715b2c5c2d2739fcbd13794331e0afae203"
-                + "40514d4c1f8e3661a5491822e3013cf6c6656f262a7b2c4d85c3f508d73b3a1e7d9ffe96"
-                + "52a18b334b72e9ff5efee892e9754dec7ba2aa0539a1a333919a58ebb91daa89e2c6605d"
-                + "16a04bec8cec4868e4c6ed46631f2f33e3340c4436a259641b8faf7fea7c35c455aacbc3"
-                + "5f3bc3b8ea98e1e305c068479ff4a753a29ab12824a0ce914f789864fd92d9c4c6e81461"
-                + "1cee034ab78bc772ab1a289b94c2feb51c205dc1c9443fe5f53d99adb71970614670df9d"
-                + "807cdc99a01a13a7bbda52b73787b154ee3c389ee200aa7cb0a9f9478a02c127e5e75fc5"
-                + "18e3913ffa79e3a897a3772ccd096950c394e8a658c6725fa3e610cf2232fbcdb4f369eb"
-                + "b934ea53eab93f40c11e63ab51aba65c4386181dea6b09508f4747557ffc41579ef696dd"
-                + "bdf7a199bde2705d3d6ff13a67229862f2dc796da8ae0ec99ca0a310665d5a062f0fb910"
-                + "bab41d07229a339da8da6afed23bb93c8d9b88a3cbab6ad05e2295668355fc6aaa8caec4"
-                + "d880841651e440fd2b8c18e1acf6b953672e0f6f5f681192a14eb366acf4e36f9892841b"
-                + "65c4795c1daaad3a803bc71c059179e969a789879e0753575fb96fc1c4a6bc79e9d0bf3c"
-                + "50d51b844a7278bdd2a78d30d6899eca4002355833f80b09e9d307f752c6891b09ae906d"
-                + "561eb898cbbd912fb72bf86757a7c4333d2a0e3a26843ed43f65edd8138739bdb43e63d6"
-                + "fd5115185312c864aeee827234af3dfd7e1eef04a5c251a4017d77d1c976a8dd17ed2a22"
-                + "1c058b6b94f47c0fa0fa06aa764c9fd88d782889609a4b6b5f60658e4beb322bec08805b"
-                + "69c44eb8fae138f6e535e6517f1f510aec81793f04720271715a2f38ec751009fb9ebc85"
-                + "96cf49cb159b2bf3d33fdb61b88c1691ff0c6f2ec7d98f8776778bb094cc5271cd3960cd"
-                + "39163bf31c5aec1949491aa0c2d2ef2f12593db9b36cd2206616e9fd545a2ebe39998a4b"
-                + "2043afabc334c332f4a5407cb07bf467aaad82f077d969d2c2a052acb316a6c5fab0bc97"
-                + "a42f5f76165f52d1a2b312282e61d13aa84a44d4ba102346b01977b5190d938f533f31d3"
-                + "e60c00999bae61133683832494792296b2aa00be848317c69a7fc4bd7b2bd06e1bd821a5"
-                + "57b2c39c584d173c1136b1043bf2912b079b7f42ee71a8d70858e0368676c0637b70399f"
-                + "c827c1a08301ddc0f2e0ccafdb15a18034120c48b38472209d75124912f7b4355ec14bff"
-                + "14174f644d20d9715f82bdb36928e837191ef586f3090b2877a8b62d171d25bf8e38b0a9"
-                + "a089fac89496294a8542198d67836112a242f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "1a4e0d31122fec26b4016b4cfafa9f87adf5c9174611955bca177562dfb72522266ed362"
-                + "136570864a62c3110b99b8c90b88dbc1358c6a04f33fa55bf7bffbf0cc4970ff2fc02e98"
-                + "cb7e38cf8b761f8375e82ae5ca838717f203229c716615fb3cdec7afa9d4c215524d55b6"
-                + "6cc0f34852055b40a7d0709d9723bbf0bacc329d6553a3647c44f9d5201408c9fb7f6cb3"
-                + "804ac0b52330fdc5a62d6a5f73ed3b1edfd2281d6786060200412905fa788dbd7d668254"
-                + "18d407857b237a58dc4d34a7e29feb7063452fbf7d575e67e6c75bba19a704d300bbce99"
-                + "f1e0f4c672082adc9ebfd8fc994bca9585811a1d5e8b9c83727fd7efecf4c643436d2932"
-                + "4db9e29802e061a10dfe9b622d34944c3a16d55b3b06ca73d32499e5b426c5da9da6ab5b"
-                + "359c16801f7554fbd0f964ec405cd0be2c147d21d6ef3e440d549c57af282b2e187d5c36"
-                + "19bcb1f01c8e87f6d46ccadaa159bc8074e33dd1c4467febc6ca84de82b2dea3cec684ba"
-                + "a0e86b5713103f483ab0e493e95bcd8304c64894ac865a6706a7c389f0e62762a0c90b01"
-                + "21c610bf8dd96d7549cc65a4fa925397c22bfd747f3153677c76c5d44c85caa1ef98ee86"
-                + "22201c6c931392d54367176e82c230c172c1b5c0bada8155a4edcc370a89bb672036a849"
-                + "d6074dde5be747007dd2bfd1a02f9ed00c58fa66d437b2ac651cbcb23d6692cd0c0afa0c"
-                + "fb2e7837ee5fdb2ef1a7e6e16cde5d78bb1c40208bb2297d555bcc6e0dfb90084a76473d"
-                + "07b15ad3689ab0a13cf4d56f36cdc39749e1ee297e4cae1ba93aa3a8e08f00733614cf85"
-                + "900a4541bccb4c2d9fabaf565f70e803dd9b9119e834b908eb254b37a1a5181499a4c2ce"
-                + "2455ddce3fe8e306158ed9d5f6094a5d418c406b1bb7b06d50fd6c8c91a799ff146381db"
-                + "72d5f240c9e7c26da94b015b331b8a0a039082b46cb9adc30c1fe0ebe3935b7ff9b0c0d4"
-                + "739ed39137ee55db1784e1e3c30bde911b8ef76d5961fc93e9bc948a9024b5775344ebea"
-                + "d346469611df9b4771bf8d4602d36c8a32b01195f79b9d2ead9598bc8ebf35b35627aab6"
-                + "1f8c547820a56b1e80150570a7f43b9c4530b1dda5267f40073316e63456f60176c0ab27"
-                + "96ccf608303dd2fd772bf4821c4827eaa99db49ae6e567dcd56aef1fa5c0a63be2f8385e"
-                + "deba27a96466cc7def2125529fbb53fb23cc78b6c021d9c3ae3e32816b6377b4c5a72285"
-                + "911e550212aad03cc8b5427692a9a6a536373a91d689a9318446a5aa58857327145f1d5c"
-                + "00d7e8eb8685dd077e4377860183293051bfd5495b50451a2fba1487d2ba4a74b8f74e2a"
-                + "aedd698278c161afb39f611840cf32587218121cb49e68d42cc278065e3acef23f7b93fe"
-                + "bc0ffa43a6388218f7e142f46e60eda1d67e7f5bddfe68ff9ca39cc6b773cdeeece61690"
-                + "b04b2d7a13996d94f5cbbaecd8d914b3e9bf63f72430d8b8a226ac2e8ca5eb388d33c15a"
-                + "bdad62dba3ff4fbc1cfff5f9a51b2db482c95142a4dc58a14dd1d77c2a24c9f60e3a7213"
-                + "71580be29ce7e4816d9d8caeb72bb865a330b6a3b35022789eb399b1a4e14800dbc20b56"
-                + "542f9c268d45d4b32077520f4082a0a49e74ea51105d77ba95c530c1678c259b331b87d9"
-                + "20b04771e5fd0e145f8ae9f7b9c245080d7a8f58678c7c0ba273ead2751ed4d5e3d53b79"
-                + "dceea6d18fc25d8aa71fef9c6d620a58f73fc641cb75244d6431055a90da70d1c9b914c4"
-                + "d213a058c03c7801ff0a937269c32c728cc74344461893029ddea3d32ba7787d5e4fc530"
-                + "f2d261c69b0d881893040f18f2e64dd4c7ed810bd90f0291030e9ba618985ab5e392061b"
-                + "fce8060fc9698056c266cf0c93bd82f69989b2a273cd7ad40ee31d344007df6888bcf87f"
-                + "966f04b50bb6a32c6b521b216398aa7dbebe49937b07ddf3902e55e3ec50227e034c1621"
-                + "a166d8e166a210eac960bac04eee19e7de8cfac7aa1758ba39aa746a0e9ff139bdad4955"
-                + "51e389e2b4849122875c19e430f9b29d13962298d8fd9cab42338fa458266ce00d2da579"
-                + "e87130479cd523ae729216f62285ddf34674b48fac75a7ace14c057c3ff8fe644080a4b9"
-                + "2f75707535e9978d61d01ae043021f4b096d7b8517a62c05485467eb5152b4fcb23d67e8"
-                + "070c7387da5012ce20e90eb4a8ffadbbd3443ec7cf68be83042fb0be1e5bfa3d7b7185f4"
-                + "73074557a1e2e65a6c747a52bd2c8066cdbc9a3fa6c8167e42af40fffff2ba86715c8cfc"
-                + "96edcfd4397186d8ba1677674ddf22e65565615cb490f29bdf94a224c42e68795ca70d24"
-                + "9b1dddb69ad90c6425154eba691b75d7c93f0b5f36226bbf58a75a7d5eff2e2cf978a4cc"
-                + "3e8fdd2f7c2160c2aaf3b6334130793c8f5924a9fae96c15e68880adea2dc6b99688d61e"
-                + "8d73fc7fe41ad795ff8c82d0248fb22c04da38fe4f57d31c4bf7f112d30827c1f8e1449a"
-                + "af77e03e0e2f265f72dd3f43ef47a91f6fd54244c103b00fce084d0a5836ef8cd89d581b"
-                + "1515d81df1fbad0fbc03e3f140733c17818c66b0f17215858cf1d272853799b936761c34"
-                + "75b98bf5de6351d839bdc23c502d98376c20a3a368a4bd4719157b16552fd175e9dbf075"
-                + "2801a4fc4566e6f798dd3a0644c64b54bc299fbec16952b25ffffcd0925d1d8fa30d84db"
-                + "0e4ea1bf4d1fecf705b23ccf8441f5eb043c79b544186b237e8cebbbb62199347570be74"
-                + "5cba8cd885b803343e3f68c37b3ccf80671bf36fd21f6ebca33a91b9699f3f4e9c98c470"
-                + "579c52e4e2711c8f958d998997d6382687a04304257b049b26950ab6211f0210ab1b4ae8"
-                + "26bb174060d1c4285eaf5f2478f0ea1a2fe2f2a533c8ce346a8d1eba50ea9e8d607af430"
-                + "70bdcd297f4c6aa9b221cbb0c64c594b658759e80c95a502acb4a9a77122397d4b38e1b7"
-                + "abc29690f7e849cc7218b5728ace2c45a0a553c837b0e02c99a71b145cf777d70f9cd958"
-                + "ffac019beb737f653a5947ad23f0a5ced6114558ff99d531af775324573445f772d2051a"
-                + "6969085f2469938c7a7d80b68d2e3365d61f423767c207e96a90fcfb8538d4b9cdb1fe07"
-                + "55a3d0dc112bb47777345ddf800b9b45c71e842ac7ed1525144747ca737fd05256c39c2a"
-                + "349d6f6e45c0feca1cea47d9c51aee2513e2dd53597593a7cb7483192177d7854778d249"
-                + "b181ecd72cfccc0ddd98d1c50173d66966ead89987cac392387220ca93481f0be699e2bf"
-                + "139c25fe3b25f1debb766a079c2703e91009895d5fe90df1a8e36d4f10dd486d713ad164"
-                + "9a3ebcbc5931b22b1aca257648731ed7a4efb0d0466b6629f9e76dd81d2c556ad9d41027"
-                + "8a54beace99aa5ee5979279bbfddde31d581cdea96278dff17937bc7432b3e85a14946f4"
-                + "f1882eb111796a6f30de022d40fd200af0d5745a05001a7bd6dc827c4adbfcfd2df3a9d3"
-                + "e88b41732e16729c693c1a0f9d481e2e50fbede3fdda21d695531246165354f89d0108d0"
-                + "88a78da4687725f80c77988371144c7229400a3a2ea5e67c071cb0b904cab486674bcc21"
-                + "a8ebd7e25601958d78de76f6db7624c8f9a88ae6e432f978ba90b9a956be2a600df5bd26"
-                + "a8771e564e2dec9af2ac3030180398cd88664633f2150d5d6d2a6010ae55d3b8d478fd3f"
-                + "4faf333cc1f5cf0c10dbd0eeb59340e2cf7586246e774448d1ec525f4ed06a7fc026dcc2"
-                + "c1fe29ef62c05c02dea8a778f244d27d85a7634ba95a609fb2591feedd7f3c9b48822f9a"
-                + "725a2ee20616174d36c0d831ae67e18d838a9ffb9ca9ca7a19683dd041e5bb425803df99"
-                + "dbe9ebe9baa082cf3d1c6a126cdf642e42ed0d70bd8aba5af4039a01c6ce9d11c2752194"
-                + "67845bac3602e5eb9e461bfd61044f566650c5622e352eb8c1c7ba0f55748a3b802c2e4e"
-                + "e7b349766942d4bacea1ffc1c1179295b2e5ed38b1d8784c8457eceea725728a168466b9"
-                + "980dd0f67742d67ac9945f332a901abb0a3b22fa12023554bda2896e530f87334a1a6369"
-                + "384f8c0b1371f420958b629fdc9a645e3f7c9068d4a1b542b003a894654ad0841138c230"
-                + "a8e9f9ea4525481441f2936290729ab969182768a570bb7ae9283ec9ef00190dd9063df4"
-                + "5d4e4748b6000d5587cd931a554b9322a7f03dedfe4c931eeeac64bfbffa650034b0fd8e"
-                + "1b0869312936f1a85a104ac2fc2b121a9778471c2dd75bf4ecb2115431bc930a4fbac930"
-                + "137c0a69ae963bd6e4f0a123208c3616a555bd3c00a5c3212523378ac572186d11cc283d"
-                + "e165c8da14e4b9f7691243041f004f8c64558d3087e89307dc222d154037ea14132b2a99"
-                + "ffffa664d7642277f99ac4d3ed3463324aa31f82e5f07a3e2825fc90117b6eca0cbb64b8"
-                + "f19c474860e01e0153c628cede2a5b9013ff55e5fce193453673ce1690e09b3a04df2fa4"
-                + "dff313c90ecce32165b578db16fff29d5a61dc9ab3b4bebcfd048189e06dac530e0c724d"
-                + "1e8b7814ab19ba2076f4a53c6d21c953e1d1b130e2112066fe7fd38972f3f2adc440bbdc"
-                + "d2ff6054c68d97d656e37cb211c48e3219235d192e7849b90b9ca803750c56b11fe0f12a"
-                + "696eb9d31526d006625782ba1c79ba26d54f1705cc3491e8a49d33288f0acb0afff1462f"
-                + "821fbd7830ded258e9cffd50764ea66178d0307e91817688d9368381cdede8d632a1fcc5"
-                + "713d039cc0034c701ec8f2ed8455201c24067fad2341bf48b022912617ddcc04af8ba427"
-                + "9d0d2a4f3578458a56ab697e1c3102f19a5baf90f1238801b1016efbb7d3c6e577a53911"
-                + "116ac306d65e5dbe82e0a217c8c4f5b7ef90d146d0c7078e13b51784a6ca9b02ece29a67"
-                + "6dc150127c1cabdf49168a9ad6a261e2af7293598e73decf9ad74e06258fc1deb06df697"
-                + "5fbd287851c9b1a79f80c77832ffe4e015bcb905b8a196ba8bc7e97b2f6f6711c25ec582"
-                + "cbe3d62aed3182fd25deb2f032b211738cf03c3c090468588221e8dcdc53d43c3eadd85a"
-                + "bebe565f43ae23a24e53826c620aeb71c6bbfa838dbdc4f6d17a9d15d43b65c56807c010"
-                + "01e734dc158b522d01ae541010229308a7069715b2c5c2d2739fcbd13794331e0afae203"
-                + "40514d4c1f8e3661a5491822e3013cf6c6656f262a7b2c4d85c3f508d73b3a1e7d9ffe96"
-                + "52a18b334b72e9ff5efee892e9754dec7ba2aa0539a1a333919a58ebb91daa89e2c6605d"
-                + "16a04bec8cec4868e4c6ed46631f2f33e3340c4436a259641b8faf7fea7c35c455aacbc3"
-                + "5f3bc3b8ea98e1e305c068479ff4a753a29ab12824a0ce914f789864fd92d9c4c6e81461"
-                + "1cee034ab78bc772ab1a289b94c2feb51c205dc1c9443fe5f53d99adb71970614670df9d"
-                + "807cdc99a01a13a7bbda52b73787b154ee3c389ee200aa7cb0a9f9478a02c127e5e75fc5"
-                + "18e3913ffa79e3a897a3772ccd096950c394e8a658c6725fa3e610cf2232fbcdb4f369eb"
-                + "b934ea53eab93f40c11e63ab51aba65c4386181dea6b09508f4747557ffc41579ef696dd"
-                + "bdf7a199bde2705d3d6ff13a67229862f2dc796da8ae0ec99ca0a310665d5a062f0fb910"
-                + "bab41d07229a339da8da6afed23bb93c8d9b88a3cbab6ad05e2295668355fc6aaa8caec4"
-                + "d880841651e440fd2b8c18e1acf6b953672e0f6f5f681192a14eb366acf4e36f9892841b"
-                + "65c4795c1daaad3a803bc71c059179e969a789879e0753575fb96fc1c4a6bc79e9d0bf3c"
-                + "50d51b844a7278bdd2a78d30d6899eca4002355833f80b09e9d307f752c6891b09ae906d"
-                + "561eb898cbbd912fb72bf86757a7c4333d2a0e3a26843ed43f65edd8138739bdb43e63d6"
-                + "fd5115185312c864aeee827234af3dfd7e1eef04a5c251a4017d77d1c976a8dd17ed2a22"
-                + "1c058b6b94f47c0fa0fa06aa764c9fd88d782889609a4b6b5f60658e4beb322bec08805b"
-                + "69c44eb8fae138f6e535e6517f1f510aec81793f04720271715a2f38ec751009fb9ebc85"
-                + "96cf49cb159b2bf3d33fdb61b88c1691ff0c6f2ec7d98f8776778bb094cc5271cd3960cd"
-                + "39163bf31c5aec1949491aa0c2d2ef2f12593db9b36cd2206616e9fd545a2ebe39998a4b"
-                + "2043afabc334c332f4a5407cb07bf467aaad82f077d969d2c2a052acb316a6c5fab0bc97"
-                + "a42f5f76165f52d1a2b312282e61d13aa84a44d4ba102346b01977b5190d938f533f31d3"
-                + "e60c00999bae61133683832494792296b2aa00be848317c69a7fc4bd7b2bd06e1bd821a5"
-                + "57b2c39c584d173c1136b1043bf2912b079b7f42ee71a8d70858e0368676c0637b70399f"
-                + "c827c1a08301ddc0f2e0ccafdb15a18034120c48b38472209d75124912f7b4355ec14bff"
-                + "14174f644d20d9715f82bdb36928e837191ef586f3090b2877a8b62d171d25bf8e38b0a9"
-                + "a089fac89496294a8542198d67836112a242f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "1b2b918b4171d73759c65d75782955f2ba009c93fbaa8c12fcb81915c88946dc173c8d3d"
-                + "c60471c74346d547a4178f3386e4623167a672a1486e9876af87cf5d1b6e3c411807afec"
-                + "a3e7b0984c1bc41573b41c374afa07825a322aadbd66ce4a87dd29d8f9d6a7e16fd1a219"
-                + "f1df78f29665622e726f3fb37f8697a31b22722d97179730c371eb6d0a241ca407f3d505"
-                + "739902afbe5499d881fce748d0108ae5b6f19cb4199c54b2a980d6cdbb61faa61b797284"
-                + "610d1b8e06e326e3113873eb9b4313b696ee8d68154269c2e2fc51b3e3717d2bd4b91547"
-                + "2ace0cfe9a390f3f4db0a33967efe3221c63bab18399694ad8e2117b6472be24559eeaf7"
-                + "fe7ace99a7c51fb626f0dcf3191997c39040bec3050c9157b2dfc9cb187340bf12abb565"
-                + "00a84021a15998cee09e52c2ddacee04c82f7565cec229fc945c0590e5a534828da5542f"
-                + "f110177118071bd7fbd8f7dbae28210cb9be39da41a9f26c8e04c65e984ea5fc737ddc9c"
-                + "f638cf68f32a532177fa1e0d1738a3c9c1e275c824657259805759cbb2773018f546e67c"
-                + "136e7911bbdc7917e721c75fcf5e79d26ae31b3e12c952b3fae35d61e95757c4389ce547"
-                + "6fb04df9ae796d7963fc97e63aca9131c87bd7c58765c72e564519919161293061c2aa58"
-                + "90b1a2e43dc24ea5847f8a12b2fcff052dc33dab4df119ff7e08d22dc9c1c15d2795091d"
-                + "14b69a8e9c078c4dbe167a1c98ebffac10cff51bb7b74b59ffe216d925bfab8f0e7f8283"
-                + "7689d25d09acfdaa2388c9002e58c96d32c569f3b97e12c9da43ef2661183caf6d8baab3"
-                + "adac1c15387e481f5ea7c8d93bb8c09a70d662cb1aed7f2012bffa891748719b64f71883"
-                + "614ee80603db3e4b44d91971bb24ca7da8b808e3857143cc0e594ea2166aebf934994625"
-                + "bc3abf28b033769b02b2d1dff3be3654173d69f16a8774aaf71cc175bd33b53dd3d89984"
-                + "280297e32c4f8d5b68dac624eb8bca8d686bcb372b7459a2829a3d4953aa30abcaf27a57"
-                + "e752edaef88e7b684211eb49d2c024ccc2ed0604096f41e924a3e2767bf0d9c50b4eb8b0"
-                + "590a9dd312c54a362ac2584215fa7cd7b5a57aba251ebcf5e96eb328b368db9c90dc169a"
-                + "69649a9bd76e9b3bf717bc6a9b14778ab7be64ddbc696b8c78029c3fcff2971bbfbefb1d"
-                + "c850b14d29dbe563ef00337cee0fb49fb5ccbf90fc7b44f5ccd1f6c5701002a1c8904ef0"
-                + "e4d16fa0a67c73775856c2c8151ad16c123c1b8f293bd57d369ba47002b02c51438f6e22"
-                + "7870c45a73ddbecc0e77b10a5c3074a260226bbfd388ab2098a5d6434a54e9a284898272"
-                + "ef57347959bb208cef4146a6102bb3ebb6f1d7f65e6c2a7225731d13fcc3d712a7949633"
-                + "1bf0954db6aa47ef73e96819552ee743cf48bbddafab47536a2efca6aecdd14a9cc78079"
-                + "2daf6b9d642d8ca6e94bffee8a22ec57356954bc6dd7c79db3ee0fd1918d1746a5f63896"
-                + "760821a1f28697fbdefebc5aec52df53a080f7befa05fdc91a4d0ed245e7d88104f4f9b5"
-                + "fd27578249f1b1ff3bd065a420834e9288ec22eebbb606bb8c17e81866855a0a802bfc78"
-                + "61cddbb82aa895e4c0ea0fc5ced262d509db22e7844044b006bc0fa961127f58f157a8e4"
-                + "2e213c9d443423ff3ed2a7e185d89c2ee2c1272ec979fc5a681bb166a52471516a99d960"
-                + "f843fce245574bc837800e90e602c32c3d85eb12ec917d9760b1b9b0f82d356c7f7508b0"
-                + "8db62b42e4248ec0bd01191fd137908b763e76b6fed6de739e89731d2596db40929a4ac1"
-                + "0f36fbbac1f747077ceb61d6f02e7937e7d9fa1e5134394cee69641008fe2228493fbebd"
-                + "3b7b80d4867b5207a0a34d64daa6b7e1361285dc0394f6165f886db4c45c75ce04bf6c36"
-                + "66dd18c3b2af56d4f88aec604ec681ab08f0d6f67f1a46148735c165c34c8f64155ffb69"
-                + "5d030b4f4f25a403d8bb6c0b129679a719e35df213522910c1a285934b6a5701a17a0a3b"
-                + "35f828f1a5a7562108d5ef53005ab1d662a4fa4f3327a0c48509f6089732ec543e7ac8b8"
-                + "d782c9d59ca8b0f8d8eff8908b0f3dca1884e115ea799eb7aa4a95ad1c55d07350ceb411"
-                + "9ce578c217f5138b1d83500b7b102113c859410213f2bf10b28cbfe701d9ea3aacd25706"
-                + "6eaafdff54175bfc032dfbaba39e434f37a67108064f348d3d24c824ebcd77814ecbe608"
-                + "29d5843776a3e416442a9b7f17c46511d3951105c68315a44f753237d4a17cc63e0b4728"
-                + "9c08b5021ef09645aeb0904a9a680b6e689d27b13e70753cd6fb1db3f29d24fe60f30c26"
-                + "4c8c594b0af315d2a93dc6f6712a2e936e5de69d393fbf6225f272178fc9838c22fc6b68"
-                + "6e5282adecaac981b2f3aae4ab736179f27da92db0ea2034a08b55c7ccf5b14f34650177"
-                + "53908e2e768d1e9961a26377ab9683181251659f4bc8cb59cf5072adb581377579867d2e"
-                + "256f4fad201f57551d4f333129b7b01aa5f7dc29163f0b4871e0dfaf8908b63bb834c73f"
-                + "e6b458e6e46bde92b3c49a0543ec56ddac83ba7511e6b09f7c29307a2e9d7f2e5c9720a6"
-                + "3cbf7cc422213e7a9dc348d67b70ca6c31d87410f5b23005c22aaee9e4e887d474bb2fce"
-                + "c35792377eda3411246aefc49558b2861b49d3785cd596baf60ab5031371d0e546302604"
-                + "8a2371718527af7ff5ee855b9fb0799f970bdf13c8cbaff36b6898d7f536dbdfd30e2bdf"
-                + "ab680bfd5538b5bc758b9fc47a90ebff9275a01e9fa867c56cb3705b0d7cf56b0582992a"
-                + "45968847045b3f9efd6d69970b0c845eb134c0d4539fb717b36ca0f8164ce2d1a268b575"
-                + "2816052ee3a2c2585b7a3558ce41e5b251a81afcb148cf30a759e59a8cfac9f8752e2fe3"
-                + "2e7eb5a633629f2275d86d2d8a0bff6878df098a70de89957c0fbead36c1fac1bde02fc7"
-                + "7348efddcd75b48e22eba37f66d89642e2914a2594c3928f195629b3bf35a0bc95248d72"
-                + "89fec8a1625349b5fb9dbd2962e05dcef110c68ab5fefb0b0f969dbafdfa2675b6798b22"
-                + "cfcbebddd430ce95dbc278dcbbc264da0dd4ed042d2b08c41618a99e822905317f8822ab"
-                + "3492c6901907a225b13973e7336dc3c08ed13364742e3c49d378fde024816d4f2cf36f65"
-                + "50821d8f68fa8cf602a2ccaeef1aee2513e2dd53597593a7cb7483192177d7854778d249"
-                + "b181ecd72cfccc0ddd98d1c50173d66966ead89987cac392387220ca93481f0be699e2bf"
-                + "139c25fe3b25f1debb766a079c2703e91009895d5fe90df1a8e36d4f10dd486d713ad164"
-                + "9a3ebcbc5931b22b1aca257648731ed7a4efb0d0466b6629f9e76dd81d2c556ad9d41027"
-                + "8a54beace99aa5ee5979279bbfddde31d581cdea96278dff17937bc7432b3e85a14946f4"
-                + "f1882eb111796a6f30de022d40fd200af0d5745a05001a7bd6dc827c4adbfcfd2df3a9d3"
-                + "e88b41732e16729c693c1a0f9d481e2e50fbede3fdda21d695531246165354f89d0108d0"
-                + "88a78da4687725f80c77988371144c7229400a3a2ea5e67c071cb0b904cab486674bcc21"
-                + "a8ebd7e25601958d78de76f6db7624c8f9a88ae6e432f978ba90b9a956be2a600df5bd26"
-                + "a8771e564e2dec9af2ac3030180398cd88664633f2150d5d6d2a6010ae55d3b8d478fd3f"
-                + "4faf333cc1f5cf0c10dbd0eeb59340e2cf7586246e774448d1ec525f4ed06a7fc026dcc2"
-                + "c1fe29ef62c05c02dea8a778f244d27d85a7634ba95a609fb2591feedd7f3c9b48822f9a"
-                + "725a2ee20616174d36c0d831ae67e18d838a9ffb9ca9ca7a19683dd041e5bb425803df99"
-                + "dbe9ebe9baa082cf3d1c6a126cdf642e42ed0d70bd8aba5af4039a01c6ce9d11c2752194"
-                + "67845bac3602e5eb9e461bfd61044f566650c5622e352eb8c1c7ba0f55748a3b802c2e4e"
-                + "e7b349766942d4bacea1ffc1c1179295b2e5ed38b1d8784c8457eceea725728a168466b9"
-                + "980dd0f67742d67ac9945f332a901abb0a3b22fa12023554bda2896e530f87334a1a6369"
-                + "384f8c0b1371f420958b629fdc9a645e3f7c9068d4a1b542b003a894654ad0841138c230"
-                + "a8e9f9ea4525481441f2936290729ab969182768a570bb7ae9283ec9ef00190dd9063df4"
-                + "5d4e4748b6000d5587cd931a554b9322a7f03dedfe4c931eeeac64bfbffa650034b0fd8e"
-                + "1b0869312936f1a85a104ac2fc2b121a9778471c2dd75bf4ecb2115431bc930a4fbac930"
-                + "137c0a69ae963bd6e4f0a123208c3616a555bd3c00a5c3212523378ac572186d11cc283d"
-                + "e165c8da14e4b9f7691243041f004f8c64558d3087e89307dc222d154037ea14132b2a99"
-                + "ffffa664d7642277f99ac4d3ed3463324aa31f82e5f07a3e2825fc90117b6eca0cbb64b8"
-                + "f19c474860e01e0153c628cede2a5b9013ff55e5fce193453673ce1690e09b3a04df2fa4"
-                + "dff313c90ecce32165b578db16fff29d5a61dc9ab3b4bebcfd048189e06dac530e0c724d"
-                + "1e8b7814ab19ba2076f4a53c6d21c953e1d1b130e2112066fe7fd38972f3f2adc440bbdc"
-                + "d2ff6054c68d97d656e37cb211c48e3219235d192e7849b90b9ca803750c56b11fe0f12a"
-                + "696eb9d31526d006625782ba1c79ba26d54f1705cc3491e8a49d33288f0acb0afff1462f"
-                + "821fbd7830ded258e9cffd50764ea66178d0307e91817688d9368381cdede8d632a1fcc5"
-                + "713d039cc0034c701ec8f2ed8455201c24067fad2341bf48b022912617ddcc04af8ba427"
-                + "9d0d2a4f3578458a56ab697e1c3102f19a5baf90f1238801b1016efbb7d3c6e577a53911"
-                + "116ac306d65e5dbe82e0a217c8c4f5b7ef90d146d0c7078e13b51784a6ca9b02ece29a67"
-                + "6dc150127c1cabdf49168a9ad6a261e2af7293598e73decf9ad74e06258fc1deb06df697"
-                + "5fbd287851c9b1a79f80c77832ffe4e015bcb905b8a196ba8bc7e97b2f6f6711c25ec582"
-                + "cbe3d62aed3182fd25deb2f032b211738cf03c3c090468588221e8dcdc53d43c3eadd85a"
-                + "bebe565f43ae23a24e53826c620aeb71c6bbfa838dbdc4f6d17a9d15d43b65c56807c010"
-                + "01e734dc158b522d01ae541010229308a7069715b2c5c2d2739fcbd13794331e0afae203"
-                + "40514d4c1f8e3661a5491822e3013cf6c6656f262a7b2c4d85c3f508d73b3a1e7d9ffe96"
-                + "52a18b334b72e9ff5efee892e9754dec7ba2aa0539a1a333919a58ebb91daa89e2c6605d"
-                + "16a04bec8cec4868e4c6ed46631f2f33e3340c4436a259641b8faf7fea7c35c455aacbc3"
-                + "5f3bc3b8ea98e1e305c068479ff4a753a29ab12824a0ce914f789864fd92d9c4c6e81461"
-                + "1cee034ab78bc772ab1a289b94c2feb51c205dc1c9443fe5f53d99adb71970614670df9d"
-                + "807cdc99a01a13a7bbda52b73787b154ee3c389ee200aa7cb0a9f9478a02c127e5e75fc5"
-                + "18e3913ffa79e3a897a3772ccd096950c394e8a658c6725fa3e610cf2232fbcdb4f369eb"
-                + "b934ea53eab93f40c11e63ab51aba65c4386181dea6b09508f4747557ffc41579ef696dd"
-                + "bdf7a199bde2705d3d6ff13a67229862f2dc796da8ae0ec99ca0a310665d5a062f0fb910"
-                + "bab41d07229a339da8da6afed23bb93c8d9b88a3cbab6ad05e2295668355fc6aaa8caec4"
-                + "d880841651e440fd2b8c18e1acf6b953672e0f6f5f681192a14eb366acf4e36f9892841b"
-                + "65c4795c1daaad3a803bc71c059179e969a789879e0753575fb96fc1c4a6bc79e9d0bf3c"
-                + "50d51b844a7278bdd2a78d30d6899eca4002355833f80b09e9d307f752c6891b09ae906d"
-                + "561eb898cbbd912fb72bf86757a7c4333d2a0e3a26843ed43f65edd8138739bdb43e63d6"
-                + "fd5115185312c864aeee827234af3dfd7e1eef04a5c251a4017d77d1c976a8dd17ed2a22"
-                + "1c058b6b94f47c0fa0fa06aa764c9fd88d782889609a4b6b5f60658e4beb322bec08805b"
-                + "69c44eb8fae138f6e535e6517f1f510aec81793f04720271715a2f38ec751009fb9ebc85"
-                + "96cf49cb159b2bf3d33fdb61b88c1691ff0c6f2ec7d98f8776778bb094cc5271cd3960cd"
-                + "39163bf31c5aec1949491aa0c2d2ef2f12593db9b36cd2206616e9fd545a2ebe39998a4b"
-                + "2043afabc334c332f4a5407cb07bf467aaad82f077d969d2c2a052acb316a6c5fab0bc97"
-                + "a42f5f76165f52d1a2b312282e61d13aa84a44d4ba102346b01977b5190d938f533f31d3"
-                + "e60c00999bae61133683832494792296b2aa00be848317c69a7fc4bd7b2bd06e1bd821a5"
-                + "57b2c39c584d173c1136b1043bf2912b079b7f42ee71a8d70858e0368676c0637b70399f"
-                + "c827c1a08301ddc0f2e0ccafdb15a18034120c48b38472209d75124912f7b4355ec14bff"
-                + "14174f644d20d9715f82bdb36928e837191ef586f3090b2877a8b62d171d25bf8e38b0a9"
-                + "a089fac89496294a8542198d67836112a242f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "1c9688c985e26ded52ff556fa3b01a27a8fda7cc463d64b4f07a3fb90d83062439f40026"
-                + "51ce713e125ced8f7e16a1ea0519c20b64efb6d6cb83afbad1120ee226ef95bef242c1c0"
-                + "8a4280a708c583e8cbf7192912dd15fb93e64fab0467c5c6fc37ac9de1c69bcc5adcbfc1"
-                + "f178d9468a615535c321d21e4d9c9af61733c8f9536cb0003c507b42d497c58a6814bc08"
-                + "78b8a5bb3a7ba80b61d31ad8cb039b379d22fe7705b6de3ab750fb321ae7890ec95f021b"
-                + "d9338199cfd20de8f1498f8f9b3ef901cbaf582297721403d424837c7fb401d98ef4835e"
-                + "d5e936f8841b0f995acd973db8d991a5a987b642c6425df4161b1b2a401adb47987b76b5"
-                + "78dad70f5831d0d4331410b22ec32686a2dcace9115bef85e028b02fa1c15cf75868a21e"
-                + "0100b0e713a9a423ea92f59584bb140541be74742335861fb4f4bebbe503c6d8055c0fc3"
-                + "b3d6522e07ba137314e3faa8e100d8de68896761a89eb1b41cb2d2947c96d35d7bab3487"
-                + "6b1a74067b523218afdcfea9fc61b10d979ffcf25b001fce8c0918029b86521320a3ed17"
-                + "f5b6082c754ec6ead55712af81b160236d3c53c8174578309b298e3b6257b555497a7462"
-                + "632bff88bbd2bbe9019f807e883ac45ec0c33aaafbce7c7ca2f1c8f46577430406422477"
-                + "eb3c358a4a7c289428d08f5ca2cd7af9d007fba1ab06c958ca3a44fafd19c119d0f6e658"
-                + "3959b821e86e33f0bcbb3978672ed26341627e7af472c3abe6921ad36936ffaeb9fbaefd"
-                + "4a1bc0295e23dd9039ffc4fc142ba10811205cb84abad25273a7215ab590b5f050aee0b2"
-                + "7439e221ef847e881e99cb8e85407ac7e48d94b05b9ab62be64fc8c513578d88570a2c60"
-                + "efcd258e563ad654a818584d5ebc3d803b514175479d0db8c29cd97def4a97a6863c010a"
-                + "5c63a174da196a256d7cf87a34334091086213c5e9d6e1736820c10367b1c0d921f252ec"
-                + "47c0ed5901c0de1a39970e7a558d616d51db4e27f9c04e4508db3c57df03dd7dc2977c68"
-                + "cdfa84dfc6f617ffe56fa35a50c3b584606a89d084ff06cf6c5c83ee81a891ad5c3a1d5e"
-                + "fd2b46687ef253f941160a57a509a50b57ec8b3c1af2fc7fe5494f61cd3b06436dcada34"
-                + "5be059d3d906053b9e2380a0dd837f62f5955bc2d7341b5d65b0de40cfed159c74140d18"
-                + "10e88cb4bd51c0e9451f02349cf90da67a0a0a4e71b989ca9552a3d608f798c0abb40847"
-                + "792c9ab05c4479a1e61242124174b5b22b3a96c6967aec9126860505884854ed1878901e"
-                + "77f16603794a5d04ee7371623640e9ba85b281f3988582174183e57b6a7ee6c18e29fe3b"
-                + "41f31e12ecbd5ab3280ffbce4a9b7958f9968843d5b7062a52a373ba3ec4e4cab684034d"
-                + "4dabfc99c985ea059c7f3120dac79b927b0c87b9c0aa66459f138d5a667a721681dcfcf5"
-                + "3e7cb3583009cc17b6ec3955a68377e6794ccb2cd9773b265a8e2e46f8a198387085ad8a"
-                + "5a2643191e79bc9d4aff8377829ad58bfaf627b559752e08edfabc029ca3542b1b76971b"
-                + "685005b6407b9423b88177bf72c76a0e997ce7ad961b154cbc6feaec01ead8134e1c71f9"
-                + "33b0ba4b9e74001a425437461df854b5c3c53a291c6ed28ed651cc4de3734b2ae5a68fca"
-                + "693c744856adb7721e6ead389ff19344bce24584810ef52c516f19c311de335120e8ef1b"
-                + "e0018728c10cbbc4c0aa8cf751f966a6aaf7e6982c910d423fd8b8107c51eea68586161c"
-                + "f8737c44cc157c248b208b80b9c2d3565f08517abfff5f832d95a4b17d79f4ba2d0823a0"
-                + "aaeebecc4478113bfbd7954f8dd3772fa3d18440645c0447463ac2c3c8913a0ad3ccff05"
-                + "927e1f9481ca09451ddd85229f2a192b1a483f42498fb7160fb2815f362e698384b451a6"
-                + "45ccf87e8529af9a56cd5af76e75ff2d875ec024f53f4f3cff75505cbb1863775c3d13d0"
-                + "e23eb14cbb78d49ecf6a848d79bf43b482323c03ad84c21141e35124df31221e6150347d"
-                + "3b5277963f868ec19254569d0abed6e4f9b722d242ed87c5320ef3e68fe5ee0ae782d91b"
-                + "71e78f1a2278b366db912fe2d8db1767e25d971ee5d1b81d7f85b58336a942514325d3cc"
-                + "83756356e19fd872a26bf2d9f2112763908dcb4c73dbf3bbb2418a2efbce380e0425328c"
-                + "cb976b86bc16856af2eadc003a273ec247ebd7badcb64fd52d5eb669699dd5f058a0d161"
-                + "2889d06b4832b30eebfd67d14e467ec0fe1153b563fdae846cd7054c2452cd4e616ec77a"
-                + "b0f326bcee96849cdf8ae27af125e43e32d588c4032228eead9078b991a63f12321c5445"
-                + "20388dd7eeed58e4af45d6dcf12fda0b73d148e0229a34f3dc325786d9ad53a35f036fdb"
-                + "28f5928a36e458521e76e6bcea421ae024b9262387c51707bb350f9fe2cb8aae61dc56cd"
-                + "4eb5d3a6ced26d3e7a2c2c424e52a5243e438b3a686a88ca04e9feb6603f4f89bfd261b8"
-                + "1960fa2f429eb9ed291c5a76345bc83673c8c782c2ed18062ad3ec2c6c5c5afd68575708"
-                + "9c8249103c89ceb72a3534bcb0dce8f6b3f60b3f249658c897e7621bfb7916f74574cbb0"
-                + "70af6724f995d4b2a69f59ca8d785715fda61e3a6299df4dda2306f53360b8b8b8d87d4a"
-                + "5c5caefd7e593861ed6b72e14c8940d4cc986da45321bbdaed3bb0e86566a90ff4034d7a"
-                + "1cc626ff926d1ee7f9f9a2eadc23c8e07dd994ff84bee8ad71ce1311d6764032d2de9aff"
-                + "4e7db890b55f8bb3941f9493c0f69afd75798b697e228846a55993b5fd17f2ad5a36343c"
-                + "be79ae04d5fc3f04bb66d8dea940aea18945fc31a8f9a8b400d44168ce1398f5cf36714a"
-                + "fc0328663fb3e3f336d8d23f05a65273bbdd66a4cf566f3ab291f7f6bb966ea0116f2d37"
-                + "0517e933f7871e4dda9db394cce178409c662bd689e4d6e0f51cd309d1458c2c554f0c7a"
-                + "b3b74d7227f77a9ec911a1262692cfcc6e2c36dbcdeadf1935e1addfe9cb2b8f3e86cf50"
-                + "043b51dd2d04f9420506705302721d191035152a18e22b9ca28dd7e71f376d7bfbe44158"
-                + "7b4c62310933fb0e8d4e08fd7c622294777dccae6c4e6b2df88f68d4345f4f0a7c16c697"
-                + "f3c9139ce835e61488887b18fbf5a6921219128a51264bfefe4562209013a1ab67d86ffb"
-                + "81a1464c5c2f29f71b4a4d4f5fe39fc069a8280d5917f8b4c3c5402a692748121102993d"
-                + "d600efed27e7db5bdca9ba39c789c0a26f3a42a1dae1d6811a6ddff636748da69fe6e01c"
-                + "f6decdeff025f1debb766a079c2703e91009895d5fe90df1a8e36d4f10dd486d713ad164"
-                + "9a3ebcbc5931b22b1aca257648731ed7a4efb0d0466b6629f9e76dd81d2c556ad9d41027"
-                + "8a54beace99aa5ee5979279bbfddde31d581cdea96278dff17937bc7432b3e85a14946f4"
-                + "f1882eb111796a6f30de022d40fd200af0d5745a05001a7bd6dc827c4adbfcfd2df3a9d3"
-                + "e88b41732e16729c693c1a0f9d481e2e50fbede3fdda21d695531246165354f89d0108d0"
-                + "88a78da4687725f80c77988371144c7229400a3a2ea5e67c071cb0b904cab486674bcc21"
-                + "a8ebd7e25601958d78de76f6db7624c8f9a88ae6e432f978ba90b9a956be2a600df5bd26"
-                + "a8771e564e2dec9af2ac3030180398cd88664633f2150d5d6d2a6010ae55d3b8d478fd3f"
-                + "4faf333cc1f5cf0c10dbd0eeb59340e2cf7586246e774448d1ec525f4ed06a7fc026dcc2"
-                + "c1fe29ef62c05c02dea8a778f244d27d85a7634ba95a609fb2591feedd7f3c9b48822f9a"
-                + "725a2ee20616174d36c0d831ae67e18d838a9ffb9ca9ca7a19683dd041e5bb425803df99"
-                + "dbe9ebe9baa082cf3d1c6a126cdf642e42ed0d70bd8aba5af4039a01c6ce9d11c2752194"
-                + "67845bac3602e5eb9e461bfd61044f566650c5622e352eb8c1c7ba0f55748a3b802c2e4e"
-                + "e7b349766942d4bacea1ffc1c1179295b2e5ed38b1d8784c8457eceea725728a168466b9"
-                + "980dd0f67742d67ac9945f332a901abb0a3b22fa12023554bda2896e530f87334a1a6369"
-                + "384f8c0b1371f420958b629fdc9a645e3f7c9068d4a1b542b003a894654ad0841138c230"
-                + "a8e9f9ea4525481441f2936290729ab969182768a570bb7ae9283ec9ef00190dd9063df4"
-                + "5d4e4748b6000d5587cd931a554b9322a7f03dedfe4c931eeeac64bfbffa650034b0fd8e"
-                + "1b0869312936f1a85a104ac2fc2b121a9778471c2dd75bf4ecb2115431bc930a4fbac930"
-                + "137c0a69ae963bd6e4f0a123208c3616a555bd3c00a5c3212523378ac572186d11cc283d"
-                + "e165c8da14e4b9f7691243041f004f8c64558d3087e89307dc222d154037ea14132b2a99"
-                + "ffffa664d7642277f99ac4d3ed3463324aa31f82e5f07a3e2825fc90117b6eca0cbb64b8"
-                + "f19c474860e01e0153c628cede2a5b9013ff55e5fce193453673ce1690e09b3a04df2fa4"
-                + "dff313c90ecce32165b578db16fff29d5a61dc9ab3b4bebcfd048189e06dac530e0c724d"
-                + "1e8b7814ab19ba2076f4a53c6d21c953e1d1b130e2112066fe7fd38972f3f2adc440bbdc"
-                + "d2ff6054c68d97d656e37cb211c48e3219235d192e7849b90b9ca803750c56b11fe0f12a"
-                + "696eb9d31526d006625782ba1c79ba26d54f1705cc3491e8a49d33288f0acb0afff1462f"
-                + "821fbd7830ded258e9cffd50764ea66178d0307e91817688d9368381cdede8d632a1fcc5"
-                + "713d039cc0034c701ec8f2ed8455201c24067fad2341bf48b022912617ddcc04af8ba427"
-                + "9d0d2a4f3578458a56ab697e1c3102f19a5baf90f1238801b1016efbb7d3c6e577a53911"
-                + "116ac306d65e5dbe82e0a217c8c4f5b7ef90d146d0c7078e13b51784a6ca9b02ece29a67"
-                + "6dc150127c1cabdf49168a9ad6a261e2af7293598e73decf9ad74e06258fc1deb06df697"
-                + "5fbd287851c9b1a79f80c77832ffe4e015bcb905b8a196ba8bc7e97b2f6f6711c25ec582"
-                + "cbe3d62aed3182fd25deb2f032b211738cf03c3c090468588221e8dcdc53d43c3eadd85a"
-                + "bebe565f43ae23a24e53826c620aeb71c6bbfa838dbdc4f6d17a9d15d43b65c56807c010"
-                + "01e734dc158b522d01ae541010229308a7069715b2c5c2d2739fcbd13794331e0afae203"
-                + "40514d4c1f8e3661a5491822e3013cf6c6656f262a7b2c4d85c3f508d73b3a1e7d9ffe96"
-                + "52a18b334b72e9ff5efee892e9754dec7ba2aa0539a1a333919a58ebb91daa89e2c6605d"
-                + "16a04bec8cec4868e4c6ed46631f2f33e3340c4436a259641b8faf7fea7c35c455aacbc3"
-                + "5f3bc3b8ea98e1e305c068479ff4a753a29ab12824a0ce914f789864fd92d9c4c6e81461"
-                + "1cee034ab78bc772ab1a289b94c2feb51c205dc1c9443fe5f53d99adb71970614670df9d"
-                + "807cdc99a01a13a7bbda52b73787b154ee3c389ee200aa7cb0a9f9478a02c127e5e75fc5"
-                + "18e3913ffa79e3a897a3772ccd096950c394e8a658c6725fa3e610cf2232fbcdb4f369eb"
-                + "b934ea53eab93f40c11e63ab51aba65c4386181dea6b09508f4747557ffc41579ef696dd"
-                + "bdf7a199bde2705d3d6ff13a67229862f2dc796da8ae0ec99ca0a310665d5a062f0fb910"
-                + "bab41d07229a339da8da6afed23bb93c8d9b88a3cbab6ad05e2295668355fc6aaa8caec4"
-                + "d880841651e440fd2b8c18e1acf6b953672e0f6f5f681192a14eb366acf4e36f9892841b"
-                + "65c4795c1daaad3a803bc71c059179e969a789879e0753575fb96fc1c4a6bc79e9d0bf3c"
-                + "50d51b844a7278bdd2a78d30d6899eca4002355833f80b09e9d307f752c6891b09ae906d"
-                + "561eb898cbbd912fb72bf86757a7c4333d2a0e3a26843ed43f65edd8138739bdb43e63d6"
-                + "fd5115185312c864aeee827234af3dfd7e1eef04a5c251a4017d77d1c976a8dd17ed2a22"
-                + "1c058b6b94f47c0fa0fa06aa764c9fd88d782889609a4b6b5f60658e4beb322bec08805b"
-                + "69c44eb8fae138f6e535e6517f1f510aec81793f04720271715a2f38ec751009fb9ebc85"
-                + "96cf49cb159b2bf3d33fdb61b88c1691ff0c6f2ec7d98f8776778bb094cc5271cd3960cd"
-                + "39163bf31c5aec1949491aa0c2d2ef2f12593db9b36cd2206616e9fd545a2ebe39998a4b"
-                + "2043afabc334c332f4a5407cb07bf467aaad82f077d969d2c2a052acb316a6c5fab0bc97"
-                + "a42f5f76165f52d1a2b312282e61d13aa84a44d4ba102346b01977b5190d938f533f31d3"
-                + "e60c00999bae61133683832494792296b2aa00be848317c69a7fc4bd7b2bd06e1bd821a5"
-                + "57b2c39c584d173c1136b1043bf2912b079b7f42ee71a8d70858e0368676c0637b70399f"
-                + "c827c1a08301ddc0f2e0ccafdb15a18034120c48b38472209d75124912f7b4355ec14bff"
-                + "14174f644d20d9715f82bdb36928e837191ef586f3090b2877a8b62d171d25bf8e38b0a9"
-                + "a089fac89496294a8542198d67836112a242f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "1dd47d0c6485aa0bcc09a5d4c0edf959b04a8b1c9169ebbc7edee5035b8ae40333766c50"
-                + "6a1327e776fb2cd16487a5517a309b72d1b5267c592b90a7efbd96b5ef0530c37f8a0684"
-                + "a8f0ffa04c14f5e839cd22396171e395d3467918d9ffb780eb304f12afdba17eceba96f4"
-                + "48b2d0791584465f35e1db8b1513bc824bc7ea7bdb1bfd2e12dd1d312b62a51381e64fec"
-                + "d684f83030962e682b89e4e5a4cf257b38b76f7c448e9350d0028f0b9916ec645f980c4e"
-                + "e12630fddd8251317b8276e1bf5ab6d32b215902e9049c9a8b260fdb5d20d7477776e208"
-                + "19721e09e7cad5e652be88a0cff32a287be534d796e1062abb93df619a0912f20bcb3988"
-                + "884bf9ea09cef7514fbcf025226d6e178bbe369e9eb093568b5346e8018edabeda909135"
-                + "d8add2af2130b5028994745c8737ef1695ad6f1ae9f572297afacf4a85c4c9908055fdf5"
-                + "198510827ea3f46bc3bb7d4769b523a367e5ed9b4dcf91da183f9d8486ae3a0282733271"
-                + "6d5650c60d3812ff12e63dc7207d3d60b39ab744327f9c3c7462f6e1db9da77a31796c7e"
-                + "b77205df0ffbc0ce1399889bc7394d9b8ebedd15a76643786470faa650a1e84f742292e6"
-                + "f064287ee8d32a201a60917c8e5a8f4c9ed35a012b89618a43d390fce82a7f960d306bf5"
-                + "512f2e7182e543f36113b7bcdbc2d895b96fd730012b77e4450100828ce7e7ba9cf30138"
-                + "6edd45f410e532b11ebd5df6f2e555b24e2a03fb6e4b54c87a03bf9b100b933b5eed42f2"
-                + "21b76434192fefd06a448b767a3192f768c827d85bf1f5d60747171c2340d85a694f45a1"
-                + "a25efa9e33d31b1008e823aac06b90ea1914706035c2f8d71f7716aa2965aaff54d02cbe"
-                + "44a85733506d7c03721b1c4874f89d2cc762e81271d1d52fcf99b008abf2bf885f398425"
-                + "fd80ceea997995f15f36a77063c491c46af1758b789a65d105741c021fce4ce4f2d6e17c"
-                + "9696ab023af079d4d6279428024d60a7cb08cf62688d83126cd88e280a813ad5287be0b4"
-                + "4e32cf7a8ea65f98f9e6a6d6e20469b977bdb2154351beaac6a6a4d17b5d6883311c3ec9"
-                + "a3a43265347a9f8febc467ff1368542a35b7e42bc69117adf013982dd0ee5c8920023a2d"
-                + "66bf1a22aeb1554550da4ca807174e060729e262b7fce5f1377aec232404633e535e3295"
-                + "472260e72b3d795043b2d3c494df16ec6bee7bee350469c25a486d7d5b40d298cdcf85ea"
-                + "37be74a57f49d8f808f868190937eeb82c57e4353ab978c753662c0afe72b993052b42dd"
-                + "085c94f921f77d4db8f8e61de611a6f2dd09a1541fbc9416c2a19dcef250a8b0ee570d5f"
-                + "a5f0feeee80fb4f0f3e03a0b39cbbeca9c1cab024ec5a582465e82a35ceb91464f2225b1"
-                + "a2cb802d1e82b23970071f267190c02d47c8c55654ce59896c2349cb601d383618531fa7"
-                + "728c1955bf3b2670af0a54042edad7d0447362e6e7ae5989a430f8055ecf1d4eae64069c"
-                + "179919600f4b5a99632a82fe1dfe61061630772657b1def4b97431b23b24cc91085dca3b"
-                + "9b675b131183f3a95a0ee1fd05b3faa1ff8ebe16b7f013c434ffeb31f4a90a4105a6b38a"
-                + "a7940aab83804163863ac9f147abfdc91d4303f88e14fecf3c56c273a02582a30a491243"
-                + "a2668304b023c6325049fd8d749592295624dc05514868fc2c3211b02bdc6bb1158f322a"
-                + "76038d55d85c7e37831d1e67a56435bdeada7cec00987c11e499526a35fb5d13c4444e9b"
-                + "5016e973d6c357801ba5af59360c48b1ded87fbf57fba8be1bd067e994f0f2a2f434fe03"
-                + "92daa4676edb00d50c21f27180ed48318c5236832275e79b9d7763f60ee79e69232cec39"
-                + "cc0047a9124f3a903302518894878d55a937787b6e1eb44467fc4b4e03f6a08a6dc7e992"
-                + "8ea020e1fb72ed5219a28c5d79d582841ed3fa23119105b7b8cb27c80c7abec5ea694079"
-                + "793bb2eadaf26fdcb7566b6c987629e6957392d038a05c87cb99c1741fc0dcf4c038b226"
-                + "6577a9fa21a672a0bcc14fd64aa8a6a0925039c8d75ac291e34a16dec33e7974470611d8"
-                + "55796664560065232c433f51e99762893b03a8364742a9b48156a519a8c61bcb3cf7a0dc"
-                + "573a1f6f277fc62cb50d53257de38a8da32865df428f71edc7b566ab11dfe5997ffaa300"
-                + "27c8d0daa42aa30a617b253eb5a3fc23f4eab76042915446502d962b98ecbd69423370c7"
-                + "b6a32f0382ca4b7dc0b2e28431bbdacee01f7a36bd6285f1c6b81d0c30ad368f402373c7"
-                + "0f6ee758d41c163ecb7a7c476b38d2a0a06413da78c83ea27a41cd80dcdd8124569e7ef4"
-                + "41c2f13d07adfc6b87f1eb69dcc47705e80fe88aa88110f64551015ca732453da4fe72d4"
-                + "dcbba759561acf96ab6cc48b0f96bbe0b8bbda54f6c9c7e93a951bcddadf1d4c984c7079"
-                + "2a715cf9013e4c640c1e61fbe5ba009ab3315cb9852a9288b13b8904a6bab441657f6234"
-                + "c81465ed880be61bb424d79a54c7cba39e839308c81ddc985666ee81280c179b82695a9c"
-                + "c93d9f8e21419012d4c879bab349afbc72d5d6fdfaaf8ca597685b9785f93b0776dc06b2"
-                + "e0fdb5254922e0366da4978173d63c213a9df4ffe1a71e7090e2670dc8403ce1a9841b81"
-                + "1e33a946a762dfa764083f84451b7061284cb86f5794e26688585ae5a05ae660b8085a3f"
-                + "cba7978a6054b7f0826f462b265f996a48a648a542d1271c6cb0aa9404f36970bbea185b"
-                + "82777f1958bb6c04fd367355c072b3865a744b6adca31e2a41fd06496809fe7589d5891b"
-                + "7b38049b2c4dff88ba06754d3415e31716e66aad3b967425161a8b47d252ae4b3d8cab4f"
-                + "386bccb17643fe1060b8df9c483fc02751a299f53e83134105952e361fc74d446829ce42"
-                + "0a0c19fbafd9e996109fd8b3b12e9403c97d08a89a55c7f6dae301de716b4790b93892b7"
-                + "f03dcf36355e75a9dcff3d90c3609ee5024f304a444f935f98fce6dee0954d6b7e79612b"
-                + "c371e5ef03c58032222a211092c5245e6c6ba8a269edd5b9f41963bed7d9bafea184c175"
-                + "e264fbb84f0c259a9b19acfa3cd6e07dfa7f4b73c8d2939bd46bca5bfb269ed6f1a963ed"
-                + "2d4a8565fb515baf38391e1fc99bd42c535fcf26d19691b52f03744de1a06f53fb561a94"
-                + "3dd7daf341ce64507191639ffbe39fc069a8280d5917f8b4c3c5402a692748121102993d"
-                + "d600efed27e7db5bdca9ba39c789c0a26f3a42a1dae1d6811a6ddff636748da69fe6e01c"
-                + "f6decdeff025f1debb766a079c2703e91009895d5fe90df1a8e36d4f10dd486d713ad164"
-                + "9a3ebcbc5931b22b1aca257648731ed7a4efb0d0466b6629f9e76dd81d2c556ad9d41027"
-                + "8a54beace99aa5ee5979279bbfddde31d581cdea96278dff17937bc7432b3e85a14946f4"
-                + "f1882eb111796a6f30de022d40fd200af0d5745a05001a7bd6dc827c4adbfcfd2df3a9d3"
-                + "e88b41732e16729c693c1a0f9d481e2e50fbede3fdda21d695531246165354f89d0108d0"
-                + "88a78da4687725f80c77988371144c7229400a3a2ea5e67c071cb0b904cab486674bcc21"
-                + "a8ebd7e25601958d78de76f6db7624c8f9a88ae6e432f978ba90b9a956be2a600df5bd26"
-                + "a8771e564e2dec9af2ac3030180398cd88664633f2150d5d6d2a6010ae55d3b8d478fd3f"
-                + "4faf333cc1f5cf0c10dbd0eeb59340e2cf7586246e774448d1ec525f4ed06a7fc026dcc2"
-                + "c1fe29ef62c05c02dea8a778f244d27d85a7634ba95a609fb2591feedd7f3c9b48822f9a"
-                + "725a2ee20616174d36c0d831ae67e18d838a9ffb9ca9ca7a19683dd041e5bb425803df99"
-                + "dbe9ebe9baa082cf3d1c6a126cdf642e42ed0d70bd8aba5af4039a01c6ce9d11c2752194"
-                + "67845bac3602e5eb9e461bfd61044f566650c5622e352eb8c1c7ba0f55748a3b802c2e4e"
-                + "e7b349766942d4bacea1ffc1c1179295b2e5ed38b1d8784c8457eceea725728a168466b9"
-                + "980dd0f67742d67ac9945f332a901abb0a3b22fa12023554bda2896e530f87334a1a6369"
-                + "384f8c0b1371f420958b629fdc9a645e3f7c9068d4a1b542b003a894654ad0841138c230"
-                + "a8e9f9ea4525481441f2936290729ab969182768a570bb7ae9283ec9ef00190dd9063df4"
-                + "5d4e4748b6000d5587cd931a554b9322a7f03dedfe4c931eeeac64bfbffa650034b0fd8e"
-                + "1b0869312936f1a85a104ac2fc2b121a9778471c2dd75bf4ecb2115431bc930a4fbac930"
-                + "137c0a69ae963bd6e4f0a123208c3616a555bd3c00a5c3212523378ac572186d11cc283d"
-                + "e165c8da14e4b9f7691243041f004f8c64558d3087e89307dc222d154037ea14132b2a99"
-                + "ffffa664d7642277f99ac4d3ed3463324aa31f82e5f07a3e2825fc90117b6eca0cbb64b8"
-                + "f19c474860e01e0153c628cede2a5b9013ff55e5fce193453673ce1690e09b3a04df2fa4"
-                + "dff313c90ecce32165b578db16fff29d5a61dc9ab3b4bebcfd048189e06dac530e0c724d"
-                + "1e8b7814ab19ba2076f4a53c6d21c953e1d1b130e2112066fe7fd38972f3f2adc440bbdc"
-                + "d2ff6054c68d97d656e37cb211c48e3219235d192e7849b90b9ca803750c56b11fe0f12a"
-                + "696eb9d31526d006625782ba1c79ba26d54f1705cc3491e8a49d33288f0acb0afff1462f"
-                + "821fbd7830ded258e9cffd50764ea66178d0307e91817688d9368381cdede8d632a1fcc5"
-                + "713d039cc0034c701ec8f2ed8455201c24067fad2341bf48b022912617ddcc04af8ba427"
-                + "9d0d2a4f3578458a56ab697e1c3102f19a5baf90f1238801b1016efbb7d3c6e577a53911"
-                + "116ac306d65e5dbe82e0a217c8c4f5b7ef90d146d0c7078e13b51784a6ca9b02ece29a67"
-                + "6dc150127c1cabdf49168a9ad6a261e2af7293598e73decf9ad74e06258fc1deb06df697"
-                + "5fbd287851c9b1a79f80c77832ffe4e015bcb905b8a196ba8bc7e97b2f6f6711c25ec582"
-                + "cbe3d62aed3182fd25deb2f032b211738cf03c3c090468588221e8dcdc53d43c3eadd85a"
-                + "bebe565f43ae23a24e53826c620aeb71c6bbfa838dbdc4f6d17a9d15d43b65c56807c010"
-                + "01e734dc158b522d01ae541010229308a7069715b2c5c2d2739fcbd13794331e0afae203"
-                + "40514d4c1f8e3661a5491822e3013cf6c6656f262a7b2c4d85c3f508d73b3a1e7d9ffe96"
-                + "52a18b334b72e9ff5efee892e9754dec7ba2aa0539a1a333919a58ebb91daa89e2c6605d"
-                + "16a04bec8cec4868e4c6ed46631f2f33e3340c4436a259641b8faf7fea7c35c455aacbc3"
-                + "5f3bc3b8ea98e1e305c068479ff4a753a29ab12824a0ce914f789864fd92d9c4c6e81461"
-                + "1cee034ab78bc772ab1a289b94c2feb51c205dc1c9443fe5f53d99adb71970614670df9d"
-                + "807cdc99a01a13a7bbda52b73787b154ee3c389ee200aa7cb0a9f9478a02c127e5e75fc5"
-                + "18e3913ffa79e3a897a3772ccd096950c394e8a658c6725fa3e610cf2232fbcdb4f369eb"
-                + "b934ea53eab93f40c11e63ab51aba65c4386181dea6b09508f4747557ffc41579ef696dd"
-                + "bdf7a199bde2705d3d6ff13a67229862f2dc796da8ae0ec99ca0a310665d5a062f0fb910"
-                + "bab41d07229a339da8da6afed23bb93c8d9b88a3cbab6ad05e2295668355fc6aaa8caec4"
-                + "d880841651e440fd2b8c18e1acf6b953672e0f6f5f681192a14eb366acf4e36f9892841b"
-                + "65c4795c1daaad3a803bc71c059179e969a789879e0753575fb96fc1c4a6bc79e9d0bf3c"
-                + "50d51b844a7278bdd2a78d30d6899eca4002355833f80b09e9d307f752c6891b09ae906d"
-                + "561eb898cbbd912fb72bf86757a7c4333d2a0e3a26843ed43f65edd8138739bdb43e63d6"
-                + "fd5115185312c864aeee827234af3dfd7e1eef04a5c251a4017d77d1c976a8dd17ed2a22"
-                + "1c058b6b94f47c0fa0fa06aa764c9fd88d782889609a4b6b5f60658e4beb322bec08805b"
-                + "69c44eb8fae138f6e535e6517f1f510aec81793f04720271715a2f38ec751009fb9ebc85"
-                + "96cf49cb159b2bf3d33fdb61b88c1691ff0c6f2ec7d98f8776778bb094cc5271cd3960cd"
-                + "39163bf31c5aec1949491aa0c2d2ef2f12593db9b36cd2206616e9fd545a2ebe39998a4b"
-                + "2043afabc334c332f4a5407cb07bf467aaad82f077d969d2c2a052acb316a6c5fab0bc97"
-                + "a42f5f76165f52d1a2b312282e61d13aa84a44d4ba102346b01977b5190d938f533f31d3"
-                + "e60c00999bae61133683832494792296b2aa00be848317c69a7fc4bd7b2bd06e1bd821a5"
-                + "57b2c39c584d173c1136b1043bf2912b079b7f42ee71a8d70858e0368676c0637b70399f"
-                + "c827c1a08301ddc0f2e0ccafdb15a18034120c48b38472209d75124912f7b4355ec14bff"
-                + "14174f644d20d9715f82bdb36928e837191ef586f3090b2877a8b62d171d25bf8e38b0a9"
-                + "a089fac89496294a8542198d67836112a242f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "1e1629e7868df0508b5c5feb013e7e3eb75a0e6ce8dea42e10add7b106a6fc61f1821523"
-                + "d62c55c57e8a3ee2e02d07fc89781bf43f65b77e454199e3cead123d59b8abc721476e4c"
-                + "bbb13111e3bbcd5da757607b403ce507cb18a55736e6801cb264e571d668af57967f0313"
-                + "28acea75d90872b55d339a8b7fffdcf289c100605d10b24f0c2568c4ccc7649a192c7a17"
-                + "8799558ce4f14107e6ac84e647340f423e6931a003b8b80798085dafbdf9ccbb2cdd48ec"
-                + "28596e72bf5b1246c17a7b39d579d86b6606821bdf03af5d92410b4bc109f6cf938afad4"
-                + "a4b33e729f85d9d5efc64c261e5de70ef1c1987ad75928ed3e028c6e42233dc03635dca6"
-                + "caf890febbbcd0dc9807b29f9f437795df16cc165f25761843f5b6ac2688e07e1f6b43fc"
-                + "ddfd42d993416bb55afbfd9526c643409a02ff95dca4c645196a6446d02430fac0f8ecc8"
-                + "8ef2d9541d55a15b95f7536ced29b9e97d3fa1bb630193626c1ea6d35ebd8ffac60c1e43"
-                + "3ef9ce8e7df7a83f3b4daf0487414c310db829fc7c4286aaf822e0e9689507aba82c9c02"
-                + "09b8143974374910f7651aac5cc60791656d6b5f8b3cfecb34d20831ae7452b2d995a77e"
-                + "818d93615cff046a74b87f509eb46926eae38345f89d2b460b7d5f12b3fee6d4c1fec58b"
-                + "c13ee88852bc3c9a077724138962cf9238cf1c7fa428a99e9ead6a00375b3108d2087751"
-                + "0822fbb7c5ab04d0c653784cc355b43337c3f89704b0469564e0c40223587187dd220f66"
-                + "e5081a90268755e8d7f46d0d54c3c8aef3c5c49341fa4da879f866e4b98a4401f54b4da2"
-                + "dd04142ce58b3871e5e30aa61383de8161b0785e839abdfb27096ab95f7277b148ce539b"
-                + "57b98aa79c874e1bd4003c1a912333e47b3c41b50822715d83461b1dce5a712df97f5f42"
-                + "5dc6e399af15312ee21b283cfb9916d13ebf88b0b467b1c14dd600e36fe0fe0da545bbbd"
-                + "843101683dd4418a79b60f55aba747d873fff04e7c37b576f1dca7319f367dae50d131aa"
-                + "7e830e18002394b0d882b9467331be11dac00ab7a034487dad6f28c95a6a253f1200af1f"
-                + "ad0fb3bfe64c24dc710f19d52a88cac5c316a2dc8b82ff68f84321418164bd1d10f03236"
-                + "b5f6b334c01a66332e4e1c4f7f78129d61441e2b3ddf9eef1c1763706ce79607cdb9bb27"
-                + "0c84487b7822ad3f9275bd34fbf44b661c60dd2338577d657956db1a5b9d33484e8cb4c0"
-                + "87be62a47f22f01ccb5ac308d6f34276987eeb293265eb5ed6a9e20a33f6605b33eb22a8"
-                + "f384d0b03f7ab613daeb7dff38492a7e7857f3849c017bd21963b4598a534506068f4df1"
-                + "7cf48fa9671a9306d927d14df11fb277d8a56a28fbfa1c37a1122176513e3e5320c09539"
-                + "49a4901045e3f4a9fc70438bb2034c01844bb380558499ad97df77e0987373dc7076ac39"
-                + "496b218f9919b2c693c6d8b53a0cb66a860becba37a901660f30ee4265ccdf50d03d49a0"
-                + "aab69b3b0f8e34a732318d8b76bdd599ce580ab3cfc7abb946b62fb29a2391dd59222295"
-                + "35773fe41acd802ded42f5172dc552540ce81a673a9f22d021f9d689c977e0350e14db66"
-                + "a5ac025e8d5a43f1436af84a1fa57e03e6489bffec04d69d5db2d3e4d5cf8bca0b576fef"
-                + "cf2d88883be0333584f502f315d8c47de319ca62b9a310fc0ad0c76d9ab27b9df3f3e28b"
-                + "8e8edaf592755b56c2dbea6f50cee95056a3d3e8c82cd61abb76a1fb6914a872d90bf5dc"
-                + "5f57cae9fed263fdd4d85e65fde9141e80f397e427fbc1a5186ab1685a64180eb27dbff8"
-                + "79026ba3a1bacf2c2e1a559b854f7311f98aaccc1d65166260441201f28a380d13286810"
-                + "c1ed0c9919f7fe93bd35bd059dd57110f6b4a46b59ea30c3cae5ff19237735ce7a892af2"
-                + "97281f3056de704b6f93505ed24ff6f3f4a512563f9f2b3792a524bf5ca1be336bdd5605"
-                + "f3adaabd1231ec9df1dea585ebc087332c821097f96f1258cc86923e92d9178af779ac70"
-                + "7d7b3c6c025e7fabb70977bacfa25c4b2dacc90b533961ab56df226d7f8749d243b527b6"
-                + "0fa8550a8f0ca1c752ffb5bdcdeb6ee176872ebd4e6e7a4d7ec1af7cb76ebc9b308149f6"
-                + "97db0a72969003f1d6a4cadf796a76fb5f2cf0c6a40d730d557c33686cf6bfbddb7513a1"
-                + "02c63f2aa0a814b00ea966befd1527719ccb98a834d85196ed36ad9813ecc690911ce8dd"
-                + "7b08665b20028fed0f2d4f90c3d9620cc4413a876c515f2bc732c512e0a4f7a1aaf72f8d"
-                + "c3f7121f96ae96b30ce38b27732db600520b5549e507848e8813e50179389f6c9a5ba2f8"
-                + "776baf4b559ee3964edc2bc88170a8fd5733cdc9265110fa821727079f6df4385b5a239a"
-                + "3619b2182e0e622039a827bdd83c3ca8361104c078c5ccdc095b92052f445e3c1c291257"
-                + "15bd77da30dcbbee14318e1ea521ee50074edc20332753ece1e8a4ebc074f6ef1922d96a"
-                + "8856a7a9a9d9360bceefb3b0402b48d3e3b4095e10c25dd22580bcf465649770304049f3"
-                + "f9a1e7e63317527b4c03b1d10d8264d78e66c782c9b7b134c44a0c391c4eb63ab90c090c"
-                + "a108343660079cb7402f5c3ec12a6ce95809ee606f2d3d0625f0e9f3f926e9c8db97386b"
-                + "ccc188df159b330017825a1e9f5ea0b0a3b6dceeb3956c3f149582b6ce2263ecf0ed4e5e"
-                + "7a55f6dd95a12a5f5744877bc30704d953d6ea937acd9f3ac344decf67e4e937fcde3dac"
-                + "09f3d87cdbd0590f4e2b45f6865deec9a770f86bd3909d3f74effd2eef6d5a68d53833f1"
-                + "cfa9cf891c0a4fe101ab23a3ef9e752c44080d32aaf2d92b422568939b7a695d2c51489b"
-                + "55fa0a294ef1f8df0561186bae1b4ef49198464b0545f14ba86a32e89b919e77754bef20"
-                + "307639411aacdf49de6633659a5da450fae82f796ea590aa543b509928eb983cedcf4120"
-                + "e8c711e4058517f693ccdaad4cd0eafb0ac0ef04cea258e2e285952aba9f75ed5e585311"
-                + "768318e358b41a7c0061e21c69560f6602affd8864213c254ae4db4ae1f0b1a27ff14251"
-                + "8b8ce301471c235c32b5b19f4cd048ce99e4b40100e63c90d77fb9db0664ba1919853942"
-                + "855a4f14979d60fdcb2936d9b2ca49cbe1962b48fd93fd84faf8ee8952a52664c1992ccd"
-                + "51710edc2ec8c485c4932ea0cb4819093ea76a9606028cd2b9a60d20b1fb593d2b74056e"
-                + "bc71b79ecebd92b02da9ba39c789c0a26f3a42a1dae1d6811a6ddff636748da69fe6e01c"
-                + "f6decdeff025f1debb766a079c2703e91009895d5fe90df1a8e36d4f10dd486d713ad164"
-                + "9a3ebcbc5931b22b1aca257648731ed7a4efb0d0466b6629f9e76dd81d2c556ad9d41027"
-                + "8a54beace99aa5ee5979279bbfddde31d581cdea96278dff17937bc7432b3e85a14946f4"
-                + "f1882eb111796a6f30de022d40fd200af0d5745a05001a7bd6dc827c4adbfcfd2df3a9d3"
-                + "e88b41732e16729c693c1a0f9d481e2e50fbede3fdda21d695531246165354f89d0108d0"
-                + "88a78da4687725f80c77988371144c7229400a3a2ea5e67c071cb0b904cab486674bcc21"
-                + "a8ebd7e25601958d78de76f6db7624c8f9a88ae6e432f978ba90b9a956be2a600df5bd26"
-                + "a8771e564e2dec9af2ac3030180398cd88664633f2150d5d6d2a6010ae55d3b8d478fd3f"
-                + "4faf333cc1f5cf0c10dbd0eeb59340e2cf7586246e774448d1ec525f4ed06a7fc026dcc2"
-                + "c1fe29ef62c05c02dea8a778f244d27d85a7634ba95a609fb2591feedd7f3c9b48822f9a"
-                + "725a2ee20616174d36c0d831ae67e18d838a9ffb9ca9ca7a19683dd041e5bb425803df99"
-                + "dbe9ebe9baa082cf3d1c6a126cdf642e42ed0d70bd8aba5af4039a01c6ce9d11c2752194"
-                + "67845bac3602e5eb9e461bfd61044f566650c5622e352eb8c1c7ba0f55748a3b802c2e4e"
-                + "e7b349766942d4bacea1ffc1c1179295b2e5ed38b1d8784c8457eceea725728a168466b9"
-                + "980dd0f67742d67ac9945f332a901abb0a3b22fa12023554bda2896e530f87334a1a6369"
-                + "384f8c0b1371f420958b629fdc9a645e3f7c9068d4a1b542b003a894654ad0841138c230"
-                + "a8e9f9ea4525481441f2936290729ab969182768a570bb7ae9283ec9ef00190dd9063df4"
-                + "5d4e4748b6000d5587cd931a554b9322a7f03dedfe4c931eeeac64bfbffa650034b0fd8e"
-                + "1b0869312936f1a85a104ac2fc2b121a9778471c2dd75bf4ecb2115431bc930a4fbac930"
-                + "137c0a69ae963bd6e4f0a123208c3616a555bd3c00a5c3212523378ac572186d11cc283d"
-                + "e165c8da14e4b9f7691243041f004f8c64558d3087e89307dc222d154037ea14132b2a99"
-                + "ffffa664d7642277f99ac4d3ed3463324aa31f82e5f07a3e2825fc90117b6eca0cbb64b8"
-                + "f19c474860e01e0153c628cede2a5b9013ff55e5fce193453673ce1690e09b3a04df2fa4"
-                + "dff313c90ecce32165b578db16fff29d5a61dc9ab3b4bebcfd048189e06dac530e0c724d"
-                + "1e8b7814ab19ba2076f4a53c6d21c953e1d1b130e2112066fe7fd38972f3f2adc440bbdc"
-                + "d2ff6054c68d97d656e37cb211c48e3219235d192e7849b90b9ca803750c56b11fe0f12a"
-                + "696eb9d31526d006625782ba1c79ba26d54f1705cc3491e8a49d33288f0acb0afff1462f"
-                + "821fbd7830ded258e9cffd50764ea66178d0307e91817688d9368381cdede8d632a1fcc5"
-                + "713d039cc0034c701ec8f2ed8455201c24067fad2341bf48b022912617ddcc04af8ba427"
-                + "9d0d2a4f3578458a56ab697e1c3102f19a5baf90f1238801b1016efbb7d3c6e577a53911"
-                + "116ac306d65e5dbe82e0a217c8c4f5b7ef90d146d0c7078e13b51784a6ca9b02ece29a67"
-                + "6dc150127c1cabdf49168a9ad6a261e2af7293598e73decf9ad74e06258fc1deb06df697"
-                + "5fbd287851c9b1a79f80c77832ffe4e015bcb905b8a196ba8bc7e97b2f6f6711c25ec582"
-                + "cbe3d62aed3182fd25deb2f032b211738cf03c3c090468588221e8dcdc53d43c3eadd85a"
-                + "bebe565f43ae23a24e53826c620aeb71c6bbfa838dbdc4f6d17a9d15d43b65c56807c010"
-                + "01e734dc158b522d01ae541010229308a7069715b2c5c2d2739fcbd13794331e0afae203"
-                + "40514d4c1f8e3661a5491822e3013cf6c6656f262a7b2c4d85c3f508d73b3a1e7d9ffe96"
-                + "52a18b334b72e9ff5efee892e9754dec7ba2aa0539a1a333919a58ebb91daa89e2c6605d"
-                + "16a04bec8cec4868e4c6ed46631f2f33e3340c4436a259641b8faf7fea7c35c455aacbc3"
-                + "5f3bc3b8ea98e1e305c068479ff4a753a29ab12824a0ce914f789864fd92d9c4c6e81461"
-                + "1cee034ab78bc772ab1a289b94c2feb51c205dc1c9443fe5f53d99adb71970614670df9d"
-                + "807cdc99a01a13a7bbda52b73787b154ee3c389ee200aa7cb0a9f9478a02c127e5e75fc5"
-                + "18e3913ffa79e3a897a3772ccd096950c394e8a658c6725fa3e610cf2232fbcdb4f369eb"
-                + "b934ea53eab93f40c11e63ab51aba65c4386181dea6b09508f4747557ffc41579ef696dd"
-                + "bdf7a199bde2705d3d6ff13a67229862f2dc796da8ae0ec99ca0a310665d5a062f0fb910"
-                + "bab41d07229a339da8da6afed23bb93c8d9b88a3cbab6ad05e2295668355fc6aaa8caec4"
-                + "d880841651e440fd2b8c18e1acf6b953672e0f6f5f681192a14eb366acf4e36f9892841b"
-                + "65c4795c1daaad3a803bc71c059179e969a789879e0753575fb96fc1c4a6bc79e9d0bf3c"
-                + "50d51b844a7278bdd2a78d30d6899eca4002355833f80b09e9d307f752c6891b09ae906d"
-                + "561eb898cbbd912fb72bf86757a7c4333d2a0e3a26843ed43f65edd8138739bdb43e63d6"
-                + "fd5115185312c864aeee827234af3dfd7e1eef04a5c251a4017d77d1c976a8dd17ed2a22"
-                + "1c058b6b94f47c0fa0fa06aa764c9fd88d782889609a4b6b5f60658e4beb322bec08805b"
-                + "69c44eb8fae138f6e535e6517f1f510aec81793f04720271715a2f38ec751009fb9ebc85"
-                + "96cf49cb159b2bf3d33fdb61b88c1691ff0c6f2ec7d98f8776778bb094cc5271cd3960cd"
-                + "39163bf31c5aec1949491aa0c2d2ef2f12593db9b36cd2206616e9fd545a2ebe39998a4b"
-                + "2043afabc334c332f4a5407cb07bf467aaad82f077d969d2c2a052acb316a6c5fab0bc97"
-                + "a42f5f76165f52d1a2b312282e61d13aa84a44d4ba102346b01977b5190d938f533f31d3"
-                + "e60c00999bae61133683832494792296b2aa00be848317c69a7fc4bd7b2bd06e1bd821a5"
-                + "57b2c39c584d173c1136b1043bf2912b079b7f42ee71a8d70858e0368676c0637b70399f"
-                + "c827c1a08301ddc0f2e0ccafdb15a18034120c48b38472209d75124912f7b4355ec14bff"
-                + "14174f644d20d9715f82bdb36928e837191ef586f3090b2877a8b62d171d25bf8e38b0a9"
-                + "a089fac89496294a8542198d67836112a242f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "1f066969a289d440bf5f3b9a286fb7adee04c6efff57e00ee2797c7e18d27434e7664299"
-                + "daae2668304051cffa860a76a0558423fb114b48516087c19cecba67df642bb788deca20"
-                + "a7deead96ba181dff639b9128feab51785d567a1986c3d864d18b8d3e5d5a97e9a82dfe6"
-                + "331ebeed86cf31ecc554a8322e9a0d4fd70b0ec61c88dfd3185d46041f72f8b4ae7312a0"
-                + "83280ef4cae700aa9b0e094b413b9d67876a99cdb59b5bf0f1136f880917548537b028da"
-                + "6cf281db31064d83bd57f676f749d0ddec2e439486a1d4c9803a75486fad6e64ac4bd87b"
-                + "457624ca6506bb9f28a36bcaa47ea5c32e8562ac58b1f540226f652e7dedeec29d11dc9c"
-                + "9bf65358a544b6266d8b17e9128ac76b9960760cbb35a9463e21ce83b5e4d3123f6c8c9d"
-                + "88ea9945056f009407f40ad1cf33c24362ec7f210b6048c82680c2302f57e793e8c66333"
-                + "77374bc585199ba3e4ffcf31f1f22f86603655b3864301dced34f3567ec64bb419932e3e"
-                + "d73612feba7e0deadd9e92027872d7d67adce708ab151e7105a70b50defed32e2c789ffe"
-                + "304ccf198f3fbfb685aae71ebe28459d60fa51f49b645d122d1b80edf4d500eb6db8df96"
-                + "c2fa9af3c3b884332b26c1c5b3cfe02f714bab9b6eb5e6f6f2df23a886e6d41c7a33e7ef"
-                + "eff7d8123d9d5b9439ed31d3d2ba28a54209548d587795601ce5a005b33eeb4374355bf6"
-                + "9913432bc06412b398fac79614a1fb8ea1587aec0929a812ff8f42b86e8d4b48829cb6e3"
-                + "afca6d20b1d9e8e39aca72b44fad89df86d526bf82992d95358c05d9b0727f64d25a5782"
-                + "30854d976d6ffc4e0db1ae52c4775dfe1d3beb77e12fb7e26f09b0061efa6e3732f4e12c"
-                + "6dd945b91eeeda2e28257de0260a71bf0f1dcb7b705f4f630f1cf92777a182f574dec84a"
-                + "6c0df3bf8a4bd1f59cd8879e005d93a86489d1e4add2e1c34b1e7189718f99e93f72f537"
-                + "5f4f1b6c4e6c0bfc4b1acf715466aa3bb6168de261723c4f62b5e69275f06224d283e468"
-                + "ca3ec0c2ec77c6148548081b85ccb43c55dee73924c1da8e39b81496f66cb1d815c4ec6a"
-                + "1e34aaead70f77707602af27025504808464671556fe26dd9f760df45395cd3815d19b63"
-                + "548a4bb868625f76811365cfc61a646c518b24ea0fc7432f177ab918d5d5e824e01a4a95"
-                + "2b2f682a28d9d65f20d09c97c720a795b1028cf8e402f90df3a331949c59470a7f375a69"
-                + "1be2ded2469d54050fe52d9750dd80ba5a5e250039df62d051abcb9ca26c1ed30c413f86"
-                + "5493c033cc030c05ce300e3df778c8d40d30427caf3202448cb9a7508464d998bb0f50ab"
-                + "d7064bd5e8d947471b935d23d9e181f68a38068630c249caf0a1899c0b0c19735d2b8ab6"
-                + "e333f92297d816a2584038dec9cb87fa2d780a1eb24fdfabcd812483620260e5dd092af4"
-                + "ea2d7f3c308e5057fdb70a090140d8bdf7ee760faf670a1079d8556ecf74885eb54e47d8"
-                + "b3ba853e1f08b7d749114df5e2eead50a06d755691307eddd3c16bbd3ff4ac771d40e00e"
-                + "e0226e300221fca671b345c2d9ffd35ce3582858024828c8bf16189c8617a0d1849553c5"
-                + "4e2c26c12cece2f27f2343f8adc8653907f4d6b461b23671ec476cc3ed935fa07b5926e9"
-                + "a103a561d9fa1f5eba80311d7fc7e7d6745087886a13e7529c8525cdb3d46d011f689f1b"
-                + "26d0f2101780cf1fc2da4763ceff1234290056d573972f48e733f66f30386e793256157f"
-                + "f5dbc47facbbcd81c45604dc6684293f2011814d275dc317538f686c6ecf166583937b27"
-                + "6959f4e62b0bc2f7cb0c7e160eece99cf2254b5fee2518be59d5ce5dfa7959d5589bcb33"
-                + "776dc8a66c47db3b930361770f8cf5d42cace66fcaf0dbf263b7d9f3631963c18e460fd8"
-                + "47c70f29371983b811f4493d20fa0339280f0a2ac6cc1566e7672b658b6efdd6d0440f17"
-                + "e6bcb4b3f910c96544d73b71799f219798556d5c5f76d60036109dca3e3c879c888c1a88"
-                + "1da7668493ab5c1536362f812955006da85c6bbf262c44dd489c245c7e8e0918d624246b"
-                + "b6dacb905adccfb22e5ca1de871b649d7e66d2154052ad1e808e476679ef8d2bce71dadd"
-                + "976310f27832dfc524175a31491099652374cd3d4259605de42cfd9afdbc114652f4a89c"
-                + "7dd675c140cb56de3bc1900237d505770f5d748b17473daf14567bcd958151763ec99b45"
-                + "11e96a3f84ae718e3a2c5c38615258c1064cfd4b7ed8177da403e8bd480da010b8f7d3ad"
-                + "9041eff7aa2b9b6079c5958b5ace63f9e4e0f22d1f4f035e362e9e236c2d34d8401bf522"
-                + "5fbe95c70bf556fe2d21150b6d74d9dbba4216ed05aae3af7f23d51d69c0592f089450ef"
-                + "73f7a5a1bb28fb754dc77411c1eaaaa3abe834cac5a5d569fc4254b1fa45f3b086fa9a51"
-                + "fbf1edb3015ad0a29d76bf86c73a5486b35fd1e1bbe12f6fc7c0dbc783b67bf3c1738ea4"
-                + "993a79a1507835cf52586ce69e851888491c6935b74e38d9f1026cea973193e2119af0ed"
-                + "9072f16dabb9a7d16ea253357f48a1de81e605ef7f485404aca430b2fbc41328dbcecad8"
-                + "5b92c0ba4ef34055bcd9849b55868d6f75a8df14ae707b3e446a74783a11e76772507b2e"
-                + "7dcc38ad895a2eebdde58af7eb1f2b22567a2c19a08eb06f93cf0cbe14528fed332325bc"
-                + "479382375e48020df31f1de42c7677a788fe2f1296288526ce1438bde7a9c20a2310b73f"
-                + "99ed1c1ed824b89679b435afd0cdc79218949567a16c0e2e03389fc253186e7b31f437cd"
-                + "d05c0c5bc09852be381e8d0e614e765b9d97e684450f9d5c99e9bab9f4afaed205ebac39"
-                + "1a05893efbd6760689a4cb542fdb6c1cb62be6b9bebd21d2a1e9bc80e1a9a9139062d112"
-                + "d2abbb946392afea1554ee98ce41ee1694fad3e32143d250ee2b68ba1430d40b0a740c49"
-                + "1eda5a85dc72034037b9ab8d75c52049c0d47e886aac9df86dffce6a8236ab68f4d80b74"
-                + "653ca0dbde02437d9dfcaafca1c11dc919338a2c39bab7ea082187766c4c598a03192bfc"
-                + "c5cfa70963f31db89dcf212d60e1be9ccb55e5d02d07fac9b90ca508e0f6c897184fcd40"
-                + "d00e058de4c59eca0b4dcbf44b46926e2412d9e65010c44d508c3d07f84a149c7ced7429"
-                + "a050b5facbcb0e129aa17389f74819093ea76a9606028cd2b9a60d20b1fb593d2b74056e"
-                + "bc71b79ecebd92b02da9ba39c789c0a26f3a42a1dae1d6811a6ddff636748da69fe6e01c"
-                + "f6decdeff025f1debb766a079c2703e91009895d5fe90df1a8e36d4f10dd486d713ad164"
-                + "9a3ebcbc5931b22b1aca257648731ed7a4efb0d0466b6629f9e76dd81d2c556ad9d41027"
-                + "8a54beace99aa5ee5979279bbfddde31d581cdea96278dff17937bc7432b3e85a14946f4"
-                + "f1882eb111796a6f30de022d40fd200af0d5745a05001a7bd6dc827c4adbfcfd2df3a9d3"
-                + "e88b41732e16729c693c1a0f9d481e2e50fbede3fdda21d695531246165354f89d0108d0"
-                + "88a78da4687725f80c77988371144c7229400a3a2ea5e67c071cb0b904cab486674bcc21"
-                + "a8ebd7e25601958d78de76f6db7624c8f9a88ae6e432f978ba90b9a956be2a600df5bd26"
-                + "a8771e564e2dec9af2ac3030180398cd88664633f2150d5d6d2a6010ae55d3b8d478fd3f"
-                + "4faf333cc1f5cf0c10dbd0eeb59340e2cf7586246e774448d1ec525f4ed06a7fc026dcc2"
-                + "c1fe29ef62c05c02dea8a778f244d27d85a7634ba95a609fb2591feedd7f3c9b48822f9a"
-                + "725a2ee20616174d36c0d831ae67e18d838a9ffb9ca9ca7a19683dd041e5bb425803df99"
-                + "dbe9ebe9baa082cf3d1c6a126cdf642e42ed0d70bd8aba5af4039a01c6ce9d11c2752194"
-                + "67845bac3602e5eb9e461bfd61044f566650c5622e352eb8c1c7ba0f55748a3b802c2e4e"
-                + "e7b349766942d4bacea1ffc1c1179295b2e5ed38b1d8784c8457eceea725728a168466b9"
-                + "980dd0f67742d67ac9945f332a901abb0a3b22fa12023554bda2896e530f87334a1a6369"
-                + "384f8c0b1371f420958b629fdc9a645e3f7c9068d4a1b542b003a894654ad0841138c230"
-                + "a8e9f9ea4525481441f2936290729ab969182768a570bb7ae9283ec9ef00190dd9063df4"
-                + "5d4e4748b6000d5587cd931a554b9322a7f03dedfe4c931eeeac64bfbffa650034b0fd8e"
-                + "1b0869312936f1a85a104ac2fc2b121a9778471c2dd75bf4ecb2115431bc930a4fbac930"
-                + "137c0a69ae963bd6e4f0a123208c3616a555bd3c00a5c3212523378ac572186d11cc283d"
-                + "e165c8da14e4b9f7691243041f004f8c64558d3087e89307dc222d154037ea14132b2a99"
-                + "ffffa664d7642277f99ac4d3ed3463324aa31f82e5f07a3e2825fc90117b6eca0cbb64b8"
-                + "f19c474860e01e0153c628cede2a5b9013ff55e5fce193453673ce1690e09b3a04df2fa4"
-                + "dff313c90ecce32165b578db16fff29d5a61dc9ab3b4bebcfd048189e06dac530e0c724d"
-                + "1e8b7814ab19ba2076f4a53c6d21c953e1d1b130e2112066fe7fd38972f3f2adc440bbdc"
-                + "d2ff6054c68d97d656e37cb211c48e3219235d192e7849b90b9ca803750c56b11fe0f12a"
-                + "696eb9d31526d006625782ba1c79ba26d54f1705cc3491e8a49d33288f0acb0afff1462f"
-                + "821fbd7830ded258e9cffd50764ea66178d0307e91817688d9368381cdede8d632a1fcc5"
-                + "713d039cc0034c701ec8f2ed8455201c24067fad2341bf48b022912617ddcc04af8ba427"
-                + "9d0d2a4f3578458a56ab697e1c3102f19a5baf90f1238801b1016efbb7d3c6e577a53911"
-                + "116ac306d65e5dbe82e0a217c8c4f5b7ef90d146d0c7078e13b51784a6ca9b02ece29a67"
-                + "6dc150127c1cabdf49168a9ad6a261e2af7293598e73decf9ad74e06258fc1deb06df697"
-                + "5fbd287851c9b1a79f80c77832ffe4e015bcb905b8a196ba8bc7e97b2f6f6711c25ec582"
-                + "cbe3d62aed3182fd25deb2f032b211738cf03c3c090468588221e8dcdc53d43c3eadd85a"
-                + "bebe565f43ae23a24e53826c620aeb71c6bbfa838dbdc4f6d17a9d15d43b65c56807c010"
-                + "01e734dc158b522d01ae541010229308a7069715b2c5c2d2739fcbd13794331e0afae203"
-                + "40514d4c1f8e3661a5491822e3013cf6c6656f262a7b2c4d85c3f508d73b3a1e7d9ffe96"
-                + "52a18b334b72e9ff5efee892e9754dec7ba2aa0539a1a333919a58ebb91daa89e2c6605d"
-                + "16a04bec8cec4868e4c6ed46631f2f33e3340c4436a259641b8faf7fea7c35c455aacbc3"
-                + "5f3bc3b8ea98e1e305c068479ff4a753a29ab12824a0ce914f789864fd92d9c4c6e81461"
-                + "1cee034ab78bc772ab1a289b94c2feb51c205dc1c9443fe5f53d99adb71970614670df9d"
-                + "807cdc99a01a13a7bbda52b73787b154ee3c389ee200aa7cb0a9f9478a02c127e5e75fc5"
-                + "18e3913ffa79e3a897a3772ccd096950c394e8a658c6725fa3e610cf2232fbcdb4f369eb"
-                + "b934ea53eab93f40c11e63ab51aba65c4386181dea6b09508f4747557ffc41579ef696dd"
-                + "bdf7a199bde2705d3d6ff13a67229862f2dc796da8ae0ec99ca0a310665d5a062f0fb910"
-                + "bab41d07229a339da8da6afed23bb93c8d9b88a3cbab6ad05e2295668355fc6aaa8caec4"
-                + "d880841651e440fd2b8c18e1acf6b953672e0f6f5f681192a14eb366acf4e36f9892841b"
-                + "65c4795c1daaad3a803bc71c059179e969a789879e0753575fb96fc1c4a6bc79e9d0bf3c"
-                + "50d51b844a7278bdd2a78d30d6899eca4002355833f80b09e9d307f752c6891b09ae906d"
-                + "561eb898cbbd912fb72bf86757a7c4333d2a0e3a26843ed43f65edd8138739bdb43e63d6"
-                + "fd5115185312c864aeee827234af3dfd7e1eef04a5c251a4017d77d1c976a8dd17ed2a22"
-                + "1c058b6b94f47c0fa0fa06aa764c9fd88d782889609a4b6b5f60658e4beb322bec08805b"
-                + "69c44eb8fae138f6e535e6517f1f510aec81793f04720271715a2f38ec751009fb9ebc85"
-                + "96cf49cb159b2bf3d33fdb61b88c1691ff0c6f2ec7d98f8776778bb094cc5271cd3960cd"
-                + "39163bf31c5aec1949491aa0c2d2ef2f12593db9b36cd2206616e9fd545a2ebe39998a4b"
-                + "2043afabc334c332f4a5407cb07bf467aaad82f077d969d2c2a052acb316a6c5fab0bc97"
-                + "a42f5f76165f52d1a2b312282e61d13aa84a44d4ba102346b01977b5190d938f533f31d3"
-                + "e60c00999bae61133683832494792296b2aa00be848317c69a7fc4bd7b2bd06e1bd821a5"
-                + "57b2c39c584d173c1136b1043bf2912b079b7f42ee71a8d70858e0368676c0637b70399f"
-                + "c827c1a08301ddc0f2e0ccafdb15a18034120c48b38472209d75124912f7b4355ec14bff"
-                + "14174f644d20d9715f82bdb36928e837191ef586f3090b2877a8b62d171d25bf8e38b0a9"
-                + "a089fac89496294a8542198d67836112a242f125c9f36beef4ef8e7e9264eef88f07ab26"
-                + "118fb08a7fcc497a31c96d1ecb",
-            "20a67e046163c0124c0880a830ab726995e81447dd7fae4a9179d94f4cf1f82c32786d58"
-                + "785d395a7146617477965e524f8f5b083f11c3a53bfce98e91d084e38efbf23ab541549c"
-                + "683732cac86994e679ae5b1a0b4df765648d4a6e630d8256a7ae4ca6c680bc350062d628"
-                + "289ac12f445743c9dd77f128696418808b3ab396377363a8791e63c28d01e335f6c608b4"
-                + "3fd96517fb7362c39d88a478ee9b9d06e6726a6ada9c1b647fe222592387997f426fabcb"
-                + "974e0841bed598e143eb976471747d7d5e0cc57898c5c89b97c14d49ad1a113f579690c2"
-                + "bc150c4148b2e5e52b1d21af88ed78fc2bf5ff523da8fea07e95223f440314697a388f11"
-                + "b7dda55eb83c1b78f416a86d455cc30842045db5d3c13c9295a45cf2c59d785923c457dd"
-                + "bc6494b3fa043fa1532a69b5ea8378f6eb08346c4c8928c295dbd2c42699e7988d994e7d"
-                + "79ee0da371ffa1ef18eefd8be8f4aafdeb7812db9605b38a5f21fb484b78c6acb40cb06c"
-                + "2b89d568ca8a7e84abba4c250c9859ec3621bf4a381452f5ee8d094aade480abd8e8856a"
-                + "a74dfbdc1a465bc3a2baeca8766b78b5e1a7398292a4156c980b7d4d13d7e6a287d481b8"
-                + "ada7ba93d65140cd860554e11812248a89c5b43a684fdaea1b682246b4c240f27828a40b"
-                + "2ef5091c32226e975384fc2d5b2584b347cc48165c64f394324dc31d17e46974c75ba1d1"
-                + "7a92361e6d7c611683687fd9590763a1838fcfa734d3df875dd116d6cfeb42bf442c0995"
-                + "7c351159c93a2876360982bdeb1eea942bf54a6c841d205609ef402026579d8e6dae8551"
-                + "b15d863fb90c6e39446867ddc37fa600ce563dd71a79c072fb54ac9ebe97113ae860276f"
-                + "2dc4adda26971e0620fc23bc0bb80a9f111a385852005dbf8b700206efb77e0383dc35d0"
-                + "f5e07b167e5479b4994aff1385f1677c6facbc723ed633780154249fea62124778cefff9"
-                + "cf3a597b0756b8bafd1299d8ceeb689a7e6fac891fe8c07e43269cbacf07d534dc0ffbf4"
-                + "bc422a4b88bd6fd4fd2e2426fc72532706e17b72ed6f8273f393d327c41fe6271692ed82"
-                + "58d4821855eb9c55723a293dafa0471a177598f65d88d116b407e60d4c50c6c3a7c716c9"
-                + "ebf63775f29290a57981ba88bad16535db2b7bd9e8279c08d9e330754656a5045602c376"
-                + "266028dac860a2851c9cb26ff97bb91a581c20c29829f74b234cbb5939fd0269d5972a47"
-                + "2910a15f622eeeda8d35f30d4f8120fb6bc43007aa9f6c460aa740c664426653b969356c"
-                + "64daadddd43716fa6bfa07066101c38a26c87e936c58fb86157875cb72a5597c9aba7485"
-                + "9ca200a037daeef702b52c7d56ce2546e52397eaed94a9fe071273b7c8113fe83af3aaf3"
-                + "f4e30d37c54b63e1377d89d62c6042324a466405066a077b81487997fd226ce2d74c6277"
-                + "f8cc2444122296015bd9e8d4af4c49b6deb43a2f84c5a01106f462ec269e5a5285073da8"
-                + "211f627715fd1845a9e0ff0cfd6bc0c37a5374358d632c90cab2c51c90fbfca63478fbb3"
-                + "544fbdfc20b4d0ccc8e690b82f29c99793fd87ada4e48acca9954373f1cfa81c9e450cd0"
-                + "db12688e9b760898e559f81ed6c316d6eb49b4932dad8c7b353e1415e10100432f72a84b"
-                + "a2586053b3fded33142dc1538bb790394c835723bb48fa8622b974f99a635d5f61dccd92"
-                + "bc9efb590020920d57a2b97d0d15200dfdc0e0930bd34affd8dafc80e32b6d0be1a39dea"
-                + "5d2945fff384e2dc5a35cfcb92eb5fbdebdf65408861c908f33c43df33633c6856e5e6e1"
-                + "c712eff6282211c8c266b3b00c7aebc935b178164ad43bb79c8f31e450c273e35622b3de"
-                + "39b32758a523464d3f4af869d4a1b2c495e24fc768a87782a610fc680599c3fa4e431824"
-                + "a665b067dd11d12eaea4e6eb2e105616985fe575f64cfaf6f117be2c586e4313d2b29918"
-                + "5d594765eab194447e320f8a92068bf032cdf3593977f4d25641f58422a07be3dad73313"
-                + "b83438a3a9ecc7dddefbe9f805601056ba301b3b27404a49e93bed6b650b5748e2e13a42"
-                + "288900318fafa587a6aea21f58f954eb1b969fa101c4e23fa1f6e6bf566e0eb7436e12b5"
-                + "28416b24fa5bce206b4ac219069273d6898a016385090e65497d8a6e08664753dffd57c4"
-                + "397abf3e24ce306d45257428d5117184537a98351d3cbe5927024a9f71466b3cf6413db2"
-                + "c0a99245a76f282ebafb1bc95be5a303901d3c6407b43a1a3a721ee20ca14dccb2f53d3d"
-                + "af9d60a6d555041cebc302cf4137cfc1a233195ace2a720bff25ac17f9f07ae0f4d3384f"
-                + "6c319f019b96d5f219ea8fe76c51ca352ea8e7366304e340303764ad0d07f668bcc40681"
-                + "dff8c7c72e7828fd779930346d25ee515cdff7ec505db8430e7eebda1bba37c405bc61f1"
-                + "41be0933d9a23a00f7ef0000b0f0f12f74e9e3a3110f611b70f02b25bffe5d9199ee61c0"
-                + "6d784d1e2a8f1bc1bc29bd9b2fd40b54fd288461bf18680c99f3180d7f061a512575a888"
-                + "fb04361e1f1852713a8c0b4e7679d782e2ddb9d5af65d0e2b64a9a36c15cd2c9b3108f7b"
-                + "eb360d0da0cfa2b7be56d4b3a69f904a388af2df126f2bb66750885da0be0ed1d5a8cd41"
-                + "5f1e490f750696a2dbe35c7e30db6f63b04a2b9ea5b917d703c398fa810f0ed552ce7f51"
-                + "2724bb60fde68081953e320a2a5e71534a7bf252f50c7d87a74e474297ca3d5454901ff8"
-                + "c73baaa72c4a2dcc58ecf3ae31f96349a0ebd29439bb172e838d96623d8a8caed81613a3"
-                + "4c3ab9eff73b6c793f5f49468be09d81931457bc7783e09fad47bfe9d0e10575a046251d"
-                + "9d7ddcb044407463c55be2002f5c3ea2f52bd0d09af9a392feb64a5c20aaf59b4cf4c2fd"
-                + "a17c244dc4a4c0ca2a46cc184ea541dd3f9c8b3a36145bdae9e746bd0b3bc86cb486b816"
-                + "bc60576e85651aa11cae0b92f55282700ea838db05f493f682d11b5e8a40299d52b10f82"
-                + "8506123ddba3b44cccdcb1c23032a561bbf2da50a3633b0905a1fb959556c7539a62d1dd"
-                + "43b6a9d3b9205b09a1addd0ce80e3fd79ab5f75fc6c44b371bcea64fad6844f21d33b0cc"
-                + "e0817bd0ba55eaf1ea319087239e56dc4f88c338317a9fad36b5e6af699cb9644de191c9"
-                + "cfc76273f8f8425c1cea9649fbfd16569879e67107be9223b0638e6a03d86660d878fe01"
-                + "6f36f76a21365bfe2885559ea9f3c020901e0e18b6de5fceb6044c2e59debe07f1f5df39"
-                + "f6ea85f4e4e7ee7ded3ff07f9ad0d538acfe847551dec86ae87a65344698c7be512a9bf7"
-                + "f67419bced642902ff3fe520aba6602d4b81e7cc008a8509848d43f11aeaac5aaaa1d40a"
-                + "a64895b8206096fc36daf38bd7b90834b8e687b2cb62ae9e3b4fef298d5a1bcf41275c99"
-                + "fe72e3857721ae68d5374d9234e73a44c3498e444a8508398ef0412697b538f6bfce5471"
-                + "8a7424b9859edb92eeaf98b32b5f93354387950ccd4a2a1f27fad59608e3d4bf880a11af"
-                + "701252bbb28a4a4714d99f98445698ae8ef8eaf2f36bcd2f0a6eabc49f6d3d6ea89812fe"
-                + "3a3aa05b9c197f64d2a0120d60bf86ce938742d9bd6952fbb9355037214505a67ac89626"
-                + "bd4e2fc778268b3c9db4ee28cce5c13081fbe5397b46fe6539076cce644a8f423ccb9469"
-                + "dec1d841685865bc32b454ed5e25a5b379e64eea38307cf151d83c4da8319f0c5a85d3e1"
-                + "0e9b4c1d3e416284c4a5d665741df5abdafaa9e0e2949c396033ff7c0711d4ab9086bdbf"
-                + "7748556ec43f467216f688d7ad62d0451ea6347e257bf35ac9ea4fae491354f8d90871ac"
-                + "0d15fd145ffdf6bb4495f491149f1ff3de661094066d4ddf8f20cd13d192b92e5efa2fd7"
-                + "5df80283a36ff02f45c25c45d40a65ca1a1181dc8f81aee7248854e814f8b894c5b4eb08"
-                + "213743724193bc0afedaab9dbb71298cfb490adb347a8ff001d504e9204f968ca51cfaa0"
-                + "9965651b6001141af59c81d48fc6e544b42746e835750e1315229a88e7e6d754bee5cf31"
-                + "e89f1e8451884b85a5148bf85f9ebdef5a876929a51b54f0f9c352091ca8b98015f6d74b"
-                + "1ec1aaba96d247391b90fce011e1698a2215e7b4cd7da7e90fc8537af306b7b9f8e48b99"
-                + "8cc8557da6d695c0fd7354fc056294108840c6fc6a6752cc7a3386d1f97b66df6c36a5ef"
-                + "a8f06673980d506cbcc73ba11c3848d2a83cd34f6b944d5ab5bab103c6793d994da5bb39"
-                + "ce20fe26dbfe3c515bf02cb8ec297ea06c35bcacb6525046d9d22d81849bfc31793bf675"
-                + "15049e3a82778dc7e8147241efde4e269579e5ff9b7ee219b2b993882fa3abace415b600"
-                + "bc1bc0457834c150d2748b537950b9c4c2213fcf245d7d8d17cf2c32db06a761a1c02afc"
-                + "0bd491feacb49f79dfc91ae35f5319ba3da01a264525c72b367a225fd041ccade751e75b"
-                + "cf456d3934e7c69bfd246db51f43baf476bb2566e30c95eac1f846f4f52750b3812944b1"
-                + "8973f29293d7db961756cff813eff9591e328b240b2a53140a4e6e46e8b627b085d2a9a0"
-                + "54d233c419c619ad3d546595e5b675ecc8d9218536f88174c7df4de3a32ca84760e9d37b"
-                + "0aecbf6216ebf0d778ddad11671da9d8369ef318ca79f9112d2895707bcab71e57891c27"
-                + "6ab603d5f4d8ea08fae2a5cec939dca56eaab8a1293962fbc4bf9a23aae328e1939329d7"
-                + "f7d29dfdd2b0b424fd67f212eed1b6d2e7570c5377404633580dfa67f28a0102372b7724"
-                + "bfad3e5b99a6e04aa9da9c17da278a19199e8f9a95737c6d8eaf17374bd30a207cf18a67"
-                + "6b5cdc81887d26c0f4f406d3ba0d4a5df4cd17ed494b8e4e75a488db6d3d5743c06c888b"
-                + "1d178827e18227fd1e05a78b7fb0f4c17d3e061222d988b8cb27b148cfa9d7ff18c04902"
-                + "341627cd63ce9f877b548a3b643bee9e1a3dbcca7f1b8562fef75c941e089e2ae24b2866"
-                + "f5126b57c0b31d7424adcc94cf1b15004263f537cb935b4b7a5a4b8fc7834034b395519f"
-                + "4642fa0083c0e372f05447450c5dbf3cd97597865715da0040d37422a6e47c1645a165e8"
-                + "46cff368013c593edc2fd448a057732431e9cb0957234b02cbba211f41b6deb09799a146"
-                + "d9a207956058cbea9707e5f821f5a6ca6a4816aee8cc5424266ea118c7f3a0191a46705a"
-                + "0f78aae59a4084dd2873edb8ec644caf70d29228c1e7481e9dbbf78321394f4ada79aa61"
-                + "653122e27dd616083f073b04eb0942989c74e2aa975713775b294d6311a928dde41d1516"
-                + "8cdd0d0cd8b7b87cba2b263b9698a7251af0f3d37a76fdfd97f7871db5bbc82a293a520c"
-                + "29e9c7fa3c8f9ac38013a40d701a72cd118ba5dc756d25c9c6e7823a8c1a2b146d3dfa74"
-                + "da3d5bde5c4846b355a99f574060306f22f841109e610fc8ee59853266111542593af6d7"
-                + "369e5238c0721b92dbe258873714151787de5e1ec7de836d248bee8b30212bdb3cf648da"
-                + "cf0743d6c9912e5224bded3d222edd61023529b7ff1b00fb8ef427ff2f5f3ff189bcff9f"
-                + "75507d90421af29315f239cd4e7ba1f0540836d7a538035d12a34a7958a5fcaaa1d48910"
-                + "bd5501b3afb86a1b355b1f2d9df7ad7cd332021ff15ccd8ef6e6420b2b1874e90969ecbd"
-                + "00071c81387f50b5f2a086dcd5f5310bb9d6e4a1b74d9fcd8ce1113c115df5fec08f73a3"
-                + "574709c5a97d15658e22e14a4e54e754b14f7521df95ba7007c7f3e97e0f6ce1de7f145c"
-                + "6249b57e1d7c0a539d906816f1abf1a5d53795b421af91915e47bd33efc6510636957ce2"
-                + "24d85f21f5926dcc50895d1224868fe8d78ef7e1bf67d1b5b8ff412e66e5bf3d9d311041"
-                + "dfac409274f886100dd1812cdfaaf2736f9f9f6809e18dfec6fd93e8a0dac2b104e46ca7"
-                + "0dac73280098d107cffbd8350e434eca915d089480c38f2cd340f7d092319a9892887fbe"
-                + "706b1a238034704a4b4c6dac71ea32e1cfcd4bd0d99526e72ee53a734cb8b1e4e976f991"
-                + "70e7c6dbcf84188928ee457fb132ac9462f1ac83a700bda7883052d7599f77c2bd3b38a9"
-                + "e43dc4f5850222c0eda600f8eed330dfedfe095ab0a4ceedaecdecd9f535c583a50b4566"
-                + "b8fcfbc68338b2bad8eb97267c3a8211b6c88233c249e260149ecaa6de3f71cbc49e3d8a"
-                + "ae4a439a9c31c961b8bcee2c30979d28cad77edfe2d9ed6703c19b942ec237aa9afb7040"
-                + "a15696463bcf8ad68357b1137c25fe5e3ad497d80d2b095fef588d3228bc697e3b1b275f"
-                + "377da513ec87d028ed548bbc2b8aafc51b528ba94c0107ed1f1956567afbbda4692632e5"
-                + "901d0603082819cec51cc757d2e05e9331fca9ba66e691d5f127912559229644f98a634d"
-                + "07bbc63ff081074afe428e2042672b0cfd239e42187e52ce0d006146130b3e8b420eff80"
-                + "04345d8e4c6aa225f93eab381eb96b6d98329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "21eb9f2ed7230ead8fcf75de95f05f7ff9d14b5c45a43bbc71d2345674c6b0d3fa8ce619"
-                + "4baf890e09236a1a6a226a8c86831ec35e457fcb59a47bf151a18531f87625fbd5761889"
-                + "186012a02a72d03ea585724167a3070513cfb8605352d2e82cad502efa3134d75041c0cc"
-                + "71cd1d7ac6399ec1398bf633f4109d368afb179bdd7032faddf3d192560c1f53715e1f2e"
-                + "f6df71e1f24a85234d8628a107a6678363ecbe5e21a7cbebc04776e3e70a93c3e10e6667"
-                + "27a5bb981edcc0f89d1951d99ed4828c3ddf23d573c358cae7db77974e54e16c2af879fc"
-                + "a63372b539f84589b24aea34062b498a8a97b32fde039303daea1f00ee2143e484b145a2"
-                + "071f357356a76a0b22a60f5c084993ee4b51a56e13f0b35bc41360100aea1dcfb0b1ee00"
-                + "1efd5411c601d5b4fbc21e68ab03c39597a47a28fc93da988770f47cd0e342df01a3da4a"
-                + "26784ce9172ca3324fde330947a15d839ff0050f487ff04cde7f63d3c8e1fa344dadc387"
-                + "03f40f76b879b229b272c6d4b1ded01286868348c3d9d5049e8c581d114f6d671c75360a"
-                + "14b706dc809f0ee2499864b85cd3720cc9563a5e1f282e0bebcaa47b1131108df17bac52"
-                + "6aa57935c12c1ac792d423bad2817b8852fa746c6b17e9e9561312253e4df503ef8b12a1"
-                + "c5fb94a103a08798060dd945ea0e6519cfa9ec215cf3d34d30f0804da6a3e8faba9e9323"
-                + "410dbfac3814ec213e7f71ba9f8f574429fc2a5086e9587becfc304e1b45718c16860971"
-                + "9c9c6c3106814c242d93cf636d11477886a7701643c9233b814c1298d154b5e50f6946aa"
-                + "74a75f5978e6dd36e48bde5d3afa79447ddcdd98fb8396db095e99ae28168c8f12e3e727"
-                + "82f55e1ac04a2b44599876965140dee01fb472bf6d05f4e002c4601ee72ec8950b8fe09f"
-                + "2d34e0c308f6c4edf6ec64523af813d929cbdd91f794c8277c4d3b25df8e972cad022885"
-                + "e7bc1489614df154f9fe6537cb7dd350726659fdec3821a09d59b731b1c597264035a090"
-                + "87268a324cbf8136719500de1a1ab0d192a923e99902e8e889c2b5b064b80217e2e97c53"
-                + "ef228472f5208d88c9c06bc69a58967dd5399b47ced84c944e6473ea332527eca2bb874d"
-                + "b89d43a433f3cc1029c00ef955bfb2255793dddceef6a4969fca27e8c235b76d3586600b"
-                + "ebe781f9f59d3e69bd45f58b5a32d6f81831a753bd5a084e7b24274335b761d6aa3deb62"
-                + "93d4a46664d011ba6eb1055270bcfec70f645da0005fd1caebbdf183fa7182957885e45d"
-                + "8d2b4365ebb92eea2b5746f2cb3bc1070065d6e518b9b238b2a28726b68f6ceabd9b6061"
-                + "832fa114a6c6b9604426b7eb3fdf5164687ee16038a8f50b3780272b9cb19c99686737ca"
-                + "417684b55d39e99db3ea90c1aaf23bdb71576bcf24f2dd7e239c4ee82e3d0874cb03bf3e"
-                + "f362e17a6cd726650d3b2945d687457e880137a112aff4dcdbdebe2827e1d7d01035ced3"
-                + "3b4d1b2e4e9ceeeec4952686a718c534f6a20111220bf4d2f5e6ff7fbf080b0d85447cb9"
-                + "b5c1e052e0428939bf31d9a5a2ee84908fbf0ffee84adec5063670a7386c51d4a7f00ad1"
-                + "0622cc000f73f00549fbb1ec1d99b9fa4d80d3fcf9ad85b42d3eff1aea69b6fbef367db4"
-                + "42b00d158dcd6165fb9694e18a4aa77c783629cf32982a92182e6823ba04b2e6227080e9"
-                + "df4c7ada20c88ddb75104d56e0eb18e447fc3bc0e9322114c810ac2974c6da609d8863cf"
-                + "541da61c2d87c73f3335a5532a6c7a02aeb7cbe5750657a38b332efc88a3d246e4ff39f4"
-                + "9ff619c388103341a96f8667de37b69c80665ae8386a95e4da990bff87b2e59180e58592"
-                + "31068557e4b90ab3bcd1992c5ba738d361852c6fbbb18ccb29da5c4c23f0d4c12febb0db"
-                + "5516df2be56837929942706d0bdff1fc0609c9fcdc47e381b67f8c25630f30374f6cfffa"
-                + "0d188b7f374af14e56f70b83af8f3fc668dddeb028a2b241df6c74bfdef0e6102bfdb276"
-                + "22675d14334c841ffd689ae0badad31e25584c0be435738f4f71c32327db51a88237f979"
-                + "2594a0802622634875c17f1b554cc8be5d48afb5ce6a8c595b5aabb81f2b66eaf7f2e0dc"
-                + "411f5d04d8d92ae3664055cb9bbf42e8790773a41acbb37920f5a9e798dbbd4e1cbd7174"
-                + "cf38ea83059e25fea5793a8231843a82d17b181d4c5e514f611cbdbdea7ba5658f386e43"
-                + "7838b90a5ac236ff89bf523fb374d3c99b5af4ea01cd9ce487b278925f2ebde33147f04e"
-                + "0e8e5be0a2c6fa8379f306a56da8581249dbd3fb2353275d94fcd6357c7a8f9e64bdfb64"
-                + "46af8421147069d7dddae83b7030415f79ef596b4e61e30739e4c4233a1e7db942be32d0"
-                + "80c309d6ff011ce503f56f6d17d72dc36c203c0d072267f97d85f5a491a5208423db7967"
-                + "0b5747ff7b75cab0573bcc40c77f56f8d3e291141d63160e0da5fbf68afabdd1c06b93d1"
-                + "93035f4fbf3cca82e3aae27ca96bdd6e03872732e456f7e95b1963c61fea0f785f4ee970"
-                + "fbeea443560b9415b24c97e747ef28b6b7d56b8c006bcc6b4c080846e2b93d4d458334d9"
-                + "2628eae7dcbdcf78379d953b4bb09118d3fbef0c33ba72c99b2778aae182bfda7bf7fe17"
-                + "fc3569ac6b172b52a6f183e83650215a1eb92ac5f7fc3653ac58498777c4784c8a0e830b"
-                + "de345180f88fca2ceb4dc6346db1bc40ce66fc9ff84f3b31ac222389f95c71db212e7aef"
-                + "adfe458fb787ad65491ea72c1ce797430da23dc3ffc3a682ab0cb4fae8963bbb51814a38"
-                + "1fc36713856fa8f4b4d7f70ae0c91864e51e17d60133719ed0efb4d143e3ceb05a2e8c0c"
-                + "1c80e0091bc4748496bcab653ad84634ea2998bafbebaa3c61c2c4b646b62caafb5206cf"
-                + "a2429bab20dcc858ec7cb5da3a1b8b335b503cfcc809193a781cc8f6def3234f2358e5a1"
-                + "99d7d855eef9f7284657a47c9fa8d20a690a614981544c54764378e94ae25bcda1e7b99d"
-                + "a7415d977ecbf3fbd104052deb9bed64a7ec0d97d4c0cd56ada74ec954477410c45116fc"
-                + "b7916c9b2c8eee79470181ef8ec402d0360598262fbb8b87686ca134700408b7e1b0df02"
-                + "7cb57dde058ab2d28f0ae85c6eda55adb1a6f5b5552d0d571abf7a4a989119da61e9175d"
-                + "357c78a6c29ade27869e9c0aa1fd16569879e67107be9223b0638e6a03d86660d878fe01"
-                + "6f36f76a21365bfe2885559ea9f3c020901e0e18b6de5fceb6044c2e59debe07f1f5df39"
-                + "f6ea85f4e4e7ee7ded3ff07f9ad0d538acfe847551dec86ae87a65344698c7be512a9bf7"
-                + "f67419bced642902ff3fe520aba6602d4b81e7cc008a8509848d43f11aeaac5aaaa1d40a"
-                + "a64895b8206096fc36daf38bd7b90834b8e687b2cb62ae9e3b4fef298d5a1bcf41275c99"
-                + "fe72e3857721ae68d5374d9234e73a44c3498e444a8508398ef0412697b538f6bfce5471"
-                + "8a7424b9859edb92eeaf98b32b5f93354387950ccd4a2a1f27fad59608e3d4bf880a11af"
-                + "701252bbb28a4a4714d99f98445698ae8ef8eaf2f36bcd2f0a6eabc49f6d3d6ea89812fe"
-                + "3a3aa05b9c197f64d2a0120d60bf86ce938742d9bd6952fbb9355037214505a67ac89626"
-                + "bd4e2fc778268b3c9db4ee28cce5c13081fbe5397b46fe6539076cce644a8f423ccb9469"
-                + "dec1d841685865bc32b454ed5e25a5b379e64eea38307cf151d83c4da8319f0c5a85d3e1"
-                + "0e9b4c1d3e416284c4a5d665741df5abdafaa9e0e2949c396033ff7c0711d4ab9086bdbf"
-                + "7748556ec43f467216f688d7ad62d0451ea6347e257bf35ac9ea4fae491354f8d90871ac"
-                + "0d15fd145ffdf6bb4495f491149f1ff3de661094066d4ddf8f20cd13d192b92e5efa2fd7"
-                + "5df80283a36ff02f45c25c45d40a65ca1a1181dc8f81aee7248854e814f8b894c5b4eb08"
-                + "213743724193bc0afedaab9dbb71298cfb490adb347a8ff001d504e9204f968ca51cfaa0"
-                + "9965651b6001141af59c81d48fc6e544b42746e835750e1315229a88e7e6d754bee5cf31"
-                + "e89f1e8451884b85a5148bf85f9ebdef5a876929a51b54f0f9c352091ca8b98015f6d74b"
-                + "1ec1aaba96d247391b90fce011e1698a2215e7b4cd7da7e90fc8537af306b7b9f8e48b99"
-                + "8cc8557da6d695c0fd7354fc056294108840c6fc6a6752cc7a3386d1f97b66df6c36a5ef"
-                + "a8f06673980d506cbcc73ba11c3848d2a83cd34f6b944d5ab5bab103c6793d994da5bb39"
-                + "ce20fe26dbfe3c515bf02cb8ec297ea06c35bcacb6525046d9d22d81849bfc31793bf675"
-                + "15049e3a82778dc7e8147241efde4e269579e5ff9b7ee219b2b993882fa3abace415b600"
-                + "bc1bc0457834c150d2748b537950b9c4c2213fcf245d7d8d17cf2c32db06a761a1c02afc"
-                + "0bd491feacb49f79dfc91ae35f5319ba3da01a264525c72b367a225fd041ccade751e75b"
-                + "cf456d3934e7c69bfd246db51f43baf476bb2566e30c95eac1f846f4f52750b3812944b1"
-                + "8973f29293d7db961756cff813eff9591e328b240b2a53140a4e6e46e8b627b085d2a9a0"
-                + "54d233c419c619ad3d546595e5b675ecc8d9218536f88174c7df4de3a32ca84760e9d37b"
-                + "0aecbf6216ebf0d778ddad11671da9d8369ef318ca79f9112d2895707bcab71e57891c27"
-                + "6ab603d5f4d8ea08fae2a5cec939dca56eaab8a1293962fbc4bf9a23aae328e1939329d7"
-                + "f7d29dfdd2b0b424fd67f212eed1b6d2e7570c5377404633580dfa67f28a0102372b7724"
-                + "bfad3e5b99a6e04aa9da9c17da278a19199e8f9a95737c6d8eaf17374bd30a207cf18a67"
-                + "6b5cdc81887d26c0f4f406d3ba0d4a5df4cd17ed494b8e4e75a488db6d3d5743c06c888b"
-                + "1d178827e18227fd1e05a78b7fb0f4c17d3e061222d988b8cb27b148cfa9d7ff18c04902"
-                + "341627cd63ce9f877b548a3b643bee9e1a3dbcca7f1b8562fef75c941e089e2ae24b2866"
-                + "f5126b57c0b31d7424adcc94cf1b15004263f537cb935b4b7a5a4b8fc7834034b395519f"
-                + "4642fa0083c0e372f05447450c5dbf3cd97597865715da0040d37422a6e47c1645a165e8"
-                + "46cff368013c593edc2fd448a057732431e9cb0957234b02cbba211f41b6deb09799a146"
-                + "d9a207956058cbea9707e5f821f5a6ca6a4816aee8cc5424266ea118c7f3a0191a46705a"
-                + "0f78aae59a4084dd2873edb8ec644caf70d29228c1e7481e9dbbf78321394f4ada79aa61"
-                + "653122e27dd616083f073b04eb0942989c74e2aa975713775b294d6311a928dde41d1516"
-                + "8cdd0d0cd8b7b87cba2b263b9698a7251af0f3d37a76fdfd97f7871db5bbc82a293a520c"
-                + "29e9c7fa3c8f9ac38013a40d701a72cd118ba5dc756d25c9c6e7823a8c1a2b146d3dfa74"
-                + "da3d5bde5c4846b355a99f574060306f22f841109e610fc8ee59853266111542593af6d7"
-                + "369e5238c0721b92dbe258873714151787de5e1ec7de836d248bee8b30212bdb3cf648da"
-                + "cf0743d6c9912e5224bded3d222edd61023529b7ff1b00fb8ef427ff2f5f3ff189bcff9f"
-                + "75507d90421af29315f239cd4e7ba1f0540836d7a538035d12a34a7958a5fcaaa1d48910"
-                + "bd5501b3afb86a1b355b1f2d9df7ad7cd332021ff15ccd8ef6e6420b2b1874e90969ecbd"
-                + "00071c81387f50b5f2a086dcd5f5310bb9d6e4a1b74d9fcd8ce1113c115df5fec08f73a3"
-                + "574709c5a97d15658e22e14a4e54e754b14f7521df95ba7007c7f3e97e0f6ce1de7f145c"
-                + "6249b57e1d7c0a539d906816f1abf1a5d53795b421af91915e47bd33efc6510636957ce2"
-                + "24d85f21f5926dcc50895d1224868fe8d78ef7e1bf67d1b5b8ff412e66e5bf3d9d311041"
-                + "dfac409274f886100dd1812cdfaaf2736f9f9f6809e18dfec6fd93e8a0dac2b104e46ca7"
-                + "0dac73280098d107cffbd8350e434eca915d089480c38f2cd340f7d092319a9892887fbe"
-                + "706b1a238034704a4b4c6dac71ea32e1cfcd4bd0d99526e72ee53a734cb8b1e4e976f991"
-                + "70e7c6dbcf84188928ee457fb132ac9462f1ac83a700bda7883052d7599f77c2bd3b38a9"
-                + "e43dc4f5850222c0eda600f8eed330dfedfe095ab0a4ceedaecdecd9f535c583a50b4566"
-                + "b8fcfbc68338b2bad8eb97267c3a8211b6c88233c249e260149ecaa6de3f71cbc49e3d8a"
-                + "ae4a439a9c31c961b8bcee2c30979d28cad77edfe2d9ed6703c19b942ec237aa9afb7040"
-                + "a15696463bcf8ad68357b1137c25fe5e3ad497d80d2b095fef588d3228bc697e3b1b275f"
-                + "377da513ec87d028ed548bbc2b8aafc51b528ba94c0107ed1f1956567afbbda4692632e5"
-                + "901d0603082819cec51cc757d2e05e9331fca9ba66e691d5f127912559229644f98a634d"
-                + "07bbc63ff081074afe428e2042672b0cfd239e42187e52ce0d006146130b3e8b420eff80"
-                + "04345d8e4c6aa225f93eab381eb96b6d98329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "229abe8cbc651af0bc92fb2f812ddf8812f79935e8fe27c2d64e9a6ca072dfaf70825a3f"
-                + "a162ac44504c1f18cb849851e930af1c1ee4d202ee5d24783ab8cd16237caee308bbfa7b"
-                + "9f2f187a46b2f41bc5f6936c264eadfc455d401b8face01ecc000b602ee6c9708f3ebd20"
-                + "9145e8b83939a15aac858c0a5079281cbb14d8c4c318a047f813f4a72b24aa00fad27408"
-                + "52c8a07085da8bfef31f3c1cd622d725bb471e9a67252b76d90caff85ab401a6cfab6e62"
-                + "80039059331b889da600e552422dfaed31067e8aa61729f7dffde62e7e5dc60658d50cf7"
-                + "d2c54e18af4f2ff284eaa1f31dcda001b3581c0a16b17743052148ce97dbca4b81ee6adb"
-                + "5c20303007cda5baf1dc3821a5a311818659c802e997fb1c6f1590220160611957739302"
-                + "16a933c563c00d0b3e02d51638b0e49f0b5d8d119285553e0d3fc34811a8a28d8062558d"
-                + "37380a6db0a2cac2cc0c434fcf57a1218194725f8ebd9b3edb7c20b0d13c6a19ccf69a95"
-                + "471901b70c400ba25139b1de0abfe7cc5972c188b44c53781d9b03b65dacf29964564cec"
-                + "50176bd0861c38be323b626eec673fdba9a483b56192ed14c256ea2cd081d98ee58f5feb"
-                + "04b0aea16b1c644f61ebf81419910c06b356fd7ecd3fc5b785676a2e9f8c674d42f02b48"
-                + "29244367dc4a6b1c8c9405e584a2d4a68e96e80e6ed2db045f59b3b8dc0d92f7f83e2357"
-                + "45d6a16e26af8d03131c5f418eaffb7c608f14732037f0de18350bf0334c101070243fdd"
-                + "ee7c9d64cfb178f2341cc8f85b5714b8c9a9008e3ae1fa3308b95f5d4390e7d5346ba2b6"
-                + "ababac55d3b558128ed833b6dfc691aefe873e1637b3e7b75db63aeb315452bb5438e6ab"
-                + "5b492cb4735c1f2fead844455718c4b7d4d4d2330879ab3163c4f56556c0c14eac745533"
-                + "2a9962e6b4df7a79b60ea3e2c63a0649a52b22713d25700d784f6858d87e1d2746368251"
-                + "413499101eda13fbd5257887a7e45abcc997cf7401949dfe83cc0108257a9076bad42170"
-                + "753f71829f8993b9a08e7c4a03d447470b76a7f494308c5cd051d129d239294699692887"
-                + "dd112740f200992fc8be845424ec831f57ebc32cba152808483076cc74688cc686f7198e"
-                + "31e259180778f4f227a0887e6a84531446c8065962a3b3a3fc662f87cba991f0fa5cd1c8"
-                + "ce1d24c948735324b7623834cff51c896093e25e4acbe3d375c5dbc168a9e985847cd15b"
-                + "2aa09fa8d73321a64a8f52874550b8739e344ec8e94c5722d68e8cd0b821d5f1322bf359"
-                + "2a83ae3fa605ce5cd232a149c51a1d88abc682403f7d843b93196cdd92ed403183905c94"
-                + "72a8981a836e7e9adcac64dc9d131a5b4fad91960e1046533b5064c151d7cb95a074871c"
-                + "46900037e7190ec97190010496982245f540f1ea7575e38343618d5996900172da9f2ef2"
-                + "b56aba7a34892bf8339f89ef2911761459bafc703b057ba700f0ef00d454d4d2300b3f9d"
-                + "ce61279561a6836ca7a28eb8139fd4683a517345862960aa92dec51bd4232c87e31aad3e"
-                + "89beeaf6c0eb7f603741db9c4e7261d5ae6425474bddc24787bdadf5a7a5cc4837e6782b"
-                + "9602ff797b501fee984ae91d1a6cf4e1da4d7501495a9cc423c29a1e7ea520ed0f9d6793"
-                + "60b903ddf6bf36571b59f04e61c486e8443be6254f73a2a68a51f6cde4c9845d46df7496"
-                + "cb80372a3f82fa7f3cdea330aba4af06e28df020f24ad3be8ea67ab382867e2320b7e0e4"
-                + "cc5264b3175f4c6724006d584fd6a9e47fc298f4ee0537908c0e0a8f0b9a6815b28c8de8"
-                + "d0fc6244bb39114c769b614ae7d7ffa1d07dee38f7a5bfd9725bd94cbae22f72d246aa06"
-                + "2e28bf2bcd98b3c8ae0f6b90b676a9d63fa29dba82cad1d41ead2d4bd2e41dfaab342174"
-                + "936bdf84e09bcd25447a46b42fdb8559c0533bd858617d267428bbb0297351a343e90b68"
-                + "761aa841237fce15327da87bd818b40ec3453b83a598fbf4ce1c87f8c22f9100f8e42236"
-                + "602a928ce69ecbfbeb5e2b595bae50e3386ff453c6bd63281c8aba06f4345f8c833ae53b"
-                + "89d124ba89b3adb33838b94f2db7f897a47e1cbea2f98e7d2f97717325d3745dec7a53c2"
-                + "61be24c58d3da2220b0ddb55e55dbbdbebd599494cfbed180687dd3fa4b7306e30949f48"
-                + "9b307fb1649e8a930c3b9ae14e63883b64ed46f13545165a1e18efcff6a3c032e33cb145"
-                + "113a7aff7b891b7bc2747030b10255d61241b049473198c8eec0e4f5abbbcac6dea28e99"
-                + "4d022f7ebbd7a023b52b2c611cc3b5e1baa55e9df23b5f426622b6546944681328f7308f"
-                + "4672cb8f18870590623c08a378163aebd33987e0163ae06a787f192e6dcf695faf2ef037"
-                + "75250590d0fe5aff8fe5f1b029d545b6c19836e55b358512945d12ba68e57fbcdc7e3acf"
-                + "afc9c6d2a5aeec28744ee16a6354e9eed0714b234707adc2b2429238941513d226cd2268"
-                + "e6c50c9c0376ea8826941ef8591f55630baf7f2c09a6347295df96cd7ffc058257a82783"
-                + "3968fd6e6872d9f7955a15f875dc5a28b7c8c3dffe76f7312fda0d958aca4e4cada3b379"
-                + "6bfee90d5a4b912926c630182b1ca26cab9ada935756c748f92aa8146fd8df58d8a99c67"
-                + "4f62af1da4c06feb1db5f3dee0a5cc286355e80918608305952f9cd1717bc53a5dcc2c4e"
-                + "d8241cea86a4ade03dab2cf21857e02007bdeb47820a0a01d4f99c1b4395aa337f698e30"
-                + "5dbc0ec483c9ad46bc32cc621ed7aee830cc07549d9ddcf9925e300f7344003d268d7a7a"
-                + "53e691db7050d4f9176191bfafa1a3d6e0478afc3623b0e84104b0277ef6f5063ea18075"
-                + "05a6601469a7a8bc6a3733cc0d4b897b48b8d282ff473f63b824011a6c57c837ea493c6b"
-                + "ece3197dbced0efd8ef1ae79ff8af965a66c023f6b9eb6e7f77b4919f525a81727cf0887"
-                + "27ca6878a03ab558d996ab4edf6020e11e266e7deab0de96c22610617254005f02e85a58"
-                + "93cd120a2ad94812ae1f46ddf5bc1d48e1da2f9b61684d39945dc9093252ae2600e385f4"
-                + "e95012184bdb9abd782c396ea283bd56fee00c9d96579b465746671013cf23537dd5dfe5"
-                + "046168b7262567060cbe00689a709493c0f84152d25ef350fdec045994210043ffcde66e"
-                + "9bea0eb9c150a96e94b684bcf63bd0ccdf13acc0251763b8fe83b4f1861830aade0c337d"
-                + "3b4ca6bf46b51f3ba485559ea9f3c020901e0e18b6de5fceb6044c2e59debe07f1f5df39"
-                + "f6ea85f4e4e7ee7ded3ff07f9ad0d538acfe847551dec86ae87a65344698c7be512a9bf7"
-                + "f67419bced642902ff3fe520aba6602d4b81e7cc008a8509848d43f11aeaac5aaaa1d40a"
-                + "a64895b8206096fc36daf38bd7b90834b8e687b2cb62ae9e3b4fef298d5a1bcf41275c99"
-                + "fe72e3857721ae68d5374d9234e73a44c3498e444a8508398ef0412697b538f6bfce5471"
-                + "8a7424b9859edb92eeaf98b32b5f93354387950ccd4a2a1f27fad59608e3d4bf880a11af"
-                + "701252bbb28a4a4714d99f98445698ae8ef8eaf2f36bcd2f0a6eabc49f6d3d6ea89812fe"
-                + "3a3aa05b9c197f64d2a0120d60bf86ce938742d9bd6952fbb9355037214505a67ac89626"
-                + "bd4e2fc778268b3c9db4ee28cce5c13081fbe5397b46fe6539076cce644a8f423ccb9469"
-                + "dec1d841685865bc32b454ed5e25a5b379e64eea38307cf151d83c4da8319f0c5a85d3e1"
-                + "0e9b4c1d3e416284c4a5d665741df5abdafaa9e0e2949c396033ff7c0711d4ab9086bdbf"
-                + "7748556ec43f467216f688d7ad62d0451ea6347e257bf35ac9ea4fae491354f8d90871ac"
-                + "0d15fd145ffdf6bb4495f491149f1ff3de661094066d4ddf8f20cd13d192b92e5efa2fd7"
-                + "5df80283a36ff02f45c25c45d40a65ca1a1181dc8f81aee7248854e814f8b894c5b4eb08"
-                + "213743724193bc0afedaab9dbb71298cfb490adb347a8ff001d504e9204f968ca51cfaa0"
-                + "9965651b6001141af59c81d48fc6e544b42746e835750e1315229a88e7e6d754bee5cf31"
-                + "e89f1e8451884b85a5148bf85f9ebdef5a876929a51b54f0f9c352091ca8b98015f6d74b"
-                + "1ec1aaba96d247391b90fce011e1698a2215e7b4cd7da7e90fc8537af306b7b9f8e48b99"
-                + "8cc8557da6d695c0fd7354fc056294108840c6fc6a6752cc7a3386d1f97b66df6c36a5ef"
-                + "a8f06673980d506cbcc73ba11c3848d2a83cd34f6b944d5ab5bab103c6793d994da5bb39"
-                + "ce20fe26dbfe3c515bf02cb8ec297ea06c35bcacb6525046d9d22d81849bfc31793bf675"
-                + "15049e3a82778dc7e8147241efde4e269579e5ff9b7ee219b2b993882fa3abace415b600"
-                + "bc1bc0457834c150d2748b537950b9c4c2213fcf245d7d8d17cf2c32db06a761a1c02afc"
-                + "0bd491feacb49f79dfc91ae35f5319ba3da01a264525c72b367a225fd041ccade751e75b"
-                + "cf456d3934e7c69bfd246db51f43baf476bb2566e30c95eac1f846f4f52750b3812944b1"
-                + "8973f29293d7db961756cff813eff9591e328b240b2a53140a4e6e46e8b627b085d2a9a0"
-                + "54d233c419c619ad3d546595e5b675ecc8d9218536f88174c7df4de3a32ca84760e9d37b"
-                + "0aecbf6216ebf0d778ddad11671da9d8369ef318ca79f9112d2895707bcab71e57891c27"
-                + "6ab603d5f4d8ea08fae2a5cec939dca56eaab8a1293962fbc4bf9a23aae328e1939329d7"
-                + "f7d29dfdd2b0b424fd67f212eed1b6d2e7570c5377404633580dfa67f28a0102372b7724"
-                + "bfad3e5b99a6e04aa9da9c17da278a19199e8f9a95737c6d8eaf17374bd30a207cf18a67"
-                + "6b5cdc81887d26c0f4f406d3ba0d4a5df4cd17ed494b8e4e75a488db6d3d5743c06c888b"
-                + "1d178827e18227fd1e05a78b7fb0f4c17d3e061222d988b8cb27b148cfa9d7ff18c04902"
-                + "341627cd63ce9f877b548a3b643bee9e1a3dbcca7f1b8562fef75c941e089e2ae24b2866"
-                + "f5126b57c0b31d7424adcc94cf1b15004263f537cb935b4b7a5a4b8fc7834034b395519f"
-                + "4642fa0083c0e372f05447450c5dbf3cd97597865715da0040d37422a6e47c1645a165e8"
-                + "46cff368013c593edc2fd448a057732431e9cb0957234b02cbba211f41b6deb09799a146"
-                + "d9a207956058cbea9707e5f821f5a6ca6a4816aee8cc5424266ea118c7f3a0191a46705a"
-                + "0f78aae59a4084dd2873edb8ec644caf70d29228c1e7481e9dbbf78321394f4ada79aa61"
-                + "653122e27dd616083f073b04eb0942989c74e2aa975713775b294d6311a928dde41d1516"
-                + "8cdd0d0cd8b7b87cba2b263b9698a7251af0f3d37a76fdfd97f7871db5bbc82a293a520c"
-                + "29e9c7fa3c8f9ac38013a40d701a72cd118ba5dc756d25c9c6e7823a8c1a2b146d3dfa74"
-                + "da3d5bde5c4846b355a99f574060306f22f841109e610fc8ee59853266111542593af6d7"
-                + "369e5238c0721b92dbe258873714151787de5e1ec7de836d248bee8b30212bdb3cf648da"
-                + "cf0743d6c9912e5224bded3d222edd61023529b7ff1b00fb8ef427ff2f5f3ff189bcff9f"
-                + "75507d90421af29315f239cd4e7ba1f0540836d7a538035d12a34a7958a5fcaaa1d48910"
-                + "bd5501b3afb86a1b355b1f2d9df7ad7cd332021ff15ccd8ef6e6420b2b1874e90969ecbd"
-                + "00071c81387f50b5f2a086dcd5f5310bb9d6e4a1b74d9fcd8ce1113c115df5fec08f73a3"
-                + "574709c5a97d15658e22e14a4e54e754b14f7521df95ba7007c7f3e97e0f6ce1de7f145c"
-                + "6249b57e1d7c0a539d906816f1abf1a5d53795b421af91915e47bd33efc6510636957ce2"
-                + "24d85f21f5926dcc50895d1224868fe8d78ef7e1bf67d1b5b8ff412e66e5bf3d9d311041"
-                + "dfac409274f886100dd1812cdfaaf2736f9f9f6809e18dfec6fd93e8a0dac2b104e46ca7"
-                + "0dac73280098d107cffbd8350e434eca915d089480c38f2cd340f7d092319a9892887fbe"
-                + "706b1a238034704a4b4c6dac71ea32e1cfcd4bd0d99526e72ee53a734cb8b1e4e976f991"
-                + "70e7c6dbcf84188928ee457fb132ac9462f1ac83a700bda7883052d7599f77c2bd3b38a9"
-                + "e43dc4f5850222c0eda600f8eed330dfedfe095ab0a4ceedaecdecd9f535c583a50b4566"
-                + "b8fcfbc68338b2bad8eb97267c3a8211b6c88233c249e260149ecaa6de3f71cbc49e3d8a"
-                + "ae4a439a9c31c961b8bcee2c30979d28cad77edfe2d9ed6703c19b942ec237aa9afb7040"
-                + "a15696463bcf8ad68357b1137c25fe5e3ad497d80d2b095fef588d3228bc697e3b1b275f"
-                + "377da513ec87d028ed548bbc2b8aafc51b528ba94c0107ed1f1956567afbbda4692632e5"
-                + "901d0603082819cec51cc757d2e05e9331fca9ba66e691d5f127912559229644f98a634d"
-                + "07bbc63ff081074afe428e2042672b0cfd239e42187e52ce0d006146130b3e8b420eff80"
-                + "04345d8e4c6aa225f93eab381eb96b6d98329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "23a2267c7d68930fcd162fb7b743e94c520197ce16e57ffcb0af6790245d85cb0563e06f"
-                + "ca2249e821a8b102ee771c4e38d797bac3a79eb26092deba93d6cd9a698cdeaabf442d79"
-                + "2fe01ff325f998f85c34398ed4856f070eae3a2e71e44dd427a34bd6a721102b0ef32c33"
-                + "b49db2d8d6f43e024f5cca67819829a650268408ca49c9a013770a979f6a42f39f7d044a"
-                + "878f7a46f8433f506b426b16163ca8d5808e21f9dfb39e339812c452d68e4b63d1f1059d"
-                + "7bd9b5ce9ffe38d687ea6b9cc6371e8d0d5c2536420a3ddaf845cca2fd488acef90f5536"
-                + "4398ad3d1d7d592a23c11a1f0c368201af728b81302f1b43e7e4158b909089153cc5c4d1"
-                + "941b7df2a309c44e13d83de34201f36b1bf487883e04e2acfab55e91bdb56ce54e0d61df"
-                + "000465847f9f90a908f800f6df66aa100e2af0d513cb720e2b119cd454f93395aa216558"
-                + "c4815a3b62c0829dcb1ff49f51194c8e376b8bf273ace333c60af6ac0f79e997d059dbe8"
-                + "76290efad863d81a7a31ade170e0b4aba20f529ba6e1f92847baba3b7a62b5abb2b4d3f4"
-                + "77e077581775180611977aedc9b65db157549202ce291c7c9ddf32fe6f97c09e36d3db1e"
-                + "7da7a364b415b41ac0a894ee2650955de6077f12ad30d3d750aab5a376783c41eab41d75"
-                + "9875695d61f491d7c445184337c806f4709bb052cd4d99834134c1efbf00c68d9828c595"
-                + "633a9b4565016d2062f1b863f28c12788f0f123324dd89daac5b90b34350817671b47bff"
-                + "831934c6d60d30523f6e4b903a0c56d1a7c558ddabe2f9b80063aa5036a888d98713e627"
-                + "ae8d654261e31aae7c0f631d18085c82d9ecc8f1548eef4ee3d89955597a056a6593b6fc"
-                + "77ff7b0b958387bedac460637e0b3f8963e80e84da162332c20652e0343be9f26c81dde3"
-                + "08b33c5170f1547433f2292ea696db9b024181dc6b0e9b7c979dc78fb4a93bd8b262dcd9"
-                + "4f05eabfb2981c83b8fe14fa9b2a4983246a506e66bd05d64368d31a60034226c7ed2d35"
-                + "e3eead5b7a719cf7b5074a16ba7c7149fb2ed242ae3cbd0a3f84d37fccff2bc432a26648"
-                + "b883aab754281fc0cf00556ff74efb73f17a4e2e9c8c862cb5ee0efd886a7a80ee52f853"
-                + "3f82d57bacd5ac1a2318b5cffc9569bbca5b27d9b329fc68b56ae8561ee188705653c618"
-                + "e38ffed8acf01cbda08efa0cf6cda609c9447dda0d74fc383f17b9d81a309dbdf5c954f6"
-                + "a322ea6eadc41bfd3681cebcba78d440e779f61bfdd203b05069231b33d146a44b34582f"
-                + "cf63f1e2037988f14d29d6dd067b8236fa613485a6a48ea37c71d58019b6dcce04fb77f2"
-                + "1d23ecc6b9f734f996ec571ab3615cb40997c0acb18ef3e70ec8a804b70388049b20f64e"
-                + "fb4935e4d3c62c132112297793776720d8494c7921f547116a4980086a9320062dd0c916"
-                + "113b242ec234e3940114ce49de4e9640bbede2ab573725aee1d32f6ffe91d38093e4d983"
-                + "0b15bc6444fbe75023e26d348724a434c25259c2abca46dd6b4762ae3b886221a81401dc"
-                + "4d841161ef7cff07c243ed9685cf2d560f66735231f7fd297e0ede53559ca3b035d6f2f8"
-                + "950e1411c29a2a01a589793b4fd7d0be45b105fb9ea9f494ea5dcda6f7656ebd3d4271de"
-                + "db62605527591e21f2e45d44e21aa03ad8794579c2d93737ab092741ac153a56252abba8"
-                + "f95ae2557447028a60a592f3118f348b42057c69f4ffc8b022fe5827e40964d5c4cacef8"
-                + "5c2a32b36fde4b2bcc3973942fd67fb147fd3f1b26b1d88cd83f6871c424eacbfc418b19"
-                + "804cc8fe9b48f85121b375a8489680ab5f602731e71af1832dd734eb921e1fc6458957fe"
-                + "106f5df96d2fa0920997cfc56c1c7ba4c13af81c90eff571050269a9e6e572e46389a015"
-                + "d48a1372aa0c4e7e18d98efcbc2c2d2be7766eed99f7bd7807f3683d4311028d1ef6b0bb"
-                + "dd556caf554eb4d7c1922c16fee10a4cc7789266fa21f3e1aceabe0cd1bed8dfac4e790a"
-                + "22cd032ef7971874ebad19690198319cdc4c4ccfc8171d7cca7e7b1035870af3ac0b0958"
-                + "53cdf7f9054c461b3f95c8ab4c9923f35b097fc9e7e76952025f95faee965d534d4f8f0a"
-                + "51e8977331b00160e4ae5897defcf8556afa12230920ac7881daf5ca9590c523f230f2dc"
-                + "9f504c1316a5f851e507b5e5698f9f8209e66f0d91ad287b434f49a99bf159b961906897"
-                + "32a6878a64c890807ca862fb71f91f5b8ddfd58ab1d4c63773c32989aaef8f2987469dea"
-                + "29547e7238c19f999b7b3e9e8b5627545b9881bc0af6665a1c730205413be5529c41cb02"
-                + "a7d65d7f1d4697bcb7cab8aa9af608108bde1e31e7275027bd73e3ea60c10e0f9d6f4169"
-                + "39d3848db7a8fc3bb47141ce105388441aff4bd20fb28bb46a68e3f4b614d4a78e4d5847"
-                + "a03c400665dd785371b73085a895e9795ccafc72e0575f771603c9603c4ddb5f701edf64"
-                + "83f2039d52bf8360d946c205560c9388398f023023aa83b3e641b39e1333a9d9fb69ce17"
-                + "81402ef0be8aa2c5c880e5ef4b03e0d2f54f74c3f54ca4d8a82d2471744b69e54e883f92"
-                + "1de4418df44165b1ee650c987f9541c4774da12608526661398f2b4d5dec9d767ff154e6"
-                + "69149e765d5e4055f0fc981987c40d9b033ed56efb91c8f547ddb33542951ec0f9586209"
-                + "ef2f801f0c33881de24efbb82076c2cba55bc3402c2a6eecf34fa37b7a2c18b04b72b37f"
-                + "1927f3a8fb9d906cb08da0a6a41a311f204f4bb958f1c4447d7040e9708920dbaaa054c6"
-                + "90683a197723f8e07ff4c62c6328ed66e0f8fbef365013f8346ffdad9b42dcd747de6358"
-                + "4450c10a6ff0ade8c7970388191adfea8db6af91870e07bc3f0dea103c0cb0a0f1c3dadc"
-                + "445859373c47acf20e5694c23922f4e10f17d2b5def9c298a5ab5b73e8b6702670d17f91"
-                + "617ee8ecbf11221f8c25975699ed9b76f2895a3c2c9a16f1ea96b5c893039eb6be0177f9"
-                + "a5f2dc65c5725abe6eeb60158879a5ac732153f9436353e72e8ee1244045305dea94ab66"
-                + "450f1cf78f1d9ae05636998bd1f29717f2acc7f01695fd9ff9da1fc5d22fd5b4e3630a90"
-                + "520918a84c31e3e3cc4e93c624e75747aaceba351707d39c56962ed12cbca38859dabbc1"
-                + "4ccd23af96e5f99a6557cfba7a3bd0ccdf13acc0251763b8fe83b4f1861830aade0c337d"
-                + "3b4ca6bf46b51f3ba485559ea9f3c020901e0e18b6de5fceb6044c2e59debe07f1f5df39"
-                + "f6ea85f4e4e7ee7ded3ff07f9ad0d538acfe847551dec86ae87a65344698c7be512a9bf7"
-                + "f67419bced642902ff3fe520aba6602d4b81e7cc008a8509848d43f11aeaac5aaaa1d40a"
-                + "a64895b8206096fc36daf38bd7b90834b8e687b2cb62ae9e3b4fef298d5a1bcf41275c99"
-                + "fe72e3857721ae68d5374d9234e73a44c3498e444a8508398ef0412697b538f6bfce5471"
-                + "8a7424b9859edb92eeaf98b32b5f93354387950ccd4a2a1f27fad59608e3d4bf880a11af"
-                + "701252bbb28a4a4714d99f98445698ae8ef8eaf2f36bcd2f0a6eabc49f6d3d6ea89812fe"
-                + "3a3aa05b9c197f64d2a0120d60bf86ce938742d9bd6952fbb9355037214505a67ac89626"
-                + "bd4e2fc778268b3c9db4ee28cce5c13081fbe5397b46fe6539076cce644a8f423ccb9469"
-                + "dec1d841685865bc32b454ed5e25a5b379e64eea38307cf151d83c4da8319f0c5a85d3e1"
-                + "0e9b4c1d3e416284c4a5d665741df5abdafaa9e0e2949c396033ff7c0711d4ab9086bdbf"
-                + "7748556ec43f467216f688d7ad62d0451ea6347e257bf35ac9ea4fae491354f8d90871ac"
-                + "0d15fd145ffdf6bb4495f491149f1ff3de661094066d4ddf8f20cd13d192b92e5efa2fd7"
-                + "5df80283a36ff02f45c25c45d40a65ca1a1181dc8f81aee7248854e814f8b894c5b4eb08"
-                + "213743724193bc0afedaab9dbb71298cfb490adb347a8ff001d504e9204f968ca51cfaa0"
-                + "9965651b6001141af59c81d48fc6e544b42746e835750e1315229a88e7e6d754bee5cf31"
-                + "e89f1e8451884b85a5148bf85f9ebdef5a876929a51b54f0f9c352091ca8b98015f6d74b"
-                + "1ec1aaba96d247391b90fce011e1698a2215e7b4cd7da7e90fc8537af306b7b9f8e48b99"
-                + "8cc8557da6d695c0fd7354fc056294108840c6fc6a6752cc7a3386d1f97b66df6c36a5ef"
-                + "a8f06673980d506cbcc73ba11c3848d2a83cd34f6b944d5ab5bab103c6793d994da5bb39"
-                + "ce20fe26dbfe3c515bf02cb8ec297ea06c35bcacb6525046d9d22d81849bfc31793bf675"
-                + "15049e3a82778dc7e8147241efde4e269579e5ff9b7ee219b2b993882fa3abace415b600"
-                + "bc1bc0457834c150d2748b537950b9c4c2213fcf245d7d8d17cf2c32db06a761a1c02afc"
-                + "0bd491feacb49f79dfc91ae35f5319ba3da01a264525c72b367a225fd041ccade751e75b"
-                + "cf456d3934e7c69bfd246db51f43baf476bb2566e30c95eac1f846f4f52750b3812944b1"
-                + "8973f29293d7db961756cff813eff9591e328b240b2a53140a4e6e46e8b627b085d2a9a0"
-                + "54d233c419c619ad3d546595e5b675ecc8d9218536f88174c7df4de3a32ca84760e9d37b"
-                + "0aecbf6216ebf0d778ddad11671da9d8369ef318ca79f9112d2895707bcab71e57891c27"
-                + "6ab603d5f4d8ea08fae2a5cec939dca56eaab8a1293962fbc4bf9a23aae328e1939329d7"
-                + "f7d29dfdd2b0b424fd67f212eed1b6d2e7570c5377404633580dfa67f28a0102372b7724"
-                + "bfad3e5b99a6e04aa9da9c17da278a19199e8f9a95737c6d8eaf17374bd30a207cf18a67"
-                + "6b5cdc81887d26c0f4f406d3ba0d4a5df4cd17ed494b8e4e75a488db6d3d5743c06c888b"
-                + "1d178827e18227fd1e05a78b7fb0f4c17d3e061222d988b8cb27b148cfa9d7ff18c04902"
-                + "341627cd63ce9f877b548a3b643bee9e1a3dbcca7f1b8562fef75c941e089e2ae24b2866"
-                + "f5126b57c0b31d7424adcc94cf1b15004263f537cb935b4b7a5a4b8fc7834034b395519f"
-                + "4642fa0083c0e372f05447450c5dbf3cd97597865715da0040d37422a6e47c1645a165e8"
-                + "46cff368013c593edc2fd448a057732431e9cb0957234b02cbba211f41b6deb09799a146"
-                + "d9a207956058cbea9707e5f821f5a6ca6a4816aee8cc5424266ea118c7f3a0191a46705a"
-                + "0f78aae59a4084dd2873edb8ec644caf70d29228c1e7481e9dbbf78321394f4ada79aa61"
-                + "653122e27dd616083f073b04eb0942989c74e2aa975713775b294d6311a928dde41d1516"
-                + "8cdd0d0cd8b7b87cba2b263b9698a7251af0f3d37a76fdfd97f7871db5bbc82a293a520c"
-                + "29e9c7fa3c8f9ac38013a40d701a72cd118ba5dc756d25c9c6e7823a8c1a2b146d3dfa74"
-                + "da3d5bde5c4846b355a99f574060306f22f841109e610fc8ee59853266111542593af6d7"
-                + "369e5238c0721b92dbe258873714151787de5e1ec7de836d248bee8b30212bdb3cf648da"
-                + "cf0743d6c9912e5224bded3d222edd61023529b7ff1b00fb8ef427ff2f5f3ff189bcff9f"
-                + "75507d90421af29315f239cd4e7ba1f0540836d7a538035d12a34a7958a5fcaaa1d48910"
-                + "bd5501b3afb86a1b355b1f2d9df7ad7cd332021ff15ccd8ef6e6420b2b1874e90969ecbd"
-                + "00071c81387f50b5f2a086dcd5f5310bb9d6e4a1b74d9fcd8ce1113c115df5fec08f73a3"
-                + "574709c5a97d15658e22e14a4e54e754b14f7521df95ba7007c7f3e97e0f6ce1de7f145c"
-                + "6249b57e1d7c0a539d906816f1abf1a5d53795b421af91915e47bd33efc6510636957ce2"
-                + "24d85f21f5926dcc50895d1224868fe8d78ef7e1bf67d1b5b8ff412e66e5bf3d9d311041"
-                + "dfac409274f886100dd1812cdfaaf2736f9f9f6809e18dfec6fd93e8a0dac2b104e46ca7"
-                + "0dac73280098d107cffbd8350e434eca915d089480c38f2cd340f7d092319a9892887fbe"
-                + "706b1a238034704a4b4c6dac71ea32e1cfcd4bd0d99526e72ee53a734cb8b1e4e976f991"
-                + "70e7c6dbcf84188928ee457fb132ac9462f1ac83a700bda7883052d7599f77c2bd3b38a9"
-                + "e43dc4f5850222c0eda600f8eed330dfedfe095ab0a4ceedaecdecd9f535c583a50b4566"
-                + "b8fcfbc68338b2bad8eb97267c3a8211b6c88233c249e260149ecaa6de3f71cbc49e3d8a"
-                + "ae4a439a9c31c961b8bcee2c30979d28cad77edfe2d9ed6703c19b942ec237aa9afb7040"
-                + "a15696463bcf8ad68357b1137c25fe5e3ad497d80d2b095fef588d3228bc697e3b1b275f"
-                + "377da513ec87d028ed548bbc2b8aafc51b528ba94c0107ed1f1956567afbbda4692632e5"
-                + "901d0603082819cec51cc757d2e05e9331fca9ba66e691d5f127912559229644f98a634d"
-                + "07bbc63ff081074afe428e2042672b0cfd239e42187e52ce0d006146130b3e8b420eff80"
-                + "04345d8e4c6aa225f93eab381eb96b6d98329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "24a6c9d337c58d1908420f010a3df1fa396bcf04e3778ebb42a27a4084c17ace078f5d1d"
-                + "36f24ec0a32aa45ef4aaa51d44fa71689cd6dcae06e6f5a8f5b0145a241b9993d1c4719c"
-                + "07ed2f571abf0852f6cc3841c1b7aec3f8bbba9a53bf378b288880d0df18517cc8dc13b2"
-                + "5376fdd4dfeb88ed0254a8f902e5dc5a31af4e42547dec66873ef0803bd6e377168fb6cb"
-                + "55985525f0b71198cc8352e6aafce7fa80f3383973e22b4f66ed5a9239d108baab9bee4f"
-                + "d73bafacc376a6fc2746210a00facca815e05c36a6468cd0aa7a22ba61a8a38ba0bea83c"
-                + "e589749b028123aac322f964efd0c26da3244423a7db19f3db2142bc1d64c3b8730bca7b"
-                + "5accf58d07a720625ea494513299dca973fce6ddf262be932edfeb04001a5cfd2012f03d"
-                + "7310383fb6ec85f76dee656148b0a1a844000aadc8ce76f8127bf74bc1238f15a03698cb"
-                + "013a42a8a1f9308d41aa106e3417e8630e62c452b4e8e17be0f3d23fa07e6442518c4ea3"
-                + "f11ed25c1ded6e905b5696e1ddb9e54b9b38e1b45f5fd8df5351680d71abd851788c82e1"
-                + "5ffb4cdaf9d17f32957be30581c39cedae1bde0c48c31e79ff5bcc5c8418a59efd867f5e"
-                + "b3a2d0559d3dbff1712b9228d45980f4f8ed3e0bd714daa79e23bdae2d08f008188646f7"
-                + "6747ede5014792d59cf21fea6dabbd3586ecef23446ac7ccffc01bea2cc393300d6125a7"
-                + "e7d21a60503ee653513db94eca370ea3c55bdcd5b726ee3b3162a6561ec2ba7102caa325"
-                + "f660587b298ba33bf832d150a3be950b55e0240259440daa2252a9408f72496b60bb23f6"
-                + "a574fab99a8cc7e069f22bb055689130bfda18787d80a20b01dd1ee46505987ed1d54574"
-                + "1909539fcd42793084b6cc4b5c49b4f685c41834c97223b8d0fd81023670c1ebf3987fc5"
-                + "89506fd7f97fcd5d7f83762d73fa97dc321c3d632669770815ecb501acdf7cad03dc91aa"
-                + "9859ac710683a4389fd84f3a78d5784b8d4c497d8dd69c7747fa98825c01f48d81cb7998"
-                + "60b478faae2bc065849e948dda865e0c71678eacc87f9391dc6ac2ecb82c0f47baa472ab"
-                + "8d6f6f040708e7c998f879bf3658ffb9a975cb14d3074c44ad709b43796b5b5e8710cfb9"
-                + "12c5c2c56169c6376309d518184b1851ac8c2a8f49c08651e4ecdb59f078e93c647288dd"
-                + "e9aab5bd42da6fc24a301294ea8d9121c0cce01b17da3754fc424882a696b85d7f7a8fcd"
-                + "85c5bd49c735b3b707e21d8c58732d56291b751f484ee1dd77d35ece16138aa89ec68b3b"
-                + "a08856f61772d6b86d1d4b86568de014638c1da03111bf1b5337c47b1c44f88215487b66"
-                + "f6ce39aebb7d84164d97ddb095d15942dec9793a79f3967c78cbf696d6b572a6143a00d5"
-                + "7fb5c7185af26c2084423720c47e7a9352615008bf2808d1251363f45a26507460a54795"
-                + "394832d82ab898b9aee8fa262c21edfb2e3478c78f61d5da683406557037b3b796d4fa57"
-                + "e4a817a21810b01422dc0b8f1bdb68113f5f50108a27905b646fd62a97072513c2ec632f"
-                + "2185bade6fefc0b2c0836380d5231b8e43739e4f937cac153330d263ba42447b633549ab"
-                + "00d6c898cb7cbabb86c0a28323cc47f2b0093652de36ecefa60f87f3de13a41cf7eebfe6"
-                + "85515c07a5f893da49a3918ae3ea4f51df0d9e4cdb3d311fbcb717d4e48e39620e25302e"
-                + "e43d505fdf8ec97607e198e8ffe7d09c864f9328b57f5b0596981812b07c4d74b62594e8"
-                + "36125696565a262d88e47f7b7cefbec6a94f67fc7429402b7fa4f49fa8d0e3b88a937cd3"
-                + "720196615b1a48d0788a7fb527fda3ea5bed71962ed519447676b2701c357e8f3abfcf7c"
-                + "dd39d7d5c758cfa4a034e51f57fdc8388a86faa94dc4c9f0c8fbe1fde47e9231cebdf83a"
-                + "512dd95abbee28eda1736ff6173f589f8b99620fa705f127e44fd217607498d89c3efbf0"
-                + "8107804958093c1687bc91fd1c7c27b85943b01b7c3cd93bed1f317c552f4e149e91a962"
-                + "d16a0c3b3b4c5e9fbc026a8a1b527f99f445f312e7e585803790291c9dce225772490c35"
-                + "280a1928336d4eebaf558b76490a286d36a6e123fe9026f7ad1276cd829f81b8ed8415f9"
-                + "5cc8fcb5533137348d609b8cefad35a9dcbb1947f8346bdc7f5d7bdb3699340a734c2798"
-                + "51e085730cce150fd336597c570a53567e03efb985dc3032ac95e711d87ad3a0357c60a6"
-                + "7779a02c141605e24cc2d68d065a95672c069690184563c889e103fc00c5d96093b3675a"
-                + "dcc439fb1464efd60905891217b299debdf1df34c93000214f0a2629d2cfd9d770c0a4ef"
-                + "2205699d2219c1c00675089156da99d9625c485e4fc36a970ae2deddae5a2963f5ec76bd"
-                + "d02508d858b54e8a65842fd3953f3dbb9816a6f7403e6798dce1b455efb3fcf2fa169f55"
-                + "46adb82abd6301b06ae084cee5db07415e2fc9e0a29abdc316ca95a310544fff3210117d"
-                + "805644e46cc5604e8ae9415c34375c251a5169c2cd0f1e474a1a73da0a307e9026d22e5e"
-                + "c40d2a8ad52e7ad1409bfc97c1310e3e69c96673a9b63c22ac2ac1ad682aab9738273c4a"
-                + "11504d5e106084c2afb7321dfb200022ac7ea0c7e018761cd627455e4de0ebdc86f75c7c"
-                + "54b1641200f8daf65274b332bbb0f949b6ddb619aa434b350f980f7683564e6f7c9c611a"
-                + "bf325af905fbfba3f611c6f1365dd55fd328ec13fd1f5d0f6931a8e6c607e22a4706ca4d"
-                + "f0ce18cc21c0bf4afc24e0391573323dc3ab7a090710ba77a7e9e49c0c012c91aa4d8bba"
-                + "1a3016ce6bca023da54ca722f060d984ee2187105caa7a38108a644ff24b2414000a1baf"
-                + "66bbdf59d81a55761f4992af45104d06ac0205bd1868801a76b9e1f0cfc3798f7121f6dd"
-                + "0efd765232e71275d2af100f8c56b449e3d3fb1d50796f6b5c9c420844581c536508d0a0"
-                + "134b1cd4800b4fa2ef99fc22e9b03ab345a4fe68f8075cc4405bd6489a7e887439c04270"
-                + "e4afa11f29b73fd59c4afe884e70729d5d2ee673d3930c503501acabe2891c08697a7013"
-                + "fb3d07d091946c61314729fed05122a4812eb9298d8ea9ff31b5b6bbfdc5dd230889454e"
-                + "c5aa1a8d2831269c7824d5ae5c828085fcc90592ccd17e602ef38da81e87b7716669909c"
-                + "7b8788687bf86d69dea7fd514426f5aca5713d2d3fc976247402cb805da7e28f525cf9ef"
-                + "0646a64d9f9200ac85c01e6210828c2bba7416664772c146ecf90e55f25f6717b6f48e0f"
-                + "8d623d07dee7ee7ded3ff07f9ad0d538acfe847551dec86ae87a65344698c7be512a9bf7"
-                + "f67419bced642902ff3fe520aba6602d4b81e7cc008a8509848d43f11aeaac5aaaa1d40a"
-                + "a64895b8206096fc36daf38bd7b90834b8e687b2cb62ae9e3b4fef298d5a1bcf41275c99"
-                + "fe72e3857721ae68d5374d9234e73a44c3498e444a8508398ef0412697b538f6bfce5471"
-                + "8a7424b9859edb92eeaf98b32b5f93354387950ccd4a2a1f27fad59608e3d4bf880a11af"
-                + "701252bbb28a4a4714d99f98445698ae8ef8eaf2f36bcd2f0a6eabc49f6d3d6ea89812fe"
-                + "3a3aa05b9c197f64d2a0120d60bf86ce938742d9bd6952fbb9355037214505a67ac89626"
-                + "bd4e2fc778268b3c9db4ee28cce5c13081fbe5397b46fe6539076cce644a8f423ccb9469"
-                + "dec1d841685865bc32b454ed5e25a5b379e64eea38307cf151d83c4da8319f0c5a85d3e1"
-                + "0e9b4c1d3e416284c4a5d665741df5abdafaa9e0e2949c396033ff7c0711d4ab9086bdbf"
-                + "7748556ec43f467216f688d7ad62d0451ea6347e257bf35ac9ea4fae491354f8d90871ac"
-                + "0d15fd145ffdf6bb4495f491149f1ff3de661094066d4ddf8f20cd13d192b92e5efa2fd7"
-                + "5df80283a36ff02f45c25c45d40a65ca1a1181dc8f81aee7248854e814f8b894c5b4eb08"
-                + "213743724193bc0afedaab9dbb71298cfb490adb347a8ff001d504e9204f968ca51cfaa0"
-                + "9965651b6001141af59c81d48fc6e544b42746e835750e1315229a88e7e6d754bee5cf31"
-                + "e89f1e8451884b85a5148bf85f9ebdef5a876929a51b54f0f9c352091ca8b98015f6d74b"
-                + "1ec1aaba96d247391b90fce011e1698a2215e7b4cd7da7e90fc8537af306b7b9f8e48b99"
-                + "8cc8557da6d695c0fd7354fc056294108840c6fc6a6752cc7a3386d1f97b66df6c36a5ef"
-                + "a8f06673980d506cbcc73ba11c3848d2a83cd34f6b944d5ab5bab103c6793d994da5bb39"
-                + "ce20fe26dbfe3c515bf02cb8ec297ea06c35bcacb6525046d9d22d81849bfc31793bf675"
-                + "15049e3a82778dc7e8147241efde4e269579e5ff9b7ee219b2b993882fa3abace415b600"
-                + "bc1bc0457834c150d2748b537950b9c4c2213fcf245d7d8d17cf2c32db06a761a1c02afc"
-                + "0bd491feacb49f79dfc91ae35f5319ba3da01a264525c72b367a225fd041ccade751e75b"
-                + "cf456d3934e7c69bfd246db51f43baf476bb2566e30c95eac1f846f4f52750b3812944b1"
-                + "8973f29293d7db961756cff813eff9591e328b240b2a53140a4e6e46e8b627b085d2a9a0"
-                + "54d233c419c619ad3d546595e5b675ecc8d9218536f88174c7df4de3a32ca84760e9d37b"
-                + "0aecbf6216ebf0d778ddad11671da9d8369ef318ca79f9112d2895707bcab71e57891c27"
-                + "6ab603d5f4d8ea08fae2a5cec939dca56eaab8a1293962fbc4bf9a23aae328e1939329d7"
-                + "f7d29dfdd2b0b424fd67f212eed1b6d2e7570c5377404633580dfa67f28a0102372b7724"
-                + "bfad3e5b99a6e04aa9da9c17da278a19199e8f9a95737c6d8eaf17374bd30a207cf18a67"
-                + "6b5cdc81887d26c0f4f406d3ba0d4a5df4cd17ed494b8e4e75a488db6d3d5743c06c888b"
-                + "1d178827e18227fd1e05a78b7fb0f4c17d3e061222d988b8cb27b148cfa9d7ff18c04902"
-                + "341627cd63ce9f877b548a3b643bee9e1a3dbcca7f1b8562fef75c941e089e2ae24b2866"
-                + "f5126b57c0b31d7424adcc94cf1b15004263f537cb935b4b7a5a4b8fc7834034b395519f"
-                + "4642fa0083c0e372f05447450c5dbf3cd97597865715da0040d37422a6e47c1645a165e8"
-                + "46cff368013c593edc2fd448a057732431e9cb0957234b02cbba211f41b6deb09799a146"
-                + "d9a207956058cbea9707e5f821f5a6ca6a4816aee8cc5424266ea118c7f3a0191a46705a"
-                + "0f78aae59a4084dd2873edb8ec644caf70d29228c1e7481e9dbbf78321394f4ada79aa61"
-                + "653122e27dd616083f073b04eb0942989c74e2aa975713775b294d6311a928dde41d1516"
-                + "8cdd0d0cd8b7b87cba2b263b9698a7251af0f3d37a76fdfd97f7871db5bbc82a293a520c"
-                + "29e9c7fa3c8f9ac38013a40d701a72cd118ba5dc756d25c9c6e7823a8c1a2b146d3dfa74"
-                + "da3d5bde5c4846b355a99f574060306f22f841109e610fc8ee59853266111542593af6d7"
-                + "369e5238c0721b92dbe258873714151787de5e1ec7de836d248bee8b30212bdb3cf648da"
-                + "cf0743d6c9912e5224bded3d222edd61023529b7ff1b00fb8ef427ff2f5f3ff189bcff9f"
-                + "75507d90421af29315f239cd4e7ba1f0540836d7a538035d12a34a7958a5fcaaa1d48910"
-                + "bd5501b3afb86a1b355b1f2d9df7ad7cd332021ff15ccd8ef6e6420b2b1874e90969ecbd"
-                + "00071c81387f50b5f2a086dcd5f5310bb9d6e4a1b74d9fcd8ce1113c115df5fec08f73a3"
-                + "574709c5a97d15658e22e14a4e54e754b14f7521df95ba7007c7f3e97e0f6ce1de7f145c"
-                + "6249b57e1d7c0a539d906816f1abf1a5d53795b421af91915e47bd33efc6510636957ce2"
-                + "24d85f21f5926dcc50895d1224868fe8d78ef7e1bf67d1b5b8ff412e66e5bf3d9d311041"
-                + "dfac409274f886100dd1812cdfaaf2736f9f9f6809e18dfec6fd93e8a0dac2b104e46ca7"
-                + "0dac73280098d107cffbd8350e434eca915d089480c38f2cd340f7d092319a9892887fbe"
-                + "706b1a238034704a4b4c6dac71ea32e1cfcd4bd0d99526e72ee53a734cb8b1e4e976f991"
-                + "70e7c6dbcf84188928ee457fb132ac9462f1ac83a700bda7883052d7599f77c2bd3b38a9"
-                + "e43dc4f5850222c0eda600f8eed330dfedfe095ab0a4ceedaecdecd9f535c583a50b4566"
-                + "b8fcfbc68338b2bad8eb97267c3a8211b6c88233c249e260149ecaa6de3f71cbc49e3d8a"
-                + "ae4a439a9c31c961b8bcee2c30979d28cad77edfe2d9ed6703c19b942ec237aa9afb7040"
-                + "a15696463bcf8ad68357b1137c25fe5e3ad497d80d2b095fef588d3228bc697e3b1b275f"
-                + "377da513ec87d028ed548bbc2b8aafc51b528ba94c0107ed1f1956567afbbda4692632e5"
-                + "901d0603082819cec51cc757d2e05e9331fca9ba66e691d5f127912559229644f98a634d"
-                + "07bbc63ff081074afe428e2042672b0cfd239e42187e52ce0d006146130b3e8b420eff80"
-                + "04345d8e4c6aa225f93eab381eb96b6d98329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "25bc9978864ca6448a943b11fbd92a84d65662eb7b0157d1f4ca732fdb3830a745f9c9fc"
-                + "03db135321ad591e2e1ecd8829d7370fa4c6aea2ef0da638b328af9b9c56caee4c87a54a"
-                + "2d229b8b92c90f8e46720ddea820c65a3adf256cc2d003e0db9018245411561967487aec"
-                + "8cc16374870a4dc332c23d25645b5774a39ae6a7569f3ba1a2d478c9a8a506cbd38ba154"
-                + "3b339324cb0246a38f5398eacd44c6c7233b0024e336be86b1df3cb70d6cb208368f3e44"
-                + "f78db80604a68f92ad8e2af27e09ef43e1c7322b84cabf0ff6d4d575b57dffaf0a6bf552"
-                + "094f31857c755bf1ab4550a79456806cd1d4672e579781b24b45734317b2258d5f6dafc8"
-                + "e4dcf4a4dabe2bc562acba272387c39eb5a0b0576583378582e81930eefab9d8444689af"
-                + "9d8c1b48095110c2b2dfa047a0c1d01f89ae4f7254fd3251b2da6e9c2962318c4bb2cb75"
-                + "5a05b8d1e0c337a745a813e1e61bc8dafe542cd082ffeac50e263e24812fe07f99db1adf"
-                + "b2a47dc1a24c0dd4928d6e6f2d3513d10c4235b952db87fa9684daaa72b7e112dc7d3bcc"
-                + "4a301363a19ed1074fd97d80b4b79292b8dcdcd7da0fd016103fe56e81c5751010c91c6b"
-                + "9bd3389f79dc65f5fba4c94ce0a10a95c9918bf85aa635f22effcf3ea795d6d317b7fa50"
-                + "86fedb79bae6b160a34a7738edaaa0316fd0fbc0edae6c73432e2f89c2b2b495ba90de4c"
-                + "ba7d3ca9ad05a32b4d8ae47020e6446e6a90c8ed552751c880a88c689d254a8f5557e428"
-                + "5a2c6dc7ec608f2cc35a29262b8b3d5d0cb2bbd6a0e446435abfc8379cb843706777269e"
-                + "f111421a3e06d318bd64cce886493f99cd9a835da82d4e750d9b4c47c1c131c1168c2b37"
-                + "43301a4ca9dd56f51e1ac56e177f9306565ff64354af74abf41418441c999cd5a02a86cc"
-                + "7990deaa9b1ec97709124c4f0965fe2ab9a03b52663eab3b7638fe6e04852096cf63c3e2"
-                + "937ab402a1572b24a8b888e1ab438fd03f288e20ccf77889da53046c142a59cc4672188a"
-                + "e881f0557ecaf4deb5dec582ecc2a7774c3b4442dcf7648adbc237cc9a7c80d6a2a07bd6"
-                + "6cc71e5ffa865e19483e4b10a47d06e5254aedcab1114f620d4d7d1133018a9ff5839d29"
-                + "41cc919ce7a059f058bbd935a6c67e19d9961c42793e08e5256311274b22031a67bd1381"
-                + "b5c88bdf969b8c3bd0f3eedde337a18472fdec1daf465775da3341679b814a33c6ff9355"
-                + "1c029b1464f91937ca4c955e664bec9a51eb382cf41bc628b2fa88438847c88a6b6e606f"
-                + "9e47b52f17ba463026ddc83fcf622cf7d92b10af7055140da03af2fb3736fc992da4078b"
-                + "f12bd7f1639d191bad4e5909ffe5cee6295e3f9ce76aeb254722d47bf3d7139e35d65553"
-                + "aa66c9675202e86f9023bd509de53052c5dc96d5be43035f2660862ce704e987e3935a9f"
-                + "71cb08f83d649f535f10c4597c6661ba5565df3aea46a6818b5c4a32eafbe2f4fd8c980c"
-                + "a25e55fcb333b6ac0fd7b05643d0248abafc29fd0abbf170ad451167d491e18d75320f95"
-                + "68e486fce49e977b1f525e7a90752c6f699731b9bf1f1fb515d580719b4afad0c4c104f9"
-                + "89b56f91f86b3b9b19e04704537bac918c2198cce83d4ea1e80f9a0cff443ffba78ba815"
-                + "4e7007ea07e442e47f0454aeb7e011e962fac88a094c7aa99c5bc134cc19eae2b3c601ed"
-                + "389d9a26e065225cde17621097ea54c611f7b17189cda0b030768eaf155ad69b29dc115f"
-                + "4ec3f98797cbfc61d8e48a8def905ee044334d6ed003eb3515f0c013a90705e05005d854"
-                + "91a107bb4164932cad16fc225c36711e7649a23b57187cbfc3542271aed653acc7aaeb45"
-                + "8d93ed03e025b0397caf9aa1a02aa7b2d7e2f79a55068184d6ed4ba2662c2219c02b58b1"
-                + "cd5730cc3c3580cbbab4e648aa2f3a4b0f669f08b7f772163157e98ae6117f9033a56179"
-                + "cf1a8e6face3ff9c179713340eef6b6b077348ac3fd77501e4548d1e7d064643c66f954e"
-                + "568482d4abc5b531852206093a9b774ae8a06795c7b7af2d1f6bdec69187095e83f78c5e"
-                + "3f437d87244c1eddd1e3282513e690b71cb8c9171f384c0f1c586d7af9f54b9072893d51"
-                + "cb64ee22934e88aa7910949108dde72dbb2401e245b24a4f85957eef16e71fe822f3a1d9"
-                + "b3549484f8ec5cc2292287cfe7adfdace67c91deadee2978138b2f0736cadd71b98d55ab"
-                + "9e7d0fb7b49a09475ae85ae88b50474f6808e78a253ebd76a8d62e53bc459024614f7f2e"
-                + "f6b3cd660a44d1aa629fe5a1e193bebc5a6872545a3dc3a5cc5dc393571860621566f122"
-                + "c37f945888e7b3a1f1843c7afe5764f08a4e27c8e11eb9e9ab65c5aaf436ef3943ae2bb1"
-                + "f508ee4c2940557b1626e40a96578cc987d4be305e817cb789a26dc8fd8721d83be2f02c"
-                + "71b841feefad09273ba81eb066e4633c4cafbc988def2544c9ce88fe016b225451961dbd"
-                + "a821a95a45f5024f8b517dec14b8dbaf36d9fbf5eda95360270e91839c7bb13a5954e5f5"
-                + "d19de8f9ee69e6c91a1f48b1040cdb8d3b5b0ad559bd4aeeb3441ada040012fa9d571c0f"
-                + "4f5296cee83b828af80558521b2e48da78b82739204a2f53057ce8bb868944c8358e69c9"
-                + "259f6b7ff77ca54988c72344756a34ed807c9be718dd3a3e4e489fb94909681646f97f50"
-                + "e0553f63ee9b3a9e8d05d106744f8dcde86f7e59718e9bf5af840ba7ba942e5635e4697e"
-                + "34d8867106eadaa88e941fb300056f16cb3dc12538869887663376bbbfe9072bc6c70fb4"
-                + "4f8b06f860a23ae140935bd7e851306d1ebcc5eed8fcf5948bc66ddc71bc01d7231aa871"
-                + "c3933ded30ca5efcf2d7cbf52913854268344d5688c67fd73fd4e50eb3fb86775c7c2e59"
-                + "e22bc2b98c4bc6634141ff0ed3c773d6545ecd560347992f385111e57633159c9201233c"
-                + "c9423f283dedc13f4aeb941cf5d28c44d46fb187ae7528745780fffff1d6f44b18601757"
-                + "fe3057cc59412622871b572c227512e355fec914fa8a7911c691fc2ff7f28050670ce26d"
-                + "198ed79b6d67a8361a7dcc28cb89e75d138ca7a32b253ca9fb4afce3918cfc9082203a45"
-                + "e9af91c8676debbfe6c2481a184c21170b28e273afdc5e8e36ece68c2e89df8a3f8f600e"
-                + "1bc5f06ef191c3b27ab3582e8626f5aca5713d2d3fc976247402cb805da7e28f525cf9ef"
-                + "0646a64d9f9200ac85c01e6210828c2bba7416664772c146ecf90e55f25f6717b6f48e0f"
-                + "8d623d07dee7ee7ded3ff07f9ad0d538acfe847551dec86ae87a65344698c7be512a9bf7"
-                + "f67419bced642902ff3fe520aba6602d4b81e7cc008a8509848d43f11aeaac5aaaa1d40a"
-                + "a64895b8206096fc36daf38bd7b90834b8e687b2cb62ae9e3b4fef298d5a1bcf41275c99"
-                + "fe72e3857721ae68d5374d9234e73a44c3498e444a8508398ef0412697b538f6bfce5471"
-                + "8a7424b9859edb92eeaf98b32b5f93354387950ccd4a2a1f27fad59608e3d4bf880a11af"
-                + "701252bbb28a4a4714d99f98445698ae8ef8eaf2f36bcd2f0a6eabc49f6d3d6ea89812fe"
-                + "3a3aa05b9c197f64d2a0120d60bf86ce938742d9bd6952fbb9355037214505a67ac89626"
-                + "bd4e2fc778268b3c9db4ee28cce5c13081fbe5397b46fe6539076cce644a8f423ccb9469"
-                + "dec1d841685865bc32b454ed5e25a5b379e64eea38307cf151d83c4da8319f0c5a85d3e1"
-                + "0e9b4c1d3e416284c4a5d665741df5abdafaa9e0e2949c396033ff7c0711d4ab9086bdbf"
-                + "7748556ec43f467216f688d7ad62d0451ea6347e257bf35ac9ea4fae491354f8d90871ac"
-                + "0d15fd145ffdf6bb4495f491149f1ff3de661094066d4ddf8f20cd13d192b92e5efa2fd7"
-                + "5df80283a36ff02f45c25c45d40a65ca1a1181dc8f81aee7248854e814f8b894c5b4eb08"
-                + "213743724193bc0afedaab9dbb71298cfb490adb347a8ff001d504e9204f968ca51cfaa0"
-                + "9965651b6001141af59c81d48fc6e544b42746e835750e1315229a88e7e6d754bee5cf31"
-                + "e89f1e8451884b85a5148bf85f9ebdef5a876929a51b54f0f9c352091ca8b98015f6d74b"
-                + "1ec1aaba96d247391b90fce011e1698a2215e7b4cd7da7e90fc8537af306b7b9f8e48b99"
-                + "8cc8557da6d695c0fd7354fc056294108840c6fc6a6752cc7a3386d1f97b66df6c36a5ef"
-                + "a8f06673980d506cbcc73ba11c3848d2a83cd34f6b944d5ab5bab103c6793d994da5bb39"
-                + "ce20fe26dbfe3c515bf02cb8ec297ea06c35bcacb6525046d9d22d81849bfc31793bf675"
-                + "15049e3a82778dc7e8147241efde4e269579e5ff9b7ee219b2b993882fa3abace415b600"
-                + "bc1bc0457834c150d2748b537950b9c4c2213fcf245d7d8d17cf2c32db06a761a1c02afc"
-                + "0bd491feacb49f79dfc91ae35f5319ba3da01a264525c72b367a225fd041ccade751e75b"
-                + "cf456d3934e7c69bfd246db51f43baf476bb2566e30c95eac1f846f4f52750b3812944b1"
-                + "8973f29293d7db961756cff813eff9591e328b240b2a53140a4e6e46e8b627b085d2a9a0"
-                + "54d233c419c619ad3d546595e5b675ecc8d9218536f88174c7df4de3a32ca84760e9d37b"
-                + "0aecbf6216ebf0d778ddad11671da9d8369ef318ca79f9112d2895707bcab71e57891c27"
-                + "6ab603d5f4d8ea08fae2a5cec939dca56eaab8a1293962fbc4bf9a23aae328e1939329d7"
-                + "f7d29dfdd2b0b424fd67f212eed1b6d2e7570c5377404633580dfa67f28a0102372b7724"
-                + "bfad3e5b99a6e04aa9da9c17da278a19199e8f9a95737c6d8eaf17374bd30a207cf18a67"
-                + "6b5cdc81887d26c0f4f406d3ba0d4a5df4cd17ed494b8e4e75a488db6d3d5743c06c888b"
-                + "1d178827e18227fd1e05a78b7fb0f4c17d3e061222d988b8cb27b148cfa9d7ff18c04902"
-                + "341627cd63ce9f877b548a3b643bee9e1a3dbcca7f1b8562fef75c941e089e2ae24b2866"
-                + "f5126b57c0b31d7424adcc94cf1b15004263f537cb935b4b7a5a4b8fc7834034b395519f"
-                + "4642fa0083c0e372f05447450c5dbf3cd97597865715da0040d37422a6e47c1645a165e8"
-                + "46cff368013c593edc2fd448a057732431e9cb0957234b02cbba211f41b6deb09799a146"
-                + "d9a207956058cbea9707e5f821f5a6ca6a4816aee8cc5424266ea118c7f3a0191a46705a"
-                + "0f78aae59a4084dd2873edb8ec644caf70d29228c1e7481e9dbbf78321394f4ada79aa61"
-                + "653122e27dd616083f073b04eb0942989c74e2aa975713775b294d6311a928dde41d1516"
-                + "8cdd0d0cd8b7b87cba2b263b9698a7251af0f3d37a76fdfd97f7871db5bbc82a293a520c"
-                + "29e9c7fa3c8f9ac38013a40d701a72cd118ba5dc756d25c9c6e7823a8c1a2b146d3dfa74"
-                + "da3d5bde5c4846b355a99f574060306f22f841109e610fc8ee59853266111542593af6d7"
-                + "369e5238c0721b92dbe258873714151787de5e1ec7de836d248bee8b30212bdb3cf648da"
-                + "cf0743d6c9912e5224bded3d222edd61023529b7ff1b00fb8ef427ff2f5f3ff189bcff9f"
-                + "75507d90421af29315f239cd4e7ba1f0540836d7a538035d12a34a7958a5fcaaa1d48910"
-                + "bd5501b3afb86a1b355b1f2d9df7ad7cd332021ff15ccd8ef6e6420b2b1874e90969ecbd"
-                + "00071c81387f50b5f2a086dcd5f5310bb9d6e4a1b74d9fcd8ce1113c115df5fec08f73a3"
-                + "574709c5a97d15658e22e14a4e54e754b14f7521df95ba7007c7f3e97e0f6ce1de7f145c"
-                + "6249b57e1d7c0a539d906816f1abf1a5d53795b421af91915e47bd33efc6510636957ce2"
-                + "24d85f21f5926dcc50895d1224868fe8d78ef7e1bf67d1b5b8ff412e66e5bf3d9d311041"
-                + "dfac409274f886100dd1812cdfaaf2736f9f9f6809e18dfec6fd93e8a0dac2b104e46ca7"
-                + "0dac73280098d107cffbd8350e434eca915d089480c38f2cd340f7d092319a9892887fbe"
-                + "706b1a238034704a4b4c6dac71ea32e1cfcd4bd0d99526e72ee53a734cb8b1e4e976f991"
-                + "70e7c6dbcf84188928ee457fb132ac9462f1ac83a700bda7883052d7599f77c2bd3b38a9"
-                + "e43dc4f5850222c0eda600f8eed330dfedfe095ab0a4ceedaecdecd9f535c583a50b4566"
-                + "b8fcfbc68338b2bad8eb97267c3a8211b6c88233c249e260149ecaa6de3f71cbc49e3d8a"
-                + "ae4a439a9c31c961b8bcee2c30979d28cad77edfe2d9ed6703c19b942ec237aa9afb7040"
-                + "a15696463bcf8ad68357b1137c25fe5e3ad497d80d2b095fef588d3228bc697e3b1b275f"
-                + "377da513ec87d028ed548bbc2b8aafc51b528ba94c0107ed1f1956567afbbda4692632e5"
-                + "901d0603082819cec51cc757d2e05e9331fca9ba66e691d5f127912559229644f98a634d"
-                + "07bbc63ff081074afe428e2042672b0cfd239e42187e52ce0d006146130b3e8b420eff80"
-                + "04345d8e4c6aa225f93eab381eb96b6d98329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "26dec253be7ea1b6571336de8917b8b0a4d24f128a37bfacfa0557ed1fcd72bc3f8ed7d8"
-                + "3417e7544a8234a6a3ef50c96bd3e3e671fa2975b1642e13e8a6b9c80fa17b46cc77d902"
-                + "391a2863c85b9b5b5e4e73962aa90d9a322d29457bbdb18b92e844b7a1d4030e933fd748"
-                + "cb2da3bda8d97042ef8059efb433c9cdcc71c4a5362ac20167c299bc373fb4c16cc38724"
-                + "eb8e1c133773013f821bff92aec0ba65ba8687830edbf67817e501c56db9d00bd85288c0"
-                + "de09bd0a0e86a46f63e4e508dc04a352f383c9074f41051c79cebb7504cf10176ad2abe7"
-                + "78481c08b4e5dc503f82d29cef99b6e6a2b321339c1b12b1791dd1621215600f85ff8190"
-                + "e93fbe1cdfce14186b12f0361eab462e9885b32d2a551f1922964b7db20ca60e25ff6fa6"
-                + "5a53e971531aad3172e11ab7503135eb97303a34b31a5d9decdf0c891993e76ace5f3667"
-                + "1311d2f2cdd07bc1bcc1aed0b7e2aa26b50c3244a7860290aea8794471918e02a2eaccfc"
-                + "329285880a85bd43853455d248bc05f2345cb5abf19a0c0784170b11df8751e0a716263a"
-                + "7a37143f8e5d71847c7762ab69ca6e9ef6852f84a0bdb56d194d1289787a1fd84373d66a"
-                + "6629f634f17b63b91e42a2f2ae7669846d9d747669829fa4d2061847c483295fa8647cbf"
-                + "3e7b0cc393ee095763639442eca202e710d7038984486bbb9d6d8d6792c1921293e51405"
-                + "97c2271c06b26e5125a3359dffcbf307b4e706934cfb986b83de4d288b0862aebeac408c"
-                + "229a4726674a8a37c1ecee1fc00806c8336e69ac2a6a03e987801d05abdc00b9a77a7f63"
-                + "cc130a6c952387ec3cb49c12f0fe8049296fe9b1ec3548827c6c729bb8c1dae67fddac8e"
-                + "a477bb45b5cd321fdeefc7f24fc105501a43364c6fcbaa646508963f8c0848c17c182ee2"
-                + "95d99d482624d2712b7a872adba3792b5822a39444d8051db8185b02c4d3042b9011a96f"
-                + "91cc98fbfb6630ce6032a63395b5ed566ec6b7abd39718f6c37140e555db7bf75b5808ab"
-                + "f866a4f55f428d866109a668d3eb0d1ebc7c02e3a49b1103e73d59d16693b1389f8b878e"
-                + "b47898afa16d3e392691aef932591f5d16b2b0cc38d56ae8f6df19490e200bfdff185d86"
-                + "30cb2e720b2823adfbe3134fac6ac012e7242c22605f193629b32ae3a9785a0fcb45208d"
-                + "cf6bf81aa123135a9b87e3cbdcf21069efc95f132d6c21c7e768152c1328d669973d9940"
-                + "bf162bf1e45f23db1fdd5a44424e3f22172e3575ce5bf0a791bb32ba274f72da601a2030"
-                + "9bc15f18847ac625f514049635fa4bce766b7b692147f829eef763ac52fc93d3a09d8fc1"
-                + "0b7515c97e2f666a9e372706f6b3e2d3fdf69dae11b98266ebacbc9cde2bce799e9184d0"
-                + "c1ac77dbca2576b1a177a870d205f78df26e3e02ac3cc50ba05fd69dbda7f0a2a1198f8b"
-                + "90b6975e42cc26db94fb4d79a028d4c5079570c538e396110a969837326c12cf6e1811af"
-                + "9a9c73083e3ca4cdab8bcfa5a952f59589853e73194d1187fc7d104e8fba55def86014f3"
-                + "c3d4973802fbf894ee4c39c7967328115878aa4e8268e705d5c248087de89197d1948d06"
-                + "0a56f1d9bf022ca31e7aeacc30057006b04b61f9e092cf0a5ee38e5b83cfa46157793c46"
-                + "170d7cd02db1215b91c9e73920af9bb7de5d09123bc93ff719f8c8a2e0559121897b12a1"
-                + "101a8ae9b8a908282cbd9d526b3ad23b0a7a0fce05eb567ddfd52b5fec693b3ae5d5ba07"
-                + "176160eed13eb1d01aa6ac91f15c48dd0358c7a3d7d02173e2eef5e06a21f9f0505153f3"
-                + "e84587062101f922b3cb6caedef38372106e454f33a66e64a3056d443dcf9b3c1b628e6e"
-                + "cac2939c511c196885ea48f4a20cbf47ccb0ebd247387c8a34402e66885ab4fe9027101c"
-                + "79957e8026396d2dd7ea4ea5267dd3fcd0bda0017f9a8a9b4f0d0100936ac65cd9373920"
-                + "514af897bcae920c81540c1b966f22eeef25b08cfbb552b9fcde5509035d4063e2824d9f"
-                + "5abc014420626e24ae59eb995f453caaf0885b8068c3f23b8267a9142c25df3a1d731b72"
-                + "a9f8e3c77a9d5581cc181f35ef03a219679c11b5437660859efb89020dcb65ea3f1a3dbc"
-                + "97af4848f946caafe150ca8198808d4007f8f3121c26a33dc6492a855171b809b8709e37"
-                + "d090cac44e02c44a3e540bace6fd1cffaf93d653778a47d5360e7e8f30e7c11a9441d552"
-                + "a486afbf0f0a6053fd16b739b9cc2fc36c789cbc34722c68d4c7075bc23ddf45223d3169"
-                + "1dae46daf3abb6a9c3c196e0421797870f813e29931384d069e6227c873c81d74a8488ee"
-                + "cbfdd6ff198dc0afa84eb2a3e6c4c6c89c8cbc172f7c8e2c252992c693424a9bbe9e25dd"
-                + "1a34d5d396ccb649049ea73843eb2b09143d2a6380f6114a1a3d7439adaf3b9d26cfed71"
-                + "eb2e1ff902b0d7cfa09200db5805cba1343d61b89430defbfe7b2b8de584eff8d448f69f"
-                + "f77faa6101819f8fbefdf279b233071d6857e5ca55f35150188b5be235311b3eb632f7a9"
-                + "e8bcbe6793e1fae4fec9bbdcaa899c8169b745feb48ddc2163fd6b356e2475aa7ccab3ba"
-                + "0112a885905fb1bcbfd7e2904263b7a0263573d3e289f5aeb69017ef1718cab3806adc44"
-                + "b84627a7880c671f97a2559e11a344399d67143dbdf2f43992582b06d9cf5e1b7a1c7329"
-                + "3b12f5da236dca67b83140b570bf511897da0bffd8b098626bf76d1c5ec744854d983529"
-                + "fe80b6718756338599e83a1eb8e4915d60329e1a6d4ae845771330ac40c2fcdb32859cff"
-                + "4f0d0564a653a9d33ec8a650e8419068f57ea36d36369da36c70f53f54b158862f0cb2dc"
-                + "7b96259475a340b0f844c0ce596662c8fc9444928b5d3b4b213679c3545fa78b87bf78f2"
-                + "be27f73357c6d1552b05b17dd6bb541bb090972daa83262ee8cdadbbd6985385dd6daef5"
-                + "a23c21673a3da91631650dd0e08a6ebc8dbb24eebb8c839e47b3299a197f182353494e38"
-                + "7d7f51a8f8792a09f57b08fe33ca019f01267a97028af7f39150e11513830078e6e2f7b5"
-                + "1876f7f602c02b1d07ddd2208088323e806f58ae5750074f4d45afef7cb652133279b140"
-                + "a214c3e294b4d07560cbc4876ed10648f5e3b21ecfa2064197ba30bb056e2405cb818bc0"
-                + "485e7cb3f01c98a69e763ff979d290fe0b3e583882e5e3fa0dc92868707539d89c205fc0"
-                + "9d86e964c764070361c01e6210828c2bba7416664772c146ecf90e55f25f6717b6f48e0f"
-                + "8d623d07dee7ee7ded3ff07f9ad0d538acfe847551dec86ae87a65344698c7be512a9bf7"
-                + "f67419bced642902ff3fe520aba6602d4b81e7cc008a8509848d43f11aeaac5aaaa1d40a"
-                + "a64895b8206096fc36daf38bd7b90834b8e687b2cb62ae9e3b4fef298d5a1bcf41275c99"
-                + "fe72e3857721ae68d5374d9234e73a44c3498e444a8508398ef0412697b538f6bfce5471"
-                + "8a7424b9859edb92eeaf98b32b5f93354387950ccd4a2a1f27fad59608e3d4bf880a11af"
-                + "701252bbb28a4a4714d99f98445698ae8ef8eaf2f36bcd2f0a6eabc49f6d3d6ea89812fe"
-                + "3a3aa05b9c197f64d2a0120d60bf86ce938742d9bd6952fbb9355037214505a67ac89626"
-                + "bd4e2fc778268b3c9db4ee28cce5c13081fbe5397b46fe6539076cce644a8f423ccb9469"
-                + "dec1d841685865bc32b454ed5e25a5b379e64eea38307cf151d83c4da8319f0c5a85d3e1"
-                + "0e9b4c1d3e416284c4a5d665741df5abdafaa9e0e2949c396033ff7c0711d4ab9086bdbf"
-                + "7748556ec43f467216f688d7ad62d0451ea6347e257bf35ac9ea4fae491354f8d90871ac"
-                + "0d15fd145ffdf6bb4495f491149f1ff3de661094066d4ddf8f20cd13d192b92e5efa2fd7"
-                + "5df80283a36ff02f45c25c45d40a65ca1a1181dc8f81aee7248854e814f8b894c5b4eb08"
-                + "213743724193bc0afedaab9dbb71298cfb490adb347a8ff001d504e9204f968ca51cfaa0"
-                + "9965651b6001141af59c81d48fc6e544b42746e835750e1315229a88e7e6d754bee5cf31"
-                + "e89f1e8451884b85a5148bf85f9ebdef5a876929a51b54f0f9c352091ca8b98015f6d74b"
-                + "1ec1aaba96d247391b90fce011e1698a2215e7b4cd7da7e90fc8537af306b7b9f8e48b99"
-                + "8cc8557da6d695c0fd7354fc056294108840c6fc6a6752cc7a3386d1f97b66df6c36a5ef"
-                + "a8f06673980d506cbcc73ba11c3848d2a83cd34f6b944d5ab5bab103c6793d994da5bb39"
-                + "ce20fe26dbfe3c515bf02cb8ec297ea06c35bcacb6525046d9d22d81849bfc31793bf675"
-                + "15049e3a82778dc7e8147241efde4e269579e5ff9b7ee219b2b993882fa3abace415b600"
-                + "bc1bc0457834c150d2748b537950b9c4c2213fcf245d7d8d17cf2c32db06a761a1c02afc"
-                + "0bd491feacb49f79dfc91ae35f5319ba3da01a264525c72b367a225fd041ccade751e75b"
-                + "cf456d3934e7c69bfd246db51f43baf476bb2566e30c95eac1f846f4f52750b3812944b1"
-                + "8973f29293d7db961756cff813eff9591e328b240b2a53140a4e6e46e8b627b085d2a9a0"
-                + "54d233c419c619ad3d546595e5b675ecc8d9218536f88174c7df4de3a32ca84760e9d37b"
-                + "0aecbf6216ebf0d778ddad11671da9d8369ef318ca79f9112d2895707bcab71e57891c27"
-                + "6ab603d5f4d8ea08fae2a5cec939dca56eaab8a1293962fbc4bf9a23aae328e1939329d7"
-                + "f7d29dfdd2b0b424fd67f212eed1b6d2e7570c5377404633580dfa67f28a0102372b7724"
-                + "bfad3e5b99a6e04aa9da9c17da278a19199e8f9a95737c6d8eaf17374bd30a207cf18a67"
-                + "6b5cdc81887d26c0f4f406d3ba0d4a5df4cd17ed494b8e4e75a488db6d3d5743c06c888b"
-                + "1d178827e18227fd1e05a78b7fb0f4c17d3e061222d988b8cb27b148cfa9d7ff18c04902"
-                + "341627cd63ce9f877b548a3b643bee9e1a3dbcca7f1b8562fef75c941e089e2ae24b2866"
-                + "f5126b57c0b31d7424adcc94cf1b15004263f537cb935b4b7a5a4b8fc7834034b395519f"
-                + "4642fa0083c0e372f05447450c5dbf3cd97597865715da0040d37422a6e47c1645a165e8"
-                + "46cff368013c593edc2fd448a057732431e9cb0957234b02cbba211f41b6deb09799a146"
-                + "d9a207956058cbea9707e5f821f5a6ca6a4816aee8cc5424266ea118c7f3a0191a46705a"
-                + "0f78aae59a4084dd2873edb8ec644caf70d29228c1e7481e9dbbf78321394f4ada79aa61"
-                + "653122e27dd616083f073b04eb0942989c74e2aa975713775b294d6311a928dde41d1516"
-                + "8cdd0d0cd8b7b87cba2b263b9698a7251af0f3d37a76fdfd97f7871db5bbc82a293a520c"
-                + "29e9c7fa3c8f9ac38013a40d701a72cd118ba5dc756d25c9c6e7823a8c1a2b146d3dfa74"
-                + "da3d5bde5c4846b355a99f574060306f22f841109e610fc8ee59853266111542593af6d7"
-                + "369e5238c0721b92dbe258873714151787de5e1ec7de836d248bee8b30212bdb3cf648da"
-                + "cf0743d6c9912e5224bded3d222edd61023529b7ff1b00fb8ef427ff2f5f3ff189bcff9f"
-                + "75507d90421af29315f239cd4e7ba1f0540836d7a538035d12a34a7958a5fcaaa1d48910"
-                + "bd5501b3afb86a1b355b1f2d9df7ad7cd332021ff15ccd8ef6e6420b2b1874e90969ecbd"
-                + "00071c81387f50b5f2a086dcd5f5310bb9d6e4a1b74d9fcd8ce1113c115df5fec08f73a3"
-                + "574709c5a97d15658e22e14a4e54e754b14f7521df95ba7007c7f3e97e0f6ce1de7f145c"
-                + "6249b57e1d7c0a539d906816f1abf1a5d53795b421af91915e47bd33efc6510636957ce2"
-                + "24d85f21f5926dcc50895d1224868fe8d78ef7e1bf67d1b5b8ff412e66e5bf3d9d311041"
-                + "dfac409274f886100dd1812cdfaaf2736f9f9f6809e18dfec6fd93e8a0dac2b104e46ca7"
-                + "0dac73280098d107cffbd8350e434eca915d089480c38f2cd340f7d092319a9892887fbe"
-                + "706b1a238034704a4b4c6dac71ea32e1cfcd4bd0d99526e72ee53a734cb8b1e4e976f991"
-                + "70e7c6dbcf84188928ee457fb132ac9462f1ac83a700bda7883052d7599f77c2bd3b38a9"
-                + "e43dc4f5850222c0eda600f8eed330dfedfe095ab0a4ceedaecdecd9f535c583a50b4566"
-                + "b8fcfbc68338b2bad8eb97267c3a8211b6c88233c249e260149ecaa6de3f71cbc49e3d8a"
-                + "ae4a439a9c31c961b8bcee2c30979d28cad77edfe2d9ed6703c19b942ec237aa9afb7040"
-                + "a15696463bcf8ad68357b1137c25fe5e3ad497d80d2b095fef588d3228bc697e3b1b275f"
-                + "377da513ec87d028ed548bbc2b8aafc51b528ba94c0107ed1f1956567afbbda4692632e5"
-                + "901d0603082819cec51cc757d2e05e9331fca9ba66e691d5f127912559229644f98a634d"
-                + "07bbc63ff081074afe428e2042672b0cfd239e42187e52ce0d006146130b3e8b420eff80"
-                + "04345d8e4c6aa225f93eab381eb96b6d98329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "27896d88eaf84d8fcc3610f36b89b94d85da6b773f457af8d87a576277376414ceefd4b0"
-                + "5482f1f207a1ee7116e3cc4fdeab134faba2b86d865c65f133efa89fa73c236031619400"
-                + "95e5c42debfdfba0fb45ef3a59c3ee132de58960da06894753232d1cbdb0efb7500b5ed0"
-                + "817a119cb165f1b0b14cfc057d158069128926253730e5b31386e239f5fa240354d81895"
-                + "d0d8c105c4e0650a16c50a246d82f36ddffbfac557d062818fd1cb990c2847d9870db034"
-                + "6b9df82820f421377dd8682d5ff3f7622e61e70a829626facc4199a44beafe4e8adfc461"
-                + "71d8e33dcc7a9135242ea336b64b1604916af8f3d2f49c6d6ef73621914553b7b8efd22f"
-                + "cc2da1d6dae332e1b3a5b770e1dbb0f3025e666d5a0ce78c63f9e509d8464921a7e397d5"
-                + "82a9e9fa7770e5065bd3232945de15606ac0d5b60abeda1b2055019c46065f74ef1b0d1a"
-                + "e174423cfd1000c07d3173fbedb2130e527ae0250ea85550efe42db9c25bfd82de6569b3"
-                + "e82b4f6bd9ff0405d79376dae0e762a0387f6ae2bb066ebe2e20bcc63dbf3789f0b8fa5c"
-                + "271cd92a3d33ff0612f6812d47e454414de205ff6ffca96d46d2b9d2300d2dc4568f429a"
-                + "13f7c887a55497188dc46c6bd5f556ce103af84e16b187ac8db9707028bef1acfba12d98"
-                + "d295c6533b54314d1868f337ce08c8c2111ba845e2f026950d083a925f9b84afed1a077c"
-                + "a956b3d73f0298452ebe32be8e488e262da9e3992d154fa0b89526bc66b1ef3af36ad21a"
-                + "6f785981997c55c2d67a61aa063e76acc173af8da8a983bcfea9ed849e1f6b281c8b04a8"
-                + "6351d0ecec00b42c3b69052ab1808faeeccd7438f930210e94ddaad6860325b72a0e8402"
-                + "6a134bcc61c959610496d094245fc944053ddc5eff10ad14c4f93b1e0773dbcbbd1cb348"
-                + "5d4263605e4fb3026974989551ee5a5569a91c3e146fb125e5206723316923e453dd8180"
-                + "f9f0f5c05bec1b6c462a45b16edb7d8040a6ace59ca5ccb329f4dbcd73e5bb556542653e"
-                + "17b1293814a3fece1c9725115f1b70f7d8f5c99a9cc86166c2c064fa7c19cc5c3870c250"
-                + "437191b00eefddb31b97f193f7c4ed12341694f47f01015f50c6f1eba41386bbaa21baa3"
-                + "0bd510b501fef2e440b6c0b2e298561696fd70691778c430620e9a0da8fed2817dc2c19f"
-                + "d2589f3936a6597f00650670ca87c22d1478f0945868ea3846900661ca44192e51515896"
-                + "0008f14d54ff2fe85e5d1ed562e4862d6f4e7f45414dda58ffac0e8a723e3013013bd72b"
-                + "d99092f05e003fdc0ec7c9bd1f9421c765d07f2cf342ad85eddd6c976a57f883ff9a4980"
-                + "cf32a7cc79ad4dbd6869a73df53dde7898ad8ccd7b4064a9117f4b00f807c133c374a069"
-                + "da2eb86b2ae6a165f43e5e7fe04938045a7f52d58fd897e5ca7b0ea913844b1fabfb6fb0"
-                + "5013822fdff60b17d852aff7ae28886fdc2670b9f23d07e1320aee3c10ee2ab2779d2897"
-                + "ad7f90e4d6998846e494728c0d94124b77cc9190d36bc7835f8dd8cf1781ade3ef3a9356"
-                + "9ad9a768cad18fd1c3a658ef71b7bd257d569c020408da1164293bef004668cec618dc31"
-                + "ea70ff6d2bd8700bf77780cd3b5c3534a8f8754565d6d44b82d497a680c8138bbed767dd"
-                + "a8086d67c264b2568f7829e473e35602ebc5cbab38a94a2be8807fa396ae2fb8da9a82d0"
-                + "2a6a9c461760709a62479531f08b9bfcf6d0ceb15fffffe56d6c6674dd7fddf8467cc697"
-                + "2d404965f253cfca82ca7d49a79dde0ebc38ba00ad7390ba7ec1d6a91b0ece73735022cc"
-                + "d84552ff5dba064f247dd2e859104d5eb2077b961f61762279a7c289031c083edb3119b4"
-                + "cf3e6cfa0169eaf575ea3a38a26e7cff6e559bd30fec423c7b4052073c900e0303192714"
-                + "4bc25a27baedb07a476e15f27082f97e509b229b8ff829dbf8bb07bd1a0d31bfb0922f3f"
-                + "86bd54683c5d35600337726eea57b17a5e98faad765012e21522c80c7d90b6b0a5e0da5d"
-                + "b701a464b1a2e85ba50162b5c3b5863ab63a619620e6397b13a7d7654fea3d601684f917"
-                + "40de4a0f19ff671cd58a91022c68f4895b179a709e85637b5197ee7232f8862918bb9766"
-                + "06e1e491b86fedf453c047b2582a5258e6fd76eec1eedd74c7e53c777f73f222004965e8"
-                + "5df5658079e21579b758ee5d24a2f68fabff1692d0ab7d359ee5618e5bc4d249f8ad1de7"
-                + "4a7b33a5d9e6b5961ce7937f9de4fe1fdaf136929625a56d734c4898665e55b29a5ae90c"
-                + "2d85d92e77c8dc866008bf375932d3c42980da4544ef7db288ded83dfd871430b8d7cf4b"
-                + "8185184242586ea3a0029598226c9b614c18da61453e390de05becc7097988ca1ab912f9"
-                + "60a705d024092a6c35fde00eb05744cbbf7852d4874db683c6f6bfce2f2df3aa89f3e6ca"
-                + "dba90f4acd63c42824c78942fca3d5dd5b969158ebbe0e401f7c3eee1eda2945e2db57bc"
-                + "883083865474fba7ad3ccc1831639a1669c0421989b7eae327aca2366d99767f48517743"
-                + "169ea17ef92957ea49e3a5a1fc1b77b727933651ce48eef10c5bb15687cc96ee64ed4322"
-                + "44070eb18f7f6852f5be55200842b50bcba50afd03db33e4dbbfab7813614cdffcbed89b"
-                + "ee7800a9e10a9697df80a07616372bf6126c7b20387ad2a9ee39b1662d3c294dc177134a"
-                + "b8607c63e2d5f123e39c8784cf640b13ba019ab5e87369181711900acb140b749f841c7a"
-                + "66785c23ef38709bd4ae612c11ac915431bce4e6e4c0a05485a06b70e4926b04c95e410e"
-                + "62cb13eff48ad7252360c8eff8e740769990ed552aea1fc83eeac71711668ebaea2e404e"
-                + "ed74b1bafa297415d010577a8112bb2de93cd48d225a2613b03084929d306c59fa970252"
-                + "47a49ea36c9d10de8fbc4d06ebdaeb4894eeffc386d47d8116b5cf7bcdea0afdae378d96"
-                + "28a1fecce0015c1ffd617a9e6e0254161957cad458261aded95f3c432a9220c1ee88f952"
-                + "3787cf81dd8872a6c6c32896a558fd5407f25df779bf78ec8645eea6cbc7b2df8b6f680e"
-                + "3195e1a8c84dd6c4fec740f66d874efed2e1030c5511db3422ac951976709b37d864a040"
-                + "e7b022a8e0030bb6d34ef443a00b1f8adfe232d5a30417d9ef8858afac1bb7999ae39b1c"
-                + "1264de0b82410b34b5cc55ccdbd290fe0b3e583882e5e3fa0dc92868707539d89c205fc0"
-                + "9d86e964c764070361c01e6210828c2bba7416664772c146ecf90e55f25f6717b6f48e0f"
-                + "8d623d07dee7ee7ded3ff07f9ad0d538acfe847551dec86ae87a65344698c7be512a9bf7"
-                + "f67419bced642902ff3fe520aba6602d4b81e7cc008a8509848d43f11aeaac5aaaa1d40a"
-                + "a64895b8206096fc36daf38bd7b90834b8e687b2cb62ae9e3b4fef298d5a1bcf41275c99"
-                + "fe72e3857721ae68d5374d9234e73a44c3498e444a8508398ef0412697b538f6bfce5471"
-                + "8a7424b9859edb92eeaf98b32b5f93354387950ccd4a2a1f27fad59608e3d4bf880a11af"
-                + "701252bbb28a4a4714d99f98445698ae8ef8eaf2f36bcd2f0a6eabc49f6d3d6ea89812fe"
-                + "3a3aa05b9c197f64d2a0120d60bf86ce938742d9bd6952fbb9355037214505a67ac89626"
-                + "bd4e2fc778268b3c9db4ee28cce5c13081fbe5397b46fe6539076cce644a8f423ccb9469"
-                + "dec1d841685865bc32b454ed5e25a5b379e64eea38307cf151d83c4da8319f0c5a85d3e1"
-                + "0e9b4c1d3e416284c4a5d665741df5abdafaa9e0e2949c396033ff7c0711d4ab9086bdbf"
-                + "7748556ec43f467216f688d7ad62d0451ea6347e257bf35ac9ea4fae491354f8d90871ac"
-                + "0d15fd145ffdf6bb4495f491149f1ff3de661094066d4ddf8f20cd13d192b92e5efa2fd7"
-                + "5df80283a36ff02f45c25c45d40a65ca1a1181dc8f81aee7248854e814f8b894c5b4eb08"
-                + "213743724193bc0afedaab9dbb71298cfb490adb347a8ff001d504e9204f968ca51cfaa0"
-                + "9965651b6001141af59c81d48fc6e544b42746e835750e1315229a88e7e6d754bee5cf31"
-                + "e89f1e8451884b85a5148bf85f9ebdef5a876929a51b54f0f9c352091ca8b98015f6d74b"
-                + "1ec1aaba96d247391b90fce011e1698a2215e7b4cd7da7e90fc8537af306b7b9f8e48b99"
-                + "8cc8557da6d695c0fd7354fc056294108840c6fc6a6752cc7a3386d1f97b66df6c36a5ef"
-                + "a8f06673980d506cbcc73ba11c3848d2a83cd34f6b944d5ab5bab103c6793d994da5bb39"
-                + "ce20fe26dbfe3c515bf02cb8ec297ea06c35bcacb6525046d9d22d81849bfc31793bf675"
-                + "15049e3a82778dc7e8147241efde4e269579e5ff9b7ee219b2b993882fa3abace415b600"
-                + "bc1bc0457834c150d2748b537950b9c4c2213fcf245d7d8d17cf2c32db06a761a1c02afc"
-                + "0bd491feacb49f79dfc91ae35f5319ba3da01a264525c72b367a225fd041ccade751e75b"
-                + "cf456d3934e7c69bfd246db51f43baf476bb2566e30c95eac1f846f4f52750b3812944b1"
-                + "8973f29293d7db961756cff813eff9591e328b240b2a53140a4e6e46e8b627b085d2a9a0"
-                + "54d233c419c619ad3d546595e5b675ecc8d9218536f88174c7df4de3a32ca84760e9d37b"
-                + "0aecbf6216ebf0d778ddad11671da9d8369ef318ca79f9112d2895707bcab71e57891c27"
-                + "6ab603d5f4d8ea08fae2a5cec939dca56eaab8a1293962fbc4bf9a23aae328e1939329d7"
-                + "f7d29dfdd2b0b424fd67f212eed1b6d2e7570c5377404633580dfa67f28a0102372b7724"
-                + "bfad3e5b99a6e04aa9da9c17da278a19199e8f9a95737c6d8eaf17374bd30a207cf18a67"
-                + "6b5cdc81887d26c0f4f406d3ba0d4a5df4cd17ed494b8e4e75a488db6d3d5743c06c888b"
-                + "1d178827e18227fd1e05a78b7fb0f4c17d3e061222d988b8cb27b148cfa9d7ff18c04902"
-                + "341627cd63ce9f877b548a3b643bee9e1a3dbcca7f1b8562fef75c941e089e2ae24b2866"
-                + "f5126b57c0b31d7424adcc94cf1b15004263f537cb935b4b7a5a4b8fc7834034b395519f"
-                + "4642fa0083c0e372f05447450c5dbf3cd97597865715da0040d37422a6e47c1645a165e8"
-                + "46cff368013c593edc2fd448a057732431e9cb0957234b02cbba211f41b6deb09799a146"
-                + "d9a207956058cbea9707e5f821f5a6ca6a4816aee8cc5424266ea118c7f3a0191a46705a"
-                + "0f78aae59a4084dd2873edb8ec644caf70d29228c1e7481e9dbbf78321394f4ada79aa61"
-                + "653122e27dd616083f073b04eb0942989c74e2aa975713775b294d6311a928dde41d1516"
-                + "8cdd0d0cd8b7b87cba2b263b9698a7251af0f3d37a76fdfd97f7871db5bbc82a293a520c"
-                + "29e9c7fa3c8f9ac38013a40d701a72cd118ba5dc756d25c9c6e7823a8c1a2b146d3dfa74"
-                + "da3d5bde5c4846b355a99f574060306f22f841109e610fc8ee59853266111542593af6d7"
-                + "369e5238c0721b92dbe258873714151787de5e1ec7de836d248bee8b30212bdb3cf648da"
-                + "cf0743d6c9912e5224bded3d222edd61023529b7ff1b00fb8ef427ff2f5f3ff189bcff9f"
-                + "75507d90421af29315f239cd4e7ba1f0540836d7a538035d12a34a7958a5fcaaa1d48910"
-                + "bd5501b3afb86a1b355b1f2d9df7ad7cd332021ff15ccd8ef6e6420b2b1874e90969ecbd"
-                + "00071c81387f50b5f2a086dcd5f5310bb9d6e4a1b74d9fcd8ce1113c115df5fec08f73a3"
-                + "574709c5a97d15658e22e14a4e54e754b14f7521df95ba7007c7f3e97e0f6ce1de7f145c"
-                + "6249b57e1d7c0a539d906816f1abf1a5d53795b421af91915e47bd33efc6510636957ce2"
-                + "24d85f21f5926dcc50895d1224868fe8d78ef7e1bf67d1b5b8ff412e66e5bf3d9d311041"
-                + "dfac409274f886100dd1812cdfaaf2736f9f9f6809e18dfec6fd93e8a0dac2b104e46ca7"
-                + "0dac73280098d107cffbd8350e434eca915d089480c38f2cd340f7d092319a9892887fbe"
-                + "706b1a238034704a4b4c6dac71ea32e1cfcd4bd0d99526e72ee53a734cb8b1e4e976f991"
-                + "70e7c6dbcf84188928ee457fb132ac9462f1ac83a700bda7883052d7599f77c2bd3b38a9"
-                + "e43dc4f5850222c0eda600f8eed330dfedfe095ab0a4ceedaecdecd9f535c583a50b4566"
-                + "b8fcfbc68338b2bad8eb97267c3a8211b6c88233c249e260149ecaa6de3f71cbc49e3d8a"
-                + "ae4a439a9c31c961b8bcee2c30979d28cad77edfe2d9ed6703c19b942ec237aa9afb7040"
-                + "a15696463bcf8ad68357b1137c25fe5e3ad497d80d2b095fef588d3228bc697e3b1b275f"
-                + "377da513ec87d028ed548bbc2b8aafc51b528ba94c0107ed1f1956567afbbda4692632e5"
-                + "901d0603082819cec51cc757d2e05e9331fca9ba66e691d5f127912559229644f98a634d"
-                + "07bbc63ff081074afe428e2042672b0cfd239e42187e52ce0d006146130b3e8b420eff80"
-                + "04345d8e4c6aa225f93eab381eb96b6d98329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "28f614afa0c4a5b3087844c15e82b74d0bff64ef28d6e4a761ccae96a01b15b578838099"
-                + "feaedaac93320f35f6588319c44caeadebd9ae7463e217b77d8cf4fc025be780e037da76"
-                + "abec3af5c412e9ff86285bb088ac566ed26ae1862a1c49359f557d8255db34394b1fc3ad"
-                + "8cb7ee491282aa19765b028baec5ad47a64808a5ca768fb2f0ebe306e015440d2bca571a"
-                + "a8175e3a3518751a50ed41d3a096fe6fb3abb34448722c9dd5bb306585957381288ac3c1"
-                + "304944c5c7fab04f673cf0086d9507527e374bbf77ebb9cc926e7da8203434a74aef4f0e"
-                + "656cd55505291dd3e488c6c9460a134a417174d739c2801968e831abefd502e72e232e3e"
-                + "eb4768588456121ed8471cb8aa09c54a7b2a07cae0b608b8f1002c9a347680f4cea314c5"
-                + "b60fe880520fe5c9644a02792e089476b45f3758d64d05513b1e98a62360c26df59d47c6"
-                + "788ad9133e386b92a185e8e8a701da6e0bda5ceceae0561ec6983ab5a369d27320d73f3a"
-                + "6ab6f3e068dd694da60764abf4f5fc9417fbb398b74b1eaee458f2b25ea219814c52d889"
-                + "8fd5af90d2f4693b44c2101ad493f1cf44f130f3a09ea215771afa4b7a8603bbae25a4b6"
-                + "be9db958f929fec62746036fba2ce6e32cc689439d87cf15cf9e5bfb66470951ae4ac3eb"
-                + "c66eb9c946a9044a6dbc543fb97029161c8d588cc6725e5027d443234f63313d9b8a492b"
-                + "851d8fda68d44ab61aa15e9a220ac9bbce6d67d78e44216b8ca813a1ddbe3d22bd93f976"
-                + "c8371f5f75781d0881dab889a8b025fb34e8935b326d4ea655c0af31c78d96aa56caa27b"
-                + "053427934e23bca4dcf79e84f2dbdb40b068a79b541f92a5a6f1d49f7c3ea6d29f1d0825"
-                + "e5d6a1dab897c7b619467f19033b8b78f91a21a066634827f825e5d3e8db826253151605"
-                + "2c123b47d28f4c016a06dc8099549f4c8865dc7c65652cdcc965704fae5ff55107f44e5b"
-                + "e67e95b3b875d5d6f824050fa3f811a7a68a2f59becbdbebbbb0a06917e5fe7bf25c76b2"
-                + "1e9068deb8d67960e0d903c354b7b6248d3cad4db0ed732b82efc012ea84a7aa82dc857a"
-                + "e000b989462020353ef6c7a8ec0c25aa6a804b33128499683a4209c83db87e5b5e9abe87"
-                + "3ff81408f9fc7ae93f1345800ee097d6a61079d53e551a2652d6d9a102e761fdbe420b97"
-                + "08f604d9ba79c8172efd9b6fe8f2d948c6bebc53cd34b977a5262e2f3377550a17b70761"
-                + "c1f6dff57eed1e3f884c8685b9d5783b7c0a2102387ca027a215433baa249538b92a65e4"
-                + "9fb3e5a6db27fc3c2c6149bb62b0559ed4558c0b52de3e2710c1bf7a0910800818634444"
-                + "72bc7d7d9764665a0fa9cb97c9587420c5d5e704a254c897e0d5c7c77a8c4b680d54d184"
-                + "93a5d7b5583c7fe6531774965a09d16ea379b2ec371d06de939b867516dd46bc7d08cf7d"
-                + "8fb23ea733dc2ae68b4485be6ec26ae9788a3bc7083ad7efe0410f3636b9f83b06c6165f"
-                + "cf224d793688db04b2348956f76ef2ceb09781ee2c9b0f56de6180af828e69c718f5c5eb"
-                + "3f3ff269e11c8fbd5c75a8561e8fc24b230a0d7e0499b28f5ec8d5c2e668730dc16dd349"
-                + "d20f090b16d4f88fafa6364a31f768c1f721b45b75f2638c7e5a747079ae05aa48d52fd9"
-                + "991b5213d59c128db177adf42c49cad07d5bc4dc8f28bea9e45cdb4ce466647ac19b79b8"
-                + "f727c55e889bbc1e3612fe0d65de2a04e47070336a1b16f9ebaf3f6aaeea519822236d38"
-                + "0ab62192659a518a76f4923b5380e7924436d1785884d2e9249b149340cc2b6279de7fc2"
-                + "115fde0347e7fd9a4825a6996b7d2023cb343178adb38b2c4564813850a6c63c612c1853"
-                + "f7464f64bfd92093c615e8117299e2eb788824f3fe231e34812baccd34c96ceb91c21e89"
-                + "cb1fbe62673c60be2c85e89a7805462097a781c008f8d424adb6b55c53f06979388c3297"
-                + "927c6c21253dd0085c45e497a550f8b6e56a2ee4fb392a313a22d00a83b7c7a95a060390"
-                + "40699b1820db1fc30b69643ebf76035bdaa8bd31258054db6d12f01e5fdc06b1414315b4"
-                + "da16d4eff65945df02ed524971bc07d54937a0372fbf3407217d5e73a34fb84b6e4b1279"
-                + "3e25739251d3ae6bcacfca804acf0c4f257a9123343d0a98fb672eed3aff551a3d6deddf"
-                + "206787704a910ff31090d6e3eaf90b3b7c92ee708eca6e0e91cd9104cc4c9ed0c9b41a3c"
-                + "adcafe0b1b6fa6e54f65a32726be11d4b80019a5575175002e93a162ae931a1eafa5c3d4"
-                + "034a544f1a41f8404c0768682241755df7fb2a0b413318eee9bb25d0092b2b2ea48a9940"
-                + "a4543250309566eeb4a4a214ca05b1675a5020c1bef77ecb73614ec781c79c18d9c78016"
-                + "dd90816c9c953b9a00ce97048e8228fdc31de8a356356744eb106e23a04fb730337855bb"
-                + "52a70a11ba91a4fda9b9d32beee354972a477b57aa95529727c4981d4cb7b480c2a76d78"
-                + "802c380e78a4f73cd51f88e8ad8595df5afb5e2bbe49eff97cca50b02b265f4fd80cb749"
-                + "b38c4591051c7526618d8c8485c1854a150d070c43f140c11f2280dabf937203b9ce6b3b"
-                + "3f6893f1bf889dbd51c132f65dbde9945ec9152fe246fe8596669f3706ce89788970292f"
-                + "11ec149b781b57e04bf8d79073a0ae66e71d5877f040ef52f28640979050d3bcf943cace"
-                + "bd61ceda0414fc4a876c987eee793cded762bcff517e53e505e7da0f4e06f38066bc3d31"
-                + "a646bb3470d5e07bb8b964b3ef2719b16bd54bf8ae7564ca0409ae47cb799561c87f05ab"
-                + "1d05a7747d1f01c7f18a3acbd5e6bb46809c10f387136a628b3507577c11d1b878caba42"
-                + "64a10538663b55f56c7e5c16df59a9ccb98ed46b961c6bdd0e59f97e11b9e58cc71a2383"
-                + "7b3d3d7e7cdeaa1bbaf2546f631bd85a66cf45ddaca0e17a3ec8bf2ca003ff1f32fe41e1"
-                + "27414d5729be295e5a3aa1065ef7bbbdaa4e6ba1249809991955d43a3f4759617418df5b"
-                + "55d3c3d83094400710d0495d7fa48d8e90987898b0dd9f6905091016633026103fa2c644"
-                + "e0f3aa680e546d5b439ed6a6770b3598384bf8681ce59cf02ea63656a31afa309a490e03"
-                + "2d7c7a978f6bf722cd473a9fff34ab28697e6cdead9091b3ea7c789bfa93e20d7bb43a9e"
-                + "28b454ccfa676c7fc50bebeaece5c34830cebdd739d4d24bfeb876b74e3c8deedb3981cd"
-                + "cb91305caf56734a42dcf105980c3b333a340b09c24f400cf3bd83714207c8e2102487b2"
-                + "528fc9d26dc6e4bcca8649d98f4cdc4049cba4189fdb4f6d3b302bae2509c24fb1dfd023"
-                + "66a4f3b0ae9ed3929d5ff53cd2a52f79fa5f760def0c3fabb7ad29015630a1db7c94902a"
-                + "355f9253b04b27b37d4032641359b8a2af4873a00935af24b3581eb876dd5b5b77d33362"
-                + "4965d9f111a418c6d52d27ec077bbb6e4af47c30c1af88de18e78bd12ddec4ac95441d6d"
-                + "250beda3d00c5749297a9d9eacfceeba57c702b40dd689c97f814d875d7801467a116c18"
-                + "fca3f87d29aaf7d93df441326e915dc4fbfb998a09210194b83c0f5c026abde5ddd84fe6"
-                + "fc0dab52f913aa95e18a17b57076a45c43d462618801a2a491188b8669456b13b5cca4a8"
-                + "af9743edded05454a6f2daeb25f427b0e869f93b930598cca12cbbc0c76934a7ca189086"
-                + "447bc98efe77fdc451ceda5daa59f46163978f066cd201264cb07e5a4b060932e908a3f3"
-                + "f50dad32997802ba09d260e5d34ad736b0fa071b56e903171e0b6ef7a315d3f707e75813"
-                + "de262e9fece391ecc13c75b8633fe450535d8f376f047f3cfb95d8236110acf7f634570b"
-                + "adf7fca12fc67597993efb142f8cc1b4155a12e589b8ef4751ebc79ac76dc3081ba98b39"
-                + "ea862d0acc43377608b85234ca37518f77b5f95f4f0c9df443f29241bd37e0c5b2de872c"
-                + "4820e080cefa55222c4bde0b97064f25f1a1bb22ca5e6fe46ef570e5967717acb5022ef3"
-                + "a16dc33eba4e9fc073307af3d5121721b04958c15015ba717ba0ab7cc9f8d09478cc1ffd"
-                + "8a95ef7588cf0913d4962e19c20bb3eef063df0f8742316ef2e716fc1a07cdccde9f65c7"
-                + "f96ba4905c10f1be509feed93ca9c87fa25e69fdc9bd9a65645ca88959fb9f192d9a051d"
-                + "257762670019ebf83a822061770261e5d853366480f9e78d916bcfad408296040036d8ca"
-                + "110f1aec995b3a51e1cee2c091c42d822bb58e5030ea544ba3e654635a3f6852f10ab8b2"
-                + "0261abd29728386b7afa1c90b22f501c2a56791290c7b4cfa45f00e6e5cf9290615f5662"
-                + "fa14721f4bc39b5f1d8cd26e48eb315bdddc0ded1761ac2c35fd19e6c6b5b09934203001"
-                + "0c359c602d884d5bcd1fef0b767f48007466fc5de7e75edfbb0d0bf5283580806a1206ae"
-                + "56ceb33462d73f7963d59ea39a1573b68077b374c78c7f9c2e30702a702de89eac5dcd30"
-                + "7e4c15b5fcda71999717c4a62ce39d5c8f0d64b04432db805e6fb1eea5bd80f24cc16ada"
-                + "944460f6dc7b87388cd35d95b31c556ae2fb3e38adc976bc0b0cc57195bcc5716da47184"
-                + "3765cf56463c5dc60545980c3e875bf34b0161d151289eb40ce4ffeb622289f875e6c772"
-                + "e36bbbf4adb0219ae5a57d3e538c99aed9dfe25996933982b16edcdda63b2224ee328ddd"
-                + "7c553973dd179fb103214f8b7a2ef64be5cb4902af5d1ac34143789c1b22334a94cd62f0"
-                + "c564540b622a4fe64f351e9f0bdc38cf67cba390a89b4f31122c2af687621b8e73564fdc"
-                + "55b1f47d726456a5d680da5d190a6964b75d22cfd2a1811e122da4b13d418a23d8516c00"
-                + "ab43258ad1a167c4c646086a393453a68a7d4ed728390c3668fbd5a3249f3abfea61fcce"
-                + "739dba13d7f54452710ba93abc3fe59521e6b51f75c6c86eee2b802eb91906a2012ea2c6"
-                + "10cb6ccce1426ca387cfeaf5adc58f8efca2be5c879c4ad7dd5743cddf055d2ba7d5b21c"
-                + "1bdf99b0764db277c009f4a74551c2439c3077a622cdf71cca3c50c7566672dada194a80"
-                + "b87b61fc9a9703516d05416bfbbf8efe8b851274b4aac21ddebe08b59cfc27ddd09e62dd"
-                + "2c204ccd41e7e70439f14c04c301ee12510829915cca471281aada72bce316db43b300e0"
-                + "db02f2de5c5b983a0865ef040e07bda1abeef8aec9dd35dd1f0d682c74143e4975a8ad2d"
-                + "47388bb11ac712b0d497333a2f7d8a1f8c592fed73cfeb44608395c961534b7553071d5f"
-                + "5a8c5ff577fb9a256e3730d523eac6802c2b3ac51dbb3d99e9ef82e9a665574284f20e03"
-                + "eeae9bca77304aa9bbdbd0e5a8918079110cab6f360b2cac2bfec486f0f4fe243103d76e"
-                + "4edcdb6a45bc26d1fb1ef7b27f8fd186a51ec05afc9293e7dceb7115e3f5d704c2e2a97a"
-                + "41a4d0e020dabf71c5eb383e48afa92d92ea6ce6a0a49bc03b51bf16054d0edd8949a989"
-                + "774021e2a33c6ff3bfe2d27c30af475af7824feffea8504c344fc53ca7be12486a14bf29"
-                + "a1ee7411e5fa9c30d1e7087b3de8d66cef6961f0a8aec5d9b2028fa7b616a67cecdad5e8"
-                + "7c336692707a977667c466dafd5ca9fbd4d82a95b8fbb290427012cade518643d4bf23a3"
-                + "bd3bd03fb6764aea2d67712e6d9037865a73b30c39d73ad646c20bc7ed12d3665d579dea"
-                + "7fe535ac2a793ad000b5f24bc620262757120cb5a5327b9528bffce4a1e4424cd6d7f476"
-                + "3d32f39994fc1354a951403c4c9661652204c54339b86b9e0a3502061f46c49ed270640c"
-                + "0592bfeb3be8e7ce46a88794ba25e60472824ac99b1811cd45cbd5d318fe142909d8a650"
-                + "697d17fd9d9562ab9490a0505be9bcfe7ff076512e9a59e82d0158a5651718d3cbfc6aa1"
-                + "350ee9f5a3dc92fdb3c47f455b837ede08ff887a13932b99caae20cf3454a93c9552d2b5"
-                + "76090a3732fa060b79114a25b7a76dca543a2dc6196c036c3fab400ecae7f60db7445495"
-                + "1470a9115458bbf66249435ffb072c1337590f216c66fac68a4ca8447b74f0369ed495f0"
-                + "8cb47f7e2a35c9f3488e986df8515f6862ed088cd1664aee5e795243b5fbd97a0e9b02b4"
-                + "a717b6a465dece97bf94eb051f005c4c6bcac464cc2eff1ef76d0354445e3e6c73e265a0"
-                + "d8678b9d03c7d7297ecbe05df1b6c1976f0149d3fefd281be6e7b2ff4417807f98a915fa"
-                + "2f547ac1e0754e4aed029f537ceb73ced97dfb64d72310c1aad1c6813309cb7a5ba9d9e0"
-                + "a680d03b485deef17e6bd6b37d68b735729a4c2b6cd9171247b9e83f34ae2bdb9b8281d4"
-                + "4b19a3a16bd435de67d279cd409b49be9c9cabef9c33369e276a1fa877aeb617c158b5a8"
-                + "1efb72a2560d0d5d52f242429aba494341ff666d029a81b73851a3a67bd472ac45e24650"
-                + "5501f6ef3d96fb4d79bb7db21c736f931bf8d587d67e52ce0d006146130b3e8b420eff80"
-                + "04345d8e4c6aa225f93eab381eb96b6d98329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "29f0d042cf382e23c516767502496d166ed9a17e81a731faf1fc47a00cea19323d49688c"
-                + "a8e7f30a6c0c2321a1bf0f033d2cba1e46cdba5af5af42a554a962e4b5257b7938958415"
-                + "771299401c194dc04b8fe43dc464421de90659708ce19cff38ec7de41719f1893d38a26e"
-                + "b2073b6e90da4aa000cf4568591d0d13ea2483e186be9627ec32c697b23a3405384cec5f"
-                + "5284700bb5b0ef84339b5df55bfb61b76201c2bfa857450ee984dc2f006485bee0602e40"
-                + "74b5aed91c76033862bfe5db796e2da13064c65914071c0f17aa59dba9dd7a72c795c868"
-                + "88cc6ab7331f8c64c72304c06e6a694556d2cf8ce8fed1a318bd99b51866888f1ea372d4"
-                + "97509b5aff1a5e3222d864879b9c393d4308b738de1359994b29cfd2657a808ced006d43"
-                + "4cfa205adc51568264e125becba025baed15789b2c237a01ac3d0051d61d8e507d5960be"
-                + "40bd95dd41723cda68435e583b4d5238a650c9d22652902830837ef98f5212231552b1c8"
-                + "2b87ee0b6b0b87fc091d21f1ddb10a3b1b8d0725366649841c5337e08db29108b8fb9ca5"
-                + "a21ebf696fe53dd800c80ffd2b6411a6ec499e417f21c48211c66f4afecc4f4b98aa2ca0"
-                + "8622ffe0ad103dc3cf456c6dacf1238da3bc2f5bd8bc4b30a7d5c074d26dae992f3ae50d"
-                + "9c6653c376981d8f767e7e64b0a6b1442a840150c2fa4479c4e6a8c5a17021519aa5690c"
-                + "2a0351688714d0e6f62d5826df5a9715b4f1d2e0ed41ef17386f63fdbed99fc208d48ba0"
-                + "b72efd423e7afad70dc39b9ec06c024f17b16316571570b58283bf374590c2e03106660a"
-                + "dd77bd5ae124e714d36c3bccbb64ed81b2a94cd0d7907550ec86a642e33a4278be937f6e"
-                + "f8e717aeeeac8989e354cb7447fe9494271822eea7978e31212d7286527480d98d10bc7e"
-                + "49b85884089162b650e0de0ee5477ee48c59a4af8a786dbe4f07c8f68e737d6ff6886e32"
-                + "1c39cdd7525b2f81050947d00e4df3206c32224048fc3fecd59dbe7416ea4a95cc8e4cfa"
-                + "cf5387f3c3d31cc5b7bcdb8b3aca033dc6d1416d69a9e19800d3603bde59ccf70afa44da"
-                + "6a33545591685953ceb91c589b7d15988b62a42b1ce798ef204a548b037c1786da93fb24"
-                + "f206801e892444bc4a7976938c61517e1584f74435f6ac0baf814686859077b60ed259b1"
-                + "4e5b173e73aceb7a6d1d1416e1208108264d6e83aa9889b2d70e477715231bef262a1cc1"
-                + "fb5155841738805095cd22eb240419d2de6612b0de92dda7dfb76d062c7719228f15dbd7"
-                + "412b949cdeb4ce170ebf8a2c6c09de11a4b8e7142d95f52d8f511261761cef86d91f46e5"
-                + "b8319345f6c774a1e9c99c7567800e70c2107a09c12d1be41f1f88a944d6007d1bfa9315"
-                + "5a12d08c05dc223961b35a29882fbe295a60992aa6a4d8d403ac3f2ca52a425a084e3358"
-                + "d7b9b08cb9becba6f13b57118f97442e4716fe770774751ff703fadf90c39ead77b1ab5e"
-                + "d9efeb3c3254e7d0abb84c164b0ef9f3c64c91530aa2cbdff8e6fa2a9b1a2971f296d168"
-                + "c7b0f0729de63ed50e44035f6b55901d3a5dd95e6425385b963d0136100c94a58cd1796c"
-                + "f82bcd95a91c3932aa277c50cbe7f57386119bbd6ad5adbf4f2bcb10fdb8eab08bcebb8d"
-                + "6f42f4d18ddd6e98e62ac65bc1309378b92b0bf317689f01a29f9a81156537183acf982d"
-                + "bb25acb4adb9d52dcac3e36e69319d988f2d61b82c05a5b6636dfef4430181213e7ba7c2"
-                + "a27197c61924e5b96b37caf5f1a3c528adcf63a150e9c924e5a189ec2e1fe74e0dca98c3"
-                + "49a90e675aec475cf17e7d52aac6451b37779be64492fcbb9b86fe3b309356489a7f6560"
-                + "c334f388fe67fd0d41789b80cdb335cff0924a2d95b2f4e3b08d08c432ac510f2692ab30"
-                + "8de59f5b8dca50f902fd194035a8ecb00249f2b9bfb02bb94047f850086d802154b74c87"
-                + "a07c5489c92fbf0fb73a63e82baa3edc7955bbf400c01664e05c09225f79d9caa05fb0c0"
-                + "338e209d5dc7e4ba45bc53aa628de76996f4ab4d9a006169c8d572670c0834938b7eb342"
-                + "ce952b3eef277875900b2f6ef16a23100464497decce0050bf15def0adf5b56404ee94da"
-                + "39cce349082162e5ff4c32884264957b3c1335829e29a30a9db021c29067becf1cc26602"
-                + "307c6ba78b92b8018f9b0b531d13ca343a3ea1c7f3d777e23b2c9cd565b632702dab9d1c"
-                + "a59094c99bed6a1e068f6b72f04951ad79249146819ba138f95a070c5b113c75fa91afc8"
-                + "97017d5c27480aebfe92af5f2971435b937d2c13e61033b4f2da6e485465521f52f5092e"
-                + "aa757cb8fd2fd0df9bf0d7a3666a43fec9f6086ee06ed593f5d4caa1322797173549e084"
-                + "ff1e2f19ba1ab810f5730ef4a9fdd0ac72ae50ee315f86daf7e41f4489b7f0ab09eff3db"
-                + "4a51533c36d96850468ce4195d676498ea2080502cd5d9106a87eb7a173f783604167ed4"
-                + "e3b284bfe2d60c54664a658cea446f8a46a70c239be742e8fd17d29b1fa9a366c18eca26"
-                + "062049223aa88a27810827c89f5ef96dac2a80b86239b9c4cec7abcd6891d8f87813c443"
-                + "d20393028fad67b8e28165c5514ccf02efba80dc4a1cb9e960dde0f84943ed546cfdd416"
-                + "231886c1798aab9446603800ea463363dfcdfc06ec11266c4fa02148fb1e982df1c44216"
-                + "5fe329c670901560fb13295827762a6169c0f914476fc7d62d9a2493aab61523bc72fa21"
-                + "b79b13bd998c179dc45918eb3d47dca449f009888038e6b00e641c70732131635bdaeb58"
-                + "dbc65cdb62605e2f5b0de90438a3bc9c35075cab86ef37727f447c1e40998d8f13b26812"
-                + "64515f35088fa3ab956b3686513546a29ec30831b9874b01d38c2b363439bc65ea9042f4"
-                + "f5e84f1588eb6e7f3338d0cb1c94bf6285b8125b74de6b2f0f185b734237441918245e1b"
-                + "ffee55d22ce5bf15905dc12685acdef155a2dcbb48fcb6f1825a73541e89d840a940226e"
-                + "1a6d92ce58a1664f58e68c812a27e68c6d357fb078b48aa4e3f75df149b6d2bddc370933"
-                + "275a55450f502315b066bdfb7b9ae752a06e7c8df2de0beb96ac46cb4f78cff847669463"
-                + "94453b6e2905d1f80a24658684e2325798ca417832d9c4bfce5e3263fe0f2e8273f302a1"
-                + "2282dea597d85a8ac67e98e03ee5c34830cebdd739d4d24bfeb876b74e3c8deedb3981cd"
-                + "cb91305caf56734a42dcf105980c3b333a340b09c24f400cf3bd83714207c8e2102487b2"
-                + "528fc9d26dc6e4bcca8649d98f4cdc4049cba4189fdb4f6d3b302bae2509c24fb1dfd023"
-                + "66a4f3b0ae9ed3929d5ff53cd2a52f79fa5f760def0c3fabb7ad29015630a1db7c94902a"
-                + "355f9253b04b27b37d4032641359b8a2af4873a00935af24b3581eb876dd5b5b77d33362"
-                + "4965d9f111a418c6d52d27ec077bbb6e4af47c30c1af88de18e78bd12ddec4ac95441d6d"
-                + "250beda3d00c5749297a9d9eacfceeba57c702b40dd689c97f814d875d7801467a116c18"
-                + "fca3f87d29aaf7d93df441326e915dc4fbfb998a09210194b83c0f5c026abde5ddd84fe6"
-                + "fc0dab52f913aa95e18a17b57076a45c43d462618801a2a491188b8669456b13b5cca4a8"
-                + "af9743edded05454a6f2daeb25f427b0e869f93b930598cca12cbbc0c76934a7ca189086"
-                + "447bc98efe77fdc451ceda5daa59f46163978f066cd201264cb07e5a4b060932e908a3f3"
-                + "f50dad32997802ba09d260e5d34ad736b0fa071b56e903171e0b6ef7a315d3f707e75813"
-                + "de262e9fece391ecc13c75b8633fe450535d8f376f047f3cfb95d8236110acf7f634570b"
-                + "adf7fca12fc67597993efb142f8cc1b4155a12e589b8ef4751ebc79ac76dc3081ba98b39"
-                + "ea862d0acc43377608b85234ca37518f77b5f95f4f0c9df443f29241bd37e0c5b2de872c"
-                + "4820e080cefa55222c4bde0b97064f25f1a1bb22ca5e6fe46ef570e5967717acb5022ef3"
-                + "a16dc33eba4e9fc073307af3d5121721b04958c15015ba717ba0ab7cc9f8d09478cc1ffd"
-                + "8a95ef7588cf0913d4962e19c20bb3eef063df0f8742316ef2e716fc1a07cdccde9f65c7"
-                + "f96ba4905c10f1be509feed93ca9c87fa25e69fdc9bd9a65645ca88959fb9f192d9a051d"
-                + "257762670019ebf83a822061770261e5d853366480f9e78d916bcfad408296040036d8ca"
-                + "110f1aec995b3a51e1cee2c091c42d822bb58e5030ea544ba3e654635a3f6852f10ab8b2"
-                + "0261abd29728386b7afa1c90b22f501c2a56791290c7b4cfa45f00e6e5cf9290615f5662"
-                + "fa14721f4bc39b5f1d8cd26e48eb315bdddc0ded1761ac2c35fd19e6c6b5b09934203001"
-                + "0c359c602d884d5bcd1fef0b767f48007466fc5de7e75edfbb0d0bf5283580806a1206ae"
-                + "56ceb33462d73f7963d59ea39a1573b68077b374c78c7f9c2e30702a702de89eac5dcd30"
-                + "7e4c15b5fcda71999717c4a62ce39d5c8f0d64b04432db805e6fb1eea5bd80f24cc16ada"
-                + "944460f6dc7b87388cd35d95b31c556ae2fb3e38adc976bc0b0cc57195bcc5716da47184"
-                + "3765cf56463c5dc60545980c3e875bf34b0161d151289eb40ce4ffeb622289f875e6c772"
-                + "e36bbbf4adb0219ae5a57d3e538c99aed9dfe25996933982b16edcdda63b2224ee328ddd"
-                + "7c553973dd179fb103214f8b7a2ef64be5cb4902af5d1ac34143789c1b22334a94cd62f0"
-                + "c564540b622a4fe64f351e9f0bdc38cf67cba390a89b4f31122c2af687621b8e73564fdc"
-                + "55b1f47d726456a5d680da5d190a6964b75d22cfd2a1811e122da4b13d418a23d8516c00"
-                + "ab43258ad1a167c4c646086a393453a68a7d4ed728390c3668fbd5a3249f3abfea61fcce"
-                + "739dba13d7f54452710ba93abc3fe59521e6b51f75c6c86eee2b802eb91906a2012ea2c6"
-                + "10cb6ccce1426ca387cfeaf5adc58f8efca2be5c879c4ad7dd5743cddf055d2ba7d5b21c"
-                + "1bdf99b0764db277c009f4a74551c2439c3077a622cdf71cca3c50c7566672dada194a80"
-                + "b87b61fc9a9703516d05416bfbbf8efe8b851274b4aac21ddebe08b59cfc27ddd09e62dd"
-                + "2c204ccd41e7e70439f14c04c301ee12510829915cca471281aada72bce316db43b300e0"
-                + "db02f2de5c5b983a0865ef040e07bda1abeef8aec9dd35dd1f0d682c74143e4975a8ad2d"
-                + "47388bb11ac712b0d497333a2f7d8a1f8c592fed73cfeb44608395c961534b7553071d5f"
-                + "5a8c5ff577fb9a256e3730d523eac6802c2b3ac51dbb3d99e9ef82e9a665574284f20e03"
-                + "eeae9bca77304aa9bbdbd0e5a8918079110cab6f360b2cac2bfec486f0f4fe243103d76e"
-                + "4edcdb6a45bc26d1fb1ef7b27f8fd186a51ec05afc9293e7dceb7115e3f5d704c2e2a97a"
-                + "41a4d0e020dabf71c5eb383e48afa92d92ea6ce6a0a49bc03b51bf16054d0edd8949a989"
-                + "774021e2a33c6ff3bfe2d27c30af475af7824feffea8504c344fc53ca7be12486a14bf29"
-                + "a1ee7411e5fa9c30d1e7087b3de8d66cef6961f0a8aec5d9b2028fa7b616a67cecdad5e8"
-                + "7c336692707a977667c466dafd5ca9fbd4d82a95b8fbb290427012cade518643d4bf23a3"
-                + "bd3bd03fb6764aea2d67712e6d9037865a73b30c39d73ad646c20bc7ed12d3665d579dea"
-                + "7fe535ac2a793ad000b5f24bc620262757120cb5a5327b9528bffce4a1e4424cd6d7f476"
-                + "3d32f39994fc1354a951403c4c9661652204c54339b86b9e0a3502061f46c49ed270640c"
-                + "0592bfeb3be8e7ce46a88794ba25e60472824ac99b1811cd45cbd5d318fe142909d8a650"
-                + "697d17fd9d9562ab9490a0505be9bcfe7ff076512e9a59e82d0158a5651718d3cbfc6aa1"
-                + "350ee9f5a3dc92fdb3c47f455b837ede08ff887a13932b99caae20cf3454a93c9552d2b5"
-                + "76090a3732fa060b79114a25b7a76dca543a2dc6196c036c3fab400ecae7f60db7445495"
-                + "1470a9115458bbf66249435ffb072c1337590f216c66fac68a4ca8447b74f0369ed495f0"
-                + "8cb47f7e2a35c9f3488e986df8515f6862ed088cd1664aee5e795243b5fbd97a0e9b02b4"
-                + "a717b6a465dece97bf94eb051f005c4c6bcac464cc2eff1ef76d0354445e3e6c73e265a0"
-                + "d8678b9d03c7d7297ecbe05df1b6c1976f0149d3fefd281be6e7b2ff4417807f98a915fa"
-                + "2f547ac1e0754e4aed029f537ceb73ced97dfb64d72310c1aad1c6813309cb7a5ba9d9e0"
-                + "a680d03b485deef17e6bd6b37d68b735729a4c2b6cd9171247b9e83f34ae2bdb9b8281d4"
-                + "4b19a3a16bd435de67d279cd409b49be9c9cabef9c33369e276a1fa877aeb617c158b5a8"
-                + "1efb72a2560d0d5d52f242429aba494341ff666d029a81b73851a3a67bd472ac45e24650"
-                + "5501f6ef3d96fb4d79bb7db21c736f931bf8d587d67e52ce0d006146130b3e8b420eff80"
-                + "04345d8e4c6aa225f93eab381eb96b6d98329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "2ad8d36352d84d652b73759aa716ccc320c0ee46d12f8cdcb844729ba3576def05d76529"
-                + "4b8ef5d97ee07dce30ab9a3f4e84dd3cac9c6639e63bf85ecc4367bfccb8c3b33016c4bd"
-                + "92ce370201b0db1791b00f6ee2891cfa299b8f89b4714069bfd06a3812906683efa178c8"
-                + "ccd0f06b3564cfc0c1b4acd70e88ea1b77298c447cc43e7371e567c01c8d723a615b446e"
-                + "5aae9511aa8a4a994318c7e460415011f6459a1c3e9894b45951621f01f3f2da2e1b27e3"
-                + "093dda70b830d80bc90ea759536725b3fe18cb7bb8716bf944362dfcc81919d559125087"
-                + "aa4e401a6bb03831ecdcf4bfcfca85625643fe6edc18ffdd73113d8800b614037804be90"
-                + "e527e3a4a387964d923f057d2b56e4d9c3ae4530ccdd5bcb3ed791523de6dd3470dfb5fb"
-                + "20cec162d410ea85bc00aff738f6d6617e41f239fb82e9a90f942f90e71b763c15844693"
-                + "9cf133df1b6e65ce768af3076bc77052d96a2e439f174d961a649dbff53f63e8dfee7ff5"
-                + "0b62dcaa44d9d2b5b5242d70acd996aae16c127fe57aeb55babe5138a67c7dd9c8fe97fc"
-                + "7747fd1dd8e20689811e0937407c133a38ca7ca1dfb4a2e3e3f97980274e8317132159ce"
-                + "f36cd08125330d1df3796081a8ef3c8f355461b5cbc7eb65d8a1a748cd8a4c8437ad017d"
-                + "a281c6f7acd30275d18f08be8366b6593b5e44365960ef219c01f04d2605bbe6ea21c097"
-                + "e86e6f7ab6fc17592281229017d8d3e23ca75685cb44b99c0c204dcbc6b9519101c19724"
-                + "565675cb15cbcff83a1877ccae3409615373e7509ff959684be9d43862381c63585e53f2"
-                + "25fd895648f237afe638ef6bc2452dc4bf7258e695e3af11a51321d65a9b655310c31b34"
-                + "7f274ff83edddc17b7fa957109022911afa5794810fd8f7985b6c070d81b920505db9307"
-                + "5cc1a392cf6af2433a4d8a1f2f3050ccf9be48a60f5cb8d82600f15c0995de49675a553b"
-                + "41534c9eda7b78018c65aa53dd0cc52ea9d4ccb67fb0dbe07431b4392cf1409871ed302c"
-                + "b3e270ea635d81145bb28be8fbaf1bbb3eae47f3406d42a56b172c9912b936712c5c5061"
-                + "e7e1c2fcb6d9d2ffbcd1afb2b377586faaf2c8519cc0f8bc81581bb64762369811cd6cdb"
-                + "a40421a21c66d20aab11aa99fabc94673e6c26b0107932e2c9220170412ff0e5a758b3eb"
-                + "50e5ce0e80117254b4139d4eb9fb0bbd9e2f58436fe6a79e14d7b13ec634a1e67c2d8037"
-                + "85e2a5839a5a389be0cd50112bfda94ee4a213b6beb8604fe1f4a4a1f3c4384d6a417a5c"
-                + "aab90b14ebb5936b037d2d7bae0e7e45ad8381644bb089a0ba0a8cd492e24fa2847bd73d"
-                + "f9c5c7d534f64cec2f0dccbbb6550f163963a360e0eef7c8fc3edc0f61a7ea314c39563a"
-                + "5861705f6011bdea87b163d3bce94c1d1f5d416f8d675c128e86a5186f87d3fd3fede2c4"
-                + "517919a6e089ba5efc0651723f70e42fc0ea0305fd1be2b368696595f32cd0b16de87b44"
-                + "c7c72cb42b64906a997a5e2b6d4e340c51178513cac57fcb40a82e1fb7260f2f512b00c7"
-                + "c032fbb3eb58c5133876a6f6ff25221652c9d34b61556d1bf3661c58f38078bef7842f8d"
-                + "d825fb815f0d37c8e2d8df21a4e4614e1708a40bb5c2fe6bec4a3b593039a114258aafdf"
-                + "669be738db8b3f3d0298440e0bd9b4b90e085fbae0737a9734f79bbfe9225fb4aa350b7e"
-                + "90a82ea7391b32be8749048d55e8735361d2c79e1649ff3af909829054a9883a8de52f16"
-                + "f5f884a99c28f769b353e7679f9ba147a18a1d2fa12690034239d8043c1bf0f37955ac64"
-                + "4936a99a70ba6d02d96283223bfd4e7a5ff0e6ae1a24680a67545450830b6ef4865a914b"
-                + "3afb295dab712529e4b194dd3295ad9b18c7f412de792e3f07a25ad30a55bc45bafdb023"
-                + "4dd702f3b0e186968d9f190cb1edcbedc0cc0ff6cc10ad10c8be092b396d450f2502871e"
-                + "c6d69869ea303953bcefcb782fbba9e6f905df7f43d01c77667953a321deeb72e41650ca"
-                + "f960552859d1ad6ab68159c5a200b308b3bcd8c8b8d44176779447f853b07f730090fe14"
-                + "b6c804411b7516946f87b65aeec6c2b5ba6beb4f135ea1d82fa4f3ecde1c7a8beb8cf32a"
-                + "725c96f5c0de502137eab3f083427437d3bae5694178f92ff0da401d29367ad86852cd24"
-                + "6ead40b1e669696f39d5265ce19d1968fe23deb81f53a99e5806bbca13ce9c50d313e677"
-                + "89b82c6886f7dd0ee88eee9043af3feb19b931ea6d7d394e1c8bb0c4305d39d4ac4be7f3"
-                + "8f0f442814045c568e1b7a684f0de2ec24deed0907ceaaebf122d20c61a739d61810df0c"
-                + "fca063e3646f4cecd7eac1e1244d2fd3bce1c04af45862dd0affc1c569dd255bdb282045"
-                + "e5b53f5635f43b8c326555131dc8ad4bbee1ed78f391ac36914dbb4ef5795eec30f58a71"
-                + "48006010bccd94191875236a12c70f0328213ec66e20add51b7622e6757f3641e6eaab27"
-                + "217ff5ae298cb35716889e9dfbafa07622d4001416a1ed8c3f3328e930e229f5d52c4807"
-                + "6a56cc813bf8937adf4bd5e3a96c764daaf2bdffc927a1ee03052488934aaeae2de9583e"
-                + "207dcf0967e6eae4471a8991921f9a0c621f7bb4e69edb3c7d15d5d49ee4d0e8fe9f01f4"
-                + "dd96cf0ce1770250c195c5f2b7c60525f1fd8ebd57c81883ff3ac5e1ead1d25fd4b1c28e"
-                + "4cae1f4f0fb77057c5df4a6290c1a97ed9ad44eeb1a323bbf4121a15017ee33fdba05fa3"
-                + "c714b9ef9ec8c824a0fb225b01019135f03443b094c8475fb3893f60deb50668b77f13a2"
-                + "68e389fddad5939f38c0b556b99c0577c1713a55e68754843b67c740920dee90bb901987"
-                + "36a110a448e64e73f53053d31ac8a0fa2acc04a8fc921213bfca3e7ba12cc75af6a99348"
-                + "4f486889ab5e28722ff744466b79a72cd93288b889e89db460e6350287610ccbd34f8aec"
-                + "4ffe4765e5eaf4ce1caa0ed8226537a7d2c6fa51f6a45f95b35c25f0d537a133a33d6e65"
-                + "d913ca92cba6060082ce95e3d5adb72105d30aea51a6d0c3adf9b72f53b0f56c7d5d510e"
-                + "7eea287c2ee01cbae259ade57fbf4ba66d75beb68dc466515096d6e2ad123589c1522ad8"
-                + "a35b6e7a10e8856288f211c6fc71376c60994b2440aeb4dffd8c3d3dcfac0d07481770be"
-                + "ffd462dc7101d1924d878bd950e456a454a3fc23c07e5a2c526967f21e61f01ec768939f"
-                + "a0ba0ddb69efd43144dcf105980c3b333a340b09c24f400cf3bd83714207c8e2102487b2"
-                + "528fc9d26dc6e4bcca8649d98f4cdc4049cba4189fdb4f6d3b302bae2509c24fb1dfd023"
-                + "66a4f3b0ae9ed3929d5ff53cd2a52f79fa5f760def0c3fabb7ad29015630a1db7c94902a"
-                + "355f9253b04b27b37d4032641359b8a2af4873a00935af24b3581eb876dd5b5b77d33362"
-                + "4965d9f111a418c6d52d27ec077bbb6e4af47c30c1af88de18e78bd12ddec4ac95441d6d"
-                + "250beda3d00c5749297a9d9eacfceeba57c702b40dd689c97f814d875d7801467a116c18"
-                + "fca3f87d29aaf7d93df441326e915dc4fbfb998a09210194b83c0f5c026abde5ddd84fe6"
-                + "fc0dab52f913aa95e18a17b57076a45c43d462618801a2a491188b8669456b13b5cca4a8"
-                + "af9743edded05454a6f2daeb25f427b0e869f93b930598cca12cbbc0c76934a7ca189086"
-                + "447bc98efe77fdc451ceda5daa59f46163978f066cd201264cb07e5a4b060932e908a3f3"
-                + "f50dad32997802ba09d260e5d34ad736b0fa071b56e903171e0b6ef7a315d3f707e75813"
-                + "de262e9fece391ecc13c75b8633fe450535d8f376f047f3cfb95d8236110acf7f634570b"
-                + "adf7fca12fc67597993efb142f8cc1b4155a12e589b8ef4751ebc79ac76dc3081ba98b39"
-                + "ea862d0acc43377608b85234ca37518f77b5f95f4f0c9df443f29241bd37e0c5b2de872c"
-                + "4820e080cefa55222c4bde0b97064f25f1a1bb22ca5e6fe46ef570e5967717acb5022ef3"
-                + "a16dc33eba4e9fc073307af3d5121721b04958c15015ba717ba0ab7cc9f8d09478cc1ffd"
-                + "8a95ef7588cf0913d4962e19c20bb3eef063df0f8742316ef2e716fc1a07cdccde9f65c7"
-                + "f96ba4905c10f1be509feed93ca9c87fa25e69fdc9bd9a65645ca88959fb9f192d9a051d"
-                + "257762670019ebf83a822061770261e5d853366480f9e78d916bcfad408296040036d8ca"
-                + "110f1aec995b3a51e1cee2c091c42d822bb58e5030ea544ba3e654635a3f6852f10ab8b2"
-                + "0261abd29728386b7afa1c90b22f501c2a56791290c7b4cfa45f00e6e5cf9290615f5662"
-                + "fa14721f4bc39b5f1d8cd26e48eb315bdddc0ded1761ac2c35fd19e6c6b5b09934203001"
-                + "0c359c602d884d5bcd1fef0b767f48007466fc5de7e75edfbb0d0bf5283580806a1206ae"
-                + "56ceb33462d73f7963d59ea39a1573b68077b374c78c7f9c2e30702a702de89eac5dcd30"
-                + "7e4c15b5fcda71999717c4a62ce39d5c8f0d64b04432db805e6fb1eea5bd80f24cc16ada"
-                + "944460f6dc7b87388cd35d95b31c556ae2fb3e38adc976bc0b0cc57195bcc5716da47184"
-                + "3765cf56463c5dc60545980c3e875bf34b0161d151289eb40ce4ffeb622289f875e6c772"
-                + "e36bbbf4adb0219ae5a57d3e538c99aed9dfe25996933982b16edcdda63b2224ee328ddd"
-                + "7c553973dd179fb103214f8b7a2ef64be5cb4902af5d1ac34143789c1b22334a94cd62f0"
-                + "c564540b622a4fe64f351e9f0bdc38cf67cba390a89b4f31122c2af687621b8e73564fdc"
-                + "55b1f47d726456a5d680da5d190a6964b75d22cfd2a1811e122da4b13d418a23d8516c00"
-                + "ab43258ad1a167c4c646086a393453a68a7d4ed728390c3668fbd5a3249f3abfea61fcce"
-                + "739dba13d7f54452710ba93abc3fe59521e6b51f75c6c86eee2b802eb91906a2012ea2c6"
-                + "10cb6ccce1426ca387cfeaf5adc58f8efca2be5c879c4ad7dd5743cddf055d2ba7d5b21c"
-                + "1bdf99b0764db277c009f4a74551c2439c3077a622cdf71cca3c50c7566672dada194a80"
-                + "b87b61fc9a9703516d05416bfbbf8efe8b851274b4aac21ddebe08b59cfc27ddd09e62dd"
-                + "2c204ccd41e7e70439f14c04c301ee12510829915cca471281aada72bce316db43b300e0"
-                + "db02f2de5c5b983a0865ef040e07bda1abeef8aec9dd35dd1f0d682c74143e4975a8ad2d"
-                + "47388bb11ac712b0d497333a2f7d8a1f8c592fed73cfeb44608395c961534b7553071d5f"
-                + "5a8c5ff577fb9a256e3730d523eac6802c2b3ac51dbb3d99e9ef82e9a665574284f20e03"
-                + "eeae9bca77304aa9bbdbd0e5a8918079110cab6f360b2cac2bfec486f0f4fe243103d76e"
-                + "4edcdb6a45bc26d1fb1ef7b27f8fd186a51ec05afc9293e7dceb7115e3f5d704c2e2a97a"
-                + "41a4d0e020dabf71c5eb383e48afa92d92ea6ce6a0a49bc03b51bf16054d0edd8949a989"
-                + "774021e2a33c6ff3bfe2d27c30af475af7824feffea8504c344fc53ca7be12486a14bf29"
-                + "a1ee7411e5fa9c30d1e7087b3de8d66cef6961f0a8aec5d9b2028fa7b616a67cecdad5e8"
-                + "7c336692707a977667c466dafd5ca9fbd4d82a95b8fbb290427012cade518643d4bf23a3"
-                + "bd3bd03fb6764aea2d67712e6d9037865a73b30c39d73ad646c20bc7ed12d3665d579dea"
-                + "7fe535ac2a793ad000b5f24bc620262757120cb5a5327b9528bffce4a1e4424cd6d7f476"
-                + "3d32f39994fc1354a951403c4c9661652204c54339b86b9e0a3502061f46c49ed270640c"
-                + "0592bfeb3be8e7ce46a88794ba25e60472824ac99b1811cd45cbd5d318fe142909d8a650"
-                + "697d17fd9d9562ab9490a0505be9bcfe7ff076512e9a59e82d0158a5651718d3cbfc6aa1"
-                + "350ee9f5a3dc92fdb3c47f455b837ede08ff887a13932b99caae20cf3454a93c9552d2b5"
-                + "76090a3732fa060b79114a25b7a76dca543a2dc6196c036c3fab400ecae7f60db7445495"
-                + "1470a9115458bbf66249435ffb072c1337590f216c66fac68a4ca8447b74f0369ed495f0"
-                + "8cb47f7e2a35c9f3488e986df8515f6862ed088cd1664aee5e795243b5fbd97a0e9b02b4"
-                + "a717b6a465dece97bf94eb051f005c4c6bcac464cc2eff1ef76d0354445e3e6c73e265a0"
-                + "d8678b9d03c7d7297ecbe05df1b6c1976f0149d3fefd281be6e7b2ff4417807f98a915fa"
-                + "2f547ac1e0754e4aed029f537ceb73ced97dfb64d72310c1aad1c6813309cb7a5ba9d9e0"
-                + "a680d03b485deef17e6bd6b37d68b735729a4c2b6cd9171247b9e83f34ae2bdb9b8281d4"
-                + "4b19a3a16bd435de67d279cd409b49be9c9cabef9c33369e276a1fa877aeb617c158b5a8"
-                + "1efb72a2560d0d5d52f242429aba494341ff666d029a81b73851a3a67bd472ac45e24650"
-                + "5501f6ef3d96fb4d79bb7db21c736f931bf8d587d67e52ce0d006146130b3e8b420eff80"
-                + "04345d8e4c6aa225f93eab381eb96b6d98329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "2beca89f874df15e8d42c25754e84604d14579cf8cfa0561cc0438778d0bebd805515daf"
-                + "36ddad53f3b5fd4216778d2c9d7957c73509f43d4f1fdf7e981186cf1517284a2dcab4b6"
-                + "f658ac0334baa34268adcb084cbc7829affc78cb0fd9c9bb5dce848441e1b2582f30b4b3"
-                + "9bfbcf08efb24a406af97c5ed51be2c057ce0c250e8175fba83b39b47c1c690bd13cc3c9"
-                + "e51c397496759f74579bf6406f1643396ade6aa5cd22e9e3f6449ce8f143c1dcf03303ca"
-                + "ed31c392add1bc6e49ba4597d84ff697c789d134a818479cfdf25514c7f16e282d887043"
-                + "44921a6213a0c88f8108fa62f934690b22094e7c745827721a5d8b3ab334568e4fd0f036"
-                + "1c73b673ea3dcedc93d73d3e2767f4ba510715b25d90399cf8b0de92a650d2b55d224377"
-                + "16a9be719f17b8a3267735f2837b86a4cbf9e412f392f337ec0bfe1b6b29bf1eb65aff1b"
-                + "07cad4f7d1bbdd614ec844bcecc7b35962b631670a8bc5297bde9d5ac9b33523730e37e4"
-                + "e83dbc9ffd367c4f7cf3f143279e4d43d4eee8257dfe72accf65e34c15b8bbba4179c52b"
-                + "38cae85c01262dac2408ef238031ddca9f2719c8b4dbe9891ecd9a3f47a7ef91fe894de9"
-                + "50f771df97ee52c1df1e3aabbd41a050fdc7a10d2653aa81f0463bd7ab9c2441a8fc6a0d"
-                + "3e14006038c3f2cd01219e25b9f98841e25cccceb78b67ad986cd89aeaa4548ecf11ff09"
-                + "83bc2e1b02f62393138c29b9f0c18538b3f8453edcbbeb44d309cfe714223455c69b84b2"
-                + "04b74204d1a0ef46d30b36feb3ef409976ce56ddadb84346e90d387d5fd8910ec407d3ed"
-                + "1c632fbfdb58e85fb797419d49cbc5b902bd3806c483994033817fe9ed6015b4dc4ef5b3"
-                + "5e14ae5ef1667844cb570a2b2f344dbab4c9f5a7a33a334e704d3a6fedc690088ff331b3"
-                + "71b53d2fb0e8f8570fcd4250db8340ff677479e81b92deb5484627ef3c10c210db151eb6"
-                + "67c20c52ba4d9ea83f8f109d9846a9dbf51a061b42ee6e98fb26986f87de70ccb22d7ad5"
-                + "151c9f978882be28e2a9dce608cacf73e15c08e8f5eecee0e45ba428730e619bb25ac943"
-                + "d93de46d122fb2e52d992ffd54fbb7d4ea67a6cabbd175dc0146c82ab5f5c248f51660bd"
-                + "44d24dd9f6e40ab28145003e6c1925fb0a0152dc2dba0d92f20562a9adfe26eeb82ad642"
-                + "4c805d95fb494797cf882d4e5a11438a35d2e29ee22b08c62980d656176e6049def1759b"
-                + "ae024a55e24a01f3dadf1953759017f48f30328cc3c1972dad13ebc58ad36975a7bffb3c"
-                + "1a0f08d84ea7c8a6cbe0c0644fbc095291551f232623431282cd0a5ff1e07ef997f78170"
-                + "d1e61c6ed4995a02d6416f5090f8c254107b6babcc0d0a4c9b8973228e35a4fbfe1c3117"
-                + "e0ad3fb7dddbba229386e21ba7e0f4c22584cd09839ecf3e432a9ea3d5fe0bce55e410ab"
-                + "eadd51242484c48c464a64e3aa4c440e5e0b0bdda97f5b55cf175f2bebdcad0dcc95633c"
-                + "58037974fe5621561e2a72b4d821a816c2ef87544eca26646ad262efe6d8715a1594c12f"
-                + "9ab1b5682c3cedacc2cb0a8f2ce7bd822ba6c09f7acec55155eb045f18abba40071cd3d9"
-                + "670e64eaed9a3ded5e50fd09d2a2f19463358bad2e0206f23c683aa36d07bf73f45dbeb5"
-                + "65e35d04e2429552b5d6b0ee3e5eae0b05fad9ab47897c275938b7c1d4cbe27cd2a8869e"
-                + "ca252a35c64a92d1915957053063567adf1fe1e7c505728e80b5b75232d5468e703bebe8"
-                + "1d8f8e4af4956e31fd908ad454dc3852120e14b73d43d09022096a67b0ceb33929d71bfc"
-                + "521f06434e799ac52795a99eeb6c37179b3c477e52aea42b3389ae6c10f88f0b86fa4f15"
-                + "d6ffec4392fa3e15cedbb14ca9bf20a0e8b4428942b182c9e7ff55034d3c00647b6f4838"
-                + "758f255cd788407f2927df0bec4ebb097e297bcd641c85eccfce36e238da7e5659a2c86c"
-                + "2997d9ce43af5028b97a93d4dc879b879e88329853c2f828f451d1f9aaf09bd250c78a97"
-                + "2ae65f927e9fc0d42b5d41652fd8f5981b6a539a05bf183a2a9aafab420940839727b3e1"
-                + "abd10607dcb357bbb9a42873cec7b94e07d89e62431cc9359a6b21b1b0d188c7475dfb24"
-                + "12412abcebf7362e9237ce23ad96175c494cc612bba81db7b1e25269403cc7c7f9d567eb"
-                + "5cec3468c1bc4bb2909fe0402e7cf6ae55890cdcaf20925be73ccd7f5c4a901fbf5dca81"
-                + "fe4addb08f8792dfe7f3401d0b773508decbdd7a68a6c65b0406e5ced5a8d600bb2e0dba"
-                + "6c62c81c91b2c104babb238e40a2501eec80eb2ca5926d15a3dce16969075dcd4578bfd1"
-                + "0798bba7deb1185d54b9de44f2467f01d10f1434d160c70414dbf8f470ce8055188dd378"
-                + "77b76483654249d0130a3e2dff9566c8c4c0e4e7a49c3c9566a3514230ebb3c259d023a8"
-                + "62d6ead2b6c039bf3d625de70a0f949aeba7d5ee3e36188d03ec4f73b7320a4a14917432"
-                + "a2bc8badacfdc44d3e27a67143d803f3b2cde15c4c3fc0c44d7217db4263079328beafa9"
-                + "08e58f2cc50cf3ce8ea72e3afa2116e1029e4272a778d856bb554d301c51c612a50b1493"
-                + "fffee9e1af8661957542ec9d0e752fde6ea1a779629c8c420a65791479af9d0bb3c6fda2"
-                + "62f123fa31caf73269c5e2b225f29affbf643baea8f9476d374f196fcf9f84c002fd94cb"
-                + "7b962e7571693acb3218bad4d84b7a5059b514521ff73bd8fb8b3a56ae26c9d887c487dc"
-                + "3d0a7efb976313fbd463b8155e8b0b9a4adc4dd047bb801c4fbfdcf40a36e34c514f0a30"
-                + "575a249560021679514c73bd9f8ab4573361fc154a8c4652e2bfd3321cc07f8414149ec2"
-                + "fe2577ed2ed555bb185152cdba7d261888ea25255d9f6cf03cb6e070982d9c96df7d1eb0"
-                + "4a827d3b8363db91862511325650c883a0b5b7b859582abefef6e53a40fd44e0796e77b1"
-                + "f153335ab5ce46134c70250079ca2203cf669c46c83c98069eb250384eb0c2562d637173"
-                + "b62bc7a36f45cf8d6c30db080c4064405475aa40e56286c379abc104fcced45bffeab6f0"
-                + "cff7affc6cdb11b5059f58c29b9aff8fa109dab6aae812f98dcdd30d697ae85b80fc660d"
-                + "4230ec4e4387a0e782d0015f69fb3748359e26c6f63c5448bbd2a42bfe51b09d791bbff0"
-                + "b2f01af9929ade978d4e5c4447e456a454a3fc23c07e5a2c526967f21e61f01ec768939f"
-                + "a0ba0ddb69efd43144dcf105980c3b333a340b09c24f400cf3bd83714207c8e2102487b2"
-                + "528fc9d26dc6e4bcca8649d98f4cdc4049cba4189fdb4f6d3b302bae2509c24fb1dfd023"
-                + "66a4f3b0ae9ed3929d5ff53cd2a52f79fa5f760def0c3fabb7ad29015630a1db7c94902a"
-                + "355f9253b04b27b37d4032641359b8a2af4873a00935af24b3581eb876dd5b5b77d33362"
-                + "4965d9f111a418c6d52d27ec077bbb6e4af47c30c1af88de18e78bd12ddec4ac95441d6d"
-                + "250beda3d00c5749297a9d9eacfceeba57c702b40dd689c97f814d875d7801467a116c18"
-                + "fca3f87d29aaf7d93df441326e915dc4fbfb998a09210194b83c0f5c026abde5ddd84fe6"
-                + "fc0dab52f913aa95e18a17b57076a45c43d462618801a2a491188b8669456b13b5cca4a8"
-                + "af9743edded05454a6f2daeb25f427b0e869f93b930598cca12cbbc0c76934a7ca189086"
-                + "447bc98efe77fdc451ceda5daa59f46163978f066cd201264cb07e5a4b060932e908a3f3"
-                + "f50dad32997802ba09d260e5d34ad736b0fa071b56e903171e0b6ef7a315d3f707e75813"
-                + "de262e9fece391ecc13c75b8633fe450535d8f376f047f3cfb95d8236110acf7f634570b"
-                + "adf7fca12fc67597993efb142f8cc1b4155a12e589b8ef4751ebc79ac76dc3081ba98b39"
-                + "ea862d0acc43377608b85234ca37518f77b5f95f4f0c9df443f29241bd37e0c5b2de872c"
-                + "4820e080cefa55222c4bde0b97064f25f1a1bb22ca5e6fe46ef570e5967717acb5022ef3"
-                + "a16dc33eba4e9fc073307af3d5121721b04958c15015ba717ba0ab7cc9f8d09478cc1ffd"
-                + "8a95ef7588cf0913d4962e19c20bb3eef063df0f8742316ef2e716fc1a07cdccde9f65c7"
-                + "f96ba4905c10f1be509feed93ca9c87fa25e69fdc9bd9a65645ca88959fb9f192d9a051d"
-                + "257762670019ebf83a822061770261e5d853366480f9e78d916bcfad408296040036d8ca"
-                + "110f1aec995b3a51e1cee2c091c42d822bb58e5030ea544ba3e654635a3f6852f10ab8b2"
-                + "0261abd29728386b7afa1c90b22f501c2a56791290c7b4cfa45f00e6e5cf9290615f5662"
-                + "fa14721f4bc39b5f1d8cd26e48eb315bdddc0ded1761ac2c35fd19e6c6b5b09934203001"
-                + "0c359c602d884d5bcd1fef0b767f48007466fc5de7e75edfbb0d0bf5283580806a1206ae"
-                + "56ceb33462d73f7963d59ea39a1573b68077b374c78c7f9c2e30702a702de89eac5dcd30"
-                + "7e4c15b5fcda71999717c4a62ce39d5c8f0d64b04432db805e6fb1eea5bd80f24cc16ada"
-                + "944460f6dc7b87388cd35d95b31c556ae2fb3e38adc976bc0b0cc57195bcc5716da47184"
-                + "3765cf56463c5dc60545980c3e875bf34b0161d151289eb40ce4ffeb622289f875e6c772"
-                + "e36bbbf4adb0219ae5a57d3e538c99aed9dfe25996933982b16edcdda63b2224ee328ddd"
-                + "7c553973dd179fb103214f8b7a2ef64be5cb4902af5d1ac34143789c1b22334a94cd62f0"
-                + "c564540b622a4fe64f351e9f0bdc38cf67cba390a89b4f31122c2af687621b8e73564fdc"
-                + "55b1f47d726456a5d680da5d190a6964b75d22cfd2a1811e122da4b13d418a23d8516c00"
-                + "ab43258ad1a167c4c646086a393453a68a7d4ed728390c3668fbd5a3249f3abfea61fcce"
-                + "739dba13d7f54452710ba93abc3fe59521e6b51f75c6c86eee2b802eb91906a2012ea2c6"
-                + "10cb6ccce1426ca387cfeaf5adc58f8efca2be5c879c4ad7dd5743cddf055d2ba7d5b21c"
-                + "1bdf99b0764db277c009f4a74551c2439c3077a622cdf71cca3c50c7566672dada194a80"
-                + "b87b61fc9a9703516d05416bfbbf8efe8b851274b4aac21ddebe08b59cfc27ddd09e62dd"
-                + "2c204ccd41e7e70439f14c04c301ee12510829915cca471281aada72bce316db43b300e0"
-                + "db02f2de5c5b983a0865ef040e07bda1abeef8aec9dd35dd1f0d682c74143e4975a8ad2d"
-                + "47388bb11ac712b0d497333a2f7d8a1f8c592fed73cfeb44608395c961534b7553071d5f"
-                + "5a8c5ff577fb9a256e3730d523eac6802c2b3ac51dbb3d99e9ef82e9a665574284f20e03"
-                + "eeae9bca77304aa9bbdbd0e5a8918079110cab6f360b2cac2bfec486f0f4fe243103d76e"
-                + "4edcdb6a45bc26d1fb1ef7b27f8fd186a51ec05afc9293e7dceb7115e3f5d704c2e2a97a"
-                + "41a4d0e020dabf71c5eb383e48afa92d92ea6ce6a0a49bc03b51bf16054d0edd8949a989"
-                + "774021e2a33c6ff3bfe2d27c30af475af7824feffea8504c344fc53ca7be12486a14bf29"
-                + "a1ee7411e5fa9c30d1e7087b3de8d66cef6961f0a8aec5d9b2028fa7b616a67cecdad5e8"
-                + "7c336692707a977667c466dafd5ca9fbd4d82a95b8fbb290427012cade518643d4bf23a3"
-                + "bd3bd03fb6764aea2d67712e6d9037865a73b30c39d73ad646c20bc7ed12d3665d579dea"
-                + "7fe535ac2a793ad000b5f24bc620262757120cb5a5327b9528bffce4a1e4424cd6d7f476"
-                + "3d32f39994fc1354a951403c4c9661652204c54339b86b9e0a3502061f46c49ed270640c"
-                + "0592bfeb3be8e7ce46a88794ba25e60472824ac99b1811cd45cbd5d318fe142909d8a650"
-                + "697d17fd9d9562ab9490a0505be9bcfe7ff076512e9a59e82d0158a5651718d3cbfc6aa1"
-                + "350ee9f5a3dc92fdb3c47f455b837ede08ff887a13932b99caae20cf3454a93c9552d2b5"
-                + "76090a3732fa060b79114a25b7a76dca543a2dc6196c036c3fab400ecae7f60db7445495"
-                + "1470a9115458bbf66249435ffb072c1337590f216c66fac68a4ca8447b74f0369ed495f0"
-                + "8cb47f7e2a35c9f3488e986df8515f6862ed088cd1664aee5e795243b5fbd97a0e9b02b4"
-                + "a717b6a465dece97bf94eb051f005c4c6bcac464cc2eff1ef76d0354445e3e6c73e265a0"
-                + "d8678b9d03c7d7297ecbe05df1b6c1976f0149d3fefd281be6e7b2ff4417807f98a915fa"
-                + "2f547ac1e0754e4aed029f537ceb73ced97dfb64d72310c1aad1c6813309cb7a5ba9d9e0"
-                + "a680d03b485deef17e6bd6b37d68b735729a4c2b6cd9171247b9e83f34ae2bdb9b8281d4"
-                + "4b19a3a16bd435de67d279cd409b49be9c9cabef9c33369e276a1fa877aeb617c158b5a8"
-                + "1efb72a2560d0d5d52f242429aba494341ff666d029a81b73851a3a67bd472ac45e24650"
-                + "5501f6ef3d96fb4d79bb7db21c736f931bf8d587d67e52ce0d006146130b3e8b420eff80"
-                + "04345d8e4c6aa225f93eab381eb96b6d98329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "2cf2f2b4dca49dd5439887c17619ad19af1875314966a1bff213fcabcd840e57f9758a2f"
-                + "491ee30814a1200ff2ec4e995050854e19095567497e1b347531064a0134a1a78df4bd64"
-                + "942e69aa9229b50734b7de1bb27a357231c7967e7e34180cc2eea4806698a1797663a60f"
-                + "d7f31312f95d1196a8cc9ff3afd0a7f9f2413a7b57ad277e722c9579ef0f1e5052e1a8c9"
-                + "e14487489cc973d39db6a737c22ccfca16e73f7d9995b0cada5f12ada2f363eb60f631e9"
-                + "cbabbf60c54506228d05244f77b31516d13d544e93e7c09c9a278c7e20d08c827e7b5d6c"
-                + "f9045867af2bbdf67351a062d9b92cd0bd0e25b3117f0226a94a5e702534a42dfc7540b0"
-                + "5823107ae3e862f0313c4eebd51c2a7ea2529ee3b772c0b5f0481d599d9877f7fe2a17c9"
-                + "e68d863f7008303283a662d858b23b1ed7eff18b4e6700da4385f3b63a50afb69f91699d"
-                + "67d1d29de92067d74fe3802701b7c1992cbb79d4bc93c060ed7853e21f52ff6038b7f782"
-                + "d5abc83b2338e6673a4d279155aa0ecf1b413bf5a40350efc125d5306d370c0098a4cdb0"
-                + "f90c8a56ab83eb788de80ba3f0f72594bac39e72c9db5fdd6a5ce756360b26e02e44582e"
-                + "c37aaf2f6b62ce1e310e610ae837f156fea983e3b98b3f423a05e921fe128fcd5b77c8a9"
-                + "b6e83bc1e7a3da672fbb8e9608f73d90c3131a3105fd5e7a28e55c36bcba0ae9cd81f3b8"
-                + "85b3097922d3bc38c0a07c9b8d5cae72735ec42b7773736a49742a1a874798cc413a8ef6"
-                + "99c93721d00fe839ea658629ea0d095220ef8be586b3ba3b559b3b830af465bae074e6c6"
-                + "35dbe792a00dc34c6b063df28e7b590334de1a1168e231803d24e20a7847ff07d84cbd92"
-                + "edf06748d9e4ed5f220c6a29768aa0868ab913c18ba8644e9231ff6543f0e8040a293b02"
-                + "1bab9aaf3c6ce2d0e9a00247bc599c039b8e7f5258a32d4266506d8982ff6477d2b33f86"
-                + "a1b49d6f764565a247b55b99b3bcc495f6229fca3c25ccd0fc0b80ec869676bdae256088"
-                + "88bbba32c0b3091e4dc7bca1e075621b844ac68a721e8e38f8509920dc9d794859ca6a55"
-                + "197a43682948aa36e24c7ffe5d332c37f30038a1eeddc1bf7714153b2de07f0270a45d86"
-                + "f6fa4f7455abd53b835ec2e6d7a3a2701b7cbda1dbcff9efe8661cf979ba6020c6ce1348"
-                + "d917235b97733dc7e1719c4d4edaa3ce565f734cbc4bc9c15d62710940b5466fa3670c58"
-                + "f8e379e7e1bd907f341d98057d9b2d9d96699a761a4e1967080de5cc9063cd226cc32a2e"
-                + "cb35c65d649b308f78947dc60c5be1c41a86f39f57cc97c5a1c0a3a1ae24d9340020fed8"
-                + "c950467208a8153d25d57627636a3b658dc33a08afa1289b8b995b868bd078a07a04f74a"
-                + "fa3a2cbcb31f83a923f73631ead4fa1bcbca7cf6d0da667da13bbb4e81639b60b66d6fe7"
-                + "de1d4fb4b43a47ff5fe0428bd83d81d25b500d5cd45e8423b3edfdb6bb0ad1b0aa179e69"
-                + "fc9e7761bf1d3ad9bd6b61cd45ae349b41f80ad5a44b5e016d4edbcef1ccb2aec3724798"
-                + "54569927fa0763df1d79d64c64344b1d3548c79ae18ccc1c9e8260c19442097c7526aecb"
-                + "2ca88c90ce83c6fb20351251a26765da8693bfe6e19c6fc597d06ae8392051cba13b8ba3"
-                + "40bcd82c5a618a0bcfb1b323da718ed39c8f23bcb5ca9399f6f553aa64ddc8c54e36521b"
-                + "63713571cbddec9c9c8ad0ec0816931e508c510453c61cd6b1e4015d11a56c6fc51ed4f1"
-                + "09a2020923f39dc973e36563a8623b2141390c83a9d5f862657547b2c03ed44e414421be"
-                + "6310e6c30a56a537712534ad0d1d6a0fcaef476de1547947217bb3784b7eac2153190048"
-                + "3163a346a98d129b384ef76b8e5635eae20a8caada944ba3a3c8f9314e72364e8036e65d"
-                + "d45f805da66eaf2d103077530e51c8fc24cb5aa80e71064d839e51e7181faf4aedefda99"
-                + "ada1c4e6d983b4725f06585737fec97c0f1305e8d9ab6ffc9e668814a0b724adc2d32ce7"
-                + "5922f31352b06ab88aeca21f74b1e395e7ae23f0f5ca522d9aa891269b066d6e26d42a88"
-                + "88a6c2d5652c66bee84182e04f301bbebeea210e906c2b4aaca884b59e05e49d4676358d"
-                + "31a2bdf1b1df8c1f1a64a798ec4164387a46f867dea6eee27f55f8d7cd7db706b8728f80"
-                + "ec8727bb911e0f40956cc5c64b627d8d2756d3f2f034b9beec2ca8e020161886c6b2da8d"
-                + "dedf295d203db75e3556137b7b06bc3b184c47c67c1d01673dd9944803b5a94c00dac3b6"
-                + "906df70452a63a17d34fc4ecb6cf728a8af98b2101ba360dde85861ab5f4ea8da4bdc21d"
-                + "1150a0920b90c6c4de2b3820100e257f26251b71f1b8f626b624125f30fe09e67cf25102"
-                + "4e7e38872588362d4a2e0654946153c010913c268be47a5e813e4addb8476477bf9872c0"
-                + "407670bc0a7552cd12d6f455315d63fa9ff564cdfc91d2d5bd44223c79b82532b39f1c2a"
-                + "64122422665181bbed5a87d144b621afc2c75fd07f92e44576b076ac2568fa2836ac51f9"
-                + "2fabd5cd74380df0e8fcff0fdcfd3de1aa1ace9e448dc1ac7953cb4bd9daf932247a6679"
-                + "3d2906f5cd80c87bd1504c12fa9343efd941921829b5e5905bcc031bf4d0d25d99c8c68d"
-                + "87ff350f1a6b782b6522b2cde82fe50782536b36050f8bde173f4d75f9c44ea13bf9eb2f"
-                + "97ee31deef5a2f4f888401095d3d7b9193b6f6cf7c38691d84389cabef5fab1b00b0fe2d"
-                + "a794e65cc6303874c157e7977ee723d832cf09d24b296fd7dd4cdb568865562a55224204"
-                + "b3793b94a4ac073ff112279787d17954bc1c1f20c87614dbea1b9590f826df22d39c2f92"
-                + "26c7c3e66de14faf33ece2e0c7825d72b137e1e507e9f7dc08a1fd37febccd3da7e4aaba"
-                + "3729dc4357bc6130592452c04e26634c9597e2045ffec98d064ece0b6257c3fe89a1fcc8"
-                + "4389c477d2910067b4165385584833264b9581dab39ea7e53fe69ca5107f27c1ed6b9f91"
-                + "71f85d5bb463f634b561a079de9f27201931cab50b5c81c77c6ad22d23757ba532ab133d"
-                + "217307d8963a97e7900d90b5dd749886234172753e7afc9a9ef72500dbbd6caf4e86a586"
-                + "92631739c853a3fd07e2e1f8a7d6356f8e292f350f2d8707521323d56a9f9549808d6ddb"
-                + "aa1a1c12848a9430818fcbcece279b35d934b705ea39d108c82a1950f093f9c7b6f8de80"
-                + "f5c3cd043c2ffb5ed3f8d8ade0750edca071ef611ef59cfa5ed322c6401bebe646e92525"
-                + "e04c677a2ac6e4bcca8649d98f4cdc4049cba4189fdb4f6d3b302bae2509c24fb1dfd023"
-                + "66a4f3b0ae9ed3929d5ff53cd2a52f79fa5f760def0c3fabb7ad29015630a1db7c94902a"
-                + "355f9253b04b27b37d4032641359b8a2af4873a00935af24b3581eb876dd5b5b77d33362"
-                + "4965d9f111a418c6d52d27ec077bbb6e4af47c30c1af88de18e78bd12ddec4ac95441d6d"
-                + "250beda3d00c5749297a9d9eacfceeba57c702b40dd689c97f814d875d7801467a116c18"
-                + "fca3f87d29aaf7d93df441326e915dc4fbfb998a09210194b83c0f5c026abde5ddd84fe6"
-                + "fc0dab52f913aa95e18a17b57076a45c43d462618801a2a491188b8669456b13b5cca4a8"
-                + "af9743edded05454a6f2daeb25f427b0e869f93b930598cca12cbbc0c76934a7ca189086"
-                + "447bc98efe77fdc451ceda5daa59f46163978f066cd201264cb07e5a4b060932e908a3f3"
-                + "f50dad32997802ba09d260e5d34ad736b0fa071b56e903171e0b6ef7a315d3f707e75813"
-                + "de262e9fece391ecc13c75b8633fe450535d8f376f047f3cfb95d8236110acf7f634570b"
-                + "adf7fca12fc67597993efb142f8cc1b4155a12e589b8ef4751ebc79ac76dc3081ba98b39"
-                + "ea862d0acc43377608b85234ca37518f77b5f95f4f0c9df443f29241bd37e0c5b2de872c"
-                + "4820e080cefa55222c4bde0b97064f25f1a1bb22ca5e6fe46ef570e5967717acb5022ef3"
-                + "a16dc33eba4e9fc073307af3d5121721b04958c15015ba717ba0ab7cc9f8d09478cc1ffd"
-                + "8a95ef7588cf0913d4962e19c20bb3eef063df0f8742316ef2e716fc1a07cdccde9f65c7"
-                + "f96ba4905c10f1be509feed93ca9c87fa25e69fdc9bd9a65645ca88959fb9f192d9a051d"
-                + "257762670019ebf83a822061770261e5d853366480f9e78d916bcfad408296040036d8ca"
-                + "110f1aec995b3a51e1cee2c091c42d822bb58e5030ea544ba3e654635a3f6852f10ab8b2"
-                + "0261abd29728386b7afa1c90b22f501c2a56791290c7b4cfa45f00e6e5cf9290615f5662"
-                + "fa14721f4bc39b5f1d8cd26e48eb315bdddc0ded1761ac2c35fd19e6c6b5b09934203001"
-                + "0c359c602d884d5bcd1fef0b767f48007466fc5de7e75edfbb0d0bf5283580806a1206ae"
-                + "56ceb33462d73f7963d59ea39a1573b68077b374c78c7f9c2e30702a702de89eac5dcd30"
-                + "7e4c15b5fcda71999717c4a62ce39d5c8f0d64b04432db805e6fb1eea5bd80f24cc16ada"
-                + "944460f6dc7b87388cd35d95b31c556ae2fb3e38adc976bc0b0cc57195bcc5716da47184"
-                + "3765cf56463c5dc60545980c3e875bf34b0161d151289eb40ce4ffeb622289f875e6c772"
-                + "e36bbbf4adb0219ae5a57d3e538c99aed9dfe25996933982b16edcdda63b2224ee328ddd"
-                + "7c553973dd179fb103214f8b7a2ef64be5cb4902af5d1ac34143789c1b22334a94cd62f0"
-                + "c564540b622a4fe64f351e9f0bdc38cf67cba390a89b4f31122c2af687621b8e73564fdc"
-                + "55b1f47d726456a5d680da5d190a6964b75d22cfd2a1811e122da4b13d418a23d8516c00"
-                + "ab43258ad1a167c4c646086a393453a68a7d4ed728390c3668fbd5a3249f3abfea61fcce"
-                + "739dba13d7f54452710ba93abc3fe59521e6b51f75c6c86eee2b802eb91906a2012ea2c6"
-                + "10cb6ccce1426ca387cfeaf5adc58f8efca2be5c879c4ad7dd5743cddf055d2ba7d5b21c"
-                + "1bdf99b0764db277c009f4a74551c2439c3077a622cdf71cca3c50c7566672dada194a80"
-                + "b87b61fc9a9703516d05416bfbbf8efe8b851274b4aac21ddebe08b59cfc27ddd09e62dd"
-                + "2c204ccd41e7e70439f14c04c301ee12510829915cca471281aada72bce316db43b300e0"
-                + "db02f2de5c5b983a0865ef040e07bda1abeef8aec9dd35dd1f0d682c74143e4975a8ad2d"
-                + "47388bb11ac712b0d497333a2f7d8a1f8c592fed73cfeb44608395c961534b7553071d5f"
-                + "5a8c5ff577fb9a256e3730d523eac6802c2b3ac51dbb3d99e9ef82e9a665574284f20e03"
-                + "eeae9bca77304aa9bbdbd0e5a8918079110cab6f360b2cac2bfec486f0f4fe243103d76e"
-                + "4edcdb6a45bc26d1fb1ef7b27f8fd186a51ec05afc9293e7dceb7115e3f5d704c2e2a97a"
-                + "41a4d0e020dabf71c5eb383e48afa92d92ea6ce6a0a49bc03b51bf16054d0edd8949a989"
-                + "774021e2a33c6ff3bfe2d27c30af475af7824feffea8504c344fc53ca7be12486a14bf29"
-                + "a1ee7411e5fa9c30d1e7087b3de8d66cef6961f0a8aec5d9b2028fa7b616a67cecdad5e8"
-                + "7c336692707a977667c466dafd5ca9fbd4d82a95b8fbb290427012cade518643d4bf23a3"
-                + "bd3bd03fb6764aea2d67712e6d9037865a73b30c39d73ad646c20bc7ed12d3665d579dea"
-                + "7fe535ac2a793ad000b5f24bc620262757120cb5a5327b9528bffce4a1e4424cd6d7f476"
-                + "3d32f39994fc1354a951403c4c9661652204c54339b86b9e0a3502061f46c49ed270640c"
-                + "0592bfeb3be8e7ce46a88794ba25e60472824ac99b1811cd45cbd5d318fe142909d8a650"
-                + "697d17fd9d9562ab9490a0505be9bcfe7ff076512e9a59e82d0158a5651718d3cbfc6aa1"
-                + "350ee9f5a3dc92fdb3c47f455b837ede08ff887a13932b99caae20cf3454a93c9552d2b5"
-                + "76090a3732fa060b79114a25b7a76dca543a2dc6196c036c3fab400ecae7f60db7445495"
-                + "1470a9115458bbf66249435ffb072c1337590f216c66fac68a4ca8447b74f0369ed495f0"
-                + "8cb47f7e2a35c9f3488e986df8515f6862ed088cd1664aee5e795243b5fbd97a0e9b02b4"
-                + "a717b6a465dece97bf94eb051f005c4c6bcac464cc2eff1ef76d0354445e3e6c73e265a0"
-                + "d8678b9d03c7d7297ecbe05df1b6c1976f0149d3fefd281be6e7b2ff4417807f98a915fa"
-                + "2f547ac1e0754e4aed029f537ceb73ced97dfb64d72310c1aad1c6813309cb7a5ba9d9e0"
-                + "a680d03b485deef17e6bd6b37d68b735729a4c2b6cd9171247b9e83f34ae2bdb9b8281d4"
-                + "4b19a3a16bd435de67d279cd409b49be9c9cabef9c33369e276a1fa877aeb617c158b5a8"
-                + "1efb72a2560d0d5d52f242429aba494341ff666d029a81b73851a3a67bd472ac45e24650"
-                + "5501f6ef3d96fb4d79bb7db21c736f931bf8d587d67e52ce0d006146130b3e8b420eff80"
-                + "04345d8e4c6aa225f93eab381eb96b6d98329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "2db3bf4734a965fa4770d979ebf4fdb3d34f4be95b71eb847b49617f135949949f7cc0a0"
-                + "3bf7dc34ff6f252a1ba282de8a5e9ab00ca0360287c3f6f0b6aafee8b8c85cab6a95e4e9"
-                + "8184f3274c225fe09652529bcebf94e875b3f865b90731a09ea961957cc64f5cc8f8327a"
-                + "f89d7aabdfe674b4ced15e518d2858e56e75c1390929f78543a9f92fb0e0f8673a6b1754"
-                + "777f8255e18d3ff0910152f408b01618866f7dc543c774ab7ce2519f2a6f79d36dc016e2"
-                + "857ba62fe184fba6a3f67b6b227970d66d8e353ce4fe8ef2ccf1287709843626a0daff30"
-                + "8bcd43da83e97b361bf2e8def2653d09e55959c4c869a07330d4402b8916389098729839"
-                + "38c70b0642f8abdb60ab0a7ffd8ed4b1b8f70a46e928a03d0e39b13fccfbb6ccef36ae87"
-                + "c574ce1c0c8457984d11a57b440be6e9c4b59cb6f1cfc744de6b6550204859f4e4067b4d"
-                + "68689acab08c9ab6992011d33b9fc151a6e27919b919577a91e832fb2be49da4e5338f1e"
-                + "dd826ca2c3053893dfdc1d5793056d25e086214ffe5dec5aa1f714455d217bfcd6eb15f9"
-                + "71aef90918a3df6a5e2446b79a0403583986856d6ddea69c19ab9b63fc14c5735f170935"
-                + "f69463b00ebb2bfb532170b532aef338450f92dab4a6f137b3cb0622b3a0c8a4788fb6f3"
-                + "cb9ecca94f854ace5240ad1d94450e890a87de8c68b1bbf6ef25c27fb4a048a964074b66"
-                + "bd701e371697f6e980443e7b73f5472a70c2a90b37391ac097e7babbbe638eb48f65c657"
-                + "5a4d17593662228e90befe04756bad819e57a023686751eb682239a476a171148068a0d1"
-                + "ad6be1a41393cb99b7418c344bc5d746a0040053630ee07187481d42b1a280dc7e0d6279"
-                + "73217f834e5ee4fd39077a1513cfeb50f43a3e9755bc76f77c322b41fac2ca343a0ce83b"
-                + "53d817590035c1ec93807637647e95b9c6278e1ddfc190d379a9ff08a0a76f99fc39a90d"
-                + "38c6fafc30e93b2674f7aea3abf5837f1ed1669e2644b20645bc90af5410166a9f408ed8"
-                + "7726bcb97680a492e2dd8932979c902f548e9d6c08fe9ac5624246bdd1c8c447bd3dc300"
-                + "01f41306ec3a4376f5fe84948fb47293794aac5c7e232277a666c9e6b89164f34e3c7daa"
-                + "330769aa450e4c8e49b42ad6a89567133b15c1dba1e098bed5f8e11219c6a924bb451884"
-                + "b9f913c7e4e6520d979637ff2f041c6d509e9ef9a556211fbd87637f9631e96e7423edbe"
-                + "6d5f159e6d764604ac6bb9d2f817ffc2d972cc8833caf06c3d82fe85547d0d616904535c"
-                + "01d0b33428ffdbe55dc75a2e02b5fb475265cc05252b50339afaa24107157a59e6d019c1"
-                + "f97a5e501ab70e1a990bea653a3a81a53b2ff363c86eb0f2faad2b6710d39350baf21ed7"
-                + "e37c7b2a641622bd81fcac28fe4dd94ce46573a747e5fa5a8598dc75250e3d163ea9a5d6"
-                + "d69b641ae137f226fd79c5dd5ba5d80051464e07ab54320881f2528bbaab9e0cca2920f2"
-                + "f226ffca4f3226fe6e0e69e6ea9e29f7a22e5a438080366bcad562b4bc55066d95597e8f"
-                + "ae2df05eb1f4ebf31959483ccd0844cf8e38e71d4d7adc5ffd7785b9184c7c11e9c801b8"
-                + "399155864aa0415204202aabb04d0d2f67ae6c749a94181c31b7977e67ad2727ae6827c4"
-                + "83192b0f012838a51c99900d4a46d28d391ee156b9bcda6de602a234b3cc7dc64ceb5988"
-                + "a03b66cd8d45d3680dc75fa49647a104fc786d87b97defdc85e0cd02480dcfcbcc2608c4"
-                + "83b3026c6121623ec37a21d75043854b9b0df1da09e3af9f9138e9b2c9a7265bf955ca0f"
-                + "2bcf06848ac369aa9afc6df9eb0389ac1e496772dadf04bfcb935a14f21bfe7768729f10"
-                + "0e3f34ef640b8db629c49ed3d1075a232f0a3826bb8df7086b06ca3cfa953d506d613166"
-                + "f3f951ee7370ed35f8ad9b8379c38c0dd884d282060454a2d6bb1ca945c2b80d0c2f45b2"
-                + "43773aae5773d11a0af3e8d43b79f11f0fe02a49ab580b0ac2a43a875a07a0c16307096a"
-                + "96adcf528abc00ce33897b1727cb14021d78841e831a302abe431adf4996a448889ae893"
-                + "6a7cb6f76ad44f27e601ab6b4ea43fc40889a4079359f3cedce6da4c7b9bd9085ceac4aa"
-                + "b78a0ac3582daa5450cea6fb3c9054b052694db1959e75873ced1a02ec2d0c982e0b6119"
-                + "9a6f410869672a869ff299154f8ebd3bab0015ca265ae7cdfc58b056bb5d3720bf8aee6b"
-                + "a64233b4539ef1327ce171d98862e833381574d7863c495898c78e475d17d7e10e38c209"
-                + "10d685a41484d66d70b19776e411749cf8ef100afd72cb18c34d5e2ee8a10757a108d844"
-                + "67b3226159cf2d91a5df24dc98989ed9d10d796dbe8d4cddc898dfa3893ec2da267f1870"
-                + "53f8a22d70e883172f3767baf3be2b5246d3f3d955bf63e49acebf7f44d69de9ca3bba48"
-                + "2766f04c76477019e928008143deff1e464c63845cfc693f0149b365c109fc496d5b4527"
-                + "42b97bc8c45e5a65e5726f468526472fc59eb3585a9796ef0cb295bf561f6c46770c7ce9"
-                + "486437318852516828026b421d2895609bbe830d2bedabe22053804dfae54e1db7985166"
-                + "c9389010033a8663b2c98b726c67171f2c10d36d05cdb68d1164428992218cf3ef2d2bfd"
-                + "fe4a5d92bbd21a718f9c2bd649bd12af3868c257ae6ece7b6e5b17c9bcd0807f724c80f7"
-                + "f030bc0738488a31ab47693188a0864cb8019cf8e3de831ee512d2bce9e73b33a1b06596"
-                + "26a66eef790ea7e7763bac3aa65ee3ff12fde470209eb8b4add5081c88181b64355aeaba"
-                + "f9e2857aa97666cd0d89c7267c57cb162c74de4814c7c5844df620cdecfa65f96d6dd5ff"
-                + "3ec01016ae57737c293270a3c02b360c5953adb5799a622810df0db8570a7c68d5a31be0"
-                + "956e0859d967c3a12a9a2e8cea8847f6e08f9574d9b1dc275c28379af23ae9a583beab9e"
-                + "6cbad0d7dfa52a92ea7e50cd147e6d2a92eb6c1ea75ef42e57a8ecb89156c812aebb3807"
-                + "38dba335696c98ec4a343b4e24e7aac3ca13162d970d8c71c3a3ebb76ea8571be7678e03"
-                + "ad52fe131c357025f8183f04555ef4f846b09e00dfd486498cbc4465abe4360e05dc3809"
-                + "25cc32cb62315208f2b8400b5b3d7b09826dc523eec6637ac88fdbb3ab1ee394c1dad030"
-                + "99690a12ec692cc215c46a650d279b35d934b705ea39d108c82a1950f093f9c7b6f8de80"
-                + "f5c3cd043c2ffb5ed3f8d8ade0750edca071ef611ef59cfa5ed322c6401bebe646e92525"
-                + "e04c677a2ac6e4bcca8649d98f4cdc4049cba4189fdb4f6d3b302bae2509c24fb1dfd023"
-                + "66a4f3b0ae9ed3929d5ff53cd2a52f79fa5f760def0c3fabb7ad29015630a1db7c94902a"
-                + "355f9253b04b27b37d4032641359b8a2af4873a00935af24b3581eb876dd5b5b77d33362"
-                + "4965d9f111a418c6d52d27ec077bbb6e4af47c30c1af88de18e78bd12ddec4ac95441d6d"
-                + "250beda3d00c5749297a9d9eacfceeba57c702b40dd689c97f814d875d7801467a116c18"
-                + "fca3f87d29aaf7d93df441326e915dc4fbfb998a09210194b83c0f5c026abde5ddd84fe6"
-                + "fc0dab52f913aa95e18a17b57076a45c43d462618801a2a491188b8669456b13b5cca4a8"
-                + "af9743edded05454a6f2daeb25f427b0e869f93b930598cca12cbbc0c76934a7ca189086"
-                + "447bc98efe77fdc451ceda5daa59f46163978f066cd201264cb07e5a4b060932e908a3f3"
-                + "f50dad32997802ba09d260e5d34ad736b0fa071b56e903171e0b6ef7a315d3f707e75813"
-                + "de262e9fece391ecc13c75b8633fe450535d8f376f047f3cfb95d8236110acf7f634570b"
-                + "adf7fca12fc67597993efb142f8cc1b4155a12e589b8ef4751ebc79ac76dc3081ba98b39"
-                + "ea862d0acc43377608b85234ca37518f77b5f95f4f0c9df443f29241bd37e0c5b2de872c"
-                + "4820e080cefa55222c4bde0b97064f25f1a1bb22ca5e6fe46ef570e5967717acb5022ef3"
-                + "a16dc33eba4e9fc073307af3d5121721b04958c15015ba717ba0ab7cc9f8d09478cc1ffd"
-                + "8a95ef7588cf0913d4962e19c20bb3eef063df0f8742316ef2e716fc1a07cdccde9f65c7"
-                + "f96ba4905c10f1be509feed93ca9c87fa25e69fdc9bd9a65645ca88959fb9f192d9a051d"
-                + "257762670019ebf83a822061770261e5d853366480f9e78d916bcfad408296040036d8ca"
-                + "110f1aec995b3a51e1cee2c091c42d822bb58e5030ea544ba3e654635a3f6852f10ab8b2"
-                + "0261abd29728386b7afa1c90b22f501c2a56791290c7b4cfa45f00e6e5cf9290615f5662"
-                + "fa14721f4bc39b5f1d8cd26e48eb315bdddc0ded1761ac2c35fd19e6c6b5b09934203001"
-                + "0c359c602d884d5bcd1fef0b767f48007466fc5de7e75edfbb0d0bf5283580806a1206ae"
-                + "56ceb33462d73f7963d59ea39a1573b68077b374c78c7f9c2e30702a702de89eac5dcd30"
-                + "7e4c15b5fcda71999717c4a62ce39d5c8f0d64b04432db805e6fb1eea5bd80f24cc16ada"
-                + "944460f6dc7b87388cd35d95b31c556ae2fb3e38adc976bc0b0cc57195bcc5716da47184"
-                + "3765cf56463c5dc60545980c3e875bf34b0161d151289eb40ce4ffeb622289f875e6c772"
-                + "e36bbbf4adb0219ae5a57d3e538c99aed9dfe25996933982b16edcdda63b2224ee328ddd"
-                + "7c553973dd179fb103214f8b7a2ef64be5cb4902af5d1ac34143789c1b22334a94cd62f0"
-                + "c564540b622a4fe64f351e9f0bdc38cf67cba390a89b4f31122c2af687621b8e73564fdc"
-                + "55b1f47d726456a5d680da5d190a6964b75d22cfd2a1811e122da4b13d418a23d8516c00"
-                + "ab43258ad1a167c4c646086a393453a68a7d4ed728390c3668fbd5a3249f3abfea61fcce"
-                + "739dba13d7f54452710ba93abc3fe59521e6b51f75c6c86eee2b802eb91906a2012ea2c6"
-                + "10cb6ccce1426ca387cfeaf5adc58f8efca2be5c879c4ad7dd5743cddf055d2ba7d5b21c"
-                + "1bdf99b0764db277c009f4a74551c2439c3077a622cdf71cca3c50c7566672dada194a80"
-                + "b87b61fc9a9703516d05416bfbbf8efe8b851274b4aac21ddebe08b59cfc27ddd09e62dd"
-                + "2c204ccd41e7e70439f14c04c301ee12510829915cca471281aada72bce316db43b300e0"
-                + "db02f2de5c5b983a0865ef040e07bda1abeef8aec9dd35dd1f0d682c74143e4975a8ad2d"
-                + "47388bb11ac712b0d497333a2f7d8a1f8c592fed73cfeb44608395c961534b7553071d5f"
-                + "5a8c5ff577fb9a256e3730d523eac6802c2b3ac51dbb3d99e9ef82e9a665574284f20e03"
-                + "eeae9bca77304aa9bbdbd0e5a8918079110cab6f360b2cac2bfec486f0f4fe243103d76e"
-                + "4edcdb6a45bc26d1fb1ef7b27f8fd186a51ec05afc9293e7dceb7115e3f5d704c2e2a97a"
-                + "41a4d0e020dabf71c5eb383e48afa92d92ea6ce6a0a49bc03b51bf16054d0edd8949a989"
-                + "774021e2a33c6ff3bfe2d27c30af475af7824feffea8504c344fc53ca7be12486a14bf29"
-                + "a1ee7411e5fa9c30d1e7087b3de8d66cef6961f0a8aec5d9b2028fa7b616a67cecdad5e8"
-                + "7c336692707a977667c466dafd5ca9fbd4d82a95b8fbb290427012cade518643d4bf23a3"
-                + "bd3bd03fb6764aea2d67712e6d9037865a73b30c39d73ad646c20bc7ed12d3665d579dea"
-                + "7fe535ac2a793ad000b5f24bc620262757120cb5a5327b9528bffce4a1e4424cd6d7f476"
-                + "3d32f39994fc1354a951403c4c9661652204c54339b86b9e0a3502061f46c49ed270640c"
-                + "0592bfeb3be8e7ce46a88794ba25e60472824ac99b1811cd45cbd5d318fe142909d8a650"
-                + "697d17fd9d9562ab9490a0505be9bcfe7ff076512e9a59e82d0158a5651718d3cbfc6aa1"
-                + "350ee9f5a3dc92fdb3c47f455b837ede08ff887a13932b99caae20cf3454a93c9552d2b5"
-                + "76090a3732fa060b79114a25b7a76dca543a2dc6196c036c3fab400ecae7f60db7445495"
-                + "1470a9115458bbf66249435ffb072c1337590f216c66fac68a4ca8447b74f0369ed495f0"
-                + "8cb47f7e2a35c9f3488e986df8515f6862ed088cd1664aee5e795243b5fbd97a0e9b02b4"
-                + "a717b6a465dece97bf94eb051f005c4c6bcac464cc2eff1ef76d0354445e3e6c73e265a0"
-                + "d8678b9d03c7d7297ecbe05df1b6c1976f0149d3fefd281be6e7b2ff4417807f98a915fa"
-                + "2f547ac1e0754e4aed029f537ceb73ced97dfb64d72310c1aad1c6813309cb7a5ba9d9e0"
-                + "a680d03b485deef17e6bd6b37d68b735729a4c2b6cd9171247b9e83f34ae2bdb9b8281d4"
-                + "4b19a3a16bd435de67d279cd409b49be9c9cabef9c33369e276a1fa877aeb617c158b5a8"
-                + "1efb72a2560d0d5d52f242429aba494341ff666d029a81b73851a3a67bd472ac45e24650"
-                + "5501f6ef3d96fb4d79bb7db21c736f931bf8d587d67e52ce0d006146130b3e8b420eff80"
-                + "04345d8e4c6aa225f93eab381eb96b6d98329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "2e9f1b2d971eddcded8bc3076ab9c3f0031ee792a50ec50af9d35e295521d775eb347682"
-                + "2cd1421c3490a34c4b0d6fdfcdaedd0e3a991743a3bb783993f5548e593d11a5ae5ffdb1"
-                + "197dd6ffe6bbceb726f7abdd1a44eb544535dbba01f5ed986d03782a404780b43e5914b7"
-                + "de443d989f31a87986ae5a30daba9fe9e8b3888930467b9d29583345bd1be8f400812311"
-                + "95acf2941ce2bd867ea15ee4689532a226965a1e4bbc70ce44d506194dea555e86409a46"
-                + "2f2f88a449266d7d07d3bbf0e0e39ebe9c3cc34e9f94a494ff00ecd96d1b4d8b1885eaa9"
-                + "5fcb9b4bd93871b7e26011a863168c94b98d883d278aae9a8512ed55c009bb8173494123"
-                + "ef610ae533550df03a089a0559174df73556477a53177030e5c436b03637fd759b82cd7c"
-                + "8e7928b72a0224684312469284f82c1f5bf38c83c0d3574c4d44fea4153958c514cdfdd0"
-                + "0382b4a3d210abc66c7a1f3d6ebaca64842964fd85b8681970fc1e369b3b6a319efbb09a"
-                + "d888d92d12ae4789ba8015f278cd815975d0f2eb57c621766547b8a532d3fd8b7851df30"
-                + "b491f1a408b69c0c6e56077e55dbc3003183b9e991428323a7ed00c2aa31adec9238e7f6"
-                + "332663d6d31106fd9d253e6351f25681cb81934485373e525d4bbdd0fda723b556f3f7fb"
-                + "c097ad8aef777b9bb230e5a354c872aee55a9696baf88604133b7c876cd54e1327b9a924"
-                + "294e4c6b37c26d6da633ece6fccc6aa3116ada930b16931b87f3125be81f277d3ab0bf7e"
-                + "7c9f38e5ba0a1934e36841ef3ce31e5aef293ea2eff2bd520225633740b167ca5992b225"
-                + "0f914d0190865190c36b54acdf4969b60e0027f740fa27b1deebf832f5fdf9b41ca410c9"
-                + "f1ed521a7dbd8a94b000945bf515bc137785bd44fd54156e2c97a7599b3a9581412f3659"
-                + "9b771abeecd73bc94d63f74e38dd524be43cfa3491e9b8e5fb8b88ae117a10bb0b14b21c"
-                + "326a99b6ac6656a8cdca2364be8605bf580376215685215757b7ff8e3c23a59d33ef22f0"
-                + "6f42cda43bdb13a8de132b46d36ed91acb3f8e6275746519b2729a3f22660713471defac"
-                + "3b6a55d3cad759ce250aef3f19c07c69e445d880283b4ee7a14ac7f2521bf059e13f7d10"
-                + "b889f98054216fa283a9f0ac22a32ab33f389282b3081eec97e3d3111d2c82712a28eb37"
-                + "d49ed36799980c5c7ffb610fe79ae13acdff81a9f82ebb8b8328e01367c9fd889a1a31e7"
-                + "02afcd5676368b8222a5b8601767b698f2ba702c6a43965db7c22ab7407c475d4f72d791"
-                + "61b7d2ddc44ec73ff6c7e9e09be8f7c2bf9d84e9e689f572f3073ccf6e52c92a0bf83e09"
-                + "cff8e434e5807d9728a5e8e8be785d95c2d9a2d73084cbb226007e70c46a4728d58e939b"
-                + "77fa65dfab5f757646b6721cace23795072d35813661890e743a806107a40bb23c907e70"
-                + "918efd8562b56e8e83088505fafba9a18c5615c93f98cb0380b19a3795c7c02928c64822"
-                + "0e84c114a1f70d7869f9d3f91bb72a860f2e124a10b47a4f01274fe26e0d2d5629a1d869"
-                + "3d79352e9cb2ff7b1dc63219ea3ef709e0e63a2e1f0f465e6af54e138635da7185c7595b"
-                + "bd148a419129d91b1cb3a6651de9924786103f5f6d57968a2df5bb075e1a03bc9b536e42"
-                + "baf093d02eff946cd81174160ebe1b7d223d2cae0e32018551b31ef77b05ae19041fec60"
-                + "06915239e7f793d033692f02b85eae37cfa56e1d808462103e2eb1ec002eac45c9134c27"
-                + "b0969b9eaa3d4842a28d44935c2c76f811860898fbfc2e2e9865bf764829c8790c0438ba"
-                + "4757a585f84cde8d336956ce99a44a65d5b328c847a1713b0bfbf43cc65c8da9520bdf62"
-                + "5c31f026b802e571a879cd0709ce71d28ec4df44d6c1edac5c35c03dfe7411e60ae1aca7"
-                + "3741d7507d4db28fe59df2975af6f5c10e0e10997fe683ea7d30616c416282f4cc40dddc"
-                + "a0537c4fb20b11fbaa0dcb479b18d79007fa1ad2bc2b16f11dea199c0542f026e34f136d"
-                + "a017874f58ad3e1ba48ad5c173b97a70b0a5242f4643416d0b4afba13d0c0ec334e76138"
-                + "7a787718c35db2c635d30c7b475e28e33e3afee773c599636d76b08c13707ffe390c2ad1"
-                + "ccff152f6dfa9176cb1d4dfb7effc7b98488e664e52c0217ad34ac9f18dce1a19a61f6e5"
-                + "31b378155f7b036882bc0bb338050bb8d57e124ef3d70b88ba4d82d1b70b7597462588d7"
-                + "edb5a94d19a39ee73bc4adea9f269008526b1b2945137dc660303cca7d38f40c4aef3e48"
-                + "c509a7e4149324832e09e9b943ec43f9b18facf6b91f9bc292496b0a88baae59e94eca7b"
-                + "560111d80be1eb0e279402db9847965db6a790522d605e0dcbc0bdc5908e6b8f68015582"
-                + "713d9e5ba75fcd2c926e1c76bd9e929d72615be75d044f55de47c604ca8a2929c635b23a"
-                + "e361264ad9e92e701b4133e4a4e3de9892066c699df6df836e1daea7fe1618261764d28d"
-                + "d96037347c4b1573354b78f8a5e315f7ea4b0c388dc3c25e286d5613a83616548e847cc9"
-                + "d356178f432b348eced18dfa43f7a29d03997e4d5a03bdc454a66d901bba01bbf99faef5"
-                + "a0d10f55fc24d4608e92150a5cc6f1fc94239c3781cac1fedfd490609b9017d1712ca97a"
-                + "0c31afdf00722333fd8dbfd197b4fb2fc521f4ca8f27e3d27d138bd880a0d52c62b24204"
-                + "aca927e5a5b03d523889ab9af5ea87d633d641715104d8e925a61250e07d2e102c52ba80"
-                + "c0d0642ae21ac66d00c6591dddf2335704b10f331aa3c3c488900285cb2abf93f4553ce4"
-                + "e88d9ffde0afec35663f03e2779a8ff5ab23807f8da6354b6edf5134a605398068a071c6"
-                + "3b4ee493a23105c3f6d9fceb477198ddaecfc4ea69b07b32ddc7ebddf910de9bdf8b6c9e"
-                + "c249d8c1ac193b2bc5f11787bfb7b2bdddc32086ffc61d5b30c9df5c0afcdceac1171a9c"
-                + "1104141f57ed63483a9c37f69d97b562cfe20c377671bb5399e63946578b059898d93f12"
-                + "ac02e6457d215aee32de1e299eef16980b908ac956e909291c26b96f0fc30b7cad1659b4"
-                + "5eb9a96e61c1228f3830451c46495b49557a6c2c84defaf3aff36d5f83f45d903893b059"
-                + "6739776e2f619644f65ecade5eba2d47c0f4d6ff83cb37516285a6367f93ff7f51199db0"
-                + "9f814e363edd1a0c499b61b07a1ac9cdf31321bfb6444a82b0ca889596a233822d164678"
-                + "60aaef0287eb6cb30cf8d8ade0750edca071ef611ef59cfa5ed322c6401bebe646e92525"
-                + "e04c677a2ac6e4bcca8649d98f4cdc4049cba4189fdb4f6d3b302bae2509c24fb1dfd023"
-                + "66a4f3b0ae9ed3929d5ff53cd2a52f79fa5f760def0c3fabb7ad29015630a1db7c94902a"
-                + "355f9253b04b27b37d4032641359b8a2af4873a00935af24b3581eb876dd5b5b77d33362"
-                + "4965d9f111a418c6d52d27ec077bbb6e4af47c30c1af88de18e78bd12ddec4ac95441d6d"
-                + "250beda3d00c5749297a9d9eacfceeba57c702b40dd689c97f814d875d7801467a116c18"
-                + "fca3f87d29aaf7d93df441326e915dc4fbfb998a09210194b83c0f5c026abde5ddd84fe6"
-                + "fc0dab52f913aa95e18a17b57076a45c43d462618801a2a491188b8669456b13b5cca4a8"
-                + "af9743edded05454a6f2daeb25f427b0e869f93b930598cca12cbbc0c76934a7ca189086"
-                + "447bc98efe77fdc451ceda5daa59f46163978f066cd201264cb07e5a4b060932e908a3f3"
-                + "f50dad32997802ba09d260e5d34ad736b0fa071b56e903171e0b6ef7a315d3f707e75813"
-                + "de262e9fece391ecc13c75b8633fe450535d8f376f047f3cfb95d8236110acf7f634570b"
-                + "adf7fca12fc67597993efb142f8cc1b4155a12e589b8ef4751ebc79ac76dc3081ba98b39"
-                + "ea862d0acc43377608b85234ca37518f77b5f95f4f0c9df443f29241bd37e0c5b2de872c"
-                + "4820e080cefa55222c4bde0b97064f25f1a1bb22ca5e6fe46ef570e5967717acb5022ef3"
-                + "a16dc33eba4e9fc073307af3d5121721b04958c15015ba717ba0ab7cc9f8d09478cc1ffd"
-                + "8a95ef7588cf0913d4962e19c20bb3eef063df0f8742316ef2e716fc1a07cdccde9f65c7"
-                + "f96ba4905c10f1be509feed93ca9c87fa25e69fdc9bd9a65645ca88959fb9f192d9a051d"
-                + "257762670019ebf83a822061770261e5d853366480f9e78d916bcfad408296040036d8ca"
-                + "110f1aec995b3a51e1cee2c091c42d822bb58e5030ea544ba3e654635a3f6852f10ab8b2"
-                + "0261abd29728386b7afa1c90b22f501c2a56791290c7b4cfa45f00e6e5cf9290615f5662"
-                + "fa14721f4bc39b5f1d8cd26e48eb315bdddc0ded1761ac2c35fd19e6c6b5b09934203001"
-                + "0c359c602d884d5bcd1fef0b767f48007466fc5de7e75edfbb0d0bf5283580806a1206ae"
-                + "56ceb33462d73f7963d59ea39a1573b68077b374c78c7f9c2e30702a702de89eac5dcd30"
-                + "7e4c15b5fcda71999717c4a62ce39d5c8f0d64b04432db805e6fb1eea5bd80f24cc16ada"
-                + "944460f6dc7b87388cd35d95b31c556ae2fb3e38adc976bc0b0cc57195bcc5716da47184"
-                + "3765cf56463c5dc60545980c3e875bf34b0161d151289eb40ce4ffeb622289f875e6c772"
-                + "e36bbbf4adb0219ae5a57d3e538c99aed9dfe25996933982b16edcdda63b2224ee328ddd"
-                + "7c553973dd179fb103214f8b7a2ef64be5cb4902af5d1ac34143789c1b22334a94cd62f0"
-                + "c564540b622a4fe64f351e9f0bdc38cf67cba390a89b4f31122c2af687621b8e73564fdc"
-                + "55b1f47d726456a5d680da5d190a6964b75d22cfd2a1811e122da4b13d418a23d8516c00"
-                + "ab43258ad1a167c4c646086a393453a68a7d4ed728390c3668fbd5a3249f3abfea61fcce"
-                + "739dba13d7f54452710ba93abc3fe59521e6b51f75c6c86eee2b802eb91906a2012ea2c6"
-                + "10cb6ccce1426ca387cfeaf5adc58f8efca2be5c879c4ad7dd5743cddf055d2ba7d5b21c"
-                + "1bdf99b0764db277c009f4a74551c2439c3077a622cdf71cca3c50c7566672dada194a80"
-                + "b87b61fc9a9703516d05416bfbbf8efe8b851274b4aac21ddebe08b59cfc27ddd09e62dd"
-                + "2c204ccd41e7e70439f14c04c301ee12510829915cca471281aada72bce316db43b300e0"
-                + "db02f2de5c5b983a0865ef040e07bda1abeef8aec9dd35dd1f0d682c74143e4975a8ad2d"
-                + "47388bb11ac712b0d497333a2f7d8a1f8c592fed73cfeb44608395c961534b7553071d5f"
-                + "5a8c5ff577fb9a256e3730d523eac6802c2b3ac51dbb3d99e9ef82e9a665574284f20e03"
-                + "eeae9bca77304aa9bbdbd0e5a8918079110cab6f360b2cac2bfec486f0f4fe243103d76e"
-                + "4edcdb6a45bc26d1fb1ef7b27f8fd186a51ec05afc9293e7dceb7115e3f5d704c2e2a97a"
-                + "41a4d0e020dabf71c5eb383e48afa92d92ea6ce6a0a49bc03b51bf16054d0edd8949a989"
-                + "774021e2a33c6ff3bfe2d27c30af475af7824feffea8504c344fc53ca7be12486a14bf29"
-                + "a1ee7411e5fa9c30d1e7087b3de8d66cef6961f0a8aec5d9b2028fa7b616a67cecdad5e8"
-                + "7c336692707a977667c466dafd5ca9fbd4d82a95b8fbb290427012cade518643d4bf23a3"
-                + "bd3bd03fb6764aea2d67712e6d9037865a73b30c39d73ad646c20bc7ed12d3665d579dea"
-                + "7fe535ac2a793ad000b5f24bc620262757120cb5a5327b9528bffce4a1e4424cd6d7f476"
-                + "3d32f39994fc1354a951403c4c9661652204c54339b86b9e0a3502061f46c49ed270640c"
-                + "0592bfeb3be8e7ce46a88794ba25e60472824ac99b1811cd45cbd5d318fe142909d8a650"
-                + "697d17fd9d9562ab9490a0505be9bcfe7ff076512e9a59e82d0158a5651718d3cbfc6aa1"
-                + "350ee9f5a3dc92fdb3c47f455b837ede08ff887a13932b99caae20cf3454a93c9552d2b5"
-                + "76090a3732fa060b79114a25b7a76dca543a2dc6196c036c3fab400ecae7f60db7445495"
-                + "1470a9115458bbf66249435ffb072c1337590f216c66fac68a4ca8447b74f0369ed495f0"
-                + "8cb47f7e2a35c9f3488e986df8515f6862ed088cd1664aee5e795243b5fbd97a0e9b02b4"
-                + "a717b6a465dece97bf94eb051f005c4c6bcac464cc2eff1ef76d0354445e3e6c73e265a0"
-                + "d8678b9d03c7d7297ecbe05df1b6c1976f0149d3fefd281be6e7b2ff4417807f98a915fa"
-                + "2f547ac1e0754e4aed029f537ceb73ced97dfb64d72310c1aad1c6813309cb7a5ba9d9e0"
-                + "a680d03b485deef17e6bd6b37d68b735729a4c2b6cd9171247b9e83f34ae2bdb9b8281d4"
-                + "4b19a3a16bd435de67d279cd409b49be9c9cabef9c33369e276a1fa877aeb617c158b5a8"
-                + "1efb72a2560d0d5d52f242429aba494341ff666d029a81b73851a3a67bd472ac45e24650"
-                + "5501f6ef3d96fb4d79bb7db21c736f931bf8d587d67e52ce0d006146130b3e8b420eff80"
-                + "04345d8e4c6aa225f93eab381eb96b6d98329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "2f535cf82959171786811979ba0f1de0c7083d6e9ec6b12847b9e1a5680b8a89f84dfd4f"
-                + "f5f72c06b1cc9272fb69ddc7f13a646303f5c69a54e45cbc50c0f14fc2784b045292a241"
-                + "e50702cd1a8f3f3e4c16f8ba2e1473baeee96494eb59cf4e9759cf91821f86373f185f00"
-                + "4fcc4d3e1c7e4ff037ccdfb54bef431f5a59d1f039e2a6987345c29c71e07c648fde68c5"
-                + "e76376378b7c315c1fcc7cbb3b82fbf9c47c58700729110a3e25f47539dd51250e2194b6"
-                + "dce4b2d5252abc3cce279effb0af45ca5da69a5077234afb1a9c8d1d53e6b9f187b6e945"
-                + "b5ccd270b59c06ae33d1973b2019db39ebe80ae603b83f3197900631b9e0fa43cc6f0f58"
-                + "0b0c78448291fb82c0aff788cb2202b1d343d30cbba61c27ecb06b8e76272138c0480fb7"
-                + "973e9aae8a25992883955c2c9ccdf3c1a77f8f842ddd1494a4c5c1f6633a1388b04ad1e4"
-                + "aec668d41aef4fc6915fb996855e399636c4ac111d1e72ce2016989d35f22df7357e36bd"
-                + "d3dcadb6658aea1e9114c94f2094f95ced96db9df9c1d19607c102f489cc5f02abd3769b"
-                + "29449ba792eb010c7473a1faf6783e68b83595c66edd8802eb7f7cf1a6243a94649588f3"
-                + "90f037ecdbed1c74c2e88ddc14f75c454640e50ea2f409bf617ed96eacd44e6d43339cf9"
-                + "bab4cb8789b4dc551ebcab52524b5ea03a4e4cb2a28ecf34b3e75dcd7561e279fd4a3e37"
-                + "499ab29e753e86468d00f2268842e8dce21b4588d56f78d87a97d189b05553a80060dc75"
-                + "3d86a0dc448915e764921f337325b5f7fa0e98b81c0d65d97c6857ec0cc75387cd9e8236"
-                + "d53bc91c3db275ef75d79f49cde5b209a96d48ca44635f38022628a307daf7d9c4cc16cb"
-                + "ea074da62e9fc97ce2a337feed8d25c5e5125512d467af34c98d0e32f8842fcbb3acbe1f"
-                + "be8713786f731efdeec117aef42643bedc5b9bde2f3b288a4937217c05463253069d3301"
-                + "be4ca7a2883f6b985e77e25de40f46f4714883fdc41481ef55124789538ee10d5c1e7c90"
-                + "294dc6317337f14b0a15a493b82d2f918cdb09e2015ec560e3e1d5c9ae39faaff8815e83"
-                + "8171edad66684026a46c1417362ed89eb5ee6594b87eebc522aec52e81856a72be8f99f1"
-                + "4ed3d2365cc5954f4b35a181d7c0dd251f2aa3cd611d2bca7f0045a9d44d9152a849c3c6"
-                + "cbff2a0b2110efff9b4d335fce3e1026023b31909d2b22ac9ccc2b47a52608ba942369b5"
-                + "189b0c3936c23a1b10ff0e4b3c7d67fe8c94386c1c43d2b49b623b561680ff9ae963acfb"
-                + "28ca64aa22ecfe37afb4f30bcd3ff1e1422077794ed989864e36e2ae686cbb1c30154d40"
-                + "07ae500ff8aaf32e722ee266841222a00cce8f98585f196ad63102476fed8aff61af5e5f"
-                + "2cd7d8bdaedf45e0cf20b340ce5cc9af6f3b5b85d0446a110d1894d2ff0eb48a3d8a8258"
-                + "f18f9f2283940f695de56fe14692eb40a28a1e0067e81d67b9e247bacd73f76f88f702b3"
-                + "e313e26c2b76136a0c02bba2eb80f060aeeba71753c37f08e66d4a348fa4a91a8ee7bf48"
-                + "893e7c14801adebb11bfe445afb9c2f27dabb62f2ab77841a3f3bc1ecf0ccc73cfdae400"
-                + "5a4cd8419aab19470a64508d9726ab8adde326f009853d4d986572ada479937611784c55"
-                + "5b8ce68fbca8af09a476e0231d50d8237437426891a630b0ce9391aaff2bd905d46106d4"
-                + "2e64db9ecc551c63c34c3803783766bea2a9c6cdf91c65203fa87d11329d1dde05b1c16d"
-                + "59610e842712ade6692d796fd7a861d37af6e097f8fa0f291a1b94cec92e5c6267d91cca"
-                + "29ac31460f45decba1ca21c8d81b3d2d473d3856675b932de5545751317189905e703bc3"
-                + "69ecdf83e01785dbc463f5b296af31e935146b36a76faf15d6c194e0f11ce13731965dd6"
-                + "052828602cb1ba8cc340fa8b6cabfabb819aab0481fc0fa7b1be844c9738f6a16e0ad2e5"
-                + "1609fdcfdc412ddec4e8ab1d10e8ea4984d13e44c60bde906936f55735925b27dae549b1"
-                + "0604c5b119ae1f2fc66fd72b87e5bb2af592c1238908585e021b97a5d48e5592d9369cee"
-                + "6b6a86820961e177dd0e78ea5e73e789a8d26e2cfba0b0cab1d1964011dc3c39cf7d35a6"
-                + "c451a1f90e0ccc257909509fb4eaf8ff82d2b1946a3c6ef054e094b0c9dbf8e6b836f4a0"
-                + "c2103407eaaf8e8ad1b7e16098ba80c1bff2276b8800814f23ac346d63696c0247978fab"
-                + "01f358168d0fdc718d068193a2708745682ab0f29fbd1c35c38bdb8924fe625c54f9e1c3"
-                + "9b08f0178a1476679c59fdb36a81267c1929f915157353b5b01bedba1eecaa447e93ab72"
-                + "63d24ed67e4a94934fe4dd63a6ec41730b1e42f7950f3750a62cc94bf6dcb72add306161"
-                + "a188c48db97a410035d28c42a24bf6137a56a1b6d04c02d9952f8ac6008ef890ea5f432b"
-                + "67ac498954d220d2bd5e930c8c6de9bf830b4e067b1e932c881275dbf683f6b32e0be3ec"
-                + "59d582961a8d13d16a9b8da27b634037624ae948177eb704239cd18a366e27a99c22663a"
-                + "31342d255ad3b51062ea14c5803941cad125bffb5a70dcd82f0f9c723882b27ffd16937e"
-                + "24a75087de4cd4eecc494e88d1388a3291f5b2fc69434bf54acb8f7397d461ffda0a83c3"
-                + "66e3a22ce0be8168daefc0a5dd6c58a56b63572b7a780dfbae8232959439448afc38a56a"
-                + "44f295c692fe5ebe5405263dc617f636f07acebaaeba3290272f83a907eadc203b16f405"
-                + "b6b95070ba42679af1d848b361c3c6a61043776a3524f4e758c8bed6770811e67adda167"
-                + "e1d33b7acae6c2fcbfc2633c1f502cca061f23466463bd9e81edb12ab347cafc0040e923"
-                + "5302d1f8e65a4f20f3d61d1626dc419c9f55533882ab1c38e357fad85b24c6a52c73b880"
-                + "53afa5fea377ba6da57c8c7fc2f9777bdaee7d43ba4f5f02f5ff5016c27e526de7620bf2"
-                + "13fa679dd56351a8cbff81a23e6ee30376f69280b005540a375dfefe0ec78e9994112d65"
-                + "c25346b1b239708f62e48babe0b856b2e939abde9f46919d11a9f3daf978b55fae2384e5"
-                + "fc9ba1eb835750c947166880bdf85c15834b25194892220248657036d6fb2897b70ec185"
-                + "c85cbacdfcaa6243507156166c50508c2269043ddaddbd2952390536e85590901cc5e8e7"
-                + "824025b42a20c3dcff4ffb9bd11ac9cdf31321bfb6444a82b0ca889596a233822d164678"
-                + "60aaef0287eb6cb30cf8d8ade0750edca071ef611ef59cfa5ed322c6401bebe646e92525"
-                + "e04c677a2ac6e4bcca8649d98f4cdc4049cba4189fdb4f6d3b302bae2509c24fb1dfd023"
-                + "66a4f3b0ae9ed3929d5ff53cd2a52f79fa5f760def0c3fabb7ad29015630a1db7c94902a"
-                + "355f9253b04b27b37d4032641359b8a2af4873a00935af24b3581eb876dd5b5b77d33362"
-                + "4965d9f111a418c6d52d27ec077bbb6e4af47c30c1af88de18e78bd12ddec4ac95441d6d"
-                + "250beda3d00c5749297a9d9eacfceeba57c702b40dd689c97f814d875d7801467a116c18"
-                + "fca3f87d29aaf7d93df441326e915dc4fbfb998a09210194b83c0f5c026abde5ddd84fe6"
-                + "fc0dab52f913aa95e18a17b57076a45c43d462618801a2a491188b8669456b13b5cca4a8"
-                + "af9743edded05454a6f2daeb25f427b0e869f93b930598cca12cbbc0c76934a7ca189086"
-                + "447bc98efe77fdc451ceda5daa59f46163978f066cd201264cb07e5a4b060932e908a3f3"
-                + "f50dad32997802ba09d260e5d34ad736b0fa071b56e903171e0b6ef7a315d3f707e75813"
-                + "de262e9fece391ecc13c75b8633fe450535d8f376f047f3cfb95d8236110acf7f634570b"
-                + "adf7fca12fc67597993efb142f8cc1b4155a12e589b8ef4751ebc79ac76dc3081ba98b39"
-                + "ea862d0acc43377608b85234ca37518f77b5f95f4f0c9df443f29241bd37e0c5b2de872c"
-                + "4820e080cefa55222c4bde0b97064f25f1a1bb22ca5e6fe46ef570e5967717acb5022ef3"
-                + "a16dc33eba4e9fc073307af3d5121721b04958c15015ba717ba0ab7cc9f8d09478cc1ffd"
-                + "8a95ef7588cf0913d4962e19c20bb3eef063df0f8742316ef2e716fc1a07cdccde9f65c7"
-                + "f96ba4905c10f1be509feed93ca9c87fa25e69fdc9bd9a65645ca88959fb9f192d9a051d"
-                + "257762670019ebf83a822061770261e5d853366480f9e78d916bcfad408296040036d8ca"
-                + "110f1aec995b3a51e1cee2c091c42d822bb58e5030ea544ba3e654635a3f6852f10ab8b2"
-                + "0261abd29728386b7afa1c90b22f501c2a56791290c7b4cfa45f00e6e5cf9290615f5662"
-                + "fa14721f4bc39b5f1d8cd26e48eb315bdddc0ded1761ac2c35fd19e6c6b5b09934203001"
-                + "0c359c602d884d5bcd1fef0b767f48007466fc5de7e75edfbb0d0bf5283580806a1206ae"
-                + "56ceb33462d73f7963d59ea39a1573b68077b374c78c7f9c2e30702a702de89eac5dcd30"
-                + "7e4c15b5fcda71999717c4a62ce39d5c8f0d64b04432db805e6fb1eea5bd80f24cc16ada"
-                + "944460f6dc7b87388cd35d95b31c556ae2fb3e38adc976bc0b0cc57195bcc5716da47184"
-                + "3765cf56463c5dc60545980c3e875bf34b0161d151289eb40ce4ffeb622289f875e6c772"
-                + "e36bbbf4adb0219ae5a57d3e538c99aed9dfe25996933982b16edcdda63b2224ee328ddd"
-                + "7c553973dd179fb103214f8b7a2ef64be5cb4902af5d1ac34143789c1b22334a94cd62f0"
-                + "c564540b622a4fe64f351e9f0bdc38cf67cba390a89b4f31122c2af687621b8e73564fdc"
-                + "55b1f47d726456a5d680da5d190a6964b75d22cfd2a1811e122da4b13d418a23d8516c00"
-                + "ab43258ad1a167c4c646086a393453a68a7d4ed728390c3668fbd5a3249f3abfea61fcce"
-                + "739dba13d7f54452710ba93abc3fe59521e6b51f75c6c86eee2b802eb91906a2012ea2c6"
-                + "10cb6ccce1426ca387cfeaf5adc58f8efca2be5c879c4ad7dd5743cddf055d2ba7d5b21c"
-                + "1bdf99b0764db277c009f4a74551c2439c3077a622cdf71cca3c50c7566672dada194a80"
-                + "b87b61fc9a9703516d05416bfbbf8efe8b851274b4aac21ddebe08b59cfc27ddd09e62dd"
-                + "2c204ccd41e7e70439f14c04c301ee12510829915cca471281aada72bce316db43b300e0"
-                + "db02f2de5c5b983a0865ef040e07bda1abeef8aec9dd35dd1f0d682c74143e4975a8ad2d"
-                + "47388bb11ac712b0d497333a2f7d8a1f8c592fed73cfeb44608395c961534b7553071d5f"
-                + "5a8c5ff577fb9a256e3730d523eac6802c2b3ac51dbb3d99e9ef82e9a665574284f20e03"
-                + "eeae9bca77304aa9bbdbd0e5a8918079110cab6f360b2cac2bfec486f0f4fe243103d76e"
-                + "4edcdb6a45bc26d1fb1ef7b27f8fd186a51ec05afc9293e7dceb7115e3f5d704c2e2a97a"
-                + "41a4d0e020dabf71c5eb383e48afa92d92ea6ce6a0a49bc03b51bf16054d0edd8949a989"
-                + "774021e2a33c6ff3bfe2d27c30af475af7824feffea8504c344fc53ca7be12486a14bf29"
-                + "a1ee7411e5fa9c30d1e7087b3de8d66cef6961f0a8aec5d9b2028fa7b616a67cecdad5e8"
-                + "7c336692707a977667c466dafd5ca9fbd4d82a95b8fbb290427012cade518643d4bf23a3"
-                + "bd3bd03fb6764aea2d67712e6d9037865a73b30c39d73ad646c20bc7ed12d3665d579dea"
-                + "7fe535ac2a793ad000b5f24bc620262757120cb5a5327b9528bffce4a1e4424cd6d7f476"
-                + "3d32f39994fc1354a951403c4c9661652204c54339b86b9e0a3502061f46c49ed270640c"
-                + "0592bfeb3be8e7ce46a88794ba25e60472824ac99b1811cd45cbd5d318fe142909d8a650"
-                + "697d17fd9d9562ab9490a0505be9bcfe7ff076512e9a59e82d0158a5651718d3cbfc6aa1"
-                + "350ee9f5a3dc92fdb3c47f455b837ede08ff887a13932b99caae20cf3454a93c9552d2b5"
-                + "76090a3732fa060b79114a25b7a76dca543a2dc6196c036c3fab400ecae7f60db7445495"
-                + "1470a9115458bbf66249435ffb072c1337590f216c66fac68a4ca8447b74f0369ed495f0"
-                + "8cb47f7e2a35c9f3488e986df8515f6862ed088cd1664aee5e795243b5fbd97a0e9b02b4"
-                + "a717b6a465dece97bf94eb051f005c4c6bcac464cc2eff1ef76d0354445e3e6c73e265a0"
-                + "d8678b9d03c7d7297ecbe05df1b6c1976f0149d3fefd281be6e7b2ff4417807f98a915fa"
-                + "2f547ac1e0754e4aed029f537ceb73ced97dfb64d72310c1aad1c6813309cb7a5ba9d9e0"
-                + "a680d03b485deef17e6bd6b37d68b735729a4c2b6cd9171247b9e83f34ae2bdb9b8281d4"
-                + "4b19a3a16bd435de67d279cd409b49be9c9cabef9c33369e276a1fa877aeb617c158b5a8"
-                + "1efb72a2560d0d5d52f242429aba494341ff666d029a81b73851a3a67bd472ac45e24650"
-                + "5501f6ef3d96fb4d79bb7db21c736f931bf8d587d67e52ce0d006146130b3e8b420eff80"
-                + "04345d8e4c6aa225f93eab381eb96b6d98329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "309fee5c1e2cc2cef7b5a4797fbe6a3da2be901a4ac73af521ed419ffadc5d10ace0de7d"
-                + "20d680a4cc3b930d021cd107f900dd335897c24827e47e31bc8ec9d0628e3beabf160bee"
-                + "e542a20a1c6eef06b31c0ce63341a32281ec045befb784b6e24db918778d44138e54e3e2"
-                + "c33b8c350b387118880d0fa20bae46ecfd177740d577d95d6271d76bb68fe0205badaa73"
-                + "d4ac4a0e3f75e61da1da2e1e37a133f378e6c4f1ec03460788140b3fdf8de15e2cdbaf65"
-                + "c7ee820a5e6766815c6c3f0e558e1484b000a88cd2331684b717f824494693f8dc188568"
-                + "119f1516834912d83c084b091733c8dc449846a48973e8f44137c99374d2792b2bd74241"
-                + "80c56cd33cb815b9217b37752adee64dbeb204e542709ea6e15e2df867a368e6d5ac5ac0"
-                + "a48511164db33e1717bb626b01cd2d2ae5b0940dc3870be595a8732daaf3962441b778cf"
-                + "7f4e876c8fc32e87769b230d59826306ece603ceaa4ca25747c46ee41b0c69dc8cdd69ca"
-                + "c23d463a9c4341d3b5e6a7718299c0fdfd72746c46d8f2fb2acb1db7f8de60a124ff7cf5"
-                + "3f006ffaa8f0f2b4926e9455a47bc371a11e19399f956126ad4d7eb007dc9f5a4429aebc"
-                + "7da515236f0311f40cf7d0bc5a570047e9610c078de3cadc301c0665a59bd290ade578cf"
-                + "400142f7d6b8e447783a0f96cad5809db3226a80b09e9e448fb91caf4d91a8f955b2e923"
-                + "3df80017ecddbc570b63dc75473c421f09bc49a37a08b8c72380828981976a1a93aafa30"
-                + "073a7dd068332aad496241fbeb9d73c3279fed29a8fb527eb5ffa762b63aeccba8af5972"
-                + "3bb01aab70a48c478898d21be15e64ae3bf1c706d63a6251ea2c9f20cd111f2d923743bd"
-                + "a51cda858bb50ead68722ba46ba52905a84e5a04957dddd9009674705e6aed7d886fe038"
-                + "fc5f227db6bbeef59aa06741c73ab27131c04708b57477a8c303dc68a08f0f1e1b05cc25"
-                + "821f49c4d6defa831d90923da9206a1cae4873f0651d6aa09881c8d1b53bb0acd24dd763"
-                + "bbf48014d178c73e38a3a77ef89be6c5b5121bada30cba16cbb0074cb4080cf2670fdead"
-                + "f774b6f862a047122b9140c6c4281fede1159a3bb7ef6eec308605cce104b1acba2c865b"
-                + "cf05b7f2b2b5ba403d9a81c5fa3cd93cba798d6541a7987930c515213f45bb16c25dd356"
-                + "b8b906e606d02a4d71bf99847f1c7765435f05e7b6746ff56c583b0691bdf434ebb896d4"
-                + "2abacf853ff5dc78583b8d799284c869d373cb9be85f989ddfaae821ccdc650088a5e303"
-                + "3bae2893148473be9ed329969e5bad3352991e74faf15a4062f7de8d248375a49b626edb"
-                + "51ac9196d91ff330c17fb4a32cceefddb31e6076f272a82e584be63c33dd8105391bc4ae"
-                + "816d4bd284f62e053c63867011e55f4f514125e255910b902a3f767eca6f01f4fb077a08"
-                + "6f6a4be2f15313f6c38faf6ab1b9687c031161758fe67cd5dbd559f603cdcc74043d3458"
-                + "f9a3c5d5e110892d99490d265a21a5101a3a406825fac120b523df9e1347feeb911d988c"
-                + "af96e0b21e3789fc86b5ef3f8e797cd76d5f4cecfa51fde91b2d2c3073a20716b969f4df"
-                + "25cc1a8d6640f0283111623b3262e62b11cb9345907775dd3a0db27cfc3d4e4446410cbb"
-                + "1e42be95f592f698f4dca34b4dab324248cff0c71f69c83a69f02112c07585ae38afec6d"
-                + "83b5e49945affc207d127683875fdf252daece5dd7dcd6e97181df7771cd8ef89d029165"
-                + "0fc4d4f1568d15c155f7c960ada659a58d58f7442fd85abafa2cbb3077f9f507889cec33"
-                + "37da4a58dd3da450339c1f072d6439b9a908a5e3e1f947faf567d2562bc44e95b2a7ab5e"
-                + "38cf83638cfbd3528222ace115e2456708c9bce986acfbf03e8b18c81e0b62b3ab1bd11c"
-                + "29b487f2a305a5fa36e0b2d8c003ee093eccedde0ac2572c8ddcbcaa60d05250ee4144b5"
-                + "22ab6bf8c4970bb7a828d7dd46f4335baf14f17c80a82f628affa3e45d10c0e02328570f"
-                + "adca943ecdabb9b41155e65ed71712c38d77a80ad5c1d5b52fbbca45f7e0889f6b118ba9"
-                + "e3bc769d9bc5950ac8fa469801ab5b16cedbf02ef4621cebbfe0f4ef31939334f8bd87f5"
-                + "0d9704ba447be0f283e9b59f665f2aff2d03dbddcdf9742ce4e48b91c8112dafb0c2cc57"
-                + "f130f8ca25db59d32618ac39b2412ff2cad3028079db762f9b4cfd70d6e94725b7ad33bd"
-                + "09baba332845073401007ec1dda4ec2bba97dae55471902067dfa8a904c2977750113258"
-                + "b873b10a467aa4a551c4fa286e3c0e425419403471a06392646381df3155e418588fc1b2"
-                + "c4f1df5099dc590ed4a5a606552b4e269ebdcdb1986a469a5111ca6a63384ae67c4604f5"
-                + "6765984ff3b4d4e9c5a3675f2fb0c3239d7b5ded049915c35d7fa293e0459a5399e7afbc"
-                + "1430e73b937098f714739b372f62610ceaad184e4f40ab2d7f48b7883f1d7b8e7d92be6c"
-                + "7c05ee3cec6ae37be9c934ae01be26939c673c10b38007640271db5e5e0b862a0babff66"
-                + "c120064edca4939f9a3724f43a8fa2e37d9c86836a43893c7486b1561a680e5f21dad8f9"
-                + "676535562af70d15b02ab5e38f974fb1d053f22fc138b335fc8630e905374e5290db8bca"
-                + "0e8a0925e309337a1753f12b0d8d7c087df190fcc7b42edb0dc2afbd614abc4b105218b0"
-                + "c3e7bbdc6318370633da5e45293d24a9eae6229fa098f51b714fee2a6c1e1e71aba828cf"
-                + "47d332e6bbdd51819a80ddee8613ba200c3e20f290e70e6532f44d1a81376940664a8341"
-                + "98e85d08b33b958510dfe7e0bc77a354dfa5560e1b289fbc9f5af73487db7f4c29a454ad"
-                + "5325612b10ff32b4f1626229fe25bdfac0cb8ba6462f16f633fcf11c2ae575b2c48ae242"
-                + "90df29b4de509280cf34ec200c2e140e4d436e9520c9f410ab5fb2cfe9a61ed0d3931b65"
-                + "b65ee6424236bf8e7b2724d36050e823bdba0db911cb80e7c6cf297b2c38a9df6a0c4ee2"
-                + "c3bf8c48a0911b872b9b34be40dc2e77c2de49fcf0c11f45f16523adac32ea7c3e8ae4ca"
-                + "b419e28762e448434359f0298e7ab23da3e24b1bbe8279409df5470c1a97b6e80d5c292f"
-                + "c7c62841f1eabb8e9656078589ade0bccc129cb899fb6e8cd4a6a76908c4d8ad3218d485"
-                + "d8c22e48c081b8adf29a59ef0ec3eaecf757df6b2eaf13ab35b5cba745e2f82af27c34fe"
-                + "075d1cc54041f664f3ffc6dc3c298007dccd60e431b9670c10124290c714e7dd079da828"
-                + "01b8db983df3f15497dbf3bf7279d360d2fff58170aaabc0e099206cc02c8ec699807d62"
-                + "4917501961868a52c98378648cebdf92f51d21dd8a1ec89925ef0e571f9e464e4994f1d0"
-                + "284562e005e2a53f2a64c78538e3d82a7a1c9f228c5b08b2e0fb2ad9707d0f1ac41cf90d"
-                + "aa704c96906eafce30002407d5f37a5c34f96e7dd9f92b1477d29e8df7030a62224de68a"
-                + "9320db6653722d6fdbdcc0fbfbda053f9c8f3b2c41765f2916c598035e4c1fd26d1c5063"
-                + "b7d80701e15f1b460987c55e4da30cb04f96ba6b5abb934e884cd489c4994b94de237ac9"
-                + "601c415159e5b4bf1c75b11c47de604f7af7b467c1849459f1ca2f22db77e2975ea99583"
-                + "3d2e395267727d0f8f77ddeefaf3df3ef12f0fdffc46f3d53017b8b0d6dc676d95a5d932"
-                + "7d35e6a7cad33cef87a620b27d72c92bffa26a0d7e8babad5d84a305455f97339f756494"
-                + "ac27670f37a703280d3761b7ea0ae37567bc8894cb1e5d3f3849652a3fc4a5c413f5d0d4"
-                + "2be847c87dd8b7bfbac6d77de51f00bfc81ddcfd418192bdee13843e03a699c52760191e"
-                + "0916523b13682807127e5142198686cb2dd8d0a03559383305acb12b899851d32d5a6af4"
-                + "d87368e8f7da281221cecf66ec2937e34df4f8ebacadc0717fe69b015ce4fa6ba053f912"
-                + "f1491daae582333c0c2c4d18d7f19d926d487380bc19db28d7d0899511858ebd00cc637b"
-                + "f56ded344517c9fe8e14723adcaab57d90d2958901edd47e8b4645b232c9a2c9dac8d286"
-                + "91b7be0179090354d13cff2a01dc9690656f85d0618558487b7c8fa738dbd17fd99bab9d"
-                + "8b21748e6b9b216f7d056788336bedf64449209445d5d103488b847d5ffc06ecf9548824"
-                + "e3c0cf5a84d5646dd55ca3e190cfbd7940e9b3201ce8d7911e14c1de47acdbfd10f02f2b"
-                + "1efd860e08e8cdb658b8e6c1c5a40349b720a6b267aa719df4cc6c7596e6897208881988"
-                + "f189c7806095275e8735bb2f62d19ebca995783d0eb936483b0e68930c31071a43f67900"
-                + "67f119336739ed17a2bfe8fa41607833d6194b5cc1900bf8d19601ba12be8473f836dc58"
-                + "83ff06e885f4eaeaaf05d59970713d3ffb8a972b29391d3bc31808bbced4c5af495f8286"
-                + "156a0c03aea18db2a60069bfc4d14df1238390e4dd816a6edf28ea1ca71cc2ae5d0a26fb"
-                + "b86a3271faf6cc8000765ea310ae979fbe377a1ff044f724cd6a389aa7c24e2f0aabc4b8"
-                + "d408ebfd92b2a40f16125fc4b7a5ff17615c0a50a3c83aa54de3ce8526e215a6de45a16e"
-                + "9d3d358b039325ad378c0abc2448a3bb8089e842fa848defa7ce4f2fab5e966b38830b9e"
-                + "bea02ab0a8225621e9c8ee8908e620ad020c058d7ab25003899c225d77aafd3c492622b9"
-                + "e8ae9f98d512667340b7972b4c840a7afcf7a75a4e176d8867f9fcc26491d74a7827762b"
-                + "3faa51599bcdb2c1bd2a0ca8b407f4b5525f144ac9ae9f7f5349d2832a6ff0bc3749b328"
-                + "8054837e16a910ba8d21ddfb547014b0820a971937087907e7b96f661caac4384fd44355"
-                + "ffecdfebb42c44c244bbd6a5729a194c241dafa0803d67dfbf34b81c6f55ce5fc07da966"
-                + "a688f304eec8f6d47d39c0eb0350c728a0b481999b9984f53d0b542c0654aec61b49b3f9"
-                + "d942d3644c596892c7f0e20c569b63fc2bb9fd2cc737d70892f3a73ccb7f306cb67fa027"
-                + "d162b87d23ecd73b5d0d53926ac0ba21e1bb25f63dfd22c32f71c1a7dc0ad6f3d354a260"
-                + "c139a88d386407b478ae8476e846aef4df07809680ec3d0ebe5382f905501fcbe5af86ad"
-                + "584e737cc018920c19acc39fd5e067279d72c19ecf80b1a6049715be779f730efe9d2cf2"
-                + "1692abf138b4482263b6db65fa00efe7fc1f92877cbf89a7d77315c06ff3fdf149e7f458"
-                + "0131fc88ed7a401e32f87e52c354fa100f343e5520f74d52c86e6e364499aa5b609608b3"
-                + "a4b2936a817f12bed11540f5561d1ee105543ee8ec48adcf4a78504478017f2cf110ca12"
-                + "7d689c5cbc0f80801b98e9db87c18c3dbeff208fa676706e989ec8472f184874cd72e8f1"
-                + "ab7e461f20bf8a9420b9892b4aa70f80450e5b0aa4df5335e4905e6e60608bf180cb2e3c"
-                + "06edcbc705f6707a4f9658e7d22c259202bcbed6947d4631a2064bb44d958e9d3e423580"
-                + "5e148f38f495102c17a50ed44193777d221e4201098882408cf2d5c39c558c8ad2e1af20"
-                + "349784f6c48064d485f951b5f3b2455ea10e4b4c49ae98eed3e0754420922643659f7209"
-                + "3d18647d2919b2e933202c9083c81872d4b12af41013d07cb6fe084581ff90d2c21fba51"
-                + "f20b5225b3c67521e85ef5b56cb4d1255cf117e78d154d9dc8a5a7ce1e076a03d6ed91b5"
-                + "ad76dddf5f98b760b505abbeb77a73d183b1baf431e95e7afe7e8a72e54dc42941f7734f"
-                + "f8569a59246245ad643ba8141aa293275e6b323d5d43f7edb6426fbc0c15a6186c5bb6fc"
-                + "7db088fdcaa79b81c076d95ffdbd011fcdc2d95c928a30781f253783e3bc116db85e3edf"
-                + "e69a227f799384e9f505226a4c02e941d26dd8d941bd4d2a215a9519ade4da4f770d374c"
-                + "368dcc6cbc7b4d11287bd2c7ec92ff844076c40e1c9c770e681bf1e09d1752d8625d3333"
-                + "6500a98ee375f774828445e7f88ed8b13bc7508e7c6cdf19b70381ae582dfcd2376ea637"
-                + "b89f1db62aab7154c79e59f104bbac1329ebb7f97d65185e388abd2e9239ae5b30358a08"
-                + "1c9ebdb9b35766fdeed7457079c4a86e7a4e3d809b0193ef03b5b637ea46b881d2abad23"
-                + "cb1b97a5460da4293ae41b46868a5aeb728ab8152882b75d5339d44278c75ef35e6514eb"
-                + "3670b237c6389c1f6b8f8e8eaf7a6988a299d4fc26a89bdd930a7f785844c9e8545e6dad"
-                + "410eeff9f09a68dce5fc13dc331f7450ee38dd9b30941e2c40358991ed394ea3c674042f"
-                + "0f048cb8c200e9b123adba886353e8e52220a4ec753e4e4b4d5648630c16d538c64ef308"
-                + "7f034f7fef5fcb18e183468429ce5e479c7d106149a07560a5a620ec4f5d378110ae30c6"
-                + "b010c42ce3c93edb0f2263c20de6bfa92bdea7206cfd1d981ba87e8221028ec449d5a218"
-                + "7509a1710d4f5023868c5ae4c0defda5183b7f4a289b00159139a3161253ffe47e77ccfb"
-                + "3ef8ee1119ba56b51e5c626de41f5ba197329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "314df91d9c76620d31fd9df274da9d6ab40fea389a0438c32ffd095a689008251f5e7800"
-                + "bf56cffbe31cd8ca089951a2d081f534a98f3e4f347336b30366e8f4c993bea94c0a78fb"
-                + "06c87a5ebfab7fb1b4463325ecad94d4add155300dce75e77b783a7c67bff5d6616ed696"
-                + "7a43e2b63052000f66007dfbbae8106879cb41580e616518ea83626825a6f3f76a282131"
-                + "5a1e4c0c3861ccfbfb19f8fa1724e6f2fa673d6389820a2e6d8c555d847a541de6af0483"
-                + "6a6705146a025e56121d51c9c7faca2526e83ed683226caa6cf8a75b7ad0b4a05ae0ceea"
-                + "d879d05b2692042b41e1183ef95707eb4c86a9141eb9399e48488fef1528e0a8a8fd476f"
-                + "f07c290758c1dbc06407b6707c4a908421ff6ce07e3d2fb14777beb13d6b2277585c7c4e"
-                + "6bc478f5e372d816181f40236c1b5b71a56d742b0aee603ca5da3c341d571edd3ee45521"
-                + "da43f2941d1ef089dcb71b293bb6df38b5595b789f53eed87359b8899baf2937f5bdb0f0"
-                + "959e1bb6b36769166dc01c115983e7113c53ee17cdc8d9d2b680f1531994b3c23e0d6355"
-                + "da0a11792853da5bd5d1136f51efcb75757bcb67aec78e1dc393c5cff04ff523a4c03037"
-                + "515975acfd42b95f3f8d58f49952e5b549cfacd37b8e7c10ed4e1fc52c26b4ecc9a9ca17"
-                + "be2465a990ba5c0544af9938bf9c7e874952c2ad3326f938f4f088042467441b39a1781b"
-                + "fbb8d2eea743c7d8ea367e5a0ca7ebc3234c78402637cfc5e2d3c97e964bdef6a56fd397"
-                + "9aad16cf5672eb3b1a505846d452c2ca0faddac75ba464763f279cd81451165f4c7e7f8e"
-                + "b749f14f8455c88eca24b22f55459f9d396e77d162274f8c3e0ee57576f08ae3d5dca76f"
-                + "2827a45e91a82cd04002e5f3d72be948d6db1046865968e6ba438bcd58dfc88989607ba5"
-                + "bae3fb62197faf7cef67fcd4367c63771c1ccde0d896bf056aa7c86a1f81c4137d57aa43"
-                + "7267e039f6f49a3bf92fb835e82fdb7460577d122774149ecd86b0b34d6d5ed19bd02d50"
-                + "fb7ae4f455136396477cd4356a011ae9a414cbe0f3de4f975c19047a246ea1e8605e43df"
-                + "7f5dc0380ca7e77bce9b2e3a5f7ab382dcd83e12b244bba20d90aa8ebf4c471e3e3b7473"
-                + "a60811042de7504b4518df4372e801eba9e7e80240320f4ab4c1595fce18860f9f0e926b"
-                + "11f5790f77b84c9cdfbba1b1f72ad666c214686c13399e005a709e9e50ce143d8e413de9"
-                + "62c5b6c3cdfc8b78aa93b303ee4676aafa9ab5daa87cc612ba2277af8333d0c64d69e875"
-                + "7972814c3ac90c4e3286f733c947135438d17b63e50ff91dd8f026c96fe33640e313b3fe"
-                + "fa7e1340419b2c57561c41ab828acc2373aacd7ca5d8ac5babed9dfc58204f43a6c5062f"
-                + "e710614dfc0524d0054edab65dcfcb43b3ba0591f5ff60df99eed5d116b8df350c4fb282"
-                + "9757a47aaef623796c6f2cc2e05cbbb8371d1bd3fa10a25403e943b302d9d72cde3a575c"
-                + "99bf1e73234d03b258f70297b83235f9ad8f79b6afdf4333ce650817c510bb243c0d6dad"
-                + "0d37c309bd6feffb8fd1dea6170c57ac2c76677045e822057199dfd3a8d8dfdfc17e5e72"
-                + "ca740ba2c3d0a17440774e1ecf8398a4d08cd7252da99cb660165a6b5bcaa64f6bf552cb"
-                + "38f89637eb300473b3364a2febb6ae3c52e4ec62b01374368d0f70dd4355ee819ae60f1e"
-                + "3990bb001f0b457fa33781fb6bf60acdac26ed021c528902fc9a5faddf0fa3ebce4083cf"
-                + "98070a864f7d299847a63b1cd6b023b8fc4b5e1514d7cf0115f3b77420de6e940ab7b592"
-                + "994010e4ecdf69a39cdd6ad79dd31d7a3b92a3749b9397c7a334dbf86663d31519e20b9a"
-                + "b9bceff43e4a1bb7ca14c90877120d7f331f01daf955868390ef915498f49ce81d04d86d"
-                + "ebf1af753c3844bb27cb2f18b27abfdd95606409da48e0672102f1e60fbce631903c5222"
-                + "b78152aed15707b68216cc7825a7f91565537e5c4150e64cef5b8e1b92c68d981c8a11fc"
-                + "3a4fcec354f094f8ffd80eca71d59418f3ebef6769e9457b142d524b5aebbd38c8123210"
-                + "405ec4354a7c7e89ec33152c25ce03bc0b1bcef29802875b8fd737b55e29a5a63f1510f2"
-                + "e58faace726edb54a27ba267156865551b16b971febec03c9042bdc9688513b640cdb16b"
-                + "eed1de56609564f55d7c2ce748874cff5affe8d167b4d908351b0182796fb95dded6ca81"
-                + "6ed75971e1d6f7a3ff841c48ccb886baeba8de6e573e5d63c871e81e6d22380bbe754f32"
-                + "546391a5a03fdb0123c8f03b5dec6f6840a9a2121a212df13b079ea331362850ca39bff9"
-                + "2806f6e6622aaf1c5af4dc045d750861bc5d3bb6351fe889e03b0d1f6ee362c32b9add1a"
-                + "4aebfaaee4a23aee7f7555b2959892bef1657c6a2a1059a17559447520062177074f990a"
-                + "3ce356c62db77f689931ded997f2f2033b634807bfef598f7e1152dd10958e18b4f7fb90"
-                + "b203e2063c6a84620b19f02593410c2aface54e0c5c0a29e70e938714a02ea907c85f6b8"
-                + "219db9c98495cb614e617e6ca17ea20effa3f25f8abe0291a657fdbb7fa7dba2068784d2"
-                + "8e38139c4f9f830386309e33e0d205719ae8a3c2763af493373430dfe1a57e3c91064204"
-                + "a095d3bbe421ca21985ced88c7793cbef38a54f8c93289183674a3aca4cae7f0c8148bc8"
-                + "0882d86fa0eb2cfa45031854f649814dd067bce19a5099d2bcfa83d3eaafe2dfc41dee91"
-                + "7290d20a4ecd2fa7d9ca71b80d7e446f6c4f0c89b8b390ca667c7f7985efe7241fa37c93"
-                + "18c03e246cf9af729e8a1dfcc83c85eb72abc6b31592f1e71afceb0c2c9aa5f6ae3fb3f3"
-                + "eb0bdd49d8313cdd54453d24557e21b4b7803803493f7489ba3a64d9ddd6edb6cf82e347"
-                + "8533b56bc7904c14046530a6656417b1f22202a32d31899f9473e152855ce0ccdc19552b"
-                + "c6355117752c3e8d915be991ca16591b3bcf921d8270522ab0ac93a29ae688d3ad105bbf"
-                + "f03412eccaed81e7e99de7bb90be6100404faf570d7f8a0514623df64f168d849abdc707"
-                + "ff27ab5ea5c1ffed66e7c3af713aa6eaf525ba9a4edf2e1b63408507a1bd933d43a617d4"
-                + "4b68a319704cc69a0b9c372e6e6c816363443aff799acaddd65a7b7dc17dfbdb83276765"
-                + "6565cf5682ddf409891025569bc3eaecf757df6b2eaf13ab35b5cba745e2f82af27c34fe"
-                + "075d1cc54041f664f3ffc6dc3c298007dccd60e431b9670c10124290c714e7dd079da828"
-                + "01b8db983df3f15497dbf3bf7279d360d2fff58170aaabc0e099206cc02c8ec699807d62"
-                + "4917501961868a52c98378648cebdf92f51d21dd8a1ec89925ef0e571f9e464e4994f1d0"
-                + "284562e005e2a53f2a64c78538e3d82a7a1c9f228c5b08b2e0fb2ad9707d0f1ac41cf90d"
-                + "aa704c96906eafce30002407d5f37a5c34f96e7dd9f92b1477d29e8df7030a62224de68a"
-                + "9320db6653722d6fdbdcc0fbfbda053f9c8f3b2c41765f2916c598035e4c1fd26d1c5063"
-                + "b7d80701e15f1b460987c55e4da30cb04f96ba6b5abb934e884cd489c4994b94de237ac9"
-                + "601c415159e5b4bf1c75b11c47de604f7af7b467c1849459f1ca2f22db77e2975ea99583"
-                + "3d2e395267727d0f8f77ddeefaf3df3ef12f0fdffc46f3d53017b8b0d6dc676d95a5d932"
-                + "7d35e6a7cad33cef87a620b27d72c92bffa26a0d7e8babad5d84a305455f97339f756494"
-                + "ac27670f37a703280d3761b7ea0ae37567bc8894cb1e5d3f3849652a3fc4a5c413f5d0d4"
-                + "2be847c87dd8b7bfbac6d77de51f00bfc81ddcfd418192bdee13843e03a699c52760191e"
-                + "0916523b13682807127e5142198686cb2dd8d0a03559383305acb12b899851d32d5a6af4"
-                + "d87368e8f7da281221cecf66ec2937e34df4f8ebacadc0717fe69b015ce4fa6ba053f912"
-                + "f1491daae582333c0c2c4d18d7f19d926d487380bc19db28d7d0899511858ebd00cc637b"
-                + "f56ded344517c9fe8e14723adcaab57d90d2958901edd47e8b4645b232c9a2c9dac8d286"
-                + "91b7be0179090354d13cff2a01dc9690656f85d0618558487b7c8fa738dbd17fd99bab9d"
-                + "8b21748e6b9b216f7d056788336bedf64449209445d5d103488b847d5ffc06ecf9548824"
-                + "e3c0cf5a84d5646dd55ca3e190cfbd7940e9b3201ce8d7911e14c1de47acdbfd10f02f2b"
-                + "1efd860e08e8cdb658b8e6c1c5a40349b720a6b267aa719df4cc6c7596e6897208881988"
-                + "f189c7806095275e8735bb2f62d19ebca995783d0eb936483b0e68930c31071a43f67900"
-                + "67f119336739ed17a2bfe8fa41607833d6194b5cc1900bf8d19601ba12be8473f836dc58"
-                + "83ff06e885f4eaeaaf05d59970713d3ffb8a972b29391d3bc31808bbced4c5af495f8286"
-                + "156a0c03aea18db2a60069bfc4d14df1238390e4dd816a6edf28ea1ca71cc2ae5d0a26fb"
-                + "b86a3271faf6cc8000765ea310ae979fbe377a1ff044f724cd6a389aa7c24e2f0aabc4b8"
-                + "d408ebfd92b2a40f16125fc4b7a5ff17615c0a50a3c83aa54de3ce8526e215a6de45a16e"
-                + "9d3d358b039325ad378c0abc2448a3bb8089e842fa848defa7ce4f2fab5e966b38830b9e"
-                + "bea02ab0a8225621e9c8ee8908e620ad020c058d7ab25003899c225d77aafd3c492622b9"
-                + "e8ae9f98d512667340b7972b4c840a7afcf7a75a4e176d8867f9fcc26491d74a7827762b"
-                + "3faa51599bcdb2c1bd2a0ca8b407f4b5525f144ac9ae9f7f5349d2832a6ff0bc3749b328"
-                + "8054837e16a910ba8d21ddfb547014b0820a971937087907e7b96f661caac4384fd44355"
-                + "ffecdfebb42c44c244bbd6a5729a194c241dafa0803d67dfbf34b81c6f55ce5fc07da966"
-                + "a688f304eec8f6d47d39c0eb0350c728a0b481999b9984f53d0b542c0654aec61b49b3f9"
-                + "d942d3644c596892c7f0e20c569b63fc2bb9fd2cc737d70892f3a73ccb7f306cb67fa027"
-                + "d162b87d23ecd73b5d0d53926ac0ba21e1bb25f63dfd22c32f71c1a7dc0ad6f3d354a260"
-                + "c139a88d386407b478ae8476e846aef4df07809680ec3d0ebe5382f905501fcbe5af86ad"
-                + "584e737cc018920c19acc39fd5e067279d72c19ecf80b1a6049715be779f730efe9d2cf2"
-                + "1692abf138b4482263b6db65fa00efe7fc1f92877cbf89a7d77315c06ff3fdf149e7f458"
-                + "0131fc88ed7a401e32f87e52c354fa100f343e5520f74d52c86e6e364499aa5b609608b3"
-                + "a4b2936a817f12bed11540f5561d1ee105543ee8ec48adcf4a78504478017f2cf110ca12"
-                + "7d689c5cbc0f80801b98e9db87c18c3dbeff208fa676706e989ec8472f184874cd72e8f1"
-                + "ab7e461f20bf8a9420b9892b4aa70f80450e5b0aa4df5335e4905e6e60608bf180cb2e3c"
-                + "06edcbc705f6707a4f9658e7d22c259202bcbed6947d4631a2064bb44d958e9d3e423580"
-                + "5e148f38f495102c17a50ed44193777d221e4201098882408cf2d5c39c558c8ad2e1af20"
-                + "349784f6c48064d485f951b5f3b2455ea10e4b4c49ae98eed3e0754420922643659f7209"
-                + "3d18647d2919b2e933202c9083c81872d4b12af41013d07cb6fe084581ff90d2c21fba51"
-                + "f20b5225b3c67521e85ef5b56cb4d1255cf117e78d154d9dc8a5a7ce1e076a03d6ed91b5"
-                + "ad76dddf5f98b760b505abbeb77a73d183b1baf431e95e7afe7e8a72e54dc42941f7734f"
-                + "f8569a59246245ad643ba8141aa293275e6b323d5d43f7edb6426fbc0c15a6186c5bb6fc"
-                + "7db088fdcaa79b81c076d95ffdbd011fcdc2d95c928a30781f253783e3bc116db85e3edf"
-                + "e69a227f799384e9f505226a4c02e941d26dd8d941bd4d2a215a9519ade4da4f770d374c"
-                + "368dcc6cbc7b4d11287bd2c7ec92ff844076c40e1c9c770e681bf1e09d1752d8625d3333"
-                + "6500a98ee375f774828445e7f88ed8b13bc7508e7c6cdf19b70381ae582dfcd2376ea637"
-                + "b89f1db62aab7154c79e59f104bbac1329ebb7f97d65185e388abd2e9239ae5b30358a08"
-                + "1c9ebdb9b35766fdeed7457079c4a86e7a4e3d809b0193ef03b5b637ea46b881d2abad23"
-                + "cb1b97a5460da4293ae41b46868a5aeb728ab8152882b75d5339d44278c75ef35e6514eb"
-                + "3670b237c6389c1f6b8f8e8eaf7a6988a299d4fc26a89bdd930a7f785844c9e8545e6dad"
-                + "410eeff9f09a68dce5fc13dc331f7450ee38dd9b30941e2c40358991ed394ea3c674042f"
-                + "0f048cb8c200e9b123adba886353e8e52220a4ec753e4e4b4d5648630c16d538c64ef308"
-                + "7f034f7fef5fcb18e183468429ce5e479c7d106149a07560a5a620ec4f5d378110ae30c6"
-                + "b010c42ce3c93edb0f2263c20de6bfa92bdea7206cfd1d981ba87e8221028ec449d5a218"
-                + "7509a1710d4f5023868c5ae4c0defda5183b7f4a289b00159139a3161253ffe47e77ccfb"
-                + "3ef8ee1119ba56b51e5c626de41f5ba197329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "320874fcb8dc9994f4df4a2aa37998a47a205b077d37bf1883db5884e8f90d7341cd254e"
-                + "777b0ee7241ce0ae3eee042c6c7fc7d9a28fd15d05844470767b3972ec05e9987bcabab8"
-                + "b31dcf2b6b9901e458aec7470c7804642bdd474a577736f8880e8a1bc1cb69fc40505247"
-                + "afd2ff5e2f593212521a9853900225abe6d962ecafdb8c3fdc97545de2ea474c290ff766"
-                + "b31d5883d51158cd7dd49a6e00e1a3aadaacde913a70cea960a4ed2658874f08793f08a8"
-                + "a476d3fa5c19af8395ffd525c0635418bb6f4a6294676e4efa561de44bc684484d03a3dd"
-                + "1204442b8b90df192e2cacd8a41fe5fe4835eafc607965b61de75bf9f9a4ef7708ff2cfa"
-                + "a6f30af90340adf57eea5ff9094f21c9dfc6d5f06c42039e8dc61d9d35915286effe7ab3"
-                + "db9c375bc024772798e13836e744159514c83acbbc56de22ccb2bcaf733f6f0691d2d07a"
-                + "290de613ebc5fa0db39078584a6f506e9fcc5f45a3132fdcbf3906e32abf064a113bf9b7"
-                + "5109d34418aeb70d8c2ec1e08eaa559f3afac55f49faea78e37b4bbc6163b7f9392b2488"
-                + "de06d493c495e9baa5cdbe662b78e50996f946278748864c9f36784d8c726323226cb0c0"
-                + "a38db3d8f8d036775ac026b8bf04688fbf1e0b520ce96df7450bb3e6b17b196ef079ba8e"
-                + "24e9bf6231b9d9b8e84d1b62252fc76bb3611e750dfc96d5007624efebcde1ab4b0326ef"
-                + "a4835067d62c133d141bb002ad7d270f160081b80191fa17da3ef8d0af809776849989e5"
-                + "d64a5679be20c6027cfd0159451f0d3abea77046e5407cb7019b682b6b5be39f624e7e98"
-                + "a8513701994e8d4a31552d8569d78ac35f35305a7ae327a78acbccdb784a2bde1ed81ab1"
-                + "3c6f6aa8762d0da7cb4f142768abf4eebb0b4be340220175cf2724fecbda8b5b31033773"
-                + "733c73089e46787a0610b1554681066779ba0897bbba48cadab026d1e06c636de3b864a8"
-                + "f6aab94e08ac5dd6dbaf500fa33783254f7704bd83272cf361fdf5f55ddecbb2ff085196"
-                + "d15a833dedca487de51ec3508dec5d34e2bc633af681a9be23fbf7f6e29e4e693fbbea80"
-                + "b3ff5ad7d8cabc4f025ad1b0f3630ad866be06e716c059af034b4e1723f6d9e4860ec711"
-                + "ee749299c5d83da242928c99fd66adfafbf3fc71eefeb313d3a0cedee00e44ea79ee4896"
-                + "bf0c4ed046ef86cbf543f62b995ce14c3ffada875efd1f5d3f00b341a44cb73a4e83d9a7"
-                + "e21074616ee9adf9f194ffeb7c826c4e0770733d5cda58ab58322180d767ed9798c0ca9f"
-                + "0f78cb0d6b872d0966c5befc874080e46cc3717bffb7d24551889d75fcfe0e7489b42280"
-                + "6abfc4322a26ffa58921b796ac583c09dca4a9d647dda7edb9f6725b0317989c7d76ba47"
-                + "dcb471dd796bad6d1e18e7b50c774298ee343de23cb4e186d26d8f3c2d5755674e814dc2"
-                + "3d81a892d55af912e8d29e9463f5a7ff0d526715c69fe2ace6ea24c3e77a01eb253f54bc"
-                + "87480afd3cf3b2ebaf55e52b5675f0799caba63a3934804a5b86b1cd8b8962e0d70d0932"
-                + "8f64a7b49eb63863695c098ee411843747e703820485cd65a814939452ff29b6aa080750"
-                + "e3a9765b4930c1123883d4f8655be28732dd1e3e65ea7878706b1e397e79f0a345e5c3df"
-                + "2df0630df76d913aeb05b335e9296c5cd0c2d9433e599050466b12af93ab07b5fec067a4"
-                + "a124ebe8664a7227a151c1a7257a24b2d34399a881328e1ca13ddacaf5c9aa3cf2e6a565"
-                + "d4a98e8b730c8163d2d0ff4e9d918754022456eb41a8d3613659c1d0e39facbef92ded92"
-                + "d973f031922f8fa8f70d172796ed153f9bb0d653484c9672c01264b2d92f6bdde727d518"
-                + "ab66bc331fdd7dbf9c34b2442283d60123e2931a4868c961aebb001784f58716b37db82a"
-                + "158609751bf6d39404fbc457acad24ec84b85a26e490eaef47e2825128e36bc8e031660d"
-                + "74118be8c0718f5b78a35f530e941d46a83eada2c8a5b4e0fa4ef4336f866744248246e4"
-                + "b2c535ad8f0ebf36f71bb5d458189bbb1066d532ce9a9e84dbe33ea8e814df2fd53b3ddd"
-                + "460b594d54a80cd1cecc1dcf2a48ab00cdb8b371923e667d625c8ab0eabed2d83ca51b9b"
-                + "19909dea6eb15efb51ef1db32089b07d2395834ed5bca43f8bfe21941f57362376ee081a"
-                + "a6a5a043db0a308b5b4b905c65c837ce508e9fe314ecd532970e0056d00fa76ee13ec50f"
-                + "d20731cb66a286a674fb7ddbe61ec14fd45a88437aa033a9b2123ec8d7ea00447c86bbc0"
-                + "53f553d9750c518a0310e5013256ec640ae8353597c54a054f079b24c73428546bd23ed2"
-                + "97bffaeb55d09ae2e9e02cce16d4dc5a386dc6072b701233d7a565dc9d2118db3b718ffd"
-                + "a5fcd236ffcb5f58a0d864e484ee7d72c02c9ce3ddc6d5aa8c61d5026d659cadfb5a9781"
-                + "84e7c47d9c4607a6ab0d8ffe48f91805ba3a9ccb4e7ca8971864f01eca98e7b5f43a0942"
-                + "6d60c5cc87800afb9968f1094b496d15e92e3e559db5a3f90593eb9bf9c19332bfc5e328"
-                + "ab950d080c96358aabc623f683c491eef281ff790d84c080c75f5939a0084228666e9f1d"
-                + "2ad7613523b2530302c72d4916c2d183e44a3314be025a0cb1d9b857ceb988b58bd39055"
-                + "e03dfb3ef07502a2dff9c1d3f40f2a3cc9c7c9a6d7bac943c2c990e45d58f87e1c2f9c32"
-                + "af6356134f5d610670488c9b43e334b11c2a7f987503a71cf8c3bad740a470d3751d11c8"
-                + "f1b60f0aba7f994b7a6e75c0027c3b5f2b0d733f17d08db11ac4a690a7237241ce4d8f3b"
-                + "71d743b6a71baf7921dcbd1e41d4387dbab201d77c0e256b178f104c5ab0568a66eee000"
-                + "1da790953acef406544ba8c22b3783059bc780f35b25c21304e41f63a4c7661696059eca"
-                + "432aa5142fceed8bd2c368093b14110deefb8e051d5b02448de35b29180a7b14558423ad"
-                + "d3dfbbca1d619220eaf90f06bda0e9a0b47d63e6bf6e3d3a4fdd059a4435103b43186bd5"
-                + "69622be3791f6a5b3f6b85577fb80333f563ac75ca5f61f4e695a47b0deed8c6ef6ac0b4"
-                + "80c0b339d57ba46cfbe85dfd29733462db7908327a5d7ce129ab5afc4590cb3ce0edfc53"
-                + "42564b1de184dd54a0a4375545ac54a3639362ce704d0d5724ec8cac0888608f6309c7b8"
-                + "5658e6cb4e454fe265a0d29ce320446b5d8d9347689d8aa1458e3c9ee89cf73cb635e843"
-                + "57b371064fe2c4532effc6dc3c298007dccd60e431b9670c10124290c714e7dd079da828"
-                + "01b8db983df3f15497dbf3bf7279d360d2fff58170aaabc0e099206cc02c8ec699807d62"
-                + "4917501961868a52c98378648cebdf92f51d21dd8a1ec89925ef0e571f9e464e4994f1d0"
-                + "284562e005e2a53f2a64c78538e3d82a7a1c9f228c5b08b2e0fb2ad9707d0f1ac41cf90d"
-                + "aa704c96906eafce30002407d5f37a5c34f96e7dd9f92b1477d29e8df7030a62224de68a"
-                + "9320db6653722d6fdbdcc0fbfbda053f9c8f3b2c41765f2916c598035e4c1fd26d1c5063"
-                + "b7d80701e15f1b460987c55e4da30cb04f96ba6b5abb934e884cd489c4994b94de237ac9"
-                + "601c415159e5b4bf1c75b11c47de604f7af7b467c1849459f1ca2f22db77e2975ea99583"
-                + "3d2e395267727d0f8f77ddeefaf3df3ef12f0fdffc46f3d53017b8b0d6dc676d95a5d932"
-                + "7d35e6a7cad33cef87a620b27d72c92bffa26a0d7e8babad5d84a305455f97339f756494"
-                + "ac27670f37a703280d3761b7ea0ae37567bc8894cb1e5d3f3849652a3fc4a5c413f5d0d4"
-                + "2be847c87dd8b7bfbac6d77de51f00bfc81ddcfd418192bdee13843e03a699c52760191e"
-                + "0916523b13682807127e5142198686cb2dd8d0a03559383305acb12b899851d32d5a6af4"
-                + "d87368e8f7da281221cecf66ec2937e34df4f8ebacadc0717fe69b015ce4fa6ba053f912"
-                + "f1491daae582333c0c2c4d18d7f19d926d487380bc19db28d7d0899511858ebd00cc637b"
-                + "f56ded344517c9fe8e14723adcaab57d90d2958901edd47e8b4645b232c9a2c9dac8d286"
-                + "91b7be0179090354d13cff2a01dc9690656f85d0618558487b7c8fa738dbd17fd99bab9d"
-                + "8b21748e6b9b216f7d056788336bedf64449209445d5d103488b847d5ffc06ecf9548824"
-                + "e3c0cf5a84d5646dd55ca3e190cfbd7940e9b3201ce8d7911e14c1de47acdbfd10f02f2b"
-                + "1efd860e08e8cdb658b8e6c1c5a40349b720a6b267aa719df4cc6c7596e6897208881988"
-                + "f189c7806095275e8735bb2f62d19ebca995783d0eb936483b0e68930c31071a43f67900"
-                + "67f119336739ed17a2bfe8fa41607833d6194b5cc1900bf8d19601ba12be8473f836dc58"
-                + "83ff06e885f4eaeaaf05d59970713d3ffb8a972b29391d3bc31808bbced4c5af495f8286"
-                + "156a0c03aea18db2a60069bfc4d14df1238390e4dd816a6edf28ea1ca71cc2ae5d0a26fb"
-                + "b86a3271faf6cc8000765ea310ae979fbe377a1ff044f724cd6a389aa7c24e2f0aabc4b8"
-                + "d408ebfd92b2a40f16125fc4b7a5ff17615c0a50a3c83aa54de3ce8526e215a6de45a16e"
-                + "9d3d358b039325ad378c0abc2448a3bb8089e842fa848defa7ce4f2fab5e966b38830b9e"
-                + "bea02ab0a8225621e9c8ee8908e620ad020c058d7ab25003899c225d77aafd3c492622b9"
-                + "e8ae9f98d512667340b7972b4c840a7afcf7a75a4e176d8867f9fcc26491d74a7827762b"
-                + "3faa51599bcdb2c1bd2a0ca8b407f4b5525f144ac9ae9f7f5349d2832a6ff0bc3749b328"
-                + "8054837e16a910ba8d21ddfb547014b0820a971937087907e7b96f661caac4384fd44355"
-                + "ffecdfebb42c44c244bbd6a5729a194c241dafa0803d67dfbf34b81c6f55ce5fc07da966"
-                + "a688f304eec8f6d47d39c0eb0350c728a0b481999b9984f53d0b542c0654aec61b49b3f9"
-                + "d942d3644c596892c7f0e20c569b63fc2bb9fd2cc737d70892f3a73ccb7f306cb67fa027"
-                + "d162b87d23ecd73b5d0d53926ac0ba21e1bb25f63dfd22c32f71c1a7dc0ad6f3d354a260"
-                + "c139a88d386407b478ae8476e846aef4df07809680ec3d0ebe5382f905501fcbe5af86ad"
-                + "584e737cc018920c19acc39fd5e067279d72c19ecf80b1a6049715be779f730efe9d2cf2"
-                + "1692abf138b4482263b6db65fa00efe7fc1f92877cbf89a7d77315c06ff3fdf149e7f458"
-                + "0131fc88ed7a401e32f87e52c354fa100f343e5520f74d52c86e6e364499aa5b609608b3"
-                + "a4b2936a817f12bed11540f5561d1ee105543ee8ec48adcf4a78504478017f2cf110ca12"
-                + "7d689c5cbc0f80801b98e9db87c18c3dbeff208fa676706e989ec8472f184874cd72e8f1"
-                + "ab7e461f20bf8a9420b9892b4aa70f80450e5b0aa4df5335e4905e6e60608bf180cb2e3c"
-                + "06edcbc705f6707a4f9658e7d22c259202bcbed6947d4631a2064bb44d958e9d3e423580"
-                + "5e148f38f495102c17a50ed44193777d221e4201098882408cf2d5c39c558c8ad2e1af20"
-                + "349784f6c48064d485f951b5f3b2455ea10e4b4c49ae98eed3e0754420922643659f7209"
-                + "3d18647d2919b2e933202c9083c81872d4b12af41013d07cb6fe084581ff90d2c21fba51"
-                + "f20b5225b3c67521e85ef5b56cb4d1255cf117e78d154d9dc8a5a7ce1e076a03d6ed91b5"
-                + "ad76dddf5f98b760b505abbeb77a73d183b1baf431e95e7afe7e8a72e54dc42941f7734f"
-                + "f8569a59246245ad643ba8141aa293275e6b323d5d43f7edb6426fbc0c15a6186c5bb6fc"
-                + "7db088fdcaa79b81c076d95ffdbd011fcdc2d95c928a30781f253783e3bc116db85e3edf"
-                + "e69a227f799384e9f505226a4c02e941d26dd8d941bd4d2a215a9519ade4da4f770d374c"
-                + "368dcc6cbc7b4d11287bd2c7ec92ff844076c40e1c9c770e681bf1e09d1752d8625d3333"
-                + "6500a98ee375f774828445e7f88ed8b13bc7508e7c6cdf19b70381ae582dfcd2376ea637"
-                + "b89f1db62aab7154c79e59f104bbac1329ebb7f97d65185e388abd2e9239ae5b30358a08"
-                + "1c9ebdb9b35766fdeed7457079c4a86e7a4e3d809b0193ef03b5b637ea46b881d2abad23"
-                + "cb1b97a5460da4293ae41b46868a5aeb728ab8152882b75d5339d44278c75ef35e6514eb"
-                + "3670b237c6389c1f6b8f8e8eaf7a6988a299d4fc26a89bdd930a7f785844c9e8545e6dad"
-                + "410eeff9f09a68dce5fc13dc331f7450ee38dd9b30941e2c40358991ed394ea3c674042f"
-                + "0f048cb8c200e9b123adba886353e8e52220a4ec753e4e4b4d5648630c16d538c64ef308"
-                + "7f034f7fef5fcb18e183468429ce5e479c7d106149a07560a5a620ec4f5d378110ae30c6"
-                + "b010c42ce3c93edb0f2263c20de6bfa92bdea7206cfd1d981ba87e8221028ec449d5a218"
-                + "7509a1710d4f5023868c5ae4c0defda5183b7f4a289b00159139a3161253ffe47e77ccfb"
-                + "3ef8ee1119ba56b51e5c626de41f5ba197329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "331fe9494ced34e060473f28fefa01b5cb02e18445e8372df391c1227f4b12ff0996cc86"
-                + "c44faf7e17bbe36bd38f0ab3a7f469ea25688812a991c7fbd270bbed607f88e3bda40e30"
-                + "30290f6e3b97aa02d0d3d576c098c79b0e863d02bbd48225636d5a41eaf4d0af02f1d0f8"
-                + "0a62e619fd159f4cd3da90f45d60bbe4a53b7b0b5f6bfafdd8b6749d0c17572ffa54245e"
-                + "e02b41cda56a1824fd3e8066be91ef3dcdaf77e8fe9ee96416f0e1f04e331390882b6ed8"
-                + "9ab64471e112a9e6ea0c32ad988ed2684f7e1541fee1c9a6f486186fe8a424e2dd724dd8"
-                + "dd1d8fd7af219ff865b0cb59085db025caf33a3af717f3f68c97f61ff6187896ba2e34c4"
-                + "54dc0f36ce327aa6cb4fb503520065094e52b13bea3fb1d7ad251b5ca9a1279ce43503c9"
-                + "84d92db5cb78a40359fe3cd33c509df30aac3887b46bd2ca57754149a98ac703addaf4cb"
-                + "efb20c834d37e9c24d4bffb19c802f01ea263880ff85c927bcbab4dc67fbda82cd05b83b"
-                + "1e4e0fb81dcaf52eabde2cb94371ae05b22bb603c3f7984a79a705a2df8745db3f577304"
-                + "051b99d591c1652604edab44a15fc5bc56671c5b4b02935e65e952581f2927c8b08d14de"
-                + "1052c7aeed467850a49a2143f1e66305e4e392f09c1768433d3e914fa4c77355b49eef92"
-                + "1d7cfffcea13406bcbcc5cf2cf711bd6c9fe37ac7ee1c617614ee6550a90eaa5d21d44fd"
-                + "139fe6018d18379a75551ea2b9cdfdf33c922f22de13a67e740bb02ebdb0dbbfc13741d5"
-                + "d420b83826023b3ccfc233ecc9808d933339a8e6e4978d42a8b317780c76bb11c4c56887"
-                + "449c629ee20acd95a737416fcc0faa4309d124820c22f1203a3214fba8fb819379d85216"
-                + "f174f370e2c7479542baf3e3e4f4fa6ccf31ac2dfe53686d7e9f80dc5dac4cd9fcf475d3"
-                + "f6b1dbb7b0e3f9b49a08a69da25eb7ea74bb58bd550f2485161b3c4c52d87dbd84744f36"
-                + "c6af3648c26baa1d11a2bfac111a8e7a400f8f8a7abe9777ea71b3ba1acef13975da13be"
-                + "d9d89cfc69ecfeab08e851e30018057b62241b1c614dcdb2e78529e91c65c36feed296bd"
-                + "cc12e740d44a9d31784e2613195043643d5e9dde4fae17279cdfa164b1d00b928a8e3f85"
-                + "b1e8f74ed124bf9bedade0dc606c0fab03e6a421a7f4666bb58612fe5620ff9723b40f75"
-                + "1507978402f2cd4526057552d6d48498c3d5e2f584b68f71cda408c2a158536e3c19f7bf"
-                + "198148541bbc6648c0cc39afaaf3a9519ced58563e4b56a1adefcc4810a6fd810ff3a9b8"
-                + "83974eb20fa0b08ce0948aa06f45fbc6aafcb61aa59dc45281c115c2a10c3ff542ce805a"
-                + "dd318790f8d803e20676b9216f92c0ae78a69f17656a2be2e69d565ea2349696c59937cf"
-                + "e8be1415367f17d6d9685cfbde200b37de94fab635d3a94d6961421816c893fc1a60bc9b"
-                + "7f90b9c5211bea89790006e9b0a87563fef956a088539dac633ef7125d51dc650d39d490"
-                + "c40bda681c48f4402bf2ddb6277b3b6ed788d64fb47324c8fb7c6768548da233fe2f7d09"
-                + "74b8b6b310a5d37bfee558a3d725710a90b319ce4047e35c2a1727e6bc81b3ea7efc657f"
-                + "f9439f9ee30d335c20dfa6ef7a1f50bd478d99f162432494441448a27b7b80cf89d1a347"
-                + "917526e5e0fa319f3093043ff2d27cd38ffd0fcd321cd6687615698573af3ac75a7e66df"
-                + "f93ee7713d3dbb195dfe5e038dcaf8bf27709afb0692d814e768cb08c92ec4fb386518ec"
-                + "c082fba4773bd58289e3549396984340f1224743826f46b2953d1c60102df9d8a110a450"
-                + "5c06b1f352301bc9eba14ba6a74ff0cb145a653915a413b73ae719c7e0f070e1234ceb07"
-                + "d00417440c38cd90d3a10107f88ac0a3af5294d45568f8795cb98039865347fa2689d335"
-                + "2c4a4e7162eead6e2b00a86c23d08308a0f3ebed0f9d1a40264a05b08ea15883c5335e38"
-                + "eb363f8dfa949bbf010d38cc1f1aeda6c3433ea5fe5b7f46b646eca7505813428b562d11"
-                + "0a770a0a4427357011484f277ec9efa1cfe23ce439704b72f7963ffd290422670c6e7dc8"
-                + "0d4625badf29e1f85405b96847eae6efab02fe156ae06f69145c5b6ba49ddcee66ad9998"
-                + "ed271243bb62686f1637c5fb90ad2b20346b809e811ab221142ef81b262365865503d0d6"
-                + "84188c998dda9532eac6d64a081f9d1eb007a7e3c005d998ee24e794dac515233471b796"
-                + "f0de1b92b54d2d36f0d9e569f518c6c06814f538b2e46e3b1104faea2443797fca067e74"
-                + "dd54a82f2652556114262e58f5142100810431b120a2e12272b8a112962c5b0cc23bd6bc"
-                + "213aaa12cf9983a2b58fb30250dd92e144ebdec0e6ecc4cf9e04aa9b7ec937bc84113c8c"
-                + "2dcdbaeb837b9fc22e7f5486203e8868cfc6c95b16f9a62a87e6319ff4a0580592566e1f"
-                + "e62901c822ca5d331a7e99c8febf9f12c6e99cdbea28fd663482135d13a22b8d76f22053"
-                + "bf5c9b34f6642772f7f145cd940506dbf30605e001824f473f38c4a493d1d69f06fdc81f"
-                + "12a219d7b3e2697b2de85fe3adc9f822139ed427e40b3c29f94a50b02c9cd2ea9b447801"
-                + "4f1247d851f1f41d148c3fa823a36115fd5120e1c47a285f4c2c8820ad04453a619842a2"
-                + "791dfeb8b58d158e155a6e6b8866ef0284e277692a95687383f5007cacf8f22e178aef07"
-                + "63e2ee7f1d7dd7e94e27b15b8141ee3de32dc9dbde52a453997e426d22f85667bb96c530"
-                + "ccf047e2efcc503d78b27d45caf6f8700858ba3c8141136001e3de867dd72f0c0a3bc413"
-                + "f54628f0486fe550773edce53b9b4c0ae94b9cfb256de489b40dbe73ceff8f696b43ace2"
-                + "1636e40a189cfc51436bd809dea3060f9df9fbed205b2d06aa3d6cba0192a6825a50f089"
-                + "583de59f7deb8e93432914f1c07115cba8c137f98684d568bc0bb436fe2e67b21d684b59"
-                + "738efbe8f112d7c522cab01d5351fe2f9af1f1d88917ed97ca4772a5ff8dc7182fb8cbb2"
-                + "e4fe106baa59bb16c2712cef7b641f3d2f49542ebde1ad02787a0c597de245182f4f1222"
-                + "5eeae4579eede1451c06692e6c84c9662fa562bd2450c5b27d928e95535203f80715be89"
-                + "adf11ff516ff6dda65d692beb555ccef92a5cc4ed87ed878a6eb3f0dd6268111bc50586c"
-                + "3fe0d2aefe7e2350366984ddac20446b5d8d9347689d8aa1458e3c9ee89cf73cb635e843"
-                + "57b371064fe2c4532effc6dc3c298007dccd60e431b9670c10124290c714e7dd079da828"
-                + "01b8db983df3f15497dbf3bf7279d360d2fff58170aaabc0e099206cc02c8ec699807d62"
-                + "4917501961868a52c98378648cebdf92f51d21dd8a1ec89925ef0e571f9e464e4994f1d0"
-                + "284562e005e2a53f2a64c78538e3d82a7a1c9f228c5b08b2e0fb2ad9707d0f1ac41cf90d"
-                + "aa704c96906eafce30002407d5f37a5c34f96e7dd9f92b1477d29e8df7030a62224de68a"
-                + "9320db6653722d6fdbdcc0fbfbda053f9c8f3b2c41765f2916c598035e4c1fd26d1c5063"
-                + "b7d80701e15f1b460987c55e4da30cb04f96ba6b5abb934e884cd489c4994b94de237ac9"
-                + "601c415159e5b4bf1c75b11c47de604f7af7b467c1849459f1ca2f22db77e2975ea99583"
-                + "3d2e395267727d0f8f77ddeefaf3df3ef12f0fdffc46f3d53017b8b0d6dc676d95a5d932"
-                + "7d35e6a7cad33cef87a620b27d72c92bffa26a0d7e8babad5d84a305455f97339f756494"
-                + "ac27670f37a703280d3761b7ea0ae37567bc8894cb1e5d3f3849652a3fc4a5c413f5d0d4"
-                + "2be847c87dd8b7bfbac6d77de51f00bfc81ddcfd418192bdee13843e03a699c52760191e"
-                + "0916523b13682807127e5142198686cb2dd8d0a03559383305acb12b899851d32d5a6af4"
-                + "d87368e8f7da281221cecf66ec2937e34df4f8ebacadc0717fe69b015ce4fa6ba053f912"
-                + "f1491daae582333c0c2c4d18d7f19d926d487380bc19db28d7d0899511858ebd00cc637b"
-                + "f56ded344517c9fe8e14723adcaab57d90d2958901edd47e8b4645b232c9a2c9dac8d286"
-                + "91b7be0179090354d13cff2a01dc9690656f85d0618558487b7c8fa738dbd17fd99bab9d"
-                + "8b21748e6b9b216f7d056788336bedf64449209445d5d103488b847d5ffc06ecf9548824"
-                + "e3c0cf5a84d5646dd55ca3e190cfbd7940e9b3201ce8d7911e14c1de47acdbfd10f02f2b"
-                + "1efd860e08e8cdb658b8e6c1c5a40349b720a6b267aa719df4cc6c7596e6897208881988"
-                + "f189c7806095275e8735bb2f62d19ebca995783d0eb936483b0e68930c31071a43f67900"
-                + "67f119336739ed17a2bfe8fa41607833d6194b5cc1900bf8d19601ba12be8473f836dc58"
-                + "83ff06e885f4eaeaaf05d59970713d3ffb8a972b29391d3bc31808bbced4c5af495f8286"
-                + "156a0c03aea18db2a60069bfc4d14df1238390e4dd816a6edf28ea1ca71cc2ae5d0a26fb"
-                + "b86a3271faf6cc8000765ea310ae979fbe377a1ff044f724cd6a389aa7c24e2f0aabc4b8"
-                + "d408ebfd92b2a40f16125fc4b7a5ff17615c0a50a3c83aa54de3ce8526e215a6de45a16e"
-                + "9d3d358b039325ad378c0abc2448a3bb8089e842fa848defa7ce4f2fab5e966b38830b9e"
-                + "bea02ab0a8225621e9c8ee8908e620ad020c058d7ab25003899c225d77aafd3c492622b9"
-                + "e8ae9f98d512667340b7972b4c840a7afcf7a75a4e176d8867f9fcc26491d74a7827762b"
-                + "3faa51599bcdb2c1bd2a0ca8b407f4b5525f144ac9ae9f7f5349d2832a6ff0bc3749b328"
-                + "8054837e16a910ba8d21ddfb547014b0820a971937087907e7b96f661caac4384fd44355"
-                + "ffecdfebb42c44c244bbd6a5729a194c241dafa0803d67dfbf34b81c6f55ce5fc07da966"
-                + "a688f304eec8f6d47d39c0eb0350c728a0b481999b9984f53d0b542c0654aec61b49b3f9"
-                + "d942d3644c596892c7f0e20c569b63fc2bb9fd2cc737d70892f3a73ccb7f306cb67fa027"
-                + "d162b87d23ecd73b5d0d53926ac0ba21e1bb25f63dfd22c32f71c1a7dc0ad6f3d354a260"
-                + "c139a88d386407b478ae8476e846aef4df07809680ec3d0ebe5382f905501fcbe5af86ad"
-                + "584e737cc018920c19acc39fd5e067279d72c19ecf80b1a6049715be779f730efe9d2cf2"
-                + "1692abf138b4482263b6db65fa00efe7fc1f92877cbf89a7d77315c06ff3fdf149e7f458"
-                + "0131fc88ed7a401e32f87e52c354fa100f343e5520f74d52c86e6e364499aa5b609608b3"
-                + "a4b2936a817f12bed11540f5561d1ee105543ee8ec48adcf4a78504478017f2cf110ca12"
-                + "7d689c5cbc0f80801b98e9db87c18c3dbeff208fa676706e989ec8472f184874cd72e8f1"
-                + "ab7e461f20bf8a9420b9892b4aa70f80450e5b0aa4df5335e4905e6e60608bf180cb2e3c"
-                + "06edcbc705f6707a4f9658e7d22c259202bcbed6947d4631a2064bb44d958e9d3e423580"
-                + "5e148f38f495102c17a50ed44193777d221e4201098882408cf2d5c39c558c8ad2e1af20"
-                + "349784f6c48064d485f951b5f3b2455ea10e4b4c49ae98eed3e0754420922643659f7209"
-                + "3d18647d2919b2e933202c9083c81872d4b12af41013d07cb6fe084581ff90d2c21fba51"
-                + "f20b5225b3c67521e85ef5b56cb4d1255cf117e78d154d9dc8a5a7ce1e076a03d6ed91b5"
-                + "ad76dddf5f98b760b505abbeb77a73d183b1baf431e95e7afe7e8a72e54dc42941f7734f"
-                + "f8569a59246245ad643ba8141aa293275e6b323d5d43f7edb6426fbc0c15a6186c5bb6fc"
-                + "7db088fdcaa79b81c076d95ffdbd011fcdc2d95c928a30781f253783e3bc116db85e3edf"
-                + "e69a227f799384e9f505226a4c02e941d26dd8d941bd4d2a215a9519ade4da4f770d374c"
-                + "368dcc6cbc7b4d11287bd2c7ec92ff844076c40e1c9c770e681bf1e09d1752d8625d3333"
-                + "6500a98ee375f774828445e7f88ed8b13bc7508e7c6cdf19b70381ae582dfcd2376ea637"
-                + "b89f1db62aab7154c79e59f104bbac1329ebb7f97d65185e388abd2e9239ae5b30358a08"
-                + "1c9ebdb9b35766fdeed7457079c4a86e7a4e3d809b0193ef03b5b637ea46b881d2abad23"
-                + "cb1b97a5460da4293ae41b46868a5aeb728ab8152882b75d5339d44278c75ef35e6514eb"
-                + "3670b237c6389c1f6b8f8e8eaf7a6988a299d4fc26a89bdd930a7f785844c9e8545e6dad"
-                + "410eeff9f09a68dce5fc13dc331f7450ee38dd9b30941e2c40358991ed394ea3c674042f"
-                + "0f048cb8c200e9b123adba886353e8e52220a4ec753e4e4b4d5648630c16d538c64ef308"
-                + "7f034f7fef5fcb18e183468429ce5e479c7d106149a07560a5a620ec4f5d378110ae30c6"
-                + "b010c42ce3c93edb0f2263c20de6bfa92bdea7206cfd1d981ba87e8221028ec449d5a218"
-                + "7509a1710d4f5023868c5ae4c0defda5183b7f4a289b00159139a3161253ffe47e77ccfb"
-                + "3ef8ee1119ba56b51e5c626de41f5ba197329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "347a023354bdaa851c37d97e0eac48aee083649ff74a675a622ba3446bb0dfb1144046f4"
-                + "6682e7c156846289f1d823513c585800861380ac890aa8e4a39233f46893b696c00cabfc"
-                + "7dbeb88e58afedf2e328277a30adf716c0640b19ba4fe3b3846d8b2c060ba8692feec9c1"
-                + "f9535f95eb17161667435d52918607927290a8b947c439dccd990b897b49bf3ca5725f91"
-                + "fd75e164914ef60e4962acf0360b897e1af9b9258aebb3c00ec447a070e39fffea7b6f63"
-                + "ba86532621a7f0b9680e5293e92f82ee3e4fd312c91513fc114e79e06607fe29e88c6b8d"
-                + "3a30f28697c32fc2cf8c1f926de58d78618bd17ad06a7479a17c59c4f7c38342fce17180"
-                + "a3bf60a738a1c343857d113cfc6e5818b8ed5bb77e5b2c87e0471d07aecac1f254f73389"
-                + "515e0358149b4a379ace7e93a349a03b3faabf52a5589a64215a168059e1ec7f87f88aee"
-                + "71ad873c85c9cb0934922a1ff7cc5c64d2fad5bbb390022fc7a79f3033ca765d266f050e"
-                + "8ec86248d2d59f4873e0c803d5bdd45a4a0a3ea3bc72a9277b951eca9cd440b97e3216c3"
-                + "046a22739770158a0e09d12a77037d86d4034c26dcb4162522f0e3d0dba3f2e4040c2307"
-                + "4bb333fc8319a509bfb98c6d92be011c1e78fa57219de8a0b3e813f682e97f12020d89b7"
-                + "972f80149eec95a6c0b830a9cc05a7d5289a891b06257c7f2a3b20fdac93263cbe636831"
-                + "94d49d38e131241fc25a20ecab58a89f9d7896341a7f536140b3ec5caf7f276be6e0a899"
-                + "0e322fcb5fd5b3fc5ab547358f04e0a42bceef264feb6dce6e837494502f00457840dc46"
-                + "1b52aeb7ccc0415584f7319a224f623f23630ba04d5c52bdcd882acfc3c0a2de37b86823"
-                + "b77a569f2330c1dc07259adff7d5ca8a1926861ca6f46a68877bb0ea9bebb680b1cc3383"
-                + "92deb6423ff01bff5fc6f4cd311dc2402ffdc0a0596eadda53b18fc8d58bcc1b7e6a3921"
-                + "820b332e5c89800099d02bd15019e8db4e93c2e0bd2e10729f26d9fb419eab99745ad596"
-                + "286714568480c94b78badf2de4bf773ffd10a037e0c6305dc55e1593d0c0e1a25f82012c"
-                + "491af7a14c5ef983070fadc4e2be4a94da2112d27662cf2b88db58ed107fbc54d93ca8cb"
-                + "047503b9abe4d62f5feacf960514491a1e3636d96e34e1c6daedc9c6961f4a4d749fe0e1"
-                + "0d824d94f143a0fe9d784584040301beaff72945a1398c5c8c76cede10080bd45ee40000"
-                + "bfb45f0258ecd46560c74344d11854da6af601512fa0012b01424345a67153fd7962e93f"
-                + "39216d247f1cb7a834cbf0b390fee3f8927d3f68257d0f4c651a01d184f532f423081e9d"
-                + "86f108399039e7826368d3c4a02c0ee2aa7d94dce4c5e46a49aea464aff0b1b472aed28a"
-                + "676af227015843433b0bb41e7e9f6c470d347b22bf7c684e4743b200a148a26e9a4f678d"
-                + "a3d197fd3e173dbb95be3bbc4e90c62cbd308a7ad745d92132999fdec824b670f4c0a641"
-                + "a923abe4433867cabda18a26c376cf4c69d680558484f14b273683421685454d4d7a8afc"
-                + "11d4dcc16af943eb14bf432ad94085c8040527bc859989fbf526905ab52d25e643911c81"
-                + "eb049008965d85310994e2adfabf83379e6d9c9854eaaf4219108f7b97e13447ad789c29"
-                + "e81b3ad403c14286a539d41b54f7494382d566dcd32b0772e73a0002cb546a599f9dc1ef"
-                + "1d7b653ec45d927cff09a5221e60823e282485ead7aa8143e290e72a474b21eeb9638fff"
-                + "c2320729fa3f6543a5fe472e85f6aa93e3f22b5edcc3d8ebd5ebb977733466f27e23da82"
-                + "e9f8594b90fd55fb7ae86db06341b21403c5abf8e30cce009a3f76b613f00669addf77a5"
-                + "31775116a3ba5d7392c9cab6a37d39d9c26363a987a94fffe4f23cd2d37f78535f65f504"
-                + "b7979852cba2857241cfbc433da9d623a73292acc75f627a3f7bc04699e3c20aa430354f"
-                + "7292804a6092672b2bc1d6cc7c8ceca571f7b86545741e8c8f9e4b0bb1915582385879db"
-                + "65566f2e6efd470cf01670f32a2efdc662f0935360bd7f70ed01d6c53f62212d1ad912af"
-                + "40ee2924c7b3390cb3a673208efdfefc45063866e59e6f05159e66f07c405edeb3b6abad"
-                + "09c5b4c338de9692965dcdbdb0ad038bd3896ef936aa4ebeca0b6f8d258d18b0948ce6a4"
-                + "a6b40cbeb1048d9bce6ed8b5a1fb64fdd908ead8a70f5d96c61e62dd21d07a067a86fcbe"
-                + "7825d79ef9587502bcaacccc93bc7dded6bfab474da4a2bbd4730a7820772462076af552"
-                + "4a7ee6af75924fe994c877866814a447d53cb96ad1c78815cbeddc09a48792374c0166e7"
-                + "93ccffdfba494db96c94ec2080ddd88619747f0044c15e40883fda988ddedcad089f72af"
-                + "47f1eafa6b8b08e0d9e21e621528598e2ea1a031c463372bfcb537870a061436333ea392"
-                + "6687a33d2e1173ab48a840f026094614785274f406e249a27a76a5ffcfc950d2032fe974"
-                + "a426bca632971c059d02f9baf0360dd6dc6dec76d0d296dab14d4623ff123af284e32bbc"
-                + "3c7ed30d9c94ff5edf1176868171afb341e22f6b774b9db6897c3e6b5b1eb31af465c438"
-                + "02460a39c0567dda3b83b48f27aba336025e07b276a49463312309c8f3a5690c1f1e5095"
-                + "93dc0ded8c96037bc59e8c7125d88fa206b0ccd279a83cb9169488bee7518333b529b31b"
-                + "d726e0a105b55ab1372fb550bce50daa46be89e555f29799103e2ea92814c80a6ef7faee"
-                + "a0090ed054f5665119ce7f6e5d8830e3f8efce6aa5ff9079d9c9dae1a29bbeafae135a4d"
-                + "bc882f45044c4bea402e91ffd37600d78aab7f69cc8314b5819584797cda67ca097f1e5c"
-                + "d47ec508ffd15cf3019f62ee4ec5027c856e779ee549c0f7f21d5c2085d3c5c2894d3f35"
-                + "bac944918531ed678f7dae724cdbf9720cd7191e3330efd56e45b767fc303ce2729329dd"
-                + "ad4adfb094ace50bee7d7102739eac1f43cd79a9dd76599e135faa76ac7cc24530b22303"
-                + "98a77c140d0a4b820ef3a4cc6f04335c292051cbb19fdcaea3e8f0e7c9789ddf4779e0c6"
-                + "566a3b6028e7bdc0349a622c7ffad3fcac17a9c69cd9ef798e90a838ed67c1d110ce040b"
-                + "9633e97240fc33a95f056a8211574581eec69f33034523767e9cace448c213d265fadaa5"
-                + "ba1216bbd57225a3ca6cb3c48bfa5c28194f04121855f7ad7f60e901cf9867f858b716c5"
-                + "ee75956f646dfd2bd49f76a64615e28b5f0b67c5677c713128f5ab683a59362e3ba37b8f"
-                + "a7920d8146f3f15497dbf3bf7279d360d2fff58170aaabc0e099206cc02c8ec699807d62"
-                + "4917501961868a52c98378648cebdf92f51d21dd8a1ec89925ef0e571f9e464e4994f1d0"
-                + "284562e005e2a53f2a64c78538e3d82a7a1c9f228c5b08b2e0fb2ad9707d0f1ac41cf90d"
-                + "aa704c96906eafce30002407d5f37a5c34f96e7dd9f92b1477d29e8df7030a62224de68a"
-                + "9320db6653722d6fdbdcc0fbfbda053f9c8f3b2c41765f2916c598035e4c1fd26d1c5063"
-                + "b7d80701e15f1b460987c55e4da30cb04f96ba6b5abb934e884cd489c4994b94de237ac9"
-                + "601c415159e5b4bf1c75b11c47de604f7af7b467c1849459f1ca2f22db77e2975ea99583"
-                + "3d2e395267727d0f8f77ddeefaf3df3ef12f0fdffc46f3d53017b8b0d6dc676d95a5d932"
-                + "7d35e6a7cad33cef87a620b27d72c92bffa26a0d7e8babad5d84a305455f97339f756494"
-                + "ac27670f37a703280d3761b7ea0ae37567bc8894cb1e5d3f3849652a3fc4a5c413f5d0d4"
-                + "2be847c87dd8b7bfbac6d77de51f00bfc81ddcfd418192bdee13843e03a699c52760191e"
-                + "0916523b13682807127e5142198686cb2dd8d0a03559383305acb12b899851d32d5a6af4"
-                + "d87368e8f7da281221cecf66ec2937e34df4f8ebacadc0717fe69b015ce4fa6ba053f912"
-                + "f1491daae582333c0c2c4d18d7f19d926d487380bc19db28d7d0899511858ebd00cc637b"
-                + "f56ded344517c9fe8e14723adcaab57d90d2958901edd47e8b4645b232c9a2c9dac8d286"
-                + "91b7be0179090354d13cff2a01dc9690656f85d0618558487b7c8fa738dbd17fd99bab9d"
-                + "8b21748e6b9b216f7d056788336bedf64449209445d5d103488b847d5ffc06ecf9548824"
-                + "e3c0cf5a84d5646dd55ca3e190cfbd7940e9b3201ce8d7911e14c1de47acdbfd10f02f2b"
-                + "1efd860e08e8cdb658b8e6c1c5a40349b720a6b267aa719df4cc6c7596e6897208881988"
-                + "f189c7806095275e8735bb2f62d19ebca995783d0eb936483b0e68930c31071a43f67900"
-                + "67f119336739ed17a2bfe8fa41607833d6194b5cc1900bf8d19601ba12be8473f836dc58"
-                + "83ff06e885f4eaeaaf05d59970713d3ffb8a972b29391d3bc31808bbced4c5af495f8286"
-                + "156a0c03aea18db2a60069bfc4d14df1238390e4dd816a6edf28ea1ca71cc2ae5d0a26fb"
-                + "b86a3271faf6cc8000765ea310ae979fbe377a1ff044f724cd6a389aa7c24e2f0aabc4b8"
-                + "d408ebfd92b2a40f16125fc4b7a5ff17615c0a50a3c83aa54de3ce8526e215a6de45a16e"
-                + "9d3d358b039325ad378c0abc2448a3bb8089e842fa848defa7ce4f2fab5e966b38830b9e"
-                + "bea02ab0a8225621e9c8ee8908e620ad020c058d7ab25003899c225d77aafd3c492622b9"
-                + "e8ae9f98d512667340b7972b4c840a7afcf7a75a4e176d8867f9fcc26491d74a7827762b"
-                + "3faa51599bcdb2c1bd2a0ca8b407f4b5525f144ac9ae9f7f5349d2832a6ff0bc3749b328"
-                + "8054837e16a910ba8d21ddfb547014b0820a971937087907e7b96f661caac4384fd44355"
-                + "ffecdfebb42c44c244bbd6a5729a194c241dafa0803d67dfbf34b81c6f55ce5fc07da966"
-                + "a688f304eec8f6d47d39c0eb0350c728a0b481999b9984f53d0b542c0654aec61b49b3f9"
-                + "d942d3644c596892c7f0e20c569b63fc2bb9fd2cc737d70892f3a73ccb7f306cb67fa027"
-                + "d162b87d23ecd73b5d0d53926ac0ba21e1bb25f63dfd22c32f71c1a7dc0ad6f3d354a260"
-                + "c139a88d386407b478ae8476e846aef4df07809680ec3d0ebe5382f905501fcbe5af86ad"
-                + "584e737cc018920c19acc39fd5e067279d72c19ecf80b1a6049715be779f730efe9d2cf2"
-                + "1692abf138b4482263b6db65fa00efe7fc1f92877cbf89a7d77315c06ff3fdf149e7f458"
-                + "0131fc88ed7a401e32f87e52c354fa100f343e5520f74d52c86e6e364499aa5b609608b3"
-                + "a4b2936a817f12bed11540f5561d1ee105543ee8ec48adcf4a78504478017f2cf110ca12"
-                + "7d689c5cbc0f80801b98e9db87c18c3dbeff208fa676706e989ec8472f184874cd72e8f1"
-                + "ab7e461f20bf8a9420b9892b4aa70f80450e5b0aa4df5335e4905e6e60608bf180cb2e3c"
-                + "06edcbc705f6707a4f9658e7d22c259202bcbed6947d4631a2064bb44d958e9d3e423580"
-                + "5e148f38f495102c17a50ed44193777d221e4201098882408cf2d5c39c558c8ad2e1af20"
-                + "349784f6c48064d485f951b5f3b2455ea10e4b4c49ae98eed3e0754420922643659f7209"
-                + "3d18647d2919b2e933202c9083c81872d4b12af41013d07cb6fe084581ff90d2c21fba51"
-                + "f20b5225b3c67521e85ef5b56cb4d1255cf117e78d154d9dc8a5a7ce1e076a03d6ed91b5"
-                + "ad76dddf5f98b760b505abbeb77a73d183b1baf431e95e7afe7e8a72e54dc42941f7734f"
-                + "f8569a59246245ad643ba8141aa293275e6b323d5d43f7edb6426fbc0c15a6186c5bb6fc"
-                + "7db088fdcaa79b81c076d95ffdbd011fcdc2d95c928a30781f253783e3bc116db85e3edf"
-                + "e69a227f799384e9f505226a4c02e941d26dd8d941bd4d2a215a9519ade4da4f770d374c"
-                + "368dcc6cbc7b4d11287bd2c7ec92ff844076c40e1c9c770e681bf1e09d1752d8625d3333"
-                + "6500a98ee375f774828445e7f88ed8b13bc7508e7c6cdf19b70381ae582dfcd2376ea637"
-                + "b89f1db62aab7154c79e59f104bbac1329ebb7f97d65185e388abd2e9239ae5b30358a08"
-                + "1c9ebdb9b35766fdeed7457079c4a86e7a4e3d809b0193ef03b5b637ea46b881d2abad23"
-                + "cb1b97a5460da4293ae41b46868a5aeb728ab8152882b75d5339d44278c75ef35e6514eb"
-                + "3670b237c6389c1f6b8f8e8eaf7a6988a299d4fc26a89bdd930a7f785844c9e8545e6dad"
-                + "410eeff9f09a68dce5fc13dc331f7450ee38dd9b30941e2c40358991ed394ea3c674042f"
-                + "0f048cb8c200e9b123adba886353e8e52220a4ec753e4e4b4d5648630c16d538c64ef308"
-                + "7f034f7fef5fcb18e183468429ce5e479c7d106149a07560a5a620ec4f5d378110ae30c6"
-                + "b010c42ce3c93edb0f2263c20de6bfa92bdea7206cfd1d981ba87e8221028ec449d5a218"
-                + "7509a1710d4f5023868c5ae4c0defda5183b7f4a289b00159139a3161253ffe47e77ccfb"
-                + "3ef8ee1119ba56b51e5c626de41f5ba197329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "350e70a98dedc81b5021d82b3eeee8819b65a5d26d495b3587604e16fa81c191aa8c2a6d"
-                + "6616a4f7e2aa79404b54e90c5dcc4e9f36583b98849176c37c81837c6c66cad549093203"
-                + "3afdbe6f938875445809dc21af838858319f44d7adfa6699002f4dff8eedccd120a86596"
-                + "c6e22e137009195be5727806b263a59e99379c40d36dc302ec7cbf6629f6387b7bbd249e"
-                + "89de86a1347d64c58468197c808c446cb790ee82dd38ca35b0dcf38f2c523d36ff79d2db"
-                + "3b3696bab3dbcd9df2fd0cb2dda70e1edfdabfcb7656c981f56799ebb799d337d05d5598"
-                + "45d6d39cd3f82d75af9029ec9331cc9393bc214b6209829a340f1127506556f6b533b5bc"
-                + "4cd124281567080393ef624e25ad69ab0f49ea2508563b413c0fa15c4b3264d2a39e4852"
-                + "51d387a5f92f43b4b992a99c625cab324b2e2c84de5982f61eec40186209341cc5587266"
-                + "8be2c533f94caf3bb19b186657aeeeab0ac9fa1af9d65cee92dedda88a48fbaa707dd30e"
-                + "630c1d79d5dd56f692b5f8ceabb1f09316f280c52c7f58d02012b5f9b18408172269c146"
-                + "6b966460b8ed16e6cee281cb26f9fbe499e4245e13d21a226f7be2a19a4b67513eaf212a"
-                + "2b587b64ab16ff8380645eb82d4b23f5a5cab01e126b2fdbdc55c4b0e2d1dcfbb3e3f253"
-                + "137a067a4d579921424401d7bd0da45c1747ab9f6895ea8b5521d9059aa9c2b9f9990afa"
-                + "f0179e736490662bfd10343976b0fed72b0bd9731d147aa4a0a8a41cdceed9d608636f06"
-                + "a3bbe3d4b7a654855715b0f053233a3f82ff3e2076faa5e1b747c59628af3f6df02ef50d"
-                + "dcc5d9271a7af4ac7133b0b6f607aeb0435ec62f0ae7855e248f47fa94a66ac0232950c8"
-                + "776df2ca149bea61fa98a5cf2e4c7cca0a6087b991c0cca59a16067653e4f6c9a3e2394e"
-                + "bdfc59143c83c596baf7823c1c8b5af03da69922ad11e6e4b63f3222b3befea14c9a5442"
-                + "270a74661a1a946c877abe988b59f92a27dbf8fbe1dbcf89f82da90c40531926eb626ad2"
-                + "9752fba00f93749719bdaabff32cc9d577d58b5ba874bf44948908da85c308d91fe85aaa"
-                + "f2f6e9776858c6c29a6febb9117efd187890af5b36e5f545a3ed0e904240701b1a5e2534"
-                + "4936abad9fd87e644ac10aed2ce607980e85ab3caa1d7239432ea50f29b1644a22b261c1"
-                + "de47922264595de355eeeb028e2ed1b650ac02fcc4c3c1fbff39706498dd5f1542b6a3ad"
-                + "a02aa063221688846f0bcb9ebc538a2d576cc31e3d172ee53490327727e095866ef87fcd"
-                + "a773fb0949a8ca78d38bbed89278c0365f13446453798e8633b31895c0afdde5536009bf"
-                + "eb60e785301fbf8fe2b1e2b8ce38c9c8ef2760860f26beaf7a5c102fb94a5b3774dd00a4"
-                + "e7d827433fee3dea117ac9d4705ce757cc20992c6ddf503169230b0de8d53e978e392aad"
-                + "37b73a11ef9fafff808579386a6035dfcfe5372de95234e4358be3a5aba209eeaa91ab84"
-                + "8ec0ebea4d44c4909d234989ea41ce83d69b67d5d2436450632c5d615edb1bfcbaa98761"
-                + "5d851a90d898bb5d200f90bcaac876d9e7b41935f502a35b74816858626e092b0c304595"
-                + "e84a73495d2e772d33b415e224e4b48fddd51aba6454b7c955ac6bee3c8ee091fa6a3b7b"
-                + "75edeee9ddb4496d2ad7e69bbe0c24a03310d2788983528d552cb511e4ae881fcc2bfd78"
-                + "b1e105776e9e9a23d86f16cd943a395a10a279c0b07499017e2e0b8b6bd04d4a7b41b51b"
-                + "6036d608e552710401cf90dc347a6cf758fa3f7ca9b23b92c1387e80613cff3b713f8ac4"
-                + "1d055da4e52c6d326b96e502fc8b1d80e9fb7d42f7775cd2e2ff88c25c1764b061b45bc7"
-                + "f090567c70b87287e9ab7709b71d29be9fd8ecc7988bec715f9ea6157689fbc90c76e23b"
-                + "c9f556acd19dcb6b5d4a3ce208565881e65813cf66e96ad5b2423594bb6956d15c30b8f6"
-                + "b467930a95df238690c973aa95661d8c3cc9a231decf1c00ff0751cc0e1ca4ea99203062"
-                + "927de304c870a8fa40198c58a12661a9ca6526b41b6640c5e4833b65d55a9f4d959cbe0a"
-                + "5d0191fa71ac803b13b8c58208037ce70058acffad8f5f0161ef335282461bdfbe15be7f"
-                + "6b7fe3747eb78eb401087ba30956d8e8d6b9ad6695406a5b12706878b41cbf7275eef0ac"
-                + "512af69c9ee03f6b25e56563e8448e0ab42968d6454ba298baa3f2e3695fcf7c2035c64f"
-                + "4f2869f4d5953aa61076394dc366d03ee5b0b12974254a3ef29553c50bc6d770387963d8"
-                + "ce6b4510e6572371c74e79c3ceca57d99d623cb85d05d9e0bbe2361fb69d987c060064c6"
-                + "b0dd58e7fc3cce979ad82c4c0c80fbc38d868be5044e69cedf2f6fb2cbf6576b52913f40"
-                + "a1118801818f215106e67bc398861a0c9182dabb4dc468a032ac2407a113dbe31c73af51"
-                + "c99e63620927f1a0edf5adb8570f14a1634bb33327d968c7a2cb54d76fc59da7981ea145"
-                + "bc5860be9c7d8c380cc540c739ba0c507ae511b51d86644b5b09ee52c1f50162c77fd319"
-                + "709d06ae01c3a5785e47f59f730ab363ba3666b009b5142944ebcd78b8d1fb0a71ad853d"
-                + "b97099b9250562464190683d42d83090df8e9d35851aca7a3d71df9b8de19009dd6f2b85"
-                + "9665675922b9b769d8f22840f4084b7c888e280a59745d20bd0dd9fdd69f4ece06dedb8b"
-                + "ef37bc0b8ba358c39eddae4d9946999d6989d30915af788cc937c1d067a6edc240b37221"
-                + "ef78e63fcbec1858c437b99424a53df8aa077e11663315d83f786d611f87b742e359bcfe"
-                + "fb5563987cdaf10604b5fb0ba0d3d94b75656c81d526fef110dc8417f661d075af789829"
-                + "6afb55639fa3dd4e9d19638953c67ea7ff42df9f85b048cdc41406f7c1dcd591326870b4"
-                + "e5728c8e1cadfe4c0ece72dd79bd7db5ccfdba4d74e8f70b0917ebd2840ee09a82e8e456"
-                + "9ed3e341c0c5e5ee9465552ba122b25e3a61cac494afa6c28f4af2687b51600523e572aa"
-                + "86c2c0fbf1fc51a3729fdd01d0b3732e8ed37778ac9421db6e8cbb062e6caef2e6d5de02"
-                + "6de22fde2427bf458ea6322d1a979bdaed5b9b61b3a44af020cb494d4e2badb68e8a820d"
-                + "1225df50e4124de5ddea4b335a46b92baa44e4b2115f99086ad91f6b504a9ac356a008da"
-                + "67333bbcea71095dff905fb442fa5c28194f04121855f7ad7f60e901cf9867f858b716c5"
-                + "ee75956f646dfd2bd49f76a64615e28b5f0b67c5677c713128f5ab683a59362e3ba37b8f"
-                + "a7920d8146f3f15497dbf3bf7279d360d2fff58170aaabc0e099206cc02c8ec699807d62"
-                + "4917501961868a52c98378648cebdf92f51d21dd8a1ec89925ef0e571f9e464e4994f1d0"
-                + "284562e005e2a53f2a64c78538e3d82a7a1c9f228c5b08b2e0fb2ad9707d0f1ac41cf90d"
-                + "aa704c96906eafce30002407d5f37a5c34f96e7dd9f92b1477d29e8df7030a62224de68a"
-                + "9320db6653722d6fdbdcc0fbfbda053f9c8f3b2c41765f2916c598035e4c1fd26d1c5063"
-                + "b7d80701e15f1b460987c55e4da30cb04f96ba6b5abb934e884cd489c4994b94de237ac9"
-                + "601c415159e5b4bf1c75b11c47de604f7af7b467c1849459f1ca2f22db77e2975ea99583"
-                + "3d2e395267727d0f8f77ddeefaf3df3ef12f0fdffc46f3d53017b8b0d6dc676d95a5d932"
-                + "7d35e6a7cad33cef87a620b27d72c92bffa26a0d7e8babad5d84a305455f97339f756494"
-                + "ac27670f37a703280d3761b7ea0ae37567bc8894cb1e5d3f3849652a3fc4a5c413f5d0d4"
-                + "2be847c87dd8b7bfbac6d77de51f00bfc81ddcfd418192bdee13843e03a699c52760191e"
-                + "0916523b13682807127e5142198686cb2dd8d0a03559383305acb12b899851d32d5a6af4"
-                + "d87368e8f7da281221cecf66ec2937e34df4f8ebacadc0717fe69b015ce4fa6ba053f912"
-                + "f1491daae582333c0c2c4d18d7f19d926d487380bc19db28d7d0899511858ebd00cc637b"
-                + "f56ded344517c9fe8e14723adcaab57d90d2958901edd47e8b4645b232c9a2c9dac8d286"
-                + "91b7be0179090354d13cff2a01dc9690656f85d0618558487b7c8fa738dbd17fd99bab9d"
-                + "8b21748e6b9b216f7d056788336bedf64449209445d5d103488b847d5ffc06ecf9548824"
-                + "e3c0cf5a84d5646dd55ca3e190cfbd7940e9b3201ce8d7911e14c1de47acdbfd10f02f2b"
-                + "1efd860e08e8cdb658b8e6c1c5a40349b720a6b267aa719df4cc6c7596e6897208881988"
-                + "f189c7806095275e8735bb2f62d19ebca995783d0eb936483b0e68930c31071a43f67900"
-                + "67f119336739ed17a2bfe8fa41607833d6194b5cc1900bf8d19601ba12be8473f836dc58"
-                + "83ff06e885f4eaeaaf05d59970713d3ffb8a972b29391d3bc31808bbced4c5af495f8286"
-                + "156a0c03aea18db2a60069bfc4d14df1238390e4dd816a6edf28ea1ca71cc2ae5d0a26fb"
-                + "b86a3271faf6cc8000765ea310ae979fbe377a1ff044f724cd6a389aa7c24e2f0aabc4b8"
-                + "d408ebfd92b2a40f16125fc4b7a5ff17615c0a50a3c83aa54de3ce8526e215a6de45a16e"
-                + "9d3d358b039325ad378c0abc2448a3bb8089e842fa848defa7ce4f2fab5e966b38830b9e"
-                + "bea02ab0a8225621e9c8ee8908e620ad020c058d7ab25003899c225d77aafd3c492622b9"
-                + "e8ae9f98d512667340b7972b4c840a7afcf7a75a4e176d8867f9fcc26491d74a7827762b"
-                + "3faa51599bcdb2c1bd2a0ca8b407f4b5525f144ac9ae9f7f5349d2832a6ff0bc3749b328"
-                + "8054837e16a910ba8d21ddfb547014b0820a971937087907e7b96f661caac4384fd44355"
-                + "ffecdfebb42c44c244bbd6a5729a194c241dafa0803d67dfbf34b81c6f55ce5fc07da966"
-                + "a688f304eec8f6d47d39c0eb0350c728a0b481999b9984f53d0b542c0654aec61b49b3f9"
-                + "d942d3644c596892c7f0e20c569b63fc2bb9fd2cc737d70892f3a73ccb7f306cb67fa027"
-                + "d162b87d23ecd73b5d0d53926ac0ba21e1bb25f63dfd22c32f71c1a7dc0ad6f3d354a260"
-                + "c139a88d386407b478ae8476e846aef4df07809680ec3d0ebe5382f905501fcbe5af86ad"
-                + "584e737cc018920c19acc39fd5e067279d72c19ecf80b1a6049715be779f730efe9d2cf2"
-                + "1692abf138b4482263b6db65fa00efe7fc1f92877cbf89a7d77315c06ff3fdf149e7f458"
-                + "0131fc88ed7a401e32f87e52c354fa100f343e5520f74d52c86e6e364499aa5b609608b3"
-                + "a4b2936a817f12bed11540f5561d1ee105543ee8ec48adcf4a78504478017f2cf110ca12"
-                + "7d689c5cbc0f80801b98e9db87c18c3dbeff208fa676706e989ec8472f184874cd72e8f1"
-                + "ab7e461f20bf8a9420b9892b4aa70f80450e5b0aa4df5335e4905e6e60608bf180cb2e3c"
-                + "06edcbc705f6707a4f9658e7d22c259202bcbed6947d4631a2064bb44d958e9d3e423580"
-                + "5e148f38f495102c17a50ed44193777d221e4201098882408cf2d5c39c558c8ad2e1af20"
-                + "349784f6c48064d485f951b5f3b2455ea10e4b4c49ae98eed3e0754420922643659f7209"
-                + "3d18647d2919b2e933202c9083c81872d4b12af41013d07cb6fe084581ff90d2c21fba51"
-                + "f20b5225b3c67521e85ef5b56cb4d1255cf117e78d154d9dc8a5a7ce1e076a03d6ed91b5"
-                + "ad76dddf5f98b760b505abbeb77a73d183b1baf431e95e7afe7e8a72e54dc42941f7734f"
-                + "f8569a59246245ad643ba8141aa293275e6b323d5d43f7edb6426fbc0c15a6186c5bb6fc"
-                + "7db088fdcaa79b81c076d95ffdbd011fcdc2d95c928a30781f253783e3bc116db85e3edf"
-                + "e69a227f799384e9f505226a4c02e941d26dd8d941bd4d2a215a9519ade4da4f770d374c"
-                + "368dcc6cbc7b4d11287bd2c7ec92ff844076c40e1c9c770e681bf1e09d1752d8625d3333"
-                + "6500a98ee375f774828445e7f88ed8b13bc7508e7c6cdf19b70381ae582dfcd2376ea637"
-                + "b89f1db62aab7154c79e59f104bbac1329ebb7f97d65185e388abd2e9239ae5b30358a08"
-                + "1c9ebdb9b35766fdeed7457079c4a86e7a4e3d809b0193ef03b5b637ea46b881d2abad23"
-                + "cb1b97a5460da4293ae41b46868a5aeb728ab8152882b75d5339d44278c75ef35e6514eb"
-                + "3670b237c6389c1f6b8f8e8eaf7a6988a299d4fc26a89bdd930a7f785844c9e8545e6dad"
-                + "410eeff9f09a68dce5fc13dc331f7450ee38dd9b30941e2c40358991ed394ea3c674042f"
-                + "0f048cb8c200e9b123adba886353e8e52220a4ec753e4e4b4d5648630c16d538c64ef308"
-                + "7f034f7fef5fcb18e183468429ce5e479c7d106149a07560a5a620ec4f5d378110ae30c6"
-                + "b010c42ce3c93edb0f2263c20de6bfa92bdea7206cfd1d981ba87e8221028ec449d5a218"
-                + "7509a1710d4f5023868c5ae4c0defda5183b7f4a289b00159139a3161253ffe47e77ccfb"
-                + "3ef8ee1119ba56b51e5c626de41f5ba197329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "36ed2bc0acf613c41413dd1e783ab698f8edfcc3ec9fff7c40fd4ef85c7901dd4b4023ba"
-                + "8c8a24d4d7c9a430726dc6fc3fc6d5b3833ad49f7674d281aee5c88eb1842f95eb4e9735"
-                + "2ef14f491bb1b2d42250cfb97a9e29e5513528ba2419422b890d9eaea67e559c237a03a1"
-                + "33a3f3c4f81bf56865f9db1dec717332be0a779422de955e939ac750dd2e2a355a36d56a"
-                + "2525693938965b7104bebddc1ec889f392f3f4262bdaccf9db79e41e4993eb9f4d5551dc"
-                + "c4fca2d9cf4cc5ea08af7c38506ea5da4b4edee033ef10c9088384f9bf8c3982aa083e3e"
-                + "94b8479ff139b52bae838113957c63bb125666a5df6b32b53021e225e0a32f281812f79b"
-                + "1595a4733d946cba1cb3eda1ef756a341699d23d9e1dbd8c577a07e6b5838ea0c2511b38"
-                + "2933f0e6fbe969514823f4df5dde093768971e1438367148731b278d119d944853e1eea7"
-                + "d1d487c3b11fc4be5bdc612da29ecb161eb0bbe05befa9b2c4906bfe56eb5049e1589ed1"
-                + "946fc87533a1f5ea92c97dd91db479eba93a423d1aa98fe7ee7c2338eb0ffd5b09144e64"
-                + "d791ce3b65e71f5a26b87789df79a510931997b28f92ba335b40bb1b23c5c63400bbdedb"
-                + "841d6571a90e4ebe878499d8e47ea956f527d62ac823a51ddca502ace8847ec79ca7f21f"
-                + "95ef68936f4141dd4fe204a4b284d7c8db0cf49193a549b2258d11ca0be5624cc6a7dbc8"
-                + "71cffdd98673e72672f7ab6d23158013eb4bbd390f24d2b213a03f8baceefc65fcefb408"
-                + "c862824c8971223847552681fea3877b350fd275adf1c5394e9089256699542a543ff794"
-                + "1045faa11029ff0bc731f0c43d7348786068943de5ebade0484b82f71ef61428af4cd43e"
-                + "cbb2d70abd9be7134149c95e51fc7443d553a49019b8a078b56134efe45e02bc8fa492fd"
-                + "a8527e6b80f9a080ebee65ec78a9fa114a542c843de794719189aaa7320a7e6ac1e2e63e"
-                + "b12fde40193c76bbf7362f8246679ec03e97b538de7aa7859713d002075585d25d81bc22"
-                + "6998d69d87909a58128065ca98be14714c47e8a80e39d261771f0065250d24294339d01b"
-                + "977cdcf33b72e78286511f8d1c2ba7ae91ae6debf73c7aa8d4710ff0c32f84ebb5cf08f7"
-                + "688eb7f59b823a8fd82e038bc2f82d0cf4527ee6df7a25779bb3ab7cd77c46d1b70a2862"
-                + "a865b714717ec5ef1d9cc03c9786abd6f3162ce710c2b01d9cc38c5b0c5c36d6d1bbe8a2"
-                + "12e2a1e7bc04925c8d6ed3deb0c76914f75690f88a0140fcb05ef4d8708bdc2758719faa"
-                + "efd3633f470c4557a165c6ac5ce087dca8eb4af0d30068dbf45df4481be08bd7be125129"
-                + "7cdff338aa036762f318cd60498cc6eed61afeb6e7f74c14064ae6706452762b9d06dd81"
-                + "58a3ef4c7a5bbe6ccfce722482a578642c8e61f582f4b60e01919c334644507338a6b98c"
-                + "f14df6de512a4a66e3c67f38f63499e1b4e156f5c071a44da4df91f66b096996f4245d76"
-                + "d4391b4f50ac343d67004fec4e2798c2010a6a4159e259efaea66f5b37b00dd3ab1e5e43"
-                + "c476e439c1d905ea841a902a2dc4e02a524e7378a3132d03b883c899f07c7df0a9b6a6e0"
-                + "701a9586453653eed97a4b15ab983092d2dd49392d7ba674bdcb8a5a34d9f08dcec821d3"
-                + "2b8998ce20a3b1e66ffe3a7baa55ddf7b32ec9c5f14ef8de72eeac9b80158b5becfa0b31"
-                + "f9865a93b8318cf0da327801fa46d658f7a0a8c22a2ab121dc2a3cc5f6368def8b0f93c3"
-                + "b4c1c0e0a14e6c9b53a0e542b7ff54e85b00cf0f4ff68f5508be62558503a3c9ca679274"
-                + "03dde0e1a1a842d31a731d4d1cad8e7106f3e32bd9e42051f2cd53efb4a1638bedfa7924"
-                + "51db7980f9c199237971a153916ea40e118edf5a3d7ee59bed0623c5aefa87d729948354"
-                + "910447f55c393c9343af03fb918431daa15de1343c0c813dd9c6159ef2744516a05f72b7"
-                + "7ad31cca3d9c60a4f19b2c243406f6ff69bf41fa0ada05b07771e30f36507751ac412520"
-                + "3feb3ec4ed8f7d961afbdab5a6d3217ab74cb401551b28621c8c975556c24d3d6deaf4e3"
-                + "00bbea75dbc7f048fcc667c9daf6f74749e5052fc8d026e1f8e1b62f1aebfc58c1161b45"
-                + "ba0cb7f69173219164d1bcfd1754a10d8d1ef42bac2b61766f12067ba1de99c51422f6c1"
-                + "4c6676285c6629232c4a694398bd935767568ecf5f94d60bab325a41b794d4502c48e25b"
-                + "62f893a68d94c4a03130e30a13214e6eaf69923203a83b6ceae544b70b61c3938c64bf52"
-                + "9e60cd1243c6c126ad3ed3e934f2cc762e86cb0b52ea22f2e9ee4b0aee233a4caee4c916"
-                + "971c6ab0c8216e7edc410414a56b9092773379fb008e4aa66f4c2562978576858be544dc"
-                + "d4e7d25d9d13dac7cfa6a4d79d13e312234fde7521aca571f4862477e00a28b510d4fc4f"
-                + "7301ca56fec77277633a81e682c205653ce650a0e2314e6ad561a78aed98c5b4250a147f"
-                + "786d0dd8715397149b2f9220fca8dba19d77b1b0deb7434974d9152dcea158108cd39f7c"
-                + "500d5d9176ba414c7bd6b055140eebe229962f56d3654b167dc2ea8e26821678f76c9324"
-                + "e1c0ca538e09a80f2ee6985b6da9177ecf677a1e4c7abba1eb3e6193385fa7119ac584aa"
-                + "1ff077c4f3f8324dab3bbfdb5e475de20ad66a96aa296c0bc302474827cf44e8163ce83f"
-                + "1c71a0f54340e6815cc0b10432f84ccc0a79571f16abe50ddfcfbcf9651cad5f09ce62c4"
-                + "b1c73d94ac57aae66f41abac602b496b4d9b35e66efbc69938a8a05474a7d5f32aa872b1"
-                + "130a914d8b4fec85270c6d3be5ecec8144b979599f58bfa221af6042f791cc49f0fd4df3"
-                + "936c51362e1cc977e271f51ff8958878f27696a651cb1b5308a4d12b2e99d7a45b2c8a1b"
-                + "420302078c962e2218abfdc5ab2678567a88f0b36e02a47275911dde75693bbcb62e44c0"
-                + "5543866d1d10c2dba7f4bc112e2ec3baab01db1c4ad549ab4af11c71a14853b744f91872"
-                + "09905aff3acf686b02212bf48b277f6f5c6fb979c3fa1662814162f51c663ffdf7dffb1f"
-                + "ba987ddf05bf8c21591fa9e6f3811b1bbc19bb29a6ce58d322fcb8269f532067ce4b16ce"
-                + "a3c8f7aeaa56171566a5c99d9bb1dc7aca36f181bbb4b03fe7204ecec98ba4f29dc58b3a"
-                + "ba213fc63e28e96a2a6a8cfce407ed417873ae4e136f2da4d973f466e5af7caaf930bb0c"
-                + "88981ff76a037043789f76a64615e28b5f0b67c5677c713128f5ab683a59362e3ba37b8f"
-                + "a7920d8146f3f15497dbf3bf7279d360d2fff58170aaabc0e099206cc02c8ec699807d62"
-                + "4917501961868a52c98378648cebdf92f51d21dd8a1ec89925ef0e571f9e464e4994f1d0"
-                + "284562e005e2a53f2a64c78538e3d82a7a1c9f228c5b08b2e0fb2ad9707d0f1ac41cf90d"
-                + "aa704c96906eafce30002407d5f37a5c34f96e7dd9f92b1477d29e8df7030a62224de68a"
-                + "9320db6653722d6fdbdcc0fbfbda053f9c8f3b2c41765f2916c598035e4c1fd26d1c5063"
-                + "b7d80701e15f1b460987c55e4da30cb04f96ba6b5abb934e884cd489c4994b94de237ac9"
-                + "601c415159e5b4bf1c75b11c47de604f7af7b467c1849459f1ca2f22db77e2975ea99583"
-                + "3d2e395267727d0f8f77ddeefaf3df3ef12f0fdffc46f3d53017b8b0d6dc676d95a5d932"
-                + "7d35e6a7cad33cef87a620b27d72c92bffa26a0d7e8babad5d84a305455f97339f756494"
-                + "ac27670f37a703280d3761b7ea0ae37567bc8894cb1e5d3f3849652a3fc4a5c413f5d0d4"
-                + "2be847c87dd8b7bfbac6d77de51f00bfc81ddcfd418192bdee13843e03a699c52760191e"
-                + "0916523b13682807127e5142198686cb2dd8d0a03559383305acb12b899851d32d5a6af4"
-                + "d87368e8f7da281221cecf66ec2937e34df4f8ebacadc0717fe69b015ce4fa6ba053f912"
-                + "f1491daae582333c0c2c4d18d7f19d926d487380bc19db28d7d0899511858ebd00cc637b"
-                + "f56ded344517c9fe8e14723adcaab57d90d2958901edd47e8b4645b232c9a2c9dac8d286"
-                + "91b7be0179090354d13cff2a01dc9690656f85d0618558487b7c8fa738dbd17fd99bab9d"
-                + "8b21748e6b9b216f7d056788336bedf64449209445d5d103488b847d5ffc06ecf9548824"
-                + "e3c0cf5a84d5646dd55ca3e190cfbd7940e9b3201ce8d7911e14c1de47acdbfd10f02f2b"
-                + "1efd860e08e8cdb658b8e6c1c5a40349b720a6b267aa719df4cc6c7596e6897208881988"
-                + "f189c7806095275e8735bb2f62d19ebca995783d0eb936483b0e68930c31071a43f67900"
-                + "67f119336739ed17a2bfe8fa41607833d6194b5cc1900bf8d19601ba12be8473f836dc58"
-                + "83ff06e885f4eaeaaf05d59970713d3ffb8a972b29391d3bc31808bbced4c5af495f8286"
-                + "156a0c03aea18db2a60069bfc4d14df1238390e4dd816a6edf28ea1ca71cc2ae5d0a26fb"
-                + "b86a3271faf6cc8000765ea310ae979fbe377a1ff044f724cd6a389aa7c24e2f0aabc4b8"
-                + "d408ebfd92b2a40f16125fc4b7a5ff17615c0a50a3c83aa54de3ce8526e215a6de45a16e"
-                + "9d3d358b039325ad378c0abc2448a3bb8089e842fa848defa7ce4f2fab5e966b38830b9e"
-                + "bea02ab0a8225621e9c8ee8908e620ad020c058d7ab25003899c225d77aafd3c492622b9"
-                + "e8ae9f98d512667340b7972b4c840a7afcf7a75a4e176d8867f9fcc26491d74a7827762b"
-                + "3faa51599bcdb2c1bd2a0ca8b407f4b5525f144ac9ae9f7f5349d2832a6ff0bc3749b328"
-                + "8054837e16a910ba8d21ddfb547014b0820a971937087907e7b96f661caac4384fd44355"
-                + "ffecdfebb42c44c244bbd6a5729a194c241dafa0803d67dfbf34b81c6f55ce5fc07da966"
-                + "a688f304eec8f6d47d39c0eb0350c728a0b481999b9984f53d0b542c0654aec61b49b3f9"
-                + "d942d3644c596892c7f0e20c569b63fc2bb9fd2cc737d70892f3a73ccb7f306cb67fa027"
-                + "d162b87d23ecd73b5d0d53926ac0ba21e1bb25f63dfd22c32f71c1a7dc0ad6f3d354a260"
-                + "c139a88d386407b478ae8476e846aef4df07809680ec3d0ebe5382f905501fcbe5af86ad"
-                + "584e737cc018920c19acc39fd5e067279d72c19ecf80b1a6049715be779f730efe9d2cf2"
-                + "1692abf138b4482263b6db65fa00efe7fc1f92877cbf89a7d77315c06ff3fdf149e7f458"
-                + "0131fc88ed7a401e32f87e52c354fa100f343e5520f74d52c86e6e364499aa5b609608b3"
-                + "a4b2936a817f12bed11540f5561d1ee105543ee8ec48adcf4a78504478017f2cf110ca12"
-                + "7d689c5cbc0f80801b98e9db87c18c3dbeff208fa676706e989ec8472f184874cd72e8f1"
-                + "ab7e461f20bf8a9420b9892b4aa70f80450e5b0aa4df5335e4905e6e60608bf180cb2e3c"
-                + "06edcbc705f6707a4f9658e7d22c259202bcbed6947d4631a2064bb44d958e9d3e423580"
-                + "5e148f38f495102c17a50ed44193777d221e4201098882408cf2d5c39c558c8ad2e1af20"
-                + "349784f6c48064d485f951b5f3b2455ea10e4b4c49ae98eed3e0754420922643659f7209"
-                + "3d18647d2919b2e933202c9083c81872d4b12af41013d07cb6fe084581ff90d2c21fba51"
-                + "f20b5225b3c67521e85ef5b56cb4d1255cf117e78d154d9dc8a5a7ce1e076a03d6ed91b5"
-                + "ad76dddf5f98b760b505abbeb77a73d183b1baf431e95e7afe7e8a72e54dc42941f7734f"
-                + "f8569a59246245ad643ba8141aa293275e6b323d5d43f7edb6426fbc0c15a6186c5bb6fc"
-                + "7db088fdcaa79b81c076d95ffdbd011fcdc2d95c928a30781f253783e3bc116db85e3edf"
-                + "e69a227f799384e9f505226a4c02e941d26dd8d941bd4d2a215a9519ade4da4f770d374c"
-                + "368dcc6cbc7b4d11287bd2c7ec92ff844076c40e1c9c770e681bf1e09d1752d8625d3333"
-                + "6500a98ee375f774828445e7f88ed8b13bc7508e7c6cdf19b70381ae582dfcd2376ea637"
-                + "b89f1db62aab7154c79e59f104bbac1329ebb7f97d65185e388abd2e9239ae5b30358a08"
-                + "1c9ebdb9b35766fdeed7457079c4a86e7a4e3d809b0193ef03b5b637ea46b881d2abad23"
-                + "cb1b97a5460da4293ae41b46868a5aeb728ab8152882b75d5339d44278c75ef35e6514eb"
-                + "3670b237c6389c1f6b8f8e8eaf7a6988a299d4fc26a89bdd930a7f785844c9e8545e6dad"
-                + "410eeff9f09a68dce5fc13dc331f7450ee38dd9b30941e2c40358991ed394ea3c674042f"
-                + "0f048cb8c200e9b123adba886353e8e52220a4ec753e4e4b4d5648630c16d538c64ef308"
-                + "7f034f7fef5fcb18e183468429ce5e479c7d106149a07560a5a620ec4f5d378110ae30c6"
-                + "b010c42ce3c93edb0f2263c20de6bfa92bdea7206cfd1d981ba87e8221028ec449d5a218"
-                + "7509a1710d4f5023868c5ae4c0defda5183b7f4a289b00159139a3161253ffe47e77ccfb"
-                + "3ef8ee1119ba56b51e5c626de41f5ba197329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "37a48a8a9954787f1a81b61f1e9c5bcc59923990c9c84c573552923aaa625e2e1a384e3c"
-                + "516072471a1161241f32de43e46f4eefcf47fb1171a21330e0fe6a2d57b0caace60c2b1a"
-                + "4c2dc4ff194fbddeb08ec103576195ab8de5c9ede57c34ae5ca05f5635d5913e1cd75936"
-                + "57635773ff82c228fcdc69dc7d13014d8b23a013fcdfae8c2d24e8a03529fade94344611"
-                + "d094121d9d75e0d5ffb5c044bffab36e1260401e652d0651a6ef0079c68e20229252eb59"
-                + "1859c7c14b281eec17a53ac706c3413308d4bd514882010b823a40835bd21ac9adc3b881"
-                + "fd5014215bd58487824b2473fc52b67eda1f875709c88b54163d0e2cbe6bcb8b80f2c923"
-                + "4e45ac17c614c21d319aad3d290c920569b677aeade1146b1b721a4046beee62a2277a80"
-                + "8c3c4f41dac0b01d6d4736ad6f560effd07894500b9bd4ad115c57c91e63c8e637785a32"
-                + "1578f15e8809c6b3d9bba2e1982d63e8e1f27969338e65ad8b63d57c34f10dc0c5742bf3"
-                + "9c90aaba2c0c47cd7e4f53b826bb4f636647a43e88c9539c641ff544caca870aec61c154"
-                + "29c7f124457658194448e6327c6e02aedc08ce7e9903150f943b1fa9474fdaa5079f327f"
-                + "1a720599be73f7abfafba15964793ef54fe81eab3e203de5ecff682e443767f896de1d7e"
-                + "0a04b1e973bdd4a6fe640a28f142081b6909630e1cde17c34229424e6328944459ce70ca"
-                + "1c17a886acbf4acc0be23e3480bf8df821fe41a5d715b9400f60427add5135672c85ed59"
-                + "94ae1ae3f1a4af8b193c48e40ffa37827ffe87cb7932f385164d5e8a21cadac4f67cd016"
-                + "df022db9483d9f865564f4428133794ad4e5bae96f9bdbe55eae220107f574ec9f12a72a"
-                + "f278d15cd0acc60474e717f83ae5d012b08aeae4c3021e0a9f855dbe9496a7c728900129"
-                + "6d726618dc82b3c891f94b33abcb282e76c4d1652868d0f6ce0d0fc6af7e7f265d5f0570"
-                + "16256b504cebfb0c675f9a25df344bd9a15504793aa9c8100f3e43667cb5830f1afef829"
-                + "39e014b6d0900129910c94d9d5ac1ca1058d2cdb4b027d5de5983dfa5dd9e623b5bef745"
-                + "4a1efdde0708b1b2447b909413e774f64efd0da8cf5a8e1706483c62ddcdcbe2909a6f59"
-                + "41336b851a8e1eb23d0cd81291cd28f2073df840bb77a07c0e1f4e702597c1aca0366da3"
-                + "db5664aaaea319c70792312c18f58f4d71f78da25ff72b9bdfc7bfcf500e09b3c947175f"
-                + "2f2db565b7ab32df569ad50a4a9ca84763fb9c1f3a0e994a4f81470ab01b32061ec6984c"
-                + "9dc4dc6859e0636318dc597a3b062153cd50116bfccf2c0d98af3c6b63a87b6502a0a71a"
-                + "6f30720e7b3a63cbbaabb658105088c9c72bacb69744ebe63af8ca3529ba7a17147279a9"
-                + "5220171aa671c60b1f758fc9c06f513637d5a07d7d1ac7c024309d1a07b5f7b64eb93bac"
-                + "675fdb93087c3aa84c4ff5f7552bc53faebddffa8cbfd5b953364015afc6d3caed38b5f0"
-                + "17045ddd2eb03f575a39beab4bf9ed77ac05e5d760b5d3d211fc11c3536c5b0ef60d4b9e"
-                + "55d9530d099e8a8ae615c33ba0dd933bd71426276d05f06373b8f413ac3750cb4aec5bd2"
-                + "b4fff3fbd20fa2c063cc3ad7fbf2aa4fab7560aa34c887cbdd9c6cae42a34ad8f0791ac7"
-                + "95194266ae927656ec62bb8a55baa9b5716c207290cd3df2d8d09a8e21a1cf3e0f8f0d48"
-                + "209df96f801d87e05cb5113a4613816398d02433924b81717b593ef3a9ae1e8bd58579cb"
-                + "62de7cde3e788828d03b4afc80360c99c04879c6505b02e5d7c5bf924b17a473062659d0"
-                + "3cf3c6e8018159fbbd0059cda6922257d9f033aa2bf98998366ddf2add6dbcfdc147bef8"
-                + "1af2d87f09ca613e55c3d171791aaeedc6da951bf7c9e3a0872db533bfe78ae2d5ef43cd"
-                + "b50d1c1855c907b43b7410d82f6b5d99648a9b6bede46d847816c0da41ea630b084142f5"
-                + "09bd407b13373505244d5ccd6162dcda183ee0a2792d8f81eabf38dd97aa96a9b1d65f40"
-                + "be5488a0acf3699142cf6375f33dc60986f4b5cec2cffa853bbc1080384dc829d418cde1"
-                + "ec40942f6916b4418c882208b2fb158c28a8a806e0767c134976a74ade423a914bbf6837"
-                + "5d15ec3ac9e90380e59254952ae443186293a14eac84a0e06183b2892818ee51348feb2b"
-                + "c1f87886b3dc8b06b93f1db27399b943ce05aacd04bd6f36377a9be3f035d82e02da8fe4"
-                + "cd38e80b9dcb1eb4b0aac9c7b54d4818f729b239b865a1be96e6c421fed296ca8f3e257a"
-                + "554fed520ef3cd1e019a167e1511a281306b995c010e57671725dcce14b70a0222910098"
-                + "483bf2a8ab87fed47cfb4a20749d66f5d90b1afc68d8624a7fdcbba594c7839d019386db"
-                + "a72863e305582cbca848ebb045a87a387f535aed00fa8f93a1847ba39ec4a616efac860b"
-                + "43e8c7ff77cc17d85eda912a4be999e4ce86a6bf84512edf8ce6581b155994b8953fabc4"
-                + "57af3060c749d5ceb26b6ae21dfed753dd7f25430a6042112104c67641d0731bf43501a0"
-                + "911b7428a5ca375eac981642c2b5cb22d5dfeccaa39e1c9b8fa811bdf2c8f760ccfc4ae5"
-                + "7e99cb9e92fa9d13452fff8b12316b66eb66154afe46af9c8efe7393cd13abd01f7e9741"
-                + "80f235f4fd1eb12c4b7c2832579b4cab47e19cb21c895acead8551e1c2faca290d4522f9"
-                + "f0ae42197cbb3b5b46c5d970356a20ff452a080a19d1a9db6c8a9fe8a9b83c56786a49c8"
-                + "9663c48bf1e02540d96d8e24f16ab887f3f7855d35adc4ed9fb18d7a78dd13d046f7c736"
-                + "929dcbbbe07c725f500d93a8edbc3be8d261f27b6f6fde9ae6484d8b008b7abd42e29e2b"
-                + "9031b27bead901418ced3a03aaf3caf792cf39f956f247918006ef874b67f2d33a180bfa"
-                + "5d4e33b13c8d0c65862683607d93c3dc476acfce20952a259b395eed13bd542f48936992"
-                + "df61de8e1437fa7739fd5423b43f8ed900e09b5cce1b6edde567cd046983fe80be36a5cc"
-                + "0f0ecc4e2ba43eef2bb4c5a4a19822fe3ee8c487f410abc8367403f5536be677a79c2552"
-                + "25aa930207c43b1e7419651e3c600c77fcf6728a429a63de4f6d006ffaab687452d65801"
-                + "ed53cd68aee6cc7c4373a06bcd4579035276c43cd3869a6691aac4c019e4bb433e518bee"
-                + "d443bcbbf9bdd60a1245df257e07ed417873ae4e136f2da4d973f466e5af7caaf930bb0c"
-                + "88981ff76a037043789f76a64615e28b5f0b67c5677c713128f5ab683a59362e3ba37b8f"
-                + "a7920d8146f3f15497dbf3bf7279d360d2fff58170aaabc0e099206cc02c8ec699807d62"
-                + "4917501961868a52c98378648cebdf92f51d21dd8a1ec89925ef0e571f9e464e4994f1d0"
-                + "284562e005e2a53f2a64c78538e3d82a7a1c9f228c5b08b2e0fb2ad9707d0f1ac41cf90d"
-                + "aa704c96906eafce30002407d5f37a5c34f96e7dd9f92b1477d29e8df7030a62224de68a"
-                + "9320db6653722d6fdbdcc0fbfbda053f9c8f3b2c41765f2916c598035e4c1fd26d1c5063"
-                + "b7d80701e15f1b460987c55e4da30cb04f96ba6b5abb934e884cd489c4994b94de237ac9"
-                + "601c415159e5b4bf1c75b11c47de604f7af7b467c1849459f1ca2f22db77e2975ea99583"
-                + "3d2e395267727d0f8f77ddeefaf3df3ef12f0fdffc46f3d53017b8b0d6dc676d95a5d932"
-                + "7d35e6a7cad33cef87a620b27d72c92bffa26a0d7e8babad5d84a305455f97339f756494"
-                + "ac27670f37a703280d3761b7ea0ae37567bc8894cb1e5d3f3849652a3fc4a5c413f5d0d4"
-                + "2be847c87dd8b7bfbac6d77de51f00bfc81ddcfd418192bdee13843e03a699c52760191e"
-                + "0916523b13682807127e5142198686cb2dd8d0a03559383305acb12b899851d32d5a6af4"
-                + "d87368e8f7da281221cecf66ec2937e34df4f8ebacadc0717fe69b015ce4fa6ba053f912"
-                + "f1491daae582333c0c2c4d18d7f19d926d487380bc19db28d7d0899511858ebd00cc637b"
-                + "f56ded344517c9fe8e14723adcaab57d90d2958901edd47e8b4645b232c9a2c9dac8d286"
-                + "91b7be0179090354d13cff2a01dc9690656f85d0618558487b7c8fa738dbd17fd99bab9d"
-                + "8b21748e6b9b216f7d056788336bedf64449209445d5d103488b847d5ffc06ecf9548824"
-                + "e3c0cf5a84d5646dd55ca3e190cfbd7940e9b3201ce8d7911e14c1de47acdbfd10f02f2b"
-                + "1efd860e08e8cdb658b8e6c1c5a40349b720a6b267aa719df4cc6c7596e6897208881988"
-                + "f189c7806095275e8735bb2f62d19ebca995783d0eb936483b0e68930c31071a43f67900"
-                + "67f119336739ed17a2bfe8fa41607833d6194b5cc1900bf8d19601ba12be8473f836dc58"
-                + "83ff06e885f4eaeaaf05d59970713d3ffb8a972b29391d3bc31808bbced4c5af495f8286"
-                + "156a0c03aea18db2a60069bfc4d14df1238390e4dd816a6edf28ea1ca71cc2ae5d0a26fb"
-                + "b86a3271faf6cc8000765ea310ae979fbe377a1ff044f724cd6a389aa7c24e2f0aabc4b8"
-                + "d408ebfd92b2a40f16125fc4b7a5ff17615c0a50a3c83aa54de3ce8526e215a6de45a16e"
-                + "9d3d358b039325ad378c0abc2448a3bb8089e842fa848defa7ce4f2fab5e966b38830b9e"
-                + "bea02ab0a8225621e9c8ee8908e620ad020c058d7ab25003899c225d77aafd3c492622b9"
-                + "e8ae9f98d512667340b7972b4c840a7afcf7a75a4e176d8867f9fcc26491d74a7827762b"
-                + "3faa51599bcdb2c1bd2a0ca8b407f4b5525f144ac9ae9f7f5349d2832a6ff0bc3749b328"
-                + "8054837e16a910ba8d21ddfb547014b0820a971937087907e7b96f661caac4384fd44355"
-                + "ffecdfebb42c44c244bbd6a5729a194c241dafa0803d67dfbf34b81c6f55ce5fc07da966"
-                + "a688f304eec8f6d47d39c0eb0350c728a0b481999b9984f53d0b542c0654aec61b49b3f9"
-                + "d942d3644c596892c7f0e20c569b63fc2bb9fd2cc737d70892f3a73ccb7f306cb67fa027"
-                + "d162b87d23ecd73b5d0d53926ac0ba21e1bb25f63dfd22c32f71c1a7dc0ad6f3d354a260"
-                + "c139a88d386407b478ae8476e846aef4df07809680ec3d0ebe5382f905501fcbe5af86ad"
-                + "584e737cc018920c19acc39fd5e067279d72c19ecf80b1a6049715be779f730efe9d2cf2"
-                + "1692abf138b4482263b6db65fa00efe7fc1f92877cbf89a7d77315c06ff3fdf149e7f458"
-                + "0131fc88ed7a401e32f87e52c354fa100f343e5520f74d52c86e6e364499aa5b609608b3"
-                + "a4b2936a817f12bed11540f5561d1ee105543ee8ec48adcf4a78504478017f2cf110ca12"
-                + "7d689c5cbc0f80801b98e9db87c18c3dbeff208fa676706e989ec8472f184874cd72e8f1"
-                + "ab7e461f20bf8a9420b9892b4aa70f80450e5b0aa4df5335e4905e6e60608bf180cb2e3c"
-                + "06edcbc705f6707a4f9658e7d22c259202bcbed6947d4631a2064bb44d958e9d3e423580"
-                + "5e148f38f495102c17a50ed44193777d221e4201098882408cf2d5c39c558c8ad2e1af20"
-                + "349784f6c48064d485f951b5f3b2455ea10e4b4c49ae98eed3e0754420922643659f7209"
-                + "3d18647d2919b2e933202c9083c81872d4b12af41013d07cb6fe084581ff90d2c21fba51"
-                + "f20b5225b3c67521e85ef5b56cb4d1255cf117e78d154d9dc8a5a7ce1e076a03d6ed91b5"
-                + "ad76dddf5f98b760b505abbeb77a73d183b1baf431e95e7afe7e8a72e54dc42941f7734f"
-                + "f8569a59246245ad643ba8141aa293275e6b323d5d43f7edb6426fbc0c15a6186c5bb6fc"
-                + "7db088fdcaa79b81c076d95ffdbd011fcdc2d95c928a30781f253783e3bc116db85e3edf"
-                + "e69a227f799384e9f505226a4c02e941d26dd8d941bd4d2a215a9519ade4da4f770d374c"
-                + "368dcc6cbc7b4d11287bd2c7ec92ff844076c40e1c9c770e681bf1e09d1752d8625d3333"
-                + "6500a98ee375f774828445e7f88ed8b13bc7508e7c6cdf19b70381ae582dfcd2376ea637"
-                + "b89f1db62aab7154c79e59f104bbac1329ebb7f97d65185e388abd2e9239ae5b30358a08"
-                + "1c9ebdb9b35766fdeed7457079c4a86e7a4e3d809b0193ef03b5b637ea46b881d2abad23"
-                + "cb1b97a5460da4293ae41b46868a5aeb728ab8152882b75d5339d44278c75ef35e6514eb"
-                + "3670b237c6389c1f6b8f8e8eaf7a6988a299d4fc26a89bdd930a7f785844c9e8545e6dad"
-                + "410eeff9f09a68dce5fc13dc331f7450ee38dd9b30941e2c40358991ed394ea3c674042f"
-                + "0f048cb8c200e9b123adba886353e8e52220a4ec753e4e4b4d5648630c16d538c64ef308"
-                + "7f034f7fef5fcb18e183468429ce5e479c7d106149a07560a5a620ec4f5d378110ae30c6"
-                + "b010c42ce3c93edb0f2263c20de6bfa92bdea7206cfd1d981ba87e8221028ec449d5a218"
-                + "7509a1710d4f5023868c5ae4c0defda5183b7f4a289b00159139a3161253ffe47e77ccfb"
-                + "3ef8ee1119ba56b51e5c626de41f5ba197329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "38f70027d489f630a20da8764d4d2c3ae1e2aec8835f19de51b48cc01c20beb5213e6871"
-                + "603738088e0969fa4b87e18a027e037c0ec0602258943ae437031061dc273656a2b14c29"
-                + "c90a568f465b87f8f3ec305e78c1bbc996fee42c85ae3779edf6a02aaa7f6ba65dac45ca"
-                + "b3b1d5796bd8219ac8034d419524d6485903a6d66ab0ec43577b5376808c10e99516db99"
-                + "08fd743c3f2132e28378278470fa852137679ac5f25f9fada9bc596c126fe2217196e9fb"
-                + "90b9fba8b2b1a924aaed580840030f89a4a782517a4ac33f4b46ef52bc39ca88cc76b096"
-                + "5a7797554fab30dd887c305c48545ee7677213af71461dbe7a9cf9e0db1a4740e5ab030d"
-                + "dcee14ed49694b6dd5eb6103996ea68803a417825821b42be08a18645484ff2042804dcb"
-                + "d2386b167fddb429f401079e5cb5a1522c8c278ede64289e9d97289f428f7824868a2217"
-                + "0b0dcb5851a1beefef86d9bf3c18e9c59a9ba884a738f242452a768616cf1ae5db937a58"
-                + "a89ce213fcdc544c2525df3d1c89717064f132584c0fd86e58ee21f5d06bbd36a62877cb"
-                + "8d7e41972d1e65bec1ce1246ef00cf1aa5878713110a89fa18a3cba679664985be0580c4"
-                + "81b7b1694340f8a1f39ffbf07ea3ec489e2847d1de83b885f9a74f27b112088aefb856d8"
-                + "fa98aac7197a3dc8797f82c2ab2ae2a0e0e286478aff121012ac6865f2a6f3fbda2fec61"
-                + "62cfce60f3b53cd04cc0636fd890b7afecb59092d5a4752533cc3a4302394399978be0bd"
-                + "6dc441d2b6544e5791511dba63eb2b935dc45395ca656befe64118cdf2acdfd180c5e1e8"
-                + "d5991b64bd4b59d06522908de0b7dec283163a0911a86fdaba0cd4653fe44507a480b1ad"
-                + "878ac9b5f7422696a0e01de1b84b0db8dbe630dcb1d6cf6538e546ecaa3c8670b049324f"
-                + "8ecf2f75cd2aff73a0ceac672e1d6477d13dd5f127a564d1b8e64464d24dd0682901a21a"
-                + "85386ff561f7b2f735f95355cc90d76cc828804da20ee52bb5b273033a70ca66819086ae"
-                + "2373efdab77c67b430104ccfdcd5bacf87cfd6d058aa6ef00cf53b9ca42f6c11d0f5853e"
-                + "ec1266a82477a4a8b0034feffe3d24d2a6fbc396f085832ea59863bf18e32408894e5685"
-                + "4479ad24f2bbbb2916df0c2688aa14661bead8f3d245a7b80faea3fa52c7c5ecffc4cb9c"
-                + "b0d7f2a0d787c1df3b5ba3bdde55c433ee51f835952ba14ed5c991dc52a4ecf3d1b32960"
-                + "c7c7968f0e0bb710e306dbaa63ac4d0e049897d362d08bc7b6b2f19332c24b26f500c1ce"
-                + "c58a312944a02580bbab54e751559de1e168aa31a594684ee9fe1e8e982677d8108ef54c"
-                + "ef267372e76233fb6be4efd59da9c8392bfcdc8f889347cfcd0b84fdb95c8935115529dc"
-                + "de567ddcc5c7779209f6aa7ab19f383c54ed5ef0667d6e2979963c66babe0053f3a17c41"
-                + "b417dd6fe86a03b6e12a3514267f9d2712f85a1c70c20dc83b08eb3997055b9a17b01f1a"
-                + "9a84460aac5f3f5dcbd17cbe965331e30eceb8d15b9aeefe009ddabeff50ee673ecbf2f5"
-                + "0f3b87c08597cbe604e88624d3d98af06fdafd476ea7ce546215025d12c5a303d4f743d2"
-                + "910e9097748ca1c5252cbad7099a4850f4183a5fe07be119826fb71c580fbdb1c112b76b"
-                + "b205e51b1ddb270c9597e52e573172286add0cda49ffb089cce8fa0e8cad1659d623a395"
-                + "11b17936660332a1ad8af60f04d02f9096ee965144824f8ab92f2b31ed17ec89b16d93a2"
-                + "a7e468450497a27ee4d4be6e4bc469f5f9aabefe9c8b41e91212c05c6904cc33e71e33e8"
-                + "fe296ba0e920fc8aecb20203c804ffde759b1bbcc48d07ddbbd36094e4d2f919b8f90ce7"
-                + "a928d279600a11891649d5014132c3c094994bf6d9522716364299c00f7a28e017ff8a61"
-                + "4ae8a80a2a79757543332beb4cc2b980494ad13b9c0de125d34e2322e9e03e3c2b5c1434"
-                + "26cbb6e52a322107ff13b39c662703537c8bf93293464c428aca016738bb1aee0db06b52"
-                + "9112e697b6529e5c62d8aecaed87bdb4cb98d26ccc042efda10fd2bbadc1838e828d37cb"
-                + "c978326fc83593f76100de20903c42658130c7d71002c112389d792383a1d457c838bd95"
-                + "11703776b7367052c97b5a64edc62eb255c69ff9ff6506510c065672e52f23f495321d4a"
-                + "7709a45e94960e2d4e5eeaf70bb9ccc65f9942bf2f6618f24935b02843d773d04afde33f"
-                + "cc4cc8cc271470010e30aa0006cc48adb69c33ded04e56e7fcbda14641a81772524ecb21"
-                + "1b85b50d2589f47ddc6cd5eb7f0442690f244674cb4e053e4ec57df643f83654295807a4"
-                + "1b1a237d98470e34da114d3a86a02af2aef9a62dd5542548160b2c8d327428a19a9d5df3"
-                + "e10f8294632fa9df68ae61458ded056233039e125b58152fbf23f9acbf8c01fc829b5c62"
-                + "234b9a29be37658204eb9622efa647b6c76b0c8ec6368664a35e5c2daaefa25153633ca3"
-                + "79237441aa9fe88127f232bac07dcb10c152dc4dd0cc9f58349063f4e554b6941d69da2d"
-                + "d26e76308e7fd413acea557f9c12c8d5530ddf1bd2714aa0c89cc4ec00157d08125f22f2"
-                + "d08a1fc2224f4ea9ce714ccad43f562d5c82b66394f5fff4ac7bd2eb96386061f175e1dc"
-                + "919f78a969ece6ac955b6a37c8dc9c03e654d84993c4266b56fbdc3f71a55c241c061562"
-                + "3cb403e59f8395ef761a3112d7673731f4431bac19adc6912b298f4903bfd0664cfd5ffe"
-                + "7927459a47d73bae35c090a5efccff98a65219ed3cff613fb43460c9b031c5d449a7d4d5"
-                + "0c970d5dd358d896677c91e40f3afd1189cd752514f7bcec89126648979f17836ba2116d"
-                + "9036d608f6f83dcc945f859283f27374d6ece760d847611e8706cc1f6cfd92992f7a746e"
-                + "d02d609942c2a3168040ad66f84440c1ab9f1035511db2ec72dcd86667c28bf4d9397cf8"
-                + "77d0b6c1f6be25aad63e1f227c1a185801ba6db815f7b8b6b8a0163188271993ab0e9665"
-                + "6c3cabee65450b7ed4fe62c831103343fa1c5f54a7ce6ea2dbbf70acf501032140de08cc"
-                + "eeb883dd337747351c36b6b5d6449a1df48f9df9ff16a2842607e1b08be8ae3d69cb1ad7"
-                + "30e01a3f03267946b3d07a915ba014b63da7ac44f6082252e619a7ac9fccf585dbf15b2a"
-                + "c57eb660602a077e9c32f425d71d15f449bbc588283454d94eecc36b06287d874fb97472"
-                + "77065aa8f7c0c3630d7a7a380e89959a95f3c25eca41f846e7a398c51906f7375fccd476"
-                + "36b1609009eedc517b616c5fea4b9946b83cb72104b5e160d84300f8cee9cae72a659834"
-                + "0569fc1b97aa3083dec862bf5d781b5f15b9d0e10cf9264f9eb2ae99448dff2c9a89c9e9"
-                + "6e176b212b7637a1511733e309447ab932d87f8069f694b42bbd456a503b5c2b5c7876e4"
-                + "60f26138aa68850deae1de2ade824f27721ca0a089d2edb7607a58b0a6a40b10788fc3ea"
-                + "170427fe5b8c0de92797890bd44c9e9c4512a299ce47ce3bdffda2b54cca10bb0656d036"
-                + "1fe1fa31590f01c8902ae4d99e416d0805b416da8c2fce263be00823bfc5b703364eb8d2"
-                + "9af02353840927a369ce6060ad09e517ebb90dd1b9572133e8ce12b2cc1464ef645ad2ba"
-                + "04fd179d27b052fc5042d1ffbd9ebe2ed6c671095e677d54b2b6d304d7e4a929ac011183"
-                + "d7cb0c2ebcb94eaadeade0912e17b0bac06e092358d911ada7b1f6cc25d333976e8740e9"
-                + "266e1af2045fe5ef361d4b624d8b58ffd71ee6113c79e221405a8e9d244b84f4ee0aded6"
-                + "0ef160a937ef34a4f12d91f92f84997432fa484c1eee881ca5f7384c9cf1a93fcd48b4ba"
-                + "669335d68a2745bdf315fc70e3870b7f2ed8d72a5ecec9858dab33e4b8a0f81600300a20"
-                + "7af29c6a4ed63dc40f00fb08bed452dccaab699cd8e31b805118482fbd3db5b10662a194"
-                + "da222e5f0cbb485baded120a3d64a42b17852b1ed150858de3e42050886afbaf608b08a5"
-                + "ab6be149853ae37c0307aa06a0a47ce2f06695ef55c9d051a1faec488e604d0687be84d7"
-                + "9dc639ccae00c438882fea4b737505f75de56ee099c110ccc05e6153da121cae4ee913da"
-                + "84f0e31c9f394f7798f01dc211e2a2d0228ae69e701f8d03fc081917ff83a20c42957615"
-                + "def47fb46cb33a4f2bf94febed7970e10425e9d389b2b080a060c89d0b78f4e0bd6595ea"
-                + "e225acd01d0c89b3e4bafc85d43e19d28c579c31bea7197a394eb68204483855b47298c2"
-                + "a6bfeca80c290cbfe4d4fb9d097639e83c7af928f872804af5cdf2c70f0cd80b6cbef7d2"
-                + "1bcb34ca8f85eb0e779ea8d0a3edd90708bda16f55738e2e4f671adb7fc8820fc72ecef5"
-                + "6df3632406cb884a6f575bbbc93724d9fd01dc5a89bbfd62c2cc838039b37a977a27dcce"
-                + "08b379007f3f2b8f06fd0960a4994b93c5c85b08f14cd66ca5d90e53cccea433fe7e9836"
-                + "734b3f833b00913eb80c1bbd9e90f88d714bfd0ab0b7928be35881d6f58e7a72fd13d18a"
-                + "a587134f8b5a7985fad32bdbe347b7700d8ea5fcb317e054c24ec132a27018d273230921"
-                + "fcaafac0c7deab9a77e7bec0308af72b3ad1192edbeda237b788228a515b17585346a1bf"
-                + "fdebfafd62ff24d6877bfc6b15aedc6b638aa87bdd7ee2e23aa607a16e4f66065b808f0a"
-                + "a4dcc355d57db0e76a66fc42a39575624bb4acb9da91e67e101e0ef341128dfbdde7f4a0"
-                + "f20d79d739c4a3e11bb1b90b7b8e3e7ba7f3c10841ed2e99777af8e0a64d20a540df6555"
-                + "0dd6a089426f82fa1bf597bc03e46f41f9be6147b867643795b7e93e7b34568e210ff4d8"
-                + "2d46e834f011e93972099978889fe98793736ae88dc35d5aa99034fda93a22490b685cbf"
-                + "97264bd719df5d54c3fc23322ab5cfd8d3e7063e1fba9542c662e269e93289d71e1966ac"
-                + "94706e74f9702aed3053f40bff842e4c02ed4753ca69768bfff599edd089011d9752a476"
-                + "888fff2d8734f4ff882b73281e5fcd7e30f0f2633f53b58f13392e11903a93cfa23ccb8c"
-                + "49c00ef344fcf249dafa38d321714633c129498df70e0e8370db620c2490bcd99be38e67"
-                + "dc3d18911d87845313be28e17e2ee3bbe0ed7ab8e5a98d68c1c5e07f169db41e111f98ee"
-                + "858fc7346a5d4e7ed184b2b60ab441b1e3b186c58b2ac33ffa547473767276efd912303b"
-                + "440a58fe95091efde1360e6513a9e5390906e18e302173005028325d34f70a8a85f48bda"
-                + "bae0f15c33ec997d3d4acb6d3bcbd2434b0a83a1fbecbd33fcdf31e4a4044e201257836e"
-                + "cfe7b4c84a181827536eb95fb340da741d3827095350caf3964cbfb2eefe4e8ebb257ffb"
-                + "0904187df2eac9afc6e5e35caaf6e6a855d43b6e445fd91419bbceff8d30832b5e75b2ca"
-                + "5561ad64c306b09ad0d2ca3d17ea230bab0e3b6c1566eeab4693431e683057f07fa77099"
-                + "227a5c3f05308c8c3fb63e94a847003e0f0a78bd936d59b589c3e70ff70b9c688d43eb78"
-                + "35366a6574b0701e8804be965d7a2d2ec408faf31e6a68522b0b8da3cdba52c76cef757f"
-                + "a5fa466b542d5d57ab1504500a07037e1353b244a4424082f66d35aa99bd5fbb9a702362"
-                + "d81812771aac607695050c62cb589f00d614695b163af1e86bb3e6c1505609032576dbb1"
-                + "4d42b421e72561482737faadb6fd823dec0e1310a99c9936a22017b9149ce23cbbdf77f3"
-                + "4a57050b5f3b414028ca939c31e95655e909c630ad9dfe3f3f09a250e578030f4c3e9099"
-                + "dbb0088d58e1b4046b97b2f61d9a2be4cca9bc0240f06075850045ee17e19ec504e4ae27"
-                + "3934909cc4840fea6766af2592fd6c12f3a82ab05856a646786184c68ac2020d2a8fc782"
-                + "8717cb2f89cc2d42046d8b618dfe4fa9e90b15d5c08ac3bac5c197eac5cee915e3fa0c6c"
-                + "4730110f2da5e66c0a124c26a62ede1e2de4357b275ee84d020410668a3efa1e828cba53"
-                + "c62150bf2691afa904762f2aa0309bcf67d023cd62d1b7c37aea8b1d69e36e07f5b81828"
-                + "85d3b526b02b6ba5b3647364ceeb601dd90c33d466779fd06fcad909db0fe5f376108786"
-                + "a82d336cc1f79fd23264e5455938ba924fce91d6f94e0ad00275b5e5c063ace5ffcf48f8"
-                + "4e370c90b51c1327ff6e5105699795201784d8479d695cb70567f8f06698386e751a552f"
-                + "e72bfbd773226a10eacd32fa2cebea1403e796c2e1c21accc9f76ed21f05549fa17f10e9"
-                + "7bb8736cf345d70b2fcee0a2c0044d02b5615c2e3f5075667942e2e39a40a3630fceec36"
-                + "53450b84307bf027a3bc78033ddcc5841ef3462e34da3778c496bc3f29d55ca47b64db23"
-                + "ce488170a5a0498a3a0cd0065b6ac1a8676ef1dd5bd8b14f298390a29c1df1403db94993"
-                + "b9537b3e018d82875623b1ac6ef0b549cd2b9676cb9b00159139a3161253ffe47e77ccfb"
-                + "3ef8ee1119ba56b51e5c626de41f5ba197329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "39d50598bf0157950c6f626fb8cd21ccfa55e82a86e8fa45ae8eddc18767b1b0a4a5d508"
-                + "0511c32a0cee5631804458861a86fa4b4c73f2db345b05b2dd67861046d4415e87d0b0c0"
-                + "a639f74c9fa3d4fd8bdd56e55034ea341787b565b07c76f2bd49e5cb57d10660f79dd06c"
-                + "d4f604f051d01b3fba10f9285d436ee7a8d8d61791e006eccc98a2222495ea3016365bbf"
-                + "e73b94ff1202fea5cea6aa20b5f82b2497e066e6a803533fa6ce70317bed8e652f470202"
-                + "c9b8c0cc72e2573251a0f5f70e89c121993eae1cb6740088010e0753b174ca4f6fcf236b"
-                + "1eb55915de61b079c9c2d05a34b274fc1915fb44ba6681bae28a7644f49fc8493a4df168"
-                + "e690eb994642ce1fd175951338e54cddd103223b8824c68804dc62ec754137132e3779b8"
-                + "2ed74b123fc52943cad0d0bb06119ac8fb9b82fe302f7641af849775bb1db27d01e0c531"
-                + "1b9d03a6bba9719be72e337cea2209b3b9a0e400f6dae6dde69e618c865aa3af16ef1ba4"
-                + "d9b48ef5594f7670e7c472e2be49a6ef06efd2ade1665e8182bce220eb9f0bcee0ab1dc6"
-                + "7a1f3657764fb8b2ca62e212f20ecdea55d7384a38907d7b757d2a03130c08abf65b56d9"
-                + "c6ae54e1d9acd994e62453fae9c43630079502b0cf33d22dcfd516b8d2bccde2fe70d74f"
-                + "d4ae24ab5444e6ea299e13c5448eed5249da2600012fb95b4addc28b3a4c15689cb416c1"
-                + "19d73a65f0fc35c7c7a2b0fc365f8fe1915956d4d70e418ff62612364a9650bc0d485ee4"
-                + "9373fef0226c97d2a6232984fa03d4be23251c677a8022cf8a9212d0de901e9d06187753"
-                + "f3e22995aef87284f0ccb40eb92b1af7f64294ff3b2bca09456933785c06f5edb0648c2d"
-                + "86fa5c2bba934cd2c4c4d0149e7f3b9f0632406d1724bf1674d4053a42d88de9ebaef134"
-                + "adfef817b1d6b026816830dd87e2ddf31717801b93d59f2148c28c678f17a15349283121"
-                + "94942b6e9f89eb274bbe78347f5dba939206081df701fa0c05ffca40c298e8e4d3edf4e6"
-                + "5a25a0a813b8baee8d82923fb544755f144b49dfb812a58c0bacdfd62bb9aef1a09bcee7"
-                + "25f34fa2b8378bb45c428915fa52d2c165c9edabe3881dd97dc63dd7e3a907c1ad3cd2bf"
-                + "3ad41f3b52a3ca21d3ae072d981b84162a02e6556afaa22b593cc56dd8569a18cfed408c"
-                + "0f843e97276f98bd492e7c7f6277fe1ccbbe779b1dad3ab9ea2eb23868933fedd64ae9ab"
-                + "90ffac1e5b4e7ec86eebc685d56abc25a61ea63ff2bf5b5abeeb8fcdb861cffaf00cc9bb"
-                + "cd55ef8b23cafa0669f61f30851a0fd08bffaf7b1cdce86a403c5979fc5a979b25727089"
-                + "109b566aadf5829119af553b5df31c298c2860e6ebf236483f4b7875b314b909324ae34f"
-                + "03a4c308730131a8a6aafa85ef05da56897dda189568062be7e791b66f62c38bf7363069"
-                + "ba583d7caad16787ea288e04bad498cc581381155b98c477f1008f484c72bf1843c3e86c"
-                + "f9daf9a1d45d8d9d6cd55d95d541fd855209417ce91875ca5ccc92903ef906a34470ea81"
-                + "8f4561cede77117da52245cab83844f696730ef096f3d46a3abf5cd2888700e2d38ac8b6"
-                + "614d8da0fd2a05c934625af8522fff875d907dc69545173732a2f8030071577b13508f6a"
-                + "ea3174628a22621d32da0e45e1bb9612637654a9f4809528514877d5742a6d4cd8ed6f64"
-                + "41908789b4ec320c6045f7f88488be698b4e4225c794ceee3dc1027e37010182c62e5a8f"
-                + "5b5461a50ccf2cdca8b5e6aa72cc29fe848de1437377685712783eb0cc215881a1792207"
-                + "bc2081b9247fcbad21dc6edae817f4df57e77e3dc67eaa015e661e264f939d7dae79662b"
-                + "373aa526c229df7ff15db854db59e91feda24fd3070364e1e9f34d5dded17ffc68a4c226"
-                + "e4586c8e85d1f20f7cd36a99a521c0156afe65c65f95cfb0aa1c6e6f8ced73a726c79a25"
-                + "be125dbfbad7683704f54778d14aa5beafb745bb9c4815a273581a2c627b1a6758f1c09e"
-                + "46336d10dfcc31a832eca9b8fe61e2c6f97923a7734d8620416cafc788cb7c53cf79131b"
-                + "b048b97f3fa372a5e0ec01e677c41496e67e6a585eda533ddd76ac06b05a36dc541b2019"
-                + "ac62d32ef03967516e86c09eaf8a042e61213e4169690d8d2caad79389c31c97ba9efa2c"
-                + "b8e4a396b197d41e394392f9e2cea24293ddd12f62c75ef9f172a08e359bbdb969cf07b0"
-                + "7eada3daa5226070522435dfc897f0ca6c25baadc22444228f54056a87d111b16778212f"
-                + "32ad49686bc6d7f315519dba787d7913b46a85187765b177be0eaeb422570089ca9a3ce2"
-                + "adbf4d4dfa35fd990f00886729bbb70a025feb80b9bc5aa2570523b84ae8e20bb009ad9c"
-                + "61c42c409ad74f6ec88395e49c1859ac7ba6868ea786ab9a2f435b9a9b800d012c87db61"
-                + "ac9ed69c3c743e2ef542744f1104258d470ac16b20fbd255ba3988344d33f24ff3d1679e"
-                + "5c4957596d03c6dbc50f68253c2af3d7291a0048a19148669192fdfdc668035aafce52bd"
-                + "f1ee47a7f957e5153c5093d1d77fb54b1f19398c28e20ebfd8095c072bf1f23c9b637936"
-                + "836bfcd0786714502aebaacca8fe85c49f9ea3c53e0781648d7839820f7d1b0ee07f0546"
-                + "228a688941d3b438ca4597e80c481107b6d74ef11aedeefbb3a3008dc50edc88ee44abdc"
-                + "645aaeb2ec9f645dcf63b4d15bffa3898a07dbe708f9d0e3e5cf2744bc1159f663a7048a"
-                + "e8d23e8c9a1b9eaa0e7c7a8bda197ec90fb6e3614507880770710f01634bbe64687a6cba"
-                + "b73279b15ca5e1011ba29152e4bdb1eb8996b6d66b5799c4d46f2552dfece1e0bed9a140"
-                + "776dbbcec0b03aff2243cb13b81a16881414160c920ffcf5938ef2390b44eb8b84f277b5"
-                + "256ed0ab7324ee6ef20b0789b8dd7cf42ecedd24f099a978fe22dcb604fa3430078e7f0c"
-                + "ef3045cb8c2e0a647af6967086e2f505fbe1fd796b00495901a39c5c3ac36e390917723f"
-                + "c9296beb0a1d13b0c768f1a08ce67ce6013bacf95a4c8fa36cb2f46f022b758fc5409163"
-                + "e412022e82260778e62bd256ec7f29a3694a548cb0822e0b387df2ede2bce510ad2185fc"
-                + "289af1e0dd71fc5308ded413cc1e51fc39197cf57ca965cc6ddacdaa83cc2b25e3bad563"
-                + "0fdf6ef3974b27690703d8809c1d15f449bbc588283454d94eecc36b06287d874fb97472"
-                + "77065aa8f7c0c3630d7a7a380e89959a95f3c25eca41f846e7a398c51906f7375fccd476"
-                + "36b1609009eedc517b616c5fea4b9946b83cb72104b5e160d84300f8cee9cae72a659834"
-                + "0569fc1b97aa3083dec862bf5d781b5f15b9d0e10cf9264f9eb2ae99448dff2c9a89c9e9"
-                + "6e176b212b7637a1511733e309447ab932d87f8069f694b42bbd456a503b5c2b5c7876e4"
-                + "60f26138aa68850deae1de2ade824f27721ca0a089d2edb7607a58b0a6a40b10788fc3ea"
-                + "170427fe5b8c0de92797890bd44c9e9c4512a299ce47ce3bdffda2b54cca10bb0656d036"
-                + "1fe1fa31590f01c8902ae4d99e416d0805b416da8c2fce263be00823bfc5b703364eb8d2"
-                + "9af02353840927a369ce6060ad09e517ebb90dd1b9572133e8ce12b2cc1464ef645ad2ba"
-                + "04fd179d27b052fc5042d1ffbd9ebe2ed6c671095e677d54b2b6d304d7e4a929ac011183"
-                + "d7cb0c2ebcb94eaadeade0912e17b0bac06e092358d911ada7b1f6cc25d333976e8740e9"
-                + "266e1af2045fe5ef361d4b624d8b58ffd71ee6113c79e221405a8e9d244b84f4ee0aded6"
-                + "0ef160a937ef34a4f12d91f92f84997432fa484c1eee881ca5f7384c9cf1a93fcd48b4ba"
-                + "669335d68a2745bdf315fc70e3870b7f2ed8d72a5ecec9858dab33e4b8a0f81600300a20"
-                + "7af29c6a4ed63dc40f00fb08bed452dccaab699cd8e31b805118482fbd3db5b10662a194"
-                + "da222e5f0cbb485baded120a3d64a42b17852b1ed150858de3e42050886afbaf608b08a5"
-                + "ab6be149853ae37c0307aa06a0a47ce2f06695ef55c9d051a1faec488e604d0687be84d7"
-                + "9dc639ccae00c438882fea4b737505f75de56ee099c110ccc05e6153da121cae4ee913da"
-                + "84f0e31c9f394f7798f01dc211e2a2d0228ae69e701f8d03fc081917ff83a20c42957615"
-                + "def47fb46cb33a4f2bf94febed7970e10425e9d389b2b080a060c89d0b78f4e0bd6595ea"
-                + "e225acd01d0c89b3e4bafc85d43e19d28c579c31bea7197a394eb68204483855b47298c2"
-                + "a6bfeca80c290cbfe4d4fb9d097639e83c7af928f872804af5cdf2c70f0cd80b6cbef7d2"
-                + "1bcb34ca8f85eb0e779ea8d0a3edd90708bda16f55738e2e4f671adb7fc8820fc72ecef5"
-                + "6df3632406cb884a6f575bbbc93724d9fd01dc5a89bbfd62c2cc838039b37a977a27dcce"
-                + "08b379007f3f2b8f06fd0960a4994b93c5c85b08f14cd66ca5d90e53cccea433fe7e9836"
-                + "734b3f833b00913eb80c1bbd9e90f88d714bfd0ab0b7928be35881d6f58e7a72fd13d18a"
-                + "a587134f8b5a7985fad32bdbe347b7700d8ea5fcb317e054c24ec132a27018d273230921"
-                + "fcaafac0c7deab9a77e7bec0308af72b3ad1192edbeda237b788228a515b17585346a1bf"
-                + "fdebfafd62ff24d6877bfc6b15aedc6b638aa87bdd7ee2e23aa607a16e4f66065b808f0a"
-                + "a4dcc355d57db0e76a66fc42a39575624bb4acb9da91e67e101e0ef341128dfbdde7f4a0"
-                + "f20d79d739c4a3e11bb1b90b7b8e3e7ba7f3c10841ed2e99777af8e0a64d20a540df6555"
-                + "0dd6a089426f82fa1bf597bc03e46f41f9be6147b867643795b7e93e7b34568e210ff4d8"
-                + "2d46e834f011e93972099978889fe98793736ae88dc35d5aa99034fda93a22490b685cbf"
-                + "97264bd719df5d54c3fc23322ab5cfd8d3e7063e1fba9542c662e269e93289d71e1966ac"
-                + "94706e74f9702aed3053f40bff842e4c02ed4753ca69768bfff599edd089011d9752a476"
-                + "888fff2d8734f4ff882b73281e5fcd7e30f0f2633f53b58f13392e11903a93cfa23ccb8c"
-                + "49c00ef344fcf249dafa38d321714633c129498df70e0e8370db620c2490bcd99be38e67"
-                + "dc3d18911d87845313be28e17e2ee3bbe0ed7ab8e5a98d68c1c5e07f169db41e111f98ee"
-                + "858fc7346a5d4e7ed184b2b60ab441b1e3b186c58b2ac33ffa547473767276efd912303b"
-                + "440a58fe95091efde1360e6513a9e5390906e18e302173005028325d34f70a8a85f48bda"
-                + "bae0f15c33ec997d3d4acb6d3bcbd2434b0a83a1fbecbd33fcdf31e4a4044e201257836e"
-                + "cfe7b4c84a181827536eb95fb340da741d3827095350caf3964cbfb2eefe4e8ebb257ffb"
-                + "0904187df2eac9afc6e5e35caaf6e6a855d43b6e445fd91419bbceff8d30832b5e75b2ca"
-                + "5561ad64c306b09ad0d2ca3d17ea230bab0e3b6c1566eeab4693431e683057f07fa77099"
-                + "227a5c3f05308c8c3fb63e94a847003e0f0a78bd936d59b589c3e70ff70b9c688d43eb78"
-                + "35366a6574b0701e8804be965d7a2d2ec408faf31e6a68522b0b8da3cdba52c76cef757f"
-                + "a5fa466b542d5d57ab1504500a07037e1353b244a4424082f66d35aa99bd5fbb9a702362"
-                + "d81812771aac607695050c62cb589f00d614695b163af1e86bb3e6c1505609032576dbb1"
-                + "4d42b421e72561482737faadb6fd823dec0e1310a99c9936a22017b9149ce23cbbdf77f3"
-                + "4a57050b5f3b414028ca939c31e95655e909c630ad9dfe3f3f09a250e578030f4c3e9099"
-                + "dbb0088d58e1b4046b97b2f61d9a2be4cca9bc0240f06075850045ee17e19ec504e4ae27"
-                + "3934909cc4840fea6766af2592fd6c12f3a82ab05856a646786184c68ac2020d2a8fc782"
-                + "8717cb2f89cc2d42046d8b618dfe4fa9e90b15d5c08ac3bac5c197eac5cee915e3fa0c6c"
-                + "4730110f2da5e66c0a124c26a62ede1e2de4357b275ee84d020410668a3efa1e828cba53"
-                + "c62150bf2691afa904762f2aa0309bcf67d023cd62d1b7c37aea8b1d69e36e07f5b81828"
-                + "85d3b526b02b6ba5b3647364ceeb601dd90c33d466779fd06fcad909db0fe5f376108786"
-                + "a82d336cc1f79fd23264e5455938ba924fce91d6f94e0ad00275b5e5c063ace5ffcf48f8"
-                + "4e370c90b51c1327ff6e5105699795201784d8479d695cb70567f8f06698386e751a552f"
-                + "e72bfbd773226a10eacd32fa2cebea1403e796c2e1c21accc9f76ed21f05549fa17f10e9"
-                + "7bb8736cf345d70b2fcee0a2c0044d02b5615c2e3f5075667942e2e39a40a3630fceec36"
-                + "53450b84307bf027a3bc78033ddcc5841ef3462e34da3778c496bc3f29d55ca47b64db23"
-                + "ce488170a5a0498a3a0cd0065b6ac1a8676ef1dd5bd8b14f298390a29c1df1403db94993"
-                + "b9537b3e018d82875623b1ac6ef0b549cd2b9676cb9b00159139a3161253ffe47e77ccfb"
-                + "3ef8ee1119ba56b51e5c626de41f5ba197329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "3ae79b4aa31f135f434366c323eb977388c1bc0b4e05a8092e35993d6d16df215d75ec66"
-                + "f68033ad6a5f5bae6414a4b4b221436a64a451476acf6ef3963e5760f67a8033ce9d73ad"
-                + "802f451f5425278368afb81acfb61e3d09810be734d88faa0bb5eca1387f9c6b0bb323ac"
-                + "cd504d3dac50e7ef0dcfd25e5f395bb80b7b0702544b9e603a35bdd362f280d9b3f80504"
-                + "0ed0ddb35180bb102c63f400de1dd8986def669ff9e2dbd16471b86f45ddf9e42a06be90"
-                + "fc6b950a2051af2ab5d6e7beb57a87f29b82d0b8b6939ecd3ff10160df6077e50c4302d2"
-                + "df4103c53b88ac48462527223784dcca47598ff252f12b57de026d4baeb0e5e66942824c"
-                + "2b47f0ea0f42d6a26cfa353ef8ec908458a93ef834f77868007ab41e12ddba62692a2ca8"
-                + "9d9c5bc66cf98871740bc35154f73e614199f6cf833536859bf8f8e0f374016f6b84d8fb"
-                + "7856417bdde9070f12b5aa42c78657cb7f837670a403201d68c920876382038200ba14ee"
-                + "49820cc77a43cf95f1624beb5d5c9c38acdc65e8de02e8802cf3b21326e941220599f101"
-                + "7b4230889a169a6de74bb100bb71527c1ffb70f0fcdd98ef9436eff6c91701042fa77eac"
-                + "afee9daa8bc453719ff9999a803f27a388995f2fbf92f8605af9a92bef46185765d4883b"
-                + "8bf9d75417d3e2c549d98951420512867fa006046c5c78ab10f4eb707abe84cd20491386"
-                + "d09be4a4515e633b978617255c90bc0664ca6ea08528b8b9979d1281721f54fd52920312"
-                + "9d42a0a5f56826b02d3a2106e5429cbc107f470ceb14085e1f568d4313b95556f4b2adbf"
-                + "670c1bfa37184a9e5896b57630545213c23ce2de0144051891db66384aa8bf8867f3abfc"
-                + "fd300695b8537b41cf4ef24a86628747dedd51ab8061e612faa1f1043dffe7d60a56859d"
-                + "96c63e6aa61e2a2c0e6ae4442239216532ebce1eee98f174ffd1c316f0d41bcd674cb0d3"
-                + "65e75f85000d47f20cf22fc4689aa1679bcae25f8716fa6ab2c72d041574c9a699abc9c7"
-                + "2a4cbd568ffe8d00e73102538dc4536f7f93f377d2de03d0ce9e52bcf51a7047c5e07c7a"
-                + "fdfc34f567b9355c190404a7b89c5a7b2de7d7205c8850f3621053d7542d83a66b925314"
-                + "210272b30c889370bf19ea42feef2a7f5231a7b5a4e87411039379faf42294807196903a"
-                + "501492372edc91d61f0403adcb843b9c80d805899cf5383c638c439f9ff096519e0b55a3"
-                + "004327a983e0073daca1b4affba6dafce68da9e39ac000a2260db89abdc0e467ebc072e8"
-                + "e48db515c95674cdc67273afbf2acad7ea9a8f829207abd7b2caa7fa8467fc20317304b7"
-                + "18a2275e9c3fe31f7639e5be5d71d2f4b641ecd0a4ebc9004753fb809715b11c827ec967"
-                + "eed4251649ea8a03c0a57aa5d7fd2dfd1db1d55ef4871c1431e7cb4e3d96ed9acdf20eb6"
-                + "a027b6fc23642a66b85276c7c21ea9bbb1c85edff31d0b33a011d608990050d92695f799"
-                + "454424d0c989d61fd4f3506523c50d4bf75ce54f160f3c78e9e9bda923e294ca5ebcdf3a"
-                + "02b89ab56b22e000a8dbc5838a19690bd2f8ea8eb0e8e7245aeadb7dbddaef4a492c5654"
-                + "4ba30a1faf8884ad284e6df0c24f21c55fa2edfaeb8355458fa2a48b93cd096d4546aca6"
-                + "49e0f09b3f64a1709ab334edc92a1148edf8f673efe7489d01b90eac25b26fee62317f8d"
-                + "c4071ef834e507f47c41573748a2f4f26b2dc06fd26fc12fbc5bbd4fc401e263b28e8664"
-                + "72258d09dad986faf05683f75116e98b19d51d779ed5f05ada29dd0349dcbd3ebea78e7a"
-                + "9b55827f0fb61dcc55a2f1b9648c4fecbadd0dcc30e9d3dc5135200f17cb1e7881de0239"
-                + "8c90dd6b5d202f802e79dd5e851a898a89d862cb870fdc32279d3819f5c92f12a9343acb"
-                + "9c1a8277ce862b12e50ae828f0e375b131affface7b0b96fc6fadcd9dc7192be5d60b2eb"
-                + "7879e52638947d00eabbdab6a846d32d2124d6be534b8a0b86440bb72ddf1693b19945ab"
-                + "5e60b71b68dae0965e2db31e4cb1bdc271f95d6736efb2f7a14ed34c7ae2ca3d13beed7b"
-                + "8d9801e0daaa09c89225ac30d6032c1bc5bdb2088e8522a410b8dfbc38ba93f22700a22e"
-                + "3a80803000b68a737d4ab684dc1f96e0e6f447da1a89f224f81cf780f169c25757cb8092"
-                + "aa1f5660c5481b60a2489ca486f55c632de4d427d46bf3d93b3c652c8b8e298052f6f9f0"
-                + "e5c969205f36b8431ff454d4bad6349cee13fd32c97f01f5c821602e9196bf37f1036b0e"
-                + "85dfe906526cf6b7f4ba73b4497db11210aa3d4fa9403e3fa1a1b4bd9e18cf0b0f74e4c2"
-                + "1cb6b016809a3d3652601b7fb3dd0e40a63fb94321c2536115e93ebd1ca98bd939531654"
-                + "d4d26909fcf4002980d78e924956629a0055d552773087b99fbc9fed7129882be26754ad"
-                + "527483c43cf1a7d3a7149d47b399bcb0afd7bc71f4db394157931700ff516c684ae45e55"
-                + "e51bd8ab3176235afd12432ab602c846c3fadd9afb7a49225d7ccb34acb792ffc32b9060"
-                + "879cf56ce75384485985d2597b2fa96d5415d7cbca80abb71c496168c64c17775af8c25a"
-                + "f659d3c2e9e4ed01d886db90d906eaad6bd5ddd8487960e404154ae68eab74c1662ea8d3"
-                + "24f36ec16869685f6713cfcc03d6c20b142f284608f998295cbd2fb7d612993afc4b62b7"
-                + "7ef901a93592e33b761fe9b5d782aeefd89d4dc214d42dc645a1b5a358c608adc1b27df7"
-                + "6fe09a905a4e232c4f2b39a53300a682619ae7462162011eabccc1067e493bb46ad1102a"
-                + "5d7aa6312ccd3a20593dd2ae8db98af243f778960db08aaeb7e44b78275924510661ea33"
-                + "e6d5f41a4e25f35a3eac895a05af1d9ed3de5fd14c33604610a333060b72b259bfe63650"
-                + "ccd7800a168eb9437071223821b556460f8c2e9d06d5c0d147b164aaae7fff7c8905ebc8"
-                + "79b5ee35d8524b02de79e7243a95217de63a06c680ab3120eceb35391787d28ecb379270"
-                + "fe13180b99eca4f6bc8ca3f98c7871e6ebaf8ff7c13062b45cb6301e9bbcc84fb0499dab"
-                + "af5c580f89d0af3ebf5e28b42fadaf0bc2f67e3871342c96eeb35351e46705f79a2ed2db"
-                + "b459924116943a1da7423333bdfd083e3d1e997b74eb0999a28d304c1e2568a6a141b066"
-                + "e7a726d7934a131eb6cb5550eef75d8ddb0b6246b0f0d97240694ef176fed93e932017a5"
-                + "b1e933a870ac08d2797a7a380e89959a95f3c25eca41f846e7a398c51906f7375fccd476"
-                + "36b1609009eedc517b616c5fea4b9946b83cb72104b5e160d84300f8cee9cae72a659834"
-                + "0569fc1b97aa3083dec862bf5d781b5f15b9d0e10cf9264f9eb2ae99448dff2c9a89c9e9"
-                + "6e176b212b7637a1511733e309447ab932d87f8069f694b42bbd456a503b5c2b5c7876e4"
-                + "60f26138aa68850deae1de2ade824f27721ca0a089d2edb7607a58b0a6a40b10788fc3ea"
-                + "170427fe5b8c0de92797890bd44c9e9c4512a299ce47ce3bdffda2b54cca10bb0656d036"
-                + "1fe1fa31590f01c8902ae4d99e416d0805b416da8c2fce263be00823bfc5b703364eb8d2"
-                + "9af02353840927a369ce6060ad09e517ebb90dd1b9572133e8ce12b2cc1464ef645ad2ba"
-                + "04fd179d27b052fc5042d1ffbd9ebe2ed6c671095e677d54b2b6d304d7e4a929ac011183"
-                + "d7cb0c2ebcb94eaadeade0912e17b0bac06e092358d911ada7b1f6cc25d333976e8740e9"
-                + "266e1af2045fe5ef361d4b624d8b58ffd71ee6113c79e221405a8e9d244b84f4ee0aded6"
-                + "0ef160a937ef34a4f12d91f92f84997432fa484c1eee881ca5f7384c9cf1a93fcd48b4ba"
-                + "669335d68a2745bdf315fc70e3870b7f2ed8d72a5ecec9858dab33e4b8a0f81600300a20"
-                + "7af29c6a4ed63dc40f00fb08bed452dccaab699cd8e31b805118482fbd3db5b10662a194"
-                + "da222e5f0cbb485baded120a3d64a42b17852b1ed150858de3e42050886afbaf608b08a5"
-                + "ab6be149853ae37c0307aa06a0a47ce2f06695ef55c9d051a1faec488e604d0687be84d7"
-                + "9dc639ccae00c438882fea4b737505f75de56ee099c110ccc05e6153da121cae4ee913da"
-                + "84f0e31c9f394f7798f01dc211e2a2d0228ae69e701f8d03fc081917ff83a20c42957615"
-                + "def47fb46cb33a4f2bf94febed7970e10425e9d389b2b080a060c89d0b78f4e0bd6595ea"
-                + "e225acd01d0c89b3e4bafc85d43e19d28c579c31bea7197a394eb68204483855b47298c2"
-                + "a6bfeca80c290cbfe4d4fb9d097639e83c7af928f872804af5cdf2c70f0cd80b6cbef7d2"
-                + "1bcb34ca8f85eb0e779ea8d0a3edd90708bda16f55738e2e4f671adb7fc8820fc72ecef5"
-                + "6df3632406cb884a6f575bbbc93724d9fd01dc5a89bbfd62c2cc838039b37a977a27dcce"
-                + "08b379007f3f2b8f06fd0960a4994b93c5c85b08f14cd66ca5d90e53cccea433fe7e9836"
-                + "734b3f833b00913eb80c1bbd9e90f88d714bfd0ab0b7928be35881d6f58e7a72fd13d18a"
-                + "a587134f8b5a7985fad32bdbe347b7700d8ea5fcb317e054c24ec132a27018d273230921"
-                + "fcaafac0c7deab9a77e7bec0308af72b3ad1192edbeda237b788228a515b17585346a1bf"
-                + "fdebfafd62ff24d6877bfc6b15aedc6b638aa87bdd7ee2e23aa607a16e4f66065b808f0a"
-                + "a4dcc355d57db0e76a66fc42a39575624bb4acb9da91e67e101e0ef341128dfbdde7f4a0"
-                + "f20d79d739c4a3e11bb1b90b7b8e3e7ba7f3c10841ed2e99777af8e0a64d20a540df6555"
-                + "0dd6a089426f82fa1bf597bc03e46f41f9be6147b867643795b7e93e7b34568e210ff4d8"
-                + "2d46e834f011e93972099978889fe98793736ae88dc35d5aa99034fda93a22490b685cbf"
-                + "97264bd719df5d54c3fc23322ab5cfd8d3e7063e1fba9542c662e269e93289d71e1966ac"
-                + "94706e74f9702aed3053f40bff842e4c02ed4753ca69768bfff599edd089011d9752a476"
-                + "888fff2d8734f4ff882b73281e5fcd7e30f0f2633f53b58f13392e11903a93cfa23ccb8c"
-                + "49c00ef344fcf249dafa38d321714633c129498df70e0e8370db620c2490bcd99be38e67"
-                + "dc3d18911d87845313be28e17e2ee3bbe0ed7ab8e5a98d68c1c5e07f169db41e111f98ee"
-                + "858fc7346a5d4e7ed184b2b60ab441b1e3b186c58b2ac33ffa547473767276efd912303b"
-                + "440a58fe95091efde1360e6513a9e5390906e18e302173005028325d34f70a8a85f48bda"
-                + "bae0f15c33ec997d3d4acb6d3bcbd2434b0a83a1fbecbd33fcdf31e4a4044e201257836e"
-                + "cfe7b4c84a181827536eb95fb340da741d3827095350caf3964cbfb2eefe4e8ebb257ffb"
-                + "0904187df2eac9afc6e5e35caaf6e6a855d43b6e445fd91419bbceff8d30832b5e75b2ca"
-                + "5561ad64c306b09ad0d2ca3d17ea230bab0e3b6c1566eeab4693431e683057f07fa77099"
-                + "227a5c3f05308c8c3fb63e94a847003e0f0a78bd936d59b589c3e70ff70b9c688d43eb78"
-                + "35366a6574b0701e8804be965d7a2d2ec408faf31e6a68522b0b8da3cdba52c76cef757f"
-                + "a5fa466b542d5d57ab1504500a07037e1353b244a4424082f66d35aa99bd5fbb9a702362"
-                + "d81812771aac607695050c62cb589f00d614695b163af1e86bb3e6c1505609032576dbb1"
-                + "4d42b421e72561482737faadb6fd823dec0e1310a99c9936a22017b9149ce23cbbdf77f3"
-                + "4a57050b5f3b414028ca939c31e95655e909c630ad9dfe3f3f09a250e578030f4c3e9099"
-                + "dbb0088d58e1b4046b97b2f61d9a2be4cca9bc0240f06075850045ee17e19ec504e4ae27"
-                + "3934909cc4840fea6766af2592fd6c12f3a82ab05856a646786184c68ac2020d2a8fc782"
-                + "8717cb2f89cc2d42046d8b618dfe4fa9e90b15d5c08ac3bac5c197eac5cee915e3fa0c6c"
-                + "4730110f2da5e66c0a124c26a62ede1e2de4357b275ee84d020410668a3efa1e828cba53"
-                + "c62150bf2691afa904762f2aa0309bcf67d023cd62d1b7c37aea8b1d69e36e07f5b81828"
-                + "85d3b526b02b6ba5b3647364ceeb601dd90c33d466779fd06fcad909db0fe5f376108786"
-                + "a82d336cc1f79fd23264e5455938ba924fce91d6f94e0ad00275b5e5c063ace5ffcf48f8"
-                + "4e370c90b51c1327ff6e5105699795201784d8479d695cb70567f8f06698386e751a552f"
-                + "e72bfbd773226a10eacd32fa2cebea1403e796c2e1c21accc9f76ed21f05549fa17f10e9"
-                + "7bb8736cf345d70b2fcee0a2c0044d02b5615c2e3f5075667942e2e39a40a3630fceec36"
-                + "53450b84307bf027a3bc78033ddcc5841ef3462e34da3778c496bc3f29d55ca47b64db23"
-                + "ce488170a5a0498a3a0cd0065b6ac1a8676ef1dd5bd8b14f298390a29c1df1403db94993"
-                + "b9537b3e018d82875623b1ac6ef0b549cd2b9676cb9b00159139a3161253ffe47e77ccfb"
-                + "3ef8ee1119ba56b51e5c626de41f5ba197329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "3bcca66dc56e4d69e2dc766efd99815e13ecc8b908b208ddcc0831d97766e2fcaf81b915"
-                + "8b31d9df71a587e0cc7d7ab4df3346f28528bb654e6f75e8dda12c1b7e2442975b62429a"
-                + "a3c3f2f9325979a627100a5cb2a355301d015d35dab75903806a65ad852e6ba669af1a16"
-                + "879f887ad220af632f20a40969e7f2483da74bf65edfbeaef9936ff398aaed04d990da13"
-                + "47df039d19d14e64a524d0e3f5608797052bb076ac3abf87e26b70b81ed1e7754384034f"
-                + "22b68ca8e4779c2154abdb316e77db52db58bb386780d11938e7738f1bc84ea01e76d01d"
-                + "00f38402d66df7680923f6add5705cc0d768fd8d7623157b28bd6a4798b8811038b8c276"
-                + "46e2d9bdaa09fbedf92ecbc4d741fac0816f3aface039491ae7da421f5025cbf75ffec08"
-                + "97b1dee6606448f86914d5c34fcf8f127947fadb239f1884efa189291c7cde897db67d09"
-                + "66858671416e4d8d595148eb4162ca8b2c1369d564bba4cd328c236195dd02a82ff26c04"
-                + "ca55c21dcd9ab5605e5a7c900ad7c75dd82102f7a38a4ddf4cfb034036c15343af617748"
-                + "ea64e999000659fd33e98530ed27937a68326060cfa2c4d8e797a47b93dea937d453d5c8"
-                + "c42725aa5b93b66b45ac37563f8a2cc85dd1aebbd21978156c757b255ffcdbb08315b15c"
-                + "57379fbe6834ff7446b20c063fe7e74ddecfb28ac34baf32f696a83e286f87c648421ed9"
-                + "aa150a0fd3d3fe4fb8bae7326313f11425510bf53a50721b7f69cfaa50be2059fe57b182"
-                + "5040505b174674efc41dfc160e32e9e9be6cc7ef36835f32328decd6526203d890631850"
-                + "e13d50eb9b20f660c66f4ab69e4b525049cd45c0c5e69afb60ef861fd42fe311add049af"
-                + "6ed681297c19175d97b94cec700b87550974f4d431b295dbb62068c9532ea5c13e8aa9de"
-                + "0fb824425155418af01307c0bd234ddc1025bdfd2067be6180b4a3494446bfb9d2cd1750"
-                + "1616618816e571ef74644629671d57425a3b1ed6a1c7f426d3d50da4658b25c3aea5b4d9"
-                + "630e35e5f1b91ebc26c8b76e0f35b7bfcbc5126bfc8dcc56f2ed98f286dd73f9d8da7bbc"
-                + "35e3d98b4a183dba3960a3a6f0b1bc41c25fd4747098294aeaebaa4b4363ab81b11b75a1"
-                + "3e7d4f600cb567dd9ade91d1d547e33f9652434f0c12318b9f3d7b18466de939ef8fc1c5"
-                + "9d06fcf98f6cf8c657a4950e5b8aa1a27c6fe08383bb7da6305d7662675cba75c34e1297"
-                + "15a501b434d467612451008295d23ac48434b746e51998ec85acac5936e404fe5cac4f22"
-                + "bae2d1fb12539480541e94c571b490399f20f49b0b897d1efba81a06d31dbb6f35c5d123"
-                + "2c2093e59285850fc53f6c82056e07de5131594dcab7b13f76749abcdfeffe7290c771b9"
-                + "452050a9e57d38da52ca78308f933294cad6a4ea1645f8f6146e9f675a8720beb7a8e388"
-                + "0c69dce9199e0342d8b636c77f28069988d979b490377db0cf68e4c92b77474900972988"
-                + "d3adb9bc783ad42f7fe9b96d8862700fd94b142b1e1160bf39eef164bdf42f62c9397a21"
-                + "7d1dfc147b7f9730e1b2febca0b25f020dda4f4c148bc1d75404817833174f5de76d3866"
-                + "6caa7da8317788cc9bc78159d64063f2c02b9149728add0a8461ca3f11d3effe1941d9a7"
-                + "0dc080de74e830bccd2ba4c231f48d9e1481e62d221d2a2e6f405c2f0ae346fede6db3c5"
-                + "199587e2a19f9890031db9763e9eb40a1f1c71412dec94dfe674b65da797a0aa59a4ecf9"
-                + "abed5f70fc51145501a38d161a6f47e211322906279ca7da3589a3ed1af38490968630c6"
-                + "d1f98ebfe523f7a357effac1f5856d522c2f27938b981099f01af267d4242eda979aa3ab"
-                + "80aad7a61f406f8bfa4a02061f6726786cf52464ae690c5e8a9f6e84e28ab01e4a26a543"
-                + "3120fc843ee13efdac9dbb854c31c75cd405c840f8ef0d32577c14f2e8098d9ab1a05e50"
-                + "f8c8921a0ad256b771be4611bed6071eb130db0615f6e1bde04ed0d452b9508b42ad970d"
-                + "ea429b6cb8a705d15197904e496b59e84eb7ed5e600230735e4193a3b89c0aa6957ba228"
-                + "566ae6c2099a156857845d0738b7572c82795c54ecbc3f1815c76fd019e2a281608df529"
-                + "d4857f6a8faf22726aa221afef6f3a9e9209928fd5abf5c04913e30843c9f0db336881d4"
-                + "8fd4c471dd71d1983a582f921f4acb9a9c8b267e06b7f9d030f7066a8de8450ab9ba6e23"
-                + "770e60903204054b75c2f7e3de9bad06e15fb67cc3b233d96caeeacf58b7a342d96ef00b"
-                + "c96b28e4cc2a3f9736d290e1d69cbf2bdb70dc0484be1972a37fed3b03246eda3d08bef7"
-                + "e9d6e617d82db9e478252a140699d8d3d60f3fe6c67ddccbb741bb735483a2c79e5201bb"
-                + "44eb552e64cff06ee1aafc56b382fe6338923a7db762a35ecfaedcb2af74ffe79e586df5"
-                + "cbc08ac0135ee8b2db8a97da083b24c09109e545753ba604df4c48528f9bc633054b56a7"
-                + "e6b49bdae64aad461091c70ac9e9fcc517c30c9112248a7ef5bcb2424b97243413e25916"
-                + "a2f0627fb48d2df1b3f7d2f7122a96743f19552c65f74d6464f73369c6007dcb8926f8ae"
-                + "35b1c30ccb66352b50328e3d501a67751d5dbab5794b60bbd2fa3f20292e66399d7a00b6"
-                + "1996134b6dcdef5869c4842de92d4a66bf4448e7a0ce0d05532bdf7e9d27fb19209596d3"
-                + "08d7a6bffdbf6f4e839d61e2ac8b47c396b4b38d08d3d0bfb3d27060af247a36bfe817cb"
-                + "5228b7204e332b09ab4e6b25ab6cfe30711c9291f9df937f4a45a4f423e3c9271ed0c3fd"
-                + "a502f1bb379c1a458ba4f537910d29b14e25047abf14bc5d1ca5fc0b56d6773b7a6225f6"
-                + "5530c403d6629c2e815068ec8a3af54d717d62a90ca3a46a1db12b9e8674bc8623724923"
-                + "2aa5f9c5d72c173b0c252df316181a7133d2f6a89382273fdc90cf3bd61c07d1362dedfc"
-                + "2c7b1a8ced88789ffbc487f986c9ba9a793c517381e6af3e815179e0c735fd6f118fceeb"
-                + "dc257b9ec7bd28100f4d025dbef36eed8b420603f9c7232f4efaf27a5ee591335c35aa67"
-                + "963add6781421a23be4a82ee188ea5752c2783c37399478490cb656506d7b848af42d4bd"
-                + "fa21f2cf3f7eae88070d2db67002b900570ee4ef34702974c8ba1f9999f9e1f4b9ab6ea9"
-                + "06b166f50cbdca94dbaae5eb51f75d8ddb0b6246b0f0d97240694ef176fed93e932017a5"
-                + "b1e933a870ac08d2797a7a380e89959a95f3c25eca41f846e7a398c51906f7375fccd476"
-                + "36b1609009eedc517b616c5fea4b9946b83cb72104b5e160d84300f8cee9cae72a659834"
-                + "0569fc1b97aa3083dec862bf5d781b5f15b9d0e10cf9264f9eb2ae99448dff2c9a89c9e9"
-                + "6e176b212b7637a1511733e309447ab932d87f8069f694b42bbd456a503b5c2b5c7876e4"
-                + "60f26138aa68850deae1de2ade824f27721ca0a089d2edb7607a58b0a6a40b10788fc3ea"
-                + "170427fe5b8c0de92797890bd44c9e9c4512a299ce47ce3bdffda2b54cca10bb0656d036"
-                + "1fe1fa31590f01c8902ae4d99e416d0805b416da8c2fce263be00823bfc5b703364eb8d2"
-                + "9af02353840927a369ce6060ad09e517ebb90dd1b9572133e8ce12b2cc1464ef645ad2ba"
-                + "04fd179d27b052fc5042d1ffbd9ebe2ed6c671095e677d54b2b6d304d7e4a929ac011183"
-                + "d7cb0c2ebcb94eaadeade0912e17b0bac06e092358d911ada7b1f6cc25d333976e8740e9"
-                + "266e1af2045fe5ef361d4b624d8b58ffd71ee6113c79e221405a8e9d244b84f4ee0aded6"
-                + "0ef160a937ef34a4f12d91f92f84997432fa484c1eee881ca5f7384c9cf1a93fcd48b4ba"
-                + "669335d68a2745bdf315fc70e3870b7f2ed8d72a5ecec9858dab33e4b8a0f81600300a20"
-                + "7af29c6a4ed63dc40f00fb08bed452dccaab699cd8e31b805118482fbd3db5b10662a194"
-                + "da222e5f0cbb485baded120a3d64a42b17852b1ed150858de3e42050886afbaf608b08a5"
-                + "ab6be149853ae37c0307aa06a0a47ce2f06695ef55c9d051a1faec488e604d0687be84d7"
-                + "9dc639ccae00c438882fea4b737505f75de56ee099c110ccc05e6153da121cae4ee913da"
-                + "84f0e31c9f394f7798f01dc211e2a2d0228ae69e701f8d03fc081917ff83a20c42957615"
-                + "def47fb46cb33a4f2bf94febed7970e10425e9d389b2b080a060c89d0b78f4e0bd6595ea"
-                + "e225acd01d0c89b3e4bafc85d43e19d28c579c31bea7197a394eb68204483855b47298c2"
-                + "a6bfeca80c290cbfe4d4fb9d097639e83c7af928f872804af5cdf2c70f0cd80b6cbef7d2"
-                + "1bcb34ca8f85eb0e779ea8d0a3edd90708bda16f55738e2e4f671adb7fc8820fc72ecef5"
-                + "6df3632406cb884a6f575bbbc93724d9fd01dc5a89bbfd62c2cc838039b37a977a27dcce"
-                + "08b379007f3f2b8f06fd0960a4994b93c5c85b08f14cd66ca5d90e53cccea433fe7e9836"
-                + "734b3f833b00913eb80c1bbd9e90f88d714bfd0ab0b7928be35881d6f58e7a72fd13d18a"
-                + "a587134f8b5a7985fad32bdbe347b7700d8ea5fcb317e054c24ec132a27018d273230921"
-                + "fcaafac0c7deab9a77e7bec0308af72b3ad1192edbeda237b788228a515b17585346a1bf"
-                + "fdebfafd62ff24d6877bfc6b15aedc6b638aa87bdd7ee2e23aa607a16e4f66065b808f0a"
-                + "a4dcc355d57db0e76a66fc42a39575624bb4acb9da91e67e101e0ef341128dfbdde7f4a0"
-                + "f20d79d739c4a3e11bb1b90b7b8e3e7ba7f3c10841ed2e99777af8e0a64d20a540df6555"
-                + "0dd6a089426f82fa1bf597bc03e46f41f9be6147b867643795b7e93e7b34568e210ff4d8"
-                + "2d46e834f011e93972099978889fe98793736ae88dc35d5aa99034fda93a22490b685cbf"
-                + "97264bd719df5d54c3fc23322ab5cfd8d3e7063e1fba9542c662e269e93289d71e1966ac"
-                + "94706e74f9702aed3053f40bff842e4c02ed4753ca69768bfff599edd089011d9752a476"
-                + "888fff2d8734f4ff882b73281e5fcd7e30f0f2633f53b58f13392e11903a93cfa23ccb8c"
-                + "49c00ef344fcf249dafa38d321714633c129498df70e0e8370db620c2490bcd99be38e67"
-                + "dc3d18911d87845313be28e17e2ee3bbe0ed7ab8e5a98d68c1c5e07f169db41e111f98ee"
-                + "858fc7346a5d4e7ed184b2b60ab441b1e3b186c58b2ac33ffa547473767276efd912303b"
-                + "440a58fe95091efde1360e6513a9e5390906e18e302173005028325d34f70a8a85f48bda"
-                + "bae0f15c33ec997d3d4acb6d3bcbd2434b0a83a1fbecbd33fcdf31e4a4044e201257836e"
-                + "cfe7b4c84a181827536eb95fb340da741d3827095350caf3964cbfb2eefe4e8ebb257ffb"
-                + "0904187df2eac9afc6e5e35caaf6e6a855d43b6e445fd91419bbceff8d30832b5e75b2ca"
-                + "5561ad64c306b09ad0d2ca3d17ea230bab0e3b6c1566eeab4693431e683057f07fa77099"
-                + "227a5c3f05308c8c3fb63e94a847003e0f0a78bd936d59b589c3e70ff70b9c688d43eb78"
-                + "35366a6574b0701e8804be965d7a2d2ec408faf31e6a68522b0b8da3cdba52c76cef757f"
-                + "a5fa466b542d5d57ab1504500a07037e1353b244a4424082f66d35aa99bd5fbb9a702362"
-                + "d81812771aac607695050c62cb589f00d614695b163af1e86bb3e6c1505609032576dbb1"
-                + "4d42b421e72561482737faadb6fd823dec0e1310a99c9936a22017b9149ce23cbbdf77f3"
-                + "4a57050b5f3b414028ca939c31e95655e909c630ad9dfe3f3f09a250e578030f4c3e9099"
-                + "dbb0088d58e1b4046b97b2f61d9a2be4cca9bc0240f06075850045ee17e19ec504e4ae27"
-                + "3934909cc4840fea6766af2592fd6c12f3a82ab05856a646786184c68ac2020d2a8fc782"
-                + "8717cb2f89cc2d42046d8b618dfe4fa9e90b15d5c08ac3bac5c197eac5cee915e3fa0c6c"
-                + "4730110f2da5e66c0a124c26a62ede1e2de4357b275ee84d020410668a3efa1e828cba53"
-                + "c62150bf2691afa904762f2aa0309bcf67d023cd62d1b7c37aea8b1d69e36e07f5b81828"
-                + "85d3b526b02b6ba5b3647364ceeb601dd90c33d466779fd06fcad909db0fe5f376108786"
-                + "a82d336cc1f79fd23264e5455938ba924fce91d6f94e0ad00275b5e5c063ace5ffcf48f8"
-                + "4e370c90b51c1327ff6e5105699795201784d8479d695cb70567f8f06698386e751a552f"
-                + "e72bfbd773226a10eacd32fa2cebea1403e796c2e1c21accc9f76ed21f05549fa17f10e9"
-                + "7bb8736cf345d70b2fcee0a2c0044d02b5615c2e3f5075667942e2e39a40a3630fceec36"
-                + "53450b84307bf027a3bc78033ddcc5841ef3462e34da3778c496bc3f29d55ca47b64db23"
-                + "ce488170a5a0498a3a0cd0065b6ac1a8676ef1dd5bd8b14f298390a29c1df1403db94993"
-                + "b9537b3e018d82875623b1ac6ef0b549cd2b9676cb9b00159139a3161253ffe47e77ccfb"
-                + "3ef8ee1119ba56b51e5c626de41f5ba197329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "3cd85230cc10db3d4466abb719a3875cb638e81ed02fe0a71e3b20067dcaef30d29f0c35"
-                + "a511264910a10500349b382e6b5ae5a642c9dd272514f3038ca463ebd948a3fbfe80ae34"
-                + "ae4174f5170d175f28a3548040bf0f0fec06c6e9a84f3e98d9916cda47d55565f26d5ca5"
-                + "b199af689e506a2573ccc4b0f9be50ab503689c11ed7293a0d6a1389a1100539afcb21b4"
-                + "b25fd855801e9a8293ecb1516a788bd15cacc07f7cb8fd78973b7b372d2452f0e5e0236d"
-                + "c11a99c501b773888b57d230aaf3694621e3df176b7140dd426cfa406303d3bd8cf6b32f"
-                + "1a3e09f82a109055dad9e72ed39b8685fe4b7b14d0528440c95c3b5bdc71a94b57d68d79"
-                + "bcdf1d73a08601f65cacacb4380f74a3d3f2af0b3c01a177327692bdce417c05c5d82f0a"
-                + "4344147af0f10c34b5b63fea2b83d87f83f80d2baaccce34f210d50b5b4bec594bfea6f2"
-                + "302d1688372b611a91f173a3cfdf09dcf6818274b6e95327c15946cb44aea7ab55c007bf"
-                + "66db1f7be7f3822ea4661c65734a20bdd8e7616fc8dd93647a62567cdb4645a003f33de6"
-                + "8d9a8288848800688debfde91323333010b7d393b6cf1964c4149adf494066e85cc96bfd"
-                + "e2fc9e85381e7ffaa840f460ab9b8ca8aedebf1a394ea3f524aedb251b57f9488c9bff6c"
-                + "8c9177fcf7c87a57c0e7c7ec4af6b259ac2ccf04db888c12775af9f29d9c626c2fc1d4f1"
-                + "df52ef33cc4996435b1331ef12b3c4775aa648231681676e0a020a5fa55679e90ab02b8f"
-                + "42de8aa65a35aebdb9c5b99797fa04eb9865d38ea9937d6d6a9ba4d693daae850d66812d"
-                + "3c66cd227fb3f2599f4c0e289993dc04b23fd2fab7dff749434a6ae7bbed0c12f1069d62"
-                + "03c35537191a7c97f0ff8a7383b838c3b947d1750a35d1764acabbc92952a82addc1a0b0"
-                + "4c0408f408a50b148211f0a729caa55b64a4d81247164f2f39fbcd521e60708f1a6ae1f7"
-                + "14b2aeec1e4d1bde130ecb7fba85ae122906923344e54c649f7e9fa358fc67f1baa59e88"
-                + "7391b4471f9b10e3c77f68b47d44911d2af5d9a5fedd9d54f8db689fcf8f657df60aa16f"
-                + "d59b7d59f165a393481cc1a7a1f5cef1655f489b9ef8afbf87eb2039ebb3d9a2c1ac4166"
-                + "87bcffbd518908076abed309368c3b131107cb2e9e3cc177eddacce799515572cc75fee1"
-                + "42a69b6f98894cd9ebbf6598922b989a37506d9ebe39bb5aad9f7fca1b4173b9ee5b04ba"
-                + "7380a675a1956e30cba3b918ec5e2d54468f9bf7d9e3903477b3da996059555fb969cc72"
-                + "1966fce8ca58f2808b82721f66b4350ea59b11b1e799cab2fadf768aa0b8ab623fdf6403"
-                + "d8dd9968301573f0655b86d2f147d8f41697101b12d1ce69b6012ecfbe4ba99f3bba199b"
-                + "d3e1594918c21ce8be8385489bcaa168065af2150581b5dc32455be124e52af9fa84bd95"
-                + "a9cfe82048d3cee501193c24b51435983ae5de14ffa694d96dd3fb326c7d43a137e39794"
-                + "e7fd97639b7858b875f136d36734ac1c71300dc35acb201d00c282ab0407f4a253dc91f0"
-                + "2c9930e6d087b9aa8562a07eb5862886818f4bdd7beafb6575a9c8a87b4eddd78e67d400"
-                + "bca1579ef60fd480f9cecc32416a8cf88cacb67c7ff84746558670d0c5ff10da07479b74"
-                + "ce0c8ff2fffa9358c36e5d1b9bf9196acca0063cdc38610417e7379f22efac9eb76fdb24"
-                + "ee8388270eac02df2d96b8b4e4047b64a433b1250c7cc8f491540c22b6903704c6638478"
-                + "15e84bd53257934665e73cdd010f9d461123657abece1c6c6bf7b0655de7405dcb0977b8"
-                + "4361b85206866972f90f1883b325a781324b160499010079069ec84c33170088d275a11f"
-                + "34fe480efffc917a4fd3e40d12ab2408052776884e8e273cea029fa08767bf473ef6a49f"
-                + "4642179252ff17b62098d8acfb7ec28d6430b6f88a59e4f68e9187f3dda9d0c19f67c283"
-                + "9eba3bb633f136da22818662538c904b8989cbc631e682c767aee49088b6c626ce204011"
-                + "cf2813e6f7b09a5147e5728548a6c29de164930b49608db0933ce2c6b379018a8b115336"
-                + "e70ae9368d053457ec13758216692032ec4d404c5b2592c8871ab16f39eb70a0bfbb82fa"
-                + "d5a8a15af3964bb3a5cb8c9712a57def48d2eb5b0174bbe1ec7893c2a78afb05ba31ba39"
-                + "8e8589590050aeca8e8c8dce0b85ea218d3deb9a51ad05c6cc99dfae70d5bcb4d265796a"
-                + "a6f9398d36d324692e7ab89fef4054b74c6c82dc2306490040ab338cfd71b817ce35d1e6"
-                + "44cec7621cafd31afd54368805f9cecd34cb96d1b4e9024da1a0e9cc4bca60ddcd685be2"
-                + "d862e9ca32f69f6a1821a05280fcfdfc6a54b3b69b29ae2652e8d26bf30fc84f0455c489"
-                + "4bc795eb6d5c569cec9ff6295626878de95dd9cec9b383364fa1c34ab5722fc23308c4b2"
-                + "f8f3de2115665447695407a7248d002c1509f1ed64326fa992c600226db40d205a8a472d"
-                + "c178c8a39c853f61942275d1bfcc31fbb24d53f86eb8abd2690876cda8be3ca24e972a93"
-                + "34b9952fddf73572cebb122cad90eb394667d067add30d54008409fe19f8c97375aa2dce"
-                + "65fa602b805d798e70dbcec16bb96136922b5ce09cec1dd27cfe43df0d6457242e6cc4b1"
-                + "6992fbf3b4befc32ba334d36e9ed79645445d40cdd6976e5ddd1aa68c9b9d4633ef2de20"
-                + "ceb67dbc5d994eac71c0608387561211bf7b2ff3dd3fd794f5aa3e16d984a1d9d660af05"
-                + "b177d894392ed7e7c9df1c99c713c4715fe05eaa1bd054f7ad37df92f67a2800927a9a9b"
-                + "28739e5f9a0112dd2a3da29692a8bc47a9d169ac769fdadb139f17dd9cafa31dcd1ec90e"
-                + "83e1f6f088a389c318c18b8aa9e902c70f035084514cbc5673b57ce3682d5b32906ba8f9"
-                + "0f55d47c1498242f54b2e3717a8e64baecdeb05b087007b51542bc384a04b5df27ce33b2"
-                + "4ea7c4792419664c667d76ee9e3c17ebd483f5c9c24168c325bdeb90d648d2263d97173a"
-                + "c074a4be9079e351f42ba91c3e4efe294daaaa81de0147b1964388805ccc89b346e44ee0"
-                + "4ae9ae1240ebee397f7ab93ad1d15d888428fb5bcd2706678acf5843eebc1a5ba9dc47a1"
-                + "2aafb61dcab34ed6e2aacca70fda9618cc6388f6566eba9dda4c0b225abe20cb0ea4b0b3"
-                + "b7623d6d4a6a1481002aa40f25a3190c49a1b9514f9708280f6f1f3b4d9cd2b0579cfec4"
-                + "38b2409433d71c88ef8df852bada0eaae459efe34872e3a21bb28ea963437c9260cadb23"
-                + "ac6ad5176eeedc517b616c5fea4b9946b83cb72104b5e160d84300f8cee9cae72a659834"
-                + "0569fc1b97aa3083dec862bf5d781b5f15b9d0e10cf9264f9eb2ae99448dff2c9a89c9e9"
-                + "6e176b212b7637a1511733e309447ab932d87f8069f694b42bbd456a503b5c2b5c7876e4"
-                + "60f26138aa68850deae1de2ade824f27721ca0a089d2edb7607a58b0a6a40b10788fc3ea"
-                + "170427fe5b8c0de92797890bd44c9e9c4512a299ce47ce3bdffda2b54cca10bb0656d036"
-                + "1fe1fa31590f01c8902ae4d99e416d0805b416da8c2fce263be00823bfc5b703364eb8d2"
-                + "9af02353840927a369ce6060ad09e517ebb90dd1b9572133e8ce12b2cc1464ef645ad2ba"
-                + "04fd179d27b052fc5042d1ffbd9ebe2ed6c671095e677d54b2b6d304d7e4a929ac011183"
-                + "d7cb0c2ebcb94eaadeade0912e17b0bac06e092358d911ada7b1f6cc25d333976e8740e9"
-                + "266e1af2045fe5ef361d4b624d8b58ffd71ee6113c79e221405a8e9d244b84f4ee0aded6"
-                + "0ef160a937ef34a4f12d91f92f84997432fa484c1eee881ca5f7384c9cf1a93fcd48b4ba"
-                + "669335d68a2745bdf315fc70e3870b7f2ed8d72a5ecec9858dab33e4b8a0f81600300a20"
-                + "7af29c6a4ed63dc40f00fb08bed452dccaab699cd8e31b805118482fbd3db5b10662a194"
-                + "da222e5f0cbb485baded120a3d64a42b17852b1ed150858de3e42050886afbaf608b08a5"
-                + "ab6be149853ae37c0307aa06a0a47ce2f06695ef55c9d051a1faec488e604d0687be84d7"
-                + "9dc639ccae00c438882fea4b737505f75de56ee099c110ccc05e6153da121cae4ee913da"
-                + "84f0e31c9f394f7798f01dc211e2a2d0228ae69e701f8d03fc081917ff83a20c42957615"
-                + "def47fb46cb33a4f2bf94febed7970e10425e9d389b2b080a060c89d0b78f4e0bd6595ea"
-                + "e225acd01d0c89b3e4bafc85d43e19d28c579c31bea7197a394eb68204483855b47298c2"
-                + "a6bfeca80c290cbfe4d4fb9d097639e83c7af928f872804af5cdf2c70f0cd80b6cbef7d2"
-                + "1bcb34ca8f85eb0e779ea8d0a3edd90708bda16f55738e2e4f671adb7fc8820fc72ecef5"
-                + "6df3632406cb884a6f575bbbc93724d9fd01dc5a89bbfd62c2cc838039b37a977a27dcce"
-                + "08b379007f3f2b8f06fd0960a4994b93c5c85b08f14cd66ca5d90e53cccea433fe7e9836"
-                + "734b3f833b00913eb80c1bbd9e90f88d714bfd0ab0b7928be35881d6f58e7a72fd13d18a"
-                + "a587134f8b5a7985fad32bdbe347b7700d8ea5fcb317e054c24ec132a27018d273230921"
-                + "fcaafac0c7deab9a77e7bec0308af72b3ad1192edbeda237b788228a515b17585346a1bf"
-                + "fdebfafd62ff24d6877bfc6b15aedc6b638aa87bdd7ee2e23aa607a16e4f66065b808f0a"
-                + "a4dcc355d57db0e76a66fc42a39575624bb4acb9da91e67e101e0ef341128dfbdde7f4a0"
-                + "f20d79d739c4a3e11bb1b90b7b8e3e7ba7f3c10841ed2e99777af8e0a64d20a540df6555"
-                + "0dd6a089426f82fa1bf597bc03e46f41f9be6147b867643795b7e93e7b34568e210ff4d8"
-                + "2d46e834f011e93972099978889fe98793736ae88dc35d5aa99034fda93a22490b685cbf"
-                + "97264bd719df5d54c3fc23322ab5cfd8d3e7063e1fba9542c662e269e93289d71e1966ac"
-                + "94706e74f9702aed3053f40bff842e4c02ed4753ca69768bfff599edd089011d9752a476"
-                + "888fff2d8734f4ff882b73281e5fcd7e30f0f2633f53b58f13392e11903a93cfa23ccb8c"
-                + "49c00ef344fcf249dafa38d321714633c129498df70e0e8370db620c2490bcd99be38e67"
-                + "dc3d18911d87845313be28e17e2ee3bbe0ed7ab8e5a98d68c1c5e07f169db41e111f98ee"
-                + "858fc7346a5d4e7ed184b2b60ab441b1e3b186c58b2ac33ffa547473767276efd912303b"
-                + "440a58fe95091efde1360e6513a9e5390906e18e302173005028325d34f70a8a85f48bda"
-                + "bae0f15c33ec997d3d4acb6d3bcbd2434b0a83a1fbecbd33fcdf31e4a4044e201257836e"
-                + "cfe7b4c84a181827536eb95fb340da741d3827095350caf3964cbfb2eefe4e8ebb257ffb"
-                + "0904187df2eac9afc6e5e35caaf6e6a855d43b6e445fd91419bbceff8d30832b5e75b2ca"
-                + "5561ad64c306b09ad0d2ca3d17ea230bab0e3b6c1566eeab4693431e683057f07fa77099"
-                + "227a5c3f05308c8c3fb63e94a847003e0f0a78bd936d59b589c3e70ff70b9c688d43eb78"
-                + "35366a6574b0701e8804be965d7a2d2ec408faf31e6a68522b0b8da3cdba52c76cef757f"
-                + "a5fa466b542d5d57ab1504500a07037e1353b244a4424082f66d35aa99bd5fbb9a702362"
-                + "d81812771aac607695050c62cb589f00d614695b163af1e86bb3e6c1505609032576dbb1"
-                + "4d42b421e72561482737faadb6fd823dec0e1310a99c9936a22017b9149ce23cbbdf77f3"
-                + "4a57050b5f3b414028ca939c31e95655e909c630ad9dfe3f3f09a250e578030f4c3e9099"
-                + "dbb0088d58e1b4046b97b2f61d9a2be4cca9bc0240f06075850045ee17e19ec504e4ae27"
-                + "3934909cc4840fea6766af2592fd6c12f3a82ab05856a646786184c68ac2020d2a8fc782"
-                + "8717cb2f89cc2d42046d8b618dfe4fa9e90b15d5c08ac3bac5c197eac5cee915e3fa0c6c"
-                + "4730110f2da5e66c0a124c26a62ede1e2de4357b275ee84d020410668a3efa1e828cba53"
-                + "c62150bf2691afa904762f2aa0309bcf67d023cd62d1b7c37aea8b1d69e36e07f5b81828"
-                + "85d3b526b02b6ba5b3647364ceeb601dd90c33d466779fd06fcad909db0fe5f376108786"
-                + "a82d336cc1f79fd23264e5455938ba924fce91d6f94e0ad00275b5e5c063ace5ffcf48f8"
-                + "4e370c90b51c1327ff6e5105699795201784d8479d695cb70567f8f06698386e751a552f"
-                + "e72bfbd773226a10eacd32fa2cebea1403e796c2e1c21accc9f76ed21f05549fa17f10e9"
-                + "7bb8736cf345d70b2fcee0a2c0044d02b5615c2e3f5075667942e2e39a40a3630fceec36"
-                + "53450b84307bf027a3bc78033ddcc5841ef3462e34da3778c496bc3f29d55ca47b64db23"
-                + "ce488170a5a0498a3a0cd0065b6ac1a8676ef1dd5bd8b14f298390a29c1df1403db94993"
-                + "b9537b3e018d82875623b1ac6ef0b549cd2b9676cb9b00159139a3161253ffe47e77ccfb"
-                + "3ef8ee1119ba56b51e5c626de41f5ba197329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "3d457fe03664d78c3e2612bd4b90cf24e06ee2a508965eba3a93eb2feba43bb260a297f2"
-                + "c91a4a679226d94ca7eef815b0ae0530b2d91cbe839bb0ec45293544573e79cc9a0d567c"
-                + "c7916e99febdadada1ccd6a6d76118696dfc0c1cf25fe101692bbfab466f2f39cb2ff4d9"
-                + "23b356d91896c39a1ab0370816af05a6abcf4110fe7f4cb03a0a28b2fbb68a14af8c9570"
-                + "c6aee9f11ffe1d6c1dc5ee9451ce99c09f93d337f3a9520d42fac43d94e0bc971723c931"
-                + "e834edacc08247574c3e7fe90c2cc2af443bf5b64616617e0f031064aee320a7886e4f6e"
-                + "692234fa88d06afe075a0a8aabcba73c083150c9701b057e44ea7245b41e4e9076fd747e"
-                + "a5cc40e33a6f49ccf4ccefb84d6794362dbdabb2814fe12b4bd1bf93dcf643825a70e57d"
-                + "aae1fc94c588f18a8bda7688259228f8d7c7a923567fcb2b93c24ddb2c311d02cf4b7f9f"
-                + "ff0d0ad14aeed8cb2d77bcfd5d068a2baa0e5228e38b909106fc70110f9040f7d3f74103"
-                + "da5cd23eac1c0a3ec0f218e9cfea7ced995b79377bce8b9c18c2da819c6b0821afd325f0"
-                + "c6293dfe9de85d17489b0f2730854212dffb1daa62e8aca1eac2bbead63e7ea4ec9ee231"
-                + "b7e626281f6298cbc67abcad1b6e8af0055235a31d8e09b87c11adccb914ee4e82843d9c"
-                + "a4a6b500cac2d8c6631d58960f511dcf053b518d040461401e4f51f10ffbdfb47559b987"
-                + "bbbdff8199e8af80e61aad95a2fd36467b107c0a61929d2777f3431a815e7a7deabdf466"
-                + "5a91e3af0c17b0f42a4350890e56998f47bc825d02bb5351d480f394561c3d70f99e5ee3"
-                + "172ccbe9a0f7121c1067d925889e4bcdf00e5ddae09ced2184c0ae6e565e546886d41465"
-                + "aa9e32dfdea7a14526c07dc7812e68d128df53e534e361a041c57ab051edb47a666e4d7b"
-                + "73f4fb49abb51c508256cd8a64641f34d13d9b99d5860e70868c83e796144fe9aa6426b1"
-                + "37f16eeaa402d69ad8803602f83b81c88230f2db65f1b6f613a3775560cf299c8a607542"
-                + "410e346f25a0d8c3a8875a46c5aa6f102f98b46e2f016d6433a6c7022ab0e8a651158cca"
-                + "07cf64c37b010f87fa957391a0be18640e583ebf71067a5ef8b58135a7228065e0999632"
-                + "d829a012429dd90ce506ae548cf14d82950d78ece1d2f0a1c820c53555e108d1430bc71b"
-                + "6e88242bfd1d3cb6f48961e9dd164b9de15ef17ca2785a8d68bb89cbb42f0fa6f0128d6b"
-                + "8e714a8b31cd6e84da4ab56fc999d7f1cfb83923c7c7c3a05d446cca5879ab94ee61452a"
-                + "bae21c3aa0f962c3b18cdd0cca4c899e2bffa4f9cc999d0e3e39f87cc2cad999361fbb09"
-                + "29f807b681331dcbcdad5eb877920fdccde9d380207b4456711dffa26948784bb612db77"
-                + "6285fd3a9534e1fad9e4fd692b2a0e08004d41c151ff4987b016a235d57257d8f6b15c3c"
-                + "ac1f03f00546b826a8ed31c90f09005916853f3284be341033332469de315bee7040c106"
-                + "826d00f0105044fdbfd67ed40b40c0a3fd49dfed38aaea90886f045196cc1a9f19cf6a25"
-                + "a6e804c1c7c39691f1f1c24c650f45b2b1f1a7d7792467f6b089e56d56883f0f50f66021"
-                + "6e4ddf42cfbf99ebcba6016c85343375f604bd9231754a8216e92ebc17c0778f319b2c77"
-                + "b2135b2adcfaac33f01736fd0a88e1c3dba46bc5a4de6ad1cd6987c8342851cb837a7485"
-                + "9ded09d4756dfbe167b0fc58d101120a82104a39619f4a2385be909a9d519768d17b1260"
-                + "9724457dbb7b5f6fe902541bfa3c56947c00631fce01070311bcca5bd957dbbb7f8ac1ba"
-                + "1e42be603512dce7e49195bdfeb9e132db3cc6d5e9bdaf77bc26aa01fa37547a598d796a"
-                + "626c0e86bbce1e2775d5b68436995b9cc791b3f191aa60122ee7d5ab4e362d9ca23e09ce"
-                + "c8a198f6225d53bffbb57ea2c522b3d255020f9ec437bb65ccda9ad44ac86d19bb7ec4ab"
-                + "b8ce3c0014be5b0f2bfdf7106409971578057d355dfbde8f1454b685a22de1d8bf4a1251"
-                + "50aa6307868029b672bb65778b88b156448addb5e2982e6b175020fe7116d2df25cbcab9"
-                + "a0e5315cdb362c81d76756295a78063615b5bef6f2f5fddf0633dfa0acf1047669507aec"
-                + "90101cce6443ce92a452db42948bc8191cdfc744cd1d3e792984813ced7d45bc3cc1e889"
-                + "e9d7fef41fd20678727cbf0e31373c2d62425a06af35f0c8735014dfd1115eadd4a3f156"
-                + "66295c604a9a4a13395a7715c6f2394ef34bcdd20994a9a8950aa4abe544d9d7c294c1a4"
-                + "c77dd447042d3de6c3b65d73a2eb89e5cd3eb8dcf2d21feca7a54cc6f3d97f9bdb078ba1"
-                + "c13f6797b1f305f6e9bced0c760a525c819faea7ab65b9ba6bc929d69382c99085110907"
-                + "d5662a5fc533359b5cd2dd9831e4acaaa00b826b379ee1d52325b4ed14365aa9ae1a0340"
-                + "9fe32ec9affe033a00d42f034b3708b49805849f2bc83921f26e60806eaa0b8ed6060f51"
-                + "9086e5776f1c33c0a8033d01341662c3dd6011031062e55647d2497bf9fa24ea0977ea8f"
-                + "3a035dce97f66c3c09a1fed34d2b1de6976f0a8adbef90b61e68919cfbbdbf824e532b52"
-                + "e90f0eab396bba5e467245111e717845c894746c139b3b0dffe9894f055d7e8660892d2a"
-                + "65bb868567a31399379c5929051f82d6a448f979103c8646168f97bd9c43cd073dca6b75"
-                + "9d1b71243cedc028209492b624a70239b7c0363032cb19cb0d05bcddefecb41356473520"
-                + "68e0cfcf98fe8d68b461fbf2e6bfcf565e53cfe201dc147fab49af5112dd4979bb64bf1b"
-                + "e7a7f01253f5fe175fcec61c4a3e00e7f64b6bbefdf7945a1aa947ca8848dcb3b61e62be"
-                + "7e8214c99f09d3365d64e6750d06294be65af13c9e897aa3350a6c1a990d7cf6047d0b07"
-                + "8e5ecadcab7afb0a096963707f8fe10a28296a5169a805840af75d1cf2033f2d54a0d22a"
-                + "884d583d12e33ebac282e700b130877ed0a295c02c1729915a733c05c6ee6a1a5d80b8d1"
-                + "854f65d1a89ac8eaad19ebfa163bfb641a139c5441a3e8e7c3f50569b13bb696e132c40b"
-                + "032cd9738451f6bc9dc8cc0050e48600018d688443dc33a5cfa90225904989befbe701fd"
-                + "d71f9b35a3bdd5b60f8026ca5f2840fcb3f6d65bf9dcaa18065f82172f97801e81ed561b"
-                + "54c439a8360eb0b9aa493e5c13a3190c49a1b9514f9708280f6f1f3b4d9cd2b0579cfec4"
-                + "38b2409433d71c88ef8df852bada0eaae459efe34872e3a21bb28ea963437c9260cadb23"
-                + "ac6ad5176eeedc517b616c5fea4b9946b83cb72104b5e160d84300f8cee9cae72a659834"
-                + "0569fc1b97aa3083dec862bf5d781b5f15b9d0e10cf9264f9eb2ae99448dff2c9a89c9e9"
-                + "6e176b212b7637a1511733e309447ab932d87f8069f694b42bbd456a503b5c2b5c7876e4"
-                + "60f26138aa68850deae1de2ade824f27721ca0a089d2edb7607a58b0a6a40b10788fc3ea"
-                + "170427fe5b8c0de92797890bd44c9e9c4512a299ce47ce3bdffda2b54cca10bb0656d036"
-                + "1fe1fa31590f01c8902ae4d99e416d0805b416da8c2fce263be00823bfc5b703364eb8d2"
-                + "9af02353840927a369ce6060ad09e517ebb90dd1b9572133e8ce12b2cc1464ef645ad2ba"
-                + "04fd179d27b052fc5042d1ffbd9ebe2ed6c671095e677d54b2b6d304d7e4a929ac011183"
-                + "d7cb0c2ebcb94eaadeade0912e17b0bac06e092358d911ada7b1f6cc25d333976e8740e9"
-                + "266e1af2045fe5ef361d4b624d8b58ffd71ee6113c79e221405a8e9d244b84f4ee0aded6"
-                + "0ef160a937ef34a4f12d91f92f84997432fa484c1eee881ca5f7384c9cf1a93fcd48b4ba"
-                + "669335d68a2745bdf315fc70e3870b7f2ed8d72a5ecec9858dab33e4b8a0f81600300a20"
-                + "7af29c6a4ed63dc40f00fb08bed452dccaab699cd8e31b805118482fbd3db5b10662a194"
-                + "da222e5f0cbb485baded120a3d64a42b17852b1ed150858de3e42050886afbaf608b08a5"
-                + "ab6be149853ae37c0307aa06a0a47ce2f06695ef55c9d051a1faec488e604d0687be84d7"
-                + "9dc639ccae00c438882fea4b737505f75de56ee099c110ccc05e6153da121cae4ee913da"
-                + "84f0e31c9f394f7798f01dc211e2a2d0228ae69e701f8d03fc081917ff83a20c42957615"
-                + "def47fb46cb33a4f2bf94febed7970e10425e9d389b2b080a060c89d0b78f4e0bd6595ea"
-                + "e225acd01d0c89b3e4bafc85d43e19d28c579c31bea7197a394eb68204483855b47298c2"
-                + "a6bfeca80c290cbfe4d4fb9d097639e83c7af928f872804af5cdf2c70f0cd80b6cbef7d2"
-                + "1bcb34ca8f85eb0e779ea8d0a3edd90708bda16f55738e2e4f671adb7fc8820fc72ecef5"
-                + "6df3632406cb884a6f575bbbc93724d9fd01dc5a89bbfd62c2cc838039b37a977a27dcce"
-                + "08b379007f3f2b8f06fd0960a4994b93c5c85b08f14cd66ca5d90e53cccea433fe7e9836"
-                + "734b3f833b00913eb80c1bbd9e90f88d714bfd0ab0b7928be35881d6f58e7a72fd13d18a"
-                + "a587134f8b5a7985fad32bdbe347b7700d8ea5fcb317e054c24ec132a27018d273230921"
-                + "fcaafac0c7deab9a77e7bec0308af72b3ad1192edbeda237b788228a515b17585346a1bf"
-                + "fdebfafd62ff24d6877bfc6b15aedc6b638aa87bdd7ee2e23aa607a16e4f66065b808f0a"
-                + "a4dcc355d57db0e76a66fc42a39575624bb4acb9da91e67e101e0ef341128dfbdde7f4a0"
-                + "f20d79d739c4a3e11bb1b90b7b8e3e7ba7f3c10841ed2e99777af8e0a64d20a540df6555"
-                + "0dd6a089426f82fa1bf597bc03e46f41f9be6147b867643795b7e93e7b34568e210ff4d8"
-                + "2d46e834f011e93972099978889fe98793736ae88dc35d5aa99034fda93a22490b685cbf"
-                + "97264bd719df5d54c3fc23322ab5cfd8d3e7063e1fba9542c662e269e93289d71e1966ac"
-                + "94706e74f9702aed3053f40bff842e4c02ed4753ca69768bfff599edd089011d9752a476"
-                + "888fff2d8734f4ff882b73281e5fcd7e30f0f2633f53b58f13392e11903a93cfa23ccb8c"
-                + "49c00ef344fcf249dafa38d321714633c129498df70e0e8370db620c2490bcd99be38e67"
-                + "dc3d18911d87845313be28e17e2ee3bbe0ed7ab8e5a98d68c1c5e07f169db41e111f98ee"
-                + "858fc7346a5d4e7ed184b2b60ab441b1e3b186c58b2ac33ffa547473767276efd912303b"
-                + "440a58fe95091efde1360e6513a9e5390906e18e302173005028325d34f70a8a85f48bda"
-                + "bae0f15c33ec997d3d4acb6d3bcbd2434b0a83a1fbecbd33fcdf31e4a4044e201257836e"
-                + "cfe7b4c84a181827536eb95fb340da741d3827095350caf3964cbfb2eefe4e8ebb257ffb"
-                + "0904187df2eac9afc6e5e35caaf6e6a855d43b6e445fd91419bbceff8d30832b5e75b2ca"
-                + "5561ad64c306b09ad0d2ca3d17ea230bab0e3b6c1566eeab4693431e683057f07fa77099"
-                + "227a5c3f05308c8c3fb63e94a847003e0f0a78bd936d59b589c3e70ff70b9c688d43eb78"
-                + "35366a6574b0701e8804be965d7a2d2ec408faf31e6a68522b0b8da3cdba52c76cef757f"
-                + "a5fa466b542d5d57ab1504500a07037e1353b244a4424082f66d35aa99bd5fbb9a702362"
-                + "d81812771aac607695050c62cb589f00d614695b163af1e86bb3e6c1505609032576dbb1"
-                + "4d42b421e72561482737faadb6fd823dec0e1310a99c9936a22017b9149ce23cbbdf77f3"
-                + "4a57050b5f3b414028ca939c31e95655e909c630ad9dfe3f3f09a250e578030f4c3e9099"
-                + "dbb0088d58e1b4046b97b2f61d9a2be4cca9bc0240f06075850045ee17e19ec504e4ae27"
-                + "3934909cc4840fea6766af2592fd6c12f3a82ab05856a646786184c68ac2020d2a8fc782"
-                + "8717cb2f89cc2d42046d8b618dfe4fa9e90b15d5c08ac3bac5c197eac5cee915e3fa0c6c"
-                + "4730110f2da5e66c0a124c26a62ede1e2de4357b275ee84d020410668a3efa1e828cba53"
-                + "c62150bf2691afa904762f2aa0309bcf67d023cd62d1b7c37aea8b1d69e36e07f5b81828"
-                + "85d3b526b02b6ba5b3647364ceeb601dd90c33d466779fd06fcad909db0fe5f376108786"
-                + "a82d336cc1f79fd23264e5455938ba924fce91d6f94e0ad00275b5e5c063ace5ffcf48f8"
-                + "4e370c90b51c1327ff6e5105699795201784d8479d695cb70567f8f06698386e751a552f"
-                + "e72bfbd773226a10eacd32fa2cebea1403e796c2e1c21accc9f76ed21f05549fa17f10e9"
-                + "7bb8736cf345d70b2fcee0a2c0044d02b5615c2e3f5075667942e2e39a40a3630fceec36"
-                + "53450b84307bf027a3bc78033ddcc5841ef3462e34da3778c496bc3f29d55ca47b64db23"
-                + "ce488170a5a0498a3a0cd0065b6ac1a8676ef1dd5bd8b14f298390a29c1df1403db94993"
-                + "b9537b3e018d82875623b1ac6ef0b549cd2b9676cb9b00159139a3161253ffe47e77ccfb"
-                + "3ef8ee1119ba56b51e5c626de41f5ba197329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "3e0235196e6f140740d20384df775060f0b670ffdad5ae27c7f1e01aa7eb9f41e18341b8"
-                + "c8f4047c0af138b15fa1907cd2734f8911618eda1e43e15c7d8ff73e454cb10724e8fd1f"
-                + "eb90ce35bb254681ae792500e83d86034e53eed6e3a716fb1992d3af9aa0c3487e0f9ac2"
-                + "d67ee8bd9b2366e6ceb1c0d280c743a6c21e24fc0aa45cb7c318d0790146506dbc31cad4"
-                + "019c07b5518d5c0644c0196776cc5b26c38c63b25a86a1adcc156fe5790e2ecf55f458c2"
-                + "31daf5429e237978ce3dede327cc4fd41fa67c0c2ad222a059aeab1f6c4983a431c0d885"
-                + "4277b68862ad12f228e9d080ff335b724d98274aa65a4c6e1054c844e9507161eb6a6334"
-                + "d9a289af4a74482537bae5363582c446cfa05b2cebc4a0dd81410c529054fa95031c196a"
-                + "892930ed831758a4aae6cf1878ffb7461f8da70ac5edea73cda28ee683b774d2d3e8802c"
-                + "3121a05b2ad71d8ef8e46514ac924ca33f20053adb86e369c1dfff36b9892aa976e8686a"
-                + "4c8572da45aac199ac1447f3c10371d4e294fee1ead3852b0bc97a8851c2a2caa3d367ea"
-                + "fec272f37f26650ce70e318503e0ee741449524fe9d290d03186769c9076c2118a772bcb"
-                + "b0c3774cb3dbe75d6c06abfe22f17d14dab2d8d113330f9c9b441f8bc52503b3b6e253c5"
-                + "5d9327dfce18f34346630bcff7461f82b2f221188afea86ae5883d374303558818847bdb"
-                + "295f9e27d3b7ad3eec3c12c072cfcf58c228655aa844459e050bea31e892350f1a8bf1da"
-                + "f3aa87ebf6b1beee2be98fc33b86de2f3b4b25d95803f8706b4ae1443bd4ab3c92505dbc"
-                + "84ede3670ec3b99b7471b7917359782281c32641737db3a177057c13f1b1e56501c9d65a"
-                + "5fafd1c2691ac2620cf95c7a61a45509b071e6ae415ef3be0a24b6154d8f6706d56b0b45"
-                + "c9721eff7ebe5eb8acc9f241fe19c437af494251c2261b5846b88297c0176c081c55b5c6"
-                + "27dbe07befcaa6af5f2e406c767dbf2eb0c74cac95f548837a88a183f21a4a3d2de1e785"
-                + "5d56a46aa73e6a84234c7cafce84e23dbc24a2778551341efee584445537330b06f61c9d"
-                + "f96c1e2678fc1d5bd0a067aed3e0a4ff62fa2266f9e988b4841126728ab81f63c0dfa952"
-                + "8168046829806bd608f8c497878fb1e4138be7235a9b6282cdc71e3eb7c7477d969b1170"
-                + "103ca1008c0b56cf9e7549ffffa42c6a399e40331dcb942055a49487e08ce3f5bb52bbf4"
-                + "7fd69ba9d4e81e1bffcc6771ad32d3c0bc62c5365fa5319bd719fdbd2592a8df6ab9509a"
-                + "59c277994e4fa0c84375227a9c44c897d13ee8f660bc3d204af198475a0c4879ba4cfc35"
-                + "1d4909ab86ed68fda690df2df1ccc4e243718c4af111d0e93c20191188fde22f84851d5f"
-                + "c8b8c2f077293406ee1939161855c5e434689ca0a2d8b5fbf9a740e6eaa7f3a6ae694265"
-                + "606a32e89189c37e5b09a7cdbf682cf68c848b361284eeae0df5b80e8912706c89472dc8"
-                + "60c4b7bbd349ccad2b4e1ceb9dd2ec5312fe905c9c697a4b87eaa7f9152a173278b24f36"
-                + "a8c5430805bfcc416bf563b6260ed3599559060d05ecee5e0f078b86691e36c52818d307"
-                + "73403625a547541fb73bca0cad366cf3429aa41f9f11b0d0f739a889aa26d9aac663cd92"
-                + "99a17eaed69a4b9cda5f3cc5fa3bbfb30e0694bf55129955470e44503185c32020ba2434"
-                + "98e03dce9ea5e84ea83c9a67c2b9e12e2c3d21c858dd675c28a89e91d1ecf3586a35e7b0"
-                + "7dfc8565fa82253ef1f5ddf6dc032471a35330e67520d81b8482ff23bb1977317fbc5fd6"
-                + "bd8fa234dec9404ac26f5482c5707c92468c6bf03f757f8c0706c664adfdc8ccdbca14e1"
-                + "d325b07aba52ed3ed78307c7ca448e7940b5171808d1e93b0d55e13e607b05b3eb1493df"
-                + "ead1faf8acd5ec4c5d4a69df860f109c8ab0acc3cf861de49a59d279fb316cf7eb92701b"
-                + "e08e2dea72f4413bca856e6ad55ef53327290f499e531e9c217c68d4cf89fc47046a8b11"
-                + "f5f5ccfa9e276a8227a99e1678f1abe26fd14f892ee5b57789799da3538da453b436de11"
-                + "fea542a7687fe0b0bf776beba1afa024ea3307d274d7f19fa24a82962a6ae4d4c021ddd8"
-                + "4f9cf1151cab0a9ec8c968f7e2ef3a9e528ebd3e983188ed52b2c05c30b91afa2e370e37"
-                + "d11523286209bbb7197efeb2e37ce222afc3be3b94ef40770feb8d88c5c09c119cb3b384"
-                + "3ec94c074c258bd822af0f3b023c924f3347515c83a0b98e672c5ad005cce80c38390c06"
-                + "7529bb66a360c1fc43538300625b95b808de3bd9a07fbb4795223a2465f107ce4582bdf8"
-                + "438a5846d4f41ed9eab855d011de761aa4b6cd3a34cafab4a433839473e3d55aa1f10592"
-                + "7ec1c621450b49698ad8cac67333cbcd853314770fb93551c7ff095d3b24eaf7ca4e19e8"
-                + "052e5b1caddd9d75fc76cb7e8ad0a2c3f456dcc9b63b76006d4ee0655cb2364147f4cb37"
-                + "0a202fe447700f32483dffd8a46f33fd2126e98e0c0c16f6bffec18553a8d0fb14e1d3ac"
-                + "216fb56919b508918a68b8724bdd54a1a76ed6cd6be093d5d63103e6b5a12ed4986a79ea"
-                + "20358320e0481c0a43f1eebd4b3ecaae048c62a9195126d055fa693980b1fba8c6db7712"
-                + "161aa4de92434ab1b23d887fa570283974e05cf6566b58bc60365e981ed216bd1953a118"
-                + "4a66e7c1de25282b594ea2a0defba13cfe505aa27a8f3cf5c896032d9555bf5bf287db04"
-                + "8225cf09d664cdba2a00f68d27ece641bb5197dbcc670bb10be61677f41a709abb12bb2e"
-                + "7dc0ddb073491650993a2469b24735a35f4ade6a03cbf720050c3332a708c919fe69bbf9"
-                + "98c267ee498b4348b12bc666afe87faade80a495bc30ddf9b45faf5cf2a9ad119646f4af"
-                + "e519c97f3a2d174e802a63b9d7f947f8fb99e77bd58b97ea55ed588eca27a337bbad054d"
-                + "b58be4a02181024ab2d638427d806ef50dd70d53ee5250f82dd931589f2fb7fafe9e8084"
-                + "c8946ebdcaec2c08963bbffd65e86338332444ec414a4c8f56b832f868fa0c14d6485786"
-                + "cd339d077adc4db997c38530b4604dbb003596c5e867873225c4581e66fec82747cf6823"
-                + "4eecaa5682110a1fec712571f261c60d706e423179f9f0050bfefe53f353dc306916ff02"
-                + "ae1fdd98e5e2565f050853bc3cc3f0772c331a214b9cb61afe06072ffac2b86109369dde"
-                + "cb321f78c9a814b7bc8df852bada0eaae459efe34872e3a21bb28ea963437c9260cadb23"
-                + "ac6ad5176eeedc517b616c5fea4b9946b83cb72104b5e160d84300f8cee9cae72a659834"
-                + "0569fc1b97aa3083dec862bf5d781b5f15b9d0e10cf9264f9eb2ae99448dff2c9a89c9e9"
-                + "6e176b212b7637a1511733e309447ab932d87f8069f694b42bbd456a503b5c2b5c7876e4"
-                + "60f26138aa68850deae1de2ade824f27721ca0a089d2edb7607a58b0a6a40b10788fc3ea"
-                + "170427fe5b8c0de92797890bd44c9e9c4512a299ce47ce3bdffda2b54cca10bb0656d036"
-                + "1fe1fa31590f01c8902ae4d99e416d0805b416da8c2fce263be00823bfc5b703364eb8d2"
-                + "9af02353840927a369ce6060ad09e517ebb90dd1b9572133e8ce12b2cc1464ef645ad2ba"
-                + "04fd179d27b052fc5042d1ffbd9ebe2ed6c671095e677d54b2b6d304d7e4a929ac011183"
-                + "d7cb0c2ebcb94eaadeade0912e17b0bac06e092358d911ada7b1f6cc25d333976e8740e9"
-                + "266e1af2045fe5ef361d4b624d8b58ffd71ee6113c79e221405a8e9d244b84f4ee0aded6"
-                + "0ef160a937ef34a4f12d91f92f84997432fa484c1eee881ca5f7384c9cf1a93fcd48b4ba"
-                + "669335d68a2745bdf315fc70e3870b7f2ed8d72a5ecec9858dab33e4b8a0f81600300a20"
-                + "7af29c6a4ed63dc40f00fb08bed452dccaab699cd8e31b805118482fbd3db5b10662a194"
-                + "da222e5f0cbb485baded120a3d64a42b17852b1ed150858de3e42050886afbaf608b08a5"
-                + "ab6be149853ae37c0307aa06a0a47ce2f06695ef55c9d051a1faec488e604d0687be84d7"
-                + "9dc639ccae00c438882fea4b737505f75de56ee099c110ccc05e6153da121cae4ee913da"
-                + "84f0e31c9f394f7798f01dc211e2a2d0228ae69e701f8d03fc081917ff83a20c42957615"
-                + "def47fb46cb33a4f2bf94febed7970e10425e9d389b2b080a060c89d0b78f4e0bd6595ea"
-                + "e225acd01d0c89b3e4bafc85d43e19d28c579c31bea7197a394eb68204483855b47298c2"
-                + "a6bfeca80c290cbfe4d4fb9d097639e83c7af928f872804af5cdf2c70f0cd80b6cbef7d2"
-                + "1bcb34ca8f85eb0e779ea8d0a3edd90708bda16f55738e2e4f671adb7fc8820fc72ecef5"
-                + "6df3632406cb884a6f575bbbc93724d9fd01dc5a89bbfd62c2cc838039b37a977a27dcce"
-                + "08b379007f3f2b8f06fd0960a4994b93c5c85b08f14cd66ca5d90e53cccea433fe7e9836"
-                + "734b3f833b00913eb80c1bbd9e90f88d714bfd0ab0b7928be35881d6f58e7a72fd13d18a"
-                + "a587134f8b5a7985fad32bdbe347b7700d8ea5fcb317e054c24ec132a27018d273230921"
-                + "fcaafac0c7deab9a77e7bec0308af72b3ad1192edbeda237b788228a515b17585346a1bf"
-                + "fdebfafd62ff24d6877bfc6b15aedc6b638aa87bdd7ee2e23aa607a16e4f66065b808f0a"
-                + "a4dcc355d57db0e76a66fc42a39575624bb4acb9da91e67e101e0ef341128dfbdde7f4a0"
-                + "f20d79d739c4a3e11bb1b90b7b8e3e7ba7f3c10841ed2e99777af8e0a64d20a540df6555"
-                + "0dd6a089426f82fa1bf597bc03e46f41f9be6147b867643795b7e93e7b34568e210ff4d8"
-                + "2d46e834f011e93972099978889fe98793736ae88dc35d5aa99034fda93a22490b685cbf"
-                + "97264bd719df5d54c3fc23322ab5cfd8d3e7063e1fba9542c662e269e93289d71e1966ac"
-                + "94706e74f9702aed3053f40bff842e4c02ed4753ca69768bfff599edd089011d9752a476"
-                + "888fff2d8734f4ff882b73281e5fcd7e30f0f2633f53b58f13392e11903a93cfa23ccb8c"
-                + "49c00ef344fcf249dafa38d321714633c129498df70e0e8370db620c2490bcd99be38e67"
-                + "dc3d18911d87845313be28e17e2ee3bbe0ed7ab8e5a98d68c1c5e07f169db41e111f98ee"
-                + "858fc7346a5d4e7ed184b2b60ab441b1e3b186c58b2ac33ffa547473767276efd912303b"
-                + "440a58fe95091efde1360e6513a9e5390906e18e302173005028325d34f70a8a85f48bda"
-                + "bae0f15c33ec997d3d4acb6d3bcbd2434b0a83a1fbecbd33fcdf31e4a4044e201257836e"
-                + "cfe7b4c84a181827536eb95fb340da741d3827095350caf3964cbfb2eefe4e8ebb257ffb"
-                + "0904187df2eac9afc6e5e35caaf6e6a855d43b6e445fd91419bbceff8d30832b5e75b2ca"
-                + "5561ad64c306b09ad0d2ca3d17ea230bab0e3b6c1566eeab4693431e683057f07fa77099"
-                + "227a5c3f05308c8c3fb63e94a847003e0f0a78bd936d59b589c3e70ff70b9c688d43eb78"
-                + "35366a6574b0701e8804be965d7a2d2ec408faf31e6a68522b0b8da3cdba52c76cef757f"
-                + "a5fa466b542d5d57ab1504500a07037e1353b244a4424082f66d35aa99bd5fbb9a702362"
-                + "d81812771aac607695050c62cb589f00d614695b163af1e86bb3e6c1505609032576dbb1"
-                + "4d42b421e72561482737faadb6fd823dec0e1310a99c9936a22017b9149ce23cbbdf77f3"
-                + "4a57050b5f3b414028ca939c31e95655e909c630ad9dfe3f3f09a250e578030f4c3e9099"
-                + "dbb0088d58e1b4046b97b2f61d9a2be4cca9bc0240f06075850045ee17e19ec504e4ae27"
-                + "3934909cc4840fea6766af2592fd6c12f3a82ab05856a646786184c68ac2020d2a8fc782"
-                + "8717cb2f89cc2d42046d8b618dfe4fa9e90b15d5c08ac3bac5c197eac5cee915e3fa0c6c"
-                + "4730110f2da5e66c0a124c26a62ede1e2de4357b275ee84d020410668a3efa1e828cba53"
-                + "c62150bf2691afa904762f2aa0309bcf67d023cd62d1b7c37aea8b1d69e36e07f5b81828"
-                + "85d3b526b02b6ba5b3647364ceeb601dd90c33d466779fd06fcad909db0fe5f376108786"
-                + "a82d336cc1f79fd23264e5455938ba924fce91d6f94e0ad00275b5e5c063ace5ffcf48f8"
-                + "4e370c90b51c1327ff6e5105699795201784d8479d695cb70567f8f06698386e751a552f"
-                + "e72bfbd773226a10eacd32fa2cebea1403e796c2e1c21accc9f76ed21f05549fa17f10e9"
-                + "7bb8736cf345d70b2fcee0a2c0044d02b5615c2e3f5075667942e2e39a40a3630fceec36"
-                + "53450b84307bf027a3bc78033ddcc5841ef3462e34da3778c496bc3f29d55ca47b64db23"
-                + "ce488170a5a0498a3a0cd0065b6ac1a8676ef1dd5bd8b14f298390a29c1df1403db94993"
-                + "b9537b3e018d82875623b1ac6ef0b549cd2b9676cb9b00159139a3161253ffe47e77ccfb"
-                + "3ef8ee1119ba56b51e5c626de41f5ba197329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-            "3fef199d1e8f4b5ec30f289f0e11643811de32d694bdbab50ffb020e02ff6adb4a68e5ee"
-                + "7ec242301d1862c6c9de81673797fc08a73f006d46407454fa8f88c05b8aabfe5397541c"
-                + "ab33d93e9ad585d4fc580f0ea5cbb8d9517b075149c68278f1aa76f25ad625b54fe72466"
-                + "5df891bbed9cb52af8d1768315fa3a44956c3531d8fe4631b6e575bf332f6b50ac27744d"
-                + "4d4036375f1fa6c6d341193e823cd8d41ee035d08f77d317dbaab2480f3d780840311a94"
-                + "a733bb7235cb021167ce047d7f9271f7c3a1ee7e83879ef7fd08e313b88fdcb68aa2afa4"
-                + "3f051ba6a86ec6fbbb5d4645f487cdf01bdea7150a6e5c78758f249b482ce71c4f422301"
-                + "0e6b70a6261452dc9037e4826902b768e326e979bd1f01bb1c90160975f3ec123c037881"
-                + "24ee4246ec64293ce913b7288e760c556dd693bc89a2a93ce8e920bb2678c8fd8f7e7fea"
-                + "68f3c8544ed3873dd39bc7152f9b4ef7c472d77bb60722ff65638ab4584e9c728486c008"
-                + "f998627da2ee446866d5db13e32fb7b5a30bf907bcea2eefcabaa7f53e9a7c94df11ece8"
-                + "02c62d376ab8dbc396d7109ce9ce232207b7cb8cd3a6b127698b4fa8c1291a09b0f11e0a"
-                + "9cdfc1b19aa4f6c7a002028445edfcef35f1a68a51bcd3d9012c486abb8da48eb3498fab"
-                + "f8ae2d21afd0cc52a654869e67cb078ea887f68ad5263a57475a1ed1f7b5e551fdb2d967"
-                + "dd082da4d30028d946277e5c406d07a29e011bafbf14e5e51da7867ff76b4705ae059de4"
-                + "6f3b9ac922c53db63189c154320652d6066963f10342f4f20992271c24625e8286e918b0"
-                + "5e37c287cc0502375786fa930cb526bd6f3413da7e01aff07adf15232a8513fdaf7ac4e5"
-                + "a73f4e4a540ae008e4e52d44adbb1984c08b85540440d56fd63415ae56d978cd145001f8"
-                + "ed780665f273ade06f72364b5f4d180637a06156b60e75247c81d0a37e9a5fde226cdb59"
-                + "5c3161e3fa78ef49afeb1edb2f2bb250fc5af575fada6c11c137b8595fbf57c4c8df3832"
-                + "0c29787bde8f4608c3964beefc2b9f04585bdc6072720f014e5c7cbafba340a5e35ecf2d"
-                + "fb0eea4f1cc49f532eb8ff4e2be928de92336ddb0b3234b5ff46c48f49b2dd0a4f58ee33"
-                + "91353e295843d8d7461deba00102e2964009099804f0660ea37026abcdd7d4389460d69d"
-                + "51a85895f7dfbf4a0605a4d3fc6dc5c83d6e15c4f04ecce15856a1912599d331632bf1a0"
-                + "4f39310db0405555fc62c59518fa8810ded2ddef7c3163ad13b9b788a163fc6cc2d26f25"
-                + "358562f95263acac6b56c81b8c39376162a73591b1f6a2626451cb2f425bef9455fae7e2"
-                + "2c250f14299ee90d9aa9d548a0d1196949d8e72376f1cdc4f56b2db1786d77e8c23ba5fa"
-                + "8a32fe9209c7b621758ec11b4c0b784bd9b106aed25dddfaae73e501f92d6100ec158dd3"
-                + "a981e5311b8340d5445d24df4765d9e6496700124bb21721c63022b3546d31130c88ad2a"
-                + "e927700f3c2912dba4d84ad136c9c70342bd42a458cf09aa3fcc333de09db3ccd5f43b33"
-                + "17630e598b45717e7491582cad253942e5fa36464cad205bcbe71504d2567fb9e1afdf31"
-                + "c423833fe63d05cdcfd368f4ec6d69d599825fc48d901d69d1d9f192062aa6aae0cbde1f"
-                + "1b94a3b88869e92cf52bdb0f0734f2e2298747823dc4059873c0784be9285786b4cce5fa"
-                + "81854c2e19f6804ea3638b69efd10d7f1918d9c18e50360be16f4e968771d537c9898129"
-                + "48475b4218a0ba4e889618cbef4c0c3f50bf63d9402b451c2cd3202b41720965094ad5cc"
-                + "6938c9a9e9716fa599416410d434fcdda0340f2f021b45553856a4126b03f932d242629e"
-                + "585993c58d71bc6fd95e11848a6092bcdc7fbcb706ece63c89548413238e3d7be9c3e345"
-                + "886af0b081254274622e10913937492368d29c790e8e338d7053b33cd6c1654ddad73476"
-                + "b901dfcdced535fc174b06bc16f183a2f67545de2f325aad3c07d4856eeb5876896c8867"
-                + "7683ae72f8851cce00b8472703d88305950925c70deae29d726c5e2258edc84b71f436f7"
-                + "bdb339d1e9f132ded0de3c0aac035f2b93e8d19027b758e7f337311e2a8556fc50a0608d"
-                + "f5d93d45e7bdbea1b8d42d5654d515361804d79e88e1b607ef3309f610f605b9d18bcdae"
-                + "8a7597a6e334e5eb66d7fddec12f07df0bee57a873945320a5e88bf751a4299eb324e071"
-                + "06e6ef26224dc3388ea127930d649276db54f5dd705e3cc94d0d56447aa9798dd62804d4"
-                + "93dd1674e15ecb95fb8a169b6d74c2e21c3b84928591585f26773451edf872063c06aeb3"
-                + "defbe7a6f57d36a195cf16dec3068ab8447808a7c49306f7d8a6b7dae9fafff813ad8267"
-                + "756cbb87d4cd5b8c398e2f3aee3933fdd651a0d52d5ecfb9dc7758d5d4813a67ae61545e"
-                + "9d7498c1f6b1713cbf5fd72c8d81ce1acaeefb67ffa0104b8728f50ccf5bdabec070d653"
-                + "a3eb9a97f5bafa581aa47924fae03fe59d7fd76d6c370ac35c5471ff830ad655b3a619fe"
-                + "9890a62577d73ae56cbf1ba3a17a2094304eb9560bd68033cb18d8824ede87878b04d98e"
-                + "a715241999aa9c78a12682e4e4d2ecc11457af4534d0e21c07781bd3381b2dcc3c7875e7"
-                + "88eb960251dc7cfc6d7380ce3b419a39ac545c5752ff83c298b264539b1550055d9bf70b"
-                + "56e94cf8fd2bc69a70a0da71d0c6b1d9c77a9bb858db24c1597f9ea000465f1d6c4329b9"
-                + "e1b72f3d97c8e86630d84d1bb76f211c6254d97713207b984a3cb98bddb7cf53a834fc34"
-                + "d2c7e6fc7eb41544859899e4ca5f326f3383c44f509ba8139cd3af00d47e6049dfdf820b"
-                + "076af9af90340f6c0675a6136f7d00c4c060167758050915eb64023c04f733695f8e4fa4"
-                + "2f7f965dcf6b8ff1bd1c15c5450410a556b23b6e78337624634b691397b02c66b83cf3d3"
-                + "58e2750de25b7e289b4e9d9774993977c3dc0c39161dc684718ea7c68900457b06f8c4c0"
-                + "d0da7ffa4373478fd9c8b9862890d025565e06be5802c383f82a161b3efa482975d46773"
-                + "33bbaa5c05edca512b059a8ca718bf244dfc2f573a1d448a9329ebb3eb9e278abd23842c"
-                + "320a944b8a86a1fa5b39ba08fec3de7b70b10c9be17406c09772b270f82348ec9b0ab262"
-                + "c7a314d37a15d68338806b48ecc3f0772c331a214b9cb61afe06072ffac2b86109369dde"
-                + "cb321f78c9a814b7bc8df852bada0eaae459efe34872e3a21bb28ea963437c9260cadb23"
-                + "ac6ad5176eeedc517b616c5fea4b9946b83cb72104b5e160d84300f8cee9cae72a659834"
-                + "0569fc1b97aa3083dec862bf5d781b5f15b9d0e10cf9264f9eb2ae99448dff2c9a89c9e9"
-                + "6e176b212b7637a1511733e309447ab932d87f8069f694b42bbd456a503b5c2b5c7876e4"
-                + "60f26138aa68850deae1de2ade824f27721ca0a089d2edb7607a58b0a6a40b10788fc3ea"
-                + "170427fe5b8c0de92797890bd44c9e9c4512a299ce47ce3bdffda2b54cca10bb0656d036"
-                + "1fe1fa31590f01c8902ae4d99e416d0805b416da8c2fce263be00823bfc5b703364eb8d2"
-                + "9af02353840927a369ce6060ad09e517ebb90dd1b9572133e8ce12b2cc1464ef645ad2ba"
-                + "04fd179d27b052fc5042d1ffbd9ebe2ed6c671095e677d54b2b6d304d7e4a929ac011183"
-                + "d7cb0c2ebcb94eaadeade0912e17b0bac06e092358d911ada7b1f6cc25d333976e8740e9"
-                + "266e1af2045fe5ef361d4b624d8b58ffd71ee6113c79e221405a8e9d244b84f4ee0aded6"
-                + "0ef160a937ef34a4f12d91f92f84997432fa484c1eee881ca5f7384c9cf1a93fcd48b4ba"
-                + "669335d68a2745bdf315fc70e3870b7f2ed8d72a5ecec9858dab33e4b8a0f81600300a20"
-                + "7af29c6a4ed63dc40f00fb08bed452dccaab699cd8e31b805118482fbd3db5b10662a194"
-                + "da222e5f0cbb485baded120a3d64a42b17852b1ed150858de3e42050886afbaf608b08a5"
-                + "ab6be149853ae37c0307aa06a0a47ce2f06695ef55c9d051a1faec488e604d0687be84d7"
-                + "9dc639ccae00c438882fea4b737505f75de56ee099c110ccc05e6153da121cae4ee913da"
-                + "84f0e31c9f394f7798f01dc211e2a2d0228ae69e701f8d03fc081917ff83a20c42957615"
-                + "def47fb46cb33a4f2bf94febed7970e10425e9d389b2b080a060c89d0b78f4e0bd6595ea"
-                + "e225acd01d0c89b3e4bafc85d43e19d28c579c31bea7197a394eb68204483855b47298c2"
-                + "a6bfeca80c290cbfe4d4fb9d097639e83c7af928f872804af5cdf2c70f0cd80b6cbef7d2"
-                + "1bcb34ca8f85eb0e779ea8d0a3edd90708bda16f55738e2e4f671adb7fc8820fc72ecef5"
-                + "6df3632406cb884a6f575bbbc93724d9fd01dc5a89bbfd62c2cc838039b37a977a27dcce"
-                + "08b379007f3f2b8f06fd0960a4994b93c5c85b08f14cd66ca5d90e53cccea433fe7e9836"
-                + "734b3f833b00913eb80c1bbd9e90f88d714bfd0ab0b7928be35881d6f58e7a72fd13d18a"
-                + "a587134f8b5a7985fad32bdbe347b7700d8ea5fcb317e054c24ec132a27018d273230921"
-                + "fcaafac0c7deab9a77e7bec0308af72b3ad1192edbeda237b788228a515b17585346a1bf"
-                + "fdebfafd62ff24d6877bfc6b15aedc6b638aa87bdd7ee2e23aa607a16e4f66065b808f0a"
-                + "a4dcc355d57db0e76a66fc42a39575624bb4acb9da91e67e101e0ef341128dfbdde7f4a0"
-                + "f20d79d739c4a3e11bb1b90b7b8e3e7ba7f3c10841ed2e99777af8e0a64d20a540df6555"
-                + "0dd6a089426f82fa1bf597bc03e46f41f9be6147b867643795b7e93e7b34568e210ff4d8"
-                + "2d46e834f011e93972099978889fe98793736ae88dc35d5aa99034fda93a22490b685cbf"
-                + "97264bd719df5d54c3fc23322ab5cfd8d3e7063e1fba9542c662e269e93289d71e1966ac"
-                + "94706e74f9702aed3053f40bff842e4c02ed4753ca69768bfff599edd089011d9752a476"
-                + "888fff2d8734f4ff882b73281e5fcd7e30f0f2633f53b58f13392e11903a93cfa23ccb8c"
-                + "49c00ef344fcf249dafa38d321714633c129498df70e0e8370db620c2490bcd99be38e67"
-                + "dc3d18911d87845313be28e17e2ee3bbe0ed7ab8e5a98d68c1c5e07f169db41e111f98ee"
-                + "858fc7346a5d4e7ed184b2b60ab441b1e3b186c58b2ac33ffa547473767276efd912303b"
-                + "440a58fe95091efde1360e6513a9e5390906e18e302173005028325d34f70a8a85f48bda"
-                + "bae0f15c33ec997d3d4acb6d3bcbd2434b0a83a1fbecbd33fcdf31e4a4044e201257836e"
-                + "cfe7b4c84a181827536eb95fb340da741d3827095350caf3964cbfb2eefe4e8ebb257ffb"
-                + "0904187df2eac9afc6e5e35caaf6e6a855d43b6e445fd91419bbceff8d30832b5e75b2ca"
-                + "5561ad64c306b09ad0d2ca3d17ea230bab0e3b6c1566eeab4693431e683057f07fa77099"
-                + "227a5c3f05308c8c3fb63e94a847003e0f0a78bd936d59b589c3e70ff70b9c688d43eb78"
-                + "35366a6574b0701e8804be965d7a2d2ec408faf31e6a68522b0b8da3cdba52c76cef757f"
-                + "a5fa466b542d5d57ab1504500a07037e1353b244a4424082f66d35aa99bd5fbb9a702362"
-                + "d81812771aac607695050c62cb589f00d614695b163af1e86bb3e6c1505609032576dbb1"
-                + "4d42b421e72561482737faadb6fd823dec0e1310a99c9936a22017b9149ce23cbbdf77f3"
-                + "4a57050b5f3b414028ca939c31e95655e909c630ad9dfe3f3f09a250e578030f4c3e9099"
-                + "dbb0088d58e1b4046b97b2f61d9a2be4cca9bc0240f06075850045ee17e19ec504e4ae27"
-                + "3934909cc4840fea6766af2592fd6c12f3a82ab05856a646786184c68ac2020d2a8fc782"
-                + "8717cb2f89cc2d42046d8b618dfe4fa9e90b15d5c08ac3bac5c197eac5cee915e3fa0c6c"
-                + "4730110f2da5e66c0a124c26a62ede1e2de4357b275ee84d020410668a3efa1e828cba53"
-                + "c62150bf2691afa904762f2aa0309bcf67d023cd62d1b7c37aea8b1d69e36e07f5b81828"
-                + "85d3b526b02b6ba5b3647364ceeb601dd90c33d466779fd06fcad909db0fe5f376108786"
-                + "a82d336cc1f79fd23264e5455938ba924fce91d6f94e0ad00275b5e5c063ace5ffcf48f8"
-                + "4e370c90b51c1327ff6e5105699795201784d8479d695cb70567f8f06698386e751a552f"
-                + "e72bfbd773226a10eacd32fa2cebea1403e796c2e1c21accc9f76ed21f05549fa17f10e9"
-                + "7bb8736cf345d70b2fcee0a2c0044d02b5615c2e3f5075667942e2e39a40a3630fceec36"
-                + "53450b84307bf027a3bc78033ddcc5841ef3462e34da3778c496bc3f29d55ca47b64db23"
-                + "ce488170a5a0498a3a0cd0065b6ac1a8676ef1dd5bd8b14f298390a29c1df1403db94993"
-                + "b9537b3e018d82875623b1ac6ef0b549cd2b9676cb9b00159139a3161253ffe47e77ccfb"
-                + "3ef8ee1119ba56b51e5c626de41f5ba197329939971b534ef9c82ccbdaccede15e6a945f"
-                + "a603cdbac2ebf385846864fd30",
-        };
-        int height = 6;
-        int layers = 2;
-        XMSSMTParameters params = new XMSSMTParameters(height, layers, new SHA256Digest());
-        XMSSMT xmssMT = new XMSSMT(params, new NullPRNG());
-        xmssMT.generateKeys();
-        for (int i = 0; i < (1 << height); i++)
-        {
-            byte[] signature = xmssMT.sign(new byte[1024]);
-            assertEquals(signatures[i], Hex.toHexString(signature));
-        }
-        try
-        {
-            xmssMT.sign(new byte[1024]);
-            fail();
-        }
-        catch (Exception ex)
-        {
-        }
-    }
-
-    public void testSignSHA256Complete2()
-    {
-        final String[] signatures = {
-            "006945a6f13aa83e598cb8d0abebb5cddbd87e576226517f9001c1d36bb320bf8030347a"
-                + "dd4d942530446cc44c26dcd215193c168c0b255a0527f7ed94b7df5bfd28f26560243926"
-                + "420d87b78f3d7388af1e85204c7cb389a9d33db5e913d3a4e26044c3f4d8296c4e744bca"
-                + "233a84b42f0524ee3ccf68eca45b66de7dfc123cac45a2aa2369c746b540b4573813c6eb"
-                + "f40344f7cd5ac7222d55d812dc3fd6f66a81b19f27562e8c3ee26a04db098db46b4695e6"
-                + "be887a3db47cda06c80ac1989523f0f3241aedd852c7de1bd4d80091c443c25c0b5567a5"
-                + "94584163ba01b609ccee1fc8c2e4ec4705957094fdd5a5d62ab4cd1149303522c06ac7d9"
-                + "c461cee06d36db642565a964f96ee40be0a75ab3ade6a952305655a8ba8b11ceca31bc37"
-                + "c5ec4650e67a2a8010cb348b81283aa265659ad68e4f45a219b5f104e84afcccbc759120"
-                + "64561f3d07fd243b6840fc3a9c02ebb9bb92c0077fe7084d7f81c64dc7ea1ce1efc000b2"
-                + "0ea0f854f68f9ee1a03c414902bcdf648eb0a6b3512f710e2ccb6bd46d58c78322efe0c9"
-                + "4ca8be6a35ccbb75fa14b913965ee02792b021c99d790367633318edd0c73a377db1f03c"
-                + "47071860b8a6c9764cf75e01a0d01921803286d635afe6977b30a653b2792aa8d8ce6597"
-                + "c87e046c603f44355201981a03827e7d1ad02d7754385e708bb697b5ac2c6d8284800991"
-                + "1acef13095cf1eb1724e239c94dd6bd0123d13e44e5bdd2344a019c5ea46e947c81cf911"
-                + "a8f18eaf687a5a4d395072d53e6edcce71e849785e2d097dbdf82eaf62efaf51897de4b1"
-                + "7997c72fee51d5d822d75acf9944db04e5d1cbaf50f83550c6fd4a360cf30621ff1b507d"
-                + "47a07065f091af9bd30d24a5ea7aafeef7537d05d896192e18422792b71d7d725c157d47"
-                + "ca2d9c33b8fe747f73cb344e51a19bdda74141a2ad62406a1dd41d4046a30994f50ee6bf"
-                + "b7b2450934db86c9cba3c4ce79e6348e18aaa693819d39d64aa6ee4e1ac5ad39cb71e35f"
-                + "e127533efb0344450aa55d61031f01ab160beba7667deae619ef4ed46074c899fc38dd18"
-                + "94896c314cb4adda6f7911f2ed6e1e498fdec6d365fb5858c171583a92fb73fb66dd4142"
-                + "a6aafacc5407aa52f78cc82a284f52d6b3816b708c04d32c63b3ef37a08a07926f521c45"
-                + "29e59f6cd74495c5ff49993a5ae898bec172babd64b398403e7207a5c703d9f04c88a975"
-                + "14c9440fcd90ca009421adc9fc22da94f35ad77f42031927c097a37a87d1a3ae35ff0774"
-                + "102aa52deb21275da6481905660f2b5149e275a3de718e211da518d0ec346007f9bb7180"
-                + "0d128f6da23ecc6babed12bad95b3694f19921f7135a37ebead795ecfc7c9afa6893f762"
-                + "54d4667df608bde6e126109676ba1137eea67ea1d25a818c8af76eb64d338da019803d84"
-                + "1efed57c6df63ad47da40f585121148de8c4a3c10a0197875b05063900b3101ac10f155d"
-                + "88101807032b66d9d9843e7960cc395658025c47e45a5ec746fc695c51a657622456fd09"
-                + "e38c2faf409cdd53f106ba7626cc2313805ac36a534d8b21af77bca84a5d7fbb750f6c93"
-                + "f06225e4452dee39b615b0f2feccb0fe2db1331633ddb90b31e4af49aec2de88dc59a68d"
-                + "aba6a485396abf56a5de1bda251c096832ecf8127de7403025f127b5f3308dbf04033f92"
-                + "8b2d0ec74349cc1c737ede88510e9ad62cfe1d5ca9c22b8a09b81a094924d3fb069998b2"
-                + "1b401a0c1bc1ae2850f1e2a45cbf3c436b9e4723432d009cdf9fcb20926ad7c909688855"
-                + "b2c7af757e64e4b3603c3af4e67809f9abc5688f82f608ef06c531e95ffe92b0fcc0c5e1"
-                + "0b03b29d5f3cf466b562ce441e4fac44df6036c07228a5196ed9b7b17e3f78dffb5d8333"
-                + "09402b82977478da2227ce1857bd66c566e34bad421bcc51558e39dde6d086083a40e392"
-                + "ac0e1a6205b421598ebd717388dd7b65a3edada491ab6e9dc572caf564e4c3295c98216a"
-                + "005cf0e018c4ce5881819c3e6fe65e50ab7a71b629b5fac0ad19b556704d8da30ca1a66a"
-                + "4c1c037dfe7fad1e7f9087d4f5d4c7986aea352e862a06f49842247c296683c0c1cd4c4c"
-                + "84ed8efbb4ec60489a57d2bda9476f158ed7f3887447244bc1a8915efda8ba53301d080e"
-                + "8fb7fca806ffd7064c82adbaaa0e90ccbd808c08d07758866952e25d86cea977c431a8d8"
-                + "8f56aa24d82b936343029070f2fe38d1ac3be1783de3bfe1db3d79ca9a986c8c6d31b530"
-                + "84a4b0f5b88c979baff4c991da692a45b583829ee442cb8d5fc143695d94d1fa4228f096"
-                + "f62e13143d4cfba7a9c929c5cd196a37d5cd3236594343d20b5d7880627995d5c809b74a"
-                + "6916965364e508ce32358169e7880fd1fb6d48c450de04642024f5268e7bc091d2fd3658"
-                + "ed7d2e924aed7e7a03fd9451d63459345112f3cda244cbc4a95c1d5e445b928f98195fab"
-                + "9c2b7160791bb2cd40f7462e6115bd4eab7b3bd711054a5dff71efbcb5e9f9e1fad83e33"
-                + "df5e46a182b843530472bc9a8f0eacf75bf8987e58813efe3c1633963202dac839b645d5"
-                + "253713b7e7c655664e642c1591794863bd65e69ec860be45ad6dc9b4da0ac90eb053be59"
-                + "6690bf75e5876af16321389c929577f571124adc3aa125c3ef8146365d3d5b256dd13e4f"
-                + "615a64ef54c1b14800ab9e68d6d5e63088196dc626091be77018a00c23f48b53a282dcc5"
-                + "839b522507207f0a6b16b168f7fb4c6ce52bb03010a4e579c00b35415f1fcd4f47b08cf4"
-                + "47d11140bc911787b61058ac55776bf3b989c79c735170c3932d617eece741ecded3211e"
-                + "d345e8bd9beb375380d8255b8b04df1e0a1795b3798a24a0182d9a969a4a554b4ecf9396"
-                + "b09bc2af3f79bf6a753da9f79a5294947c07a2caddf3d6a0d4a8a3289ac1e6fc5b867205"
-                + "90a50d2beb7f922c6b0d55c93a5af80169346014021caeed3cad3b2d83609c7a99189675"
-                + "c5e67460c3e20da7c2ccf55c8e447fcd46650ed01008502543594c29baa89a3b29abf183"
-                + "2de35d9186e6a6fd9034628127c2b1842d377fac6818689ac8eda4ad6c32ebf74e9e7e55"
-                + "9ff0652bf58b3ba2ee9f5a5e5ea1bc1bf3e0e81477f50e2b8719d1d9a3c1a55d5460711b"
-                + "88eb4f2c8df8d17d38832de9d4251142aa2cdb5a9d81a0c7a98e2c3c95bf96e73c68c78d"
-                + "467186eeac1dffce382df7f539590f78d0173d3acb9a7bbda54a6a4076d336b5c0857fde"
-                + "4e1e6dbc6cfa548668cbdd655e2fa2b4a13aa93fc46b4bb8bf3cad806fdf2b8e6a761530"
-                + "38370eeb6024ec9cd86b07d85167e5e502c424d56512c2d24a8bb30c822cdff17ca1a311"
-                + "e94d4f049163678cf51e2f6162b06e62c171ddd7f18314bdce08936cf7815b9ec8240e8e"
-                + "693dc9e567fb7238b6d492e602aa4582434eb270d53f66898b6bb6a1d8f4ee2fbeaa2446"
-                + "04dd1340ed2fd6f0ae22f872a40d61c334473b2cd3c1a9433979a0c1a3f5a483e026d7b0"
-                + "52c5651fdf224651ccdf2b0922685778a77679d7a7d8eff40afdc275f475d4298de7404d"
-                + "f9e8b98dc81694837fe74e5845a71c23e6f03c98528e7518706b90098e391e380c7a8989"
-                + "3a04c191358d15e1642ef942cd7be0cc978f58ede44df855ea01dc8e9292a7d1fb26c47a"
-                + "6b1a394c2ed171e13a70a15d86713531be57538d0baf2c3806a9298e7411de821bba15ad"
-                + "13ffb9782faf718c3ae85e48b69324926ec5d87783ec00ebeec771dcb9fa1133503d294c"
-                + "8bbdbf3dcd08a2e117857200005270ea2c9869d871c3f027127a4f6354c87c09533934b8"
-                + "523104eeff0b15893d78fb6bc65b7cfb1cd711214b70849e4c07f137eca3a98a68d2b5e2"
-                + "1fb8f0b8bb275f5b551ca77373066a7fbc0b8fff4925d69482ea20e10f56bdf423542467"
-                + "8d203aab87c22473e3d7a6bfecc69f29134b5267bf710c0b0c08f6e92a3d98f4c076e154"
-                + "57ec5a8683aa8b42ff2b400a294433432add3db210b56bf6e358662a3f70825c43ff893b"
-                + "1baabaf5fbe8f6d5ad8d10f01405e9c88a81373dff3f59e757094cf5a243548e8db9770d"
-                + "99fa4f039234025790e29f36fdf3d2cdb1b702881e9d0e5dca476cb5006713e6e793faa9"
-                + "2466381b8c1152b254b8a002888a558da3a10cd03b40c3121825520c3af0fe188cb66a1c"
-                + "27d3d2d0a6e5b7fc91d2d71ae5212088f337ea64bbfee2d32f81dbf579ed0b8b36eb13cb"
-                + "abf043a74ae836682e48ec90b73a1d43e562296a5fd290558bb0b54cbfbdcc598677a062"
-                + "264798ec80d8fccd138444dc5f788a83fc72f0422959e942d4823453c811c93dbef3eaa2"
-                + "5cf95a6c52ce4dd99191f3993d2602e35a494aa930b89ec817200405fb9a51a34ea1b34e"
-                + "2110c396776717dc7e84ecb95352f81e7f00698ce48fc30fead202d2bd0d7d9d3ac82e8d"
-                + "4582588a6073a8255eb5760d28a1e136ad40b842a18b0acb5c475141bcd6633b8cc867d8"
-                + "abe2f8faff2ab992fe32abad052bdff6a16f2a6a0e8babfa68e59c862ec7a1c2554439c7"
-                + "35e1c42310f649109cea6a8efc58130037a3a5f25966520e85321aa826a4c5c684eb4f7d"
-                + "1dc74c97b4603419df4f257c613a00c351962f4c154897328109494629e64a3984cf42c9"
-                + "b0b58e9cf65613040a20a63b4aa24f4844c2b6cd99049298bebbaad1e96f98811cbb7fce"
-                + "15c3370c86b383386d6b3f17d46fd5a998f0d7f3315459f6b0601eb5af6d4c73d8ac29bf"
-                + "03eb11f0bb5b528202404a5f02766f0dd60772e8435bf2e996c7e488a8508d8aa30ee3ec"
-                + "dfc5053f14fd70b2b11a75d60c2ecc557411d1fc6bf6ee2dededa3b016cfc680895a2f37"
-                + "33f57f9a69368101f10bea1d862c71e45a3c9e78bcf164b0c18070794187f0f998e1d38b"
-                + "03503121f5759c298ee10aaf083ed7ffea7573fc4e7ae46563229979e8bcae0ea5ca6bee"
-                + "5f7d7c7c1515056df6db5252d043730434d4900408dca27fe2628847002db7671de779e3"
-                + "50273236a614716d8dd0971816fdba911f82e35c4dd85e3d60d74c968e623f661a250489"
-                + "a77ec2e04005dc09630d0d3c40fbbe567c19378587f1850c9161335b0c62a2dcd7b9ea3c"
-                + "f9cc8693989705e19c24324120a789b2e02a67b86c89a1a753c536027d1a7290d16a0bcc"
-                + "dbab19e1f0b855852be5744c4fd3fb3cedcee941e89af8b2664611899c9031ac23e55c9c"
-                + "b583c1dc185f0ca3f562e4c15440d66e3e173ce4f1feb0ab3b12668b9670e3ed64872ac5"
-                + "c26fa422ee686aceb141b642c25281409114596eab784c263acf5cfdc25ced796c1c660b"
-                + "71acd00d8eebc3b9343aad88cc9072abc1d0a0bf9b39a0513a85ded70261b4dc5a30c8b7"
-                + "7625944e50dc3bad22d1e864d9298aeb58f257ebee0edf742111f0d41889bad2370581d3"
-                + "e8953857822b8dc368b73f04c22e4d83f3b3c155a53cbc33da680535b6ed236cf26fa4ae"
-                + "5ab5e0b244c0c054e203aed4d661e9b6c79e43a43337ef5510401d01cde4556b0af84683"
-                + "3f0b97f1d8a06aa0d97f20f39fc16bb1056f599cb9fbc25299397c277a059429c463f1ce"
-                + "af360d75601dd0f975e88dd60381ef0db76fdca1b55889a9f770857fada11e17894ec3c8"
-                + "49cc6cb264ec9fb93853402e888482f28f4a57faaeef5ea9676137a7cc855dde32e857ed"
-                + "52874d3066c7965dce2f0301dfa47faa3c9eeff43f10ac6a374deff4a06d7cfabeab463b"
-                + "fe6bbcf14d1081f8d5ba889cef409bb5da1959c74b40c5048b8861b4fe34cddcb66310a9"
-                + "126722bb297df7e8144d0e714165becf777dc8200365c73b5b86a8b76848173344273e3f"
-                + "fc29191f2b51b39521f9419d604f67b1a628e3ac9eb2fde8f29367cce39fb31e32f14dc4"
-                + "c64e6fdbca12bffd249ea16bc2314ebb184fc7065f083ccb7d1d8a78d6d3e0a3c7472254"
-                + "f9566c334dccbb17df4adacf24e2682559989cf0209b80f1fbd141b0a8de8ca2e8aff3ba"
-                + "7b2d5947e751341747430ed57b02519bdddf42f2701389fd3249809dd0a7bbdb6d3b8ab9"
-                + "f9639d51dc9bbf201f6575a02319b4948039b423633c92c0f51c6fd32c1d2a52f7ef925d"
-                + "33443521dc228d7ccef0f1ea20433ab928157443677f15460ba97ef79979ed53c6c259fc"
-                + "0b016c7aecbd997bdae8c0366656dd979074ba42c31b8664995e5e384c941f4798d9d67c"
-                + "0ec89599466ef2048f67dac2462014ae463a3a5b8322638a329799b1223c98ce5ccfe1a4"
-                + "cb682a2f5f08d9fccf05b5e38c9882b49a6ae467b8232f1652fbfa90c66190fbe8f7debd"
-                + "0653fbff088a039d833f9e98d853648543bb60eb4ed5c4e3ec2c0480a7b2fe85c324c486"
-                + "9aa01b67a73204b8f0cbaadb040ed9dc55385c60d3",
-            "01994b105a9224e5edcbc265ef0a76939005cecbe87097134c0b52f1d1a41270c2b946cc"
-                + "55e90d1e91702a152efb6cf47c250f7034ed776f2f948a656ea362f4c9d50ceab45fa2ec"
-                + "26ae272a2a3797b580ac874bda3345cf56e069b6540ff8f603131f3aa0c35895e898165c"
-                + "df763a6d5c88d4b2b88efcc10dde3281ab6653b0af9ea36dd569ca57b3ffead498f1081f"
-                + "fb38cfae75b368721f67ec1d9b5d7f8e29a2381c180584d9033536c5c77bd55d03577deb"
-                + "b4ec171bf0728172858b21c6005d22e542f7867f2452e3ce5c1b3938eff1d79a74338478"
-                + "adb790a374934973c2b8597058dd84957d3d2685d8a7be23ab230b3d83b724799c0f235c"
-                + "df3d0d2e0bc9d961759ea19ea0f6562e5f553b13a060b6f597c7f49c837a0456929ff01c"
-                + "c547d3a28f6a62cd9ca5b1965975d10a10667603c64900695dacb0ff43fecd4225577ab1"
-                + "c2867a6dd3b0b6ffb90d413bcaaabfc37f829aac0fca5e66647854deba07b0b93b3c48a1"
-                + "47e02075456ace562178131bad047d9deb64f4c13205cee916cd0248378eaf715bac2b82"
-                + "f5540111150ef1cae360832ddac01ea6ad1d9019d3c66c55962241bcf85221586ee2a390"
-                + "e6220367c9cefccbd66d4c3ce2cf38bbca2d0ffaee10b04afe2088d835281d51b6e57894"
-                + "abf2ce971bd7372fe3e7521ce0a7163c431519be7717f43f0b4d85a277afd75b91fdd075"
-                + "c4d6d303110535305b9dd514ec9c46e0cd84f5a9e4c0a838036915b0fc3ace08b991ab44"
-                + "d44d567eb737148aa51f62e3909f9b6b1f690e5464f51ad4bc8e2fa38e85fecba6db7921"
-                + "d3cf0339ff2f3b01174abaa95e32fa01078e541db5479553eeffbd97d56ac15df3c5c074"
-                + "c0a0f087ed4bc0a47d9d24cb30e782138779862b15b5367534fd4bcb1cd92d5e6d4f612b"
-                + "d5ea7c03585052d8468c3644ebefeff03e62a3957f8adf4f2698362806594cc6600ef658"
-                + "38d6ffea9096e3ac3a5e421f550b584d74b2592c606aede90a315ae8d580abd5e7a9c595"
-                + "cabcaefd47e224a2d35607d601a8f9bbda0743d17ec0a9e74d4cb477d3103cb88d06f6db"
-                + "d7c038b54a06c7bc6b48fa3929404bd0529d5abeeffa5c778c08702da452d9129654569e"
-                + "1fe12997143575c7a58b7de776c1d9efa06d93287b827d6f835d6ab2a4c965857967f0fa"
-                + "844bb3ae2657861f34288ace5f4f78b607efc8a41ef5ba1ee3d1446b8c4d9931ca5252c2"
-                + "b44aa4f655e80036b2395b26352658af213fce775b404712f85584cf0b7a9c017017501d"
-                + "868bf701490ebbc7c93d639067f98cf6bc9acd587350de7b6f783f75831dbea633f8dbaf"
-                + "804a019deb631c4a8b19bb36f583d5f6aa30bea7b002d48aee10ca4b9d747c61bf44cfec"
-                + "c13a75a39528a6c2677bbcd483140172078aa44992328f671b6e0b5d18edff0bc335ebd2"
-                + "ca9afdc73dab4955f250874ff7325655ba9b3b83ebb460193e323bd86c7a5799f863816b"
-                + "6cf12006a2d114c252807eac1e4dce16dda2f4dc1e9794ee2fae01bb35eb8d4d20b336d5"
-                + "6a0fb5e128a635aaafa05ad631eb03cc74bbe5a2d50d76a79ada495260118f9abd4717a5"
-                + "36e3965d917065c9920088846ea16a242cb1159ef67196b9c54b946385c3691b0cd8ff22"
-                + "5f4b78fe0aa99f4c2faaa2ceb24203c2e9e18543f68989c7dae98facd6a610a023bc3a43"
-                + "16ddf99454cda95e6f311c5d6e47420034c7c267435b7f83faccc47b0889eaa759cb901b"
-                + "5687b7cd076d30543b930fe2a3128afc2546f75ccb77f626ec392ed0918724d9c9a054ea"
-                + "e464081288292fd9e2a52e388a55badbcb352d7bea871151bd9062578d7cf26920fdc16e"
-                + "a40e8af876d6592cceaf266fa1b14b9c9e3c9dedce9d03796b8e32ea33b003ffb6dde709"
-                + "f853c88943eaf9a6a36fa821b920e28b3d48b8fa47b8b8a4013ee14ba01bc3721ac8186f"
-                + "46d00b61ec0d9c68b3919c0c6e47603cc88aec0379d23aa55664cfb15138aa739a08c820"
-                + "a2c87273bc6b7c7e2f75b95b2c12880a2002594b6862ca9f3700a1463b6a67ba9760ad8f"
-                + "eb851f8d1855b4ae4eb716ed0fe73acbf35a96dc33020143e68a1b1b884cec92ac1e3282"
-                + "9200c1acd4fad52e5d10734a16171fa8e4b711c99f993d185024f7539bf86038625df9e7"
-                + "0ae98c606e3ff095f94b1eb3263cdafc9e401d29e7b801e2875d9e8646e68e85d4b9d87f"
-                + "1c2bdc4193c5e691542894ba42197cf1bbacea12906d5c578548a7ae5d27ff96c63e8945"
-                + "26c3cb393e7fce900ae4f9dad940f0b64c61c44c65d9b0b7a498f612a78de3854c894883"
-                + "7d60765cc992a09d1dac33df336c5f3dc144f85f260195c82264cd88815362a1d2dcc432"
-                + "a9b54e670b0a7fb205352789d1a1159098d7bced399e731b80f83ccac1ad619d9bfcaedf"
-                + "dba9c6600b9a3e372741bfa9792eb719eb53f1b4b73b798c9601fe77342bd462fd700f69"
-                + "333598e493202e218b4c1bc619bcc53761d936b9b0a73a28a049be5d73bda80860dd1d7b"
-                + "ed7f9d8e3872f331081aee35ecd1e81fae67643b38d97cb3a81b97a9d0ca68eeb72b1c6f"
-                + "f985bc1d0099d12d2dbf3488c48fb8d0ec26e737e51e553990395534e8961c6797e73233"
-                + "d418f1a2086ab06b17a47fb4965524d09ffd1c997cda75d8f242215eb7948e2fa9f72c3a"
-                + "92879fd2d17cf801e03acfb9bd0d87c18f13a89a494a629d05adf7c7a61109f811075011"
-                + "196aee7d6dc85817c7a307d28ee2162f3bf61329b847641e95d83ccbd42a482764d6a9a7"
-                + "84245f5333027f53bef5f6b4300ab6a36a09c622832d8bcc49cd531af67a5cba36ccd9ea"
-                + "0a115964a00395c3e28cd168fbd6c6d4e146f5bff31c8876085bdc09663fb8387378293a"
-                + "8d188410ff4ed23bbf8e94e8ea3290c219c68180b8a59ea5f5e97cde51018ddbc835ef46"
-                + "658b0a5d79625599dfe624eb52e88934230d23a77c92c5408f62d87254ce43524857313a"
-                + "22a32b58d2b68fbbd99fff526793ab2ddecdabac479b14dad1a5adc3c5e82a34f307277b"
-                + "9a09c038aca00a99ff63060dad783e060e4cd9d59c5c9a5a013c7d555080fcfa56e6dfbb"
-                + "fbbc58df90cc9cc65fb10063623a3da00ba5b2d2934fff8302e88ee8c6fec5456a05676c"
-                + "14a53ca7eed5485f4e4ea42198251142aa2cdb5a9d81a0c7a98e2c3c95bf96e73c68c78d"
-                + "467186eeac1dffce382df7f539590f78d0173d3acb9a7bbda54a6a4076d336b5c0857fde"
-                + "4e1e6dbc6cfa548668cbdd655e2fa2b4a13aa93fc46b4bb8bf3cad806fdf2b8e6a761530"
-                + "38370eeb6024ec9cd86b07d85167e5e502c424d56512c2d24a8bb30c822cdff17ca1a311"
-                + "e94d4f049163678cf51e2f6162b06e62c171ddd7f18314bdce08936cf7815b9ec8240e8e"
-                + "693dc9e567fb7238b6d492e602aa4582434eb270d53f66898b6bb6a1d8f4ee2fbeaa2446"
-                + "04dd1340ed2fd6f0ae22f872a40d61c334473b2cd3c1a9433979a0c1a3f5a483e026d7b0"
-                + "52c5651fdf224651ccdf2b0922685778a77679d7a7d8eff40afdc275f475d4298de7404d"
-                + "f9e8b98dc81694837fe74e5845a71c23e6f03c98528e7518706b90098e391e380c7a8989"
-                + "3a04c191358d15e1642ef942cd7be0cc978f58ede44df855ea01dc8e9292a7d1fb26c47a"
-                + "6b1a394c2ed171e13a70a15d86713531be57538d0baf2c3806a9298e7411de821bba15ad"
-                + "13ffb9782faf718c3ae85e48b69324926ec5d87783ec00ebeec771dcb9fa1133503d294c"
-                + "8bbdbf3dcd08a2e117857200005270ea2c9869d871c3f027127a4f6354c87c09533934b8"
-                + "523104eeff0b15893d78fb6bc65b7cfb1cd711214b70849e4c07f137eca3a98a68d2b5e2"
-                + "1fb8f0b8bb275f5b551ca77373066a7fbc0b8fff4925d69482ea20e10f56bdf423542467"
-                + "8d203aab87c22473e3d7a6bfecc69f29134b5267bf710c0b0c08f6e92a3d98f4c076e154"
-                + "57ec5a8683aa8b42ff2b400a294433432add3db210b56bf6e358662a3f70825c43ff893b"
-                + "1baabaf5fbe8f6d5ad8d10f01405e9c88a81373dff3f59e757094cf5a243548e8db9770d"
-                + "99fa4f039234025790e29f36fdf3d2cdb1b702881e9d0e5dca476cb5006713e6e793faa9"
-                + "2466381b8c1152b254b8a002888a558da3a10cd03b40c3121825520c3af0fe188cb66a1c"
-                + "27d3d2d0a6e5b7fc91d2d71ae5212088f337ea64bbfee2d32f81dbf579ed0b8b36eb13cb"
-                + "abf043a74ae836682e48ec90b73a1d43e562296a5fd290558bb0b54cbfbdcc598677a062"
-                + "264798ec80d8fccd138444dc5f788a83fc72f0422959e942d4823453c811c93dbef3eaa2"
-                + "5cf95a6c52ce4dd99191f3993d2602e35a494aa930b89ec817200405fb9a51a34ea1b34e"
-                + "2110c396776717dc7e84ecb95352f81e7f00698ce48fc30fead202d2bd0d7d9d3ac82e8d"
-                + "4582588a6073a8255eb5760d28a1e136ad40b842a18b0acb5c475141bcd6633b8cc867d8"
-                + "abe2f8faff2ab992fe32abad052bdff6a16f2a6a0e8babfa68e59c862ec7a1c2554439c7"
-                + "35e1c42310f649109cea6a8efc58130037a3a5f25966520e85321aa826a4c5c684eb4f7d"
-                + "1dc74c97b4603419df4f257c613a00c351962f4c154897328109494629e64a3984cf42c9"
-                + "b0b58e9cf65613040a20a63b4aa24f4844c2b6cd99049298bebbaad1e96f98811cbb7fce"
-                + "15c3370c86b383386d6b3f17d46fd5a998f0d7f3315459f6b0601eb5af6d4c73d8ac29bf"
-                + "03eb11f0bb5b528202404a5f02766f0dd60772e8435bf2e996c7e488a8508d8aa30ee3ec"
-                + "dfc5053f14fd70b2b11a75d60c2ecc557411d1fc6bf6ee2dededa3b016cfc680895a2f37"
-                + "33f57f9a69368101f10bea1d862c71e45a3c9e78bcf164b0c18070794187f0f998e1d38b"
-                + "03503121f5759c298ee10aaf083ed7ffea7573fc4e7ae46563229979e8bcae0ea5ca6bee"
-                + "5f7d7c7c1515056df6db5252d043730434d4900408dca27fe2628847002db7671de779e3"
-                + "50273236a614716d8dd0971816fdba911f82e35c4dd85e3d60d74c968e623f661a250489"
-                + "a77ec2e04005dc09630d0d3c40fbbe567c19378587f1850c9161335b0c62a2dcd7b9ea3c"
-                + "f9cc8693989705e19c24324120a789b2e02a67b86c89a1a753c536027d1a7290d16a0bcc"
-                + "dbab19e1f0b855852be5744c4fd3fb3cedcee941e89af8b2664611899c9031ac23e55c9c"
-                + "b583c1dc185f0ca3f562e4c15440d66e3e173ce4f1feb0ab3b12668b9670e3ed64872ac5"
-                + "c26fa422ee686aceb141b642c25281409114596eab784c263acf5cfdc25ced796c1c660b"
-                + "71acd00d8eebc3b9343aad88cc9072abc1d0a0bf9b39a0513a85ded70261b4dc5a30c8b7"
-                + "7625944e50dc3bad22d1e864d9298aeb58f257ebee0edf742111f0d41889bad2370581d3"
-                + "e8953857822b8dc368b73f04c22e4d83f3b3c155a53cbc33da680535b6ed236cf26fa4ae"
-                + "5ab5e0b244c0c054e203aed4d661e9b6c79e43a43337ef5510401d01cde4556b0af84683"
-                + "3f0b97f1d8a06aa0d97f20f39fc16bb1056f599cb9fbc25299397c277a059429c463f1ce"
-                + "af360d75601dd0f975e88dd60381ef0db76fdca1b55889a9f770857fada11e17894ec3c8"
-                + "49cc6cb264ec9fb93853402e888482f28f4a57faaeef5ea9676137a7cc855dde32e857ed"
-                + "52874d3066c7965dce2f0301dfa47faa3c9eeff43f10ac6a374deff4a06d7cfabeab463b"
-                + "fe6bbcf14d1081f8d5ba889cef409bb5da1959c74b40c5048b8861b4fe34cddcb66310a9"
-                + "126722bb297df7e8144d0e714165becf777dc8200365c73b5b86a8b76848173344273e3f"
-                + "fc29191f2b51b39521f9419d604f67b1a628e3ac9eb2fde8f29367cce39fb31e32f14dc4"
-                + "c64e6fdbca12bffd249ea16bc2314ebb184fc7065f083ccb7d1d8a78d6d3e0a3c7472254"
-                + "f9566c334dccbb17df4adacf24e2682559989cf0209b80f1fbd141b0a8de8ca2e8aff3ba"
-                + "7b2d5947e751341747430ed57b02519bdddf42f2701389fd3249809dd0a7bbdb6d3b8ab9"
-                + "f9639d51dc9bbf201f6575a02319b4948039b423633c92c0f51c6fd32c1d2a52f7ef925d"
-                + "33443521dc228d7ccef0f1ea20433ab928157443677f15460ba97ef79979ed53c6c259fc"
-                + "0b016c7aecbd997bdae8c0366656dd979074ba42c31b8664995e5e384c941f4798d9d67c"
-                + "0ec89599466ef2048f67dac2462014ae463a3a5b8322638a329799b1223c98ce5ccfe1a4"
-                + "cb682a2f5f08d9fccf05b5e38c9882b49a6ae467b8232f1652fbfa90c66190fbe8f7debd"
-                + "0653fbff088a039d833f9e98d853648543bb60eb4ed5c4e3ec2c0480a7b2fe85c324c486"
-                + "9aa01b67a73204b8f0cbaadb040ed9dc55385c60d3",
-            "029200f6d2d656430e2c49eda24923d91c484885f9e626e8e76cad5fd2f7d875ccc2bc23"
-                + "415d4faf87c4ce6e7525be296c65bb2798f19279dc59d02830695fac8bb044790c3dd1ad"
-                + "def9b04a83f6e31ca470cb9d3cd02bfd45401100a35927c9577aa1434c71aa29cebf6beb"
-                + "bd5d209eeda8864a250215a168764a228979c671a5c5595946e83d31dc36a52777616c18"
-                + "3714588db1760ef0c8e537c7504ea3400cc4a2845ed647066081db051fc3ed7a541b8f29"
-                + "4597aa2fa5bfbfdc714fbe7493ffc401a28fa156cfbeee5f1163da5bc039297fcb5fc536"
-                + "3b48b2bce5e558a8fed0d7aacffad3f2d41d72e0e157faf66658dea45aefba44990912f1"
-                + "387af750ca53e94ec9dd72bc1e273c15024105fbaae774bfd0b84dc7314a3fae56777c8b"
-                + "960fb2450e360489900c5eeba5ad0a80325559431c9128d4d861b546b8f344417bc48694"
-                + "0b5e8d27f98c90067a849af397a8798c3d37d24be57c1d73c5f47c67cfcaeb85354b3341"
-                + "45e794b2454c5d9484eed5c292e3bc875d8ab56079e74b5a4c7acdda83521deea1931969"
-                + "bd6386934a394009f1a214e8ebcedc28c11f5c38c550dfa47d017dc4306026e12e98fa14"
-                + "89c6f0366c9e3f59cbba65fd3020d39048f84929a4bcb40d65fcea84e461c4b3fc2f8d4a"
-                + "1ba3e561be9805fdfd74741ab476adac59897ece299db3da7b4a250244c278e8c4ef0b31"
-                + "f1079980e2b9f5f2223c879568d89157ca0a22330de5aaee6501b8af26870bfc2f3fceec"
-                + "e9c76c8ddc2529b48f96df991d4cdd7cd736ae84e09ae833f84c56811a851e9bd76c4eef"
-                + "4308430d16a056d1c50a2121f9720f408fce8ae8cf1465a3386f62ad2458e2e1f9c33c86"
-                + "3ab07e4ece39d66402fc2443bed9dba5ccab665865bfe7519a19063cc487a11619c8f5d0"
-                + "72fe5935fc424477bb38be9fb658eeac200fa0af18004deabded50080c47b7315150768e"
-                + "edd9bfe586fdf37d7a0c74807838fafc5a1e5e64fe1b3d70f5dffd395f5116e492080413"
-                + "7907aaceeef41e2a77e15ce6605d9d48e28f575d2f544bd5678ee67759d0f9078a33177b"
-                + "2daf479d53383e010f7cc378d2449dea19083128f32ddd41173123dcff9e06738b439f8e"
-                + "46b6670e22a5ce5ebb2dab417ff5cb5ca4ec6d441a80e3541bf4c588a74cb2c50ec9d757"
-                + "85abb54ad6c4a5260d45a795c9326cce6561a276e4bd11418ac3db09b40a29a6d5c81c0d"
-                + "68175a813623caaf0ff586330ddbc6dba9ee39e62da280ecc13ffc22f83a8cbfe7a98d9b"
-                + "af60e824b4b4cc54db0af44b23596422323d4bffe4ec4a8d02906403765e57e5d8d41820"
-                + "167acc8edac2c4615c8cfb730052e3c1f2222cc00b61691464c38bf725e61e303323b006"
-                + "809f4307c18f798523be6aceaaeb2675c871aa3bdb23d1435ff2a769c94e39ff51ab84e6"
-                + "ea0c4273fd8cd18aeaab4ab789f61e2a44ead5cdb47cfd9f6230a1f54fe0fa0041cac8a9"
-                + "8cac7870072a28ab79574ff468a8c791c312ad81422316a86544faf93e4f54719a02960a"
-                + "ed675d4c38b11daa308f122391f53218dddb6eeec42106980fc3a46a121f507d54dad5c5"
-                + "dea73bd7eeb12e1c204771511f4d2f07e70c3ebeb08b4d61d108de42d06a069a1ea270cf"
-                + "36cf7d22fc71465bb0279670206c9cbec762300bc336ae1b89f894b2cadc9a69f97f414e"
-                + "22799c4e5312a98a72a464ce11850772c4b6bff995be2567dba1364c9828041feaed5f3f"
-                + "a9d031a709279fac65bdcf63a36cef9feb399a711a744071df6783f5dc16ca0890934c00"
-                + "dadf04012cfea4213d7a66e468ac6e7a6ebb6618f0f8bb926335a31bc1684185e4c5c736"
-                + "3d7240ddd7bd1700dace25f48e548ce21d01a4b2084bd55b84b3de187dfeb8cef29d3572"
-                + "f39c2742ce2f8c2360d8aefdf3279d1dbe472332df35d0ffc1e87c2c80f66e2c72d1fd51"
-                + "a924bb3c61f1a81d97aece880dc9bc403cf212d8ca904098f24634ce77912b3436cac540"
-                + "77a9de2ab86395c31a4078dd24776650d0da94b7c499b68a58bc695e03b6e20c77684ba3"
-                + "9b0680702147aba3ce04d13fadeeb02bb9f0b38693ed7d446213b377f609dd001f11c61a"
-                + "647ce183ea5b647ccb3fef9eb104ac9faa0a4366160a7887e65e0fdf4f5d9e818b67f83f"
-                + "7cde3a3c750c7acf38a038870cd1192fea9e23d62f0ff123ce2837a2d1c2a16227bb8511"
-                + "8e77d7630ff0d6c7f64be35751259d2ce6150beea128c57064cf05381f0d690b88c943b3"
-                + "d790c03f1e3c6894c59b2dbf489f8b2f1c5035864b6d199943885e2f8532745ef3615a14"
-                + "3ef8132ccfd21ea4dd0428d4270f939dbb2cfa4050abe2f03530da91fa11c7b898cb0878"
-                + "c5eadd53651f353c34eff767a5d42b8ad26f8d386dfdf8005da8afbb4f8ab0d94c416c5c"
-                + "dd07ec8fa329353f8a1136447ac61e3f81b37532ee969be56df9d5be0048ba38ee17ae46"
-                + "0dd2c5e5bab23b278d47eaac4998231ee0ec13f620be038de02cae415c61d06c12f74e8e"
-                + "1175d1809755ca24a7eb94b52573588ead5fb4bf5a298af69979579d50e454e1c3cbe628"
-                + "c07cccb63071d0d6c98f921dbbc1eaa03e366efff3d4a50b270d419d6acc16d54c1ffbfa"
-                + "6db8aa3e76123903ff4b169b5d0b129eef63120386e239f55cfd9f4a6f6b88de7bfa273f"
-                + "322bf0a89a6bf0d3762077634b77634b0b5c03e4fad42268f05d84ec8a6480751d779a70"
-                + "b45996ee27cae86e78c12b8e7d327fa9fe367d2d26221217910c5dda292a1b9f2879badc"
-                + "8dbf5f15af72483f4e43390d1074a64c90b2ef4e670c7acee106eecc06a1c51451ea8e75"
-                + "31d84c72cb2abec68a5c80761a3c5088c653d48c04a9ec2dd29defd1ecd59b88abe0b4d4"
-                + "fed28508f5baca75c222a0c00eca957c7093f0c76800535ce2f4395b19a48587b2e54e22"
-                + "ad4f063765739722ed89ac07c9738803ffc999afb8f2527436c69003228c944f61f837d0"
-                + "0baa017230a5630ba293c3f1f2c0594c6e8a9f55e995f38d82a5b8a44a19816614b03e14"
-                + "656ad45203050629f14acc5d1e86828acfbe06140ddf140c79aea8b327d4ac843593590c"
-                + "d4749ac5e2263ffeb800e9f87c5dbad07a9be4aa2007955dfe8862983d252d8b79a33e9b"
-                + "1c531003f1cd3a8bcc6d29ff8aac0062bbc479ad59262cc6bce4048859718988b62e2c45"
-                + "11ed65f659cf8c579a2df7f539590f78d0173d3acb9a7bbda54a6a4076d336b5c0857fde"
-                + "4e1e6dbc6cfa548668cbdd655e2fa2b4a13aa93fc46b4bb8bf3cad806fdf2b8e6a761530"
-                + "38370eeb6024ec9cd86b07d85167e5e502c424d56512c2d24a8bb30c822cdff17ca1a311"
-                + "e94d4f049163678cf51e2f6162b06e62c171ddd7f18314bdce08936cf7815b9ec8240e8e"
-                + "693dc9e567fb7238b6d492e602aa4582434eb270d53f66898b6bb6a1d8f4ee2fbeaa2446"
-                + "04dd1340ed2fd6f0ae22f872a40d61c334473b2cd3c1a9433979a0c1a3f5a483e026d7b0"
-                + "52c5651fdf224651ccdf2b0922685778a77679d7a7d8eff40afdc275f475d4298de7404d"
-                + "f9e8b98dc81694837fe74e5845a71c23e6f03c98528e7518706b90098e391e380c7a8989"
-                + "3a04c191358d15e1642ef942cd7be0cc978f58ede44df855ea01dc8e9292a7d1fb26c47a"
-                + "6b1a394c2ed171e13a70a15d86713531be57538d0baf2c3806a9298e7411de821bba15ad"
-                + "13ffb9782faf718c3ae85e48b69324926ec5d87783ec00ebeec771dcb9fa1133503d294c"
-                + "8bbdbf3dcd08a2e117857200005270ea2c9869d871c3f027127a4f6354c87c09533934b8"
-                + "523104eeff0b15893d78fb6bc65b7cfb1cd711214b70849e4c07f137eca3a98a68d2b5e2"
-                + "1fb8f0b8bb275f5b551ca77373066a7fbc0b8fff4925d69482ea20e10f56bdf423542467"
-                + "8d203aab87c22473e3d7a6bfecc69f29134b5267bf710c0b0c08f6e92a3d98f4c076e154"
-                + "57ec5a8683aa8b42ff2b400a294433432add3db210b56bf6e358662a3f70825c43ff893b"
-                + "1baabaf5fbe8f6d5ad8d10f01405e9c88a81373dff3f59e757094cf5a243548e8db9770d"
-                + "99fa4f039234025790e29f36fdf3d2cdb1b702881e9d0e5dca476cb5006713e6e793faa9"
-                + "2466381b8c1152b254b8a002888a558da3a10cd03b40c3121825520c3af0fe188cb66a1c"
-                + "27d3d2d0a6e5b7fc91d2d71ae5212088f337ea64bbfee2d32f81dbf579ed0b8b36eb13cb"
-                + "abf043a74ae836682e48ec90b73a1d43e562296a5fd290558bb0b54cbfbdcc598677a062"
-                + "264798ec80d8fccd138444dc5f788a83fc72f0422959e942d4823453c811c93dbef3eaa2"
-                + "5cf95a6c52ce4dd99191f3993d2602e35a494aa930b89ec817200405fb9a51a34ea1b34e"
-                + "2110c396776717dc7e84ecb95352f81e7f00698ce48fc30fead202d2bd0d7d9d3ac82e8d"
-                + "4582588a6073a8255eb5760d28a1e136ad40b842a18b0acb5c475141bcd6633b8cc867d8"
-                + "abe2f8faff2ab992fe32abad052bdff6a16f2a6a0e8babfa68e59c862ec7a1c2554439c7"
-                + "35e1c42310f649109cea6a8efc58130037a3a5f25966520e85321aa826a4c5c684eb4f7d"
-                + "1dc74c97b4603419df4f257c613a00c351962f4c154897328109494629e64a3984cf42c9"
-                + "b0b58e9cf65613040a20a63b4aa24f4844c2b6cd99049298bebbaad1e96f98811cbb7fce"
-                + "15c3370c86b383386d6b3f17d46fd5a998f0d7f3315459f6b0601eb5af6d4c73d8ac29bf"
-                + "03eb11f0bb5b528202404a5f02766f0dd60772e8435bf2e996c7e488a8508d8aa30ee3ec"
-                + "dfc5053f14fd70b2b11a75d60c2ecc557411d1fc6bf6ee2dededa3b016cfc680895a2f37"
-                + "33f57f9a69368101f10bea1d862c71e45a3c9e78bcf164b0c18070794187f0f998e1d38b"
-                + "03503121f5759c298ee10aaf083ed7ffea7573fc4e7ae46563229979e8bcae0ea5ca6bee"
-                + "5f7d7c7c1515056df6db5252d043730434d4900408dca27fe2628847002db7671de779e3"
-                + "50273236a614716d8dd0971816fdba911f82e35c4dd85e3d60d74c968e623f661a250489"
-                + "a77ec2e04005dc09630d0d3c40fbbe567c19378587f1850c9161335b0c62a2dcd7b9ea3c"
-                + "f9cc8693989705e19c24324120a789b2e02a67b86c89a1a753c536027d1a7290d16a0bcc"
-                + "dbab19e1f0b855852be5744c4fd3fb3cedcee941e89af8b2664611899c9031ac23e55c9c"
-                + "b583c1dc185f0ca3f562e4c15440d66e3e173ce4f1feb0ab3b12668b9670e3ed64872ac5"
-                + "c26fa422ee686aceb141b642c25281409114596eab784c263acf5cfdc25ced796c1c660b"
-                + "71acd00d8eebc3b9343aad88cc9072abc1d0a0bf9b39a0513a85ded70261b4dc5a30c8b7"
-                + "7625944e50dc3bad22d1e864d9298aeb58f257ebee0edf742111f0d41889bad2370581d3"
-                + "e8953857822b8dc368b73f04c22e4d83f3b3c155a53cbc33da680535b6ed236cf26fa4ae"
-                + "5ab5e0b244c0c054e203aed4d661e9b6c79e43a43337ef5510401d01cde4556b0af84683"
-                + "3f0b97f1d8a06aa0d97f20f39fc16bb1056f599cb9fbc25299397c277a059429c463f1ce"
-                + "af360d75601dd0f975e88dd60381ef0db76fdca1b55889a9f770857fada11e17894ec3c8"
-                + "49cc6cb264ec9fb93853402e888482f28f4a57faaeef5ea9676137a7cc855dde32e857ed"
-                + "52874d3066c7965dce2f0301dfa47faa3c9eeff43f10ac6a374deff4a06d7cfabeab463b"
-                + "fe6bbcf14d1081f8d5ba889cef409bb5da1959c74b40c5048b8861b4fe34cddcb66310a9"
-                + "126722bb297df7e8144d0e714165becf777dc8200365c73b5b86a8b76848173344273e3f"
-                + "fc29191f2b51b39521f9419d604f67b1a628e3ac9eb2fde8f29367cce39fb31e32f14dc4"
-                + "c64e6fdbca12bffd249ea16bc2314ebb184fc7065f083ccb7d1d8a78d6d3e0a3c7472254"
-                + "f9566c334dccbb17df4adacf24e2682559989cf0209b80f1fbd141b0a8de8ca2e8aff3ba"
-                + "7b2d5947e751341747430ed57b02519bdddf42f2701389fd3249809dd0a7bbdb6d3b8ab9"
-                + "f9639d51dc9bbf201f6575a02319b4948039b423633c92c0f51c6fd32c1d2a52f7ef925d"
-                + "33443521dc228d7ccef0f1ea20433ab928157443677f15460ba97ef79979ed53c6c259fc"
-                + "0b016c7aecbd997bdae8c0366656dd979074ba42c31b8664995e5e384c941f4798d9d67c"
-                + "0ec89599466ef2048f67dac2462014ae463a3a5b8322638a329799b1223c98ce5ccfe1a4"
-                + "cb682a2f5f08d9fccf05b5e38c9882b49a6ae467b8232f1652fbfa90c66190fbe8f7debd"
-                + "0653fbff088a039d833f9e98d853648543bb60eb4ed5c4e3ec2c0480a7b2fe85c324c486"
-                + "9aa01b67a73204b8f0cbaadb040ed9dc55385c60d3",
-            "0386edf8472409c6a0fe2f3da07457868477f3f745d6717aec4a4ba8c7ab1647483b921c"
-                + "75c2c7bf7f9039f2ff3d1de086883313fef5dacdda84e19ff29306444a28d55e9a0f5218"
-                + "fe59b15437d77d2baebbc4123f6419b963c85ce97350cebd218111ad2d1dbb782a95d902"
-                + "d02157291b8511555b949cfdea77002d966f3f9c6e1ba486f60609701e7e202db4f623db"
-                + "28614f7152efabb995a79e5e2a8577effbca65919b91eff118c81038214df51fd883fb56"
-                + "e353334d0e3cdca46afefd63785d38a3f5e668bfee902b3d2b3c8ca2caf98a52fc418057"
-                + "f82ada73c81e10297955fa4e08154068f7dd9eb51a67d2e8eddd1913404b2df856a66ad4"
-                + "68e28bb2d159c550c3894ad3749108cd04968e98e932094974e35a464a7280bf0de93b13"
-                + "2074fbccaea7e25a01d304a1cf54710127d5cf3242d73b5d310780adaa30962bacdada11"
-                + "10b69b3e9aca6cc37e9c7f019e9cf19453ca13fa12ef3968412440b038f9566a34eb470e"
-                + "cbfc99bafa05987190c4775981a7a224cc0428971341ee8d76167e0743619b3011df2bb1"
-                + "89b4cec9e2ed873660b8185e82efeb3bf00155ee2152238e7a8f7749c5337909185b5d6c"
-                + "294e5b827a7773d62443697f8cba298ec69e1b8b9d59e5051bd1291ffb52287807240a39"
-                + "763b15a90148ea98297d877057cc9f4ab6401f05a666212b554cedc2dee814cd975ecf10"
-                + "7ca2de07db4bc75e6ce5015e49fe0c3a1018235b026fad4134257a1d49c37caa07d9b320"
-                + "55a7323d5a4f90310c04b44ee32537981f6d02a7baef1a8939378daf61d807a9e1003e73"
-                + "7728deb4e00609c4f087e9c178a61ea4a4c65cde7acb55dfbc0217c41eeaeebce3ef5e90"
-                + "f65629d199a9077294cfff05d27e31c6de75797287d056eef0645c1073c3aed5b4c90c53"
-                + "8bffe61bcbebfae8601db23622e41ddd6f2e6fcaadd2786cb6bf50b7e5cf92f5cc6df8ff"
-                + "ec7584f88a9deea3b5ab4a8d8ba79c42b9bcb028ece158baad045b7cb248ac42d5ebe15c"
-                + "2476a16e25616c91036c6e3a4400de3619534109c949b2f8ac1625b128253b378c5caaa8"
-                + "766ebd7c0b1c60e76bfda0b067a9ddf4746fd90227b9b6876f771451f16a5c69bc6a92ac"
-                + "8388b218bab526f645fccaa1ad27539738778292ab1c9481c8105bef50552fcc206bdf26"
-                + "ac83d77d3d8ede4f9ffcd8624bc6a46996d9a5b78c5533249637996f1ea03c949b27e543"
-                + "4b6c9c7d2fe815a09c746e6e9fe1c437971055a1b0c44330cd52711790a0e284504e9cb6"
-                + "205c87adfb00fc917fd384b5a0a8fe1db836f2ca0a16e6734206d8ff07da4ed2987de460"
-                + "3b4dd67d1aac836897e03eb38242b3f135972d0550073d19bfbd1737da36ce12ffe3e512"
-                + "c3a7b6175aba3a26a865a478840a940a29f464ce201832ce5bd731854fd5e31d0ccb4421"
-                + "e4f73f121f4b79404d06786e3318fb337d3531f0ef8f56f81789286f5dc23c091ddbe35d"
-                + "859d78b71f07921aece0e853d35b369d82948a9e0dec94cb7d8a9b72332f0acf273976cc"
-                + "282661ef79a66f919e1309c1b49fd8ee56b9374210dda5818ff593be29ea5826a99b8b07"
-                + "1e8c16e9a6a1df9ab3a1979248d89a1edda1bcfc6b23d7f08c0ec93c583d6226582a54c6"
-                + "2849c2aedaaada4bce7e004e728ff0ddad26aca520c84e5b8383be2c405ccfa3e7fb5ca7"
-                + "16fa451bcd967107b781321edfe3a72720ce026779b81313e641eb78276c008bbb378507"
-                + "d43d8a85544b1c7a496f9f8ba77531748a22e094bff7ead7e19734ac54d202bd6baa1e15"
-                + "d620ba90fbe8b357124c9625028f8eb651a03e7c3c9e9de78c2f767306321160208cb7eb"
-                + "af99dd8b79e5eadc1b0c60f7292c95fcfad7dbaa69b7a483bc2806f4c35b4c49da1799cf"
-                + "be893cd4c1f17d42136518480bfc026a534dd37740ed73eccc532262958e9d05ba25f29b"
-                + "7e91f7840e0a049e61700639ea6e1273e5115c537326d07f43f70969c23f60e21f9a4a33"
-                + "1de1b56b3aa9dd884839e2015b6665ceb4678803291ca259b03fc16c99ae02bebdb65c57"
-                + "9024d8fbfa55a785dc598c3358ca8867724e011dd6ebe2b04b3c57bc1f7bf43f8b389e33"
-                + "d1c2bf69790afd6eb03606db6aae9848e250f98dcf6654e4b2aac51b3ea38ef89f41337e"
-                + "c131ab3e3dc3959b78848f2dc51c9db0fd0fcc3d2bd670d1c29a501ab48d3368b185a644"
-                + "7652797a35c1e5b0135ae97936715dcb1be9975a37ae4306590a3a463b0970b298fd70c3"
-                + "2f852872c4bfb6f7b6853110e9b7e56760094e5fd6e6849f9ffc7e4f7ee88cb8c2113ac0"
-                + "9bb2eaa65fb5ca02376da2cf087fbe50283076a9e6ee68e92a303cdf6ccb2fd9a7e9a251"
-                + "00e15de3c3beb5562e21f1b93199e9b9b4327fb3e4d416252981d37accd370e294dea1bf"
-                + "20283adef6dab5210a224b9d7df6b603d12b0fcf9faf24a7530f2b17b7172891f6905384"
-                + "0af6f9d11ce19e128e27283e30fd68c8906f7837c1e81feadefc3df9923de87235891086"
-                + "9420eb0a78b4c5a8525b7dfcc00e919c2205d1daa5c65b7999806aa74e5c594b22aa0f9a"
-                + "baac67be10b73d1d2008ed8410ad0acbac08d3b35eea273bf9667061eaf2ecbaa8d1cfe4"
-                + "4f62ad79eefc464b3734ce621121b70e0d26df8bd7003a5c45e2aa4d554fe8047f385a9f"
-                + "833932d4c0863bda946ce30cd81de19bb5fb8a6280611d1c3236c5be268463bea4a42896"
-                + "70e195ea6d3dabe7d4c1e58477fb9af5976eeb4d6824650286b59ea912e7dc726681eda6"
-                + "5575cfe43e3b0d880e16b8b17c49e7ecd18d3a1bbfc3a5b5e6cbff2dfc01d5fdee57bc8c"
-                + "a6845af2dac6b6f30dca0ccb38eb97dba59be9c31c8daa7d941eb0a93dbe5be4f7443101"
-                + "aa017cb220bfc58f02be52081c8cfb9c220ec1b9306796c0f0c4b077dbb27ee127fa08df"
-                + "b77c7c08260472aa8a158546cae77e304190cf5661f8f0087b5135248ee49d1b372fd3c3"
-                + "8453e9bd59d04ff5409825280d38e100f29eccc045ecbb69cc28f191aee3239724a6a998"
-                + "6ae6fd0c0fa106eee4be3abe814db872b0cb8f3be0291b6b5016b073eec9c431dc83e313"
-                + "01243a51754974e2631a1cbb047d58a4600e09710e1c93982cf716daa1c350b4dbbaa17a"
-                + "95a2251cf702fdc87c03e410d9ac0062bbc479ad59262cc6bce4048859718988b62e2c45"
-                + "11ed65f659cf8c579a2df7f539590f78d0173d3acb9a7bbda54a6a4076d336b5c0857fde"
-                + "4e1e6dbc6cfa548668cbdd655e2fa2b4a13aa93fc46b4bb8bf3cad806fdf2b8e6a761530"
-                + "38370eeb6024ec9cd86b07d85167e5e502c424d56512c2d24a8bb30c822cdff17ca1a311"
-                + "e94d4f049163678cf51e2f6162b06e62c171ddd7f18314bdce08936cf7815b9ec8240e8e"
-                + "693dc9e567fb7238b6d492e602aa4582434eb270d53f66898b6bb6a1d8f4ee2fbeaa2446"
-                + "04dd1340ed2fd6f0ae22f872a40d61c334473b2cd3c1a9433979a0c1a3f5a483e026d7b0"
-                + "52c5651fdf224651ccdf2b0922685778a77679d7a7d8eff40afdc275f475d4298de7404d"
-                + "f9e8b98dc81694837fe74e5845a71c23e6f03c98528e7518706b90098e391e380c7a8989"
-                + "3a04c191358d15e1642ef942cd7be0cc978f58ede44df855ea01dc8e9292a7d1fb26c47a"
-                + "6b1a394c2ed171e13a70a15d86713531be57538d0baf2c3806a9298e7411de821bba15ad"
-                + "13ffb9782faf718c3ae85e48b69324926ec5d87783ec00ebeec771dcb9fa1133503d294c"
-                + "8bbdbf3dcd08a2e117857200005270ea2c9869d871c3f027127a4f6354c87c09533934b8"
-                + "523104eeff0b15893d78fb6bc65b7cfb1cd711214b70849e4c07f137eca3a98a68d2b5e2"
-                + "1fb8f0b8bb275f5b551ca77373066a7fbc0b8fff4925d69482ea20e10f56bdf423542467"
-                + "8d203aab87c22473e3d7a6bfecc69f29134b5267bf710c0b0c08f6e92a3d98f4c076e154"
-                + "57ec5a8683aa8b42ff2b400a294433432add3db210b56bf6e358662a3f70825c43ff893b"
-                + "1baabaf5fbe8f6d5ad8d10f01405e9c88a81373dff3f59e757094cf5a243548e8db9770d"
-                + "99fa4f039234025790e29f36fdf3d2cdb1b702881e9d0e5dca476cb5006713e6e793faa9"
-                + "2466381b8c1152b254b8a002888a558da3a10cd03b40c3121825520c3af0fe188cb66a1c"
-                + "27d3d2d0a6e5b7fc91d2d71ae5212088f337ea64bbfee2d32f81dbf579ed0b8b36eb13cb"
-                + "abf043a74ae836682e48ec90b73a1d43e562296a5fd290558bb0b54cbfbdcc598677a062"
-                + "264798ec80d8fccd138444dc5f788a83fc72f0422959e942d4823453c811c93dbef3eaa2"
-                + "5cf95a6c52ce4dd99191f3993d2602e35a494aa930b89ec817200405fb9a51a34ea1b34e"
-                + "2110c396776717dc7e84ecb95352f81e7f00698ce48fc30fead202d2bd0d7d9d3ac82e8d"
-                + "4582588a6073a8255eb5760d28a1e136ad40b842a18b0acb5c475141bcd6633b8cc867d8"
-                + "abe2f8faff2ab992fe32abad052bdff6a16f2a6a0e8babfa68e59c862ec7a1c2554439c7"
-                + "35e1c42310f649109cea6a8efc58130037a3a5f25966520e85321aa826a4c5c684eb4f7d"
-                + "1dc74c97b4603419df4f257c613a00c351962f4c154897328109494629e64a3984cf42c9"
-                + "b0b58e9cf65613040a20a63b4aa24f4844c2b6cd99049298bebbaad1e96f98811cbb7fce"
-                + "15c3370c86b383386d6b3f17d46fd5a998f0d7f3315459f6b0601eb5af6d4c73d8ac29bf"
-                + "03eb11f0bb5b528202404a5f02766f0dd60772e8435bf2e996c7e488a8508d8aa30ee3ec"
-                + "dfc5053f14fd70b2b11a75d60c2ecc557411d1fc6bf6ee2dededa3b016cfc680895a2f37"
-                + "33f57f9a69368101f10bea1d862c71e45a3c9e78bcf164b0c18070794187f0f998e1d38b"
-                + "03503121f5759c298ee10aaf083ed7ffea7573fc4e7ae46563229979e8bcae0ea5ca6bee"
-                + "5f7d7c7c1515056df6db5252d043730434d4900408dca27fe2628847002db7671de779e3"
-                + "50273236a614716d8dd0971816fdba911f82e35c4dd85e3d60d74c968e623f661a250489"
-                + "a77ec2e04005dc09630d0d3c40fbbe567c19378587f1850c9161335b0c62a2dcd7b9ea3c"
-                + "f9cc8693989705e19c24324120a789b2e02a67b86c89a1a753c536027d1a7290d16a0bcc"
-                + "dbab19e1f0b855852be5744c4fd3fb3cedcee941e89af8b2664611899c9031ac23e55c9c"
-                + "b583c1dc185f0ca3f562e4c15440d66e3e173ce4f1feb0ab3b12668b9670e3ed64872ac5"
-                + "c26fa422ee686aceb141b642c25281409114596eab784c263acf5cfdc25ced796c1c660b"
-                + "71acd00d8eebc3b9343aad88cc9072abc1d0a0bf9b39a0513a85ded70261b4dc5a30c8b7"
-                + "7625944e50dc3bad22d1e864d9298aeb58f257ebee0edf742111f0d41889bad2370581d3"
-                + "e8953857822b8dc368b73f04c22e4d83f3b3c155a53cbc33da680535b6ed236cf26fa4ae"
-                + "5ab5e0b244c0c054e203aed4d661e9b6c79e43a43337ef5510401d01cde4556b0af84683"
-                + "3f0b97f1d8a06aa0d97f20f39fc16bb1056f599cb9fbc25299397c277a059429c463f1ce"
-                + "af360d75601dd0f975e88dd60381ef0db76fdca1b55889a9f770857fada11e17894ec3c8"
-                + "49cc6cb264ec9fb93853402e888482f28f4a57faaeef5ea9676137a7cc855dde32e857ed"
-                + "52874d3066c7965dce2f0301dfa47faa3c9eeff43f10ac6a374deff4a06d7cfabeab463b"
-                + "fe6bbcf14d1081f8d5ba889cef409bb5da1959c74b40c5048b8861b4fe34cddcb66310a9"
-                + "126722bb297df7e8144d0e714165becf777dc8200365c73b5b86a8b76848173344273e3f"
-                + "fc29191f2b51b39521f9419d604f67b1a628e3ac9eb2fde8f29367cce39fb31e32f14dc4"
-                + "c64e6fdbca12bffd249ea16bc2314ebb184fc7065f083ccb7d1d8a78d6d3e0a3c7472254"
-                + "f9566c334dccbb17df4adacf24e2682559989cf0209b80f1fbd141b0a8de8ca2e8aff3ba"
-                + "7b2d5947e751341747430ed57b02519bdddf42f2701389fd3249809dd0a7bbdb6d3b8ab9"
-                + "f9639d51dc9bbf201f6575a02319b4948039b423633c92c0f51c6fd32c1d2a52f7ef925d"
-                + "33443521dc228d7ccef0f1ea20433ab928157443677f15460ba97ef79979ed53c6c259fc"
-                + "0b016c7aecbd997bdae8c0366656dd979074ba42c31b8664995e5e384c941f4798d9d67c"
-                + "0ec89599466ef2048f67dac2462014ae463a3a5b8322638a329799b1223c98ce5ccfe1a4"
-                + "cb682a2f5f08d9fccf05b5e38c9882b49a6ae467b8232f1652fbfa90c66190fbe8f7debd"
-                + "0653fbff088a039d833f9e98d853648543bb60eb4ed5c4e3ec2c0480a7b2fe85c324c486"
-                + "9aa01b67a73204b8f0cbaadb040ed9dc55385c60d3",
-            "044798030320ee0d4f25de3b7b6f578e0b4c930b7ed068a65c53dbff8ad4d730738177f2"
-                + "ee514057cf2ddb528ba9fc2a40ef7ec8513f7538dd9c73d81646082cd9a7a7c1367853e1"
-                + "5e647d3b64bb2979693f3d1b82f01e9eda03ee11d0c816a48584fb8435de581c0c0d9e7b"
-                + "7ad663df826fc12b0d059671021689776d6b5a32d8dde849f8e1700b63dbbf4beeb50e83"
-                + "f46af68830a51a6de1cea31dc3848c139c2b59229168c1790236cd07096f2e279c075980"
-                + "33818dcb4e3f63c854610654ec64a49c37975bb19ea6a0d0abc76564100c6c41bd4b66f0"
-                + "9811f8ab846f147b1f0bce939c6e3ec2751c0f6acf03ac6e515673631528cdf8580294a7"
-                + "d135e0550cde1fca789eb3028b2a9fbfb4c0a2185fc1c5705ccef5a2d7e3d08b63b05816"
-                + "2c1df1ce961b3953bb1e1b0667259bfae724fdac82c08f8ad6f840b75227af658a67b43c"
-                + "d6b5ab28016cd8fb6ead37492449d4758a259075b8bfded98d07dcbd188cafc53d999c29"
-                + "d010a10ba2e5bff32da123097d9de563699ffb5d457933bbc61cdd5bb90b270afd4453a5"
-                + "fe8bff0918f6242c989da1a2133786fb4ad726b2d6c6690f151e9a7c5ae49168d2483ae6"
-                + "8325ab4dd718c00f67cdf89e5a9d8674a502dcc2d1bda3dfc954f03efc9c327ec0e8aac1"
-                + "e2bfe96c5c2f36a156241d6b329205cf8615904b6583db7d2bd2c743a23112b9e61455df"
-                + "c938ccdb313a613bd990a329a746e09bf2860248e0908e536ce5963c8ef021ed1cad5491"
-                + "c9d14ac8bf30b51e42f627a637efa27bd1a03671d473dc3c647ebc1e532f264dff71d0d0"
-                + "73cc9fd2b03aaec020e0757bab86167b0635061e7fa2d9ff6041b2c5816b404ebbfbaa27"
-                + "6a766b5f6d6da07851b89f83d1c48e6fe5a9752a6d1aa640221c0132a7603d8bf451e0ad"
-                + "e7d2c1a0c43a648463e1582ca4479b5478f69739b57fca00d69c42ae6ad9f05d4ff8fa1f"
-                + "23f55130cb3964492a4b03367901bd77361c5fd1746e7f5ef4a208d5940924b4a51260e5"
-                + "7f572d96a36cd62a07bd5cdc8a4cf9869b8cdf2500eeb6494d968f62582a7ce964228d5f"
-                + "c151c663333e872a4977707df06d085db9ec0cff85acc8c674cae97b4990ebdd5bc66def"
-                + "d428c230e4bcb63303766317c14b8bb974718a972cc9c920e84b685c3c3c89818d0c25f9"
-                + "5c477d9b3bdcf1c761c2d612c206794fadc606e5be91d2903c37037aaf4057b1179dacbe"
-                + "de6e20e3472740ac41129be9af1ad12ac7a01901f840f3ee227b140cd6ef1470daaf0121"
-                + "cdec87542e391be845da9a5a821eaeb5d5739ae9e8deb992e9edfe9bd9dd814a6384b61c"
-                + "deb465d150683a1650bc56e95122bb38f0071c0438b9142da457dde1b806c4542752a529"
-                + "b02bf3aa15ab4194741da7b17db72e6938d3fb0a8388b2478eaaa929cae0249585a72ad9"
-                + "c0d585f317c34a92fc96721abd73c0542585c8c7e5a07b8c7621312e7bfe05f6d8e47fed"
-                + "4ef33e255ca04f90576d4bc1cf99362f7be1190bc3e9338a995447fe72eb4cb125d017bf"
-                + "512b95e64de65a81b981f416bc289764b6c5d09d99e69642b5d929192a67690567a1b696"
-                + "f679af55d6c65d199d43342aee988be06ef592b6e231f6b65b7178dd4c7010dbcbde0b42"
-                + "99ce5e50fb07f6585207fdd524d79a089da519e302784e4deed52a9e69f268ac0d7e9d6d"
-                + "dde302f90ca6d5b8b3f609a8e52f16ac9e14a7577687e5ae2f18fc3566a308fa35501727"
-                + "bf39d48d80da6e2092534662d5ed1213ac73a2c981f346de33a39367eae655c74bf9f8e4"
-                + "59e796883e931a7c7e7b422470c5244f7fbe480848eb144dac0b0a4a3647eb4451571fb8"
-                + "2401f2010e40ab0751e80ed1564e13a20e0be4fbbca14b3a7e057870c5998824a38eb3c3"
-                + "f1e1a470f334705a9cc35d6a72d3f5ec38256e1570057cb01ea879fc17c62d1fbc418d97"
-                + "d8088c680ae66417880062ab93da14f40facf09015559caacad3fe165dd3be7cf9fb31fc"
-                + "5aba66add803f8b5e6d714d4c15af8128ddc7b69ca5784b1c6fd2034600fa98d57824658"
-                + "3bda15f0083b14f68eece30619ac6469faeaa4d0126bd537af1b09cc5b9c17ea71348b78"
-                + "d5e20186b285a5765ecdc725b8ff36cc9dbcf6b5f22ed0a5d8cfc0a66eb25a7183d1e813"
-                + "42187bb4604a65afa544ff5a22cad71bae53c4cc514989fb27dd785c546abb154751b123"
-                + "a1bf6cbabf17b80eeaac0e6a50382e6485366393f8032603aa26d189a25f03948de6e9ee"
-                + "cf7fa339b9b065bf80ccaccca888933f581e79aca1d6ea50fed6578604626fed8da660f5"
-                + "1f83724e9c53da4b106456cc72fe9d1990d62c5a801f0e0b0c4a7816c3b9978cdc451fa8"
-                + "94b69cf32966ea8de9a0c9b4c4a2190d1f03ffeb704ec7bdc51550c64d13f1faff6a0c29"
-                + "e59b4790c59dae2f838d34095cea02fb9cfb8bd8f826ff6338d78fff91a64b72650e7b90"
-                + "e8b8936d8a9d2b2352d3c198e7cb9167a09e20a3f4d21c241a22c32e5e58c78a140741d8"
-                + "76286710060444655bb0a9012cb21c153c7d565782c14de425fba14872a3726f1ac6c83e"
-                + "de858ce6b760c7800bfef926dff27d58cae507568a7561b757de64b3b53fe5b521e3a619"
-                + "6b70e55b5fb91e4169eccaf19ea831c246f8426d722bc29879f2e925e87c7e55284b0d44"
-                + "9a374916fa45427495dc4ed089a44ec4b50d0610173e19501adcceefee7f1981a84a2a81"
-                + "fbe9954fe0a9af886b6e76c45cce92bf036cdb962cf5329e8fa859f955c2739c760e92b3"
-                + "743c082407d7882a0229f46fe9045cd93e307d9eb0951b10400911deb4bc2d3087e77f4a"
-                + "f13f0be51e156571691f3379a0125c9ff03f206f265a6a257cb03a3ac14ac50b9c436870"
-                + "39f13ef96459325034d3e1f616ab138691f95f09994e4a2c63992a4098938f759633c8f5"
-                + "2862256a19e7f4e34f8c9d9ff13813e29f9484cbc88623960fb0f54ee2aebd8aee397c95"
-                + "09fdf6755091b4075164901de8d9c453d64f8189714aa0481a97c183d310b8bb6ab3b50f"
-                + "89effcd8d3fe5513ed488d19ae73e775c6362975e51559d98a5ed2cf98f1285cff295e28"
-                + "e4a9467bedac800b7a9264e7ec995bbe7e7e266c042ca507cfb1155fa4acf95331ec45a0"
-                + "ace6c12f9105d877028f4df37f8585e8b6fb71782fdb9fcab34528e286e26d5b77c8e52a"
-                + "8ff881ef6fb928c0d42eb2ad43b87a08a4146cab897d8dd6bf9d549d2a326e19043822cc"
-                + "59f29ef116c58500f098981f7d239b2f0ef9de9b30a77a01d56149f23dbac51f294807eb"
-                + "7f7bbe0cf7812f9918037fc8e460cf3489a39f5b5d62d2b3003ad7d3320b10c15b3d662b"
-                + "fb4ebdbe464ba1b2a5d852ddb43a793eeb1ca0757648ec0c81e0d155e980d1e2f9bc407c"
-                + "70b3580ffc9aca344b3075fbefa9c13e1148d4f9ef1c8d5bc08760d6bcb79035212adf2c"
-                + "89ad715b22bf80799f52a415125fb2e9b5fab1474ec7483b631612b4cb299ab96e172029"
-                + "85fc908d3b09ac34a729092f6659b2fd0404a49cbf25a01fa872dcf5b17ec6c2d5396fc5"
-                + "637eb8531e40501c38f40b755fd7392ef18bed62ee240e6283d5285df28e4cc270cfe19d"
-                + "3e257bdf04f730a6fc8615102400b8bc712322856a7891db403d759dd54c5dd8bed4bb9b"
-                + "7c34cb10c4ea08d0e6c1d946af90e755e33c9df0b81eb282f6896e2ae4c21d4d4e359f63"
-                + "82bc294975ca1de0666ae28ea24531f1414229c31e98aae2b46a43f52aee23551c268cf8"
-                + "655043e6ff8451b9c9a18a4d393bfe89b765e4d30e683ac1d3f76eb474fbd878a73b4f69"
-                + "178e20e88ada7c18c5e6e2e7e5439322ae704cfc9a5466d071e6faceff991b9141490829"
-                + "9b6b7cb89706bb1aeb2e51fe53662489b8f2237c78ec6e894252309d1868bcec1e53cc06"
-                + "b9eb808fb04ca9b36b441c8479b92e9f3d6d1239fc194550f4ea12f88f13682c92a6c946"
-                + "d5de07621c96d34bd928e4ab654ecc5f9a05ee20b94b7eb52633a91117715da1f73e407b"
-                + "36492c0cd18608c4ca4cf222b934f324a6ad60db3a5dfea14d60cbbe5185e27f871ac901"
-                + "68446aeb971caabe6e2392e721a919a0d6bb5e210f2ef40c36d5d67c23281587a80fc7c5"
-                + "8f1c45b892d7c199de4d9b867be97933d273afed6a9bc7819595f4da24db116a09b67663"
-                + "f677778cfba1396332f863d4c20c3ae0e11df868dcaf088f4ba500317761ddae6509dc0e"
-                + "38111e2a2cc89f33a642bbb7f21987587b2644d9970c31b6abae949bcfeee26e30ddc675"
-                + "311ebdbb2cacc3b1d7f36522b499c7aa345597be247dbdb2c9cb5d35b00f0b8068b9f406"
-                + "b7df27720e1114f964a2d4068a4e2c3ac89e722735d909b2d21c8504525dd313e3e2eae4"
-                + "3ada4096f2074dd643f32ca1fe2632e079befdaa3bda951837532af047453fbd6a39deed"
-                + "1899c226478c47cb28a4ebeab0f20281f9771300c0a00b08476343d714026e96d7cb3848"
-                + "be5d436072218bde7a58bd929d6be1db502662314063ae9c8568a46e147222aee8a369e6"
-                + "6ecfa46a8e98811007943331f2ed3475853451dba43ddfe8cb76860e00508cc9cd765c8b"
-                + "05f95003f3636c3059ac8891ba40c298ed0f86c801a33a989981edc2770b3f6662f2c321"
-                + "09e9b79a81aa8c1113d82c54f2e4a0fc5d93f1c65707aaaf8450974aa357ba48e75dd980"
-                + "888f5a4be5f6f573bcb027667168a9ae0282d62886faebbea770cba91e523a8f67aca3a5"
-                + "1494bcb10ab40e68c960c4d9136f9e486b0da9877cc522cb3d8d353464c3222dc0482bc2"
-                + "b4a5589abd4c7790e89b42bf875fc8068974e5022f73512a033a81d2653da9487c70ad99"
-                + "8222314d8d7c5b42aee0a58390a0ca277403ed68c89d240bd40fd6672e0341bf12ca0c66"
-                + "bf149007b8957a5ecb5db3cdac641a951ceb4ad29e08ae6a9ecfe2b6476e0eda521421db"
-                + "de9d89562ad9ac49e46e0389392821b4fbff0532a4503eebe0dfa1fae4c2bf3d02d9d5e2"
-                + "5908484395a1d63cdbf534bd93d7cf2e0ed93105640bfdd1a8f2e7d7e19475c65c478bc2"
-                + "9079e00d1df36b75e99dd4f45bf8d4bb5e5d2f07894d005c001d86ded5af7e6eb1d501f1"
-                + "bb03b765eae56717f1fc3a3b0a4680eef595cba1e7583c5132be5a09cc604903ad8b4727"
-                + "abe6881b927d3390db8be607e8865999e65347542f7716ee1a7d20043f8227683db3aeeb"
-                + "80cecb170fdd56edda4892e74169c96572c24b6107c1492b7361eb65edf7489521b4520a"
-                + "77215133902418caf4bf1226826d9413834a0d612e325d1ac0f4a460b34520d34daf5764"
-                + "9d2864cc5ef375cf6f5793305902dfd9ae97252b8e127925e33861ebf70802d30e7251c0"
-                + "6eab16972f59336444a758552fd60eb02b47e60bb2bb04d540f3e957444187e95b45e2ae"
-                + "60daf48f47ea8c33e263282356d8f79198dd14d69871d5606a8b4f86a6f2444fef29fb0b"
-                + "e1d46a7807185a668c4981282e57ca0bfd40ebf678bd373e5a0a6f0295affd4b1274dd3c"
-                + "ce34651e4de67c3615f69a9c215bf253e9bd53a6b43fad72b648c18b1c3c35b511ad125e"
-                + "ad54e82b44b9a1df815593fd9778c1177c3ecff27cd24d9cff9c94ba07a27ebea9d975bd"
-                + "58e51ff88c7c2bf89b4a1421a5c87bbfb85b8feff57e1c6e2d074fc6123cb3835cef32a6"
-                + "29cec9daa1c12482e8e16da2e3a9fd63466be85e85d4507fe6840580ce1a6128a0295035"
-                + "bfe3e9c73f8908413480c8d5d040e11c94555e47bbcf369a2589297b993fc66b0394d67e"
-                + "5362c348989a7c38d55c01d2a5375cc0dc3351371b931158a4695ca05aeb255d6d6907b8"
-                + "b60cc646ad8bfdbe5c538d3c088ece388f4ced4ce4604df03fe3b5299158a1d338a25b63"
-                + "598b17375969279685a7b45e576b1fa35d752eb801b97d8d5968d9079ca3a05c0f58478d"
-                + "ebb8d39339e6b68710efdd7c1882424b2823a496478fd1c4fb1bb89bb186a70198282ad2"
-                + "71c774f4385943e55ef87dd94b448a1efb92a2c5f6b8008fd6b270b2ed5888f78924fc5d"
-                + "4da86788d2123870210168a8a929151b255221edfb86d2c9abf28c269d897b025d702fa3"
-                + "d795d022cc519cf3b0cbca56a22b165f7ccbaf35a16e2ad9a15396c3eafbf970ac87c06f"
-                + "b996a29b550ff58bcb0573ae39f79050c6a90ae21ff1561a557604aa328166eaa1198793"
-                + "6da2276c7845800944605359793949af3479d5f3fa57c48a98e3925e324d8da33454781e"
-                + "698c78070c1cb2306d04538591b308d3802f064fe9c5ab39d3df891c5b3397ef63c08a11"
-                + "2ae23cd66779b7d12eafeb1236818d3cf92c01c8e4e2ea1e8e2c0480a7b2fe85c324c486"
-                + "9aa01b67a73204b8f0cbaadb040ed9dc55385c60d3",
-            "05b8763e46e573e82d661c123228225d57b4b1645954acc7e0455e04594a529b5269d0f8"
-                + "4c1e6411237d0b09c194e90e115a39561ddb20161f482842c8837ea1ad22a58320aaa0dc"
-                + "07f09b550096d5049c2f1673644528e3a27ecf7c78c552087c482d2b7215e988f404d240"
-                + "7ff8a3c537563a284e0a5de22a1c86e2b4fc7f63d256a51b46a7d586518df981426501af"
-                + "9d801152a2fac5aa26d75557c95b291ec2d3b7e5ac8583bef9a65f40d19a29068700b375"
-                + "f7f97dde44f7d58af559a13b783fdcb4429a200c9c44840a65a0a27bfcb63919cd2a0c58"
-                + "fb954c1bd1ce9a5da46d1fbe7a1999caf5aba92194e2671939aa8bca3615a609278ce28b"
-                + "133518ce84f644ee85c0e93083b2006eb08aee175a1cc19bca4832e789560377da4ce160"
-                + "0b16b5e262f6d17af05406de19d5161d5f48974740fe63a571223337a9cc1c2c842f6526"
-                + "db460826c7f1d4b0f593f942663255332e81aabd902eec4eb2ed204f78c11ce01ee62a81"
-                + "8723fe215b6f26b494e3afe334e98527c66095bed2804fc1051e08ecf3a85eeed248dac2"
-                + "cd5986425d0ea1df64bf1a25df0bf37502c9c5fa13ba1f97ee6708941a79eccf228b10d3"
-                + "9b3b3ac94453393ba455502c51a9608098fed9a4af70f938e45185d959135172268a1351"
-                + "2edf97889ca6d0b3ed84aeab8780e187c9aa789de19ef4ed2b380553dbc56be377eaabce"
-                + "b70753652083d40ea84687feedeccb1daaf3ba49a1ec4a82d668dd64d51170e10c7e26ff"
-                + "17caf0f62e40e705b90445b0293e9f68945f7a4a167d8f1b33f3a382ba9d97e699c98b8f"
-                + "79f526e096bef68138e6b57772ffeb50ea7cc80cb7ab93ad24358dff0afc4d994244dab7"
-                + "404eb0a3dfefa2290987a292ee7c5acd4133f211dac3ef11c848d3f784776c97331ddfa1"
-                + "41a36204a7add3dd2ed09876531a03cfe36c358c4beac03214ac152e061ba50c17bc58f8"
-                + "b403b427c2515ee6ef9b64af4ec86ca501edfa03ecbdcefb52eb2658cb9f25cbb3a7f079"
-                + "39969f8119356980c76e341e24d6f0c5684267f924ad88305f1edd68ce6bf9cc610dbb19"
-                + "235309faeadbbfc3853e1e2bb06ef0320d919fe83898bc03ef0a51bb82126c9d5ccbafc2"
-                + "b5825796cb716609e30b0c9082ca67beef530393b76f66862c69441b202831199373c302"
-                + "e94d2917d86a95bc27f29042661df832877b8bde2c91463c5c62d47675c089b091fc680d"
-                + "61aec35fe59547401b002648b960a1d7961782217f74bd9d82416eca47d301a3487c3557"
-                + "b08042a279addb23b3854cf7c404c84e3ca1afc8e15938a2f144955fb56d22c2ee0d4286"
-                + "ec82b9457453f7320250d197a52fa24f9ac6b4895ab497456a5bc105c9b658316cb0930f"
-                + "cb324070095c52862656ec4b9512b7f869ff4282921fc7c928ad6456c20e777bfb3e86e9"
-                + "1c1c34791272a54c9626c1aa28a4fad591fee7d79325885123cc7085fdc5a0d66ad51bb5"
-                + "7c24db9627d48ba5052b86983a6611e93b901abdcbe4e127dd9daefe38e3ecb25d2c9892"
-                + "359af26a7d13c4bc39bdd3a4c7dc14b5272de6aa92cca0b252f5727f7b43d6f1a5f12b4b"
-                + "b051435f670c0b0701ae9a98a23308f2ab1a33f7479aefbd7354c1e3f3e606d814fcc058"
-                + "47f0485546d07b6871c2781186f90d5040e970c3a45b92ce7082f97e4db4cd4efdd0e0d5"
-                + "e6f972827dd1bc47147d3df63d73f73c2bb9d058d407cfe53971e3e2b2ef9b122a959641"
-                + "b823b6b95def0ceb2735993265701ba1d1473889d287b3895f747ec0c1bec95b2408c6bf"
-                + "0db0dc8ac6ba1bd32157d2d6469decb33966f2051e0312bff4b176ce0442e1f2f920bfc7"
-                + "9c22546ffaf429a80b8824ff87de7536d6c9c67a5db1822518bf5783f9c8463301c9fd07"
-                + "a0b56d1235eadfca962787c4436671bd48c8f45fc9e99090bd82879ea4265c250e839e52"
-                + "b3117b029f4f68b3c39e0ba5ec4282cf64589df2374ba7e417764adbd2ea7cf094397c2c"
-                + "a403d63bb9c2f28a4dd767d22ae89adfdc49a6f7fbf7be8b08a1cbf6f7c7715d7634e5f7"
-                + "bdaef05855bdf04c848f15046a854d6a908f44cb0ad1cbe303210fa34b0b832cf704dd5c"
-                + "699975b5616e5e6eba0fe579fd2ea1361ebe36fd3d3245a437dc68748c658aca35f85a72"
-                + "6a955df1b2e3f047de21b150f0058ea9d3db4f32259dd2babbe8195b7b7a2a8d336326ce"
-                + "70812fea41949fd9ff9f8abf442f211311fe9dd1d134d16af258647ee32dc077fb1e1030"
-                + "c03060df079c6daf7f5aae8591f2ec06661af54276da41191fc2589e9850768e65adbdd0"
-                + "95aed21407c632535ef0b09a3858533a4048ddc086ac88b4bf60d88671da2d54b1881fc5"
-                + "8efccdb4601498781de66f0d5f1b6749163a1fe9afaa5c8390a43fbd28f930656fc97feb"
-                + "741ba9a7f12a2b612971bee5ad9186f1cbaaed73627dad5663d1ad2793eb146c009c0a83"
-                + "bf897c7cc2e3058d60bf67b2a432c7f551033b695eaf0301537f86c1e8d3e66335afbe0b"
-                + "cc8baf4fcdb70f1d502b8221abceacd30a2e17fc81f0f770ad5631f7ca50117de27c1b50"
-                + "2008e8aebaf9ee7de7a3d72967f3cccf59f1cd790829a251bdf89be3b24e65c2b707350b"
-                + "7c1e9f34ad6f315233d8c7abafcc9ec6797aa1c70a63518d9c56f020a87721f8a5c0d3d4"
-                + "8a83c09c0f369c80ed9beb6292726a06eee0d72dd753d15532793bb49a806c538d60d77c"
-                + "6490389d2746c80b0c730af73dfd40358274bf1fc1605a0c405134818794350de60acee2"
-                + "5e70b00f871c2560335e3bfdd62f51b8489dd78eda9b647805e0ac6d5db0700ad07fb5f8"
-                + "ddb3ad03c8eabd85d9168b3c25e12916f0575b25f0131e47957b406fdba12e0d370dbf9a"
-                + "bcac869a3a19a395ee00481630eae079303f7041db4a431c7e865fa7415772b91baa9932"
-                + "ed7daea77ac5f0d4d364d9678401c5aaa9b53fec7b2d56e77cbd2ed6a6f25a92759b1255"
-                + "933706c6c66bcb89e468c01f005225c62c22afd7573a069d293369be6881a6002dbad737"
-                + "d7a9139ed844e2c994d5f2b6494d77e79d008445920ca1e138868c018b118dc0ba69d72e"
-                + "02049978f50ec35cee1cc84f4f0a687b1617d512aeb134a08e0a84b79b62c2c1de14c982"
-                + "b71ffcc9965b7321dacfbb60368585e8b6fb71782fdb9fcab34528e286e26d5b77c8e52a"
-                + "8ff881ef6fb928c0d42eb2ad43b87a08a4146cab897d8dd6bf9d549d2a326e19043822cc"
-                + "59f29ef116c58500f098981f7d239b2f0ef9de9b30a77a01d56149f23dbac51f294807eb"
-                + "7f7bbe0cf7812f9918037fc8e460cf3489a39f5b5d62d2b3003ad7d3320b10c15b3d662b"
-                + "fb4ebdbe464ba1b2a5d852ddb43a793eeb1ca0757648ec0c81e0d155e980d1e2f9bc407c"
-                + "70b3580ffc9aca344b3075fbefa9c13e1148d4f9ef1c8d5bc08760d6bcb79035212adf2c"
-                + "89ad715b22bf80799f52a415125fb2e9b5fab1474ec7483b631612b4cb299ab96e172029"
-                + "85fc908d3b09ac34a729092f6659b2fd0404a49cbf25a01fa872dcf5b17ec6c2d5396fc5"
-                + "637eb8531e40501c38f40b755fd7392ef18bed62ee240e6283d5285df28e4cc270cfe19d"
-                + "3e257bdf04f730a6fc8615102400b8bc712322856a7891db403d759dd54c5dd8bed4bb9b"
-                + "7c34cb10c4ea08d0e6c1d946af90e755e33c9df0b81eb282f6896e2ae4c21d4d4e359f63"
-                + "82bc294975ca1de0666ae28ea24531f1414229c31e98aae2b46a43f52aee23551c268cf8"
-                + "655043e6ff8451b9c9a18a4d393bfe89b765e4d30e683ac1d3f76eb474fbd878a73b4f69"
-                + "178e20e88ada7c18c5e6e2e7e5439322ae704cfc9a5466d071e6faceff991b9141490829"
-                + "9b6b7cb89706bb1aeb2e51fe53662489b8f2237c78ec6e894252309d1868bcec1e53cc06"
-                + "b9eb808fb04ca9b36b441c8479b92e9f3d6d1239fc194550f4ea12f88f13682c92a6c946"
-                + "d5de07621c96d34bd928e4ab654ecc5f9a05ee20b94b7eb52633a91117715da1f73e407b"
-                + "36492c0cd18608c4ca4cf222b934f324a6ad60db3a5dfea14d60cbbe5185e27f871ac901"
-                + "68446aeb971caabe6e2392e721a919a0d6bb5e210f2ef40c36d5d67c23281587a80fc7c5"
-                + "8f1c45b892d7c199de4d9b867be97933d273afed6a9bc7819595f4da24db116a09b67663"
-                + "f677778cfba1396332f863d4c20c3ae0e11df868dcaf088f4ba500317761ddae6509dc0e"
-                + "38111e2a2cc89f33a642bbb7f21987587b2644d9970c31b6abae949bcfeee26e30ddc675"
-                + "311ebdbb2cacc3b1d7f36522b499c7aa345597be247dbdb2c9cb5d35b00f0b8068b9f406"
-                + "b7df27720e1114f964a2d4068a4e2c3ac89e722735d909b2d21c8504525dd313e3e2eae4"
-                + "3ada4096f2074dd643f32ca1fe2632e079befdaa3bda951837532af047453fbd6a39deed"
-                + "1899c226478c47cb28a4ebeab0f20281f9771300c0a00b08476343d714026e96d7cb3848"
-                + "be5d436072218bde7a58bd929d6be1db502662314063ae9c8568a46e147222aee8a369e6"
-                + "6ecfa46a8e98811007943331f2ed3475853451dba43ddfe8cb76860e00508cc9cd765c8b"
-                + "05f95003f3636c3059ac8891ba40c298ed0f86c801a33a989981edc2770b3f6662f2c321"
-                + "09e9b79a81aa8c1113d82c54f2e4a0fc5d93f1c65707aaaf8450974aa357ba48e75dd980"
-                + "888f5a4be5f6f573bcb027667168a9ae0282d62886faebbea770cba91e523a8f67aca3a5"
-                + "1494bcb10ab40e68c960c4d9136f9e486b0da9877cc522cb3d8d353464c3222dc0482bc2"
-                + "b4a5589abd4c7790e89b42bf875fc8068974e5022f73512a033a81d2653da9487c70ad99"
-                + "8222314d8d7c5b42aee0a58390a0ca277403ed68c89d240bd40fd6672e0341bf12ca0c66"
-                + "bf149007b8957a5ecb5db3cdac641a951ceb4ad29e08ae6a9ecfe2b6476e0eda521421db"
-                + "de9d89562ad9ac49e46e0389392821b4fbff0532a4503eebe0dfa1fae4c2bf3d02d9d5e2"
-                + "5908484395a1d63cdbf534bd93d7cf2e0ed93105640bfdd1a8f2e7d7e19475c65c478bc2"
-                + "9079e00d1df36b75e99dd4f45bf8d4bb5e5d2f07894d005c001d86ded5af7e6eb1d501f1"
-                + "bb03b765eae56717f1fc3a3b0a4680eef595cba1e7583c5132be5a09cc604903ad8b4727"
-                + "abe6881b927d3390db8be607e8865999e65347542f7716ee1a7d20043f8227683db3aeeb"
-                + "80cecb170fdd56edda4892e74169c96572c24b6107c1492b7361eb65edf7489521b4520a"
-                + "77215133902418caf4bf1226826d9413834a0d612e325d1ac0f4a460b34520d34daf5764"
-                + "9d2864cc5ef375cf6f5793305902dfd9ae97252b8e127925e33861ebf70802d30e7251c0"
-                + "6eab16972f59336444a758552fd60eb02b47e60bb2bb04d540f3e957444187e95b45e2ae"
-                + "60daf48f47ea8c33e263282356d8f79198dd14d69871d5606a8b4f86a6f2444fef29fb0b"
-                + "e1d46a7807185a668c4981282e57ca0bfd40ebf678bd373e5a0a6f0295affd4b1274dd3c"
-                + "ce34651e4de67c3615f69a9c215bf253e9bd53a6b43fad72b648c18b1c3c35b511ad125e"
-                + "ad54e82b44b9a1df815593fd9778c1177c3ecff27cd24d9cff9c94ba07a27ebea9d975bd"
-                + "58e51ff88c7c2bf89b4a1421a5c87bbfb85b8feff57e1c6e2d074fc6123cb3835cef32a6"
-                + "29cec9daa1c12482e8e16da2e3a9fd63466be85e85d4507fe6840580ce1a6128a0295035"
-                + "bfe3e9c73f8908413480c8d5d040e11c94555e47bbcf369a2589297b993fc66b0394d67e"
-                + "5362c348989a7c38d55c01d2a5375cc0dc3351371b931158a4695ca05aeb255d6d6907b8"
-                + "b60cc646ad8bfdbe5c538d3c088ece388f4ced4ce4604df03fe3b5299158a1d338a25b63"
-                + "598b17375969279685a7b45e576b1fa35d752eb801b97d8d5968d9079ca3a05c0f58478d"
-                + "ebb8d39339e6b68710efdd7c1882424b2823a496478fd1c4fb1bb89bb186a70198282ad2"
-                + "71c774f4385943e55ef87dd94b448a1efb92a2c5f6b8008fd6b270b2ed5888f78924fc5d"
-                + "4da86788d2123870210168a8a929151b255221edfb86d2c9abf28c269d897b025d702fa3"
-                + "d795d022cc519cf3b0cbca56a22b165f7ccbaf35a16e2ad9a15396c3eafbf970ac87c06f"
-                + "b996a29b550ff58bcb0573ae39f79050c6a90ae21ff1561a557604aa328166eaa1198793"
-                + "6da2276c7845800944605359793949af3479d5f3fa57c48a98e3925e324d8da33454781e"
-                + "698c78070c1cb2306d04538591b308d3802f064fe9c5ab39d3df891c5b3397ef63c08a11"
-                + "2ae23cd66779b7d12eafeb1236818d3cf92c01c8e4e2ea1e8e2c0480a7b2fe85c324c486"
-                + "9aa01b67a73204b8f0cbaadb040ed9dc55385c60d3",
-            "06cf8ff0f024235b55d75057e926a8966475b49d7c6a2cb1b43ce9c6969683526eae9d43"
-                + "4387610ce18b7e4b9e796b82666eedbe0bc694618de2a1af2f2ae9efaefc30a1db73ac24"
-                + "2c475463d88708b7244abb2973d01c9e8bc326be9623431dbee054ddea13fedb967d1e73"
-                + "79d3c2c488a1f3517ea326c204fef88c79a656b7d772fbf29a774da262b8f39c739c3945"
-                + "900d2b55eae351dcfa0513cabb1e4c223e468637ce290f70af154246abd13e39f2bc2777"
-                + "44576939f18d3d2e9d04efa69baf35ce1d06c97a3fb8618363f0f38fe4eee18ec7ea1f82"
-                + "9ed4c548e980d575f83602e07bece5821253b2dff7181c84d1b659689912adea50898f6d"
-                + "807d6c45be7ad9e39e4a1404515d2c8650288c72da2f9199df58ff8d8b64757cdf0fe23e"
-                + "6607f370dcd3ddaeb9d51b38b55e8b3b50f63879fe3702be4d3197e9927cad54bc106f55"
-                + "b5f18ff705927796652ac0cc613738a21e9fe01c4515453f747295fc37c18725cd7080eb"
-                + "312cd8e76f2f2bb2f2b6fc0998a6b62c8a931b6aaaedbc5dc2a3adf020cd800b253986e7"
-                + "bc1d248af5024e8b0f2a51fe2cd88eaa8e3431ad725ed4016ccec15986fd1105f330b9d0"
-                + "b8fa163790e9ae62652ffbb42e5f57b1d468cdc50debb1ec8705f498fcac4ed894706e0c"
-                + "a73282559e244f15c98a879b06b377b3ae1c9638800a12b92da0f18237503793729731b0"
-                + "f5db191efc075ed2ded4e173e2340148054cb6eada9359680d7d3b82037a2d56e4183145"
-                + "2f222a1ffe494736a0fcbbb910547f6097ee20b5b99fe879b7bcad95df7d78bb930079d9"
-                + "061b1724a7c882efff9842c01050a194bd0f0bf6f09cb8f40c1d7f9cd989f58934406be4"
-                + "d424f4646c261dcd57ddfcf892cd0b827651e21e8b6e111cb419da52b383c632ee600db0"
-                + "f230baff819635cae5d0ba01bab3ab39853a2132bc9b464c19848fd8bdcdbe2ef7d4a218"
-                + "11d3a0a03b1ad1db93638ec44734843e1703f6c3b74dfe1e9310058ae84179bf64a48db8"
-                + "0dabbb604bb4a867ed247e7db97a8530eae6df367cebaf6791837ca7c0eee7580028a807"
-                + "f39c21415c0381d4f24fb632be74401e2329c43ddca7e1473f8e7edf08a5698dec2499fa"
-                + "ee23d11ad854f56311275b86af24db8428fa2e896dd264d1215f88bf3371048407e628f4"
-                + "ab27922a3f6b94e001cb245aece1f7f981ef6b9cba7da13a79752acdddc94ff22649c599"
-                + "fbb7e5337a6ab39767f3bdd254bf5869984b99b7bcf61cc0d8063a1879826a2ce1023579"
-                + "6310ce2f26771f8f35f1626f6ea9415d096b9955414170d5352d4bd4dcb5e5364de604aa"
-                + "c17569829254fe8fcf5de527a8da1509cac705eb3b044e7784a23892aba63c4ef4240188"
-                + "1913a8248667a52d4fc21f244d2713cabbf2952d16e15ac9e1d747b7facb15616d5f93f3"
-                + "52b13750c93b643ae82be55f67e6d94dd197038f174af9a28b87ada018cb5000e968ae6f"
-                + "cdbc42acf18e3807ad2bcbcbfffc1e19bf06aaa7d26d78700720c3171cdec7c23c9df38f"
-                + "302e0bd19ab99627e4f32810751e3c5cf1d2f8c141105d13b405eadfc2ec47cb1658ad9e"
-                + "0980e40617d63bb3faefdad93e695172e858f94a9b7c324ebff72ea0837dce9dbf0b8816"
-                + "9727c332260008a7d9bedb3d9734cc34210c4a42959e62a639e36989836bafa003a3b0d6"
-                + "711fd0ac9b77b5d4d240a7b7eb728519d48bc3ccee75af4a704ada28495c11b1a16827b9"
-                + "e142a9c9a77558f92704fad282c98a664d938b74a0a0fc95e78e2ee3310be13f94c53192"
-                + "0a77c7105b1eb925c0aa3c97bdf4ffa5573a80aab1b6c2da59d566b5d81364cfd2f5698e"
-                + "08a9d84cb5be62c2e3606d5cd3d3b2989e4131d17b2660185fdb1272bfe60b3e48bf343f"
-                + "d5a170bcf87f2a0e642ce59fefd1b8a0f1555f47445e8a2e7e52b0e21e7a2b5ddcb072d7"
-                + "ace5f6183f5e3e9afc909108867445bc996ea167df7da07b1fd17b51de178aface748071"
-                + "0a05183b8b16b2a90997be86038d060758874c6cb08d9c92f153c53b69c0f056d69a232f"
-                + "d8fd2d63df27c2fc18407945af783882f720cf687e61bba26f936a6fb2e28f123cae01c6"
-                + "fd1a88392dd9753451aece31be83d4e12f2146be5335e3e152e5b7f2d4f9026413980275"
-                + "829a5914d603d841400b0c527971a3c99ed12e91ad3f20cc9cdd92b8b0e4724eb7393880"
-                + "c5c0feae58fa89fd77158f6cf0767dc84a13155aae1add9b6d34f79a6902b3e43dcfdaf9"
-                + "4c8abc470b79abc0011d83db29ea975d5f0b26cfc18ad0c0ba42302da459559abe52ecbc"
-                + "974d9c9a1401c4fa6c371ccbca1e191f9b936f6601d22a4cd4d73865dae420b28a3493b7"
-                + "9ca13eca6f8ebd1751727cfe0309f436f49114b3093d65f30c69f2d2fb17521627b49a7f"
-                + "fab21c2462a6490ab3b8370c5f633df2ebb2dbd58e4d6e6ed6fe2defd44c429c9c89a034"
-                + "0fed6ce864af7f35d0415ebc479f219ea38f55fa6a6587ef6294330d0fc3deff1ff378d0"
-                + "62d8513c28a669d467c0442476e9049341e935d5553f8bcf5cdd70e41778b9a654854737"
-                + "5e40cfc13838541e61f5920981951ab4756188ce16a627208229879859289e3c1872f76d"
-                + "9925e5ade2838a1d3f07665dfa28df4dd01aa6aee36af358a2df7d3329c797c1eb9e36e2"
-                + "0b788c286995f5c8e91176e95f64cd1e88f6a1a7b6cd408a56fb234207ad74a94f9df875"
-                + "633e2909474fb6de3d4999929d296265f1ed03c5b1174466a4dd0f8550120cded11d4d15"
-                + "a3065f2656804c1e42d76fae12789e641f453a386f895b5340214ed4e9257121bd06572b"
-                + "4cdfffa03c0c5ba840bdcfed08935ec0dded6a8fca44b33a47d7248929dfed3ba484eb6f"
-                + "3f15e10926f1c292b244b24fb4196f2e81359381f6a5e1be82ec1124346d20373fe661cc"
-                + "e2f2d1adcd08f19bb68e39ae4b3f9c0ce772f46406b354fc94f2e7f5f29845f92d64e6ad"
-                + "cd0be9c7ea610e6c85e04630d0449b14063fe8efc247a392d8e064d5f7534f052d7a4eee"
-                + "dd94d706fb52e47e389354337dfcc66ed0122464523610d2a17306a5b43db9b8e1c95d5a"
-                + "9ea9836e698febd4c1bf00a2df217259e849896f6272430eead83bac308803c2b75eb835"
-                + "2e21f23e7ebd4212e102fed4f7cc4ee5760610346e0075c8f87e164a71831ddfc31f12f0"
-                + "f554bf393bc65654862eb2ad43b87a08a4146cab897d8dd6bf9d549d2a326e19043822cc"
-                + "59f29ef116c58500f098981f7d239b2f0ef9de9b30a77a01d56149f23dbac51f294807eb"
-                + "7f7bbe0cf7812f9918037fc8e460cf3489a39f5b5d62d2b3003ad7d3320b10c15b3d662b"
-                + "fb4ebdbe464ba1b2a5d852ddb43a793eeb1ca0757648ec0c81e0d155e980d1e2f9bc407c"
-                + "70b3580ffc9aca344b3075fbefa9c13e1148d4f9ef1c8d5bc08760d6bcb79035212adf2c"
-                + "89ad715b22bf80799f52a415125fb2e9b5fab1474ec7483b631612b4cb299ab96e172029"
-                + "85fc908d3b09ac34a729092f6659b2fd0404a49cbf25a01fa872dcf5b17ec6c2d5396fc5"
-                + "637eb8531e40501c38f40b755fd7392ef18bed62ee240e6283d5285df28e4cc270cfe19d"
-                + "3e257bdf04f730a6fc8615102400b8bc712322856a7891db403d759dd54c5dd8bed4bb9b"
-                + "7c34cb10c4ea08d0e6c1d946af90e755e33c9df0b81eb282f6896e2ae4c21d4d4e359f63"
-                + "82bc294975ca1de0666ae28ea24531f1414229c31e98aae2b46a43f52aee23551c268cf8"
-                + "655043e6ff8451b9c9a18a4d393bfe89b765e4d30e683ac1d3f76eb474fbd878a73b4f69"
-                + "178e20e88ada7c18c5e6e2e7e5439322ae704cfc9a5466d071e6faceff991b9141490829"
-                + "9b6b7cb89706bb1aeb2e51fe53662489b8f2237c78ec6e894252309d1868bcec1e53cc06"
-                + "b9eb808fb04ca9b36b441c8479b92e9f3d6d1239fc194550f4ea12f88f13682c92a6c946"
-                + "d5de07621c96d34bd928e4ab654ecc5f9a05ee20b94b7eb52633a91117715da1f73e407b"
-                + "36492c0cd18608c4ca4cf222b934f324a6ad60db3a5dfea14d60cbbe5185e27f871ac901"
-                + "68446aeb971caabe6e2392e721a919a0d6bb5e210f2ef40c36d5d67c23281587a80fc7c5"
-                + "8f1c45b892d7c199de4d9b867be97933d273afed6a9bc7819595f4da24db116a09b67663"
-                + "f677778cfba1396332f863d4c20c3ae0e11df868dcaf088f4ba500317761ddae6509dc0e"
-                + "38111e2a2cc89f33a642bbb7f21987587b2644d9970c31b6abae949bcfeee26e30ddc675"
-                + "311ebdbb2cacc3b1d7f36522b499c7aa345597be247dbdb2c9cb5d35b00f0b8068b9f406"
-                + "b7df27720e1114f964a2d4068a4e2c3ac89e722735d909b2d21c8504525dd313e3e2eae4"
-                + "3ada4096f2074dd643f32ca1fe2632e079befdaa3bda951837532af047453fbd6a39deed"
-                + "1899c226478c47cb28a4ebeab0f20281f9771300c0a00b08476343d714026e96d7cb3848"
-                + "be5d436072218bde7a58bd929d6be1db502662314063ae9c8568a46e147222aee8a369e6"
-                + "6ecfa46a8e98811007943331f2ed3475853451dba43ddfe8cb76860e00508cc9cd765c8b"
-                + "05f95003f3636c3059ac8891ba40c298ed0f86c801a33a989981edc2770b3f6662f2c321"
-                + "09e9b79a81aa8c1113d82c54f2e4a0fc5d93f1c65707aaaf8450974aa357ba48e75dd980"
-                + "888f5a4be5f6f573bcb027667168a9ae0282d62886faebbea770cba91e523a8f67aca3a5"
-                + "1494bcb10ab40e68c960c4d9136f9e486b0da9877cc522cb3d8d353464c3222dc0482bc2"
-                + "b4a5589abd4c7790e89b42bf875fc8068974e5022f73512a033a81d2653da9487c70ad99"
-                + "8222314d8d7c5b42aee0a58390a0ca277403ed68c89d240bd40fd6672e0341bf12ca0c66"
-                + "bf149007b8957a5ecb5db3cdac641a951ceb4ad29e08ae6a9ecfe2b6476e0eda521421db"
-                + "de9d89562ad9ac49e46e0389392821b4fbff0532a4503eebe0dfa1fae4c2bf3d02d9d5e2"
-                + "5908484395a1d63cdbf534bd93d7cf2e0ed93105640bfdd1a8f2e7d7e19475c65c478bc2"
-                + "9079e00d1df36b75e99dd4f45bf8d4bb5e5d2f07894d005c001d86ded5af7e6eb1d501f1"
-                + "bb03b765eae56717f1fc3a3b0a4680eef595cba1e7583c5132be5a09cc604903ad8b4727"
-                + "abe6881b927d3390db8be607e8865999e65347542f7716ee1a7d20043f8227683db3aeeb"
-                + "80cecb170fdd56edda4892e74169c96572c24b6107c1492b7361eb65edf7489521b4520a"
-                + "77215133902418caf4bf1226826d9413834a0d612e325d1ac0f4a460b34520d34daf5764"
-                + "9d2864cc5ef375cf6f5793305902dfd9ae97252b8e127925e33861ebf70802d30e7251c0"
-                + "6eab16972f59336444a758552fd60eb02b47e60bb2bb04d540f3e957444187e95b45e2ae"
-                + "60daf48f47ea8c33e263282356d8f79198dd14d69871d5606a8b4f86a6f2444fef29fb0b"
-                + "e1d46a7807185a668c4981282e57ca0bfd40ebf678bd373e5a0a6f0295affd4b1274dd3c"
-                + "ce34651e4de67c3615f69a9c215bf253e9bd53a6b43fad72b648c18b1c3c35b511ad125e"
-                + "ad54e82b44b9a1df815593fd9778c1177c3ecff27cd24d9cff9c94ba07a27ebea9d975bd"
-                + "58e51ff88c7c2bf89b4a1421a5c87bbfb85b8feff57e1c6e2d074fc6123cb3835cef32a6"
-                + "29cec9daa1c12482e8e16da2e3a9fd63466be85e85d4507fe6840580ce1a6128a0295035"
-                + "bfe3e9c73f8908413480c8d5d040e11c94555e47bbcf369a2589297b993fc66b0394d67e"
-                + "5362c348989a7c38d55c01d2a5375cc0dc3351371b931158a4695ca05aeb255d6d6907b8"
-                + "b60cc646ad8bfdbe5c538d3c088ece388f4ced4ce4604df03fe3b5299158a1d338a25b63"
-                + "598b17375969279685a7b45e576b1fa35d752eb801b97d8d5968d9079ca3a05c0f58478d"
-                + "ebb8d39339e6b68710efdd7c1882424b2823a496478fd1c4fb1bb89bb186a70198282ad2"
-                + "71c774f4385943e55ef87dd94b448a1efb92a2c5f6b8008fd6b270b2ed5888f78924fc5d"
-                + "4da86788d2123870210168a8a929151b255221edfb86d2c9abf28c269d897b025d702fa3"
-                + "d795d022cc519cf3b0cbca56a22b165f7ccbaf35a16e2ad9a15396c3eafbf970ac87c06f"
-                + "b996a29b550ff58bcb0573ae39f79050c6a90ae21ff1561a557604aa328166eaa1198793"
-                + "6da2276c7845800944605359793949af3479d5f3fa57c48a98e3925e324d8da33454781e"
-                + "698c78070c1cb2306d04538591b308d3802f064fe9c5ab39d3df891c5b3397ef63c08a11"
-                + "2ae23cd66779b7d12eafeb1236818d3cf92c01c8e4e2ea1e8e2c0480a7b2fe85c324c486"
-                + "9aa01b67a73204b8f0cbaadb040ed9dc55385c60d3",
-            "071df262e3499222639eb7e7246a3c91de4f4e1beb944bcbc52e7507f482631e6319d91e"
-                + "b21ef5cf4e6d0b57ee381ac0cd7d97db2b8258fecb4e7459887ff51b33577a23e17f9807"
-                + "13a73b6c8b4f89fbe5e77211f58a31befaf154fd4d3851fbd1ed3cc60e353f02afcdb040"
-                + "0a99bc46bab79fd1f89a47f56cbba53061bec2d63157ac8ebbf7a0abe8e2c5280349165a"
-                + "e02786f28c7ef6da1ad16d7db0f133b67af61c7f3b3a229add5af4e895ee40f42950893b"
-                + "45fc982f0c83e644b6d9d65f905d8e227400fab2641af230283e1e77e384a8a4303e1722"
-                + "3c1ecb768af6c548c9205770b25275c0754302438d153a6a26b43931af7eaa9d18c2fd22"
-                + "ba7118fc431bf8ba9f7d9b67249f2bbd29952d200154703bb17871f07d6a25506b59c6ab"
-                + "fa8a5538bea2b56fc3eee2221396e20878fe8d7e73b3940073b0ce1af2e297d340daac8b"
-                + "fb53ffc04a68146e48045c05a1958e8cf40d0b9f0a4ba2507406f1324c1216027109e4ee"
-                + "ee7573d71388dc18efa2fe1482c5ee1c040ffeaa1a47b6ef6f57a78f3a5c2b64cee62901"
-                + "2f13ab12d4366c06d9a4b26dfd75f4ec519a4faa707a63bdd36ed7575093fcf25778b8fb"
-                + "3329414defc4edac2303dacfe87ae8a860db13149fc3d8172f9c7f6256ba9ed1e39e8c51"
-                + "9dd50b19a411dcd666d62eb47d167c168603c0fa9548948244b32e9cabea3f2e4de6eb00"
-                + "01644a1bba6a7b04be81533607d85a94abce46a790cfacf61e9afa14bce763895c874b5a"
-                + "ef5ebf0ca1aa7dca54458e2f139b87533ba10d16ed66d51a2d1a09e52a63263f0ed1a200"
-                + "9db907b4a6b5cbd9af9dfaae09b8ab51a6a64c09852d877eb2c0a5552c2c748d15c4d981"
-                + "ed5f3b1ce7439b69c809c5d121dae59a3aec834c7b2054c40cd583dc557fdb1d36bcc119"
-                + "50195973872de9a1dfde8dbb3f7e8d5d5dd5f46b08e51522d50ed0da1ccd76d2d11fb197"
-                + "9c65d209f247ad865bcfacdf64b05054aedb792fd6881c6ae51edf20a33226952adeea77"
-                + "54ebb8e920ca0f2d4861dc0ae32bc8c62506fc5aefa29bf0ac00a9da11159136caeff22a"
-                + "bf3a1e6baddd1b91ad1d87d46776a2688f2fec19f0c3518b84816534dbba3537d052db18"
-                + "960b3f1f57b38cf3fa9c8117398e6a3be53ce5b945e22d1177d4aac19315635e9e527dcc"
-                + "df38d914eada5a89afd37df41e6fc74d1cf850b44abb6f5fac9d5a4f42eccc00f0f273d6"
-                + "9c248cbd521168e75dca5120db40ad375042e54b4441f397dcf084a69e2787dd96752b69"
-                + "086ca13522b5cc089586779a2b6c9b1c5854328db9d10e59e01dcc5e28b15cb8a54de33f"
-                + "e8e2a4872666673198ab80336ed88a335394cbfaa89853364229da9dae2a01aef84a01ce"
-                + "209b80bc9d88327e473bca1925b5fedd4a7ab0a73d3ae6fd7ba4fe4528db89c74c5edd3f"
-                + "95140591ae5a746fe64e28315aec360feb49cabe55afb5f128a85f3f9741d19b1a81e0f8"
-                + "9911a6b74abd9b4c592be6b4b1af2fec7fca754b9f5dd32d73c6ebda5566db4992b2ea76"
-                + "7161e0534cd8e11d622a99a1ea43641aa7b7e63d9c85f4586246ccc6d44649bc81d48d97"
-                + "c50980f40fd6f0024c50db60b5a9dc2761e42c3225b5ce23da88c71e695e0790f1ac94bb"
-                + "56412690d6a6c3b95487401389f657a859d76c8663dfddf12afdaf409c7abaced638dcaf"
-                + "8aaee153e71690d62eda83726d0d1e428dbaa27d5c6c7c30edffdb7902b836c3b4a4bd0b"
-                + "ae759e555766c2ea9fb14701e3c94ef895dc2729f3f1f2a2c3195b88450da08c87dbe05a"
-                + "929c2f489880f3d16a499f01ac393bef51c0b098a7d3fa36f529e87d0bbfeb73e048a798"
-                + "1193344bd473ef826a4319ec3c64083e91a0a44918f919e0a74dc185dd415d2ef903c269"
-                + "1b6d993aaf663a5f78626c122c7f52cb5ba42689451d879dea903fa137a03bbf853db9d9"
-                + "55e10de01b2d8912a87684988e0da45873f78e363d7c03117012edbd4d1db36b457674f9"
-                + "bb9c773a2ddd1ec0d40c0ad87cdadda05af9d3f1527274551f875e3e8c0b04c010efd806"
-                + "8ac51a7be609eb371f0ddea574d0d32c48f0f5e1815e7d1dccda1d55ad613af776f4cb07"
-                + "829d92bee759febabd074e5e7be966b36f05fbaff1ab68e5302fabcda9c95e92cd5f19ee"
-                + "f2fcd6a3ae99b5a0156c7ce94373394081237f27507e28c28f9dee15bf15f8823ab25fad"
-                + "23a1867bda19cf1b7341baf9e8b3c61838115aeb2175f425a9fe04c77c7a4d6308aa1b92"
-                + "b1b0e459562ef12b03e11ef026b10bfcb0d174ea3cec142a1340f272212dd89209d9c1b8"
-                + "fe274b229549d5d1c2919c627daaf8658b763c7f36be86eb644e5c5b0c3802ffc7680268"
-                + "f441832fbb006ec33d293e8c6b50ab8a675b79b1981003c6b465a7a45bbb44c9a52b26fd"
-                + "a84d67104217be64b994404e2c7c31dcfacaebdb5b64e6fed85ff25fc5ffc31ec919ac37"
-                + "d2cb8d4e933bad652fdd4ba8116b1e5999f6bb67f0ce573d9a440e5ff0d1cef087f9cc09"
-                + "ba984384d6213b79ee1904edf75cc484827021d80c236d8d60f80beb836c23349fb1c662"
-                + "6ee38a808f97ff80818f39928540575d2c15f971f97f2c9666982a3bf3e4acfbe1969feb"
-                + "2fdb4d0188eeb456b4003e5f324b589f0b4cbd86fd5c70cd13e6c79e39c7ae4c083eef9f"
-                + "95d27ad452f2447bb4f8e3f5483e1a03a17df709c1081b99285284340158b25bd00fade9"
-                + "697b890273e5cf34f9ea9aa864c3318d4591024afef030b1247ae1e3f6cf25b19828abf2"
-                + "3070d893853ec198f3d1cc0dc131cc18d88e5e15784ebec5ea56b897990f5f5c8f96662d"
-                + "1cda2006a53c03527490255b54451ff43ca0c46bd920705b3d4eec935eff65c3604d4e2e"
-                + "da011135b4fa61ca144dab298cc4a1cabb173acb6db5313b260c3f61dc8beff2c502fe28"
-                + "f40c35c0d3a9d4b9f117a808bf7ea11342deb3f7e9372b80c2e2a5648d2e18cbda268fc5"
-                + "99146eba584f45a2b7acd9057c00417bda24cfbc798ff87dcca42e0ed4c56c5827eca22d"
-                + "09b9feedec97addad5ffc75e2a38c78ef9a7f7d47dcf547d3c146b24da566776d6a16bff"
-                + "1b2938a76ad84c2b1cedbd746a8f0a18396c0b9c06a40338ec77d33ffee72441c334e3b6"
-                + "62e6663476b89ef26abb232542cc4ee5760610346e0075c8f87e164a71831ddfc31f12f0"
-                + "f554bf393bc65654862eb2ad43b87a08a4146cab897d8dd6bf9d549d2a326e19043822cc"
-                + "59f29ef116c58500f098981f7d239b2f0ef9de9b30a77a01d56149f23dbac51f294807eb"
-                + "7f7bbe0cf7812f9918037fc8e460cf3489a39f5b5d62d2b3003ad7d3320b10c15b3d662b"
-                + "fb4ebdbe464ba1b2a5d852ddb43a793eeb1ca0757648ec0c81e0d155e980d1e2f9bc407c"
-                + "70b3580ffc9aca344b3075fbefa9c13e1148d4f9ef1c8d5bc08760d6bcb79035212adf2c"
-                + "89ad715b22bf80799f52a415125fb2e9b5fab1474ec7483b631612b4cb299ab96e172029"
-                + "85fc908d3b09ac34a729092f6659b2fd0404a49cbf25a01fa872dcf5b17ec6c2d5396fc5"
-                + "637eb8531e40501c38f40b755fd7392ef18bed62ee240e6283d5285df28e4cc270cfe19d"
-                + "3e257bdf04f730a6fc8615102400b8bc712322856a7891db403d759dd54c5dd8bed4bb9b"
-                + "7c34cb10c4ea08d0e6c1d946af90e755e33c9df0b81eb282f6896e2ae4c21d4d4e359f63"
-                + "82bc294975ca1de0666ae28ea24531f1414229c31e98aae2b46a43f52aee23551c268cf8"
-                + "655043e6ff8451b9c9a18a4d393bfe89b765e4d30e683ac1d3f76eb474fbd878a73b4f69"
-                + "178e20e88ada7c18c5e6e2e7e5439322ae704cfc9a5466d071e6faceff991b9141490829"
-                + "9b6b7cb89706bb1aeb2e51fe53662489b8f2237c78ec6e894252309d1868bcec1e53cc06"
-                + "b9eb808fb04ca9b36b441c8479b92e9f3d6d1239fc194550f4ea12f88f13682c92a6c946"
-                + "d5de07621c96d34bd928e4ab654ecc5f9a05ee20b94b7eb52633a91117715da1f73e407b"
-                + "36492c0cd18608c4ca4cf222b934f324a6ad60db3a5dfea14d60cbbe5185e27f871ac901"
-                + "68446aeb971caabe6e2392e721a919a0d6bb5e210f2ef40c36d5d67c23281587a80fc7c5"
-                + "8f1c45b892d7c199de4d9b867be97933d273afed6a9bc7819595f4da24db116a09b67663"
-                + "f677778cfba1396332f863d4c20c3ae0e11df868dcaf088f4ba500317761ddae6509dc0e"
-                + "38111e2a2cc89f33a642bbb7f21987587b2644d9970c31b6abae949bcfeee26e30ddc675"
-                + "311ebdbb2cacc3b1d7f36522b499c7aa345597be247dbdb2c9cb5d35b00f0b8068b9f406"
-                + "b7df27720e1114f964a2d4068a4e2c3ac89e722735d909b2d21c8504525dd313e3e2eae4"
-                + "3ada4096f2074dd643f32ca1fe2632e079befdaa3bda951837532af047453fbd6a39deed"
-                + "1899c226478c47cb28a4ebeab0f20281f9771300c0a00b08476343d714026e96d7cb3848"
-                + "be5d436072218bde7a58bd929d6be1db502662314063ae9c8568a46e147222aee8a369e6"
-                + "6ecfa46a8e98811007943331f2ed3475853451dba43ddfe8cb76860e00508cc9cd765c8b"
-                + "05f95003f3636c3059ac8891ba40c298ed0f86c801a33a989981edc2770b3f6662f2c321"
-                + "09e9b79a81aa8c1113d82c54f2e4a0fc5d93f1c65707aaaf8450974aa357ba48e75dd980"
-                + "888f5a4be5f6f573bcb027667168a9ae0282d62886faebbea770cba91e523a8f67aca3a5"
-                + "1494bcb10ab40e68c960c4d9136f9e486b0da9877cc522cb3d8d353464c3222dc0482bc2"
-                + "b4a5589abd4c7790e89b42bf875fc8068974e5022f73512a033a81d2653da9487c70ad99"
-                + "8222314d8d7c5b42aee0a58390a0ca277403ed68c89d240bd40fd6672e0341bf12ca0c66"
-                + "bf149007b8957a5ecb5db3cdac641a951ceb4ad29e08ae6a9ecfe2b6476e0eda521421db"
-                + "de9d89562ad9ac49e46e0389392821b4fbff0532a4503eebe0dfa1fae4c2bf3d02d9d5e2"
-                + "5908484395a1d63cdbf534bd93d7cf2e0ed93105640bfdd1a8f2e7d7e19475c65c478bc2"
-                + "9079e00d1df36b75e99dd4f45bf8d4bb5e5d2f07894d005c001d86ded5af7e6eb1d501f1"
-                + "bb03b765eae56717f1fc3a3b0a4680eef595cba1e7583c5132be5a09cc604903ad8b4727"
-                + "abe6881b927d3390db8be607e8865999e65347542f7716ee1a7d20043f8227683db3aeeb"
-                + "80cecb170fdd56edda4892e74169c96572c24b6107c1492b7361eb65edf7489521b4520a"
-                + "77215133902418caf4bf1226826d9413834a0d612e325d1ac0f4a460b34520d34daf5764"
-                + "9d2864cc5ef375cf6f5793305902dfd9ae97252b8e127925e33861ebf70802d30e7251c0"
-                + "6eab16972f59336444a758552fd60eb02b47e60bb2bb04d540f3e957444187e95b45e2ae"
-                + "60daf48f47ea8c33e263282356d8f79198dd14d69871d5606a8b4f86a6f2444fef29fb0b"
-                + "e1d46a7807185a668c4981282e57ca0bfd40ebf678bd373e5a0a6f0295affd4b1274dd3c"
-                + "ce34651e4de67c3615f69a9c215bf253e9bd53a6b43fad72b648c18b1c3c35b511ad125e"
-                + "ad54e82b44b9a1df815593fd9778c1177c3ecff27cd24d9cff9c94ba07a27ebea9d975bd"
-                + "58e51ff88c7c2bf89b4a1421a5c87bbfb85b8feff57e1c6e2d074fc6123cb3835cef32a6"
-                + "29cec9daa1c12482e8e16da2e3a9fd63466be85e85d4507fe6840580ce1a6128a0295035"
-                + "bfe3e9c73f8908413480c8d5d040e11c94555e47bbcf369a2589297b993fc66b0394d67e"
-                + "5362c348989a7c38d55c01d2a5375cc0dc3351371b931158a4695ca05aeb255d6d6907b8"
-                + "b60cc646ad8bfdbe5c538d3c088ece388f4ced4ce4604df03fe3b5299158a1d338a25b63"
-                + "598b17375969279685a7b45e576b1fa35d752eb801b97d8d5968d9079ca3a05c0f58478d"
-                + "ebb8d39339e6b68710efdd7c1882424b2823a496478fd1c4fb1bb89bb186a70198282ad2"
-                + "71c774f4385943e55ef87dd94b448a1efb92a2c5f6b8008fd6b270b2ed5888f78924fc5d"
-                + "4da86788d2123870210168a8a929151b255221edfb86d2c9abf28c269d897b025d702fa3"
-                + "d795d022cc519cf3b0cbca56a22b165f7ccbaf35a16e2ad9a15396c3eafbf970ac87c06f"
-                + "b996a29b550ff58bcb0573ae39f79050c6a90ae21ff1561a557604aa328166eaa1198793"
-                + "6da2276c7845800944605359793949af3479d5f3fa57c48a98e3925e324d8da33454781e"
-                + "698c78070c1cb2306d04538591b308d3802f064fe9c5ab39d3df891c5b3397ef63c08a11"
-                + "2ae23cd66779b7d12eafeb1236818d3cf92c01c8e4e2ea1e8e2c0480a7b2fe85c324c486"
-                + "9aa01b67a73204b8f0cbaadb040ed9dc55385c60d3",
-            "081a9c735975bb5b31a16c39a9e6768dfae7a3caba528dbd84947896ec2001d70f9437a5"
-                + "17e998b835d7448f68cf70c16386179e8f4f8939c68414f54efeb951974c56680e8078ef"
-                + "9d974fc794a64c4731c912d3f5b72e098ba495abc4fc2b1a37cff5443cc3e5ca930cbf4f"
-                + "978441b39e4d8fa9ddf4639c543eeb4de961c29d8301b4239a3ea1a4b2c2935d4c7863b0"
-                + "4e76ef0ac071d73eb1be76e478341e616ae95600945ba59825fae6c4638985fea0803d6c"
-                + "70114657352c68d616cb6873ad8eed6e7b608c4b33584e41431d3d846742b266d196e475"
-                + "7c3bf4e7e28e213fe6fae624ed2462f837af0f5a2012b9ceba54c28ec36fc197073ea1f5"
-                + "bb3c74a3d824ff37d8ae2a116a4d408d0eeb4992c844d2140b31157786ddef5da36d0faa"
-                + "a51058b08a89248960e7d19a72ab00b1b15b468d9007be79afc90b5cc5c06e67434e1f8c"
-                + "7a5f63083d236e0856379c57512e7e4342acbe391cdc14418e7e11711b26629eb237065d"
-                + "b2c2e16d7b79f5a92b35e39d861992f9819dd03da549b695158ff68398c1a253c5760308"
-                + "c5c6e5ee9b8dfce6ebe0cbbdc2bbff03547c8e9d48cf307ecdae797b5d357340854c429d"
-                + "fb160ad8e7310473d2e9b200c4c70badb8294e3b1ffe8c950dc27e56a3cea47e61d1f144"
-                + "f63ffcfd666257115deba198d2616ff3c1ebf3e4d30d59182b259473b4e8fc5e2c055b4f"
-                + "d771bf19b68b30c6ef06476522b4283aaeb7f1798ccacdae29a1075403faba7e7e88c6dc"
-                + "5776baf1bfa9a9fc928c306a2bfee0aa814cc9431a56316b9eb95eb667ca9ca4f426efae"
-                + "5031dd45d80c7c17b6d7a4dbe895a2ce482374b41ccc954c68ad0654387b1ab457e43033"
-                + "71a63db5dace631894696e323997b388dede168f230ef0463e1b06f507efdb2972e7fd37"
-                + "81b5d08bd4cd4838e2bc1d8f1cff91171e48c3117fd43aaa0332e14e7921aa477ea13c6e"
-                + "6c30322a38081179115edae4680dfa074d8e69a3aa61aa2a4b0bbb142ce3027bc23143ac"
-                + "0d466c4f72bb9514512b98068ffc2b5b9d118f33a894fdccda725c0b74eba773e3d44101"
-                + "f88eb9c2ba0e8cf20032dadf6b35f60e6c3efd12980987a884f5ba393e7f4e718bab519d"
-                + "7202d206a545853962ce1ebbb7fabfcb52d8a2c2d8cb046fddf85c7aff7ea0e7f072adea"
-                + "76e8bee7838352a69d556a4fc2c4d0aa387b5fd563e317c08b753893bbc20cc8748e9e6e"
-                + "2ad35785d0746fc95d055146ea044d9a200af2ed9f3a99875bd2b5f4dc15294fa669d9ae"
-                + "8bf77a2014cd62a2191caa4bd4b3ba31b456d4b3ee5f5093f090bd9a06b0cd08a5904060"
-                + "f3330386b333963f5a5c3a6e20113eb6bdaf61189f9b0d9a95669310ed3cf07edf93b338"
-                + "14d7ef80bdfea2ecc874ec5f8cea3c88c8c56103798270c074281540cbcbf42e5bf85954"
-                + "6ef18b255bc150285719ecb1bfbd89ac2e7d9d4bff84924dd679cf15007cc7589e4c93cf"
-                + "049d62d3fffbb647dcd78a109ef3951a4cf682083a6f2acbb7090a4073f3f867b2ac9d74"
-                + "b1ac3b6d19b93d1f462c4532574cedceb81ce843cb37de390dd96a5bda2e75de3b6e900f"
-                + "0fe70a29252ab9dffc2e2938aee1280c5d039d92f931532061db2c28b90cada5fb349f32"
-                + "06073366d6e535e998b644c60ba6b58cdcdea80b65d3a52baa0fc4416e388570a97151b9"
-                + "8149c246e966a5d7b94c044a84067e386b4dc01e393e12d8450d1d5544ba5106f8187611"
-                + "8117f304481a99c6a16b0207f363a8c12b0bd9674e9cf0927b8cad552d7ab94ad3acbbfb"
-                + "1d1561771c614b823e59790e558063fc6bf7ae14f199df0fcc4d9043e5b470c8e7088f50"
-                + "5a28e3931b69e08248c07fe060c218c93a2fb51d01ad0fa581f40319313c44611622151d"
-                + "366c73991514fa99f1faf57e7760579a40f060de05276f04f25204f808a999cad53151b9"
-                + "1c4374e8c81614379db93424a4825c58652fc8416a0baed3839a3110a6fbe451ca86ac48"
-                + "5422ea466549e2bda3ad6e10359ba42ecc9c929aeab10d9a9d055842be9856a08583e752"
-                + "39f52972453f0ecdaab51bc73b8fac5f7365c5dfc0c3861ff627124388057cbbe2f00685"
-                + "705311193a62ec4f9fd25d8f55f35f336a4ad2368ef2947bd159a2ed3daec364e65b9450"
-                + "bb5b5e8e18364bee3dd3179cbe6579bc4e06a2ac6fa37329ae20b5605843cc8664c8f538"
-                + "91b859ddfb2a6004f197316c5d3275eb28c20e588eb1a8e8b8d2e732288613708d3ccd1b"
-                + "7d0fee41244dbdf94b0031fd9354db3588fe161ecd3b58f02936c83f421b324f4b816b61"
-                + "baec6c6c1419564e77df7766ebf29886da543e3ad1fa93aafa1c2b073c8714b3167a744e"
-                + "1558f595a385d6f9426ef1e87df55c273053a348cdc41ea71fd0d5294736403a3472e164"
-                + "0794febb9a0ff3bf633795aa03b9c71bd4aada57313cc35a596609f3586900ccaab8ad7e"
-                + "f872b8484beac99e260a78356387a4993180c12680aad89c4a90f8503483e887c518bc3d"
-                + "1a5935c9d329d2a97d12bf1fc23cf62d8c1064b717062944748d6fc4a485ef79076a641a"
-                + "f1767dc55aae1b08224d23c0727b53babd49886a3efb23ab49277ed4bec40cc8f0b237ea"
-                + "a267801364ad865b6d6465215bc39b2018aa06f9a30598be039332d29f53f1dfb508b97a"
-                + "ad5254e1ff06509f8e80fbced8a3d25fe6f9947cf2c2757c9abee05904a2b06dde79316e"
-                + "ad2cd4a14f32d7d9f9348487c3017194255efaf1f2a39aea4ebb33b8a5a5d112ea29f80f"
-                + "9ba2b54ae2bbbf800e457d99b0019dab9145049f3080cbe33b98c0ba7aa194bebe64fcd1"
-                + "508ac6c567a6382099f807c4eb75ce002ed5f022742ebe48d835c975a4439db7eca5061a"
-                + "6870300726b55d89f6a91d4d8888d6a58d5f01f382864b95e310088acb781647152c2160"
-                + "8a11394b4c2331a3531a796f51ffdf777a3c421c21dc7db47221af7bf777c3c380c075c2"
-                + "42d71a05d3ea402a783a0cbc6cbf51c6a5606177f9408f56d2bef5c29bb2294a52f661c2"
-                + "5c33906e6309e281c3202138082eb775c3b719a1444049d7a6956fcf697bc59492956557"
-                + "a4c41c961b3829a24bc17d9ccfb05890e574c151a622c2279e73ea1fabf9317cdce950fd"
-                + "50dfc18d95c18fdb071ce28907f4bb37a67b19624250e2ac1f372397dfeb8e63349e3243"
-                + "134dfbdde74521a6e06c9ec3c1c46d82372a4cdedc2e2ff1e78c3458be8c9595e991ccff"
-                + "4feb85c45f41891edc54b457f45fee6a7a0330ac02b16debe81c4c99bcc72aeb8df92cc3"
-                + "bba209eb0242370aa0696fbfbff86927957cbc1d6d526fbc9840be74ce06ff3750a015b4"
-                + "9efe63736639643a58822a6f8b54ecaf66472d0301ac2dbd3d0ce21d24deef38607ab050"
-                + "0a4b004e5a7487568a2319fa2c22ee15e12acdff138d5df76aab7631f1c02b7f24e2dfed"
-                + "28d66ae700bc146105297b8a1bf7c4261e6d82e302508a36daaaea4f59c41dd75855eb77"
-                + "8bc3317e962ff61c6a70c7f80c2b061f97460738df784aad958100af7d76a9557d79797b"
-                + "fc0682b9d1d45e184f8998814e60ba4acbf440a9cecb5a05c282c97ee832024f14ba723c"
-                + "e9193ca76ee354509db4868a09669cbaa9d08ff6724b14123a1817f7609284f0f376da3c"
-                + "1cafa88145589f7992d6d4ad9eb188bf8dc0487dfcf7228fbecaeac4c9c755540c614059"
-                + "35ca5f7f08aaa17b371449eb10da179ccb6c08272ea3cf1bab572da9e1120147644172a4"
-                + "31f8e674d6cc65aeeae428c9ab911543b898291a46de834b652ca69e35556ab15d40bc33"
-                + "de89d8abd3c1be242510c3e92338822d010cb9208c2c197cfb1fa2aa6b60f6eec89ce403"
-                + "f7fe1fca7a368286cfcc25e3684027531265f48ed228424b4dc5126011ee41a5b978c89f"
-                + "7577d717cad1e7651a87e775c0439c90a53d61163c5aa887e0ebd6e8307a1f3fc91be72f"
-                + "850d5ea24b0d100b4055e097e4a80b782f8e8fb031db34534ba2e836a9d4daa3effcbab3"
-                + "c4026941bd8c8efb38997d764807d57f2caf89638a9dd8648e37120cec0677ca78cac779"
-                + "b29830311b4e4a81e3064fdefe17d789ad7b5893378e7fad9922c4353fe2cc812715a266"
-                + "35e071a5fe767f0842697177a6ec7e5b8d1ed9542e338f70916e86687f5d9fab6242449d"
-                + "e0804adb299492e34f6a7320ba4c822c9e1e82cd0d79a21d6e51513d0ca1893fe7099601"
-                + "922c4c12d491b506e8b95a94aba747c65723a4b8c2e827b2871cfc653a532448424297d2"
-                + "5d986309315020ea74e5febce670dc548f77d3ab970e907ff86dc33621a70193bcba0918"
-                + "1896f5db10e0891113a5545d5b49e325d84aa33a5d04243c5a88fa5f85283359ae599c53"
-                + "8becf5204c5d665ccebf2925ab951797c870e63d2c22d58ed9b5eb51cd0ea0758a61e15f"
-                + "52c6b846e91b022518928f11556b14cf2bce9da84d2b9913ed15a6b05775270d23f52d4c"
-                + "e480091f63d42a169fee253087e60621fc2f1af3a89834bab301ef40cc8a4d62233dab31"
-                + "6608b1781fe97efde3476af76921ab63a12472a2617d1ff461eada9fc75ba87638904fc6"
-                + "e9616fed729f8c19a11f14064a51107f9338be66d35d8171f53a9bc53b2677302a44f1a1"
-                + "ab3bfc04246e4d1640f4bafeec55e7c0521fae3615881c3913b03f32c99e94a58629d0e5"
-                + "62f4658cac16a3b2ee819baa40008811a07e4557e1cd8ed0aabf8a94c80025dbab95604a"
-                + "bff4a27164af2d1f0bf88536d8c2ef02f18ee813f3bd459f611a26f9b10551cfb5c09f72"
-                + "0c719329234e5ff041bb1863cacfad06ff2c3963a002e9d5946cdf92ae79755f6eb2e41d"
-                + "8e8ba85bd3a17ee24b7aa611c190f380026a7f7d6d0e98cfafdf023dd31d035e8f2bfff5"
-                + "4efad2fd1de6418072a5bafd06cd55225c11c2518fec70827e5bb81bc0d8ec192fb13d2a"
-                + "807ed5028e85a3ee3981326c0ea8e66305acefc1d6765b1961be992fc4f1e9388fc86cc4"
-                + "fabe4491b0958ff7c93da8fcbf5946bad3e7a4142cff3f3b5dc769037738770f08618a60"
-                + "b8d8d555384e2df4055a1a30e0d8f93cdde2457262d0289037108dffd28d76690f7cd831"
-                + "4074f8cb98b1dfdaadde0d37b1a2dede04605e4128c4de14b7861de1fb8c9d80b7dcf6a8"
-                + "ef7c2aa2db0946d089ef214e6e8da688e37087ca98a5aaf66995d994be6012a54deaead8"
-                + "c50a0c813dab15fed0d505d4844b8e8697a59ab8919eb3a54a8e6e56300919b2c95bf3f0"
-                + "c03044bde1d3177495ac1c9f6804a8628210468d5d3ea6fa639c8e6a452cb6febd7b8d61"
-                + "7120a25adf5c0b5027b63c51f38c251474bfd331705f23f2bf44b44312b434ed34f66ee5"
-                + "4095d68cb1bc34dc1e23b12fe9cfdb3a1489e0a3c49f92a2f6f47d61eb6b6105c55f75a8"
-                + "c2f646d2bde2a5ad13e28e8cb8e85b988ec9ef0039103b7ce0c876d5139b856c2f7bb09c"
-                + "af363db8023ab0042c64edc1b820eceb38d87487bd397d81a24a5c4b066975239dea6a97"
-                + "fcfaf2f661dd7de656d0ea1bf1e5ca2c7e99775fb423d11f7407ff2dd8c67d22bae19004"
-                + "68c23b8328e041e9e1bb83c529b8b72302410e820c3bdc480d0d0d528f1537fb0164093a"
-                + "46813f93432e0448fd2fe8d787dd2d096fee902617e2052fb4af92f70fb7835b52b62fbf"
-                + "b619b595fbac2aac969e47369bd442864357a58345656b4ed300fa69af64807fadb2cbaa"
-                + "627c2aff56be53ed60b455c66b52a56ebe109f9e4786d766e8b1d776a2cc1b6000712aca"
-                + "2a7819258b6a33141cd9d6b7f351a599c58b15cef7c082df74fd990e4db16b3aef88c0f7"
-                + "e0e0a951c3cec94dcc35a3bdc63cc76091f54deae10e1c2add64f492f229d2e9ec4cdcf4"
-                + "a81b2135caeae4d24bcd32d99154eb062b2321c21c219e53fddf91064e355795c30dce99"
-                + "a8c3541274538eacd3d7d5d78d7100a288b1169aca16c8b7f7af30ef8f1f86f029f7608c"
-                + "fa45fba7dd985b5a04702a9c4dae69083e80aee0a7a7137b191fa91ba00d876470fdf38b"
-                + "b93125ad7fb033dbab4e5aba8331668e4ef5ef5e66496dd6bd455a9867a323ffd9e15544"
-                + "f6de22881a0840f99cc561badd78e3c93e43f77f1446666df42c5302523a154c0f3d9141"
-                + "e0680b7cdc0d6ca1797218d37a24dd4b91fa46f28eb69b943be42e08363055ab7cb36b04"
-                + "d5968a806828aea2e4c42cbc896f372f8391bdb5c559d48d5214d40874e631fad28fdbac"
-                + "c62c66c1502086f2880bfd3082a7a9e80cffc0d662b409992755c3ff6e8e1ebebea1539b"
-                + "ec4f97e04d579558868d95029221d5ea68546d99a41b371372090b2877a8b62d171d25bf"
-                + "8e38b0a9a089fac89496294a8542198d67836112a2",
-            "09cf09b10e11406f1fbcd4d5b5ad2bcbcc61c1a0804ac9c39a40390c916319c101571e99"
-                + "c5244a1776f85ee0d42a2d85e906ef1864eca38529bd1e6d2fed3be5c7510a269d1985d1"
-                + "78bd6add4af93aaa6a44126531a764ad4cc05a1d1240cef0c22e44f79ddfae15623e4eff"
-                + "8f7fcb03dc9092693128057fa93dde124df023ede229f7a0a3cad41b23120e79dde6cc42"
-                + "289c4c19bb9a68806791c35a12bb350ace60164c24da5fa26ee29c0c4b36275d96d685be"
-                + "2cab2d64552d33d9f04cee58a2794579db6247dd6edbe5ba76b8573b01e8c14a70d1b3a5"
-                + "28432246a1e8681806f384080b86f4a21894d613893bce6683d0bea2b739059d349972e6"
-                + "96e866125415face8043a8018606a1e35574ef658c5b71c5082f9333ef924be448f99787"
-                + "b9e4b8747c633a8e5fcb23beb8d1c8e96e79ab714c2922a942060d2183abf51d905a7f20"
-                + "87d3f61d6dc0cc5dc479f4c278c01d53dd9c2a04e65ea35202a0849b3993f3168433e636"
-                + "17bdf8e997d24088784212f0c6e516772da382f771da6f601af7fc8aeabd56b01fe29f63"
-                + "9c73fe3b67f444b0e48839035865c9326faea75109673865c6c7503229e87944357702a0"
-                + "2d1fe4b9acadee9bbd24be79f3e93b125aa0d9b956b308e336aca774b9ecc9d4b2478b72"
-                + "321b3b4b0a6f562c3cb94177e521fcb74902cf343519268598c68f61570a90131b27190f"
-                + "fdc1c1f2cfffd0b508526ca0d69f8074e3e90c1aa949b717b661863a1ec5b26f6d77a275"
-                + "542d78b4b68b05f6b47fee1f1bd8260d41cd8578b3ed2d3091cf984a4cb9cad60460e6fb"
-                + "e4a94f807793a6306d9160728c53cd999d401ae3907854d36c11387fea4a900549c7c016"
-                + "2ebb139c461d9e33858d11bb828ffd1584e1dbc50c2bacccc622813f57ccf0afbfa9866f"
-                + "8ca3257b103458156a38a807f3620403d91680a74370c9b0dd6a558f95a58a7a02638646"
-                + "0a940e5bf5655e42f7cf6b672e5aa4cef313aed544afba7cd8ee724293fa666007aeeffd"
-                + "0cab49595118ca0d005023646b0881a6e32ac338b99c3683310df63b505335a337df856b"
-                + "b67bedeffb029ccefcb8a5352de643f41f029beb961f61644f318cf9b19eab8c92cbf8d9"
-                + "f6237abca1e63749c26e9f5001c72d51097ff1512b673be0252d7bf8a355adfe8e241527"
-                + "32edd0efab6d1531732379c6d6134b6be11633d8898db0cf342281b4801eb0e1f5a0f0cb"
-                + "7193139a015bfa30494d16c6abd65c598937b427e889e4455a46c8e32b9d55e1af25ac9c"
-                + "57b203cb9151f5431fe2cebd41eeb7166b9911ec5ccf5dc7e94ce8a2051a2357894da7e2"
-                + "3ff92a2b75356c81eab6591d28efede4e5f9f79e4193c1fbbce995de5c23ab3d32a00514"
-                + "2897005bff3d92dd6c4e33876a722bc6f9ab4cee31b60bff041d017883b44d1eb8e1950d"
-                + "c6629e5adc10d419869d7511bb154f905dad9e9b674edbc88613d34a4406cb26211b79a9"
-                + "38bd68f071765d9bf74c834e720315c1b38b347c92ad300705f4de0a960aeb537285641d"
-                + "546b7e7e3a867b4cbd85ffaa38c6306e49c5de2736fd7f115e555d0d0b065242db7e288c"
-                + "148225ff008a70f1f08ad17d1814bf05ba6acc3f09e503ce5262b7ddfa0e1f3e9c00bc77"
-                + "ac331c5043f5f3cb0840702587986225892763b5232459fc9223f11d5298d93cb7392d49"
-                + "b12d9dc521bca254e9df6812787bd6970bc9276a3a6fde1187314bd590a95df35eba03c5"
-                + "c4a1fde97186b5323edf04d68069460520bde60c55ae6d0707ece195b30bfd6503dd7baf"
-                + "6a0f099867be86f48b6871455dca6df56d8e6a374214cbb1798f54ba578f9565ce2bdf34"
-                + "56aa9b9dcc6c426a2a5b3ec91e8ac15ec85a163b4f2fe1e045a5a07ed495ff666d12751e"
-                + "5a63f5757cbbb2ce2c14471b8a6ae9f4e92098357f0af51e2e6bbbeec9ba4959d4913375"
-                + "9982303482972660bbc9109a330353dd65e37644aae546f2ce93dee136729f93472f3c69"
-                + "54f643a9fc61e1c3aa8f375fe63afb962d2513fbc4a3a9d4baa54dc69c3ba4c572651469"
-                + "9289f90c502bb21119486a345a94ce23a4ef90eeae96c931a8eb109f96f81f6ca1331827"
-                + "e3b647b0e238deb774a3238f979790bea036cc6735c1b7a49f4f398319e79ec68cc4614a"
-                + "10ee2d11c6e32f39ad4959064b29421d20375b98965e6e5f0f394b1668fe75abded65b11"
-                + "0f24f08a128b2d9a2d1b22b29e9aac33545c57017442faf896abffdab377d210f20f48ee"
-                + "14542db86a7d2f93c36a4a04b984c0a70c6896bdbe74e6d8b1bfd9389e290fded125be4d"
-                + "d465ef200c3864ecf8a593ac07bf4c88b6515cc77c4546ee615d229cc71e368a71a9aef2"
-                + "565622a9fcdd597cebfc276887ce8b22377ba3628658d294db6382c562541b9f2a4a7c40"
-                + "cc3efc85532233dc314750001a806f31dc9f6b4097abc80e8cdb88493ece98f3a33414ed"
-                + "6f2accd2e9ae6e618f862afc47f87e7d7bf7211b2105da888cfd26e600aa136b7f314407"
-                + "edb6f8bdb97080ce88cb2f41ab5a1d9ae27295fe3d180af1de5bd1c17f197969e8feede5"
-                + "b19b1d9695ee90a95ceda909904e82850a27a6d354862e45e79e209d9362fa601369cc24"
-                + "45525f0b75fac33b116bee801a1e0a7a93a8a79f68c78f115935f11192536e16c7240978"
-                + "5cd513739e3d6ff022630b31be82154b8b5473a0b30613a34c601f5edebae6adf5d029eb"
-                + "08f6b4e8095151a36badb485f0ac7b0389a0dff3d1380799ea73fc347ee1823198717086"
-                + "8f720a98d77c67f816d970e94918791f01ec4f55ca12fb293ff2172d8d862d8a91bde48e"
-                + "aaa91ddcaf2fd3a672eb7d1351a386d145af68d79ba23cb4d07e7742a0e9dcf30cfb70d6"
-                + "93d855afd70ab43f756c6892038d050d77adceb8661a11b6cc160eaa22ccf1f6639a279a"
-                + "1adb010fce2d104afbaa2e8f2fc4169b06fc5f7da083288d920524e8ffffff35da20e4bc"
-                + "97a1c43eea60ff3bdf3677f890da0284b666968e769bb94dc6b3f871d34f345b2f042f51"
-                + "2852d47e4174bb4d8a240f1feeded24f91a8e5175857573800c2c0153373d1bb324686cd"
-                + "75579b5e4562a01fc28e099885420374d379d90d77875e1ee92ed681543f2edff426ca83"
-                + "d072b3d74853c6bb354f3fb304f4bb37a67b19624250e2ac1f372397dfeb8e63349e3243"
-                + "134dfbdde74521a6e06c9ec3c1c46d82372a4cdedc2e2ff1e78c3458be8c9595e991ccff"
-                + "4feb85c45f41891edc54b457f45fee6a7a0330ac02b16debe81c4c99bcc72aeb8df92cc3"
-                + "bba209eb0242370aa0696fbfbff86927957cbc1d6d526fbc9840be74ce06ff3750a015b4"
-                + "9efe63736639643a58822a6f8b54ecaf66472d0301ac2dbd3d0ce21d24deef38607ab050"
-                + "0a4b004e5a7487568a2319fa2c22ee15e12acdff138d5df76aab7631f1c02b7f24e2dfed"
-                + "28d66ae700bc146105297b8a1bf7c4261e6d82e302508a36daaaea4f59c41dd75855eb77"
-                + "8bc3317e962ff61c6a70c7f80c2b061f97460738df784aad958100af7d76a9557d79797b"
-                + "fc0682b9d1d45e184f8998814e60ba4acbf440a9cecb5a05c282c97ee832024f14ba723c"
-                + "e9193ca76ee354509db4868a09669cbaa9d08ff6724b14123a1817f7609284f0f376da3c"
-                + "1cafa88145589f7992d6d4ad9eb188bf8dc0487dfcf7228fbecaeac4c9c755540c614059"
-                + "35ca5f7f08aaa17b371449eb10da179ccb6c08272ea3cf1bab572da9e1120147644172a4"
-                + "31f8e674d6cc65aeeae428c9ab911543b898291a46de834b652ca69e35556ab15d40bc33"
-                + "de89d8abd3c1be242510c3e92338822d010cb9208c2c197cfb1fa2aa6b60f6eec89ce403"
-                + "f7fe1fca7a368286cfcc25e3684027531265f48ed228424b4dc5126011ee41a5b978c89f"
-                + "7577d717cad1e7651a87e775c0439c90a53d61163c5aa887e0ebd6e8307a1f3fc91be72f"
-                + "850d5ea24b0d100b4055e097e4a80b782f8e8fb031db34534ba2e836a9d4daa3effcbab3"
-                + "c4026941bd8c8efb38997d764807d57f2caf89638a9dd8648e37120cec0677ca78cac779"
-                + "b29830311b4e4a81e3064fdefe17d789ad7b5893378e7fad9922c4353fe2cc812715a266"
-                + "35e071a5fe767f0842697177a6ec7e5b8d1ed9542e338f70916e86687f5d9fab6242449d"
-                + "e0804adb299492e34f6a7320ba4c822c9e1e82cd0d79a21d6e51513d0ca1893fe7099601"
-                + "922c4c12d491b506e8b95a94aba747c65723a4b8c2e827b2871cfc653a532448424297d2"
-                + "5d986309315020ea74e5febce670dc548f77d3ab970e907ff86dc33621a70193bcba0918"
-                + "1896f5db10e0891113a5545d5b49e325d84aa33a5d04243c5a88fa5f85283359ae599c53"
-                + "8becf5204c5d665ccebf2925ab951797c870e63d2c22d58ed9b5eb51cd0ea0758a61e15f"
-                + "52c6b846e91b022518928f11556b14cf2bce9da84d2b9913ed15a6b05775270d23f52d4c"
-                + "e480091f63d42a169fee253087e60621fc2f1af3a89834bab301ef40cc8a4d62233dab31"
-                + "6608b1781fe97efde3476af76921ab63a12472a2617d1ff461eada9fc75ba87638904fc6"
-                + "e9616fed729f8c19a11f14064a51107f9338be66d35d8171f53a9bc53b2677302a44f1a1"
-                + "ab3bfc04246e4d1640f4bafeec55e7c0521fae3615881c3913b03f32c99e94a58629d0e5"
-                + "62f4658cac16a3b2ee819baa40008811a07e4557e1cd8ed0aabf8a94c80025dbab95604a"
-                + "bff4a27164af2d1f0bf88536d8c2ef02f18ee813f3bd459f611a26f9b10551cfb5c09f72"
-                + "0c719329234e5ff041bb1863cacfad06ff2c3963a002e9d5946cdf92ae79755f6eb2e41d"
-                + "8e8ba85bd3a17ee24b7aa611c190f380026a7f7d6d0e98cfafdf023dd31d035e8f2bfff5"
-                + "4efad2fd1de6418072a5bafd06cd55225c11c2518fec70827e5bb81bc0d8ec192fb13d2a"
-                + "807ed5028e85a3ee3981326c0ea8e66305acefc1d6765b1961be992fc4f1e9388fc86cc4"
-                + "fabe4491b0958ff7c93da8fcbf5946bad3e7a4142cff3f3b5dc769037738770f08618a60"
-                + "b8d8d555384e2df4055a1a30e0d8f93cdde2457262d0289037108dffd28d76690f7cd831"
-                + "4074f8cb98b1dfdaadde0d37b1a2dede04605e4128c4de14b7861de1fb8c9d80b7dcf6a8"
-                + "ef7c2aa2db0946d089ef214e6e8da688e37087ca98a5aaf66995d994be6012a54deaead8"
-                + "c50a0c813dab15fed0d505d4844b8e8697a59ab8919eb3a54a8e6e56300919b2c95bf3f0"
-                + "c03044bde1d3177495ac1c9f6804a8628210468d5d3ea6fa639c8e6a452cb6febd7b8d61"
-                + "7120a25adf5c0b5027b63c51f38c251474bfd331705f23f2bf44b44312b434ed34f66ee5"
-                + "4095d68cb1bc34dc1e23b12fe9cfdb3a1489e0a3c49f92a2f6f47d61eb6b6105c55f75a8"
-                + "c2f646d2bde2a5ad13e28e8cb8e85b988ec9ef0039103b7ce0c876d5139b856c2f7bb09c"
-                + "af363db8023ab0042c64edc1b820eceb38d87487bd397d81a24a5c4b066975239dea6a97"
-                + "fcfaf2f661dd7de656d0ea1bf1e5ca2c7e99775fb423d11f7407ff2dd8c67d22bae19004"
-                + "68c23b8328e041e9e1bb83c529b8b72302410e820c3bdc480d0d0d528f1537fb0164093a"
-                + "46813f93432e0448fd2fe8d787dd2d096fee902617e2052fb4af92f70fb7835b52b62fbf"
-                + "b619b595fbac2aac969e47369bd442864357a58345656b4ed300fa69af64807fadb2cbaa"
-                + "627c2aff56be53ed60b455c66b52a56ebe109f9e4786d766e8b1d776a2cc1b6000712aca"
-                + "2a7819258b6a33141cd9d6b7f351a599c58b15cef7c082df74fd990e4db16b3aef88c0f7"
-                + "e0e0a951c3cec94dcc35a3bdc63cc76091f54deae10e1c2add64f492f229d2e9ec4cdcf4"
-                + "a81b2135caeae4d24bcd32d99154eb062b2321c21c219e53fddf91064e355795c30dce99"
-                + "a8c3541274538eacd3d7d5d78d7100a288b1169aca16c8b7f7af30ef8f1f86f029f7608c"
-                + "fa45fba7dd985b5a04702a9c4dae69083e80aee0a7a7137b191fa91ba00d876470fdf38b"
-                + "b93125ad7fb033dbab4e5aba8331668e4ef5ef5e66496dd6bd455a9867a323ffd9e15544"
-                + "f6de22881a0840f99cc561badd78e3c93e43f77f1446666df42c5302523a154c0f3d9141"
-                + "e0680b7cdc0d6ca1797218d37a24dd4b91fa46f28eb69b943be42e08363055ab7cb36b04"
-                + "d5968a806828aea2e4c42cbc896f372f8391bdb5c559d48d5214d40874e631fad28fdbac"
-                + "c62c66c1502086f2880bfd3082a7a9e80cffc0d662b409992755c3ff6e8e1ebebea1539b"
-                + "ec4f97e04d579558868d95029221d5ea68546d99a41b371372090b2877a8b62d171d25bf"
-                + "8e38b0a9a089fac89496294a8542198d67836112a2",
-            "0a211e27887cc2ce5f2b079e955e262546ab48cf80c317898c376721cd65397ebd9ddf21"
-                + "bcb1e67d2cd01840ea4bd6c4f4cc94b23f656e9486bf4f6aa80adf8003b3005c4c78d59e"
-                + "9de695bd4c5dfdaed42c6019b5d33f73d7cb66429034fc6454e75d2d75650d910da551a8"
-                + "1c1c3e996f6a128b820e9464387cacfcb5d52510ffcc978c270dd7a369378b336e86b001"
-                + "6b203dd0476d632b95578c6cc289806a23cee24cd48329bc87a196479435768de87403b4"
-                + "14ef512a52d89c6691024613f52aa965147c0bd52824f7b4c4bbe228acb9c143a1436cce"
-                + "ffc3841ad237a3c5285e59fa7f327406cae3b53be57ab26a8cf2c5103d5e62e3293c2ae4"
-                + "2e071155443e123b13d19fa2603b6dc65dbb97d283fbb4a13966d61bec454b1693d96123"
-                + "6fc106b33dd0fff2805f84b0cb8a838289fb76d353615a31d783eb51024d0e149426b62e"
-                + "2481f8d80f6580fae5de14dbc17e4bdc782b0fc39617d55098873a83f5988fe73329a332"
-                + "c17b8cbe3b2ce147a8458c3964b7ee2386c6ae454a884f3a7a1a9b54d6cddd17052e789e"
-                + "a7bef128068599fbb19449d3b304d5bb07d36ad72c214b81ab9d1cb68caf96730f668657"
-                + "f8fe6683de7684b965d0ba703eba93d23f3d6e2a97fc9c2ee6a8dfa1fc089463c5eb01a8"
-                + "3df95f48ee11af72e1ac18e8edb13f98e1faa7b005932ea01d9766d52987de585444fa2c"
-                + "e35c037f799777766a6795b6c62071ad638ea585dedac6372114b644540a63312370d830"
-                + "1b0580b6c41287f28c302203a15739a50d1c700cb4a551f872cfe6bbe9715b742f50c7cf"
-                + "05b7585d234408b43cdd0878028d233463ee9c898ae89bf2bff4b1329168d787528c3d7a"
-                + "ba200606a5acda4d6c50611938c7014697c5d1229c1e5035df5674ad3f0c60e518cf3632"
-                + "6b5e2c2493993c8eaea63a6523192cec258f60c7c74e4762447a1839411a297ae42becad"
-                + "7b3b77fe299abed7a4070a839c0246401c5f395ce588de5799be451326734d33b08c1d7a"
-                + "7a5883adb71b8b5f15798d7930a6a8428c1efe8831e254ea87356a8d0b458284f09cad8c"
-                + "c6420ce404c74d737c8903af611b603a07237c3ca279d5a66182d204e03c1c29b2f7cc87"
-                + "afab28bf078f8c9fe5f8d865909e97758089f40d7c1f740ca0ddc133846b2bfc0eaf3547"
-                + "df8216a93dc41d8210632321faf8b67931e2ac5a923b55ef0e0150c87114749c4dd45e28"
-                + "c7513cd0e53782d8ff82bdea98b44b8b2f29c801d285bb2d7d7d62934ba8a86295608885"
-                + "b7946560319f041420646fd042b0dd2dbdcecc1c1dab180c6ac752c1244ffeefc93d51cf"
-                + "87789069056d9dfc7874e4115644b8a5615c1ceed9c9fff459ad811a6caddd1f2f1d5a48"
-                + "84c52c1f2f05dd3cfcfaec71bb792d38322c7b41d403e715f3374b1380f247282a1697ed"
-                + "35081c220d474084f1102ad1117ca4c4c5a2bcf5154561f8918a1ff7246b03c4167981db"
-                + "8600b4c4b3e770afc49c1271a0b9302c38be5db08230953af0b9e63ed1257718bb1e5b0f"
-                + "22bb29e49287acad0a0e8a27294347e09b598224d0eaa74269087c5355cb2e3e3769c845"
-                + "defd66f2ac84639e28e48a88823915812860fb4db342c520e4d1fd44dddbd0e4d5af623f"
-                + "e5bb2ff8f32b8544c8d7f490782d029d1cc5e30948da196f3d7cb4ef7774d682706bb42b"
-                + "ee589759ad9a4896e4e93c1268bd01854d6042a43b9c362a16d2df6dd3fe07d7d0512fae"
-                + "0e8b8026ec61f345aa5afbdcb11f992086f20074669199619d8ae8453f355d3772a2df2f"
-                + "4b5a5a95a9dace2f217d190966a159aee2c60a9c51903f41b63cbb5d2037faf2fc081d3d"
-                + "b0272d04947394e95f6381398ae5eefea421bc7d53927f855e1f0e741d38c62794e9fc7e"
-                + "acb29e8a4aae948c419adaf3a11ecb5f94716cb72912fea6bd7cc5065ce2e1c27673c7a9"
-                + "ee483df733e52a5b95fcd6ee9f9ec3676cb943d980c5b0abf01d9d55c6f71045fb1aa909"
-                + "24f42cace83cd45eaf7846488e17568b244d35eec1c1c1f5e82b3734051fad22fa92fc1d"
-                + "b5192f9911328851f7ed3aa02d3eafccacd51bd3aa80ba4e941e1ac9b704ba08e5191d0e"
-                + "83427f12110c08736cfd99be8ab2489a2edaafa33a8643a01a2d143222c313f3dac5bfa6"
-                + "6db2e3378d808bec5e338950ab72a94f6f28d685f13369a941407fd2d407706437d96832"
-                + "e49346e0580e15f9c1c661280f0c6dc32d84b4b6beed64c466de2bc7aa5cc602e75e3da5"
-                + "d6d9ea8ad3b85d1f6a15c7a6307260abceec94bbf7fd78dbe2c985c29ab32240212debd9"
-                + "dac89a90331bdbea61f3a4d0314c2200db0d356f2e02c9e0dde62f24c321948ab08b0206"
-                + "c8b29ce84bb719596294f554af5a22dfd4e860a9fc4113a92416d8c334afd3a8aa8b9516"
-                + "c5e6a29ea4b2393afb08e5003e27865f9c6a5ff15eb3edf61d02fcd5ada1c0ef2be107ac"
-                + "aa0a06c306454fab17b7d3511cf4c1be8b2dd2a4a8435dbb1073e469bd2bcd322d42f3f1"
-                + "311a080b65f39610762e3f28b572b8ec25a18a4bbd1ea2a8633f0cec9f9d0cd24d8c8b63"
-                + "586e2d8c2ac5331b81828f220d24f875aa77e490ec30a16e040f3f6c375decd6125e38bd"
-                + "f1a003a35bcb9eee03c488507d164fd4c82ba483b3cdb198e4eef029c542816d601a11cc"
-                + "6ac92ccba109e8a90f4b881bed7979ddc1c9fa6ffdde4ed7a7fc07699901bb7b851df419"
-                + "14612bb3c8e5b07e010502f135f502091e9d64742e01aad28bc63f9ad89c7c616cdf4175"
-                + "94f94cad9f16835800f0f641ae8b34cfccd010d98d712280713feb9a61229dfdf67badd7"
-                + "65d6f3edb18e61a7be96f5f609384c8c9569fcd9e4d8dcde8a16a0b521567a53459f3576"
-                + "9e782169548c0761d3ed37acaca8a7edc24459c3531b98aff5f323bf58946b04661cfdcc"
-                + "70c7b2ed4ba60e676d29e0460f17ac6c334e97c2c0876ad189ff439350cd8e105ba82871"
-                + "5a51f34cdd3ea3ea3904097bf6a71b4a35cfd158bd9879bfc21a9df19beb1088f0a95384"
-                + "3bdb29feed826a9b6be6a009e8aa1e13f2ea8702522753a1ad27200ca6c2e931708a7cd8"
-                + "74410854e9a26fa4eec37332d53b475a4d37d1b74a1e32b7ffd97755b8b8bb77ff8e2213"
-                + "61df97e56677f0950aec8aa57fad5276bed7a48cd04e194eb54e2cb2ec31d426aef2280b"
-                + "f411e823ca0e4a693d6c9ec3c1c46d82372a4cdedc2e2ff1e78c3458be8c9595e991ccff"
-                + "4feb85c45f41891edc54b457f45fee6a7a0330ac02b16debe81c4c99bcc72aeb8df92cc3"
-                + "bba209eb0242370aa0696fbfbff86927957cbc1d6d526fbc9840be74ce06ff3750a015b4"
-                + "9efe63736639643a58822a6f8b54ecaf66472d0301ac2dbd3d0ce21d24deef38607ab050"
-                + "0a4b004e5a7487568a2319fa2c22ee15e12acdff138d5df76aab7631f1c02b7f24e2dfed"
-                + "28d66ae700bc146105297b8a1bf7c4261e6d82e302508a36daaaea4f59c41dd75855eb77"
-                + "8bc3317e962ff61c6a70c7f80c2b061f97460738df784aad958100af7d76a9557d79797b"
-                + "fc0682b9d1d45e184f8998814e60ba4acbf440a9cecb5a05c282c97ee832024f14ba723c"
-                + "e9193ca76ee354509db4868a09669cbaa9d08ff6724b14123a1817f7609284f0f376da3c"
-                + "1cafa88145589f7992d6d4ad9eb188bf8dc0487dfcf7228fbecaeac4c9c755540c614059"
-                + "35ca5f7f08aaa17b371449eb10da179ccb6c08272ea3cf1bab572da9e1120147644172a4"
-                + "31f8e674d6cc65aeeae428c9ab911543b898291a46de834b652ca69e35556ab15d40bc33"
-                + "de89d8abd3c1be242510c3e92338822d010cb9208c2c197cfb1fa2aa6b60f6eec89ce403"
-                + "f7fe1fca7a368286cfcc25e3684027531265f48ed228424b4dc5126011ee41a5b978c89f"
-                + "7577d717cad1e7651a87e775c0439c90a53d61163c5aa887e0ebd6e8307a1f3fc91be72f"
-                + "850d5ea24b0d100b4055e097e4a80b782f8e8fb031db34534ba2e836a9d4daa3effcbab3"
-                + "c4026941bd8c8efb38997d764807d57f2caf89638a9dd8648e37120cec0677ca78cac779"
-                + "b29830311b4e4a81e3064fdefe17d789ad7b5893378e7fad9922c4353fe2cc812715a266"
-                + "35e071a5fe767f0842697177a6ec7e5b8d1ed9542e338f70916e86687f5d9fab6242449d"
-                + "e0804adb299492e34f6a7320ba4c822c9e1e82cd0d79a21d6e51513d0ca1893fe7099601"
-                + "922c4c12d491b506e8b95a94aba747c65723a4b8c2e827b2871cfc653a532448424297d2"
-                + "5d986309315020ea74e5febce670dc548f77d3ab970e907ff86dc33621a70193bcba0918"
-                + "1896f5db10e0891113a5545d5b49e325d84aa33a5d04243c5a88fa5f85283359ae599c53"
-                + "8becf5204c5d665ccebf2925ab951797c870e63d2c22d58ed9b5eb51cd0ea0758a61e15f"
-                + "52c6b846e91b022518928f11556b14cf2bce9da84d2b9913ed15a6b05775270d23f52d4c"
-                + "e480091f63d42a169fee253087e60621fc2f1af3a89834bab301ef40cc8a4d62233dab31"
-                + "6608b1781fe97efde3476af76921ab63a12472a2617d1ff461eada9fc75ba87638904fc6"
-                + "e9616fed729f8c19a11f14064a51107f9338be66d35d8171f53a9bc53b2677302a44f1a1"
-                + "ab3bfc04246e4d1640f4bafeec55e7c0521fae3615881c3913b03f32c99e94a58629d0e5"
-                + "62f4658cac16a3b2ee819baa40008811a07e4557e1cd8ed0aabf8a94c80025dbab95604a"
-                + "bff4a27164af2d1f0bf88536d8c2ef02f18ee813f3bd459f611a26f9b10551cfb5c09f72"
-                + "0c719329234e5ff041bb1863cacfad06ff2c3963a002e9d5946cdf92ae79755f6eb2e41d"
-                + "8e8ba85bd3a17ee24b7aa611c190f380026a7f7d6d0e98cfafdf023dd31d035e8f2bfff5"
-                + "4efad2fd1de6418072a5bafd06cd55225c11c2518fec70827e5bb81bc0d8ec192fb13d2a"
-                + "807ed5028e85a3ee3981326c0ea8e66305acefc1d6765b1961be992fc4f1e9388fc86cc4"
-                + "fabe4491b0958ff7c93da8fcbf5946bad3e7a4142cff3f3b5dc769037738770f08618a60"
-                + "b8d8d555384e2df4055a1a30e0d8f93cdde2457262d0289037108dffd28d76690f7cd831"
-                + "4074f8cb98b1dfdaadde0d37b1a2dede04605e4128c4de14b7861de1fb8c9d80b7dcf6a8"
-                + "ef7c2aa2db0946d089ef214e6e8da688e37087ca98a5aaf66995d994be6012a54deaead8"
-                + "c50a0c813dab15fed0d505d4844b8e8697a59ab8919eb3a54a8e6e56300919b2c95bf3f0"
-                + "c03044bde1d3177495ac1c9f6804a8628210468d5d3ea6fa639c8e6a452cb6febd7b8d61"
-                + "7120a25adf5c0b5027b63c51f38c251474bfd331705f23f2bf44b44312b434ed34f66ee5"
-                + "4095d68cb1bc34dc1e23b12fe9cfdb3a1489e0a3c49f92a2f6f47d61eb6b6105c55f75a8"
-                + "c2f646d2bde2a5ad13e28e8cb8e85b988ec9ef0039103b7ce0c876d5139b856c2f7bb09c"
-                + "af363db8023ab0042c64edc1b820eceb38d87487bd397d81a24a5c4b066975239dea6a97"
-                + "fcfaf2f661dd7de656d0ea1bf1e5ca2c7e99775fb423d11f7407ff2dd8c67d22bae19004"
-                + "68c23b8328e041e9e1bb83c529b8b72302410e820c3bdc480d0d0d528f1537fb0164093a"
-                + "46813f93432e0448fd2fe8d787dd2d096fee902617e2052fb4af92f70fb7835b52b62fbf"
-                + "b619b595fbac2aac969e47369bd442864357a58345656b4ed300fa69af64807fadb2cbaa"
-                + "627c2aff56be53ed60b455c66b52a56ebe109f9e4786d766e8b1d776a2cc1b6000712aca"
-                + "2a7819258b6a33141cd9d6b7f351a599c58b15cef7c082df74fd990e4db16b3aef88c0f7"
-                + "e0e0a951c3cec94dcc35a3bdc63cc76091f54deae10e1c2add64f492f229d2e9ec4cdcf4"
-                + "a81b2135caeae4d24bcd32d99154eb062b2321c21c219e53fddf91064e355795c30dce99"
-                + "a8c3541274538eacd3d7d5d78d7100a288b1169aca16c8b7f7af30ef8f1f86f029f7608c"
-                + "fa45fba7dd985b5a04702a9c4dae69083e80aee0a7a7137b191fa91ba00d876470fdf38b"
-                + "b93125ad7fb033dbab4e5aba8331668e4ef5ef5e66496dd6bd455a9867a323ffd9e15544"
-                + "f6de22881a0840f99cc561badd78e3c93e43f77f1446666df42c5302523a154c0f3d9141"
-                + "e0680b7cdc0d6ca1797218d37a24dd4b91fa46f28eb69b943be42e08363055ab7cb36b04"
-                + "d5968a806828aea2e4c42cbc896f372f8391bdb5c559d48d5214d40874e631fad28fdbac"
-                + "c62c66c1502086f2880bfd3082a7a9e80cffc0d662b409992755c3ff6e8e1ebebea1539b"
-                + "ec4f97e04d579558868d95029221d5ea68546d99a41b371372090b2877a8b62d171d25bf"
-                + "8e38b0a9a089fac89496294a8542198d67836112a2",
-            "0bd892ca9e8f0bb84fdd9bb9eb8636b6138c66d530bb03c8054c0c66a1063971c0c78848"
-                + "c9e053887ed436a6470bb99f7f34357811e280409fef6c81ecf07c477768358fe520c7e9"
-                + "b08084b682b1922567b70a1f4441573c39097f34c0098344581b22284e39c5a050080b34"
-                + "03fefa5d45878397d3fd19a8770e42aa61967e863735d16bfd7b1aeb0d4bd06ae0e58149"
-                + "7a600805c6c56e214e01b18e023ece14ccda2703c62d54f3db1d46e2cfe6e96d873dc0a6"
-                + "85f03b393d70685daa30a13e483d5c696e549b42c424b55ca351e6c8e0a1db1886122fd9"
-                + "8538f4c219609e6956d48607fd14f1a9bc62d7cc04306606913d9d93fada3cbc1ca95e0d"
-                + "f5512116708970daa627a5baecccb7c0728cce5554ba5ec8eb385a24efb1be2007078c11"
-                + "66f693523a9897e4fb92cbaf3f84a97f4386f105d78ee6101114557c5033695837f81ac9"
-                + "85e4d6498876947270a1820a4b84f5eef991e08a7f58c6f82f2bd9741b4be455558e77f8"
-                + "5d6a6c3af8d41815a2639563aee03d1af84e7a2f1df66d5bf327bb16c629fb4140051a27"
-                + "549da1cba648c4629cd87b88f285df12fce998100bef61269e0dc32f5b600008a6ee400d"
-                + "dc8ee58fd00585755b3c3d0ad5068110d37910bff98ba839adea2232fdfc85a91e4af5d8"
-                + "08a322338c0e394628b57f60d8b48923bd98df01dc6f8411ef4a49becd8f069cabfd58b5"
-                + "e9ce213b7dfa1b691180b8e208360e2f984fd5943ce05b62be3f6da1cfe154bdbf4ca513"
-                + "a3793f30c91bc001b31a7caa17431431d08e24f9cd9f1dfede9cb7a1ce76a0c1b06dc567"
-                + "b4370a0e3ff46b2ad37998ddd841c8c2778199a3c1c490e05354a651442c3594133b44e0"
-                + "12d8a5aeb450559c7cfa497844e3ddc719a26c79b11dfef604a559c011cdb24f3d09b42c"
-                + "1bfae665b5c090584880bd1123e0c28aea90f59318c8d391256c374693f490509d0dd8ec"
-                + "16bf271c604d5e1c0504003d044e16414b9c9ce34cd6027e4c60a0b58d90991c2e3aeb42"
-                + "5f19ea8e9f6092f3ca1e5b4ef812db0339bf9ebecf80fdfed6a4da8a8f7954b92386e3e6"
-                + "66df4260ffc6a40f07ddfcc528c0809f669bf145ca217844cc542125f9893c70d44813c9"
-                + "463ec1b8b6aa397784c69abd82f5b362870b1451d9752a163e630bce5edf6fe92884d772"
-                + "dcc50dc12dcb98ea7bc5f2a04499419ffb3690e005d5a713f82b2f1f237d723f2eb83182"
-                + "6fbbadbe65c1485b8f2f2b2e0bf2716d4102b6e92d27d1ed853509d53cab2f45fdbda32d"
-                + "5c5c46bb74bccaeecb4b7aa38a8bfdfd5224ebf63e82e96911392500bc69c9987475f4ba"
-                + "115394b51cf5973a68a209aab4daf5d6471b0e24fb20d7d0d6b98b63f21f3976fea89cfe"
-                + "aa47c9b88ac1256cd103b6a5c77543f90b3482c3cffdbbd6b240c24e80ae1ec58c5ee751"
-                + "1d32ba58c7ebe8a0ec475dbd01a06841d70abfce93f213526665f98562478fa58fe80757"
-                + "5bcd8cc46e7ae08641cb65ab01da44758d99c0665ef73312816cdb9f9c78947cb777cddc"
-                + "a0e246c9116e9c3329dff0c457e719f0a935920f2e96c36cd183e0b0c83e7015752d0152"
-                + "4f59ed6d4d3ec0119ce81ee33f28fadda0b0225e136b2a9beb59d5cff29560d93315a670"
-                + "b33829fcef52aad2f4bc2359a35ba2086758ccb7ab2fadd738eef37e67411ac16cefef31"
-                + "bccd42194a3750d0c03e953f83f9f3d635804fedc04fb8160e6f58f2dfd89dfdd194924a"
-                + "1341279b3110bea989a09e6c4add00a4c7144985e61212267a7a86d95ec8255fd184beda"
-                + "07f5314002af0e2ff51f90b7cb79058866213373f106084794d285a528c5107077bf2cb2"
-                + "858e0de27f5a80755e0a322bc91d9d7094dcff89fc6e490b4d10b5974fffaa9bd90a156d"
-                + "e0465c22829fac8e0fb076dc3ed2590ce5ceb7ed501ab90b8dc2d4fe527b26ab1ef7e78d"
-                + "0db615c2e5acc02ac0ac97e659e9079696cd10fcee10fe4efdbf2467fd0aa8bc2aeb3f7e"
-                + "5473a4ac367cf367c114fbbecad16245beedbf55c332775fc355ba1602297ea09f5b352e"
-                + "26be577c0a3f63908cbf7b3280eb1f7f5eab36db6d31b1bd35a82d50b659a8d9d37094ed"
-                + "21cb19374f7a32e8d00985118ee41306a89dcdb1e6ad6bb8ab1189d9687e0a3c1bbd5f7b"
-                + "bffa34a40c2d1bd4954fd0c3b92fc684233c94ae243b76a5afdc8b0db7ac86eaf8130816"
-                + "669894029251eacfbd64136731e9d006d4855b1a2680125e9c9bbac4258f9bfdd258f644"
-                + "4dbee77f36173cb6b4d08328ae508db5ae0b6a4b90c5706a43e2be102c8c32df13b2a78a"
-                + "82aa13c55eb3f58ddbe8a24fbf516e37dca7e0a680e164df2863b86881ebc395e0b4aa33"
-                + "6ed120d152bbd871be4b8e434295a5e6cb5d5bd042dc4f79a05ef542063bd8b197dae8f9"
-                + "6c39866de9adc64a8db0b0931ba86bd9ff751b41d03d7e79b2f6f80ee8e8fe9fbe0758ad"
-                + "490f300b514ef76a1f8602570f26edee892f5f205aa871bb7c7067be9367497d5888f9ca"
-                + "15306307ee240b63009784615e1573b736d2def4a91c12c5c7316cfcd5686f0f7e20e5c5"
-                + "b7059ddf249b7559d2864725256306685af995e8ff21ef78bda2bd16c19609acda9eeb4c"
-                + "6e3bb9cd73e34ff92aaa40109bbc90775da570b6577c3679d1a430f386a452abef2f9269"
-                + "4b31b77ddf232256367d0ad26d0d426696e076f4d67501438b696416c138240a0c57ce53"
-                + "5a287f879e9b6ac67edd52860cdf832fc45606d2c9444c5af6172205b2b1da08959adccf"
-                + "dcacbcbd474cf229c2f7acf7f2da5aab63356f2556fbbf3ffae8547eb2c385c996bf068b"
-                + "16344d86ebca18ff672ac1703e310f1115829325406d14da7fe2fe5056dff725804b3717"
-                + "2112ee85ab2d9a213ea3f71199de065c8022f3791d25efe5dbb90e68ba96068e67b572e6"
-                + "70ddcf4dca637c6c1d154d9d70d7a0bddcef10ed93de3ddb41e9dac9f408a6e789723c37"
-                + "c92da2ae806c37e98c7fd203e7aec27669c818a06965ef0b227a157853bce6bd6e5cfcfd"
-                + "fdd1d0122946e7f354eb0ed7dce445cd7daaa5217ef572f3e8b599529873054dda889c46"
-                + "24ebfcef0020e14d5bc2de536efd4f58270cc87792ec9feedf1f241427b60015f4cbdf89"
-                + "5d9577c3e6be45c5a72f25d342ad5276bed7a48cd04e194eb54e2cb2ec31d426aef2280b"
-                + "f411e823ca0e4a693d6c9ec3c1c46d82372a4cdedc2e2ff1e78c3458be8c9595e991ccff"
-                + "4feb85c45f41891edc54b457f45fee6a7a0330ac02b16debe81c4c99bcc72aeb8df92cc3"
-                + "bba209eb0242370aa0696fbfbff86927957cbc1d6d526fbc9840be74ce06ff3750a015b4"
-                + "9efe63736639643a58822a6f8b54ecaf66472d0301ac2dbd3d0ce21d24deef38607ab050"
-                + "0a4b004e5a7487568a2319fa2c22ee15e12acdff138d5df76aab7631f1c02b7f24e2dfed"
-                + "28d66ae700bc146105297b8a1bf7c4261e6d82e302508a36daaaea4f59c41dd75855eb77"
-                + "8bc3317e962ff61c6a70c7f80c2b061f97460738df784aad958100af7d76a9557d79797b"
-                + "fc0682b9d1d45e184f8998814e60ba4acbf440a9cecb5a05c282c97ee832024f14ba723c"
-                + "e9193ca76ee354509db4868a09669cbaa9d08ff6724b14123a1817f7609284f0f376da3c"
-                + "1cafa88145589f7992d6d4ad9eb188bf8dc0487dfcf7228fbecaeac4c9c755540c614059"
-                + "35ca5f7f08aaa17b371449eb10da179ccb6c08272ea3cf1bab572da9e1120147644172a4"
-                + "31f8e674d6cc65aeeae428c9ab911543b898291a46de834b652ca69e35556ab15d40bc33"
-                + "de89d8abd3c1be242510c3e92338822d010cb9208c2c197cfb1fa2aa6b60f6eec89ce403"
-                + "f7fe1fca7a368286cfcc25e3684027531265f48ed228424b4dc5126011ee41a5b978c89f"
-                + "7577d717cad1e7651a87e775c0439c90a53d61163c5aa887e0ebd6e8307a1f3fc91be72f"
-                + "850d5ea24b0d100b4055e097e4a80b782f8e8fb031db34534ba2e836a9d4daa3effcbab3"
-                + "c4026941bd8c8efb38997d764807d57f2caf89638a9dd8648e37120cec0677ca78cac779"
-                + "b29830311b4e4a81e3064fdefe17d789ad7b5893378e7fad9922c4353fe2cc812715a266"
-                + "35e071a5fe767f0842697177a6ec7e5b8d1ed9542e338f70916e86687f5d9fab6242449d"
-                + "e0804adb299492e34f6a7320ba4c822c9e1e82cd0d79a21d6e51513d0ca1893fe7099601"
-                + "922c4c12d491b506e8b95a94aba747c65723a4b8c2e827b2871cfc653a532448424297d2"
-                + "5d986309315020ea74e5febce670dc548f77d3ab970e907ff86dc33621a70193bcba0918"
-                + "1896f5db10e0891113a5545d5b49e325d84aa33a5d04243c5a88fa5f85283359ae599c53"
-                + "8becf5204c5d665ccebf2925ab951797c870e63d2c22d58ed9b5eb51cd0ea0758a61e15f"
-                + "52c6b846e91b022518928f11556b14cf2bce9da84d2b9913ed15a6b05775270d23f52d4c"
-                + "e480091f63d42a169fee253087e60621fc2f1af3a89834bab301ef40cc8a4d62233dab31"
-                + "6608b1781fe97efde3476af76921ab63a12472a2617d1ff461eada9fc75ba87638904fc6"
-                + "e9616fed729f8c19a11f14064a51107f9338be66d35d8171f53a9bc53b2677302a44f1a1"
-                + "ab3bfc04246e4d1640f4bafeec55e7c0521fae3615881c3913b03f32c99e94a58629d0e5"
-                + "62f4658cac16a3b2ee819baa40008811a07e4557e1cd8ed0aabf8a94c80025dbab95604a"
-                + "bff4a27164af2d1f0bf88536d8c2ef02f18ee813f3bd459f611a26f9b10551cfb5c09f72"
-                + "0c719329234e5ff041bb1863cacfad06ff2c3963a002e9d5946cdf92ae79755f6eb2e41d"
-                + "8e8ba85bd3a17ee24b7aa611c190f380026a7f7d6d0e98cfafdf023dd31d035e8f2bfff5"
-                + "4efad2fd1de6418072a5bafd06cd55225c11c2518fec70827e5bb81bc0d8ec192fb13d2a"
-                + "807ed5028e85a3ee3981326c0ea8e66305acefc1d6765b1961be992fc4f1e9388fc86cc4"
-                + "fabe4491b0958ff7c93da8fcbf5946bad3e7a4142cff3f3b5dc769037738770f08618a60"
-                + "b8d8d555384e2df4055a1a30e0d8f93cdde2457262d0289037108dffd28d76690f7cd831"
-                + "4074f8cb98b1dfdaadde0d37b1a2dede04605e4128c4de14b7861de1fb8c9d80b7dcf6a8"
-                + "ef7c2aa2db0946d089ef214e6e8da688e37087ca98a5aaf66995d994be6012a54deaead8"
-                + "c50a0c813dab15fed0d505d4844b8e8697a59ab8919eb3a54a8e6e56300919b2c95bf3f0"
-                + "c03044bde1d3177495ac1c9f6804a8628210468d5d3ea6fa639c8e6a452cb6febd7b8d61"
-                + "7120a25adf5c0b5027b63c51f38c251474bfd331705f23f2bf44b44312b434ed34f66ee5"
-                + "4095d68cb1bc34dc1e23b12fe9cfdb3a1489e0a3c49f92a2f6f47d61eb6b6105c55f75a8"
-                + "c2f646d2bde2a5ad13e28e8cb8e85b988ec9ef0039103b7ce0c876d5139b856c2f7bb09c"
-                + "af363db8023ab0042c64edc1b820eceb38d87487bd397d81a24a5c4b066975239dea6a97"
-                + "fcfaf2f661dd7de656d0ea1bf1e5ca2c7e99775fb423d11f7407ff2dd8c67d22bae19004"
-                + "68c23b8328e041e9e1bb83c529b8b72302410e820c3bdc480d0d0d528f1537fb0164093a"
-                + "46813f93432e0448fd2fe8d787dd2d096fee902617e2052fb4af92f70fb7835b52b62fbf"
-                + "b619b595fbac2aac969e47369bd442864357a58345656b4ed300fa69af64807fadb2cbaa"
-                + "627c2aff56be53ed60b455c66b52a56ebe109f9e4786d766e8b1d776a2cc1b6000712aca"
-                + "2a7819258b6a33141cd9d6b7f351a599c58b15cef7c082df74fd990e4db16b3aef88c0f7"
-                + "e0e0a951c3cec94dcc35a3bdc63cc76091f54deae10e1c2add64f492f229d2e9ec4cdcf4"
-                + "a81b2135caeae4d24bcd32d99154eb062b2321c21c219e53fddf91064e355795c30dce99"
-                + "a8c3541274538eacd3d7d5d78d7100a288b1169aca16c8b7f7af30ef8f1f86f029f7608c"
-                + "fa45fba7dd985b5a04702a9c4dae69083e80aee0a7a7137b191fa91ba00d876470fdf38b"
-                + "b93125ad7fb033dbab4e5aba8331668e4ef5ef5e66496dd6bd455a9867a323ffd9e15544"
-                + "f6de22881a0840f99cc561badd78e3c93e43f77f1446666df42c5302523a154c0f3d9141"
-                + "e0680b7cdc0d6ca1797218d37a24dd4b91fa46f28eb69b943be42e08363055ab7cb36b04"
-                + "d5968a806828aea2e4c42cbc896f372f8391bdb5c559d48d5214d40874e631fad28fdbac"
-                + "c62c66c1502086f2880bfd3082a7a9e80cffc0d662b409992755c3ff6e8e1ebebea1539b"
-                + "ec4f97e04d579558868d95029221d5ea68546d99a41b371372090b2877a8b62d171d25bf"
-                + "8e38b0a9a089fac89496294a8542198d67836112a2",
-            "0c89414abfb71950a59e162325388b50a78a43e1341f141cb6e15916f061021ce78e5823"
-                + "44b598dcff947725bd924a69e4e36a9698be91d950da538317972cd7c9ad6ae9a6a5c006"
-                + "70ced74d83b226aff0fc73cc25f3302ed178bd05cad5c7573cbcc427351ec5c32b1f65cb"
-                + "18b70361547f3fc2a347c934eaf9e53760d2a11bf4b96f9716a8a5582f057e70faa453f4"
-                + "39cabdd77adb5733733f577168199a3eb7bc0ee3cd9cba4bd93cdf7ceb1c626ecbfcc7d2"
-                + "012d1801486c45f2ae09a60055dac74dc2ba38e62b82a4f0037ee8af97dd9d24622c5703"
-                + "9c5553735277c716fe5aca875bf9a4c7af222eb2c69bc94f8d43890ea542b4c8fcbb714d"
-                + "e7625ee3a25bd90fb445feff1ccd30239d79bdc0ed554c4e04190ebdea7707014f931506"
-                + "5507ed045647bd00e21654cc3d96efa5d3e3d1850b50b6aeba7e69dddd66743dcea51731"
-                + "f69248ffa97e266f807caab52760a648bdd25390cfa8027290e6b629e3aad1a5d429a6e1"
-                + "23dbe8e40ce116ecfa044fd064c6cfb6d75b8eda2f9fd45c547300eba311510461d5a35b"
-                + "641b6643955631fd07aee48248d7969eac0ef904cf72ac0b997afa8a5eb9652c73707e9c"
-                + "6998a899e4a559d0b8f77013b4a05d357965c42034bfbb926cd40d210bf83253d01e2b64"
-                + "54811579ec21c1d9b4204fbaa6fc0dbbe3f5a8dc361bbe4cb080610459506564cd734f01"
-                + "9c21ef14239a8a7f33736422dd9389153ab21dfe11b1fcad12c206bd7b2d1aec6cf97a06"
-                + "42ec9985fc53580ddf2fd01e743ebb16c38e821b2c179767fbbaea1eb16ed783e51a91ff"
-                + "1bbeb0c94bce53fc2793dbc8c587951468e5404495851472ea5528ada4a87931dfbb84ea"
-                + "57f9a0ffb658689dc74006ba080b7e8470b5262f2e58c5cdc378341bff5a5734ba1c3ade"
-                + "a089d3d74561ff757aa1587cfba5ce7257602ec99713949e15c8f4b4a620f3aafd2887cf"
-                + "a88d486353b3179d5ecb1dcc57986479c3a25aeca56a6ecd4f94057b2724476bb3afb447"
-                + "b9294d4171b52a4fe4decfe393df5faf401713fe2f12e5ac3f2abeb9a4ee829801eb65e2"
-                + "6c5c126cef16dd59fd670691db271a21c8b1207ce41ef26bf58c66517435ade6980ff6ea"
-                + "c73d1c5a25669afa21e30ecab43cacfd4a1fe7af058527d0722ac33b10216c96087bd284"
-                + "2446efe4055447dc3fdd1ea217ded44ba1ba81babc9783014bc95ac934344bbacb9639bc"
-                + "6cc5dc791a81ad9c1f8dee4ff1c108cd6796f64db6db160cf9fb5c5dba2de9f1f996e82c"
-                + "2d26c4c51ddc6c935a901415e2914f77ca352b877da29488abd2f9ad2ac50db50af5048a"
-                + "2135b359f285647e334e1dfea06884be93418e3e983b3e8b3f3b04247294f71ba7222577"
-                + "fc1f37c9bba01e1cc203f04a34ab0863c92b5c8070796babe791b027f14b5a1f0a9fae39"
-                + "380862a7c16856b2b5df2cab4c3de2107dd40d8db697a5b4bc123e9df20222befa9fc8c5"
-                + "91c33c8256b15cfdd54eebda108bee0eeecc7a0d6a20c620e250d5a74e007d5b40ac0519"
-                + "731bb319af0b22921c32c53bcae5c876d34d739e91c7be6b92b2affda082a9283c65173e"
-                + "1ee202853899bdde9830f660064792ded789a4b3c3781d695c5a286dc2d53ae86f8c33bf"
-                + "153f75d87b472acbe51426f5973dcf80a5562ea8e04fd795e98856aee72e165fbde09723"
-                + "6134acb53b300d7351536dd99c39000ef48ed79cd5993b36beaae946e32f719c7cc125cc"
-                + "6ddbc4198ef51a9d5d4c611aa60c5f62cfb3e819459bac21d62e1b683c0e3e2503b4b446"
-                + "5274bac9856a3534826fbf5d4b308c36a5093c0cbe8b54140765cd0337eb809611a09a46"
-                + "00a945a64eef5d2803b9944ed45c4f339741ed23e6ef4993ceef813a7e6ad7d151d95d1c"
-                + "dcd78bcb7cd5dc5f678a7c534df8cedcaf2d77857c84c9af63e7d539d0dc968582e45bc4"
-                + "c29252d1a33940dd73625b27b11997c872b07b5e8eccdb9f5db7d810f7dc34be8036f2a6"
-                + "b5c3a0f10632f4aaa2bb3e6e609f0e4ab9101237783a5d2138d9a0545c6ab847627d2f8e"
-                + "bd9d33e498e9f74c01877f93ccaa591436a61ea804ed464e6acecd2667edd3452ea0141c"
-                + "0142080ccd4d76700a7e46f20277166421549293c404e7c17707d27ba36fb964eb9863a9"
-                + "8316ccf9811c5239ecb65f3b213a3762e1c2f8d52532ea506cd3673ee9188fe844ebd8ca"
-                + "9e53da1eff8e8a6db01bb528cc44aa42850928b33ea463071c2782ac9798d1f5835249ee"
-                + "8f0b8d30c7394bd65fb59de8dff5e03da92d8ec4a41621789a8a01b9494e74eaa4313a68"
-                + "e67218e056678c73041579e3a981e2145bc27ce5ff529cdc5cd39b5740c5978b58507d8a"
-                + "b23ea40af4d4ac338cfe5f8b3bda61711d5502dce06f78acf52d062bd1cd59492e5f8a8b"
-                + "07a84dae1d81c0e0616a1009a5d42c32f99060a5728d901e505e19901422cb4b1f6e4626"
-                + "986f88d0bc2e3b1650139680adf068896b8f552a3d6c1a59070700702adaae1c62d94ffa"
-                + "5a67c6705cbbcc41eacd0cd4dc1d15042ab82fae19d89e6d67bf3421245ce81ef38b0f92"
-                + "db8116a8aa8612493e6d93e9fae4ebfadbef5332daadc80c9a46d58ed73ccdcad756d77c"
-                + "c73c32b1a0977fed2c264c09cac0efb454ef840a9a31a0606aa7db40f555c6631f6b0101"
-                + "9c274a5e035817fc6a46002c0d1be9ef692c67279e16fd07c780b37d3046e433b1edab22"
-                + "c35e80af9293912c8f5dab5c017f8494f6493b287e9bca60734cc7ce14cfe6b9594c1925"
-                + "06f6e7f055cd590c30a672e1337fdaf884bdfb081c3259c7f6571795a830bb567f66920f"
-                + "c18cea16b2e5c2fb655c6716b1dde9d1e23e49b60ae52ec7ad9ff805024f4fde50cfb35a"
-                + "652cff1285efbf4d83e0bcbe4addbeb89edae7aff1643477e5f722db76badadeaef4c68b"
-                + "e7b5527f9ad89faf0415164fa8b93d62ac00bd082ffa96a88764cd7dc077beae8a909fcd"
-                + "e9436a66acb8c3d0eaffb1d94396373fcc47c162fc7ddaf3e42c26258a0a771839a6c18b"
-                + "afef9f2759f7db0475568759a9de77af9cdb05bc86ed4952bd96b0ca2219d3588490aefa"
-                + "11cf1d13ec91ef65c2756c7cab038755ef7571a6c396596b3676e62fc35d9d336dfb10de"
-                + "120b730f5e668ea7fa9ab309702f0030d0436282667f9f2b4fb849088b139e035728c3bb"
-                + "ba3e613731974cb831aa3dba10773ba2743b2ac300cb53794bcee7f7576b976a580c70d8"
-                + "438a1eaa413986d58a66c5d218cfe63baacf9cbcb7c8ee96479719a57833e0451fef26c3"
-                + "9466333d6e0903e92c2c0ff2edf3ff9327532efd768f13962a42ed1394af185518d4da0d"
-                + "11c5ec362579da97c2c977608e327b72c312c3f5c44b28432ac26b97a3b897e2de036b63"
-                + "48ae702a8fbdc73aa4a5c85d7ded66aa866c0bf4fa524b92d2d55242b9c0fc7fa768df35"
-                + "f5bbf845c8b27ce68235569fabe4a48e5c6d52b05cd4fda34346fa3780ddfba41ca86572"
-                + "5db2f38ecbcc9e43a219018b7a0cafed83b547b29f158f35a8bedbbb5a8ed10d7d4216c8"
-                + "0313fd21a15ec411c65cc9d3d0220448f0b933e427156ba1a28913b49ac83bfd9d67d43f"
-                + "a773ac64da6edf60d8906eb64a05f67d0a40b3b3f48b699f14cad3835df5db59688ab1f7"
-                + "985d125947a36786dbd41c760331b9d2c2cf77a905a926cff0b541d98da7e1062821d7d2"
-                + "3b5df14c1f9b548dd3bfe70c0dd975cb6c67d5adefc9ff1bdf41d469116d9efd7a43e513"
-                + "d46a49fb6d0353274cc8529205a11e8add837359b0e5bacc9ad3aa1bb56d352fb114bb22"
-                + "dd121ef7b20dcc6ff7124771c116d6fbe109415bec3b935df48a516ff8b4c96dd69b6b1c"
-                + "566731939f47a67db17735d746ae7f5ff6b82f9355452c79e3de14fd17cfd8b897415696"
-                + "4b0667b236a2f6f6f6a518f8ffe8752276f85e8de2aaa644cd5f0b8dffb459bc2d4294ee"
-                + "24229467740290affd67f199c4300e70482967d40886b83c2dc29496c789b5e1da8d9e2d"
-                + "3fdd24af5d4b98f2e6525129816229d55126f1d3a495f67ed8acb447ebbc9aa07765e35b"
-                + "ac3b87fa8ba9cddab6fe6e25d01798c62d3f92047a82fde74fed4ddc8f871bdcfc28d8b9"
-                + "5375c09d1e57713a543209b3fabe509f31edd5a9677807c38aedfa5912610cee503baf94"
-                + "1e6866182a64700f165211648e358c5db2fe7a3803e08990c00aa048ec1cd36eb1b23cfd"
-                + "7b118e2b07cee67404f24ca5bcbc84aa11fe404a79525aad49751cca531f1254ce18dc5a"
-                + "d677e046e976d695ac10fe3097489f47a375ab6054e3bb0c5f3f47d84664dd0840f6ea8e"
-                + "41dbff2efb1c8b4cb61ce5d5e7e43906714dc3cb1fb420359f2c52cc7d91d13d612f44f6"
-                + "e7f16362722f8314bbd60ea984c0088e5dbb74144097a7e4ed05b0b58efd733f26e55799"
-                + "d401191016e57a486d19ba2076f4a53c6d21c953e1d1b130e2112066fe7fd38972f3f2ad"
-                + "c440bbdcd2252b9da46cacae4ce750775d6cdfc070a398cf3664dc11f28d149ee76d1dc8"
-                + "95e509cc292bcc4820667cc5bf650b5b34476cf765f3eac2a2809199dc2e0aa9b25f8c35"
-                + "880a169ca9ed155eb5cf162fafe24cb5f7f8bdb4c882f061ce7e75e491612d50c178017b"
-                + "bf5d86b23d07d5f21457530fe1fdb8498d96ab1b45528139fa3af5b7711bf69bc1caecf5"
-                + "a9f99a73d6eabcbb3088c0918720b809dc706fa26985a1496afd35b46216bddb9febb556"
-                + "d9c342e54a742d3f2db7a46813561e3c1b0672ba54f616617cade548442dffe1cb583406"
-                + "9f652e047303ddd7285a30238b521df26129ba696638781c1100e2d1ff73f32b3de3c7d2"
-                + "efa4968e7d1cddc6dec9b1a79f80c77832ffe4e015bcb905b8a196ba8bc7e97b2f6f6711"
-                + "c25ec582cb43f7ea8363e7788e173bc8ea9ad7daa5e9d6bb823862534f081195ef9b2d6a"
-                + "f95f8d6823fc7c00536b789573b2859d613a1bcf4c1ed4fb40d9e645ad561d92d37432a8"
-                + "6c0978036dc74052ad4e70b71d3ee520d30fcadb021641336795e61389ba2505e43aa923"
-                + "3ee78877c9de5a620f0edd5f5d6841763b062eb56ad6d0ffef4e704f625c91d0320c58a4"
-                + "1da815525c9b9a8b47046cb909677f87bdb67fd2dda2aa0539a1a333919a58ebb91daa89"
-                + "e2c6605d16a04bec8cec4868e4c6ed466388fd13cd8dc09728ff957e6a84bdcda7e1acb9"
-                + "017a1c0e6fc02fd497d4aa64dae91a4cbba3f471e534a6e33a58401055c46bf5f17898c3"
-                + "f34b65d6a208e5e872e8cfe4c1dd2e399efca08b846b41fa802c35f1c0ef975859129b21"
-                + "65ee7bb38dd9f823fbd4aa40e807d144a9e0a9d3adeddb18d0f8a0da7a14c113715f165e"
-                + "88f69cf7902de907146c4c9e5049fef6bed6c00234e0c2066807b64a76c893463e90aa04"
-                + "b32a41a1191af74825e24adeecae3f4ec2ed1193b502390b66ecfbdce9f3c00364674a87"
-                + "23a8ed673e702da16cbecb80c017c43a7f71378f9171c5f251ca4247d0aae131a2f51d06"
-                + "ae51b743b72752b1505215614c6534a7e241e0963e9b88a3cbab6ad05e2295668355fc6a"
-                + "aa8caec4d880841651e440fd2b8c18e1acafc82204f194790ebe5d5da9b4f63e330912c0"
-                + "c1794d04b37338373787f3a144288181be492279122f1efcd157f91e74615bbfeaa74bb5"
-                + "69a9dae0dc8dbd11ac012678b90cdc9f345e8a9d048d4758a4a4b8bc5389d6cee437d240"
-                + "219d0bc7a0d95c229704584d32fa8f3829f9fa4bfc06fa4e1fdffc8848ef9ca999468ff7"
-                + "044ef20859c38edc70f343b97264789f3ef0ca36bb614a6496d6b943a1a818288994677c"
-                + "b58712618204d72ec5eeb810bf4e4574b17c49823d91d7cc4586493adee7e424082bf3b0"
-                + "81b6583a58adc9d04359d54904e6b443e82ec13c8705c2e557af7ae6daf9201c0201725d"
-                + "c2ca00548fcf4dd3985eabb7175f982b2eddc997550c6f2ec7d98f8776778bb094cc5271"
-                + "cd3960cd39163bf31c5aec1949491aa0c2cdfb98145802640db5ba5b7a825d8905203bd2"
-                + "e8cf8f4bf9cdb90d6b1ef4dba071aa39907431e00ea382bf5c89e5086dcfdc78f70b7c86"
-                + "fe7fca175f589e9be2f92bdc48caac63ebbda83f09120f09e0c23391e7e7d5776a93d9a7"
-                + "e3395c97840c00999bae61133683832494792296b2aa00be848317c69a7fc4bd7b2bd06e"
-                + "1b95f174ed62fba6e89482a62776b82d5174351b2a70f862fc7b44ff18bba52e76bf50f4"
-                + "9a33433333828154209c05671a8589006adb258a4578a8205662c225fb75124912f7b435"
-                + "5ec14bff14174f644d20d9715f82bdb36928e837191ef586f3090b2877a8b62d171d25bf"
-                + "8e38b0a9a089fac89496294a8542198d67836112a2",
-            "0da714e82f54dfd7f6c178572d168289c560985042e67c45781d7e940aa1a33f47902d63"
-                + "013c6536ae47023e86bcde904f9aaa901c57dba3621a06357d5e6a3c65f88a1d681aa8bc"
-                + "75416a9be5d1e478f6c8268172110c1dae6c6821f4bc3b36e907aab3fbc16e01ef6671df"
-                + "f82e84e76985a0ea7e25ec890edbb1813ca87bfa61a002548741d792691957e43e774b81"
-                + "41ef9602caf775cc5be87c9abe6aa6fd8a7b83d7a13b3635076b13099b822c4b4b7caef5"
-                + "3a800ad740ea93f1f8d06842d8c0b7158714d4369ebdba995ce1c7d45fca8bdf8b6e7a6c"
-                + "b0efd228a5689c99c01f90a9edecad9409975594b65c0404da45c18d18be04a61a87cfb1"
-                + "ae1c0b6d4be10024a0f6d5c75ca06f0b9b15a582abb52ab8b347dc8d7b2222f93bef0f07"
-                + "608905cf8c25080f613a8e20c5fe9daace2d06b7db380d5cf6b94663960743d5c88cb039"
-                + "b71278fd08795da93cb474e8a9a20406ff1792ae569395e409647cbc5629fc88f2b1ba15"
-                + "cf4fe0e1864b2bc095868b92960b3496d903c5add506278d85138d6b11a27c19c7506c74"
-                + "b1c8fa6796867413c37c90386fa91e50fbc73e7f6bf4b22248d679d6187607fd4ab227c9"
-                + "5c783091f4165e35a425e8e076cdcc8986f5c6756f9d96bd9a17b3f89256069d6dcd9943"
-                + "ca28ffa6bc60f96190437b7e2b39977ab8ce858cb138bb4ea763edf76281d0614ceba6fa"
-                + "ccd4f5a5301d2edfb9074b28d73d929aef9bd6cbed546cb06e9ed31e4f998329378a80a7"
-                + "71f6c0aad2fe68ca974c2f09e89d837f1062454b957f02ca15ffaec5eb0b45194ec03dcb"
-                + "92a9b75f26a9ff0dc99d98c3d5107c2b07fb858c4c9ef3207c63bfc73da979182fef927e"
-                + "d234d04de03716ff60743d00b16cc1255b35e46224ec0ae6e2a78ac72165247d26c1afe2"
-                + "959a741d9023e8dfe738be95c0f9d1bf0cf80f9a2d1e4b2756ca44d5d751b522450b22bc"
-                + "a9b5a6b1d14a58e69b16d5a2e074bb0e5787bd7a9d21532b3c8c8256c9cba44d4ab159d7"
-                + "756d1e49b184f2ac032df5350013cc37e931dec91ecafad2a202a8aa7850b306b1177e94"
-                + "f30b65c8f0cac8fbf05d9389b07ffa222328922ad9e9318fd1dfe03ec37d57da7ade4bf4"
-                + "3007534e9d3616eef5e1393a6c7a42108eb019c0e706a2839b86f013b72ccc833ed93777"
-                + "d0f1bf70fa2a02d2b52e11391226836e15c62302b7582b3702111375ccb7b775407f1e53"
-                + "df3c877ea97668c07f415d024092cf3ad7d59dbcab565165d3e2027cdf180b8ee006449f"
-                + "4bae1397b2e7565e6de14bd79a75ee69d1d4b814d92e8eb3e17bca30ce2e7a04f1b1d15d"
-                + "7b3d8beb79fdd2bc97637910c3f8052a68339bc01a1507cf6a29585d86605ba57ddf1d56"
-                + "fb0764a68c6f8b6a88198aa6a9064a826bcfd0fa61e3c9721b19c68ae1ef17bc2f0d7c4e"
-                + "39d176de97bcdaeead1ef5f1fd74e70df110c7d845ce225ec148e60a1f2e54a7e5b2aaa2"
-                + "e0d9048f993ebbc8b1d8720e9e24826b58fd073b11d28f8bde2f883fed8ce609738fa68d"
-                + "68cee4c8ba94c2460dce24aeb32b373ff875f6a34745d65d8fbe9e843af826c0b7015bed"
-                + "00ed6bc45f97f2f511f96d664f7d852f26bd7a4cf9436bd723a5db23191c8c70ece261cb"
-                + "26b73d4087b8b51dd3b6e97370a009f89924b0c369ce69a57456c7aadac0d4a4053f97b1"
-                + "829a902be22a9ae7dbfd8347220b34b1d1b4625a3eb5af1d6cbd69068293c236fb28c659"
-                + "39afbd755b937ce0b732e49c02872710c037508b097cdf6ea90ce9c1d8626232ad444374"
-                + "519534db2b333fc8aa107f0b269bee8f7a7f78a60ee95c97398e7e3abd13eed9a9c3b6c2"
-                + "eeb2a5a29c53f911fb1c67b7c57b33da087ca760aea1325bef7fa2f20f7bcfea67b8ffce"
-                + "f60f7de082497a0a52b3e56814d666162eb2df2771e47d8adb1b6d376d7b6dfd47f84fc3"
-                + "803808a9eb048aba65f461275ce23ca5aa3550e366d4d12826ceeaf72edc549c2959f611"
-                + "029b95eda6b5af1c3d8f6158170f238082423f72513ed672d78831470aa681626615d0ae"
-                + "6da78251ea96e03206889f5d8f74bb71491d357117704e71b2111fb51992c3832176736d"
-                + "8c5b31dce9fc452d7c6d78b407b7c6b2b145b273c805365099447cceca2be4cda3b67e9a"
-                + "e3926f636a9b356e945b653e02c86d64c40246e635e033926724d0d709558a2e1cff8887"
-                + "b5a3382493658aadf7ccb2a09143bc320670836e08125b44780d5c90220201f5bf7042d6"
-                + "8c4affa00ea8a6db3314b0db60d25ca5cf69e23fa890c0bc770a9320fc2288c775cc6ff2"
-                + "59b8ce45fdea8aa1e4e1d57cc1396035fad1f3159209133dfbebf47207ab25a8f33655b0"
-                + "9178596e30235947dcccbff2f6a56a1fe7179d7ae76aebebfc9c7880e602ed92e166ea5a"
-                + "1fe623cfb5351cc8a911cefe676a638457ee40380941e82a44c0fc93b124e366425ab315"
-                + "c7fdcd056c335cedc1003571d8dab54ccd2d5a83c4c3afd9c4a0e04ffd021f236fbc42fb"
-                + "b1b229b2ceed70db9c47f1e9c01973bb37e068a46a58538eddfad948dc189cc203e1afd6"
-                + "71b1c024841f24c9c78a78c3a2635b8289cfb7f46500bec7927e59db76751ab53a845a5e"
-                + "9e0309ac376158cec3a9cd5c9856d30006b17bd58924eb287eea2e74d5e4a6465412f906"
-                + "bf70e0b0e37aa6351ce9d9894070417b554d188ad7072efde03ff7102d31f6cd3ba7215f"
-                + "006f87c346144e3ef2283a1377eb60d648c1fdeaf5726a6f0d93ab7129b1f56c7c4fae65"
-                + "a281aa4452907b08fdf2fae131a34d215dbdaf60e1ee5be13af4c194a1eff4f17ce1aab6"
-                + "f6f9494a050302c30734efa6744c3c92e53da53e414befccd66997eb20e34c6e561beeac"
-                + "9788adf6d3565d69df1ec7294067ce85962ea4f5a21d7c298354fc723b90fe4737635cee"
-                + "f13a2cf985c7ce2bbc2a737ca426bdd24533b9fca54274928c312ac79982267e02f3a11e"
-                + "53487934fcca2d6d1222037087d11082e5e2f86da3929235bee95fc6a19364784164bc14"
-                + "87bea1dec2b34a2a9fffa842983690c53eb11ec2ee330111af072625f92532f50a8c3bca"
-                + "b9f05173e059b01658030d76f285299b9acb7bf48452d347dfbb6c60a28d0f34a475c247"
-                + "80ed4ee656ba8ac4c3947667c12f0030d0436282667f9f2b4fb849088b139e035728c3bb"
-                + "ba3e613731974cb831aa3dba10773ba2743b2ac300cb53794bcee7f7576b976a580c70d8"
-                + "438a1eaa413986d58a66c5d218cfe63baacf9cbcb7c8ee96479719a57833e0451fef26c3"
-                + "9466333d6e0903e92c2c0ff2edf3ff9327532efd768f13962a42ed1394af185518d4da0d"
-                + "11c5ec362579da97c2c977608e327b72c312c3f5c44b28432ac26b97a3b897e2de036b63"
-                + "48ae702a8fbdc73aa4a5c85d7ded66aa866c0bf4fa524b92d2d55242b9c0fc7fa768df35"
-                + "f5bbf845c8b27ce68235569fabe4a48e5c6d52b05cd4fda34346fa3780ddfba41ca86572"
-                + "5db2f38ecbcc9e43a219018b7a0cafed83b547b29f158f35a8bedbbb5a8ed10d7d4216c8"
-                + "0313fd21a15ec411c65cc9d3d0220448f0b933e427156ba1a28913b49ac83bfd9d67d43f"
-                + "a773ac64da6edf60d8906eb64a05f67d0a40b3b3f48b699f14cad3835df5db59688ab1f7"
-                + "985d125947a36786dbd41c760331b9d2c2cf77a905a926cff0b541d98da7e1062821d7d2"
-                + "3b5df14c1f9b548dd3bfe70c0dd975cb6c67d5adefc9ff1bdf41d469116d9efd7a43e513"
-                + "d46a49fb6d0353274cc8529205a11e8add837359b0e5bacc9ad3aa1bb56d352fb114bb22"
-                + "dd121ef7b20dcc6ff7124771c116d6fbe109415bec3b935df48a516ff8b4c96dd69b6b1c"
-                + "566731939f47a67db17735d746ae7f5ff6b82f9355452c79e3de14fd17cfd8b897415696"
-                + "4b0667b236a2f6f6f6a518f8ffe8752276f85e8de2aaa644cd5f0b8dffb459bc2d4294ee"
-                + "24229467740290affd67f199c4300e70482967d40886b83c2dc29496c789b5e1da8d9e2d"
-                + "3fdd24af5d4b98f2e6525129816229d55126f1d3a495f67ed8acb447ebbc9aa07765e35b"
-                + "ac3b87fa8ba9cddab6fe6e25d01798c62d3f92047a82fde74fed4ddc8f871bdcfc28d8b9"
-                + "5375c09d1e57713a543209b3fabe509f31edd5a9677807c38aedfa5912610cee503baf94"
-                + "1e6866182a64700f165211648e358c5db2fe7a3803e08990c00aa048ec1cd36eb1b23cfd"
-                + "7b118e2b07cee67404f24ca5bcbc84aa11fe404a79525aad49751cca531f1254ce18dc5a"
-                + "d677e046e976d695ac10fe3097489f47a375ab6054e3bb0c5f3f47d84664dd0840f6ea8e"
-                + "41dbff2efb1c8b4cb61ce5d5e7e43906714dc3cb1fb420359f2c52cc7d91d13d612f44f6"
-                + "e7f16362722f8314bbd60ea984c0088e5dbb74144097a7e4ed05b0b58efd733f26e55799"
-                + "d401191016e57a486d19ba2076f4a53c6d21c953e1d1b130e2112066fe7fd38972f3f2ad"
-                + "c440bbdcd2252b9da46cacae4ce750775d6cdfc070a398cf3664dc11f28d149ee76d1dc8"
-                + "95e509cc292bcc4820667cc5bf650b5b34476cf765f3eac2a2809199dc2e0aa9b25f8c35"
-                + "880a169ca9ed155eb5cf162fafe24cb5f7f8bdb4c882f061ce7e75e491612d50c178017b"
-                + "bf5d86b23d07d5f21457530fe1fdb8498d96ab1b45528139fa3af5b7711bf69bc1caecf5"
-                + "a9f99a73d6eabcbb3088c0918720b809dc706fa26985a1496afd35b46216bddb9febb556"
-                + "d9c342e54a742d3f2db7a46813561e3c1b0672ba54f616617cade548442dffe1cb583406"
-                + "9f652e047303ddd7285a30238b521df26129ba696638781c1100e2d1ff73f32b3de3c7d2"
-                + "efa4968e7d1cddc6dec9b1a79f80c77832ffe4e015bcb905b8a196ba8bc7e97b2f6f6711"
-                + "c25ec582cb43f7ea8363e7788e173bc8ea9ad7daa5e9d6bb823862534f081195ef9b2d6a"
-                + "f95f8d6823fc7c00536b789573b2859d613a1bcf4c1ed4fb40d9e645ad561d92d37432a8"
-                + "6c0978036dc74052ad4e70b71d3ee520d30fcadb021641336795e61389ba2505e43aa923"
-                + "3ee78877c9de5a620f0edd5f5d6841763b062eb56ad6d0ffef4e704f625c91d0320c58a4"
-                + "1da815525c9b9a8b47046cb909677f87bdb67fd2dda2aa0539a1a333919a58ebb91daa89"
-                + "e2c6605d16a04bec8cec4868e4c6ed466388fd13cd8dc09728ff957e6a84bdcda7e1acb9"
-                + "017a1c0e6fc02fd497d4aa64dae91a4cbba3f471e534a6e33a58401055c46bf5f17898c3"
-                + "f34b65d6a208e5e872e8cfe4c1dd2e399efca08b846b41fa802c35f1c0ef975859129b21"
-                + "65ee7bb38dd9f823fbd4aa40e807d144a9e0a9d3adeddb18d0f8a0da7a14c113715f165e"
-                + "88f69cf7902de907146c4c9e5049fef6bed6c00234e0c2066807b64a76c893463e90aa04"
-                + "b32a41a1191af74825e24adeecae3f4ec2ed1193b502390b66ecfbdce9f3c00364674a87"
-                + "23a8ed673e702da16cbecb80c017c43a7f71378f9171c5f251ca4247d0aae131a2f51d06"
-                + "ae51b743b72752b1505215614c6534a7e241e0963e9b88a3cbab6ad05e2295668355fc6a"
-                + "aa8caec4d880841651e440fd2b8c18e1acafc82204f194790ebe5d5da9b4f63e330912c0"
-                + "c1794d04b37338373787f3a144288181be492279122f1efcd157f91e74615bbfeaa74bb5"
-                + "69a9dae0dc8dbd11ac012678b90cdc9f345e8a9d048d4758a4a4b8bc5389d6cee437d240"
-                + "219d0bc7a0d95c229704584d32fa8f3829f9fa4bfc06fa4e1fdffc8848ef9ca999468ff7"
-                + "044ef20859c38edc70f343b97264789f3ef0ca36bb614a6496d6b943a1a818288994677c"
-                + "b58712618204d72ec5eeb810bf4e4574b17c49823d91d7cc4586493adee7e424082bf3b0"
-                + "81b6583a58adc9d04359d54904e6b443e82ec13c8705c2e557af7ae6daf9201c0201725d"
-                + "c2ca00548fcf4dd3985eabb7175f982b2eddc997550c6f2ec7d98f8776778bb094cc5271"
-                + "cd3960cd39163bf31c5aec1949491aa0c2cdfb98145802640db5ba5b7a825d8905203bd2"
-                + "e8cf8f4bf9cdb90d6b1ef4dba071aa39907431e00ea382bf5c89e5086dcfdc78f70b7c86"
-                + "fe7fca175f589e9be2f92bdc48caac63ebbda83f09120f09e0c23391e7e7d5776a93d9a7"
-                + "e3395c97840c00999bae61133683832494792296b2aa00be848317c69a7fc4bd7b2bd06e"
-                + "1b95f174ed62fba6e89482a62776b82d5174351b2a70f862fc7b44ff18bba52e76bf50f4"
-                + "9a33433333828154209c05671a8589006adb258a4578a8205662c225fb75124912f7b435"
-                + "5ec14bff14174f644d20d9715f82bdb36928e837191ef586f3090b2877a8b62d171d25bf"
-                + "8e38b0a9a089fac89496294a8542198d67836112a2",
-            "0e8fc52c68779f742a04ba2effbdbf8a5033169921b204d3518907e5e8ce7b051b8279db"
-                + "ef079b1a2414a978211d00ddb8cdd0335dc54090f23da05a4f0ae84bd0631f4394a22ff8"
-                + "5d1381493676890f4afd8ab2c36ac63d55319b6dfd9ba54e58180be85e2ec5165524d807"
-                + "9fca088968db3a34e608dff56467bd9f720bc44cf2871247c0ed88b45a8ffe895cf00c1a"
-                + "5c397d6b1c7acccd1419cbbec3545b2215507e29228c3621657abfa32984f3bd1edb451e"
-                + "2fb41147cc7737eca098a8bbe748a625cd334dc99d56c2d69a2f0d9d1573f6753408d16b"
-                + "88dc8a84a1e68107aabfd8fc994bca9585811a1d5e8b9c83727fd7efecf4c643436d2932"
-                + "4db9e29802fb67e6597ae76459bf7ad7bc30179c9694a57ef693e1a01864929e69070e11"
-                + "f5d32a81f12a58fd24097bab1f32b308b63779e44c180654da74fecdeee57a66777d5c36"
-                + "19bcb1f01c8e87f6d46ccadaa159bc8074e33dd1c4467febc6ca84de82e94eb4a2a9f5c6"
-                + "ec739084be66ba08ac8606eccbb238489c5ec4403f3c18fb53ba63d55a976decfb5a68c6"
-                + "bba89488b100ded7fefbc1a022498e1d5a00808dd13ea4562bc17c3337103e1528db0efe"
-                + "480d56d10423d5f1f484b9ce1579a77a6194d9c4174d7d04bf54853f1d0ba101fc5ddf6d"
-                + "e4f5143c02348e61be28f27e492f9ed00c58fa66d437b2ac651cbcb23d6692cd0c0afa0c"
-                + "fb2e7837ee5fdb2ef1956a3b79ed80c603e565e38a77686dd9430ff9024d1c63b0723983"
-                + "5a87a6038e51eb9a394ea48d9529e66008034eab069e62fe6e54cd06bc0c0132c1d99e9c"
-                + "b7f1399181f777a60f749310ce4795e54039ae0f393cbe7bfe37e41cb4de14d9def7847f"
-                + "fc1e24b565384c508aa9311f61b6b4aff4d5d64bb3856026998dffc286a799ff146381db"
-                + "72d5f240c9e7c26da94b015b331b8a0a039082b46cb9adc30ce29ca68ef3687d00057740"
-                + "af97169febdb45f45f77e2566c915f9543db3f6456e632371231c9d6948404837e58d3b9"
-                + "f6919d12153286fd9dd26587c0963c7a712547a1f326c8cdba3108e3887877a6c39db2bb"
-                + "3a20e27052a9481efb0b3bb4f5296be74e942a7ce6ecd83fcd0fddecbd641344af647e20"
-                + "9fb4745d600607a21fb42ed9941fc49b4d321f478e96a0b4fa2246a0815ab6ffabe6b740"
-                + "8358a874ec66cc7def2125529fbb53fb23cc78b6c021d9c3ae3e32816b6377b4c5a72285"
-                + "910ea4dfa041886bdc2cd3151a53bfa23701f1dbccf3a4690a2e4f921387793fed895f42"
-                + "bfcf958748abdb87f27cea9b211589ae04ef19e173493be44a49178a19bf1d86737eecb8"
-                + "450ceb10130c25e84dffe681b66c6f3f5bde01873f5236d4d4abe16368d0a4753847a25e"
-                + "5d48e0d3ba4ce3d6ea05f70e8afda8e4ea4cd107fedfdb4332c116b58f7d69ec8c08a0a1"
-                + "0d01bf49b1b60f0190382261daeb53a035282658e61988e94fd5cbbe15503294ba04f947"
-                + "665edba644f6485a89d0f3863b1b2db482c95142a4dc58a14dd1d77c2a24c9f60e3a7213"
-                + "71580be29ce7e4816d496a1a4da2cf18ba66d372c714a7230038bf05cbc77a9815ed63b3"
-                + "dc4263e01246ab6898cd451ecf143d32d3a546ff905ea5d80e54ced07ef2b267ba5cb536"
-                + "216c5fcf2d4aca39bdb0c94733392dfe080eb87796d0ba8b4e690c452e794dab735829f1"
-                + "4e9ad1520357bca717ec4b15d40b317fdde40fe28fc543761419e10c4b665987f232d1b9"
-                + "c78cd84cbcb95bcb7731639ad9e847df26abfd921bb320121a5f31c683a9e6466a9cffdf"
-                + "7661f3b0c788dac5c4823d20ea9c80494f2cf2de198dea0caa1b3bd2b3cf85052a6892f8"
-                + "dd55329cf075df23f139112520ce6555a489b2a273cd7ad40ee31d344007df6888bcf87f"
-                + "966f04b50bb6a32c6b521b2163bedc55d42b12c9b9bd9a3b7882bb78fc9681f788ff5bb6"
-                + "c7abac783f154a42a3bc87afe43947407e4f9303529cebea2cb87ec78898966dbe665951"
-                + "edbbbb2edb2db9237eba9b028e9fbc6146d1d38bc9ba5731647ce67317e5c205c8de3375"
-                + "fced28932066ed6203c6d37e5db2d352be54950f71b5a569c3358dbd864e50d89f676fe6"
-                + "650897df51633b65d93840aa71e568cceaaa815f94475bd80b74c9c3426a033b6582b426"
-                + "8bcb247bf22a6b76faa60e2d0593fbbeff4d6917982c847bb209922aab9a04b20d329c60"
-                + "a26cf2d09d6a83ffab185a58152eff499bbe60a1c617193f2cae87fcd30cf8804e84b14f"
-                + "9699ad7f160b96c3a9e59898317feab31524009d6ba03e2f4834b1aba841fed06455e4bd"
-                + "d397de41b4164207a50dc00096116ccd43318a40362b602007a840c69c33f7ca989fb823"
-                + "11b8b40e363a59b01857d3dcc30f5df29633c9bc5dbc0b379a20857c3f53ce51205bd3a4"
-                + "e662b8ebcf280ebb40747e7925b6f75a477dd9c8005f65324dfdcafc94b0e898f40ebe34"
-                + "7120ff447a0f1b60becc621120b3db00c172bf39b55cbd477b010580a155d623f2e31a55"
-                + "d61aab9e355b65917198a7167c4240f78241c5f5dee52d27f04ae236052ad1eb26a25452"
-                + "7226aa671b0144c804166f70f9a0cffde31503555ac5164ed9157b16552fd175e9dbf075"
-                + "2801a4fc4566e6f798dd3a0644c64b54bc299fbec19f2e7309a4d95a7abf3bee247e34ce"
-                + "64154e67a032eea406108790a72468480711ab4ca74d264ae7057bb3136eac69ad8c6313"
-                + "62fdd2bb9665d0d05959a0bee5716ffa8254182e95fa6402397d54dfbdbbe6ad0e477419"
-                + "ac96d3a02e92e8ae368410948fad6886915e68c144ab004c314abde7925a972a518e53e6"
-                + "a331aa8e8e0b686b6606a3bf68ba818095a8c528178f9d550916ba283c577ec36654f03a"
-                + "989015b4df73865d1a8a89c6403d8b4e88e39bdde7a36d0ff80be19bf0ed431a93796d28"
-                + "1180fd8851524e39ac512f00846955922a17665f5f6c713d3862a5a65d843fb412c08005"
-                + "08e23a92d49abfebe2c8a4f593bb4373047b46105430dbcd329b294e258eacb4bb453ae1"
-                + "ea937f17da097000cfa38461bcf363c60cac09f7ed374d427909e5d3e699fc1a20705bfb"
-                + "65c82414b0c624e1fa3e24a288e53b7fa31e842ac7ed1525144747ca737fd05256c39c2a"
-                + "349d6f6e45c0feca1cea47d9c51aee2513e2dd53597593a7cb7483192177d7854778d249"
-                + "b181ecd72cfccc0dddaa3dba10773ba2743b2ac300cb53794bcee7f7576b976a580c70d8"
-                + "438a1eaa413986d58a66c5d218cfe63baacf9cbcb7c8ee96479719a57833e0451fef26c3"
-                + "9466333d6e0903e92c2c0ff2edf3ff9327532efd768f13962a42ed1394af185518d4da0d"
-                + "11c5ec362579da97c2c977608e327b72c312c3f5c44b28432ac26b97a3b897e2de036b63"
-                + "48ae702a8fbdc73aa4a5c85d7ded66aa866c0bf4fa524b92d2d55242b9c0fc7fa768df35"
-                + "f5bbf845c8b27ce68235569fabe4a48e5c6d52b05cd4fda34346fa3780ddfba41ca86572"
-                + "5db2f38ecbcc9e43a219018b7a0cafed83b547b29f158f35a8bedbbb5a8ed10d7d4216c8"
-                + "0313fd21a15ec411c65cc9d3d0220448f0b933e427156ba1a28913b49ac83bfd9d67d43f"
-                + "a773ac64da6edf60d8906eb64a05f67d0a40b3b3f48b699f14cad3835df5db59688ab1f7"
-                + "985d125947a36786dbd41c760331b9d2c2cf77a905a926cff0b541d98da7e1062821d7d2"
-                + "3b5df14c1f9b548dd3bfe70c0dd975cb6c67d5adefc9ff1bdf41d469116d9efd7a43e513"
-                + "d46a49fb6d0353274cc8529205a11e8add837359b0e5bacc9ad3aa1bb56d352fb114bb22"
-                + "dd121ef7b20dcc6ff7124771c116d6fbe109415bec3b935df48a516ff8b4c96dd69b6b1c"
-                + "566731939f47a67db17735d746ae7f5ff6b82f9355452c79e3de14fd17cfd8b897415696"
-                + "4b0667b236a2f6f6f6a518f8ffe8752276f85e8de2aaa644cd5f0b8dffb459bc2d4294ee"
-                + "24229467740290affd67f199c4300e70482967d40886b83c2dc29496c789b5e1da8d9e2d"
-                + "3fdd24af5d4b98f2e6525129816229d55126f1d3a495f67ed8acb447ebbc9aa07765e35b"
-                + "ac3b87fa8ba9cddab6fe6e25d01798c62d3f92047a82fde74fed4ddc8f871bdcfc28d8b9"
-                + "5375c09d1e57713a543209b3fabe509f31edd5a9677807c38aedfa5912610cee503baf94"
-                + "1e6866182a64700f165211648e358c5db2fe7a3803e08990c00aa048ec1cd36eb1b23cfd"
-                + "7b118e2b07cee67404f24ca5bcbc84aa11fe404a79525aad49751cca531f1254ce18dc5a"
-                + "d677e046e976d695ac10fe3097489f47a375ab6054e3bb0c5f3f47d84664dd0840f6ea8e"
-                + "41dbff2efb1c8b4cb61ce5d5e7e43906714dc3cb1fb420359f2c52cc7d91d13d612f44f6"
-                + "e7f16362722f8314bbd60ea984c0088e5dbb74144097a7e4ed05b0b58efd733f26e55799"
-                + "d401191016e57a486d19ba2076f4a53c6d21c953e1d1b130e2112066fe7fd38972f3f2ad"
-                + "c440bbdcd2252b9da46cacae4ce750775d6cdfc070a398cf3664dc11f28d149ee76d1dc8"
-                + "95e509cc292bcc4820667cc5bf650b5b34476cf765f3eac2a2809199dc2e0aa9b25f8c35"
-                + "880a169ca9ed155eb5cf162fafe24cb5f7f8bdb4c882f061ce7e75e491612d50c178017b"
-                + "bf5d86b23d07d5f21457530fe1fdb8498d96ab1b45528139fa3af5b7711bf69bc1caecf5"
-                + "a9f99a73d6eabcbb3088c0918720b809dc706fa26985a1496afd35b46216bddb9febb556"
-                + "d9c342e54a742d3f2db7a46813561e3c1b0672ba54f616617cade548442dffe1cb583406"
-                + "9f652e047303ddd7285a30238b521df26129ba696638781c1100e2d1ff73f32b3de3c7d2"
-                + "efa4968e7d1cddc6dec9b1a79f80c77832ffe4e015bcb905b8a196ba8bc7e97b2f6f6711"
-                + "c25ec582cb43f7ea8363e7788e173bc8ea9ad7daa5e9d6bb823862534f081195ef9b2d6a"
-                + "f95f8d6823fc7c00536b789573b2859d613a1bcf4c1ed4fb40d9e645ad561d92d37432a8"
-                + "6c0978036dc74052ad4e70b71d3ee520d30fcadb021641336795e61389ba2505e43aa923"
-                + "3ee78877c9de5a620f0edd5f5d6841763b062eb56ad6d0ffef4e704f625c91d0320c58a4"
-                + "1da815525c9b9a8b47046cb909677f87bdb67fd2dda2aa0539a1a333919a58ebb91daa89"
-                + "e2c6605d16a04bec8cec4868e4c6ed466388fd13cd8dc09728ff957e6a84bdcda7e1acb9"
-                + "017a1c0e6fc02fd497d4aa64dae91a4cbba3f471e534a6e33a58401055c46bf5f17898c3"
-                + "f34b65d6a208e5e872e8cfe4c1dd2e399efca08b846b41fa802c35f1c0ef975859129b21"
-                + "65ee7bb38dd9f823fbd4aa40e807d144a9e0a9d3adeddb18d0f8a0da7a14c113715f165e"
-                + "88f69cf7902de907146c4c9e5049fef6bed6c00234e0c2066807b64a76c893463e90aa04"
-                + "b32a41a1191af74825e24adeecae3f4ec2ed1193b502390b66ecfbdce9f3c00364674a87"
-                + "23a8ed673e702da16cbecb80c017c43a7f71378f9171c5f251ca4247d0aae131a2f51d06"
-                + "ae51b743b72752b1505215614c6534a7e241e0963e9b88a3cbab6ad05e2295668355fc6a"
-                + "aa8caec4d880841651e440fd2b8c18e1acafc82204f194790ebe5d5da9b4f63e330912c0"
-                + "c1794d04b37338373787f3a144288181be492279122f1efcd157f91e74615bbfeaa74bb5"
-                + "69a9dae0dc8dbd11ac012678b90cdc9f345e8a9d048d4758a4a4b8bc5389d6cee437d240"
-                + "219d0bc7a0d95c229704584d32fa8f3829f9fa4bfc06fa4e1fdffc8848ef9ca999468ff7"
-                + "044ef20859c38edc70f343b97264789f3ef0ca36bb614a6496d6b943a1a818288994677c"
-                + "b58712618204d72ec5eeb810bf4e4574b17c49823d91d7cc4586493adee7e424082bf3b0"
-                + "81b6583a58adc9d04359d54904e6b443e82ec13c8705c2e557af7ae6daf9201c0201725d"
-                + "c2ca00548fcf4dd3985eabb7175f982b2eddc997550c6f2ec7d98f8776778bb094cc5271"
-                + "cd3960cd39163bf31c5aec1949491aa0c2cdfb98145802640db5ba5b7a825d8905203bd2"
-                + "e8cf8f4bf9cdb90d6b1ef4dba071aa39907431e00ea382bf5c89e5086dcfdc78f70b7c86"
-                + "fe7fca175f589e9be2f92bdc48caac63ebbda83f09120f09e0c23391e7e7d5776a93d9a7"
-                + "e3395c97840c00999bae61133683832494792296b2aa00be848317c69a7fc4bd7b2bd06e"
-                + "1b95f174ed62fba6e89482a62776b82d5174351b2a70f862fc7b44ff18bba52e76bf50f4"
-                + "9a33433333828154209c05671a8589006adb258a4578a8205662c225fb75124912f7b435"
-                + "5ec14bff14174f644d20d9715f82bdb36928e837191ef586f3090b2877a8b62d171d25bf"
-                + "8e38b0a9a089fac89496294a8542198d67836112a2",
-            "0fcc0e7a5d3665e526f3bfa0c4f79a87d0345c71d81e75cdc41e9fdd0a0983810316e28d"
-                + "d113d90b6c648c1d77a0d01f950f3e318b7db7e9021de9ff06ef4cacbc6e3c411807afec"
-                + "a3e7b0984c1bc41573b41c374afa07825a322aadbd66ce4a87e408bc3d51408d1e1c6cca"
-                + "9bd368b2d4d918a07229b955868fc688ac447bd829a42673d263a05e53e8d171c67f5390"
-                + "037ccef9e7ecbf56b8c9ccf7a59efd65c8c5daabc94701720b52dfeb34126485d61caa52"
-                + "2c37a68e149e58c60add76e381f4e8e79805e56a5361fd7b584b1e0eb3cda8b3078854c3"
-                + "2b7c2a28f433dd0d2fb6cacd17dbe8dae7cca9128680f0d29215b3248af347deb24abac8"
-                + "6ed9f5246ff7a1f92a37162f7eeadb9c8f2c842a93557d02ce51401545b1581554dbf494"
-                + "e978c6f44ea2a8666cc0f6bccc9532de42ae349d97b4aecbfdfdb02f36825a4d194ca03c"
-                + "9518f912c833a858486dc4c0dc9ebdafa681cdd8255a0f66b7c2fc01e04ea5fc737ddc9c"
-                + "f638cf68f32a532177fa1e0d1738a3c9c1e275c82465725980c4a8428b2325b82f509072"
-                + "ef6b5a2e13cad3ea25638c04c542d970e0f89143923ceb51a1e3a20abd9f71a277a2786b"
-                + "6c4dea616fb5fbb739c8aabf8421c43fd77bd7c58765c72e564519919161293061c2aa58"
-                + "90b1a2e43dc24ea5847f8a12b278688176d01a22e9526c035b9e4c4ec58be5e3ea375d03"
-                + "3316f31cce55f476d19346b0cc4b8cfb6c661dab3f23db42d82e3130a62727ca9eb20ea8"
-                + "94e22ae51b9c08a1aaca0f842fadc71219b202101eda2fd1ad3ee39604b4dfa8b6b6b00c"
-                + "5999ee26c67e2611d718a8f8826585d762e76c106d257aeeb5168c9c666eb5b2063ce253"
-                + "8b60e660ccfd430462a802fcb1597dead1b176951fd09f56dc56cbdc0c2a66f1d8a10a7c"
-                + "2062d89062fef49c095f7466bcb1be2490d8349f50145693bd6a87c1007e3b8c8eaca21f"
-                + "5f7ef839cd663bd7fbc7d9a11920e2fd667e9409d965001ad7bab843bc4c935e86f063a5"
-                + "6b59c3f159b543733799fecf6d369b9a0ec0cb6607f0d708f430e9190b18495bc809cde6"
-                + "f1cc041d6abdcccb4ebc379d78c618660336d83bce7b1140700020b18a24adea40727668"
-                + "bd288247d5b1d983560b47000060a0584dea28e6ae8d28b8a8466f88a5dc47760534d3df"
-                + "b4ac27053f60dbaa6e81d5a93dbaff02078dcc27c2c43c198d5ccc7f32f734b48e7f8b45"
-                + "b5310810596f79f0931b08cb4af7a228ea8ce40a39d0ee4e76e5c083dfd10118ac130b76"
-                + "ecec80edce962e12a7d86beb61a75b32ca602a029618e2cdf09604a34330646c3f4e2691"
-                + "66b1f180d5b97d9202befcd00a1da60d4232b45e4c336e29fb9ce4e4c5389dc5e5ac2bea"
-                + "dc28bdb6d61fe3575517c80f589b599ed34edeb29e43d7960566f8896deb5f35ba109273"
-                + "4cfd6520d22704aef659f4e62c4e17977b1048940b57ca65985264013c611f357e8b9aaa"
-                + "57868e89403b62a86c7a9cb5319b496e8a92795684056e786d4af5a60456c1dcac8e9d77"
-                + "4a2657b9812934d813bf202660bfd1c4b7e753b1c8190edb2c040bc0991183c0cacb059a"
-                + "b1e641c50da895e4c0ea0fc5ced262d509db22e7844044b006bc0fa961127f58f157a8e4"
-                + "2e7d4d8308829ae7d95d1851e3c78f2e7058a726230510318789d62cf1a0c33d3c1f9031"
-                + "e0c8f17bc1a478c9d336a312c0e99f45e52451d9b93546907f354fc25b0ed5f72e9144f0"
-                + "6069577ca677377017b614326da2f4c7f1a7df04f61d67002facac2a60fec492996bab08"
-                + "ce9bedcb7d40812714d05f4514e6bf6fed3e2a050f3144eda1daf5e2b98e99b21264ada1"
-                + "2a7ac812ba904620345e32f64954bfd6eae0686c2080a2ec62b51c348505712c888226f1"
-                + "5a8d72044e8e8180bb145ba617c681ab08f0d6f67f1a46148735c165c34c8f64155ffb69"
-                + "5d030b4f4f25a403d8d87c8bb2986427e5d8037a2ccf52d3fc58cf4e87262a280c327c58"
-                + "470b597b655baba835da4a51be561704aaec675e55fbff770d694802c5f217cde7de5ec1"
-                + "ba3b3b03e6f2914ab2f2a98ab6d5801a05134ef6cacfeff7dc90f1d768012dd0ca67a4b1"
-                + "be06df19e0032e2fa8d99630ff935834519b823b0c91c6541b9396fe1ffb3152243249ca"
-                + "e0483e1ca5718ebc61f19aafeb8419fe8f75e267a2e3541ac00abaf05140c10cfdefb9ff"
-                + "bf8a045f0ec3494ad47e9dec2eb0031d299f07cf3d164fef3a2a9bd6d468ce9bd343bedf"
-                + "7d09a9bd7ed7aee8ffec01f4ce35d743f61833922c0fc71b1ade92cd4253bfddd04442f8"
-                + "6032aff76bde1936ff387fd5809141faa0c63ba71a7fc1aa7150ef55e645bce21a939a58"
-                + "1b62618dcda367ff9a0778277371ff592e19c4da4d4728ef726342b6209c81d7bbecbccc"
-                + "ef477f1b3169b2b5323d544b9649fb60cd6cb8380a7ad20562d2d7f0ee59919dc05f848f"
-                + "ba4e81b8b48b468896ebce44531612d993da9f42696ecda2a7171b8b6dbf39125517c8fc"
-                + "1f8dd9d04b313024fd9fe8de34d930d8119afbb47613c1d74ddc56ba57a75e85ab0a4618"
-                + "9f974ecb3bf09cf5f40be99824b37c37f449ffab05ea2b27e0b1519b0e165c522d50806d"
-                + "fcff884ba3042542874ef0428095b571081fb180719d9e2ff590380a15b9d8576650d2b5"
-                + "46cdd67b00324fa5dfa58d49168e2cc1939a491513d2735dac6252b18e6cf69db9f730dc"
-                + "02d7864d5a7e7a0b8934dae6cbf0f1e170f7bb7a9ea5f140c0310caf41d1925058aa86aa"
-                + "01d100a3326545bae9f6335d583fdc12ccbe378063893735ee585b50f238caa4dbb9eda3"
-                + "7d9eae5fe2a6dd62069dd13e6b2f68e0817648f8d728c53296c14d4d276b0ad7881e4eda"
-                + "43bd8c9b1aac952224c5164fd95225ff5e330cf722d4b457acd968c80e9dfec8d35f1671"
-                + "5d851d91674f3ea4c4ce02028975fd6a349b8345544409b3cfc676f44dd35d4179ec3e25"
-                + "222b91716c09aefacf65787c0c23dcc4da4ae5e1c4a4da82d0e2fa467f8bd75328256d6a"
-                + "256c0bc76d98fbd30fb27d3f423b2f006cdb35f64fb9f4edd76127c860c97ec250d2c4a8"
-                + "72e21b1f7b3286a8dc9282fbcbca45c877d13364742e3c49d378fde024816d4f2cf36f65"
-                + "50821d8f68fa8cf602a2ccaeef1aee2513e2dd53597593a7cb7483192177d7854778d249"
-                + "b181ecd72cfccc0dddaa3dba10773ba2743b2ac300cb53794bcee7f7576b976a580c70d8"
-                + "438a1eaa413986d58a66c5d218cfe63baacf9cbcb7c8ee96479719a57833e0451fef26c3"
-                + "9466333d6e0903e92c2c0ff2edf3ff9327532efd768f13962a42ed1394af185518d4da0d"
-                + "11c5ec362579da97c2c977608e327b72c312c3f5c44b28432ac26b97a3b897e2de036b63"
-                + "48ae702a8fbdc73aa4a5c85d7ded66aa866c0bf4fa524b92d2d55242b9c0fc7fa768df35"
-                + "f5bbf845c8b27ce68235569fabe4a48e5c6d52b05cd4fda34346fa3780ddfba41ca86572"
-                + "5db2f38ecbcc9e43a219018b7a0cafed83b547b29f158f35a8bedbbb5a8ed10d7d4216c8"
-                + "0313fd21a15ec411c65cc9d3d0220448f0b933e427156ba1a28913b49ac83bfd9d67d43f"
-                + "a773ac64da6edf60d8906eb64a05f67d0a40b3b3f48b699f14cad3835df5db59688ab1f7"
-                + "985d125947a36786dbd41c760331b9d2c2cf77a905a926cff0b541d98da7e1062821d7d2"
-                + "3b5df14c1f9b548dd3bfe70c0dd975cb6c67d5adefc9ff1bdf41d469116d9efd7a43e513"
-                + "d46a49fb6d0353274cc8529205a11e8add837359b0e5bacc9ad3aa1bb56d352fb114bb22"
-                + "dd121ef7b20dcc6ff7124771c116d6fbe109415bec3b935df48a516ff8b4c96dd69b6b1c"
-                + "566731939f47a67db17735d746ae7f5ff6b82f9355452c79e3de14fd17cfd8b897415696"
-                + "4b0667b236a2f6f6f6a518f8ffe8752276f85e8de2aaa644cd5f0b8dffb459bc2d4294ee"
-                + "24229467740290affd67f199c4300e70482967d40886b83c2dc29496c789b5e1da8d9e2d"
-                + "3fdd24af5d4b98f2e6525129816229d55126f1d3a495f67ed8acb447ebbc9aa07765e35b"
-                + "ac3b87fa8ba9cddab6fe6e25d01798c62d3f92047a82fde74fed4ddc8f871bdcfc28d8b9"
-                + "5375c09d1e57713a543209b3fabe509f31edd5a9677807c38aedfa5912610cee503baf94"
-                + "1e6866182a64700f165211648e358c5db2fe7a3803e08990c00aa048ec1cd36eb1b23cfd"
-                + "7b118e2b07cee67404f24ca5bcbc84aa11fe404a79525aad49751cca531f1254ce18dc5a"
-                + "d677e046e976d695ac10fe3097489f47a375ab6054e3bb0c5f3f47d84664dd0840f6ea8e"
-                + "41dbff2efb1c8b4cb61ce5d5e7e43906714dc3cb1fb420359f2c52cc7d91d13d612f44f6"
-                + "e7f16362722f8314bbd60ea984c0088e5dbb74144097a7e4ed05b0b58efd733f26e55799"
-                + "d401191016e57a486d19ba2076f4a53c6d21c953e1d1b130e2112066fe7fd38972f3f2ad"
-                + "c440bbdcd2252b9da46cacae4ce750775d6cdfc070a398cf3664dc11f28d149ee76d1dc8"
-                + "95e509cc292bcc4820667cc5bf650b5b34476cf765f3eac2a2809199dc2e0aa9b25f8c35"
-                + "880a169ca9ed155eb5cf162fafe24cb5f7f8bdb4c882f061ce7e75e491612d50c178017b"
-                + "bf5d86b23d07d5f21457530fe1fdb8498d96ab1b45528139fa3af5b7711bf69bc1caecf5"
-                + "a9f99a73d6eabcbb3088c0918720b809dc706fa26985a1496afd35b46216bddb9febb556"
-                + "d9c342e54a742d3f2db7a46813561e3c1b0672ba54f616617cade548442dffe1cb583406"
-                + "9f652e047303ddd7285a30238b521df26129ba696638781c1100e2d1ff73f32b3de3c7d2"
-                + "efa4968e7d1cddc6dec9b1a79f80c77832ffe4e015bcb905b8a196ba8bc7e97b2f6f6711"
-                + "c25ec582cb43f7ea8363e7788e173bc8ea9ad7daa5e9d6bb823862534f081195ef9b2d6a"
-                + "f95f8d6823fc7c00536b789573b2859d613a1bcf4c1ed4fb40d9e645ad561d92d37432a8"
-                + "6c0978036dc74052ad4e70b71d3ee520d30fcadb021641336795e61389ba2505e43aa923"
-                + "3ee78877c9de5a620f0edd5f5d6841763b062eb56ad6d0ffef4e704f625c91d0320c58a4"
-                + "1da815525c9b9a8b47046cb909677f87bdb67fd2dda2aa0539a1a333919a58ebb91daa89"
-                + "e2c6605d16a04bec8cec4868e4c6ed466388fd13cd8dc09728ff957e6a84bdcda7e1acb9"
-                + "017a1c0e6fc02fd497d4aa64dae91a4cbba3f471e534a6e33a58401055c46bf5f17898c3"
-                + "f34b65d6a208e5e872e8cfe4c1dd2e399efca08b846b41fa802c35f1c0ef975859129b21"
-                + "65ee7bb38dd9f823fbd4aa40e807d144a9e0a9d3adeddb18d0f8a0da7a14c113715f165e"
-                + "88f69cf7902de907146c4c9e5049fef6bed6c00234e0c2066807b64a76c893463e90aa04"
-                + "b32a41a1191af74825e24adeecae3f4ec2ed1193b502390b66ecfbdce9f3c00364674a87"
-                + "23a8ed673e702da16cbecb80c017c43a7f71378f9171c5f251ca4247d0aae131a2f51d06"
-                + "ae51b743b72752b1505215614c6534a7e241e0963e9b88a3cbab6ad05e2295668355fc6a"
-                + "aa8caec4d880841651e440fd2b8c18e1acafc82204f194790ebe5d5da9b4f63e330912c0"
-                + "c1794d04b37338373787f3a144288181be492279122f1efcd157f91e74615bbfeaa74bb5"
-                + "69a9dae0dc8dbd11ac012678b90cdc9f345e8a9d048d4758a4a4b8bc5389d6cee437d240"
-                + "219d0bc7a0d95c229704584d32fa8f3829f9fa4bfc06fa4e1fdffc8848ef9ca999468ff7"
-                + "044ef20859c38edc70f343b97264789f3ef0ca36bb614a6496d6b943a1a818288994677c"
-                + "b58712618204d72ec5eeb810bf4e4574b17c49823d91d7cc4586493adee7e424082bf3b0"
-                + "81b6583a58adc9d04359d54904e6b443e82ec13c8705c2e557af7ae6daf9201c0201725d"
-                + "c2ca00548fcf4dd3985eabb7175f982b2eddc997550c6f2ec7d98f8776778bb094cc5271"
-                + "cd3960cd39163bf31c5aec1949491aa0c2cdfb98145802640db5ba5b7a825d8905203bd2"
-                + "e8cf8f4bf9cdb90d6b1ef4dba071aa39907431e00ea382bf5c89e5086dcfdc78f70b7c86"
-                + "fe7fca175f589e9be2f92bdc48caac63ebbda83f09120f09e0c23391e7e7d5776a93d9a7"
-                + "e3395c97840c00999bae61133683832494792296b2aa00be848317c69a7fc4bd7b2bd06e"
-                + "1b95f174ed62fba6e89482a62776b82d5174351b2a70f862fc7b44ff18bba52e76bf50f4"
-                + "9a33433333828154209c05671a8589006adb258a4578a8205662c225fb75124912f7b435"
-                + "5ec14bff14174f644d20d9715f82bdb36928e837191ef586f3090b2877a8b62d171d25bf"
-                + "8e38b0a9a089fac89496294a8542198d67836112a2"
-        };
-        int height = 4;
-        int layers = 2;
-        XMSSMTParameters params = new XMSSMTParameters(height, layers, new SHA256Digest());
-        XMSSMT xmssMT = new XMSSMT(params, new NullPRNG());
-        xmssMT.generateKeys();
-        for (int i = 0; i < (1 << height); i++)
-        {
-            byte[] signature = xmssMT.sign(new byte[1024]);
-            assertEquals(signatures[i], Hex.toHexString(signature));
-        }
-        try
-        {
-            xmssMT.sign(new byte[1024]);
-            fail();
-        }
-        catch (Exception ex)
-        {
-        }
-    }
-
-    public void testSignSHA256Complete3()
-    {
-        final String[] signatures = {
-            "0006cf8ff0f024235b55d75057e926a8966475b49d7c6a2cb1b43ce9c6969683526e127f"
-                + "6d28c19102daafd5132d989b6c61bef63c5d3c1c163861be3aaed7cd10e9fc30a1db73ac"
-                + "242c475463d88708b7244abb2973d01c9e8bc326be9623431dbe546fbf9ff58adf2005ef"
-                + "c9ec3e8fdc978d12d6d82226b373fa4907e409b9152526f96e4cd1e74727dc48798061a3"
-                + "c79d399da7110f4026e78d5333969073fe47ae3f6b12ece2b4202ff407f210b2d052ff09"
-                + "ea3e71157f052af45242ad6a1ca0e51b62e1e78e5e764b75b4637e98476bf7f4a3555b8a"
-                + "8e63973e6b23f979816123c361f4e2b0b1f30870a54f387d9c60b17a3c5f448e7c149a4f"
-                + "1a2d7b0b16a7700b7b9ab9893ba914ce3226a82b9cd190e977d2dcb6b9b9aa7d4fc647c6"
-                + "0a75514bb7784752a21d3e12a9e77acbbe4c23bf10774c9a9f6cc77fcd214fd48bcc2fa4"
-                + "d6e2ee562a3aa1d07577cdbc4ca1465f4eeabae7f0272fd2df9ae0d14144dc8ed8e66a9e"
-                + "bc3176e607608dcf3cd533f007d17408608a33f2cfb183b4bf038ba68674f13fecf8b190"
-                + "3f5cc2b81e891d47876bb9b2b9289129463fb0522a500f7e6688a342a2aa4ebfe18ed13a"
-                + "81a3441bae2a200414ffdeea5b1ea39d8581f7e53b562ddbc8f99d4926840b01b00b6663"
-                + "ec58a55bc5cee700889a5b45535cc65181c6c126573d886cc618646adf9f3c192b05959e"
-                + "4ad1a5b8fc62d8a9dac0464e86a483f888e4fc2becfe85c1c5d8bb9bbc946d2f2919a604"
-                + "b7ab6aab1945cc32f3d7bc75d697c5f56ac2847261d2fe2419a4c3b722a67b66de61529e"
-                + "820d89f46dbf7bc8d09d9f0c580744cfd1c64fe06ebb73264c9fd5c943a730d905a8c016"
-                + "5b0dea4cc921f000e5108c52595c46cbc4fbdb8a5ccd8a9e36d62615c43c3acac4883f45"
-                + "12a4ac4348057d90813786f5056fc6fb907b24664f0c1a944d780908646643dd6be88ae6"
-                + "7f36789191d05763ed0906524576bc3b2f02520ad09b6dfc4fcc3350eb42f55015f227d1"
-                + "bd3ff0fbf1bc08887c552a7f933036d2ec94c00ed83b8e53e348c4bd6da3bdf50ef533c3"
-                + "3eeae8d95b1e61acf76ac196e1e9a7d6a7c629aaa3b60be502ebfc1f2c76a030125b3d08"
-                + "1a4c8535b40662083b83275b86af24db8428fa2e896dd264d1215f88bf3371048407e628"
-                + "f4ab27922a3f47e71182a4ab4e346d972d89bc4f4dd2cb9b5a7dbb543e04bb411d48d18e"
-                + "7628be0d8f0f8b0dce180b5d23cd023c044ae3b1614424a13a29f432886fc3d7f18726f5"
-                + "69411f7ba31db4f998249b0f90eb6333fac94d86284bdddfc90003fa29d8e1d4b210e981"
-                + "aee9045451bc71dbe18e6d71d3f66083434540de6fc8095982010937821879de16fc13cb"
-                + "7669c4777919ca8ce149c3f1f17dc4536a1a44768614286ba56ab61a94ddbc9834ad73de"
-                + "154a4561c6fa22f08c65eda9f2078afce06cae94ecd6e604df3350345749780aa3103580"
-                + "25ebaf11f0b78f08334d0ea7d9c3d8b06f1b37fb562cd23167a87b10fb4b2f3a76c13e04"
-                + "5c9e8585bce79f9c152c9ffa0d54a993a7133fad225d3fe5dc0f15a5c40112237b330c2c"
-                + "ac94116cadf29c7d7b5fa75901f151994d1956eacadee3845850a482900b7421ab712c64"
-                + "f7dfaebb68046008e459ef0b75bf7068703c58a9f8f8a0438d83683a2bc7e54861769b60"
-                + "b81f1b83f6ff2f2c92ee68a9cead253e3b38a99e064d05e6d89f5db101626e79872d9f72"
-                + "086502549fc9e290412ef3bfaab45db982f405c74c50269942935b02d4c2903876233294"
-                + "d2c49107db8516e6075ed21f6745a9724e0f87bcc68bb6c2da59d566b5d81364cfd2f569"
-                + "8e08a9d84cb5be62c2e3606d5cd3d3b2989e3102608f7247a73691e57031719a19e13d6b"
-                + "aa8a1614099f9609d37ff0e408053782cd0022cc200cd8f885e0fcf6e15dff56126f00c3"
-                + "42a0b6e00a82f3b3025d4a93523ef509bcb759ce64c5c95a90386c44f5ea34cfb1f98a48"
-                + "ea081f4c490916b2a90997be86038d060758874c6cb08d9c92f153c53b69c0f056d69a23"
-                + "2fd8e99d57b537483acd1268429fa18a17368937109508f783e6ceb302b973a2ce41caf0"
-                + "714b3feb11a0b900963a0707f950e7734dfd72c458a2bcaaf39ff6cb61b2ce44f76cbe8d"
-                + "2dc5f4ba6bd48eaa05479215cfd7315daf830b249e89821c73a93d3a1942466f1118fa55"
-                + "c91f682c0ab498bbeb0161be5cf5912bdade63a3ca1bc1774ff595fe76668bd5045fd7bb"
-                + "c8c2e8e10cea030226fae68c5c4e665a1fc72983942060f14dfd0cef924b08102518e677"
-                + "d93dd1184db84459e86dbab1a1e5da423c7a07afb2c65abdae44cd81aa0ac34c836cbdee"
-                + "fdae91e9ebd0577005fd31ddac5d79e50743df035754634930d233bdcab7e66c7ccbd9b8"
-                + "32388d02970b2c604618e04055df780e3ce0470e0783822e808cacf6be550e37a56a175d"
-                + "9872c7af8d2d79f614740fdcffe77bc8ccca1d1a521769d342110afd8680b2850e3e1984"
-                + "3c760965dd702af43fa6916f0b281d833497c4ce1569b85cc4c89a972721afaf111c6c45"
-                + "babd3876c61be5852c3874d6a1f36fca5a1ab95e180469b30a67e2a0ff832abc12a3cc6e"
-                + "91f6a459fbf54f0f06916addaa1ae07ea48205e98bac1fc0a58858c7f63ad04ff04e3c45"
-                + "c4c21d9f32b0e3eec7b0ca715ffeb9d6bc2e99c15bb8240dd6c3e2fefbe3ac285e8ebb44"
-                + "5363d0962768b4a7578bcf08cf2584f46d45202cfbc38c131ca7fb6c9528a21fc1446334"
-                + "9a7f71bdfe534aa2bf7d85fd2aa9531229791fd4e82ae43cbcab09997388e22906c47e0d"
-                + "c5c0b0f0f9478ce5d2f2e3938b76f4a3723c14a137257a89da6f00c7c0dd22155363e293"
-                + "a985a62bfc7e128340afe31e80dba1653ef1607b7a9e50b35070d354bf1cc507592efbe0"
-                + "0a42cb7f3f0ec5579e06e5f6aadf7f20ab2a6e65d60786cd0a20afb3d6909845f92d64e6"
-                + "adcd0be9c7ea610e6c85e04630d0449b14063fe8efc247a392d876344bddd416aacfc32a"
-                + "31c9bd688d8e2712f2e8e78cb38b163db158ea4eb9c9f45a29e7e7483fc6a23613dd2ee3"
-                + "2559863d45eb5954905ae83f57094eaff4a349896f6272430eead83bac308803c2b75eb8"
-                + "352e21f23e7ebd4212e102fed4f7cc4ee5760610346e0075c8f87e164a71831ddfc31f12"
-                + "f0f554bf393bc65654862eb2ad43b87a08a4146cab897d8dd6bf9d549d2a326e19043822"
-                + "cc59f29ef116c58500f098981f7d239b2f0ef9de9b30a77a01d56149f23dbac51f294807"
-                + "eb7f7bbe0cf7812f9918037fc8e460cf3489a39f5b5d62d2b3003ad7d3320b10c15b3d66"
-                + "2bfb4ebdbe464ba1b2a5d852ddb43a793eeb1ca0757648ec0c81e0d155e980d1e2f9bc40"
-                + "7c70b3580ffc9aca344b3075fbefa9c13e1148d4f9ef1c8d5bc08760d6bcb79035212adf"
-                + "2c89ad715b22bf80799f52a415125fb2e9b5fab1474ec7483b631612b4cb299ab96e1720"
-                + "2985fc908d3b09ac34a729092f6659b2fd0404a49cbf25a01fa872dcf5b17ec6c2d5396f"
-                + "c5637eb8531e40501c38f40b755fd7392ef18bed62ee240e6283d5285df28e4cc270cfe1"
-                + "9d3e257bdf04f730a6fc8615102400b8bc712322856a7891db403d759dd54c5dd8bed4bb"
-                + "9b7c34cb10c4ea08d0e6c1d946af90e755e33c9df0b81eb282f6896e2ae4c21d4d4e359f"
-                + "6382bc294975ca1de0666ae28ea24531f1414229c31e98aae2b46a43f52aee23551c268c"
-                + "f8655043e6ff8451b9c9a18a4d393bfe89b765e4d30e683ac1d3f76eb474fbd878a73b4f"
-                + "69178e20e88ada7c18c5e6e2e7e5439322ae704cfc9a5466d071e6faceff991b91414908"
-                + "299b6b7cb89706bb1aeb2e51fe53662489b8f2237c78ec6e894252309d1868bcec1e53cc"
-                + "06b9eb808fb04ca9b36b441c8479b92e9f3d6d1239fc194550f4ea12f88f13682c92a6c9"
-                + "46d5de07621c96d34bd928e4ab654ecc5f9a05ee20b94b7eb52633a91117715da1f73e40"
-                + "7b36492c0cd18608c4ca4cf222b934f324a6ad60db3a5dfea14d60cbbe5185e27f871ac9"
-                + "0168446aeb971caabe6e2392e721a919a0d6bb5e210f2ef40c36d5d67c23281587a80fc7"
-                + "c58f1c45b892d7c199de4d9b867be97933d273afed6a9bc7819595f4da24db116a09b676"
-                + "63f677778cfba1396332f863d4c20c3ae0e11df868dcaf088f4ba500317761ddae6509dc"
-                + "0e38111e2a2cc89f33a642bbb7f21987587b2644d9970c31b6abae949bcfeee26e30ddc6"
-                + "75311ebdbb2cacc3b1d7f36522b499c7aa345597be247dbdb2c9cb5d35b00f0b8068b9f4"
-                + "06b7df27720e1114f964a2d4068a4e2c3ac89e722735d909b2d21c8504525dd313e3e2ea"
-                + "e43ada4096f2074dd643f32ca1fe2632e079befdaa3bda951837532af047453fbd6a39de"
-                + "ed1899c226478c47cb28a4ebeab0f20281f9771300c0a00b08476343d714026e96d7cb38"
-                + "48be5d436072218bde7a58bd929d6be1db502662314063ae9c8568a46e147222aee8a369"
-                + "e66ecfa46a8e98811007943331f2ed3475853451dba43ddfe8cb76860e00508cc9cd765c"
-                + "8b05f95003f3636c3059ac8891ba40c298ed0f86c801a33a989981edc2770b3f6662f2c3"
-                + "2109e9b79a81aa8c1113d82c54f2e4a0fc5d93f1c65707aaaf8450974aa357ba48e75dd9"
-                + "80888f5a4be5f6f573bcb027667168a9ae0282d62886faebbea770cba91e523a8f67aca3"
-                + "a51494bcb10ab40e68c960c4d9136f9e486b0da9877cc522cb3d8d353464c3222dc0482b"
-                + "c2b4a5589abd4c7790e89b42bf875fc8068974e5022f73512a033a81d2653da9487c70ad"
-                + "998222314d8d7c5b42aee0a58390a0ca277403ed68c89d240bd40fd6672e0341bf12ca0c"
-                + "66bf149007b8957a5ecb5db3cdac641a951ceb4ad29e08ae6a9ecfe2b6476e0eda521421"
-                + "dbde9d89562ad9ac49e46e0389392821b4fbff0532a4503eebe0dfa1fae4c2bf3d02d9d5"
-                + "e25908484395a1d63cdbf534bd93d7cf2e0ed93105640bfdd1a8f2e7d7e19475c65c478b"
-                + "c29079e00d1df36b75e99dd4f45bf8d4bb5e5d2f07894d005c001d86ded5af7e6eb1d501"
-                + "f1bb03b765eae56717f1fc3a3b0a4680eef595cba1e7583c5132be5a09cc604903ad8b47"
-                + "27abe6881b927d3390db8be607e8865999e65347542f7716ee1a7d20043f8227683db3ae"
-                + "eb80cecb170fdd56edda4892e74169c96572c24b6107c1492b7361eb65edf7489521b452"
-                + "0a77215133902418caf4bf1226826d9413834a0d612e325d1ac0f4a460b34520d34daf57"
-                + "649d2864cc5ef375cf6f5793305902dfd9ae97252b8e127925e33861ebf70802d30e7251"
-                + "c06eab16972f59336444a758552fd60eb02b47e60bb2bb04d540f3e957444187e95b45e2"
-                + "ae60daf48f47ea8c33e263282356d8f79198dd14d69871d5606a8b4f86a6f2444fef29fb"
-                + "0be1d46a7807185a668c4981282e57ca0bfd40ebf678bd373e5a0a6f0295affd4b1274dd"
-                + "3cce34651e4de67c3615f69a9c215bf253e9bd53a6b43fad72b648c18b1c3c35b511ad12"
-                + "5ead54e82b44b9a1df815593fd9778c1177c3ecff27cd24d9cff9c94ba07a27ebea9d975"
-                + "bd58e51ff88c7c2bf89b4a1421a5c87bbfb85b8feff57e1c6e2d074fc6123cb3835cef32"
-                + "a629cec9daa1c12482e8e16da2e3a9fd63466be85e85d4507fe6840580ce1a6128a02950"
-                + "35bfe3e9c73f8908413480c8d5d040e11c94555e47bbcf369a2589297b993fc66b0394d6"
-                + "7e5362c348989a7c38d55c01d2a5375cc0dc3351371b931158a4695ca05aeb255d6d6907"
-                + "b8b60cc646ad8bfdbe5c538d3c088ece388f4ced4ce4604df03fe3b5299158a1d338a25b"
-                + "63598b17375969279685a7b45e576b1fa35d752eb801b97d8d5968d9079ca3a05c0f5847"
-                + "8debb8d39339e6b68710efdd7c1882424b2823a496478fd1c4fb1bb89bb186a70198282a"
-                + "d271c774f4385943e55ef87dd94b448a1efb92a2c5f6b8008fd6b270b2ed5888f78924fc"
-                + "5d4da86788d2123870210168a8a929151b255221edfb86d2c9abf28c269d897b025d702f"
-                + "a3d795d022cc519cf3b0cbca56a22b165f7ccbaf35a16e2ad9a15396c3eafbf970ac87c0"
-                + "6fb996a29b550ff58bcb0573ae39f79050c6a90ae21ff1561a557604aa328166eaa11987"
-                + "936da2276c7845800944605359793949af3479d5f3fa57c48a98e3925e324d8da3345478"
-                + "1e698c78070c1cb2306d04538591b308d3802f064fe9c5ab39d3df891c5b3397ef63c08a"
-                + "112ae23cd66779b7d12eafeb1236818d3cf92c01c8e4e2ea1e8e2c0480a7b2fe85c324c4"
-                + "869aa01b67a73204b8f0cbaadb040ed9dc55385c60d3dcd27ffe50373117a2e90185e2cd"
-                + "d4c636e705493ba1a31ccd162862510c0eced86a4c855db8438d59727705feb2533f6b4d"
-                + "520028d4d76fff9ffc3beca001547c5a60c2275f2cacf4c0cfb039579dfaf49c7b2641c5"
-                + "799576ce34d342535ee5fb0217eb2fa11e97497f0db7a370dfcf5f62af311eeb33711cfe"
-                + "bc494919332b30a705273d0e81affe2570e2d7fa60b7f8bee710f05fda3cf2f2b0ffe8cb"
-                + "0d58a8d0d7e3d0261052970b75d6cc1d359f631f4057506d80da72a7aacbbd2c4b459519"
-                + "7a04b000ee19968ba5330f09928d323e6ee9e79d29a5a782284ff77c0548e734836a3e26"
-                + "7d7f400ba036d2307f8046ee354c7e38ece1c56d287f97ff8e15b863098124a8db672fb3"
-                + "4d03d643985e792db059c186ba0d942dd9c8f07edee0fbc32a306a665d12fcf1604c64f8"
-                + "907cd11fbcb6b2b10aba8360487da02a36afb3394cda20a86831da07ad163903accd4f18"
-                + "7c04e8f7338d530e26b8900dc7498e2ca5e0a5a1c0ec5c3fb6e88add97b0494c050f8936"
-                + "c1e47556abefb089e47e4c52d5295494507a6c2986587362e0a38cef01abb5e1869b724d"
-                + "a3e4c663311bc7f8690fde3620846175d0bd8ca8b8b988ac5164534fecca9f27e23fc1d6"
-                + "9d01b7fc57a3607584318adeee92cdf84316662e8c44336a73fb034b2179e22bfed2be80"
-                + "38184520a30e3f957fe14a9094f02e2ffdeb2f957ad30cc76fd1d87e979bed9eae662bf9"
-                + "0f9402ea80103a4f0d443c1bf8b9c849bd2d8e926278ca480cf35f9c25d5ccf9b2de061b"
-                + "76f31e47e9e5dd94bc0d46e89b5a7d39eeff7c450f527fad774238b0555b1aaf3241f127"
-                + "adbbce858153e7a0c53054f0de415c9e9822f50d707cd54c3adafc517b6f83009b02c7fa"
-                + "f1b891467dbe41671a164d265122e9e77330e480292b1454b6b52ab209e4a69245d3f7b9"
-                + "1c2b2387368acf126f8e59dfa1d60a601b11c1f06f2b77b4a955cfc993938920584c8606"
-                + "7bce8a9e8c8820d45f2e74223b3f84586cac70e59848171b546b450227d68e802878f3c8"
-                + "b2abffb375b8ea6c3b5ef1cd6c93ff514664504d7c16e6c53b7b6377528d865581a63176"
-                + "d5e5748251f5e5876008d95aad25dd6d3420505a973b99ccb45b8318cc3b7fdfdc2b61c4"
-                + "6634b3eb9cbaca52cba4deea66480e72ab109ab9125c9084ae912770cda9a71d4e33e8fb"
-                + "af8ad2420dd751a71497bdef1bae3bf76ee27ac2d2654ff72a2d0a924de7f4aef3a5734d"
-                + "1c4dada0f9e4783a29a831299af80dfe1ef0387e9c268ecd25acc6c6dd3b1fa3f9d9b5de"
-                + "d2b9c4cd1835c2eebf659b87d91ea29ecfd35405463168b8227636365110eb3509394735"
-                + "f4ef9b97e8e724b463ef5478401ea9ea67cb66b14b2ecbdd77eb62bde4ed9f04a22d0e05"
-                + "d0b97151810724b0ede85ed777e149c6d4fee3d68cba3455fc8b4f0b52011b12c1f4d662"
-                + "417bbdd549c7beec11303559f656b9cbec18ff0960febba208a2b7d532197506e0c22882"
-                + "d7b63c0a3ea6d2501bfdbbc904b8a2e080685b8591348e5443942a1a7459c60e2a661d2e"
-                + "6b60e95e79d0b34e54e7346580775352a8342e7f8017d8082a0a124d8cc39dff4ba8ea67"
-                + "b5b80af215a6d9db612ee4f3864e309874d5f7623af92ac013144fff8f7f4dcf1ad1c4a3"
-                + "4c3a5507cf897f6df7a942bc1bd04bbd25793c68d25be9bc4bc170b15d0dba42f02ff2cf"
-                + "a4ad68a359cce4818e5d4a3199cc4b9bfb61de9c636e85f1553b895fd2fa25efa9aa2d48"
-                + "7004eb9a91a869085b3854ae7b08c1909d32d4609895482d64616c59dc2ad593646372cd"
-                + "83a0f836eb6e9cf9b0a6ceb8d585eb615f7e9910d5b551501c2041625f8ffc3ed84d89c0"
-                + "dd7a44e9fd95960cfb24041df762e494dfb3ea59f3da398051032cf7a4ed69c86340db40"
-                + "54b44248224bd4414d6321e5f62767a0b8e171f3aa93fb282712a226bdff9601529248f5"
-                + "f01d6cd849bce142ef25cdf9bbda6d7c41f9ea28c86f918e1884fc59cb249a1495c90b8b"
-                + "c80bf7e040544145c39f30d9929ce5af1eff90eaab34a6b403311e8dba9526ed62a2eff6"
-                + "2abfef405ebba921a3cfa227d7df759f291fc681696be8ccd751acea7d73c5a46c612dc2"
-                + "83598ad1f900a84426b22ded887f4d86894221eb08fbda9ac7e16117af2099427aa2a9c8"
-                + "0c5e257cceade53dd5263a82bb50b2c5ac2c7152d30a94a15013965083e5e6acea191bd9"
-                + "6305845d52748490e0d7b6f2021fd87d58c3cb0f98674633f2d1948cbcf26283f93d96e3"
-                + "d190dec4597cea0d901094152211e8bac1caea98399777a78d50b004dedcd9898a344b0f"
-                + "183bb92cd443ee23217d72ff2452322358fce49b933cebd7ae38738995ee717b6caf235d"
-                + "aa7e0fb142baf37ec671223bfc3cdf1c72033dfd99cf99bfd2f0d6bb036f238208933fc5"
-                + "cd15aeb2c368902e718d5d56dc838668af67e6a31558570ba94b7b0ad4996fc2ce020744"
-                + "615b6f8f54e4a9a8698b6c668a763429ad9ce67ae3564707cc67cdcf1a204eb1524e406a"
-                + "6b0322f31dff65b3c24be95f2a2a41a5374a0296df8bbf26f6c91f35bed4f3cca9360216"
-                + "1b85c6df668c6b3fb0b64856e7ed6b92dce7bbc22d113c47fb83d73a292574dcb83e485c"
-                + "9658cadbe9a5ffe3cf7bdad2cb8c2353f7cbd532afdc145418d8da7a120c4eb76b96dae4"
-                + "171ef38de5fc358c018e7ae5cb19114d561f0f8d8c694681835a00f24e6b96ee17018ef4"
-                + "c55a89a6c2e809f84e9ef44eda5b3fbaf555ac559f4bc2f4fdd15db78a71a2703e839149"
-                + "33c02fba48f662d7132f53c36bcf5e368e3c229f65185ade9fe3c7c22b35b9c2baf66a6d"
-                + "634ff38ff6323500b06b156dd979fa95069e04920ae4cfe3ebdf4a1e9989f2a05fa671f1"
-                + "aee8530aad437486955e8dd550dfa6d14581ec96a461e3c8dfd7e665a48055d75c9d18dd"
-                + "90e25f07b7da7655a00c7772a10cdc20971df1a40e717df3218915b482b4391be25346ec"
-                + "316fd383b073f3cbfc4cb8010d0bcbe46d40547114a965cde92378948d70ad0ad303d909"
-                + "996d3647076b0ab34f416eb0de2ff650e88fe262a89798e3b4a67800af38e9f4e9708aba"
-                + "2d8d1241814161a5ea8e8f5419f62d3e1cba998a1fd7e558900baf4884a621c26af5ee59"
-                + "6cb9912168a8cb7f794599c132a4f30ec650cf861df285e4ff09b6dbaef83283bac83a1e"
-                + "4d0e748f809c22b95f3ea77ebd158a43c5dfbb4d298975d4f80d7b2af65efbc7631de02e"
-                + "afc1bdd75c9c604322ed146f8da3d9a605b1e69ec0d22318ebfde140b1af07990c184346"
-                + "53fde6a6b3705db69abb161f9745c56281e7bb28f12f2d6e8936a64ebb9e6c7f8840475d"
-                + "850d216372ba1a3e024abd90a5fe81aec6e254c516e830b437f94f17b32552eb3b2e16d8"
-                + "c3973d349d7ee99d4b95118e1df2c6b583bebf64a2dcd7b4441b23b9023262f27479d8d4"
-                + "082b2f2f6f7d46e1a8a521a4a504f5f342b92406db51ff275f25b256fce44ee22d1c4389"
-                + "76e9fd64b9dc31c96b72483c22583ef2fc7a975133f0625f8dddf203d526d9380c46e4ad"
-                + "1d78808b5b767a628a78595db123676f094267e89d493294415ab339b8f510417bcca9ec"
-                + "8ac819a70c396a86e7589736179b7bf8f4a454162af1e8415a179be0fe91c30d9c32677c"
-                + "112b6ef56b69c87dcdef27c68f711d1c5fdc27f5e0a5b2f426753a946413bfa22df63abe"
-                + "f7e141e2d85e5c6ccee03931466455d498542179b52a19352cb5578b8a66210e1db37def"
-                + "d5b1c973d8dd91e2d996ad67e3e4df65495d6b250df29a4e17fd2ba03cb8d6e5c0b88a25"
-                + "978d921e88fe1f68cbba6fab401bc1e0d092b0cc05180afb6cef33a9202a4841bb089efe"
-                + "2384d926542fa3dc6eb8ef06aeee4373cf1d3eb62dbcc0a97dc4bab0a66396b8af938924"
-                + "ff416c6627c1dfc7b9917d5c7c0d23625d6e5c82b938b72b21329b2e89ea867fe10054e0"
-                + "1ee7c3692e796788d236af325020b3a24c4cdcc02762ad5e6ea70d5d6a1afb34137ba477"
-                + "a464cd13c033a8e493a613307b7ee5b2dd06912ec0a9a64d2d81ea4454773ce21d8eb419"
-                + "daf7686b12f13bf296f959c040cdc4c43a69a580679e61a503ae92ad8d3beb250c9731cd"
-                + "567c7b65ec13154d0b78e38e8c782262895c78f3293a0a1f88910c55fb45ecdd2e333bf1"
-                + "b08cc4e4e5ec856786b549eaebf7c8a56b8a0801cc12c785888b59459551276a5b5ee393"
-                + "2ef0801fd41a977cae1967d3c1e6f9d3b031b3cd01948eee0e11bb504b19b7b04968da9f"
-                + "2157ecced3f493fc0c0f5f22bce33e4b343ac849fcd9d90c133540079d743054f7e02111"
-                + "cc2ee9c239db904ec2d2e8371308163bd104b36fa4c8fab5d9e7845f87e73c8350387235"
-                + "b1b184a29fe6addbf3d33bacb79597a96ec68b2ad564ab631c58d2e613af2a3afc00692d"
-                + "9c2f6957e9e3713dc942c15162c85658443002dbc22fde900b1b610e4cc1c3c9be6e6230"
-                + "fa3e401f9fe2efc8c58e805ffbad01c28159211026e25e168b7eff128a6d0d4f22378521"
-                + "e3d2b71c936bba99436401ee53066a49a5897c1790f0648df0bbd724b00e28b70e925252"
-                + "8c2319a82a28e97c829c000afbeb414aa0121eac2928c1df2569eb887b97d0f8238c5041"
-                + "afcc539eac5cdf7c2bbd44995a11486d201780359010bdecd3de2eb7ef056e5a376d972e"
-                + "359fb835b10b3fbf44c965764f8ce1a1a0be53105c316e12ad635287122be7a9b96571bb"
-                + "84749178f0e30cbcbffac9998786424b231c1b83b6afe5e8d256678d019b700cf268b4b7"
-                + "80fa0c54de7d5c6d73aa631970e615a3640de59c7e05deb3b575ce031b07520a3cbc67bd"
-                + "f077ec8cafd5d1ee3fc327bf5650371de243dace406685c44f1c49726258927491b93fc7"
-                + "b6c5124414fd5f412448ea50cc9f5114d9eb029dc042bb414496c44ca41845b2d95013d4"
-                + "4bca0fe0e6206d0e996cfa2d55a2ec8c3812624581087518f524c243652a957be5831912"
-                + "5ac0f1df744bf3feeaf0e51242bf5888232d98fc8eb22fe4d4bf0afb7bb6088e7622a13a"
-                + "02c68dc99d85158a43ba8de8e14c4d2f3b7c7f7cfc5f2a2a2bb64117c917f3f47c8ea4cd"
-                + "ce442dc0f1e6434fce047103a5a2abcaed39f631ba9b939f064666b9a42037d9ccdbfaee"
-                + "2a84d01affcf8d1c1f6c6729cdd68da6c7fbdf21337d1a04b2b23353b3f0c471db3470f5"
-                + "cba3cb85804a414e0f47bf1959935ab7da803f70eefa76b8a52c9ce07da009da4eb3b6af"
-                + "ee77bc4661c4a84c0c433ad1dd3342fd09e5fe76d1e19f53ac72daa711f40259306ae6bc"
-                + "ce4d909f0673f8350c3b809c47cb34e40362185f78b0b1614d870872658c944e53e84fde"
-                + "3ea5fdcf649d7299cd74a108b89c3685135752932924a7e435af3bfe5b0c06f8c9173524"
-                + "c77ac95b83bade1a46d8b05f3b0ce3aefc97d6d80d9cf20f4c512cb9a535ca70266d7329"
-                + "3cc410e485f745680cecd5fc2f6ed427101a83bee570429775af27d9f10cdb789efe7647"
-                + "0425d5db1049952f7f09cd1bf0c4117446a49ffdc7baefa63500d44924a0d0d710834cc1"
-                + "2cf9839584d11884ea1e3695a82a3e4aab26e52433a6807ed9ff3183a629bfb66b0680cd"
-                + "2fc1a42cdbdb961c143b0a73838eb4f868d75eef5e1caf4d6537e713ede3bea66c400ec9"
-                + "2b13ac0fe873d1b6ce1e341f26ba63676fc8ad1dd685918d32da2fcb1a1c8d506bc33bc7"
-                + "1101dc63c5d1933c5010b4cdbcee468f78ad6df53fe0228b4a61e58d0e41d922f6b44371"
-                + "bfca2b0c733fbd41141636752c7e67f478fc59b8286f0edecd2a6418e876ad0e5ed79cc3"
-                + "2067798b19cbd6f886e27d3b454a4fb716d21b674ff67baf68653a86bb565d69c36dba6b"
-                + "c96c4b291f56931cf933a2e6e02438359669ddf5e9ec2f45f8d63bc12ebc4653e410614a"
-                + "1c75cb94fcce34a9436142c3d835948bb23244e7a78f8d88283a142abea4938d673e9e0d"
-                + "f348e5c65575095257e87d6491a9ef96458d698068c63620e4d6bc7042c8d43571d2b39d"
-                + "3e833b4db28c8aee0ac286ec3a372b9cba32f4f15d66ae625974cb7347a1dfddba2479f5"
-                + "eebcb95c8cb33aae8cad5f2a804288266cd766e1b1184fc31bd339a8d81f61c013674fa2"
-                + "7447c2bfcfd2fb6c8939e834f6e49063a9ad044eab87d3b9ca0ab5684de341b3edd450da"
-                + "0d6e9c2c635705535c8dcd022979f9517de188e7473155f2ba3c7e217f115661d56d7c86"
-                + "c3e490271c2f965803eeb76db142250b7a73691d238dd254954a32a2804e5c527998624d"
-                + "e030b746af16e8d2682bcccdc68e2d59aebd32901bd22353199ba3ad1b7c2504778aed55"
-                + "f9b5bcdc8cf218d3a6e19f9225e42b8e0935065aa49c831f4216742e201f16c62d2bd152"
-                + "8004d517956fda9dccaae3887179aaf65749151d36eecac985fa0310a61d815ab1b5cce3"
-                + "6756baaacff6151c8b428ea46a036511ba3db424922900f27b7a85715a17bf77d0807412"
-                + "b79dc7e22698aa1b615547ffc18bbcfbf66f54c82e222c066fe627f8997e204ffff0355f"
-                + "68d91a25d07cca0f38705aa8df9103b48ce62b85d0fad764b72b8f020f522c854e191d45"
-                + "c7e10576420279c912f8d3d16e4e95630ba8db0f59c9169019522da8015976b9a2e7da8e"
-                + "f68316acf9b09efb9fcdd712622fa7c2a4255cc89d1bfabd9c48ef7b15af536692c8206a"
-                + "e39ba495a4d07be2a9a574b55639a7d064bc3e555c0da2cb5134560d6dede9d9944a83ff"
-                + "3ac7a839df311a190f5d9b2ee3ea032921e2b7d1df36c0f5239a81927dbcea14d402b575"
-                + "ffb9d7402de2f4c6b03a6e7a709115ae160087ebe31bc6d96754a3583272072d2dab1bba"
-                + "21a04872641f86c279e44c8b898fd2fba0472728582f0916a1f2df6e646997b0223638a2"
-                + "3405b408aecddd5b1ad27a0e425353ef5ef8bdd282aaafcd96ba2c4f03517829b08e2ca3"
-                + "4d922358ca460845276b61f75feacc12942a6cb685193aa246ee91de431d31e4f5573ad5"
-                + "403bc67dbc695561c6888f16cabf67bc240479b628581123c2508ec640ad8b68e0ff9ba7"
-                + "a88c0383dabaa460bb248465a72742d158629fe77c7d54f86487135543f5dbcec02960de"
-                + "e118edd5971f31b2860e271451018288c3bd3e8f60a0b521c48c55b0e3ec1135c5073874"
-                + "0aa465d0a00f5d8c072d3823a669262cdd7a76b1696d04d94566caf49091d587c41945c8"
-                + "c3da080c633cf24a7541bb7a888074dc3c145155c2e55870f59d980cb275a926b4b49899"
-                + "94904d35249697e2d8f3a03ad2828ae298c91da45073fe68fbe8b148183c38d5514ac5c2"
-                + "7aa4bc300280450c42eb53000bd789cf466613e1f799c6cd8c89a88a155308f732237e3c"
-                + "4aa75adefa0e376d4b6549680aef721f2d1f6499f1869c5d19a1e4638489a5dd76bbf430"
-                + "f62d98af552e1e323b906a4f297ea41ed799c448c632cd0831352cf61dc5d292b1d3543a"
-                + "23a4df7cf769a4546b627901032ece8a0f7bcbfcda27b1b22bba825049a702492236e4d2"
-                + "de20996c6f80936a8ae1c8d09a8de958916275d3fed29de01a2ac5d467382595300eaeca"
-                + "d859f58910775f6621f0189c771189abd494885186d0075dc623bfb716f976bb3097be6c"
-                + "30675096a2da480650a6af6de5677105c808aaf67db6bee7b2d7e8d1b8e754893d4ff9bd"
-                + "0f06cf92d38083eb3a9a1a107209ed75b97b0ac8b033129b489e78a54723d082dab46d13"
-                + "59bdd868d489f471a6aa389757fd990d713c76ecba3f86f6de4e7deb61f59c997b4ab2b3"
-                + "13b662bb4a41e8e73ed19f8923629e28af37d986ef4a1d56cbad336f952896256b0004b3"
-                + "310fd55eebb3e2e8b2783efbcbf564b335073d6b54a09fb108e8f385e271514032eed6f0"
-                + "95ade61c9287ec968f253d520371cfe732569f52ab9d1f77887f7e737e6b2fe721f3d6c6"
-                + "b09b82b91c8b4212e50aee1a89e6d7f60d9b73f2f59796cc3f1d8e34afc30cc2520092ca"
-                + "11e03a141d45b01cedfd219a7c2e03475475c50000516cf51786c5c87aca790ea532978b"
-                + "bb106734fe46e51e69faa68daf9d4b0830db5dcc57908abe92535a90e573c60bb65b1e54"
-                + "64c8a60dc4d97068c4fb9647e57ba8208aeea49e2b9a37b79eb01233df8ec8d110a71ef8"
-                + "ec9276b96683a1595ace86f2e6dfbb0514deb91935824fb9b47032740796cd8d90fbcfa8"
-                + "99c1011fdff1be10b65d201b92bf7f89cf1ab6b09e925dfaeb43c4febd6941cbc6724554"
-                + "05e8bceea0962549ca51f8081f508cdf9d0ebab48a63942d38f2c2d759489b97e234a3d7"
-                + "8a35f8ff140c64e5409d8198264291793e7c5d2b25ae63d62b12de69eabd00d84992732a"
-                + "e1080ffdd91ca97e5c396f98ffc9b3702c5ae2d9ecf9fc328f0b412dc8b87801acbbcb06"
-                + "067985e3fe7143578fcafd391b62e8e4929969f989d9a6b36b3de7bd1b5d927acf9cb091"
-                + "4ccc051efc9f6a6b1dd9105c9cd8a04e209e59bbe2105c5ec0c39188dcf830b59e05f9a2"
-                + "9e39024872f21c634230989a09064b4795affeb43c6827102e1a3d6d9f6d39ae3302d55a"
-                + "f7c941802d1f57bdc1927e46307439e7bfd2366a0bb8efe51f488d88ac523010ec17eebf"
-                + "976d3d0b9295b04a15a1d74d603fc040d7c39c7496d9118e8315a0cc59bab9670bd2e4bb"
-                + "5a13ddf1c9059acc06483409e8fc6df94b186f1bd91b34c650534620fd0dbc01bb33877d"
-                + "90be97e16d1c1539933a3f70ef2f47d474a45e270fb230a0381b04cd174cb37a6193c3a2"
-                + "1d15ef1d648d147b8054ffda79e6768853cd1cedf6c0abde8b188ed61ae757f62c1e91eb"
-                + "cef592225e2a906b927cbea0561e745477095686e79c8827464297bf57f3047f853399bc"
-                + "c4e623a0a2aad1e027dd3ebbbdbaa56d39f5265efee6362b0609a60b5d2de0a0b7014ad7"
-                + "b4c1b2c1b6b0c66ffb52391859d69929b8e14580398c9b582b4ee30a8e32859ea51a8ee8"
-                + "7b9a19a38f43d61e9ba849a02e5383330f213c3ccc95c1fceba1514e21e978cc7fc8217a"
-                + "47fe3bcf8da76f7b73d903d1b4b2bc9e19ce2abc293300d877e339e233a89cf9b848b841"
-                + "2fb2b28478ee71f793a8acc0be59df1ebfc0e9cfaaab420f34e1ed986eb59bdcab725a1d"
-                + "f3311c5cc15d1a9e95d4abd02cd554573a8fea97109bf1d71d19009314c0eeb0a47a7da5"
-                + "f4d30f124f3b3a878375a3f40a35a6229ada4f8ba424b1ca3359e71747c3c4328eb17315"
-                + "23ae0b5e8e9ce200901502db37c216bd8ee04c5ac13b934868dc4cce31b799198ba2ec3d"
-                + "cf38e8ff87a822c6338d529aec616af9c85cabba08c51ae112ca72a2edd9c6bab17540f0"
-                + "d12906a332ac3676df445ac81ac7515d19074b590ba0e09f7f5810e90ec65feda16d5f8f"
-                + "aaa335411a6d75d5ea5afeaab398e48f8cd3a29397c8dd33ca3a37c767b702970f4214f5"
-                + "4be7c195ce3a7057672f0a372a0a3bd28a4029cb86a0",
-            "0023a2267c7d68930fcd162fb7b743e94c520197ce16e57ffcb0af6790245d85cb056197"
-                + "64567c8c9935c52d3e16f832ae63ca4e28dff7a13a41c76b791ad61b38479bd43d4b0325"
-                + "678ba1241a244a0db58b15ea8ac715ef3e0f6dbfc0b595c53b7178f2a899af8f68d04f9f"
-                + "8a07b4c5107c4470a3cda8cd3e265268e92217fe52d41956a1c4aad1c0982b8c38020ae8"
-                + "4eccd1b9d121462b33bbcd5230d64836e3666f369f253dfac6c906013e00575422287092"
-                + "1ea38c60dcb096de3c5c4aff406689cd945488073df096c6f01edcff13ca3a06ed959393"
-                + "c71fb7e6358364ab75c6204ad6fc46a736c30cc52a1ad78a74b767f8595c473c423dbe2f"
-                + "027e2cd9436b59c7a48807fe1a4d9059353baebb6c93ef5f773f53b8d54b5e96955ac98f"
-                + "19e9039b3b66c2d0bb2715f649e30abf9334b2eae21ab6f30c85323e1cea583e81178de6"
-                + "49e14b6a8f6f7b08228f9de1182d4f228afc85eab0f522a0e48d97c7d2ddb7dba82d9163"
-                + "517653652bdbf7db2c53d3f063dabdaf9e6fc6d25f38b221738570c65785c2c721862a73"
-                + "2b098ce725483e00319764ebb5d9dadea279c742a6b9d4a5d2366f1af726bfd38a9dccc8"
-                + "37e161a8874dd6bd8faa9faea68c048d86ec7f52ab14953218ac2d3f390e1c414c1fc31a"
-                + "72b80965469273d39a43c5d4512fbbc6d5e56b3c50646198f3a91c4d7300915c8342f2d0"
-                + "108bf21ea6a7c5c7fba5d6da11bb4508257a7441b78bcad9256b0be8bd0f68cecb7dfa1d"
-                + "57bb22f765db60c43486d4b32f753abfe9ae1cdbfbddb8a5b53477364324148e8e53664c"
-                + "b499cb9d9006505c3dab44539398b4e517bbd03181588d89ef68167ef376ee8a88b10938"
-                + "946135543b65f81d1f2e9603d47f7aae994a7dd10abbd5de1131dfda96f2997422755395"
-                + "e5d0cc605de27c37a9f243a7118521f3e18cb37301ff545f7550765b3af69ebd00cefef7"
-                + "1b54ce7942ad89a7f11ea835b7258c1da2d5eb1bdded96dd46a9271410afcc82abe37521"
-                + "6bfaed58db4974cf1103c02036577e72ba33d9c2f9f9e8e99e85b93dfbf832acaf75f31a"
-                + "8a99ab98e899103e9121ce94993bcc5f83ebee7051a168a0450a02283cc717106d8d8611"
-                + "80bc8ab078950e913aa8f0697e33e4a0508f4f52b5c1f3937ab9af87ac86937f3720b4c1"
-                + "cf8f2f17830ad03c0c509ef410a1ed0ccb89a39a57622015e19dc0a8e8cc6f0626d5163c"
-                + "63d5594abb21ecdc3925b1734c006f35d59f2a636d6da6d96552d18e8167a8dad361cd8a"
-                + "2106757248b4b2ddaad4b6326d89d8274b07840060269bdceaab449090a263adfa834c44"
-                + "78e129d3a44fca4b62191764cea33cb7c451284c60117630ba43a79bdd30021c809d2ff6"
-                + "17c88410b25fb4c77b244ca4b92fde91116945d0f89b2bd5c74c4227e10aaca2fe5bc303"
-                + "0495e66e628f6679f826bcf1f7ab67ff167c687427a65809dfc53699a11d821275613369"
-                + "4fefcb0e18451e35c17287c20bda162321e2db4a1d6f97346da22fa44bd2f251a978c963"
-                + "264306fae780abe6e391cfe512ed7fe4cc410505ec4d5b1770d6519e4c8038c7f7d32d2c"
-                + "6e8cc654bc9a92a6ea459c0bd0f1195272d43093bca508dfaa891f4e65c62c6b2957a0d9"
-                + "ac592c8f70c51d2bc657d837cc7c786e8c3f171bafb2e1460d881637c87286706a545afd"
-                + "b2f14bed61e2d27365da891ebdddf9f0af9b221ed8e146cf672673e3b3cdeeb7f7a1655a"
-                + "1673af55d06a22379e16319bb15a0dcfa4d970c0cc9a56db378b44e7302667fbf87f8a1c"
-                + "9b9f17189aad966f44a9ba609c58eb41659b3900bbceb406c1845fe73b29373b03049e4a"
-                + "dc79aa2afced837171edb16e3ed234cf00ab960a3fdd70e3e5ab89a986ab25e6de93251a"
-                + "6d61f0a4f9cd1524c3b2cffba2d773ecf367af2ee3d1f27eaab963a65d644fc76ce1835e"
-                + "36f5a6a501bba82831c4895a44546dbf7b7a0d4c5c40c094ec416185a4df54a86f37479b"
-                + "025b923f0a64f5ca3dea1627452f2a08a3d426ae9a8704c66ff53005536a8150b3b5302c"
-                + "65f49ebcc5e968ec7c54fe3ab5d1ef8c7b4e4e47302edd619530bf6cc42543eef17db409"
-                + "d92f50f5e6f5bce845acd9f4ec5b20d042ca48309f1079d2e2b01cd52fe9d340852daba4"
-                + "00d3fda682162b108cca7ab4b5356f444fb4c87f48541c9b5d1e58fab94df1e0bd21299d"
-                + "c7bb7144cf9da351c3baba8e920a4c14b59fa84da1d1e2428818df608398662ea0500932"
-                + "a92f16b29b06e681830f6afc25ae6efd2dcf7134cfd3bbdb74d35bf2ea0b59f3faff3298"
-                + "5a2c63ee1c206de9bf6275a4539e6afaf986b9b86535fc81653d87c029517cf1b599ccdc"
-                + "591bb63cc13254ee867e3432397ccbb877bc6fb7a89a6890e1b568ad5a9b810cd0d77607"
-                + "23f13f5468656fdd1c207f6a2b50632bd6a7b2b7e8478c2d2a82f429b6bae63907846632"
-                + "b43b00d3716b83524f3f92b764c35cd2eccf8f167aee4d08514914abbcf39c2fa2d6ba77"
-                + "500bba727a77cba850988b46e9c0240b11ef4299073aff9f68e0f51ff9490078ef26cd19"
-                + "106a1bde8d626659862d3414720ba6f3269c70dee4e86d307d29937a792653138aed7ff2"
-                + "41c71849c97d57cb2fabd161083f992350131d3846f3dc2aefb4cbac1148f532680425e3"
-                + "258243ce83c1569934f7e678382dd78eaeedf67864c0527fbff2d86d735cf18b99b55e5e"
-                + "853868e6d9a05db58e3b2a17dbfaeefe807e25070a3c177fbb7b2feeaf0de13569e4a24d"
-                + "a7d801fc8e95a153d48c457b6d59b8d183393e7aba668063e1db92980a8f428d1965a0d5"
-                + "77d8ab169fad00497f12405caed3b2a76c0b46bfd7392f581db48393280e16ef4fcdd2ca"
-                + "49be4f4d964ec9d74cbf0881eae7657396996055196991a28facd2e025681d05d066215f"
-                + "986c44a6da0ca71120f7c2032f7802c9125355e5cb9450560f53ad002b01642f9356f487"
-                + "3f0c9735f939ed450af4a2b78a60d38ed468eea4f616394fd5b1413c8cf72217fcb03b3f"
-                + "3d62598d2cc0daea758697eb4c9c365379b7a17fe2fd3145dd0d456c0e9c54a9ded677e5"
-                + "817d8dc19fa0e28215908b274ce11e6b094e18294c7ee8066a533cde38cc172508fee96e"
-                + "00673a45140b99963fee4078c6781c2240822950ac763b2dccbbd2f9c555f02385efdf73"
-                + "66b7b87c7c2e9a0c0e385fdef6f2877590ca88e637f0dbb875b74d8be4bd2ea75e068fed"
-                + "6e21c9ba7051d0dad832d69d94e609b50f12c804da07a08173e5635adfde10b57405c544"
-                + "3749856722e9bbb5e0b9717088d4717556d6c35e314731cef73eb6d27050adece44314b4"
-                + "acfe16947db8fd71161dcfa7b896b660090f29cebedc8557befc0dde717ccb565cb56ea5"
-                + "c200bb09f598ad88814e28cce3467d2179b83814b5efb87a4468ce4d2dfc3d998895fe29"
-                + "52e5109dbd32a9793e5ce6cd9a7df9f164f2063dad85dabd972ad48b9c803f41a31a210b"
-                + "3c0e2d6ce32d408c96a158dc86432a20fe1b7817a52e046108a27afd13c6a2e6fd2b3d0e"
-                + "d36cae56ae26cba95173ad7d2c1d8ba46d721f01202e62f10e067b61360c0704689ed811"
-                + "4671f467c84bfb7383f6847f2abdb076f5b8bfca9b8972946fedde492872e5b1113588ac"
-                + "dcc11b0786ae5b7d02ea27fcbb9806947f481fe684ad95e82b5da216bd9f89351714110d"
-                + "c2acfab187a7c788c40267434050e775f93bf7242ccc32da47f065149480aee64cf03446"
-                + "599a60b9030fb5428ce27005588fc3159b05c0718201103bbd569906b747671ee21c3aad"
-                + "7632fe88273ac591c381671599b229c734fff0903a166522179962c6b460cedf1ea42de6"
-                + "617a4f7b58cfca76137fb5ebea25b3de1336c2e0673f4df60f3f95eff5e1af75fb432358"
-                + "e3be311818dd3d8f6706fe0d671030d5b0b564cf51ec1cac9e91c9bb3643eaa6c4c3f2a5"
-                + "9d9fdb7fe44eec5f8158c5f8acec22f2e43574fb9f408fa993e8f9c471906ea4398a5092"
-                + "d182a488b2539747ee0d36efa43ea7dc2d316bab38e3a750b86b075fad35c330f2d5d9e4"
-                + "b9488dab41e9355a681d0a2d230cb54251e333d14ff21ba55e31c582e6d4e387a4f3db77"
-                + "473bde3acc689404ab6ae939299a2cdc46be14b7a6d615f9ad22d7c67ca73f81c3d0342d"
-                + "bc83b94fe9caf536b8e9db70b0c48bf7a7169fb0d65b792e5970cc333db03bae8c202048"
-                + "23eb5ffd3db08b4a3725040cce81b09aa986f11c39ee526d9cc1a628aef0da68c9075512"
-                + "1e53b70dbd2ac0019152003cb5fdf6f764752424e6d036ca162d1915ba6a78db1f1e18a5"
-                + "1b555287ac3fc806a4b6297b8faed1c23682b91d79a2d7db4a37822b402c4247108393a8"
-                + "fa26ffafcccefb73fe7bb50ba8d4240cadb8627c72c8f6399c2f44386d9b32e477bf6249"
-                + "931d3f2ff9db055fcddd7e381122bcf466f0117645365d72ed9bab6460e2e0a02c3a96bf"
-                + "d91e491326cd483f72569d403e1ae6772f9925eeac01125537b5df37d162c24ef331b5ee"
-                + "d9a5871e12873ea44443b12296c696688d6182b7368c6479bf9e1dc68bae084e8cd01d60"
-                + "aeec317c4d4db922c21a9d57d1185ecba62cb91b1ef420889a174df735c1be89d7cc859c"
-                + "0ceeb61b6c4965060ecb1569b540c9db44f6e38399e0da56ab959e5c184cb1c5e013694e"
-                + "6beb83df866f2fcaab85bb8e9c30d8177a37e57a6dfcc36635402d680e9da7d690a8438d"
-                + "ebb2d02d50e796b00999ee857c2de3a650561226f1a6107f09e2ff57dbbe879c6da998ef"
-                + "4cd2e70132c6ca38ff651c0a30bc3a0862197b3005322eb854c71f12cc1de17907b0c2dc"
-                + "6dc26cabcea975160e993859f75d0b8072d83877ac6e67cb9ea5a629616361846bd541a5"
-                + "65ac9accfc499492fcf68bb50602b2b9caeca133aa1ddbad9f200cf46c60625c73fd8cea"
-                + "2c28da3afdce5cec497b42bf3e1eee0754e1f0489ee3e3b8fe22bdfaa4cbc7feab401e91"
-                + "ae0ebfbe89e8b3330a7e417ff99121f68ded9345cc02fc38a89d8c8f8419187b0cd565b3"
-                + "19d14dca076d17d99bac9a73854c707ddc9f4b0247b791951234151c9c2f6e7869efd83e"
-                + "3ab6c6803e4a0a3339e572893bc53631dcf0ff247b355a8552807073ecdc067227c66fca"
-                + "b0fa3be117162f8104ba884a086e70e0c757dc53c45941e262bc82d6ba33a94d68b7a66b"
-                + "ddff6ca159ed7bdcf3ba3d4082469b1bfb860f4d1e1e9efb672c69d99cf89412fe481bbe"
-                + "8ca1f6592c686e2acb996bafa887073dd17f08eafec9f196423becd348fe81045034689f"
-                + "915976133c678b8f0412366f31cb88d0fdccf984ff6578951f0688af37c7f560ae540858"
-                + "e438bbf252d61cd603cae8e5b734b7a4cae4cdbbc7b6a97e5de5eaae07981f2c4bc262bf"
-                + "6220a49be02742bb26b32def0c0f43f25efd5e0e6cdbf5bdd11b26833af51baca8bcf6e9"
-                + "0575d764b9cdf4379cb1740bcc53d3fbec9c8022fab9b43f7d975ec8c3a758e03fc89fc8"
-                + "645bb067cf6d88204b4e73cd630844b519f2efd32ddfcd8e8f73cb294ac10fdaef716c0b"
-                + "313f89d799871093a11fe0a29862ef12623f7df601ceda2aa3544adadcec0d99852db137"
-                + "fb3cf000761a5f55f8f09c390627b14256daf0702d4ad0ad9e207e44c7a40c09a35e4078"
-                + "fa88d08ededa735ec54083fde98dddc296aa2be4b2b41b814f4614ec9002c42cf1589098"
-                + "8b03380a9256e30434f243e826083acb9e71528eb6c41f45f55585c6eee12b8b7a4da15c"
-                + "6e2833660a284f74b4aa6c20280e21bff1b1ea5f6677e9760681a6c3596cebb4f597f246"
-                + "f10a9ed875c9506ee2992aabe34feafbac4c0d8f44ccd2e65e3eede4808ff4fbe98c9937"
-                + "efa76077dfdcc59380d5bcd11b00373462b8be8bde74ea4f0ff873874ba86a16462da7d5"
-                + "9daa6e77c78ade093342795e38629a81200949aad16c5dc6111f8c3c8154d18fdad070ba"
-                + "67b8c18005f91d60dcaaf252eb5e981be537580415464f31076e5ae6101249151a9f14b0"
-                + "9f12dea801d2c5dada02c29cc5be3002f578801ff5450e6a2127301befd5013db31c6dbe"
-                + "bd92466605578d820541693677c48ad27e8070940f33a14255f43f57290b286ba0da1cf2"
-                + "250240cb85b8794182f95f065d60288bf77df39583ee863d064a7be1e27a75db75e0ae29"
-                + "f880a4466142b03ccae446821cdfc901e214807cf13a6dbfef33e20192e74e10641f4b1b"
-                + "600dd21ed6d816417039e81494b879f9f2beb31da8d9aa493aa121e6f22733f1ee06c0f6"
-                + "b96dd5d5689b866dba9c7c735503c38408ce3424cdba773abef65212e9ff3770364ddb02"
-                + "60fe3094ffee9b89ce69a34f9159485d4bd4c4372774e20617eadc0c6950f612dd2ee05e"
-                + "1ca2f1ca4e21730e472fc8bdd6e2d7140bc362f6334a354ba250341994408ae7469b996e"
-                + "ea196520ae1569ee2a681bd2a175187f3a57d3716842c65c82d8e4aa9d6e910f8c3d4a60"
-                + "a7fd9c2d6820535e0fb7abcab820750dac95b9d166b8a8b506d75fd55d1aeb1ce40dbc2c"
-                + "9f2de3de227392faa0b79f2ea0864aba2e4936f20c379fd6426f85184b615a4807e86893"
-                + "e920794c886dceb0d766daf9f7e484d55b177fe89451db5b053afa946f238412c96c8d88"
-                + "da889190de7826ee1a2c712a046a5676a8e92d9ecf2ec923608e52319751f0442f583412"
-                + "c83789bdc5fdb17cd3940f6e091cbc69b3fec8a0a125262d63c6e2bedb5a415cba00f4bf"
-                + "16e07a06250201def099da3bc02d3343091eb1ad334533ecb8fbf244f2c1800ae1ced35f"
-                + "fcb5543b09ae6e1d45a11d7402db5ee432c5cf90a41ac9aeddbeebaaee26d905fd265c77"
-                + "efa0ace6688b5cec7657485facfa881c29b3e2e7409f89396bf534fd9dd348ff7c623f58"
-                + "85eab6c385154ab42ad11d3a015970034b7a84616c4e62e6bb174405264c4aa98836e4a7"
-                + "4597c842aef4d267c8f1118d1056ec2afd3ac790f07d8bb387060abc16fb12a2fcc50d64"
-                + "7a8a8f36b693545d983466b27c8f982f5721b16f3160d77d7c391cda673dd320784ba4ff"
-                + "cbe527b44c2ced6fb7079eedba182ae0d43bd92735192f5715e7eb58cce42d29d69bffbe"
-                + "0696b573ba7e634ae42bc662b3704099cb63a23d7a195fcd90536bbe6ad4ec23fb88f25a"
-                + "9dc398a54c7239b08bd470aa37d91f5300f0f49983262efe29d15ae548078122d599bb6c"
-                + "67e064ee780097ab491b2f0ff25cefa3cee82b947fec16fabcabb6f2410894e53d7ca82c"
-                + "2eacbf6a0bcabb999a6be56d3562e6ac18536caacd8520c9371899e57aca2259a8467a78"
-                + "3052be0debedca1a3d947ae175bec985e1346a36234f8448651a200d99402bc47b7623f6"
-                + "fc0e15a866a361dd35f5d220f5302e48ebae027c8e71e53c7273f5c0a8c70de15b7c141d"
-                + "a8ee6e11b7596c340366c5aa0621ff1e39b05c6f56317b146464415a6e1511c24a2d02b9"
-                + "1a8dd2397767c4a1f0fef5fb3f211f729755a27f2fdeaea572ea5b46f63595393c112aa5"
-                + "6356085b7d19ce4bb6adefe32de2f08e3bbb431047629647239d40e0917664de38b739a7"
-                + "8bcee2d0af9270662f600b0fb38d26e9b43390b73b80c0cf0325e77a8e0c14a6dd9eb50d"
-                + "dcd81bdbc060c9f0c5634711adbeaed2dc40e086a455f07c19b016a95c03c6a4ceccfefd"
-                + "dff7aefee523332bf5894a4b9dabbaa26ea310d8e5dd12204d4277fb8b1451ce98f26376"
-                + "094601a944a41ca297e2e9a66f8b72731bcdabffe454e389f250ae73b8da40e268b70dd2"
-                + "4ab28b329f87242319d6ae5b7777f8b5292522d93dc6c9ba99fcf7dbce171155dfa143cb"
-                + "71035af6c5406af6ceee2cf67b1a72ce2fca03aaf471fb5d8e4b5c529f67d90e9e89fc1d"
-                + "db3178b4f7939c6cccf5ce1639344f15c8cdd1a6a2ff6809429de678b796cc30e8a76fa4"
-                + "afb6251f6525f2a536d67f608be21a1477ece3e04ea67add8549adc0b59254c4f2698d4c"
-                + "271125c0dd70674346cfe9163e46eb593e144577139611fab7ab513bd8745fb610e58580"
-                + "9058e5d21c3443c0cf2fcad51efda63c3f1e24b60d7aaa53eee8267ea9e06cfc2b181e1f"
-                + "2a372c1ad7172372aa3cb5525a4fc1b6d15d4d61ecdefa9f59668ac7f961785ae02b4521"
-                + "49327df8500769dc5ff032b805da4d772c22177c4a968707ac849c590209ce0b6e2ac691"
-                + "67f03b7488c8dd497754031228ce5b9c0e65472ebccb070afeff49087ccfeda42c692395"
-                + "e81121483125bc718c817f1b39498966a40dc3409a1a620b4692c2c76b277067989d7514"
-                + "aad2718e850f4f2f4be71eaab33e3f7634735ae1cb65b892dfcaac2ab3dc8c9a33efee6e"
-                + "ef2b7a95bb1450ffdc5093eb25122c0d76279e95d6038da4e0a8c960f9f934b28b112923"
-                + "a74900c633b490717e104110893474379581e8cec192f941b6f78b0fc9e45aa509e8a719"
-                + "86e8e89087d815ac461c6c97f42a50799b231b1a46f172cbe41d216caf32e658a4dd5f7f"
-                + "81aafe7eb4a62b27470dd28f6c736cd47688a9fbac279cfdefc0eb3c168ba920463bc283"
-                + "82031e59f936b019857fc3807b35c492c9318642fbb976fd5eb0f2a3f044e3f05d569f51"
-                + "cef65d23be91f4c2112c039f7776b156bac1847f1571853c4af9b0890f3fe1b35bccf692"
-                + "534d444d58a42db0750a194e1a567c0a00ff5b443f4c6f6d6d2cb65d1713f326139c48bf"
-                + "6fcb762bada7707ec291fe74aa879be3c4ee4d3700f13cf13d1d8b7dea8620b805c780a3"
-                + "0e4254404b02da6b957fa278cbf748fa3277d39f187aec7255a49aa7e3a9ffe62adfd6e6"
-                + "2469fd106a022222e407bdccf0adb0cb7b16138a63b3c273a5b7676b5b72f128a96bd19c"
-                + "8ebfedab3609822d02139873542921b87de821fa65e38d5c2e6ab662e53f20d294814ad5"
-                + "273ee8ca7d66f59d2f76a2e97d0690bf7eaf4ff29ddba74040ada31dee6e5d80ade45111"
-                + "c8e6b146b1310ce2f109a45b97836fc23e453b7103819506b88b3829ee09f22157e783f2"
-                + "79e06f1d5fcb22e9962cb58827dca7a037350b0c7c4ed32f1caceab7b945387d5738fab3"
-                + "45640f20e64cae09dbb99c0435542084b5cde398313df48538ca91c794de544e4b6faa01"
-                + "9708213c6dc773292f29f7a0e8e3f8fcc507b9d4fd96db13111bc8ecd38d712377aa2fe8"
-                + "4567e9fab06b35fe6051fc13b07cd6d1bbb933439f5efa40d73beb52b29a0386fb1fcb48"
-                + "a5ab60f9352f8efe8795ebcda35b26d6f87c19dbf2fed86f90814f68d2c986041e779c63"
-                + "4ffc9532dffd0d2e217c3b4fc7f7659fa6dceae771975a7ccf5f07ec5c1ef43b23309f37"
-                + "2baa57957508f43afe8e921ee789efaa3eb7c47e077b62a537ad35b51f04e837ca446e84"
-                + "739c7508d900b0cf66a4af38da2398b9573cafe2e72cd0316cd53556b4425533140cfb45"
-                + "a87b7b9ea65f3a0267c809cd1a8e299d7794702de7eba060d9740b839e8c4633db1f7127"
-                + "b787f8229317371f6c9a2440f7b67faf6c653569757f84862b7c473656223161a223ee59"
-                + "6cb9912168a8cb7f794599c132a4f30ec650cf861df285e4ff09b6dbaef83283bac83a1e"
-                + "4d0e748f809c22b95f3ea77ebd158a43c5dfbb4d298975d4f80d7b2af65efbc7631de02e"
-                + "afc1bdd75c9c604322ed146f8da3d9a605b1e69ec0d22318ebfde140b1af07990c184346"
-                + "53fde6a6b3705db69abb161f9745c56281e7bb28f12f2d6e8936a64ebb9e6c7f8840475d"
-                + "850d216372ba1a3e024abd90a5fe81aec6e254c516e830b437f94f17b32552eb3b2e16d8"
-                + "c3973d349d7ee99d4b95118e1df2c6b583bebf64a2dcd7b4441b23b9023262f27479d8d4"
-                + "082b2f2f6f7d46e1a8a521a4a504f5f342b92406db51ff275f25b256fce44ee22d1c4389"
-                + "76e9fd64b9dc31c96b72483c22583ef2fc7a975133f0625f8dddf203d526d9380c46e4ad"
-                + "1d78808b5b767a628a78595db123676f094267e89d493294415ab339b8f510417bcca9ec"
-                + "8ac819a70c396a86e7589736179b7bf8f4a454162af1e8415a179be0fe91c30d9c32677c"
-                + "112b6ef56b69c87dcdef27c68f711d1c5fdc27f5e0a5b2f426753a946413bfa22df63abe"
-                + "f7e141e2d85e5c6ccee03931466455d498542179b52a19352cb5578b8a66210e1db37def"
-                + "d5b1c973d8dd91e2d996ad67e3e4df65495d6b250df29a4e17fd2ba03cb8d6e5c0b88a25"
-                + "978d921e88fe1f68cbba6fab401bc1e0d092b0cc05180afb6cef33a9202a4841bb089efe"
-                + "2384d926542fa3dc6eb8ef06aeee4373cf1d3eb62dbcc0a97dc4bab0a66396b8af938924"
-                + "ff416c6627c1dfc7b9917d5c7c0d23625d6e5c82b938b72b21329b2e89ea867fe10054e0"
-                + "1ee7c3692e796788d236af325020b3a24c4cdcc02762ad5e6ea70d5d6a1afb34137ba477"
-                + "a464cd13c033a8e493a613307b7ee5b2dd06912ec0a9a64d2d81ea4454773ce21d8eb419"
-                + "daf7686b12f13bf296f959c040cdc4c43a69a580679e61a503ae92ad8d3beb250c9731cd"
-                + "567c7b65ec13154d0b78e38e8c782262895c78f3293a0a1f88910c55fb45ecdd2e333bf1"
-                + "b08cc4e4e5ec856786b549eaebf7c8a56b8a0801cc12c785888b59459551276a5b5ee393"
-                + "2ef0801fd41a977cae1967d3c1e6f9d3b031b3cd01948eee0e11bb504b19b7b04968da9f"
-                + "2157ecced3f493fc0c0f5f22bce33e4b343ac849fcd9d90c133540079d743054f7e02111"
-                + "cc2ee9c239db904ec2d2e8371308163bd104b36fa4c8fab5d9e7845f87e73c8350387235"
-                + "b1b184a29fe6addbf3d33bacb79597a96ec68b2ad564ab631c58d2e613af2a3afc00692d"
-                + "9c2f6957e9e3713dc942c15162c85658443002dbc22fde900b1b610e4cc1c3c9be6e6230"
-                + "fa3e401f9fe2efc8c58e805ffbad01c28159211026e25e168b7eff128a6d0d4f22378521"
-                + "e3d2b71c936bba99436401ee53066a49a5897c1790f0648df0bbd724b00e28b70e925252"
-                + "8c2319a82a28e97c829c000afbeb414aa0121eac2928c1df2569eb887b97d0f8238c5041"
-                + "afcc539eac5cdf7c2bbd44995a11486d201780359010bdecd3de2eb7ef056e5a376d972e"
-                + "359fb835b10b3fbf44c965764f8ce1a1a0be53105c316e12ad635287122be7a9b96571bb"
-                + "84749178f0e30cbcbffac9998786424b231c1b83b6afe5e8d256678d019b700cf268b4b7"
-                + "80fa0c54de7d5c6d73aa631970e615a3640de59c7e05deb3b575ce031b07520a3cbc67bd"
-                + "f077ec8cafd5d1ee3fc327bf5650371de243dace406685c44f1c49726258927491b93fc7"
-                + "b6c5124414fd5f412448ea50cc9f5114d9eb029dc042bb414496c44ca41845b2d95013d4"
-                + "4bca0fe0e6206d0e996cfa2d55a2ec8c3812624581087518f524c243652a957be5831912"
-                + "5ac0f1df744bf3feeaf0e51242bf5888232d98fc8eb22fe4d4bf0afb7bb6088e7622a13a"
-                + "02c68dc99d85158a43ba8de8e14c4d2f3b7c7f7cfc5f2a2a2bb64117c917f3f47c8ea4cd"
-                + "ce442dc0f1e6434fce047103a5a2abcaed39f631ba9b939f064666b9a42037d9ccdbfaee"
-                + "2a84d01affcf8d1c1f6c6729cdd68da6c7fbdf21337d1a04b2b23353b3f0c471db3470f5"
-                + "cba3cb85804a414e0f47bf1959935ab7da803f70eefa76b8a52c9ce07da009da4eb3b6af"
-                + "ee77bc4661c4a84c0c433ad1dd3342fd09e5fe76d1e19f53ac72daa711f40259306ae6bc"
-                + "ce4d909f0673f8350c3b809c47cb34e40362185f78b0b1614d870872658c944e53e84fde"
-                + "3ea5fdcf649d7299cd74a108b89c3685135752932924a7e435af3bfe5b0c06f8c9173524"
-                + "c77ac95b83bade1a46d8b05f3b0ce3aefc97d6d80d9cf20f4c512cb9a535ca70266d7329"
-                + "3cc410e485f745680cecd5fc2f6ed427101a83bee570429775af27d9f10cdb789efe7647"
-                + "0425d5db1049952f7f09cd1bf0c4117446a49ffdc7baefa63500d44924a0d0d710834cc1"
-                + "2cf9839584d11884ea1e3695a82a3e4aab26e52433a6807ed9ff3183a629bfb66b0680cd"
-                + "2fc1a42cdbdb961c143b0a73838eb4f868d75eef5e1caf4d6537e713ede3bea66c400ec9"
-                + "2b13ac0fe873d1b6ce1e341f26ba63676fc8ad1dd685918d32da2fcb1a1c8d506bc33bc7"
-                + "1101dc63c5d1933c5010b4cdbcee468f78ad6df53fe0228b4a61e58d0e41d922f6b44371"
-                + "bfca2b0c733fbd41141636752c7e67f478fc59b8286f0edecd2a6418e876ad0e5ed79cc3"
-                + "2067798b19cbd6f886e27d3b454a4fb716d21b674ff67baf68653a86bb565d69c36dba6b"
-                + "c96c4b291f56931cf933a2e6e02438359669ddf5e9ec2f45f8d63bc12ebc4653e410614a"
-                + "1c75cb94fcce34a9436142c3d835948bb23244e7a78f8d88283a142abea4938d673e9e0d"
-                + "f348e5c65575095257e87d6491a9ef96458d698068c63620e4d6bc7042c8d43571d2b39d"
-                + "3e833b4db28c8aee0ac286ec3a372b9cba32f4f15d66ae625974cb7347a1dfddba2479f5"
-                + "eebcb95c8cb33aae8cad5f2a804288266cd766e1b1184fc31bd339a8d81f61c013674fa2"
-                + "7447c2bfcfd2fb6c8939e834f6e49063a9ad044eab87d3b9ca0ab5684de341b3edd450da"
-                + "0d6e9c2c635705535c8dcd022979f9517de188e7473155f2ba3c7e217f115661d56d7c86"
-                + "c3e490271c2f965803eeb76db142250b7a73691d238dd254954a32a2804e5c527998624d"
-                + "e030b746af16e8d2682bcccdc68e2d59aebd32901bd22353199ba3ad1b7c2504778aed55"
-                + "f9b5bcdc8cf218d3a6e19f9225e42b8e0935065aa49c831f4216742e201f16c62d2bd152"
-                + "8004d517956fda9dccaae3887179aaf65749151d36eecac985fa0310a61d815ab1b5cce3"
-                + "6756baaacff6151c8b428ea46a036511ba3db424922900f27b7a85715a17bf77d0807412"
-                + "b79dc7e22698aa1b615547ffc18bbcfbf66f54c82e222c066fe627f8997e204ffff0355f"
-                + "68d91a25d07cca0f38705aa8df9103b48ce62b85d0fad764b72b8f020f522c854e191d45"
-                + "c7e10576420279c912f8d3d16e4e95630ba8db0f59c9169019522da8015976b9a2e7da8e"
-                + "f68316acf9b09efb9fcdd712622fa7c2a4255cc89d1bfabd9c48ef7b15af536692c8206a"
-                + "e39ba495a4d07be2a9a574b55639a7d064bc3e555c0da2cb5134560d6dede9d9944a83ff"
-                + "3ac7a839df311a190f5d9b2ee3ea032921e2b7d1df36c0f5239a81927dbcea14d402b575"
-                + "ffb9d7402de2f4c6b03a6e7a709115ae160087ebe31bc6d96754a3583272072d2dab1bba"
-                + "21a04872641f86c279e44c8b898fd2fba0472728582f0916a1f2df6e646997b0223638a2"
-                + "3405b408aecddd5b1ad27a0e425353ef5ef8bdd282aaafcd96ba2c4f03517829b08e2ca3"
-                + "4d922358ca460845276b61f75feacc12942a6cb685193aa246ee91de431d31e4f5573ad5"
-                + "403bc67dbc695561c6888f16cabf67bc240479b628581123c2508ec640ad8b68e0ff9ba7"
-                + "a88c0383dabaa460bb248465a72742d158629fe77c7d54f86487135543f5dbcec02960de"
-                + "e118edd5971f31b2860e271451018288c3bd3e8f60a0b521c48c55b0e3ec1135c5073874"
-                + "0aa465d0a00f5d8c072d3823a669262cdd7a76b1696d04d94566caf49091d587c41945c8"
-                + "c3da080c633cf24a7541bb7a888074dc3c145155c2e55870f59d980cb275a926b4b49899"
-                + "94904d35249697e2d8f3a03ad2828ae298c91da45073fe68fbe8b148183c38d5514ac5c2"
-                + "7aa4bc300280450c42eb53000bd789cf466613e1f799c6cd8c89a88a155308f732237e3c"
-                + "4aa75adefa0e376d4b6549680aef721f2d1f6499f1869c5d19a1e4638489a5dd76bbf430"
-                + "f62d98af552e1e323b906a4f297ea41ed799c448c632cd0831352cf61dc5d292b1d3543a"
-                + "23a4df7cf769a4546b627901032ece8a0f7bcbfcda27b1b22bba825049a702492236e4d2"
-                + "de20996c6f80936a8ae1c8d09a8de958916275d3fed29de01a2ac5d467382595300eaeca"
-                + "d859f58910775f6621f0189c771189abd494885186d0075dc623bfb716f976bb3097be6c"
-                + "30675096a2da480650a6af6de5677105c808aaf67db6bee7b2d7e8d1b8e754893d4ff9bd"
-                + "0f06cf92d38083eb3a9a1a107209ed75b97b0ac8b033129b489e78a54723d082dab46d13"
-                + "59bdd868d489f471a6aa389757fd990d713c76ecba3f86f6de4e7deb61f59c997b4ab2b3"
-                + "13b662bb4a41e8e73ed19f8923629e28af37d986ef4a1d56cbad336f952896256b0004b3"
-                + "310fd55eebb3e2e8b2783efbcbf564b335073d6b54a09fb108e8f385e271514032eed6f0"
-                + "95ade61c9287ec968f253d520371cfe732569f52ab9d1f77887f7e737e6b2fe721f3d6c6"
-                + "b09b82b91c8b4212e50aee1a89e6d7f60d9b73f2f59796cc3f1d8e34afc30cc2520092ca"
-                + "11e03a141d45b01cedfd219a7c2e03475475c50000516cf51786c5c87aca790ea532978b"
-                + "bb106734fe46e51e69faa68daf9d4b0830db5dcc57908abe92535a90e573c60bb65b1e54"
-                + "64c8a60dc4d97068c4fb9647e57ba8208aeea49e2b9a37b79eb01233df8ec8d110a71ef8"
-                + "ec9276b96683a1595ace86f2e6dfbb0514deb91935824fb9b47032740796cd8d90fbcfa8"
-                + "99c1011fdff1be10b65d201b92bf7f89cf1ab6b09e925dfaeb43c4febd6941cbc6724554"
-                + "05e8bceea0962549ca51f8081f508cdf9d0ebab48a63942d38f2c2d759489b97e234a3d7"
-                + "8a35f8ff140c64e5409d8198264291793e7c5d2b25ae63d62b12de69eabd00d84992732a"
-                + "e1080ffdd91ca97e5c396f98ffc9b3702c5ae2d9ecf9fc328f0b412dc8b87801acbbcb06"
-                + "067985e3fe7143578fcafd391b62e8e4929969f989d9a6b36b3de7bd1b5d927acf9cb091"
-                + "4ccc051efc9f6a6b1dd9105c9cd8a04e209e59bbe2105c5ec0c39188dcf830b59e05f9a2"
-                + "9e39024872f21c634230989a09064b4795affeb43c6827102e1a3d6d9f6d39ae3302d55a"
-                + "f7c941802d1f57bdc1927e46307439e7bfd2366a0bb8efe51f488d88ac523010ec17eebf"
-                + "976d3d0b9295b04a15a1d74d603fc040d7c39c7496d9118e8315a0cc59bab9670bd2e4bb"
-                + "5a13ddf1c9059acc06483409e8fc6df94b186f1bd91b34c650534620fd0dbc01bb33877d"
-                + "90be97e16d1c1539933a3f70ef2f47d474a45e270fb230a0381b04cd174cb37a6193c3a2"
-                + "1d15ef1d648d147b8054ffda79e6768853cd1cedf6c0abde8b188ed61ae757f62c1e91eb"
-                + "cef592225e2a906b927cbea0561e745477095686e79c8827464297bf57f3047f853399bc"
-                + "c4e623a0a2aad1e027dd3ebbbdbaa56d39f5265efee6362b0609a60b5d2de0a0b7014ad7"
-                + "b4c1b2c1b6b0c66ffb52391859d69929b8e14580398c9b582b4ee30a8e32859ea51a8ee8"
-                + "7b9a19a38f43d61e9ba849a02e5383330f213c3ccc95c1fceba1514e21e978cc7fc8217a"
-                + "47fe3bcf8da76f7b73d903d1b4b2bc9e19ce2abc293300d877e339e233a89cf9b848b841"
-                + "2fb2b28478ee71f793a8acc0be59df1ebfc0e9cfaaab420f34e1ed986eb59bdcab725a1d"
-                + "f3311c5cc15d1a9e95d4abd02cd554573a8fea97109bf1d71d19009314c0eeb0a47a7da5"
-                + "f4d30f124f3b3a878375a3f40a35a6229ada4f8ba424b1ca3359e71747c3c4328eb17315"
-                + "23ae0b5e8e9ce200901502db37c216bd8ee04c5ac13b934868dc4cce31b799198ba2ec3d"
-                + "cf38e8ff87a822c6338d529aec616af9c85cabba08c51ae112ca72a2edd9c6bab17540f0"
-                + "d12906a332ac3676df445ac81ac7515d19074b590ba0e09f7f5810e90ec65feda16d5f8f"
-                + "aaa335411a6d75d5ea5afeaab398e48f8cd3a29397c8dd33ca3a37c767b702970f4214f5"
-                + "4be7c195ce3a7057672f0a372a0a3bd28a4029cb86a0",
-            "014c8c263f11d661b874b01e6b3e13d75497978b7ee0ea10bf494646c61cc5353e57d89e"
-                + "ef5804d798637519d83795b5d2e9c38c61dda8ff2de50d4f5838223d20d9bcfd0fd0e881"
-                + "082ffe225b044bcb020a116b7e8545b63d0c956306098e52967b26cb7e0384053519331f"
-                + "a0abf134235b5fb3f8f540b6520f75dab9525c0d4bc046a46546820d91571522123fbcf8"
-                + "f4ef762e2fe8cddca417bf7e191aee05e31752981a811de03e8faff60dbcc0f98768baa5"
-                + "282586c412a7c1de05291a198c22e7a49649c3be95352a68167a7ef3a2aa6624ad3c4b70"
-                + "c136324ff38275d422d960d4a47a54e02912caeca1a30b9ca9c480d38bba65acb3fdd03e"
-                + "09f40c65dc6d13783eb2148fc50cf3ae694c42f097e06d9df1ba629118af03a321b972a6"
-                + "af9ace9c0bf902d8ada593c9e2642af4c5568c03643e6847a55f7272bc0ed198a90194e8"
-                + "436a0b58da32dc64ee3408034d9cbe66525f2c49be26a356d981a3272cd278513803a38b"
-                + "dd6e880300f6ad1de500ba63ad0ead86597ad6eb79c941f3644f7c736a941fe9c3798c97"
-                + "145973cf9aff08dda23d291de425e458105077c090a6c436d4c7826ae19778661814cc03"
-                + "e51836deecc44636035f8a8d1f353f94bff5a3bc01a9b917210ce6d8ee6ac27243668c30"
-                + "aa63ea2b18e3ade79f3ad6e90d5e5f216bdc9567f0bb8fd4eb4510c6078c67a4a720faab"
-                + "10e278da76542577edeb34575aef42025dac2aadee0a918f17f8f2f2c241a3cab3882dd7"
-                + "2c74bc615d2e94beb7d55854046aa8377e4be48a0c8f24b113537d31a7e83b22dcfd35ae"
-                + "8d948c1bb162fb5ba47cc9744ed5c9472dfe396285d72cadaff73c1e582e5cfeb7413244"
-                + "f221f123d6f5b5c5dcbee603d9f7312444171d48499f282de4b3b929d6d0b697f71ad4b4"
-                + "f0f7f098b926221daea713a070f74e79056b0dacf04e1761b57151b6e07ff8b070df5867"
-                + "e3b590bf905e89f3c7d362492c9663487a7133cbf659b4fda61c2bac98e8064ae2196d67"
-                + "dc08c3cda352126d8b88b8ca89ff449d32f47d0da2aaa1c639f50189b6cd9b598cee4644"
-                + "9d654ee79277e24ff091ce0b0a312d35775c9b64da043ffce21e6721d86fdd073349c8a1"
-                + "2ceb9353984b2547af8645798f6304300c050fb7ffa3bcd82e3932d4bb4fca19455ec44f"
-                + "c6d8cdc2a14f8bc10ea62cb6a4e616fe2ca57bc2a8be2ec3045cebf7f800c8a29030c88b"
-                + "862c6f4ea85a986e3474fe114543d4d0db8e398c581867d5eea316f0928cc740c5b02f53"
-                + "a29fac34d1269507836a9f85c3609be0867dd738559a739afdc2d07cc2d7c7d234e8a37d"
-                + "d40742fc3b91a27281d76f0c887b692613857859e94038a11fca4d704da467c81bb1ea0f"
-                + "872ec659be203dae5002f84399d2bfadc797031e2e09ce04807d234d8c0d68d65562ac3d"
-                + "90e3f679cd9ddb1625da1f60023f31ca1f62f570f98c5886b0600a2a6ae829cab6ba61a4"
-                + "47e7954c5640cee83c5a8404933eb1a95f6621fd20e0d67b690c765da1722fa77a07549e"
-                + "16750f30042d5a35464c327a979f2fd099c6d718c5924ea778dea1e844db0803f2a714f1"
-                + "535bc24b3984b58c914980805148cb62e9796de50d3b709cb4201ed211a45f094d35b115"
-                + "6c6e3cf8be705d6f4290e5b8ce17f105576ce8801f36ac6e92986fcd49582fd0f882788e"
-                + "4f6919fff1145d42dda525f57c93a0298263408898faf872e654cf4ae6babd97d69389df"
-                + "817cddec10008050f4d87fbfef4dbc842a0e1e200aa9d2fa2e0459ba0a3aca44af1efa7d"
-                + "7def9fe3eb7b92db20acb165361dc4b22750d34a2ae1ac5a74ebe23cd7029ddc1c452724"
-                + "309726b5bdfaa87b6338701bf29d99dabbecd3bde338b1e3790f3844537da268c357a900"
-                + "69549ff94557d9d633be69581b2ae9f3078351a3e32762d494e32d16dc173a68fb7aa3a3"
-                + "d7e0d0e80c34ee7b5ab8b173c82ce8ab9390738f11c6be502865f438487dfb7c9b1832f6"
-                + "e6df3687c42c59e7d8e1b33a89546ff7b633a5c541026cbf98ba2e56738e34f2882f45f0"
-                + "f5bf2ec8d2c404bf6284424ba33d788fd2d9f4a7d237aad788417d8f417a415466ab7e52"
-                + "6264b7214834fb84226ccb1cf7d2aca573d6a2cec56ddfe9924a85cfd1b35e217abf6695"
-                + "cf467a65d3a3eed94c29488ee5a54da11783f3092ed4f4a86d640180c9b898b6dbad8f95"
-                + "d1156bdca574a33a922b98e06d2ceb8a97a78caa88cfd18242bccb97d3da15b0e3dfe0ca"
-                + "29efb2ce4443ff6262ad08d6dc9c9a10b912b848ce61f0c71959fc451c0580314e0613ea"
-                + "8d383f1cf4a266568f67f28fb51704bb82b3230173337c97cc9a63679630dbc08946f208"
-                + "150d683f36baba8e2ad0fa40a7db18029841f2a02a88c994134cdec08ddd902c2ec11135"
-                + "64f578103af43fa5423069b72bd7f59b013ae75e4310672700c25f7a653ea9a814484b90"
-                + "10ddee16d7412141178bd32ead662963803412da9b000eb98ba89760d5b0c372b00fd8de"
-                + "1b5706f189d44fd59cbf7f26c60898c156a9aaf3d47e20dd9e374222a4b052a90ba0ef25"
-                + "0ca8cfb56fc04cacd9f7341bcd400323ce2e37dbc1091f6c8cd42eea6a9bcda68b4e9643"
-                + "3f26c6ebdaea50d73c6cd5e1cc9d89f66ade892f45bb078d2bb4d19c28b6d9dda2af3e89"
-                + "d0ab472c8234cfd05a8625991c1fa10fddb7f12dfc6a882a6285ba93fb0a6f8479db50f2"
-                + "e9aa25081e167cac8f8ad8e025cc74c2c219938a6a6b381b0b5282188061c2c1c46912a3"
-                + "68110439ac0d0a41981bc6762c8a4e526c38fa23eef95ea7883b6590e392a86c8d78d715"
-                + "1701d12d3b71789e35a2e61c0f27019048f9f53de608e94a1ba95d61907f7f17e9c87b2b"
-                + "88aaf9f738f95e68325371fd536e171de890654dd33cebf98e246b9e0e69e03cc0228689"
-                + "1a38aa7d3af6056c07b48822525d36360502b99cc0760cb92b0ca84d259b3f876680e624"
-                + "4fe2aeacec78fe6ea104197ff6f9261b8bcbda34b33c85f9fb71bbbd9cc5438bf9c91430"
-                + "8d623868aa4dd2507c22e4e01cee8a5cc402c385303b19dadef511f0fd843d1eae34023b"
-                + "43cc09d393a5b8d11215a335f41a4d95457bc2ae37981e5792ddd20476fc6e1ba59c008b"
-                + "6f0da15e67b8b1191744094ae57b9c568c68a61439dc5c62ef08dca117902e513b530595"
-                + "5beedc5e5969f13ddb0f733ba1342f53ea259fefcd8ec2044be1d6cc1b83b6e63df35eb2"
-                + "dd4430588d6c2d02668189d7cd7b9bed2540c92b22298ec1e41860caee32006a2624dcd0"
-                + "b0a03348360041efa35f013f257961ae911765ef7359602ace8e1908dcdea92cfb715599"
-                + "c773935411dc6576bc58621de95e308ff151e975bfa09894e03b5649a69f46d24a035504"
-                + "55c1c1666214177c0d2c3d8c20e99c980eafbc50e01acc76b62a28bd5e8df32040b5f106"
-                + "73400d26dc5c35069af6481fdd991eb8a041b90f6185f0ea375c0ca814c29652b68d4f9a"
-                + "f97c8a838bec2871357c199d7337b7bf237fc8bd036c7d0c1060c646d10cc3113a31e07e"
-                + "ec184ca29a0e0c6ada346d73c6f528ba529507823c989be3c7d08e9d4aa3a6976e6ecf0b"
-                + "ef2f65fc185a7a1d1050c9a2688c34c932d9eebfac896dd3278363819496704792557943"
-                + "afff482e2be44e404ec2ed633fcafa7b776597a64d97bc56b73b8978088d851218964ef3"
-                + "6b93af1cb23454e8515132d58f3a2f7daa8994f771822d239066dcda30763f98ef18b799"
-                + "37a30afa2844dbff9247302da9edd54fe619cd7fe5cbb29d5bfdac786f8e0bce195dce8b"
-                + "3942cd312ab4bfcfed1af8d4fc054e30c811fe03ca2b2784e56892aeace51c8ba886b4ac"
-                + "302f55fe126fa2e6e4b8e52716245b5d529cb1d3056ce7f4fc93abe6b58fe3c84ba38715"
-                + "300013959c93f717fc93d9a7a38c58f9dafa3f25108469d15ddfbc077e73a257d0f309c0"
-                + "fd3ab1b650e389e7d00f20e37299338673d52c2b0f8dee72ce67884e77acec0edd8dbe7f"
-                + "981bcdae0fe643b615341ac3aa09767553d77f0bc7741ed4087e5a03041e5b724aa93b4b"
-                + "6cfd28cc7e82d0ffacfad667f589073df06bd135cd00d55d68fd8950fe997b09bdc7dc4d"
-                + "90bea36b945f709d167fe4f40e8fbd6be9eeeee262d8b8fbb50052503403840737530b4e"
-                + "b4f9a96abf6b1372ffff794822043eff81d4ce61fdd7be47ad9edb1899a5c6526684fc68"
-                + "561a13b637db7af1443a2bd2872ac27afb2de89f8c3319bfb3f342411f1631f95b867a24"
-                + "5628f6c38aeebc3d2f6bc49e96595c844a40afe65bbe1b0531fd33a6e2468b6348f988f0"
-                + "b70846e07d78f32a668d693ea3dff016da2d9540f3251a8b89368affc57d342d1032ef78"
-                + "41915b16c4768d95b77670d91a035023c05b93f080681835604ab93dbdb5c5a8c86cc856"
-                + "749d102e02fbafc494c28b79b899c17be7e6bd5cdcab2f23d2893c9469ee8c23378c9f4f"
-                + "695acbb43b105936591a7b7dcd0a436cd72f461c23970571fdbcb6384be7ac14bff951d7"
-                + "0e0d627e0d5682a0077954a5c081492f814982dcec00a9c9f2ac87c88345bda6079218c1"
-                + "94d95233853b322aa24116573d9566996af0db91ed7797baebce70126b26b8682e2da764"
-                + "6d0a66a375d8168b8b550d0c5618fad7f2cdfc50dd706b0e9ffeb94faf76523a3734f3d5"
-                + "66792f5f501a5d29d93c42a7299a851139b8a50e13d5852c191b250295da2ed07bd4c2d5"
-                + "3a2fd53cc84f8ea352e668d0de8f830f61b41b9ca8e905766e816eb2581b76960a436095"
-                + "5f59a04bf96ee5b47bba41eb7cd73414cb154dabf1f007790af951dc79add700d897005b"
-                + "d13e151c46a3a4715a523fa8bb10dc16fd13a474dadad37e239345f11e1609a485a8eda3"
-                + "385655ea6c29802184c30b391e183de48016f27753758ac69ced125b5dc390ece5695bcc"
-                + "8140437acc115f10e6df6aa8d7fb0ee34edf8a4b6e26d14e9dd91c836fbea08bf50f978c"
-                + "47c190ee1b3d4e164df00032898238363610a38c2619303a1c2a00ee84dace21c9e4eccd"
-                + "082694f96c8b8f55bc417d4a3a040ac1d349d5e790967e36e18a8ae51bfd7b47f68382cd"
-                + "0512a9e3754534414173396112e4de51a62cdd3a19a7504555affdb35252ecda828a282f"
-                + "9743ed2e2f086c9ba5bb3876a4318717a6cfa34b210b817b3492769b1b85a9351076ed4b"
-                + "d94d688d945cb195b5ed37b77a5747c5c078dc65d15198188a6c1df4dea677063fa8b0a1"
-                + "0218d0f86ad17c436bff768988a5527b4f0505dfa295a0016a0e843d0eb135a31a9241cd"
-                + "9f686fac777dd00f6a29225ceb4afb9231c887179930129e0d78a6b491e8fb85df0c65f1"
-                + "b20b45dac097a93340e0cd7e12735d0dc68889cffe0c70e823d021824de50339689a8ebf"
-                + "0cf193684a51cc4a1b89d091edc39ccbed1972602e465cb27e65cea207bcd5445f5afef4"
-                + "a157135b24835b3fc50d2da7307bb82080f81b2f2ee568e02781c902065ee52cdc33c6bb"
-                + "7e97befc02c65434a2d76e09e486af7f777fc8466ce646123d96c4c70a702dcaf1325388"
-                + "724aec2effa05e020fe152548585b08b90780419a6c037fb9efb5c0b3d26e64cee05b53a"
-                + "a3cd9de907a24b7b69c10001832595fa464b3a3c5546d576e7853f869fbf343b27884e35"
-                + "a63ba63c67025fd0b26defbd3f99afe8bc17555f70d306de4d5a293b5bdd09d63d94358d"
-                + "0daf237886d3479b8bb54c3c64bc3f70ee22b071971f1e293561b60e7928c3a081169d15"
-                + "a83cebcfe6cc90f139265926cc4608522cc73ca8f1e0c8c5dcf15b8ce284614d9292472d"
-                + "f1c6e6c55644124fadc1eb3ffd640abdf8d1ea21997f8a5b8913f323dd6597d61977d48f"
-                + "583b355166d9b32215ecc5e532cc616ab6c7d4cccdef69877d45c479924f9fe01e0a405e"
-                + "bd84b943f21720088b93bbda4bc10df69a31419862fc635006d70b8834be694797dd60a2"
-                + "d0a7d569f3e0a34b8c4a76e89a0d968b58355c64eb2c8da5884cc53bdb42008c649bb0a9"
-                + "03bb9805a74a87d50ded5118996907e9c4eac1f08798c48758cb10376fae499f4203f82c"
-                + "a98ba8c3d8556908db478940ab30c44b4ecf0c0444667bb88d6411d01b9edb699896cafe"
-                + "fa342c6dc4d65ebf08e20251d37b001c27d222cd5007144742ce12092f618dd367732476"
-                + "5a049484b403513e27b6e9cda013d174310fca12de45ab9542aa150152700ae5b8605666"
-                + "58f2445a876f3a733ed32bec5becc32b1a4ae5c31b6260a72e642264f13d7e28273358b3"
-                + "d8e822c88044ad674a8169a62237175155109858388cfa897dc4c8770407c4cccca1bf7b"
-                + "c7506cc0e374dbd85f1c47031a47c6ac78131240f249973ff5571256ea813a3d20e18e81"
-                + "cd1a309b91a07110b3847076886ffdeb181df8dfd07851a173e381aefd3bbb297fb636e3"
-                + "4b64620d0a85f3f5bdea2f44c7d759975a82d66352f224b357beb9f57172aed019432cb2"
-                + "d4aae03b0c8085a64a0ed4f6fbd1345a9698d0b65ffdecfcf39e8fa4707f55b0af4d6af9"
-                + "707dda0bc86144522fe8b2024dde6f86e580f67141ee95614f6ae96577bb8afa06ad8ed4"
-                + "70327d01d5e106500ac314494dd6c32380a4179983fb5f93cd0e9565ddd2afb8b5410113"
-                + "55fffca391939bfd4e154ebc75834f85d9035fc23c33240c628b97fda26fae787aa58589"
-                + "4e9fc5bb00dcc41f802944b08a407b57e28cbd792c7b23e3ef791f713fa9f827bedb1552"
-                + "dae90b5ffa3285d0be4a814532369f2a96b789915ade54b9d0585550b60cca7539d1681f"
-                + "7a1b0a23d0525e65e1dfb59bd4058e6727b4c97350d2a107b615536d9849e7ab3129bddb"
-                + "8ca50cab26d1e1ecff1502643a939292a3725f2b556f5063251f258a01eec7524146f657"
-                + "7ed592b301f7dc545f17dc1e72140d77a7d0b2b3555b25c5adbbc874419fe1d2bd40e31b"
-                + "bfcf78d5ea9961c6d69c6c9de28c2af118cf73649f031da80d674138f63f598da4bd183b"
-                + "32c0a40f4c5b461985ef074c5882d2beaf823976e489f6bef8d0500f45853ee395e5ec1e"
-                + "44623c698d2e5880c8711a7ee85161cbca4952704dea3805c90ab7c467836630693df416"
-                + "6d000d5c4fd0d7d5da47b3419d8356777d74e55abe6da56196a0ed5c8e54a9e83394cc97"
-                + "24bc52d499b8c898483f6a09f26dd08c5639eca69f541fd5122f2b9d1880b52288540667"
-                + "2761be011bc5ac9a8d7c5b083ba910916e20b2ed3bc8ff630b55d3642764fe613297a2ed"
-                + "3f76ca70d6e72392e4a018a2a54f87e9624d9eccd5e2acac1b782c1de2ed14fc2953c2c8"
-                + "78372bb068205359975ee1cb7f454491fc5d25be953153a2b14b6d0202af7cb6b7acd177"
-                + "39619f526c0525ff22d4d98566f4b1717f7888ac4c1960cd3e0e792c1e4f768117bef387"
-                + "bcff5ac0d407c296a9f177a290d2b397a4c252f6d442820172de7646eea8d3976bad6923"
-                + "f9040c11bc24aac3aea650da423f30f5a2f1bcdfbe49f588614c452ebc18fb20fb81eacf"
-                + "0dbeb719da57d02708b7294412a9d813420f0d082b88b10b6f0f6a61a339066d367883bf"
-                + "805dbd6276bdb7a6b97230cb51f30aa250f3d8dcf761e1b3fb8ca57eb9d7c0f1d32d1068"
-                + "f2b0d2f7401b87c47a46ae9e2f711ad2d360d00873b92de96e8e18672aeb9ff6c938c7bc"
-                + "711c55701211efe931be163fdf9b4a9c3ecc9c091137b3f785902ee8c1cd657c4b66e04c"
-                + "9ebcd1e433a52c765afad6f2c87967f796fde54347e145ed4061e747543c9b305a345dd0"
-                + "1cd42e5086ee97f8f73faffdba2a36ebb28b726dfef906de490021e9629ba847d31556b7"
-                + "ae3ccecba3cdce5214787c969c09d797baefca31806570320f14b4c1c561b2a9ada51aa3"
-                + "2f802e793bacec077d8de7e06d1e3da6603383f239ab4fe9301eeaeee67025bc6de61594"
-                + "92d2a7b91126ce1be61b0637db9e2934fe3debd2ed04c789e04f46a4584c8d722f0d9d61"
-                + "e813a7a5ff20e3585d9902fa51d20945ac45a022b2a19c4680035b950abce7728fbcf5ca"
-                + "bbd2ed50f783bd54ccf0f65aed06da48044bace53050b857c407b1945eb366231d85a7c5"
-                + "0eac4910cc865ba96361921fb44a626b49644cab0b06a7974e622f85af83d59918578b01"
-                + "9655863221cfb96e65691a374b84f4df69ce62b2c90e8df9e0aa560af32f75436a455681"
-                + "7967af2d244a521c4f92ab1396e28bac827e6e55178f8ce1c0b19a8ba28bb8c5bd3a4f42"
-                + "570389af775f6ecda0bdad6f74eea2963849ced86d7d06a9aa4e0f8734d30c1b9b5d4b24"
-                + "e42f2a95dc860aff5ef37fc276abbe7a43414a21e91461531fa078df9c41215356ae4ee8"
-                + "472affc16b696edec6841935458328d666b79e7d7175b4f5c17d658f506348e0b6f8af44"
-                + "024992278f47cf08f446ed4ba545094fc45a17dae3d96c5bf54d4d3c056ec4a730c24495"
-                + "9f9660877c7e8a78df2b9db876e5d04db93ea7a3c814f9b2d7ab7bba472d35451322b4b8"
-                + "8a90ac6bf2c4b8d9306866f928e64466cb1130ec6bd26872facbe7c86fbc224f8dd5c177"
-                + "930962e6e4bcbce221c822f20601b886ee7ac39b89df238c7ec2fea1a2fe0d22397537c0"
-                + "4d96bd92e00011b4c317ae786f16d4697cdb11b92fc0fb77c0424fc25ce76b0a916e36ac"
-                + "587bd35dbad8904cae4265a551b6308ab83f10eba6dec5bafce68704ef617e10f48319be"
-                + "ccc17e6846fdbf77f413e41ad918d33aea32c2017f0193aee6b9bc1cc9a417d8a1ef3335"
-                + "fff07c23cbde8ee7e4952964f70c032f9d0391a35259de6d6aad65f9525db971cb2cbcef"
-                + "334dbec2d2c95732f75558fb2ef04bb99ae9d3c4a674b6f4b29f7c80d1c88d1f02cadd3f"
-                + "c2a03acbd3dd9784a3d25a8d5d1bd0087044b624e5f585a9a4b2ba153352316f261aae42"
-                + "09d91ebccbc86b2ad0942a30dd44768177d9d1541a420fc47c66e84a4a76660d72e2a52f"
-                + "c143d0052bdc9d5b6488ec556aaedaac2613c7f31b7e0d1d5936f560533a0f9cfb7bdff1"
-                + "8ec3ddd0b6a6f4e3fa2179859b834e5af7e0450bb776614a1bb03c502051c2598a32cf68"
-                + "c604e354f386f322549aa73f4b8a03d58bbff4ce2dfe9454d9d4389eb8fa8e0ba12540d3"
-                + "b144aa82f0dc1d906507180b49899d1d007a4f8e6501cd1a65fbdeda9b007c551a59063b"
-                + "88788b1384e114994c1f68cf3948899df99c0401a4c0ddb4a794ccb5ebaea877fcc53dfd"
-                + "d78b8bc41faf05a2adea2aeec5b11e060938e9ed772fd1919d64f6bf089df59f4ad92606"
-                + "8df8dfb8e13863ca82631f75a825b2dff182d127dab53d1f0cb69a968b2cba950c02c7be"
-                + "53890bfffcd7443e01f2bb74e7d119fb646093090ef903f71c47eeba464185edf40e5320"
-                + "6de25bc08e084f90ade8c2485bd562b1969372d2039c814f2be4bb222f215e98cd0a7c56"
-                + "7c5735bcec9cb72077fa94516bd493c6ae887cfe74fc0c6eb1fa75f3e150172d181bc6be"
-                + "a02ed54e7fb100f4fccd2fe4ae1894d2833ad3f9e6fb3a5bfe703667e09053374bd45b71"
-                + "fa46b611d6cea440728766a4e3e176c17917958a4bc1144a03f0acd0e010e3272a135c53"
-                + "9a8d94239a7917a96721acdd6a7041d7f709a7abf6ce3d9d2d5a20da4df857712381ee88"
-                + "c3d5dfbfc2cc5ab6e5924dd81750fb2005810fd200a9d6048f954abd44c9dd37b05b4235"
-                + "00bf3794c8677714058fabb75066838198a557fd8ac9c333c8e6a41febd7d9bdce3e7b5b"
-                + "5f2337da32da64a805f5b96edc0183dbbdc46072559614891c29dfe6502993160c0cb907"
-                + "73158377f072e771300885221f3c94d7c5fabb6e0a4a59ac567d14bac9d5aa2f1f50b29e"
-                + "053f36bdf35652366483729f4a133f0980b21fb4b7a69956ff7376b0f1e71991f587402d"
-                + "0be549a237b699ed3e4b03d33099f893ee96b49ae983ed021cc3a977fc2a2236c8ea3cec"
-                + "6c3c9557c80577ee784d9fc082e6b21b306bfefb91b5e0edb3ef7b1536c4d5ac80b1d437"
-                + "869af4903c0788ba778ba1fcf7062cf8d9acb2af934b38a88e532f6474b72242e01a118e"
-                + "118e4ce3163614531416dcb5ca7373164012f594d25db938e4c12435d6313887efe3a417"
-                + "78526d642ce595b3b97a834ff0fe8988d1176d0d272fc82d962c61c8fef74499ee795786"
-                + "d4983f6731a1624dadef88c7697f629033798013b9a02af4a3775e12d5591ca3d49e10c3"
-                + "2e8c8739cecf0391767da35de9ff6d54d0e203c0090bf39b78e97353b20268439dbd6990"
-                + "b136a57f43e0beaf5c17f8c0b66e3471c908dfcca3f180f2cf26341706f0ddc24027703c"
-                + "a799c3d0274d6ed279022c01d029ff3197093a82d81a6597960520fad548278acfa45de7"
-                + "4e5629b05fbd2002f5daa0dc43524140ecff4aeda89537cb507161d83eadc2c52a6baa22"
-                + "c01874b057d26bdb83797793f41304a0769b7fdd30201a1309821d334317e0bddfa987c3"
-                + "f6a0aef90a539220572005dbf2dd73122977102776d4f93909fd73e734b41762900d14a0"
-                + "38cb448bfe91c53b0b5df2e94da9b49e41dc7d9af8d69d0cea4581379106c7a399a81467"
-                + "b5775cbe7a92db95ad1bad091cd95640b014846a7b2c0bc7b97a672a21df791c111147be"
-                + "dd8397b225fce285ae27474e5890dcdd568afb7f781f239189b04200747e7952e01170ee"
-                + "926035317daaf9ce0cf2620f078f53a8b7890ab420112e16ceb7108d3e6cc5a43757524d"
-                + "2e1e125eeb903348398806c85946c0f20c47e2773992d88ce7eba0a7dc17e6b8520f16b0"
-                + "23ec6a94150c0eb9dc78d9253f61faa3a55b6c596d5d6950f84df554809956d142decc74"
-                + "5c7a072196745acc0dc617c0f55cbeef5bf98d0155580e8f7723f2dd17a0403ee866fd8a"
-                + "11ef727ef92e9b88125dc5f265dbc720c82891697a7469b10c00e0b2eaa57fd259fb1905"
-                + "e21e86fd1e32440dceca047f21771cf70ca2e39aeec323840dd4a6688085981472397bee"
-                + "cace7a2ef1762a8cc48fd913af638d361269e22081be5f948b040d8c1b136f9ffa8662b0"
-                + "2a7d10b951d2030a733b0210d52d343542e9cfb41b1af66fb43d8b02db01f7439776af4c"
-                + "bfebb1dff6e5ce963fd6f70dec299fc0f67ca32501127d16b79afe38de60ad90040d2a0e"
-                + "e4b4c552ba382ad29f3b3191c260d2063aa1e44db6338aa2fd6a7f24aeea376944b4b9a9"
-                + "e0b800d2b8fba5bcbd1264fff9f6b07065a3becbeed633f3d28d3aaede5163adad84b2c6"
-                + "8294ed843bbf0d6e0f2d80637092334c09fb907ade1ed65e6f15920047f32774224b48e8"
-                + "fe4d8b626ef2d559add44a8e8ccbad667c37575510bd7b63bc2d23e1aa433c7d2542c710"
-                + "d1e5cabcd573e20e838b2573c99cb2f535dd51e6ef46cb2436732610df002ebe089be2a6"
-                + "dc9834308dd67542fca2d01d15d6e5319ba547f317e37515de90d8bc91380d6c1387839c"
-                + "4339bfe83fcd325f81d3c11c9726e2007d45ab00aaabdb0bf056ec837a26266c8c016a68"
-                + "75d786795ea5833c0b1e209eafdc079f62b44940002a24c3706361bc0f1c84c97d66a030"
-                + "cd6abef01dd04b1b09ba246242a36339d562ad062c57363f7f53cf09eee2819f85f3a4bd"
-                + "498c93e0d10bbaf781aea9cef820aac022185ab5c5fc39c0dedf381ecc58a6d758f3d338"
-                + "9c11f20a7e850ca17db92b86594615d7ecf7b9facbd21dfafe15dccafca77109bc28f40d"
-                + "81e8911852890960d1023ede7b4d5dae80f275100bf87e261170d302610c5c0bb538e3f0"
-                + "808b9e577b5b1e75fb48ba3605447c98ac9c7342dcd8619a9cb1410e18a57c2ab2bd2a90"
-                + "8538a9caededf64d1c9929b2dfc02d4c8c4a336e469a5d0b3626e956efd73812d932268a"
-                + "e5097799414800d7b8b02134eac4ca66b9a2b8e39ec304897c7f566c8e23b12f2ed55635"
-                + "de35e4e1ed1ffedf8088c55cac9df2dc233c5c11c6e5fa39f07b6632fac9e87dfda54bf4"
-                + "33c82899ca6c39b8508da380faefc73c39b3996660b59deb154acf9fe90b78f6b244d099"
-                + "27f383f4892daf59c7bf43cac3b4c21b64efaa0037ca42c7e65780816efc1b8124b30f8e"
-                + "481532a8a6300969dc1032bb76f7f02e6e33dd329aec8bf1a122b8d99763b971f935a74c"
-                + "966ee50d3bb2bc257c9729fbba1aa2841531802eea879e454d81bb1c968ce3e9de355bb2"
-                + "0ef0653856ac01890059da9f367539143e5ac5742e08bec6e6f7c1a8871495a07e56571e"
-                + "fd24b0b1cdb1a5e35e00d916c2421d566fb4b4ecbdc19c7697111737131f1c8788f731da"
-                + "e0069e2d3b608dc2ecc7422816630156b89cd83141524011b50dc513cc7864c728d3ade5"
-                + "dee1471219209cd6b2e17ca824fbde97973e3a5f26d4140e729bccccb761fb9ac2b207f7"
-                + "177f145c5d0765f2ed43476f969aa1b2be9362cffa465b228fae06e0ed23c8c0168c9395"
-                + "0d6b800a68022675f916d5ded69fe457c9e7d56b7ebf95cad7d97966415a6fe6cc3ce2b9"
-                + "67beb62d2aa34ca7d9dda52828fa9256c668263eac6704d9e5e6b62c0cc5394126717f98"
-                + "b12e64676173576be5a83fcc748b589ecf3e1c492e84a9a1bfe8e3fdfa41ef2820f4cc9e"
-                + "743d109e147e29e415975ea0bd6d087343b39067dc4ada9e7d61a2ea4c1df3b83686397a"
-                + "bb9e8fe1093e5f08d283a00e46d01814346d41ae61e6001cabedbb3d4c5cdc5e4c38e8fd"
-                + "d6336710cc8b36ec10653b7665f3ce6d1b5e34b835dda0cb2b8e6799b07c1e5a3764bddb"
-                + "1d075309d4907e61e52e049fa57d365bc52a14b252e54d90ed79eaf83e6736f66787767b"
-                + "8fa6f7e583931581bf5dd115e7c47fbf9a625d9f0ce7bb817dafa9cce669056f2c11e003"
-                + "2624908c93811570f2c245ba61f6abcc15793420869c62a448ccc372ff0c0e98e528e71f"
-                + "d791e37464395e071ce23f6699fcf4a79f4c7ffbc341b8e950da3675094a7386693384ec"
-                + "6aeb71faaeea14e973888acde8f46be1b77184ce546570c9b6e07612c7c6e846c4803880"
-                + "0b433c6bfd1ea8d250958d2c78daf0ad8b4c4efd85cab7600fca914a22fc2735ba3b7768"
-                + "825e54f20f06a500c31d8ca2a557ca209c2324deca382b27cdf9b4b7d0ea21ed164cd900"
-                + "3971a7de731726d7db35b3ed7daeedf8ab151e484504158cb2eb090644de8309f837bd8e"
-                + "f5a633253a75fed6399b880e911513ee8b3bf56251ea548150eb0ca77fcbefba3b41bbf8"
-                + "68a97f0a5097466bb4963b24580640ec08fa10f666ee3591d9232606ec2e2e06a48fa6d1"
-                + "484eaaef5e7d64b8df9aa4aee033d5353de9e9053e6ceb9e1e59a4786169eaba14ad6be4"
-                + "97f62053e6b15bbf749c3fd5289efecf4cad5e451ac16e1e082cc9114cfe31835c25b764"
-                + "a5f0b6c66a6e3d59603e3a503bdaff870ce3b8fb4a014d6e8dc7eb066a7f8ff0c077680f"
-                + "cccc09e03069c3ae99b05aeebba06b54590810e11c7109ee420a7b4da2e3cfc18aad0d3c"
-                + "ca9faff93a1006d022a4da3f0799a85dcbc79d4cdbaf8d07996e2189a4a37768791a2b15"
-                + "a0d77afa56d0d12b1addfd49952cb7035832925b46859b3a726cd5b6da895ddf6b797799"
-                + "2eb9abd78746c6c4d034de1857408db162b0eaa521a4d8bc56323d67ce85735571fbfb83"
-                + "0a76ac93154764596cfdeaf6a9eb37df0394e324c7896b328a349251f415dae7dab73df1"
-                + "c4b4c443db8afe5b8e56706982fa5843bb77460d8a229808aa085b07b0aeb4301bb21301"
-                + "3db1a8ae76ee41edf189a9410c4de5fccca29d85e6fd6037d9a430837fff1c80c03f6b3b"
-                + "455a83c983b6289dd10ba05825f0b99b688c8abacd5eaa40bb104daecb06ed65ba25996f"
-                + "cbf0d545cd1c1f24361920fd8dedfa893a45fc7c7ab3a0ff3d29857c77d4af963033bf6e"
-                + "d5b3a14938654acf74743b597d01f25c31aa32c271945a46149fbdd819be1142ed959bb2"
-                + "f1f26c84219fa07e128b8aebd029efbab1a8962415928fce48f53cee74e8b0fc871ee49d"
-                + "52fffceec0a3182809332ca125a59893f540b693226816d9df294bbf8b470cc4e25f9ece"
-                + "111da040524329318bed4bb09ba07f77334f23e4334e23e2de9f3f34813ee2ea68b983ea"
-                + "aaccafa0e3d92e8ae4d507793d13a548cf6a25ed7524dca9c702c6fb68e97b3880861dac"
-                + "03a9ca1b63d5a7decb15e91958c7eaa8406291f39b4eae652d3ee22bb8ed9d2a9be9c97f"
-                + "393c5cf335d5b7775733df6f9adedff0e882a52f04079418fe0869157576e4f18cc7abcf"
-                + "a7fbc84629801b4b54af4dc3c2a9e475b5b4b2ab305ee0da237073df4e59ad3f11656912"
-                + "f3ae92574c07d41853244e91da13c98fd574c83fdde2b62a3e5a84d8904df8a21347ffcf"
-                + "9e1d3bf96c5d25c12087ef94977b91fbe6486d6efe219b5939a587643ebba464258d2ff9"
-                + "1e34225182a3f8281d43244860d740693ef88013982f41b4f8d4c971fda2b2386a84afaa"
-                + "37c5357f6555aaaf03b5e85878d917961eda027dc339e621e7852b143f0616f91fc7cf60"
-                + "cc178a1abd95b5303f4dc6bccfc32302f5c6c8b1ae6e4a532f2647394b720a233d5eb863"
-                + "bbd4eb9e74be2f802f7daaa9f76cfc1d9d0ddd675d3bb790673105b4acc2c9a6f2e95f2a"
-                + "d01a42eb63480f6a37b716cc76a24627e56b3d48ae79d858b03e1d31cecdaa95aaf96822"
-                + "bf355dad141d51b5e65d8d93e4623e1b0e459d005e4516539ddbb80bfad45306f7079f1d"
-                + "52aec4535af26ffdb3c1f49e4b436b3e98dbee3d5eeb89b97d9eea318f903d291d286cf3"
-                + "3eb88af7b7deecea0a0ae844142aad00a5cb6dd020cd5fa1adf890d21936a6c7add54005"
-                + "778e720e8002fce5ff01e891b97f00459d6e5c7995ba785b3300ec6dc65e90c5e0bb3f76"
-                + "abaad636e0e89fd8818a4dc647dd146b3f6b0a1c953c4cd9a8c98dfc502a733b0d8baacd"
-                + "9faab6dfcbfee2c82aba9bd0fa3922a8d8bf56979a460e63733c4834929d2c9d452e8b4e"
-                + "2e362a67ffacd43136a1086f3b1b1a91ef67b6f317b6b78a3d1f6d3c635444064faeb218"
-                + "3d591d0d042ab38ae354ef382bb44f8f97cdc3e02292d0e02ffd5111b39467570dcd5d75"
-                + "29ee20dbc33ad51cc9bee34767d9ccd642e846a896883cb79a9073b57f7bd72a3d23c2b9"
-                + "b98de0834d9a6b650ae902c1511276880a6265c5dca59423bb3079b593df17ee4b04cec8"
-                + "aaa44251ddbe150eb9e54a193d3164054c74674f037a7448d51bbd693cff4c42d160fcdf"
-                + "a9400ef8d6bd6647eb586306aa19e3d94979ed8a539f6a75cb5bf6942c9a22db8f752b6a"
-                + "743602ea946373eb0f6cf22c12851a56a6977b35a1334a1350cb4822c6b12de1d785a231"
-                + "9146e479d71fdde15958faae8a73f8cb2650818becc765d79250ff1f07a3c87005d035bd"
-                + "cc959a62aedd59d26a29f23a580a98af17e8c80ded13d12acb47ef78ca7b4d36e426afff"
-                + "a7c3a75724330e1d41be5a9e829ec1c284c50197210b3053a3241dbfbe737a906c4f4263"
-                + "66c6417693ea6c118bf699297bfeec84738acc3bbc26da53f6e102c1c1d3d688c732882b"
-                + "4f9a363e5b01d21913d2d7cd6dfe8ae667a4b4b6c9e5c78bc2ccceed96697c8d48434e8f"
-                + "b6b44006eac75fd65ac755386c6263c77a27f12002bb829e611c14ace578c2c563bb5df4"
-                + "c3dea110a8684c617a0533ce3539b8da44f5faf6a43d14e7ce71a31537817590aea1aedb"
-                + "f74e1cb6b2b3caf6b9297437d9c0974ab78d286e1bf6e4d63553c0df68bc11c81c8edccf"
-                + "989e4440f3de37cfabb2e84605954835f89512055281aa2cc60bafcea2de151aad2045b9"
-                + "6c2fa77a2a2f1b95e13d088da1566567b7e5f24539988a27337b37c767b702970f4214f5"
-                + "4be7c195ce3a7057672f0a372a0a3bd28a4029cb86a0",
-            "01dd2f9b3a9e6b46a98da3f7dbeb4e6bc7fd9629403c30577e876f915fecb6b33450635c"
-                + "5e6fb308eaf1c7890e4761cabb79a373a4f7b67284a04330696a51015cd7cee070559cfc"
-                + "966dd65c9244382b4ef40da2f7a4d82d82583d95deeddb950014b74ed8618350f8303c32"
-                + "a0264b526e679570707c15d9f989773f62957e5aa1be13806c592b08807eb7781bd8ccab"
-                + "5766e56a2fb3458b67595d36f22e25adc0f0724fd0577af295ed997e1afb9013b0f94074"
-                + "0c1a2567e9cd78fcfa8743e8a5ccf170a3e4b4e56cc551a3a69762bd11cc981b65c65d79"
-                + "08086f8e07d0ec8ab44a58106f0d064fcdd0f98fae905f79629b2a76e502cee978c0eed9"
-                + "4facaf2cdc3eb06d350363287ba2771ce0dccce6bf7607238152301bf37567c8665b50da"
-                + "b15c62ce50a8a32743ef67d68ac95a9cc48e9d8b5e1651ce02d94ddfbe735a9820fa3570"
-                + "181fe11dd350151beecbf49fed2be0c3d3a83455a38440e71570e2385bf1dedf4e0d14b3"
-                + "f4139f78aa65b6e8f32a3bd5afdaec4037a819b29c57cf5a4ec4db5d5db9f9895fd5de15"
-                + "64b089d4de5a0553b0ad357d41ade477b42025d1833e38703803085965cc8b108ede6704"
-                + "d85d0aab7a332b6f2670e4e63a8b524e4f03ea1f813e26774d00b87237edc6b454a416da"
-                + "4e1b55436493ef16a9e8a80acdd218b48e7a7de565fae8c3eaa25b50c0a3e7bc4ebd28a4"
-                + "ef3c5ead159c1cbe08b028b11149a0e9e655bed09002f6bbc2a33dcc61406d452985c10e"
-                + "3f516c562978033872e0aaa31874d435d2181d7b256a9485d785f67275bc482ca7964a9f"
-                + "5e98bef74e3380e193129b6ab7276844397b8ecbf47225d0b8067cc1e51f1fee76fcf3dc"
-                + "f5144f70de7651bf7e7ddf0eaf2d4b0bc01b9b661af8559b6e4e2b56dfe1094f415ab359"
-                + "4ec171d9f23de1177598cb7f1b3934f84456b45b41622329d7ff0c8dc9582bd88253376f"
-                + "0675a702ef6897278647f39af7e936e9c887dd476c3b62ba4cbf5066e4a4bf4938491018"
-                + "0e948646b79059d52884c8a80450ed3c45cd785a041eef5722d04c8a675f22d06ea05627"
-                + "902e598048e013a4cec723874239ade00b0bd884c7bf7bfc5df2cc45ee859ccc4ca64565"
-                + "06b7d347b60ee1153e90e74a005310a303c7990d8e268816bdabacc26632b353419afe70"
-                + "53f0bf6de2dc900ab5b3e4d0d11a459a395b6ec9b02d634ace8df35257a7ff24f011ad39"
-                + "094864755a016cddfd6391d267dd7761015b055add9a3e7d20e415367666f5130a9df4ff"
-                + "0ed9b2e1da5a2ac922c54e18e56da2478576d9a36f6dd37c0b90729d5082033cd9bcabe6"
-                + "7aa5d0751af9686baf80b537e699b53f88a95f98d787fa1e46a0d71d048b31afb0255e7f"
-                + "39872bf42dc8a331df5557899bdce1d0f12e1ee5b80355fdc738438a56bd68a26617db53"
-                + "a0980d67469b4068e7a1727409ea8a50983a3394890f4891a9ac4e126bfecb8be5dc285a"
-                + "86f1f7715bc214e716c5094c5cbd79ccc01eafb11d51bd83069f2479a20c5c939f839976"
-                + "b0395bc939e161cc24feaa44df0ddb23ef22f1c2fd7312bd39bf87839ea59e794883245f"
-                + "a2b1ce8a811de6313ff9e060cc389d98d0fbfd926192eba49e92b4f5be7c5292f37e2ad0"
-                + "476f7645367bf99dbea078f1c88d39e11cbea2a581d74df841ba456f8132bff3e6e69ceb"
-                + "ac4308b4ced30a33b3156a105b4c340e7ede5e33bea00fc2aa37ad48f5581cd17e74781c"
-                + "2d746dd33a49abc9ed52b2ff020381eee04fd9babb0af875ed80944880456d0bc700a717"
-                + "543a068639f464f2558febb47ab52d1329e08ca4e7dbd8ae67cabb8088d6d669542c0eb0"
-                + "31287b6403dd20dd1e1b88aa0dd6709bd2c8bb51d026270e3da08df9bbd376615b403adf"
-                + "25b8cbf1144e15a02b6fedc043846ebc31f759b272699a867883391b33cbdeed53c04c7e"
-                + "b1298729f25f91482d09fc05fafa69b208b1625739ae3864adbb1e5953866876ba1e10cb"
-                + "f350420717bc22263706f2e33a7f8ab22e004e45ac10aa4a9c983e931f8d201985e7fd12"
-                + "a40235cda42e4f0e417f610bdab1871fc6624c2d527fb1f5eaebe75c576c4eb3ddbf7184"
-                + "4f81f28afb7c91eaff940f469f8c30fe89d3ae8c23c377defc0f98dceac6a4e6975cd03b"
-                + "95861fd1355ac8fa4318f3e2cdf5606a8dd04f38c27b7d8794faee39346b6376c43a2d2c"
-                + "62cf01c11650878cca2001c2ec1857338b7333c102d1f2a74fba8eb432c8065dd219a92f"
-                + "5f222857813eb4cc82058fb38d7baf00c45cfbfbaae0328cf9cd7ece7be2699d15971683"
-                + "edf4f21475b2feb215e4676bb1cadfe48054c7961eb016132d9538926db6138dc73ed3eb"
-                + "b6a4d797a8f267609c9448b199136a61deae6a114ac71221e04052c9d840a84a59db18bd"
-                + "2fe91492a923ec442452b571838c05f8a09649762450d9cabe8b273464b5ca95e8bc9545"
-                + "6a9bc9557e30613dc8d14368c98333cd77c0a33c816e93d79ed5a5e95bcb40f619db2733"
-                + "33210ce8723507f0daa465ab0e01a12ec46a0df57178796e10af04a00c251e96f84ed137"
-                + "e81af57b647b7712127f6e03aefeec8bac9995ac1f9bc737ce92ee12d97333d1b083503c"
-                + "be6d9783c708b0ed5b02312c1bfbbf4e32fde1d5cec9d8b2fecd8f4478874b8a7fb6147b"
-                + "3f74aa6dce7fe07040c1e2b7d3dfae37209f727969ce700cfbd2a9de4d85a3c79c641ab4"
-                + "7581a80d6d10fbf4180e9ba656f885a49e7ec2058af7797474ca244269036bfb51c148a2"
-                + "1bf1b4ba1464a69595cad7444b9b0bceb1181e1f9d543ce126cb707ea9991c98ae203daa"
-                + "a07d6f7bafae26db8c71ddcae1fbf0d00d52f22a7a11797fe24e62f6e43e8d9ef46e1be8"
-                + "69cfff5542053b12c3ba183cd8785880e32cf99e48309ffcdc3b792a9e031c18a5ef137f"
-                + "f378e36313c1dc239bdc8eb978cc724ba513ac40a0b27684138265bc6f37412c46f188b8"
-                + "fd2698a9626fbeb2bd7517e3c2fc52bce52e76ca73e02e2364d2b00136180514aeb81363"
-                + "ccf51e4ee1a17d2c5f8e57ed1f510764565edb06b53a6332d67ff0250703a7d199a2c12a"
-                + "44d06cc27d1fc9b6d11bc3aebb153a032764f1a0bd664600e595e2c274b86b4247dbd182"
-                + "700f65910ad1b07df8e7097887269c1a8731f8489433ea83df61a800dc48d0eea8a00a12"
-                + "e3f1f31c155a7ac75bf39f7b4ab92bf3697a53062c9d8ee5a3510da10d8704858589a26b"
-                + "c64b2af69234a595e3725e838cac046cbc06fb80372f7e47afbb2468cf6dbd44ce2b3304"
-                + "b7b815d7ca8222966094d23ea394c1ee58e0fe88bb1a8d75f4de0575df43a2a9489d095c"
-                + "ba97a138e7b7f811e325cbeeacef1c75cb97d6141ed825b3963334635a1ea04cac48faa7"
-                + "6b016ee95227f090dde64f3d26ece554fc17bb20f212e7035ad243fcb1ae2d08ecb47fa3"
-                + "eafa000a30985688838c2d2bbaa46111db8bc0a4811af01a07e3b6596304e21a09bd3997"
-                + "86b38790c1a62c4cd1be5808e1869a794b899c9cec46a3503a06f5d3cd9a17788c7147d1"
-                + "b9ab562bf6d947c8458a215792e9b8fb0fc407b08bb176ad3383720cc9be5fead4956cc8"
-                + "3304f8f168183d5b15c56101011d716d92ed230a4b4f74e9f1f2193587bd8f99a8dc6ca9"
-                + "5d95c568bfadca8207e4aa0b59bb95dadf3992c26690959cad69928a4ed827339dd26614"
-                + "3f85cff2559e8b14c8db0f71b61416184277227cb45bb0d4f7af04556c64b08751103c1f"
-                + "f5d1256454349579df44fdee0b6c1af59cc73632528d11c7a3103292901cc248bf73c1a7"
-                + "eb623a5ebc6036673aaf95a7c8589df6402d81993ec97fdd2086999d8dc15e3d99113b27"
-                + "a8422d9084c77060261395ec1dad38f3f18f6bc688bc6fb4b3b442932ce7727be7130921"
-                + "f9adf5d177358686bcfa854e90683d0ad37c413bb52cf70375eda43a3cee589a3e84c65c"
-                + "bf4aec088d4d585c3665e12b37b5be0c0afcd0bc52faf10a7c853e93fe1d9bfba68dd4cf"
-                + "98fe0d5d8dcac15797ed172d8692343e8bf79195e0e5879ce468c604ce9ff765ba6c86c1"
-                + "653cdf3dec8d06442665bdacf55835f9c832d4ed06135f3d41d7ee8cd770dda6646a7a7e"
-                + "f5189a237600d3964e5a728824417588405e63283f97ebeb17fe49f64b253c18743d6794"
-                + "6ee18ef5ff96f1e3c55a165dd8f373464449464c447318b6bc95f2efcb15d1a627cca17c"
-                + "68cb0e3d7efaa38cf66fd562cecd3c63cbee3fbd462e281e1aa2bcd775931e88e9918447"
-                + "85af12d7d327a7383ff6bdde4f91ad31c9af84e153b9a0d0028f01c8a8d478a8d0bab543"
-                + "1e4c535b5251bcd9bd2f3d2fe6e2263e433979e867ad2f35c836d813e083487de56e9522"
-                + "d201c6c6570a94113b760b9bbcbc95bfe3de92344076ca89ce80b0f32fd26ebed3f47a50"
-                + "27e6b8aeb40c82c4affeceaec24b6f7993ab89dcbf7cfb83fecc211dff0cc0115b2af6a3"
-                + "0049e7b97d211a271def8f6925d146c43cc21db3e6942274c2bbff786be3ce85f292b8be"
-                + "a2830f9d052ce67c4decb39ca3c051b1bb004579aa4497b582e76b81168222918c9ae0df"
-                + "ecdbeda50d9674783cb50df55df4729d436697932f51f878db57e62b612f0bf631674096"
-                + "e0c7988695f8f6ffad459cc305263fd38604290d57127f8f0533305423a793c992230dda"
-                + "9d122a97c974c3d60a96b039189633bbcaecf3db47bf6c39742ddaa37e0ab91a281d2119"
-                + "57b3c0f9738ec90e2785202a9023b494f42480be4e81299cc75e2d560415378646cbb2d3"
-                + "641ed73a8b886c8909b13819aedd540b46ac97abea7e87dc122a1da614eaad8163f16dbe"
-                + "e37bb881ef1fd4cd0287316f130b5cfd65028cf2f7ef9f4ba7d15afc3192444afea93c35"
-                + "542309892d98208f61998684768a11fc771a3c7dfd544fc81a5c33352f01f763d920ba28"
-                + "7d7f3e3c57ec6b7ef78467e2efea39fc7dfe0a1b3d706751e157b0e183fdbc1c6684793c"
-                + "64d9bc8b5bb74ba345aa4b003a230923b648a21bf046df84e0075659f6b2d08f4cdbfa2e"
-                + "3b4088d00d49c6a3dde69fbebb909ff55f80bbf0f22846678481c013e0e851ef6323b176"
-                + "dea50e629d622b5c3f88c9fb161a34fb0a4da1358b0fbcad268f4f71ad6e294dd468fcc7"
-                + "f574f2087a748d34b416ba2002ccf3ebddfc45942fb8577def9624ddf80e880ace925d4b"
-                + "2c24e4bc64d34fec4b6fcbb093e3325b25360369a97efe4d76eb919f14466b2d421aab0c"
-                + "6bf49813c7a16633750439ec5fe14f39f4c86fdc47b0edc5480ab32e81e3f289d16206c6"
-                + "c8d496736792c6aeb3b5e5cd8c02454542300a6c03ff56cb0905b98834e082095b0728e9"
-                + "ff9519e5158759a329155bfb19760c1ad8c2d6260100e58cee0f1ac78e3ee3ff5bd104dd"
-                + "96ec6a690ea34785f0005c5637c3c3d0ccff229d8d1c444394f876a56a6385e03e502e3b"
-                + "5a0351d718fb4771f878020bec35c17860aa8566a7e7dffd63e1b25df90e0994721a41e0"
-                + "40c89f80c4bf131222e6d3d0371f67115d0fd446da933b31fde347d4d85b82bfc87f1e74"
-                + "2af9652a453f01d8849fee7705c9da3d5570aa4286a87f17ca27e748f8c114d160166176"
-                + "6a8b9c5c712102f747c66a8e1876406a26d9c3a9650684c8865de060dead429ec278e302"
-                + "cd2de2f103faa7ad31acdfd4ae3d3083bcc94f611247fcf6b53b6d5c4b4c0a1b527e84d0"
-                + "171315c1ea8247575fe6b0774b7e006f4bf3cecb09600e2cdc59b0d33b2445065d5778f6"
-                + "48077ce17a736993a15c2fb3c1c6d1e7f697081858ce2e8df63a6be0d0923ddc9daebed2"
-                + "2990477e09d57c18566d7f7bd43779c3bd14345121cd0be58c32774dc85a75d42686111c"
-                + "438908b982071424719999fb5088e05ff90035dcd69140a1289a1fd3bdd58d95a026ae16"
-                + "de49cb35c379fad7d38e730f2555ed790bd6a8e6e93ccaf74c5be15e95e0c352279ce9f7"
-                + "c814afecaf2560d93e169b3aa58ba4bf3d9ffce11c72b8ca98b38ee3c06d1ab4c633de55"
-                + "22f94efffc43e06cb090e119b76eb568cf15471c4701b68f426b19ae24a5917edbf1a4a1"
-                + "b0c583673b0ff7f98be901f17001f8aebb609850051799674f079d4397627fc65e5d3059"
-                + "0592d5d337c91f713607d47324f95d32955861b5aa1c6a9789ef75c412f27173891e26a4"
-                + "d418bdcfa3b6fc9adfd53db14d74885f3c4ca234f48fee094fe220d795d693ff44f2c2d0"
-                + "56a19d489951214bbf6b68604edc2bb3e7f8e1e871f5dcead73a9e4d452b8861b93db30e"
-                + "e372e11afd64fc40426ad84c439ad3eb66313d14917434857a4e14d6d51127d8180126cd"
-                + "c2a35c1ba658b5e4a953ef304eaa3500386c07678eed85a934458d469ba8b48ef4ccdfb8"
-                + "65181fc087686fd2949374e2eb5dbc1518437b2f60c2c0061619afe3db0b4e6bdee6ba39"
-                + "66b67160180baaf2ba58fde0d1f0631375f028daa91a63d87b37513c9173d74440de4ea9"
-                + "6dbdf332d67cf462cc532dba85f9bea52816f53c47d0aaeba206b32f21bb157d571f17ec"
-                + "bbdf5ddd0499d34816fda112852963433524631620df12c6b264fb53003ace63fa23880e"
-                + "afdbb7cd71c6b31a0979f683982bcd570314ebafc646c32f715c033e7c628b91fa4ae244"
-                + "06df0bfb4cf48f98fc5fdfdcc65b2db6ebb2e19d6b5b26144beb035ba5198c8223306f53"
-                + "10da1ddaf5a469209e3f11d6250f5e66d1b408d2515ccda5c68b691c16c2bb78483806fb"
-                + "4c1714ae5ed569202414b2297816ef1cde61478b75e82328acc76687fe6453f97611f609"
-                + "ae23f1956dfc83d44eb397de1c62ee7e3e222e87a3aec0881f479c87266ebd64b0b7c0e2"
-                + "a50b8650599f031f546b84c3160a522dae2c8b2b49d0aca76eac937b58cc4d0e3e935961"
-                + "d072c94c63a3e11b39c3409a49f8e9f7d3edf83dcc538352a38a348d2cd01a78412be64c"
-                + "46a12f67e1d41d50b60227c37c8c0043f798c87800afc85892710336172c40aa01c69baa"
-                + "4a20305751de64f4c77c0e4cfe2a360c61aba9fb0cd40339b7db00d3dbce9b5838c4b435"
-                + "fee5f30531d0eecd695aedd7156365fe3af959e36f2aa040504503560019a0c16361c233"
-                + "cb8de21449fc851b59752a1e32537402c38550204144028feb4078c967557877b0ad6e6a"
-                + "dedbdc3b366cf1082e18d83f6b5615ceffd5359cb793c04b51afce3510e55333bf3c5833"
-                + "28a2485a7a0ad65f64fc88cb40902e02ef437e112e3d0d54a27d2d08390bcbc62abfbf1d"
-                + "ab8ffd98f954de815218ea92c9cd9c93bf82d50cd1dbcf2d5cc07c21c126e93d67c95674"
-                + "31bec659e54cf95c2ce95a5a692f746a3778bf30986970697beb52a250179dffe83809ba"
-                + "2278fdb1ddca4b57b0a316d9982d62a85e3d33ad38ce7f47f9f397266c064fcc2ee39623"
-                + "e67faf48877821922e2676caa147a364d1c22d5643c38876ab1753b53ad37d25893bd20e"
-                + "294971ffa528e16cf742abc3702780dcc01f949583f3437ba10bedd1a98be015bb17673e"
-                + "ec5d40469c9ad1558e688fe5439f3943040ed37d8d1e21cb32a7e56edc06b83cd2d4a563"
-                + "fc142ccefd9590905240bacb9a552d6b777f8295737fe91f55c90540195d8f89777b9e07"
-                + "935e248fa7fcb7c2066bf748934b4bfc12f4d7d95a628984d27215bd5a477175347d0c90"
-                + "378e01d8497dad86558d45f8a458e96db26e35454e7e9002e47354d859ec45d5643969d9"
-                + "4dfa8e0a74bb9457576c096135fae2b81efb054b7a75f856b87a43c6806d76fe2327a0ab"
-                + "e2d42ce4855c2cf6b2b3fdd43cffb28d41a719d24e72162752139bb1ab00fcb6d28038c2"
-                + "994e7b8e8ac6730399b7acdc47bded773bd2cc15e60ce06601b21455bb4c0e8ecd02116c"
-                + "6d8403f43ebc2017fa421cc2863391be4d2a8fb545fdaafe6f80d7743157f3bd68ffb3dd"
-                + "3a82c7a08d29f5fe19d657d7495f3f7aed07a67444f2fd863c1af0d399de5bc3a71c1e6a"
-                + "211df69be3088fcd73998435a63611618ac4445ebb99f5df5daf02b45ee585c62ade53de"
-                + "945f3fd73d26c094aa1c3f0d0b19b0273ab3f0eb3d8a21639e4e7d6e99f63039639804c0"
-                + "bb014b1e6a83a522b274eaaf5f8d1921eb88720809d04a8fe91e241e2c030185b151e4fa"
-                + "56cd52aa2490b3891410f503646e362162fe619e942dee9d8fb11b601dae644bfa894c80"
-                + "9cf205a58fa4ac7ce5e472a05668f696240cf81acc7be6a1ed1934dbeed1e6fa50f41685"
-                + "e413a6e22768169644be1e2419e78ab0922d502934c5aef5a9212252c4c0bd46ebddade4"
-                + "02dffe970d8aecc535a102b5e8a01b1689f96e5cff5b9adb9104d88a7d55c8a694eccef5"
-                + "0dd58a662686a4e76e8724c133363a46e0cdbce85cde10adc415c1329fe366139fbb6e47"
-                + "fb3b37dc6bd030067d0eaca26d16ab22a8b2592f08bcc0451f3b848fd58576091e914881"
-                + "b82efeb0c57f85541f26e38f8e611f733e3b4bfbb02fde7fc43ddc05144be25e32108bbf"
-                + "90631f3b4e88c5df91fca2ab63db007eae705cb2e20b6039758f5478dadaa955d985c674"
-                + "44f8cadefee4d7929ee5109a6ba149ae48f166631848a2f1617bb1bc0e88da0308f8b2d6"
-                + "abb6c8a0c6f4dec77558477a85f207516b01d12ef9890506211e6d116d8ebb17c85b9e80"
-                + "23f3e56659d046f410fc4091a5a37214f551cc04f4f093c5f4284e441dbb8e7f96aa8be3"
-                + "9c40fc9332c3e7be5f9cad90320d018028d1df0554b92ee92268307f905d43362ba5702b"
-                + "074e6b213e604656cd7d7d57ab6a9ac0c4a9c9fbf0df4355ca75a0bd314933ffcd04ce8a"
-                + "9fa812a78ddfffbbd8240610a55f9a59222ed6a00d159c388783c07f1fee79a77abbbb02"
-                + "649128acf21abed0ad0fd8f3ede2c52b5316082429ba473b331a27c6db7e34c0bb81385c"
-                + "10e623d7e5865a8d3565547b3619621edf06d2b58b8b3d56c2dda975fedd0fbbb76f2dd6"
-                + "da507b4a04b13c8bdcbe00e987c2355711a47113bf7ff9de8fcc75f852b1939f858e9158"
-                + "ddace967bbadf9ad04ace7d93cefe42473143c13a71c31ad0e95dbcd096e27699c9a969c"
-                + "f5d5856ac16b1dba553b68a8a13e243c62709cf9d14350ee92ff10a62be843dc894f8a90"
-                + "1b38882066a0acf23338da38eba33012e287e2cc0010d4f8d07364bc75815ae49b0e2094"
-                + "ae26f2af67b0502ca11041b051de6f631aeb9c7105074db5562560ba830a2070d4a596fb"
-                + "b30632f221f59af16fbb017bc87427ceb24c5e1f6696ea423b98dd632db93f00c16d0b80"
-                + "211bd9a49edb23b79f039296aa6e0a8db61d9dadb06644e335670b0e74f51f786ab889df"
-                + "bc2e329f214efd9b26a97b45987bffc81ba39084aaefdede24903ac6a77cab13438b8c89"
-                + "5e27213f0b183de71b558ce6e05a269bbdbff6934a11898501e803ce1f0286133cec3d09"
-                + "482fba75c0b26d73af5275139d460e3657ba019ad9f565ed1324ad62a8c1cdfe6f925318"
-                + "096a9708f2b17ddc3503f86baadfa6d75725b4f54cfa34c714a4311ee5f1928505724665"
-                + "715ecb8836b4a5314192f490844658f7352568e83cd02125e7c589807f01aecbc8e33c38"
-                + "a19587f3c03db1daca9690ab6f806a096956b132b4f2d0074723563c7fd789dae10314b1"
-                + "4cd9de8a0a78d196651cd9bcf97cb840e6893a8cabe4aa5b0eb2c74b885ab7a64bec0b4e"
-                + "18219143fc1a59529b954adcc6082a199fe2e48395e21c5ce5535c8f9bf3ef72d2f0f89b"
-                + "6e338e338b8856757019ca35ca017761020b98b61b8a513f2cbf0f2e29aa04502de69a7d"
-                + "2eb78fb828599a2c9d11bff59d539ee43316e68227fc66fa6dbb8cde0066b44ad77aaa94"
-                + "86a733e79b6de689e71c7a5f7497743a267cb0e5bcefa0b359e44e9f2ff0d9b447871fd2"
-                + "6983f188395355030f2d176f420a94caa5ba283e53cb40ab787a6160d4157e38f2904599"
-                + "f7429deb9006584c9b929eb99711c5087ba7443d36a9e2bd8d2415f495bc5194fa59f167"
-                + "73883e144f84ce8483c85b1a3120a15c82b7b83558c5ad244fa48bdd7790a6da5c117658"
-                + "91b5da14391575a9f533acd8e3bc5b72ec3ab18fa4b775802150652d0d710f0c8b03e638"
-                + "81b00037d26163f38d4fd2e49154ea7c8cef79c51432ee0a9bb561689aa252d7f49bfcce"
-                + "d83101bda4cbaf702b4d6dc6fc390b8657dfe2b8f36db4adfef7cef9b3760fd522f154f6"
-                + "8889d6cb04dc399223df40ebba5e40167ec60e6ebf0b75bebb0df2368c7c7003deb3c184"
-                + "1796ebc178aa8ad6a34601edf623054680465e9bbebea2b5d80e473f40459fee240a73ee"
-                + "58fde1883f2436951dbf83f24ef567582fbcec21e5b7d02471fa9cab4a7868862f746781"
-                + "df633fe91a6a2d31bba32667c9e2b92d7f806c4de8ccb1b565aa3b0db9d94fc0d9408ba4"
-                + "35c4a151d6a3eb8f7e30bc5489ee34dac617f1d446caf2e13e662aee6e16ae7354773d1f"
-                + "5d5aedafa5ef517186840e5ab906e9f564a479f45c75867e1d7fda7ffaf0fa29fd3e784f"
-                + "471b6ebc1a0f16208fc0c96ee886955acf40d8335def23cf48b9be02b14db0c8d515e959"
-                + "84173f11137d096ba01c58c0d6520dd553e1f6a46855980dccbf868b44cfdae37fabe9c2"
-                + "b1e0ca078ca2bbc6a1ea37615c1f141aca739a16665ef359a786a9c9c2533c763a441a1c"
-                + "77f4e58ef2b528a5a6ab21c2c88ce7dd85de0e6ce5ee3e71656ebf5a5b2cea07f35ccf87"
-                + "2a037af6013576a814561353a666f11ba298b0206247dfa5488212268e846a66d6e277be"
-                + "652c013134338f064ab008f6b943b9e95183f6d84c545e4c5c2340cc4513c28bc40a3bcc"
-                + "41eea5a779f8d5585fe65377283dd152710b80f363499668c2283f26b840ca8265e2adf0"
-                + "7416003a46d80e769c4dd8f786a5703d7efbf2549e61dbf71a9d722e7af8ed20e8f2446f"
-                + "e5879f2571758df53e66778991fb1f5fae534edd006eaab3548f70c7eb87573ddd934823"
-                + "5f3289cd452a6f3ffada397f1e787db77094e5c13f8be924de471863260dc54f8ca78400"
-                + "0fa5f88dacf2ee8e0d237a6dbfbc4d2eb67293e2c26dd07114f4dd99a64cdd3c91f0b998"
-                + "b52087409ca442e3e0784eab4f0f2f256aaed526579a97c3ff87c5724475463ca1171088"
-                + "79796b7b7ab903edd5ff82c1f14f371649c9bbcac5e32497cf9703032d5559045124880d"
-                + "9c246905c312b92993ac12f6f030bc90e6d309286509b06c3800c78157b708c0603e2be4"
-                + "8015dbe6956f3d83e940eb97e5939c0e3e2e2e7d2e657eeaee23d54f4d849fb8227cea5a"
-                + "3301355b7867790c4f54ed36a3e143e466d18e3f3e4ca8b092a5c8c8f9f226c4d636bfc7"
-                + "728e0c1d41d206669fb3dcb1aa19db6b56de01befff4c6227764a0e9aa1949469fea46ab"
-                + "56e5acf340af4ab62fb05cfd87c3893177b77a1296a94e7a7069a690d6a48fa6940a8b3c"
-                + "405564d0dfdd4b8ab56e29acaae09e2cefcb4276226f4a2fc664a61b5d4aa76d0e37626c"
-                + "93edf16ed86b474779b9b33beb49db1b211d17244d23408adecdbf8aabf2152bd3b51f21"
-                + "50ca5542205965c4610d2571d5f566635529e755fd4b1a4aa033007a5f9676694fed2e6d"
-                + "c71ced63be0c39e3beb237da3b7f1463691942ede74158e2c03bb8c13580a609769bf082"
-                + "ad9256f385b131e2eec5cbde0ce761ba1db2d45bcf7b9ceffb2a488073b10c7ae01717f7"
-                + "6efbab5e3a57cdfc45e582e2a61fa23e889a9b80ea31951ab9d0cd185f98404324f55a04"
-                + "295050bb6859778fdd9ee5ec1306d8bd3e97a4b5249e2add51836da186b6f43c7bd00da3"
-                + "4d3032dad4dd6983f40adb7433b9b738b37ae3b1797273ccc8553a0429216fb803059b21"
-                + "a73173e87438b90f01450cb7066a630ba34f5a4fac6f565e95d1627285a38a3f4a295802"
-                + "0f636e5e1c2c9dae1c8bd2dfc5f94606fc8c197719ecaa5c809215dcf64d02fa0e544f57"
-                + "5666b9ad3072d93c076cc60bbdab9990c49732241bfc2c2655a2ba4eca53985a89a99549"
-                + "7e2c9a63ddbc7c292ac1d766e6dcd5d6b22ff967113a279ab42694bf7a01ea8df30eab75"
-                + "11edb677452a844a90608cc99445db0c1d0a3e32da45245dc7e51eba883fbbde7e7a3317"
-                + "567995d7a079d2773ae79f3d65d6e15aa7b317481bd16ec25e8a903dbc643504532b0624"
-                + "0206557be7629f6cc793a7278d1bb209a2222368e33c3315532dc2e3418ac5b660249620"
-                + "e31e8ebd7d2404ffd9111ee4b8f7fbf58b048b3bd68f2c5cf5e2cf759a69dce3dc4162cc"
-                + "1a722d94dba16cb81c511f686220f92e3d78f2018c85f35b21b0057c9dde2cafee32977f"
-                + "707719c42902aeec54ca6a909477958c2740083f1c84f923b1a539c7b6232c5898b248af"
-                + "67a5763c07dd934574af80e2e67043b7f03877d65a864182439644fc6d08a5ab7679283f"
-                + "72d0941033ace6e57b7088ec3e74f1d20c23f030879782b10e26ed41816be1bafee4089c"
-                + "3ecb1e363033f9e5e374967b94bd9d069844286164cb7c2e437f412c52456bb17446e07c"
-                + "d74fbf4d1dc1122c84a5a8204567b341313ea565957bf7741036ac7f77f4fcb51a070fbd"
-                + "1a72d27215f00b53a3eb228c8af66bf172d9ddd251a181d4e7427e231a3e0a655da22f25"
-                + "2baf974f79cf913f11c7f81e9b8b8e35c4b2485212d43c8b5828e8eaa2ec6c5f9af29c95"
-                + "876b360bb0f900bfdcb03b7665f3ce6d1b5e34b835dda0cb2b8e6799b07c1e5a3764bddb"
-                + "1d075309d4907e61e52e049fa57d365bc52a14b252e54d90ed79eaf83e6736f66787767b"
-                + "8fa6f7e583931581bf5dd115e7c47fbf9a625d9f0ce7bb817dafa9cce669056f2c11e003"
-                + "2624908c93811570f2c245ba61f6abcc15793420869c62a448ccc372ff0c0e98e528e71f"
-                + "d791e37464395e071ce23f6699fcf4a79f4c7ffbc341b8e950da3675094a7386693384ec"
-                + "6aeb71faaeea14e973888acde8f46be1b77184ce546570c9b6e07612c7c6e846c4803880"
-                + "0b433c6bfd1ea8d250958d2c78daf0ad8b4c4efd85cab7600fca914a22fc2735ba3b7768"
-                + "825e54f20f06a500c31d8ca2a557ca209c2324deca382b27cdf9b4b7d0ea21ed164cd900"
-                + "3971a7de731726d7db35b3ed7daeedf8ab151e484504158cb2eb090644de8309f837bd8e"
-                + "f5a633253a75fed6399b880e911513ee8b3bf56251ea548150eb0ca77fcbefba3b41bbf8"
-                + "68a97f0a5097466bb4963b24580640ec08fa10f666ee3591d9232606ec2e2e06a48fa6d1"
-                + "484eaaef5e7d64b8df9aa4aee033d5353de9e9053e6ceb9e1e59a4786169eaba14ad6be4"
-                + "97f62053e6b15bbf749c3fd5289efecf4cad5e451ac16e1e082cc9114cfe31835c25b764"
-                + "a5f0b6c66a6e3d59603e3a503bdaff870ce3b8fb4a014d6e8dc7eb066a7f8ff0c077680f"
-                + "cccc09e03069c3ae99b05aeebba06b54590810e11c7109ee420a7b4da2e3cfc18aad0d3c"
-                + "ca9faff93a1006d022a4da3f0799a85dcbc79d4cdbaf8d07996e2189a4a37768791a2b15"
-                + "a0d77afa56d0d12b1addfd49952cb7035832925b46859b3a726cd5b6da895ddf6b797799"
-                + "2eb9abd78746c6c4d034de1857408db162b0eaa521a4d8bc56323d67ce85735571fbfb83"
-                + "0a76ac93154764596cfdeaf6a9eb37df0394e324c7896b328a349251f415dae7dab73df1"
-                + "c4b4c443db8afe5b8e56706982fa5843bb77460d8a229808aa085b07b0aeb4301bb21301"
-                + "3db1a8ae76ee41edf189a9410c4de5fccca29d85e6fd6037d9a430837fff1c80c03f6b3b"
-                + "455a83c983b6289dd10ba05825f0b99b688c8abacd5eaa40bb104daecb06ed65ba25996f"
-                + "cbf0d545cd1c1f24361920fd8dedfa893a45fc7c7ab3a0ff3d29857c77d4af963033bf6e"
-                + "d5b3a14938654acf74743b597d01f25c31aa32c271945a46149fbdd819be1142ed959bb2"
-                + "f1f26c84219fa07e128b8aebd029efbab1a8962415928fce48f53cee74e8b0fc871ee49d"
-                + "52fffceec0a3182809332ca125a59893f540b693226816d9df294bbf8b470cc4e25f9ece"
-                + "111da040524329318bed4bb09ba07f77334f23e4334e23e2de9f3f34813ee2ea68b983ea"
-                + "aaccafa0e3d92e8ae4d507793d13a548cf6a25ed7524dca9c702c6fb68e97b3880861dac"
-                + "03a9ca1b63d5a7decb15e91958c7eaa8406291f39b4eae652d3ee22bb8ed9d2a9be9c97f"
-                + "393c5cf335d5b7775733df6f9adedff0e882a52f04079418fe0869157576e4f18cc7abcf"
-                + "a7fbc84629801b4b54af4dc3c2a9e475b5b4b2ab305ee0da237073df4e59ad3f11656912"
-                + "f3ae92574c07d41853244e91da13c98fd574c83fdde2b62a3e5a84d8904df8a21347ffcf"
-                + "9e1d3bf96c5d25c12087ef94977b91fbe6486d6efe219b5939a587643ebba464258d2ff9"
-                + "1e34225182a3f8281d43244860d740693ef88013982f41b4f8d4c971fda2b2386a84afaa"
-                + "37c5357f6555aaaf03b5e85878d917961eda027dc339e621e7852b143f0616f91fc7cf60"
-                + "cc178a1abd95b5303f4dc6bccfc32302f5c6c8b1ae6e4a532f2647394b720a233d5eb863"
-                + "bbd4eb9e74be2f802f7daaa9f76cfc1d9d0ddd675d3bb790673105b4acc2c9a6f2e95f2a"
-                + "d01a42eb63480f6a37b716cc76a24627e56b3d48ae79d858b03e1d31cecdaa95aaf96822"
-                + "bf355dad141d51b5e65d8d93e4623e1b0e459d005e4516539ddbb80bfad45306f7079f1d"
-                + "52aec4535af26ffdb3c1f49e4b436b3e98dbee3d5eeb89b97d9eea318f903d291d286cf3"
-                + "3eb88af7b7deecea0a0ae844142aad00a5cb6dd020cd5fa1adf890d21936a6c7add54005"
-                + "778e720e8002fce5ff01e891b97f00459d6e5c7995ba785b3300ec6dc65e90c5e0bb3f76"
-                + "abaad636e0e89fd8818a4dc647dd146b3f6b0a1c953c4cd9a8c98dfc502a733b0d8baacd"
-                + "9faab6dfcbfee2c82aba9bd0fa3922a8d8bf56979a460e63733c4834929d2c9d452e8b4e"
-                + "2e362a67ffacd43136a1086f3b1b1a91ef67b6f317b6b78a3d1f6d3c635444064faeb218"
-                + "3d591d0d042ab38ae354ef382bb44f8f97cdc3e02292d0e02ffd5111b39467570dcd5d75"
-                + "29ee20dbc33ad51cc9bee34767d9ccd642e846a896883cb79a9073b57f7bd72a3d23c2b9"
-                + "b98de0834d9a6b650ae902c1511276880a6265c5dca59423bb3079b593df17ee4b04cec8"
-                + "aaa44251ddbe150eb9e54a193d3164054c74674f037a7448d51bbd693cff4c42d160fcdf"
-                + "a9400ef8d6bd6647eb586306aa19e3d94979ed8a539f6a75cb5bf6942c9a22db8f752b6a"
-                + "743602ea946373eb0f6cf22c12851a56a6977b35a1334a1350cb4822c6b12de1d785a231"
-                + "9146e479d71fdde15958faae8a73f8cb2650818becc765d79250ff1f07a3c87005d035bd"
-                + "cc959a62aedd59d26a29f23a580a98af17e8c80ded13d12acb47ef78ca7b4d36e426afff"
-                + "a7c3a75724330e1d41be5a9e829ec1c284c50197210b3053a3241dbfbe737a906c4f4263"
-                + "66c6417693ea6c118bf699297bfeec84738acc3bbc26da53f6e102c1c1d3d688c732882b"
-                + "4f9a363e5b01d21913d2d7cd6dfe8ae667a4b4b6c9e5c78bc2ccceed96697c8d48434e8f"
-                + "b6b44006eac75fd65ac755386c6263c77a27f12002bb829e611c14ace578c2c563bb5df4"
-                + "c3dea110a8684c617a0533ce3539b8da44f5faf6a43d14e7ce71a31537817590aea1aedb"
-                + "f74e1cb6b2b3caf6b9297437d9c0974ab78d286e1bf6e4d63553c0df68bc11c81c8edccf"
-                + "989e4440f3de37cfabb2e84605954835f89512055281aa2cc60bafcea2de151aad2045b9"
-                + "6c2fa77a2a2f1b95e13d088da1566567b7e5f24539988a27337b37c767b702970f4214f5"
-                + "4be7c195ce3a7057672f0a372a0a3bd28a4029cb86a0",
-            "028de6552b83e136db31735a58f0ea3f8c39292ef79f24f3992401fc3e6d318a8c5a592a"
-                + "e5eaf0afb562a40ae39a2bbc29e76e194b841ca535a2585b1246cddcc715a7147112a72a"
-                + "530de4bf95b38910e2ba305b225614dbe868930e65b6d27639754ec9f5a97a37844bd5c9"
-                + "07779b32df0ef7dc5a42bf3b282f3cc3c13d73a9fbf1cd982c692df8d8a11fdd893ab923"
-                + "e0353360fc62ea5241baa68d686df794b3676a93380d963cb939aff9498cd9a60d7c4310"
-                + "44a3c49cc232114c8f23c38df8f1a876d39e2ca168589257315946edf9cf5b59f5cad21f"
-                + "99092c4a601836c70bd845276c7d5d08b8237c3a9180fd1053f60cdb8c0eb595e087e0b9"
-                + "e9a229917c74598967c48e665ede8053a978d96fbf3965fe597c08dc1f780b32ecb482e3"
-                + "8e0550a4d964fe2197abc9473075a8a83b2a901ba07b08c0f4964fe7f391d4717f7eb026"
-                + "28ef408033ed34ccae77f976fd00ab83d3b2561325b6b60e270f2c284a0080d29bdab05f"
-                + "e411d66aeaeb22cbebf9ee12a74a22f59448ce49b82de84b391277e61483a82e8a164ce4"
-                + "684360ac641f24e057c54ea65a19bc42b6477e871ff2cee37e42a6e2781da60387babc1a"
-                + "a1acdf99f51e0eae0004c9577d7b16e9a58426c2c73ec199509ff85740023538d1fbced2"
-                + "11c3f48aee7e0d5150a173c24dfbdf3cfaf4c16ef5f76b05b0fae7372cc0ed64a9d4b3de"
-                + "1199c9061f8c968a2fefa7e6eb04669d6ef88316c511617e8de4350a507dc337a725c3c7"
-                + "c605f1b829235ab9599b4a8aaa96408e3a76ea29988047fa25bdb25da193bdf019f16fbf"
-                + "6c6370bcb01e74127060b826335e7068879f636b359ed3de1c10676991c1cc9862893866"
-                + "139f0acbabe69b362bd4277962d567d19ceb42180c112c129771c46ed3ad810e1f73589a"
-                + "a9205e9898d82c9f26b3535301917cd0e8afa6a2b33763d3d5cde2b5ae2023b5bf257585"
-                + "7951398809dfc1b21d99aa492c223cb3b95991ddad59848318b4aa93685158ebab5529c4"
-                + "d2adcb55a4230e4d4b1206cc06f88f307d49a7e06590cd98b9cbf09ac1808ccbfb7d84bc"
-                + "0e779363df9b6e76ba60f5df8346f037669d4d59b19784223ec42db03dd76ea79aac36e2"
-                + "51a20a486fb629aa7576d5f34327564f3162e38691087b9465fb1dea92829375ccfd63db"
-                + "377825da9545d43101d85cc8cc5f559e82d57702c8c454eca11f172e657935ce269f4b2a"
-                + "86cfe028be25a8bea615a1f8768c7d770eb8d7813cacaf4258d3baec0f83c257249bd214"
-                + "f8572e69a3dbe92503b41d2cc873eea3e68eb649bbb609f5d22cf0450311efd92cd1d533"
-                + "dd27b92e79d4cb958a58a5792ddc710b094c80ce6cdb5f6c53dbd1ee4db9a14cd8a9d7d9"
-                + "5b213611fdb5706135c1c1adace4ffefc61a471abc08cd97f87b0a5609b3a41a788afba2"
-                + "53c5e75807be357efef9f39992cc1c978c38d8904b028b85d98371abff01037076f401ce"
-                + "63014354b11d0992abf65b46f525a14980d31e50f539289243e48a0e20725e81bbcc6683"
-                + "22d40c617c4ddece75dd571ea47cb13fdfe71ab55431ae55a0553b4db069427e5385352d"
-                + "ed2d43551f0dc6b62194c66f9a9350bab90a9155786e962f9f1783156e43cd52a049a7af"
-                + "6febd130e355867ab96060eabec3e9fd54b0409177c0c9de6d9f08fc52439f8b3e63f901"
-                + "78ddceb96976efbf56964536c87477f395db5cb0dc259170c01a8acdc80eedfedb0c1338"
-                + "4d2fb6b095ed528ef1fccf8f9cf2d040220d502828b677053c40a7b5138275c85aeaacc4"
-                + "e4ed3434c72acdb4076af2006dbe5557ba3a08c0a3a0270a0046a616565aa3cb69912b2f"
-                + "c1808369f45b3a9e5a1d90651a02c8c8072c40565dd294f86e9b53c301acc1ce5a19d49d"
-                + "caa6b5feb0ee046e06442431deed4dcd1eb184884d4d09bc1aee883e476f48cca3897297"
-                + "f3aecbab4bb2b98e9b542deca28deee98d0cefe17e313b5ae362e05ba4dd2110022525ac"
-                + "1f6bc3631bf2626662313ff9c698da06b036f987c943b3c0629a9de9b029221fd3982aa8"
-                + "2455fda07a2efc5871716d5bff85943d9f61a29c705afb729c9976b8f5a165267ce5783e"
-                + "b600ca1e1ed19a70ad47a98812048cda0bacda753a55339b9b411a44e2694b026e33035a"
-                + "a90232d9dae1ce06e8996785666bc4b6a82b9fe4fef1c1930ebedea590f8e1c1d82d25f1"
-                + "718b21a1e40fcdc931a2e911f1a0bc4895ed0bcc5987c8e58f12243bfaff873a11004d06"
-                + "4013c3e6c9306f06d78a0a260d7d0f008a7a3cb24fb14e9fb8f699f80a76d846662dcd12"
-                + "4a4cfe6ba2b39d08e6005119d50b82975e4041ce82448ed43bcb4263721280a07e446192"
-                + "1fb3f85d89f64db6630087f39d49eefea0671bedac17f2cd299dfeb9e7b307ede46c64fc"
-                + "6449c6e100cae977c34c0b79ab3f6fb89de4c9f4d12d6ac38fb7fb5b0150aa17138c2271"
-                + "7a099c8eb9246ecd6f9864c5932576560bdb9d436ab4f85befd00c42eb33f8083edeaaed"
-                + "e0d7626fa21191f17b2d29ffbf4cff4fdf83cc6361c4c59d6e23731f8684c608e0c2833d"
-                + "c2bcc3f1c2e335e9998b5fb85301bfcbf6a9d5bb4d7521735ef93afdc89ce4ce64f8f236"
-                + "5656d07969846d81c32b18c52655477c0d9fd996ca0c38f1173e1c776497722e74900ed2"
-                + "a0bbee050d14a6aacbbfeb8244f62eb3a438ddeff474ad6157b9b87af9730835aa3d39de"
-                + "834ae35a90846ed2aded25a98595b1319a5a7d68d632ded46cd390f21ccf9f47ad308ed2"
-                + "6e719703584d1cad159b017ba03b7a437b61c50019084a9bbbf546752fd6f14f28320603"
-                + "f6f1e2d8adfcbcbcd99d49419e9d6d862ca87b897d18cd53c3aa3ef0612f49edf3f5a2e6"
-                + "4d828b5ea9547274c5c4b61e09903e7942fe8f2bac74df96fe1072089bcb651ccd06a478"
-                + "438dc911f3a9f4d20c212cee27005767cf85eba9c790f484e03a177bed24a8db6c394f90"
-                + "222313535847518bebd9a27a22097d1f7d86732437cd5e6b7ef4f9745a01accad6e6809f"
-                + "94c95ae10f28da707c81ce9206b2e61e5f6fb6a7a199e042b2de99c259eaabc35f9c9f39"
-                + "ccb36684084ad105eaf74930a2439090b3e8c80e8c5ff631c9b36d32498d4946bedde9ce"
-                + "59dd929b48519ca6cc6eb36b489bbb39a649fb0f9504f68bb54096b3f8514ac1fb81b51c"
-                + "5bbcfa290b221a4ca065098eed104adde8e6f7a7c91fe6abb51f715e115bf121f25635bf"
-                + "e695a898de21c9d4f7d5604104ecd7fdbff317f7e769033f4dbe7663923b4a6c8c909c80"
-                + "7d2a1320bffa3314f40686b582dd82088681503fe91687d3d6e27d47cff720a29380176c"
-                + "1659b65559ef0afc37a914daf56c083671ef8668e06241369656656f916cb4e74459513b"
-                + "a7c0cdaf099ad6cb8ae5cb765419036886cbd7be1b394a845126e3a58f6c25063bd06198"
-                + "772ac2a536cbf8aaabe69b906836dfcdd5427e18189379dfb235a57d27be2a2de2190469"
-                + "b9df11a0be6452fc7187ec1ee5faf70a9b8ccf921255040f53c6b1c5fc31bf48aed2675c"
-                + "ce010d58c8b9067ece86c6a218a982d89411de3b4aab867c42b616d994ee50c3644b222a"
-                + "3e89c4f0d265de338e1c59c07be186139858c33146f95091ce41a88d79ebcf54ff6f4e98"
-                + "3ca2146b8f5dd62807b697f767bd3289795dedeb74f9bb361ac904a35c131a3e038307c0"
-                + "3802f93e9e7cb6fb5fc84571608af4939304e02fa3a884350a4d211cc3f62f3cdb1eb36d"
-                + "3e1e974110fac593153cff215a3b25c4f75c56ad7c92b1e4b14a0db4b27d780ee4eafe15"
-                + "3818775e208789c92706bb1994ded148e1858f20b97916edd21af5fc370a4238b971043c"
-                + "527d61527bc12fd86bdf99d393378cafd62ac57c3e8702990126e609928867dfb0e15060"
-                + "9be9f3cbbe22d15f77b6a72b05fdeda94af4bf531d726b0f90e652f9839f87576064282b"
-                + "3b44cbc9316d8ee5862c430feb936d89ef95b6ba3d29a9636e8508b130e88a563007517e"
-                + "f335fb6dbd3f0c382b011107fb4e59b673be6e3a36947e6940a4602b06d2161b12b94b7f"
-                + "8f0098fec17580ba843b0eda44a67b429f37ef19b056135c58f7630a140de52f70485957"
-                + "ddaebf4b9c73b535c7fd40243dfc620bddfb9f47b7b4f12cfb22c5d0028ba6a04c1c2754"
-                + "797737f4be2617de02fc92c283680740630fbcde2a77b1dd23ceb3b6b0d8473d8e03c222"
-                + "ef97c6008fb56a0661a6d1d2b040e54896b06fb5c3675869bda6a09718eee0ac77e0519b"
-                + "0461e9a1ea7b754869af7dfedc584d10449a3bdf3b95d4cb0e03f9eb48e3b1dca628fdc0"
-                + "a3c2cb3859d4ee4866450252604184ca08569375371725d6d14629a9df79670539a625f4"
-                + "ef39c2efdb54f8555926e18651a10b5280e25a94b5b93bbabdb3fbca8d697b74ecc8d15f"
-                + "5224af8ce1331d4c77552d9316ab05ff191fb2bc8323c7f1a5a49e8a16b9aa9413604a79"
-                + "41712e2a908f2adb4ccfdd0327584dd6c723a88e497da890489c4c2c36860f999cfd95f5"
-                + "a2f6ae99ec4174def7f36f3f877eac6fe6c74087372c8f936d161a2927199aa3918d3a2f"
-                + "c3f639139eeecc9cf58b61984f11b3e35a42de10eb88cd42843077962a1d50368613f1c4"
-                + "fc98b8ad20b7ed423feeb445aa54ea3b919a2afbf19f115c19c676ff33c8323419f4c292"
-                + "81a44066587e53045a94d2bf93248bd0a9b87d4eaaf3ac9eda29416b947696e25486f2b7"
-                + "0922fb34234aafed17d75ee3d61c70215e69662d1033010cbcd791cf5576fbb3a155f4bf"
-                + "6477632f7163f306c5e19c2b181d47e04a53d29f62c0087a23f9bdff588ef598dedca29b"
-                + "adc4f9cc7b17294129e217584303bc70a08ad9a5e5786a370dfec05b707c75ceedf2d035"
-                + "c677436a091466a3faf8699bba63f333e5398f8fb0a6a15630b2ab3ec084155d33a46b79"
-                + "51167d0ddd5350fd89fbae466ff9cb280192d015f956ca8b27907c7823c1f7e42ca321b9"
-                + "7c5b2e9e346ab008acdf8a5035232fbc6b0849ac620ea0f673630e1ad5929e237363eb14"
-                + "be422345e392cc5dc2948e4582bdf1e707970b021a026a40ddec7abd0e1bfe4d91f4b1d7"
-                + "b4987864d6a19182128c5864b234e22019eba178df05508840a724e08bb8ce83d4fd5516"
-                + "ef77ef2e5c82f8ba50e53bf4ede0400bdf4f7ea0a71409057a98f07084926778ef6d44ed"
-                + "be31fe2abdf0c18497e936e7aef40c62bb00389cadc533d138b792b978b2194d0538d0bc"
-                + "81f4b53db8d30fac0d7200187bc6ff06fa30da7848b1ff504dfc44ddee1fbdf1405a51f9"
-                + "515ea832ef7b20d3c28cc0ee0b1281f44798c8e0f2582056c925efd7ade4201a45f04087"
-                + "5eb5f1394109304805a3351e49b431a8e36b563d93d81db8f2658a1850bba23e01e3926b"
-                + "4762d92eeb11e31e6c0a716500cd285b2d5de1f96e3ea5b9e7d7534ce2c5e2ded8f43ea3"
-                + "641a1c2e2624fbf7cead517168a9e3b17bf7c797f0aa5e379e74e714d0f17b9d42f52539"
-                + "1b205755c841189e2aa1522714784064a0b8dae587993f904681bc832fcd99cef9acdb7b"
-                + "dd09015000a584a39dbe73878b9f0cc0d4d468b3d37cb5326c0492e54faccd96d5c22ca7"
-                + "d88fe6ad2a1b751ee7248d45fe79df967e8297a0f41fc278fa6f68ecf3b83b0756c7b50a"
-                + "e6265599997449095f6cc9916ffe6a2896e50e06dc4b0b3bd30617019b4fbc72b8af9394"
-                + "166c275a554abbfea02b8d75f50bbda22b5e5440cd8e2b94dc74418ce0481b8a2a9ef7e3"
-                + "6d4da37f2a1b4546e081dd1fe870f16172a7e1ff8af70ff31ed86b555ccaf6fdacfe28bd"
-                + "bf03e3b65134b7f855f9b82738e9506a46b5acc67c03fc0d10a8719e3db057b0eb08e05a"
-                + "33de1b1348c90296dce4ef155a325a99ffe6748d31bb44ce010cc585b618b23267cf637d"
-                + "128fb154d5184891f1a3564e9098a4335192dc472185c43b8a6019fef385618a8701f554"
-                + "cc4bb5b3148b72ca8cf855c0b43bcce4a4caded4ef349b7e9d6c8122b622a4bb1ba924d9"
-                + "dfc956e8020600e81561770212e8ae88379e617dea3186133b8cfc5d0700f83eeb49ede7"
-                + "71b7abafa0bc521d3deaf8d0ae4f39e818eb2f81f5200e7e5284301fc0074429eedb9849"
-                + "0168321d35ec66573de1cfe6262efd081adbd38a15de3cb6630f3f7573fd5a6abbf713e6"
-                + "f4661a18f2f24b5d2623c21443b7df1578c216de1563ab6b9f336cb2ddca8ad25abd2092"
-                + "96f6d0cb5f6a31103acbaaa03def743152b307148cf3512c7f9dd73553eef9c3ebe8afe9"
-                + "14588b4f8758c002af50de21532ccd5334cc54f667ab219ce2f33e9e74c19fd4c6bf3400"
-                + "f6243c160989acf899001f25be8c4fe9f07d00cbe12c1106d9208ce35203f69c480ada37"
-                + "8bfc9cb1d594b08072d1e7513f378bd5f9e63452fa1fc24383a54b43501238bc5bd18e26"
-                + "d05a85743ff819277f2db2ac2ef334b380dd02caf93bde7bd0b21c7c6d5993613bf96a98"
-                + "b900799ad7af1bc35697a577716882f5eebc401519643391259962b8736a1a2ebf7211e5"
-                + "6a5f64d55652f5e6d3ec6c935dae35f8e1aeec35e107f03fc5b6954ffb7bfed94ecb7c34"
-                + "61743436f8149c9e236a3c99ac05fc9d9539f3b3dd01b837c0880e75aa81ebcad5e1547b"
-                + "f9238bd733fea88af5a4a512fe68348c111f1beb08d634c604244d5fdfbc41c5dee448e8"
-                + "d2d0b1d636dc36404080627c45b8bb99f1440bf59e78234a0925b868787787aab0c0264e"
-                + "257747f7b08dc5bea6527adcdbae9d4296241b459c84a9bba22322f65bef658331ef0290"
-                + "bbf6c94890499f094d2f8abc23b201a50a81584c36d819a5fc8de9a3a1069f3e324ea3da"
-                + "97282157192cf42e99ad6af8d22a55d9fb13458195178e90fc9d180c7eefec1c7e78b007"
-                + "51c95f74073ec83b3155521ae6663ac3c9fb0ac646e35e3e10933c8a044796fdb75656aa"
-                + "b3ab4a5fa4a0d30eacc31da672f4c9f08a1dd34ffe51e6c954e9203dde766d0301db1757"
-                + "96ee6fb835708c6d836113e6e4ff40357f1a4186062c127124de0c89d5f726849a0d7f2e"
-                + "c7a397053febe5d19b38df1558b7fdc3b30a817016869b92b02ef81826908e4f313b499b"
-                + "1af66ad485b91f6bc1c50150327908fb7e2591152a3e18d17622a026012a616e33b54431"
-                + "2442797fdb42a54eeb88b61b17ad0572f02138470bfe18907dea0b30c41a65f1840cf340"
-                + "1ce41bf0e356dd4477d1b675f944cd17c823404270b76015191ae91f2eadee2fd0d05a07"
-                + "2d0d40b16931b9bbbd4d245f3c78000e3074a97f6b78c4477fb1bb40e8cd7b3fca65dbf0"
-                + "74704eba70b3090a2c292d8d5470ee355272a7203b047ca686fc4be6c65993ee11bb72c4"
-                + "672d94f40477a4d1dd36b771a4fe8803aa5961a2c7a9f77e9a4cdada37ff724e7992226b"
-                + "52de7495e0a505e84b638632be13bfab4421e11df0e7eb22e4c1512f972cd9982f52b508"
-                + "d7fa56bd4894ca67cafbb305caf686fe046be936ebdb99772ee68e8a612a4ce8d4d96f1e"
-                + "209c1ae03ea84153435e250de928503b7ff478aae74818665d7c64f96fbac8996c8369c6"
-                + "553f5c91340f98db47f41025c32336ceac70f5b713ee78a993d0eb15da54e55fa7b19649"
-                + "fdf115e20f770268751e0accb8de5af351c708d6ede259810d6586ef9c4d5ef04aa29685"
-                + "a3499d01ad532a781ca773af5e7499c6c409df418e3be271507ef63c46bc30673e14e50e"
-                + "d0f0d65a31fac3cbd5c73c0d66fa40bd4e55df54e4410a93caec29c78c5da94dc98628cb"
-                + "e26579269d76badaf5012a4c3737c8e0adc4575fb01dfeb0f1620b07232c03906125a0c8"
-                + "0718d9e9489e5aa8d459d9d284d49995f4c2b54a5c1db2cdf32bff2278ad1f247701aab4"
-                + "ec2cc244a88ab985443094081edc97a4275c2b67b764e1ddbc8a5094a5feb7f8c36dfa77"
-                + "bd661406689f60a7ca51ebe107b65a3d23170e6b705718d452ee69de2bed8b731b757253"
-                + "ebbbc465f1d928a6a74501dd81650e64c5fa1eecf2812856d7535624acce076250d23080"
-                + "0b1286183e91adeb41ef18d7b8bd9e43997676ba87ef61c14fb8cda6289eb1ffb158687d"
-                + "8dc869dc7f0c17cad34e6a4c3e4ddbd52d94b281830e405b609cfc47b69cc32bec309546"
-                + "dca47191fa1fc447607f2367d87ab33d5c0d88952ecc501e038236412c4f2bfa14180576"
-                + "6e6378bf1a40dc5db95fa300ac455e39ddb4938d28f22243c83ba5b05d1821126623bc7b"
-                + "da81df89f70bee28372e78a2b4f5e8bc2bd033327796ab6f25757de1f90bcd852cc1789c"
-                + "f4195463d83fb8a221baa258a4d8d884e557da0f37db6be8edaff4f585097d740564a400"
-                + "a64d060ffe2e94eca3f2c3484f5c5d649092672d7593e4402d2b42662cea65de6d291f66"
-                + "629fdbb9256bdf7537510080e17186135f2609605955fb3573d3fd1899b7358b91e5e70e"
-                + "d27f72dd779e153df6942f2eff0b57b71b9badbf75c585bc45970e3cc5e22c5da83615ca"
-                + "e553d59a066127bbbd490ccf52d1938d201ae12d8b7b97c754af65227dc518c1f0143ea9"
-                + "6f7b8db769170ff65fa15f102095664f6cee14e4b6886c1ac0dd03fdbde355b845183fdb"
-                + "3186b4824a74a657faa4ab7c86969825316b5e8044fc6e3e16898095b92b598b7bd20aa6"
-                + "6bdb70eb9e0c520fd89af2fca7ad65347e4cd480c609d167236c7347306e4e8636efd575"
-                + "6683a7a5fa7deec6b6c2cf0784e07898d22abc0c89357f315108cce33d8f0003e05c53bd"
-                + "b0fe673c55a25a8966e3843fb40dd5ed9169d519a4d83542e0a12a41fb9c0ec090df9407"
-                + "11a44cf4de84510fb66efbb5e7886f726d5b9539032a08d12d730528c786fa01d43490b8"
-                + "4acd99ba4c7ce8a1a5d9eba86125b297deb681ea7bd11a08c113087f7549b7e999ff7991"
-                + "84464f45c76caacf978a069c400884851bf734d97ac7a4381cb6be627575cd2135daf67a"
-                + "385bef686c342cad601a4354190aa3ae3caff33c764522b39a4eccbf7ffc2e67dff6459c"
-                + "8a10c235167b4ad4a70d9fe2815cbcfdc4dd303d0b37c6af62c9c0ffaae74dda5dd34995"
-                + "9b816f23efe5b993d30b6922885614ea33d34e15ee5254a852a15ea6c63f050075ad7f8b"
-                + "70cfef19d8b799a6536e3bb2d3ac2b9e67bf6b335c026a1bbf22c8383a7624c5dc97dd94"
-                + "4a3d3295fa3545739cb41496d880e8889e611025c03dd38c3f5779d4a9aa4e4b299231a6"
-                + "e2ce9983e18b30f4fcd4c84f5de461041acaa8fec0750dec1215231e63d520eb9092f121"
-                + "0180a3f97c2bf20219637cdb34feb5ea2ece17e0a16855e602ee494956a1965d0ce2cb44"
-                + "ee5ca7e2b4bae46ee9f4521140bd1d90c3a3510861b392d3ef902d1dd6b8698930356c88"
-                + "b9c9ea2209e5dacc48c409c5f1a4858544fe2ab35d9279a68627e965150d74b13cb220ec"
-                + "134a3acccc47925b9bc62dca979207d489e18582233f4d18febcec1cfaf69d703506f85a"
-                + "a5230accdd04080e700b78950e1d08a60709eb150a991adb9792be2ffc5b6b173a4b9086"
-                + "eef861f7d808120409d0ff76302ea42d9841eb3ac93b90159306e74bfd6372d2e0ad1092"
-                + "e42ba5256733da428d20eb9e42688d87013fd24eaac1f812b9f812fa591642b879182ae5"
-                + "4bdbb4c3fabd4cd2c7476ab3aada0d7c1867aab5b191d4632c67b3764688a4d8bb05aa49"
-                + "4b3eff086b759926404e5dc5cb96c688b87f66adda7169066f157b6a2331134bd551b128"
-                + "7d84c42b40173a0e81c50afb0815dbd5cf416f0090523b00194aad5acaaf06de0b003736"
-                + "38eac4efc7e45bda4a03dae71c8cd2eb9a4cdf7562181cd7308813e217ffd427c30115a2"
-                + "8604ebc1d05ac09678de01231f4c2051ae04b22c721415ff181af5dc5832aae4ecf72116"
-                + "fa2a144b08a47162ff178213165bf494f988f9f476d38d33c7a5881abb2094546796e411"
-                + "0892f9b36e60870f54c607eb8622e17a0da7c6513ba16254b41f90286506fd15248d149f"
-                + "ee19dbd8143b7a5c1b6979b749b32c537a3602463e1895b8b4bd71c845dbc4ee37fae482"
-                + "5e7d085b82b7769c2943761bf30541aa9d49493de74389c17704062ccb72ebdb1bf5afa0"
-                + "cabcffae8d9d5e33abe3619a948e60de163084723c881a315efca301eee2596015ecc1a2"
-                + "ddf6f9500e899228a177c61df945321860c48e03fa4654487b1e9a0fd76631ccf6ba77f7"
-                + "4fbcd4c82d1229683644ecee743f323ab34fe43f757aca147f06e64f51b0af623bfe92e1"
-                + "c7a518be1c371dcc14702301b4b9a1ae11336ec700d678422d670629ed13ded8ea4f5563"
-                + "9d1ed183110169107644b4118cefcb3000085a56f69b375eda4097f4498e9a56e97484b8"
-                + "900a5ee81d37e8270e01ad4149b0924f37140eacee17330a12d5355e43684d1c315edc76"
-                + "6295bea0fafa982ff6949d73f60b8bdd8631f9c51ed1fd689c9cc816e0a97f9b5ce8215e"
-                + "bcfe053e394755d0fde1c36fdaffc6cb734a67c95c67a09a78840de30f6beb0a64baa335"
-                + "1ea9cea12c1a95f1c7fa931fde769873e383ccbd254598051b766497f6ce8a3d7e7fc32e"
-                + "ad2aaf1f07ca55e1b1c64fd83730308c9924f8128f96c100a60b0f96649d2448f5c09e7f"
-                + "b1757530d2fda883fe329477049340c2178a7f8edcf57103a291b0468ae363800bc0209f"
-                + "d2ab5ceac81aaf9efee7c06af19567ad6b277e368e2576f04e329734f6fc5fba3111dc74"
-                + "7025f245ccdb541d8630194092475421de4fa0300702e2df210818f0aea39c36b0e0d654"
-                + "14cd514609561b26a4e7579d7d2096433ab549cc8c8438835f9f47118552e08f1a6b414d"
-                + "51e38c9d0348ad0f5fd38b834c0f26d835d4df70cf9500da3f78bb42377918296ef2ec81"
-                + "4c38f273e0609f0ba1f0d6cb6573e6620009a467626c7b7b41d12454bfa396bf7af88711"
-                + "b1ae1484df3df7c8a654697cf39b92c73b4a963fe941fa77b169f71fd4361f847ff951da"
-                + "10b7886061b0b5cc29fc93498ae668b7122b92fc6a64a8b36605251aa947bfbd4eb11a10"
-                + "d0e14f3bc62b8b4d4d6ea96fb0c33b6075e71a89fe390c537e63ff15ec9ea6d3bf4ecef6"
-                + "58cc0b793e3c4c2e0b07f6e7d984231eb27ab7ba77767ea9393d827262fd862c62fc3be4"
-                + "20739a9e48a73e1d21aa4f2d04fb0a2df2272d388911a8a6c457bd2ef86cad97e91203f7"
-                + "3d32334e2a25b1039f229a74faf02e51207aed3f4a3424b7538c3ca4f359a312243a6ff8"
-                + "40543dddd730d13a79eb2ce187d8d7e4e0df02a5721914520404457acc529a8b32946332"
-                + "da5d1dd943b32608293cad0312289fa603ea13c90b07425393be66816f0068f46eeec699"
-                + "125e446b521ad429b4314d4fb48d54896b3fc54e5a8682426fe09d0f371f56edf7737fe1"
-                + "844c2ea56ecb4e1560215f67da20b57a352bfe61408cafefd4327260ee27c8cc17931536"
-                + "8325d4ecbbd7077a69f9a5a793dbbd43e99d3ba6ede439ad2699230a5b7247166c8f23f4"
-                + "65b0831075ea0cf3319843f294a68c3eb5428d18edb9db480261550fcd602abc82e81558"
-                + "17df3bcc7a27da23f396f75fee8f04c925471381e2af11e0994ae2f37255f04df087a38a"
-                + "63f8fc6d254c64c4b8c2c361a19c3e7cf55850746e81814f8be6abb1882e37876b3a2dd6"
-                + "5f1be873ee5a4286a87e5674ada8a6835001777e0ec8cb4a6cc5397b3fdf304ca7b44d94"
-                + "acfa9db204460f80df0fe29cdcefc3a291e0b2b3bfb82a508ca774f7a0186b35798843c7"
-                + "6fb78bedb9629ed95fe342d68c80a6a404a53e040af129ba9251557f00596d3ea41fc235"
-                + "2b5e6f876bce685fd986eadab794b1f7053ce5a365c198da730cd694287bf0a087539c9f"
-                + "f1190f0ca7db74ccf8e7779f21b244efd7068dd6ad2b74553e8c4f49f16f65ef686348cc"
-                + "1bc17442cb3541931b7193b7715e87f07f955ba2e5ffb42e0ef8804e9296a3522dbc1c11"
-                + "db9eafe2a09e7430a00c09038e6bdfe7338da64de6bd508a9d4443e417e7d72db42bba1c"
-                + "29c791c979c0c3b7bc7ec11f840d382932f1098644a5fee47132d178622d17a34a593a25"
-                + "a319a4741f47b421f584e77942d18a7fcfd13fc66e90b190b1aed180c1301d8f126067e6"
-                + "cbdfb84d6ac9ff301c9e27ba27aa8dee8b74a6d23de64043f1e4eedc6d4ad1329b5e4647"
-                + "9591c83820e79b313c9dcb74fa78f2efc46554bac072e8fe4f28bb7dd04857a9e8a05175"
-                + "33d8ecc9b3887602918a8c565de2cd71fb7efa24e7a52847bcadd9be9141088c17cbad41"
-                + "8395679d946a76ff6b8af1f279c1a150d8a77f04b8e96750d1df6372b21152ec6d38ca8d"
-                + "5717dd4aed631503b6317852c4e9e1d8315142844632448a5300854b18f011b579978e2b"
-                + "4d255e6dadca6589289b142e76aee830c1818abb5bd977e065349a4a97290d0cd36f3427"
-                + "75e5604d08b1b58bf05595cbda5cc8d92453b0bf01f37c235a3b4f79ff30102ae8233d9d"
-                + "c60dbe67be424e183aed1595ac004d488035964d84f1deea00afe83ce4c959aa7d5e0052"
-                + "ebdd5a8d6d9503bbf5ada1dd38ee93308797f68dfac50ecaca81e5c8fad9fc488d9398bb"
-                + "f0031e63da258897c8e5375128fec5f91550a17d1c912f79ed0a9af60527fe2347ebf6f5"
-                + "5277e495e82d777c4baa19108adae8ba851395b8e2b4670721eb81d42315ae0f83a05ef1"
-                + "6c7a127d809be67de91c269b5e9008c37028a4e1c25224ba91f9552926dd180ae36367e6"
-                + "54b98d2019561dad9d3f03e7dd844793ec6f88ebf1257766da1906dd22d8a6160140fefa"
-                + "392610cf0869f132ab263c6b3c4f486fc5da399026d1852191c66d9fdadbfb997567dff5"
-                + "d52a8a28c3fa71b06186e8e2a55f764949165bdd5f8f4ff5195781c63ee737dce59cc643"
-                + "76e822f7b79a81d6779657090796f92347a3610b369ef281ada03e9fdf193a4dabc07299"
-                + "fbf5a2b0f6546843a6b5a7160cd991a1b40ccfab81f866e7d0ac937fa892d887f8615581"
-                + "44d1a0f79412f9a3953e637becb2e8ce7c5cfb22ae079e67fcf31638a139c0544fb279f1"
-                + "f554708123227c9eec14c933fa99c9b9302d7c60d2c3213e43964742dba721fcfa58c506"
-                + "f5c8df01dbed51405a9f1e93ff449fa6ef8f23ac9f89ffaa6d37eb09ee1701324799b656"
-                + "b713838142970777214871d5c763e4f0a3a5b1168a6d616f6e5479856fb3a5c798105f52"
-                + "5b532fb2858eef040c5426360e6dd5493d9e803a3fbc7cc24ef180725cc36267139812bb"
-                + "8e18d741493fde485a9b3db3f245927e836bb2c6fb95cbe549e787fff9bca888d8db51b5"
-                + "43b33999f49d7dc2e8b20cee59291eb5c5091a403aef17abe5358700d4368bc135b35ab9"
-                + "d7a5077ba571067e775b8be222ae968124174a86adbb357f1623e288c114e77a87c1af4c"
-                + "8e23344b10f879d48a7383eba4d363d2697321fc9eef3f9889b8f252b05764904841c837"
-                + "e400f6ba4cdea406090d56e085c486455dcb69cb7b2770808c2207bb50fe5cce6e9a9b50"
-                + "ab698f1ab77fc2cb7378d05460a649750536a0527dcc399b359fcdd2a9b93993ec1af024"
-                + "ec734d54f1827d705f754bcc5a4b8a0f1df86e0df57f29cfd332967a1a202a8964686e16"
-                + "17429c7b4eb6c5bbeefcb68059028d78fe283669a412dff2d651cebfcd6046a4350813f2"
-                + "01fe000bc988bdf6ac33c866111c70a010c432b5f54ea48a712ce244eec83d0ead83304f"
-                + "0c6b0162af07c44d4ea0769bbd5cf2b6857c38aa692a300290784d0582f3f739c581ae25"
-                + "54c590dd87660403fcce4df0f0a6622bfc3dd3fdce255380cc5e960c468335a69711da18"
-                + "d707c84e94b3dc77f1ecb55cf7f41da3fa009851319d9dcd7e83663f6bebff140a97bf7a"
-                + "2ecb6533257e1b6a1263708caa68200c4229c3ecb03616ae6606536fc26748c3b6890920"
-                + "4a837a0d7bc3371f6dabffdc0f238d63d929e46e6173beaa730051b6c12dfaa146a43946"
-                + "1e7a990e8dfbdfe08f79c81ea468234a43fa4d89784da1f1b87675f4a9c9ab5ea6b2985f"
-                + "3b8466fddc3a3bc26de8725080a26c85f420ed6ce46c303ba3dbd86805b7e2e007d1244c"
-                + "6c4f6a29549b053cfba0e0d00b0d6f18c8b5f5f9145b412469c84d7bbe28de69d009e11c"
-                + "66a7851cb46235a61972c42dedb064b93de58a2644627a650dc16c30704e780502742b81"
-                + "6661629fd19a898621bd2267cfd0caca65e291cf580f0afe8bc3f236c040db175940bf8c"
-                + "8d7483ce748f036871c087df3b2f982a28cd4b4d5f3f6b7da0dcc405770588ab09abf0b9"
-                + "87a699545c0d9ea51c51e2c4eb81d1fec6f98f38a4c41719c4bec0a681f90e3367ea7e8b"
-                + "fcc523155c98e3af0a855faba28b158f011fb2c99e5966e4652361e5370e2f0745202ece"
-                + "f16ad544d27061d29bf3e51f0ddb4da2da8d00570855bb889e24002dbe9d29f93e6d9348"
-                + "7226636892a1c6503020d7c56e21c1d904b0f70043ea401f05384db81b5155955b7c9044"
-                + "af10410bb29f0bf90e108b3cdd5bc00a1674474ab5870810c59711692f579b66d9a7463d"
-                + "9153edd9f2a1810253855ae75639520588f65c24bedb8c5bbf478fd176c7deb9d3683def"
-                + "e5d636bdbc1806a1f083ea71d64b1cd39c4f45c97bdf0a945f71df3b875196712650ad24"
-                + "e86f6387cc872cda22ffa218a99aa329ca170b44c7ffb3dc6b51a4fe192c501eb9cfe931"
-                + "690b14ff9e593ab9d81d67091c21a549323bf719c501c5d3471beb1dc0d31959baf91abc"
-                + "e216b213bacc3614dcf247ee76b3fde5c347dc3c3e40fa9fa31431d14d9d0b7533d9a155"
-                + "7ef7698b47a5fe5936431848417e90bc28108095de735bb165791c12b33868e2bb7cecad"
-                + "95c770ab90c92b4ca84c76c59eb5837186c379570a4054b0404f0df61e61312b2d0aab3b"
-                + "e939e8b581178b000a794735f2a39dcb0f232bff7baffd427823a6341af81d8359900562"
-                + "18fb628f72bd53cb83e2580ca4eeedaa0f904e902f0e60ab3fffac10cfe1fc09971f7b18"
-                + "ab467bdf0be77f7f314421a9918647ecc2eb45927562ab8c66cfd3b24b27558b2e71cf3c"
-                + "f521d81e178e07a355928e9f943f98e1b319cff9bd6aea16b94fb9695227dd46c9274217"
-                + "3ebb2bd63ed1231c57313a188a1ca5a1318aeaf925a3117d58ebf9654c0eb24d8f4b50b9"
-                + "2f00bf8f29b3559c1b6f233af6e61cc3fe3888ececd535299b2b5ff975925a253b291019"
-                + "0656e0e5866ed51646291a5182bab9878e1d620316bd664bd95205b3aa360d7dddb10cd3"
-                + "d360e15dccb3986258ceca8d5181c1862b92931a5682d527ea47364974c5a357877acdd2"
-                + "9f1589a30a0b4132cd1986fbc01d987784cc1d22ed1143bc02e84aabc569ee8f63a875b1"
-                + "a0f5a3412665ea2e01745e8c5ffb275e8374c88883e21ac05c02d2489e9362b771de1ebb"
-                + "14cc6b5f7574cdcb4b1b8676296837cf8aa7b1afbc294d416a6b931430e9457358394bfb"
-                + "56e6726211e008150321fd6d8a3f6b2a9626e9e0bd92a6665f66c1176e2cabb0fd672de1"
-                + "65d0d01c18515b78db38cfb171e3cc8cc6c8467b772c85fd26d283744d0094bb6745a920"
-                + "d972d33162baaa8906ab6e90bffbf0174ba3a557629da19fb71bece63cef94a71de2014a"
-                + "3fa2035c2893382229e725802a6e798d7862142caca8a2e177c676fcfa20b627d3ea4f81"
-                + "bafbc12f88bda9e89a19e7f9d235e1b05e182b437a19e9772afa959aa257ebf9399b1fbe"
-                + "c88ae8168f11fa65b2a98f4e1b7c6df6d1e27519f5e7b23e7537579b5eb9f052113659dc"
-                + "602cb013a3b7a7c9e60bfda8dba5a8488f300bed3bbe9a4cb7efbf37b387fcea41eb8586"
-                + "4ca2192c10eb1c47201fdaf2f493267d285d82a1bad6",
-            "03208790dd4a7fa1b1d28a71622db4d9c619bb2a9a7464176cdf74fd4e2cbdf23a5c8ee5"
-                + "c49b4c2f7b9cd6ce9f41018f60ca1751d8c3678d0804075999340edd9f386d06c1cfffa9"
-                + "90e81fd3f6d9c464b238a3fac707c740a3648f60754d7cf404e4e2a334ffbddf9db6acd4"
-                + "3a14013472648ce61c6fd37dedff025b725ccc78521c9aff2642a17358bd628186eed036"
-                + "62f9bff62a413e9fff7bdd4b269aeecec34441dfcb44855c444b7ff8d59524af0b59ee25"
-                + "538518b224933503bf86849288ff387b1fb6c5c7f9391bf163e159b4979ade1e419fc7c1"
-                + "9e05be265ab6e9531dcfe9518b3e1220dfca9e5559ce05cdea4a70cad14eeab42ff11164"
-                + "1dd82a21e840707409047f4d1c904e9f22b28c8972f2106b366c45917b3b3538a0b1e925"
-                + "2ab2d5d3f7b4fa408d3e8ad510539055805a9cca3352eb8256ecb5cfbc05d8771fc55e8c"
-                + "8fbec7d242a2296c90dfa1d7e484be4fdb26cc27b0fdf2d3295cf9c259eec0db756e2e98"
-                + "d83d96d1913942cadcf2bd9f367ae14bdd5153ff84aee00f9617b20ee584f6d962d97b60"
-                + "439805fc1b5c4ee93b5e3ad422e8529a7462fe40709de559115e1a09feecc82d0bada613"
-                + "be56a3671f7ae9b84a2d468718f77c6bf1c3c20e7c9bae4a4fbaa37c919ffd40bbfb4026"
-                + "ddd40dd7bb9e536b23e7eae56d56a27a42214fb2819e82e8a16ca451885a55395f6eae63"
-                + "7c62d73e53cfc7c6a4ae12928134501f422edea0e2af4cf3fd9de014dfce198b34b4d6fa"
-                + "b7e4eb90acc2e40ab6030086e09fade8b53c4b15fe80e327e6c54070fee9cb4f77413463"
-                + "0e0c1b03d4b03083885788cff249c17597ce56ee74c5e03b5d7ecc2bf100f480b68c2123"
-                + "0d4f1932acc8635e001ea351319ce2f3f428bb42159cfcaaa65a9207b5367c00e2a8751d"
-                + "993349868e1765658f0e12e92cb79dc93f10ebcf30fb7057c7314f928e8494f8ab49f4ee"
-                + "25e158d8a0292ce3e06b939668e11cebcd460e6d0c90f45c6a8486fda1ddd7dec3af2d9c"
-                + "4a3d84a8c0c9e8d57f177b6982e645c903bc4a3d3a858ab298de4444cdcd7b6a8ee3c504"
-                + "a40b1113e7c9fe75a9877000e34b8f448e69871462622d67832d9e8f062a6e9d4b39441c"
-                + "06af8402bc1060f4ec15d73a6bd2f0c797813a5ab6406778323a5b248f0044031170d8fe"
-                + "c4ac9621c03a75410939025d42308db6898e82caac170a15a5c8a19af27f338f750df2c8"
-                + "cf822dd5f1f103be19cb58e61645f4fd754ff6dacff67b045980937b2b332f3b957414a7"
-                + "9d70df39e0811788c7a18e6830f4e5c5f05d79cbe4603c3929c505e226fa0fd03134a038"
-                + "36fbc7c2decbc41f5a9ebe4c3c33de7b4288fb364b3e4ebe72b79ddfde42658784bba26a"
-                + "a9b6e0108c1319a6e0bc87c2821e8cfdaffcf7a3fb350b7bbbf79e48993227c8b9bec8ff"
-                + "9dc2b7d7a349f20f8058e63de8374c4ac670951a9ee7ff15f4cbb7d6ad6c8e296b1e3830"
-                + "090dd48805ea3cc50dceff8080edc778b45f6d07f056d386ca9bc0f7e5b875d0b577f2b9"
-                + "7f8c5466d1f92d501dae49e3cf20c313c3a9e0e8d383a0046b0c35fa768ced57838be0fb"
-                + "289312f6db13f3be2965ec4cd4e1c3562bdbfd21a81cffd353ded065cf07c07b1feb9fea"
-                + "26156b77148638eb4960e1436ebdb4b9b00a3986ea86d243853e8a78b590d70d37f1c37f"
-                + "721687a26d99f6633a3177484a6701a0d62756e2000627dddf87a581fcf44fd21b1601a9"
-                + "9352ee4e414d3085512022bf695919eab97845889d232b4dfbc1d6e79d7cbaa670426533"
-                + "63fc47d202e380f24a5fb19124dab43b8225f6814994bf9effe76b823c28c33874873d10"
-                + "4f83e60778baa7ca5317879127677a3cd9045b1ab95a52bbebb63a20b1c132823561c1e6"
-                + "b71b15239349e15807888551a21996d5a2857d28cea48bb36bbe6c7a2577e8eefbc89f98"
-                + "3afc3f41a7dd29a060f24d80585ddeca6fe1cd24df4af0a0ea7fabd83747b5244ed05f90"
-                + "c5e5c8334c2a0b238e85550ddbc0168fa49e7e616e4d21157810b7f409e2fff79ebc1a0a"
-                + "07c105b2c75f2358a1240430e67c70078eb63b8df8cb572530e306c909c064232e23594f"
-                + "1c74e4e1104ce515de8b374002f8fecee12653132b134eb1584c36d2e4110c51bfe70bf0"
-                + "7e24ae024d17e29077f86790f1a16e465b5e07a3fbc8740b66a061293fbc681c0a255ad1"
-                + "deab590116a0b654dcc91f3f5ce172502463ec7ec9b89e9d525d442279d3fe71d63c4781"
-                + "fc39f1fcc0847ec47376eb565e9d1f4074ad8af5dfb55267022fef6555ef77a3decaa806"
-                + "0f94cb5202733c0f4fe0b7d16e2f68ca96eee1af31a8143d1671c008ab8150980acad5e2"
-                + "29abd8ead94bcaf949bee243e475d844c56c2a773fb0b8940b2473bae2295a1e280beba1"
-                + "b2018af12c172391768c65272caffe7b7264327d2cc58e058a2c4b058043f3cddcf5f1cf"
-                + "18bce4db04891175df0a4e4dd4598f705532c4e307cb9568a7fa86626fb8f0c1a47f8a2a"
-                + "b901419ae127d2cc3b82e46ddb174099dc9bf234eb49d0f7c054c2ac7051f163b4d0bf9d"
-                + "99c619e04f6a0f19715a41647661a74588a26ea78cd0d12ca1ecd335cf6ca84c51951c47"
-                + "6663179543af3b7b3d0329a87fe2c07d467ee11562e226f9096f62c40fe23803a850ed70"
-                + "e0dce12527c10876850bbd41b11048accf5bc02102add5136f6308353358d54d1fc2f5d3"
-                + "c8da06d0730c9f9e019b4cd70afa4fe964b0801f42b96a9049d200d0e0abcec0415af07f"
-                + "400dadbe7d11b2ea68bef4b33d4c8ece9c4913651384365d4072394d5c380f6665cbba44"
-                + "94a5bbbf77bffba41ac451a52364917b54267dd2859ef0df061023e91bfa7c41ac580456"
-                + "bb75d48f4b85c5bbbdeb75e3b6319cc3eefcd043d3d406a530bf4706add0d991a2850f85"
-                + "f91f5faae0fc64c4e165d626643136711f5ab8c302b9d34dd6ae14819dc7680e7d315199"
-                + "63ee5d5fe34220d2e34c012e27aa831b27d6cdf62e82eabd5347d2002694802a1d4568e1"
-                + "2a1d299279cd3d0dead1a71726eef58a6554129c3efdcdba4ece03c2564185d6acbd98cd"
-                + "1aeb3044a4b62a8c667ca50427cac84c48c201fb6b27117b9501896b62e63e660622a694"
-                + "9a8c7f879fea90b01db334625eb3bd709c4245bfb0b9214a885c4b63c88f1f61af7da1f8"
-                + "1c5f6f714e1b68abe2aca2c5c7bdc84e366f7928665c3b428350c8a1a3e272c8fe59b7ac"
-                + "1fe507f717df821ddfabdb0f8ddb4cb127480c2e92c1c8ffc360b7601665c901fafff944"
-                + "8495e69a8c265177ca0442c9ae7eb59a74ae190dd846ed49038eaadba282a32c8a06199b"
-                + "1bd03e007851a8c273f825d1c8adc9dded7d6cad75ea52cf6e3d4f68860ae3fd89971270"
-                + "e8eb2ba6f5bb5c6b68659aa3c8fdd0df5d9d2e279e6a1c4bfd4ba3baef599ef372287187"
-                + "589441f6b9ee870d716d240cee816abc659c1dc62f707479a32e802fdb9c9ef222a24c92"
-                + "cea9ef261aae42e6796b26836b99f7acf53c566f04c4505e919d2e827eff8592729f9fbb"
-                + "d02ceb5d865ee3a2a0e1a0a8b7edd601dd5cab09d15ab55332af6a593dc3f9cebf931239"
-                + "ff0525874c723c1006eac826c1d5f707a9013f433570b9c09c2d085dc06d287585f34678"
-                + "73f192206ac3aad489b10e453211ef9eb42a943f7686df1c83c645c9303a21b7ef9bdfcf"
-                + "cd7aa831b06d08426c0ea9a16577368b009a2c2871994fbfdb1a9ba66db667fb9ce84ba6"
-                + "2ef5969b2c6cc07a6803ed5952b8bce82edae2e5ca85e2eb98e1699c501f8e241a82b188"
-                + "8d7529d1adb6bc84f2f1fad9588f432fef2172632c08335d7bcfe34ee5d0eabb8750aa7c"
-                + "510064f389cbf6d56c149cdb3eced412d22ef17cee7dc043d4cd424d706fdd50176a1803"
-                + "73aa5582a80bfc3f5bbda8c1a72e0d82b0a295ffc3d4f9f2c01f3404a0155c1743b69d60"
-                + "7c30f0bcf32bcc1a45810d88d7b87d380a331126a6b1f56e27ad09fef4aed79c30f9e9be"
-                + "6ac8cd1e4ea69c8e01f35315a0f2b6d957034303733ecf59b2a60cb5cbb875d83fd7a84e"
-                + "40fdb04c647101ad1a7808d79ebad1c6a4000e9b45b2b92584b9dac9827d8fd6cba39dcb"
-                + "8a248e81c52b8ab9f062b2664df9b665fb9f324cc0341813989d830f5b04d09c409b808b"
-                + "bd29004b3c92bf4c31951937dfe0e3b53fc55446f3aed937c2c09e9b0550fad0c353d9b9"
-                + "425be9dbcd2f5b45f9486c1603887f4cf5481e1b16656d5fba59bac29ffcee578e574d0d"
-                + "b062289bc21ccbe558793522aae371beec11571787ce0b6993d1fd8ce2cf97b91488a82b"
-                + "cfcc79ca776745315db1971ad913aaf11c89846c790539af6e89936fdc6096e9cce57c31"
-                + "28acd30f1e6bfd18533e5b6e499f85d015f940bc77d4e4f26c3fdf6985dc8a8dd28a3427"
-                + "9b920487feba903f903101bbad2715cef2a377f1a674fad5eb65a06cc762a959601cd2b2"
-                + "9fdaf240fa9b8764a07cce995a447afcc956d1ad8eed4b72073ae5c5cd61a8e76a5214f7"
-                + "ee60c577227c609251d9475f21ab244546bc1e63e167d8f47c9fe13a20a0cfa5e17c572c"
-                + "c5535932223cf0768a1ff4d8ea80cd4b43cf11abcf9039d6a7afb15516206cd96cf1f425"
-                + "02985d027d42eaa560801dcf1495f124370640a1b2235b260a89235107714265fb0ace06"
-                + "2812d48096e6378cac9abe673b3cce4dab696f435010ffe857c5bcccadd9683cd82151fa"
-                + "011ee7a6311529496b188c930493640d27e2000527cc451550359eb28aedbb9108a80403"
-                + "64c16c65788ba22f3a33ca37009734edc7d3d9a6b5aba33fc389f459116326dde1277a1d"
-                + "db81eaedded2db8886ae2c6fe166ff4cb3d7860c59834f9fcd4321bc2345a136045b699f"
-                + "7f8463ae9eaa1bd3d443ff92ec8e2fe311066303218ab7b1768bc304d8d0ef0b5e7f42aa"
-                + "7fc6aa182338923f5bdc9b679b882029d8bba536ad3c9b6d1cabc112ddfa27c9c10f5022"
-                + "d4b8cb9b5166ac2ffd67bbc47cf093f4af9719ead9fa28a4bbb958f7a0c884358029bff1"
-                + "d52ba249099739211ceae1a00c9be48fb12fce6f6a6de170646774e67c4bb8c2a4901409"
-                + "17136519aab7c96040545821cc1ab6ffab210830ff9b5e4eae8a96a8c042a427ef7b9a41"
-                + "e39108a8fb680197c252696c3ed6843b3fc596bdcd2ddbe4e80d03ffa4607ce5b77fe7cb"
-                + "0464472ee14b311a06bfaadb0dfbd6cb8605852c491acec561b381e32d4b5191b69aa8b3"
-                + "1bcc849e31927a806eceb18d0c3ad463927e196f097b829afc2d1c4d35e700174a3ca3e4"
-                + "c8e308df6ca519ef74bcb712f08657d79bcd0e86ac37809a28f368a58117aa10d96895dc"
-                + "ce0711d70bd0fddedd74a728b85e6123533fc52d077121cd7b78026e4fbb289c0f21123a"
-                + "e505e578c7423512e56629bc69e8f06b5addb1f72a2ee2a8a9224de18f509f3968730ac9"
-                + "6a7dbddf5868e51b1fcfbfb1bb8d8cb038663d5fb2df7085d6d671f654cc9733087b3205"
-                + "7b7c5b37e7855cd6e9c9dd15ed0ecf9f6619f36ecfd1415bf1154cfb37188ffa9922b64f"
-                + "5a457c8236d7ade468f178a23009a1a0798ec11d572984000cf20c4f62b3628f9a086a8a"
-                + "aa345d62a5c84e5028db67ce280afae26e77e0663d5c414e4d4a2bd68e66f5db03003510"
-                + "abd45f51d5775a100415842a597631f779188f4be15b1f74f0cc96520f97dff782373049"
-                + "85e11f0730bb92e9c46a4b767f42a44dfc1279da95ddad0abb0412bb9e623246dd7f26ac"
-                + "6a0c47d95badcf38f29679e5ed86611a6b7b015adf20c9635990560ee4aa2dd04d3dc6ac"
-                + "77855a9c973fa927fb2f0f8dec5bce26599ba7b1ed6d3968b7a618cbbb62b46d103813b6"
-                + "a297c710d8e5dde8aff9f1464f596f947bbcb0e674391bfceca767c9e782509f1bcd7d41"
-                + "3e86620688c55dc5bf25a63c7ef45f53b48adbd2f3280771c861291e77f9eeb196808cbe"
-                + "7355c7e9272613523b230253d23c68319d8f5f366ba51a64876a93939b9c11384cf9be76"
-                + "6b332e974df21bd205bbcceaebd6892d390753182ac0bac0fc28ac8b7025f915467cac56"
-                + "6ba1dfcfb1d816de813b69057f666949e24ad77e5726755a7ecf9c88ef691ab1d0caf1a2"
-                + "b6a6abe508c8b18b5f6083cbd5f0197a2f6f32c110693b741f1a26bf2b855ad737e36147"
-                + "309fbe0d705b83de6883ce9aba460b43a04b24290ba90ad03e0bb22cb7367b4258d7392c"
-                + "7f01c4035dcb0ed22c0e93c7ed6c6cecd21449b349438df5fb2138d71704cc5a7c29576c"
-                + "7bf6f90967e7c9039386752d2319d6319279213d7f2625aa40835126fa6030edd820b2ec"
-                + "c54bbe1091e5a807bf3089cc92bbc5fa58adfc18b768716d6d68335140e083453ba5ce6f"
-                + "2a4b6d84a605d74f226da3aac4009a540e5130629313665e7bdd3b72087c864571951f6b"
-                + "ae85f01f46498f366aced9fdd40b570e70a04d1d4ab6f1e9f80f20a3ed5aab8b9c4c4b94"
-                + "fe4ea5223d7247ba44b389132d3b44b2be83d0305c3c4904722ceb094baeddb60aef2125"
-                + "8ca61452c6cc6a06aa47f61c9916ffd51a8ad46516afeb6e55496cec4ce7d96f7052914d"
-                + "2014e54095b18c4fdc3045abd6be098169cc95a9566466eec78dcb605facd120bbe865bf"
-                + "cecd14a7fa496e2c2877d5c185b15c62c9c3c93c8b191e32410bc350d2b40a2f868a86af"
-                + "01e0d665bafd8cd7484d4e0ffc41a67e46a05a4f62af7e658557d8d25d8c489c7fd6bec2"
-                + "ca2cd7e1487039fecc136ebb2e8f9434468cbbcd2b1e3e90ea190f88f363e3ad57382320"
-                + "9f8b440c459fb2cc6474605ea4881608f5715a8be11292369cf764c75f2fb71690685331"
-                + "533347f435d55d2dac7bed0bba2e4189e255a75c1769d175514f65aa230139b052f54297"
-                + "49075c04f144dfb2aeeb369137f29b07c61334449ff6046ecfe5467d201e7d98a4095476"
-                + "cb4397018c3e3bb9f4f0bed0d1645e4cf4b4b74df589d9c76e03ac2dd1fa0ba08bed5158"
-                + "5f1e5a65de19d1a2f14b6bd7b0dc6679c2832dd4c93b1b613cefadf232d1199b5e83424d"
-                + "4b48ee73bc00b3026cea2f75240d8de829114beaf85ccd520695bebba66666022fae1ca4"
-                + "501e1c1f5916fff287b13d65eb8ccbdb80e3dea217235680d16051784dcd8965e35c754e"
-                + "fcbce50486d9930b1d53f7a67ce7215bc9b3989528c54831a7f2f05d407fca5ce9db47de"
-                + "de1f1aa13d575971af42b23d56df381c1fd3d82c7a150c972dd779429fb1a9d6613198a2"
-                + "b4df2269597fc4dcb483a66841bbc679d7ecdb1fcdd0b53a1a6e1781199e974eb18ae05a"
-                + "4c0e146af19a60bbf9a05c78850abd7c03a4ebd50b7f4395ab086a6613da80bfaa7416b5"
-                + "276c2573e105752daeb44e933934abcab1e1c0f9ade80edcaf10f635c9577b53e358f494"
-                + "58743d5cf50e117ef8f98525a0f889cbfd94f432c54524b14861e3cdb71829657b0e01bb"
-                + "9110f4d6b700193a042ccefb75af33309a64d5fe9ab1a2aff76c77886fc8f0caefd52cf9"
-                + "1d759d26e687f59c3865d5d05ce397a1ddcaf8e159abca91c2d3232d812dcc7fe4a33c36"
-                + "abd65aab04102577ed312d5ebd9c951f41369100d6879aac685d365844ebb159e9967c6a"
-                + "ebff20a554bfe4197de19b108dc7abe79bdaa54153e51eeb1ff1176e1a33328453f94157"
-                + "d0da210bd5f5fe3f2fe5ba83ccc74a75ac75525daa38d98a73a8c2981c16c78459212dc8"
-                + "8a8e46328b5deab19bcae7464551597109ad84717b76e155955e93d6f57d9236f507f8c7"
-                + "12eaf0e0709f931ef4c8b6cf3eb96296bf8532d2213b27836f89bc98cd7b0b8d4af82af3"
-                + "7f3825bbe559fb99818c3407b7be60c1ba4402c1c0b2dcebd1597891aa7210ceb0df81fd"
-                + "65ef10f66b491a220437f3e3c20bb6418d7fae5a72d3e1a9e98c9663d40ffc3b48ba549f"
-                + "49d2414e8363dded41d780c98ccbb58e9adf1287bdf92204e0a7a5d763f28876249f5b72"
-                + "468dce06ef490839956ba6d9f175201268cb54768702f58ad0dccab6e7209ef1d133d60c"
-                + "b5c73dacbaf7fd73ee4e18ccdb9a02cc5687170718dff35be84b4f350d5c3625ca389e2f"
-                + "2741dc409816754e551cc3b8d598ae5c776ae6075c5ed6510d4f5538fe24ed8ed1ce052c"
-                + "0b62d61e83b1ecd11a89e6668b9ac98f18294d1fd6740edd7cccdb83545f2c15f4198216"
-                + "bd2a4e3606c2ae731ff9074bae103fb74f4931fd079140a4fb23e0d326bdca3a8fd1499d"
-                + "6fae594bad25ce17e01766cf0668eecdcd62c72955ede5401f4085e1ae4ed7c95c54d18c"
-                + "e6e07a1477c50c8b1d227cd6535537fafc6f7887f0e672faa46d629947489005bdc36434"
-                + "c363f8991db0ede78673ffe52036f4e687a8d96cb4ffcc14505fd43fe3a747b45f973dd9"
-                + "d7a0733ec4a86be65ec2d16f2c9282630c29eccf467119d6cf01cf78b010e8c5cfc38035"
-                + "038d9d6ed1925ac15be70592ed6be4f0ae178f9be23df3f17c7c1de2e285c6d57e19af4f"
-                + "d7e34cbf956a737800b6eb80272b1d58d10773fc0a45a74e45a9fb33950955d20f119152"
-                + "203e3e09d5ceda392deea24bbe84bd08adede976f39c95beb33bd4716506d779dd2ec0bf"
-                + "66d08d48e40920e86314f4441c5a1eaa56c2e21fe0c10ee5d88bbbb77f2f9faf03d13186"
-                + "1069a3d4bd0a188df337e8430b20be94e94a130ca6a4a708b22da811dbc52cb886a7ef52"
-                + "909409eb2542ee0262105abda6995374e9eb6f8224c2409dc78a256fad06ec4676c716ae"
-                + "160c150fe88ef57e5e47966660f8dc83689acb820f86df125bc3390b005109102ec8d7f2"
-                + "5c6e7ff8b59c5082ddf297c875224287ce613f3ec64c08131c9ae19169ba16bfeee55269"
-                + "a1b14beb874d0f46f8713bf8a0ea34f50ca38b4f6da0981eaf928f129ad551d97cb2d41b"
-                + "cc3699e3969529f33ac27029be91a9693af0cc3a201d192c66d7b86caa7e4d7ce16d7695"
-                + "90f9e4060f8194bec8d220e835480c90745227ac00bcd583df1d32dc18a29b6a0a89128d"
-                + "988216972f90da16602714be090c585b469536f202dbb8a66b03a81cfd19abb0ebdc5cf5"
-                + "7047361e65ae34be1ae98fa6e9ebf8969b93ee4dd251169a08aa991baeca0b107a3f2611"
-                + "dcb03d6b13e2b744dc4152d9769421d040529f270c537ce220a1af2113715fad7b5f5cb7"
-                + "5f783bffaab75e05efbff0c3b20925ab251e53bf3f79f8de691edf79d277e1eda7a58403"
-                + "d4fed819523561efdce90ecc57d23c925a4eba6083cabe1c9481f10666317586472f5bb2"
-                + "d760dc2d6c7018b9d1259efbaf1b2909c4e58f1975a10c59f8ee64022ca5cddf8273b4fd"
-                + "0533e44b1acdadaf30b5e17293c444205db4b858f6929c1109623f09938c8d7458a5a057"
-                + "8779f7cb24e974c0fdb9a181d47d407a4e92621be668d3c860de808b0d1662394c039df1"
-                + "2384ccb8a292e2105c283de4b263b24e045e50b54817f69906436463b7560ec1d3123591"
-                + "66cedeaf6d2461c8e48e186a76239ffa3e7141b3e901384b2c37bbf55080edb7f155ed07"
-                + "f73bb4575c5d657c040f90658336d5b47ac25d808e9c15b2ee589efbe8700eacd36ebdce"
-                + "4e05fde768de50dd2274ae41c60d480e44921fa9281a65cd462198758865d1c82d2d5c8b"
-                + "13ec635b18e56a62d2db9d2416f0c7b0ec9934d06dc61670344c502dfd13a1f24ef1c3f8"
-                + "b1640fbb9da42868a5cee4512ad3726260bbe0c80d42b542059e0e007b1064f6e2409b3b"
-                + "99fa6134db2995fa89fc89daec591f49e56363911c79eadfe51499f54cf72bbde3360289"
-                + "e10284d23ce2e028f23560dfa4cfbe58cceffa234f25308fd1d28967d93e30a343691fc4"
-                + "d4046fea1147c9acbf0b7dd11a1469437a61a3eee9932dca81a2fb50a35672ba7f5b8b25"
-                + "77182e604ff5a75d279af4233684c2c58bfd99de5a28a62fa8f07f5d765097a79641c785"
-                + "4c834cc499db3da7d317117ea70afb50026ad4a6f0e8d1f270e5de83ed8f086f10929643"
-                + "e114bde2344b9baabb379b86156622ebd35080462cb493d19dde8a04b455a8a6c67c9466"
-                + "d4aacc642d808598ac362b4888267b46d1c7d91d7d17c3b5b09b3040f566be91e1675a9e"
-                + "d6a7f59e7e54594de27775a8906761c6cf52661c8b6235d45b117233a1dcdb8ccec28eb9"
-                + "fb969d785a4e829ee6be6299e070f51a7fb73f6242a6c3d5e41c6c3dec176ce66ffb6403"
-                + "50b4bf8bc489298092e9d27e44e181fe10d50f86593df008f8ba9e521b549b884933e124"
-                + "d6d3f265be66e9986ac9e86c6c903f60ecb2c62acbc1cb6cc478c54d9d5f5734625bfb89"
-                + "e8610c86a8fe5ab45a688fd1af9bfcb56928faa722f82a85e233462c0072f488f44e2d91"
-                + "994fe54d509d444f5bd1a8c0d3bc1d88d9711b7c447e30059b4438b83a048787d6bc919c"
-                + "6299bcd663e6088b27073399486927ab85bd7b8f60cee514ac276086c90ee2cb375d37ab"
-                + "823b9a425d217eb3a8d2ba2a0059101df8dcc9e4d3a82c58d2b3f96a3e0c4dc00b706bcb"
-                + "8eb2ececb209f759c9b6f674eeb8a752ff8e66c16410cae20a6b02dc505717ef5ffef576"
-                + "1510da67367e53ba0274c1379010c4d18db1bfce4d6b681bf1a66b8e695a419f6d134d5e"
-                + "c59826665e10daddbeb4a80f83c78fe92c117c9466c7c8837f66f4c57c379eaa407ca9b4"
-                + "e43fa477466067d5eef8049d72eb7c2b493ad0b7ce0c494ff1f53c5690aa65c75b3fb3d0"
-                + "27d1790a89142a79f8c39cd9f015a52bbda5fc07935f2328c46dae67ce5d5c65a10e9198"
-                + "0a71ce2910519ecf8c018f5b17029f79f735c8bf0d9c044f2455d0bb40a132029186b989"
-                + "291608e21badd68160f48dd8fec5b95b5b26d975456421502cf91c56fb5ac4cdd489c643"
-                + "e72272dde4a35d6f062a10f384ebd9a71a487ec5959cde04630678eb54294bdb835d7ac0"
-                + "ebe404a1e8edd28c5a41b4622188511bc530fbc81d26661f594d825b701085905d925eb9"
-                + "76af765ea89f93079af888d49593f913d78365fdc290698f69a3d5fd1ad2d2e5c2ae59af"
-                + "407863faacd4536beac7f8515350810940e10a92c8c9c97153e9ce088d11ec43952af719"
-                + "caebd15e02fdafee286e7a7e9e0dd027ec77cb7404bb562d5c5320c9bba867ce3c974192"
-                + "b1301f6afb6e03dc9c5be7de3e5673b1147db2eb2301f91b48995d145df254698f0c6049"
-                + "8547c55f7ef62de081ddeb42505b62d6b18d37269814db597c75fb3c6d8c2a062b391995"
-                + "c7d332a9b6f6f66ba502bdbf69b73e0ff54e8337db6f65a14d58ff2d223703cc68b3c04b"
-                + "c10ba48c32f29ba763167de9cad171eb5cc65b7247178c99c35774adbcd241b102914ce2"
-                + "895a220b50b5d7a9776280f3d4b898d3ddcb6b1e14f2702ae71c20ff29c849d874323aaf"
-                + "6bea30ae2d31b151d96f9d7bd786cbdb5db7d766afcf31cce6c03240d4db2edb7dc3810c"
-                + "364e203d233b65fcd16d4236d0048b4e6ad9994f83fc294cf4a8594cf0f696f4ac6c7b37"
-                + "8a89527119c2937a942e001d523d2d08f301cf9f060531dde931fafad8aa348ce6cae1b3"
-                + "9ecbdb1d6ea0d111ee75e98e307f60be639b8dc3f9b71a1a21ef4063b4fcdfb9ebc4ba59"
-                + "b109b0254e383d814adf65456e93f59bf4570bd4adc97242229dbe96e5464b63ddc192c2"
-                + "65d47b6f96134be0180e659c897127579d9fc90d6d34a3b720c8d340e29a9aa250984fdf"
-                + "17e9fd71d863f88e11b2262c31e913a6aa60b8445ad6ed0ef654474886a4bab7d08bfef2"
-                + "1cc19acaf41550b6b5b3202ce3eb8116ccf5992ccd19497e76dfe35fa5f6f87c48d404ab"
-                + "2a08960a65003496126cd22aeb2baa4d6ea6f2846e90533538f6697df745cc491b87ac5c"
-                + "18ac24cd8724d6b7b0aa6ef6720e9d8e937c24d096b493c28606327769f865c44426cb47"
-                + "8d993d1044b6a7ab991dd58eabb02a0de80c6b2e29520ef4d31e3a46a7ed0e5887e1db02"
-                + "2fc4fca42e90e99775ce915ce26bc518cc2b25a121501ac0694ba81d34f7991d4a96f500"
-                + "09139f77d5a114e10d35a11cc7f7a41d80ab56e366c7d6cab81c6e7281afad5232734a0a"
-                + "d7c1621136879ac9288b72baf86a55488c77f0bc557cb76b3ceb64d042192f29aa5d9276"
-                + "7cdb820a4523f768a3ed4ce8593360f454f9a471159e2b4f89018153131216a81a2bc85e"
-                + "96992e0a437e66ec25c331127e6cb578223d7efdcc84f6be2c2e93a1f93713b58c5e2372"
-                + "2c727021b56d0d3af80b312e82f10d16cb068e3825d380bb0347856e7a2357177b9c3def"
-                + "6177904c498d3a519583e32985bd521a6fda487bac15edfd74a1ace1ef8af95730b014d9"
-                + "bb9c9547490895321ec794cab19e87d2af92ef157a2d6a1b9a76f4a11cd63902fb16ee93"
-                + "29a624808218d5215d11da4e95abf6ffb6ed68055b94a0babcf43701d5537c67e9a0ee5a"
-                + "42a53046bdaacdfc7980196d570ca8df8cf00a727c37b3f83203660c13716d24da6b3676"
-                + "14019195982c4970bc5c3889bb3cc9b7ba6ed788ced4c4b132b3617ac8038902ce0fd566"
-                + "c52435e8793578b93594c8aa08882875e8c1909d48ab967fa1edec3ea22322ceb0088a36"
-                + "62138bc23a4fbb682d49e949b38dc6bc08ac75054c268e667eabb1d93ac57a951c89ddf2"
-                + "1a2bd66bb3296dc012d17256e3a013d651430b7172d4d92d047e13c11284aad7086b3a70"
-                + "9a0e4a95e5a2d7640a1aca146aac6b2c57bb6cbc933635312776b292beccdf275326652e"
-                + "3660d8fbb3a8452a6f1cc2632d8f5834108238c31539dff7b296037f4b0d04209dc8db80"
-                + "e4d377733b5a53c63e1d63a488640ff77648c569c994099c96b87fefbfee4a8a8f65a528"
-                + "aac35dc268c8981c3496fe2894189637f772ed0d9dda215a726ca744e66c019ed61d0134"
-                + "6112dccfdbf0c88b2af1f2c7ace4a7825eeda571608bd921c924013e1bf31c2bf8434225"
-                + "f781672658401d0371abee59877f942125f5290180849ca0f9659b3112965509453f6ade"
-                + "7a80a5d902c68f11e22475ea5282fe5cd61fbda9b1175b9253667adbb344162c3f3987cc"
-                + "30135ac2852e4b9090c0e0d0cc114da680183fa1064bf5bc25a617c2295edce9421efbd9"
-                + "8d6a2c04aedcc05ae63cc0d7a851f7d55230d48fdf0f7365dae70d271e46377a75bd3669"
-                + "9e89da8fc6db50c03098e895ce6a0cfc67c11a687d987a34128168e243e13708272aebed"
-                + "eeae6d0a05ad8854cd10aa77a33369fce485e6556b085fd253a8bbe3e29c9fcd7d546ba4"
-                + "fe7e8c7942b64491dd54c31d0bb5701ce510181847a13f30294060ccd547ca6c4d195954"
-                + "105929088e2d86530b3dca1978642e8b31bd9cde0730f65cac15353c3084997a948228fc"
-                + "51618fed3e97bdd8aac99b9ac606a1f915cb17bbf0db9e4c4cb9458d98a9beca762ea26a"
-                + "df774bb6667d4b388e84d8fb39999a7a023dbe0fb7cecde785e6f0e0344b447c2f3d0935"
-                + "fd93679bcd00204cd7ec4b9aee4410d1f3308021ec8cf9bc51a19e2b9250d6564e0d4885"
-                + "e93e414a872511518a77c1cea82c816538fad83f98e889b725909ce5583b0f7694e612f9"
-                + "4a43516fc2a9e73f9aa59b65ff3cac8ea14b05545fee544b84ff22a8308e44b89019c29a"
-                + "07e8b82709e5d7090f7c59062f0b5561e452b0349662450d8f68acf32e67a57de5852c55"
-                + "d5378923d07d37d4e0e5ba4356cfddbaf2bdd2fb6592adbdec5964a95ad433fc0ba01c1d"
-                + "1365391d98dfd4fbac0d3b26a92465bbcf197cce5e098f3ca0e5a58a83b17b918c1d1a30"
-                + "1bca3918da53b18a118f333b92fbd1889cf0c647ee1695f236bdfae2aa8ef2fc8773b0a0"
-                + "341739f229ef8a53bed9043cd12d7d9cc041c19493158f25f6b4193199707468df486123"
-                + "44be8e34a56e82f3064d141f1637e490e1bcc51fe2691b828f0276605551a70f86780fca"
-                + "184caf1cca34bffb679ed1d1c416b0c1320e8ee3401bcb148deb953f9d15032022ce6acb"
-                + "35a973c3e7827f24bcaf0b74333fde8211750af5b799f1e2f13c4e507b7703f7812f8ed7"
-                + "86ed51a71f758eead7153e3ece581cad12a60672d5c099b361a17ccad9c7ae638f5cbab5"
-                + "73d5a132f157f637420e9b3fc83b7941dd8e4418a16fc166f2d43c49a60c116cfba371d5"
-                + "03f195ebed43066af11e08c8bc4dc44b77243469ab823be815ae48004800f36a975f42a9"
-                + "4f1ce45ce8e0bb5d0ef55f9e8aff3bfd529677c232f039646acc8ad75698a8de52d26786"
-                + "229bc15da4e6f097c327a9bb641b796921c4583bdea9537f84a15da277b8caf6b292a1ee"
-                + "e5951233344b9997d0747a390ea0b37cd3a20aa7a04c137b17fc8051a4fe1c5a163186e1"
-                + "1e4ee74ce1c26bd2452ea4639fb7d7f875b3a2553f256f568dd7b9b4e6d84d4d454034a8"
-                + "9f2b1174e8fe8ccfbf145919f7b141cd0d0594b47c228ae4989f4b4e63aa2c3f77336945"
-                + "f4c18118242974d861baecb9967a909cb4b1413778e3c4f6ace4cb46f6e8ec5a959b2afd"
-                + "293fb5bc43b14a99ba4a50c8ca429b448157bea59f5deeeef84f7a19cfef734f6062e8d2"
-                + "027cc3761c0c5f30ca3f89018c595ff87dd17d49b3b1ad36228742f70948a7ed5ccc85d8"
-                + "d63a9b2ba4f68f064ee7b9850216b7963dc79b30f58d50c5d3537863a5a1eb3f12ca8874"
-                + "2d66dab69c74c86de129b9f2c811cccf8091a30e058a71edcce014a0ad042b266ff6ac8c"
-                + "6550112f496ced59f95ee04910d803f4c6c662e2069c7d6f6bf03b4b141b41c67600cde2"
-                + "bf1bd98578f769f65b11588863dd69977337bf7f206e9afe6cf544e4e45ce310832ef9ea"
-                + "49d7dbca3918c22a9fb448a75113eaff1d0ecab031bc0617fb0be2033a20b4d4cc324bec"
-                + "7980a32a2a7ca66d82b565477958af80b4e410af1c241feb46660bbb2c5d7dbf08e47b6e"
-                + "16b6b03a685aed47cc52a07896bed4e278934a6cb863c0a5e7ce0f7170dca309b80e1093"
-                + "8b59aeab3f78f70aa631ac6e73285dfbc65cd61629720084b0782595487d92a8d21feabd"
-                + "7bee3218ce484ef6d3ad284e355ffdc1c907a831ac7ec0a92ad51b654b999ecb5646e498"
-                + "2242cd7a49ca7deb11d5688a52f1a237afb80cb6fe3b46fa4c59baf8548f7ae7af69c13f"
-                + "b108a4d6ab0550b8a4b32ab95562b3ae70105c46f8fa9b759af68c79981805887e613162"
-                + "59942d76cf02eccb838b82d6da47694ec2d00fc01496c417b60919d22b8b302a2dd4787b"
-                + "ee2f581e0f2269b53bbe8e1562af0fa65e1729ac04b88e45526c0d57828de8ad791e6977"
-                + "979452cce714fccc752c5f30a96aabea1ca73d0399bdccd8c9ac6c0757585b47d2454602"
-                + "67be1ff3793dad5e2f97400e44f0da442dd82d9329976a838f20b747f8f615f392551816"
-                + "5cd2196a10b433b1614b785eead6c6cbb3678e1a7afde8e14e2f85b8418bab1c7e477fda"
-                + "99f7de5844249b31c8f1f329bcfbf91707911ae74ecc2c5f014b78fbfb26f106a5fa735e"
-                + "cb9121138c9b3d84b350433d4835558a0da74f0df8a61f598a219c54d7b89fef107a943a"
-                + "8a345a33b223d70974c79bc2f1af9d5d1e237a2505d407b2c957b7bc65abc76145b473c5"
-                + "66dabd3db721cbf4a71fb574f4046fb927ff0a076f3f466abda2b5182bec623fa0f1fcf6"
-                + "7a8ba62cb30647388cf9c2a9ab146db9855c80baa1743a15e402766b3910314219d8d7fe"
-                + "012d3750f5d36ed8b9a522d8aff3c6e9c660fea9be58584624b84055fe0a8edf9f182e45"
-                + "44be653c9d052b14583289d1720dffb7f833f0cc7dd36eaf8a48894a742d4328113073af"
-                + "4db5bd60a342086f0f78a69f2a7f1f190609f83be2e45daad123bf37b387fcea41eb8586"
-                + "4ca2192c10eb1c47201fdaf2f493267d285d82a1bad6",
-            "03383f9085f61df71557736df9d4e3d54184f8bec63f85442a8d7a1381d8305b3993f0a9"
-                + "514cdab55458973e3f98af9a1be1375a8b52c2dfa0cd5a9bcfb40650861eb7428d34c39f"
-                + "633e8afc60088a9ccb93bb2116084799162e5471ec390a84178cdd09e51b5aeddcb44516"
-                + "5142e4b33be4c1c5395cda0fc61befd0e42411f0998c42ebcf55be0a8c94e7c2c5d6e8b6"
-                + "038adfae681a32c6b977cefa022610a738d9b4bcd7f0a330a5cb7bf34b2dd1c7feaf6a6f"
-                + "278384a174c9e5df1fba86878292d5d1f43f4049fcd04c796a2ade88b35e3dcddf64eaf1"
-                + "1968cf12b95c6b1a329678eb05f4bedf014d9b6f5d7180cfdd221cd44aadc58eaa04c946"
-                + "1a3f0dc03df985b9e10c6860c80f28b3fecc46cd0ce20d0c2cec18f8107c4a96fee6f2bb"
-                + "ade46b94aa0103177ffe5b45be5a94164728b8ee9b5643cf9665ef973279f10c706888bf"
-                + "319d5e8db370a42085a09b7bd5c067492b1576d67e3a587a1982be2fbbf9bfe7abe3f48d"
-                + "2a50d4e102cafa67d95f7d9239bccd78df918628668163f7b933fe13754f056c8952f3b1"
-                + "381a5dd276d1a72773a565437a3247e36731bdbfdaf4f3167550454c59e963817a5dd0f6"
-                + "a3f438f564b23ea6576c9b6debc9b61c0538387566448d2d186d11efd51c9c51cfcbc89c"
-                + "bc90229a018902da5e370b8752f4044b5836df062f74c26a562328f39eee8789cd4d52b7"
-                + "e66a507fb6f90737cb278dc8414eca01c620d8bf9dfba8cc5fbc6db10eac9aaa47b0bfd0"
-                + "2baa02524fdb36ec42da68029941aacf82d29f5b1323a0cf6a5746766736d02ad0c20348"
-                + "98e9fa73159188f2c352372226db02308225d1a427204df705576fc8c499b7e3cecbc8f3"
-                + "07a7fb019d4b405f9492deee4ac3ccd51862217923ac0acc0bdd3f7ad86093471eb796cc"
-                + "35bd92dbdb1dcf70b44ea3a4b0e9cce2314717ab181108ee8a63276ee84f4df21fb715f3"
-                + "a4cc73f196cee7b756ec996b14e0113d23c677839df5e5843599f86c29a43a6a0ecb73bb"
-                + "020151a98da2352079357d4acd66442f699ff7de56ec214e4f0846bb4555c29b76d9d8c8"
-                + "ffc83831b038bb232875a1354fe99058aa2f8d03f7e86bf510e48030234194917c1ec691"
-                + "87c5fa65d17d96ce3580ab0ac863a7ab6ef207497b3f63ce2ef08d7e1a9d0f6fc5b53eea"
-                + "20c789677f930245131f952eae43ac98345ef8c0dc2a491b08e194a06593893ab1e4f180"
-                + "51e0fe498fd882f5ceb30a3ddaa234bc2d54bc3f121f510dfb72bff123241408500a65e7"
-                + "c4b3957cb94d5135d01a95c95e644858ce9f4891764c0baf68eac8dede086e5911f21c74"
-                + "297c35ed8c7fb734858690446be0ece986e35c5ec690370a07ec582e2d00f9569298bac4"
-                + "a295fe8fb3652b83207fdfb513df2c24e29e1d8051d4b7080327a57ab21a15c877d594f9"
-                + "b93369f732d5d205717a2dc4329a262724086a051b9992168a99dc556bc8e4af70e3ccd4"
-                + "c2e3fc171100698e80e05cc2627697661ddda7f90a9a50df7432850a47fa5c28088b8fb5"
-                + "3ea8258b2cbc0aafe2af9e567f43225f91f0f830dc5a3a861052654501aabf4a9d584b0f"
-                + "77f93abb215e680fd5f27902f1ea10ff880a39bb8002a95160b1f53db9f7a7386e22a6de"
-                + "47b259844841710a656c8fcb67a95bc326852027b5779b492390ae7e8f2c75468942f2b5"
-                + "ef8606e5aa6415057781054410d639b866e2a820ab14081b936e21bec7c1118752762e22"
-                + "e0f188c268ea6ab625763946cdbc2e3ea8b37e207d58b2276f716af10169cfbb5bf653a7"
-                + "3fe6de0f568ffa1aabcc8fead9f3c1c38d4ee0dd13725ae3e10ac40d1a52ed1d8986f35e"
-                + "36370bb7141e4ffb8a81f56bab0429b887550fd86f0e537d308098a1866d82461063ea2c"
-                + "d1a6236d942000f44624d2c0b1ccc08d30b547a04cc6e55fbf860f0bf4b638e213a16e17"
-                + "5a952efce2e7c614418d24a36c46f7ce35437791790e278fadfcac4e0c4bbd332a0daf17"
-                + "c72368fc61fb046662275d7aa87ade5a7c7fc8384c90b9889c0f04724d07c3d94eb47b19"
-                + "10144b9328d770fdf14c75046360fe17fe1a4d07625389ec7d7a2b9e97c592961ff84afc"
-                + "662885172ac5443464fc23c968faf39d8cee0d24292fd261b1f1e5a79e3df1b5b52ed6d3"
-                + "f7ab0db8822b9e44ac72d21fe242050b3d72d15f31bbf88d3570e1162cb595d079914cfe"
-                + "2933ffd8f6a01fe0ac7dfa4993b281d2c998cd80ac679f508f4b6073f4f1608f9d67d26c"
-                + "1fc2e021506490e973c54d07a54f5bc204c01151e09ad0f1ae30aefc95821083f235eab7"
-                + "e2a9450c5602ce71c5e197e742fae10baf56c161096c2f1ce2fa5a793334cd97932929fc"
-                + "e2b040cdc1027484a74f901189d4b4f5deb5ddf86c9cf4d722b1888673e8150d8cfc5978"
-                + "60796430be61852d37df213623b179f8667576f690770db4343c201cd2e3ed8d1602a270"
-                + "96d2ab6d5b65f8b0900407b787fbeb51176e3dc84ed2bd0d4fbe02051c422aa346f351db"
-                + "5d1e02a2fa2e50a6993ef8c71b3e4c72c2d283b53c423b4609c91f4d0bc432d81756f5b5"
-                + "48a6de883f82a4278a7d1be74cc7e46cf524a78c50ff0b507aad48985a8eca93173c257b"
-                + "56030a8a9e07f8bef29a991ea0ee677f0b45cbac244c7a937a78872e4f4e4892b7f7e261"
-                + "3d36a668bbd96490662c9b153953c588650e6ef83dd829aa759f10683dc7997215172e01"
-                + "e135c66752e447b4a68d5ad06183047e2468abfe74aeb24f2eab6be72dc61b8b901673d2"
-                + "26d4162e1ce738f20043e3346d9861a16f6f9cd25af0d0726fcdc642da7cec294880adb3"
-                + "aa4d8cd56aa8a9e9a31feda62d931fc8a2f8a18d39ce71cceb39a0a2022046b5e5701100"
-                + "b94c8e82c4112d3eefd01292002f1ec038328834f10672ced0aa7b3f94a093050890d8cf"
-                + "ab9e2b3f9349fe61dfc90d0c1419bfc63235bb060c6ca9907162c9f2c0c1f090cf0fa258"
-                + "24dd159beed051e667f7c9471a8203abc635fe0ba97039a3216e9e044f02b32a0b0b0f73"
-                + "a5b94467a04e012172d0158d0980dbf4eeb5747235738953e4f8d3e4fa3634164b5ae6cd"
-                + "a6f1784a7fac24d37e9fa1890b26a770d150ad72822159ef1942087a7a227dee5b016349"
-                + "24eb86b7f7d610eca5ed16138ab1cade501585409d6b30bd1c18d4b097af6571d1134736"
-                + "18ed8784151df96d9031cc1f570ca36bd85a5953da2a34056a88fd7321bf89f7b939ac8f"
-                + "4a27bb0d6946f1ac24d3a4614193c8bc7ac172acee5788312f3e8848759dad00556949b9"
-                + "6e79f09945392f208eb5c4bcaae26d77b03070331b420e09d726ce9fcba4062c7986ede7"
-                + "4aef2f7692106dc4178945e33f10c42a3edcb28ea2fa1c36de05245f7de7bd8eacbf5667"
-                + "cc23d7fb5456f23862404c784a5a6612f7ac98065d9a66448b01cf8cb5e2a2ad2ab0e79f"
-                + "c6e2db723dc1a738319e7cef78c4d7ac37d5da1763aae117cc4c0afa928ab6a56ae61f5c"
-                + "f38a9cc2b203a9d50fcce22671a441ec0ea8e8dc0aac0d429f61e6fe1f2f66e7603c05eb"
-                + "c81b19d5d7c95c0c85fd61567f40e9b075105c914ddd930cca4288ce9628aace17b5f945"
-                + "31688f5dd61222c21b4bb0b486bfed796d841b056d2e931175f81574ad34aba3cd1d6d7e"
-                + "494c1e1cb78995039bd592edcdf2a23888b635857ae6211a1bce16d899a74cc365ef5a0c"
-                + "015e99308c1137ab97a3b1ad0eeee68a56d4317ed9439003901ce8c83dd30e7a5449814f"
-                + "50fc8905b7a79e1dde18e403b36b6b2ab18a4423cc740a2d24d8322d15500efe7b0c6f76"
-                + "c0d81a1bdc2a7127b327a080e00171c357ca4a2a44241d998e9fe7a9b1071d231c83596f"
-                + "0cec9d1281c8d093cf2a090dc3578bf6e5fc13c1208ce68cda1d9674cc02e582d1e894ce"
-                + "2140c69bf5fcc5523afcafb5aec4133d2fe80cb5360ee73e3b791dce7e07ba731caf7b50"
-                + "5bdd01d207ab2635ca25004002cde4b581aae39cf5b8d2469185d78c36e2b8948d82fbc3"
-                + "42fd7b654fc52cb35bce4ad269f434fe24d3f9dd54983a6c4c06f0db338b73850eef29e9"
-                + "9f2f5e1feb70de9bd2f73fb705e2f154e818e6a56096e36901307dd22011796be9f1d05e"
-                + "d5d5751aff6a1bc2ed731d5505b5d6305f5509192bcc17659d10de8d22d272082b17544d"
-                + "b30d833f149c4a0b3544d5a478ce56bae38e22b9044af4f9c997e6b9d004edb43cf9dbe6"
-                + "b49a20755d58f575f70431f083b151f1bcbcb5713c572e2bf7e0c8b611ae6d2051816c85"
-                + "00c751a29352d4eb0b077754c8879e4968774aa20442bc12359e6ef1209a23d25df34364"
-                + "1e857c7c4031c025309867d91041034b9a9ceb620768bee81e2809f04c49baf0d6179e95"
-                + "2d257fbd5a053938de5756b82c552a4a95aae87ed2f31579219598b7635942c724886f0f"
-                + "7dad53c218ec32e36170cef879d571d843ebd0e14e92272649cb0a647660667f18fb4151"
-                + "55c5ac92ab432d376fae7ef7073d8df8000202fb80b1ba261b9275eaa5289242809b4990"
-                + "038bf9d837f903030a932c17e1bb4d95f93df6f349575e061f1ee8b367d5825a55c5e432"
-                + "37054739f20fc3638734333ece03cda62dc5aa239deaecd18ae4a52a9f24d2dfe7c50fa0"
-                + "e14146537a4c155c7036dd180ca72a82927a47406e2b0684505e220e4e0f08374f1b0d34"
-                + "26fc31398c2717c5f4b6f004705187f5e1dbe0c477a84347679cc4919b560a5317e55c2e"
-                + "649481e2d3b96146758448b255e0efa9cc16e8d2f674a9267a6ef91960e995335db3933e"
-                + "4e8e42e6f6eafbeebc9fc1d4846855e2f74f1e0d97b74c66edcc0c3a0c67a412875e8d79"
-                + "bf76cfd018f10e3751aa7916275af1f96500d2d6857be7c0860916525997a4cd8daf2f44"
-                + "e44046dca7cdc9d8f0ab579cec870a1bea5ef5a3502fc99271d8b2a826475be3ea0ec3e4"
-                + "fb79b4ea0b35efeb8dd4a25fdd490356fd9ae74b377e51789ac77c2c1d180db2c24687eb"
-                + "bd9451efcf60b16dcf79e4f29be606f4c7e373eb1a240011d8c3567a1a2b7cde05e4b69b"
-                + "9487a5af41fc510da0130bd556011c06d9b4e1595c69ff9e6d822cb6a3de3c782bba90f0"
-                + "2d6cbf338b6e6636892d5cb4b10e0f29f357714c0e444c370a8402ad2615d430b0ba04ee"
-                + "857c7266ed0bbfcab0ff79bbfa1811190e03c07df9343b9009a74d711a9129df639f4a89"
-                + "83ad793933c612eecaba19939f0ad02e54f20362c92b95e9b28ae914c731dab52995335d"
-                + "fa8d5c659d8c2ffb51bba4a63fdc008a965ee2f5d2358c75799b09086882c9f0380c3228"
-                + "c8dab6be4021ae1f92599f33afe9372900298ce637c58860e3b08069fecf2aee8b03854b"
-                + "7c903625cf2e9c1268229c511fb2e932bb3952ab024085bad064a6886f13cbc265ea9453"
-                + "de9e23bba112482d512c3247b98be799ddc28ee6eef80af7d869e790f635bcaa43b9e9d7"
-                + "d53d208c97b8dcfd2a6f32ae397d73fe3d36f83dadc47d682737c851625de5bb33370e7b"
-                + "073753415a77af0b547dfe869606988deda3bef30d58b1c2cb4c9cf39a198af96be9e1e0"
-                + "5b572fcd55226bdda65b3b360561eb2a1425603dd467370c75124a162e609e8a847b1711"
-                + "a14cf1ff36b8fb7ddbbe346b096612e77c5c3a042b0bc51aae1b25e479e13e1f76d2c6c8"
-                + "3f7d383600c4f5514214c04da4884f3a767cd8945ad3434624fc120a076f3e806d95a5b4"
-                + "11272e86ddd8fcfca95b3748fc7550cbdf9dcd38f51d2efa576324c22cec800e81ed55bd"
-                + "7364d1dc88398e4cab0c6e7a2f4aba779455efb1a00c6366c151695495691c658f713cd3"
-                + "b37046d48137a6c3f92dc1e4839f4d53c0fa8addfc23fe13c6170edd2a5560b8e85768b5"
-                + "43089be7febc19ddc56847d4cfd5c7122cf5e3fb5d5f2cabc18121017077199b7680940e"
-                + "a3a309946aecec3c3d922c2186f2c6fe7fc3e520e7a3714efcd86a435dc224f01cad9bd5"
-                + "eef5c5ba1bae06de04aaa78a4629c8263427dafb02c71ac6230d45aa88751db537dd5746"
-                + "03c87f263cf297bafbaba7ed07dea7b01395128f837f17660bc95eb9715493e7ca756012"
-                + "429f8aec9758fc9e6fa8a08fbf4f2c98a5efafe0584c9fcc9f69f81981af0a301831b72b"
-                + "f8e4efacfe4e7a8578a8ac1cdcfdce4c4cb046b7c42c648ce9fbdea35ec1d3c20c710488"
-                + "276d2556d42a96c86cc5c5c3b49b3421184c94e4f03e6dd711b86a32a73770501033ff50"
-                + "d0e67490adccd4c72b186a97a4314d4e93d1f90b8cde6c4fe80d1e4cc1c48a200e41705a"
-                + "fc20c78fffab6ed403fac59266fbf51090caf65e4cb4c12c51e0d7b49af1bd1f77bb5bb2"
-                + "7d9befe1b3dd5abff9d3e82ed765166aeca221287980ff92ecde3243f44807faeb4d8229"
-                + "fa64d5f58ad699a604197503fe640823c151dc0b7cab58800c3230f8db81115963b7acad"
-                + "68faef46e0328912c86ffa5053fa878cf93345a226c149765a9d2e261e13347ba9d545d7"
-                + "c2bfde966293f37c59e3363015742938bbb756dac645215bc13419d26a12c07ab8188173"
-                + "38666d246a8276a113caffca7f24fed0a09408b69693643b8d0a4d35fb555da096f8f1f2"
-                + "93cd127c5f3cb6aa405f611eee1aada3db7102c783dc1e1a13f90edaa1cce7a9365d10e6"
-                + "6115e84b7f6386f0e57384e5cd941836c2b5e670f648a043c359cf70d3d02aa7c073e71c"
-                + "1881b4f2095754848c5274f7d0b2c7ae35c3faeb40de8337829158ed6cf22c2b9d51240b"
-                + "f57f5c3a81092aa01fb31d297b6b1ab4a6c54ab303ea3c07db6eefd05e3677cad9dd0fe0"
-                + "d23d2aba63c232bf3b6b0731e7898da46291e7ee8ccd05b56f948f03bf1170eeec714d2d"
-                + "4850c228c96fb48a969ae64cc7b324e69eda6df389728c1eaf673eb512b59f7442ad2177"
-                + "31b346da582a8b25c97494700cd4b7f326dd6bb5b8de03e0afe68c12ccd924cc5ac1d14d"
-                + "ae95eb5c276b47325bcd1627da150f9e9a1cd31c15eb42c674782cc3d4e189908173cd5e"
-                + "267cacab7f476999f47929384b6f5f87d0e02debf42b4ff57f531555b4ad81649237e027"
-                + "070f38c0b849db7107f05046a0a30900bdf3cf626112afb6f540cee9da095f4e4d7f690e"
-                + "d0c615b233e17f650ec9141a6721ae9415947fb2e444277061c1fe9f3f796b13e88a510b"
-                + "51ad0b5548e73e7d29ecd198f20cf4f6d3c250ce1678ecdce90911ceab85ecd992f98ad8"
-                + "ae7de1514d710817984b20e896fb2ee5613e91892f233843242054edffba1f958c0a16d0"
-                + "8556be15546f1e3e4f6434101ab0b067bf95f94e0d50c0cf25bea487467ac4f10f8b980c"
-                + "08ef0ac11c8263239bf8a79a0bc6e2908fa4b682fe5e462e9d5cbaeaa3a8de6b232a646d"
-                + "f34bb6830cb1329622d243d76cf471add577fa7d0ae041a43f9598a0e179af57768ee386"
-                + "12d92b1ae8655772db2a05a6825f11e6ba874de5b326410f232e17bddd09290819ed932d"
-                + "da2d1260292296c4cc9bbf8d3db26754e515b0ec8088f0438d0b58fb7e18d7443d7d9760"
-                + "f6d739e7ff13d868ac27d165c962de749b8db879bac47b33d50dd721ceff662b8de95a70"
-                + "697b3f754ce0d0d3a45c1dd65fb2d7ca0187559244fed5de0676c5646a6623f4a1e875ac"
-                + "d6f5742358edc71dc64cc9c028931298239648d83fd9a801646539927ecaf506be54a72b"
-                + "9d4477696dd65e11205c69f61b82c55a2f9ba37235e8169cddf7db311ae41ec9f1f32f2d"
-                + "46ee21a032e0ae1218761045959523c10aa2e3091a3de6b517033deb3c7f3ed98f594169"
-                + "08db14d847cc5c5184e5d3174d60b18faf07b7c2f4c803d323fc5166038cb1bb8715f417"
-                + "0e609e37a1cfd9678a64957c5878660a7d67fa88b6db1516d04292fa61130172788c759e"
-                + "150262c694dffd0e4a54004d3f7fa2863d5269ceb10d53bd04147d04dceb830578a46d5a"
-                + "617b9db3363401c5545a9ef1b969720069d5b710cd8d2dae0f16e3a41a4931062ee8d43b"
-                + "0513305a175f85ce429f5ea2f36416f8769877d996b39d8145f7abe2cc062cd1254fb8b5"
-                + "434ad5e89b42b48e60c8bdecac12b73d36f6884b1b91dcbddaaad07ba63299a1580b9cef"
-                + "d8099aacc652d632f8d08b88375d96d61644adb4652202c862b75b17b61f7510e3bdf074"
-                + "616312435b6b54e93c48c5788d74544ba195b4636eaca38a9a13456fcbd9690613c57cfd"
-                + "b97adaf95fd30234893776e559b6830adf385064e2a5631006981e1ac848e95769114289"
-                + "473df1a87bbd4d501e3a882a7b483ed518b5e5317efc31e90e2b595d4852a0c2f843c872"
-                + "d3d526792cd6e3fa4bfc9f873bed7687c463a165469e706380e537383b5ed534157a127c"
-                + "77239d0b2470e333dbd129fd2194629d707f5954e444b6a2b7d07c7b7a2c168c71c47121"
-                + "b3b38b41ce76b18781ce37bee76eea812afe9f35e29e2b3b1c40e8a15ff1a6a675742384"
-                + "08e7d1a8bc3728937c9cb0da73b57fb3be153818c73a41db6971872024ae94acb00e68cc"
-                + "9a85469b1944e7e4599e12cc0cf8dedfb6b2d8916f2101323769ef7f1d0e0eed52acea1c"
-                + "2809ea3050782e5a52a768413606ed07212afe6ee16cac04ffbffbc11536811c81187a2a"
-                + "d350be5eb06d82ef17a75df9a3d746f37fcb3bddb7401ed05e3fca749e0def202df03325"
-                + "1a2db806e7367525891a4f2a5a7d6c5de122723691893fa264a6a61783c3aafa70c09f71"
-                + "bd72176799530c65ae2225ab6334e422eb52a01ad7ac028abff2d53fc7f9604e58602326"
-                + "60a0580fbe75288eebb6ae15f78e70d1f06e56eb438b79a3acbf714b994f3900d8886fe4"
-                + "dd92a2d6087bfbe7b3a16f001ca2cf4d519fcc48720d667610a3d7598b586760e0f51193"
-                + "dad94c5bfc24d686fd02bfef706d0b3329c113196612989f0da22339cc0262cb6a464337"
-                + "a1765e9b33949b94a1feab43f3bf7083a89a2f09936206cd7bf7c6f4a32f96a75e57fbfc"
-                + "3be9fa3da3b316aec6c50c54966c8ebb848224bfa0bbc68e171a592dc0acc7ce2e6753b5"
-                + "4eefd0b11701d881a987ad4e51209118678eaa376fc1e47767b0af8e159e07bfd823586e"
-                + "c508db573c855110d3fa75df0d70b9a524220186230aa84ac2927e65b0326b54f2d7e133"
-                + "42113ba82ce070bf7fb322e58659f0447024d3e2d8e72232f8f7ca8ea99b19e92814e5c8"
-                + "1bd2c8e3f64eb89d425bc79e09e110b0af1e644e767e30bc7cc6a4231570a085460b8699"
-                + "933b9a4caae915a29be50638f16e6969faee3e4ec6b2d6b53f84af3c6be55049c9b2ac41"
-                + "2462b3886a696eeb2c249c9265bdda8d323adb1e40134f58ae1f64defc20facbe0ae8f29"
-                + "24fe564236fb1004a9604e90293418c74c2cde15af0c01512c77368233d1759f4dd02f16"
-                + "6e2dcf6d4ad04cd91161a775abf279f775cf419fe140cd4a01c00598f47eb761af1a3331"
-                + "99a476f5fb26fcc6c0489d88a0eb357e031b6c1f8fba99f449e3d33cbe61a16cb6630c50"
-                + "4d14deaf6d2461c8e48e186a76239ffa3e7141b3e901384b2c37bbf55080edb7f155ed07"
-                + "f73bb4575c5d657c040f90658336d5b47ac25d808e9c15b2ee589efbe8700eacd36ebdce"
-                + "4e05fde768de50dd2274ae41c60d480e44921fa9281a65cd462198758865d1c82d2d5c8b"
-                + "13ec635b18e56a62d2db9d2416f0c7b0ec9934d06dc61670344c502dfd13a1f24ef1c3f8"
-                + "b1640fbb9da42868a5cee4512ad3726260bbe0c80d42b542059e0e007b1064f6e2409b3b"
-                + "99fa6134db2995fa89fc89daec591f49e56363911c79eadfe51499f54cf72bbde3360289"
-                + "e10284d23ce2e028f23560dfa4cfbe58cceffa234f25308fd1d28967d93e30a343691fc4"
-                + "d4046fea1147c9acbf0b7dd11a1469437a61a3eee9932dca81a2fb50a35672ba7f5b8b25"
-                + "77182e604ff5a75d279af4233684c2c58bfd99de5a28a62fa8f07f5d765097a79641c785"
-                + "4c834cc499db3da7d317117ea70afb50026ad4a6f0e8d1f270e5de83ed8f086f10929643"
-                + "e114bde2344b9baabb379b86156622ebd35080462cb493d19dde8a04b455a8a6c67c9466"
-                + "d4aacc642d808598ac362b4888267b46d1c7d91d7d17c3b5b09b3040f566be91e1675a9e"
-                + "d6a7f59e7e54594de27775a8906761c6cf52661c8b6235d45b117233a1dcdb8ccec28eb9"
-                + "fb969d785a4e829ee6be6299e070f51a7fb73f6242a6c3d5e41c6c3dec176ce66ffb6403"
-                + "50b4bf8bc489298092e9d27e44e181fe10d50f86593df008f8ba9e521b549b884933e124"
-                + "d6d3f265be66e9986ac9e86c6c903f60ecb2c62acbc1cb6cc478c54d9d5f5734625bfb89"
-                + "e8610c86a8fe5ab45a688fd1af9bfcb56928faa722f82a85e233462c0072f488f44e2d91"
-                + "994fe54d509d444f5bd1a8c0d3bc1d88d9711b7c447e30059b4438b83a048787d6bc919c"
-                + "6299bcd663e6088b27073399486927ab85bd7b8f60cee514ac276086c90ee2cb375d37ab"
-                + "823b9a425d217eb3a8d2ba2a0059101df8dcc9e4d3a82c58d2b3f96a3e0c4dc00b706bcb"
-                + "8eb2ececb209f759c9b6f674eeb8a752ff8e66c16410cae20a6b02dc505717ef5ffef576"
-                + "1510da67367e53ba0274c1379010c4d18db1bfce4d6b681bf1a66b8e695a419f6d134d5e"
-                + "c59826665e10daddbeb4a80f83c78fe92c117c9466c7c8837f66f4c57c379eaa407ca9b4"
-                + "e43fa477466067d5eef8049d72eb7c2b493ad0b7ce0c494ff1f53c5690aa65c75b3fb3d0"
-                + "27d1790a89142a79f8c39cd9f015a52bbda5fc07935f2328c46dae67ce5d5c65a10e9198"
-                + "0a71ce2910519ecf8c018f5b17029f79f735c8bf0d9c044f2455d0bb40a132029186b989"
-                + "291608e21badd68160f48dd8fec5b95b5b26d975456421502cf91c56fb5ac4cdd489c643"
-                + "e72272dde4a35d6f062a10f384ebd9a71a487ec5959cde04630678eb54294bdb835d7ac0"
-                + "ebe404a1e8edd28c5a41b4622188511bc530fbc81d26661f594d825b701085905d925eb9"
-                + "76af765ea89f93079af888d49593f913d78365fdc290698f69a3d5fd1ad2d2e5c2ae59af"
-                + "407863faacd4536beac7f8515350810940e10a92c8c9c97153e9ce088d11ec43952af719"
-                + "caebd15e02fdafee286e7a7e9e0dd027ec77cb7404bb562d5c5320c9bba867ce3c974192"
-                + "b1301f6afb6e03dc9c5be7de3e5673b1147db2eb2301f91b48995d145df254698f0c6049"
-                + "8547c55f7ef62de081ddeb42505b62d6b18d37269814db597c75fb3c6d8c2a062b391995"
-                + "c7d332a9b6f6f66ba502bdbf69b73e0ff54e8337db6f65a14d58ff2d223703cc68b3c04b"
-                + "c10ba48c32f29ba763167de9cad171eb5cc65b7247178c99c35774adbcd241b102914ce2"
-                + "895a220b50b5d7a9776280f3d4b898d3ddcb6b1e14f2702ae71c20ff29c849d874323aaf"
-                + "6bea30ae2d31b151d96f9d7bd786cbdb5db7d766afcf31cce6c03240d4db2edb7dc3810c"
-                + "364e203d233b65fcd16d4236d0048b4e6ad9994f83fc294cf4a8594cf0f696f4ac6c7b37"
-                + "8a89527119c2937a942e001d523d2d08f301cf9f060531dde931fafad8aa348ce6cae1b3"
-                + "9ecbdb1d6ea0d111ee75e98e307f60be639b8dc3f9b71a1a21ef4063b4fcdfb9ebc4ba59"
-                + "b109b0254e383d814adf65456e93f59bf4570bd4adc97242229dbe96e5464b63ddc192c2"
-                + "65d47b6f96134be0180e659c897127579d9fc90d6d34a3b720c8d340e29a9aa250984fdf"
-                + "17e9fd71d863f88e11b2262c31e913a6aa60b8445ad6ed0ef654474886a4bab7d08bfef2"
-                + "1cc19acaf41550b6b5b3202ce3eb8116ccf5992ccd19497e76dfe35fa5f6f87c48d404ab"
-                + "2a08960a65003496126cd22aeb2baa4d6ea6f2846e90533538f6697df745cc491b87ac5c"
-                + "18ac24cd8724d6b7b0aa6ef6720e9d8e937c24d096b493c28606327769f865c44426cb47"
-                + "8d993d1044b6a7ab991dd58eabb02a0de80c6b2e29520ef4d31e3a46a7ed0e5887e1db02"
-                + "2fc4fca42e90e99775ce915ce26bc518cc2b25a121501ac0694ba81d34f7991d4a96f500"
-                + "09139f77d5a114e10d35a11cc7f7a41d80ab56e366c7d6cab81c6e7281afad5232734a0a"
-                + "d7c1621136879ac9288b72baf86a55488c77f0bc557cb76b3ceb64d042192f29aa5d9276"
-                + "7cdb820a4523f768a3ed4ce8593360f454f9a471159e2b4f89018153131216a81a2bc85e"
-                + "96992e0a437e66ec25c331127e6cb578223d7efdcc84f6be2c2e93a1f93713b58c5e2372"
-                + "2c727021b56d0d3af80b312e82f10d16cb068e3825d380bb0347856e7a2357177b9c3def"
-                + "6177904c498d3a519583e32985bd521a6fda487bac15edfd74a1ace1ef8af95730b014d9"
-                + "bb9c9547490895321ec794cab19e87d2af92ef157a2d6a1b9a76f4a11cd63902fb16ee93"
-                + "29a624808218d5215d11da4e95abf6ffb6ed68055b94a0babcf43701d5537c67e9a0ee5a"
-                + "42a53046bdaacdfc7980196d570ca8df8cf00a727c37b3f83203660c13716d24da6b3676"
-                + "14019195982c4970bc5c3889bb3cc9b7ba6ed788ced4c4b132b3617ac8038902ce0fd566"
-                + "c52435e8793578b93594c8aa08882875e8c1909d48ab967fa1edec3ea22322ceb0088a36"
-                + "62138bc23a4fbb682d49e949b38dc6bc08ac75054c268e667eabb1d93ac57a951c89ddf2"
-                + "1a2bd66bb3296dc012d17256e3a013d651430b7172d4d92d047e13c11284aad7086b3a70"
-                + "9a0e4a95e5a2d7640a1aca146aac6b2c57bb6cbc933635312776b292beccdf275326652e"
-                + "3660d8fbb3a8452a6f1cc2632d8f5834108238c31539dff7b296037f4b0d04209dc8db80"
-                + "e4d377733b5a53c63e1d63a488640ff77648c569c994099c96b87fefbfee4a8a8f65a528"
-                + "aac35dc268c8981c3496fe2894189637f772ed0d9dda215a726ca744e66c019ed61d0134"
-                + "6112dccfdbf0c88b2af1f2c7ace4a7825eeda571608bd921c924013e1bf31c2bf8434225"
-                + "f781672658401d0371abee59877f942125f5290180849ca0f9659b3112965509453f6ade"
-                + "7a80a5d902c68f11e22475ea5282fe5cd61fbda9b1175b9253667adbb344162c3f3987cc"
-                + "30135ac2852e4b9090c0e0d0cc114da680183fa1064bf5bc25a617c2295edce9421efbd9"
-                + "8d6a2c04aedcc05ae63cc0d7a851f7d55230d48fdf0f7365dae70d271e46377a75bd3669"
-                + "9e89da8fc6db50c03098e895ce6a0cfc67c11a687d987a34128168e243e13708272aebed"
-                + "eeae6d0a05ad8854cd10aa77a33369fce485e6556b085fd253a8bbe3e29c9fcd7d546ba4"
-                + "fe7e8c7942b64491dd54c31d0bb5701ce510181847a13f30294060ccd547ca6c4d195954"
-                + "105929088e2d86530b3dca1978642e8b31bd9cde0730f65cac15353c3084997a948228fc"
-                + "51618fed3e97bdd8aac99b9ac606a1f915cb17bbf0db9e4c4cb9458d98a9beca762ea26a"
-                + "df774bb6667d4b388e84d8fb39999a7a023dbe0fb7cecde785e6f0e0344b447c2f3d0935"
-                + "fd93679bcd00204cd7ec4b9aee4410d1f3308021ec8cf9bc51a19e2b9250d6564e0d4885"
-                + "e93e414a872511518a77c1cea82c816538fad83f98e889b725909ce5583b0f7694e612f9"
-                + "4a43516fc2a9e73f9aa59b65ff3cac8ea14b05545fee544b84ff22a8308e44b89019c29a"
-                + "07e8b82709e5d7090f7c59062f0b5561e452b0349662450d8f68acf32e67a57de5852c55"
-                + "d5378923d07d37d4e0e5ba4356cfddbaf2bdd2fb6592adbdec5964a95ad433fc0ba01c1d"
-                + "1365391d98dfd4fbac0d3b26a92465bbcf197cce5e098f3ca0e5a58a83b17b918c1d1a30"
-                + "1bca3918da53b18a118f333b92fbd1889cf0c647ee1695f236bdfae2aa8ef2fc8773b0a0"
-                + "341739f229ef8a53bed9043cd12d7d9cc041c19493158f25f6b4193199707468df486123"
-                + "44be8e34a56e82f3064d141f1637e490e1bcc51fe2691b828f0276605551a70f86780fca"
-                + "184caf1cca34bffb679ed1d1c416b0c1320e8ee3401bcb148deb953f9d15032022ce6acb"
-                + "35a973c3e7827f24bcaf0b74333fde8211750af5b799f1e2f13c4e507b7703f7812f8ed7"
-                + "86ed51a71f758eead7153e3ece581cad12a60672d5c099b361a17ccad9c7ae638f5cbab5"
-                + "73d5a132f157f637420e9b3fc83b7941dd8e4418a16fc166f2d43c49a60c116cfba371d5"
-                + "03f195ebed43066af11e08c8bc4dc44b77243469ab823be815ae48004800f36a975f42a9"
-                + "4f1ce45ce8e0bb5d0ef55f9e8aff3bfd529677c232f039646acc8ad75698a8de52d26786"
-                + "229bc15da4e6f097c327a9bb641b796921c4583bdea9537f84a15da277b8caf6b292a1ee"
-                + "e5951233344b9997d0747a390ea0b37cd3a20aa7a04c137b17fc8051a4fe1c5a163186e1"
-                + "1e4ee74ce1c26bd2452ea4639fb7d7f875b3a2553f256f568dd7b9b4e6d84d4d454034a8"
-                + "9f2b1174e8fe8ccfbf145919f7b141cd0d0594b47c228ae4989f4b4e63aa2c3f77336945"
-                + "f4c18118242974d861baecb9967a909cb4b1413778e3c4f6ace4cb46f6e8ec5a959b2afd"
-                + "293fb5bc43b14a99ba4a50c8ca429b448157bea59f5deeeef84f7a19cfef734f6062e8d2"
-                + "027cc3761c0c5f30ca3f89018c595ff87dd17d49b3b1ad36228742f70948a7ed5ccc85d8"
-                + "d63a9b2ba4f68f064ee7b9850216b7963dc79b30f58d50c5d3537863a5a1eb3f12ca8874"
-                + "2d66dab69c74c86de129b9f2c811cccf8091a30e058a71edcce014a0ad042b266ff6ac8c"
-                + "6550112f496ced59f95ee04910d803f4c6c662e2069c7d6f6bf03b4b141b41c67600cde2"
-                + "bf1bd98578f769f65b11588863dd69977337bf7f206e9afe6cf544e4e45ce310832ef9ea"
-                + "49d7dbca3918c22a9fb448a75113eaff1d0ecab031bc0617fb0be2033a20b4d4cc324bec"
-                + "7980a32a2a7ca66d82b565477958af80b4e410af1c241feb46660bbb2c5d7dbf08e47b6e"
-                + "16b6b03a685aed47cc52a07896bed4e278934a6cb863c0a5e7ce0f7170dca309b80e1093"
-                + "8b59aeab3f78f70aa631ac6e73285dfbc65cd61629720084b0782595487d92a8d21feabd"
-                + "7bee3218ce484ef6d3ad284e355ffdc1c907a831ac7ec0a92ad51b654b999ecb5646e498"
-                + "2242cd7a49ca7deb11d5688a52f1a237afb80cb6fe3b46fa4c59baf8548f7ae7af69c13f"
-                + "b108a4d6ab0550b8a4b32ab95562b3ae70105c46f8fa9b759af68c79981805887e613162"
-                + "59942d76cf02eccb838b82d6da47694ec2d00fc01496c417b60919d22b8b302a2dd4787b"
-                + "ee2f581e0f2269b53bbe8e1562af0fa65e1729ac04b88e45526c0d57828de8ad791e6977"
-                + "979452cce714fccc752c5f30a96aabea1ca73d0399bdccd8c9ac6c0757585b47d2454602"
-                + "67be1ff3793dad5e2f97400e44f0da442dd82d9329976a838f20b747f8f615f392551816"
-                + "5cd2196a10b433b1614b785eead6c6cbb3678e1a7afde8e14e2f85b8418bab1c7e477fda"
-                + "99f7de5844249b31c8f1f329bcfbf91707911ae74ecc2c5f014b78fbfb26f106a5fa735e"
-                + "cb9121138c9b3d84b350433d4835558a0da74f0df8a61f598a219c54d7b89fef107a943a"
-                + "8a345a33b223d70974c79bc2f1af9d5d1e237a2505d407b2c957b7bc65abc76145b473c5"
-                + "66dabd3db721cbf4a71fb574f4046fb927ff0a076f3f466abda2b5182bec623fa0f1fcf6"
-                + "7a8ba62cb30647388cf9c2a9ab146db9855c80baa1743a15e402766b3910314219d8d7fe"
-                + "012d3750f5d36ed8b9a522d8aff3c6e9c660fea9be58584624b84055fe0a8edf9f182e45"
-                + "44be653c9d052b14583289d1720dffb7f833f0cc7dd36eaf8a48894a742d4328113073af"
-                + "4db5bd60a342086f0f78a69f2a7f1f190609f83be2e45daad123bf37b387fcea41eb8586"
-                + "4ca2192c10eb1c47201fdaf2f493267d285d82a1bad6",
-            "03e9f01ffde735a486ffaf4a881d32ba494cc7ae5e55b4756a6f6f640981835e55634459"
-                + "f96d9b0216eea50e56d1558c0c53be1b3e108589eb39c0136594742a0a7802b20c349173"
-                + "434a863e645eac92dcddccb3db0bd69370dc9a2253afa72d97df378f7a66f882aa695d4b"
-                + "4b561e185bd527910e710cfc62f52fdf53d3dc881d3f6815ddb5c4b49a327d2f69198e62"
-                + "74d19a61a666d9aa2f0c2b035b91f584910f33f9a538115c17ed80d4870e16f14e5520e2"
-                + "7abafc4f37fa1c872d0b5a9b47037a5fb7fe6e754ca05f33232c69403b71f62d97ffa39f"
-                + "f2657e829a7b9d3bf095ad1a363d50f0d37a72c6e26036a68492288b9bdced8ffdacaecf"
-                + "b46475876ec3a28b8fdd34f2e1df486b321c26d2b3775b284cd937ae1648cb5def50872a"
-                + "e97ce40c499d4687c226a7db5697260d34a2fdfe2c652ca4fcd4ae40e0aaf7bec33e44a9"
-                + "6b65f50457b332f8d5c5948bfa352eded0cfd439bb6c25fc03d10eaa281cb1dfcf771fce"
-                + "536d0ac7712bf53f84a656073716b610eba64562e51d55efef7c297a56e149b2fb2eb428"
-                + "011a6039104fb169cfbb5798d536d715c6e106f72bb88aa9428e69a2b0b6a7bd1fba54c9"
-                + "757af27a139a275b3550fa4b06f1e8e95b380be1c4db016f93896b9753b0eb660a05c987"
-                + "6c031516e1e0274c370f9ec349680a8050f783ce9852164267de5ec5ca1b4c2aa49749a3"
-                + "92abe83051897675317d5ad6bbe7a2ed5470f312b40310aff5639daf1e44b0d6add11d15"
-                + "51c1ff76f345b4d890b1ad56aad8da87a25997ba07d1c6ce6f3e4070e679310ab122a246"
-                + "5bef28685686da89612d56b0324484ae64f641cdc3ff4ce0d2c1090365dd874b6b865977"
-                + "a03d7772ff592da05f94cc7b19257d5904196daa986f764f04f46640c11d2a00f6009cb8"
-                + "9077270caf3a699e386e2a679f3f8c44ee9a62e0a5eadeb7c3fbb032440b63af69623bf4"
-                + "be092192470a8b42fcea8e3e0de7bfa257fc4c95b8ca4e2f4d3c1367a7de83a428a36de7"
-                + "328b3dd6d8c84802cc6966bb8802a12a16c1dc877713ebfb1ab653aeccbd875bbe8652b6"
-                + "47345087097d04d8577f790e599c4e091c764097036a4eebde3eb370adf2f4458e192def"
-                + "fec3555a2c11c5a568e988cbf5d2b02bb9f1898ea283013cb42fbac2f501feffa738c08d"
-                + "3fff3d3eaead37eb688e097b5c0c0018bf9f032d25ec4641fb831874be16fdac57338ac1"
-                + "822a9340753ad0e536213a87ee6384c49a14c11cbe83280db9aa37ae07a9dca0a590cea3"
-                + "99c4e23beecc6e1e1ff5ccc4d4fc05bb79f8409a1d2331bc5a31b859a41532c413132e9f"
-                + "388c8933562bcc61d27c9ab9689ce8cc821f019842bb546d651f2a68cea349f36dc630b2"
-                + "9a68f43fa127c80262314738fbdfc043ba517cc2c015be56794a8b7862325226b077b612"
-                + "a4b3b75e144c85b1d123f41634fed56b6792bb7c5c5efb0f466ca4e2b05b2a07b170548f"
-                + "7324ccf9382ca8db4aff755e6cae95e4d1c748a028a6611168169e49ce988742ef552230"
-                + "635b49c815fea87595770173c8f4a442276f070786a8f5df6c9da04645b084da2247281e"
-                + "30ad7402fa54c8d0d9283b98f04c6ff097ccf5381dd9efcba98bedaf58b0c311d136401b"
-                + "edf7ace4ce27614028a1268fcdbd4d9045bd17cf799c92896bb487e7ef79c227e3302f33"
-                + "9f1d7b6152d9257c43f2d14c37842d001fce1d8952e04cb84f7e2888d14158fdcc7f1488"
-                + "abdd392cd76bd0d9298118d8a8e6bf492bfc63e2b52265d0fa7178f4830fe56c0446f373"
-                + "43f91d89489f1394a62a5fd0d732c07905d32084912a1ed2e0ef9ff79115cee167c040f3"
-                + "9fd238090dbad4e64af6639452ab5bbeef89af933d08cff92a03d2b8a9e2baf582288577"
-                + "55e3553f8bac70b738946d11ea8a40a6820d8b9d9e0a534dea54f4338bb304438ff465db"
-                + "f8d105ed28cbd65af70e98e75cef4548128effa5f75a123051274f26663d78ba29ead801"
-                + "d8647ba13a1a3f95af2eacc559df2d220f923781b8a00695bd9a4ea4b471ce417799b840"
-                + "d713e1a34edfcdb2846136cf14a5cd98ab098fc27191857e95ac395f79b797edd9aa1ad5"
-                + "515f2ecf28bd4e4a888b4cb0912beddd1f40ce7f2ec22622710f3daf16a812381610a2b7"
-                + "595abde77cd480ec457accd8eafbf6aa1477e1f99f3498b161ce54d9d1991c08ec473e46"
-                + "c86628103399cd414e2cb2fa8d78f0c56dd0b6b242cb806232a5232853b11defa9864337"
-                + "5dfc149db9622c46d95c428b53243e4a35ec53afa845dc791fb04e6e96faf66da30b3e92"
-                + "f7425f4dcfb8eb78546c9e1149b8e2527d57c3bc0e481593e1f439d5457e2433317b0cdb"
-                + "2fbc80dded260d4b0613e88fa82a176912552c0ad6945f4d26c2e29d2aaf9879a359cfcb"
-                + "6f88412e0d2595f1158a750bcb899ecfedb07f42d59cfd4f36a3242860f017bd211dd796"
-                + "e8b455bc19b87ecb0fe9dd52c3cfc342b6a9e86365a939179df9778a4b50b2dda4227d49"
-                + "f773e60e1d81a52d5b9940903318869e5e916bd3d69a52f6e895e58b69ce6748094884fd"
-                + "f10bf6437e6ce5e4813ff37d1d8a127c4cfce3818b549a40180e9e0010d9ee5fed140c67"
-                + "6bb0c1a2c618c484864e900cf5e3e46a44da97fa60b2f7e17c33c1d9d95bfd8ee2454036"
-                + "734d16dcb731bba606354758d3e87b3cfe8c3a105e86888a90b766e7a3daea80b360c256"
-                + "e31a10f2bcf420187eeaa6b033bdcf7bca460b0f446956eb8499f3e516a26e378d40b927"
-                + "589f9d5532b88b90d79168f7e9dfc81b7cb9d0c3bc83688a43e4438866a3709332216993"
-                + "f0a6ab88864f26538151f91c8ee274685af3f4f858d83f7057a12d301a7d2d771c87f5e9"
-                + "ab889380d1916f63972e130baca2b364c5b4a680753faeab7af876234e475c56171a8218"
-                + "789d93202fbf7e05a9b72801a3bd22e55c6309f1f02c24dbd49691b95d38c7e5df3dde50"
-                + "b56010b65caf9380d05460735f2b91e18d8bcd5c086a2fe54b6bf4f97cc812490d7d0b09"
-                + "2f470bdfec096168ba1cadda094876caab9aff1541e447bd9c3323416e1606345f839d3b"
-                + "c866f8e633fdecb0af6be9bd5e2adf32eb0f50b948b68df87305ba0579183410d98da4e8"
-                + "3e6df5f88ece5703426d22c44454d304d99b451f8024631b0ddd5d51616b2c72f5a56980"
-                + "c060596192e2463a1e0288b0e6ad089a46f1a962c1bdf8052950381987957336fd1f5017"
-                + "ff37475f0f71ad39885428e617aaaffa0e61600c0bc40b6167f13ea2334f18f73e4e322b"
-                + "38b555c4dba014182e8319b80a38ec2d48f1b48b1bec2fe334d8dd44d6b053ee2a2768e0"
-                + "cda48c707a4ba95967fe32922063eed5285a538b83d5daea206a412eb97fc732446094d8"
-                + "242657631751b67a54bd7c88a1ecfbf8ecf42b6e38e56a6f03aaf3dd65b2ea405d18bce8"
-                + "b94ba3f196d60552bf525d61abf4cb1371af226415aaa7834080dbfa7b93e7a206895f83"
-                + "9cf3ea0c0ea64cd8b9811136bf226fa4003b3be34e16e28d8b11c9386f53743b3b715625"
-                + "b1a6a5549edec026c600c096e06a853dca5a5d44247812b6a0d3a8dfc59b2336cbb0ff3a"
-                + "b7edb7d72d93de31dc7c28ded2a0a5a483552d85f35b9aa48c0db2c36aca2fe4f8ab362e"
-                + "7f4602740f3062d5911c921b3b258a435bf6be26565d3793f46bb6f4c6dee2213f19036d"
-                + "510367fca6d699134709de72811af07b04c00b55d55d6670b5b6ddaa6ce44a56d5da3d6c"
-                + "c5c0b8d7b95581cb9f0d7dae5e6f6da29da60ade836d35160554593d7855713c8e7cafc7"
-                + "38dd4e803aeb45440ab66740461ddbc606cd8059d4374a99ffd59a0c5e27d61756b1174e"
-                + "c7ee1a0dc106edc04e30ce8a7a026a6445359502d112350ff9ce10f2b5e3fadc4abaaca3"
-                + "eeaec544f7d9794107d5107db86b8a87345507a3589fe1d8ffd6bac075b2823cf86a529b"
-                + "8c0f3f0a31edeb8c1c946ba9fb211d22a76ed52c25b816630b9aa01ce1d6897db26807f5"
-                + "7b82b8faacb9330b5e00c0e4ad00645306f3d299efffd2676b831db296911fd1bc506cc1"
-                + "dbf536093446253a48b52f3eec3c821fef533b23d4dea3c99e08e278236cca2bea104491"
-                + "88bbbe98c8ac1d8eee5d5e6db7a366974b3908699ff21a2b3c219db06e4d74b8e8ddae47"
-                + "904bedc3b524b5786601f9a880fd898a171681515224f3d968fc67aaae50e961c10b54a8"
-                + "e7e1fea0b0a357032477c8cb4ed556d267937ac47fe410cd341f6020b415027238961d38"
-                + "4d703f8b54576185c5d70296431f30383292ec14b3942aa880706988092b87c2c617e053"
-                + "558b1cf2bd6c7610f4728acf5d622858b85e8ed385689cb11595033bd2f511bba01254a2"
-                + "d4855dc988143d2bbdad24e115a6de729199d889fa3e61b3b64541d45957e7ca9e0c320f"
-                + "9572f7dbb901fc5f94b2d82555f3138c96bc3754edfc8d5e8f664ddd16af9d87baccd875"
-                + "6fda09eab4f5cc29fda1f55900cc1af62bf09e9de43ad2bec74746509637e82fd1ebf38e"
-                + "80344ad229644490f8a1b9c0b9abc3761da42e164b955b59c9210415425e25ea174a0d92"
-                + "c1796a7abdc62f7cabb5627ff533912c771840c578d44aaefc84214d5f42a9f00d3537f2"
-                + "d302006a116d7fed10bf8745759b4b1cb75afc76dec9dcabf1634abec8ab0c0333e65eb9"
-                + "937afc72e9a709c97f0fe7464344aca7fffc480c1ed1a676072c5248e29f203e0db8f5c5"
-                + "03fbcc19c223f448902a0b6cd7f49d61ba9597388c1e9ea88ff06ec5b7cea2d295825fa9"
-                + "4b5d8c2ab17e057477184d009149620bd8f4eac656a31633dfb444417fafb6b38c9d3823"
-                + "d30620eca4eb5809ee3cc6937f456ce7cf8af8781246af65c32badcbd1fdfd1673bebdaa"
-                + "e56e817816d5642b86ed8b0a7cda7cb6a5e576be60a2e2e211f3eac7a84c723869e9167a"
-                + "eefbeb720c25d6832b07a9b359f8436bdf482cc33957a427e005bed32b0d7dae5f7d0827"
-                + "f5581bcc14a22c73b0dbcf8e98d546052554a95f80bac9e21c177f2c70f3abb1378664e2"
-                + "5a7e206e8d24a59c6d8e0f2093d6f73baa92fe75eba36f975aa420e70384c298df7d3845"
-                + "3a35b884cd3ea34d4f60fa9f60ee11d48ce3a6e1292162f67d9030a049f27c4c0f69d773"
-                + "717d66c51bf37d8fb56f7c810cb5c1667cf3c13a7a72bba24cf3482e0fef98e1969c6af5"
-                + "8de6c16fcc5be2a8908e57f87b3bdb93fd692ff4b823dd5ca77f9a4798061f80eb392bf8"
-                + "8d12cde02706598f6d986a84c28c275424c0fc5baa7e9848b738a6658ef77402b94e5bda"
-                + "b4cfa069ee6d83bcf790967ea84a8bb2832f4e56185338713837bf486014e3d30f199c96"
-                + "01600259cab114bfbcec350347ed05a4d2ad960680cf0d2ba7a9c5367769395ada176a45"
-                + "e1efdee836a9a1a5d6440924a274dac36ec7a7389de2be0c69de33d0ea2aabc9f996aa95"
-                + "32250d141d41b0c9273b2dbcfe5417bbd1bd7937661a46e5ae3483e5adb6080443a1f086"
-                + "7036b176d4b4fdcdbe2cc410f4e591c6458b7c7d9a6a0a67c351ed8705a2e9708725aa67"
-                + "a5d58bee734cbe03fab9979f9590f3b2964d0b843eb65da51bfa3ee876042a1a61cfeb7a"
-                + "8249854179426b2d8940baa85f5fc9d77ad1ca70d95ee31843732b3a4b1912658ba3b78f"
-                + "89e944e8940b310eac6dd71f232ada67b99ad61956b6541af0a27c1368383f0a00abbb14"
-                + "e84afda650119661aff626470fde7975175d1e74d81e6adf9cfbe08821c94e438d6e7e4c"
-                + "8aa45bbecdf47cd7a623068c0d18d0b92100ad72815995264ce8c5deff5f3e970fb6fa0c"
-                + "45fe0f403d8debdb87df83ff86e121e230998f4f6358721ee6c6138573eb386df2a43dbf"
-                + "a64f9048ac470bea6294893904d42a2e4ce3cdd53b29f685b0e2bd88942d08fae980e782"
-                + "21bb1bbbcbb4f81edf4cd44ec8ac306c94901520c4b0d9b2688d3d5185e591163ead98ad"
-                + "9a8d3f721f0254fbabfd863d290ece83c1bd38084440e973a178935a4cae3effab1f79f5"
-                + "749661cccb515660cc8b3b9c30c5b7a69aa6e248322b9c6ae4d19152760267afce57703f"
-                + "090ab2ae4f37722cb520a7b67d935ae6bd8d5860fdeff97f56f14a33980bca09896a53ce"
-                + "b8c89660037ec8009fc7c5a6f2621d0c0fc4c54f307757a80d5445b3632d657055b8fff0"
-                + "eb1945e910d9559a5376c08b680b0bc1f9ac81cfd00faab560a45717d4c81137abaea91b"
-                + "244a2aa150deb507b9b2b1afeec0b14577a5653b4b51748ba07d262aef675fe091073bde"
-                + "9ec47424f55c44147f2f682b071f73c354bf47e9fc52cbf33c5d87dc6f21a4ff4cabe228"
-                + "1b3aea26659380296906e0187804f601a4065268f7ca4beb50199f1e93d6c239a4271177"
-                + "2f3f10e7395e929d1c5e3eea50781a3f58e8c49fafb519cfc352ea3ac5c43893fd36ac70"
-                + "b83ff0446c0ff2cc49eb59d833217828b3b1b2741b68a484960479b3789357b04dd36a42"
-                + "d2d8aad9a1b0c4113ef70208a36fe4e55f1c06e6ccfefb243c768bc004c1454edb67adfb"
-                + "9615ee05aa933145e69fa96b3a0aa770ee045001e03ae8393a158e69683946337c5b1633"
-                + "1581701136168235dc380e8653c6c61e060c18f70cb71ca3fa461817b5e36c0eab8389f8"
-                + "11f4bec0f65649b9074676c74343bf1584e869841497fb4a3726775c2a17f649c1f413b1"
-                + "f4ce6b897e0e1f89460a7089afe015211a16e2126b5a2189997b06effc58306e399ac62d"
-                + "b822b7724ab09711fb2fd1e348f4dbd6a544ae6a9297039da254c081eb351206187b1699"
-                + "d2adf4b240d8e415ff5500f3b6fc9f86d98fb5c1f3392beffbfe9686b78ec162f1ba5c75"
-                + "23bc95b8e35eee142d001c8d4a0bd0365dc4645c15310328dbd20330a64005e3ba9e3396"
-                + "bd80673191374558d1070edaff3238e68c9ae615e2f7b1ff32c5cbb6b70a3eb4c39f2dee"
-                + "2ded2f90359213cd99e048e87a9799f418551e5de54e764ba39e971925ba17309f25e9ce"
-                + "8bdc6926f0f26939ef35b274db38344f29ab57c21baaa0bf91f0b410b8410f0f03b5525d"
-                + "309358abe004e2e41d49140f8be0c12f945f9202fa77c9e2b5d98b535870295f99380f4e"
-                + "103954d119d561180db88d04d40cfdfc1fdda3d8546ebf828b21dd3664369fb5d46c645e"
-                + "43c7d4c144862ba370b5d5e51970db6a28488d5e3c629c788fe634fb5668baa6a6ddca5b"
-                + "3852ba0009012a562d36cec07d09b8db71ecaafa0493234edfc68e3d54ecad2821efd3b0"
-                + "0026ab1924bb943fa845340ea45f754a595998e4d22cc2057711f175929779cc58555862"
-                + "548c4a39f79440a1aee4301bfbc9cb9a0b7ab7c2f1dbd31233157b270441249a11e599a2"
-                + "07abb9e79ba35d076b2186a96497c65a12ac3453cc3cd50470525fe6c62ebbca59434878"
-                + "672edd76f4042d8e9164afef105d838966201cafbfbca21b8bc1781fa29e56029a2d3a30"
-                + "d74c32237e57b618cab48cd4f319afbdacdc074b57eedf3875e47c95c2833933b21616ed"
-                + "e97b2f48befeea2fb87b2b3ec4e29fb24c3e29b43a2047402ae1d194abc978b2ec118f7a"
-                + "ea1122f4f1d52b7fc3c942481ff3e7eada5bab8c0d0ab9599cf43105262e3b4a692efd91"
-                + "74b50725d1332475c9c7cf1342062402e7d43ebc633e8174b92df853799423cfdf189ff4"
-                + "45fb908fc16b2d7349282ea58bcc0bf28ef6fe35fcd264c139a2d174768bea8e471153a5"
-                + "63a4861c1b303c75b7ff66a646f0d2f0766949236af140985b45a18ae336c51d3f671fa8"
-                + "f56895c6aebb03d7f5ae0cb53b7fb80fe0e0aca45f2a362a3f9fb36f77e3acc715618b84"
-                + "a0fd8d42aec0dcabb4a20870b233501971dcb6e8b7930ac66489498aee4f72f462503c29"
-                + "57c43f7c01a65ff15ef36ba65167d61ae2d8a9fc9a45a3dafacd1b3b3071b78524b6cd18"
-                + "5dad49c5c27b2edde567c5fc4e085b1c68d969b0492d6cd2688154ea35f82aa1c39d1fb0"
-                + "9d097b5369c5d39973902ee47e5b267302f9923b90fad9e128cfe8613350d744a2731a28"
-                + "49d9bbba4458443ee2891016f8a4fc8e871ece944eb164c0c76263ae8080e5a04eebbc39"
-                + "5bba456939e5b82f44cef4fac69054e29d04320228371947e3156ddd0e3f702988700375"
-                + "1e3283c4d72b5fa8e0d32d3efc02928b25321070f14d9a15e2f16c2a828e3107941c5ea8"
-                + "1a3d7022def7408e55e4f3b85a2c453e2913792681d9fb3edc778014c7fca681ba60b1b3"
-                + "716f7c1e5066c9994dce7468980780ae924aacce0896fa81c571d1a69f9f822d9ccd9f9c"
-                + "1230b3a3f50933de67bbc79f1e4c5dd62996f2cd301d147e38e8279625d52e96815bec69"
-                + "7fbb12c1613dc5485ecf6dec4bcdb3b8a92e6e1736b1b72f5404fbfe065b88eba775ca46"
-                + "4036062b83c306df767b367f863725c3676b9841bc29a88e503f00cd1326d2137b9839b2"
-                + "7ba258b6923acf3b01b9eab50f76542c610136fe3d144dc9c5a035948e01bdde41eaeb0d"
-                + "e454dd699be116468c049815e492e6a2788439208ba190ac482ae033c10f44aecfabae9b"
-                + "96acd1bccbc174c2bc23483acbeb74f5fe5e57104054cb71b29ea94c1b77414f817409ab"
-                + "dda8b443e2326f26b26f4e07748d15e37ee46220227df3d290d29ad0932b5bdbfcaa9e53"
-                + "a19f6e2af9c000f9bd523ad7f770d139f023738432d14d9add2d8ad498a3cc5b6141e1a0"
-                + "4f5bda3243f7edad8b06c7298f0bd15378a1dfc514917319c0bd019beece3bf4dda245ab"
-                + "b829dfccfe6e210a20fe621fe609b32013c211dc44aea9f7cfc127c95f17e043a1b94a34"
-                + "426d1b8e2716675c0f19cc85cd0113229c86e9a7e18bc258f90517da68d0cf1625489237"
-                + "ebf9d2c46818b408fabf3dc48df77de7957e27bfbce31b4dff5385dac72c1158fe7dc2cd"
-                + "3afd9b9d8db11159942e6cb6ba68f712545e4a8c50bcd8de1650576f41b1952bfedf3a76"
-                + "a5cc931f2c42780e32062083d6a2147ad4b8f4440ff58bf1aef47daebc99f42dc497fb3e"
-                + "dd04dba05ee6a7a5327d2a1f6ef43a57dfe1655baeed25b9dcf7ae9527604cbebb753dae"
-                + "f99b12f5b1d527f79b8d9f0c4089db8dde23867ff37bd8fa776cbe85d7b5798af7229daa"
-                + "117b096de137cde04dc0a37ebb78165539569c7f2a3ecd39d14c5dab57691d73542f9e53"
-                + "53af42a115fee8e16955ead438332429874b983ca4ef5a03c7cd0f1a874cb0db95eb73a6"
-                + "31e5723859fe1a1a27bf01f198a1432b28bb0eda40034d2e5c21cb13d9d7b1588563f53d"
-                + "b2054fe32a54d4573beaeba77a62bbec0a5153702c47a2a9422b375230b52847390340ec"
-                + "05dbe18e4108ce7f57b370fe4c2519994383efed53b0ba254a80182589fa58d5201c11f2"
-                + "74f05d34cc77d3bea22359c47f1677cf12a21e72de3c53f028f4daddb5fdf7c1497ad441"
-                + "2f1c2f1dcbad6d84956d336e0922f4fdb36f7b8be9e48c19d5c4b57ca5bb85060772aca2"
-                + "62e6d185f39756ebe4b51ec0f68e3648ba709c74872ae4250a8e985060c01e294d641dae"
-                + "890c6445b9ea48253967a7462d34159ccfd0452c82086249efda8a2e56559df2f21db1c8"
-                + "3799d33b2ee9763b5f4b3189d529009f9ac23c9ff9b0da6ffbd3eb9ffd73cee02fad62c2"
-                + "716d2ca27436f44956c0338adcbe99feeea400c165e80d51b519fa659ce38ab0e2361148"
-                + "bedb613db78a50f77398a1350d3cf6c7dd4905a64f06c7837b197221e239c401d697463b"
-                + "fa2ada91b26392da391a132657bdabd08a23989ef4cd2a9cc93d7408faed4f3cd5b37c34"
-                + "f7b5113342b7dd75ca5a474ad2e1fef2e1b5503049cf879a1a361ec195fb33e14dd1a7cf"
-                + "5a6365e470cbc797fcdf3f1b2550637a7eb9ae04e2e5b45ecbfd441df03046da55b000bc"
-                + "9e58ad71e569fe9c3e8501746939e85ea4231b56bb99390d2ec16281049dc0ce4e4ab29c"
-                + "86197ef9e78f259db9fbd6a3af4aba9c4ee4b42ea72efd92d0ef6a8a902a017bdc9e7540"
-                + "d428a3a9b54f0081288998e31eb1247fb21749420911fb5f11b73a70cd7203fb039a25b2"
-                + "1bace7ed56492ce4bd11b189f8f08a5d8cca30ecff25f1b75ac4c6d99b33abdc82032eb8"
-                + "5e8d7e21e410f1dccb22430868a64bcd3fe564135623cdfc69f6aa2d3ca65fa5884aca7d"
-                + "8c7787fbe6a36d79291456972ea8a1beeb31b493753bf93aab46aeda348ff677d0f72976"
-                + "05d00fdaa3619e022b2e53b8d5323a966f3d8e45ef0431f09086e2627d66c04dd44215d1"
-                + "3cbe2e004ec13f87081f8c6ec10ef027f10c1be4af9002c8baf24ed38b2420eb94037751"
-                + "475e1e62d3f6f0e9f4aa152f2429cd7493ebd5235c72a82b3874a0d1864a70b42fe07aad"
-                + "69de5187284baff925d972842eda9ab6411b6c37607ad9eb3d0929741514607e84e5c6fa"
-                + "db2063832a87480935bf35fc1d58ec626e6b18747bec5e8cb4db8c39d679342142969780"
-                + "9fcd62f3d68d81e1ee88c6ee2e709e5f9290179ffae3058784c467184c1dc6e48c3f0577"
-                + "04b7aafa1667a0d7a4eed2e08074e4d7c72dc9977eaf5669c502f363c7b1930b36feeb6e"
-                + "f44b60591bbb961bc0020cda4d52d51f184498ebff010dfa6ca4dd388d59b6c89b44a846"
-                + "39e864de7b129abb35439291e3b45fa69f120a8b9df8151c012aae3e1c5f78f3375cdfd9"
-                + "c2280bad9c3261c8f6a9d30f83dc671be94cfc8782da4961155425e47180ef9c7be81139"
-                + "f28e5e548ca95935d74eda74c3c54feb90cc3dfaae8ee0b06c1710e00c8e893954ba8b46"
-                + "79dab007d96c8d0b347951b9f29993a420862cc2bffc7bd6d56f4bd3f3cff871c10d5865"
-                + "625967338c8a7c1d613e4de2e2712ce3a8ee12c0da16cb65788d4b17303d2667f3529f92"
-                + "7993ccea6f96571cc86f3264979c891025f22318d17f21a06fbbe7a1cfaa2ea5d6c8d956"
-                + "b39d4afdd4a76e11f17baef8d230cc82da6d5416a66e907ed8c68b0b8636f03c3d22684b"
-                + "bf0dad9c86812ba8d454bd1a0d515c8b2e8dbe62639e9da15c5ae87cc9a1e195da8f81c2"
-                + "c4c44329f7e7bb4baa08caddaee9aac3ca93982082781b3c03dcf9bc27fe31d12c677ea6"
-                + "2f0f2d00710bc5c753eb8affc6618741263290d7e62a26ecace63407f64ac853ed15eb9e"
-                + "b96735523653e2650088b43c776ab089329c906cdd67ee5f53c2b5ffb2a42c175cac35af"
-                + "d8b254f8ccd8aaa771417a2b0d58818f4ff7af1bcbd47ef1904dd49ecde3d95f67407b9a"
-                + "3002c1180355a89e886ea28dde0b53f0c0554ec680419b8de6276c71e59bf7f6eee722fd"
-                + "2f18df08c5afa4b4f1c4c2c36c4acc9d8e6a408352fd095746f7b548dfa89727a3938c45"
-                + "6eea71718df1aadbfb3a9d579193bb1a1d3ef12c0e4673b58cdc42df747c47e8f7d3cde9"
-                + "b57e56b4bdc7582ad947d161946357773a5eab31b8c296782bed4dbf50c1aca02898470d"
-                + "0925794031163ea5cb25de4e6496c0cc166a13808a7e1642349122db3836086de627ac5a"
-                + "b8fc3c596433e2ccd7a59d5e5b974fda712c0acde6bc86e2db0f448d91fd4cf4666ecfca"
-                + "515f7692328bfc5adce4e57b1c20d34024f474278d654ee4793adc7c68818a53078bed1e"
-                + "4288cfb9991b3ae340d64abe8bcead6882ac26a7a680a6bb1da708dc0269b232d87ee0a6"
-                + "b492613b76bf8431f48f732bfec0233ad3b1e3bfcfd18004e4c3f9b4926e9e59c4313ae8"
-                + "c40de20450f84e31d57e0251c14ad8f1042f5be60537c36e1d6212feea378a57bb1f792a"
-                + "f6a0ac4fe989b7741b88c7e59c1624cb1f2a3fd84241f28cc82057fb4e9c5dd88908facc"
-                + "18283f607003b9dddbdacb9bc2e55d8622d21703f1a044079a7c30c5a055817305dc2a34"
-                + "ed6564fe1dbe354b83e78979234ae3474487dc8ab00d7f071d37f886371e95b044f4d757"
-                + "27ab7febd6d91315747335c2f2af8be2c1bfc36962b168d2338a9be2ad53063a0495590e"
-                + "f40a5a72c51b257ef600d6ce930112a4401cdc9b5ae5a2ad9eee4ca9a7b35ee98d12e5d8"
-                + "c122b7080c8f2528ce132ca3a546b0b96ade3c3314a61209b62d1e33979602292d0d1c07"
-                + "23db69c345b8cdc4eb21b40b37dff85f347f199ac17edba640dde8167f91a8396f1824f4"
-                + "12fc7d6ce5fb76abaa4884b953b37ceecb191a99451d62fef490aa10b20fa75545060dd5"
-                + "6e64242da12ea90f60a6130bbfe703ac9653038a61db80c5dbc81474516fbaa5630a588e"
-                + "3ccf0c0d2b4fbc0955d69e1c5b72cde82c79ee92137c82e11dcdb0739f7a84987a0e9559"
-                + "367e4dbf9096976e67d44086002fc3899c532ba9c2b8064852bd4bd2c2b60b23badb1b21"
-                + "f2158b9ffca70f02bc00cdaacbd15602da1edf6530a59088d9bca500935b92c3eb5ce520"
-                + "c372e1ec3b75882f39a3f902f223332eaaea86cb608a6206fb8a62d1349cd8d906bd405d"
-                + "47cb6a3f65c72b0bcd2f0e3aacdfad9b25c7f61282a9e8c7021f36c274247cbfe21c810d"
-                + "2ad66b2ec18510a7acce809954d4c8357f5037b6ce5dac8a40295d6f451c9889a73adb6f"
-                + "7d0a88c55ee7796512eda8de569e088a027c3e86dfc33df4307e26235c9c446769b0fe4b"
-                + "71a9103b728cf43f9ad70f9cd3ca934d3d96861612c16fc84d22feb1eccbd10668e8fd5c"
-                + "87408ab90e8834770c866c664f4bb5661bba8fe44fe8a0062f000ee92e5b8f62fe11f924"
-                + "4bb7a337dd6d8e9158ecca146aac6b2c57bb6cbc933635312776b292beccdf275326652e"
-                + "3660d8fbb3a8452a6f1cc2632d8f5834108238c31539dff7b296037f4b0d04209dc8db80"
-                + "e4d377733b5a53c63e1d63a488640ff77648c569c994099c96b87fefbfee4a8a8f65a528"
-                + "aac35dc268c8981c3496fe2894189637f772ed0d9dda215a726ca744e66c019ed61d0134"
-                + "6112dccfdbf0c88b2af1f2c7ace4a7825eeda571608bd921c924013e1bf31c2bf8434225"
-                + "f781672658401d0371abee59877f942125f5290180849ca0f9659b3112965509453f6ade"
-                + "7a80a5d902c68f11e22475ea5282fe5cd61fbda9b1175b9253667adbb344162c3f3987cc"
-                + "30135ac2852e4b9090c0e0d0cc114da680183fa1064bf5bc25a617c2295edce9421efbd9"
-                + "8d6a2c04aedcc05ae63cc0d7a851f7d55230d48fdf0f7365dae70d271e46377a75bd3669"
-                + "9e89da8fc6db50c03098e895ce6a0cfc67c11a687d987a34128168e243e13708272aebed"
-                + "eeae6d0a05ad8854cd10aa77a33369fce485e6556b085fd253a8bbe3e29c9fcd7d546ba4"
-                + "fe7e8c7942b64491dd54c31d0bb5701ce510181847a13f30294060ccd547ca6c4d195954"
-                + "105929088e2d86530b3dca1978642e8b31bd9cde0730f65cac15353c3084997a948228fc"
-                + "51618fed3e97bdd8aac99b9ac606a1f915cb17bbf0db9e4c4cb9458d98a9beca762ea26a"
-                + "df774bb6667d4b388e84d8fb39999a7a023dbe0fb7cecde785e6f0e0344b447c2f3d0935"
-                + "fd93679bcd00204cd7ec4b9aee4410d1f3308021ec8cf9bc51a19e2b9250d6564e0d4885"
-                + "e93e414a872511518a77c1cea82c816538fad83f98e889b725909ce5583b0f7694e612f9"
-                + "4a43516fc2a9e73f9aa59b65ff3cac8ea14b05545fee544b84ff22a8308e44b89019c29a"
-                + "07e8b82709e5d7090f7c59062f0b5561e452b0349662450d8f68acf32e67a57de5852c55"
-                + "d5378923d07d37d4e0e5ba4356cfddbaf2bdd2fb6592adbdec5964a95ad433fc0ba01c1d"
-                + "1365391d98dfd4fbac0d3b26a92465bbcf197cce5e098f3ca0e5a58a83b17b918c1d1a30"
-                + "1bca3918da53b18a118f333b92fbd1889cf0c647ee1695f236bdfae2aa8ef2fc8773b0a0"
-                + "341739f229ef8a53bed9043cd12d7d9cc041c19493158f25f6b4193199707468df486123"
-                + "44be8e34a56e82f3064d141f1637e490e1bcc51fe2691b828f0276605551a70f86780fca"
-                + "184caf1cca34bffb679ed1d1c416b0c1320e8ee3401bcb148deb953f9d15032022ce6acb"
-                + "35a973c3e7827f24bcaf0b74333fde8211750af5b799f1e2f13c4e507b7703f7812f8ed7"
-                + "86ed51a71f758eead7153e3ece581cad12a60672d5c099b361a17ccad9c7ae638f5cbab5"
-                + "73d5a132f157f637420e9b3fc83b7941dd8e4418a16fc166f2d43c49a60c116cfba371d5"
-                + "03f195ebed43066af11e08c8bc4dc44b77243469ab823be815ae48004800f36a975f42a9"
-                + "4f1ce45ce8e0bb5d0ef55f9e8aff3bfd529677c232f039646acc8ad75698a8de52d26786"
-                + "229bc15da4e6f097c327a9bb641b796921c4583bdea9537f84a15da277b8caf6b292a1ee"
-                + "e5951233344b9997d0747a390ea0b37cd3a20aa7a04c137b17fc8051a4fe1c5a163186e1"
-                + "1e4ee74ce1c26bd2452ea4639fb7d7f875b3a2553f256f568dd7b9b4e6d84d4d454034a8"
-                + "9f2b1174e8fe8ccfbf145919f7b141cd0d0594b47c228ae4989f4b4e63aa2c3f77336945"
-                + "f4c18118242974d861baecb9967a909cb4b1413778e3c4f6ace4cb46f6e8ec5a959b2afd"
-                + "293fb5bc43b14a99ba4a50c8ca429b448157bea59f5deeeef84f7a19cfef734f6062e8d2"
-                + "027cc3761c0c5f30ca3f89018c595ff87dd17d49b3b1ad36228742f70948a7ed5ccc85d8"
-                + "d63a9b2ba4f68f064ee7b9850216b7963dc79b30f58d50c5d3537863a5a1eb3f12ca8874"
-                + "2d66dab69c74c86de129b9f2c811cccf8091a30e058a71edcce014a0ad042b266ff6ac8c"
-                + "6550112f496ced59f95ee04910d803f4c6c662e2069c7d6f6bf03b4b141b41c67600cde2"
-                + "bf1bd98578f769f65b11588863dd69977337bf7f206e9afe6cf544e4e45ce310832ef9ea"
-                + "49d7dbca3918c22a9fb448a75113eaff1d0ecab031bc0617fb0be2033a20b4d4cc324bec"
-                + "7980a32a2a7ca66d82b565477958af80b4e410af1c241feb46660bbb2c5d7dbf08e47b6e"
-                + "16b6b03a685aed47cc52a07896bed4e278934a6cb863c0a5e7ce0f7170dca309b80e1093"
-                + "8b59aeab3f78f70aa631ac6e73285dfbc65cd61629720084b0782595487d92a8d21feabd"
-                + "7bee3218ce484ef6d3ad284e355ffdc1c907a831ac7ec0a92ad51b654b999ecb5646e498"
-                + "2242cd7a49ca7deb11d5688a52f1a237afb80cb6fe3b46fa4c59baf8548f7ae7af69c13f"
-                + "b108a4d6ab0550b8a4b32ab95562b3ae70105c46f8fa9b759af68c79981805887e613162"
-                + "59942d76cf02eccb838b82d6da47694ec2d00fc01496c417b60919d22b8b302a2dd4787b"
-                + "ee2f581e0f2269b53bbe8e1562af0fa65e1729ac04b88e45526c0d57828de8ad791e6977"
-                + "979452cce714fccc752c5f30a96aabea1ca73d0399bdccd8c9ac6c0757585b47d2454602"
-                + "67be1ff3793dad5e2f97400e44f0da442dd82d9329976a838f20b747f8f615f392551816"
-                + "5cd2196a10b433b1614b785eead6c6cbb3678e1a7afde8e14e2f85b8418bab1c7e477fda"
-                + "99f7de5844249b31c8f1f329bcfbf91707911ae74ecc2c5f014b78fbfb26f106a5fa735e"
-                + "cb9121138c9b3d84b350433d4835558a0da74f0df8a61f598a219c54d7b89fef107a943a"
-                + "8a345a33b223d70974c79bc2f1af9d5d1e237a2505d407b2c957b7bc65abc76145b473c5"
-                + "66dabd3db721cbf4a71fb574f4046fb927ff0a076f3f466abda2b5182bec623fa0f1fcf6"
-                + "7a8ba62cb30647388cf9c2a9ab146db9855c80baa1743a15e402766b3910314219d8d7fe"
-                + "012d3750f5d36ed8b9a522d8aff3c6e9c660fea9be58584624b84055fe0a8edf9f182e45"
-                + "44be653c9d052b14583289d1720dffb7f833f0cc7dd36eaf8a48894a742d4328113073af"
-                + "4db5bd60a342086f0f78a69f2a7f1f190609f83be2e45daad123bf37b387fcea41eb8586"
-                + "4ca2192c10eb1c47201fdaf2f493267d285d82a1bad6",
-            "03fe19e89df20c2fd4b7227948357829765b81d88c2212de4197d1700a69b3abdcb5b02c"
-                + "adf7e2df91958c5994a9a68b5b47158b77dce08b3419a746561e3eaef652b628c20a173e"
-                + "f1a21560c8384725bc7f3ec9abf6a6a433ea54451f15a7fd5ed08c2a53d95e4b51eaf54c"
-                + "ac4260e11b98cee8cb185af54122f699321acf0b9535edcbc757c71bd5c74f4fd754614c"
-                + "cb4a948fcdcce6e0aa8d590baad1f812b2f794c84ab36039430d42203d0a423866ba1d06"
-                + "c3e48ac789c4162574529e5282b10616181571cbf8c7904b3d34f449c6ba934bc1d9de8e"
-                + "29afd383a32ec5e6198c2405aa4c9370d7907ad29301d0a5decae9055a2f374afd48bdd6"
-                + "6d642889a553ae29bdc7fce2497af7c9dbe20b453e21efb07fe08a4f9f7019fab8ea8433"
-                + "ae68953a9810234313b9cba7f87c13df3b3c7cd80d0078d9943734cd8ed1dae65beef615"
-                + "295d4cf35723485293a551c98917a5a923d5049e803e9b2c403c1db00853c320bb5f0bc0"
-                + "0de1a41567d9ed94549a4130c05cf159b0d48b9d81dd1091df8c25c3797d485a688accc2"
-                + "17a33c216480ab323f43fcb9d6df4476ce5bb875ab9c870842518566833c847d47106d77"
-                + "5155c79edb6636be4b35020cab53cce6fb026a5b38f4ed3d427c4244d8acae573f1e01aa"
-                + "b8a406f6ffe361bad6a028c7c0229766e8ffbd45e83e4e880580c03aefcb40f0fe7d20e0"
-                + "5d4df51b0a8cfba618f94fe297b6d0a8a7a1e19cf8ef19f06a96273186fcb72ea0049ad7"
-                + "febce5585e20ac75e008d75d91bcd2cec85489989dce68dd3114a0ec3f9d67a9e6157c28"
-                + "f39d072c5a0f9be55bfbec17f1427e15a9ea71f0b707ca6a28512072216b463d6e144752"
-                + "eb6a25a2a74ea86231f41af41b8dd9890173229f1a0f5687223848139f385568bbb71a04"
-                + "266552ffcfdfe5b8f4871e2ae905054e0ba08e0b1de71044ee96ec46b8ce9bd1dc567077"
-                + "821322f7b11172484ec498eba2e9016cb20c2418deaf5c3d72216a976cc591b19ee0c502"
-                + "0b650fddbabe931c1965ee53e2f8fd8e0e849085460ede1c5d180861cfe61c4b1e708d05"
-                + "90e0ef7dbb25434a619d036124044a6c4ffcfff3c5cb1d02b9b47acc518bba187b8f604a"
-                + "a91dfd0424446a2a693f995128ea9bf003d83fc034cb951a697ad596b5f9e1d84dd74a37"
-                + "ba043d6a2f623fb1689a0f714b89cd6cab5d715fddc97b1338afd6536306debecf023585"
-                + "9417213af2bc7db2a91cce582f2f9d1a1fcfc9031425d111c35da1f3deecdee8b3f7aa0d"
-                + "9bb32459cbc93513d964b33035348ab816e82e9ab5990ce4b2db8eee3e65ee355aa5a8c9"
-                + "e0499589b226c5f93621ed189b395b5b5f639d4c74218a73992f763c6ceefd4636fec088"
-                + "929479e154b6d5db7fc236061d0240c743176c0accbfe7bdc44eba4cf65ce0e07015ed10"
-                + "9b2146fe37bfdaacad4fdce3e01ca41fe25037e8e5a10e88da6b8fc56742cda818526b47"
-                + "ce3240c2bfcef3699e2af5a01ae6f42265b83aa76015e6b5e3c657afea16c25000895081"
-                + "f43a2e7b6a2e0de9c6c70993ae3ce31d9a7474260ec37ed5ac3f54aeaec54d635e7724b7"
-                + "d1c894f2e631d0df9d3da5937731ae29b056f2b84a9833fd2e04217f56862ead24eb80ce"
-                + "72a4f127fcbd0087cce69ae0b84cf1897629cc9b41fb1643e0642ba0eba008f783ca91ec"
-                + "82af80d533c3f1c0b73957ea77511610ee70e0708762791c1c3ad7aa2d8033fa54be97fa"
-                + "e1559e3e0271b036129d62c3e694790a5a6120ed2ac3f99ecbd76f4a76fec84219620dc0"
-                + "025825924ee4d24fa590f6fc29a16d3546f3e71080b5847a6ff2bde3cda414463e7cb847"
-                + "897853e9bcbd33ed46bd01535245dd584e1a17e75265973bf25b2b8e098f5c0a42215d68"
-                + "b65fb357de4e76ab795a39c3b8350fbbe7bed8967a615076b1b36b96c0cb791479fa3a79"
-                + "8664370795ab793d69aaa654346c7b914b6572b34b6f4a053c655c41e02b626d4736e2ae"
-                + "d36f0878935f46578600009e2d5e0fccff5d46d551806cc1b802184513234325188a3a67"
-                + "86b2519a6013aa2d8ac9c776118b9000d1502fc058eb7ebcc86091815f4724589050bdd8"
-                + "2cc249211545d2228b38503cc486a2c4ba224752063b315f49c9974245e6870ae369da4e"
-                + "572ca850be421c8fe0ebe7da05eb453f0f258b295b7d8e8fbdac0caefcfbe84134a4ac9f"
-                + "4d8fdd596df2e18081e9fe5128a71eb8ccc79df036c2380941d0cfe6907c354d579a2855"
-                + "b45724992f18d5ee277fd2dd9e48251130640e175817135f895e4e752193554bcccdd82e"
-                + "08fcfc4f33269c2a33621471ac102766932b8f78fdf3a21c318eb2d9ee59ab7fa204d725"
-                + "8219ec7e92617f9ceedefdfcff4c9c5692c498ba0549f578402405f651ed4dccaa786cba"
-                + "95366e41ab2708a05c39339493518671e2411fa1c641eac239a4ccca80ecafa879930902"
-                + "a6f221dc77977b6621914988930beb5f69d2c031208b13f0bf44d0a82deb0520ef738b17"
-                + "2a5f663998837439e595985e782e69e41371bc5d6600f14f8b0a180bdcef74b56149dfb8"
-                + "d2224357c46e486fc52492ae7718514a26d5d9acdf15dfa990d265900afb3d3f0ccb548e"
-                + "fe5a9bb39208cbbdd172ee5a2330aec8574b894f2d8d4a473ef4a3b21aec96ea9669d23f"
-                + "c72773fa9d7c2bb9052131d056e9841f3215fd66422107e2c3fe0ddea1dab6fc76bcf5ee"
-                + "8e90305020a8439a9b867c7a09475b3fb4515e685b506fe498c547acb659dc862e27e270"
-                + "41c9ab69c055d483fd7f88a5c715df32b1e7258e7007c744e0356bacccf93ebc3cdbfbea"
-                + "f9af0d6bf224995bb4ea8640a1f7f7472de5aad1645746b37b227dd84b806331c9c91aa4"
-                + "4d6724f6cea9f59b3489b136fbd7fb9fdc7bd3919f40738f0215896f0e57fc3c6cc4b07f"
-                + "3eb18ef7121a3a51506a57fc37578c7c982dd031cbdabbba993c4bfbe5f95634544f5f08"
-                + "b46f3c7fd5c3585e66363da541b95fed20f316f746319fb7b6a0a4f2fa70ddf3943b5652"
-                + "2a244856cede10aaa813d924dc0984df05260b2eeb33fc14d82ac096bd3a84564c129883"
-                + "595210a196bd3312e8d38ec808d5009992decea8ad2165597cdb27430ab3ab595e2d51f2"
-                + "68bb406e2e013ab1b7fb48fb47c753a7a01a257523bb59d378365713e189956f37f035d3"
-                + "b0865cf0d28ec65685d4e700f585fd2a9679c22f4028e892a05e374b768077da7a050802"
-                + "7d37ea278fd43e8a6c40218e00b47a8bfcf14d1d3db7df57b5c6cf69259d87773a3345c4"
-                + "5cb8f6a7e91f23f5a6566bc9a3125598ee90c3d3f5d814597e0d87a54c6c3e883a70e5c2"
-                + "49efbd57cc8494e9c56e088c355a49b512f09908df78a900169fd3ea8de67b521b826826"
-                + "4c7597c2900e8bb986e648f8b69990956e8ac069d811fd9755235260aa1eccaf25b6ce48"
-                + "46d33f7ff6f0291d6cca010d3be72ff3f885b9252138a801788f6661ab2040866cdd776e"
-                + "1616ae57ab588231c748656e955746986766494a6a460c4352f8a843bfbbd6199822ef85"
-                + "34ac1c436389c7227f4b0626670c8aa2e40c650bc5d27e6668b8bc7794c852e66f98ea3d"
-                + "b47bf906a2dc47fbc17468a1a06b4c559db922fb0649ad3fff2dd9302eb79b9b242750ee"
-                + "b95e0985296bdba72aca0bd2c33d48b68eb89c8f4c4ddb9c36387f8cc521698eddbbb60e"
-                + "bbf356145c811cc136579d0246eb9c6fa224438bdffbfd74c138302ade0307003c04b881"
-                + "32fa21c6119e1c4fe48c4133dab830acde6d9d050b74e1e7a05466e314208a4a148a7a62"
-                + "23530f18aeb1a6e65f0680402c879bfb914525132f99c185c96c26b394d3b69e3d96ce16"
-                + "7ba9edde0cf6b689d065f853b49839d868b4fc0e879f0e2aba5053c5746630ae06a80b5f"
-                + "4cf424c1ec3812dcd16b2ad79bf342a7e84535940b254941e942a1da02394dc19978307e"
-                + "a5122e9607f598c5c6f9c64d9100f9971a3e7b8e4da6b789b41aafe6fd66d69b4ec7af94"
-                + "6b5abb71c8213367b45eb67200b6f3b293f5d5fbe9c37b84b641c6418eea1cd07b0c63d5"
-                + "1505249a0c253e19c4c6071fe6aaaff1de33a96e6c7e40a8bc647bec54b4798a0076fe2d"
-                + "11507334c12896123de599d0712488f056d5aeadaf66dae5f46009b9d2621e399e3eb08a"
-                + "9e2cfbecb82396fa3610c35e1f6464e326b0f969609fea857a5b59913d4a82f08dca0fbb"
-                + "1821751a1a9c4993429f715f30e6a2bdb102b1d8264ef83eae3009431f228f1c2b5c3e29"
-                + "23f564bcf2ebc2862b5733b5ec22bf9f7d0dcfbe418fcb989b3adbb2ab1af9a161daa4c2"
-                + "e2920cec9ccebafb9d3a241d8e7c659d7caddcc20dd787b9707c32dc5a34261e2d18e85a"
-                + "9a1e7a709ea161e1d12869a490c8a451443ba53347d3ec0b9df4b644634f12dbe36dd950"
-                + "a11b633f0d1bb3c4e6caeb735b6a393a9676a7ec9eae6cb916c5636c9a57a84b919e9cff"
-                + "9451e0695dfa7a8b46e36a72d40397decb7a8405537cd8fc42cba1f11f34d5e10fc02929"
-                + "c8830d941798a52d79be307a535b04dcd73da1734e696e2b075de7d43b211983fba7d3eb"
-                + "6758aa23ab87dd338ae5b7d4943755ec9999558ed1ff4d59e7e0fc57304b4e0cdd98bc8f"
-                + "6dc528ac55c6951045a04a6ad2ff813ecfc1c08bb11c27f8cbd93ee4d99b07e56f61fb89"
-                + "5bd9724c052ec7ef148b496e8093b6fb9ba3c236e43f575e19d728bfd2405f252014cd79"
-                + "984d14cc2a12f0434a826712f299a85a6c80edd30dda8f0df1639afdc1217d7536ba6aea"
-                + "69059bcd1b909e01ba516206b24b37ef8ee329ee88a4539f9d336209abfc823c9f223231"
-                + "27b10a135dcd9cee68d62f0a43510408e4f1676072beacc6fcd646093aa736284c67264d"
-                + "387fa3ff0f76e14e86ebb12c518940fae86d4749bbcbc0da42e2334bb0fa284efdf970f6"
-                + "9eaf55c58be039269e69c6e857f824b0a4aef81cc4b0cd39cbe821e2b9325745c6426487"
-                + "31f5edc1e35a2b41bd5f07b8c7b48207264426d8203ba45d6191ccf280e475112d80b66a"
-                + "467419596da008c13ff2c7a59d20e07c45444b8366e37d21a2ea0c435c74cee05cc9360c"
-                + "3750a512ba03dbd9ee1342da85c50a10d6668215c48f1395ab4a88af64810137cd1a94f1"
-                + "5a080c321af1b269203416caaaa53d3314a867ad16d72f7b6e3b2cd9ca1deff124eaa103"
-                + "f033a76f9dfae79543adbf24bf5d0bcaaea2b468d11a779d53564c7f131363af96bc2003"
-                + "ccb0636fc219a0f59cc0eaf48ba3750801bb916b78220dcf99fe5fde841d4084e47519a1"
-                + "76dce6a1bbd65c2162f923336b13b045a4bbc19337c71afd351b1af0ccd5642f5ca62df6"
-                + "374d5c1c3f636d8e5169b2e9582607efd5b3925d584bbe8b19a29a06d8f0ee958011f984"
-                + "4d24d6652ea8f21de11ebce37e3c64ff24bc986a5ffd3c2ea59d17dc8d3cc7e5ee820bf0"
-                + "fce9755249b520bded1eef46d08204b39fcb6bf5a9667f9f07b2d630e5cb5fd56136faf8"
-                + "5a2efe82efd22914a0f32c3ac226d793a0b323c71c8e91b27e45650b61de65e13a0179fa"
-                + "af98bdff8031c1fb1775c824be05bcfce16a10fa21d5e2e3fe06b4b17b02fa19a76df8d9"
-                + "c3d5417c1eea28aa8de67e8d6d29eced26c07c9361c9896372fd451754d8204f44bd903c"
-                + "e7ff5d0dae69b5bea66692e0e8160452095b509f85ded03e0d195929849923cd28e5ef4a"
-                + "0b969b25a34e80873ab0e49eef5d0f532d05a6acc13d92b4ffcb6fcf80212a5a744f11f3"
-                + "bfc93eae1f19c2e66a8a799868f47d4bb3873b88ed7bd73e01ab27738657fe7ded82d5d8"
-                + "47d3b05851c55a2ec2dee3587b96a07f6bc8bcdda75e1acd6af8b85c1ffa6bece522773d"
-                + "30e0fcebcd09da2d6d9130961571db1546cdb405566b3b80eff0139e1c5f5fcc1cdc1646"
-                + "da134b24bfd6cf0f3cf790214f505a349911c15f6356eac315eeed27981b5d780ae493f3"
-                + "fccc17f93fe13466abbbd2096f170cfc69748e6fbc8c243e61da0aee285ca2f795bb5c03"
-                + "762b0fcabdfd8c422dc8625d18feaad2b7ad31bdf6641401d509393701642eed48f37878"
-                + "80ec1e355760ad6d095139c5af12da8a1af32f7078ceaddd5db21c8561d18098ab29d95e"
-                + "1337bc2a1f6b7372e298dd7f7dd52613b2e057a103179977ad5e4718e0fde0ec6e21b4af"
-                + "9fa01b110280ca29adbc776cd275a46115f42b566c9cf530203e221ab39dc3484a96e06c"
-                + "65821edadbfc50ddbd5702ab563eb4fbafae513735c93178aef68486e78776c8be66b141"
-                + "35d8d04f2af39442e0f3c264495530c554b85b06d59e722ce1542ca428d6bc724bc97b97"
-                + "4c10e69f6db0a1e854c6cee309a109374fa3d39f5c780cac40295702217833867220751d"
-                + "ee6fa2e5badd335c788a267dd9cc6a2ddcda372a2b25097eedd139ffaae7147ee593da74"
-                + "de201f959fe86f9166dd59a2dc36b04625c804cbe8e96023f2eeacdc8140d22d0fe9e16f"
-                + "a807021891f772505dab861088b492154acde10a1539c3466c0f40111a902bb15d37fddc"
-                + "4f1b9c53e651f8657360c636ca65407df9a537c7f2a3cf8cc69310bf6f2b00bbd6e04a17"
-                + "2bac7de33c77554ae4255bf71f437b2fb976b8295346c7d8746536db31a0edcdb2e0743f"
-                + "4c4cdf1152df1c65d11b4f98b35da958fcf6a41a813878c4d3625f3856f8b7d85a428a29"
-                + "526452ad1374ae59cb3f70329960644aeed4604c54fdb9c89b507a46c3471d70ea84d4b9"
-                + "ae08bf43d206571f8d85a2594f7b1f23bc705822461f46d0683313f98ad4de25fdf96e4e"
-                + "612ac233db75fe8f7d55b7d7c1ebaa5a19308c4d35a9f7841bbc2d78aeaca3dbfe51eab8"
-                + "d38b60d1f4a1afdf5bd5144c332efc29cebfffe3d0a8b3ca8e065f13c143d2489e8f26cb"
-                + "d806eec413d904b96ed1f7b44e48a540921a9542c451389f7a7fc15b540d30e6d4275808"
-                + "2a680e308789f99cb9b4fe0405880bc6a1fdc2ea25895b109f7b406fa69d0971bd056a61"
-                + "ba1d0672289aca060073740b985f0883805f75b54c492465ca237bda765dac097f069a8e"
-                + "c735779eb71db82465dc257b9e501fa2fb9b7ef69b64e59fd763e8baa8fa4037af84c979"
-                + "f9464cb70a80772da62d293e70a39c572d3a2c3108e6e188294f360c8e3c319ddd3017b5"
-                + "b0fec885f2ad5d412cea1c73635e9b141c3360e41a40b715db5780323c17b10864d1b45b"
-                + "61781fe487592858ecb11c99ccf7300bf4d0e3fbae7939f922a989d464fdeccbd3b00149"
-                + "4998cacf4e38229b7ba49b851d09c8adf900a3d0abed61442919fe1973ab44a40e3cc2b6"
-                + "ed8b5c501dc9ffb37b68d3f58ff4811bdadc6464ac2b37a3bdb39de4e18a6a9b15e9f318"
-                + "9b8010df6250da8f18ba514ed50eb979dde95836f0505c58c90028849573562dd78e24a5"
-                + "6a0c42f4d533023910097d8e73f2ee5bb4ec173f3b8a4b467bcaafe2896454979e753bb3"
-                + "dfc2f4092d889e6e7a123994e2f7fd835188f8bb668afdee1bddb8cb3076c6a72a013c50"
-                + "cce90e922370bb484e419b22d86a0abad1ce1af95f26aa14af36542ee25274f90ab22845"
-                + "67db373f1c395f0d90f09924613ff8f20b46947baa8a5e88f48b63f52251e9889aa149f3"
-                + "3efc6cc653a4f6c7888cc2c493c0637f7c46664b1a41e82be785c080e5e81999e63d0b02"
-                + "f71cfb93afae9f1d64fa723a515dbbbf0e84f48876c902bf0fd5a24e21c5934454778295"
-                + "9f72e855933087e3142d7407b0e9224ba2b5976d43b2d228f9368374512d5f59eb2d1394"
-                + "c879dd392a1401085f6443231fb8f208b9e3143bbe5488f185fc1eaa96cf3562cbc5bb56"
-                + "08f7bad8250fb1fc28f72e9fa04a4bb5819c00c00ff702d0be366bdc1f2f91d65a605a88"
-                + "7bde087bb0d5f4a608e1d2418b33e49e04dd706357389e94dbc6ba7d7c1aa1ec0ce2ceaf"
-                + "d5ea409c7b3a435b2a4f5bc3209c3d5bc9e0bf60fc96f75038aedd82ee23a6b6aad794f3"
-                + "0c6ddd0fc73224f531ebc0334401741d6c009bce65dfe56432e34d5b24c0acce727982be"
-                + "1c01b4d02d96ad4297c8e17bd550b4dd586a3f4f2a2783790927d220dc254f020efce565"
-                + "d0fedf01125edf2098808bd8e42db499a8bf603f70e45620f7b86df3e5cd27e8bf6ff8b3"
-                + "f4d5a5403d0dd6304579447bb8aee092629efdd5b8229946cda41104fe063f2e5ef5599c"
-                + "9f409e8332939f48abdff0bf90fbc13b34b462e7725f8656197b97b97a437c3fa82ee97c"
-                + "217c0b4e4d63681f6fb9d9746823231f27b19fcc6f15a65e8453546f9594d76546febf8b"
-                + "f7e189fa36676d04a3c4f13277f20a58df88a285321624d0ac173fb8376af9cb224091ed"
-                + "86269a7d6911e7d031141c118725a9cec27523ccae6aaa92293b247b6e6d68c52a873032"
-                + "d69f09e32510b3a3a2d9112f09fb35b54ef7bdaad0e71781faf246283127ceba1f137678"
-                + "30eeaa766e5487ae2d90a07d6f3e1164da65c1459e85e5ac935d15a62951a33d08b1741a"
-                + "e03515e38f29b945e4a5d4bb65c54a735ccaceb626bdd373c330f74844a6ba0e781cdf8c"
-                + "ebe829d1ad02bab96405afc68253265a88187d920415414fa1af0bdd01cc395353f8eab2"
-                + "1e5d30660c329ec6b83a77714739f6ea24c0ad78fd538b06139318c9aa84e3d6e52b7db6"
-                + "d08372ad91695de5ec6f1d738a46b8672b12af6c63427eb7593be449c52be0963bee1282"
-                + "b615673863494c5102aa3c3370022af20ab9e9ec9a7025f14850709d08a175844d9e837a"
-                + "611b3a70fc03a6c1fc191b4e3536c844722596ed8a697afef863d3ead8f35337cfbb1e1b"
-                + "3fb23034699777bb2a21cecd31120d4dbc6326b5404766ed53f275122ba02d2ec7035c58"
-                + "4b79387aeb772f233d524e329f7f9031e6c9f5a18cf76873fd6a875d131bea71fc1fab6b"
-                + "1e869bd0dc5fcbc6a6cf1fd1a1ed204938ba3b496a68fac70a948af119141bdc0d92d1fa"
-                + "f7d1f46d08062f87b8b2b12b522a7afb73426462677b915ed1dd2e096c174fa23eb7fc71"
-                + "0e2123998105a177fc55a90b2cb9f3f7f13c86eb4f169a63f0ca454a54f90dd16a8245bc"
-                + "7b9034b2a6b6374d8ccdbe1862feeecef9be224b8448b3e80c76c57b63465d386ffff26e"
-                + "3f14d0e7c6f2a31f37a9b94293bab1b5d5d2ab46b7279b99dc466eb4b04918a84d1385fd"
-                + "c74fce86698f9dcab3e3ccae7e94d8cec8bca18fac444db03f37853f416cb5037cb0ce5b"
-                + "75a24e7d2e52b5beefaba941c907c03f000fdd667096cfe68357b8173b62095e9c312d98"
-                + "a5cbc3ad6cbafdcce98f4a52634623a010814344b6de5e7c9347f8dfe0d1cf52ae1d7443"
-                + "ecd12805f877012abd49cae1453b4c689e47e6877850beb657efcaef5623fc99215ef89a"
-                + "c33b9cf32126865299829478e23a19f1321dbb05814bb263ed59b01ca72949afca6abe11"
-                + "6c449598dddeb71c51f5cf1098bb24db154a29a0aca63cb89719b2ec7ae2097b41d9734f"
-                + "bf89d185f39756ebe4b51ec0f68e3648ba709c74872ae4250a8e985060c01e294d641dae"
-                + "890c6445b9ea48253967a7462d34159ccfd0452c82086249efda8a2e56559df2f21db1c8"
-                + "3799d33b2ee9763b5f4b3189d529009f9ac23c9ff9b0da6ffbd3eb9ffd73cee02fad62c2"
-                + "716d2ca27436f44956c0338adcbe99feeea400c165e80d51b519fa659ce38ab0e2361148"
-                + "bedb613db78a50f77398a1350d3cf6c7dd4905a64f06c7837b197221e239c401d697463b"
-                + "fa2ada91b26392da391a132657bdabd08a23989ef4cd2a9cc93d7408faed4f3cd5b37c34"
-                + "f7b5113342b7dd75ca5a474ad2e1fef2e1b5503049cf879a1a361ec195fb33e14dd1a7cf"
-                + "5a6365e470cbc797fcdf3f1b2550637a7eb9ae04e2e5b45ecbfd441df03046da55b000bc"
-                + "9e58ad71e569fe9c3e8501746939e85ea4231b56bb99390d2ec16281049dc0ce4e4ab29c"
-                + "86197ef9e78f259db9fbd6a3af4aba9c4ee4b42ea72efd92d0ef6a8a902a017bdc9e7540"
-                + "d428a3a9b54f0081288998e31eb1247fb21749420911fb5f11b73a70cd7203fb039a25b2"
-                + "1bace7ed56492ce4bd11b189f8f08a5d8cca30ecff25f1b75ac4c6d99b33abdc82032eb8"
-                + "5e8d7e21e410f1dccb22430868a64bcd3fe564135623cdfc69f6aa2d3ca65fa5884aca7d"
-                + "8c7787fbe6a36d79291456972ea8a1beeb31b493753bf93aab46aeda348ff677d0f72976"
-                + "05d00fdaa3619e022b2e53b8d5323a966f3d8e45ef0431f09086e2627d66c04dd44215d1"
-                + "3cbe2e004ec13f87081f8c6ec10ef027f10c1be4af9002c8baf24ed38b2420eb94037751"
-                + "475e1e62d3f6f0e9f4aa152f2429cd7493ebd5235c72a82b3874a0d1864a70b42fe07aad"
-                + "69de5187284baff925d972842eda9ab6411b6c37607ad9eb3d0929741514607e84e5c6fa"
-                + "db2063832a87480935bf35fc1d58ec626e6b18747bec5e8cb4db8c39d679342142969780"
-                + "9fcd62f3d68d81e1ee88c6ee2e709e5f9290179ffae3058784c467184c1dc6e48c3f0577"
-                + "04b7aafa1667a0d7a4eed2e08074e4d7c72dc9977eaf5669c502f363c7b1930b36feeb6e"
-                + "f44b60591bbb961bc0020cda4d52d51f184498ebff010dfa6ca4dd388d59b6c89b44a846"
-                + "39e864de7b129abb35439291e3b45fa69f120a8b9df8151c012aae3e1c5f78f3375cdfd9"
-                + "c2280bad9c3261c8f6a9d30f83dc671be94cfc8782da4961155425e47180ef9c7be81139"
-                + "f28e5e548ca95935d74eda74c3c54feb90cc3dfaae8ee0b06c1710e00c8e893954ba8b46"
-                + "79dab007d96c8d0b347951b9f29993a420862cc2bffc7bd6d56f4bd3f3cff871c10d5865"
-                + "625967338c8a7c1d613e4de2e2712ce3a8ee12c0da16cb65788d4b17303d2667f3529f92"
-                + "7993ccea6f96571cc86f3264979c891025f22318d17f21a06fbbe7a1cfaa2ea5d6c8d956"
-                + "b39d4afdd4a76e11f17baef8d230cc82da6d5416a66e907ed8c68b0b8636f03c3d22684b"
-                + "bf0dad9c86812ba8d454bd1a0d515c8b2e8dbe62639e9da15c5ae87cc9a1e195da8f81c2"
-                + "c4c44329f7e7bb4baa08caddaee9aac3ca93982082781b3c03dcf9bc27fe31d12c677ea6"
-                + "2f0f2d00710bc5c753eb8affc6618741263290d7e62a26ecace63407f64ac853ed15eb9e"
-                + "b96735523653e2650088b43c776ab089329c906cdd67ee5f53c2b5ffb2a42c175cac35af"
-                + "d8b254f8ccd8aaa771417a2b0d58818f4ff7af1bcbd47ef1904dd49ecde3d95f67407b9a"
-                + "3002c1180355a89e886ea28dde0b53f0c0554ec680419b8de6276c71e59bf7f6eee722fd"
-                + "2f18df08c5afa4b4f1c4c2c36c4acc9d8e6a408352fd095746f7b548dfa89727a3938c45"
-                + "6eea71718df1aadbfb3a9d579193bb1a1d3ef12c0e4673b58cdc42df747c47e8f7d3cde9"
-                + "b57e56b4bdc7582ad947d161946357773a5eab31b8c296782bed4dbf50c1aca02898470d"
-                + "0925794031163ea5cb25de4e6496c0cc166a13808a7e1642349122db3836086de627ac5a"
-                + "b8fc3c596433e2ccd7a59d5e5b974fda712c0acde6bc86e2db0f448d91fd4cf4666ecfca"
-                + "515f7692328bfc5adce4e57b1c20d34024f474278d654ee4793adc7c68818a53078bed1e"
-                + "4288cfb9991b3ae340d64abe8bcead6882ac26a7a680a6bb1da708dc0269b232d87ee0a6"
-                + "b492613b76bf8431f48f732bfec0233ad3b1e3bfcfd18004e4c3f9b4926e9e59c4313ae8"
-                + "c40de20450f84e31d57e0251c14ad8f1042f5be60537c36e1d6212feea378a57bb1f792a"
-                + "f6a0ac4fe989b7741b88c7e59c1624cb1f2a3fd84241f28cc82057fb4e9c5dd88908facc"
-                + "18283f607003b9dddbdacb9bc2e55d8622d21703f1a044079a7c30c5a055817305dc2a34"
-                + "ed6564fe1dbe354b83e78979234ae3474487dc8ab00d7f071d37f886371e95b044f4d757"
-                + "27ab7febd6d91315747335c2f2af8be2c1bfc36962b168d2338a9be2ad53063a0495590e"
-                + "f40a5a72c51b257ef600d6ce930112a4401cdc9b5ae5a2ad9eee4ca9a7b35ee98d12e5d8"
-                + "c122b7080c8f2528ce132ca3a546b0b96ade3c3314a61209b62d1e33979602292d0d1c07"
-                + "23db69c345b8cdc4eb21b40b37dff85f347f199ac17edba640dde8167f91a8396f1824f4"
-                + "12fc7d6ce5fb76abaa4884b953b37ceecb191a99451d62fef490aa10b20fa75545060dd5"
-                + "6e64242da12ea90f60a6130bbfe703ac9653038a61db80c5dbc81474516fbaa5630a588e"
-                + "3ccf0c0d2b4fbc0955d69e1c5b72cde82c79ee92137c82e11dcdb0739f7a84987a0e9559"
-                + "367e4dbf9096976e67d44086002fc3899c532ba9c2b8064852bd4bd2c2b60b23badb1b21"
-                + "f2158b9ffca70f02bc00cdaacbd15602da1edf6530a59088d9bca500935b92c3eb5ce520"
-                + "c372e1ec3b75882f39a3f902f223332eaaea86cb608a6206fb8a62d1349cd8d906bd405d"
-                + "47cb6a3f65c72b0bcd2f0e3aacdfad9b25c7f61282a9e8c7021f36c274247cbfe21c810d"
-                + "2ad66b2ec18510a7acce809954d4c8357f5037b6ce5dac8a40295d6f451c9889a73adb6f"
-                + "7d0a88c55ee7796512eda8de569e088a027c3e86dfc33df4307e26235c9c446769b0fe4b"
-                + "71a9103b728cf43f9ad70f9cd3ca934d3d96861612c16fc84d22feb1eccbd10668e8fd5c"
-                + "87408ab90e8834770c866c664f4bb5661bba8fe44fe8a0062f000ee92e5b8f62fe11f924"
-                + "4bb7a337dd6d8e9158ecca146aac6b2c57bb6cbc933635312776b292beccdf275326652e"
-                + "3660d8fbb3a8452a6f1cc2632d8f5834108238c31539dff7b296037f4b0d04209dc8db80"
-                + "e4d377733b5a53c63e1d63a488640ff77648c569c994099c96b87fefbfee4a8a8f65a528"
-                + "aac35dc268c8981c3496fe2894189637f772ed0d9dda215a726ca744e66c019ed61d0134"
-                + "6112dccfdbf0c88b2af1f2c7ace4a7825eeda571608bd921c924013e1bf31c2bf8434225"
-                + "f781672658401d0371abee59877f942125f5290180849ca0f9659b3112965509453f6ade"
-                + "7a80a5d902c68f11e22475ea5282fe5cd61fbda9b1175b9253667adbb344162c3f3987cc"
-                + "30135ac2852e4b9090c0e0d0cc114da680183fa1064bf5bc25a617c2295edce9421efbd9"
-                + "8d6a2c04aedcc05ae63cc0d7a851f7d55230d48fdf0f7365dae70d271e46377a75bd3669"
-                + "9e89da8fc6db50c03098e895ce6a0cfc67c11a687d987a34128168e243e13708272aebed"
-                + "eeae6d0a05ad8854cd10aa77a33369fce485e6556b085fd253a8bbe3e29c9fcd7d546ba4"
-                + "fe7e8c7942b64491dd54c31d0bb5701ce510181847a13f30294060ccd547ca6c4d195954"
-                + "105929088e2d86530b3dca1978642e8b31bd9cde0730f65cac15353c3084997a948228fc"
-                + "51618fed3e97bdd8aac99b9ac606a1f915cb17bbf0db9e4c4cb9458d98a9beca762ea26a"
-                + "df774bb6667d4b388e84d8fb39999a7a023dbe0fb7cecde785e6f0e0344b447c2f3d0935"
-                + "fd93679bcd00204cd7ec4b9aee4410d1f3308021ec8cf9bc51a19e2b9250d6564e0d4885"
-                + "e93e414a872511518a77c1cea82c816538fad83f98e889b725909ce5583b0f7694e612f9"
-                + "4a43516fc2a9e73f9aa59b65ff3cac8ea14b05545fee544b84ff22a8308e44b89019c29a"
-                + "07e8b82709e5d7090f7c59062f0b5561e452b0349662450d8f68acf32e67a57de5852c55"
-                + "d5378923d07d37d4e0e5ba4356cfddbaf2bdd2fb6592adbdec5964a95ad433fc0ba01c1d"
-                + "1365391d98dfd4fbac0d3b26a92465bbcf197cce5e098f3ca0e5a58a83b17b918c1d1a30"
-                + "1bca3918da53b18a118f333b92fbd1889cf0c647ee1695f236bdfae2aa8ef2fc8773b0a0"
-                + "341739f229ef8a53bed9043cd12d7d9cc041c19493158f25f6b4193199707468df486123"
-                + "44be8e34a56e82f3064d141f1637e490e1bcc51fe2691b828f0276605551a70f86780fca"
-                + "184caf1cca34bffb679ed1d1c416b0c1320e8ee3401bcb148deb953f9d15032022ce6acb"
-                + "35a973c3e7827f24bcaf0b74333fde8211750af5b799f1e2f13c4e507b7703f7812f8ed7"
-                + "86ed51a71f758eead7153e3ece581cad12a60672d5c099b361a17ccad9c7ae638f5cbab5"
-                + "73d5a132f157f637420e9b3fc83b7941dd8e4418a16fc166f2d43c49a60c116cfba371d5"
-                + "03f195ebed43066af11e08c8bc4dc44b77243469ab823be815ae48004800f36a975f42a9"
-                + "4f1ce45ce8e0bb5d0ef55f9e8aff3bfd529677c232f039646acc8ad75698a8de52d26786"
-                + "229bc15da4e6f097c327a9bb641b796921c4583bdea9537f84a15da277b8caf6b292a1ee"
-                + "e5951233344b9997d0747a390ea0b37cd3a20aa7a04c137b17fc8051a4fe1c5a163186e1"
-                + "1e4ee74ce1c26bd2452ea4639fb7d7f875b3a2553f256f568dd7b9b4e6d84d4d454034a8"
-                + "9f2b1174e8fe8ccfbf145919f7b141cd0d0594b47c228ae4989f4b4e63aa2c3f77336945"
-                + "f4c18118242974d861baecb9967a909cb4b1413778e3c4f6ace4cb46f6e8ec5a959b2afd"
-                + "293fb5bc43b14a99ba4a50c8ca429b448157bea59f5deeeef84f7a19cfef734f6062e8d2"
-                + "027cc3761c0c5f30ca3f89018c595ff87dd17d49b3b1ad36228742f70948a7ed5ccc85d8"
-                + "d63a9b2ba4f68f064ee7b9850216b7963dc79b30f58d50c5d3537863a5a1eb3f12ca8874"
-                + "2d66dab69c74c86de129b9f2c811cccf8091a30e058a71edcce014a0ad042b266ff6ac8c"
-                + "6550112f496ced59f95ee04910d803f4c6c662e2069c7d6f6bf03b4b141b41c67600cde2"
-                + "bf1bd98578f769f65b11588863dd69977337bf7f206e9afe6cf544e4e45ce310832ef9ea"
-                + "49d7dbca3918c22a9fb448a75113eaff1d0ecab031bc0617fb0be2033a20b4d4cc324bec"
-                + "7980a32a2a7ca66d82b565477958af80b4e410af1c241feb46660bbb2c5d7dbf08e47b6e"
-                + "16b6b03a685aed47cc52a07896bed4e278934a6cb863c0a5e7ce0f7170dca309b80e1093"
-                + "8b59aeab3f78f70aa631ac6e73285dfbc65cd61629720084b0782595487d92a8d21feabd"
-                + "7bee3218ce484ef6d3ad284e355ffdc1c907a831ac7ec0a92ad51b654b999ecb5646e498"
-                + "2242cd7a49ca7deb11d5688a52f1a237afb80cb6fe3b46fa4c59baf8548f7ae7af69c13f"
-                + "b108a4d6ab0550b8a4b32ab95562b3ae70105c46f8fa9b759af68c79981805887e613162"
-                + "59942d76cf02eccb838b82d6da47694ec2d00fc01496c417b60919d22b8b302a2dd4787b"
-                + "ee2f581e0f2269b53bbe8e1562af0fa65e1729ac04b88e45526c0d57828de8ad791e6977"
-                + "979452cce714fccc752c5f30a96aabea1ca73d0399bdccd8c9ac6c0757585b47d2454602"
-                + "67be1ff3793dad5e2f97400e44f0da442dd82d9329976a838f20b747f8f615f392551816"
-                + "5cd2196a10b433b1614b785eead6c6cbb3678e1a7afde8e14e2f85b8418bab1c7e477fda"
-                + "99f7de5844249b31c8f1f329bcfbf91707911ae74ecc2c5f014b78fbfb26f106a5fa735e"
-                + "cb9121138c9b3d84b350433d4835558a0da74f0df8a61f598a219c54d7b89fef107a943a"
-                + "8a345a33b223d70974c79bc2f1af9d5d1e237a2505d407b2c957b7bc65abc76145b473c5"
-                + "66dabd3db721cbf4a71fb574f4046fb927ff0a076f3f466abda2b5182bec623fa0f1fcf6"
-                + "7a8ba62cb30647388cf9c2a9ab146db9855c80baa1743a15e402766b3910314219d8d7fe"
-                + "012d3750f5d36ed8b9a522d8aff3c6e9c660fea9be58584624b84055fe0a8edf9f182e45"
-                + "44be653c9d052b14583289d1720dffb7f833f0cc7dd36eaf8a48894a742d4328113073af"
-                + "4db5bd60a342086f0f78a69f2a7f1f190609f83be2e45daad123bf37b387fcea41eb8586"
-                + "4ca2192c10eb1c47201fdaf2f493267d285d82a1bad6",
-            "03ff3c180f191eb9214326a3df038f5b168f96539b2af6bac89088a2c521534b4ac1c555"
-                + "e3a754af50c012e38bf5e5127c9f5204fe4976ad8b2b6b2a8936cd3a6506ae1095ea348f"
-                + "0aa6686646b5a0dfed9ed5d91a9d5d6b74e8c5164656d5ad426301efe4d19682970cbd17"
-                + "0ebcb2f829911cffe487f8838600a277585805e2dd575bd385d2f18c9f15877bb5601f9e"
-                + "f672f5523ac369daebd31ea15cbdfebae36e8b3dfe2f09237855202c28bfd059c1a2d700"
-                + "c2ba2c5ca97d59693c73ba073f852dcb41b4e19a6d9f352367a252039afdc7c76ddd0ffc"
-                + "a9b0e77d97a87722e9f8f1b63f63aae3ae1957482f1dc753dad460af43e078acb9497512"
-                + "a97ba6a858b3986d608d1eff4302133c0ef86fe2b123bb39cbebb0954a94dedf81f5f9a2"
-                + "12549cbb3d09a42b2323bc1ce86241ae30596e5cbbcabacad1d594a7d6bc3bae235a040a"
-                + "d7955323b18f2357993846f2f2a90d3cdfda2271fbaa94269c564d99023780cd6097aba4"
-                + "d2f76610b4350345f340e5d43beb12ef5d09c27268b50a4d7ec7428d3e008ff6c4f0de50"
-                + "21fb85c8861444ebb42cb49d2e34af19452c6685ffb5a7c6e36af83e1d1b1c770a05b9b0"
-                + "e5cdbb4127db85f88f95c0e197bb1fdf2cdaac23c6525aa5880341123f1ed83c10b8c77a"
-                + "1a0717fbc5c42ae6d65b5bdbd986e58538c7abff89f26be07e612f6036ce3b196105bf62"
-                + "22795f109e3bbb14ab9e4b6dcba8fddc6c273b8004454a75fac6819b13fa9ab3f3508e65"
-                + "9a2a413590057cf8d577493ecc055c2d88f403f03d2785deeed1a99481d91777777a0a80"
-                + "c49822f0fc0dcff9a4f384bf0eaf35cf1f0c8726abedb956166c07dd167918acdb6b0f86"
-                + "53989c9566284028ed49875c443b4ca9be2d101dac23a248ee96973a76219194a1626097"
-                + "897877ac151bb67741d49ddb08dc1054c822e9b63dc4cf71ae49a8e6c3cd1b5bdd48ecce"
-                + "768e6d9630cdf86c7aada5c9485f5b026ed55fb29925cffa23b81654ca9662efc811b6ea"
-                + "4aff0cf2da79943078198f133353daaa1beba45e8f4ba2a8d82dab553504c3615b6c4b22"
-                + "a92e7cbd0b5ddc3ab88a29cf555c5635351be42881c685463ccf09977514ace0603e467d"
-                + "62ece7f65e25b2425dfe5cce51a7b836b45292be6f9de3c760a62126881ff7c910caea8f"
-                + "c7701be59a47031821a87267e6d3eab4589db9220b17d636a23e7d685d98e5d49ae86b33"
-                + "18ae3709af2814a5800c2962f373a71e249e9c26de27f1a1a08fb3be26a6384102fa71b8"
-                + "4e94c0ac8952df997682840cf8cea302f14ff872de49bf975f1b281354eed33571c51dbf"
-                + "a70ae3497eedf53a23ca84f53976f0db4bea237c96bcca420dedac8ef6397a14def1a18b"
-                + "063f48a802a159b0715cd241a1a844a988e299467ce2847e7e1d3d9b1d5bf8951852403d"
-                + "f4b74a01fbb123b4a3544cfbf2daf3c6a4eb9c08e300735d230c5657f29efd1edf56215f"
-                + "c6fd1de693027096bcb708e3cbe8083450bdd76cf1a031d4a49f0c565f2e91442ccc4f2d"
-                + "8b24c535084ec23e4bb9ea21821c77b615f964dd7f28bae609fb4d263978dc5c81df2415"
-                + "be8c9ae320d3a2c366743d6a108f4a8cdcafc1592a3312e6051bedc031e93e5df4c129c1"
-                + "379bbfacea92e24e99e1bed384bd5f33f2438305bffe54c54ccc78586d3ae92fcfc53ff7"
-                + "e357285367b6503a972ac951508cad8d7ac52296631317fa418e8fd42d8c15d69fc42497"
-                + "2efb9d39f7231b3a32ecfd0036f09ad7c23ed98eb83e43705f1e73b69c36ca46603478ea"
-                + "d74a375744217f0db23e67f801ff606622547cc964022fcf7ee81dc122742b1ade2fcc3d"
-                + "0013dfc961e365a21c396877e04e65f3128a496f00965df4ebeca73e32e88946fa5141e2"
-                + "425e0484ca8c23fbc29e115209a8a7750c2b73e107c89eb914d7a4b54911a44e64604f53"
-                + "368f4c65a228cc9bc0ba8d67d45d84972cd4c9a7f9594b3659d60cac3e3630d1e8cf8e62"
-                + "5f321b492a6eff590da2efb0ab7ed84b9cd9483f427b75bd0195245e9f686bf5add057c6"
-                + "aecf38690662dcf5704c76cc5c5ae275a403ed42e740e7fdb8fd054435c6b34643d1136c"
-                + "6ecfd06aa375a886574e30b13260f01ec4fb79313617ecb2c8a5a39e8ed92652796424b1"
-                + "b118910ffc50d28046d68705737f5b4a8a4011c773d335b228413f3fab3690230c4ecd7c"
-                + "7622da87f3d0d6b51c018a2deaf8a4302d4788e9b634d62248193b45771833082ca986ab"
-                + "376db3bb612f530d5cdfe26138a1fec23f9267651099adec9c8f1ca9dc38f579fa631408"
-                + "ccfe1dd998dbb16a8691c7b2e62fad3426d9a1260e4b4b87e3703fd13b8f348da313a489"
-                + "5bdc2470007fb7d455469dccfd88ffbd54543cfe176143d088a3694702e0e0fea21171ca"
-                + "0573385689b42f8005ea79bb8550fc796dbb96904d80299f5d5d65dd81ec4bf21f5fd0ea"
-                + "ec09c5850c6af5d043e9c968f696324957a2a2869bc65499a834e3abc232a3b3737885b4"
-                + "a580b0ee5e1438a126bffe9e16130b9c57a3b42818a3f92bf6f83bd77d54fe21af108621"
-                + "d6f33114d8a7e3ed9c55b500301d646822cfe22bd6f1dc2e71594d9c8942a8ee8948ac83"
-                + "b40b0a2d18d2b2e3c7040d85592bb2bebf70a50a0a42d71c6a40a18e3332519288a05127"
-                + "b599b258f97f840c7d3646e1fdde9e9121852ab2d4744f9aca249c45881f62d41792518f"
-                + "d51b6dc85a41e31ff700dac42da2bbafa44df6d0abe12defb39b066b62c88cfec1aec5d5"
-                + "7b5648fe7c4df944b63a39be63b05d8219e65a506cedb414c3d2c0ed3d0122b8a799ecca"
-                + "ab77a93c27a68c4d74868ba1f1125dfe18c871552560e69e05d5dc48254f41dee7c413ad"
-                + "03ea54e12fca064865a8e328894100136eef64c74e18a957b13e0d6761c0953bac3c38d6"
-                + "2fdcee2ad5d39b01deb3d3b8a4921baa7efbf699b008934cccbdb396a9db0027ba312524"
-                + "eb193df16a8e345cf58bb95c889978e38aea27c88601d658f8bc9aaabd342ee9d4b26a83"
-                + "db62d9dac58f4499e9c4c473e73f69206e20d8e6987ac1297c331537e0a525956fede028"
-                + "baa478daa0e35106f74d0100ed6a293dd40ccd56e7ff33a6d0b8ae9ced954fe6ff837b2a"
-                + "64f3da224e9a81779664870c209953a7a01a257523bb59d378365713e189956f37f035d3"
-                + "b0865cf0d28ec65685d4e700f585fd2a9679c22f4028e892a05e374b768077da7a050802"
-                + "7d37ea278fd43e8a6c40218e00b47a8bfcf14d1d3db7df57b5c6cf69259d87773a3345c4"
-                + "5cb8f6a7e91f23f5a6566bc9a3125598ee90c3d3f5d814597e0d87a54c6c3e883a70e5c2"
-                + "49efbd57cc8494e9c56e088c355a49b512f09908df78a900169fd3ea8de67b521b826826"
-                + "4c7597c2900e8bb986e648f8b69990956e8ac069d811fd9755235260aa1eccaf25b6ce48"
-                + "46d33f7ff6f0291d6cca010d3be72ff3f885b9252138a801788f6661ab2040866cdd776e"
-                + "1616ae57ab588231c748656e955746986766494a6a460c4352f8a843bfbbd6199822ef85"
-                + "34ac1c436389c7227f4b0626670c8aa2e40c650bc5d27e6668b8bc7794c852e66f98ea3d"
-                + "b47bf906a2dc47fbc17468a1a06b4c559db922fb0649ad3fff2dd9302eb79b9b242750ee"
-                + "b95e0985296bdba72aca0bd2c33d48b68eb89c8f4c4ddb9c36387f8cc521698eddbbb60e"
-                + "bbf356145c811cc136579d0246eb9c6fa224438bdffbfd74c138302ade0307003c04b881"
-                + "32fa21c6119e1c4fe48c4133dab830acde6d9d050b74e1e7a05466e314208a4a148a7a62"
-                + "23530f18aeb1a6e65f0680402c879bfb914525132f99c185c96c26b394d3b69e3d96ce16"
-                + "7ba9edde0cf6b689d065f853b49839d868b4fc0e879f0e2aba5053c5746630ae06a80b5f"
-                + "4cf424c1ec3812dcd16b2ad79bf342a7e84535940b254941e942a1da02394dc19978307e"
-                + "a5122e9607f598c5c6f9c64d9100f9971a3e7b8e4da6b789b41aafe6fd66d69b4ec7af94"
-                + "6b5abb71c8213367b45eb67200b6f3b293f5d5fbe9c37b84b641c6418eea1cd07b0c63d5"
-                + "1505249a0c253e19c4c6071fe6aaaff1de33a96e6c7e40a8bc647bec54b4798a0076fe2d"
-                + "11507334c12896123de599d0712488f056d5aeadaf66dae5f46009b9d2621e399e3eb08a"
-                + "9e2cfbecb82396fa3610c35e1f6464e326b0f969609fea857a5b59913d4a82f08dca0fbb"
-                + "1821751a1a9c4993429f715f30e6a2bdb102b1d8264ef83eae3009431f228f1c2b5c3e29"
-                + "23f564bcf2ebc2862b5733b5ec22bf9f7d0dcfbe418fcb989b3adbb2ab1af9a161daa4c2"
-                + "e2920cec9ccebafb9d3a241d8e7c659d7caddcc20dd787b9707c32dc5a34261e2d18e85a"
-                + "9a1e7a709ea161e1d12869a490c8a451443ba53347d3ec0b9df4b644634f12dbe36dd950"
-                + "a11b633f0d1bb3c4e6caeb735b6a393a9676a7ec9eae6cb916c5636c9a57a84b919e9cff"
-                + "9451e0695dfa7a8b46e36a72d40397decb7a8405537cd8fc42cba1f11f34d5e10fc02929"
-                + "c8830d941798a52d79be307a535b04dcd73da1734e696e2b075de7d43b211983fba7d3eb"
-                + "6758aa23ab87dd338ae5b7d4943755ec9999558ed1ff4d59e7e0fc57304b4e0cdd98bc8f"
-                + "6dc528ac55c6951045a04a6ad2ff813ecfc1c08bb11c27f8cbd93ee4d99b07e56f61fb89"
-                + "5bd9724c052ec7ef148b496e8093b6fb9ba3c236e43f575e19d728bfd2405f252014cd79"
-                + "984d14cc2a12f0434a826712f299a85a6c80edd30dda8f0df1639afdc1217d7536ba6aea"
-                + "69059bcd1b909e01ba516206b24b37ef8ee329ee88a4539f9d336209abfc823c9f223231"
-                + "27b10a135dcd9cee68d62f0a43510408e4f1676072beacc6fcd646093aa736284c67264d"
-                + "387fa3ff0f76e14e86ebb12c518940fae86d4749bbcbc0da42e2334bb0fa284efdf970f6"
-                + "9eaf55c58be039269e69c6e857f824b0a4aef81cc4b0cd39cbe821e2b9325745c6426487"
-                + "31f5edc1e35a2b41bd5f07b8c7b48207264426d8203ba45d6191ccf280e475112d80b66a"
-                + "467419596da008c13ff2c7a59d20e07c45444b8366e37d21a2ea0c435c74cee05cc9360c"
-                + "3750a512ba03dbd9ee1342da85c50a10d6668215c48f1395ab4a88af64810137cd1a94f1"
-                + "5a080c321af1b269203416caaaa53d3314a867ad16d72f7b6e3b2cd9ca1deff124eaa103"
-                + "f033a76f9dfae79543adbf24bf5d0bcaaea2b468d11a779d53564c7f131363af96bc2003"
-                + "ccb0636fc219a0f59cc0eaf48ba3750801bb916b78220dcf99fe5fde841d4084e47519a1"
-                + "76dce6a1bbd65c2162f923336b13b045a4bbc19337c71afd351b1af0ccd5642f5ca62df6"
-                + "374d5c1c3f636d8e5169b2e9582607efd5b3925d584bbe8b19a29a06d8f0ee958011f984"
-                + "4d24d6652ea8f21de11ebce37e3c64ff24bc986a5ffd3c2ea59d17dc8d3cc7e5ee820bf0"
-                + "fce9755249b520bded1eef46d08204b39fcb6bf5a9667f9f07b2d630e5cb5fd56136faf8"
-                + "5a2efe82efd22914a0f32c3ac226d793a0b323c71c8e91b27e45650b61de65e13a0179fa"
-                + "af98bdff8031c1fb1775c824be05bcfce16a10fa21d5e2e3fe06b4b17b02fa19a76df8d9"
-                + "c3d5417c1eea28aa8de67e8d6d29eced26c07c9361c9896372fd451754d8204f44bd903c"
-                + "e7ff5d0dae69b5bea66692e0e8160452095b509f85ded03e0d195929849923cd28e5ef4a"
-                + "0b969b25a34e80873ab0e49eef5d0f532d05a6acc13d92b4ffcb6fcf80212a5a744f11f3"
-                + "bfc93eae1f19c2e66a8a799868f47d4bb3873b88ed7bd73e01ab27738657fe7ded82d5d8"
-                + "47d3b05851c55a2ec2dee3587b96a07f6bc8bcdda75e1acd6af8b85c1ffa6bece522773d"
-                + "30e0fcebcd09da2d6d9130961571db1546cdb405566b3b80eff0139e1c5f5fcc1cdc1646"
-                + "da134b24bfd6cf0f3cf790214f505a349911c15f6356eac315eeed27981b5d780ae493f3"
-                + "fccc17f93fe13466abbbd2096f170cfc69748e6fbc8c243e61da0aee285ca2f795bb5c03"
-                + "762b0fcabdfd8c422dc8625d18feaad2b7ad31bdf6641401d509393701642eed48f37878"
-                + "80ec1e355760ad6d095139c5af12da8a1af32f7078ceaddd5db21c8561d18098ab29d95e"
-                + "1337bc2a1f6b7372e298dd7f7dd52613b2e057a103179977ad5e4718e0fde0ec6e21b4af"
-                + "9fa01b110280ca29adbc776cd275a46115f42b566c9cf530203e221ab39dc3484a96e06c"
-                + "65821edadbfc50ddbd5702ab563eb4fbafae513735c93178aef68486e78776c8be66b141"
-                + "35d8d04f2af39442e0f3c264495530c554b85b06d59e722ce1542ca428d6bc724bc97b97"
-                + "4c10e69f6db0a1e854c6cee309a109374fa3d39f5c780cac40295702217833867220751d"
-                + "ee6fa2e5badd335c788a267dd9cc6a2ddcda372a2b25097eedd139ffaae7147ee593da74"
-                + "de201f959fe86f9166dd59a2dc36b04625c804cbe8e96023f2eeacdc8140d22d0fe9e16f"
-                + "a807021891f772505dab861088b492154acde10a1539c3466c0f40111a902bb15d37fddc"
-                + "4f1b9c53e651f8657360c636ca65407df9a537c7f2a3cf8cc69310bf6f2b00bbd6e04a17"
-                + "2bac7de33c77554ae4255bf71f437b2fb976b8295346c7d8746536db31a0edcdb2e0743f"
-                + "4c4cdf1152df1c65d11b4f98b35da958fcf6a41a813878c4d3625f3856f8b7d85a428a29"
-                + "526452ad1374ae59cb3f70329960644aeed4604c54fdb9c89b507a46c3471d70ea84d4b9"
-                + "ae08bf43d206571f8d85a2594f7b1f23bc705822461f46d0683313f98ad4de25fdf96e4e"
-                + "612ac233db75fe8f7d55b7d7c1ebaa5a19308c4d35a9f7841bbc2d78aeaca3dbfe51eab8"
-                + "d38b60d1f4a1afdf5bd5144c332efc29cebfffe3d0a8b3ca8e065f13c143d2489e8f26cb"
-                + "d806eec413d904b96ed1f7b44e48a540921a9542c451389f7a7fc15b540d30e6d4275808"
-                + "2a680e308789f99cb9b4fe0405880bc6a1fdc2ea25895b109f7b406fa69d0971bd056a61"
-                + "ba1d0672289aca060073740b985f0883805f75b54c492465ca237bda765dac097f069a8e"
-                + "c735779eb71db82465dc257b9e501fa2fb9b7ef69b64e59fd763e8baa8fa4037af84c979"
-                + "f9464cb70a80772da62d293e70a39c572d3a2c3108e6e188294f360c8e3c319ddd3017b5"
-                + "b0fec885f2ad5d412cea1c73635e9b141c3360e41a40b715db5780323c17b10864d1b45b"
-                + "61781fe487592858ecb11c99ccf7300bf4d0e3fbae7939f922a989d464fdeccbd3b00149"
-                + "4998cacf4e38229b7ba49b851d09c8adf900a3d0abed61442919fe1973ab44a40e3cc2b6"
-                + "ed8b5c501dc9ffb37b68d3f58ff4811bdadc6464ac2b37a3bdb39de4e18a6a9b15e9f318"
-                + "9b8010df6250da8f18ba514ed50eb979dde95836f0505c58c90028849573562dd78e24a5"
-                + "6a0c42f4d533023910097d8e73f2ee5bb4ec173f3b8a4b467bcaafe2896454979e753bb3"
-                + "dfc2f4092d889e6e7a123994e2f7fd835188f8bb668afdee1bddb8cb3076c6a72a013c50"
-                + "cce90e922370bb484e419b22d86a0abad1ce1af95f26aa14af36542ee25274f90ab22845"
-                + "67db373f1c395f0d90f09924613ff8f20b46947baa8a5e88f48b63f52251e9889aa149f3"
-                + "3efc6cc653a4f6c7888cc2c493c0637f7c46664b1a41e82be785c080e5e81999e63d0b02"
-                + "f71cfb93afae9f1d64fa723a515dbbbf0e84f48876c902bf0fd5a24e21c5934454778295"
-                + "9f72e855933087e3142d7407b0e9224ba2b5976d43b2d228f9368374512d5f59eb2d1394"
-                + "c879dd392a1401085f6443231fb8f208b9e3143bbe5488f185fc1eaa96cf3562cbc5bb56"
-                + "08f7bad8250fb1fc28f72e9fa04a4bb5819c00c00ff702d0be366bdc1f2f91d65a605a88"
-                + "7bde087bb0d5f4a608e1d2418b33e49e04dd706357389e94dbc6ba7d7c1aa1ec0ce2ceaf"
-                + "d5ea409c7b3a435b2a4f5bc3209c3d5bc9e0bf60fc96f75038aedd82ee23a6b6aad794f3"
-                + "0c6ddd0fc73224f531ebc0334401741d6c009bce65dfe56432e34d5b24c0acce727982be"
-                + "1c01b4d02d96ad4297c8e17bd550b4dd586a3f4f2a2783790927d220dc254f020efce565"
-                + "d0fedf01125edf2098808bd8e42db499a8bf603f70e45620f7b86df3e5cd27e8bf6ff8b3"
-                + "f4d5a5403d0dd6304579447bb8aee092629efdd5b8229946cda41104fe063f2e5ef5599c"
-                + "9f409e8332939f48abdff0bf90fbc13b34b462e7725f8656197b97b97a437c3fa82ee97c"
-                + "217c0b4e4d63681f6fb9d9746823231f27b19fcc6f15a65e8453546f9594d76546febf8b"
-                + "f7e189fa36676d04a3c4f13277f20a58df88a285321624d0ac173fb8376af9cb224091ed"
-                + "86269a7d6911e7d031141c118725a9cec27523ccae6aaa92293b247b6e6d68c52a873032"
-                + "d69f09e32510b3a3a2d9112f09fb35b54ef7bdaad0e71781faf246283127ceba1f137678"
-                + "30eeaa766e5487ae2d90a07d6f3e1164da65c1459e85e5ac935d15a62951a33d08b1741a"
-                + "e03515e38f29b945e4a5d4bb65c54a735ccaceb626bdd373c330f74844a6ba0e781cdf8c"
-                + "ebe829d1ad02bab96405afc68253265a88187d920415414fa1af0bdd01cc395353f8eab2"
-                + "1e5d30660c329ec6b83a77714739f6ea24c0ad78fd538b06139318c9aa84e3d6e52b7db6"
-                + "d08372ad91695de5ec6f1d738a46b8672b12af6c63427eb7593be449c52be0963bee1282"
-                + "b615673863494c5102aa3c3370022af20ab9e9ec9a7025f14850709d08a175844d9e837a"
-                + "611b3a70fc03a6c1fc191b4e3536c844722596ed8a697afef863d3ead8f35337cfbb1e1b"
-                + "3fb23034699777bb2a21cecd31120d4dbc6326b5404766ed53f275122ba02d2ec7035c58"
-                + "4b79387aeb772f233d524e329f7f9031e6c9f5a18cf76873fd6a875d131bea71fc1fab6b"
-                + "1e869bd0dc5fcbc6a6cf1fd1a1ed204938ba3b496a68fac70a948af119141bdc0d92d1fa"
-                + "f7d1f46d08062f87b8b2b12b522a7afb73426462677b915ed1dd2e096c174fa23eb7fc71"
-                + "0e2123998105a177fc55a90b2cb9f3f7f13c86eb4f169a63f0ca454a54f90dd16a8245bc"
-                + "7b9034b2a6b6374d8ccdbe1862feeecef9be224b8448b3e80c76c57b63465d386ffff26e"
-                + "3f14d0e7c6f2a31f37a9b94293bab1b5d5d2ab46b7279b99dc466eb4b04918a84d1385fd"
-                + "c74fce86698f9dcab3e3ccae7e94d8cec8bca18fac444db03f37853f416cb5037cb0ce5b"
-                + "75a24e7d2e52b5beefaba941c907c03f000fdd667096cfe68357b8173b62095e9c312d98"
-                + "a5cbc3ad6cbafdcce98f4a52634623a010814344b6de5e7c9347f8dfe0d1cf52ae1d7443"
-                + "ecd12805f877012abd49cae1453b4c689e47e6877850beb657efcaef5623fc99215ef89a"
-                + "c33b9cf32126865299829478e23a19f1321dbb05814bb263ed59b01ca72949afca6abe11"
-                + "6c449598dddeb71c51f5cf1098bb24db154a29a0aca63cb89719b2ec7ae2097b41d9734f"
-                + "bf89d185f39756ebe4b51ec0f68e3648ba709c74872ae4250a8e985060c01e294d641dae"
-                + "890c6445b9ea48253967a7462d34159ccfd0452c82086249efda8a2e56559df2f21db1c8"
-                + "3799d33b2ee9763b5f4b3189d529009f9ac23c9ff9b0da6ffbd3eb9ffd73cee02fad62c2"
-                + "716d2ca27436f44956c0338adcbe99feeea400c165e80d51b519fa659ce38ab0e2361148"
-                + "bedb613db78a50f77398a1350d3cf6c7dd4905a64f06c7837b197221e239c401d697463b"
-                + "fa2ada91b26392da391a132657bdabd08a23989ef4cd2a9cc93d7408faed4f3cd5b37c34"
-                + "f7b5113342b7dd75ca5a474ad2e1fef2e1b5503049cf879a1a361ec195fb33e14dd1a7cf"
-                + "5a6365e470cbc797fcdf3f1b2550637a7eb9ae04e2e5b45ecbfd441df03046da55b000bc"
-                + "9e58ad71e569fe9c3e8501746939e85ea4231b56bb99390d2ec16281049dc0ce4e4ab29c"
-                + "86197ef9e78f259db9fbd6a3af4aba9c4ee4b42ea72efd92d0ef6a8a902a017bdc9e7540"
-                + "d428a3a9b54f0081288998e31eb1247fb21749420911fb5f11b73a70cd7203fb039a25b2"
-                + "1bace7ed56492ce4bd11b189f8f08a5d8cca30ecff25f1b75ac4c6d99b33abdc82032eb8"
-                + "5e8d7e21e410f1dccb22430868a64bcd3fe564135623cdfc69f6aa2d3ca65fa5884aca7d"
-                + "8c7787fbe6a36d79291456972ea8a1beeb31b493753bf93aab46aeda348ff677d0f72976"
-                + "05d00fdaa3619e022b2e53b8d5323a966f3d8e45ef0431f09086e2627d66c04dd44215d1"
-                + "3cbe2e004ec13f87081f8c6ec10ef027f10c1be4af9002c8baf24ed38b2420eb94037751"
-                + "475e1e62d3f6f0e9f4aa152f2429cd7493ebd5235c72a82b3874a0d1864a70b42fe07aad"
-                + "69de5187284baff925d972842eda9ab6411b6c37607ad9eb3d0929741514607e84e5c6fa"
-                + "db2063832a87480935bf35fc1d58ec626e6b18747bec5e8cb4db8c39d679342142969780"
-                + "9fcd62f3d68d81e1ee88c6ee2e709e5f9290179ffae3058784c467184c1dc6e48c3f0577"
-                + "04b7aafa1667a0d7a4eed2e08074e4d7c72dc9977eaf5669c502f363c7b1930b36feeb6e"
-                + "f44b60591bbb961bc0020cda4d52d51f184498ebff010dfa6ca4dd388d59b6c89b44a846"
-                + "39e864de7b129abb35439291e3b45fa69f120a8b9df8151c012aae3e1c5f78f3375cdfd9"
-                + "c2280bad9c3261c8f6a9d30f83dc671be94cfc8782da4961155425e47180ef9c7be81139"
-                + "f28e5e548ca95935d74eda74c3c54feb90cc3dfaae8ee0b06c1710e00c8e893954ba8b46"
-                + "79dab007d96c8d0b347951b9f29993a420862cc2bffc7bd6d56f4bd3f3cff871c10d5865"
-                + "625967338c8a7c1d613e4de2e2712ce3a8ee12c0da16cb65788d4b17303d2667f3529f92"
-                + "7993ccea6f96571cc86f3264979c891025f22318d17f21a06fbbe7a1cfaa2ea5d6c8d956"
-                + "b39d4afdd4a76e11f17baef8d230cc82da6d5416a66e907ed8c68b0b8636f03c3d22684b"
-                + "bf0dad9c86812ba8d454bd1a0d515c8b2e8dbe62639e9da15c5ae87cc9a1e195da8f81c2"
-                + "c4c44329f7e7bb4baa08caddaee9aac3ca93982082781b3c03dcf9bc27fe31d12c677ea6"
-                + "2f0f2d00710bc5c753eb8affc6618741263290d7e62a26ecace63407f64ac853ed15eb9e"
-                + "b96735523653e2650088b43c776ab089329c906cdd67ee5f53c2b5ffb2a42c175cac35af"
-                + "d8b254f8ccd8aaa771417a2b0d58818f4ff7af1bcbd47ef1904dd49ecde3d95f67407b9a"
-                + "3002c1180355a89e886ea28dde0b53f0c0554ec680419b8de6276c71e59bf7f6eee722fd"
-                + "2f18df08c5afa4b4f1c4c2c36c4acc9d8e6a408352fd095746f7b548dfa89727a3938c45"
-                + "6eea71718df1aadbfb3a9d579193bb1a1d3ef12c0e4673b58cdc42df747c47e8f7d3cde9"
-                + "b57e56b4bdc7582ad947d161946357773a5eab31b8c296782bed4dbf50c1aca02898470d"
-                + "0925794031163ea5cb25de4e6496c0cc166a13808a7e1642349122db3836086de627ac5a"
-                + "b8fc3c596433e2ccd7a59d5e5b974fda712c0acde6bc86e2db0f448d91fd4cf4666ecfca"
-                + "515f7692328bfc5adce4e57b1c20d34024f474278d654ee4793adc7c68818a53078bed1e"
-                + "4288cfb9991b3ae340d64abe8bcead6882ac26a7a680a6bb1da708dc0269b232d87ee0a6"
-                + "b492613b76bf8431f48f732bfec0233ad3b1e3bfcfd18004e4c3f9b4926e9e59c4313ae8"
-                + "c40de20450f84e31d57e0251c14ad8f1042f5be60537c36e1d6212feea378a57bb1f792a"
-                + "f6a0ac4fe989b7741b88c7e59c1624cb1f2a3fd84241f28cc82057fb4e9c5dd88908facc"
-                + "18283f607003b9dddbdacb9bc2e55d8622d21703f1a044079a7c30c5a055817305dc2a34"
-                + "ed6564fe1dbe354b83e78979234ae3474487dc8ab00d7f071d37f886371e95b044f4d757"
-                + "27ab7febd6d91315747335c2f2af8be2c1bfc36962b168d2338a9be2ad53063a0495590e"
-                + "f40a5a72c51b257ef600d6ce930112a4401cdc9b5ae5a2ad9eee4ca9a7b35ee98d12e5d8"
-                + "c122b7080c8f2528ce132ca3a546b0b96ade3c3314a61209b62d1e33979602292d0d1c07"
-                + "23db69c345b8cdc4eb21b40b37dff85f347f199ac17edba640dde8167f91a8396f1824f4"
-                + "12fc7d6ce5fb76abaa4884b953b37ceecb191a99451d62fef490aa10b20fa75545060dd5"
-                + "6e64242da12ea90f60a6130bbfe703ac9653038a61db80c5dbc81474516fbaa5630a588e"
-                + "3ccf0c0d2b4fbc0955d69e1c5b72cde82c79ee92137c82e11dcdb0739f7a84987a0e9559"
-                + "367e4dbf9096976e67d44086002fc3899c532ba9c2b8064852bd4bd2c2b60b23badb1b21"
-                + "f2158b9ffca70f02bc00cdaacbd15602da1edf6530a59088d9bca500935b92c3eb5ce520"
-                + "c372e1ec3b75882f39a3f902f223332eaaea86cb608a6206fb8a62d1349cd8d906bd405d"
-                + "47cb6a3f65c72b0bcd2f0e3aacdfad9b25c7f61282a9e8c7021f36c274247cbfe21c810d"
-                + "2ad66b2ec18510a7acce809954d4c8357f5037b6ce5dac8a40295d6f451c9889a73adb6f"
-                + "7d0a88c55ee7796512eda8de569e088a027c3e86dfc33df4307e26235c9c446769b0fe4b"
-                + "71a9103b728cf43f9ad70f9cd3ca934d3d96861612c16fc84d22feb1eccbd10668e8fd5c"
-                + "87408ab90e8834770c866c664f4bb5661bba8fe44fe8a0062f000ee92e5b8f62fe11f924"
-                + "4bb7a337dd6d8e9158ecca146aac6b2c57bb6cbc933635312776b292beccdf275326652e"
-                + "3660d8fbb3a8452a6f1cc2632d8f5834108238c31539dff7b296037f4b0d04209dc8db80"
-                + "e4d377733b5a53c63e1d63a488640ff77648c569c994099c96b87fefbfee4a8a8f65a528"
-                + "aac35dc268c8981c3496fe2894189637f772ed0d9dda215a726ca744e66c019ed61d0134"
-                + "6112dccfdbf0c88b2af1f2c7ace4a7825eeda571608bd921c924013e1bf31c2bf8434225"
-                + "f781672658401d0371abee59877f942125f5290180849ca0f9659b3112965509453f6ade"
-                + "7a80a5d902c68f11e22475ea5282fe5cd61fbda9b1175b9253667adbb344162c3f3987cc"
-                + "30135ac2852e4b9090c0e0d0cc114da680183fa1064bf5bc25a617c2295edce9421efbd9"
-                + "8d6a2c04aedcc05ae63cc0d7a851f7d55230d48fdf0f7365dae70d271e46377a75bd3669"
-                + "9e89da8fc6db50c03098e895ce6a0cfc67c11a687d987a34128168e243e13708272aebed"
-                + "eeae6d0a05ad8854cd10aa77a33369fce485e6556b085fd253a8bbe3e29c9fcd7d546ba4"
-                + "fe7e8c7942b64491dd54c31d0bb5701ce510181847a13f30294060ccd547ca6c4d195954"
-                + "105929088e2d86530b3dca1978642e8b31bd9cde0730f65cac15353c3084997a948228fc"
-                + "51618fed3e97bdd8aac99b9ac606a1f915cb17bbf0db9e4c4cb9458d98a9beca762ea26a"
-                + "df774bb6667d4b388e84d8fb39999a7a023dbe0fb7cecde785e6f0e0344b447c2f3d0935"
-                + "fd93679bcd00204cd7ec4b9aee4410d1f3308021ec8cf9bc51a19e2b9250d6564e0d4885"
-                + "e93e414a872511518a77c1cea82c816538fad83f98e889b725909ce5583b0f7694e612f9"
-                + "4a43516fc2a9e73f9aa59b65ff3cac8ea14b05545fee544b84ff22a8308e44b89019c29a"
-                + "07e8b82709e5d7090f7c59062f0b5561e452b0349662450d8f68acf32e67a57de5852c55"
-                + "d5378923d07d37d4e0e5ba4356cfddbaf2bdd2fb6592adbdec5964a95ad433fc0ba01c1d"
-                + "1365391d98dfd4fbac0d3b26a92465bbcf197cce5e098f3ca0e5a58a83b17b918c1d1a30"
-                + "1bca3918da53b18a118f333b92fbd1889cf0c647ee1695f236bdfae2aa8ef2fc8773b0a0"
-                + "341739f229ef8a53bed9043cd12d7d9cc041c19493158f25f6b4193199707468df486123"
-                + "44be8e34a56e82f3064d141f1637e490e1bcc51fe2691b828f0276605551a70f86780fca"
-                + "184caf1cca34bffb679ed1d1c416b0c1320e8ee3401bcb148deb953f9d15032022ce6acb"
-                + "35a973c3e7827f24bcaf0b74333fde8211750af5b799f1e2f13c4e507b7703f7812f8ed7"
-                + "86ed51a71f758eead7153e3ece581cad12a60672d5c099b361a17ccad9c7ae638f5cbab5"
-                + "73d5a132f157f637420e9b3fc83b7941dd8e4418a16fc166f2d43c49a60c116cfba371d5"
-                + "03f195ebed43066af11e08c8bc4dc44b77243469ab823be815ae48004800f36a975f42a9"
-                + "4f1ce45ce8e0bb5d0ef55f9e8aff3bfd529677c232f039646acc8ad75698a8de52d26786"
-                + "229bc15da4e6f097c327a9bb641b796921c4583bdea9537f84a15da277b8caf6b292a1ee"
-                + "e5951233344b9997d0747a390ea0b37cd3a20aa7a04c137b17fc8051a4fe1c5a163186e1"
-                + "1e4ee74ce1c26bd2452ea4639fb7d7f875b3a2553f256f568dd7b9b4e6d84d4d454034a8"
-                + "9f2b1174e8fe8ccfbf145919f7b141cd0d0594b47c228ae4989f4b4e63aa2c3f77336945"
-                + "f4c18118242974d861baecb9967a909cb4b1413778e3c4f6ace4cb46f6e8ec5a959b2afd"
-                + "293fb5bc43b14a99ba4a50c8ca429b448157bea59f5deeeef84f7a19cfef734f6062e8d2"
-                + "027cc3761c0c5f30ca3f89018c595ff87dd17d49b3b1ad36228742f70948a7ed5ccc85d8"
-                + "d63a9b2ba4f68f064ee7b9850216b7963dc79b30f58d50c5d3537863a5a1eb3f12ca8874"
-                + "2d66dab69c74c86de129b9f2c811cccf8091a30e058a71edcce014a0ad042b266ff6ac8c"
-                + "6550112f496ced59f95ee04910d803f4c6c662e2069c7d6f6bf03b4b141b41c67600cde2"
-                + "bf1bd98578f769f65b11588863dd69977337bf7f206e9afe6cf544e4e45ce310832ef9ea"
-                + "49d7dbca3918c22a9fb448a75113eaff1d0ecab031bc0617fb0be2033a20b4d4cc324bec"
-                + "7980a32a2a7ca66d82b565477958af80b4e410af1c241feb46660bbb2c5d7dbf08e47b6e"
-                + "16b6b03a685aed47cc52a07896bed4e278934a6cb863c0a5e7ce0f7170dca309b80e1093"
-                + "8b59aeab3f78f70aa631ac6e73285dfbc65cd61629720084b0782595487d92a8d21feabd"
-                + "7bee3218ce484ef6d3ad284e355ffdc1c907a831ac7ec0a92ad51b654b999ecb5646e498"
-                + "2242cd7a49ca7deb11d5688a52f1a237afb80cb6fe3b46fa4c59baf8548f7ae7af69c13f"
-                + "b108a4d6ab0550b8a4b32ab95562b3ae70105c46f8fa9b759af68c79981805887e613162"
-                + "59942d76cf02eccb838b82d6da47694ec2d00fc01496c417b60919d22b8b302a2dd4787b"
-                + "ee2f581e0f2269b53bbe8e1562af0fa65e1729ac04b88e45526c0d57828de8ad791e6977"
-                + "979452cce714fccc752c5f30a96aabea1ca73d0399bdccd8c9ac6c0757585b47d2454602"
-                + "67be1ff3793dad5e2f97400e44f0da442dd82d9329976a838f20b747f8f615f392551816"
-                + "5cd2196a10b433b1614b785eead6c6cbb3678e1a7afde8e14e2f85b8418bab1c7e477fda"
-                + "99f7de5844249b31c8f1f329bcfbf91707911ae74ecc2c5f014b78fbfb26f106a5fa735e"
-                + "cb9121138c9b3d84b350433d4835558a0da74f0df8a61f598a219c54d7b89fef107a943a"
-                + "8a345a33b223d70974c79bc2f1af9d5d1e237a2505d407b2c957b7bc65abc76145b473c5"
-                + "66dabd3db721cbf4a71fb574f4046fb927ff0a076f3f466abda2b5182bec623fa0f1fcf6"
-                + "7a8ba62cb30647388cf9c2a9ab146db9855c80baa1743a15e402766b3910314219d8d7fe"
-                + "012d3750f5d36ed8b9a522d8aff3c6e9c660fea9be58584624b84055fe0a8edf9f182e45"
-                + "44be653c9d052b14583289d1720dffb7f833f0cc7dd36eaf8a48894a742d4328113073af"
-                + "4db5bd60a342086f0f78a69f2a7f1f190609f83be2e45daad123bf37b387fcea41eb8586"
-                + "4ca2192c10eb1c47201fdaf2f493267d285d82a1bad6"
-        };
-        int height = 10;
-        int layers = 5;
-        XMSSMTParameters params = new XMSSMTParameters(height, layers, new SHA256Digest());
-        XMSSMT xmssMT = new XMSSMT(params, new NullPRNG());
-        xmssMT.generateKeys();
-        for (int i = 0; i < (1 << height); i++)
-        {
-            byte[] signature = xmssMT.sign(new byte[1024]);
-            switch (i)
-            {
-            case 0x0006:
-                assertEquals(signatures[0], Hex.toHexString(signature));
-                break;
-            case 0x0023:
-                assertEquals(signatures[1], Hex.toHexString(signature));
-                break;
-            case 0x014c:
-                assertEquals(signatures[2], Hex.toHexString(signature));
-                break;
-            case 0x01dd:
-                assertEquals(signatures[3], Hex.toHexString(signature));
-                break;
-            case 0x028d:
-                assertEquals(signatures[4], Hex.toHexString(signature));
-                break;
-            case 0x0320:
-                assertEquals(signatures[5], Hex.toHexString(signature));
-                break;
-            case 0x0338:
-                assertEquals(signatures[6], Hex.toHexString(signature));
-                break;
-            case 0x03e9:
-                assertEquals(signatures[7], Hex.toHexString(signature));
-                break;
-            case 0x03fe:
-                assertEquals(signatures[8], Hex.toHexString(signature));
-                break;
-            case 0x03ff:
-                assertEquals(signatures[9], Hex.toHexString(signature));
-                break;
-            }
-        }
-        try
-        {
-            xmssMT.sign(new byte[1024]);
-            fail();
-        }
-        catch (Exception ex)
-        {
-        }
-    }
-
-    public void testSignSHA512()
-    {
-        XMSSMTParameters params = new XMSSMTParameters(6, 3, new SHA512Digest());
-        XMSSMT xmssMT = new XMSSMT(params, new NullPRNG());
-        xmssMT.generateKeys();
-        byte[] message = new byte[1024];
-        byte[] sig1 = xmssMT.sign(message);
-        byte[] sig2 = xmssMT.sign(message);
-        byte[] sig3 = xmssMT.sign(message);
-        String expectedSig1 = "0025fc9eb157c443b49dcaf5b76d21086c79dd06fa474fd2b1046bc975855484b9618a44"
-            + "2b4f2377a549eaa657c4a2a0dc9b7ea329a93382ef777a2ed402c889733bede15dcf75b0"
-            + "d6559ae6842167d500c5f277e1b107bb5125e2a5bbe6e1cb0a6052acb8696b3934c03770"
-            + "4d78c579b41480c3a0a487f335d1658685813c83a1d31b31369fe0064bc6700fad59f3cc"
-            + "8e381c0eb645037f72598a31bd2288cbd60e3e6c40bbc804005724c026036922e8b0faa7"
-            + "319537cdded6f5ee98a07e47697ed4d9b8991daa6798562af0929455f18b7bb45246e992"
-            + "d06398f1d0b8f31eace1bad63c2c0597a3ebd641bfd0af19d639ae745a945b6dd0dea2ae"
-            + "fd84edf1d2e209b02912950836a6b88c0a3947c4922eb93f3cfe69b769539ec98bb4933c"
-            + "8da996561a4a59149e3bd3b4565e2607df047dea7ac67eab33f4fcf4eaaac947a8e76ecb"
-            + "0fd86deac88282cd86cd84209e794494520218edfde74222f75864364616a5717eab7e09"
-            + "d61346faefe0c5f65ac1e4fe673155c1bdc2f9dd5c55ec17cad7861fe5af3510333b4117"
-            + "a84c56f5965babe4ed06c813ba1bcac6abfb41de59697c828399bdb2d68dbd67f490fc48"
-            + "741a8e7a618f3a73b1c9c2b13f8d9676c5c9d3a17d468f543593a20d8903ea34e825399d"
-            + "464472d208be89b26f0c3ad2b40416c310921c43c242fba58a145d7a6486678b6e4f67db"
-            + "688134d1fbad29394acad511b535ae9c7c0d894dd343268a080a4e032746507da33e61ca"
-            + "4444ffdc8fdfc61f00762af22e6e4b9bc449613e42b610930209fce2eef8f2473df2123f"
-            + "02b905e0cfba8255304dcd9eb4e7d4cf9ee92f0b1a4406e01d1c0754d56f6e14b74da737"
-            + "3eeafc687a4820623c240999ad143d9ceeec76cb600406a8f4eb2bb196959862e1e11270"
-            + "29fd818811dd97f8ab09e3ecedcbac04d7922ec4f2f76b7f3c053a447c63fd9aedf6e765"
-            + "a0731fd4ee3b3a0a794d0f22437b0e2ae88a71d277e4333528bd373217c98acdfe952247"
-            + "4f7255c8089e6422de79c65112c6d6ddd98d53d306436bca504f8603fa6beb9925d84c10"
-            + "4d374cb4c681dc2b304ccff8f1b1b3b10f58fa701445d83810b853f17834017ba9a21206"
-            + "fbbb066b1563a606f1c844800712db2cb64b07f9fc834f2242d8145e6144c6096cdfd1cf"
-            + "5a2c467e9685f457d64ae6c05fdd8275da0e94a62b99350f3528a103a6b6bb44d5d96a55"
-            + "138508f407f26da2f9ca56c57defd98b0ce6cb9cfa75598ca0424130c3c250a0d0da68f9"
-            + "c5483defbc4227bfa7332466a98c4bf1c83ae317f4485a6f49ba70b5957dc69113937a64"
-            + "e031023f4d98b7c03362f2b31f64bfcef0952438576f3ed4002e41c99396cafe08a3d684"
-            + "43a643aa55ff7853330bdd80e1260953aadaa30d1e1a1342674a29813fba0bb5774fb371"
-            + "4a4fa8b170569cd735d36a053399f73d0551f946da0724d57c056c064335d05c620af0fd"
-            + "6014197b629d90b4ec2bc26f9848662bd5d4864405db8963e83b68885e10fe99bf394e1b"
-            + "0ac0f2b7df872f69e272aba3eab5c4bc529fa4fda71d15f421b459f48bd3c38cd93a5ffe"
-            + "4949b90ba8aa902cfd63d70e70fc8e810f16abc7b98c613b0bdbbe8ce713800b8b25c5e8"
-            + "753e413bf23439e6857559c2f244ad11d5d004e7cfe3e9893e6e69621e8dba2288e4d040"
-            + "43b034eb52ca68accf3b32eae0ad55e81228974c50ab7f51767a26f914e0d647ae361961"
-            + "04a6cbe5327c19519324be2bb86c8c77bd18d27e858c69be862cbd050918880d2109e204"
-            + "a0aeac4a94aa45c6686712da0ff97038c879a3681255191562c75a2c2cad5c817ddff956"
-            + "8bf594120e5bf3692969aba1ab5e5071253afe049f8a664c2c7cc9f814163a998ee8b92d"
-            + "dcdacc094e68b7a18d60e3b49e356f948e7771eb27be3bbc07e53dc09388cbda7affb39d"
-            + "5a7644f66f3d2b9c5e453519532a7655bbe80859ee939e7e0f82061bb88d00293fcff3e0"
-            + "1622500f2e8f01821edb5d452f45681de52cc4e54e26da8fbbaddb59a379a27a31861967"
-            + "fc256d8734917ed71dfa6643aa3fa7cd90fc7dc631ce6a5bef6a4267dd32fe0f192d4ba3"
-            + "faba611389e707ef27f306860be42dde9048faea9153f2acd0565bb8115ca39e5af4a412"
-            + "466927d84074232eab6cb6966a7a3eff29921083c80d7d9905588aa0108f5fc318565c32"
-            + "0b5d17f3ab131d85c8af27a891b8892a02e426250a27a228bbc64ba31d16db2a182628cd"
-            + "afb4779b8f0e48e068755a4a41d4b43c838533c82f8b9f4015975fa013b5708726eec8bc"
-            + "1b684d179ebb7f91698e3ad80739252cf030983843e355af77f82e956ba60fe494878762"
-            + "dd1f2736878f5c6f6b303a43cb46a94c2297b18bc3fb9c1d35951cc603be084021aca25e"
-            + "8fccd15844efdf5ae367b71fd7ba298e034ed98f9527db0586156206ed6a4ab012209bba"
-            + "2e8f0c15355efa24162b1c0ead2a26718b120b880324a690639f0798f2e7203b41faac1e"
-            + "bbf6337afdca8fa5dcbe73daa5f6322871dfe2e5f5816afa5c75e7df33660bf79610aa18"
-            + "2aaa59d0f9a113bbc58ed58c02226516ecd977286f8d58fec91ae665ffeb7c0b449b024a"
-            + "1adb3d3ed33438aa60724bdedc8c7d847c704798c2724db12a50d5744ecc772f80b952e0"
-            + "2ca29eea671732fbe1705edd36e9a942f64483c6bf5a9a5dcdc6470a362330c935446024"
-            + "a36a7491d54dd81d7677ef762f5056f50c04ddd35aa86e16d3a4b7766b785c15741c82d6"
-            + "0fc14449571cf9dd0dc55ecbe8e5d4ca8f52fd284cfedc93ea39ef75cd34664cc2507638"
-            + "0fc474a03949754024e92308583ea204517657ec51f35697784dbbe0846b93a6600d8e9b"
-            + "ab5ed1573e1f0f700d864a043ed9d686b330a28d10314112bb5768be82deba3e15054898"
-            + "f7b7ac3a6daaf5bf9097433f7170115266caa7d8d853c11fdfc48d500c477d0639b18cd6"
-            + "04e16f25bed87933546987568b3d2c42b0c4e10b70c05d7a16030fe311a9e20ce7593489"
-            + "ab3826a0c0707222ae8d31be6e52b7d9f49c153877f61ecf9d1b6dfb20ca5d385588a16c"
-            + "366db0797bc924b9364e1f717570ada26a1e6b7134e3d8bf87ef72d9eb277103699e079f"
-            + "67e5959ccce0cf604b1ea999de077dce656c993d9a3f460770c4735daeab2cae084ff264"
-            + "29bd2aa4f3a533cf19ec00aee08a7db5dbdc56fab1007a4ea0d135d2d436dff5ea012d0f"
-            + "8e78637cc10f197fd6bfd6174305c167ebd74d63cdcfb21c8492845a90434e45a6ce73a3"
-            + "10e0dbc9b78bd5fdc4c35d2ba31475cd246692fa13a40228e730e655fdd8dda53dd9be1f"
-            + "9f2cb3adaad4f7157c522496140b708d24e69f6eba0a47bd7aeb6be2131d35ce15fc18ef"
-            + "361cdce67903d5070b7f493fbf4fa0de2d77b36499888dd3efc3958e22d14b362b09d4fe"
-            + "50c751707de6a471cc69b9717e6cae556a1672d6b7ca3569975957cf13999076c9830982"
-            + "1549c132eadcf1f0f627ce7755affab11b5ed63c2c9b3b9c07bfc7bcdb29d764579275c4"
-            + "dad26b646107813c10bd3eb93fb742574f561f3db752d8fd23aecb1e5b15fe1f41a6ac4d"
-            + "c0bfed115344d6ea942a45582ca5a309682cf41d1fcb31d5e02ec8505f92f642fbcd02cf"
-            + "d4152da4e890904d031b22bf0f3e752820e92b410af4e366d1eb490acaa10f849da3ff77"
-            + "43b900b02701405e50c7dbe444c86544ab4209b4f8c4e83edab7aff5824fcdfb5b5350f1"
-            + "cf484bc1b2abb62c8003591726c17a537fda146ed575c55e37804f672d64694e48bc9b36"
-            + "dfd475514ae4e98dd5984a9aad24aa34b45e75068b5b139f99cbda09776975fbca448f0d"
-            + "e92ddb0ce444ac9079d6be43bff2a996d645bcb59e7bd467236d1476e7866308aef87fd7"
-            + "fd236d1967569290fc613e285cb33ae657f342b56f6809d5b66a880b02cc76b6affa2516"
-            + "cb8a19453f2b3dd17f45542c7526d6520f3da91809d3ddeead5d65a1710b579970fb61a3"
-            + "974ef4b49408157bd34515cc188c3d6de8450be783349e112a620ae4b0b7c51af068e190"
-            + "cf6628927cd8808523e23e029941dc4e3293c9938d50fc634e979a5367aa213a40334aac"
-            + "f545467b954efa70fe2398df5a345b942e779bfe0f21e8e2d6c0a67d7dcdb7954335d4fd"
-            + "b3b4cbfaa6331bc33bc81f5f9fda1dc0c947ceeb7c56fad107bd925c78c87223a28a8565"
-            + "b90a18ce927186c8556a39adac746137c6e6b4628735fa2c2aea88d15b9a8e91508bec39"
-            + "41c70207112f862e6dd4b4521c430c4764fea490b9db36c31bd6839d62c0bdaad428e0fd"
-            + "3ebe9ea2567da61c0e5315eb3d6f2aa76f87cb6203f6bcb1d341d4d5c58c6a458f45d2ca"
-            + "4692f932f09a685069cac657621860855c15a14f0aa937e7cea46d6098a05854f86a6ef5"
-            + "daebf4b440fda7da440785d6d9636a6158eb93ef74c218e0c581b2a2be29b47dee78c155"
-            + "306bf1e34ba1974532c17d6d65f275a9682e0517d8239e364966eeb69a6bd48db6b1501e"
-            + "8a201a2f532794f56644b94e0384217fb655d5d13ed121804632d882fde00fae774d3308"
-            + "cb2f8bab09dd9b84c2e7cfee4330934bf915c5c9c14e0828ed4a7921c1aac99638830b6d"
-            + "50e302f22645706f62db2d0d053533bb0ead4e9e571b1ece49d5d9f69e0a9781594235cd"
-            + "4a3aab5286f006453c140767f3989bb993f299c09eec6012c36048c7009575eecb691256"
-            + "7a502b656dcdb1811754052474edb971edb06d47160a35c6ec032e9b1874762cabc766e1"
-            + "a082b6140fb88ddedbb490a5f8c965e3c8fc6983d0c4e4df4fed46e7a90713e68e032f36"
-            + "3dfb76c7cda8e9b8d58967a5ea3c2120ac0056d923a894071c8a5e88aa5c27cc23acd4b5"
-            + "d4a6b10983767b615bdf4dde4cd3d633cde44dae5ed87d90aeb83f768fe2570e7c432821"
-            + "6a38a692d854b44da9a9c88939c0deb7ae004822bd7683a4a3fa5ab89c4aa02188bfa4f8"
-            + "6fcb04a607795c61fd2f7c0fdc86a2b6e3ceca97d9bb9e8a2055171916e1dbaa6d20caef"
-            + "d445288bec13fda5f7afb9b798ac3667a4b85808bc8000e29d4234ca0b9fa2c1dd301cf4"
-            + "b50dc543259ec84e85c8c967325d4cfce573b356a5a1927e57c07d286bc155c559486e77"
-            + "ebfa3909d8ec69de049e7e7883edab3b7fecd44de737ea39eee21a83cbf46afbd1d6e915"
-            + "c9ba8dfcc96575d0a3d53b6afeaee707dff733d6b901e363e2748e1124f56db70869d11b"
-            + "87f878c269737a0d2ca113e00ad29745647ea3057fdf5c57f61ace002b12c2990654a943"
-            + "5a4ae6637fb00db78d2ec84ab0965cbb6d0cdeeb186fbfd48a9cac70e8685e0ce3fe0eaa"
-            + "ab80ecba1780e42eb6c3ad850b10dc3b576c1749095f7aead7f04a36d3770b645af5ec7f"
-            + "4b3b071c77a4a5ef94fd9233a9c8bf6ebca70d63cfd8b7ab6c8f743073611c992dbe1147"
-            + "8195fb08044dd3be994d9029d9c7be90022edc5dacf67f0f47ce8cf8de7a71fea93185d7"
-            + "d7a6444ba3fccc767b2164d21155c9d84552a99d51de0f552316e43a6e28f0b3bb066930"
-            + "0530c7386e429cd8486fb0d717722970194189962037bed66eee52fabd9e7a3bbe7ee38b"
-            + "7277fd82941b0358ff8e24ceb278445956788c6c91475317267b270036048b6d1c1fab15"
-            + "f14afccf255a55c1e5fbae75b17653fbea4afbadfbb46935b90e956e4497a16ef8304c5a"
-            + "43603a9cb080aff118e2a2429a595a6292c0251d32b28528e40386bbeadcd7e0b357cf34"
-            + "4b3bd71c5cbff64f15bc47dca42b76004b1d2567bf7fa9eb873fa84ecab14e8993d8dfe6"
-            + "60c48c77b7ac42105ffef587b49c314925fbe5071d6a32ab0165f15271e8e6c7d423bd97"
-            + "f3c9b113fdaf3c6df38ff626a5ad11cc00f58e751c8e3480471133f8bcae4fd9078b1732"
-            + "67a60320dcfb44bcded141d29affbe6fdd9e7e350de7199857c1e560c2b2ef767f5144f9"
-            + "90cdfd6e34978d17611d1d1bc955391d4f339050d7893c76488bdb13b2031a9be5e369ce"
-            + "cfb0a4d41a2a06c3788d3f38f3306d99d54ed737408bbe202301f1728e04b78651490b4a"
-            + "26edae95610ca437a40e54f457d5449a54cebe1fc73630cea63b869d3e0d7a268ab86a92"
-            + "577cce888c02ccbd2253e89dc661107f3c167ac1164de224b91f1a6765db3b20705c7088"
-            + "53822a825b87194c5f098a7323abe3d41634bd592d09414578091ed56ea9e70fc17092fd"
-            + "4254e3cbc8c0e302eae5fa705707b5174b1c84159927f5520c4f36a61ea3840f14f4311d"
-            + "9e9a49d0ed241cfbc8e14bf7fd39130cb571cac23a39044751915cad4d09e3264a2987b3"
-            + "5807b4893ae01426132a77fc5650721d4adc96a376e258ae5c4c57b10fc4ad593ec47779"
-            + "d34cb35b6ff63a789c0d7b67e9f5a2f698dec4891aa17f48d33ba688a8e06b48dd00a4bc"
-            + "d1ebb0ba86aac18c994889a6bf1f94fcd69c0c9176866c155314c54b0c9fe237d2ec770f"
-            + "801ce6a4f3231c48b68c53d629b222e5f540bb99d971a57b10e20ce8f9053c1844661bcf"
-            + "1f8d6a6f6ac3989f7f03e78bcee4af0958a4f59b828bc50e9c5b77fbebbb9dae09371f89"
-            + "f9ece5f84f7c37e9a2d58046e469d74088f2c6dd82da5238ef9c049b87dfc2ec438adda4"
-            + "eddc01fb19458737c7c594dc49b0cb28b7eb7164defb561099c7203bce1615042548eeeb"
-            + "5bcaeaedd5e6e96a29423e373d7da23be3594b9665796cc7fca206f894eafa335d0e5c55"
-            + "765ae7eb793221d792b2d9f996fa425a79d66456bc49372fe2c70069541624edf6ff50e8"
-            + "473b80ad51dbea7b55d778757801bb450ee44fe678d354c421940d60545a0ae44c0a108b"
-            + "7cf52545f0e1d4a5d55d4960d6f1d1e4b6edd72dedbe68d0892c8e706dedfc5c1ea81480"
-            + "d2e7fe39105f28e15ad585f57e089b4ac7ea973c560252351ef591bf2c1f0d89cc2853c9"
-            + "78f0118bb854394a91306e1241b069315e90bf7f5d0b7a8dc835d9c00462307f61405893"
-            + "b55adbe6212ab2bf6f47a6099c00218655faf2a590e89cf61ad58910b156b9fc5a398c6e"
-            + "29cf01341d9e443e2cd68288e4fd34bb2641accafdfcdf916c5853a326adae083836ccac"
-            + "374a186b07ccd0dcee2e53df4aed0751ada40c649b7b3f42c6542f6568feb378eb3792da"
-            + "325abdcb03cd42e629e6f74cffabab29d6a15ffc6f0c3131269808cd03e0068628d5a4ea"
-            + "6fd0980ef276aa772d82168cf0636df000fd1a9c9cc63f98d7ab2783531c8481d21f8529"
-            + "bd93e815b78249ebdf9f910e89ea0b8d7ff1e1a4c594cd2c4b15878f186fd33fea9a0b72"
-            + "f6c3cc0dd1ac67e2560d37c886f29e80a1dc3e4ab131882b5f058424f02e67d922e8782c"
-            + "926a2f09b596888329d36866f4296aef1f84b75893eacaa51283fc8ea3d27f0a029b70d4"
-            + "76a623a9125afdb70ab50bb5494faa5c8c2ffcacdcce931aeb2acc2a8e5d35af2331c950"
-            + "6e2f1b4ea9afaedd48644c0c642946b31330a140e59c59a7e53de994abfadda7b7e041d1"
-            + "ef27bc8ad33db485cb20726edacb43f9e92d8601fb8f1b65f00b75d5631c34564f8464b4"
-            + "3c69312fd30612586fbc0f4a5bb9002ed134519632c9bd3f1b2c4631b184a052ea8b2750"
-            + "034de21b301617372e89a17561ed8fe4c1941b79e80df64f8854d1544f8a4f8ecb83120f"
-            + "f06f5c9fe5593d4aa6513a98d1eff773d3da712b9b417926e333cb6cdcfe1a3cdb5a95b9"
-            + "41f784f6b07fdc2f5039a545a38ef038e3a549258cc1013c4fc4eb828f84691b9ff6892f"
-            + "121b057c7114c225fb558faaa81840e0fb888a1f65332b59c61e54e762a735364adca5b3"
-            + "f2ba4da825673961e8e37ce69aeec9694d9379e51397ccbc56f19645a72cf775c043dcb8"
-            + "b0c4d6825f85956dee9bd5b050042a97f1fb7b6060b9447c680e0594bb750aad68e81b8b"
-            + "6fb4a6778fb48aaa34c9a09c29fa1755739e352344961bc2899a56c8fb1058c0ae7e8788"
-            + "eb5a8e9c9b2f95b24e09e5b8de10c371ad281a922163e54938f0b5864b0fa5151973863c"
-            + "77f31864140a6e2a6daecca9af0f2f4afe43cc29d579d7a9b6d8a45dcdc373482bb50109"
-            + "da06d89b4d64341f89331c9cda84bc024ec8869f4b4a186f598e97625abe7e7fda7bf94e"
-            + "f5c067856ea0bb3528603d4a30f15140859a33706dbfb52b257e46ea29d860e62116e0d6"
-            + "1e00fd65529bd1ed291ed8592e3a804720cb48836fdd351c6d36647e254cc0c15f47fb87"
-            + "d2b5f5cd7f85e93091ba68de7a282b5ec5dfb32e272780db19f77bc36c0c4f45ab9f5779"
-            + "de0839765015eea5c41f8b9c618bab2ce24122a571462045e0df89082a23d708d6d74163"
-            + "bbb53ab360896698cc77204478befe31d47e5e09bae329ae6fa4eb77765fdf630806a756"
-            + "1389988fd3a40a48817fdf36bed7cc9c427592dbba3512df2fd0364290e07d284baf8442"
-            + "3dee7bb7db241d127bf172c99560de1196f860026b9f622347f6f1780de232248bbea8a4"
-            + "41f3a081b59f4a490072f19b8f9261d30501ee02a4bff98670cdc65d5ceee9f755897e03"
-            + "f6a77d787515baabca946172a2689dbc0faee12a3e8c16b5e1e18b94d843221d5edae807"
-            + "4dccc044aa54d46eb183d3ab727c57bf2ad2fe00be3cf07e3f3e5e0e5d1795f90301f059"
-            + "9f1d88ffca82732ebeaeda0dd3768041c5ea392edf584b743b72e7b17254df6e11dbd48c"
-            + "bc1086874dbcad4459babd65f00b63cce75b96aeb17f9ff234ce3c6fd61bd9581362d36e"
-            + "b418794975591ebf743eba08b0a2a684561442aabc0bdb5585aab31c9e880cde3784f4d4"
-            + "5105bca0ced46225cbf95fad0f3e368f2425a4aeb90f86f3c3d3af8db4ae2f15b3e7b0e7"
-            + "a8cdfaf781e1bddabf09ed3c4225652000f9ed5dcfaed66b67c050a078fa9a703eeec48f"
-            + "b9ee6e75b8a8d7c7dcae4fd8455b66fc46ed758caedb8c58f4a319f4ce35f4519b9082b3"
-            + "32384ed7767e77b3350015956f7ab84b9f6b94034e7a8a875079eda90129de0f8d964343"
-            + "9172ac3c7b533d43e2178782282a8104d60db119dc86197b65564aaae90491fc75873ac0"
-            + "89c237234cad8544525dfc1ed44be421622721ee7abdff3dd5e5dbfa27849244eb3ce832"
-            + "e7fa0bd8a57ef8d2e0dd322089abacf3a06793c1ebf9932b4fa886d813fd5b2d77788787"
-            + "d04150a2fca196147b06a508d7d0b0e1ef23f364f42af78536f398a27c2cad8545a66b5a"
-            + "16d068e5628e4b5c40b1eec63d145c15d94e67eeb3fa9e42089e1be6267ef2852b6b4bc6"
-            + "2340a3e79de9e34455d015c35f66bedd1bc734b499ebc87acaffd769d720400e828f4ed5"
-            + "292e27d18b69112fd48988a8b95dd1191e2e85125148532768f4e5d97907158b7fe11748"
-            + "f847c13ddd8b1a56d0c63937700c15a91c8836265635f85f6a5d8a15e45eeb772773f1e3"
-            + "06317e44d664628a19656814b01711e63a74a8051a4d8f3f7f6eed9a074b560bbcf99c2e"
-            + "768f4dcece3b61211c41818af61a919d487b26b32333bab43e020ee5354ea215932dd076"
-            + "114294c26d6c9eb00efe50fd61a6da7d4751c98bd48e0e1fcc8795521b1f12186c6beab4"
-            + "44b108e42cc4e7b936fb2c124746c9d754abca301f9a393d3e87944c0291a9e56ab3c68c"
-            + "1aee545109bcbb7a5f1aee4a6d8dc9886882fa125cd60d72ad595f2b5ce68ce6f2fa1b8c"
-            + "58d46508dea96fc67bb666337e13bb159c2582ab400ac6f385610776515a130798efdf15"
-            + "112f0b1b911712ccf5f5479c89beec0b1352aefb09c919b9f300936caac5b82408d1ad6b"
-            + "30bfd734c3b57417db7e9724f60434a91f9650dbb1d1d220f836a7c8bd143669e053ca91"
-            + "a5cd594bda857e29f937f653dad0ad5452df94ba675e09fb8952eb267334a240dfcdbab9"
-            + "7ff5558c3e4130c7472526192c97f58900e82995881cfb23b553f4ce6a8a4b5a83c63eb7"
-            + "42036c96c004a05349b5e5a07526bd52564fd9c37d2805a052ea589d5570dd551f2d8bfd"
-            + "578a95203e76b7ca8becb55cc3b8b4e2d23b105ec5cc171919ded2512ef2e45a80af0aa9"
-            + "8e3124e22688184d1182a9c323b140d8768c5762ed1c9b7225691e18ec48ec20db28b74c"
-            + "b0460c7184dbdd1ed4f61320088cb8c88e215d5c8447ecfcaa1949e652270a9222afce00"
-            + "61a370dfc2deab446467bdb615e1e19bd631ef24e15379d5b1f5b66e2061761f806a0cc8"
-            + "982f79a1396eb3e06782384ebc852b647c7b71c15b7e6a156ac0032499c399b131ebf9fc"
-            + "4624bcfeb9bef9c63ffe49ddba20f4d8b5f24114ba7f3fabe4146712e0a742c60acfe22e"
-            + "7c9caab22630c7c8916f075a3f9edb63654f49d7a6f7d366f0b7974035d1ad2fcac42582"
-            + "a8ac076471eff16dba3f3377b7332f316d386ebee955d1be778f89aa9e1cfa12ec453157"
-            + "84d2611294a8f6bc643e3faca8c8e0e154d24f13c9d3f9806356a4471444aef4d4268986"
-            + "854490354207ff745b28bfeeca5340beae75717d528d449dd79a9bd88a12f98e07afce60"
-            + "c1b238385b7b37a1b93d59ec5b8105d40942c1e2cfe7bebd6c44e4827f669a12ab0b6087"
-            + "20cb99c1d3d7942d7ce599283d2ae628e6b670c0c162b3aee8531dfd4a9ffb61fdf882e0"
-            + "a66eb0c866f7fb0b3b779b031e0eeb062703bb6605837f8e957a17c58404c73143b5ee87"
-            + "63e7c0e74c4d4107feb1c743dd39e491c69e271fec9565e81ab282c5465fc5d0d98a9425"
-            + "94ee17e4557bc04c14a1e9b3d6f997bedf3c9854f21334f67c30ec17e0a15e27116bf057"
-            + "53123ae537cf2a735b49fc90fc3b60f99ac5f5b353427a97d411699b4e93f36a3ed02734"
-            + "5e228c32078a97d69c5c18d1d791b83deb2865ef0e9e9a3b9d5b0f25192ba7c96ee05f78"
-            + "913a9f04e317082ff28b13b75e81e7fbf8c1eaedc4a2c3dd4230fbeb1ba300aee40c9eee"
-            + "8c0894c45051fed1c2f7c419b219bd845df48582733c4e818811b26baf6d133ed12bae7d"
-            + "ea0f3bbd23c599d62efac4d175eafcf0c3c3c797981df399ea62ad6e2095913d86a74bc8"
-            + "8a6a676b3a447422ea3178cb3722d7e05f2175cb67ede648512491391586f5c99654839c"
-            + "b126129ad7e59241f20223d78667a6fc2762b0e14dd732c62b549c2b22705b2b405f02eb"
-            + "2a08869c7dc35941362c37d64d2ddf8b5237fe789999ad6818648aef6b12476cba89095b"
-            + "66afa4d1bc3491396315007848b807019ed74e9e033179954af97c5745cb943dcb469d93"
-            + "3094c52d7a4163c80880e6fa24fdddbd7fcbb19fdad8a17e75e809a1ce08b6be377c3501"
-            + "e16676f837109c16e7ceeb67199fbedbdd5d78483370d0f61f4f941da4d77247256ce3e2"
-            + "aed312d09fdce505da883170c926bc1b459563775f1a5aeb409efdbf74e419caf7cc6323"
-            + "f319a2a0c29c63f8286f0d63bca4dbf42deb1d1a101fa86a0eb14182219fb5d013a87457"
-            + "2b4cb3bfe7567c1399e0b55bd2d3d050123cdc342dc18ef23707c27f3508d3f6fb423642"
-            + "d9b96cc1d4ab6427ea98aba621434d117a202b4670a8151e7cea68656dd90c4a7b44a38c"
-            + "cdf5dc6dfaf72f4c9455d0d0b690af8b478b23b4e61c886cf76b397287609658fc729d03"
-            + "a1ecf3774edaff7e6b5607cbb15abf4176dd5fd55dc19971f4aecc865b101955686ec3fc"
-            + "ba9f60cba95b3b1da8f0ba657a199735f83b5f41d99838245bef486f20952cd307d6a684"
-            + "e5f2a4741cd39e9e73529d55debaa5acd9a1c55405f4b0f04c164474dc99b810f5cb3bd2"
-            + "eaf17d65efee7e1893185e02e09c7b12b111fc0f1d2c9b64c95956556a02c5a4fc064e26"
-            + "18157f85f5ef469795f8b638461c7feea655c5061002c027fdc405acc396306627c97041"
-            + "abb1dbf46613ea28daa3898f466f02b2865b9f952d62f5c216250a0cbdd0495034718785"
-            + "4a273b03f9e983c17b6a064c78477c159043e29d7e02ac9dcae2ae40e25eeb65b177aa86"
-            + "461c2cfe6c0f22cd11d1c495a073a52ae2844701bf4a113687701a4ed1a7d6f19f9a86a8"
-            + "4a8ee7858b8ea0da61eae32eb4dffb2abb07315004c483e88743cd966faae60aa51820fb"
-            + "35ca298d83310e360603162d027e2041659bb43b719dbbcd741fa8c9d6227d24d31b7ed3"
-            + "fa792988f1dce1259d721a5926fafd81578b4376fcb7476ba565db4e685a2d6be116b07d"
-            + "5b44ea9981a5e580c55d3e07202619ceae9daf5e49fb5b13bee641f639ce0ebbb3286363"
-            + "aa12a41540c225b3f081fda83f1eb5bb065a53b2a8f6c105bafe280bef4d84f73f60da4d"
-            + "1291e925731a4bfd508698c2619a8dffce9aeb17141ac8262053897bda1e034826ca7267"
-            + "877e2b16d810e9ec95c7f29e3cf9e80ca9b75c3c4b4660b3add09933a6e1589cb1b85b55"
-            + "0406d08acd49a2b2d280801ee3f7a6cc4ba6a2eedc58802e84145c0a530cae752708fbc3"
-            + "7542f0e5021325d4f8766cfd46432fc3a4aaa97e802b36ff090cf1a8a27a4baf64843787"
-            + "d633c52ab63fdb9744e354c0b91d815aaa3e33431d7a7a68a5cf45f6b4359dd96603d31d"
-            + "42f84976daad0f13ed2e0006ac7cba863d082709422694a783ae311101baa0055015207b"
-            + "b7e8ef5aff677af5a1bcaf62a7a485c389cd0c70655868e73013e9776dc0bb57c9dcf812"
-            + "5c0e2d8ff6939f24741f9e8a39a9dfc3cc44da1fa6b997c84b7bf1ca4fb3712760ae4800"
-            + "b3c2fca8ed4b6586c45ee17c8af8ce4cff5ff1e9faf3075128c0f70f7633c3d35c238dbd"
-            + "3e1f83be14a1cc48ee50756ac69fdf87ee0466b0a33b4e385fab0722fefeac403f1694f5"
-            + "ab8b9462da5fb196ac8b0d82414f34c1a8a2cb1e15e5ab7f07dc2cd163fc1444d35ce462"
-            + "eeb62b480a29088da252b8535ec521d41998d616b1ba6e83e347ce0837c805fd81821012"
-            + "c3685d52e4cb0fe3fe9de48fac7d45a76be4d03af4409ae66ee49d31e3d9974f06dc5673"
-            + "8c3cad522ba3b9bb1ec8701fc99c9fe7fdc327e2f6f7b140711ae3601bf1386f83fa7520"
-            + "af94c94c92b2d920c9da0f0389acd4a668e4955fa8cfbbad588c2595378e45e80c5705a8"
-            + "b7e77a605f99ed13b022ed7acadb66a49f64ee4524c8e8be49573c857d5d3266be5223a0"
-            + "dcfb116ef0cac02d03e98c3f4400cbcbb199266cdd358714d30261816a755f176f41d9bd"
-            + "c2b306c4aab7ade8dd3f95939480e4962784531ed583640014829e93f063ccfd345a7d22"
-            + "79c34e461dd0db2fe57929442565ce221b1e1bfaa2276b991b0863333b146f411ddcfd4d"
-            + "870b333845762df5d2b7b8c2b8d41706cedd70dd5a8252b8041046b063785af91e251bb2"
-            + "74e26c27eac5d0946997b425e3bc43f67a88342ac42f3572f887f705ba470b8c87889667"
-            + "50673a1b21d14a3b740cfb2375b8330b6095dc8b527fa65fa0d7c672f1b37a0fe6728991"
-            + "dbcf2350d0612ca3960ea0dacd334b9cb8585665e2aa463829debe1b17137d6e3e9d05d9"
-            + "8aed08974f51cef6cfdb3c4844f5de518cd3b99154f2dbd5be2be4b509e39b59b5cc5aa9"
-            + "34e51df7e9de203b58859ab715abcde6cb29c48b14717f171d3fbe0d2ea6efa9ced3e63f"
-            + "985703fecda75af4244faf58a9af20a927f3c1d51b75255a679cf85dd3595be24b0ff0d5"
-            + "90999a0dede6b14253ea218fa037a688db053372eacece54566aa866f4d62aa97db3369b"
-            + "b2fd7922f384bc9ede485118d70c4d759aa0e6f90ec42201d53ba35bb8da09cad48ba384"
-            + "48bfd10a8454d4bcb275310a1401f1cc0f228242681583d124018b7cc1bc96d4fe32938c"
-            + "414fce8f007fc359064271a8c6aeee66352f2bc28bf3b1fcd74a18276b338b30de3eb853"
-            + "e9599b5178794c10ef864c55f769a7407dd6f782526b2c930f4933d4f225dea3fe947b8b"
-            + "bd1a017dcd28803ff223f3b1008a407cb1f50dfacb264a69a9bc5b3429e0dd5071669f1e"
-            + "bda62428baa18ba9d943e262b74c0b1906afd1b7cac1e8faae2957f0b549870ab284f841"
-            + "1421e97d83f18c2f63e36f8e153fbd657ddecd258ae17692c9dff1710f5f3204bcce2d61"
-            + "246a793157401820abf0c00eb031020a00a639fff7f5715235871204ba234ec53b71d681"
-            + "595abe6ca3c89b9a3b1f8dd808fb427753336d2029437a528b6d4f7011bcefdba9f0b82d"
-            + "69fd792d57fb094edc563310f8819d65981d9ac7dad665b9fdeb73a85c38ea1b6e16e313"
-            + "72d4fe9cd5ef2e17351e2669957d6538288f8825519a7b88601a90d580c006f3995a208e"
-            + "cf6426cd11a1acebeb8878d1883ec284b710eb50ada27ee74238836e75a4fe211356368e"
-            + "4956032362c1b9d4e204d31277066a21e85c30f010ea63668cdaf5ce59759473e167398a"
-            + "34f1cdc7dcfa3b8356d96bb414684a11f24ba9c48f59a1ec578e67a37f80d4ac9414e84a"
-            + "63ea1c8a982e12a7314e24ff97dfa291ab53c24e4f754be45358c2f57c24fde8bf77b786"
-            + "d28ffdf9214018dd255c17be56607440071e3f11b31757af93f9020410dc95308d62e40b"
-            + "ca702c58127b727abdf27271f8a249e85785e50de507421d3c5e37801a250f4cef6568a8"
-            + "3b7dfcf3302d6aa5b4bd14c2a9aa103bf016aa9bf5633a72a4205417fa92202e89a62ce3"
-            + "392005c7c54efcfee818b72ed5b75d2f498842d6a677824b40e9690f495833762b6096e3"
-            + "87113ca6614f94381b0a8f8261c046ec3d904a01fa32b4246a3857128bd8ef35c41498c1"
-            + "38f476efd47d5c93a618d0f801cadb3e1fdf8e5d468e26552b20605a15d9a69e13df789b"
-            + "7423689e1cc4c2db339be4d25c7524abc1044eaf7a45f030edcce4b0fd79059668d964e0"
-            + "6ea23d9bfa8c6aec6f6843e3d6a312b2bd0510111e3d44a7af93705cfba39448ebe7f335"
-            + "1bac301341777fe89823703e3d942c929d2ff567a3e68b7f92032244347444b6ce9ff6df"
-            + "a0b15443b1190f5e182895ac4cc59982a5568aa5af8193dd9f8dc47af44171555a70591c"
-            + "cc43290c52d8634d2e812f733ee6ba9cddc5d81f7aa0cad99a647f5bbe074c6e8bcbd6d4"
-            + "14a594edb11eb9dd46938e38aaba6c679b49d2c0a5abee144f9b56726c86e45b0b3d3dcd"
-            + "8932cb58164d2af6015fea5de32826803eb6dc99a3cf3f7139474f45bbf51238738c5a93"
-            + "018ccb14d3b4a318803813eec0c8027bba8d101e504f5edd3235664e48483236f37e6174"
-            + "6892842d5aeefd92c243fb7c405a3e936b60878b77e342b21de08126d7b4e02144e4644a"
-            + "9321394dbfb85b855afb015dd98eed3446ae00e621390f10758b08055294ec4c3b71cb9c"
-            + "1403351a4cb40d61a35f50b7919a2c21ecc8bd484dd9072ae95883149a1f82ca7365081b"
-            + "359e138d25fdae799648e4b02a1b95a81e7e058681985ee96aba5e069a1b918f333fa2c5"
-            + "5f7b1f1d1bf8bd9d7d12060211c2635cc8b69acabc7ac02689cfec63b2d25414ac388595"
-            + "e701f4e1da96e13c4ca37981005870b34c9b4bed1ebcad29310b69b498b31c3ad8cbccae"
-            + "816d853014f774dd22e1229802e3c7980023d0c5e37f1ce932268752ffb6c727240ca013"
-            + "e5431adf691432272d30b360dc8877b4319d201168df98e33b223e1a82cfd79f3c75b514"
-            + "bf79ff43c587295a1a415c57f57fefa1c50cae59641c571d327d6a1caae11b99e16df8fe"
-            + "ebbed3c02d7cbddd3e109a0ec6b139963a7050c6e5e0ada8e0c5ef4ade68446dfc669a78"
-            + "7e48796be7a6cf9410d87899bedae7da22f57680d8e2d74fbe7be6867ded1bd291d26a94"
-            + "0dd9333977d5381ed2e7821600c53c4dc408601a93c57308a1595a7f4ef7bfd1d6f4aea2"
-            + "3d43e69e51c870efacbee2566b1772ac9df9f446a0796a0c36ebf7f6b7871fe2c25a5efe"
-            + "878119a6f507931b13b9a878a72a708ebb2ca1cdac93314ce5bee6053d986fa2f3c47fde"
-            + "fb81229e1fb433b18af563fb223369e036f6317d4b0803ae384575cbef4af81b2ed6430c"
-            + "cd672f6c76e1a8f31b3283e53a44100123737eb064b15241891d05584ae1a0e70c2ffe05"
-            + "0616e42beac9442b643682ddb3ca31c290be1e5e9ea716130df9e06ebb0e40eacb1d9adc"
-            + "26b957baf60d228028a884516963e133126b87599254a63d50ffd77f269774a210173a8a"
-            + "d1a661fe8eba3510e653d6a585f116938e5aa127a4af2b5fbc16b910e2071148d4509796"
-            + "9f06f0db0de5c5b8bc552e3f30a499de8816334fc1626f3bafa76162d952e13d9784dc24"
-            + "7a59d404d44e79c8c89edfdc189c5635d064ac48d981ebba002b2df5cd4ea3d35b5d3934"
-            + "7e13ebb7c442d509ca1661c471558951cf798ba69b7b9d4bb2d560783d2951cbbd7c0ed9"
-            + "e3f21a08f87ecec47cfc8da0c6884722de3630ab64a7d3dc2ebf88f968bd67a615e53f6e"
-            + "d91b60b8755222a25633a62d338667c87a47f8f8639f4058e03b2e36ce773d9e98a65178"
-            + "8a7eb7a5e4dfb54f3e171d74b989356a279db93d6b47d00bd2bf9963692cadf24dc42a44"
-            + "252081419404aafa4572a163a760939c3f31af66c6a8908565badea9b0d3d0dd1335a004"
-            + "9c0c00d12b0b834792c762a595d5466c1d7488af7de961c31a9c7cc4eef0fd1519df1efc"
-            + "1123dada8ae5bd7fb9e46db529e27ef4e71bb4b1d8fb54c6518b067da95400191159c522"
-            + "35f0c1722f79691f87625d8fbfe91f6ad9e855d751ec54f6c52da0640a6fd690a75759a4"
-            + "a97cae98cc194129493545ac2eb059639f80689576884a192f4e0ab885fd6bcb05aa7fb1"
-            + "c0fb8b6335ada730b93498e38f533495a4a79040963f9a3619373d24a8e3bf5c3be7579e"
-            + "eb5e172fc6902fa8489e02f10ee887d35bba54b0ff9bfddf2c8bc4e507af43be4d76e979"
-            + "b8dbd8ae7118b9c9e4b3d4cc8348722ad994bd1a6e3cde2dde3e58ae84b9b4120db838a0"
-            + "9ce71502609596ec75b4037ccf9f824987fa6e598d4804d82f458e63a17ea7efe65840bf"
-            + "4ba96dff3bd0d7911fa3acff7a6189818979d3e1f5bf04fff188342fee0516611188f848"
-            + "ea15cbc8cc8f5dc241e24ce0a6320c5a0081594f063edd535cddec4b0d86759e5a278b36"
-            + "c16332b381f73bfeeafbf1df81fe39c3cd535fb200c05974160483fb9e77f95ef10e3591"
-            + "28fc41fbc2242f164d285c0c9f468816d232be049ca81c75a3c6280768867f57096017ec"
-            + "1dc09d1b5e8893ab1e117d4aad1a1d537226c40d3576960afe42b9f0512f10a81265bd91"
-            + "2619c9c93d21cf37db48ce7676ab8452b9bba286ca9c98153032dd31e485999771c59c2f"
-            + "2de66d79b2a585eee527bb56aed5d46f5c4a93bcb4ece9b160b0a077ae4156413f654b1b"
-            + "855b66e55fb844cef804e382d875f1ad545e16ff971a2e2eb5351bc039fb8518e21e76b9"
-            + "fe5b7444b20e3f85a1376b52f3ca9ef183e5485c9aee969d159b4e1495acf04abfa33983"
-            + "3289f5d888c8d424854484e04039593eec7789dd357c55ab287cba87fc45128d761e2d8b"
-            + "6435289f443099392a762beef20d7fba97cf78f80d5b964d84457e3bc04ee9b5ad4cb6d1"
-            + "32c5bbd48529495cf2171b9572237558f04bb813ca067ecb12126e8f4d31a2d1f2582a5a"
-            + "36ee9d9052759956709c5f6e9a45b526ce28a2e563dbfe068698bc28b05af99f48e9b3a2"
-            + "7abc43a692d44c8d1221e4b3d83cb2ca95871a577d8d266e518ab0a64ba9965e7582cec8"
-            + "2d4852f7895038332f9e077935862866fec64e94a929e00dd3187919c84f63634f903aa5"
-            + "f209a53e3b96ebcff5a60711b70ac2f5ec179bbb5a0e1c010937d61dc03965e55e71947e"
-            + "627079151ba0c7e0ed668b2432ca24ff7786b0bcefb4448b7d5e962702927f500ce4ef9c"
-            + "dd630347d547de52af2e78ab30fd7d4f1c897035025086354aff0d31b51cce3f194435ad"
-            + "2108a4b49603bf2409334e02b4c4bd28f9b8ba0fda3f43da5bbf82bac2264f31a5877feb"
-            + "979399c9495f6d7fb407d661a05bd56c2f3cb7b7bdc4953d00d84eff7fbe63fa8f85bb71"
-            + "1ecea6ce4dbbe5e51fdb154fecd28fd77657a1eafe56dc718010d37cfd14ecb6b830f5c6"
-            + "26e59b4a1c14cef908d49a1cbbeccb68b55624357c8b29fe0753aec4eb39dbd388be43f6"
-            + "a9a159e79dbf1d54f4a76c2b6cefbde271fbb292a4fbbf1d7845f5e6275b9471775340fa"
-            + "c6102edbb4cecbbc86506d304d785d0f56e0372b7b49785926243347ada241619a966abd"
-            + "9fed990a1216e5ec6827cb723d0485dbd71c56f173a3814f28a658aeac33869da1dd5ec7"
-            + "b43ecc2df9b132ea802f12994e04239fd2135aba78c3c02e919e9f10c90c6d21a00e27a9"
-            + "44dbe164c96e35fe7f52e75c1759f1e1bfada5d50ac9c06219834f2222aa2b66446c6f18"
-            + "6bf80f7a2af1b5d1f1730b39e42334969a1464ecaef9b2b4e368604e7c472358c843df0e"
-            + "ecfceacead2d46a986f930696aceec459a95694f2ca6745ef340beddce1276eba5f2e78c"
-            + "d4cc4fb89bce9fffb9f03f374c779a69349d2a03b4a497f03227d8aa9194ba18c5aa730c"
-            + "f1e70e1ab5440566dc095c0d084d1af1337fffe3f35ca5e6e7bfdba8c66e0a3e4790128d"
-            + "1e10ba6bfbc16dfa4fc9de9cd1c4d5f89f07fbdf6f2075965d4ab03a61d3fcce0f6cb134"
-            + "45b8121ebaa22774dc2f3cb3d1b3dfa00a2463172b5678dfa47ba9d58b0ef9b88791c4a3"
-            + "76bda6b0e9062dab8074ebd760476bc7ff3620c4dc7090650059c6f5eeff68133755bc2e"
-            + "afd1fbd419ff407b624d4a0ecc886c5069726624570c595a506fa41a2c2d9ff3fc3c76cd"
-            + "58c0949c458b032a2698d346f18a2b22b71b36a17abf6ab78646be0a68585ab876645c43"
-            + "797fb542e059ad109c251877ebc5fea65ddf1e3eea7a708b4ee535bfe5643e9c0038204d"
-            + "cc4d8ba369a44c24d13b9c76d41f333dd3133f3cb27653ec925ffd2a3dd29fa4505e5973"
-            + "272e5fc4f733bf4c743a3a45f750ed8849bc880aacc5cc9d4fb31f22dcfd566cef92f3d2"
-            + "e3ebf4e6f24f8acca855f03642b131c6d97f76b49ada593753cb0e2dc66ffaedf9e0de40"
-            + "da97423de101824651faeda3335b7c39bb84ba7f948976ed559071a406989f6c527c9d38"
-            + "a10c7aaeb1e326b05b14c328e18446666cce1815915bf76dae46da43a616e883664b4947"
-            + "2ccfbdfb249061ad8e4ed23fd2cafd21c1e510b2ef816171db531ee9dd6059fd042b0dff"
-            + "3a1d18aa7522ea6d01b802535e4221959cf82c06f694598fd392929897d17b04a171558e"
-            + "9aa0ba97a9db9e8d137a19587b02bece5d6652908e2c0abfac68d45a9d08d11a3aef91ea"
-            + "a357fd876ea9147c0aa5630693cbb1a2669cf957060e5793b146f536f1985defcdaee12e"
-            + "136e62e79ec77aae6fce97097355bcdc6a8cb21813b6bb2110e4c61a538aa11a36f976e2"
-            + "0a2cd8270deec1c18b7f6d91f384b0c8d21d676aa336736e2b0cec288a68769effc584fc"
-            + "3255b04229a4d67a69cbf9a9358e4b749c861b19470afc707a903a58f1d0bb19ec9e87db"
-            + "857c36adbf7305409653e52d0b27c0e997bd2412cc8343aa849eabc5856bab036db2c27d"
-            + "599a953242ad259cc2eca8f421fb6d4557d7b486c159184b246f1b1165b7f6a0a7e1d4ff"
-            + "56267b3b862c8109244c1f3ed4869b2d9b55ec906c49d5b35485eacc48a9454df757eaab"
-            + "fa34d0c0194e423dea18b473bbf8daed12e25347ff8e96b7501f176126e17157bd515023"
-            + "a5cf43b012ec3f961a3f23d7912fbc557af413b4399aa3f56adbf8f95a8122cdd1165781"
-            + "08d456835219049b23e6197033a40f92edba4b7cc63f2ee43c80172377c48c8cec88e8b2"
-            + "7eebb0f145d9ee0dff64eaa83422ffd6eec479b4dcc8f463fac228beab22ef403569dfa9"
-            + "b713647ab62e86fa6eeabe30af2e65d237b8bc9d5bb26cd3b18b25561f51cd091f91f4ad"
-            + "4d66432ebd444ce73924f7cb261df6f569ec5f354bde9001af6dab0e027ac21e85ff5db6"
-            + "28a50e5e8364551e62771c8aed96ef1c268d55cd5e9df8ed294fc80ab8d6910471a30b83"
-            + "688aa8dbbaa00a48a6289f18f0777dc55fc278ab7589e8f301002da980b315f98436ec07"
-            + "c7110ccb098913c5129bb86d9dce2f87c6f8511acd5919fc5cab78685f84cc416e2823ea"
-            + "9bb515c5ab1ad8402b18a946c6a68345a4144fb55b8fac05ebe6ab344085bf16f2e35589"
-            + "7f8a940b06fa5eeb22daa6644d24de552c8de956ad9a940e0c1df5bfa7622da1c316e264"
-            + "b0675c606562034c544a9f5a7c87081b49ed707917d949809f70d2871fad5e0cbebdf914"
-            + "5d7e59bc8d4a2122b67c589b69d5639db422320c11c48361c61217cc9cc65a3f68e7fb57"
-            + "da9c56960056d51b368514873cea56ad9119ef0ddb651e27a7383a87b9d82f62fa2141cd"
-            + "9cfade1180a0c701f95898e559b13235b9bbb7e307623e3239278477e219350382c1ff34"
-            + "68d5d0660716803089e2c82d643cdf4ffcd05933a197585a1db24facc791243aad9cf812"
-            + "4324c445522583d9876bf2fc490743e878419991dbcf6bd0d942912f5acfd6eace6333fc"
-            + "2ad97daf41b86ca8e080b045def649d9a80111b9182b0224e10012397d7cb0b266e6201f"
-            + "d9d4746f5525a55f0167776ea43013e1222d2cc22ff3bc5c2018416e694f1ee8984c4db6"
-            + "d8fa1857e6ed19d55bfd54f958fd115f3b1b8678b6d45f142a587c073cdaf312ac5824ba"
-            + "35f0aaaff84b17ac7d02a425f42f63e259693b07cd6830ca859f1e350c4af4f77d8f0c06"
-            + "d99f81e9efbc881d6964f08ab817be076cfc297f41d44e775c43571e4805bc162ac7f84d"
-            + "8a965f97a083df143afc49dadeb51a697b4af2597b18bdddd831d8a091d1c5128b29f228"
-            + "1af3dc5fe7310f2d4b35db2b6384b1b3c706252e1387e73d06844a80cbfe2b48898be26e"
-            + "54ab22733c8d14fe5a7c118795f1a6749493e02f2f66ee274fb0d6ad05404fe62d7a03aa"
-            + "880a6c837bdde15a395900648624add8b7198d8ac622812c132853b919c0e36474da74d4"
-            + "32820cb1a06fa191e26871041327b7df3b56e3ef1dc1e6b4b4dd2f32226277f945bce242"
-            + "023aa821f8e80cf8c5003fe98e4459168a28e17143828e8bd156eae591f29044bc864bc7"
-            + "fb58af4158b9b1d66dfcb3e07f645ae8036dde82722d379e5ed0e0b5f2794b40e9b6417d"
-            + "cb6e97786177740a3d46a16bdfef921277f52bb06843730ca446cc0e243f862d77b0249b"
-            + "12a619b47131d1ef7a7537dd2d77703a19d87a4388c89bdeaf3663c509d00c4816a55b61"
-            + "2a0f286c1c9c1fa9619d4dcc1d09f71441a1df4164a63c916b8ff8bd9809051c319bd122"
-            + "df02820ba2bd77d03a14726c3aac1cddd5f005084a83f5c0626ce4dc43fe1408eb859bcb"
-            + "f0345c21c539e3006318b242cd230771be2396b9b7ad9fb8eeb2004f2225c2ec2399b88d"
-            + "474da1efe75c07a55b201cfab4cfb8e77c0bc56aebab0ac5a45c7d063b06f437a67dbf82"
-            + "f9730748227717318b1d6341482a78da8a86130e31613c05b83dde8824605d122e0b0801"
-            + "99167de5da04e3f5505b07634051e3f1918c697cbceb48298d6bbf3cf9260939d7b71ebe"
-            + "bac6534d1e7cea242bb11ba601250b223b1bd42418d8ceca6dd4f01f31d51810a91139df"
-            + "04885babaf4467a2b6ef2e82b711e5c4323627d37f062380cbc001d52524235aceccb2ad"
-            + "a17444aab32bd883017e01a17b75262dfab5039684dbc60954431333440ebd9759b289e7"
-            + "af303a86a4a88344770da443364f59066e5b659ee2b2dd9772b21d230518b93f61ace293"
-            + "26792e93f54d61ba59e1f02809a67cefe56e6277909d6157b0af330b9a792c33f9a2fcc8"
-            + "284a13d3db514e6c5b064db33f290b99ffa57ee61a474b4f18724e2592c09d917be68225"
-            + "67ca7e603e9d05f1121bf8aeff4b16d1a36f3da0453329b80ab6280c2451595303b8b50a"
-            + "fda467344f6f87bbbf9fb761c055ab6fd4b8c91f80e35a4d42a54ccd364895890556d868"
-            + "6bac4d85cbd86cc5b7a3ec98d5019d52da251f0e7d348b3635f0a9f73e78e1428b0e7d96"
-            + "9147bf1f24d385f89e75e283217a1c60a40cc89a678facc5611dea8775354b8d6f0319c2"
-            + "c9d3614e49a09390930c7b93304e0b6b0a2c3b0a4dd78f39a7ccba8c69ae0abc03b96860"
-            + "f0197261a82b1892783f9aa94a195ddcbb86c9ca7fcd104af64694ad0d67d11611d2653f"
-            + "6c09433ce59d32bf523e30ada9813caa872b1a19fdc152ded2e954dc42a80237ebd12a86"
-            + "69d80e88a1fd9a653183e4bfaddaeeac54ea0f6488930e40e01c1da9ff8127dcd6468e70"
-            + "4f9a8b3f45cc05de1f8f28782720260d9d041f70a4bebe18a325368916c7230f54207ce1"
-            + "74b6cc16f9ad3fec29c339e7b40c6a12940f5ac05a30548db2c6a19d1be98640a01e734e"
-            + "d4186da54d7374b69d090eb8fa39a207209562fd0c11d78fca13bfe6ab85808e2ee558c3"
-            + "1d4a5ee295fb8ccfda5c6842914b7420b1ceb372d312d1bc29bdc50a7b32729a9b1f3662"
-            + "adf915a089eee2887de1140519d0ea8ca394cefc2b7a658a0fb3182275f0a78721bb643e"
-            + "22d4b8c77ecf5bb8327309ddf1169a77b0a0111b9793d3a3da376d843b6f218638e5f690"
-            + "a79c42618c5f1f47225400798cab6bf1877723e330f06faca18fa2eb089f1d2118770b06"
-            + "83921a4dc72e71b766f240beaa70282ccae49142bfc6137109f7e6f770df4e0c99e662a3"
-            + "ee0ab897bc1182a082e7a344cea94a12f7591c681b84612ff4de370544c1f4341735d354"
-            + "05cec6a9b863f666b528cfa9f6b7dcfdec7777220f43a763b68c45e186d856cef1829a52"
-            + "d7735463ff890f8b23434a062c2096906874acac493a7ba5cc658a06066e9641fe35b6f3"
-            + "04f047b2384b8ca05167d6a6fc5fa71e52a611ef7fa783e07f4a6b9eeadf345996d39096"
-            + "f3d1801a40f61456a1fbf9c6137702383354206bfd6dbade4a6cad7cd57f99bf1522fc25"
-            + "19ce0af6b1ecee27ab8ce4cd25e3d519d1da0da71393b046b61af7c9d1881e820b639e72"
-            + "59a1da72ac3951a067575e6f6cbf4c23453933adfddc5f64e838e67eb2d16137c72ac91f"
-            + "ed7a7ead716233ff0fdd1e3a0de867a61bd2c77d237d89dbcae503632f6aa018e4ecd2ce"
-            + "1f2c9bfc562b49d2585c151f6463e5fe82690660ef5f6c5de963a0a45a26231bee4b60ca"
-            + "722cf59c5f81cb986681893900e5dac26892e7f33c93802770cf8302c0679fbfb915850e"
-            + "f76cf2941f60e0561b8d9224fb72b3cd78af28ab02fef100ca0b6fc2809248990f9efcf7"
-            + "ec1743a512658ab36532d2cd19e441a59b464ac5c630a334531246954f970a6fdd8e16c8"
-            + "85dff3638e8bb61f9dd286f5babde8bdd624de1bab23c61738d7fd68f4ec36e3f269cf4a"
-            + "32abbf13ccbfa2f45b63386681276a51b8f2c94157b65582c633190ebd6b5d79761ca5bb"
-            + "862989f257cac1cbdb02398707f759b1e1d05068ce12220b9dc74fce62fdd74e0468e8f2"
-            + "2b52667bdbdcaa7556ec962b1988e7928c637623287cb7a3150988678044e3633a62d7c3"
-            + "63f72dce96c5967923a02656c9cd01e60ec494bf545ad29d875c1e953ea121a465deb5cb"
-            + "7cc2b11480779d6003ae529724e463b84a3d131cc9d9b083cc3f28202578913e8571a2ad"
-            + "691a1d5e376695ec61bfbf8d23d8f9c33d4592dc1d3db9a9809073cd7bcf389f73da5c16"
-            + "9776346b0a4bde33cb18bff16dd867028219797e5cc1ec3ad32fcb61f4404de0c520b78c"
-            + "1e6532be83cd16cd079f919facd9af2078099c3c3cee372052a4e6d6194695529b3f006f"
-            + "d4bc9098614cf60b450b13c677dca567c2a3aaf2a9a958613a2e03801d8ce3d52e660bea"
-            + "f946e4510f8c1d69c6a169290bf0450d9acaccfd5f9eb9c96cf920c5e06ab4b4ec4644a5"
-            + "694e3a6a6c6c464eb03f1a73aa213fd335b71b50aed725681e03a7f0bdc5ec15048cf673"
-            + "826cc29c2473148a30c37e288569cf821d5b396ebc3a2cf53d43e020ebd03c8409e19f97"
-            + "609ce2569df47bfe74a83e6121ee26e12448ba0ab1f9e89a93a1d31ae520289ddcba87db"
-            + "cc3714c6217521c506a1ae6ca72c6ddd5730dbe1547daf4e9c35f264eb587af33da59b03"
-            + "fa0f4896604ce5c2c84d8c6ef8e9beed22d12374591725b01041035e4b568525972dc371"
-            + "62b1b18ddfab02539dc23bcbee241823135589d43c3d5b7bceb5fd93bbd3c0d48d0a2fda"
-            + "9869c5aabaeab426524390287a3eaa085dd99bd17610a51d42ec345ec21478dd66a334d3"
-            + "dd27fe005a687a303cc453d0545942110d18b259f651e44726b39fc297fcef9ddaf8342b"
-            + "855035593f64500b52b0b98b1d7afb87540034b1a2c84452ec149d17c6a4fad14e49a20a"
-            + "8cafd7e9d07d4b73fa4314abd6b5f338ef4b0b093230af54b51bdaf6af97500698d55da0"
-            + "ac182d937f07e680567bc2ad1e6e1c955d6244f563c9ee7e8910a3d9ba860cbef5db2018"
-            + "86e0ee6aa33d6d1419f1b48e92b7c85d977df3a0b6b0e14b6e31eec03cc40af606d26ea8"
-            + "5a5f0f52b4ad67d430577dbcf4d1935837a3e38e28a11748f657b47e3f68457d585b76ab"
-            + "5a90960b723f2155731dbf5e38f535a7f60eaa532277aad8c76484937f9d11a4e1e137ae"
-            + "f78e6a0adc5d5412cf59818634163f908135c16d987730075c67402cacdac94cf648c3cc"
-            + "fff06ebc46e3b2dc36b3d823174ec5d9d376e015ce96a2fb08e91096e44937d400c674bd"
-            + "f14ee6b779bb392914f0a80a7c149f4814f558d3fb3a65dcd260b11dde6694edf3438385"
-            + "ddb9732ad881b0100e0eb29fe4731092486212e10c035f7eaec3b995d738d9e2160fb86e"
-            + "960ac872c68cc9e2bc0425149e504ba1b169fa1e7bba8c6ae38a1f071e39e3009677dedf"
-            + "f10074c200ca2edba43943f04c8a13c92555b37a58273c512dd63dda564d0a076c96fce8"
-            + "7b0dd062905c5822fd40049e3cd2744e2ae39ee8b9a0aa8e7982de9be9444c82ef976764"
-            + "86866fdf74099e2ba87e466e54931a7856fc91936552d4b5f049dc0f1f0305a7345afb15"
-            + "a376e2505278ffc89e95615cc0dc5e88608f607d7bfde381956db0a3be7d5f738c8598a2"
-            + "46a86e316ec6d6b6a09390cfb15814518fd83f1d05b8571d6f90b09cbd7c6709d9f77af2"
-            + "a6be1e8559267591ff9b07c4ea4f9000b73972d9d70760297ec6293e9e3533827eb4675a"
-            + "9eed5009729c77d9be1505df463b65f2960ee2710e17704d4217fe4b436040ec6d506062"
-            + "60186a1863f3b3859c67832c31d7ebc7b4787ac37cc678508247b65d0bd921a8f01d6880"
-            + "113977ff46b88ddafd527254d1781280622efba0c9278b23ce3364eeb18150ed927718b8"
-            + "21ae8ba9d0f10d8f09433663cbec591aaeaa66605317c151dcbc78fa590e9fac9e903b1d"
-            + "4c3aa3b6dfb9abff8d74c40157dc818327aed5d90014f4513ba314a3e5700376b7c1f9ec"
-            + "f33d0fd75a0b994cdc9b0e90068446ca4272cd90e49b22e99d66e54cc2b9d801e028fc7c"
-            + "05acdc96e85bed2f0474cdfb15d14ecf8f467673ff2bf754f8105f6e6c981595be96743b"
-            + "2a212c2ed0d33a5349e227a2183afb4b8ca09723c454dbb00900d0144fc23d93da01e422"
-            + "e0fa7991e3c441f73747356bb54eb135ef6a64272de477e42016083eb2372b89e74bcc05"
-            + "d4866ff408f7831b149fd2e6916a02e696c0e277a4a34cf3021ac7238da08232fc40eb8c"
-            + "0f8c13e02c474b518195fea20ae74eb9ef9d2e7bc706cea89209b2b5d3422e94a94b1ede"
-            + "0baac06b6e8da0263e30c422b227a0d62fbb4098ba4fb68c5c154688dc7429c735d8c1f6"
-            + "31391521c659201aff0735a50d102b5269ce0e1b6c30dd3ff19722aade2370eb45aa6f4a"
-            + "6c8f0359c5054bd9b66343201d6fa9695a3d87499ca48a642ca7ddc7d5fc47c0dd0f2f9d"
-            + "d48298e02337e1adc5ef8c04e967708097943cb4ca5d10102d6088472e9a219e03aa77f7"
-            + "0a282137708c1b3d6298e79a676e160d6d2610b0d15a42728d41ee503352a5b66b174c6e"
-            + "bcf2558309651045bf79eba7b54c4690058458e2cab6c279f87c76f2b02984a07447e0b2"
-            + "acb3a2aaa160bf4596e791d6f00bf130be24ca0aaa6f613479ed8c0a8971164ec25c1d5b"
-            + "67bce4439db5c395208017a68d3e8eaa2b58169a26ad265f86355e5cb25c5422ca85ed32"
-            + "8437a23b5a79dbebebc56c2a118cdc527caceeb533e7b0fa7cf9a38f87e0459332995fc1"
-            + "b202a24fbcd8b34088759c362ac6f7321f223fdfd6f8951a0f68ed067bb00a2fed2f9b52"
-            + "243942eb2495e37d4c38a824367c9c0b56dc112eb9f5b9dd498aebd9be6b6cdb02e3a216"
-            + "2bf107155e3e6e9a09907afb1511352bbdc4f0e7df526828a38b444e9b7c830ff33edd01"
-            + "027de5ddbe9a204263ef0a22a5cb7787a77c43bfdd348a15d4d195429bd762b1860732af"
-            + "6a16d98bdd56e8f67bb911852b8e8892960cc8e7586951fcb02395ab62fd249d497f088c"
-            + "9b827cafaaf035029ba4b13fec4b0f5251e9ef69f62714fbf7bb2607e9a42af0a8b76353"
-            + "75888b8c8ccac0a3edc6a7b8dd51d63741b7738e30d147e07bf0c935fadb81703d6d76d4"
-            + "5e769baecedec0d7d28149e70cd7047ef26383f5a31be9139e4ca9c93a96a57a38178981"
-            + "94f393ce83c3b6828ade4a642e28b81e6c1716e3ef67a539699945e8ecfd926e3bee4f63"
-            + "41fc9377b64eeceecba1caa1da25e127faaf7edd12f0e611f94e12ae507ce3b3ff637143"
-            + "3bd453b11bd7f17ba0ff63db22366aa22f6a3d2b523f815b10f5b970e85ab1d9341268a4"
-            + "5e3b90768367413d4db5e8ce9cb38bea65bd43a32921873f0fb463088a5f32496c9283a4"
-            + "d9b0aa95605d92c924355989b4d6666964f31b63e297b793563376cc87dfc46cfc32872f"
-            + "91474d20ef94660660d58e2577fe944280fa91d9f89cad7085e4abe56e6f526837138a33"
-            + "af4a992003f42c6c1da63e4cba4ecf75f92b4865edf67ca5b25ec58608bce536c19fc492"
-            + "983137c5a0db6b29671b44f4ac96084148c8a1c65963d149d7a9cc900783806fe7818fba"
-            + "51d65fcd8e5bf364561e4b17c973907b295421f5b2660100426f3d19df9ebd4b2c8cc0e6"
-            + "c5bbbe9318c4811076a0f7f061b762c93296a168b5fa99ea5ba54b3a9211823f9af4561b"
-            + "ead0749414126cfb2a247346e2b0e8adf7ccf76cff290cc797080e6509fe5e49f33d7f1a"
-            + "7c4e034ba8deb10a978f0f3d76036fc437c5750a97d53c59ff69f3d7159f13f0499b67ff"
-            + "b552d0ae756d6f03d3b5a8770e38ca59c74addaeebe17b7c75a13700d12605a56c636a87"
-            + "a87b2f84a13b456d1e2093b6dc8effb248480c20b7f7c008b71cb92fea8f047dd8b460d7"
-            + "bb9c05599addd45d901a7d7c57058745c04a1f1ce32068cf95367951ff88e3eb6917704d"
-            + "2e7f166db9a16e28b26d49d37af5f6916037f516344b62b0db171d0241331fcb5fbc2213"
-            + "d63ba19025d83f8564755c3ce0126018da7b7946d7641eb368b6dc8dbb611f93355a6087"
-            + "ee30a30bce131895405470e89bad437a9bb1fc050c800eb6165cd42e9100e60f17e9eea2"
-            + "1da315a194fb5f84977df7d8fa7b885f51a2784ea34fe3cb1401f2385dc95480304764d7"
-            + "c6b5b086a7b75b519865d7c11e5be0fa7ea3fca056eec5a82b40426ffc6e199d4db9bb37"
-            + "638f5992cd7cc1280bd57a69c290ed26f764a923b82c831ebf995f80b4d6d1fe51f3f6ce"
-            + "ed5c1934e1d713b04d0313ed6f7d8d3c239184ecd182b1820ba176ff362ef6dfbcf6f0ee"
-            + "56287fff6ca780ef0d6ca1c14d17895da81037bf1001368ba72f8af39ef76a7a66261ede"
-            + "f43de21e77e247dac0ac1bb2029894ed8eb953b7a5e0d0febc6db6a92fa84b7e278aa2a6"
-            + "f7952ec7cf9877c610a611107e8bf2cd481f612262c61c03ceb36227f4b6114e799e676b"
-            + "e20ad9a1dc4554250dc125ddebb912af2799d83842c0f1c4c3865e084ac9cea1c8c0c2df"
-            + "a21d3bc3431635a4c38107c47043c195f3bcca58cb65d2775a6a797991ccdcb856a636fc"
-            + "57848f571ab36c3f615b3f4c772770476f196bc3e94101423aa170732b41bd6d91e42b2e"
-            + "4cb47f7044e14b269c1ddf1b7b91be767e0b7c787e816b368b9e7ac2f9b807e44d9ec224"
-            + "4b303e0fd95b6f21811885544910518ac68e04644c7fdcd422b88ef20b3f21166fd9fa54"
-            + "383d17f2e20ffd68272f445b3e699fb65dd9a0df9a32c7e4962541451f5e800b0b7b2fef"
-            + "df7fd15378e66b0b5e948652b59f6ca775b7ee0d558bd084650567931d9bbd79f4b60efb"
-            + "3ad6b2161f9ab876dc97de95aa3f648157d9cbda81fe73338b834f6b1724354600c1aab4"
-            + "aa0bf6eb85b3223786a743cc35e28d81c05d4efa5e132973ce42d9830ff22a8e1d1fb1b4"
-            + "5134bbf9193f0570b43ad0bcb533f59d3ec8b77998509e766bd0261e5b913e11a2e3b219"
-            + "0ff660f71eeef5549fde3009ebfbb30afe2184b73d23d84e47fad48934b2193941c47453"
-            + "b44832ec9690ecf664a5b88897fdf8595909a93809a394ef4d08682f610135e2aa6d93b9"
-            + "2c295748493e0d71880a6454c89a4aae706f9e712415ee37f0dfe4414bba183a5cc25c1a"
-            + "688605d280abeb3afbd7dc1bf696f1f4d109c694a2b4b7c4dd67e0f9f6c556be8bcff103"
-            + "afb40928d25d91da4222f71fbc092cabe214bc12f4df702e54cd5ae9489a7b14e4f60162"
-            + "04080449ddb6c0cb4cf030a36a46c457e6a8e410dfad630299d7bd2c158d27da09679509"
-            + "2edbda28b71f9705201b0746f3375513bcb5aafaad0e1edc8ffa76faed6e5defadaeecbb"
-            + "9d4eeecf5944528ce1a1be1dac0477f8763eab422757378e922d0231496c791d0527dff1"
-            + "849526b125411c2fe471356879b993bcf1375d6339df647087d1860410a91d89f7baf07b"
-            + "5815fc7e2517dbddcb49d57e6f2e678473c416ddc2c878019d138d50ed95c3f3a0af8b3f"
-            + "c9aaefaa9cab78251ca6f899043f7efd66e262be492b655ae1f546953253736272d7ad7d"
-            + "c2ef505768a1be8755ca2ad5c959efb89068718955400fe9d1bdfcf631a2ce7127ecd865"
-            + "9b4aff6ba4e0e49a80485225de88e389bb25e4ac4636edf8203e285d8b9bc65e096256aa"
-            + "085ca7977d19afd3f7df0d7c72ffe2f5fc9eefbefe2e96be0e904f1a877792f9e4ea3e20"
-            + "f953892ab92743b3737fed3885b924bf1ebfeb3860490a741c62b6c1595b06d89018669c"
-            + "ac8b044fb833b6d39c3f660b66611df9b04f35958e486a5265d6103638f6777e5101101a"
-            + "aa1cd56575a294b0f4fc4fd830264ed086e1d4072f60c1a64dda3a0fa1a0ee18a7ff2355"
-            + "ac5704fb10d2eb59f8a0267b5555f7bf25e2a77c46e48eae1607fad7b8cc456e409617aa"
-            + "d7ae6ae443f362dd4cfdf6792c728d19d290b4e1b09c8521c0b8ebde286e44041cf50169"
-            + "75c509caee50af40de65ed809c62cd260320fb9b49c6be4fc939d9ddd06f4713a4b2a79f"
-            + "b125960930e9e059f44d302ee71e271325c5c411c82b90ca5eabe1fb2fa920a14297b69d"
-            + "12d25e9208f9a01c31a4b4abfce2469475671c169cdd4f5ab67eb3aec9fe8ad15dceb1e2"
-            + "91ea893a221245c4a9ac9dbc7f4b15d54af2b38b27bc0015fa32c61e5a9e1136dc9ff81b"
-            + "9bb0bed60f26d056337fdf548e9a8c033539551629d94f988a0c250b519ed92530056c24"
-            + "47d327f2d65be5b7b4cd11fc5ebba3ce0c143c7e83ab7fd51db5c6e2c09155e153013381"
-            + "e53bbf5691526832524a191157af1d6f6f2b8f15e86cab014c374609be46b5908bef3c59"
-            + "e829b2389daf473d472e937010dbf9909a3770b495d48c5a4f9e464f2e7ed39b964c594b"
-            + "63586de4e8fb3f10cea3a5d0411d09e9154b637cb0d3bafc219cc93cd960b11131492b38"
-            + "1606cd93faaf2b2a0a52fc0d5492610d527b515a696e1e5cf511fe8b25a0ba6559951f0e"
-            + "e7d3dbc25bdad5f4ac334e6a3b4bd66f9e924514a273dc30abff8a5a14c7ff4fac5693b8"
-            + "55152470538c6c6ff51597a7123681e787706d2deecb71ae525ac9a050efa9188bf58da6"
-            + "440c9ec2dc4d3fb993a8803803b0b36a3b0708ea265799b414be7dbc9d120ff6852bf5ee"
-            + "38cb740322b6d4b036653f2b922a1d86d054f2544110dbcbfd79d9fefeb13870c78fc7da"
-            + "83772b1758685e68e75175ff068b938beded3861caf5055e7f4655e6608804f02e4d1853"
-            + "f70310ea037788246549279da6f3e75ad07f995996dd9c8e36700a89f9240acf0939241b"
-            + "765e3d850aca760abdacd5e8a9714a2a713e1d9866448053e6b5f801c01b854d2c083743"
-            + "f20ed6fcd35514dfc28585ea61fd247889ef54a7c17a4183e924756e1c7d4a5b4ab2c681"
-            + "ff755c954629ece9dc13fbd46719ccacd119898a32f8a9f01d7ec397c7f633c52ecd6f50"
-            + "11f17ccc96298b92e57ddb086734035a6bcc31d8e831166a31ed6df350e48e4c69e5cad7"
-            + "cde3d9ee545fcea6dbdb640560429bcac05407f50f5cfa1800803c66a4d8b6a9a596489e"
-            + "43a3c28f3af7d032614677bec94dec582ed76b7861f3dd4131e8faccad2870da1cc49deb"
-            + "ef37db61f3e8e4174cc2ec2f53f5ccdeff83374efc70f7fd003a85c52b099df1cbc560ee"
-            + "94cf695db01ddd36cde96500c39bb2bb865c1c6da705b09c48fd024290ceea0b35037a1b"
-            + "9833b4c5ff13be2904c8c61873bb8d1abf3ee86bb23b634b773844070d9d8561c7c00266"
-            + "290dfac68a136cca2fd1f06e21274de5ba339a26d35a1056c42649d145dc8e5545a404d1"
-            + "553c2930baef962d53dc642566ffe59509dd858a30e2a9a9b3ba027c0dc48c2db7c54d0e"
-            + "7813765eb728419c4789081a64e3cba0cff0e070338f7d9d4eb855da450f48413108cc37"
-            + "19d70f0f498553d50858ccafc951196fdc086b9e1a734c8f58aced167dc71c999474694e"
-            + "92b3e374fbf692c41c9e463cd85953cf72fdded2275dfd61f3be638e837229d0b53c36b9"
-            + "5b90847d74abba6a88ab4f3eb6a25c291729323b0345506ea49a88ef4879410337f37c43"
-            + "67f2ec6bd05cb8d363bfebdf721eb6b87f32a6c4ad137f15d4663b5e716cc131c2535972"
-            + "4bdb0a6b5403e6839f9b62ff76730630af976b96e251c2b091f5393618b060f16d488463"
-            + "fe23d140b0c9c4b88de9e71ca1ba7699f36037338a9ba504dd9260e259f15af7305a7c3b"
-            + "79cb834295627c44d59c79480430d61f839ac6d3ebe50852eedbcf14fd62fd0df62eccb7"
-            + "edc7597f3292cdfab3e9027b3d3f39b24f46a81b17082c4e2f979e8567569bcc91bebcfb"
-            + "d72ecd28e404a6fbbe3a8cc1de56a0965a05ef2c0ea9dadcfa6850e8a6abe4487ca89a13"
-            + "c5d1b1363d2eb5cbb34076d2629e0c138c0790a207fe43d862e7186bf83ee0617e759770"
-            + "4084404a3dc5eb7875b966c5533f1c229ce7e00390c8391784f0f62609e022260fe7b49c"
-            + "93c7fe503ad6ee8deb0536bfec5918459f80dd8a2b4c214898ff06d370f43d99f8690cf9"
-            + "a387e4bdf294f3652e28c80f07798c75a7f7b5cea2129633c53a38e703c193bb80f7b901"
-            + "d189da0419487fe472689fb4dd6720dbc5d9d6da40aa8e718bbbe3a56995adaec5613ba9"
-            + "b3c92e66e6930643ce439010a5ba96f2a3997d0b83e43d24bfffadc343cce9df9450e933"
-            + "b46edacd4b55d96bca18c0c3dd07f5daded34cdc173f5a9ec947e913000cecf49380138f"
-            + "be029154dc8cb9935170c32cd58ee4a7a0aab4ba252bd1934a8247fbb2037f09f88f9dc3"
-            + "fb2fabbb39d4717d93b8a81576689697a2b4376308201402354ec1edefde7af6ed87ce65"
-            + "3e88ca92de0d0567657add49ca3587bc9649a2845c223b1603061363498536f0f316a3c1"
-            + "0ac4f0fe6f0319c809733d564478f6de141772a702595352fec747bc92b245ab0c774a7c"
-            + "9b36d01499db586e3d693369c0c8bb51d74075ec6fd81200405951fb808e41bffef60a4e"
-            + "dc7099cc4ecf1272a62011c4122b45a81c9591dd2fe3ed3ed976ec3c61409c88b6ac4621"
-            + "7944be5d0536cfd27336a688ec652c3870ef1ad5a6ac7c663898b74c34081101453aacf0"
-            + "5fcd990be99c3a8d7377caf3b154207967ebb4a9c7ca285c184679009cd440696488ec81"
-            + "1b617b9b4c48896ebba298d24d65d6e3b890a2a540ecbb300c433d5899ea9019bdf4f572"
-            + "b861d0c6b27a7916ad25a7b85b5eea8ffd7b560d5b30d8531485a4270d0e690b71c7ac6c"
-            + "388bd6ceee0d801924a93c46187182c365835655721e64ab139500f03a60e8194aa378c0"
-            + "7924254f36107d98c266e50019609273b9b3464f0d3bf12eec0a4f15cde5cddec00de241"
-            + "1e877eb78f579fdfad439202ed0dff21bb9c68abec115a009d5d4eb7c09199724a736e70"
-            + "b9861c25abe42de0d7fe28ae51380e5f273bf0592ba4e7541f7d50d3ff4b8facf5a20859"
-            + "0eabd4c53c4671fbcbf54b9f3e91bd86b031203752de9f1b09271ec703f03508785de019"
-            + "99fa581f26e1b2a862e77e620c781a3dbe5a9ee45bf5a9143d30b204270ea3c8b3b45c72"
-            + "6ecf3124b81f04c9e0f891fc5b2e8e946ce40749391944e7a0dcedca744d4dc886ae7333"
-            + "e7b02b1d3c312fedea2434abf64bf43ffb5afbf33eb68071f7525c885d31229a6a733345"
-            + "3f64610590e5ef453feef802e8edb7df5fe64bb909c26c7e415e208867d892e988293ffc"
-            + "8ddbe3e1f3dad628220ed192d12a1f4fbfbdfad4703dedbbb359042048dc4fb3e160adb0"
-            + "11eabee0608e18d2664ac60fd32e948c66358ad6a1346b83ac47cf3d53f4a649c56fe14a"
-            + "96ebfb7e6bf9c0b2496c779655359bad854ce693286a8c0ea0ac182db048da80aead6430"
-            + "c69fed482e3771227f2ce1070161470a7f762b6a9d4c6a22903fb45868110bf92f887fc1"
-            + "e74169b1e3baad6e3d723cbec45376251e37f9c9faf998cf6948ea93d9ed27736a928f9e"
-            + "b4b5cb91a0e3c5c2dce192299f4fc5e8876d860ecaf873287acb5dc8a13e267d7202b050"
-            + "168b1d819a5610bd46c06fbe8497edaccd534036f3cc4704f18b9b92a5431642f169cbf6"
-            + "6d586bbc6be6c2835dcef2ed7e35d51a00531b037a404b651fc65bc9fbada10870bb08c7"
-            + "274d0f8d89302a06e1b62006e71248823bb41e016a6d5cd14cdeb602cf8cb38692b9fce5"
-            + "60260fd5abfcb6acf5951c69caf5648dbfe85f27ae9665c737e91438f668f3ef0e9e9826"
-            + "67311ac5850486c91516929640dc33ad8f51fb80b41a6b373e9ebe639595d231b1fa6768"
-            + "3191868d856605940a290498546e9d2c6d15b5a0c00672200073b7c967b2df0ab8a62dc7"
-            + "13109a04d13b0b4b802ca8e1a3544775c2696c82acb35588fc69f2a8d9ccf11ce35cb0ae"
-            + "f43ba968f3b52e6e04f2de16b11a4f26acc55cc4d0bafe52ecb1d5bdb8db1723123cdd80"
-            + "e495dc95a803ff9ff68ba5cd610ec198eb9a785375b0f71019c861c75b1bd301e8ac9f34"
-            + "5532e88a14e217a938fc9a827912e01baec31a16c5c8a34ede046d5d665a24d11e243e19"
-            + "dc58ab1bf614cbe435852b8edb265eee838518337b881e1fb11d6e47aaec850613cc0b5f"
-            + "4042787f53f786cc5f504318dfe32bbb8e5a0886408bb9b52a593e60b0e561cea833da2b"
-            + "ed34485145dd2ddb54ebe84d6f18097ccbe70b451029e2678ff7672f2b31dd9ea0d03db6"
-            + "1e292b024319fe5e4f427cdea7482631d55338cb554129d55a7c3954c36cade3bae049a6"
-            + "b84654b116bbb9918655d1642973818f21f15f5853e9b1b59240f4a10604cb1ca90e8d0d"
-            + "5643bf1d60fcbc6a09bf4a695690c7ad9048b0c4c5548844755d02e5c8de3ecc1c88562b"
-            + "e1be873739bc820a560f185edc4ac229558128a98e1a69b2fe1fbc133cf082cd7f9e6cfc"
-            + "f54d5d0dd74c03cbda2db381efeb443f996db2ba84e81718575e7107ba7185ef456cfd20"
-            + "c240b3f12978252050c528bfcca6e615e5e523299ba71e6bf12dd86c6e2fa99d4237d70c"
-            + "06ac0599251256f4cf41862cae91f545965c467572c7019c7411ccc38072fc8c3480a369"
-            + "bababf175228987de46149dee8978d759d8d5e81eaa3a1de9ae2f9b16b0d2643f0c153bf"
-            + "dc80256b2668b4736782d96971197bdf0abceb8cfed9bcefcc7eba3b5d6ca6b830c47667"
-            + "4d27663324201a6201056d8410f90b0a56d22c2d99946aaae7df267e043b9a30149c780b"
-            + "7b7e1b663b3c98390c2a4694a4aa9eb32c633133acc9dba5da41cd4d1b857c72acbc93c5"
-            + "5dd4b76b3df6a8b734b19c290babd085f1961126ac8008671de1de3e1fc54963cc4bc7e4"
-            + "8b40af8af19e23e102e2b48320917e6d49577b1548fd6fb0a4489b2e21fde8c2226b3151"
-            + "4ade72eba062f07cc961b2bf3956e8c0167675b5471b7766535774b35fc0b08f172f0a46"
-            + "2632557ee67eca9949beb4dc9bc4b0432a3630c8496a8a9d88a00d666717e9e3f3238b53"
-            + "5bb222ef78cd7d1f2e5456854e51ae35bcb9aad00c91fc08a303e276d3938f6b7706401a"
-            + "3fd1d3803a1d1a3045e30b5a96683bdf8347f5993edb904018ceeae816eb66ea444cabda"
-            + "1d62513b9d7d5fa7a36424404a99c89be848cbf0a969add4754b7492facc83e3cbf86117"
-            + "fbacb60b37bc16e1bd36ba86bba14f3bf5b5fa9c4fbf101e42e2fd9d31f511002c8a7ab9"
-            + "d32c87c062160403f932aa67320aac3af6b86bea88b549ee3d01ed3a2370c99e4401345d"
-            + "ef5475a2a62990d510f7ecc23cdb4ea13b8c81dc1a1d21c9a344054e2841de42565ed06d"
-            + "f734855ac51dd789d9edd3b321cd4a416aff2116a8160fe92800f34c0dc2d9c3cfafd1bb"
-            + "ecd737e463b9ab70aa16e1b979aef9b95a9483382f28a113b1e658662286b3514211865f"
-            + "d73a4002c27c164b6843597c43061870a04cea20906c170f2a66009c0d26f7051714544d"
-            + "de24bf891f412197a7fbff960c774894965bef663d82fe0792b56624e03437888f083cc0"
-            + "a8fd4a7e8e5903730f943007780eb34293b067f0c1ef5de9eb8a15318bdec5365f5272f3"
-            + "0e7aadcca097df76e001c6df0b961bd7c31b6246cca18bf8319bf4b2e65154dbd7b5b572"
-            + "733620e4d551d761c5734d09aa92c9bf3fc2dbbe4b19e002b92b52f0edb5393b67dd0a23"
-            + "2473a7d7f35618a5c9462c97825c0b8b6517cc25b4616eff3b58078ed024c11f08a9459d"
-            + "afe160e32dc3ffa93a044ae8c255d8ac5f5486c28d5967c0f48109ff4372be29cfd9823f"
-            + "128c427b2bb4fe09204c3c6067c9ae32eec726a48a151f0f11b1231f6c035dbefc0e9df0"
-            + "e12cb2a12b70d4b10869861613fb01e1306c3e0c24a9c6fd062c697144e93c3771969658"
-            + "e23560d9a2aa1de260109161fa6d95ab5a6cc3be7f172ac47c290758153858ec8c60c728"
-            + "4f8531913ec36ef5b0a4ad1c4f736a65c01fc7d0ba05c85aabbb2365da664aeea2974c95"
-            + "030f2814e306d2a65ad48a3351976f7f0d6ae5a76adba8a52764ceee9f5d75d1e0be3d6d"
-            + "ae4b190ba7d17ae9cd7fe51131cea2ab0c95a5d1fac27cf2c757f05b5d60436bdf1f9651"
-            + "b0332df834e76107647024545e773f835d0dd41bd10fcc70ff578cce77213bd605eea6fe"
-            + "414035c6c11cf8c359e89a4126b8a5b37ff53805bd0fac7194b3f1c589c158e8c4d2e342"
-            + "abc4a767789ea263616690e2e6413fea8e980734dde9b0b237e7962d620fa7659d46fc87"
-            + "260466be275ac41bd1f22322df094a6509fa26ec1ac04f437a1f9d791d938d94556ea14a"
-            + "5e2cb17e72468a47e98a5ffb4ab6ab03c79c5399a5caa32f185ef02b2ae9b53f3eedeb83"
-            + "3f7b973d442c8d3056fb4ef033d38172f75383cf514bc9df40f6fe12164a2b98cf9fee80"
-            + "f188c64c50d9072efb14f2a517cfbdf0dfe4f2b53288cf035c755d2950b55f07f9499dcc"
-            + "77f7beb1da6758a483f0be38e8799f37169ddb2f9a5128927f469ef90171b85592686d6d"
-            + "ac9e484140af2e14f6c72bcd9f23772a1fb474b8dd8e55b4147d449854a2ae26a4f1daa6"
-            + "b32b5cafbb123b7a6a11fe4670723012f816a490c2b2ff9946015c74bb3cb9e10c53a314"
-            + "a1b61f144a569cc99f86effbabae912b99ab6338d7342534d45919060e4f09a27ca847e7"
-            + "8ec2d21f093536eb93a4040a800e099d1d083d3b006aa5dba975d895dc7760a599a9d220"
-            + "31248837e6ea6d8f6426c2156c516d90233b2164ba2301a965c9e8ae7cdc6890b07a6338"
-            + "f2049fb6af223400e628f7cfde8d21cad5d78ea0459e6fb93ab76475afce487dc8219efe"
-            + "9797da8e4f6f61d8f6f3aa8a88445c226571c41087c9cc719926a2215544e36233adabeb"
-            + "fb6e426ebfd9742d3156d77d32639861632f63c408ffc62abc085fbe563401d61b885390"
-            + "950deb8f9c8f31a69ecf83d16daa4e1f3b22705969aec7d3402f3b8e00ded36c2b83cd34"
-            + "999f01ff7b257eb947f68059d856f6943ffd45294947394e4019e81070f68cad769d59ea"
-            + "ae70592d127195275a25c24886f3a72d7c12d4e89a12d0645996d33a163a42a3b08bcdf4"
-            + "3bb1ae77859311630736efdfaf5000821d5e792af1bc76069c541358bdf2dbe04316d9b7"
-            + "071d4f01f8b5cf584e09ba1219353c09997087cc5da02eccc9ab838b2260079f4ec5810b"
-            + "ce0adc7cd66de8539f89c96753ea782bcb2bdd765f84547f085273799a0a9f35fd6e0076"
-            + "9878fad01be6bef1114be94b5ffc4fe087b9fe82c0558cd5f622dd18f4319f5ea54ef42f"
-            + "14c70be5acb5dabbd09aee864d902185116e5bb5be2717fcdb5e9b7ed79bbce616babd83"
-            + "78d8ac445c";
-        String expectedSig2 = "01e40f5b447267c994bdc775ce6d98b0e559cba26c4261d70927adf1bb11b3336858fe06"
-            + "4267d0514a6d971b69939256b8ce8b3d8ba0d796413f561c6825e720e613aa3ae2415241"
-            + "50c17b9f49ac4cdbf986bbdbd5fe9367eccc50c1c92b961cedbd701216db313b8d85b938"
-            + "35ab94d1ac85d9fa186e7a99d294f43e7c68d867ec746ab79f2b3a523eab1fd65cc4c1c0"
-            + "54823f2bf93a7e535697919cd9b8d1edd375057a0654a2c7cac9e8296dc440e760a6b9e2"
-            + "79abd066782e07edc8f73608aed1d9a96b3ac55268171f26e75fff39f50cd72a7f5e8610"
-            + "3b8dd311193e858be1a56492deb2588b1b5ef1a361b88c67af7797d2692d5fd38006580b"
-            + "e6874775b1316a52c00b8b1c582e9f37c8967474520d6c557d9969a020f78f424bfbfe76"
-            + "190e34d56f0fac45fe1e550ff9e234d9a8bbe44520a18f228bb5b0c8f51d041134dd9e4d"
-            + "c28bb25e0afefd311c68355753be9f3c12f85458eede1cf39442c8d51a4f9297a91864cd"
-            + "98ee8ce77584174e594072df3c776dfddaf36cb1c14161965b3406d4fada8ba2e47e25fd"
-            + "90edc05b8d42c0d3cb326524986f1b3266cbaac2f3340efed4a103d79c34b4bdeda0dfff"
-            + "1f24eb9d4d41cbd19022d1cb2079ebd11e376e7b03161cf1a3190e507839e2a862905271"
-            + "4c57ef4cdbb2bf7ec7077d3727c5dc4642f2bc03bd2cb0dbfbd4bdf0e241d3b083913e00"
-            + "a1b0f4f42a549a407a74219d5c5be4e9ed2efe64619aeac7df02422ff85bd1e84b827b6d"
-            + "efd7f47015b268b4e0f11f03fb3fef025c06e7befd627ef03ae70ca72b99e4d6ab5efdd0"
-            + "3edf3ffda079a8866843425c2929550dac4f59e1ec47a4a0b25b651f6613ba08e31aff45"
-            + "a365e5d77c8b7bd8b88bb10fc4ca0b2d236cf36ccfe9fc95fecfd627957b2ccc3709fa7f"
-            + "503a332ac669f7a4e6867f298826853975cf6fcf3d22b57247b9939d5c12f9888b3d24e2"
-            + "1c26e8c081e8885a094bb3082ccb9493aadffc3ff600c5717067a41b74b175036cce1728"
-            + "ad47c38bfac77fbdd483ced51316c5810efe97c2af137c79a534cc309dbb6f91d31b52f7"
-            + "e173c6eff81569ae075d396a2f4a37ea71d5a14d910b5dd82cae41121b62cb496b0e797e"
-            + "66d6fbf9674e86f3fec5fdb6775048272fea37a6f956353a21e38237e0fe7334f4e5cf85"
-            + "abb817adee590602ce599d8c2d338384301855f239c9438537800cb102ccd6352232fedd"
-            + "2bd5d72a036786f4f291b0486061d56d1da2ef2392a373b6170179f236cf7cddead70620"
-            + "940013aa7ccad75feb73f7a2cbc74528c0e8be8146f282db2e1966d032f77855c6902473"
-            + "64416f07fab1e9ddcc49e45a20c846f2b83ad7ec9a89883c57cc9205ac197a2380329981"
-            + "c2d772a4698d19fa9651d6ab63163a3547fb3fa796ede999e61f8792fa28f5561c206925"
-            + "fe9ab9a74f91409585770515ae68d46c0eabfa6e4bb937db3beccc371cc7aecf1e0106ad"
-            + "4d5821eae4097d8ab10923c80cd81982f2fc742b48418c9af8cdcacb29ba1591b949d075"
-            + "1ebad228ec7d793dec4eb2df56a69c452a879a13882a23fd1a849aa718d9eacb04d90800"
-            + "202de9c64fe35d77847889ea566bb8a0a0736354f405fdbf0438c89dbd3fe97259858ae4"
-            + "db96289ce5496183080aeb24a45377d8e04e223e1549e72d6e3a85ffb5a049f60c017b69"
-            + "d0b60b2b6913b384cb88d02cefe09aa17244c12cdc881adaa1e62c903fcda166048c66fa"
-            + "db7aaff22cd26211a78950e29ba6f2fb66fec26bf9986e843771f873e84b5048d73ccd04"
-            + "abdd40e4a5dfa3ac9d0dae0ed58c9bd79243d44d5fdbb8fb682ee716075e04dddb07f415"
-            + "2f841cd50bd42f9c11466f57be633886c9d1c825f5cea5f7ae6d43af348dfb8a1b2d0cdd"
-            + "2186bc6edd46ec73bb15e684d54bc6ec7e1af48d5d52b9520d8cdbc8e57f9f00df895143"
-            + "70dfbb5692eec74525c7da5b5a056b47cde5eb100d50affb1c89a36aef92cbb6411ab3e0"
-            + "2846a7c7c58acfdbad52d5252a0cfb8516aaf51d2c1881c1a250fffd2091d014bc924365"
-            + "1cbb89c3d07078c355c098a60d72e00acb82b7b6594f259082d2ee3ed46d103a9d0e5cc2"
-            + "d0a557b975238190c6d44d6f4e88c0410bcf641082836fb6f766977ae623cd908ebb8f72"
-            + "dc6a42b21e12ebf4e1315e3422848f32600fee5698fbf1d6546cdef918d70b5144ae032e"
-            + "12f9c30ef0b9de7bbfcbb6e0d0f04b63443678936a2124e08f90af9bbab707ba5e3fe7fd"
-            + "60afbfc4a5be3855b2e62312d99f7f1f22512c4217ad36e82a3cb66d536b44d593f6dcdc"
-            + "df0010b40da4d6d865e2def1bf2b6b6916d7cd4865b4ef45ee9b3c799f4cd3f558bad618"
-            + "4d1761bfe0539f9dc88267f1e7dec04ebd423d8b68eadd5a65d29ad681e36973443c8df5"
-            + "f93d472d8b05524486b42758e523a04a9a2e534ad4293a5f558f2388609854a3df975881"
-            + "380f9bac5c22a70be11ff53a14cd69a1fb740b2c2dcfdcd2361f73bff5fdf7139ce51bdc"
-            + "7ee5e1f10d8bdb743c80e4d08cf74b07b034f70cb76cdd9215c43dfd10e4c825d94d8e94"
-            + "4745760441b223c915ffdda08c22c585c7209d414322a595dd04aa3aaaaed42260d0c6e8"
-            + "07cf4dd84621b8f27581834fe8a4423a51ba66b00c08389271416a82877f43201fe3aba5"
-            + "6319373cc64cb8aee9cddc393df49037d78c5de8026ff149fce50aa50d9207c842ed8532"
-            + "2ac391786af1a011722db75a9a3eee022ce8a39d59d587bfa2f7afa707dfc9a36f60e0b0"
-            + "df2775d32548e33a91929ded1f4b5b61b66fb193be72dd575ba68ddcbc62e271aa507dcb"
-            + "03f08cfdc4c34c62d6b858920d2f13b32c27b4a4675dda223d255cfb4d45cb24906e2c3b"
-            + "d8811adc3136c6483b689a0662b184e5fd1fa4b25f6bf100d6609ab1b5bcde4e2767e4ee"
-            + "36bb8a11bd3c771337941deef7676ec15ff3314a29b4ad0a679ed4bf90264401a71fdfde"
-            + "ada3666604fb05958fd46be35c63f1729efbd18ee60a3173efe26ccfc47f77d3082b9bf4"
-            + "7ea7495875f3c00bd920abb6745de0aa4b2a773cb2045deaabd16411efa5e9420993cf9a"
-            + "af90259c1c6971055b56a452ad07b3d50f7adae206b3663178b91193c18ec07c651a4e28"
-            + "7a805d73f26f16298f01a6d999cf309f44705d4a60d0bac9cb6de4b7c710d94260313ce9"
-            + "5fccd213a6c05f920e8324a17e9ea8389e828cd7cbc35b5a8b5875bd8ff61146e3786070"
-            + "0ba2be69e3dd75219d7b395579052d9f3812c99a2b3323486808dd33568a43f8f6e75c2c"
-            + "b50c6200df42a775caa87d419de00273e6971001f384c2e6a789ebeabdfd524dfb33330a"
-            + "4995cc1c37ff80532a69c7ba2e18a0a2ab116f3ae0cb874fa23de6c87fae3d7f0a194cc4"
-            + "59874ee7ef96fcedee8cb3f261d01b3059709f99fe6a248fd6dbcb882504600d4711de90"
-            + "f807ea6c88dbcaca6b91703148b2d1fc58e6c574affd9177f44542cb339169cbc0480a77"
-            + "6ae20c79cd04f62b848d7505f5caed8c85baafa9a8b46a2773490e652e48e4c58357cc00"
-            + "8ebb9ced1a8f6288d23faf884cdb03507bc403b88ff0dc2305789bf05e12039536a502dd"
-            + "fe7b0733008e7301763468030da26bd446e87072624bbaee9e859dedffa01efa0e3a9a2e"
-            + "e09198d004847c61efd522e8f6210778500a01905c64585ae70f1d7694fd284fd91b98d0"
-            + "ff9fec913c77e166113a59f7e8140699e6593242565683e9a75c77ad30aaa6aeb3e84dd2"
-            + "9200d17063a63baa798c8dc4f1f1cfb1d35ea9f68023346f25b502dfa48317fb3970e58b"
-            + "9eba6e64c5070bc93fb6679a42132312e650616c05f120f365529eda556a2092736ad9ad"
-            + "bbe6674d3dbaf0a4b1801202a8a9fe715b002643e0db247140cadd24e8a330b32c80e914"
-            + "c7ff0e9496907fd66e76905547c7c3aab6d11bd53066c932ff5a8fbe72370748b9745fb6"
-            + "a27b477287522ff13af06fb59b309a14d266cdfaa379198761a1388b79288107b91b34d3"
-            + "5d301addb4ffd345f2816284dc03289d6721fb867f78488035357cfa9d4dc7fda336f943"
-            + "b613565e3db190d9c1110e695c74e8966f634206277d8c380fc44182e6689208821f972c"
-            + "1e4f355f4599e6a9b151881ca3e64e752726e5118738894884344db8b83835d6ecb5af9e"
-            + "d3215001801ced0a549ca4093eeb858198e1cd0956420cce95ee41a1158aea1dfa99b7f9"
-            + "144b6dc27fe9a5086a4599a1e90b7e5a39caf467106b4dda79cc990643e0754217cd8482"
-            + "2265ae6f45011f0a1662bf8b4977948ade6db8ff47a0843d224121b6933bbd77a6a4c241"
-            + "3e58fd5e9d325a1d24b039d7374588bb1651478caffc77ef54d52c6bc1d3cb8c0e198308"
-            + "8f9d00fd4d20fc335a37dcfd93a10f2e417015d51a2851ac79dea91e23f43d88ce2a3dd1"
-            + "44481f17f073ac06bdba3edf7f8b5539bac47432736ecb4823885d9b49740586d0f98451"
-            + "3a2797fb0b24d160ec7f31022f501af3466ed0be36a73f8e05b23a9f319f7f61e3a8011f"
-            + "8318d9dc037210d67a85b584ab48ce078ed01416721bfbe082ea5edcb5299e695961d3bc"
-            + "37801715fb1e5e7d89fcdae270f8f680ce1a4db609d93c3585e7121dc93b136959524b80"
-            + "79d9e325b3427160d6f7217dd412ef31a0cbf9426007779ce2714045ea61eee710fb156b"
-            + "d482d71accf8789b17dd333bd7965b72dfba9cc794c1ced4cb0bcd551ba70f980797defd"
-            + "43b06f12350d047a45c7003c61bce4760357ae904e34811a714fc80c31407edeca492787"
-            + "fac40e8062ca6d392a413902eeeec47660379ae96d273aa5bbfefbf5d6d2f32ca1ee7a78"
-            + "c13e37a8cbde35bd5cb2652c2b13a0c1081d4807ef801246f2e76d8db95fed0ddf56a219"
-            + "e0e2a9567b7b8a25f42bd328a6bf4b82c289338b5eac473cdbaf250be2e3d8b17d55022e"
-            + "79b16a13b13b031ffdd15a22668a11ee6266d2dd38335ad6456b9acb03e27bcf62c20a44"
-            + "239daa46ad539697ecb05af10eee730873c95abb33e7f89984b26a6acc76bd49b23176e6"
-            + "54afc1eb2c48f9e079fa9d88c465bc4b13a7a6e9d44ed123d74f67a00834427d58627ac3"
-            + "48b8d213217ddd932ff9865323028a0889edabfa5c21d48f337bc83c0ab2ab84eeec89e0"
-            + "60b54ead106d42db1c9dc77d756494e078bad641e2522f2030c00ebe184f633baf34c0cb"
-            + "9a2ad6775b7a4a6b966b14a24ff6155f8aa6a598e814368f0523631b5a2b3ec845f86f87"
-            + "69a33ee69336ba833880d1c80c9844379d4f40183a7f37662f6d1bb02b90c65d83949fec"
-            + "61944fdcd7d450d7ccf870e1c69185e5a7e2dfe56d6d44c3811801002cc5289a82a5df34"
-            + "5ed2774acd24de65c096bb45866e104c7388ac6661ea667548146c890bc6c44bb1824b2d"
-            + "9dbfd885c969bc8ccebab308da78fa2b2538a9d7a10a3ce2a2d6662c6b2eb60dba7fd8bb"
-            + "0ae8623c7eb0f09eb9f24f5f5db49285fbe583507080710a0fd22120d11d3b5d53de4b6c"
-            + "695fdfc095cdea56128f9728cc71d13f0332e6f597d8a87c7d52140eb847dc76c1d6aa93"
-            + "4f83682567b1cc0c848a883c44c1af09bc97980e83dce964293353126beb1b7a7a8ab505"
-            + "62da1db75ffb9e1cde3b2c458cfac0d13e4b2ceb247ab60c189ce54ac0046ca20d15756a"
-            + "1397b3a206dbdb0fb5a3f7309e0f7025e1113ecdcb4d2d18074e8230f990edfbdd4eedb2"
-            + "4bd2e82a17f228a7896ca854121f43c3d039ba38ae6198ce8f57ff91196c6427905181ac"
-            + "22e885ada2a91818ebba779af1d4ee4a4edfa0399c5d6c418bd702f1ef0588d5bb3653b3"
-            + "d7eb8786cc90b8d6ef6ab9b7a4898dc6681d4f000708a558ef157149e3826eeb136c9cff"
-            + "8ebdb849f02dd560942c1db73b2de5ea3515b064ef57cc877df7a7874aff2723b1764d41"
-            + "a68f9e6d234066da64fed9ad0bf64c8680befbce0594e1f63e4da7cd33afa09c69b47e2d"
-            + "ebc17a88d3c45196f2fbaded16af67d93c173523093964675f41a4f8b26c02c856176222"
-            + "2cf3b329198df795c4692c6e571a672aa5b48ccb74510871c17a506116398328aca6d229"
-            + "24025e1803a5410e726bbaf11f999642a5f72624e9e379d30f743ff707d03828e43030df"
-            + "3392e83120e8d0a1d03053831283c72736c0864a21b53c6976fe4bba9c0152370d6e5a7c"
-            + "04a780240f3b17956a9320d878d1d852ebacf4e9e32c8e5a078446a3abf918f7b43d28aa"
-            + "777b90169a6bb1c9d0aa1066f66698ce9487c8ab85f993ab0fbe43e44061d5a6be6c018a"
-            + "da8c9a2b5593fb4c7e81cb57ac489ab4740ef499388651af6cf791fd70980c80a8cfca4d"
-            + "efa0651b39975a73ee4ada7ec9c54ae479eeab35a86b91ce28942334833c8f3b7a97b7eb"
-            + "3a206ea0e781f801b39e28bc970bee35584c67f3fe85d66ea34b5442a3d3badca19e52fd"
-            + "c7f8f86f5755b43b1807360432bf0c6722df99a2c9a2f1f9c05f9d1d9a358e5598172619"
-            + "404c532e490da33d2178404797eb64e0132b031ba00c0e34b36eacf35cc579a2c4e335a6"
-            + "21a1511187c81bd424e6829a92763fab1dc10b88626137a5f147fe822a20d78a06c8ea79"
-            + "d352c8083ae8174723f8838e1fd14ff0c7cfcaaa5edca09c7825a0a3c94cf0e2fb112186"
-            + "1c4f66b2bc7e9e5bb9c0450f947510e920a95e6a241b9feee4015947aae1693a2a097ed1"
-            + "a291646e1a85c03c94c932eceb06085a2930c71b9063637650bf7e09ad7fbb5f5e7e429a"
-            + "273fd4f1a7c3d288a8d53330f2d3f0f7c9100f36cfbadd24ead6354177ddd29a5c41d5f9"
-            + "5a68885850b5fe8c00004ddaa68ba6b6b212e14d97daab317e8d8722de72ec762de36bf7"
-            + "c2f1501f623b2f89620ef1db90050582a9882cdbd30971c2b0dd858a9296dd32607eb183"
-            + "3eb9651135133cc5aecc087ed28b49cebb25068be6d962df9afcbfc570d0cf8e0b30c2cc"
-            + "cd65c3e1e451c4cab9b23851ef91d364a3743115033d81ff84a2fa63b02fe8716df87aec"
-            + "a899889f5b8e6db5000055cdf12cae1614dbb23488af69265ea4b9457f39c588dc1a57b1"
-            + "6c5bc5eaab01646023dcad347e31ce1c3e19b5dab935daf129c8fa10ca341c246c1df7a1"
-            + "cefc357b34b45365104d207b648eef34a4eda691f9f2515d306e63f01612c6971d0b60d0"
-            + "50550d185c1c56d96bd5e653b895e001187ff47a43841773786f3a2ff840865181ac9231"
-            + "4b6f4ac538e9c0436bbfcdd674dcc6fd0512eedaf51c272b1c843da8612b5fbc7049960d"
-            + "63ff64cebf203591a538c8c85a351338f7d66730b7c2e37b7a630c81047ff827c1945a07"
-            + "d6bad7b2fbdf2d483378e1582d26084633d730c1bd1863719cf248382ea44bd4e821961e"
-            + "2e072f33ba12649d41ecf5044f24d25db2caa1bf7df0de20ee38de3287afc8136df44d0a"
-            + "10ff06d22243a88857201e111d6aacf8536273a77535e161be2d398e53a73eba229ac791"
-            + "3ddcfa280ef946c92987eed9c100d96139c190ec0b6c0d2688d050673e78ac3b91f40aaf"
-            + "c4a92df24861707e02a7e3c890395039c361967cfaddc7c6dfcee4abe8c0d8ee642943bd"
-            + "da0bda6fc71a632eb35656f1f889e42745860f72cb3a5cbf2bca16d1bf5474da3dac6b26"
-            + "dc79a8ea042640a3e5b54b4ff7ff161c4f2e679d237f0f097b876ebba828586b0b788899"
-            + "7578f8c396b86b7b208ba86eee119cc4933f7a8dd62ad337390fb92e69c8fdb8676580b5"
-            + "9464946536789416aa65b074a793bd44cf6896f5cdf4429a702662a4e7b8594454909b17"
-            + "cb1adc60c33f68e04ffdf71f36add212f2209e50a4af87e90211e0080d5332ae8b02894a"
-            + "9f708fc7bd85d76eb02e1a09e7bbc584fd28704fb5068c99416415ff47c0b97da37e267f"
-            + "dd597a831f81a5e1afdd70848967b9cee40668af36525098d7f62fa1a08afa180cc5ff4d"
-            + "cfcab005a407dba9f7ea9f3c11674f0f84a597db00de9cec80d96fa5798ad709b22938c0"
-            + "afe67ff07326c900a96c0958e06cf92dc9783d85deee989f7bd4fadb395c9dfe9c8310ed"
-            + "dcb494a6824226ca0650166349146ae3af96c81803dc54dd4b9f7c255ae6a92a7ce0d095"
-            + "204cd309e8ef5e00c41df0dc1244ec5fa07b7e31f628af0fa40fef97556ba1c6b67e736e"
-            + "52a06eb8857094f9b005e218a85f9184ed41108927d09a8facb0aa6d520a232ba53140d3"
-            + "b649d872463c9c8e5fb771d154381a47116612593f06751cc43329475dfd33a2dec1e639"
-            + "39be98b5f00a9c0d3699479cf6368f634a2e5a7d1ed516c79ccb4dd1f4a738bb44e8bde1"
-            + "8a1c4401fdfe5c7f04d7aa6ddece79de6f8fe8c021542f2f4f0f4bcad0699f49902ffef2"
-            + "5dbb16889258fb32e8b77503d99e3c7a625ffd9a4f969c2d0961f85295704ea85a7de450"
-            + "f97e3a4e43f3ac86f16be8a35b3a49ab12e26480dfc6c8938a9ceddb0aa8226cdfa1cf02"
-            + "602495279e8bc85f37eea24fa1e5a5cfc145b1b893af67349cd8d5971dd902d0d2b8a2d6"
-            + "3b59b62cc747e8861d6cf288188cd000be9a4caaeb1dcb3e8aaefb6c722953235d66f881"
-            + "fb9ab34e30343bd8fdb125f084b53abf40bbc0dac12a781d3cba457ea0c7b0fb7fea40f4"
-            + "3072cfd2873903cddf1ef824ed2abc77a1ee7322a8d9968fadc3764ef441db4e91f87427"
-            + "c38c5b5cfb2b0bd95a2bc382f6ae19dcb2522c7a3b637ba584c6004151e688199bfabf64"
-            + "570be2f66bfdfc48d574b15fc38b536d21050bcdc466cea678d85fa965c29fb20e3e3877"
-            + "713a0c8352b7f51fcbb43ba9b93a43e33b006094a30b309010cc501b66b85ed3ab3bb251"
-            + "f793bf65cad1dd1d1b3de8eb397a1cc06b546f318d8ac0c9304049c2ea5cd14cd74a42c2"
-            + "5110fee893392f3e69e9f83b4c05776c396983a3466ca23ce2b337063e93f5ebc2a6cf39"
-            + "3653b531bd20a0ed0b104d358c04cd553804dedfd1887f66999202a1b530732667dfb61a"
-            + "1a984b40a09a7af20062daafdb1b583b602e96d42f77c74c77e12350fd328f6f34a86893"
-            + "bdec687c03455747a62953027dae4e927ad64f8e4da6b9a1991307ee8f02366585ede811"
-            + "a0a87b0945620c0165b1da30cc781726173835720ed74af663decd7d971e127d7e922aa8"
-            + "44df09e7f0b6cfd7b10980ffd8395072d21a937b5cdf03d0c0b4d9b4f2c618587afec976"
-            + "35987709762fdfeaa5ac2b7dd8de83b12fd40866a0bab512a2fe4345f540a3ab92517fc7"
-            + "8db310d2af63ce38467d34ec541958977857b6c5ee228baa095e65cc25d651d244012887"
-            + "99cd38cf2a0441aaa8c26fc45b0a10e3dbf14da8156fa02a054c60181314eb4ab9addb37"
-            + "5940a1802e9bdd878427af72744d949796f61dd15f93c5c3d2fe791bb696d45ff5193a92"
-            + "9a2a2f8ca18d661cfd7cd8768539e38c24317545d2a0cc642874ff3a46e5039e5d7ac411"
-            + "4614b5f77fffb37e28367ef081d39041d27fb29002d48426b685211e61ddf348010c8595"
-            + "db8a0488d08e58435f43c7c29f5e8ef62d402e8c8337bf5f44ed6f227968679081d70bec"
-            + "6239c7c9d3a780c6110bf0d99033caf4ecb2bc563a1bc7aa3e6708f5ab16d96fb1dcaee9"
-            + "cbb79cf361392d99fe300b973d94f3eb56beec73fe060db2b77b7f1315c62ebb3a22cd26"
-            + "4f56b78b186f06a398f1194a2f7596a48adb387d050b1e012cada908ba81f3a73b77cef2"
-            + "809b957b08487a599f20c2de4a9d3c4692d57392ee59bbf5dd7e1998e3fee488c437355a"
-            + "9c91d32c9582a841453dc3c22b02c3400af2264f0242116af905e212a6abcc37052d5e68"
-            + "4b6c1344279dde536caac3b4830a97a31be1abc900d304911db62b188444b6afa5e6cfc7"
-            + "38ba4384a0c01add2131841e8eed06f7071703fb097de0cfcd88d35a9ed3a1a9e43cb479"
-            + "5815535c31187cb5b00e696b1496e433e68a1720d069ac42904669f572dd9adc334e112a"
-            + "58c5f61cdec7e5ceb985adc70acedab53b39b819a434d4960f29393fa27dcc2d4307d5b9"
-            + "744b7a29668bef7e0b2bd25302a935bad30318a47675f276af5e0c4e353def3fd38f8cd5"
-            + "cc8f7c6de3c9d117e9f77e0d34df0362cbde715a2e4f0bc39332b33668a3ac20b956f808"
-            + "481632f725059c1245482d14ce0aa87fb3eed61821383d23ca2c3f8c08e26e984c7db4e9"
-            + "5f03763bdc7fa012a8f8d83153a9dd191660f003be85ba59a1d3bda02919feb8b3dd1b60"
-            + "07bfb5b58873bbc2ba9e06903445211a0f3deffb474bef06f96898935dd54112185f966e"
-            + "b09b88fc2a4c1b4921068d5a29114c33314c028d95039e6431be1f7541765f0aa4b85426"
-            + "39147e5cea89a1ee77d05dc9de90d306bed011d98826b54aaf7363e2a219db086ade6719"
-            + "fdf1ef4d93203d2354c3c8d3ce9eb8e66d59f2c295e5711025f76896c23e3e7cfb6e1d62"
-            + "3ffc418fcd2a1dbab57fe0389da900d65bd054eb5514578b61aa4b89c291e3db90136758"
-            + "d66d3c1e244ed69ca676b288cf8aea0a17f487360a91a4e01c217860bc6bdb26b6dcd61c"
-            + "72ce271deaa0c9997cf1f4f75dd7865ddbd648dd6fb18cf6f462bddb46257f87c58191de"
-            + "0a6dc7ff59c89b353e7c78982efd64fd5df24c2e2cc63db48368702ca55df3ab8787a76f"
-            + "373fe33e72df268beb3ed61b91392258a64efe324286ffe80de31a1f5916a7b80bf2f24e"
-            + "4374a721a30eb9d5b95edd5501e2b80ac3ac2ee384aa01f0b80d38a462032e901586682f"
-            + "3eb6f26b5c52adf355fa44cacc80e96114c133b381c2b79226f2f5c6f120926afc4ba016"
-            + "1c9b643932c2aae72a54dc680034851051e7b78681be9f2f23da8f8612ab85f07ad4788f"
-            + "fe4bff5c18a1a17064de1de14be917f6cedc21027d4c3614aa5afa1c1cc64053458ebca5"
-            + "6db5b677f613ff148d3610ac6943fb1c210280d83e05dbfae0a1c523f16c08452a7603a3"
-            + "00038359a1c5ebc7ebf7487c9980d205f30c964d4eeea3f266ee493cc6dca41544f29bab"
-            + "45fcb5de8a7dcddd9330cbcda955670a8f92a938adee32ef40a20cff0117f840b60241b8"
-            + "4556e0295e854780a86240df42ea75c9a33331f920610b0e18c5a152a59ede4b40ca40fb"
-            + "569165ecdb93fde3d44c0e1927b929d60ad80c4e295bbc6a1a67596d14dfd80fa2bd38cf"
-            + "8ec639fffabdd725ee1d34aeb54856ab844a37efee8c4df9b6a4474e1fbe6f0f5ea8fc72"
-            + "5a2a78b3ae6386f1ee8daf49087bd573bcffb617809bab28220c2d5a3e9ddd316f7b4bba"
-            + "8de4022a30c0b27d9232df1f25ea199ea7d26c1f935e54d9c49cda958b761eb43bd452ad"
-            + "b0e7a30e3ebe87aa05ab1cfaa1485dcd7634775c66df3a17bd04aba333d6dc73bc9d52a0"
-            + "eeb78dccf81951adb6187578010f9db56571afac84acdf6936f101409f6f3e8c038dbcd0"
-            + "54422f28c1aafd0929bd30f5151b27d03e11c9259d225f72e066da74bed6caa6fb758483"
-            + "49610a48f4dc2827942596d54f1743765729a9453789ca01b2f19194e4bc74fd239138be"
-            + "66956eda707f9eb7215e4b377c0486df98b23d8af13578ca2565fb56461abc1a492615dd"
-            + "f5d38c1200d3c644543f08079482e014ec02028b7836c2c6ded978cf5dff4180d0c62a8c"
-            + "de12e4a7cec10a1da309ac9f787314bc2b5e83ed3a46031a258caf653f46a78ac6d7f35e"
-            + "079fbb3f28d356a6568d9776487a4dc4dba86fcb6d03674c596cc7da17bbaac12514d557"
-            + "5b406d9dfde9e598bce564a503a38f96a7d70cf60938bea798d363a69edc64a9b1ac9fbe"
-            + "a1863be31ece7a857d47819f89c6b03c14d062d78bd7542c712bd231e5b771e72d1dfcff"
-            + "aed9c4bcc53e1a33bb60f9e40c6a57c5c5674214782d1823ea0470f9a399d7dde6a14d66"
-            + "e44010e3538ef8ec7bb31b06ffd4226b278b710518f1fedab126e5521f30f6a2d0b62e89"
-            + "dadee66deec949f85bc76a518decc5d2feacd924dc18e06f8915194e82c9136073c8aade"
-            + "c284032cc250555b825d79018c0fe4e85a155109403bc7d081fe49b9cae484833690936a"
-            + "f43f966804b434fbcf17e7d2527d2f061db98e0541e23bebf3024023694ef4fa925cf8ac"
-            + "44026d0e3ba5663c9792e80ed6038cfbe5549092f63c6a60b8a88181a9745ab291b8a25f"
-            + "0aa2cb7ee40efb4e5eb802df9b4e24509c75be717a10b45fa4404c6fe7b31d23aaebbbda"
-            + "44dcc2cc3928b620aabcc4f771dc7947b59daf5e49fb5b13bee641f639ce0ebbb3286363"
-            + "aa12a41540c225b3f081fda83f1eb5bb065a53b2a8f6c105bafe280bef4d84f73f60da4d"
-            + "1291e925731a4bfd508698c2619a8dffce9aeb17141ac8262053897bda1e034826ca7267"
-            + "877e2b16d810e9ec95c7f29e3cf9e80ca9b75c3c4b4660b3add09933a6e1589cb1b85b55"
-            + "0406d08acd49a2b2d280801ee3f7a6cc4ba6a2eedc58802e84145c0a530cae752708fbc3"
-            + "7542f0e5021325d4f8766cfd46432fc3a4aaa97e802b36ff090cf1a8a27a4baf64843787"
-            + "d633c52ab63fdb9744e354c0b91d815aaa3e33431d7a7a68a5cf45f6b4359dd96603d31d"
-            + "42f84976daad0f13ed2e0006ac7cba863d082709422694a783ae311101baa0055015207b"
-            + "b7e8ef5aff677af5a1bcaf62a7a485c389cd0c70655868e73013e9776dc0bb57c9dcf812"
-            + "5c0e2d8ff6939f24741f9e8a39a9dfc3cc44da1fa6b997c84b7bf1ca4fb3712760ae4800"
-            + "b3c2fca8ed4b6586c45ee17c8af8ce4cff5ff1e9faf3075128c0f70f7633c3d35c238dbd"
-            + "3e1f83be14a1cc48ee50756ac69fdf87ee0466b0a33b4e385fab0722fefeac403f1694f5"
-            + "ab8b9462da5fb196ac8b0d82414f34c1a8a2cb1e15e5ab7f07dc2cd163fc1444d35ce462"
-            + "eeb62b480a29088da252b8535ec521d41998d616b1ba6e83e347ce0837c805fd81821012"
-            + "c3685d52e4cb0fe3fe9de48fac7d45a76be4d03af4409ae66ee49d31e3d9974f06dc5673"
-            + "8c3cad522ba3b9bb1ec8701fc99c9fe7fdc327e2f6f7b140711ae3601bf1386f83fa7520"
-            + "af94c94c92b2d920c9da0f0389acd4a668e4955fa8cfbbad588c2595378e45e80c5705a8"
-            + "b7e77a605f99ed13b022ed7acadb66a49f64ee4524c8e8be49573c857d5d3266be5223a0"
-            + "dcfb116ef0cac02d03e98c3f4400cbcbb199266cdd358714d30261816a755f176f41d9bd"
-            + "c2b306c4aab7ade8dd3f95939480e4962784531ed583640014829e93f063ccfd345a7d22"
-            + "79c34e461dd0db2fe57929442565ce221b1e1bfaa2276b991b0863333b146f411ddcfd4d"
-            + "870b333845762df5d2b7b8c2b8d41706cedd70dd5a8252b8041046b063785af91e251bb2"
-            + "74e26c27eac5d0946997b425e3bc43f67a88342ac42f3572f887f705ba470b8c87889667"
-            + "50673a1b21d14a3b740cfb2375b8330b6095dc8b527fa65fa0d7c672f1b37a0fe6728991"
-            + "dbcf2350d0612ca3960ea0dacd334b9cb8585665e2aa463829debe1b17137d6e3e9d05d9"
-            + "8aed08974f51cef6cfdb3c4844f5de518cd3b99154f2dbd5be2be4b509e39b59b5cc5aa9"
-            + "34e51df7e9de203b58859ab715abcde6cb29c48b14717f171d3fbe0d2ea6efa9ced3e63f"
-            + "985703fecda75af4244faf58a9af20a927f3c1d51b75255a679cf85dd3595be24b0ff0d5"
-            + "90999a0dede6b14253ea218fa037a688db053372eacece54566aa866f4d62aa97db3369b"
-            + "b2fd7922f384bc9ede485118d70c4d759aa0e6f90ec42201d53ba35bb8da09cad48ba384"
-            + "48bfd10a8454d4bcb275310a1401f1cc0f228242681583d124018b7cc1bc96d4fe32938c"
-            + "414fce8f007fc359064271a8c6aeee66352f2bc28bf3b1fcd74a18276b338b30de3eb853"
-            + "e9599b5178794c10ef864c55f769a7407dd6f782526b2c930f4933d4f225dea3fe947b8b"
-            + "bd1a017dcd28803ff223f3b1008a407cb1f50dfacb264a69a9bc5b3429e0dd5071669f1e"
-            + "bda62428baa18ba9d943e262b74c0b1906afd1b7cac1e8faae2957f0b549870ab284f841"
-            + "1421e97d83f18c2f63e36f8e153fbd657ddecd258ae17692c9dff1710f5f3204bcce2d61"
-            + "246a793157401820abf0c00eb031020a00a639fff7f5715235871204ba234ec53b71d681"
-            + "595abe6ca3c89b9a3b1f8dd808fb427753336d2029437a528b6d4f7011bcefdba9f0b82d"
-            + "69fd792d57fb094edc563310f8819d65981d9ac7dad665b9fdeb73a85c38ea1b6e16e313"
-            + "72d4fe9cd5ef2e17351e2669957d6538288f8825519a7b88601a90d580c006f3995a208e"
-            + "cf6426cd11a1acebeb8878d1883ec284b710eb50ada27ee74238836e75a4fe211356368e"
-            + "4956032362c1b9d4e204d31277066a21e85c30f010ea63668cdaf5ce59759473e167398a"
-            + "34f1cdc7dcfa3b8356d96bb414684a11f24ba9c48f59a1ec578e67a37f80d4ac9414e84a"
-            + "63ea1c8a982e12a7314e24ff97dfa291ab53c24e4f754be45358c2f57c24fde8bf77b786"
-            + "d28ffdf9214018dd255c17be56607440071e3f11b31757af93f9020410dc95308d62e40b"
-            + "ca702c58127b727abdf27271f8a249e85785e50de507421d3c5e37801a250f4cef6568a8"
-            + "3b7dfcf3302d6aa5b4bd14c2a9aa103bf016aa9bf5633a72a4205417fa92202e89a62ce3"
-            + "392005c7c54efcfee818b72ed5b75d2f498842d6a677824b40e9690f495833762b6096e3"
-            + "87113ca6614f94381b0a8f8261c046ec3d904a01fa32b4246a3857128bd8ef35c41498c1"
-            + "38f476efd47d5c93a618d0f801cadb3e1fdf8e5d468e26552b20605a15d9a69e13df789b"
-            + "7423689e1cc4c2db339be4d25c7524abc1044eaf7a45f030edcce4b0fd79059668d964e0"
-            + "6ea23d9bfa8c6aec6f6843e3d6a312b2bd0510111e3d44a7af93705cfba39448ebe7f335"
-            + "1bac301341777fe89823703e3d942c929d2ff567a3e68b7f92032244347444b6ce9ff6df"
-            + "a0b15443b1190f5e182895ac4cc59982a5568aa5af8193dd9f8dc47af44171555a70591c"
-            + "cc43290c52d8634d2e812f733ee6ba9cddc5d81f7aa0cad99a647f5bbe074c6e8bcbd6d4"
-            + "14a594edb11eb9dd46938e38aaba6c679b49d2c0a5abee144f9b56726c86e45b0b3d3dcd"
-            + "8932cb58164d2af6015fea5de32826803eb6dc99a3cf3f7139474f45bbf51238738c5a93"
-            + "018ccb14d3b4a318803813eec0c8027bba8d101e504f5edd3235664e48483236f37e6174"
-            + "6892842d5aeefd92c243fb7c405a3e936b60878b77e342b21de08126d7b4e02144e4644a"
-            + "9321394dbfb85b855afb015dd98eed3446ae00e621390f10758b08055294ec4c3b71cb9c"
-            + "1403351a4cb40d61a35f50b7919a2c21ecc8bd484dd9072ae95883149a1f82ca7365081b"
-            + "359e138d25fdae799648e4b02a1b95a81e7e058681985ee96aba5e069a1b918f333fa2c5"
-            + "5f7b1f1d1bf8bd9d7d12060211c2635cc8b69acabc7ac02689cfec63b2d25414ac388595"
-            + "e701f4e1da96e13c4ca37981005870b34c9b4bed1ebcad29310b69b498b31c3ad8cbccae"
-            + "816d853014f774dd22e1229802e3c7980023d0c5e37f1ce932268752ffb6c727240ca013"
-            + "e5431adf691432272d30b360dc8877b4319d201168df98e33b223e1a82cfd79f3c75b514"
-            + "bf79ff43c587295a1a415c57f57fefa1c50cae59641c571d327d6a1caae11b99e16df8fe"
-            + "ebbed3c02d7cbddd3e109a0ec6b139963a7050c6e5e0ada8e0c5ef4ade68446dfc669a78"
-            + "7e48796be7a6cf9410d87899bedae7da22f57680d8e2d74fbe7be6867ded1bd291d26a94"
-            + "0dd9333977d5381ed2e7821600c53c4dc408601a93c57308a1595a7f4ef7bfd1d6f4aea2"
-            + "3d43e69e51c870efacbee2566b1772ac9df9f446a0796a0c36ebf7f6b7871fe2c25a5efe"
-            + "878119a6f507931b13b9a878a72a708ebb2ca1cdac93314ce5bee6053d986fa2f3c47fde"
-            + "fb81229e1fb433b18af563fb223369e036f6317d4b0803ae384575cbef4af81b2ed6430c"
-            + "cd672f6c76e1a8f31b3283e53a44100123737eb064b15241891d05584ae1a0e70c2ffe05"
-            + "0616e42beac9442b643682ddb3ca31c290be1e5e9ea716130df9e06ebb0e40eacb1d9adc"
-            + "26b957baf60d228028a884516963e133126b87599254a63d50ffd77f269774a210173a8a"
-            + "d1a661fe8eba3510e653d6a585f116938e5aa127a4af2b5fbc16b910e2071148d4509796"
-            + "9f06f0db0de5c5b8bc552e3f30a499de8816334fc1626f3bafa76162d952e13d9784dc24"
-            + "7a59d404d44e79c8c89edfdc189c5635d064ac48d981ebba002b2df5cd4ea3d35b5d3934"
-            + "7e13ebb7c442d509ca1661c471558951cf798ba69b7b9d4bb2d560783d2951cbbd7c0ed9"
-            + "e3f21a08f87ecec47cfc8da0c6884722de3630ab64a7d3dc2ebf88f968bd67a615e53f6e"
-            + "d91b60b8755222a25633a62d338667c87a47f8f8639f4058e03b2e36ce773d9e98a65178"
-            + "8a7eb7a5e4dfb54f3e171d74b989356a279db93d6b47d00bd2bf9963692cadf24dc42a44"
-            + "252081419404aafa4572a163a760939c3f31af66c6a8908565badea9b0d3d0dd1335a004"
-            + "9c0c00d12b0b834792c762a595d5466c1d7488af7de961c31a9c7cc4eef0fd1519df1efc"
-            + "1123dada8ae5bd7fb9e46db529e27ef4e71bb4b1d8fb54c6518b067da95400191159c522"
-            + "35f0c1722f79691f87625d8fbfe91f6ad9e855d751ec54f6c52da0640a6fd690a75759a4"
-            + "a97cae98cc194129493545ac2eb059639f80689576884a192f4e0ab885fd6bcb05aa7fb1"
-            + "c0fb8b6335ada730b93498e38f533495a4a79040963f9a3619373d24a8e3bf5c3be7579e"
-            + "eb5e172fc6902fa8489e02f10ee887d35bba54b0ff9bfddf2c8bc4e507af43be4d76e979"
-            + "b8dbd8ae7118b9c9e4b3d4cc8348722ad994bd1a6e3cde2dde3e58ae84b9b4120db838a0"
-            + "9ce71502609596ec75b4037ccf9f824987fa6e598d4804d82f458e63a17ea7efe65840bf"
-            + "4ba96dff3bd0d7911fa3acff7a6189818979d3e1f5bf04fff188342fee0516611188f848"
-            + "ea15cbc8cc8f5dc241e24ce0a6320c5a0081594f063edd535cddec4b0d86759e5a278b36"
-            + "c16332b381f73bfeeafbf1df81fe39c3cd535fb200c05974160483fb9e77f95ef10e3591"
-            + "28fc41fbc2242f164d285c0c9f468816d232be049ca81c75a3c6280768867f57096017ec"
-            + "1dc09d1b5e8893ab1e117d4aad1a1d537226c40d3576960afe42b9f0512f10a81265bd91"
-            + "2619c9c93d21cf37db48ce7676ab8452b9bba286ca9c98153032dd31e485999771c59c2f"
-            + "2de66d79b2a585eee527bb56aed5d46f5c4a93bcb4ece9b160b0a077ae4156413f654b1b"
-            + "855b66e55fb844cef804e382d875f1ad545e16ff971a2e2eb5351bc039fb8518e21e76b9"
-            + "fe5b7444b20e3f85a1376b52f3ca9ef183e5485c9aee969d159b4e1495acf04abfa33983"
-            + "3289f5d888c8d424854484e04039593eec7789dd357c55ab287cba87fc45128d761e2d8b"
-            + "6435289f443099392a762beef20d7fba97cf78f80d5b964d84457e3bc04ee9b5ad4cb6d1"
-            + "32c5bbd48529495cf2171b9572237558f04bb813ca067ecb12126e8f4d31a2d1f2582a5a"
-            + "36ee9d9052759956709c5f6e9a45b526ce28a2e563dbfe068698bc28b05af99f48e9b3a2"
-            + "7abc43a692d44c8d1221e4b3d83cb2ca95871a577d8d266e518ab0a64ba9965e7582cec8"
-            + "2d4852f7895038332f9e077935862866fec64e94a929e00dd3187919c84f63634f903aa5"
-            + "f209a53e3b96ebcff5a60711b70ac2f5ec179bbb5a0e1c010937d61dc03965e55e71947e"
-            + "627079151ba0c7e0ed668b2432ca24ff7786b0bcefb4448b7d5e962702927f500ce4ef9c"
-            + "dd630347d547de52af2e78ab30fd7d4f1c897035025086354aff0d31b51cce3f194435ad"
-            + "2108a4b49603bf2409334e02b4c4bd28f9b8ba0fda3f43da5bbf82bac2264f31a5877feb"
-            + "979399c9495f6d7fb407d661a05bd56c2f3cb7b7bdc4953d00d84eff7fbe63fa8f85bb71"
-            + "1ecea6ce4dbbe5e51fdb154fecd28fd77657a1eafe56dc718010d37cfd14ecb6b830f5c6"
-            + "26e59b4a1c14cef908d49a1cbbeccb68b55624357c8b29fe0753aec4eb39dbd388be43f6"
-            + "a9a159e79dbf1d54f4a76c2b6cefbde271fbb292a4fbbf1d7845f5e6275b9471775340fa"
-            + "c6102edbb4cecbbc86506d304d785d0f56e0372b7b49785926243347ada241619a966abd"
-            + "9fed990a1216e5ec6827cb723d0485dbd71c56f173a3814f28a658aeac33869da1dd5ec7"
-            + "b43ecc2df9b132ea802f12994e04239fd2135aba78c3c02e919e9f10c90c6d21a00e27a9"
-            + "44dbe164c96e35fe7f52e75c1759f1e1bfada5d50ac9c06219834f2222aa2b66446c6f18"
-            + "6bf80f7a2af1b5d1f1730b39e42334969a1464ecaef9b2b4e368604e7c472358c843df0e"
-            + "ecfceacead2d46a986f930696aceec459a95694f2ca6745ef340beddce1276eba5f2e78c"
-            + "d4cc4fb89bce9fffb9f03f374c779a69349d2a03b4a497f03227d8aa9194ba18c5aa730c"
-            + "f1e70e1ab5440566dc095c0d084d1af1337fffe3f35ca5e6e7bfdba8c66e0a3e4790128d"
-            + "1e10ba6bfbc16dfa4fc9de9cd1c4d5f89f07fbdf6f2075965d4ab03a61d3fcce0f6cb134"
-            + "45b8121ebaa22774dc2f3cb3d1b3dfa00a2463172b5678dfa47ba9d58b0ef9b88791c4a3"
-            + "76bda6b0e9062dab8074ebd760476bc7ff3620c4dc7090650059c6f5eeff68133755bc2e"
-            + "afd1fbd419ff407b624d4a0ecc886c5069726624570c595a506fa41a2c2d9ff3fc3c76cd"
-            + "58c0949c458b032a2698d346f18a2b22b71b36a17abf6ab78646be0a68585ab876645c43"
-            + "797fb542e059ad109c251877ebc5fea65ddf1e3eea7a708b4ee535bfe5643e9c0038204d"
-            + "cc4d8ba369a44c24d13b9c76d41f333dd3133f3cb27653ec925ffd2a3dd29fa4505e5973"
-            + "272e5fc4f733bf4c743a3a45f750ed8849bc880aacc5cc9d4fb31f22dcfd566cef92f3d2"
-            + "e3ebf4e6f24f8acca855f03642b131c6d97f76b49ada593753cb0e2dc66ffaedf9e0de40"
-            + "da97423de101824651faeda3335b7c39bb84ba7f948976ed559071a406989f6c527c9d38"
-            + "a10c7aaeb1e326b05b14c328e18446666cce1815915bf76dae46da43a616e883664b4947"
-            + "2ccfbdfb249061ad8e4ed23fd2cafd21c1e510b2ef816171db531ee9dd6059fd042b0dff"
-            + "3a1d18aa7522ea6d01b802535e4221959cf82c06f694598fd392929897d17b04a171558e"
-            + "9aa0ba97a9db9e8d137a19587b02bece5d6652908e2c0abfac68d45a9d08d11a3aef91ea"
-            + "a357fd876ea9147c0aa5630693cbb1a2669cf957060e5793b146f536f1985defcdaee12e"
-            + "136e62e79ec77aae6fce97097355bcdc6a8cb21813b6bb2110e4c61a538aa11a36f976e2"
-            + "0a2cd8270deec1c18b7f6d91f384b0c8d21d676aa336736e2b0cec288a68769effc584fc"
-            + "3255b04229a4d67a69cbf9a9358e4b749c861b19470afc707a903a58f1d0bb19ec9e87db"
-            + "857c36adbf7305409653e52d0b27c0e997bd2412cc8343aa849eabc5856bab036db2c27d"
-            + "599a953242ad259cc2eca8f421fb6d4557d7b486c159184b246f1b1165b7f6a0a7e1d4ff"
-            + "56267b3b862c8109244c1f3ed4869b2d9b55ec906c49d5b35485eacc48a9454df757eaab"
-            + "fa34d0c0194e423dea18b473bbf8daed12e25347ff8e96b7501f176126e17157bd515023"
-            + "a5cf43b012ec3f961a3f23d7912fbc557af413b4399aa3f56adbf8f95a8122cdd1165781"
-            + "08d456835219049b23e6197033a40f92edba4b7cc63f2ee43c80172377c48c8cec88e8b2"
-            + "7eebb0f145d9ee0dff64eaa83422ffd6eec479b4dcc8f463fac228beab22ef403569dfa9"
-            + "b713647ab62e86fa6eeabe30af2e65d237b8bc9d5bb26cd3b18b25561f51cd091f91f4ad"
-            + "4d66432ebd444ce73924f7cb261df6f569ec5f354bde9001af6dab0e027ac21e85ff5db6"
-            + "28a50e5e8364551e62771c8aed96ef1c268d55cd5e9df8ed294fc80ab8d6910471a30b83"
-            + "688aa8dbbaa00a48a6289f18f0777dc55fc278ab7589e8f301002da980b315f98436ec07"
-            + "c7110ccb098913c5129bb86d9dce2f87c6f8511acd5919fc5cab78685f84cc416e2823ea"
-            + "9bb515c5ab1ad8402b18a946c6a68345a4144fb55b8fac05ebe6ab344085bf16f2e35589"
-            + "7f8a940b06fa5eeb22daa6644d24de552c8de956ad9a940e0c1df5bfa7622da1c316e264"
-            + "b0675c606562034c544a9f5a7c87081b49ed707917d949809f70d2871fad5e0cbebdf914"
-            + "5d7e59bc8d4a2122b67c589b69d5639db422320c11c48361c61217cc9cc65a3f68e7fb57"
-            + "da9c56960056d51b368514873cea56ad9119ef0ddb651e27a7383a87b9d82f62fa2141cd"
-            + "9cfade1180a0c701f95898e559b13235b9bbb7e307623e3239278477e219350382c1ff34"
-            + "68d5d0660716803089e2c82d643cdf4ffcd05933a197585a1db24facc791243aad9cf812"
-            + "4324c445522583d9876bf2fc490743e878419991dbcf6bd0d942912f5acfd6eace6333fc"
-            + "2ad97daf41b86ca8e080b045def649d9a80111b9182b0224e10012397d7cb0b266e6201f"
-            + "d9d4746f5525a55f0167776ea43013e1222d2cc22ff3bc5c2018416e694f1ee8984c4db6"
-            + "d8fa1857e6ed19d55bfd54f958fd115f3b1b8678b6d45f142a587c073cdaf312ac5824ba"
-            + "35f0aaaff84b17ac7d02a425f42f63e259693b07cd6830ca859f1e350c4af4f77d8f0c06"
-            + "d99f81e9efbc881d6964f08ab817be076cfc297f41d44e775c43571e4805bc162ac7f84d"
-            + "8a965f97a083df143afc49dadeb51a697b4af2597b18bdddd831d8a091d1c5128b29f228"
-            + "1af3dc5fe7310f2d4b35db2b6384b1b3c706252e1387e73d06844a80cbfe2b48898be26e"
-            + "54ab22733c8d14fe5a7c118795f1a6749493e02f2f66ee274fb0d6ad05404fe62d7a03aa"
-            + "880a6c837bdde15a395900648624add8b7198d8ac622812c132853b919c0e36474da74d4"
-            + "32820cb1a06fa191e26871041327b7df3b56e3ef1dc1e6b4b4dd2f32226277f945bce242"
-            + "023aa821f8e80cf8c5003fe98e4459168a28e17143828e8bd156eae591f29044bc864bc7"
-            + "fb58af4158b9b1d66dfcb3e07f645ae8036dde82722d379e5ed0e0b5f2794b40e9b6417d"
-            + "cb6e97786177740a3d46a16bdfef921277f52bb06843730ca446cc0e243f862d77b0249b"
-            + "12a619b47131d1ef7a7537dd2d77703a19d87a4388c89bdeaf3663c509d00c4816a55b61"
-            + "2a0f286c1c9c1fa9619d4dcc1d09f71441a1df4164a63c916b8ff8bd9809051c319bd122"
-            + "df02820ba2bd77d03a14726c3aac1cddd5f005084a83f5c0626ce4dc43fe1408eb859bcb"
-            + "f0345c21c539e3006318b242cd230771be2396b9b7ad9fb8eeb2004f2225c2ec2399b88d"
-            + "474da1efe75c07a55b201cfab4cfb8e77c0bc56aebab0ac5a45c7d063b06f437a67dbf82"
-            + "f9730748227717318b1d6341482a78da8a86130e31613c05b83dde8824605d122e0b0801"
-            + "99167de5da04e3f5505b07634051e3f1918c697cbceb48298d6bbf3cf9260939d7b71ebe"
-            + "bac6534d1e7cea242bb11ba601250b223b1bd42418d8ceca6dd4f01f31d51810a91139df"
-            + "04885babaf4467a2b6ef2e82b711e5c4323627d37f062380cbc001d52524235aceccb2ad"
-            + "a17444aab32bd883017e01a17b75262dfab5039684dbc60954431333440ebd9759b289e7"
-            + "af303a86a4a88344770da443364f59066e5b659ee2b2dd9772b21d230518b93f61ace293"
-            + "26792e93f54d61ba59e1f02809a67cefe56e6277909d6157b0af330b9a792c33f9a2fcc8"
-            + "284a13d3db514e6c5b064db33f290b99ffa57ee61a474b4f18724e2592c09d917be68225"
-            + "67ca7e603e9d05f1121bf8aeff4b16d1a36f3da0453329b80ab6280c2451595303b8b50a"
-            + "fda467344f6f87bbbf9fb761c055ab6fd4b8c91f80e35a4d42a54ccd364895890556d868"
-            + "6bac4d85cbd86cc5b7a3ec98d5019d52da251f0e7d348b3635f0a9f73e78e1428b0e7d96"
-            + "9147bf1f24d385f89e75e283217a1c60a40cc89a678facc5611dea8775354b8d6f0319c2"
-            + "c9d3614e49a09390930c7b93304e0b6b0a2c3b0a4dd78f39a7ccba8c69ae0abc03b96860"
-            + "f0197261a82b1892783f9aa94a195ddcbb86c9ca7fcd104af64694ad0d67d11611d2653f"
-            + "6c09433ce59d32bf523e30ada9813caa872b1a19fdc152ded2e954dc42a80237ebd12a86"
-            + "69d80e88a1fd9a653183e4bfaddaeeac54ea0f6488930e40e01c1da9ff8127dcd6468e70"
-            + "4f9a8b3f45cc05de1f8f28782720260d9d041f70a4bebe18a325368916c7230f54207ce1"
-            + "74b6cc16f9ad3fec29c339e7b40c6a12940f5ac05a30548db2c6a19d1be98640a01e734e"
-            + "d4186da54d7374b69d090eb8fa39a207209562fd0c11d78fca13bfe6ab85808e2ee558c3"
-            + "1d4a5ee295fb8ccfda5c6842914b7420b1ceb372d312d1bc29bdc50a7b32729a9b1f3662"
-            + "adf915a089eee2887de1140519d0ea8ca394cefc2b7a658a0fb3182275f0a78721bb643e"
-            + "22d4b8c77ecf5bb8327309ddf1169a77b0a0111b9793d3a3da376d843b6f218638e5f690"
-            + "a79c42618c5f1f47225400798cab6bf1877723e330f06faca18fa2eb089f1d2118770b06"
-            + "83921a4dc72e71b766f240beaa70282ccae49142bfc6137109f7e6f770df4e0c99e662a3"
-            + "ee0ab897bc1182a082e7a344cea94a12f7591c681b84612ff4de370544c1f4341735d354"
-            + "05cec6a9b863f666b528cfa9f6b7dcfdec7777220f43a763b68c45e186d856cef1829a52"
-            + "d7735463ff890f8b23434a062c2096906874acac493a7ba5cc658a06066e9641fe35b6f3"
-            + "04f047b2384b8ca05167d6a6fc5fa71e52a611ef7fa783e07f4a6b9eeadf345996d39096"
-            + "f3d1801a40f61456a1fbf9c6137702383354206bfd6dbade4a6cad7cd57f99bf1522fc25"
-            + "19ce0af6b1ecee27ab8ce4cd25e3d519d1da0da71393b046b61af7c9d1881e820b639e72"
-            + "59a1da72ac3951a067575e6f6cbf4c23453933adfddc5f64e838e67eb2d16137c72ac91f"
-            + "ed7a7ead716233ff0fdd1e3a0de867a61bd2c77d237d89dbcae503632f6aa018e4ecd2ce"
-            + "1f2c9bfc562b49d2585c151f6463e5fe82690660ef5f6c5de963a0a45a26231bee4b60ca"
-            + "722cf59c5f81cb986681893900e5dac26892e7f33c93802770cf8302c0679fbfb915850e"
-            + "f76cf2941f60e0561b8d9224fb72b3cd78af28ab02fef100ca0b6fc2809248990f9efcf7"
-            + "ec1743a512658ab36532d2cd19e441a59b464ac5c630a334531246954f970a6fdd8e16c8"
-            + "85dff3638e8bb61f9dd286f5babde8bdd624de1bab23c61738d7fd68f4ec36e3f269cf4a"
-            + "32abbf13ccbfa2f45b63386681276a51b8f2c94157b65582c633190ebd6b5d79761ca5bb"
-            + "862989f257cac1cbdb02398707f759b1e1d05068ce12220b9dc74fce62fdd74e0468e8f2"
-            + "2b52667bdbdcaa7556ec962b1988e7928c637623287cb7a3150988678044e3633a62d7c3"
-            + "63f72dce96c5967923a02656c9cd01e60ec494bf545ad29d875c1e953ea121a465deb5cb"
-            + "7cc2b11480779d6003ae529724e463b84a3d131cc9d9b083cc3f28202578913e8571a2ad"
-            + "691a1d5e376695ec61bfbf8d23d8f9c33d4592dc1d3db9a9809073cd7bcf389f73da5c16"
-            + "9776346b0a4bde33cb18bff16dd867028219797e5cc1ec3ad32fcb61f4404de0c520b78c"
-            + "1e6532be83cd16cd079f919facd9af2078099c3c3cee372052a4e6d6194695529b3f006f"
-            + "d4bc9098614cf60b450b13c677dca567c2a3aaf2a9a958613a2e03801d8ce3d52e660bea"
-            + "f946e4510f8c1d69c6a169290bf0450d9acaccfd5f9eb9c96cf920c5e06ab4b4ec4644a5"
-            + "694e3a6a6c6c464eb03f1a73aa213fd335b71b50aed725681e03a7f0bdc5ec15048cf673"
-            + "826cc29c2473148a30c37e288569cf821d5b396ebc3a2cf53d43e020ebd03c8409e19f97"
-            + "609ce2569df47bfe74a83e6121ee26e12448ba0ab1f9e89a93a1d31ae520289ddcba87db"
-            + "cc3714c6217521c506a1ae6ca72c6ddd5730dbe1547daf4e9c35f264eb587af33da59b03"
-            + "fa0f4896604ce5c2c84d8c6ef8e9beed22d12374591725b01041035e4b568525972dc371"
-            + "62b1b18ddfab02539dc23bcbee241823135589d43c3d5b7bceb5fd93bbd3c0d48d0a2fda"
-            + "9869c5aabaeab426524390287a3eaa085dd99bd17610a51d42ec345ec21478dd66a334d3"
-            + "dd27fe005a687a303cc453d0545942110d18b259f651e44726b39fc297fcef9ddaf8342b"
-            + "855035593f64500b52b0b98b1d7afb87540034b1a2c84452ec149d17c6a4fad14e49a20a"
-            + "8cafd7e9d07d4b73fa4314abd6b5f338ef4b0b093230af54b51bdaf6af97500698d55da0"
-            + "ac182d937f07e680567bc2ad1e6e1c955d6244f563c9ee7e8910a3d9ba860cbef5db2018"
-            + "86e0ee6aa33d6d1419f1b48e92b7c85d977df3a0b6b0e14b6e31eec03cc40af606d26ea8"
-            + "5a5f0f52b4ad67d430577dbcf4d1935837a3e38e28a11748f657b47e3f68457d585b76ab"
-            + "5a90960b723f2155731dbf5e38f535a7f60eaa532277aad8c76484937f9d11a4e1e137ae"
-            + "f78e6a0adc5d5412cf59818634163f908135c16d987730075c67402cacdac94cf648c3cc"
-            + "fff06ebc46e3b2dc36b3d823174ec5d9d376e015ce96a2fb08e91096e44937d400c674bd"
-            + "f14ee6b779bb392914f0a80a7c149f4814f558d3fb3a65dcd260b11dde6694edf3438385"
-            + "ddb9732ad881b0100e0eb29fe4731092486212e10c035f7eaec3b995d738d9e2160fb86e"
-            + "960ac872c68cc9e2bc0425149e504ba1b169fa1e7bba8c6ae38a1f071e39e3009677dedf"
-            + "f10074c200ca2edba43943f04c8a13c92555b37a58273c512dd63dda564d0a076c96fce8"
-            + "7b0dd062905c5822fd40049e3cd2744e2ae39ee8b9a0aa8e7982de9be9444c82ef976764"
-            + "86866fdf74099e2ba87e466e54931a7856fc91936552d4b5f049dc0f1f0305a7345afb15"
-            + "a376e2505278ffc89e95615cc0dc5e88608f607d7bfde381956db0a3be7d5f738c8598a2"
-            + "46a86e316ec6d6b6a09390cfb15814518fd83f1d05b8571d6f90b09cbd7c6709d9f77af2"
-            + "a6be1e8559267591ff9b07c4ea4f9000b73972d9d70760297ec6293e9e3533827eb4675a"
-            + "9eed5009729c77d9be1505df463b65f2960ee2710e17704d4217fe4b436040ec6d506062"
-            + "60186a1863f3b3859c67832c31d7ebc7b4787ac37cc678508247b65d0bd921a8f01d6880"
-            + "113977ff46b88ddafd527254d1781280622efba0c9278b23ce3364eeb18150ed927718b8"
-            + "21ae8ba9d0f10d8f09433663cbec591aaeaa66605317c151dcbc78fa590e9fac9e903b1d"
-            + "4c3aa3b6dfb9abff8d74c40157dc818327aed5d90014f4513ba314a3e5700376b7c1f9ec"
-            + "f33d0fd75a0b994cdc9b0e90068446ca4272cd90e49b22e99d66e54cc2b9d801e028fc7c"
-            + "05acdc96e85bed2f0474cdfb15d14ecf8f467673ff2bf754f8105f6e6c981595be96743b"
-            + "2a212c2ed0d33a5349e227a2183afb4b8ca09723c454dbb00900d0144fc23d93da01e422"
-            + "e0fa7991e3c441f73747356bb54eb135ef6a64272de477e42016083eb2372b89e74bcc05"
-            + "d4866ff408f7831b149fd2e6916a02e696c0e277a4a34cf3021ac7238da08232fc40eb8c"
-            + "0f8c13e02c474b518195fea20ae74eb9ef9d2e7bc706cea89209b2b5d3422e94a94b1ede"
-            + "0baac06b6e8da0263e30c422b227a0d62fbb4098ba4fb68c5c154688dc7429c735d8c1f6"
-            + "31391521c659201aff0735a50d102b5269ce0e1b6c30dd3ff19722aade2370eb45aa6f4a"
-            + "6c8f0359c5054bd9b66343201d6fa9695a3d87499ca48a642ca7ddc7d5fc47c0dd0f2f9d"
-            + "d48298e02337e1adc5ef8c04e967708097943cb4ca5d10102d6088472e9a219e03aa77f7"
-            + "0a282137708c1b3d6298e79a676e160d6d2610b0d15a42728d41ee503352a5b66b174c6e"
-            + "bcf2558309651045bf79eba7b54c4690058458e2cab6c279f87c76f2b02984a07447e0b2"
-            + "acb3a2aaa160bf4596e791d6f00bf130be24ca0aaa6f613479ed8c0a8971164ec25c1d5b"
-            + "67bce4439db5c395208017a68d3e8eaa2b58169a26ad265f86355e5cb25c5422ca85ed32"
-            + "8437a23b5a79dbebebc56c2a118cdc527caceeb533e7b0fa7cf9a38f87e0459332995fc1"
-            + "b202a24fbcd8b34088759c362ac6f7321f223fdfd6f8951a0f68ed067bb00a2fed2f9b52"
-            + "243942eb2495e37d4c38a824367c9c0b56dc112eb9f5b9dd498aebd9be6b6cdb02e3a216"
-            + "2bf107155e3e6e9a09907afb1511352bbdc4f0e7df526828a38b444e9b7c830ff33edd01"
-            + "027de5ddbe9a204263ef0a22a5cb7787a77c43bfdd348a15d4d195429bd762b1860732af"
-            + "6a16d98bdd56e8f67bb911852b8e8892960cc8e7586951fcb02395ab62fd249d497f088c"
-            + "9b827cafaaf035029ba4b13fec4b0f5251e9ef69f62714fbf7bb2607e9a42af0a8b76353"
-            + "75888b8c8ccac0a3edc6a7b8dd51d63741b7738e30d147e07bf0c935fadb81703d6d76d4"
-            + "5e769baecedec0d7d28149e70cd7047ef26383f5a31be9139e4ca9c93a96a57a38178981"
-            + "94f393ce83c3b6828ade4a642e28b81e6c1716e3ef67a539699945e8ecfd926e3bee4f63"
-            + "41fc9377b64eeceecba1caa1da25e127faaf7edd12f0e611f94e12ae507ce3b3ff637143"
-            + "3bd453b11bd7f17ba0ff63db22366aa22f6a3d2b523f815b10f5b970e85ab1d9341268a4"
-            + "5e3b90768367413d4db5e8ce9cb38bea65bd43a32921873f0fb463088a5f32496c9283a4"
-            + "d9b0aa95605d92c924355989b4d6666964f31b63e297b793563376cc87dfc46cfc32872f"
-            + "91474d20ef94660660d58e2577fe944280fa91d9f89cad7085e4abe56e6f526837138a33"
-            + "af4a992003f42c6c1da63e4cba4ecf75f92b4865edf67ca5b25ec58608bce536c19fc492"
-            + "983137c5a0db6b29671b44f4ac96084148c8a1c65963d149d7a9cc900783806fe7818fba"
-            + "51d65fcd8e5bf364561e4b17c973907b295421f5b2660100426f3d19df9ebd4b2c8cc0e6"
-            + "c5bbbe9318c4811076a0f7f061b762c93296a168b5fa99ea5ba54b3a9211823f9af4561b"
-            + "ead0749414126cfb2a247346e2b0e8adf7ccf76cff290cc797080e6509fe5e49f33d7f1a"
-            + "7c4e034ba8deb10a978f0f3d76036fc437c5750a97d53c59ff69f3d7159f13f0499b67ff"
-            + "b552d0ae756d6f03d3b5a8770e38ca59c74addaeebe17b7c75a13700d12605a56c636a87"
-            + "a87b2f84a13b456d1e2093b6dc8effb248480c20b7f7c008b71cb92fea8f047dd8b460d7"
-            + "bb9c05599addd45d901a7d7c57058745c04a1f1ce32068cf95367951ff88e3eb6917704d"
-            + "2e7f166db9a16e28b26d49d37af5f6916037f516344b62b0db171d0241331fcb5fbc2213"
-            + "d63ba19025d83f8564755c3ce0126018da7b7946d7641eb368b6dc8dbb611f93355a6087"
-            + "ee30a30bce131895405470e89bad437a9bb1fc050c800eb6165cd42e9100e60f17e9eea2"
-            + "1da315a194fb5f84977df7d8fa7b885f51a2784ea34fe3cb1401f2385dc95480304764d7"
-            + "c6b5b086a7b75b519865d7c11e5be0fa7ea3fca056eec5a82b40426ffc6e199d4db9bb37"
-            + "638f5992cd7cc1280bd57a69c290ed26f764a923b82c831ebf995f80b4d6d1fe51f3f6ce"
-            + "ed5c1934e1d713b04d0313ed6f7d8d3c239184ecd182b1820ba176ff362ef6dfbcf6f0ee"
-            + "56287fff6ca780ef0d6ca1c14d17895da81037bf1001368ba72f8af39ef76a7a66261ede"
-            + "f43de21e77e247dac0ac1bb2029894ed8eb953b7a5e0d0febc6db6a92fa84b7e278aa2a6"
-            + "f7952ec7cf9877c610a611107e8bf2cd481f612262c61c03ceb36227f4b6114e799e676b"
-            + "e20ad9a1dc4554250dc125ddebb912af2799d83842c0f1c4c3865e084ac9cea1c8c0c2df"
-            + "a21d3bc3431635a4c38107c47043c195f3bcca58cb65d2775a6a797991ccdcb856a636fc"
-            + "57848f571ab36c3f615b3f4c772770476f196bc3e94101423aa170732b41bd6d91e42b2e"
-            + "4cb47f7044e14b269c1ddf1b7b91be767e0b7c787e816b368b9e7ac2f9b807e44d9ec224"
-            + "4b303e0fd95b6f21811885544910518ac68e04644c7fdcd422b88ef20b3f21166fd9fa54"
-            + "383d17f2e20ffd68272f445b3e699fb65dd9a0df9a32c7e4962541451f5e800b0b7b2fef"
-            + "df7fd15378e66b0b5e948652b59f6ca775b7ee0d558bd084650567931d9bbd79f4b60efb"
-            + "3ad6b2161f9ab876dc97de95aa3f648157d9cbda81fe73338b834f6b1724354600c1aab4"
-            + "aa0bf6eb85b3223786a743cc35e28d81c05d4efa5e132973ce42d9830ff22a8e1d1fb1b4"
-            + "5134bbf9193f0570b43ad0bcb533f59d3ec8b77998509e766bd0261e5b913e11a2e3b219"
-            + "0ff660f71eeef5549fde3009ebfbb30afe2184b73d23d84e47fad48934b2193941c47453"
-            + "b44832ec9690ecf664a5b88897fdf8595909a93809a394ef4d08682f610135e2aa6d93b9"
-            + "2c295748493e0d71880a6454c89a4aae706f9e712415ee37f0dfe4414bba183a5cc25c1a"
-            + "688605d280abeb3afbd7dc1bf696f1f4d109c694a2b4b7c4dd67e0f9f6c556be8bcff103"
-            + "afb40928d25d91da4222f71fbc092cabe214bc12f4df702e54cd5ae9489a7b14e4f60162"
-            + "04080449ddb6c0cb4cf030a36a46c457e6a8e410dfad630299d7bd2c158d27da09679509"
-            + "2edbda28b71f9705201b0746f3375513bcb5aafaad0e1edc8ffa76faed6e5defadaeecbb"
-            + "9d4eeecf5944528ce1a1be1dac0477f8763eab422757378e922d0231496c791d0527dff1"
-            + "849526b125411c2fe471356879b993bcf1375d6339df647087d1860410a91d89f7baf07b"
-            + "5815fc7e2517dbddcb49d57e6f2e678473c416ddc2c878019d138d50ed95c3f3a0af8b3f"
-            + "c9aaefaa9cab78251ca6f899043f7efd66e262be492b655ae1f546953253736272d7ad7d"
-            + "c2ef505768a1be8755ca2ad5c959efb89068718955400fe9d1bdfcf631a2ce7127ecd865"
-            + "9b4aff6ba4e0e49a80485225de88e389bb25e4ac4636edf8203e285d8b9bc65e096256aa"
-            + "085ca7977d19afd3f7df0d7c72ffe2f5fc9eefbefe2e96be0e904f1a877792f9e4ea3e20"
-            + "f953892ab92743b3737fed3885b924bf1ebfeb3860490a741c62b6c1595b06d89018669c"
-            + "ac8b044fb833b6d39c3f660b66611df9b04f35958e486a5265d6103638f6777e5101101a"
-            + "aa1cd56575a294b0f4fc4fd830264ed086e1d4072f60c1a64dda3a0fa1a0ee18a7ff2355"
-            + "ac5704fb10d2eb59f8a0267b5555f7bf25e2a77c46e48eae1607fad7b8cc456e409617aa"
-            + "d7ae6ae443f362dd4cfdf6792c728d19d290b4e1b09c8521c0b8ebde286e44041cf50169"
-            + "75c509caee50af40de65ed809c62cd260320fb9b49c6be4fc939d9ddd06f4713a4b2a79f"
-            + "b125960930e9e059f44d302ee71e271325c5c411c82b90ca5eabe1fb2fa920a14297b69d"
-            + "12d25e9208f9a01c31a4b4abfce2469475671c169cdd4f5ab67eb3aec9fe8ad15dceb1e2"
-            + "91ea893a221245c4a9ac9dbc7f4b15d54af2b38b27bc0015fa32c61e5a9e1136dc9ff81b"
-            + "9bb0bed60f26d056337fdf548e9a8c033539551629d94f988a0c250b519ed92530056c24"
-            + "47d327f2d65be5b7b4cd11fc5ebba3ce0c143c7e83ab7fd51db5c6e2c09155e153013381"
-            + "e53bbf5691526832524a191157af1d6f6f2b8f15e86cab014c374609be46b5908bef3c59"
-            + "e829b2389daf473d472e937010dbf9909a3770b495d48c5a4f9e464f2e7ed39b964c594b"
-            + "63586de4e8fb3f10cea3a5d0411d09e9154b637cb0d3bafc219cc93cd960b11131492b38"
-            + "1606cd93faaf2b2a0a52fc0d5492610d527b515a696e1e5cf511fe8b25a0ba6559951f0e"
-            + "e7d3dbc25bdad5f4ac334e6a3b4bd66f9e924514a273dc30abff8a5a14c7ff4fac5693b8"
-            + "55152470538c6c6ff51597a7123681e787706d2deecb71ae525ac9a050efa9188bf58da6"
-            + "440c9ec2dc4d3fb993a8803803b0b36a3b0708ea265799b414be7dbc9d120ff6852bf5ee"
-            + "38cb740322b6d4b036653f2b922a1d86d054f2544110dbcbfd79d9fefeb13870c78fc7da"
-            + "83772b1758685e68e75175ff068b938beded3861caf5055e7f4655e6608804f02e4d1853"
-            + "f70310ea037788246549279da6f3e75ad07f995996dd9c8e36700a89f9240acf0939241b"
-            + "765e3d850aca760abdacd5e8a9714a2a713e1d9866448053e6b5f801c01b854d2c083743"
-            + "f20ed6fcd35514dfc28585ea61fd247889ef54a7c17a4183e924756e1c7d4a5b4ab2c681"
-            + "ff755c954629ece9dc13fbd46719ccacd119898a32f8a9f01d7ec397c7f633c52ecd6f50"
-            + "11f17ccc96298b92e57ddb086734035a6bcc31d8e831166a31ed6df350e48e4c69e5cad7"
-            + "cde3d9ee545fcea6dbdb640560429bcac05407f50f5cfa1800803c66a4d8b6a9a596489e"
-            + "43a3c28f3af7d032614677bec94dec582ed76b7861f3dd4131e8faccad2870da1cc49deb"
-            + "ef37db61f3e8e4174cc2ec2f53f5ccdeff83374efc70f7fd003a85c52b099df1cbc560ee"
-            + "94cf695db01ddd36cde96500c39bb2bb865c1c6da705b09c48fd024290ceea0b35037a1b"
-            + "9833b4c5ff13be2904c8c61873bb8d1abf3ee86bb23b634b773844070d9d8561c7c00266"
-            + "290dfac68a136cca2fd1f06e21274de5ba339a26d35a1056c42649d145dc8e5545a404d1"
-            + "553c2930baef962d53dc642566ffe59509dd858a30e2a9a9b3ba027c0dc48c2db7c54d0e"
-            + "7813765eb728419c4789081a64e3cba0cff0e070338f7d9d4eb855da450f48413108cc37"
-            + "19d70f0f498553d50858ccafc951196fdc086b9e1a734c8f58aced167dc71c999474694e"
-            + "92b3e374fbf692c41c9e463cd85953cf72fdded2275dfd61f3be638e837229d0b53c36b9"
-            + "5b90847d74abba6a88ab4f3eb6a25c291729323b0345506ea49a88ef4879410337f37c43"
-            + "67f2ec6bd05cb8d363bfebdf721eb6b87f32a6c4ad137f15d4663b5e716cc131c2535972"
-            + "4bdb0a6b5403e6839f9b62ff76730630af976b96e251c2b091f5393618b060f16d488463"
-            + "fe23d140b0c9c4b88de9e71ca1ba7699f36037338a9ba504dd9260e259f15af7305a7c3b"
-            + "79cb834295627c44d59c79480430d61f839ac6d3ebe50852eedbcf14fd62fd0df62eccb7"
-            + "edc7597f3292cdfab3e9027b3d3f39b24f46a81b17082c4e2f979e8567569bcc91bebcfb"
-            + "d72ecd28e404a6fbbe3a8cc1de56a0965a05ef2c0ea9dadcfa6850e8a6abe4487ca89a13"
-            + "c5d1b1363d2eb5cbb34076d2629e0c138c0790a207fe43d862e7186bf83ee0617e759770"
-            + "4084404a3dc5eb7875b966c5533f1c229ce7e00390c8391784f0f62609e022260fe7b49c"
-            + "93c7fe503ad6ee8deb0536bfec5918459f80dd8a2b4c214898ff06d370f43d99f8690cf9"
-            + "a387e4bdf294f3652e28c80f07798c75a7f7b5cea2129633c53a38e703c193bb80f7b901"
-            + "d189da0419487fe472689fb4dd6720dbc5d9d6da40aa8e718bbbe3a56995adaec5613ba9"
-            + "b3c92e66e6930643ce439010a5ba96f2a3997d0b83e43d24bfffadc343cce9df9450e933"
-            + "b46edacd4b55d96bca18c0c3dd07f5daded34cdc173f5a9ec947e913000cecf49380138f"
-            + "be029154dc8cb9935170c32cd58ee4a7a0aab4ba252bd1934a8247fbb2037f09f88f9dc3"
-            + "fb2fabbb39d4717d93b8a81576689697a2b4376308201402354ec1edefde7af6ed87ce65"
-            + "3e88ca92de0d0567657add49ca3587bc9649a2845c223b1603061363498536f0f316a3c1"
-            + "0ac4f0fe6f0319c809733d564478f6de141772a702595352fec747bc92b245ab0c774a7c"
-            + "9b36d01499db586e3d693369c0c8bb51d74075ec6fd81200405951fb808e41bffef60a4e"
-            + "dc7099cc4ecf1272a62011c4122b45a81c9591dd2fe3ed3ed976ec3c61409c88b6ac4621"
-            + "7944be5d0536cfd27336a688ec652c3870ef1ad5a6ac7c663898b74c34081101453aacf0"
-            + "5fcd990be99c3a8d7377caf3b154207967ebb4a9c7ca285c184679009cd440696488ec81"
-            + "1b617b9b4c48896ebba298d24d65d6e3b890a2a540ecbb300c433d5899ea9019bdf4f572"
-            + "b861d0c6b27a7916ad25a7b85b5eea8ffd7b560d5b30d8531485a4270d0e690b71c7ac6c"
-            + "388bd6ceee0d801924a93c46187182c365835655721e64ab139500f03a60e8194aa378c0"
-            + "7924254f36107d98c266e50019609273b9b3464f0d3bf12eec0a4f15cde5cddec00de241"
-            + "1e877eb78f579fdfad439202ed0dff21bb9c68abec115a009d5d4eb7c09199724a736e70"
-            + "b9861c25abe42de0d7fe28ae51380e5f273bf0592ba4e7541f7d50d3ff4b8facf5a20859"
-            + "0eabd4c53c4671fbcbf54b9f3e91bd86b031203752de9f1b09271ec703f03508785de019"
-            + "99fa581f26e1b2a862e77e620c781a3dbe5a9ee45bf5a9143d30b204270ea3c8b3b45c72"
-            + "6ecf3124b81f04c9e0f891fc5b2e8e946ce40749391944e7a0dcedca744d4dc886ae7333"
-            + "e7b02b1d3c312fedea2434abf64bf43ffb5afbf33eb68071f7525c885d31229a6a733345"
-            + "3f64610590e5ef453feef802e8edb7df5fe64bb909c26c7e415e208867d892e988293ffc"
-            + "8ddbe3e1f3dad628220ed192d12a1f4fbfbdfad4703dedbbb359042048dc4fb3e160adb0"
-            + "11eabee0608e18d2664ac60fd32e948c66358ad6a1346b83ac47cf3d53f4a649c56fe14a"
-            + "96ebfb7e6bf9c0b2496c779655359bad854ce693286a8c0ea0ac182db048da80aead6430"
-            + "c69fed482e3771227f2ce1070161470a7f762b6a9d4c6a22903fb45868110bf92f887fc1"
-            + "e74169b1e3baad6e3d723cbec45376251e37f9c9faf998cf6948ea93d9ed27736a928f9e"
-            + "b4b5cb91a0e3c5c2dce192299f4fc5e8876d860ecaf873287acb5dc8a13e267d7202b050"
-            + "168b1d819a5610bd46c06fbe8497edaccd534036f3cc4704f18b9b92a5431642f169cbf6"
-            + "6d586bbc6be6c2835dcef2ed7e35d51a00531b037a404b651fc65bc9fbada10870bb08c7"
-            + "274d0f8d89302a06e1b62006e71248823bb41e016a6d5cd14cdeb602cf8cb38692b9fce5"
-            + "60260fd5abfcb6acf5951c69caf5648dbfe85f27ae9665c737e91438f668f3ef0e9e9826"
-            + "67311ac5850486c91516929640dc33ad8f51fb80b41a6b373e9ebe639595d231b1fa6768"
-            + "3191868d856605940a290498546e9d2c6d15b5a0c00672200073b7c967b2df0ab8a62dc7"
-            + "13109a04d13b0b4b802ca8e1a3544775c2696c82acb35588fc69f2a8d9ccf11ce35cb0ae"
-            + "f43ba968f3b52e6e04f2de16b11a4f26acc55cc4d0bafe52ecb1d5bdb8db1723123cdd80"
-            + "e495dc95a803ff9ff68ba5cd610ec198eb9a785375b0f71019c861c75b1bd301e8ac9f34"
-            + "5532e88a14e217a938fc9a827912e01baec31a16c5c8a34ede046d5d665a24d11e243e19"
-            + "dc58ab1bf614cbe435852b8edb265eee838518337b881e1fb11d6e47aaec850613cc0b5f"
-            + "4042787f53f786cc5f504318dfe32bbb8e5a0886408bb9b52a593e60b0e561cea833da2b"
-            + "ed34485145dd2ddb54ebe84d6f18097ccbe70b451029e2678ff7672f2b31dd9ea0d03db6"
-            + "1e292b024319fe5e4f427cdea7482631d55338cb554129d55a7c3954c36cade3bae049a6"
-            + "b84654b116bbb9918655d1642973818f21f15f5853e9b1b59240f4a10604cb1ca90e8d0d"
-            + "5643bf1d60fcbc6a09bf4a695690c7ad9048b0c4c5548844755d02e5c8de3ecc1c88562b"
-            + "e1be873739bc820a560f185edc4ac229558128a98e1a69b2fe1fbc133cf082cd7f9e6cfc"
-            + "f54d5d0dd74c03cbda2db381efeb443f996db2ba84e81718575e7107ba7185ef456cfd20"
-            + "c240b3f12978252050c528bfcca6e615e5e523299ba71e6bf12dd86c6e2fa99d4237d70c"
-            + "06ac0599251256f4cf41862cae91f545965c467572c7019c7411ccc38072fc8c3480a369"
-            + "bababf175228987de46149dee8978d759d8d5e81eaa3a1de9ae2f9b16b0d2643f0c153bf"
-            + "dc80256b2668b4736782d96971197bdf0abceb8cfed9bcefcc7eba3b5d6ca6b830c47667"
-            + "4d27663324201a6201056d8410f90b0a56d22c2d99946aaae7df267e043b9a30149c780b"
-            + "7b7e1b663b3c98390c2a4694a4aa9eb32c633133acc9dba5da41cd4d1b857c72acbc93c5"
-            + "5dd4b76b3df6a8b734b19c290babd085f1961126ac8008671de1de3e1fc54963cc4bc7e4"
-            + "8b40af8af19e23e102e2b48320917e6d49577b1548fd6fb0a4489b2e21fde8c2226b3151"
-            + "4ade72eba062f07cc961b2bf3956e8c0167675b5471b7766535774b35fc0b08f172f0a46"
-            + "2632557ee67eca9949beb4dc9bc4b0432a3630c8496a8a9d88a00d666717e9e3f3238b53"
-            + "5bb222ef78cd7d1f2e5456854e51ae35bcb9aad00c91fc08a303e276d3938f6b7706401a"
-            + "3fd1d3803a1d1a3045e30b5a96683bdf8347f5993edb904018ceeae816eb66ea444cabda"
-            + "1d62513b9d7d5fa7a36424404a99c89be848cbf0a969add4754b7492facc83e3cbf86117"
-            + "fbacb60b37bc16e1bd36ba86bba14f3bf5b5fa9c4fbf101e42e2fd9d31f511002c8a7ab9"
-            + "d32c87c062160403f932aa67320aac3af6b86bea88b549ee3d01ed3a2370c99e4401345d"
-            + "ef5475a2a62990d510f7ecc23cdb4ea13b8c81dc1a1d21c9a344054e2841de42565ed06d"
-            + "f734855ac51dd789d9edd3b321cd4a416aff2116a8160fe92800f34c0dc2d9c3cfafd1bb"
-            + "ecd737e463b9ab70aa16e1b979aef9b95a9483382f28a113b1e658662286b3514211865f"
-            + "d73a4002c27c164b6843597c43061870a04cea20906c170f2a66009c0d26f7051714544d"
-            + "de24bf891f412197a7fbff960c774894965bef663d82fe0792b56624e03437888f083cc0"
-            + "a8fd4a7e8e5903730f943007780eb34293b067f0c1ef5de9eb8a15318bdec5365f5272f3"
-            + "0e7aadcca097df76e001c6df0b961bd7c31b6246cca18bf8319bf4b2e65154dbd7b5b572"
-            + "733620e4d551d761c5734d09aa92c9bf3fc2dbbe4b19e002b92b52f0edb5393b67dd0a23"
-            + "2473a7d7f35618a5c9462c97825c0b8b6517cc25b4616eff3b58078ed024c11f08a9459d"
-            + "afe160e32dc3ffa93a044ae8c255d8ac5f5486c28d5967c0f48109ff4372be29cfd9823f"
-            + "128c427b2bb4fe09204c3c6067c9ae32eec726a48a151f0f11b1231f6c035dbefc0e9df0"
-            + "e12cb2a12b70d4b10869861613fb01e1306c3e0c24a9c6fd062c697144e93c3771969658"
-            + "e23560d9a2aa1de260109161fa6d95ab5a6cc3be7f172ac47c290758153858ec8c60c728"
-            + "4f8531913ec36ef5b0a4ad1c4f736a65c01fc7d0ba05c85aabbb2365da664aeea2974c95"
-            + "030f2814e306d2a65ad48a3351976f7f0d6ae5a76adba8a52764ceee9f5d75d1e0be3d6d"
-            + "ae4b190ba7d17ae9cd7fe51131cea2ab0c95a5d1fac27cf2c757f05b5d60436bdf1f9651"
-            + "b0332df834e76107647024545e773f835d0dd41bd10fcc70ff578cce77213bd605eea6fe"
-            + "414035c6c11cf8c359e89a4126b8a5b37ff53805bd0fac7194b3f1c589c158e8c4d2e342"
-            + "abc4a767789ea263616690e2e6413fea8e980734dde9b0b237e7962d620fa7659d46fc87"
-            + "260466be275ac41bd1f22322df094a6509fa26ec1ac04f437a1f9d791d938d94556ea14a"
-            + "5e2cb17e72468a47e98a5ffb4ab6ab03c79c5399a5caa32f185ef02b2ae9b53f3eedeb83"
-            + "3f7b973d442c8d3056fb4ef033d38172f75383cf514bc9df40f6fe12164a2b98cf9fee80"
-            + "f188c64c50d9072efb14f2a517cfbdf0dfe4f2b53288cf035c755d2950b55f07f9499dcc"
-            + "77f7beb1da6758a483f0be38e8799f37169ddb2f9a5128927f469ef90171b85592686d6d"
-            + "ac9e484140af2e14f6c72bcd9f23772a1fb474b8dd8e55b4147d449854a2ae26a4f1daa6"
-            + "b32b5cafbb123b7a6a11fe4670723012f816a490c2b2ff9946015c74bb3cb9e10c53a314"
-            + "a1b61f144a569cc99f86effbabae912b99ab6338d7342534d45919060e4f09a27ca847e7"
-            + "8ec2d21f093536eb93a4040a800e099d1d083d3b006aa5dba975d895dc7760a599a9d220"
-            + "31248837e6ea6d8f6426c2156c516d90233b2164ba2301a965c9e8ae7cdc6890b07a6338"
-            + "f2049fb6af223400e628f7cfde8d21cad5d78ea0459e6fb93ab76475afce487dc8219efe"
-            + "9797da8e4f6f61d8f6f3aa8a88445c226571c41087c9cc719926a2215544e36233adabeb"
-            + "fb6e426ebfd9742d3156d77d32639861632f63c408ffc62abc085fbe563401d61b885390"
-            + "950deb8f9c8f31a69ecf83d16daa4e1f3b22705969aec7d3402f3b8e00ded36c2b83cd34"
-            + "999f01ff7b257eb947f68059d856f6943ffd45294947394e4019e81070f68cad769d59ea"
-            + "ae70592d127195275a25c24886f3a72d7c12d4e89a12d0645996d33a163a42a3b08bcdf4"
-            + "3bb1ae77859311630736efdfaf5000821d5e792af1bc76069c541358bdf2dbe04316d9b7"
-            + "071d4f01f8b5cf584e09ba1219353c09997087cc5da02eccc9ab838b2260079f4ec5810b"
-            + "ce0adc7cd66de8539f89c96753ea782bcb2bdd765f84547f085273799a0a9f35fd6e0076"
-            + "9878fad01be6bef1114be94b5ffc4fe087b9fe82c0558cd5f622dd18f4319f5ea54ef42f"
-            + "14c70be5acb5dabbd09aee864d902185116e5bb5be2717fcdb5e9b7ed79bbce616babd83"
-            + "78d8ac445c";
-        String expectedSig3 = "02e562f6fc4309848d94edc37e66c4fa704a494576668583b3325e859eb7c67c9f74ad76"
-            + "223a4a61b8f9d6bf9f9d64b74b6a8f41f64ceb5c9166787bec71f1c5513b9113bd1b2f30"
-            + "b524a18e34f1d88c54ce45de04ff4ec383ec2bcbe910670c1a8c23f49e3da5d162e76578"
-            + "295f912a532a2da4948a4c110df93ddc5d03d97a5522097181934ec58ec3d871bb206f40"
-            + "09857a2bfb810d4005b9dd5b32da5a0df79c8d895a97e163947fc96792b806041dbe480a"
-            + "83b0f6c015967961173ccff05eaa59284736ef2309792c04acf3eed3b9840c45cc03ebc3"
-            + "37e9a3c7a853f23f9488c91f27fe7440fba480e6955fc32ed4002aed645a61713b0569bb"
-            + "b40e17b64840e9ef40911164cbecb72ac515d6f9b836896fc5ac94d10e97cdb0baa6771e"
-            + "5e8752151db53d32f7b8a46d8e7daf86e47b8366a627e719f5046675f6fcc12e90c1ce63"
-            + "525b98dd9134e0e543e35c3762da18c092e5fca540e302f5025ef55584ce76b4f389763e"
-            + "6b81ca675587e84645b683895aaa9ffe1b3edab4b1e74d9bcdab466950b8e07d837e2d42"
-            + "da273fb714db20162111e7fb76f919f3cb559c02b2631e61dfe3744e712d3331ff28b638"
-            + "cafb76d9fddc339911b7efc4c707d2cdd2c0dca6d503398f304c86ae055ad644f69d382e"
-            + "d7f1e9297f6aa6d8b522931d86cb82ef64de2839abb1d38709ffbc51ccc1b8e1abb8c8fa"
-            + "533ea900a3795c9070d469bf4dd7d570e5e2231295be081ac60c291ab9a2cfbcbb20b032"
-            + "d03beb5d0eead5d5c5c5d6b16efe3dc95a4fe687cad911fb1e67053dae986e80ffd25c8e"
-            + "b17dec708c01d63e279648a9f3ef878a450b60e67b9db042b26685ea4c0781bbb50e22e4"
-            + "e83acd6646afcb50eb11823aab3df92676dcd95c1f75a85eee631f20e8109aa76ad00a52"
-            + "f196e97b0107dc0345970eca562d8cda0df19241de07423a59c139768fd79f62f77d4646"
-            + "e23946b37c1df31217ef5b943ad40aa913fb8b6934921d21136fc25269e047f8f8068d4d"
-            + "226d7e9b20e2bf59fddd2c59ae61acec5fd8645630725ea446803c3404284dffb6882339"
-            + "bd657c1bbf92e959a4d0bc254110e4d0a8d6c83cf94b8e2369c4482686c8c7ffe56ad168"
-            + "c40f769f99c326205cc84ff15ac73356194640633e0ef08a062ed373188593a3f24594d8"
-            + "bb94a2e434f36ae5e14d417276a549ce352bc22911147ec791cbddf2a3f4191bf79b3622"
-            + "1da26d7114e3c167f6d872a80ee39e5820adc14e41e25cef9300df3b93624a183ce0542e"
-            + "c0e4fbfefa2935e036760e7be47ddb99c10373e09615b6201b6806cadb60f5de7e232267"
-            + "7552272a67c45d909bfeee119811612ad05697786df4a56206f69011a3e0865254f1f0ec"
-            + "1826fe0fa3f618045775c5f14153f18f0d07b05df0b08a9adf7426f511435e6aed54b3f6"
-            + "88b9747389e7be5e9ae82d148fdf94f2b6e8469aede5c68452bed66ccd180e806c3f6e04"
-            + "a31cdd6d5b01796ab6d92929a4d553954ffd20c14ed1f0fc133ea7764a9e55a2773b9cb1"
-            + "2fc8f699869c6ad2072ebfa2cbb155182b0d6caba65dc772c394d40f1554b3dd043f0b25"
-            + "e698e3ad1d75ef5a40e3430bc0676bfce6e58dc55a60b16df3a7b1e63d588781f7ccedea"
-            + "79ae8e867d54429b55f3c0fe4975210a6daa5cfd4e83454eb836f23bc009890b74de521e"
-            + "467fb4ac600acf838d933be8ca8b3b31706a034e54d3a2d884eba3181add9a37dafe6fed"
-            + "5b9b1d30869ce814656d5f65f6ffb90b6cde8eb45b1c3e81fbef381581b3c0d6204e5e1c"
-            + "666297e7633c7e1a7559466647919c21702d423ec7b55fe442854223ed8c11e6f138ca94"
-            + "a227a6ddbd969a8ece746013f581e2132baa71c80344470d5370a4ed95b4af0344b9ee45"
-            + "ac4e346bf9ef5464abe155925eb3b6890f865403f01a46974c17eba5d2abac79ec5baa6f"
-            + "ab5729fdf90510498bf2d21cff46fae99dcee62f6820e22fc2b725cece209e3b32920a2b"
-            + "3b7a3a821b52f132e1b4c9539ac2b0cf6dd9e7184f0aa0af804b57a9ee46448b0b7997ce"
-            + "78d346750c288f06a6a7b2a25492405e6395e037f811d724489ed8037cb18b99c2939656"
-            + "eecf759b06033f245586470ee62adeb58aff6dbba819b26b45bfb837f2c2d418892e8e28"
-            + "676d890a4c01afbc78ec47bf56d7d8013aea05ec056b368b5f540fbff2e6a9210a1b234a"
-            + "cbe66934d50b3bf187e9f37e6693a6d701cf038d5c53f45f0675e5112b34f69d7ab34f8c"
-            + "69f569c38acef4e666a5ff9c8b9f4bf5a842e1b9e0889101be22840439ef3493068b0f76"
-            + "2b56f8b1832e22586ba7101c146ce3ae884b61063a39a4e589f655a33b1c1eb5cf304b04"
-            + "92798ac7f4780dc94969798d6812f2d43cfc7b15efaa706cd8995368b1d73b86551cca83"
-            + "5aa6808f56fe42e34df175d653a619a3825ac15f1bab5e4139f73cd555a7319c8221dd94"
-            + "88b0607e9c73320968872c1ef68117f083fc54d4dc4ad87f4d3e1016db6d70dfdc427df4"
-            + "ec80a04ef264e5273615ba83932cbf0805f6bb31fb0d8293912fac764432946f4841c120"
-            + "c32c970672c4d5d47cc2de7cfc0d0ec38304c7dccb04c84ee52781e343ff05a3453646b9"
-            + "d169620c6510b24d1b0084fef985235444eca06459fb3973f4b2c99da58d550adec73139"
-            + "8371bc5262c8097a14f976b56720a51ade182549f082d56d04c8a3ed6c93719b3e817a45"
-            + "8f97fca4f355e6ff07ab38b3ea1f973bce0c94f46d2630309697aacad93b2b252a5cdf4f"
-            + "b4395d457afb5ff490909a915f82943c30a13a108a84767408a4da91c800cf598f5c56ef"
-            + "c62ede9b49db68b8dbba67970a5faba8017ba51ba86d5a006bc3fa9e5a47bf74d9346fa3"
-            + "e6d892816b1f9d2e4bb2336e56403b15dbbfaba890aec7752b7e458f9572bc0aaac604ec"
-            + "19e6205fd07bc212f83c3842a309fb567663cec5b523e045c00df3038c68e212c2e6dcac"
-            + "e900fa2c157c0106f3ac85ba1570cfb92628b4eb2c1c84ef146072e8bf5c41b37e1c60b8"
-            + "09e17272976cbf0e92acd631257c694130a41abd1bc2f55011b2205ba8881d975ef28a9e"
-            + "c080457381753b74ec9fe1175fa5c806e39762836246fbad8ced9bc0d5b8e01ad844fcbb"
-            + "ca79829041b7d09f8f35866204e6d399d905765fb5418c8d3c63fcdf9f289128f2bc09f9"
-            + "20d30c299b5bc47a3d8dea63d74c8071ee8bf96fb535e16e2607d554d6dc6e07cfc9b8df"
-            + "397c0075e7489c9015f8a677ae491220ff0dcd4c700395d0e6e1402e6f093437d58c80e6"
-            + "016fac57f839d1aca29a0f00b9c8d20ef546fe739f12e3023c751daa2e697254b003f31b"
-            + "50e40ffc7e58f42b5d21e2dfafa0a597581a6d7b63a3c739281757d3eca5293cc3c1b79d"
-            + "62c780225cb43be7a2aedfb3c5c4b542a35850c30750d1f7c3d540540df1d59463c64bbf"
-            + "e3c3ca113638f1fb2ac990d9d5feac436883167965d400ab27841b6d7d46be336d9791cc"
-            + "8d11d014191ab9f34938bfc216e1550db88bac59d74329fb28d8341316d27f4d57f866a8"
-            + "b2e0328d4c2aaae9b5c959834c6aea11ab16213281264fc5a174ad929188b1935e022ad6"
-            + "127be1b63de723aaa71c839fc3aa8055cb56bf2d37730e2e93491504de6544eab819f27b"
-            + "62d336c6c66f02308c311afffb8cc0fa4f6008336a1b8481ba9bc381d511cbff3e8d2172"
-            + "fed876045ce5067dd1ec159fb74f3d6f40e7199e4944cb8cd1e3317ab53fbee1f7881ba9"
-            + "a8f1a5f4f878ef38cd3d99f6a1efd556d56eb272aa07e32d1486e3acbfa72a1e83a839fd"
-            + "eafb1f7a5ba244b3f352dd8bf626751fa78f6a55abd4843d034132de619fb5196567da0d"
-            + "9516c98bb3c25f58d72bf63c9456bc49f1a47eb471a17abac729e1a8c8741857e4e206ea"
-            + "91ff3ce7b57aaf4abea35dc23e0bac069401c206b74f8f927b5cee864661fc2033e21a42"
-            + "f40c70c31622923a7946ba1edf74550661f2b52a85c573cdc336aa9b956e9af10fd1d94b"
-            + "15773c08ee50c9ee6cc3d6d3af4c928542308e0a211b06c21866cc922b787df5cabb5469"
-            + "820d731040ee2a674cf3a41a94dd6c13db9080f7165b71645a6ad30e1a6566b0d52896b5"
-            + "aa57461b746dbf6651a9a27dc7ff850d25137821769a16520e248cdcdc914c7d9e655b66"
-            + "821cb2769b76a434b6c8d26bf624fcf346d2b66d95d9ed45e6e5e93d1df6641a08f304d6"
-            + "cd2a6a1e842325f68dd903f480fc0808614fc2f89bb1bbf4d37fbef451980217f35282f2"
-            + "01e41196af2d5829ba07fdc67d6f62edb11bef2d970001d43a69d62cb2bdf76c5e9e5fb1"
-            + "4857d9297e908f5fb901a4b4d8b43fbfcbfd48ec93dc8b9b6feab6c1af6661d7a06e4cb3"
-            + "e7e4ef6ddc77561119cb08bfbb164c795438a95ad526b5d115f62c500ebd906938aa5caa"
-            + "7f5cb604d7a6c6e0ef360d57583cf55bba5fe162059f58f8623bc3f25ef4f9d63a4dccbb"
-            + "6e33485f89bdfaeb0ee58f5c0fe53c39ea04547631c85d4ad4fd76bbaae5f81c926f5d1a"
-            + "2d70354eb59b8e5401da6372e614d8ae43b8e91adcbaa8819e68a56894f23673902a8dd5"
-            + "317c22ee42ed2e8d53d0447798beb319a4a3a37a9b7a32c80c068244c24fb5ccbc9838b7"
-            + "7158895d663fd71e3777a56112a59817d88462807bae4f3407b227189f6ccf5aa33f8b87"
-            + "18f8a7b400ddad605aaf9b2cd8ea7ed6d4da4e411bc73e6eb4a9563f32b2b68f788faace"
-            + "8eb18f1cd8cb7436b5b1dc764f275f5e8fe2bae94b4a7ef7d2b6d526b1b86eeeedca6de4"
-            + "4441f69da5ba6918b75517d0ae6989a34ccaef091da7ea08436848662e7cf53eff68ca51"
-            + "10248046bbda2c0c058deb6d53f7b5682adb72b9f36ab7e02b7650641acbf4f571c0f4ea"
-            + "e57d0ab3b38fac344f9491dfc3632b7eb5926dc183ed88efd1eb2808e07ef33dc9839dc0"
-            + "313dd494048b02a08fcf227abaeb42c136e5d487c1a5e5b62b00ecff9e5311df58b27983"
-            + "52fa900f2b50b4fdbedeba8041f321e460617b8db4205631fe147c36c51a39f26268b7d3"
-            + "6f89ef7de30ad718b85970ece7cff36a611c7a04becbfa2f1e7b73060519e5d68c63ee51"
-            + "a4b096921962fe28de115cfc60cffee4d2d5db32cef1c44a8d6b929595c737b5022db55c"
-            + "ec9b49c1c07063b544f59ecf5f4e2360776025f63238faccff61921593dd6b1c04fa92c5"
-            + "1451a76a80c17f8d39d81cfea5a14474c88c315870963575c2bc52b274abd0021365e635"
-            + "125d80997c4a7e92ae41cf9c24cff337473118c4aea7d8e9a00d420e620c47e2a79e9694"
-            + "bf709c7b3771bc71d0c1f1e788c8c3cfe07ed0a75c423734f7a4c2716366d0d705c115c5"
-            + "4bcaa94727876e25fac31eb0b4d24b4a2b610d54a594f3ca0737b7891c1bbc7e131932fa"
-            + "f316133c3bc0c8c024942f118a5e45a834a62c3c3666461aad4fa6367297176af16d97de"
-            + "5843f98a87e41d09934b7f4365c4413b861396c7e94dfcf2e33b232a2b96a10628da7cc3"
-            + "550d332eff6314b8424d6b8df2c83d7396d961f07ea4c401998b471be18dd99966abddb4"
-            + "bf5a37c125192d25778ef66329f1f086c83bf5dd7ddf1e4dba7b7aa6130da4eca58b0f9a"
-            + "07eebcb4019055caded4e32616b13c6b041d459bfb4c7670abf8100c5e30dd001db88f01"
-            + "7f7fde72ed9da6928fcc4a73c8ba622b8650555f532f83d8c0266a79e42df4d9ab092ff2"
-            + "034e1abb081b25e9616c3b7f0f9913ed780eb1140f3196420de3721afa4c5d9d3aa43eed"
-            + "6e8e03403119dc23f479a0dfaf42c71021f995ac6d4f65dd3e3f97f8961a6524ccd9f6dd"
-            + "0a14bfc7ce0ba0b8e840e4ba1c37857e791183483dfa73d9297dce10ef9524a15235513d"
-            + "8a77bbbb9b33d69cdc89b3679cbc6c6e2d75613741c91f2ebae035135681300c64e19355"
-            + "dbbff4f29196fbe0a6a993db8744c8271b487f1fc6bb85379da5ac8ca59e216477308554"
-            + "6c535298c9f6391e0062f92caef958dd6824a688085793169fd8422d5abbc0d65acddde6"
-            + "51f0f3ac2c69daf9729daaba52a87f46252a7aa7a70cc3cb16f855ee31e686310fc58496"
-            + "3e849bb348a0ae5853525b6bbfc23d34296cde2306ceb099174a5a42bb2a8b614a774af6"
-            + "740c50afb984ba2b6f33dd66156b219a4429c79e3ce04cf3ea6c5849c4e7aab55d8b0be3"
-            + "7567f7c74c0e2bd4820de4e4b0c16d2433186a246c651a9bed77b82f4fa606a2f20f2a8f"
-            + "f95f835a389a8b3565065eb0a67307921dc2f9952386f5f0b52c22365e1b9e2b06eb59e2"
-            + "b35cd988eea585e6813d09de62f8a4bf3609558043e7dd80558fba0af188dedd6e92bb6f"
-            + "9cc3590d541d344c7dee221bf3194e7f3ac21e94a8ce44c98c7ac24e3fe8ae0d6d8c7d20"
-            + "9bbda73f1ac7e93752362ddfa1a1dd3fce76d69e29bef53004c24561eb5db28d38d38e92"
-            + "2099c91e2cb12a24237c22ac0e60611c64ac58f561fedee4b965d7a99414971a0e2d3d6b"
-            + "ef20e3cd67d637ca2bc82e8d4e47e2c48032a215dc26a664d5b7b800b6da6d6322560f7f"
-            + "a3ab57058ceaadcfc50e91d1581d6a8aef99325967c3f32e58782dac661c6d1c4402d654"
-            + "0065126ce4eaf1f0cb1687348087ae082d615c3ad21ea77b0275cbd95eea7f211bc56bb1"
-            + "ccf58ae837f7b31335302d28f93031c91fe5ffbc8a5833ea61191fb0bd8a5fca16232d79"
-            + "cd4357363937db9acfe729f7f3187ec59b5ffe6b518005a034da590c4b5906f4631348e4"
-            + "46f98c689796cea0d51943f3ce527f4960cbbe5280bd11dd4d461c68e9d73a5bb69fae32"
-            + "edd855f8badb7775e01cd25328ec11a3d272357a5984413fd9a2328c67318655815e21ef"
-            + "44dd05d9cbb0cacaf1e44f2917ab7bb1d058320cc85e786f27257b0dce3ffe26d38267ec"
-            + "8a2a3d3742bfa0bc66925e6e6e18ea232ca426334dcfbd832b71ab3ec51eef47fe88929f"
-            + "f0baa4f519cd3e6a08be80d5c74e5fd31b532749701bec45a129989b8b6bc8ee4d36deb7"
-            + "95dd5df06a1d5eea53405910c263fb17ade6d2b244a3c03c5895ab085f705c2d3439e958"
-            + "5206db3960b0252d12eea0892fcd7bc706026d108c765eec62bfac281bfd717ee2994511"
-            + "b1b86f83ba99bc1712b1ff3f8594e2f47ce78f4ec2373806c0d9ca9ed217a708a6674316"
-            + "618e77d4d936484df25963df0247aeb8bb466850e57bc21ba1526e086e41279299f163ef"
-            + "4ec8a8331241fec26eb001641fd5ee8bdeb0082ec013b019cf90782676d9b8e5b5ec63f9"
-            + "22f1fb489a57d593e4f93afc0fa725aaa06feec21b3d81e38f57a30fe473a90efd043957"
-            + "dafa3f121a9f98181036adb5d4fc56635680d8b271ff01a948f6bf9d924e11dc6ab8e341"
-            + "ee750a68d9c6e46f92edbcb4b665770980772d12da6c409286245142fa55c974f3b6cc35"
-            + "776504558e8307b1a0b5b9b68052a19a7e7aa9a4d7032f1173937453554b8a192115ef77"
-            + "b8bd7951c10889726c5bae9cb355692dd30376267a36c1c50bf854379529e68e530dec37"
-            + "39a185dc56c28f0e8f77b016588c4bd4106f2c445f340c9ec4d8f618f7dc1741be067c56"
-            + "89c79bc0b2f8a73eec36ab8fe4d69a9f12c179cb657783f379b4fc2be9b036171ec7fe03"
-            + "a539eb18c3455b2a118db7c02e44b12093a45f227539094d2c9e6ea94234dbc6e8c393b2"
-            + "454f32365534d5bf4d300308f22b8c04ca1f9d9a7c3a96a5c38b054990d7aa92fbd3cf9b"
-            + "894c2002dea5297fe0dfd03528ff32517d70693c4858a3a50b15663ff1690642b6d612a2"
-            + "645772b9e1a28f1f2a254211e86bc05f0856aeda8aa1a304dc499a2ffdb70ac23631ec74"
-            + "8f11f0ee1dca2f4a865e9936d42a6ddd7a9346b7b622dbc009f226dd85f42973e7db0ee5"
-            + "ef58d88b9cdb7668431d48824a97e58e0c32c6f2c459b33ff437e05186d3554ffd1f2fe2"
-            + "02623b86606be20603b805e57f288fcfa054eca0b9bc1f94070682a34acc5f4e714797bf"
-            + "4a3fc4bd2cc1b4db3fb2bd4f3d9ed4d52d9ddc72b69e213bbfda25915fb945a0e919e68b"
-            + "d0ef372891ce2f44d07b8562e6db1ea216c2f66dc5a34a7ffbe0fea4b3c432fec29ae5d3"
-            + "ada4cb48b8c3bf29e4f61fb41a030bdbd16e48ff48d01c1c418ffefba8d2939f2347c9ee"
-            + "0884672ce8b6b06062ae5b6353c3a082d793a4dd993fb1e5948702b637e0c0564cffdba7"
-            + "cb9b5798ac3220834412cd349330364602348ea399cc7f636a5aae57570459915346ed28"
-            + "601bfa3cfdd64f48ee66ae70af1a0aa3379447d598fe14e3edfd3db7cd36693ed93add7d"
-            + "c16059e312f273ef5f5b39b9a51948a03dedbdc055d772239d28de8f82db2df7b606a2af"
-            + "895b214666a47fa522a953521660bfa82783ba3879ec47ffa77a45c5ee3a244501478652"
-            + "a99279a15de8b60976cd222c5d12c8da95ad3a4cb72f44442fea4978bf92b6866b030e2f"
-            + "c2820a970ebf751d9b94f17c0a7bcc761d2962e481d87742139d4902ceb6e5f96fa91fe6"
-            + "fe58d1a7a2b15b766c3bdfa4e5b381e291148bd7daed8fb74ab5d088794fe231b65b1ca2"
-            + "066f272615bcf50e6b1621b32b6b1ca016e6fd3428799ed92591e35fb60ac7523830a4f1"
-            + "3ff88865549560a87a9f56622d9695533b412e63bae0394e031b41e2cbdc600056ae22c5"
-            + "9ec3e82e84b80633d73dcddabb92787c71f11d157deddcebe71818ba6afd3de15430903c"
-            + "bad44cb00fadcd7c9eb08a201ef938c8ffb6a211bea47cd93a73694247b3cb1f2dfe90e9"
-            + "d25a9c3023a6ef3eaba820c94cf2c518fd3176af9649f424b810706d4117d81b63229dea"
-            + "e1d8d2a0793c1a0dbb26ed4fc36a46dfce85947437aa9873cc3397d9b87b882784ad5f6c"
-            + "7af1c5e70783565b739932b75773bfcdd9007893b85619f5d1b4dd98b7646b3af994c9da"
-            + "b794e02e941c2fd8162a72ba2a77b88f0f6081e0df4846a38b49c80f5d479c8103e9ac98"
-            + "7c9321696e83ee8e1621383502fcddd7886998d58c1136a675700b521930608e4c8878ea"
-            + "fd1126f8f5fd99398ced83f84b76eb2d9c84f748d316707642c428b8dde842bfa5668f55"
-            + "b1873ebc42e97c45fd21bc753a890b67b4b064c99cb6d52685321a30b427b34772053ea5"
-            + "3d76336bcb0541e36c98fe45e9635bcea279a68ee5ee2243b30b506fb367ab2e634b1eb5"
-            + "2d91fe1e68a9fe083a0af00b58cf9de567f39c10f80cbdde4948f945ccfcfd5f086c7f62"
-            + "914450d35286da0b5393d65c07c551f873e163ee3d0839840e748c6a6214ac4b0bfd8804"
-            + "b783132d0860be5b88a366430e4b3af76a39beffd8880bcfe081f5d8a1476a87a2567969"
-            + "e67b195f065b56890681fabb5ba902aebb141fe6e7e254e95ffd3d5801dc4d049b899d66"
-            + "e35fa46e08cd19af79e06ef8a00e211a39c7119c2a9b8a3cc06b8fc97a0b933ed8c719f5"
-            + "d7d21c8e8f4edee86bd00d15198494c22d9279163d8e0aff8e261f88cc5619c1ea165073"
-            + "6882056b15ffe757ef223686aac96c57ad09733f36b4234eb7656c684ee0e124a828ba41"
-            + "3e3e4b2ead074268a5ce14bbb711700661aa79e9c4d8fe419e03c246a578dd42ff880f7f"
-            + "8bdfe1922dcf9fab29456cb76d31920e697384fcf7e986fef1f2554e046a120cedb0da59"
-            + "136a5d316bebd3401a91041d6d3503209e43746b9a3e5ea2dd2e64a15183f5921710659d"
-            + "c615545bead57d72e6336d393dd9a94c8ebfee9de0e1cb30cbb116e770f0464a2972e7eb"
-            + "2a8fda7dbf9acdb4bf7cb6890bf4dd2afaade4cb50e7d51fe4d95235cabb34eb63ebaff1"
-            + "9f242834943945a4c5571edc442808bf49c03e5a8020951b68a430a9eef7f0d660f0921c"
-            + "388ef5f8b0f9874e7ac43d70333de0445f785f7acf090ace53d99301a1a6b773dda709a8"
-            + "a6093ffe2ce787e1806c8803246d6872340793cca8181b8ff93ce29904aade06bbe3efb9"
-            + "5e929df548ed92b0258c7eeb1f851062538351cf6b160e57a69120c0c85755427d4c616a"
-            + "f08878cfd3f96bd52fd400d7cb30aa0a798c0c04112ae5ea6ad9ad9e4bc815dbd01ca392"
-            + "5af21fc2a058e024a91f4f46a4063163c6409eeb5e4f6c2a1e859ef427a0a29e8ac06a0d"
-            + "6dbddd7785034cef0cb492b1f91b296db493e884f887ea31caadf6159f318edf82d63d12"
-            + "923cb7972830c512833a67454da2e9d372d41f5121684ae8b0de6202f109ab1460e81a55"
-            + "30759323300964b794c86c160d49f1297410981b4d963986aa4478ae2374342246369428"
-            + "2a44bc0ed67ecd53b3a6a83fe89478695626f44c2720f8001d9619f72b6bec314d0c1b78"
-            + "d8e9e7db00f937eea2253ca6216e71bef9cc3cdf502f6f99378e024b99fb141dd460f39d"
-            + "669ffc0c51b02ef7a28215b9e42fd1c2fb088c7caf850931e4ea871737ed3d4aa3858243"
-            + "674e593b504f85a200c7207778fb0360ed5b44862bdca1fb6c0ec9cb66114f0436031982"
-            + "61df02104bdc7b112f8d290297f6173f47c2197f91c28d21dc830d9dc0f20cb878d633b9"
-            + "9bc538bc97da8ed9ec80896f52139f7b805fbd1835141e37cabf79241232e60f5a2b8d09"
-            + "64b1f576326cce3cfa5ca53e53108b77e629b65e5359b3ad5a41342eaa58db0a019cb434"
-            + "40d0c9e9a9292d4f7464ead646449b439b4bb2a85454889879993a5145b47202a1782838"
-            + "930e9497ff7829d0c696770c2d4e8701c5afddf3f696d3a9518e9c9b2dc5da018f0aad76"
-            + "39f365c815e003bdad234a172568b2b6b3959bb70c9793fb285cf44fd6f3a41622d64bd0"
-            + "695b01c628985408901d85006fd53448c86a565268ab09cbfa74c7048c66e2ee1a45184d"
-            + "b03d533064887542f553a242d81e3ad1728d05f5d5573e91f758e5a33ff78a34c81ffa3b"
-            + "0fe122f6fd5c64b1c8846b66c171398c042e3622c3d440091552962b95f4dd464a87812e"
-            + "d9e67b6168d7ccf78501a21aed1ee44396ce8b76229bc0933b39d01e8a08d9a46aecaaa9"
-            + "34cd168481ec93ad16f2aa4e381fd750b0242d94d459c6b6b352299de736f604040b0f95"
-            + "2a272b5bb299f1ae9e29f0b38d451c0da39053472ac03c116ea1991b5f287fbb1966f844"
-            + "ccbed288ed5b5643ecb92f8a01c734245d148378cfaae4d858301cf77f5c137b4ec50fad"
-            + "a61f827d926eceeacdae1dc99d01473b322c8b2fb4468f11066634e92865001d46230cc9"
-            + "393554d0cd45b2aa6efdc3ed35cdd84c24ca75dc91f3e7fb1446ec6b0014ac26da82c26b"
-            + "ea7592b9cf83ac4a8e51a5a9281b888ab1d4066e81bfd0376e5ce45549fadec88ca405e8"
-            + "2ac13343afd598cfcbf2b68edece4602f9c3070bdd0fc711bbf8897462f2634e2d74e03c"
-            + "7add73fd31aef47b5ecf50d0c349c046ca3a91019204c9476addb871ab1ab6db4f60c04a"
-            + "31e2765525961889032e5f5ada2cbcaba0ea9025a04fa5e41f0e5c1d27d49be67e4f80a6"
-            + "be0f68402dff4960921ee4c791e689e04ddeea57d896e76fb206440cfdc83cf240d50dab"
-            + "f22906e4c1e276a8ba0fed2241d2b7fff51a8c802873587ef387cff3e75ebd8009d2910b"
-            + "210d07316355fb340dd5e0994bd40f4c71691f25b71865102dd7cfcf3f154cd0a9d25b3f"
-            + "dd802a5d81ae448d284f0979bcaf72f3f5904a19081f369e422510f23c3f22ede785775b"
-            + "89002daca5c8f00e31c0f9c4b2716481d5830269172e3596907aac87f4e81ef66cfd976e"
-            + "523905534c13fd9f006342d4ee39584f7c196f8c6ddf7fc71a7236fd039b8e29c6fa1de4"
-            + "ae6288ae82175d939269e07393cc09f1f502a3099246582d4a2184d9109651bac475b431"
-            + "6e48509c97bfd72f97d66e119f7cf6d475bfa42d0df7d0fc5b3b1bf9621066c1f32a4506"
-            + "1363c3175074fed91377556c63e104186f7609b5a06e4c3902a8404e295929d4d786c15a"
-            + "48be408d8745d9674873c5a7ad4756e41e64188016191e8da12aa4b30238b29e4d784e89"
-            + "50e808931f12424fe4dad6d8cb0bb55e8c0440e0148f04d50b06acd17af3a47854129cb4"
-            + "64dcb3cc60c6ce8bc8649ed48e36c4a10162cd2b3073ba21aca3844ebaf0304ee1627490"
-            + "5f6d85a42276e84113ec09262a267d9ffc08f38b93e244f860d08e6aeca55193b23b0e74"
-            + "8b9b358aadb3ed7d1e2affac941f7be7fa35005ccfeb02929320d8db088245cf16f5bf81"
-            + "1a90b37f8e30c7ee4c8ff0aa018a109e544f5c51e844152315da766f4c19033796bc9e21"
-            + "e981264f9f118947f1775acf373800c77a063be4473994d511c1e4919047f00e988c8912"
-            + "a8647fdde6c3a8a6328698c2619a8dffce9aeb17141ac8262053897bda1e034826ca7267"
-            + "877e2b16d810e9ec95c7f29e3cf9e80ca9b75c3c4b4660b3add09933a6e1589cb1b85b55"
-            + "0406d08acd49a2b2d280801ee3f7a6cc4ba6a2eedc58802e84145c0a530cae752708fbc3"
-            + "7542f0e5021325d4f8766cfd46432fc3a4aaa97e802b36ff090cf1a8a27a4baf64843787"
-            + "d633c52ab63fdb9744e354c0b91d815aaa3e33431d7a7a68a5cf45f6b4359dd96603d31d"
-            + "42f84976daad0f13ed2e0006ac7cba863d082709422694a783ae311101baa0055015207b"
-            + "b7e8ef5aff677af5a1bcaf62a7a485c389cd0c70655868e73013e9776dc0bb57c9dcf812"
-            + "5c0e2d8ff6939f24741f9e8a39a9dfc3cc44da1fa6b997c84b7bf1ca4fb3712760ae4800"
-            + "b3c2fca8ed4b6586c45ee17c8af8ce4cff5ff1e9faf3075128c0f70f7633c3d35c238dbd"
-            + "3e1f83be14a1cc48ee50756ac69fdf87ee0466b0a33b4e385fab0722fefeac403f1694f5"
-            + "ab8b9462da5fb196ac8b0d82414f34c1a8a2cb1e15e5ab7f07dc2cd163fc1444d35ce462"
-            + "eeb62b480a29088da252b8535ec521d41998d616b1ba6e83e347ce0837c805fd81821012"
-            + "c3685d52e4cb0fe3fe9de48fac7d45a76be4d03af4409ae66ee49d31e3d9974f06dc5673"
-            + "8c3cad522ba3b9bb1ec8701fc99c9fe7fdc327e2f6f7b140711ae3601bf1386f83fa7520"
-            + "af94c94c92b2d920c9da0f0389acd4a668e4955fa8cfbbad588c2595378e45e80c5705a8"
-            + "b7e77a605f99ed13b022ed7acadb66a49f64ee4524c8e8be49573c857d5d3266be5223a0"
-            + "dcfb116ef0cac02d03e98c3f4400cbcbb199266cdd358714d30261816a755f176f41d9bd"
-            + "c2b306c4aab7ade8dd3f95939480e4962784531ed583640014829e93f063ccfd345a7d22"
-            + "79c34e461dd0db2fe57929442565ce221b1e1bfaa2276b991b0863333b146f411ddcfd4d"
-            + "870b333845762df5d2b7b8c2b8d41706cedd70dd5a8252b8041046b063785af91e251bb2"
-            + "74e26c27eac5d0946997b425e3bc43f67a88342ac42f3572f887f705ba470b8c87889667"
-            + "50673a1b21d14a3b740cfb2375b8330b6095dc8b527fa65fa0d7c672f1b37a0fe6728991"
-            + "dbcf2350d0612ca3960ea0dacd334b9cb8585665e2aa463829debe1b17137d6e3e9d05d9"
-            + "8aed08974f51cef6cfdb3c4844f5de518cd3b99154f2dbd5be2be4b509e39b59b5cc5aa9"
-            + "34e51df7e9de203b58859ab715abcde6cb29c48b14717f171d3fbe0d2ea6efa9ced3e63f"
-            + "985703fecda75af4244faf58a9af20a927f3c1d51b75255a679cf85dd3595be24b0ff0d5"
-            + "90999a0dede6b14253ea218fa037a688db053372eacece54566aa866f4d62aa97db3369b"
-            + "b2fd7922f384bc9ede485118d70c4d759aa0e6f90ec42201d53ba35bb8da09cad48ba384"
-            + "48bfd10a8454d4bcb275310a1401f1cc0f228242681583d124018b7cc1bc96d4fe32938c"
-            + "414fce8f007fc359064271a8c6aeee66352f2bc28bf3b1fcd74a18276b338b30de3eb853"
-            + "e9599b5178794c10ef864c55f769a7407dd6f782526b2c930f4933d4f225dea3fe947b8b"
-            + "bd1a017dcd28803ff223f3b1008a407cb1f50dfacb264a69a9bc5b3429e0dd5071669f1e"
-            + "bda62428baa18ba9d943e262b74c0b1906afd1b7cac1e8faae2957f0b549870ab284f841"
-            + "1421e97d83f18c2f63e36f8e153fbd657ddecd258ae17692c9dff1710f5f3204bcce2d61"
-            + "246a793157401820abf0c00eb031020a00a639fff7f5715235871204ba234ec53b71d681"
-            + "595abe6ca3c89b9a3b1f8dd808fb427753336d2029437a528b6d4f7011bcefdba9f0b82d"
-            + "69fd792d57fb094edc563310f8819d65981d9ac7dad665b9fdeb73a85c38ea1b6e16e313"
-            + "72d4fe9cd5ef2e17351e2669957d6538288f8825519a7b88601a90d580c006f3995a208e"
-            + "cf6426cd11a1acebeb8878d1883ec284b710eb50ada27ee74238836e75a4fe211356368e"
-            + "4956032362c1b9d4e204d31277066a21e85c30f010ea63668cdaf5ce59759473e167398a"
-            + "34f1cdc7dcfa3b8356d96bb414684a11f24ba9c48f59a1ec578e67a37f80d4ac9414e84a"
-            + "63ea1c8a982e12a7314e24ff97dfa291ab53c24e4f754be45358c2f57c24fde8bf77b786"
-            + "d28ffdf9214018dd255c17be56607440071e3f11b31757af93f9020410dc95308d62e40b"
-            + "ca702c58127b727abdf27271f8a249e85785e50de507421d3c5e37801a250f4cef6568a8"
-            + "3b7dfcf3302d6aa5b4bd14c2a9aa103bf016aa9bf5633a72a4205417fa92202e89a62ce3"
-            + "392005c7c54efcfee818b72ed5b75d2f498842d6a677824b40e9690f495833762b6096e3"
-            + "87113ca6614f94381b0a8f8261c046ec3d904a01fa32b4246a3857128bd8ef35c41498c1"
-            + "38f476efd47d5c93a618d0f801cadb3e1fdf8e5d468e26552b20605a15d9a69e13df789b"
-            + "7423689e1cc4c2db339be4d25c7524abc1044eaf7a45f030edcce4b0fd79059668d964e0"
-            + "6ea23d9bfa8c6aec6f6843e3d6a312b2bd0510111e3d44a7af93705cfba39448ebe7f335"
-            + "1bac301341777fe89823703e3d942c929d2ff567a3e68b7f92032244347444b6ce9ff6df"
-            + "a0b15443b1190f5e182895ac4cc59982a5568aa5af8193dd9f8dc47af44171555a70591c"
-            + "cc43290c52d8634d2e812f733ee6ba9cddc5d81f7aa0cad99a647f5bbe074c6e8bcbd6d4"
-            + "14a594edb11eb9dd46938e38aaba6c679b49d2c0a5abee144f9b56726c86e45b0b3d3dcd"
-            + "8932cb58164d2af6015fea5de32826803eb6dc99a3cf3f7139474f45bbf51238738c5a93"
-            + "018ccb14d3b4a318803813eec0c8027bba8d101e504f5edd3235664e48483236f37e6174"
-            + "6892842d5aeefd92c243fb7c405a3e936b60878b77e342b21de08126d7b4e02144e4644a"
-            + "9321394dbfb85b855afb015dd98eed3446ae00e621390f10758b08055294ec4c3b71cb9c"
-            + "1403351a4cb40d61a35f50b7919a2c21ecc8bd484dd9072ae95883149a1f82ca7365081b"
-            + "359e138d25fdae799648e4b02a1b95a81e7e058681985ee96aba5e069a1b918f333fa2c5"
-            + "5f7b1f1d1bf8bd9d7d12060211c2635cc8b69acabc7ac02689cfec63b2d25414ac388595"
-            + "e701f4e1da96e13c4ca37981005870b34c9b4bed1ebcad29310b69b498b31c3ad8cbccae"
-            + "816d853014f774dd22e1229802e3c7980023d0c5e37f1ce932268752ffb6c727240ca013"
-            + "e5431adf691432272d30b360dc8877b4319d201168df98e33b223e1a82cfd79f3c75b514"
-            + "bf79ff43c587295a1a415c57f57fefa1c50cae59641c571d327d6a1caae11b99e16df8fe"
-            + "ebbed3c02d7cbddd3e109a0ec6b139963a7050c6e5e0ada8e0c5ef4ade68446dfc669a78"
-            + "7e48796be7a6cf9410d87899bedae7da22f57680d8e2d74fbe7be6867ded1bd291d26a94"
-            + "0dd9333977d5381ed2e7821600c53c4dc408601a93c57308a1595a7f4ef7bfd1d6f4aea2"
-            + "3d43e69e51c870efacbee2566b1772ac9df9f446a0796a0c36ebf7f6b7871fe2c25a5efe"
-            + "878119a6f507931b13b9a878a72a708ebb2ca1cdac93314ce5bee6053d986fa2f3c47fde"
-            + "fb81229e1fb433b18af563fb223369e036f6317d4b0803ae384575cbef4af81b2ed6430c"
-            + "cd672f6c76e1a8f31b3283e53a44100123737eb064b15241891d05584ae1a0e70c2ffe05"
-            + "0616e42beac9442b643682ddb3ca31c290be1e5e9ea716130df9e06ebb0e40eacb1d9adc"
-            + "26b957baf60d228028a884516963e133126b87599254a63d50ffd77f269774a210173a8a"
-            + "d1a661fe8eba3510e653d6a585f116938e5aa127a4af2b5fbc16b910e2071148d4509796"
-            + "9f06f0db0de5c5b8bc552e3f30a499de8816334fc1626f3bafa76162d952e13d9784dc24"
-            + "7a59d404d44e79c8c89edfdc189c5635d064ac48d981ebba002b2df5cd4ea3d35b5d3934"
-            + "7e13ebb7c442d509ca1661c471558951cf798ba69b7b9d4bb2d560783d2951cbbd7c0ed9"
-            + "e3f21a08f87ecec47cfc8da0c6884722de3630ab64a7d3dc2ebf88f968bd67a615e53f6e"
-            + "d91b60b8755222a25633a62d338667c87a47f8f8639f4058e03b2e36ce773d9e98a65178"
-            + "8a7eb7a5e4dfb54f3e171d74b989356a279db93d6b47d00bd2bf9963692cadf24dc42a44"
-            + "252081419404aafa4572a163a760939c3f31af66c6a8908565badea9b0d3d0dd1335a004"
-            + "9c0c00d12b0b834792c762a595d5466c1d7488af7de961c31a9c7cc4eef0fd1519df1efc"
-            + "1123dada8ae5bd7fb9e46db529e27ef4e71bb4b1d8fb54c6518b067da95400191159c522"
-            + "35f0c1722f79691f87625d8fbfe91f6ad9e855d751ec54f6c52da0640a6fd690a75759a4"
-            + "a97cae98cc194129493545ac2eb059639f80689576884a192f4e0ab885fd6bcb05aa7fb1"
-            + "c0fb8b6335ada730b93498e38f533495a4a79040963f9a3619373d24a8e3bf5c3be7579e"
-            + "eb5e172fc6902fa8489e02f10ee887d35bba54b0ff9bfddf2c8bc4e507af43be4d76e979"
-            + "b8dbd8ae7118b9c9e4b3d4cc8348722ad994bd1a6e3cde2dde3e58ae84b9b4120db838a0"
-            + "9ce71502609596ec75b4037ccf9f824987fa6e598d4804d82f458e63a17ea7efe65840bf"
-            + "4ba96dff3bd0d7911fa3acff7a6189818979d3e1f5bf04fff188342fee0516611188f848"
-            + "ea15cbc8cc8f5dc241e24ce0a6320c5a0081594f063edd535cddec4b0d86759e5a278b36"
-            + "c16332b381f73bfeeafbf1df81fe39c3cd535fb200c05974160483fb9e77f95ef10e3591"
-            + "28fc41fbc2242f164d285c0c9f468816d232be049ca81c75a3c6280768867f57096017ec"
-            + "1dc09d1b5e8893ab1e117d4aad1a1d537226c40d3576960afe42b9f0512f10a81265bd91"
-            + "2619c9c93d21cf37db48ce7676ab8452b9bba286ca9c98153032dd31e485999771c59c2f"
-            + "2de66d79b2a585eee527bb56aed5d46f5c4a93bcb4ece9b160b0a077ae4156413f654b1b"
-            + "855b66e55fb844cef804e382d875f1ad545e16ff971a2e2eb5351bc039fb8518e21e76b9"
-            + "fe5b7444b20e3f85a1376b52f3ca9ef183e5485c9aee969d159b4e1495acf04abfa33983"
-            + "3289f5d888c8d424854484e04039593eec7789dd357c55ab287cba87fc45128d761e2d8b"
-            + "6435289f443099392a762beef20d7fba97cf78f80d5b964d84457e3bc04ee9b5ad4cb6d1"
-            + "32c5bbd48529495cf2171b9572237558f04bb813ca067ecb12126e8f4d31a2d1f2582a5a"
-            + "36ee9d9052759956709c5f6e9a45b526ce28a2e563dbfe068698bc28b05af99f48e9b3a2"
-            + "7abc43a692d44c8d1221e4b3d83cb2ca95871a577d8d266e518ab0a64ba9965e7582cec8"
-            + "2d4852f7895038332f9e077935862866fec64e94a929e00dd3187919c84f63634f903aa5"
-            + "f209a53e3b96ebcff5a60711b70ac2f5ec179bbb5a0e1c010937d61dc03965e55e71947e"
-            + "627079151ba0c7e0ed668b2432ca24ff7786b0bcefb4448b7d5e962702927f500ce4ef9c"
-            + "dd630347d547de52af2e78ab30fd7d4f1c897035025086354aff0d31b51cce3f194435ad"
-            + "2108a4b49603bf2409334e02b4c4bd28f9b8ba0fda3f43da5bbf82bac2264f31a5877feb"
-            + "979399c9495f6d7fb407d661a05bd56c2f3cb7b7bdc4953d00d84eff7fbe63fa8f85bb71"
-            + "1ecea6ce4dbbe5e51fdb154fecd28fd77657a1eafe56dc718010d37cfd14ecb6b830f5c6"
-            + "26e59b4a1c14cef908d49a1cbbeccb68b55624357c8b29fe0753aec4eb39dbd388be43f6"
-            + "a9a159e79dbf1d54f4a76c2b6cefbde271fbb292a4fbbf1d7845f5e6275b9471775340fa"
-            + "c6102edbb4cecbbc86506d304d785d0f56e0372b7b49785926243347ada241619a966abd"
-            + "9fed990a1216e5ec6827cb723d0485dbd71c56f173a3814f28a658aeac33869da1dd5ec7"
-            + "b43ecc2df9b132ea802f12994e04239fd2135aba78c3c02e919e9f10c90c6d21a00e27a9"
-            + "44dbe164c96e35fe7f52e75c1759f1e1bfada5d50ac9c06219834f2222aa2b66446c6f18"
-            + "6bf80f7a2af1b5d1f1730b39e42334969a1464ecaef9b2b4e368604e7c472358c843df0e"
-            + "ecfceacead2d46a986f930696aceec459a95694f2ca6745ef340beddce1276eba5f2e78c"
-            + "d4cc4fb89bce9fffb9f03f374c779a69349d2a03b4a497f03227d8aa9194ba18c5aa730c"
-            + "f1e70e1ab5440566dc095c0d084d1af1337fffe3f35ca5e6e7bfdba8c66e0a3e4790128d"
-            + "1e10ba6bfbc16dfa4fc9de9cd1c4d5f89f07fbdf6f2075965d4ab03a61d3fcce0f6cb134"
-            + "45b8121ebaa22774dc2f3cb3d1b3dfa00a2463172b5678dfa47ba9d58b0ef9b88791c4a3"
-            + "76bda6b0e9062dab8074ebd760476bc7ff3620c4dc7090650059c6f5eeff68133755bc2e"
-            + "afd1fbd419ff407b624d4a0ecc886c5069726624570c595a506fa41a2c2d9ff3fc3c76cd"
-            + "58c0949c458b032a2698d346f18a2b22b71b36a17abf6ab78646be0a68585ab876645c43"
-            + "797fb542e059ad109c251877ebc5fea65ddf1e3eea7a708b4ee535bfe5643e9c0038204d"
-            + "cc4d8ba369a44c24d13b9c76d41f333dd3133f3cb27653ec925ffd2a3dd29fa4505e5973"
-            + "272e5fc4f733bf4c743a3a45f750ed8849bc880aacc5cc9d4fb31f22dcfd566cef92f3d2"
-            + "e3ebf4e6f24f8acca855f03642b131c6d97f76b49ada593753cb0e2dc66ffaedf9e0de40"
-            + "da97423de101824651faeda3335b7c39bb84ba7f948976ed559071a406989f6c527c9d38"
-            + "a10c7aaeb1e326b05b14c328e18446666cce1815915bf76dae46da43a616e883664b4947"
-            + "2ccfbdfb249061ad8e4ed23fd2cafd21c1e510b2ef816171db531ee9dd6059fd042b0dff"
-            + "3a1d18aa7522ea6d01b802535e4221959cf82c06f694598fd392929897d17b04a171558e"
-            + "9aa0ba97a9db9e8d137a19587b02bece5d6652908e2c0abfac68d45a9d08d11a3aef91ea"
-            + "a357fd876ea9147c0aa5630693cbb1a2669cf957060e5793b146f536f1985defcdaee12e"
-            + "136e62e79ec77aae6fce97097355bcdc6a8cb21813b6bb2110e4c61a538aa11a36f976e2"
-            + "0a2cd8270deec1c18b7f6d91f384b0c8d21d676aa336736e2b0cec288a68769effc584fc"
-            + "3255b04229a4d67a69cbf9a9358e4b749c861b19470afc707a903a58f1d0bb19ec9e87db"
-            + "857c36adbf7305409653e52d0b27c0e997bd2412cc8343aa849eabc5856bab036db2c27d"
-            + "599a953242ad259cc2eca8f421fb6d4557d7b486c159184b246f1b1165b7f6a0a7e1d4ff"
-            + "56267b3b862c8109244c1f3ed4869b2d9b55ec906c49d5b35485eacc48a9454df757eaab"
-            + "fa34d0c0194e423dea18b473bbf8daed12e25347ff8e96b7501f176126e17157bd515023"
-            + "a5cf43b012ec3f961a3f23d7912fbc557af413b4399aa3f56adbf8f95a8122cdd1165781"
-            + "08d456835219049b23e6197033a40f92edba4b7cc63f2ee43c80172377c48c8cec88e8b2"
-            + "7eebb0f145d9ee0dff64eaa83422ffd6eec479b4dcc8f463fac228beab22ef403569dfa9"
-            + "b713647ab62e86fa6eeabe30af2e65d237b8bc9d5bb26cd3b18b25561f51cd091f91f4ad"
-            + "4d66432ebd444ce73924f7cb261df6f569ec5f354bde9001af6dab0e027ac21e85ff5db6"
-            + "28a50e5e8364551e62771c8aed96ef1c268d55cd5e9df8ed294fc80ab8d6910471a30b83"
-            + "688aa8dbbaa00a48a6289f18f0777dc55fc278ab7589e8f301002da980b315f98436ec07"
-            + "c7110ccb098913c5129bb86d9dce2f87c6f8511acd5919fc5cab78685f84cc416e2823ea"
-            + "9bb515c5ab1ad8402b18a946c6a68345a4144fb55b8fac05ebe6ab344085bf16f2e35589"
-            + "7f8a940b06fa5eeb22daa6644d24de552c8de956ad9a940e0c1df5bfa7622da1c316e264"
-            + "b0675c606562034c544a9f5a7c87081b49ed707917d949809f70d2871fad5e0cbebdf914"
-            + "5d7e59bc8d4a2122b67c589b69d5639db422320c11c48361c61217cc9cc65a3f68e7fb57"
-            + "da9c56960056d51b368514873cea56ad9119ef0ddb651e27a7383a87b9d82f62fa2141cd"
-            + "9cfade1180a0c701f95898e559b13235b9bbb7e307623e3239278477e219350382c1ff34"
-            + "68d5d0660716803089e2c82d643cdf4ffcd05933a197585a1db24facc791243aad9cf812"
-            + "4324c445522583d9876bf2fc490743e878419991dbcf6bd0d942912f5acfd6eace6333fc"
-            + "2ad97daf41b86ca8e080b045def649d9a80111b9182b0224e10012397d7cb0b266e6201f"
-            + "d9d4746f5525a55f0167776ea43013e1222d2cc22ff3bc5c2018416e694f1ee8984c4db6"
-            + "d8fa1857e6ed19d55bfd54f958fd115f3b1b8678b6d45f142a587c073cdaf312ac5824ba"
-            + "35f0aaaff84b17ac7d02a425f42f63e259693b07cd6830ca859f1e350c4af4f77d8f0c06"
-            + "d99f81e9efbc881d6964f08ab817be076cfc297f41d44e775c43571e4805bc162ac7f84d"
-            + "8a965f97a083df143afc49dadeb51a697b4af2597b18bdddd831d8a091d1c5128b29f228"
-            + "1af3dc5fe7310f2d4b35db2b6384b1b3c706252e1387e73d06844a80cbfe2b48898be26e"
-            + "54ab22733c8d14fe5a7c118795f1a6749493e02f2f66ee274fb0d6ad05404fe62d7a03aa"
-            + "880a6c837bdde15a395900648624add8b7198d8ac622812c132853b919c0e36474da74d4"
-            + "32820cb1a06fa191e26871041327b7df3b56e3ef1dc1e6b4b4dd2f32226277f945bce242"
-            + "023aa821f8e80cf8c5003fe98e4459168a28e17143828e8bd156eae591f29044bc864bc7"
-            + "fb58af4158b9b1d66dfcb3e07f645ae8036dde82722d379e5ed0e0b5f2794b40e9b6417d"
-            + "cb6e97786177740a3d46a16bdfef921277f52bb06843730ca446cc0e243f862d77b0249b"
-            + "12a619b47131d1ef7a7537dd2d77703a19d87a4388c89bdeaf3663c509d00c4816a55b61"
-            + "2a0f286c1c9c1fa9619d4dcc1d09f71441a1df4164a63c916b8ff8bd9809051c319bd122"
-            + "df02820ba2bd77d03a14726c3aac1cddd5f005084a83f5c0626ce4dc43fe1408eb859bcb"
-            + "f0345c21c539e3006318b242cd230771be2396b9b7ad9fb8eeb2004f2225c2ec2399b88d"
-            + "474da1efe75c07a55b201cfab4cfb8e77c0bc56aebab0ac5a45c7d063b06f437a67dbf82"
-            + "f9730748227717318b1d6341482a78da8a86130e31613c05b83dde8824605d122e0b0801"
-            + "99167de5da04e3f5505b07634051e3f1918c697cbceb48298d6bbf3cf9260939d7b71ebe"
-            + "bac6534d1e7cea242bb11ba601250b223b1bd42418d8ceca6dd4f01f31d51810a91139df"
-            + "04885babaf4467a2b6ef2e82b711e5c4323627d37f062380cbc001d52524235aceccb2ad"
-            + "a17444aab32bd883017e01a17b75262dfab5039684dbc60954431333440ebd9759b289e7"
-            + "af303a86a4a88344770da443364f59066e5b659ee2b2dd9772b21d230518b93f61ace293"
-            + "26792e93f54d61ba59e1f02809a67cefe56e6277909d6157b0af330b9a792c33f9a2fcc8"
-            + "284a13d3db514e6c5b064db33f290b99ffa57ee61a474b4f18724e2592c09d917be68225"
-            + "67ca7e603e9d05f1121bf8aeff4b16d1a36f3da0453329b80ab6280c2451595303b8b50a"
-            + "fda467344f6f87bbbf9fb761c055ab6fd4b8c91f80e35a4d42a54ccd364895890556d868"
-            + "6bac4d85cbd86cc5b7a3ec98d5019d52da251f0e7d348b3635f0a9f73e78e1428b0e7d96"
-            + "9147bf1f24d385f89e75e283217a1c60a40cc89a678facc5611dea8775354b8d6f0319c2"
-            + "c9d3614e49a09390930c7b93304e0b6b0a2c3b0a4dd78f39a7ccba8c69ae0abc03b96860"
-            + "f0197261a82b1892783f9aa94a195ddcbb86c9ca7fcd104af64694ad0d67d11611d2653f"
-            + "6c09433ce59d32bf523e30ada9813caa872b1a19fdc152ded2e954dc42a80237ebd12a86"
-            + "69d80e88a1fd9a653183e4bfaddaeeac54ea0f6488930e40e01c1da9ff8127dcd6468e70"
-            + "4f9a8b3f45cc05de1f8f28782720260d9d041f70a4bebe18a325368916c7230f54207ce1"
-            + "74b6cc16f9ad3fec29c339e7b40c6a12940f5ac05a30548db2c6a19d1be98640a01e734e"
-            + "d4186da54d7374b69d090eb8fa39a207209562fd0c11d78fca13bfe6ab85808e2ee558c3"
-            + "1d4a5ee295fb8ccfda5c6842914b7420b1ceb372d312d1bc29bdc50a7b32729a9b1f3662"
-            + "adf915a089eee2887de1140519d0ea8ca394cefc2b7a658a0fb3182275f0a78721bb643e"
-            + "22d4b8c77ecf5bb8327309ddf1169a77b0a0111b9793d3a3da376d843b6f218638e5f690"
-            + "a79c42618c5f1f47225400798cab6bf1877723e330f06faca18fa2eb089f1d2118770b06"
-            + "83921a4dc72e71b766f240beaa70282ccae49142bfc6137109f7e6f770df4e0c99e662a3"
-            + "ee0ab897bc1182a082e7a344cea94a12f7591c681b84612ff4de370544c1f4341735d354"
-            + "05cec6a9b863f666b528cfa9f6b7dcfdec7777220f43a763b68c45e186d856cef1829a52"
-            + "d7735463ff890f8b23434a062c2096906874acac493a7ba5cc658a06066e9641fe35b6f3"
-            + "04f047b2384b8ca05167d6a6fc5fa71e52a611ef7fa783e07f4a6b9eeadf345996d39096"
-            + "f3d1801a40f61456a1fbf9c6137702383354206bfd6dbade4a6cad7cd57f99bf1522fc25"
-            + "19ce0af6b1ecee27ab8ce4cd25e3d519d1da0da71393b046b61af7c9d1881e820b639e72"
-            + "59a1da72ac3951a067575e6f6cbf4c23453933adfddc5f64e838e67eb2d16137c72ac91f"
-            + "ed7a7ead716233ff0fdd1e3a0de867a61bd2c77d237d89dbcae503632f6aa018e4ecd2ce"
-            + "1f2c9bfc562b49d2585c151f6463e5fe82690660ef5f6c5de963a0a45a26231bee4b60ca"
-            + "722cf59c5f81cb986681893900e5dac26892e7f33c93802770cf8302c0679fbfb915850e"
-            + "f76cf2941f60e0561b8d9224fb72b3cd78af28ab02fef100ca0b6fc2809248990f9efcf7"
-            + "ec1743a512658ab36532d2cd19e441a59b464ac5c630a334531246954f970a6fdd8e16c8"
-            + "85dff3638e8bb61f9dd286f5babde8bdd624de1bab23c61738d7fd68f4ec36e3f269cf4a"
-            + "32abbf13ccbfa2f45b63386681276a51b8f2c94157b65582c633190ebd6b5d79761ca5bb"
-            + "862989f257cac1cbdb02398707f759b1e1d05068ce12220b9dc74fce62fdd74e0468e8f2"
-            + "2b52667bdbdcaa7556ec962b1988e7928c637623287cb7a3150988678044e3633a62d7c3"
-            + "63f72dce96c5967923a02656c9cd01e60ec494bf545ad29d875c1e953ea121a465deb5cb"
-            + "7cc2b11480779d6003ae529724e463b84a3d131cc9d9b083cc3f28202578913e8571a2ad"
-            + "691a1d5e376695ec61bfbf8d23d8f9c33d4592dc1d3db9a9809073cd7bcf389f73da5c16"
-            + "9776346b0a4bde33cb18bff16dd867028219797e5cc1ec3ad32fcb61f4404de0c520b78c"
-            + "1e6532be83cd16cd079f919facd9af2078099c3c3cee372052a4e6d6194695529b3f006f"
-            + "d4bc9098614cf60b450b13c677dca567c2a3aaf2a9a958613a2e03801d8ce3d52e660bea"
-            + "f946e4510f8c1d69c6a169290bf0450d9acaccfd5f9eb9c96cf920c5e06ab4b4ec4644a5"
-            + "694e3a6a6c6c464eb03f1a73aa213fd335b71b50aed725681e03a7f0bdc5ec15048cf673"
-            + "826cc29c2473148a30c37e288569cf821d5b396ebc3a2cf53d43e020ebd03c8409e19f97"
-            + "609ce2569df47bfe74a83e6121ee26e12448ba0ab1f9e89a93a1d31ae520289ddcba87db"
-            + "cc3714c6217521c506a1ae6ca72c6ddd5730dbe1547daf4e9c35f264eb587af33da59b03"
-            + "fa0f4896604ce5c2c84d8c6ef8e9beed22d12374591725b01041035e4b568525972dc371"
-            + "62b1b18ddfab02539dc23bcbee241823135589d43c3d5b7bceb5fd93bbd3c0d48d0a2fda"
-            + "9869c5aabaeab426524390287a3eaa085dd99bd17610a51d42ec345ec21478dd66a334d3"
-            + "dd27fe005a687a303cc453d0545942110d18b259f651e44726b39fc297fcef9ddaf8342b"
-            + "855035593f64500b52b0b98b1d7afb87540034b1a2c84452ec149d17c6a4fad14e49a20a"
-            + "8cafd7e9d07d4b73fa4314abd6b5f338ef4b0b093230af54b51bdaf6af97500698d55da0"
-            + "ac182d937f07e680567bc2ad1e6e1c955d6244f563c9ee7e8910a3d9ba860cbef5db2018"
-            + "86e0ee6aa33d6d1419f1b48e92b7c85d977df3a0b6b0e14b6e31eec03cc40af606d26ea8"
-            + "5a5f0f52b4ad67d430577dbcf4d1935837a3e38e28a11748f657b47e3f68457d585b76ab"
-            + "5a90960b723f2155731dbf5e38f535a7f60eaa532277aad8c76484937f9d11a4e1e137ae"
-            + "f78e6a0adc5d5412cf59818634163f908135c16d987730075c67402cacdac94cf648c3cc"
-            + "fff06ebc46e3b2dc36b3d823174ec5d9d376e015ce96a2fb08e91096e44937d400c674bd"
-            + "f14ee6b779bb392914f0a80a7c149f4814f558d3fb3a65dcd260b11dde6694edf3438385"
-            + "ddb9732ad881b0100e0eb29fe4731092486212e10c035f7eaec3b995d738d9e2160fb86e"
-            + "960ac872c68cc9e2bc0425149e504ba1b169fa1e7bba8c6ae38a1f071e39e3009677dedf"
-            + "f10074c200ca2edba43943f04c8a13c92555b37a58273c512dd63dda564d0a076c96fce8"
-            + "7b0dd062905c5822fd40049e3cd2744e2ae39ee8b9a0aa8e7982de9be9444c82ef976764"
-            + "86866fdf74099e2ba87e466e54931a7856fc91936552d4b5f049dc0f1f0305a7345afb15"
-            + "a376e2505278ffc89e95615cc0dc5e88608f607d7bfde381956db0a3be7d5f738c8598a2"
-            + "46a86e316ec6d6b6a09390cfb15814518fd83f1d05b8571d6f90b09cbd7c6709d9f77af2"
-            + "a6be1e8559267591ff9b07c4ea4f9000b73972d9d70760297ec6293e9e3533827eb4675a"
-            + "9eed5009729c77d9be1505df463b65f2960ee2710e17704d4217fe4b436040ec6d506062"
-            + "60186a1863f3b3859c67832c31d7ebc7b4787ac37cc678508247b65d0bd921a8f01d6880"
-            + "113977ff46b88ddafd527254d1781280622efba0c9278b23ce3364eeb18150ed927718b8"
-            + "21ae8ba9d0f10d8f09433663cbec591aaeaa66605317c151dcbc78fa590e9fac9e903b1d"
-            + "4c3aa3b6dfb9abff8d74c40157dc818327aed5d90014f4513ba314a3e5700376b7c1f9ec"
-            + "f33d0fd75a0b994cdc9b0e90068446ca4272cd90e49b22e99d66e54cc2b9d801e028fc7c"
-            + "05acdc96e85bed2f0474cdfb15d14ecf8f467673ff2bf754f8105f6e6c981595be96743b"
-            + "2a212c2ed0d33a5349e227a2183afb4b8ca09723c454dbb00900d0144fc23d93da01e422"
-            + "e0fa7991e3c441f73747356bb54eb135ef6a64272de477e42016083eb2372b89e74bcc05"
-            + "d4866ff408f7831b149fd2e6916a02e696c0e277a4a34cf3021ac7238da08232fc40eb8c"
-            + "0f8c13e02c474b518195fea20ae74eb9ef9d2e7bc706cea89209b2b5d3422e94a94b1ede"
-            + "0baac06b6e8da0263e30c422b227a0d62fbb4098ba4fb68c5c154688dc7429c735d8c1f6"
-            + "31391521c659201aff0735a50d102b5269ce0e1b6c30dd3ff19722aade2370eb45aa6f4a"
-            + "6c8f0359c5054bd9b66343201d6fa9695a3d87499ca48a642ca7ddc7d5fc47c0dd0f2f9d"
-            + "d48298e02337e1adc5ef8c04e967708097943cb4ca5d10102d6088472e9a219e03aa77f7"
-            + "0a282137708c1b3d6298e79a676e160d6d2610b0d15a42728d41ee503352a5b66b174c6e"
-            + "bcf2558309651045bf79eba7b54c4690058458e2cab6c279f87c76f2b02984a07447e0b2"
-            + "acb3a2aaa160bf4596e791d6f00bf130be24ca0aaa6f613479ed8c0a8971164ec25c1d5b"
-            + "67bce4439db5c395208017a68d3e8eaa2b58169a26ad265f86355e5cb25c5422ca85ed32"
-            + "8437a23b5a79dbebebc56c2a118cdc527caceeb533e7b0fa7cf9a38f87e0459332995fc1"
-            + "b202a24fbcd8b34088759c362ac6f7321f223fdfd6f8951a0f68ed067bb00a2fed2f9b52"
-            + "243942eb2495e37d4c38a824367c9c0b56dc112eb9f5b9dd498aebd9be6b6cdb02e3a216"
-            + "2bf107155e3e6e9a09907afb1511352bbdc4f0e7df526828a38b444e9b7c830ff33edd01"
-            + "027de5ddbe9a204263ef0a22a5cb7787a77c43bfdd348a15d4d195429bd762b1860732af"
-            + "6a16d98bdd56e8f67bb911852b8e8892960cc8e7586951fcb02395ab62fd249d497f088c"
-            + "9b827cafaaf035029ba4b13fec4b0f5251e9ef69f62714fbf7bb2607e9a42af0a8b76353"
-            + "75888b8c8ccac0a3edc6a7b8dd51d63741b7738e30d147e07bf0c935fadb81703d6d76d4"
-            + "5e769baecedec0d7d28149e70cd7047ef26383f5a31be9139e4ca9c93a96a57a38178981"
-            + "94f393ce83c3b6828ade4a642e28b81e6c1716e3ef67a539699945e8ecfd926e3bee4f63"
-            + "41fc9377b64eeceecba1caa1da25e127faaf7edd12f0e611f94e12ae507ce3b3ff637143"
-            + "3bd453b11bd7f17ba0ff63db22366aa22f6a3d2b523f815b10f5b970e85ab1d9341268a4"
-            + "5e3b90768367413d4db5e8ce9cb38bea65bd43a32921873f0fb463088a5f32496c9283a4"
-            + "d9b0aa95605d92c924355989b4d6666964f31b63e297b793563376cc87dfc46cfc32872f"
-            + "91474d20ef94660660d58e2577fe944280fa91d9f89cad7085e4abe56e6f526837138a33"
-            + "af4a992003f42c6c1da63e4cba4ecf75f92b4865edf67ca5b25ec58608bce536c19fc492"
-            + "983137c5a0db6b29671b44f4ac96084148c8a1c65963d149d7a9cc900783806fe7818fba"
-            + "51d65fcd8e5bf364561e4b17c973907b295421f5b2660100426f3d19df9ebd4b2c8cc0e6"
-            + "c5bbbe9318c4811076a0f7f061b762c93296a168b5fa99ea5ba54b3a9211823f9af4561b"
-            + "ead0749414126cfb2a247346e2b0e8adf7ccf76cff290cc797080e6509fe5e49f33d7f1a"
-            + "7c4e034ba8deb10a978f0f3d76036fc437c5750a97d53c59ff69f3d7159f13f0499b67ff"
-            + "b552d0ae756d6f03d3b5a8770e38ca59c74addaeebe17b7c75a13700d12605a56c636a87"
-            + "a87b2f84a13b456d1e2093b6dc8effb248480c20b7f7c008b71cb92fea8f047dd8b460d7"
-            + "bb9c05599addd45d901a7d7c57058745c04a1f1ce32068cf95367951ff88e3eb6917704d"
-            + "2e7f166db9a16e28b26d49d37af5f6916037f516344b62b0db171d0241331fcb5fbc2213"
-            + "d63ba19025d83f8564755c3ce0126018da7b7946d7641eb368b6dc8dbb611f93355a6087"
-            + "ee30a30bce131895405470e89bad437a9bb1fc050c800eb6165cd42e9100e60f17e9eea2"
-            + "1da315a194fb5f84977df7d8fa7b885f51a2784ea34fe3cb1401f2385dc95480304764d7"
-            + "c6b5b086a7b75b519865d7c11e5be0fa7ea3fca056eec5a82b40426ffc6e199d4db9bb37"
-            + "638f5992cd7cc1280bd57a69c290ed26f764a923b82c831ebf995f80b4d6d1fe51f3f6ce"
-            + "ed5c1934e1d713b04d0313ed6f7d8d3c239184ecd182b1820ba176ff362ef6dfbcf6f0ee"
-            + "56287fff6ca780ef0d6ca1c14d17895da81037bf1001368ba72f8af39ef76a7a66261ede"
-            + "f43de21e77e247dac0ac1bb2029894ed8eb953b7a5e0d0febc6db6a92fa84b7e278aa2a6"
-            + "f7952ec7cf9877c610a611107e8bf2cd481f612262c61c03ceb36227f4b6114e799e676b"
-            + "e20ad9a1dc4554250dc125ddebb912af2799d83842c0f1c4c3865e084ac9cea1c8c0c2df"
-            + "a21d3bc3431635a4c38107c47043c195f3bcca58cb65d2775a6a797991ccdcb856a636fc"
-            + "57848f571ab36c3f615b3f4c772770476f196bc3e94101423aa170732b41bd6d91e42b2e"
-            + "4cb47f7044e14b269c1ddf1b7b91be767e0b7c787e816b368b9e7ac2f9b807e44d9ec224"
-            + "4b303e0fd95b6f21811885544910518ac68e04644c7fdcd422b88ef20b3f21166fd9fa54"
-            + "383d17f2e20ffd68272f445b3e699fb65dd9a0df9a32c7e4962541451f5e800b0b7b2fef"
-            + "df7fd15378e66b0b5e948652b59f6ca775b7ee0d558bd084650567931d9bbd79f4b60efb"
-            + "3ad6b2161f9ab876dc97de95aa3f648157d9cbda81fe73338b834f6b1724354600c1aab4"
-            + "aa0bf6eb85b3223786a743cc35e28d81c05d4efa5e132973ce42d9830ff22a8e1d1fb1b4"
-            + "5134bbf9193f0570b43ad0bcb533f59d3ec8b77998509e766bd0261e5b913e11a2e3b219"
-            + "0ff660f71eeef5549fde3009ebfbb30afe2184b73d23d84e47fad48934b2193941c47453"
-            + "b44832ec9690ecf664a5b88897fdf8595909a93809a394ef4d08682f610135e2aa6d93b9"
-            + "2c295748493e0d71880a6454c89a4aae706f9e712415ee37f0dfe4414bba183a5cc25c1a"
-            + "688605d280abeb3afbd7dc1bf696f1f4d109c694a2b4b7c4dd67e0f9f6c556be8bcff103"
-            + "afb40928d25d91da4222f71fbc092cabe214bc12f4df702e54cd5ae9489a7b14e4f60162"
-            + "04080449ddb6c0cb4cf030a36a46c457e6a8e410dfad630299d7bd2c158d27da09679509"
-            + "2edbda28b71f9705201b0746f3375513bcb5aafaad0e1edc8ffa76faed6e5defadaeecbb"
-            + "9d4eeecf5944528ce1a1be1dac0477f8763eab422757378e922d0231496c791d0527dff1"
-            + "849526b125411c2fe471356879b993bcf1375d6339df647087d1860410a91d89f7baf07b"
-            + "5815fc7e2517dbddcb49d57e6f2e678473c416ddc2c878019d138d50ed95c3f3a0af8b3f"
-            + "c9aaefaa9cab78251ca6f899043f7efd66e262be492b655ae1f546953253736272d7ad7d"
-            + "c2ef505768a1be8755ca2ad5c959efb89068718955400fe9d1bdfcf631a2ce7127ecd865"
-            + "9b4aff6ba4e0e49a80485225de88e389bb25e4ac4636edf8203e285d8b9bc65e096256aa"
-            + "085ca7977d19afd3f7df0d7c72ffe2f5fc9eefbefe2e96be0e904f1a877792f9e4ea3e20"
-            + "f953892ab92743b3737fed3885b924bf1ebfeb3860490a741c62b6c1595b06d89018669c"
-            + "ac8b044fb833b6d39c3f660b66611df9b04f35958e486a5265d6103638f6777e5101101a"
-            + "aa1cd56575a294b0f4fc4fd830264ed086e1d4072f60c1a64dda3a0fa1a0ee18a7ff2355"
-            + "ac5704fb10d2eb59f8a0267b5555f7bf25e2a77c46e48eae1607fad7b8cc456e409617aa"
-            + "d7ae6ae443f362dd4cfdf6792c728d19d290b4e1b09c8521c0b8ebde286e44041cf50169"
-            + "75c509caee50af40de65ed809c62cd260320fb9b49c6be4fc939d9ddd06f4713a4b2a79f"
-            + "b125960930e9e059f44d302ee71e271325c5c411c82b90ca5eabe1fb2fa920a14297b69d"
-            + "12d25e9208f9a01c31a4b4abfce2469475671c169cdd4f5ab67eb3aec9fe8ad15dceb1e2"
-            + "91ea893a221245c4a9ac9dbc7f4b15d54af2b38b27bc0015fa32c61e5a9e1136dc9ff81b"
-            + "9bb0bed60f26d056337fdf548e9a8c033539551629d94f988a0c250b519ed92530056c24"
-            + "47d327f2d65be5b7b4cd11fc5ebba3ce0c143c7e83ab7fd51db5c6e2c09155e153013381"
-            + "e53bbf5691526832524a191157af1d6f6f2b8f15e86cab014c374609be46b5908bef3c59"
-            + "e829b2389daf473d472e937010dbf9909a3770b495d48c5a4f9e464f2e7ed39b964c594b"
-            + "63586de4e8fb3f10cea3a5d0411d09e9154b637cb0d3bafc219cc93cd960b11131492b38"
-            + "1606cd93faaf2b2a0a52fc0d5492610d527b515a696e1e5cf511fe8b25a0ba6559951f0e"
-            + "e7d3dbc25bdad5f4ac334e6a3b4bd66f9e924514a273dc30abff8a5a14c7ff4fac5693b8"
-            + "55152470538c6c6ff51597a7123681e787706d2deecb71ae525ac9a050efa9188bf58da6"
-            + "440c9ec2dc4d3fb993a8803803b0b36a3b0708ea265799b414be7dbc9d120ff6852bf5ee"
-            + "38cb740322b6d4b036653f2b922a1d86d054f2544110dbcbfd79d9fefeb13870c78fc7da"
-            + "83772b1758685e68e75175ff068b938beded3861caf5055e7f4655e6608804f02e4d1853"
-            + "f70310ea037788246549279da6f3e75ad07f995996dd9c8e36700a89f9240acf0939241b"
-            + "765e3d850aca760abdacd5e8a9714a2a713e1d9866448053e6b5f801c01b854d2c083743"
-            + "f20ed6fcd35514dfc28585ea61fd247889ef54a7c17a4183e924756e1c7d4a5b4ab2c681"
-            + "ff755c954629ece9dc13fbd46719ccacd119898a32f8a9f01d7ec397c7f633c52ecd6f50"
-            + "11f17ccc96298b92e57ddb086734035a6bcc31d8e831166a31ed6df350e48e4c69e5cad7"
-            + "cde3d9ee545fcea6dbdb640560429bcac05407f50f5cfa1800803c66a4d8b6a9a596489e"
-            + "43a3c28f3af7d032614677bec94dec582ed76b7861f3dd4131e8faccad2870da1cc49deb"
-            + "ef37db61f3e8e4174cc2ec2f53f5ccdeff83374efc70f7fd003a85c52b099df1cbc560ee"
-            + "94cf695db01ddd36cde96500c39bb2bb865c1c6da705b09c48fd024290ceea0b35037a1b"
-            + "9833b4c5ff13be2904c8c61873bb8d1abf3ee86bb23b634b773844070d9d8561c7c00266"
-            + "290dfac68a136cca2fd1f06e21274de5ba339a26d35a1056c42649d145dc8e5545a404d1"
-            + "553c2930baef962d53dc642566ffe59509dd858a30e2a9a9b3ba027c0dc48c2db7c54d0e"
-            + "7813765eb728419c4789081a64e3cba0cff0e070338f7d9d4eb855da450f48413108cc37"
-            + "19d70f0f498553d50858ccafc951196fdc086b9e1a734c8f58aced167dc71c999474694e"
-            + "92b3e374fbf692c41c9e463cd85953cf72fdded2275dfd61f3be638e837229d0b53c36b9"
-            + "5b90847d74abba6a88ab4f3eb6a25c291729323b0345506ea49a88ef4879410337f37c43"
-            + "67f2ec6bd05cb8d363bfebdf721eb6b87f32a6c4ad137f15d4663b5e716cc131c2535972"
-            + "4bdb0a6b5403e6839f9b62ff76730630af976b96e251c2b091f5393618b060f16d488463"
-            + "fe23d140b0c9c4b88de9e71ca1ba7699f36037338a9ba504dd9260e259f15af7305a7c3b"
-            + "79cb834295627c44d59c79480430d61f839ac6d3ebe50852eedbcf14fd62fd0df62eccb7"
-            + "edc7597f3292cdfab3e9027b3d3f39b24f46a81b17082c4e2f979e8567569bcc91bebcfb"
-            + "d72ecd28e404a6fbbe3a8cc1de56a0965a05ef2c0ea9dadcfa6850e8a6abe4487ca89a13"
-            + "c5d1b1363d2eb5cbb34076d2629e0c138c0790a207fe43d862e7186bf83ee0617e759770"
-            + "4084404a3dc5eb7875b966c5533f1c229ce7e00390c8391784f0f62609e022260fe7b49c"
-            + "93c7fe503ad6ee8deb0536bfec5918459f80dd8a2b4c214898ff06d370f43d99f8690cf9"
-            + "a387e4bdf294f3652e28c80f07798c75a7f7b5cea2129633c53a38e703c193bb80f7b901"
-            + "d189da0419487fe472689fb4dd6720dbc5d9d6da40aa8e718bbbe3a56995adaec5613ba9"
-            + "b3c92e66e6930643ce439010a5ba96f2a3997d0b83e43d24bfffadc343cce9df9450e933"
-            + "b46edacd4b55d96bca18c0c3dd07f5daded34cdc173f5a9ec947e913000cecf49380138f"
-            + "be029154dc8cb9935170c32cd58ee4a7a0aab4ba252bd1934a8247fbb2037f09f88f9dc3"
-            + "fb2fabbb39d4717d93b8a81576689697a2b4376308201402354ec1edefde7af6ed87ce65"
-            + "3e88ca92de0d0567657add49ca3587bc9649a2845c223b1603061363498536f0f316a3c1"
-            + "0ac4f0fe6f0319c809733d564478f6de141772a702595352fec747bc92b245ab0c774a7c"
-            + "9b36d01499db586e3d693369c0c8bb51d74075ec6fd81200405951fb808e41bffef60a4e"
-            + "dc7099cc4ecf1272a62011c4122b45a81c9591dd2fe3ed3ed976ec3c61409c88b6ac4621"
-            + "7944be5d0536cfd27336a688ec652c3870ef1ad5a6ac7c663898b74c34081101453aacf0"
-            + "5fcd990be99c3a8d7377caf3b154207967ebb4a9c7ca285c184679009cd440696488ec81"
-            + "1b617b9b4c48896ebba298d24d65d6e3b890a2a540ecbb300c433d5899ea9019bdf4f572"
-            + "b861d0c6b27a7916ad25a7b85b5eea8ffd7b560d5b30d8531485a4270d0e690b71c7ac6c"
-            + "388bd6ceee0d801924a93c46187182c365835655721e64ab139500f03a60e8194aa378c0"
-            + "7924254f36107d98c266e50019609273b9b3464f0d3bf12eec0a4f15cde5cddec00de241"
-            + "1e877eb78f579fdfad439202ed0dff21bb9c68abec115a009d5d4eb7c09199724a736e70"
-            + "b9861c25abe42de0d7fe28ae51380e5f273bf0592ba4e7541f7d50d3ff4b8facf5a20859"
-            + "0eabd4c53c4671fbcbf54b9f3e91bd86b031203752de9f1b09271ec703f03508785de019"
-            + "99fa581f26e1b2a862e77e620c781a3dbe5a9ee45bf5a9143d30b204270ea3c8b3b45c72"
-            + "6ecf3124b81f04c9e0f891fc5b2e8e946ce40749391944e7a0dcedca744d4dc886ae7333"
-            + "e7b02b1d3c312fedea2434abf64bf43ffb5afbf33eb68071f7525c885d31229a6a733345"
-            + "3f64610590e5ef453feef802e8edb7df5fe64bb909c26c7e415e208867d892e988293ffc"
-            + "8ddbe3e1f3dad628220ed192d12a1f4fbfbdfad4703dedbbb359042048dc4fb3e160adb0"
-            + "11eabee0608e18d2664ac60fd32e948c66358ad6a1346b83ac47cf3d53f4a649c56fe14a"
-            + "96ebfb7e6bf9c0b2496c779655359bad854ce693286a8c0ea0ac182db048da80aead6430"
-            + "c69fed482e3771227f2ce1070161470a7f762b6a9d4c6a22903fb45868110bf92f887fc1"
-            + "e74169b1e3baad6e3d723cbec45376251e37f9c9faf998cf6948ea93d9ed27736a928f9e"
-            + "b4b5cb91a0e3c5c2dce192299f4fc5e8876d860ecaf873287acb5dc8a13e267d7202b050"
-            + "168b1d819a5610bd46c06fbe8497edaccd534036f3cc4704f18b9b92a5431642f169cbf6"
-            + "6d586bbc6be6c2835dcef2ed7e35d51a00531b037a404b651fc65bc9fbada10870bb08c7"
-            + "274d0f8d89302a06e1b62006e71248823bb41e016a6d5cd14cdeb602cf8cb38692b9fce5"
-            + "60260fd5abfcb6acf5951c69caf5648dbfe85f27ae9665c737e91438f668f3ef0e9e9826"
-            + "67311ac5850486c91516929640dc33ad8f51fb80b41a6b373e9ebe639595d231b1fa6768"
-            + "3191868d856605940a290498546e9d2c6d15b5a0c00672200073b7c967b2df0ab8a62dc7"
-            + "13109a04d13b0b4b802ca8e1a3544775c2696c82acb35588fc69f2a8d9ccf11ce35cb0ae"
-            + "f43ba968f3b52e6e04f2de16b11a4f26acc55cc4d0bafe52ecb1d5bdb8db1723123cdd80"
-            + "e495dc95a803ff9ff68ba5cd610ec198eb9a785375b0f71019c861c75b1bd301e8ac9f34"
-            + "5532e88a14e217a938fc9a827912e01baec31a16c5c8a34ede046d5d665a24d11e243e19"
-            + "dc58ab1bf614cbe435852b8edb265eee838518337b881e1fb11d6e47aaec850613cc0b5f"
-            + "4042787f53f786cc5f504318dfe32bbb8e5a0886408bb9b52a593e60b0e561cea833da2b"
-            + "ed34485145dd2ddb54ebe84d6f18097ccbe70b451029e2678ff7672f2b31dd9ea0d03db6"
-            + "1e292b024319fe5e4f427cdea7482631d55338cb554129d55a7c3954c36cade3bae049a6"
-            + "b84654b116bbb9918655d1642973818f21f15f5853e9b1b59240f4a10604cb1ca90e8d0d"
-            + "5643bf1d60fcbc6a09bf4a695690c7ad9048b0c4c5548844755d02e5c8de3ecc1c88562b"
-            + "e1be873739bc820a560f185edc4ac229558128a98e1a69b2fe1fbc133cf082cd7f9e6cfc"
-            + "f54d5d0dd74c03cbda2db381efeb443f996db2ba84e81718575e7107ba7185ef456cfd20"
-            + "c240b3f12978252050c528bfcca6e615e5e523299ba71e6bf12dd86c6e2fa99d4237d70c"
-            + "06ac0599251256f4cf41862cae91f545965c467572c7019c7411ccc38072fc8c3480a369"
-            + "bababf175228987de46149dee8978d759d8d5e81eaa3a1de9ae2f9b16b0d2643f0c153bf"
-            + "dc80256b2668b4736782d96971197bdf0abceb8cfed9bcefcc7eba3b5d6ca6b830c47667"
-            + "4d27663324201a6201056d8410f90b0a56d22c2d99946aaae7df267e043b9a30149c780b"
-            + "7b7e1b663b3c98390c2a4694a4aa9eb32c633133acc9dba5da41cd4d1b857c72acbc93c5"
-            + "5dd4b76b3df6a8b734b19c290babd085f1961126ac8008671de1de3e1fc54963cc4bc7e4"
-            + "8b40af8af19e23e102e2b48320917e6d49577b1548fd6fb0a4489b2e21fde8c2226b3151"
-            + "4ade72eba062f07cc961b2bf3956e8c0167675b5471b7766535774b35fc0b08f172f0a46"
-            + "2632557ee67eca9949beb4dc9bc4b0432a3630c8496a8a9d88a00d666717e9e3f3238b53"
-            + "5bb222ef78cd7d1f2e5456854e51ae35bcb9aad00c91fc08a303e276d3938f6b7706401a"
-            + "3fd1d3803a1d1a3045e30b5a96683bdf8347f5993edb904018ceeae816eb66ea444cabda"
-            + "1d62513b9d7d5fa7a36424404a99c89be848cbf0a969add4754b7492facc83e3cbf86117"
-            + "fbacb60b37bc16e1bd36ba86bba14f3bf5b5fa9c4fbf101e42e2fd9d31f511002c8a7ab9"
-            + "d32c87c062160403f932aa67320aac3af6b86bea88b549ee3d01ed3a2370c99e4401345d"
-            + "ef5475a2a62990d510f7ecc23cdb4ea13b8c81dc1a1d21c9a344054e2841de42565ed06d"
-            + "f734855ac51dd789d9edd3b321cd4a416aff2116a8160fe92800f34c0dc2d9c3cfafd1bb"
-            + "ecd737e463b9ab70aa16e1b979aef9b95a9483382f28a113b1e658662286b3514211865f"
-            + "d73a4002c27c164b6843597c43061870a04cea20906c170f2a66009c0d26f7051714544d"
-            + "de24bf891f412197a7fbff960c774894965bef663d82fe0792b56624e03437888f083cc0"
-            + "a8fd4a7e8e5903730f943007780eb34293b067f0c1ef5de9eb8a15318bdec5365f5272f3"
-            + "0e7aadcca097df76e001c6df0b961bd7c31b6246cca18bf8319bf4b2e65154dbd7b5b572"
-            + "733620e4d551d761c5734d09aa92c9bf3fc2dbbe4b19e002b92b52f0edb5393b67dd0a23"
-            + "2473a7d7f35618a5c9462c97825c0b8b6517cc25b4616eff3b58078ed024c11f08a9459d"
-            + "afe160e32dc3ffa93a044ae8c255d8ac5f5486c28d5967c0f48109ff4372be29cfd9823f"
-            + "128c427b2bb4fe09204c3c6067c9ae32eec726a48a151f0f11b1231f6c035dbefc0e9df0"
-            + "e12cb2a12b70d4b10869861613fb01e1306c3e0c24a9c6fd062c697144e93c3771969658"
-            + "e23560d9a2aa1de260109161fa6d95ab5a6cc3be7f172ac47c290758153858ec8c60c728"
-            + "4f8531913ec36ef5b0a4ad1c4f736a65c01fc7d0ba05c85aabbb2365da664aeea2974c95"
-            + "030f2814e306d2a65ad48a3351976f7f0d6ae5a76adba8a52764ceee9f5d75d1e0be3d6d"
-            + "ae4b190ba7d17ae9cd7fe51131cea2ab0c95a5d1fac27cf2c757f05b5d60436bdf1f9651"
-            + "b0332df834e76107647024545e773f835d0dd41bd10fcc70ff578cce77213bd605eea6fe"
-            + "414035c6c11cf8c359e89a4126b8a5b37ff53805bd0fac7194b3f1c589c158e8c4d2e342"
-            + "abc4a767789ea263616690e2e6413fea8e980734dde9b0b237e7962d620fa7659d46fc87"
-            + "260466be275ac41bd1f22322df094a6509fa26ec1ac04f437a1f9d791d938d94556ea14a"
-            + "5e2cb17e72468a47e98a5ffb4ab6ab03c79c5399a5caa32f185ef02b2ae9b53f3eedeb83"
-            + "3f7b973d442c8d3056fb4ef033d38172f75383cf514bc9df40f6fe12164a2b98cf9fee80"
-            + "f188c64c50d9072efb14f2a517cfbdf0dfe4f2b53288cf035c755d2950b55f07f9499dcc"
-            + "77f7beb1da6758a483f0be38e8799f37169ddb2f9a5128927f469ef90171b85592686d6d"
-            + "ac9e484140af2e14f6c72bcd9f23772a1fb474b8dd8e55b4147d449854a2ae26a4f1daa6"
-            + "b32b5cafbb123b7a6a11fe4670723012f816a490c2b2ff9946015c74bb3cb9e10c53a314"
-            + "a1b61f144a569cc99f86effbabae912b99ab6338d7342534d45919060e4f09a27ca847e7"
-            + "8ec2d21f093536eb93a4040a800e099d1d083d3b006aa5dba975d895dc7760a599a9d220"
-            + "31248837e6ea6d8f6426c2156c516d90233b2164ba2301a965c9e8ae7cdc6890b07a6338"
-            + "f2049fb6af223400e628f7cfde8d21cad5d78ea0459e6fb93ab76475afce487dc8219efe"
-            + "9797da8e4f6f61d8f6f3aa8a88445c226571c41087c9cc719926a2215544e36233adabeb"
-            + "fb6e426ebfd9742d3156d77d32639861632f63c408ffc62abc085fbe563401d61b885390"
-            + "950deb8f9c8f31a69ecf83d16daa4e1f3b22705969aec7d3402f3b8e00ded36c2b83cd34"
-            + "999f01ff7b257eb947f68059d856f6943ffd45294947394e4019e81070f68cad769d59ea"
-            + "ae70592d127195275a25c24886f3a72d7c12d4e89a12d0645996d33a163a42a3b08bcdf4"
-            + "3bb1ae77859311630736efdfaf5000821d5e792af1bc76069c541358bdf2dbe04316d9b7"
-            + "071d4f01f8b5cf584e09ba1219353c09997087cc5da02eccc9ab838b2260079f4ec5810b"
-            + "ce0adc7cd66de8539f89c96753ea782bcb2bdd765f84547f085273799a0a9f35fd6e0076"
-            + "9878fad01be6bef1114be94b5ffc4fe087b9fe82c0558cd5f622dd18f4319f5ea54ef42f"
-            + "14c70be5acb5dabbd09aee864d902185116e5bb5be2717fcdb5e9b7ed79bbce616babd83"
-            + "78d8ac445c";
-        assertEquals(true, Arrays.areEqual(Hex.decode(expectedSig1), sig1));
-        assertEquals(true, Arrays.areEqual(Hex.decode(expectedSig2), sig2));
-        assertEquals(true, Arrays.areEqual(Hex.decode(expectedSig3), sig3));
-    }
-
-    public void testVerifySignatureSHA256()
-    {
-        XMSSMTParameters params = new XMSSMTParameters(20, 10, new SHA256Digest());
-        XMSSMT xmssMT = new XMSSMT(params, new NullPRNG());
-        xmssMT.generateKeys();
-        SecureRandom rand = new SecureRandom();
-
-        byte[] msg1 = new byte[1024];
-
-        rand.nextBytes(msg1);
-
-        for (int i = 0; i < 3; i++)
-        {
-            byte[] publicKey = xmssMT.exportPublicKey();
-            xmssMT.sign(msg1);
-            byte[] signature = xmssMT.sign(msg1);
-            try
-            {
-                assertEquals(true, xmssMT.verifySignature(msg1, signature, publicKey));
-            }
-            catch (ParseException ex)
-            {
-                ex.printStackTrace();
-                fail();
-            }
-
-            msg1[0] ^= 0xff;
-            try
-            {
-                assertEquals(false, xmssMT.verifySignature(msg1, signature, publicKey));
-            }
-            catch (ParseException ex)
-            {
-                ex.printStackTrace();
-                fail();
-            }
-        }
-    }
-
-    public void testVerifySignerSHA256()
-    {
-        XMSSMTParameters params = new XMSSMTParameters(20, 10, new SHA256Digest());
-        XMSSMTKeyPairGenerator xmssMT = new XMSSMTKeyPairGenerator();
-
-        xmssMT.init(new XMSSMTKeyGenerationParameters(params, new NullPRNG()));
-
-        AsymmetricCipherKeyPair kp = xmssMT.generateKeyPair();
-        SecureRandom rand = new SecureRandom();
-
-        byte[] msg1 = new byte[1024];
-
-        rand.nextBytes(msg1);
-
-        XMSSMTSigner signer = new XMSSMTSigner();
-
-        AsymmetricKeyParameter privateKey = kp.getPrivate();
-
-        for (int i = 0; i < 3; i++)
-        {
-            signer.init(true, privateKey);
-
-            byte[] signature = signer.generateSignature(msg1);
-
-            privateKey = signer.getUpdatedPrivateKey();
-
-            signer.init(false, kp.getPublic());
-
-            assertEquals(true, signer.verifySignature(msg1, signature));
-
-            msg1[0] ^= 0xff;
-
-            assertEquals(false, signer.verifySignature(msg1, signature));
-        }
-    }
-
-    public void testVerifySignatureSHA512()
-    {
-        XMSSMTParameters params = new XMSSMTParameters(20, 10, new SHA512Digest());
-        XMSSMT xmssMT = new XMSSMT(params, new NullPRNG());
-        xmssMT.generateKeys();
-        byte[] msg1 = new byte[1024];
-
-        for (int i = 0; i < 3; i++)
-        {
-            byte[] publicKey = xmssMT.exportPublicKey();
-            xmssMT.sign(msg1);
-            byte[] signature = xmssMT.sign(msg1);
-            try
-            {
-                assertEquals(true, xmssMT.verifySignature(msg1, signature, publicKey));
-            }
-            catch (ParseException ex)
-            {
-                ex.printStackTrace();
-                fail();
-            }
-            byte[] msg2 = new byte[1024];
-            msg2[0] = 0x01;
-            try
-            {
-                assertEquals(false, xmssMT.verifySignature(msg2, signature, publicKey));
-            }
-            catch (ParseException ex)
-            {
-                ex.printStackTrace();
-                fail();
-            }
-        }
-    }
-
-    public void testVerifySignerSHA512()
-    {
-        XMSSMTParameters params = new XMSSMTParameters(20, 10, new SHA512Digest());
-        XMSSMTKeyPairGenerator xmssMT = new XMSSMTKeyPairGenerator();
-
-        xmssMT.init(new XMSSMTKeyGenerationParameters(params, new NullPRNG()));
-
-        AsymmetricCipherKeyPair kp = xmssMT.generateKeyPair();
-        SecureRandom rand = new SecureRandom();
-
-        byte[] msg1 = new byte[1024];
-
-        rand.nextBytes(msg1);
-
-        XMSSMTSigner signer = new XMSSMTSigner();
-
-        AsymmetricKeyParameter privateKey = kp.getPrivate();
-
-        for (int i = 0; i < 3; i++)
-        {
-            signer.init(true, privateKey);
-
-            byte[] signature = signer.generateSignature(msg1);
-
-            privateKey = signer.getUpdatedPrivateKey();
-
-            signer.init(false, kp.getPublic());
-
-            assertEquals(true, signer.verifySignature(msg1, signature));
-
-            msg1[0] ^= 0xff;
-
-            assertEquals(false, signer.verifySignature(msg1, signature));
-        }
-    }
-
-    public void testImportKeysSHA256()
-        throws IOException, ClassNotFoundException
-    {
-        XMSSMTParameters params = new XMSSMTParameters(20, 10, new SHA256Digest());
-        XMSSMT xmssMT1 = new XMSSMT(params, new NullPRNG());
-        xmssMT1.generateKeys();
-        byte[] msg1 = new byte[1024];
-        byte[] msg2 = new byte[2048];
-        byte[] msg3 = new byte[3096];
-        Arrays.fill(msg1, (byte)0xaa);
-        Arrays.fill(msg2, (byte)0xbb);
-        Arrays.fill(msg3, (byte)0xcc);
-        byte[] signature1 = xmssMT1.sign(msg1);
-        byte[] signature2 = xmssMT1.sign(msg2);
-        byte[] exportedPrivateKey = xmssMT1.exportPrivateKey();
-        byte[] exportedPublicKey = xmssMT1.exportPublicKey();
-        byte[] publicKey = xmssMT1.exportPublicKey();
-        byte[] signature3 = xmssMT1.sign(msg3);
-
-        XMSSMT xmssMT2 = new XMSSMT(params, new NullPRNG());
-
-        xmssMT2.importState(exportedPrivateKey, exportedPublicKey);
-
-        byte[] signature4 = xmssMT2.sign(msg3);
-        assertEquals(true, Arrays.areEqual(signature3, signature4));
-        xmssMT2.generateKeys();
-        try
-        {
-            assertEquals(true, xmssMT2.verifySignature(msg1, signature1, publicKey));
-            assertEquals(true, xmssMT2.verifySignature(msg2, signature2, publicKey));
-            assertEquals(true, xmssMT2.verifySignature(msg3, signature3, publicKey));
-            assertEquals(false, xmssMT2.verifySignature(msg1, signature3, publicKey));
-            assertEquals(false, xmssMT2.verifySignature(msg2, signature3, publicKey));
-        }
-        catch (ParseException ex)
-        {
-            ex.printStackTrace();
-            fail();
-        }
-    }
-
-    public void testImportKeysSHA512()
-        throws IOException, ClassNotFoundException
-    {
-        XMSSMTParameters params = new XMSSMTParameters(20, 10, new SHA512Digest());
-        XMSSMT xmssMT1 = new XMSSMT(params, new NullPRNG());
-        xmssMT1.generateKeys();
-        byte[] msg1 = new byte[1024];
-        byte[] msg2 = new byte[2048];
-        byte[] msg3 = new byte[3096];
-        Arrays.fill(msg1, (byte)0xaa);
-        Arrays.fill(msg2, (byte)0xbb);
-        Arrays.fill(msg3, (byte)0xcc);
-        byte[] signature1 = xmssMT1.sign(msg1);
-        byte[] signature2 = xmssMT1.sign(msg2);
-        byte[] exportedPrivateKey = xmssMT1.exportPrivateKey();
-        byte[] exportedPublicKey = xmssMT1.exportPublicKey();
-        byte[] publicKey = xmssMT1.exportPublicKey();
-        byte[] signature3 = xmssMT1.sign(msg3);
-
-        XMSSMT xmssMT2 = new XMSSMT(params, new NullPRNG());
-
-        xmssMT2.importState(exportedPrivateKey, exportedPublicKey);
-
-        byte[] signature4 = xmssMT2.sign(msg3);
-        assertEquals(true, Arrays.areEqual(signature3, signature4));
-        xmssMT2.generateKeys();
-        try
-        {
-            assertEquals(true, xmssMT2.verifySignature(msg1, signature1, publicKey));
-            assertEquals(true, xmssMT2.verifySignature(msg2, signature2, publicKey));
-            assertEquals(true, xmssMT2.verifySignature(msg3, signature3, publicKey));
-            assertEquals(false, xmssMT2.verifySignature(msg1, signature3, publicKey));
-            assertEquals(false, xmssMT2.verifySignature(msg2, signature3, publicKey));
-        }
-        catch (ParseException ex)
-        {
-            ex.printStackTrace();
-            fail();
-        }
-    }
-
-    public void testRandom()
-        throws ClassNotFoundException, IOException
-    {
-        XMSSMTParameters params = new XMSSMTParameters(20, 10, new SHA512Digest());
-        XMSSMT xmss1 = new XMSSMT(params, new NullPRNG());
-        xmss1.generateKeys();
-        byte[] publicKey = xmss1.exportPublicKey();
-        byte[] message = new byte[1024];
-
-        for (int i = 0; i < 5; i++)
-        {
-            xmss1.sign(message);
-        }
-        byte[] signature = xmss1.sign(message);
-        assertTrue(Arrays.areEqual(publicKey, xmss1.exportPublicKey()));
-        try
-        {
-            xmss1.verifySignature(message, signature, publicKey);
-        }
-        catch (ParseException e)
-        {
-            e.printStackTrace();
-            fail();
-        }
-        assertTrue(Arrays.areEqual(publicKey, xmss1.exportPublicKey()));
-        xmss1.sign(message);
-        byte[] privateKey7 = xmss1.exportPrivateKey();
-        try
-        {
-            xmss1.verifySignature(message, signature, publicKey);
-        }
-        catch (ParseException e)
-        {
-            e.printStackTrace();
-            fail();
-        }
-        assertTrue(Arrays.areEqual(privateKey7, xmss1.exportPrivateKey()));
-        byte[] signature7 = xmss1.sign(message);
-
-        xmss1.importState(privateKey7, publicKey);
-
-        byte[] signature7AfterImport = xmss1.sign(message);
-        assertTrue(Arrays.areEqual(signature7AfterImport, signature7));
-
-        XMSSMTParameters params2 = new XMSSMTParameters(20, 10, new SHA512Digest());
-        XMSSMT xmss2 = new XMSSMT(params2, new NullPRNG());
-        try
-        {
-            boolean valid = xmss2.verifySignature(message, signature7, publicKey);
-            assertTrue(valid);
-            valid = xmss2.verifySignature(message, signature, publicKey);
-            assertTrue(valid);
-        }
-        catch (ParseException e)
-        {
-            e.printStackTrace();
-            fail();
-        }
-
-        XMSSMT xmss3 = new XMSSMT(params, new NullPRNG());
-
-        xmss3.importState(privateKey7, publicKey);
-
-        byte[] signatureAgain = xmss3.sign(message);
-        assertTrue(Arrays.areEqual(signatureAgain, signature7));
-    }
-
-    public void testPublicSeed()
-        throws IOException, ClassNotFoundException
-    {
-        byte[] message = new byte[1024];
-        XMSSMTParameters params1 = new XMSSMTParameters(20, 10, new SHA256Digest());
-        XMSSMT mt1 = new XMSSMT(params1, new SecureRandom());
-        mt1.generateKeys();
-        byte[] publicKey1 = mt1.exportPublicKey();
-        byte[] signature1 = mt1.sign(message);
-
-        XMSSMTParameters params2 = new XMSSMTParameters(20, 10, new SHA256Digest());
-        XMSSMT mt2 = new XMSSMT(params2, new NullPRNG());
-        mt2.generateKeys();
-        byte[] publicKey2 = mt2.exportPublicKey();
-        byte[] privateKey2 = mt2.exportPrivateKey();
-        byte[] signature2 = mt2.sign(message);
-
-        mt2.importState(privateKey2, publicKey2);
-
-        try
-        {
-            boolean isValid = mt2.verifySignature(message, signature1, publicKey1);
-            assertTrue(isValid);
-        }
-        catch (ParseException e)
-        {
-            e.printStackTrace();
-            fail();
-        }
-        byte[] signature3 = mt2.sign(message);
-        assertTrue(Arrays.areEqual(signature2, signature3));
-    }
-
-    public void testBDSImport()
-        throws IOException, ClassNotFoundException
-    {
-        XMSSMTParameters params = new XMSSMTParameters(10, 5, new SHA256Digest());
-        XMSSMT xmss = new XMSSMT(params, new SecureRandom());
-        xmss.generateKeys();
-        xmss.sign(new byte[1024]);
-        byte[] exportedPrivateKey = xmss.exportPrivateKey();
-        byte[] exportedPublicKey = xmss.exportPublicKey();
-
-        xmss.importState(exportedPrivateKey, exportedPublicKey);
-
-        byte[] sig1 = xmss.sign(new byte[1024]);
-
-        xmss.importState(exportedPrivateKey, exportedPublicKey);
-
-        byte[] sig2 = xmss.sign(new byte[1024]);
-        assertEquals(true, Arrays.areEqual(sig1, sig2));
-        try
-        {
-            xmss.importState(exportedPrivateKey, exportedPublicKey);
-        }
-        catch (Exception ex)
-        {
-        }
-        xmss.sign(new byte[1024]);
-        byte[] sig3 = xmss.sign(new byte[1024]);
-        assertEquals(false, Arrays.areEqual(sig1, sig3));
-        try
-        {
-            xmss.importState(null, exportedPublicKey);
-            fail();
-        }
-        catch (Exception ex)
-        {
-        }
-        try
-        {
-            xmss.importState(exportedPrivateKey, null);
-            fail();
-        }
-        catch (Exception ex)
-        {
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSOidTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSOidTest.java
deleted file mode 100644
index 2353bf3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSOidTest.java
+++ /dev/null

@@ -1,70 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import junit.framework.TestCase;
-import org.bouncycastle.pqc.crypto.xmss.DefaultXMSSOid;
-
-/**
- * Test cases for {@link DefaultXMSSOid} class.
- */
-public class XMSSOidTest
-    extends TestCase
-{
-
-    public void testXMSSOidException1()
-    {
-        DefaultXMSSOid xmssOid = DefaultXMSSOid.lookup("SHA-256", 32, 16, 67, -1);
-        assertEquals(xmssOid, null);
-    }
-
-    public void testXMSSOidException2()
-    {
-        DefaultXMSSOid xmssOid = DefaultXMSSOid.lookup("SHA-256", 32, 16, 67, 8);
-        assertEquals(xmssOid, null);
-    }
-
-    public void testXMSSOidException3()
-    {
-        DefaultXMSSOid xmssOid = DefaultXMSSOid.lookup("SHA-256", 32, 4, 67, 10);
-        assertEquals(xmssOid, null);
-    }
-
-    public void testXMSSOid()
-    {
-        DefaultXMSSOid xmssOid = DefaultXMSSOid.lookup("SHA-256", 32, 16, 67, 10);
-        assertEquals(0x01000001, xmssOid.getOid());
-        assertEquals("XMSS_SHA2-256_W16_H10", xmssOid.toString());
-        xmssOid = DefaultXMSSOid.lookup("SHA-256", 32, 16, 67, 16);
-        assertEquals(0x02000002, xmssOid.getOid());
-        assertEquals("XMSS_SHA2-256_W16_H16", xmssOid.toString());
-        xmssOid = DefaultXMSSOid.lookup("SHA-256", 32, 16, 67, 20);
-        assertEquals(0x03000003, xmssOid.getOid());
-        assertEquals("XMSS_SHA2-256_W16_H20", xmssOid.toString());
-        xmssOid = DefaultXMSSOid.lookup("SHA-512", 64, 16, 131, 10);
-        assertEquals(0x04000004, xmssOid.getOid());
-        assertEquals("XMSS_SHA2-512_W16_H10", xmssOid.toString());
-        xmssOid = DefaultXMSSOid.lookup("SHA-512", 64, 16, 131, 16);
-        assertEquals(0x05000005, xmssOid.getOid());
-        assertEquals("XMSS_SHA2-512_W16_H16", xmssOid.toString());
-        xmssOid = DefaultXMSSOid.lookup("SHA-512", 64, 16, 131, 20);
-        assertEquals(0x06000006, xmssOid.getOid());
-        assertEquals("XMSS_SHA2-512_W16_H20", xmssOid.toString());
-        xmssOid = DefaultXMSSOid.lookup("SHAKE128", 32, 16, 67, 10);
-        assertEquals(0x07000007, xmssOid.getOid());
-        assertEquals("XMSS_SHAKE128_W16_H10", xmssOid.toString());
-        xmssOid = DefaultXMSSOid.lookup("SHAKE128", 32, 16, 67, 16);
-        assertEquals(0x08000008, xmssOid.getOid());
-        assertEquals("XMSS_SHAKE128_W16_H16", xmssOid.toString());
-        xmssOid = DefaultXMSSOid.lookup("SHAKE128", 32, 16, 67, 20);
-        assertEquals(0x09000009, xmssOid.getOid());
-        assertEquals("XMSS_SHAKE128_W16_H20", xmssOid.toString());
-        xmssOid = DefaultXMSSOid.lookup("SHAKE256", 64, 16, 131, 10);
-        assertEquals(0x0a00000a, xmssOid.getOid());
-        assertEquals("XMSS_SHAKE256_W16_H10", xmssOid.toString());
-        xmssOid = DefaultXMSSOid.lookup("SHAKE256", 64, 16, 131, 16);
-        assertEquals(0x0b00000b, xmssOid.getOid());
-        assertEquals("XMSS_SHAKE256_W16_H16", xmssOid.toString());
-        xmssOid = DefaultXMSSOid.lookup("SHAKE256", 64, 16, 131, 20);
-        assertEquals(0x0c00000c, xmssOid.getOid());
-        assertEquals("XMSS_SHAKE256_W16_H20", xmssOid.toString());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSPrivateKeyTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSPrivateKeyTest.java
deleted file mode 100644
index a121f5d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSPrivateKeyTest.java
+++ /dev/null

@@ -1,61 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import java.io.IOException;
-
-import junit.framework.TestCase;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Xof;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.digests.SHAKEDigest;
-import org.bouncycastle.pqc.crypto.xmss.XMSSParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSPrivateKeyParameters;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Test cases for XMSSPrivateKey class.
- */
-public class XMSSPrivateKeyTest
-    extends TestCase
-{
-    public void testPrivateKeyParsing()
-        throws ClassNotFoundException, IOException
-    {
-        parsingTest(new SHA256Digest());
-        parsingTest(new SHA512Digest());
-        parsingTest(new SHAKEDigest(128));
-        parsingTest(new SHAKEDigest(256));
-    }
-
-    private void parsingTest(Digest digest)
-            throws ClassNotFoundException, IOException
-        {
-            XMSSParameters params = new XMSSParameters(10, digest);
-            byte[] root = generateRoot(digest);
-            XMSSPrivateKeyParameters privateKey = new XMSSPrivateKeyParameters.Builder(params).withRoot(root).build();
-
-            byte[] export = privateKey.toByteArray();
-
-            XMSSPrivateKeyParameters privateKey2 = new XMSSPrivateKeyParameters.Builder(params).withPrivateKey(export, params).build();
-
-            assertEquals(privateKey.getIndex(), privateKey2.getIndex());
-            assertEquals(true, Arrays.areEqual(privateKey.getSecretKeySeed(), privateKey2.getSecretKeySeed()));
-            assertEquals(true, Arrays.areEqual(privateKey.getSecretKeyPRF(), privateKey2.getSecretKeyPRF()));
-            assertEquals(true, Arrays.areEqual(privateKey.getPublicSeed(), privateKey2.getPublicSeed()));
-            assertEquals(true, Arrays.areEqual(privateKey.getRoot(), privateKey2.getRoot()));
-        }
-
-    private byte[] generateRoot(Digest digest)
-    {
-        int digestSize = (digest instanceof Xof) ? digest.getDigestSize() * 2 : digest.getDigestSize();
-        byte[] rv = new byte[digestSize];
-
-        for (int i = 0; i != rv.length; i++)
-        {
-            rv[i] = (byte)i;
-        }
-        
-        return rv;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSPublicKeyTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSPublicKeyTest.java
deleted file mode 100644
index 9f835c8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSPublicKeyTest.java
+++ /dev/null

@@ -1,64 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import junit.framework.TestCase;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.pqc.crypto.xmss.XMSSParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSPublicKeyParameters;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Test cases for XMSSPublicKey class.
- * 
- */
-public class XMSSPublicKeyTest extends TestCase {
-
-	public void testPublicKeyParsingSHA256() {
-		XMSSParameters params = new XMSSParameters(10, new SHA256Digest());
-		byte[] root = { (byte) 0x00, (byte) 0x01, (byte) 0x02, (byte) 0x03, (byte) 0x04, (byte) 0x05, (byte) 0x06,
-				(byte) 0x07, (byte) 0x08, (byte) 0x09, (byte) 0x0a, (byte) 0x0b, (byte) 0x0c, (byte) 0x0d, (byte) 0x0e,
-				(byte) 0x0f, (byte) 0x10, (byte) 0x20, (byte) 0x30, (byte) 0x03, (byte) 0x40, (byte) 0x50, (byte) 0x60,
-				(byte) 0x70, (byte) 0x80, (byte) 0x90, (byte) 0xa0, (byte) 0xb0, (byte) 0xc0, (byte) 0xd0, (byte) 0xe0,
-				(byte) 0xf0 };
-		XMSSPublicKeyParameters publicKey = new XMSSPublicKeyParameters.Builder(params).withRoot(root).build();
-
-		byte[] export = publicKey.toByteArray();
-
-		XMSSPublicKeyParameters publicKey2 = new XMSSPublicKeyParameters.Builder(params).withPublicKey(export).build();
-
-		assertEquals(true, Arrays.areEqual(publicKey.getRoot(), publicKey2.getRoot()));
-		assertEquals(true, Arrays.areEqual(publicKey.getPublicSeed(), publicKey2.getPublicSeed()));
-	}
-
-	public void testPublicKeyParsingSHA512() {
-		XMSSParameters params = new XMSSParameters(10, new SHA512Digest());
-		byte[] root = { (byte) 0x00, (byte) 0x01, (byte) 0x02, (byte) 0x03, (byte) 0x04, (byte) 0x05, (byte) 0x06,
-				(byte) 0x07, (byte) 0x08, (byte) 0x09, (byte) 0x0a, (byte) 0x0b, (byte) 0x0c, (byte) 0x0d, (byte) 0x0e,
-				(byte) 0x0f, (byte) 0x10, (byte) 0x20, (byte) 0x30, (byte) 0x03, (byte) 0x40, (byte) 0x50, (byte) 0x60,
-				(byte) 0x70, (byte) 0x80, (byte) 0x90, (byte) 0xa0, (byte) 0xb0, (byte) 0xc0, (byte) 0xd0, (byte) 0xe0,
-				(byte) 0xf0, (byte) 0x00, (byte) 0x01, (byte) 0x02, (byte) 0x03, (byte) 0x04, (byte) 0x05, (byte) 0x06,
-				(byte) 0x07, (byte) 0x08, (byte) 0x09, (byte) 0x0a, (byte) 0x0b, (byte) 0x0c, (byte) 0x0d, (byte) 0x0e,
-				(byte) 0x0f, (byte) 0x10, (byte) 0x20, (byte) 0x30, (byte) 0x03, (byte) 0x40, (byte) 0x50, (byte) 0x60,
-				(byte) 0x70, (byte) 0x80, (byte) 0x90, (byte) 0xa0, (byte) 0xb0, (byte) 0xc0, (byte) 0xd0, (byte) 0xe0,
-				(byte) 0xf0 };
-		XMSSPublicKeyParameters publicKey = new XMSSPublicKeyParameters.Builder(params).withRoot(root).build();
-
-		byte[] export = publicKey.toByteArray();
-
-		XMSSPublicKeyParameters publicKey2 = new XMSSPublicKeyParameters.Builder(params).withPublicKey(export).build();
-
-		assertEquals(true, Arrays.areEqual(publicKey.getRoot(), publicKey2.getRoot()));
-		assertEquals(true, Arrays.areEqual(publicKey.getPublicSeed(), publicKey2.getPublicSeed()));
-	}
-
-	public void testConstructor() {
-		XMSSParameters params = new XMSSParameters(10, new SHA256Digest());
-		XMSSPublicKeyParameters pk = new XMSSPublicKeyParameters.Builder(params).build();
-
-		byte[] pkByte = pk.toByteArray();
-		/* check everything is 0 */
-		for (int i = 0; i < pkByte.length; i++) {
-			assertEquals(0x00, pkByte[i]);
-		}
-	}
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSReducedSignatureTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSReducedSignatureTest.java
deleted file mode 100644
index eac9342..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSReducedSignatureTest.java
+++ /dev/null

@@ -1,63 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import junit.framework.TestCase;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMT;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMTParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMTSignature;
-import org.bouncycastle.pqc.crypto.xmss.XMSSParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSReducedSignature;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Test cases for XMSSReducedSignature class.
- */
-public class XMSSReducedSignatureTest
-    extends TestCase
-{
-
-    public void testSignatureParsingSHA256()
-    {
-        XMSSMTParameters params = new XMSSMTParameters(8, 2, new SHA256Digest());
-        XMSSMT mt = new XMSSMT(params, new NullPRNG());
-        mt.generateKeys();
-        byte[] message = new byte[1024];
-        byte[] sig1 = mt.sign(message);
-        XMSSMTSignature sig2 = new XMSSMTSignature.Builder(params).withSignature(sig1).build();
-
-        XMSSReducedSignature reducedSignature1 = sig2.getReducedSignatures().get(0);
-        byte[] reducedSignatureBinary = reducedSignature1.toByteArray();
-        XMSSReducedSignature reducedSignature2 = new XMSSReducedSignature.Builder(new XMSSParameters(4, new SHA256Digest())).withReducedSignature(reducedSignatureBinary).build();
-
-        assertTrue(Arrays.areEqual(reducedSignatureBinary, reducedSignature2.toByteArray()));
-    }
-
-    public void testSignatureParsingSHA512()
-    {
-        XMSSMTParameters params = new XMSSMTParameters(4, 2, new SHA512Digest());
-        XMSSMT mt = new XMSSMT(params, new NullPRNG());
-        mt.generateKeys();
-        byte[] message = new byte[1024];
-        byte[] sig1 = mt.sign(message);
-        XMSSMTSignature sig2 = new XMSSMTSignature.Builder(params).withSignature(sig1).build();
-
-        XMSSReducedSignature reducedSignature1 = sig2.getReducedSignatures().get(0);
-        byte[] reducedSignatureBinary = reducedSignature1.toByteArray();
-        XMSSReducedSignature reducedSignature2 = new XMSSReducedSignature.Builder(new XMSSParameters(2, new SHA512Digest())).withReducedSignature(reducedSignatureBinary).build();
-
-        assertTrue(Arrays.areEqual(reducedSignatureBinary, reducedSignature2.toByteArray()));
-    }
-
-    public void testConstructor()
-    {
-        XMSSReducedSignature sig = new XMSSReducedSignature.Builder(new XMSSParameters(4, new SHA512Digest())).build();
-
-        byte[] sigByte = sig.toByteArray();
-        /* check everything is 0 */
-        for (int i = 0; i < sigByte.length; i++)
-        {
-            assertEquals(0x00, sigByte[i]);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSSignatureTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSSignatureTest.java
deleted file mode 100644
index d43e1bf..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSSignatureTest.java
+++ /dev/null

@@ -1,56 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import junit.framework.TestCase;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.pqc.crypto.xmss.XMSS;
-import org.bouncycastle.pqc.crypto.xmss.XMSSParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSSignature;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Test cases for XMSSSignature class.
- */
-public class XMSSSignatureTest
-    extends TestCase
-{
-
-    public void testSignatureParsingSHA256()
-    {
-        XMSSParameters params = new XMSSParameters(10, new SHA256Digest());
-        XMSS xmss = new XMSS(params, new NullPRNG());
-        xmss.generateKeys();
-        byte[] message = new byte[1024];
-        byte[] sig1 = xmss.sign(message);
-        XMSSSignature sig2 = new XMSSSignature.Builder(params).withSignature(sig1).build();
-
-        byte[] sig3 = sig2.toByteArray();
-        assertEquals(true, Arrays.areEqual(sig1, sig3));
-    }
-
-    public void testSignatureParsingSHA512()
-    {
-        XMSSParameters params = new XMSSParameters(10, new SHA512Digest());
-        XMSS xmss = new XMSS(params, new NullPRNG());
-        xmss.generateKeys();
-        byte[] message = new byte[1024];
-        byte[] sig1 = xmss.sign(message);
-        XMSSSignature sig2 = new XMSSSignature.Builder(params).withSignature(sig1).build();
-
-        byte[] sig3 = sig2.toByteArray();
-        assertEquals(true, Arrays.areEqual(sig1, sig3));
-    }
-
-    public void testConstructor()
-    {
-        XMSSParameters params = new XMSSParameters(10, new SHA256Digest());
-        XMSSSignature sig = new XMSSSignature.Builder(params).build();
-
-        byte[] sigByte = sig.toByteArray();
-        /* check everything is 0 */
-        for (int i = 0; i < sigByte.length; i++)
-        {
-            assertEquals(0x00, sigByte[i]);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSTest.java
deleted file mode 100644
index 81afe81..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSTest.java
+++ /dev/null

@@ -1,478 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import java.io.IOException;
-import java.security.SecureRandom;
-import java.text.ParseException;
-import java.util.List;
-
-import junit.framework.TestCase;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.pqc.crypto.xmss.XMSS;
-import org.bouncycastle.pqc.crypto.xmss.XMSSNode;
-import org.bouncycastle.pqc.crypto.xmss.XMSSParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSSignature;
-import org.bouncycastle.pqc.crypto.xmss.XMSSUtil;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-
-/**
- * Test cases for XMSS class.
- */
-public class XMSSTest
-    extends TestCase
-{
-
-    public void testAuthPath()
-    {
-        XMSSParameters xmssParams = new XMSSParameters(10, new SHA256Digest());
-        XMSS xmss = new XMSS(xmssParams, new NullPRNG());
-        xmss.generateKeys();
-        String[] expectedAuthPath = {
-            "e0e81477f50e2b8719d1d9a3c1a55d5460711b88eb4f2c8df8d17d38832de9d4",
-            "251142aa2cdb5a9d81a0c7a98e2c3c95bf96e73c68c78d467186eeac1dffce38",
-            "53a6a544a1331bf650758d64bb8fab1104170824894fdd8a284d281aec9d6270",
-            "5683d8f8de11a5845b9d1b5cedb7fd0bd76da3341e75ddd05f261520228664d0",
-            "16b265f881e4b7bd303b7c38b8adcf31a7c211bcddb5260080105c1b70c41ee9",
-            "9d421eefaf1e51d762f245853cc36250bfbb3f547770303dc8a38d03dec2d0a7",
-            "233b634f83a2456f279126c7fcb47f9301cb2d5e8db69f4721f68000d78cffb3",
-            "9317371748b85e824bd82284875b7bb65604c94ff0b8816cef677ade31963bd5",
-            "14ba59e3d998735a963d018b840a80be11a52ccdadaceb7ed45f0763e6cd49ca",
-            "6af97f6bde85e4569178192bab4fd59d8c2b1fec181f27a8fa2c17552c16e3b5"
-        };
-        byte[] signature = xmss.sign(new byte[1024]);
-        XMSSSignature sig = new XMSSSignature.Builder(xmssParams).withSignature(signature).build();
-
-        List<XMSSNode> authPath = sig.getAuthPath();
-        for (int i = 0; i < authPath.size(); i++)
-        {
-            assertEquals(expectedAuthPath[i], Hex.toHexString(authPath.get(i).getValue()));
-        }
-    }
-
-    public void testGenKeyPairSHA256()
-    {
-        XMSSParameters xmssParams = new XMSSParameters(10, new SHA256Digest());
-        XMSS xmss = new XMSS(xmssParams, new NullPRNG());
-        xmss.generateKeys();
-        byte[] privateKey = xmss.exportPrivateKey();
-        byte[] publicKey = xmss.exportPublicKey();
-        String expectedPrivateKey = "0000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000073c3fc6de1195aa5d69f9dafc9db8504aa8059115e8319ca15cf58a1c83c0de3";
-        String expectedPublicKey = "73c3fc6de1195aa5d69f9dafc9db8504aa8059115e8319ca15cf58a1c83c0de30000000000000000000000000000000000000000000000000000000000000000";
-        byte[] strippedPrivateKey = XMSSUtil.extractBytesAtOffset(privateKey, 0, (Hex.decode(expectedPrivateKey).length));
-        assertEquals(true, Arrays.areEqual(Hex.decode(expectedPrivateKey), strippedPrivateKey));
-        assertEquals(true, Arrays.areEqual(Hex.decode(expectedPublicKey), publicKey));
-    }
-
-    public void testGenKeyPairSHA512()
-    {
-        XMSSParameters xmssParams = new XMSSParameters(10, new SHA512Digest());
-        XMSS xmss = new XMSS(xmssParams, new NullPRNG());
-        xmss.generateKeys();
-        byte[] privateKey = xmss.exportPrivateKey();
-        byte[] publicKey = xmss.exportPublicKey();
-        String expectedPrivateKey = "00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000f48df90f8e217076d8af6327691321bdcf63668c4bd28d021d49f2334eca845fa3073991049286c0eef5dc7f23ec0b31f5c1bd1e5b8edb2403ae02f292f6f30e";
-        String expectedPublicKey = "f48df90f8e217076d8af6327691321bdcf63668c4bd28d021d49f2334eca845fa3073991049286c0eef5dc7f23ec0b31f5c1bd1e5b8edb2403ae02f292f6f30e00000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000";
-        byte[] strippedPrivateKey = XMSSUtil.extractBytesAtOffset(privateKey, 0, (Hex.decode(expectedPrivateKey).length));
-        assertEquals(true, Arrays.areEqual(Hex.decode(expectedPrivateKey), strippedPrivateKey));
-        assertEquals(true, Arrays.areEqual(Hex.decode(expectedPublicKey), publicKey));
-    }
-
-    public void testSignSHA256()
-    {
-        XMSSParameters params = new XMSSParameters(10, new SHA256Digest());
-        XMSS xmss = new XMSS(params, new NullPRNG());
-        xmss.generateKeys();
-        byte[] message = new byte[1024];
-        byte[] sig1 = xmss.sign(message);
-        byte[] sig2 = xmss.sign(message);
-        byte[] sig3 = xmss.sign(message);
-        String expectedSig1 = "000000006945a6f13aa83e598cb8d0abebb5cddbd87e576226517f9001c1d36bb320bf80c20270a1e779fd234d57b893ca841994e128a6df3f1832eb5998b16e3273084c84e049da83c891856b5fb20f17e1ecb6873c3a87e1a630e327b36981a5622aad6044c3f4d8296c4e744bca233a84b42f0524ee3ccf68eca45b66de7dfc123cac6951a57a802da0b6aa1a1e1ed698934dd2200331d1aeebbdfa0fe13f08ff8d3d2f5c9d542531e6021e34400eaf9d84911ebc0a2e84dff10dad8d078ebb356f522878fe61adbc7218d48af31516cc40689d06771b558c26a700da094d2bbd856c512c77c392b368f817e13fc10050b181aa5ef9294e6d90f1ade14f0774e70593fef221958f95f743c0b5db6a2b782b3b9ab10289fdd2b77d333d5476a0a3a48826e8992cc5a18cfff739deb931f5444b564c86d199916a947222c5d728922d912a30ec58a2422e0ddfe9cb018d99cb3b5df37f40911d2d86478280ec18f4f61edf22cd1eb6b785fab62ccad315afe6e1945c71716cfe4e9a549f591d258d2d128bd471de0054d1dae6523932f036d974dc80cd5eb123f5c4cf97b8747dcbf0ff2daaae1a2b928ad74a1441eac07053c9665650bd197afecee8271e54919695d83286d635afe6977b30a653b2792aa8d8ce6597c87e046c603f44355201981a03095230dd060c88b76fc48fe6714ba50cf8fd4fdfc537e66c2717d96e9f20a56c4d0858d1ca68bbebf405457ef5bb3cbf7af08063174e9867aaa3d7d65dffffecb2bf24ea82e05fc453e4c078395ad9996e3c2b0aae3311ea4159c1e59ebe3dca21a0adb6ebe7d495d96ade93ac1403804fc5d4b5c6d632fcbab7fe5b16394c60b076d2d02c85d0f7dcdc38a18c6599367e1711c6bacdee11ee16ee8caf9330809fc08961ea8f8bf7f1a77bc51f9a4b8b2bad1c55c947fd70986cfd6bbdcf6cf77241ba949b06f63ea54334b3bfeda451aedf7cbb15a2829cd1cdac3d20042c24faa5e3022634f43448d3fa88344b2f0d653940e5e0c01412d6a4508bbdb55aa08ce709d11d6b9e88fff643babbb4791e2dfd8854d66844ed3a2b58461bdaa5112781b92c03a8efaf344316b404c08795a144ee4a38914c88055bbdbeb3509b8cc7505eaca973d36dcb17ba354e9e0ec7511f88170c04a237610d4715179c6a316ef3500819237fe91135e71f90023e5e221b30e79f48e1ea84ccb1df84e52cc84ffae809a3b71176615fbb2c9e28be9f9b0833ba669710add8c972a0b7d2d9b7736d4aa35e2db99d70177015c4e6771f574d8432d25030bad4dc44ea6d4abac7be799361c3ae29ada40c0bbef4e1ecfd083bb52d7e91e17185febcf1e0ec0d566ed27c248427e50994b7590377762ae1bd7413fa4d73495682c45770c2bc01f56ad7a5522df28c46c1e683ddde8698353ff2a8ec29760350343e2fbb4477341113479d04be6346e783800516ced69e657338407125140ffe9c7179c3ea074e0df7d30f101e2f09bf2e6958542dd0d3644263aec86aa12beee467a8ec3aaae41fef986566a0991e867426bfdad50e5c8c8229fcd2bc85ef6f4a585a320663c673451b64f55aaba51bd160f857a64e428943e03e723873753da48b300a1987585ab1630729580a50502225c49897f208534e10e9def653f79eeeedcd599e4a3b3d5d9fbe3e172adb8643853add546c9b9eea6c49fce761242e858c2dced35311bf740c5bfe733ac2e536e531b4e9fd1767307d99fd4f1bc5b8675f598251f2a4c56ca580aa9cf90ad284097cc3dc150a7e821b81d55b5621ec952577e83482ef94ae393ec2b4d92575e9d7b9cec342cda8345a5d649d2e47884d7946860e066beec1a48936c98730ab6823cb2c7374281d735b7da5abc7dbfe6cfa459ab27cbc808bd464ad3fbce37d26698a68095d97506923991f9257ff2e56ed8cb90c0e15c15e9b817c8808a7c84753678b442f44668eac7ae1d8321eca933c5fd470b7587efce06146e34106b0994e1ee02c3541842cafcca19ae9a9ccda89d371fafe4f50047a8b9406ecea2990b90eb6da266724d8e6bccd6dd7ea88109adaaeae790790f0fdfd9b64364c37f9f1293fa60c8f5111bc21118932b0a7223fdb680aeabfedf717995a5f6a2986e647dd52efc6a0b733b57f4008f8acfbe7737b65a525ba04fe91a9fd654a36a8f963561db16e5715408c45ecb32f0e3f92cf22652625ad46edfd19e137fbdbd299cc53f8eaf88b58a13b736650a03afcddd920a34d42c745d690c61e7cefbc8ef496e639d61067c36a0c01caff42e606d9d2915b27e307efb59736934f1bd6e14f19767cca6da00b15a5cea1a6bca237050895a377338a10bb47df8dce188e510fcc1418dff371643d4441332280f81b7e42629e4d2b93c344b6a49df059adf75aff24adbf7efae31abc51ffa71cd9ad06f522c3609c797535782d9bb12fe2c15eadc64a99def3707b05705805b0c6ee9b5c1df4daf1fd42b70d4b9d2f740984d7b81ea164d0033838f3ae5395c17b56d55af6e599f720f0f61e9e5aba451744c6ae136091f5d2998759a0d609937b3e6639f82bbe9ad43e0db5700cbfe2e5697ddf34112d0b710ac4b5d2b90f4a4f48dad8fbbf8a983afc6b3ff638fb62e3d166de11aad553dad08d3c7a2bbc4a1bcddf96b3f319f7437710364d60a6ae3bd1d8a32faa0349093c5101da8e37a33222ecd1603e677bdcd28b8e4eb824673c198ec05434b339b865291e0eacb87ce7f78e3fa8debcf346cf16f347764e8591f21ba624c3f978b1d2a21d02e06b84853a1c94388600d208abc5ccc1728b14d4a18da3fcce1e0d4656105fea7ab7673f92d9094aea3aaa601969c4f64d9b5e3eb132094631864903fe80d6365960923b4e96212f85b78e0586cab0f1663dcf17beaf051071d6545190452d78252d8968b0d8cab0257bcf0ca1ffd3c3ce9895271c12e80d05c3345cf0c8064bcd8a760ef3e534c06c3b02b992f4bccc3fc7ff364a07183b43a60cb6666ee69547ed53895f6be2083b11d5017219c006469a8818787a38e813a3d45609c3d7ab0eef9180b127740e9bad05f93de0e81477f50e2b8719d1d9a3c1a55d5460711b88eb4f2c8df8d17d38832de9d4251142aa2cdb5a9d81a0c7a98e2c3c95bf96e73c68c78d467186eeac1dffce3853a6a544a1331bf650758d64bb8fab1104170824894fdd8a284d281aec9d62705683d8f8de11a5845b9d1b5cedb7fd0bd76da3341e75ddd05f261520228664d016b265f881e4b7bd303b7c38b8adcf31a7c211bcddb5260080105c1b70c41ee99d421eefaf1e51d762f245853cc36250bfbb3f547770303dc8a38d03dec2d0a7233b634f83a2456f279126c7fcb47f9301cb2d5e8db69f4721f68000d78cffb39317371748b85e824bd82284875b7bb65604c94ff0b8816cef677ade31963bd514ba59e3d998735a963d018b840a80be11a52ccdadaceb7ed45f0763e6cd49ca6af97f6bde85e4569178192bab4fd59d8c2b1fec181f27a8fa2c17552c16e3b5";
-        String expectedSig2 = "00000001994b105a9224e5edcbc265ef0a76939005cecbe87097134c0b52f1d1a41270c21a7f15d081b126ab18592db4cabc163790011d2fadfa7483bdf88059bb8eaa6ba998998f7d69207bd41bfe452ed03ee118aeab3430c65105ef59c113ee601c9ab166a28a181c18530915e6de51a3f63a35a2ae39ce610875bc32e6b06c7851a4556bf2d375c8a0e7498a436cea199563818b4a42cf9f2bd630354c52d6f7a2d70e4afa512104168ab91798fd7f2479bdc6d946a59c7c4d512f4c221f79c8aee49bb0ffca4ed14934fbdf189888c9d6f9b53fe29727019cfd06da3ee308870f2e57f09b68e253ac19e14e3b24edcff13dd55aecdb127d0fd5003ec234680ac58f904409991187399d2e80d57543d13ac34d3ee1a453fc7417378e7b8014facdb9ef989e6b0917cd56012ed6602e63643a2918f998a65f8e17a1fffc5d433ad879362bf28c47e72e059faa5d4713a73e399344cebd059a203f9b5b317cc02fdaa81f2ed2e41db1bfa29a73e21c80068ea8ab8b35842c85b7a41b95512551da8768cd0248378eaf715bac2b82f5540111150ef1cae360832ddac01ea6ad1d9019d36ffec46e516d2e170c7d33d8caa395adce28b9138ef3983be4eba366142858b230d46bcc2108f8005db044c66516d01876a1f194d5fde163351965877ca63e54a7163c431519be7717f43f0b4d85a277afd75b91fdd075c4d6d303110535305bc499fc6eab11041be81759e76473a286a85de85e195c95b6537ccdeb852b388337148aa51f62e3909f9b6b1f690e5464f51ad4bc8e2fa38e85fecba6db7921d38f2d98742315ac4631e6e5cf544ee71143b4176e93fcd9a6286869102650c40cc543465bfb2966874561c246ef224d0719aea811b63a91191990213cbfd8ae46b66882396ec84552fe83ca6acb3da83b0a2d13a4dc105b79110fe70d81c70eed6cd4596fda7baf3e6dc68d47bffe5addd554d49e3999cba7c96c2656529e8a5dfc67cc93473a519165a2b58cf441caa42c195d6105b08e89647788b2113d39c6a1f764cb4c908c712ed62a334f70c18341e93a5565c070c89db35e609ebb2d795abfc937579d621d015ea60fd05d246e545f8770f0ee02b051e7a87aa44c2ed5543dc4852e5a8e25ad132041be35c5ebd1df079f537d2b975b740c16fdbd94528bcb24567d6aa104e1370c728184a63aaecca933b50f995acae35cc927b0bfca7983ed923d61b54553a79105cf4e3595c5bc6878367ef52f8c13018d86f380d49dbf5b54cba7e104af3630f9d389d64665c7984296e574aea643958485840fba9b79df765ac64fc2a9442ec286422e0af685e1ab72394934ee2dff1801a58592f6a001fe2293f96033bf5625ed5501bfed210ab35812fe153809ec9f76ef0f08a084b4239aab5c3daa0892523b31c9e27e7e33df18b2e29ad7caa33ae94a2e7c84cb5fa73f51c8ca771dac3b0879c42181abdb1f1cd29c52f1d7ed89778ab32c01b941caaf976f3bfbe31e0bd3dfbb7da45534bdfa773d1a96c7e367c8ce3af5dac8d82347e0b30d3f3e13db8f59169afbea85c2f1a519b4aea6097f2b6d15dae174902cf0294497ca836e782b570b951c705fb485c2ea24f771135f3f21785ebc08f425353bde0fafc19593dee71882f84a4f8ae42a13a0c1ef444ad9ec98e5670a8e48877d285b9e6eef58bd52497b978fb7b33c435976370bc62f86e7746b71114660ab681a5d159d5c62561d72812bbd8ddd6ceb955d1e91c8b284429891fd7f0bcf20570a5a401a51d368c775f81b58b4c55f8c7375ed9c644454a097409c01b2be3a3578f159e3241a9078e45685b60c82f21a05f86b7bcc3ab69e42bf77b341e9e55b9c42e9c4c792f391b686aa29b89d9b575bb13e5f9811770d864a20e28b3d48b8fa47b8b8a4013ee14ba01bc3721ac8186f46d00b61ec0d9c68b3868afb93d23f8e2512cccd2aa493b2953374ddea144e8d202164438e808d73ddfda97bc60198fc63d621d7cf54e39492b83c9b8eaa855b95eb91f7d25add1bdbe462f72d877515deacbefa570c3b1b316b63da7f313f65d0f63f2199c78f9c35c4b997fcb2c3da8c4e5a8208297138ee08d1c48dfad9ab4d7c8fcb66280d349df86038625df9e70ae98c606e3ff095f94b1eb3263cdafc9e401d29e7b801e287de025ac7be7c9faaccd040da519bd479a4caf9b1c14bd9c64972773863a85773045ac068462b82ea43cee9628ae2272c1a8d17fda179a22c64e93a83f040afafbcb9c44cdc0a9d5f12cbbac991708b0cb9b689141ca9fbf2421feb2fadc27ce6948379cbd631c654eb21f3bbc6ff60bab018a9a90e9660eb540f0d16981f16af76a1ad8bb91e67cb810b5d0a3a0e49324e0a75a47a756c3aefab4931c230909b440647984a271546646d2fc67a35c14064a0d1e89a703d5f89cb865c501b3ba55f128fed7c9b0c31beccdbc90c6f0a9e754ce090abdadf5c03edd5ea3991a84fdd1d7bed7f9d8e3872f331081aee35ecd1e81fae67643b38d97cb3a81b97a9d09c73c140dbda2efaf1a8775330e1e56a861a8e517f238b871ced58091933110ab033518ca18edbf8ab6cf80838cb85a06f660ad2ae664e870b4d26bfba90510facaff2ad4ba19715ea6ddfd656f9e414e660f532d4fc43c166f01f150b3400cd85ad1cb9599fd89285a4eec574f1b2ef54af021b990fbf1a01098c2d79d80834769f32cc7e94dfc3237a6f66dfeda8a1ae97d9612e462b787cab6883964709d69ea5a649c9af376799558733c5e88cb91e6544693961bdd03ec1b8f46f8ef725eb5060ebbe41987ab5208992f1a366809675f8265524e6210e636c81dc70a24cd34acd9ab8a3d6b296368d56ee117de991e822f4d897cdad4f10fe8356901e29395afa12d5b2acac38a78afbe938f54161fb7934ef4a0cd1b661434da377befece43524857313a22a32b58d2b68fbbd99fff526793ab2ddecdabac479b14dad1373be54db1c3a125ab4032a6dddb6d38396377d98eb30d1e81edce3aa1683360b02309d8bf40356e685274991ba72e28f045dc0ac670e1bab70b6019ea659a83a5b2d2934fff8302e88ee8c6fec5456a05676c14a53ca7eed5485f4e4ea42198251142aa2cdb5a9d81a0c7a98e2c3c95bf96e73c68c78d467186eeac1dffce3853a6a544a1331bf650758d64bb8fab1104170824894fdd8a284d281aec9d62705683d8f8de11a5845b9d1b5cedb7fd0bd76da3341e75ddd05f261520228664d016b265f881e4b7bd303b7c38b8adcf31a7c211bcddb5260080105c1b70c41ee99d421eefaf1e51d762f245853cc36250bfbb3f547770303dc8a38d03dec2d0a7233b634f83a2456f279126c7fcb47f9301cb2d5e8db69f4721f68000d78cffb39317371748b85e824bd82284875b7bb65604c94ff0b8816cef677ade31963bd514ba59e3d998735a963d018b840a80be11a52ccdadaceb7ed45f0763e6cd49ca6af97f6bde85e4569178192bab4fd59d8c2b1fec181f27a8fa2c17552c16e3b5";
-        String expectedSig3 = "000000029200f6d2d656430e2c49eda24923d91c484885f9e626e8e76cad5fd2f7d875ccaa913998ed0c0085cae2d9c2e563315d4df92d857520f22935aca637e8755fe9f62d6389cbc9738ce8cff101e0707d6850ce003b9b884fd3c669647d697bfd3a24b675a6955113297e9ba806b790a776362c47d3081dc09e430172d5d6212893a751c05c70ab1481395e204d1fb675e0dc47e226ca450d132163dcd9dbec52d4df457482e99dcc06c7746eb4ed000eeefd95ee8fdb6d154db279a7f7eeb2aec2f43d566cbbf92bd7c45cd3a56f52223439bfe06a8b136aa35c76381ed5576e8ecc0a25657200ac81e914ce227bc2dc859545d315fce5cae6f88816fde127a76d9cc67953590a63ff7ec230b27658e97a2d5f9a9edcd87b9323381f72d121dc2c56f89312eb58294290415619247ceff45fdf49284ce795592f519288a5c7a86436c190883edab0e58b31eb277ed32cc572e53241394e526496b94f338abdbe84251ae0183edc154fba47af8c0a9e9ad9a2d7ff45aba5987cdb127b344a22b4583cd1926c5791139f4c9852013b0ae8acfd8ce7114ae6d45b321d245a3db19a082d3a3205a6ad3b7838c824bb81952250b09858c543254a42ecfaf23affd642fff84929a4bcb40d65fcea84e461c4b3fc2f8d4a1ba3e561be9805fdfd74741ab4c407252d40188ad932d4b53ac3b806d674a01140f2e97bfb25a3baf30c29b534db198680822a0da9c1a103278e059a8d0dcf5e444178f1a55e3d75ea9bd3147739364960c959667a61645ede0d5fbc8cbb853ab42002a2205fe271b17e9fe095cadad0d168bafa8a392eb8e3e8d2afeacdccbc5a6f4addad61c0b4368f6a92b182c39c2eea41520419bfea541ba2815ba1f539275ce944fb66f94f72c47383350966125927196399bcb39c287889daad0f1dfc41af86bd70429ee6ffda828d4ded50080c47b7315150768eedd9bfe586fdf37d7a0c74807838fafc5a1e5e64feaeba16a1b87cb1f6241af614997ebdfb83681b74ec33b23e4ab6732417ca3b6fb5336b3e31ebe82c90d60aa218d26dd09e65e6542aac5c3f295e3e050e43d68792d10b4c2c5e6c7d0129d85e3ea79e6b13c2af471a2192e8ab8a6f4c96185468e8931b4dac3036e87467d2cf75aec5d908a526a507740e333575ff3902d4142f88bdcb5b06583523197ca8b9ab390fa61e9929ad6a4c73d1ade927f945d45f77175a813623caaf0ff586330ddbc6dba9ee39e62da280ecc13ffc22f83a8cbfe7f3495231a7612b9628e17fc7758f020fa42df2dcedb74b4844481aed37c108bbdd8576f189b662633fa1e91fc481b381f042dd4dbf5e2f6d545b88f1b8c2f04126f62d6f2147aa9001781f930984298edb117598e711702e0788e0e9304c760d9fa1321254290463c5ce096daedae47109657353704ea9809a7e10f2a0cfbee0604098b7f8431a7ec26ad04698b74097b9ec544fe510a29dda677dc2e12e73e57f639e880b0aad0deb5fa29771abfdbb582a76061f3b42c3939c12dd426a03fe9d5287f1bb9f8fcf4f5b2598210ac126c52bcdbe27695432625fbce06960d3460012e52971b5d19fd1b1ee55e52971ce27377dcc4a907bbc7bc2ace94265f22c2089a4c3dda2fd42b3e388e7db905eb043a48ba49104dbbd47c5baae0f1af80a7f414e22799c4e5312a98a72a464ce11850772c4b6bff995be2567dba1364c98b1fa6326b4bfcd4bdf30c48a25f36158875dbd77597987f2bbed2bf0d0ea457726cf108af5628c32fd0f36cf214275aa8961b22fb1e042959d81bff3c1bf2128d4355d0f964dfa6469b5579d63485bf3ba3eb2cea80e095b32ab8665b48c0b1c04895eaea3c67edb71f30bd308971b130eb85a0970b570f47f4e613dfa5e3ee6ea68c6f71cdf369c79146bddb693a1a92b8c80acd061815b34737b5e4adfd68d28e293a3dd85620d6aecf5714e3ea7cd148b9976738b367291ab32de5144a3de66306a248109a43b32d239e80b34ef2994dcb2af1c28f7739f6f7e502a2cba8629cdb74dbab64162782da7b72c0f3d5dc4fbb351eaaa423026842a7fa340fcabb7188487d805abd8f0bbc8dac9d277d3976aef2d300eef62fad9ce676dd243beb43344577510f974a39fe48d922c2a22c6fafebfa549473d9432df34836163cf71dd0a3f337027d2aceafbe27d8bf99657c137567de22bfc060c60c15539b058a6c9eb703be266cde32ffae7eb881a35e4cb453fb5f1a5615ff99107de5b9577bf85d2f00937731a0d96fa7c994a2a69c8ce789bfcd448d2bdcda4191b6ea3ed3b020f78e779f70a1b526026c5d9c0bc15861800e0e71a1b481f0e74069354e08abc6d7d1944bd46596456a4768ac26b555785ebc68f48cff8af0e52b847b7e4d40089a48c741c9adca24754abb1e201020a5d39e7d7b9060a762957060f12d26667bf59cd39b7327e873a7ac774018a0fefef3d22d920ec00cc0d8dc53192306d5306aac11092c750985a226fd6cbe125f68133c12882ee31e48f5c2781e27abefe44cd4a1b4384c42be03218b26722fdf83d6c4490e9bed4a430151206eee84694e5787c94670ef60d5ae8158e78af8797962082fec9b492769231a39f2dfd2dd5e08babc3ecd90d648e8b3acce525680684c37be1ccc9f2abf75b9dc198f33c9dc13bd328ba4cfe1a375a6ddd2fb8b2e44a16ccf87f5eed8247aa49efa0368718ed7de0e3b925ef0d2e362f466763d61baaf81abd468a04c0a164938b77c9293b70ad9ea6fd500d406eafd4e64a716d4480b3861a3f4c1d56df1494877eeff2934690c2e6b03b3d4c618cbca4cfed4e3a5bc0204aa307b023e24f17cf41cb26a52797cf55a94a015a79d1fa5a49df99501f4590522645f54bfd8738b8395b3b7da5f5bdd2b1a2cdbaa21d692e6c8894c9896d42ee55088f4829f07e226a2d06196b15d909a709df1ad319de092e30f3d373595c704192d1b9f6330dc1631bdef5fb01d9ba7c0790cd840f3de0d0cc48b5c6640b3b7729ff9c1dc23e3b44edd9da3615e4e46080fec3123382f7ec23eb2b9c2e37befc6d246af039b5765d039be4aa2007955dfe8862983d252d8b79a33e9b1c531003f1cd3a8bcc6d29ff8aac0062bbc479ad59262cc6bce4048859718988b62e2c4511ed65f659cf8c579a53a6a544a1331bf650758d64bb8fab1104170824894fdd8a284d281aec9d62705683d8f8de11a5845b9d1b5cedb7fd0bd76da3341e75ddd05f261520228664d016b265f881e4b7bd303b7c38b8adcf31a7c211bcddb5260080105c1b70c41ee99d421eefaf1e51d762f245853cc36250bfbb3f547770303dc8a38d03dec2d0a7233b634f83a2456f279126c7fcb47f9301cb2d5e8db69f4721f68000d78cffb39317371748b85e824bd82284875b7bb65604c94ff0b8816cef677ade31963bd514ba59e3d998735a963d018b840a80be11a52ccdadaceb7ed45f0763e6cd49ca6af97f6bde85e4569178192bab4fd59d8c2b1fec181f27a8fa2c17552c16e3b5";
-        assertEquals(true, Arrays.areEqual(Hex.decode(expectedSig1), sig1));
-        assertEquals(true, Arrays.areEqual(Hex.decode(expectedSig2), sig2));
-        assertEquals(true, Arrays.areEqual(Hex.decode(expectedSig3), sig3));
-    }
-
-    public void testSignSHA256CompleteEvenHeight1()
-    {
-        final String[] signatures = {
-            "000000006945a6f13aa83e598cb8d0abebb5cddbd87e576226517f9001c1d36bb320bf801817cca72fabe805373baf049b80c4309ebda5e5e2c9e01851260b7fc238d55f8c2552b917795d4ece5c30f1351308a91de47a7e6eb57ee1aa80fb3400cda35df1415eb392083ad68676a23b1b60f9fd9dc273f0b211d41545f09808d0beade6b889ca476e6d78339a57f7eba226ac5d31d0c7d6571e4dd7bef0e19844bcd9a174b668afb0688c081c38d0db3bda3b42cf1025f2111e3b2c05a9552d6f2f39ac7487bcf0e23f9bc83149295b5e1d42cb6c795b4be7cbbd4059eae5269824034aee1fc8c2e4ec4705957094fdd5a5d62ab4cd1149303522c06ac7d9c461cee06dfef221958f95f743c0b5db6a2b782b3b9ab10289fdd2b77d333d5476a0a3a48815e9a339f993f3ef7ed9b494c51f9f728e859e50cc461ebbc5fa81dd368e065de35accfbf7fe18ee2ead0d5b5ff56b99723eb428701ca1bc52881c551eca6163fbe698471f69f63082c4a1942de3af59070f960e5bb3bbe81ebe4bb75d478a65a2300eb347ec9ef0e8a8a6fba514a7299a623fb03e47f3f405f2d2e8e708bb44a596984dd6a92df6c0f0c27093445c42e03837bf9326aa293d2c3174a72bc214f0d0e0164db2367516a396688027e5b162d05ae72218d112379759b081895ccfcb6e2b9d18e1866e5726247cefe4a9eb25d5455d9849df5ee77a579fbd7d80cfa8be96bab83e100a406a27735bf033cefaa81737b88466fa1d34eec15f38966a13239d2defa006c04a9084f27487f81ef85b7cd75e4a0df87c57343caa9805addc396b4c232ce3658fec6790a69c81b5cb4d9e6e8afffa97761095fd5903d8a28a6965cbe360769f32f4935ef8dc84a8aae703954f473eeb99971396baf35bc481fe07fe056fd8db3e41dbf48a161b55c5d47278c6f9c6f333fba22886632acbd42edc89219320fe4faa0080214820eb60d3ed5a03ae97332a633061ed68c78d6573c7f2cbaebc35e1687b9219dec67f5e6dcba20bb6b40a07e0e0defc64d3c70163200166592c5898918221ed942c4b277640edee15625caf2a5208c9612e587a494c5a473de79ad1ff0092a41dda84fab4acd5435cc37e4c8a9e0895b60e638e2fe973cabc7ba40783e422270de34919fabac4126a6dc035531efc2ca612712d95be53453ccf8ba2096ba0fae14abf3a95727b66f1e5742de804ad0ff11febc3e8a6d80e2417baa67b46e8380949a3ffd22a8f3ba9dca07e61ed0606382f16e64ddbba8e390c38ee018b43220c68ddbaa0133dd05bad7befd31380b31df1a1e3056323085ff2bf96d4bee060d32d0e4c8dab17cf98a29bc6a0cfd2b050f7ea0c3cf4556a4a8aa8e73b24d7041a53d6ca1ebc12613e0d616e3d95ee725c1da119ccee0659148f2c412282400821cc1cb87a5d79cb64e308bb3d1708fe1b91b28d0da61e09ac0260e5a1224b11ac6d68393b885ce94d4d06c8c8a167ff4b040950308a1e6c0d1308ffc227c80bd2acfcd1e6f9f7cf91dd1efb662e4edab677aaf1f27d311f203d1d0f1f818a228cb6021eb99a95ad22d3ac120ca7bc593bb8e9d2996d1b22ec594a87dd2684b55074502a8a32ffae9c9c1369d8d5b2b06c8190f96cafd52ac09e13fc989c08516a252354b0a38120715629805a215564df9445eeda05efdf580767316c55037f3f6f925fa5b46ce78e7a27a85c8ac1a9b521201970d6c6e4931632450100217319c22462acc98ed21b06cbfc531a7cefa7f1896c8de4d642a8e9e11119d5e669a018eb6a58a6e55dc68823f94c42564b075036d42a8ccaf5c087377ad9ce9b1b9a870dfd045c21bd1040433bd5d6a880d9932fc455b41f576efb23be40652fa3750075aa88bfb63978347741d77efdee423563d20cb7521cf5f005944b15f57f3c41a9ad84ce85e5f0b7ccfcdda3b2043346ca63ea3566beb46e165b972adbaf606a6cc242114b235be167445863dadb50db3376fe4bca4c7c82bae61ae0074add5bb3debe92dc0303dc569006efe0f0a9cfd2cfc7572d248b914dcbfea4e2f632a1bfff98879525910c38737b9b10554335a19852c8d1e16f8fd933164778b9a411b70b1ad050d69d1581fe1edfdf603e617fa8ba53301d080e8fb7fca806ffd7064c82adbaaa0e90ccbd808c08d077588669a02a14c53cf9d56f6c369b602b1326e08126c932b379c960c6483f4d5e9cb48990792def9afeb54d2c472015df185514f500daa101e2878272694de5b6a14a671547c86efd0336ac9e0d931b7469093fb937fd66872c7fc817e941bc32106396effd47685d54f8028f300c822c9b578bf922a80945954c3988cf85cbf0fd304f2cfaaa121a1f3d01ae3fee1e16496760d1edecb00e0a2da0ed66b0996b45f5066fd5a5e8d0082e89987f7ec7102f385047be38707080ee068cb55702ede0330f35782d9bb12fe2c15eadc64a99def3707b05705805b0c6ee9b5c1df4daf1fd420433af01841855e9cd056bf2c037e6b8becb69680b1967e3f33e7f97426af4d4c0700cc5e33c8b122af763e6865b88264f46b98283ea5150d6898d13250f8f4a8ec12505cf124681a133bf722281399f0aa600f30f93c3dbfbfaa27b500c6b549a95d58549eba4f88e777301aaca7d3ad00e653b4d0afb201ac6e26a5ef2c4d110364d60a6ae3bd1d8a32faa0349093c5101da8e37a33222ecd1603e677bdcd2180f0fe7f2e7c98ddc0ae9654f609e80acfc27a087e54fb9753a12f12e6ff06465d6c01fa87cf628875e2b6a355d5d7346665890419d04c6469d091e460a0a972182c015b21caf03e0a06b3582a7ed7c557bd9da3fd2a78e7ffc5977a77701af9bc2af3f79bf6a753da9f79a5294947c07a2caddf3d6a0d4a8a3289ac1e6fc5bec4f66596f54be641f5064e87b7a3c754e26e4f66cb84bde870f55a79a7577abffd3c3ce9895271c12e80d05c3345cf0c8064bcd8a760ef3e534c06c3b02b992f4bccc3fc7ff364a07183b43a60cb6666ee69547ed53895f6be2083b11d5017246a103478034bf600f5f9f1d9130b6c3195f6165f3d050f794e7499f76814718e0e81477f50e2b8719d1d9a3c1a55d5460711b88eb4f2c8df8d17d38832de9d4251142aa2cdb5a9d81a0c7a98e2c3c95bf96e73c68c78d467186eeac1dffce3853a6a544a1331bf650758d64bb8fab1104170824894fdd8a284d281aec9d62705683d8f8de11a5845b9d1b5cedb7fd0bd76da3341e75ddd05f261520228664d0",
-            "00000001994b105a9224e5edcbc265ef0a76939005cecbe87097134c0b52f1d1a41270c255121e197631cb280ebf573fb6155eddb1d968756805f3edc4c4e3ea0008c8e5a998998f7d69207bd41bfe452ed03ee118aeab3430c65105ef59c113ee601c9ac28b498cfa0e628dd0b8f92d5547c68f4f3ed66cba1b8623ad63ddd7976b15538c55b94c63e6ffe9296a28232bd9a784f68e026437ddc807746fcc09c9d68076282cb4988c8bc501a461225fc8de39336d798d9032dda887bad268a57ba0196c6befff554b7a27de52da2dee7fe0b77850a050f87f0287b1c0c055d6610df95a64507b9724e9c3d89b4c41c8f3f3fbc25d20b268ddb8afb41b4132afd20c5a37c1c5d50f6ba64525ad06a238a3959a84c2a1e95e95a59582089114ac497f13b279830417cb255cd7ffb386bd24afcaf6cda74a3d5d7c75e9b04066b2d379eec1f9d5e7d74aa71807f200608aca913f933238c71fb3acef64cb76499517be047af9a8cef1afe16c7a0a282999f4d672603deab8a59dcfff2ce13398b7deccd2e4f1bc1ce02403c5b0f7930033dd6f813ebac9335865d03893d99caae239c17ff91c961301c52576890f6937194ad4c7e74d19f71d3b8d7aa967ff45b9e3a1324e63496d719d1c7c6b4eb56e52cdb3a64f44b87da76e1f1e85a1d891ceb88a3e64addf0d84b8f2d3d9010a3be169f41296afe814f2aed28076479140d2cbe60c232ca8a272b4197b155e6502e6a1861b7597f240bd2479c7544d6a85992d2d1d44ae26cea1ffb29952ca2ce8312626a00d00f4c84dab58d087f55c822ab3444170fdd75d9bb247d6588dd21d7a156f3423bbfbca4a92faa82c1d0e24ced7c6e5b6c543465bfb2966874561c246ef224d0719aea811b63a91191990213cbfd8ae467dc0f1aba9f42d372a98d3cd993d2a1a5ba6f2c7bd385467084c049489648d34b0d2703e5b220b62862da2af2cd7eecd7d4483246ab87612bbe1401ed07decb7bbffd2d774b6a40598e9f3f86826861bb9e9693bc5ba9809cfca4695af4dd372c4ff56957ae29cbf197dd7a218d753541c2f632772219c3d25c2e900ff7d685d6750e01c6f4b88ab346d955db2de4e4bbadbfa46c40443c9402543656d2dd0670484b6872518d85b3f556d01aa0c01405a89cbc15aec2d11731007393d930e0cd10afbeb9ada0162b37519733523bfd5adb677fa1c316966fda4daf7a42d0d857983ed923d61b54553a79105cf4e3595c5bc6878367ef52f8c13018d86f380d42100740f8f0b55c90ec1573e660079653bfb0a45d17f5396aa2220e55c1d23dd1cb78ec51365e26884a08171f10acf2c503ccd1bb7ece8ed5333d466fe3db702ac207a9f15f32db4802e781beb41be0b97653f1c36daffde0345e6b74fadce3a189e65597d049a60ba58913d02285d8cc011ccddf9a5cbb905074ce1986a3776f7fa26dcf4ca02462e800279d363e25949f2b1b8a7f1f9373a3d487121c6e74abd8642ed9721ea7c5b32ee78cdf663f8ece0b99aaefe3e607a58deb53e2de6e6db3394886f8d1cef3ef6762bdc6dea1f93446273d2f6926a920d641f58c742bbd61c056e741543da9a3d4e8bc6237c5c6bf1888cf24d83f3e0ee9009faf1effb8884b6f5aa6e55caef5bedd5a51e4e467dc5229919cb843f09b206edf896e0f77fb6c698b36ca0f146f37c07903cee49ed4c498ad4199d3ef05ecfa3d2575b8871114660ab681a5d159d5c62561d72812bbd8ddd6ceb955d1e91c8b284429891da0040ba5ae2e6593147f41b44a0f2804b1805585f93d2be23666a7a28212982660bdd9e88771397b26e46dccfccad87ac926a444f79070bc8da116c167fb39aecc6e02a1b3bdfee70a61ca2df9a234e7d094aa84f51005df5a18f3df16b64348cbf7eb706a19d7d302bbbd32f1faf8e69300649c46e2e32fabb41e57eb8816f10dc65054943c8db35f6c9960f8ed853bd38c131abe9481bc1afd3f181a04f2c4382f3ad45a1062c53109a2a494f1b9e719bc384842bc9370ab81e8cd6a0955f13babc2361be35127742dd0551a5bc342b9721d7f1bd629c59d67b01fed65350b3c5da71fe6713b51a6fa17a6f0b2caed679a15ff38ef120df61704119d0cb2134b608d6c004a7aee902381550b94361366137e2ff0c7a937b85ce096e45fb245d9e8646e68e85d4b9d87f1c2bdc4193c5e691542894ba42197cf1bbacea1290491572fdfb5052f4b1c461b66e324b6da6264a8c25e1d194e7fd94697159629563aa61fa3bb9a5996432e76562b86a0317ba91771f0c1eaaa4ec418fc0690d7fd0a326319563a6bf2c29dc36318e9318f4caa3714309286bdbbff016c8bcc855352789d1a1159098d7bced399e731b80f83ccac1ad619d9bfcaedfdba9c6600b7a05393b5342182ea2b2cc2a9fdbb502e2c2ec2dd4ff4e84fbcb28e3d8c07feb1be042620cff4710f4d650507232f292f380d993ca55ae66abb6bf0e09c14393fcfd7989483cc9bfa24c2033b555bf0f01811be2b6af12c138b02d02cfd85bbea2ac405fe0420217ba9bff2d6ef4c7cb0ba4faf36344b96846c699b5a9873d81a93b79aab433be2bb1642e3ef44908d7e561ee74e7207d0a405d18544d0c579a8112550894deff455015938377f767f2d1bfb0f10386559afee4f20d678bb550b1bd0083941306a6c0b736fd08e5a36d8aa589d12b170d587a78728d97f5c308e2162f3bf61329b847641e95d83ccbd42a482764d6a9a784245f5333027f53bebb6fa3af629c78db6f8a174816b04d72e02ed956f565b53f3ae7d2e5286eac691dc23bb5d3bc5c4c211fdfb8e455357740e382e63af71856e485cf44221cf3a9c5625d11c850f63c8992cdbaf49ebf5d28701d338ecb57471a2fa50e008b2e6ecdd62d3ac2e5bb30ed330c71af066701d7e2437eacb2fde321751e1a4ffddf0bce43524857313a22a32b58d2b68fbbd99fff526793ab2ddecdabac479b14dad1572235bd8650548854c13049e201eaae30c46ee46ee8fc06ba8c9e4ef1e3f309bcb2076d6293d19fcea9b90c00398e7740910f425703a0da099490e3b0472db2a5b2d2934fff8302e88ee8c6fec5456a05676c14a53ca7eed5485f4e4ea42198251142aa2cdb5a9d81a0c7a98e2c3c95bf96e73c68c78d467186eeac1dffce3853a6a544a1331bf650758d64bb8fab1104170824894fdd8a284d281aec9d62705683d8f8de11a5845b9d1b5cedb7fd0bd76da3341e75ddd05f261520228664d0",
-            "000000029200f6d2d656430e2c49eda24923d91c484885f9e626e8e76cad5fd2f7d875cc1a024d58a92556c86b25cd3eb57e4c90806efe4324e6240d3794284d4c682f3af62d6389cbc9738ce8cff101e0707d6850ce003b9b884fd3c669647d697bfd3a992e0c3ff8b2dc7d51f3b3b8ebb1d42e933c89c44655a602fee6909fe9e972f503cc9a155d185e6638188f2bb8385a519563384778cc15284d03647265b64de909da1ca2871d66495f944abaaec13730a7cc63ae95e0edd4c8887950fae41e02d930b84c3a0f6cfbc49d8c9900dda13b6a7e9273cba461e52af92372709d8d35d29057792ec2ea5e7ce48c03e42cd71595f6bc21878b2d0755af9f0c6e203761059df223016065153d1ea2458fb1c7e4bd881ab3b3c777765adbcff7327270c203f0d3abd11fcd7eb17dbad445d7d13c94d3d75d3cd0dea624e231e867a2f1c26ccc79944785df6ee955296fd29a555df7d83feca277dba523187c83c480c83833346cc9e9b75ac25afe60dd3a8f07a74fee7db3519c0d176d66c47ba8945f843cd1926c5791139f4c9852013b0ae8acfd8ce7114ae6d45b321d245a3db19a087128109b19fd393ca52327af307ba656132e5837cd861783668a8eb0a1039a30e8ca5c22f9b77a008758cf9e92d49ba7d5ac0afb6dcc71572c3b9e6c58fd5b91f34129133d4a4fe1a84debb1072dad543ce99a66ab0a8518d68650ff20ce95cd0d99725065625fcb8a8731de017b1ddcb6df613177280cebb62d004d73b56ed3b2550983f215f5ad25149e3c65aa92d531b9435aba210a1909575d5aa580cd9bf6b2f648620b17ec5b90da73e4d8978fa5cb361a46e4390c8713a3fd2c92026155cbeaa3e9ffa03249f9819b9c114d900ae376b48040cab1ee669d61751f82c1ff9fd61578d4ecb15963d5c62d6c9b64e649b33843c87f4b0bf92c192cb3c3d1c9a867f30afbba4feb549710a1060a6784262baf647fe22e2d16c8f58ddd8bf80aa6c2e7e08a9aabd6171a6a9b49697fdd8c896a7cf857789670d79306c3550d44f535f1e83b7e669ec1a7c7bb49f655bfe7d152e7a05a3c0a9659e2fa5ef951ab3d7d2d30712c561764c765c592e047722c756ff186c3094b041376c484489a0d4049b6f1532e52f97a852f5b810fe43160616be53f3d781d8a4b2d4c039bf5028c2f7057b0523a6617f98e25fc99229c8961488867c11899998cea957c2d135c46ec6de295d9017a5c1436abef766777da7876a1d0adf411863ba4e576d1d613eeca592882601723a1d9dfe5c6b04646c7945a2624cfdfd8417cfdae769ebdd5cb9d2a4016fa8d186910bfc806aed6bb0fb1debb259fc1e9c7362eb36f0913c8a35d1b8800f9b39d5a0844dbd281696b54900d4226939ffe49b07a48952ea9fddf5f0b8ebb0e79a19f83bec3c51b6e4ee8853ddd80becc8ac7a0e214b3f6f6e2a75c09e8f144428df8e2a9aaa930a7fe38ac1a5847933cc5b4c2804eb3833566da3568eccb46cf6a439ddb3304487370dfdd20d237c09613eb22bdf2bb36651ed4b564890c478b720d60c59e07aeff8101ff1b0ffbb9c894cac3c1f78ff49602f3b7c55e664011dc235d2c6b833bb790e2cb06f419a98f43e419c925d30e4984d868fd55b955bc7a73c3d3b8ba7b1befe54d67236e4e42f99e54409cd5cda875df13c0c787285c03d89d6241cc7a992732292e2ce4a6698a64527aba1d7011a09a2f21dfd24b86e16a30ec471bfef6675e72ed2d450309144da61655c6c3706bfd3ab7025d37daf17d0e852ad884a98394ff7a08bcb63f6c3a2b1c9a06c494167207a672aecd7748b34e68fb3719635308f90e01bf61a51df786544f2dbfadfbd6e8509bf6744c906b6a96e535865165ddb175b46c3b7258c32802c10166f2bbed48a8080933030a581ed12ae57483c3e08b48b48d817ea84f71a980b4028de31e01b543be905e9a998991fb44e82b8e6bcd88d09ba15ee58b380a44ebc1821c0dc6eba1d5aa00b9dee768ebdca34b5e757e43047688bd6a3aa03b047b171bad8ef66a6f739c1a11777381c66beef7be94260948a3b774656c75bce0b08515391488b850b3430530613f277c1ee7bed2a7bc272f3b8c6ee177c727e69bea31eb3edad0afb76151d30fe31d6649fa90a36f5903d6bee31b2cf7410896977d7aa4ca5f9749402f7bda44a33aa1211e392493640e2f0df751e769ce000aff1a60f9ba91d17c7cf6bda9f3186dcb1b87e7157b8cd264319404a909222036a836dd3af06c03fb52cf3c9a8afbe25ff9dec5c5e7c542b6bf8f5c535ebc653bbf4597860d1fc57c25cce1531b7ee5e86a990067a5db54188addba92b4e82fdbc9c5c781ab83f33d267abc0ffa02a8e3a7bd91876e7cbbaea246f5a8d3c1372e802ec929353f8a1136447ac61e3f81b37532ee969be56df9d5be0048ba38ee17ae460d640eee02be69de6e4d18606b2bf8c604de3028b42812f9cc4385924240c8f3426d5306aac11092c750985a226fd6cbe125f68133c12882ee31e48f5c2781e27a7aeec7b419c655c8e85830d403fce77a59e5fcb7701d2f24716b63d313a6f2e2e8ad76bf14ca509717319387b69a937d39d2edde293bb663b72b93aa58285c3669cc0d6835e8ea7e1a66f24236b2cb1879a0b391d7cf7b2e65d6c4849d9c365a21bec8d77091ca5c510f8dfd50f46cbe18ff05728f27d4a1977be024ce364f708b81a07f4d60853f01cefd48faf34e4b7ef2cfb5a098e5ddc8e758aa2108890bfb0f6392c1bd0b2a78164a490e2cdb88abac7c1d4829ecab6e639d6a44935d29593c1558cf5d36e9a59d275f88fef060f3aa60ac06e0c15f4ca46901553d27ebc5820896fd6aad46294e40ab0d2c6c6458267cd017ef82fd5fb8cfef2be9535952d6bcdb029abaf13be1e868e90265baa6f044eb9c95ea709f375272ffa245668c944f61f837d00baa017230a5630ba293c3f1f2c0594c6e8a9f55e995f38d8295eb37955f4d3c29f81426636afbb4a1551cfb6c8bfb521941c4f167a30fa2aa5bfeceab0fed80c9cf813e3b75aee9162054ed94243cc2998739b63bb3ba08e79be4aa2007955dfe8862983d252d8b79a33e9b1c531003f1cd3a8bcc6d29ff8aac0062bbc479ad59262cc6bce4048859718988b62e2c4511ed65f659cf8c579a53a6a544a1331bf650758d64bb8fab1104170824894fdd8a284d281aec9d62705683d8f8de11a5845b9d1b5cedb7fd0bd76da3341e75ddd05f261520228664d0",
-            "0000000386edf8472409c6a0fe2f3da07457868477f3f745d6717aec4a4ba8c7ab1647486e381abd8cbdf2430a1be34c7dbb65422fb1f261079d086b4212eea4fc20e39638c6098e1fe17f4df9c51ff96f6db6c6f7488f167cdd09f52b191a85782ca73e42d7800af123d2ac2d705844b093404f2072dd430f48bdb09438a21119e1b3730ad685a39c4e8c67750bf56795a43d93be6d5d6181d05922a13aa08d95fba85b6653716610269ce617146ff16b1b781fe1d512b1bac6705ba24cab5e5389ffbc038a751e77edc1a927d33fb3449cc2a639ae6052b59f5a868b370fa8778e939a30149264898b8c050a093e1d345f3076feb8c50c080a2e0604c45995c7482c23a12400a3318a18d8fc93668acfa68a45c8797e3749bb221a3584f97445a6c6ad215be5a12e582d3fdfd2eb5f74032a6e7aa35718389304989170bcbe1c85d36d714bb2fff05f88b85ced919c9bc94dd004804e460818411821e51a6f69731d54acf5e29c8f2090b360fa4afde8008c0e7085d2989badb92df58f45044aa257ecd9857d4f20b3658c49c0a09b2a53ec1451a5e3a8e4d60432504475992c2099d3866bdafaa6cc626f31e95f20a00d7870a74b957c2db3b93544094c2db82f89cddc95724b541840a32d6ca4465e335c4bc8fdf5aa5ebdc3b3ad9874954771a7340530ab22c6120b65c45bc8c28b3e159bd8511a7e1898c6bd83340ced8c1dae51030a0159a596f08cb761e777e19bf31d9492acbfd5c442ac9df91ae90040a93ad5e935270563f453b35c0ddea505343215f0cafafcc125e56fc9ae09f238440a32ef78b942d9b35d06a9c12257925c3aae2761661df4f3df78db246d1526f6f2f9d007614e239e91a8c449601ddaa9516658c78ee08aba6cf01903dcc72e5f9c9699515a1fb1bbe267a8b9fda3000e6ebcee589a4a868695b965f13086c780ee72169894e3da655014eb0a5a3282d37b6b45b7dab67a62a648e29005075555b29b4de95eeb3656e71807feb351eeb20ddf3757ed8de48784c75f24b772fc8440b1d0fa18f8a747c87b60cf5ae0de49edc1dbcca5fed608f93a8b45cad33e444aaa0069586bf94e5a4546696dd37ad6b1a3835a250f6495424a1adb50a9e436c0bf29623e5b09bbe1d67e87ba0c6f3a2f92a4545cc9b6668c0609dd5149c52f088ede4f9ffcd8624bc6a46996d9a5b78c5533249637996f1ea03c949b27e5434b3b4df286a35c2a427c4f37fb48218cd4f75673e6c902071a289ba3d69de281833193b83cf2bcbff3746bdeb748d2a89c2c5d4bdbd932346dee04b6881c5abd78994c6ddf1850bd389b84892d0d59c311f67777d6f11f3c9191943db01eaf124556705cea4f2c14457ca2f8f25258ada527901e4daabae095388bcece387f1e363c606e131951d709e0312b01094b52374cf9dbfb1f08e2d7566e0f68a5df93e72bf2fc56c04ea1904166d97e957adcea5efad409cd58dcc9a2fffe2efb3ed1ee5a41fb93138765ab5d80c50bdd8649ae2ae4937153bca2c2271c74dc2cf72b26bdb5d7438bc729d535316ba82c1e7ae7b0041a935d91760f7d80c57517c3bbd6165838a478a9f7a17161f54eb729d8055e9db80be9b4af3f172a54a812e9ed513e8bc6ee2fbf814f8f3ee28bc0570e9aa7d134efd571baeb0e384938487f13722486bacce923136ccd3e3c5cc7c1426ac672fc0b0d53bdee953e5314013e566472a6479776fcd6fa892c6851a9baf4531998851a79f1f839b02953ed6d7de23dc8ed442b031394320e0b97e6693142bd8d3cae99af9848b31c1f290fed2de7ff1d1841c30d3c2d44d71c893f150056c454900c122309a9f588f25889833fac1118122f7c102eb466ac4ec724dbc60d431c470226099956f0a51cf5d78229d91af8e4acbce56d1643650c64ecba2243431c06d4065cf738e5cb0980da72a35425ee889fc27c9d514bc581b7e740ec12b4e75927754a0ae3d61fc3c6a8e5b3c93a748fd4cd93f8bf788879da5b82fc4eea69256ee44b5e8cc1c1bf0bcf577a165b84c2ac3dc885413ab490a4f85eceb5e364b6331e7f11b7a832f974f7facc9a377a69a3c9a4ac69684cc8515557402a5d6f70fcc82c20051c7db5cd3d6d7f3bbaa38ef89f41337ec131ab3e3dc3959b78848f2dc51c9db0fd0fcc3d2bd670d1c2fdf3f681280be64a80508f623cca14fdaebd5cf4374182612c2996f79d4a547afeaf0dcb34a8eba293646d6b76725666dfce8fca65a186532ee1b441a24609c80bb045ffefff2e7a1f330bde5ac665eb7296fdec860b6c885143056d739969107fbe50283076a9e6ee68e92a303cdf6ccb2fd9a7e9a25100e15de3c3beb5562e27e88bb3e02064762052fa3b0e69f70e44dcb1410ac1fc604f27e86796c6d381ebc896a463de474e2949d242d1eac60f4f8d36685392adf7bff0c5d579956ff4e71bc8269233834d56ffe830079a082eba25eadc5ec0252994942119eebfa0817627b1731a791c4fb4586c43dc2190cc25ca783104aeb057cddc69f0b1692254ecf21d1638c84831b536dad113c1f6bca25d3ee8562eb572aaf23614b59ed0e9f8ab077f9c0a022e1f65fbaa56c8c1c64457e584416009587f8f57592f96951ad0620c1bac4350d7260e973f6635062dad70f3135515f5144814ae13356918954a53f90b3980c08da3cba1d8f112ef4992b38d1183638125dd62fa05c68cc3478064fb87406a78335c85866fd427079f647bbe439e7f8235ff966d591a5cee90cfbaac4873a30519db48aa1111b27e930b644c4f83da0f0b6116d9dbce9eb962268dd839441cbfa116f502d46d66008bde12ea1e33689b7b870708a05252d44ebd390380cbf245d6434fd972f0c7d09e6612ef7867b2f39feea4bfb39f255e3abd31677071ed4d8a7f394bb35f29f7465b5efa0d8b0ce9f57619bfe1e7e9beb2e49d1b372fd3c38453e9bd59d04ff5409825280d38e100f29eccc045ecbb69ccf8a0977c2d7a74eb22fab6c20c0f614f725777f9d1c2491436f87b65c032302bc24ee25f321e47b2ef1e0b9901037ca8c061281e1ff6080de1fbd2f41f91f32f0e09710e1c93982cf716daa1c350b4dbbaa17a95a2251cf702fdc87c03e410d9ac0062bbc479ad59262cc6bce4048859718988b62e2c4511ed65f659cf8c579a53a6a544a1331bf650758d64bb8fab1104170824894fdd8a284d281aec9d62705683d8f8de11a5845b9d1b5cedb7fd0bd76da3341e75ddd05f261520228664d0",
-            "000000044798030320ee0d4f25de3b7b6f578e0b4c930b7ed068a65c53dbff8ad4d73073204ca1e248cbd771ed1d69e737a113c705a4790409f43e5b7d70b628b067ce08f4b665ce7bbb9f1949220a19d53947b7b2f5c63592ee0740874634b3b11fc8f440901e5160e2398d80b465926d043481b1378fbc29a6e10576b9dddea2cd568ba15d7bd4cedd5a015e4838a3e37175cd0bd0334e055c4a7b3f6194fa8879fa63aac2da5c29ee03f0f3d9f9f22e3cab561226455b8d36436efabbdd3d17b2accab018f0d6bb46dec2518fa167bad997c0c1bca1153b2ea732243fad0eb56ebe357d7c6ffb654a6536afc80e83f276ede8609cb17298097f8d54b3213df6aaffcf3bbadfe7018eedb8cf284860bea973c298e6ce6c61360cdb1c5c5690f4d5f3ef8741c783be4a2cad2ee0aa2c1a58a17f1944ff11c2fb1e6eaec1190707977f862dc71c722e94d0156eb44ae69efbb7db7ec216f34adc979f7eef301d9561772f5d5c5d7b7820236cfc636216c6e4b223ef338f0d2de04c1474beffb8e8aa172c19bd6ae9bf103b92e5aaed352a3554dcb234edd5b965989453cbe994da7597bc5bccb4f5c07a7d62e56fdfedddabe7d2ed4c41e09a9acf9289547a8233cd3e76f36f613a205b4faf2e17388a8ab5e19559bd370945e138cd18565e4e12f5a6c8b429cbec8b9ed34492f321c1885570ec9022fce4ce6e1f3a657baa8bc62b94db4b9f9ca780adcdc0285ff33e976621ff78d26da6d2b66cebe392290fb0ddd76ef973ea3ad00ce3614b744f30d43a37fae5d9b85fd2a76052f3f4d88c056a9151f4c2a7e9b5749cc9e6155287ee53fe83251048bd8f926e6f21a34fd0f760186572e8c7a307cac394c3968c6e2b0f2a8bc822c9ec2c6ffcca5167b53a5923b6b5919d8344e23379b10b1422776724f37c58b1c7b435277aa340bb574495e87e364e2af1a9cb8d9d451d7781f983f03a63019eca75e0adf3be74ab44e76daac957b546141a368c3eb2c0eb2aee3906bbdae61b612f5b6dbcf78fa7758e2236cdd5d1ec1e4dd18cf36af15f1050ed235ca26663ae0fbf628a759e7545a5d4cbe0ddd4c77d2b5ae38b6e4fdfcbf7c45fac0e76023b02194597369710a479b7d7f4b7d6d28a0227b5eb75a4da7f2f8b8aa985a8bc07997344e1bd926e6b8f1dad15027a6c465d0d1d2b6bc02ca9455ae5cbb095f2e9a48f2d435ca0a70fc8841335d10ed4edb6e6d5fe6c63d7d0fb1cf7685385209d02924a3a42d3024d0b698735f8ea2dce35634a2b5420f8a02ce4dd665f4c83fee3cfdcb48b53b5742c73be3bd04cc0feb243315d48e1eacffc8e39395482b66324ee8a7db13bf0bc42ae9f5c105b393640837210218bc83cc8667718327df81a37e1ebe8921dc9fc4202829297aa47f9c4a4ae2ab44c8187f055513252437cf2181434a1d726390c1ea3eac34cc5f3fe03283be36fe9b043313a9e41b7791ee80a27bb2c81034b3b6b60a2034e778dcac848e9904868ccabd3375f1b193687ecf3309cbd3493fa89ce0cca82065faa5434ae5526a7e7bc037b636cb141484febc0c7ed2e8d53dbbe6e7373c70cc3a71705e7e8ae5c2476d254fcd25f1c17cd27d90da52969b4da165b83394e6bf7513b08c3107d25916db11539095a55d023f271cf1976095dbddb3006f57a7bdb5b42a82682ca78ecbb5e8d2bc99441ed5e9e4325e23470f676acf85b1ca3cb21d07c243e4cab727d11d9652ef8af29e6083a5e5b6b2bc7106a022e4b59e93a71c6fe073af7e1078468ceaebb0d69fe3d53e578f58b3fb5dc70d60eaf567e0020d561412626b9cf91d64934a951758b62737baac608bc6b46b7ccefcb181ab038bc10d39ffb17784158081461ea1ea363a030047713b7d28ae4aa2d0d54b08a1916828d00ab7cbe2843ead819c07718855c955ad6a4e7de489d5f0a345d401a855bf0afea122e8c9bbbae5d2e78607a28ccc1a88716f12e96506f39e4ae5b3e849f96e464239176638874f24fe0845df3f6df3d3141943f6eaf0434742253219f7b1c78bd539a869693fcdfe79606aa7e8d2eb28376ca3541fbe3d2ac509862f6e2929de405555bdd80ca3286868f3ab4ed84904ad6920a8e0be3e5527092fd1b57b9ab35bd66610d61fd8b96095c8903383f6a0f14f5b833a7cc7a8089cc7e17764323018fc5393db5e59ff088d5460e3144f22c5acdbb68e4155fd8f488be729e363d4b828a533ace1f3f39b8010f1667f44a2954cc71fd5dddc051a177fc87dc7025e571795ce8becee88c7da067d605d101234f814c060345edba8d862124620207aaa65ef54b961c449115daa1cbc9b6c7191dafe318b8d464c8b05916bb01de9622bd29bfa332c538ab31fda687239905972d740880df01d9389c5109417914a42c53fe6777cdec131276c357ae8d47cbde2f2ae2ffe621e536091677737a4769835cfac5e085bc6a8fe8f8437d222f4d616f3cb8078c0f00821731533f82096fdccf12381b514b47555e0a25a52b8dedbcdcfdf196d9d108ac98b2cda7f83306459e72856f93d8726a10a9fa69feaa274f811b90d36e643c9244a0ca02d9d54e2bdd9a16c1ab98b8a36664a3dcf48227d73993ff151f9b65d6c438ed52b0dcd2e4f060576b5a3d65a5152504292b97be3f0ba13999a8f21c0241aa99f62a7e841f31423980b359165e4fc47fad9c96450a75c500debc5d2bd2c92c1f961d977c4f460fe4fdecec712a4933a6c5f6c11a259e61528991c11e30216504d40b4de90d75528559a5c0953dfd31ea83b006c15e865b77f3a92e45f3fb6446164eb788bfe7aeead0f35e4b550b682ff160c8c113a5aaf91f38222135110f547abf4f5ff597c5c539bb03e67f457ae18406479d885982794b3377a731549422f5d4e8bc118e785173c580258a8d3ee629ab4362ab83f7a7b788261f6b6d50614f4c4082adde4db31635bf7ea4d5b96721f268e2e87c7677a823f4e20edd4f491f0ff63f660c8a64d7f9d192b1f29b175154498bed32b69479b2381c131585fd25be09b3d47fee2f5fbdfae2db9778ef2362217ca9e177f4ba40c34b37974b8ed57c99c84626730b1c2841fcc0a53b3b8fd5ac637c7ad4897c5b711488c6f93b0260a3dfec76e39f79af59578604fca6af74968331e4709c7fa58f7f87a838de2949d12550d82e2ae617e0057668b0ee946c373880e5e50eb4a4826b2c83dc905683d8f8de11a5845b9d1b5cedb7fd0bd76da3341e75ddd05f261520228664d0",
-            "00000005b8763e46e573e82d661c123228225d57b4b1645954acc7e0455e04594a529b520aab69aba86a4676d6cb0bccda97e23a4feebd480f62f50c298b5f8b4dc8407b337095f7e04735c2b92df7753d6a2f8941cd8357fd4adf17c5a73999a159a2fd0a44787fd817ffae71cbddb5b05cbe70e7f4c3ab21210eb4f4254703cae0f8839220ac1aab57c77ce87c9e23ab080127302d6fde978bc12cd17f6f817a184ea6938293d8f389aaf8f87e233b4677f24b6752838a669b4b9da1f850c02495c30f38ee493aa83b79a44f6de5e7c7d92fe79c782df534566b3e5e8c04c0f449f1902e438395e2d782a64f156498d959518f68591fd86955097b11fc28655a3fc3c0799b5627380067cebf8b80410ff391e6ba1379bcd1762aad2e9976d3a62259cab4093109d5494c7608c58e0beedf22fb15c68ba8de2e0f2a687a5a70e29a59c24c5ea9c3546fd2f63687dfe0f98685acb108447187f0cda6e1b603ee5b0356408ac4ae63b5031f84932d514d15dc9a7b392a523c519f81047731d8df19329fb83cf19ad2e18c4f26d7c6873e5dfa197828fc40089aee779f8105f1349d5d91a0df6a352790f4d01f30a6e30d5a6f54b0db4ec6a2586e245caab461843b6168d58cc27b633c9d38a2d5f5738a8dbbfd9b8899227917c1260a22d0febebf0a30f3854d900aa72bcb95dc5fb5b2e977379969a9c0cdf5b9cc76adb6e7088cdfb4255d56fdd6662d2e66141ebd98c828cf3deba85928cd0df384c3b3fa1c734ba9add6180db65c9f9f4f24a6f2b4b96915645d9fffca2917bda8fe6a0674722181fd05cc8b1f0fd2f4dee22bdef9af5059ccde3b70c73ac34752e2da71fa38122d68a0d133c4ba0ad99e85d8226651585857c8c87d5d4780f7ebc62b58204bf25bee42b859261d88e7612b08edcddbddd79bab723078cafc4e9ce269ea7a69f0fedc5ef319ac44b2405b28bbd90eccd3b8ff749aec2632565aec783394fc7361fa991e6b912ab7e09200fc259c34b40e2aa18a887c297b58ded238dccb0191631b0b6ff47578a81c9d553c25609b5b89cc807d75a880a3ffadfd652dc40cb2364bcc34337a271cb975bfd33f2785467f9aa950f66d9bf9376d27603e2cdaf33afbdca5c17132248f9d9b1fe09348bc21f31ed35dadd3f7d38125b266bd5a83af107abd2d8b71f10ba303ce15206b507ac47fc22ae98a95a0db6d3181d20c77a5a62ff6395d57bea5bc6f77cc23b0daf828c3817ae9c0036f89665f42137b81349c36b78b61d811c8aecfdbe5828a3d551d327c35a0c7fe4876a17eddb09cd8c512a730c682f9b34b7ea8d90977723e016609f3e90dfd933264fcf5c607861d1a73082654b379d8e3bede877119a0c83df65559f7b58e37360e7c114702d54c3d656d413d0be889c0373f096d61b5ff54c3f7173d786d5694206680910c1f39b96101e6b4628c9a8d79a3fd778b44e95a758c88e4f843613b64ee44338061f9c7bae205b8bf1ca1be1c4ffa106f3563ac2f1f35c9a3ea8e29d217fab3264a8367f955bd1c6893534398a5af6addb02719f43fee53c46ff1940f7d9740260869171a3d922fbb753110b7f32b472fadc4855b0ecb22f56771cf04a17e7130c4b1091443761adeb5ea23131f6ad80f9571d2b22886e6185d7a11392950513a98dd34a0388f40027a3b27f0507b2c7dcd0a501fcab1cb5253e2fb8c2f3e2423e38d309e91088db61cf27f8e017e1b38b36869ff3d2cc3204392ac83c127218f79dc2d49fb9a5d222fcd67354a640c9ff0705f54fe9321a99e0874a25a565a86ab67f6a16b7aea94470e73a1a6d1e5776146c5d9990566d835eb91d1fad9c3670dd544f1f10921407dd5b4ffc2c41e8e5e8763e3baa7a67680ff5a86bdf46d3b7cf2e95aa8f706f120ab6a16633bd0ea4d51d06adafb8e48872dd2ebede21b746ce905fac09f7b239afd52c58a78e7065dae7772facc096ce4e7d1eb923028504ca79802e45ad542dbcfd83db22af81591ee48e135c731d609682eae2aac047fc898fbf3f2a8dacf8e97084e468eef53474d9b592abbd2f395af0604af3ef66d4388ff8d75b0382a4be2c255d202ea4ea23dfc2ca72adc87e689b527f45a40003c7e23151f4b14dd223caf446b083d013228cec20197ebdf5928b6bb5841be7181e528e0240306dac032b52c7608ce8fcd92beb24420cd5905407086d8dd6540f8c7f157238c9b8c24a9b4168f25c8d54dd40a5e509c2533a164d6fda26517b953ca659a7ccc7f4cc89d43293674ac2ef2f881943bb63fc8b233f0472dfd50ffdd0123e4296ce2e1e29212159d683d1e2fbc301c86123751a5991ce02fb0dbe2ea4d71241e18de4f6867a8b7bf5fded4beff76a56881e256706e4c0246b09f22ddc1db238c86e028c567c8a56e4832f2d33fe60a933fcebe83a2d6f3ac8a076b8ca4474f1dae5ff14edde0591535116d13ae80d982022d44f6adccd24d374050ab273a64420f3a073e4e18bc11d9437f32107c52ecc861532cb89dc8713d89547b779925b29fce17d419c49dae265a19d154391a70a3fb902a0085869e666a67c754f902ae8ee5242b372b3c1ea8a3410df28447ea8bdb682a179ab8db453d203796f5d891d76f44dd3181201632a5831e0e1c839173c0c61211dfcb7c6c88bcfb8514a42157fd67249b5276fa247798a1b2e364e6432df239e6431106ee416388b8f4c3cba3e9d34147b52b3b433d58d0c1266472b2f02b76a26277c6a900d7c3fb065c04a38261ca02d976a2f6e29caf7d74688d03c899a0a53393e1f3f3df3c206aece0a4edb1375698aba794631332f9df088eb80e53d1575141f4ebdb8238d4672be089e2f35f3b9eefcfaba4366ca03d7e1c5c352fc40579b277ec863384cb90da345cefb163e6d835809aec0e2d6acb03bac1683baf022f123c95d41fbbe59d681b647355c0cdace3b61de1cd55506602015d2d065345371c621634a2dcbe12a342837ea0d9ef11b8fd3b67bb387ebf5b8798c7483636d3620e3e4b57faa37ca95829c761d082562da5465c7b3658e91d54ad9c76c868de603db9ab6244432b32291e5a9cc210f552cb304dd14ec5d92e8c1d7200b2e0a7063dfa3c7b36fd9b0acf0260a3dfec76e39f79af59578604fca6af74968331e4709c7fa58f7f87a838de2949d12550d82e2ae617e0057668b0ee946c373880e5e50eb4a4826b2c83dc905683d8f8de11a5845b9d1b5cedb7fd0bd76da3341e75ddd05f261520228664d0",
-            "00000006cf8ff0f024235b55d75057e926a8966475b49d7c6a2cb1b43ce9c6969683526e84ff91613b1c9cadb930b5c719b144e6f3a47110899858c3ea7948a2afa40ac0ef9b68c30f7ea65fe5996d967960d02335cc3caa2d534aa2fc5c86bb516890449243fb8f48f84fd27b7ed92421fa520a91de4fab60e8da754af4b5a8f69befc28b690871cf1b0f68e8dc2df0627e6b95a2bbbca7a2fc851548b112439a36103d360fd042a90f064c36641b5d0b2b634aa423950d1227d61eabc7dc05f5450b5ebcfb89c03f3ffa35b0292ab9e1aa4d701c760aa44b0bd92924c007c74984f3e5e3eaf0b204c3a2c312c8eed0913cfdbe85628d5ffcba18e57f99b99f727430c7a3ac10fb2c822f31b88d36a8f0becad48a1fd07ace6ba08b6792d0c9741385bdfce6ef4e98f6d7b24ace8705aa81b534225a0f2bbbad16c79a07d0cdc9b4fb86dffedb7b0733e29f1c125e31a237586a2e640e6b015145c44a04942f74b404be00f256587eb820d92c36b56eaaaa80f72ff0336986d206a62b7151c74eeedf3fea594dfaa3b6ebee3c8a3058c8e3a1f489ed95acffe0fa9b712137261586c112e5f01c1dfb75e9dad61f956ba521187116036cf6322d323f19b46cae1112147618c2607cdcb34eccdec9dccd3f2ac2688e7261b2d4130325851eec469b378ef1f07545f243b194b954eddd7bb725f35b788bf311ab30c09061055a72d426d7124f0d707c140978152917eb84269b2dd7c7d4d5329adf8aee541abaebc494efb28ac23e82a1d248795151b0c40b500bcce665424ba5d01991b38304bbc0b0d3daaeb73a84a770e9ea8acec2b682145d07778737fe391b2a393580c4989e636dc37937ac660ff1ac740e4fc81f0c82bdfed52633315a2e5bec9618a69d416557df212d6e40f2e6d87b67982fa453b2f067c639afda3d7df632d52ea429fc9ab020efbc24b5845eeceda9dafde9dc22dbc9086b7cf1794bc41de6075f31b1ce7491ee42e2db52d041fe7941df16bee80dc582bdeff303fed9e877094bc2587fb4b653b802cd68372beebdadbb7c8870cba18a778326d01d242eb0b31f48ba17f74b7e42164b3421c8245960083374cc23f0095fd3463ebaa23e42ced60f0e9b083158212333677c9f4b2de3fa9d8908b9a0d0e496985752f8f9de26cb0dd57aefd160ff2fd1418666292dd1ade312b2cd518f9edff5ac18011cc625bd50a7ab746977f085c3f80d588819d625f4691937dc2668e151dd7f5914662fef371d731d20ebe7632fba9e71e79f7d760c8d71c80013743ccffd78664d7bbc32683f6761948b184534ebf0c9b45c96d93f5d955ef7342dd998ce2a466defa300db76fba5496307bad2a6e42cf16a4f273048070800bae4a07d5cd12d06fc0eb617f454fb7911c02fd3165e669d3af8e3ed3caaee5515cab9898b16804d36c9693043892658ce7a326a7edbca9f0c71e43b8852e0ee2e2161fa22392be9ce42515e77161a0a18ada62eff6142734cb5a1edc54ecc751ef632289a989aa34e75e83ac72c6999beb0c2aaf62788aa2eed98f9b2baed00bd27d71f7db088ee2b2918f0425aef16ae8c388afce27b9091d4b6cfea2726146ee2525eb6965222ff7b2ba75665546f4ef60c5eec6734b5a47b1b9fbc2570f817ab8aa19fe9604abc5028efb997cf5243c0ff2e84c1cb944f4cc2ffb801fa2cb3737c21b076cbd1779da83549f164367d0a4674bf152955732380d6bc68ae60db2af948691074296777389011643e75e66045cf30aebcc22e5b10c33f2ac9675b321337e4c895d33ab968a58533bd982c71a051349ca7e39fe79c9efcc81899f61760cd9a11e39de5d58ce48cfca98fcadd1cfa253c6c77ae85e0b2601f9d5865886fa51fa168ba556a878d013bcbd81369c0070d21a284dba6233e824d08d6b9d6281e064bdeb688cded8f967a6b61ce36969477adeccc4b21c42c48c7ab3754b2157867e75d15f4d41e218cadbe29a5375ac4dc65480b8c4ebdfd9f81aa828de1b3938ecdb9477452a41fa772f99eb86442b21288d31df55eedcdcef46e410859ba3ea7945fcc82b63f41061f456c580d76820d6f11c2aa7b6874b002d76ca42cecc7af1a88869d1c756690b6dc37df92c76f31bc923e99485a5dc06bd1c7b877d4ff80b6feeaf6323c548428d39e4e2d9f90fe0b2f971faea87257a2cc8ae33e071b16589969468f3225d52b3841a379546bf9b62474a2e60921629a019bf521a602729393e5460fe82234091cbf77ca483622020ce45cfc02ba5de1d613cacc1ba7c65a0036d0381d2108d10c3ad73dafb2f0ea6605ddce86ee92c970ddbd59c02d2f1991efd7b83f6f43202e36bace3155660223c1a075213d8bb8ffe67e2a0003bc9d4bfda432f5b9eae3dfa8b15a8a55205183b96ccf460610a07d137852693041b45fdb126960c53a798d164f8c832f749b66392214eb8e0cb0a3470f7d2c0b29bf7fe486e58f7f6e8a3e3f5c33f029310c5e1010bd940777f89632520ecc96e2b926ae92bcbd4e4f7037ed795e86e5d80aacea6bab0973607b7d15535052e1cb9989920cbc17e814caab4b93eb87bcba61ffc052b2162d35963990aabccf293f2ce359106eb728a6492ca7db1784f1347d5f806c8136254cda29251f579c1e99a5146f45f1dcd7eaa556dc7f3b6adad506b7cefde4bf438813ca0d3219196417a58650c2c50648401c253f25c9d63d33677ddf2d440ef3761bfa040b02d6e1ae3b0389d8d255b29519f22dbc6114edb0fc5e2b58bfe579a4b8201416bbe9f537e047cf6e83bd67e150b23aecd47e73e2a1912021f5a7577171ce83b7bbf0b967ee367c5016071a6f0a5943a090397d8ed65d3924aaf3cec9b85f6793a4716b24ae2b9d4b67ba390ec404ff1b564273d98f44b6e5de722e33c2ba6f16f30dc78f668287628ac00bb3d092037dffab0af4203762e5353445587cda22c6674d896cf813767dbcffb7c4e877274ae1922de5fc37ed04117448ec2a6c19b0c8cea3bd32603da50df8a25aa0246dc41041258ce47b4ef33b571af7e1d61e90df8863dd5a90bdf41bb2e4e9637d4685c07d21a1dcd9db42f4e6ae0e503a5cf94b2a2983f55a7d3713cc9ed56ce326a229a4f448ce6b78ceb4d81bbbd2b36bfe66e393a9d7ed7fb47c2a4117036d6c2949d12550d82e2ae617e0057668b0ee946c373880e5e50eb4a4826b2c83dc905683d8f8de11a5845b9d1b5cedb7fd0bd76da3341e75ddd05f261520228664d0",
-            "000000071df262e3499222639eb7e7246a3c91de4f4e1beb944bcbc52e7507f482631e63f16eca604d463ae28afd19b416dfa56ede6eff684efc59f5ec2930581729d7fbb54a4b5134832ea60918d40e5a201c91bdce9e79a519a10fff50e715f9d7c6bcf4db6e9ea9ffe35aec463e842613a2d4d334a4b44105b03116ff9efbbde7214f7220fa96e6b876241ded96598be27cfbdeb867edf9eea1722953d2e035da6b9a4dec2a6e55958b482c03c0c069f6ce036849f9196b2f079263ce04bbde0ad7565b7a5ad8af21d00bdb12cd3f3f0522510563c53d4b283955ce8c6d415dab7d24a7c00dd71571566fb6580b413bd18e7495e30521493aece215df3ba96c06b4d21bb81d9a30e35e90a230448e9d3a9f3afe650d3d6fcdd284ebbba9b17738920c6c09934f5a4401fc5a8fc1734ca702d1928579bc2cd8934bff459cffa847a00d4a90641412ee8463e5801b23f640f3aa022af6e76b5b9df97ebdd533e6f4f859a54a76ba4c6dcc001742837f533472d3065c0f54415e20b7e9920f8d06eb28cb597dee5ff15685054d2f56ee6029f10e3d9b6a7ee799f295ce961539420352edfa241a174a24d1ffc38128a7328416a79622f32a33eba60e8d8bb09f74ac8b6f100b2e4e260e87622d14b6320404c2279bfeadc24ebb91edd79cfc72dc0a9384b2c1a9eed66c13a7bc9e718be80c7dd0c3104d5cc4f18902d0480e2204942021d01d94bb335d3b92b42a61e969d9148f091ad0f3b7d608180d05c100f05f35b8efc6192e6f05fe47ad5c2bbe318b5ab2d5dc1dec7aab66298af88a6e067ca22998d2692b1d31ba8c20bba980c72514e85147d6e5aa498dbd7ce4bb3e90468cb6d84ab5aab5b6a42db9be5dd15bcc505c569e41bf5b15bbcbd43896d61e70fd757fdb4844fd4b7319484a684fa8953d9f4ea4076e6013a4cff73433703dcaefed49f053be6f6ffc5bcc7b723064812d2a7fad25c1dfa3fc71704c672a2195461aa2d80534f5a6b78affc43568c641d6de3a1dff411da291399699c990286e4342f97c86984498190738522f3e68991dd8088c4ac752263c0652c0aa0954f80a1abb15cd1168f239c44710ab5e672302acd950ab8b8a6fa9ea3b4b9eceaed4ca0ec65758e70aa262daf1774f065688e3aa3c3ad137feb62e962059c06c68b7b0effc8f659614f4009fac8820449bc8bc75d5fa30a3f4f86a2dff0e750820fb5308c546525e3f6887c1cd0f4e44a639931fc9e2982fdcd8ca545cfc2742d3f6d6cbd48949bb4251864f334f5c41e43109b57e88646b356c36bb1bb8941ed9b208fa5ea126a5855c91c4ca28ee6771381002218bee79ac8a63c4f831b62429edaa33bddf3cd6facd728c574daf9a26f78747adcccc94c63e2eb02b21bb029e10daad8a08c2a3d3e3feff98929f0e90e607fe21458289c184f5ed3a2dafe15747504f3166516510543c3d1b457d5ced8431a7706de659b13e748f865768f6bbb403bf72dfb844931fb6abcbb14376a22b1539e37f81ffe65025e46bef48eb7e5cc8ff3390abe263c4cd01f8c19f36f96965f09a2b4dcdc4a10a634c9026609ad8fc331773c2b551cee9d44b306154fe6f7c905907a9e2598ee1801554c703705d015d19e7c5183ff472626e5b09d3f54c2235b0522dc7a961b17a5d1cfa676a0c84ad8db129dafb3369d9724b1da831d90f05572fbf89a701dd87c846cc52ebb4ba54887328050dce3c4c085561d62e0ca4c3d7ef6442c2b3a6675e7886dbea818bc2c802e7ce6a676f0f98632f07103b68740575073944d3d970afddbb73ee7555cfe5a499f1e01784c1bfa38b0be0548bb3d059522da078599a4239b829cf7b79fdc595a9300f9ff07444257d88197ac967b83a0232ed36d9db4235e8b799be35b42a84fd07f17fa8939ed51ad5169852d9aa90598bbab4351be9eb4c4d39badead8f7d680d187324e84fbc690348b7064a8a4a1d07509d4612175d89804ca8ac7c41c041c3ddaad6256462cd86a34cbe0a4c2ddc5352ac243fd59cf3c209fcf23c626a2687bd385bb11097dc5c6bd30dd9bbe0c37d31f74dcc84d53dd346bdb5edf896c4ff7be5375eec2a8c1422c73c04549f38ddbf8ee830d9a2fe46c0470c884ddff28379ccb3427f96113171b1087841d32f6f2a611c8d43cdfa36fb2c9b91b9da136687f5bf646002e37ac79f9838c91b7c86799af40717a1b2a0e07e5f5d0c84f9500c0f741c9806cfdb8d239d88a0e02734b257c9560197d96130be79c030d5de0e4849ecae44ab93c52ac403740dfabcc03ca7e8f94b04c7f1de55fa0e2c9e2dfaa8bca70944a9ead79cd664fa783809ac68a3eff5baab674b268be1e21955bc2507cdda847f424fdb03107cf951bc6877ea61079ae0c7e8c3a0e56eb29c2cb183b13d165e4322c0c379ab0663ec86e669522a0f6cf7283cd4d177619b7ce4fb15c5de902e5f0e9da6458227366002c07eea861376944b301ecb81b98e8f233d97a086414c0227f6944631258fc71769eac4bed57a2601f958696ede6699fb8152fb22d01f9520275ee5529bb867e3fcd59732fb204fb715df81a0e272f58d027e1eab4f4233e6e9d785870d34d274014630ab58916f761189b65676e84129b05b2582102edf979735c2b5cdf9a06247d668980229aa506bd32263400a07591947966ef478609c582226f2d409bbdd42e7a426410c658115dc4cd43cb84979cdd7934e0a6609b40a9129a9df73ba6bc36a78eb3cacd808461fb41da93edd42dee2fb6211422b6ab9fc005ade80c5d846f1a1b83bf92f5884d82f6e8ebeab4ad0bb0d8c27f4c9b290496b073f8dfeff060ce60cc48c499a286d731fea677a00941b7d5c371012d1959f791f08675136220a15fcc9f3aa57698ae034c39c4d390794048a24f667cb74f9279f83aac70ebc364a7ce5e2a356c1bf73f7b8b598a99b6deed765f8867451d62723ddfc04797ff7deef3aa27782813c182c2946ee0106f95f2ad4d7f670ed12208f9d138754a0eba619a6f4fd45d299cd7f0815be4a7938ca8e9040ab2ccb419840e21884447e12839f044fff84a63acee74c17f75800c820b8cef25c2edb7e82dae38e1e5e643eb7045ac256e9e93e471c051aa229a4f448ce6b78ceb4d81bbbd2b36bfe66e393a9d7ed7fb47c2a4117036d6c2949d12550d82e2ae617e0057668b0ee946c373880e5e50eb4a4826b2c83dc905683d8f8de11a5845b9d1b5cedb7fd0bd76da3341e75ddd05f261520228664d0",
-            "000000081a9c735975bb5b31a16c39a9e6768dfae7a3caba528dbd84947896ec2001d70f786b05ed2fad39483479924cd4de178c562fb58819d592853ed98d556f0177761fd0ffefed384c434580a26f10311ba05d555f778ca10ef875ead1baef9a6f8e1bd4549d488388332151f9ab07517875b5c4118b7531b9167827ec9c084c2ae0c56eadbee4c74197bead837f5f50512df4eed350b2282c6e84b1382768677abf5317feb7deae2df6e697d565a625cb7015c2e9e6ebd65ec984dd6d4a15e9d2494c58e9d2b4bb938066dfb81824fd71b9b497a60ed30d8b67607b6f419572538159727a5c0f9b1309ff96a603bd966951716568d66ece21e6fc5097bb88132aa79b429dde6c8e8200febada61a995d1ec9c7e98ca54b45fc211ac617a0b251502b37f1c33fddb06ea636fe4b9f2c953b1063c17c73edcead49f12f746ac4619cd9864bf68ab1badde9b0e3ca25bc7e1277f50fc68a75abe0f1679c71700b67039cb7bb7200b068f619de809c5539236befbbc54b0a5f8d237700e94f0d2748273ccf425e1d1bf542d4da575c4b6beca17d33082b5becd934ee9d7734cda44ccf18b4097777a9817d7e9723407ad6e91050b79b43ea7787d0a9b7b1d228db9811bd9e51f1431cb1ee856980bad69cc2100c575a8cd48a784bb5ac214a6c3da39a12bb80cae219bc2d341a642f3b5f971f02939d451fced664bb2c29303d6d80565c0ec8a0898eeefa8bd7c7c69eb434d13e22e37f40a1a8bcd2c250128344d6b054d6fe106f6522fb907649041a31d16bcf65834812ec987d98617ecf66622600585699c28cf4ae8d7a9ddfd771a1926bbc0df264abb7ad6c7eab8d9853a9ddc23ca41bc1ebc7f83ac5462e5580cf178bfe7bf435ecf0b519d9605d9947b2b59ab9bfb4510e62b89b4d38895ac45e2a1842b8a13ee509a5ced874d34481c06499faa85918dd58b2910488f8288e9723473bdde13dc388e96e16d8041844d4ec9684ace0b3823f4387082d5d38bdc7a25f8575bbd1e7ffc84e47a1fb0f31951b5f7a7e7144a0e645a5f04b08c6ecf14502c1a5976671b2a0bfb188c300413d1e937a3f0141922fa885dd0f7f873e72c8e6605818a92b1f9fd4b9489493e184f1013c2c0fcd11eb60deee7873aa13554530c62cdc6929bc8b967248a13851853bf23baaec0c08ddbbf42142667095615a2818a0e4af39e6a4714806947470cc1dd6c263aee6a254ae603a22c2f68b38cc87d1806b20b0b96cec0c201916c5b0a64329a2e8bfbb2a664060d598461880a1e8e0ecef665fced7016c1177b5aaa69b265d58db6cc353b61f2c52ce784b0c81a68014a362c9ccd1098ea09ef816cc77a8d6d79275df684491a5ea30c98b86d42c0127928980426cf4e17122f69f228611626c1ec23b7dc4559892413feb131bb56925a501b386e638161a2bfc9a70ed096573356f5be73a56c2a90f56155bbd1e0278f3116f9ae78d05b2fc0d9aa0030ae67a781c20e0bca4cffcf91f16527e2d8b8f02475698d54514b39b8101f2a746a6ec223cbbee1c7c6d373d698bd3730e34e894d7d6a50f53662700003e872cfc7b2c21638b61a58cdd27a200f99c4a7fabfa67e96d2a5a5cffbf174dab74d96a70569e02ff93c7a9a4d7b4298289f02e6112b988789bde742098c626ed7ccc512fdff1307dba1df6675e1152fa089165b814288d35aea48ae919f53699ac082bf94f40d1748167e1ac806b13d47be01ec6b0439ba64cf33539a7ffa98aaeee6ed3c0ec110471c1d2e7a2c948db01cf97004b908b9bb98aa20120a868c43a94448063274a6d5a8897346fb2feaba12b8f028e48672bdead35893713dce5b5256b1a17e948dd33ceb2db1992bc152c6799e0d90b37d9f7907848ec91e52f6db9686512c63a2c53d7dc2f12321617a9daa218e934f3951eb91246599f07185af8e521eafb297adda701968711fc82559c7b9ca05b8b7d2309d5acb2fc37897faa43c8358b2ede6a90aa8321f4b152e6a4c50fee02a20930e50d7317dbb0d561c721406bfc57691c79217ab5f5ac6c8ddf40be23bbbfb997ceb9ed82e13b3f356a80ebff7d96b3db77e3f919d8942fb895bf1bc799ca084a6690f5627169aba23c1b7dbd27023af629bbfbb36b64a4d019894f6ba3bfd1a2fb4cfab4928ee56a01c8ae18a622e8520f73fd37fcf959d3caa653c013138475c903f2dbc034648ed0e484b0d84bf6860889d6a31f77592820c5a6d0b8d5fee0398aecc434f7502c4e3c8ae7d9d61b6e4c0a5b017415100ecb2942cbcc8e7c937329751a5d00283f16730dc351884b4a286ab8da699afd9226af80e24843c0018d8f9660cbe0532743a640fca5cc81f355c0b0f2ab264527f7e250ad5114b91a262c831c7993430cc94672db036902c42c69c844a191f4df828d91be1e2373076b09b47f384e364bf8050092a502f73886e9ad3617041807f1b48ff7a588ac581bb136ff01ee67122fb827849832821fba46eec6727480370ae23d9e0a29d89a761e9e79f78f26072363b5b7e0946a3833738d7f9a186d999ed09218637a08b4c5c518f3a117b1878f9f7b7a4a7e04e8f9827d3d210146e8acf450d2cae77b6dd6e9b70c14180ed5770b8836a05fce222c5edece192c6eaf1654765c2a5b5ef87236dc3e088d9505d578777e4bafcaa235edcaf61fa6e0ea15d4fb6aafa10acbbd8b922bfabfab0349f8ee07689d33b9fdb8f1e308f18fc101f3a203a8d8bec51852cf501724ec52ce90e3fb5f0f16a6c78fbcacd92cbbb8ec1bdb6f7b568905142523ec159f4869b4665f8070b81aa664a9c0a4069a16cff6622821d1d6c25504cee1aca831dae6e65994ae20556838ae50279da1a9aa9554d81d32a52744fbadcdfb85f92dffb154368b2d4977dd56ce44374e9127a4dcd5c59a1b3320380d4147d939a6b701f109c36e950091f24a26ffe79f911e5ca15c6d428a1cc1851364140915c768f4373acf166756893997b9500a76e3ee7700ba531fec859eaca35bb3251cc8f2ffecaa8c8537215f4d9e99186c92f635d77e350902de6d23faa517318cc6d759dc78b140492f1a787ea5d0d4d35bae14fe3017bb39d68d372df9122d6ee8252f6bb6133c72704c53b7d03ab01ee7e81eca889180d5453a68d7d7def571e8238457bfdf47102f24f6430dcc51e25b881b57c6827e33fa0a5d4020502a2bc0495220d647e7958f38dc4949de1203bb359ff82c3b4b629ae973e1b97ea046596f49282043603",
-            "00000009cf09b10e11406f1fbcd4d5b5ad2bcbcc61c1a0804ac9c39a40390c916319c101ba5ad887ab3529ecf7e18637d0bdaf1e55fa0e3e033b711228a50fe44b64c2f068db2dd2510cd97428dddd3e25a6ad9b387c7b714c344c705e2d7f26f9a19d3491399e76069951b8d7b7715b5bb84d82306f56a456a0859f90f815198dcc25565d8cc89f46ba1ed69311337eaf466ec06767e538dbdb5c93ff5321f051c7d4a021d3859201f85887f8ca43d0925ad4aba682833a517d352068cca0959beedc7fef29beb2642a1647351b8026a0f6a768654f67a52e910ff9b7e9a140c1411eb5eb4d828808c48c23e67e9c11a5bac13039142805ec894ecc2809123948664cab5a2b0269ef886a675f6d69b8c43ba6a32a6346e10aca33d3bbe41953263d192b80102ba68edd0fa7d23cad153d1525145b791efedcef04c5525b3a2a86a5addb9819e2d2eaabbcaaf5370e5fc2952ae8a07ecd307fd7d54458e9ca48c6d61614e790151ec277065ad8e438d28efbc93d1de8b616435ba7edfc939e79ffa33662277581c8d0c11358dd9e5f23ee7d9e2a1d08c6f3a500d3da3d822760291266ca6d807fb9ff3b1a852201c8e4604253d3ac1636258cf94e4576deae54db1e23b25801ea631e8754174c03afa4fa28208e9c570a2caf4eef5b67cee3876a83262ad656a7596b184376744f6b5f267fa61c7f020f43913c9e45e8bf558ea4351ed542aa3a1d648d20be0a3d1481990232c0521bf3c0f10d47f7b939ea97663377a9033b888e5cdd1a05fe1fd763906e9849f8980d91eb812b4c805bcda86067f0fb1bb447180374f677fb56b1322dca0a13c67664f3ad57ae32daec3adf4e6a38e905772ffc88a0af567e9e058ba909aa8ef4ae9609707483026dceb42c52efeaab8a23cba5d3999587f7b10b51eb422653271ba4212a8f92e2f9058d4164833cc47810259444a5ff4d58470bb9dceb12e34a63d735b0608eba962c22ad04adba48ee8f55856c9294b0c975bb11a8516aed5bb42318bcfb587d5cf4e228382963282b09b154b1c1fb0da5e3396a2f9b3091b2fceb164fb3b539a1720231bcc4ffafe6ef826c9119fbdf4abc79ed5258da3ae37da042b97927948b0e05c075be20a246b9ffaa256910697124d37e47abd10d2bf6197cfe481895532313e54b30248db61c36062692eb3ab5f3e495db34c82d07633d0ed6b2254e60e35c0ebec9bfa0c398fb9ce899c54d3209525b72e88aae0d2d1d90fcd49718f48bb7cf910ee59fcbb499ad84b969457a6be9baa452577409d9b05591c4c5c4d95730e920ebddb3caee6574ffc0600ba821efc895788ce2a0a0f9351db9578662c381ad6502a9d24a6e88433b0ce7385ac9540744781de943af30655e04ab719509180744339725fa61c110d828fc7c804caa18437c6f7080a66688342ae57400150bbb500537c34b644e5a1457447286dd94f9402af217d5c5ed0813fd645b06190cd85a593831d23c0e1d22739f0a063894d00666eb7917ff161b2618af8184ca3a3d5d242955478fb58708dcd9f3b6e6a231585224a8d2d1c2084487a8cf6f12e780e73a995a449a02f4615b2cba6a3915a7db947cc60022a26fb84c8171d15bd5b7a82200ad0719d13836654e721ea69e51eb157cd5ea579dfd80cd5833842f58bc1423257bdbade6a11e515254d1237ccad9ec61c62ab672ada6a5e26b97f8e4a7a901bb2dc326d1a06386821fc7c803d11bbaa7940b5da5dd9deb7756356bb73cf5828a2ed7b846c1cd4a55f419c4b024c0856b4cd908789a7e8a907f9a8bafa023efbf6dd919b150428d84f3b862357ea68a0305632a4034e0845447b6e066c52a7422cee90e3a5c06e7abecb5b37b002556bb1092d646d836c90e7eceb7c12ac2f2d51080ffe6e28f4c1b4616e7f39883ffda141a1d44f8c113e8f8b6ae4ee3cb9bf29bf060be37e7b4a01b35f2b5b4ab9c0fde267fad655f95befff5845b9e01502b98e5d24963ffdf8ed95f7c73110d1b9d5811045d2fa44d01aacfa8c7df38eed95ff6c8ca21f901979a2e7ef294ebc9744b2a67cc754ee006ec61fc7158392d3b7ba8db9d988bb944c78adb68db99b2bb34b617da65c8038b082730b77352cdc8111973d8ce3fe48857e47e05289006aa6aa263a415532e1dba6eba1ff78fa1fb14f41cab2f1a9c5859d6bf907272733a24f198c1c8b6c68ec47ea37b974d4729b8d199ec1e52e8c3c604774169b9ac2c211f47d6aa3e63081c46b65ca7df9fe50f5ce02481f3188e10aad46bf98d1093acc168131f3286101e1c4e9dc782d05d04a5e769dcac092229efd6e88dfe109189a08912ecba615b1142c41d2ff749fb2abc22b929107f4c6c417576947bc4ed1bc874e3cb6f1df223d4d851ab2ef964e802e52bdb98d7385244c3829cecc0cfd798d5140dfd1cfd64e819558e41a46899b3715f7b5cf9b88f6c2864309a95fcffd87be23e597c7f9e2a92b60d794e8a931200e14e02776dfc5989b7ba0c42b44d9699194ffce90489cb32d69cc75cd2644912aa6d65f901d3003c4ed0589fb5a4753355a690d2218740ba218f829507acd2d38f3095f9a9285d58833622af9066fb7e174226722c7b1f44e29994030388e53726a115670a69f6e7437d9c6fbd3546c76f270fd18a09056e37bce8a73a6d36e446985ef2f3a492877d70e01e6a6fbc1a30252ab624ab20807f6421be4869332ec197b53a9fdea553a6b1b66f34f3c1d6112fb2121826911061c402f9b613e1d5b1b856ede41a3496ac476e4b1690a1c59c3f84460bfb50851995196aec4a7df64ced8074d9a87b05a856e0f677dfdddd5bf536556d2042d30453c3b0b284a0814090763a28f4050de1206253c793eca74fa7c6dbf46515e2467dcc9d44b97ca3fe6f0209d613e33bf754ece4000acdd7fde0a5a3037a2ff62efa36dd771dbdd480c7a1d496fe490a1381ec2646e55271a0bdf82c38071ff8fcd923d4b3d916e007c6ccc7ba1bcca7a4a57122a3721946d20ce0e98040e3c359e03bc707ef0b2b39687d0fd7abca13dd3712a1513843f31f64918b9db4317d37e1220440a6ecc7fe79585bcdad93f44a71512a4f153de1ed6b4a1d79d7d69dc87116150cf32704c53b7d03ab01ee7e81eca889180d5453a68d7d7def571e8238457bfdf47102f24f6430dcc51e25b881b57c6827e33fa0a5d4020502a2bc0495220d647e7958f38dc4949de1203bb359ff82c3b4b629ae973e1b97ea046596f49282043603",
-            "0000000a211e27887cc2ce5f2b079e955e262546ab48cf80c317898c376721cd65397ebded79c7175889b51032779e434a720a7e952eeff8555b41aa132f717a8d155be80e99c4cd16b4a1f4389d1cf0e2b68d628415b50ba50e2906e291a81eecca7764d6e8108f5a3ab82b309f591d50eb0b62c25869394ea7c229b705620ff23bfe6fa14b6cbf65106ad0ab3998cac6840ef0f9179e5f5134e6fa44223394fd480bf04e3456ec70c7ac9073ae356b590184fc1c0f31d8d262cc3df8534f81dc10ce33d470ef7d03487780bd965e813bdb8095c338e79038903460c75ee612e4d4a6b181893a981e3510d46d16cb5c005d727baaa8b945714dcf25069ea73747f5cfc9c0c545970e97111cc6c18cb5cf3df4bb8980cabed0f3fc3c883d459ad0b65d04ac4436fbf3bb7cc7d0de101fa1cb1d6cf81a5bd70d54730323d3bf7c00ea9fc6a9386969912e520b7730467f2bfbb836bff526d37c972e335a4b885e8586d26feb0e2922375e7f4a2a698957e8acf719acf2cfc08f35371b70637cc8bfaf53b9fda6372bd3ec0ce2b812863fa6d32bdb66ff240608e75c9e8165ad5a242b79159338272dfde63ea781747fff4fd19aaba9d542cb1de83b2acc79d704389928654ad09a3ad53f3c4b3739b8d29a4dd29294c24c41b2104cb6bf7fa8644ad3fe419179e0c62ca9c388e02ec0745e6997855a35bb7cda602b59d0685c24e94b2aa1cdeb16f3b5b02a5f0cefd4e3d6bba9223337cccd4880e346b430957f6f0cb3734ecd538accc583faa2b988d2c8d859e65755c03d6456855ff6238e4147b476ac17f5bfeedc6c241a8defeaa45019793185692ed28952ef275638dfc574a868ea0d1bf93579c19c5a1fbd99c78ae33d401e9c5777e1a505a8262219c969a032471ccc4dd26f9be409fa4a39dc40f9dfe00c55c2c1c3beffb5c77f272c35f128b874d69fbd72aaba25d0dd481032354fdca7bf6ea9ddb8aef1467838a40edd9e4561a41a5c2c4e3bc205c20078995399eb8f619247bca0959ecb79a90cc40aeba36283106e391525a56bba306467f40fe99549587525d957b995fdd53b8010d7573b626f37a5586d0f0baec43fa0457da68090b53b2a8fecbf9906f56c1937ee40d21fdb4a753ac3daa77bfdabc133a9467a022f5067e3a0a75bf8ae530f32bebc38defe85a11b03b07dcaca38032fdf95e5bea7509deb2fdbff4ca2f511944c54be6fb0e02a19c3e510e1dd11e034d1c70ae54ddada061e8130ce24f03d53cc759bd21d6e9572eeeaf441e42615519c7aa68478adaef38cbb671fc872cb5ca8e9d265911ebd999c2d10838fa4a471fb4d1bc750102c6b9d8bd812fa28f17a3e7c8c8f64be81329c5c302dcf10f07806bf94b2aaf462b236041b7ee9d00112021757fc7de1470992b16ebb54a2774917447d477367a9c151bb6177a7528e3ac55ec4b4049601a4a6a477f0bfced763d928efbfa9c0c817c68c7198e7de88a792c1acbba7a18edbcc88e57668ea3579377a7f1b3139a72555c0ecb89b4e7c488acb0645312aa93437b6c331313e9088529b1f311c73f699052ca735456dd54e9c8b2119462fdbbcdb1a2001ec9a3fe99cb35188a2ea4c8f06581d940a9d6b1756d38b48cb92d2a506c23c7426b7f8c57c275f3f0587e7db311abbc9a9677bac9c00811c538dfd389982b2aa22a70e45167914d1d00179df5e35a58155dee4b20d90d6bd839d78de1c7c9cc5c667915481672d583de8fcdb20581d2c5fe6acc8f71415ce01fcd556f28cdb84b9fb96d15c8692387b87c380ad64cc746f5f57d1546f833ae914118670fc63269ca3c82adee51fd918b97c8aab54fd27c86b799686718755e0162c51087573eed4fbe0ad97e407b7b504108124c9c7b0fdbe938f4d9c03ad1bc5c539cd5505fe1b58887f0bcc89cdd7772f1fa63e543f78c051de854b318e6cf5b77a05b61c2960eb686b4129647770c7dd387346362fccdae82acaaf3c7bb184c5500dc110079cb1a3027dd48ae34fbb3d29f880935054dd8173158e48f0b176583377b0f91043dc863f67001713ad078b4062295bbfbaf488239cf31a93b4fdfa4bf3050d892efaef369fcba2c6087dcd157f7cfe0c4141dafab2113ad6a066e6ccc6d60ffe0916ec2dbdad2ed8673b950f89ce7ba20459b8af9ad0e7a5be0d95d4fbadcaa2606cf0bc674db6a75f334bba25f125a0d47f5250130675725e8a7a87c2b875b2ebd01803980c1915de016b6829f92de422b172c0db88dffe4263cf026c7f404212c8dbc6bcfd87af1f250264379beaab70dd96a22eb1fe2ac1126cb5200aea1859818fdc9286cecaf12bc88d44d8e47dc0cc3726a7a9c7ef605ba9920368f4dbe9b93e516e2c17ae0987a94ed76c2006e4a5ae9669738db39604ccfe275c0aa6751878f095dce2a1d0cadccfca2bf40f6245ba8f0b8180abe37f9741910a2eafb8700f4e16bc3fba263ee4bf021402305dde577184a30f9fc63945b89c32097b158bbf8b8306606baa4bac3a2f7e0957f0b37d09aff97428f8d54412ecf5fa3623cd02b8e9f52296281a17e6ed327c7f76b4a4097ce05ace430ea14c2c10b7fb229e7457bc7702e19ae7e63d12008e038d0498c0ba2d74b85733ab7b9ad31308896c42f827599af08c890c3dee15c7978aa7485d99e1294b0c7988822a6cf040c07b01b820b703653805d851ad04ad763fbd5c988d636dda4925f631337963248e78c8b9bdb4122f7a11f9ed152d0cac44d1a39b293a0ac0c196d90ee6fbaea65b42951ef9d2e2d03ef6a688324679da533b96188484cd581fe5d756ecc7fe84cea8767229ab28da5c46d0639f4eec63066a52103319259feef759f4ebad0bdc57c5b510885f0f6a9c837acf5e1703623c4c83ac5558c323c042297c91254b54897662dea67450043c8e3bd5e6cc596f875ee8a7050f49bcdad83528e541c80b1d59a1e54e5475173decaf6ecbd16e7dacdfdc4875b4a6e09ec4cc9c739f6173525e156f11253d3cee122290870d90b571b3d9de4b7e28e59f3456fe728233ea8a336a11c35e39b69238317452be31d2ea13aa2613cd02ee51244fc803ee5258388f665eca59da8c4c80809fd787b51e173f4922822006a7705fcf01a6507b04158d503559eb527a597b5c220ec46ebd092e289f08fb02f24f6430dcc51e25b881b57c6827e33fa0a5d4020502a2bc0495220d647e7958f38dc4949de1203bb359ff82c3b4b629ae973e1b97ea046596f49282043603",
-            "0000000bd892ca9e8f0bb84fdd9bb9eb8636b6138c66d530bb03c8054c0c66a1063971c0001035fc7109dd60dfc60801fe09bf7878399e17d9b3c2db3c2b8bd98dbacb3aeb3b690cc15703124e7aab1d1fa2a9f60ae80e91fcc4d8309655eae632b7e6e7b73d6f3ee37d501aab764a53ad672b1dace6a4c3ff1c7f8268d8b0b4326cbb529df30299ea46e0e395e4d59a19d1f179f5062fa788a09538d74503ade7cfef60a82789e35e0c9eee947840b8be6ae62666240618754a656fadeec1a76ab1ff8b4bfa20ad709dd00fb311e4fa7e9eb47b69e7a0b1cd26ed16351ece9d347e9c4a549f1d93e0dd72d1d415e08a315da248d02268386bb761e053f3a9f4f7c3f6f9e02efefe04fd241c3679e39d92f921bc04b88512ad0055e6e3da706600b1685956ccc1dcccc9cd64cca828fb303742dffc8b17675cb9ee0e4f713c7588f3aab1d020a666389e77f3481b6ead8e47f44f8b76b3862cbae898fb3afe1eed220f18997cab8d971b9c28752ea65bebfa639e3d41445250eb761dd053fa7b43486a838e07de8b1fa2f5d74c1421cd37b51dd239141bb23eb5aa19a7ca5e2263d3fe0b391196b67171290b6df01072801856e2f07fef7931d2286ede595df731c302a35b62e833c8ea1fc569529ef10cea049f97e921edbb9a350dd70e6416852e480444731687bb6e87eec68c2ace0ae8dc8d5a802a020f15f38cdd7dd35c8f46801713ed7b2cdda0b32b3e1bb79ae6b9ac9d6ecec745789f0f1815b2251e9bf115f0b5b455750c7c1823a8eee68305d324f14f8fd0543c2bed95709f72e32a1c242d706f9389f54b094228ad23a934ba3b41d0793b2dd2a75817fbb3dd78db3b1d5ca8f35d713e6bfeb788a32fb7609664e9c7ee0fcc1aac9d82a44d1df0ac9d7ae3c98235164f2925fbd0b579db48c02fea17def08dc855b7da3d88cdab7a8040e697c015f1dc66b02148aad109fa08fcc3411df6e1bf26215323ef7fe091f13d2e05d21110bac56545a5ce3acc30e9db4175693bff9fccbf9d5766f6ff10834efdc3003d4e65361456d2daec0a24c0e48aae289d382fd307e4792eb149c34000d4c7cba7c9ac73540a651fd09d2658a6dfd91d5d9ba74671728f9be9f3bc316dbecac7f06588490f0e66d781a0a8942bb5057228a741d4154e9e01cdad9de60bd1b33d0564a2f27a12f494c911f51081dba961cc92363e725d1908f338deb91a5b41352f2a807244f0fa08f7edb644194454b7fd4f7cf838528a85f22afff5583c2e4e3fc8eafad4b5e99e11a0da4e7ca14a838b386492a87b14f084c8a50e9f866923717c2aea1b3c9f2d938c3c19036229c12a3679e16aaca780ae435242c3ef8cc65a354cfee7fd69b26f4d4b42ddb198643ee69447ce0cbccbc539090fe3684ef012c9131cb019851381a4def73e82ec78234008775701f0b4e0da70a42a6d558b8d6719de1a6ff92da978eb3a758a57a77e00ffcc5b68ae8ed72c8569a5e9ff2fa248a82a6472ca49ff01282ccb9f7f79ffa8a334f4466bed5ce1beb69b31472101e41eb8a80a95d81ab98074ed1215e8cfbeb60a7d8cc896b72fa79e0e2872b6a6bfc154cdda9a1696bc4babdc957f51daed08b81f49b6498f9558d1317f013a6c62f9b60b51be28d205b68dab2002b2212ea8e0fdaa1fb00f68943f07326402308fec2e7520eb0434f22624d4bdcfd0403f1d3bacdbda7bbe82c677aa4cc247fb7e72f157ddf24e0b5e3c6ef47aed61006edd262fd39711e6fb94bcdcdf2c71f04ed9889e63a8725c5d49bd2f4a875bea9e8e78235f9fae2d99e5e0773d8cb0f8ee2c846d1d240acba0ec0e71f40c03ea2ea874b244934da8c2576676de415c0203cfd461a7b71428de28467797f8204bb568d89cf592770641e5011a16b749ff454fec7492a52c3e5de85c1a5db8c826c463e1dc8730aa21cd1e65af9d1e1aec12ff64851dd4615bdc7da08e49d52fe31e18695358e02bb207467450d743382085b8737fbc95ed1104ea733c20db626b3f8f46c02a03c5462d55df395b9d32326353b4d9f18fd9cd3d5a3ffd633249b3dbc9c86922ad37f8b4517b85be5dfb7c5d2fb4b15c2327e023781280c253c3437a793567b0186c3e3574753d5da8dfdb9b6d01a08d1c1475df807f3a5e6987f0a0e2a66aa2a03bb413a8dafb08f00a704767260c22c654f654a34eb7960e880b629a2e60fd1debe2dc2c2a646baaff36621de529e1de56a3ec9b29fa6df09e2eb99c79af87e7df649b3d9c1392cbbb10efb1155add61a96b16157a4f3a3c54c612edf5efaecd6f9e0268c684d273fb4d346ecbbaf570090ae0bcf31c894d0ebdedcaf6d70d1f7ef954be56ff7d657621519dbbe478e43781c2fcefdd036fd2fd77b606187b76892feea2a4811adfa29bbcefdd19a54899f720261a205123fee7e8a2c36e62f194a1fae7f6f859678534ade46684ce1790ae83e004292e1e5c112fd18fa789b0e2a194a683608be914229636eb8eef01862b47e246d187b21103dcb7762f228b1b2cc5faaedc3f6c9773b218d6100a84d93dff7c86dbbfddd460c7720e8f0ea97bcf115d05d02b5906874801e36ad1ee39b0056a1311087345d63b054548418f0390944ca70110250605f6de0e5a25eb50d2f5978b36f7f5ea9d1bbb79e0f69341eb718a4c4207799552f7c1ed96bfa8b7f427c695933c48e46d4139b8523956fedd31cc41591bcaf61e96eabbf23849992825081334662b720218b1e173b9f045171e897a189eabf56d36efafcdaab10d94ae84b93ed64d826877d8d2fde6e28dbf5bbde94996e56e435ab84a66d4c7244b90d1356c81776006ba59056dc122d4863282eb40b2a4a03104621c38ad3b595b7ecf25666f54e4cfc46dc75fcb0f49864019bf6f2f59de7a2c615d4bc05493e165a253ea7ee2b0a4d38e474d0043c184d2aae4391d19af9a1543573a03c4d046af05e40cf632c7fb1c0e1cdd3b7f1141794620398f5231d78db1bb66b96a2f85e014702e257c1be3337ca27fe5752dee26d79d6cf7c3e372cdb306d6461eddb6289cefe0f504692b8b40c69685579b4aaf5c8ca910ce70a7470559846402e184adf21f8ddc477d1be6b210c237190893dd763a199c06a7705fcf01a6507b04158d503559eb527a597b5c220ec46ebd092e289f08fb02f24f6430dcc51e25b881b57c6827e33fa0a5d4020502a2bc0495220d647e7958f38dc4949de1203bb359ff82c3b4b629ae973e1b97ea046596f49282043603",
-            "0000000c89414abfb71950a59e162325388b50a78a43e1341f141cb6e15916f061021ce7037f7a90c4ff1c6b80e186095b9d4c0a9a1d3fe3c11beb80a75f0ce783ce7d5e13c262063bff669617194ab5f3d9f731f1b668bb21fe7c4675f0ea7e60fd807f8a67ad75e07fb97e5c493eeb0f011feb1e37a1dd67acc1bd04502c9c74b4964fa68248fd36cdaee5512a92165249478695b189d8e317e4f454e82f1458e30ca2e3c5c935258123597d4ef0cecbf5e76d2bfe9ae57e76ef4ee1be11fa087af53956a88281942ed2843005e4b3c497c0cbcc23f2285887fe2b33c5578274e124b5bf279c9fc03d3aef7e71edb0fd0d80e0a9cce5337618f60c01f3480970abe2ec18b00facb520fcb4b1fc1f275135b8866d3a2c8dc078dd1fc2e6905eeb1aded87b2d9ac29f8fe7713d3f029a5dedc405915be2bc8faf1334cd7feaf2decd281ba36786176506ff259cc568059cf9c2bafde6b649bc84b5ddfa03aa9a4c4db58dcfe044b46a554a75f1e4fc70366678f3de50b0769db796272d66c302fbe1e41a760d7d3a080f0040b9de2403bb6708792790b67951cf9cb3784e636852d3f31077655a439552a58b59eccbe2d8fcc97aac41a787dc30040b2d5dc696297b1a3778db8d32e5517e7e4c6f7cab83302af12b79911df99ab5de94e1aacffcb46a15d19374f34a871e333b8d1b6ccb734c757991ce613cfd6c5eff0652c9221497839fe499fb0b6a4b749fddbbf72ab4099dd9a6f4a3bfed2966140c778bb5de5fd84d8fb5216111477443d047e0d02cb392acf655e459e927e9b2ca137d62d67453f2c9d0e7afce761dc36ee6d253650427648284ddeaf1b75837cce84335501b2a5881c83267538093090366b53d04c0fffc3df131e6399528427e5da7c3e03f0c759a4c7f42f0e394cb9cc3b2d689c7185bfdf300e0612fb350272360dbe8b8f346ad73711bdacf95a1aae06172a171ab9555337cde944926c1c06e5cceef8815912414bf72d31d49d7090e99545e04380c6f525919c0ca68980a3943a98a6ec9834ba0479c5ff353f4336f36b470634825cc815c5892ff1cdc45f48a55dc2088394ac44d653d3355a5bee646aebe535262aaa8e8c015f35129d3bf9a0410b3fc46652e5cd354b09759cd17c8f0d945e6874a119702c46dbeebda32f493720efe5d39d5f13f987c4d5776065cd6b01747dd791cb9410abbbed5d419de9016efff221030ddcd7a9d1df2a5e564024469981580786a4b58a5f35f8ef34ec2833ff5180c6870b46f582ee6a82c840a4dfef47b2fae0962652006aed0473fd67cbd4662af23fcf0a46b15b56921df0cc22e4a265a29e6f6d7f9b3c4ace4b4ea9d76c2b9069e7a164cebbb4fe2b78049e887b1c24e053634eb69468fd55809b61e2fd03d035155b74704fae62a7af068962af1fc3e82eb2ff18eea1b4f2dc10e86f4ad425cc28c4ac3d95caeae42ec9fe0e406ee241c8a3e2291eaa7caf0c21adebf4e20a9be73f9468ae2e334809a0fc1d4218495774054be1b07a1994574c7afb30709e96c6bfca3ac35f78602c785ccb47185b0a68bbf6c0b53f40e6a892a88a90daf828bcf18a7333e9c074f93cbf3b19c6837adae9696b75cb2621cecddd1b97c1c4977a90533a5a22073411ca30e4717fdd321c0284b9001ca25de47c66a5d853c9b0dfb762a682c89757ea8ab52062613d5820ebffff9fcccccb916eab16a339ffd987c5fc97840f60de475c96f2e25acfcd6f8402cca754991c8eacb48a546c6ed200f5eb9a39060bf18e05c0a796f55950893864569156d97dd3d905bc914ac8c9ab8697d98def2f8f9c8245855bc856bdb0c29d047f02a5d97b458de2578e68b56f82600f4723a1a5d627c4154e4cdc21b09ce9faf1ab7ef701afc4852b4031112bd462f2ce6ed353c2a0348a08955debb6ceb25bd73c83a006261ca9edbf7c9ec656577022e5b449e0b7a940571e85b941104ff11283027f0168278de2ca8580bd5a52dc65a7897c318760080a7f1df88cda94588fe9cedc3c49a94480c0a7eb61459828249641c09ae6fed24e63e9d9049e394f5c6752f1a529ecc95bc980aab793bf150fe2a577dc47b1cf3222c701326d50be7b79eda0899f3a9e3af6ea076013502faade815fc23f733c513a29587f7354bc98ab6ccae80d07718a281af2df22f3805a790550e4a76a205568ae42237db0d9ed133cb7e154ead15783775ba336e4853ee06e0e925d8ec332fe198d01b678f012a2f25f0fc950d04987e2ec16ae9af0055ac3865acf52086a48af4be746b5b373b62455fd107cd73b1b3941b6179ddd3bb6d86994076dc846208569289c13b63010a1ee8288cba5dba261db6136c3095a1f3f07d7540389794c011893028f95f61f44f86e6fd4aaa6d72ef21222f2749687bd68e94c84f6202241adafda41d60fc9aeae146259fff46343936a59b1834b78197fcfe245f35c21f7bd00d981a1fd9018c598d4af966c6850a06216dd11db3909cf81cf5200303d5ee8f437b533778c2519a1e4b9d2682958a215f6b78b720f460d533e98f2bb634dd7da93e5123d302971b7753b9c4c1e7237f15741cba88ddb2385659a69510facecde6c03aa4b9ba743e1607ca74eca4a80a823d8d57287f59ad4c3efa388b31d9078c7cd036657f1513b1a455606a0a4a15be4dc2981181c3c9eac8921c1c7bcc3ed1e704b8ea97d0aadeeb7a3ce252e6c02f3d23bbc89b481e4a003ea9fa069399529663fbc6f1a15c0a304b8721c916f35ad368edf51780338b684ed6219d4ea7e5a54b21e6562f32ae40ad20d5870f9def3989e18af7e82b9b56d9278af70fc73f6868aecdcb00b9ed367423442f71df2b65942054a233999b2e8d6654f6a946ebcab047e7c1dddcb9a38e5f9c0d660403ea05715488923aaa768600ba575ee01eeb5f4349917e734958bdb7884cc22bd9c82e2d2d2405addc84184e812c889d5ee364bf77ed5964cbc53ca931511aaed59bc2abe7d88cf23786bbb70eb0ff68130e143d35acac03edda59b046e9b566ef2d1d204fad058339b1e3b6d750aabfd556a34b6e692fda2429e4ab41fa90f7c6ac9a1b5efea1be6b62de767020eb4432e725a1c47a68c1b4d91df5e83a9383fba252835f1ddda1b9ead2594a80d91977c594c0ac4f1035a407439803b4976821f565bbd0f31126eb6bc370c6f7253908c1b092714e0c984b4afbdff758f38dc4949de1203bb359ff82c3b4b629ae973e1b97ea046596f49282043603",
-            "0000000da714e82f54dfd7f6c178572d168289c560985042e67c45781d7e940aa1a33f475daa7030d66e06aa3af46ca036f84b6e3b64ed6fd3192a9ce620f5646dc3e27cd949e534744afe3763f3766ad1f3040c8765b58938cef23bb6959863450b322a4d6abaacf215216be0ffff2d0032ea3d2c5080b75bd836bd89286193dce3c869c62dcce82a28a7383c7aa44c05bd97e018c56686042d78076739f8a335f3db927f9f02d385370c05d72859ec69a2a361fbe07cb6e2dc6cef48cc253d76fe80c65c2afb2df7a16e2f380d96cc054408fad0e97ba8ef4ab07a40720ec846c43c00b5bfd6359b187ccd9a39c44da45d9858a2e98d65c432199b44b09ba66d4db8908cc8d642bbc41e2353efd83c7b32898791ce4ab95977f813bc8af3eb03598f2773667277aad09e296675de39f5256c2652da25810bfeb575b36dace7ce0da4a188c30ab6cf32dc02eda4518b4811dce8df899556d50382a0df047b9d60cc2fb746da68e2635044bb99aa9b55b0b91c709c273a6b2e4639ec33cb0d89aae6667d2a7548d89930021cf49f417702f0affff0a3643bcd0d01755db385f32c3da9e8a09e1ba753aa8b2604f5e54186877aac6e3bf110ff66219441b84d9c21835bb9c6fcd0d4eb2cf222167d3d0d6cbf5c701c0372c8cece7e54d719cc87d5fdf454fc01be4255d00880c2c43abb6290098207fb9afa3066ad64c6298eea1db4f4d0955d7f5badddaea10a7594fd2cd97c36433489e2cf4c68edfd2b2de08144bcb43a72786e244f235812aeec01da3bf2f0b8b8f5a0594bd206990858361de2e5cdd88d58bf4fbbe4a360fdbb992315ba586bed1aa31993264969f3054b9d182c027aca53b6e44b1866e0f76ce781e42f65f330048ecdb9a0fb41ce5b6303871fe893c4b824f639dfa3fc44761caeacddc61fd5495e9e62697ccca4a25cca3264dba4c2e84c3c9ba0600fbc9418499865654fbfa601114d2bdd2ed7ccb8a98cfe1b01a3b6432a9d5ac508f118be58be1b1511f7da077dadc35efabbad2e8edc1b715f80aded69412833985e0d043cf454d0d74c5f0cd439fcdb14ffb3dd42155c00c6ab40cb975e4fce7e24d27be4922227d42f66860fcf7b2fcab0970c78a5b8354886cd1e0be2473a230f52ec9e9b0d0eba098a498b1f15f53c02bd8eb8b9f977c76d930e886bc1e8d2f60df02de4fa101c9be366c4cf6f12c1826d9ea8a4a68312124db136e3bfb3fddf46fec16739dd5f791d7a3b215cfcf245edb8173ef65faf7674fd461d0b61d9f72ccfa28092b1f879297f7eca38e91624a525d013025190371798a93e7271ca2687d9d8b9d19b152aadbdb3b1086df9d27bbe9700726be574823625561b65d5a4cf7e865228766bbdde67291eba7a33bebd428d52767a8fb9a96f7f7dc977defed8076a4acbc0d1bf78ef933e4d58b1edde90584b0c7a440db4f8a9309170ed54b2c673137a565d6ee62deace26f1ee568939ff5f921cc1e4a8639178d1231d21954ddf2326cd397e456904655e4c00183cdadd8ac2ac33b1e1113de190bfd61df44383358f1ad95fae88b43031bc9be52ba88d65d60f7ed19a49ba8d39ce4e7bf863ffb45bdd4430b76face2669e7e0cd579286edbc414558c56fdc44d79bc0e1d9dcf3c8a8f849a4ea5e429adea28e3be1408dca1d380ba0e06828bc5f33cd9a5bd62675ea79827b00c11a8d4ce2b095fd158f8a1b58907b016065a78a70910f450634e08bd132f2f6c510eb1bd3dfd3304c59676a8d44f87ef19623f2d4ace042c8d12f63f2dc7ef60d89ac00fb5a193cb4e6c40a2d2fbb1a314e78148fecb96437af58dbe7973c63b375788cb8f7a8af9a77b4c4d2010359b36abdbbadce79ff7353d4662fb8c28231f0c0631cccece50f217170093e2fe7063f2d13ef13bcd2cdbaa4a575bda1ba8b73b990ee52cfe27d325a6927de33b3a42b4059d3bafe60936fcf26eb7cf409dc7bb70b95a82a2ca81ae8afa7120d9f9c4c66ed8ad7ed4b02633f11913f23bdbd75d55287010fd027c7c4ce5c5c1f561236dde2ab0ab9156d8c75174d2ca2f5870977ec2cd9b2aa1eb3bfa7f7c828237cbe6217b8c317f27504aed5dfc6045aad43c8d9d20adebf022643500f7bfce324fee49118787b544db1fb511bf1f47200e6f2df8b779c7d9eb629b77912c3665d2003b3951f4e3bc5425a8183c1094de2b4bf417b3d1db7dd35549db5194ba3c34889ce99a13bcc5860c0fdc5853217e10796bf5af771593c47dfa432d83a9544da80102d74f3f920d134244d74646aac0e8bfd3842719dc8a79f15ff8876eb556191d20f66947db08bd93e7f3ad130a10defbe215b5961d15e0b373d3e99f2cb23e9e9873f1df4484d779daf8cdc6f2e0da7855e1f6c67c19c60844abd2cea13a102287a950712768c2e321782ae8eb7434ff239b4210ac0941789464de35420b2518822792f9490a6955c66ce5b9e6b90438adc255851152350aaa57a1c96391bd08c5d98b679db4c04478fef77648b0c41105c86f31cf5e0554ea3f79fa24e8ba6a6e14ae6c029376f651abc1e6e74341338919f9607a119d493acd94168a4b6be73287a81dd1106f3ce877eb7e4f2426355f2a3cf72b97c54de2de4689f9bce7b90f72a7c27cd215661ee2ff2de308848161f7eca05ff28967e1c5676e33d13fb0c1d05cbee97b0f5a2e9a3146db6401ee85a25ddadcb2f3c98a43cfe47391754e0a75fce59f77b4022c07530d86ac217b3d5c864661d650ed9520bf8b5daa2dd5a37a8f0741229c43c866fd5af070c5f41d668a651182c7ba43fab5246eb1c47747aea958946952d61171f2f9758eaa4319f4a84cb5c020034e818835d06a41dbc9d019d6b9971bff8ccb159e5cdbd1fe43e81b0c06246d163c531f0bf3c5e2369e8c5b2bf21925c3c261a500de90b94fda0c85fa8d781486d3085ad7f3745b2f056a4fd641dfb3270c3f1f03b91deb6ce1125cae8aa4afb42db0cfec6228450839f18812edb4cb0edeff8456de65b604b4fa7f6e880139b1a09d4fd94c41ffd2d07496c7f0f30545677b6da3127699a73fbe84a0e0b1bb7e23cbfb473a07adc74cb81454d7cf337c97eaddedf4d2ffe8de3ad645e77fab66ce3a9383fba252835f1ddda1b9ead2594a80d91977c594c0ac4f1035a407439803b4976821f565bbd0f31126eb6bc370c6f7253908c1b092714e0c984b4afbdff758f38dc4949de1203bb359ff82c3b4b629ae973e1b97ea046596f49282043603",
-            "0000000e8fc52c68779f742a04ba2effbdbf8a5033169921b204d3518907e5e8ce7b051b315e8c52f1e7fad26e3aac48f95c68fe6e9eaa92ba7a5b9afce1963c4caaa82cc295b4c86e987242c5fb2864fa0c94f9ab41f9650a8aa8a9ffcc182366e6bf33946eb58d4b64cb8e1453a6027638141946601792d523f663b79a1bcd062980ed486b2aab4848f50440c58c9effbaad77b427048d6f8549d31b6ee09ccac94e2b7da0d162759e8b431ba3ed061e0a057c40aeaf868f7646b221da25e3f369a1945b36e52dc77c16665ecfb615f83939685ce209c5559875310961d63085a422bb2847542513316b02dcb814290d28b52005d5c98a4d8e88e461efd45ca24bdded2bab455b60559c06dfed5acee085665741482d45e4d0f983e8af423895a504f05dad8a949357bb742f426e6af11384ef308bbad6d43176cd4857b51d64c1a97898508e1f9ec4357f18f6e8d426d1a56a265546994d030926dd19c6645225d41ef0efcfdbb871e7b108c3c4645dbd705b8fa45e8c0573e5216353208ecd28605ab3e6f5aadb8f4c0c1d9b519a45b62491350ae8d75ec6d50d2bed4504896b2178b95846b878097f90cf472ec998c2e540955adbcbcfac0932a5f7c8a81cd4771a823ab154a881066f4129142abda56f87ca3107d2a0510b8b00fb3dd96c0858e975ab36a566af9303e42485b51ecd4cf549c5ffac67cf238faab30667e3ba9aeda74deefbdccb85b037f9b91b82c12f7b5554767c1e302dd53d7630dd283b3d0d96117acfbb20da7bd4b1464eb57c31daec6acb4476b311b1295ac70735a184ee56482694dc6819a1b249ad865a6b270510f4f719f57627a325106d304abd4e0ef84289d311ecc13e00fbe675a27d5fa28ae3899548b987aae7eec3b74655cd6dc1970fb1a77abc1815777b6b4c97b02f32841ef6f191129bbe7369c24889b108e5dd12522639310c0659f41ecfdeda2e9d55967be9798b2ce9f490288b2ecab9b2bea33c09d89cc500005d05e6cb41abda760b0a1868fb9e89f75d74c40514ee21d87e8f5dbd1e3ce8aee21629b101716d1b4ecf5cea2a8d97effdfb204161b9bef0934e1777610c4f05d2f87c314f011a6dedf6a8ce3d934316f23d49f3c36f43bd55e31dcb695c2de70ede2d4c323807984194d9bcc47bad6917f290b0086f6cd0452bdb62d642ed5a97f9e4c1f6a4d4d15785536a437fa11ee766e39cf4d4ef92727620d33a477135f65cfb138df24d828f943fbf76d5911006130471dcaa81c771c31ac39b4cc668c9da0a7fc5e65c494d83d658ceb72a969b9ce261ac53ca1d385ec87112e963c85f7765af477b07c20e51187686435a5fddff3cc2e7902b408b7fc7b9901950ab9f1994858229bbb2f45e7944c71086d6f56f4bc2ae15d1304ae57b499898a414bbbc7f0644269d4f4ed1f85596985b31e468991b8d8ffd349c94b2418e9166d5ea4389611540cae6239ae91801ea4302bece753989108f6e0efda4a0211e5a43f1fef8a503188a2aa15ae58c2a81359f58b211e7ab646f31652cb7f3ad57e3ec0d3b4dfec1fe8405c32ea502c1a86c864cffd121c1c7cec942c41993b7f2a7d000ca971609ffbb8f59b1431202afe1417397f16eab04d886e76373d6349404b49d89b0890e5f3e45250bc79ecab9ecc6587de39635bfdb3add8c32824172df1e141f572d64267d08d0b63a9d212937d19738aafafc8c0ebdbd98798ba793abd4c8728415f5962abd3bf1f9b2ab225a225fcd0a176a0cbe887a7f3e0511e06a0a7661711ff65582ac1ca59e6afcdcdc21285d2ffd6dac50d7078da618e6f0f9bb3cee3a03c56a81118d03c9dbaedf20d76c2897a12225c3e953c9ef1a1f75f47e029de3b0c1ee2b93c21f2552fc5579da3ce345bb19b07ce351ea1db17ef1bf73f226cee86e7c5b4e9e42d980da500aabd6df7f864e1789e7cd10b185449bb5da587038882522e091436a4794f521068789b6c2410002ce62fabb190a484028a2d31b0a97c6629e12f6d65bfc7be6d245beedff8495bd62dbd1d69f9766df4ecd4d1e23f81d8e6c1cead0cc5e8af21b4d765f7d1af4a5ff1fbfd100e07a5c02a149c59c202d280630f07032998b7aa286755673ee01a210f24d93d7974e8c825dfcf751b416e32d424d2d9a53ce35c68cace06902d97b2cca12f0a5ccd59c7231e8a0455765633a63ad068b1335f62e0ea0a3dc2c9d0f8ce614d4df17b711133e5bbaf45a2956f8bc717ff0f79dba290598917259c0aa76ae867e5f924e182265ad7d5c82f122379fce815e41a785a343faf003410f708aa6fc989884bf8fad6517a340f7a36b8690710f0ba3c583b2ace425fc9af5f9286c662a703bd213b77fb9e0d953a511199c477f810f2f79274fb30dacc6330b61435fe067f44a4a6c7527e751a3598f8dacdc4b0d4ae0c24f5372d808e6cfb1f36efdb7bf8d676c231dc84c70123cad4e69f2d3cb66162c0e604fa43cf23984519965b23b8becfc9970fa946ae7f1d4e9bf237d4c9fe02760bece1f80edbf117e4b06a13a03dd3cdff1a6fa19e05cbb11408fa9a7098c284e60479eaa9d076a5881e87029887f2525cc29c167338a88322189b433965b713239802055ef76ddab6194d27d945810e97881e861050f13812170f832a701501e715edef71548de53ebeecee4f23bbf1468b77e4e5b293acb6aa7d93495994c43c292c004722cdbfaed3f1662609a370f8c41020a6c7ee8dc993b9201875aec1c1c778eb6033b7fbb96133107a1e7d91a19ab613f2b5f8312fea4b40eb6a89e2ca9d8f5e92b35c0e9765aa9bba5567e95ba2db688fe8ee590f4184244614d3dfce26d79485c736ed8fa5dd068c0d7822e75e9dc06ef7e98a461c44cf735ee16cdafdec154cf075f10afc698cb4347cffb4f98ce045a8a24d4a565085cd685dd7de9b5181e29c0fc963d577607be5689840d1408fc894444917505af68fe6edc6c843e38c7347c3560f94e91b91539e99d36e9075a3bf425b9d511ab03beb1603d6639ec212628cf9195d13d2788680509b3f8fc3a3fde61bfae24748a496c06ebdee026de45f8ac53f311401ab9b00db9178f91397b8ffdb170db6b76e700e16e3b2faee734e0516487b09ee81116a7763b0bc919ea062ab18aa9ba1329af73c4597fd612d79e5cb4976821f565bbd0f31126eb6bc370c6f7253908c1b092714e0c984b4afbdff758f38dc4949de1203bb359ff82c3b4b629ae973e1b97ea046596f49282043603",
-            "0000000fcc0e7a5d3665e526f3bfa0c4f79a87d0345c71d81e75cdc41e9fdd0a0983810337156d5d733a91a9d511129654d5a2c04e8f3b2a7995e23d075dd0a63a1673bbb3148560f41a7bcdfa0bb63a780e41916dc3bd8939d0b72b608b36789f1c785e3e74ce53916966dabf193cae2afba31ed7324eb1c69e20ef3cfee4e54593b8065ed26ba1b6bccc20db8ff5e5f3be8e2e5709dab064ef370d79b2973065d3e87e9547cbc99a5f6503e60becdfebe889f822b80af071b5ac4199c627861881ba14b6127aff5bc9254cd0db3d63e09041e64a3d26e34922d4c42bb00d99c25fa4e3a0485b3f4b28a9f287090bf1c25517334a9b56764e898a1c5f627b486cdeef3131fd959ce625de4f1500a4ab9eee693fead0730cff0eaf872f03bfb319ef51a1e00346d4158eefb68edb0270fe603021e60d28ac6967882ccf65d75f0cf17865deed8715c9e9412ed10ea7d551c2de1652410905e564573122912721636b1f048cf33b1dd72aec11503c06726c14397a801b607da4b266e4a135917d9a002dd29654e9603d883753273aac7007df21464fdc1c3bcee0028e31fb8033c23277b19e970ba7070a0dd3d1ccfd32b8ceaf8efd3c5442256279b7dbde34ceb1444887f4e9ae64787464aea9ea00597bb2c8a67e4ebc565db7fd90ac502bf54b34eb464c50988d895b3b530bfbd7d91b20a1b1484791eb62c64b9dd64ac121865368a6db1b264c4be7c650e8bd0ed6f51935c6feee99c666b1eb95b4d35bcd2d9470a9d9c6380c367c073fec2e270d1fe9a9ac73885b32bccfaedb37b76cf2690b3e5f44611748d297cf37d929b33b2828c4a4f360a60eac4ad4414cb97822c5673b08f5faac36dede224007fcb6d23045bcca880b505f10aa1210dccf4330bcc616bc70cfeab4e23eb8f69c55e184067ceb6790b708ca2e6ae0da65c5c4b22d8e20dd4ab8322179b92347fbc1d944ef51e98ee4783e49c133770a28e77f99bb485a1fa9dbf0ad4a76c8f29745e6527d73dfb9f0d31b733e88931b2d30fbb2bcd18ec462d86b1d6ab4912ad4ef8cff7e0cfdd1fda1b9e80603b2f6afc8fa94dc9613d11af205ac0018d2286639cbc2d9a1285e9017accf5997b5ba94df03f11df3353f96441398198d1ba09a9746547c78a57628ba820fa1b6b8b40a310454cd57d4d4505cb23a937fd3d1a8e4705132b6b69ba446dcac02e3d47ee27aeb2c9739e513137db01f843b44fb62c760a5ed949f78ce4ced311eef5d058ea29ec89f4d19adb98c79e8f5de1b84ad422ac26e3fd9fa2ab96dcd9c57807720b0eabe4fba74f262028eeb0cc97ee200cc9587ecba4c6dee3036268561210063cf8975f04dcc229fb7245bd57ffc76bf2d07eedd956ff2c52f22b0f40d3ae7ba6f4525f85120ac7e582ad921f44d3d76dfd7ba98bcebd2c891fac705bc7909688838a31b2d922b37de1c81289562a9c9dc0b470fc4be6a82c7065e0f998755badd4467f6fba1c57cf849d69aa585d9ae0f04b478c9e3d7b19e1f66f85c672d618784b0b0ea288c8947b4c36bb4867afb71e2ab384d542fbb6a88f73c3751c8a804b65fa524268d7349b402d3a3afd5d272ad742723c61a26bf0e50b801240f4babe293e42d5043ed660a079258752e38aaadab4938854aa5a18fa30807b703726c4137587ecb0579b63f7e6a2ea21858cc977c0e8dfd1ddabe69244faae38d184beca54cd691f175ffc6e8b621a4628e104dc8a9629a1169947d17061680f818eda5f7c5430bd87da506e304fefb9d687e2ff764c0885cd8b9385b5633daa7d4a5d50850fba6498261f76dfdf9e4bf1c431999db1d731e68c1b74a11f4fb5fae6d0745fd3f823e621dc553d1c42b0e0ab488bc4e32d21a2018c292df801aa7976ba9f0c55f14910fa9d9abc13375e93fb8b9135ea4c25ccf2de87ee7388b6cebd99950469a815f510a444f388e1ff5ff57984179e93c2c20de13a69e9c676272f5b64d2736a75be057a470d4f9c825525b9a0935b01834ee82383bcb620ac6096445db5297a7be006252325c0752272ab9904d7c7a00f6661e726268528cbfc3fc13180ee32397ba91a04c81912603ba4e98bab97e415cbb2a7660e88d52d468b2f6ed9b98d4223aa15c661d187282e55bbe0b8d589e528ff9df1cce6302f48ba9253d2be75d0ce398318a97717d14a6e085588265dc0cecf320eab11725d3756019a3d8bf054c8e3d4da6e4108ff4f5e548576f79eeb11b53eecacafaddd2a648bc6d7edbc8c251a43d64a5d738570594873ad3342afb00d8cc9470a71bff591cb6420b4cd36c52ad5612bff07966a0ebb1361a9dbfb09d72230dd48aadf0a9132757591abb55f11da7978454aa414e8cd55d895d74d246a0c8ec98ed3954695f7b36b79e65a2c7af3a755e647887955932861d2ad6cdb14f135958e0858e0be9fd563d692a0a0809f69b49198c5de2318e6af59e7901629e9a8d364051cf5960145646ff0d7436bd05a18db69af2ee8b078938af8ac1c7bc1cd0fbd742cc21697c5e23c3511de7e75c0fcddc3b4c0de91209aa252e7c7853759bfb25a2ed7c71b45c972c6722630f0330fcbad42ab8fbaca41fae5fd37cac2bcc0eb947801b6a545828e3c6ee58c8160f3a8ac65e146783bfe7a42d800f48b6b8e4c10ec5cf996a7f1c9cd88aaede2a44607ecaf714ca38976ec0032c5f070f82b101e84784b1a47124f9509f6e61770c68347d71593ce6619802041e1c168a75e6035b8fa41aab6ee46f1ebd72b68e59e3fc2cc512fa60456f33ff35764be41deea78801443edd9486c45affae9ee6c5b479b6f1a543b11dfa3a88c1169e26add505ac6531ae26e7cdab1a97305d74a78018d09789e058b698cf8d3cf27072e8b74134eaf0322fdda88a2e3c9f905103021ec013cfffbfc0afcad6def43c04b1780fc73cb7c11a61b69a539433e961cdc8bf8146288384383979f0059d587b44eb4591e36b5acf05798c91f8177e3b30a82a837d199e63a9e7c403c2070588afdaab2c766b0a39b7e0cf8d7681d346dbd739d37ea35740b84c80984331eb5093fd0b2fe49d18cc0f7268df4925d3a1884ad7b6eee2f7ba0afbc9e5342024b614f4fbbab5561c31203c4f1fdb6487b09ee81116a7763b0bc919ea062ab18aa9ba1329af73c4597fd612d79e5cb4976821f565bbd0f31126eb6bc370c6f7253908c1b092714e0c984b4afbdff758f38dc4949de1203bb359ff82c3b4b629ae973e1b97ea046596f49282043603"};
-        int height = 4;
-        XMSSParameters params = new XMSSParameters(height, new SHA256Digest());
-        XMSS xmss = new XMSS(params, new NullPRNG());
-        xmss.generateKeys();
-        for (int i = 0; i < (1 << height); i++)
-        {
-            byte[] signature = xmss.sign(new byte[1024]);
-            assertEquals(signatures[i], Hex.toHexString(signature));
-        }
-        try
-        {
-            xmss.sign(new byte[1024]);
-            fail();
-        }
-        catch (Exception ex)
-        {
-        }
-    }
-
-    public void testSignSHA256CompleteEvenHeight2()
-    {
-        final String[] signatures = {
-            "0000005b5211d3a3a61178505fb4f4abe1c58d7ca7c17d9ae56ceb93762c262e501c4b096ea46a1cf5a874a2822d932a1404caf54ca8279136f09cb89f33a09ff6045c6b073f2b43cec2f1538a2613d6186abaadd4a636b406e89433428a36f93f02eda785eb33fad4393779aa0830407975dd55bdfad0bb84ff3d804f0df2410491a9fbe51ec2b093fbeea5b577e08cf46e05d4a27f7159bf590d19ef3a9aa2e97e1f3de574f30ac6085cc8fe82c22cd4ed7e79f2a0ff91d4bad8ccc1067f10fe5f1fc6c2ef1ce5080039c82974d5512afc55f33f125b7ef7543570d75d4428f038ee1519a22872a5cdb50f0def83eef3ded03a55285c107dbb4ff3bd9c71f1833989821ed98c35854289583b737f12b08a750f4296d49d90016e852d01265ee6fbcd67485a5a1582b5edeae237e155192e8e0a99ccca6f2e0d5a11be271c350c0568f11efb1f8e23dae3039c62dc7a8fb8d75ba9989067d8805eec35a78c51dba7a46c7d22a18220a1e131a157beb4eabf9fe83fd722fc3c8e24293da0fbe91a44f10ae7344934995da41d6e9389c170789d06f79b686a09455b4f335053fe62946db7bf7a91ee8bf6659876939858941372c1ec2f470e8c880a83e20f9750d6a7d4de06488297fb82e72b4831b1e2a7e02369e695d948dbbc6f1f77e031d3a3ddc9f93a8f36a6b1eef632d9c7136cae6658715373a22f9d56b62bb9a4765422423baf1c6628fd5a1508690d22ef143392eaf2a451df58e67d459185daa4a14a8b8aa288cc070a28007845f6621bf4655c92e6a555ad47cb94b86452d6bb4d30d91dfdabf099046bdbbe7f376b4953a566a8593364dd44cc804f9c7ac38dd1f1962f05a7c728253abf52092106d8e95a07c9981aeb49fcd64f3bdb1188c5c7daf7671cad736853865cffc46f90f75e512931221766a03ca980c4c886e8163927b8ab0acdad4ef16ffbf43bc68d4a868e28375bfd5a75be2afca8d4968482159e823810521a20b721ba6ff11df8bcb8fda6563cecc65331d3b2f83e698d9ffddbce7cd39cf955f22bebe1bde95d4629b52c93c3ed1a241a53315009a5c0ce636b0780c0c8b9ac838e3a2e89d19cfe7f682a17d649a4c7293feb38a42faa2c7c949185cca804a73f123699c4c79d8bf4ec4fe69f7192d2ade210f2bdcf660af503425651b85c22abe5e5612b59622a1dfd32d0d301abdba78b79954925f702f10af7c881f2af2d80a5e127c27c73dd098ea60ca1ea7be24a94a57ae10e809a24e1c807b4482ca2d9029a627bfe0d9dcf6643800475306a3eff0c33c6c6cf80935d3e4023d2fb93f8936e0eeb852cae7c2bbd3c87b9bc9bd94325032a755382306d0239d1d07b79c0e50c9fb4fd8184e9cf7b33f196a6a676654e01721a42bc7b75b5bbfe0561ee699b817256edf20234f4e1e00e147c40e4bea38c037e24ae2e3df7a11fcc08e7e3998aa7ed236a8cbc04086b8fc622488df47ef3c51f02443975f5927e9f867ec6d068059893ddf112b27e4048467225dbdda0997180a3725149fb55db004aff67310ba94c25b3003d2a50b39cb44e1744c336db6c7508cf0ebdddc382bef767c8a4feb2ee8c2c84b3195a8d42bb0b045df1e54c5d82108f87ba40e1bc5abbd0e51af7cbc8f605e1afff90eeb753c104984231eb44e2f308424ef8e991efd0a2dd7d66ac7aa9988996bf9c682b41b3cec98872b94bbdbe7e9eaf16f608851a94d65f711855adafb77746a518514d9536a26095048ec8fda2b051be163b5c35e22dc03285b1affd95a8d9d1b44c67dafd04686e1d7ffd742e1937120a72c5fca42df6c5db00fec5d08004ab2dc3351348f525ebd4acaa3f8ad6cec7659dc25afc2e5c84965856698a4714539f63a6e605bffc77e45d8cae8a5281b181dbe9242aa23c216c9866e25105689f7a6dec6687a11e92986edd714c0e0badc86e33533b809a3848888f12b2a38776f69fdf46abfe170049ce1473b3fb5f6391c19aa71f852b6f80ac50a465015ad2989ded9f636b004324133d16783ab55f3beaae8e52e0c194a37f50a3a423019e10a18354a4860bcba06d6906a45c71062ed7533dc584930bf5ab03ec32340b0846cb3879d539e6bc57dc57aa1f4bdf4ccf4d4ae7c61892556cd9385ab4331f853bfa5aa928b982d4f9418262d32a162e1dfebee44fea85d4af241ad66e21ff831789aafe11602d521449f5795de91a77b0661904848f5514c3639a64002eb45f4da11fe35dcd0d29f8db611817d77d4116a3564616648010e92fa33689ee35dd0f2a19dfe0c54b7f0590d2490c5f848b1cf292803d35a271ba4ab7fe42449f3b0712938d8dc4374f76ed125a7fcf738310862d1e5c988f7e9d9f394bb92d97204bb724ec94161d55e1f8c9f040207113fb873eb0f2d50df86fa3e35dc8da193227b78410612554ea5c547a64b4a1d9ebe0247cae5aec850f9e6a44936d1b0bb183228c7372c3ec09e5472b70d2bb6128ec89c36c21777c91d64355bb9bcd4f4f8cd691a0562e37dce60aab74ce96c4146fea0cc249d22c5a0ae399f31c5f0764fe9478b2286b91cc124eeb5d4d00e071162b6fcfe1e78773f3465771b5de35f32ac951561c9a16dae856dd78b8bb02495eb55932d85ed9bf1038e2241ef44edf467b7e38bd9aa41ee6fb3fdda95ed97fac045ecda99ea2b1f82cf2f78b1ca9a93130a6b325ebcdff155ed9070138449abad864074b3ff250c9354e7fd25483f1eb215d24174f40ad297b36950ad90f4e39b5277fc7ae711f6ffc03e0b04f8b3df5a7f9d9dd612cbf366d1d55ad39a59732fad55dc06d87516ae0403caa64accf02d954b507f971fb03baed4f9080bacec1b6959e10b5c33715704ae6bb38593d668f0619805e737eefa2557a5e1c114ac77d228ea7d6bd8ebaaef4b84438b61e6d548cd4e7bd65c1e948b00ff7b408f05522ae7baadd46cbbf9a8c672783b4348123adaabb4b5f4b4f4d30a4a452bf08b2bae6c2daf6c3d3c77e3dfcd1789adabcfb5ef56a795ef1064bce634af82f9b14d93cf4790d231f830fcbb54809beb863eddcb445e316238e1d18fe1beb096b5aa49115f74e3d28f09802cb237e59f0f72abe9407dd1899187d858a9a17e63ea71e3eb69b5f1cf7b30fb55ad5a6bd0fc3596fecb52c183f216b45be8aaa048bff6f56f7c933d29e99b3f25d18cf23f965d9fbbad25d4593fec13eab3582bb080722a88fde63e5e4df8702bdb68dd1b5551acc4ee207b5b657e6553c31d6be48e69a7255bbedbb3dada702f8a7ed9dfecce203d9f522cd201cd13b854991f37e3ec64fb2d0bd12707299bd8aa4c1f0d7b24489363f343e7e53f773e0e49032e80d2e3c2c7bfaf37319537bd7f02203aa761d9cf96fec320c8a17969994ee3b3da9159317371748b85e824bd82284875b7bb65604c94ff0b8816cef677ade31963bd514ba59e3d998735a963d018b840a80be11a52ccdadaceb7ed45f0763e6cd49ca6af97f6bde85e4569178192bab4fd59d8c2b1fec181f27a8fa2c17552c16e3b5",
-            "00000082299a59307212641af3782122ec7aefaa2665be6734f4864d948458aeb50a4f7acc620c905f075b16770526a0ff4fc657eb76df19756af8e3cdec9e766ff1dbe0f6bd129b3b1ddaf30919f4e4399730f2de322348c69e443e0f7b8995d494186cc3c375d13e836bf1b75b5dd40d4c94359e4a3567984a9c1cf5cd50d8b3e095be22f5f9bce65f5b75aa75996cb5e19715a8852373e342143ff8631464a3a8d4792ce675c6aeeca8aeff13f4efd886f2332464463a88b4953010a0986016dda1544f42393ad991e12822571094e89c5d7e9b9cac61ece754fbda2b765ffa211fcb102d5800f6919fc4b6e208d5f1fc47bb41b2dd0de41a42db8846b978f4bcc49ca3a1db5d4ba8781dc3019d3cb1cb0737ca3ba5a8a7f4d2668239fe8c1e8023e3302f3b09245e8d7892160bb09b2acbe6d4a3ad9f2026d1020e799655fe3a6dfecfffeb8c403e08b8e53037e6f93049c68a11acdc3b268e0dff6ca7fb624fce3f04e7dd1258e7c1bf3db9b73de7751fa2b06be2cd6996da0caaa7cc38589eaa376863f07e5402ebf67cdd46dbdf78a3b7a7b0199b058e48a22f7c761f808e05e3fec93041a26ee2d39c875030a89cec39b34b3ede5d2894cbfdd47966dd57a7c0b237d632c3d68a199b4ddfb0c3a73a9d6907c60f11272cce0abf18d90be62eb410dfa806cb753a9fc54dc9181546cb921268a2321ce4dc358a2e6f6cb7ff214886eae3b8b052e5a527bd4a979eb04d79bb8793c0d6f59417d0ca6e2d9d6ec7a7e8171f7ffc4dd598bc04083c9a71e3c8989c834b1246324c3ebce759072466ca4ba44014d30877fd093320b3b4d48f64d107d7e5ff9d203667b42b909b0fdfcd76ace55fb5236e2b2fe91241a5367688791ec5ef6ac32a66420191c3a448d1a216eef1dd4697f2597308f30a540d65b144420a22e1e75d2e8a3939aad78cb2e868f5c074942344e0597194bc56c118715509e85c0370f526ff2fb6c366745e1db333d3fcc754d1f67e1cb5194c1e636a64891329164fc453fdd3abd1362b4824de266d890dcf8d0af7e05ee6055befff07c68c359dbd0615e408c8e14ecdb51dd15f6ee78a8d45b0c3a3478be08b3656b941cbe355c43eb86abb6b92dd034ecdbc5cce187c88988263fec50be9c20e0ae53e1c47077805de8496d649a906b59bb930bf537756218b5ec6e1b1cea9a2204cad1faf02f07a585ef3270512af36dbe7ec4f7e63a071db8a5e753ecd1bae7cae28796759e749c8ca4df97a8de783a73bf0a4c621acf4accc2258ffb23faccdadf74cd0b532ff594b09609c5f68545e96f0ff1be666a8bd1a767b1fa938038afe31259b45c10586f604d77c7944bf4998a24325cab1e2d531a503401a676f440590ed42c7d98e2e2704af3a7ca6a9dcdecae0485566dd83941992d21c8298df3fcc8090149224250efb3827c102abcc06e66cd91f330d5653c8f50cdea1e56dab1e1b10bc68e062fbc7d94d5c8be08c6303112c4b41d12e2ee9aa705526b2217742c8f07d9c7b82174d47da5b7e3a3587dca8737fd223a035b5327f025d6a147181497eda09dc58ac92b2501ee3a071e4e088e8a9fc4e48e3e672a1583a1e90ff76cbcf81425a91c4b4965b2f4e1540f78b299f0b19ec137b767f66e953712c36db40fd09036d3c5402191ee64c17c86fe08b69b30e47af60da9514b3534b9e7baee97fa3d239c3a35de48034c1b859c423835c2689431b1a38f0d01c98237396258abfc451718ab66c84f031fcc7f720a22a952ffc2d527f750ab8adcfd5345a2979897097db3ae6f15d0240738fb0795aee45ee6a4c07a0a9f9b7b98ab107656977ec8ff18f6658265cb01b684903c3cb2cc0233c0fffb21eb56fc0a1fe6f6ec38514c7ce0651515bb975e3e16aa7b0ddb03b8760b57fc7371a4bb232037e1e94aa413a430c95ef60116f632a937947fbc0904b318ce220b71e9cae8452d9bf36dc6c9a840ab6ee7077daddf9aa38929176d117b0f0ec373321e72448e3c53f347c4bf32b2d98950ee8536568d58da9bceaa7b927b5fa048f5978d117668c2a47db89b1f7fd80476121df5e5d6ae1e41a430400b81edb5617ed4ed1ab594da576eb24557a8bd558993ae75d48821b8864a356e703c6b0b87acb7224fe3e59cbe97d61701a81df0590635e05681250a1458a2c93618c82bd91df2746af6c33e4ea348e27eef4e8af5f85212f16d63dde7b5877929aafe71eff5a5edf476f18eda9bf3dc70b9a47c58b8d1b593f502aa67452482efb84e8bb5486699adc2aa8202dd0255904f934770919f92a4433ec801c529752f7e3128d34324c5e04ac08a4975836ba69481d81b651e33c6993f12777659e5475c9d83e6cd08d381d69dd0d13b1cb7ed552d0f3c5c3dc64ec01f893333050cbd9fd2dc9b297e9234d3761bf3af63d6c4c5c2dfc45ef573f07adfaa1f8d869d7e4940c8dcbcbd1f9b262dec4034a5e4f0ae61964b2c1cda30ea85a1e5cafe5aafb162c2dcd601f599227719fb9c2fc4edf744669a7c39e8d19b908686951d4fc91983ad12451ff9822d5937b324de12e0d29976850b9c1b6e88894d42e1bf53d72122d4e6078e16e9ccdeaeb55bae1489b20cf1895e1e7c2a7c22061744c232630a0a6c22dc136d5859a01acafc2b056829a191c53f9e71db7b2e5899d902842f7b8547a72b3ffbf357052ab55acfc63f8a95bf37facdeb46c53c97fc09831a363a26cae6f4dfb84aaee10e61b4972711725a7eff18519af7bf2fe067c6140b9b99f4fec0d4d085fb080fe882556e1bbce61b9418feaf475570f15887feefd839e0528efe433cd180614ba97c15f063df08ef185fe16f61aba686e78681dcc921d693a08ab1887b6773e9d6d31f6221c4e450e528ba5e04e8fc1ea2002f4293b984ab5e4be7b2936c37006db42f1e78c0e6e2195f284357118b2777bf54e2a75940897bf41e6c6732fc9383e56f5cbc7dff2eabb6009e609dc63c41385c76430b98764826b94cda6dca08fef1e94a0b7c06cd769cd63f8534bde1a509ae7addacc7938d8284d333d5df116dd8f23bd5f17ec3bd2148d1391c07699abea5026726e2f24b2fd88b88399690819835b1b7d957a3ef8961142aa03390ee8c2787a3e4a9c976608e055797abed36321593b21c3bbaabd908ba6498d992717fca20824cf66300a5614f9cb1bcdda41ca1fa0cfb05a9ff9dc27278387c7ff082b4e2f11b616bda9017fe666b50d25dec6fd7b59f1da88db41ab4a10f675f10ffc4b539f24bae8a8c3e17f0506c89897afc1bb9221d9da2644a542b5f9e639a2e29b7248b28c51f52a75d4c8ea635e7b066341f942caf368037e9b13476608c1565c80311c8e31436b541591517b401921598033fad05e9b12b913378f4ba6ab6ca59a42ed7ee99bb3a754a8ba4095c260e8f5e9a6a1705fd92e324044d34d14ba59e3d998735a963d018b840a80be11a52ccdadaceb7ed45f0763e6cd49ca6af97f6bde85e4569178192bab4fd59d8c2b1fec181f27a8fa2c17552c16e3b5",
-            "000000b0608636b65bd2e93b0790935fe0110644ca7ec7189eb50ec64bffedf64c8a718f30cf1e2297513da5145a6ae6e0dcfcdd4fc08991e0d9edcca95f0f13dc43220211964daec0c73e29fc3bda0a4253e68330a513cc3f86d3c1907c9d6ec271ac038260b375c936f868a312524a9970cbec77667cb6b43fba7deb8fa8844f5530e644cb7faa36222d6d2c8ef45150d214044c36cd5b98beac3a2c29557702f4f38ee1b63851ec492efb1999beaed988c100d94fa42ee3e119c046fede9d3dc7915507c24cc99e7f271a13c861a7eb6b593826b39e99349233071e2ed1fa92caa6960d119729fb266ff297e17865ca3efaa95e5745debd51043be9b4a1ad96462ff404792724c201e1aa965afe71dabe13dc184f9723d69ee51c5f6951ac37cb5310b1860a698670c40f61f0c22b35452db35760fbe65a928493fb219300da1d9cc0ebaf3632fe449443033c309f397998adefd2088abd5043e80371ec45809e71f5de18a85521120c7846665e97e581e2cf160e36cb5d12c87e64ba3fff00cd4693b0e7610746c98c7048b725bfe352203ae581e4c026c4e3bfe8ec10a20794b9e4dac00da44bbab2af4c47611979892605d1ee4c43bc9165d8c45cbc52e38eb1705306e6e3183a73d82d2be435a9426eca1b4b5bc433d881e991bc8c73a3e4232e48a6deef5fbfba9f0c748526bb457d1a4249913a0a549a64ef1687cabb820ea831720daa68efb11ac41d8259df5789b41d8f5af7edda5bd0f65f8ffba79812e56f6d00ee9d57fa629f0649758865f1ffffdc56725eccdf9dd7a2cb1bc1976a799a471ddf1c6d779fbb9f28d1b80ce4f1e34118e876e6eec6674491f545ff648e5bd3b45bc4343fda88ecb7e508a155eec53ed55cc4c3594616eb68dc5bc0cbec815e6de7b2ac9c3062240143c259e1b851dae99825864d7bdd67d94187ce6630db9c5cfe4a93df53e46e22a50e16429c72a2e8449c424695a2e21b6aff8615514392b0291d36eab45ff07005e9faaee761b28e95bdda8a76faa9e9a6b783b926e595781ea36ab04c0404a78141bb9c9a163f5e54b8758107414710936597e1a7a79547ab41ea3d1d578e11044965c2b63de361acb948ba1792740da8960408a773ba9b110a622344c8f4745d17590b3117ab0c5f22dc8f650f9cfecd3baa7777da37fca90edbc9ae07cd8e103dcc315b68842c4f1d752335deabc20708c6ab09b8b5d7c649da79ede708391bbf38483007d8087e15d5bc7e03df2e5031c0673755cf68f7a473987637f189ef08c38e9c434022dff19fb96b5ef1fa3ed564aa7364cda56bdbdeea82605676efc98a0c28451582d27ab1942b05cbcdeb106a62298d39c8e1a44f9ca3c61bd23bd9c5af9bbb1aac00cf177a40e8bd7f6fc4f80278b48cd8938e40be86d09f4d527e5987a4a3494c0d45a6836e11328bee88382b0175b77c0add806cca6ca7296d3d289dd3145adb352b58b67c690e346a5e626dbd0d5ee953b037d0265ecbf3aa43eb737d857b6d3e29591c926f1647ebaabfa75a8fe5658fb913e9aa6b0388fef3e449967a106ea66f7be97f746ea24b165d12f32e22d11aebc5991da331a6c7ac5de98adee512df6f33ea9ac41d7ee67330a91980bf114c2383f3b9f727d582d0cbdb2d09bb7a89a5f0c7c89b8d17ec35ff8adc9ffd3436881e6cdc601fc7d0a7ebf85f82f1597fba4201eb63b778dadcb4f16c78ef29fd903147e6c1e058f2dd4db304e9cd387c8cbce7d3ca7826ed7bcb59c4ff44373904c71626262ffb293cfd74f787490b21da55bc060013741e281652556209ea464547836e1e0adf46d14b61ffb2d9939cee5c00eba8274e724fd3f785240f3f714132679bf501e182ed1d92d66586733b8c979c58d5619f91fa14b720875738539386b0df4d8fa3496ce4619c78444593fd52b513485f994421b8f9efaca61fd4ba457783d9950d050f64e265395c4393bde0f1365704fff7de9e9aebb600bcc795fe994e244fcc7186fb171dd918143f824282b6d9a3f5414db61200fd25f4fc172eae69e85aa71a8afb4f296510b95c41e27e33c573b705bccac633d162967bd0f24039fd33bbb4d051f99185c0083d0db4225881fdf201bf2a9d4d9a913658b175116d9e3ce57101e5d5f4d4eba99aa4e08a813bab8364edc94905cd79d021a2cfd656960edcf77b1a49f5d7e932e9b8c81c7cfee1d561c78d83e8a20257d3e0c33c9743e08fe9d3dd6c4e265619af8d1a9044b4f41fdb0a257ad7aa8688054486d0a43deafc566c4f74de2d91c56f01e2f58b3027b19f82bfd3f622d7355e933777ea81182d68218bf7e0a74cef167e1f5f2b18d4422ba3a34c724c798bd6d6eb0be5ee2dc0667eff91282d54f4acae482705139cb7349d7acfd8c95fdf6d4ced557d48bdc0a049a155420761ce3f4adab176546a0846258968eb1d6ab67b9fce931e4aa1cb9762c7eb7509a8a1b1cfe5d17b9b3c055acef1f2698ca063207f0a358ad034d1d4d55e38ba0d979c13aa17be6c555a3f959557f242c5ca3e2877013deb20d623ecd688418761d208e7808bc014486535f3192b50928f1ce861157fb8891a8da4c09d13f3c791f5d1a8b20ec25f8500075a6fce54afa972938ba838c4e1212f1b07f8aecac78f0c3b088e003f7087ee64c5ff22f12235ec3b9bd7d539408308e10f0b651fe37ea69ae5f860dbad25a4d4c55193ee59336d21e864ec2b4da0d3816b3328da6d22e9feaf51df9af33a5754a4bb67f65bf795dcc9e6edd7430882634d6b8888106b8f68b1b4308def8871decf9d242b89e66dbd669e3a737ce22259c9f5f197bc33abe2f61ff35bc0938b55c3bc1504366aae415fcde7031bf92abf989726ce72c14f200fd742509e4f344d6776796be55c22dce3d5595f1228843b8ae57cd093693872415fc91d8570870151665e11b85c75c9828a66b8114105653784272710917d044a558bd21d48efacc29b07b8847bed52929115b7c8f7a80690085b296092adc2504c6afb5984d78408f66ee23d58b8405a88c4a413bce09d73ba35467c55431a24acfe601ef3402e475c31f01cc9de7eb8ca5b7ac0912b85770411d8ad498b03b2331fdc10fb928d287cd4af01e28b98194a68b39aa8caec883c6d367bd63300910af32c98ea678c4c5ceb546c2c77e10e96bd0dd03bf5c3d8d38fbc5c8605826470a71137ee4365d8b384d8021a8f433c6060a90f879cc463108eea5d066246d3757a3aab6c4fb2e84598ed7a81f004889771d506ba5e22acf84abd03ac3cfa833f8530c68674ad72d9cba048c0650e313343434417257f951c14019cefcfd2643f6c52b8c8b431a59b0c0349c1565c80311c8e31436b541591517b401921598033fad05e9b12b913378f4ba6ab6ca59a42ed7ee99bb3a754a8ba4095c260e8f5e9a6a1705fd92e324044d34d14ba59e3d998735a963d018b840a80be11a52ccdadaceb7ed45f0763e6cd49ca6af97f6bde85e4569178192bab4fd59d8c2b1fec181f27a8fa2c17552c16e3b5",
-            "0000016dfe3b6ac0fbd2514e3449cea6c8ff65c128c1f144e64ba73e4bbae7322bf6f22158c1ed378a1f960ae78ab934ab5c47f25679fcf2a503ac113bf7698e00397adb0f65f04143f012bfb31a7cf50df8f404d7e744256bfaf8cc54f140b187fcb56ea081aaf8336ed6617218f47da2ec97714516f20876edb8795afcab4f1b7af4c75d29f35dade047c746800eb2c01f90cd7fca7a2cc3cedbba6fabc509a230f951b05883cb3afb37641c48f359e0b2361d3ab98c7ec62f1c7b04a5fd773db58c7dcd55b6748379c735ab7443f07594a28348fe3b74fdab37e9d58a4a69c5c324d6e6384a61192cf23c0c564ad988afd2ba14297b441322483c5a07fc07b65d7e1c16daf8f9ba1af043d6ca706c0f49cc2c78c551613e2f73aa84a085da3a0cb5db387e39f552063d31ea40ca36e76d9f70cccb4645f24a12409338ecfd2f4f2757d9327355b49286cbcce7cd8445fe059a0b4093f08c1a326f6ea17d3821535464de238a40f0f867626443652fb1155cbd49ef0d0baaa284a54853035c6181e16bbde611d048d7452255cb45d1c91c5618566a972eec3336d76cf9b1bc85c057f756c55ab442159cb5fab99fd9e53d69611a9785506b57a5eca14096f74a8204a880eb9bbb9223cb13a563bc3c55c4b9e9af481cab8364d36cb19e8727e5fc29784f122b399918efa6253284d91c468f2800417cbf25fc1a5e8986071fb980119b70e77d8c44df32c147ded0790fc74c829b3a98e5b1d7f33e56f1a915a0ccf855d281ecd867a1ec96d59ed96906369548525d97cdb060233a89d000117a18057ea3826d73c0462dec997598dbf41bfa6ce4cc4ab42600a1c4fbcaae8eaa535955c456917e1a9949783a48790e8387a12e813047c4df33647d5184b33ad85c1174e338db84a490776101eb8def21cd090020c7dc7b4b8fd311cdc5c6bb4790353b21cc12e5264b81e626820562f8f40952a92cd31c3c34b884fbf3fb3a82eac566de40c1593ed67519b69ccb9dd3c12793039c91b1fc273d3b6e5173a54a69c088f52814c1cbc9db34425788441825c29246da976592186df899ac681a7572c4d5b43ca86a70df98e0206c3099c1649e7af116460dcd7a23490252f93519f02373400436ca5d84137ddb9b79ab2d9ce2d68cd9fdfc9f9ded8d224236a992635e448e611987ee061368782639444b852f5579693aab334e00d4bea4aa0ab8410827a3f2c80819e6fd8e19016aefde55ea96d12d97e1432134c68343e6c6e241bba990a07182c8c898c7f58c4486b6b1f72f0205059c6f7dfb640d770598ca6c5128d0adc833aa5458c46d8417dfd27779f9bada125bc8b52a1f22b6540bc53215234aa9a5aac15a4f9ce82641b1f12461b28cba637524c27233a359f01816cc1f9ff1d9dd2112b291fa2b572705c73efce4fda27f90cb5ff8d847f720d2f1a5eff800331ba166a791113ac90cfad41fb9fe89bbc0c0e2a95a9438bf5751aedbc654e88666a2179aca638e5ab10f53cb195dab9e37720958413bf59909f91c98ccf87a36f3e42618c86e3e2b5cf270c211d5bcbb45683bd9676df3edc7ba6905b06d942d3398f9765d168544155937be426d9d4618f50f6869e808582abd14d3bf306a48b74da1104f53bff753f35fa061c66bebd7ff906697567f11b9065d93a8c03175ad8485d08c038f944b33f9543b5c3c57fe06f69ec1302fa5bcd475007c78f7e8f683db89b73a09413c0d15c96130aa02082916a8ec80930a378cc4eed87e184a7805e2385d09eaa9dcc6024e832040b264fadfdd817682e3767475add5e0c08bf6083b4046ca56f268ca4366c1e786b4735a288b8ad32f45b33beb2a9910b535819a052e6a80864ba177aaf0818a2af851baf6829096fca10d6011027e8d142375cc1922068414e58e8418d9855ba3b15ef9a76a97918f00a25ad0a69255af0e46be6572b5acab9474820bb7bd43a66401a14b63753e6c7881d87a967b816fdc814d6b4030c7673776c5c406b9baf2d42b0ee9976d6522613f703dcd09206f875a3c25709a552d11d6713824d4011c75a6d128cacfb388c2282bb7a086bab96b2111a882f12740d415ea3a45a3b8add4cace6852d085ab5f26c54f681bd23d9a17fc46a58ab95f9b41389baae09be46b4ef5b86ba716b6d1bf2e72bea129b6408e5453e5d355e46bea0c82631d25dde6ebd7b18b11083b8551afa8df60701af75c76a435f03c7fe191bc7d643e01dd4835e6eb7951896910f5ae310d1b04401e76afeaf55d0a9fbd4a4ff66fda49928a82cbbee04f617d00ba783bca6cb6832cfc73eab2cf5fd66c604aeaba0c65d193beb57af7674d31cefec824035b97ee24d9916f2a88ffaee98bda22ff5dd00035328b98db66ce3f9bfa296558a9e77949e67589a7b4377a91195f10a07086d7c1325e9c4f058350f6fce1cfacb73e53051a563d338e0ca9f8d3e66ea72d8a2f3a7f939bcfe3ae71a2a3c0579d05fb12d6bda6aab3ba13bf0d35833caea068a5a1c4de4cb652e23a61189a3dff10698ae89942f5a6624bb068f697996c6f1ee903ffcba03971d5d49b145eda824aac6a2027905d9bbf5912542db90b02af512a4a65df73ecb2a61bf8a129e12e14d802b063bd9f8123890604bf257c47526c83dc054662d347b83a68ce377f202e0300f222f9e1bbac42c37d1f64c6783e5263099965088948fb13d272c67062a93e1b1b6475eb2a633335c365f2df3beb89f5daedd95433a0d6472a33099006f36704f60df2f62bb74b3ac5fba744e2ab5c09ba59068ecc6facd0b34329ed4f5b620fc01e237d175eeb455243c523e0221fbb49fa5fae5bfe567a5e9f05b26239da30cf456aee0aa359b2660a71d8d4e14979c202af96ef4385d8ea3a22d1f0ccbab1d036d3e2f91fde24c0675bbd5022f3d9376a38f9f07beb62765635bd27e3356efe40d211deb5340b329c3f5a3e163d6456effc2fb68fbdc43bee3bc600912a8c6e5f585d7ebbea1b8ed43ad93bfa74559461d09b402dd0bc5360ed11275e1859e19b3dfb95eea79fd4377a53d1dd746d11a42ad3c98955a64fe8304f242ada82aaedcfad1906c6334145888312ff09d86da3ed40ffb719f4c40ca4f10c04629697906aec52ddbb4f629b4ce36e5f5a2ef5dc768a9191fb4a8ae3f1daa3e9008adf17e59c1b8e30299a11c0d764b74725ea60890a113155fa3938f9a757807402213bdaeef69aa67940f52e7f177e739eecbf49ba6f62faac6c560fcb85adc3ebde724f109223ea68387bd213727e1228962a5154cccb248c76a1e09a17fc1d828de1b2d5007321ae418c060d92537535afbdcb25921af73b487c32fdffb2be04518b8ddc7e34f6924464729d08d1e5052d75ab9717a9376262e6840351863523bff546f02a4e761f52a33ecbab0da332c4b250708f3cb43e29284d3cb1e45a1e88a53f2f7f1979d8bc110022fa61cbfd56c3cdcfb3f2f15ec7de96bc54d65e6af97f6bde85e4569178192bab4fd59d8c2b1fec181f27a8fa2c17552c16e3b5",
-            "00000189488bda2da8c08b95768a0349a05a6e374630b142aaae7f5be79b7e5b8f43d7b39db46560a8a1b29001f61a5f819613a71b97ec48c2c8d9b1ac893719e7ca967f1d8397571339facc1514d940b61547796e943f02ff22bdde4e209a3ccffe03a1eac9bffdaafcfdc126ff02df4f6cc9d74c062d0dfc7435f40b53afb4708a9f7f766618a77077c8c122a7b7dabea6ddfc8841f8ab312289d1ef163a66435522033643279179b72505a162d55903116d20a221d85d403aa1fb26338b05bcc10c74c6eeda9dda790f14e89855d0c00c15b3be886c92bba3618c325ab964a855abd962feb7739d47fd4c88694b7f5fb12c4ce7a8399c99d8a1b503a70380ff634add1e21dd0cb5653cae5d200b8520577db845186257705e95799f55a269e5bf4e9daf7653ee36980b056f1688a63cea18d27816ad5300af012efe22a1a992584fc4426cbf4fe99f06007d0402ff5a89dcc08fbe8740e62d21227aa96df01b25bb143e65d106ff136d52a38ac4a66f1962719a3938b36ff349d7bc417a892d452c450b5b3a3d7eb4fbc6380060ea2ae323e12b8c7c22bcdb1e48823ef92c919a0b477bdfb8b549318ee03f630738d1fedfc1c0aefe0d40958414f975dc679e5cc79cf7c9643aef94308950c864b79098f77bef7c6a8b3ff2a4b7754edd4034b522056203e4199a155d1bd0f5d22e8dce513451b40b854a2fa8d401e519b0c10c2b71053ca2d4afb71de065343ebac83aedc46b6f0d9c88f8b600df0c77a8c14a6147f6de550530a0cb3a7b1f3046ee2105b59689bf80c9230e4dceeee7029926245f735c20f13ffa8d6ed0828369839b63316c8a29a171f204cb1d905ca0e9cb7149142fffc534de366b96c238a76a85ea83b06fccda2310b87702832727159d024204e5058230abe558c76625f8d5280fd5069214061a0c1407ca8b3b6acc90ce9c1905397b38cfffd47ebc8ec7cf5b8aeb78f25e1409ec34841f3d47fefe7b23e6e8a739fe3e8e59f2285167a7d98539558813eb542f400dada96efb676e398820dae60c3952660217939a614183777510cd855bb9a6783dbdc259645338c5e691f13868a222ac674a3cc18b9b47dbaa667fc46db5e359107d63a8cd87d4a96dd377af8d869d90218a15d934e18af814b1795d06d084d0a0b47d9ff30b681fa8afa770d60a63127d7dce42c77849dbafe96f0b7964b15300d8cdc8f1a91a286bfa1c735a743d73da17a01e7c2e7d39a2802fd40f98cb8a2a54ea950dd364a32fa300a5c6307915d61730c0046ddb696278854fda1e42f44d6fd982f812fa120548d723edb768fa48e34ab7485df3575a8de13f4984514e2921a35d43615419eb2d7a72418de5857e9cd0dc92285d659427073b96b021e2dfb53858a6b920176c70338cbbd63b0c864b3daf7e339a87083a72858b3c23b17b8ad5a446c93960d92bc9fcc678ab19be30d7b539ca9e45f8d33608338d53e5244428e3487bc2e3d9079b7123972fde4add7338342e7046874d52311d3bc5695d07b0dd8caa667dee6f165f704ae1765009af49315bffef3fe3e0cfc0b5de84586f3959de739cd8a9a00bd7689133fb03daa07bccc69c64796b398392a1399caeae318f0ae538b4296787f5adfc70f29829aa04673189bcf4e06ac52935220ba55de3c91a28eeba8e87628a8cb79faf82d8bb103317d89e9bcb74266121539ed2be97b2c1d8b95a99cba47bcd3f31a28ca04b2c7007b23a819838884483ffa6ba6d25df1497f957b9650bc53e9599d5b7ddf1757ea3d1fcf6cfc15e46fb8234b098596877ef70e6743dbbadd753310c94648ad3abf1d6bf91871e5fb2ef7e8a0a99c0086ee5e7099bc89b008a1799851fc6225fddb8ec0ff4d8cd69f6532fa776a410a1f1ac6aeef561a80b4900086aeb763f71de59ab508d33b48ff63908736c0836bf0909bf9727b2bc3d39dd85b9fa00ab83c7858f3cddb87bb8ec062efaf168639c81b8f7ad88bc85e276d70472c009b4d3a42df77da085467fd13b220974d3ca9804ee8456b439bbe134973c212b56fedab37f1bfaeac9c6152cb49de2e6467318084f81c28cec904c531730d86fbbb1bf8a848b1575fee7367f12b9e46b9639c1db23e2cc0505c6766ac18ca2bf7a0fa09eb4a58929e04b70ccfa6cf63042d88fbae3ce259cc00e9b9893de0b5f40b0da0abc49bd1d5ad455cea276857f8ed1a9c88b9a4ff26762e67504ae169e149a8701268fee7afe30b00917b1797f1fc6b1244111955e7db27b584aa2a77525909711a6be80fedf29fbe6b2426217db854591924d645e524dc85676263f37cf761936ba9e4de9a468babb0726c80b8615e039a6f4df19377209f6f585b51fbbba017510ee9012d8eebf6970bc702ddb048d7b5d2bc0c294d0f3bb6dc6cf1086048841b0c03b5f352b27370cf6e3eae5713f4ab0663177ecd9e42fffeb662ba9fdecf10256f1d2d552a37843dc1e0f200bc71256e7cb4f1f36944b5c55082b4f1f040e8c9d5917d01b6e1e1609486ba6a1255a343020e31742b20273726648a46c634a78f62ffc88660409e43e77855de390b9eef1964a52bcc38ffe014a55d4664ff5e04a2cc2ad0c7fe48ac6846711a3bc015442adce5b819d12be2ce8a5de7cd7c0379b86b4fa5346ffbaa477a9d68170b44edb447c7ba0bbb9a799a97f2750eb3e6f2c0f05064e85239f9e5b9e5437579f2607d029e57d7f84d7b7670c33cb87ff92b041666089c7edb3909cd91e8289365e0a8a68ed57cd4c9890f1444f81303ac657b504a5a1abf049244fe06c586c3cec9016567811e9756f815d466cc375e70ed3ae80a9fa0a0179a1c5f77e58a69ce2806ff935cba360ca480b14a2d95cd1e9653265617ffb2629c5dbe6d90ef493a4d68fbda9b8fd84d04de71486c248acacfa2f698c239d4966fa3f073cc5d4135a0007637963b5efb0936100767585d3dc44e703c34bc370aeb90cc9b844db7e7590d2db191a7694178d06b79272f71ce42841f79242ef843196001639e095da7e57de75f2aa7ca05942ed371244db7bdefe455f2623981fc76c9aca7acfcdf23edb09778f9b71ae724efeec438c94e307bed9c1e6f9d275b121515e851b155506ddc853bd3bbb1692ca7ee89e14f3dfca44cca15cba1f50cc42d5545fcd947be7d76c15e969411219a477216e2f74ced2655ad95b9b8b5137ddc4aeb62b3dae5e4ba4b1f9e2162b64d517dceeb780108ec8ef04ea0b948660bb035f6ee1bdf89d247759ade8cdf1571aca25881bf922b0079b6487b7ac02714a8cea20c3d67a9993847b6b2017c695ca77ea73f4ec87298356506064b7969b46b7ec70baa9473df1f21298d5d04b1f1841e43b16c7cd8ed3acac4217451b2e0051cf310fd51899627ad041f2ef8007e0c4430d6bb8c968f25238aa2669e8fd09689007b97f258f3f4e4af01e88a53f2f7f1979d8bc110022fa61cbfd56c3cdcfb3f2f15ec7de96bc54d65e6af97f6bde85e4569178192bab4fd59d8c2b1fec181f27a8fa2c17552c16e3b5",
-            "000001f9471714edaf6ba829296c75394d1b4975480f47144472cfc36a08b3ef435033d62d7528ca09b07f99f990124e3c53fe8d575c3ee2c100a8005adf5165f33afe41a8e975c16d6c71cf3b117e539daf2d1a48e6c5bdae3c8ac70cc06d158e2dc0e872005aafec694ac4399fa16a83993b5cb6a21e88f2cc3f7bc426600a0d50d73cb4ce024649728a36b4ca6c9e11d59bf7ba4288a204c621974188e5620e9592f68f21eb4dc56e0af5ee78863607f004d442a87c45699e0562aa41e82a0bec06712f630260c74c01a3a8a3f6d29cdf8b2a08edd72ef7cbb46d339b52d2c2c0ad509d7c01bf639636f9cda1453186905d68cd94975c42203e2a0a8e24c2ac17a1f57b9a7de3cc0b7da5b81d7b6bac2be5f1b9cdcde64d78acefd7e49d17d68fdd4bfc4eb6bac15b0ad509e13d03cb66b852aa63a2529348d6d604f3628799a21b288ccc0470aef69043e476f1d821634949dfb1497e4b7efdb60ff6a4ba57c0bca3a3f607403b30270d624ba6df629e1013fb8f82d0e49e975aa5793407df465ae1cccfe9c2ce9f9657845071feddc7f6f0e592e9d59d7ef591b5fa9f96c58d3cfbd2975a4c19b35d19a5fef201ccbbb1eef15f08c26386aee0a1452329570f22064697fe56de3884f1b3f22a1aa39da0896fa6a046fa549bcaaf593109efede2dd521deea1de8fe6501c995d9e2e84443be1958d4383a5348bcae5809e7c44416e042d1ae1b7d1d3e1ccf99f733df6d218a0582898f3dcf1526c1a1d8c4e6b59663e3d73ec30bde655eac9751751596fb6f1dbfc85a2849a1e404f441f172b101daeab15b8ed06d0840ffd0f5704648be6b02e3cd6061ea081561300a1481f709992dbd5e8e617a9f66578abb2914ee8d7f796180f4d0758a8c3b216f8c5909c3e92469b7b0431d21e213370ba901a9e9916399be0659e6bdd841d050aabddcb0948fa22bdeb5318919e31ad2c39e5a29ec65f39294b0d08c9d88e71ed438a23b84b9fcf5d3d35788f3f50684d6d70b63decd3a87179b4690374f3e7d16db8e971e838c74f24c8d4d218a3dc4a437d03f3a543cea3f230cfd333b0d6855568dd0c361eeef818b783b6ccacfe4154246c99aba22c94787c028c73a6e35a84a0383c3ad02e278363d9d6fc1649c74e376be25f726862a1f5894fce3f7c496580c09dd92b10ab674cee9174f2ba6ee532a37ab95047d5f1bdb003d887478de60a4dd10de67fc0e644e367dccd475af7569b6fb78d7816565e1615a537cab3dda5258157af66bd4fbaeb198a4ee450f9863392a7bad50b7f4d9d9c3c94b8ba4e0c437ac3b73672e62e8ab2f0517629d7d95bc9e28a765c3d54b43081fc3e6eba895081b532de4310b83043dabf9c1d1eb1db6695e136f32f8c59f9dfd713ce5bc82e8195b5ad8b57ff18866beb470396fa87a7394455e5e98313cf370be6721b77ed679679445cc97620d6d497d6505f6dc1876d7e7e4519f793fcbfb2e65163220013a483041b84854c64ae9abc53fcf45742202bd3190cdcf868502a79f82513d89dc8a9046af0408291db828a77328f88ebee7d7fc042eb0450d369571644ca1a893d5486e2e63ae3f25d5c684b276fe2237744e12a93d63ada8960a4e96f18f9fc45110354f8286f9366791249c56cd4d2532d0e9d1968a6fdab6108b7180d7931fc930c6f2c5c58c3950145545894b64525f5a6b201176bbb5a69b7f1d99afd8ba5de64f1556b2c000388cd1b88c55c0cc3270f36d7fb2cafbe25dc66ff72835865feb56e8734b3eceb0d882fc53293c4b81154b1aff10ed287b5f47435e908b01f2af29c2d70e4945a5e38131577c1edfd417e15837834253b4d6758625f0a37087fbb4fb07f19fbbccbce534976fe8ba870159da334e2b289cede259b35110cad468bf393c5a7af387fbbf8efdec65e7755bb178eaa4fa9932e4ecf28a018c908e51d447bda1a88e9ec3b73f9d97c1522d3edc681b1b2e4c0ac55918972f088fa46f687f911064c8baa0fb92b690bd0f54705723c2997b1a41096d92ffe3e5925176d79b2870953942fe631e7358028893632b28bb6373a56c435451f29b5cdb08c83260156284ff3cc5c3beb01ea79d59462c070564a8c72fbf0e8d9c46d8c4fe54058a65cf0432f08495f65bb6c14ef5e927aa11385fb59d5713280c2df49b9bbd47c4c5a1a774a543d09dc59b4aa7ad592e34a2feaeef2cb221a71b4532ef1ceb072e1a5451e98ba52e18716912babc06cff8b3076984ccd72328d68438cba61c18f45ab74d90784dfc1b796ebb29dfb55d1ec7c30bfb2502ede2298b35ce1c7b3b58cd8d13dd306188ca353bc8d5077137948f805c91963aea36f541c63ba35d139aecb49fc65a839501c37432e147731bf42bf5226cf0181f1f8de771f2d6fb0d6fc5e367aa7e697111aff2c853198b458f258d9ed76649110d1f68f45eb6632b3960228f1d70a410b98c91d5b749a7ad528f9547e017646fa9a3292b1d7d009d30d2d0f10fabd4c4be92eaff3a494b243a7db2e8300e46acce816094cc74a99cc1e061260f10f781fc7f5fca8ece34cfcffb411a3fae20e29c3a710afdc30c9849873d7163368b241370d081c39522837e00315e1be6a9c44e776927759f28aed74551a4bd7860a106ffcaac56d8cccab104de169a44e6d3efe6f0d3f0e4779b9b3a548c0e305fbec8d58814c2a2723131dcafd34f8372670313946b62a3baf1303bf3749135cbf1398f5448eb3b5f1a50070841b61851528e960ac6b71a866dbed01613272490cc31db8c9510c828de8e9e2e731958daab1a2cd2a2e9accebd30fdc08c22a4bffa60ce7baf05978b615be01c369e73c45672bc72993f57cec918b0f055188b7652b74be2e1a68401c2def306c7a3ce15a04884dd789a5b6e43cd5133d62280d46e557d7eddaa0d32ad72891d7fa59ee9b9082bf4e052056b6934cc6f771aed4fb0e906ec0dfed6936b4bfa2b01393b2ecb93bd07ce6f1a187d60d36b24f54a2bd353c1308a2b705cbda7eff5102f238ad5deed3813e7d1a13efff09c9c7f23d87befa946915a53866cbbaf457e52a27183260fad640ce75c85d06793fcd6c7d2a9a0eaa83e56cf5a9bbb9c80764f15223751e352351bf6192c648af260a9a80c24e4a329106c0340e72075b5e4845a51e3b1df891d85ae14b80e7f87160bf5bfcfa92dbacb0a358552f7cf6fad82806fe0d699c4d643ebb7e99a79e0b2facbc69d8ad866e7f2432501c70e18d7ccaaa983c16730875a6f9f7eb927f557df00e832d7ff8a5e9d95634fd9fe75de430da29eae6d08c2a7a96f3102e3825e68154d52a4164f84a8baa39909699c996ac354c1edd4e31c398ec283713f0129690641330519c61ba6ec17ce29aca5b8667e1c8eb4100acabf2ef8007e0c4430d6bb8c968f25238aa2669e8fd09689007b97f258f3f4e4af01e88a53f2f7f1979d8bc110022fa61cbfd56c3cdcfb3f2f15ec7de96bc54d65e6af97f6bde85e4569178192bab4fd59d8c2b1fec181f27a8fa2c17552c16e3b5",
-            "000002a10219b7e1173dffc0bb0a2706246e95d218846b5fca2d4aa52288409697f43c473817b6b2fe2c1ff766512730dd558ad3844aa5d52345da6348228acec9206d88ff1137ca95d63369ca51d04c41e3b611ac3d83df8c2da2e263e498c8916231c1132408f030c1bb326b372a3e9b30ab00c246cc16d3867b9f3dfcd90b22831fb505e0a839a84395f2747458cb445cd865cf41f74c74960d169336cb4cc3e91ccc68238609f4fda677bd11f0796edf4738a00bba32fb4cd5c8fb7b5694949f0dd219aaa2ff6e315b75e487f4b8ca4a0db48bcf9dbeef53a7904fbe8df0f59ad618bdd175578fcc29cfdcd8b45c0d9e492d72b89a94a60100f70d17b91b3209b074e48b6fc8299ffe6801fa8bcd68e1e9ca2c39fa511eb41e494601b70be2aed5748a9cfe67f048cf24cc6f545717f03b3909fd76e35cedf344ce1fd1cf0b698d76438e670df5a9b7bb30f6fa5b0971b9267617e1aa450f63e006c555a56ee2b964d6be465fc2e333e8647f18af31a3632654194bd9a8b92b4b4c4480e2539b60d611feaf99fcf24ffaaf328baea05fbfffe395a21a47dc6453b08ccb00aac1728af898f18822f28c18f502feb3c1c1f0f4ca7605b32ccad8e4ad0ebfc2e97b7b183671cdffb5b37dd94a39a62d9c4ea7eacd5e86569465712876a55fde7349403ebbabef0e768037d22e652c243785ce15aca6889972ef18a05c741c35a125e4499f6d4cdba492a10dc6d98e25bf77ebd86f762d7b1c1cab34c92ee239504268b0fe8d2f1ec4788816932441b5d13abcae0a2619771d42d79761415775baef162e7f5a7d8ef3f34ef298250b9738307e9adba17afca264c0502cbf73f2f5fad115cfbb46578a22517293614b66765792434cab5bad52578bd500a55bf9f81a1a6a75ac22cd7b1d3c5dcec50e50353b0dc5d3a55b1e4ade1146460afe41f000d3eac8af6a75873b6ad174acc50caf8a2aaa9f4ccfc3461fac4b3810c5a4ea7e4aa14da9d0eca36ed33630a6082dc2ebf2665a1d7f2decb7a6f623d9735555a748aa077005e0d19d174bb071ad511990e56ec704eccd5cfef38ed0b059deaeb1eed0ec0e0ef2ce26ffd7777110630662d1fb7b89a70a2bdc5b6b4efca37512d7570a9ea6bf157ada2914f682e458652693c48fa3058e5731124746af96e7716059962da68e37c8ccfa8e5f79428d520c99356255b037eb7f4d00ca1b591f947a0cc288792441ee35a367d865b2c352bedbed1a040fb97533925fbf38a47a2f3ccbef00788c7e53af1580a94240c8dee54f8687725c0000e84faaa0bd7330404533771038dc99bb2ca663f84b70e46a9f773dd42ac9f5e8e22de47b5d231eb784f7b13a9e97737e5f76aed92a5c0a6d497ca3b7d9040a3c30fedee0fe9c45e2396541f7763a78716b0e3b9d13bab0fefea7e790fae52bef6fba83cbf4fe1631c7adc77381538b43ea1e944b6d333c927909ad424fcd951cfe5824f1191b74efb38e1454a31d4b5ff04f87030220ce716392e515784cb7609287704ec08eaa2c8a008a5de8e6bb379190308dc5571b249f3f6763a00d6f121ca3381ede5e30ddc4d70f8c07cd00ded09def65834cb9516993b950ce989dd9bfa48cf00ecfea49f0486de49b548e574ae81b3889a58cf0834f5173c81b510d6a3f0d75166e8b500973531c38fad0242fe7e4fa915bc2d6b3de83c6558870944888b63b5486c4dec79eed70229c0fab41fd360fd3092bb7f8babe53e01a9ea990823c698cb8af114713c9c797b88a04ebf1b8245805dbb763602a59660b3435787a49e505052ad88cfdd0d1c5c9f4d08a7caa54588daca668b3e310a9ddbcf670a0890ca8a57070165852ca7593ac0d15be8b5e3edf31a8f950567074dba2e24d2bfa91f74922d0106b4753f6e004c751a0d9ec9fab6bf494eafcf2c92d53c7e3cd4e2188bdfd17b1e6f16c4afb8e9f5af8875d86b33b49a633619e4286136fd3f85ef1c2162898c78790ba5b12c233109ee810db5efea4eab6d0cf4b824f45c8c611523d88f5b1b672f7515f45df527e26b6407326a9d7b3309101a7f774fc0fe0f3c1a9531ebe749ff589945410bdc73fc2515ff0454588b7afa505bd78cc1c13a2efffb6d27ed13e8118bd4409d216f1a0608ccf7f7f232054fbd1ce07d3ebfb5be8564bce04a014e5a2575197ce4caf3ec460d887b0656085f86d112c2f601780c37bf1e5429be0a88b6cf1e4bc1d4260d9aa41a42de72312dd4773dfd6ab8675b0ea58977bde5484602c4463c2ba4e02203ec3a5986237076e017473cd71a7434b0999cb4ec72d554140ecacbf1c2dda1e5a4c8397a168d34284672209836c2dedd828455a526380ab2b61ffa78e7a0ce02c054e71818a73c5a8725527ebdd072d92fd65a4c84c2db9027c97d24c0ebb15e98e516fa6d5fa088af5e3561a4447e8561649e6faa059ec00b79121ca1de364924de4c8abdecbb5024a679bdd4581087529525d28b74ec7880c8c207fc940e6898d7b21562361bda0fce8a0917eb0c8bd4dd98864a8dc0c8c0f1de8f4a972719458726c3885676fc798a0134a218dfd6e08b405131a7388c694015826e1ad25e2620f4c22d211596e76f5561396cc91f2d0f134c5c6d5067649b4053603d9dea26babe6ec9dabc4e408f8fd6d2d4fbb9a569bdb2beeddf37e43ba287a6c8fa11130f5e6cc97defd7d202d2d6e44ccb0c2c3b00b8c285466ed15abe51516c0e1b3f9f156a88d272bcf61a48f7aef9abb1aadab1e4becf9cc48e0f4eacf2a9b08fb7d4beba7816f1dfce96809d3d084bd24d944e0b9166d5c95bba98e3e398aae0fff7047b3cb13832add0b6e3cc4025ea817122fc367fa961f4d47c117dfa8157e426123b07d7ab4714bc9264e57db3fb56be1585487bca25f24fad3ab84007b6b7cae5656045be786a2e6a1f35cb39f41499cd4c7d3c36fa09499eb9e37d3831f4058abfa3afc68348431c155e9aad69c58b4984d0c2aa6001896cf579529845fe58f2f473d865c1c6d58bebbc98a9a4c7d40fb9c600c85ae552556fa249ac1fbec93800c56920bd5116f604e8edfd2db8b4782488c401514890b5b088576bce8eb5042facec9cb6d1ae4a53fff7545e7b3f60382a29a13d61ee6e7da164d11c9b473d1dcb830437e9c5542958723e4548991670fc09af20277526cda0010c47889e9746759826b6caa59348d813bb6bce2d04e97f32f96821e41343b87219abbab4b60413e205a0b075a550c14a7de4f4d8442d0e8d643f863e394f43b481bfc7d1c257f00835b689002f87e25405a638f546c422bc411d1a96ab1df0027f28444d6336308931432cf7b720b394bb6e95143e1b287013e66596abef8126e253e3c82f9765bab31fe1de5590003939fedfd2830b367438e5393ccec4ed617a889ba511891c5110f209f416d35e545cb976c281c4040eccad072ed0707f298269d325ac79cd7c10f1d5cb945c36bb32374cc0d43e0112e6ef54bf173d7222b3a0c89290a5a902a5388995f0d7c0bad68d1578227bc0f67",
-            "0000038bd3eac53d4b89d846bec2a1207f52d572c1e16d53962b55337903826035a8b07d0a962cb60cd7e095ac127e689bfd5bf2abb7b07a07a059631c529043a97562ab2d60e5623baaa9901b78fa38a61848af03bc0914f56c8ce935e60173e1b0f2f7b7c036b3e7ad29fa159bc3650295634342275977ad16e2ad0e1687e176afadd0e88b0927026a111e9d88ebf416b98ec5a28acb4870b38bdcabd8a9f1ac6c47cf10ec9e100fb5d488d24357bb1af2d1540057a437e0c7914df5f40659667340a88ece0e56a28382859874238d522bfea708b4492fe6a477e557049548c6d9eafbca8fedc598d0ea74dfc589749175066fedf49a1dfd55305febb49f59827034b4c22e918281d7164d4ca513e652459d8ee6469b9daee5b9abdc0cd2ba3b55d6f4f5b144c449cd36abf5510b352ea8f441cb4a47a6a87b0f007e496f3ffe74b2f7284de4a4f11f897bb0ca560dfc32f16ef7842e1a00868dbffd2b9b55a6f7ec0d46c7cb2a313f5fefff5d46c48a3eba0228b5fcf106faf1b7ffa4bd08c143205c1d22bd7b1570eeaa9853b13dd204ffd70787e6b366d5c2a3acec691fb43f367f5b49e9d728853029549fb5bb91787ce69e1d63f34de4b4a20ed250e0402177ff72f86e3014fc7b273740b49101e39142ea95a71b9e874a558b47ef6fd563c12485d809dbafa9392fcff2fdac9206d47cb379caf127e8d2d182b42c08637315d6d717f80d12f8739416e4dc75c1a5d670375cab29051d93dbecc6ab963dc41d31fe70c3491146c51d51240872d167c0a8352694c4f7cd4ee518f34c6721d3d02112162880173be028e7b88fb52e2329548aeb2415dc823342935b12e572e8cb10023298cf3cbb7420d1e5acd6c8546bd18ccc123391d46b267f6675609cf339bb2ffe806db156117aeb9157b39157038f6cb3fecdeb6e0c3974f9385148d41916a576215914e731a623d1cdab46fbb24bcdd839d2ded7d8bf9e01393870d3b8dfc3982ed7cf62ff1e4a4cd583a7f833a0224bb42a66822306122284bcae9f7b3399f7615eb8979bc3046f2ef5639bf27a2b9efb9e7b072487fd30793b65c334ff07ad9f9813bc8d8e7f33200e262677cf79081b9d09a9ba78883d45f128a215ab7b1b68c6f416a40a92146aab2a9104870c7191a105d60540b465caf080d65c910a95900e098f75157ff767e03c8be577bfbd4c3c9d5328aa1ddc8c009fbe2d111efdf7b11785c13f8958d63b45e6f74398a62e2d676340f75e020b1a66ed863488246c1a28d8877623f5485dc9728650c9dbcce430c0505a45b6b77523dc737e24339c42a1b2575e80c2ea0f7705fed08cdb21316a4475560458557572952b1c3d6fcfcb29e25d2b1db95f8c27c4226a2d4399526464c782ea15bb2c041278c438eb19b2c0a1f8c8583e5fca2c10e38c4abc6046cef2e46bb76d908101f9dd9536196b9c11a676c0ac679871fedd60a42fda2f2df55a4ef04c911e16740f4c41c3599f656f1184a5fb1af694d64a9f89a1203f7e0588a46a999a83646678395b0b9a753555d1793358e668ebfa4df12fd6aad633163e881936982197b9124d96efc0715693bfd082c8e251999fde10173e15c90d11ee01d3a2ddc18528fcb8275d4521c1e7366044dcb7991badc306515ae3cb5015c6546b3eca47704af8b4cb7aaadc67491b4ac83bfe51ac9bc45aa4f536833e07736862ac17f03b4dde13e1b880842fca6688aa34e65692c5f188f013ce92fed50414630c295e2c795441968e069c7ef1a8db2108aa549dbd6026eaa167f1cb80131a04b126de57ec8f129a9211bc6d490a04c8d2c93c6c3cbe01dbf735a9547ca97744523106330265b42d3a01cda4f00f0c7858a1a53de8e5cf5ca73bafdff17af82e83297fa9cb9e4a9f5b7924eeea188240cb7c7e6e6fdfe7e6f16221fc12ac6ee82c71218df5c4812d0ac7ae7057be06927bec1fbf6bd25dddbd35c7dcc697312958009e303342a27ab1c1dcc0556cab52acb92685dcbb1a00de29cee6e31a6a5ec853d5aa4611b172e432cc89f9097e105cb1cba2077bf5fa1a01cacbd54e1914cc44b1a9e842c254b68fdb756eabf14276853e44e934297a1e0f61b30777828afbd717d26419bf30b99d7776f0113f46f4e4b294f0dbc8e5d61f4b44374fa687ecf54025163cac93c5f1a5fd5357251d2c4ac1e8926ba89a9064153a10d4f1df87122d33e1f23bd4cd5783861a310818c8d6864f3a5a7e806e1bce2c0b07456f93a3abdeab5a9ac2d5df76835579e3d95f065bc991a9fa7bd99c112c5daf9bcc801970ce2db4c653e26dd1b464831ba2ad06c18920f520e7a0e83be89a2ecbf4d349361753aa5db31b71fa9d528261b0d42034a86dca89ebcde11762c71c60479e53de607b3ee903159c53fa65c42db41fddf67b9ac57d5d2904d5695c707a4532ca67f2a1c68c5b132a1d20cbc1f6ea7fe9a03e68d7c142684edf0b91f515ab4156db31374e12603a37f31c1027bb0e647c334130e4033e6adf3a2bfe52ae2dc848a3f8a744da0584ec94a54626c8daaecb40ad8dc2cee8f7f04f5eaa8205d1a76fcfe15d305aa538c3a42fe4c2ad4f6445a4a4293a6d11e8b4bacfee60440f435e0a81c53d9ade7704ede7ade996cc954e47c62253400138919f615e9a7a364e9cc479d89e4f26ad3d91400370d5333883f06a0ad5f92255f0ce43f42d07c448cdf90251549a2d3aa00e23d6da5c74a0e699130eda781ec1ebe87bf366c1118804205879db3b04da6cc9c3a89c07101e81ee7629f50a82b97af2217dd13bd9c69a4b5d77dc8d68a2e857da88c1b3996f0b363faa49c9340f711590c5da20c8fcd7b5d2e3b86fdb904de3287008d12c17d45ef45e5bbf4f2f6df48a881eda11c9c94db555778f565fb120df68b63009204366e0e973d9cd9a8d8eb4641d48c6c7340e5febf83af0d16754ef7287a4aeddeada65b398ecf948fc0042ef01ed8f86aa61b2925e79ba12db63186e7e7965a9503e965db2fb2b91c25b92da638c4484089576c9c05686153a40ca69b1bbd298d1a3f369a9c43b3c321a809df4128d7da40afca5d47d49dee4e7fe72d8e7d09116fc089ba37a8c8a669536e7954788fc8605c4b993b3109bedd1e6ba6089469bafb794703bbe181f49da226e91e43ac114a4ea6787ea60094f7c56fe0fec97b56fb5a22771c4c76b3c8e844bce4d5221a70dab8424b997b2b8c7e99a016f7dc7bd0e7643088b6384a6258f76844ab642a08c2baa62a9c1d184aa09bb547bdc66013b3f27bc4c73e608feed4d7788abff75df9619cc9d4c271b7b76772e2262dff41566fe0957cb5548077224b8237c5b7ff5582eb5cb07e66dd0d4fb8170b31b3f10a52278b964cccf0420698473c67c304f431009b0ab7a1c38a5e6abcc9d5c296f05f5a66ad387c39b43251f13eddde0cfc713b7259e8f9f348e10d62478e98590f838881b8e956915b4b30ad9c802888da4280f3cb66ef54bf173d7222b3a0c89290a5a902a5388995f0d7c0bad68d1578227bc0f67",
-            "000003fe19e89df20c2fd4b7227948357829765b81d88c2212de4197d1700a69b3abdcb5033e93b5b82622c868902172e85b326aafca090456b499500bd7487748e0065c21d3100b95852ebb2cde9fff508085caee33d9265e5cba68715c660e930a49c77b66bed414d6d456a163e3eadcba78561246e1754bcfd44a0e61e6bfa90c6fa6344ff9c2befc0748d1d84814da4cf291bde892c7c3b4a1eb5c6464fcd3b8095d21a0422c0b9f25654f65f4f5453b1fb5b2136d312ab19b5e0bdeffca0ec190f0edc270d854e931cac8d984c19b048f279bfeb3fe318000553a3c6b1b201c86a3b803f3c291a2cab9bc351afaa64779d83f3b8c1fd5b083a7838c0f4d4417170d8e9fef533369383b751aa1940ae67c29156768d2daf5f2aeb97d39d9ddd034764de4d53826a75edca1b545c0448858511423351555300d251011ad4412afc3bc1aa9ff0aea6d0f7cebd4025e0003b5f25e19ca79195db64fa8ff3459e6861dfdb5e0941464e9d1a8c98e1df84ce1f54b532e328399f59bad26bb9019190524aed50c93fc1a29f243658bdaadc6b5c24a052aa0cc248d04e5a65a11b3657b7185194f416337c2b6275711a79873bd2867806ba690ca6292e2a3dff1258f5fc3d747b5c093df03857799dca7cf028b5abf5d1a165c41065ef2edee7d0ed5d8f573f19676e581570d209e42378c437b408dadbc59864c9e404434896e66d084174db91bb7f8c8f0b1359e9b8783ed33560b5a6ecb7a871e6acf99c65810439e463c71c5775fd0b6297569d17b35588136339c613415de29da583c5923bed18fdac04145aa9521c06d06d8e32d085016168776feb484dff2f44601aead607923aa957a7ca686071c27cc4a473cdd6ec3cab9cfd9f606838b3b7f3dc7f1ffb3ad5448535fb4883c222430015af5e02a98e40a96116cfd19f7a3ce1931ff9bbab10a1cce0728c7d9ed397d42af29d61d5812cf03c88d4b1ee5824b1286705d540bdce4c25b84003dc861efb576d52dd6701d9d99ba02288591d40357dbaf1bb741d8d50cfc642cab9720f3530e8a211c6cdec132a042d3a242abb93750802c9a4b0da29b0f7a3a09971ca2cc0676e87caa02704d2c14ec8371c1666d6c0ba8cafc2126dc753ea89a944e156d301c307bfb3f69cbb0d3efc87496b0124e7b7464106d58a6729b5a830e3a24521f241b389b494488ffd559e02822c8d212d1ef277674e14ebf639d682fdbe2bbbcc9bd9dd1ceb70e445e66cb1cbfefbf1045043e402caee3510f90d6e9752c4713b5cbfbe0349059a5d69835a85d4488dfcf55a76c8aba58cbfa8d6bb94993482799c154f67c019424404005c117aeb9dd9a5f48488edf3099ce07b1bfbb5b82244399df6822e8a30efed3daf1b48683d33260b5c0eab17902df15d48701ccab1c5a81a29ae1cad220be97b747ef54bf3b8bff33fb0aafbcd8c3f1897af8e4673e4b186aaf7714151311e8a610234275219f7e2c8f7ef5b11090b688b563f35b42e4b6b3bbd4e1a39f19bb397015338ebdb2ad4665474e04e53a90aaef44d9798060d1db7a2690226762f4aa23cd687f07a8bb3a23c72780890bd6f0c01be74167c9f39b83f9672474bc0cb4c295e089d943a81002f1e75a4454dafe871561415a7c2193b5e719f002fb9f6649173c19681d3acfdc9de88ae4345504735dec213104a0f809cfee1fc980341563c4987bcb0e6e9d825abd1f6dfabb3acf5ccfa04e7c928cdd2dbd8d012abace8ef343d4637bf7f68c1370036e74f406209126bb6339afc5987abeb8cf709d96c84ce1c859de654a6cd501bce2f4746ed6224a458be21bb66a71ca9a614e52262d7620ee430661ab52fa2bc97559f4c56155c3be5230cdc4f3985792b37428fd8db2c8d0535670fb198191ebbbaedb239228720dfa58535c7aedba80cbda98b93c99cabf9e215e1d093a5f49ef4dd3c83fcc3265d0807b50c170a2f2610d77fe7e4283e774d3e3da31dc6415c54be70cf9c7b155f59dcfb027423821f39f1fdbd49115d9fb369d85dcdfb3f94a79652e9f409288d48013ce20e39a8de41f8e3718397e2c18e1ba9809a6585ea7d5021ed2fbff47a51ad586678992997f4ba1e72b5a75d7e3d3703b66682a56a6b04e21f69c6b862edba1afb065fc410e85c0ddf8f2179ac9aa92405bdc3e00e08e9757f45c97cd2bfc1fa25f85f2ad57217f158208157d74ffc85520437fcb6e8bb8a9891c5a230555d12b273e76d29ed3d8d57a041e9188242b37b3f982d1edf82da410ef800b252db25575bb4f69862d38249049424938da3511084892b7d40c13268a3451528064845538e6e43a07ea529549858f3fb131cceac1bedae3a2ba5a1b3a445f3a513be725c7652d6c51405d6bbbd94325afb47a900991efb1c72b876c855dcce7787de4c488049051f67b99bf9ff9ed68b6cc46bc08436131a01c4412503df90eff7ecf25434a1816ffef1e7da02c587da4107ce5167eed39f9f078c09a8c301f5d532e9523c501030f5b5669a1ff911a798ca0019b923a1349ca1bf8354e2c72acfdbc7b48d4bccbc2b7b1a0d7528487edb86eeda97d10b1c7f2950c9d38aac5d221e7cd712c92ac0a49aef3cf4c9f8a60e6969d47a19f42530183a6ae7789cf16d793d91aeb45db516f69f006fc66f1f6bd215d95b07eadc8ac830d6df966cda8a6ddaa0bbf98e13d45e7c6d38e2524ac78fa383bc5814ff81d47a9b016f76d52ffb85f0e23cc9aaad36b686936f83e9d5671e0fbe52748ae93f2480abe482249a7f7c8e1d3dcbe527a0745a8d0115325eb58f63e57b53f9369e7944d1a737d44406d522644d197b58b36e1ba2dfc201fa0ef12831e96e18106e4e204cb560814e8551813b2ba3fedf343389dd0491021ff7e9cf70eef3fd5999105034b974211dbf5391215173a3296c3deb3df8af6f2089431ff6351dcea6e0168a42a4cd7473863fa13147ca7ca6bdb9b2dcf8f8eb5adb2773cddbfdfe3c167dc5a07eaef8b3061e45fb3147ca7a84f6fac7f70a45d3004ae13d022a6990c15ae415c62657f11746c5efd1f547e1b0023bd577c0ab4990ace6a8c11b093912b4ea719e2768ea337e8807efd7472a572dcc6f033d1f3629f540aa2e226316c94cae7bed61420d86e06ca011af74312071086db5c50f0605a443b877341f9ce54f761e7876cef992d1458f62753366f6989838823192add70fcc2c96aaa6ab6d10cd7235e7a1db837c378fe231f280cb9f0a95b6f27e2741d680da80836fb3561b3b155f750b86288eb9ab996de45b9c7d4d18ceae200def16034243602692246d7f4b1dab8a7d53242cd2467d758c7482a525b2aaba7f41e05eafb369735f476a27dce4e1adb09cf2c09a4670c5f0a134d239425682b040e828339bc7a1c38a5e6abcc9d5c296f05f5a66ad387c39b43251f13eddde0cfc713b7259e8f9f348e10d62478e98590f838881b8e956915b4b30ad9c802888da4280f3cb66ef54bf173d7222b3a0c89290a5a902a5388995f0d7c0bad68d1578227bc0f67",
-            "000003ff3c180f191eb9214326a3df038f5b168f96539b2af6bac89088a2c521534b4ac109a6c0211ae758222942d48290816f48bd47213a677c3abbf5a0760d7ef064ce370d2616576ed3304672fac02edf44256d37bbbf79688b80b8b3a3282ca55984fc9464ebf4db7b5c2987e642f7b1a528f2a5aa8f69c1e03e3320964fd12f607653eb32b64cba17b9a187385dc5f524ad53207b3f212cd2b43c558899b37fdf69b54bbf4b58c7484c2976079f23649b1171ac0d60213a9d21d68512e655472f3e6bc03e23d9f4cc0fdd46d41f15c396f40459a70f69d2d52a5a8c58e85507bc6f84d73111169ec37dfd1e8a792b13a17ac64c32bd656e2fc17c3e7a278f2f13b8b1a28614545d69f5b20633f6a6a3e442793710ab21f77e90cb070bf40083c49cb769c5146873d1311b6d07e7b3ec37d6281e0c09de8a37bd428947d7f5f6de29c068ccb43129dcf5e66673be8b60c04156590ad40dce51baf706b23dbcda54cf562ab615f58d9d98ae2610e51182a843c7f2eee26b6ebdff235a8914b5519987ed39cffb0fc5ee4c8546515abbe827b076627f1c7e2c55aee9b52ec8e4c0c3ed31583f38d9b8f32bf82f479521397537f4ecf0a1fcb4b0508de3b123e0bc764fb29eeeb621eac55967abaa62e02df8ce6c6dcfc1400ad996bfcc7d3633e96789896c4f804050d66af5517e98666870043b24a1f69e4f40e49a1d2512226441dfe83b10b1bbcce79f066f694fb5e4e4138056ddc7eea42072437e0b137c6f1edec173cb8677d4d52b121c8b6a610b5909a5e1d8d4cd9749948b6d8e40dfdb800f2ea1b517c993858323e7b1c08284743112a7654fae111778096694669d8d020913d22a86cf97a036de0ccdfaef435069b784e3c8eb8e73fe53e0f542286dfb9e240c4a3e09132545f316dce3b284913ded7ed7ac0eff2325ca23a999fd85129c4c7a5ec5f6afd91bbff4a0e8d9d7c0ac09951545bb752ef297ebc03a542010bef3e06070f7d0ef14c73f0daac37347e788614fb25fe4019e6ce2d8780f4e3de935af59b2d8fda1013d5b7f1ee8a3dbcbbdf63281ba0b501478b53871d79508e768308535c5c5426e29cc2bfa1c2702d49deed76021f1783861b18be7067e5b6e28605243c3bd7ca22037678d0d8bee639e69f9a7b5fadeb8b5afff414a4fd89908a0b0705cd3315c278b29d241adf57e02ba384709eb3d50c50264c82739adcb9c70289c220fe87702cddd3150d6ad1fb4b7f734fabbd41518e4c795e9efc4a57c9d25222d140cb624708567b326fb560e83f155fb5a328d523e938e2f7d8636f135014f7c827ce744f0044f1ac00cacc225fbfa6a7198dc04e62e8d1e55384f6b9bd2fff09f5c63d7116384d8255fdc32c047d2b2042f1eafdd3b4f075ed643a6ef8fc4dc2aa806db4b0b4e00b19e089dfda52798555856174f1e13045a16d5196adf61b36be71b90a3cb8abc4836e1b6e1b92cb63d844e7eb4d128612f6b447ea1aaa9d86de95ef07196f5524b3a8a9e06728a2dd5591f41ed08375e159563d6828d4de32e46d874e6fc8e5141f9f4cb51d84860ba45c9a98d62c1c152a045e4024bcdf1fdb76b94edf3fd234ebb962c37c0514080158e78ad8c83edf58e0af1ce7bf0bff266291aea00478c8505e51adaac2729929816cbf6a1d26bf8bfbbbec523dc2cea4e1cbb93a5eb8eafd2baa1f2b473b6430c8b43795d7cdaa1c124597960bf2509eb19b6c7b83923ced37cfbcf0abfb87483363b9b236d52a19863e475a6e3fb8b9e535ebb092e76f91dabc5acae01041d8931be12d3340c9ad9e75f7ab82fd5d3582c2e1d070e4604ae2e16bbb70cfd7c33fca0452e5d46fff311331387c336897396b3fa26227e2287b2589e321e003d1fadf3fb3130cd363363d8bc16d3569662eb33927ca396a1efd55b82eb76102a908e505fbfd0456dbd3152f20d223322847a36dedd70518d9f61bacb123acb471a992f0371825a39056ee1a2bd5c6723c1dec830c38bdc5299c4bea07763a6f0a1e417670559878c67a324d91f6f33c66e3a3028837bf21a240959f9f069781ca83cb6f0484577dea4f88d9bac1f18624c16895fb097caf7869fcbdde5b2fc2d45f5981120c23f5f9488b03952aa436a993f0f79e40be170e79ab73e034ca4ebb30f45f4734d959954443503dd30a7cafb74ea8a695626e056b967df4ca0e2f3d9f60f8802b3457b5aff3abce70247e881649eb90f6c55c1a5959ff9fbbbbf0121f9c12824f2246c198ad8139aca5694a92afb467ee148032eaff73f85e10536312d94e1658f510ed9dcebf29c8b11f672adf856153e916ec68996a317c8ededeb1bbc274653f03be02e9dca745d39495b26093f1d98fa9565278284f110744f9be6e34dcc70cb77007a2c65853156800763f15e850b8a01e122b8ffce5d3fa4417b5361eeacb7a0b183a0b835781779e8ad63906dbf5dfecf0716524c60bafcbe49510ed015f1f1750a00d07dca5aa3634671104df1c79236a23410bdca01dce11bba3d9aeea7d06faf7b16b18a4da9c0622e4c17c4392262293a514d0bb0ff8458c5366bfcf3bbb6a04110e67e7e91dbe9185e60282a67204b8360b5fa99f26d1300cd511901cbb6f59fd7545efe47776e736fd1af2d845ba343f4296246a19e874d875f7aa4584da888526665f233c6ceaed05057063fa5d833278e3d07df84fb482142dca6540b679840a38f035cae800f32849da78eaedd04b463dde31bf61b752f6e69cc795f6c7515defc881662b1be2f74b1889e456d9be54b19e49c4dce025bc95ff63d5e9fa5a10d46ade9f36c78f5f22f27e955fb5331284185bf8961a57f1d6113fd868f645efebdc441cc8d671c5546ab2a701e35aaa4977604fbcce6fbddcc9f493be42f974c299ddf74321e0884ba2c3708ef62d00a0e28edf6dbe22c94e351a0501e81a645d761b8875f46d79df128f9df0d869775b18036bfebcb5a5e10f733dca63ed896936ade6c0d4bebc064752fc113823d8bce45d3b2648f01b1702b274e5674c76e8bd121ab67e05a77b5c6a68a4a7f63c1aee14e9cf33eee417e9f4df70045767a0b8a162e362efe51cce26eb2351cbcd239bc3be2ea75c7767474d2799b26316c94cae7bed61420d86e06ca011af74312071086db5c50f0605a443b877341f9ce54f761e7876cef992d1458f62753366f6989838823192add70fcc2c96aaa6ab6d10cd7235e7a1db837c378fe231f280cb9f0a95b6f27e2741d680da80836fb3561b3b155f750b86288eb9ab996de45b9c7d4d18ceae200def16034243602692246d7f4b1dab8a7d53242cd2467d758c7482a525b2aaba7f41e05eafb369735f476a27dce4e1adb09cf2c09a4670c5f0a134d239425682b040e828339bc7a1c38a5e6abcc9d5c296f05f5a66ad387c39b43251f13eddde0cfc713b7259e8f9f348e10d62478e98590f838881b8e956915b4b30ad9c802888da4280f3cb66ef54bf173d7222b3a0c89290a5a902a5388995f0d7c0bad68d1578227bc0f67"};
-        int height = 10;
-        XMSSParameters params = new XMSSParameters(height, new SHA256Digest());
-        XMSS xmss = new XMSS(params, new NullPRNG());
-        xmss.generateKeys();
-        for (int i = 0; i < (1 << height); i++)
-        {
-            byte[] signature = xmss.sign(new byte[1024]);
-            switch (i)
-            {
-            case 0x005b:
-                assertEquals(signatures[0], Hex.toHexString(signature));
-                break;
-            case 0x0822:
-                assertEquals(signatures[1], Hex.toHexString(signature));
-                break;
-            case 0x00b0:
-                assertEquals(signatures[2], Hex.toHexString(signature));
-                break;
-            case 0x016d:
-                assertEquals(signatures[3], Hex.toHexString(signature));
-                break;
-            case 0x0189:
-                assertEquals(signatures[4], Hex.toHexString(signature));
-                break;
-            case 0x01f9:
-                assertEquals(signatures[5], Hex.toHexString(signature));
-                break;
-            case 0x02a1:
-                assertEquals(signatures[6], Hex.toHexString(signature));
-                break;
-            case 0x038b:
-                assertEquals(signatures[7], Hex.toHexString(signature));
-                break;
-            case 0x03fe:
-                assertEquals(signatures[8], Hex.toHexString(signature));
-                break;
-            case 0x03ff:
-                assertEquals(signatures[9], Hex.toHexString(signature));
-                break;
-            }
-        }
-        try
-        {
-            xmss.sign(new byte[1024]);
-            fail();
-        }
-        catch (Exception ex)
-        {
-        }
-    }
-
-    public void testSignSHA512()
-    {
-        XMSSParameters params = new XMSSParameters(10, new SHA512Digest());
-        XMSS xmss = new XMSS(params, new NullPRNG());
-        xmss.generateKeys();
-        byte[] message = new byte[1024];
-        byte[] sig1 = xmss.sign(message);
-        byte[] sig2 = xmss.sign(message);
-        byte[] sig3 = xmss.sign(message);
-        String expectedSig1 = "0000000025fc9eb157c443b49dcaf5b76d21086c79dd06fa474fd2b1046bc975855484b9618a442b4f2377a549eaa657c4a2a0dc9b7ea329a93382ef777a2ed402c889733b98d7c21a6298d40c9e790fa75c064f12cf9e2634d74c86959085cb090b9dd912f6f72fcf8f4e796de983f473854c6134c4616df07df9923eb421fabc45cd07c78f027f46a88dcd851882205160c7a066335203e50f415f7d907b8eba64d5d436b05b43cac92afe459e7d7e8cc9c0b9f973c4b7b103cb4c042b595c2f6cf206ae6835d0a4adb9d85adc76974b3f8d097de7ecd7a806b93c943d66421a83e61b5588ac2697a2ddf0b22ba1dda387522e7142bc6dbf86b8f6d8de68bca2f1d03188a629a33e568818b022996aad87afcd59c5c8203e6d6b4ab83e12bf00bded2a705ff3701754a4a993af74b361760ceed8baec5ad4543282f9e0574d00bbb6e9c98b2da32d463e2bab0394bf60e34ac5edb9b5196445e1db3afa25c3dde5f2489c6c5136e4bbe4151a6692becff2250474277ac1c4626bd1bdb6310ecfa8dc8f9664d61991023ce7a04039b8bd46057f36a1a6d657b530f11fe14dccaf9eeecc7382af507ff64a464ff6e8437c7040a17409317181b2333bfe781945c47af565abf5bbeb06c0c6fd1810c872bf3ad6db9382b048a5765debc946b867c8e10705312c74b568991b4e1bd29cb05132304c9fa11e6104fe6f406a66fdbe3e2f031a68340c6b849cedd32d8aeff20ec063b862c4915c0bc4745029d2dfe23003d5dc9f8f7328b2e21ec494da726d70cb4400edb99ddf0f9f5aa8ed4069a99769e7e4b905e0cfba8255304dcd9eb4e7d4cf9ee92f0b1a4406e01d1c0754d56f6e14b74da7373eeafc687a4820623c240999ad143d9ceeec76cb600406a8f4eb2bb196e8b53d7655a889a4a25d65aaf6eee6f309ebb5ef096a563fe5c231889037b3f0d33a3a212ba4f1851fd44bd367717ed6909a032ce36f1d7eae489f462993c41ae4333528bd373217c98acdfe9522474f7255c8089e6422de79c65112c6d6ddd98d53d306436bca504f8603fa6beb9925d84c104d374cb4c681dc2b304ccff8f1b1b3b10f58fa701445d83810b853f17834017ba9a21206fbbb066b1563a606f1c844800712db2cb64b07f9fc834f2242d8145e6144c6096cdfd1cf5a2c467e961a3cc02ee2b7e103c8d54f38f0082823ce663b26c78f84678556cfc42104b533cb7587ef1f1567d50a4f4543de5e3f8235e91aca91f003d53b9e800eab741588e2c6498dc6fd4a7a67f16708ce7eb683a867e2448f72f770c189aa4740848f17776d093f24e633400da20fd8270e62073fedabf4b891a25b4cabc40fdc9207af2e41c99396cafe08a3d68443a643aa55ff7853330bdd80e1260953aadaa30d1e1a1342674a29813fba0bb5774fb3714a4fa8b170569cd735d36a053399f73d057c40cb86cd397cc173b3a76911df7123029a09513db529beb1f74439c364c388562138730e5f0e195def2c30727dbb43ed42b133f3e7637b4d6131d8d8fdf8dbf78fc1da3db2ecd003bc3e28e065b53917513083e354fe7251f509c87c29536eae80f2aaf2fc7e4fc045ccbe4973d2f7bbf627c19a8aac11017b1e00403075e81965d1b3bb5e723099f9a5f326a1cabd480ff12eb7c33c2aa5c1ec410ff6689a559c61e4409ca1867161c1c7fa5f87de53e164c0d9dc2b7941af54988c21ed676e005482ff38c83a6a9d66410a9252bb6dddc50cf8fed31df5b2580745bbe76fe024f0ce7888152cf6ccb75f359c7ca914ea93fadaeb7c43c25464eec9e23fcb51a6d17178f4949278783117c88c86d10a30e191e0dcbc1b0309e25927804ff449866ff5f9c4e42f29c06ea2921c4c7f6ebc862f71349e70b6a84fa9c035fdbc6529de608da3e64e23e9dd8cd93a05d9b3d1c0a816b1d67ac97b70a0ee3bf0872fa585e7c66dbd1884bedea39b19413e7c9bba6a9aaed65215407220697a8d986ee5bb76725c945433d84057cc83ab0526e85244b2a91c5eed1784a0eb5d8d5b287c5e0ef372e3ce8865d20881a5fb63d3bcf9c2272f950f81426a1fe3fee8a1190f760d0842e2a624a202e22ee6f1bf3d742b8c3c568af108be2bb627eaf154dfcb32d6f2950ac8ddeafaa4a6d03d38b6d06ca7c60c3ad5ca770da8f5bb6b2936780d75e25ebcc3266ddf4de5aba712dd9d30bead884a0b477b22af3c97edb94c131861700394d83bdad35b4f1feff2e612abbdbf0a0e09fc3d3af8f3a1c26225a9f39d0be38ae6a16b54b2c9f271588a353fa121bd690496d5af5d3b83dafabb292713beb23d076f6215281d2f0f4c851e738a39fbb075d883e3e2d96d436734311aa46ba605bb4f0ce1c42fc2648b83d7ada023a4775d4f98a4c9f2df015f50291eda9bd3a4b24a46280c90a1fc79a9555b51d15fca1904dd56257f189e2833a4c778ee26c4fd2c682c84d0621e3acecd392600ff68a4c15c9d903eda18bdb07ebdde86d31853dd06f1b65c5004647c0f9c22433f98a40b02d50294ad98f3660bf79610aa182aaa59d0f9a113bbc58ed58c02226516ecd977286f8d58fec91ae665ffeb7c0b449b024a1adb3d3ed33438aa60724bdedc8c7d847c704798c22153233e6e9e1f32142b710d57f7f99ba352c9923775e049417449a60d32fb4fe4a816a6b7c7f31491e2bef5b17f2c0d5f60d28a673219721bbce70e2c3c9f235e70aa1ddf27c9f499d31b9fbb1156742005f6509706b7ba176254e1889a427e07334136eafa1b39ca52cb8cb1c24cf49d1a2b2c07fd8907f4a6be01275cebdfe8c3f804bf7ffdff2a5bde0ebfa4f0add7b3d37db819de93e5eff1ea91abd27bb76b4201e9607d5cefa144fa48590ec3ab339fb206b275bc314f4b44854141c5bfb19fd00ed8dc4c928f585b07289fefa5dfd489e78f3602672d0a33beedc85bb873dd8fa43222173881bbef88775cb2d37d2353fa955f870553c0bab49c8d17bb1ae20f5f08959ffd4e77a848c820607ddf6df88ca91a057ea9eff0131652b8e99fa5e64d27068d3c79ff370410af3a7f9f53d3c75b0fb865388864297a8582ca79bdf47c56f4035d8bf99a0377aba30a0f1ae7f540e0b9bd97c63f75fb2ac8280af823f91c32428a0a5940dec0db8edf0495f3b1776e2ece83f0ce4c43b592ed70c5c8b14056df1050f38ef1d1975a57abf365f21d7db03413a820595010598028af4c46aa718e643df002e8d5fcca43056468e91758005d942c2f7eef5fb2c58c524ca0006dcdaa9051772af7ca50d4d3e4c194775a127ad8d974d7266c749af5b63f32a8f93e711a6990d06bbcbe1edbe42d7e180117687ed09af96957db605e32822f2ec6f7e8c45b6b1f22e2ba84725fef839d5ee08bd0bd3d393c17753c21e0f6952300a04a5df9e16c7d9410250d13a02237c212e0dae3cc4a4d04a67cfb3b02e7af63c65b01fdf73183761a72c5bbe42f02f407ec34fb451cfb785004de387d935fec886d2101d26e4be221072562a6af51db288321c8ed79f157aef63681e1b21f4c55c06bcd262ac382371f14c9ddd9ea87bccb5f015e591b7fcd3868972b6ad30091dc59bc6adf197f4da4f6f7ab7de7e928c8f7a3c38fb851b9598c350eede7c0e71dce689fe9fccdda4a00e3a67675ae2482b97d27deab6a1959e64612e244fbe8b3b5db8d8321f2c73355eace7a988fc75ee2d0b67acf9eb3de0630a661141285b5aedd0fcc92d82cfc70f91ee2a41301f726484b2c5259c347add1408b0f5325b5eb2cfe4866d2f5e245b542b290173efa7043115e60f3adcbda09776975fbca448f0de92ddb0ce444ac9079d6be43bff2a996d645bcb59e7bd467236d1476e7866308aef87fd7fd236d1967569290fc613e285cb33ae657c22fb8768701aaa3544206e77890f726d9639c49073885be27c23ad1ca54c3f5ceb47d2a7b11758873f3362ae9c40324f188ba2066ab61d32eda690bc2a747150f01e5fb7007c4711a84d47224bf28b90daeed7d57631c2146e9ed44b4157084fe02886c1a9e49dfde6be129b006f17a1887ecd1a15b36e5e211074ed7d6cae345467b954efa70fe2398df5a345b942e779bfe0f21e8e2d6c0a67d7dcdb7954335d4fdb3b4cbfaa6331bc33bc81f5f9fda1dc0c947ceeb7c56fad107bd925c78498e5872328b99792cc073f066c39c5e54c05e821ec8e8305bf5434f961f4c9bfbe2cc0a0727e4205013160e3a0e2ef98fdb8d1f96c76786b4229e7f2798dd53db36c31bd6839d62c0bdaad428e0fd3ebe9ea2567da61c0e5315eb3d6f2aa76f87cb6203f6bcb1d341d4d5c58c6a458f45d2ca4692f932f09a685069cac65762d98505cc36e3ad293fb9e11df2fca7c492a5d2567c6cdabacd5ecbb13e2ea0cbcb59b51385dbb3de30f9e619a62487ff6470b491f23a93c2d5407de37f4c39c0b936076c0dd7097b8c9e413b1f386ee52b4f33de5366554a292607f72a59d21364590a0f5516611a4ebe7c64358407b2c6b6fad66cce0399db60fab84abeb023e9bbdf7d1aee52a104a71ffaf75cc0ccf827b10a372eb44eecdfd795be15bee70edaa70df6430f2bcbbe437d1f7112c19eba74d887d2b61f5955c055e63a9efe45a0ea355bf5c18adc79031676151f907c08b7fb2d6f2f002d8d003d19afb8aeecc72d77a33cfc06f4239e3d7f0737b79981054c0c71625ab4c5e0aa2a8d72cbae38ab281fcdacf478a6e50b018ddc5d69d7a73bf8e576844e8e3d0d7299416143ef6067240b9f2cba3a5e20cc9a03d7f6567c75684a868172499609e76c07caca24704178aefb067809ec83c1a8abd500de894e77166faaf9baa7ead78105c03d4008527218fc58f1f7ddfe2461b90fa31bfc6f953beac2efad01e8a03dd6131c6d5b22bc1bef3ba1ab23acea334ee26b35515eecea74d31877da71a904dec0dbc30e3019a4deabb4d03ce5903c3068e668ff861e739ca51285222e7a79d0009b775e8de27153a59db2602a7c717260f793547d52edb5e0bae9080be48a3830762ecc0c7b89fd11ed1015205d193bee79808e5e115fc7eac4af8f841e66a1ba95863d8731be2309e3ed622fdbff61d96c3b5a8720dbb34304e9a899adef0c7be7766b413eb58878f0fac1c6518efc7ccd2dac7d6328487c36f78b79459f068aed29ea2a27d08e4d054a8457bbd9d6dbc396b7ff6fc69896910dc7ad319b01fadf46e776671d352578ee2a959718d960e24b8a565ddaa2f0ee9d201bbd55c4211d85744c5240c4fdfe98e9426e1175e68b975dece12e4b7d00ddc3a9aae64fd060c5faefc1a3d45571e80b687be83c9715970b960763fc1eaa9f2ec84d8bcda8bd771a2f1a1dc8b927d1efbc671a0829b8f0a5db3195322c634eb9b44ae8ff3d4b36d75b26bb22dd4bbeab131b815c2a9fc0034b0c9a2ad5a1847d4fd2a344a7dc3220f9546a80cace35a7bc48ac4422833e5762082e7aa331cc1d6698578a4a3ed8c2a33706029398590da4b399f09e88bf3024dae196983dc32b26bf24e0eb9b8e0b5581076636951cace43297f0aa968c104a25de43917f84bdf73b95110d0f99c95b05e7cea82b1cf8dbac2214d79f0bbfdab8db2984d7322bf6163bacf5b3c0abd3dab2c10894da62ff8c3ecb4268210071b0aa4e48978394ac053113465d4e3d14190408c44e95942d95fdcb22683e68c4b9d4ab36980c12df3405194c857c3da2653d9eb7866e6fd5a4f89ebdf7193141bb26df35bfc44962ea206fcf95e9db615761a8fbb203262959b7c731e20d4cccb6c30c4ea82799ac1fd3a64c442f85c12a70c2c62d543bd362bb6ec6d3f3c1a87f555c1f73b7d1f92c3fd9e1ebd2bc8942c887efeffe65e3098abacdcaf0c626a97931a2953e78554d850614a0673741410373b5b2a67086e20faf7bca17a7e3e74f2158876e1c9d0d8816be4a3b517aaf52600153995465daee1a2bd71ff572267c18cc9ab2e5e481be4d1646683cfc0167b8e7eb6781b09f593832b4a1e8a72c59aa805a30579c528f2e7665c8954c3e509d4705da201f99b3cc3d763800aad1f699339cb767776134b9618bf06e4142089b845adb526ad540444b035fa852777a993b741461b8ada57583a77ed45c08be19a1352515be5fce1d97f227e1c880cdecc45e43190b46e1778144204b77fc858cc7cbca258a3383adfd71080e64bc0d7cca7437599cabefff26de5238ed8744ea96ff5a29cf1a30dead85d073dd5ae13aeb140ffd0c4a41ee3332c2e2bea34467494bb8a6169bad610d20f62c2fee042b02bdfa47a7bc4fbc56756718e5c9acd0144b0892016f82b5d3a43b8e9db8c23ed42604b123f046d029263cc661f658aa0318caa6883daf6af3c1f4eca0aaed6c8c59434a31dbafa162417ae3855a1afd7f98a3235dbb0e83837133be6bc3212dbe7158967f89f4f56ce7dccc8a1d56b96a5747947ceea53a2a8422f8d073beebb94e3621ac546c77170dfd6f682af631876a1989e85a273358cd41bafefa48af4e8f8cfb21689a89c2b6c696859f726cfecd458ff1d0311df8b671bfd6dc5e849f386cc9f6d076bf0d42a982d80cf488d2b8b9c451f4cef63754c948250a34a95a86187d4b0d1c92473e9de35f760701267d761556dd5d9f99e8a5bebb84705800bf99bed16f132f77a10959ff72d357a9d276db60fa199c27bed7cd40fb4b12ef3578be414a5b92ece6eb830de5ea734087dc44abbc38e400584a980518a8ff98345de4a1d80e74b97a1d0a1a3872a8259dd4720e9bd2f113aec31c911bcfab1b0e79fb810491ce74b31f631561753826771e2fe137425beb2317a5a480b66ce163018a3d8eee1bf2d99c4d0c0d4560c2f7979f9bf438f11c9b695d490b8317ab529d5401a5af788c495fb81d2d4d12ae76bcace10ccaeef81b48bb09a408a2e76330a77aa3fef5e53760be73daeffe8d53966cd2b6644d7ae92f3fd13fb1b4adf01fe15931b136c8301908c92adcbdc42ee7bc844a2a2e191d5f05190d8d29416738882de66cb58a63310507501275280e7e4f3f290047c050db2f8047eca1a2a697ff386f9187a574fca5834f219fb0b79dfc1d6b55298f4d9900457705c749a4490b7aede2e69485767aeedb235063b3ae75b0a8a8721031ef6659df4fba5bf2478326544c708c7e25e5ca7ac99bd568d849196371de12ac4e7754bd35bddf7c1509d1a32002108eabde06055bde6bd4dd92173d765ec45cb57244019d3a5c537e4f8e3751ef208948b774e4ef17731b8c4257ef2efeaa4770cf8b95cf291291825b2d374af17fe0c16aa05edb318a9c201a63a30832f8df66637e6243f6e23c83782bb6ad6443a623a9125afdb70ab50bb5494faa5c8c2ffcacdcce931aeb2acc2a8e5d35af2331c9506e2f1b4ea9afaedd48644c0c642946b31330a140e59c59a7e53de994abfadda7b7e041d1ef27bc8ad33db485cb20726edacb43f9e92d8601fb8f1b65f00b75d5631c34564f8464b43c69312fd30612586fbc0f4a5bb9002ed13451963262ae44afffebe38d1f35768dd678a875ccdabd86561d57b05147bb519d9ef27326da505efd370d44c7eb023dfd36d1224e0e214bd14de142e4529e09c1b6caf11162233ffd48af3368cc3b989c4d6316b010a7c582276929daaa3f27c81ac7732e2008befd537c9ea2a95e862f0bc17295766c7415a9cbc6725ef08ebd0df08942224c4ed4c7372c82c28ca7a7e485287ce7807b3df47a3ba3cb6f18fcaf6bb216ec91d99e642fef4e59d9e150ed09fb906e2f4123060cc4d55a0f319bbae0151b68e02aa5c6f430fce57ec994781b90a8eb0064e046b8a6acbaace6a3ea9165e95ebe8116baa05098e49d3aaf76a45f9e27b8f92c621c15ae84c9b0ef9e1bc51d6d9d9dc9b3d3e67213763776f7f6384a6b30fdfb27260d0dbf26508b17cee5bcfc6e63de06ce8e9286552baeeace047aea95f9c0c267705a55b2dcdbfd63dac433d2f6ced9048ac5be3e712f49b272f54d02e37b6698eaba31eb9cf2b51bf8d8b47376802da992280c8cbd7d632949efed734a7b0b11ef9921204a2919a3fdad9cd03c1e08418167512aeea932e8f0016cd461f749bae6713eac495d995547527723cd54b0e1418519143772f72632a319ccd1e521c6f354661d0a894bb728e49323e84c3896032e987f3865d14a317b1a23e11487ccc7bb9e0c1d0092d84b849cb732df32f62480cada8e555341b127617da87f802c25926a82d982b094129d4532529a4bc3d3041a6adfa9aa2a86b147a0ae253a728f4870aabdbde73be2ebcf9d1d374c68f36177012ab5b25bf710f39ca6586a7820e69061b4edd2f37f3512df2fd0364290e07d284baf84423dee7bb7db241d127bf172c99560de1196f860026b9f622347f6f1780de232248bbea8a441f3a081b59f4a490072f19b8febc0d75069c9e60980a1d2a300fce1c1b6c78351cc09d9af4b57e9ed47737e9d51a403fc19475065ffe76a8755cf60fcd124d941fedc482bfc3536c58406b72d69513a9c993caf05f683f7975857cff2af0eb731597242f114d544bedf1871244a072f0b955077f102220aaec4ece8e0ac7ea5b7ad5452c054b9bbbf1256d5bb9709ce00f63a7df49a26ab355d689df1e6c06633a74522f4a6d5308bac8a87f4791bf663659d880c978db38b05040b56d9d6c5f810391f25ad157dbf7552cb542cc89c2da49ca2d735e91c06475f894f4619863eabd4fc75b285d8f03501b7a6c49148b72ff152670f14940ad01923b62899298ae44082db5559861e6a95fc159634c0688f68ae09df5afa2ee7ad6506ec9b0e428f0764798c2ee49a5eb6a1728b64e460827f3d648101d3c2e75d8fc02cf50918b85c71c564b59dd6a51749dfd317ff1ae8d27925df0828cf56ba3e2416a6a11b041ed78b031cb8af85cc2994e24cbbbe015549d4453faaaeaadba9a1f81641dcbb0cc90b602b1fba3ede41781ba00c30fc5759110ab400d022dc3e9c59072bed45649ca704fc25607eedfde1314fe3f3025f7e1a6e7bb9f87943749b1864592201ca26487572253cfc0d2840745bfdc54fd1705111e06fb29b3e63cea6f90f962335945cd217fe72a004c66e27852be515b6f5a417ee6880fbff188d1f4b5e4ec16d29727444fa884a0599bcb4e31821275a75b0080857f275fc0cda849b8819b3d3662974bd0248cb2f5dbb89a3328f9e9807cc836058d018827c380e9e1dba15a25edbe077cafc345ed6ade7fe215a7036b33e8f3c51d51d2b866204ab6bf7d79a586efea08f86aa0b5f7a584cf7ae3d8c2280d907c123aca43cd559e3bf6f5fe36754318b6aa7e33ab5ce90f43722118582a778474dec978e0f275605d2cf350bb48504368cb2c2094b7fb941f92a7497367f308937f15abb8213a9b43044d0088679880982b10448c651f270b84a0f58f8721d9268d2dc2079e569a48ec27390032287c003760eb30d18a4b9f6d0ce4172c201bb5559122608f9124211f2bd40542f5b8fbc70ef88ca3945558030b84cca8d99b81187abe7d1593ca45c11607eec2460031c0901f6156929f53c1b4391e24024be06ca0d85dfe60df55ccd3b2e4627f882fc3eb50de259710a48be91f83afdb1b21885833db92e2a8f151ddc2dea5af3ebcc8255dcac14e7c15e19d748641448aba6969cb218db6d10c1867bcf4f4faab66bcb26f5b6d0f99fff2dcb695d29d73e00e58c06f4bcec09a45bac2d2347f9822e08dfa36e5bcb0d5443b69cb3acf4b1cf4142989e75ab12703699510fb47173897c7c2cb00ca456a17478ab2d18104267ba01cfc4486a5e00e3f4fd513f649989b50b9fac2a50429aeedfd606b3d88a491cb263d55ad8755f449ff360f84a52780c3d9dbe2ab067a6212fa7b410d0ca38899a77fc51321d850605c8e06642f5b752f168d548cbee3252d9856ad342d5bf10215e9f3bb4539816c3dc5a546324e228fa535237a9c723b2affbb3dffbcc1f0f3f649036e1d3f95e0ef0f7b3827bb554dadf68fc6b1d3eac298dc139fc7da4aebadbb56fbbbf6c4e47ad36c36cdf1c78b673e40fe1e19bd631ef24e15379d5b1f5b66e2061761f806a0cc8982f79a1396eb3e06782384ebc852b647c7b71c15b7e6a156ac0032499c399b131ebf9fc4624bcfeb903176f64007291ebd408979016327a8529d1f7cea27e54c669f83775276bd003566b7fb170185a904bb0cf0929678a2111e5d18b824c9178fb83174fb35718e1a7f5c7463867bb9754b55f862cd3b9e41b550b062a199b5316c0268cfa3b066402db89906143c06b0fde74466e53ada95be048878d126969f9ef50976b35f55a27531a654b695bf00b969d73a923477f260eb7e31821452f31d42e7e246f65924c45e6558ca0aba67ddd18debeaee48f838f059aa6b9ba664c978bba5dfa130b13fb2ef5cf9d7a3e4117022e21f2686830583612d9b912d2efaa2ff29ac9acb45289d091c8a38952e78af4690511f2d807f571e3d79b0363942769926c840a9eaf6c1d78811dd0bb9fb973145cb36e3f827e4461a396136be978e0fd80ba4d9c8d5d8d3598b36f509c691d0b84cb7c3d1a0c998ab3e4f119143f52aa3b169f914957e173617a0b332e8625a781cd94438c4c47bb6e1a004ec0604a99459d9283d0b8b809ece8a07a1b3d5b5b12f53df055bce84d7828d2c2e498f842e65632ad4f354a5957333bf68bcea3af440609402c275ff7d993eb1254c9dacb7d07af9b211d695258cba2eeea7c76043d9e697e3de87cffec138a566f52fe779ff67796a2c3dd4230fbeb1ba300aee40c9eee8c0894c45051fed1c2f7c419b219bd845df48582733c4e818811b26baf6d133ed12bae7dea0f3bbd23c599d62efac4d175c774068586459dc625e5176b2ee74680ba07f1d7cd11d7cd231e19232c0f73a26a97153c2c2b76b24a4f4b33816511878bc4c4522fb65aa8b37b7e70ed564662e4687b20ce192926fae3d01365cf21f29589990d0adcc64566ff2928f021b170399b76e8cf384d44024d4a8d982d37f534e0bb15dc77f84fa22ce02aa40eca6c4e27c6edbfcfb39547c53905bda30c95774c287534846373fd396d0961489601360f393f37b2be3c837ad046e0c217aaffac41442d2a79f77111bd968ad937d834d6c59735b527a67d8cb700585bdb5ab1da6ed784aab0a1fdcc5dbdb0c351310502cb902006761f98fa1ebc139791dd40b3766a5650f18938b0c87e590c4b7b460acd0c966cef59cc63c39cc3adfa42b67e6abed944a6b63070058c1191859f9de4ee05d8722aa0b1bddd8418508eb7d62cf9964114b20272c1230e1595081af4b5337fe83977faa35f5c1e9b8c5eec369cc9c3502aaacda1ae6cf78f0440fcef9e2a9af1068e985d8d03669ccd78454c51d0da23e6882e7ed6b67a3205ea90240001f896599b17088821ea16fb904cb49f4b4096773713ae7943e8106d59cff23294207d7af9803e2792b5d9661cc4952a227a5f7b6d471275c7c44d7f288360f0f79c6ed3894b0c7171ad2769c8c09c72e64ddfec355cef10d45f64fcbd1f3b874aeb2f8e4372ec2f80ecbca38d46c8b78345c3472a2c6af14a89c65e9b8270c66332659491dcd4df2ef4255a417b2804c1659ace85d558a439a6d463ee9f73aa75f3ea97ace4e76af0fc9c0c309c2710007b06aa04cea65cb3792e6400821c7feea655c5061002c027fdc405acc396306627c97041abb1dbf46613ea28daa3898f466f02b2865b9f952d62f5c216250a0cbdd04950347187854a273b03f985e85709c95875f4d07c9c1b195285adc7b3342c9d45cbdec27e11c368909cc74dcca9eda8126d92245ea74ed8e3ac8837354e85779f8b01bb03f2f83b4a8cbe437a9164a95f8c9c4cb316e8790dc22536b818381f2087cd6e7052d8bb447b1c98d7cf100c67f9bca8c83d156116e7710296b72f531408e59816c22d6048409b1fa8c9d6227d24d31b7ed3fa792988f1dce1259d721a5926fafd81578b4376fcb7476ba565db4e685a2d6be116b07d5b44ea9981a5e580c55d3e07202619ceae9daf5e49fb5b13bee641f639ce0ebbb3286363aa12a41540c225b3f081fda83f1eb5bb065a53b2a8f6c105bafe280bef4d84f73f60da4d1291e925731a4bfd50026893d67839c20f25b7a3f64f52975be7c25a1877d77478b8b8134c57c6d2e043c6555bb6927142b972c3c70a3a7807f83c5f110fcba676248731ac51078580b1a2f605adb892e9b419f1d9509eb4fb9c5f3fd92e47dae7cb3596e6d04c182834e6ba1d37f139b4f89c95113a77c2c1f802b6ce1624cefca77918047582b694ee5d7da62d97efe090a09b6a3e6723cf09714adfa91bd7dce2f6ec35d53db92d7bc779d260372518d57c973cd07f890c6d9ca234116560c1773a7320aea412b04341c29b32254caed021817a12e9dc00740e76b13aad96dd43544ae873175c05982288134aa8460002515ba8779497ffad9699ad248c11556ec8228e2668845b3e64a2d202b6ca76fc89eaacaa6568ea1b9f0aa6b80ba0876ea58441feba47fc37a0d5a4a0c313bcd5a49de1317eb0498d3f17104c46e0674280be32f5c691b5fd9748e37fc0a00a12022559a411402365c37f74cdf90311cdd4d810929f2f8cfedd690ac1fc52e0d51303e43b070fcf8314537ec4a7d97aa19944a5496e919c72b9bbf0addea5855dc99893e0e6236960ee7cc9d496ddbbb040c9773739ae79d9a5cc95aa119a3210d5e18c7f3d9953050929fe2adedc7df10085c057f95473c6bde947df47a4d17c9a934b95aedf0bff303051428610cd57ed321dea4b0ce12684c0803ad5efacebb7a826a6be3732242d67839f86f99a17dcfe5befd3f903";
-        String expectedSig2 = "00000001e40f5b447267c994bdc775ce6d98b0e559cba26c4261d70927adf1bb11b3336858fe064267d0514a6d971b69939256b8ce8b3d8ba0d796413f561c6825e720e6c0c15632b943606aad0b427ca04a6808f4e783807111ec1baaded34ef7ec2cf40ba763a4555ae307171ad202f421548e7361dd06b9145e6fbdd34eace57be4829117e9c99bf3bd00dd4e0591c74d4e488e90623c6a4cabd5bc903252eb81eefe8b52b2d9b3df37bcbeb5bcff64203211d1cf9e1bd3250cdcaa429c2ddf2eb1bc7e7d366be2dc0dd774f99937859c40fe04a98ba532744ead3c6199ffe6f740399602658f65bbf67010e99fc57f841b91bc29ccf4b6bed49747b459b9835e4fef8a95cfd67eef5110d71e386a557562cde703369a4380718d957ea7c1377c7230800918136d3e9755bf99941e5e857a4d66478d81a89683de426bb466f9b660a6dd9e4dc28bb25e0afefd311c68355753be9f3c12f85458eede1cf39442c8d51a4f9297a91864cd98ee8ce77584174e594072df3c776dfddaf36cb1c14161965b516230db575b7e2a7306c135a61d6a4e9c8d297bac90828cd6cb55389ebbb5610d52415e7c8cccc5510dfcf4cecfff5104b75c57c20f3d3b2503f1d78e2574003902d66683c906542a5b0243cc29ab6f62535db4478dfb2dd2f30cead0ea0a579d594242f8b1d612444f126c26d878f8c0081df90971be86d6a7f29c4e3de77f7130fd2126038c5816d5d90055f85375ad8874e02e485067a791d880dc0f41e05eae9309da935d9fccbabd6141c4f8c1e393c7fb7f7f94976515a1b9a0e3b141df3ffda079a8866843425c2929550dac4f59e1ec47a4a0b25b651f6613ba08e31aff45a365e5d77c8b7bd8b88bb10fc4ca0b2d236cf36ccfe9fc95fecfd62795091676bcdc39381ffa6b53c067b666264eb738b3848969b28c3c8384212d679d164b07af95f3863445ce4ec9408f1652182396b5dc3261aaae84f6eb6e552899b0c3d8906004683326b64397220dd556c91d30e43b5ef2045d23b99faa517bf8972d6eb4afa48da48543b37bc4e2dbfdb12f871492f202c206aff2a607cb9c7e0fc580123f540525a0acafd4962bf48e3705d6800c0732944a1e71d8ed2c884b512fa1e9ff0907397681dedaed90b71eedf9d8369f751dcfe49a1cd376461e8ec3f9589f0fd59ad202d8dcbc21018811993e41cd5c3b43054175b2e4bd6b09cf27197a26e381f7f8656537ce1113085dfc90e8b97629a3785fb6ed85f442b39640a0525c3094b55416fa73898a228816461db31fc370897f0070aa42e35b21e1984feed7177691236854c8e2d1bfad5055e0e02acf04a343a6fb1b2e93b9cf002b55ac1092c2ad8bc7d54ec001aaf4473f44c6f3cacb435612f3c6b683fdac02e32e11ce1e7d5587bb5abf2c8d3ff5400123eff17098460f563b6ad8b01df3593bc35bf12ead873db365676af907174eba5f174da46690cde0c16eba96edefc3a49be70cee7dfe019bfd48965ea9b914b9d4a1f36c10301b37193216687b86847b9d72a9dba2a119a18d707ef64b1116b9cce49db2c4b949efe4c641e9d3ab4da9b66d0e3728890247d68b68fa4fccaee33225857d7fe860d4df1e3772fb0e2856a35538bfcdeba4c1b12ac51a508bac14f583207f9add69051faa5a079419b555be96aeccceef73e0a8d8c12e1afd7b7735b63aecd119a3f20fdd13687f8d5dd20f32d0047497b8fefa71884eceac49d37085a04a662083d001855cb3180b8e156df84f3813af16ca0d09d455e7262f19c5ac02eca2042098fc686990fcab671d536be0084446658f45bf308f44de4b9e68f1a0b7d0e116e9dc0933b320e47b99072d422c3c2b5bff63c65ff62051221d06d43d44aab22b68f436efbd4eee342d0e96919f89f4a8931cf88bcd3d431ef59da0bf1ef68a3b63f675093c4c7c4c421d4ff54ea6b8bc31b3e69cc05df0d0fb378a54e1e90645db9e35590b59549463d3a338f81ab6a32f52ab7e97fa1c3b808198a388a19e624214462524274009d5d84d5beb6e827f9b04a5ae5d144128d6d84f0212ffad5099d97f16d5ea51907fbedd76daec03cf1182f517be0df13df722801b217a909f90e76596b142c5c7d35ee085f1eaba2fb8c0b1db480f6264141dd3fb5b18cc4033f23d9867304f2e988a064da34cfb92aff8884df44a15a9c5303bc2ed00f9ca55c9abe751a43d7719c1d1b1529ecb198754b3d4a003ec37f11d0c1c76d41efd36c64c13f215fd86e8fd02b1bc30e9d2eed8d6a88b859fdeb4274bdc60d99eb0f8f9a2e380032a83a9db84bf1befe38b4922076cc2cfc83d9690e3b5fcb27456f142b11093dd7bdb7f1d51219ae0527c3d7aa990755877a9071d65f69c0b04753a9f3b3b00aa381ff38adfb9b98cc573ed3984e7f6dc9e629c6f2ec57885f80d816cff0d8aa4027bf132448cda4a5d0e1cffae3e88d0900d1f2dc4fede24d77168c9218c80b87f1381f4b2d84c5c7f2a4729256a64d8baf4ac4de0bd395f47654b029563c6066b59ad42ea5bd80edee2a06a62b04c0930442063fd443ebed52662325e0d610870e9ecb571edcaa992afc6bba6b7059c8d3cc0ff4f22109cc36bd33a3a53efeb16c377bfb5c42b2d60218c67fa22b84ec7fb8d44dafb86fdd7da314d357a9772365aa1deb68c786d818ff73d342bff6e5d138819f4cf0563a90c698a56925b6da78c9d07cb4d4a3f4d6b78f1efac2659d387d49cbc69d803e1acdf9155218afdae393d50d6346383a34cd286b68f5e8bdc6d8b99a1d1d7d2702906e2aa9a9a04d7abd96d129c99be31656eea08e8c3347bef29e2b44dff01358f72c949ca56f680a90b73e3c5597f8390f87fa2858a037845ee7764f56f3310cc2796168ea43a7db267e4ee36bb8a11bd3c771337941deef7676ec15ff3314a29b4ad0a679ed4bf90264401a71fdfdeada3666604fb05958fd46be35c63f1729efbd18ee60a3173ef7a709f6345986b77dd9f9b719f512270399206834ada721bea6fa1ae82c44874680b18ff57000619c7f09213e7e52bf33be4150b09cde207aaa6b47a772e077ef104e684561dabf41f74fcc864cd4e2296aa08297cd8fb99918a7b2ae59d3798d5ef19a3a98f416ecd01f42a58f8ec4d17c794cbc635ac38043159871d2699bff14697512763e9c692f6f45f07067dda04d494b47cc0f7fc62351726f83a5ea99a37505a7947d5a3306279f99599dd66255a06dd6f49728584ca036cf1952a9b469ea4549e762c077b6ff0a25a3b6dc5fe4cc67b254a1552e80471a4d2a38e992cc09a9deb211907a1d68b118c6f1430c18982810b080560e2c6e76c17e010b2b6c7f3e329707c3bfb2cc83249923483e856bd880c6133d23cfd7e5c2beb1a15a2d88ecb39539b645572c1dc9db4e2579c8a9caeb96f03ff91ed41ae668d6c8c16bf6c9167f8cdd3c0e9a5215965f6cfdbddfe7cd00b4ca702155878f9aa9141b72ee3305a48b8af6b1da38e639906c35de849233fa171c021bd15c4aa0df67ed2a519792c9e420d3a543150747db0b19b2935df78a47aff348d3796b9261baa850a8aafb7a215bb578a17939f44eb89f1cbd9dbbfcdfbd0a519a471578f7582408768d878bcc83d31f7b596bff1cabf4fe2bca47cdba816a1f3ec155686487bebc37c93a3944a497214cf3caf4b910b1a7452cc6781972422b73abca8e0571e7c5ade4effb63daf60e5f44dc1837f24ab5e1af86d025b6ffb5f6236cb7fd02520ce834d7f31d39e4cbf7d7d17b583941bf6a0bb5099d7033bba1fa6f5cf0ef47b4a5ebc2e8f66922d76a9be0bf2faa2ac172707f8a19bfeeadbe4f4c811ae8ce86bc636028f55a38013c4e39315be4a9e260cedb043122a1a4da3c6f50676ded55216fabd0dbaa659a6ac47e48e784bc2e4f7b3148739d6384bd525da874ec4c4c2d8d4e62b60be4f47f20f40eadaf54accbb106acbca466701e84db4be82be84c8c5736dace8a190519d9bdd5b71604934371cea43eafc76d833e3ce10819d882b4ee33718e74bdf95a0fc040c519ae5f2f47df4dde3996bedf64e401f85a3a01d3f51bef6c076181069e40af6c06c3a16c444322537e400a1b0ec9abcf65a5e7b39938e61e05ebbf79b6e6c100d5a30f23d446fcef89a4037cf459fcbe81e1d4e73cec2c32ef08e173d98766d10dedbae881f6d4efa8ec3fb8920ca77082aebe94851fc518ad791ae27d547fc6709b6e659a0e15e48914dd7f5950533db954c90db131b0d5ce3811fb3b5b6d41670fe450b2bcf99cde54412ad3d77c1585ec32c85d72a47817c63dcbd1ecf2c0f6bee6ec67bf82bf01a63da499df995eef91703c55bc950bf34369c929da4a5a6f4d4b38484b2ed9600927570c9fb4fc19da7f3b72c0a6479685220dbc332dd0cb37d9c9e8d8ad3df586efe65b9cacaf0aee6f27b045e40c22a305964365f4096f4cb28014560aaf0228edc507a62f59c815e17a774b63d57836c1d4b55cadc2d267a3419805372e3ab917f1ee1e8176d0d730361cb62cd89d8d6024d8fb007dccd58c6b2a15747634c705bb1f0701155c6ba5ffaac18954f74abfd27bd157d60e2e403ecd7a9a92da9c536dfb06f7a722441b5f6feb97a770da168947a88c7aad3cfa9f4c18727e6090646d4f9b18fb0534e0d5aa626ab73c5f996a15704503a9c5c6a2d28b683d49f777957120b73a99ebf040a20c1ff04a3dac545595a7f2d14e3f3d5cbd432dc6c1a8495ac16f94bce458caa2aae08cc44118be7275ee894403eb074030aba8f4e886d7011bc74b03596196906c6e0a8c3ef73c2ed6d92e71598a99e2b4b2b7e60ca462933e3decdc9461535680f65071c17d329ae91c6bef8471b12af776d1d273c5f3d39c9b23855389a643a8a9f0127f6b581e15fb5aa29fe8d60b75a2a65e219c003ae60c614c8c488693d5e95f89a5884c6b881efceb8bf666f177b5df88c606fd45ab193e0b273850b7a52daab18a692c1d016877fece51b9d73abda8471672c6fd603de198d8f9e7185789272ef7225a196a025a21a3210ec775b2ea3068840a34eab6f7d35c8b0e25c8eec6da99957c0e25b171b8e518471ef63fb0e96f22d1ed66efee3ea7f1911f2cd4384d01cb57f538030b640486cfdce7f9bf0881c8cb11055ee05eb2e9fc2d7b167e7c2fda3c80533a3e0b353eec3cc5cd90ac744606f9b2009573d00b73e11f083ed00f3a6a4aeaa456abf6085da1f95ceb6b3dc84f2660038e728c9c4b94d1b57f5194d0bade8a33367619ae8bffe710b3d422b578320d5115192a922ddd0a1f48d63477014b5bebfc948b2a2b59ee893524e060a7e816ceb664f5cdf7759cbe95714072f357e0079af966e402eebfb1a8e1c090f9ad2ab0f883c3083205f597f72d723ca8b9c30833b373e27052eb2e08377cdcb49350aa13b16b35dbb7194eae6501c9b2dd71ad873a51292a55eeab15d9850dae731aafd19cbe7837be83633fa312d7bf0e7c212b774e6be6b664b0777f01d557cffa41c23ea7737b552994096dd6f06843aceeb3c3a17f637cd5865641d90c0c6d1d5b439689a19f5182885496f553abb9b4123a956ca0dcddf5257242246636c8ea73d0cfe5db1d9fc759e723d0071cbda5b6ac483ea5f156a365b5b82e0a3273ee4293e1c230a29b5d06f9ae83f4429492ac5b764be6f209ba17d0ae0d6de2b1cb9b72bfde885ada2a91818ebba779af1d4ee4a4edfa0399c5d6c418bd702f1ef0588d5bb3653b3d7eb8786cc90b8d6ef6ab9b7a4898dc6681d4f000708a558ef157149e3fcf5f197d6ccf2599a97dbc066103f491ed424bd11c684b4e9ff262e4096a252785490536b676da12617ce12107f64a8b988c3c8d65ece1ea921d5f8c655b91e78f8e2f9f19969f31f5b806cb9898ee53ee4e9976f2b2a6730f8a77fcc4f4eeeb4f780de1019b2ea5862f7d53e35a06b45466cb8b40b68cbee1087b35415f023f86956454b053213e368565befceb5f0745fc8178dba8933ff8862c35f286447c8147a3d63ca4bbecfc873a2b49788090579b66c2ee25cbc4208ac0c1313188b37ff9a3f5c53103a79d8b3b92008044f6769dd45b4f05909d096638e38794f3a1b54b4aefd381e1b9173366065731c581c44fb970cb16f42ce1d6c0612d1e88fb3b444c58e25559de7f632ef95a9baebcc5e7ea0d7ff013ab5ac55789749eb9f250845f9f258115fb3ffe9b22cd13fcca1bd837cab33081fb3f2866ed2b0cd3bf3777054d1f61f7d070894eda7f59abaf7f0a01cb69bd765eb4a153488bf3e6c5b0f4e47dcedfb40affbac56ee8291c5cf339d8bce560312bda813aa4b48add4c9235b42541a7a723643a0d7ad7a1b680ad589c89b77571d40ebb8c05f6250355bb169e0bf3ce4a64689401be7ff53796e415c1c3264c7c85fc13aa40f35077d95d05098d9c962061dd6a2afab39f5145fe69a0923b82da0e04615639d74a2235715a7e51cae966bf4ecc94d27293cdc1eb9b8b49488a436a24ce0d8523741b52bc71799b5264612dfc0150fad48a7699d95ea382a9b0a61855c9e0ea688000a325ceae92dc744f01c034fd347ce1087a7bc518926810302b0d186babae019d8e1693a2a097ed1a291646e1a85c03c94c932eceb06085a2930c71b9063637650bf7e09ad7fbb5f5e7e429a273fd4f1a7c3d288a8d53330f2d3f0f7c9100f36cf2aa72a68226cc758f05c5643643ba33df59077a63556861bf1f491ac58c481f430a0d7984db2de3726ead1e97476476321bae08c0d99ab6bbafe7e31203f675b779a6007fbd98453715c6b64317e2d8d01e23e25afa164bae43a732508780f38236ce25e8a31121e650a93e9205f832437343901926d5121c633ff078388f21a9e59df4ac67aff27a660cf2fd407bdffcaddbb90a78652e5419069e104632299cb04bc8b9fdc1277cde95e70a9fdcedab5f41042b79e21f8362de123a813f5891c48d7281e2f7808db16c05a47c9fc4cd170f094e6502b9405aebaed273ac1ad5a5936fbb9796c9f6901846d1962da6e1a4c83ac5773ee2e6974fb97149467c644a50c7253320a9fcc3b790ce135cf130d6a9577f7b8749eb7ed892018b3b899e4be66a56fef8062c79cd169738589c744de81550381b3d6744155a793552a8d66cdf364fbc76eb55f47228a81052b7a7762f5727053196440a93ffdce13dfaed06e4977fa17817758d527d9de3baac9023c7cd1d33177868445ad9c5c809bd1fe64a2cb7754e0fc83731f3dfdc2b86ea248ae5da1a89bead60f64147a7062fdf6b5decd6234d19fabb23915a4e6b473b1fee95b68e5f74a1d3830cd3875859b4fa755a4fd9119f16dcec0f381e676cfd5a26b35c82ddcd300acd05a169b703e6cce39548de36c9eb26e1c888944164957387d0fd5fd4205f20785663858b8072b1e41044bbf84838829d5867a00490b9e547e3b7562f2cb1b866e1f032a09110166e31c522ab21eab4357012e74938c4b5c21a1a4dfd32f8c8dba7c7259087b8f19d71f94fe0476176f364d8bfa135c737253454ff96e38b628776b8fc10e05badcdf731d23e948bad72df75c3cbf14c38d745a25cc81e635e3dd46da05226a263c3000beea6dc6430085b622e90a59fc19835c3b74ecc26273620756684ceb37c2204051170adc21d0485c3f5e2356ae7562f02611fa57ebdeb0b632b96d0ad2ec503fd1c06a227b3705fb906dbc059ae84814dd61c77d5a0e0b96e3f48a0e1ad7f1f2ed564d50f683dc89bbedf99ec0335d51cee3806b12ece600e13bdadd445a2bf7f28db90052a523c28feac941ee550bfc6246a5a85dc2c7bad637e0f729b37bc73471dbae1b643e5d87e259131020605ab502b9ef0c17cbb657c53f069823efc4217fffb3d691e8873299d8266721d51c758b4078598c9c1d11d2685370d155ec5ef84b6a5d201675861ceaf658d4109f92a9e72fd83253082e1a5380600c8c36ea35457d8785e1185083dac9dcf8db9597d3a08d8dbb2611ff62d6991a8bef98e666ffcb46266fbcb8ee19f69dc369cb0b03abf5dc43e395391d7e52041bc3bb0495b3121c3a4a76f03c35d48ddbd7305bfba80e75a765d43ef16da9cc8faf3ef743c794466c52fb90ac730b8b2ada23faa3a55eded6793231f7b2518c69a37387b84b19ffa982c705eac7d6ecc0e57b017291ef6990e3a2f05fe09a314ece9b501d4f222140a2faa25261ef1aed3f31bc51c3673af200c1b3c8c858f0855d9bdfe9ea95e4443525991bbd50dc52460d0c10f8562bc2cd5fe0308f745b0bceb6fcabbc1081a1d14e935c03dfc9817e5dc5107abe901bb975f07b3818d495a1b38ddb4c47aa0a9dff86ba18d34044e6594daf49d792fff17da9f721084f8dbfce2614317fc7834ae807ecab516e7da751489558b3a5c649380854db75b657d5196e430fa64d6259875ead90cebe3120ed3a98447a45556a73ebc2f508e3b3b56cb2e5eb5fceefc1dc84ad1867567698266b42de80f67fe1f0f82d40e2d48d4779b26594cc8048cca2a209c88718a33555c38f26892455a3c808b3e3a6ad49ccfa23a609460db1f7928fe6f330626a662cdeddb0a14b643600f0db1f67d88d604ba544dee6c9ec18f23c066a0ecd51e1a78d167d3ec360effa37c661b40d911e13ab1454541851d0047a4e6074d3f81b87d3449b413d86e323c01aa5ec67683733f05e421dee3f6ee0692115f74f21094860d2b3f6ee9eb7a74014e852bacad1ed98fde6834a1230b8f16ce28c0232ff1df788f91ca8f0bdc53307b8a46eb4022c038f410214d09c68888081a6f08431827e03a2a5456ab6361098df0ef106c9112f18c917f97836725d01388d06e0637cba404ebdcfb45320a2ab10499b4c8d512882fc5caa5ce0d15982edaa1d03fb872e8b61b833d3f02bbdb3c894bfbd7a9910ce11eb95da485a88dafe60076c15458aa25ef3fda187a1364860dd207c0709767b344c8895d06b66f88a37db7dff8d42d6bc2acf1ea5f1ce6f9e9a273f0c84e0e8dcc9cb0f4af2d1968ef88961b80865bda7db91ec44d7797e6e62be3c77f6f5945ca04eb9f0154d016d5e4bdeb2b0f9c2f814920e10c7588eab1c859117ca0718be186cdaf7b7c2e949fe4818300a188f59e45d77a51efb0a9d89a9f99a5bf7e40d591d85b4b65298e4f223f00e9e4d6045d0e3a10c620859bdb4d5500344be5d2e9fbde2f01bd899b2c5932a85093aebd734eb20ca16f6efcd0ef26e453a3684db3643eb1631061dcca69cf525f117300135f0a4820651322c6ab72465f4fb114a50e990e3743e71df915c9b4435cdc4bc1d63ffc942132cd1cf8cc80aae9099e609dbb18f9e1c60c178e864a5bea1040b4e95fee935285ac7930c52a71c427278eca43f2120bb0fe2ee7972aacdc6d3002c8aee37aae7b8379c290b2fe4fb1c3eb7b9494c4dc55cdfbf4b77d217ac6d72c00acb01822c22fd8ac972fff63fef88edc638f8de8185beb7edb10afec1f344c4a46ab59408fd1bf46da0cadf7fab69d70da53b08d883312027d867dc708a2d60a9dd210f2ac53ea5288bbdd33737a9d1f34bc8f48aedad9f5792bda6dbe2da86c2ad54b0c78e0e9d1a97b612f4067a623005089352501cc4e6237fb5352c418d5c36f5ea1299df8053610ff37c6de68262744323d77e31f1551b86c04178c96d4e662d6ec3421a09661033ad4462a23550cee84e70e3019278d81410ff0098ee5604bfc32afdb688da229baac6fda3ae620b27602af50f1b34d0b41f71c1f441a5b6ec067503b0a8ae2f0e33d0b45d647252552cedeb9888ddab3c4d45c1a4a021afe1ec1c4ab0ff0fb5dbba385a9415e8cb5fc9927bfdebd93de14c4971e5e88dd493736125cf657e859c0a3df6c138e91014ddf556dae5333797a9b189c6f9a447c93f7b2d99504a3fcffb84a5fa577e2b13e678f08f072f3eaace5499e246b4c823efea98ec52517072870dcd3f35512dfdd37981fbba8e7429bad74a918eb179a8c4f8757423919371e7cd978eaf1ca264c2b4cecf629bb6c9e5d7b498e3808029e002a1cc4cd8001d69ee2598643b25be14a898121927afa0d239e4321dae55b4d9b1ba53d2b90b44e1710db107b74cb314d34ef33789727a2026d04b14bb017a23cb7c8300fee87d5a967a5a00644c1d52fa17c4c3cd605cfe96f01ba40ffa7a52d4885a97929e2d7298fac9cde983af32322b6afc19755d04932a024a45622b671980109fe3034ae9b815aecc5e328d6d57c5c179553924329b21243b4196a241b7877ed86b388f7a8906f242f9bc8e9819ef75c712f48089701554031351ad55a5c2628b398fefe40c8003ad728c5bb8f6f64e667843bc3b928e4ee76bcfdffc31e94fe59b7cffd1e386b3001fe6471d8841278e912ba4e0d7c32aa4ef338977963f2c14459fa23715871c55f2ac2a22cc9e7099cbc29aca43d314104f7463aa006a8a27ed229ea90e213b32c95c0b78040a41dac51b66bfa9a4989ed77b0b2114ceb6df08c176aa04169a011a469fbcd5b6792c3d43aff49cb2e0606f6db136c09d87674e028fd37d56ff9ac55e0f31efa4ccfd93bc0d5341db8a2d1ce5ebd2628b2c676c991321b621ee28726c18bae3a2a5a73a09a5af38b680c37ad71b051d0cd867643e83975670c92676ffd6277fb4d0c33403d06f7f21de22d76a84fe3b607a0250b1f22127ded8756b265f788cbda44e554b002eeca5d3b0622e78f284ce86c76f47f108154b7457baa011f3a3b340a1d0ca277f853f32ad050a78c0ffeb39ecfbd26630c5ec0b039ef7ac5deb63183fea1341b6b6cc0c160bc0420a0dd65035515539c3ec787d324a66ef80a5a9b8c819b7a2bb9ea3a98d14be83dc87cbac5b41ec7d280140a13c89ba6099db301d1e0f584d8c4f29a1f59412421c1f82f44083807c209ea44a68f3e1358b1336857ef1bcb1fc09b1e0fcde3381ad1eda3a5ede702e4b7d51f14b25ad88de858a2e6449eb415a846b0cfb8d0ae2cc177700f81a83730e6e084df7352969e64b2fa410a32993f58903c0990c39b8df17d3785224d468ddf6bbc3d13aceb3d6554d72cae7bd4a5b02cff0201ccfac1b426a4644f1b146f5f8661ceb22713c3cad94725c8a7d02acd5f40e66213fa7563ddef29bee2a99e470b96b0e650ee8ee27b445694e1d1a05e53659b8bcfffdefa9909183cc92a36c9efb86bfcb277596fc50ada7f413c0ce5e7ee648ed923260492b19885bf4eb787d7ecd3510f15c10ffe6cd7d14257628dd90fe41931dd3a8a9f307409896e1b8d876e615602c6d023897706c90a4cfb9ed76c1ddff939fa196fca7ad8d82d9ae8ef71a4c67476435af3d06891c10aafa748b72f80a4ce84a549fbdf8b219517acfd851c62aee3268f03d796274c7c0d74c1d95d3ed880ea35d3a76e1dddce2c87348786649ad518f12f00a5db5263a70d324999be93f6caf941e37fbac08edd3d88aeaabf1508781aeff4cae31b23ced8065a4e86e5ee1252b007ff884e63c338111b5a1131ad69a7a0ce8211a6c31f4cdd744b14f1cf824f78ad4e978b4f43b757ed48310d9d2b88b8944f595b065355468aa0b3ccb058d43c26ee8162893810db55f7683d2ff841d20aab2f49e1640d939638299d7389df6ea2d5ad994861c83b7f82160e0683bfed45d8a9c8dffa5e9b55a418b0952c4b0c582f76a57c5c5674214782d1823ea0470f9a399d7dde6a14d66e44010e3538ef8ec7bb31b06ffd4226b278b710518f1fedab126e5521f30f6a2d0b62e89dadee66dee532d8d41fd905b91468d75cb51fda2b0199e799db357aaf10247f8949e62ca965f1d9600a9f8a76fb66a4ec1e45d4dfb93675f1a87f9d22fa14c642ed19ece41335b220f2ccc9c88deb21eaf05690491db36fb61cb5953ee8dd1dff07269208a98a230dda82e88733fab9509be6639ff9a8a3460bb9555157373a9eb313e007da88181a9745ab291b8a25f0aa2cb7ee40efb4e5eb802df9b4e24509c75be717a10b45fa4404c6fe7b31d23aaebbbda44dcc2cc3928b620aabcc4f771dc7947b59daf5e49fb5b13bee641f639ce0ebbb3286363aa12a41540c225b3f081fda83f1eb5bb065a53b2a8f6c105bafe280bef4d84f73f60da4d1291e925731a4bfd50026893d67839c20f25b7a3f64f52975be7c25a1877d77478b8b8134c57c6d2e043c6555bb6927142b972c3c70a3a7807f83c5f110fcba676248731ac51078580b1a2f605adb892e9b419f1d9509eb4fb9c5f3fd92e47dae7cb3596e6d04c182834e6ba1d37f139b4f89c95113a77c2c1f802b6ce1624cefca77918047582b694ee5d7da62d97efe090a09b6a3e6723cf09714adfa91bd7dce2f6ec35d53db92d7bc779d260372518d57c973cd07f890c6d9ca234116560c1773a7320aea412b04341c29b32254caed021817a12e9dc00740e76b13aad96dd43544ae873175c05982288134aa8460002515ba8779497ffad9699ad248c11556ec8228e2668845b3e64a2d202b6ca76fc89eaacaa6568ea1b9f0aa6b80ba0876ea58441feba47fc37a0d5a4a0c313bcd5a49de1317eb0498d3f17104c46e0674280be32f5c691b5fd9748e37fc0a00a12022559a411402365c37f74cdf90311cdd4d810929f2f8cfedd690ac1fc52e0d51303e43b070fcf8314537ec4a7d97aa19944a5496e919c72b9bbf0addea5855dc99893e0e6236960ee7cc9d496ddbbb040c9773739ae79d9a5cc95aa119a3210d5e18c7f3d9953050929fe2adedc7df10085c057f95473c6bde947df47a4d17c9a934b95aedf0bff303051428610cd57ed321dea4b0ce12684c0803ad5efacebb7a826a6be3732242d67839f86f99a17dcfe5befd3f903";
-        String expectedSig3 = "00000002e562f6fc4309848d94edc37e66c4fa704a494576668583b3325e859eb7c67c9f74ad76223a4a61b8f9d6bf9f9d64b74b6a8f41f64ceb5c9166787bec71f1c55119aa1025f6d9136555740a82467b8618bec24f91cc75ecb4d6dd714908847debf0185505d51b9e64c8dc9276186e7dfc6038ea0c686404401d17b5670a50002722097181934ec58ec3d871bb206f4009857a2bfb810d4005b9dd5b32da5a0df79c8d895a97e163947fc96792b806041dbe480a83b0f6c015967961173ccff05eaa59284736ef2309792c04acf3eed3b9840c45cc03ebc337e9a3c7a853f23f9488c91f27fe7440fba480e6955fc32ed4002aed645a61713b0569bbb40e17b648d67b539fc4ae94498ed6e7a8773492c6cf1d76820fde249b3574b50d9ff1f52e36f87389ee9f821d0a41bd3d224a9d12f0bf9fa54692b477c1b4fe7c88ad0191084cf0bde10db91ed8d3e639503b5a919640f63ce9c7008030a10759ad2f029a54d37c8505af0eb90e8e712e7d0276ddc439873d2c73bd75dddb936c6ab4794858d649d5bb291fe26c43bcec71f3aa11a7eb40cb8d103978cc88b9ef2a26092adaf6568ca4716bae7b7c6225feb2bd53b54685e51fe4158f534b1018d99748a2bdd8ce75361633a8a4d3cbf4c46b0b9352d89fe97797cbbddf6fbb211d845d47e4bae5a9bd752af1a055acf9dc3599f0edb292412bbb327993abb33ccee77af9fad2430d03f9d23dbace7d0081b6646ca141b3c1048967874e9f954c1d5ca23474deaf7188469983a7f80ddbcfa107edac50f032d735f38688e890dfa8944d676147a0f17e069ee4e0ed6c51e5c2311bb72786d4040d0120ee7b303f404625e6161994a34ee9a407fee7011ca90e97b54d0d458c397b8fb2c4dd4f54232bde55ff6ae23e7bce71a7096292de6f0a52993d534d513deb7309227c43cf07804af2f3eccb63e0691ec4dc38c8ed53f58822bb26101bc90437aa1c61538f48a73c4f6d0732e9f8ccee475c3d1bc28ec89328d4628a67ef167e721e09d54fb1ac4cd61bb49c0628cd99b56f8b70283f33f6148b0d14e2cb95774b3663b67261539e2b592d248289ac56ab3536fd34a43b3990dedc0052d01c4213df5995b35b0527d895ecb9a7f36da2ee3ade2181debeff39923f86982e3dae1d67edfe27facfdb8ef36ae5e14d417276a549ce352bc22911147ec791cbddf2a3f4191bf79b36221da26d7114e3c167f6d872a80ee39e5820adc14e41e25cef9300df3b93624a183c57138dc1627dbcca3e250aeb9514288d7bea14bba07f53983967cbbac39046a2b00c85b2764a2c87d52c73c1d7b267055ccd2f382f8f39d3016fb9580009a780112e53f748eda91262684512799c8648ab083dedee56fab62c5dc48172af7098e774ac7e369a6149fdc5349eb62677255f243e2c022e321b19a051d1980a35fff2d0d9cfa43afb01455b4802431abba05b6c47a73358abbb0fe2da5a5d7b70866b83dddd42148d614c049fee0d390cdf742a4f76df41a990d2013eb1c6398f4193f1409eb1ca61d3156200c01a90090e27922dc23927d621aa9cd8aa3c7368fdde0d465fd070c3090e955011fbc010d610701b12fbb230296d5b2894e18e538f566071cd5bc6c85915415be70ad983bc57081434a6d470f8322ee2a357be94d405389289aa406dcc4d0fbf58d04b4347138bda515b309fcc16c0e0428dfc9a61e821690bb059465759240c86c6633e75107f7757d89deb7d6d1774f066e37adf136ef1bd4e243299d2806e9b0104b7dff8d2ec617620170c139264697c26f43370cddf3e7d70e255f70e99db56aba6021ee7cb23ca3dfe0eafc659ba6f3318241485ce190316ce163b1e44cfaedbb9dee53e69418b070b8a910e195aaa8a5c627a1a971843aa970e5d3daa41bf628a5acb932412de7a0f757fefdb4b380650a9336a7313aacd7de945883b3807c2f96e741ffc3d04b8377d9715386084028bb4f598518ce31c64455c58dc9f8b8694109e940b9b78bfdd45dbff61d5bb17713d6774078a853241b43dce88f4dd51c07d43037864b05761f045fb3d1f45d80784334f3895beaa40c43d4edb3bf14229d438f8944276916c7b99312ad58a5e295adef49c4ae1582f4077e5e42759788dfd1bb63e1425725991c8b6bbf22597353e65908bc76be7b4f737d716d294349b4d17aad1a4c523b67fdf7c54a627d0e9d459fb9de783c1012d72ca90f58e18c84c8472bac52ea378a44105018f501ec476dd53632928df294fc7eb83d06b381295cfb2e47071d9b6f1a9bc440999771b9f2a89d06b36647dc4f787696c3f09b216f2a2f37567e39fdaa88c44fd2f1ba92969798d6812f2d43cfc7b15efaa706cd8995368b1d73b86551cca835aa6808f56fe42e34df175d653a619a3825ac15f1bab5e4139f73cd555a7319c8221dd9488b0607e9c73320968872c1ef68117f083fc54d4dc4ad87f4d3e1016db6d70dfdc427df4ec80a04ef264e5273615ba83932cbf0805f6bb31fb0d8293912fac7644cb4d8d17d38809a6bcaf27e0c06ca90d5ae6a28d2bb8e9026ddbd8699f43bef324e1bbf252d1e1d476ad4bdc5ee8966149f93471dae07dd2f46e668afa94838c63c432340e0d34fbe77434c945b620a23fb7559758def29ba646afc7b47f9ac58446afe47125e4a1b21cb9cd0e2a296cdfcc23a2bb113605c414d072ffe32cc74b9a6adb1f1045799d657dcf300ce40dd040bdfca91188d31a847d4a684da65eb9bb4ff9cd60dd99581df275e2267af6b9ff913506e39e563f63cacb06fda15c072d4192966ea623305ce759a72fa2f479cc5e46826c297f531e79b8da89b10ef955043aef04976338a9719cb650ba8ca4410f9436e975fe88adc1e66d6c9d2b60d378df2df934cbea13a5ccff890006279477d25e10e11ef86cabf240535e79566e5251bbcd824aea9a39dcbf450c18cebb3f4bb5a1561b1a1ce792074e6b6fa80ac3662a5b921027ca08f8ac48f0607234b7bdb707e99075e1058e2e168f6e4504d12b9d8ab956335429efadcd2db1582c5de2ab1c9a245f87efd381715e7d290ea984c9502b6d25ad570849a831dfca6d891391da1ca4130f05c610dbfc676e55f3d76f9edaedcdfe6ac6d14b7999234af814b6693a15eaf12d4684c767abef5c41c632059b04225c8484c52f856bc2d92008a924004b4606b097d39ecdff3c15d2135f0fbe30d2e81ad2e1369c282752772760928ed83820b6dda6deff91bb6349784fe45393832ed7a63e9da261525e5d53f2912f94e5a113abd635d69f61085621840bc65e252c51e29b722e4ec9211b739ccaf3d1f529ce90ababb3ade832f25b938d246087234423c06d2b67931c6b3ca9046438a54343d6c2c27d8f1b50e00100373ab18fe012b977c210df35bf469f9a0d1d6479361b5d0c0bcc9b2adb4d1795e3aa8b9bee11221f3ab5b3b09e5e021d991e1eb3e783302852493a15b7c1253cb22e1c09fa6bc8519810a00f5305798b3c2f539d8bac5d268eb3527a8b0411f4c676740540fb0a24915c53f05b4a37a9f30024756d0288e144847a2651ff8bcb40d0c2c189ba914fb25d4f413d4d0ef0bcd2c261639037cdea16394e0c42163b61366e4bcf554c291c252b10b3570e32edbc17ba223b79f323da831c83e37961cbe73cc67072bbbe1ccb009bd0c2ae4547ba9587ad05abcf479f74acbb5c7f78150714e356ec88de5176084506126f5b21b861664cedede54eeef7ae78f8a3a61dbab5438163d0190655044c9a5fc848a0ed70b04c1ef62492aa1763e981b30fd96bc84db050aa3aae1c913a2588544e45fa284424835500b183a4e6e61649f0b5fc1ed255135bdc204b2fbdfd35d1bb7e7f243b113d59c165e10f385569d3727f410b5ee0a25f25d863ea28e04d10cd67fb6b2e4792c4ff3ac8442c0f4c48c8a012d5caed2f4291f6b3f8aa94f27f075ae7118170e61b6e5eece5c088278d06d37e2171e2809f64d1a4762cec78a42e427373f63ee54f93557ddd46d093e4af86223800cc640b872ab0d4f8dcd1d86fa5805db002a86f45c50089dc292081840fc5d7f3e5bd82754452849f777d0ff6baded3ac1e8198471b241aeb2b5477aac62f2f5aa39a30580c2d233324d464499d0666793ee80ad0a03356fe077b1d23a2185b9dd122a62860b5c639de77f5d7b502c6db66a1c110dd596095ebca95c2fa003585ff1b1424732f32b1e209eab65049b6909cf5ca81e2556d0b80f8d227ad734e6a9dc5fbeb5fbcbf77cba4139d9f09e4e939280807b22b947f8edec895f1dc7b770f1c341aebffd4e1e4866e51bdb4867b30f600c6af40b86ccb2368eb8a769a879ecdd3d3bd52fcbd8503ec0f30cd4fd0cb2b51b9af3f80023d5459ab26b485a486e3c26de41898c86525dddb8917e58c374d395e85b299b5313122e95a23ed734a2b3ba6575cd8de8d61e6313c3066ccaac5d38271e93a39583f1fa01bda4a0adc14e6030fdedb5b1ba2bf071a8351dc83e9e492d68804bc4ae8d66ed93f5f8f1ead4d13394c155006f3ebba5f184b3aee9f9a0f5da94c1633ba2eafd679b8466056e41fe844f7f86e37f5bac0b69abcb4e9fd9e04f35eca9bcb68e50f28db177b84df8abb52ed988fb06aea6b95120c9a8f3dabb86ef40c99b1de25058071d0624409d540bc557b2b494ddf39ca018af1898eab2bae7693cf5542e7340e355b974c9e6309d681247cca5f5865225a21368cf41be4b0910e0df5be4f2aeea980d3b46b30bc644e6ac3e2eaaf7f3176ed9fd54b3a9d8729204006e266b35c3db40a56f999ca3a03fd6447ccbedd0ae1096c8b6f9ce462c024d22afdcaf0a3f38f8433dfbc494e98316761579e164d730b3a4cc552270d95ee97c38e02bb072cc16b88058e45ed25aa21fcef5ef55dd44406d712981cc3c670f283f80922a787ac8e1c9237700a3c38daf7a9387b4b778b96147daf7296c9929d188a205b73b8891d1a0c58b2bca842eda3064da08abf2d4e6364c1e7bcf3e35fff0ec195fe729725de5db371b033a8d5fa9a707f722477defc729bfd8c324fb9fb9331b91ebbf1ccc99b509c5c554be57ae6ad24cb5e60eb96a40e9790b8065b33168ba10514c08374d5c7b199b6dd9f0615a7914d59f19e9252648d60ad3f423e963f57fa194d7d5568c94a6a99c2a26ea037ded7e89d98568751568d0feed980ffb6d502b139daf32172af2deeb5a25928d20b12ebf4dc041094e870a9b000a94d6d63c9ab93d77cc9f1cf36b5d5f180c4a7e76bb394b78db19fc3e1d3719bbbcd8a5e377394cd7fe10013f754d5ed862a79d1fe1ec5458d5bb10e9f5310547084b2abc4d5d4f4850f268eac72dc8e3e105af4f63550b9b4d2838f0458f6b9b19da852ecf3c4de6c7b6411f7494e447af1899ef0e414938b152951553935ae512c84af5910af4892e8acdd08fe7a77a58cb601a4156fb583bda1eb00fcb1a6a95cd60f13f6248dfd46232bfb6078949b1ea583e8bf5909f57b7f9b4cdf3bf5dd7ddf1e4dba7b7aa6130da4eca58b0f9a07eebcb4019055caded4e32616b13c6b041d459bfb4c7670abf8100c5e30dd001db88f017f7fde72ed9da6928f0865b49ae73d63f6adf88d4ca7258ce4096b8221be737cfb816302a292209d4d7dd885785f51f6bdacc3ed4f9ced9a760560ed341732cd0b78ca888962d637c5d1f01682898af9ac1e56cbd4ada7c3255b3af91e5ea6b0a22f314595d85d040d0b0cfaada746620367516d410ac8e798ac07a34de6a8b6aeb219e1ecfc01e5ddf1b54cf7d32e43ffbfc34da07a6e1abefdd3dcbe814b3b3b885a5378979176d9c0968f753201746764465389ffe8aafe3a338853f6b1da6545efa803d60ecd2ad310b043e62bcb3c58bc2ac7741cc02c68f4c84e1912a67806f82392fd4264f691aec7b324324ce088e6640a894a9e5ee6e8c0a01260eab1b42bd20e004230a1182da42d6ddd57c0c3fadf31d913509e360e1684de3629f39ba8f9eaf8cf4f4ae50a60cd7585c4f5386a46aae959e2161765a65b3d8faf2abe7fb647d25f5b00a1454663e17899a92f382817787879f4d2a219d2fef19100bfef25b735de8bf8d00ce5449551a91ad0bffb6345dccc0705f9fc549ed47a1955c4ddc9aa06e4e51a165ed0ce02f771fa872a6cd82c49b8084a21e6e3b1d0ac6ca46f79b24ce72522965da32ef96f3e7a17f87282abe14c993e097d9988f016db35bda1120c0cc5317206fb659ed47e4adb17afd03a7b0572bef4d10abb0d2c9c8eff110548fd87c6ce1e46506996c0267b2af1c008c20e85c1a4f59e459ace14ac428572b7d9af57900bc5145be26ebe89f17c737c54f0a353bea5c2b5f5175793f9a34dc7b22b84760f36476be33e5a3bd5db623444c97f0256a84d4524941bf5446fd6f946cec82e8d4e47e2c48032a215dc26a664d5b7b800b6da6d6322560f7fa3ab57058ceaadcfc50e91d1581d6a8aef99325967c3f32e58782dac661c6d1c4402d654007f5bae4f41aa1accc50e378a563ea03b8892187bce7ab606e493b0e2c526398cd290d04605f351d4b927dc7f34d3a5ca8d61946d753421c58aa145931d321ff225d26c5abac68755e08af31cc40476eb4d4de8f4e225de3c48093083916d04bc6890c1bcfd07b47fc0001adb1c62c382a96da673bd7e34aa885bda8c91c19cec4f517475f58b2545c8d34176b64b499cd1daa90d2c9e63327ad5343a79e0b1ce052d72bb6c9382cfde957417a90cecc650366cd2f18217cedcce338287c48d2bcfeed7500a618a1b493aad76a442aed3be226ec7db2ba75e384b6c07799699f7ab2f6e86aa5b0bd24bc87719e700aaf66c4962a7856638e5a15a321dbfbcb0c8c38f7058f0baffe0b99fefa97e5086c3389d166753c0be24429b13786aed835bdc227e3c03e7a7c00bd34c526435ff3d6b6b4804e3f83b888a23e364fdef47ae8e0b736a77d95b1f015666d84cb79bd8b42e4cd5b37efca008e883d9cc0650f8132deec4dba392d6966390510d2fd509a1674406b4d90c0787268840e74507478dea704e8b41b7f78b163d649a27c59c75acb515ef41a8ce0f615c7ab05ea6c583b8f6aa82e837a89872d487e21bdb73dbd242628b331810fbced954e44ca161b0082ec013b019cf90782676d9b8e5b5ec63f922f1fb489a57d593e4f93afc0fa725aaa06feec21b3d81e38f57a30fe473a90efd043957dafa3f121a9f981810689bb4ec24376ae897e8f82654043ce6fa2f908ba69aa663b80b192cfc7822f1f06b655246b764593f8ac8c0d8f8bf7083298ca600a32f6cdcac230db8adf388e241b5fa008a77121ac49561429c94f2bda4177755df4d2a480cb4d7cdaae17304219179c2efafa5183a32fe5c4f7835a59e1212177af2fd6d88b87892d7d8a529e68e530dec3739a185dc56c28f0e8f77b016588c4bd4106f2c445f340c9ec4d8f618f7dc1741be067c5689c79bc0b2f8a73eec36ab8fe4d69a9f12c179cb6554f40ecfb06efe62a37e058d9d7c7a79bfc61c708f71c976443ecd9f89df77f02c64eafb76af0bde669a06436abc66fda04cc6da9a966fe16cf7da7ce6c267c8d74e3b1a9b09db419a0d52ca26b0f3b00e212d2312c0696e3e448d8644441f072ee8bed53861df320792680ff0087d460d524db562e363b8efd818b60f1274c9a7afc6b670eaa94980cc0e8b6ea5bd239e7808f1c214dec43bfb4131e9754ff83c99b954acbfb90c5b1cb7b1a297e28f1beeba26e28d3504dfc6b57e68885e5840c4f4746f280ce6b909fde4ab2ad11077ba15433ab6cfa42de6079de9210ee69097895e12ff41777dc94db76e41b59b88c1864f10be6d8aa80abad8018140a94e1c7a47e2a133f6caa56291caccd21237b122c30da82de2274aacb9ec476113daaae7bcd677a970c3c62b9b8c91cb21c9ab0108cfc4dee362f2346cafc43fcb67a0a37f2af638e1996f1e8d591aeb31c79482102dd0fa0ced6c3421e58bffa219566b735a4baf652df736a74183da30f9863876ff3da528971d67648c01a739bad1e026825b84906e2653a12ac77c24c1cd14369f426135c2029a5d9749be5f47c0d87fb953c2782a475dc406700c2b61fb7ab4faa8a3f23fc23aeb964677a1f7d55a2817b122cc9d120f5c3d751fe7fe950deb989fc13ee7d53d1052d322816b844685f122f7fa321bfb3499802aca9c564d41b39fbfff5ff777873ad1e40c509ac2016eaf08736334650d4bdb4a7c895033a16e1c44acced720fbde04982310639ea4e92bfe065ab16dd25edc4554137eeda0a37bc0a312558a8fc6f2f5c8e1a5b3d81bc75eade5a84b32f81a638fce94181bfd540a4a0b7411bd66fa199da76e10dac8abc04a3738e40ac28c4b6b0935e828b3800bd7d21f5f7ef46ee1cf05f12b6cf335c45fd4093df9d87852653a3717843f3693c240fff8ef9b26b76166ffec4b798490a9015d3ec7740465a0f42ebc2192fe2c5c74a4f428e7c9c86697aa05fb719345dd94a4784dcb9165b0f56f650d8242f89aafab44558a964671660da5aef2debc16172924bdd77cc06981478ac1859cdf0e2a24d5d3911906c7eec01d3a2f7cc6c0f05db395d7518073d7d65fa82269ca90fbed3b207beadc8ffb0547d3e321887fdeb208a9d70d1f6756c8fb7fb86fa05ac33a13c208960951922ded8cacf138b6ceed37245f960a7efddaa5d2111eeebae7de3a8704eac7ede1ca90077cc78d0b1c61bab486db05c7f728cb1a3983eb605c82ca1a36d5d4a90ecb7920862594699b3384b33fbdf22cb89ea98bad56b234cc403aa57dbd140cf0a35900d8a6d7948ef2ee5418db27a7499e37db44303ec8c5dba233c7faf1c73005a96a082c3ea5af948b3fed72386f2a460cbce949cbf9732282667ba64dba04728333f0ad5b6fa63e04b5373b8d8abb993841439aa51ef4ecff6893be4f1540985c3804afcb1d079651c03acd305da29de2b8ca4bd28cb422f11f28f43bbad5174ec7bb6dc7cb5b81afdcbbd5e9a84bda0aba6d06a92323eb34a9774c9ea3c8db37280fe7e2a1b8e9afb7844b30c07024ee283d2032df6cb3e4fe6acd1bc7dc69b75bc1015fc71ea0747a076a16101bfa4da39e647f98f753fd87d79a3fbdea6fe8739f460ca9cd2fda2a1b4596441140d42059c5e3b41e6202c8557009ead726912d8da3b728f4d98aa2cd32cb76cbacde8978f0f374fa66ecef2bbba1509d2c37df52274793a586439560be95b4ec9db4f8488165330fc97851fb2b7bbdea5e2765b2223d80783d675d52c115948fa10652869d91cd947ad9cdb27aea8c78f5ebb9e3ae6864f6fec3721412fa875d991017e3e6f56b7d440ccd1ef04daa1b896d947daea3d194591965396d0d257fe4bfb71c4b5c06a76d23fda40b603aba0557cac78062abdd6fc47647b5dcbb6fd8409ab67645dd40e28db17af59bf65694e7bd71a648461d006021cc1b76c4075cb9bd05b5f61bfa22767c6c967081f2554e046a120cedb0da59136a5d316bebd3401a91041d6d3503209e43746b9a3e5ea2dd2e64a15183f5921710659dc615545bead57d72e6336d393dd9a94c8ebfee9de0e1cb30cbb116e770f0464a2972e7eb2a8fda7dbf9acdb4bf7cb6890bf4dd2afaade4cb50e7d51fe4d95235cabb34eb63ebaff19f242834943945a4c525b4f9d5c2af0536cf3628525ca528ddf0cebf6f751313ecb64113c061f59f5b992d830242f88b9f06d8e9d5c7eb73f6f9991d393beaf70a53a83ec0c31074df4e6c99ab531ff2c2177902ab58c726b6e0ef1c69c43134760cb1b158e8bb0bcc15dc54d2a98999cdb78b33a4fa21121a46915888046e2c9d7dbc3632c4aba535b1522d7b6255d2a03cf1a216987c073e217dd997a989369a4e227d1e2b9f2462ad54cfbf31d591f9a798456f92a3097acd4d20199a4ad3e66a00faa9ce0539ba5547f107a164b6d4cc92088f64cb343651b43e67f0aa6bc0a0256d4a314cdf1906cec1857786cfe3a097ec9f3c7cd46929f1396aa9ac631a7925fe1e81179c43670d720e00ff4d5088ef3bf495c01f7b7c649e8bfa87c69749e6e2a51a99b478ff8ab7007ba5b3ca135df8699c448da129dc6140ce34bb672b05fe307bb1633c96e0dd84ae4dc1caf75b2e2b3180ced90eb79e76c1752b77ac5e3aef2f4bdef3c667df53dcb95ca1e18d6405f4b6310108c23cb2c6bfc0c17d9a9c62baa870e3fe7eff300201178fe00462244bbaadf3607e60380db37e3836035904116697af246e5a7253eaa194902f61246a76bfd41e7531bf4db33ca0a3cf8761780edb67e308c93ea5baeae71b368599f7563658c60381c3523999699e86095989b8ff6275dd20402e5b35b831efe8c4755709284c4ea09c6702b209864e63ade180ab0c7ecdb376c510c55bee53d33577a1ae32d0e6e8d714e9c6c40193ef22e771b521ffb0e246176cb09c30d28e98a439d935fd4d2f1be11548c9147425395e99bb7ee0ac880a43c9ae63ee086728e9db1d57e0324dec05f3be6ed1c4d192cf18e8a6704375ab9632ec065773a206b88eb2d1e36e428e4341ad6e300b1c49f636caafdd28b0546d6748b9211df0273ab27921f3a767efa4e0d38cffbbe2f53e77b7c888c5cd81369602d4d2b9ab3a92f8180306b7e339a18c73cec1a253c319c46e1b71ac8910a11df903cf6c4ff5b392a96b282f849819b47a919ebe9966bff73e202267cffed1deb3c9c9df6e88c4b292b8823e2efc111af20b6c25719a3db8e1451e710717d7412cbc08566d55923784fc0f4a70f903377d73b29033fc61a445fd57e2db1eb9be74334edf13dc5b9bdd9256e158ab3642b1ee3bf8b7e07747abd2114c4d8e45443e14480cd3b6998e6a4dec41290d854fe978bda36f2102506dfc7cb75950409bf174bc268e5e6f9192c9531ba98c0e66ebbb963736866e0f2ad703ee08ef9a5746e6dc76d17bcc192bf380e94a493319621e8adcbeefbe80bd0388f8dc84824471f040dbf72e1d1f068c77a695fc1dc47f18c70ee7e697f0106420e8ec0145b8670d4a3642d776ab7b90be5181a1189457afaf701afa3d4cb7e05219f9c031987f6d4c6cc49d8c5c0e6b67dc5b066f86a74d7e7bfc851af05f23d4fb477d6d4e6242bcf58f1d58a5f0f363e15833488fe98a4306efd560550eb4ee755c229f41d69b9947039ceb254fb64a24792c75be2a29c5058ce0cb89eb86647d657c146360943a29047e3fc3e84936d1d35bbc16885640d3510035eef02a36c582c86fb280292880518873d6bd44b8846bd14573c28ff95c7731bde4d3750dff967d336526773dc809657e589c023a96fb23bf79fd41539195abd3e21f538aba3da6b8b276dc69cb9938e57bfd19ee4ca34141a86fd509644c32dd237bdf26538f52ab287570e35ac0ae86e62dcbdc8a3f1c8ad4ac0a756226439b80ed2f3b5664e9093ba4514ad52da6f1f863b67f4a21ca1863662a266920dd7750dd863f22ede785775b89002daca5c8f00e31c0f9c4b2716481d5830269172e3596907aac87f4e81ef66cfd976e523905534c13fd9f006342d4ee39584f7c196f8c6db1d59693229e4010037302f978b2d8ab5079ea1ef4f431bb9e11ecacdf9f58ebfbc24c50f542911a9b950491bd4a6593aed15177981a94e0723a2dba5dd63fb87cf6d475bfa42d0df7d0fc5b3b1bf9621066c1f32a45061363c3175074fed91377556c63e104186f7609b5a06e4c3902a8404e295929d4d786c15a48be408d8745d9674873c5a7ad4756e41e64188016191e8da12aa4b30238b29e4d784e8950e808931f12424fe4dad6d8cb0bb55e8c0440e0148f04d50b06acd17af3a47854344b9a32a471853b0ded34b056bdc956318cc494f920330d23606698bde3caf30fafe14287fd4b2351bdaacf2cd76b30c90ef07a13dfd40e63f8ad23050b3819d08e6aeca55193b23b0e748b9b358aadb3ed7d1e2affac941f7be7fa35005ccfeb02929320d8db088245cf16f5bf811a90b37f8e30c7ee4c8ff0aa018a109e544f5c51e844152315da766f4c19033796bc9e21e981264f9f118947f1775acf373800c77a063be4473994d511c1e4919047f00e988c8912a8647fdde6c3a8a632026893d67839c20f25b7a3f64f52975be7c25a1877d77478b8b8134c57c6d2e043c6555bb6927142b972c3c70a3a7807f83c5f110fcba676248731ac51078580b1a2f605adb892e9b419f1d9509eb4fb9c5f3fd92e47dae7cb3596e6d04c182834e6ba1d37f139b4f89c95113a77c2c1f802b6ce1624cefca77918047582b694ee5d7da62d97efe090a09b6a3e6723cf09714adfa91bd7dce2f6ec35d53db92d7bc779d260372518d57c973cd07f890c6d9ca234116560c1773a7320aea412b04341c29b32254caed021817a12e9dc00740e76b13aad96dd43544ae873175c05982288134aa8460002515ba8779497ffad9699ad248c11556ec8228e2668845b3e64a2d202b6ca76fc89eaacaa6568ea1b9f0aa6b80ba0876ea58441feba47fc37a0d5a4a0c313bcd5a49de1317eb0498d3f17104c46e0674280be32f5c691b5fd9748e37fc0a00a12022559a411402365c37f74cdf90311cdd4d810929f2f8cfedd690ac1fc52e0d51303e43b070fcf8314537ec4a7d97aa19944a5496e919c72b9bbf0addea5855dc99893e0e6236960ee7cc9d496ddbbb040c9773739ae79d9a5cc95aa119a3210d5e18c7f3d9953050929fe2adedc7df10085c057f95473c6bde947df47a4d17c9a934b95aedf0bff303051428610cd57ed321dea4b0ce12684c0803ad5efacebb7a826a6be3732242d67839f86f99a17dcfe5befd3f903";
-        assertEquals(true, Arrays.areEqual(Hex.decode(expectedSig1), sig1));
-        assertEquals(true, Arrays.areEqual(Hex.decode(expectedSig2), sig2));
-        assertEquals(true, Arrays.areEqual(Hex.decode(expectedSig3), sig3));
-    }
-
-    public void testVerifySignatureSHA256()
-    {
-        XMSSParameters params = new XMSSParameters(4, new SHA256Digest());
-        XMSS xmss = new XMSS(params, new NullPRNG());
-        xmss.generateKeys();
-        byte[] msg1 = new byte[1024];
-
-        for (int i = 0; i < 3; i++)
-        {
-            byte[] publicKey = xmss.exportPublicKey();
-            xmss.sign(msg1);
-            byte[] signature = xmss.sign(msg1);
-            try
-            {
-                assertEquals(true, xmss.verifySignature(msg1, signature, publicKey));
-            }
-            catch (ParseException ex)
-            {
-                ex.printStackTrace();
-                fail();
-            }
-            byte[] msg2 = new byte[1024];
-            msg2[0] = 0x01;
-            try
-            {
-                assertEquals(false, xmss.verifySignature(msg2, signature, publicKey));
-            }
-            catch (ParseException ex)
-            {
-                ex.printStackTrace();
-                fail();
-            }
-        }
-    }
-
-    public void testVerifySignatureSHA512()
-    {
-        XMSSParameters params = new XMSSParameters(4, new SHA512Digest());
-        XMSS xmss = new XMSS(params, new NullPRNG());
-        xmss.generateKeys();
-        byte[] msg1 = new byte[1024];
-
-        for (int i = 0; i < 3; i++)
-        {
-            byte[] publicKey = xmss.exportPublicKey();
-            xmss.sign(msg1);
-            byte[] signature = xmss.sign(msg1);
-            try
-            {
-                assertEquals(true, xmss.verifySignature(msg1, signature, publicKey));
-            }
-            catch (ParseException ex)
-            {
-                ex.printStackTrace();
-                fail();
-            }
-            byte[] msg2 = new byte[1024];
-            msg2[0] = 0x01;
-            try
-            {
-                assertEquals(false, xmss.verifySignature(msg2, signature, publicKey));
-            }
-            catch (ParseException ex)
-            {
-                ex.printStackTrace();
-                fail();
-            }
-        }
-    }
-
-    public void testImportStateSHA256()
-        throws IOException, ClassNotFoundException
-    {
-        XMSSParameters params = new XMSSParameters(4, new SHA256Digest());
-        XMSS xmss1 = new XMSS(params, new NullPRNG());
-        xmss1.generateKeys();
-        byte[] msg1 = new byte[1024];
-        byte[] msg2 = new byte[2048];
-        byte[] msg3 = new byte[3096];
-        Arrays.fill(msg1, (byte)0xaa);
-        Arrays.fill(msg2, (byte)0xbb);
-        Arrays.fill(msg3, (byte)0xcc);
-        byte[] signature1 = xmss1.sign(msg1);
-        byte[] signature2 = xmss1.sign(msg2);
-        byte[] exportedPrivateKey = xmss1.exportPrivateKey();
-        byte[] exportedPublicKey = xmss1.exportPublicKey();
-        byte[] signature3 = xmss1.sign(msg3);
-
-        XMSS xmss2 = new XMSS(params, new NullPRNG());
-
-            xmss2.importState(exportedPrivateKey, exportedPublicKey);
-
-        byte[] signature4 = xmss2.sign(msg3);
-        assertEquals(true, Arrays.areEqual(signature3, signature4));
-        xmss2.generateKeys();
-        try
-        {
-            assertEquals(true, xmss2.verifySignature(msg1, signature1, exportedPublicKey));
-            assertEquals(true, xmss2.verifySignature(msg2, signature2, exportedPublicKey));
-            assertEquals(true, xmss2.verifySignature(msg3, signature3, exportedPublicKey));
-            assertEquals(false, xmss2.verifySignature(msg1, signature3, exportedPublicKey));
-            assertEquals(false, xmss2.verifySignature(msg2, signature3, exportedPublicKey));
-        }
-        catch (ParseException ex)
-        {
-            ex.printStackTrace();
-            fail();
-        }
-    }
-
-    public void testImportKeysSHA512()
-        throws IOException, ClassNotFoundException
-    {
-        XMSSParameters params = new XMSSParameters(4, new SHA512Digest());
-        XMSS xmss1 = new XMSS(params, new NullPRNG());
-        xmss1.generateKeys();
-        byte[] msg1 = new byte[1024];
-        byte[] msg2 = new byte[2048];
-        byte[] msg3 = new byte[3096];
-        Arrays.fill(msg1, (byte)0xaa);
-        Arrays.fill(msg2, (byte)0xbb);
-        Arrays.fill(msg3, (byte)0xcc);
-        byte[] signature1 = xmss1.sign(msg1);
-        byte[] signature2 = xmss1.sign(msg2);
-        byte[] exportedPrivateKey = xmss1.exportPrivateKey();
-        byte[] exportedPublicKey = xmss1.exportPublicKey();
-        byte[] signature3 = xmss1.sign(msg3);
-
-        XMSS xmss2 = new XMSS(params, new NullPRNG());
-
-            xmss2.importState(exportedPrivateKey, exportedPublicKey);
-
-        byte[] signature4 = xmss2.sign(msg3);
-        assertEquals(true, Arrays.areEqual(signature3, signature4));
-        xmss2.generateKeys();
-        try
-        {
-            assertEquals(true, xmss2.verifySignature(msg1, signature1, exportedPublicKey));
-            assertEquals(true, xmss2.verifySignature(msg2, signature2, exportedPublicKey));
-            assertEquals(true, xmss2.verifySignature(msg3, signature3, exportedPublicKey));
-            assertEquals(false, xmss2.verifySignature(msg1, signature3, exportedPublicKey));
-            assertEquals(false, xmss2.verifySignature(msg2, signature3, exportedPublicKey));
-        }
-        catch (ParseException ex)
-        {
-            ex.printStackTrace();
-            fail();
-        }
-    }
-
-    public void testRandom()
-        throws IOException, ClassNotFoundException
-    {
-        XMSSParameters params = new XMSSParameters(4, new SHA512Digest());
-        XMSS xmss1 = new XMSS(params, new SecureRandom());
-        xmss1.generateKeys();
-        byte[] publicKey = xmss1.exportPublicKey();
-        byte[] message = new byte[1024];
-
-        for (int i = 0; i < 5; i++)
-        {
-            xmss1.sign(message);
-        }
-        byte[] signature = xmss1.sign(message);
-        assertTrue(Arrays.areEqual(publicKey, xmss1.exportPublicKey()));
-        try
-        {
-            xmss1.verifySignature(message, signature, publicKey);
-        }
-        catch (ParseException e)
-        {
-            e.printStackTrace();
-            fail();
-        }
-        assertTrue(Arrays.areEqual(publicKey, xmss1.exportPublicKey()));
-        xmss1.sign(message);
-        byte[] privateKey7 = xmss1.exportPrivateKey();
-        try
-        {
-            xmss1.verifySignature(message, signature, publicKey);
-        }
-        catch (ParseException e)
-        {
-            e.printStackTrace();
-            fail();
-        }
-        assertTrue(Arrays.areEqual(privateKey7, xmss1.exportPrivateKey()));
-        byte[] signature7 = xmss1.sign(message);
-
-        xmss1.importState(privateKey7, publicKey);
-
-        byte[] signature7AfterImport = xmss1.sign(message);
-        assertTrue(Arrays.areEqual(signature7AfterImport, signature7));
-
-        XMSSParameters params2 = new XMSSParameters(4, new SHA512Digest());
-        XMSS xmss2 = new XMSS(params2, new SecureRandom());
-        try
-        {
-            boolean valid = xmss2.verifySignature(message, signature7, publicKey);
-            assertTrue(valid);
-            valid = xmss2.verifySignature(message, signature, publicKey);
-            assertTrue(valid);
-        }
-        catch (ParseException e)
-        {
-            e.printStackTrace();
-            fail();
-        }
-
-        XMSS xmss3 = new XMSS(params, new NullPRNG());
-
-            xmss3.importState(privateKey7, publicKey);
-
-        byte[] signatureAgain = xmss3.sign(message);
-        assertTrue(Arrays.areEqual(signatureAgain, signature7));
-    }
-
-    public void testBDSImport()
-        throws IOException, ClassNotFoundException
-    {
-        XMSSParameters params = new XMSSParameters(4, new SHA256Digest());
-        XMSS xmss = new XMSS(params, new SecureRandom());
-        xmss.generateKeys();
-        byte[] exportedPrivateKey = xmss.exportPrivateKey();
-        byte[] exportedPublicKey = xmss.exportPublicKey();
-
-        xmss.importState(exportedPrivateKey, exportedPublicKey);
-
-        byte[] sig1 = xmss.sign(new byte[1024]);
-
-        xmss.importState(exportedPrivateKey, exportedPublicKey);
-
-        byte[] sig2 = xmss.sign(new byte[1024]);
-        assertEquals(true, Arrays.areEqual(sig1, sig2));
-        try
-        {
-            xmss.importState(exportedPrivateKey, exportedPublicKey);
-        }
-        catch (Exception ex)
-        {
-        }
-        xmss.sign(new byte[1024]);
-        byte[] sig3 = xmss.sign(new byte[1024]);
-        assertEquals(false, Arrays.areEqual(sig1, sig3));
-        try
-        {
-            xmss.importState(null, exportedPublicKey);
-            fail();
-        }
-        catch (Exception ex)
-        {
-        }
-        try
-        {
-            xmss.importState(exportedPrivateKey, null);
-            fail();
-        }
-        catch (Exception ex)
-        {
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSUtilTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSUtilTest.java
deleted file mode 100644
index 5e11b19..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/test/XMSSUtilTest.java
+++ /dev/null

@@ -1,208 +0,0 @@
-package org.bouncycastle.pqc.crypto.test;
-
-import java.math.BigInteger;
-import java.util.Arrays;
-
-import junit.framework.TestCase;
-import org.bouncycastle.pqc.crypto.xmss.XMSSUtil;
-import org.bouncycastle.util.Pack;
-
-/**
- * Test cases for XMSSUtil class.
- * 
- */
-public class XMSSUtilTest
-    extends TestCase
-{
-
-    public void testLog2()
-    {
-        assertEquals(3, XMSSUtil.log2(8));
-        assertEquals(3, XMSSUtil.log2(10));
-        assertEquals(26, XMSSUtil.log2(100010124));
-    }
-
-    public void testIntToBytesBigEndian()
-    {
-        byte[] b = XMSSUtil.toBytesBigEndian(1, 4);
-        assertEquals(4, b.length);
-        assertEquals((byte)0x00, b[0]);
-        assertEquals((byte)0x00, b[1]);
-        assertEquals((byte)0x00, b[2]);
-        assertEquals((byte)0x01, b[3]);
-        b = XMSSUtil.toBytesBigEndian(1, 6);
-        assertEquals(6, b.length);
-        assertEquals((byte)0x00, b[0]);
-        assertEquals((byte)0x00, b[1]);
-        assertEquals((byte)0x00, b[2]);
-        assertEquals((byte)0x00, b[3]);
-        assertEquals((byte)0x00, b[4]);
-        assertEquals((byte)0x01, b[5]);
-        b = XMSSUtil.toBytesBigEndian(1, 32);
-        assertEquals(32, b.length);
-        for (int i = 0; i < 31; i++)
-        {
-            assertEquals((byte)0x00, b[i]);
-        }
-        b = XMSSUtil.toBytesBigEndian(12345, 5);
-        assertEquals(5, b.length);
-        assertEquals((byte)0x00, b[0]);
-        assertEquals((byte)0x00, b[1]);
-        assertEquals((byte)0x00, b[2]);
-        assertEquals((byte)0x30, b[3]);
-        assertEquals((byte)0x39, b[4]);
-    }
-
-    public void testLongToBytesBigEndian()
-    {
-        byte[] b = XMSSUtil.toBytesBigEndian(1, 8);
-        assertEquals(8, b.length);
-        assertEquals((byte)0x00, b[0]);
-        assertEquals((byte)0x00, b[1]);
-        assertEquals((byte)0x00, b[2]);
-        assertEquals((byte)0x00, b[3]);
-        assertEquals((byte)0x00, b[4]);
-        assertEquals((byte)0x00, b[5]);
-        assertEquals((byte)0x00, b[6]);
-        assertEquals((byte)0x01, b[7]);
-        b = XMSSUtil.toBytesBigEndian(1, 10);
-        assertEquals(10, b.length);
-        assertEquals((byte)0x00, b[0]);
-        assertEquals((byte)0x00, b[1]);
-        assertEquals((byte)0x00, b[2]);
-        assertEquals((byte)0x00, b[3]);
-        assertEquals((byte)0x00, b[4]);
-        assertEquals((byte)0x00, b[5]);
-        assertEquals((byte)0x00, b[6]);
-        assertEquals((byte)0x00, b[7]);
-        assertEquals((byte)0x00, b[8]);
-        assertEquals((byte)0x01, b[9]);
-        b = XMSSUtil.toBytesBigEndian(1, 32);
-        for (int i = 0; i < 31; i++)
-        {
-            assertEquals((byte)0x00, b[i]);
-        }
-        assertEquals((byte)0x01, b[31]);
-        b = XMSSUtil.toBytesBigEndian(12345, 9);
-        assertEquals(9, b.length);
-        assertEquals((byte)0x00, b[0]);
-        assertEquals((byte)0x00, b[1]);
-        assertEquals((byte)0x00, b[2]);
-        assertEquals((byte)0x00, b[3]);
-        assertEquals((byte)0x00, b[4]);
-        assertEquals((byte)0x00, b[5]);
-        assertEquals((byte)0x00, b[6]);
-        assertEquals((byte)0x30, b[7]);
-        assertEquals((byte)0x39, b[8]);
-    }
-
-    public void testLongToBytesBigEndianOffsetException()
-    {
-        try
-        {
-            byte[] in = new byte[8];
-            Pack.longToBigEndian(1, in, 1);
-            fail();
-        }
-        catch (Exception ex)
-        {
-        }
-    }
-
-    public void testLongToBytesBigEndianOffset()
-    {
-        byte[] in = new byte[32];
-        Pack.longToBigEndian(12345, in, 5);
-        assertEquals((byte)0x00, in[0]);
-        assertEquals((byte)0x00, in[1]);
-        assertEquals((byte)0x00, in[2]);
-        assertEquals((byte)0x00, in[3]);
-        assertEquals((byte)0x00, in[4]);
-        assertEquals((byte)0x00, in[5]);
-        assertEquals((byte)0x00, in[6]);
-        assertEquals((byte)0x00, in[7]);
-        assertEquals((byte)0x00, in[8]);
-        assertEquals((byte)0x00, in[9]);
-        assertEquals((byte)0x00, in[10]);
-        assertEquals((byte)0x30, in[11]);
-        assertEquals((byte)0x39, in[12]);
-        for (int i = 14; i < in.length; i++)
-        {
-            assertEquals((byte)0x00, in[i]);
-        }
-        in = new byte[32];
-        Pack.longToBigEndian(12345, in, 24);
-        for (int i = 0; i < 24; i++)
-        {
-            assertEquals((byte)0x00, in[i]);
-        }
-        assertEquals((byte)0x00, in[28]);
-        assertEquals((byte)0x00, in[29]);
-        assertEquals((byte)0x30, in[30]);
-        assertEquals((byte)0x39, in[31]);
-    }
-
-    public void testBytesToIntBigEndianException()
-    {
-        byte[] in = new byte[4];
-        try
-        {
-            Pack.bigEndianToInt(in, 1);
-            fail();
-        }
-        catch (Exception ex)
-        {
-        }
-    }
-
-    public void testBytesToIntBigEndian()
-    {
-        byte[] in1 = {0x00, (byte)0xff, 0x00, (byte)0xff};
-        int out = Pack.bigEndianToInt(in1, 0);
-        assertEquals(16711935, out);
-        byte[] in2 = {(byte)0xab, (byte)0xcd, (byte)0xef, (byte)0xaa};
-        out = Pack.bigEndianToInt(in2, 0);
-        assertEquals("2882400170", new BigInteger(1, in2).toString());
-        byte[] in3 = new byte[100];
-        Arrays.fill(in3, (byte)0xaa);
-        for (int i = 35; i < 39; i++)
-        {
-            in3[i] = (byte)0xff;
-        }
-        out = Pack.bigEndianToInt(in3, 35);
-        assertEquals(new BigInteger("4294967295"), BigInteger.valueOf(out & 0xffffffffL));
-    }
-
-    public void testBytesToLongBigEndianException()
-    {
-        byte[] in = new byte[10];
-        try
-        {
-            Pack.bigEndianToLong(in, 3);
-            fail();
-        }
-        catch (Exception ex)
-        {
-        }
-    }
-
-    public void testBytesToLongBigEndian()
-    {
-        byte[] in1 = {0x00, (byte)0xff, 0x00, (byte)0xff, 0x00, (byte)0xff, 0x00, (byte)0xff};
-        long out = Pack.bigEndianToLong(in1, 0);
-        assertEquals(71777214294589695L, out);
-        byte[] in2 = {(byte)0xff, (byte)0xff, (byte)0xff, (byte)0xff, (byte)0xff, (byte)0xff, (byte)0xff, (byte)0xff};
-        out = Pack.bigEndianToLong(in2, 0);
-        assertEquals("18446744073709551615", new BigInteger(1, in2).toString());
-    }
-
-    public void testCalculateTau()
-    {
-        int height = 10;
-        for (int index = 0; index < (1 << 10); index += 2)
-        {
-            assertEquals(0, XMSSUtil.calculateTau(index, height));
-        }
-        assertEquals(9, XMSSUtil.calculateTau(511, height));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/util/PrivateKeyFactory.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/util/PrivateKeyFactory.java
deleted file mode 100644
index 34fdf6c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/util/PrivateKeyFactory.java
+++ /dev/null

@@ -1,165 +0,0 @@
-package org.bouncycastle.pqc.crypto.util;
-
-import java.io.IOException;
-import java.io.InputStream;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.bc.BCObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-import org.bouncycastle.pqc.asn1.SPHINCS256KeyParams;
-import org.bouncycastle.pqc.asn1.XMSSKeyParams;
-import org.bouncycastle.pqc.asn1.XMSSMTKeyParams;
-import org.bouncycastle.pqc.asn1.XMSSPrivateKey;
-import org.bouncycastle.pqc.crypto.newhope.NHPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.qtesla.QTESLAPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.sphincs.SPHINCSPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.xmss.BDS;
-import org.bouncycastle.pqc.crypto.xmss.BDSStateMap;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMTParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMTPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSUtil;
-import org.bouncycastle.util.Pack;
-
-/**
- * Factory for creating private key objects from PKCS8 PrivateKeyInfo objects.
- */
-public class PrivateKeyFactory
-{
-    /**
-     * Create a private key parameter from a PKCS8 PrivateKeyInfo encoding.
-     * 
-     * @param privateKeyInfoData the PrivateKeyInfo encoding
-     * @return a suitable private key parameter
-     * @throws IOException on an error decoding the key
-     */
-    public static AsymmetricKeyParameter createKey(byte[] privateKeyInfoData) throws IOException
-    {
-        return createKey(PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(privateKeyInfoData)));
-    }
-
-    /**
-     * Create a private key parameter from a PKCS8 PrivateKeyInfo encoding read from a
-     * stream.
-     * 
-     * @param inStr the stream to read the PrivateKeyInfo encoding from
-     * @return a suitable private key parameter
-     * @throws IOException on an error decoding the key
-     */
-    public static AsymmetricKeyParameter createKey(InputStream inStr) throws IOException
-    {
-        return createKey(PrivateKeyInfo.getInstance(new ASN1InputStream(inStr).readObject()));
-    }
-
-    /**
-     * Create a private key parameter from the passed in PKCS8 PrivateKeyInfo object.
-     * 
-     * @param keyInfo the PrivateKeyInfo object containing the key material
-     * @return a suitable private key parameter
-     * @throws IOException on an error decoding the key
-     */
-    public static AsymmetricKeyParameter createKey(PrivateKeyInfo keyInfo) throws IOException
-    {
-        AlgorithmIdentifier algId = keyInfo.getPrivateKeyAlgorithm();
-        ASN1ObjectIdentifier algOID = algId.getAlgorithm();
-
-        if (algOID.on(BCObjectIdentifiers.qTESLA))
-        {
-            ASN1OctetString qTESLAPriv = ASN1OctetString.getInstance(keyInfo.parsePrivateKey());
-
-            return new QTESLAPrivateKeyParameters(Utils.qTeslaLookupSecurityCategory(keyInfo.getPrivateKeyAlgorithm()), qTESLAPriv.getOctets());
-        }
-        else if (algOID.equals(BCObjectIdentifiers.sphincs256))
-        {
-            return new SPHINCSPrivateKeyParameters(ASN1OctetString.getInstance(keyInfo.parsePrivateKey()).getOctets(),
-                Utils.sphincs256LookupTreeAlgName(SPHINCS256KeyParams.getInstance(keyInfo.getPrivateKeyAlgorithm().getParameters())));
-        }
-        else if (algOID.equals(BCObjectIdentifiers.newHope))
-        {
-            return new NHPrivateKeyParameters(convert(ASN1OctetString.getInstance(keyInfo.parsePrivateKey()).getOctets()));
-        }
-        else if (algOID.equals(BCObjectIdentifiers.xmss))
-        {
-            XMSSKeyParams keyParams = XMSSKeyParams.getInstance(keyInfo.getPrivateKeyAlgorithm().getParameters());
-            ASN1ObjectIdentifier treeDigest = keyParams.getTreeDigest().getAlgorithm();
-
-            XMSSPrivateKey xmssPrivateKey = XMSSPrivateKey.getInstance(keyInfo.parsePrivateKey());
-
-            try
-            {
-                XMSSPrivateKeyParameters.Builder keyBuilder = new XMSSPrivateKeyParameters
-                    .Builder(new XMSSParameters(keyParams.getHeight(), Utils.getDigest(treeDigest)))
-                    .withIndex(xmssPrivateKey.getIndex())
-                    .withSecretKeySeed(xmssPrivateKey.getSecretKeySeed())
-                    .withSecretKeyPRF(xmssPrivateKey.getSecretKeyPRF())
-                    .withPublicSeed(xmssPrivateKey.getPublicSeed())
-                    .withRoot(xmssPrivateKey.getRoot());
-
-                if (xmssPrivateKey.getBdsState() != null)
-                {
-                    BDS bds = (BDS)XMSSUtil.deserialize(xmssPrivateKey.getBdsState(), BDS.class);
-                    keyBuilder.withBDSState(bds.withWOTSDigest(treeDigest));
-                }
-
-                return keyBuilder.build();
-            }
-            catch (ClassNotFoundException e)
-            {
-                throw new IOException("ClassNotFoundException processing BDS state: " + e.getMessage());
-            }
-        }
-        else if (algOID.equals(PQCObjectIdentifiers.xmss_mt))
-        {
-            XMSSMTKeyParams keyParams = XMSSMTKeyParams.getInstance(keyInfo.getPrivateKeyAlgorithm().getParameters());
-            ASN1ObjectIdentifier treeDigest = keyParams.getTreeDigest().getAlgorithm();
-
-            try
-            {
-                XMSSPrivateKey xmssMtPrivateKey = XMSSPrivateKey.getInstance(keyInfo.parsePrivateKey());
-
-                XMSSMTPrivateKeyParameters.Builder keyBuilder = new XMSSMTPrivateKeyParameters
-                    .Builder(new XMSSMTParameters(keyParams.getHeight(), keyParams.getLayers(), Utils.getDigest(treeDigest)))
-                    .withIndex(xmssMtPrivateKey.getIndex())
-                    .withSecretKeySeed(xmssMtPrivateKey.getSecretKeySeed())
-                    .withSecretKeyPRF(xmssMtPrivateKey.getSecretKeyPRF())
-                    .withPublicSeed(xmssMtPrivateKey.getPublicSeed())
-                    .withRoot(xmssMtPrivateKey.getRoot());
-
-                if (xmssMtPrivateKey.getBdsState() != null)
-                {
-                    BDSStateMap bdsState = (BDSStateMap)XMSSUtil.deserialize(xmssMtPrivateKey.getBdsState(), BDSStateMap.class);
-                    keyBuilder.withBDSState(bdsState.withWOTSDigest(treeDigest));
-                }
-
-                return keyBuilder.build();
-            }
-            catch (ClassNotFoundException e)
-            {
-                throw new IOException("ClassNotFoundException processing BDS state: " + e.getMessage());
-            }
-        }
-        else
-        {
-            throw new RuntimeException("algorithm identifier in private key not recognised");
-        }
-    }
-
-    private static short[] convert(byte[] octets)
-    {
-        short[] rv = new short[octets.length / 2];
-
-        for (int i = 0; i != rv.length; i++)
-        {
-            rv[i] = Pack.littleEndianToShort(octets, i * 2);
-        }
-
-        return rv;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/util/PrivateKeyInfoFactory.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/util/PrivateKeyInfoFactory.java
deleted file mode 100644
index 41e4b24..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/util/PrivateKeyInfoFactory.java
+++ /dev/null

@@ -1,177 +0,0 @@
-package org.bouncycastle.pqc.crypto.util;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-import org.bouncycastle.pqc.asn1.SPHINCS256KeyParams;
-import org.bouncycastle.pqc.asn1.XMSSKeyParams;
-import org.bouncycastle.pqc.asn1.XMSSMTKeyParams;
-import org.bouncycastle.pqc.asn1.XMSSMTPrivateKey;
-import org.bouncycastle.pqc.asn1.XMSSPrivateKey;
-import org.bouncycastle.pqc.crypto.newhope.NHPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.qtesla.QTESLAPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.sphincs.SPHINCSPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMTPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSUtil;
-import org.bouncycastle.util.Pack;
-
-/**
- * Factory to create ASN.1 private key info objects from lightweight private keys.
- */
-public class PrivateKeyInfoFactory
-{
-    private PrivateKeyInfoFactory()
-    {
-
-    }
-
-    /**
-     * Create a PrivateKeyInfo representation of a private key.
-     *
-     * @param privateKey the key to be encoded into the info object.
-     * @return the appropriate PrivateKeyInfo
-     * @throws java.io.IOException on an error encoding the key
-     */
-    public static PrivateKeyInfo createPrivateKeyInfo(AsymmetricKeyParameter privateKey) throws IOException
-    {
-        return createPrivateKeyInfo(privateKey, null);
-    }
-
-    /**
-     * Create a PrivateKeyInfo representation of a private key with attributes.
-     *
-     * @param privateKey the key to be encoded into the info object.
-     * @param attributes the set of attributes to be included.
-     * @return the appropriate PrivateKeyInfo
-     * @throws java.io.IOException on an error encoding the key
-     */
-    public static PrivateKeyInfo createPrivateKeyInfo(AsymmetricKeyParameter privateKey, ASN1Set attributes) throws IOException
-    {
-        if (privateKey instanceof QTESLAPrivateKeyParameters)
-        {
-            QTESLAPrivateKeyParameters keyParams = (QTESLAPrivateKeyParameters)privateKey;
-
-            AlgorithmIdentifier algorithmIdentifier = Utils.qTeslaLookupAlgID(keyParams.getSecurityCategory());
-
-            return new PrivateKeyInfo(algorithmIdentifier, new DEROctetString(keyParams.getSecret()), attributes);
-        }
-        else if (privateKey instanceof SPHINCSPrivateKeyParameters)
-        {
-            SPHINCSPrivateKeyParameters params = (SPHINCSPrivateKeyParameters)privateKey;
-            AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.sphincs256,
-                                    new SPHINCS256KeyParams(Utils.sphincs256LookupTreeAlgID(params.getTreeDigest())));
-
-            return new PrivateKeyInfo(algorithmIdentifier, new DEROctetString(params.getKeyData()));
-        }
-        else if (privateKey instanceof NHPrivateKeyParameters)
-        {
-            NHPrivateKeyParameters params = (NHPrivateKeyParameters)privateKey;
-
-            AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.newHope);
-
-            short[] privateKeyData = params.getSecData();
-
-            byte[] octets = new byte[privateKeyData.length * 2];
-            for (int i = 0; i != privateKeyData.length; i++)
-            {
-                Pack.shortToLittleEndian(privateKeyData[i], octets, i * 2);
-            }
-
-            return new PrivateKeyInfo(algorithmIdentifier, new DEROctetString(octets));
-        }
-        else if (privateKey instanceof XMSSPrivateKeyParameters)
-        {
-            XMSSPrivateKeyParameters keyParams = (XMSSPrivateKeyParameters)privateKey;
-            AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.xmss,
-                new XMSSKeyParams(keyParams.getParameters().getHeight(),
-                    Utils.xmssLookupTreeAlgID(keyParams.getTreeDigest())));
-
-            return new PrivateKeyInfo(algorithmIdentifier, xmssCreateKeyStructure(keyParams));
-        }
-        else if (privateKey instanceof XMSSMTPrivateKeyParameters)
-        {
-            XMSSMTPrivateKeyParameters keyParams = (XMSSMTPrivateKeyParameters)privateKey;
-            AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.xmss_mt,
-                new XMSSMTKeyParams(keyParams.getParameters().getHeight(), keyParams.getParameters().getLayers(),
-                    Utils.xmssLookupTreeAlgID(keyParams.getTreeDigest())));
-
-            return new PrivateKeyInfo(algorithmIdentifier, xmssmtCreateKeyStructure(keyParams));
-        }
-        else
-        {
-            throw new IOException("key parameters not recognized");
-        }
-    }
-
-    private static XMSSPrivateKey xmssCreateKeyStructure(XMSSPrivateKeyParameters keyParams)
-    {
-        byte[] keyData = keyParams.toByteArray();
-
-        int n = keyParams.getParameters().getDigestSize();
-        int totalHeight = keyParams.getParameters().getHeight();
-        int indexSize = 4;
-        int secretKeySize = n;
-        int secretKeyPRFSize = n;
-        int publicSeedSize = n;
-        int rootSize = n;
-
-        int position = 0;
-        int index = (int)XMSSUtil.bytesToXBigEndian(keyData, position, indexSize);
-        if (!XMSSUtil.isIndexValid(totalHeight, index))
-        {
-            throw new IllegalArgumentException("index out of bounds");
-        }
-        position += indexSize;
-        byte[] secretKeySeed = XMSSUtil.extractBytesAtOffset(keyData, position, secretKeySize);
-        position += secretKeySize;
-        byte[] secretKeyPRF = XMSSUtil.extractBytesAtOffset(keyData, position, secretKeyPRFSize);
-        position += secretKeyPRFSize;
-        byte[] publicSeed = XMSSUtil.extractBytesAtOffset(keyData, position, publicSeedSize);
-        position += publicSeedSize;
-        byte[] root = XMSSUtil.extractBytesAtOffset(keyData, position, rootSize);
-        position += rootSize;
-               /* import BDS state */
-        byte[] bdsStateBinary = XMSSUtil.extractBytesAtOffset(keyData, position, keyData.length - position);
-
-        return new XMSSPrivateKey(index, secretKeySeed, secretKeyPRF, publicSeed, root, bdsStateBinary);
-    }
-
-    private static XMSSMTPrivateKey xmssmtCreateKeyStructure(XMSSMTPrivateKeyParameters keyParams)
-    {
-        byte[] keyData = keyParams.toByteArray();
-
-        int n = keyParams.getParameters().getDigestSize();
-        int totalHeight = keyParams.getParameters().getHeight();
-        int indexSize = (totalHeight + 7) / 8;
-        int secretKeySize = n;
-        int secretKeyPRFSize = n;
-        int publicSeedSize = n;
-        int rootSize = n;
-
-        int position = 0;
-        int index = (int)XMSSUtil.bytesToXBigEndian(keyData, position, indexSize);
-        if (!XMSSUtil.isIndexValid(totalHeight, index))
-        {
-            throw new IllegalArgumentException("index out of bounds");
-        }
-        position += indexSize;
-        byte[] secretKeySeed = XMSSUtil.extractBytesAtOffset(keyData, position, secretKeySize);
-        position += secretKeySize;
-        byte[] secretKeyPRF = XMSSUtil.extractBytesAtOffset(keyData, position, secretKeyPRFSize);
-        position += secretKeyPRFSize;
-        byte[] publicSeed = XMSSUtil.extractBytesAtOffset(keyData, position, publicSeedSize);
-        position += publicSeedSize;
-        byte[] root = XMSSUtil.extractBytesAtOffset(keyData, position, rootSize);
-        position += rootSize;
-               /* import BDS state */
-        byte[] bdsStateBinary = XMSSUtil.extractBytesAtOffset(keyData, position, keyData.length - position);
-
-        return new XMSSMTPrivateKey(index, secretKeySeed, secretKeyPRF, publicSeed, root, bdsStateBinary);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/util/PublicKeyFactory.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/util/PublicKeyFactory.java
deleted file mode 100644
index e0989d2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/util/PublicKeyFactory.java
+++ /dev/null

@@ -1,182 +0,0 @@
-package org.bouncycastle.pqc.crypto.util;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-import org.bouncycastle.pqc.asn1.SPHINCS256KeyParams;
-import org.bouncycastle.pqc.asn1.XMSSKeyParams;
-import org.bouncycastle.pqc.asn1.XMSSMTKeyParams;
-import org.bouncycastle.pqc.asn1.XMSSPublicKey;
-import org.bouncycastle.pqc.crypto.newhope.NHPublicKeyParameters;
-import org.bouncycastle.pqc.crypto.qtesla.QTESLAPublicKeyParameters;
-import org.bouncycastle.pqc.crypto.sphincs.SPHINCSPublicKeyParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMTParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMTPublicKeyParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSPublicKeyParameters;
-
-/**
- * Factory to create asymmetric public key parameters for asymmetric ciphers from range of
- * ASN.1 encoded SubjectPublicKeyInfo objects.
- */
-public class PublicKeyFactory
-{
-    private static Map converters = new HashMap();
-
-    static
-    {
-        converters.put(PQCObjectIdentifiers.qTESLA_I, new QTeslaConverter());
-        converters.put(PQCObjectIdentifiers.qTESLA_III_size, new QTeslaConverter());
-        converters.put(PQCObjectIdentifiers.qTESLA_III_speed, new QTeslaConverter());
-        converters.put(PQCObjectIdentifiers.qTESLA_p_I, new QTeslaConverter());
-        converters.put(PQCObjectIdentifiers.qTESLA_p_III, new QTeslaConverter());
-        converters.put(PQCObjectIdentifiers.sphincs256, new SPHINCSConverter());
-        converters.put(PQCObjectIdentifiers.newHope, new NHConverter());
-        converters.put(PQCObjectIdentifiers.xmss, new XMSSConverter());
-        converters.put(PQCObjectIdentifiers.xmss_mt, new XMSSMTConverter());
-    }
-
-    /**
-     * Create a public key from a SubjectPublicKeyInfo encoding
-     *
-     * @param keyInfoData the SubjectPublicKeyInfo encoding
-     * @return the appropriate key parameter
-     * @throws IOException on an error decoding the key
-     */
-    public static AsymmetricKeyParameter createKey(byte[] keyInfoData)
-        throws IOException
-    {
-        return createKey(SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(keyInfoData)));
-    }
-
-    /**
-     * Create a public key from a SubjectPublicKeyInfo encoding read from a stream
-     *
-     * @param inStr the stream to read the SubjectPublicKeyInfo encoding from
-     * @return the appropriate key parameter
-     * @throws IOException on an error decoding the key
-     */
-    public static AsymmetricKeyParameter createKey(InputStream inStr)
-        throws IOException
-    {
-        return createKey(SubjectPublicKeyInfo.getInstance(new ASN1InputStream(inStr).readObject()));
-    }
-
-    /**
-     * Create a public key from the passed in SubjectPublicKeyInfo
-     *
-     * @param keyInfo the SubjectPublicKeyInfo containing the key data
-     * @return the appropriate key parameter
-     * @throws IOException on an error decoding the key
-     */
-    public static AsymmetricKeyParameter createKey(SubjectPublicKeyInfo keyInfo)
-        throws IOException
-    {
-        return createKey(keyInfo, null);
-    }
-
-    /**
-     * Create a public key from the passed in SubjectPublicKeyInfo
-     *
-     * @param keyInfo the SubjectPublicKeyInfo containing the key data
-     * @param defaultParams default parameters that might be needed.
-     * @return the appropriate key parameter
-     * @throws IOException on an error decoding the key
-     */
-    public static AsymmetricKeyParameter createKey(SubjectPublicKeyInfo keyInfo, Object defaultParams)
-        throws IOException
-    {
-        AlgorithmIdentifier algId = keyInfo.getAlgorithm();
-        SubjectPublicKeyInfoConverter converter = (SubjectPublicKeyInfoConverter)converters.get(algId.getAlgorithm());
-
-        if (converter != null)
-        {
-            return converter.getPublicKeyParameters(keyInfo, defaultParams);
-        }
-        else
-        {
-            throw new IOException("algorithm identifier in public key not recognised: " + algId.getAlgorithm());
-        }
-    }
-
-    private static abstract class SubjectPublicKeyInfoConverter
-    {
-        abstract AsymmetricKeyParameter getPublicKeyParameters(SubjectPublicKeyInfo keyInfo, Object defaultParams)
-            throws IOException;
-    }
-
-    private static class QTeslaConverter
-        extends SubjectPublicKeyInfoConverter
-    {
-        AsymmetricKeyParameter getPublicKeyParameters(SubjectPublicKeyInfo keyInfo, Object defaultParams)
-            throws IOException
-        {
-            return new QTESLAPublicKeyParameters(Utils.qTeslaLookupSecurityCategory(keyInfo.getAlgorithm()), keyInfo.getPublicKeyData().getOctets());
-        }
-    }
-
-    private static class SPHINCSConverter
-        extends SubjectPublicKeyInfoConverter
-    {
-        AsymmetricKeyParameter getPublicKeyParameters(SubjectPublicKeyInfo keyInfo, Object defaultParams)
-            throws IOException
-        {
-            return new SPHINCSPublicKeyParameters(keyInfo.getPublicKeyData().getBytes(),
-                            Utils.sphincs256LookupTreeAlgName(SPHINCS256KeyParams.getInstance(keyInfo.getAlgorithm().getParameters())));
-        }
-    }
-
-    private static class NHConverter
-        extends SubjectPublicKeyInfoConverter
-    {
-        AsymmetricKeyParameter getPublicKeyParameters(SubjectPublicKeyInfo keyInfo, Object defaultParams)
-            throws IOException
-        {
-            return new NHPublicKeyParameters(keyInfo.getPublicKeyData().getBytes());
-        }
-    }
-
-    private static class XMSSConverter
-        extends SubjectPublicKeyInfoConverter
-    {
-        AsymmetricKeyParameter getPublicKeyParameters(SubjectPublicKeyInfo keyInfo, Object defaultParams)
-            throws IOException
-        {
-            XMSSKeyParams keyParams = XMSSKeyParams.getInstance(keyInfo.getAlgorithm().getParameters());
-            ASN1ObjectIdentifier treeDigest = keyParams.getTreeDigest().getAlgorithm();
-            XMSSPublicKey xmssPublicKey = XMSSPublicKey.getInstance(keyInfo.parsePublicKey());
-
-            return new XMSSPublicKeyParameters
-                .Builder(new XMSSParameters(keyParams.getHeight(), Utils.getDigest(treeDigest)))
-                .withPublicSeed(xmssPublicKey.getPublicSeed())
-                .withRoot(xmssPublicKey.getRoot()).build();
-        }
-    }
-
-    private static class XMSSMTConverter
-        extends SubjectPublicKeyInfoConverter
-    {
-        AsymmetricKeyParameter getPublicKeyParameters(SubjectPublicKeyInfo keyInfo, Object defaultParams)
-            throws IOException
-        {
-            XMSSMTKeyParams keyParams = XMSSMTKeyParams.getInstance(keyInfo.getAlgorithm().getParameters());
-            ASN1ObjectIdentifier treeDigest = keyParams.getTreeDigest().getAlgorithm();
-
-            XMSSPublicKey xmssMtPublicKey = XMSSPublicKey.getInstance(keyInfo.parsePublicKey());
-
-            return new XMSSMTPublicKeyParameters
-                .Builder(new XMSSMTParameters(keyParams.getHeight(), keyParams.getLayers(), Utils.getDigest(treeDigest)))
-                .withPublicSeed(xmssMtPublicKey.getPublicSeed())
-                .withRoot(xmssMtPublicKey.getRoot()).build();
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/util/SubjectPublicKeyInfoFactory.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/util/SubjectPublicKeyInfoFactory.java
deleted file mode 100644
index 4ccbf4c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/util/SubjectPublicKeyInfoFactory.java
+++ /dev/null

@@ -1,83 +0,0 @@
-package org.bouncycastle.pqc.crypto.util;
-
-import java.io.IOException;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-import org.bouncycastle.pqc.asn1.SPHINCS256KeyParams;
-import org.bouncycastle.pqc.asn1.XMSSKeyParams;
-import org.bouncycastle.pqc.asn1.XMSSMTKeyParams;
-import org.bouncycastle.pqc.asn1.XMSSMTPublicKey;
-import org.bouncycastle.pqc.asn1.XMSSPublicKey;
-import org.bouncycastle.pqc.crypto.newhope.NHPublicKeyParameters;
-import org.bouncycastle.pqc.crypto.qtesla.QTESLAPublicKeyParameters;
-import org.bouncycastle.pqc.crypto.sphincs.SPHINCSPublicKeyParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMTPublicKeyParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSPublicKeyParameters;
-
-/**
- * Factory to create ASN.1 subject public key info objects from lightweight public keys.
- */
-public class SubjectPublicKeyInfoFactory
-{
-    private SubjectPublicKeyInfoFactory()
-    {
-
-    }
-
-    /**
-     * Create a SubjectPublicKeyInfo public key.
-     *
-     * @param publicKey the key to be encoded into the info object.
-     * @return a SubjectPublicKeyInfo representing the key.
-     * @throws java.io.IOException on an error encoding the key
-     */
-    public static SubjectPublicKeyInfo createSubjectPublicKeyInfo(AsymmetricKeyParameter publicKey)
-        throws IOException
-    {
-        if (publicKey instanceof QTESLAPublicKeyParameters)
-        {
-            QTESLAPublicKeyParameters keyParams = (QTESLAPublicKeyParameters)publicKey;
-            AlgorithmIdentifier algorithmIdentifier = Utils.qTeslaLookupAlgID(keyParams.getSecurityCategory());
-
-            return new SubjectPublicKeyInfo(algorithmIdentifier, keyParams.getPublicData());
-        }
-        else if (publicKey instanceof SPHINCSPublicKeyParameters)
-        {
-            SPHINCSPublicKeyParameters params = (SPHINCSPublicKeyParameters)publicKey;
-
-            AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.sphincs256,
-                new SPHINCS256KeyParams(Utils.sphincs256LookupTreeAlgID(params.getTreeDigest())));
-            return new SubjectPublicKeyInfo(algorithmIdentifier, params.getKeyData());
-        }
-        else if (publicKey instanceof NHPublicKeyParameters)
-        {
-            NHPublicKeyParameters params = (NHPublicKeyParameters)publicKey;
-
-            AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.newHope);
-            return new SubjectPublicKeyInfo(algorithmIdentifier, params.getPubData());
-        }
-        else if (publicKey instanceof XMSSPublicKeyParameters)
-        {
-            XMSSPublicKeyParameters keyParams = (XMSSPublicKeyParameters)publicKey;
-
-            AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.xmss,
-                new XMSSKeyParams(keyParams.getParameters().getHeight(), Utils.xmssLookupTreeAlgID(keyParams.getTreeDigest())));
-            return new SubjectPublicKeyInfo(algorithmIdentifier, new XMSSPublicKey(keyParams.getPublicSeed(), keyParams.getRoot()));
-        }
-        else if (publicKey instanceof XMSSMTPublicKeyParameters)
-        {
-            XMSSMTPublicKeyParameters keyParams = (XMSSMTPublicKeyParameters)publicKey;
-
-            AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.xmss_mt, new XMSSMTKeyParams(keyParams.getParameters().getHeight(), keyParams.getParameters().getLayers(),
-                Utils.xmssLookupTreeAlgID(keyParams.getTreeDigest())));
-            return new SubjectPublicKeyInfo(algorithmIdentifier, new XMSSMTPublicKey(keyParams.getPublicSeed(), keyParams.getRoot()));
-        }
-        else
-        {
-            throw new IOException("key parameters not recognized");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/util/Utils.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/util/Utils.java
deleted file mode 100644
index ade70be..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/util/Utils.java
+++ /dev/null

@@ -1,150 +0,0 @@
-package org.bouncycastle.pqc.crypto.util;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.digests.SHAKEDigest;
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-import org.bouncycastle.pqc.asn1.SPHINCS256KeyParams;
-import org.bouncycastle.pqc.crypto.qtesla.QTESLASecurityCategory;
-import org.bouncycastle.pqc.crypto.sphincs.SPHINCSKeyParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSKeyParameters;
-import org.bouncycastle.util.Integers;
-
-class Utils
-{
-    static final AlgorithmIdentifier AlgID_qTESLA_I = new AlgorithmIdentifier(PQCObjectIdentifiers.qTESLA_I);
-    static final AlgorithmIdentifier AlgID_qTESLA_III_size = new AlgorithmIdentifier(PQCObjectIdentifiers.qTESLA_III_size);
-    static final AlgorithmIdentifier AlgID_qTESLA_III_speed = new AlgorithmIdentifier(PQCObjectIdentifiers.qTESLA_III_speed);
-    static final AlgorithmIdentifier AlgID_qTESLA_p_I = new AlgorithmIdentifier(PQCObjectIdentifiers.qTESLA_p_I);
-    static final AlgorithmIdentifier AlgID_qTESLA_p_III = new AlgorithmIdentifier(PQCObjectIdentifiers.qTESLA_p_III);
-
-    static final AlgorithmIdentifier SPHINCS_SHA3_256 = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha3_256);
-    static final AlgorithmIdentifier SPHINCS_SHA512_256 = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512_256);
-
-    static final AlgorithmIdentifier XMSS_SHA256 = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256);
-    static final AlgorithmIdentifier XMSS_SHA512 = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512);
-    static final AlgorithmIdentifier XMSS_SHAKE128 = new AlgorithmIdentifier(NISTObjectIdentifiers.id_shake128);
-    static final AlgorithmIdentifier XMSS_SHAKE256 = new AlgorithmIdentifier(NISTObjectIdentifiers.id_shake256);
-
-    static final Map categories = new HashMap();
-
-    static
-    {
-        categories.put(PQCObjectIdentifiers.qTESLA_I, Integers.valueOf(QTESLASecurityCategory.HEURISTIC_I));
-        categories.put(PQCObjectIdentifiers.qTESLA_III_size, Integers.valueOf(QTESLASecurityCategory.HEURISTIC_III_SIZE));
-        categories.put(PQCObjectIdentifiers.qTESLA_III_speed, Integers.valueOf(QTESLASecurityCategory.HEURISTIC_III_SPEED));
-        categories.put(PQCObjectIdentifiers.qTESLA_p_I, Integers.valueOf(QTESLASecurityCategory.PROVABLY_SECURE_I));
-        categories.put(PQCObjectIdentifiers.qTESLA_p_III, Integers.valueOf(QTESLASecurityCategory.PROVABLY_SECURE_III));
-    }
-
-    static int qTeslaLookupSecurityCategory(AlgorithmIdentifier algorithm)
-    {
-        return ((Integer)categories.get(algorithm.getAlgorithm())).intValue();
-    }
-
-    static AlgorithmIdentifier qTeslaLookupAlgID(int securityCategory)
-    {
-        switch (securityCategory)
-        {
-        case QTESLASecurityCategory.HEURISTIC_I:
-            return AlgID_qTESLA_I;
-        case QTESLASecurityCategory.HEURISTIC_III_SIZE:
-            return AlgID_qTESLA_III_size;
-        case QTESLASecurityCategory.HEURISTIC_III_SPEED:
-            return AlgID_qTESLA_III_speed;
-        case QTESLASecurityCategory.PROVABLY_SECURE_I:
-            return AlgID_qTESLA_p_I;
-        case QTESLASecurityCategory.PROVABLY_SECURE_III:
-            return AlgID_qTESLA_p_III;
-        default:
-            throw new IllegalArgumentException("unknown security category: " + securityCategory);
-        }
-    }
-
-    static AlgorithmIdentifier sphincs256LookupTreeAlgID(String treeDigest)
-    {
-        if (treeDigest.equals(SPHINCSKeyParameters.SHA3_256))
-        {
-            return SPHINCS_SHA3_256;
-        }
-        else if (treeDigest.equals(SPHINCSKeyParameters.SHA512_256))
-        {
-            return SPHINCS_SHA512_256;
-        }
-        else
-        {
-            throw new IllegalArgumentException("unknown tree digest: " + treeDigest);
-        }
-    }
-
-    static AlgorithmIdentifier xmssLookupTreeAlgID(String treeDigest)
-    {
-        if (treeDigest.equals(XMSSKeyParameters.SHA_256))
-        {
-            return XMSS_SHA256;
-        }
-        else if (treeDigest.equals(XMSSKeyParameters.SHA_512))
-        {
-            return XMSS_SHA512;
-        }
-        else if (treeDigest.equals(XMSSKeyParameters.SHAKE128))
-        {
-            return XMSS_SHAKE128;
-        }
-        else if (treeDigest.equals(XMSSKeyParameters.SHAKE256))
-        {
-            return XMSS_SHAKE256;
-        }
-        else
-        {
-            throw new IllegalArgumentException("unknown tree digest: " + treeDigest);
-        }
-    }
-
-    static String sphincs256LookupTreeAlgName(SPHINCS256KeyParams keyParams)
-    {
-        AlgorithmIdentifier treeDigest = keyParams.getTreeDigest();
-
-        if (treeDigest.getAlgorithm().equals(SPHINCS_SHA3_256.getAlgorithm()))
-        {
-            return SPHINCSKeyParameters.SHA3_256;
-        }
-        else if (treeDigest.getAlgorithm().equals(SPHINCS_SHA512_256.getAlgorithm()))
-        {
-            return SPHINCSKeyParameters.SHA512_256;
-        }
-        else
-        {
-            throw new IllegalArgumentException("unknown tree digest: " + treeDigest.getAlgorithm());
-        }
-    }
-
-    static Digest getDigest(ASN1ObjectIdentifier oid)
-    {
-        if (oid.equals(NISTObjectIdentifiers.id_sha256))
-        {
-            return new SHA256Digest();
-        }
-        if (oid.equals(NISTObjectIdentifiers.id_sha512))
-        {
-            return new SHA512Digest();
-        }
-        if (oid.equals(NISTObjectIdentifiers.id_shake128))
-        {
-            return new SHAKEDigest(128);
-        }
-        if (oid.equals(NISTObjectIdentifiers.id_shake256))
-        {
-            return new SHAKEDigest(256);
-        }
-
-        throw new IllegalArgumentException("unrecognized digest OID: " + oid);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/BDS.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/BDS.java
deleted file mode 100644
index 10516f3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/BDS.java
+++ /dev/null

@@ -1,438 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import java.io.Serializable;
-import java.util.ArrayList;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.Map;
-import java.util.Stack;
-import java.util.TreeMap;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.crypto.Digest;
-
-/**
- * BDS.
- */
-public final class BDS
-    implements Serializable
-{
-    private static final long serialVersionUID = 1L;
-    
-    private transient WOTSPlus wotsPlus;
-
-    private final int treeHeight;
-    private final List<BDSTreeHash> treeHashInstances;
-    private int k;
-    private XMSSNode root;
-    private List<XMSSNode> authenticationPath;
-    private Map<Integer, LinkedList<XMSSNode>> retain;
-    private Stack<XMSSNode> stack;
-
-    private Map<Integer, XMSSNode> keep;
-    private int index;
-    private boolean used;
-
-    /**
-     * Place holder BDS for when state is exhausted.
-     *
-     * @param params tree parameters
-     * @param index the index that has been reached.
-     */
-    BDS(XMSSParameters params, int index)
-    {
-        this(params.getWOTSPlus(), params.getHeight(), params.getK());
-        this.index = index;
-        this.used = true;
-    }
-
-    /**
-     * Set up constructor.
-     *
-     * @param params tree parameters
-     * @param publicSeed public seed for tree
-     * @param secretKeySeed secret seed for tree
-     * @param otsHashAddress hash address
-     */
-    BDS(XMSSParameters params, byte[] publicSeed, byte[] secretKeySeed, OTSHashAddress otsHashAddress)
-    {
-        this(params.getWOTSPlus(), params.getHeight(), params.getK());
-        this.initialize(publicSeed, secretKeySeed, otsHashAddress);
-    }
-
-    /**
-     * Set up constructor for a tree where the original BDS state was lost.
-     *
-     * @param params tree parameters
-     * @param publicSeed public seed for tree
-     * @param secretKeySeed secret seed for tree
-     * @param otsHashAddress hash address
-     * @param index index counter for the state to be at.
-     */
-    BDS(XMSSParameters params, byte[] publicSeed, byte[] secretKeySeed, OTSHashAddress otsHashAddress, int index)
-    {
-        this(params.getWOTSPlus(), params.getHeight(), params.getK());
-
-        this.initialize(publicSeed, secretKeySeed, otsHashAddress);
-
-        while (this.index < index)
-        {
-            this.nextAuthenticationPath(publicSeed, secretKeySeed, otsHashAddress);
-            this.used = false;
-        }
-    }
-
-    private BDS(WOTSPlus wotsPlus, int treeHeight, int k)
-    {
-        this.wotsPlus = wotsPlus;
-        this.treeHeight = treeHeight;
-        this.k = k;
-        if (k > treeHeight || k < 2 || ((treeHeight - k) % 2) != 0)
-        {
-            throw new IllegalArgumentException("illegal value for BDS parameter k");
-        }
-        authenticationPath = new ArrayList<XMSSNode>();
-        retain = new TreeMap<Integer, LinkedList<XMSSNode>>();
-        stack = new Stack<XMSSNode>();
-
-        treeHashInstances = new ArrayList<BDSTreeHash>();
-        for (int height = 0; height < (treeHeight - k); height++)
-        {
-            treeHashInstances.add(new BDSTreeHash(height));
-        }
-
-        keep = new TreeMap<Integer, XMSSNode>();
-        index = 0;
-        this.used = false;
-    }
-
-    private BDS(BDS last, byte[] publicSeed, byte[] secretKeySeed, OTSHashAddress otsHashAddress)
-    {
-        this.wotsPlus = last.wotsPlus;
-        this.treeHeight = last.treeHeight;
-        this.k = last.k;
-        this.root = last.root;
-        this.authenticationPath = new ArrayList<XMSSNode>();  // note use of addAll to avoid serialization issues
-        this.authenticationPath.addAll(last.authenticationPath);
-        this.retain = last.retain;
-        this.stack = new Stack<XMSSNode>(); // note use of addAll to avoid serialization issues
-        this.stack.addAll(last.stack);
-        this.treeHashInstances = last.treeHashInstances;
-        this.keep = new TreeMap<Integer, XMSSNode>(last.keep);
-        this.index = last.index;
-
-        this.nextAuthenticationPath(publicSeed, secretKeySeed, otsHashAddress);
-
-        last.used = true;
-    }
-
-    private BDS(BDS last, Digest digest)
-    {
-        this.wotsPlus = new WOTSPlus(new WOTSPlusParameters(digest));
-        this.treeHeight = last.treeHeight;
-        this.k = last.k;
-        this.root = last.root;
-        this.authenticationPath = new ArrayList<XMSSNode>();  // note use of addAll to avoid serialization issues
-        this.authenticationPath.addAll(last.authenticationPath);
-        this.retain = last.retain;
-        this.stack = new Stack<XMSSNode>();     // note use of addAll to avoid serialization issues
-        this.stack.addAll(last.stack);
-        this.treeHashInstances = last.treeHashInstances;
-        this.keep = new TreeMap<Integer, XMSSNode>(last.keep);
-        this.index = last.index;
-        this.used = last.used;
-        this.validate();
-    }
-
-    public BDS getNextState(byte[] publicSeed, byte[] secretKeySeed, OTSHashAddress otsHashAddress)
-    {
-        return new BDS(this, publicSeed, secretKeySeed, otsHashAddress);
-    }
-
-    private void initialize(byte[] publicSeed, byte[] secretSeed, OTSHashAddress otsHashAddress)
-    {
-        if (otsHashAddress == null)
-        {
-            throw new NullPointerException("otsHashAddress == null");
-        }
-        /* prepare addresses */
-        LTreeAddress lTreeAddress = (LTreeAddress)new LTreeAddress.Builder()
-            .withLayerAddress(otsHashAddress.getLayerAddress()).withTreeAddress(otsHashAddress.getTreeAddress())
-            .build();
-        HashTreeAddress hashTreeAddress = (HashTreeAddress)new HashTreeAddress.Builder()
-            .withLayerAddress(otsHashAddress.getLayerAddress()).withTreeAddress(otsHashAddress.getTreeAddress())
-            .build();
-
-		/* iterate indexes */
-        for (int indexLeaf = 0; indexLeaf < (1 << treeHeight); indexLeaf++)
-        {
-			/* generate leaf */
-            otsHashAddress = (OTSHashAddress)new OTSHashAddress.Builder()
-                .withLayerAddress(otsHashAddress.getLayerAddress()).withTreeAddress(otsHashAddress.getTreeAddress())
-                .withOTSAddress(indexLeaf).withChainAddress(otsHashAddress.getChainAddress())
-                .withHashAddress(otsHashAddress.getHashAddress()).withKeyAndMask(otsHashAddress.getKeyAndMask())
-                .build();
-			/*
-			 * import WOTSPlusSecretKey as its needed to calculate the public
-			 * key on the fly
-			 */
-            wotsPlus.importKeys(wotsPlus.getWOTSPlusSecretKey(secretSeed, otsHashAddress), publicSeed);
-            WOTSPlusPublicKeyParameters wotsPlusPublicKey = wotsPlus.getPublicKey(otsHashAddress);
-            lTreeAddress = (LTreeAddress)new LTreeAddress.Builder().withLayerAddress(lTreeAddress.getLayerAddress())
-                .withTreeAddress(lTreeAddress.getTreeAddress()).withLTreeAddress(indexLeaf)
-                .withTreeHeight(lTreeAddress.getTreeHeight()).withTreeIndex(lTreeAddress.getTreeIndex())
-                .withKeyAndMask(lTreeAddress.getKeyAndMask()).build();
-            XMSSNode node = XMSSNodeUtil.lTree(wotsPlus, wotsPlusPublicKey, lTreeAddress);
-
-            hashTreeAddress = (HashTreeAddress)new HashTreeAddress.Builder()
-                .withLayerAddress(hashTreeAddress.getLayerAddress())
-                .withTreeAddress(hashTreeAddress.getTreeAddress()).withTreeIndex(indexLeaf)
-                .withKeyAndMask(hashTreeAddress.getKeyAndMask()).build();
-            while (!stack.isEmpty() && stack.peek().getHeight() == node.getHeight())
-            {
-				/* add to authenticationPath if leafIndex == 1 */
-                int indexOnHeight = indexLeaf / (1 << node.getHeight());
-                if (indexOnHeight == 1)
-                {
-                    authenticationPath.add(node.clone());
-                }
-				/* store next right authentication node */
-                if (indexOnHeight == 3 && node.getHeight() < (treeHeight - k))
-                {
-                    treeHashInstances.get(node.getHeight()).setNode(node.clone());
-                }
-                if (indexOnHeight >= 3 && (indexOnHeight & 1) == 1 && node.getHeight() >= (treeHeight - k)
-                    && node.getHeight() <= (treeHeight - 2))
-                {
-                    if (retain.get(node.getHeight()) == null)
-                    {
-                        LinkedList<XMSSNode> queue = new LinkedList<XMSSNode>();
-                        queue.add(node.clone());
-                        retain.put(node.getHeight(), queue);
-                    }
-                    else
-                    {
-                        retain.get(node.getHeight()).add(node.clone());
-                    }
-                }
-                hashTreeAddress = (HashTreeAddress)new HashTreeAddress.Builder()
-                    .withLayerAddress(hashTreeAddress.getLayerAddress())
-                    .withTreeAddress(hashTreeAddress.getTreeAddress())
-                    .withTreeHeight(hashTreeAddress.getTreeHeight())
-                    .withTreeIndex((hashTreeAddress.getTreeIndex() - 1) / 2)
-                    .withKeyAndMask(hashTreeAddress.getKeyAndMask()).build();
-                node = XMSSNodeUtil.randomizeHash(wotsPlus, stack.pop(), node, hashTreeAddress);
-                node = new XMSSNode(node.getHeight() + 1, node.getValue());
-                hashTreeAddress = (HashTreeAddress)new HashTreeAddress.Builder()
-                    .withLayerAddress(hashTreeAddress.getLayerAddress())
-                    .withTreeAddress(hashTreeAddress.getTreeAddress())
-                    .withTreeHeight(hashTreeAddress.getTreeHeight() + 1)
-                    .withTreeIndex(hashTreeAddress.getTreeIndex()).withKeyAndMask(hashTreeAddress.getKeyAndMask())
-                    .build();
-            }
-			/* push to stack */
-            stack.push(node);
-        }
-        root = stack.pop();
-    }
-
-    private void nextAuthenticationPath(byte[] publicSeed, byte[] secretSeed, OTSHashAddress otsHashAddress)
-    {
-        if (otsHashAddress == null)
-        {
-            throw new NullPointerException("otsHashAddress == null");
-        }
-        if (used)
-        {
-            throw new IllegalStateException("index already used");
-        }
-        if (index > ((1 << treeHeight) - 2))
-        {
-            throw new IllegalStateException("index out of bounds");
-        }
-
-		/* determine tau */
-        int tau = XMSSUtil.calculateTau(index, treeHeight);
-    	/* parent of leaf on height tau+1 is a left node */
-        if (((index >> (tau + 1)) & 1) == 0 && (tau < (treeHeight - 1)))
-        {
-            keep.put(tau, authenticationPath.get(tau).clone());
-        }
-
-        /* prepare addresses */
-        LTreeAddress lTreeAddress = (LTreeAddress)new LTreeAddress.Builder()
-            .withLayerAddress(otsHashAddress.getLayerAddress()).withTreeAddress(otsHashAddress.getTreeAddress())
-            .build();
-        HashTreeAddress hashTreeAddress = (HashTreeAddress)new HashTreeAddress.Builder()
-            .withLayerAddress(otsHashAddress.getLayerAddress()).withTreeAddress(otsHashAddress.getTreeAddress())
-            .build();
-
-		/* leaf is a left node */
-        if (tau == 0)
-        {
-            otsHashAddress = (OTSHashAddress)new OTSHashAddress.Builder()
-                .withLayerAddress(otsHashAddress.getLayerAddress()).withTreeAddress(otsHashAddress.getTreeAddress())
-                .withOTSAddress(index).withChainAddress(otsHashAddress.getChainAddress())
-                .withHashAddress(otsHashAddress.getHashAddress()).withKeyAndMask(otsHashAddress.getKeyAndMask())
-                .build();
-			/*
-			 * import WOTSPlusSecretKey as its needed to calculate the public
-			 * key on the fly
-			 */
-            wotsPlus.importKeys(wotsPlus.getWOTSPlusSecretKey(secretSeed, otsHashAddress), publicSeed);
-            WOTSPlusPublicKeyParameters wotsPlusPublicKey = wotsPlus.getPublicKey(otsHashAddress);
-            lTreeAddress = (LTreeAddress)new LTreeAddress.Builder().withLayerAddress(lTreeAddress.getLayerAddress())
-                .withTreeAddress(lTreeAddress.getTreeAddress()).withLTreeAddress(index)
-                .withTreeHeight(lTreeAddress.getTreeHeight()).withTreeIndex(lTreeAddress.getTreeIndex())
-                .withKeyAndMask(lTreeAddress.getKeyAndMask()).build();
-            XMSSNode node = XMSSNodeUtil.lTree(wotsPlus, wotsPlusPublicKey, lTreeAddress);
-            authenticationPath.set(0, node);
-        }
-        else
-        {
-			/* add new left node on height tau to authentication path */
-            hashTreeAddress = (HashTreeAddress)new HashTreeAddress.Builder()
-                .withLayerAddress(hashTreeAddress.getLayerAddress())
-                .withTreeAddress(hashTreeAddress.getTreeAddress()).withTreeHeight(tau - 1)
-                .withTreeIndex(index >> tau).withKeyAndMask(hashTreeAddress.getKeyAndMask()).build();
-            /*
-             * import WOTSPlusSecretKey as its needed to calculate the public
-             * key on the fly
-             */
-            wotsPlus.importKeys(wotsPlus.getWOTSPlusSecretKey(secretSeed, otsHashAddress), publicSeed);
-            XMSSNode node = XMSSNodeUtil.randomizeHash(wotsPlus, authenticationPath.get(tau - 1), keep.get(tau - 1), hashTreeAddress);
-            node = new XMSSNode(node.getHeight() + 1, node.getValue());
-            authenticationPath.set(tau, node);
-            keep.remove(tau - 1);
-
-			/* add new right nodes to authentication path */
-            for (int height = 0; height < tau; height++)
-            {
-                if (height < (treeHeight - k))
-                {
-                    authenticationPath.set(height, treeHashInstances.get(height).getTailNode());
-                }
-                else
-                {
-                    authenticationPath.set(height, retain.get(height).removeFirst());
-                }
-            }
-
-			/* reinitialize treehash instances */
-            int minHeight = Math.min(tau, treeHeight - k);
-            for (int height = 0; height < minHeight; height++)
-            {
-                int startIndex = index + 1 + (3 * (1 << height));
-                if (startIndex < (1 << treeHeight))
-                {
-                    treeHashInstances.get(height).initialize(startIndex);
-                }
-            }
-        }
- 
-		/* update treehash instances */
-        for (int i = 0; i < (treeHeight - k) >> 1; i++)
-        {
-            BDSTreeHash treeHash = getBDSTreeHashInstanceForUpdate();
-            if (treeHash != null)
-            {
-                treeHash.update(stack, wotsPlus, publicSeed, secretSeed, otsHashAddress);
-            }
-        }
-
-        index++;
-    }
-
-    boolean isUsed()
-    {
-        return used;
-    }
-
-    private BDSTreeHash getBDSTreeHashInstanceForUpdate()
-    {
-        BDSTreeHash ret = null;
-        for (BDSTreeHash treeHash : treeHashInstances)
-        {
-            if (treeHash.isFinished() || !treeHash.isInitialized())
-            {
-                continue;
-            }
-            if (ret == null)
-            {
-                ret = treeHash;
-                continue;
-            }
-            if (treeHash.getHeight() < ret.getHeight())
-            {
-                ret = treeHash;
-                continue;
-            }
-            if (treeHash.getHeight() == ret.getHeight())
-            {
-                if (treeHash.getIndexLeaf() < ret.getIndexLeaf())
-                {
-                    ret = treeHash;
-                }
-            }
-        }
-        return ret;
-    }
-
-    private void validate()
-    {
-        if (authenticationPath == null)
-        {
-            throw new IllegalStateException("authenticationPath == null");
-        }
-        if (retain == null)
-        {
-            throw new IllegalStateException("retain == null");
-        }
-        if (stack == null)
-        {
-            throw new IllegalStateException("stack == null");
-        }
-        if (treeHashInstances == null)
-        {
-            throw new IllegalStateException("treeHashInstances == null");
-        }
-        if (keep == null)
-        {
-            throw new IllegalStateException("keep == null");
-        }
-        if (!XMSSUtil.isIndexValid(treeHeight, index))
-        {
-            throw new IllegalStateException("index in BDS state out of bounds");
-        }
-    }
-
-    protected int getTreeHeight()
-    {
-        return treeHeight;
-    }
-
-    protected XMSSNode getRoot()
-    {
-        return root.clone();
-    }
-
-    protected List<XMSSNode> getAuthenticationPath()
-    {
-        List<XMSSNode> authenticationPath = new ArrayList<XMSSNode>();
-        for (XMSSNode node : this.authenticationPath)
-        {
-            authenticationPath.add(node.clone());
-        }
-        return authenticationPath;
-    }
-
-    protected int getIndex()
-    {
-        return index;
-    }
-
-    public BDS withWOTSDigest(ASN1ObjectIdentifier digestName)
-    {
-        return new BDS(this, DigestUtil.getDigest(digestName));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/BDSStateMap.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/BDSStateMap.java
deleted file mode 100644
index cfed89f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/BDSStateMap.java
+++ /dev/null

@@ -1,125 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import java.io.Serializable;
-import java.util.Iterator;
-import java.util.Map;
-import java.util.TreeMap;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.util.Integers;
-
-public class BDSStateMap
-    implements Serializable
-{
-    private static final long serialVersionUID = -3464451825208522308L;
-    
-    private final Map<Integer, BDS> bdsState = new TreeMap<Integer, BDS>();
-
-    BDSStateMap()
-    {
-
-    }
-
-    BDSStateMap(XMSSMTParameters params, long globalIndex, byte[] publicSeed, byte[] secretKeySeed)
-    {
-         for (long index = 0; index < globalIndex; index++)
-         {
-             updateState(params, index, publicSeed, secretKeySeed);
-         }
-    }
-
-    BDSStateMap(BDSStateMap stateMap, XMSSMTParameters params, long globalIndex, byte[] publicSeed, byte[] secretKeySeed)
-    {
-        for (Iterator it = stateMap.bdsState.keySet().iterator(); it.hasNext();)
-        {
-            Integer key = (Integer)it.next();
-
-            bdsState.put(key, stateMap.bdsState.get(key));
-        }
-
-        updateState(params, globalIndex, publicSeed, secretKeySeed);
-    }
-
-    private void updateState(XMSSMTParameters params, long globalIndex, byte[] publicSeed, byte[] secretKeySeed)
-    {
-        XMSSParameters xmssParams = params.getXMSSParameters();
-        int xmssHeight = xmssParams.getHeight();
-
-        //
-        // set up state for next signature
-        //
-        long indexTree = XMSSUtil.getTreeIndex(globalIndex, xmssHeight);
-        int indexLeaf = XMSSUtil.getLeafIndex(globalIndex, xmssHeight);
-
-        OTSHashAddress otsHashAddress = (OTSHashAddress)new OTSHashAddress.Builder().withTreeAddress(indexTree)
-            .withOTSAddress(indexLeaf).build();
-
-        /* prepare authentication path for next leaf */
-        if (indexLeaf < ((1 << xmssHeight) - 1))
-        {
-            if (this.get(0) == null || indexLeaf == 0)
-            {
-                this.put(0, new BDS(xmssParams, publicSeed, secretKeySeed, otsHashAddress));
-            }
-
-            this.update(0, publicSeed, secretKeySeed, otsHashAddress);
-        }
-
-        /* loop over remaining layers */
-        for (int layer = 1; layer < params.getLayers(); layer++)
-        {
-                /* get root of layer - 1 */
-            indexLeaf = XMSSUtil.getLeafIndex(indexTree, xmssHeight);
-            indexTree = XMSSUtil.getTreeIndex(indexTree, xmssHeight);
-                /* adjust addresses */
-            otsHashAddress = (OTSHashAddress)new OTSHashAddress.Builder().withLayerAddress(layer)
-                .withTreeAddress(indexTree).withOTSAddress(indexLeaf).build();
-
-                /* prepare authentication path for next leaf */
-            if (indexLeaf < ((1 << xmssHeight) - 1)
-                && XMSSUtil.isNewAuthenticationPathNeeded(globalIndex, xmssHeight, layer))
-            {
-                if (this.get(layer) == null)
-                {
-                    this.put(layer, new BDS(params.getXMSSParameters(), publicSeed, secretKeySeed, otsHashAddress));
-                }
-
-                this.update(layer, publicSeed, secretKeySeed, otsHashAddress);
-            }
-        }
-    }
-
-    public boolean isEmpty()
-    {
-        return bdsState.isEmpty();
-    }
-
-    BDS get(int index)
-    {
-        return bdsState.get(Integers.valueOf(index));
-    }
-
-    BDS update(int index, byte[] publicSeed, byte[] secretKeySeed, OTSHashAddress otsHashAddress)
-    {
-        return bdsState.put(Integers.valueOf(index), bdsState.get(Integers.valueOf(index)).getNextState(publicSeed, secretKeySeed, otsHashAddress));
-    }
-
-    void put(int index, BDS bds)
-    {
-        bdsState.put(Integers.valueOf(index), bds);
-    }
-
-    public BDSStateMap withWOTSDigest(ASN1ObjectIdentifier digestName)
-    {
-        BDSStateMap newStateMap = new BDSStateMap();
-
-        for (Iterator<Integer> keys = bdsState.keySet().iterator(); keys.hasNext();)
-        {
-            Integer key = keys.next();
-
-            newStateMap.bdsState.put(key, bdsState.get(key).withWOTSDigest(digestName));
-        }
-
-        return newStateMap;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/BDSTreeHash.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/BDSTreeHash.java
deleted file mode 100644
index af7757d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/BDSTreeHash.java
+++ /dev/null

@@ -1,162 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import java.io.Serializable;
-import java.util.Stack;
-
-
-class BDSTreeHash
-    implements Serializable
-{
-    private static final long serialVersionUID = 1L;
-
-    private XMSSNode tailNode;
-    private final int initialHeight;
-    private int height;
-    private int nextIndex;
-    private boolean initialized;
-    private boolean finished;
-
-    BDSTreeHash(int initialHeight)
-    {
-        super();
-        this.initialHeight = initialHeight;
-        initialized = false;
-        finished = false;
-    }
-
-    void initialize(int nextIndex)
-    {
-        tailNode = null;
-        height = initialHeight;
-        this.nextIndex = nextIndex;
-        initialized = true;
-        finished = false;
-    }
-
-    void update(Stack<XMSSNode> stack, WOTSPlus wotsPlus, byte[] publicSeed, byte[] secretSeed, OTSHashAddress otsHashAddress)
-    {
-        if (otsHashAddress == null)
-        {
-            throw new NullPointerException("otsHashAddress == null");
-        }
-        if (finished || !initialized)
-        {
-            throw new IllegalStateException("finished or not initialized");
-        }
-            /* prepare addresses */
-        otsHashAddress = (OTSHashAddress)new OTSHashAddress.Builder()
-            .withLayerAddress(otsHashAddress.getLayerAddress()).withTreeAddress(otsHashAddress.getTreeAddress())
-            .withOTSAddress(nextIndex).withChainAddress(otsHashAddress.getChainAddress())
-            .withHashAddress(otsHashAddress.getHashAddress()).withKeyAndMask(otsHashAddress.getKeyAndMask())
-            .build();
-        LTreeAddress lTreeAddress = (LTreeAddress)new LTreeAddress.Builder()
-            .withLayerAddress(otsHashAddress.getLayerAddress()).withTreeAddress(otsHashAddress.getTreeAddress())
-            .withLTreeAddress(nextIndex).build();
-        HashTreeAddress hashTreeAddress = (HashTreeAddress)new HashTreeAddress.Builder()
-            .withLayerAddress(otsHashAddress.getLayerAddress()).withTreeAddress(otsHashAddress.getTreeAddress())
-            .withTreeIndex(nextIndex).build();
-            /* calculate leaf node */
-        wotsPlus.importKeys(wotsPlus.getWOTSPlusSecretKey(secretSeed, otsHashAddress), publicSeed);
-        WOTSPlusPublicKeyParameters wotsPlusPublicKey = wotsPlus.getPublicKey(otsHashAddress);
-        XMSSNode node = XMSSNodeUtil.lTree(wotsPlus, wotsPlusPublicKey, lTreeAddress);
-
-        while (!stack.isEmpty() && stack.peek().getHeight() == node.getHeight()
-            && stack.peek().getHeight() != initialHeight)
-        {
-            hashTreeAddress = (HashTreeAddress)new HashTreeAddress.Builder()
-                .withLayerAddress(hashTreeAddress.getLayerAddress())
-                .withTreeAddress(hashTreeAddress.getTreeAddress())
-                .withTreeHeight(hashTreeAddress.getTreeHeight())
-                .withTreeIndex((hashTreeAddress.getTreeIndex() - 1) / 2)
-                .withKeyAndMask(hashTreeAddress.getKeyAndMask()).build();
-            node = XMSSNodeUtil.randomizeHash(wotsPlus, stack.pop(), node, hashTreeAddress);
-            node = new XMSSNode(node.getHeight() + 1, node.getValue());
-            hashTreeAddress = (HashTreeAddress)new HashTreeAddress.Builder()
-                .withLayerAddress(hashTreeAddress.getLayerAddress())
-                .withTreeAddress(hashTreeAddress.getTreeAddress())
-                .withTreeHeight(hashTreeAddress.getTreeHeight() + 1)
-                .withTreeIndex(hashTreeAddress.getTreeIndex()).withKeyAndMask(hashTreeAddress.getKeyAndMask())
-                .build();
-        }
-
-        if (tailNode == null)
-        {
-            tailNode = node;
-        }
-        else
-        {
-            if (tailNode.getHeight() == node.getHeight())
-            {
-                hashTreeAddress = (HashTreeAddress)new HashTreeAddress.Builder()
-                    .withLayerAddress(hashTreeAddress.getLayerAddress())
-                    .withTreeAddress(hashTreeAddress.getTreeAddress())
-                    .withTreeHeight(hashTreeAddress.getTreeHeight())
-                    .withTreeIndex((hashTreeAddress.getTreeIndex() - 1) / 2)
-                    .withKeyAndMask(hashTreeAddress.getKeyAndMask()).build();
-                node = XMSSNodeUtil.randomizeHash(wotsPlus, tailNode, node, hashTreeAddress);
-                node = new XMSSNode(tailNode.getHeight() + 1, node.getValue());
-                tailNode = node;
-                hashTreeAddress = (HashTreeAddress)new HashTreeAddress.Builder()
-                    .withLayerAddress(hashTreeAddress.getLayerAddress())
-                    .withTreeAddress(hashTreeAddress.getTreeAddress())
-                    .withTreeHeight(hashTreeAddress.getTreeHeight() + 1)
-                    .withTreeIndex(hashTreeAddress.getTreeIndex())
-                    .withKeyAndMask(hashTreeAddress.getKeyAndMask()).build();
-            }
-            else
-            {
-                stack.push(node);
-            }
-        }
-
-        if (tailNode.getHeight() == initialHeight)
-        {
-            finished = true;
-        }
-        else
-        {
-            height = node.getHeight();
-            nextIndex++;
-        }
-    }
-
-    int getHeight()
-    {
-        if (!initialized || finished)
-        {
-            return Integer.MAX_VALUE;
-        }
-        return height;
-    }
-
-    int getIndexLeaf()
-    {
-        return nextIndex;
-    }
-
-    void setNode(XMSSNode node)
-    {
-        tailNode = node;
-        height = node.getHeight();
-        if (height == initialHeight)
-        {
-            finished = true;
-        }
-    }
-
-    boolean isFinished()
-    {
-        return finished;
-    }
-
-    boolean isInitialized()
-    {
-        return initialized;
-    }
-
-    public XMSSNode getTailNode()
-    {
-        return tailNode.clone();
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/DefaultXMSSMTOid.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/DefaultXMSSMTOid.java
deleted file mode 100644
index 900b423..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/DefaultXMSSMTOid.java
+++ /dev/null

@@ -1,160 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Map;
-
-/**
- * XMSSOid^MT class.
- *
- */
-public final class DefaultXMSSMTOid implements XMSSOid {
-
-	/**
-	 * XMSS^MT OID lookup table.
-	 */
-	private static final Map<String, DefaultXMSSMTOid> oidLookupTable;
-
-	static {
-		Map<String, DefaultXMSSMTOid> map = new HashMap<String, DefaultXMSSMTOid>();
-		map.put(createKey("SHA-256", 32, 16, 67, 20, 2),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHA2-256_W16_H20_D2"));
-		map.put(createKey("SHA-256", 32, 16, 67, 20, 4),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHA2-256_W16_H20_D4"));
-		map.put(createKey("SHA-256", 32, 16, 67, 40, 2),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHA2-256_W16_H40_D2"));
-		map.put(createKey("SHA-256", 32, 16, 67, 40, 2),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHA2-256_W16_H40_D4"));
-		map.put(createKey("SHA-256", 32, 16, 67, 40, 4),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHA2-256_W16_H40_D8"));
-		map.put(createKey("SHA-256", 32, 16, 67, 60, 8),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHA2-256_W16_H60_D3"));
-		map.put(createKey("SHA-256", 32, 16, 67, 60, 6),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHA2-256_W16_H60_D6"));
-		map.put(createKey("SHA-256", 32, 16, 67, 60, 12),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHA2-256_W16_H60_D12"));
-		map.put(createKey("SHA2-512", 64, 16, 131, 20, 2),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHA2-512_W16_H20_D2"));
-		map.put(createKey("SHA2-512", 64, 16, 131, 20, 4),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHA2-512_W16_H20_D4"));
-		map.put(createKey("SHA2-512", 64, 16, 131, 40, 2),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHA2-512_W16_H40_D2"));
-		map.put(createKey("SHA2-512", 64, 16, 131, 40, 4),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHA2-512_W16_H40_D4"));
-		map.put(createKey("SHA2-512", 64, 16, 131, 40, 8),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHA2-512_W16_H40_D8"));
-		map.put(createKey("SHA2-512", 64, 16, 131, 60, 3),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHA2-512_W16_H60_D3"));
-		map.put(createKey("SHA2-512", 64, 16, 131, 60, 6),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHA2-512_W16_H60_D6"));
-		map.put(createKey("SHA2-512", 64, 16, 131, 60, 12),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHA2-512_W16_H60_D12"));
-		map.put(createKey("SHAKE128", 32, 16, 67, 20, 2),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHAKE128_W16_H20_D2"));
-		map.put(createKey("SHAKE128", 32, 16, 67, 20, 4),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHAKE128_W16_H20_D4"));
-		map.put(createKey("SHAKE128", 32, 16, 67, 40, 2),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHAKE128_W16_H40_D2"));
-		map.put(createKey("SHAKE128", 32, 16, 67, 40, 4),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHAKE128_W16_H40_D4"));
-		map.put(createKey("SHAKE128", 32, 16, 67, 40, 8),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHAKE128_W16_H40_D8"));
-		map.put(createKey("SHAKE128", 32, 16, 67, 60, 3),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHAKE128_W16_H60_D3"));
-		map.put(createKey("SHAKE128", 32, 16, 67, 60, 6),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHAKE128_W16_H60_D6"));
-		map.put(createKey("SHAKE128", 32, 16, 67, 60, 12),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHAKE128_W16_H60_D12"));
-		map.put(createKey("SHAKE256", 64, 16, 131, 20, 2),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHAKE256_W16_H20_D2"));
-		map.put(createKey("SHAKE256", 64, 16, 131, 20, 4),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHAKE256_W16_H20_D4"));
-		map.put(createKey("SHAKE256", 64, 16, 131, 40, 2),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHAKE256_W16_H40_D2"));
-		map.put(createKey("SHAKE256", 64, 16, 131, 40, 4),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHAKE256_W16_H40_D4"));
-		map.put(createKey("SHAKE256", 64, 16, 131, 40, 8),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHAKE256_W16_H40_D8"));
-		map.put(createKey("SHAKE256", 64, 16, 131, 60, 3),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHAKE256_W16_H60_D3"));
-		map.put(createKey("SHAKE256", 64, 16, 131, 60, 6),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHAKE256_W16_H60_D6"));
-		map.put(createKey("SHAKE256", 64, 16, 131, 60, 12),
-				new DefaultXMSSMTOid(0x01000001, "XMSSMT_SHAKE256_W16_H60_D12"));
-		oidLookupTable = Collections.unmodifiableMap(map);
-	}
-
-	/**
-	 * OID.
-	 */
-	private final int oid;
-	/**
-	 * String representation of OID.
-	 */
-	private final String stringRepresentation;
-
-	/**
-	 * Constructor...
-	 *
-	 * @param oid
-	 *            OID.
-	 * @param stringRepresentation
-	 *            String representation of OID.
-	 */
-	private DefaultXMSSMTOid(int oid, String stringRepresentation) {
-		super();
-		this.oid = oid;
-		this.stringRepresentation = stringRepresentation;
-	}
-
-	/**
-	 * Lookup OID.
-	 *
-	 * @param algorithmName
-	 *            Algorithm name.
-	 * @param winternitzParameter
-	 *            Winternitz parameter.
-	 * @param height
-	 *            Binary tree height.
-	 * @return XMSS OID if parameters were found, null else.
-	 */
-	public static DefaultXMSSMTOid lookup(String algorithmName, int digestSize, int winternitzParameter, int len,
-			int height, int layers) {
-		if (algorithmName == null) {
-			throw new NullPointerException("algorithmName == null");
-		}
-		return oidLookupTable.get(createKey(algorithmName, digestSize, winternitzParameter, len, height, layers));
-	}
-
-	/**
-	 * Create a key based on parameters.
-	 *
-	 * @param algorithmName
-	 *            Algorithm name.
-	 * @param winternitzParameter
-	 *            Winternitz Parameter.
-	 * @param height
-	 *            Binary tree height.
-	 * @return String representation of parameters for lookup table.
-	 */
-	private static String createKey(String algorithmName, int digestSize, int winternitzParameter, int len, int height,
-			int layers) {
-		if (algorithmName == null) {
-			throw new NullPointerException("algorithmName == null");
-		}
-		return algorithmName + "-" + digestSize + "-" + winternitzParameter + "-" + len + "-" + height + "-" + layers;
-	}
-
-	/**
-	 * Getter OID.
-	 *
-	 * @return OID.
-	 */
-	public int getOid() {
-		return oid;
-	}
-
-	public String toString() {
-		return stringRepresentation;
-	}
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/DefaultXMSSOid.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/DefaultXMSSOid.java
deleted file mode 100644
index 908083a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/DefaultXMSSOid.java
+++ /dev/null

@@ -1,109 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Map;
-
-/**
- * XMSSOid class.
- *
- */
-public final class DefaultXMSSOid implements XMSSOid {
-
-	/**
-	 * XMSS OID lookup table.
-	 */
-	private static final Map<String, DefaultXMSSOid> oidLookupTable;
-
-	static {
-		Map<String, DefaultXMSSOid> map = new HashMap<String, DefaultXMSSOid>();
-		map.put(createKey("SHA-256", 32, 16, 67, 10), new DefaultXMSSOid(0x01000001, "XMSS_SHA2-256_W16_H10"));
-		map.put(createKey("SHA-256", 32, 16, 67, 16), new DefaultXMSSOid(0x02000002, "XMSS_SHA2-256_W16_H16"));
-		map.put(createKey("SHA-256", 32, 16, 67, 20), new DefaultXMSSOid(0x03000003, "XMSS_SHA2-256_W16_H20"));
-		map.put(createKey("SHA-512", 64, 16, 131, 10), new DefaultXMSSOid(0x04000004, "XMSS_SHA2-512_W16_H10"));
-		map.put(createKey("SHA-512", 64, 16, 131, 16), new DefaultXMSSOid(0x05000005, "XMSS_SHA2-512_W16_H16"));
-		map.put(createKey("SHA-512", 64, 16, 131, 20), new DefaultXMSSOid(0x06000006, "XMSS_SHA2-512_W16_H20"));
-		map.put(createKey("SHAKE128", 32, 16, 67, 10), new DefaultXMSSOid(0x07000007, "XMSS_SHAKE128_W16_H10"));
-		map.put(createKey("SHAKE128", 32, 16, 67, 16), new DefaultXMSSOid(0x08000008, "XMSS_SHAKE128_W16_H16"));
-		map.put(createKey("SHAKE128", 32, 16, 67, 20), new DefaultXMSSOid(0x09000009, "XMSS_SHAKE128_W16_H20"));
-		map.put(createKey("SHAKE256", 64, 16, 131, 10), new DefaultXMSSOid(0x0a00000a, "XMSS_SHAKE256_W16_H10"));
-		map.put(createKey("SHAKE256", 64, 16, 131, 16), new DefaultXMSSOid(0x0b00000b, "XMSS_SHAKE256_W16_H16"));
-		map.put(createKey("SHAKE256", 64, 16, 131, 20), new DefaultXMSSOid(0x0c00000c, "XMSS_SHAKE256_W16_H20"));
-		oidLookupTable = Collections.unmodifiableMap(map);
-	}
-
-	/**
-	 * OID.
-	 */
-	private final int oid;
-	/**
-	 * String representation of OID.
-	 */
-	private final String stringRepresentation;
-
-	/**
-	 * Constructor...
-	 *
-	 * @param oid
-	 *            OID.
-	 * @param stringRepresentation
-	 *            String representation of OID.
-	 */
-	private DefaultXMSSOid(int oid, String stringRepresentation) {
-		super();
-		this.oid = oid;
-		this.stringRepresentation = stringRepresentation;
-	}
-
-	/**
-	 * Lookup OID.
-	 *
-	 * @param algorithmName
-	 *            Algorithm name.
-	 * @param winternitzParameter
-	 *            Winternitz parameter.
-	 * @param height
-	 *            Binary tree height.
-	 * @return XMSS OID if parameters were found, null else.
-	 */
-	public static DefaultXMSSOid lookup(String algorithmName, int digestSize, int winternitzParameter, int len,
-			int height) {
-		if (algorithmName == null) {
-			throw new NullPointerException("algorithmName == null");
-		}
-		return oidLookupTable.get(createKey(algorithmName, digestSize, winternitzParameter, len, height));
-	}
-
-	/**
-	 * Create a key based on parameters.
-	 *
-	 * @param algorithmName
-	 *            Algorithm name.
-	 * @param winternitzParameter
-	 *            Winternitz Parameter.
-	 * @param height
-	 *            Binary tree height.
-	 * @return String representation of parameters for lookup table.
-	 */
-	private static String createKey(String algorithmName, int digestSize, int winternitzParameter, int len,
-			int height) {
-		if (algorithmName == null) {
-			throw new NullPointerException("algorithmName == null");
-		}
-		return algorithmName + "-" + digestSize + "-" + winternitzParameter + "-" + len + "-" + height;
-	}
-
-	/**
-	 * Getter OID.
-	 *
-	 * @return OID.
-	 */
-	public int getOid() {
-		return oid;
-	}
-
-	@Override
-	public String toString() {
-		return stringRepresentation;
-	}
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/DigestUtil.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/DigestUtil.java
deleted file mode 100644
index 874ba8a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/DigestUtil.java
+++ /dev/null

@@ -1,68 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import java.util.HashMap;
-import java.util.Map;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Xof;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.digests.SHAKEDigest;
-
-class DigestUtil
-{
-    private static Map<String, ASN1ObjectIdentifier> nameToOid = new HashMap<String, ASN1ObjectIdentifier>();
-
-    static
-    {
-        nameToOid.put("SHA-256", NISTObjectIdentifiers.id_sha256);
-        nameToOid.put("SHA-512", NISTObjectIdentifiers.id_sha512);
-        nameToOid.put("SHAKE128", NISTObjectIdentifiers.id_shake128);
-        nameToOid.put("SHAKE256", NISTObjectIdentifiers.id_shake256);
-    }
-
-    static Digest getDigest(ASN1ObjectIdentifier oid)
-    {
-        if (oid.equals(NISTObjectIdentifiers.id_sha256))
-        {
-            return new SHA256Digest();
-        }
-        if (oid.equals(NISTObjectIdentifiers.id_sha512))
-        {
-            return new SHA512Digest();
-        }
-        if (oid.equals(NISTObjectIdentifiers.id_shake128))
-        {
-            return new SHAKEDigest(128);
-        }
-        if (oid.equals(NISTObjectIdentifiers.id_shake256))
-        {
-            return new SHAKEDigest(256);
-        }
-
-        throw new IllegalArgumentException("unrecognized digest OID: " + oid);
-    }
-
-    static ASN1ObjectIdentifier getDigestOID(String name)
-    {
-        ASN1ObjectIdentifier oid = nameToOid.get(name);
-        if (oid != null)
-        {
-            return oid;
-        }
-
-        throw new IllegalArgumentException("unrecognized digest name: " + name);
-    }
-
-    public static int getDigestSize(Digest digest)
-    {
-        if (digest instanceof Xof)
-        {
-            return digest.getDigestSize() * 2;
-        }
-
-        return digest.getDigestSize();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/HashTreeAddress.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/HashTreeAddress.java
deleted file mode 100644
index 7ea9bb0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/HashTreeAddress.java
+++ /dev/null

@@ -1,89 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import org.bouncycastle.util.Pack;
-
-/**
- * Hash tree address.
- */
-final class HashTreeAddress
-    extends XMSSAddress
-{
-
-    private static final int TYPE = 0x02;
-    private static final int PADDING = 0x00;
-
-    private final int padding;
-    private final int treeHeight;
-    private final int treeIndex;
-
-    private HashTreeAddress(Builder builder)
-    {
-        super(builder);
-        padding = PADDING;
-        treeHeight = builder.treeHeight;
-        treeIndex = builder.treeIndex;
-    }
-
-    protected static class Builder
-        extends XMSSAddress.Builder<Builder>
-    {
-
-        /* optional */
-        private int treeHeight = 0;
-        private int treeIndex = 0;
-
-        protected Builder()
-        {
-            super(TYPE);
-        }
-
-        protected Builder withTreeHeight(int val)
-        {
-            treeHeight = val;
-            return this;
-        }
-
-        protected Builder withTreeIndex(int val)
-        {
-            treeIndex = val;
-            return this;
-        }
-
-        @Override
-        protected XMSSAddress build()
-        {
-            return new HashTreeAddress(this);
-        }
-
-        @Override
-        protected Builder getThis()
-        {
-            return this;
-        }
-    }
-
-    @Override
-    protected byte[] toByteArray()
-    {
-        byte[] byteRepresentation = super.toByteArray();
-        Pack.intToBigEndian(padding, byteRepresentation,16);
-        Pack.intToBigEndian(treeHeight, byteRepresentation, 20);
-        Pack.intToBigEndian(treeIndex, byteRepresentation, 24);
-        return byteRepresentation;
-    }
-
-    protected int getPadding()
-    {
-        return padding;
-    }
-
-    protected int getTreeHeight()
-    {
-        return treeHeight;
-    }
-
-    protected int getTreeIndex()
-    {
-        return treeIndex;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/KeyedHashFunctions.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/KeyedHashFunctions.java
deleted file mode 100644
index f428f2f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/KeyedHashFunctions.java
+++ /dev/null

@@ -1,95 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Xof;
-
-/**
- * Crypto functions for XMSS.
- */
-final class KeyedHashFunctions
-{
-
-    private final Digest digest;
-    private final int digestSize;
-
-    protected KeyedHashFunctions(Digest digest, int digestSize)
-    {
-        super();
-        if (digest == null)
-        {
-            throw new NullPointerException("digest == null");
-        }
-        this.digest = digest;
-        this.digestSize = digestSize;
-    }
-
-    private byte[] coreDigest(int fixedValue, byte[] key, byte[] index)
-    {
-        byte[] in = XMSSUtil.toBytesBigEndian(fixedValue, digestSize);
-        /* fill first n byte of out buffer */
-        digest.update(in, 0, in.length);
-		/* add key */
-        digest.update(key, 0, key.length);
-		/* add index */
-        digest.update(index, 0, index.length);
-
-        byte[] out = new byte[digestSize];
-        if (digest instanceof Xof)
-        {
-            ((Xof)digest).doFinal(out, 0, digestSize);
-        }
-        else
-        {
-            digest.doFinal(out, 0);
-        }
-        return out;
-    }
-
-    protected byte[] F(byte[] key, byte[] in)
-    {
-        if (key.length != digestSize)
-        {
-            throw new IllegalArgumentException("wrong key length");
-        }
-        if (in.length != digestSize)
-        {
-            throw new IllegalArgumentException("wrong in length");
-        }
-        return coreDigest(0, key, in);
-    }
-
-    protected byte[] H(byte[] key, byte[] in)
-    {
-        if (key.length != digestSize)
-        {
-            throw new IllegalArgumentException("wrong key length");
-        }
-        if (in.length != (2 * digestSize))
-        {
-            throw new IllegalArgumentException("wrong in length");
-        }
-        return coreDigest(1, key, in);
-    }
-
-    protected byte[] HMsg(byte[] key, byte[] in)
-    {
-        if (key.length != (3 * digestSize))
-        {
-            throw new IllegalArgumentException("wrong key length");
-        }
-        return coreDigest(2, key, in);
-    }
-
-    protected byte[] PRF(byte[] key, byte[] address)
-    {
-        if (key.length != digestSize)
-        {
-            throw new IllegalArgumentException("wrong key length");
-        }
-        if (address.length != 32)
-        {
-            throw new IllegalArgumentException("wrong address length");
-        }
-        return coreDigest(3, key, address);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/LTreeAddress.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/LTreeAddress.java
deleted file mode 100644
index d7f1a69..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/LTreeAddress.java
+++ /dev/null

@@ -1,81 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import org.bouncycastle.util.Pack;
-
-/**
- * L-tree address.
- *
- */
-final class LTreeAddress extends XMSSAddress {
-
-	private static final int TYPE = 0x01;
-	
-	private final int lTreeAddress;
-	private final int treeHeight;
-	private final int treeIndex;
-
-	private LTreeAddress(Builder builder) {
-		super(builder);
-		lTreeAddress = builder.lTreeAddress;
-		treeHeight = builder.treeHeight;
-		treeIndex = builder.treeIndex;
-	}
-	
-	protected static class Builder extends XMSSAddress.Builder<Builder> {
-
-		/* optional */
-		private int lTreeAddress = 0;
-		private int treeHeight = 0;
-		private int treeIndex = 0;
-
-		protected Builder() {
-			super(TYPE);
-		}
-		
-		protected Builder withLTreeAddress(int val) {
-			lTreeAddress = val;
-			return this;
-		}
-		
-		protected Builder withTreeHeight(int val) {
-			treeHeight = val;
-			return this;
-		}
-		
-		protected Builder withTreeIndex(int val) {
-			treeIndex = val;
-			return this;
-		}
-		
-		@Override
-		protected XMSSAddress build() {
-			return new LTreeAddress(this);
-		}
-
-		@Override
-		protected Builder getThis() {
-			return this;
-		}
-	}
-
-	@Override
-	protected byte[] toByteArray() {
-		byte[] byteRepresentation = super.toByteArray();
-		Pack.intToBigEndian(lTreeAddress, byteRepresentation, 16);
-		Pack.intToBigEndian(treeHeight, byteRepresentation, 20);
-		Pack.intToBigEndian(treeIndex, byteRepresentation, 24);
-		return byteRepresentation;
-	}
-
-	protected int getLTreeAddress() {
-		return lTreeAddress;
-	}
-	
-	protected int getTreeHeight() {
-		return treeHeight;
-	}
-	
-	protected int getTreeIndex() {
-		return treeIndex;
-	}
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/OTSHashAddress.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/OTSHashAddress.java
deleted file mode 100644
index 40f67e0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/OTSHashAddress.java
+++ /dev/null

@@ -1,95 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import org.bouncycastle.util.Pack;
-
-/**
- * OTS hash address.
- */
-final class OTSHashAddress
-    extends XMSSAddress
-{
-
-    private static final int TYPE = 0x00;
-
-    private final int otsAddress;
-    private final int chainAddress;
-    private final int hashAddress;
-
-    private OTSHashAddress(Builder builder)
-    {
-        super(builder);
-        otsAddress = builder.otsAddress;
-        chainAddress = builder.chainAddress;
-        hashAddress = builder.hashAddress;
-    }
-
-    protected static class Builder
-        extends XMSSAddress.Builder<Builder>
-    {
-
-        /* optional */
-        private int otsAddress = 0;
-        private int chainAddress = 0;
-        private int hashAddress = 0;
-
-        protected Builder()
-        {
-            super(TYPE);
-        }
-
-        protected Builder withOTSAddress(int val)
-        {
-            otsAddress = val;
-            return this;
-        }
-
-        protected Builder withChainAddress(int val)
-        {
-            chainAddress = val;
-            return this;
-        }
-
-        protected Builder withHashAddress(int val)
-        {
-            hashAddress = val;
-            return this;
-        }
-
-        @Override
-        protected XMSSAddress build()
-        {
-            return new OTSHashAddress(this);
-        }
-
-        @Override
-        protected Builder getThis()
-        {
-            return this;
-        }
-    }
-
-    @Override
-    protected byte[] toByteArray()
-    {
-        byte[] byteRepresentation = super.toByteArray();
-        Pack.intToBigEndian(otsAddress, byteRepresentation,16);
-        Pack.intToBigEndian(chainAddress, byteRepresentation, 20);
-        Pack.intToBigEndian(hashAddress, byteRepresentation, 24);
-        return byteRepresentation;
-    }
-
-    protected int getOTSAddress()
-    {
-        return otsAddress;
-    }
-
-    protected int getChainAddress()
-    {
-        return chainAddress;
-    }
-
-    protected int getHashAddress()
-    {
-        return hashAddress;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/WOTSPlus.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/WOTSPlus.java
deleted file mode 100644
index 3216b0d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/WOTSPlus.java
+++ /dev/null

@@ -1,428 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * WOTS+.
- */
-final class WOTSPlus
-{
-
-    /**
-     * WOTS+ parameters.
-     */
-    private final WOTSPlusParameters params;
-    /**
-     * Randomization functions.
-     */
-    private final KeyedHashFunctions khf;
-    /**
-     * WOTS+ secret key seed.
-     */
-    private byte[] secretKeySeed;
-    /**
-     * WOTS+ public seed.
-     */
-    private byte[] publicSeed;
-
-    /**
-     * Constructs a new WOTS+ one-time signature system based on the given WOTS+
-     * parameters.
-     *
-     * @param params Parameters for WOTSPlus object.
-     */
-    protected WOTSPlus(WOTSPlusParameters params)
-    {
-        super();
-        if (params == null)
-        {
-            throw new NullPointerException("params == null");
-        }
-        this.params = params;
-        int n = params.getDigestSize();
-        khf = new KeyedHashFunctions(params.getDigest(), n);
-        secretKeySeed = new byte[n];
-        publicSeed = new byte[n];
-    }
-
-    /**
-     * Import keys to WOTS+ instance.
-     *
-     * @param secretKeySeed Secret key seed.
-     * @param publicSeed    Public seed.
-     */
-    void importKeys(byte[] secretKeySeed, byte[] publicSeed)
-    {
-        if (secretKeySeed == null)
-        {
-            throw new NullPointerException("secretKeySeed == null");
-        }
-        if (secretKeySeed.length != params.getDigestSize())
-        {
-            throw new IllegalArgumentException("size of secretKeySeed needs to be equal to size of digest");
-        }
-        if (publicSeed == null)
-        {
-            throw new NullPointerException("publicSeed == null");
-        }
-        if (publicSeed.length != params.getDigestSize())
-        {
-            throw new IllegalArgumentException("size of publicSeed needs to be equal to size of digest");
-        }
-        this.secretKeySeed = secretKeySeed;
-        this.publicSeed = publicSeed;
-    }
-
-    /**
-     * Creates a signature for the n-byte messageDigest.
-     *
-     * @param messageDigest  Digest to sign.
-     * @param otsHashAddress OTS hash address for randomization.
-     * @return WOTS+ signature.
-     */
-    protected WOTSPlusSignature sign(byte[] messageDigest, OTSHashAddress otsHashAddress)
-    {
-        if (messageDigest == null)
-        {
-            throw new NullPointerException("messageDigest == null");
-        }
-        if (messageDigest.length != params.getDigestSize())
-        {
-            throw new IllegalArgumentException("size of messageDigest needs to be equal to size of digest");
-        }
-        if (otsHashAddress == null)
-        {
-            throw new NullPointerException("otsHashAddress == null");
-        }
-        List<Integer> baseWMessage = convertToBaseW(messageDigest, params.getWinternitzParameter(), params.getLen1());
-        /* create checksum */
-        int checksum = 0;
-        for (int i = 0; i < params.getLen1(); i++)
-        {
-            checksum += params.getWinternitzParameter() - 1 - baseWMessage.get(i);
-        }
-        checksum <<= (8 - ((params.getLen2() * XMSSUtil.log2(params.getWinternitzParameter())) % 8));
-        int len2Bytes = (int)Math
-            .ceil((double)(params.getLen2() * XMSSUtil.log2(params.getWinternitzParameter())) / 8);
-        List<Integer> baseWChecksum = convertToBaseW(XMSSUtil.toBytesBigEndian(checksum, len2Bytes),
-            params.getWinternitzParameter(), params.getLen2());
-
-		/* msg || checksum */
-        baseWMessage.addAll(baseWChecksum);
-
-		/* create signature */
-        byte[][] signature = new byte[params.getLen()][];
-        for (int i = 0; i < params.getLen(); i++)
-        {
-            otsHashAddress = (OTSHashAddress)new OTSHashAddress.Builder()
-                .withLayerAddress(otsHashAddress.getLayerAddress()).withTreeAddress(otsHashAddress.getTreeAddress())
-                .withOTSAddress(otsHashAddress.getOTSAddress()).withChainAddress(i)
-                .withHashAddress(otsHashAddress.getHashAddress()).withKeyAndMask(otsHashAddress.getKeyAndMask())
-                .build();
-            signature[i] = chain(expandSecretKeySeed(i), 0, baseWMessage.get(i), otsHashAddress);
-        }
-        return new WOTSPlusSignature(params, signature);
-    }
-
-    /**
-     * Verifies signature on message.
-     *
-     * @param messageDigest  The digest that was signed.
-     * @param signature      Signature on digest.
-     * @param otsHashAddress OTS hash address for randomization.
-     * @return true if signature was correct false else.
-     */
-    protected boolean verifySignature(byte[] messageDigest, WOTSPlusSignature signature,
-                                      OTSHashAddress otsHashAddress)
-    {
-        if (messageDigest == null)
-        {
-            throw new NullPointerException("messageDigest == null");
-        }
-        if (messageDigest.length != params.getDigestSize())
-        {
-            throw new IllegalArgumentException("size of messageDigest needs to be equal to size of digest");
-        }
-        if (signature == null)
-        {
-            throw new NullPointerException("signature == null");
-        }
-        if (otsHashAddress == null)
-        {
-            throw new NullPointerException("otsHashAddress == null");
-        }
-        byte[][] tmpPublicKey = getPublicKeyFromSignature(messageDigest, signature, otsHashAddress).toByteArray();
-        /* compare values */
-        return XMSSUtil.areEqual(tmpPublicKey, getPublicKey(otsHashAddress).toByteArray()) ? true : false;
-    }
-
-    /**
-     * Calculates a public key based on digest and signature.
-     *
-     * @param messageDigest  The digest that was signed.
-     * @param signature      Signarure on digest.
-     * @param otsHashAddress OTS hash address for randomization.
-     * @return WOTS+ public key derived from digest and signature.
-     */
-    protected WOTSPlusPublicKeyParameters getPublicKeyFromSignature(byte[] messageDigest, WOTSPlusSignature signature,
-                                                                    OTSHashAddress otsHashAddress)
-    {
-        if (messageDigest == null)
-        {
-            throw new NullPointerException("messageDigest == null");
-        }
-        if (messageDigest.length != params.getDigestSize())
-        {
-            throw new IllegalArgumentException("size of messageDigest needs to be equal to size of digest");
-        }
-        if (signature == null)
-        {
-            throw new NullPointerException("signature == null");
-        }
-        if (otsHashAddress == null)
-        {
-            throw new NullPointerException("otsHashAddress == null");
-        }
-        List<Integer> baseWMessage = convertToBaseW(messageDigest, params.getWinternitzParameter(), params.getLen1());
-		/* create checksum */
-        int checksum = 0;
-        for (int i = 0; i < params.getLen1(); i++)
-        {
-            checksum += params.getWinternitzParameter() - 1 - baseWMessage.get(i);
-        }
-        checksum <<= (8 - ((params.getLen2() * XMSSUtil.log2(params.getWinternitzParameter())) % 8));
-        int len2Bytes = (int)Math
-            .ceil((double)(params.getLen2() * XMSSUtil.log2(params.getWinternitzParameter())) / 8);
-        List<Integer> baseWChecksum = convertToBaseW(XMSSUtil.toBytesBigEndian(checksum, len2Bytes),
-            params.getWinternitzParameter(), params.getLen2());
-
-		/* msg || checksum */
-        baseWMessage.addAll(baseWChecksum);
-
-        byte[][] publicKey = new byte[params.getLen()][];
-        for (int i = 0; i < params.getLen(); i++)
-        {
-            otsHashAddress = (OTSHashAddress)new OTSHashAddress.Builder()
-                .withLayerAddress(otsHashAddress.getLayerAddress()).withTreeAddress(otsHashAddress.getTreeAddress())
-                .withOTSAddress(otsHashAddress.getOTSAddress()).withChainAddress(i)
-                .withHashAddress(otsHashAddress.getHashAddress()).withKeyAndMask(otsHashAddress.getKeyAndMask())
-                .build();
-            publicKey[i] = chain(signature.toByteArray()[i], baseWMessage.get(i),
-                params.getWinternitzParameter() - 1 - baseWMessage.get(i), otsHashAddress);
-        }
-        return new WOTSPlusPublicKeyParameters(params, publicKey);
-    }
-
-    /**
-     * Computes an iteration of F on an n-byte input using outputs of PRF.
-     *
-     * @param startHash      Starting point.
-     * @param startIndex     Start index.
-     * @param steps          Steps to take.
-     * @param otsHashAddress OTS hash address for randomization.
-     * @return Value obtained by iterating F for steps times on input startHash,
-     * using the outputs of PRF.
-     */
-    private byte[] chain(byte[] startHash, int startIndex, int steps, OTSHashAddress otsHashAddress)
-    {
-        int n = params.getDigestSize();
-        if (startHash == null)
-        {
-            throw new NullPointerException("startHash == null");
-        }
-        if (startHash.length != n)
-        {
-            throw new IllegalArgumentException("startHash needs to be " + n + "bytes");
-        }
-        if (otsHashAddress == null)
-        {
-            throw new NullPointerException("otsHashAddress == null");
-        }
-        if (otsHashAddress.toByteArray() == null)
-        {
-            throw new NullPointerException("otsHashAddress byte array == null");
-        }
-        if ((startIndex + steps) > params.getWinternitzParameter() - 1)
-        {
-            throw new IllegalArgumentException("max chain length must not be greater than w");
-        }
-
-        if (steps == 0)
-        {
-            return startHash;
-        }
-
-        byte[] tmp = chain(startHash, startIndex, steps - 1, otsHashAddress);
-        otsHashAddress = (OTSHashAddress)new OTSHashAddress.Builder()
-            .withLayerAddress(otsHashAddress.getLayerAddress()).withTreeAddress(otsHashAddress.getTreeAddress())
-            .withOTSAddress(otsHashAddress.getOTSAddress()).withChainAddress(otsHashAddress.getChainAddress())
-            .withHashAddress(startIndex + steps - 1).withKeyAndMask(0).build();
-        byte[] key = khf.PRF(publicSeed, otsHashAddress.toByteArray());
-        otsHashAddress = (OTSHashAddress)new OTSHashAddress.Builder()
-            .withLayerAddress(otsHashAddress.getLayerAddress()).withTreeAddress(otsHashAddress.getTreeAddress())
-            .withOTSAddress(otsHashAddress.getOTSAddress()).withChainAddress(otsHashAddress.getChainAddress())
-            .withHashAddress(otsHashAddress.getHashAddress()).withKeyAndMask(1).build();
-        byte[] bitmask = khf.PRF(publicSeed, otsHashAddress.toByteArray());
-        byte[] tmpMasked = new byte[n];
-        for (int i = 0; i < n; i++)
-        {
-            tmpMasked[i] = (byte)(tmp[i] ^ bitmask[i]);
-        }
-        tmp = khf.F(key, tmpMasked);
-        return tmp;
-    }
-
-    /**
-     * Obtain base w values from Input.
-     *
-     * @param messageDigest Input data.
-     * @param w             Base.
-     * @param outLength     Length of output.
-     * @return outLength-length list of base w integers.
-     */
-    private List<Integer> convertToBaseW(byte[] messageDigest, int w, int outLength)
-    {
-        if (messageDigest == null)
-        {
-            throw new NullPointerException("msg == null");
-        }
-        if (w != 4 && w != 16)
-        {
-            throw new IllegalArgumentException("w needs to be 4 or 16");
-        }
-        int logW = XMSSUtil.log2(w);
-        if (outLength > ((8 * messageDigest.length) / logW))
-        {
-            throw new IllegalArgumentException("outLength too big");
-        }
-
-        ArrayList<Integer> res = new ArrayList<Integer>();
-        for (int i = 0; i < messageDigest.length; i++)
-        {
-            for (int j = 8 - logW; j >= 0; j -= logW)
-            {
-                res.add((messageDigest[i] >> j) & (w - 1));
-                if (res.size() == outLength)
-                {
-                    return res;
-                }
-            }
-        }
-        return res;
-    }
-
-    /**
-     * Derive WOTS+ secret key for specific index as in XMSS ref impl Andreas
-     * Huelsing.
-     *
-     * @param otsHashAddress
-     * @return WOTS+ secret key at index.
-     */
-    protected byte[] getWOTSPlusSecretKey(byte[] secretKeySeed, OTSHashAddress otsHashAddress)
-    {
-        otsHashAddress = (OTSHashAddress)new OTSHashAddress.Builder()
-            .withLayerAddress(otsHashAddress.getLayerAddress()).withTreeAddress(otsHashAddress.getTreeAddress())
-            .withOTSAddress(otsHashAddress.getOTSAddress()).build();
-        return khf.PRF(secretKeySeed, otsHashAddress.toByteArray());
-    }
-
-    /**
-     * Derive private key at index from secret key seed.
-     *
-     * @param index Index.
-     * @return Private key at index.
-     */
-    private byte[] expandSecretKeySeed(int index)
-    {
-        if (index < 0 || index >= params.getLen())
-        {
-            throw new IllegalArgumentException("index out of bounds");
-        }
-        return khf.PRF(secretKeySeed, XMSSUtil.toBytesBigEndian(index, 32));
-    }
-
-    /**
-     * Getter parameters.
-     *
-     * @return params.
-     */
-    protected WOTSPlusParameters getParams()
-    {
-        return params;
-    }
-
-    /**
-     * Getter keyed hash functions.
-     *
-     * @return keyed hash functions.
-     */
-    protected KeyedHashFunctions getKhf()
-    {
-        return khf;
-    }
-
-    /**
-     * Getter secret key seed.
-     *
-     * @return secret key seed.
-     */
-    protected byte[] getSecretKeySeed()
-    {
-        return Arrays.clone(secretKeySeed);
-    }
-
-    /**
-     * Getter public seed.
-     *
-     * @return public seed.
-     */
-    protected byte[] getPublicSeed()
-    {
-        return Arrays.clone(publicSeed);
-    }
-
-    /**
-     * Getter private key.
-     *
-     * @return WOTS+ private key.
-     */
-    protected WOTSPlusPrivateKeyParameters getPrivateKey()
-    {
-        byte[][] privateKey = new byte[params.getLen()][];
-        for (int i = 0; i < privateKey.length; i++)
-        {
-            privateKey[i] = expandSecretKeySeed(i);
-        }
-        return new WOTSPlusPrivateKeyParameters(params, privateKey);
-    }
-
-    /**
-     * Calculates a new public key based on the state of secretKeySeed,
-     * publicSeed and otsHashAddress.
-     *
-     * @param otsHashAddress OTS hash address for randomization.
-     * @return WOTS+ public key.
-     */
-    protected WOTSPlusPublicKeyParameters getPublicKey(OTSHashAddress otsHashAddress)
-    {
-        if (otsHashAddress == null)
-        {
-            throw new NullPointerException("otsHashAddress == null");
-        }
-        byte[][] publicKey = new byte[params.getLen()][];
-		/* derive public key from secretKeySeed */
-        for (int i = 0; i < params.getLen(); i++)
-        {
-            otsHashAddress = (OTSHashAddress)new OTSHashAddress.Builder()
-                .withLayerAddress(otsHashAddress.getLayerAddress()).withTreeAddress(otsHashAddress.getTreeAddress())
-                .withOTSAddress(otsHashAddress.getOTSAddress()).withChainAddress(i)
-                .withHashAddress(otsHashAddress.getHashAddress()).withKeyAndMask(otsHashAddress.getKeyAndMask())
-                .build();
-            publicKey[i] = chain(expandSecretKeySeed(i), 0, params.getWinternitzParameter() - 1, otsHashAddress);
-        }
-        return new WOTSPlusPublicKeyParameters(params, publicKey);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/WOTSPlusOid.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/WOTSPlusOid.java
deleted file mode 100644
index 150b7a0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/WOTSPlusOid.java
+++ /dev/null

@@ -1,97 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import java.util.Collections;
-import java.util.HashMap;
-import java.util.Map;
-
-/**
- * WOTS+ OID class.
- */
-final class WOTSPlusOid
-    implements XMSSOid
-{
-
-    /**
-     * XMSS OID lookup table.
-     */
-    private static final Map<String, WOTSPlusOid> oidLookupTable;
-
-    static
-    {
-        Map<String, WOTSPlusOid> map = new HashMap<String, WOTSPlusOid>();
-        map.put(createKey("SHA-256", 32, 16, 67), new WOTSPlusOid(0x01000001, "WOTSP_SHA2-256_W16"));
-        map.put(createKey("SHA-512", 64, 16, 131), new WOTSPlusOid(0x02000002, "WOTSP_SHA2-512_W16"));
-        map.put(createKey("SHAKE128", 32, 16, 67), new WOTSPlusOid(0x03000003, "WOTSP_SHAKE128_W16"));
-        map.put(createKey("SHAKE256", 64, 16, 131), new WOTSPlusOid(0x04000004, "WOTSP_SHAKE256_W16"));
-        oidLookupTable = Collections.unmodifiableMap(map);
-    }
-
-    /**
-     * OID.
-     */
-    private final int oid;
-    /**
-     * String representation of OID.
-     */
-    private final String stringRepresentation;
-
-    /**
-     * Constructor...
-     *
-     * @param oid                  OID.
-     * @param stringRepresentation String representation of OID.
-     */
-    private WOTSPlusOid(int oid, String stringRepresentation)
-    {
-        super();
-        this.oid = oid;
-        this.stringRepresentation = stringRepresentation;
-    }
-
-    /**
-     * Lookup OID.
-     *
-     * @param algorithmName       Algorithm name.
-     * @param winternitzParameter Winternitz parameter.
-     * @return WOTS+ OID if parameters were found, null else.
-     */
-    protected static WOTSPlusOid lookup(String algorithmName, int digestSize, int winternitzParameter, int len)
-    {
-        if (algorithmName == null)
-        {
-            throw new NullPointerException("algorithmName == null");
-        }
-        return oidLookupTable.get(createKey(algorithmName, digestSize, winternitzParameter, len));
-    }
-
-    /**
-     * Create a key based on parameters.
-     *
-     * @param algorithmName       Algorithm name.
-     * @param winternitzParameter Winternitz Parameter.
-     * @return String representation of parameters for lookup table.
-     */
-    private static String createKey(String algorithmName, int digestSize, int winternitzParameter, int len)
-    {
-        if (algorithmName == null)
-        {
-            throw new NullPointerException("algorithmName == null");
-        }
-        return algorithmName + "-" + digestSize + "-" + winternitzParameter + "-" + len;
-    }
-
-    /**
-     * Getter OID.
-     *
-     * @return OID.
-     */
-    public int getOid()
-    {
-        return oid;
-    }
-
-    public String toString()
-    {
-        return stringRepresentation;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/WOTSPlusParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/WOTSPlusParameters.java
deleted file mode 100644
index 3a32629..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/WOTSPlusParameters.java
+++ /dev/null

@@ -1,136 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import org.bouncycastle.crypto.Digest;
-
-/**
- * WOTS+ Parameters.
- */
-final class WOTSPlusParameters
-{
-
-    /**
-     * OID.
-     */
-    private final XMSSOid oid;
-    /**
-     * Digest used in WOTS+.
-     */
-    private final Digest digest;
-    /**
-     * The message digest size.
-     */
-    private final int digestSize;
-    /**
-     * The Winternitz parameter (currently fixed to 16).
-     */
-    private final int winternitzParameter;
-    /**
-     * The number of n-byte string elements in a WOTS+ secret key, public key,
-     * and signature.
-     */
-    private final int len;
-    /**
-     * len1.
-     */
-    private final int len1;
-    /**
-     * len2.
-     */
-    private final int len2;
-
-    /**
-     * Constructor...
-     *
-     * @param digest The digest used for WOTS+.
-     */
-    protected WOTSPlusParameters(Digest digest)
-    {
-        super();
-        if (digest == null)
-        {
-            throw new NullPointerException("digest == null");
-        }
-        this.digest = digest;
-        digestSize = XMSSUtil.getDigestSize(digest);
-        winternitzParameter = 16;
-        len1 = (int)Math.ceil((double)(8 * digestSize) / XMSSUtil.log2(winternitzParameter));
-        len2 = (int)Math.floor(XMSSUtil.log2(len1 * (winternitzParameter - 1)) / XMSSUtil.log2(winternitzParameter))
-            + 1;
-        len = len1 + len2;
-        oid = WOTSPlusOid.lookup(digest.getAlgorithmName(), digestSize, winternitzParameter, len);
-        if (oid == null)
-        {
-            throw new IllegalArgumentException("cannot find OID for digest algorithm: " + digest.getAlgorithmName());
-        }
-    }
-
-    /**
-     * Getter OID.
-     *
-     * @return WOTS+ OID.
-     */
-    protected XMSSOid getOid()
-    {
-        return oid;
-    }
-
-    /**
-     * Getter digest.
-     *
-     * @return digest.
-     */
-    protected Digest getDigest()
-    {
-        return digest;
-    }
-
-    /**
-     * Getter digestSize.
-     *
-     * @return digestSize.
-     */
-    protected int getDigestSize()
-    {
-        return digestSize;
-    }
-
-    /**
-     * Getter WinternitzParameter.
-     *
-     * @return winternitzParameter.
-     */
-    protected int getWinternitzParameter()
-    {
-        return winternitzParameter;
-    }
-
-    /**
-     * Getter len.
-     *
-     * @return len.
-     */
-    protected int getLen()
-    {
-        return len;
-    }
-
-    /**
-     * Getter len1.
-     *
-     * @return len1.
-     */
-    protected int getLen1()
-    {
-        return len1;
-    }
-
-    /**
-     * Getter len2.
-     *
-     * @return len2.
-     */
-    protected int getLen2()
-    {
-        return len2;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/WOTSPlusPrivateKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/WOTSPlusPrivateKeyParameters.java
deleted file mode 100644
index 482ff6b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/WOTSPlusPrivateKeyParameters.java
+++ /dev/null

@@ -1,44 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-/**
- * WOTS+ private key.
- */
-final class WOTSPlusPrivateKeyParameters
-{
-
-    private final byte[][] privateKey;
-
-    protected WOTSPlusPrivateKeyParameters(WOTSPlusParameters params, byte[][] privateKey)
-    {
-        super();
-        if (params == null)
-        {
-            throw new NullPointerException("params == null");
-        }
-        if (privateKey == null)
-        {
-            throw new NullPointerException("privateKey == null");
-        }
-        if (XMSSUtil.hasNullPointer(privateKey))
-        {
-            throw new NullPointerException("privateKey byte array == null");
-        }
-        if (privateKey.length != params.getLen())
-        {
-            throw new IllegalArgumentException("wrong privateKey format");
-        }
-        for (int i = 0; i < privateKey.length; i++)
-        {
-            if (privateKey[i].length != params.getDigestSize())
-            {
-                throw new IllegalArgumentException("wrong privateKey format");
-            }
-        }
-        this.privateKey = XMSSUtil.cloneArray(privateKey);
-    }
-
-    protected byte[][] toByteArray()
-    {
-        return XMSSUtil.cloneArray(privateKey);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/WOTSPlusPublicKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/WOTSPlusPublicKeyParameters.java
deleted file mode 100644
index 9d3ec9a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/WOTSPlusPublicKeyParameters.java
+++ /dev/null

@@ -1,44 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-/**
- * WOTS+ public key.
- */
-final class WOTSPlusPublicKeyParameters
-{
-
-    private final byte[][] publicKey;
-
-    protected WOTSPlusPublicKeyParameters(WOTSPlusParameters params, byte[][] publicKey)
-    {
-        super();
-        if (params == null)
-        {
-            throw new NullPointerException("params == null");
-        }
-        if (publicKey == null)
-        {
-            throw new NullPointerException("publicKey == null");
-        }
-        if (XMSSUtil.hasNullPointer(publicKey))
-        {
-            throw new NullPointerException("publicKey byte array == null");
-        }
-        if (publicKey.length != params.getLen())
-        {
-            throw new IllegalArgumentException("wrong publicKey size");
-        }
-        for (int i = 0; i < publicKey.length; i++)
-        {
-            if (publicKey[i].length != params.getDigestSize())
-            {
-                throw new IllegalArgumentException("wrong publicKey format");
-            }
-        }
-        this.publicKey = XMSSUtil.cloneArray(publicKey);
-    }
-
-    protected byte[][] toByteArray()
-    {
-        return XMSSUtil.cloneArray(publicKey);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/WOTSPlusSignature.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/WOTSPlusSignature.java
deleted file mode 100644
index 1ae0156..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/WOTSPlusSignature.java
+++ /dev/null

@@ -1,44 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-/**
- * WOTS+ signature.
- */
-final class WOTSPlusSignature
-{
-
-    private byte[][] signature;
-
-    protected WOTSPlusSignature(WOTSPlusParameters params, byte[][] signature)
-    {
-        super();
-        if (params == null)
-        {
-            throw new NullPointerException("params == null");
-        }
-        if (signature == null)
-        {
-            throw new NullPointerException("signature == null");
-        }
-        if (XMSSUtil.hasNullPointer(signature))
-        {
-            throw new NullPointerException("signature byte array == null");
-        }
-        if (signature.length != params.getLen())
-        {
-            throw new IllegalArgumentException("wrong signature size");
-        }
-        for (int i = 0; i < signature.length; i++)
-        {
-            if (signature[i].length != params.getDigestSize())
-            {
-                throw new IllegalArgumentException("wrong signature format");
-            }
-        }
-        this.signature = XMSSUtil.cloneArray(signature);
-    }
-
-    public byte[][] toByteArray()
-    {
-        return XMSSUtil.cloneArray(signature);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSS.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSS.java
deleted file mode 100644
index c765237..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSS.java
+++ /dev/null

@@ -1,350 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import java.security.SecureRandom;
-import java.text.ParseException;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.util.Arrays;
-
-/**
- * XMSS.
- */
-public class XMSS
-{
-
-    /**
-     * XMSS parameters.
-     */
-    private final XMSSParameters params;
-    /**
-     * WOTS+ instance.
-     */
-    private WOTSPlus wotsPlus;
-    /**
-     * PRNG.
-     */
-    private SecureRandom prng;
-
-    /**
-     * XMSS private key.
-     */
-    private XMSSPrivateKeyParameters privateKey;
-    /**
-     * XMSS public key.
-     */
-    private XMSSPublicKeyParameters publicKey;
-
-    /**
-     * XMSS constructor...
-     *
-     * @param params XMSSParameters.
-     */
-    public XMSS(XMSSParameters params, SecureRandom prng)
-    {
-        super();
-        if (params == null)
-        {
-            throw new NullPointerException("params == null");
-        }
-        this.params = params;
-        wotsPlus = params.getWOTSPlus();
-        this.prng = prng;
-    }
-
-//    public void generateKeys()
-//    {
-//        /* generate private key */
-//        privateKey = generatePrivateKey(params, prng);
-//        XMSSNode root = privateKey.getBDSState().initialize(privateKey, (OTSHashAddress)new OTSHashAddress.Builder().build());
-//
-//        privateKey = new XMSSPrivateKeyParameters.Builder(params).withIndex(privateKey.getIndex())
-//            .withSecretKeySeed(privateKey.getSecretKeySeed()).withSecretKeyPRF(privateKey.getSecretKeyPRF())
-//            .withPublicSeed(privateKey.getPublicSeed()).withRoot(root.getValue())
-//            .withBDSState(privateKey.getBDSState()).build();
-//        publicKey = new XMSSPublicKeyParameters.Builder(params).withRoot(root.getValue())
-//            .withPublicSeed(getPublicSeed()).build();
-//
-//    }
-//
-//    /**
-//     * Generate an XMSS private key.
-//     *
-//     * @return XMSS private key.
-//     */
-//    private XMSSPrivateKeyParameters generatePrivateKey(XMSSParameters params, SecureRandom prng)
-//    {
-//        int n = params.getDigestSize();
-//        byte[] secretKeySeed = new byte[n];
-//        prng.nextBytes(secretKeySeed);
-//        byte[] secretKeyPRF = new byte[n];
-//        prng.nextBytes(secretKeyPRF);
-//        byte[] publicSeed = new byte[n];
-//        prng.nextBytes(publicSeed);
-//
-//        XMSS xmss = new XMSS(params, prng);
-//
-////        this.privateKey = xmss.privateKey;
-////        this.publicKey = xmss.publicKey;
-////        this.wotsPlus = xmss.wotsPlus;
-////        this.khf = xmss.khf;
-//
-//        XMSSPrivateKeyParameters privateKey = new XMSSPrivateKeyParameters.Builder(params).withSecretKeySeed(secretKeySeed)
-//            .withSecretKeyPRF(secretKeyPRF).withPublicSeed(publicSeed)
-//            .withBDSState(new BDS(xmss)).build();
-//
-//        return privateKey;
-//    }
-
-    /**
-     * Generate a new XMSS private key / public key pair.
-     */
-    public void generateKeys()
-    {
-        XMSSKeyPairGenerator kpGen = new XMSSKeyPairGenerator();
-
-        kpGen.init(new XMSSKeyGenerationParameters(getParams(), prng));
-
-        AsymmetricCipherKeyPair kp = kpGen.generateKeyPair();
-
-        privateKey = (XMSSPrivateKeyParameters)kp.getPrivate();
-        publicKey = (XMSSPublicKeyParameters)kp.getPublic();
-
-        wotsPlus.importKeys(new byte[params.getDigestSize()], this.privateKey.getPublicSeed());
-    }
-
-    void importState(XMSSPrivateKeyParameters privateKey, XMSSPublicKeyParameters publicKey)
-    {
-        if (!Arrays.areEqual(privateKey.getRoot(), publicKey.getRoot()))
-        {
-            throw new IllegalStateException("root of private key and public key do not match");
-        }
-        if (!Arrays.areEqual(privateKey.getPublicSeed(), publicKey.getPublicSeed()))
-        {
-            throw new IllegalStateException("public seed of private key and public key do not match");
-        }
-        /* import */
-        this.privateKey = privateKey;
-        this.publicKey = publicKey;
-
-        wotsPlus.importKeys(new byte[params.getDigestSize()], this.privateKey.getPublicSeed());
-    }
-
-    /**
-     * Import XMSS private key / public key pair.
-     *
-     * @param privateKey XMSS private key.
-     * @param publicKey  XMSS public key.
-     */
-    public void importState(byte[] privateKey, byte[] publicKey)
-    {
-        if (privateKey == null)
-        {
-            throw new NullPointerException("privateKey == null");
-        }
-        if (publicKey == null)
-        {
-            throw new NullPointerException("publicKey == null");
-        }
-        /* import keys */
-        XMSSPrivateKeyParameters tmpPrivateKey = new XMSSPrivateKeyParameters.Builder(params)
-            .withPrivateKey(privateKey, this.getParams()).build();
-        XMSSPublicKeyParameters tmpPublicKey = new XMSSPublicKeyParameters.Builder(params).withPublicKey(publicKey)
-            .build();
-        if (!Arrays.areEqual(tmpPrivateKey.getRoot(), tmpPublicKey.getRoot()))
-        {
-            throw new IllegalStateException("root of private key and public key do not match");
-        }
-        if (!Arrays.areEqual(tmpPrivateKey.getPublicSeed(), tmpPublicKey.getPublicSeed()))
-        {
-            throw new IllegalStateException("public seed of private key and public key do not match");
-        }
-		/* import */
-        this.privateKey = tmpPrivateKey;
-        this.publicKey = tmpPublicKey;
-        wotsPlus.importKeys(new byte[params.getDigestSize()], this.privateKey.getPublicSeed());
-    }
-
-    /**
-     * Sign message.
-     *
-     * @param message Message to sign.
-     * @return XMSS signature on digest of message.
-     */
-    public byte[] sign(byte[] message)
-    {
-        if (message == null)
-        {
-            throw new NullPointerException("message == null");
-        }
-        XMSSSigner signer = new XMSSSigner();
-
-        signer.init(true, privateKey);
-
-        byte[] signature = signer.generateSignature(message);
-
-        privateKey = (XMSSPrivateKeyParameters)signer.getUpdatedPrivateKey();
-
-        importState(privateKey, publicKey);
-
-        return signature;
-    }
-
-    /**
-     * Verify an XMSS signature.
-     *
-     * @param message   Message.
-     * @param signature XMSS signature.
-     * @param publicKey XMSS public key.
-     * @return true if signature is valid false else.
-     * @throws ParseException
-     */
-    public boolean verifySignature(byte[] message, byte[] signature, byte[] publicKey)
-        throws ParseException
-    {
-        if (message == null)
-        {
-            throw new NullPointerException("message == null");
-        }
-        if (signature == null)
-        {
-            throw new NullPointerException("signature == null");
-        }
-        if (publicKey == null)
-        {
-            throw new NullPointerException("publicKey == null");
-        }
-
-        XMSSSigner signer = new XMSSSigner();
-
-        signer.init(false, new XMSSPublicKeyParameters.Builder(getParams()).withPublicKey(publicKey).build());
-
-        return signer.verifySignature(message, signature);
-    }
-
-    /**
-     * Export XMSS private key.
-     *
-     * @return XMSS private key.
-     */
-    public byte[] exportPrivateKey()
-    {
-        return privateKey.toByteArray();
-    }
-
-    /**
-     * Export XMSS public key.
-     *
-     * @return XMSS public key.
-     */
-    public byte[] exportPublicKey()
-    {
-        return publicKey.toByteArray();
-    }
-
-    /**
-     * Generate a WOTS+ signature on a message without the corresponding
-     * authentication path
-     *
-     * @param messageDigest  Message digest of length n.
-     * @param otsHashAddress OTS hash address.
-     * @return XMSS signature.
-     */
-    protected WOTSPlusSignature wotsSign(byte[] messageDigest, OTSHashAddress otsHashAddress)
-    {
-        if (messageDigest.length != params.getDigestSize())
-        {
-            throw new IllegalArgumentException("size of messageDigest needs to be equal to size of digest");
-        }
-        if (otsHashAddress == null)
-        {
-            throw new NullPointerException("otsHashAddress == null");
-        }
-		/* (re)initialize WOTS+ instance */
-        wotsPlus.importKeys(wotsPlus.getWOTSPlusSecretKey(privateKey.getSecretKeySeed(), otsHashAddress), getPublicSeed());
-		/* create WOTS+ signature */
-        return wotsPlus.sign(messageDigest, otsHashAddress);
-    }
-
-    /**
-     * Getter XMSS params.
-     *
-     * @return XMSS params.
-     */
-    public XMSSParameters getParams()
-    {
-        return params;
-    }
-
-    /**
-     * Getter WOTS+.
-     *
-     * @return WOTS+ instance.
-     */
-    protected WOTSPlus getWOTSPlus()
-    {
-        return wotsPlus;
-    }
-
-    /**
-     * Getter XMSS root.
-     *
-     * @return Root of binary tree.
-     */
-    public byte[] getRoot()
-    {
-        return privateKey.getRoot();
-    }
-
-    protected void setRoot(byte[] root)
-    {
-        privateKey = new XMSSPrivateKeyParameters.Builder(params)
-            .withSecretKeySeed(privateKey.getSecretKeySeed()).withSecretKeyPRF(privateKey.getSecretKeyPRF())
-            .withPublicSeed(getPublicSeed()).withRoot(root).withBDSState(privateKey.getBDSState()).build();
-        publicKey = new XMSSPublicKeyParameters.Builder(params).withRoot(root).withPublicSeed(getPublicSeed())
-            .build();
-    }
-
-    /**
-     * Getter XMSS index.
-     *
-     * @return Index.
-     */
-    public int getIndex()
-    {
-        return privateKey.getIndex();
-    }
-
-    protected void setIndex(int index)
-    {
-        privateKey = new XMSSPrivateKeyParameters.Builder(params)
-            .withSecretKeySeed(privateKey.getSecretKeySeed()).withSecretKeyPRF(privateKey.getSecretKeyPRF())
-            .withPublicSeed(privateKey.getPublicSeed()).withRoot(privateKey.getRoot())
-            .withBDSState(privateKey.getBDSState()).build();
-    }
-
-    /**
-     * Getter XMSS public seed.
-     *
-     * @return Public seed.
-     */
-    public byte[] getPublicSeed()
-    {
-        return privateKey.getPublicSeed();
-    }
-
-    protected void setPublicSeed(byte[] publicSeed)
-    {
-        privateKey = new XMSSPrivateKeyParameters.Builder(params)
-            .withSecretKeySeed(privateKey.getSecretKeySeed()).withSecretKeyPRF(privateKey.getSecretKeyPRF())
-            .withPublicSeed(publicSeed).withRoot(getRoot()).withBDSState(privateKey.getBDSState()).build();
-        publicKey = new XMSSPublicKeyParameters.Builder(params).withRoot(getRoot()).withPublicSeed(publicSeed)
-            .build();
-
-        wotsPlus.importKeys(new byte[params.getDigestSize()], publicSeed);
-    }
-
-    public XMSSPrivateKeyParameters getPrivateKey()
-    {
-        return privateKey;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSAddress.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSAddress.java
deleted file mode 100644
index b78bdc9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSAddress.java
+++ /dev/null

@@ -1,92 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import org.bouncycastle.util.Pack;
-
-/**
- * XMSS address.
- */
-public abstract class XMSSAddress
-{
-
-    private final int layerAddress;
-    private final long treeAddress;
-    private final int type;
-    private final int keyAndMask;
-
-    protected XMSSAddress(Builder builder)
-    {
-        layerAddress = builder.layerAddress;
-        treeAddress = builder.treeAddress;
-        type = builder.type;
-        keyAndMask = builder.keyAndMask;
-    }
-
-    protected static abstract class Builder<T extends Builder>
-    {
-
-        /* mandatory */
-        private final int type;
-        /* optional */
-        private int layerAddress = 0;
-        private long treeAddress = 0L;
-        private int keyAndMask = 0;
-
-        protected Builder(int type)
-        {
-            super();
-            this.type = type;
-        }
-
-        protected T withLayerAddress(int val)
-        {
-            layerAddress = val;
-            return getThis();
-        }
-
-        protected T withTreeAddress(long val)
-        {
-            treeAddress = val;
-            return getThis();
-        }
-
-        protected T withKeyAndMask(int val)
-        {
-            keyAndMask = val;
-            return getThis();
-        }
-
-        protected abstract XMSSAddress build();
-
-        protected abstract T getThis();
-    }
-
-    protected byte[] toByteArray()
-    {
-        byte[] byteRepresentation = new byte[32];
-        Pack.intToBigEndian(layerAddress, byteRepresentation, 0);
-        Pack.longToBigEndian(treeAddress, byteRepresentation, 4);
-        Pack.intToBigEndian(type, byteRepresentation, 12);
-        Pack.intToBigEndian(keyAndMask, byteRepresentation, 28);
-        return byteRepresentation;
-    }
-
-    protected final int getLayerAddress()
-    {
-        return layerAddress;
-    }
-
-    protected final long getTreeAddress()
-    {
-        return treeAddress;
-    }
-
-    public final int getType()
-    {
-        return type;
-    }
-
-    public final int getKeyAndMask()
-    {
-        return keyAndMask;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSKeyGenerationParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSKeyGenerationParameters.java
deleted file mode 100644
index 7c67499..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSKeyGenerationParameters.java
+++ /dev/null

@@ -1,31 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.KeyGenerationParameters;
-
-/**
- * XMSS key-pair generation parameters.
- */
-public final class XMSSKeyGenerationParameters
-    extends KeyGenerationParameters
-{
-    private final XMSSParameters xmssParameters;
-
-    /**
-     * XMSSMT constructor...
-     *
-     * @param prng   Secure random to use.
-     */
-    public XMSSKeyGenerationParameters(XMSSParameters xmssParameters, SecureRandom prng)
-    {
-        super(prng,-1);
-
-        this.xmssParameters = xmssParameters;
-    }
-
-    public XMSSParameters getParameters()
-    {
-        return xmssParameters;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSKeyPairGenerator.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSKeyPairGenerator.java
deleted file mode 100644
index b9bf679..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSKeyPairGenerator.java
+++ /dev/null

@@ -1,73 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-
-/**
- * Key pair generator for XMSS keys.
- */
-public final class XMSSKeyPairGenerator
-{
-    private XMSSParameters params;
-    private SecureRandom prng;
-
-    /**
-     * Base constructor...
-     */
-    public XMSSKeyPairGenerator()
-    {
-    }
-
-    public void init(
-        KeyGenerationParameters param)
-    {
-        XMSSKeyGenerationParameters parameters = (XMSSKeyGenerationParameters)param;
-
-        this.prng = parameters.getRandom();
-        this.params = parameters.getParameters();
-    }
-
-    /**
-     * Generate a new XMSS private key / public key pair.
-     */
-    public AsymmetricCipherKeyPair generateKeyPair()
-    {
-        /* generate private key */
-        XMSSPrivateKeyParameters privateKey = generatePrivateKey(params, prng);
-        XMSSNode root = privateKey.getBDSState().getRoot();
-
-        privateKey = new XMSSPrivateKeyParameters.Builder(params)
-            .withSecretKeySeed(privateKey.getSecretKeySeed()).withSecretKeyPRF(privateKey.getSecretKeyPRF())
-            .withPublicSeed(privateKey.getPublicSeed()).withRoot(root.getValue())
-            .withBDSState(privateKey.getBDSState()).build();
-
-        XMSSPublicKeyParameters  publicKey = new XMSSPublicKeyParameters.Builder(params).withRoot(root.getValue())
-            .withPublicSeed(privateKey.getPublicSeed()).build();
-
-        return new AsymmetricCipherKeyPair(publicKey, privateKey);
-    }
-
-    /**
-     * Generate an XMSS private key.
-     *
-     * @return XMSS private key.
-     */
-    private XMSSPrivateKeyParameters generatePrivateKey(XMSSParameters params, SecureRandom prng)
-    {
-        int n = params.getDigestSize();
-        byte[] secretKeySeed = new byte[n];
-        prng.nextBytes(secretKeySeed);
-        byte[] secretKeyPRF = new byte[n];
-        prng.nextBytes(secretKeyPRF);
-        byte[] publicSeed = new byte[n];
-        prng.nextBytes(publicSeed);
-
-        XMSSPrivateKeyParameters privateKey = new XMSSPrivateKeyParameters.Builder(params).withSecretKeySeed(secretKeySeed)
-            .withSecretKeyPRF(secretKeyPRF).withPublicSeed(publicSeed)
-            .withBDSState(new BDS(params, publicSeed, secretKeySeed, (OTSHashAddress)new OTSHashAddress.Builder().build())).build();
-
-        return privateKey;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSKeyParameters.java
deleted file mode 100644
index 523805d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSKeyParameters.java
+++ /dev/null

@@ -1,25 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-
-public class XMSSKeyParameters
-    extends AsymmetricKeyParameter
-{
-    public static final String SHA_256 = "SHA-256";
-    public static final String SHA_512 = "SHA-512";
-    public static final String SHAKE128 = "SHAKE128";
-    public static final String SHAKE256 = "SHAKE256";
-
-    private final String treeDigest;
-
-    public XMSSKeyParameters(boolean isPrivateKey, String treeDigest)
-    {
-        super(isPrivateKey);
-        this.treeDigest = treeDigest;
-    }
-
-    public String getTreeDigest()
-    {
-        return treeDigest;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMT.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMT.java
deleted file mode 100644
index 29abf11..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMT.java
+++ /dev/null

@@ -1,206 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import java.security.SecureRandom;
-import java.text.ParseException;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.util.Arrays;
-
-/**
- * XMSS^MT.
- */
-public final class XMSSMT
-{
-
-    private XMSSMTParameters params;
-    private XMSSParameters xmssParams;
-    private SecureRandom prng;
-    private XMSSMTPrivateKeyParameters privateKey;
-    private XMSSMTPublicKeyParameters publicKey;
-
-    /**
-     * XMSSMT constructor...
-     *
-     * @param params XMSSMTParameters.
-     */
-    public XMSSMT(XMSSMTParameters params, SecureRandom prng)
-    {
-        super();
-        if (params == null)
-        {
-            throw new NullPointerException("params == null");
-        }
-        this.params = params;
-        xmssParams = params.getXMSSParameters();
-        this.prng = prng;
-
-        privateKey = new XMSSMTPrivateKeyParameters.Builder(params).build();
-        publicKey = new XMSSMTPublicKeyParameters.Builder(params).build();
-    }
-
-    /**
-     * Generate a new XMSSMT private key / public key pair.
-     */
-    public void generateKeys()
-    {
-        XMSSMTKeyPairGenerator kpGen = new XMSSMTKeyPairGenerator();
-
-        kpGen.init(new XMSSMTKeyGenerationParameters(getParams(), prng));
-
-        AsymmetricCipherKeyPair kp = kpGen.generateKeyPair();
-
-        privateKey = (XMSSMTPrivateKeyParameters)kp.getPrivate();
-        publicKey = (XMSSMTPublicKeyParameters)kp.getPublic();
-
-        importState(privateKey, publicKey);
-    }
-
-    private void importState(XMSSMTPrivateKeyParameters privateKey, XMSSMTPublicKeyParameters publicKey)
-    {
-		/* import to xmss */
-        xmssParams.getWOTSPlus().importKeys(new byte[params.getDigestSize()], this.privateKey.getPublicSeed());
-
-        this.privateKey = privateKey;
-        this.publicKey = publicKey;
-    }
-
-    /**
-     * Import XMSSMT private key / public key pair.
-     *
-     * @param privateKey XMSSMT private key.
-     * @param publicKey  XMSSMT public key.
-     */
-    public void importState(byte[] privateKey, byte[] publicKey)
-    {
-        if (privateKey == null)
-        {
-            throw new NullPointerException("privateKey == null");
-        }
-        if (publicKey == null)
-        {
-            throw new NullPointerException("publicKey == null");
-        }
-        XMSSMTPrivateKeyParameters xmssMTPrivateKey = new XMSSMTPrivateKeyParameters.Builder(params)
-            .withPrivateKey(privateKey, xmssParams).build();
-        XMSSMTPublicKeyParameters xmssMTPublicKey = new XMSSMTPublicKeyParameters.Builder(params)
-            .withPublicKey(publicKey).build();
-        if (!Arrays.areEqual(xmssMTPrivateKey.getRoot(), xmssMTPublicKey.getRoot()))
-        {
-            throw new IllegalStateException("root of private key and public key do not match");
-        }
-        if (!Arrays.areEqual(xmssMTPrivateKey.getPublicSeed(), xmssMTPublicKey.getPublicSeed()))
-        {
-            throw new IllegalStateException("public seed of private key and public key do not match");
-        }
-        
-		/* import to xmss */
-        xmssParams.getWOTSPlus().importKeys(new byte[params.getDigestSize()], xmssMTPrivateKey.getPublicSeed());
-
-        this.privateKey = xmssMTPrivateKey;
-        this.publicKey = xmssMTPublicKey;
-    }
-
-    /**
-     * Sign message.
-     *
-     * @param message Message to sign.
-     * @return XMSSMT signature on digest of message.
-     */
-    public byte[] sign(byte[] message)
-    {
-        if (message == null)
-        {
-            throw new NullPointerException("message == null");
-        }
-
-        XMSSMTSigner signer = new XMSSMTSigner();
-
-        signer.init(true, privateKey);
-
-        byte[] signature = signer.generateSignature(message);
-
-        privateKey = (XMSSMTPrivateKeyParameters)signer.getUpdatedPrivateKey();
-
-        importState(privateKey, publicKey);
-
-        return signature;
-    }
-
-    /**
-     * Verify an XMSSMT signature.
-     *
-     * @param message   Message.
-     * @param signature XMSSMT signature.
-     * @param publicKey XMSSMT public key.
-     * @return true if signature is valid false else.
-     * @throws ParseException
-     */
-    public boolean verifySignature(byte[] message, byte[] signature, byte[] publicKey)
-        throws ParseException
-    {
-        if (message == null)
-        {
-            throw new NullPointerException("message == null");
-        }
-        if (signature == null)
-        {
-            throw new NullPointerException("signature == null");
-        }
-        if (publicKey == null)
-        {
-            throw new NullPointerException("publicKey == null");
-        }
-
-        XMSSMTSigner signer = new XMSSMTSigner();
-
-        signer.init(false, new XMSSMTPublicKeyParameters.Builder(getParams()).withPublicKey(publicKey).build());
-
-        return signer.verifySignature(message, signature);
-    }
-
-    /**
-     * Export XMSSMT private key.
-     *
-     * @return XMSSMT private key.
-     */
-    public byte[] exportPrivateKey()
-    {
-        return privateKey.toByteArray();
-    }
-
-    /**
-     * Export XMSSMT public key.
-     *
-     * @return XMSSMT public key.
-     */
-    public byte[] exportPublicKey()
-    {
-        return publicKey.toByteArray();
-    }
-
-    /**
-     * Getter XMSSMT params.
-     *
-     * @return XMSSMT params.
-     */
-    public XMSSMTParameters getParams()
-    {
-        return params;
-    }
-
-
-    /**
-     * Getter public seed.
-     *
-     * @return Public seed.
-     */
-    public byte[] getPublicSeed()
-    {
-        return privateKey.getPublicSeed();
-    }
-
-    protected XMSSParameters getXMSS()
-    {
-        return xmssParams;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTKeyGenerationParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTKeyGenerationParameters.java
deleted file mode 100644
index a2c189c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTKeyGenerationParameters.java
+++ /dev/null

@@ -1,31 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.KeyGenerationParameters;
-
-/**
- * XMSS^MT key-pair generation parameters.
- */
-public final class XMSSMTKeyGenerationParameters
-    extends KeyGenerationParameters
-{
-    private final XMSSMTParameters xmssmtParameters;
-
-    /**
-     * XMSSMT constructor...
-     *
-     * @param prng   Secure random to use.
-     */
-    public XMSSMTKeyGenerationParameters(XMSSMTParameters xmssmtParameters, SecureRandom prng)
-    {
-        super(prng,-1);
-
-        this.xmssmtParameters = xmssmtParameters;
-    }
-
-    public XMSSMTParameters getParameters()
-    {
-        return xmssmtParameters;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTKeyPairGenerator.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTKeyPairGenerator.java
deleted file mode 100644
index 3f76d10..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTKeyPairGenerator.java
+++ /dev/null

@@ -1,88 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-
-/**
- * Key pair generator for XMSS^MT keys.
- */
-public final class XMSSMTKeyPairGenerator
-{
-    private XMSSMTParameters params;
-    private XMSSParameters xmssParams;
-
-    private SecureRandom prng;
-
-
-    /**
-     * Base constructor...
-     */
-    public XMSSMTKeyPairGenerator()
-    {
-    }
-
-    public void init(
-        KeyGenerationParameters param)
-    {
-        XMSSMTKeyGenerationParameters parameters = (XMSSMTKeyGenerationParameters)param;
-
-        prng = parameters.getRandom();
-        this.params = parameters.getParameters();
-        this.xmssParams = params.getXMSSParameters();
-    }
-
-    /**
-     * Generate a new XMSSMT private key / public key pair.
-     */
-    public AsymmetricCipherKeyPair generateKeyPair()
-    {
-        XMSSMTPrivateKeyParameters privateKey;
-        XMSSMTPublicKeyParameters publicKey;
-
-            /* generate XMSSMT private key */
-        privateKey = generatePrivateKey(new XMSSMTPrivateKeyParameters.Builder(params).build().getBDSState());
-
-            /* import to xmss */
-        xmssParams.getWOTSPlus().importKeys(new byte[params.getDigestSize()], privateKey.getPublicSeed());
-
-            /* get root */
-        int rootLayerIndex = params.getLayers() - 1;
-        OTSHashAddress otsHashAddress = (OTSHashAddress)new OTSHashAddress.Builder().withLayerAddress(rootLayerIndex)
-            .build();
-
-          		/* store BDS instance of root xmss instance */
-        BDS bdsRoot = new BDS(xmssParams, privateKey.getPublicSeed(), privateKey.getSecretKeySeed(), otsHashAddress);
-        XMSSNode root = bdsRoot.getRoot();
-        privateKey.getBDSState().put(rootLayerIndex, bdsRoot);
-
-            /* set XMSS^MT root / create public key */
-        privateKey = new XMSSMTPrivateKeyParameters.Builder(params).withSecretKeySeed(privateKey.getSecretKeySeed())
-            .withSecretKeyPRF(privateKey.getSecretKeyPRF()).withPublicSeed(privateKey.getPublicSeed())
-            .withRoot(root.getValue()).withBDSState(privateKey.getBDSState()).build();
-        publicKey = new XMSSMTPublicKeyParameters.Builder(params).withRoot(root.getValue())
-            .withPublicSeed(privateKey.getPublicSeed()).build();
-
-        return new AsymmetricCipherKeyPair(publicKey, privateKey);
-    }
-
-    private XMSSMTPrivateKeyParameters generatePrivateKey(BDSStateMap bdsState)
-    {
-        int n = params.getDigestSize();
-        byte[] secretKeySeed = new byte[n];
-        prng.nextBytes(secretKeySeed);
-        byte[] secretKeyPRF = new byte[n];
-        prng.nextBytes(secretKeyPRF);
-        byte[] publicSeed = new byte[n];
-        prng.nextBytes(publicSeed);
-
-        XMSSMTPrivateKeyParameters privateKey = null;
-
-        privateKey = new XMSSMTPrivateKeyParameters.Builder(params).withSecretKeySeed(secretKeySeed)
-                .withSecretKeyPRF(secretKeyPRF).withPublicSeed(publicSeed)
-                .withBDSState(bdsState).build();
-
-        return privateKey;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTKeyParameters.java
deleted file mode 100644
index 8516ad6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTKeyParameters.java
+++ /dev/null

@@ -1,20 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-
-public class XMSSMTKeyParameters
-    extends AsymmetricKeyParameter
-{
-    private final String treeDigest;
-
-    public XMSSMTKeyParameters(boolean isPrivateKey, String treeDigest)
-    {
-        super(isPrivateKey);
-        this.treeDigest = treeDigest;
-    }
-
-    public String getTreeDigest()
-    {
-        return treeDigest;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTParameters.java
deleted file mode 100644
index 1f9e93d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTParameters.java
+++ /dev/null

@@ -1,113 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import org.bouncycastle.crypto.Digest;
-
-/**
- * XMSS^MT Parameters.
- */
-public final class XMSSMTParameters
-{
-
-    private final XMSSOid oid;
-    private final XMSSParameters xmssParams;
-    private final int height;
-    private final int layers;
-
-    /**
-     * XMSSMT constructor...
-     *
-     * @param height Height of tree.
-     * @param layers Amount of layers.
-     * @param digest Digest to use.
-     */
-    public XMSSMTParameters(int height, int layers, Digest digest)
-    {
-        super();
-        this.height = height;
-        this.layers = layers;
-        this.xmssParams = new XMSSParameters(xmssTreeHeight(height, layers), digest);
-        oid = DefaultXMSSMTOid.lookup(getDigest().getAlgorithmName(), getDigestSize(), getWinternitzParameter(),
-            getLen(), getHeight(), layers);
-        /*
-		 * if (oid == null) { throw new InvalidParameterException(); }
-		 */
-    }
-
-    private static int xmssTreeHeight(int height, int layers)
-        throws IllegalArgumentException
-    {
-        if (height < 2)
-        {
-            throw new IllegalArgumentException("totalHeight must be > 1");
-        }
-        if (height % layers != 0)
-        {
-            throw new IllegalArgumentException("layers must divide totalHeight without remainder");
-        }
-        if (height / layers == 1)
-        {
-            throw new IllegalArgumentException("height / layers must be greater than 1");
-        }
-        return height / layers;
-    }
-
-    /**
-     * Getter height.
-     *
-     * @return XMSSMT height.
-     */
-    public int getHeight()
-    {
-        return height;
-    }
-
-    /**
-     * Getter layers.
-     *
-     * @return XMSSMT layers.
-     */
-    public int getLayers()
-    {
-        return layers;
-    }
-
-    protected XMSSParameters getXMSSParameters()
-    {
-        return xmssParams;
-    }
-
-    protected WOTSPlus getWOTSPlus()
-    {
-        return xmssParams.getWOTSPlus();
-    }
-
-    protected Digest getDigest()
-    {
-        return xmssParams.getDigest();
-    }
-
-    /**
-     * Getter digest size.
-     *
-     * @return Digest size.
-     */
-    public int getDigestSize()
-    {
-        return xmssParams.getDigestSize();
-    }
-
-    /**
-     * Getter Winternitz parameter.
-     *
-     * @return Winternitz parameter.
-     */
-    public int getWinternitzParameter()
-    {
-        return xmssParams.getWinternitzParameter();
-    }
-
-    protected int getLen()
-    {
-        return xmssParams.getWOTSPlus().getParams().getLen();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTPrivateKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTPrivateKeyParameters.java
deleted file mode 100644
index 14d032c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTPrivateKeyParameters.java
+++ /dev/null

@@ -1,320 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import java.io.IOException;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * XMSS^MT Private Key.
- */
-public final class XMSSMTPrivateKeyParameters
-    extends XMSSMTKeyParameters
-    implements XMSSStoreableObjectInterface
-{
-
-    private final XMSSMTParameters params;
-    private final long index;
-    private final byte[] secretKeySeed;
-    private final byte[] secretKeyPRF;
-    private final byte[] publicSeed;
-    private final byte[] root;
-    private final BDSStateMap bdsState;
-
-    private XMSSMTPrivateKeyParameters(Builder builder)
-    {
-        super(true, builder.params.getDigest().getAlgorithmName());
-        params = builder.params;
-        if (params == null)
-        {
-            throw new NullPointerException("params == null");
-        }
-        int n = params.getDigestSize();
-        byte[] privateKey = builder.privateKey;
-        if (privateKey != null)
-        {
-            if (builder.xmss == null)
-            {
-                throw new NullPointerException("xmss == null");
-            }
-            /* import */
-            int totalHeight = params.getHeight();
-            int indexSize = (totalHeight + 7) / 8;
-            int secretKeySize = n;
-            int secretKeyPRFSize = n;
-            int publicSeedSize = n;
-            int rootSize = n;
-            /*
-            int totalSize = indexSize + secretKeySize + secretKeyPRFSize + publicSeedSize + rootSize;
-			if (privateKey.length != totalSize) {
-				throw new ParseException("private key has wrong size", 0);
-			}
-			*/
-            int position = 0;
-            index = XMSSUtil.bytesToXBigEndian(privateKey, position, indexSize);
-            if (!XMSSUtil.isIndexValid(totalHeight, index))
-            {
-                throw new IllegalArgumentException("index out of bounds");
-            }
-            position += indexSize;
-            secretKeySeed = XMSSUtil.extractBytesAtOffset(privateKey, position, secretKeySize);
-            position += secretKeySize;
-            secretKeyPRF = XMSSUtil.extractBytesAtOffset(privateKey, position, secretKeyPRFSize);
-            position += secretKeyPRFSize;
-            publicSeed = XMSSUtil.extractBytesAtOffset(privateKey, position, publicSeedSize);
-            position += publicSeedSize;
-            root = XMSSUtil.extractBytesAtOffset(privateKey, position, rootSize);
-            position += rootSize;
-			/* import BDS state */
-            byte[] bdsStateBinary = XMSSUtil.extractBytesAtOffset(privateKey, position, privateKey.length - position);
-
-            try
-            {
-                BDSStateMap bdsImport = (BDSStateMap)XMSSUtil.deserialize(bdsStateBinary, BDSStateMap.class);
-
-                bdsState = bdsImport.withWOTSDigest(DigestUtil.getDigestOID(builder.xmss.getDigest().getAlgorithmName()));
-            }
-            catch (IOException e)
-            {
-                throw new IllegalArgumentException(e.getMessage(), e);
-            }
-            catch (ClassNotFoundException e)
-            {
-                throw new IllegalArgumentException(e.getMessage(), e);
-            }
-        }
-        else
-        {
-			/* set */
-            index = builder.index;
-            byte[] tmpSecretKeySeed = builder.secretKeySeed;
-            if (tmpSecretKeySeed != null)
-            {
-                if (tmpSecretKeySeed.length != n)
-                {
-                    throw new IllegalArgumentException("size of secretKeySeed needs to be equal size of digest");
-                }
-                secretKeySeed = tmpSecretKeySeed;
-            }
-            else
-            {
-                secretKeySeed = new byte[n];
-            }
-            byte[] tmpSecretKeyPRF = builder.secretKeyPRF;
-            if (tmpSecretKeyPRF != null)
-            {
-                if (tmpSecretKeyPRF.length != n)
-                {
-                    throw new IllegalArgumentException("size of secretKeyPRF needs to be equal size of digest");
-                }
-                secretKeyPRF = tmpSecretKeyPRF;
-            }
-            else
-            {
-                secretKeyPRF = new byte[n];
-            }
-            byte[] tmpPublicSeed = builder.publicSeed;
-            if (tmpPublicSeed != null)
-            {
-                if (tmpPublicSeed.length != n)
-                {
-                    throw new IllegalArgumentException("size of publicSeed needs to be equal size of digest");
-                }
-                publicSeed = tmpPublicSeed;
-            }
-            else
-            {
-                publicSeed = new byte[n];
-            }
-            byte[] tmpRoot = builder.root;
-            if (tmpRoot != null)
-            {
-                if (tmpRoot.length != n)
-                {
-                    throw new IllegalArgumentException("size of root needs to be equal size of digest");
-                }
-                root = tmpRoot;
-            }
-            else
-            {
-                root = new byte[n];
-            }
-            BDSStateMap tmpBDSState = builder.bdsState;
-            if (tmpBDSState != null)
-            {
-                bdsState = tmpBDSState;
-            }
-            else
-            {
-                long globalIndex = builder.index;
-                int totalHeight = params.getHeight();
-
-                if (XMSSUtil.isIndexValid(totalHeight, globalIndex) && tmpPublicSeed != null && tmpSecretKeySeed != null)
-                {
-                    bdsState = new BDSStateMap(params, builder.index, tmpPublicSeed, tmpSecretKeySeed);
-                }
-                else
-                {
-                    bdsState = new BDSStateMap();
-                }
-            }
-        }
-    }
-
-    public static class Builder
-    {
-
-        /* mandatory */
-        private final XMSSMTParameters params;
-        /* optional */
-        private long index = 0L;
-        private byte[] secretKeySeed = null;
-        private byte[] secretKeyPRF = null;
-        private byte[] publicSeed = null;
-        private byte[] root = null;
-        private BDSStateMap bdsState = null;
-        private byte[] privateKey = null;
-        private XMSSParameters xmss = null;
-
-        public Builder(XMSSMTParameters params)
-        {
-            super();
-            this.params = params;
-        }
-
-        public Builder withIndex(long val)
-        {
-            index = val;
-            return this;
-        }
-
-        public Builder withSecretKeySeed(byte[] val)
-        {
-            secretKeySeed = XMSSUtil.cloneArray(val);
-            return this;
-        }
-
-        public Builder withSecretKeyPRF(byte[] val)
-        {
-            secretKeyPRF = XMSSUtil.cloneArray(val);
-            return this;
-        }
-
-        public Builder withPublicSeed(byte[] val)
-        {
-            publicSeed = XMSSUtil.cloneArray(val);
-            return this;
-        }
-
-        public Builder withRoot(byte[] val)
-        {
-            root = XMSSUtil.cloneArray(val);
-            return this;
-        }
-
-        public Builder withBDSState(BDSStateMap val)
-        {
-            bdsState = val;
-            return this;
-        }
-
-        public Builder withPrivateKey(byte[] privateKeyVal, XMSSParameters xmssVal)
-        {
-            privateKey = XMSSUtil.cloneArray(privateKeyVal);
-            xmss = xmssVal;
-            return this;
-        }
-
-        public XMSSMTPrivateKeyParameters build()
-        {
-            return new XMSSMTPrivateKeyParameters(this);
-        }
-    }
-
-    public byte[] toByteArray()
-    {
-		/* index || secretKeySeed || secretKeyPRF || publicSeed || root */
-        int n = params.getDigestSize();
-        int indexSize = (params.getHeight() + 7) / 8;
-        int secretKeySize = n;
-        int secretKeyPRFSize = n;
-        int publicSeedSize = n;
-        int rootSize = n;
-        int totalSize = indexSize + secretKeySize + secretKeyPRFSize + publicSeedSize + rootSize;
-        byte[] out = new byte[totalSize];
-        int position = 0;
-		/* copy index */
-        byte[] indexBytes = XMSSUtil.toBytesBigEndian(index, indexSize);
-        XMSSUtil.copyBytesAtOffset(out, indexBytes, position);
-        position += indexSize;
-		/* copy secretKeySeed */
-        XMSSUtil.copyBytesAtOffset(out, secretKeySeed, position);
-        position += secretKeySize;
-		/* copy secretKeyPRF */
-        XMSSUtil.copyBytesAtOffset(out, secretKeyPRF, position);
-        position += secretKeyPRFSize;
-		/* copy publicSeed */
-        XMSSUtil.copyBytesAtOffset(out, publicSeed, position);
-        position += publicSeedSize;
-		/* copy root */
-        XMSSUtil.copyBytesAtOffset(out, root, position);
-		/* concatenate bdsState */
-        try
-        {
-            return Arrays.concatenate(out, XMSSUtil.serialize(bdsState));
-        }
-        catch (IOException e)
-        {
-            throw new IllegalStateException("error serializing bds state: " + e.getMessage(), e);
-        }
-    }
-
-    public long getIndex()
-    {
-        return index;
-    }
-
-    public long getUsagesRemaining()
-    {
-        return (1L << this.getParameters().getHeight()) - this.getIndex();
-    }
-
-    public byte[] getSecretKeySeed()
-    {
-        return XMSSUtil.cloneArray(secretKeySeed);
-    }
-
-    public byte[] getSecretKeyPRF()
-    {
-        return XMSSUtil.cloneArray(secretKeyPRF);
-    }
-
-    public byte[] getPublicSeed()
-    {
-        return XMSSUtil.cloneArray(publicSeed);
-    }
-
-    public byte[] getRoot()
-    {
-        return XMSSUtil.cloneArray(root);
-    }
-
-    BDSStateMap getBDSState()
-    {
-        return bdsState;
-    }
-
-    public XMSSMTParameters getParameters()
-    {
-        return params;
-    }
-
-    public XMSSMTPrivateKeyParameters getNextKey()
-    {
-        BDSStateMap newState = new BDSStateMap(bdsState, params, this.getIndex(), publicSeed, secretKeySeed);
-
-        return new XMSSMTPrivateKeyParameters.Builder(params).withIndex(index + 1)
-            .withSecretKeySeed(secretKeySeed).withSecretKeyPRF(secretKeyPRF)
-            .withPublicSeed(publicSeed).withRoot(root)
-            .withBDSState(newState).build();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTPublicKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTPublicKeyParameters.java
deleted file mode 100644
index eddd138..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTPublicKeyParameters.java
+++ /dev/null

@@ -1,156 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-/**
- * XMSS^MT Public Key.
- */
-public final class XMSSMTPublicKeyParameters
-    extends XMSSMTKeyParameters
-    implements XMSSStoreableObjectInterface
-{
-    private final XMSSMTParameters params;
-    // private final int oid;
-    private final byte[] root;
-    private final byte[] publicSeed;
-
-    private XMSSMTPublicKeyParameters(Builder builder)
-    {
-        super(false, builder.params.getDigest().getAlgorithmName());
-        params = builder.params;
-        if (params == null)
-        {
-            throw new NullPointerException("params == null");
-        }
-        int n = params.getDigestSize();
-        byte[] publicKey = builder.publicKey;
-        if (publicKey != null)
-        {
-            /* import */
-            // int oidSize = 4;
-            int rootSize = n;
-            int publicSeedSize = n;
-            int totalSize = rootSize + publicSeedSize;
-            if (publicKey.length != totalSize)
-            {
-                throw new IllegalArgumentException("public key has wrong size");
-            }
-            int position = 0;
-			/*
-			 * oid = XMSSUtil.bytesToIntBigEndian(in, position); if (oid !=
-			 * params.getOid().getOid()) { throw new ParseException("wrong oid",
-			 * 0); } position += oidSize;
-			 */
-            root = XMSSUtil.extractBytesAtOffset(publicKey, position, rootSize);
-            position += rootSize;
-            publicSeed = XMSSUtil.extractBytesAtOffset(publicKey, position, publicSeedSize);
-        }
-        else
-        {
-			/* set */
-            byte[] tmpRoot = builder.root;
-            if (tmpRoot != null)
-            {
-                if (tmpRoot.length != n)
-                {
-                    throw new IllegalArgumentException("length of root must be equal to length of digest");
-                }
-                root = tmpRoot;
-            }
-            else
-            {
-                root = new byte[n];
-            }
-            byte[] tmpPublicSeed = builder.publicSeed;
-            if (tmpPublicSeed != null)
-            {
-                if (tmpPublicSeed.length != n)
-                {
-                    throw new IllegalArgumentException("length of publicSeed must be equal to length of digest");
-                }
-                publicSeed = tmpPublicSeed;
-            }
-            else
-            {
-                publicSeed = new byte[n];
-            }
-        }
-    }
-
-    public static class Builder
-    {
-
-        /* mandatory */
-        private final XMSSMTParameters params;
-        /* optional */
-        private byte[] root = null;
-        private byte[] publicSeed = null;
-        private byte[] publicKey = null;
-
-        public Builder(XMSSMTParameters params)
-        {
-            super();
-            this.params = params;
-        }
-
-        public Builder withRoot(byte[] val)
-        {
-            root = XMSSUtil.cloneArray(val);
-            return this;
-        }
-
-        public Builder withPublicSeed(byte[] val)
-        {
-            publicSeed = XMSSUtil.cloneArray(val);
-            return this;
-        }
-
-        public Builder withPublicKey(byte[] val)
-        {
-            publicKey = XMSSUtil.cloneArray(val);
-            return this;
-        }
-
-        public XMSSMTPublicKeyParameters build()
-        {
-            return new XMSSMTPublicKeyParameters(this);
-        }
-    }
-
-    public byte[] toByteArray()
-    {
-		/* oid || root || seed */
-        int n = params.getDigestSize();
-        // int oidSize = 4;
-        int rootSize = n;
-        int publicSeedSize = n;
-        int totalSize = rootSize + publicSeedSize;
-        // int totalSize = oidSize + rootSize + publicSeedSize;
-        byte[] out = new byte[totalSize];
-        int position = 0;
-		/* copy oid */
-		/*
-		 * XMSSUtil.intToBytesBigEndianOffset(out, oid, position); position +=
-		 * oidSize;
-		 */
-		/* copy root */
-        XMSSUtil.copyBytesAtOffset(out, root, position);
-        position += rootSize;
-		/* copy public seed */
-        XMSSUtil.copyBytesAtOffset(out, publicSeed, position);
-        return out;
-    }
-
-    public byte[] getRoot()
-    {
-        return XMSSUtil.cloneArray(root);
-    }
-
-    public byte[] getPublicSeed()
-    {
-        return XMSSUtil.cloneArray(publicSeed);
-    }
-
-    public XMSSMTParameters getParameters()
-   	{
-   		return params;
-   	}
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTSignature.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTSignature.java
deleted file mode 100644
index 34edb2f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTSignature.java
+++ /dev/null

@@ -1,181 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import java.util.ArrayList;
-import java.util.List;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * XMSS^MT Signature.
- */
-public final class XMSSMTSignature
-    implements XMSSStoreableObjectInterface
-{
-
-    private final XMSSMTParameters params;
-    private final long index;
-    private final byte[] random;
-    private final List<XMSSReducedSignature> reducedSignatures;
-
-    private XMSSMTSignature(Builder builder)
-    {
-        super();
-        params = builder.params;
-        if (params == null)
-        {
-            throw new NullPointerException("params == null");
-        }
-        int n = params.getDigestSize();
-        byte[] signature = builder.signature;
-        if (signature != null)
-        {
-            /* import */
-            int len = params.getWOTSPlus().getParams().getLen();
-            int indexSize = (int)Math.ceil(params.getHeight() / (double)8);
-            int randomSize = n;
-            int reducedSignatureSizeSingle = ((params.getHeight() / params.getLayers()) + len) * n;
-            int reducedSignaturesSizeTotal = reducedSignatureSizeSingle * params.getLayers();
-            int totalSize = indexSize + randomSize + reducedSignaturesSizeTotal;
-            if (signature.length != totalSize)
-            {
-                throw new IllegalArgumentException("signature has wrong size");
-            }
-            int position = 0;
-            index = XMSSUtil.bytesToXBigEndian(signature, position, indexSize);
-            if (!XMSSUtil.isIndexValid(params.getHeight(), index))
-            {
-                throw new IllegalArgumentException("index out of bounds");
-            }
-            position += indexSize;
-            random = XMSSUtil.extractBytesAtOffset(signature, position, randomSize);
-            position += randomSize;
-            reducedSignatures = new ArrayList<XMSSReducedSignature>();
-            while (position < signature.length)
-            {
-                XMSSReducedSignature xmssSig = new XMSSReducedSignature.Builder(params.getXMSSParameters())
-                    .withReducedSignature(XMSSUtil.extractBytesAtOffset(signature, position, reducedSignatureSizeSingle))
-                    .build();
-                reducedSignatures.add(xmssSig);
-                position += reducedSignatureSizeSingle;
-            }
-        }
-        else
-        {
-			/* set */
-            index = builder.index;
-            byte[] tmpRandom = builder.random;
-            if (tmpRandom != null)
-            {
-                if (tmpRandom.length != n)
-                {
-                    throw new IllegalArgumentException("size of random needs to be equal to size of digest");
-                }
-                random = tmpRandom;
-            }
-            else
-            {
-                random = new byte[n];
-            }
-            List<XMSSReducedSignature> tmpReducedSignatures = builder.reducedSignatures;
-            if (tmpReducedSignatures != null)
-            {
-                reducedSignatures = tmpReducedSignatures;
-            }
-            else
-            {
-                reducedSignatures = new ArrayList<XMSSReducedSignature>();
-            }
-        }
-    }
-
-    public static class Builder
-    {
-
-        /* mandatory */
-        private final XMSSMTParameters params;
-        /* optional */
-        private long index = 0L;
-        private byte[] random = null;
-        private List<XMSSReducedSignature> reducedSignatures = null;
-        private byte[] signature = null;
-
-        public Builder(XMSSMTParameters params)
-        {
-            super();
-            this.params = params;
-        }
-
-        public Builder withIndex(long val)
-        {
-            index = val;
-            return this;
-        }
-
-        public Builder withRandom(byte[] val)
-        {
-            random = XMSSUtil.cloneArray(val);
-            return this;
-        }
-
-        public Builder withReducedSignatures(List<XMSSReducedSignature> val)
-        {
-            reducedSignatures = val;
-            return this;
-        }
-
-        public Builder withSignature(byte[] val)
-        {
-            signature = Arrays.clone(val);
-            return this;
-        }
-
-        public XMSSMTSignature build()
-        {
-            return new XMSSMTSignature(this);
-        }
-    }
-
-    public byte[] toByteArray()
-    {
-		/* index || random || reduced signatures */
-        int n = params.getDigestSize();
-        int len = params.getWOTSPlus().getParams().getLen();
-        int indexSize = (int)Math.ceil(params.getHeight() / (double)8);
-        int randomSize = n;
-        int reducedSignatureSizeSingle = ((params.getHeight() / params.getLayers()) + len) * n;
-        int reducedSignaturesSizeTotal = reducedSignatureSizeSingle * params.getLayers();
-        int totalSize = indexSize + randomSize + reducedSignaturesSizeTotal;
-        byte[] out = new byte[totalSize];
-        int position = 0;
-		/* copy index */
-        byte[] indexBytes = XMSSUtil.toBytesBigEndian(index, indexSize);
-        XMSSUtil.copyBytesAtOffset(out, indexBytes, position);
-        position += indexSize;
-		/* copy random */
-        XMSSUtil.copyBytesAtOffset(out, random, position);
-        position += randomSize;
-		/* copy reduced signatures */
-        for (XMSSReducedSignature reducedSignature : reducedSignatures)
-        {
-            byte[] signature = reducedSignature.toByteArray();
-            XMSSUtil.copyBytesAtOffset(out, signature, position);
-            position += reducedSignatureSizeSingle;
-        }
-        return out;
-    }
-
-    public long getIndex()
-    {
-        return index;
-    }
-
-    public byte[] getRandom()
-    {
-        return XMSSUtil.cloneArray(random);
-    }
-
-    public List<XMSSReducedSignature> getReducedSignatures()
-    {
-        return reducedSignatures;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTSigner.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTSigner.java
deleted file mode 100644
index 1f224e7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSMTSigner.java
+++ /dev/null

@@ -1,257 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.pqc.crypto.StateAwareMessageSigner;
-import org.bouncycastle.util.Arrays;
-
-/**
- * XMSS^MT Signer class.
- */
-public class XMSSMTSigner
-    implements StateAwareMessageSigner
-{
-    private XMSSMTPrivateKeyParameters privateKey;
-    private XMSSMTPrivateKeyParameters nextKeyGenerator;
-    private XMSSMTPublicKeyParameters publicKey;
-    private XMSSMTParameters params;
-    private XMSSParameters xmssParams;
-
-    private WOTSPlus wotsPlus;
-
-    private boolean hasGenerated;
-    private boolean initSign;
-
-    public void init(boolean forSigning, CipherParameters param)
-    {
-        if (forSigning)
-        {
-            initSign = true;
-            hasGenerated = false;
-            privateKey = (XMSSMTPrivateKeyParameters)param;
-            nextKeyGenerator = privateKey;
-
-            params = privateKey.getParameters();
-            xmssParams = params.getXMSSParameters();
-        }
-        else
-        {
-            initSign = false;
-            publicKey = (XMSSMTPublicKeyParameters)param;
-
-            params = publicKey.getParameters();
-            xmssParams = params.getXMSSParameters();
-        }
-        
-        wotsPlus = new WOTSPlus(new WOTSPlusParameters(params.getDigest()));
-    }
-
-    public byte[] generateSignature(byte[] message)
-    {
-        if (message == null)
-        {
-            throw new NullPointerException("message == null");
-        }
-        if (initSign)
-        {
-            if (privateKey == null)
-            {
-                throw new IllegalStateException("signing key no longer usable");
-            }
-        }
-        else
-        {
-            throw new IllegalStateException("signer not initialized for signature generation");
-        }
-        if (privateKey.getBDSState().isEmpty())
-        {
-            throw new IllegalStateException("not initialized");
-        }
-
-        BDSStateMap bdsState = privateKey.getBDSState();
-
-        // privateKey.increaseIndex(this);
-        final long globalIndex = privateKey.getIndex();
-        final int totalHeight = params.getHeight();
-        final int xmssHeight = xmssParams.getHeight();
-        if (!XMSSUtil.isIndexValid(totalHeight, globalIndex))
-        {
-            throw new IllegalStateException("index out of bounds");
-        }
-
-      		/* compress message */
-        byte[] random = wotsPlus.getKhf().PRF(privateKey.getSecretKeyPRF(), XMSSUtil.toBytesBigEndian(globalIndex, 32));
-        byte[] concatenated = Arrays.concatenate(random, privateKey.getRoot(),
-            XMSSUtil.toBytesBigEndian(globalIndex, params.getDigestSize()));
-        byte[] messageDigest = wotsPlus.getKhf().HMsg(concatenated, message);
-
-        XMSSMTSignature signature = new XMSSMTSignature.Builder(params).withIndex(globalIndex).withRandom(random).build();
-
-
-      		/* layer 0 */
-        long indexTree = XMSSUtil.getTreeIndex(globalIndex, xmssHeight);
-        int indexLeaf = XMSSUtil.getLeafIndex(globalIndex, xmssHeight);
-
-        /* reset xmss */
-        wotsPlus.importKeys(new byte[params.getDigestSize()], privateKey.getPublicSeed());
-        /* create signature with XMSS tree on layer 0 */
-
-        /* adjust addresses */
-        OTSHashAddress otsHashAddress = (OTSHashAddress)new OTSHashAddress.Builder().withTreeAddress(indexTree)
-            .withOTSAddress(indexLeaf).build();
-
-      		/* get authentication path from BDS */
-        if (bdsState.get(0) == null || indexLeaf == 0)
-        {
-            bdsState.put(0, new BDS(xmssParams, privateKey.getPublicSeed(), privateKey.getSecretKeySeed(), otsHashAddress));
-        }
-
-        /* sign message digest */
-        WOTSPlusSignature wotsPlusSignature = wotsSign(messageDigest, otsHashAddress);
-        
-        XMSSReducedSignature reducedSignature = new XMSSReducedSignature.Builder(xmssParams)
-                .withWOTSPlusSignature(wotsPlusSignature).withAuthPath(bdsState.get(0).getAuthenticationPath())
-                .build();
-
-        signature.getReducedSignatures().add(reducedSignature);
-      		/* loop over remaining layers */
-        for (int layer = 1; layer < params.getLayers(); layer++)
-        {
-      			/* get root of layer - 1 */
-            XMSSNode root = bdsState.get(layer - 1).getRoot();
-
-            indexLeaf = XMSSUtil.getLeafIndex(indexTree, xmssHeight);
-            indexTree = XMSSUtil.getTreeIndex(indexTree, xmssHeight);
-
-      			/* adjust addresses */
-            otsHashAddress = (OTSHashAddress)new OTSHashAddress.Builder().withLayerAddress(layer)
-                .withTreeAddress(indexTree).withOTSAddress(indexLeaf).build();
-
-      			/* sign root digest of layer - 1 */
-            wotsPlusSignature = wotsSign(root.getValue(), otsHashAddress);
-      			/* get authentication path from BDS */
-            if (bdsState.get(layer) == null || XMSSUtil.isNewBDSInitNeeded(globalIndex, xmssHeight, layer))
-            {          
-                bdsState.put(layer, new BDS(xmssParams, privateKey.getPublicSeed(), privateKey.getSecretKeySeed(), otsHashAddress));
-            }
-
-            reducedSignature = new XMSSReducedSignature.Builder(xmssParams)
-                    .withWOTSPlusSignature(wotsPlusSignature)
-                    .withAuthPath(bdsState.get(layer).getAuthenticationPath()).build();
-
-            signature.getReducedSignatures().add(reducedSignature);
-        }
-
-        hasGenerated = true;
-
-        if (nextKeyGenerator != null)
-        {
-            privateKey = nextKeyGenerator.getNextKey();
-            nextKeyGenerator = privateKey;
-        }
-        else
-        {
-            privateKey = null;
-        }
-
-        return signature.toByteArray();
-    }
-
-    public boolean verifySignature(byte[] message, byte[] signature)
-    {
-        if (message == null)
-        {
-            throw new NullPointerException("message == null");
-        }
-        if (signature == null)
-        {
-            throw new NullPointerException("signature == null");
-        }
-        if (publicKey == null)
-        {
-            throw new NullPointerException("publicKey == null");
-        }
-		/* (re)create compressed message */
-        XMSSMTSignature sig = new XMSSMTSignature.Builder(params).withSignature(signature).build();
-
-        byte[] concatenated = Arrays.concatenate(sig.getRandom(), publicKey.getRoot(),
-                                         XMSSUtil.toBytesBigEndian(sig.getIndex(), params.getDigestSize()));
-        byte[] messageDigest = wotsPlus.getKhf().HMsg(concatenated, message);
-
-        long globalIndex = sig.getIndex();
-        int xmssHeight = xmssParams.getHeight();
-        long indexTree = XMSSUtil.getTreeIndex(globalIndex, xmssHeight);
-        int indexLeaf = XMSSUtil.getLeafIndex(globalIndex, xmssHeight);
-
-		/* adjust xmss */
-        wotsPlus.importKeys(new byte[params.getDigestSize()], publicKey.getPublicSeed());
-        
-		/* prepare addresses */
-        OTSHashAddress otsHashAddress = (OTSHashAddress)new OTSHashAddress.Builder().withTreeAddress(indexTree)
-            .withOTSAddress(indexLeaf).build();
-
-		/* get root node on layer 0 */
-        XMSSReducedSignature xmssMTSignature = sig.getReducedSignatures().get(0);
-        XMSSNode rootNode = XMSSVerifierUtil.getRootNodeFromSignature(wotsPlus, xmssHeight, messageDigest, xmssMTSignature, otsHashAddress, indexLeaf);
-        for (int layer = 1; layer < params.getLayers(); layer++)
-        {
-            xmssMTSignature = sig.getReducedSignatures().get(layer);
-            indexLeaf = XMSSUtil.getLeafIndex(indexTree, xmssHeight);
-            indexTree = XMSSUtil.getTreeIndex(indexTree, xmssHeight);
-
-			/* adjust address */
-            otsHashAddress = (OTSHashAddress)new OTSHashAddress.Builder().withLayerAddress(layer)
-                .withTreeAddress(indexTree).withOTSAddress(indexLeaf).build();
-
-			/* get root node */
-            rootNode = XMSSVerifierUtil.getRootNodeFromSignature(wotsPlus, xmssHeight, rootNode.getValue(), xmssMTSignature, otsHashAddress, indexLeaf);
-        }
-
-		/* compare roots */
-        return Arrays.constantTimeAreEqual(rootNode.getValue(), publicKey.getRoot());
-    }
-
-    private WOTSPlusSignature wotsSign(byte[] messageDigest, OTSHashAddress otsHashAddress)
-    {
-        if (messageDigest.length != params.getDigestSize())
-        {
-            throw new IllegalArgumentException("size of messageDigest needs to be equal to size of digest");
-        }
-        if (otsHashAddress == null)
-        {
-            throw new NullPointerException("otsHashAddress == null");
-        }
-		/* (re)initialize WOTS+ instance */
-        wotsPlus.importKeys(wotsPlus.getWOTSPlusSecretKey(privateKey.getSecretKeySeed(), otsHashAddress), privateKey.getPublicSeed());
-		/* create WOTS+ signature */
-        return wotsPlus.sign(messageDigest, otsHashAddress);
-    }
-
-    public long getUsagesRemaining()
-    {
-        return privateKey.getUsagesRemaining();
-    }
-
-    public AsymmetricKeyParameter getUpdatedPrivateKey()
-    {
-        // if we've generated a signature return the last private key generated
-        // if we've only initialised leave it in place and return the next one instead.
-        if (hasGenerated)
-        {
-            XMSSMTPrivateKeyParameters privKey = privateKey;
-
-            privateKey = null;
-            nextKeyGenerator = null;
-
-            return privKey;
-        }
-        else
-        {
-            XMSSMTPrivateKeyParameters privKey = nextKeyGenerator.getNextKey();
-
-            nextKeyGenerator = null;
-
-            return privKey;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSNode.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSNode.java
deleted file mode 100644
index d2acd7a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSNode.java
+++ /dev/null

@@ -1,38 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import java.io.Serializable;
-
-/**
- * Binary tree node.
- */
-public final class XMSSNode
-    implements Serializable
-{
-
-    private static final long serialVersionUID = 1L;
-
-    private final int height;
-    private final byte[] value;
-
-    protected XMSSNode(int height, byte[] value)
-    {
-        super();
-        this.height = height;
-        this.value = value;
-    }
-
-    public int getHeight()
-    {
-        return height;
-    }
-
-    public byte[] getValue()
-    {
-        return XMSSUtil.cloneArray(value);
-    }
-
-    protected XMSSNode clone()
-    {
-        return new XMSSNode(getHeight(), getValue());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSNodeUtil.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSNodeUtil.java
deleted file mode 100644
index 3faf491..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSNodeUtil.java
+++ /dev/null

@@ -1,150 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-class XMSSNodeUtil
-{
-    /**
-     * Compresses a WOTS+ public key to a single n-byte string.
-     *
-     * @param publicKey WOTS+ public key to compress.
-     * @param address   Address.
-     * @return Compressed n-byte string of public key.
-     */
-    static XMSSNode lTree(WOTSPlus wotsPlus, WOTSPlusPublicKeyParameters publicKey, LTreeAddress address)
-    {
-        if (publicKey == null)
-        {
-            throw new NullPointerException("publicKey == null");
-        }
-        if (address == null)
-        {
-            throw new NullPointerException("address == null");
-        }
-        int len = wotsPlus.getParams().getLen();
-    		/* duplicate public key to XMSSNode Array */
-        byte[][] publicKeyBytes = publicKey.toByteArray();
-        XMSSNode[] publicKeyNodes = new XMSSNode[publicKeyBytes.length];
-        for (int i = 0; i < publicKeyBytes.length; i++)
-        {
-            publicKeyNodes[i] = new XMSSNode(0, publicKeyBytes[i]);
-        }
-        address = (LTreeAddress)new LTreeAddress.Builder().withLayerAddress(address.getLayerAddress())
-            .withTreeAddress(address.getTreeAddress()).withLTreeAddress(address.getLTreeAddress()).withTreeHeight(0)
-            .withTreeIndex(address.getTreeIndex()).withKeyAndMask(address.getKeyAndMask()).build();
-        while (len > 1)
-        {
-            for (int i = 0; i < (int)Math.floor(len / 2); i++)
-            {
-                address = (LTreeAddress)new LTreeAddress.Builder().withLayerAddress(address.getLayerAddress())
-                    .withTreeAddress(address.getTreeAddress()).withLTreeAddress(address.getLTreeAddress())
-                    .withTreeHeight(address.getTreeHeight()).withTreeIndex(i)
-                    .withKeyAndMask(address.getKeyAndMask()).build();
-                publicKeyNodes[i] = randomizeHash(wotsPlus, publicKeyNodes[2 * i], publicKeyNodes[(2 * i) + 1], address);
-            }
-            if (len % 2 == 1)
-            {
-                publicKeyNodes[(int)Math.floor(len / 2)] = publicKeyNodes[len - 1];
-            }
-            len = (int)Math.ceil((double)len / 2);
-            address = (LTreeAddress)new LTreeAddress.Builder().withLayerAddress(address.getLayerAddress())
-                .withTreeAddress(address.getTreeAddress()).withLTreeAddress(address.getLTreeAddress())
-                .withTreeHeight(address.getTreeHeight() + 1).withTreeIndex(address.getTreeIndex())
-                .withKeyAndMask(address.getKeyAndMask()).build();
-        }
-        return publicKeyNodes[0];
-    }
-
-    /**
-     * Randomization of nodes in binary tree.
-     *
-     * @param left    Left node.
-     * @param right   Right node.
-     * @param address Address.
-     * @return Randomized hash of parent of left / right node.
-     */
-    static XMSSNode randomizeHash(WOTSPlus wotsPlus, XMSSNode left, XMSSNode right, XMSSAddress address)
-    {
-        if (left == null)
-        {
-            throw new NullPointerException("left == null");
-        }
-        if (right == null)
-        {
-            throw new NullPointerException("right == null");
-        }
-        if (left.getHeight() != right.getHeight())
-        {
-            throw new IllegalStateException("height of both nodes must be equal");
-        }
-        if (address == null)
-        {
-            throw new NullPointerException("address == null");
-        }
-        byte[] publicSeed = wotsPlus.getPublicSeed();
-
-        if (address instanceof LTreeAddress)
-        {
-            LTreeAddress tmpAddress = (LTreeAddress)address;
-            address = (LTreeAddress)new LTreeAddress.Builder().withLayerAddress(tmpAddress.getLayerAddress())
-                .withTreeAddress(tmpAddress.getTreeAddress()).withLTreeAddress(tmpAddress.getLTreeAddress())
-                .withTreeHeight(tmpAddress.getTreeHeight()).withTreeIndex(tmpAddress.getTreeIndex())
-                .withKeyAndMask(0).build();
-        }
-        else if (address instanceof HashTreeAddress)
-        {
-            HashTreeAddress tmpAddress = (HashTreeAddress)address;
-            address = (HashTreeAddress)new HashTreeAddress.Builder().withLayerAddress(tmpAddress.getLayerAddress())
-                .withTreeAddress(tmpAddress.getTreeAddress()).withTreeHeight(tmpAddress.getTreeHeight())
-                .withTreeIndex(tmpAddress.getTreeIndex()).withKeyAndMask(0).build();
-        }
-
-        byte[] key = wotsPlus.getKhf().PRF(publicSeed, address.toByteArray());
-
-        if (address instanceof LTreeAddress)
-        {
-            LTreeAddress tmpAddress = (LTreeAddress)address;
-            address = (LTreeAddress)new LTreeAddress.Builder().withLayerAddress(tmpAddress.getLayerAddress())
-                .withTreeAddress(tmpAddress.getTreeAddress()).withLTreeAddress(tmpAddress.getLTreeAddress())
-                .withTreeHeight(tmpAddress.getTreeHeight()).withTreeIndex(tmpAddress.getTreeIndex())
-                .withKeyAndMask(1).build();
-        }
-        else if (address instanceof HashTreeAddress)
-        {
-            HashTreeAddress tmpAddress = (HashTreeAddress)address;
-            address = (HashTreeAddress)new HashTreeAddress.Builder().withLayerAddress(tmpAddress.getLayerAddress())
-                .withTreeAddress(tmpAddress.getTreeAddress()).withTreeHeight(tmpAddress.getTreeHeight())
-                .withTreeIndex(tmpAddress.getTreeIndex()).withKeyAndMask(1).build();
-        }
-
-        byte[] bitmask0 = wotsPlus.getKhf().PRF(publicSeed, address.toByteArray());
-
-        if (address instanceof LTreeAddress)
-        {
-            LTreeAddress tmpAddress = (LTreeAddress)address;
-            address = (LTreeAddress)new LTreeAddress.Builder().withLayerAddress(tmpAddress.getLayerAddress())
-                .withTreeAddress(tmpAddress.getTreeAddress()).withLTreeAddress(tmpAddress.getLTreeAddress())
-                .withTreeHeight(tmpAddress.getTreeHeight()).withTreeIndex(tmpAddress.getTreeIndex())
-                .withKeyAndMask(2).build();
-        }
-        else if (address instanceof HashTreeAddress)
-        {
-            HashTreeAddress tmpAddress = (HashTreeAddress)address;
-            address = (HashTreeAddress)new HashTreeAddress.Builder().withLayerAddress(tmpAddress.getLayerAddress())
-                .withTreeAddress(tmpAddress.getTreeAddress()).withTreeHeight(tmpAddress.getTreeHeight())
-                .withTreeIndex(tmpAddress.getTreeIndex()).withKeyAndMask(2).build();
-        }
-
-        byte[] bitmask1 = wotsPlus.getKhf().PRF(publicSeed, address.toByteArray());
-        int n = wotsPlus.getParams().getDigestSize();
-        byte[] tmpMask = new byte[2 * n];
-        for (int i = 0; i < n; i++)
-        {
-            tmpMask[i] = (byte)(left.getValue()[i] ^ bitmask0[i]);
-        }
-        for (int i = 0; i < n; i++)
-        {
-            tmpMask[i + n] = (byte)(right.getValue()[i] ^ bitmask1[i]);
-        }
-        byte[] out = wotsPlus.getKhf().H(key, tmpMask);
-        return new XMSSNode(left.getHeight(), out);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSOid.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSOid.java
deleted file mode 100644
index 64e8281..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSOid.java
+++ /dev/null

@@ -1,8 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-public interface XMSSOid {
-
-	int getOid();
-
-	String toString();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSParameters.java
deleted file mode 100644
index 3ef061b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSParameters.java
+++ /dev/null

@@ -1,101 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import org.bouncycastle.crypto.Digest;
-
-/**
- * XMSS Parameters.
- */
-public final class XMSSParameters
-{
-
-    private final XMSSOid oid;
-    private final WOTSPlus wotsPlus;
-    //private final SecureRandom prng;
-    private final int height;
-    private final int k;
-
-    /**
-     * XMSS Constructor...
-     *
-     * @param height Height of tree.
-     * @param digest Digest to use.
-     */
-    public XMSSParameters(int height, Digest digest)
-    {
-        super();
-        if (height < 2)
-        {
-            throw new IllegalArgumentException("height must be >= 2");
-        }
-        if (digest == null)
-        {
-            throw new NullPointerException("digest == null");
-        }
-
-        wotsPlus = new WOTSPlus(new WOTSPlusParameters(digest));
-        this.height = height;
-        this.k = determineMinK();
-        oid = DefaultXMSSOid.lookup(getDigest().getAlgorithmName(), getDigestSize(), getWinternitzParameter(),
-            wotsPlus.getParams().getLen(), height);
-        /*
-		 * if (oid == null) { throw new InvalidParameterException(); }
-		 */
-    }
-
-    private int determineMinK()
-    {
-        for (int k = 2; k <= height; k++)
-        {
-            if ((height - k) % 2 == 0)
-            {
-                return k;
-            }
-        }
-        throw new IllegalStateException("should never happen...");
-    }
-
-    protected Digest getDigest()
-    {
-        return wotsPlus.getParams().getDigest();
-    }
-
-    /**
-     * Getter digest size.
-     *
-     * @return Digest size.
-     */
-    public int getDigestSize()
-    {
-        return wotsPlus.getParams().getDigestSize();
-    }
-
-    /**
-     * Getter Winternitz parameter.
-     *
-     * @return Winternitz parameter.
-     */
-    public int getWinternitzParameter()
-    {
-        return wotsPlus.getParams().getWinternitzParameter();
-    }
-
-    /**
-     * Getter height.
-     *
-     * @return XMSS height.
-     */
-    public int getHeight()
-    {
-        return height;
-    }
-
-    WOTSPlus getWOTSPlus()
-    {
-        return wotsPlus;
-    }
-
-    int getK()
-    {
-        return k;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSPrivateKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSPrivateKeyParameters.java
deleted file mode 100644
index 23b9629..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSPrivateKeyParameters.java
+++ /dev/null

@@ -1,350 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import java.io.IOException;
-
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Pack;
-
-/**
- * XMSS Private Key.
- */
-public final class XMSSPrivateKeyParameters
-    extends XMSSKeyParameters
-    implements XMSSStoreableObjectInterface
-{
-
-    /**
-     * XMSS parameters object.
-     */
-    private final XMSSParameters params;
-    /**
-     * Secret for the derivation of WOTS+ secret keys.
-     */
-    private final byte[] secretKeySeed;
-    /**
-     * Secret for the randomization of message digests during signature
-     * creation.
-     */
-    private final byte[] secretKeyPRF;
-    /**
-     * Public seed for the randomization of hashes.
-     */
-    private final byte[] publicSeed;
-    /**
-     * Public root of binary tree.
-     */
-    private final byte[] root;
-    /**
-     * BDS state.
-     */
-    private final BDS bdsState;
-
-    private XMSSPrivateKeyParameters(Builder builder)
-    {
-        super(true, builder.params.getDigest().getAlgorithmName());
-        params = builder.params;
-        if (params == null)
-        {
-            throw new NullPointerException("params == null");
-        }
-        int n = params.getDigestSize();
-        byte[] privateKey = builder.privateKey;
-        if (privateKey != null)
-        {
-            if (builder.xmss == null)
-            {
-                throw new NullPointerException("xmss == null");
-            }
-            /* import */
-            int height = params.getHeight();
-            int indexSize = 4;
-            int secretKeySize = n;
-            int secretKeyPRFSize = n;
-            int publicSeedSize = n;
-            int rootSize = n;
-			/*
-			int totalSize = indexSize + secretKeySize + secretKeyPRFSize + publicSeedSize + rootSize;
-			if (privateKey.length != totalSize) {
-				throw new ParseException("private key has wrong size", 0);
-			}
-			*/
-            int position = 0;
-            int index = Pack.bigEndianToInt(privateKey, position);
-            if (!XMSSUtil.isIndexValid(height, index))
-            {
-                throw new IllegalArgumentException("index out of bounds");
-            }
-            position += indexSize;
-            secretKeySeed = XMSSUtil.extractBytesAtOffset(privateKey, position, secretKeySize);
-            position += secretKeySize;
-            secretKeyPRF = XMSSUtil.extractBytesAtOffset(privateKey, position, secretKeyPRFSize);
-            position += secretKeyPRFSize;
-            publicSeed = XMSSUtil.extractBytesAtOffset(privateKey, position, publicSeedSize);
-            position += publicSeedSize;
-            root = XMSSUtil.extractBytesAtOffset(privateKey, position, rootSize);
-            position += rootSize;
-			/* import BDS state */
-            byte[] bdsStateBinary = XMSSUtil.extractBytesAtOffset(privateKey, position, privateKey.length - position);
-            try
-            {
-                BDS bdsImport = (BDS)XMSSUtil.deserialize(bdsStateBinary, BDS.class);
-                if (bdsImport.getIndex() != index)
-                {
-                    throw new IllegalStateException("serialized BDS has wrong index");
-                }
-                bdsState = bdsImport.withWOTSDigest(DigestUtil.getDigestOID(builder.xmss.getDigest().getAlgorithmName()));
-            }
-            catch (IOException e)
-            {
-                throw new IllegalArgumentException(e.getMessage(), e);
-            }
-            catch (ClassNotFoundException e)
-            {
-                throw new IllegalArgumentException(e.getMessage(), e);
-            }
-        }
-        else
-        {
-			/* set */
-            byte[] tmpSecretKeySeed = builder.secretKeySeed;
-            if (tmpSecretKeySeed != null)
-            {
-                if (tmpSecretKeySeed.length != n)
-                {
-                    throw new IllegalArgumentException("size of secretKeySeed needs to be equal size of digest");
-                }
-                secretKeySeed = tmpSecretKeySeed;
-            }
-            else
-            {
-                secretKeySeed = new byte[n];
-            }
-            byte[] tmpSecretKeyPRF = builder.secretKeyPRF;
-            if (tmpSecretKeyPRF != null)
-            {
-                if (tmpSecretKeyPRF.length != n)
-                {
-                    throw new IllegalArgumentException("size of secretKeyPRF needs to be equal size of digest");
-                }
-                secretKeyPRF = tmpSecretKeyPRF;
-            }
-            else
-            {
-                secretKeyPRF = new byte[n];
-            }
-            byte[] tmpPublicSeed = builder.publicSeed;
-            if (tmpPublicSeed != null)
-            {
-                if (tmpPublicSeed.length != n)
-                {
-                    throw new IllegalArgumentException("size of publicSeed needs to be equal size of digest");
-                }
-                publicSeed = tmpPublicSeed;
-            }
-            else
-            {
-                publicSeed = new byte[n];
-            }
-            byte[] tmpRoot = builder.root;
-            if (tmpRoot != null)
-            {
-                if (tmpRoot.length != n)
-                {
-                    throw new IllegalArgumentException("size of root needs to be equal size of digest");
-                }
-                root = tmpRoot;
-            }
-            else
-            {
-                root = new byte[n];
-            }
-            BDS tmpBDSState = builder.bdsState;
-            if (tmpBDSState != null)
-            {
-                bdsState = tmpBDSState;
-            }
-            else
-            {
-                if (builder.index < ((1 << params.getHeight()) - 2) && tmpPublicSeed != null && tmpSecretKeySeed != null)
-                {
-                    bdsState = new BDS(params, tmpPublicSeed, tmpSecretKeySeed, (OTSHashAddress)new OTSHashAddress.Builder().build(), builder.index);
-                }
-                else
-                {
-                    bdsState = new BDS(params, builder.index);
-                }
-            }
-        }
-    }
-
-    public long getUsagesRemaining()
-    {
-        return (1L << this.getParameters().getHeight()) - this.getIndex();
-    }
-
-    public static class Builder
-    {
-
-        /* mandatory */
-        private final XMSSParameters params;
-        /* optional */
-        private int index = 0;
-        private byte[] secretKeySeed = null;
-        private byte[] secretKeyPRF = null;
-        private byte[] publicSeed = null;
-        private byte[] root = null;
-        private BDS bdsState = null;
-        private byte[] privateKey = null;
-        private XMSSParameters xmss = null;
-
-        public Builder(XMSSParameters params)
-        {
-            super();
-            this.params = params;
-        }
-
-        public Builder withIndex(int val)
-        {
-            index = val;
-            return this;
-        }
-
-        public Builder withSecretKeySeed(byte[] val)
-        {
-            secretKeySeed = XMSSUtil.cloneArray(val);
-            return this;
-        }
-
-        public Builder withSecretKeyPRF(byte[] val)
-        {
-            secretKeyPRF = XMSSUtil.cloneArray(val);
-            return this;
-        }
-
-        public Builder withPublicSeed(byte[] val)
-        {
-            publicSeed = XMSSUtil.cloneArray(val);
-            return this;
-        }
-
-        public Builder withRoot(byte[] val)
-        {
-            root = XMSSUtil.cloneArray(val);
-            return this;
-        }
-
-        public Builder withBDSState(BDS valBDS)
-        {
-            bdsState = valBDS;
-            return this;
-        }
-
-        public Builder withPrivateKey(byte[] privateKeyVal, XMSSParameters xmssParameters)
-        {
-            privateKey = XMSSUtil.cloneArray(privateKeyVal);
-            xmss = xmssParameters;
-            return this;
-        }
-
-        public XMSSPrivateKeyParameters build()
-        {
-            return new XMSSPrivateKeyParameters(this);
-        }
-    }
-
-    public byte[] toByteArray()
-    {
-		/* index || secretKeySeed || secretKeyPRF || publicSeed || root */
-        int n = params.getDigestSize();
-        int indexSize = 4;
-        int secretKeySize = n;
-        int secretKeyPRFSize = n;
-        int publicSeedSize = n;
-        int rootSize = n;
-        int totalSize = indexSize + secretKeySize + secretKeyPRFSize + publicSeedSize + rootSize;
-        byte[] out = new byte[totalSize];
-        int position = 0;
-		/* copy index */
-        Pack.intToBigEndian(bdsState.getIndex(), out, position);
-        position += indexSize;
-		/* copy secretKeySeed */
-        XMSSUtil.copyBytesAtOffset(out, secretKeySeed, position);
-        position += secretKeySize;
-		/* copy secretKeyPRF */
-        XMSSUtil.copyBytesAtOffset(out, secretKeyPRF, position);
-        position += secretKeyPRFSize;
-		/* copy publicSeed */
-        XMSSUtil.copyBytesAtOffset(out, publicSeed, position);
-        position += publicSeedSize;
-		/* copy root */
-        XMSSUtil.copyBytesAtOffset(out, root, position);
-		/* concatenate bdsState */
-        byte[] bdsStateOut = null;
-        try
-        {
-            bdsStateOut = XMSSUtil.serialize(bdsState);
-        }
-        catch (IOException e)
-        {
-            throw new RuntimeException("error serializing bds state: " + e.getMessage());
-        }
-
-        return Arrays.concatenate(out, bdsStateOut);
-    }
-
-    public int getIndex()
-    {
-        return bdsState.getIndex();
-    }
-
-    public byte[] getSecretKeySeed()
-    {
-        return XMSSUtil.cloneArray(secretKeySeed);
-    }
-
-    public byte[] getSecretKeyPRF()
-    {
-        return XMSSUtil.cloneArray(secretKeyPRF);
-    }
-
-    public byte[] getPublicSeed()
-    {
-        return XMSSUtil.cloneArray(publicSeed);
-    }
-
-    public byte[] getRoot()
-    {
-        return XMSSUtil.cloneArray(root);
-    }
-
-    BDS getBDSState()
-    {
-        return bdsState;
-    }
-
-    public XMSSParameters getParameters()
-    {
-        return params;
-    }
-
-    public XMSSPrivateKeyParameters getNextKey()
-    {
-        /* prepare authentication path for next leaf */
-        int treeHeight = this.params.getHeight();
-        if (this.getIndex() < ((1 << treeHeight) - 1))
-        {
-            return new XMSSPrivateKeyParameters.Builder(params)
-                .withSecretKeySeed(secretKeySeed).withSecretKeyPRF(secretKeyPRF)
-                .withPublicSeed(publicSeed).withRoot(root)
-                .withBDSState(bdsState.getNextState(publicSeed, secretKeySeed, (OTSHashAddress)new OTSHashAddress.Builder().build())).build();
-        }
-        else
-        {
-            return new XMSSPrivateKeyParameters.Builder(params)
-                .withSecretKeySeed(secretKeySeed).withSecretKeyPRF(secretKeyPRF)
-                .withPublicSeed(publicSeed).withRoot(root)
-                .withBDSState(new BDS(params, getIndex() + 1)).build();  // no more nodes left.
-        }
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSPublicKeyParameters.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSPublicKeyParameters.java
deleted file mode 100644
index a0baa06..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSPublicKeyParameters.java
+++ /dev/null

@@ -1,162 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-/**
- * XMSS Public Key.
- */
-public final class XMSSPublicKeyParameters
-    extends XMSSKeyParameters
-    implements XMSSStoreableObjectInterface
-{
-
-    /**
-     * XMSS parameters object.
-     */
-    private final XMSSParameters params;
-    //private final int oid;
-    private final byte[] root;
-    private final byte[] publicSeed;
-
-    private XMSSPublicKeyParameters(Builder builder)
-    {
-        super(false, builder.params.getDigest().getAlgorithmName());
-        params = builder.params;
-        if (params == null)
-        {
-            throw new NullPointerException("params == null");
-        }
-        int n = params.getDigestSize();
-        byte[] publicKey = builder.publicKey;
-        if (publicKey != null)
-        {
-            /* import */
-            // int oidSize = 4;
-            int rootSize = n;
-            int publicSeedSize = n;
-            // int totalSize = oidSize + rootSize + publicSeedSize;
-            int totalSize = rootSize + publicSeedSize;
-            if (publicKey.length != totalSize)
-            {
-                throw new IllegalArgumentException("public key has wrong size");
-            }
-            int position = 0;
-            /*
-             * oid = XMSSUtil.bytesToIntBigEndian(publicKey, position); if (oid !=
-             * xmss.getParams().getOid().getOid()) { throw new
-             * ParseException("public key not compatible with current instance parameters"
-             * , 0); } position += oidSize;
-             */
-            root = XMSSUtil.extractBytesAtOffset(publicKey, position, rootSize);
-            position += rootSize;
-            publicSeed = XMSSUtil.extractBytesAtOffset(publicKey, position, publicSeedSize);
-        }
-        else
-        {
-            /* set */
-            byte[] tmpRoot = builder.root;
-            if (tmpRoot != null)
-            {
-                if (tmpRoot.length != n)
-                {
-                    throw new IllegalArgumentException("length of root must be equal to length of digest");
-                }
-                root = tmpRoot;
-            }
-            else
-            {
-                root = new byte[n];
-            }
-            byte[] tmpPublicSeed = builder.publicSeed;
-            if (tmpPublicSeed != null)
-            {
-                if (tmpPublicSeed.length != n)
-                {
-                    throw new IllegalArgumentException("length of publicSeed must be equal to length of digest");
-                }
-                publicSeed = tmpPublicSeed;
-            }
-            else
-            {
-                publicSeed = new byte[n];
-            }
-        }
-    }
-
-    public static class Builder
-    {
-
-        /* mandatory */
-        private final XMSSParameters params;
-        /* optional */
-        private byte[] root = null;
-        private byte[] publicSeed = null;
-        private byte[] publicKey = null;
-
-        public Builder(XMSSParameters params)
-        {
-            super();
-            this.params = params;
-        }
-
-        public Builder withRoot(byte[] val)
-        {
-            root = XMSSUtil.cloneArray(val);
-            return this;
-        }
-
-        public Builder withPublicSeed(byte[] val)
-        {
-            publicSeed = XMSSUtil.cloneArray(val);
-            return this;
-        }
-
-        public Builder withPublicKey(byte[] val)
-        {
-            publicKey = XMSSUtil.cloneArray(val);
-            return this;
-        }
-
-        public XMSSPublicKeyParameters build()
-        {
-            return new XMSSPublicKeyParameters(this);
-        }
-    }
-
-    public byte[] toByteArray()
-    {
-        /* oid || root || seed */
-        int n = params.getDigestSize();
-        // int oidSize = 4;
-        int rootSize = n;
-        int publicSeedSize = n;
-        // int totalSize = oidSize + rootSize + publicSeedSize;
-        int totalSize = rootSize + publicSeedSize;
-        byte[] out = new byte[totalSize];
-        int position = 0;
-        /* copy oid */
-        /*
-         * XMSSUtil.intToBytesBigEndianOffset(out, oid, position); position +=
-         * oidSize;
-         */
-        /* copy root */
-        XMSSUtil.copyBytesAtOffset(out, root, position);
-        position += rootSize;
-        /* copy public seed */
-        XMSSUtil.copyBytesAtOffset(out, publicSeed, position);
-        return out;
-    }
-
-    public byte[] getRoot()
-    {
-        return XMSSUtil.cloneArray(root);
-    }
-
-    public byte[] getPublicSeed()
-    {
-        return XMSSUtil.cloneArray(publicSeed);
-    }
-
-    public XMSSParameters getParameters()
-    {
-        return params;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSReducedSignature.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSReducedSignature.java
deleted file mode 100644
index dff01dd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSReducedSignature.java
+++ /dev/null

@@ -1,164 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import java.util.ArrayList;
-import java.util.List;
-
-/**
- * Reduced XMSS Signature.
- */
-public class XMSSReducedSignature
-    implements XMSSStoreableObjectInterface
-{
-
-    private final XMSSParameters params;
-    private final WOTSPlusSignature wotsPlusSignature;
-    private final List<XMSSNode> authPath;
-
-    protected XMSSReducedSignature(Builder builder)
-    {
-        super();
-        params = builder.params;
-        if (params == null)
-        {
-            throw new NullPointerException("params == null");
-        }
-        int n = params.getDigestSize();
-        int len = params.getWOTSPlus().getParams().getLen();
-        int height = params.getHeight();
-        byte[] reducedSignature = builder.reducedSignature;
-        if (reducedSignature != null)
-        {
-            /* import */
-            int signatureSize = len * n;
-            int authPathSize = height * n;
-            int totalSize = signatureSize + authPathSize;
-            if (reducedSignature.length != totalSize)
-            {
-                throw new IllegalArgumentException("signature has wrong size");
-            }
-            int position = 0;
-            byte[][] wotsPlusSignature = new byte[len][];
-            for (int i = 0; i < wotsPlusSignature.length; i++)
-            {
-                wotsPlusSignature[i] = XMSSUtil.extractBytesAtOffset(reducedSignature, position, n);
-                position += n;
-            }
-            this.wotsPlusSignature = new WOTSPlusSignature(params.getWOTSPlus().getParams(), wotsPlusSignature);
-
-            List<XMSSNode> nodeList = new ArrayList<XMSSNode>();
-            for (int i = 0; i < height; i++)
-            {
-                nodeList.add(new XMSSNode(i, XMSSUtil.extractBytesAtOffset(reducedSignature, position, n)));
-                position += n;
-            }
-            authPath = nodeList;
-        }
-        else
-        {
-			/* set */
-            WOTSPlusSignature tmpSignature = builder.wotsPlusSignature;
-            if (tmpSignature != null)
-            {
-                wotsPlusSignature = tmpSignature;
-            }
-            else
-            {
-                wotsPlusSignature = new WOTSPlusSignature(params.getWOTSPlus().getParams(), new byte[len][n]);
-            }
-            List<XMSSNode> tmpAuthPath = builder.authPath;
-            if (tmpAuthPath != null)
-            {
-                if (tmpAuthPath.size() != height)
-                {
-                    throw new IllegalArgumentException("size of authPath needs to be equal to height of tree");
-                }
-                authPath = tmpAuthPath;
-            }
-            else
-            {
-                authPath = new ArrayList<XMSSNode>();
-            }
-        }
-    }
-
-    public static class Builder
-    {
-
-        /* mandatory */
-        private final XMSSParameters params;
-        /* optional */
-        private WOTSPlusSignature wotsPlusSignature = null;
-        private List<XMSSNode> authPath = null;
-        private byte[] reducedSignature = null;
-
-        public Builder(XMSSParameters params)
-        {
-            super();
-            this.params = params;
-        }
-
-        public Builder withWOTSPlusSignature(WOTSPlusSignature val)
-        {
-            wotsPlusSignature = val;
-            return this;
-        }
-
-        public Builder withAuthPath(List<XMSSNode> val)
-        {
-            authPath = val;
-            return this;
-        }
-
-        public Builder withReducedSignature(byte[] val)
-        {
-            reducedSignature = XMSSUtil.cloneArray(val);
-            return this;
-        }
-
-        public XMSSReducedSignature build()
-        {
-            return new XMSSReducedSignature(this);
-        }
-    }
-
-    public byte[] toByteArray()
-    {
-		/* signature || authentication path */
-        int n = params.getDigestSize();
-        int signatureSize = params.getWOTSPlus().getParams().getLen() * n;
-        int authPathSize = params.getHeight() * n;
-        int totalSize = signatureSize + authPathSize;
-        byte[] out = new byte[totalSize];
-        int position = 0;
-		/* copy signature */
-        byte[][] signature = this.wotsPlusSignature.toByteArray();
-        for (int i = 0; i < signature.length; i++)
-        {
-            XMSSUtil.copyBytesAtOffset(out, signature[i], position);
-            position += n;
-        }
-		/* copy authentication path */
-        for (int i = 0; i < authPath.size(); i++)
-        {
-            byte[] value = authPath.get(i).getValue();
-            XMSSUtil.copyBytesAtOffset(out, value, position);
-            position += n;
-        }
-        return out;
-    }
-
-    public XMSSParameters getParams()
-    {
-        return params;
-    }
-
-    public WOTSPlusSignature getWOTSPlusSignature()
-    {
-        return wotsPlusSignature;
-    }
-
-    public List<XMSSNode> getAuthPath()
-    {
-        return authPath;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSSignature.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSSignature.java
deleted file mode 100644
index e598a97..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSSignature.java
+++ /dev/null

@@ -1,136 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import org.bouncycastle.util.Pack;
-
-/**
- * XMSS Signature.
- */
-public final class XMSSSignature
-    extends XMSSReducedSignature
-    implements XMSSStoreableObjectInterface
-{
-
-    private final int index;
-    private final byte[] random;
-
-    private XMSSSignature(Builder builder)
-    {
-        super(builder);
-        index = builder.index;
-        int n = getParams().getDigestSize();
-        byte[] tmpRandom = builder.random;
-        if (tmpRandom != null)
-        {
-            if (tmpRandom.length != n)
-            {
-                throw new IllegalArgumentException("size of random needs to be equal to size of digest");
-            }
-            random = tmpRandom;
-        }
-        else
-        {
-            random = new byte[n];
-        }
-    }
-
-    public static class Builder
-        extends XMSSReducedSignature.Builder
-    {
-
-        private final XMSSParameters params;
-        /* optional */
-        private int index = 0;
-        private byte[] random = null;
-
-        public Builder(XMSSParameters params)
-        {
-            super(params);
-            this.params = params;
-        }
-
-        public Builder withIndex(int val)
-        {
-            index = val;
-            return this;
-        }
-
-        public Builder withRandom(byte[] val)
-        {
-            random = XMSSUtil.cloneArray(val);
-            return this;
-        }
-
-        public Builder withSignature(byte[] val)
-        {
-            if (val == null)
-            {
-                throw new NullPointerException("signature == null");
-            }
-            int n = params.getDigestSize();
-            int len = params.getWOTSPlus().getParams().getLen();
-            int height = params.getHeight();
-            int indexSize = 4;
-            int randomSize = n;
-            int signatureSize = len * n;
-            int authPathSize = height * n;
-            int position = 0;
-            /* extract index */
-            index = Pack.bigEndianToInt(val, position);
-            position += indexSize;
-			/* extract random */
-            random = XMSSUtil.extractBytesAtOffset(val, position, randomSize);
-            position += randomSize;
-            withReducedSignature(XMSSUtil.extractBytesAtOffset(val, position, signatureSize + authPathSize));
-            return this;
-        }
-
-        public XMSSSignature build()
-        {
-            return new XMSSSignature(this);
-        }
-    }
-
-    public byte[] toByteArray()
-    {
-		/* index || random || signature || authentication path */
-        int n = getParams().getDigestSize();
-        int indexSize = 4;
-        int randomSize = n;
-        int signatureSize = getParams().getWOTSPlus().getParams().getLen() * n;
-        int authPathSize = getParams().getHeight() * n;
-        int totalSize = indexSize + randomSize + signatureSize + authPathSize;
-        byte[] out = new byte[totalSize];
-        int position = 0;
-		/* copy index */
-        Pack.intToBigEndian(index, out, position);
-        position += indexSize;
-		/* copy random */
-        XMSSUtil.copyBytesAtOffset(out, random, position);
-        position += randomSize;
-		/* copy signature */
-        byte[][] signature = getWOTSPlusSignature().toByteArray();
-        for (int i = 0; i < signature.length; i++)
-        {
-            XMSSUtil.copyBytesAtOffset(out, signature[i], position);
-            position += n;
-        }
-		/* copy authentication path */
-        for (int i = 0; i < getAuthPath().size(); i++)
-        {
-            byte[] value = getAuthPath().get(i).getValue();
-            XMSSUtil.copyBytesAtOffset(out, value, position);
-            position += n;
-        }
-        return out;
-    }
-
-    public int getIndex()
-    {
-        return index;
-    }
-
-    public byte[] getRandom()
-    {
-        return XMSSUtil.cloneArray(random);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSSigner.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSSigner.java
deleted file mode 100644
index 5a3d279..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSSigner.java
+++ /dev/null

@@ -1,165 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.pqc.crypto.StateAwareMessageSigner;
-import org.bouncycastle.util.Arrays;
-
-public class XMSSSigner
-    implements StateAwareMessageSigner
-{
-    private XMSSPrivateKeyParameters privateKey;
-    private XMSSPrivateKeyParameters nextKeyGenerator;
-    private XMSSPublicKeyParameters publicKey;
-    private XMSSParameters params;
-    private KeyedHashFunctions khf;
-
-    private boolean initSign;
-    private boolean hasGenerated;
-
-    public void init(boolean forSigning, CipherParameters param)
-    {
-        if (forSigning)
-        {
-            initSign = true;
-            hasGenerated = false;
-            privateKey = (XMSSPrivateKeyParameters)param;
-            nextKeyGenerator = privateKey;
-
-            params = privateKey.getParameters();
-            khf = params.getWOTSPlus().getKhf();
-        }
-        else
-        {
-            initSign = false;
-            publicKey = (XMSSPublicKeyParameters)param;
-
-            params = publicKey.getParameters();
-            khf = params.getWOTSPlus().getKhf();
-        }
-    }
-
-    public byte[] generateSignature(byte[] message)
-    {
-        if (message == null)
-        {
-            throw new NullPointerException("message == null");
-        }
-        if (initSign)
-        {
-            if (privateKey == null)
-            {
-                throw new IllegalStateException("signing key no longer usable");
-            }
-        }
-        else
-        {
-            throw new IllegalStateException("signer not initialized for signature generation");
-        }
-        if (privateKey.getBDSState().getAuthenticationPath().isEmpty())
-        {
-            throw new IllegalStateException("not initialized");
-        }
-        int index = privateKey.getIndex();
-        if (!XMSSUtil.isIndexValid(params.getHeight(), index))
-        {
-            throw new IllegalStateException("index out of bounds");
-        }
-
-		/* create (randomized keyed) messageDigest of message */
-        byte[] random = khf.PRF(privateKey.getSecretKeyPRF(), XMSSUtil.toBytesBigEndian(index, 32));
-        byte[] concatenated = Arrays.concatenate(random, privateKey.getRoot(),
-            XMSSUtil.toBytesBigEndian(index, params.getDigestSize()));
-        byte[] messageDigest = khf.HMsg(concatenated, message);
-
-		/* create signature for messageDigest */
-        OTSHashAddress otsHashAddress = (OTSHashAddress)new OTSHashAddress.Builder().withOTSAddress(index).build();
-        WOTSPlusSignature wotsPlusSignature = wotsSign(messageDigest, otsHashAddress);
-        XMSSSignature signature = (XMSSSignature)new XMSSSignature.Builder(params).withIndex(index).withRandom(random)
-            .withWOTSPlusSignature(wotsPlusSignature).withAuthPath(privateKey.getBDSState().getAuthenticationPath())
-            .build();
-
-        hasGenerated = true;
-
-        if (nextKeyGenerator != null)
-        {
-            privateKey = nextKeyGenerator.getNextKey();
-            nextKeyGenerator = privateKey;
-        }
-        else
-        {
-            privateKey = null;
-        }
-
-        return signature.toByteArray();
-    }
-
-    public long getUsagesRemaining()
-    {
-        return privateKey.getUsagesRemaining();
-    }
-
-    public boolean verifySignature(byte[] message, byte[] signature)
-    {
-        /* parse signature and public key */
-        XMSSSignature sig = new XMSSSignature.Builder(params).withSignature(signature).build();
-                /* generate public key */
-
-        int index = sig.getIndex();
-        		/* reinitialize WOTS+ object */
-        params.getWOTSPlus().importKeys(new byte[params.getDigestSize()], publicKey.getPublicSeed());
-
-        		/* create message digest */
-        byte[] concatenated = Arrays.concatenate(sig.getRandom(), publicKey.getRoot(),
-            XMSSUtil.toBytesBigEndian(index, params.getDigestSize()));
-        byte[] messageDigest = khf.HMsg(concatenated, message);
-
-        int xmssHeight = params.getHeight();
-        int indexLeaf = XMSSUtil.getLeafIndex(index, xmssHeight);
-
-        		/* get root from signature */
-        OTSHashAddress otsHashAddress = (OTSHashAddress)new OTSHashAddress.Builder().withOTSAddress(index).build();
-        XMSSNode rootNodeFromSignature = XMSSVerifierUtil.getRootNodeFromSignature(params.getWOTSPlus(), xmssHeight, messageDigest, sig, otsHashAddress, indexLeaf);
-
-        return Arrays.constantTimeAreEqual(rootNodeFromSignature.getValue(), publicKey.getRoot());
-    }
-
-    public AsymmetricKeyParameter getUpdatedPrivateKey()
-    {
-        // if we've generated a signature return the last private key generated
-        // if we've only initialised leave it in place and return the next one instead.
-        if (hasGenerated)
-        {
-            XMSSPrivateKeyParameters privKey = privateKey;
-
-            privateKey = null;
-            nextKeyGenerator = null;
-
-            return privKey;
-        }
-        else
-        {
-            XMSSPrivateKeyParameters privKey = nextKeyGenerator.getNextKey();
-
-            nextKeyGenerator = null;
-
-            return privKey;
-        }
-    }
-
-    private WOTSPlusSignature wotsSign(byte[] messageDigest, OTSHashAddress otsHashAddress)
-    {
-        if (messageDigest.length != params.getDigestSize())
-        {
-            throw new IllegalArgumentException("size of messageDigest needs to be equal to size of digest");
-        }
-        if (otsHashAddress == null)
-        {
-            throw new NullPointerException("otsHashAddress == null");
-        }
-        /* (re)initialize WOTS+ instance */
-        params.getWOTSPlus().importKeys(params.getWOTSPlus().getWOTSPlusSecretKey(privateKey.getSecretKeySeed(), otsHashAddress), privateKey.getPublicSeed());
-		/* create WOTS+ signature */
-        return params.getWOTSPlus().sign(messageDigest, otsHashAddress);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSStoreableObjectInterface.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSStoreableObjectInterface.java
deleted file mode 100644
index fba9569..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSStoreableObjectInterface.java
+++ /dev/null

@@ -1,15 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-/**
- * Interface for XMSS objects that need to be storeable as a byte array.
- *
- */
-public interface XMSSStoreableObjectInterface {
-
-	/**
-	 * Create byte representation of object.
-	 *
-	 * @return Byte representation of object.
-	 */
-	public byte[] toByteArray();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSUtil.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSUtil.java
deleted file mode 100644
index bf75258..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSUtil.java
+++ /dev/null

@@ -1,437 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.io.InvalidClassException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.io.ObjectStreamClass;
-import java.util.HashSet;
-import java.util.Set;
-
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-
-/**
- * Utils for XMSS implementation.
- */
-public class XMSSUtil
-{
-
-    /**
-     * Calculates the logarithm base 2 for a given Integer.
-     *
-     * @param n Number.
-     * @return Logarithm to base 2 of {@code n}.
-     */
-    public static int log2(int n)
-    {
-        int log = 0;
-        while ((n >>= 1) != 0)
-        {
-            log++;
-        }
-        return log;
-    }
-
-    /**
-     * Convert int/long to n-byte array.
-     *
-     * @param value      int/long value.
-     * @param sizeInByte Size of byte array in byte.
-     * @return int/long as big-endian byte array of size {@code sizeInByte}.
-     */
-    public static byte[] toBytesBigEndian(long value, int sizeInByte)
-    {
-        byte[] out = new byte[sizeInByte];
-        for (int i = (sizeInByte - 1); i >= 0; i--)
-        {
-            out[i] = (byte)value;
-            value >>>= 8;
-        }
-        return out;
-    }
-
-    /*
-     * Copy long to byte array in big-endian at specific offset.
-     */
-    public static void longToBigEndian(long value, byte[] in, int offset)
-    {
-        if (in == null)
-        {
-            throw new NullPointerException("in == null");
-        }
-        if ((in.length - offset) < 8)
-        {
-            throw new IllegalArgumentException("not enough space in array");
-        }
-        in[offset] = (byte)((value >> 56) & 0xff);
-        in[offset + 1] = (byte)((value >> 48) & 0xff);
-        in[offset + 2] = (byte)((value >> 40) & 0xff);
-        in[offset + 3] = (byte)((value >> 32) & 0xff);
-        in[offset + 4] = (byte)((value >> 24) & 0xff);
-        in[offset + 5] = (byte)((value >> 16) & 0xff);
-        in[offset + 6] = (byte)((value >> 8) & 0xff);
-        in[offset + 7] = (byte)((value) & 0xff);
-    }
-
-    /*
-     * Generic convert from big endian byte array to long.
-     */
-    public static long bytesToXBigEndian(byte[] in, int offset, int size)
-    {
-        if (in == null)
-        {
-            throw new NullPointerException("in == null");
-        }
-        long res = 0;
-        for (int i = offset; i < (offset + size); i++)
-        {
-            res = (res << 8) | (in[i] & 0xff);
-        }
-        return res;
-    }
-
-    /**
-     * Clone a byte array.
-     *
-     * @param in byte array.
-     * @return Copy of byte array.
-     */
-    public static byte[] cloneArray(byte[] in)
-    {
-        if (in == null)
-        {
-            throw new NullPointerException("in == null");
-        }
-        byte[] out = new byte[in.length];
-        System.arraycopy(in, 0, out, 0, in.length);
-        return out;
-    }
-
-    /**
-     * Clone a 2d byte array.
-     *
-     * @param in 2d byte array.
-     * @return Copy of 2d byte array.
-     */
-    public static byte[][] cloneArray(byte[][] in)
-    {
-        if (hasNullPointer(in))
-        {
-            throw new NullPointerException("in has null pointers");
-        }
-        byte[][] out = new byte[in.length][];
-        for (int i = 0; i < in.length; i++)
-        {
-            out[i] = new byte[in[i].length];
-            System.arraycopy(in[i], 0, out[i], 0, in[i].length);
-        }
-        return out;
-    }
-
-    /**
-     * Compares two 2d-byte arrays.
-     *
-     * @param a 2d-byte array 1.
-     * @param b 2d-byte array 2.
-     * @return true if all values in 2d-byte array are equal false else.
-     */
-    public static boolean areEqual(byte[][] a, byte[][] b)
-    {
-        if (hasNullPointer(a) || hasNullPointer(b))
-        {
-            throw new NullPointerException("a or b == null");
-        }
-        for (int i = 0; i < a.length; i++)
-        {
-            if (!Arrays.areEqual(a[i], b[i]))
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    /**
-     * Dump content of 2d byte array.
-     *
-     * @param x byte array.
-     */
-    public static void dumpByteArray(byte[][] x)
-    {
-        if (hasNullPointer(x))
-        {
-            throw new NullPointerException("x has null pointers");
-        }
-        for (int i = 0; i < x.length; i++)
-        {
-            System.out.println(Hex.toHexString(x[i]));
-        }
-    }
-
-    /**
-     * Checks whether 2d byte array has null pointers.
-     *
-     * @param in 2d byte array.
-     * @return true if at least one null pointer is found false else.
-     */
-    public static boolean hasNullPointer(byte[][] in)
-    {
-        if (in == null)
-        {
-            return true;
-        }
-        for (int i = 0; i < in.length; i++)
-        {
-            if (in[i] == null)
-            {
-                return true;
-            }
-        }
-        return false;
-    }
-
-    /**
-     * Copy src byte array to dst byte array at offset.
-     *
-     * @param dst    Destination.
-     * @param src    Source.
-     * @param offset Destination offset.
-     */
-    public static void copyBytesAtOffset(byte[] dst, byte[] src, int offset)
-    {
-        if (dst == null)
-        {
-            throw new NullPointerException("dst == null");
-        }
-        if (src == null)
-        {
-            throw new NullPointerException("src == null");
-        }
-        if (offset < 0)
-        {
-            throw new IllegalArgumentException("offset hast to be >= 0");
-        }
-        if ((src.length + offset) > dst.length)
-        {
-            throw new IllegalArgumentException("src length + offset must not be greater than size of destination");
-        }
-        for (int i = 0; i < src.length; i++)
-        {
-            dst[offset + i] = src[i];
-        }
-    }
-
-    /**
-     * Copy length bytes at position offset from src.
-     *
-     * @param src    Source byte array.
-     * @param offset Offset in source byte array.
-     * @param length Length of bytes to copy.
-     * @return New byte array.
-     */
-    public static byte[] extractBytesAtOffset(byte[] src, int offset, int length)
-    {
-        if (src == null)
-        {
-            throw new NullPointerException("src == null");
-        }
-        if (offset < 0)
-        {
-            throw new IllegalArgumentException("offset hast to be >= 0");
-        }
-        if (length < 0)
-        {
-            throw new IllegalArgumentException("length hast to be >= 0");
-        }
-        if ((offset + length) > src.length)
-        {
-            throw new IllegalArgumentException("offset + length must not be greater then size of source array");
-        }
-        byte[] out = new byte[length];
-        for (int i = 0; i < out.length; i++)
-        {
-            out[i] = src[offset + i];
-        }
-        return out;
-    }
-
-    /**
-     * Check whether an index is valid or not.
-     *
-     * @param height Height of binary tree.
-     * @param index  Index to validate.
-     * @return true if index is valid false else.
-     */
-    public static boolean isIndexValid(int height, long index)
-    {
-        if (index < 0)
-        {
-            throw new IllegalStateException("index must not be negative");
-        }
-        return index < (1L << height);
-    }
-
-    /**
-     * Determine digest size of digest.
-     *
-     * @param digest Digest.
-     * @return Digest size.
-     */
-    public static int getDigestSize(Digest digest)
-    {
-        if (digest == null)
-        {
-            throw new NullPointerException("digest == null");
-        }
-        String algorithmName = digest.getAlgorithmName();
-        if (algorithmName.equals("SHAKE128"))
-        {
-            return 32;
-        }
-        if (algorithmName.equals("SHAKE256"))
-        {
-            return 64;
-        }
-        return digest.getDigestSize();
-    }
-
-    public static long getTreeIndex(long index, int xmssTreeHeight)
-    {
-        return index >> xmssTreeHeight;
-    }
-
-    public static int getLeafIndex(long index, int xmssTreeHeight)
-    {
-        return (int)(index & ((1L << xmssTreeHeight) - 1L));
-    }
-
-    public static byte[] serialize(Object obj)
-        throws IOException
-    {
-        ByteArrayOutputStream out = new ByteArrayOutputStream();
-        ObjectOutputStream oos = new ObjectOutputStream(out);
-        oos.writeObject(obj);
-        oos.flush();
-        return out.toByteArray();
-    }
-
-    public static Object deserialize(byte[] data, final Class clazz)
-        throws IOException, ClassNotFoundException
-    {
-        ByteArrayInputStream in = new ByteArrayInputStream(data);
-        ObjectInputStream is = new CheckingStream(clazz, in);
-
-        Object obj = is.readObject();
-
-        if (is.available() != 0)
-        {
-            throw new IOException("unexpected data found at end of ObjectInputStream");
-        }
-        // you'd hope this would always succeed!
-        if (clazz.isInstance(obj))
-        {
-            return obj;
-        }
-        else
-        {
-            throw new IOException("unexpected class found in ObjectInputStream");
-        }
-    }
-
-    public static int calculateTau(int index, int height)
-    {
-        int tau = 0;
-        for (int i = 0; i < height; i++)
-        {
-            if (((index >> i) & 1) == 0)
-            {
-                tau = i;
-                break;
-            }
-        }
-        return tau;
-    }
-
-    public static boolean isNewBDSInitNeeded(long globalIndex, int xmssHeight, int layer)
-    {
-        if (globalIndex == 0)
-        {
-            return false;
-        }
-        return (globalIndex % (long)Math.pow((1 << xmssHeight), layer + 1) == 0) ? true : false;
-    }
-
-    public static boolean isNewAuthenticationPathNeeded(long globalIndex, int xmssHeight, int layer)
-    {
-        if (globalIndex == 0)
-        {
-            return false;
-        }
-        return ((globalIndex + 1) % (long)Math.pow((1 << xmssHeight), layer) == 0) ? true : false;
-    }
-
-    private static class CheckingStream
-       extends ObjectInputStream
-    {
-        private static final Set components = new HashSet();
-
-        static
-        {
-            components.add("java.util.TreeMap");
-            components.add("java.lang.Integer");
-            components.add("java.lang.Number");
-            components.add("org.bouncycastle.pqc.crypto.xmss.BDS");
-            components.add("java.util.ArrayList");
-            components.add("org.bouncycastle.pqc.crypto.xmss.XMSSNode");
-            components.add("[B");
-            components.add("java.util.LinkedList");
-            components.add("java.util.Stack");
-            components.add("java.util.Vector");
-            components.add("[Ljava.lang.Object;");
-            components.add("org.bouncycastle.pqc.crypto.xmss.BDSTreeHash");
-        }
-
-        private final Class mainClass;
-        private boolean found = false;
-
-        CheckingStream(Class mainClass, InputStream in)
-            throws IOException
-        {
-            super(in);
-
-            this.mainClass = mainClass;
-        }
-
-        protected Class<?> resolveClass(ObjectStreamClass desc)
-            throws IOException,
-            ClassNotFoundException
-        {
-            if (!found)
-            {
-                if (!desc.getName().equals(mainClass.getName()))
-                {
-                    throw new InvalidClassException(
-                        "unexpected class: ", desc.getName());
-                }
-                else
-                {
-                    found = true;
-                }
-            }
-            else
-            {
-                if (!components.contains(desc.getName()))
-                {
-                    throw new InvalidClassException(
-                          "unexpected class: ", desc.getName());
-                }
-            }
-            return super.resolveClass(desc);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSVerifierUtil.java b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSVerifierUtil.java
deleted file mode 100644
index a929b22..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/XMSSVerifierUtil.java
+++ /dev/null

@@ -1,76 +0,0 @@
-package org.bouncycastle.pqc.crypto.xmss;
-
-class XMSSVerifierUtil
-{
-    /**
-     * Compute a root node from a tree signature.
-     *
-     * @param messageDigest Message digest.
-     * @param signature     XMSS signature.
-     * @return Root node calculated from signature.
-     */
-    static XMSSNode getRootNodeFromSignature(WOTSPlus wotsPlus, int height, byte[] messageDigest, XMSSReducedSignature signature,
-                                              OTSHashAddress otsHashAddress, int indexLeaf)
-    {
-        if (messageDigest.length != wotsPlus.getParams().getDigestSize())
-        {
-            throw new IllegalArgumentException("size of messageDigest needs to be equal to size of digest");
-        }
-        if (signature == null)
-        {
-            throw new NullPointerException("signature == null");
-        }
-        if (otsHashAddress == null)
-        {
-            throw new NullPointerException("otsHashAddress == null");
-        }
-
-		/* prepare adresses */
-        LTreeAddress lTreeAddress = (LTreeAddress)new LTreeAddress.Builder()
-            .withLayerAddress(otsHashAddress.getLayerAddress()).withTreeAddress(otsHashAddress.getTreeAddress())
-            .withLTreeAddress(otsHashAddress.getOTSAddress()).build();
-        HashTreeAddress hashTreeAddress = (HashTreeAddress)new HashTreeAddress.Builder()
-            .withLayerAddress(otsHashAddress.getLayerAddress()).withTreeAddress(otsHashAddress.getTreeAddress())
-            .withTreeIndex(otsHashAddress.getOTSAddress()).build();
-		/*
-		 * calculate WOTS+ public key and compress to obtain original leaf hash
-		 */
-        WOTSPlusPublicKeyParameters wotsPlusPK = wotsPlus.getPublicKeyFromSignature(messageDigest,
-            signature.getWOTSPlusSignature(), otsHashAddress);
-        XMSSNode[] node = new XMSSNode[2];
-        node[0] = XMSSNodeUtil.lTree(wotsPlus, wotsPlusPK, lTreeAddress);
-
-        for (int k = 0; k < height; k++)
-        {
-            hashTreeAddress = (HashTreeAddress)new HashTreeAddress.Builder()
-                .withLayerAddress(hashTreeAddress.getLayerAddress())
-                .withTreeAddress(hashTreeAddress.getTreeAddress()).withTreeHeight(k)
-                .withTreeIndex(hashTreeAddress.getTreeIndex()).withKeyAndMask(hashTreeAddress.getKeyAndMask())
-                .build();
-            if (Math.floor(indexLeaf / (1 << k)) % 2 == 0)
-            {
-                hashTreeAddress = (HashTreeAddress)new HashTreeAddress.Builder()
-                    .withLayerAddress(hashTreeAddress.getLayerAddress())
-                    .withTreeAddress(hashTreeAddress.getTreeAddress())
-                    .withTreeHeight(hashTreeAddress.getTreeHeight())
-                    .withTreeIndex(hashTreeAddress.getTreeIndex() / 2)
-                    .withKeyAndMask(hashTreeAddress.getKeyAndMask()).build();
-                node[1] = XMSSNodeUtil.randomizeHash(wotsPlus, node[0], signature.getAuthPath().get(k), hashTreeAddress);
-                node[1] = new XMSSNode(node[1].getHeight() + 1, node[1].getValue());
-            }
-            else
-            {
-                hashTreeAddress = (HashTreeAddress)new HashTreeAddress.Builder()
-                    .withLayerAddress(hashTreeAddress.getLayerAddress())
-                    .withTreeAddress(hashTreeAddress.getTreeAddress())
-                    .withTreeHeight(hashTreeAddress.getTreeHeight())
-                    .withTreeIndex((hashTreeAddress.getTreeIndex() - 1) / 2)
-                    .withKeyAndMask(hashTreeAddress.getKeyAndMask()).build();
-                node[1] = XMSSNodeUtil.randomizeHash(wotsPlus, signature.getAuthPath().get(k), node[0], hashTreeAddress);
-                node[1] = new XMSSNode(node[1].getHeight() + 1, node[1].getValue());
-            }
-            node[0] = node[1];
-        }
-        return node[0];
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/package.html b/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/package.html
deleted file mode 100644
index 117d07f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/crypto/xmss/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Low level implementation of the XMSS and XMSS^MT signature algorithms.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/NHKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/NHKey.java
deleted file mode 100644
index ccf8a1b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/NHKey.java
+++ /dev/null

@@ -1,8 +0,0 @@
-package org.bouncycastle.pqc.jcajce.interfaces;
-
-import java.security.Key;
-
-public interface NHKey
-    extends Key
-{
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/NHPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/NHPrivateKey.java
deleted file mode 100644
index 245fb68..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/NHPrivateKey.java
+++ /dev/null

@@ -1,9 +0,0 @@
-package org.bouncycastle.pqc.jcajce.interfaces;
-
-import java.security.PrivateKey;
-
-public interface NHPrivateKey
-    extends NHKey, PrivateKey
-{
-    short[] getSecretData();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/NHPublicKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/NHPublicKey.java
deleted file mode 100644
index 6e16e44..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/NHPublicKey.java
+++ /dev/null

@@ -1,9 +0,0 @@
-package org.bouncycastle.pqc.jcajce.interfaces;
-
-import java.security.PublicKey;
-
-public interface NHPublicKey
-    extends NHKey, PublicKey
-{
-    byte[] getPublicData();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/QTESLAKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/QTESLAKey.java
deleted file mode 100644
index c6fc80f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/QTESLAKey.java
+++ /dev/null

@@ -1,16 +0,0 @@
-package org.bouncycastle.pqc.jcajce.interfaces;
-
-import org.bouncycastle.pqc.jcajce.spec.QTESLAParameterSpec;
-
-/**
- * Base interface for a qTESLA key.
- */
-public interface QTESLAKey
-{
-    /**
-     * Return the parameters for this key - in this case the security category.
-     *
-     * @return a QTESLAParameterSpec
-     */
-    QTESLAParameterSpec getParams();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/SPHINCSKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/SPHINCSKey.java
deleted file mode 100644
index 73b2ff4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/SPHINCSKey.java
+++ /dev/null

@@ -1,9 +0,0 @@
-package org.bouncycastle.pqc.jcajce.interfaces;
-
-import java.security.Key;
-
-public interface SPHINCSKey
-    extends Key
-{
-    byte[] getKeyData();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/StateAwareSignature.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/StateAwareSignature.java
deleted file mode 100644
index 4472400..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/StateAwareSignature.java
+++ /dev/null

@@ -1,72 +0,0 @@
-package org.bouncycastle.pqc.jcajce.interfaces;
-
-import java.nio.ByteBuffer;
-import java.security.InvalidKeyException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.SignatureException;
-import java.security.cert.Certificate;
-
-/**
- * This interface is implemented by Signature classes returned by the PQC provider where the signature
- * algorithm is one where the private key is updated for each signature generated. Examples of these
- * are algorithms such as GMSS, XMSS, and XMSS^MT.
- */
-public interface StateAwareSignature
-{
-    void initVerify(PublicKey publicKey)
-        throws InvalidKeyException;
-
-    void initVerify(Certificate certificate)
-        throws InvalidKeyException;
-
-    void initSign(PrivateKey privateKey)
-        throws InvalidKeyException;
-
-    void initSign(PrivateKey privateKey, SecureRandom random)
-        throws InvalidKeyException;
-
-    byte[] sign()
-        throws SignatureException;
-
-    int sign(byte[] outbuf, int offset, int len)
-        throws SignatureException;
-
-    boolean verify(byte[] signature)
-        throws SignatureException;
-
-    boolean verify(byte[] signature, int offset, int length)
-        throws SignatureException;
-
-    void update(byte b)
-        throws SignatureException;
-
-    void update(byte[] data)
-        throws SignatureException;
-
-    void update(byte[] data, int off, int len)
-        throws SignatureException;
-
-    void update(ByteBuffer data)
-        throws SignatureException;
-
-    String getAlgorithm();
-
-    /**
-     * Return true if this Signature object can be used for signing. False otherwise.
-     *
-     * @return true if we are capable of making signatures.
-     */
-    boolean isSigningCapable();
-
-    /**
-     * Return the current version of the private key with the updated state.
-     * <p>
-     * <b>Note:</b> calling this method will effectively disable the Signature object from being used for further
-     *  signature generation without another call to initSign().
-     * </p>
-     * @return an updated private key object, which can be used for later signature generation.
-     */
-   PrivateKey getUpdatedPrivateKey();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/XMSSKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/XMSSKey.java
deleted file mode 100644
index 5471d41..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/XMSSKey.java
+++ /dev/null

@@ -1,8 +0,0 @@
-package org.bouncycastle.pqc.jcajce.interfaces;
-
-public interface XMSSKey
-{
-    int getHeight();
-
-    String getTreeDigest();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/XMSSMTKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/XMSSMTKey.java
deleted file mode 100644
index bda0ffa..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/XMSSMTKey.java
+++ /dev/null

@@ -1,10 +0,0 @@
-package org.bouncycastle.pqc.jcajce.interfaces;
-
-public interface XMSSMTKey
-{
-    int getHeight();
-
-    int getLayers();
-
-    String getTreeDigest();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/XMSSMTPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/XMSSMTPrivateKey.java
deleted file mode 100644
index 742833f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/XMSSMTPrivateKey.java
+++ /dev/null

@@ -1,17 +0,0 @@
-package org.bouncycastle.pqc.jcajce.interfaces;
-
-import java.security.PrivateKey;
-
-/**
- * Base interface for an XMSSMT private key
- */
-public interface XMSSMTPrivateKey
-    extends XMSSMTKey, PrivateKey
-{
-    /**
-     * Return the number of usages left for the private key.
-     *
-     * @return the number of times the key can be used before it is exhausted.
-     */
-    long getUsagesRemaining();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/XMSSPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/XMSSPrivateKey.java
deleted file mode 100644
index fdd46fa..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/interfaces/XMSSPrivateKey.java
+++ /dev/null

@@ -1,17 +0,0 @@
-package org.bouncycastle.pqc.jcajce.interfaces;
-
-import java.security.PrivateKey;
-
-/**
- * Base interface for an XMSS private key
- */
-public interface XMSSPrivateKey
-    extends XMSSKey, PrivateKey
-{
-    /**
-     * Return the number of usages left for the private key.
-     *
-     * @return the number of times the key can be used before it is exhausted.
-     */
-    long getUsagesRemaining();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/BouncyCastlePQCProvider.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/BouncyCastlePQCProvider.java
deleted file mode 100644
index 63f23c0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/BouncyCastlePQCProvider.java
+++ /dev/null

@@ -1,215 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider;
-
-import java.io.IOException;
-import java.security.AccessController;
-import java.security.PrivateKey;
-import java.security.PrivilegedAction;
-import java.security.Provider;
-import java.security.PublicKey;
-import java.util.HashMap;
-import java.util.Iterator;
-import java.util.Map;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.config.ProviderConfiguration;
-import org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
-import org.bouncycastle.jcajce.provider.util.AsymmetricKeyInfoConverter;
-
-public class BouncyCastlePQCProvider
-    extends Provider
-    implements ConfigurableProvider
-{
-    private static String info = "BouncyCastle Post-Quantum Security Provider v1.61";
-
-    public static String PROVIDER_NAME = "BCPQC";
-
-    public static final ProviderConfiguration CONFIGURATION = null;
-
-
-    private static final Map keyInfoConverters = new HashMap();
-
-    /*
-    * Configurable symmetric ciphers
-    */
-    private static final String ALGORITHM_PACKAGE = "org.bouncycastle.pqc.jcajce.provider.";
-    private static final String[] ALGORITHMS =
-        {
-            "Rainbow", "McEliece", "SPHINCS", "NH", "XMSS", "QTESLA"
-        };
-
-    /**
-     * Construct a new provider.  This should only be required when
-     * using runtime registration of the provider using the
-     * <code>Security.addProvider()</code> mechanism.
-     */
-    public BouncyCastlePQCProvider()
-    {
-        super(PROVIDER_NAME, 1.61, info);
-
-        AccessController.doPrivileged(new PrivilegedAction()
-        {
-            public Object run()
-            {
-                setup();
-                return null;
-            }
-        });
-    }
-
-    private void setup()
-    {
-        loadAlgorithms(ALGORITHM_PACKAGE, ALGORITHMS);
-    }
-
-    private void loadAlgorithms(String packageName, String[] names)
-    {
-        for (int i = 0; i != names.length; i++)
-        {
-            Class clazz = loadClass(BouncyCastlePQCProvider.class, packageName + names[i] + "$Mappings");
-
-            if (clazz != null)
-            {
-                try
-                {
-                    ((AlgorithmProvider)clazz.newInstance()).configure(this);
-                }
-                catch (Exception e)
-                {   // this should never ever happen!!
-                    throw new InternalError("cannot create instance of "
-                        + packageName + names[i] + "$Mappings : " + e);
-                }
-            }
-        }
-    }
-
-    public void setParameter(String parameterName, Object parameter)
-    {
-        synchronized (CONFIGURATION)
-        {
-            //((BouncyCastleProviderConfiguration)CONFIGURATION).setParameter(parameterName, parameter);
-        }
-    }
-
-    public boolean hasAlgorithm(String type, String name)
-    {
-        return containsKey(type + "." + name) || containsKey("Alg.Alias." + type + "." + name);
-    }
-
-    public void addAlgorithm(String key, String value)
-    {
-        if (containsKey(key))
-        {
-            throw new IllegalStateException("duplicate provider key (" + key + ") found");
-        }
-
-        put(key, value);
-    }
-
-    public void addAlgorithm(String type,  ASN1ObjectIdentifier oid, String className)
-    {
-        if (!containsKey(type + "." + className))
-        {
-            throw new IllegalStateException("primary key (" + type + "." + className + ") not found");
-        }
-
-        addAlgorithm(type + "." + oid, className);
-        addAlgorithm(type + ".OID." + oid, className);
-    }
-
-    public void addKeyInfoConverter(ASN1ObjectIdentifier oid, AsymmetricKeyInfoConverter keyInfoConverter)
-    {
-        synchronized (keyInfoConverters)
-        {
-            keyInfoConverters.put(oid, keyInfoConverter);
-        }
-    }
-
-    public void addAttributes(String key, Map<String, String> attributeMap)
-    {
-        for (Iterator it = attributeMap.keySet().iterator(); it.hasNext();)
-        {
-            String attributeName = (String)it.next();
-            String attributeKey = key + " " + attributeName;
-            if (containsKey(attributeKey))
-            {
-                throw new IllegalStateException("duplicate provider attribute key (" + attributeKey + ") found");
-            }
-
-            put(attributeKey, attributeMap.get(attributeName));
-        }
-    }
-
-    private static AsymmetricKeyInfoConverter getAsymmetricKeyInfoConverter(ASN1ObjectIdentifier algorithm)
-    {
-        synchronized (keyInfoConverters)
-        {
-            return (AsymmetricKeyInfoConverter)keyInfoConverters.get(algorithm);
-        }
-    }
-
-    public static PublicKey getPublicKey(SubjectPublicKeyInfo publicKeyInfo)
-        throws IOException
-    {
-        AsymmetricKeyInfoConverter converter = getAsymmetricKeyInfoConverter(publicKeyInfo.getAlgorithm().getAlgorithm());
-
-        if (converter == null)
-        {
-            return null;
-        }
-
-        return converter.generatePublic(publicKeyInfo);
-    }
-
-    public static PrivateKey getPrivateKey(PrivateKeyInfo privateKeyInfo)
-        throws IOException
-    {
-        AsymmetricKeyInfoConverter converter = getAsymmetricKeyInfoConverter(privateKeyInfo.getPrivateKeyAlgorithm().getAlgorithm());
-
-        if (converter == null)
-        {
-            return null;
-        }
-
-        return converter.generatePrivate(privateKeyInfo);
-    }
-
-    static Class loadClass(Class sourceClass, final String className)
-    {
-        try
-        {
-            ClassLoader loader = sourceClass.getClassLoader();
-            if (loader != null)
-            {
-                return loader.loadClass(className);
-            }
-            else
-            {
-                return (Class)AccessController.doPrivileged(new PrivilegedAction()
-                {
-                    public Object run()
-                    {
-                        try
-                        {
-                            return Class.forName(className);
-                        }
-                        catch (Exception e)
-                        {
-                            // ignore - maybe log?
-                        }
-
-                        return null;
-                    }
-                });
-            }
-        }
-        catch (ClassNotFoundException e)
-        {
-            // ignore - maybe log?
-        }
-
-        return null;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/McEliece.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/McEliece.java
deleted file mode 100644
index c3b69e5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/McEliece.java
+++ /dev/null

@@ -1,41 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider;
-
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider;
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-
-public class McEliece
-{
-    private static final String PREFIX = "org.bouncycastle.pqc.jcajce.provider" + ".mceliece.";
-
-    public static class Mappings
-        extends AsymmetricAlgorithmProvider
-    {
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("KeyPairGenerator.McElieceKobaraImai", PREFIX + "McElieceCCA2KeyPairGeneratorSpi");
-            provider.addAlgorithm("KeyPairGenerator.McEliecePointcheval", PREFIX + "McElieceCCA2KeyPairGeneratorSpi");
-            provider.addAlgorithm("KeyPairGenerator.McElieceFujisaki", PREFIX + "McElieceCCA2KeyPairGeneratorSpi");
-            provider.addAlgorithm("KeyPairGenerator.McEliece", PREFIX + "McElieceKeyPairGeneratorSpi");
-            provider.addAlgorithm("KeyPairGenerator.McEliece-CCA2", PREFIX + "McElieceCCA2KeyPairGeneratorSpi");
-
-            provider.addAlgorithm("KeyFactory.McElieceKobaraImai", PREFIX + "McElieceCCA2KeyFactorySpi");
-            provider.addAlgorithm("KeyFactory.McEliecePointcheval", PREFIX + "McElieceCCA2KeyFactorySpi");
-            provider.addAlgorithm("KeyFactory.McElieceFujisaki", PREFIX + "McElieceCCA2KeyFactorySpi");
-            provider.addAlgorithm("KeyFactory.McEliece", PREFIX + "McElieceKeyFactorySpi");
-            provider.addAlgorithm("KeyFactory.McEliece-CCA2", PREFIX + "McElieceCCA2KeyFactorySpi");
-
-            provider.addAlgorithm("KeyFactory." + PQCObjectIdentifiers.mcElieceCca2, PREFIX + "McElieceCCA2KeyFactorySpi");
-            provider.addAlgorithm("KeyFactory." + PQCObjectIdentifiers.mcEliece, PREFIX + "McElieceKeyFactorySpi");
-
-            provider.addAlgorithm("Cipher.McEliece", PREFIX + "McEliecePKCSCipherSpi$McEliecePKCS");
-            provider.addAlgorithm("Cipher.McEliecePointcheval", PREFIX + "McEliecePointchevalCipherSpi$McEliecePointcheval");
-            provider.addAlgorithm("Cipher.McElieceKobaraImai", PREFIX + "McElieceKobaraImaiCipherSpi$McElieceKobaraImai");
-            provider.addAlgorithm("Cipher.McElieceFujisaki", PREFIX + "McElieceFujisakiCipherSpi$McElieceFujisaki");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/NH.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/NH.java
deleted file mode 100644
index baa9b84..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/NH.java
+++ /dev/null

@@ -1,32 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider;
-
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider;
-import org.bouncycastle.jcajce.provider.util.AsymmetricKeyInfoConverter;
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-import org.bouncycastle.pqc.jcajce.provider.newhope.NHKeyFactorySpi;
-
-public class NH
-{
-    private static final String PREFIX = "org.bouncycastle.pqc.jcajce.provider" + ".newhope.";
-
-    public static class Mappings
-        extends AsymmetricAlgorithmProvider
-    {
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("KeyFactory.NH", PREFIX + "NHKeyFactorySpi");
-            provider.addAlgorithm("KeyPairGenerator.NH", PREFIX + "NHKeyPairGeneratorSpi");
-
-            provider.addAlgorithm("KeyAgreement.NH", PREFIX + "KeyAgreementSpi");
-
-            AsymmetricKeyInfoConverter keyFact = new NHKeyFactorySpi();
-
-            registerOid(provider, PQCObjectIdentifiers.newHope, "NH", keyFact);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/QTESLA.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/QTESLA.java
deleted file mode 100644
index 78271b9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/QTESLA.java
+++ /dev/null

@@ -1,42 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider;
-
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider;
-import org.bouncycastle.jcajce.provider.util.AsymmetricKeyInfoConverter;
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-import org.bouncycastle.pqc.jcajce.provider.qtesla.QTESLAKeyFactorySpi;
-
-public class QTESLA
-{
-    private static final String PREFIX = "org.bouncycastle.pqc.jcajce.provider" + ".qtesla.";
-
-    public static class Mappings
-        extends AsymmetricAlgorithmProvider
-    {
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("KeyFactory.QTESLA", PREFIX + "QTESLAKeyFactorySpi");
-            provider.addAlgorithm("KeyPairGenerator.QTESLA", PREFIX + "KeyPairGeneratorSpi");
-
-            provider.addAlgorithm("Signature.QTESLA", PREFIX + "SignatureSpi$qTESLA");
-
-            addSignatureAlgorithm(provider,"QTESLA-I", PREFIX + "SignatureSpi$HeuristicI", PQCObjectIdentifiers.qTESLA_I);
-            addSignatureAlgorithm(provider,"QTESLA-III-SIZE", PREFIX + "SignatureSpi$HeuristicIIISize", PQCObjectIdentifiers.qTESLA_III_size);
-            addSignatureAlgorithm(provider,"QTESLA-III-SPEED", PREFIX + "SignatureSpi$HeuristicIIISpeed", PQCObjectIdentifiers.qTESLA_III_speed);
-            addSignatureAlgorithm(provider,"QTESLA-P-I", PREFIX + "SignatureSpi$ProvablySecureI", PQCObjectIdentifiers.qTESLA_p_I);
-            addSignatureAlgorithm(provider,"QTESLA-P-III", PREFIX + "SignatureSpi$ProvablySecureIII", PQCObjectIdentifiers.qTESLA_p_III);
-
-            AsymmetricKeyInfoConverter keyFact = new QTESLAKeyFactorySpi();
-
-            registerOid(provider, PQCObjectIdentifiers.qTESLA_I, "QTESLA-I", keyFact);
-            registerOid(provider, PQCObjectIdentifiers.qTESLA_III_size, "QTESLA-III-SIZE", keyFact);
-            registerOid(provider, PQCObjectIdentifiers.qTESLA_III_speed, "QTESLA-III-SPEED", keyFact);
-            registerOid(provider, PQCObjectIdentifiers.qTESLA_p_I, "QTESLA-P-I", keyFact);
-            registerOid(provider, PQCObjectIdentifiers.qTESLA_p_III, "QTESLA-P-III", keyFact);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/Rainbow.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/Rainbow.java
deleted file mode 100644
index 6f547e5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/Rainbow.java
+++ /dev/null

@@ -1,35 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider;
-
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider;
-import org.bouncycastle.jcajce.provider.util.AsymmetricKeyInfoConverter;
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-import org.bouncycastle.pqc.jcajce.provider.rainbow.RainbowKeyFactorySpi;
-
-public class Rainbow
-{
-    private static final String PREFIX = "org.bouncycastle.pqc.jcajce.provider" + ".rainbow.";
-
-    public static class Mappings
-        extends AsymmetricAlgorithmProvider
-    {
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("KeyFactory.Rainbow", PREFIX + "RainbowKeyFactorySpi");
-            provider.addAlgorithm("KeyPairGenerator.Rainbow", PREFIX + "RainbowKeyPairGeneratorSpi");
-
-            addSignatureAlgorithm(provider, "SHA224", "Rainbow", PREFIX + "SignatureSpi$withSha224", PQCObjectIdentifiers.rainbowWithSha224);
-            addSignatureAlgorithm(provider, "SHA256", "Rainbow", PREFIX + "SignatureSpi$withSha256", PQCObjectIdentifiers.rainbowWithSha256);
-            addSignatureAlgorithm(provider, "SHA384", "Rainbow", PREFIX + "SignatureSpi$withSha384", PQCObjectIdentifiers.rainbowWithSha384);
-            addSignatureAlgorithm(provider, "SHA512", "Rainbow", PREFIX + "SignatureSpi$withSha512", PQCObjectIdentifiers.rainbowWithSha512);
-
-            AsymmetricKeyInfoConverter keyFact = new RainbowKeyFactorySpi();
-
-            registerOid(provider, PQCObjectIdentifiers.rainbow, "Rainbow", keyFact);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/SPHINCS.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/SPHINCS.java
deleted file mode 100644
index 06f1ea0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/SPHINCS.java
+++ /dev/null

@@ -1,34 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider;
-
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider;
-import org.bouncycastle.jcajce.provider.util.AsymmetricKeyInfoConverter;
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-import org.bouncycastle.pqc.jcajce.provider.sphincs.Sphincs256KeyFactorySpi;
-
-public class SPHINCS
-{
-    private static final String PREFIX = "org.bouncycastle.pqc.jcajce.provider" + ".sphincs.";
-
-    public static class Mappings
-        extends AsymmetricAlgorithmProvider
-    {
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("KeyFactory.SPHINCS256", PREFIX + "Sphincs256KeyFactorySpi");
-            provider.addAlgorithm("KeyPairGenerator.SPHINCS256", PREFIX + "Sphincs256KeyPairGeneratorSpi");
-
-            addSignatureAlgorithm(provider, "SHA512", "SPHINCS256", PREFIX + "SignatureSpi$withSha512", PQCObjectIdentifiers.sphincs256_with_SHA512);
-            addSignatureAlgorithm(provider, "SHA3-512", "SPHINCS256", PREFIX + "SignatureSpi$withSha3_512", PQCObjectIdentifiers.sphincs256_with_SHA3_512);
-
-            AsymmetricKeyInfoConverter keyFact = new Sphincs256KeyFactorySpi();
-
-            registerOid(provider, PQCObjectIdentifiers.sphincs256, "SPHINCS256", keyFact);
-            registerOidAlgorithmParameters(provider, PQCObjectIdentifiers.sphincs256, "SPHINCS256");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/XMSS.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/XMSS.java
deleted file mode 100644
index 2e7bfbb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/XMSS.java
+++ /dev/null

@@ -1,61 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider;
-
-import org.bouncycastle.asn1.bc.BCObjectIdentifiers;
-import org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
-import org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider;
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-import org.bouncycastle.pqc.jcajce.provider.xmss.XMSSKeyFactorySpi;
-import org.bouncycastle.pqc.jcajce.provider.xmss.XMSSMTKeyFactorySpi;
-
-public class XMSS
-{
-    private static final String PREFIX = "org.bouncycastle.pqc.jcajce.provider" + ".xmss.";
-
-    public static class Mappings
-        extends AsymmetricAlgorithmProvider
-    {
-        public Mappings()
-        {
-        }
-
-        public void configure(ConfigurableProvider provider)
-        {
-            provider.addAlgorithm("KeyFactory.XMSS", PREFIX + "XMSSKeyFactorySpi");
-            provider.addAlgorithm("KeyPairGenerator.XMSS", PREFIX + "XMSSKeyPairGeneratorSpi");
-
-            addSignatureAlgorithm(provider, "XMSS-SHA256", PREFIX + "XMSSSignatureSpi$withSha256", BCObjectIdentifiers.xmss_SHA256);
-            addSignatureAlgorithm(provider, "XMSS-SHAKE128", PREFIX + "XMSSSignatureSpi$withShake128", BCObjectIdentifiers.xmss_SHAKE128);
-            addSignatureAlgorithm(provider, "XMSS-SHA512", PREFIX + "XMSSSignatureSpi$withSha512", BCObjectIdentifiers.xmss_SHA512);
-            addSignatureAlgorithm(provider, "XMSS-SHAKE256", PREFIX + "XMSSSignatureSpi$withShake256", BCObjectIdentifiers.xmss_SHAKE256);
-
-            addSignatureAlgorithm(provider, "SHA256", "XMSS-SHA256", PREFIX + "XMSSSignatureSpi$withSha256andPrehash", BCObjectIdentifiers.xmss_SHA256ph);
-            addSignatureAlgorithm(provider, "SHAKE128", "XMSS-SHAKE128", PREFIX + "XMSSSignatureSpi$withShake128andPrehash", BCObjectIdentifiers.xmss_SHAKE128ph);
-            addSignatureAlgorithm(provider, "SHA512", "XMSS-SHA512", PREFIX + "XMSSSignatureSpi$withSha512andPrehash", BCObjectIdentifiers.xmss_SHA512ph);
-            addSignatureAlgorithm(provider, "SHAKE256", "XMSS-SHAKE256", PREFIX + "XMSSSignatureSpi$withShake256andPrehash", BCObjectIdentifiers.xmss_SHAKE256ph);
-            provider.addAlgorithm("Alg.Alias.Signature.SHA256WITHXMSS", "SHA256WITHXMSS-SHA256");
-            provider.addAlgorithm("Alg.Alias.Signature.SHAKE128WITHXMSS", "SHAKE128WITHXMSS-SHAKE128");
-            provider.addAlgorithm("Alg.Alias.Signature.SHA512WITHXMSS", "SHA512WITHXMSS-SHA512");
-            provider.addAlgorithm("Alg.Alias.Signature.SHAKE256WITHXMSS", "SHAKE256WITHXMSS-SHAKE256");
-
-            provider.addAlgorithm("KeyFactory.XMSSMT", PREFIX + "XMSSMTKeyFactorySpi");
-            provider.addAlgorithm("KeyPairGenerator.XMSSMT", PREFIX + "XMSSMTKeyPairGeneratorSpi");
-
-            addSignatureAlgorithm(provider, "XMSSMT-SHA256", PREFIX + "XMSSMTSignatureSpi$withSha256", BCObjectIdentifiers.xmss_mt_SHA256);
-            addSignatureAlgorithm(provider, "XMSSMT-SHAKE128", PREFIX + "XMSSMTSignatureSpi$withShake128", BCObjectIdentifiers.xmss_mt_SHAKE128);
-            addSignatureAlgorithm(provider, "XMSSMT-SHA512", PREFIX + "XMSSMTSignatureSpi$withSha512", BCObjectIdentifiers.xmss_mt_SHA512);
-            addSignatureAlgorithm(provider, "XMSSMT-SHAKE256", PREFIX + "XMSSMTSignatureSpi$withShake256", BCObjectIdentifiers.xmss_mt_SHAKE256);
-
-            addSignatureAlgorithm(provider, "SHA256", "XMSSMT-SHA256", PREFIX + "XMSSMTSignatureSpi$withSha256andPrehash", BCObjectIdentifiers.xmss_mt_SHA256ph);
-            addSignatureAlgorithm(provider, "SHAKE128", "XMSSMT-SHAKE128", PREFIX + "XMSSMTSignatureSpi$withShake128andPrehash", BCObjectIdentifiers.xmss_mt_SHAKE128ph);
-            addSignatureAlgorithm(provider, "SHA512", "XMSSMT-SHA512", PREFIX + "XMSSMTSignatureSpi$withSha512andPrehash", BCObjectIdentifiers.xmss_mt_SHA512ph);
-            addSignatureAlgorithm(provider, "SHAKE256", "XMSSMT-SHAKE256", PREFIX + "XMSSMTSignatureSpi$withShake256andPrehash", BCObjectIdentifiers.xmss_mt_SHAKE256ph);
-            provider.addAlgorithm("Alg.Alias.Signature.SHA256WITHXMSSMT", "SHA256WITHXMSSMT-SHA256");
-            provider.addAlgorithm("Alg.Alias.Signature.SHAKE128WITHXMSSMT", "SHAKE128WITHXMSSMT-SHAKE128");
-            provider.addAlgorithm("Alg.Alias.Signature.SHA512WITHXMSSMT", "SHA512WITHXMSSMT-SHA512");
-            provider.addAlgorithm("Alg.Alias.Signature.SHAKE256WITHXMSSMT", "SHAKE256WITHXMSSMT-SHAKE256");
-
-            registerOid(provider, PQCObjectIdentifiers.xmss, "XMSS", new XMSSKeyFactorySpi());
-            registerOid(provider, PQCObjectIdentifiers.xmss_mt, "XMSSMT", new XMSSMTKeyFactorySpi());
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/gmss/BCGMSSPublicKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/gmss/BCGMSSPublicKey.java
deleted file mode 100644
index 9401c8a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/gmss/BCGMSSPublicKey.java
+++ /dev/null

@@ -1,119 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.gmss;
-
-import java.security.PublicKey;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.pqc.asn1.GMSSPublicKey;
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-import org.bouncycastle.pqc.asn1.ParSet;
-import org.bouncycastle.pqc.crypto.gmss.GMSSParameters;
-import org.bouncycastle.pqc.crypto.gmss.GMSSPublicKeyParameters;
-import org.bouncycastle.pqc.jcajce.provider.util.KeyUtil;
-import org.bouncycastle.util.encoders.Hex;
-
-/**
- * This class implements the GMSS public key and is usually initiated by the <a
- * href="GMSSKeyPairGenerator">GMSSKeyPairGenerator</a>.
- *
- * @see org.bouncycastle.pqc.crypto.gmss.GMSSKeyPairGenerator
- */
-public class BCGMSSPublicKey
-    implements CipherParameters, PublicKey
-{
-
-    /**
-     *
-     */
-    private static final long serialVersionUID = 1L;
-
-    /**
-     * The GMSS public key
-     */
-    private byte[] publicKeyBytes;
-
-    /**
-     * The GMSSParameterSet
-     */
-    private GMSSParameters gmssParameterSet;
-
-
-    private GMSSParameters gmssParams;
-
-    /**
-     * The constructor
-     *
-     * @param pub              a raw GMSS public key
-     * @param gmssParameterSet an instance of GMSS Parameterset
-     * @see org.bouncycastle.pqc.crypto.gmss.GMSSKeyPairGenerator
-     */
-    public BCGMSSPublicKey(byte[] pub, GMSSParameters gmssParameterSet)
-    {
-        this.gmssParameterSet = gmssParameterSet;
-        this.publicKeyBytes = pub;
-    }
-
-    public BCGMSSPublicKey(
-        GMSSPublicKeyParameters params)
-    {
-        this(params.getPublicKey(), params.getParameters());
-    }
-
-    /**
-     * Returns the name of the algorithm
-     *
-     * @return "GMSS"
-     */
-    public String getAlgorithm()
-    {
-        return "GMSS";
-    }
-
-    /**
-     * @return The GMSS public key byte array
-     */
-    public byte[] getPublicKeyBytes()
-    {
-        return publicKeyBytes;
-    }
-
-    /**
-     * @return The GMSS Parameterset
-     */
-    public GMSSParameters getParameterSet()
-    {
-        return gmssParameterSet;
-    }
-
-    /**
-     * Returns a human readable form of the GMSS public key
-     *
-     * @return A human readable form of the GMSS public key
-     */
-    public String toString()
-    {
-        String out = "GMSS public key : "
-            + new String(Hex.encode(publicKeyBytes)) + "\n"
-            + "Height of Trees: \n";
-
-        for (int i = 0; i < gmssParameterSet.getHeightOfTrees().length; i++)
-        {
-            out = out + "Layer " + i + " : "
-                + gmssParameterSet.getHeightOfTrees()[i]
-                + " WinternitzParameter: "
-                + gmssParameterSet.getWinternitzParameter()[i] + " K: "
-                + gmssParameterSet.getK()[i] + "\n";
-        }
-        return out;
-    }
-
-    public byte[] getEncoded()
-    {
-        return KeyUtil.getEncodedSubjectPublicKeyInfo(new AlgorithmIdentifier(PQCObjectIdentifiers.gmss, new ParSet(gmssParameterSet.getNumOfLayers(), gmssParameterSet.getHeightOfTrees(), gmssParameterSet.getWinternitzParameter(), gmssParameterSet.getK()).toASN1Primitive()), new GMSSPublicKey(publicKeyBytes));
-    }
-
-    public String getFormat()
-    {
-        return "X.509";
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/BCMcElieceCCA2PrivateKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/BCMcElieceCCA2PrivateKey.java
deleted file mode 100644
index e7834f5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/BCMcElieceCCA2PrivateKey.java
+++ /dev/null

@@ -1,203 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.mceliece;
-
-import java.io.IOException;
-import java.security.PrivateKey;
-
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.pqc.asn1.McElieceCCA2PrivateKey;
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceCCA2KeyPairGenerator;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceCCA2PrivateKeyParameters;
-import org.bouncycastle.pqc.math.linearalgebra.GF2Matrix;
-import org.bouncycastle.pqc.math.linearalgebra.GF2mField;
-import org.bouncycastle.pqc.math.linearalgebra.Permutation;
-import org.bouncycastle.pqc.math.linearalgebra.PolynomialGF2mSmallM;
-
-/**
- * This class implements a McEliece CCA2 private key and is usually instantiated
- * by the {@link McElieceCCA2KeyPairGenerator} or {@link McElieceCCA2KeyFactorySpi}.
- *
- * @see McElieceCCA2KeyPairGenerator
- */
-public class BCMcElieceCCA2PrivateKey
-    implements PrivateKey
-{
-    private static final long serialVersionUID = 1L;
-
-    private McElieceCCA2PrivateKeyParameters params;
-
-    public BCMcElieceCCA2PrivateKey(McElieceCCA2PrivateKeyParameters params)
-    {
-        this.params = params;
-    }
-
-    /**
-     * Return the name of the algorithm.
-     *
-     * @return "McEliece-CCA2"
-     */
-    public String getAlgorithm()
-    {
-        return "McEliece-CCA2";
-    }
-
-    /**
-     * @return the length of the code
-     */
-    public int getN()
-    {
-        return params.getN();
-    }
-
-    /**
-     * @return the dimension of the code
-     */
-    public int getK()
-    {
-        return params.getK();
-    }
-
-    /**
-     * @return the degree of the Goppa polynomial (error correcting capability)
-     */
-    public int getT()
-    {
-        return params.getGoppaPoly().getDegree();
-    }
-
-    /**
-     * @return the finite field
-     */
-    public GF2mField getField()
-    {
-        return params.getField();
-    }
-
-    /**
-     * @return the irreducible Goppa polynomial
-     */
-    public PolynomialGF2mSmallM getGoppaPoly()
-    {
-        return params.getGoppaPoly();
-    }
-
-    /**
-     * @return the permutation vector
-     */
-    public Permutation getP()
-    {
-        return params.getP();
-    }
-
-    /**
-     * @return the canonical check matrix
-     */
-    public GF2Matrix getH()
-    {
-        return params.getH();
-    }
-
-    /**
-     * @return the matrix used to compute square roots in <tt>(GF(2^m))^t</tt>
-     */
-    public PolynomialGF2mSmallM[] getQInv()
-    {
-        return params.getQInv();
-    }
-
-    /**
-     * @return a human readable form of the key
-     */
-    // TODO:
-//    public String toString()
-//    {
-//        String result = "";
-//        result += " extension degree of the field      : " + getN() + "\n";
-//        result += " dimension of the code              : " + getK() + "\n";
-//        result += " irreducible Goppa polynomial       : " + getGoppaPoly() + "\n";
-//        return result;
-//    }
-
-    /**
-     * Compare this key with another object.
-     *
-     * @param other the other object
-     * @return the result of the comparison
-     */
-    public boolean equals(Object other)
-    {
-        if (other == null || !(other instanceof BCMcElieceCCA2PrivateKey))
-        {
-            return false;
-        }
-
-        BCMcElieceCCA2PrivateKey otherKey = (BCMcElieceCCA2PrivateKey)other;
-
-        return (getN() == otherKey.getN()) && (getK() == otherKey.getK())
-            && getField().equals(otherKey.getField())
-            && getGoppaPoly().equals(otherKey.getGoppaPoly()) && getP().equals(otherKey.getP())
-            && getH().equals(otherKey.getH());
-    }
-
-    /**
-     * @return the hash code of this key
-     */
-    public int hashCode()
-    {
-        int code = params.getK();
-
-        code = code * 37 + params.getN();
-        code = code * 37 + params.getField().hashCode();
-        code = code * 37 + params.getGoppaPoly().hashCode();
-        code = code * 37 + params.getP().hashCode();
-
-        return code * 37 + params.getH().hashCode();
-    }
-
-    /**
-     * Return the keyData to encode in the SubjectPublicKeyInfo structure.
-     * <p>
-     * The ASN.1 definition of the key structure is
-     * <pre>
-     *   McEliecePrivateKey ::= SEQUENCE {
-     *     m             INTEGER                  -- extension degree of the field
-     *     k             INTEGER                  -- dimension of the code
-     *     field         OCTET STRING             -- field polynomial
-     *     goppaPoly     OCTET STRING             -- irreducible Goppa polynomial
-     *     p             OCTET STRING             -- permutation vector
-     *     matrixH       OCTET STRING             -- canonical check matrix
-     *     sqRootMatrix  SEQUENCE OF OCTET STRING -- square root matrix
-     *   }
-     * </pre>
-     * @return the keyData to encode in the SubjectPublicKeyInfo structure
-     */
-    public byte[] getEncoded()
-    {
-        PrivateKeyInfo pki;
-        try
-        {
-            McElieceCCA2PrivateKey privateKey = new McElieceCCA2PrivateKey(getN(), getK(), getField(), getGoppaPoly(), getP(), Utils.getDigAlgId(params.getDigest()));
-            AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.mcElieceCca2);
-
-            pki = new PrivateKeyInfo(algorithmIdentifier, privateKey);
-
-            return pki.getEncoded();
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-    }
-
-    public String getFormat()
-    {
-        return "PKCS#8";
-    }
-
-    AsymmetricKeyParameter getKeyParams()
-    {
-        return params;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/BCMcElieceCCA2PublicKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/BCMcElieceCCA2PublicKey.java
deleted file mode 100644
index 46004b2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/BCMcElieceCCA2PublicKey.java
+++ /dev/null

@@ -1,153 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.mceliece;
-
-
-import java.io.IOException;
-import java.security.PublicKey;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.pqc.asn1.McElieceCCA2PublicKey;
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceCCA2KeyPairGenerator;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceCCA2PublicKeyParameters;
-import org.bouncycastle.pqc.math.linearalgebra.GF2Matrix;
-
-/**
- * This class implements a McEliece CCA2 public key and is usually instantiated
- * by the {@link McElieceCCA2KeyPairGenerator} or {@link McElieceCCA2KeyFactorySpi}.
- */
-public class BCMcElieceCCA2PublicKey
-    implements CipherParameters, PublicKey
-{
-    private static final long serialVersionUID = 1L;
-
-    private McElieceCCA2PublicKeyParameters params;
-
-    public BCMcElieceCCA2PublicKey(McElieceCCA2PublicKeyParameters params)
-    {
-        this.params = params;
-    }
-
-    /**
-     * Return the name of the algorithm.
-     *
-     * @return "McEliece"
-     */
-    public String getAlgorithm()
-    {
-        return "McEliece-CCA2";
-    }
-
-    /**
-     * @return the length of the code
-     */
-    public int getN()
-    {
-        return params.getN();
-    }
-
-    /**
-     * @return the dimension of the code
-     */
-    public int getK()
-    {
-        return params.getK();
-    }
-
-    /**
-     * @return the error correction capability of the code
-     */
-    public int getT()
-    {
-        return params.getT();
-    }
-
-    /**
-     * @return the generator matrix
-     */
-    public GF2Matrix getG()
-    {
-        return params.getG();
-    }
-
-    /**
-     * @return a human readable form of the key
-     */
-    public String toString()
-    {
-        String result = "McEliecePublicKey:\n";
-        result += " length of the code         : " + params.getN() + "\n";
-        result += " error correction capability: " + params.getT() + "\n";
-        result += " generator matrix           : " + params.getG().toString();
-        return result;
-    }
-
-    /**
-     * Compare this key with another object.
-     *
-     * @param other the other object
-     * @return the result of the comparison
-     */
-    public boolean equals(Object other)
-    {
-        if (other == null || !(other instanceof BCMcElieceCCA2PublicKey))
-        {
-            return false;
-        }
-
-        BCMcElieceCCA2PublicKey otherKey = (BCMcElieceCCA2PublicKey)other;
-
-        return (params.getN() == otherKey.getN()) && (params.getT() == otherKey.getT()) && (params.getG().equals(otherKey.getG()));
-    }
-
-    /**
-     * @return the hash code of this key
-     */
-    public int hashCode()
-    {
-        return 37 * (params.getN() + 37 * params.getT()) + params.getG().hashCode();
-    }
-
-    /**
-     * Return the keyData to encode in the SubjectPublicKeyInfo structure.
-     * <p>
-     * The ASN.1 definition of the key structure is
-     * <pre>
-     *       McEliecePublicKey ::= SEQUENCE {
-     *         n           Integer      -- length of the code
-     *         t           Integer      -- error correcting capability
-     *         matrixG     OctetString  -- generator matrix as octet string
-     *       }
-     * </pre>
-     * @return the keyData to encode in the SubjectPublicKeyInfo structure
-     */
-    public byte[] getEncoded()
-    {
-        McElieceCCA2PublicKey key = new McElieceCCA2PublicKey(params.getN(), params.getT(), params.getG(), Utils.getDigAlgId(params.getDigest()));
-        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.mcElieceCca2);
-
-        try
-        {
-            SubjectPublicKeyInfo subjectPublicKeyInfo = new SubjectPublicKeyInfo(algorithmIdentifier, key);
-
-            return subjectPublicKeyInfo.getEncoded();
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-
-    }
-
-    public String getFormat()
-    {
-        return "X.509";
-    }
-
-    AsymmetricKeyParameter getKeyParams()
-    {
-        return params;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/BCMcEliecePrivateKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/BCMcEliecePrivateKey.java
deleted file mode 100644
index 26647c2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/BCMcEliecePrivateKey.java
+++ /dev/null

@@ -1,223 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.mceliece;
-
-import java.io.IOException;
-import java.security.PrivateKey;
-
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.pqc.asn1.McEliecePrivateKey;
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceKeyPairGenerator;
-import org.bouncycastle.pqc.crypto.mceliece.McEliecePrivateKeyParameters;
-import org.bouncycastle.pqc.math.linearalgebra.GF2Matrix;
-import org.bouncycastle.pqc.math.linearalgebra.GF2mField;
-import org.bouncycastle.pqc.math.linearalgebra.Permutation;
-import org.bouncycastle.pqc.math.linearalgebra.PolynomialGF2mSmallM;
-
-/**
- * This class implements a McEliece private key and is usually instantiated by
- * the {@link McElieceKeyPairGenerator} or {@link McElieceKeyFactorySpi}.
- */
-public class BCMcEliecePrivateKey
-    implements CipherParameters, PrivateKey
-{
-    private static final long serialVersionUID = 1L;
-
-    private McEliecePrivateKeyParameters params;
-
-    public BCMcEliecePrivateKey(McEliecePrivateKeyParameters params)
-    {
-        this.params = params;
-    }
-
-    /**
-     * Return the name of the algorithm.
-     *
-     * @return "McEliece"
-     */
-    public String getAlgorithm()
-    {
-        return "McEliece";
-    }
-
-    /**
-     * @return the length of the code
-     */
-    public int getN()
-    {
-        return params.getN();
-    }
-
-    /**
-     * @return the dimension of the code
-     */
-    public int getK()
-    {
-        return params.getK();
-    }
-
-    /**
-     * @return the finite field
-     */
-    public GF2mField getField()
-    {
-        return params.getField();
-    }
-
-    /**
-     * @return the irreducible Goppa polynomial
-     */
-    public PolynomialGF2mSmallM getGoppaPoly()
-    {
-        return params.getGoppaPoly();
-    }
-
-    /**
-     * @return the k x k random binary non-singular matrix S
-     */
-    public GF2Matrix getSInv()
-    {
-        return params.getSInv();
-    }
-
-    /**
-     * @return the permutation used to generate the systematic check matrix
-     */
-    public Permutation getP1()
-    {
-        return params.getP1();
-    }
-
-    /**
-     * @return the permutation used to compute the public generator matrix
-     */
-    public Permutation getP2()
-    {
-        return params.getP2();
-    }
-
-    /**
-     * @return the canonical check matrix
-     */
-    public GF2Matrix getH()
-    {
-        return params.getH();
-    }
-
-    /**
-     * @return the matrix for computing square roots in <tt>(GF(2^m))^t</tt>
-     */
-    public PolynomialGF2mSmallM[] getQInv()
-    {
-        return params.getQInv();
-    }
-
-    /*
-     * @return a human readable form of the key
-     */
-    // TODO:
-//    public String toString()
-//    {
-//        String result = " length of the code          : " + getN() + Strings.lineSeparator();
-//        result += " dimension of the code       : " + getK() + Strings.lineSeparator();
-//        result += " irreducible Goppa polynomial: " + getGoppaPoly() + Strings.lineSeparator();
-//        result += " permutation P1              : " + getP1() + Strings.lineSeparator();
-//        result += " permutation P2              : " + getP2() + Strings.lineSeparator();
-//        result += " (k x k)-matrix S^-1         : " + getSInv();
-//        return result;
-//    }
-
-    /**
-     * Compare this key with another object.
-     *
-     * @param other the other object
-     * @return the result of the comparison
-     */
-    public boolean equals(Object other)
-    {
-        if (!(other instanceof BCMcEliecePrivateKey))
-        {
-            return false;
-        }
-        BCMcEliecePrivateKey otherKey = (BCMcEliecePrivateKey)other;
-
-        return (getN() == otherKey.getN()) && (getK() == otherKey.getK())
-            && getField().equals(otherKey.getField())
-            && getGoppaPoly().equals(otherKey.getGoppaPoly())
-            && getSInv().equals(otherKey.getSInv()) && getP1().equals(otherKey.getP1())
-            && getP2().equals(otherKey.getP2());
-    }
-
-    /**
-     * @return the hash code of this key
-     */
-    public int hashCode()
-    {
-        int code = params.getK();
-
-        code = code * 37 + params.getN();
-        code = code * 37 + params.getField().hashCode();
-        code = code * 37 + params.getGoppaPoly().hashCode();
-        code = code * 37 + params.getP1().hashCode();
-        code = code * 37 + params.getP2().hashCode();
-
-        return code * 37 + params.getSInv().hashCode();
-    }
-
-    /**
-     * Return the key data to encode in the SubjectPublicKeyInfo structure.
-     * <p>
-     * The ASN.1 definition of the key structure is
-     * </p>
-     * <pre>
-     *   McEliecePrivateKey ::= SEQUENCE {
-     *     n          INTEGER                   -- length of the code
-     *     k          INTEGER                   -- dimension of the code
-     *     fieldPoly  OCTET STRING              -- field polynomial defining GF(2&circ;m)
-     *     getGoppaPoly()  OCTET STRING              -- irreducible Goppa polynomial
-     *     sInv       OCTET STRING              -- matrix S&circ;-1
-     *     p1         OCTET STRING              -- permutation P1
-     *     p2         OCTET STRING              -- permutation P2
-     *     h          OCTET STRING              -- canonical check matrix
-     *     qInv       SEQUENCE OF OCTET STRING  -- matrix used to compute square roots
-     *   }
-     * </pre>
-     *
-     * @return the key data to encode in the SubjectPublicKeyInfo structure
-     */
-    public byte[] getEncoded()
-    {
-        McEliecePrivateKey privateKey = new McEliecePrivateKey(params.getN(), params.getK(), params.getField(), params.getGoppaPoly(), params.getP1(), params.getP2(), params.getSInv());
-        PrivateKeyInfo pki;
-        try
-        {
-            AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.mcEliece);
-            pki = new PrivateKeyInfo(algorithmIdentifier, privateKey);
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-        try
-        {
-            byte[] encoded = pki.getEncoded();
-            return encoded;
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-    }
-
-    public String getFormat()
-    {
-        return "PKCS#8";
-    }
-
-    AsymmetricKeyParameter getKeyParams()
-    {
-        return params;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/BCMcEliecePublicKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/BCMcEliecePublicKey.java
deleted file mode 100644
index e3c7185..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/BCMcEliecePublicKey.java
+++ /dev/null

@@ -1,151 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.mceliece;
-
-import java.io.IOException;
-import java.security.PublicKey;
-
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.pqc.asn1.McEliecePublicKey;
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceKeyPairGenerator;
-import org.bouncycastle.pqc.crypto.mceliece.McEliecePublicKeyParameters;
-import org.bouncycastle.pqc.math.linearalgebra.GF2Matrix;
-
-/**
- * This class implements a McEliece public key and is usually instantiated by
- * the {@link McElieceKeyPairGenerator} or {@link McElieceKeyFactorySpi}.
- */
-public class BCMcEliecePublicKey
-    implements PublicKey
-{
-    private static final long serialVersionUID = 1L;
-
-    private McEliecePublicKeyParameters params;
-
-    public BCMcEliecePublicKey(McEliecePublicKeyParameters params)
-    {
-        this.params = params;
-    }
-
-    /**
-     * Return the name of the algorithm.
-     *
-     * @return "McEliece"
-     */
-    public String getAlgorithm()
-    {
-        return "McEliece";
-    }
-
-    /**
-     * @return the length of the code
-     */
-    public int getN()
-    {
-        return params.getN();
-    }
-
-    /**
-     * @return the dimension of the code
-     */
-    public int getK()
-    {
-        return params.getK();
-    }
-
-    /**
-     * @return the error correction capability of the code
-     */
-    public int getT()
-    {
-        return params.getT();
-    }
-
-    /**
-     * @return the generator matrix
-     */
-    public GF2Matrix getG()
-    {
-        return params.getG();
-    }
-
-    /**
-     * @return a human readable form of the key
-     */
-    public String toString()
-    {
-        String result = "McEliecePublicKey:\n";
-        result += " length of the code         : " + params.getN() + "\n";
-        result += " error correction capability: " + params.getT() + "\n";
-        result += " generator matrix           : " + params.getG();
-        return result;
-    }
-
-    /**
-     * Compare this key with another object.
-     *
-     * @param other the other object
-     * @return the result of the comparison
-     */
-    public boolean equals(Object other)
-    {
-        if (other instanceof BCMcEliecePublicKey)
-        {
-            BCMcEliecePublicKey otherKey = (BCMcEliecePublicKey)other;
-
-            return (params.getN() == otherKey.getN()) && (params.getT() == otherKey.getT()) && (params.getG().equals(otherKey.getG()));
-        }
-
-        return false;
-    }
-
-    /**
-     * @return the hash code of this key
-     */
-    public int hashCode()
-    {
-        return 37 * (params.getN() + 37 * params.getT()) + params.getG().hashCode();
-    }
-
-    /**
-     * Return the keyData to encode in the SubjectPublicKeyInfo structure.
-     * <p>
-     * The ASN.1 definition of the key structure is
-     * </p>
-     * <pre>
-     *       McEliecePublicKey ::= SEQUENCE {
-     *         n           Integer      -- length of the code
-     *         t           Integer      -- error correcting capability
-     *         matrixG     OctetString  -- generator matrix as octet string
-     *       }
-     * </pre>
-     * @return the keyData to encode in the SubjectPublicKeyInfo structure
-     */
-    public byte[] getEncoded()
-    {
-        McEliecePublicKey key = new McEliecePublicKey(params.getN(), params.getT(), params.getG());
-        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.mcEliece);
-
-        try
-        {
-            SubjectPublicKeyInfo subjectPublicKeyInfo = new SubjectPublicKeyInfo(algorithmIdentifier, key);
-
-            return subjectPublicKeyInfo.getEncoded();
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-    }
-
-    public String getFormat()
-    {
-        return "X.509";
-    }
-
-    AsymmetricKeyParameter getKeyParams()
-    {
-        return params;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McElieceCCA2KeyFactorySpi.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McElieceCCA2KeyFactorySpi.java
deleted file mode 100644
index 0c5815c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McElieceCCA2KeyFactorySpi.java
+++ /dev/null

@@ -1,240 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.mceliece;
-
-import java.io.IOException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.KeyFactorySpi;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.KeySpec;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.jcajce.provider.util.AsymmetricKeyInfoConverter;
-import org.bouncycastle.pqc.asn1.McElieceCCA2PrivateKey;
-import org.bouncycastle.pqc.asn1.McElieceCCA2PublicKey;
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceCCA2PrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceCCA2PublicKeyParameters;
-
-/**
- * This class is used to translate between McEliece CCA2 keys and key
- * specifications.
- *
- * @see BCMcElieceCCA2PrivateKey
- * @see BCMcElieceCCA2PublicKey
- */
-public class McElieceCCA2KeyFactorySpi
-    extends KeyFactorySpi
-    implements AsymmetricKeyInfoConverter
-{
-
-    /**
-     * The OID of the algorithm.
-     */
-    public static final String OID = "1.3.6.1.4.1.8301.3.1.3.4.2";
-
-    /**
-     * Converts, if possible, a key specification into a
-     * {@link BCMcElieceCCA2PublicKey}. Currently, the following key
-     * specifications are supported:
-     * {@link X509EncodedKeySpec}.
-     *
-     * @param keySpec the key specification
-     * @return the McEliece CCA2 public key
-     * @throws InvalidKeySpecException if the key specification is not supported.
-     */
-    protected PublicKey engineGeneratePublic(KeySpec keySpec)
-        throws InvalidKeySpecException
-    {
-        if (keySpec instanceof X509EncodedKeySpec)
-        {
-            // get the DER-encoded Key according to X.509 from the spec
-            byte[] encKey = ((X509EncodedKeySpec)keySpec).getEncoded();
-
-            // decode the SubjectPublicKeyInfo data structure to the pki object
-            SubjectPublicKeyInfo pki;
-            try
-            {
-                pki = SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(encKey));
-            }
-            catch (IOException e)
-            {
-                throw new InvalidKeySpecException(e.toString());
-            }
-
-
-            try
-            {
-                if (PQCObjectIdentifiers.mcElieceCca2.equals(pki.getAlgorithm().getAlgorithm()))
-                {
-                    McElieceCCA2PublicKey key = McElieceCCA2PublicKey.getInstance(pki.parsePublicKey());
-
-                    return new BCMcElieceCCA2PublicKey(new McElieceCCA2PublicKeyParameters(key.getN(), key.getT(), key.getG(), Utils.getDigest(key.getDigest()).getAlgorithmName()));
-                }
-                else
-                {
-                    throw new InvalidKeySpecException("Unable to recognise OID in McEliece private key");
-                }
-            }
-            catch (IOException cce)
-            {
-                throw new InvalidKeySpecException(
-                    "Unable to decode X509EncodedKeySpec: "
-                        + cce.getMessage());
-            }
-        }
-
-        throw new InvalidKeySpecException("Unsupported key specification: "
-            + keySpec.getClass() + ".");
-    }
-
-    /**
-     * Converts, if possible, a key specification into a
-     * {@link BCMcElieceCCA2PrivateKey}. Currently, the following key
-     * specifications are supported:
-     * {@link PKCS8EncodedKeySpec}.
-     *
-     * @param keySpec the key specification
-     * @return the McEliece CCA2 private key
-     * @throws InvalidKeySpecException if the KeySpec is not supported.
-     */
-    protected PrivateKey engineGeneratePrivate(KeySpec keySpec)
-        throws InvalidKeySpecException
-    {
-        if (keySpec instanceof PKCS8EncodedKeySpec)
-        {
-            // get the DER-encoded Key according to PKCS#8 from the spec
-            byte[] encKey = ((PKCS8EncodedKeySpec)keySpec).getEncoded();
-
-            // decode the PKCS#8 data structure to the pki object
-            PrivateKeyInfo pki;
-
-            try
-            {
-                pki = PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(encKey));
-            }
-            catch (IOException e)
-            {
-                throw new InvalidKeySpecException("Unable to decode PKCS8EncodedKeySpec: " + e);
-            }
-
-            try
-            {
-                if (PQCObjectIdentifiers.mcElieceCca2.equals(pki.getPrivateKeyAlgorithm().getAlgorithm()))
-                {
-                    McElieceCCA2PrivateKey key = McElieceCCA2PrivateKey.getInstance(pki.parsePrivateKey());
-
-                    return new BCMcElieceCCA2PrivateKey(new McElieceCCA2PrivateKeyParameters(key.getN(), key.getK(), key.getField(), key.getGoppaPoly(), key.getP(), Utils.getDigest(key.getDigest()).getAlgorithmName()));
-                }
-                else
-                {
-                    throw new InvalidKeySpecException("Unable to recognise OID in McEliece public key");
-                }
-            }
-            catch (IOException cce)
-            {
-                throw new InvalidKeySpecException(
-                    "Unable to decode PKCS8EncodedKeySpec.");
-            }
-        }
-
-        throw new InvalidKeySpecException("Unsupported key specification: " + keySpec.getClass() + ".");
-    }
-
-    /**
-     * Converts, if possible, a given key into a key specification. Currently,
-     * the following key specifications are supported:
-     *
-     * @param key     the key
-     * @param keySpec the key specification
-     * @return the specification of the McEliece CCA2 key
-     * @throws InvalidKeySpecException if the key type or the key specification is not
-     * supported.
-     * @see BCMcElieceCCA2PrivateKey
-     * @see BCMcElieceCCA2PublicKey
-     */
-    public KeySpec getKeySpec(Key key, Class keySpec)
-        throws InvalidKeySpecException
-    {
-        if (key instanceof BCMcElieceCCA2PrivateKey)
-        {
-            if (PKCS8EncodedKeySpec.class.isAssignableFrom(keySpec))
-            {
-                return new PKCS8EncodedKeySpec(key.getEncoded());
-            }
-        }
-        else if (key instanceof BCMcElieceCCA2PublicKey)
-        {
-            if (X509EncodedKeySpec.class.isAssignableFrom(keySpec))
-            {
-                return new X509EncodedKeySpec(key.getEncoded());
-            }
-        }
-        else
-        {
-            throw new InvalidKeySpecException("Unsupported key type: "
-                + key.getClass() + ".");
-        }
-
-        throw new InvalidKeySpecException("Unknown key specification: "
-            + keySpec + ".");
-    }
-
-    /**
-     * Translates a key into a form known by the FlexiProvider. Currently, only
-     * the following "source" keys are supported: {@link BCMcElieceCCA2PrivateKey},
-     * {@link BCMcElieceCCA2PublicKey}.
-     *
-     * @param key the key
-     * @return a key of a known key type
-     * @throws InvalidKeyException if the key type is not supported.
-     */
-    public Key translateKey(Key key)
-        throws InvalidKeyException
-    {
-        if ((key instanceof BCMcElieceCCA2PrivateKey)
-            || (key instanceof BCMcElieceCCA2PublicKey))
-        {
-            return key;
-        }
-        throw new InvalidKeyException("Unsupported key type.");
-
-    }
-
-    public PublicKey generatePublic(SubjectPublicKeyInfo pki)
-        throws IOException
-    {
-        // get the inner type inside the BIT STRING
-        ASN1Primitive innerType = pki.parsePublicKey();
-        McElieceCCA2PublicKey key = McElieceCCA2PublicKey.getInstance(innerType);
-        return new BCMcElieceCCA2PublicKey(new McElieceCCA2PublicKeyParameters(key.getN(), key.getT(), key.getG(), Utils.getDigest(key.getDigest()).getAlgorithmName()));
-    }
-
-    public PrivateKey generatePrivate(PrivateKeyInfo pki)
-        throws IOException
-    {
-        // get the inner type inside the BIT STRING
-        ASN1Primitive innerType = pki.parsePrivateKey().toASN1Primitive();
-        McElieceCCA2PrivateKey key = McElieceCCA2PrivateKey.getInstance(innerType);
-        return new BCMcElieceCCA2PrivateKey(new McElieceCCA2PrivateKeyParameters(key.getN(), key.getK(), key.getField(), key.getGoppaPoly(), key.getP(), null));
-    }
-
-    protected KeySpec engineGetKeySpec(Key key, Class tClass)
-        throws InvalidKeySpecException
-    {
-        // TODO:
-        return null;  //To change body of implemented methods use File | Settings | File Templates.
-    }
-
-    protected Key engineTranslateKey(Key key)
-        throws InvalidKeyException
-    {
-        // TODO:
-        return null;  //To change body of implemented methods use File | Settings | File Templates.
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McElieceCCA2KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McElieceCCA2KeyPairGeneratorSpi.java
deleted file mode 100644
index 31cb018..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McElieceCCA2KeyPairGeneratorSpi.java
+++ /dev/null

@@ -1,68 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.mceliece;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceCCA2KeyGenerationParameters;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceCCA2KeyPairGenerator;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceCCA2Parameters;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceCCA2PrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceCCA2PublicKeyParameters;
-import org.bouncycastle.pqc.jcajce.spec.McElieceCCA2KeyGenParameterSpec;
-
-public class McElieceCCA2KeyPairGeneratorSpi
-    extends KeyPairGenerator
-{
-    private McElieceCCA2KeyPairGenerator kpg;
-
-    public McElieceCCA2KeyPairGeneratorSpi()
-    {
-        super("McEliece-CCA2");
-    }
-
-    public void initialize(AlgorithmParameterSpec params, SecureRandom random)
-        throws InvalidAlgorithmParameterException
-    {
-        kpg = new McElieceCCA2KeyPairGenerator();
-
-        McElieceCCA2KeyGenParameterSpec ecc = (McElieceCCA2KeyGenParameterSpec)params;
-
-        McElieceCCA2KeyGenerationParameters mccca2KGParams = new McElieceCCA2KeyGenerationParameters(
-            random, new McElieceCCA2Parameters(ecc.getM(), ecc.getT(), ecc.getDigest()));
-        kpg.init(mccca2KGParams);
-    }
-
-    public void initialize(AlgorithmParameterSpec params)
-        throws InvalidAlgorithmParameterException
-    {
-        kpg = new McElieceCCA2KeyPairGenerator();
-
-        McElieceCCA2KeyGenParameterSpec ecc = (McElieceCCA2KeyGenParameterSpec)params;
-
-        McElieceCCA2KeyGenerationParameters mccca2KGParams = new McElieceCCA2KeyGenerationParameters(
-            CryptoServicesRegistrar.getSecureRandom(), new McElieceCCA2Parameters(ecc.getM(), ecc.getT(), ecc.getDigest()));
-        kpg.init(mccca2KGParams);
-    }
-
-    public void initialize(int keySize, SecureRandom random)
-    {
-        kpg = new McElieceCCA2KeyPairGenerator();
-
-        McElieceCCA2KeyGenerationParameters mccca2KGParams = new McElieceCCA2KeyGenerationParameters(random, new McElieceCCA2Parameters());
-        kpg.init(mccca2KGParams);
-    }
-
-    public KeyPair generateKeyPair()
-    {
-        AsymmetricCipherKeyPair generateKeyPair = kpg.generateKeyPair();
-        McElieceCCA2PrivateKeyParameters sk = (McElieceCCA2PrivateKeyParameters)generateKeyPair.getPrivate();
-        McElieceCCA2PublicKeyParameters pk = (McElieceCCA2PublicKeyParameters)generateKeyPair.getPublic();
-
-        return new KeyPair(new BCMcElieceCCA2PublicKey(pk), new BCMcElieceCCA2PrivateKey(sk));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McElieceCCA2KeysToParams.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McElieceCCA2KeysToParams.java
deleted file mode 100644
index 3978550..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McElieceCCA2KeysToParams.java
+++ /dev/null

@@ -1,45 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.mceliece;
-
-import java.security.InvalidKeyException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-
-/**
- * utility class for converting jce/jca McElieceCCA2 objects
- * objects into their org.bouncycastle.crypto counterparts.
- */
-public class McElieceCCA2KeysToParams
-{
-
-
-    static public AsymmetricKeyParameter generatePublicKeyParameter(
-        PublicKey key)
-        throws InvalidKeyException
-    {
-        if (key instanceof BCMcElieceCCA2PublicKey)
-        {
-            BCMcElieceCCA2PublicKey k = (BCMcElieceCCA2PublicKey)key;
-
-            return k.getKeyParams();
-        }
-
-        throw new InvalidKeyException("can't identify McElieceCCA2 public key: " + key.getClass().getName());
-    }
-
-
-    static public AsymmetricKeyParameter generatePrivateKeyParameter(
-        PrivateKey key)
-        throws InvalidKeyException
-    {
-        if (key instanceof BCMcElieceCCA2PrivateKey)
-        {
-            BCMcElieceCCA2PrivateKey k = (BCMcElieceCCA2PrivateKey)key;
-
-            return k.getKeyParams();
-        }
-
-        throw new InvalidKeyException("can't identify McElieceCCA2 private key.");
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McElieceCCA2Primitives.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McElieceCCA2Primitives.java
deleted file mode 100644
index 7f2115c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McElieceCCA2Primitives.java
+++ /dev/null

@@ -1,131 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.mceliece;
-
-import org.bouncycastle.pqc.crypto.mceliece.McElieceCCA2PrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceCCA2PublicKeyParameters;
-import org.bouncycastle.pqc.math.linearalgebra.GF2Matrix;
-import org.bouncycastle.pqc.math.linearalgebra.GF2Vector;
-import org.bouncycastle.pqc.math.linearalgebra.GF2mField;
-import org.bouncycastle.pqc.math.linearalgebra.GoppaCode;
-import org.bouncycastle.pqc.math.linearalgebra.Permutation;
-import org.bouncycastle.pqc.math.linearalgebra.PolynomialGF2mSmallM;
-import org.bouncycastle.pqc.math.linearalgebra.Vector;
-
-/**
- * Core operations for the CCA-secure variants of McEliece.
- */
-public final class McElieceCCA2Primitives
-{
-
-    /**
-     * Default constructor (private).
-     */
-    private McElieceCCA2Primitives()
-    {
-    }
-
-    /**
-     * The McEliece encryption primitive.
-     *
-     * @param pubKey the public key
-     * @param m      the message vector
-     * @param z      the error vector
-     * @return <tt>m*G + z</tt>
-     */
-    public static GF2Vector encryptionPrimitive(BCMcElieceCCA2PublicKey pubKey,
-                                                GF2Vector m, GF2Vector z)
-    {
-
-        GF2Matrix matrixG = pubKey.getG();
-        Vector mG = matrixG.leftMultiplyLeftCompactForm(m);
-        return (GF2Vector)mG.add(z);
-    }
-
-    public static GF2Vector encryptionPrimitive(McElieceCCA2PublicKeyParameters pubKey,
-                                                GF2Vector m, GF2Vector z)
-    {
-
-        GF2Matrix matrixG = pubKey.getG();
-        Vector mG = matrixG.leftMultiplyLeftCompactForm(m);
-        return (GF2Vector)mG.add(z);
-    }
-
-    /**
-     * The McEliece decryption primitive.
-     *
-     * @param privKey the private key
-     * @param c       the ciphertext vector <tt>c = m*G + z</tt>
-     * @return the message vector <tt>m</tt> and the error vector <tt>z</tt>
-     */
-    public static GF2Vector[] decryptionPrimitive(
-        BCMcElieceCCA2PrivateKey privKey, GF2Vector c)
-    {
-
-        // obtain values from private key
-        int k = privKey.getK();
-        Permutation p = privKey.getP();
-        GF2mField field = privKey.getField();
-        PolynomialGF2mSmallM gp = privKey.getGoppaPoly();
-        GF2Matrix h = privKey.getH();
-        PolynomialGF2mSmallM[] q = privKey.getQInv();
-
-        // compute inverse permutation P^-1
-        Permutation pInv = p.computeInverse();
-
-        // multiply c with permutation P^-1
-        GF2Vector cPInv = (GF2Vector)c.multiply(pInv);
-
-        // compute syndrome of cP^-1
-        GF2Vector syndVec = (GF2Vector)h.rightMultiply(cPInv);
-
-        // decode syndrome
-        GF2Vector errors = GoppaCode.syndromeDecode(syndVec, field, gp, q);
-        GF2Vector mG = (GF2Vector)cPInv.add(errors);
-
-        // multiply codeword and error vector with P
-        mG = (GF2Vector)mG.multiply(p);
-        errors = (GF2Vector)errors.multiply(p);
-
-        // extract plaintext vector (last k columns of mG)
-        GF2Vector m = mG.extractRightVector(k);
-
-        // return vectors
-        return new GF2Vector[]{m, errors};
-    }
-
-    public static GF2Vector[] decryptionPrimitive(
-        McElieceCCA2PrivateKeyParameters privKey, GF2Vector c)
-    {
-
-        // obtain values from private key
-        int k = privKey.getK();
-        Permutation p = privKey.getP();
-        GF2mField field = privKey.getField();
-        PolynomialGF2mSmallM gp = privKey.getGoppaPoly();
-        GF2Matrix h = privKey.getH();
-        PolynomialGF2mSmallM[] q = privKey.getQInv();
-
-        // compute inverse permutation P^-1
-        Permutation pInv = p.computeInverse();
-
-        // multiply c with permutation P^-1
-        GF2Vector cPInv = (GF2Vector)c.multiply(pInv);
-
-        // compute syndrome of cP^-1
-        GF2Vector syndVec = (GF2Vector)h.rightMultiply(cPInv);
-
-        // decode syndrome
-        GF2Vector errors = GoppaCode.syndromeDecode(syndVec, field, gp, q);
-        GF2Vector mG = (GF2Vector)cPInv.add(errors);
-
-        // multiply codeword and error vector with P
-        mG = (GF2Vector)mG.multiply(p);
-        errors = (GF2Vector)errors.multiply(p);
-
-        // extract plaintext vector (last k columns of mG)
-        GF2Vector m = mG.extractRightVector(k);
-
-        // return vectors
-        return new GF2Vector[]{m, errors};
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McElieceFujisakiCipherSpi.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McElieceFujisakiCipherSpi.java
deleted file mode 100644
index c5f2ea4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McElieceFujisakiCipherSpi.java
+++ /dev/null

@@ -1,172 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.mceliece;
-
-import java.io.ByteArrayOutputStream;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.BadPaddingException;
-
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.util.DigestFactory;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceCCA2KeyParameters;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceFujisakiCipher;
-import org.bouncycastle.pqc.jcajce.provider.util.AsymmetricHybridCipher;
-
-public class McElieceFujisakiCipherSpi
-    extends AsymmetricHybridCipher
-    implements PKCSObjectIdentifiers, X509ObjectIdentifiers
-{
-    // TODO digest needed?
-    private Digest digest;
-    private McElieceFujisakiCipher cipher;
-
-    /**
-     * buffer to store the input data
-     */
-    private ByteArrayOutputStream buf;
-
-
-    protected McElieceFujisakiCipherSpi(Digest digest, McElieceFujisakiCipher cipher)
-    {
-        this.digest = digest;
-        this.cipher = cipher;
-        buf = new ByteArrayOutputStream();
-
-    }
-
-    /**
-     * Continue a multiple-part encryption or decryption operation.
-     *
-     * @param input byte array containing the next part of the input
-     * @param inOff index in the array where the input starts
-     * @param inLen length of the input
-     * @return the processed byte array.
-     */
-    public byte[] update(byte[] input, int inOff, int inLen)
-    {
-        buf.write(input, inOff, inLen);
-        return new byte[0];
-    }
-
-
-    /**
-     * Encrypts or decrypts data in a single-part operation, or finishes a
-     * multiple-part operation. The data is encrypted or decrypted, depending on
-     * how this cipher was initialized.
-     *
-     * @param input the input buffer
-     * @param inOff the offset in input where the input starts
-     * @param inLen the input length
-     * @return the new buffer with the result
-     * @throws BadPaddingException on deryption errors.
-     */
-    public byte[] doFinal(byte[] input, int inOff, int inLen)
-        throws BadPaddingException
-    {
-        update(input, inOff, inLen);
-        byte[] data = buf.toByteArray();
-        buf.reset();
-
-        if (opMode == ENCRYPT_MODE)
-        {
-            return cipher.messageEncrypt(data);
-        }
-        else if (opMode == DECRYPT_MODE)
-        {
-            try
-            {
-                return cipher.messageDecrypt(data);
-            }
-            catch (InvalidCipherTextException e)
-            {
-                throw new BadPaddingException(e.getMessage());
-            }
-        }
-        else
-        {
-            throw new IllegalStateException("unknown mode in doFinal");
-        }
-    }
-
-
-    protected int encryptOutputSize(int inLen)
-    {
-        return 0;
-    }
-
-    protected int decryptOutputSize(int inLen)
-    {
-        return 0;
-    }
-
-    protected void initCipherEncrypt(Key key, AlgorithmParameterSpec params,
-                                     SecureRandom sr)
-        throws InvalidKeyException,
-        InvalidAlgorithmParameterException
-    {
-
-        CipherParameters param;
-        param = McElieceCCA2KeysToParams.generatePublicKeyParameter((PublicKey)key);
-
-        param = new ParametersWithRandom(param, sr);
-        digest.reset();
-        cipher.init(true, param);
-
-    }
-
-    protected void initCipherDecrypt(Key key, AlgorithmParameterSpec params)
-        throws InvalidKeyException, InvalidAlgorithmParameterException
-    {
-
-        CipherParameters param;
-        param = McElieceCCA2KeysToParams.generatePrivateKeyParameter((PrivateKey)key);
-
-        digest.reset();
-        cipher.init(false, param);
-    }
-
-    public String getName()
-    {
-        return "McElieceFujisakiCipher";
-    }
-
-    public int getKeySize(Key key)
-        throws InvalidKeyException
-    {
-        McElieceCCA2KeyParameters mcElieceCCA2KeyParameters;
-        if (key instanceof PublicKey)
-        {
-            mcElieceCCA2KeyParameters = (McElieceCCA2KeyParameters)McElieceCCA2KeysToParams.generatePublicKeyParameter((PublicKey)key);
-        }
-        else
-        {
-            mcElieceCCA2KeyParameters = (McElieceCCA2KeyParameters)McElieceCCA2KeysToParams.generatePrivateKeyParameter((PrivateKey)key);
-
-        }
-
-
-        return cipher.getKeySize(mcElieceCCA2KeyParameters);
-    }
-
-
-    //////////////////////////////////////////////////////////////////////////////////
-
-    static public class McElieceFujisaki
-        extends McElieceFujisakiCipherSpi
-    {
-        public McElieceFujisaki()
-        {
-            super(DigestFactory.createSHA1(), new McElieceFujisakiCipher());
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McElieceKeyFactorySpi.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McElieceKeyFactorySpi.java
deleted file mode 100644
index 3bae908..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McElieceKeyFactorySpi.java
+++ /dev/null

@@ -1,242 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.mceliece;
-
-import java.io.IOException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.KeyFactorySpi;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.KeySpec;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.jcajce.provider.util.AsymmetricKeyInfoConverter;
-import org.bouncycastle.pqc.asn1.McEliecePrivateKey;
-import org.bouncycastle.pqc.asn1.McEliecePublicKey;
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-import org.bouncycastle.pqc.crypto.mceliece.McEliecePrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.mceliece.McEliecePublicKeyParameters;
-
-/**
- * This class is used to translate between McEliece keys and key specifications.
- *
- * @see BCMcEliecePrivateKey
- * @see BCMcEliecePublicKey
- */
-public class McElieceKeyFactorySpi
-    extends KeyFactorySpi
-    implements AsymmetricKeyInfoConverter
-{
-    /**
-     * The OID of the algorithm.
-     */
-    public static final String OID = "1.3.6.1.4.1.8301.3.1.3.4.1";
-
-    /**
-     * Converts, if possible, a key specification into a
-     * {@link BCMcEliecePublicKey}.  {@link X509EncodedKeySpec}.
-     *
-     * @param keySpec the key specification
-     * @return the McEliece public key
-     * @throws InvalidKeySpecException if the key specification is not supported.
-     */
-    protected PublicKey engineGeneratePublic(KeySpec keySpec)
-        throws InvalidKeySpecException
-    {
-        if (keySpec instanceof X509EncodedKeySpec)
-        {
-            // get the DER-encoded Key according to X.509 from the spec
-            byte[] encKey = ((X509EncodedKeySpec)keySpec).getEncoded();
-
-            // decode the SubjectPublicKeyInfo data structure to the pki object
-            SubjectPublicKeyInfo pki;
-            try
-            {
-                pki = SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(encKey));
-            }
-            catch (IOException e)
-            {
-                throw new InvalidKeySpecException(e.toString());
-            }
-
-            try
-            {
-                if (PQCObjectIdentifiers.mcEliece.equals(pki.getAlgorithm().getAlgorithm()))
-                {
-                    McEliecePublicKey key = McEliecePublicKey.getInstance(pki.parsePublicKey());
-
-                    return new BCMcEliecePublicKey(new McEliecePublicKeyParameters(key.getN(), key.getT(), key.getG()));
-                }
-                else
-                {
-                    throw new InvalidKeySpecException("Unable to recognise OID in McEliece public key");
-                }
-            }
-            catch (IOException cce)
-            {
-                throw new InvalidKeySpecException(
-                    "Unable to decode X509EncodedKeySpec: "
-                        + cce.getMessage());
-            }
-        }
-
-        throw new InvalidKeySpecException("Unsupported key specification: "
-            + keySpec.getClass() + ".");
-    }
-
-    /**
-     * Converts, if possible, a key specification into a
-     * {@link BCMcEliecePrivateKey}.
-     *
-     * @param keySpec the key specification
-     * @return the McEliece private key
-     * @throws InvalidKeySpecException if the KeySpec is not supported.
-     */
-    protected PrivateKey engineGeneratePrivate(KeySpec keySpec)
-        throws InvalidKeySpecException
-    {
-        if (keySpec instanceof PKCS8EncodedKeySpec)
-        {
-            // get the DER-encoded Key according to PKCS#8 from the spec
-            byte[] encKey = ((PKCS8EncodedKeySpec)keySpec).getEncoded();
-
-            // decode the PKCS#8 data structure to the pki object
-            PrivateKeyInfo pki;
-
-            try
-            {
-                pki = PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(encKey));
-            }
-            catch (IOException e)
-            {
-                throw new InvalidKeySpecException("Unable to decode PKCS8EncodedKeySpec: " + e);
-            }
-
-            try
-            {
-                if (PQCObjectIdentifiers.mcEliece.equals(pki.getPrivateKeyAlgorithm().getAlgorithm()))
-                {
-                    McEliecePrivateKey key = McEliecePrivateKey.getInstance(pki.parsePrivateKey());
-
-                    return new BCMcEliecePrivateKey(new McEliecePrivateKeyParameters(key.getN(), key.getK(), key.getField(), key.getGoppaPoly(), key.getP1(), key.getP2(), key.getSInv()));
-                }
-                else
-                {
-                    throw new InvalidKeySpecException("Unable to recognise OID in McEliece private key");
-                }
-            }
-            catch (IOException cce)
-            {
-                throw new InvalidKeySpecException(
-                    "Unable to decode PKCS8EncodedKeySpec.");
-            }
-        }
-
-        throw new InvalidKeySpecException("Unsupported key specification: "
-            + keySpec.getClass() + ".");
-    }
-
-    /**
-     * Converts, if possible, a given key into a key specification. Currently,
-     * the following key specifications are supported:
-     *
-     * @param key     the key
-     * @param keySpec the key specification
-     * @return the specification of the McEliece key
-     * @throws InvalidKeySpecException if the key type or the key specification is not
-     * supported.
-     * @see BCMcEliecePrivateKey
-     * @see BCMcEliecePublicKey
-     */
-    public KeySpec getKeySpec(Key key, Class keySpec)
-        throws InvalidKeySpecException
-    {
-        if (key instanceof BCMcEliecePrivateKey)
-        {
-            if (PKCS8EncodedKeySpec.class.isAssignableFrom(keySpec))
-            {
-                return new PKCS8EncodedKeySpec(key.getEncoded());
-            }
-        }
-        else if (key instanceof BCMcEliecePublicKey)
-        {
-            if (X509EncodedKeySpec.class.isAssignableFrom(keySpec))
-            {
-                return new X509EncodedKeySpec(key.getEncoded());
-            }
-        }
-        else
-        {
-            throw new InvalidKeySpecException("Unsupported key type: "
-                + key.getClass() + ".");
-        }
-
-        throw new InvalidKeySpecException("Unknown key specification: "
-            + keySpec + ".");
-    }
-
-    /**
-     * Translates a key into a form known by the FlexiProvider. Currently, only
-     * the following "source" keys are supported: {@link BCMcEliecePrivateKey},
-     * {@link BCMcEliecePublicKey}.
-     *
-     * @param key the key
-     * @return a key of a known key type
-     * @throws InvalidKeyException if the key type is not supported.
-     */
-    public Key translateKey(Key key)
-        throws InvalidKeyException
-    {
-        if ((key instanceof BCMcEliecePrivateKey)
-            || (key instanceof BCMcEliecePublicKey))
-        {
-            return key;
-        }
-        throw new InvalidKeyException("Unsupported key type.");
-
-    }
-
-    public PublicKey generatePublic(SubjectPublicKeyInfo pki)
-        throws IOException
-    {
-        // get the inner type inside the BIT STRING
-        ASN1Primitive innerType = pki.parsePublicKey();
-        McEliecePublicKey key = McEliecePublicKey.getInstance(innerType);
-        return new BCMcEliecePublicKey(new McEliecePublicKeyParameters(key.getN(), key.getT(), key.getG()));
-    }
-
-    public PrivateKey generatePrivate(PrivateKeyInfo pki)
-        throws IOException
-    {
-        // get the inner type inside the BIT STRING
-        ASN1Primitive innerType = pki.parsePrivateKey().toASN1Primitive();
-        McEliecePrivateKey key = McEliecePrivateKey.getInstance(innerType);
-        return new BCMcEliecePrivateKey(new McEliecePrivateKeyParameters(key.getN(), key.getK(), key.getField(), key.getGoppaPoly(), key.getP1(), key.getP2(), key.getSInv()));
-    }
-
-    protected KeySpec engineGetKeySpec(Key key, Class tClass)
-        throws InvalidKeySpecException
-    {
-        // TODO:
-        return null;  //To change body of implemented methods use File | Settings | File Templates.
-    }
-
-    protected Key engineTranslateKey(Key key)
-        throws InvalidKeyException
-    {
-        // TODO:
-        return null;  //To change body of implemented methods use File | Settings | File Templates.
-    }
-
-    private static Digest getDigest(AlgorithmIdentifier algId)
-    {
-        return new SHA256Digest();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McElieceKeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McElieceKeyPairGeneratorSpi.java
deleted file mode 100644
index 8b7fac0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McElieceKeyPairGeneratorSpi.java
+++ /dev/null

@@ -1,61 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.mceliece;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceKeyGenerationParameters;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceKeyPairGenerator;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceParameters;
-import org.bouncycastle.pqc.crypto.mceliece.McEliecePrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.mceliece.McEliecePublicKeyParameters;
-import org.bouncycastle.pqc.jcajce.spec.McElieceKeyGenParameterSpec;
-
-public class McElieceKeyPairGeneratorSpi
-    extends KeyPairGenerator
-{
-    McElieceKeyPairGenerator kpg;
-
-    public McElieceKeyPairGeneratorSpi()
-    {
-        super("McEliece");
-    }
-    
-    public void initialize(AlgorithmParameterSpec params, SecureRandom random)
-        throws InvalidAlgorithmParameterException
-    {
-        kpg = new McElieceKeyPairGenerator();
-        McElieceKeyGenParameterSpec ecc = (McElieceKeyGenParameterSpec)params;
-
-        McElieceKeyGenerationParameters mccKGParams = new McElieceKeyGenerationParameters(
-            random, new McElieceParameters(ecc.getM(), ecc.getT()));
-        kpg.init(mccKGParams);
-    }
-
-    public void initialize(int keySize, SecureRandom random)
-    {
-        McElieceKeyGenParameterSpec paramSpec = new McElieceKeyGenParameterSpec();
-
-        // call the initializer with the chosen parameters
-        try
-        {
-            this.initialize(paramSpec, random);
-        }
-        catch (InvalidAlgorithmParameterException ae)
-        {
-        }
-    }
-
-    public KeyPair generateKeyPair()
-    {
-        AsymmetricCipherKeyPair generateKeyPair = kpg.generateKeyPair();
-        McEliecePrivateKeyParameters sk = (McEliecePrivateKeyParameters)generateKeyPair.getPrivate();
-        McEliecePublicKeyParameters pk = (McEliecePublicKeyParameters)generateKeyPair.getPublic();
-
-        return new KeyPair(new BCMcEliecePublicKey(pk), new BCMcEliecePrivateKey(sk));
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McElieceKeysToParams.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McElieceKeysToParams.java
deleted file mode 100644
index c414260..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McElieceKeysToParams.java
+++ /dev/null

@@ -1,46 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.mceliece;
-
-import java.security.InvalidKeyException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.pqc.crypto.mceliece.McEliecePrivateKeyParameters;
-
-/**
- * utility class for converting jce/jca McEliece objects
- * objects into their org.bouncycastle.crypto counterparts.
- */
-public class McElieceKeysToParams
-{
-
-
-    static public AsymmetricKeyParameter generatePublicKeyParameter(
-        PublicKey key)
-        throws InvalidKeyException
-    {
-        if (key instanceof BCMcEliecePublicKey)
-        {
-            BCMcEliecePublicKey k = (BCMcEliecePublicKey)key;
-
-            return k.getKeyParams();
-        }
-
-        throw new InvalidKeyException("can't identify McEliece public key: " + key.getClass().getName());
-    }
-
-
-    static public AsymmetricKeyParameter generatePrivateKeyParameter(
-        PrivateKey key)
-        throws InvalidKeyException
-    {
-        if (key instanceof BCMcEliecePrivateKey)
-        {
-            BCMcEliecePrivateKey k = (BCMcEliecePrivateKey)key;
-            return new McEliecePrivateKeyParameters(k.getN(), k.getK(), k.getField(), k.getGoppaPoly(),
-                 k.getP1(), k.getP2(), k.getSInv());
-        }
-
-        throw new InvalidKeyException("can't identify McEliece private key.");
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McElieceKobaraImaiCipherSpi.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McElieceKobaraImaiCipherSpi.java
deleted file mode 100644
index 8dc9ba6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McElieceKobaraImaiCipherSpi.java
+++ /dev/null

@@ -1,260 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.mceliece;
-
-import java.io.ByteArrayOutputStream;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.BadPaddingException;
-
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.util.DigestFactory;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceCCA2KeyParameters;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceKobaraImaiCipher;
-import org.bouncycastle.pqc.jcajce.provider.util.AsymmetricHybridCipher;
-
-public class McElieceKobaraImaiCipherSpi
-    extends AsymmetricHybridCipher
-    implements PKCSObjectIdentifiers, X509ObjectIdentifiers
-{
-
-    // TODO digest needed?
-    private Digest digest;
-    private McElieceKobaraImaiCipher cipher;
-
-    /**
-     * buffer to store the input data
-     */
-    private ByteArrayOutputStream buf = new ByteArrayOutputStream();
-
-
-    public McElieceKobaraImaiCipherSpi()
-    {
-        buf = new ByteArrayOutputStream();
-    }
-
-    protected McElieceKobaraImaiCipherSpi(Digest digest, McElieceKobaraImaiCipher cipher)
-    {
-        this.digest = digest;
-        this.cipher = cipher;
-        buf = new ByteArrayOutputStream();
-    }
-
-    /**
-     * Continue a multiple-part encryption or decryption operation.
-     *
-     * @param input byte array containing the next part of the input
-     * @param inOff index in the array where the input starts
-     * @param inLen length of the input
-     * @return the processed byte array.
-     */
-    public byte[] update(byte[] input, int inOff, int inLen)
-    {
-        buf.write(input, inOff, inLen);
-        return new byte[0];
-    }
-
-
-    /**
-     * Encrypts or decrypts data in a single-part operation, or finishes a
-     * multiple-part operation. The data is encrypted or decrypted, depending on
-     * how this cipher was initialized.
-     *
-     * @param input the input buffer
-     * @param inOff the offset in input where the input starts
-     * @param inLen the input length
-     * @return the new buffer with the result
-     * @throws BadPaddingException if this cipher is in decryption mode, and (un)padding has
-     * been requested, but the decrypted data is not bounded by
-     * the appropriate padding bytes
-     */
-    public byte[] doFinal(byte[] input, int inOff, int inLen)
-        throws BadPaddingException
-    {
-        update(input, inOff, inLen);
-        if (opMode == ENCRYPT_MODE)
-        {
-            return cipher.messageEncrypt(this.pad());
-        }
-        else if (opMode == DECRYPT_MODE)
-        {
-            try
-            {
-                byte[] inputOfDecr = buf.toByteArray();
-                buf.reset();
-
-                return unpad(cipher.messageDecrypt(inputOfDecr));
-            }
-            catch (InvalidCipherTextException e)
-            {
-                throw new BadPaddingException(e.getMessage());
-            }
-        }
-        else
-        {
-            throw new IllegalStateException("unknown mode in doFinal");
-        }
-    }
-
-    protected int encryptOutputSize(int inLen)
-    {
-        return 0;
-    }
-
-    protected int decryptOutputSize(int inLen)
-    {
-        return 0;
-    }
-
-    protected void initCipherEncrypt(Key key, AlgorithmParameterSpec params,
-                                     SecureRandom sr)
-        throws InvalidKeyException,
-        InvalidAlgorithmParameterException
-    {
-
-        buf.reset();
-        CipherParameters param;
-        param = McElieceCCA2KeysToParams.generatePublicKeyParameter((PublicKey)key);
-
-        param = new ParametersWithRandom(param, sr);
-        digest.reset();
-        cipher.init(true, param);
-    }
-
-    protected void initCipherDecrypt(Key key, AlgorithmParameterSpec params)
-        throws InvalidKeyException, InvalidAlgorithmParameterException
-    {
-
-        buf.reset();
-        CipherParameters param;
-        param = McElieceCCA2KeysToParams.generatePrivateKeyParameter((PrivateKey)key);
-
-        digest.reset();
-        cipher.init(false, param);
-    }
-
-    public String getName()
-    {
-        return "McElieceKobaraImaiCipher";
-    }
-
-    public int getKeySize(Key key)
-        throws InvalidKeyException
-    {
-        McElieceCCA2KeyParameters mcElieceCCA2KeyParameters;
-        if (key instanceof PublicKey)
-        {
-            mcElieceCCA2KeyParameters = (McElieceCCA2KeyParameters)McElieceCCA2KeysToParams.generatePublicKeyParameter((PublicKey)key);
-            return cipher.getKeySize(mcElieceCCA2KeyParameters);
-        }
-        else if (key instanceof PrivateKey)
-        {
-            mcElieceCCA2KeyParameters = (McElieceCCA2KeyParameters)McElieceCCA2KeysToParams.generatePrivateKeyParameter((PrivateKey)key);
-            return cipher.getKeySize(mcElieceCCA2KeyParameters);
-        }
-        else
-        {
-            throw new InvalidKeyException();
-        }
-
-
-    }
-
-    /**
-     * Pad and return the message stored in the message buffer.
-     *
-     * @return the padded message
-     */
-    private byte[] pad()
-    {
-        buf.write(0x01);
-        byte[] result = buf.toByteArray();
-        buf.reset();
-        return result;
-    }
-
-    /**
-     * Unpad a message.
-     *
-     * @param pmBytes the padded message
-     * @return the message
-     * @throws BadPaddingException if the padded message is invalid.
-     */
-    private byte[] unpad(byte[] pmBytes)
-        throws BadPaddingException
-    {
-        // find first non-zero byte
-        int index;
-        for (index = pmBytes.length - 1; index >= 0 && pmBytes[index] == 0; index--)
-        {
-            ;
-        }
-
-        // check if padding byte is valid
-        if (pmBytes[index] != 0x01)
-        {
-            throw new BadPaddingException("invalid ciphertext");
-        }
-
-        // extract and return message
-        byte[] mBytes = new byte[index];
-        System.arraycopy(pmBytes, 0, mBytes, 0, index);
-        return mBytes;
-    }
-
-    static public class McElieceKobaraImai
-        extends McElieceKobaraImaiCipherSpi
-    {
-        public McElieceKobaraImai()
-        {
-            super(DigestFactory.createSHA1(), new McElieceKobaraImaiCipher());
-        }
-    }
-
-    static public class McElieceKobaraImai224
-        extends McElieceKobaraImaiCipherSpi
-    {
-        public McElieceKobaraImai224()
-        {
-            super(DigestFactory.createSHA224(), new McElieceKobaraImaiCipher());
-        }
-    }
-
-    static public class McElieceKobaraImai256
-        extends McElieceKobaraImaiCipherSpi
-    {
-        public McElieceKobaraImai256()
-        {
-            super(DigestFactory.createSHA256(), new McElieceKobaraImaiCipher());
-        }
-    }
-
-    static public class McElieceKobaraImai384
-        extends McElieceKobaraImaiCipherSpi
-    {
-        public McElieceKobaraImai384()
-        {
-            super(DigestFactory.createSHA384(), new McElieceKobaraImaiCipher());
-        }
-    }
-
-    static public class McElieceKobaraImai512
-        extends McElieceKobaraImaiCipherSpi
-    {
-        public McElieceKobaraImai512()
-        {
-            super(DigestFactory.createSHA512(), new McElieceKobaraImaiCipher());
-        }
-    }
-
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McEliecePKCSCipherSpi.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McEliecePKCSCipherSpi.java
deleted file mode 100644
index e4ff43f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McEliecePKCSCipherSpi.java
+++ /dev/null

@@ -1,120 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.mceliece;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.BadPaddingException;
-import javax.crypto.IllegalBlockSizeException;
-
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceCipher;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceKeyParameters;
-import org.bouncycastle.pqc.jcajce.provider.util.AsymmetricBlockCipher;
-
-public class McEliecePKCSCipherSpi
-    extends AsymmetricBlockCipher
-    implements PKCSObjectIdentifiers, X509ObjectIdentifiers
-{
-    private McElieceCipher cipher;
-
-    public McEliecePKCSCipherSpi(McElieceCipher cipher)
-    {
-        this.cipher = cipher;
-    }
-
-    protected void initCipherEncrypt(Key key, AlgorithmParameterSpec params,
-                                     SecureRandom sr)
-        throws InvalidKeyException,
-        InvalidAlgorithmParameterException
-    {
-
-        CipherParameters param;
-        param = McElieceKeysToParams.generatePublicKeyParameter((PublicKey)key);
-
-        param = new ParametersWithRandom(param, sr);
-        cipher.init(true, param);
-        this.maxPlainTextSize = cipher.maxPlainTextSize;
-        this.cipherTextSize = cipher.cipherTextSize;
-    }
-
-    protected void initCipherDecrypt(Key key, AlgorithmParameterSpec params)
-        throws InvalidKeyException, InvalidAlgorithmParameterException
-    {
-        CipherParameters param;
-        param = McElieceKeysToParams.generatePrivateKeyParameter((PrivateKey)key);
-
-        cipher.init(false, param);
-        this.maxPlainTextSize = cipher.maxPlainTextSize;
-        this.cipherTextSize = cipher.cipherTextSize;
-    }
-
-    protected byte[] messageEncrypt(byte[] input)
-        throws IllegalBlockSizeException, BadPaddingException
-    {
-        byte[] output = null;
-        try
-        {
-            output = cipher.messageEncrypt(input);
-        }
-        catch (Exception e)
-        {
-            e.printStackTrace();
-        }
-        return output;
-    }
-
-    protected byte[] messageDecrypt(byte[] input)
-        throws IllegalBlockSizeException, BadPaddingException
-    {
-        byte[] output = null;
-        try
-        {
-            output = cipher.messageDecrypt(input);
-        }
-        catch (Exception e)
-        {
-            e.printStackTrace();
-        }
-        return output;
-    }
-
-    public String getName()
-    {
-        return "McEliecePKCS";
-    }
-
-    public int getKeySize(Key key)
-        throws InvalidKeyException
-    {
-        McElieceKeyParameters mcElieceKeyParameters;
-        if (key instanceof PublicKey)
-        {
-            mcElieceKeyParameters = (McElieceKeyParameters)McElieceKeysToParams.generatePublicKeyParameter((PublicKey)key);
-        }
-        else
-        {
-            mcElieceKeyParameters = (McElieceKeyParameters)McElieceKeysToParams.generatePrivateKeyParameter((PrivateKey)key);
-
-        }
-
-
-        return cipher.getKeySize(mcElieceKeyParameters);
-    }
-
-    static public class McEliecePKCS
-        extends McEliecePKCSCipherSpi
-    {
-        public McEliecePKCS()
-        {
-            super(new McElieceCipher());
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McEliecePointchevalCipherSpi.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McEliecePointchevalCipherSpi.java
deleted file mode 100644
index 0e4208e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/McEliecePointchevalCipherSpi.java
+++ /dev/null

@@ -1,199 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.mceliece;
-
-import java.io.ByteArrayOutputStream;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.BadPaddingException;
-
-import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
-import org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.InvalidCipherTextException;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.crypto.util.DigestFactory;
-import org.bouncycastle.pqc.crypto.mceliece.McElieceCCA2KeyParameters;
-import org.bouncycastle.pqc.crypto.mceliece.McEliecePointchevalCipher;
-import org.bouncycastle.pqc.jcajce.provider.util.AsymmetricHybridCipher;
-
-public class McEliecePointchevalCipherSpi
-    extends AsymmetricHybridCipher
-    implements PKCSObjectIdentifiers, X509ObjectIdentifiers
-{
-    // TODO digest needed?
-    private Digest digest;
-    private McEliecePointchevalCipher cipher;
-
-    /**
-     * buffer to store the input data
-     */
-    private ByteArrayOutputStream buf = new ByteArrayOutputStream();
-
-
-    protected McEliecePointchevalCipherSpi(Digest digest, McEliecePointchevalCipher cipher)
-    {
-        this.digest = digest;
-        this.cipher = cipher;
-        buf = new ByteArrayOutputStream();
-    }
-
-    /**
-     * Continue a multiple-part encryption or decryption operation.
-     *
-     * @param input byte array containing the next part of the input
-     * @param inOff index in the array where the input starts
-     * @param inLen length of the input
-     * @return the processed byte array.
-     */
-    public byte[] update(byte[] input, int inOff, int inLen)
-    {
-        buf.write(input, inOff, inLen);
-        return new byte[0];
-    }
-
-
-    /**
-     * Encrypts or decrypts data in a single-part operation, or finishes a
-     * multiple-part operation. The data is encrypted or decrypted, depending on
-     * how this cipher was initialized.
-     *
-     * @param input the input buffer
-     * @param inOff the offset in input where the input starts
-     * @param inLen the input length
-     * @return the new buffer with the result
-     * @throws BadPaddingException on deryption errors.
-     */
-    public byte[] doFinal(byte[] input, int inOff, int inLen)
-        throws BadPaddingException
-    {
-        update(input, inOff, inLen);
-        byte[] data = buf.toByteArray();
-        buf.reset();
-        if (opMode == ENCRYPT_MODE)
-        {
-            return cipher.messageEncrypt(data);
-        }
-        else if (opMode == DECRYPT_MODE)
-        {
-            try
-            {
-                return cipher.messageDecrypt(data);
-            }
-            catch (InvalidCipherTextException e)
-            {
-                throw new BadPaddingException(e.getMessage());
-            }
-        }
-        return null;
-    }
-
-    protected int encryptOutputSize(int inLen)
-    {
-        return 0;
-    }
-
-    protected int decryptOutputSize(int inLen)
-    {
-        return 0;
-    }
-
-    protected void initCipherEncrypt(Key key, AlgorithmParameterSpec params,
-                                     SecureRandom sr)
-        throws InvalidKeyException,
-        InvalidAlgorithmParameterException
-    {
-        CipherParameters param;
-        param = McElieceCCA2KeysToParams.generatePublicKeyParameter((PublicKey)key);
-
-        param = new ParametersWithRandom(param, sr);
-        digest.reset();
-        cipher.init(true, param);
-    }
-
-    protected void initCipherDecrypt(Key key, AlgorithmParameterSpec params)
-        throws InvalidKeyException, InvalidAlgorithmParameterException
-    {
-        CipherParameters param;
-        param = McElieceCCA2KeysToParams.generatePrivateKeyParameter((PrivateKey)key);
-
-        digest.reset();
-        cipher.init(false, param);
-    }
-
-    public String getName()
-    {
-        return "McEliecePointchevalCipher";
-    }
-
-
-    public int getKeySize(Key key)
-        throws InvalidKeyException
-    {
-        McElieceCCA2KeyParameters mcElieceCCA2KeyParameters;
-        if (key instanceof PublicKey)
-        {
-            mcElieceCCA2KeyParameters = (McElieceCCA2KeyParameters)McElieceCCA2KeysToParams.generatePublicKeyParameter((PublicKey)key);
-        }
-        else
-        {
-            mcElieceCCA2KeyParameters = (McElieceCCA2KeyParameters)McElieceCCA2KeysToParams.generatePrivateKeyParameter((PrivateKey)key);
-        }
-
-        return cipher.getKeySize(mcElieceCCA2KeyParameters);
-    }
-
-    //////////////////////////////////////////////////////////////////////////////////77
-
-    static public class McEliecePointcheval
-        extends McEliecePointchevalCipherSpi
-    {
-        public McEliecePointcheval()
-        {
-            super(DigestFactory.createSHA1(), new McEliecePointchevalCipher());
-        }
-    }
-
-    static public class McEliecePointcheval224
-        extends McEliecePointchevalCipherSpi
-    {
-        public McEliecePointcheval224()
-        {
-            super(DigestFactory.createSHA224(), new McEliecePointchevalCipher());
-        }
-    }
-
-    static public class McEliecePointcheval256
-        extends McEliecePointchevalCipherSpi
-    {
-        public McEliecePointcheval256()
-        {
-            super(DigestFactory.createSHA256(), new McEliecePointchevalCipher());
-        }
-    }
-
-    static public class McEliecePointcheval384
-        extends McEliecePointchevalCipherSpi
-    {
-        public McEliecePointcheval384()
-        {
-            super(DigestFactory.createSHA384(), new McEliecePointchevalCipher());
-        }
-    }
-
-    static public class McEliecePointcheval512
-        extends McEliecePointchevalCipherSpi
-    {
-        public McEliecePointcheval512()
-        {
-            super(DigestFactory.createSHA512(), new McEliecePointchevalCipher());
-        }
-    }
-
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/Utils.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/Utils.java
deleted file mode 100644
index eeaad76..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/mceliece/Utils.java
+++ /dev/null

@@ -1,62 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.mceliece;
-
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.util.DigestFactory;
-
-class Utils
-{
-    static AlgorithmIdentifier getDigAlgId(String digestName)
-    {
-        if (digestName.equals("SHA-1"))
-        {
-            return new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE);
-        }
-        if (digestName.equals("SHA-224"))
-        {
-            return new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, DERNull.INSTANCE);
-        }
-        if (digestName.equals("SHA-256"))
-        {
-            return new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, DERNull.INSTANCE);
-        }
-        if (digestName.equals("SHA-384"))
-        {
-            return new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha384, DERNull.INSTANCE);
-        }
-        if (digestName.equals("SHA-512"))
-        {
-            return new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512, DERNull.INSTANCE);
-        }
-
-        throw new IllegalArgumentException("unrecognised digest algorithm: " + digestName);
-    }
-
-    static Digest getDigest(AlgorithmIdentifier digest)
-    {
-        if (digest.getAlgorithm().equals(OIWObjectIdentifiers.idSHA1))
-        {
-            return DigestFactory.createSHA1();
-        }
-        if (digest.getAlgorithm().equals(NISTObjectIdentifiers.id_sha224))
-        {
-            return DigestFactory.createSHA224();
-        }
-        if (digest.getAlgorithm().equals(NISTObjectIdentifiers.id_sha256))
-        {
-            return DigestFactory.createSHA256();
-        }
-        if (digest.getAlgorithm().equals(NISTObjectIdentifiers.id_sha384))
-        {
-            return DigestFactory.createSHA384();
-        }
-        if (digest.getAlgorithm().equals(NISTObjectIdentifiers.id_sha512))
-        {
-            return DigestFactory.createSHA512();
-        }
-        throw new IllegalArgumentException("unrecognised OID in digest algorithm identifier: " + digest.getAlgorithm());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/newhope/BCNHPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/newhope/BCNHPrivateKey.java
deleted file mode 100644
index 92d67c6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/newhope/BCNHPrivateKey.java
+++ /dev/null

@@ -1,121 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.newhope;
-
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.pqc.crypto.newhope.NHPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.util.PrivateKeyFactory;
-import org.bouncycastle.pqc.crypto.util.PrivateKeyInfoFactory;
-import org.bouncycastle.pqc.jcajce.interfaces.NHPrivateKey;
-import org.bouncycastle.util.Arrays;
-
-public class BCNHPrivateKey
-    implements NHPrivateKey
-{
-    private static final long serialVersionUID = 1L;
-
-    private transient NHPrivateKeyParameters params;
-    private transient ASN1Set attributes;
-
-    public BCNHPrivateKey(
-        NHPrivateKeyParameters params)
-    {
-        this.params = params;
-    }
-
-    public BCNHPrivateKey(PrivateKeyInfo keyInfo)
-        throws IOException
-    {
-        init(keyInfo);
-    }
-
-    private void init(PrivateKeyInfo keyInfo)
-        throws IOException
-    {
-        this.attributes = keyInfo.getAttributes();
-        this.params = (NHPrivateKeyParameters)PrivateKeyFactory.createKey(keyInfo);
-    }
-
-    /**
-     * Compare this NH private key with another object.
-     *
-     * @param o the other object
-     * @return the result of the comparison
-     */
-    public boolean equals(Object o)
-    {
-        if (!(o instanceof BCNHPrivateKey))
-        {
-            return false;
-        }
-        BCNHPrivateKey otherKey = (BCNHPrivateKey)o;
-
-        return Arrays.areEqual(params.getSecData(), otherKey.params.getSecData());
-    }
-
-    public int hashCode()
-    {
-        return Arrays.hashCode(params.getSecData());
-    }
-
-    /**
-     * @return name of the algorithm - "NH"
-     */
-    public final String getAlgorithm()
-    {
-        return "NH";
-    }
-
-    public byte[] getEncoded()
-    {
-        try
-        {
-            PrivateKeyInfo pki = PrivateKeyInfoFactory.createPrivateKeyInfo(params, attributes);
-
-            return pki.getEncoded();
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-    }
-
-    public String getFormat()
-    {
-        return "PKCS#8";
-    }
-
-    public short[] getSecretData()
-    {
-        return params.getSecData();
-    }
-
-    CipherParameters getKeyParams()
-    {
-        return params;
-    }
-
-    private void readObject(
-        ObjectInputStream in)
-        throws IOException, ClassNotFoundException
-    {
-        in.defaultReadObject();
-
-        byte[] enc = (byte[])in.readObject();
-
-        init(PrivateKeyInfo.getInstance(enc));
-    }
-
-    private void writeObject(
-        ObjectOutputStream out)
-        throws IOException
-    {
-        out.defaultWriteObject();
-
-        out.writeObject(this.getEncoded());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/newhope/BCNHPublicKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/newhope/BCNHPublicKey.java
deleted file mode 100644
index 0b4dc23..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/newhope/BCNHPublicKey.java
+++ /dev/null

@@ -1,118 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.newhope;
-
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.pqc.crypto.newhope.NHPublicKeyParameters;
-import org.bouncycastle.pqc.crypto.util.PublicKeyFactory;
-import org.bouncycastle.pqc.crypto.util.SubjectPublicKeyInfoFactory;
-import org.bouncycastle.pqc.jcajce.interfaces.NHPublicKey;
-import org.bouncycastle.util.Arrays;
-
-public class BCNHPublicKey
-    implements NHPublicKey
-{
-    private static final long serialVersionUID = 1L;
-
-    private transient NHPublicKeyParameters params;
-
-    public BCNHPublicKey(
-        NHPublicKeyParameters params)
-    {
-        this.params = params;
-    }
-
-    public BCNHPublicKey(SubjectPublicKeyInfo keyInfo)
-        throws IOException
-    {
-        init(keyInfo);
-    }
-
-    private void init(SubjectPublicKeyInfo keyInfo)
-        throws IOException
-    {
-        this.params = (NHPublicKeyParameters)PublicKeyFactory.createKey(keyInfo);
-    }
-
-    /**
-     * Compare this SPHINCS-256 public key with another object.
-     *
-     * @param o the other object
-     * @return the result of the comparison
-     */
-    public boolean equals(Object o)
-    {
-        if (o == null || !(o instanceof BCNHPublicKey))
-        {
-            return false;
-        }
-        BCNHPublicKey otherKey = (BCNHPublicKey)o;
-
-        return Arrays.areEqual(params.getPubData(), otherKey.params.getPubData());
-    }
-
-    public int hashCode()
-    {
-        return Arrays.hashCode(params.getPubData());
-    }
-
-    /**
-     * @return name of the algorithm - "NH"
-     */
-    public final String getAlgorithm()
-    {
-        return "NH";
-    }
-
-    public byte[] getEncoded()
-    {
-        try
-        {
-            SubjectPublicKeyInfo pki = SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(params);
-
-            return pki.getEncoded();
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-    }
-
-    public String getFormat()
-    {
-        return "X.509";
-    }
-
-    public byte[] getPublicData()
-    {
-        return params.getPubData();
-    }
-
-    CipherParameters getKeyParams()
-    {
-        return params;
-    }
-
-    private void readObject(
-         ObjectInputStream in)
-         throws IOException, ClassNotFoundException
-     {
-         in.defaultReadObject();
-
-         byte[] enc = (byte[])in.readObject();
-
-         init(SubjectPublicKeyInfo.getInstance(enc));
-     }
-
-     private void writeObject(
-         ObjectOutputStream out)
-         throws IOException
-     {
-         out.defaultWriteObject();
-
-         out.writeObject(this.getEncoded());
-     }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/newhope/KeyAgreementSpi.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/newhope/KeyAgreementSpi.java
deleted file mode 100644
index c06424d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/newhope/KeyAgreementSpi.java
+++ /dev/null

@@ -1,104 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.newhope;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.ShortBufferException;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.jcajce.provider.asymmetric.util.BaseAgreementSpi;
-import org.bouncycastle.pqc.crypto.ExchangePair;
-import org.bouncycastle.pqc.crypto.newhope.NHAgreement;
-import org.bouncycastle.pqc.crypto.newhope.NHExchangePairGenerator;
-import org.bouncycastle.pqc.crypto.newhope.NHPublicKeyParameters;
-import org.bouncycastle.util.Arrays;
-
-public class KeyAgreementSpi
-    extends BaseAgreementSpi
-{
-    private NHAgreement agreement;
-    private BCNHPublicKey otherPartyKey;
-    private NHExchangePairGenerator exchangePairGenerator;
-
-    private byte[] shared;
-
-    public KeyAgreementSpi()
-    {
-        super("NH", null);
-    }
-
-    protected void engineInit(Key key, SecureRandom secureRandom)
-        throws InvalidKeyException
-    {
-        if (key != null)
-        {
-            agreement = new NHAgreement();
-
-            agreement.init(((BCNHPrivateKey)key).getKeyParams());
-        }
-        else
-        {
-            exchangePairGenerator = new NHExchangePairGenerator(secureRandom);
-        }
-    }
-
-    protected void engineInit(Key key, AlgorithmParameterSpec algorithmParameterSpec, SecureRandom secureRandom)
-        throws InvalidKeyException, InvalidAlgorithmParameterException
-    {
-        throw new InvalidAlgorithmParameterException("NewHope does not require parameters");
-    }
-
-    protected Key engineDoPhase(Key key, boolean lastPhase)
-        throws InvalidKeyException, IllegalStateException
-    {
-        if (!lastPhase)
-        {
-            throw new IllegalStateException("NewHope can only be between two parties.");
-        }
-
-        otherPartyKey = (BCNHPublicKey)key;
-
-        if (exchangePairGenerator != null)
-        {
-            ExchangePair exchPair = exchangePairGenerator.generateExchange((AsymmetricKeyParameter)otherPartyKey.getKeyParams());
-
-            shared = exchPair.getSharedValue();
-
-            return new BCNHPublicKey((NHPublicKeyParameters)exchPair.getPublicKey());
-        }
-        else
-        {
-            shared = agreement.calculateAgreement(otherPartyKey.getKeyParams());
-
-            return null;
-        }
-    }
-
-    protected byte[] engineGenerateSecret()
-        throws IllegalStateException
-    {
-        byte[] rv = Arrays.clone(shared);
-
-        Arrays.fill(shared, (byte)0);
-
-        return rv;
-    }
-
-    protected int engineGenerateSecret(byte[] bytes, int offset)
-        throws IllegalStateException, ShortBufferException
-    {
-        System.arraycopy(shared, 0, bytes, offset, shared.length);
-
-        Arrays.fill(shared, (byte)0);
-
-        return shared.length;
-    }
-
-    protected byte[] calcSecret()
-    {
-        return engineGenerateSecret();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/newhope/NHKeyFactorySpi.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/newhope/NHKeyFactorySpi.java
deleted file mode 100644
index 179eca7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/newhope/NHKeyFactorySpi.java
+++ /dev/null

@@ -1,116 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.newhope;
-
-import java.io.IOException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.KeyFactorySpi;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.KeySpec;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.jcajce.provider.util.AsymmetricKeyInfoConverter;
-
-public class NHKeyFactorySpi
-    extends KeyFactorySpi
-    implements AsymmetricKeyInfoConverter
-{
-    public PrivateKey engineGeneratePrivate(KeySpec keySpec)
-        throws InvalidKeySpecException
-    {
-        if (keySpec instanceof PKCS8EncodedKeySpec)
-        {
-            // get the DER-encoded Key according to PKCS#8 from the spec
-            byte[] encKey = ((PKCS8EncodedKeySpec)keySpec).getEncoded();
-
-            try
-            {
-                return generatePrivate(PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(encKey)));
-            }
-            catch (Exception e)
-            {
-                throw new InvalidKeySpecException(e.toString());
-            }
-        }
-
-        throw new InvalidKeySpecException("Unsupported key specification: "
-            + keySpec.getClass() + ".");
-    }
-
-    public PublicKey engineGeneratePublic(KeySpec keySpec)
-        throws InvalidKeySpecException
-    {
-        if (keySpec instanceof X509EncodedKeySpec)
-        {
-            // get the DER-encoded Key according to X.509 from the spec
-            byte[] encKey = ((X509EncodedKeySpec)keySpec).getEncoded();
-
-            // decode the SubjectPublicKeyInfo data structure to the pki object
-            try
-            {
-                return generatePublic(SubjectPublicKeyInfo.getInstance(encKey));
-            }
-            catch (Exception e)
-            {
-                throw new InvalidKeySpecException(e.toString());
-            }
-        }
-
-        throw new InvalidKeySpecException("Unknown key specification: " + keySpec + ".");
-    }
-
-    public final KeySpec engineGetKeySpec(Key key, Class keySpec)
-        throws InvalidKeySpecException
-    {
-        if (key instanceof BCNHPrivateKey)
-        {
-            if (PKCS8EncodedKeySpec.class.isAssignableFrom(keySpec))
-            {
-                return new PKCS8EncodedKeySpec(key.getEncoded());
-            }
-        }
-        else if (key instanceof BCNHPublicKey)
-        {
-            if (X509EncodedKeySpec.class.isAssignableFrom(keySpec))
-            {
-                return new X509EncodedKeySpec(key.getEncoded());
-            }
-        }
-        else
-        {
-            throw new InvalidKeySpecException("Unsupported key type: "
-                + key.getClass() + ".");
-        }
-
-        throw new InvalidKeySpecException("Unknown key specification: "
-            + keySpec + ".");
-    }
-
-    public final Key engineTranslateKey(Key key)
-        throws InvalidKeyException
-    {
-        if (key instanceof BCNHPrivateKey || key instanceof BCNHPublicKey)
-        {
-            return key;
-        }
-
-        throw new InvalidKeyException("Unsupported key type");
-    }
-
-    public PrivateKey generatePrivate(PrivateKeyInfo keyInfo)
-        throws IOException
-    {
-        return new BCNHPrivateKey(keyInfo);
-    }
-
-    public PublicKey generatePublic(SubjectPublicKeyInfo keyInfo)
-        throws IOException
-    {
-        return new BCNHPublicKey(keyInfo);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/newhope/NHKeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/newhope/NHKeyPairGeneratorSpi.java
deleted file mode 100644
index b10f66e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/newhope/NHKeyPairGeneratorSpi.java
+++ /dev/null

@@ -1,62 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.newhope;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyPair;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.KeyGenerationParameters;
-import org.bouncycastle.pqc.crypto.newhope.NHKeyPairGenerator;
-import org.bouncycastle.pqc.crypto.newhope.NHPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.newhope.NHPublicKeyParameters;
-
-public class NHKeyPairGeneratorSpi
-    extends java.security.KeyPairGenerator
-{
-    NHKeyPairGenerator engine = new NHKeyPairGenerator();
-
-    SecureRandom random = CryptoServicesRegistrar.getSecureRandom();
-    boolean initialised = false;
-
-    public NHKeyPairGeneratorSpi()
-    {
-        super("NH");
-    }
-
-    public void initialize(
-        int strength,
-        SecureRandom random)
-    {
-        if (strength != 1024)
-        {
-            throw new IllegalArgumentException("strength must be 1024 bits");
-        }
-        engine.init(new KeyGenerationParameters(random, 1024));
-        initialised = true;
-    }
-
-    public void initialize(
-        AlgorithmParameterSpec params,
-        SecureRandom random)
-        throws InvalidAlgorithmParameterException
-    {
-        throw new InvalidAlgorithmParameterException("parameter object not recognised");
-    }
-
-    public KeyPair generateKeyPair()
-    {
-        if (!initialised)
-        {
-            engine.init(new KeyGenerationParameters(random, 1024));
-            initialised = true;
-        }
-
-        AsymmetricCipherKeyPair pair = engine.generateKeyPair();
-        NHPublicKeyParameters pub = (NHPublicKeyParameters)pair.getPublic();
-        NHPrivateKeyParameters priv = (NHPrivateKeyParameters)pair.getPrivate();
-
-        return new KeyPair(new BCNHPublicKey(pub), new BCNHPrivateKey(priv));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/qtesla/BCqTESLAPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/qtesla/BCqTESLAPrivateKey.java
deleted file mode 100644
index 9847711..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/qtesla/BCqTESLAPrivateKey.java
+++ /dev/null

@@ -1,126 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.qtesla;
-
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.security.PrivateKey;
-
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.pqc.crypto.qtesla.QTESLAPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.qtesla.QTESLASecurityCategory;
-import org.bouncycastle.pqc.crypto.util.PrivateKeyFactory;
-import org.bouncycastle.pqc.crypto.util.PrivateKeyInfoFactory;
-import org.bouncycastle.pqc.jcajce.interfaces.QTESLAKey;
-import org.bouncycastle.pqc.jcajce.spec.QTESLAParameterSpec;
-import org.bouncycastle.util.Arrays;
-
-public class BCqTESLAPrivateKey
-    implements PrivateKey, QTESLAKey
-{
-    private static final long serialVersionUID = 1L;
-
-    private transient QTESLAPrivateKeyParameters keyParams;
-    private transient ASN1Set attributes;
-
-    public BCqTESLAPrivateKey(
-        QTESLAPrivateKeyParameters keyParams)
-    {
-        this.keyParams = keyParams;
-    }
-
-    public BCqTESLAPrivateKey(PrivateKeyInfo keyInfo)
-        throws IOException
-    {
-        init(keyInfo);
-    }
-
-    private void init(PrivateKeyInfo keyInfo)
-        throws IOException
-    {
-        this.attributes = keyInfo.getAttributes();
-        this.keyParams = (QTESLAPrivateKeyParameters)PrivateKeyFactory.createKey(keyInfo);
-    }
-
-    /**
-     * @return name of the algorithm
-     */
-    public final String getAlgorithm()
-    {
-        return QTESLASecurityCategory.getName(keyParams.getSecurityCategory());
-    }
-
-    public String getFormat()
-    {
-        return "PKCS#8";
-    }
-
-    public QTESLAParameterSpec getParams()
-    {
-        return new QTESLAParameterSpec(getAlgorithm());
-    }
-
-    public byte[] getEncoded()
-    {
-        PrivateKeyInfo pki;
-        try
-        {
-            pki = PrivateKeyInfoFactory.createPrivateKeyInfo(keyParams, attributes);
-
-            return pki.getEncoded();
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-    }
-
-    public boolean equals(Object o)
-    {
-        if (o == this)
-        {
-            return true;
-        }
-
-        if (o instanceof BCqTESLAPrivateKey)
-        {
-            BCqTESLAPrivateKey otherKey = (BCqTESLAPrivateKey)o;
-
-            return keyParams.getSecurityCategory() == otherKey.keyParams.getSecurityCategory()
-                && Arrays.areEqual(keyParams.getSecret(), otherKey.keyParams.getSecret());
-        }
-
-        return false;
-    }
-
-    public int hashCode()
-    {
-        return keyParams.getSecurityCategory() + 37 * Arrays.hashCode(keyParams.getSecret());
-    }
-
-    CipherParameters getKeyParams()
-    {
-        return keyParams;
-    }
-
-    private void readObject(
-        ObjectInputStream in)
-        throws IOException, ClassNotFoundException
-    {
-        in.defaultReadObject();
-
-        byte[] enc = (byte[])in.readObject();
-
-        init(PrivateKeyInfo.getInstance(enc));
-    }
-
-    private void writeObject(
-        ObjectOutputStream out)
-        throws IOException
-    {
-        out.defaultWriteObject();
-
-        out.writeObject(this.getEncoded());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/qtesla/BCqTESLAPublicKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/qtesla/BCqTESLAPublicKey.java
deleted file mode 100644
index 7324f8e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/qtesla/BCqTESLAPublicKey.java
+++ /dev/null

@@ -1,122 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.qtesla;
-
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.security.PublicKey;
-
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.pqc.crypto.qtesla.QTESLAPublicKeyParameters;
-import org.bouncycastle.pqc.crypto.qtesla.QTESLASecurityCategory;
-import org.bouncycastle.pqc.crypto.util.PublicKeyFactory;
-import org.bouncycastle.pqc.crypto.util.SubjectPublicKeyInfoFactory;
-import org.bouncycastle.pqc.jcajce.interfaces.QTESLAKey;
-import org.bouncycastle.pqc.jcajce.spec.QTESLAParameterSpec;
-import org.bouncycastle.util.Arrays;
-
-public class BCqTESLAPublicKey
-    implements PublicKey, QTESLAKey
-{
-    private static final long serialVersionUID = 1L;
-
-    private transient QTESLAPublicKeyParameters keyParams;
-
-    public BCqTESLAPublicKey(
-        QTESLAPublicKeyParameters keyParams)
-    {
-        this.keyParams = keyParams;
-    }
-
-    public BCqTESLAPublicKey(SubjectPublicKeyInfo keyInfo)
-        throws IOException
-    {
-        init(keyInfo);
-    }
-
-    private void init(SubjectPublicKeyInfo keyInfo)
-        throws IOException
-    {
-        this.keyParams = (QTESLAPublicKeyParameters)PublicKeyFactory.createKey(keyInfo);
-    }
-
-    /**
-     * @return name of the algorithm
-     */
-    public final String getAlgorithm()
-    {
-        return QTESLASecurityCategory.getName(keyParams.getSecurityCategory());
-    }
-
-    public byte[] getEncoded()
-    {
-        try
-        {
-            SubjectPublicKeyInfo pki = SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(keyParams);
-
-            return pki.getEncoded();
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-    }
-
-    public String getFormat()
-    {
-        return "X.509";
-    }
-
-    public QTESLAParameterSpec getParams()
-    {
-        return new QTESLAParameterSpec(getAlgorithm());
-    }
-    
-    CipherParameters getKeyParams()
-    {
-        return keyParams;
-    }
-
-    public boolean equals(Object o)
-    {
-        if (o == this)
-        {
-            return true;
-        }
-
-        if (o instanceof BCqTESLAPublicKey)
-        {
-            BCqTESLAPublicKey otherKey = (BCqTESLAPublicKey)o;
-
-            return keyParams.getSecurityCategory() == otherKey.keyParams.getSecurityCategory()
-                && Arrays.areEqual(keyParams.getPublicData(), otherKey.keyParams.getPublicData());
-        }
-
-        return false;
-    }
-
-    public int hashCode()
-    {
-        return keyParams.getSecurityCategory() + 37 * Arrays.hashCode(keyParams.getPublicData());
-    }
-
-    private void readObject(
-        ObjectInputStream in)
-        throws IOException, ClassNotFoundException
-    {
-        in.defaultReadObject();
-
-        byte[] enc = (byte[])in.readObject();
-
-        init(SubjectPublicKeyInfo.getInstance(enc));
-    }
-
-    private void writeObject(
-        ObjectOutputStream out)
-        throws IOException
-    {
-        out.defaultWriteObject();
-
-        out.writeObject(this.getEncoded());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/qtesla/DigestUtil.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/qtesla/DigestUtil.java
deleted file mode 100644
index 4af55b7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/qtesla/DigestUtil.java
+++ /dev/null

@@ -1,60 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.qtesla;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Xof;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.digests.SHAKEDigest;
-
-class DigestUtil
-{
-    static Digest getDigest(ASN1ObjectIdentifier oid)
-    {
-        if (oid.equals(NISTObjectIdentifiers.id_sha256))
-        {
-            return new SHA256Digest();
-        }
-        if (oid.equals(NISTObjectIdentifiers.id_sha512))
-        {
-            return new SHA512Digest();
-        }
-        if (oid.equals(NISTObjectIdentifiers.id_shake128))
-        {
-            return new SHAKEDigest(128);
-        }
-        if (oid.equals(NISTObjectIdentifiers.id_shake256))
-        {
-            return new SHAKEDigest(256);
-        }
-
-        throw new IllegalArgumentException("unrecognized digest OID: " + oid);
-    }
-
-    public static byte[] getDigestResult(Digest digest)
-    {
-        byte[] hash = new byte[DigestUtil.getDigestSize(digest)];
-
-        if (digest instanceof Xof)
-        {
-            ((Xof)digest).doFinal(hash, 0, hash.length);
-        }
-        else
-        {
-            digest.doFinal(hash, 0);
-        }
-
-        return hash;
-    }
-
-    public static int getDigestSize(Digest digest)
-    {
-        if (digest instanceof Xof)
-        {
-            return digest.getDigestSize() * 2;
-        }
-
-        return digest.getDigestSize();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/qtesla/KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/qtesla/KeyPairGeneratorSpi.java
deleted file mode 100644
index 3975cfd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/qtesla/KeyPairGeneratorSpi.java
+++ /dev/null

@@ -1,86 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.qtesla;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyPair;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-import java.util.HashMap;
-import java.util.Map;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.pqc.crypto.qtesla.QTESLAKeyGenerationParameters;
-import org.bouncycastle.pqc.crypto.qtesla.QTESLAKeyPairGenerator;
-import org.bouncycastle.pqc.crypto.qtesla.QTESLAPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.qtesla.QTESLAPublicKeyParameters;
-import org.bouncycastle.pqc.crypto.qtesla.QTESLASecurityCategory;
-import org.bouncycastle.pqc.jcajce.spec.QTESLAParameterSpec;
-import org.bouncycastle.util.Integers;
-
-public class KeyPairGeneratorSpi
-    extends java.security.KeyPairGenerator
-{
-    private static final Map catLookup = new HashMap();
-
-    static
-    {
-        catLookup.put(QTESLASecurityCategory.getName(QTESLASecurityCategory.HEURISTIC_I), Integers.valueOf(QTESLASecurityCategory.HEURISTIC_I));
-        catLookup.put(QTESLASecurityCategory.getName(QTESLASecurityCategory.HEURISTIC_III_SIZE), Integers.valueOf(QTESLASecurityCategory.HEURISTIC_III_SIZE));
-        catLookup.put(QTESLASecurityCategory.getName(QTESLASecurityCategory.HEURISTIC_III_SPEED), Integers.valueOf(QTESLASecurityCategory.HEURISTIC_III_SPEED));
-        catLookup.put(QTESLASecurityCategory.getName(QTESLASecurityCategory.PROVABLY_SECURE_I), Integers.valueOf(QTESLASecurityCategory.PROVABLY_SECURE_I));
-        catLookup.put(QTESLASecurityCategory.getName(QTESLASecurityCategory.PROVABLY_SECURE_III), Integers.valueOf(QTESLASecurityCategory.PROVABLY_SECURE_III));
-    }
-
-    private QTESLAKeyGenerationParameters param;
-    private QTESLAKeyPairGenerator engine = new QTESLAKeyPairGenerator();
-
-    private SecureRandom random = CryptoServicesRegistrar.getSecureRandom();
-    private boolean initialised = false;
-
-    public KeyPairGeneratorSpi()
-    {
-        super("qTESLA");
-    }
-
-    public void initialize(
-        int strength,
-        SecureRandom random)
-    {
-        throw new IllegalArgumentException("use AlgorithmParameterSpec");
-    }
-
-    public void initialize(
-        AlgorithmParameterSpec params,
-        SecureRandom random)
-        throws InvalidAlgorithmParameterException
-    {
-        if (!(params instanceof QTESLAParameterSpec))
-        {
-            throw new InvalidAlgorithmParameterException("parameter object not a QTESLAParameterSpec");
-        }
-
-        QTESLAParameterSpec qteslaParams = (QTESLAParameterSpec)params;
-
-        param = new QTESLAKeyGenerationParameters(((Integer)catLookup.get(qteslaParams.getSecurityCategory())).intValue(), random);
-
-        engine.init(param);
-        initialised = true;
-    }
-
-    public KeyPair generateKeyPair()
-    {
-        if (!initialised)
-        {
-            param = new QTESLAKeyGenerationParameters(QTESLASecurityCategory.PROVABLY_SECURE_I, random);
-
-            engine.init(param);
-            initialised = true;
-        }
-
-        AsymmetricCipherKeyPair pair = engine.generateKeyPair();
-        QTESLAPublicKeyParameters pub = (QTESLAPublicKeyParameters)pair.getPublic();
-        QTESLAPrivateKeyParameters priv = (QTESLAPrivateKeyParameters)pair.getPrivate();
-
-        return new KeyPair(new BCqTESLAPublicKey(pub), new BCqTESLAPrivateKey(priv));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/qtesla/QTESLAKeyFactorySpi.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/qtesla/QTESLAKeyFactorySpi.java
deleted file mode 100644
index 46e4847..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/qtesla/QTESLAKeyFactorySpi.java
+++ /dev/null

@@ -1,116 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.qtesla;
-
-import java.io.IOException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.KeyFactorySpi;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.KeySpec;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.jcajce.provider.util.AsymmetricKeyInfoConverter;
-
-public class QTESLAKeyFactorySpi
-    extends KeyFactorySpi
-    implements AsymmetricKeyInfoConverter
-{
-    public PrivateKey engineGeneratePrivate(KeySpec keySpec)
-        throws InvalidKeySpecException
-    {
-        if (keySpec instanceof PKCS8EncodedKeySpec)
-        {
-            // get the DER-encoded Key according to PKCS#8 from the spec
-            byte[] encKey = ((PKCS8EncodedKeySpec)keySpec).getEncoded();
-
-            try
-            {
-                return generatePrivate(PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(encKey)));
-            }
-            catch (Exception e)
-            {
-                throw new InvalidKeySpecException(e.toString());
-            }
-        }
-
-        throw new InvalidKeySpecException("Unsupported key specification: "
-            + keySpec.getClass() + ".");
-    }
-
-    public PublicKey engineGeneratePublic(KeySpec keySpec)
-        throws InvalidKeySpecException
-    {
-        if (keySpec instanceof X509EncodedKeySpec)
-        {
-            // get the DER-encoded Key according to X.509 from the spec
-            byte[] encKey = ((X509EncodedKeySpec)keySpec).getEncoded();
-
-            // decode the SubjectPublicKeyInfo data structure to the pki object
-            try
-            {
-                return generatePublic(SubjectPublicKeyInfo.getInstance(encKey));
-            }
-            catch (Exception e)
-            {
-                throw new InvalidKeySpecException(e.toString());
-            }
-        }
-
-        throw new InvalidKeySpecException("Unknown key specification: " + keySpec + ".");
-    }
-
-    public final KeySpec engineGetKeySpec(Key key, Class keySpec)
-        throws InvalidKeySpecException
-    {
-        if (key instanceof BCqTESLAPrivateKey)
-        {
-            if (PKCS8EncodedKeySpec.class.isAssignableFrom(keySpec))
-            {
-                return new PKCS8EncodedKeySpec(key.getEncoded());
-            }
-        }
-        else if (key instanceof BCqTESLAPublicKey)
-        {
-            if (X509EncodedKeySpec.class.isAssignableFrom(keySpec))
-            {
-                return new X509EncodedKeySpec(key.getEncoded());
-            }
-        }
-        else
-        {
-            throw new InvalidKeySpecException("Unsupported key type: "
-                + key.getClass() + ".");
-        }
-
-        throw new InvalidKeySpecException("Unknown key specification: "
-            + keySpec + ".");
-    }
-
-    public final Key engineTranslateKey(Key key)
-        throws InvalidKeyException
-    {
-        if (key instanceof BCqTESLAPrivateKey || key instanceof BCqTESLAPublicKey)
-        {
-            return key;
-        }
-
-        throw new InvalidKeyException("Unsupported key type");
-    }
-
-    public PrivateKey generatePrivate(PrivateKeyInfo keyInfo)
-        throws IOException
-    {
-        return new BCqTESLAPrivateKey(keyInfo);
-    }
-
-    public PublicKey generatePublic(SubjectPublicKeyInfo keyInfo)
-        throws IOException
-    {
-        return new BCqTESLAPublicKey(keyInfo);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/qtesla/SignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/qtesla/SignatureSpi.java
deleted file mode 100644
index fe3aa54..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/qtesla/SignatureSpi.java
+++ /dev/null

@@ -1,194 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.qtesla;
-
-import java.security.InvalidKeyException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Signature;
-import java.security.SignatureException;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.NullDigest;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.pqc.crypto.qtesla.QTESLASecurityCategory;
-import org.bouncycastle.pqc.crypto.qtesla.QTESLASigner;
-
-public class SignatureSpi
-    extends Signature
-{
-    protected SignatureSpi(String algorithm)
-    {
-        super(algorithm);
-    }
-
-    private Digest digest;
-    private QTESLASigner signer;
-    private SecureRandom random;
-
-    protected SignatureSpi(String sigName, Digest digest, QTESLASigner signer)
-    {
-        super(sigName);
-
-        this.digest = digest;
-        this.signer = signer;
-    }
-
-    protected void engineInitVerify(PublicKey publicKey)
-        throws InvalidKeyException
-    {
-        if (publicKey instanceof BCqTESLAPublicKey)
-        {
-            CipherParameters param = ((BCqTESLAPublicKey)publicKey).getKeyParams();
-            
-            digest.reset();
-            signer.init(false, param);
-        }
-        else
-        {
-            throw new InvalidKeyException("unknown public key passed to qTESLA");
-        }
-    }
-
-    protected void engineInitSign(PrivateKey privateKey, SecureRandom random)
-        throws InvalidKeyException
-    {
-        this.random = random;
-        engineInitSign(privateKey);
-    }
-
-    protected void engineInitSign(PrivateKey privateKey)
-        throws InvalidKeyException
-    {
-        if (privateKey instanceof BCqTESLAPrivateKey)
-        {
-            CipherParameters param = ((BCqTESLAPrivateKey)privateKey).getKeyParams();
-
-            if (random != null)
-            {
-                param = new ParametersWithRandom(param, random);
-            }
-
-            signer.init(true, param);
-        }
-        else
-        {
-            throw new InvalidKeyException("unknown private key passed to qTESLA");
-        }
-    }
-
-    protected void engineUpdate(byte b)
-        throws SignatureException
-    {
-        digest.update(b);
-    }
-
-    protected void engineUpdate(byte[] b, int off, int len)
-        throws SignatureException
-    {
-        digest.update(b, off, len);
-    }
-
-    protected byte[] engineSign()
-        throws SignatureException
-    {
-        try
-        {
-            byte[] hash = DigestUtil.getDigestResult(digest);
-
-            return signer.generateSignature(hash);
-        }
-        catch (Exception e)
-        {
-            if (e instanceof IllegalStateException)
-            {
-                throw new SignatureException(e.getMessage());
-            }
-            throw new SignatureException(e.toString());
-        }
-    }
-
-    protected boolean engineVerify(byte[] sigBytes)
-        throws SignatureException
-    {
-        byte[] hash = DigestUtil.getDigestResult(digest);
-
-        return signer.verifySignature(hash, sigBytes);
-    }
-
-    protected void engineSetParameter(AlgorithmParameterSpec params)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    /**
-     * @deprecated replaced with #engineSetParameter(java.security.spec.AlgorithmParameterSpec)
-     */
-    protected void engineSetParameter(String param, Object value)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    /**
-     * @deprecated
-     */
-    protected Object engineGetParameter(String param)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    static public class qTESLA
-        extends SignatureSpi
-    {
-        public qTESLA()
-        {
-            super("qTESLA", new NullDigest(), new QTESLASigner());
-        }
-    }
-
-    static public class HeuristicI
-        extends SignatureSpi
-    {
-        public HeuristicI()
-        {
-            super(QTESLASecurityCategory.getName(QTESLASecurityCategory.HEURISTIC_I), new NullDigest(), new QTESLASigner());
-        }
-    }
-
-    static public class HeuristicIIISize
-        extends SignatureSpi
-    {
-        public HeuristicIIISize()
-        {
-            super(QTESLASecurityCategory.getName(QTESLASecurityCategory.HEURISTIC_III_SIZE), new NullDigest(), new QTESLASigner());
-        }
-    }
-
-    static public class HeuristicIIISpeed
-        extends SignatureSpi
-    {
-        public HeuristicIIISpeed()
-        {
-            super(QTESLASecurityCategory.getName(QTESLASecurityCategory.HEURISTIC_III_SPEED), new NullDigest(), new QTESLASigner());
-        }
-    }
-
-    static public class ProvablySecureI
-        extends SignatureSpi
-    {
-        public ProvablySecureI()
-        {
-            super(QTESLASecurityCategory.getName(QTESLASecurityCategory.PROVABLY_SECURE_I), new NullDigest(), new QTESLASigner());
-        }
-    }
-
-    static public class ProvablySecureIII
-        extends SignatureSpi
-    {
-        public ProvablySecureIII()
-        {
-            super(QTESLASecurityCategory.getName(QTESLASecurityCategory.PROVABLY_SECURE_III), new NullDigest(), new QTESLASigner());
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/rainbow/BCRainbowPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/rainbow/BCRainbowPrivateKey.java
deleted file mode 100644
index 157508c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/rainbow/BCRainbowPrivateKey.java
+++ /dev/null

@@ -1,242 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.rainbow;
-
-import java.io.IOException;
-import java.security.PrivateKey;
-import java.util.Arrays;
-
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-import org.bouncycastle.pqc.asn1.RainbowPrivateKey;
-import org.bouncycastle.pqc.crypto.rainbow.Layer;
-import org.bouncycastle.pqc.crypto.rainbow.RainbowPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.rainbow.util.RainbowUtil;
-import org.bouncycastle.pqc.jcajce.spec.RainbowPrivateKeySpec;
-
-/**
- * The Private key in Rainbow consists of the linear affine maps L1, L2 and the
- * map F, consisting of quadratic polynomials. In this implementation, we
- * denote: L1 = A1*x + b1 L2 = A2*x + b2
- * <p>
- * The coefficients of the polynomials in F are stored in 3-dimensional arrays
- * per layer. The indices of these arrays denote the polynomial, and the
- * variables.
- * </p><p>
- * More detailed information about the private key is to be found in the paper
- * of Jintai Ding, Dieter Schmidt: Rainbow, a New Multivariable Polynomial
- * Signature Scheme. ACNS 2005: 164-175 (http://dx.doi.org/10.1007/11496137_12)
- * </p>
- */
-public class BCRainbowPrivateKey
-    implements PrivateKey
-{
-    private static final long serialVersionUID = 1L;
-
-    // the inverse of L1
-    private short[][] A1inv;
-
-    // translation vector element of L1
-    private short[] b1;
-
-    // the inverse of L2
-    private short[][] A2inv;
-
-    // translation vector of L2
-    private short[] b2;
-
-    /*
-      * components of F
-      */
-    private Layer[] layers;
-
-    // set of vinegar vars per layer.
-    private int[] vi;
-
-
-    /**
-     * Constructor.
-     *
-     * @param A1inv
-     * @param b1
-     * @param A2inv
-     * @param b2
-     * @param layers
-     */
-    public BCRainbowPrivateKey(short[][] A1inv, short[] b1, short[][] A2inv,
-                               short[] b2, int[] vi, Layer[] layers)
-    {
-        this.A1inv = A1inv;
-        this.b1 = b1;
-        this.A2inv = A2inv;
-        this.b2 = b2;
-        this.vi = vi;
-        this.layers = layers;
-    }
-
-    /**
-     * Constructor (used by the {@link RainbowKeyFactorySpi}).
-     *
-     * @param keySpec a {@link RainbowPrivateKeySpec}
-     */
-    public BCRainbowPrivateKey(RainbowPrivateKeySpec keySpec)
-    {
-        this(keySpec.getInvA1(), keySpec.getB1(), keySpec.getInvA2(), keySpec
-            .getB2(), keySpec.getVi(), keySpec.getLayers());
-    }
-
-    public BCRainbowPrivateKey(
-        RainbowPrivateKeyParameters params)
-    {
-        this(params.getInvA1(), params.getB1(), params.getInvA2(), params.getB2(), params.getVi(), params.getLayers());
-    }
-
-    /**
-     * Getter for the inverse matrix of A1.
-     *
-     * @return the A1inv inverse
-     */
-    public short[][] getInvA1()
-    {
-        return this.A1inv;
-    }
-
-    /**
-     * Getter for the translation part of the private quadratic map L1.
-     *
-     * @return b1 the translation part of L1
-     */
-    public short[] getB1()
-    {
-        return this.b1;
-    }
-
-    /**
-     * Getter for the translation part of the private quadratic map L2.
-     *
-     * @return b2 the translation part of L2
-     */
-    public short[] getB2()
-    {
-        return this.b2;
-    }
-
-    /**
-     * Getter for the inverse matrix of A2
-     *
-     * @return the A2inv
-     */
-    public short[][] getInvA2()
-    {
-        return this.A2inv;
-    }
-
-    /**
-     * Returns the layers contained in the private key
-     *
-     * @return layers
-     */
-    public Layer[] getLayers()
-    {
-        return this.layers;
-    }
-
-    /**
-     * Returns the array of vi-s
-     *
-     * @return the vi
-     */
-    public int[] getVi()
-    {
-        return vi;
-    }
-
-    /**
-     * Compare this Rainbow private key with another object.
-     *
-     * @param other the other object
-     * @return the result of the comparison
-     */
-    public boolean equals(Object other)
-    {
-        if (other == null || !(other instanceof BCRainbowPrivateKey))
-        {
-            return false;
-        }
-        BCRainbowPrivateKey otherKey = (BCRainbowPrivateKey)other;
-
-        boolean eq = true;
-        // compare using shortcut rule ( && instead of &)
-        eq = eq && RainbowUtil.equals(A1inv, otherKey.getInvA1());
-        eq = eq && RainbowUtil.equals(A2inv, otherKey.getInvA2());
-        eq = eq && RainbowUtil.equals(b1, otherKey.getB1());
-        eq = eq && RainbowUtil.equals(b2, otherKey.getB2());
-        eq = eq && Arrays.equals(vi, otherKey.getVi());
-        if (layers.length != otherKey.getLayers().length)
-        {
-            return false;
-        }
-        for (int i = layers.length - 1; i >= 0; i--)
-        {
-            eq &= layers[i].equals(otherKey.getLayers()[i]);
-        }
-        return eq;
-    }
-
-    public int hashCode()
-    {
-        int hash = layers.length;
-
-        hash = hash * 37 + org.bouncycastle.util.Arrays.hashCode(A1inv);
-        hash = hash * 37 + org.bouncycastle.util.Arrays.hashCode(b1);
-        hash = hash * 37 + org.bouncycastle.util.Arrays.hashCode(A2inv);
-        hash = hash * 37 + org.bouncycastle.util.Arrays.hashCode(b2);
-        hash = hash * 37 + org.bouncycastle.util.Arrays.hashCode(vi);
-
-        for (int i = layers.length - 1; i >= 0; i--)
-        {
-            hash = hash * 37 + layers[i].hashCode();
-        }
-
-
-        return hash;
-    }
-
-    /**
-     * @return name of the algorithm - "Rainbow"
-     */
-    public final String getAlgorithm()
-    {
-        return "Rainbow";
-    }
-
-    public byte[] getEncoded()
-    {
-        RainbowPrivateKey privateKey = new RainbowPrivateKey(A1inv, b1, A2inv, b2, vi, layers);
-
-        PrivateKeyInfo pki;
-        try
-        {
-            AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.rainbow, DERNull.INSTANCE);
-            pki = new PrivateKeyInfo(algorithmIdentifier, privateKey);
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-        try
-        {
-            byte[] encoded = pki.getEncoded();
-            return encoded;
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-    }
-
-    public String getFormat()
-    {
-        return "PKCS#8";
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/rainbow/BCRainbowPublicKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/rainbow/BCRainbowPublicKey.java
deleted file mode 100644
index 316ac0b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/rainbow/BCRainbowPublicKey.java
+++ /dev/null

@@ -1,171 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.rainbow;
-
-import java.security.PublicKey;
-
-import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-import org.bouncycastle.pqc.asn1.RainbowPublicKey;
-import org.bouncycastle.pqc.crypto.rainbow.RainbowParameters;
-import org.bouncycastle.pqc.crypto.rainbow.RainbowPublicKeyParameters;
-import org.bouncycastle.pqc.crypto.rainbow.util.RainbowUtil;
-import org.bouncycastle.pqc.jcajce.provider.util.KeyUtil;
-import org.bouncycastle.pqc.jcajce.spec.RainbowPublicKeySpec;
-import org.bouncycastle.util.Arrays;
-
-/**
- * This class implements CipherParameters and PublicKey.
- * <p>
- * The public key in Rainbow consists of n - v1 polynomial components of the
- * private key's F and the field structure of the finite field k.
- * </p><p>
- * The quadratic (or mixed) coefficients of the polynomials from the public key
- * are stored in the 2-dimensional array in lexicographical order, requiring n *
- * (n + 1) / 2 entries for each polynomial. The singular terms are stored in a
- * 2-dimensional array requiring n entries per polynomial, the scalar term of
- * each polynomial is stored in a 1-dimensional array.
- * </p><p>
- * More detailed information on the public key is to be found in the paper of
- * Jintai Ding, Dieter Schmidt: Rainbow, a New Multivariable Polynomial
- * Signature Scheme. ACNS 2005: 164-175 (http://dx.doi.org/10.1007/11496137_12)
- * </p>
- */
-public class BCRainbowPublicKey
-    implements PublicKey
-{
-    private static final long serialVersionUID = 1L;
-
-    private short[][] coeffquadratic;
-    private short[][] coeffsingular;
-    private short[] coeffscalar;
-    private int docLength; // length of possible document to sign
-
-    private RainbowParameters rainbowParams;
-
-    /**
-     * Constructor
-     *
-     * @param docLength
-     * @param coeffQuadratic
-     * @param coeffSingular
-     * @param coeffScalar
-     */
-    public BCRainbowPublicKey(int docLength,
-                              short[][] coeffQuadratic, short[][] coeffSingular,
-                              short[] coeffScalar)
-    {
-        this.docLength = docLength;
-        this.coeffquadratic = coeffQuadratic;
-        this.coeffsingular = coeffSingular;
-        this.coeffscalar = coeffScalar;
-    }
-
-    /**
-     * Constructor (used by the {@link RainbowKeyFactorySpi}).
-     *
-     * @param keySpec a {@link RainbowPublicKeySpec}
-     */
-    public BCRainbowPublicKey(RainbowPublicKeySpec keySpec)
-    {
-        this(keySpec.getDocLength(), keySpec.getCoeffQuadratic(), keySpec
-            .getCoeffSingular(), keySpec.getCoeffScalar());
-    }
-
-    public BCRainbowPublicKey(
-        RainbowPublicKeyParameters params)
-    {
-        this(params.getDocLength(), params.getCoeffQuadratic(), params.getCoeffSingular(), params.getCoeffScalar());
-    }
-
-    /**
-     * @return the docLength
-     */
-    public int getDocLength()
-    {
-        return this.docLength;
-    }
-
-    /**
-     * @return the coeffQuadratic
-     */
-    public short[][] getCoeffQuadratic()
-    {
-        return coeffquadratic;
-    }
-
-    /**
-     * @return the coeffSingular
-     */
-    public short[][] getCoeffSingular()
-    {
-        short[][] copy = new short[coeffsingular.length][];
-
-        for (int i = 0; i != coeffsingular.length; i++)
-        {
-            copy[i] = Arrays.clone(coeffsingular[i]);
-        }
-
-        return copy;
-    }
-
-
-    /**
-     * @return the coeffScalar
-     */
-    public short[] getCoeffScalar()
-    {
-        return Arrays.clone(coeffscalar);
-    }
-
-    /**
-     * Compare this Rainbow public key with another object.
-     *
-     * @param other the other object
-     * @return the result of the comparison
-     */
-    public boolean equals(Object other)
-    {
-        if (other == null || !(other instanceof BCRainbowPublicKey))
-        {
-            return false;
-        }
-        BCRainbowPublicKey otherKey = (BCRainbowPublicKey)other;
-
-        return docLength == otherKey.getDocLength()
-            && RainbowUtil.equals(coeffquadratic, otherKey.getCoeffQuadratic())
-            && RainbowUtil.equals(coeffsingular, otherKey.getCoeffSingular())
-            && RainbowUtil.equals(coeffscalar, otherKey.getCoeffScalar());
-    }
-
-    public int hashCode()
-    {
-        int hash = docLength;
-
-        hash = hash * 37 + Arrays.hashCode(coeffquadratic);
-        hash = hash * 37 + Arrays.hashCode(coeffsingular);
-        hash = hash * 37 + Arrays.hashCode(coeffscalar);
-
-        return hash;
-    }
-
-    /**
-     * @return name of the algorithm - "Rainbow"
-     */
-    public final String getAlgorithm()
-    {
-        return "Rainbow";
-    }
-
-    public String getFormat()
-    {
-        return "X.509";
-    }
-
-    public byte[] getEncoded()
-    {
-        RainbowPublicKey key = new RainbowPublicKey(docLength, coeffquadratic, coeffsingular, coeffscalar);
-        AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.rainbow, DERNull.INSTANCE);
-
-        return KeyUtil.getEncodedSubjectPublicKeyInfo(algorithmIdentifier, key);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/rainbow/RainbowKeyFactorySpi.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/rainbow/RainbowKeyFactorySpi.java
deleted file mode 100644
index 6a52b3a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/rainbow/RainbowKeyFactorySpi.java
+++ /dev/null

@@ -1,227 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.rainbow;
-
-import java.io.IOException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.KeyFactorySpi;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.KeySpec;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.jcajce.provider.util.AsymmetricKeyInfoConverter;
-import org.bouncycastle.pqc.asn1.RainbowPrivateKey;
-import org.bouncycastle.pqc.asn1.RainbowPublicKey;
-import org.bouncycastle.pqc.jcajce.spec.RainbowPrivateKeySpec;
-import org.bouncycastle.pqc.jcajce.spec.RainbowPublicKeySpec;
-
-
-/**
- * This class transforms Rainbow keys and Rainbow key specifications.
- *
- * @see BCRainbowPublicKey
- * @see RainbowPublicKeySpec
- * @see BCRainbowPrivateKey
- * @see RainbowPrivateKeySpec
- */
-public class RainbowKeyFactorySpi
-    extends KeyFactorySpi
-    implements AsymmetricKeyInfoConverter
-{
-    /**
-     * Converts, if possible, a key specification into a
-     * {@link BCRainbowPrivateKey}. Currently, the following key specifications
-     * are supported: {@link RainbowPrivateKeySpec}, {@link PKCS8EncodedKeySpec}.
-     * <p>
-     * The ASN.1 definition of the key structure is
-     * </p>
-     * <pre>
-     *   RainbowPrivateKey ::= SEQUENCE {
-     *     oid        OBJECT IDENTIFIER         -- OID identifying the algorithm
-     *     A1inv      SEQUENCE OF OCTET STRING  -- inversed matrix of L1
-     *     b1         OCTET STRING              -- translation vector of L1
-     *     A2inv      SEQUENCE OF OCTET STRING  -- inversed matrix of L2
-     *     b2         OCTET STRING              -- translation vector of L2
-     *     vi         OCTET STRING              -- num of elmts in each Set S
-     *     layers     SEQUENCE OF Layer         -- layers of F
-     *   }
-     *
-     *   Layer             ::= SEQUENCE OF Poly
-     *   Poly              ::= SEQUENCE {
-     *     alpha      SEQUENCE OF OCTET STRING
-     *     beta       SEQUENCE OF OCTET STRING
-     *     gamma      OCTET STRING
-     *     eta        OCTET
-     *   }
-     * </pre>
-     *
-     * @param keySpec the key specification
-     * @return the Rainbow private key
-     * @throws InvalidKeySpecException if the KeySpec is not supported.
-     */
-    public PrivateKey engineGeneratePrivate(KeySpec keySpec)
-        throws InvalidKeySpecException
-    {
-        if (keySpec instanceof RainbowPrivateKeySpec)
-        {
-            return new BCRainbowPrivateKey((RainbowPrivateKeySpec)keySpec);
-        }
-        else if (keySpec instanceof PKCS8EncodedKeySpec)
-        {
-            // get the DER-encoded Key according to PKCS#8 from the spec
-            byte[] encKey = ((PKCS8EncodedKeySpec)keySpec).getEncoded();
-
-            try
-            {
-                return generatePrivate(PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(encKey)));
-            }
-            catch (Exception e)
-            {
-                throw new InvalidKeySpecException(e.toString());
-            }
-        }
-
-        throw new InvalidKeySpecException("Unsupported key specification: "
-            + keySpec.getClass() + ".");
-    }
-
-    /**
-     * Converts, if possible, a key specification into a
-     * {@link BCRainbowPublicKey}. Currently, the following key specifications are
-     * supported:{@link X509EncodedKeySpec}.
-     * <p>
-     * The ASN.1 definition of a public key's structure is
-     * </p><pre>
-     *    RainbowPublicKey ::= SEQUENCE {
-     *      oid            OBJECT IDENTIFIER        -- OID identifying the algorithm
-     *      docLength      Integer                  -- length of signable msg
-     *      coeffquadratic SEQUENCE OF OCTET STRING -- quadratic (mixed) coefficients
-     *      coeffsingular  SEQUENCE OF OCTET STRING -- singular coefficients
-     *      coeffscalar       OCTET STRING             -- scalar coefficients
-     *       }
-     * </pre>
-     *
-     * @param keySpec the key specification
-     * @return the Rainbow public key
-     * @throws InvalidKeySpecException if the KeySpec is not supported.
-     */
-    public PublicKey engineGeneratePublic(KeySpec keySpec)
-        throws InvalidKeySpecException
-    {
-        if (keySpec instanceof RainbowPublicKeySpec)
-        {
-            return new BCRainbowPublicKey((RainbowPublicKeySpec)keySpec);
-        }
-        else if (keySpec instanceof X509EncodedKeySpec)
-        {
-            // get the DER-encoded Key according to X.509 from the spec
-            byte[] encKey = ((X509EncodedKeySpec)keySpec).getEncoded();
-
-            // decode the SubjectPublicKeyInfo data structure to the pki object
-            try
-            {
-                return generatePublic(SubjectPublicKeyInfo.getInstance(encKey));
-            }
-            catch (Exception e)
-            {
-                throw new InvalidKeySpecException(e.toString());
-            }
-        }
-
-        throw new InvalidKeySpecException("Unknown key specification: " + keySpec + ".");
-    }
-
-    /**
-     * Converts a given key into a key specification, if possible. Currently the
-     * following specs are supported:
-     * <ul>
-     * <li>for RainbowPublicKey: X509EncodedKeySpec, RainbowPublicKeySpec</li>
-     * <li>for RainbowPrivateKey: PKCS8EncodedKeySpec, RainbowPrivateKeySpec</li>
-     * </ul>
-     *
-     * @param key     the key
-     * @param keySpec the key specification
-     * @return the specification of the CMSS key
-     * @throws InvalidKeySpecException if the key type or key specification is not supported.
-     */
-    public final KeySpec engineGetKeySpec(Key key, Class keySpec)
-        throws InvalidKeySpecException
-    {
-        if (key instanceof BCRainbowPrivateKey)
-        {
-            if (PKCS8EncodedKeySpec.class.isAssignableFrom(keySpec))
-            {
-                return new PKCS8EncodedKeySpec(key.getEncoded());
-            }
-            else if (RainbowPrivateKeySpec.class.isAssignableFrom(keySpec))
-            {
-                BCRainbowPrivateKey privKey = (BCRainbowPrivateKey)key;
-                return new RainbowPrivateKeySpec(privKey.getInvA1(), privKey
-                    .getB1(), privKey.getInvA2(), privKey.getB2(), privKey
-                    .getVi(), privKey.getLayers());
-            }
-        }
-        else if (key instanceof BCRainbowPublicKey)
-        {
-            if (X509EncodedKeySpec.class.isAssignableFrom(keySpec))
-            {
-                return new X509EncodedKeySpec(key.getEncoded());
-            }
-            else if (RainbowPublicKeySpec.class.isAssignableFrom(keySpec))
-            {
-                BCRainbowPublicKey pubKey = (BCRainbowPublicKey)key;
-                return new RainbowPublicKeySpec(pubKey.getDocLength(), pubKey
-                    .getCoeffQuadratic(), pubKey.getCoeffSingular(), pubKey
-                    .getCoeffScalar());
-            }
-        }
-        else
-        {
-            throw new InvalidKeySpecException("Unsupported key type: "
-                + key.getClass() + ".");
-        }
-
-        throw new InvalidKeySpecException("Unknown key specification: "
-            + keySpec + ".");
-    }
-
-    /**
-     * Translates a key into a form known by the FlexiProvider. Currently the
-     * following key types are supported: RainbowPrivateKey, RainbowPublicKey.
-     *
-     * @param key the key
-     * @return a key of a known key type
-     * @throws InvalidKeyException if the key is not supported.
-     */
-    public final Key engineTranslateKey(Key key)
-        throws InvalidKeyException
-    {
-        if (key instanceof BCRainbowPrivateKey || key instanceof BCRainbowPublicKey)
-        {
-            return key;
-        }
-
-        throw new InvalidKeyException("Unsupported key type");
-    }
-
-    public PrivateKey generatePrivate(PrivateKeyInfo keyInfo)
-        throws IOException
-    {
-        RainbowPrivateKey pKey = RainbowPrivateKey.getInstance(keyInfo.parsePrivateKey());
-
-        return new BCRainbowPrivateKey(pKey.getInvA1(), pKey.getB1(), pKey.getInvA2(), pKey.getB2(), pKey.getVi(), pKey.getLayers());
-    }
-
-    public PublicKey generatePublic(SubjectPublicKeyInfo keyInfo)
-        throws IOException
-    {
-        RainbowPublicKey pKey = RainbowPublicKey.getInstance(keyInfo.parsePublicKey());
-
-        return new BCRainbowPublicKey(pKey.getDocLength(), pKey.getCoeffQuadratic(), pKey.getCoeffSingular(), pKey.getCoeffScalar());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/rainbow/RainbowKeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/rainbow/RainbowKeyPairGeneratorSpi.java
deleted file mode 100644
index 0979256..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/rainbow/RainbowKeyPairGeneratorSpi.java
+++ /dev/null

@@ -1,73 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.rainbow;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyPair;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.pqc.crypto.rainbow.RainbowKeyGenerationParameters;
-import org.bouncycastle.pqc.crypto.rainbow.RainbowKeyPairGenerator;
-import org.bouncycastle.pqc.crypto.rainbow.RainbowParameters;
-import org.bouncycastle.pqc.crypto.rainbow.RainbowPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.rainbow.RainbowPublicKeyParameters;
-import org.bouncycastle.pqc.jcajce.spec.RainbowParameterSpec;
-
-public class RainbowKeyPairGeneratorSpi
-    extends java.security.KeyPairGenerator
-{
-    RainbowKeyGenerationParameters param;
-    RainbowKeyPairGenerator engine = new RainbowKeyPairGenerator();
-    int strength = 1024;
-    SecureRandom random = CryptoServicesRegistrar.getSecureRandom();
-    boolean initialised = false;
-
-    public RainbowKeyPairGeneratorSpi()
-    {
-        super("Rainbow");
-    }
-
-    public void initialize(
-        int strength,
-        SecureRandom random)
-    {
-        this.strength = strength;
-        this.random = random;
-    }
-
-    public void initialize(
-        AlgorithmParameterSpec params,
-        SecureRandom random)
-        throws InvalidAlgorithmParameterException
-    {
-        if (!(params instanceof RainbowParameterSpec))
-        {
-            throw new InvalidAlgorithmParameterException("parameter object not a RainbowParameterSpec");
-        }
-        RainbowParameterSpec rainbowParams = (RainbowParameterSpec)params;
-
-        param = new RainbowKeyGenerationParameters(random, new RainbowParameters(rainbowParams.getVi()));
-
-        engine.init(param);
-        initialised = true;
-    }
-
-    public KeyPair generateKeyPair()
-    {
-        if (!initialised)
-        {
-            param = new RainbowKeyGenerationParameters(random, new RainbowParameters(new RainbowParameterSpec().getVi()));
-
-            engine.init(param);
-            initialised = true;
-        }
-
-        AsymmetricCipherKeyPair pair = engine.generateKeyPair();
-        RainbowPublicKeyParameters pub = (RainbowPublicKeyParameters)pair.getPublic();
-        RainbowPrivateKeyParameters priv = (RainbowPrivateKeyParameters)pair.getPrivate();
-
-        return new KeyPair(new BCRainbowPublicKey(pub),
-            new BCRainbowPrivateKey(priv));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/rainbow/RainbowKeysToParams.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/rainbow/RainbowKeysToParams.java
deleted file mode 100644
index f5c573a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/rainbow/RainbowKeysToParams.java
+++ /dev/null

@@ -1,49 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.rainbow;
-
-import java.security.InvalidKeyException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-
-import org.bouncycastle.crypto.params.AsymmetricKeyParameter;
-import org.bouncycastle.pqc.crypto.rainbow.RainbowPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.rainbow.RainbowPublicKeyParameters;
-
-
-/**
- * utility class for converting jce/jca Rainbow objects
- * objects into their org.bouncycastle.crypto counterparts.
- */
-
-public class RainbowKeysToParams
-{
-    static public AsymmetricKeyParameter generatePublicKeyParameter(
-        PublicKey key)
-        throws InvalidKeyException
-    {
-        if (key instanceof BCRainbowPublicKey)
-        {
-            BCRainbowPublicKey k = (BCRainbowPublicKey)key;
-
-            return new RainbowPublicKeyParameters(k.getDocLength(), k.getCoeffQuadratic(),
-                k.getCoeffSingular(), k.getCoeffScalar());
-        }
-
-        throw new InvalidKeyException("can't identify Rainbow public key: " + key.getClass().getName());
-    }
-
-    static public AsymmetricKeyParameter generatePrivateKeyParameter(
-        PrivateKey key)
-        throws InvalidKeyException
-    {
-        if (key instanceof BCRainbowPrivateKey)
-        {
-            BCRainbowPrivateKey k = (BCRainbowPrivateKey)key;
-            return new RainbowPrivateKeyParameters(k.getInvA1(), k.getB1(),
-                k.getInvA2(), k.getB2(), k.getVi(), k.getLayers());
-        }
-
-        throw new InvalidKeyException("can't identify Rainbow private key.");
-    }
-}
-
-

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/rainbow/SignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/rainbow/SignatureSpi.java
deleted file mode 100644
index 86d971d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/rainbow/SignatureSpi.java
+++ /dev/null

@@ -1,162 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.rainbow;
-
-import java.security.InvalidKeyException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.SignatureException;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA224Digest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA384Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.pqc.crypto.rainbow.RainbowSigner;
-
-/**
- * Rainbow Signature class, extending the jce SignatureSpi.
- */
-public class SignatureSpi
-    extends java.security.SignatureSpi
-{
-    private Digest digest;
-    private RainbowSigner signer;
-    private SecureRandom random;
-
-    protected SignatureSpi(Digest digest, RainbowSigner signer)
-    {
-        this.digest = digest;
-        this.signer = signer;
-    }
-
-    protected void engineInitVerify(PublicKey publicKey)
-        throws InvalidKeyException
-    {
-        CipherParameters param;
-        param = RainbowKeysToParams.generatePublicKeyParameter(publicKey);
-
-        digest.reset();
-        signer.init(false, param);
-    }
-
-    protected void engineInitSign(PrivateKey privateKey, SecureRandom random)
-        throws InvalidKeyException
-    {
-        this.random = random;
-        engineInitSign(privateKey);
-    }
-
-    protected void engineInitSign(PrivateKey privateKey)
-        throws InvalidKeyException
-    {
-        CipherParameters param;
-        param = RainbowKeysToParams.generatePrivateKeyParameter(privateKey);
-
-        if (random != null)
-        {
-            param = new ParametersWithRandom(param, random);
-        }
-
-        digest.reset();
-        signer.init(true, param);
-
-    }
-
-    protected void engineUpdate(byte b)
-        throws SignatureException
-    {
-        digest.update(b);
-    }
-
-    protected void engineUpdate(byte[] b, int off, int len)
-        throws SignatureException
-    {
-        digest.update(b, off, len);
-    }
-
-    protected byte[] engineSign()
-        throws SignatureException
-    {
-        byte[] hash = new byte[digest.getDigestSize()];
-        digest.doFinal(hash, 0);
-        try
-        {
-            byte[] sig = signer.generateSignature(hash);
-
-            return sig;
-        }
-        catch (Exception e)
-        {
-            throw new SignatureException(e.toString());
-        }
-    }
-
-    protected boolean engineVerify(byte[] sigBytes)
-        throws SignatureException
-    {
-        byte[] hash = new byte[digest.getDigestSize()];
-        digest.doFinal(hash, 0);
-        return signer.verifySignature(hash, sigBytes);
-    }
-
-    protected void engineSetParameter(AlgorithmParameterSpec params)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    /**
-     * @deprecated replaced with #engineSetParameter(java.security.spec.AlgorithmParameterSpec)
-     */
-    protected void engineSetParameter(String param, Object value)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    /**
-     * @deprecated
-     */
-    protected Object engineGetParameter(String param)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-
-    static public class withSha224
-        extends SignatureSpi
-    {
-        public withSha224()
-        {
-            super(new SHA224Digest(), new RainbowSigner());
-        }
-    }
-
-    static public class withSha256
-        extends SignatureSpi
-    {
-        public withSha256()
-        {
-            super(new SHA256Digest(), new RainbowSigner());
-        }
-    }
-
-    static public class withSha384
-        extends SignatureSpi
-    {
-        public withSha384()
-        {
-            super(new SHA384Digest(), new RainbowSigner());
-        }
-    }
-
-    static public class withSha512
-        extends SignatureSpi
-    {
-        public withSha512()
-        {
-            super(new SHA512Digest(), new RainbowSigner());
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/sphincs/BCSphincs256PrivateKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/sphincs/BCSphincs256PrivateKey.java
deleted file mode 100644
index 9d9b3fc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/sphincs/BCSphincs256PrivateKey.java
+++ /dev/null

@@ -1,153 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.sphincs;
-
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.security.PrivateKey;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-import org.bouncycastle.pqc.asn1.SPHINCS256KeyParams;
-import org.bouncycastle.pqc.crypto.sphincs.SPHINCSPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.util.PrivateKeyFactory;
-import org.bouncycastle.pqc.crypto.util.PrivateKeyInfoFactory;
-import org.bouncycastle.pqc.jcajce.interfaces.SPHINCSKey;
-import org.bouncycastle.util.Arrays;
-
-public class BCSphincs256PrivateKey
-    implements PrivateKey, SPHINCSKey
-{
-    private static final long serialVersionUID = 1L;
-
-    private transient ASN1ObjectIdentifier treeDigest;
-    private transient SPHINCSPrivateKeyParameters params;
-    private transient ASN1Set attributes;
-
-    public BCSphincs256PrivateKey(
-        ASN1ObjectIdentifier treeDigest,
-        SPHINCSPrivateKeyParameters params)
-    {
-        this.treeDigest = treeDigest;
-        this.params = params;
-    }
-
-    public BCSphincs256PrivateKey(PrivateKeyInfo keyInfo)
-        throws IOException
-    {
-        init(keyInfo);
-    }
-
-    private void init(PrivateKeyInfo keyInfo)
-        throws IOException
-    {
-        this.attributes = keyInfo.getAttributes();
-        this.treeDigest = SPHINCS256KeyParams.getInstance(keyInfo.getPrivateKeyAlgorithm().getParameters()).getTreeDigest().getAlgorithm();
-        this.params = (SPHINCSPrivateKeyParameters)PrivateKeyFactory.createKey(keyInfo);
-    }
-
-    /**
-     * Compare this SPHINCS-256 private key with another object.
-     *
-     * @param o the other object
-     * @return the result of the comparison
-     */
-    public boolean equals(Object o)
-    {
-        if (o == this)
-        {
-            return true;
-        }
-
-        if (o instanceof BCSphincs256PrivateKey)
-        {
-            BCSphincs256PrivateKey otherKey = (BCSphincs256PrivateKey)o;
-
-            return treeDigest.equals(otherKey.treeDigest) && Arrays.areEqual(params.getKeyData(), otherKey.params.getKeyData());
-        }
-
-        return false;
-    }
-
-    public int hashCode()
-    {
-        return treeDigest.hashCode() + 37 * Arrays.hashCode(params.getKeyData());
-    }
-
-    /**
-     * @return name of the algorithm - "SPHINCS-256"
-     */
-    public final String getAlgorithm()
-    {
-        return "SPHINCS-256";
-    }
-
-    public byte[] getEncoded()
-    {
-
-        try
-        {
-            PrivateKeyInfo pki;
-            if (params.getTreeDigest() != null)
-            {
-                pki = PrivateKeyInfoFactory.createPrivateKeyInfo(params, attributes);
-            }
-            else
-            {
-                AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.sphincs256,
-                    new SPHINCS256KeyParams(new AlgorithmIdentifier(treeDigest)));
-                pki = new PrivateKeyInfo(algorithmIdentifier, new DEROctetString(params.getKeyData()), attributes);
-            }
-
-            return pki.getEncoded();
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-    }
-
-    public String getFormat()
-    {
-        return "PKCS#8";
-    }
-
-    ASN1ObjectIdentifier getTreeDigest()
-    {
-        return treeDigest;
-    }
-    
-    public byte[] getKeyData()
-    {
-        return params.getKeyData();
-    }
-
-    CipherParameters getKeyParams()
-    {
-        return params;
-    }
-
-    private void readObject(
-        ObjectInputStream in)
-        throws IOException, ClassNotFoundException
-    {
-        in.defaultReadObject();
-
-        byte[] enc = (byte[])in.readObject();
-
-        init(PrivateKeyInfo.getInstance(enc));
-    }
-
-    private void writeObject(
-        ObjectOutputStream out)
-        throws IOException
-    {
-        out.defaultWriteObject();
-
-        out.writeObject(this.getEncoded());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/sphincs/BCSphincs256PublicKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/sphincs/BCSphincs256PublicKey.java
deleted file mode 100644
index 663307c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/sphincs/BCSphincs256PublicKey.java
+++ /dev/null

@@ -1,148 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.sphincs;
-
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.security.PublicKey;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-import org.bouncycastle.pqc.asn1.SPHINCS256KeyParams;
-import org.bouncycastle.pqc.crypto.sphincs.SPHINCSPublicKeyParameters;
-import org.bouncycastle.pqc.crypto.util.PublicKeyFactory;
-import org.bouncycastle.pqc.crypto.util.SubjectPublicKeyInfoFactory;
-import org.bouncycastle.pqc.jcajce.interfaces.SPHINCSKey;
-import org.bouncycastle.util.Arrays;
-
-public class BCSphincs256PublicKey
-    implements PublicKey, SPHINCSKey
-{
-    private static final long serialVersionUID = 1L;
-
-    private transient ASN1ObjectIdentifier treeDigest;
-    private transient SPHINCSPublicKeyParameters params;
-
-    public BCSphincs256PublicKey(
-        ASN1ObjectIdentifier treeDigest,
-        SPHINCSPublicKeyParameters params)
-    {
-        this.treeDigest = treeDigest;
-        this.params = params;
-    }
-
-    public BCSphincs256PublicKey(SubjectPublicKeyInfo keyInfo)
-        throws IOException
-    {
-        init(keyInfo);
-    }
-
-    private void init(SubjectPublicKeyInfo keyInfo)
-        throws IOException
-    {
-        this.treeDigest = SPHINCS256KeyParams.getInstance(keyInfo.getAlgorithm().getParameters()).getTreeDigest().getAlgorithm();
-        this.params = (SPHINCSPublicKeyParameters)PublicKeyFactory.createKey(keyInfo);
-    }
-    
-    /**
-     * Compare this SPHINCS-256 public key with another object.
-     *
-     * @param o the other object
-     * @return the result of the comparison
-     */
-    public boolean equals(Object o)
-    {
-        if (o == this)
-        {
-            return true;
-        }
-
-        if (o instanceof BCSphincs256PublicKey)
-        {
-            BCSphincs256PublicKey otherKey = (BCSphincs256PublicKey)o;
-
-            return treeDigest.equals(otherKey.treeDigest) && Arrays.areEqual(params.getKeyData(), otherKey.params.getKeyData());
-        }
-
-        return false;
-    }
-
-    public int hashCode()
-    {
-        return treeDigest.hashCode() + 37 * Arrays.hashCode(params.getKeyData());
-    }
-
-    /**
-     * @return name of the algorithm - "SPHINCS-256"
-     */
-    public final String getAlgorithm()
-    {
-        return "SPHINCS-256";
-    }
-
-    public byte[] getEncoded()
-    {
-        try
-        {
-            SubjectPublicKeyInfo pki;
-
-            if (params.getTreeDigest() != null)
-            {
-                pki = SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(params);
-            }
-            else
-            {
-                AlgorithmIdentifier algorithmIdentifier = new AlgorithmIdentifier(PQCObjectIdentifiers.sphincs256, new SPHINCS256KeyParams(new AlgorithmIdentifier(treeDigest)));
-                pki = new SubjectPublicKeyInfo(algorithmIdentifier, params.getKeyData());
-            }
-
-            return pki.getEncoded();
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-    }
-
-    public String getFormat()
-    {
-        return "X.509";
-    }
-
-    public byte[] getKeyData()
-    {
-        return params.getKeyData();
-    }
-
-    ASN1ObjectIdentifier getTreeDigest()
-    {
-        return treeDigest;
-    }
-
-    CipherParameters getKeyParams()
-    {
-        return params;
-    }
-
-    private void readObject(
-        ObjectInputStream in)
-        throws IOException, ClassNotFoundException
-    {
-        in.defaultReadObject();
-
-        byte[] enc = (byte[])in.readObject();
-
-        init(SubjectPublicKeyInfo.getInstance(enc));
-    }
-
-    private void writeObject(
-        ObjectOutputStream out)
-        throws IOException
-    {
-        out.defaultWriteObject();
-
-        out.writeObject(this.getEncoded());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/sphincs/SignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/sphincs/SignatureSpi.java
deleted file mode 100644
index 30b5a0e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/sphincs/SignatureSpi.java
+++ /dev/null

@@ -1,167 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.sphincs;
-
-import java.security.InvalidKeyException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.SignatureException;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.SHA3Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.digests.SHA512tDigest;
-import org.bouncycastle.pqc.crypto.sphincs.SPHINCS256Signer;
-
-public class SignatureSpi
-    extends java.security.SignatureSpi
-{
-    private final ASN1ObjectIdentifier treeDigest;
-    private Digest digest;
-    private SPHINCS256Signer signer;
-    private SecureRandom random;
-
-    protected SignatureSpi(Digest digest, ASN1ObjectIdentifier treeDigest, SPHINCS256Signer signer)
-    {
-        this.digest = digest;
-        this.treeDigest = treeDigest;
-        this.signer = signer;
-    }
-
-    protected void engineInitVerify(PublicKey publicKey)
-        throws InvalidKeyException
-    {
-        if (publicKey instanceof BCSphincs256PublicKey)
-        {
-            BCSphincs256PublicKey key = (BCSphincs256PublicKey)publicKey;
-            if (!treeDigest.equals(key.getTreeDigest()))
-            {
-                throw new InvalidKeyException("SPHINCS-256 signature for tree digest: " + key.getTreeDigest());
-            }
-            CipherParameters param = key.getKeyParams();
-
-            digest.reset();
-            signer.init(false, param);
-        }
-        else
-        {
-            throw new InvalidKeyException("unknown public key passed to SPHINCS-256");
-        }
-    }
-
-    protected void engineInitSign(PrivateKey privateKey, SecureRandom random)
-        throws InvalidKeyException
-    {
-        this.random = random;
-        engineInitSign(privateKey);
-    }
-
-    protected void engineInitSign(PrivateKey privateKey)
-        throws InvalidKeyException
-    {
-        if (privateKey instanceof BCSphincs256PrivateKey)
-        {
-            BCSphincs256PrivateKey key = (BCSphincs256PrivateKey)privateKey;
-            if (!treeDigest.equals(key.getTreeDigest()))
-            {
-                throw new InvalidKeyException("SPHINCS-256 signature for tree digest: " + key.getTreeDigest());
-            }
-
-            CipherParameters param = key.getKeyParams();
-
-            // random not required for SPHINCS.
-//            if (random != null)
-//            {
-//                param = new ParametersWithRandom(param, random);
-//            }
-
-            digest.reset();
-            signer.init(true, param);
-        }
-        else
-        {
-            throw new InvalidKeyException("unknown private key passed to SPHINCS-256");
-        }
-    }
-
-    protected void engineUpdate(byte b)
-        throws SignatureException
-    {
-        digest.update(b);
-    }
-
-    protected void engineUpdate(byte[] b, int off, int len)
-        throws SignatureException
-    {
-        digest.update(b, off, len);
-    }
-
-    protected byte[] engineSign()
-        throws SignatureException
-    {
-        byte[] hash = new byte[digest.getDigestSize()];
-        digest.doFinal(hash, 0);
-        try
-        {
-            byte[] sig = signer.generateSignature(hash);
-
-            return sig;
-        }
-        catch (Exception e)
-        {
-            throw new SignatureException(e.toString());
-        }
-    }
-
-    protected boolean engineVerify(byte[] sigBytes)
-        throws SignatureException
-    {
-        byte[] hash = new byte[digest.getDigestSize()];
-        digest.doFinal(hash, 0);
-
-        return signer.verifySignature(hash, sigBytes);
-    }
-
-    protected void engineSetParameter(AlgorithmParameterSpec params)
-    {
-        // TODO
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    /**
-     * @deprecated replaced with #engineSetParameter(java.security.spec.AlgorithmParameterSpec)
-     */
-    protected void engineSetParameter(String param, Object value)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    /**
-     * @deprecated
-     */
-    protected Object engineGetParameter(String param)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    static public class withSha512
-        extends SignatureSpi
-    {
-        public withSha512()
-        {
-            super(new SHA512Digest(), NISTObjectIdentifiers.id_sha512_256, new SPHINCS256Signer(new SHA512tDigest(256), new SHA512Digest()));
-        }
-    }
-
-    static public class withSha3_512
-        extends SignatureSpi
-    {
-        public withSha3_512()
-        {
-            super(new SHA3Digest(512), NISTObjectIdentifiers.id_sha3_256, new SPHINCS256Signer(new SHA3Digest(256), new SHA3Digest(512)));
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/sphincs/Sphincs256KeyFactorySpi.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/sphincs/Sphincs256KeyFactorySpi.java
deleted file mode 100644
index 8a371f7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/sphincs/Sphincs256KeyFactorySpi.java
+++ /dev/null

@@ -1,116 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.sphincs;
-
-import java.io.IOException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.KeyFactorySpi;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.KeySpec;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.jcajce.provider.util.AsymmetricKeyInfoConverter;
-
-public class Sphincs256KeyFactorySpi
-    extends KeyFactorySpi
-    implements AsymmetricKeyInfoConverter
-{
-    public PrivateKey engineGeneratePrivate(KeySpec keySpec)
-        throws InvalidKeySpecException
-    {
-        if (keySpec instanceof PKCS8EncodedKeySpec)
-        {
-            // get the DER-encoded Key according to PKCS#8 from the spec
-            byte[] encKey = ((PKCS8EncodedKeySpec)keySpec).getEncoded();
-
-            try
-            {
-                return generatePrivate(PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(encKey)));
-            }
-            catch (Exception e)
-            {
-                throw new InvalidKeySpecException(e.toString());
-            }
-        }
-
-        throw new InvalidKeySpecException("Unsupported key specification: "
-            + keySpec.getClass() + ".");
-    }
-
-    public PublicKey engineGeneratePublic(KeySpec keySpec)
-        throws InvalidKeySpecException
-    {
-        if (keySpec instanceof X509EncodedKeySpec)
-        {
-            // get the DER-encoded Key according to X.509 from the spec
-            byte[] encKey = ((X509EncodedKeySpec)keySpec).getEncoded();
-
-            // decode the SubjectPublicKeyInfo data structure to the pki object
-            try
-            {
-                return generatePublic(SubjectPublicKeyInfo.getInstance(encKey));
-            }
-            catch (Exception e)
-            {
-                throw new InvalidKeySpecException(e.toString());
-            }
-        }
-
-        throw new InvalidKeySpecException("Unknown key specification: " + keySpec + ".");
-    }
-
-    public final KeySpec engineGetKeySpec(Key key, Class keySpec)
-        throws InvalidKeySpecException
-    {
-        if (key instanceof BCSphincs256PrivateKey)
-        {
-            if (PKCS8EncodedKeySpec.class.isAssignableFrom(keySpec))
-            {
-                return new PKCS8EncodedKeySpec(key.getEncoded());
-            }
-        }
-        else if (key instanceof BCSphincs256PublicKey)
-        {
-            if (X509EncodedKeySpec.class.isAssignableFrom(keySpec))
-            {
-                return new X509EncodedKeySpec(key.getEncoded());
-            }
-        }
-        else
-        {
-            throw new InvalidKeySpecException("Unsupported key type: "
-                + key.getClass() + ".");
-        }
-
-        throw new InvalidKeySpecException("Unknown key specification: "
-            + keySpec + ".");
-    }
-
-    public final Key engineTranslateKey(Key key)
-        throws InvalidKeyException
-    {
-        if (key instanceof BCSphincs256PrivateKey || key instanceof BCSphincs256PublicKey)
-        {
-            return key;
-        }
-
-        throw new InvalidKeyException("Unsupported key type");
-    }
-
-    public PrivateKey generatePrivate(PrivateKeyInfo keyInfo)
-        throws IOException
-    {
-        return new BCSphincs256PrivateKey(keyInfo);
-    }
-
-    public PublicKey generatePublic(SubjectPublicKeyInfo keyInfo)
-        throws IOException
-    {
-        return new BCSphincs256PublicKey(keyInfo);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/sphincs/Sphincs256KeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/sphincs/Sphincs256KeyPairGeneratorSpi.java
deleted file mode 100644
index 7228b31..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/sphincs/Sphincs256KeyPairGeneratorSpi.java
+++ /dev/null

@@ -1,86 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.sphincs;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyPair;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.digests.SHA3Digest;
-import org.bouncycastle.crypto.digests.SHA512tDigest;
-import org.bouncycastle.pqc.crypto.sphincs.SPHINCS256KeyGenerationParameters;
-import org.bouncycastle.pqc.crypto.sphincs.SPHINCS256KeyPairGenerator;
-import org.bouncycastle.pqc.crypto.sphincs.SPHINCSPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.sphincs.SPHINCSPublicKeyParameters;
-import org.bouncycastle.pqc.jcajce.spec.SPHINCS256KeyGenParameterSpec;
-
-public class Sphincs256KeyPairGeneratorSpi
-    extends java.security.KeyPairGenerator
-{
-    ASN1ObjectIdentifier treeDigest = NISTObjectIdentifiers.id_sha512_256;
-
-    SPHINCS256KeyGenerationParameters param;
-    SPHINCS256KeyPairGenerator engine = new SPHINCS256KeyPairGenerator();
-
-    SecureRandom random = CryptoServicesRegistrar.getSecureRandom();
-    boolean initialised = false;
-
-    public Sphincs256KeyPairGeneratorSpi()
-    {
-        super("SPHINCS256");
-    }
-
-    public void initialize(
-        int strength,
-        SecureRandom random)
-    {
-        throw new IllegalArgumentException("use AlgorithmParameterSpec");
-    }
-
-    public void initialize(
-        AlgorithmParameterSpec params,
-        SecureRandom random)
-        throws InvalidAlgorithmParameterException
-    {
-        if (!(params instanceof SPHINCS256KeyGenParameterSpec))
-        {
-            throw new InvalidAlgorithmParameterException("parameter object not a SPHINCS256KeyGenParameterSpec");
-        }
-
-        SPHINCS256KeyGenParameterSpec sphincsParams = (SPHINCS256KeyGenParameterSpec)params;
-
-        if (sphincsParams.getTreeDigest().equals(SPHINCS256KeyGenParameterSpec.SHA512_256))
-        {
-            treeDigest = NISTObjectIdentifiers.id_sha512_256;
-            param = new SPHINCS256KeyGenerationParameters(random, new SHA512tDigest(256));
-        }
-        else if (sphincsParams.getTreeDigest().equals(SPHINCS256KeyGenParameterSpec.SHA3_256))
-        {
-            treeDigest = NISTObjectIdentifiers.id_sha3_256;
-            param = new SPHINCS256KeyGenerationParameters(random, new SHA3Digest(256));
-        }
-
-        engine.init(param);
-        initialised = true;
-    }
-
-    public KeyPair generateKeyPair()
-    {
-        if (!initialised)
-        {
-            param = new SPHINCS256KeyGenerationParameters(random, new SHA512tDigest(256));
-
-            engine.init(param);
-            initialised = true;
-        }
-
-        AsymmetricCipherKeyPair pair = engine.generateKeyPair();
-        SPHINCSPublicKeyParameters pub = (SPHINCSPublicKeyParameters)pair.getPublic();
-        SPHINCSPrivateKeyParameters priv = (SPHINCSPrivateKeyParameters)pair.getPrivate();
-
-        return new KeyPair(new BCSphincs256PublicKey(treeDigest, pub), new BCSphincs256PrivateKey(treeDigest, priv));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/AllTests.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/AllTests.java
deleted file mode 100644
index 95cb5be..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/AllTests.java
+++ /dev/null

@@ -1,68 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.test;
-
-import java.security.Security;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-import org.bouncycastle.pqc.jcajce.provider.BouncyCastlePQCProvider;
-
-/**
- * Full test suite for the BCPQC provider.
- */
-public class AllTests
-    extends TestCase
-{
-    public static void main (String[] args)
-    {
-        junit.textui.TestRunner.run(suite());
-    }
-    
-    public static Test suite()
-    {
-        TestSuite suite = new TestSuite("PQC JCE Tests");
-        
-        if (Security.getProvider(BouncyCastlePQCProvider.PROVIDER_NAME) == null)
-        {
-            Security.addProvider(new BouncyCastlePQCProvider());
-        }
-
-        suite.addTestSuite(Sphincs256Test.class);
-        suite.addTestSuite(RainbowSignatureTest.class);
-        suite.addTestSuite(McElieceFujisakiCipherTest.class);
-        suite.addTestSuite(McElieceKobaraImaiCipherTest.class);
-        suite.addTestSuite(McEliecePointchevalCipherTest.class);
-        suite.addTestSuite(McElieceCipherTest.class);
-        suite.addTestSuite(McElieceKeyPairGeneratorTest.class);
-        suite.addTestSuite(McElieceCCA2KeyPairGeneratorTest.class);
-        suite.addTestSuite(NewHopeTest.class);
-        suite.addTestSuite(NewHopeKeyPairGeneratorTest.class);
-        suite.addTestSuite(Sphincs256Test.class);
-        suite.addTestSuite(Sphincs256KeyPairGeneratorTest.class);
-        suite.addTestSuite(XMSSTest.class);
-        suite.addTestSuite(XMSSMTTest.class);
-        suite.addTestSuite(QTESLATest.class);
-
-        return new BCTestSetup(suite);
-    }
-
-    static class BCTestSetup
-        extends TestSetup
-    {
-        public BCTestSetup(Test test)
-        {
-            super(test);
-        }
-
-        protected void setUp()
-        {
-            Security.addProvider(new BouncyCastlePQCProvider());
-        }
-
-        protected void tearDown()
-        {
-            Security.removeProvider("BCPQC");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/AsymmetricBlockCipherTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/AsymmetricBlockCipherTest.java
deleted file mode 100644
index c3b6516..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/AsymmetricBlockCipherTest.java
+++ /dev/null

@@ -1,84 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.test;
-
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.Cipher;
-
-import org.bouncycastle.pqc.math.linearalgebra.ByteUtils;
-
-
-public abstract class AsymmetricBlockCipherTest
-    extends FlexiTest
-{
-
-    protected Cipher cipher;
-
-    protected KeyPair keyPair;
-
-    protected PublicKey pubKey;
-
-    protected PrivateKey privKey;
-
-    protected KeyPairGenerator kpg;
-
-    private byte[] mBytes;
-
-    private byte[] cBytes;
-
-    private byte[] dBytes;
-
-    protected final void performEnDecryptionTest(int numPassesKPG,
-                                                 int numPassesEncDec, AlgorithmParameterSpec params)
-    {
-
-        try
-        {
-            for (int j = 0; j < numPassesKPG; j++)
-            {
-                keyPair = kpg.genKeyPair();
-                pubKey = keyPair.getPublic();
-                privKey = keyPair.getPrivate();
-
-                for (int k = 1; k <= numPassesEncDec; k++)
-                {
-                    // initialize for encryption
-                    cipher.init(Cipher.ENCRYPT_MODE, pubKey, params, sr);
-
-                    // generate random message
-                    final int plainTextSize = cipher.getBlockSize();
-                    int mLength = rand.nextInt(plainTextSize) + 1;
-                    mBytes = new byte[mLength];
-                    rand.nextBytes(mBytes);
-
-                    int cLen = cipher.getOutputSize(mBytes.length);
-                    // encrypt
-                    cBytes = cipher.doFinal(mBytes);
-                    assertTrue(cBytes.length <= cLen);
-                    // initialize for decryption
-                    cipher.init(Cipher.DECRYPT_MODE, privKey, params);
-                    int dLen = cipher.getOutputSize(cBytes.length);
-                    // decrypt
-                    dBytes = cipher.doFinal(cBytes);
-                    assertTrue(dBytes.length <= dLen);
-  
-                    // compare
-                    assertEquals("Encryption and Decryption test failed:\n"
-                        + " actual decrypted text: "
-                        + ByteUtils.toHexString(dBytes)
-                        + "\n expected plain text: "
-                        + ByteUtils.toHexString(mBytes), mBytes, dBytes);
-                }
-            }
-        }
-        catch (Exception e)
-        {
-            e.printStackTrace();
-            fail(e);
-        }
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/AsymmetricHybridCipherTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/AsymmetricHybridCipherTest.java
deleted file mode 100644
index f66dc6b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/AsymmetricHybridCipherTest.java
+++ /dev/null

@@ -1,91 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.test;
-
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.Cipher;
-
-import org.bouncycastle.pqc.jcajce.provider.util.AsymmetricHybridCipher;
-import org.bouncycastle.pqc.math.linearalgebra.ByteUtils;
-
-/**
- * Base class for unit tests of {@link AsymmetricHybridCipher}s.
- */
-public abstract class AsymmetricHybridCipherTest
-    extends FlexiTest
-{
-
-    /**
-     * the {@link KeyPairGenerator} to use for the test
-     */
-    protected KeyPairGenerator kpg;
-
-    /**
-     * the {@link AsymmetricHybridCipher} to use for the test
-     */
-    protected Cipher cipher;
-
-    private KeyPair keyPair;
-
-    private PublicKey pubKey;
-
-    private PrivateKey privKey;
-
-    private byte[] mBytes, cBytes, dBytes;
-
-    protected final void performEnDecryptionTest(int numPassesKPG,
-                                                 int numPassesEncDec, int plainTextSize,
-                                                 AlgorithmParameterSpec params)
-    {
-
-        try
-        {
-            for (int j = 0; j < numPassesKPG; j++)
-            {
-                // generate key pair
-                //kpg.initialize(params);
-                keyPair = kpg.genKeyPair();
-                pubKey = keyPair.getPublic();
-                privKey = keyPair.getPrivate();
-
-                for (int k = 1; k <= numPassesEncDec; k++)
-                {
-                    // initialize for encryption
-                    cipher.init(Cipher.ENCRYPT_MODE, pubKey, params, sr);
-
-                    // generate random message
-                    int mLength = rand.nextInt(plainTextSize) + 1;
-                    mBytes = new byte[mLength];
-                    rand.nextBytes(mBytes);
-
-                    // encrypt
-                    cBytes = cipher.doFinal(mBytes);
-
-
-                    // initialize for decryption
-                    cipher.init(Cipher.DECRYPT_MODE, privKey, params);
-                    // decrypt
-                    dBytes = cipher.doFinal(cBytes);
-                    // compare
-                    assertEquals(
-                        "Encryption/decryption test failed for message \""
-                            + ByteUtils.toHexString(mBytes)
-                            + "\":\n actual decrypted text: "
-                            + ByteUtils.toHexString(dBytes)
-                            + "\n expected plain text: "
-                            + ByteUtils.toHexString(mBytes), mBytes,
-                        dBytes);
-                }
-            }
-        }
-        catch (Exception e)
-        {
-            e.printStackTrace();
-            fail(e);
-        }
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/FlexiTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/FlexiTest.java
deleted file mode 100644
index 7d8ddd9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/FlexiTest.java
+++ /dev/null

@@ -1,68 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.test;
-
-import java.security.SecureRandom;
-import java.security.Security;
-import java.util.Arrays;
-import java.util.Random;
-
-import junit.framework.TestCase;
-import org.bouncycastle.pqc.jcajce.provider.BouncyCastlePQCProvider;
-
-public abstract class FlexiTest
-    extends TestCase
-{
-
-    /**
-     * Source of randomness
-     */
-    protected Random rand;
-
-    /**
-     * Secure source of randomness
-     */
-    protected SecureRandom sr;
-
-    protected void setUp()
-    {
-        Security.addProvider(new BouncyCastlePQCProvider());
-        // initialize sources of randomness
-        rand = new Random();
-        sr = new SecureRandom();
-        // TODO need it?
-        sr.setSeed(sr.generateSeed(20));
-    }
-
-    protected static final void assertEquals(byte[] expected, byte[] actual)
-    {
-        assertTrue(Arrays.equals(expected, actual));
-    }
-
-    protected static final void assertEquals(String message, byte[] expected,
-                                             byte[] actual)
-    {
-        assertTrue(message, Arrays.equals(expected, actual));
-    }
-
-    protected static final void assertEquals(int[] expected, int[] actual)
-    {
-        assertTrue(Arrays.equals(expected, actual));
-    }
-
-    protected static final void assertEquals(String message, int[] expected,
-                                             int[] actual)
-    {
-        assertTrue(message, Arrays.equals(expected, actual));
-    }
-
-    /**
-     * Method used to report test failure when in exception is thrown.
-     *
-     * @param e the exception
-     */
-    protected static final void fail(Exception e)
-    {
-        fail("Exception thrown: " + e.getClass().getName() + ":\n"
-            + e.getMessage());
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/KeyPairGeneratorTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/KeyPairGeneratorTest.java
deleted file mode 100644
index 424acaa..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/KeyPairGeneratorTest.java
+++ /dev/null

@@ -1,45 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.test;
-
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-
-public abstract class KeyPairGeneratorTest
-    extends FlexiTest
-{
-
-    protected KeyPairGenerator kpg;
-
-    protected KeyFactory kf;
-
-    protected final void performKeyPairEncodingTest(KeyPair keyPair)
-    {
-        try
-        {;
-            PublicKey pubKey = keyPair.getPublic();
-            PrivateKey privKey = keyPair.getPrivate();
-
-            byte[] encPubKey = pubKey.getEncoded();
-            byte[] encPrivKey = privKey.getEncoded();
-
-            X509EncodedKeySpec pubKeySpec = new X509EncodedKeySpec(encPubKey);
-            PKCS8EncodedKeySpec privKeySpec = new PKCS8EncodedKeySpec(encPrivKey);
-
-            PublicKey decPubKey = kf.generatePublic(pubKeySpec);
-            PrivateKey decPrivKey = kf.generatePrivate(privKeySpec);
-
-            assertEquals(pubKey, decPubKey);
-            assertEquals(privKey, decPrivKey);
-        }
-        catch (Exception e)
-        {
-            e.printStackTrace();
-            fail(e);
-        }
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/KeyStoreTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/KeyStoreTest.java
deleted file mode 100644
index 1c1762e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/KeyStoreTest.java
+++ /dev/null

@@ -1,275 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.security.Key;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.KeyStore;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.Signature;
-import java.security.cert.CertificateFactory;
-import java.security.cert.X509Certificate;
-import java.util.Date;
-import java.util.HashMap;
-import java.util.Map;
-import java.util.concurrent.atomic.AtomicLong;
-
-import junit.framework.TestCase;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.bc.BCObjectIdentifiers;
-import org.bouncycastle.asn1.x500.X500Name;
-import org.bouncycastle.asn1.x500.X500NameBuilder;
-import org.bouncycastle.asn1.x500.style.BCStyle;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.BasicConstraints;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.Extensions;
-import org.bouncycastle.asn1.x509.ExtensionsGenerator;
-import org.bouncycastle.asn1.x509.KeyUsage;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x509.TBSCertificate;
-import org.bouncycastle.asn1.x509.Time;
-import org.bouncycastle.asn1.x509.V3TBSCertificateGenerator;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.pqc.jcajce.provider.BouncyCastlePQCProvider;
-import org.bouncycastle.pqc.jcajce.spec.McElieceKeyGenParameterSpec;
-import org.bouncycastle.pqc.jcajce.spec.SPHINCS256KeyGenParameterSpec;
-import org.bouncycastle.pqc.jcajce.spec.XMSSMTParameterSpec;
-
-public class KeyStoreTest
-    extends TestCase
-{
-    private static final long ONE_DAY_IN_MILLIS = 24 * 60 * 60 * 1000;
-    private static final long TEN_YEARS_IN_MILLIS = 10l * 365 * ONE_DAY_IN_MILLIS;
-
-    private static Map algIds = new HashMap();
-
-    static
-    {
-        algIds.put("SHA512WITHSPHINCS256", new AlgorithmIdentifier(BCObjectIdentifiers.sphincs256_with_SHA512));
-        algIds.put("SHA256WITHXMSSMT", new AlgorithmIdentifier(BCObjectIdentifiers.xmss_mt_SHA256ph));
-        algIds.put("SHA512WITHXMSSMT", new AlgorithmIdentifier(BCObjectIdentifiers.xmss_mt_SHA512ph));
-    }
-
-    public void setUp()
-    {
-        Security.addProvider(new BouncyCastleProvider());
-        Security.addProvider(new BouncyCastlePQCProvider());
-    }
-
-    public void testPKCS12()
-        throws Exception
-    {
-        tryKeyStore("PKCS12");
-        tryKeyStore("PKCS12-DEF");
-    }
-
-    public void testBKS()
-        throws Exception
-    {
-        tryKeyStore("BKS");
-        tryKeyStore("UBER");
-    }
-
-    public void testBCFKS()
-        throws Exception
-    {
-        tryKeyStore("BCFKS-DEF");
-    }
-
-    private void tryKeyStore(String format)
-        throws Exception
-    {
-        // Keystore to store certificates and private keys
-        KeyStore store = KeyStore.getInstance(format, "BC");
-
-        store.load(null, null);
-
-        String password = "qwertz";
-        // XMSS
-        X500NameBuilder nameBuilder = new X500NameBuilder();
-
-        nameBuilder.addRDN(BCStyle.CN, "Root CA");
-
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSSMT", "BCPQC");
-
-        kpg.initialize(new XMSSMTParameterSpec(20, 10, XMSSMTParameterSpec.SHA256), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-        // root CA
-        X509Certificate rootCA = createPQSelfSignedCert(nameBuilder.build(), "SHA256WITHXMSSMT", kp);
-        X509Certificate[] chain = new X509Certificate[1];
-        chain[0] = rootCA;
-        // store root private key
-        String alias1 = "xmssmt private";
-        store.setKeyEntry(alias1, kp.getPrivate(), password.toCharArray(), chain);
-        // store root certificate
-        store.setCertificateEntry("root ca", rootCA);
-
-        // McEliece
-        kpg = KeyPairGenerator.getInstance("McEliece", "BCPQC");
-
-        McElieceKeyGenParameterSpec params = new McElieceKeyGenParameterSpec(9, 33);
-        kpg.initialize(params);
-
-        KeyPair mcelieceKp = kpg.generateKeyPair();
-
-        ExtensionsGenerator extGenerator = new ExtensionsGenerator();
-        extGenerator.addExtension(Extension.basicConstraints, false, new BasicConstraints(false));
-        extGenerator.addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.encipherOnly));
-
-        X509Certificate cert1 = createCert(nameBuilder.build(), kp.getPrivate(), new X500Name("CN=meceliece"), "SHA256WITHXMSSMT",
-            extGenerator.generate(), mcelieceKp.getPublic());
-
-        X509Certificate[] chain1 = new X509Certificate[2];
-        chain1[1] = rootCA;
-        chain1[0] = cert1;
-
-        // SPHINCS-256
-        kpg = KeyPairGenerator.getInstance("SPHINCS256", "BCPQC");
-
-        kpg.initialize(new SPHINCS256KeyGenParameterSpec(SPHINCS256KeyGenParameterSpec.SHA512_256));
-
-        KeyPair sphincsKp = kpg.generateKeyPair();
-
-        extGenerator = new ExtensionsGenerator();
-        extGenerator.addExtension(Extension.basicConstraints, false, new BasicConstraints(false));
-        extGenerator.addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.digitalSignature));
-
-        X509Certificate cert2 = createCert(nameBuilder.build(), sphincsKp.getPrivate(), new X500Name("CN=sphincs256"), "SHA512WITHSPHINCS256",
-            extGenerator.generate(), sphincsKp.getPublic());
-
-        X509Certificate[] chain2 = new X509Certificate[2];
-        chain2[1] = rootCA;
-        chain2[0] = cert2;
-
-        String alias2 = "private key 1";
-        String alias3 = "private key 2";
-
-        // store private keys
-        store.setKeyEntry(alias2, mcelieceKp.getPrivate(), password.toCharArray(), chain1);
-        store.setKeyEntry(alias3, sphincsKp.getPrivate(), password.toCharArray(), chain2);
-
-        // store certificates
-        store.setCertificateEntry("cert 1", cert1);
-        store.setCertificateEntry("cert 2", cert2);
-
-        // can't restore keys from keystore
-        Key k1 = store.getKey(alias1, password.toCharArray());
-
-        assertEquals(kp.getPrivate(), k1);
-
-        Key k2 = store.getKey(alias2, password.toCharArray());
-
-        assertEquals(mcelieceKp.getPrivate(), k2);
-
-        Key k3 = store.getKey(alias3, password.toCharArray());
-
-        assertEquals(sphincsKp.getPrivate(), k3);
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        store.store(bOut, "fred".toCharArray());
-
-        KeyStore bcStore = KeyStore.getInstance(format, "BC");
-
-        bcStore.load(new ByteArrayInputStream(bOut.toByteArray()), "fred".toCharArray());
-
-        k1 = store.getKey(alias1, password.toCharArray());
-
-        assertEquals(kp.getPrivate(), k1);
-
-        k2 = store.getKey(alias2, password.toCharArray());
-
-        assertEquals(mcelieceKp.getPrivate(), k2);
-
-        k3 = store.getKey(alias3, password.toCharArray());
-
-        assertEquals(sphincsKp.getPrivate(), k3);
-    }
-
-    private static X509Certificate createPQSelfSignedCert(X500Name dn, String sigName, KeyPair keyPair)
-        throws Exception
-    {
-        V3TBSCertificateGenerator certGen = new V3TBSCertificateGenerator();
-        long time = System.currentTimeMillis();
-        AtomicLong serialNumber = new AtomicLong(System.currentTimeMillis());
-        certGen.setSerialNumber(new ASN1Integer(serialNumber.getAndIncrement()));
-        certGen.setIssuer(dn);
-        certGen.setSubject(dn);
-        certGen.setStartDate(new Time(new Date(time - 5000)));
-        certGen.setEndDate(new Time(new Date(time + TEN_YEARS_IN_MILLIS)));
-        certGen.setSignature((AlgorithmIdentifier)algIds.get(sigName));
-        certGen.setSubjectPublicKeyInfo(SubjectPublicKeyInfo.getInstance(keyPair.getPublic().getEncoded()));
-
-        ExtensionsGenerator extGenerator = new ExtensionsGenerator();
-        extGenerator.addExtension(Extension.basicConstraints, true, new BasicConstraints(true));
-        extGenerator.addExtension(Extension.keyUsage, true, new KeyUsage(KeyUsage.keyCertSign));
-
-        certGen.setExtensions(extGenerator.generate());
-
-        Signature sig = Signature.getInstance(sigName, BouncyCastlePQCProvider.PROVIDER_NAME);
-
-        sig.initSign(keyPair.getPrivate());
-
-        sig.update(certGen.generateTBSCertificate().getEncoded(ASN1Encoding.DER));
-
-        TBSCertificate tbsCert = certGen.generateTBSCertificate();
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-        // TBS
-        v.add(tbsCert);
-        // Algorithm Identifier
-        v.add((AlgorithmIdentifier)algIds.get(sigName));
-        // Signature
-        v.add(new DERBitString(sig.sign()));
-
-        return (X509Certificate)CertificateFactory.getInstance("X.509", BouncyCastleProvider.PROVIDER_NAME)
-            .generateCertificate(new ByteArrayInputStream(new DERSequence(v).getEncoded(ASN1Encoding.DER)));
-    }
-
-    private static X509Certificate createCert(X500Name signerName, PrivateKey signerKey, X500Name dn, String sigName,
-                                             Extensions extensions, PublicKey pubKey)
-        throws Exception
-    {
-        V3TBSCertificateGenerator certGen = new V3TBSCertificateGenerator();
-
-        long time = System.currentTimeMillis();
-        AtomicLong serialNumber = new AtomicLong(System.currentTimeMillis());
-
-        certGen.setSerialNumber(new ASN1Integer(serialNumber.getAndIncrement()));
-        certGen.setIssuer(signerName);
-        certGen.setSubject(dn);
-        certGen.setStartDate(new Time(new Date(time - 5000)));
-        certGen.setEndDate(new Time(new Date(time + TEN_YEARS_IN_MILLIS)));
-        certGen.setSignature((AlgorithmIdentifier)algIds.get(sigName));
-        certGen.setSubjectPublicKeyInfo(SubjectPublicKeyInfo.getInstance(pubKey.getEncoded()));
-
-        certGen.setExtensions(extensions);
-
-        Signature sig = Signature.getInstance(sigName, BouncyCastlePQCProvider.PROVIDER_NAME);
-
-        sig.initSign(signerKey);
-
-        sig.update(certGen.generateTBSCertificate().getEncoded(ASN1Encoding.DER));
-
-        TBSCertificate tbsCert = certGen.generateTBSCertificate();
-
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(tbsCert);
-        v.add((AlgorithmIdentifier)algIds.get(sigName));
-        v.add(new DERBitString(sig.sign()));
-
-        return (X509Certificate)CertificateFactory.getInstance("X.509", "BC")
-            .generateCertificate(new ByteArrayInputStream(new DERSequence(v).getEncoded(ASN1Encoding.DER)));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/McElieceCCA2KeyPairGeneratorTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/McElieceCCA2KeyPairGeneratorTest.java
deleted file mode 100644
index ecb06be..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/McElieceCCA2KeyPairGeneratorTest.java
+++ /dev/null

@@ -1,38 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.test;
-
-import java.security.KeyFactory;
-import java.security.KeyPairGenerator;
-
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-import org.bouncycastle.pqc.jcajce.spec.McElieceCCA2KeyGenParameterSpec;
-
-
-public class McElieceCCA2KeyPairGeneratorTest
-    extends KeyPairGeneratorTest
-{
-
-    protected void setUp()
-    {
-        super.setUp();
-    }
-
-    public void testKeyFactory()
-        throws Exception
-    {
-        kf = KeyFactory.getInstance("McElieceKobaraImai");
-        kf = KeyFactory.getInstance("McEliecePointcheval");
-        kf = KeyFactory.getInstance("McElieceFujisaki");
-        kf = KeyFactory.getInstance(PQCObjectIdentifiers.mcElieceCca2.getId());
-    }
-
-    public void testKeyPairEncoding_9_33()
-        throws Exception
-    {
-        kf = KeyFactory.getInstance(PQCObjectIdentifiers.mcElieceCca2.getId());
-
-        kpg = KeyPairGenerator.getInstance("McElieceKobaraImai");
-        McElieceCCA2KeyGenParameterSpec params = new McElieceCCA2KeyGenParameterSpec(9, 33);
-        kpg.initialize(params);
-        performKeyPairEncodingTest(kpg.generateKeyPair());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/McElieceCCA2PrimitivesTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/McElieceCCA2PrimitivesTest.java
deleted file mode 100644
index f3ffeb8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/McElieceCCA2PrimitivesTest.java
+++ /dev/null

@@ -1,71 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.test;
-
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.NoSuchAlgorithmException;
-
-import org.bouncycastle.pqc.jcajce.provider.mceliece.BCMcElieceCCA2PrivateKey;
-import org.bouncycastle.pqc.jcajce.provider.mceliece.BCMcElieceCCA2PublicKey;
-import org.bouncycastle.pqc.jcajce.provider.mceliece.McElieceCCA2Primitives;
-import org.bouncycastle.pqc.jcajce.spec.McElieceKeyGenParameterSpec;
-import org.bouncycastle.pqc.math.linearalgebra.GF2Vector;
-
-
-public class McElieceCCA2PrimitivesTest
-    extends FlexiTest
-{
-
-    KeyPairGenerator kpg;
-
-    protected void setUp()
-    {
-        super.setUp();
-        try
-        {
-            kpg = KeyPairGenerator.getInstance("McElieceKobaraImai");
-        }
-        catch (NoSuchAlgorithmException e)
-        {
-            e.printStackTrace();
-        }
-    }
-
-    public void testPrimitives()
-        throws Exception
-    {
-        int m = 11;
-        int t = 50;
-        initKPG(m, t);
-        int n = 1 << m;
-
-        KeyPair pair = kpg.genKeyPair();
-        BCMcElieceCCA2PublicKey pubKey = (BCMcElieceCCA2PublicKey)pair.getPublic();
-        BCMcElieceCCA2PrivateKey privKey = (BCMcElieceCCA2PrivateKey)pair
-            .getPrivate();
-
-        GF2Vector plaintext = new GF2Vector(pubKey.getK(), sr);
-        GF2Vector errors = new GF2Vector(n, t, sr);
-
-        GF2Vector ciphertext = McElieceCCA2Primitives.encryptionPrimitive(
-            pubKey, plaintext, errors);
-
-        GF2Vector[] dec = McElieceCCA2Primitives.decryptionPrimitive(privKey,
-            ciphertext);
-        GF2Vector plaintextAgain = dec[0];
-        GF2Vector errorsAgain = dec[1];
-
-        assertEquals(plaintext, plaintextAgain);
-        assertEquals(errors, errorsAgain);
-    }
-
-    /**
-     * Initialize the key pair generator with the given parameters.
-     */
-    private void initKPG(int m, int t)
-        throws Exception
-    {
-        McElieceKeyGenParameterSpec params = new McElieceKeyGenParameterSpec(m, t);
-        kpg.initialize(params);
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/McElieceCipherTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/McElieceCipherTest.java
deleted file mode 100644
index 9e6f7ba..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/McElieceCipherTest.java
+++ /dev/null

@@ -1,47 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.test;
-
-import java.security.KeyPairGenerator;
-
-import javax.crypto.Cipher;
-
-import org.bouncycastle.pqc.jcajce.spec.McElieceKeyGenParameterSpec;
-
-public class McElieceCipherTest
-    extends AsymmetricBlockCipherTest
-{
-
-    protected void setUp()
-    {
-        super.setUp();
-
-        try
-        {
-            kpg = KeyPairGenerator.getInstance("McEliece");
-            cipher = Cipher.getInstance("McEliece");
-        }
-        catch (Exception e)
-        {
-            e.printStackTrace();
-        }
-
-
-    }
-
-    public void testEnDecryption_9_33()
-        throws Exception
-    {
-        McElieceKeyGenParameterSpec params = new McElieceKeyGenParameterSpec(9, 33);
-        kpg.initialize(params);
-        performEnDecryptionTest(2, 10, params);
-    }
-
-    public void testEnDecryption_11_50()
-        throws Exception
-    {
-        McElieceKeyGenParameterSpec params = new McElieceKeyGenParameterSpec(11, 50);
-        kpg.initialize(params);
-        performEnDecryptionTest(2, 10, params);
-    }
-
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/McElieceFujisakiCipherTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/McElieceFujisakiCipherTest.java
deleted file mode 100644
index 671dbbf..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/McElieceFujisakiCipherTest.java
+++ /dev/null

@@ -1,66 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.test;
-
-import java.security.KeyPairGenerator;
-
-import javax.crypto.Cipher;
-
-import org.bouncycastle.pqc.jcajce.spec.McElieceCCA2KeyGenParameterSpec;
-
-
-public class McElieceFujisakiCipherTest
-    extends AsymmetricHybridCipherTest
-{
-
-    protected void setUp()
-    {
-        super.setUp();
-        try
-        {
-            kpg = KeyPairGenerator.getInstance("McElieceFujisaki");
-            cipher = Cipher.getInstance("McElieceFujisaki");
-        }
-        catch (Exception e)
-        {
-            e.printStackTrace();
-        }
-
-    }
-
-    /**
-     * Test encryption and decryption performance for SHA256 message digest and parameters
-     * m=11, t=50.
-     */
-
-    public void testEnDecryption_SHA1_11_50()
-        throws Exception
-    {
-        // initialize key pair generator
-        McElieceCCA2KeyGenParameterSpec kpgParams = new McElieceCCA2KeyGenParameterSpec(11, 50, McElieceCCA2KeyGenParameterSpec.SHA1);
-        kpg.initialize(kpgParams);
-
-        // perform test
-        performEnDecryptionTest(1, 10, 32, null);
-    }
-
-    public void testEnDecryption_SHA224_11_50()
-        throws Exception
-    {
-        // initialize key pair generator
-        McElieceCCA2KeyGenParameterSpec kpgParams = new McElieceCCA2KeyGenParameterSpec(11, 50, McElieceCCA2KeyGenParameterSpec.SHA224);
-        kpg.initialize(kpgParams);
-
-        // perform test
-        performEnDecryptionTest(1, 10, 32, null);
-    }
-
-    public void testEnDecryption_SHA256_11_50()
-        throws Exception
-    {
-        // initialize key pair generator
-        McElieceCCA2KeyGenParameterSpec kpgParams = new McElieceCCA2KeyGenParameterSpec(11, 50, McElieceCCA2KeyGenParameterSpec.SHA256);
-        kpg.initialize(kpgParams);
-
-        // perform test
-        performEnDecryptionTest(1, 10, 32, null);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/McElieceKeyPairGeneratorTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/McElieceKeyPairGeneratorTest.java
deleted file mode 100644
index 6600a17..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/McElieceKeyPairGeneratorTest.java
+++ /dev/null

@@ -1,57 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.test;
-
-import java.security.KeyFactory;
-import java.security.KeyPairGenerator;
-import java.security.SecureRandom;
-
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-import org.bouncycastle.pqc.jcajce.spec.McElieceCCA2KeyGenParameterSpec;
-import org.bouncycastle.pqc.jcajce.spec.McElieceKeyGenParameterSpec;
-
-
-public class McElieceKeyPairGeneratorTest
-    extends KeyPairGeneratorTest
-{
-
-    protected void setUp()
-    {
-        super.setUp();
-    }
-
-    public void testKeyFactory()
-        throws Exception
-    {
-        kf = KeyFactory.getInstance("McEliece");
-        kf = KeyFactory.getInstance(PQCObjectIdentifiers.mcEliece.getId());
-    }
-
-    public void testKeyPairEncoding_9_33()
-        throws Exception
-    {
-        kf = KeyFactory.getInstance("McEliece");
-
-        kpg = KeyPairGenerator.getInstance("McEliece");
-        McElieceKeyGenParameterSpec params = new McElieceKeyGenParameterSpec(9, 33);
-        kpg.initialize(params);
-        performKeyPairEncodingTest(kpg.generateKeyPair());
-
-        kpg = KeyPairGenerator.getInstance("McEliece");
-        kpg.initialize(params, new SecureRandom());
-        performKeyPairEncodingTest(kpg.generateKeyPair());
-    }
-
-    public void testKeyPairEncoding_CCA2()
-        throws Exception
-    {
-        kf = KeyFactory.getInstance("McEliece-CCA2");
-
-        kpg = KeyPairGenerator.getInstance("McEliece-CCA2");
-        McElieceCCA2KeyGenParameterSpec params = new McElieceCCA2KeyGenParameterSpec(9, 33);
-        kpg.initialize(params);
-        performKeyPairEncodingTest(kpg.generateKeyPair());
-
-        kpg = KeyPairGenerator.getInstance("McEliece-CCA2");
-        kpg.initialize(params, new SecureRandom());
-        performKeyPairEncodingTest(kpg.generateKeyPair());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/McElieceKobaraImaiCipherTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/McElieceKobaraImaiCipherTest.java
deleted file mode 100644
index 944b62c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/McElieceKobaraImaiCipherTest.java
+++ /dev/null

@@ -1,43 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.test;
-
-import java.security.KeyPairGenerator;
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.Cipher;
-
-import org.bouncycastle.pqc.jcajce.spec.McElieceCCA2KeyGenParameterSpec;
-
-
-public class McElieceKobaraImaiCipherTest
-    extends AsymmetricHybridCipherTest
-{
-
-    protected void setUp()
-    {
-        super.setUp();
-        try
-        {
-            kpg = KeyPairGenerator.getInstance("McElieceKobaraImai");
-            cipher = Cipher.getInstance("McElieceKobaraImai");
-        }
-        catch (Exception e)
-        {
-            e.printStackTrace();
-        }
-    }
-
-    /**
-     * Test encryption and decryption performance for SHA256 message digest and parameters
-     * m=11, t=50.
-     */
-    public void testEnDecryption_SHA256_11_50()
-        throws Exception
-    {
-        // initialize key pair generator
-        AlgorithmParameterSpec kpgParams = new McElieceCCA2KeyGenParameterSpec(11, 50);
-        kpg.initialize(kpgParams);
-
-        performEnDecryptionTest(0, 10, 32, null);       // TODO:  McElieceKobaraImai is broken
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/McEliecePointchevalCipherTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/McEliecePointchevalCipherTest.java
deleted file mode 100644
index d1af36e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/McEliecePointchevalCipherTest.java
+++ /dev/null

@@ -1,43 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.test;
-
-import java.security.KeyPairGenerator;
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.Cipher;
-
-import org.bouncycastle.pqc.jcajce.spec.McElieceCCA2KeyGenParameterSpec;
-
-public class McEliecePointchevalCipherTest
-    extends AsymmetricHybridCipherTest
-{
-
-    protected void setUp()
-    {
-        super.setUp();
-        try
-        {
-            kpg = KeyPairGenerator.getInstance("McEliecePointcheval");
-            cipher = Cipher.getInstance("McEliecePointcheval");
-        }
-        catch (Exception e)
-        {
-            e.printStackTrace();
-        }
-    }
-
-    /**
-     * Test encryption and decryption performance for SHA256 message digest and parameters
-     * m=11, t=50.
-     */
-    public void testEnDecryption_SHA256_11_50()
-        throws Exception
-    {
-        // initialize key pair generator
-        AlgorithmParameterSpec kpgParams = new McElieceCCA2KeyGenParameterSpec(11, 50);
-        kpg.initialize(kpgParams);
-
-        // perform test
-        performEnDecryptionTest(1, 10, 32, null);
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/NewHopeKeyPairGeneratorTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/NewHopeKeyPairGeneratorTest.java
deleted file mode 100644
index c70450f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/NewHopeKeyPairGeneratorTest.java
+++ /dev/null

@@ -1,40 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.test;
-
-import java.security.KeyFactory;
-import java.security.KeyPairGenerator;
-import java.security.SecureRandom;
-
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-
-
-/**
- * KeyFactory/KeyPairGenerator tests for NewHope (NH) with the BCPQC provider.
- */
-public class NewHopeKeyPairGeneratorTest
-    extends KeyPairGeneratorTest
-{
-
-    protected void setUp()
-    {
-        super.setUp();
-    }
-
-    public void testKeyFactory()
-        throws Exception
-    {
-        kf = KeyFactory.getInstance("NH", "BCPQC");
-        kf = KeyFactory.getInstance(PQCObjectIdentifiers.newHope.getId(), "BCPQC");
-    }
-
-    public void testKeyPairEncoding()
-        throws Exception
-    {
-        kf = KeyFactory.getInstance("NH", "BCPQC");
-
-        kpg = KeyPairGenerator.getInstance("NH", "BCPQC");
-        kpg.initialize(1024, new SecureRandom());
-
-        performKeyPairEncodingTest(kpg.generateKeyPair());
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/NewHopeTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/NewHopeTest.java
deleted file mode 100644
index 1d072b1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/NewHopeTest.java
+++ /dev/null

@@ -1,123 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.security.Key;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-
-import javax.crypto.KeyAgreement;
-
-import junit.framework.TestCase;
-import org.bouncycastle.pqc.jcajce.interfaces.NHKey;
-import org.bouncycastle.pqc.jcajce.provider.BouncyCastlePQCProvider;
-import org.bouncycastle.util.Arrays;
-
-/**
- * Test cases for the use of NewHope (NH) with the BCPQC provider.
- */
-public class NewHopeTest
-    extends TestCase
-{
-    public void setUp()
-    {
-        if (Security.getProvider(BouncyCastlePQCProvider.PROVIDER_NAME) == null)
-        {
-            Security.addProvider(new BouncyCastlePQCProvider());
-        }
-    }
-
-    public void testKeyExchange()
-        throws Exception
-    {
-        SecureRandom aliceRand = new SecureRandom();
-        SecureRandom bobRand = new SecureRandom();
-
-        for (int i = 0; i < 1000; ++i)
-        {
-            KeyPairGenerator kpGen = KeyPairGenerator.getInstance("NH", "BCPQC");
-
-            kpGen.initialize(1024, aliceRand);
-
-            KeyPair aliceKp = kpGen.generateKeyPair();
-
-            KeyAgreement bobAgree = KeyAgreement.getInstance("NH", "BCPQC");
-
-            // responder has no private key, but needs a random number source.
-            bobAgree.init(null, bobRand);
-
-            Key bobSend = bobAgree.doPhase(aliceKp.getPublic(), true);
-
-            KeyAgreement aliceAgree = KeyAgreement.getInstance("NH", "BCPQC");
-
-            // initiator uses both private key
-            aliceAgree.init(aliceKp.getPrivate());
-
-            // and recipient's public key.
-            aliceAgree.doPhase(bobSend, true);
-
-            assertTrue("value mismatch", Arrays.areEqual(aliceAgree.generateSecret(), bobAgree.generateSecret()));
-        }
-    }
-
-    public void testPrivateKeyRecovery()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("NH", "BCPQC");
-
-        kpg.initialize(1024, new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        KeyFactory kFact = KeyFactory.getInstance("NH", "BCPQC");
-
-        NHKey privKey = (NHKey)kFact.generatePrivate(new PKCS8EncodedKeySpec(kp.getPrivate().getEncoded()));
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        ObjectOutputStream oOut = new ObjectOutputStream(bOut);
-
-        oOut.writeObject(privKey);
-
-        oOut.close();
-
-        ObjectInputStream oIn = new ObjectInputStream(new ByteArrayInputStream(bOut.toByteArray()));
-
-        NHKey privKey2 = (NHKey)oIn.readObject();
-
-        assertEquals(privKey, privKey2);
-    }
-
-    public void testPublicKeyRecovery()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("NH", "BCPQC");
-
-        kpg.initialize(1024, new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        KeyFactory kFact = KeyFactory.getInstance("NH", "BCPQC");
-
-        NHKey pubKey = (NHKey)kFact.generatePublic(new X509EncodedKeySpec(kp.getPublic().getEncoded()));
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        ObjectOutputStream oOut = new ObjectOutputStream(bOut);
-
-        oOut.writeObject(pubKey);
-
-        oOut.close();
-
-        ObjectInputStream oIn = new ObjectInputStream(new ByteArrayInputStream(bOut.toByteArray()));
-
-        NHKey pubKey2 = (NHKey)oIn.readObject();
-
-        assertEquals(pubKey, pubKey2);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/QTESLASecureRandomFactory.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/QTESLASecureRandomFactory.java
deleted file mode 100644
index 738c848..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/QTESLASecureRandomFactory.java
+++ /dev/null

@@ -1,181 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.test;
-
-import javax.crypto.Cipher;
-import javax.crypto.spec.SecretKeySpec;
-
-import org.bouncycastle.util.test.FixedSecureRandom;
-
-/**
- * Factory for producing FixedSecureRandom objects for use with testsing
- */
-class QTESLASecureRandomFactory
-{
-    private byte[] seed;
-    private byte[] personalization;
-    private byte[] key;
-    private byte[] v;
-    int reseed_counuter = 1;
-
-
-    /**
-     * Return a seeded FixedSecureRandom representing the result of processing a
-     * qTESLA test seed with the qTESLA RandomNumberGenerator.
-     *
-     * @param seed original qTESLA seed
-     * @param strength bit-strength of the RNG required.
-     * @return a FixedSecureRandom containing the correct amount of seed material for use with Java.
-     */
-    public static FixedSecureRandom getFixed(byte[] seed, int strength)
-    {
-        return getFixed(seed,null, strength, strength / 8, strength / 8);
-    }
-
-    public static FixedSecureRandom getFixed(byte[] seed, byte[] personalization, int strength, int discard, int size)
-    {
-        QTESLASecureRandomFactory teslaRNG = new QTESLASecureRandomFactory(seed, personalization);
-        teslaRNG.init(strength);
-        byte[] burn = new byte[discard];
-        teslaRNG.nextBytes(burn);
-        if (discard != size)
-        {
-            burn = new byte[size];
-        }
-        teslaRNG.nextBytes(burn);
-        return new FixedSecureRandom(burn);
-    }
-
-
-    private QTESLASecureRandomFactory(byte[] seed, byte[] personalization)
-    {
-        this.seed = seed;
-        this.personalization = personalization;
-    }
-
-
-    private void init(int strength)
-    {
-        randombytes_init(seed, personalization, strength);
-        reseed_counuter = 1;
-    }
-
-    private void nextBytes(byte[] x)
-    {
-        byte[] block = new byte[16];
-        int i = 0;
-
-        int xlen = x.length;
-
-        while (xlen > 0)
-        {
-            for (int j = 15; j >= 0; j--)
-            {
-                if ((v[j] & 0xFF) == 0xff)
-                {
-                    v[j] = 0x00;
-                }
-                else
-                {
-                    v[j]++;
-                    break;
-                }
-            }
-
-            AES256_ECB(key, v, block, 0);
-
-            if (xlen > 15)
-            {
-                System.arraycopy(block, 0, x, i, block.length);
-                i += 16;
-                xlen -= 16;
-            }
-            else
-            {
-                System.arraycopy(block, 0, x, i, xlen);
-                xlen = 0;
-            }
-        }
-
-        AES256_CTR_DRBG_Update(null, key, v);
-        reseed_counuter++;
-    }
-
-
-    private void AES256_ECB(byte[] key, byte[] ctr, byte[] buffer, int startPosition)
-    {
-        try
-        {
-            Cipher cipher = Cipher.getInstance("AES/ECB/NoPadding");
-
-            cipher.init(Cipher.ENCRYPT_MODE, new SecretKeySpec(key, "AES"));
-
-            cipher.doFinal(ctr, 0, ctr.length, buffer, startPosition);
-        }
-        catch (Throwable ex)
-        {
-            ex.printStackTrace();
-        }
-    }
-
-
-    private void AES256_CTR_DRBG_Update(byte[] entropy_input, byte[] key, byte[] v)
-    {
-
-        byte[] tmp = new byte[48];
-
-        for (int i = 0; i < 3; i++)
-        {
-            //increment V
-            for (int j = 15; j >= 0; j--)
-            {
-                if ((v[j] & 0xFF) == 0xff)
-                {
-                    v[j] = 0x00;
-                }
-                else
-                {
-                    v[j]++;
-                    break;
-                }
-            }
-
-            AES256_ECB(key, v, tmp, 16 * i);
-        }
-
-        if (entropy_input != null)
-        {
-            for (int i = 0; i < 48; i++)
-            {
-                tmp[i] ^= entropy_input[i];
-            }
-        }
-
-        System.arraycopy(tmp, 0, key, 0, key.length);
-        System.arraycopy(tmp, 32, v, 0, v.length);
-
-
-    }
-
-
-    private void randombytes_init(byte[] entropyInput, byte[] personalization, int strength)
-    {
-        byte[] seedMaterial = new byte[48];
-
-        System.arraycopy(entropyInput, 0, seedMaterial, 0, seedMaterial.length);
-        if (personalization != null)
-        {
-            for (int i = 0; i < 48; i++)
-            {
-                seedMaterial[i] ^= personalization[i];
-            }
-        }
-
-        key = new byte[32];
-        v = new byte[16];
-
-
-        AES256_CTR_DRBG_Update(seedMaterial, key, v);
-
-        reseed_counuter = 1;
-
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/QTESLATest.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/QTESLATest.java
deleted file mode 100644
index 453df94..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/QTESLATest.java
+++ /dev/null

@@ -1,300 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.Signature;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-
-import junit.framework.TestCase;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.bc.BCObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-import org.bouncycastle.pqc.jcajce.provider.BouncyCastlePQCProvider;
-import org.bouncycastle.pqc.jcajce.spec.QTESLAParameterSpec;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.encoders.Hex;
-import org.bouncycastle.util.test.FixedSecureRandom;
-
-public class QTESLATest
-    extends TestCase
-{
-    static SecureRandom secureRandom = new SecureRandom();
-
-    public void setUp()
-    {
-        if (Security.getProvider(BouncyCastlePQCProvider.PROVIDER_NAME) == null)
-        {
-            Security.addProvider(new BouncyCastlePQCProvider());
-        }
-    }
-    
-    private void doTestSig(KeyPair kp)
-        throws Exception
-    {
-        byte[] seed = Hex.decode("061550234D158C5EC95595FE04EF7A25767F2E24CC2BC479D09D86DC9ABCFDE7056A8C266F9EF97ED08541DBD2E1FFA1");
-        byte[] msg = Hex.decode("D81C4D8D734FCBFBEADE3D3F8A039FAA2A2C9957E835AD55B22E75BF57BB556AC8");
-
-        Signature signer = Signature.getInstance(kp.getPublic().getAlgorithm(), "BCPQC");
-
-        signer.initSign(kp.getPrivate(), new FixedSecureRandom(seed));
-
-        signer.update(msg);
-
-        byte[] sig = signer.sign();
-
-        signer = Signature.getInstance("qTESLA", "BCPQC");
-
-        signer.initVerify(kp.getPublic());
-
-        signer.update(msg);
-
-        assertTrue(signer.verify(sig));
-    }
-
-    private void doTestKey(KeyPair kp)
-        throws Exception
-    {
-        KeyFactory keyFact = KeyFactory.getInstance("qTESLA", "BCPQC");
-
-        PublicKey pubKey = keyFact.generatePublic(new X509EncodedKeySpec(kp.getPublic().getEncoded()));
-        PrivateKey privKey = keyFact.generatePrivate(new PKCS8EncodedKeySpec(kp.getPrivate().getEncoded()));
-
-        assertEquals(kp.getPublic(), pubKey);
-        assertEquals(kp.getPrivate(), privKey);
-        assertEquals(kp.getPublic().hashCode(), pubKey.hashCode());
-        assertEquals(kp.getPrivate().hashCode(), privKey.hashCode());
-        assertEquals(kp.getPublic(), serialiseDeserialise(kp.getPublic()));
-        assertEquals(kp.getPrivate(), serialiseDeserialise(kp.getPrivate()));
-    }
-
-    private Object serialiseDeserialise(Object o)
-        throws Exception
-    {
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        ObjectOutputStream oOut = new ObjectOutputStream(bOut);
-
-        oOut.writeObject(o);
-
-        oOut.close();
-
-        ObjectInputStream oIn = new ObjectInputStream(new ByteArrayInputStream(bOut.toByteArray()));
-
-        return oIn.readObject();
-    }
-
-    public void testGenerateKeyPairSigningVerifyingI()
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("qTESLA", "BCPQC");
-
-        kpGen.initialize(new QTESLAParameterSpec(QTESLAParameterSpec.HEURISTIC_I), secureRandom);
-
-        KeyPair kp = kpGen.generateKeyPair();
-
-        assertEquals(BCObjectIdentifiers.qTESLA_I, SubjectPublicKeyInfo.getInstance(kp.getPublic().getEncoded()).getAlgorithm().getAlgorithm());
-
-        doTestSig(kp);
-        doTestKey(kp);
-    }
-
-    public void testGenerateKeyPairSigningVerifyingIIISize()
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("qTESLA", "BCPQC");
-
-        kpGen.initialize(new QTESLAParameterSpec(QTESLAParameterSpec.HEURISTIC_III_SIZE), secureRandom);
-
-        KeyPair kp = kpGen.generateKeyPair();
-
-        assertEquals(BCObjectIdentifiers.qTESLA_III_size, SubjectPublicKeyInfo.getInstance(kp.getPublic().getEncoded()).getAlgorithm().getAlgorithm());
-
-        doTestSig(kp);
-        doTestKey(kp);
-    }
-
-    public void testGenerateKeyPairSigningVerifyingIIISpeed()
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("qTESLA", "BCPQC");
-
-        kpGen.initialize(new QTESLAParameterSpec(QTESLAParameterSpec.HEURISTIC_III_SPEED), secureRandom);
-
-        KeyPair kp = kpGen.generateKeyPair();
-
-        assertEquals(BCObjectIdentifiers.qTESLA_III_speed, SubjectPublicKeyInfo.getInstance(kp.getPublic().getEncoded()).getAlgorithm().getAlgorithm());
-
-        doTestSig(kp);
-        doTestKey(kp);
-    }
-
-    public void testGenerateKeyPairSigningVerifyingPI()
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("qTESLA", "BCPQC");
-
-        kpGen.initialize(new QTESLAParameterSpec(QTESLAParameterSpec.PROVABLY_SECURE_I), secureRandom);
-
-        KeyPair kp = kpGen.generateKeyPair();
-
-        assertEquals(BCObjectIdentifiers.qTESLA_p_I, SubjectPublicKeyInfo.getInstance(kp.getPublic().getEncoded()).getAlgorithm().getAlgorithm());
-
-        doTestSig(kp);
-        doTestKey(kp);
-    }
-
-    public void testGenerateKeyPairSigningVerifyingPIII()
-        throws Exception
-    {
-        KeyPairGenerator kpGen = KeyPairGenerator.getInstance("qTESLA", "BCPQC");
-
-        kpGen.initialize(new QTESLAParameterSpec(QTESLAParameterSpec.PROVABLY_SECURE_III), secureRandom);
-
-        KeyPair kp = kpGen.generateKeyPair();
-
-        assertEquals(BCObjectIdentifiers.qTESLA_p_III, SubjectPublicKeyInfo.getInstance(kp.getPublic().getEncoded()).getAlgorithm().getAlgorithm());
-
-        doTestSig(kp);
-        doTestKey(kp);
-    }
-
-    private void doTestKAT(ASN1ObjectIdentifier alg, byte[] pubKey, byte[] privKey, byte[] seed, byte[] msg, byte[] expected)
-        throws Exception
-    {
-        KeyFactory keyFact = KeyFactory.getInstance("qTESLA", "BCPQC");
-
-        PublicKey qPub  = keyFact.generatePublic(new X509EncodedKeySpec(new SubjectPublicKeyInfo(new AlgorithmIdentifier(alg), pubKey).getEncoded()));
-        PrivateKey qPriv = keyFact.generatePrivate(new PKCS8EncodedKeySpec(new PrivateKeyInfo(new AlgorithmIdentifier(alg), new DEROctetString(privKey)).getEncoded()));
-
-        Signature signer = Signature.getInstance("qTESLA", "BCPQC");
-
-        signer.initSign(qPriv, QTESLASecureRandomFactory.getFixed(seed,256));
-
-        signer.update(msg);
-
-        byte[] sig = signer.sign();
-
-        assertTrue(Arrays.areEqual(expected, Arrays.concatenate(sig, msg)));
-
-        signer = Signature.getInstance("qTESLA", "BCPQC");
-
-        signer.initVerify(qPub);
-
-        signer.update(msg);
-
-        assertTrue(signer.verify(sig));
-    }
-
-    /**
-     * # qTesla-I
-     */
-    public void testCatIVector0()
-        throws Exception
-    {
-        byte[] seed = Hex.decode("061550234D158C5EC95595FE04EF7A25767F2E24CC2BC479D09D86DC9ABCFDE7056A8C266F9EF97ED08541DBD2E1FFA1");
-
-        byte[] publicKey = Hex.decode("D2F21F7B398701A369A10AB5CA5752324D01D2E4E85D7ADE9C21F2F41CAFDF25B15F173504C315EA250E1EFC243557E90C23509E7D2AE486518448EF18BA837DDE8DD6A30271E793D50DC7999485AE30A649636257E71DE6D65C9803A8FBB384181C6C28604C2B201C938A5198C01704B0F56ACEFD0CF58BC98F81E20CD233C6B5523C8A00F5DB1C934D2B4FB3609C0CB37543A42C4145CAA283C269B49C8EF323CE941F5FCEDB172CA9B5DD116DD6B2B6284DE55C2CC033426C84BD91D74837C6140E12D0C6B05765FD269BD23200FBE110D61856F8C5CE55FDF7269D6BE7D9FC213C885D74F2311A46BD5E32C06308C7C2E7F26BDDBDD10DD1F6DA004B8D28990D9A62276C4FFA90BF6D734DEAF116000CE004EAA0BB25640F9342E9C2FD40774DE360FA1560D478985BE9639F1E5BDD5B3000B364E12AEF3AAFECA99E4DD24530BB223663F095E3254E42A9E0D88639A946388331A4123CCB71A4D8925DF3EF6B6EADD257788B92E8C5E6596AEB77E0FBB86BCD03D0EE68D9B5C08E0E4B67273CCAA8544871276C9375AA0D0CE5681EBA576EF02A617879E2C27E137C8EC106B544D727CEC5B93F67CD4CB2016640B8FCE631243EB08FAD4F1237F3039376061B1AC3FE724C939CD00000EFC693C6D94828428E4CF1103B6BA8139724322ACC8832119F16528056E7D8CCCCFFE683E91AD84BBDC4D492E0215C45B5B75D1C01114DF952C731DB41D3673D80C21E901D06E898E4E6CC2CF3686ADB6760DBD0076ACD31F610C16B291EA1FB595B912ECC5F3E57CDE588CC14046D1D5AF625B0D52D61075082EF052F5F00B66C429E2B2977665E8719F4E4BE4D0EDFF5E6A793DEE09AC0589A6FECF7732684226E03A9520A472DE129A7EE74956FBA661610804F22C235BF5EA9B83D05C634215473309AC5E0BBCC30929AF45F6669340216DD0DCA2E04FA1697546EC1C93BE569068ADC39790435DB82DB3F3C21F16015CF17D1BAB83DACE254A37BC6E4871ED6031B9BA44EF7A71C1E5A709255A9CD226C0DE6733F1615403820C4B3DB50AAB082C04D0D922550DF4A940C9F20710D7B8208E0E97648F02B330EF436F436E011338523718D9DCFA2C6459DB1920A38E978D57D67D8D163313093C58E5A55F96D0DD7A170F3F255CEC4CCAAFA5044D1B21B2B5D44EA76CFC8F5B1A03A99D5DFD04A0ACE897CF480A008819FDBB7216313829CD14A9A1C9596F95ABB48D6F88AFB2B852F2E2CE687B0623D52A81001589EC05D7F6E582B79F2D036030BC6D1573618A83860A8A77C144D7B2DB988F84B16AF61E0931C27478C99B9A1C15801D0A01464DA0611318334238B2745653F14690E37699BAF5A7576FE451F5EAD46DEF2694711E018E37B24EDA8EBB9364553C5EB976DF38D9E4D21C2D174153ACBB0E2644C9C1EC56C3DB51514AED57AE8653C8361262CC21EFD6CF410160F8070753C59439465E62EAF8A34C17E8853C9817F327E273C2D2911C77C1BF9090D30C4243A39F9865545A83D089C5CB23880450E18A4B0036531164B004072E2EDCDF1A015323256BADBE8C1548F2A4CC00241B18825187015D322CE160BA48C4FAF070969A6F6CA9495E6A1959F0923394E7E5E4820B7C6358C61F4471128C67ACA4900728452BD64F6598DB9A421C8D4D33CA8C077C468DDF8FE8F387E950ED979EC2A1AF8FC473529EA069C21A9F26AA5811D343B0E3373183DB3CA9F10E63BA3FC7F81F4999BD0FBD0CA5D6C5546E9B7ABE2AC4D7A5C0FDC8C33A257A8F09281DE4C38D1273B5B37C88F8611CACD58C4E7F9BB916169104CCFA6FB7087FDA4150D5B84F4837C0DB5C6DB321FC7DC79FD90F707456330B37E0109F0ADE25433D3637112E2D96901E22C734407BD988AD203CA805AE8F757EEA09F327DD49710B471CFC197724948A011E597F3A4564CE00FF701B9B240347F227F2BE01582E07680AC993699D2E1536A155B96AE4E461E3D019F0350CBC52EC12186069382FDBD19CE7D70734FD72F8E61361D6BF9EEDEFEA6D44B6B50E1612ADA4E42033329B098318DD9CF695A2921A332204044994F244C0944993B08009265B8004398CF119F95FCC217D38228F1D1F14BCFC5B7160986C339");
-        byte[] secretKey = Hex.decode("2074F000FEEE3B804206EEEB4FFE07FBEF2FC006FB839F4101076400BFFA09AC6F00FE2228C080FE0944CF7FFEE16BD0FEF80D20A0BFF912102080FBEDF7BF0000FE5F9FBD05CCBF2F3FFFDEAB3F00001F48E000032A648F8104F5EBBFBFFFF92FB0400DF78380C1FAF53FD07FFEDC27C03D00D3FB5F8002F153C080030FD88FFEFA139C5F410CFF5FF000081F38D07D01E137A08002120050FF08D4EF1F42010BBC6FFFFE0EE4AF4103D23F0042FE061C60C2F8F5BF8FFDF9111C604200270010BDF8025CB04107F387C07F06EC0770C201FC53003FF60B5070C1011BE0BF800518485000F9F8FF9F81061E6410BCFCE42F60BFFAF4DF5F80FA020450C0EEB0DBFFBDF9DFDBFF8100F42F00FF091068A04101F2DFCF41F90B28B07FF10FCC2F80FFE73BD03FF9F4F35F3F07FF6BC0C2031AECCF7D04F467E03FF2EDDBDFFF0C02804F3F0608D02F3F060C28407DFD2F54AFFFF905D02FBEFCFB8340FE040C885F8103EA1FA001F8F2F36FBCFF1FDC2F42012D1020C0FEF8DBAFC1061E2CB00103F7CF20BE032E5810420417AC1FBEF3F537F0FC05F807603E02FDFFBF7DF2EA13A07FFDF84F40FE070908A0C1FBE523A0810A04703080FEFEDFFF3D01FB4730020A033440BE0AF86F8F42F6E99BA0C1FFF5BF1001F9F15FC0FEFE06E4AF81FDFA4F90FEFC27B02FBFF702DCEF00F7FB83807F04F0CB3F80FDE09F8F3F01E553A0C006016CA0FFF438983F3E05F5D7DF3FF71A10F03E030BBC8F7FFB19C84F81FCFF03D0BEF9EEDBF0BE02E9C71F3E05201830FF03EC17C0800028741F0000D97B60C004F34F60FE0206788042FD04CCDF00081A8CAF800401708F7F10EE0B70C1F411D0AF00011CDCEF3EFA1654C081FCDC7F907FFB0104508208FDAFBFC0F815B0307FFED417B0C0FFF0471081FFD8ABFF8205134C90FD03EC4FA07FFF1434F08003FE9B507F01DD932F3FF6DC833F81FAF6EBCFC1FC0274F07C0201F4DF3EFB203850FEFF0BE4EF4008F71B20FF04E3FBDF7E030A608FC0FF1904E0BFF5FC0B50BFFF18AC3F3FFA08C8BFFF04EED31F41FD0B78CFBE030B38507F0302DC4FBE00E85B300000ECD78F410105C02FFFFAF393CF8102EF278040F20A288080FF0FD03F7FFCFCF78F8009104070FEFDDF2F80FFFD1DE4CFC0FEEE57D03EFA06E48F400103E89F010228DCFF7F07FC9F3F41FEF4235040F309A4E03F041D980FC1FFF85BD07E00C88BDF0008F5EB7FFEF7DFDB9FBFF7F43B307EF60B688042052B982F83040AE89FBEF2E51BF0C00621CC0FC40817BCF0FD00F3D3EF00FBE75B2001F8170C3041FBFEBFBFFEFDE487C0FEFD318C3FC0FEEE6B8F80FAF4834000F8FDF37FC0051A0C00C200FCB78F0000F2DB1F42F812649F3FF9266CD0C1FC0B8CB0C2F8E5B7CFC0F6062440FE0304F8EF4009145CE03FF5F73350BFF80C9480BEFAEAFB2F02FEF9CF6040FC0E6C403F09016040BE0109A0403F01FFDFCFFE072C48CF00F8FFBFCFBFF80AA04F0103E6A3FF40F706ACEFC0032AE09FBF0C0948CF3E012914303EFD1518904106C917907EF9F56BC000FF1650D0C0FF008CE07F050F28913D0126B44F4205FAC3AFC0F40134D07D0CE93BB03E04EC735FC202035C1F40FE0810A08103E8DF0FBDFD22D8AFFE080A5050C10007186000FE06DC5FBDFA0DC8EF020300EC6F3F071248B080FEF9D71F800B0D3C208008F9975F41F902BCAF01FDF06F9000FC17A0B0C1FA17A42F41F8FABBB03D090108707FFCF5BF2FC107ECB390FE05E25FD03DFF11706040FDEFE34F80F62F30E0FF060E3060FFFC993B08009265B8004398CF119F95FCC217D38228F1D1F14BCFC5B7160986C339F23EB15423271EF1CF476289657DBBB1460665D3944B78BEE92D15AA609768F9");
-        byte[] msg = Hex.decode("D81C4D8D734FCBFBEADE3D3F8A039FAA2A2C9957E835AD55B22E75BF57BB556AC8");
-        byte[] sm = Hex.decode("AF8718AB747CEFA75F4A5F26B5392113BDE8CAF1DDDF1D45B473CB64DFFC255B2E211588DAB5D5D2C5407EBBB684E7D8F0C6AB8EB3AB874CEEB87C9CE32568D0ADA6A3B9716EF9AB92BB9F02424D91DD5C3768E4598D2DA954D0664EA3D61070FA4304983B44D6098FB74B55FE40F156F07D0E39F11DBDE5E0549854ACBD65B2F6EFDBF3CEFB27DB44FA18EAF9BDA9F4409FE020B8FB0C7E9A1C17F5A1D59D6996FC1EC43AE246AAE1A8FC777EF5912EEC95A6F9A2B32A91C2EEBD733E0EAA43C3A33E989D1DEF0B1F412C6299628DF5AEEB599391C411942873FDCE0FA701C58FD2FB383A7FEF455AE12F415496BB0F6E75441BB0F670910F207CFC372B823A099EA84105E1B316CA33587FE990017BA0C52C1EA85C9E0F030B63168B093EE83D81C47EE70D5EEE3F5603E00C3FD306DF8D58C594B4E2047397FAE4BB83FCAC0D3A8BF7896770017860E9612BC4FE5E416AD961C277836C89E29B22C9C6A1F2F8A55FD84D57F4C3550EC14E9B30BFD18A3E479217DB48B65B9E3ACF731C08F8655D2D2F689EB6547C5241887CF017FF9F0EFC49D3448D623353C6846F2C547090873903DC281D2D327C1DD8B49BF87CDF28DDAB0BE1D48B8874D8693DACFEE07E51D5137B57F58D1EDFA374C5FC2A9C42FCA63393C8F24160BF54110D8721BADFA288F304E345FBDF179AC43FE45DFE55D98683A8B7E0A7B48BA4193B01294D6666688EA4099E842F78402874FB1CE5A52FB14B6C6BA3343941E0012556C1BC8184DB46B1E49161E5504815ADB45987E7EABC1C5657D5D8F23847B728F5AD51290995BB742EFB99528147D423FB56EE1118E4C170523E4CE2734219902FB54457BDC111F54497002C0D06D4EB11FED96683DD3F5E1A938F4D141DB638BEC5C8A5BBD5E7F4BDCFB8D03C4D003BC0DEA33119015FC6D2468C0A5635049A04055B542463B4AC17FF4AEB339E674A1E5EEE7C0FACB7E6CE7D2B990C4E5EAA29030F5CB76BD83CB59D215875439F68BD8731A4D5F54B1D27B905AC42D381AC8A1C6BF1F785CCAC2CCA0D08411A2845A920DBC51C82105205F1772DBB0914030BF06115CAC3596E0BE6F97ABBEEB6FC10A84819C84507348F2C887366A82B6FA5DB6B34111066DA4A41A709AA7EE8622A3B3AD5C854381440D08C49BBAA025E7F1D459A2606368285B12E50330DA0FDFB9B50D34CC3664B9F13A4B9E0E65F7F5390A4D8D25353CA2DDC5BFF4A1238321AFE33BBA3318D5984AE57799ACBAB7B5A0C52120CA6014B89B3BEE993183703BC717871A1D080E57ED5E4FB5C64AA4620B5F78DD4144C1005ED3D4D2F1E94FF01DBDF0107B52D5FD3B212A72AAE32BD32846E0B31AEB2064A30361E8F58A82937AAE4C3E74A61C9953406B946809B11379411C910A9E9B7E2384D0E9C09A78763CB2DFF356941B2D863C35FCF0D5735B478D62D1D90DC21E833C871A77E533EACDB08081105BA3B65E8953EFECB9C2096DEEEEDACAD630133A6D35AAADF07019EEBE7D1C9EA1CD25F55454D861C1A4A17BDE58FAEE5696FA4DD496A4C0AE443524BB33B98D8F254ACB9CCB852CA4561BB4E3830A24E5EDB9233A20B37F42B323DFA6DC1A891F0C306A121EA94AD8071D107C4B4CDB294FD524014339CBB821F60CE298EABABFD3D64F6F5237DBC14BA7867740F047325691DEC988E401E8CF1427CD040AFA8A33B8BFFC2AC080ECFD7BD4F22646CC7013210B80A99B1F7D6031FE4F50768531C604E7AE9349E87A0006566B61EFE18DF34C385B1B5E8D35946D8E53A75A7412DEC7E8A28A06E8DA2BA3B860AF01455359C01EEDBFB96D6881E5EEAEA7E1B2663A18410218B1588DE897E8E01DFCD72D08757FE1CAEAEDF71F7303CB91E91EE7ED7C7BC3BA6F72A3C8382FC3ED355C6F56CDC8630B2C3A06EA9DF197823448E70C01F349FB0E6D69958AF7347D81C4D8D734FCBFBEADE3D3F8A039FAA2A2C9957E835AD55B22E75BF57BB556AC8");
-
-        doTestKAT(PQCObjectIdentifiers.qTESLA_I, publicKey, secretKey, seed, msg, sm);
-    }
-
-    /**
-     * # qTesla-I
-     */
-    public void testCatIVector1()
-        throws Exception
-    {
-        byte[] seed = Hex.decode("64335BF29E5DE62842C941766BA129B0643B5E7121CA26CFC190EC7DC3543830557FDD5C03CF123A456D48EFEA43C868");
-
-        byte[] publicKey = Hex.decode("6B8495B1C393966CE20EE722515892480FDDA8F7848245573308D4F1C3C93C4F31B262002E32BCBFBCE58F58C95322F9158CB10F30ED2DE4E1F202DDE2C4F68143F354A52F2C27B12B8E434E14EABC9C61B421708B809CDB3908B75106A11B09AC4EFC19662DDC818D4D2A50827D6197B8405C3C9D1AED8A513D3BED08CC60BD04B028D50CD55D9ECD3640EF81047F505B3705AFBDE294DF42EE9E488D647E9C7D532724ECF6501B18680F4376EEE1E0ED1CB4DAF5861F19AFFCA2092C8A6845224008B437F352695B7827E55C7F0BE5A49B464B4654280FE67A137F69924F8529FD947C5B1E9953BC86808243FECE6E03682FE46396D5B174148059703694A74D9DD399B64714EFD666874AE771E1C8A7C2E73D03EBB82731DE05324BFDC8356D5809A40835393B78CF577778B6DA061B2E640A083E5748A6D88CA3A1B106BE566B86C3293886CAF38BA93E16267BE96A0E91E08FD8683406779C1528298FC98101B1ABE625200B1296C50170388B5A5432A020E2D6DD7B40524B52FB960B8FF3FDDE3526842D355AB860B78F9A4AAE588F548F7EA05F94ED711646D82D4BBF8A22244FD9C466DD71E4C314B98235D819321052039F5996C216DA9A1B0BC897A1DA04F2DB48944CAA0C0F5BDCDC10498FD1E3B6A76EC8158ADB9280F7C0F43E1E835C178B114C939F94DE20974301D9AFB3D5D4CD9D3C24152F891E8019BBDF5B74E7212B85E5C6C90614219F54E674334D1D3A57EE5889F2E6C334D2475FF899FC50DA49C0B106F05810868F850A95411E6B616F56397221E45A363A2A4066AFB5A56CCFCFC3419F99B5CF87C977B6AD926504062CCEAF1EFB578EE1A2EC6CD6D1244EB20604E94D37C283238105B0F4834FB2946B8523F308D0020B1C8557403EF85235CF9F547842D6D94A8DD380BB06732EFF51FD315CF111BE138A7D118643B5A8921FE03EF309169539D7779CBA09C6079BCBBDCF84C383939E55C9F042FE5130E4E31EA33E2412A9F3B308F781E8353F7261DE83B20A5DD66210F05B71B49BFB499D60D8C67E2CC72B67D25E6B550BAF745F0E11F29A185406752B0109EEE7CB503B6F785DBEBA42270E9AAE1991FA41B5758A9D0CD74C6823EF23D4D62ECE67370E0732C43A1D54DC61F54CF507C251758E6C78D6DAA5120E202CAFEBD58A25A933B4B48E1A78ECF36104467A7167231918E93AC356C4AE2FCDF284A3B0E9F19038F8985204BC35839804484D3D4194E1E72A7B22FBBFE03F00072A3C05689FBC6E11C71DE2748826A40261A6357904B76ABA722AB91DE9B3C9FC66034B2C06AE45625E8071552A80A807F20A3ABD1D094512C64B57212941D3190638CE3FE69E5CC8759FEBEDDFA46FCE02B822DD32F1751BC41F4EDCDA63BE023154FE075275A28548450494D9743AC52DAB26971C78371AAA3D87B8F000E95FD79EA6F17B5F614FD0626C236F87072C56D8F7F7EEC167323F79A26E32048BF7C43C00904697F1E4C93D018D7F0845EACC01D3989D3502E2891B776B11CB349AF9C462E83AB1039B30688E153D7C1AA62C46B8889E404936912BCCA2517C059B89EFFC1FE1488C2EE3473C27805715ADE619BD3645D540C84D187441A46C0D904C3C9E2A92A92FCDD6D86380395A934DB93979AEA13C428EAFD9259CB3E2478DB643D0D6913AC275ACD2387808669D2FC40FC6011A87AA1F03639D02692BB18322D6417808A902A403068A7A45DC62A5ADBEC18458AD4F91BEBF7FF60494AA7C0A02AA6E067A86430CAAA3536056EE44944CBA38B7AE9016D66621703A77BCD36BD104BC2A040A12577DBA2FBF4B89AE4F49D202C27681B05BAA8C4026E0A60D44140A2213CAF78BEE9047A10569ABE5C568FBEBEA276DFDCF905F8398432129A82AF45CBD10BE668D0C60F4B64327388B830B1EDFE4ADB67EC5472541AD29C16B732A5F2F6B8EB1DA671B6F1ACC4AB510694F2AAE8055127734591BCEDC1077B757C036ECA8E4A114A649EA4730EAC4309B07DF98A5D8EA838C84675A7D10EC93E1D36704B23BD04E27F635AC6DA31959BEA5A10CA37B7193664419926D965E7F1916EC44B52B4BA993C5FBE705800B2C070B09CF36E0908FB89F71E2F7AD9448");
-        byte[] secretKey = Hex.decode("E2FB4F00FFFF37F07F1016B87FFE00DAD38F3D08E9BFBF7F040634B0C2FF340490FF0205F87F8106F3075080FE0F105080FEE9679F0006FA4720C110F4EBFF7FFD13840080FFE60B80BC04003C307F00F827807F05EFD77F800217CC5FFDFF0AC0B0BE0500701F80F4D48B9FFEFF184C70FF00E9DF7F4110180810FEFFE1F31F3E03F79B3F3E00FAEBBF7E0508D0AF80F52BF0807EFFEC3F203EF61CC0F07E04EEE30FC1FF02E42FBF00E65300000A2674E03FFD1460607F0714F08F3E050E9CF07E03FB7B7F7EFBF4B76F3FFCFF6B303DFB0D981F0202E56F60C000E37BB08106FFFB1F80020808F0BFF6CD43D081032354A040F8CE63C081FC070820800401E8CF7DFA106480C000F5DB507DFD0C7400400515D81FC1F8E32B10BE02F06B9F3FFDE947908002F41F50FF07E44FD0FDFDDE2F91C2F9DB23F0BCFD020850BF05E4DFFFFE00F5B76F020DED573043FAEFC72F80FF0B4000BE04C8A77082FC22A45040F9E7570040FBF713D04000160050C0040E884F81FEDF9F0081FB12D02FFF0211980FBFFD1768F080F8E313803EFEEA6B2002FEF9B3BFBFF10B7820C001EA0FE00001F5D37FC1FA04A0EFFEFC3CE4EF7E02D9234080FC198070C100E417504203057860BF07F68360FFFFF82380C1FD1C90B0BF051328203F02F9F70F8107EC435080F9FDAB2F40FEF21B20C10302F02F4104F27BDFC0010258F0BFFB01986F7E02E7AFEF7F0418C4CF3FF4EE0F10C007CED36F4209FE5B10C0FB02F47FBEFEF867E07F00F9BB1F41F40540407D01ED6F0F41FEE48B8F01FFE43BC0820CEFA38040FB01AC2F40020F54E080F412D4CFBF0118A44F0305EE67A03F010B04A03F0819B80F8004F09350C1FC10544FBF00FA7F800107FC9BCFC00724F82FC10A2F74C0BFFB0AE05F8103C9D78F3F0601F02F7DFEF66F107F00E85F70FFFB1678CFC1FAFC338F7FF701E86FC1FFEA27C081FAE81FD03FFCEF87C07E080BE4AF81FDEE63208002F41BF00201F83BC0FFFA0BE4CFBE0416E8BF4004109C408008F5A72F7E00DE835FC0FEDE93B03CFFC7E7AF81FFF03B500101EC5FA03F01E0F33F3E0600B44FBF00F01F200001211C40FC010D8C200005F7DB9F7F09FBA3FFC002070C7080F80388AFBFFEF297C0BE0AF92F507EFBE3F79FC0F7071C5040FE00E0DF02FA1FB85FC0FE0F504001FE15846F8003036830C0F7DE6FB0FEF3FFAB4F40060FDC7F010DE80B7081F70D741080F813CCAF7FFEFFCF3F81FCEFEF2FBFFE07E0DF7CFE017C30C1F9DF673FFE02F11F900004203C7000F9E04B40C205F107B0BE0225EC9F41F8F9D77FBFFDFE13D0FEFEF5CFDF4000F433C0FEFDE3CB9FC2FBED4740FFF608E80F01FF022C8040FAEF13A07D02F4DFBF800331548FFEF9FD03903F0312B46FBFFE10C0EF010224F0BF7EF90834D0FFF620705000F4F55F10420021DC6F41000D2C5080FFF11BB07E021CA0CF42FE2FF08F8012FEB3807E07CE571080FFEF9F5F3EFEE30B80C00512CC7F41FAF96BE000FBFB13B07EFF0BA0DF8202E00B9041FDED4F30C001F2CB60BE01EC0B20800102E07FC2FE1710D0BF0B231C903F03FF1FE03F0533F0DFBFF807EC2F000917445040001A58EF0001FFF36F40FFE627B0BC030E3C907EF5F2AF4FFF08F2D72F40020E683F7DFD049C5F80FC13F42F7C0006949080013118207DF6FCE36FC0FD0D348FC002E4B7F040F9076490BFF7E56FB0BE0903B04FC1FEF623208408F06F303FFC128C4F7E01F967603E14F447908009D7E70F830BF1F30F7F07F9B31F42FDF57FF04004E3D3BF81FB1916EC44B52B4BA993C5FBE705800B2C070B09CF36E0908FB89F71E2F7AD944898B305452F9EFEA0237F6BACBE4022FC80E5DE2D66D398814A7C835419435744");
-        byte[] msg = Hex.decode("225D5CE2CEAC61930A07503FB59F7C2F936A3E075481DA3CA299A80F8C5DF9223A073E7B90E02EBF98CA2227EBA38C1AB2568209E46DBA961869C6F83983B17DCD49");
-        byte[] sm = Hex.decode("553082050F6A8BD54C40E296C67011C2765199D81304F22C3CE306AE9C05235FC8EE08D851E2397C2956795D02F1AF944E54E2D270ED89FD6F89FE9BEC269B5CBE7F0184B244F89455876E181F39E1221F962B34FAE1A8F6E4EEFBE882DCD5BE4941EAC3ADAE263EBFE5AA9E0BCE6D2AEF44A12710B4301F07545EE129974B27536C2DD6C38FE9D5F7B725DA66C8B7A92F439C6721AD2CFC389176BC6A39FF44483C06B9D1A554164F5FCEAB5BF317983E8525ABF7EF291DE0FA281791680F61012A06742836CC6E0CAA87BDEC0C7D451801979D3A993068DE6F601DA81615FA56CB0A4B315CA2CE06F21925D088DE4DF0CAAC3DD33E51FDBE8C0DD187BAA82216009DD2819D524BCFF70012A734FE9D936A413AED15B3D652258CF6C3B0FD5BF4F64B7EC9BDBC9251C01A34AFBA707B35BA4EB6C392DFD6F93EEA454DCD2BDFDD689B5A980C21EEF124843F5571E31A69AE097A25B3CB1F04ABE269E78E098B658201B8BECC456147F759B14C3A3CBC00D1D7E3344F05E433C1C82DBD4001C6AFA8D948E92D1686C64F57436F6DD9ADFA82F35CB3814DDAD7AD0912B62B6B412A40D70F49E05B305BB5DD319C5C89775F27D3DD1884B5936A54738F816AC81FE328AB344FB39CDA6EC0B64D47556733815D2D83818D88D65094933E6E9A9FEB7E433D3EFE0B4C98D7ACCB9EA851AC72134283116513EDE0802BF959ECD5A8AFA9407D8EBBBD8ECB48B24CD034C3FA763E83782D6B0B2115929F94645F9378411251692C8858BE725B9D8AB880054956E71A75D5DD3A88D1476C36064A3C62EFD861C4A25943037ABFCA2DA9363F34371E868ED76D48E068C3A078757FD8E8588B356530F098ED81E3C21652E1071A6DE3F8610B94BEF7EFFA5C5A955EA3987B0EEFD16E6996BBDB563BFAE6C769AAF95E4CC4E42634A0CA641297642C92A57AA8A704E35CD8A759366E1DFD2006C173D31BC853A1089284F043E1648DB047E944EE26AED13A07DFE7C6893998A43CDBF9520A9E077DE27B36F03FFF08FCF4C4F6F4076C54EE6CD7F93C7C1297A4917B3E430981B312C2E1ACD923A419175C735F80F3957418BBACFF5F09425F047564E2F9FE4A9445FDEA63657FD25D2177A9C5A2BA11E54B3D0C06B2323735622AA23A69C14B4AA78BC4310481067E68C0225CBAC0C40A21E8676B5D2E82DE06BB5BC95A3A4269747E9BD3895C0C29A4B25BF85AE0C46959B6AC8BCEBF6CC3039FA0AD7E4698CDCB73C44A10A3469520C5967C2B491777711DFF1F311FF16639A5C35F10FF7DE14EAB5A786E7CCF152BC45600CB3565BF69477EE7BFB508F3259C75EC87B7F57561ECBBC8178497F6B77D5C8D6C2D3DCADBD7B2C21B59333FAAED20C5152E35886B1C672F6AC4BE7FB0DC6D9F4478428141FD35E30691677A1E6B866CB91BB9962D4BD5462275D5932820FD104BF0E1D4E08F0CC2B7B1FF36D2A694B848F1B84475FB647A828CEE4DB1566CA35A908562DCD45AFD107453E4FD18B571B2F64B077DB9AE3BFA15F0C10BAEC410805EDBD34B6638138651F24F91F9D82D8E7CC07F1F5AD93B1017A375A4A9EACC85A96403442BF1D5D9BF18204011E666569B6F280B268BBF339B607D7C33BB59EC7E12E7F20B14BE770547F797E990E70A8F4F1B738B4EFC7CE124B919537CCDEB5F0CA8DC2EA9649640EEEED11489C0A1C110DEB64BDA50C756A3EAF34C4E1059560D3788FDACBC2E352F2B93BAE31DE89C0D19277BB8AAAF0A419C2C4C1B265BBA1B41A9719AE53A7DB5F051E3B08836E5D3087A94315C8B83E21B1217E1276FB90252F56E72CF9C406A9539F782B4BCF95CE4E55340A00899CEDA7A0C020AFBBA1DEF8C394CE2354E86B7752DC57D1CC94ED32A27F12A06AF8C72AD2BB0A4D619C7F1569EA066B8231BA0CDFFA761F54F1A574C99E1B24C53F33F3D1F34225D5CE2CEAC61930A07503FB59F7C2F936A3E075481DA3CA299A80F8C5DF9223A073E7B90E02EBF98CA2227EBA38C1AB2568209E46DBA961869C6F83983B17DCD49");
-
-        doTestKAT(PQCObjectIdentifiers.qTESLA_I, publicKey, secretKey, seed, msg, sm);
-    }
-
-    /**
-     * # qTesla-III-size
-     */
-    public void testCatIIISizeVector0()
-        throws Exception
-    {
-        byte[] seed = Hex.decode("061550234D158C5EC95595FE04EF7A25767F2E24CC2BC479D09D86DC9ABCFDE7056A8C266F9EF97ED08541DBD2E1FFA1");
-        int mlen = 33;
-        byte[] msg = Hex.decode("D81C4D8D734FCBFBEADE3D3F8A039FAA2A2C9957E835AD55B22E75BF57BB556AC8");
-        byte[] pk = Hex.decode("2773A7AD9D114C05E70C654102216989125420019CD31541E8A191B142C2732FB3CEC5C9C070A830C50A960E4B07C8108AAD0C044AEA0CCCA544422AD17966A52704BEFF1F2BC92423D79C128B891392824FD4EACDBD5DEF0CC2733BDF9D0D0835CF08640BB61DF4006340013144DC913AA00D411FBBEC59D5A3D20E1A3656319718F82F683978FE820C2AE48349FF42B63F44E71DA1678C2ADDD8447E9B30AA7D083A9FAB6CDE4B44AA9668F1CC4F58432D55340041792C06F3ACE7515DC1BDAE4DAE329B49FB3C4F086A0CAA846AF3C52721C1DDBD2A88093563A6F9FA11695CAC38C838024008B10AE0C76DE6272E0198209E133FAE50410192782130B838E56EC611E707140595C9B9620FB0E547C10A757EDE0FA29606028E8200740307E9ED8870D9199E0976E30F7C4233646209684B2AAC28E4B343C28008B4A4FFB8E02AF2D01E61E20F9C5E02886DA498AAFAB60A702AA4C2E050A4691FA6DF8ECE316AB75A61B55E5381606877488C630D33CE27382BC5EE368C5579F2620673E79789B1C79C405B97A426E09E49090BCEA3FE40E01513EEDD9081129C0A0A3B5884FCE5CB3FE7E6B37BD08FF1324ED390E507CCB3271150B1D02F9F15ADC205ED0068E141D50DC078D37E4E7E283510115811AE1205CDD1A109BB114771C0D4FA9E8129556F1F505CDE6E0507B73BB32B0AB3EB84AD99586E3E3326A0B1BAD6C7A8E0053D18368AA8BAAD7D702618EAF33A3B5F17E5EA410803E552E4262256682CD27005C054103B41EC37EEE354CAF7AE0F19A75EA470616F94174C72F95ABB4B9523CC4F291FC787A990E8EF43D2B8C1A76AAEC10C095F1BB0111E1A4046F6D131E307B960523D1884ACF914CBE40FD3130272510A13133123AB70356430620A3EBB2728172BC56C0F55064C7031D6A461693C80495930C25A04F61E223DFECF29526CF8BF261FCD8AF44CD13AF9E8AB227A579F35B0955AD56EAF7C012265B0A839D951B93C0E6A2108942B82C2658FCF12E165ECB57B74DABC2D30CA246F9B4FBADF654C011D00FA144170C9E9EBE1A935D620C43EBDDD8D1E60C29EFDA04CC17407514887F8198CCF58092CC75C241CB34AC2F9477DC0675E8CDB2D6934EC7B3EC25EBB370CDFB79072300575597754E5609BBB94788FFC5E12E713222BA5D6A22BED445E13E170AAD9ECA0D26E22CD0B808E1090EF44D9BE210E426765B9CB2D75954316160A44C3D936EEB21DAAB7AB1E60A4F651F3F5003061D80E0E17C0530D4F15474C2B861B72B3FBA058CCBD14568236D40E6B3C359FAE089388639703057DD09806C9108EE6843F02F03492C6B70A421B01DB32C10DF88AEBAA3CB45D4CC0604479AC1CCF0C9CD76250AC3345BB60BA081462B1667A1A5C772B505B5D705223E8AC30FF1C423783E1977E62277D196517636CDA83A80A87AA54087CF099B1494DB8F63C166E183CD3E8528557038D9D826DE01963B471E3337093139CEC888E6C5B1249826D966355BDE17CF989254C8C35036714852B24D89BB666EA8AB5AA68506125ACD8A51848478A2C14C94F189578C0ADC8D04AC0E896F6357DF3AC17172B06B5B25BC4A41CE3AFB266E17F7990327CC174001F71ADAF8F5EC08404A3A74B80E4974D20B631C11477BCCC1164AB8F49F7D6F57AA4A77F724435C218108DDBA508285D3E412A8778035FED2E516DA7BF990AEA03FD7E91F05537FB5A962A9259A0750DEC465687304925CFE5BD8F044A7A1EE638D2C448235D2BC2C9958C21DBE152B8D9865E336B57911AF86F404723CC995AE595F888FB675C47C2BC311F60BB3E47B4125CCCE51AD3A231A9792DB6788A54FC2935E22313A744065387AE450F0168BC00F60BECE76FA41E5383B0B45F950B27D327379865A73C6239B481FFB4AE78757CF51F5ED4CE20A4C31E89E19FDA2959158578439EC56CF6D29B0B2F8C307D63A13E8073E5AA7CD2C0FBE55EC4348AB807E773D726754F72EDD526B788ED61D031B3C2F64803AD34CDDDD8DB86C0078AD3CDC728B0399401A0C28E3D322FBD576FD97CCA4EAED9146CB3F83D0139024C14E249ED6996FC6182E739C72B177149EA08FC991CAA73DC8D6729649F395658B33D49B21D221D65E0BC90A0AD85E0F714D06E2CFEBE84F163843B7854F9E83A0409C07CBD22646C1A841FAA6FDA61FECC495CB2C881CAEF7EF4D8CF54B52241DB36B68093D40880822E808D40C2DE6D0488F476FC79064A0C8E03A05C02C6DB20F3EBA8E0067C154F2CBC7C4849CF87F7F1C92B4EA8BA70177FD1A31F691168317A3D4CCF9B9EDE02DB044645622313807E49BEE1D481136EB26803CFA5756E177EDBE1AAE6B0C8541B4FC48CF01014E54B2C789241DE9C54ECEC921AE7AF8A427213689A4A2CAB6376719C25A896B45CC414CF762B91A9840210095A46F3281A6DA086B254C916663B7941E4CE5281E33D8E3712226B201DAEFF4ACAB7C504C727F16D2F11C14885A2ED080638B153A40B3B12457A6A3AEF950BEFF282A079185C64FB1CACF19B8182900F2C4EBE28B7E370A3235D45C6F484FE3F75449E499F07F2F0A4FB1AD6508ED8CEDA34EC98A4957EAEBF25FB8F43D16F6DF3E32705A82979E221CC11E63B0C883D1EDABD4CD5A0855812477BCC726D68F0B211420C068D60BEB2D2CE9DA32EA68657432CB2014904BE4248FD08DA1F9C5E455B32A1A1C9AC31C7E7A1ABD8BD363A38AD78734D1EBED954871C274A5D54C1B492F01149BC90848E04D026118E9DDD0B84C1FF22473C08D267F1581D566C5F62EAD72C79D75F565BEC6C3275ABE3638D2D003CBA666B5AE85AA6E33D807F72AC157F64390320F3D4203D0FE2B70EECA8BC174D98AE7461444CB33688FA8BB82CB81F84DE6085BA9B63A9098A07E78DBFE5A20161366ED941116C790C67D7BE28680D3372C19E7BB17433903ED4688D63D4CE54DBC0BABBEA4916FA49AC71377A7E2812BE6512D504C04F51A6B01E625E806DECB5D3F6E19C726EDE8428DCE04677B2D8A7083A8C5A9304B06302F01973A169CD4A0D04473F769BA8B08E069F96EB07AFA0A5A061723B5C537BB6B41AAEB03F736F1B00210CDB816109D148692D49854DDA515DF53E9F737E594EFAA8033D576401CAF82ACD6CC7E8E913BCFF0CECF25D6C8BE37CA3B0D05EFB405EC144E4BA8B43814814B3488C6C7844924F77D06ED8E9D4090F758C13226577265B20898D40EF82D8410AC9C807D6BD0DB7124D4F23468736555B584BAD6864130027C825F8F15AD4A6550A5BD9AA04C69D38D44BDE53B5DF9EB202347876643C250278D786F8D8C4A8C9EC33FA57D8803909FB0991D370AD2FE3B6BE7E0798D4282C05B27410DA4B1718F05C82269C3717392580BF0391F20BA083057D3AA392E29D5C81CADA50069F812E6B8EFF77C59CEF51D27098AAA219BC59D4E549767435766344B754AA70FD43877CCBBDCAE4D0D6FE8F30C94B87C82ADC3BF62DFC6683D910B13D4ABC4B6B68C47AE51317F1F51B16918E7D9E851C653330B01838ED10601494C8BD86328405C18FD20A62F384129DC5AC3EFC58A915A182369F1A1F088608F64B314FE1BA543325B72986612765D3A474CC9A6CE04E1ACFA49BBEF23DD0B0E4E40C320578C985E8C29A653AE7046016E067887E85C9C3CDCC456CF811A256FDD8F1E9E8660466372EB85BE369D3B496991A7D99198794DDCA7B64B4BA91BFD7A3C258B170213639302B4EB45A8C9CE7C2A79FE3E3FCB0C23B057025CC207A6D02FABA9E299FD95525B4DA20250A1B54FA196210681961A04B9F6862C5F87586BB90027C06E9B769D15CB06A7867F7329731AD18DB714980DB021C8A93D32A20858AB61A741FE8B6CEB89E6DCA0960B06286AE297A5FF8B99A42660B3B802C330B91F686E6F314B62B2C83E8512D93C5E29D689AA1AB43401D0A866586BC937F66A3D0711C20C9AC36426AE20041358AE8C3E1E6AF31E4DF0157EE582210B6C32F346481B7D888D34DA15238C62E1B43FA4D5C1C67F6EC4F25A62B810418D3512B81CB107D9E88711E64C4F224894CF80D09997744FD7AE52446A7DA4E10051D597833AE1B36C86A0CB69B51C27FEE1B0A126FD88AE54BC04291183C0919C4912DD5D4E9EEC9C40B65D58DC33CB0289B0FB60D11B60E7FB7708849FEDB54F41A68314805A5C0766ACC9F338A46B29EAAC00087AD");
-        byte[] sk = Hex.decode("F60AF7FEF8F7FE08FBF50300F8030CFEFFF9F5F60103FF0FF601FE00FBFA0E0003FC030007FE0201F401FE0404FFFEF6F9FC0209F705F7090E0002FDF1FA02FB08FA010602FA00020B06F804FDFFFD0601F60400070100FD02FBFE000B02090308F9FF080005FC08060103030801F90B03FA060704F9FA0FFB050CFAF412FB0114EC070BF4FBFC03F204F606FD0400FBF400020806FBFC0CFFEF010CFFF9FEFCFC01120909030CFDF303FE0200FC0600FCF4FE0504130D010CFC0208FFFC00090A01FDFBF111050911FCFE010BEE0302FCFE07050A04F616FDF8040D03F7FB03FD080503FAF90003F70A00FD0AFBFBFDFA040EFCFAFDFFF100F507080109FFF7FFFD01FF0506FE04060B01F7F9FCFBF305FF08060604FC0DFA01FCEDF5FA020707EF06F8F00D0800080EF0F6FA04F8FC01FE0102FCFCFEFE000306FD030601FF0308040104000302FFF5FBF60AF7F0010B00FF0009FE090002F402FD02040F0100FA0606030205F71200FBF70909FD07FFFBF107F703FFF5F70FFB0D01F90301FEF30802FAFDFE010608F80BF603F8FB0E04F905FF0CF9F40EFB0B04FF06F7FD08FF04020103FB03060208FEFA0CFC0A09FC070BF5FBF903F3FEFF0312FE09F9FC040A0EF5FF03FFFBF8FD010E03F708FC08FDFCFB0C0AF805F90EFE07F5FDFCFEFE0502010801010601EEFDF307FBFAFDF903060B0C07F800FDFFFF04FBFBFD06FEF8090A050A05FE0A0602F102FC03FDF711F70401FDFB00F4030DFF0808FC070405FC05FA0AFF0EF200F6FCFFF8F20E0AFFF8F7FCFF06F708090FFAF6FB04010207F30402FF05F8F2F0F8FFFF060206FAFD040107FC0AF305110E0502060B11FA0500FC0BFCF7FCFF09FFF510F802FD00F4F807F5F8FC0EF9FF0AFBFFFEF6F902010BFCFCFC04EBF30703F7F30204FFF10A0BF80D01F7FC0B0701FDFAF300F60204F60EF41103FAFA06F7F7F80304FEEDF205F9F9FF08EF05F90DF6FF0307FDF206FD07FEF7010307FF0600FAF7140300FDF70410F601F80C01FB06FF0BFAFB0209FC07F506FD040A040C0DFAFCFF08F5FDFAFF03000503FA07FF0601F8F30A020201F5F8F9F4F704F60203FE0505FC0A0C02EF020204F7F5F60405F7FDF702050202FA0B06FEFD0FF7FFF201FE08F806FB020100F904F302F503FFFB00FEFBF6FB08F9FCFE0407F60609FE01FE020105FEFFFBFAFA07EEFE0E02FA01FAFFF7FDFF0403000207FEFBF804020008FAEFF6FC0E0C0604FE04060DFE0D13F5EB06FE000A05FF0E02F7EFF700050107F5FF03FE01F209FD0301FCF00204040203060208070AFCFC00F2F40BF6FAFFFF02F90701FD030405F50606070600FCF6F609F5F504FD0D0A08FBFD0207F3F601F503FEF404F7090403F90101100E0000F303050104F4F20C04FC01FAFB01FF08FA02F304F3040A0BFE0CFB08F80B09FEFC0105FC0B03FCF1FB0904FAF30204FFF2F9FD0B0201FDF602EAF1F9F708010000FA06090301FEFCFBFEF4FCF9FFF8FCFB03020A06FB00F5060704FF08FEFDFBFE11FEFB010202FCF300F90C0105FC0604090402F8060A0A03FA07FF0C0F0C04FDFBF7F7FF0402F8FD050B02F801FBF9090C02FBFBF1F30B0901FA03FB070300FA010403FD01F303FDFF0F0209F7F506FFFD01EBFE06FD100F000EFDFDFC03FBFD03F8090104060A0900F508FD090D0105E9050305FBF500F707F70503F90706F10801FEF805030B02FBF701F60007FF03FD03FEFD000808FEF4FE04FF0CFAF500FB13F600F5050BF50CFF01ED09F6030305071B070C040C0206090205F103020508F207FB09070A00FB110502FF06000811FFFD0B0D060401FFFDF702FEFA001209FE09FFFE00FE0BFA01040308F6FAFFF6070309F5F408FFFC02FCFEF7F80B03FEF8FFFE01FB04030304FDFF02F90AFC0A070407FD09FEF5F9F3040002F2FE0D03EDFF0305FE010B08FFFA00FAF7020106010D0A061913FD00FA05FBF808F404F9FDFDF0FD0403FA020200FEFEFB0004EF03FD0B0301FF010A02F0FEFF06F6F400FEFFFC06050603021005FD0603FCFC050A04F9F804F40E060100FCF3F3030BFFFFFF04FA0705FC0E04F401F9FFECF9050C07FAFDF7040EFE04F9F6F900FD18F7F5FEF6F4040307FE02060302ECED02FFF902FFFB06FAFE0BF90100020BF8060008FFFB01F5F3FD0501F60D0B04090204FB0508000CFA02000AFC06F8060200020606FB03F80A0D0800F501FF01F90DFD0203F4FCFDF8FBFAF0050107FD0101FD07FBFE00FC080807F600FD0801F20200000CFEF5100802010206FEF006F9F8070B0712F6FF0600070309E8FCF7FC0BF8FC00FD030F0307010807FD04FCFA08F8F6FE06F8F6FCFCFF06FD09F5FCFFFC04010F01FDFE050E0D06FD0AFFFDFC03FD08FB00F7FFFD03F607F80707FBF8F90108FBE603040406F0F303FEFA01FEFEF303FFF202050203FB0407021104F5F7FEFB07FEFC070B05FBF9FE0CFEFB00010CF80C00FBFCF609FF06FFFCF9FC000201FF04FC03FB040004F8FB0B0301001001090003FD09F9070002FA06000D0D100508F2FCF4F10B090501F90509030104EFF2FAFDF903FEFCFE0906FD00070802FA0304050C050A05F90AF7FFF9F704FFEF100005070113050CFBFCF8F30212F8FDFE030505040C09020201F70BF3FFFF01020FF7FE0005F8FBFA0B04010801FD02FDF601F9FF09FD04FD02FBF7FCFAFDEF04F90801F4FE0FF7FD08FDFCFE05010306020EF70201FFFE02FE040705FB0905FFFB04F100FA0A13FBFBF60AF8050803FC07030AF9FE0D01F7090E0009F8F4FD020401FC060607FE0206FFFCF8FEFD0004FFFE0704FDF5FB00010403FA02FF0005FA02FE000AF207FA05FD05020504000BF70FFCF8FDFBFB00FFF5FAFD0309B60E7FB7708849FEDB54F41A68314805A5C0766ACC9F338A46B29EAAC00087AD394D1695059DFF40AE256C5D5EDABFB69F5F40F37A588F50532CA408A8168AB1");
-        int smlen = 2753;
-        byte[] sm = Hex.decode("FB07A3E1D8B107FCA922CAC88C668B69F9BD54330712E3788663FFB44310B4D5057F5F479039A87C3B0564A2474D1A97B944E852300044C68751C09A7A5B8394D4D388456DE8535EE57238F2364DAAB11BE3983AE492D5AD2C9508CFA2A138F4666871BFBD394BBFD69E577E812A13D973E20D8B3E63976021D946B0B3DD53D343C344306B85942927A75EF08D7DA4BC31DA2B0F727B997BA243BC1294B30CF5399F58D9A1EBF5F2D4E5D3D3FBC580FCF2F6EC2457EA4C713B5B0CC6FC565331E9DC92CA419CC73A4D618ECF6A5B2EE146B28A87458D332768D93C3E01A43DF628E1EA0B539040B6D5566189FE8260A22F701EF93907B061275637359DB9BB6361A680DF9FF38B4FBFB2BB31CE0D1891CBE07C6C2F8E0832038239E92FD4F70F5BCC28BCCA1E9F800266EDD0CE007FE86052F1506DC45A8A9405F13EE63C963019776D11311AD44A01E5B27CA4C51E051BEDFE0DBB5A3A7ABEE5B245689AAE0470D5803D1308D78D8A15167F31D87A89E186CA8B5F6566CFC7148209485AEF22B1735FD487138A261D35BDDA857BC0A966A8D407463D1BE9EEF2387F2F93B1A835AAB97A17F496AD92654F5F70DE317120365DFF755077168DD6C3E2320BC025E361A6EB98873DE8F9228A223BAE4138EE114B926C48494CBE6065C08E759109BD18C41FC740057ECA699369737E78C15FBECCD29D1C6406819511B4D115C238469E7D0722D0F17756F2F9AFDAC4343500AEE4C24D39F7C932270796E110FDC2739DE152A42B494C69E38A2909CDF0FEB6E4DC8EC028562EDA3109ADD188CE142B8189565802D648067BDF6497E61758F9C893100C2FCD678DD5CB17699ABBD670EFFDAEE6BDBC510727A48ACF0E4FAAE0E7D9A04A27BB375671048CCB3CB2C69AB232A9C31F617B7608ED88EE44696A2F75F8F35D1938430D482C67861E7E63FB71BC6925F66D793C9BC30D0F11DEB80BC23E1AC43E5D2F91F4DD216AC0FC0379A8F50F290789E72D322E9F75433857D99E5B25DA53F181B52C61E1ED59B99D7D86333C69D8E7989F37FF92D3B51125ACA0C477765D2710DCB52804C620E39E85EF9F01F9C49E5C123B898952CCFDBBCE985CE9D3E3D9D7A3F254FD10614899B694AD59520CDA87DAD998A7F0F4118E14EF50470F3B970C89702849EBD5FFE168E387AE970318CB5642D46D8582013779EA03C956B893BD2374DDB002A14BB0FC8E2098E1612E47703EFE0A75F35B751EBA9539E02915AF108821C3C908315F1C34F578D077A78F91EB6DA12CB4CBAE937CB7246A0C56A9F997D58A180653FE8B5DEFCEF1BC6BA41DEEDEBA6F3D6B695A91C270AAC086D9CEBE4D04D6D939EE0A0C1201F10C39AC3708264DDBD4B1A1B7D245304F8A6AA4229A0F7599837D9ED334246B719C102239C7BB93C0E9EE6EC9DDD57C59D7B88E43E1C19206F356BDC92873F8D7A687FEA9408507B32C2F4103936FDA2A694F486E05129D69F36563ACACDE2D60F9E114502751C2C5A5EB27D8DA8F497260A7BA003A858802F26A630B69A554CE006D78223D400E7E757AD8760D1EE7C8A6AC629E28C5CC0BA8242FE96203D970637578BBEE77466A6ADB19BBEE0B3C894EFC692D200106967F53AD26BE7ACFEF2D3ECE609B89F6A940FCB948D458E89798E5DBB2D5EA7C75957FD9F53F58050CDACA4CF5613C4460C4E3638663D4E2A4975B8271BFD26C48207ECAB05712E1651C352B0621C3376BD713CF3A81DB0D4AB2C3BDB1EF54775BC980BB04E3872C9119890037AD8BA2A984F7F090D8621D442383A2EBB4667F885772163978B346ABECA297D983919D80745B061154543E1C36271D9F5E82D929D2AA007025E8718324E260E992528D0213FD5A5659398FCBDA4080B34D6AE7C7C7DB595BC0A7E0887EA5FC7FCC76668214DB2BA457C2FECC69A37D39C7C2009BC52F7F4304C26A260994395BCADE9072351DAF81D484876ABCDD876FA87CE76E5F024CC8D098351B777D9B908FA5D903EDA4BD732173E974DD36BA039FC30BA6F5EC7C60C507E1EC4A7100CC3042EC30FEA3905998483CDB77D18118C547805C41A26DD0007F73BE9447590DC544EBF8D6880E7E61104DDCEEF39866DB0868CF9C8C0EA3BEC50B2E608540C3BA1AC7D4C9C945EC830A002C15AF68BD349E5E2704F6C244EBC927051B1F04072411AA7299FE88A38D1963FE778F5D86C34DAE4983BC2B6152E84A65E820AACE1FD7BDB5E22606AEB8590EFE2A7A40D4159EAE17D5F4239BA3D2ECC659DCDD7406D76493D4092F0D4FFFBE97553A26D94B4DB223A8B62A135AAA6C692BA1DAE42929B9D4988BB0D7B06B14A60607115AAB791A3AE54D5FC0437954B9917EF638F0EAFBDA8C4AD68C997E732C071A49E6AB0FC66238629C6E027C1EBAE1FEF45874CB28C12298734F0E0BBF838BE199BEC0CE52D206EBA2C4AC6230762B476A36042ACEDC9DECA3D36C92492D998230155D08522D8E11952A3BB06128D11EF142A15376EC172B66294A7006647DD1831ABC0034F0E0FEF507D988F0E60625AA76A535C2388F8E7F5DE8F59997883280BE1BA98B7CE54C797582933B688CD48460ADB2602A82912768A34F9E911F31BFD39094E7D8918F6DA0955F03CF44C0D4B37FB331727F1C36CD130A9CD0CFB88B1F274EB3D58E82E0852DD6C80E0F368C43BA2BEE67139ACA77ADD2633788AB994A29A565380118FE843A74178FDAD308BA5F6A570FA337A6B1E9BD5B6018AAD8BC8C993FFBFA7015D7337477E28EC09D6D9AB9AFA9CBB96DC46F9F9304B0AD829D54812B8FCBEDE58CECEB89E7A992AC0400E7BF0AE2F90768D6EE308C78DBC7F8D0BABB8AEE8BBAD5DF00B04C4C7D70F8B3F0B6A4BEAFAE07295C27EB2FDA2E15C1D0BB5B4318944117FEF36A0A94BEEE967D56A679116151FA916727B66D174824D13DC80024EF0FFDE2C4C24781F6D24ED091F4CFE61B2151E6BC6F5DC08AFB5DEE5E53C9897805D76363DCC57B42472C57C8DD5AD2D028AC0AC9640C14BFB18E8D6D4E6CC505F68AD65C49693C42043595098DA51B7AFFF60D7B26EEF522B7C5D1281B5962E3DE06EE6A09253897379DCE3285DA42DF236431EFD2E60E255DB71F380FC58DA34CA88E86A243B20486FE52B6774CC17C58BF1A2E3978A61FB046EB18014F9485752A9BBA5D9A434F51D0C0A2AAEFF67B801A996E1189BF68A0D3390B94595018FF6F925ABC9F4E12C90B8DEC1BC7D2720F658826CC53082397E19806DED90481E73F99578AD4B1D21FADF9E9D808BA8ED362B3F86E6EF491B13F48F064C22D278016DB5DDB264A4A0A18382913723E8E3FAA13057872D75C158A056176DBEBA30D7C62984E046E2188DFC3AF9C56149187BBA63CBD1D52798B4FC90B95081F5152E4686D3B9293F379F2ED37F365FDEA9E15024FB028C4C1F76A49EAB005FC92692A09BE757CEC084F4856D28A13C36637688FF369695A1FBE9991CF2CA3A10C6646B36B0ACC0CB00BE7BDE17682842690CA18C17E690D937E55098C82FEB02907B83BE2069B336425277E3BAB065614A44FCFA606CE390D504E72A8CB79745C82AE0A259713243BBE863ADAC3496E9254F2BA2AF5007EEA92413327FAC766600619DFBF7C82D4A8B53C50EFEDBC76A199A8CA003D5BBF56BAFC0DBCAA0BF43E4EE53A0DCBC4C10945CFFF2398377EB3DBA89710C0AC3C38E484645A629833B204E68E03D9C02322313E70F20B2E0655146FC8E4D94464DDAB904534FF4A53FB8D5FF9C5B6787AAF969275E817D66525C07ED7966FF96E906FF6F9A3F0B61788389C1F779DC4E6457DB0C2E1056F28F589021211450772BF97643DC8351809DED81C4D8D734FCBFBEADE3D3F8A039FAA2A2C9957E835AD55B22E75BF57BB556AC8");
-
-        doTestKAT(PQCObjectIdentifiers.qTESLA_III_size, pk, sk, seed, msg, sm);
-    }
-
-    /*
-    # qTesla-III-speed
-    */
-    public void testCatIIISpeedVector0()
-        throws Exception
-    {
-        byte[] seed = Hex.decode("061550234D158C5EC95595FE04EF7A25767F2E24CC2BC479D09D86DC9ABCFDE7056A8C266F9EF97ED08541DBD2E1FFA1");
-        int mlen = 33;
-        byte[] msg = Hex.decode("D81C4D8D734FCBFBEADE3D3F8A039FAA2A2C9957E835AD55B22E75BF57BB556AC8");
-        byte[] pk = Hex.decode("624563CB6E4499327172AF7F15FE1893614871835EA6F3330DD94337204F88D911FFB91B06CF2F07240203F75353906FB7EA7BCD0A4362546D94E60D32833623CD73B1D055DD1C2533CE5B81DE05C02966275D289D25134EF8577C7A489B383D3FA769DD3C1C033325034B731F7F678E5E58426F372F0F24DCEE455A8C6B0E6A68796E7B8D36317B23641E7D4EDDFA1E4F4A5012F50E70222E36527A14A559F4132F025F2C20BD3C2C023AE2E249E94D23460C80B94006CB1E38769A510911672D2E48AA5E5DD54F38746C195CA954D6A909CE33759A222399F209FBCF26641029D08D4C0C3D51D2FD7DAB2A6A3779365B06720B686F052A1FC5A54C5B4A26962F224C194096FA7048372F037D5E9772315B956881615C72EB57A0B661E9851F5BB61A17755BBFB571CDD90FFE562C4F147846407266A43AD9D063CD7710256D69FF6F07164E7A41D13E66C60614EB7F69B621F83237633E36E7F16605DC0A89A774E425323BCA551F211D4AC6110C314F39B873E48062C00255EE6E7E5BCF75A94F6DAC0E182C44532468658A2A6A9A9B72BAD7715E0765A10B520CED236A4D3343FE2A347D726D6107046877FE583F09FC50F4804CAD603810A15C7BB655400533721E4D38E020EFA64E3DA8277DAA437465033C486FCAFB5235B44C76AB27ED5E5D7BFA6CB2EF6EC7AE008AB5320CF861DB605321406ECDB56837572048175831343A1A192E7844225B6A72E66B42C98C7A3C513D2B5A71BCCC329BCF20246C241C4B5EBD5F37ED144C1CFD173F6330F78D40C9A952192201126F79EB1E444BE27E3FF500FDFA0BC27706FF2A4381454634540D3BF44CF418613C087776C940F5EC1928E1190F710909EB43EA715FBAFA3E3C140396EB516C9664A87277AAFC139D343D512C65776056A1C31104645033E03EBEC24D99837D1A427CFB7B72DDF86054744ABBD62B57A8355C8D3994F84B2A4B2CC1B731529E495F811A73414C03FC1B66BB0C58105283F42AF9B2521A5B717D8A3E8DF411A85C68F706006E8B7D1114769E2103FB2B7601DB1BC28B0355D909AAAB3702904F96BA6FCA3152C4F042596A7854B13827222DE0925A47CE40F2AF3FAE9F19395D70DBAD28DA8E7AC34F5BD36E174CA352807F2C49645B05015B389B3666A679AF7A033C8C0659600F6761263ABB6B4BC2360F29267AC82D80905502B7557A295406D605D75828565046DAAE09B12080EEAE67179D53B05A54444B4CC77C1E2DAB2D298D785B841047B5665D3C36E3181CD7AB2DD49F78633661949F585E0A18530D7940046E140D684C033915EE5DBC3A07C34A4178516F43964F0E2E04647324D26107980F68FF990C7B8C0C47F12FC1AC384520485EF061DF373B78A12D80810834AE36E5BA37397D35AA5C4625B708C51066F5C54CB1C52E0A9D3CBB772819D44A875B78AC4A65D3EA7621BE271914770B8D363CA911B8874CA1C16FDE314725B409391933DBD96B5BB013C2723E307D7D9C1C41654049204837D4074FA12B46E25D39E1EB3F74194C08CA47453E2092AF3142D06950FE14087E1A80970ADE4E7C6F6D70294F3710743854AF2D0A1776DDE166895950DDF06B2ACD11E5A248D8CE52EFF276AF9414B0DE264B315D61413EB731154CEC10F0FC230801229311566E781A57F65EBDCA4EB0CA71C62F281AD139D105108FFD5345016734F37C039377F71B36B649661F425A2CF3132CD40FF6DD5668C25808441EB86415136A55F57A1DC5991463A00BB3C67CED334979BE64A192471EC95F9F591014D607BD23585E5F0E03B33AA6E11E70F3314E7305336F5BF5E25E25D33C985B2D86BA0C41980199C506CE420F12523269D62949904174B86B383E41255F64940029094C0E9BAF76636E6E37B6711DA70ED1510E6BE35DE7C34FF8613BF3AD2358161E0E7F58696A669FD50ABEA278872C58BC3B1387F93DA26245E1DF1A35D32BB51F372F1133975E5DA27B5E112B43508D5588EE21D7A2704A9F7B1E7C62454D6D4321171C3647841D4A7BBB3B25DF019F856B7DE1652F26132C55049BF85AAEF21FDDFA03BB873761A72B389B3217C238B1EF315D4778EF4643431E1327350F240040CCF90C324370843554E9C23F6075089FB94677E85377B74FDD6A174F3B628B3F30778A629F6A5D9D8274943110095C3B763E4BC9862DD3F1441DE30256F20FE5DF629DBA55AF182C373D03D1E707253360E69455388554FC8140E97377B38024DB1C1CFAD014949552BDE132F8BC1D066166B48566C4A672B9F07A3C32399CF351AC073665FE4D52D11077CC6E823516920843FDF62FAD5D7D081B17470F16122317C3C84A7BA54B988E77952D1ECD012F90BC3C1E4152FD577E927847A8F943F5B87170A933C7DD5C8DEB4D0D02615E7B66D5CD399D0613CD111784C27A27A71516174B0D9534CFB51B6EE67D77767B818D79444F4FF519397E4C7B87EF06B0826DAE7031CFA63B835D4E2FC5035F3118463977458C6F5EB97F9CC87D77F107C28402F9D616681C108FF14C432315A368071A6F19C18108833137A4DF25764754FCF509EB6B1B118029CD7425566F4569020F5EEA7C3F5A6B0F3B62E8B615333F5FA43E15484C4F71496420D331D7FD74445816273113BBDA6DD5434DA9537EAD8479F20C2B4AE7648B9B04EAFA3A36143F0AB364552A482B766ABCB33274C832F5B3687B4802E3E369804275A0F443C5B76113E7380ADF03BF7057BAA575521D75F1EB5F774A7353A94D9BEB1BE70D174E602435FE55B8863CF5F71782B83F1AB62C222D5DDC8E04B20D5EDE755CB89E61855A160CBA7F60D708238267FE727DBDF67B8F160280A363F04B5EA62F79ECA260A0DA31B0C016DCF509A32E80A2B91176534A36B345FB2018C17540D14D569CAD14644F1135E779D360078F1D3DD4790757E035A4466B1C097751C01FC0E32D6A0C24ECD16D027441A38D26A9125F0D13039F9B2650E64C31322DE2743FB5306D057C1AE9B2051D916C0E076439070328344C970E47651B2D9E826DF12C6724347FCB3E13C61E0B79AD1E67D747C1BD3A9FF274B5EF0143126EEE3F6A72E10F75A70A77EF46B40B1A2D5A39BC2A2933DC3222787C60AC73ABBD110E73698E6A00C8BD031B626583832490B67647A3499A9431F3446DB4710E24F32F3F321E6C87427ADE28DEE2287D6120C6D633E1036A1B72067B955C3F873026E01957491B5F8D60888C13A91136FAAC24DF284668B31602C24EA4EC4BB0AF4A444C3AD22620E0B046E0CE3B28186265BD34C2EF34A74A56CFF15F230F308C6547D7252D340412F37F279B033C068961CA220A6855624EB860BEE53E8D0C492EA668A81164A87F042D9749DF8B493E4F2564D437ED53183ECB06961A09A3E30C4CDF37013A7435316DD6877CF3E2556689320CBF6B504205CDCF0B5F600EEF300669F65123B60972CA14785E4B54514143193B889D17415769413927235A24BA7D3828A844798179A44914C9F94B47701E07233E5B4050B6044270930583E5381AAD35E1C906952C1CAB143777C26208F90AAFBB6586295F168758400655DFB852BD314E5F5935735D66090521395B56CC60029B752D5D0E2B69F70043DA3A620D6A089661060B04E7402D33B77E726A49AC7C4D8EF52819E704B8B41745811774611BA3F108CD3143BE976A4A310D13320FB3C92B41C353C3725DB54B091B1E2CD9BB474360159BB615AD614399D7635465761748078FFB19828B72A1B57001CE20289E0F02BD15BB5E109FDE3E92BA495C660332337B94EC05568E4AE9065D1B0664CD4D11CA9A0BECDC7AD4041E2C044456B77E4E3C2066A33AAC412D53E66E2AFB12B946079B330BF0852D033342F2914337AE04425A02F80E1CC55C60530C08692008AFC758749726B5340B29F74A3F8F4045436293870A91746FAC025EF07C7D1D065B9D120962F87255E21E6EC73277D66B353D741F2D3ED099670C560D929D5E352D7CB5BB2A529F35FE8E514E4D72779256CBAF0B382A2E082E08294E6CC83955B2FD0ED1C65AC2355674823854F807EE707F83F42120375D4AEA21D076503CEC7DD539645B527856973BC0F06597081B7DCC48D428130A9F3230065632201FFA404FEFBB7EAAD60FA6AE57CE312CF7A51703610B6B9D0BDAD64A09D402C8D670DBEC4146816D80723CDF8E4BC6DA4CD5AA540FF510626F12FCA9485DEF65045257B5B24E896C647FD61C5D12013B3277DAD75B21243AFDA11109826B7B7F5873503323EC665D8C11E5CB441C4065FE1763BF302B21DF7FFBD021763F6031AA36369B198D761FD1FF1925583733EB325F845D754426B60E7FB7708849FEDB54F41A68314805A5C0766ACC9F338A46B29EAAC00087AD");
-        byte[] sk = Hex.decode("1C002800F0A040010E0AE60380A0400001000406101850408100020FFA0F98AF9F7E000701F22F08C060BE81F9FFFFDB1730208002FFF60F0070903E018006F917F8B72F60417FF9F1E7BB3FC0FF8100060000CCCF8FFF7FFD001412B8EF6FE03EFF04090A0CB0EFDF0003FF063A10C82F7F8002040604C89FF03F8082FCE9EBFF0F50C0000304FC0104E81FC0BEFD07F8FB03C04FE0C002FCF611DCFF6F5F4081FBF90128F0FF3F00010609D41710F080C004030AFCF397105F400203FB03FC3F80BFFDFA06FC032CE0AF6041FD07F4FD3F40EF5F817EFBF8F733D00F1FFF7FFAF81F00E8EFE03E85F40A06F407C07FC17EFBF70BA0E71FA1810103FCF90FD05F6000FE03F8F707F02F60FE0403FFE3EB5700FF7E7DFE081C08282081C08008F92D2C2030A0FE8103FEE5236000C07FFEFC0EE60FC00FE080FDF712FC078090A03E7CFC0C1640A01F5F81FB0D00E01B809FBF7E7FFD0508F0B78F20417E00FE01C4A73FC1BF8100F901F0F74F1F800208000014803F1F427BFA101A2C10D06080FEFC111AC4DF7F40C07CFF01120C581020C1FDFC07FE03286060FFFDFBFE173038801F828202FA07F417307F3E7D05FC1B50E8AFDFFF8306F005DC172040808004ECE5E33FB080418304FFFF27889FDF0103FCF5FBF73F0021FF8300FD152020B0FF817D04FD0D3C90E0FFBF080008E03FE8CF60C07A00F9E30788D01F8280FB10F22B686FC0407A00FDFF4B40F09F817E000F16D8BF4F4041FF0602E0D70FD07FFF8301020204B03F20828203F721BC47801F7F01FFFEE7FBD7FF1FC0FCFA0BDAF75F30DF000406FDFBF3DFDF7F3C7FFCF31F886F5FBF8181F904043840F040817FFDF80DA4A76FDF00020A06F02BE0BF9F0202FB03040058D09F037E0100E0FFFFBF803F7E0006FAC3BF1FA182FDFA0E16C0EF0F014182F5071440B0EF9F4183FEF909D4EF5FE0FFFFFE06F81B1840E08002FB0E0814103000007FFB13F403F8DFDF3F00FFED13E89FAFDFC0FE010DE4378850600002FE12F6335810DF410203F5F9CBD78F7F0080FF00E023E0EFE080040206DAD34710BF3D010204ECE7DFCF9F80FD02FC170490DF20FE010107EC0BD86F9E417F03F2274038201F7E7EFF050CF4671FC0C08100FE0B14F8FFFFFF82F9001838881F213FFEFD05E4F3077060BF7E04F9FBEBEF0F1F827DFEFB0BD8C77FC0C07DF600F42F980F60FFFEFC00F257E02F21FFFDFD01E653F0CFBF80FFFBF703E86FF01FBF81FA04FCFFD79F2040FEF9000A0410406042FC0606F4DB67BF5F0284070A0218C8BFBF0201FCF90D3838E0DF41FFFFF2E5FBAFBF1F40800300FC0380D0FFC181011024F47F0F6000810102120CE86F8181810200E0C7D7BFFFBFFEFEF8F1F3CF6FE0FE00FD011634F87F40C17FFC0DEEFBC73FFF3F060A01000818C03F408302FCF90F60209F7F7F06FDE7FFE73F60C005030EF69B476F600082FF1202F4F7DF7F3F0402F22D0080007FC0FCFDE607280820018001FD051EB4B76F204000FEFC21E49F8F1F7F0105EE0FF82F70BF81040500FA3FB00F60FFFE010BE013F04FBF7F7D0210F26F287FC0817C071302E81F20603F030119CAFB4F1060C0FDF9FCF717F00FA081FFFDF601DC1FD0607E83FE12E6EB0FD0E13E82FE00041840E040FEFF00F0190410DF203FFAFBF6F903E00FE03F8403FCF52FC00FE0BF7F02FCFDF39F4F40C381FA020AE417409F810004F1EFFBCFFF7FC07EFB070010809FA0407CFC010624A01FE1FF00FD08EC0BE81F003F84030F02083040FFBF7DFFF81B0CD04F60817F06030C0490C01F408108FC0F10A8BF3F3F7A041200FC1700A081FA03FA21D43730E0BE7FFDFA0BF447B0BF7F7EFBF51138F83F21BFFA0706FE1FA83F40C1000001D433E80FE0C07C0502F2070020C00003FBFBDBDFB7DF60FE82FC010AE4DFCFC0FE800A02E4BB3FE0DF7D0400F4FB0F402000007A03FE21CC3F1FE0417F03E8ED2FC0706001030402D62B38F01F0100010D0C1828B0DFC08401FF073CF01F404102FBF40F1020A03FBE81FF0000FC87CF808002FDF8EB0340A05F407F08F11B10F83FBF3F010001F013084020FF800101FC4300705E807E01EAF51360FF3F3FFE090A0C28D03FA00000FD07F617F8BFDF7FFAF9FD051028B09EC07F01F7F11F2800BE01FA09F20334C0FF3F017E06F9F92FA84F1FBE84F600FE2BD87F5FC08208F72D2430A06040FD02F5F10B20A0FE7F7DF906F4F7B73FE07FFD00F00510F04F3F00FE040702BCA760BF41FCFF0004F00F6040BE8100FDE907686000C1FFFFF8D7FF176020C0FD0000F017981FA080FFFF0204FC4F805E0102FB03D6EB0710DF007FFCFD0704D8AF1F01FEFE0AEAF73FC0FF3F80FB0D100CE8BF1F0004FD0714C00F40A040010002F2EB1FE0BFBE8100F11F08C84FC03F7E02F50F1C50B0DF82FEFEF9F55718C040C07BF8FFE90BD04F7F417F0114FC0378F0DF80FA02EFE91FA07F9F3E7CFC0BF24F906FDF3D01FEF709ECB75001FF800601D2D7FF9F3F80FF09010AE8AF7F80C081010FEA0350F0C0007EF8FDF70BA86FDF0001FA0E162428D0A03EFFFE07FA1B28E0DF807C050A082848F03F407DFCFCE9F33760C0FEFF00FF0B18B81F000102FD05FE53C8DF5F007B00FD191CB03F01807FF5FB07B0D72F403D83FFF807A8D7DF807D8001FA0B10889FBFC1FCFA08F0FF2FC09FBEFFFF07F8D74FD0DF3D03F300E4D337B03F827F0AF41104D0D01F807F02F4E7F7D7EFFF7FFDFF12FA3BF0EF7F81FEFD0006ECAFAF207F06F907F82FE8AFDFC07EFE0612F83F301FBF7C010124F84F50A0018204F9EF0F0820007EFFFC07EE2BC07FA080000005FA3BE0CFBFBF7F0705FACF07A0E0C07CFDF4D93BC8BFDF3E0102EDE52758F0808082FF0C0CF4BFD0803E0204F7FFF7173000BFFDFA13163470CFFE81FAFB04DA1B70E01F7F8003140830D8AF1F417F03022CE4CF9F60BF01FCF9E5EB4F1000BF7A080BDC0FC8FF1FC0830BF7E7E3E7DF200084FEF301D0DF2F00828201F2072818C0803EFF0300F4D77FD0DF3E80050306E40F60A0C101FFFDDD0B809F603DFB04001EE0AFFFDFFD81FBF1110CE0CFA07E7F00F807E04F903F000104FC17E03F501F007F0BFDD7E73F60C0FEFDFF03E41F987FC0807FFB0414E41740C07EFFFE0516EC2F9000C1010703E6EB675F000202FE00ECC31FD01EC17EF60028C49700FE3F01FF001C0490901FBF7C00F40700D86FDFBF7DFAF80360D04F9FFF8003B60E7FB7708849FEDB54F41A68314805A5C0766ACC9F338A46B29EAAC00087AD394D1695059DFF40AE256C5D5EDABFB69F5F40F37A588F50532CA408A8168AB1");
-        int smlen = 2881;
-        byte[] sm = Hex.decode("820713D8B1371DF090139185CCD8653129882FDC98C3FFE2E84BC7F2D80EBAA1ED2EF0270809C60D2AFA9E4250A237AA3432E612FC95427E40740031C6B8A6AFAC01A4D4430A8BF6A54F262C57E0235FBC4981EAC6514DDD8A92C551597E2E3C700C85C26FF62DEE5B72CE035F2B7457CE02556A6ACFDA6E985733E6062CC0AC1175DB2EC9D3D37F8984B315954C79EDEAB5B0B1432F6F25EC553971CB4DF7E012F19B9FDC5451EFD313FF71E8E97AB9EDE423A0F7D700F212B7A703735592298ACC16CA62BE985301E3B9C12D076E3C168A14F6FD5901934BED20199687B5236772A36596EEC99EDAD3362538FAC2CB46E0D1D546D112C90082307D41EB91AFEE0012E389D09ADAFAB94BC6C270087E769E9F1EF51B6F37E26F0329C925C87CFC661C65CC0CDDCB8955438DEC61BF2F0A1E644F4E8072DBDA1D3E03CB45C79B14DFBF8DFC9C220482B88AE60C1161B6D5B55E8B1126AD84C05C021A69408EC230ED2E377671E3E8662F57ED83D6C295E45A35B19E494BD75D0C2BC0FDC517D40B066E78A5F1FF99D948644A590998B6DE51BDCECEA27E13A118B8A33AB276563B203366F8790FF8FF6C617957FEF2873C32FA658D8F5C7D25F4665B25C73F7D4EF3CE91077285EB031ED4668A0692C3926E16AC928C4A331D8C79C8E93C2B93A2571D171B383E339608B3213462B20E56B6DFB14A6642CE0E2244C770EFFB68AB4D039AB34C172CA497F57F272030C376950157A32708E343F1AC11207254FE6A8F7CB958AD8934A5195C8D07378ABA0FAE7242CE322848BFB9B70EF852943E92A4AA8D604909DD0C3FFE9688B323E9126BD1D9E1365AE7243A0458C90269B565C09692C1FF6E72A5E687ADF21555427B77296AD64872F9BE9AE6556BF8A6FD9EF87BBD4C1D9D211598ECC04915387E3613A5530A3866B0084C25F3093796B92AC377F817E09E9E84B65AEE54E7D4C2D4E166F18ADB33A4F3886198A140BD7129722CEF4AC8B5E506DBDC4FF140F71B7B87B02410A25E5DBF25E94F8CA8E6E5DF3687CA1622F144E23A1859E59E45897002697B672D11D614AFCD9691607804AF9C8D7D165078265D9F16FDFCA92FA9AC36E6102BB5E4FBD25D771BB877A2105B03591D5A0805345440B1742DC9AB8979C09847EF3A92E40ADC3C6EE87A003955D688F0B99906185B9F4D31C34094AE8DA9189E828A235A7768900FAB1B192EC3A127586FBB1FBE7BFC7CEAE5738CA5654244CC0AE90ADCA3525F336CD557B293065D9457C1D64B400D1EC567863872F917E7D35CA192FD56A2119D3C3970512AAA3F20DF198E9D10C3938312461E2DBC93A2917BDD427DD92EA49CA4CA4BD2BBC1766AFE446805010683151817B73B26E71D48D9D11E5C5358CF5B366D6BC2206081C1603BCC6DE2429D0DD55DBD8244237A465DAC87184C366553320CFD4E5D14DB498D16A9CDCCC7029AB3F93CEBD090958CA3FD2062DD780B21705F77F7A6DD2517B3C2E23A950BCFD568C0D7AADB35CAB9FBABBF876E48819E1FCC137849F02FC9355BC9DB13CDB6C2AA9CF9EECB82AAB2A36F4105205EE3E9F098706ED2B5A2D7EA1A9378849D1B0690DD8898455E51DB42BF52EAA1005DD84476033995AD13A86DA7A2E388A929E0318F37C53C2D502DC0A4C21C88313726056F33039EF835F5491A2B0118C4263ACE4FABC611B0BEF2C355ABCA5E7DA1EFBD6D9CB570261B4EC5CA9F9BAC1AF7FB25DBF12D77D5BAE9EAEE0266000002F3BF104799157918F6227082E39317C7B48F93A9DCD2D5F6DB8F0D958E9F5DD9EB46E195366AAA188429BD99D33DC15E27047583DBD6A131B2BF98EE022003F124D8D6C82266236DBB4DDC44113784C7F821D58C75511AD9BEB9DEEDECC3DA9521895CAEB33660D9B95F66FA8A2C4048E7C1202E0A959E0CDB4E1D6FC304F7AA48B605C099824E7890B841589B49E91B0223F5B51862E5315D96E50348A74949F9F11AEE6C49C077DD119990F2F46676102738497B79E5959981A625A3CD5D8EF1086C6B7FB95F44B071CD18FA64052CA5E29062813ABAFE51063B94C6DB6DC70DF9E9B9C82F41B2C8E03B6BAAD9F5E484BC219AAD819D58F65C13BAB464DDA67C07D20E2F23ADA7610786FB20D8B6520DFD2535427C53FCCB3B66924322897DE74A10CFF1112FADE0B16D0012FEE2F852B3C8AA734CC413DFDEA0838C2F4821DC7EDD31D16C23AD7CA6B4E8E09AB764810BD741E0A7BA4A86A9F72B17CA2194C6BF62E315312F8D94B0D3D0F6D293D64F9D146DF8E08640E23855429D3F23D3860F63CEEE1E3F1B0E726F0DFFC74B494C1EBE52EA725089CE4F9F7B4F939B936F0592E5507C45B30C75844C97FAD4E446361347B38ACB22334EB7F79A6827754395C6EBFFAE5FABF096647C69D251829A50657E9B2A0EB455DCDAB45B52964C6339837D28BB76ADD4C44684C9D7FC8B3A559EBEF40EE5A2CC4DCA67BFF35DA1B736DE23AB3C994EE458A25B246A60BD602CF6428CBFA300320C1D78FF6498E8D2A504AAC0DC07E5A0D077445A78875F20275242F1D5290EB3B98171C272D4D686948D33CA4F3626D35C3C9376670AD9ACA8C420E5C43156A2CAB9D870E1D06EDD85E652D962BE186D96B2F9CD84585F67424D74004407C291DC1F454644B96E003BD562658D9B9C07807FCDDBEBE761223500B43792EA77AF20525EA0C1897368FC97097DB6CA4554D1AB78126EF40D6AE4A6961F8E90C4D3B10741B6D2AA3C89F0BC24985EEBDF691779BF1CC69B27E076424AC71DAF713295B6D6A620DBC1D6B9C8BE196CAC12E97970FF14A139D5AE21F9D802C695EC4AD957CB340760612894FD76C1537B0E87EE28B56B52A3276063A7E96E48C3108ECDFB2FF37BBD3E1B8AAB2D7407C91DFD7BB6F8CDBDEFBAACCC8D74E1E75B0298F0820DBB02EB372EB42EA768BEEEE93C891F2B768133D90A32D60FCC59BB9E62848F7D3C145ADBADA260461D0FE0D080990CF5C1DE9EC5104CDA10D6F1410A4693B5EED91E4F8275E86E18C2604374D1675EE902A5F8790BB55656ED228640E9043CFB7BDBC6E38850680F69FE51C60F6DB689911505F398B6991C19E5D9A04C4853749E9B5D90F8F627B47B9A490EB657E0576C587EF1D7A1E3005738BCB5503BA34B55888AC6D0E037D26463F827F67705860FADC524A50411E22B544988B15884DEC6FC463526FEF1459A1A47DEDA883B36FEE3C0915C42609B8B719D1E7D0AB1137D101FCBF22EDDD6A148D9EDB29A47128E13AE50F11B8AF5946532E85FD1F6F24D3084AD1F672EE9EF4C33C71AC6C7C8144589984E31A56E48CDE12B51007F4559C2DBD0031448E9A648F1A31AE84B9C457C59000AFE43576AEEFD34A8900CA19121C5B18BB8475F88967DA7AC8F5CDDC8F46B9D1DF7EFF843E65845AA03D3EF3AF35F6223B973DCC2367BE4CDE98464C51FE4556412664E1C506C86D9F691A494E70263CB841F1F0736AAA306F0A06673B6526CDE65478D7DB0FD9E4F49E7436D910FBF3BBD72FFA34823B83B78A7AB8754E9C6E76D0CC5033EC64391906A1B023949384F72FCCD85B4BE279FE5F69D04A6108CBC1706A49EC180EB6B9A93049F517CFC0E9EE45749889CD86C76B3E371BA5D9AF10E9F04911F6A46D734980A9B1D63C05C2276C5756FBB39015526008C3196FAA5C698B41F953045D0E366CA96DA5D46072B5AC836A2F87A5BF577453103EA9DB0816C9A46874DA2699777D071B27315C972C99E6453ABA11DECA1866E4296E451AAD416F1139118E4F544DBAC1993834CD5BF4CE3A83DDBF2177C2FE66BE72A13C93140DEAD9F9EBAAC1178B128D0A2726A91D3C07C388C40D1F000D251370E5AB73D5F429565A5B1431E9B4C0714E61F58C2918E73D381A38AC42181D3DEE092948A761232386CE273DD7B1F8B7C002CB8D9AFDA95CFC116A3DBABCEC7FA991726BE4AE4FE5D547C0B7206E9D53EF329BCF40A84C339C8394C8998B69ED6B372A4672DD79E068FBD7782CB3873526D43D8CCF4A4D81C4D8D734FCBFBEADE3D3F8A039FAA2A2C9957E835AD55B22E75BF57BB556AC8");
-
-        doTestKAT(PQCObjectIdentifiers.qTESLA_III_speed, pk, sk, seed, msg, sm);
-    }
-
-    /*
-    # qTesla-p-I
-    */
-    public void testCatPIVector0()
-        throws Exception
-    {
-        byte[] seed = Hex.decode("061550234D158C5EC95595FE04EF7A25767F2E24CC2BC479D09D86DC9ABCFDE7056A8C266F9EF97ED08541DBD2E1FFA1");
-        int mlen = 33;
-        byte[] msg = Hex.decode("D81C4D8D734FCBFBEADE3D3F8A039FAA2A2C9957E835AD55B22E75BF57BB556AC8");
-        byte[] pk = Hex.decode("EA7347183E405433EFF49CB63A9E736B39A86CB67125110ADF35536A44940BAAFAFAB19FCA5B8F11CF72F7199E051A9A607D75D093FD1DD7F7038F4EBB172F9549747FBEDB2EDCF24BD007610C111E032C1852E4A92A8EA33057606200B17C785B8BB0B2A08DBE93185F3B931371B256CEF871167BD21876B1D62FEF325BE2D0A716A6ACC3D3CCF516DCB267093035DA9359E8A698C3946D88200E9033AFA1E87A30A7A626056F944010A5CFD972399AB7C52FC0E87D255A589EE0D3E14C4BABCD5CA50A561E71428C98B72D413B117F827F0FB557559FB16FF4EBC73C539C43040ACD34FD676C1868F59F84AA1398A61E99C090A8E1A7C5A19CC23CD21BE2B9CA6E23F6A7E05E3E69AD6516A085D2C58FFA0883EEC30C04B648414C3D4DF1C87AE2C5F06CCEE989ABE455ADCABB6C84FD17D8A9D1158E91C4A2598A153595B4C2F0921ED24A49F758CCF7FC170B3959B2F26791572ED54AA80368D5800025F6138B595C7D8B6B8AB5F340399AAE0C821C4B0A3D677B530227B33525D9A48AEE067368A81305FFCB2E8615035CD56203EBBED33B5B1F5B575F920A627A770F0644610094EDA55FDB7C7BB7A723DFD4662780ADA0BA214D91AAA9C832FC29DB0B59EC14F4681FF05B6E5D087E91F891416CF8150604DF06BC7901B6ED33A5967E91799BAF9E903EB7967D393772F7C170D4ACFA36AA333BBE00AA2A40FB3A8D1EBE9D88926207677BC27BFEA91ACF49E009725D1CC9CA4566FDFEB762F4DADA0ED3323A5D48FE9D19B0B60809DE4182EBAAD5113019C9FB4F9216DAF2574EDE87B41E14590AF2B6E71950881DF07B5303C13EDD4D516FB059C7B7F1DC5CE6BEF6D2ABB65BC6B2D5A0BD555914BCF21FAB87D417F66C87C0F007DFC6DD6FDF22DB646F887037227A20AA1CDACE683FB7F9E4D4959FD9D361C073D22DBD89C4BA32CA1B9BA803BB8EAAE6495269030C24C08C8844427CA72F321303F112EAD94E3823D354730EF3CB2F561728227BDC2321FAAD7ED43B54603F94CDC42A06CFED0F44CF34F357CE3019973988AE101746513DC8054EE0464A8FA8654A724277C511D0EC41EA009F837116E9B51C9491E0D6E7D4796BBB84E854C6097156F8A77CC8913F3D05E8A478667071AC757557FA30958314499E377262C79EE8EF891201A7E13710F4F6B252EF970B9B71A050681CFB0B2147D6108F7415A55FF1E70CEEF738272B8EAFAE18907E6D64F6729F5EDA8FE2E779554B41846521DC530C3CFD36A60EC145D0FDB6AA61800A534D9853A6B364F48F54558DE0132A39B4E5BC1ABC5BF376A5BC02439498B4C21FA9C64A72A9A55E51078724BD235E3D75D8AA12D4186C2D8E65CFF70E93211D996556B67A0231CF46E80B1F258C8FADD5662BB8D23B84C8C5EEB2612B0BC2A7B432B321AF2253AB16EBA0D24CCBEBC6D9DD83DF22DEB57EDDE1677CA943FAEC92E560E58FA0009F7DC4673722DF8FD38299FBB34FB61239611DC97A6D24B1ECB4CD6DF5EC4658304D34EEC218A55876A338BFF8BB2470B7F8275DE34863B27D5DA1AFAC7A24039DC53ECB99079E0D7DA4E3A5632D97AB065D11EF17BED267CC88EAC42A9A7C119D1211724D0E3A68A54A6220CE471EC3CF49FA21B4541FBD0CB8257B6396E4F2CFC8BD0756D4C0703F5B5CD656268E98C043CE4ECF34A377B8846817DEB391CACC4050E797873A1F88E974106471944D8A2A25E80FD54024C95A2B5E496FFA076F7930EA29AED839AA58954E5228F2EF55420C048E3AD1EA894EBBD4851AAF0A8C99CACA3057C486A0E0C2F1763B4F3440C87BAA44705F563EFA435FC68D165D0544902A3FB3B84FA8D74001F4C314F106D4AF37BFC54191598D2A28869F46D76B68D72D5FF91AC1F0E31F556F2030C816EBADFC9F72A55B9CB5F9D4C881DDF35448140025651B9D0EAD4C59845119C8D3FDBFEB219142C3C6820032BFA7644DF7E7D2783E27E8786053B02EC68EB4CE6DF29BF9FA8B1BA2E8A6015419D0A3D491E884C4059184B9C6E7BC35908EA60BAF531EFEC1D2379389291BC5E17A31F1ADBB5AC09EB3EB845F3044D31706543F063644F6D5E7D6DC686750134C9811B4BC230EB1EF7E8B214D82E444B0D3EC367D5D5D0912B5D6EF40F3D36302D726D9A988C208567067B5C5D9521EAD36A23C8E9C956443141FF78569A8E0D9EA2BD815A3A9746CF4F1CE603E0894529948D873A67C8F244DC10D9B706E127D508C0A814E9132E1AAD7DEC1BFFFCBB98EC65F1BDD6A8A03DD08256EE50869EA3509C2797184BACAD88798492F8958327D5F1071A90F0698EEA7676B4A86DA0ECDF4F3EB5553599514CA78773CBDFC9F091124E62181C637793A98E02847143ADC41CB3987334566846E4D201CE926D23AD382CA2E5E153342E7AE8CDE9FDD76148251F09C7290ABCCA43037BEE98947BD673B1FE28C0951298BDC45317AF1896D0E4B91BDC2AC886D18DB6008D8565FDE10D5D87322A5777C66A910FA2710F83BF61B396E9F82C2D68FF4B524616261D444F7AE05B57B4A86E23C6B759504812C305906ADFB5C900360E79EF73F0BF0233F5181608ADD756B40EA15DBA12B4AF06B1952F3ACE3908F6AE4625202DB122B5087E7808963426B23CE9B85260C924A677812EFD1A55E08CE2ED673BA2D6DAC7222A336CA6F0A05996DA63269EC3F5BA62E24593472AD7818C1800DB5A727D0C8A492EEEB22AB981CB688853751DA34F34A6723591909E2197D1A4D065737AE476831C19F92953CB7F889EBAC46A31D247A9108B3450A8F3B4437D0208B0D21558AF4E31DA942CEA458DD88A605DBCF1136A2E47897CE17030984952ABC600B8F30292DA4274593CC71497E9BCEB9CF84986E4C2047BE8821F406F1E000E18F050E3DD8E7F3FBC923D0830D1A84DB2B08F8E0623E3480A20A48E20A2F0F37E144CA58283A97A20E12DBE95327D69CAE4234381457CBA8FA237F88C466E8DAA72BF89E9517C28BBF4744D3214EE8B3263DD64C06C78AD9D0CC42517048DAF4AAD330BE626F23338FB6819329D11C10D928C11FDB96BC2A00C269D7839DEF20580F82F7D9B48CE896C45F568A6B38F123BE6B0690722DE463690EAF8C8336F829D4D48E001A7DB63470A39430E6929BEA765B3E8127C4213658C6938CE5D566546528D60C8B938196BE5B3378755580816C8120803A46084BA1980D9F129D47462874022454DA5E040456B2F406218E315149D1B79F7115C81B7F98E1A1A3F61C96138152C0A1B3E124E630902E6033742F7C74946B5D2B4D08DFDFD29FF7479C313FE889B1CCDA14904E0CADD9963F21E564EC09202A1B263440E9CD8EF3C25F2F5D58D278DF530F3940B79D7AAD270497DB9EAB1536C2F59549CFED6E5F4A9AC9907E586357C7CA305170B622CC3A571E45E1891690EF11C1BE641A2E4169C2D037EF6130C7C70104D4BF844CDBBB6C805A9B210B853417F6E2E4C85CF4D6053DDCC94122D5F2CEBAB51E0232E0DE9B19FC5CE0B78D569884F4F2E33BC4B1BF6A370B7F2E317670A136FADB81873EA13178798FA48E9E1123DC5B31D88301054F0D964C3939C0CF1201DBE5B43C1CA9E95698AD80AF3EE0633F973665468039EB73C63FAC0E70DAFD81F17492B022E98C61950A5D50846FB707CB7CDC7C51BA2EB7B2648C22BDF81C17A8EBEAA351C396E2BAA27D014F16388F215C5DD5CF53D077A4BECD1F57D0BCE1CC415C52052934179366443F80EC1D2266A80EF5A4CC09BA0E2301219CB9DCD88F30639B0A5363CEC3847CDC0207FE65B260EC1A4B5D40E3870EBFC1C02F2F4591A4D666E2754A523D9F1A5E79B69FE553B8405E338E4587EE2D03336EC2675A95AE9A35D9FA2D91FF934D30D3FFE4C7635C2DDD2FBF852859AA91EF913263070E238AF16D140A470A8A4A2A38720BD667EEB08E3436EFC4B74A9CC9725A7F0ED64B55B084E8EA7EBD1ABCB8A21E03CEB0F9CE5E3445F226B5797613C030F4ED5C445DFDF886AA6D7230962548B53CB551F3E6CB2FFF4799AE47E2293AD0FB30AD70417BB9F12CE5E7CBF9835B593F8659D98840D5F93FD67E0C48268F770E13726687DDDF8FD41D5B729B1B800892BC46D46154449A230139E80B59BC827B7638E1DDB20C366583892B8FC40E5B038772E4055BB625996969CFBCD95374F5966B5CCCDE8EC98CA3170A43417A941FD1CD00348E12465568A3DBD075A08D282D84401553B658FC64E233C5D3E5BC383606C737A3581CD38CC7BC362A7E79D46CBAAC8A76C2093879E2EAD94A9E9CA4703ED884E56FCA8B4EFF34BA4A002C31C2A15258879610551BCDDC393C0E1E4CDB543BF3273C4AA541D107D3EAE2DC643993779E15D214B7FC318970FCC976C344ED4D147BC226D1F193A7026E949778E67B395B111F943D44CA98E5A4EED33272B13986D48902692325FF749F546A9E6674FD6B8F67901725B8A0543C81AAB10228ACF3AB5F7EB2CA870DB85A69E4E63153DA7F5F8D8CBCB254E2CF003E04362F4E94C6EAB08F53200158B8F3CC8E8333E2EC6D5A4DBB607D6B180D45CBF05A7A9A60FE9ABD902A2EF248B9CA9C516D5871C88AF24C5376A4B3DA19B96E454DC969BD4DFA81170C627A2F6A0F0D3D9C65BB03DC24C470944CE27E108F3402062614F878088945A201EAAE842C20AC99D743E650DAAC82970709EC2D1A6CD5A49A36C434496ED6F5E1558C0580B61312F63C195C4FE5CBF43BD8C3B189FD5F0766041E8DCF336C550EB66C4C0F2B9AA420F260D1458448D4AA5CCBE22340058D60BB0C7B21231ECB2AEB51CFAADD4D10B683248F8ED6D2B61D4D5C66EDA259B30101F71F1C19A60C987019F236C35259E7C39DE6709806D24BCACA2897CEC81BAF76205A488E6920A3792A0B906BA71B9B5095C85F6FC368ED0214F026A6342359CF05C768EF34F1CA5E1F30E76D57ABEF961EA7097B82F8B81B9219D9D5EAA4143F23FB4812CC8E8AA5C089F35E697F1FAE5F45B725560892EA7A99F9C8AFAB2ED9033262780AA97DFD88B0E810EF4ED113494B8B4556C46C287BED57E7F60E0FE2A93938C25F910ECCAAE27293243956F9D8E14F08FC0D6CF1E1F43E5FE5FEA8A1156C94DC94EAC01D61A47966CB7819AC17E8A6C9CB361F4B13DD43A61156D378EC627B0E7414A29BA7CB0300FF1EFA20CDC4A2D2CE25C628B5A6109F4542C23B6E2D3E27C808AD2B706399C23E392D350BF6D7C02F0926D9E40B2CDFB98971AA06DBE751854D8DA832824A68CDD67ADF855541F9B1004B48E921E69FFA23271AB2AC3F2F170035553B8A8A00C8C248E2D8A763A4C95A709A38C56622FB8F4E3694D5B923A2CD8E538F113E8A08DCF19655C3E5818586C334D4E09BC4703573D24DC77804B24EABCF3841F372CECC9954A56ECFCEE60431CB015C84FC6B61C11E15B5899A81D07EA453DE77551070EA5B484FD937CF5C3BA7E8380D38B474379AD0211E35281A4FF6A2291188853439D472E476B2E93FA44F707FB7BE136CA62AB3E9F02D2B864EE25B357621AC7C08AFFBE1B7D6C184428E7A59C0D5365E21DEA5328B183D540DA779A38CDF2B55B710A3B8181A853D04482829AA656C77B94DDEE372B77CAC11D8781F3C554D54C3A74583E630C3FF32063672E903DD4382A85E577043B0ED269D9A5523E1DD32974640BE7AE82E94A13906B19DC3521F1950E1A5FF054C593D413446B3646E738636878C5D2FC64BD602F7D731F7CFCBC297A979A4B2922972EFC28BFF3EA51CA87B504AB011FDECF3344216DC8C99921BBED2E697203B4E994E4F88CCD491329A4E15BA8D757E6804C0F13C0D37D9064B1648C435229CBA60E53A764D9CD4047FED34209F16005BA94D07E0C12E1C27C38406181C347096472AB7145FE3B24069CE1BAF274408FA690391B73CFA1CA56ECD497D5770E01BBB2B8BD424873CFDD8B3D1A28AEDD7DC4172A5489194529A880F1115AFEFF020224FFC7F1B199D7408D888F765CA6F75F4F000508A9707BEEC60E144572D8E13FEE95956968628003148332ECF06136A9504E4DFDAC8BB6BD4A1267809478E43D693A6E8ED6C104A05908A37C75087BDB5954CC6D0FABAA841B86F5DB6473134015F75D28CEC95E0CB87B0A687D37A704B9B7EA7BB9DEB76BA63DEEB2F0ACD7C1140AD02A7FF1422B3FB8CED19962738FFE453F561E908519451F884A015003E65D98D81A61CD8FD7DA2AD14BB4EB2E7FA80E28BFF59DCD12D9065B9549641FE599F41E582E1821C2CCAC0C4DBA6159E0BE7F0BB2847F2299EE23010B7114925C4AC8C2BBA87EDF43694A1824B08745686EA845C02A7BCE2D98F973D49500E79F563B8F0DC054C5F1D30E4826093BB5944D7095E662CF008628278D85C869A69B634AEA2735D4AD59CE0DAB044D6D2F94004A2B9C1591F2FB1F7F88ACD7F5AB252B7E72922287E4473014D26CC43AA3D631B6A0E98444AA8E31186F8A7922C3A6F911A3AD2F03F4372F143F89AF8B758DF20FF26255C31E5E8C3DA86816318AEE2DAAD6655A36CC36A375EDBDFDA241BE8DE13080163D59E6221A90299AF4D070D6658D8EEAA88553DDC03778EF9872DCAF19114F8D6D8B0C13ACB647C49FB0102D79A388148C52BAE905C9D787015463125B336193B495F16C8E35F2146F496EBF780C859EDFD95773B6A19E9E5E582220D2DADD167379F632D8AAD683CC9B1EAA77F141DA66B6F002339C6DAF929F67A57B14191A2829CC55EC5A940716F09FC5A9B08C23881D956A36E2BADFC84E5427A866E2E76B476B2A0DE1B9CD3FB6AE156C74A7689B08D25DCA0AEC4191E33CC091B181F8C67BFE2A5DD82EDFC226D49A1AC7BE8936C27DE05D243209276003A63875B43E20BDBF79D8CA81F7AC56AE94EF46CB3FC9BE5473DC0C9715BF8DAC744D093350B4C75560CB1C099681F0E440FD682A387E7AA70B3F335546F026C5351440A5D61E3C83BF96F07A46DE986A21F7E5A2EB0A28AAC2087C3896E933B708B4A44234EA8AE48946C6A10213521A553A020D7C9991CC31526A4E94D210F97E4216BD88504779F3EA21D52C2A205FA47CCD2405D26F411A9312D561D4CBCA0763311A0EBA45FA48CCE15C80419FE5CA04BF416395D25265280E0382BFDCC868C719874DDC795329E07CBF5C8FE83A3CCC4DDA4B31B15702AEBF561F53634315EC8B1A5423470DAB46963403E10EEC58E9E1C5C4DCB3935B518D4623E6C8C68A4FB13B492B155E06EE3D16BCE6C3E79AC891742AF3B8D01767542EB6B7BC8EC71579136ADE2BC39FD07AFA207C3D3012229267DCDF6CC3E9DB25AD378F836763BC517DDA13CD264C90983D73E2C9E2703740DB4C38773B49625967933F41FF0220F40C976385367675005FE20AECB7FBC1EF5C71255BEFE4A39CE59ADA83F148C5E4383BC65F0440A1F5826537EE40CD55862E7239ABFAA1D458F64F7423668EFE8E1E979B34EE18A71F82BD1975E09EE1613D9F45870B98B9855D28F3C00DA8B9740F50E0C51E506DF1C7C804FBD2A1DD912DEE604B2080069AFC5095D23D726D94552EB7986C14C86ADB5A1306C6B074F5D3605A6C2189C4D22E1C8795FDB77803C60E3CC04B82A021BB89BE2E3C45AC5B914966D4A3DDCBC32A760ED7BA6291B6C728F13AC684A6B6F0ECBEFC06B54249FDB3633A786E0822B1A2E43C3F59011263DA540FE2B4B5D31F5FE2A0954E45E106E1255EEFF02A717BB9061BDB528CBBB7854956824311A755B68EC1C179213C418AE21B7DCFFA9F9DFD8CAE58FA1D0B88670E5A25934E7F07916844AC026CD5E1F768978FC0F3AF91922014D75E50F4253A2C2E3420DB1856C206CA20651703D4AE01AE22B8C3DAC60B8961586986F17A93258ED44C83DA6276E04A9D0E03B04E93939FBBDBCAD6833960F02337AB1211E72BC180EED3DC605052CF86F31F1960DD8DD46E848584E909800DCF13146B6A71A79AA92F2BF8D254132423794FC2416A412B001C47A9875FA4B866868A9A88487FE410F81BE5236B13BCFE9302BA9443F3C4523CD3ACE7DE93CBEF6D9E4E6090214494027F065AA834CF24F6CBA9293A02934E52F20C1C2BC9609B559846B643BF49CAE7FB8332BB91B719E1F1838D7F63F5C3A7D5107431E3B854E03EBA795DE9C717B0C9D692B566138CB338C3E5C6F5931DC33214B74F3A116BED19B91E27572A5EB875F14EE81A8B5F2CA2C98739C93C04611335D221EE922C62F02E304BBE507E82E329B4359807F595D11BB5CF761619FF685034004A5ABC89BA4DE82FFAAD693221002F399A5F1D11302B68291F85079D10AA2D1C4536C70C7739CD16293EAD510CE3A04D91AB80D5BD2D02A93C6CF5BEF703A2273E628EA272987167F8A3E2F8E53C3FBC907C2A5AB051653051266470D74F14B632AFBEE256AB24CFC2C7F6E035A0580EC3D1DC11DB98C7FE605183884CF3D7F24C4B3A3D05A697F95601C367EDE314FD3D7CDCD618DB63BB7599E4577D6ED62E891CFD85C9B0E43F0CA588CF282A5E5070AF8E9CBEA9F1AA1FEC53CF411C3EC301967130267B769177AF5508DAFB62F5AD7D8AC9445C62E59612A54F77B1606BD9EEA24998726ACA7EBBCE63F73C143A56435B3EEFD63310A6DF908979DE38D04D7CC75B5FAD9548071D7D1647EC6AAD9663DB156622FBA093B1C470C535BA155FF88EB90BB7CAC9BF4CD367F8CF68CBC5129A577C31BAEFDA834CABB52E0D02FF1A44FF9E85BC88F4BE69DD5C1EB9D4A547395DCDF8DD82C1F98252266BA21395B4272A50420000A40A50CCB22546CB50617F2D7FCE96DA0DAA8FD668D3DF70F3639B45D25910B8970A6F26ADB6001DBEC9D78E94D020307793CAC8A4E69865CD8B7565765C4C4686B0941F7945095A4ECF808A46930AC66F0B569908E97E9557400D265AD10D2A4CDD023D421922BAF3DFD93D7120E4F2C4D20900BB32AE8242295B3EC9D61252BDCE14AC6EF5B2F73895DC27E5CDBD878F24369A533B33DD67ED239C61C333C9FD879D267446F1DEE3837B66C410E3AB8B8BC4C782CBD8449C7B2CC89E81C0CD0DBBC2DD6FE3AE7F2537DC3BE3E7EBCE49EB63A76FEE5ED0209650BF6E06344FE0A46693855AF3D87FC61DFA621D5CDCF0A39C80F2715392DF2C12685F37390982BAF96FF6475CB436DBC6DBCE4716781BE983393D197902C1C757B831BA1564149711D3D8231E908C8458AEFE45C3147A71F87E046193C6BF35FCCAABF592E48724C7E0582077FF94EF1DAE47D911BDBCC43876978BA38C7D6372B23DF650AD5F27C95BDBBA2352D492B5873C3835ECD142C5D3007A4D16FA35DEFD4C21F929A8B02ACB71CFCFB9540B489F9F0C2609CC2E26C5E85847D06E82B7E53B37C698659482300A18B9C42E962E9CDA8968ACAB266CF1340298693C87CC18AF9A52832449EAB89E84FE63BCBD45AC3F9BDAE65E62EE8F97F1165E40D874E9EF75763972A9413C81D18A1E551AE0208053B6276841F8470C23BF48F493BE5A0AA94AC10CB69F0E60267BDAE69EEE405312F8056A54C47A80CD01DC81EEABEBD8336FFEDBE19E8D66C566658D0F8EBE7999BFDD8FBC9BCCC59480F98B5701C8CA3156A94794ABFCF3132445832DC9A582AFC83BA2E41B6D64C8A1560880B7DA9976FB61F1C33ED52506570AC3BC65E345629A00A611A442928BD908A93CDDACC7D8D997ADC9AD9EDC836A803FB392593D03A79440D4F2F812B4C76CBD8F01D3B7119E42B98C64865EB2AA1626EF1B4C1877F6E484BC4D776C6C47712E88E9AF422D676103A71EB6CB31F360FC0EE898A6C28950A448D77CC07D513CB6A58D6364CB1480892DEEA7585CC9774A42F6AE49468A65A7215D4112C5B38AE6516798CA6A1281042F435AA4D6872A2AD8FD600638F0297B9C732E3D08AF5EAA9E24334E56C57C931B3D5AD37C5E5A5255B3038311A89C600944C0946008FA7F433EFDF3C60B8CB0083DCE9A46247E7B8C790E9ECCD03CAA10379C13D171B2C912927324A818D3EB762ED56B1B1C6EF068453A75B2C3757AED2D04333A11E21F12060EA5FE58B4649970A194E223CEC7B9D2BE63D57742317E93AA66F422E0AD7689878224E921CC95B53511069CA6C5492779864E3657CAE50AA46CD8BAE0B29D8DDEA69F05D41EEF627749BA606F1A614166D143923E0A43A1822D726613B24F4B7C691205F6C6F569EDC542228BB244A6A133D6A97BA66018F9AC0D79884B2623442536F17D9A3EDCBD00975A5890A34FE87C37B718A67A085A2B3579822D6673A3041BB61EE24072B5B67961B01DE05F348A63E15BFCB48D3EE991BE1699E11A06E02255F522BDBB1F74A5E90BC7F46FAA51EC84D1473BD47A9DDF9B0C226DB8602EF74D9D6A54E2685D6631EF6AC744F51BE6609B30BAA0DFADABAC90F6322C4D6D0CCE589F09A659FD2B4FCD7F70874FC1E32C7602D4A70EE1F1A0424445A3A2015185C80838391C80637B369F43896BB990A00D55D0C44CE10A5BF10C853E7702B9B03AEC1CFEB983ECEB22C22F199776CC7EC01DE1782D27359DE58A4B177B138D59934A2308E937F4A6EDDE167113E87001C6D485974DC7ACD95BD3A0C79436EF4A9305EAF894889CE7AA3FB758C2C98800EE51C37F4204C11716384A997FDD4F9CFDF71723B37B8D4F4B15E457126BB98ED49099F0881E0386F4CCBFB86F246AEA4A2790D1B62B6430E35271025CE8C710A1413D293959B8264F6C41FEA8EB007FFAF1FE0B57A0672F9ADB6734C2F8FBE051DE3B3E80670F8169DCFB30CB6EA4A7A9A7E56ECAFD79B4A8C7E35796F94E89A1795D9B7E19FC40253E27967338BC4883E7205E2D70765C38D8256BB2504BAB38274CD9645F3F9C65CDA32A50D09C1B7F98F0467D9FFE3A7385B6473EC2012F265D06BCD1522BC9B82019163632C63049D60C8F79DAD64BD92EA183B3FEDC67B450B88FFB825E0F3C36443394D6FD02D61D42881823D8E224FB0D93F68D39FE0C8AF40C08C7E5A438B9B686F3280B67CF7998532F53DFC01299C7732A69DE3076F28D14769A324620C5535EED84289AA55B06FFBF2BB4D73FA75AC8EB66609C5486559FCB920A2F4217F7FC25184A27D75B197F6C2A479D6900D1D56CFADAB446F002615736C9D541981928E08B4C4A75B6D9E0ADFA6795E374D71640EB096BD017BC16B9A6E71EFECABECC9E85040D9803C88A5F11F2DAFD49B506CDA6AE0EA5BBA9A627C0E89FA6B0D35FA493E4C853D728B1AB214EFE14E39A999E4872857F039C67024E106454328641577DBC7B74F441B01A613576BF0A21950B079937BC9427464CF4428CA5EC21AA34F55A0F42005845D62355FEA077B9E6111DD2402C715A972F8FA43C317713C71255D834588DBDB63B8F8C1DC5D672B346135E138D835B36334A38B0B1514FDD87EBB6D8FB8DC41D13DA74BE01A1823E417D3F932083FAD5F2FAA0B099DD03A002B5BDA0F1997B65B62E2097B948B406968CF7759AA75936CAA33B3279A1A92882A9C9A7109090E0FACF49790B1AD1BD606D551A806B1EF434D491AE50FCE2FD7B17BD605236E4E20616F7B7E27CA1C0592F25F3AA967EA41A73D72F4FE4F241610D4F7806E603A1A188EED49D4C7EB6F34CEC63F7E8B82F33B16D7CCE26CAC7151F4A7674667406941291FB0B6315CFEDCA1039B1B28C0E3F29FD3AD285B044C3C24D317A4D83D47985A2EB0F661AF5589F647D92554407AB5664187871F4D22869948A11E31E59ABCD8A14E314CC46D88FD8E2F4679C473B02C3FA0B5704BD2ABB65BD4917C3E6ED2CDB400CC4C82F9A7B9BC71C02E0AC7A029C159E894A88426E60599BE62F97223D12E318037A16DF3C2AB4F90A76F6594297CD5580DFC287D080AC03B445A9278F51C61E8D693123262014A2802201D92241C1269ABB4AD0ECC02FFBAE5AF52D2BA5AB08DF8CEF1D5116C809497279E7D4D9754AA5BD616BF0B5EFFD40195FD0BD17A180BCFE0585F8ADB1741F52DC34D403993C71519314F103FC207AED3F205DC546CD7996E2A2CD2712E26008A74B292A75A1011BA15E8D567BFC19A97C4359F5209A93600B81CA32A0CB1333BB535B699C0CE95496EA897292410D8C89B2FB9157002F82CCE582D62ADC159C08C85357FCAA0F9A10D137F09C5CB1F427725732BF1AE5D12C95045DC4B8F04BADF4A3BD6DA9D99E30D0C79C3FC49763883F77397D1908A74D84FC9BE14BE0AE638B4CB261FAC04EE77AA2BAA5745BCB4282ACBFEB4945EC820CF507B834C70DB6ADAD6A3E5D0796B375B6A29B42D7564EF51E43943C708FA28C4F565D5867FD7E6260D44FCDBB491B4F1394120002271EAD1C1DEC08CE3E942EB8D681D837EF9387E960B33762B59459CC1812E8A847F7EAD81E0220F4F0A4896DAE94C2C6967EC578AA4D56D0D7CF72C53D17D57DD00079D10CF2E98282C2060B483735BFEF6197619182D592E3D9D7540929DEA260D6BEE7F38A21C267AD0B7194A1FD37082117529F2DBC64A39E170343ED8B8717796D802A57B57975A1232ECD48C79D2713EC1EF8F6FC731118B78F081B680CCB79A0A4232DE73D1EACA3455AF0331921195A8E70DA28D8BD04C178198D55D6DF1C5A8C1B641C26FCE25270A6D07D2C1B52A824A2C089988C35191A98A6085EF3A000D22452AD2C55DB0B87CF00C6BF2AB7E66E341C03BAEA55899AC814DC988391250A4D666A9F98F4A1CB16C80B23C4A97309AD0D42EA85A2776D3F097587648CE0564826CE4127DD1E7314EA9A9CF4910E17EBDCC40B4CEC74647B7271C3B735DC5AE8E958CC30617F01C3BD61B5515C91C75B98EFD8DF09D8BA8DBD513C5CCDBF7C5152C340500B09EDFBA42EBCA260DA419FE8856B4B1F904782815261B3924A5F9347673C02CA252B666D6498518A79682B321A8BCF2514CFE07E387DE3CCA6F92AFD4C31D2E83381A1FA741F5760845202EDFBB55582D3CFF2FF2B04A7D469825F1976CD2A8C388FF958F88B4E52C5916B30E6FE03BB9FF6D721ABAC2E7EC46CF6DAC3362929F00321FBB0BA622E1E87A279D5B01D43326D4AD95574CCB2B77E5C8F5E7E9670F4F1EAC11DC3716E070A8BA20E1FFB4FDBB0B75FDACEEC6E4C426C31CDCFA95DF4A1E4E6FCA2D6D674E641CD707281B9D5EDB5DEF9AC42A212A1DCC342DE5C1057E49763A791EE7635F8194533BB2541A690688CAC2293FF19F26B12E2CAAD572B616DCD9058918866155347FC3B7DCFC5A9FD84A9E020126E57CB6DBB5C3788D8B20C9D00EA68DCB344988BC7D92AC98E3E6A278CB536F0AD1A0D0DD8A60D2EE9775347EA0654566734F3687FC669D270A4FD2574770740E1E85D8453E4C7A8A97BEB84F229A630632B1CC90857FE2666E08FB105AAEC690B22B9035766D5A2ECDD63326AF9B48A3247D7F4007947B9BEC525611223B0957532B818B5A686A027FC0C5DB24A849EB573CCC55C204A2EA6927CB1E811F17E4E23D11399C3F88874B79B455D9470FB47833B10258B6739C120533FCC0A64E97B87DFFAABC3982A62DAD557F01F926B2D01A44DA5845BAB6C784D1E226539663F9AB7C59FAC757CF8C930D0BA7CC74CD98B7A60C755BF63B2362F854BD0D4327C6829E53421122BE8E46C54687958B142857039E565DABBC660F289F40E3036E5FCB332644C9BFE40F88DD932FAAF338188D4B7DE60C3D9C2153BD024ECC1BF3E7B653A3704A14B7EA6437B03FF83DBFB25413528AE9D4E8BACE91B93323BF6006A982D34981AD395D3E52BD33337D02A8370C088C2616B9CFA71CEA8B1AC23D3053F85C4B4B195B7F1F7B2BC11D0CD5FB5FA4FA64D95D14F0FBC26873F31703E15A74EA25CDACE3D8AD595A2EEFF6385406A2CD9F182C24B05D842DA26AD7CB762C76E5B255803BC6A281243700ED74093B6974B88EF179FE09D70483CDE0282E26EE377D526B088CAE8B72AF4D82DC178D71FD05BA2DDF7A912602EDB6153F45E3250571D1CA84D49E543B3717DE7E876D19C543F0A0EB8AF9774A6E2E7A17C679DCF2345D4775F292B150FD5789DEAD85DD1536E5FBD9D3445FD5A78FD7A9761A8D588A8CC97720523513DED7D6E95CDF640C7F7D0667B3A09134571A2E741DF8A007EA56765AE6EC046BEE94439E675BB49B6E32EA14F56AA3FAB2AA45FEAF65938EFA7D83934B5487896152F7C0409BA2572C18C7EE4EF61A5484963586E10F709A1396AA2565DCD9C0B4736B56D205851D2452CEC5E324FA4CB6B8698EAC2C9CE9074A17558F23FB7BC14868B8E73B424C8CABFADCD4C5A3EBB6903CEB7543FFCC5585B85BFFA94DD2AA324C505D7F08EDBCC0024DA4E5C1671B6CE012E605AA6B1BFD58D92E8353F05DA5893E3D3822D76338A4D8013297C5F643D648A53F62E8920674B58675C64D0C662FA08FBBC1E9FBC088FCA457E14608CB0D0272A4C77735BA3A7A26D1DB6DD2D0845178F4FE627EBA84ABD7679B2F86E3D9AF2171927FC74104A9F198733FDECEE23D2D51431641F657A85D63244E96D2636096315F291C019197E73C9E11B5C5A015C12A43D176F6D33E34D9C423C1050545E4CB89DAB3E6A58A8E2FF3415B4831A91E72718E5D09832C4970D3C3D600CAE926FF8A24ED9D14A5E5A623C7A777639C145D306F20A9A5B4DB24C99F824F40B5BF387A0E1B6B49468A62755CC437E787DF96748EA3FA5E537922307E7C0694699D227350BA020A5DECF680599AD95F00C0D73F50B13E8385C04BA03C0F52BEED8F4C1C1D9132A3B9608AA1039169A8FA850DDB4CF01966CF881C64EBFD758CFB245B486FE5689C20FDA833F67DDDAD4CFE4638BFC7F6D967F039786A330D8393EAC7A52150DD7D5D30F79A09CFA383A5B7E96E3B2EB6BBD66CB3D6D844B0BEE333E06D027E4379259465A38516686255550A6074B1814100A60F84BBC3CE560AAD08B21821CE740D90EF12452BD53516DC90E60A4480CA758401660FE1A6EE8A88B433C14698CCC86C4A270338DDEA2DE2A5ABBE1C5CDA9F2C222590AC705A0C86F927D830EE91FD1A3B9ADF35C4EA05915FAB0F988D17C522971B7FD2431088020CABA03543C1E76255045A198EF900099FF2A982D626A4DD09F0E3B573E0660E2B09A8C0E7000DDCFAD466E890A4746D92AC1877A53215E35B9D3EE718B92A14706FBBC87B18A42D91CD4017AF5C6D2F549A052A09B57CBF186D1E9C004624D4A3A7A8A03A89C47353EACFB90647B2C6B29F73C506835E320DB751A1EAD0538B74DFD39B383FD7042B51CD82CF10DCE0C984AE75C12DE1A5BD614045DC91989095D32250EB1137827EC5E0FF91D5AE8807389D238AC331185DDC332C90CC9EE4394FD9EB81CDF04DE8D22F6856C5BEE1B4E5739FFB19CC8A948D24D764947FCBC99218B4DA2C439DC410BE7262C062486D55AEF977C09A36D9262E2BAA088383422BAAA20F4D8F86C3A4D8422851B6343AA15C4A1DD5EF0ACDE63937BE7D7F7444286BF00621CB279F49B47835925D71E07FCFED911E94D378A73548539CEAA7D8D84EEF4BE67EADF7C7B57452CDC106033D2B22DBB25D05856C4617E144F4E23094ED4D2BCB7A5DD1DEDD661432CD2AA369EC0B32169D52314A8646699B49DA27FC6C233C449884F540068127850D6E383DA6CA607A0806561363928FBB259AB5D98ECCF00B697E1810CB5422AC9B2F12AF205CB3721B5FE1680BE7C8E9B89A6EEE126E75866EB44B48B3DB48CA63818E6EB691002B2130B6C591F2605152E382251153A042708781773146D57C7B16D62D5FCC2252CCDCFF10EFFA1BCF2D4305C34E4F19F07595102B0A23929CC5470B9E16060DFB7D0F28956492A5DCC8825FAB6133D490BE3BCA7141F049A52548BB792E8A84B0C6A2F7B13196BB8C27DBCDAE620019EC8E480E6521393C98866B04863B8736039F42C23CA001E3B83178E1A65FAC153CC2F32EAD32440FF6A8A4AC29762903B32140B49BB59E591B6480BACEDEC7CDC77D89C82F60E23B5B127B72B9A271996E2C9FE310346D739045EDC020668D69D7EFA248FD6F786FDC4A5199685D68084A1B4ECB0719A8781EA366B630F0C18D023F57CB302D92F8153FB99ACA4EC2E16C943FCB944650EF9733C97F66F986945B8531B65CA531798CA139D8A31A1CC2657515B0FF4235F0EA527E0EFF2E83B9F160857956C894E60AD59345C95D2319CA82ED49306307B75800036D0CFE6689BF9672F9D065678861F7E174489B789FAC5D6942A792ABAC3D85359C36D35286A51DB42C022B305D182E65A9D11602B6D2E88AEC5A556EDF3979E1660F162409FA90C3FC1377370C9389CDCB305772A225671345D30055A528F27AAA77819A7819F64AD7185202827EBE0D92A1E30B05BC17F45E8422E2A0DFCD3BF1347841339842F908E30502CEDFFBDBF01E2A1CA4C8F8BFD8489FB6A60F1EA4A2BEA49A9F986A9BFE1792F97D0842B74AFAD6E97902FA043A087F2DF276C5D30DBB274A824208EEC77AF7B84B0D4D18DB495E976EE802AD61672EACD514F7CBD355FC7F11673D9198447BD142B6AC1A6225851BA2D7CD3565CBD3D8A7341915B40F713165D6B4B949140B91AF9F89E46FD45CE4ECCB2C259BAC0DE91ACC11442A8C146623A0A64ABA992816FBCE99C835554B6ECA8C53A04CF70E81067BA2854FD2332E9A3813F9A3F1E039D4CE9F349FC1BF9327492DA648740E5ADB7E470B513B9375D439FADDB93A6B928440A31FF6F1184C33E1342CD3B29AD04C22AA2D68F4F3613450B7CDB2A3590CF60C03401949AEA3AF2060047A25F37B6B4D81783A6E3BEB0E6F3EDF523667F25D6093FFC23C0B38C99DFEAA9A6EECA7A7322ACA8417F80F819CE53A3090811733E71EA07B5D3773553335EA7BDED1128D48087FCC05E5860546186B657233B4A370B26969D7E179C49BE552B0D17DB34537645DA06F6B1E40A897FA632D1623303671A20F38971357C139602A03BD170783F6F061FA433986AE9747F3D235B662D29D1DB7F077004E34133EEBA14B2C271F3C160AB1FEA528C85404EF08A33A23256BB47A0E55AFF01ADB49845AF72057F2B9FCC6C9927EC5EFC0B510D65D81A123D082B3AA20CBAAA1301C425CA97CD8EBB2FC9D0DFA17C8F0010343BE3E4B2764A269C598B8E541E02295707B6D30968C75B5EF76A1E27B6C5190B818AB5D543E3E8525D007AE95B948B53E81E96D349041DD97AC579ABC59FE1AC5302691FA88F8453D90BA87796491EDE09F70C67422AE3BA6A5914219321E3EE34DD59379E412009869E6A611D4E0CFC7A56D645AF62E130779438BB89CA54BD04ECF012C94B59A800987B449BA086C859C91F1FF5D4C2C5A558342B2B836DD427D45C07D8789EBAD66C2445F5931EFCDD4EEC651EE22081953C30F7DFFBE1B98A8295A545F829C256060A36849FD80D4BEA694A404B4252D86496521EA0EF4BA1415BE3C3A4FE687E67E715D15C7DA44CD7FA18A010F46E8F9221466CE53503D3A9840FB77D7765B84D5D4CA19223CCB22FE81BE7215C8DD0E49C84D787FA921456A6943C5892539062313FE024A0C2E24D15D75A8097D0D393C422099BED9259878E4EA02ECF174CA3B8F5C80D01E998487123C10EC2E04043A4D87154BEB2087C7194F74201BDC8FAE3D8F202EE83A21DF9E5B3B0908C9321F4431CF108444CF5A93175B4563B253F84897E3F720E8EE87E6B268DCABA7017BB07C5DD29133B5878B6CBEF6DDE103E3E34D8BF6DF151A3A24C077D8529BCD02681DC9E5701F93939B5AAC45FACE46A5855E4B4C3AF82C303999937C48CF3D88734EAF75E3EAF171768F6F48FE2CD5FA9BF40328E642D2510E331BE5C3AD6632875A9BD51D6904B95BD5C17B24C43971D45055C7AC0299017249A936BA40E3BD17B63B510F4B7A3B4F236BC073EEF4F61CE561D893AB5B0A720D70AC138D47CCD5426C827E1AB13B2C140FD6E6903EEAE7B30A06851759FDAA28810A258306160452486199EDD0F2B44F32361E8EDD4A458A93012DDB8B4C08A565DC49EC6BAFCC759237AE69DA0DA41251D9E7E8509E4A09A8917418C6B2705CF7C463CFE64A67F88749CCB80B8B1B20A33B5D9DC3F1E74BAE981AC670EE2D86D7B4C8E891F3D5C98B3F5455423412C641C0315F27A263DE975D8D6DE1F17D6FA51262D8E6B3F32AFD9EFB72958460B5D58F4BB5CBF5AE1CFF2D2835FA294760854FF53522E2D52981FC276793EE5EDA989EDC921CCDC50D4B63A908BF47587E4FAAE3A8A1BCE3A21E331D9230B6B1C4CEC7743AEBB83EE003690D2CCB27301D88518A43B266A2E2DA78742230B2258E5D1855A990827B3A8B900362791AE617A3DC0BA2D12766A70316229028E09F96EAD7C773158A549AD9E500751D812D3F759468E22B86FF85DFB0C7C79148CE152A813D0B2D3979A3DBE3765102204ECDA68D24FA6330D599481516603607FA04439B9A0498BCB359F1EE20D65A5A84816AD43750AD1838EF4597876291C98E82E1F46A6963C7726C89470E778BD0A65CAD07E2A167AF6067CD058152E9C14979152103A7235DCD0755BDD793F9B23AE031133756EE3448CD1F93985B40EBE72F7F54124838E3787182147B84C3B3BF8CA901253E04BF808E3F3AEB84C05AB5CCA8D0C755D7B0CB02BF9E06F3113FFC098557DA3F439D397251D48D2FADEBC40286A17C66E0A8533328DB4DFCE9BE32F115A293567E4EA004157045D6996C7B73F27ED2F25536C2A381996257FD23EE4D962B663940C2A57442F5A7CB41B4E6615B223E91B55A7F98B416B2A6003D3A27B496F5E1A446DA9F0DED6A5AA0D7C283F34DEF97065049150B136B2D0F7A4207C904D836EB1E35BCA84EF2780068ACEF1942C2B31BF1F89CF218044A30CED4AF8743EF034D7F526989B99390D79D7454961C4606F6AD659487A803F4CF5FDA4F0A039664F3EA84AC4D7E0E805759A79B959906655FFE28609963BD8BEF5C82A50922A9836ADB18C9416358C092D69292C40FB3BA288D4029FC6B200E59C7C2FC9423360B11F157E5286D0A796A74A088E257F00954CA0789E3507E572EF3DBA68E3CDC7AE328F2072BEABC0E901D5F5DB1A1F41D14732F471F089FEA9D022660949C80D350B37B7F2F551DC22F665DE00FDA868F131E30C110CCB4C746663513E9DA22E143796EE2E241CDC47E2BBC148A230157C0378193F75248FE64858899B3B357CDC21CE8A6C79D2438569CDBE5A44015038C0CB8C260EA75698C272C9D5B169A4D2FDA21AAAB502DE3C4609707BA7C1B2E118F3F5B8A17DEE019465C6EA6B098139BCA2E6873D9945791F7D5488EDC2FD08E09973A55415ECC21556C422F2E0057387363A3D762FE41B054D3C5ED107C4628C15A409C0ECF77AA5AB911A7D896C9D106DB44720A42E0F89447B9E8D277859C941A5E49F4A577C0B6B0049972DBEA98A1E57991F6C0D239BA052CF369D94CEA0D2AC4A0F178D0652F9E028E12423D8D14D7C8ACE33F7E9FA9C2F8B987F89B1BC22190146FBF99B124D028A5AC57D4B21A8F2A2C9BF1F67841BCF3F47051EBD205822DD7F13AEF2D9EEC54D465D89C987851630D0F7930B4451914393C31468126AE0C607ADF304433E581A71C5A19356231A9C7D9810D282F3DBE109F6789BB997BB73E97650844F62FA1954D9BA9C227A23A65F500AB459AEC13D0D25DAC9DC885A01912C70005F440B0EB1A2C0FAD96C7D597DA59AD0199F7978D8DC871BCD4B8143420F5F9900600FEEF0D8C908CD259AAF1D446841B2F76827CE888E1B8A2C2C2FA63AA0C63764E173FF170526FA3D7973931E6C1317F9E7175BEC6F2D6D9FB36730A604879CE7B2FF5350D1A689A57C5D366EA0C219A8E839838A0FCF45A2ED7FD08AEFD2BEC15C47391D9D18E42C18F03B068DE6FC160C176499D06ADBBAD50F1773D036CE5AAA26247B4ED0B68415D4CD101C8B97567290CE4068F4CAE9A778F996A3831FFEF44CA682100850BB5B6290AD8CAA7C10878352C707C0E7D0D0D90462DD46C6317755E4151FAF1755106983B75B6F0A3FCB923D56BE32573D59062008A48AD6A4A87D6242FB13DCC2A7354D470633D292F3EC598A24AF75362BF3A4096C7400A1E97E31FFD716D75BDE945F8FE5A2A40C8C557A5181E7C4CF155F0E1F168A0F25F3FBD0D24C743977C12F1B6D0B4CA5042017194AC81EDE63A324CFE149482AEB04CE5209F0BD768C7CE90508DFBF5EA9A66A5A6FE038746852359919DDC76795A68A4B522C86D5CFDBA46BBE140DCC5B377F70FFD7B776AD3A7885C43A9A7B5BCE599415FCAEB0CA7EBC1D51573F95822CB3135B602ADF40AEDE049501F6BA26EFC18D4A5E9814EA2C2C4CF301AF331672896A9B383F7E582F3A09BAE7BBCB9AB088A0D7FE43827C393E5EC27F08BC5E85C4705EDDA2862BEC9A4DD0ED9BC56D592F6062F75719ADB6A9CF1C8C2526D6B79E4F53932AEF6031D30498587788B0569F6C0FB226105FE5CA0B8B5239C3D11C795674DFE2C8B46FE16DFE5C389888775E56BD14DAE9985960D0817E5354FAE5F20147B30001A9E8D89E5BDEC5567561A27A08A84E2DEF8182060C003A8CF5DD667AC830497A9D4BD1D003019630FCA28C1E272C8C2EADB1DBECEF8E2CAB9B60BAFDFBD6D75562294E0E169506FACDFDC559581B86559720FB517AD8A010D64D03ADDD2CF9CFE8D2FD244A4378DE585F2DC009B2ED6DAC2FEC87D6097A25CC720E7DC989332C5A341503B7D03CC57A875A1A26DBA88D840F24EF8C86DBBEF37905CBA382A8A5C9980504D0CD6CEBCF00F7335705BFAFDE3C3F82EB3225E5EC63D6D69EFD015C9C51AF71B23215E4BBA667AD525852CA6C29AE3AB303AFDE0279C45668D02A2AA96625FA7B41B268E783F829A3A2464F22436917940E6EB3B1D313F794BAD2514B35954718CB2D92CD7865EBA847D388F046CC7D5D3E3B57D12714E9BFD4A09A18A8A626CDDBB21FB599EBE030CED022E16D6C65085EFC6911F7D154B8C9787D3C4107110809219414377EB07AF5441DFAF02EED0B6C7A6BAB1D9902D7A3211F22536AEC7A0A365BAC29BF69021B46EC80143CFC6B92DF4B09954DD20371C1E88087D73F0C885A68327486A812A1C9C36DA7E");
-        byte[] sk = Hex.decode("FFEB02F6010609070CF80CFCFD01F7FBFBFE02010004FFF002020900F2020602FC090000FEFC12F6F6F9F601F6F904F9030101FE04FF020203010B0706FEFFF7040A040900F8050805FDF3FE070D060C0A00FE0CFE0D0D02FBFE0B04EFF90002F7FDFF030307F303FFF8F5F4F60505F9150304FD0AFFFA1500FBF409F801FEF909F3F3010201FCF90B17FDFD0101FC00F002F000FB08050EFEFD06F504F5F906EDFEFEF3FB07FB01FC0106FB0304FBF6080005FDF605FA00FB07FAFFFA07F8FAFF050810EC0001FDF107F9F2EC03F408ED06FFF70009F80C06F60102F6FBF4FB010207FB0A0304F9F6F90C02F80007F30D0C04F5FA0702FDFDFBFE0607FFF0FFF803F30D07FBFB010300FEF9FEFB0A13F007030A06FCFE03FD00FEFCFFFF070B1004F8FAFFFC0D0605FE0306F803FCF30506FD0211FD060507F8FCEF0CFE00FBF80DF20A0F02F8080011FD01EEFDECFDFBFDF5F8F4011210FF0403F8F3EB0D050212F3F80609FFF903F5F309F8FEFF0AFCF6000EF80BF6FEFA0C01F4F3F2F508FA02F8FF0A060009F9F70EFD04FB060005F3FD02FE01FC0DF30AF706090CFC0006FDF80AFD03FFF80BFA0CF30B070B0B07FC1003FB1404F5EC0709030EF701F705FB00FAF2F500000A0406FF08F5F202F8150F070BFFFEFA0603F9040303FC0206F8FCFDF6030507FF03F4070409080C1106F107F20AFAF3FEFF070CFCFFF4F5F10710FDFC070EF7F803FE060103FFF4F6F50D0B0202EFF30CFAF5F80C05FEFE070802F8FCFCFD02F81B100404080213F8F90C04FFFA080AFCFBFAF903F600FB00F60503FB0106F2FEE80003FBF9FFFD14FE04F50C03F70103F2FE00F5FAF600FDEF03F70AF70604FAECFBF70EFF01FAFE080803F20F0D1704FC08ED00F304F904FA020403F207FE0DFDFA040B1006F7F9EF06FCF909F903F7FD06F602080501FDF9FAF40106FA07FB0CF50C07FF12F702080A0900FDFFF8040A0BF20D04FD0F00F8F8FBFC00FAF0F91705F901EAFCFE0304FBF7F6FF0E0802FF0FFC020B02FC0801FE03F2FEFCFBF7FFEFFBF503F8F707000612FD0605040404F7F3F9F6040B01000009F5F901050202FCFCFA03FD1501F6F104000DFBF7000DFF0EFFFE0000030804F1FDF313F403FCFEF7090E0708F702FE0C040BFE0812FBFE0EFB0311F7FBFF00FC01F8F20405F502F40008F8F70FF705FA06E8FD09F8FBF2FB0704FCF4F3F5F9FE0AFFFF05020D06F4020413F500F703E7FFE30401FB04F9EFF407F9FF04000EFDFF0707EF0509FB03F506F9FCFC0400FF0900F3050AF50CEAF7030905EEF50C06FDF8FBFDFBF40400F902FC0300F6FFFDF7FCF1F014FB03FB09FE15FCFD02FAFF07FA05FE01070E0402FDF31102FE010802F902F4F90AF60408F9FBFCFBF503140FFB0DF80B0DFAF9FBFC0102FC06FA03FDFC04F90DFEFB0301F3010C0FFE0FF90207F80703FEEDFF0A000407F1F8000807F7051306FA090800FE0EF4F6F6080AF503F112F106FCFCFEFD0BFE020CF40DFEFFFE0F01F6FF08FE03F40B02F50406F401020301ED01080508F70907FA02FDFEFC030108FE08F708F6FBFD02FFFF0000FBF9F7030505F6060809000BF8FB00FC02FFEAFAFB030309F806020109070DFC030104FDF701F3030518F9FD0800F9F60DFCFF04F8F41108FF0202FE03F6FC02FCF706FCFDFE08FAFB04FA0B01FAFA080209FB0CF1050C0EFB03FE02FEF80CFFFD150803F7FDEB09F8EEF1F2EFFDFBFAFD0A08FEF7ED06FDF4FC03F7FAFBEF07FF06050A0307F710FB04F5FD0100E901FE09F0EBF6F203FBFCFBFA0008FE02FF0A00FA16FBFFF70BF80FEDFB0000EF01FEF900F9140C0E0901010606FDF2F4FC0FFF0EFF0EF8FF06F9080403FC04080BF7FA01F4040705FEFEFC0203010C090AF1FC01FC06FB01ECF3000B010E08EDF0FEF9FBF4FB0DF506F4F007F6FCF3030D0A04FBF9FDFA00000D010C00FBF0010100EAF7030DFFF608FCFEFB0207F601FCF80109020010FF100702F9EFF800F40109FCFE08F8FDF508F2F6FBF6010EFC02FE0101020D030BFCFBF2ED01F8010210080EFCFA000B120017FF051711FF03FAFBFB17F805FAF9FB0102FD09000CF90B1A0AF500FCF60EF7FCFC09F1050DFAF9FEFAFEF7F50CEBF5F8F3FAFCF6F6FAF308F6F505F6F9060A00EC05020AFAFDF9F50200FA0306F707F9FC150A000D0702070B03FAF5FE0EF7160D06FF050004F9FCFB05010107F2F50103F60305030610FF0B070A03F704F602EEF411FFF9F5FBF2F5F00101FE080BF303FB090402F30509031107020102FDF502F5030301F2F8FCFC07EE0A04F4FE030406040802F406F4060FF2020DFDF803FE01FC030AFF06F50A00FDFB12FB00F4EC04FB000B05FFFFF60EEE02FFFFF7F301FC0CFC08FB06EE06F8F9FAFCF5F30BEF01F4FE090400FDFF01F8F20BFCF40D0001F708F20304F906F20201FA0BFBF4FDF309060BF6FCFE1007ECF30202F907FEFA0AFBFB05FDF60BFEF5070CFCF60C00F5FB0AF909F1F40302F90D000503010705EDFFFE0103FC1004090C0007F80012010DEBF3ECFE09000807EFEF09010EF202FD0A04FFFBFFFD02F3010906F808030409F9FC0D010C0200060703040606F407FF0006FE05FBFA00FB0FF6FEF9F8091105EF09010300051304070DF80702FF06F30A01000102F7FF0EFD010500EEFBF802F8F6F9FC0602FE100105FBFFF7F8F00AFCF906FF0401FE02050A0205FB03140B040806FAF900F5F3F906F90FF9F604F602F705FFF8FE0A020C09FF08FE0FFDF6F3F6F2070002F8FEF1F90709000301F307EEFCFB06F9F7FBFEF9F50EFDFFFFFFF508FF00FEF6FEEDF7FC02F3150106F60803FCFD030FF9FF0CFD02EF0510F6020801F70AF7F8080502FFFCFC04F7FB090BF1FBFE0AFEEA0407F8F4FAFFFD0FF5EFFBFAF7EFF7FF000E00F906FBFD01F9F91A00EF0C0502FF050BFAFB09FE04FA0703FCFCEE0507010707EBF3130103FD04EFFE0DFB0503020C0D0AF7FB010000FDF409FDFFFDFB010BFBF404F0FC00F8F007030FF8F5FAFAFB00F700071205FEFF02FCFCFFF2FE01F00C020BFB04FB020206FA04021008FA00F609FD0C06FAF009F60FFDFA07FC090E0C090CFDF9F7FAFA07FB04F20BFFFC0500F8050DFF08FB09F30104FDFCFE02FE0AFC0CF9F70903FA06F6FBFF01F305F8000807F1F9040E07010A03010301010D11F502FDFFFEF2F9F904FE02FEFF09F4FF05E9110309F3F504F3F807F2FCFAFFFA0BF501FD040107FDF816FDFCFF040404F9F7060AEBFEFD07F50000050B00FFFDFD0108FFF806F5F60D09F909F610FB05FD09FF0C06080EFFFDFEFAF7F9F70B05FA01F4FE03FFFEFD00FFFCF8030D07040B00FE03F3EF03FE00F5F8FF00FAF9F80CF9FC0102FFFEFE0B0108FAF7F8FFF805FBFE02FF06FD0311F8FF0CFBFEFE060CFE00060200FDFFFA0C00F30EFC060608EFFEFDF2FA0405030707000108FE05FC050403FEF800060408F301EE03100CFFF700F9F2FEFC040800F8F8070104FA07FCFE01EDFE020A09F00EFA0C04F70CFFF002070BF908F50201FDF8F80AF90CF205020BF41103100205FB0104FDF50502FB02F7F907EDF3FBFC0E0E09FF0C0505050E020700FE00090609F60C03040FFCF8FB090AEDFEF4070AF3050D02EDFF05FC0503040A0AED0803FF09F50201150F0CFFFE0604FAFF0EF801F90CFCFBF9FD04FFFC06FF06F6EF01F811F807FFF9060407FEFF00FF060B030100FF02F902FD08F905FCF50700FC0D09FA0302F901040AEE0602F401FDF6021703F50406F803FEEAF10AFB01070916F0FD11000E060204F707F60802040302F60F0B09F802030001040114FC09FCFC0A0B05F5FEF80F04FDF8FFFD01F8F3F6FBFB00070704FF0FF70A06F3050D06F3FEFB040001F103100F06FA03FD04F4FD02FE05FA06FBF40FFC10F11407F8FB0AF6FEFB0303FBF7FCF4FFFFFFFD00FD05050900F20600FC0601F40D070403FFFA0505FB06F806FF01F4FC030910F70A03F20809FEF0FF04FFEC06FA090404FE01EB010106FFFBFDF9FAF4F91703F7FCFC07FD0DFCFF07000AFD07FBFB050CFA0702FCF60E04F9010603FB0501070AF806F6000BF6F4F9100BF4F90904FA0EFE0203FEFE09FAF3FD03F908FCFFFB05FC06FA0DFC0001FEF803F60200FEF80D10F80E0B030503FEF103140A02FB12FD0301FFFAF8F905000408FD070C03FEECFC01FFFA000F0C050203F9090404FA0710FE0DFE0FF4F8080808EEF404030909FE07F805F800F7FFF9F4EFFA0307FE06070005FA0FF5F3050A0400F8FCFDF001F2F312FB0D030E000C00FDF4050904010602F705F20207F708FA050E0B0206EF04F8FC000410F0F30DF7FFF508F7EAFFF9FDFFFA0504FFFE09F5FEFE1607FCFF0AFEF40206FC03F401FBF7FAF7F50402F3F8F9FCF8000903FEFAF801090504060307FEFE070E0AF6F501030FF501F40407031007F90206FF14F7F9F300FCF008FC0C060AFE04F905FEFC080704F6FDFE01F8FBF0FE080A0509FC05F803FF0E02FE0E05FA02FF1000FE050814FFFB03FBFBFF060CECFD01F901060705FC030B0BFE08F5F70300FDEE08F1F5F70204FDFAF4F6FF0705F50AF5030610F90F0C040DFE050001FBF9FCF60A05FE05060107FE0304F11104E3FCFD03FCFAF7FF0805FF0FFDF8FFFF050101FEFCFAF30C08F2F30107FBFEFF10F0080403F40309FF030B00FB04F50DFC09ECFBF506F711FDFEF401FF06ECFA0600020108F70CFC000DF9FBFD0111FA0002FA01F90008FF0B09000AEEFDEF01F506FFFEF909F80CF806FF0503100206F0F700F602F901F202F9FA1402F705F8FEF80A07FF0CFF000DF808FA0FF7110701FDFE0CFE100500FCFE03F1080EF60B080603FA06FB0802F9F30D03FB03FB020903FD080700FAF8FAF8F9F2FC0707FAFF0208F4FFF7FC140001FD090108F80D0AF1EC0AF909FDEE0500F1060507FAFDF9F6F8EE0204F3ED0308FE0B0101FE0C02F303F5FD0BF9F5F00C040102FAFF05FE0C010408FC06FD03F5FEFA030700F9090109FF0A000108FA0901F5FF00EDFEFD070705FB0600FEF2000E09FDFDF1020500EE0503F2F8FFFEFAF8F803050B0602FDFCFA0C00F708F40602EFED04FF0B04FB0115FEFEF6FF0AF7FB190006EF01FA0BFF02FEFE05FB010107FE02F7FD00F10EF4FEFE01010302FEF4030700030BFDF5F903F503F10D0904000A0A09000106FD0DFF02FA03F701FA02FD0C080F0D04FDF603F6F7F900F8FD0609EE0BF702EEF5F4F4F70105FBFA14F708EEFDF1FBF901F7FDFCF3F40204F9030401FA0203F103F90EF4110704FD00FBF001F60905FA04FD11F305FB0A0C0406F7FB04F6030A03020AFB02FD02FEFF0DFDFB04FDF9FC060B0905FBFBFB0BFF01EDF50200FBFD110D070803FDED0D010C0B0006EE0302040108FFFFFE0304F6070102EA0EF90701FD0711FCFDFBFF08FB06FCFD09EFFB0DFDFF01FFFA04FEFB0DF90A060D0407F8060D02FEFF05F90AF60DFEFEFC0F08FA0102FC01F6F6020501F407F90DFBF500030800FDFC02FC020AFE08F909F0F8FEFFFB03FD10F5F3FD04FEF80BF4F5FFF6FCF5FE03F8030107F500FDFF0DF2F2010AF90007010B07F2FFFB05FA080EFB07E9080614F6FE0E020206FA01F4F5FEF4FFFB03F6F2FD0000F60007090103EB0211F1040203F5F90901050D0F05E5F307F909FAF8FEFD00FEFEF9030C0BF2070605FF0806FC0011040309FF02FDFCFF01F404F80AF9F807FB00F5FF04FC0DF3F504F90DFFF900FD05FA0908F90303F50AFE0CFC0DFB0FFD120906FAFA0813FB02F7030107F700FC05FDFBFBFB020D030BFAFCFE1000F9FEFE050303FFFB10FB0104040B0B09FE0102FCF7FCFC02F6F9FFF90BFFF90F01FFFEFEF9F6F2EFFC0309FBFDF701FA12F605F7EE06FCFE04FFFB03EF0814FA05EFFCFBF0FF0BFB18FEF7090BF3F50011020C060604FDF015F706F30EF30206FE0A0403010507F5FB00F902FC0C03F901F718FD02000703FAFCF70B00FCF3040602FDF8090106F800FBFAFF0BF9F902FB0615F9FF00F401F9030709FF0305FCFB08FFFFF505FB00FBFA00F611F9FC0A0A04FE11FF021207F7FBF702FA010305FE01ED07FD030E11F900FE000101FBF608FD080F0D0DFC0BFDF900080F020FFCFBFC030513FDFFFC0EF7FF07FE0C09F4140602F70201030501FB07F30C040D0603FFFE010603F2F90CF70203FBFCFFF2FE0801F507F8FB0405F8FD07000C0102F4010009FDF5FFF2FE08FE01FF07070908F7FD0E0601120205FB010606F8EEF9FDFBFD04F80304150AFFF9FC09FA0BFFFB03F80B07FDFE02080DFC020CFA01FDFA0B0702FDFBFAFF05EB04FC03F1F90C03F9EE0F030B1202FA12060505FFFEFDFBFC01FE02FEFE1400070AF8FD0204F7F80DF10714020805FE02040106050C0315F60704FC1201080A0307FE0004100A05F407FDF60AFEFFFCF40400F9FFFCF9F810F00203FBFFFF07030A00010E04F5F106FDFA0EF80D12FAFAF20EFB05F20307FEFFF2F809FE05070800020009F0F6FEF7EC0A0601F2FEFA0AF508FE060004F606FBFBFC05FDFBFE02F9FCF7011100F6FAECFAF7EF030EF9FD0DFC000202FA0B0103FAFD03FCFAF8000F0703FBFDF4FD08FDED09F70B07FE0006F5F508F202FDFD0BF2020807FB0FFAFFFD04010408FA0803FFFDF7F00001FEF4FD01FDFB0E05F4F8F9F6F3F40406F709FA0EF805F7FE010B0309FBFBFE0706FE0B03000D0701FCF30610F3FEFAFFF6F80311FF09F60804EFFD0F080706F805F104FFFF0605FCFD05F9FB040BF614F5FC0502FA0705F4F6FCF407F4FAFE03F6130600FF06FE05FD0208FEF90AF7FCFFFEFDFC0EF6011101DC12FDF70407F609080D0CFD02030AF4000305FAFAFBF10C05F6F0F9FCFE0009F7000100FC08010DFDF805FDFDF5F7F7EC11011103F9060505F4FE07FE03FC0308040E04FEFB0305F9F5040AEFF9F50601FF010AFE0C00FEF6F9FE0BF80303FE0303FEF40A070D080308FE05FFFCFC11FFF501F9FAFAFBFAF9F701F9F5070703FAF7FCFFFA0C02FE0D07FEF20FFDF8F80705FAFF02FE0308FEFC01010C00F70813061103FFFC01F90CF3050C010F05F50101FB1202F805080D0701F7F302ED0AF40B0CFCFD0005F707F813F9FE02FC0101100401F90CF70B08FE0108010000170004FD06FEFCFB010106F9FFF80702150D02F902F8F1FA10FE03F9FB09F1F6FEFF0906FEEB10FB06FE04FBF5FBF806CFC6B92DF4B09954DD20371C1E88087D73F0C885A68327486A812A1C9C36DA7E4F5C254B6292FB5C3DB9561B8793D8AE3E1611423AC0A9F8CFC13E1C85FEC6B5");
-        int smlen = 2881;
-        byte[] sm = Hex.decode("498A996E2B6C14E9C84617F4D63149C4676855D15CDC54A85F1BA00CD5FE550C6120227A77605DE227878113DF3137E13ACEC54F42856C0AECCEB53E1E96760ED6DE0E3F353ED4E4BCDB6B1AAA5CAD3CE1DD882C6BB12D3CF9D1C9888624A54D3E024783DD2C39DD54EA4FFEB280B0E546008CA0C779C8917E8FBBC7A79BEEA32D5E6652FE93D8B4737D47D8DD0C1600D5DB9135B74C0ED6E94D9FF02D06F951FB680902009EB68C34028EEE5176E1D64EF869E14C0AB577197444149CC6EFC60871899B1AC9DA86F8373A1273A97BCE318F40BC6A2AF35CEB52A5EA853BA0588531B87B0E1170EA6F464948A55A84920C97AA9D3960B9A099E947608A1E393C634DBE5DCBC6F0BD55E853470F6AB286CDD126B52A29BE7465542D477E3386821901595597E4D6583B6E16326D4AE71A2967FE20BB755A12CB7037614D3600A2B02D4C8DBEE17670CE7B4B144C3D2BEEE9FF6049B94DE4011DC401687E83211AA37E7A9D043A0582A9A7DFDB0B5A3A4AC8CC58F9634DAD9730311F2CDDEE205FDFBF160DA631FB11D0D0DA9FB42223194B18A5850E80C3537F8148A965EEF7B9A2A81C69DDA4797B28A0FBF4FDB31559F940AB7F47021CCD5881934487A6CB751845BBABCF3D213BAB2C61D21F06927DFAD28581E2F8377E2A36319240DD8380BD85DD1A5BF4828AA4F8F5E11534F4ADFCD1B881DD8A094890B20C4F67F5C1545B4065B84F0B28A64630E332ED2426CE04754BD23E52A90299FF399B240D04CD6677E782409D7AE46F5CF718BA1227CE673C42B1CC0E759429F6486AEEF5CF9BE96087ADAC32606B3D2FA53254C62B9617FE0C8D0490C7C7A77C9D54DFF076D44DE2864E3AF3037511C05D2603354C2AC19D94B6CCB6C6362D57B85C6D3E40E5960F7D3DD00ACE24B07AC41014CDF58B106A6D61B0909DDABE19AB78FA29C5987E7CDE6D5D084C278417645995976C74CB7D9A7D6597A83CE1654209325B788F056220F672CCB16051EC94B34F89B6DD33859F6961432294DAA66805488E894BBCE31BD4BF29BBEFA3B987857A4EA2F87AE9F6B5EECB8BC3DF90547833F3240071AD5A5464CBC9F42DC0E9E96DBBFE1AB2681CE2DC100F07CFF7480DE919AB27A2F51204BBF779380B337A550371960757D3BEFEE45AC13792F9F885AC22AAB4A5263364078AD1474B206BC54795B69380B0056F9CE8325B7B780B6AF7DB44F3AFEC558CD93FA268A6AB9AB6714ADD72C93B5BB011D974F8D2D778BC476C5F41ECF7C7D48E632716EA393973BD67F7496078F937AA45FB33E8ADA4CE5192DFB244A1D8290BBD29F239CBCADAC9E1D260D22781B7B41E8A42ABE21FD0D3E3517AB941AD09013EDE52EB9081F731A7935B14E1A9132FF2EEB2C53ADDBCDD3A9656F5E22B0F6470DC961BC0C1B38BACE2F16649536D28271D7BB9C76BE5B63ED2663C5842335A783C524FCEE69D6964874D4BB56418EDB945EFB097001506561A1ACFCD03B15B42A009C9B150CD1FF57104737E7978185F980B333523FCD89F522A59055515A4895E68C07161C47320CF1E542F03EEA4CEBC76266E2C85916638CA4C054F0F085BDCF2A84B5666932A23FF8A40EA90F6CE2888731E88FB7D90CC24D66934B2FF378E662CC57D516072698CAF09EE3759AD305A30C0C222992D3A22DA664A25B74043D338DCFC6A70C786853AABF31B6B5C49D2BE0BFB0CF214467B511643106E729F4756B147467530F9477503BFB9393D36D4A9F964956DCC0C6ADA0A4CDA17D794F7C6A32C7D8E146C6769B810F97F9FF47BC187C57158684280AAED7807D2FF6B9AC3F4E11CEB29F112C30903983FBF38F5D118F084A5ED22E020F066BD458716B491DB9A9A26AFA5C187FEC28BB67C878F82EFAC22675C0D2B6D62DC1804D7933D68441A9F66419314D66540F30BC7B1A8D1F10F5677BC3C6E236F6D5827F70E3F471686F640A8253582F0E5FF146C3BCA53CAEF22BE026BE891BDB96697549DB993B9A4A1FB4B8034FA9EBE42F7A953155A050CE106EAA94C885E225F2FE61E254BECD43E34DE41385DEBB456CFB70FF8C0E46E19224D5FDB7A38F4D2BFA314DA933D8A93CC8ADB99344641DED33E8AAFE639FB38AA9026DBFA1F0C754192A57B8933C99181DF62C9F8101B86A743BF7D07924EBD6C14EF54CC8ED397D73AE2EAE7E2FB4D6456EE7C68FE6DC0912DF23414FC15575E7B84C161A5BF8CE69738211BA13614B1A40E7507701DF29D3B50C26C547C8E49537D10AACE95424520340A57F1B5B35CE62DC693694A2A68A95409D52DD0A0F167F4212826811993D4F245E56CC36A87C404C3218388947BA63814D3CD5DB8666EC2E2551E8E130E1A1C998F301005A645BFE2EF1D208412F3937246A5A41AA4F3D3A5FA2833B4A30637EA569EE3B2E6B72D90BCB4D79A7022824BD22FCE98905D2DBED895C069031D08B69E0B710B4472BE7BE2DB52898BFFAD6F65D73FD28C8BE578A152E53C9D2F04E206F9BD0714CDFC5FE8E17AE4CDFF12B9CB2EA5CD8CE7FE81B0033C9E1E91A88D3F475012BF6882F3D5A25C1E5BC92B89229D38CAF7314DCBA05636232E8409CEE11E7EA607FEA2FB2E2FDF07EA3994A3129DA426D64DE74186A1F8B432E106B786BBD302FE40889DF80A5B1CCFD129EE0B0DBA5C1D506A8CC69106D6BD5006D2BAF26D51DC9BE072E4BF5EE4D1DF9D7B4235CBC7DEA9813244122DFA753479CB66128753E5C4352D0CAACFC8CC577E2D689028025D72EB6A6BBEFD22F2CB01D5013D86A5F92A1AD6AF48F5B7C9F6AA8BDABC760CA25C0ED93986183F00CF3B9F37385DE183EB614D267DFD6E48C7AE1CFFBF6F977512C756103FBC5AA332F8647CE46D12CCD597A0D982C0CB30D7EC954515793CDB3CEB143DFEE2552ED21EA089A486CA6137CBE87DA4F27008B3758668DE776C46794303E316A3480ECDDC2CD5A97421EF9369CAF27E6AC5A56B7C9D42C64096EE13A1F8795042F24B92566021CAB8A988EA5E5BE324A19CF96BCBE0E5B1E32E932C7F45470D99D785BBEC8F9DA12EF268B330D43238637A16D699EC842CEA24E9BA3F2C58D642C9DC7C482FA73644B5E48B127573237D1F1821206081B7C34809F9839569EE2D2C650347B0EB48B76F1387CB79AC0C6306B9206A65E9C7B1DA55C153FC9D509F5B56AF7DFF6D3909F94E1F7FB57BBAF68555D2203B33F459B5C449113B559EB0272EA9C0D73469B72256C3D730E2752CF64D1AB0B47196FD8C07EC32D2E337242874397A0D5A37ECD4BFBC88C96B1655460FDD63B265D822A13DD20B8837F727BC1ACD58AC33603C73A214E90A59133A72B126240FDBB4BC450FCC19ED6E9FB9DBDA4CA3860A2EAB2CEE7D8A4534D2786695D6DF754F5EF52ADBF642C5F3A46C9A3CCF949A6E6B025856C07F801DEB544BD70C46FE86D4824246E56F171A81CDFD44730D55F89821A0BBFA449B9D0FBA039731AE81CF0612CD4316B0BAA743CB7E9DB42708D40C60A95973DC9CED8C5FEBCA232B093D7A5D6342325233187B9B2593288F6ECC0F163315598AE526861DEB3FE0A1DB1BD649D9550BFFFF90AE242DA3E2D67DB09C248C74C60EA83BBD56490E539C5D486EDD707CCF6C310C3E3A713A09183AD749D6FDCA2959AAF0B9FE73C2FF4373EEF3D4085951EB92ED015733D35DA818F48946648140A01951FA411FDE51792036B04A4A4CD3E5166DCAF152346FEEEE3F585F24532582CFE064DBADC33FF102A39BB4BC05247A3C78820B2639CE455866A344B557ED08172184BE286B0F8611236B68A9A97969795A6DF73F55D9D740B21C7D4832972EB79E033BB48F39B4560B0CA338D85577F76F38BD69626CFCF6969D40102291DA41BD67E7BCECA8BEE6D3AD58681630DDF7EEAE5A50F19AA0D1C353F36377D0628E0EB299F0464063AB8B1CB89CF512001949E1E66C68A750871AE0A3A5FA2108AB4E2920A08892D68719E092B48C3043325E5944F62D4098452B4A8CC63CC0792E256448F42C8DF5AB191A13DD00033600D81C4D8D734FCBFBEADE3D3F8A039FAA2A2C9957E835AD55B22E75BF57BB556AC8");
-
-        doTestKAT(PQCObjectIdentifiers.qTESLA_p_I, pk, sk, seed, msg, sm);
-    }
-
-    /*
-    # qTesla-p-III
-    */
-    public void testCatPIIIVector0()
-        throws Exception
-    {
-        byte[] seed = Hex.decode("061550234D158C5EC95595FE04EF7A25767F2E24CC2BC479D09D86DC9ABCFDE7056A8C266F9EF97ED08541DBD2E1FFA1");
-        int mlen = 33;
-        byte[] msg = Hex.decode("D81C4D8D734FCBFBEADE3D3F8A039FAA2A2C9957E835AD55B22E75BF57BB556AC8");
-        byte[] pk = Arrays.concatenate(Hex.decode("14BE5C398A69D45B0E7A63672036E007981E846337FEE6A01789E7CAFDCD43B59471207B844CCA4240A56CF1DC37941B8669BB2E93B7A84687411425B04ADFDD81011B8DF309F9BC8069B5A0F53292F6F6D1A6B9191CFA8FE8DE932A1403296B3D6492B457849EF361481655174882C2A899482AC9236901E094BE6BE9113E9EB7B18E0018C46CAB21F14502C63553D383BDC53CA1064CE6BC6704EA05161F0C9071428340DD0342F66F0422AAB29950ED8A95363404759A8E08677223A08806814EBC824D40D89F7560175631533BCA8DF81DCED3828EA539BE87328C14183C91A6C24E496227C6F6A98197A8ECE46D5912D99F72D17651F5850901CF4C060B4D1E5C860C12FA479342652B54D5E5F58AC2449C6248483B900E8F7A2654DF3ECD76453450BC4162FD1AA9A36B6468C0E37A18F54A572E9E35C2047513466BE99BCBCAA678E0FBE657488CC110A27393BEC4841A4E7B784DAC3F840DA102438041AEC6BEC4AC261FE118994D38CC1461927D3C08AA4B3A22E2393FC49B5A5C408182FF943C1F59B143BF0F11420C78FC29162F9E2EB81277FD7DD8779F3FCC9FDB0E6065B1C41272709A716DC204C51B47533CE1B3BAE15EB050073E878F70696B92E6C20870E8F3C290CE4812E00C1341D4E36A9ED8BB974EF13A8CECD32F4D36A1E912CBC1A65458454BF58A874245EEEBB41F7FE6D30CAF412010D91F1D455F904459FC9E259C812D584EAAAA200395D23868E838DC7F78C1CFB23BAC26788C10A0DEC2AE358DF79980543B274C096D194D1750CCB74C0DCBE3C30B50B74C8FF33EC1C0C93B65747A01A85D56B17FC2F0CF091E7D98979028FC0151E3E3A3BAE05D0FA5BB9FB9B62F031E8DD9D597E5758DC1632B6040D72B0D65B1C566AB9F846C547C8809E678D86EAE55280F2E365C0B6539D3108763D7D6A3821992B9F0052152D8A4469CFA02B332DA1A41A340452D481660DDD8B2107FF8968113DAE0C4BDAEDB087B9868AC0E3DA8E8B7F54D5FA4EC26C94B18F1919E4E5181079A8C4DD2C2F6FB416D302FC298D943EB43A6B588EF9C9498036A0D59C85FB37FC4EA9C8084DA4C25193330359483EF8D9603B38E9A7107478762557A590D1DC1D07FCEFC9EC969F6811A92B69B184F8E605A489D0872232702464AC8616BF9EBD7ED82657541C3D96C3922B7E2C31A7722CA36B4DDA4CB775071AED78E2829241C9E20096BD64AA69FBB47571BAF11EF42918BC0606486AD5838EA8794B2519A5289C48517AABA1E51217C49718DE8040875D1E1049B0372A2C307E2EF6E43503314540D3C0D054ABFDC85FC8BB4E5B48FF071F0FCFE3BAD96E02108302EFECD21380FE59E1038D7E7D79EBFBC4DEB14CFD1114367EA1E64DD950A84B11E9C1815CA4AD3971EB20752EEF63E2F2A188277A93CA022C1AC3E0CDBE94110240F3D7FA1264385CA9B997BF24C086897D8B23E585D3BFA4F8B611C578F789BE382502A2A14D2CFD899842FC88B300D5E929DCF9388E9F60782DE92F344598901225B94B48C7CDDA04C5141A7296C3046173161A8B902FA9C830FAFD04CA53F62B11403E1D96906ECDDD190C77DDA4350F2FC8A33AF7C5C9BE9DB0C73F726F2730D27A32B85845032A20BFC5454E8C8E3A4501C7A04B5AE82140A65511CF68CBBA3A82F18448B84C0E576BDCC94C2482C08B95E03A66ED9D0206DAB74C32E160A16BCCE9F699AC3E9872BE87774168891C148314C1500B506B6272C87AFA7034899BA202E66DC224A60F824E9FF51C846D651C5FF5215F828093458D60BA1488FE84494A2D26F5BE5A484AE6B57CA2E5502C101A1C4C828A70AC1E7AD3D71CF8E5A4847A56F3D110D18FD501A0A60AF0950518ADD4008540799CC1D1D66DF821D92877B80A6C58780EC34B1C97CBE9ADDF79F923ACD142FBBDF39293A0ECB17F2424C2AEB5714710D2749DBC02351656F54B5268E114B549D1111CE4BA441974AC989AD24B5E1B07C2A74802F1C09014C752A898E0EE9D51485E370644988FC3DC0A531EB6609962AE8C583179833700E944BC002394A5A93F11B69D9F90E5EA56C139873241A8EA824C8ADA018A5A4247D8C46BCE6768FC310C2C4C3E6D3A91158A2F21B37AAE306860C60B890B4EA1F2A3ACBA3BA2D256031E0BC8683A41F454DD5E4929C6201C639A9C6BC26628ABF45B1540BB2F94D0D5D7515B8A553A0CBE3504F76EB5B5A3EA8FC6E115807303199A5ED93E1170F021CD9F48D5E7C260348754E4079926C69D6B911FCB5BA642A68D81477C4631A089037CF95C623C52BB59D697300E0919307E21CF9B0116C009FB38ED08380E2E3C26320A29BC2A01379E202BA115CEB0D61C299F71DD8E153AF3EBDEC1D0187836F6771FB71923CE6E1ED3265492E4728CCD62267B1D49F84200BC094769860C3409F5B07C55CA5A046BA1089CF0685B6BA6804335E8F196FBDCD01174EED8B35338C44CA3B666A5E7620C822E1D14449763FEBBA08840D446987A9308C02F307BF645F00A63888101535C3E256147BFE3A1B93992FA132B95CF3DA5CA76EBC1B1118D4469274628C047C647E76E69A21DA235B837F0EC5DB7A684E28FA38229704E38C012B82F5FC2329B7B8C32643D606C923D4D1CF945361A4E86F637107DD98DDE0767BE55991E42F422D7136CB12989434C2E2D73F9D6089AEAD7B002DA0C823877F102DAF2D827488BC5047F932828EC1598277A68C0A043EE333C25E8BA09B513B71053136C43AC637DE604A801B5D031053957F2AAFABE3B322466393C38B3E79FD3883D4B26952579C7FBF27BA3161BE47EC05C36274C486B28069B85F3A1CCC0729B67D4065CFCAF822314FE481A97410EECB6E629196CA2B4936FDABE460F9323C541220F6B81097DE9F2243598577EE8A931E02A7A4C99019C95A8D981B0DFD84E14FFD36651748B9B39358809587AA66ACE6F700727B16649545E3EF19A88C5840BD1993ABF60DAA5E75F3A8479EEEE400DACE2B9B56A010F5B704A45A9CF67123F3B72E00E3218B08D01EC3E62CA297B95777993D30E7ECEBB84E2C89F3008AABC787E2F463A0E8AD93708B441791389B447999044F2C297F300A09955F7FDE9312696728C4D57C41CD0D6DD171E1DC8ED13C71FEBDCC6E11FAF5661A4762AF1E481D290A99B714A5A9943210F686DDC15F52135DA1C324FE13AB500EF8990A7DA916D36704C0A2770172706F76559377B6B698235A2CA0950603E3664C2B18139E964F8A65EEDF920766960D7AF2C454EA459C8C8A8A0BAC144026EF3E07655E0468FDB0A070D02766ECE413F0CC6B0E8AB6141DCEC4B7176F747CA888BDE34072025FC5903954033E8C2E238C863DF874AE2352E69D6481D3EBA028CC82DAEED636307E25019613B69BFB3C3E789889F12120D6F82E6F147199D426448FB133DA20E2EA35916831652017E7D549BDCF3B2847457021F10F9EECAFE9D8F6B603AAB7C6D66204555BBA86C30F6411720BA1387C7420E39FAE827F454B851B1B6D7FF850338B9F6621F1C00D0160A61B1A5B2C1F416C6B3BF455A4C3E675E5C2CDFCE355C08513A06691497DD1A317DA84C14CC5FCBC8FF1F49DCD820117CD4E11FB545D5503BA4BD4B479A76FC62A30D3202E22643C4151874AD5A4394277246F72BD4F5D09C98112BAE11B037B00125E1BD1E20BA234DD5400A72A63342CDB726EC5AF987CA91330D77F3BD4CEAC2FFAD7579E8112C81758D9140FFD0AFAE0B6BB60CB78F40FDAD784F9085E2134F778FFA2FF71121D9D07E48DBF28864052D851831DF4EB89BD661882C4207E3F5685068D89D0DFD3F73C8072C946125A64B6EBF957C94D4A04409EF9B17FB5A1A7916C4610CBFED3474E563387B69793B3528650FD68C741E260A2CC5D2A229FB00CF4DADC7ABF168EF983F613F2B508A8C465171035D8FF0616BC319BD2B98C88C5728EF92086E4AD316247A199F6A123AFBAC048ACB1E0DAF62A0E17730674F61A801EFC2E6505E9E6029C862C29E79FBEDDEE69F8FCAB716723D6A99B8B091216259185A65C5A9461413EF8616B9102F0BB6FE68E014C62290345C2C89E77511D9746052A188A41AB3E1E141684B38020051EF0E4EE77C979A7B7EE08B91338ED742E30E91250741BE8D1EA6B4B105F428528506B646A027E82711C56D7503049021809C050E2FF3FF1001AEA49FAD40AF255713D431DD7BF6BB62B15B3F22EE53B4FECC7E865B3881A15488C18AC052C1DD90F21637D1E06034649DC8CED834F4A95C511AC19815C86BCE452CE0A9C15BA0B7E98E92280C9F8C7F2260CCE46687B46702F2EC81926B3A4BC9BF7C6E28247B5E248C231B84CCD95131D63DFCD33652D2C1B89025EC954F6C9987412F707846201BA2A07D80AEF7612E2CEA5B473980380736076583D140C71BAFF5C46023D03AFBEDF45132E16D02FA0152A0505DD9E20A4624CFCDB09737E08DD5FD1CF20C1896B7660163B564FCE0CC7B1339D74138550CCED7C7B950CAE55706EDAD6BFCF3C9447AD3D4D2CDE6B952702C0C1E1C3E3272959EC3F82233562959608B8DD7501D1BE022326331AC674D71C01883A216D8801880D14D2934A2BFF3087D3B4E28851C86180F474A4937DCCD901F3BADB1148946EB6FD8E50CAFA588749AA6987B2DB6EC838EA3712D09DF128C6D6810079C2EF26CF4F2082CC539A7B569455AD124E42347195C641B4291C6AE909119DA25E8C99B966B2EB3B009208971C159E4B03DEFD15052E53C398952988548F8D2470371D4142E80D074877E115735135478DA878947939BFB19D4B8410B7AE39B6EC7A7AB040BE4113848B806834DA4DFE8FBCA104D061D884C491DDBE44EF645DF53D89E468884C8692C8F5AFE3CAC08ABE231E721D93F76234604207D1B243FE4C9E69739D49E69ED4E68BB249EA4AE384A811B8005823BB893E8504DB7F0257A13F6DA14DFED71AC59FDB02603D11968F8631F4BC4F0548F51807F22CEB49A932AA154A9CB31318CB2C86413589177E97FB308092EFA08AAF8C4CF0316ABCC8BBB55DA9410721B5B90DFDE4682496CB040240B900A00BDF7D3E19796FF6378333D95D609EADF839E7E9BB05636C5B68DAB394E059844FDBB26DB9013F34FFAA96C88799A3B3CC8F192442A03FEA9F69E5E000D0B2E1EFD05B4D3953C63C0B71E7EED50A97F725542DB6B0D451C64971A9A600CDD5AA8EC6252E2AE8F73C16CADC0786CD970262780642FA8C320896980D596887B76476307A41820A008FBFDA15EE8126027B188092C4AEA08A734558DC1F680D8CE12C25F315421B7CB353C7D5363F06CCCB2806045E2663716188F439A9F654F8736D06BD0F98E1B53F5A5B1444F0CF43F1672DDCCA7AEB76ED2061124B5870C62C4AA66C03EE94DE1615627747D1D930A8DF250E9351FC8CB88E451FEAB0550DC351111F3DFBCA5B58F71A635F68F101F9FC5208084E75C4FD5E7C5664452A9733E481FEC874D17E85DF09FEC044B0ED303930F20600BCE3A9715654A13BC9194822E1008256B8482C6FDDA2E5A342D8CD120638152D48D7F3E25AA7589599B82E4AD175C5C4B09261337EA014AFF273F026F27019E2BC917CFDE737179BF8B8D9F563D4275F9BAA21D17AB16A5B8B93505F6C95BE36CD7277401EBAD6EFA0303678432227E125E6759270593C4903A7C8ABF8F7246E9A070A01C10BAE9168E261C1FCF8D8AE558A3050358F1D389445181A6F1BAE1685B66D1EA41B294CEDED9458325FEC7C0291762DD7CE6219B1D1615082C472CAEB7D616BFE1756622F212AFDAB6A0A597F03A7779ACAA95A4E385E36D4288A72123ED083BD8D9B939F6CA155E29451C81698B8236BAB70127029A258A6B0D6434F02CCB26A846457440990A72EC9EF332851197B6325E2D8499B8C70057F0C8BA6763404EACB43489E2F301B233FD66FE7D47B199A93CC355E1CFC350754D09104938A17F287C88E916AB3E45CE0A44987385E0E56B923BAC0D80EFE37779E570C20470B9B019A60C471D425437F8665B15D3287D02D4E93964778225A1428B579F4C68DA0B3BDE33C2A5014B34D93DA567BF52D11F530E032B0388F8964BBF09AA58FA6B64F4B463E2C3735DA10519312E98D5A55A01A326E6DCBA3F036AEC91206B089E3A1C19785C582263EF808860C79311A10E6E3F77C70FE96A0FE25C85C08A1CD43FF0D9A5447CC7601EBBB429D030AD2E28110258DAF68B9F90C92D4ADEBD0065CC9D1B090F57C93F8C773B913F8C150C6337FB6B32E4216105C91F13188A65E870DC3CCF8EBE18C19865D98645CC4CA866B04E55D8CCB25F6C3AB52DB299BF304D34EBD68C184D552C899DC57A03C783A46E01A8F82AAA35296930A687E6A99250641DC62E9A02D7CA5C96174198753BBE09C1A2A36F09B1A7CA42A787C16D2FB9BF739CCDEFED80CE40BE9EADB69DDEF02B6860A240E4A216A4D50A917D523C9CE43C26B56E4F87B7EAA8960283117D5B396989719476036E7C9DCCB3277192A502177F2FD5A24403C747D70E26B7D824988369517631223EC3B6D7233001020A54C2414C0C4FE3CF37057C59A4B2268197E17D097E24945D95508F23B10794DC904684E33203A6B074A466AFFB3AFA48A830EE6F1AE1DF35C703D5910AC3E71EC4805E402C2743D3BC9D824B02D0760525B5F738196A7E575D921331A61D2F5BD838A3A8A287E2718E538A22D57525AF21854A1B1F0C8044C756618ACAE9B294D5E36D84F720303600C8241CA2C117726CF6E5550DE534892A14115F7920491B9A54A84BE3C2A0E168D3E9ECF1BE3E7E7CFEC206CB22D97273A830514FAE42FF5B2D7FC1589E097217C16D658FFC1C08FA3FB37445B75A3AAEB0CFE91D234037DF9C824EFCB05034C1C2C89949032E90C760D038DDD894205EA12B1E6033F185AE335E0FFA129C19C435490DF53EC30C1B6B7261D1FB89E5427B8D0103BC8D8370ABC42A9B0CDC301D4B9827D27D2FFD361C93976234BC699108DB4B540EF89329CAC0933C1274487C80E4E8F128F54E5EDEC60A102585F408E890B52E590393318359EBCB710586261EDC1E66646B514660D006A2C126CBEFC21EC431D1E99D706BEAC7EC79D06A909D02AD7A694C672F13A16FEB9D51C3F11465A51512F14D23413CD10D7F9D47FAC45B751086E084CB1CBC39E64994C9696B0A3337B9A6E07151E85D91B46AB81E716798604FAEA1830C8EA55082C7F6206FC50ED18FA013934665F21233485597FB9767663E548E60A07ED62AB3A704D7950612032ACF4F811157B292F6FEA408F56CD1EFE1A6D3B8E616EBFE756F5055817F857073E69709B538CD7E863020FD0139FBA6AB3343B88E8A2C25EF716091E41F7B6022F3C06C148F2E819106CA03FA29A6B50E18BD16C347F7C3BBB4A331B98A4DDE7FFD3E6B7A70933844EF37A4F576B14FED215FA4747145CD5008CF90A996CCB7CCABE698566B97A4EF00B605792EF99E260CB9A5D86A0B153E6991A8720457A003003DB44D39EBD567FE9CCF84CCD6C59A765C272A15C683082282D3B103D556FC6160F4126FBC57FED0C183515D5C423229F1805BD2868E3AD8B901455CF8C7A1D2DD6225277C613ABCB6B6F3105C423D502669F729FFED2B857C7979C21CB74403024F3141534294AAF0C5B9C9E4ECD542BF31860009C24E4746D0A3ADB396B91F362F4C3FB5DEB7AEDE2B470487F2EACB3649264AF0C8154A3DC085497EB95DD60D4E6D8F82321BC84945FEE29CC232005E4506127A26FF094F11AB5E63FE9A9F328E817490907FB60DEC2CA22CB435F5562BE22A376A75C0965FF209C7CFEF14F3483D890FE0B659CAD716497C5377EFEE0BC2018581FE10A580A76BE0430A0015F4172DD42E1DB4684ECD7E43C6AB7F18F999591050F46FBC6E92E11A59167423B52D0F820267D604AD671732ABB111CC0AE8C4ED2899B070C7D3DC7D68DFA2154D6906964901414788D29C7F3501B61133E0DA145FD88B0487DA2B9466C988E30BFA9634D35646A81071D3FC599CFB0DFDAAC0D1EC9605BBFE4158E0F63D542728CE577AE346DED77D6C3202808E653E1D4F11461E764DE863E4D2FD87F715630B39C8DD867580572D8C4970AC640022B0CB82897D3779156ED9A10734CCA402EF088DAD77A12242F003453512399794C688E9347CE657424738B335C49D59E7AA2B422B327849484418CE24C45621E6C07D1D5E816D3A6D6A9A65DDB4D1BB04EAA72F37C7B4DB39EA71B99192D7587A5BBF51328412797E1902999C4579903A302F9831EDBEBB3795DD1D09B288CC1A257C4349EAF7E334E9B966C34699B6685BC80DFC1AA1A5DE83306195562AC896840516973777AF437EAADF751714892D84B63517E187731C34A11402204438CF587B8CC19DCF05C826049C0E3304C5A0E3029FC16D2F8B3DA03C2B169A6F6D6A44ED0F35826EBCE85BE7F4DBEBF1302CB042E0AFC3A349FFF98B50C8993FC24131B3DA02B5DC1155DF5FA3CF0B884D9F0892E26B1FD140BA03C4F877BB9C58A99FEB3322F26D5272CA6D000A83BADFE9585385078CAC90E7301F2AFB393147327793BD0A4DC2578846A4E7D69C0F5419D272F1F022DAAE4CF662E9CF59B972AE8A20FA21845A3A5009C23402EA65C2E3DE16209260909A6CAC11FC5A05F61EB20D2C888E3091E0044B80FEB0E3B96292E6AD661FA9B6F7ED9915538D42D44F182CF103956C59C3C6140606DC18F93BE449DC1E2F20986BE14D67EE1BD0003BB18181CB441D070D74EB4E26F9BAC32E64C1EEA97A26C88BD264FDF1A12EC31FD0553E66478425E453B82E0C13DA9DEDA7328C28C278765D1D3B022B2B5B3FB7CEE42C254811E85105D39ACE8E2B64F0BCCEF03571039B7FD9CC2886CDD057EEB9C8C5A47122FBC9B192843B861433113DCAED72885B1F8644A68D21444E59A4ED3E474B1753B4CE034E9E6DBDB4F41CA00BF45A8D1F0B229642082F87D266EA02A972C0D314276236CA5F2013E15092DE373C6F144BE76002843C2C0EE081EBA4A4C59A20FE826F4BD0FCA63C9C06B3DFAB222221D1BD4CBB603AEA2DBFBD6BC722CF479709788D3F518A6D0B542772208E0478F19D00276057D4D7A3C7C391D10C715333011096D1CB7A3646AE5168E3085FC987A0729FCE0D35808667C4F76C7FCB2410BDD80126E56A3C5C72522489D2593F95A862BD5803A0CB0A4843AFFF2400825D41F421B5E7E29D68737273A5645C2142CDA30AD09F0ACB3B720B9C28732C9291442F9502861197CABE46753797A57ED183983F4D940C80043702EB0068F74C514A3A9DEE904EC3854E91E6C33C5BE6770F57ED0540AED19DE64D3304B53EF5F0120E96A4DB66CB4FFC9B3FA79B8D29966AA2CD4522E84DB0DA115EEB79C1457341729C4E91768E92F0FDB0B7E2DC0725E6A98409A73C6400BA4180B4F00C8701090D34017B3C8CB3A6308BB44E843416FD6ECE1773FFDFCA953835945B67BFCCD563A47044F238F00E1CC82095B649BE6176F7A67F5FE8032EB8F155428C7C6635EEDE69176847AB40D2E60BAEB3018395A60BC3AE9AE32B06153A8AAB22FC2C944D8887E0B8A6BE6E3DD39CCE2E0C85C38B8EFD0A08B06F941A86E17800A88CC036021F9D023014C80DC9CA772079A2CB23EAC1F8D78B284D15CEDE7E5367546B1D71CC0332F09ED4BE7C9F0E62F5A80FF462D477AC30D282269A433E36508C6495BEBE3115ED517A24270F048216508D8C20887CF524AC40980E3766E028D553EB34AB7DEC4CB96A940DD15218AA17B8444B4934DE09F0C87D89923B7227F5AEBAE3AA6146B3BFA1A790B3C98CB8F8F711D349E5A524EA9DC5128862AB31F7AF61BE71CE9893044B0770877258685260D5E0AF6B69FF034212B72134B17F4BF2948BD12BB087E82416595A4E92AEFDC505956A449239927BA368220336CE8CE8928A1B997BEB69A42817C44C13CA0DE4FF65FCD100197338877DCA198D7C4DF1484AEECB4107833407751904A83BF8F39269A8EDC405E285E2854B84DA2B200371E126CEDA464B0600EBC9A89BA0A36EAA063F5F442440E669A48A76CC5F9A63105D06FB801B3968CB3BCF5C4C7263088A1712E1777870C5A3240A85500E3ED0B6BA588096C082D07049053DBC16DAAE9828F1B0576E5B003927AF8FD04CA0E38E7BD50FF1CFDB59E794F46520AE42270189176750DE56BC996AF0D47581A18CDFB469717E8861BE49807F38AE1ACCE1036B695D8F67AD2C7963951646EA6D792723894B70ED65368141A4C09CEC5A43812359E0ED2AF1FCB2198FB0C129D2E60EB7F3384460BF79A0F94FA20C97D602008D1408100D37B1563437DB470037C57E2E21D0C011A618E350C203CF459A3F8FE514236183A200BC90658AFEE37F0B94AB329A00361827B7C08D2F2A3B7153C9568426DC1D44D1E07EBF2BC07BCEFC31B5519690C4FD6758DC0AC5FE0E5CFBAF3641267503E0DFB689C4463567996A285FADB4D58F437A66455D5D38A648083FE6E5E0568A03274306D5BC413F1AF7DAAB5C283A22F0AE3498211EE4AD2680A3DE270F89F9F40A53329F91A6E0947244C6181C155A4E2E74C770A684B3B3F8C6E456F2E43F4EB2D0D3C5B07390D9E011E8D2D20E0842A84912185298022B627E87D7D04154960486150C9A721A750A035F601C701C7984296B71ED3680FEE28E5A47D4A78AF3142D4E034D26C431377C81D2201B87D52E57075A1D908A2E0200F9D16B602300A2316A19A1F9996A441D46BF4D1701335F742A8785CE099A948E1A8A12B867F8358BDB7FE440DCCC234A1A81C23D6CAD1D8129D815CD4B4E6073BAC8A78F6CCBE8CD0ABE28D65F309103DEB98F3FBAE877AFBB549D44E2399B8A07C4544985D9C88EA99C679F6177091ED64C374CBB54940771A59E4FB36D241F0764756F29428600961A0FB52E1E6B86012E74654B04337616067BA23B8BBB76C922C7B224614179F3199C007A7FCF534051B40A25DB8B20921C8DF46993D1D0BCD2D175DDB5F04905E9EA93C175754821DD2E07A38F06072A43ADA69A441EFE77AAC95327B869570970E8260F36401C4C7401077ACF0C2F7D3BC23B846BCE0D61F50911CDCFE1A11707565E4D52BCA7B78C61D96296D29B30E483E6C1EEA2534A783439E2D23740730092B170215427A78E079453565EFFA6EBD79EF6D03A39ABA3DC4C6165FA01DCC81E354FB986A09E543488C61F746F6BD7449666DA0D2A267C70C22B52E79E8A5270045EBDBC36A06E6F7AEB85635E91998F2DEC2D8F9FCDD5C955EE34CF4D4E039D59B9171AF084A7E1537C42C8A82B6FEBF3A528165DC465259E1CF7668F33A8D3E03927983AC29B1D052D4E12918A9FFB56C803A10ACDA79F00EE70967776D285CB7A1CC4D99F96B54B2B33429EAE0BF84FC914C182FFE66796DE6F06320B68B398DD92D757B80B4292141D6ABAD1A62394E0E5B71DE09588778741559E37A4FFC2780FCA13284C4BA15E0CA6CBBE2925C448D9D0C8C07699F30CDECC811707B4314C94CC6C2EB1A80346CB4338906CC013B532249260119E518227EE8149A7EB04C349CF4BADA1FE48D38B33B52648B59DB2A85F88C46B61BC37A3245C2B87566231A5AE26D645124993E8CB3FE1604C8CFE35737A654A248DAA21A20760DA210FFCC343B316FEA913658ADD411AE53EA837DA8B2E79DC92CAC6B4986543F5255206B807B9FBE07B56B3E211E337D71EBC1EF53A5C5E51EF044384995C87E1DEEB1DB610EAAF1A1EA866BC8B2E9560C2CCF522333E699E91C92CB4C9A615B967D2D4E992B1A8170428151AD7847849D713B41AF5D44802BECFA50F7DBCA626C5F60C5E9BAAAC67109570175944384E65AA6B624A73034F1C4459624A3D826E97848A0339417AC185B4DF9144E9EF9B691080E20B9BE8452D4633D106E65146EA35F7B12A9105A986FB8B68E31B301F8DB3ABB804244DC01C76E52C4C6972DFACDA999D48AF3561E849B10F00D06916172F27A490BFEF1E8D0FF3CB21F013409A7C1F2CE475B62CC5A86E527BBF369FBCF605BA881401DF460E0EDE1347FB49BBCCD01A0E12D7D97C771F30768E8AEDA387E3AE6E01615EB00F34734AC6DD320C8D97DDBC8F71D64438213D17147B9A0E188BF1C09D1686809F383384BB7101DCA45137C07632D5BF488013EA2D7FBEC4B2538B491081F90C47DA522D919EBCB87D83D941D06832A51C3D51F3439ABD64DB94EF540B86F627AFAB8779E0A52DA8ADC5285CD427965E223F2ECFBEEF8E41540381DA43D8A754B68F78D644A020BBFD295836E854B785CBC0B781CEA596D12ED21B0423368DF51A4252B0E2C4E73BA50841E36B8712A31166C935A4E41F6BBDDC2FD215496F1778C57C233C45B721069A5316D152F98689AE2A9383C9E7453B463F22E21BC78940944D9DF3301136FD829EA11E33A17B22505A2E0A34833E88B28650F67332D244E99587D8A528F891B1AA55A0A54FBE434E8815BB466D0CD0E2663892A0571775D1E513785CDC9938913309B15088C4D90A94C670CA65264791909EA3ACD5EEB929012DF6961400A53E0893EDBE432B0C595FB9CDC288523E70271AF36696A1D2E78DB6D7D3887A17F7C02D277185E7DA1521B7A45BA29AFB235048A403D86DAA6F9289F1612C440263A239254C219E695C402C56011D8AA75C163493B9BD37264A7F452208422988220A1D4A075AEF58E86A778149CB17D094BBDD10A61F94362295EB0D543411DCC6E5FDEED7F400CDD5EBC1BF8F7058B9FDFA71200157A10051D7E1753F92C14C0AC15198D82D7CAAC166B684F719E5F99730CC881A62AAE7351D0DA0C0052EE2D4BCD6D1AE038D0EF496F9F453DE414DBD5207EC64B5591291373D401E13A6AA04C4FF71D46E6657A6E888B9F480B340B160477CE7637816174BB060AF9039409DCC68950C74143080CA9B3BCCECE0DF5FD9A2F42FFD515C82606B324C997F0DB44653A83084A7C4EDB0A2E9D7C8630F5ECEE75313CC5FFB722A9F4FC45FCBEF0CA06384C22C1BD468A5CE5469369A50882254F79A63600B6D17360A318BD243050255A1B05921192D6A69211C26C68AFBEB94FB8C9CF9BE2068A5B0C9507BD2EFF6285473FC6A81AB96002E75792270E39EBC1C0258A63863E7CC9E58D8BF24D1E45B76E2C311F0F7420AB3156C4E7D5326045D861C3C2A25E344E41E11C61254462436A2C1D352990A3DA220E41B23017ABD92FD0C414C08C7C0F9754476D771EF6D542D09A61D025C34540BB18F143E80FCD41EA4A2B21E626E11AC84D1DFFCFA69DF901711FE916EEC4F8F0D131B7762F037BCCCB5DD818CF3292A17EBB0A83B02E8BE29827CB97C68025B6E36767762A854A334D07D46684A530332240BE0BA2B44F48FBDE026D1FD33D22650A2DA2331CAF89E4604A6ED8E262E31E23955D6660DDD5C028E841599E56210008F93D18EA746A8B0964037958B3F4CAB95CAE5201F664A68D2FBBFF221000AAFA138D8758FADD641ADD4931C261E218C7947BD7E79E7365E056BEF562A66299DFD2217C68F22568E8E64BBC228601E8D9915EEE3272E31DDB00F156539CC2C8964600608EC3D87CA3248EBB2CB5AE59C05C1294C22E5E2A22282BD7BC71AAEC0DE44D9FBF542A5B15429A95B6A1FA6EC76E171449EB682795F89D326227B05201652B89162C3035A368BF32DBEC955CD854DEED3E74B313ACA18508EBF16C8562A9E6CA624E1134589C3849B2E35AE1C569E736D7B6F11FF136AA6E61534D6EB96866139E7967102A095D4D9FA0B89817A156DAE43671818759A159BA1D3D894A7C9640091BF18B15B3419B0410A00ECBF11E70015AF7A3E0284547091BCFD92275FB2878FF78ABA5952741FE5EF76DCB5986B403945E9BBE3D681415F6FB106B684A88BBBE0E8311C1DBE95236846427F20583CE4F50C1E40750E074036EA7883184A4B1BF1C480141A082F62C112771B3C33517F2CD20B5E869F1D996BD7F62013F29BF8FD8C6A0324E1ED064D9B207D6A8434B104F4335806092B80EDF84D4A39B4173183A86317B77B0D1D13927251185A91896CC313775D466CCDF52250A6D36EDFB97419225F544BF0F0F179FD0E0EAACBF5DD87B76A31603BE31627EB12EF466EACAD5B3BDE7385F6AE1C4390D6248EB03A689DF78D4D63B53BCEE6117139ADF8AE3AD2249FD181F6554003999BC98F571B0B39930BAD526C1C0F1AF3F358B4F1228FF03FA69A8262C4AEA024B3E4984FC3DF5CA639410A70947216B0A82476E8BF4ADF0A52F18EBC0F79000B0854479349D5ADF2276C3FFDDB86B907D9A3E6F202CAE8178E20B656EA1B5FD4B686D6D4F9A5F106341A0CFB85FBFF11C1F285CE0C9C7C33322B28103406469689CA2AF8CF68D1F6226C08EA72F6813BD8D8A8B3FEED6D1CEE51CE8807781A4CA7125B8857A520FD126B663081642EA95E8CA9D76D1D2052CB60AB54C6CB9DA1C0AC094A46E1ECABD8AC28B4C93E76DFDA534975F36529BCB1B1827AEEC5F55C82CA9645AD172298FC2C1BFC38AA1066B2EE6AB32132058F34C5F17F66D0CE4863FE636EA2EF032C9B77696E37F1261C80E3AC7C7633393C68B29E809000A2C266A51FCF085B24DC4F55ED477A8878904D080E55471AB3CFA53E5730EE3AE85E52EEC2235BDA6267A18684FC1309F11C5E60FFCCD739107A649F2D760A4496E289CE4BE12A5AF1C16F53B4F88388447E13EE2B789E31F1DE44572A01A187F0D8A1D9FB3F4EB2A0938CFEEED42618AB5FC161AF9A89E54C476D24E30D6046864A3BE2829BDE851DDC11CCD255D5D961F3DDD1B8887D7D5642D2C787E9343B494A691E9474E86BA7D14A1B77DEBD1F6871960F48C42691789E718D69A58C94503ADE097B7C35AD8A44B1ECC51F60D4BC5FB08D5955C83B34FB8D90A2E2306791F7EE9FE820F204005746A79F6B34F33BB0D01AF35EDAB77BC3CAB56B3612F34574CCD94A9AFAFC6F12EFFD2B4BB5C3A540A052ABAFB5A58EB4A061BB575345A8546E1EB2E94AEA8569883A674206C6E3F370400D40E6A2582785FC2A62865FB96CC9F5588452D6210B0286F3C5B80DD613D8EBB934A53910F90AC21091B340243CBA168E42C481BC0E8A72414C9DE279581AFF1CE44BA05E7C04A8F0EBC9B1AC4539D2FBE519186173B0B8CAA9CFB39E75A9C3E172961CBD68D2ACAA37FD9FB238947CF34E220C06BCA10EABA0718B4EA77AC24E94985E7941A787108134F2AEB8596482671540E3C03A51F68F0CA1757E64F2F8159B285061C9BA19CF22B6D0C6E455D146824F3100B69E1914E4448200C330C05930D1F5457A34CE4EB08D0BCD5F1445455E259337E2E30920342009AF94E63B6ED85D399524EF3149C10F5C5A086F9FC26F2A9B273FC5915E73CF4A628BFD4513C7983024410EFF8A30C3380F2E50AAC7821F11DE55F9A3B2C81BD0F2CBBAD36E2B9C45FB28260CB8663A953C4E766918F1AFF791DBFA682E2786BF33F4CB170922E43200274A45D57E4F1FE8A2FC2ACD5591C903D4E0C8874700984F0B8D196568133E60BA5A3C4B1A4C688CF7184ED4E9C078E2B14A576842933F12B5779D606ECC64FCE28262AF818E70DD813CB32D9CFECAE0E4E62696E5C300459D1D71B3F39500097EA25A81FD840CB6BE80EB5AA72C8F04164221E77A12DDFCB980489E73D82D6F1C2024FD39AA14FF870E4CD3C8F2CEF2D1DB745AAC14E80B1DF21D7640872706511A39F300BDE1C215C3C4C040E00F579E852E3AD6D79A7CEDD8DF5C9F11FC0C459A3CDD0206EF21459767D98B558783F9880932FAB544B89BC844EABEE7C94308DE1334DCA8A2964812B76EFF74C44172B0665AD790CB8EF74A8A080E9C728BE030115CB39ACE40E44FEC1A95025C46937C7BB67013E4FD84B569EDEB29BF4028C7685C181229E5ADC18E72C2AF605043B42425CBB0A546E92B4F347115DDBF28BEDA859D46550B4F8531C873F960DA53B590AC354FAC61B124EA0880E4D728EA1DC61A7360DDB38EA0D08AC7A0063FF988065A66A709E03110812F8040B713AF9656D4C5B34460C2181772B1D7A57E188DD40ED6598E741B14B70B9EB14B6160DDF3C7B00A57B5B092405A4BC98C99EF51D22D06CAED110C7E8F09329793CCCC913CECA91E73EB605C08066D5E05FC5692B291BCB3B700C6310F2374DC515125E6B884D5167CD87F1A244C37CCF7BFB8F4BA23A516284B396EAB7E533E19F77FFF8C62684906637BB770B2001E786B2001CE07241A3A079319AAFB635120A7C029D3C70109B6DB7F9AB61E00DA79EE8EF06EF056F3628317E571C254F99078E09305854D6721E406926DA57994BB0FA93EB23D00D0EB1860FD33550DD43FC7F967850621691B313C799B1C196CDF53D5A65EF497133F589C3C96322843EE1404EFDF86609B764B9DD34064F6D2EECAE7697E75B004BD11079577D614A89B16E1AD58E010672BF8C2BC227AD9F1FC3F2B05243F0DB236F08804A42F63F663404772F85FC695591E69AA6019CD6B31024CC1C4264391E0C9D08EC4E896B59F6FA181FF6F477911E4C10EC6353C7131744E09842B0B9401DD2C5B89655339303A79C425C8C13547B9A29441119F682801DD11FA26AFDA02858A6F6421472C3200894060C9D671C4B7034A149E8C873E79B0800CE347B83E93EB5A42CF433488B16416819CBEBA38919B80A91968FCD32A00859D50D96F8F63651444BF0600E368C6B1870BAFFC845D8E4E59729A60995FF74805CE47D7A1EA847C174C1C130F20B18290C9C4CE8764D66DABF4FFA83D2F979ED313474B5934D22125E847147F65A76D106CE89225AD2975582CBC4C1DB1108EC59964CE839560FB924D7722D5F177AD6C37A3F116520127C88905F2994F70DB17A5EFF068F45CC3362F467191FFE4A42129A6404FDF61C73278DF985388FA20265B01EC5890405CFE6AED7748FB68226FB6247B3E989028DA71690B1F7211EAD7C1A5B5EE2915121D145CF2B3F2132D49547FAF752A157434C3DB8F69386B55F4354743C093EB7B996C4EC3B4E046158D7C937321178864499FFF8C890C286239E51F480DA10F0DD0F38CA84D4DFBCE2394F981AF92C93ECF3AAEE468E0E4D3A0EA1A33DF4EB95112A9482FF323204A9C230D9DAE43E18A6D0F290FC174E93EBCA3D3DE2CDC14DE43001106CC04783BEF86A45BD596C7138686E4C09233B78E19F7193F3135F49BC89E43386F2C1DB34215FB6918C9DDA989A760101BBD2E010DFBD4AC20FE04F676F46CF4255236F52108812D97D3CC64AC48B4DEB7BE327F61AAA4D52C6AC2BCCFB2ED8A894F7523C7F2F84887D0A310C9A57824831B6E09A31037F093081E97A4401FA23221B415F7B2853832A861AC5692B2921BD4A829D8C46176CB0D9AFA4E2A613B6ABEF0C421562D74AB6B7EC530C4CAF36F4AC70D4A6BC48C998D830E6AA167AA9E92A8975968FADEE4A8431556FEFA5CD8216005A225605B24DC095568166BB728401AD5418C062F81F83B6EEA6AD9DA335DC07B84CAA1C75525108640A1CF2A27DE5DCACC1741E7A627AD640A18B8783CE7E371C23968A8205AC7EFC4A6844DFED2A8FE126266A41E67494887EABAF60C3FC744C2FCFE09239FCFE91A6C034CC1FA5240858BB0174736387BE896EDFC6606FA39ADA03E886E5F660F9BA3688C07ECEB02D0944910DEB1B5ED6C65699E8DF4C973F2E0131D28AC2B9DCA39D10A7DB6050FC4C2111C41EF1967382EEFAE507E88553E2DB6AB50358600AD0FE8A0A4B00C81117CEFA33F93AC918DB4F758BD8B59F05265CE533B9FC67316C739922DB96783745F531A663DF80C703F5CE7C34AD57165583E219693291058AFD0C1EBC180E89F7A47E5B15CE41E1A70D6D43D2F6B60DD7605EB50C7E3AFF67CA9BD348D9790291F5C4D30D0DA8DE07FE303C576A5B39A39E55C615F83348DACA47264CDF4136037569D2CF0484E52C461AC8D22E7F91250B9B306ACE71DED5637263955538D04AC316123807C9286ABBD14538223CF2A446ED8110615280F015EB0330C3E9AA77DD7C11938F434CE346943E06913AE4CE6CE112B4F6DD95124F4233BD27E897C05C441A6F36DB3B565212FC1A8E9771C968E826CC1B9E6AA4AF5F3ACCBF6518B38FF4026FD247158505CC109F60CC4D4DFEDB0E9B885309B5DB3F48CA00128EEB4CCBB8AFA45758CAE49122DC109DFB171F4A85D40460BCFCBA5A9487196420DC858EDA59E30C52F2883A5DA570099CF4C225DA6500D869AE955BE49FA22C62AE7C710974F1236F59AC43222114F9AD6E6E9945309FEC819D23E146D8F643C61BA50291C6701920DE883970502641CED2F342D13E059A5061F1DD117961AA5ADBB190AD4BD5781D2AF9992CF3A09E52FD2E867FB180665C0A059637328B9FE2F4560216034104E1BB00E5C82C46B274291C0EA50320214BC228398C27AD8F8C82D746083A04F934E4DC2C0B7070710803C1F9B9084CA91ACDF2DC0A34B53EF39143E88835A104487CEAF380A7C00DACE48A3728D2048438FD3EC255D68A566DA4180490A3CCD5788603CDD559606EC5EFB8861CC1CDC5BA49301BD5163498B37DA0CFD8A8E585380F7237A319AD7F1EA1C32BD49C561451A17EDFA47485BE0BE077725C9560A0C262A8B534A9716483123BA790CDD9094BEFCEAEB7C093E571198796C4A21517523B2D091E2FCF42AD241ACA64D980CA44FDA91098E0F688E3A081706D43D460CE9403236AED42BB55DF1D5672DE8871CCE42464920E98D316F7F4FDBF930A1F0D828127B1931965B499257A8E8533C6CA30CCF312EC468E0A70004A45B073A163A3B943159552D6DEC090C822BC8093A467C7831818D6FB5CACA20347AF117E79F555348EAA278F1493AD684C973AE1B5B1DD1BEB92A771890E43E078F08300BE9B3394B18B1CAA976A034830C43679C3D831C416DF4C3334A9EA6253630131451AC729609BB45AF9AD6FF27E570EA438E33787F29040AFD12A7B1C770FC39A9274B3605419B4A641FB61AD1442B223C8A7C58980BAF33864C87B1C41E25200D880B4D26CAB5BCB3B5460A6940A222986672CF947B473CAF496386F510EBC49532C8993F2856DF67FF8205E3C0F9104D997906D24CEC47FF9339760C4AD1191D192F145188E4683F8B41C7E7A43BB118B44384622F2281C6C0CF74B849A673357A768D524C0D5C57681230B8B681FEB2C027DCCDA83ED450E7B6726436BE85BB645B16FD8DE7D67FE20ECC380AC5459F878AA0E8D418527882EA23F6431941367CF8BA6F9E763CFFDD811BFC4F7C5D4FE2CC8F7E31A172B1503F0B1DFC4271CEB480983E6B1E42F36539D1E6AFCF646890AC4924063565EAA55ACFFD9ED231A68BC0CC1E198C05C4B3A98E8612DA8740E09F92D488EC9201D4EE6DB698437A8AD8D393645AC72B20270FCE1C139984E4D790387BC7AB8F8960ACD6A6A79D07102DEE1488124CB28B382AC997FCACE34785E95768BA9273D7B8F4A1BFD64B76049464656D7C3467CA9441F99AF5E8DAA0B0DD66F2C8EB2BE46FDA405EC84C9B013F7063C38920083B1B54A183A313B3DD1AFB62DA777F180EDED072209104C0238C12FCB0A0FCB45CC7179FCC7B9516FC787BD0A8B235BA225C7EB8DF92BD14D2E1880AFD08C68FA9E43462F2E8465E8299C25F0ED4C9457E0C42BEA4F13465A0922A8C3BF445CA8DEBC442F6FF8142AC2D2F192152F97B0E79C44A4A42B57C23152693A31EF631286FAA44E51729A28D63784CC425DD30B5FA97781D575FA125C16DB0CAAC298C6E9DC57F38DF5BE47C26102D326A64CAB4C0932F9B909A3C3EF473CBEA1FAEA6BF97DC7EC0F1AAB05F855E8DC4CADD0B9473416BA30D0D52CBA5D45778DEC65172CC0782FA328FE58007529EAA28AD270F69117C062CE48636DD7F8B56012E626033FC0928BD4E016E5905D22E34ED7B0FB5622B1B0889F1033F3939A18B15F79FFF981A8AC831AB36C70685A641F759B6663B1F1E7A25119B6BFA2696B5109D0F82E2C685F51148CF94D6C993BE07872BC40E0538C74F7C0DC9C32CF6F9D887DBFF48168DF7EEC618484894850734BE482D7AE8AC92E5989943489523E1AAF9A8055D1509CDB3409EC497A472E51DCC8417818768A8CB2C2AB08334FB2BD14A8AB091BA153AFE1EDD671C14ADC068A31980D1D66097C2AFF335C68097EAF985892CBB52B9CE86C9A09A0D839F2904BD9FECCB2C7AF44041634B014CE0013520E84E63EEDA9BACD8D562031B9696C285CB5E9B644263F1A0F5553B0BEBAF708577ED5ADCA02C235B1E1D1168249D14AB0C9744DEAF03A4E15880837C13BB9D5344EC101434835A21AB034529FC496A4838FCCDE9D48501DBD9A3BC1868B80207EDEE6B67A883324A243B9314480C1F5F9096A5B147B87C4672914C2FF585DE510A194F730B33308BDB063DCD924FD4207083FF23C19739332632F899E0818F68960712EC0B41DDD220706F9A16B0757E6B6C759BCF54A9F42A3C212AEB60FA3881E6D26CCD92912F2F877C5FACE9640A6EF1DF1BB453CA111965B75E479CEA035D963EC59062B871834F8448593AA5B0951BFC927B495CFA796F11079C0047F3DE6823DA6E2C01414E0B55C3E949734678E6116A91F0C9B181251D18B02F515D07AAF37709A6308AEC77829D0411020C3BC10278499E947F8EC8EEA659CF1A5618208B01C2DE8ACF88C6AE4F45669FF6A541CE73132D8F87DA60A4C99AC33189CB9532E77A0B0027D11F2C3D709F972FB82E552F1C70B1CDD683BE63746DBDE3E82E27A91940FA80528CFE358741896361D783D92B110936397085CE25198E4C0EDDAEF80DD80FBC2B4D45F77C763BEFADB2FDD37E6258C2ADDB563D716F8CAE3D7352C863AC96AF178642E3C0115FC515D8397212BC4ACA838A01ED3448AB7524A611937437A73863B8407DE0C925D291F227C3ECD98169FE7A7A00A89A8477B083E0BA548B5D81AF84EF7A0F58E571C305D26A0D1A9B175AA9A0BC00C6DEA795A42E3046BDF4B26C89B3BA4402E983B6FACE5B0067460EA8E12494EAE0A34C5642902695815AC8DA4A5DD7D4C023CE3F32231B6B743CA9DFFB34E5814B99350A5028C0E012754FFA7F8EC955201091C41268E88860A26075138CFB8398F540746ECB74FB8F45233A7BA9398B36B372C7B5E4C60D5006B21A0BEF8D443C66CE4398F31A2150FA53ACD8B91E2A5B1A71C3108B849F4EBA1B2018DCCB7A041CAD0492A5B2B7D31509C411FA6D424CC248B80412423EDB3BE697C016D42C2500CAC819A4003B2E588020EF0EF8E8F7B0A432060881C81055FA2F573F1DD0A3030327869F704FC1795C6B9B4F9038AAF1771A0F83962D6BF12340B8DB0E49B8086A6051BB1EE112C0534229043ABCA1262877BC858AD98936D71D1004EB193244201DB0D014947141D0C42A1696283B02E5D23722696B1D092220874543405356BAC809B34E50EF1614202F48A3F78A82D8A885792CAA4B77F9CF09BF3715D0A25C1C604CC5266BBB1405EFDBEB4F21D80E9F2716B652763A2E87E854E174BEBC2D52C610B8B707D8419E01211440B86A9F2625E6C0FEB16D2ECF45843867132BDA4C3433F8BD6269FAAEFD21E5B101472700FA6DBB5D28E9B0F7936BDD220C036F04159DD3888C4BC8F017FF020183B8DB45822F3303E3DE3188DC6351D6BAF425AD15D47CC3095ACC6B747015A821AAF5DD10407DEB3337CCB403C0E94133994E989F785A642CB90794E91B8F36BC520FD74BC727582649AA698BE7F640982F17FE1C64CF07E51D1E307B16C8765D9596DBEFE0A1E3EC39234BADFA6D58214A91FA01900DE41BA8E22BB49456E61700D0A38D97C4E7C4A23A574866D481A9C606FC83A2D117932B73B2B541A1527DB1DDCD52B6ABEB81A8BC52C4D9CAC3081804264CCF66F775E0258510DC4045CB802CC8A111FD18EBDC79F661B929E33E347AD48562FA5579BB35D694C759EE500645842718DC91A2B9FEB4D72F4624BDB4D5EB5E02529F3E03F51917503FE008B585D03DB4BC1BF29F6590DC37DA1F445A282E44A3C3836708E3014D5516852E1276A2815895639D31DC3F95C22969FCCD643182F83EA2607BDA84B2E84252B7004839C1C2B5AF1803319A2CF87458726E748AB78B35D12C15FBC0BC84ECF20EB85098508307210AF120B4E1B4ECA176FC605FC13FDD73486D00A9FC6996DCDE6139C10DDF4DC868E79215D588B35100D03044AF5838538B093A6E78B5070EFEA4038397708AEB21DE1B81872947196E24B9280B4387D1F03DE22E21309C58C3E108A4E5E4D408DE170494304325388721724E8C5251C233869F80F6E7A9692720DF0C3C5C8B8C21D5CD177E9F47F722D96819C98785B1CAFB87EA6B0269F6B3641209523E643CD045F31A980DD2323BADA84E14FE9289F48617B95D0ACBAE4C6083EC9F5C092013D32658DD482039ACE8CBE64557C9BC742D29E0531F6FAC091738772836DB264852FDF89788513F2F5D6378D5CFAA62BA68F7A119981BE1C014886C0644DD2F28E469E3395DCAE1D4563122A4D2B2B0ED14A35C66873970A1DEEEFECA97BE750C08C514D05520DD7C89F5C588068FBF21229A6F86ADBC0AC79272E102C4055EEF9590CA0FC907D44C2466F3E075DED383772A1E894C244E2AEAED44766B9C910EBB858B169C8C8B70621156D0EC12833566E0C8E7441FA68918D6C91A0471A0C8D6E99299DDC6CE636ED2A0698898AC65DE14C04D505EE658FCCB3AD4346B1CEEED208940EF0EE2F3A1719BD6F0C8DF1F91756C47FA5843CA3351DD12509670605CE2394EDC2A19071C89CE827991DDEC83631422487B3AFA34876F1C0424B34753CEC2E82B76D02CF73828014DA48885CD6098707728C75B1C3FE23EB47633CB724C098D937176C07FBAF6C4909945BDDD62D068D70D54B2DE5C2474923042C7B4C32C8FC63A2BA2D41453154"), Hex.decode("CA09DF7F89B9B339C8D506B4E0E73FF145F5F87FE26354532E7EED21C6FE3355A737BFA0264CF661B9CE14128695D598254BAF3EC5C44273B375B70FE7E6457358C2459C1C19D589DFCD9895498E28A94D7BCEB9EB4C1CD113012AA3719165B7CD0507DCEB55F284CE537E82F60C0F83834833D02B6D825DA2AF1BCC6007B13F4F3666F02248A83843DE6ABAC5CC4A68608C261AE7CF5D8809956C9EA249AB005D0571D7399F7E51E5C730A15AB556E87C08067EC122998E0B4EA0C7D51B681FC82A8640333401C37179007B3DF4648D221CF2601F0B4223619F7474682A2607AF01FC5E6D40BD78E10982EF070C16706093A2B408583277D42D76DCE0D2607695A48254E8533E48DDBEFA39AA25060FF3BDB9B234964DC82B662DEA346505375A42A1405A78F294D4402ECA92C725F243E2B9D0C2974C05D45BCA30B97072CED73B30837F13EC7FC0F80000D26DD73D5E90F707C60157A7CBEC0749DA50CA136D517D1445FCFE770711F172854881BA302EC27A960F2CAB2BDE5B0631D2CA040CCB2850E85A868E0217384A46F266141EB354413F08D1EECD054632846123B83C9C15A03D83D9446A6127273F943538D60B8D7E98C9A9703CA87605F3BAA03D8BE3049F05394059DE0141541F3F08C298D05B0C3030CC6984077D5CDF9AE9D42DB1FB342CBEBC411A53A51438984B3B4CE07B272FB6D2FF5680E0BB6325CB137A3F26A6C86E5715B3C3E41A84DE438A94754DB0A19A1D18CF587680FFA2C435454C148040DE321E13E31929B348810F95852E0B6855F8E31E227C71C1062C8C61EC404A1F4F2CF73EBF86E92050368794E2388F5C58D171251BE631CCE534FF0437675B630A2473AA239F1ECA4E641369E9C67382D41A5111BDE590202A2336CA8FDB8132767C0D59E3081586C665802899275448463FF284AC49205500ADE4E93F7040725399509BB692C8EA04A092311030594C51730517D3C96D79EF3014AC404595D70E764F83D5B871C8678C0819239D3D8D63B1E29515E4AC731CCD93421EE6FC3AE78F520F40DBEB6B74ABFBD4355923B9F66E2ECDC39832420D7C575B89C82F3679EED6460D6249AB4CE037E8C835F18406ACF8CAB6DA80333B1B8201E0AAD1B3C8DFD828D1CF50B60FA5672F7091ABA26A21996B27A0ADB819F1B03785C83D004F8E000D8FA81956A378DBBC03154F766D536B1EFE75BB1C3BE660209E5D1E4ED205DE0B856138B57451DFEB1592ABC9625D8352738D50A1D1BA0ECE4CB4854CC187C7F35467879294D66B95F022C1ACCE296CF76D780770EC9CEEC099111BEC60E6BCB031D45318156BD59AD2F05A0264282C167326E07ABBD40D924D8A3C314D586B5F4423C081EA3EB8F9D4F85240106C55074BF1B38D335FDAC2BBEDFC6F61F02DD6F5472DDAB4CB5F84C09E804C35E35AC9637428D7BBFC889D32E78E2E0174F792D66C2940FFF090108D26E2FAAE166A92538B761C1C8FBDF4882102C2F607ADF275C20943D16527BD748A83B04BB8FD5018C5C5DF0A985644CEEBE3C200741EE8A39BD6247C662D7C1A24B500F08BF11E8E460203BCA47406D48D82502A41DEF1DC7FC9295E193FAE94057244B0F786F7A24E454699432CFE2F3F7472C63FC21131C7B9F6DF8BCE2D930CE65FCA9014A732D7BDED658D1A6CC154D7D995A9B1CBCA84DF26A2B65B080E462D1799E85575413D61A38C260E25B69E9C3A039BEE3395FC1DAE10B2C158CDDF4319C347074D89B27848AA6B05A13ACD6C51187313FDA50882E6B83B30CFB2319B4F3B3F5AC3A95B0E8A5C9B85E60E79AB7483DAA8B4769C14B75E28923839BC9A50AC8B2D424624A9F3A1B531F0921330B7B9D97C839AD64B1D2F9DA93B3A8E1A2C9A72F0D647C8D2E5004164B18130C39F54678E73E22F716CFA467918E440A159A8514A40ED2F0DA6873B9952F5D25414D2B2F4C21FFF321EEC20AB81E24B106AC33C648E96AFF7F293B7A8D676E21CFFF481EEF83F61674398AA01669004B5F7F86E54A7AFA6301392BABACECB2C18E0D14039514F982FFA26E024B5927E6DDCCCED9FEDB07A3FABA8C6445D0D63099832B133089E79388D62EF391D6CC089A742662A5898D7314C901D71004ED6C6D85B4E4561AFB8AC3CA25B1179474CA69D0E7AD185D9F1A3D8D066F8399BECBA4D430906446C3622F920826437E642CEFD375783C7D5A2A31326C0634F2A88422C456065D8BB515D818FF1ECD30FFD6A377103E933C086BAA9A12C068302E281739709008E2CFE66186A0471501082D1417EED5D233301683D2939B3D4C8A92FD5C4C3B28182FED67CFDA6A0D61269E2E123457BF8E436F57224C7F8BF7B63718DAA975C0681DB31508AC84634FFD75E55ECF9EBF27A59BD3D06BB909077D16C1A8C82F6340301FBECA553183CD09D72C320B97F1EF43C96F7DCFE0076DDAFC532C6057EE06C16120AC0145CD02DFD64106AC7AFF4F555E0ECC0CB244A21919E8EC955C18D320BE0B336FCA69D3FCFEBE59CD11D23D048102CB13879DF6C1A325B97534C5C4720411D490458ED1C5C04342E25CA0C94C2ADD754F672F80FD2E3EE424F7891AB751F27259EA65889B92FFA7C04B24D4076166ABA495F969944E6C41A3815AFA860B1465BAAF4A0FB2E139D366980B47E9F72D723A00D4D26AF88248DA3494B939D70352131D3D994E2E988E25CFA3DA83A53CA9B4215CF894AE103770BD04A4C75CBB423829D82E959D29BF84E83C5280DA95E27B5EBB45767C5CBE425A6B431FBD9EE12D694AC45268E81C26716255162288A20622ECFAE30724329A136D714DEF2B8AF842831F3472BD071414EAF694A8524369E97FAE312ACA6498DF1834CE9D8F96D1265AA59EA68124C32F75CB8C1259DED4D7FD0F5212DA0B2828B74FFF17D4FE475D81A9BF87C5F539A934025C6E07D853C2DC58A4AF75461D94BB5C32FD4A98D37F1DC90418F3F1EA9220CF6807B505A503F628A8969751161254226A93F20E1D042748E873296C1492D1ED5FC9AB7A8EECAFF71F114A49C8C192971AAFDE226C93EA168065FB0F03703D3B24247DCC7293AD97C1710CCAEA9FBA6FAC896A8ED9449AA16A76FB53B20C0C80EBC53F109F6E37582ACB14C916068B288052CA8389F456401D84FB3117552969A693669526E62D48ADCF24B2BC60381BDC3B138B25E2832409800FF7AD3009DECA801F408C8B251EC39BB4DCE6179119563F6FB451E43F93A83DA917C81E5C77809243F212865AE369996D62660F3AB34BCEE7F6FD8D1A23B0A8318211D16F4AEBD258B70F3C7E2D8DC69F2B52CCA0B7EE70B10B6C2D910A62BDB02160582C0641043A84F9AE710DB30E718245111CE2DCB00B82B1DA1D29F5D059BCF062DBFCB5DA4674E14947E8138B127D2DD201C4859035E4E92FE7B7717E971E3801827B7436E7FBC790791A2010A8232BA0BF3129B9C54BE3DE5DE4DA1D4CF6347D8287671C65E91E5BD86C5E69AC636C25511F6226DB92A5B6E92272E3342D3B605E2BAEA289121B14B19A4DF74D4941B24DBA840330BFFEF87F906BEC30A48AE50C9721CABDD5F12ADAA1D33A0391D7FE225BD111FC4A85447248C6033D9B531CB387FA3B29C70A4314F0C88DFD8070529BA8A52033B4379ADA6E37263D6301CADD83A9900ED804A628D98772577DCD8D8BFCFA64814983F96A90F9536E68BC05869EF1A1F99FC90EAE48E55066AEEEF9CB156142007037BADEF631DF535340188F5F2E7A415EB79889E6283256F4223FCC58D484D75F987EE3BF546C6070053C66D779C0F210925E30A152E80B19ED8FBBFDDE55801CA44E435481E27C5E04F27C57DC147E026290510BC09331B0EDFFFDBCD2A66AD13898E223818F4806196DA24F9B91AFC4E9B571581E0002DD6BF91331F3A640952ECE5DD244FE1474838595D8308B22DB80D560F4E37D3954859C074456446851D91E9E99E53FE2C3D9D0BF95A36C882092C40060AD0884D17295F7D454397B515FEBAB538C3BDA2BC4C1F93A0CCAF2C77E400347A6A31A1DBCEB24F008318957CE9D399E4ADD2A5844D2FCCDEA92D5CD3789F624AB34F2A387D600BACD5443AA18DEBF5096228F6F249C6632676ABD554875E7C3E8DCCC89F00B16343E164BF643825FC40DCBFD909A188B93985951D3D281441202D3D75C27CBAB4D20A5CCA82403FD5A4AD92ECE876177CD2C7B140A479BD55E9066BE4BF1AC453AD389C3311DC40311C590241B6B612BCEDF7987B8CFD11D65D3F249C9D7C638445C6092243099681F502303AA7766C7D1314F575BDDB3F388AEBDE83A6C1514F4C881C3698AC89BDA978BB9B04637BE90F1867F7126CF5EB458F681016556BC551514BC8B90ECF78DCB2914BBC40A925D2401A07AA6D1AE6085D710106B6433A1CD1A34C4CB1A752CBA1536E5C30279E7775DCA27ABC86EF7A26067C801631AD6BFD286AECCFBAB22532F51EF33ACA53FF8F80AB55CE2C0502F798FE4E727BCCD8B99364DA5417E24836F97B98EF05878C9CAD1CCB42A1443023173FD11EA32C5570F031686AC51C0FB9259336892E863EFBD7AE5691C69046CA1A6B11D7D16D528A89864258131F85F0C0A9F51F07DC3A8FC3ADE3B817D2DB1769745E4E59FD5AA1DC7F1C6422C7A51C23846DD21429AC07DB6769923B4650F9DCD06D25DC524912DA42567BFCFB1A9A0EA98BA0526C6BE7FCBC86CED7CBCAC9AB6CFC261675187DE67B3950861F58E47E0742D8F5CF35CCEE41622D0584F89F0C829F8191A2D33D68A64F518E2F50D44BD616D721DEC74E6597AAB4002FC87DBD9679014F9A887715CB2515559FD80946B41A4D27490AB25560E4A1FADA6834CF2D543EB9DE5378D07842BB8450104D39342E21B522E3A0FAAFC9D0771AC27B1706AF93B13C8AEBCC8D46EF5392760967A3B31E4900D5A4CB080B793558A56C1F1C4CDC41FEB54E85FA8444C7DCD7C364D8411EA0ABBCAEC8FC06EA482B59987226B025B6B455C31A1FDA8F6BCC1F00E5D2E9B605B330EA0A407B58AC110DCF1E7476A9DF332752EC63D50DAC7B4380D1ED52F080B060F79F2F145D318E9A09BA567B9863C23D943D58B3EE7B2A07D80402D11F1FB0B4CFEA9170AB3430AF016E08DA6A1AE4DE84E0BEF97C43FA2FDAA6EF9336E8F7D18D7DD0B953D832BE2C4FC05498BD8EFF0BDA01B065A0D0CE54E6C580031A79F19C1536BB261E43028AD8A0A4D4AADA0D5E7C498960289F462672AE9AE4C2A11973D0DC5A66F628BCCBC580D0D507874D01A68BC2720F82847FAD98E5BC13444663B246F5C269146F64A0F4FD6FC1F4AB9105C19A92566F8F341410C7788164A97D8ABF531C2860DB9004950BE0A92EE7E5D7B88D20183479419B5B2520AEE1EDDC951A4E6D4290BA2387A003609E5C826C470EE476F9D0109826F16415B0B746D87D093A006022A6F38E4EFC21548DFE5030C7BB45248067F5F9904A8FB874725D5BB4137D2E427C170845CC2C8DB4F20FB0A6BBF368AA9C4F206FEC9A4A567E65060DC133DCEE08DFC67656EB917BBBF1CFDBD1F315D71A75E8754A4AA9AB6D35BC618CFFB2DF03E796CC00D687CA807BB974CB1B298F1D31ED2FFE0D273460BF10BC99FDFF602C619E6A42EC55817C0CE483598EBFD917DD06451E96466DFA089D67EE1157F2C9D7C409EE5B50C048DE8BD31F0F297774B226661645719A8B8045EB2912820780A49A7C5EC24CAB39A218FF6C74576C5810B1788417CA180552BDDD82F2ADC38CF91192E2F268EF78827DA8A5754A6AC6D2F860EAA20A863E54694DB6C27D2DB37CAB532319F64804A5CA5C311A26BE6699830AE8B4B2DD67980CE9B51D828F6B1887B81681014C9874C50E043F2E0A8D7D36B914A6EAC8E0DD581384CD66E87A43760C838896AF808C33122356AB7C0680249EAD3A291C90883EDD4BA914DEE43DF13E1A70844C08326882A818CA5BD068C58AC34BA919D25EDCE6211866772FCEC1B985D651BD472DDAE6B03A6A9E0BA00DDB3FA2D62B07B82E05A3A7A7933CF0FB8EC22399B3EC77849B8D53BD7781971352EC1359951E8D4FD06244BBC2C6EA645BC37C491DE1C2EFCB1A88D903960EFA4C461CA21B4059164012537260B060652BD9ACC36D0223D575866530A9FD7DE11DCF18FE44BB84C0C6205D77196F349DC914736AB83CB87506989F83A627F3DE150523C1BEEFD9528489017C023B6738516692CE73CB32E13AA3B902DD2D0A7908760D12D6B170E3D04048ADCD8B8DF55FD18082F911F87E93113E1A66611F176AA53DC6EA272D6B76115AA6E210B9F1C23EB8E06EE521A3806917D584ED58CAA992C340660725EABA1DEA69C5AB8F05395B7B0BA8F414BC63E6FD42AF6AAF2A5CBC0AB15D57E7211E02A8344056E53A665F20EB760237A5CFF3547F84F4098936C4C05BAAAA6B6D7D64F07F9A047CE77E5B2E6234ACD3279386C6FDD5233141F8A799D62DA14D03869C6DCEF12883DA4A846FA286C8D5B09522619FA037D88EC559101C42A3B4379142EA7520513A51ACC3EB818C00450CB7F485E4FF855A9224FA37A89177C09DE1246FE245C366F4A96513C2E8A1CD77C4DE2F6422FE7204C4E501EF7273A1192AD5B2E6D974C472562BE666BF1261CB15CE9F9E24709AEB55A96FD838FD041F1274554046222BAE29F29666D3FEB06145BD3481A1B82B65D3FEF880491F39C21EBB2C03C70648ABFA376749E9FB3BC3997CF4A7F94932F37D35BEE18597C85A223A45D1A3D3A426D0D7060CC412483495EC11A0535DF8D8A6B92DAE50FB18E37848364E6D97E2D4B7CC63BBF3CFA62AB2E32321016A48B8193E82A2D3984ED573CADFFB90CB8357D85F6220E99EB60063A84B3E3841A34FF102075F90672A3AB1055D016DB70557AD7FD0D02DAC7D6794625010E685FA19F2334AF6F660473D066E280359DD5D2AC4080CE28D228066BA663A8040FDF8E72AD16ACB7661C993813E5AA016131BFAAA80437E04167E6759F93C453D64A0EF4DDA10057FB60D522F059A994E679027037BEC7F60DB81281007CFA16176569A663413265B7C308E04192E9D87E48D8C15259BC288672969A94AA2954E2D210AAE043E02C030A11E96C9D0983B2ECF3BEDECE727F834615731C26D5F187AE0423F5B34408288876254129112778DC998B713490346C955AC0E0CC86D52423A8C552E815902E686E28FA466190B2FE042A23835A45B3045CF300AB66DF4A0615C93164EBA72FF460EBC6A728A7B304E6719C719FB18410D3DEDAA751C02FF06FE18E8C26485580ABE81784D3C73CE72F734ED688EDAE3A06D8529FCF7900C029FB0AE926A601FF3739FE6EC7C5891D32F91DBF47985004A766B3C93611DCCC47D3E6F435EE0D21BBC0281D4D273172B3952617E24AC292037D6047982A6BDD0BCED4653CF5E07F7662A250107AD9EDFF0396913048030F87ECAF23310B9A83E01A46EC9CDD028CAEBB3DA078553C3FB3C61F7D41ADB0AA0B890447A0C07BF9FEB04DBC5C7162A036007D5C8E3199B21AC6498DDCB5760292783B0C8FF3D88431ADF9ADB23209197B5A1460F7BE09826EF91D1B6A6F011BF52CAAEF9AD34488C0594A3A4EB34CF41527EF56DCA2EAB729518984A1E30FA5296759F08EC6DEBDBF5D1ADC02C6DAF13B2D69020ABE3419DFB38FA3A9A8F7782A30F980B09BB1242DF82413B2FFF6640126088E213C9F8C3C2A6EC4DB005907AB48D1DF60382C61A14683A5030D2F81A89CBA572EECCCF26976EF2D61BED698F127392E71C5CA93C0C61217E92ED22FB1870E425100E46EB34B06819DFA694AECBD922A0187853C8BF33BC07EC68CCE254D4F6B5918A0297F6DF27C62313B4C67878C91A0410AA1B6142C0BB263AF02FF80BF4154BF14CC29C5ADF9BEC2A205031148B634B8D65E688D3C4431529C03B91784C7EAD5ECF020842A47F327142AACBB901586BC571BA17F2BDEE218C53A9E58333033182A667273AEC10D1CF900858DCC504694459D0840528C2F52FF2D0C080DE481B0B169696E3B36866E50CDDEB398B63989382DC2734E032179F2084FEDDE0CDAF2837E8C11444C1470DF1E054CDA96DE7971AFFB6A1E8B34D84F4408BDC7E932F5A2C63214891E0C16CBF8C20C145D18371B1DC6A339FD19116EB884AEDA668D8EE2CB85F68CD0B9488E24C06C75F53A6D9BFDBC71C8BB17E1202EEB10B7D3AA7F9AAF31457DD4981426D21E91DD76CEB24EA982E68A12F77850297B0592C9287996834958C2560BAEA0F3BB8E76BBB1224FDED7AF1D4A6ED880BD95F128F32BD392B3FD343D58E8C5BCC9B1424BBDBEAE26A2120AD759136DA7F28381B9F84CC902C4BA639294255F6344483CE34B37FDEEC50544A1D26184E76D05A6B0FCE9606870FD32E0E2619C7D6E280DED92194A60D5E7CCD7487E0602BABB62FE3A4EF15846B7683E7F0D262AC233C735ED78DE58194D288435700A78661B753ED26054DF4FEEE0923EEE786E5F6FA1A6666697D33436A4E9A3054CC82ACF0BD2FCF903464A2389C87A67D669538696E658D1CE6DDCA9AEE1131AFCA2DB21376D43E382A4B9810C454E1B613ECB972B9BD60FF35AE698B653864DFBE219E9205FFABA6700B514F41936440D926B3D1DD2AD696E8E86107AF6663A43FB4F199E5F271ED3F6759C54FAF4843B9EA3F0814C7301C77995A43DE6793E15027DF52FD7EAF2AF3811667430E52451F56DDF85BF290F8811D586A3184836217DFFBD78CE485E72D209AE267BB4952DF8D301A55A6BB1368FC522A398D35B59FECCA5F89C0635D83E6730990983D47AC6AB7E7DA85F57599C3C69F85DFF280BCCB38C2F515AA60957ECBB2F2010958C234ABE4CC7D755A82B017BDC2BAC5FCAFA7C9D392CD32769641DBC5D8C8CC3E376C66991A0CCB4B440015B3084665163C4876F488224AB6E8E0B2C215C541084A4A15CD774FD71F110121570E8C05A06064F8FDD1442BC841A78D6FD42B3D398EF2470231BBC717619E01144E51952F8F1EC605DF00F6D98D5F18C1D26E0271BD9D51CB27C09F99CB749286A46DA3DA77F3645D181DD9E24D3DCD01FC0BE2347E588A4042A49526BF89ECDB3B6A1DB48760C03B6362F42852FD49AA903840F557EA0FF6920C678F1AD06BD5C8E7BBC1343673FBA164218E09720F453E54273DD42BE2B20DE1870C7BB6312F833F76F2C5F2250414A5F3554AD28548F29C4273AE67830B361ED8ACAD7A4E13C7C832DA0958A9178BAFB4A40017CEB4E9697F8B0C055904D1DAFB539D48DE75A3D2BDA6B7E00510968CD9C5F4B290E25C79E46BB9562C5999B4762B053660FCE627FC6E92CB6288C529A72938EF591413371E263D8D71949F64C3001BC323F8F03F2834E34FE4CDD96E61305ED478CF278D3598E07960B6B749C34C22F5875FC0F5BB93EBB3A157EE54200C2360F08A03196FEFCD8471360384F32314E2F90CBBF887BD63C444A097A04F9679E373E9A6A0FE0FC730E471483485891261A1579A54B76BC8165E243E4CB7377DF346237CB311D6E1758F4BFA3FE6A0FF05D3B82BA44BDCD5E8C9E418DF41F81DC989967D329C3D53454D6A4D58D41B8AFA036DE038ED2D8E9132E9357740B33B918C8CF243DB3460092FB6E5E264A1924AC4F249B9A774493C4C3D2AC7B672B1E998540A2609D4049D8F5F63CDB1ACA366B7278CF90579926B3C55230C64246A65FDCBDEE57C8BDB34E36508999A9856B1CF748DFC999827D58558B77B322E0091E1A630C1C486997FF7B56E9CAA0621E569D11E0C3325CE6076F1A30F812A0692BACB338BA1F55B82FF39D7498BEAABA06AFEEC76FEDD62F97BA9027666DE9F49FAB64B54107B51988801325D9B51119E4AC32EFFBE13D1FE28ABFABA759A04781FE98E6881F29C994AA1BC5E9D0DD9EFEB18484D717176903A74D3EE1B27D54CB0E33CCD93887828523E41D115F7B51E7E0D5D43DC484F1BAE8111100C3F30E72968DFF0462780AAE01168088FB3EFCC30F329667489018AB35A9691FB76A6AACE8B02B872437127962AE12BFD8C82DBEF2DD89EFBA3DB2B63C2801C0EE6BD331D21105C1431FB867FCDC51C02DB248861348C543012A8878A6056C8D047270461D51EA4D0A85FEDF1AAA416029B523FABD44E3E25D9F555A1DDBD2C030F3527F758A0EAC9F69428D3F74BE6D8427AF8B0C407E0E7818764AB42004829C8F102AC9822F7766AE94A40A8F8F74F0C0FC1D601702319530BA0AA86326A6C555845D1C85DC723A07FDFD4C6F85C2F5C4D912CDEA186D12EE418839CE1F9456A42C603605D42BDD9C41DC40DD0720BF99AA3FB0E2A807EA3A406894C81570A323DD8DC67F445A53FE0DCB0C0835293EDBD4F850116D2B3896D1ED631455D9C9C5255BFB20453A2DF76E9EE3460A09C24D08CAAC998A080677D755283BCF4E4EBED728A81A6713B1A988164586DA4A96E666F5ED8AB824D7931C4E5EC3B6AF1D623A3ADDA1EAB6E7ACE419CD63E81CD93E81EA4D2A64D25A59DA51999707157A512B4033F52C89ABA4DEAC79217F725F8D881E3ECA42FD0A7C08520E273C9E2EE15D3E704AE06312116D3668E85E41E94DAD2FB0F4A506FD40431251AB643E4A866B361CC42963DFA57E9249904EFCFB430F30346A02EC19997F96A3FE2AEB5574C9D065B68804109F32ED27CC6DDFA24D86583C58494960A78AA820D143542694708F53973150FFA3C3EB73B04592CBE8EC365EFF2EBB491298E16E11125D37B6072D67C21E87EBC8B410943AEB7D8E23C17E2C45C05F46AA6F852759A78B07CD5463CB30395A5B407765D9CD99B00D40176D050D0AB736D663BFDA7110520639D1536022A0F99C9A4995DE1D6AAFC7F8C33423ADE5376E95744DBC797742F7F24258FB3AC93249B5BB7112A23E2D1F8316803D2FA940C5B5D3D66D13819370DE2FDC4A90494EB5CCC69A1421D0DF68424A0CCB0E53A7BD18682556A540436A8B43B0213F27958CCB5D5A474CBA693567663521140F3A4BBF5848CB4D77932A1050299404ADFA629566CDB21F91358CD918AA65109C971335E041A0661BEB972AC835A451A66B6AF503148DB5587540D4137A770B16412C9709AA6500364A38A24CB9C826EA367A62D330403E90A0BE83BB4E3980487F0B67A046B2876032524B5F185A6E4A9410CA7D9231DB109AB0EE09B25024F570C2B57192AE98AB0466A20D634F266413FE8F3E702DA112B6DA139191CD5D398ED9D1445A83E237954E9921C55308DCB34EE24B7068B69DC4A7E096A18FD968C2C3E23FE75249341C79366F4806436EA5EA1E7CBAEE87EE61E50A08EA13666C241A2F35B04FA20EA1D52C809F0C30D9D80A8BE6903C93CC448608FA51ED25A02A9D3DF93024BF9D262EB032A16DAA0F16D60BBD333E7E211059947CA4B794D581C56B8DB4E46921D2928C6A9AB5F58BDD0C8D9660CB9304A5FA488F46B54D65161AB28B2354B341A694D0D0BE2C6847BD19A532D5E34129D917CC1534B1EF2A3B69317DA0A5740262DA7626252A11B4F49D6C95E215762B642384373C4931EB8B879EF1FF2355702DDB6A367C9D82DF33539F9C15B38C764A1AD42C627A691423702064EF10C105B54BC05EB2CEF02BBC15F05A6E0DD6208E61AAD7D95422BA752DF35B71EAF8CCF4710B7908C7BDD42E52DE294BA2844CD5F801242BA10BE8A9839C5F4E51F9994D0C147C392FFEED44D66FE8AA8E5DF1FFF1FD88D7A2ECD4780D6586B128F6406E5299C7B5C903654B0D098D6D0C605009FF29249D6FA05015A3D8FCA3476F09097832ABBF8C5709DC14F167F4B256DB7B29199F481060BBDD60C3BA82C1051A5D4D8B6D6C81CCF9149720FA74C54DD17C3729E63D1AF55CF4F29A854D1339746C20B6BFA5C9A6408DDEA5C76EF52051BB31B2EC2145C9CE79F7E8377BA78043CB3E2B64463950FE6CF5865844520276378A55C34D2E861072D6A405FB28AAB1C32E6702FC93A3AB9A45FB51A0287E5286B94525DA50F0E95CDE3D82F6D8B65B13ABDF66B018D760F7C51C78EC19EF0BE026D237170AE0FB000EDC54790357C4015DC70BF1478627A3D021483D6ED3907FEC1094F10E03E30C3EC0A1AFF76120EE48D042E12BC6F27BDB7910CAD39D562B74B056E6E87132B46105AC0739CF50176FC6232AE0E673AF496C6201C95CC46254164498735CC12198C50C925E9259F041445ED012D31E10631782C8D69143A0FA5B0DFF7324D33D0C419FAD821F41392823D7E00BC923554002D0F88179BEE302EBFF417120DA81CA9797D29A92AD4DA741B0E12E81E09CC209C90095BC99EB7C172E1221A208E771B293CFD706660260635DA6AAFAFCEAF97CD119D6279C0EDB5841E7C9135C563D9A6152D6E548A408BC8F82AC2D9F1827653864872440C86B35DD2F3621F23E59D5B005641735AEB8F51296D5D5083DDD16846AF1F871752A3CD23B8F132BC97769B7684AB075F4E2F216249F68B0C9961A63A836684A439AC01EF6A93D49B09184EB0695D38908F25A734C782982803EB09042B15BC7E7CE2FB717A10771C76207E066B945A03A97A9857C44F1312C5C6BB57C8BE69609B1EA9C241F4A2E6063A92746B5E6FAC9AEA6941E78468A9D464473206CAEECAE33BFCB807CC8C548CD557AEE0E63CBF87971005E435A0E0EF7CB7ED136E8850DFDE05C5A1E5909EBE4DBA52E38038785458FB6E2E6582988D56EF366FA168586F2C3A24B4EE89631D7EF231A46CB78F50FBA33F05AE10F484CBA51DACF02FDA944191C074097A527249D485498B3356CFA2436ACAA4E0E31DEFDA70E2A4936040BFA3443A8A09771DE9180AC6AA017E952B8D2D0023C3AA2C70C89C78B7691C36853013FF77155D6427BFBB4FDF338B4F245607B5B2A1D0A6A1E1774C640D760948DE243AE11CFD829BDA12D117898686162EBAD1B41D6E7B2743FD6D3134313445E409B4732C1FD7FF5E03E797E7C758ED22A1A660A56BB8C53D11FB1F47944C281BA6805642E1FD4D46057C1A86E4D300F64FE88FF0939F154DAD8F31224A790F72A83C83E2F23FC93D3855C24A3027C531DC4C92797A33554468CAE2B88073ACE64A8B506260606540F5024BFE03627AF72FBA4ABF713CC7DD6F90FDAB5490544F936BF2F44E1D501DD010415783C04E735A620FF4195B5D911CCB470161E2B88D42A3D84392A814C668FE08754A97009366DCA99038B81E30E5FC53F4A09F2A10E4B8C40E687687FD93B931C2329EB26742EC6907ABA5600C9415D7B9341896DF4508B9C6FAC0D41E92B72604B0307AFA7EB9BB7B32DED98C62713971BAE10BD258B435AA24CFD91956BC7F96128981EDB49ED70E6A20FD233282C23DBD99AB4787E12FAC6EB42A289A5DF4737A9DAC91079D85F4E14F28387C7C2D0237625E5AE3642A8071AA15740A2B11E49C152687A4E346B243529DE6EB9C9780E9DA5093CEC7A0D74BF5581C1B934827023AC4A618BCFF934B65CEFF21DFAEB2151C7E0C4D64F91AC082801078E97BF131838A3D585B661E691F31AE0B7AB306C91AA6269DA4940352BD7E70CB55AE2483B37FFA8D4F6282935834BD2A171D798A924A78424E56F9881F0C98C2D154B32412B0927A00DEC8F42FC3AB694D6B3503EBD5908385BFF6AAF8FB92DC01D9C67A204A4403F89255A9B06AEA4F8F781383DF3E6BA5ABA36DB31DFAC3F8AAD0F1089DBC8148BB1886D27F4AD398A8C3C4D3BB6077C63ECEC218AA3F8D9CD6E0264B6465BF67869A9CC723500EB937028FC93EE67071DCD10FD50AC8F8D706239BAB3987499A2F0AA916C5C98DF02EF68149F28F2C01111A0AF50996D4026AE1A93CE35C32B23FADBF9010609261BD25C8661BBE64F1CB2F1926027E80F4A3466F04F94B34CB6C3E08771210E306CA8090A32B9861B4B4BB9859548C0A9C3D3D39C4BCB5E55854006037C026904829F30752EC29644F089A0CBEAC2A2E8873A081EA9E5B00FD97E77AF722A15809918033B48080F2C8B9FEC4EDE29C636E013FB4B17738CECAD690E2E8160FE8B299E912CA5E109FB53BD663CED0406D28F1D39AD70201906FA36DB09CD5EA20A9D6411811B169A0C81FDE92EA8F436507DEC21086320CF297070932DBE117427FE13BB4BECC713310609CF0D0077743D618AD60761580D40E8169698DE22934613B13CF86243589709AE6D717F78197AD045EEA1978AA11B0DDE84D347670E4F8CEBD5CF44719D1C2E7D2271446852DEBD3BC14B96F9C82F81B1D460C2637C9D435A544C556785A000A00F8A7033174746581AA4925C923BCE4C0CED41402AA1D107A5D7AAA667B19582DDD31864146D75DD3844042C1E994D6A2E2690A53DA29659B09854674863837B013803961074A6CEABBE1A4954B606FFE63C10F5B716409B876B8F4525A338802B34CA2668FDF2E978EBF82984205E2019BBFD865249A560817DB872B03D000174B7EE0452BA00E20840A1338DAF31679233BFED0C4CC538462062079BC8005DE87199B0DD680E9ECC5037287EB18C08BF1691987637AF6D08736D6E0D8905E2E1ED8CED21CC15FF3F61465CE2C808BB7DAF1F21B08C614762E4D3F42191767D41CB62E32F049DDC6D2FC51F680E4D89CDD6C48A9D2492D1696A05C1470EB680C8F90884B604E25C169F53C8A39FBC6D5BA02C5A474712BA56741236BADC59497F3A7A251CC52A82AFCCBE8B5E729115AF56324EC1F12A59F143ED014BA5F252E2A8CE75B449462002A49977F7C888FD4291E24EA1D0ABDFD8BE24494045EDF43264DADBDE2310A51923CF474C1FD9AF84E877F7C745A2887501EC70C394490ADF817B9134F84DF5B1C0FA17942E374D854B73841E464C2AB9F258252EDA66921804375862E6578EAAEB419417BA21488397E9BB68C99F4127491F5F894089F16A4303D3BB862C17BF225DEBB6258810B317632DEB21F9A9ECB11C5FBEA95AAEAB286377E5B12A71C11CC44B2D656873E6903C729402D2912F37387028655C975D7139248E06726DD12667C8074391789B11E0C68EC2011A7BBAB648FB754C20CA7F3C13D710C4611587D9A1B9D404802F8186963400D6A163D306697C072E638AF78B0E852E917170869E30C81F09C5DBB216367C009F6824D596AEA12F54F1074128ABC68E2F02A5ADBA25377BF1F2D3363619D55999C6C00DC8EC2A3053E28E3FA31BD2C9FD52E5A8A34BEE7F6BFB3A6AADECCE36DA5B77B77D7F5B12449CFB45C3971ED679ACD1427C5BFACAE6A03C3C8EB83CB6A73BB6DE3C5028110EEB4754CCEF4644C1E43809F22EA8EA5B2FD49E3783762494FA7D6FF65496115B993581A0283E686E66A5EC6F6B30CE8CC4258CE23CDA81B19839A5DD7A957515960F2875802388F58B7E5439CD06E56445A708E4F31899DA1DDA68FF0EE90100C9516364A1CE8045D7862B094BA4859DE7378B03A30495405BA7D2316EBCDB5C5292AFECA096A273EE3BE5EDAC093B3675E6AB19EC3C0BC7B1D88DE28CEE9377F9AAAF31769AD4432131A73218B3A11FCE061C9F297581A84E1B277A9FC4EC25D9627574F749D3F843ED73A46C8F0390F6599D335B3A7F591E0F9AC9DAAFBD43E9D056E568C3A2DD3C169052A33D94692CA33E784219C7240A537559AF9FBCC0089453129069F62F27D1F70CB3EB0BE9C555731C47EE166EF9500891513BE587683DA88A9AE9C34C1DF208417625B792997E1AED962BD2719541378C78205DE1F0B38813D2208121F46D36C000047E35098410132DCD171FD2168ADA258EA16641272A19A044D9142C7A861161818F8AC23CD3B07DBFA21AF9663C465340272A7E6932F1EF702DED1ADA76E01BC8054A906B8A11E7128950C05E777773E172831B4143B1C55D34679A6F2167DB63012B480E94956E46BFA5A664AD836ADEDEA8E02FCC1D01129854B3107025726862511339BF37D8BFA97D014B43A5F5AE93621CC7E21B362478725C092A534320B4A0C7902F686578CFAC97845964728AAE31EFD4875B2E0EE4738950693A4221AB31FCFFDCDB6EBE4EE727EF0D60E968DA6CB8B503E7CC293D59FA38170329B67F3D4C059BD0C09321F40719DFC839C00584E86C3B7C52FC88332B3AAE13132A6556566F56FFA0CF65F4311B98A29114A89EE48166DA8A7DEA2AAB7586A0338B3E5ECAE3F8A284B4E1F5B4F13BA7B1C5043FB4AA22F226F3242C7AF2AEF552885081FFE62278268C1FF5A3F24A1BE8F5863A867F136F2646FFB231A8C0CC65CBBA7FD0437BA1A80BD29A1FF18F08FC74BA1875BABE3361BAE394AE78851E4161CC354D16579C1F3DA19B5E8C4DBFBC6F625D75527A595969CE1F59764080B0D7882C99884F6F3A8BCB3AB63616804CB6F7F728D0110D827D8995DDF29731D4AC6F2E91BBE034A85F6434E4A6E93AA30FFC349C3ED2F7021A4421842348C90D606096D10E4392F8210BD5A78EC80C9CAC88005F381152322B40F3031AD300A1F7B0A118F83BF17F05E568F468FE0CE9ABDA646125CA920A10FF9020B384A2CF8767601C2A6CEC71553CA54ADA7954784D74B43E6237C8A3BE4CDAD7342F6603E159F4882F13261D43D41F8ED6B392603FEF00498ACAD5DEC2DA528D6460D2281628F8A76946895A18D318184A40A81CD50A90060DA062C8BBF15E4907821E986191DDB63AAC26E8CCD870C0CF1B7BE5C33ABAE6BAEF55A9FD89E59E3417DA25020A08AF5604179A2232F45A712691C3740F2817A71C5B69E3642BF57E35CDBA612BA5B5A0BF05F2D7C65F51785F90ED2C17898D4D2F62E76999C653768A03763E6D85C643FBACB833DBB1716C9F9E9E86E7A9986B375A2D40727146627A3B5B93CDA240E592942556A42834F76388485C1ED23B0752ED21836EEB731909783A19AE2CB4E487A157CA2C1AF6ED99B75885065FE273005435E85EC66962922C4C8C246160A6AE31CE13D04E48A27DA835948B3288E762C687FE16B160F27C54E1DDAF2E2901E28C1690A90118B7A04B4FA87ECBA45494B3E77E183646F8087F3821266E66127C5A0729BCA1D874C8521526966F3CE1094437287A88234D956B85000C54F654756304C23C4E1E979F985E134C4E4057D89710D3CA2DBE0CCC8B96DD989B0B5DE5ED2E85D9BD9AC48CA0826D1B00024C4D788361DB80F995DDBC23DDF0350F04A67F35AD819397B01210C6AB63D98AC308CF8EF0790E5DEE9883D11D9E0AB8C097ADFA2B2ED761C52B86FBE81DCC1C89A73B76D98E3C694099540C2A2941AD89B713F5EF4CCA5477ACBB646F8AB74B2384EA7DCD7A5D20D5B29DBC49B2646732AE6EF051C879C8AB11E16EF80E2241E7852DA941B8042D08EEE22DF4ABB708B2DEEECE28A9AEA56BB7A1654DE8A77D2AE487099EDE575A5316558E3D099A0E6649D3BF37DB4077D807E7D1C82D9D3BBDF162CD486EFCEB1975696B9B21FDA1A60FFF76304A07841C05ECBADDFFA6443902AD94163464E51DC489A1295FA0F29E5323C6CDC7F85930EA3B12B89CA5A808150430B1E6933975FF37993E65658B212167C8F0A359A33470986C8985B82F15FA9E0839837146605D392FD8ADCBEA9BBB8500B792BDC5B0633E98DDCB5A7B50C798B09C2EA5045694E6E1A1ECE77681C278C68A014EE030CDA031377D2F7EEE3B4558151A03CF2C9AFF390589F0CB3F772454395F63E1FC6B151BB3AE6218FB7F3B6A5AAED22A0944CD916023EAC65FB7A47C919B53AFCC0D1EA295B09777A4191D647B95153E70596D8D3671EEAF863FC6A0D956D0EB38DC91A72C6F68960731A17BC99EA47FA484D041A2AD6A861E0CD9C0EE4CF618989A3B146158088907584F0C2B1350E9163465CA8168B45E5288E8FEFCAD919D1CC54AEF5C82973A7EC74C23E3A64D0D2C94D845C360E43A9C38D8E26BCC3BE901DC89B98CA50C71453110E0D587D1BFF8B72D3066C8079C08FC8C179E09CB9F02FC3677A07689F2212B0793FB9303F9414152E80C24EFF0C5D7AEC991BC42BA622D309D2EA4716E31A50739DCC97A6269D3E66B7D3959AB40B8ED047B4FB20D58C7E067D28520BB2F2DA582D9EEAB21BBC66B6B3BBB6EA1F6C5BF1E4B3707C3D00A53F636A40AE882F101916397A32B8502DF50494A304688A189A4BE736F56227A73E4A5BCC68FBD548CCB46EF5E52C65CC5B3CC52295C77777B323BE13C5F0FF5B9EB1DDEA64B4A5DD7E84BB1870AB5DB087056AA2C8570BD444656545C4E41BE2D0AD22D1658372AC4E100524392CABBB49305B21FC643C1090A065224A74118C9D2F90E8CA3B40A21E631FBDC87B8C0A585DCB7D841F4996B15146C709C728BA7682E1CCE7F6D29E387DC918F51E3DC2FFD19186538B7D7D14F5BB021322A88B9BD145C2152424076C513561C1B3EAD8CE7BFD850D1957C5A2546542F332E320A525BED6BC94DC6FAC1511B3810200DCDAD2A22800819350E93FE7A967E0DE29BDFBDFF40E851774B73D93B0F62D07FFA18827E0565A043EA9CA41EF5C5D8578303AC0F3EF83A19F592A216F1E8ECDE9B8E2FD466DE77A1D2951B4FEB21C121EB8F032A2196383499DA9838C802322B72D8D64A837B831FFA32305CECDE8860BEE3AB03EE2159C2D8C083A889D7670E14643FC9620101281382359546F190E0EE29D546D546A0B45F42E4590265AAE23B9A877AC0A38321AE6FC787BC7868804E431D4290805475699860B827981F75386E7CA6A90A1A18C6D9533A72320649368E6577B1D9BAD80DA0F673E0669A4D3545AFB7F0810A03B218BB02F6E69B63DE570FE001F3FEF952FBBF30F85A0F0A72479ADB8BD4ED5D840335DA8D8656D1D39CA0C216DDBD0D276BA8D80DE10975C9EF520E8E1BF01796111FCDC33533AE0A338CAEAC146E218AE2B49F9CB021BFCA75B619D74A5BBAF305C213F4D7D2306B24D00E18A57BF95C8079AF0C31A6B979AEE3690E43CA70AB4E8798020FE173A49E3C855FBA4048E860E6647F5B9F10A05457459B4C07B58817E6C2CF4A230564F2020CF6D2B0DBAED99805E5BFEA9434DD7B45C892472D12E2E43D6BD13DD3A81C045BD6D8927295CD5D32F06180ECB43CC76CA0A8CEB5B0296B5E80E35FCFA4599B2DA64A3A2DD63ED64F680076111908444B94E124457654C1EA646638B8018344B4B82D1A6F59022C0E8817FF891195663F8A2AD043F6F59199CB17C5CAA9EBCA040BE65E617B7FD40BD0E97B0B66CA53E8F7D4943822313623F3748F61D4EC04396B9C01D2033CB097FFA4C076D81E82264336B1AA73F55433114D52B534A11203F97CAA7028383EA61807B4E88F85B491562423094C517044786A09EA4B808CF67748E34A13BDCF805BCB3A2A0F4326A8ED902ACA98A3456B3CEAC037DB88A0488E9973016B28060CE70378A86C51523071E3F4B91B08E8D97C0C9DCCAF6D3A143ADC3220DFD5C75301032D9A10D01E4A2AAF88E8D9B39ED25A5B2E9E336271E7C3949DA8F7D70C7501ED7DE7A400C2902D242BE5A78DE6140D7B4D1B625462D5254E9D83130CB7B5CEE943926B3F33B84F0FBD65A8D03C309B4F6F136DE8DB9E6653909EA5D65D6A5065514AD5B2F84509D456925B2C9F938D9D217F2962855D09AE1C836E54AA3C125FDFA020CA7DCD50CE2BD712EAD879A24533F8AFBB1E0AF0C54D60935E7F87BD9DD2CA3F49554CED5BE81897AA398301F7C0FF2894680A0042B52C88D8324E4DE5816C81407920E2A2E70196C0C00028C02B4315C00FD38BDAE9A72852923A77BC03FE28C07CA3CCF8087A22924B0FC18C9BBF774F55B8A5E30FF5478DAC9B28D390C7F82EB327F8EAFEF4AC0E9E25C9316F72E0D2D985C84381F3EAA924500A86CA4995E68A361A2D7CCE7DD05891007FD44A9E43776963DE127679D07C1E6D3BA9D4F2AD943244C18B4E869D273240366958A6E588A6CBA3E6F8D4F8E1C021D0BDAAE3B40E92A7B63AC343094957F2F4517AAAC843EA56159AB85948FA98DCD6BE81664C2DD2C882DBB91C9BCD29C1157C2C47883197D64179F12E3CB4BD0B778EC63DE092DA4FEC408045780D7F15C2712ACE9701802D3B50449550915701FF00F32CEA32565299F5137E6BFFDCF2B1540467712CDAA4C87CEBB42D7088AF4EA726B583449223E01BB125AB9C821B4F824F24791BBD01BF252BBCEC50060A69EE1F977BA62CCE1BF92C2181963DA86F7790A34C367A293F459C2EC4D488C9E574D1704D8FB112196F160C046E4C4AC0F6EF271AA947D88F7DC0EC7D7819780F3243A74BFAA6B66C2A9322D959219F465D8294EAC9A12285B4E2896A87F2E0BC51295C553E323F6D4E133FEA0E5E545FFDB971D1FF36CA1B45B6E44E1213DE0461C5CB01272039605361F620D431CEB205AA6A1F07F9FF9A4B2F0963522B476600A619C4F40319CEE9DEEF8E6635BF4F84056E97102329ECC6DFB80DA921D3B57122B8E5D9CA835BF4CE7431DD5F659AE22D3130F1C6290AEBE862EA4AB896C5BCA7935345D605A12E9EB45C21CEC26C2BBFA5E961F6CA943724F384319D252DBC66EB9210E8CA0032F5A54EAAF856AB7FA10F417310D09EFE3B44D9E55918141388427E5B4883B1F06035EE69E2A04D48D258C730FF178CC73B40415C9324723B59DBF07FE376A1255405CACD341EE9754024403E9215A73C33D9199DC35D3F9788C40E8CB6443F2040D216A522C1EE1612127D04454154255B501FCE244C5FFCD92FC7FF846E34CEDA2BC1F4A2132158C06A0999DB4B97A8E7A91751B750391F5AE003859A13AEA355CED13C8DA4E7AE3755AE942DB818F8AA1FD0B485131A53E823B81C316FD0D1185A452EE57FA09514B6464E64BCB92642F0FA43B71FA30C6918111053F957A91B41A478C7663D7A389D7E206843A83CE3E05218564ACA2BB6E1A283F3CE0533483A4D14AC54740528394F6158B12B0EE1D28CB26AE56231BA4EF9F3890AC41CE4D86792660E67AF491B46A6324954149AF79E12E452F5353F75E0A8DADF3C0779C3E63435E1438C320986236626000CCFC182896DC07CB36478B2A8453536277EEABA63E2E0515816D03C6DB95A05A32B984D50B0633535B2BD64AEF002B7F60C9370F844074715FBA08D34FD800F570F80FD269895ECF007BC37988AF09D14DF303C367160B6D09AC1E5640FBD1990272D363BD8EAAC07C03AEC98C49A80697B2D09338692734DE4B928107545AFC9CB62E081EF19ACD2688D6F29A3A8E6179C835A5118E129604BF94A75D08F96EF9591FF82DB016F1B8562F4DF888B170D175E50683AA19F4E94D8B730EBC75F50F3345DE17F98F73D17CED558BDEA0C4C689C3B4E3A46F3001A28E62B2CF337B5C28332EA5C046213643EE8F45D416447E84CE62AE4F6F853F068FBC70B821578B8BA41C3C5E0BD6B110A3B6CB0EA698D0010A45B8A7594F8077BE609138EDA8903AB3E7BD5AD6DE2D237AC92C7300076C3180A89BF8526EB6047B91114456FC813C20169E4E1BDEEB08A3FD15C51FD010890EA56856C42494C6F725031E0189F06ED80967707C22C9762C98A43BC07BA4CD13F911D6F342D3D663D5F60F9FAE435942E0DD7B64D197A082F080500291D79EF923A9CFACDDE43F059312A0DE76E7978ED69C70B4962ED8555DDC11452D33B163A508DC1DFC7940BCE7974B549A906F8B6AAF455131200E29EDC113CEA11D9F82CE643DD4511BCA5FA39DEE315E483601CDEBFC9196D92208FBAB0155FCD2A09C903F0018AA9B3913E6CFDCC307DC2B6A25FC7F21154821BADFD3A0252ADA968824AE2B88498A0948AE26D421AA6347C28901B5A437C1988FD8F6558A2A2176DCC41F6D42C2BCDA8374A0F3428B4E2B04E630E2E53E791028479C1132C37AA04E35A83F74C0BE0B71DC67B7E846E4B654972863C9D011737670C54A94E6B87E0196961B831D8BC89BE14CED0D69172CD5897AB87B2C1443B8FC46A7D8D91686BBBB1C1768B4D2439E9455271A4205C6F5EE26C45C627CD835B4CE0ADA396DA301641C7880E28A3145C841939B59B08F02B8C22C9D8EB02F4AED5E1A575DAADC17040B93B9069C10E985AC22DDF080A44458904D87A1AA106DE4B93F1648D36ABC89C80353C5C261A96C976AB63607FA22095C088C62C46550D7D15571076BB1F55A45D70D55A146EC430A31763255D290A0A5E8E7B5E366FBC616D528D022A39F6611723D43AC3E212B880F970E2196E692F8DDC9A09C122C5A57E6ED8A5EF4FB1F3ABE1FEE93D8FFF5140E0E096F38F3B94A53ED8071F544C3EE5B91CBB4EE9DBE7757C6736D83B6857D8ED8FC4220912E0495384C99542FB2D4A397EEAAE1D7161DEFFB35ACA0FA6FACFBC3F0A49018AE3A0A3D2907783D3186F0FF415E853E6C2887E01B033183210B8B0D910069CDA654AA6473F83C8CB217C6858369F73FAF6FBAC0052F5905839EAB7F55A9AF05E4CFD311DD2A212AC971791E6F89E621CF9FB193341207A20901597CD39EF0EE43D182B9AA11BFD18FA894D08522C038762027C49F37930A6D4B442D8450101A265FDDDAFA9138352E15C376068270769413110DE83A559EA8FCD0749B760818174207E713A80F54860CC4248A33721F57E531B579829D97408EB3666E47BC3407608EB076586801C686576440DF0FD0814B1704FAED76F01E8A3DA8664A1B3B070A3BB214C006AD0ED54B7C1724B28CA86008D961A094037EEEC0CF3330995AFF8FD9E3CACD820256F0D5E21B788ABCAA5282D74B3442581D18F4FB843F238AAD72B25A5E64376C2394ACE2308710B1799B0586040A135F5248DC0C9F0A6914C51C9FE1C9A4AC6C4C4D2A71E7535BB9643D87B5184B2774E1224269CDB787C403A9CB9C71B764965AD754D58601F29E1D403181EDC29A57F172EAD40723DF6DBEE0975337A0ED3CA20740359A892758062E97AAC98A6B9422BE031F119D910083FE7D780F50D55DE53B502C7BB623A8EDAD819AFA8FE82BFFA63289697795479C88396AC59157D6A5604350ADAF6975C45BB564486C46EA20E61F94CF3E0168D3CBCF3588B406AA1AADE22CF3129E91C998E62EAD3211A851ACCD13FD8232AD344C4147CDD1C338308130ECFEFDA8746ED0CD790596F142887F3A1B4F09C34B4F0327DCE6E46BEE1265D6C749622A1A0619D363FEF1390B5BADEC4D204B278820386BC20F8459730512D658EB11F150C58F2E01F21F262E3609577C80C580D0A896F309DB48EB998EA9CDD84535483DE96A46CA9738D91E00899436C24A32B6373616530EC33BDC39404ECA1682DE771BD6CAEB399CA3AB0851C4A62E6325DF72AC6EF548FA6E30584F52FA82123A72558C0E2FC632934924421E808FC306556BAF84E1B0218620FA3CAC343982615A5CB180B61D659EF1D26F6DE302EB71A3B4F562C22024018F2BEBA680C07957FDEF2EA4CBD813D786D1665A41F4723D2BAD5220178355361F0C2459390F2A8DF121AEAB228FEACE5702BE8A24A2824F5F710DD6E5E52301B152EA673778F0BE3EFA55314F43C577002ACF31E0FA904EA130712268270D867EC9A40E5671510FF23D0F81F70FED27B8EFFE44EFCCAC0B37BE7BDC146FD4A46D8B6F50ACF08CC21FBF17C44FBC0E2382D3551FB7B91105315BFC032004F968F31400B7D418778F52903149E143A0452DD731614DBBA337444417357DB8E6372BB5447715841952D7F72BE2E8C7FF56B5B1C017A4E83084519676B1F8345670B5E7773CDF61905CF1173CE0DC3703045214E6BBC32FB7397C6E0C6669001ADDAC54B7E29D06486FBB650F06ECA51385BFF5EA4CF84E3CA90D1F2646182F6977A93D4BB41BDCB4AAC7EAEB82EB80343910EBAD848C6DFBB70CB021296F47EA773F31C03ECB6920DF8C904D00640F8AF6A20E3194D5F42CAD2EB5DA0436478F09398FEB609F07C930CB756005A30EBBE192025614C409D84CBEC1821D7477814C687F4A8A7670C54161A222EFB9C09385720AD26F23EA7A1BE11842AD6CB7AB0C931475AE33618CB7F695AAF3E9DBF5C0689D13BF78DC4F7D0DD50AF00BB2328A160B26C5C8171C9AE61271321A6A54A5A4AC45A9682D4E699E9876BF7CF9A289EA0F6CE572FB2DF712C54C78735DAEE5AA413F808B933E82240B2BD937298A6196B88A70EE8CF4FD8C5710F898F61C186476D4BB77457FA71FC3278D7CC93100E124F597322570192D14EE1FCB65B56879A2CB8F7BF784AE8D1A66330BD9257443BED893F38044024A4D264251FB9214DE3B4378D4EC413644D751E1C96B3202DC79643164DF41E2591110F85C1F825E47185F43919F3391730E120187E4AE521CC75320970CB99CDC60E0C6FD9B04D33978683AAD36ED35B8873420D2C0297F91C4174F0D6B448EFF31286FB6ACD30E71C6B40C33084B5B9BC1EDFA241294E7841A7C03116922A2DC332D41284C0A0C2D85D89358061E560D4F634B0A9145358BBC9059D1B51E91F959E25815AB851F676A2C868D8E1A4C52CB6250348965DCE3DD13ECA9BCE89ACFC748559879AD070ABE3489024FA8EC9009232C7C858A22D559FA421F19FBDED910DCB6209E45062D1454B51DDBFF1F078A4532539C43019C7866ABBD5DFBBFF8DE61140F9E59A46ED3B91F83E1F2A20AFEF525E9BBA573A2D8B8944E9F350635232426A902329F805E590A49A44B011FBD34364378A123D086989F69639E77B968EFCADEBAAA00E59790681F624F8E32D7D31070430C5B0775BD9CC1D2CD4C0FEB8961B0D3E6465F3AF9EC89802B56C748BD4971CAC0AB14889B952AB25047215AC93DDABAE2DDA4276CC9EC74F732381608A302CD1AD95BC47384DFC13592DD5795544B8FA092A176C70D1148F176C8B1780159D4B1E2F9B264731C74BE745B3499DFB3D8980588E66C548136513CDDC14731FF59256DCFB696772A1480063BFB31B158B17862D0C913F0949C0848A84AAD08E456C71B4A9912242991168BEFC1B788E1CFAC0D29402750CE40895B536ACE81BA85AE7490FE43D2EDBD1D0F3261463612096992D5D8304F5F50BACB94447CDB617E62588916365C1123323F52C53D9DB7A8A1DA4A21F90A9BA345838285A43BBD1AB43472DF326437B8F619CAA6CAA6698FA223B1777F64FAC391FA387B4807A23AF218309F952E93C6F60108781003EEBA89F522FE0ADB82C1128EC57DA4E652A462FA7745A483A3195B8EEF2ACDB16B123418FEB3587490104861F0AF6E1C8A66A9FE3FB002EA26C3BF4D4A6577F651A50D15F53870305FDC40C610282DB9741A5E062D91F7E70034B4D5285D9EABD5426FF6DA4F4CE4F50772A0A61D98309A6F2CADCB76985FC00A570DAA0770207AA76D0B9988816C1FF5E1AC4B8C4169042916EEB683DE186DD390C49946C5A02CF5810888A369FF41FB1EAB5D28D1DC1A2AC0314D81EB5363C97D2FB6267D26D34A3658E66517CDB1F0BA512338D0C6374473C004FFF464A882810D97FCEE3669B6407F8CFEC4947237AF003CADB48E1981D3884E2C5907054F2D32B9E797F2C1BD271DDD030DF634E45D777510399D91EA105523B30C917407220F67B210C4D8EAF1CAFCE19AAAD17B8C803D9FA03A0241CD392083C0B517F3B5C17A1ACF7FC570985C303A562722AA0AF0800C633559D5801A0A45AFD4C4AFB1D93237A3870916FEA1BC05C34678A42F00BEB1BA03727C9BE887E7AAD67DBD192A31E6FD204E86922CFB3A27926955B96AF2AD03F781CB29A483C143E36A9ACA2C9F8354CAA89E96E9F03958E5BBB905E037A1513B0C90F7B9EE55E0CEDAC0D3A078AD5BE57EDC90FD10C2164D2EB5F0A8D92E7EA3217930E6648B0C48C23BDE188E584F48024DE64BF7A3498528EF0F105C6601A9810D4887D98FB940B27458A0A3D10C7808C778680401BF9B3CA4D40FB00582E6701311DC3B3FE34C5D28C5E27FA0581D8372246D253618B37602ED05B360DDDB03B1F29E30AC7D35BA507B75B1CE915D6C3A8567B01885C394CE083C213E977D06F8C0E34B5EBDB3CCD0D30849F3FC3EF00316AFF02DE794366FD1E51BE8C68142C8E673F8EF7E7C3357C042CA017E97EFCE31759AF3431CFBB9E5618383B259FF449A577B18C1475D22184BE92171A3D3B479B2279269856D6308E11341FFAC0294875F4A25A6616002AEA328BD9E17970EC589C7EB5BBEC2E57F94962B6455407727B59187126D2C84A17706429693885EFB98302680E2C4B391E6C5FBF14B0E1626E1914E3DAA24F365179A8B41AAE02C44A03883EE6F2F615286B47F0282B82764EEAC83CE825B704079B4A4F608DF52D5BC5BE0EDA7CD030402E4485569B8B4C6AF9EE25C7A6FB78A28985F0AA2964828FE648C60A1C44EBFEC99BF514A75CF170CF5CBA2153199E124B8CAA5091616CA3084E01AF0FF18C3309FBF9C0C52E76B5C368B5767FBEB09E872ABC9420D10ACCCD679C02DCF86726EF0D348FEB9B4BCACA463E61DE6B20D7AC1C3ED649704D87A56018ABDCE091A714B88F88C3F4E8F18020AC56F1357C0535615C3C94B8D912E81ED5D77F2CE121366B96F5290BDE36B7FD8FF01A4BC0A0005EE4163828B9CE06542DC11DC0108C5EAF4598CD07D6F05157A04FA7A79488EB6D429CF1BF6A45218C93A1DFDFA016900C2EAC81840906C512EDFD1828C7146D14E9993EB14A4EB3F6350D27B502D4B0D65547A28DA8C0BB46D947954CF8DEAC0AC65FC2175EEF882A4344559E4EB3A22FF081BFC52CD8110B8A2C0C9AEF20A7D89386888F6C061CA6B5F546B8F2D84FC42335BD6B0BDE86E6517FE1EBFCD5E84E6226770C41A903BF094D1F32A1C48973B0E257C281B07C2850B85B20491EEA77483EE11A357A182D9581888BC358834D349D1B77BC33C9D8F5993CDED3F3A44195B6CF18E3244E18C6AA9284EA677FB25B1363848D2545A7DE701A7DF13E59FC857B973B24469643855A0B4CF1104F9CA9A51DBD1596069E2CDD50E1536E0086441958BF43C3CDB51C236D36C9A1C64AD34DA5CC4AF4DC562CDDDB34100398F4BFD5E46E1A163ECB2B3905D28B4F2A32367AF138BE4C2AADDD341A4D1313958DD26E0FDF136EF84A60314C1530D079B453750CEA10E26D0696457CD5E7B601160C55DC0598CDA15EC094CD07A986E04D69C4464AFC7154049F620428F63088B0ED525242CDE9F6D116A7D150E6A04A51BAA36AC8EB33124849B255FB3AEFF612494AD0652208C2490F0A42FA55DD3CDEA6566A8074DD783226E7308A15350B80288104250A46F8351F3BF5ED1649DBC1F6CEAA9548BC0CAA19AA09B43562DBFCD4258F72B37643CCD8F9766C994D6A15966DF8BC281C942BDD8F94DC038C30F639A77FC2CA67D723A82ED02C38A3ADBC13CFBC403465698C90952CFCD8D0911FE18807FEABE9FC07D21D8C4C0A15B2A13061A282C64EB91945132D0DB70966273E20A0110768717BEC389E8921864FED429326935B960262880C0759478FCE67B3A6B3AA09839863102EF31D72A4840141632B75401C152FEC0C9B7C87088D67F70B339384970618F584325A238AA52034A11D4E2185182B5E4F778E02BC16279CC56BFBA0B93DC30ECAC64C5F121D4EFDDA6F36491F4E8BBFDE0AE82007BEC87AA960F0F4CC51C645CCF35DE6640F8B18A9BEC0497948BE1B3AAFC8B5F9DC6138297CC9B47DAD38DB0379AD9B5F4E289C20F1D34010CBEB012BFBF4CCA7322A20D340FC9B96C1C50F381D5565FD680A2F91169ACCC136B243E9F100BA3B2AD484D3CDEB999B3E686194FA19EC6A4BB71883BDC965E6C94ABCB2AD4EE1F3302C2968D7794424DF8ED0862AD4F59C99B2F9678A623FF2023FE2424250E9519C3C095FC83B6206CF44AA8207407AB5A2364ED9BB0904AD53A3B12F467C0C61319C8B85A7BC10D6E2C30C10F271A7C254FDC0729018B16B734039B7C9353692416DB1FDEAE1F6BD6116021BC884B10C1E8F4B1783451D8218AB372BEB89762D127372F8E276344119B24F35B04648A755B0AB4DCB2B920F6CA7E2C4D4C9D985F79ACA6D7A09A154FCB4393D4ACC949E86D21DC8A5B60A1E7F2AF3B5984D3CF8238EBB4C099321B0AE61BFF564CA411C2324A64491B88442916D6BC5E5F92AA5E445BBC9F379DFAAD01CABB1CD16D3FA9A0DAE3360817B3306FE07399985C0184E2EB6985177433BCFBDC42E08C90E8EC11C5033A1D9294EBB0B8D34E6668E1422046E6A3413EEA78344FA0DE3E929C739B5EA75DE9ADC43E5AC5C75DEC03679FDC85434A38B981C8BCF1CD53006D69416CADFB1C0E89AE314291E50740A289A0D035850FB0CFE2AD082FF6C45A572F549CEA96142C2D06855DC18CA64FA80FE0BFB9C323CEA8EEB8887652E2926732BCC85D1874A58886C6955322966F1B5655648309E3B2A26105CC819A33ED2477CAFF9B83271E50221073828070A4F3E33CF919B64469E0B8A893D24DAB1762EEEF8CA43C64027FC5E32D701C9736C9CC6CAB1269493D17B2875E4AEC2CAA5ADB052D341F5820E31E6940C0983560A5CDD816C2907004D2FFFEAEAA5B1E5F08A615FE1FCEEAFC136051E40E360D15C10B01D3781CD684D5EE9BC642D07CE4361C7F588DAC40CC6B80485632E9C1A46BCCCC4D2CFD39AA00B34E293429831BBD56C2430EE5614B96A5C036329451001396757D59204DC2EAFB5DE7BBFA09B4574E09D96F8E4CC4387E97075B436B7B1A125AEFB483ECD818596FC393AE6C8E9319D8CA5A6B55C64BB4351A8462E3F7050A2068AB58BA7D101D25822E70D3FA4FC4EBB5EE373874E400313531DF74A84C8239C464C53C334C359B34025CFDC4743FF229AF5391A6CE1D928BBBFB7FA1245902A2D4024B04736D838310254786D33BC97D42317743DE29E15971DA694059280C8EF92D80AF930A67B529DF55799CC0CAFAFF440DB8EE20B05B62E92FF447786F393416ADE380F2F7448C26CB5245DC51D3D2301AA12BBA23DDFCA473030F0EFA1CEA7764BBB5DB7212C4BAF1ED33501D6260CFEDE17A65291C1A87950E0279690E26472321AF5A9EFC5420AB4B860475C9DA1DE8F981CDFC79AFA684908D00F83D3E3CD1F07C9DB029C842796085D0663F4CDB373FF6A08002588EB1F77FFF4B9CC1A010289C9FDAF2A4DFE46F873562D26377F8B38104496698C6BF788F5A209A991B1ED84655462E3C8D29B83A99081C59FB3FADE0E9C75089D64E0DC93E8A58E95E4338544A89EC42AE145A7D95F9F590C8250F5D3F96ECC242B1870DB664A26BDA04E1DEEEC8C1BC44802F1D5C7434BC24759991C272836CFD0552B422AACEDFFC38C1A0F605E900903950136F97EAB802E392BE90451F25D04806B835549B113F9D6CCC88CF63E9F0872AA74FFE918D79EE2A2FAC79214E59023CEAA90E5EE5A34EDB93B9829DD672D1E3CA3BB159265BE00282183F28231309AAD2066FD6B32F0FC759980C905C50E2CB70546CFD876810490A40C29301C29A2C4DB2494D2DD5E3FC23E6AA8DFBDD820C41B1EF24C815A140A0B5950E22DB2BD7D74018A7C62C72150C95BD1AF7A5E88D244D5292102D6BF9719F9A6ED97B007DAAAC0B957110A4857B0FEAB94A0AC86A1A1978D4FA78E093238CD2C1C703FF256741F6F88151AC4B0DFCE627FD95D296019254147E5171BB3E59E6820D03F1B00B8116A295E7791B418D459DD57A21CC86500252DC8AB5B54DEB4CC7EB095FEF08AF51164708C54246BB912DA8EC424A6F853D0219D41C281C75C80A5258809DFEEBA702392F79E22100345046B86A17877B25E6DC2F8ABC1C53518247C0DA07B9D62C6C8308D61102C07E9D8B6CF3500A2830E186768D5385BD412BD0E3813026673FAA80DF47DEA18A8428FC1C266F30E93BBC2EAA32984189D249EBFB1312BC033530156DFF0C245B224E8F9A23A16AB089F8CAC35740665A2CE53847C559721D2903E9985D4093C6BE582054551422099DDC250581ECCBCDF9A89A062A1763214ABDA2A15E61B822E6BD7EB38998AC120E158233C34D2123A304111BB015A45C33D8F0C5DA622E35F955C0CECCBF9518421932870B2DDA10E6D2B3521D43260D8A19478C7DD0FFF96A51466B2E2701AD14E6D93667E61E78F1B89B3CC06515DADC48D46786742A71F9EB99B32A0FD8191EFAB70BEDBA9A07A8BD95FA35E162F5E95BB52666455C7214DF84BBE5EBD6285EC904D7F1F8B5B43EB7137FFFFA484CE26EF63DAA836137EB886B873514B84CA4708C7AE3F2973D6F2AF0246B99C930110CA9D456E99CDF275981575BBC2CCEE86956D971FF8DE8099BECE101DDF2772C266C2C5F2FB010528B21566B6CF0E8160DD495D6104CFA36448FD077124724C9C084A737093ED6ADEDD846F2B640F426C5D10E30598BF08D70CD114B8C8CCDFF36EED37599E6DD630C6AB7A28B23C55613AC4484A1C53D5B911A570F6E2F45122840929CA2E1BF0654ED678009B835F3425110E3EF2B5D746DB38024A0422BF2468F8F995C02DB9464E7E7D3CF71D677ACC109C5CF90DDBB58D2A096D30487B61E8659675E97C959CA822C92D872102CC6B90608CEE167D9B132D23429BEBCCA3A46301DD7415474A90F274406BA79343AA36A1DE8340C9402D4E519441D861478F0C5C3AE06C2A0CFB50436C473E2C2E2DB86A5828CC32884022D13E8CD42C09FCE8AE291228224FB5052F28F5A70EE2419E4A596E15236F10C36FFC09ACAA7E497BDB1C1293F2C7C3225D07969761B60198CB4C662A8E50EF8F5D8B9A03E7F93DF84C727A3A005D82ABB842124C87B9DD25800525B5E6748D5CC3932E8EDD092466201C6121A55F3090FCC3F81DFA48341BFF0A3AF4A3B38E73413E979C14AE201640E7E5EF7191037900B2331710A9AF82C5FD70CF9AA49168004531033593684FABD0190A64CFD2B458A9FD4B07E54BA1CE053F093841C84736BC28C5C4E050AFD58521FF9EA090C040B3ABE2DD4AAAD0C197921D03C3543889B5D1C7AA9850236A3B4DA07EC2FBDC309E058035CF5241D239BF090491028C1983A3560A93B028017D1E9538B688B487D0ADA40D0B71B6BED780A9EEFAB9402DB6B21644FEEE7000664F1AC6BE81900873C92345F50651C15901B41CD0A5BF5C742ED5D96F651582A2898A350198525AA32197A3C232A9B383DA9DD8C81567AAAADE83C66487DD6F24819178CD280252CC1AB5CBE515D2FC757AA9BABAB3A4F45AB0CB8682E86D3DBFA6084A5B77E78D17810ACBB55ACCD7EE74FBE624EA81E8B1804BEF83E426B76E004B228CA84DF4106DC33629D5CD45D4E345ED466FD3EB9E35E0F20D96FD6652DC6BEB8AE21BF46A1873BB6512FE102CB825FA4DA430A641045AD787B770006256DC8E845B33EB29FB82AB6D96D988FB428A25C61639272C261F2EC32AB60DE093C66E71D73CA586BA027DAE901839AF404EF7E01E4D2A30148DA9802C2C91DA78A02B41423BBBB011C29790ADC46FD4A488D23B8D473A21876B204ECEE0A50AC8EB5403973888265090F4A6F6F6ACB489CFB2173154928B19C849596F815B06EA270318CE585BF748BD8E1218090107B9887F83AF018B6A4E791247042C208D71A49EEE71620BACC8831398C302C752F95E4C79BAB3709323C04036068797532393509B6ACF47ACFD5F2DE0684C13C7824D6FC8984F25400A0E437AAA3F3556909B093709F5618C3301DAA5F52F2F3202F34083C248031CB88E54E138427A863959135C7F61E95A8BB0937B646F27B471772B78200E2BDB77CA6F5D373C2A7BA08EFAD330AC8A08C4810A1AD52E6033C738B15E3B471A9C550E26061A6947B2B1B36945F85A205C20B25CF4730064A1B05C5CF1D4453498271D560E7CA4F3868BD279CE2743464B58F38480F1B9728220630D4F09E09C32BFD7AACF46F0C730DCDDACE8FF2C781A929A59C0AF4E237050F418637353666B90B574F901686C18088990E2BCC1424327800C630641C315D89E2DD2FB6ABC7385077E1BBDCAB92C20FB27B8D3D1A34E25284C8EBAC0C00CA0791A9F443C53BC13FCC8C3C1E1F40E12BAFA69E1661E17F58B4F05362511955DD23ACD62A3ACCDBF800CB1CCD8785EE66CA60514DB48D6EC5CB9E3E64ADBBA43FEE5AB077DCDE6D295796330BCF3FA9A0D58A437561CC9C00D6B3230418CA4D5E82231C07624495EA8AA899DC8F42E5E99CA542ECCFAFBBF2E8149C824E466E40B35141F07332600C98DE345C3DED7EC0BB3437ABB9E14428CDD5E3DA0CB3FFA21007921CBF1F32B04E7372D4AE4F83D557887D2678FD6229150F64E1DC21B34EBA49A2BA7C3F02D586E53645828E1AE7E42FC9931D1FC61D391ECDCEB3EA0A48ACD2A6BD6CC69481D76D024BD139041E16AF196BF3095A59C79ECA55DA7EDEB74C99AE836BC4CCD81F632C6258006CDE3BE0AFAC92386BC841C2291C7915BFE630E1D3124F4EB90CA4FE87CE8507BE49394C7AFF19E33E0CCEA628477B461641224D3B05931128C4D34C57E65F2B8D78E050DE20CF506B1EA44E345250A5267A0A61576484A8E92E43B4306AB2F3E85646BB386019516AAE9927EDADEF34E29C0390AC4203EBA0488B3624A34FD9927B31B5C606170EB94E83A91BB284E1C8CDCB0F4B360200AF4B659943D388653F85C9352AE19488DB79A2FE1305E2BB8FD331A397E1985743E789E4C63912E06B14B66C82285AE4357FACEA39E7F82083EA60194CDB07A7C7700804527712F4708BFB430C38C102BA6BF437C608A61AECFEC2C5AFE516E0C9941884DBBD1BCC3165121209025A39429A312A03C1DCD1A69B0DAFFA9246FA3F869B62975FC8601162B240F677CF56C2158BD5A9D835EB8E07D1A8DA24A7EA24723223B56543DDB4B42BAC5CCD94AE87333058CE939E590599DF0F85A3BF02B02B67EB303C59FB86195034D560E225E70F5E55B4F43386004D9CE6AE430C3AD91D76C1CB4315680CF71C7F2B4B86068E225CE232342E9FC1AD173721A3CB94FB6C34F5E9E00A68DB4D3B597F092020E51BF4F5BA6C434450D896274AC2A021C675DF5E43868169573B0BCABC9B7C79C781F0AC0C108B18773B1EDA20E8583E59048E5D4A603310C94687BAB4FFED461E045A4BC3A3B15744A5188337A98555C70E11F018DC6CC6DD4A3EBB5BF00CA901B7A207E6C021C66DB8926D09F9151E800878979D15A2ED571750222E095A4A1546BF319561639E988981F5513410CCC60EF95C5C6768D83F980423433E0A4322458E6B007F43AB7342969B99790F094BEFDC2DE15FA1871E494B503802BAC8CB842563182321621C210975CEC766A0FFC308D808E5BD8D56666192144621A208AA516A71D3F9C2CEF6F02511900229B46DF8BC708C44E3D8A298F708196BC66F75F91732E5AF062775A9ACA36CE2DA64BC"));
-        byte[] sk = Hex.decode("07FEFF0702FB0106EFFCF40401F9FA0B03FF04FDF2FA0F0201F40810FC02FB0D140204050CF617FF00FD0805FDFB060007F2F2F6FA08FB05080504FF0801F306EEF5F8F607070202FDF9F3F6FAF5FF0703FCF1FBFD05FBFE03FBFD0509EFFF090BFFF903F20002F309FE0302F7F3050906FE110207F5F1060DEDFAF909FBFC1502FD010707FBFEF3FD03000A0301FCFAFAF50500FE06F50D030008F1FA130006F804030AFEFF08F5050800F603F60700FB08F80D0AFC06FF0FFF01FB00F7FE05FEF9F60301FBFE0A04F9FD05F402FC00FF09F70EFDFEF7F10808FB01FD030203F3FE0EF8F5080207FFF30D0201080A03EEF60104FC02FEF9FA0A02021000040705FEFF03FD06020009FD05FC06050204020A0D08FAF9F1050DFB07080A0405FC09FD1003090E0C000703060204FBF806000AFDF7F4FE0A0104FF04FBF6FA02F7EDFDEF050710EC0B0209F90600FF0703070509FA0CFCF9FC0304F6FFFA03F3FE0202FBFF0812FD1409FE02FBF5F80B08FF07FDFF06050209F609F90BF6FC0013EF020E0F0B04F4FA050DFF0BF8F5EF0AFCFEFBF70512EF10F505FAF7FFF9FCF7FAFDFC0808FE0A030CF8F50C02FD03F108040612F80214F6FC030C00F30B0EFA00FDF80C000603F809FF0304040AFEF807F60B05F5FAF6FBFA0A0A12FE0007FE0AFC06FE040606FC08F9FFF6FE0AF6FB04F6FB060C00FAFCFDFE0800FBFB05F7F20004FDF6FD02FC0210FB040DF604FC06EFFCFAFBF7F6F9F003FCF9FB050801F900FE0A02FF09FA0203F1F900FA06F501FA10FAF806FCFA03000908FC020AFCF70102F9FE05F202F2FF0900F702F4F1FE06FAFBFD08040705FFE9FCF90907FDFAF00F010B010B02F4FFF90FFB0401FF05FE08FF02F3FDF3FFFF10FB000FFF07030B0205020D0B01040BFBFFF9F71AF00306FEF704F3020AFE03F0FE1801000AFBFAF7FEF7EB03FB08060A020109FC0E0107FB020BF80506FA0CFD0116F603070E0808040AF60808FB04F903FEF1020204FB060FEBFD04FF07F8040708F807FEFCF9020A0A00F6F80A0D01FB02F5FEF40908F401FF02F8F50B060205FC11FA0404FBFF0305FF01FD0303FC0DFF030A0AFD0009FD06FB03010BFE0B0A0D0003F3FA07EEFF070008F7090206EDFAF9040709F50D07FEF50EF9F7FFF8040208FB03F6FDFEEB06F5EF03FCF506110200F6000D030603F3FCFB0E0EFFFA02F504030B090B02F90806FE0D04FC06F6FE04F90607170106FEFCF6FA05FBF0F6030600F4EF03FAF802F30004F30703F5F8FD05FEF0ECF9FC0209F906F5FA05070CF60FF709FEFAFB0D0305FF0102F807F703F0F40D0204FD02FDF108F80D0CF7FAFA070503FB0307FDFAFEFE08FA02F80D0B0AF7F710FC03FBFDEF07F9FD010104F1FEF1F4090507FA1101ED0B050212F80E02FE000708F5FFF202F500F7040DF303F3FEF4FC0D050105FFFF0A01F4F6FFFCF6FA0001F908FFF3F3F8060AFD150107FBF3FFFB05FA08F6000DFD11EEF9FEFF000CF600FA020204F70F0909FFF3FBFD0906F7F5060512020803FC0001FF0C05F8FEFBFBFEFE05F90307FEF7EA081105070102FAF706FFF41407FEF901F806FCF105030F0100FDFA01010807FFFB07F50DF4FBF70D01F805FAFCFF000AE6FE0D00F80AFB0007000009F8F8EEF3FA13FBFCFD05F9F503040EF608050CFC0E060304FBF80E00080901F7050C0007F9F009FCFD0001F9FB180EFFF9EFF400FA0206FE05FE06F6FEFE00F207F0F9030A0AFF00F6FE01FE0C090404F7F0FF04060F0B0806FDFDF6FBFBF2FFF4FAF80CF9FFFAFFFE000703060BF900F80A01FEFFFF0201FA00FE0BEC03F7FA00F8F60C040300F6FC03FC000014FD09F80203F7FC0A0D0007F806EFFF0409FF0007FF06ED0A0A02F3F1EF0403F8070405EF0102EA06FA0206000308FA0205010FFFFCF6EF0C16FAF7FA010DFD0503150EF903060803040004FD01FE010607FC15020808020406FDF5F304F7F8F6060AF7F7030CFC01050404FB01F8F8080905F70607060AF3F303F50501031200F502001205FE01030503FF0400F2F2080AF7F9F8020DFFF5FF03F8070806FB06020704EF02FD0C0108F90808FF0109F70BFC0BFFF30801130A09080202040EFFF504F5010704050A01EDFB0DFB1109FA0605FB030CFD01FC1601FAF9FD09FF0CFFFDFCFCF5F8F50606F9F8060102FBFFFBFB080CF913FB0409F9F90C0EFCF8F9FDFEF602F4FCFDFC040902050AF8FCF9FEF40C0A04100701F60E0901FC0200FF08FAFFFA05F70803FC0E0707F9010A0600FB010CFA06FD010EFEF7F7030011F202FFF5FFF20706F7FD03F50205F70500FAFFF705EEF7080C0A03020C0001000702FE02000404FC0105F0F7FFF0F7F6FB020DFEFBFDF0FF07FD090202FE080201000B0409070AF807020EF402FE1003FE02061202F8FF02F200EBF90BF8FDFBFF04000704FF0306F7F3FA04FD04FE0CFDF80BF804020501F3000403FAF8F704FEF80FFEFF06FCFA0109FE0AF200FC05F3FEF90701F40E00F1F8FD020BFA0B09ECF2FC090800FD05F109FAF708EB0C0D01F30AFD0B06F70004F9FF0902F604FAFC02FFFB02F5F50900FFF811FCFFFF09041402F5F604FC07FE01F4FD02F0FAFC0005FCF8FD06F80003FDF9FD0EF7FDF907F5FF07030B03FDFE00FE000F000A0D0303031508FAFA07FD0314FF0CFA0B0206FAFCFA02FE01F7FB03F70004F7F409FB04FFFE0601FF0AFA05F90401F51005020A08FF0A0CF805F5FF02FF0501F503F8FCFD000403F5FDF1F805EDFEF9FD0B04000008FF07FB0C14F8F9FB08F8FFFA05EFFBFF0002FDFAF2F802F8FB1A0202FC0010FBFBFEF9F705FDFCFA07FE14FA010D070B0105000008FCEF04F6FD0B04F9FFF00DFC0A050608F9FAFAFE00F7030BF50BFD10F5FA0F0100080C10FD0600FBF30A0A0CF4FF01F20A0E0D0CF4150000FC00FC00FF0E07FCFAF90CFDFDFCFDFCFEFCFEEE0A03FC07F80205F902F60A0208F3F7FEF90202FD00030004F2FAF903FBF80103060FFFF9EFFF01F412EC0A0105F901FF0E0A03080202F6FF09FBF209FA0DE805F4FBF506060110FC00050FF5EFF50A0BFEFF04FE14F3FF020EF802020508F5F9FEF90806FCFD050E0711070D01FA060205FF0204EFFEFDFB07FEFD00F90B030508F6EF02FE16F400FDFB060304F701F3F4F90501FB03F8F404E5FF02FB0A00F8FE0C0B000AFBFCFBFF00FAF2F5FFEB05F0FA05F5FFFA0408FB00F90204FF01FEF00C12FF01F8F6070402000502FCFC0B04010E021103FF0BEF09EAFDFB06FDF9FA080CFF11F90AFCFAFFFE0301030001EE0EF3FF0000F40FFEFB08EA00000F08FBFD10F307F1F5F200050105F9FB0AFD031302F4FFEEFE00F709080BF7FD06FE0EF5EB010DFD0607F707FA08EE08FB0007FF08010102FA00FB00000803FD04F806020500F8060CF4F9060EF9FE020A05FB0CFC0006070202F6F20003FD0DF106FA0206F10304FDF80F00FDF6EEFFFDFE0FEBFC0D1BFB05FDFF02FA0806F7FCF1FAFD0403FF06F80E01FBFBFC0C02F203F90B0B02FA0CF815FFFE080201FB16FA02040802F50503FDFFF8F7FBFD020202F8060D0601FC04F1030202F30FFEFCF50BF60901F306FE0605F9F8F502020A0406FAF80208FDF8F9FCFFFD0EF30B04FFF5FD040001F8040105010100FE0E00FDFB0606FA04F505F9F811040607FD080500FA07F300FFFBFEF0F5FD0209F802FF04FFF9FCF9FF0AFBF800F80AF9FC09F9F6FB0EF80805130B06FFFF0104F40603F10001FAFD06EDE5F8F90C05FF1202FEF000EA0006F801FFFAF1130CFDF9FCF806F913FFFE120609FAFB06000CFBF804F40BF4FCEC00FEFD01FB0307111206F9F1FF06FE020CFDF802FC0003F9FEFE06FEFBFBFB0BF8FB0C04030BFB00FC0405F8FD16FBFF0207EA08FEF5FA0F07F50506FE00F3F20BFC0A07F702080FF509060203FD0505FD0BF6F905021206FAFDFF03FFFC01F20204FEF6010009FF0BFDFC0C120402FF0602FC0106F40601FDF6010B0611FFFFFFFFF8F5F7FEFCF5FB02F805F50105FEFF0202FF09EC0408FC03EDFA00F306FCF8FD0301FBFA08F8FD0007FCFFF6061011F80E090D07050506FAF00AF8FFF40304FE020AFCFF0CFFFB0BFD0E0C05F50C02F60EFEFDEDFF090802FE09000BFF06F208FAF9FF07F500050901F508F1EC0BF9F6F30FF8F006F6F50007F107EBFFF80406FA090401FBF812F608F4FB09FB0FF8F0F1EEFBFE050011FF0AF7FDF201070C050EFEF5EFFD01FF08F500F3090BFCF201FEF90BFA0DEE01FDF8F5040109FA03FE0601F30D02F904FEF804FE070700FB12FAFDF9FA13030A02FAFFF60407FA02FCFEF3010E04FC04FAFCF4F7F802090307070F03F808F911F4FBF004FCF704FB0B13F8030B01F307FBF405FFF30105FAFC07040605FB0006F7031001FE120600FB02FD08FFF60C0709050108FC0CEEF41AF40DFD02FAF50AF6FEF10000F2FEFDF0F6FBF9F30BEE0D0E0105F6FF01F105070E06FEFF0713FBEBF8FF06F50100F504FDFBFD080AF9F6EDF9EBF60B09FE0C00FDFDFE00F51EF9050E0A030101F70A01FF02071BF2FEFCFF040309FA03FBFEFC14FCFDF6FC01FB0AFF020206F6FA0D11F7090BF9FCFD07FC080709FE06F4FDF5FDFBFF01FA0F0607FC02080601FF0506F7010808030006FCF8080F0200F2EF0AFF03EDFB03EEFA02F00AFFF80DFA11FDFA0FF801010BEE0103FA02F5FE03010704FCF6FEFF07FC0901FEFFFDFAFDFCF002EF02080506091208FA0B0AFB0116FD00FE0416FE01F70B0DF60110FF0608F60507F701F6FF06F3FFFE0BFCFCFBFBF80204FDFF11F307010301F6FAF003FE050704FD02FFFAF503000103F0FDFF1006060EF1FAFE00F8FE0A08FC02F8FA051406F508F8080306FEF8FE0F0108001305030DEE07060608FF07FE1107FDF80105F20A10FA03010C02FAFEEDF3FBFCFE060104FCFF01FF06F6F5FDF4FD0904F702FB0EF6FEFE01F8FAFB0003FBFB01F915F407FDFDFA01F9FC0A000807F5F8F4FDEFFE09050B0BFCF9FA030103F2FDF907FEFAF70502000FF50605FCFDFE0A05FDF5000201FE0EFAF613F9FB000404EF00FE0D04F901FBF60CF7FFFD0203F8FDF70301F2EB020405FFFD03FB09020405F5FD06FD10FD06F5F5F808090404FFFDFE08F9EFFF05040CF5F412FF03F4EE0308001007EF0BEE05FAF80FFA02080807F90001F8020906F4F2FAF901F501060800FC0306081601FAFD07010EF606FD05F9F305FDF504FDFF060F0606110A0002FA030007F80E040BFFFF070100F6050008FB05F8EEF70005FC0409FE0007FFFA1000FE08FD030B0104030D0106F8F9F4FA0901F8F7FEFE000D0FEB08FF020B0605010B010EFDF500F6FB02F6F8070000030AF6FC0702FAF90DFDF80009F901060B07FEFDF002F206F109000DFDF1FCFCFBEF07F7F307F608FD00F803F809F9010408FCFFF807FD00FC0DFDEDF90706FFF7FF0DFA02FA00F60000100205050B00F602FFFBF70BF60001000A09060A0A0A05F7FD01EE0EF8020BF5F006070AFD040B01F2040EF0F60AF90BFC03F9F102FDF50000F3FB090FFC0705F209090304FFFA07FDFA02060507F705EFFF0BFA01F2FBFDF503FEF5050E01F908F406030005FDFC1603F601FE00FE03F407F50308FEFF0403F90204F509F1FDFD0503FB05090802070D07F9F8EE050E0107FB00FB03FA07FBEE0012F310E4FF04FE000C01FDFF0206FBFDFEFD0802F6FC030702FB0203F7FE00FAF6F8ECF5010DFE00040BF3FF05FD0807F2FFF9FEF9FB08F7F7F6FBFE010708EEFD04FEFFED0209F703EF07FB0AEC020BFF060AFC040308FE030D05F109120CF80001F4F708FDFDFCF80B00F203F8F6040203020010030BF9FAF9FFF404F6F9FBFDF6FEF8F7FC01F2FCF8F3FFFFFCF7F20B0F0A00FBFCFD0408F50DFEFF08F504ECFD13FD10FD08FD05FF06F70407000C1005FAF7FBFBF304050DEC0101FF0CF1060010FDF9FF0705F404EF0307F9000106F801FB06F802F8FF080C0CECFE07F5F4FD06FCFC0401F7FE050EF3F9FE03FCF10302FF08040907000104F90303FE11F80602F5F70201FDFA060FFD03F40A1205F205070AFDFC0A0002FE01F902FFECF9000D00060EF0FB0D06EBF50C02F614F4080402FB000704FBF706020814FF0A01FC0A0E00F0F8F607F8F608F1050C04060213030BF60606F9040C03FBFFF3120403FDE70003F4010EEB090001F40903F8F9F5EF06110D08FD03FF0408FDF50D0407F9070201F9FEF4140F04000A07FA08FEE907030A05F6F8F4F7FC09F502FAF808F6F6FF06FA0100FF0B0D03ECF50AF7F0FAFD0A040901FD0FEFF70BFDF104F600FDF5F1F80DED0D070009F907EDEDEFF201F90B03F90D0301F5F706F402F5F7FFFF0AFBFFFAFF08F9FEF5120405FEF808FF05010A0AF9FD0DFDFAFAFBFD01EAF6FE0BF3F7080306F60D000403FEF90AFB03F70D06F907FDF811FDF806F707ED03FE0900F508FF0C07F704130805F6FA0300FCF900F804FCFB010309FAF9FE04F505F501FEFB00F4FA0A0500FF020A03F90EFFF80305F8FCFC03F20408F5FE00FA0009FAF80EFD0A0311FBFF0D00F9060505F60504FFFEFEFE0AEE0A010EFCF701FFF80302F0F9FCFDF5011209F8F80500F4EC090CFD0601F612FEFB0F0201FCF31007F7FCFFFD0F09F01013010707FB020307020402F9FF00FB00000E050600F7FAFB02FAFE0CFFEE050E020D07010304FFFCF9FB1101060907F606FCFAF9FFF90408FAFE080DF8F7040C07EFFCF7FBFE0CFCF40DF908F0FFF80803FD13FE000208FC0EF6040AF1FD01F2FDFF0800F80FFD0FF807FFF9FB01FAF8F9FCF8F7030CF7FC0305FE04010003080AFC0300F5FE04060AFAF114FFFDF5FFFFF70AF7170416FE0AF70207FB0AF5FDFA06F3FC10FD01FB040A03F9030707F708070507F308FB0AFA04020404F8EBFA06FCF403FDF7F7FC0D070306F5FA000AF0FDF300010EF8F9FEFEF904F801FBFDFEFE04F2F0FAF8F2F005020FFEF7F9F4040AFF000BFB03FD02F9FDFCF6FD11F815F701F2FF000CF7FF000AFB0F06FF011400FD04FE050209FC03FAF807FBF8FD060201FD07F607FF010E110AF2FBFBFD17F11508FC0202FA06F90B0A0602EF02FCF0F203F4F8FFFDEEFBFC0512FF01FB0103FFFCF5FCFB00F703FC0A09FD02F8FDF4FA07FFF404FBFB0CFDFFF1030610F3F6F5010017F501F505F4F603F1FF0A04060209FC010608EEFF05F60604FAF90202FB030502F4FD05F70312FAFF0007FCFB0B020C07090AF9F2F6F8F203F1FBFF000207030411FA01FFFE0303EFFE0606FEF6FD000901F900FD07FD0B00FC050004070DFD050CF50B0D03000104FC0002FCF6FCFFF008050D0002F00CFC0506FA030DF604EEFDF90609E902F5060AF7FA0A0309F90BFE02010E0B0405FFF6FAF80307FD09FFFDFFEE06E8FF090805F5FDF6F90C07F40C04FB0BFA04FBE604040DFFFEEF05ED020108FA00F804FEF00304FBFDF702FB02FAFA06E208040402F2F4080501FDFA00070DFAEF11030F10FDFB08FE0B08090101F1FEF7F5FF02FDF8FA02F8FEF8FAFDF4F5FF0809010108F80106FC0701FA0C0B0DFD050301EFEFF7FE04070A050C0BF6F308FC06090207FF0AF4FF09000A020304F5FE0204FC01000101E9FBFFFF090303F5EB1802011204090EF80004F9FEFFECF2FCFCF303F8F505FF07F80700040D08FE08F00006040006F9FAF7000C09F804FFFC00F910EAF8F80700FCF5F6FF0213F8FEFAF8150208FBF80803EE06FAF504EEF50F0800FAFCFFFA02030211F50CF6F8F004FBFC01FD0BF20CF7F60100F7FA05FFEE0507030807F8FCF6FB01FA010600FC05010308F61402F605FCF9FFF40601FCF9F605FF05FE0011F80AF9FC03FD00010B11F8F90802F9FC0600F50A02120501FA11FD03010AFC030C040405FB02FB04F0FAFCFBF700FC10FCF6FC01F301FCF803090DFA18FB0701030DFD02F204080806F106FEE9FDF507FF1505F8F8F8010C030909FD050306F40F08FE120A0C050102F7FBFB000604F8FDF8FEF8FE080AFDFD08FF00F007FC0003000401FDFFFAFC030401F2F6020CFDF80401F7F807FB07020C000C0101FEF6FEFDF60811140E08011407F905FA04F504F60AEDFB0210EFE405FBFFF9F0FB04F9F311F7FAF104F0F6000009F8F5F8F7F303FD0201041A04FC0509050301FE03F109F1F7F9F10311FFF3FB01F8F9F6F6F8F80AFBFDF20AFCFF0CFF01FBF8F4080DF502F201F0F7FC0AEC0713F6F90206F7FEF502FD05F9EB110001F8020706FA02F80105F404FD13F8F5FAF104FB0E0301FCFD04FBFF02F5FDEF03FEFBFD010D0708FFF4F6FEFFFEFD0CFEFD01F8FA1207090001050AF20909F50513FA06F3FBF4F7F40301010307FBF60103FB0B0AEDFC0D08FE09060A03120CFCFC1800F5FA030AF901F2E8F903F201F7050DF8F9FDED06FEF8F0F5060507F5031001FD05F3F008FE0BF9FE03F5000600FA0103FD06F8FDF9090CFDF60CFE050A05FFF8F206FD0904FC0200000106EF07F301FD08F701EDFD0300070F1404F30BF506F4FC09FAFFECF8F7FCFDFAFB07F60AFD0AFD03EE090900F80207F0FE04FE060A0B0603FDF9FC0000FBF3080B07F90904F0F808FC00F9FEFA04FFFE05FDF3F206F8FDFB03FB07FA010CF60DF7010FFEFFF40407F302FEF0F80D011306FE06F905F312FCF10107F3060310FFFDF507FF02F3FEF1FBF700FB060305050803F90703FA0405020BFC02FE03F315FF12F80806F80201FA020E00F9F9F90309FF080D0501FBF512050201FD08010AFBF606F00908FD09FBF30810FBF7FD130109FCEDFBFEF901FC01FC0FFC0403F51A1603F20812EB0404F9FDF700FB08F5EDFF01F108FE030CFCFDE9FF040703FC061100020C04FDEDF9F8FC0A0603FC02FE0AF806FA04050AFB0AF2F4F6FBF4090E060504FF0703FB010401040606F9010C00FC0B080400FBFD0B0C0505FBF3FCFCFEF610040D0808FEF4F001FB000EFF070806FFFCFEF406F9F4F8EFFFFC0605F80805EB0403F91313FF0303FC010206FE06F4F7FF000AFDFBF707FAFE04EE090A08EE0AF8F9FCF7F50C0308020C02F3FB030701FF0D08050BFBFCF9FE1200030704FFFCF9F3F00CF7FDF805F501050302F7F9F3F8F608FEF105FE05EFF6F7FBFF05FE0713FCF80D0B0303FC05020B13FEFEF9F1FD15FFFE01FAF508FAF703FDF81208FFF9F90700F4FDFFFEF502FDF90B0C05070701FE0AFAF9FD0706100007FEFA0DFEFC0BF8FDF6FD0104FB0309F706FC0606F101F9FEFCFB1302FCF4FFFCFA03FCFF07FFFD1509EF13030001EE040105F901F908EF09F7FE05FEF1F60CFEF7F50704EE05F801F70208FD01FEF812FEFAF50102F4EE0102F10906F902FA1316F3F60406EDFAFBF7F5F808FD04F807060701FF09FAF4F604F60002EEFCF2FC13FEFA02FDFA0814030207F6150004F6F501F10708FA0FF7F9FA0108F2F705020101F30E0906F50F0BFAF7EF0907FA0003F4F8040A08FC03FFFAF4F8060605FCF807FB0DFFF6FDFBF7FEF8060F05FFF700F1090907F403EC03F705FB10030E0AFAF7F7FD030AF6F205F603F3FB0AFAFF07F40BFF03FC08FE04FAFA0001F60903F602060DF6FBFF0801EF02F7FE000E0BFEFAFDF506F503FAEAFDF5FEF50C09FFFD00F9F6F809F9FA090102F5FF0000050A0400FD0DFD0705ECEFFFF7030200F2EBFAFA02040E0CFCFBFD00F90600FBEF0609F0FE03FCF9FDFC05FB08F3FB130DFF0F0208FB1006FDFA02F902FB1108FDFFF8FEFD0311FFFA0502FBF905FD0AFEF50C08FC06F1FBF7F40003FD07FF060809FBFEF30A0500F6080BF60D0CFC030707F5F413F903FE040006040A0C0403F612090002050E0AF610FB0401FDECFBF7020DF9030405F609F0F0ED0103050FFD0B070506F808FBF6FB0519020703F808000609F402FF0907F3F9FC0704F7FCF7FBFB0D070AFA0BFCFC130AF804F2FF040105F0F1020408FDFCF9F407F7FBFDF300FBFC050A0E12F4031504FAFD0214FDF103F2FEFC0801FEFEFEF91502F10700FF08FCFB01FD060C01F6FC01FD070107FFEEF010FD0B0208FA00F7040103FF0BF904FEFF02FC07FEFE0007F80305030204FA03F9E8000D02FFF4F4F60408040105F2FC0DFD0504110102FE0F00E706F301F7FF0108F90305FA0202F3FCF612F101FEFBF80E0C09FDFD000013FEF6FEF6FE0BFF03170001EC0501FBF4FDF0F80BFEFD111C02FFFC06F801F8FDF9010BFE09F6050602020BFB0C05F90401ED0FF6060E02E9FFFFF700FE0E0304F2F5F6FBFAFCFD03FCF5040417FDF506FB05000BF8FFF1FE0405F102FEFCFE08040C0F06ECF6F6F9F4FFF9F9FBF8F1FE00FFF40CF4FD07FB0503010B15F3FEF90CEEF80AFF0BFE08FFFAF3FB0AF301FEFDFD01020706FEF5F714F601FD040A0A0D0A0BFF07FA0700EFFDFDFBFC06FDFE00F804F3FF00FF0AFAF9F801050F07FC0310F7FA08FAFF0203FEF6EEEBFF000009F906FA0A0CEEFFF1F7F4FEF3F5F4FFFC10FB080608FFF6F906FCF6FE0D00FF040B02FC0BFF00060D01060A0AF600F50CFFFCFBFFFBF9F8FE070EF5FEF8FBF606FB000DF706EE04FBF0030BF000F3F8FDF002FA070A0603FB02FC01FEFA0407FA00F2FFFDF2F80BF607F70402FC07F211FDF8FF0101FDEDF601F4FBEB04F0FB04FCFD050101080A0AF50302FC0803FE1200FEFDFDF3EE090E050DF9F803EEF1F4F802FCFD11FB02F4FE02040A0C03FF1506F806FEF9FCFE01FCF4FD0104FA02FCF9EC0911FAF2FD06FD03030A05F50A04F4FEF7FF0B050001FB07F80601FEFE0CF9F7EF0C1209FE06FF07FEFA0600FF02080207FFFAF5F407F5FAF500F90303F81106F90BFC050FF900000D07FD02F9090306F90107F407F3F7000007FDFC090003FEFA00F307FDEEF0F9FFF70CFF0BFAF9EB0B040605F70504FA00020CFEFF09FD0CFD03FB00FF0CFE0205FC02FB08FE06FCFF06FD070108FC0DF60E070EF7040D00FF00F1FE0108FBFD090008F7F812F006F7F2F60916F0FD0F02030404010502FEF6F0FBF10BFDFCF3FD0F0FFE08FF00FD02FD0602FE00040CF100010AFCFFF90818F800FC010F0AF60A0403FAFBFF030803080DFDF9FEFC070E0AF30200FBFCFBF913FBF3F9F9F1F7EB0C06FCFF040D01F0FF080009FA0C0AFF0505040008FDF6FE01FDF8FAFD01F9F90708010908FEFAFEFC010C000312040804F6F8FD0406020D0004000405F8F8070EF8F4FC070706F80A05F4F90803FEF3FC00F6F206FA0CFAEB00FC00000AF2FBF705FF0AFFFF0604FF040709040401FE1505F1000EFA030F0BFFFE0602FD03FEF5FF03FBF0000F07FB030000EF01FDFA09F80A0606F804F5EB10F502080606FE0A0703FFFC0308F40806FEFFF9F6FDFBFFF1FD090501FAFB050E0BF9FEF8FFFE00F701FFFAFE04FF0204FE0CFCFF00FCEB0F0D0006070606FB0802FB07FB060306F907EFFFFFF8FA0AFE02FEF70F06F8010100041211020608F505030407F400FEEE09F9F3040D0B00F703FDFD01FA0004050E01FCF801F6010806060308FC0AFE070BF813F9FE0F0EF8F700F708FBFCF2FDFC0DFEF4F7F70BF9F4FEFCFCFC0BFFFE0AFFFFF6FDFAFEF7FD0C1005040AFBFC10F9F907FE0AFB090808050100FCF901FB190FF20C00F8090106000C050AFC0A0201FA0902FE0503F2FAFF06F0FAF6FB050204F905F604F6FCF90005FDFB00FC0B05F1FDFEFB00FEF703F705F8080A12FCFEFA08120001ECFEF7F40FFC05060008FBFFF607FAFDF403FAF616F8F402F9ED1204090A05EB00EEFC10FD03F602FA0FFD010807060504FCFFFFFE0C0BFEF7F7F4010C0AFDFA040EFE0415F702F3F3F905FC0A0102010B05F4FFF7FBFBF701F80EF400FA03F8FEFC08F9F91BFC05FEECF90B06F907F9FBF409FA02F70605F5F6FC09F5FC0BFFFEF007FC0B080001FAEFFA0DFBFEFD0504FD0CFA0205F6F908ECEEF8EFFFFA02FC03020BFFFAFA0E03FE08F400EF0102F8F1FD0002FDEB060AF9060808060712030401F603F5EB01F6F604FBF8F0FDF201F50AFD000606FB03FF010E01F9F707FD000C04FD020F0600020AF403FE0707F902FA0CF8000503FFFA09041019FF0CFDF8F0F5FCEC0BF7FEF80610FF04000504F5F907F204ED0009F70002FF03010208FE08070404F606FE11F4020C0505FD05FDFF00FAFDFD03FDF10A0103FCF801FEF4FD0604FAFDF2020004FB0A021DF90308FB03030109F008FF01FF05090007F107FFF70607070600FBF602FC09FEEE00F7ECF201FCFB00FE0000FA0803FAFCF8FB03FAF8FAFC0B0903FF0906041003FBF901F900FE05FCFEF5FB020203FB00FFFB050B0503050003FEF8FB050105F9FE00F9070802FC0BF6FC0FEF08F406FE0313070404FFF8FBF9FA090AFBF9FD01F4020504FE020FF8F3FA00080308000C0FF6FD010BE603F305FBFFFB0111FCF5FC09F5FC0D111200FD0306FF1101030608FF04FF07FFF6F40301F303FEFD0903FE13F201FF03FFF5F703FD0A10FAFB0105FDFD0D040FFEFEF8F60CFA10F2FE00F404F7000DF304FCFCF40F0209FB020300F7F1FDFEF5FCF8F9F7FE0DFA04F20D02FF0B0EF80AFB0AF90A01FBF303FDF2FAF706F802F806F60209FB010702F5F502F9FAFCFCFEF9FCFDFAF80108FDF609FB00F6F1F7F607FB0C0101FB0BF00BFFF71A0104F004FEF3FD01F90DFB04F507010B09FDFBFC18FFFAFC040EFE09040004060708F8FDFFFD01050703FDEDFA08F5F4F0F2090811030701140AF9FC03050306FF0A0D0109F5F1FF0107FC0200030DF801F5ED0613FFFEEE0C0A030705FB0A0E00F8F5FC0A0C02FCFEF9070F0208030E01EFFB08F5090A05F8FEF7FDFD1001FEFB0209F70F0202FA02F900FCFE0208FCFFF4FAEBF7F6FE010801F606EB04FC0BFC04FC00F8F805F10FFA050DF30407FD04F0FBFA01F602F8FD04FD060EFC080F070F0014FB050F0106FEF00503F4F5FEFAF600F0FDFA0FF604FA0F09020010EFF5FEF904FC090904FE050900FFFA05FE0BFB00F9FAF4FDF4FEFA0CFC0D040701060204080E06040402FAFB00000006FE04F0FB1200FCFDFBFE020C0A0BFA010C0CF2FB030404F90D0208FD0900F7F9FC030CF3EE0416FE08FF0DFEF0F3F4070DF904F907EF07FFFA04060406F0000D00F3070406F6F5F808F4F8FB0B05F90EFD0705FEF0F9FB0803090C02FBFEF6FCF1F3F9020405FD07F30EDE000108FB06FCFEFEFDF3FDFBF4FC0302010204F2FBF50309FFFCFFF500FE0C0A0A0E05E9FEF90609F80405EEF8FD020303FE0AFE16FEFFFDFEF6FB07ECF308FFFF07FB0A03F6FD0004080FF902FEFEF70A09030A0910F80E000E11060DF505FDFF0402090C0FF708F6F2FDF505F5010706F90606040704FDFAFF00FBF7FAFF0D0A0110010201FAFAFB1706FE0203FD03F6F5FCF8F20D021205FD050BF6F1F10205040BFEF3FCFBFEF9FEF1FD0500F9F9000106EF08000908F4F8F0F4F8F90602FF0601F3ECFD04F6FE0C010202F4030001F900080704FB030108F9FDFEF8030602FE04070BF8F50713F8FAF102FB0DE6FC07FB04F707FC0E01EFF80B00FC05FAFEFDFCFDF703FF0706F8EE0308FAFDF501FF02FCFDFFF2F5020B0B10010D000A0A01FEFDFD02F60205FAFFF109FA0804FB040F02050012F603FEFC06000FFF01F8000A0613FD0BFAF6FDF806ECFD09F20000F2F8FFFEFD14FFFCFDFE16050C03FC030D0811FD16FE12FFFF140CFEF2FA0806F205FD08EBF2020905F9F2F9090601060300FFF9FA14FA0B05F4FEFD08FE0D0A0003FE07F7FBF8F7FCF502F70204110C1101F601FDF1080D02FF06000403FAF90701040AF0FB0103F5F903F4F0F510F5FEEF0A0107F505FF0401FCFD05FD030B060FF9F602FCF8EBFE06010DF70DFDFA06FDFDFDFA04FD00FB08FAFF090108FB05F00C0BF700FB04FD05F6FEF2F80608FC03FEF7F7020B050FF60EEF0600F7F50A0C0305F7F6FBF3FD06FB06FAFF0012FB0602FF0705F700FB06FF09FD040206F202F401FF07030105F8F305000E04FFF7F8F804FA04F70006FA0BFEFBF8FDFFEF08FBFE02ED03020BF506F7FC03070400020E0608FE04E9FB0106FCFEECF902FE041700F6F605F6FF05FE00030404000D0500F8050200FBEF0AFF01FEFCF40604FEFD0A080008EFFAF7FC0607F9FE0106060108F4F7F3F004FAEDF7FD06F8EC03FD030E031108090A090301FEF60603FDF501060A06F9F9FBFDEE0D0805040902F403FBF901F8FA0602F602FAFEFC02050C0902030A030D0D08F30609F80CF70507FBF6FD08FEF7FEF909F6F90808F8FEF904000BF809FC01FC0C0DFB0AF20404F912FFF501F60A05F2030B0614FF030000FC0008F60C05F200FA070104FE0FFB090C0E0806F0FEFEF8010000FA0305090507F6FFFAFD0D020BF80511FB01160A03FA04F309F9FB0D0D0302FFFAFE05FEF901FD09F51201FF0F05130503F8F7FD02FAFAF903070D0BFD0D0C0605EB07060909FE0D0CF500FCFEFD1306010502FBF4FCFA100DF0FEF9030009020009040901F607F8FBFFF70CFD04020708FEF506FCFEFEFAF702FDF705030902F9FA01FF0110FCFB0702F9FA0BF70C0A02020B0705FB0000FB11FFF2F80BFEFA14F7F6030108080001F111030715FDED0A0B05FAF5F7FBF605FCFD0401F3FEE7F20007060E020503090608060306FA0DF4F202F4F2FD05010B0005F7F7FE05FBF50BFFFAF80707F706EDF8FDFEFAF3FF010905FE0B000909FB0AFFF801FA0D0C05F7E1090200030B00090BFA06FAFBFA0A03051201FB0600F4010F03F80B0AF1FCFFFEF101F704F4F201030214FBE0FCFFFE0CFEF2F5FB0B02FBF8FD02F5F2FA0405FEF60BF705FD00F909FEFFF301000902F510F000010001FBFBFDF0FFFD0E05FFFAF1F91304FE04FF0201FD0A06090305FA03F0FE01F6F802FBFFFFFB01F4FB0AEB080308F9F201FFF403FC0C0AFDEF0F010203EDF3FF09030606FFFCFE040101FB02FEF3FD06F6EF02F6FDFFFD0100FB12FDFEFFF604020F07050B0F1AFD0406F7FAFEF2F70F0A090BF108FFFA0402F2FEF7FDF9F5F500F9F5FF0F06F50A0204FBF6F70A06F707FD06FA03080306FDFB0905FEFA08F00B0FFF11010403040600FFFA02070202F30A03FBF1040C0F0008FBF904F70E02060A08FDFEF5F3F6FBF80807090AF6FBF7F601FCF41700F806FA0201FBFC0B0BFBFC08F1F401FAFE0D0406000407FA090505090BFD0B0507F4FD0A09F90408090AF8FCF40CFA0B0218FBFD0411FEFE1004FDF201F80213000509FF110CFA01FA0201F602060811F30900FEFBFFFCF10106080A081107F1FF0C0303F506F6F703030AFCFBFA0EFD02F4020102E805F90501030FF4FA0409020109F2080BFE01F91302FCF61803000CF4050BFBF5FA11FE03FC031402F8F0F802F9F6FA0D1508060605070AF406FDFBFA000C0A04F90003FBFA0E0007FF0000060600FCFF01FD0009FDFFFDFFF50D00FCF5F5F3061308F1FEFD060903FF03FCF7F2FEFF06010904F214F703FE0104000B0405FA06FBFDFE03F50202110EFEEF041205EA070607FB00F9FE03F8F7FCF60F0512FCF70200FDF804FD0702FF030804160803FD0C0906FE03F7FF070E0219F5FAFF05F20401F904FDF2FA050C00FDF102F4F60BF90CF307F9F6FCF5010BFA0601FFEE07FBFEFE15FEFA0CFFF5010DFE06F60700F6FB05F708ED1201FCEB0AFD01ECF7FDF5FC010300FE02FDFEF7F50803F4FC05110400E90211020901F705F606F802FC09FF0B0AF9F9F7FEFFFB0CFFFDF309FCFD03FD0F0FFD09FB02010CF30001FD0103FEF1FF08F8FDF3100AF908EA07070201FD050C03FA0D1104FBF7FB08F20EF9FF01FCFF080313F70001F8FD0B05FB11F7FD0109FE000DFCF603F8F80A02F905FFF80CF9050607F80204FE100000FF020B04FDFB0109FB1001F7FFF8EBF4F408FD0F0BF9030EFCF4FCF600FE030807FD04F8F3F8FB0A08EE050304020606FF03F80AF006F1FFF806170305FCF507F704F80A10F7FC01F900F602FCF8FB0009F10704FA0404FE0FF70400F000FFF701FAFD09030203070901FCECF206090109000B0FFE0A040203F7FA0BFBFF02F800F9F8F9FCFC0C0504F9010FF9FF08030504FE050104F8F813FBFE0B00FFFA050603100505070003FF0D020FFE01FB05EC12FDFEF009F4F4050BF6FDF20802FAFC020C02ECFE010602FE01FBEFFFFE06FC100EFEF6F6070AF9FC05FB05F701040909FD03F1FAF400FB07F908000A03EF01031005F511F9FEFBFC06050812EBFCF90103060516F8FBFAFEF9FD020AFE0A0C01FEFEFF05F40303EB07FD0106F9F601051206FE0E00FD03FD0E050C05F3FCF400F110F804FEFC0902080807F80CFAEF0A0F01EFF40D0305FBFF02020B040000F50706FD04FBFCFDFAFEF604FEF905FB0B08F6000C0E0700FFFB040209FD04F5F202030309FF02030D0A060B0404F0140201F7FEFE06F3030F06FD06F2FC04EFF6FDFA060407FCF30508070703EB03F9F70A010C0C020EFDF8FEFEFD0B0C0BF0FFF90714FB01F90FF60AFEFAF407FC0BEF1205F001FF0508FBF0F5FCFFFD04FBF9FE00FA0A090E0CFAF7F3FF0200020905F8FF050CFFFCF8FBFE110200FB060AEEFE15FD0BFB09070FFEFC12EEF80D06FD0108FB0805FA02FA110A0607FFECFA00F904F3FF06FB0C08050A000AF212FFFEF5F50204120305F803F5010508FCF80202F90F02F81705000007FB07FB120300FF07F7FA01F9FD0A0212F8FAFCF7FBF40705FB0B070204FAFFFEFC04020D08F5F70C04100FF9FCFDFBF7FFF3000A0800ED02000A0304FFFB00F7F80A0706070115FFFA01FAFAFBFD01F8FBFD02020204010AFDF703FDF2F10801FBF8F9FCFDF7FEFB12FC06FD0AEBF6F600FA0BFBFE06FFFEF9F9F3FD0701F3FF080CED10F500FC01F4090E050407010903040807060404F8F5FB05FFF1090CF0080BFDF30903F9F804FBEC00F60201F50302F6FF07060807F4EC05F8FE060DF8E208F300FDFCFDFEEB08F4090104F50106040E0B0D031608FDFF0E09F80DFE05F603FD10F705F9FB0609FCFA02030C03F806F806060506030807FE0107060005FA0EF81108F6EF0C06FC04F707FC04F202F7F60B0307F3030306080EFF0B0BF8F9FF0106FF07060104FE0A00F00204F9FE100708FCFCFDF002F4FAF6FE02FF07F30B08FE0E0CFAFA09FEFE0508100CFB0C030F0306FDF9010FFA03F6FDFA08F605FA08FFFDF407FCFF0600F416FB07FA0206FAFA03FA0507F3070E03100BFA01F602000C090004FCF6F30FFAF2FAF804F8FD00FE06060601030307060002000105FD04F608FF0101F90AF6100900FA0500F601F70909FDF1070C09FC02F4FC0805090DF10BF9010F05FBFB130DF20106F104F202FF06FCF1130CF8BC708C44E3D8A298F708196BC66F75F91732E5AF062775A9ACA36CE2DA64BCF62CAA4F63293C7A8F894856E9F263EB9CA4A0648141B4B0EA3A2D3364C36A83");
-        int smlen = 6209;
-        byte[] sm = Hex.decode("3FB2759E1BCA07730566D4FBBF3FC19A39C68F190095789EC555884EE97E9ACDB09109C5A9CA96658603D63A5A23C9D8DB7D8C54D07738E958BDA1E631ADED4329AE16B183374E1C3976DF1EC94BC79B773E8569973EDA418AC903B534A83B8B2F7CF7856ECED63F2626530EBBE3D22A734B457F2B1F168225753A0F3B030251CE7F414740D707D10A65BA6F7464E0291749AB9CC694A81CF54AB8AA21F3687D197FD3AD1EB37EAB1A19A67B1C396BC480B2CA19D650FCD9335FF245863787275540D7D1F5FCB278C558AD6CF15C154073A846B51754D45A2439FC08382E93CB657E1CFD3B3DEE5394C5F81513041A356D2EB938CF196B1B4BF96186ED75697745A3304BFA7ED23F77DFEBEC60A2C2441EE6B695CD17E2166956CACA25B09DE505187CBA23F62D86D0871BD6B8FD2D116743110DA3386A7401DAEF39506C9091B5D32675660A7380C5E837FB7206604C1A4931B8D6D452C5F4095EC1B7EF0CD11710DCB6A18749B788079AB1902135B62280D928167559696A3A2EAEFADE345F91D8CE49EBB109CC926C28077AB5B1B9BA946D929C2BB969061829A6E58A0FA5B168F5A1A7722CDF9A23CD75946CFAD9D624F4DB6A47C78EDA05EDBFE164F6FCB4C32BED70FC7D04BEAD5392F26ACF330B99A9A4140B5ACD0F215A16CC463F6BC4B7BD5D81B51F98C586E58C68BE97ADA48CED599933F2CDD994B9B52B3D93C44D9ACA191FDC0FD894C8AFD58B05D73432D6A90991FA87089B68D7CD7D1B136F7E3BF0FD266F82D13B1E456FBB6E29DF3D330E2D9440AC0AB5805C524463EDCA6D27ACB13B1B4F0881FF3A5A19E2D512A84192FDEA959FB87A555610DD44497EF3AAE91D075EECF7945FC2B8FC531B53FCD236687D05457999E1B3510D92FA433205E4E42E5B474E2FE7EAFD88BCD3375DAEDA0FAE4D40A63E09F2C99CD9620279BD1C34A8AD5B014CE8898B17AB33C1BD311CBF3CA6EBE0C9217AE3D09D978C0A8A41FC558A8D31BF37FEF59D1F46575CCEEA07F500E1CD85CD00FC20B449892E9C463C60342F526CA6F25F6291DC72330B5DA6C24CBC0CC75D8146CCFBD1FA47D36250EE5113BD9A54846E40FCDE4CF33E38328B48BCA3953C99495AB14B5AE2ADAE893181B1AD49EFF63D3A432DAA67572006A4001179363EAAA1701FF939D69FAA27EBD7BF71DA1029C84B4980251ED9C19AE67591AC719D2038D39BBF95B29B217A95CE10DDADF65CCD90A6BE492CFE0345D5AB3BA26F44846E96E330E853D68132B6F5B1B8913C02997551E55EF4A2C48B0EED24060FD549087E85ABDFADFB35B13D9A44EC677818EC64CF1446EB9F012160E5998272993377D8B751F87F8F370D904642EE9AEAEECF498ABEFD14FDFF1DB90C41401FC4F6DF93429A944ED1F90D834D7C5FBE5651FE291488605872926ED853C0B23E958DF376C75AE1909BCE043EA6AC3B035ED0350C07DE7749F7181E2DB5C5A4CFF983634AC34A4D416CBECAB4BC40C96EE2AB20A513E865B792F2BFCCDE4F9107CB9887F3FA77F4FA9D625EB32FB856036768F6E89424345BEC0CE938D71C37DE7C0CC130957C15D06E764D819AEB5E05328C50BBF7B01EA9F2952D5861705FE66A8EF3F22295C408259901ADF5E675A9D72125467B18C75A0CA5C84BE77E8A678FCB1A98EFD90496527B509CEE1DF01B1C535273B109E5ED1F8C6012EB79C7F5F5B9412A4F7DE6FFDE45F10F79BF1135A370C953BEF71EECBA75718A56441049B8C306E371B02250B179ADC42B9DC0963C9D6F991F66AFAF05B7ADFE8FFA71E8FF3BF14B08550A8499F543A8FA45C4BEF6D4635EAF889652E4EC4E24B7343C48F32C61C661291747B6FF99057C797B7FE93A58FC219D44C3973E1C11973F8CC00A29EB43235E0B9DE326F134FA55CFEF1B7D1AA00FFFCD8A3F9AFA1127EDD97C5D20D642203F65D5C5151AE773B3683ECE96726CC61C13997CC8C8F291D77779686E33BC09EEA6B8739122D2B90B78022F368B01833D94ECB2091BB45A45AA7784603502B1C54657F8A7F6E122C7B46393A466933BD806FB4411288DCABEA5E2788AB0C088AC9A45C587C087CA9FD4C131969BC9F2025DB8FA4484CBEF0C6C7D887FC22599C28593DC8D586ED81D38D35249D7E01FF6DB898CEE78B6214EF2C215B76E55FB0A65CA3EBBB5586F4255AA2BD802C5E2B60A6051B5C4BFDB48C4520290F2FB1BD5A6D156CA375C1E700765F9923ACA126D41CDBA2F2DF339D143870CDC2964B20483154EB8E8D59651C17FA7898176073DD353B629D327BA130F2E56A9594D177A1EE82847BA8F8AFDC669F7BE160F1EA6C6EFB747D9BAB0AC58DCDC8D33B5F7BAABE5274DD7D4B5AA439C713615D4B255814A5D2AF44D5382264F3F9F48872A38D36D1F15C90FB768C9B690EC989FF28CC135D29330D84EA33EB173271DDF8F5DF885076251370F59AC0E4DEEF640D5C04ECE8778C1D8F839462C5504916CBF555167836076C88A848903B3779E007745F3CCC8282CC526306DD63492F0A004A99821D1BBC065A255F4FDCF426BF97CF9933DA6A79B577919F7605446A25CB549A3057785522EF5A56E3288D42D714163F16A36EBC6607779691C7A1E5C420E24A64299AA03930DE872575A18A0D004CE7CCBE85BE4227F2146E176F0B0689BF51988ACAC366444E2281B5A81FA505E01223818185BE05074AF0C94C4B99F1AE6CB4033487DB1EA46B3A59A1B840845570F468F6E8BE1CEC813148FC421A4A62BEC0D8CE9DBE73AC17D44FE36C93DDCAB402EDB129BAA93795AE54608169F58BD8D115EC6392DBC2BEF8BBFB820827E76B266F480D4E7229B4119C35AE0AE1F222DAD22DD9CB3DBC76D80722F74E6BA87C7918BF33811850F3C9300E0FC880B889CD3EF2C3E2D63B21AB7A05867B460D7B96050BA8F812B79B29851CE5EA92202BB553972EB1ED8CB82289987EF0B314D2E787DDE3CAD96238D7BD182CC404F8B19F3FD4AA55C75DFEAFBF6228A37B72CF57152B4CF7A65872ECAACA21FAC42849BD2D1A5812196AC6A52EB51709710AE1BE2345465DD98D42135BDF67C1A022A338F4E60686746B62B2624FCA52A46DBE515714A2C8E9CF76B14D2A7FA3A734D27657DE99C8A0A5883A1A9ACD6568A0F5926E93AF2017CCF8623C7363CB52390A93FD1143C575AD3B35EEC387321EC87B93C16FF30DC8848DAD229B0CC561F75F64D948A0CD82AC62DDE0AB9DD13973E9B6A19DEC429620A6BD52F0203820F3D2DB2369D121A093E64071E926919BB8B7BB0C3E58EDD9A69F5ED8A1C7210290BFADCE31284BB69C5F02B5E8D13F19E159FF334DFC5AC94798E1C87230424AD32FAC495299F357F74D914FBA9349F0D26491444C5A7B2F0388ED098A182122BA1C1A8FB751C52376E4385449B06F92C3005EF39BDB758AB542F7B3BA43A9D6D3B1B88977712E0A8F08C898AF5DEA1DD4E83BFB763DCDDFD34EF33E208F98AF8F90AC173ADDAC9E701B3F014560A1D029598D91C6A5715A4102F2162B8FA44A4B9F002E0E1C8D2C5906745708648A690B8CA89E6ECDF1BA155EF1D256305D94D790A856C79E39A22470824AD09A52F96D15CA3B0C09D19CE23C7880D774AC00D59C3009183163FC98FF74F99E03A550283A8D300E1C618678E2F8EC2D69B15E822571ED7A5F35D6FCBE5AEEDB56FFB6352D60434CCA2C5DBA90E82AD9298FB1369A06A1FE93098C86AAEDBF846F59A3390845B8EDD2FB8D08622AF52DFF43F1918EFCE00D5184BC19D4C782027248DCD875EC1B9BDBFDC7DE08A92E4838AE7871B897D9F5BD23256B9686CB001B5B2DBE7D79B2094E2B26C103C38E81F51A75DB8871A6AD28AB5AADF94BECF43D928B155FD4900A3F0F2332B992C0091B8B21D8609BFE9A1EA84313ACB83ADBC8478320BEBEDA9AEF0BC1A9B3FC4BCEEC226D13AE4A5163DEA4D019B148EF98285717AC45A935CB71B103FFFD9B6739CF1916AF5F3D61AC37CD9584DB4A2F9A24D38F61B83232DD33680DC30C32CFB9DBA27A6BA2BB8B2159F3EDA7F37402212755225CD99CC1A37A99F2413A4C57D1A73D9BA1DD02E310DAD355A14FD01A3EED8F73008607775AF0A5BE621EC16F2111A5148F977E9F79460450CC21AC5FCD8EB04BBA536385563D288BF592D3ED7BFA3A12CD9F914CD0C35770A4A928705D25E13AB4A05C437E009595B14381A5E215870EB468B06607F30FD88CACD1C11478BAB4372B9438AE4DB6C606941BCE98322E0FDCF59009DFC5E7A4C483B00DDF2386A236272DBA0D8064F27B7C1BE90DA8B592CEA17EB33ABD5A7E19DD69A805A6AEB6773D0E8CF6450C3C2FE55E0B7180CDD8863106D75431482BDF9C182977B91330B0F0ABF796D5348CD84FE0036E52860F7801ECD8EA9E69784994D425CD5ED09A63251835A233ECA4CA9B9AF6CF154AE4465EBF089F19D32024AA2C144DA004F84A7A6F22C3D71600245AFF5F1E5A1D9D5CF24FCFC0228A534E9E6447CE7DDEBD8DCCAB3BC0933DB333A39031EEA2EF6B81A9BB34A7F67554FDFCA8048FCD97E76CC082A93FC4F98D32910B895682D1FB3F5E97E463131F56364283ECF2AE029149B9CB73817AEECA497360C23ADCE8111D86E2C7005ADD2C8C0503A99DC91D30F9D20866C17E296649B161416C181F136608A05434074D567CDE728F7B31B60B97C04055698E108E6A2A65A77EDBFBB2F05AEABABF166B6DF25DC3A70062050C779CBBA550A62F021CD6222165082EC37858901D0A46C815579AA998EEBF4B3387B6BD71B0F16EF5B68CBC6A47E1A3DE015331953F3D3510385F1E048ECB84E7EF929142225DF16234EBD672B686D297E5A9168C6F97EF6C97501D4E086E9D73D1994D3C38C912691D8F0E00E0E2F0CD95B42F3F70194E3183BF9537188D1105D44839F7F3EDAB0E10232DAA9FC673D6071F3589095B6C392A766F0DC9D9B8DD563B1EB82076CBBB7C5636C516D3F200A3B43D384E79042E936E51C3D1A4D3F621CF738EE51D6D29F22D658E2370410E841A5CA7C3122AC26BF26730AEC0B23D8CDB46B6F3E0C4EF15410B15D83BCDF67BF2AD9EDBBC3890F70670FBFF86A4645A58F1EB5C49C8F6973CFEE2E1E38879F59D1740172A52744BCD839CACAC94BC3DBDA37A97A2FBDAD6AE0CCDF080B57CDE454092D763A1020E176515075DCC37148AEDAC1C7BA090B12DBA260F08F04C689661EB926716ADF5FB7159822E226BD3DE2EBEE1F98685CBD99CCFB09A6C9FBFBE377A122FDC01B9B7FD82F759129A6D0B0FCC9E8AD566A19FA04C12B95C4154E35215F5F11255493AFD5E66B73D4E0572F01454D1848A13BC0A9374BDC90994B0004D9D2EAC8FB506E7CD764A1B2A9016BEDDBFB987741FB68265E5B05CDFA46A4A7A1BC25ABFEF37118CE8118BCF92F32C433E5252D8DFC195D4CE5699A2CDC1612EAA171423E6299F86C2A976DB4C1E421E140BFEE8406DC649C57FE27A77CAF3481B8687DB07F9921790AB5D502CED457C3538E688F143A69175A535101E1DEE82C5E39A579DA178CE233105BA5275E27E79441548D9E0F70CBEC5C7E179D6FD8E167F90C3A79D964CC23CFE18D6BC300753961BAEF0EC6AEDDDCFB1760B6DB3D0B667B8E120CD3F867017507783F223106CA7753D94BC60E65538589FA87807F7AB8791C1957C9510A9FBB91D513DE0ED7166155E911A5622A6A49DCF1DE3DEA4072E5DA75583B6EFE781FBFE31F7AE50F4FB8897586B8078144CAE9842CEDA34EB9E0B996E3CA46F11BCCA46ECB81DFB191236046294BB0120ADFDA2EC0DBB7D4CC6353BE9E64FD668710B1CCD305349C0B7877566E3DDC4E21985FA6000229004DFEA9F39421476A5E33C9163CDAE4C7676B1097E48C70DCBD4B39CE4AAC3ACFE73CE9C0D826B8A61CCA0DD2340C860E57496A1915BF065AA6557E26A151603D31CA94410E6C3E6D5AC80FF6F71DAE371D020CEBFB58EC73017C8D2D6D6221598678D752DBBA95113CDF71848D2E05D22613451627456A96D15BD277EE04884F3F296B0DC5314EBA22356CE09D4C0BB7246419D8674E4D10EF64B3F057D95E70BF1086ADDB100453D81E19939BB18AAC1343FABE39E308284A8D6A38BE238B6E0503A504727AC20B48A2C26C130E7A9678BEF07A1828ADDAB90740526F99C11D3217E001172CDD33D6D6E949A8ECB963C0A5283189AE8C98B21933FF691931758E842977A4F3F337252105CF22AD836F91E4FE5CE97FE4CE59EBCC4DA2A56D9413BD356BF65EF6FB2CA2201EB31BA56D717D2F9C038BFA76A52610AEA57D45500A1408AA8876AFF585A2FF309C3EC852B9568AE1CF9D97635759932E61D61DD6E67402912EC538BD0DF9D0BF25C862C91E301AC499E64C061FC14E89EC361A10FA0C85132BCEE7AF028C663BE3B0E12EAC52F691FB66E58E34EF2AF4C5A9DB0A0AB01DA372E39BB824F9D6AF847DF6A08F680B4F99466D6E6F404F0B92210D641375ECBC0C10A38DD1CF449A75BF2420A294EECD649013E160D793A247D1649E03A535292ED3D88EF7901DC845CD9703BF0948DB61C08EA89C33A3DA436874AD22ABEC43A5F2896833E15B3102A66E2A7D69D272FFFD4CC8979B9733718B95B605166DBE16ED1FD1C5CB2571E7D9FEAB2BAF693448C1E9613E8FBB25E05E2838390F3D9D2CA88D4B1739AEF4039A168E908D245ED38CA96F98569FFEA949946B76BF6F1DCA0B866CF0AE157314A28B76654EFECBABBA1C58ACB48E61587B42DE0F5BF8D5A3DB6C2E1D1632894D940CF10F71390B1DE07A4DEC38EA93A67439361E71FD8149D26DD8A21E9B98DA1FCC014052D0FF54DA3B2A335D0122FAA1332B193043A9119BAB7BC8F3209812B5280625C44ADBCB92907B6C387E0BDB1B9EDC0377C03E305C7333897588C2EFDDDC82E95ACAA329839EAE514F8E8A46A9126847933E73820922CF62528DB950EAF940F72A7383A486F5E210120987173A75A7D1B12097287F9146735A7BA110E22BE8B2FE720B2DA6CD8D59C8A32E5B43BCB9B42B78103BA2C25C13693AD4F2CF49A93D4B543AD7E4BE7E7304074E906D114E77C9448A8318E71F67C3C5A3B3379B40D44D9D1740C8D5003B03AA614099CB77B97A1B121DE9F75A69CCE3B7F1A2AF7B2B7702919F45544F778D5DFB9B7DB1C5AD98B36ECF231300178EF1154F4B93CE197815F6C5D2C3A3EC2A3E6F9FCC360B47D5A362BF4A41982ADE9C1377EE1162A9ADA02B966F502931045537D5CFA700C5EE0B818C8B280CDC07B1C34046A908D31CAE7681AB7A59AC371326211C170E9240B4B00222F628ED734ED39D5D0A4D1D4937202F82A531B94084FFB7033595460B41C5DC021D955C8EBDD8787140F60FFA21BFE680234BF5EE2F3F998FD9662A657BABDF4FE4A3191D7456B928BA2C0F08596015B803CE938522A88B44292223DA54BB1A0318ED439C5E0B1513AF667D1AEB8A0228AACDADDB02F689CD43FD15B8B10B12359EB83936F9191BD4671A3EF7F5998B70EBE29E551CBC4EEB214DD776AB62B20D1DB533CB2621AC0D00D88BE1E21243DCEAA1494EBD581992F6F9171B9FEBE919DA5B61A99D2D5C3A23EB447EAD4857F217CE80CC5765E014B851CDB56518160B69C56F4A1FB9542792390FF4DF407E1BE94408A2C856DAF3F95EF4E1D3CDFCD5ADC8F9BFC95F5D7A9AF8835DF3205FD81BCBB06DC10A72E57855DF16794F3B0F0EC83B36922267755777517875390D7E5520D46610B5008ECE82C08E20888C4785A1CADA07E929E1324EF710D48212B739EB5276A4C895C46BE8A405332DF93E93BED6C2075261F90DB4ABA03B4F7884B663268AE18C11479098611FCB7B0F9645E315819995DF3F3A45221A6DB71874A0585A197A01E67CBC85DB02A4B3ED2BEEE43031E7065BEB838C601BF2B161633BC9C04B506564E5DF517F1445140029665EFB724F5F5D88FF654AB18A6D65AB04E3F36720A26E4D9676148020D634FF0B74DCC828394F9AFCE7C8443097A0091FE8255F03D5A9B5AA00FE9E6056B11BB772AA6361C51938447B57F3195081483AA1DF6B5A71D050AAD3C855A770A1636019DB9EE75875D542848A285140B1B7FE054B4FFC719CAAA3B21FC5BE4B92F45D7A99254733303DDDA18AB271CCB2DACA27B600CB5CA50E857070CDB657FE559B21CFB3C596B24727501707B64A657E3B46FF1DA18842E0227C02261F88EBA6F9502856752D5D5B6208FE660645860E42A32786C3E54E8AF6DCD3E9ADB76BC0200A4A17B1CD89815301AC45EA3070EA99FEFA310B7FDBCFBE817EF28A04F44A76B38015A27985E5D9D706997C1DF67CCAC869D4FC9972AF47FE2908C3B1349728796903DA78F67562D693418345E041FC6F9E3A991299EC387C53CA9DDC0428001216637F92AA19BED77CAEBBC2BD3972AF5B07FADF92F54E82210ADFD3623939BDEB5D5BDB019D89A1EBDDD98C1B1D6BDD854EBB594516183B32C24F4C8DF07943CE77857AA0F10D27D3FF0DEDE7026F924E34153F9741CB2D7394401B20BCC53965ABDD26881FD3CF2AC83825E1DC1D1402F679BA8AC57737EDF7FE7860580424559DFD9042C88DFDE010943F3C3BFF61283143C46BA1E85CDE3284AE526CD5DEA7A401F07AF0A88586C599FF640B4B9C4C601E650D7E9E4092A940F9E4771084112F8D8A7FA8E5DC43DF8214242AB81E8FB5A097F80E01C9B436C125DD616FF680DBB16A24F90F45A42CC1A05111E062348D14C1EFFAD81C4D8D734FCBFBEADE3D3F8A039FAA2A2C9957E835AD55B22E75BF57BB556AC8");
-
-        doTestKAT(PQCObjectIdentifiers.qTESLA_p_III, pk, sk, seed, msg, sm);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/RainbowSignatureTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/RainbowSignatureTest.java
deleted file mode 100644
index 6290a84..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/RainbowSignatureTest.java
+++ /dev/null

@@ -1,367 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.test;
-
-import java.io.File;
-import java.io.FileInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.Signature;
-import java.security.spec.AlgorithmParameterSpec;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-import java.util.Random;
-
-import junit.framework.TestCase;
-import org.bouncycastle.pqc.jcajce.provider.BouncyCastlePQCProvider;
-import org.bouncycastle.pqc.jcajce.spec.RainbowParameterSpec;
-import org.bouncycastle.util.encoders.Hex;
-
-/**
- * Test cases for the use of Rainbow with the BCPQC provider.
- */
-public class RainbowSignatureTest
-    extends TestCase
-{
-
-    protected KeyPairGenerator kpg;
-
-    protected Signature sig;
-
-    private Signature sigVerify;
-
-    private KeyPair keyPair;
-
-    private PublicKey pubKey;
-
-    private PrivateKey privKey;
-
-    private byte[] mBytes;
-
-    private byte[] sigBytes;
-
-    private boolean valid;
-
-    Random rand = new Random();
-
-    private KeyFactory kf;
-
-
-    public void setUp()
-    {
-        if (Security.getProvider(BouncyCastlePQCProvider.PROVIDER_NAME) == null)
-        {
-            Security.addProvider(new BouncyCastlePQCProvider());
-        }
-    }
-
-    /**
-     * Test signature generation and verification
-     *
-     * @param numPassesKPG    the number of key pair generation passes
-     * @param numPassesSigVer the number of sign/verify passes
-     * @param kpgParams       the parameters for the key pair generator
-     */
-    protected final void performSignVerifyTest(int numPassesKPG,
-                                               int numPassesSigVer, AlgorithmParameterSpec kpgParams)
-        throws Exception
-    {
-        this.performSignVerifyTest(numPassesKPG, numPassesSigVer,
-            kpgParams, 100);
-    }
-
-    /**
-     * Test signature generation and verification
-     *
-     * @param numPassesKPG    the number of key pair generation passes
-     * @param numPassesSigVer the number of sign/verify passes
-     * @param kpgParams       the parameters for the key pair generator
-     * @param messageSize     length of the messages which are signed in bytes
-     */
-    protected final void performSignVerifyTest(int numPassesKPG,
-                                               int numPassesSigVer, AlgorithmParameterSpec kpgParams,
-                                               int messageSize)
-        throws Exception
-    {
-        // generate new signature instance for verification
-        //            sigVerify = (Signature) sig.getClass().newInstance();
-        sigVerify = Signature.getInstance("SHA384withRainbow", "BCPQC");
-
-        for (int j = 0; j < numPassesKPG; j++)
-        {
-            // generate key pair
-            if (kpgParams != null)
-            {
-                kpg.initialize(kpgParams);
-            }
-            keyPair = kpg.genKeyPair();
-            pubKey = keyPair.getPublic();
-            privKey = keyPair.getPrivate();
-
-            // initialize signature instances
-            sig.initSign(privKey);
-            sigVerify.initVerify(pubKey);
-
-            for (int k = 1; k <= numPassesSigVer; k++)
-            {
-                // generate random message
-                mBytes = new byte[messageSize];
-                rand.nextBytes(mBytes);
-
-                // sign
-                sig.update(mBytes);
-                sigBytes = sig.sign();
-
-                // verify
-                sigVerify.update(mBytes);
-                valid = sigVerify.verify(sigBytes);
-
-                // compare
-                assertTrue(
-                    "Signature generation and verification test failed.\n"
-                        + "Message: \""
-                        + new String(Hex.encode(mBytes)) + "\"\n"
-                        + privKey + "\n" + pubKey, valid);
-            }
-        }
-    }
-
-    /**
-     * Test signature generation and verification
-     *
-     * @param numPassesKPG    the number of key pair generation passes
-     * @param numPassesSigVer the number of sign/verify passes
-     * @param keySize         the key size for the key pair generator
-     */
-    protected final void performSignVerifyTest(int numPassesKPG,
-                                               int numPassesSigVer, int keySize)
-        throws Exception
-    {
-        for (int j = 0; j < numPassesKPG; j++)
-        {
-            // generate key pair
-
-            kpg.initialize(keySize);
-            keyPair = kpg.genKeyPair();
-            pubKey = keyPair.getPublic();
-            //writeKey("RainbowPubKey", pubKey);
-            privKey = keyPair.getPrivate();
-            // it causes errors! cause RainbowParameters will be null
-            //pubKey = getPublicKey("RainbowPubKey");
-
-            // initialize signature instances
-            sig.initSign(privKey, new SecureRandom());
-            sigVerify.initVerify(pubKey);
-
-            for (int k = 1; k <= numPassesSigVer; k++)
-            {
-                // generate random message
-                final int messageSize = 100;
-                mBytes = new byte[messageSize];
-                rand.nextBytes(mBytes);
-
-                sig.update(mBytes, 0, mBytes.length);
-                sigBytes = sig.sign();
-
-                // verify
-                sigVerify.update(mBytes, 0, mBytes.length);
-                valid = sigVerify.verify(sigBytes);
-
-                // compare
-                assertTrue(
-                    "Signature generation and verification test failed.\n"
-                        + "Message: \""
-                        + new String(Hex.encode(mBytes)) + "\"\n"
-                        + privKey + "\n" + pubKey, valid);
-            }
-        }
-
-    }
-
-    /**
-     * Using ParameterSpecs to initialize the key pair generator without initialization.
-     */
-
-    public void testRainbowWithSHA224()
-        throws Exception
-    {
-        kpg = KeyPairGenerator.getInstance("Rainbow", BouncyCastlePQCProvider.PROVIDER_NAME);
-        sig = Signature.getInstance("SHA224WITHRainbow", BouncyCastlePQCProvider.PROVIDER_NAME);
-        sigVerify = Signature.getInstance("SHA224WITHRainbow", BouncyCastlePQCProvider.PROVIDER_NAME);
-        performSignVerifyTest(1, 1, 28);
-    }
-
-    public void testRainbowithSHA256()
-        throws Exception
-    {
-        kpg = KeyPairGenerator.getInstance("Rainbow");
-        sig = Signature.getInstance("SHA256WITHRainbow");
-        sigVerify = Signature.getInstance("SHA256WITHRainbow");
-        performSignVerifyTest(1, 1, 32);
-    }
-
-    public void testRainbowWithSHA384()
-        throws Exception
-    {
-        kpg = KeyPairGenerator.getInstance("Rainbow");
-        sig = Signature.getInstance("SHA384WITHRainbow");
-        sigVerify = Signature.getInstance("SHA384WITHRainbow");
-        performSignVerifyTest(1, 1, 48);
-    }
-
-    public void testRainbowWithSHA512()
-        throws Exception
-    {
-        kpg = KeyPairGenerator.getInstance("Rainbow");
-        sig = Signature.getInstance("SHA512WITHRainbow");
-        sigVerify = Signature.getInstance("SHA512WITHRainbow");
-        performSignVerifyTest(1, 1, 64);
-    }
-
-    public void test_KeyFactory()
-        throws Exception
-    {
-        kpg = KeyPairGenerator.getInstance("Rainbow");
-
-        KeyFactory kf = KeyFactory.getInstance("Rainbow");
-
-        AlgorithmParameterSpec specs = new RainbowParameterSpec();
-        try
-        {
-            kpg.initialize(specs);
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            e.printStackTrace();
-        }
-        // XXX
-        kpg.initialize(5);
-        keyPair = kpg.genKeyPair();
-        pubKey = keyPair.getPublic();
-        privKey = keyPair.getPrivate();
-
-        byte[] pubKeyBytes = pubKey.getEncoded();
-        X509EncodedKeySpec pubKeySpec = new X509EncodedKeySpec(pubKeyBytes);
-        PKCS8EncodedKeySpec privKeySpec = new PKCS8EncodedKeySpec(privKey.getEncoded());
-
-        PublicKey publicKeyKF = kf.generatePublic(pubKeySpec);
-
-        assertEquals(pubKey, publicKeyKF);
-        assertEquals(pubKey.hashCode(), publicKeyKF.hashCode());
-
-        PrivateKey privKeyKF = kf.generatePrivate(privKeySpec);
-
-        assertEquals(privKey, privKeyKF);
-        assertEquals(privKey.hashCode(), privKeyKF.hashCode());
-    }
-
-    public void testSignVerifyWithRandomParams()
-        throws Exception
-    {
-        kpg = KeyPairGenerator.getInstance("Rainbow");
-        sig = Signature.getInstance("SHA384WITHRainbow");
-        int[] vi;
-
-        for (int kgen = 1; kgen <= 10; kgen++)
-        {
-            vi = chooseRandomParams();
-            RainbowParameterSpec rbParams = new RainbowParameterSpec(vi);
-            performSignVerifyTest(1, 100, rbParams);
-        }
-    }
-
-
-    /**
-     * build up the set of vinegars per layer (vi)
-     *
-     * @return parameters vi
-     */
-    private int[] chooseRandomParams()
-    {
-        int n = rand.nextInt(10) + 2;
-        int[] vi = new int[n];
-
-        vi[0] = rand.nextInt(10) + 2;
-        for (int i = 1; i < n; i++)
-        {
-            vi[i] = vi[i - 1];
-            vi[i] += rand.nextInt(10) + 1;
-        }
-        return vi;
-    }
-
-    /*
-     public void testSignVerifyWithSpecialParams() throws Exception {
-         kpg = KeyPairGenerator.getInstance("RainbowWithSHA384");
-         sig = Signature.getInstance("SHA384WITHRainbow");
-         int[] vi = { 3, 20, 25, 30, 40, 60, 80, 100 };
-         performSignVerifyTest(10, 200, new RainbowParameterSpec(vi));
-     }
-     */
-
-    public void testSignVerifyWithDefaultParams()
-        throws Exception
-    {
-        kpg = KeyPairGenerator.getInstance("Rainbow");
-        sig = Signature.getInstance("SHA384WITHRainbow");
-        performSignVerifyTest(15, 100, new RainbowParameterSpec());
-    }
-
-    public PublicKey getPublicKey(String file)
-        throws Exception
-    {
-        kf = KeyFactory.getInstance("Rainbow");
-        byte[] pubKeyBytes = getBytesFromFile(new File(file));
-        X509EncodedKeySpec pubKeySpec = new X509EncodedKeySpec(pubKeyBytes);
-        return kf.generatePublic(pubKeySpec);
-    }
-
-
-    public byte[] getBytesFromFile(File file)
-        throws IOException
-    {
-        InputStream is = new FileInputStream(file);
-
-        // Get the size of the file
-        long length = file.length();
-
-        // You cannot create an array using a long type.
-        // It needs to be an int type.
-        // Before converting to an int type, check
-        // to ensure that file is not larger than Integer.MAX_VALUE.
-        if (length > Integer.MAX_VALUE)
-        {
-            // File is too large
-        }
-
-        // Create the byte array to hold the data
-        byte[] bytes = new byte[(int)length];
-
-        // Read in the bytes
-        int offset = 0;
-        int numRead = 0;
-        while (offset < bytes.length
-            && (numRead = is.read(bytes, offset, bytes.length - offset)) >= 0)
-        {
-            offset += numRead;
-        }
-
-        // Ensure all the bytes have been read in
-        if (offset < bytes.length)
-        {
-            throw new IOException("Could not completely read file " + file.getName());
-        }
-
-        // Close the input stream and return bytes
-        is.close();
-        return bytes;
-    }
-
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/Sphincs256KeyPairGeneratorTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/Sphincs256KeyPairGeneratorTest.java
deleted file mode 100644
index 428a533..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/Sphincs256KeyPairGeneratorTest.java
+++ /dev/null

@@ -1,40 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.test;
-
-import java.security.KeyFactory;
-import java.security.KeyPairGenerator;
-import java.security.SecureRandom;
-
-import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
-import org.bouncycastle.pqc.jcajce.spec.SPHINCS256KeyGenParameterSpec;
-
-
-/**
- * KeyFactory/KeyPairGenerator tests for SPHINCS-256 with the BCPQC provider.
- */
-public class Sphincs256KeyPairGeneratorTest
-    extends KeyPairGeneratorTest
-{
-
-    protected void setUp()
-    {
-        super.setUp();
-    }
-
-    public void testKeyFactory()
-        throws Exception
-    {
-        kf = KeyFactory.getInstance("SPHINCS256", "BCPQC");
-        kf = KeyFactory.getInstance(PQCObjectIdentifiers.newHope.getId(), "BCPQC");
-    }
-
-    public void testKeyPairEncoding()
-        throws Exception
-    {
-        kf = KeyFactory.getInstance("SPHINCS256", "BCPQC");
-
-        kpg = KeyPairGenerator.getInstance("SPHINCS256", "BCPQC");
-        kpg.initialize(new SPHINCS256KeyGenParameterSpec(SPHINCS256KeyGenParameterSpec.SHA512_256), new SecureRandom());
-        performKeyPairEncodingTest(kpg.generateKeyPair());
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/Sphincs256Test.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/Sphincs256Test.java
deleted file mode 100644
index 084bb0c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/Sphincs256Test.java
+++ /dev/null

@@ -1,1316 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.security.InvalidKeyException;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.Signature;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-
-import junit.framework.TestCase;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.pqc.asn1.SPHINCS256KeyParams;
-import org.bouncycastle.pqc.jcajce.interfaces.SPHINCSKey;
-import org.bouncycastle.pqc.jcajce.provider.BouncyCastlePQCProvider;
-import org.bouncycastle.pqc.jcajce.spec.SPHINCS256KeyGenParameterSpec;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Base64;
-
-/**
- * Test cases for the use of SPHINCS-256 with the BCPQC provider.
- */
-public class Sphincs256Test
-    extends TestCase
-{
-    // test vector courtesy the "Yawning Angel" GO implementation and the SUPERCOP reference implementation.
-    byte[] msg = Strings.toByteArray("Cthulhu Fthagn --What a wonderful phrase!Cthulhu Fthagn --Say it and you're crazed!");
-
-    byte[] expSha2Pub = Base64.decode(
-        "ICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6Ozw9Pj9AQUJDREVGR0hJSktMTU5PUFFSU1RVVldYWVpbXF1eX2BhYmNkZWZnaGlqa2xtbm9wcXJzdHV2d3h5"
-            + "ent8fX5/gIGCg4SFhoeIiYqLjI2Oj5CRkpOUlZaXmJmam5ydnp+goaKjpKWmp6ipqqusra6vsLGys7S1tre4ubq7vL2+v8DBwsPExcbHyMnKy8zNzs/Q0dLT"
-            + "1NXW19jZ2tvc3d7f4OHi4+Tl5ufo6err7O3u7/Dx8vP09fb3+Pn6+/z9/v8AAQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRobHB0eHyAhIiMkJSYnKCkqKywt"
-            + "Li8wMTIzNDU2Nzg5Ojs8PT4/QEFCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaW1xdXl9gYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXp7fH1+f4CBgoOEhYaH"
-            + "iImKi4yNjo+QkZKTlJWWl5iZmpucnZ6foKGio6SlpqeoqaqrrK2ur7CxsrO0tba3uLm6u7y9vr/AwcLDxMXGx8jJysvMzc7P0NHS09TV1tfY2drb3N3e3+Dh"
-            + "4uPk5ebn6Onq6+zt7u/w8fLz9PX29/j5+vv8/f7/AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4vMDEyMzQ1Njc4OTo7"
-            + "PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWltcXV5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKDhIWGh4iJiouMjY6PkJGSk5SV"
-            + "lpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+wsbKztLW2t7i5uru8vb6/wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd3t/g4eLj5OXm5+jp6uvs7e7v"
-            + "8PHy8/T19vf4+fr7/P3+/wABAgMEBQYHCAkKCwwNDg8QERITFBUWFxgZGhscHR4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6Ozw9Pj9AQUJDREVGR0hJ"
-            + "SktMTU5PUFFSU1RVVldYWVpbXF1eX2BhYmNkZWZnaGlqa2xtbm9wcXJzdHV2d3h5ent8fX5/gIGCg4SFhoeIiYqLjI2Oj5CRkpOUlZaXmJmam5ydnp+goaKj"
-            + "pKWmp6ipqqusra6vsLGys7S1tre4ubq7vL2+v8DBwsPExcbHyMnKy8zNzs/Q0dLT1NXW19jZ2tvc3d7f4OHi4+Tl5ufo6err7O3u7/Dx8vP09fb3+Pn6+/z9"
-            + "/v8AAQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRobHB0eH6oCyxVnw+pTAdU/b4PWLQU4M29Fe8TFHP+s9whN/N+Y");
-
-    byte[] expSha2Priv = Base64.decode(
-        "AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4vMDEyMzQ1Njc4OTo7PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZ"
-            + "WltcXV5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKDhIWGh4iJiouMjY6PkJGSk5SVlpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+wsbKz"
-            + "tLW2t7i5uru8vb6/wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd3t/g4eLj5OXm5+jp6uvs7e7v8PHy8/T19vf4+fr7/P3+/wABAgMEBQYHCAkKCwwN"
-            + "Dg8QERITFBUWFxgZGhscHR4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6Ozw9Pj9AQUJDREVGR0hJSktMTU5PUFFSU1RVVldYWVpbXF1eX2BhYmNkZWZn"
-            + "aGlqa2xtbm9wcXJzdHV2d3h5ent8fX5/gIGCg4SFhoeIiYqLjI2Oj5CRkpOUlZaXmJmam5ydnp+goaKjpKWmp6ipqqusra6vsLGys7S1tre4ubq7vL2+v8DB"
-            + "wsPExcbHyMnKy8zNzs/Q0dLT1NXW19jZ2tvc3d7f4OHi4+Tl5ufo6err7O3u7/Dx8vP09fb3+Pn6+/z9/v8AAQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRob"
-            + "HB0eHyAhIiMkJSYnKCkqKywtLi8wMTIzNDU2Nzg5Ojs8PT4/QEFCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaW1xdXl9gYWJjZGVmZ2hpamtsbW5vcHFyc3R1"
-            + "dnd4eXp7fH1+f4CBgoOEhYaHiImKi4yNjo+QkZKTlJWWl5iZmpucnZ6foKGio6SlpqeoqaqrrK2ur7CxsrO0tba3uLm6u7y9vr/AwcLDxMXGx8jJysvMzc7P"
-            + "0NHS09TV1tfY2drb3N3e3+Dh4uPk5ebn6Onq6+zt7u/w8fLz9PX29/j5+vv8/f7/AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygp"
-            + "KissLS4vMDEyMzQ1Njc4OTo7PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWltcXV5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKD"
-            + "hIWGh4iJiouMjY6PkJGSk5SVlpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+wsbKztLW2t7i5uru8vb6/wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd"
-            + "3t/g4eLj5OXm5+jp6uvs7e7v8PHy8/T19vf4+fr7/P3+/wABAgMEBQYHCAkKCwwNDg8QERITFBUWFxgZGhscHR4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY3"
-            + "ODk6Ozw9Pj8=");
-
-    // note this is different from the light weight one as a hash is applied to actual message before processing.
-    byte[] expSha2Sig = Base64.decode(
-        "dathxF/dDHwqwCyJtmDYgdv22uhQPwUmhL4/JnFqMv9RJuMM0HzYBk3S9BDna7vCUK3z7ycmFcofd33a+NwQr+6+n5D8nLMhkZxPUiWLErlR2ndAjRd5Jntb"
-            + "OSOocXUtfTwzTcTggAB3VZK/qPdMKtgFd7NsuV6zuxqVOt59+/FBvbK97RyFJ41kx3dVxZpFB2smQ0q7cGTT3QtkHuDfiK/MbtV26BWGUmZVjCZV2D70eJbH"
-            + "KwtUdSqqVQld3NXFazLuymbxIuNB/hrBq+2TcMYhI/Khd8OklSKtU5nPVZp8kWU81LqjyCEaE5b/kz6oQWqX05AnZ4NHOznnWSYZ3o81KjUHNuJrovI3FHpQ"
-            + "vicBilNvU5BlRh3EhketGxWdFHInPDUUoddzhVtqHDILNvexNH6FtSSYrqQG9710t3d6bmKEXqxq78f/ztdiw3qWK9BigxZIU+FGGmc8mgaiRi2BBjpU3zLa"
-            + "P/eZVm4BF3GGqf8jQdJVV6xv6fMdv1WlxocTB5guRcOu12US3xAmxy/A3G7rV1g6sWGtFqXn7OQsaTXXhcDaTxIYqX28YqZ2BGWDH66DpiAa7X9vTlXrRhjq"
-            + "hxv3ylvoZhbnSJd9xKwwZ0xC1hwNhLAsYZvBabzFMBwJQEu0iQenlR5sUZz2wqRPwaE0WMY5wylmEH2jopRMq0onzL+Yu6zyYySpXETuDIB/zCbUp5P0W3EK"
-            + "5FmGAHfrGCasU2PRCHiyclGvdlh2fdBmf/7b2ldpY9O0XOlo05lElgQIwD980iPalXLXUEf/I305Zzxg1ZtYTqTq1pjiUkMlrz4KB/73aEY9FW1LihvicyPq"
-            + "Q6V3/LCTkVkr2NJw9gZruDSh2YFiJ+k/r284nihkkphU569SiIoBXmqTzmlCPGDb3t4BN2sdxZVviV5K1nJgQT1h18+JqasXqYrV1D6QJy8YHhXPgDMYh51e"
-            + "iK2EesyiTwF81aETr3Sm6A/TwfCCuR6Rd+rg9u7shNV3anvu9BwgCPyS+786Pb5UsA89HDiRb2KxrWhnnDcdbcEA6qrKeRwfOWA/QCez/cRNWnGDToD7C8Q6"
-            + "QxEe3oHwFtocR4kUF32oz5TR4QqaF10xsUhJVNqjKdc0y8Xmk1cJwGujN2Rfv4dHAicNVFhjmVhehEmKE4tBQi/l49vSd1xBdl6mAbFOqbEeV1xqWB8nRYCq"
-            + "Ya2pPGmH/p76Je37nmMSm70Hu08fNJbwnnfWFzEWLNhmkdwdkfe495jiAa522v1p6VlExmoTdvJaqxN/4CJf0+erI1bbSKKddavpvj8IfUeO4++nCi9tmdHR"
-            + "GVRmdQWyuVN+q8qxIG9TlSuQSEydS6/iybXS4QOXgl5szEbfvCWj5EBGVmiOEv08hzEUEKrzpALZaAG/IgvzYVmE+TGECcmlmmYPLN6lmKyz6XAoOm6TlPgd"
-            + "W+8qnXykHK/kqsGca05VUdxt0CM+LmrNvF9UShptCe/zpUGr4V1gpPm9Ftu9yfE2l8zyT0y8j7uvfsLG1Jk+wuxG3M0oADdAHNomls4++Q4bcvwBfj+Xh4X8"
-            + "YzyE3Kgw1bv2Wmwxqco7m3QB7WLMVLgC7Rr+5m9y89dB+xab3PSZnZQZilw6egzr9I9vPYLLGZev2k/a7QIytGrina/6UnXfLgB4ZyGqObs8MFHqmoQfoacJ"
-            + "vfqlHvML3xP2NKbYL0m3PRAGaErBiNhTsmXuH2OgM2s9q3T0NqtehIk8qyKk73aRNPWBKQCvtAw28+r8uv1hlioCB0De4DedS9uOmbOjSWpOhIPylMSORPaP"
-            + "OsK2XRKma725b/3+tpxNkYenmMtzrtvcwGfV2Zkb69zd13daJQlDdAFHxYnvY1HiOATf6dXz5WPJ9rx41M7WO0Xy27VKY0W1WbryBoiZQMW+/7u2reh886Kz"
-            + "ksCPR/iTJm95j5onvxotj11Z7ylRKctgKcGeWJY+Hddd1pHbBaCzdDv0dDN7nTQDT04SGkDYP3JHxICn+s1rw6ppcbqcCMrR+bapdfasJaM5BMlNjTDSD37X"
-            + "Ly1qI1bYHBA+3NKv5AAtsFjaWzuCclY/h8Z68Ja9tmTSQ4GWEBc5BUb4ULJuuc57RPJHaumOsLiLJaxz2EIEDGYZhrjGIDIgKuCNkkHeLMDh3ZBqG/T9qgLu"
-            + "CzRKQ+3l5dGbgecS0qAhPF6dfkjIvAjbrmpdlLmQSX3ce7iDLDkS3S4WiPk6CHmPxwx39TsJQL5rO5nO3N9Pd+YUcnPLuo41ng3QEIppGDyMXPe9bJSYMH64"
-            + "VD86nUED7xyfOdPSS+DuWvbsOQ5k7GbSKJrsvPx7G7TE8UN3L0f7ckSYXiCujFtiMZjmcuQUGN1xyr2gCsSu0SVaj7GnO3Gjf3vT3SIBgSUOI3JZSVAavjyR"
-            + "W7C3Ks2504HM82bGm0Ucb+cAnxH1CKbeURmgvaiDJPsNN+MyI6HjD7vYywkrf+6Q8MQN+juo590F0FT6uBO3SVaygXmSm1aGWkVcnu26cKA5yb/ahbCAGlsq"
-            + "e6A5ToSds5Ef2j6XTBG/DbK9IBfQJt+PONr+pRB4irVMhumpjNC1KnGVBizNPAYc3IaHHHRgcWnPwT0Fk4587qPKrpzegJZDoBBaCErNg0khH2J5O0GxXo2v"
-            + "9fvLxS0LakfbdgY17mSLmm1V5+gYYohWwH+IJ3rlFXyr45fqctuGWmd87aH3QRjFzgSFf+V+Y3Z1SpZn7Y6gw3znt6DAwSCqDR4mztnzv3E93BXD9myylgiM"
-            + "wg6Y9sn2dDXVTPlY6+o3gcEDsJvTr/E5sDivXnzYPIm4uSPpMeweghCobagn1dIE8wJQ5J+LC//I1e1EXFjhOfP7LtM73QYproTysj6HJ/3lEXB1io/R8OkO"
-            + "WVfWhD8j+4tLjZye+U9De8vERj4syv7V0uiZ9jjslLv6y/f1tlLBmHOfppdJADAxsYzIdEIvFw01mwAP8T5n4wjf3iWRMK0t7Yblf7UvLQ0vbBYrXFJlELdi"
-            + "/mBTpEY1EKhmimKmitvqMinGK356jbwguptI0n3vdjrd7dko/ZBu3Y4tvjDJgS/O0n6ptrT892KLXSa2WbrKu5ixlFmm5JMdoti6SFSwXkRWd0m47gvZMi4I"
-            + "ufBTpbrtnam50FX3D0j2es8HHrvQ1PAQMJ2dCzkuiJ1Qi/RmlxyHkOUiigTkhDwl2vl4Ae3u7FcwZwpidDcogd8D/P8DfGNKS34OM3Sk4iPu9BCgTuGmgDK5"
-            + "MBNuDG6mEcwSU5mbRLq3DYPTqYoGvvTZ2+zcc6Klez0b1x6Kwq1I27IQg96hvcMomOie0eGElhCgWjbqlQ8iozcbopAumCy3x8DN2Hj4X1m+JypCfyziyklv"
-            + "mnTwSRHLxfRKBs2lyCGR6yWQsri2w/CjwD3wL3ymtCZbDu8dFJ8SfjToIbWHVHTEoppSMO7yPJNNtk8Lo1t5dxOP++FZLdYmui04PfXb64IZiQujGK4W4hwz"
-            + "YxmGDdPnZ+xaoG+63Bw253JkAcRUcjtdg/rC9jlcN519A6GwZWvXa+2piHPihsarECyrDaDi41tGhlVeqNnuSLi1l53TsoaarMey/wC7vdNyM5givbhNUIDH"
-            + "ClsFc0K25if9aJ/njo8kb7yxPb6DaM5EAQkmuxSSln41QcrNXEx3VooyA0gxaa6w6IWsPD5ykqiKsl42M15eKKbAjCgV6JT8MdiBW3hTb4L+DbzKhzq+CUs/"
-            + "iE4jVoVN58AYjjJiul0rB9oArzIH7c2r8AgOEpMCdx/LR2+/V+otIVl6937tFhz/gJosKhBM9Pe2Kx5KehS3WQay1fS2g2vnrXij5/bsvkB7dafXOZkXV8K3"
-            + "PxqimOdAMOmsAWDc7ZIj3O5egByUk3LY5hyjAMaSzTiSFC37Wq+Jwv5Z/TJ2rCCxULMcdkg5XMg6qblC6SDQ6PZLpPyV8ZgNswz+UVUSa55EceaZnv+QEcKu"
-            + "QhUi+AIVqIY1qgdjTvc/7guumKkJpJuufBPJUgHhCn+bTBpwupZj1+LRy+crUMiiXU+Uf54/XbJCgPEyjo7+EJdbHb3RKh32fCDKymfEI3Xu7Q1cU9InoPob"
-            + "SXOQ2d46q1mymP29E1doSc6Sjux2zIhOAbEb4SflINranSl4huKm5XFxS80GYGbazeWY+M8FZaxuyLh+N8SVyoZBQEFFbxoUwg+EL9/g2Dwa6QkpLJOFN5Dh"
-            + "9lY3CDwrSqUu/Z7KlTJuImqv4y1Flv5wwf08hxYxQXx9lGvRZKHILyEX3B8IwsVIUtGvTDMEO+nf44XHvWoGXmo8CFmIGZKDRKBvxWiFCttGMzLsAyqsXWtg"
-            + "KjzdpmGefMHsI0B1xkM1KA0GszHj6iBDfHrt75bMjGEHNYnKzo0ESDfa98c0b5SS0twrBZQpu02ohW7UhlAWdeGF3WGogbcaCIs3GOGksENgieLVzGhyZB1u"
-            + "l9SLO+iwTERnStJ0X/SKxpaRxYf51xTO9FNIys9mmTdPfl9hot+no3YFcM/b/1k6dt3Ms1L1AjHQCEJwreLwegcaRExd4E+PfBduh+rh4/BwA9QjQ0jruBc7"
-            + "InyFej/TjYLqUC79dDIOpxtQ1w0DPRkKaIXewRK0umCKwkNUGVo++G5peR7VMBMnkK8uFeUgZdrqp/IOmQ3FSDo3cDTW5tWYrFlxTKn1T+NIRlesuU2FUIri"
-            + "d8s9OOEGS4shjDq+jbJbCerjqKdV+3qWHCd2XYbfwLjorNdZPVgGKEKgLivLgW2Gbtqc2KSgtR+rF61xgmSQFEfuyqIy9t9HiPpWRGRPBn9ndrf3v1s2ksOB"
-            + "EuN2sV0ihNn/8DGdC5DFcdHPLSjCGZKturfPqg0MK5QJYbLOXolHjXq/TonralSXVtJ90mBfJHLx7FtYvZC35gIebSWcR9XKD5C37PC9Ng+HKPbhtL/73nOL"
-            + "QKLt0k3Sqvmv9qKcktWQY1ZoKxgFsCkFEG4Z2hq79rYQLgbWNlSk0KBDP4zRJUsUxHHx56O2zMqwk3+jrgaCtOOLLN+owDR90PmAVX3uVyaSkRcbxeqAVnnb"
-            + "lEFq2g8KLolAV4zyCVqbrVk5jSIy+XmKospOk9Nd5RLku6aSBR13fbcTfR0VyqOkNU+KFASzrWIA18iNopc4clHmDXGV7PSiacxb+oxCumYNYepKaifuwuGS"
-            + "KwcsVRAVPoYzXPvRu0q3+i72gNKSYsx7k+QHnxarVFhIXKWG4fKpohziH4RJzV5X+TKPKGgEQ9vzQjJr8ynDdC6hhJ0bc//5KPBbGmL2vnL/f9tymfB8Gjef"
-            + "I+Jeg6+doiqYGeTrhIE5Wn5ncIYLLT5VcfotGEqsgz+WsZ47z5PoG9CA/IWzDShltjxREs/gdsGN6SDUuy8qJOJ01GeZbiDVvw2e9oTfFUM/PANeFyRiAWLQ"
-            + "bXMHhcvTF49ExrkyCA3I+a/0zX+0xNguuPM2LW7i3HSJyWUAN6b28ITPXGmxTz+IRcg8dgStI3CmXeFbYzUSGZ9XkCfU7hnrc238dYJJcQMIbFYE7JnYj1UV"
-            + "B1YFb2VdSoht9eU67dbcltLRkS6+Era9x0rJlL83B4XdCdFvk/1JHT2tdUKpcg6URLdMC1MZyBuDnd12Qqipt/Jg30Md6v3ewACcujSEiRi5mz6EVQEsYekw"
-            + "/O6E2ZjJ7i7epYQe8m95Ew+Hll6AAiZIJOcAykZx2+WPm9WmpJx8Vwsc4P3NaSsOsJsb3TsMwJrG/EJYHMewlGU7JFVUw6Lif1ZE77Av3glNsw1nbFLzofeU"
-            + "/eiHQHuO8rk4BoEsuq+zBqgj8ItqqQJTDuTlYm1j5CCjKvl/eyS1gPDf0oJF6v7QU5yPiomJNMu1c/GAAKz8hnLi/ZQyM9ZrRqtzHjr71jg7WtjT50ppg0tw"
-            + "vVifJfrwAboWLjdvDEb92dN8o9YswhuYqSBg5pCWNwFk1Aa/kR4INyUzWkF3dw5i21VeCXsyQjoY2MwcGvGtSmLt7+ZyzjB/r5OUvG8LUbVjCcdVPlq5Tgpl"
-            + "4OwN4sqoGoeQKEUdB7vJ1wKodSUM7S6vBG4ohiwK62axclAi4d9P1NRn+6IkUBuFfVgQPZxnFl8YZfbyg4hBJ16QF3b4uxCtn+SuukMOgZ9CPRB2HXO6WoYs"
-            + "5TlYeAPhYHMhSMxqaL9lydH4eQcY669iq+MNmo3QL+we+9MNDbt/CfXp+jPuTnDAemWYsslseho8C+RSDWg6vCfzGiwjcfvq9yEpbX/4SaGbg1dMM/o7TIyO"
-            + "aMzsoqzvsCsljU7/Ee4Fh6l2lJ/Wgo/r2jbMhYks7SBThDjIGtqF5/IIezZjPxkPNX7csYIayQq2cagAWBvbgevGT+bSeBNWNeBCK7Jdq/0m8I3/f9iClaJR"
-            + "0PCNbbihYVUmP2Z2IuDhKIAQwdqZO8B+0/f6RH25WLhJ2s/8rTEtqHnvEDXmQFYBEzOVCdmSGKOMSjE5AuC56B0pgxMz1PNit/lXmVtN6BvxyWTuj26XAR60"
-            + "zViTU6LFWGOL0Blplz0VSzjTOk9TeV6cnN83gIXKi6ispVHvnkz5wkNK09I4ofAcnlSW++vxhqmhlFuBsEVSnCxQB8R97Mg8TwpUILpFigciFML1sJU24OtJ"
-            + "BbE8usdVBwfgs1L7JU9cwhsdkx99M/Mf9Z4N1tCfjjZMBvn6IxtEN81Iyrjw/EkSpzOk5u/cRENDbsiot2v+jr7nOv78fe7FBZAQ+bhCxtTGfYCmhB0zoJIF"
-            + "kb73QVx2Nj+MolUUg5i/Az6+iKiM9BQYxFe9cXPGdzRwe/+SI9h5cESIbLiYk/p/WhebtyrV7j5LXIHIWCzLQGvJAxVAhFwQHJkYxwMD77/Y/IFpjNL0XOE8"
-            + "CqJ4gcm93d4VM3bgCGqYPXqNDuFYaoJpGRHBPRR363YzAfzovFH0fgC3r2pRHhdxnR7WH7dxPp49ipuLznnLF98gF1zQDzuykblNouirXU0TJYlMi/nZ/DfB"
-            + "qkdA1zVFMgmBG3tGlqgJiw0jtCZTCtBP+v753dGsdMR6ZEnRaigdluPER0jDZXZ3fZ3W+pKbpuT44mNPjxvd37LoI5mFtgqHsT63DgcnW0wT8Cz7lLTVIcU/"
-            + "JKsW70dsaG6QfhbB1+bt3elLobRsl0qSaTGDjS9+W8inWJzElw+7+m/Q2a9J5qmcHJnmwBLa00wgfxMfUQ1EzBsTyuhFC5Z1mUummLsJXP/oOSdhiiLjF4x7"
-            + "KEzmd80GZ7WzE2++Y9UGCdHsNzCn8JYktD7HSpOm09glbpNL9EGxfGWSPSC3Tz1r/dYTAwm+x/ZoVVT8rjUf6pBaS/oFmUw0x+A9sWGHu0qbtFgrQ8hn0Zf1"
-            + "vqNLtHhVOwGb4eeuHz2Cl4LhSlpSc/zVrSz+oCEV3bCM5L+/lqQhDXz0K/Wl2MAIhWfNRMDutMtBYfmjo4JbXriRS6HfwWuGYVLv2Q4BNqBOawZuzkfz3H9m"
-            + "/hxJjpYinA6jNRI/CWWBAmyIoS8Gg0o2eEAiugMfBrFhg+ZZA0iewVAI/hO0/GMJARX8HloT4NnjyhrxJfyAGUSp1foY5KmVi3qO6LMFALd7rG7fXRVrTtDk"
-            + "h4qmBhCSlwS0rlCQcimXZGHRsKvNqhIOMpAfympq/pjsMIFj9+73OFU4mq46cpgRF1XKzMXEE5S8LFfamNd34y5AjQTraSCezvPzPI9lkdK4Fh3Q5noGl++j"
-            + "kX408VEuwAN4pp4I/aAWvGU4hvhdxaz0ot/ABTiqlyh2TmKkMQexvvQgLKljQU1CUbmXF4L62yInr4fnpZ1uDMFfYo6hQsVaqjkgnJpsdOJKGQkLKJ4vmvpM"
-            + "lXd0cjVUP0KYJNpGZk3J53+TQs7gscbCeaCmm9hOgc8vBQRH0uaCDNn0T5Z1z6jGBfeYJLga/ZZDMVRZtbrO3VgKkJLiC0DlRYWzPmpCLX6YF4kcyX9+wjlM"
-            + "9zpZlVWdEjyOO678UtXM7RH49+rdfwW60DP6cvI8RIx1NNh57IODmn/OapEgOmIoNCk0PGlmHagOwOyvcrYlwBfrIayd53wUMOtFPKC13hpo/7faWS8IrEar"
-            + "Ox7C5yZcqzmhkBdR9j+yknW5oJ3RNt4wktXUhiQL/VX2NHJ2YN5Jz5edvurax2w10PpQE1AsT2kPnoKH03+mLmXUsMCC1Uk/t9fv3ddxtY6tb/vF9qN32TS5"
-            + "QgA0QN0l9r7Z5uW+92LU7odlpBjMkZw8t3Vyr3dBp+DLs8JLDTXBlg8bEhREC+IXfuSzX4kM5mEiIGdNdZ0oZ2Z9wGvP94vHsksZjA3VMRhHLhZjYHmAUc8s"
-            + "PIY8Zi4O8kn2Z01sn2ZF+U3ExfEmnoloH6NLB3eehQf3b838OgeFoR6KyL31YlWt+g20HQURWQ6VNC6HSDICuBX6lBBOlbzUJ85KIAAATs98f0i1vBmsOD8u"
-            + "2nzc68w3KPubadITaiFhB2jBtHVkveETLHC8poyHPDBhpzUlTyPe3DzWYqu+FtNvmOHQqiuG5z/XOTf9K+4b/8lOR2+dwqEf9h5mzyBXGG3j1xEbNT3Ams+p"
-            + "oAvE5RimiZJoYF+bRmF+9ZAwQzQS/fYChvgWE1idLPRLyasc+ndhDUx5xdpHTq2RWZ1w2NboYCAbaFQ4BxiRzHccowVcZ1zMei+OMhW3AII0r59dtLwO+YCv"
-            + "XPpvHmOjQj/hpf3Ot4FhCafdUGnDqU11kJXEl/RvPl2Wl+aWSBAc5wgBrrx+oPLh44a+LupVhbVUTuXja04XdRGJBDhayUZaVPk5jSUsIP1CCLIB8KvPIBNx"
-            + "APE9XkRl8efgLJkCnH4tuB8mZ8Ls+aX3l4cL6Xm9LSMRyyqXhb6MYT1HiUURIIytXyluT8eMFjd9SRQysWz4viRSeH/BfMFnE03wgv1FR6EL04EqF3HrJeBc"
-            + "wynmtdAUwBSOcqqj3i3mCy0Qu51xxyohzewC7EheY+EjWLB7YvgWoi2SSNmAV/WfxRBENxq5cj011A8cTUo9aglbIuII1A/E1i84OLO2yRoFVws0jp89fST3"
-            + "8GUVjTluBVJS1a8868oVN31Olwnwj4WEis7sdk+b5iq1Nd5KT9ioV1oc+AFLhFtcPdm3ZxK9sl3aT4UFKA3wvtZoy9M/7ZvdZXmWqf3bR2OulUFtttI1QdKs"
-            + "3yQ1F+M/j6QNADxFzhv2y4802n6W+It6fmPyB2MDn3XoZIGH7OgxBY57mqTm3a66ocu5qT3rAZiRUPwPFwT3OwKS9ry7BFqUxts0jBuI6zESzsIqSP5a1lJm"
-            + "CFcmz2DLgiiPGYphxz9uM1gUPl+jO/wa+RynlHWraOZHzcZL9/s5nz5w2WABUZFrGSJPzjOVVgN6aVMt5hboqUBmYu/r+lGWWQ0zKlsMeHv3Tw2fC0R0XNa3"
-            + "86XHuSABlSfxZf4ipyjjSUf+QFltcOn8YSTxxHBK+IQ869H9uEvwWXiY4TwE+GFaO9F7z0WmvdBkomlRdB/Q2yILkI2FpZNuihfM0j2cO5TP0OK4qzNNxBnP"
-            + "U/F7TXpJlagBIpDZ3gv0jqdGdP1uJWXatuMdPG6uMD9JHEh+Aq9c/VdC7xopLQpjai3WbSGfFJs5tHjHedXScWoFrIcepU3PrF0lJVc9lAqP5cSJZ39CxM+Z"
-            + "3Gl4TuaUnBPzhiXYwh9qgbW7l3fJiMjorlpDbHh4rb/BqpZoA844d2EfS5zRaKJ4mc+fSAa0cHwrsg7nGZrQCFJpM3Zx4whgHmn7bvdhbeSweqosEvzyRP6e"
-            + "/k9aElabBXLe/d0KLxlREjjWXmmuQrZo5meVwL+cz2cHEi/Dublxyp1oJ1ur1gztLq8EbiiGLArrZrFyUCLh30/U1Gf7oiRQG4V9WBA93o+thSLXwPoZ64t5"
-            + "6uJ6VDlDVpiH1/qgC7WgvtabVdne7tyY9JJWtcbPA5w15/SM9L8FKA3UDrlwEQfDWIe4WjBRycI37ZkSjmTBO2qbXJc8TL0mtA8zk46JNoHZJV5Eg8nR1o9d"
-            + "O8zzNiqt7Lob1eC243KyX4fxpybrAo3viem8Pu9iSlKq+6AFSAjVybmVgfPNXFfbVIEhCzbMHy+vsr31BXzEwneD2dU0vcVL61a01CGqlEJnFZLGMp4AUEYk"
-            + "r9cyYuW5aY6eLmqwIz1Ao4KPnLubCLTLRW9KwhipbHsSR7mOBIoImubh5Znnwi4rbNbTt63m1+JHnBCfuphhgjQ1rEHuHqwk9k3x7htfsvmKUZjFMRpJEQFb"
-            + "QYq5qYK0txFP7rMjv9BZ2/EG+Khg71p8RyBPGR+8v38dqHzbqndCkUtJ9Emu9+NJ0uunLP8TFpK+RgFM6aiZPDTW0ZyPK1vTsPkaIt5EXsEkZj9vw+8IZOM2"
-            + "10L5SULf38ngbQpUmJnB6bBZc3humyx82+5JcR7qXQ60xxclD6TasxttoioOqCB2wsqYI8uouYDmvAcv+sBX3qzwzFbC0VsQDDKGYMep0a4rc3gcMmJ54HAL"
-            + "O8GZSf3GV40itbjXmFo9ENQXeg9Is6XXebT6QjYQ/NUF4VcXoc3F+3EHoWbktcy8zV2Zml5iSdj4ngE2jENExWMKBF9UUZuULGe2xJLwQ/9Z1Hs5J/RrfQDq"
-            + "+AftuDiolY4dstsvp/HXJwOoXQdxnX/qG3J9gX8o+Xj7ZkXPAX1hSn3T5+ZMys/Nbly9VpCtSYKuislGPeQWmLcqTcaK5F8YZO4tAes9Ud3VWqZadZdIBjA4"
-            + "H527w/u+6TGuyFrHcKZoFMWjsyz1wHPt54w0qWcGELLuOdw1ntbXP9ygw81iApmzV+LNDN2M9qMBftGkFj5AUVQQSYdACMwn1sttEglhMq+Ng3oMH5d/BLlP"
-            + "3cNn9xPMoF8zNlit5Vr9OiL7xo90NMucMZ0xClcskAuZLoSw96q1lA5/HgIgwX95miXL4iZ29iND9OQ9u0VugDixzdELzLol2c79g/aadRsZKXQDAPz1wGrP"
-            + "L+AtCEw/HtatrxlHPr2Sr7aHz7y2eL7VV4077TnJJtSvEynUUGkVi8/aBnJGW57OlTsmyST3tVQDyxH0fdq6wg4G6OeeAZtQIuqu6060N8pZSjLla1gmO0Je"
-            + "8KwLN7pWeFcajWvuExdOx8BiH+yZ6Kdv4wBbNyPa155z/II2BJuTjhjpcFouu97rbEFJI8JAK/JPnthIw/KGsNyTHt7gFdIy7d4V4gbOpZNVgkltWKQOEPMk"
-            + "rWgpxU/3U88PSppR56GnB3n5TeNBdc8OfBaVxKdS45EXSF4cmYDRGnmSysoZfRv2/KQ5/9zlcFTlfgORmr9jEXoBSdY12fAv8iVH8fwcE+vNFNDGntfTvAs5"
-            + "wLoYPka9XdJAsc4zzbAT38+OcVyRRbmQ0u1gp0fQ9aSF1Jt5rBD9GCI8ji793yxcXtE7Aucz6Dt//Ocp9vlepARZejCLgP77cn+EEwkFat2DSOY2XjA3G2Ar"
-            + "5lyDwDqa91NBLKzjFvVrbVXxl1WtVEcMV8AqCBSWR88zvyLzVhcXhnjqtDB3DDG81XRYnpwVUplG2jq54E/KevvPO3jGaJOxdQn1s8z749ffiOb9X8taSLlk"
-            + "8e9/d008u6e18YmNSbCfyuUhB8V5u5HmmZRCaJInc/MbCoks+WyGRtKOHbFKiVziLsdmnmElCw3c39zEseVnov9oj7RLGBNp1prJS5NH2pif5SJrF8r0tomD"
-            + "DGxzq5MnZA7/KAcBWARx0o0VwqbZ6bG8YtdEi+T25pUfSh7xSAMFeJcgtX3yUYYAF9e+wnEDMgsqs4v0YLwd4qXwNWKkUWDZtDARDTskcTXCAh02ZSrU54v5"
-            + "8NuRAtBNiDrgeUZjoZb/DCkCe7CPiCxjiiIiyDmJXGPWVg0U7G9enZsgrMAAP0tis0isy/maq9U1iIKuMkKRuJJP2i/jUva6y7cVOeJAjoRnatTkLZTMdcHF"
-            + "Ag7m8km+wy5wVxmIl8hqmFcMKnEXGsqJ3WrhGA4acYmJqSAxU7SzSISq5tNeHVEWggTJETbbL4UpJ6ArHswzxsqFreEPCqkJUs0nL/apMcwTEI0T4UASxB8K"
-            + "7hM4KfY40515tnmV1jjPMbjaXvcj5Uy1HGnBl71fzLE+ggwaVwIL0yokOxIflhxR+ibicm1oBLSnxJBSUIGEK8aTaMNeMr5H/K+QXDxoxgZhShY659HroODn"
-            + "AEL5qn2a05X1A/3aEqhzGY8eddyqH3rNlBP5uexuVfDrCEAAawlZoHgTTnS0kuNM1k5Xda+iNbJeU0yIars34KTSRVCnL3AIFkN7/PuHTuNYAF5G2S+zsK0m"
-            + "Pl7xslMyQyDjEZRWQ6w+3/Jn7bosn5+0ZjJd1BRJxH8D1V/Bp4QIJcJCd9GaqLpNsiQarts3dXGO1X9vM7QEIqGQDm0AxdX4LRfN6ZDbDyt0jvQ4R/ti1JtV"
-            + "4DKVo6DAcLA/3ynYgIXlWW1aINIVUxppRb3LPI97yx44HsD6hW/SU/8g9xtvg0/u8nSflIl88SGoNjmyVX6kXXLHlPxoyDyktVIYEhHdODbftylTbqD2ribw"
-            + "QDFpQx5jIsD33RPtsm2s8HiMaqWORR6XPtP9jWVPxa62OoGiDgTH7PuPPhQeXt4F4Sj6cjWvffKB849YEeRt88Ynf9i7LibuuUCVVmNl2kfpJjH5ObLXS5Iy"
-            + "NYoR/SQ2eKJTMQEAETIZw8HT3IzTQjuEOdP4vqxa+qp+3BiPEYSB2FFtC/AJ7SR2pPunEtcGUbnpHhLIpCDnlilyJlw420qNFMnKimOPApBZHL/wRkJ2Jquv"
-            + "+in32PgODZSYoFtK9n5OZL6dGQYRDc8IAd2pjT4gEi6Ilq/ReD/CdQhRdbwH+ME+5PELLcvkl9OUyz+FB2cybvIBywpzjllwM5jTatahEoYsYpyCgMYKckZm"
-            + "xS9O9pHq2X6PeQ7+y5sHUqAM3Zu3DqXHr4SrKt0P+5iULLlYe8rMJfdX3lhVJzFVRzR8Ta85lhFVeEKW1IH78b+/gAr/BqqR4vDdAwBfRQkyaT7h5wxYdiSC"
-            + "R2gG5sdc+0KF6kl0AKt+w3nZ960ukKBst2jxZR3clOxY+LYZiW8GZJKVozQO3F3jdD4RauA8Sx8EPKXjXLUwjvcCAk/MpcLO0/X/0lhyrnpvlhe/s4IH3QfM"
-            + "jngmN51oXmVfKwfgpJnRstsZsD2vQdOAfsP6FxnnwFJw+s3mGyXFqVo0u294Jtqg+dJTWI9+W6bLd+aN3JDkSQM32cD9PSUafoi5L+pTcJdd+swGrrIBg314"
-            + "HvhaZDOADKrvNh9YKqgd3qKKutY1ZqNkbvB2GIYeoh+feH6JDPBJ3he27divR/7QPMwvLOLEXV9SNB+kgfQSmOPBafaMLnlrtocFZOg43HgSvbZHi9nWE9Vq"
-            + "K54i+OYFPIgBnk5M66GFGD3kkMDrYrJSSVEiG0ymbsN1X07GSsqr80cAXvz0j8rsqfWSug2T1VKvJoN+Pqjw7EamHvj1dQkbbUfrLavDC3ltOM4gC7XLf8Tm"
-            + "Yk2BRgma6wcBtO1YYFHKXEAJ+HxdLVAWPTOUMIitzeQxwjC7kHfv5EV25ZWWNNlfpQ14mWXKE2gcHzDPdZrrNW8G2wJomAJTyXjJ3GWlCxT9hDJDeJKk4eIS"
-            + "uIxvw9TvG4hFn4wHLpJJzSDgk51YYk6v1jRXm/puVICY8V87QJPgOaCOkYcZQ8hCJf9oc1rF0WmLH35qfHwLXAvtW40byn4ocMAZNhaiUTwsQkY11iY5+MXr"
-            + "xcFOk3BJSCZnMTh55hjqVSR5b+eWCaDJGgeHEVFt1shbC12kWAYrTg4goEIci0a9lfy/kP/5Akd9nTCTRYMwJpcoiXRqHRz5fa+DFipjZ8cIctErA7n+f+Mk"
-            + "Cq2LTkTiNbhLy228qX77i8vC+yq08snTnPq/zRgC5doETP0sDWisYjndkMF2zKF9tHu73sbZULbDJ1RIbMizPr5lDn0Z79kdmfNviBhgOmsPOAUVqYx9xXdf"
-            + "+VN8wjhMWcDtsjCQWejDHPlXKPtcdV6rXaOrlx7xEq/CXWpX1FJCygBwqmQXBPL7aVrNtWVeE3AJHp2aaOX36vMWof1BTl+ix/iPqvp+88uRBCC2KFZJRww3"
-            + "Pk/uLSP4Np24Si1+gR8llNHB7koMNkgFnNBWShrX01wziNU5SIU1iXQiWIP6WAYrtbCVhrn6v27kPY9FezivovZRxEcw1wtytQei/2OJuMdp/GJgXjEGNuKB"
-            + "q2B/FUivH4ozd3medUuEFvEXCk9RWIvkdyNbXt5PSuWfoxqMxRPtOfB36t73v+C5RnhOCSTooKJKoz59x2hzxa3FVNy4ZLbz2JoSroB2oNTfuM7dUvaJg6Lr"
-            + "LUWOKf3sgBTFQQew+aGCeneZ4LumcZ/5GH8u6bOOgpuq21GpEFiaVOs+i9qTlrCFx6KcGgKsBFos0x4OX9fp+sMurcvuXVWWUY5rO/N14alXX1w9BHbOfmaE"
-            + "G2w1h02xUj+U+MqRi0wYUxB1hGu3g0sQNpmnDPO/wDEllM9RidPDVYCRenXl7vS5lazF0Zco/iVQQueUXilAn7avrD6+Oc/xpsSjM0TDHtCTMi5GwwBuRWy1"
-            + "QxDZCcPIGzG0GMC6NK69IsOeWd5Ar0WYGvMGksNvUImXagKhgdx6Z9PXVmeU1zboPkrT2H0RSj2PbTwormVJ/6pI16Jb4XeHwHfUhgKTFayFvZaE30YlVA/z"
-            + "3DTww8lPb3M+QU1BSl11gNll28ZoxcJJgdKyTp0SaSQ9eFvoH2kxcvdC57E23sRdioHTAqpspLB6bT1qYFu9Ej9n7otK3JSFrLN392tN0jYXkMlM/iKJJRY0"
-            + "AEm5LX1qGw8onEdQBuZCTn2KheMkGyQiu6sSCzbtrXO4/KoXYnF42LtHNbDN9Dc5joOV5k7g9MWC0NYcWGKehJPY8SYvuP9Nma4F2S69zFcigvMtnlbY6dPO"
-            + "hP3dS89uZe0j7KiW3fSsU7EDx5VzQpuhxWnR+dMISz9UYTjUP7B0LTZpQyD1ATekal6Oi959B+ntp1bNYNt3zoRN95tgdC875Gz5s1fDe9PxNq+VOGQk6ZBd"
-            + "YAfRL5CJYTMjxOt+nO1zsF3NdNz4195mLgT0CK7xHOseeMiRxqSCum7+CclD3/yxeF3Lv19JnyYXX5FCdl3nCqZoBwE/6AdOs/DOmVAVe28td1lvJMKNxxNC"
-            + "jaQUdxkI+fqiawBZNq24AK+BmfI17Y4/eNIKVUztoVizDWq0BH9ZYGsWO6dtUCVghBTMZdnIhPw3GFlwwz7GBZMRV5JhyNoe0WCfVsgDKuvHag7ELtrs2QW8"
-            + "rNTdcoqCifLuCWoELFc5WTLCFeW7btQSV5BKXPl4AnY6zG10NAJ14XD8aEDchfR42ytYK0knCOalIQXi3Gg5hmTbmZX2oJHe7v7+MHFNlvhKl14CuaL6T+9/"
-            + "OLfvU3VyL7g2h5FxQSwrWgzb7SZ1k3jPlWetBUhZadns3HKYPKhFBQN8Y0pLfg4zdKTiI+70EKBO4aaAMrkwE24MbqYRzBJT/W9hCcw6eV8ZhLT1Qttp4Ayw"
-            + "nuiR5rgX0CVZhPQoCS+oOa8LhD/e8NYxCoGT8Rdd8C8k5qCxnJy4xagcVQKFd1CQuwyFVwEwT3MYlg7OzptZVyo5Zf+OgfwPyFFO7cyxHVYwZVBK2da4fC6a"
-            + "aqru8P0tNzux3nmbNzogCddnzEam2eTzbHp0JItgQpNsAafjugaq25i1ncQ9JEbTkTA5widLaH2QWifHFmzRkLekgdgRNnmVGvON5iBgqKT0TurDeFnLxoRF"
-            + "OWlKDuSx9ubFt35v2kOKmVg+VF19nBcPyO6wehV2UI1dzP/wQEYCtPAZOobu6PtaMEO9gt/ndeB12lwowLR/MhfOePGk9kdQIff89w0rVaQH8V+j1Ab0jGLi"
-            + "7Mm0KBc6/C+gwBAG+PwDdeoLujBVucXbqWjhOcevwYT9jcdeOeZeOdYqQqxMQiB0+xOEwtNND6Xe+nYX6VbP/36XUVCKJSj/6HlqkCNUOxsCvbZsZPUgIxov"
-            + "kwlbkII/L59DValvLDtMSe4o40qFve1BHTOeR5aeZ8eIXiPr9b32HtXF5Zh3Dc7a0GrIQ2R9unodJX994avz0sfm09PtXzQs4THprMgdv+pJhIQvZvqfnevk"
-            + "Vid0LmUcprqLYmWdoLRalzT2uNauBXuIVXeZXZ4vWxKKI99CBdhEjxYkXd5t8l0ffeSbSHtbnntKAApt+76quvLVHzcETRVzlfs684PlwraD8tEKhWWDtd1y"
-            + "dMKsiALjg/Sr/3kUuVTS3NrEpfpk0Jh87hI3IqaI7Oh7gzI8jMJifY930gNQduassyndLmCZYXMNCIHqiav1JX1DmSEF5OGctEpdtEFqOQhEcDgifx0DmQV/"
-            + "sIIR05nL4u1350NTdUBC+NE0o3qLVyY+ELLuOdw1ntbXP9ygw81iApmzV+LNDN2M9qMBftGkFj5Eysd1wrlg4Mo4BHFYvz2CK4xKu5B8iwJ9UbSiF67SajQs"
-            + "jMgW85d+z5cnlPrvoSNbO3u/4LRjZzGp/PTFppjGd3XGBAQSndVCWTkp17xo8E/NwlaYoVXJ17/uywz09COy3CLrMV+cJBCo2LSjEXA40KnPWYRO8QPeRWs5"
-            + "1koTALGsEQgOlxirGfrJIl1P+s16Du7oC/uUPybewhb90GMkQ037mZptEXfyOctYJbZsR66zp/2ciI2EvWwS7Rlx2r0SiI3Eodt5/xe8xKiabTA77mFdOFAu"
-            + "zRzcW+nzJOGs84LfjbsHBaUWYx+AUiQkZRAfzlSGUpeIaHK5kNRZr7uluhkT1EQtssLkAi67Se4l/g8E9NYDMe0OqPlcxfBedLRhOC3uuu3kMmPCkApjxK0Y"
-            + "pQg5w4puWmveuVWGEBLyNwlzpw9Gr0apo+2fszZgzrTlPigRZYeKcT3Sc3CnDPaPvRY+ucmXQKX+8f7q5gtqJ/JpgUCfOpJMwAx7qDp2CodDz3ETCRhnXzEp"
-            + "EoH1iJNoRORygSiCTwtoFwHsN9V252mFpCQ2hONRFAutq65uVURSJurNPIrN6qjtVAAyDYE5o5aHyz+LXlHXwZbSGLbAx1JjrBWH5Q/bsHxZN2jZRjyoc+e9"
-            + "fg5NlG7rYfL8BFPc3uo5+DfUqtixTkYJSkmNLfaaZnqM65mk6HktFHtcyONlIfhNutBAD+ylyPgaFApxkQBqD1XJzqq4q7mc5OYsf7YVNRS9yATbsilYIpMU"
-            + "zVb168JIHen8ao8YIEOpCnH7UTrY9VwZ66nE+5yh399g46Iv35+evdGDh9SYpxPIgHa4pdkNQb91FnVdozTeDG5blg0eeF1YMfEkLdZ2WxHfCJYjlHLuKkQg"
-            + "S14KzRcKFPxDafCRGULCUwVsyBmMbUNRjNZm2SXP8yBSyWihSmoL9pbU43Bp87Hp6pWHq+uICIQjn5wrz4I+sKXqqOpoEblttT+V6L9r4F5gUeRZx9fsIotj"
-            + "3w6U4LVHBnwnwjFG5MFp6UBwKimwdxC/JTJmL6ZIEBGILQ4e44oI2Y9UUGqtsBZMMD6/lkPxNsnnkkdBlLKQBp6tH40VHNLhxcW9X8wnu/mzhoa8xDMQPRTe"
-            + "gW1qeX8f0c4v+oTTmycSa1wjqj62yREub8ae5G02dmI6Vewxo0+Gl6ojDPS+LB990bOUoQZC8HwGfrMcx1uXNkGmiiFCdqEa7fQzf4637Z/2aqXsVSPmb4bj"
-            + "WVZwj6XU5rxe2hnVknrGYKcbJFI0f4Dsu2GhEFJnWtqtGFhEGlnjiM2kr+iqwBFxQJQKgf/7rKjUPHc5Kre6juoKnD5TPSJ8C8aTU5Sd/O/CymWcIdToapUD"
-            + "WOAXpushPjirAnRSSB3ONJKe70c119i+30PClGcw05kWVudgQJ9fmfifeCDEqtU9ICWXBA/pH9hZLAkbcbHi92P47Y+X0RFn9aFkeJ7kabHYNaBRZZ5In33g"
-            + "RoDYgg6bV8b/1whl7tR8q/DXXFL1bjRSEpp2ATM5+LgARhq9XOktKdEQ2vX+BYtGA2QBGOJC8ssDZWxqQo17/kEKqLBUaiHlCthlf1vX/MBjUG9WM6cx/KqQ"
-            + "ff9+MQuJbgDS4aG/s93V8IYpehveDNWOPXJh4qxyFAGq+X36LQ4rcISkgFXGVnE72+SXeBgBKN1J1Ii5rvEPUwDI4u5BYeg8CJs2hmhFb5yvWd3pG0JDkk7p"
-            + "Rd/HkcAxhIONElY1Tt4etpBwXbp8cVGcabc5mFfr0wYGPCiy4tQPPgSnZFDh1R2dB8KJHRUHbDmaHMX6d2HrI2ZhWxtpesYAJHEYwkbMhC6831R7Ig4LweZi"
-            + "7n6dFtSivlrvgTpKq8wSlafdzQLjEVn4aOvlSqTcCKf3nhPzbXVq8PTkXTxcNkfggX890vgdqnHSjm3S/MNJnZF247fLoiJaCTENnWrAKVikGFrQW2H2m7q0"
-            + "d4W+C3NlYFRvZYfq4PQh5BVbpDRzDlWR0ybcCFKtXNPYnPnPDNnPuNjYsZsrjaEHFp+r3PUba54f775tdlGSu+t4EAy1dTaMhjvcTcAZxJeoV6EIfd0l/4GX"
-            + "hhCgusrNeSBrA300M4421iAIw0OO2PTgKGbv7NPMFpv8SW1GI+A+xGNCUxKo199tcbBM+lRqmR4mrkHRPGR3kD6hiZouT2eUYj6PXqC+AL5ltT5X5ic8jRfM"
-            + "0F9ub0V217DMALqM/C4ybP8MKYcMS90rHUVJ534YgY1zWM8jVr4jnGoQGn9W0yAHFsuDz+DX0L0d5llnLYXBL3Pp84xr1qXT90PgmcpQUqpVutW5Qu/obQV/"
-            + "jIHCm4JtpSSoWHv4ohUbmEnfCM1o24uSO+fEqTjcQPoP6RxYop1CJgu8Z8OseXbyp/tN7UAi6k+hb2XmlViEEfJSFFkaSQ/lkwlNKqfRbKYC+e0ekdF5LeOV"
-            + "EQCEHIdXbRtv+1wqx7EnF8MGv2l7Qg3RiwdKnH7HCfemJPxh6V+jsx2HJQNp4o3yU18JEGV2YqrV0zyA/rCvS4J1PM6Kv967/dmFNFcBQoxqjeHbRp2KE9vj"
-            + "GZTLOkytVCsRDpgOEHmEKvWE3SuIEtOjhavHppxQEgO61WfHcZsh1ag6r1hPBz7g8DaIs3m/sjnt9TY1Vg+eCznRh60PvLqNPjZfwGwztGKSQ81VDmZX7iop"
-            + "qkQzG9DXt9S5H6eO7RrchpVarJrT3kykKhI93IphaAc6q/kn4X3EeXQqeyoeO+L2fFr5sy4GWlK7f9oktz5XSfOMkIdob0ktLffdB3nSmu1sh5nsaYyMuMfo"
-            + "fYfgocdqPmjbRZTKOBpQn/IuhRSB6Q78qBH8UXuwQv7WmokawRFAucB3S/e5JjYQK2Jh+6A3AWfauM9/pqr2stpeSM1jFQwYIMr/hRMxCibLsL79MuHmvIuy"
-            + "OSHMrZO61GYescFRl4GL+kAg29uHSVvppjR2JQ/o8N5wGcRaoZSo0j/ikfvWhjL1VBOkPrd4vTwMv+ksWN2pL0FeJ/Dujt+la0p1y+M3mVM8vET10jAMJkKr"
-            + "DlXtE4fLLzOLlkFJYZ1VG8bBoVXDV/AeU58CQbwKMoTXNinpf40kjmh/zMH87uu1mprjg/pjjkcWH93sYjADkNlitWrJJExTJJfO0hch2kpMV+K3zwATvs62"
-            + "RTxclJKiZGLxSuvav2QRAbDSpwx7UI/fpaYFm0/aiu0jdyriQjFmpeVMeU5veNJXbEwvn142DQrqbLfA9Cn1Xfm4pOtT+13508DD+DtIy//WEng4xVWH/0Hy"
-            + "JR+JPFTJOd3AJEzkGbBCF54KbgCHF7Ex9UUKfTfSW9NN6Ouzpvs3krV8PKJUPND/OWOIJ8dEXftr0uinkR4cYZ9ApZNJwHbMLQFlTOiNTfWylY8eIzaKMQql"
-            + "AmmeL55x1tRP1xbkPcj7cJrX/bIQ1/8nQ28oBk/tffVOGp2yeSMrxq2y8klbfphEkAGn5CfG/mVEBOGHJMyjOXBwfDkT3p92Q8uPveJ9YVo0xUBXnpbqx/h0"
-            + "QZfgAsOxd4sjk3T7AHKb8DalueB9/tyUCzjPzGZNZwclmt06FVlKBsW+7QbQVmuyIHOpjQ/RjtIKcywjkb2pLFHL7azy8mWgUFc9RdPj2TvOAyW7JQupp896"
-            + "IpuQ2N8XePW720g+F2jPRKZbZmTPvoodXMN7JeuCZFkRcH/IbFXCfUt97/fiVDydTumekXLwC2S8hCtC0e1LLE80DXrDKRY3YiMT3RQA/PMHLSZMQ/ClXP/E"
-            + "Dn3AO/e2QQC7mPzheK5sl8+bJhm2WyWgU5xvrmV6/vrn6J3Ba6hliLW+YlnisMKoaRtdLdvGntGLo2B6wrq7603y1/oIkLnWN5Zbr5amlv43ubT9zSzwbjEP"
-            + "7f5xSgasg200A1q029Mu79jPNuYHm+SH8Kq0KHHCrVKUAzLmN22F3CXooR87ZksfvNJoUEhbA5QuMWO+JnXMZnTKDCLSKQTCGK0e+8g17eHAzCBpDGnvOt3Z"
-            + "uKvHLaUhvcz3fMCN9gkpafGyrBvU8aI4ILuIb3KYqe9fV7XpdrduLcQzKELjztEU0lTSQ09Esf5dlFUcztahvzDpv0ET1/wPOAoxHQytJExdfJKODHMzAPWl"
-            + "OGugvUvn2+kRbQuheCLlWJ8/ObfURThzfmpHk/Act/PqJ/SFYkhm/ghxqRPb3RVw0omLqk1AF2DW81FF8Iu1/IWC7x+WcWU30SeX5OPOYCrG0FklJ7Pnagq+"
-            + "A1rREPPyI4cS9NkZS2qGfJQUYkdSsaSQeom111EtnFxXLATo3GLzsOCQyO72grLA3GAHuTdAhjm48UfpxXHZD9MMU8+Avvfy1INzZi8LY0ejhG6ByFfZoUWU"
-            + "emLrDa3tZg5R6pO0eZYQksOo0GphvZBO2GR3AZmYPKQY3EZxtGc+XsIPINwBv+y3FzM4hUO+9C/vHHjRiQZz5uQaC7ZRHhcPopXzh+uxd/b28d6AQyZ1LVlo"
-            + "FkKBfQhzz98JBMORE/RZwkeBafqzqWIKUtkx9xiSsT2QOUUFPzlr93DfvFNP+oTAsP9J4HcoWAd4ut1Jhc114cg0E7Y9t190zuUmnsa4aTSpZS2ZPOq5BVqC"
-            + "UXDrKwraEUYOfF6ZciCl1kJVRVfRi5J+XXFBFHRaTTv9TNqDUr8urPoBD+j2/fG9l3EQzH+3WG/JCTjWGgjnGwB91S7VYvcbKkHLEGAIokGzXmhZcDEChRKy"
-            + "6L4YlKr8fKj5rhd2/DRfmS45e2WgS/LnjYdXMN1J6Pfwz1OI+chXPAiRAi544zHHcp+EhPqjsmv0MoFS2PM5A/fuG4xtS+7i+pNJRCZDjxNsewfzvs266sEj"
-            + "87CEFzraHi2CKSKUZvwus7NqaNg9IJYOGViefzc2I/IfoR4/xxgQHHFrjWP6GNPZZOFJvRyHJwELUeZVgJIoOywaJ3daYjuUkggHtzUs3fnACZciN66cEFcA"
-            + "7+wHM6xM0mFHeb4wZqcFclWSRqPC65rD4tk1UDB4LpX3UGNrvLOx1bny0Gl/WtFIfg7L/TPZHOkwhWtDLrQhi9tqa/UVwyU6nVB7LCGiv8HUKa5E2jvAx5hK"
-            + "YrM5a1lkHH95coUfIJ7Z0Tofm0zHCED4mlNQp3BAbxnAekS334ZRvpybzz9f7cJiL8BsmNwrir8onMcKnVCrAY6BEl5G/uKdhZJdzCAGPIhbZf75TDDKOlcB"
-            + "MtQtO4AjoN2oi616DExO5E7rLFf9IbVdL8GyvoZ/dQzaetJEpDlZ3T5v8g7r/CmEOTuWGLoLDAEldvaX/awe9jNiypIubFuj48PLfyKk1QCxz9KcBINf/fDi"
-            + "q8Ig5WKcjHtGAXRRuKNscdVnW3bo8nC+Hco1JcXsRczI4AzVKfxJFwrb+no2/A2LqBA+PwWyoP+ny+nSfsRVkICBFhEiBIZOGrorWq3e/TVRHnlNS7iy46bX"
-            + "m6XOOpybMURj/FrvuEo8u/Bh49QRXsZyrJ/8w1gz5qz2WAOZXkza8T/uGzQXfncaw7HRJZEaIfdQjsQEcnu1trlAkJNHktrH4T4LpdJWqqf7izQJV9uQgftP"
-            + "xX2c8QB5AS7LGSqqJDeiQjQ2ksAK8iEjH2M/AH03leg0l8xmLQiSEKUaWiHCmWaqOrZP6/RmZ4mUtm0SxVAdxod96j/9AltiR/r6FmdCN51V1OkR7SFh6gTp"
-            + "etDxT8f0IPl4IpWaF6zSQL4GL38ap0lNOQHfhub1OiBLOtc4gyewl4k6Mjdq0LNzOenfPvNbE784pJKSueaiR85+DLwMJf2oyCUK53D5GZA5CZzbK6550pM6"
-            + "aTotoiq+OUEaALpL4Szr9agWjhOAKC0y92rgi9s91perVkwDtc8yPnqVLMVr+FXiM/pbON27EgNMukgp/xFIJumccQX9UWdnRLwFwmda2MKj9rqXufgr5C/8"
-            + "LIHF6WicTZY9WYTnB4tJlRLBtZ3Io8ZQrDt2hX8BykljOAD5+/g41hjGtPSHpZD+LNcM4EIRBLsWy6Ic4kDTN2OAHZU86TFfF9Udsfm9LA5JqJTaxWGdJUjf"
-            + "M7i/MA76jy4XDeQwLK8iiBuibNyqPfID641jOYVtyYfjRV7iUEJEbT6W3rsQK7ZMwAs3HnPReKlrqqBzluaLEkIszu8LPungKGJVd2tSEOuiIVHsvl/5y8ZW"
-            + "CDpx4OzTXgIoXUuoGLmropHrIL5xMJy8PTIa52jqnOGNyMXAEVzBm6v6VPhUc+l6ACzH6tOqRt/C05DXtfRRU5M6rTX1/3ZKxRMnoA+/ydP3kD3aT4r3LVtN"
-            + "rjD4RIGWfQAY9QUeiRVM2KY4uK2LIZT4YrKn6Mg5iSpiw4XqhfP1W2yrj+pwEpv8uigKEM7xtRQAq/tAQTNE3DnRBlalncU0g2sVqiLIZvRPbxK4ZTJ2EFGp"
-            + "UAAv6zDXF9ttZIzq4ajuOCb6H22BKusdtzBZ5cYkdZdTRwd90Zz5Ji96BgWiSlJkz78kz7IuP2VIRNtSvWNIOAnjH2t7/pAcsD6eJOrZRkB0boqKwMU9GGHo"
-            + "HyZep3v1aojaA5jCX5OSuPpRNQJfGPDx62d1qpJWtK+m/y/QYuechwdOmECG8baH7vXbQWyFE7Este70oRI9x7xEXsowH6NVWbZ9ofwj1gipMLhvUbRxag8P"
-            + "yit5W++ayv+YYfTxVLCuz3HZLigwqboLsurrDIeSewl5lcAtBinyNMNoH2pwUouKLEUCyOWyr8kRWGY61Gjf1pm16S43fgdsammbuO4ueWRPsK4w3vIQMay4"
-            + "POwknxWctf67hfIRC5jTyrLv2xDv41W1172y0IDuwxDRcTP8wXeibyXsZStfKEcpKlRvP1QugOm36P9/TksY9BKo/aOeG/1md/4B3QluakynXrxQyEfrDZbc"
-            + "CVkCeA/oVbEGsguwNa5Ekf+dMDFGFJpV7iRODPDygMcZQjXzaVfkE3lvNs+UbcWlg9SlSG/DAen8RerlW/pFnZslHdDag3RW78dAKa3fqk5BFOt3HPOKDhE2"
-            + "53BDkh41NYUkyB7DeictimUKZwWXRiBypupIxtLAd92rVzetfnzpqpFu3xlPtbyp79bwj7HM2jVaYsVJAU2Q9/lSNm1OTbSiHyTJHHyV4x5y21n8UxkM/SzB"
-            + "cI+TlLY8lDk+jPGPTaqMc7ET0Ql2L74bdwFZBBgnngKsIzCfj+nV8VQI5PFQDWQEKoCYoozK19Kdq2I2Z8eB9gJGyN6gsWTu6Lc/xsKgpqj0qXW/+IU6ygiv"
-            + "HIOGHUsnGFHAr7Rgu26uLBCpsXrk4/k4L0Olk1t84lcKklCs0n8WFg3WRcCNlTGXiqohBSTuXfuq527E2QF4W0Oydg62zxJJcj2adbat+zIj39DbB4c0k80u"
-            + "xcfvXOsM3jYyKpsPl9/bCE1YMqCZLBLsI2+1TG/kTsdl6B7ZrNVwDXvSs+1iyWpoF8kxsMBRBDItxfZorjId0uh6TxoOvpBQlZZdPj0BinrSj4Kq8FgTPBGA"
-            + "JsyJZ1ifhLhVXgp4DELAIcIdG31EBdaL3Nv8SsNd9K53B0igwoM8ALM/ZlZGr47UZcc87umD5PyWHkYKsxpi7vdgTaVqp2Ca1Ibn+bCjsqU1yAoOpKrlz7Kb"
-            + "y7Xngo05ecRmCIKaQSYdhWLkMD3liRUPXYWRbHC59jh1wks5YacjFxiJLIwop6knxkHDIbfBeBHk3MafmgQ/JYck9LwgPWVj54u2AEtErYHWKrspXk5YQAGe"
-            + "aAduim6CBAy9Aa6p41TgavlnAXCfsTT/oRBZ5Ho2YV7VG1Ob+9rAXsfmHglHN24X4jKUGdiAjaAucjSGEdDwnQDLpTL+o6eRG3w9w+va0FdMxwNaa6aPd2R+"
-            + "1nT8G1TsqXEH3llr0ni+wmKHwdecfVi4yey4D7jond2covemChcqI+ImNIvSKxpiO36m4ulbZ65OK02ESCioemUEcKQvVw8HdHfTBw1/dZB+IDLKonqtdXwW"
-            + "uVGgGVW96JIKBviMoHfelFkQV986pBgb4XWun8ClM778sXOBoBfRFt4k8D0ydsO2SxsRtWNj6/Ur+rrl+Z30JnNft5rNCbMom2K/VeFoU/oO9jzP+pMZrlrQ"
-            + "R+ncg9tL/SVeecgJb/sM6McalRQBSlVtxHt9Z1aFMHQV3Be7IK9KrIIoXmDV8pkpdxsogi3kYOy9RizE0IfNqPIJsbMnd4X/Yz9lf4RZO8qcovFgs73rpwwL"
-            + "sIfG/B9Vns02XMPNzLjU57ok9PSHpkdTrr0hCcxhHde02g6e8Gxv+QER87FGXlFbsy4Rc9whwL11xUH8WJSIFrrhECS5SxlzDcfRV4wV21gjApx6qxUZJirg"
-            + "jUoIIetc4v0Wgyfn6B9biy/Ho1JGFM5Dw2DEnAECaNcaYyRxT3Qxo0Nn3xrj5UqNXVO7G+uduoMhVulQAOrKZNySSWngAG40rSyFIfVyuTKsFY5hd6vAQ/KF"
-            + "QrlisBeKbborNWXc4lMrzww+sE14b7g2raO0MLoLuv0f9vOEXACmKwd7YnUGqo1eGI3GStgWp6UXMhgO51gaK3YDxtgKCfttmzCzmq6+0gFzcd8XLX/7iW0w"
-            + "CpZg1H4RXau4Mti/AM7eAC7vGsY8yhk1qWoiWdhSHk0NfaPTwGBfUYsjkEEkpfqxNGs8AH2ufekAbm+YXMDPKCChtDy+lKgIrkCWEPSfGca/+/ar8G4VH+ea"
-            + "fvO16SXLloMJq7VWz9h+WosRqr1OjTN1b7UGhoGHHwwQGKIQZKCgZJTxvehPtsgIJSSKXYbpCc+hdydVdZlQCtO8pFQCrKm85r0QmbT1j3i8r1aQj/6HZ3ja"
-            + "dFYA0z9nTYGUGPFt/ZTT2LK+b/Hbe9mLMZKYBklyJWCRy67GSZ75u6taXLnb8F1i0Vvjys+QT2d0kjgVnsFVkKhOtbVu4BoGocrg5UEpVFt3fnv8JO8+WD8t"
-            + "WV9le/v47HiNKXJMg8VLJndv9P1Wg2Rib+yXwtOTZouiMhL4QjCsa3ov/d1lJgAYRS1n4UepVl5oSAAxPeQejVVKKMPQO9ym7VQYr2spoxhtti236vXFwerT"
-            + "5HC2qydRRIolRbUcazIDZel4DtbjAbc2wXj48BMtU9TMpJzAQBfNUPG0tovKlCNvAkIaX1fiXe7hZhFodK/mJuWna/TD7LrSFPtCAKbHjflqnIoasqW3GrqV"
-            + "JYN8/jbTMPjTyw+Y614+Cn3AmEwVndGHYEucCK3fUSjdg0eT++209PBVCU39WnjzOmTKhvBAp5jihfAbbuwR5avTV3+0m8Zmh72qyuMIMBIpQWjC+IRdGnyL"
-            + "Nsrem6w96LxZZtTHBHFDQi6mpkQpuzh/jklMWeuPb2su4O1WhtPY6KsG0fi4t/GWSeonPDMyOTroED13V94SM3P3qvd7ZQbX307qPRXs8BfyH46thGi+WoD0"
-            + "0KLQjGnvsmc1mLVar7VcDwXWjhlG75OLaNjBJ1RGZG/n93xBVCj+GcQhThNfnTKwnI48YEG1kjhRwehNstPB6P3bjdaMYSBqJl3NALnnBqAaiipKhfVZBu1L"
-            + "qBb0pHPZAGXPDg/zvA1XKoTVeICbTUptPrlz7JFpKWKuQnZRgWPvBoP7xynTwN09AUAgLvMkVsAZejX3UUnD3s5beDiJ33tjhF/vMsUiAZ6oEskSqxHwLJAu"
-            + "HzuUhj5AkPeV21aPQcYrXO22znQ85NKWn3Wbg9Cug2YsMbdxOgsxHqlxv0R6h+5Yq7QXG0/vG8XqsX296Z/HsnnvmFn/40Gi50WMvLOYHMis4O00AbJXdkgK"
-            + "bS2jS69x3yw2Vz+bATjT4bhoiCPTEByAS/pd+OTfdutaI93Qz7+KT8lUMR+SZZsB8JD++49uoC7LKSvtMzcM8Y8LpBYfj47RO8ciiQkESMkw31BC7KO6qB/q"
-            + "x9qeYr+KLHZNpJ1RV8N1LbuOPVFGFVTcgOYf4+MfI0lSkUA626SPHDlJH1n17SLUXr7ibxc2nFf39+VZ2OU/IRS5bipW2OV337CPh0NWw7JYMrf72N2raOHp"
-            + "W2VJGooqF2FxUFbI6qotaY01cgHdrBnwwughlD/J4FOGTsIFMF0nZlkXBHDYoZxxdARasl+orwPLQs+n00luYQrSDns15f1HicQWWT69H8E49gWK8AsAsdhw"
-            + "00QXEtpLk6f9MyLGMRB3sYI+zvOFOBrgd2ERapXdVmsY+ks/8eQ2Epg9dwQaYcOBgNKwOKzH/8qhWfII3ZauWG8RzPnby4qHoJfJRqGS+FqVKPaHzOHDmEm+"
-            + "370uhIDds+FKjv12BftlMWZ3u5Lqf2/kbEXfkpA7xZxiWNWUUeq7X3sHPWEjlHMhpItJ5w2zQqKdqipqkzfIS69oy74U3xxWD/cgnFDMiFeldBohMRqUSPYa"
-            + "A950A2lOyi+1dZn2/7GYVU9MxKm7jYmMGAKleYHnn7l2k3cRB+bk6EtEMzrXpa8NY2v6TDJgVblCiyL0WyZahbjEl+dnDYx/O1kgOM64Vgf8b7v9jB5Xdg7G"
-            + "P/2OLzCwUJY4BtFM7f1A76Fi+9j/H2wVEyQDS87/+6bBo6Sp8C/Q1wlTszRCSiSX+UfU5ZrqbVxwDQQD7J7TMcTOZUblB97wkTLDmZNMD5x1xZ5myrnUVf2Z"
-            + "H3AddHGhEilzFfIo2uVPdyEFWwxqr2xfjk53JX+nlIz9FyLbEmSp+abUWxS3d30ii6xUZt16Wou81ix80lvG7YiXHFSfvQ8S2v978dtcDM3IuehkmhyvuZOI"
-            + "1kQLoJPOeObsJ3G2dfWfTDOHBF+kPKLCmMc6SlzwokurcbkDUubswWGAn5j+l/OkHHqyLeUmJvck67jZgmZxIX00sJh/HDZCOtYYgh2b9ZzLsm1yiVMPqSKw"
-            + "CaNPH1qIc+Bw7gfGRl1DKwvP55XGKSB4aUCNg9HXWRBEd+Ob2Vs2zuJ0+3RFSMM60Roz9pbJYLATWdFUvjXCD9by9njSxOs93jLJaBP7wiXyYmjwpQHEfB5y"
-            + "/CF1dt5VHu/qrRqsHyGkkKYaXGbI7QsPXaIzgHKTd6u1vdWriE6LaVn7h/bDdmR0uXdBwyoOGl3A3N3RLp1PWOW8jjxUHUOw4567jFm2KbnwRB8/TmBA7yBo"
-            + "jUrqZcgyDmNEEQdVWy+F37Mc6QK/DB0HC11KPkFs25iZxos30aBIFbWEhGtFKRus4AyjT+U8y6TK7//VPHNqmxip9VGqo4JOpdnapJ4l4fDDO0igdWzJzxNe"
-            + "cMHvEt1FyyKi0IzaQgMQLVTEdXqcDlEL619rH+8E7s6M9BNT3p/RSlhofaSlSNjO5TLpC6FXzdDkOppQOQMgnHT8lQ7k2WT1zcugmxs+/sRd0yCc6InFMVsj"
-            + "xkDLc/7yW3bdCYHARg82frAI1ZdkiWK81KoW9YQfV8R3xBl3dhV8kEjglAYN2JvfXi5RYjBw35YK1y27+xbdWlBDOTR5ZzZriPxR0z7nBP5iOU+d5KXstGEy"
-            + "WEw+MR7f7qTUK/gzjtc6QI8znZiZCczyoz7hzVdVB7uOeBZoX2z4KBFBH0+WRJhY+MfC6653iCeohmGwcMMr4u3A1dCIz7oXTo9NL5gGBPRIRlqmpY1SniOT"
-            + "jfkFZwPvw0t6ccikhlFub7ia25G9VP8ufOCHmGxAwWgNsubft+K2GxAvcNGOBfQ0GQ5GpI0fh0A5HdcjYHqDXdXhSD4hzdkfnnrH4mEg5FypZ3PyFboiAsTQ"
-            + "Rx9CFtTn7+c7A61wW93cPWnTXSWaTznxPrjN/5GdV6Kt9RjdcIU6E9pDifg2GbgwY5TVKKfkQZ/2F7aq91lGfasqbTtTqvjmnXp0tYjeN4KIclf/o2dXto6T"
-            + "Gn6lkFreUGY4vUr9zHkWXFjxkivsZVI9/stnTbsM8eCyjfkvfy1No6aybsbPwipMXmYX2d8Rs+BuAz3dqxYpmg6Z67OINebp6zpe5M5PTb21JHTSJlojcdvp"
-            + "TfRIeUgaEJbT+LeMuk9iKBZKYdKmmMGqDAg+ejWzdo+LefCYS20dXkWcqkDJEyB8V9puQ4AGB5ssQIUVXfk9YmzBaQE/VxM+IgnvW/Bzis1xNmj02j618x9s"
-            + "AIC0Wl718VhESH29HIp8BQ690OElJasqeGKjjE2V4vvMqnhxucJg8uIAlYIbsD0fCUmtsgMUXXW82bZI5uIlc1CDGxENdKcL4Zs6NorPCXoo2q5FB+zgxSKF"
-            + "fSD3cnbEPtxlOnR6URwfD40QfXrE7dUQsAbB123K5Z3TSX1KWbmNwKtEqQusaZQsTjktcxa8gEFWFz2qRORcz4Ao5FMaBJ3Mi+NRWVp8Wg1UujqTGMddzPPI"
-            + "cE7qANxqns7jdqaXFi+A3ij3tbrd/HOEHNx3OCzIfVVB5AKL3NknobbfVmwjK57m8najbgrRM90AiROMXTx/e+fIZvFy12YOu5FlrRO2H7gj8JY/WQqQEF/b"
-            + "1WfQghteyWjooMTSYxOQarZoApm5jw8cWIt+bkjYBxLWQVLoUN2sa+ckySaVERedVS8RBLe7SNjer+JymOYzilowy6GGahxrp8OYJ4nOxrhCqRbfWmrQ9lF1"
-            + "wZKQvCQWEQr4V2yJJUR4IsenqRwWLOQ4fXmFRLxMdYc4KgTaXubUfUfNetjk+hTHZjVHvdy86caQMMM/d3BAljaeutFoZgu7chf/ZWInocdrj9vwYu/+D/Ns"
-            + "fL4RqB5hKIAoAyIA+ohTKxASVborLfAB4FzR0TSeZszfq6xPP1uVZKCWT0EGNSlPIWxhLGUv44dw86dzHVLzHZtem407cadiVEFBdpBm1TZ3E7wfYdpAD7j0"
-            + "ZSocImPeuMMhZJEaOoAcHAHwTy+vwov3N94K9hDgtfeVshNlgnERZGWJ1YLQBFqeZNwIUo4RMXFePu+cxpqX0vuOMv4lnhdQ7nhl/q9oyJTYzFQ5VIc2Nvxk"
-            + "3oOCJ+QOWIdCUhQ7wzk6CUXBohxz1dHM7AqNyqVg0rInnxMPGV/yAPTVlCh0JUam25XAybce5Vynyoqk2rCmyXWZvmJOe271SdL1CUZ83CsocP/zOdS7lDnz"
-            + "KCQrZKILnm3y1biNq7zDO2lJzUiBL/q0YltdeJrOUwYnlFWvHX+2hpx7MUzr8of6LGIf6AQALHWjAb+9oh5V4SyIJiq/6dkpVbg/jdKp1zBQPz/6R+5uBT1I"
-            + "nPtx/P/v7CRzfxLwkF+secBCxdFJYXgQzIPM/Hcm2prD4B+2lb3XS588Szh/GEdvr1j3EkMIQx25MxySqpJUOU0XZ8mOVPKf3xWpaRl8wglgdGCzFNbkprsQ"
-            + "EbuorvftSX4059FhZ1bcV1CiWS6KllSiIHXjAl1JjnYd/3/HWDxseAxUEJgMRAoNS7nb8pKB+CSTgkC6luX/Cz8+DH6WNG2TvGbDBZ1ruD4m+FMJ10gTxcsG"
-            + "M9tZOjQ26V9+AYAwa6zCbu3Ej3O7XvGBKa+9oUqfPbdSVfa52wZLYrVaq3BNRhbvAJmOcqMEGO+SkLH4wnIokfwNKGzPIXPzVjNcRJQ3q+e0glOl+k8Pfqea"
-            + "fq0GuYd77mzs9JMouwACG7L6Mf/ol4CDhczyYJrXBLGr8nKQ2QkwB9aCktjrX9wDlVTs9tMxOw2nLbNcuQlctMyu+ntgEUv3XCPEzMjHuf0ZPddW4+M9Ij44"
-            + "0ID/wYDbt5VpvjUkxOzhjVK//k43tFKUwc3r87vkO4PtsV9A5/glW68xPb0PIcBfmM2LcnGnWLBqbsZFuaCV/6h/RvwHOlvwN/Svgo5jjR0ZQzju7+wZ9NcN"
-            + "iqVlBM426b1VG3iL8w3bMW5XsSYe+7xoyAlxZbFlmdlkDSBeQKuUK6vNBlnp1GOy6a56GzsaP/eXQapEZLOohbZASHU5xLpLXft02AT6M3n+efiOkn35Rv6D"
-            + "rnOV2F1dCrMvTKTrcmlWykCccf0fuMiz4BYKSL85HqvCqhST8NuBp3YoygKOSspjLFlV+Klc7GIAx34+dmECMbxgZaFJ1PZeAdi8HbbO13Q9Ubar5SBMGKAf"
-            + "frWbnEpQU6a8QQlYxa+qrG/UF8k4SZ71Za/dSVQVZKb6RoXgjvFGAI+6FYL2ULyAK7EcEHOQkXljdbz/qUmCuU1V38QTMwbLQsXdLp251/N+HgJCdu7wm+cW"
-            + "2EtCjoa0lbTJM9SOZLrw08lJdQ0kneyOewA9lqwuNNcf08SttYHuqPqcwomKseHMUB4qQQHu/4oDr/tERqsF4qA2uU7LwX1YbYwJ/HAlAXa0fwrgyu7rObEy"
-            + "+iCUfiFaBwdl1EJk/+bdUjDdPjMCy7CbJFzGF6qrjKgEi4MoAIz1/yItSTzkEZCKrJY5vBCiCaFj6uaFHrNyDWijdMAIGnZl2CjQOiZT4feepM52iB/lt8RJ"
-            + "akmYADedqDS3POds6+wFh8kx+D4NqAJk8KB5ktrBC877c5DnMRcKgcTyOaKCpgrhsc0/MBrCQsHFI9ms4rFuy5P8ztOKesVPP8qcVupO8a8OkTDuaPnptvl4"
-            + "7Gqbj0YumrZohlbA8vXe0qNGGoUz+yiicGljmJGjwOJ4m7yyNjmI8p3W1KEVEegxOsQuak8sZgxx4ShspxhSyMUiOEeSa4A6+LajB+GfPYcG/KnCn/idSkhm"
-            + "firdDWeuqTlb6Mnn6SRz8ajTVIIQzDPDBNbplWGVFLpaFMt9sCM16i2qSenrWvZlrlfeVhMw0jYty2Do6JKEtTeIagILW/trlan4C+oJ0LLntiPV3HX8U6vx"
-            + "OgK326ubDfKAkfgRkf2cT+9QM2c4PrunzYpGDdCAiEXv1X074w0+kid8TpIxE28UVWOuTM7PAhcZ7DEZ8P4wFFJuSSb+/ruska0F0sGRzTPnCpyLf7P0t2cE"
-            + "AIq5/ReG0PSMZopj1NOEeMkDSbuTSoCTb+zW1Z4juST1Aa331rLv4WZ3ZGXX1ElM5yuyMePxKtp0fu+HWmYlLUA7V2WyANmYS3wtVImUAGGqCOxhOEwAFGwv"
-            + "hHOfHyb3+plKEr7br17t0q4NuDxhASQK0ZaDHX4lPU7iHsdcmov2QluhI75p03s9N5zd8hQqcLKC23Qt1M46r6VgFSy3WFFfj+apGYhgvJVZHHZEuLudZ0aJ"
-            + "lnrEalyPYNyCDsUazjxvIlqCrJk4D/n3XxNeAwaZGZA11JTSpHQgJ4k/KMxlmF07b1FRefA1SZuNc8oNwPsIIV4gYca0nM55HfzblzrfY3NFwBRtlsPmdTTS"
-            + "PClq6lQG9liJ8Lhp3fXkECQUd8GRi4LCCyi9EPdV2l77An+xQ0y9fM3DwCgHhGswJLd0GLTC3jAg8ZjuXlvm+/jWZEwDnusc/oZWVYd3AiEbfGX5nlTaVL6R"
-            + "xX0Zk3Df1SaFcGHY+G/Xq4nKyd2hPCHHWUV0MJLdoVoBMwAbDWsZT7+CU9I0e5LZp5deFb4oSrHy/IGWSFf9Q3GnrfeIgLVyp/SxOShS9WWob6ClemEaJj4g"
-            + "WBvtm+Utm2HwH6LpwmB8y03heVK9/s+uORIpEIiIVYaoRnH8t1PuYgFm37gjkko9VO5Rw5V+gTeTXbEvzOPy3I4nETewtTMI/m+MtgTHFe1YOVFaua+DdupW"
-            + "mwZxWrZZW6WdDzIjFPSknYxs7ahaM9y6JT3qRcC5e8v1/9MdgERbDNzi46G/1c6iXHa+WgkwALT4ZCNNW9RSMKA/n75x/K5UDxKoknUeHojAKEsA2YAzb8FO"
-            + "KKo1SV9XQCVPBoSfierPZYk8egKWbCwAyzwDQcLulqwLczuvxiTFx0aPOy6p1A+x4N7H6xl/nSd4nybo+TN6ohUY6DwhKaNj3RVCo8ReDpc5kuBeBt2goMMo"
-            + "3KKYWYad4oaccTnaMFEvr0/+ubs/Z1svJ0i7x84g7n2zfAkINgETAhZH1ngI5O+Qmxl9Uv9E4dI/RmUVN4zmoSsQlCOCI63+K2laaqAysDS3FXAIRi9gfjbR"
-            + "bWXfpIPzPPmgxtNkNKFI1OgYi6QUvbU9dTy934XMeCyBfmZQJSh5Nk/0zR6Vb/JXfiiFePLWoh9Ije5BmoL1UWSwxoxkC9EyXfvowVZDiWyTaqgxwR5oPs/f"
-            + "kkCAnvHpk8uTnNGKcG3u0W4ybEsYaETv0tXpS9tOC8/UZVC0KW67XfckI199dwWND2UhGyhjTvMuqXBrjE20ENnPKQm+JAUM07W9JgZAIsbNVEgbNgRqlbhn"
-            + "/me39TP8dvYkXVlc/2jIJpwEEvLRPHHQqqggtgVeMSCz3/kN1TN3IbCexiYFkmgovvmRg2VxEPJZl0EtA3muYZyIXQ0RO120dMWOwnPvgVCqA9MOLmF8cCmw"
-            + "PC0QIw8KQ19sbbnVEDp3EaHf5woBUmeJHSDJY1OTtgXFWq12WIvwSs0epP4p2Y80h6sXFDdmVGlBOI8VdKpjUV9GqfoUoVBIEBuBn4pGpnCn0P3vhguz07QP"
-            + "WJr8JOvTCR9zcdPIf8prUrng8OWsEYMZjSAF43I6RVCVER7dkMj98slF9Pt84Ai+v2rGfPn0lj5bsnblQLFzK9Cw2MC27ZQyj0vU6BIQNvalUl33QAG/S10Z"
-            + "btJ5hbPwC8FGpdaHu8sG0PjrozZhLELeNpqhi+I+PCflU3ly80nxIOm3qdVCS/z1yYf7e4ZAhBGKWqnUN6otNPnuKMuVLXc0EJVZIMSIqlOzwvTX3wDTcDEL"
-            + "I9DNS0CWnfbc7FAaqxFPqnK7jrgz2U4Kb+kYT+vE4iGMCie5q4CbcwEICB36CzfDzd58Vp4fY5rNgPmFYQVHlsGkmRzIYQ1/8E9nUXiwGvv5etPXm2oxOyTM"
-            + "4zOHdjkuYsDWfaY6SMP1M+TqO9Y7vz5wVRrn4yTy8fTiN3FZyCmv837w9eX0UzKLA0d9ZVPAeMHqZVY0wGAhUKWAD2XmOKwD5pz4BT57dGvDOotirQUcmkT5"
-            + "eDTUHBdB1/nV0foaAChTo5aJa1ffWxORUHUUzfqwcnZkZpW7TNOaO/ZsGbkeBzDwm/yClyyDYqg+dwZvfcuzWewxNdiH+8SvrT6ig9kchRZnNfsAqdLUi+uR"
-            + "QsAvVGc0ZKdrkeLgUXQx8iosLS4IFOR+SJxL2bzAF3re1e7l5ODOh3qLlCIP9ot098JIGWGVKGONwNRyKd/s98OsgBBllG9B8z4mSOhbx0GjRvpkUEQTojfZ"
-            + "hucsCfvvvKvCscsID18g94AXf4tqxy1wEIcZvqRb3BTtJfQPGKEz7nJFXWUCILVB8Hn5vFimEMsJjS5Zowd2R5NDUhrzj2WJq8TH0LnsjfmJe8cgPRPLJ/Qt"
-            + "tDbR6WyB4fQ744hpSJDJWLsY6U5Pi/f1pQVjn8RS8f4CxIuFIbIDDwh0fA32E29zmVD45dYOQ6qtFxGqMlLSNwTJavzzdx8wYhkX0+rGgW6+opdSLngq5URi"
-            + "iF6tJJ3puRPMmtxU+5tuW/bcIPFtwI0pM5ucgG8HrfmhNN+eod+0rmGcVcsivat2wI3vOzjCBmHrNiry8wWKOs1dseMEMaP0u1TH5fuNVcKl73ftn4Bv1R8B"
-            + "MNgR/FQSaO1cd7dKGJJuwFETozVMsqh/1GYda2gdygMWU6Z5CF4+zRIjdurlxMCYZU+u7a0YM27kOndmUEXDnY4rCts/CFoEz94D2ZoD8zDytX+03PZYsIjL"
-            + "kLDOjepO54CFqzS63LNRoA65ujQoNPHQniqaHubHvNr2Cz3VWoXQw35zYo62rVoLckMNv8SlGl5Mqv8ms5t9NrF7FdYkXTb9AfFwrPcGIBluxDXTqJ0DzM+d"
-            + "AmNhv21Dpn/uyWQL5ot+dnp3+K+R87vAtPrYG7AegURutVW40xW/8wScVvovlYt7DLY+oK5Q/0ffXk7YpQ56GVzFZEvSQoj/BDgKt2030tZYTJ4Up28quWkF"
-            + "xpujUaGnkeJgsNM5qwAGlfnjEj5GmlhnGTorH8GI9NgU8yO/qVxjd3qb5l4E9ZzEZFesFd+1qHrkbaYe9vqipp06Ex8qI3jPCGg++nE/MZ31oxmSbn2nVIK/"
-            + "o9fX7I2XqA0I36S3ipPFnwCkfr1n4PvbUuHCxzHqzMjhXkOACx7X77BKm8q4oC117NVQxG03AphN0mEflgKwtsyvsM9JKgtKX9Y8ESeTb71tdexi/Bqmq/HF"
-            + "SFJET4tUcbmea/70Kuv37OvfxWu2BCwWP9R5WMppVhcyAKd7jYKaT9n2C5MKli3vm7sJNAB4PUMkuQHmRTCkXx+uZuT9+lJEa5toSKuJ2owBIHh6hRRcV7WB"
-            + "QKMeBl4RivJXIn89cgLO6DwRul9tZNuN0k0gqusnNNNMIl29eNpLGAG8jgPqCi1Dyq4b4t2U/axV9+sE8RKq0TRq15L64F4X0l8oXRDCW21QG3PnCOKCIZWS"
-            + "k2CTDulgHe7lEPSbB7OMS31lDmtDrmjb3Yr6dwqpCw2raC5wBEVupXqKIvo82796sK07VI6GgnVukO5R0EoWCsDnTqHQmj8tXNEy80bkSJ9GixSXHMaPqd26"
-            + "/T2dBYDEKzdvIzkES5QG5PFoIECYXAhHZsfCicFmv7TRxEBVvewQka727xU6g5Dgo/J7oNukYG++WYjSQ33VEKbfokUa5qS1uVdZOnfFzQpi+YrE6evtOAT7"
-            + "OzuBK62nxY4Y18gyvn2NxiJbnQNtN9RXabufOGk6071CBUhwv3RaRcrRf3g+RXVk8JKz/e9ccXGESCW4qwL9i72PKgKhpZAnSp77FdIeUnCQSgYCyKGeQdJQ"
-            + "csAS5U1D9Kxr+Wj5W16HdnEd8BnpRvynadh0EWHo4ZOmc8iIn3l01kgITm1//f4aACSll5BL9EI1iut5/igFUH6HIW69Ulc06u3NObepQx4u1gU4fRjkcXfn"
-            + "ksvyKm8kUoIEvJqg28suUCAwpY7gdgd86mkNHsScefnDlSEQyNIP8i66ShR22YFdKVwgLJnVglefs8tbYzTJmDYxK4Lr644zQWn4rg8bY6AP16ehJWBaUKzo"
-            + "VJwh13Ez135dTe3hJtoCU0qxFP66jv7+pyEadvedcLoK4UaMOyMD8yb2AnCkLbMR68Rf6q10WzSvyROj+0cG1nEbBp/kQoXvnP8pouZZ3Ryxaex20FC+6V2L"
-            + "cv8BGvP3FFceB5Eb3eQM+9Xw2P5tLhlIygfEYiPh6lYDBwmm4Je0LGWbrmhSOqlpWwItpxh6ALAXX/CZG0cjPmCnWy3p66s91/9FfSzqHEf/dQy6oWoLlqJd"
-            + "ZMdALwdL5aj7U/ALxpSd43IfwOeixr7A4dxpY1clFzhIN6Vwj7/xN/u3gzYNP18mV/VO6smvQxUXkFHd25suapLMaXKGIe6GG42f9hpk7tjm6ELfvZIccXvH"
-            + "GgiMLj91VyOKX009WcogwRq5c0Vujtts37TGnWKzR6HJon38++imzSSNeZRDvU7SfFnzEY8d/7PZkYKYrKbdDRquZOsMu79oCuopg6G1sLBwXaSeo60EsExz"
-            + "2WjjIuV0VLekcNuiXyKsTJWR8jO/f+4qdsx5H7V2uRPBBpmKlPycYwVDx6/OBvoiSNRygOa9Qt48ctYfBqultAcJqgyE+qr47aNK2xzUgOOuvv7wKjOSL2gb"
-            + "w0CZlF0iNwFppEDMlkjPHPGKIwpqSUyTN9K8h2eCY9m2vTPcG3o/t0WgIt/C8M+y8ab3lS+DLBi08Mvnm5G+nsB83qc+ynm0swT49uBx00g+Ni5sQ3lBWigF"
-            + "ND2CfpsAM1+m0g3as2/dNA6AOmVP0vX6HbGtnodq+3c8zPpPitIA6QECCH3E9lQypBJ2zqDcOmxCAvdqdPF9CPDlyjrAwtxf8He0eiFL0lPHKMzuhzBnT1df"
-            + "/eIac9ISzKsBcnNKonco+WfRdx0TYvOQTchhk5rg5GA/HgRmVhKWHP+kfZUEzymsXcYTuIKLVP+TiC+3kNPZl2slv+QzqTxEe3FnXZGfEuC6mM9inPMagm2T"
-            + "muXdtHgFm060NmztT91RqzMKiBoSTri+0OUemQTG0y2QjUU4G18gpWF18c3ibx2rQKjlibOL2lLkN1pSfhrlwjt8pBXM/ev8PR7t2RXYnPJ20cUOSPWvy68q"
-            + "oL2r/qxYINEO9c1velT1wLEgvvtOa/8wZnY/r97xV/tPmpsT0NO37zIUGLsT+v/DyxpMEKqy0oMCmNV33rh60gIOQrfZkAgrWX4V8BhsQIe+NWDmucwvoLFE"
-            + "/G3i+hHjBHEuGsGHC9/TnxpdAPfXvUZSZ+sIVr9MD5n8zTQ2bkkWaU1w7qUKz4Bhz6w7YUBEShfwCd2yHbRjIOuoE7rEuSPvttkI2SdWMxiE3mmnLrvb36Y2"
-            + "ufUMGpQLF4nlF8rJ+0Fl9gQXvOEQpwcsSbzGQGe2t466TGfs1n0g1J60lK9jFUlr+3uD7lDZqgGIMLB5EDIpAexGpDjPJBzmCezoUYhJZAt1CwKqtBjlPdFk"
-            + "geI9oKlPXULOmS3/F/gbscqEc1tcwbNGzFUmVH0M8MDLdNl03YsQu2ZYZX3Kpin+88HmRRwPbdU4sd3JqDtBcbIomVs88bc44KHySAuff2FDXHI0J428PBm2"
-            + "TVO0YLITt3WjdamUYqOBuAI1xsb4Xq3lVk0sNiT0HK8F7fzv0cLuyDg3gP1LHcHoROku3YW0Vf65ZPMKgpPoGWgWoffqniFnS6FGgbKkV/PCLFMLKSO7WlE+"
-            + "/GN05pzPzMjmMMtb579u4k0Xja7/Hh2SknUk9mW5RIeYc18WiSUw0FCuduTNGxRI+EAeFYo/jym0xugoGmLQKr3G6h7FWSpsPg2t3+er10dckvfnJ6rUBK1T"
-            + "uiycDGbKAILeg/gBKc60VGwU3ny0ocm/iNl9tAnXLv3+3jXUuoEuICb6vm/2OpfzbK4HX+KSgJ3mAba06NYKZUyAsYEKXItyYNPSXUtrDJHDrrD7/Xtf5KDA"
-            + "2LakCpnqYTEBur8lOAOZOPkPVqNIk6LGcCuffDQDMg3N5kG+QA02mbt5Ses+FRjgesfpYRUn8B/HQHHwXuPfpaCM7XIHSH62eeKyttZ45DO4f/t3kkFaVpls"
-            + "D1y8NtL9VkWOuek7YRyUztnKWTnDqYRtUIl4nEW/N2hLWzcKP8ldhYp86o9PQq58Zi1WHLtZEM1z298t0lckl34+9++6/+AYQlPLIPHs6v5MFqbLWRFy850A"
-            + "UZANXt3j50zMaETdSkPJs0YKCT1woSDjOp6z+q8QbXbpf+vUyplF+pSNC/wbiuyZU5Vhc7JuvoXFLgAGYtf2yl4g23ZechDvxu1NBfyDqXUJF8VUahqpIbhU"
-            + "hUWi26WeGNEYpT+twBcQiQf1v/elm5TGK5gbGJc7qcPc5nFzuU5GO2hg5Lz0swBiArbCWr7OYtfFYnRPg/Z8wZWtcsZUlugzh+IThVtcns7kl86fDUtngsAh"
-            + "p7HuQ5EO2Cv+ab7x3qC2FRSv4u/IrzKnDrgku1/e/pf1521RtfUpqNGP1JiSQQLa+AlB09JrmgxeqTSGLDnZzJbxHfK0XmcDTzVZGQQ1SEjimRVlyI8EVnUJ"
-            + "h4TmlgXMz/1qalsO1NdApfeT3knzCnrbX7PPaHXCHPZodN2wttxTzjEwaO44T7s2xe5/+X/d6xzpVUtZsb3IzP0CWBfbUvKp+x5C1WcPaa2Giq0nX1NPw1oy"
-            + "iS694w1nSiNhqWBx8ksJ8fjT3vWC6MQsTkCDrkDZ68raGoKmamLs+94AU0solZdmh/tD8lnDvfT882jnV8eey0WfLBY63YfPEwDR6/kCtWIh34YNaNDP2Udb"
-            + "+lpbeDK0J+lrH0II6BLYAtW6tBhgr4/ygTYo2zHO2LAy9NPpqFrXPi3ZkK4zVYs0DN4Jxhtt1CMNxllZGu+C2frPgSiFMCSwB+ckCEXflOIQQPMJZwR6wEkk"
-            + "+zD3DvgsFRIrcB5JC6o+BdttMpChXHCNc49ppACgbwEyRt47l5URYUK97+O/wdQep7X/jqz4hyf3R75xQFaWX2FXcNsWRCZzlFzn4r8M6oocMAo3DfMIElRg"
-            + "yUTAZrISmV//88JnS6YN9jbwPwzGSgmmkaC4RJoF2zc1nzaKUg5zIPBM6nk7W4c1rF1JpVf80foUMFiGUSybB5JR6K4iRLJR3szZuWeVbpOi3kLmiGg9QAZT"
-            + "4VmWYWil9A6GSy+wCW9xELQJzoO7zloWu6l3UIqxBv8hPUDVOnkab258lnRA+n+ygwj6nLZRipSOKVVZiJCWOzaOrWc7kRtClMlfzrujdVOjakyDu5Q1nE/r"
-            + "sOO4/bnPOLoxHpquhRh+xFtUzk4gRS/cSaUMiFxYdEZFvLVEmyGoPuolBYmdr7dsh4DrF0ykoGyPVw+mqGAR4blGWgdOASZ/kZp/Wyh0dqmP7QLMmN5CwQM0"
-            + "j4HXoWQCt1eACEAaIyBg1tDhBn6uchwyGryqtMW85p7Sbsye1eKrT8WGGD2kaQwlnNTkRKCsGAsjZiSCVdkoLR6FidV4J+cfno+C3c6e19LOiwC+B2fTnwAg"
-            + "yoKzA5qVp3LlcPgzlHab7gtAvjWXmDl7uKx7WuNDjrA5AtLTz8t62LrmUxEYUJrgqUhUy12oWUcKK3R0rd4LMeTpbBT5/dRSmXe8gja9wI4n7p5uSX65dZrW"
-            + "SquyGlnqskxMgVUTZblkDfD+kp+1GAnz6ZsWfm8zC6hHX0wQrY2YxfAwzZ/isfvvkHQ+CfnOXF+XtVdymHF4by3KW+vMQoZRvOQbQ092/ySHDFbEVDVrROL9"
-            + "pCuxBeDbrHNhNcS5mjCS4zcESGYfrYwg8Z/qy4tDaZREyEL+RjWypLeXLvELuyOv7yhNMYzMpOohDsBicd9ALaWeXKOz+6GIJgGQaCerYRcWKXJPokiDmN25"
-            + "aILWqR1q/TIR0pPH7/yTRN8XqEDeQOXMRr4Pbc74RhojCuJp+Pmp+xDy8px9KGnQuYLnXezRV6PzpOHBCZ6UL0vLBprFqfd02d9e9bqzYIC/9XIFB2iISqIM"
-            + "bTmpEpwzjdl3M+bEUeADG7SRIyM7V1Wr2DZErLgaJtnB0awD0f3JTN1xkZa9Vyl/gQNrV4lOc0HAa2uGlflGiLLGVICbT7NOb3G1Kk7xmUkxx+bvpzsCLPxt"
-            + "8LYF4FlC3tB6nTBqfpYh6FfBp1BW7JWBWTLKFlHlA1df0EJJcOZxYl4HhWJhcRPN/hVWJMt0PPJ0u1zdDAXSmw6NbsvKP169C5GarlbnmZiYEfAqowYZzktQ"
-            + "88t/m8QvDvGFk/OURHVzg7+9w4JREzbgqXN8ApAw/5x0mvU864e3pTxlL1gcrJe1EyAzRCC9yAD9tUopina4GOULjbe2gFpq5hZRa6iLoWJxOqpOMbArzZKQ"
-            + "/YjqcXwfD0EH63SHDl7GLssPQ+IuFcJ52L0C563W+ZpYAaGkvtHMMGQTl2egr3DB23dc1s7IaNVILGmJpl8Xr2j4imEtU0P7pxvhLCQidFtUE59ABneePqTx"
-            + "gCMVYPAI72hw7BNcTtq0A7pJFR2Xd8DPGCDGqxnyagyWHzAXstFObnMl8P35M1ZNAzy+cCVQ+QsntV5MpugmvVlG3cN23zsj/MewwuZCawrpvTxYAhZHmUoI"
-            + "4G3F7pzaKP1ZvQ5oERjUk7jWkwilWQcSVoV4M4ZzpGxXrSMsyLUNLGlEr+7GXXD2r3tKvccY6Sf5wTUm2oRMdVSIxU/f563g2spoJ6sLTDsOqOfwKQ/FVYQG"
-            + "0LmLVuJp7DApebFEIs+sVrzXZr893Hiw+CEFWymuRLZRGn3I+4/elYQHLvRDwmWfXe9Ieyj2uEZKWViRzGaAxiD3zw5rsYsA5X+vrTbpajoTVjv6I7RKxQON"
-            + "TjzFIQcVRdRtRySNF7lNx/NDFv6wyPg6jdmYuNHIlNjO/2KmpI5xuMc/hfirk7xrlZDb4Q/L5gtsvqQQF91+TwP0k4pQ/sA0fh9QnA+bivrA/k3qi7IwqtG2"
-            + "Kq4qjp1RPU7QPkHP0/eY8ooQR1npL/4vHCUJEbPYqH1VM4N3OnlCdMLdPvdgFqsCo8u4xqFRRDJozOnMa7N/79Kg9AXhBrKeIebeSEQa29rNZLzt8DVKVDz7"
-            + "ylYSphnEPHGJmdp8ln4lX2LP8dNYTM7ViReVNN6O2yaL0ermlMD0YkGNCzrgt98cm6U2DtRiLDTgyVyiSaLpHmKh1us+wIIS2hPX41x/4ROk3UrcmDiAg3rI"
-            + "6wTyi9wEDiM9h7i8lEaJzxQDzcDRenuHb/ZbfGFNmHcr4S5c45kCCwzZ6E+1pVk+xyRaz1/fAFPKeoUj3LcDxciQUyIN9xZB+DSpMioDZkR5cFfesldcc7RM"
-            + "+Rj/OrxSFtuW/c+9YbU0G9/OU92bRIIsa61oU/0VrdMs162iZ6QgxU2Aqd3U9XgYT5bMenUce11Ri3ot7qrbMbVw3MtQ5ISPPnA6Jvq0oSckno/PBlcSQ37t"
-            + "5iVdmOXyBDaI3L8AokunbLedmEWePE8Zs67BwAAOHj3S5AWE0VT9JmX0EL4cH6NCzrZkOJ55su4OqL4UWpsk+dLcfPpAFjYOC+MON1P7ZcGyb3owLD9zblI6"
-            + "BUMP1QbXBzIay4EABnHuO1AaERCNzihih2x+NiuXqrA/9HI14A31YEQipJfz6hEMwpPHNzznlTGZQUtOkBPUj5Mnf/29vn0got8e2M31s3EaFSbbOfwh8c/u"
-            + "5wzmXtAl0BoORy+L3+K0r625V6nquSt0DHL3Xj/qpmsWktcGlZ1ykV1LO5yM7oD/elATdnOdNenpTQLmnEnCRUK+aw60auHuUvCryz7FpgR6X9vY2HVBCPhu"
-            + "TjOx+M+BiE7wxdy6Idn01kd1WxT3a7JrJnpscimhzY/zHCkoWw/QDsN+cs0nAvMCKINnMDHq5GcV0LvJ8nHm75dIHP3Xd1YMAx2FyeKuutcAzQdbP47ooWSD"
-            + "Rb6KsxpKoTKTJ/4XDFF2Dmg3bpbxYouxPd9Ii6GP33KCd9BrfZAeIPjMzN9iJ2Z3YBxOner9QzDLLgDj4RBa452ahnZA8uGVkRFI3BlbEqc4/+B2SGe5Q/+t"
-            + "bcvADCyE/7bgVSBo829QkJuv1BF+kakrPRwI+L2ySqaowYZFepOwK8G+7GG6BgS88j8LpfQBKfQvbLNQ9E/qsghzlh7FEiCctKA2EDhRL3fmkxDdmrbJ39Bs"
-            + "pnxM7Abqq2qXr9Hzzp+MnZeVEA29gp9Xgqpj2Py4JTyyRaemwSKavyGwPjhJUxw1LMjIfMHZz50e8440Tb96VkSzo4u68tBJVpbhWNv2TTovRLSb+gqhtqr6"
-            + "UE7XcEyekGHuH8ImabNZPTjYcUjV6QqShqseLzsDphJn7FQgjL6hVXSXpIMkK9BCgGa7sFSMaRBYX5KyVO6hpOJQIJJ511MILX9kuHkIkx3GmTRhqcvpk2YH"
-            + "N8einzYN8YSgY9dKsM28pLQwOAgm1uE6tM0ESeh/D1nDZopIa862I0kSnUT6gtNtzWmKYznDoRmXd/i2mISqrb97ymwcMdwJVYYwUsQd1BlPftRYPDRzGLHd"
-            + "hFk2EBkwyCfNzjk7J+VwJAn8sgvbyG2HNMOBhOe+Yed3t2urRMG+jnshKYbH5NnQqLu6dPz+6iiwHRTaPUxnjeLmapU050zqKSiy7vBeEuvJb/w0+C62zLPW"
-            + "gmYADmUPE1YwIMvjJJJ/NAcSk4eCuHYm8X4onMQgEITBZ8FFx6S14Hj/wQcWvLgRYit0h8G6ckblThWVWL8EdKyknoDKKshHlPCbSRGkaZerHL8RZoiBcVUb"
-            + "NJoqV7Ab+U8Qe4Kud5dqTLJIqSJyn3WLDn16pCYbcJ9uoyRwvR3t/UaoPSLLTR/dc52lpFIMjEdTkeYcMT3pnmFRAA4npD0kSsQKi4yqk53Wdy+Fdyf0TNb+"
-            + "vj5QcZrgx35iCG+K1BHyGF2HIiE1VTHO4TabiiuLENjlo/MPNgtNLCDT/UgJ3u359vxXEgd5N+mv1XtbDo68Nd6eTMY1rVKOgDW9s95Gci7HPJQIyciDm8ZH"
-            + "qxiFRI3yeo2bBWZ2NnMdeUoYC+AOn/Qbb+rQ9E7L4GulrBasY+9fmK68Ifz/odZUl67YoZJb3i3Pr8QoS3nmPt6up5HQlrJHigmRdJ4tQKAbcZE3htQVCAc4"
-            + "iXCuacoM4EoBcpNvWNDuK+OeH1dVpBQ/tbj40BtmAgUa84XuhAsIGWtRxgAPDp4NWrZMkmpwjnHBSQQnUfJ7jXZ5JOfR3n+0leYgiuFXUcGHa44Tq0D4osMy"
-            + "+I2VjpL91s/UKCiiWlyu8TkVaGTBRxdCz4edDBMF0e1w0aa9I+ZaW6cRb+PXIUgYWIIdlIx7+FgiVCrs7uE0lRfk1bXvYgOWIQphXpsGiQsHnxO35TiX7kK0"
-            + "mtkz3mI2WDc9Ep5D1ubHZOYVzXijvR0xDtcpG+69Aqoi/vVc3xNZVnciD29/nVKmsdczpz8FNW4cGsxBm0/oSJyyU1I6ZSIflB4+EFwggMwKf9TdLpNp/0hl"
-            + "GXWnsK8pfRWP3i0eC306iLQ1OS+jy84smNEGZXGzetgpOMDVevU6fo61BdsVK7m8OH0EWvFuP1z9HwvjxETGl+4vtIpP64fCsf42QOoLxVVJ57KxA9vqXK7d"
-            + "IlGuGuvsLcK4conO6cOWXRo7tEgQLp2RjQ0XVoDvW1ShjQT4OXWhfR2XmrlTLX58jau/upQ71JmTJAOjzraZFn9AuQRWAjI8nU1u3LaizUdOQgSGD2dNY4ZM"
-            + "jqsvrwD8/0BAJryZRGitJ7pyWtBbok2n95TxamDb97uVbAlDpV6a6ApG2d/vCS0pCJtUZGhnltTC27DuO5uHuJkwgbbxasPNhNjkHoKyhrkWyfg5fwVG8b4S"
-            + "dKVhoYnIGWwJQuH4qlzjs90UJyw1iDr0d8pubOCtKx7xCsjQfXrXAz8e25iPMsKwoIqhrQfYKrxemRpgudD3Sq9V61SVTrPQOILpuUNGYujukk1CXPDinI/6"
-            + "92inQ8RT4HN3qAezA0SEykLfG1TWouExFXI3TOQTwcmg09Pu0RF0234Z0scPwqEXC1+dYya7DqkUGDQTmD7ZetmmjCGdyiLTOtNnYIO1IY1q8y44OWniBkdy"
-            + "ItwQVWXtIDlv4GvXV7lt2H5yOmiAeE9CaB2Q0ivwvhNDRvAkNmIb2AfJV5sWrIFE6Go+a0PrCGoxPjJ9PcsIILd+Fri5XbE9tMHCbgSURyJgerucVn6ZIE7G"
-            + "DQ3hT7OcEJ2nJRRP+2cQt0gXp22C0IMpPgyfERtG+mc8lJ0Xht3pTE5c8hf7cZ5EHH0UUQsCTQkoLQxbfvfDA4zRw6wPMHZ0eBrpX0CBzRNbRtcLUeT85Ryd"
-            + "sWPK+uNJiNM9xqqc9KP20/GLfB3fc+eZ9KYLzbpkaNHAccbjVw7KjecILuCL23lRT/vBEA3dFHshQtGsMUTYGVXQFAJzPse6h9HrhOsoO81hqLT7J0G6ef1W"
-            + "SEzPKEZMTPq3NBDg5U6pm4sJGC2gq8mMUGVbk4k7URzwLo9M7mBX2K0jEt8TkaIl99IMHTk5ixj8pecNCvKa5+S4kfbORmqxogZQnmA+pT2J97cvRtKRYE5P"
-            + "W8f7Q6Ckcs1F24LHNtSl/A8PUgOG3n4IpFXdKpRX6QGGZbJwH7UHMb3inHjsvz6ST+CiNqzn6DzdMsjArZwJJf0ZmdoLKoe/i5MvA//0stGRUvY2+Wekt1z5"
-            + "hIwvAWcIYdPOZuSGaJGlQ2+GrGwxU4On9IwcciIoFlTk0uEqCiNiQ2RasjF9vxjo+dzrkl/z9KOh1UhKF6RM2d31wnXhghJXGd39FK9w+WBvlIRTGmRU2WJ1"
-            + "xVWnMVc9pSGDKQ4+g0wvyt7tUyEkLcFWfyafUlxMQd5WXzVcEA+LhVm4EqVs4Ea1tTlalKBRy+fZhrXDj8h5NcVdKZORxGBxzol4B9QAcoAdlwEEedwXwL2N"
-            + "C7eIEbsR37ZITRUjynEXEiFeCC9+yLj+i36PbdE8PgS1PfPHbMulF7uLHseI0/MFssPvWcfTfTtyOfuczBUhuI9WlJuZVnnECLE7w8pZY28VcMyAN6kfMo6L"
-            + "SlZ+y+W4rteHIDL0YQ4pXT6fc3LjldgEqyxiZ2pUpN6KexV0DhK2yftRyk3qTVE4DN1LE29JVrbkhkqLusgimqd5NlX/0spk2rw7S5ry4HlRjG/E9FsJM61i"
-            + "HUlLERXclbNDMQWwsgthv1Ro3xx7UUYIqEOsM4f9xlx2rCy128FGV8hu90HuU3kqy9ylq0IlIN9XukXP4ArzmVcMKnBrVkyjnXZYQDv1IXGxRG6QGfH9d8hX"
-            + "rMEJGfe3AM30vGSgYqBBje6hr/t0JY4mBQu0wVMsIXCOg86CUYsiqFPUDfpqbStv1U+OWDSFxebFRqm1OU6UwT9IzmVIoF2v7PZuZlclh4L6H6mxXTkmgXE7"
-            + "p/XmYE3bOFenQmR32cezwdQ51mC0Zkdc/ZMUHd1/EGXv61O5C6sroObnSGZsKVsg+Lc9hTegoMu3YwUAhlBzz3u9nHR5bhKinNxqBhN4ywLJeNU9eGT1+mhy"
-            + "ysmORuICVDO5+0p397/n4I3xqUS4gdW/jr368H2aS3LFBe63/oklwznatHb7ve2XjEtH0jqW4Mw0BJnHbXMQAfmLTIyGPfTUVVVGpyxYKfuyGveyH9MhRU2G"
-            + "i5M2dzTka3unG1MKBM+VI5LrxOs1lySCtlXGhoI9WTGRZCu8J8O7nkeQU/YFBDM0e7oaTeiDOmP0sqJbn+x7WEHtvUcWFFdPwxvw2x1avgwequhqeUt37K0t"
-            + "iR7tOH4OeCrcNII1R5M5psPqftjpQSvVEyiF42EiUxNXJ4JxAnnN9JQENNGy4SVi40OGExDj8SjKOTO5iX3DE9P2rmy7xxlSYFcL3Cx4ODTYgqTwmi/tFeKZ"
-            + "2whVwS2n+xWm4H6fdT53+a6TKjFdf3FMj0nYph6FMVIHVW+amHffsv98XVN4OSQKviuaQLqfzPtqJ3IMVSvDWqO7hssPgoA0BzuNfs4jfwoeAqueKpUOintX"
-            + "eK/HlUUCQPBXYMPmT128RWmR6durRojc1TgpZg9uYUA3hFDmLY4480fcMIUm2bVNVvMP7Llq6pJAU7+LhIgnuxlwSpC01yAhuORHXzMQ/gqOhjFdoGvayGDw"
-            + "CDBBOLsDHvudPJM4/SbnAOOGwQW4P8BCeCzn/wfKQzvllDuvwqkwYW/S+D9kM0I8HEOW/ofKDjbZ88hoPxBi6wvsUWJvC/nARuRZiMi88o32dP0sxgxuekNN"
-            + "MJhbBxpB4ftdbdUfKUaWJEDdFv3V+n6oyiyv0hYqvlhWw3s6wqn7e6UR8IIDz4nZyo5GZQFBTx71mwrVTVwXCazKB+QIlBlOkwaDtjqB1EUs+BUw7CqTTp2J"
-            + "08gqTn2tXBUoemF9xTSbB7yXpQxpfTsBM62nfMJ4aLsmT1fHOatuCfLNNq8iUwnnebxl9yi7duc4h7koJTZ+qv7vi5E0WiOaUd+J3hhYkghkUMMvHaBAhtHs"
-            + "uaROYVPqFlM2e8CRhsbErufLHr2UvPRaaTMgIh1V9ul/E16krmFfOgU2WHgy9LpObSkjQJKkSRQHEXA/fZhb6PKQZ2+siXyY8ulaMkT38K2KtcoL5HbKNRMH"
-            + "VwoYIuJ9SAd6YWtsMGB0yYiGgC8wVhwg5mRCovNX/PiKuUex5rxnDwKU/2gzLXSBoj9zsx+jVQ9eRRdMstN4NWmn/Hgr9Cw1POuYgn0QCr+bTjWSMC7BcqN4"
-            + "xU8dlAbp9q+DR6wXGir6IwNHzB8zNh32yb5DC4PUvOS9B2+403cycBHjmbNeC0OK/X/i9nbTYOCkZ0AVXiSwGd+Jt9yvnc7W6b1OnLn+ptLYgxzI206hbbDw"
-            + "4yGiYCjlvYG220v+CvxBSDjfYiXzwzNTpnSZ3mMuKuFFGAo5GGcJSed/Gfp+iqZvqxLtjg4xGCaJQHEw/L+kct1zYkkqQ/CrGSi2Nq8Sli1TZEUK8dUXVeiJ"
-            + "g2gp5DMHuMPQgG4nONQddyf8e4wph32DcomwNXiIOHskznzgBQ61YNNcw0JW9268lckqDO4TQXy07hI2AqMXTBCxVTrjte7sV4d7Xher9r367xDYIqS2irqr"
-            + "8xzgXjv2xzSb6n4HOSDNPtWPJb7Eo6+y+dwHd5jTAxA/AWrwpwM7/8vn+UJaJECjYGTSpdO3m7ssByReuqJ2cznCIOgf/QJmyu7yziUW2OmfTAeRzmwMXHUE"
-            + "KKvvL/InadPj8DNC8K/f2p365V5C7qtMEVmVuqKeptaC9Hc16Tr1Xba2aQckavi9uOaWaUUJ9jYnDGVnGPmMVXroBxuGQs4vQDCWcSV8Ew9WBvT+OZjYIiNl"
-            + "NhpqE04UjbYodvdBotXeCEywso0XogTgh/qmZl/Fs4U5REi1FOPrSayunzadIsOZnOZS/cdQomdSneD7xM5qxzqvLOscKnS8I0nyGRfmJu4tGyVXl38ZNuZQ"
-            + "o40kdb/g/SQihGRGRLyyS/ScttXnlQm+F2EfWgANNWVtqioT9AYE85K7G+i2eC05CQnFwIJZ1umXf0ryI/9pveTgmdQ8aWVBZ88Q027XoC+marxf624MSAAz"
-            + "muwq6qh2bXAOovFYpTuI8mDCjt7h3qzUOtFMXaaFcih6JwSN35zOCDhM1dtFBrHUCPXMohLyMfgxvY3QjWJsSUCEb/04YCxPa4KepGBPb0FiVDeFqiWF0qLC"
-            + "hNejK95qiBSvPybJGwI2HWR5tdAFDUXesaDPd+zJAdbtvUjvX3vlqv2TqlJkDX5I+ZqmEWmbzgV5MLh6H1xwu4Mu7s0RhmTUMlNvpUiJsTT07IrNlwY6RCf5"
-            + "MGiE4hzLMIYeye4TB5Hvf31hKwvZP0haZDFuRvwkYl/gXmYcbpDuA2RIfotWWSY9UqcjiiIIA3iyoWEFCrVIvmyt1aTcuYvvSBIXHAm1pxps04lmVGzohYcP"
-            + "+rw3TnUJmujV4fuA9xYdij0m5zghRC8pJ75rKY9V/bMa5PixzkOMStGnteDk++I8IF2GeEBbnLELsZzBROJcMw93MoDDvcqeESSUrmjD+SRN4wlU5Rm3psGv"
-            + "NCkc+l0V2EXgGcmqOOwOaIU5ON/RSUdFky2o539sW+O0aGjTLpUnWYKc3w9/6v9fmG0KHzWqXcHszUUatZSHvG8qxOkL7H/V9/d8GRoEKmW7iHiIyofUmz+y"
-            + "hLKktiAWir3l86U2lUfkOGb8AxxnwKELj7YmHgAdSS/BiQ0Oc4cuRFZxd68FMsa4i76nO1t5H9NsUfgmxJ+CZJTN7XlkhbSHy0LmBq3T8+KEOqyMGDUPuoZj"
-            + "V1XSdkbEfTCzEwoekN/F9Q0psO0bpyerfOmNJthwO/h8pxmZnw7D0lvAnmG4HIqRoug/U4fMF5/lbczRmLdCPzfmHAB9Mc5w3NDP8m2b4FTddeSfvNUAfGim"
-            + "SROBgzYI45tmHQC0Urt3l8hcZO7P64q9WtZtbsmJJ+5lgqLRjthvQpkiHfCCDOhYhhUfqWlGxcs+dsMRSveGY2RiT4MTmO/R3IvI5wg42wr5UmstlOjuD5I7"
-            + "34libJjw5uQvpOTIqMDwl/ohnIpTxutVtUKs06PzKjQm9CffgM3NQDWhxJBQ/L1jR+bB2AUgIxmVYOfejYsrbPDennh/ATY5CBUqvGTBYq6uLvtMFKDRSHUK"
-            + "2wsgsrAFfXIo9grtr6x+Bd9Nda5E0NfW1KhtJi7NXDaAHTPN6aaFA2rY8aN01lJFB+4VnaaSWWqRlikiNlNwMag1E1CZU7NgKSeKRCuduklAdI6FLMJ384SN"
-            + "7FPeOIibUtdd7pClUZjYOOmdS2W4C8cP/KFE4G3IKAJu4b5bkYiDhgNnt5ERGWDJ3Fbwg6CQ9PlJuS4txyrX9SzDQloVqH3/3UNx8lU5uOzCOhwmLXpAs1Er"
-            + "h6Q7YelyLMz/hniTJzVLBKzPe/GJ2A81RtYg7kFYxjJawdzllZ8PnDRItpWBE2abU5rkFFz2Bp/qZ4ukeKSZ88ejgXot+RJu6c1vIulsndDWEwjJPEEN4Qhv"
-            + "CbcQARp3+LPagL+JZp/e5LT0pF9h9WkHJ6uzgtpH72u8Xd2HPm8xkIo18gHla11y+JqE3V3Or2s7w7BMe/jvzDFy5IpXwgtZhebBImK+kpm4gzi7vvRWIz5z"
-            + "NnNRP7Kh2wfz1jPlxenMAG2UJuZlTgHpv5kxOZkX48eLbwOZPgmCCabDiDI1Eq/9OUi8ldXyskc1obKc83EPPMxfAtPGDZNvlbst7mgMBezO2yWkNgWI1LKL"
-            + "JdVXLhjWeZID/oU0hlCUeT7fp3txzUWNQABOJYQM76hxzJW+0T7eobxV7WhjaEME4nqFGqTBKqH7iqrv8/THF6lTn/9s6yK5zR86mFrn+sta1Vt+PysMLspD"
-            + "h1F/Yv6boL4rMiDWONZA+4RE1QNszbEJWkTgugOtiiyOtZrkX/a5DmHz7nlhz0QHsZ9WMTA9mhHVe1mtuCtRiL6yeFwXnNMAavIrB/vo7mDIvc/Czk4xmQNJ"
-            + "s4IjJQo6UypFI5pXnCIsc1igKhjxzfAN74YeCXJ5TnDXq6MoFgfhQl69rQvxMsAoc9gX7rM8H3B/1DSy2wqTMXd4BqCHjEWDEEPRX9v3uOtSQPRJQ+9l2Sw2"
-            + "CLt/2assLO7/LuU/PGiD3UDjnS8Z4fW68t9s7QHuH/vGqT9BEOLnN0/Q/kIeUJqpTpf9CmP4gVxwDyJNSx9Yah0b+2BcNePoyt6l8PUn3oJOC+PXBDaOQ+xj"
-            + "CKqIRGyp1aDfb8ORuT277OGzrQtzo11HBuC0QwMM5865isi/OTInv39vveKbWFP+kCifIPTMUg1v5ri+cQiLFsr0yC/KwOHItNxa51V1wqKsFGWo4SpO5ov5"
-            + "wH4JdObL2k+Zc+3v5vuQxJVGr9Q6Zi83EFm6Mvf+qV/8SQA8zsV1YvissVtWwPAgJkDDsays0+eT3pZjHRun0RJG3JOYraANSMMTi+e37jryOTJ8AtlzCMGL"
-            + "NITaJKmIJDYOZhO2cHIXrIs9KxGb6q9PpicbqvXoUSNWFZP75WW5lwyiCmrEL4k1wru+JfhN9lL987MYQe3jEbdqEf5QJ8Pru/DBtWTI+ZaDa1vOnFkt4yKt"
-            + "g8p9pewrMkHKSdwr1GVVlMlPyh6ooMNxV1+WZ4sf93B9yBzm1+mo9UF5pBDBBM2SxTv/EiB3zpiV4IaibPR+iwsD0bJ6OZGmfG7vQ+2NmVcd+7pnBqBjsMlc"
-            + "HgVaz7tOc4OYAERJa6nHOMQieRPZyLUQGX8NbjnQ3IV5Bt5aJU5blkvkHL304LKo1czUlylKksACK7ZpVBD8Wa+pQsH88og9T4B51ny0p27qoS39XqXnIyaT"
-            + "TCAL+ooRETke3zTYCThSRiKb7a1pDyfNzo0w4Y9+ojNctGsWPsHQz9r4dLFUPrWgTfVpCYH7jecqwiicXzCdaMOOEKW34GV2M8lXdxfyxg0p6LkA9/4ZPLSi"
-            + "PzmUBipQEW0LmPriZd5IBg6xhV2p+8f1snQU1DjtlHtxMWYXYysISLERuMlSnQydfmC0We28zBoCug3TleHVl7M/oyfKOSUIgLOEKhap8S0iFaou0FJnRAAR"
-            + "aDTBPs6EnDuzzhyJZ4ZeIzKEFSZMPPH4xf2iD0hPjzVmzFUMalZw+7D5BisMZhwGHZrPamc7V0ZIPajDfZDjBSRa19N6b1EbSHLgBKNJ8f2Xo6eiTZr1pcvQ"
-            + "8vDvv/P93K8Kq7NOcCzq445S2Le/2eobjuqbWuDavSKWIHoVNDZCPimIsaHL30vrqKIdbEjnlEYLhwXOWANvT/tbQmVPOFSnoAoRFCv3S25s+gxqysALd+tq"
-            + "cmHZP0ZQkkRgYfqhnnCgc8obU88rEskQ6M76ixU5rybq/Bu8fLpuaQOx4Y3adqH0GLk1t3MjGo4sOkR0GIJch/2xbP7oQBLkx+9noOVrHksVMIwmCeU78B9Z"
-            + "QOcIfhSLDVNwXIhrInAUUzb/IZcZC8K7Ecbcr7aBLUgHZ82JS2uy4zgx6OR2j4UN2nRB8QzgJLsapgq3B33D3DA5la/rLwApd4fbEHOmP8H/gsl9U+8D6s8k"
-            + "VwG8cKH6pXCCwNh9WJm99SKxaILijobHYZvMjL3Ppz9QTsJXQYCZoaYnkGf7WBRXmXO/6xwnvhHkuOzKyFjil98Uv304dlABooYun9yQeg+3fzts6uvgv7MO"
-            + "5Jq+YoIZwOPzEc4hVlgoR4meUxgdr+ZEVY/ccZvGyp+XNGFrfQiklAK325ZhDcUofIEAi0kxDzN2sqvvZsKQtOEiIat6VR9VNp10cJczUVydWybCPBI+S9JH"
-            + "akF88+p0FW6BgERgANZRwShuA0XYbNuarZx1rwhTImY6kFq7F7XSR+WskZazHzJlIkR8JYt3oWsFHfDlTBsMOdfgaDjQIKeHMKvNP0yzhTXZLwKtDwGYISid"
-            + "RQWkuq/JLnGx8e0ChPqb29wWI+4gq5qfYFJV6FPJcSPuakQwDZjAxu47z7jJYvPysdpxt3Ay+6uDYS6vEM8kICoCy0a+UpO7ZjvVECakoAT0psH4+HjKSm4a"
-            + "+FOHR8Y3PLNC3iv0VyQ0m+b2sBqqdej75qti6J9R4L1MX/Qb21UwnM0Gvckd3wmU/Z/KPoWvGRSkAxqUyGss2A61/Cb2QfaxBORIE0Rc8fkJ84BTF4mUxJD6"
-            + "bV5Kb9kCPOmwPoUeeBy//9UGBz2JvC5pas04MbWeABMb5MWYE123ZYlJhbfCxTwBsPF6O0bD6v/n0VhVPH9jP+jzlLp2j8PTz4Zx1KJ8P0bDqcippd/deOfR"
-            + "UecSAQMxVsCaZNRIy9t/QWBAF8bwu0yNhjZyYj4usVHTa9s3D32R9LY7QK0XatDdDpzKUUWF37U5YLYIU7Qa3m5xVezmEfh/jfHnQgKx8xpfwxP+yFFiQYW1"
-            + "E1TU8uQceJ8Ukhy6YDog85GCHl1tuKcdFL5lrlqGdlNgyLRcumw7wIPR+K85QDCwe4Q9t7cGZyTNTU0G1cYgUEmj5qRkf72kx5Dmr9O9N/B3+9IKQ6plcz+y"
-            + "TnZB0J3CTkFGeLVxscDhPIuqivtX8WOdOtDRT8UyFS8msd13NPJmjzCDuj2Ydoux111cqIu5zrUhpdF2DPDtI+8upC9jlJ+OzB9IrbkTX0jeAAFmNsr/2lWF"
-            + "0ugPffBEm/pWdvXolCP9v1XUmy3KaxWixCrOh66SLCNteJzcBUmpYqg2+Fd3rdRt4uYk+HtlrChGOSu/E1a8YUWWv7RP0hnFu+heX3bakQ2mzDb6MSZyHwfZ"
-            + "po3MYBaddo9wHY5+FNj1xdXGbdaMaSR+77TgORxIczad8N2oKH7ihmYiEUH4ExEynZKVPQWUbV5tzxA2f3CYgrIXU/R/daKejT8Gi9yart6r5heyS6FpAP4A"
-            + "vP09RxKULTTxho9CRNDYEB4hMSLPA3+1uCkDec2NRiXZj4/UHQUMGlaU2J95k6RR5nm1GNS58r5lxmyGEDVk2ar26ZZ/VjIZnBLQujAhDTd7pCcLxB8iLPTZ"
-            + "EGJxKxeD+bPoeQHcbSzqlBnoIYDWaKu/oqtiRz/DXSUcom9g9nDSeKzuELmO729/dDkzMpxBrjrdY7usHlJYVK8K7cXLxhDezV2l6fgCJwKsXES2fHAzI4RN"
-            + "zkkp5Gm9YfjlekJRRjQl9/zjvnI8ICU9TSVYVBRRWPqHpZoUh8fAPFLndRa2xFSEQBsxSmfQ7bmU0tytzRGyJkHfvhibWnPskcDLYtncSY6jT3h+oBFuUFfD"
-            + "qhsVP7fNyv7m35SZJvGbcYrV+y4u0XT8YkmzAzYGAqSVy1LanfO0enqmuPFFILGKvUzBA2g2h56GuttBKqMEs5OUfi6dc/5IXoC71DShlrmnCmzJUiEVttIP"
-            + "6tA+LsQNxkdNC2akmXTF9bOqU5POl7q4b+GFTljgni3obxZYe/m7jDldPRbQPCUeFSUbqgtNgZNHwSEDixtYpBgabWt82W+8nv15O0TxTPgfHQlt5u4TNMTF"
-            + "2afGuYDDVuPYz9PcppOSyRwc1j7onl6rm/ASa/zEiMBWrYiTf7MFD1LfP6rvplN9TVJ4j+Xv30Md38itf4Yz2x4a92daTuPUHfMX8mQ/eMLlAk+CUHACXD2k"
-            + "o2FzYi9XAaDVGUEkiqpX1xGBVd2Nh9E0qfcwol4XQGNcetkBS+4DQAX4rlZmSK416n/dMH7UNxohCD2+HNjJgoSNzmsW1HnKCLhWRhB9uKtBwqPmyw1onoOo"
-            + "RzZLeENn6YD74lMhlVj9OerVJ9xmDyqNdcYtv/y1pBom1xP2VCJe3I5QkhdvQ7fq82GnquZDipJScXjdRJCm0sFVv7UMBaD+Iz6sd4jYAsa+AsYQjTDeLo1Z"
-            + "Vy7jWpYhtuKGYkNCoTJbqhv3ul2xt0SFF/WIofzB8XWu+sT9atdW0hIqtqTTPpFnY/J312naFSwLDSuutAvL+CAIsTehOLar3Qgzb3L2HGw7nsXb9ldwVTnN"
-            + "8bHJlft2hgvaEJgzzBQki677uy0IVzrmL9R0f2bdWjFK1+nezF/IGhFt8JZcj7akIMakNd0mIIcGm71mr/jIb4OOcXBJ37T+7WmnIRrBaB8us0+1wO0mthqI"
-            + "c4i1c2dotpi+xmzNjKL/pGCgrtLjb/8pVb2uoQKqbCgG5QdH+cSaSEZU4meLLwOQ/Xu+pUJNR3820y31edIdbrAsH+WkSgk9NDz8M9o8FJuQYv6CUX3DbWCZ"
-            + "3V7zr3qifvS+SsmIuuaY4qsCm0JSOIECybY8QmSq5jPOoeOm79/tCuCgq5qdDAUG/JW5jXM/J6A/1tUwVCrQnC/zJNfletGpPFGKEl+L/V+WnqI1yVn3JMmp"
-            + "gmvNYDw4R4xNALHXusPuRb3v77kJ755CKjDGiSsgfXt+EbSv4BLyrwrdHHrUjRmGXUrwezX96vZkmwMoMNY7/egmWogvL4GezSekmOWt5ARsxw2OjBBKdG/L"
-            + "fl7488zi8gichRIWBWNmtE0bwyAsfO7RCemxl2vqtdI2nY25WnfP3vS0RdvUMGsONJ9WH5E21Klw/PAYg5wM6NlqadBURMfOWl3zhttNgoND+zuEPGJIA/Au"
-            + "2o7P6txqhlHN7Xbs2u0raWcltArF7Q7WRLQjj2ggib8Q9szcy6ZAm7KQ1XP2SJs6spgXDVq3L9S6W0StU82vorD/WW0c1p+m0ztUecej9S+aoYg2U1+Ykw+R"
-            + "gTPBSZCiX6o/GUZAXz8AaW8pzPzQLiwmHLxhikGNOBKtlA6nUxYtheWegOAgbFwmHr6F64RKUzsvJf9iPx7Q3Ldx/RDPFuFpxp/03KwkZOyJvRstEEoJzuQs"
-            + "Lie6aUMQ9xHOg27RRfiYG1LfzQGEd6DvjDtdKU3l+Nc8c+toT1CseiEI2Edq3yJpxsI2V5+L4rEz4xg2LdY61yVe7vyntb3yyYZFHBDvuYjNv796ImiXCYMT"
-            + "pIltKB0Yucuzc7V65sa1Ot5chCBE6SnQ8bbhxUecftZOhYe1Dlk9URwOerOLzHhr77bHI20sDapNoJV/2BGnIvlhuFZqlQCNyIX77Z9icKz5RSc43FpXj/VP"
-            + "tr1gSKCAHJcCKo8SErdvo4eQFci+Q/ebTrg1Zt9FOmm6WQVb13b/0eDsiH+DM9q8oyXbrK7Q39tM6w1tD/n8N9Bma68RRBx6znnHYP8xhowHmLZdLE535aQY"
-            + "+5kX7Gup5goUrSZyFgYrGcSjLcLhfO+8lnq7P3ITwq/dsKcNEAlW6OG/TvUdOK/p1b3KwOThBKZqM5mSBNQA1a+w5tmkqfuJzaPG4pGvTDd67q93zCYcCfAn"
-            + "s0yr3HWRZIJX9UB81lhf3M8ptONIIIhoRnAgMBYbWMntBoHmXhYmMbynYDM1plJpEFkwF8dcdx16KymfOd8BUbWv6Q5AdJFEppYqVQsCoO/hB09tFD7zC43p"
-            + "yExl4vm7MBexS8z2oCG0ZC2s8mS8iOopJajVaa8q/TT3yqTWV7IsbmAwIVtXa7H3YlZXQ+hJS/fifVPpKPf+0kBq1IVUiutQk8TXSJKc+3sAjmw9dr8yiSDp"
-            + "8e2pO82tNv2+pe7p8DZ3k7nVYsEQoqXBy3faVUVWBgY3vdpkZ+ZFn7yo+k3cC3nk0lNmpXWNTsiT71AfjNYnZCtAMdmVhUqXsrS05hJclc/m+za7rVSRbeIb"
-            + "75PHifYApb1u4svw11TT2jgcBAnisnL7olUdPpT4co9vUSkQvomU9pz2uvZY106F1gaFEV15y1DUcAA28k8fh+NDxNGyxxgYvDohXSguXWAIVBJCbzL8/pad"
-            + "ZRdk2Fnm+aWJAqzTHfDVK3pCrs4217wcD7R+QTz3Geymhi7Uvf4KxWTzqSD9jUV29DQGWJElcLzVL4bDfByOOygO7YO10sZl0qINPV94of4oOhG62QEfahIz"
-            + "pdpJ3DHENR+M4tEQHMdTHLYIp45Aqwh1DGIEqoWfEmM/wOBCAiG7T4sAQDzbxZV6+hg=");
-
-    byte[] expSha3Pub = Base64.decode(
-        "ICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6Ozw9Pj9AQUJDREVGR0hJSktMTU5PUFFSU1RVVldYWVpbXF1eX2BhYmNkZWZnaGlqa2xtbm9wcXJzdHV2d3h5"
-            + "ent8fX5/gIGCg4SFhoeIiYqLjI2Oj5CRkpOUlZaXmJmam5ydnp+goaKjpKWmp6ipqqusra6vsLGys7S1tre4ubq7vL2+v8DBwsPExcbHyMnKy8zNzs/Q0dLT"
-            + "1NXW19jZ2tvc3d7f4OHi4+Tl5ufo6err7O3u7/Dx8vP09fb3+Pn6+/z9/v8AAQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRobHB0eHyAhIiMkJSYnKCkqKywt"
-            + "Li8wMTIzNDU2Nzg5Ojs8PT4/QEFCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaW1xdXl9gYWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXp7fH1+f4CBgoOEhYaH"
-            + "iImKi4yNjo+QkZKTlJWWl5iZmpucnZ6foKGio6SlpqeoqaqrrK2ur7CxsrO0tba3uLm6u7y9vr/AwcLDxMXGx8jJysvMzc7P0NHS09TV1tfY2drb3N3e3+Dh"
-            + "4uPk5ebn6Onq6+zt7u/w8fLz9PX29/j5+vv8/f7/AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4vMDEyMzQ1Njc4OTo7"
-            + "PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWltcXV5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKDhIWGh4iJiouMjY6PkJGSk5SV"
-            + "lpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+wsbKztLW2t7i5uru8vb6/wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd3t/g4eLj5OXm5+jp6uvs7e7v"
-            + "8PHy8/T19vf4+fr7/P3+/wABAgMEBQYHCAkKCwwNDg8QERITFBUWFxgZGhscHR4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6Ozw9Pj9AQUJDREVGR0hJ"
-            + "SktMTU5PUFFSU1RVVldYWVpbXF1eX2BhYmNkZWZnaGlqa2xtbm9wcXJzdHV2d3h5ent8fX5/gIGCg4SFhoeIiYqLjI2Oj5CRkpOUlZaXmJmam5ydnp+goaKj"
-            + "pKWmp6ipqqusra6vsLGys7S1tre4ubq7vL2+v8DBwsPExcbHyMnKy8zNzs/Q0dLT1NXW19jZ2tvc3d7f4OHi4+Tl5ufo6err7O3u7/Dx8vP09fb3+Pn6+/z9"
-            + "/v8AAQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRobHB0eHzzFqLKvvsdZOxldDTvCy40RGXZFsOAMP1jw0XlUMqq9");
-
-    byte[] expSha3Priv = Base64.decode(
-        "AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygpKissLS4vMDEyMzQ1Njc4OTo7PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZ"
-            + "WltcXV5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKDhIWGh4iJiouMjY6PkJGSk5SVlpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+wsbKz"
-            + "tLW2t7i5uru8vb6/wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd3t/g4eLj5OXm5+jp6uvs7e7v8PHy8/T19vf4+fr7/P3+/wABAgMEBQYHCAkKCwwN"
-            + "Dg8QERITFBUWFxgZGhscHR4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY3ODk6Ozw9Pj9AQUJDREVGR0hJSktMTU5PUFFSU1RVVldYWVpbXF1eX2BhYmNkZWZn"
-            + "aGlqa2xtbm9wcXJzdHV2d3h5ent8fX5/gIGCg4SFhoeIiYqLjI2Oj5CRkpOUlZaXmJmam5ydnp+goaKjpKWmp6ipqqusra6vsLGys7S1tre4ubq7vL2+v8DB"
-            + "wsPExcbHyMnKy8zNzs/Q0dLT1NXW19jZ2tvc3d7f4OHi4+Tl5ufo6err7O3u7/Dx8vP09fb3+Pn6+/z9/v8AAQIDBAUGBwgJCgsMDQ4PEBESExQVFhcYGRob"
-            + "HB0eHyAhIiMkJSYnKCkqKywtLi8wMTIzNDU2Nzg5Ojs8PT4/QEFCQ0RFRkdISUpLTE1OT1BRUlNUVVZXWFlaW1xdXl9gYWJjZGVmZ2hpamtsbW5vcHFyc3R1"
-            + "dnd4eXp7fH1+f4CBgoOEhYaHiImKi4yNjo+QkZKTlJWWl5iZmpucnZ6foKGio6SlpqeoqaqrrK2ur7CxsrO0tba3uLm6u7y9vr/AwcLDxMXGx8jJysvMzc7P"
-            + "0NHS09TV1tfY2drb3N3e3+Dh4uPk5ebn6Onq6+zt7u/w8fLz9PX29/j5+vv8/f7/AAECAwQFBgcICQoLDA0ODxAREhMUFRYXGBkaGxwdHh8gISIjJCUmJygp"
-            + "KissLS4vMDEyMzQ1Njc4OTo7PD0+P0BBQkNERUZHSElKS0xNTk9QUVJTVFVWV1hZWltcXV5fYGFiY2RlZmdoaWprbG1ub3BxcnN0dXZ3eHl6e3x9fn+AgYKD"
-            + "hIWGh4iJiouMjY6PkJGSk5SVlpeYmZqbnJ2en6ChoqOkpaanqKmqq6ytrq+wsbKztLW2t7i5uru8vb6/wMHCw8TFxsfIycrLzM3Oz9DR0tPU1dbX2Nna29zd"
-            + "3t/g4eLj5OXm5+jp6uvs7e7v8PHy8/T19vf4+fr7/P3+/wABAgMEBQYHCAkKCwwNDg8QERITFBUWFxgZGhscHR4fICEiIyQlJicoKSorLC0uLzAxMjM0NTY3"
-            + "ODk6Ozw9Pj8=");
-
-    // note this is different from the light weight one as a hash is applied to actual message before processing.
-    byte[] expSha3Sig = Base64.decode(
-        "Ex6F3zm3+SAVJ4Fr4rYkZ+ND9LEqzm6hD2lGz+wCPJbvVwZbx8mqD8k7QrPYJaZslRVI0oW01eNqpfwxtitGyN/PlNKt92mNfC3Ia8/mupf+ixWq4Z32JVDR"
-            + "YezebveJQ2A72koDut+htDruO2jU2OiTiP98DlLG/N1LGuTNXqjzKJKZwGsg9M/HOCV80htKsizyGmunRyCsDxrCaj3WFoNnmlw+N3Ipw7QX2t27/7R1aCl2"
-            + "5H4NmhKTlh7Wo0flR7QNoOW870O0kahtg0ozUREd/778x8+GeDtIWjlHEf4WQ0FWnXPxvM4zUaJDWJSxh2VvCTMrvgWimcLD1CuGyWnKwZFUTeMW1pcEhs/V"
-            + "LI8l8AT1RPi3cXh9x2c/nfML/CI/wX/TWXvKLTWaW5s6dKEIwP2i8G5L3Oh6zS2bBdjWEUI0FWVH+16Wf8B5mkQ8NJK1l1YLc+xe8lL/XlBAqCxDHxWQnefF"
-            + "GBNjdusOo2I9RkV/Hz4igy315hssjwJ90X/4OywUvCJ5NAQAOCCwStVWyqh5rcEBF9lEHSAWl8HTsfcjsF/BbbjVAwllF1YqVg5yLHPpVMFHKyiA1l7l/Cp0"
-            + "8G3G37MFT6IqJy53IiORlDjmQgarz9P2U2MmCDwAh3WCO4ZqY33byYy0rC3JqZ0Dluik9YXfi0it7cU7hoChbZzFkODVpx7NYlCz6GY+ZQDTVm86EYn5o9Vn"
-            + "6oRkBWCc+hTYFhi9ZuWBef+WMVwgnMmh//ruo5HWeHyFoFHEG9j7478LVMOMEBthO6gdQ8lgWCTTzjH+TThPr7TW3UDua9M3c/rhbqk/Y275qkjElVfGFvkU"
-            + "9XnYp1ZcN43oSOJ8Uct/Wi/X/zbdOJytq9zvqJObMQKKBFMw346YN+cPwY8aazr4vnaSxqUVs3oKgHbvfYJJTupNxtIUJjU+7UpvM/MoJH/Q1EbPb2w6A212"
-            + "80RgTLgO/TaDLjBDyiNnx5Fmsv/ZCW7FBzBaFsLmVSFt6+8SCFUxYRrCrOI4nTW8rhGaWOB5sxCE/0SCwtSf+c+jsP/DS43l+x425Ibq1ukdR70jmTgyT+6v"
-            + "k4SCmAUAnhr8Yl2tNBS0OvVzU8P7t6iTek3WHkTtzYuBFY1NoqRpc9hcoGFMurywOKqkuwmQJH60fVDdhC++iP/UQvJpt05WJ//gg3/+fAmxhxnzLj9oIyf8"
-            + "52934C7T7iG1nnnW1v0dle7e1XHMQ54SmfAb0hdWIVv5+9lECweY8XhxE28hidkZYS/LYjytioJadoB6RzLDprUFYSB81Qp0shYThO6Y8QGJgrW6kUe12NfR"
-            + "DJaLHSACxVeuIPqyQV4Dbj7D2y3x9OuyLAqayDqS1Df91hzHgSly2Rri4kLX4itspjebWWTmsxiJsyADP7xI33X1WO0KJIzqO36MHexpMZzdDmKRTCSsr3ar"
-            + "q6G8nwmaRsVoRxiwgyXTsXgk5qFOCsiGTMtq0Au3Z3c4NehNO1+COgzXsgZOEbgVTJN/amKH9buZtd29jqR37x28ie+XAZLy2kc32hSK9MLyHswygRvsF88z"
-            + "0bEHOgVgAVzLDDgxxPu2su9p/JbgkutXt268u6J/67fZgbWt0Y7k7bC9WGNJtXjLEQNhL82+IkbN69XPHL93S5xV7H5XpebMR42BU4DIw8R+c+ldPpElSGMV"
-            + "iFTjMwMa31z0/aaIE5lgfQJtlCLfu1W/DPuOLtF7pAyRxjtkTOUPZ2gw6LX74zkkXaJH0rxeYY7htY+KYOoIPPPSNJz6V9fqR8qsVu2mYmHoJCXFoSKDo81k"
-            + "H7csywVt4u11zL+vGSLQTiU1jOWGQSrtVCdNkta1DdwlVeHAoTHABYh5A0aTFzK2S2ygXTh++PTf7YdrKRJAqYYrvGBGDRXSe8BYRLg2k/vla2CElzEKzudN"
-            + "K/E8W9HNEawggL2OEKQzLYKLTXtKp0lR5gsAVZqnpbyoPLdg6Hv9YWkVpVpe6EdELwucH4fEu4pZnUFikmqIwJbvxMNpMZKGRNRBjwxnw1St8yibGVCEvqzq"
-            + "eFs76UKIS/IRZTDr9QwsEIOPpWlhAM8gHeuLal+9XM4DMUETFHsNLSeqmVOPApQqPpVjQ9JR2MFOgD1XHYNI9rpHThJrVwy5bDKCLrtYafev9Hi6JluCJAa9"
-            + "r7jOCgKViA1uzN/8VbR/5Ar3+6zpTEinYVfh5yFgWGs5UkwgcWmyYTaWzOyS2JT7zgqhV6nVLcSGMSh3XtHWoo45Go+cAviUpWHccyRHGpNAoaQVkm4jPSiG"
-            + "LnZHGtjkYqkHeRuigQfTaNch+R8kroLqFluFCvrihCIuwe/ufT14QZj2PxGbaphT6mQGCeTYAXn9qIdCZ9hwSc+xBmRqftGPQw6/2b2lToYg2c2pwRWJvpPI"
-            + "5SQgg7M6/9KrdfSQ1/8x8KyRNaWElodKr342syZOTGxt/ftSbKW6/lwAMQcDlSPu4jVAOcZ0+WUkyXqlnSF6Fj6z2Fxbn4aHEn5CdaUQ+zDVsb8fCePttzjo"
-            + "Mt4Y5UH4GAIsh1/nHtfjs8Lk+N9yB5y/KjkDE/C5bDgRF1r9Z347mbnK1c2JjGf53epXcgmtoC+MXVG7RsUP7+CZxznbmz/BeP6N6AwiYOU5MtPVhCAk2Cgt"
-            + "lm3KQQF+YhxTbgv/BasxQTnl2Yfo7z+28Y/MN7fdHE8l7yVa4WgUV6tnbeOt5TxNPmoBbZLNsgDp9+x6fNW/EZsnT0O0xGq2zSXOYmdqbXRt0RkbjhdRfgan"
-            + "Zhde5kMUwhh9611/A6m1QznHBF467WbaYEUPucLWoqK3TK4EBfa399Cely0HB4NlOFOsq/aadL66U6muLHxciaH9492JjI1CJygnnhXrLUhZpcDWDiua/zhf"
-            + "bitghjGupJbWoc0IkGzMJJLjxtJ9KKAqpbLQOnAYi9DDn9wEzsZySmtZ4XB6Cqg8LFY7SNmdEvNzQsfVSrlNuMJlROShlPgLG/t5gPNY7GZEov1+K+qrgTt/"
-            + "uhUm5NXiopSDLE2JhvDC0bX20Td6Ge9LSUWlgxJNCys3hk3wkwccjTNDOAeSTXBXQoABuLCJzlIA9LsjFnO6HOsoGrNpwgJXOe1ndSYnua6elFGbHJx+Ft83"
-            + "qaLIcNxYpSRQr3vsA6gOOTWq+leulX08GMool6+CR1Vk8P6c2V1/02U6I5g80nvqqQzE3/18BeWzb/x5rCzxiOf9CoC0Du1FcwUlxTUzi+AhiqWRl5P5YedU"
-            + "KUPTLWKBdeF12qLvux/EEQSQijeGC8eir5F4UUfCQbmn/lsQ7pLdopkO74tpRt+AYdxYUyL2mVJtV6zcEjptZ9uRuPMC/jHJfhO5jVlDL5HmvHeE/8RWpmOc"
-            + "GIi9jNUOWB17uXrqMgzOiH+zPOp3z5CvgxOFyeb+Gjn0J/lQGqq71DtPw/lL2op73mqQKnvAjrct7aPwdx7ni9c7y6LtffJrHwbO86b7OU99hsPUtmARDaXF"
-            + "1A3OxNidE4urPSCZVycU8WS7E3P4ByJ+MgDmBNMJ3TswRobN3toCan58Igqx+o2C1kcaUsGIKGAg1OjDejesR+9TvzJAOm2DqVKO0DsJT7N4FAoqJ7/SF2HH"
-            + "TEMk8hvO/AfGbug+v1ORtDbTzJcYYbYTLnvvMaCgB1CtuTsaEm510ViiySwHmIZHLiPYUCelaA5fmYSykHgtA0HE+Bl/39fUhriW0Ep4L8TeSZDdS+9YQ45g"
-            + "r25/lj9kgu77rK6L8nnZL4nBIZMRWAc9+64XA0KmeZtjtD8o398tou8gWLCNDNN/aAnRjohNM8BMPwSNxmHhaDz9OzeZc19ZL62GPGdDjIpB6egDkP1EIKYl"
-            + "MZudS5H/PkGIbOl7lIUGAoMwER22niDSCjBqDv4bQqjSnynRas9f9rAICHvqgmbh2SzEu6CpTDtFaSMn4K7NVk3jyHys4iuQ3luSh/LM+IiJp2xEtAzSXdk7"
-            + "CIjg3YYnZYQzw2pMzlWB6Y7QKdjVM8vbpRAps9/e2k8/zlHTrm0Ouw88oPIBEJysTSu0j+koXHa8ZZDHViazFq0weYBxbJ/m/F2Sy8thIlSuYJ6hpnS3Sts4"
-            + "iGiYIUkFwZPiCY/Z4xKwcMO8IEP+JRmNLRNnN+8U5FTYZx+vWU8BVtgcd/5nYCBlw2PYxSNKRikuNoI6eFPqtm9W0LFHuu/dv96eTwUNOVZ3EILPLiwfRMGl"
-            + "pTGs2Vz8Ds9kaOaPkhimEqCEZK8WPNIcqropTLjHQiX7nMxCbJ0PQv3tQ+9BRpXoGSrw4e8FyKIPBMsMAdWAVoZNnxl6TxABduQlt4fd8ot1FE/kfgzL1ioQ"
-            + "u7ea983Di5CrtxD0JvPHpYuaeSY5FSMj9b7NTEXb8q+8U//n4mSwgvI6PZjFOc1sL4LNYbtVQBgb3ZZ/rRDKcN8rfiJf2CNzHdtpsX5rS2p+AD66DrQ6RB+u"
-            + "r3gcjVXs99PTFt1Fj9kmozPm+Ff9PYVitERqRdLM+V4587KpgmogNHiXzHK4ZYLRYrijdeDO2JP8vUdBbLUhNoSCo2zraHEObS7a7y/iYVTsmFLzyMZlr+L9"
-            + "9NExr26dXqHrOJtVV4lkCnqHsyJ+ptGK0Aec/Ru4xd0D8/BjdyvKCMOGVtIRiCzvgHEszgJ/sTru+qrqR46J6wEIccxLA/Gjh/sF/Rt9j1IqCes1MSjKqVDn"
-            + "WQ70Qm/6qCrd/WgHCRO3H/0TafIecEKdWtBhUsFUyxAfUiZjFyMjrW0I+OklmRwultRQdKWQiyQOClCJ3wgDSCYoB/jd/K/cLbcj2P7OPusNCFemxMluPqsm"
-            + "Lucjkzn4nFKRKtflJCXvBgQy7yJLzkwsV/BtXrzOEGIFoj3gowkmnvOlnnK366NIyjWsKL/N9Sicg6QBgSWuFgQMuxwI5ruLv1sWxDRttz+ZZptivsjYUXIL"
-            + "M3Wab2HcQLjgwtsZmfaU0VhZYI7kB5L+H1iSshRuZW6nwZpG1o4eh1efWvG6M7S0+Uhn7zusfOVVDzAQF/B7TkZUmL80FogeAGzysGL1IuM0oskIQKszCFDR"
-            + "cDl890eQ43OTEI4W4vuuyG/XOJHwlEyTiinq1GGNKirpkYSaOmUi4L/VAA9KghbP7ckASiYlwjTLWkucRmDdS+RdMgxnQ+e5Zg6ggyHzAU6vwNpMwW/3PwrB"
-            + "e6/iB8YTaams+GX32wi8ftRVpqi2PUBBeTxAClwLDFVq8TcDQNdce+d08sEGtk+aCHNA7iKFyExswJVM81epZGUyJzV5HH4uUSOsWg7ATNpsY0aJ7m3R4w2H"
-            + "2tUbyygnYeiFqSnXdOEbC6sSNr542XxZw4YQx3h1MP3FxXdRBLfYHnIXKn+b3h6q6oj8wiZnOaYihEEG6ZN5uW59+haVQAgtRabSwICKbinz7hEljcEPRGEK"
-            + "Qstba8s3I86eo/Q2jzUee+lQ9Ru4ACA2sXBrFpSN7nasjiGiWtukSMIpVoCVrxwedJSsh2kbAdB2NBV4iQihEsc0KNfJ8d+xa/s/zh4FDh8Pc3YJFAWucrdX"
-            + "ZU7M9opz0fhNiKu6iJ4O0CNFzEHbGDoLknm5pgk5l/WslEk+aoyk6FsCeHoSHX4kqZdmHoFCQFlrFhVc7Y3kGefuqKWOxk3VYcySsJ9Z5xGqTEpoaQD5zZCH"
-            + "2lnBevyWxK9unBTLAyzDQDWYx2cFnUc3XJr7MNyfNkGqbXcLcy5nRDyYb9DZXCjCQPv6/kNEPELdE/u2tinwW+OP5ZcthU7l7WrpqFChgboQx9nrtkrEOq/P"
-            + "Rm5oCojmug10YSRYYAViGCMAG+uD8PzupctkmRykYY2TU3QaZ+4BfAzPDghTMSbDdJEOxC8J/hnpv/mUjYeLodGmwELB3GRYXaB6zSRkxeDyAG9gsd+V1Bf9"
-            + "B66yT1owSpMDUC3q7n6UZhnG/Vecbh2ygzVibGvWAScXc1ElRtv/6PzPNvI3coSNshBW/55w8U3tjAr4fVGtz1ih6spyOHc1hGRA9rPJ15Uq8yenlnuKpNGG"
-            + "H2+OoDOTiY2hfGMLrIfp4yzaXO0ZspDjAWAoBoPOVgiK/+OZjSIkRzLt/cxquL1eEPHGNsCOTAFTtsB7X8vQZYWkKhrHOcOkvwFbtzu5i84MqpxlOTN46D1O"
-            + "FrGpYvRPfN28EzHzrrV92i32whH47wJYmOzH5oOo81n0FrkHzWgNvx60ULwTFlxJnxPvfvePjSueMDw9SaowjjUwravIByRAXaoZC7P9p8GCFB0FbwydyT9z"
-            + "Ob5oNoP6dN3LG8uHRfrhtDvFwILA4wZ1X/JwW8v/1+MqF6V03awMHFgWODioVsM3uT4ZRiEA2yC7Gj1afpjNQDTY6hwe/JK/vY3InmvcL45nrVnd4csHuFFS"
-            + "8A2ltBkKSM6rKGa9+W9JMs/VQMfzIVk1Ku1dIpNUPhfZpRoQepJ+oGHe0n3WEoFRZxkZTDveSpOPNac2+krpyTeBPjkXbE3iVaBsI2juSb/JjzDA+Md5Le6T"
-            + "l6euMmI0Y6Q3bmNL3BJz4LSXWQpbUgRn0gE2CrAJhMjm25U1kWR1Z6oqOMje84R+6oY45PF93LpK7rde25tC+WskXUhLYitEXKuu3qFca2AzD6O3Jmp3TbfB"
-            + "rq23trVbt3GJ2ivF/E4lO9/FK51OY1MWFyi9AhtWzdggq24IhFP7Fl7hrU0q+gbPuPEvPUWzxT/OhQiKbiB6whNLU7f+GqqbBPdrvXOkhvItFAWflv0WSmYp"
-            + "kUG8GlrlW93OzHBPmrzuBNPuCNVQzC8uQwi4hl8ulpkzEexrbMffMuLDtVMBlJH7kT9kJkIFajZYxwjuPhgEOXHDup7xZ9tAD7RMqZ52VMPGrEqdO0UDyVZ7"
-            + "A3DKgn/coLrdccmp2ISbOv7wXmuXNF4mRbjN0rUsXvoghjh0KEJNZJ7fOFoLxfv+btlRINW3b1lqILVuhFl7kF/k4eAEeieJERxstuPakXQgh8HrVpA+Iff+"
-            + "bYtVQyNKRikuNoI6eFPqtm9W0LFHuu/dv96eTwUNOVZ3EILPUvfSY+RjQuk0FSt6lq2ZtO/D6IDAvo1GLhIR1xoqVGKlTFYYn2+W6RY9aEAPG0mCWGpHAfuK"
-            + "1bUBr1Qv3iEYxx/x6IOGWk9brPkb6GvG84gaSih1mH/BsNBXwgusCDakxx6DRiN+tgnDNro4U/9Qj/OUUZsyBIak2oChsObCwZMdvmarNam/3rAbLOtBnHc4"
-            + "C28zyvQJ5eAC3uthTZt4q8Rwf3BE5ALNL6K45kDYI3hauvOyNrx9EnkoyBxFyqr8E+/u6If/Ozkd3nKcJuXI+b6soMU9oRP3I3Haj+sMT1SHjonuhuV/seru"
-            + "ccpNP7/nh5S8RMwu5WdfZUYxU8rI68Fd5zPd5Pyew0AXUa28jD/VbKT6hGSNnPEKCVZlqGINnDodxcyMpZaUmyzSOcC0KzNaI9RTh3Xogx3fKgpIF+kKmb3a"
-            + "u04YbHBU1oy3CDmCtlsYDrNFvlo5mDvTSXwu+hT3KeKO8+m3/J/Pxiez9u0ZVcremX08edCCSXkkor560sh6ZviUIcCAqIhhkTk9vgjJd6KDeh5jaSMw+oa4"
-            + "lsh56C2MjoG6gLAYkCLqL4o9n/1oEVy+YBqIM8sUkwa3I8KbM2d3H7oLMzmNf1TCJ6X3HyUVC8T0mjfa1XQVl2ZvATzCXIx2AFhQpSHueMu2BGHWwj5elG21"
-            + "GqkW3hmJTREB3G2I1IG2FpaUq/jfx+EBuFF9zWjfF9sJSsKLIxMj7+/aNUU3gH8vrnxvVnx9xojAOZoYurWkJGcmTrdPUErF1/oVItzW3G23Or5Y4lAlZoGl"
-            + "I5E+JpZhjDiKftkdhoBxRDMsyZ4Q62TsE4K3ZsPIecDfRaGso32M46mVy10vYdHDkki6bVk4WhtW3arkiUWu1YfKlL1yAC8RZ3I0RF7VOHWee4hPeSICrloc"
-            + "kmy9dETMn+Qc3vqUl7xxhjdNnHpR8hiHtupWfL7T17tHso/cJdjBU2V396bI/gIM0btuuxtp0JnwkeaEcIam39XiZwKxnxZRCQD/D55yav0BX8Qs7fAtiUUT"
-            + "4Ryfk812ledOd1UkGOiNb0XWwHjfYdPYIvDKFywaOrCLQNXfjzdWLQ5Cg75nqM/oO+yRI7/SU5BU8rh+CN0emGyrH730UL/dWSUvY3ivqHd3O/NIEJcTBCjw"
-            + "d3FE85nKkmjO12S5oOOF3PGNyWXC/vSYDH8cNJCMgqdb1y2m6mhRHk41nsSOa1+E6+txRjawS5Q6Q5HHkP0Jhg/acPAgVTSctU3xar/Ek8OB13PS4nkqXKIa"
-            + "gzcun+REkMzvSItbh071N75aGMo4tvhRG1tOu5knDy78a/R92H36zvZfz3o6TEpOOT2cidXxqfQ7/Pkk663jQEqOgy2nIjHEDZv2qzdIlfg/a5iDYlHqEyyQ"
-            + "YtHsCJFY4taiCE7o3y9UXFZMVokgGVkGekQXHFnX50R7kQQCE/St2mdw584yxPlxspUuzhM6NIlTHfVTzxzfYsY+SHpEbjZ+011mcf93sjIFrEp+hGzoHyf1"
-            + "nKJkUga9Nl42luWEz/b/tF+sXNuiNEj6q8UKPqMnuYz6Oa5ul30vVmcVT4ZNDNfgobwaKq+P3AL9WwqSBeYA0ew1AGfLNvkLZXTlXaIR+Sq3T/l6IBXXxg8J"
-            + "esceduHk0aRk3lr0bnPO7aer/2b6ync6pao3LyEOKJJdzC8XU5pwLi/gj90brnweGyhPtJE3LRD1pAPIpv63vTrFm2XMj+JGo6kmXz2CiOTaWDvwAjxSgF8x"
-            + "ZjpDhizjMdvIOIIWyEhKZbW9J89R0NwcE7lIbUlXx5qq0YTwXwgGdqIFGzDDIUTUQDcOpm8osFZEvWaLDlFlSSSV4s8kCyRRaY5tNDrGuZY5T9woD8k4cXWr"
-            + "4BMErLGyPQwBAPg6ABQLbRXgY7WES70iWQD7OZScJv92A66S5p/poI66vtkquc+h+6c0CC/n/7aVreOF9PVFOrbefzP72MbNLRQzrwLFpujBkck2GqzccgaF"
-            + "xE5q9gnXe7aVbIyF0+NCYt1+3LygKuQktSTe1ydaHMQfz4GOXwvSvYqe7IznY16de6BqEFexsQX/lDnPf7TF4dr65GOW9GdpEISmBpwco31DPl3yC8yCCIoU"
-            + "mRKLKGn+rEfkJGrzSdWRU1WBxHPeQNr7a2w3qMJwvHz3/VvxlVlxVKD0JSsFCnQBuxbNZfhSlZoGDIF8IiVgTjaovRk7ym4e/gkAzrxie3PrMcYS1JfM/Qge"
-            + "wSwpNj5k8ZwthBrT81zSRxGcNIy5PPcBLxe3gG/aPG/UHkHwB7ePfjJ/yheGfmDbBktMJ7+Fm8370913FmfR/RM6mVPiLRv6s+optVKq5orHMTpdHq9soF6J"
-            + "t8LKVutku7pJSDdL26oPQsXMsgrxopQLYzoyafpWkwDJ/R3FdmQfKq1/SifpRwy4H0rVZRV977ARDGgrk9czpcvhS4nsE63zo5U+n11DbEBe08ytn+BERple"
-            + "rqF003Y+xzQJcQ4YT6O90VdlvZxl1giG1AqkJ1EPSV1h1P8frNcIXOh2TDTB0Imcnq+6YeowgG4FO2dHpJhLkewWimkKnI5T5fby0e0NRJyTZ64LLD2CI2sh"
-            + "sZDNS0tHXlZqXwKoryVziWpxt2gOI6prvaywSbFvKgRwjuS+0//VuJOpXTopEacy/3LQkAteHu/ijLHv8UfJtTXDSdnc7sYg1TcSS2Q3T/0yRI8xaUX01iG0"
-            + "/a7OWNfrevpJeuFF7t6Gne/wYC+LpDcdnBX0P0cXRtQDBfndEfvmSZ856DxiWOlaIArCraBpdhiiJD8WxJWxoaovsyeyeWbAvFkPfRcBunY90SKbOsrUTTgd"
-            + "mHB1XfvQsIaRgZFcuUDCkyJRrlXTUHDrVz1qmLtRVqLXgdr5SUXFGeN0inb3DAONYGUFZRzQqLbCpAxiwBTewq+mQKHCdu4tIIU657Zt60entCBmPtSN7vgw"
-            + "HutszxyVynoQoP4uVfV5uUeS3lfY6jgbqKcZS06dmViqDjgIJAvlDN5eB4VdJf1oO6+aeDXGTc9HVs717+KOvx/GlKINErtLcZhcjuOU/HgDcO/DbXqqhvmM"
-            + "m5QNtv8JQ/yXxIKWQWcCdNIzQ4tLqkqtbSAUslWc00kNwEAcyoTOg5LS63N4mnQubU8QLFny9/048UnVMyQNB0ZuSubTeSl2+hQRc1KIk6rQPu1xTGJSDnfJ"
-            + "NzFKjV3NwhvFfCWzo76y182WxrAK7iBHR/lA1Mn8OIFWxY5JCUyVII+QYZJi90x7I5q7FLPWqjD+QEokbgHEVn5/r4K8q8iMP6p+P3KbWxz156MlKr5GxRwk"
-            + "M+VhneVo4S+HJDLNiBI9MsZShhrpfDbWFgdUzowlBsmW1LAVtG+okEQ/yKpsF0YZ8tVNBydNB//GJNvbDMPT4O1O76KCkwkQrcGetcB9+kINnpYq34dk3UZo"
-            + "jrd6HSen+Hqb0p5wrNeIQUxNymeItGt13MNOekBOd2QodbGKKe3BedtTvmPfgc5aHtcsxXGR/W2nSRNzIHYUHecCGKYMBEupI/4L8f6R7m2DPV91nXcQZNGJ"
-            + "t/v20sKJs+RHzBFq6WXeKguH72cu3HBOVJDIZT2wvf78Pcwud8wq5d+adXTtrq4QRfklnHddSNXoJe9HFXAko9UtSwyMVw4iY3vBWtvbjefxDoUdbbGWbNLB"
-            + "1Zc7/9np8H5Z6oiF7jl2eFCYwkQJVPIUQCy3JjAW6vtlC34C1kjxcRFfQEds+So6NQ8oB0dC08D48BUmuFJOFj18Ei2v7U0BXDd8qZf2Nzd4uCbk7mump8SM"
-            + "hC4bDr+c+mKGv/5oWj5lpYS3j4NeNHSooSo/DjuIyHC1BBltKdRMhMJBeAecHuWXl43gqyoOUMahm773QKSDw183WOSYIziiG63Ssd+ePdTqeHXbARW8rLrR"
-            + "HoflOoiwwsDUPYW6zen9dJEVDzpSbaG3gPIr04FgYzR5ybsYm4akOU27faRvYuPJtU/eOWwvVujh5fdtzS0LZkvnwJYcb1m2xo53j57vc0j440vvSLDECAuz"
-            + "0YhmKz6CinLyZC5LHpUg7d7ZCIEbYtTVLIsl5r01VAUcEcuUzmU8GvdT1m2B2/ux0iiavd5fgtVmdFzjsMIJT07ZSY4/M+4FzctHZAa4bZUEd7FjVGQbu0qX"
-            + "TXsP8cBXGsE9Ub6+33eWgJMuwzdxgr3ug37LzqXGwNCORVvPWToFJ+TFu+KQu7e1MpX37qTA5U02jaWW8Ju4mhFekxf0qP22uA8BujcYnltkuT8REwHX2ReU"
-            + "i5lxTuvIdODEFsk/5od2RDS+IQwKOFJ3ilowl3P5uv7dnzDIF7Hgi8y4tKzdhliaRHLFd+lditfst+XKa9twZBQQJD9MF3KabzWxb1EhE+abowVEKtvNEsLw"
-            + "mgCkgvxeE9xwrMTMH1XLk42oZ8sL/5GyBM224zs+Ef66nEgomb0ZV+yzp5fy3NMGldxf6A8AL7+CyuRyhMyCqtermBYydTfU4fhGv+nGhF2O5eb2HQQjQArJ"
-            + "XFQWNuhIJd9NdZtfjIy1MsoDJPZjMc0Uckr5tAavHC0Ef2nXC5Gy5977ts8QwYAtI6hEgVsaT04XkoAgc94NXVowJOec+mzVhNCMMm3tuGi2WXVTu5mEMNJn"
-            + "eMv79jh5ZAYYfVIUwF+3CZ5I1JYEUI6QTy2ySx/V927Y8rycf7LJ5Ep2BcJQ8HKxx7jKgo/Z0zjV8STJDzJnfT1xV3T1S1WhFqZKAGYpjc8wgGc4IYO9z4Bf"
-            + "gXjZDFhmvOHYf5LBlgU1xS97TRQt9ZWBpXSF9vvpR9lSXGW5fUi2/koKHQQOGviztuRghvtzSOXGwmMX7Y1jDIwep5vPE8uRYlMOvr9dLrkA8P814qjWIXKX"
-            + "GCqm/9DKO1DYsdL2ERdCGNkfVOWGQ3KvtPH7+k4YJaBog/UmLUxmIsduDTBejEm8ky6Bu5Yz+Ed9aHwCsP78brI6C6bf1NgIWPXt3Zfab253d1vI+kEcs5CM"
-            + "Pxyz4J/5Ma/ErzoKnMgqZv4QADoOee399CF6+LR8ZxXAkIqWvRQ4D1YxJRELcCqTRDQI/BkpzkeoQqpEoiwFuF831+5Kf4wvav+fQ2p3L4W9AS8fUGqHPC9O"
-            + "vyenEFhqBOTEbg5+xLTsKZMOtTFQ2wARLFZN3yRkfX5Rq714+qN1UNsvu96k7c0KstUocd/fDqpJXYiFMreZykHg6C3+RSobhMTJ6JmXxPKPY5rj/106LdJO"
-            + "f557eXx8s4y9SGKm80MHAy5o7FSgQ7MGrsB+V5UrfIrWGPuMWGbsx/L8dwwfFsAQnhzLDoexCQ6NA0S6ux5rrfkqPzO1qBrlGZ7ZI2s16dIEmd+FBN4AEyHl"
-            + "RL1R4IxgceDeHAbvQ7PNBivlj1FATil7t1YGVb7ubQxtaqsTETjM3sEiexxALB7/7NzN/rFlWTSbuYSt4bHuF2W+tY3Yn11DBAiQ8jT/mZ0R7+mobTAePmNL"
-            + "/Q+RR5HxbQBXVFsbKb7Bq8fGQWjFuq3UBaBiQXnZ5vXGw0U9L8TR03mJQU7AQxsp9iH0vKKG85+KQRSbn6+HiL7X+qFPAbUKGCos7tifmLzuKKMbjK7BcupV"
-            + "Yu3Mh2nEfApsphQ9ugG5Yi5/Xin65v0RjyXIEIrcUptJ3wgIkWdcHBEnvLFXejxzqhWVjXexlzthi6bbi2scAofl5hPfft9yOCrB7bfH1qETHInwvesOQumj"
-            + "k861VjQ/y5JestriqKNfdkLYlDcRiMuq5YGdSlqaVhLluJDcqAfl0IpfsdVrw+Wke3Wxy3QJQE+TwNAnFGOAr0ZJAvo2UVVhrHZPyDp4/uf1J0grqOd6KhtX"
-            + "ZKriy8y0o1dFEsjZVonqWLy7E3gMcmo2W0Egj1zncWYXDwgjTPsoTX2lUgu/ElFDtT1mmA006/SHPHVzlAcjKnDLD9ea+Zxp5s6GlsNuiZKomb2t3CpkrCQd"
-            + "TTkGHJfu+BjH/NeZWfoCJbcleNEVobidML2dJ8eXUfabniFxBKlhU4INzBFvkMDQcvL3QMbhmqLa/w9OQ+phKXeo8O4UISk2SLXvqwJMnVcjGQPEzOVB3KGj"
-            + "CGsGGHhFeq2WURAb1HHsjWPGqtffrtDyNLnsf74MfDs9t+fQ7HvhXfDZ6zvFqOv0nMA+YzEqOKIPRLQOk9IO4jibXuibI0nSwZU2bGCTrPJYVZHXGINIWbqI"
-            + "kZcZjwrPgwnVbffiPtqp3iYBwXWlwP3h1jaqRJL9t43Kwfs6vKFzN+LwWEPy8XYqFCdeib5wCZ0Nh9z84kkRb5pZl91JpIxZhgQMDcM/LDAUv2NnqmmzBttd"
-            + "LJpplgKEjOn1Euq5ekVy+pSWXMe/9dLTESOl9v3NfMUqNDJMiGiNyqRfXg3iKr2QijnFGj+Iq1+MuMWtTzqfvI1kspyGg5SpOdmaJOrdiJqcb8sOxRFQLVql"
-            + "BFTCB3jDuB7OalxtR+4LEaSKg5PNO55ZEOSqePpKv+WBsHhar9GIS94lO066JZrhOXew24imD2hWEb7TCNLbMZp562LIqSqf0um2VmFe6M33tQh+qzJR9k59"
-            + "WwNKaS3yZb2xDp2eG/kE+OKuPO0NmGYZnUyCvf7Azrg/n82nPt4oZJ6VhwtlRCt//Ja3DAjVxzgdnBmAwpfr4X+59208cYgS0bf26Ige/sf9ZnMk+jTdNaoE"
-            + "q3FGCb2jqHekKLiKGRN6gZGU779vkb8798YaVc2DLR1RRT4wWwKeDjEwtZdrBvWAPeWtDKUHVXTFcdTsrx1ZsHjYBkPLusaMItiEGt6LMQ38itfxX3F78V7I"
-            + "LwPLjmuBGDOdUzEI6TfLd71SIzAu/IXIBBV0G7PGWwaEJwzIBhWthbbq71qQ0rVLb9oI2e/MRg95JyF6wWV3g2rLkHC4uMLrhliZg+Wo8e1VDU7ZQEwKztqs"
-            + "6TXg1UuEy9LU8RuROV/zZExnf6q4sU97AHaQAOhoiFfzNmL6SDgNPK/O793j5zFXIlPIfRadQP3+YhlfVKgyD27x2lDOs0fPY9ePELZOfPF/RkRswRVZCCCA"
-            + "sZ6ImqgP+J7ZOn+W6vaCzRA0B4dBsYPfV/6uyI3cB0X/HkkTIe+UNfb/3bDxHTngCtyZZOoZt/fGytQotWlxY5NWqWC+7Qklo2ahwSGsB2Hjj1QTqvxg6+Ga"
-            + "5Jcpjh62LtE2414DREVLL7Sna9nICbD+j1Uy5+dBP80C5Y5nTPvHqxMI4Hu4e8ETsDiqcIi/P2YD/UaulBN0BwzTL/JMaC8ovycoBVj0bBargv5XTayEehTO"
-            + "BvFIGKzsJHzp/PUVblGJNhTg4rOITDDHbgFH66KWFJbL1JPpuHUjoNkmSRx+ttsQprrylOaxwt3jezeWJmbGGZ5ym3L5Sc087IAqVEndthUj58CQipa9FDgP"
-            + "VjElEQtwKpNENAj8GSnOR6hCqkSiLAW4XzfX7kp/jC9q/59Dancvhb0BLx9Qaoc8L06/J6cQWGoE5MRuDn7EtOwpkw61MVDbABEsVk3fJGR9flGrvXj6o9s2"
-            + "8/xc63363xF/QtikfrKhRo5AK5PlvKchhq2KGhD7eo9QvKmeT+h6Jl/7lIWYmCtWFjo0A/ZJkrHTHbIEsBR/sY70E0SxerRmnRlGGyvFQUERmDc+o0bxeWNh"
-            + "1mGBr5oIbp0PgL8voWoMCBP3ReT0wm1Td4WIDjg8jX6Rb5k2sc9EWkg8Xk62r8pbaMmKJImiHedUT3qEzmAI2oa7L4Z/FtZv5NpvfQEU1x/eMzCF9Qz9eFeD"
-            + "KtDZLSnTywEtQ4ePZTvxYIdcxVZ0ND2Q/C/9QIyyS66ubAXYg1riQJ9iXTp33azzYVMwus94zHuxOGJZSmTu/abJWrDELFLEUNsf4SDuj61JkPfZjyx+EI8t"
-            + "fZLrUTdqoClNzrCPTjb2OglxJbGdwrEsR8zXX70AiofqQniMVVEQEywJ/3K3JayRwVPztS72qJSB+U2KGJZDMdzs207c13ON7B/cSrDas72xyBSMVNXL6iCw"
-            + "AxYJQzLZ4030P7jY0mJwVvG+4rDoDoMHwMRBrH+NRM+tf6OnVjyoFcPY2jVuCDJx598xUyPUqGAI8z2k5x0hCJWFnYOohe67o9Xx30v0LrAna7yP7uQZTIL2"
-            + "Bq+R+fJxew6OBNyK2yGodBe8JRSS6+edMEZnr3GYEiSO4QRuWki0BUtcf0AGyA20Z2gPVDR40RaORJLSEYmFM3X6GhfsyvIyon21S4qY9sai2LPKD5t6PqAU"
-            + "fQvacyJVzkrYKmGu3y6WDpareo1ivbQbih3FkHtTBQZXYEqQEBa+GZoKtVhh+WeICW1PJ16g0910ewG4s1rAdnC2xFsKbEiufjXLyNlEICL7RyLcnxLSQYMW"
-            + "hHt+wos5qHsftDqxOD2VeVew6dlhbwSREiTDNcuuT/aLnER27f/uHOr7ZQt+AtZI8XERX0BHbPkqOjUPKAdHQtPA+PAVJrhSIs6x1tKikglAzw5/J71YP9yo"
-            + "hBdgeynzklNRS34AYejwXwtgFAk/q625j6+arIdrQgbkSI6qYDTci9BrkpGdJjIHb4gCudVlVAgfofewbGKVsBQ9vCznSdh+pS4ccA9prZv0fWlMK1hsHtFg"
-            + "wmXYCI6VoA29jplfJuFZ96+EAhYy/DQ6FK/JUm4Fn/OnQUzkn1X3NR9uVLVLQNPtVDIeylvI+8ZuRsZwFXwKqyCyKG5bGd8eOUOY+egLLZpMB56S0eY1qg4l"
-            + "EKL0G5jd3be1V+77mKyxU+6xxNYzPfpXUFyvhEPxoJw7jJ7n8BCetkmc93Lm8PKMIsR3gmfdFBZPc7BkjjZvPfTW3oZnSZ973K4TIBRTmCxH2VwkF4vT+BET"
-            + "ruLsWtKw9mU++dbrzN7ih5qXR8+aSeLV5rffeYCcjFoWFzwgvEf7/c86raaJcmgsqsqqQSDUbszQO+RQqbB7YW0WKf09BStKglhH9eSb56uC8Ob7ZGHj422l"
-            + "AUtGjah/dllrXkum9sgWJxnBP6Wh9rOFuLCkwRgH413B+vbzeS/PtEi9s6YzvoSDRNnJZcE16KvUm0QoqFJoUT4ZS1Wftz+jWWtIe0nKRzGj9Y3N0La4eQ5N"
-            + "8P0LBeRvcg6T7Dndoc7D4dQnAmbn0+4iQ1SGNNWtEHoPz0pvBTnEQe0JSRlDroVIiB3GMzLfj1ySX+bdCoueJBwF1tuvwn18Nod5GFlWarhdkn+AuiQnpVB8"
-            + "gkM9JpvMhgMT0D3R/tzSDIRcnBCQfpKcITZx0tdYypZCCUm89IXiKsC59gNltBQpzskCMljutPtK5Vnbr4jNXGwnQ5vZAatDfnk9pGBegMVn7ARDpRwwJ+Hl"
-            + "mQ/dSvdwveiH8oI/ou3juvFZZDx0jGVzwVPztS72qJSB+U2KGJZDMdzs207c13ON7B/cSrDas73xJCyTzQxje21wPyZFthxr/ccbXNKSjPDpe1l55m6kySAX"
-            + "DTmQEqn0RGr/ZufpwgOxCWci19JfRXpst6T22L484GfzNyKWkcFOVb5ny8DTjf8fO7uFgqKy2uMSdYENZ9RAAE+W0sqjANGFPFJ6dMz02oEIdWZsmMX/X0pL"
-            + "PLVky5S8+PQroHKB1z1zo4U9fXxIvDoU+9Qbqaw7IE6ebwQTmmeHNEHulSPbLOQUzKrMmfftINAY8VOGYrmMVS5uwgJYg9qqg0TDtUFp5Y7VO079rWCzW4mD"
-            + "vzbM6mseWvcMAr80jdjON53UV2oMmORN6paoXQuxfZO2QdsRZH7ksSihFoU1NCf9PMjvbqDV11OWUMhkXtYijcpbL6Mwz9HYDyYHj4UUggSuCMTzzhoh83sg"
-            + "MNMjb3rhLKy57BoF7D+4Zn6TZRfs/9iC35asCM9oIvP9vD4livf7kis6ocX91WkjLHXhRc8aJRbzjU9wQvQOc/4jwc5kCC6SE9gUfc/jJTHJSuqovZwutytW"
-            + "fEeDFPUgDX9s+Gh4Ytc2r876/6sxMBifxszfJoQe2Wm1WglBHorUGEc1tFSk31DczzFE7aQ2Y9JV/kYnZRHfkq4QChKCNFNCVHcSyFdD4HgZXCdOyEyIkXuP"
-            + "Ww6OAkartETgZvNdNiqh1AqNmV0euBTFxhUDaMLgo/RV+GBEhGW/d9jvxuLePgL4x6liSGjTb4omk16nMQGBWhguGSD6SFgVlnAAmlpSbv0R1Q/ltmvhbBXQ"
-            + "JbgHe4K+X/kxuPZS7WvZqj+txb0h7M9fnRS/ZI4P0APCaXM/8Zg8eRQll6A2CTFgcl+4tcjR3exe7lX1JCyoiBTqpj+57gOK/w98rx6ULkIPr4YfCc7xatps"
-            + "BjZSVqhSDM+3sUZdf1oqzOzQ/uXcE6jTZeC0WuyMxd11ipI7CpEGfhv5FS3qgpF6qiSbNWNr3NCEdflTl5+bX0DvK9el4shdlbUK/yu0mnZ1cci7gJuFQham"
-            + "G7bj5g3tOaBAKVuy8RfiYsnou8nmK/uM5p3tfxQIdZCa0iXD4qDYv23xJys1MrJ1E7PQ65XkRAo2fhhTeSNNPqCc8Q5fOoWzyUmAh1gC8h7ogVnXwC5rtL+w"
-            + "H8DFHXKl4X6JgcNtbI5gwCaMn8+0WkpfM7jbF3uCHpflgTaamnCSEvuQ42OoU2EBW1kZcgCKtxk7rLmtlrFqgUPMnsg9VWIMFHn73ujVAaH0LxG1OUzRd+pG"
-            + "0j6/mpEij3YCtWXqsZCvwt13Zx+FaaNyXmJ8Rvd5Gd+d2u88prJOpx7g8s6DZR6DcAReG6/xXoBtllfD7SUg5eHFrANgEWs38iiBy5RSylVHnGADTEYNpYdK"
-            + "POqZxNX+YeF64/HsnAXuofFO2dZF98zxdj/zjc64dxscfsOCnqV8VHAiNgT7q8AseGb5+i+Doa+qHkBpHeA+PoFKwSutx3QbzjNAAhLmXJ4Qd7JJyro+ccTJ"
-            + "lR3iToTXwsD2iuYiGXiN5zTNbyDphlK4T1ND8qPFKoa/iX6uQsvhhKyi9ADs+26zCFU28OalnUu4gYKV7MqZ61yLsZ4UjdBtfBrwMKzpbDzHKzxJV0Aa7xvh"
-            + "3xtDIG4FxXT9Wi+CVm2ABLY+R3uwBB4XS6vskMlD8w8hl6X8pn1ReqLIpbcgk6AyiaB61ynQqRO9yw/8kbAJriOR+ePY6AMNXOvNgIBeSdsYDlMCbPTHEemq"
-            + "6Pg34oBwywobUyPPj39GXyse9xvdJPGWpvcoHovGqDNo+A022oDKGCb6EeiaoAaiKGUfRSUL9Rv4oXvNv3YhUsRv7I6MAx3uUXpjJYF8NMCGUNe+15Pzi5kO"
-            + "bWhhn2jADBHK5Ita7h0t81kXUWXe/OAZBelRCBcJlhkhMj4qi6SaY5Jai8keE/LlHGAM0gKud/qGvC1XnoLnI27JtiFMmvuyAKBnK+lVmYjxIQarzJmkKUWp"
-            + "4DTzUamewQyu08POWPifwJVV5JtnqL1KkX28ea7lnmgW3RmLrJ7CgoFP41NVJtTVI4Y9Flfq/FHmvosntyaKhXgh+bg6A5+pnNtJT4mt9O2fSE25SRgToOtn"
-            + "G/YwtV7CYVeaxarVNiGAfHfpsztrbZc3VZMPBWQGkn06fNjcQ9i0eYCap/udi4y91SpEivGfQjDNhYiOLzwyLSC6F4s58jeE9q06uoyB7rM4tTX68VWdswOj"
-            + "CAyqt/2/XLx8SlYNcXmjcr4A7q0Zwtab6Nl6Wy3ZRhprxpXcnKqoe/KPvS8KqKDiUFGUjdgDTxeXMtsKT1bC0lNOtNJpzVsLpeq4deQ2+Fqw4ig4HbbKU+81"
-            + "4H/wia43M7daKx4xv4Pg84zZ7fWYE49+mR3JwW29UHCsGWO3dnXMFa1SLeUpVGDv1e4uydZBeBPLAmzWO7EAtcnzeTFLfJk36Y2RcmYYBXV+XkXMuoyEaG4S"
-            + "w95/aT/zzVZbbxtW1ENcYZJDMiZnqs1iL5c4ST4FlpZzCnWWdL8zz06a1dkmBztYHkTRgb/1M4YIPDSky6WyBfoRy7Itsv4Th+mG4tvEc49Wjk61Rzdhu2he"
-            + "9qgfz4hZvHT9R5XHydao0cN55fZwrOQTr9JnAp+q0u0Y2IDPvdUHfi4EX83bxTpZwqdC7EFrToDc+jWIoEfN6DgwPUyhl5hQS9C2oPsbwZVbDhsLZed3s/9X"
-            + "ld1HyGWsw5xEorbmIgrQrgvFjQDmmiKttL7qU4AUmsKYhvR0bZzGATLxDWD6YLt8ZErhyWkDqOxGtceG4pmBsG/M1LTKfT3B1ijTfhMNu2RKfzWtFDD16P/r"
-            + "HbtfQLtyOrb4m30w8F7EyK5wVgWSVPcoyJ6IbcGV0uW/oG5HfhtC7V4mTPqurek/HJxvIYzz7tqLH888yJovJRbMwBsEsBqz7AkqME2VC0ZTfDreczXup8yG"
-            + "RudFu6TsBlkyBlK6ZSYiWxSb/E/B7kv6c0XQkE2VrKDCos/0/dBD9LyHiVo1tK70iWcfJY0iyIlooBD21EoRWGlz4wr8vCSdjBdzRr79KJJhPQoIVE8Jgt4O"
-            + "NL1ssrcXHuXLSDW9IX1tglT0FX3cErODXZnnvqAVfdcl2oRoXo0iloCvw+qNZGZ/xITr4qeR8AdoBVf7dPUbfVmsk+ueiirhmCuqRuxN74lgYz36n2nCA7Ix"
-            + "Nt0t/bxnxdOVyKdYvfS32djf2U3A7CUs+amFlh7pUOfd3iqu8BM9pumWHuBJKwLqyuzMVlMolWX1JtcYGnAfP6i8L9yVDWOAGA94xM8mqZE7lYxa242pWNJa"
-            + "MAQRhpc4Ez4Jt+Nr2Ula9uDaEkjNnfbQAMmtAnjOAYAKWd9wWur8B8J+lGCk4oKyS8CK05IilDEIH/cSWFlyTlNk9kDKIMvo+n8+dfR2+a23Q6F/QdTl5b2K"
-            + "SPuWHxADK3xvGjWZo5zNy14uV3b3tz2dVs+0ttqCTHTmhHOl1lUFZXZq/PA+d9fBbevPP2L148h0G/k0AlvU77dOnXmTWTZdpTgiFdy8WL3n7MwCAvAeS/As"
-            + "sEm9IDlHSgj3NcLS93iYYMQCkveL5QhHxYixUOvzc9ZGEVdj476QeZYxQQxDOHKR4OB41bXtnsr/5qIeNA9UpaOmFg8ZmM5d4LKo9H7dMDuKyXwuesb45K2y"
-            + "teMgBKAEaSMu8RBeokV4ACZr8eFfmYh6CGd4ACRUVCqluwKizm/ja+4quYbH2Q5qwkKIiEWx1NeHD/g/AjKnoPfTpr6B+2jHVSM4eE8jn/X8Rr/VL7UGmWfG"
-            + "XcJ6iKxBFoG2pQx55zSZIs9PQPhtydWs9Z2QOYMPl5fvo91amUFrYvfzRcDRegKCzErV/TWaDXZiERsFYHIWFMk9fX80UyZ5bCTrSlxMzJcb7u34Tax5fmk3"
-            + "io6LFbIv4i8DyCHmGrC3HqxhbnSmmIfjK4EyqsDcGoK3xEAjsuNxbTXUwv4InNBDL7iZLF10ZD1USPkZzQODV5I1ILV+AEhKH1MudawQmagJnw2Ey6cn06Sh"
-            + "hAbYWXhHtCV4A958XOMI6/N/3CH4SeWTnSvDkW5nHxl+g2nRMtYTWoOHU376kX57dhmFi2pmKEWo/l+My6AX5IPychS+fh8beXIcwbska/ze+vqy3E1y7fO3"
-            + "jbi8VCRn2Ev+chGGJYUvWMYtg9dIO6XLDfJuo2hwQ7W7425rSUjZGhRcmiGbyKGHuex9I5GkacPTfCRy+8aHKmrMj8GeP+b5haB0T4U5ma5nLeBEvFm4bQ7W"
-            + "yYGXiu07eqcrqrfEkVq21gop3DzHRYfFcT8+fYdPWzBox7F8+GAjFpuLEjhd35RM9YjJN/X92VsPyXuVDMqfqZ8QMDRA5lLBzpbvLFEdG2XYCAKDoTLI1/yk"
-            + "rwTmej2cR627yYJcJL6kffJ0SvnUR0bILmcclkYW85m5VcfM3COhudnveC3S/xgPpOz90AJlojei1ajbXOLbR3S4VsmZ+V3n6UI7y6W0kbp7jvD03yEQIDb6"
-            + "8047mowoN3HuLwVbZzVzDn5ifIg07iYRcTCa26nMlB6Pk0vbiR/LJBb51UUEWjdgwbrbetrEXmwG8TZvwa0H4NWZAZFiYjXOgtlwft/Wk+wJeuJWSezZ1TGx"
-            + "Q9xHC8aGQ8fNWoxmu4zKBkPuQo0riO4M1YLVI9c28A4ekNm6S90AasTGiVwm/14y6IhE6wwJniZK7BsZioLjC67X6yW7Fabd7ogpQjIHpks23RT5Cep4wCVc"
-            + "9NfctFU33MgXBcOxA45lbPAvvodrg8TXg3MBOGKUloTMpBRUCA3q9iNr7qOMgJ4NAa9qiUmufKbgQsfNlMG0Pt/YlbW/nmtVbeN10PfWrX92MtdMbcaLzDEe"
-            + "NuN1cQBlFypuQjcajNOdL6bIPF51nzzaAgzqRIGfS0d73xmR+d2RNIZWNxkaOM0hwnTYe3908i8sI7Gz9KX2hHfwnGnBv4w9Fb1Cw4mMOuF6fqAa1Fpa0TSM"
-            + "kD5hrLraquv8kAJ1SmcNqWg8r9LLoi8pgSXZ2vXEPmFjFcM+iTKxOhf5ASspMxOlTB5PRiXT8jq/nBA1ijWw1cmvzlUAfpD9bJ7qFdaXmj6uJt8033dHfJn2"
-            + "U/TTeP5RcNuJ9CgAn1VOxO5TKgQAnfoNNCzH8zh2ZCipdfO6jucUG9eENNb0sJHLvLCZrKD2cIOOvujPx2tp/rS0xcA+893uQiWwLfgCGdoIECbyGTtpLy5B"
-            + "Vj+9b87Emb9BbXm1gndhMkhqP3vHL7+5gg++hBO3p1HEya/51Smlc/Xt4xfKL4EjZ7TCN5AqpmummBH+tTdFpTCcmZLP2R1Sf1vtQqd4bYxijIrRNQgV3nuu"
-            + "sPk112JiB/o8WZx0KFAPJ87UqIgFNYd5DO6Jdx6nSRfCJtKCQRrvT8TtG/ybNqQokkVZ5oF/fKEVCbdWBNIrhoLXDPT4cu/bARBCqbEscxs5JTSLGGIJtBFu"
-            + "rnNjFR10wgBhuH5QSsu8WuvK2XChzeNngyItHkfCPleDH0cLl5Ic4na5TcV9HqVIu5w3Gz+PvQXSYk0y7YtMg14bJE5pWeH/vRx2Hwwg1PUCH1xI64gFv3b9"
-            + "8uYCttGOjolgbCWe/+aNBxlXX3rVr8n3A8iT4HVpBUYIx96LHso1w/uN84Uc73tBtZePW85wXiTu31rPtkSvda8njfYQcfiIOQUhldXqGbLWY+H65UCDd2Yn"
-            + "QSaSqg+FmYMNE/DQJQiN8zrvqWxycdeU8xe+oScsjNIbdYZ4veuQBX9zel6s4g755GgPV9TL0DdxlVTo47W6xTCZqzDZVY3nuUBbn4IexTYo1Y3xbtHELF8o"
-            + "Um24P2HRmWs3Ax4t1o5BYmN9GsQ/Dllsi/5A/UZFqnIJwO4xFvdTOscfXRvgMGJBht1E3WstXAeHq837jDlB4Mv0s9TOnysHBQAX6JikJTGcl+TpoSCeJPiO"
-            + "JqRLVgwLBiov6tJRa6t5Kgdcb1RpWirRnE0Gcz4SrTb2GV+w0e0p9OUf+YIToWLPbKqqCHNGbIx8u04b/xdY83ygsQq7HATUaFvJfY4lcwjVAhteKjcLTqiK"
-            + "2yvGYmXeWNeRCdOMln162d4JhDaiVPfnKYM8fAkuQbfs16L4lVLIPhDkhYPXuzBJVUcJaeb8JUGD1vhyjMG+woCKBjD5cVkmiFlvTq8lOs7p7twlNsVqM6L9"
-            + "rMvSQcfCrAvWsDysA6DV2Mcub0sPcSsUnokV2Lgn52ASKkSHXB2hC1C81eNwcT/uY7BVPb0vvD41XvLGaqt1fdOW9q48NhQGTAn3EM9GwaVUwVeiVQMlc++q"
-            + "jO+aW9que+MATKwVQ65APMIjaueJE+2XYcVn+/RRIwzGn8sj0X5rWhTaN8f25oaQDWD4kir73YdG3ya2T8p/qQh4fysA9+cxcPMgx23P33nQk1WKCHmVp+z3"
-            + "8iFYDeIvcedxxaBw674numOcliUScBwtg/7yzSoi2UI8sVhhTl0e59l+ofkdgISn0nUeK8oUhQnfoZb+VI/ifHYXQIrXb6B4WgNGFKBI344rffzKwGaGSDt7"
-            + "sGix2apeyYetKLlmtGnpY3ZncbyTnB3AOtl8kmFAwrPLyVAF+ObGo8moHaDBg5LbfKcZN6zemS+oHJ7bDp5Msk2e3LG0vRBr4tTZ0YpRuoCKKTmAHrhZBt16"
-            + "ESFsS0h6iUSQkrFOWpnoj5xFDJIbg3XkhcShHbju/7KEdNck3NNYN7n7idlQ2hVe6NIvau/wXVwDE3ad5oNmKO3rFkGK2TSSCeR+9aNpcu72hFrZ3uvnBVTT"
-            + "XZFruLdXN6yaNgT/2CKp0NNFGrcy2M4oSxcLbgQ5h+wlJr3wh3uAaD8WDd/eOIx1z4+IgKJXP2E0cW/i3gkkj/nRWVZMJbcvQYM5g4lTf6i11ng19tM9j1wI"
-            + "Q2f8c2+dd8XwxSsH7x5RVVkiL5zgeR5KITJVwsiTCqGjvt59QdWCqzx5XQ1XfzkHZcqGIrFxBqOMrThlOugW3kb7Jmoaf34xBIM6Z9r7K0GfJekOXWaj4gHI"
-            + "bS2KBLLMb01Qtk2Y/otZGibT5imq6Xw6li6B49PreBHv6MPQ80vvbPs+0vnKO60/biOGKxeDqR+Xxp0HLpxfRHTK5Fuki1KUxQdgStYWJaJQBmI+eopV8x9z"
-            + "Fcb/r3qd+m72Bnu495HCCZi1RIE3RD9NIM57oVi4M7kpUKiEfUdQk1y0T/0ovlYLOGe1ESRPMcWE5bsHn3h1g1HJZr7cCUjFkgO4L0CHMlrl2bzipqm1kV5r"
-            + "ieWFAX6lZNstjxpSBU8UJo/onAcnP8836Tv+7LkgXJVPBqiTgWiW74AFjj6Djx6iiw9AeidwGEKREgpmG5s2jJ4buRtFnSuFG3VuXuSMDJNm8UfxBUPe5JqA"
-            + "H4no8X2xAZjHNoB3b4GppvtXTNB40deO8PkueCFYL/XHGp3KKupLmii/LmNE8TMhOqQoyq6UqHxMAEwpAegxtzkDfdAIkaR4bheiEWB/OWUL+B3a6BQuJz4P"
-            + "FxFSaTN43idlzEqng55YSgu2qqexRZKewfV9YpZd9NXPeF6p8fG5wcvNZYy0GV3GjjmOMbeM48l18vmuOxh8dF2UZESX2TMkPfABDxSoylp8koceWiNkyDia"
-            + "wiU8l+ioyi1nfwwhxgXS92sRitaHYQ0yH9hQGtE9W/7fOrcwxC+xQcRuyWoYU5HeJPzPTEzjBf7j5Kl+NdYpy2k29h8hAeJx50dr325ZejDC5L7OZyUjLjS2"
-            + "f0+5JrnygPUlBk8dG/p4t/iXYw2EOaJLcxWgvbEMwgl07SloAApFhyrX7EmUezRD7Vvv9hFLcRgo6G5bwzv6mVT9fuUeU5zXBY6f42HQkyDksFtfD02UBPYZ"
-            + "hoFdwehODYUFDL4STO/8hPM0sub61FdXyjhxR1QyfyIVY1/NY+iSV1RsUirFut28Y0x9S86dzmkWNp+3kVq9ALxudkCzogBYT/8arx09nZs87DCfePTx/zqT"
-            + "aTGmuWkq3vwisodd1Q8gLKvdc709WuDcHOTsNYjwPqp7Q+0PtGGmks70VvOufiMw4WhMrc8VTKEGjRvCdK2xp9RRnx8oIXEGa7cjEsPP299FdhvB3y0OYG3P"
-            + "QptJUC3lROF56darAqLdr+1GP3RT40q+NaUfATqHCvs4bukauNz+4jXHesk9MIH6F3qfOGv4fzbF9oPJjQV0YVnp0NgT8PR1mRqSbwPywH4BTlFffXZm+iho"
-            + "iu6YBlaRca6AfT63s2t/5p4way4j4fHgcIHnTNesMGC96NW1ELl0TdMD9Q7h/2IxWv7rQHSNIEf5UnEbkEKmvXIYd/dYi/ND154MpRvYET5N37uR3BAM49am"
-            + "6AZEVtWtYKc9fIPC0A1aFwpj1HxiN0ksWjpEWVtRvz0Po8fgXuxSo4kNNAUI/eccpC2FoqP5IDPceZa8ZVfrYQEx9bKeqvdm6vVV0JWh9thy2s2gbmdGtUb6"
-            + "5XNdvfrnQibOgbRljrBIWHBpxlFkcRfW5YK9MVHfHVLlXQv7XdwRuqUIlzoWcfB8QOwmsMHM0xDyZPdgHLPwb7bFx7cm8n9UWwhSkjVjVKu0y5aI559P3aD+"
-            + "NPb9Nc+AnxoJebsAavr6+eTPfvAM6EsSDpEadDlroS5JrrY/MSv9KrLQSdzNSEYJO/AalZA4Lb69QShhkbGYcd+R0dAmqPyf+bElbsg2vKWByt6cDoRifUBi"
-            + "JaufTb1CNx88zZBeKbFk4QMfejavOU5F5t9QjnUbHzUmY3IylDD+H3H8Jii/Zbwm4+jPbWD8yDMxKV8gOWDYFShqaMB5yzWv04oqHjK4Dcji96c7xK1qNGUk"
-            + "iv39muMmj+ThJb85BW7Ig9r0jpHjj0OXjDx2qlpsgH9nSyxnglH+w0wYVn7WSjGr27ezjSJZuaocXPQ5XCYB1yqpZiNpSUA0CKcHnMXOcN+0qaq+ESX8o41B"
-            + "A0T2pI3b/cDC0a0AOfKJGvtPd8O9QKpRluNcVJEnVWtf2DWMiYPLWqGm7WXDRMHzVvKVwJSBiEV8GE2y4gfWx2tETKLO+sAU354lLA5rnow3Y2A1katQ6Q5m"
-            + "ztrfxBkYxb/i+10q0Vx+sXHccN/O7Teovh7SNIchHt3T1/jEpMk4CB41sR9xhXXJd5XzIbUJdYx8q85g7SOhmQ/7nguuDpaSGg/iOIrP8935mmr4N4XkLnvT"
-            + "SVPNG+Mkp9YeWw72bEHVoZzxrFU00Uw+lcsM1HaPgdGc71LDG/g387Y3ys+/xe3d+4D0t+hkecGkDwMMdFviMnqO1Rorj/Uh9BkTSYUbWiHe28iuLsSgUWgt"
-            + "RnZbhxkSwCxc8RA4fKjd/GfwZOooEnm70POWpb2LRCi3CKW8MNqz1n0Udv1kVZt/2D0g/WKixQ0ey4oHwzg/qjG03VSrwcP4LlqGt1tG/2DI63r17/Nfx63W"
-            + "pZxyb9kPvEh1VUW2JMtm65a5IhKjXbocr9mm8ghlnHjCOa/ZJ4+9RP9wyRf43I+91BbwihgPe+zWLx2+2pTvx9u09fPkVWOJC4w/ebznc/Rl9xYJYZaqgrfE"
-            + "W8IzwB6nRZZOOR/W/24VvAez/Tg0TQXBJRaQG0G21ogiUFh3VqhpF5sDIOR2vcEJUrKnTUWJfo+ZXO8dekBHIKvbYWfAYj2DUYT73ULWu9yKFO3PN+xQetJo"
-            + "24Rvv+PifiLFdbLIak9Teib5+JWYkVzifKXk9raYmKPVVSQIhNwaBfV+ke7ABJh15HQuI4M+3XbUjL9wT/L/uhCwAm9AH5pcwkyiLTLfyHc03JKzx66URMcI"
-            + "lKWX2vPQPDZMzhW5KsHExED8psBR0MXL4/BrJyj3mTqw6P/Y+iNsZQ8LSmKPeNv9w7SI3fMfTI00qLGA6FA0bPC3eRG4ToYPz7hlsAoTTgZp0u8RbCy4HicB"
-            + "6cfGd1A8zoiLDn4R9xNHKLN06vbjKKO6hKQEje8wjD2gLmkZOvwdHLZf6tEzs2g9jUU2zmPe8PjtB5lUV9gF9TYEoRYs39WNxWw93YSousWhdWD0cdbdW2Ff"
-            + "A0m+yTXauX0i69et9sbZdkQXVsXLATrJ13va7wa2Qv10Fs6gLIyZYO0gwJ6ZTcdsoKE2i33vzFZlBehZhChdmQPLOGrFqVScLpiAGs5y3JmTLED+MGrJKyxC"
-            + "npoHX6x0BWb8dpM8cC0ADNS22P+d3wzdqxryRz4SueGh0Bwj4KxuAcRx9JNQhTCu74S4gewQD0wF8rs0w6Q4haI0YPCA+mFLo8U/uhlTr5bcvS2qpBJr5Ndt"
-            + "8PBl4O+9kK81+ZhQ7ZB7DSOVpAU8fJ5qJdl2zxZO0WZ/01ccdu2yLBbWe2jCqY/bm6c/d/HxcMy2CidAaW3M2svGFNIV+rjwyU00td6mCU8DLyxvJh+73eY4"
-            + "dapzBcIADca9rR6DKBuugHQakvnyrSBqAUolVlZOE5ZdAUD6fxJGA4TlEjR+2RfDKdwt3ZqC3x/I9jpqnVD7ejM48gn7Wd75AkizX6epm8Rx1wjfr21+Ah2b"
-            + "WZbo2kJ2/rdDoaGrgUOumdn5VbiJXD0PpZfUamxa4FQKjxTe/cGwuPgbtjZiWQpiiElKP6DV+eURWrmZ2gJ5xBSSFgWiwfY/Y4MunTt0BUe0zE0H+kbrV++r"
-            + "x3fVb/PTWQiZtKvMDyvETP6mpW7qtwJxj0GeFngWkY9dThGpTm+xR11vVJUOhkPgao4I1xsPDXIOxiJdBsSJOV+b03rTt7jwXS14bqwJygcqXjMzV2Y2Sd9D"
-            + "f9SeenUCRWA5ESTnuLE/7a4Jqaw5lxz96mP0SfXoYWElzxhfAVUlws7JFC9TX+4+iuP6iRfsiJDocDaDGI0pgDmEoR455/w4q4pAnP5DTn9dwrQm7qDEjpNN"
-            + "8dCmJouAtz9hvfULNBOieMITTYbVFmucbYTy7fZ48X2sLjH+AiNDahH1pHcMWLkV1gCLZ4tFXlhNiItQbupVuq6eaJ9LOWw0I0IyCBl0a7c1e4+iwkZf2R1t"
-            + "9tITazKID2uMn92K1oTxlyX6+GKEPSS8pHn1HFoy5XlsEa+L2m0EtB+fNnDLWWlLd/nJS2MbvJDGp6IhiKSMTk7uGRfPJ4D1jICrkmi46O9iWRHHzwPnRshh"
-            + "rTvSWZtfc/ef0CLI5vaTrTOfwP5SPV+/AchPrn0LJB5avY/+TYNoImQ3JvjKvNzZ/ufw7rxAAQdybZR12LHYLMLAR/xhsp3zn2Lzk7V5Zfe6dJ9eQOgyoceX"
-            + "0mmnfkm1Dqc0LwXcUp12MNhx8PNd03UMUCEqJ3XM1IbOxUzcxuC8O6Y6H/Uj3eFNl7upiIJVolOYxc03YO7ei9pGRFIN8K0Q6u7uEXjPYILzTTySFkW1hoOD"
-            + "2qcPwn2NGKY4DuLQd6ThNLFyf9sdRyAwdUvDzAT04jTYtuz8VSGtPJ08ToXFmRnZ+NCYhyvrte1yfOwX8A3Ao658bmKJ0EI1LmC7Vr9vlu8W7kiapyVSB/Ts"
-            + "xtRcqJWqdxk0TLiZxWYUSp9/qiSvfPbUEVxbuSkCILagtx0uacyM96+5b1duJ+NLzYcWCmk65LyeJvLTOOmGsYkIykazykn6Du/oSmhALFmfSpytdHIwcWiW"
-            + "fubtC9TJUsXjBM/iu201Bfv1N6DAypaT1cmZDno5crYEitf1/DIfZzcoY+zY9PaIpWe5e1WK6ZcKnr5muCftUoICF0CXTtj1iRr2Xtf7ZNfTJ5PThHeOfusn"
-            + "qsaemvPtEXgSy7j5tNUoAKd/Po57vddKMPut0v/J/twmg0UTyVrHeyZRKjXObFNHL5egyzgsxOBRXdO7slOKxGJNXwNqkslSDa60Bbo+bWbZINUrWYXyXMWw"
-            + "XtkyMhI9ug4RZfqktd/T9zd8jZcNkwTpu2IPrn/r3Z2fxZt8TgioSHdVG+6V5NL6JYO7HRm8FxnmRYXprqSYxMVWg99tBOnmEPfsEs1pcoZuLiRvtNPxnK38"
-            + "00RmFAHjoK8HI2CGUsTVhG33VO7NYqb6MksEtVuJstQBB6qX1jFYyXPiky/sTzfxRVShMIFdsTfV+gjG2fsfdUN6Myd0vaYb0SdP9wqQvFTgJ5CW+6QTQSM2"
-            + "z+5AVLAM9AkviMSvMsfFHUSkpsQEGkeMJt/DmDgL0j03U8a1jDkYCMMnvSqF4bh+v/uNF/g17ppHRdlk5DBumKMsO92vgILfLZzR0eOwJEd2eykDGO9qfVNj"
-            + "5FJvFRTdzsPP2rZNz1vOIMZ9FkDVtji7ImfXN4B+004hmQjj1R//VdVS7B/O46PYHN8i/GBw6MpxBemmhkYOZRdizLRMn9x4GnTVSfubN7iBKfwc+45wnGqN"
-            + "Slyhof0X5u8nQqU/NyTFffOLq2KEzEsml3MNpEJbtAN590BZD4FVLiLSev4VypLnYdFWDLjYXraHiidMKLCMEcorJhT7iou7/nVy8v0u4y9r2k16zDRz/4XQ"
-            + "WAvK2K6W84eLrG9w2PmwQBWc4ArQCWDRcsqrTVt/fnfz/NJMUngd16tcot2uZeFQsaSd/M3PwiMI9TzkG4mJnb+bDD/4jNqTGNjGzl6RY4OzW5zl5/UU+BIz"
-            + "nI+KWE4eWJdNYid9zrftzRzIyKle+puGLmDM+uY3unUTVo0r2kjkTRTBmWmnbUqex0gmkA91OCAJG41OHipNN3d2gQ51eFxG44xNnQ0d5BOJiZNbUJu9cOTs"
-            + "wCh9i9EYYSLYNjctT5GDiKQsyjRl9YDDl9qiJdK8xp+TyMtsur1I8hsnwyQLnJZ6CgQD4GyY4pYShHDuOGamWXG1+L8beYG9uHq7x2VyrV76ON8iXTcE6qqO"
-            + "rwbKqJyTlGH380iz2205tVlunJulpreDkPTQl1fZiaFuJF3KSahKk+CBEuSPu/b5kHiAdffiLKft/hjlhuXqp7nQcPRwwsBDgKmacQMDcwcnFSWtskw3qR/J"
-            + "jWFRVGxsgXP718/ww3ctIf1HTEgI2dnHsL16hp+GneT045pqjkB7FcE0UPBLHgAXCzfFRZMw14Mxir4U7otWXdIoi44ml5ETolSl0GIyTLakgbEQLO14h6EO"
-            + "HR3suqJwnri9hCRAT5mxWuEmpZ22pPUDBx8u8FXFqAkG4h65bnQNhapHLxSy8gDaraGgtoypDD1dHPptnmBlp3OFrwApXTaEa8zHkQBsR0XgBwBamTAdoQQR"
-            + "A/9bgB68z5MiFAHlEEbY4E1MQfQJlqor0ZN6o4euUZwy5CO/0TT9peTHmoMb0N0fkaTgMD4PpxzxCM7uA2LU0w0wJTFzeo/KJ+dEOBGxGOaqnoBPslaE4LEN"
-            + "0YZOPJ6Q0oYelcHdKaX+KIXezXWlkeiLoR1MNP+JiSgpHb+1tlVXE63JQyqBoPem7vZWg+teiY1lRQMPhZz4OlgiGeob5vp2iL8PNYQkKp1QCM1Elga+rjoW"
-            + "T/1MjLqsYdUVRj583u1tV0aP7d7qhJyQIv0hepkP13l2APWxwxlfgnbrc7Q542WkdQXCbAD8fhps6jy0hbeGFlr2pDCIerg7dN+dgchgvK964MY7Bt7EB/+U"
-            + "z/uQnAxtxl1rqjxH78lKF+75yUIN+bX812o4XLWoQf3otJpxFY9NvV1B06Nd+eif+BBmL1Se3rcOu6V/vcdp67zY68F3oc0B/SIbJslM7/4oXj01VtGupNHc"
-            + "tUB9n1d2C0sBzN3OcC8kjMSHbpsCQCgqlzZITkmXAgeWSmgqZerduDidJI3R8Vgpp8FggvCr5LG386bRnZVn4z7freBZNjj4twW73YTGE7GM9X8GZ2/Y5gp2"
-            + "cDqlWc3FDf/7hckxL2+hvG4vo8Rjq/bnJEAxtDRS83v/TYxj+J9Vf3dHbMeYGSWqU6U52Wxy9Ti6LlHc2u+RNouCAYEFyPslKSd24Gyrfyte4PPAmN7ejVU1"
-            + "YRSgQMNw7FkYn/Az8g5fGioeEgm9KICe0r2AC3/4zIHOFgDs1IIObwCYf/I38l/cjd6X5A+pap5FDHwT3G7/pUNJFkDUaCDNNiQJiVZtKKr7FCHKG3SWfXAh"
-            + "wuEYPFp1hIo1B3yDHmiQQ6PbVzFxoiwwxIXXO/2Afn6agvXtBtE1vp3W/PZHi3onZ9b60Hn0Tbsr8B94qZF78NO3bmc/8QVTAJ++D4zaImC5z/B6pIz90175"
-            + "73I6zJ/nnL1uSTB+NL8AejAA3/aK7aaoyOvwpSY1HBF7K1GlznHBhk31OwvqVQJZ1pazUkYc4bBGRhSMc+/D0EN2OtnREdZB5A8Dkl0H1QCfZMSEyz+okiU0"
-            + "/zBVZwKFBEm9VTmRzeZG9EyOHe9MAjMaZ6OQFZtpfMGYRvUehZgxL+o46XOYvr5gfcXVhLaYqM1veruxV3fVHhAZK+sLEvUG/vMam8xEf8ssVqhYSKM0q8i8"
-            + "1okmAMTY/PansJzYFp/1awIRD31yZ7H/aBGMElPPEckD5zDGhz3DdiZOsT29prxNiiEGUzIhKwjv+7GLZBEjrJz1feQfKl8dsQaFXOfxU1jSAEGtH1ZV037b"
-            + "xRlDxugpwQ8MMd1Lr9IRb+b8R+EbMOgvIdmiztLAesh/1mJ8FJDKcw4zAIMNs4a6X8tiMK4BBPRCEEkYFAtW0XDZXCJMoh19RC3KhqjWIkvHC0gcPXuqF6TL"
-            + "M6j8CuBPbk9TobmpDBSEExogCehS2lWX+xR3rK1iiaBYm03vinx2aT2C+L8BljDFnYiEyP7G3ErOhRU10HoQM5uwSsX4DS/w8XSMyKD2KY9lrGicGsueAWiD"
-            + "13h2Btm3190FGTpIzwvsE9y7VePqWQiWFdr3wwzmadAarEkvIfRGMDlyYmQnX43XEx81p3bUopQifIvjOE+RF9CXZwo8TttUCzQNd29j/cOq7tL49PmoMfyi"
-            + "hQwAWWUP6kC0F6/omB4jmxo2g9z00oPk1RPrJIvh9PyzlnM+EzmzrKXfEwramnYQK7XTT66xVsS4G3lb3QJJIgdsnB9YrZvnwdR+iBS72eum8Z9/7ElTTu3e"
-            + "rmAdWLd/KVYblbYWjpoewnG4nN2LnZpO6q5ADL/xMrT0LNELXFwJ03KoFzjfW007+r2lsLI+XEGNCDpDU7ZTwZBlJdWOnGr4kQIVM9AkOVTszPFVBYSTRJ97"
-            + "XqV0+AIxIVLavNex4TKBkCLyea55i0EtJ5qRu43mCpc+hkMuQ0a+qA1Ke5tqx+4r5ZXVh+zoW2gzLaOFqbV2qegLMMUeatHsqQfdWuCwmC75kMM2/8IdNwSA"
-            + "w+LAENbxax8q4NGcLABkMXl8Zd+xSRn5PfejX17guTyri9ShkUtJj3EJ+Ay8PxwW1ZqDdjJgnHk1cFjjB/xT8bvNXDeeTs19hPNbbe/yv+RDwTwVQwDkNt8a"
-            + "vdWalbMf08IPfJnp4oG//TFVZsUU8zHPvGOwhSfDgezJlbl5IjgV6qUsCF65GmliDUkfbW3aEQMO6g4qGdkndSVyXIkKvKxoJNMKs7jNJooJQXag3grDpEEP"
-            + "Jh4JwAUI2f6Gop9elGTaB2kOcB3Etdby4NsE8eX5q+Dedb3Pc/zaXwhWjmYHrRe6C6ryOSqXl+dXOrIu2rv7ZWHETUKesJ6f3tVBC32JfJj/RCdzbHE8hvXa"
-            + "3VlwXQJkpW6nbWEl3FHNaVcna1RUsVwLt26busGfRBqbJklxd5wizPlw7ylbe3CWkhmY/DS6l+FIiIGOE2GkmaBJA4MClApEspyKgWDaiK+7b6caHrZQJG2u"
-            + "DBg5AgB4b1qUlhv+1OPYOEkasbsiEw/NOF4G9RYnFlkYQVmzfLq/W6QYyiH6GqSv95kDq9BqE7VCNQKUtL+VwgeluyXR9vkdBobGmg7/v8YlG+tsdHGyMDRY"
-            + "4BOku3m/DXjpvxSezgTlpL8WcrIJPwORqh8D7fOWploIVRs8dnWZVz+f1RhDwAQHylg8j1HZis06kbn4zzUtoihhNago0S12wUe+zxfhTpSmX2p/VQ5RInG8"
-            + "hB2Y/q0XcvRlWuQLn6Xn2BjOUC91880E0sg6r+s8ny9I8vRaGZ4p32TQ1YdPT4HacXVaJ3ZTsD0JSxpWgw1ee3wsWK6hJwnm7I3GQRy8EH6VQHb8bNLU429Y"
-            + "WV9ormbF/tVTbX2G202MlOudml5o2pgdHAzgHV407xeH169z438LnWR6etGwIBa1sTWwsYQaHFsAAhLsROAvJnqvgu4khsFCcRuGWwlubCBz7Nk7NL1B0kYM"
-            + "GOju6oURF/ROENKCAEIjnf0x9iuOI1olgdSV+zqSlaJngiwUIvBvPggBg6Ldys1CFjaMoXSDupDMZUrp5ZB0quDnos+vrKNv1VVZpRuGszCWx4SZjsHVW7at"
-            + "f+fGMabo4lz3SgzOGeuVM9CT+zwLmYU2Hsd62myCISW+dOARTB/qTvtooVWiMdwe+g3lEee8841B7ieb6aa7htdHWsZoEHR+ft85WZLRuAKMMrGJsUV+WW1Z"
-            + "k1AHDvvhCir9qVXQYOXtm4Y8kujG9ZGGE6oxmE/U7sdag41Anf1EA/kGXEv0HsrXwUMhA+3DHrnC6EUYtJpZwLApR3Snibw5xJ+53dlioVJHWdTBHM2jWH5h"
-            + "dOTNE4LnY9gDnxqfrPd2tIuZgj2xbt84Flb0+GWbQe6ujgqUqhpNc7UnEpZ/WpkeXg/bBb+W+8chD9L0DR7GtxrAHfeguhIsXgDJiq+Y5fs1LBCx8+Vyancv"
-            + "OrdBEz9L9nPupAYbEELeL+XxxuvlJYxKO89SPqfa3lywnUUDc0xx5rlrfj5G+KwDyEqMHPNEO2EHJzn2RaBt+PKOcTvND1BwVt69H+HDf3dIB4HNwEQy9p1h"
-            + "N+sN4qhUxkAprvV98bRFQG9SgQtTezdHY+XKmi31ZhdpjHSbgOstV3r7D7RZg4VXwN9FBhllMHLcAIsSNBaJla04DuWddntYkeqBlSc2W0Jacmx2p7qLdgZ6"
-            + "uUNJWsLv/488j7adGinKrS8w8QuxZUGU0lkKe3Ebw291dqi7jyVFtwGkKjc80Q8mxiZ4Xgr29+lNjqxFwQRJOyTgGxN24l517vM8ORDRVfaa54M18Y7i2QWV"
-            + "6dQ8LYADwBxKXq1tH80Tz4egsdmeLGh9LY97ApbAhHchJKtqZRIgusRUDTEApNy30k+D7OT+46Xike+ebdZea3px/CmOEd1nyuEJMKVY0B2B2Unhg7foMPT5"
-            + "haqjvOyjlgMjI/RDp+Hr/mBrNu7NySMU3JAK0LuN8RrYvrcVSKd8VZXhe0C4jRQN40TgMsEaeNZ5VWBtAL7v/tIk++gZu8n3yx9xx5YFzXUvxmzSrNQNisPP"
-            + "rmFwYjCM2PVBy8rJIp7ouLV4XJdBd4RT84C77lXPyO6+8DpSmRzJ0Ud1WyPeRpvrsk2BdYQTvTdxX+ACm0XN4xgYrsWTz8jyYa+Q0IhL0nP5YZwvhPYB3jjD"
-            + "9VSSq+uyTIDGPkVAaHoHY0p7NnXesZX61nOoEftMciH+e6OEey35qoQ/B6IpJslLNFIOg3a/HVxiGPJwk9MU+BspbDcD7wwBbBxQHbdOo2ZpsK7exOT0ZDbZ"
-            + "WuIevNmq3xRqdrbmDB5s2S0DY4v5G/n1fmVewa/stgU3HlI3+d7+6lNSeTWXlQ7uSf69I3LHtBPChfFmO6fPXlzQyuDo+8kyeWTRJXkTkN4DB1x0Bw2vH0qQ"
-            + "FRUDwEEzCABbnJcWEC3p9f3rLnFDZ5Df6eb7koSgDpfkg+9xl9DQYhedctznsDJbpd18zgd7OAZvbLi9hqh45pfIMDE8320x/q5GANWYPd+/2D5eCcYtFLid"
-            + "nVcONtY6HmLggRicrwOFPSLtqLWZylPIf8OrJpwlLoI3n/rEQuFM/8dTk0lkl8VaWwZmOl+HqXZqgRk4TjqUDKpEzs8yWBgDLq8gWr806SQF1PQgi5H3anZd"
-            + "PKZdTPLuxQuXHb0XpZUsG/Pt5pb3NR7iHt71XKcmbX57xWbDnYjcYX9agDQSOS3BuWW4X0hfgWtTHXYAP3jzp5ECJRsRSGHrkODV9Cqghs/Z5jpMofk1LuRe"
-            + "Hl9KcvIISUGK68L4kGrejuXKv2yIAtwNgj25ZrRCD1wHSF0PWIW7cguCFiNosnVpFn2Enf3Futy678TTDA/7ikEYjcCW+3+HEkO2geGcFytrZRod/IJQ3YX7"
-            + "aeajlqS9mYfulAo3t0SESTRrAOVpQrgvoF8MM5ckUUb1sNwooF3I1nGtxjj5vBjTAbqCLWyEwgL9hW2lTVoKE7mfQlxehK4HM8UrVLNGyDao0MUlsycDviBM"
-            + "YcM5D0el/04VYTRQueW2JgEiAtWrGbq6doWh8lS6YCnUdOYGOPV6jrjFWUdkOuTKrufO2Yc87uoa9VFJwambUGBtNPX6ujBJkGVwlh8Cck5TYzwNmIUtPsdD"
-            + "sTIj75DwFUwDBslUgSHcWF0qmVRgCZBlBf7r15wwhSxfc7ZbMf+wRqvqa0gB7vakRGRB8ONZw+3B/zP8817L5k5nrwYod/ED/eDi0svhksinSGOASvfNN+5a"
-            + "zwNaBQkRYS15CE/PORBFODL9HPaKUjxiQ4ClzxXgyCN5Y2/upoCWpvM1ovuylH+j6vO3sDbwWwF6gdkhMtRU400kO0HfAWSv7CvNK6omEBOTlPdUNC7qxY6T"
-            + "WkRidHPa8w+nxyJIwOxBbGwnVc/2NhrU0qBHDpOcxeAnGoHxAqMocLo+NscpRYaxWQufDNJs78aflBO4vd+kEllx9irBBot9nOAkbj6OeJeYfOsyl9h5uzGq"
-            + "gqYIfusnt7ZZ/vxnJU9HUf0TVmYOzsnB1GQGi985lEWR54vl2Z60kVqPhohch9cPJuzJhCKGpn5yWKAs6Rful0tmbYm0+06klayeD871s8w/5ygOjSmHI6yO"
-            + "zknSV3bNYtlSH6YrKtugYLDODvQTdzGZEuNAO+S3WivVIQoGjuZZpSgbBRHsPA06qXyFeboR7kDRIlKMx/pWwqH5xTtJlJt/qWZAy35GUqGtm+xmn2vsGadj"
-            + "Rzv5wIjj+iF6gNo9yiiSr0QnImYGS/e8AVQXuAXt2WJd54+VtJwPYbLly9f9t4lpbQvy+uftsJWH5OjWpwBmFoyA05Lpg5ErlT5IOj6MzTKgvMbq3bBlGU/E"
-            + "97KP40JxaorXVnckrLcY5RhxUwrlMtBPedPuRJn9oktotDTwoSKQWMPVewecPKcqLGPSLEbMkY/hDUWttcpwtDE/Tj+0EE43yHFrlANS96P0n3p7/qDaPgg8"
-            + "68Fm6aYbxDDyzvIvPYvmBIuFHWnakxl9+BspFvo7kyeg8mpBbS4kpvF10+8WyIH5E9L+Pgvef9Hm3G523xYmwtw5CAXJ5BpYVgOvWLFE8/d2/QreLQ+Ubj73"
-            + "HJnEhXf29kwxxB9C6kYsDt9SsIp181tOYsMTfPDbGFOKFDEmITXAORqVpII6P89oi6XZMLShHGIwjRTxx8NxrZ+f3ouniwzV1Z5KiyHGezRzFrKXX21fVpb9"
-            + "gRrLWOtHCaGVBkfOCetmmBWz3eoYsrpkUUZImxqRzOkn6brApbCvnQ8kcNtrUeapcrMm9GPTr9iUC28zwdkq2ayy6DyZtfHKM+wEWiwjE7VvrCS3a9L/pQja"
-            + "BaF0VDrUlH7JDmQH0SiYAIomDyPER672NmIKG0452H7X3WbV58bdBJ/msRPzgHDwAn9szXbIysIKYDuiMfDuphC0bIpe9a+IysqyvI5mOC/NEoXNcZr5ylgZ"
-            + "3m6JNhtZVlvxEBxre8KsgIMsdwjDC4oeRd272IRSxHPT1YujuoICPMsJmdbiRagOtdRLA2Kpax7FYmd7cN4FOsvt4FpQMkQmaxPue2qI4vsgq3oaBBUVjNoX"
-            + "6J2uDDJqa23pcvTzjVazfUN1NwRhf1NoTaDOmtVhkEnfrJTEM2bb+sDSkIQ/+c0xL8hwdPnWbXYSu8FIifyAV+Tql6K4sYRU8dGY+pHibR5gsgH6tcMPwLL0"
-            + "TcF7JIb5XmNQAxAHqgvMRjvYLdcwD0ntkgol9hm5tluQ9Q2GUVPNKt7+omzRq2Lori9WKsQ1Qcu1pDYRQxIifp3kWo3GpQKje024skgoDsgECobshAIG4wgL"
-            + "W41EIZ9zCnRCbinEACwV73OfpQTMsHzpJImTIQi8EO3gkh3lz9D9Os3/JZSm4wUrr/HFvwp73l+k/miu1b/wfjaQF3JkgkaQL6EEfOBNjkbziWtHn3Dusdb3"
-            + "1kZD2SHQhHzuhsfVMg2H90cR5T4MSvfrxW9O7oE6helXrfRZXbly57pXR4puuvIe61hZIiDr+NFyotRBkoUzcvKGMD+pse7HTq7u8l5b8OZ1Ccgq9QR5+yaJ"
-            + "dQhzGqZI9GuOswfhvqLUQSw1MqhL4AK+N63nmWnj9SHsarWoom3S7vATTfegJ8IMK63toQlJt8dUapER5LNJcRqylcq5V7M4Pw+fmI5ZLpBVU79v2A4dDr19"
-            + "+CvZ2wxHthypMUffg8W89lOVceAhDe9ToPykrQNFhgqigLLNgMvHd65hQxwHU7REtCzv0QnxL2moGRqN/TClqGRDWpu3V0sPkuc4Cp+skBRXgaLmnTnFElAb"
-            + "ZGdumCyDQsm+dbmt8DFMpFzx195hwCilf1EaWACQYBDUhAQ/FerOPbPwdjd6xgeVto4yNXBeNd74Vjb4WHS6bQAG2lYFOqpnGIEwjKl42yehs0Meq8StnaPU"
-            + "82TPe6PRZ46EgQ924x23+Jnx2SYrORvBsgKrDjt0oPa26bNWA/vbbMpdf/sV+ih6HahcSPPBlPirgeYmWkqdrtYpInqsy/0c6w9BSHcNN54miwhyvl6B8sEQ"
-            + "5TB+5Ht2RXAGGFQGQNpvTjdreFU5Xkqqx8SsRerFRMQT6R2so3REq8NOTZxnzyh0n67c4v1j8WxlMowuxLY+sMtMruQD9bxugFxz1cD8EYW0jBNNaJ8MEbEN"
-            + "AG7pdKIkS9vDqEqZ2z3lGKzQobmObpA/wysbyedhLR5cOXllzZupI05hC4IClgaIV36PMP9q7fAGE+I9a11SErrlAyjHz1ZYEgV8y1MIf8EFJLLB5vNOwGI9"
-            + "fIZwE62DYecLV9kM1FmkDvSC0MsQ1sXFzMtv5K1VL7wudE3tbfTPVI0WMGsAudPfkOkVOF72tBxTu5YQqBiUaWK2b/Wo4W24kE2wqsiy8eTkOs36QNSTkiGp"
-            + "rJ7kWIP+/5HHBVueU9AggMtWapOAOnsUOcW5N45FanMfhm+JqM6JzSeHJGbEJ0w237zf8zU3+qvSlTYVW/vLPp7o5sn/fujL5JcXJsRBViQex0iP7WeSfV3k"
-            + "AeMk2c2wq0HCbBZGu/Ixx+S4J/r4BWnmxesvPAuyEKAJS82COGtuIMUls38QF6a7pzp5AUDjT+13RgKoaEGNqeNRpPn71gpujLZ3JbU4pRqiNs/E4PaLCATi"
-            + "3jO7nIsmktlJGzq8IxiSAK3MRYm1zQ3yREK4hZeWSC9fu0M04f8Yh4T7v6/SYjXY1V8pv2y5s2yZVOQg2H8FS7Ps/K87nJ0/thQe1jSmxz6BwsqJcJF2dGTz"
-            + "7uyqFhgmNmHI0nfypc3CpM7rdKFA8K7F+LsEKogh3EqObx/1hoGX3K8c51l3EPnSlS2qwqmkuDDCJvb/3QRbqGDPTr0w7GnPiJ0/71+RXjb/QBpJBPzBKT6L"
-            + "q44JByo/luuHkffLpTpxk3/ALhNZ2bfCZ4YAjdqIUdijiT4OdzLZMkqoF3zUvWy52hCcBVREOFXDrA4nR5tKfDeKoLWErbhbWpfkdfy1W7RL5BiTDhSRuSZq"
-            + "eecwHZ40sxJ5FsoO9w0JFec/+GaO2tyXuVyA4C+fCNPTfdWL4AKll/m/jzM4q+OaETLZtraJLwe18h7/BZogyu/spW0xrKTywiDcd1bgczFMmrRVdyq5erlH"
-            + "hUI4fhXo3f7W56vYSifkisUG7fEG7trmyAY8toWAN2kjhvNxVIff+gwXXzh3FomLg3laA9yKH4+wg2Giqq989cUsqDzWHVWd+qRQSLewWbfoE9rscH6qhtIu"
-            + "3zUf4lvcaMxny1+yNSDb9MQ/yUyVK89uwySIabm7Le/ZT5CGe1+NzeYwmc3qA42holuSTVGKbkq2terM/aeNUhO349tFBolAowZtYo+ePaSHW2R3bCb1yVle"
-            + "I5Dv8tSHCRLdwnc1SdktoRrMBnylKbItQb+rL2MU9QnBDC2Zv+vez/18wnOXUxStqBPO2c+hhnRb3ZWQ/f9kCSWrvUoeaEkbV3lFlI6YvZcBHIEceJaYmzs1"
-            + "or/PdOXRdOqnPM/vO6jHZJnh37//yJbgzu31BTn2Zgj1TpJjMcZYjh7Sl7vxVEFgLPWiWlVnzYpVmDREttAZjn8ffWZdUzhBr5frpeRvV2SWGhYqQ5GeRWfk"
-            + "dy9i+rO5+N02Sg9CKnN10G3f/2qYUraT4WP0nGN/tfA6qI8OPcNKZvLZ4yR4WSoGqZPW5ldmt8kk7wni4xlcuKdL8BVjS9m9Gjnb1WhxqNzncm1ktiRe7FMK"
-            + "K+w7oOlW6kO3xVQZIe5FlPReUyNin/V91ZjOTOOfVCsWHHxjOpmYXVDs5KCeZ8jkUCe1jbAgIA+i9LxfLdjoPpqS0EDtcGA9YFAqhIJZdl7EK+0yPSyWzeI+"
-            + "L1ri/pNHTlkU5+b8WG44Nb95eCOFK2PPhFrW4ZySttaTpqlyM563dsRUiSBfMMJohKn3in7/YeHcobCDRnQIXnX+awtl0W1IFaqJr9AGHqFSqv1FHgVaMBit"
-            + "gLrurcmZ49ZwOEQER3QVnLG6vEwhQaQcBRulYlXwKw7pCv7k7L1xUSErIdeZ6/L5nLzfOSaw6XTo05oCifkzn56KxlSzx9EDJf4cGPFPOPQPjfo1lzPE7KTm"
-            + "ZKnI0KjwhUmAQtKlACdpvHtq1vyf+Q3HQzTczz8nEl7AzW26w8P9IlTb78xvya8i87wtP9HPFi9sqyqBeYcaWwDLSPRT7hGc3woOH9yJPYpT5Yddu8TV3L5X"
-            + "vnb7K4O/xI4skGU+IIPZpBRJL2D3z7bX53Pq2uM9aWWrcGU9FpCb4u3anD/GySADqm2ds8AOmklSlP1wf5/VqoSPCO/HavJ3AeMsjkW51dx6/kSQGv7jaanU"
-            + "d1F7hLDLePAoKQ5DMOdVoo/XW43JUZfPN2P5moZDA3a/ef3uVbbVkwVOCw0p6cmCDC5G01Mk9MQeyLPOfxkpWlG2cWMoR87c2u4p+cEBfodQ0qEGJK6Qs8SZ"
-            + "JU0mldWgAKMR4VEIbrpHN9f5zdj5jQTfQ7HQFiO/CAwC1ysRCtBehBvU9J8HEDYDX+b/X91xLSeUTu4POUcFYJxAwmo57vYyuVZCejPHGA9oU1kV4IG6zoah"
-            + "OagrOADQ17qOw2f4jTctWcZwwFzyPDuVG4y2WsfvzbtKKAGpc6fG9ozKG7pX3mxSw7CdwN7JUuLoTI4bx2FZXoMeaOd+imZFYwGqIMVByYCJ8IL+oWxCHsHb"
-            + "TDP7jdRv3rmTgpD49tQ/Si++OYFsS8H3Q71d3R7EMaDmL1qJk5FXUfaj7HWQbS133FjE0+GOzdKkU24g+RfIvXfxPAK5En4lqVdvDysmRaJn2C2jqUenynRL"
-            + "MnYqvJ2t/BfI6hxGfRNb6BHbMHQn77RUiLUCRb6m3+GtS3PB0xYcs1RPLtSV3cOqE9MANwHOIYJu/0lBziDC3+lPyRWdeIEDnW3KWAergWDSFvVd3yE539GN"
-            + "u1l7LPhP7Y9GVIa5Xfn/Wvl4NJtwO+3X5VcQozTQ5gThqkmSogctXMY2cAPUDtLv5K2JM5p6DObWp4fisNxNyXHm2RKMMyFuT5QbbyC+Sx2z9cl/lkv3oMNI"
-            + "6qTBKdkkScuT4bfwP4UMfiHOcqrQ2ssufpbpQx7U0zMaQ6Pcn+C51ahnoFbhWc4jB/kXSB9AaVZHr76qAwgVRBSuxD6alwrEqlk1YX1XgIUazUc9b9BXMWOs"
-            + "ZOCclu+6lN3io3FnNgud+FW8xzJAcJRP+oZeCDDBQtQ+RGeIyLJxtHbwf+lCzNV+hbSbukdDHQV7CsxePFloz6N0l4okwGBR0NdJuFRb+QVJMqteSofsRrKP"
-            + "McLBviBzL96xh0nIX3zppzIfyp+ioA4wblgejDbfATTgwXZcc4JYB1pV7FDW8lMgpy3KxGk/Op0ZoY7P602QSQqjirBnYhhbHF/OeXuWo9deE6Ywsvj4DyIF"
-            + "nhK3C3oeaPxwO1YlXnsBRq7C+xlReYqa7TG70QBnDXKIT5U7WO/eJF/6ketV72paZOdjX++IgOgtDCZjqJMyrvAt3IW7ITqCAwTgansbbFHvB80pzSZdpvoy"
-            + "8j8TE65/NGihF9/EWjJjxMDAVcnaKqknDinI/sAK9MZP3E4rYW/XyHKLPaPT7OH8KCvZcspeaAodBga2vSPCbV4H1sHdY/hIAWyyyOCzGiCVha4sMbmXiwRF"
-            + "zzx6IuYalBRuNRH7f+RDbvKNXqDR/JPsUuTpbBgbSjwqFHGCEcgQNaX0CUlWcyyKqDz6iRr2mBmNceeyIBagR3rPAICLgG75Hl/R11Y3KksLjetrIFdhXPzD"
-            + "Gjhy1UVN7HCwMfWTFBTMsfZzpDa29TaMHQ9SC29E7dpcEeIPtK3MEAWGt9cEkHgaSdZHZjKHV+LyvzhzpFkwuOv6aHV1e3fz7ioJILj6BIq/JbeYwtXWvIj1"
-            + "WZeepvLX4jcaFvDdYT6XeT3EKHdbQg1ih1N+kd6BPIgjALEUc2wZPWaAModmUmEMk1YEQ4pLIGx3HlCwLIZrJQvv3A9F04YwbmCamdZXO8Tv87B7L4in2vnC"
-            + "fRpp4zrnxl91mzZE+i5FgJ5n0+EQpzt/n6MjjKaLF/nLlm6/Whheivx7WqPVDKO7+s52tiIc3Js1BCMaoDrlTsAfooc9R26TxEBwPYxu8oGdiq6M+Jz5DQCL"
-            + "zSvv6/ERPzFanm/Q9Wv+ImUcY49dXK3JpvXLXUReYCiSJfMo8veXgtUz47Kc2F7IAFk8v1beW2bwdIdu4+zRQgchBIxTJ2WhHFkxSKnyYVE0VrD8lVYQrWdT"
-            + "Xi7a36/LzYytGC0o23SP0c3dgYYLirf2uBBMtmWB3cGk/YMsItWl+Tz1O3faF4qkbiXPB+wKqlXypOY2vFufrezEORpga8Myf3scVPmWndigUYlE/pSLfpRN"
-            + "iw9HetBxVA6O+KJqARKpgAtliNqjb0ymBZ63tJwpRPXwMKCmdyUJPPyiGw5Azm2iin+IwTHWF6p/HAQOgH91zK5o6LNebYGXpCCADFu1iOFUexV3LUKlPbfU"
-            + "G/PGas8Gk83U2h/8oY/MjjaoKTF0Y0glEmcFKSGFrOPTdBhfiAvUsLoFxlrwK/3JRZpkKe4zXEMjYnw5aG4Ord+cF7xF+tN5DkCBQK4t3FyL40fJrttL3G/A"
-            + "Mix/q2cYEoDU8hxmLSazeeb5oQuCDYycUthnaYclyXiPWn6+nT/QdxTKb5TIOiVHYufyoOzFAfzbkLeQkwbVeYCmuLiQdRnNgdrtcl2fUnjLoAvsSxztc1zW"
-            + "oTZSHX3PpkYbUU7Jr/y9JLB06mL/aDBgN9LbLe54aZd6GNsP9q3cpvb/e8U1HMtM33a4bnGfBM1qFtMVGmzCzaXmUWQ9WwHOPNzZOjSPg4yvOMkdDpm3WHlh"
-            + "TjVl8C48gtINAUnt+Tm2qYHi5I2HMFP460Lubo71FIIqttKDB5xx2O2Qpmk/4y1gIdDQSYGCgXw2SScVI3dYI8xTTSA+22uNFlgFRL5DPjjE7cRdADGwWHV3"
-            + "2JmX3GiV/NyH/bXPdqwNpN3Jx06k/A0R9E5Pr6cLt5XTuMi/yyqTwvbakVbTIP2AzorRGVKjZjWBuckKJIF13mi3tjmR+auVNuWvNBRyEMERFYfz4BHqsIQ+"
-            + "j/hCEkE6CiXKwMQbKvdUGcHtVcNZUckHR4MnRCZ17XjFuWNtT8QC1ZUahNccr55qYzOHR3SFHsFYWUT0xFImxrwYk1o0+muPFaACoC9U3bMoz4wSOsSmAjYH"
-            + "i8OWt2gYPEhmEt53xG82ilq4MTPlwI40FR3kLW0f4LhFYs0KnRFBEmzZKmMU+qU4osZ4LFduzmAHAEBJ32nV6Cxh3E6QSFSPV99KYSE0XzyDzhDer9q5lC9F"
-            + "V5kYvS++zRwEm4s1yGPi+tUcjoTTk34PeGp8RR9j8+f5gVVHfwVkD51wOLag6rfGtpmQ/9Rmt3M9SzPMVIVPxWyTImJKFdZMh6kGrTTp5JICD9ANDeVMpZ3k"
-            + "aqVSKb9zr/YEZl3PkKRnvbpLrccdMN2EHyKDelml0Gp38moHuDz5voht0Ks2DpOPngiZgcmyvgNJfu8eRehfUGS2dBFa+7n/L4B7LkWWtjxKsaOz5ecR8abG"
-            + "/0C9b3EANVzcTHTZHhEfAPv62TXXZhc5+aV0sQqKJz01oF+yN0eWIPdnO0wpACNvikpvYlFnKPkjFKPvLewymEfOgLlDvH70f5qH/9UZ92NRzymwvf31zmvi"
-            + "Vff4aP/9Qsijxw4Au8397pTpWcspd2n5VwLdlXW0F19MjvRaqQ3jRS5NNFoIGzv60zFihSY7r7oVM56u6dyACWbJ2vN82XL/6IdnEMNYENpaGSAuqtJ3LfaK"
-            + "VD2ldyMIbJJkGC3g8R9uInjqfxJDCXmKFB7qAob7Ks3IkambOr/8SCxbRsFZLt+3AIVyP9jIoz2xvvC4U2T0c1i8pHpgnIdYosEvNqZlZfM2Lgqz3iAAUDBB"
-            + "4Kg58BXt6itXubuSlYRVSruBVRLzZLOM8m0Cq0lXpYN1qVlBW3bznhpyKCPVGQWJnVtWu61yfRDLe4/wYlWYZco4SUPR8AfcI/NSa9rH3iAL3n8qbJ4wZG7h"
-            + "By/yxmobqrdqHnhoZm0qAfkdu3QwhyzMfsYzWWIgzchJQtFaYBgtrhS18qEax6A4xWjb03P9i9f3xWGWKdbl7ZywztMcRqhTqLdOyhnOjwu4ye/scM/pASSB"
-            + "bvHbK07pjfsRFfrOhcnLiz+5SCNy3QGwSiCflJ7o26AiXTgNspJFl/e+IwtS/tkjMMHsbd60X/4gfUDS7Fshmg+md98eKLQrM2PRrL8LNJxdaa/9CjQr1aWr"
-            + "ixmFzimpkj75/21aIrVWgCIhbGrFvBPZIAVNF1SlX0Zy7SjjmKiP4xz/ptXG30hGStjNjjSBMhZ4hrgjYY9FMimBQsJIFXxJYtzTZF/UE4B4tz/eY1iPNmpT"
-            + "xIWAMsUOUoxxZqZwXV/H2Fdj3tjnAfsQwl3ekWg+KiqNd5p/LwfDO7zMgmmR5rKyAs+b/2XRq0aLFr2PK+rFryDxyURX6ywPKGgPzpbW356VhJkDJId7DFiK"
-            + "Z+RNU6eTJXyhG8WNfucf0bCHQ9Ec5RBZTJX3xYl4l5xaDwa7HYACbs/xY1zS4Su3ozRO5ZASESKKrCzjOShl0vmdjHJm2JSn663rRL/MkfDew+WLIEUBJi38"
-            + "/DxjdixbJ33za1Fu8+jdLeXqKFmBGsYUQOGa56WdVuW/VlfpcHrtGmtvPUCki07jwrEptdF0xPZZk1QzGoeh2B63CMQXl8EUf5Gu3k6X7uqOj6ulYT1ZVABF"
-            + "JEJXaunk+74zvZqKSdhfNeY4enLzhTrLvJdK8R8Tm0ns4iaaRkHLzDxGJEeuk3uKaXLlH/I12LS5ITLJyXRncA11GeVsiSvroyqpyJe4qBabyCXzdsFP2L/9"
-            + "mVRt/JqMeHy867uFDEtdhjYm9hbdq/Biagt56UAAoIiDiHLLhi7CG40OuHnDRqyiO3pc5ER15u0+KE9yE7hrHJEewLb+P4YN9vnUi1q8VekDhI7W/a8W1AFN"
-            + "VM8/WUJYqPLGmYx0CBNqKS2lcxg10WQAdp0iRRVSRS+AiEW/U5RU2Lo4+7KZIt1QgkdiF8uy/gk7Qh/Wjzd9+uabgkrW2Y/aq0gLHVfpXQYYxzUdWNOYl9Ha"
-            + "SSb3sQKf3hYbZQ/6jiZfNsSS1C6QI+I2iwBOLrDblXo2JcgYjek1ptc9SRj+qSB1PscVUgyiGveHGeV6krLPPqlQD9sChFpmVKwKHHLQxkq2F0O+C7ICB6Fg"
-            + "Xlj9g//X7olPy8dPEpe3wpQ7y+/eGeUSIBWoXHWFS6Hmy6P9vxeRjzE/dJRic1Pa0OArsNVzJJG7xQldnDnBlvwaA7bxWlfDxB3ACUKVFs8cRKJHOc1R75ja"
-            + "cPi+HpPXXOw3FeUH4DNKhVjGLq5oOpptKNMFMxY5JU9SSmwQGiqTbQp8yWk03G6Fkqnqx1ttNWRAUXkHwG5vcVgSeJoYBGE2pzG4GVOnzVvUkyfZslRhcGAz"
-            + "9OZPOX27QRIXxTazrWMmJbqBUpvs4+sckj1eeSGBUnH11KqDiPey81FoBVxQP/ByDlc2OVOdBz1hUPFpT0QhGS1Pu19ZtyHuJED/RcJsI8ln1o8vxKVo9Qy9"
-            + "HrTRCARwCCz9ptNaiqK7C8ZMb91KLm72OZyAjisxWxRMcEJBIRZXGp7j4gcIVxSAOeYFqwFYGAOzziSgkIq/kZTUcbCWTAZJZjIC0+LfOXQaPQZB9MRhL1ad"
-            + "vnPPhbMQRvcgEQQB+vCaMWZgD0jrzo1TGgzEYNajJQ5zaV5fOCFUDLzKsSLiuIBN2Iovy+Ji8feMROcdBDSKDgNpRyqR8MI4qlKIPod7mZxGnbhUTbENB9ye"
-            + "mRIjYv6A29ttafwcm+thFwI5oPMhvrAiLaQUxNLotKsqkbnXnqTSbPVG9ArduloNFrtIQG5rsishi+W7/VCh9rAAYNIMvd2PeGHvQeBzc483/qH6WJKY6f/1"
-            + "8bW9RujqwchaRmaQuDvwZopLEpnFHRQkypouPSbu4vR3e9ingIeh2ObIAi8E3WIJ8NAXlV8ODOwj8GFIKIeTNTnsDJtmHL8/GVZEZMckMb3L6Phpql8+b+Tf"
-            + "IXb0gK7MsWPMyc4O8PkkmskCzsOYxxiagDO7pWPRXtc+BbIi0NniAmRgtfrt5YftMCbPnrvUKEVr5RJaPJRrRrgNfZs28Co8JH+bNgm6vAGsYJHMFAx0IzTH"
-            + "oNBTHQmqKCRLtCBQQpyrZR5bwNQwxkorVj0BXigQPSzR46hJt2bxA74s4vbBRisXZR3B1jvYqyQw7Yo1wdJrEYyB7+x6SCzrS1KFSmnWk1N8hjCON4CD5Vzk"
-            + "UhQMGf3uaqFU/0KLdSQv9Mb99XnVSnKMhvpv3QOM1WxwKf5nvYGXJRaEQyY+Q24tm5lxaD030RrPhws3Z7/Ym7jpu/Q4Knd8XwVqF/jZUK5yyZXoHJGOam79"
-            + "801Z4mCkLosXRDe1Cua0IV6/KutyTc0Mdb85hkm3tNTxXuKU8fpAI0T/AYn+b3eVE2XQaT3z4qpHefn+72lG/OcI//52JuZY/hFfEbRTQXfrz1nENu2PpmzZ"
-            + "7A0uvaPbSHvmZhfl3dYLEK7ZJdM7+Iu+atGPVNYC/owwJ0kS42ld9HYIYlQ3QKURB23ZG0g7BHbwrJ+HEtK37Xe31fwqNVmuuq7YG4LglktI6U3PfrYcfKnl"
-            + "IY1AMS6dkvNwe98PXi+A2p61L5nem8/eZyrY0Wk+ubJZu2va7v0rCjzfJ9imqd4qvPmeL+9ePHw7Hb9FWKk3s44qqZ8EQY2Vu+ovX0M2Le/0xw4ku/gBZ+zU"
-            + "luJnFcDPn/We8iLpPkV8Vns9xMxKNk7xZNoZ3Sd7H0dIPO+iSJfE/L1+dw42pDsDv0orDNjIxH/LKPfrY+P1e5yAgiMWyZ1Z+RazexT35UDZevbbDBRE22dt"
-            + "Ee6G2WfPwdNLcb2c3zh9s0KDPqup7TCCXPIOCHZfbOQyuLMhv6/vZPtxwcYwyRDFbwMKUjxdyFtIAdqd/FFz19NuE6/w5XXgEeKvEer6Rm8HXPDgdfZTPBv7"
-            + "dzMAac1Wwsxsbla+eyJir8L7MJkpOMwFcErwXM382fFJrLLJG3uY3sActCmB2lzKjsi8Ix2W/ZRs853KsgjyzOo0VHat3qHQNjERmLamrpZL9FfXjP+nxsJu"
-            + "zw2CuFgsscbBfQNIi4nFOivSgFnXB77Oye7yZCycZkSBi3g8qN593S9MpBZNP5dCBEl3Wdl6LuZb4x5tYa7SXwH2PcrrMpfGqx7xEm/LdwJGd2bi2yQ+Ret8"
-            + "gc9PUOcYTkDw9cE0W0DWpr8p8K4uyHBg+3KHQezxp18NRBxKgZ1867rbDPhqTa28DoUHjhIFtRc1or+ScBgQr4B8z0ira2rFrrAk6z7lD2zh6GAtSA9/wNdt"
-            + "IxLl3oM7mu8yMauPwp84vfmtuK4/rTf8fHvHr/vcr2CaOoyqRKTwnilzUExy9GnqhWfblaCds/lfX8IE1grpeCdHXc4G++k958r0yYoV9fU2n3kALABzf0g3"
-            + "qWdfC0YGaeXDssWyM7P93XWr0UtKHtRgmrcIX9BNDIdmtFkV/NCJn3BdBcPG1KDL7Y+nmwaaJ4k71B/VRxhR50bJTbK5am1pg6NIT1BsvyqVf0PEUezMSRYy"
-            + "muFcFQ/DxUJF1MOtmI1U+MEguf1i2g7uswhF9GwBAmPQThpENRlqWA5TMnUbUjil1YK7t9ClN7g9uQE9X4TPO4YWEgaSXBZFOm3BKBF9dG5PPOkDxsWd3DxG"
-            + "nLtn0E2z3omOw3eKwcBb5CIPA7hneNulGRTmUXcdit0kOEQKU12r5M6IXERJFbbgVkT/2BSu9N3JtoT4m6cBnq/aRFcdEWtCKArxywit8SGdfKJJeE3Uz4r0"
-            + "DrPzEzt7lXha1/vHouPLzZFlHI1Yt/H2veKK6bSdNpx018KSeZpkEMxTej9AHxa+ogMTnPnwtAgqFldIdNhrYhs69jQNErGfXlrTAcgxujo11haPgsicEg0S"
-            + "BHOORBSI60uZOjIjMEzl4Dybnz1oLIHNwc52jru1Q39Hg6FQGiJz4SWuJtcpfZNTbv1H5N9RArqsQpKcq+IpJbMAYg+GaFWtKQcsRcVeIqk7SZ26CtEM22mT"
-            + "ePNsd9EEidZ4CjIqmA5yA4NYnJzmJ7JBDAYK+R4jefpTZ8mVlmhIPsH9X6hoV5ZyNu2gci8SdoE/8SwtEfKUpIBbz2RXQBsy+8ShfttPVU5o9/m7JWCvFAHR"
-            + "/F8/fi8ieWMVMv4sPOn4Q4G39zo96Vj5ku1jS8vYP/qml75vH2otR31i9tF3B60fNULtmkyeyVr/NPHs/g/absFK/Eu4PzrSMBy4zUt1TohUenxFknjF3yci"
-            + "l5cbb/d36ftB/2fXQzeNbz+KHMjN9o613928YDAL9FW1aMi9+BHCjzxotTCM+1VHbWzTbeddPuko0dBTJTpD3hNCrbQNY5PaMIsjWCdvM9OC8C8Utlm67z1K"
-            + "IUZjS2iqL2+7+J9t92tZW8LqaA0qevEJOnSZe+rscX6bktxpNxm2nPQKjtnRY3aC1fCn0wrDGRU8VmGRscrENgrEiWulFxFKbDDqMwrII+Z+u/ALf72v28Vo"
-            + "5P6lxc5yZrenJbE/x/PcNiE4Xj0r3w/ZERHGU/r1l6CHUgckSqyC7QTS9S3JNSYrT7MZ/Ls+MjCORDKmFKuFyBGwQ507tG0QltwPzX7GMI6PheCUWIK+HmRJ"
-            + "L8u4C5Q2pBeua5ZvCL1g3KrZXsyCYCWeTMrg2qe5IE4ME/gy6fuYguQVnyxlaw6AWrd0pMOjLUDSJ8g03g/x9sEht8vtMggUcXCvdY7D5Gagbrj9FELQyqvL"
-            + "f2weSF9mpfAip98nlDGtclaHte7/6l9I9kWzF/BKfVJ4cwl1Vq4CjfvaPAWepWVn4ayTh58LaSBoCySWmAJtgjjJG9dpcGzFseFw74RiSee98ohIRBDk7NvN"
-            + "os3Tum0IFSOU5a4cN8+IqrpSW5qGqFCabdjDn01NeA2DK6V19GaVqrBI7KRnsczMikL4ulVWccz+8ayZyTBu8+fHjfFHonDptaUWDT/LUx5YtkjJ156C4sk7"
-            + "qWpBDDPd2+DEbIkBVZlT2OdPsorDC5NSrM0pSDDN3Ae52AB4dwqPjVGcAB2bhi8Ql41wmN9BW9uVpJMjYsw72AtBg0G/9wpkNVgjGnyAx8f/82UrOt/CP+Lv"
-            + "2ooG6xLlLWQcGa8UpsQSpEM2zO93BedA2J2lYyjiMff6yb3jXXBRo/yFUlAg6MNKwgIO2X8CZlV7xUGew9kmV7KvlBf3ByM5S6YM+v2J6Uk3jy8/yJ5nJrnN"
-            + "2wRHkD2Z86rt/nzPuEWX5XBxu1kDrMDbvikx3OrWe2JoFztUU9Amf12daHXEf70ChgqaPM0y/DK1BSXCnhXHoV5K3G3G2kZvNcmsQe19q5MNZ0Q/JYkAzu+E"
-            + "9+rCIu+6aHU1DR/jxFdRDyEZAI9jVAWPXsUjfhjae7bpSNw2oonwUi76inp3nqyKfDsOzhVstqwesmO9gxsp4ZTT6SJhliK1ryLGofrEieQswnD5bw9X45IW"
-            + "ToVZLTlbFB5nr173PWw8B4Pisi1gZrYHj0ZmN8EMd3Lp4SoEGA8iemh6P3BMmgqoDb7RtNGUuUr+2pNiHeA10BBKUvwZdJcQaBj5MMSaffiiN8sYCxYAs0We"
-            + "l7cP8PH9vAZOE8722Xt71IFvYwwDQp3sBAcHudoFSAwSw6u4yN1styAmOjTjWKcKBFUmplYb7LdUAbCHQZLD46BauAh7n4M2Ng5mHHiBy20QYFu3ZaEOOZ5n"
-            + "8RzOOnOb3vdXIiS01zlw5RMyLGk8P8ifrBxY8n4ihnndQKXtXSIGR9r9520VSy/6srZY6p9qt3I+wBoTn4Ad3bvYnjJToHMGYu347tUlB98xImSuHO6MxBZf"
-            + "Rv6f+xxCNxXzsgoQOuizFP1PXpUI2EcoKVy0IQ6lT9CzrcOfr9809NTNQpbn8FmDVXOc4LT9ak4/DbOTIRR5m1Idn/NI6Kob2G5XAjSdHU5QQSbMAbwwiFnl"
-            + "o+AL6A18q5mLSuX6NH/+oUt1Dw/ZFWPAPOMfHxgRfBw4SmuWsTX9/mVGeSKuBk7h1WFuRWERrVDu6EcGDvlyPkRBpkSgIHoaZ9Kwd4mR2rorTIYebwehC9fK"
-            + "B7xOLnggQBlD2cggiuwcH7r+JPcMqQmjvxphud6pBqCPovrCAp2n6XMqOYKCSfu+pGkS/nEAG+bWemCHaz5c6c6ZJRoH3k3TjgD7H5h7YPSGuKFL7fbRv1T+"
-            + "wqWlGppSEpuqhNWSXGJUtNMwsMihM7AuQxX0y+dsuKy7lnMBH1mrE2NKivJc45knsM7lTDEnNtXJM07W1J3TN8phcYTpoeMbheH9YogQT8gnVcqbWOhYuGnA"
-            + "ZyqJlLklJCRV1Md3V8yxN25+kuFo8twqu/ehK/YclRoFbwSlWZ2CvzADfxrf7MAgq5bWL8U2a9HvCXCHZnKOR6zde/wkgw/VkmlGpqfQ7a3HkVLNJjTHxfpF"
-            + "NLfnh+hs0/CuEUnPMmH+F6/GAtSGm+YqAWR77xTCf6k9Rp3IR3dSyhtmzd0JHLAh1ZB9PM+XSd95Cp19fXgng260tldejHj9VqhyBELL+uK1EfTezP1soKdE"
-            + "IzIPThgwtFoQpkeoNN/t95fe4fURaMVWsrK9nUXy2Z7beCfPgARj3Ghzkb4E+we6OxseS2/ANbXW4KD4EBS5KIcY9rSLbpp2DTdNGUJKVpVdhizsYmOzkVIA"
-            + "mwJFQPFY6M+lS6YS6oSwgH1iP1JOio10h/mbDebUB+OykRocbbaRRHC4FuJW5yUFN7nr+c/grUHQFHuU3iIIOcX5xdfgURPqspX+eoynUUhOP/wPJC57WWNI"
-            + "DW/ZL6XjEtqN2pt47dwMCpOtb8ZA/WMx7O9aFgi7QUT5yZ4Tpo8quaQRnS9M9298n1xhajbf5RxJaBnIdRh4fa1N8v5x7AkJGXpWoe+8h4B7zYJt6rbI/Gl/"
-            + "cTtAaK6LN819I+nsRuLCoE09Krk+frGsj2lqSPADItcIYsAnmKIiBcls6joxaxn4yuz4WvRpxil5aVBxQ0Tb5Iy1QS97FGZhZgqf/VaqNOZZ9VP+hZAz/nI2"
-            + "xlrskE+qlRO0Tg/xUnRPdeIjTnO+dwWESkzpFS0krjJXtdDWo7vCAqij4DYFpzIHJqsMVPcCdzD75r1er6SJkhH4H2EuM85hZnDmibyNrkRGIAGE2/M9o3N6"
-            + "qvNYZ5RRitra1PRW5XSJkk9eXU42Q9k3rTOz25xK+Jutj+0Kz+iwZlM6E5xSINuOyP3dTxthDM9DLDWnbWpfhgNp9XHCoPH0mwUCkkFq3ZIMFJJsH38iv5WT"
-            + "acFIAoj15Bqt7bNA5tIsH7SmalDoA2GGDB7E2Ix3lwJyMwZ4EkQbyT2YpTrnAH4AxFsh5NlYc6TlcCN9aFt18hz8sJBztmVdyXY3efUq0Zxb3ePP7bS+HDPw"
-            + "uo1AbtBWo0CMr/c4TMlYqy9voceGTpiIXm+h7WeXulPwYPHTpZz8jyk19bSuAieteYIpriwMPTZbIuNqT6dXAgRmoJWu1ts6KkqMVp3Rxv++mB5VUNBIV5fD"
-            + "d6N/T5Y0wjli8pxuJEnDAYlJlaYhTgP8MORttwwXCe8N8mr9g/hwDdHreeni1+VaR7N/iVMO/etTyOuTEvgZOLIaSpXOUhpQG+MN3PxZ7vXyXCYmyNypDKb5"
-            + "kRghOKcub3wbm5WiVfkCGo7SkKPJP/Go35Ri+3C7uA97F0T9lB20a27y8dI335+wwNsifk5/KxlleSk6CvbdQS+c1Xl2KHZED3lnY+gNFlYD3NklGFxNt/C3"
-            + "6PawPkXGWoKpXzgVEr4DpEfHYG21RRPwkijbuHJuFNB9y/bF06JYxxASDDoG4UwD7N/PGqncqtSeIIzjMpNF7cSyldRipTjq65XawrgIGIHO8PotnXl+/BTc"
-            + "MO3dujRX5uQurXG97Kkke02s8Mow9eF20vY5NljV4yjQnLHkTsS1dCg7ayKFh0QcEwju+FLmMeW2cR/5dQ91Peo+WM2VhCDYI101JeOfDGBEynmbFFa96Fq+"
-            + "BXl/s0B8jee41tlzFLK5YZdUWKzrwvo/pBXB2yXtHYaAajKGBLVJxgIYXGjkGy+AslLo6SZlMu1+Up5VXZAf/X8vc7oLlbYODnKgnpmNmMDoDbee4PhsvkJu"
-            + "rllr9gSaS9tEJY5WhWCfXRAPBa869ZvrXxbufc3VtR9zeddV8W5PeTllot+bCAivwuU0cnu0Pz896QzjFi8uzVIDvCLSADJcpEfYgZ8TInIoAXpjfEEaYs0D"
-            + "Eq9ZcV/UqWIf+Pl9ZKfYxcXxzvKQK7DSnO6bmdgdzFSQgMwJb5NDsInHzFl8LlY2A5rbAmanpuhta5AJkiYex0QUjiixAV8w3t+euZsl3HCAye4252amxCy2"
-            + "pkbHX3BA+UGfqhxIRW3vy4qhP5UBOwmY768uMXEmN3nmmuTCY9mQGSa/GOFiHxtONC/mFWkyjImx1xlq2D8Xzlz7bopKN0bbHKx1is1aZQWPZN7Z+VzZXF66"
-            + "FdglVtkamRTt12cNon3DpIf3KUOqIBI2Rewrb5pJftGxBm18QvgRrhFNuxqm0Pb6iDXgdQb+uPK+db0O1VSmTQ+f3JVGJJcC/bAVEpUbIOLBhVV0Veq07OOo"
-            + "si7CVTLVT+uhatmMKlZIfcTPITrLkFu6GqCzVDQfnhTXFoFWq08TP6L1yu80vnyu99o3Ic4lBEMwXVBG+/3Gvw898YsX7dZyz8p6HFQBpxrwtx7A37GKYFAw"
-            + "Qq8nGDHnamCiHIlX6oeLhL7Q7THFYHUVh4mCahnXhLitV1r3tKI8n7QGj5Wysn5vZ9kBrVTrn2vV/6GaCkWAhA/KIU9xSUKp0XyZD7fFTMIIf0GlvQxJ3M8Y"
-            + "zvRhqVZbq9nFiBzPiajenrmSeJoyIfAcTPsb6w2oxZQn2T5o2/A6PrrgjeI7lmejugZ5PYrkzp/Ypvg+e3FWd78HyqK9QSJXz/l5C27adwcbfxou8FAhapPr"
-            + "KXl6WErBbfua0H372tK2yFXBC5ThrFme9evFJQZU8oDc37PUKL6ZimECpVZnL4txQnAbDKOK7tYSJLMgY168w6qDUtfQ2QGX5+dvWZlAUvOfc8mO7LOX4YVT"
-            + "PWhWA89yXE18m1P+u1oLtxMt1HZyJnpPf/LxABb9TDDn6JYrg+TH2yVl3X/rhZ2n9wvSqYYaD+mhJT4Sff9yB22qmHe2+m3oCWlT+1GP21AQnXMGwg45D55l"
-            + "04QOC6g/yExdQEu8fyGHjI90oJepux8Bbp3loW2ZNYfPVBftGm5J3aOewahJ8naMJB6ZwyLJqEKA9Fz6JIEKg/qlkNr+iWvcTmHuGbowbIeVTO2sfuwmDa4B"
-            + "ui4AhrAZHEkzneJsc7Bst2QHME0AdBPuRBJtci9rDWoqY89VFAH0QYfJPBrSyXE/tBRLugN8U5bOcEe9pmNSp3WG8OnkNo4/0cYIn6ru5wTfnj9btTSAlmfM"
-            + "nLNfiGzHXnCPdTAZFHayfsAu/8VAoDs5d9zdmIUrBchEgGiH9avSJsAz2WdD//45uhlHLQvb3KuaNIetVjYre0zO8SbtUq6sL0j3ypKXCsSpU7UK+hsRVjtR"
-            + "tisg0sGrIhvaU57mRyhssc1yRtT7U41nXaie6k2zZp/COjZwlX3du40kJ06b19qItdzNuPbEZ0sCZ2j8FC2WBV3gAODDxqdTqfZWAo4JSJWRisVWsX7tUz/u"
-            + "mlJt04XDDTCAtnFTd+jEaaJjfH+GrMrtOhKY2YjVSSf7IEjPOnRQc4hKBiWIIQTUkjL637PazuEN4UaKUWWXs5cGndGxo7ySqmgc1a0OZP3pOv5g75Ndfyau"
-            + "4m7PBAdd1tADqEfVXqIBT8LhPF4G4ulYt6A4af6mUHo3jiwpYs+StfLgOMOhPaWpmN6wMNe1PSEA9xVyNZnvBSdmUZXe8B/HUVgTnmHbSZMiwDANerh1IqOW"
-            + "0DWcMpOxnYBuaYW4sBX9ABsvE6wJaWq62lAVV18sO52Is1dwypkN0uYjoIPF1ORMfgn4Hryh4RwoA961xw7TORiWD/isMfsQCaFoH8nw0r/0To+qbnPie+OF"
-            + "xSZJB4oBT+8Ttme7PVF30T3iAVGTkzsuEw2Zegg+1KfdkebMNKJcvYJNweY5PV1hJ2Y7fIxhVjs/8iOeYfwfIv1E/CqeKHYHjDiJh6+Pl4kkSR8swcNVPKU2"
-            + "PU/r/oAqHE627VAMPtxI47SaefRGA0/BIq9U9GDstl52b6ygRjOrOLQ478zIfPFbH+rwYkuhndKEISI1lwPTHKhX64zj8/3qFhhFT5vnSrtL9UUKXFhXRZ5C"
-            + "6RjX3qN+rurJgfTWxRgyTk8tmOWriWzxV6oOdBJE/1oSILV/HMCAcvgWkBALpYSRN7S+F9SdeMuX7movDJF6MMdP6git+Rc0P1+J2fk3/vkmHMu9HnWk1ThG"
-            + "V3EVxfrzPBHG6q7+uCJHWM15mJm1/liooY8DxegXtSIseXu9dee1K8Z0zojbxUv9KPaC45/smGXjJNwsku1Nez9nYQIQDXDHmLFDq1gsDq2L9v2B6jwnBoi6"
-            + "TZXDIdWsL07g7h8Q41QDtfKZt2rBrPbHL51U8783EqPtKi5VChwgu3IUkDHk5AyPEJpdooCJ0vCMoKLocfQhXRdXQ7tXxG0thDReCXyzC/T3tT2Ok8I1Bs5W"
-            + "2GbD8rGX/mEpOlQXFcqmXrQ0yqwk0KuTfyZCR1C8oFtvHCg/BpbmJV2z7mwLADzrSwhJ6Jdysj5k1iIDgH09lFcw5RxaMxVb+I2ijmPnUe+NUKPHHjmbUVNI"
-            + "1rXPKh2rKpuwkb/k0cwO8ZAp2yb4ISUnsvuuZYcJIEJm7sUstQPqT6VPPQdlJzhMYo7CPUAX6e0achKRz+RQt+XpTEyexkWuHnAyqlNTl3KhMrsdva7O4YR/"
-            + "lCEY3hdob0w/862wPUlBhcMKDiDObwosn/1Lc6Ga+s/t2Gg5QMvlrAF2WmE/TmQeZssIzzqzz0mIkoIsjhV8yn04hobiAglYtLS0rEcy9DXQ7CjG3mQU+flF"
-            + "FQ6tFfHR+UNo5RNqdSrFUFm3d47WaQcqX2H6fNbv9cER/P4tLvNPvACMcCLSUNE7BzvXzMEDUEjgZFD33hnq1xTytozJFgRAPWg1Ci+E+3vF9NMNAhQ4fwTX"
-            + "2pWbxng9vi26koFAJXrJaKSCnFhIEf5W7dPGsyyVoClw+DZJMSj7ZT5K4VPlPs7aRSEMXALZKr6zTBRHjGaUHGWCUS928p1FrDb39FoPiAX4iREsfL85s95A"
-            + "krTGOKQVsQV7kcyDCz6LM92LTvjOmQEDin+4Ub2p8ADx6Pwpi6QelsGgboZK1k/X31hFPJIyFKjsSrnEs9NnQxfhSuK/SiwUrrDuOvk9nuSg4LugOGdbXQRw"
-            + "fk9TleqJpYxhy69coNsUGw9c5LLe+OPFBQ9AzpY0HIA31SU/4RLhZiZsreXIVLXxosAZYQWfM+B0RU9mZLbblh8TFmOh1oOs6pCG33BjGMuw0pXv0sOO3/sU"
-            + "KJwMrerCaHzppWdqSvOJ9UHyQ5BCdoUMW42ORYyOab8Q1VsaCxl8QabLQCYt7YK4DxI=");
-
-    public void setUp()
-    {
-        if (Security.getProvider(BouncyCastlePQCProvider.PROVIDER_NAME) == null)
-        {
-            Security.addProvider(new BouncyCastlePQCProvider());
-        }
-    }
-
-    public void testSphincsDefaultKeyGen()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("SPHINCS256", "BCPQC");
-
-        kpg.initialize(new SPHINCS256KeyGenParameterSpec(), new RiggedRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        SPHINCSKey pub = (SPHINCSKey)kp.getPublic();
-
-        assertTrue(Arrays.areEqual(expSha2Pub, pub.getKeyData()));
-
-        SPHINCSKey priv = (SPHINCSKey)kp.getPrivate();
-
-        assertTrue(Arrays.areEqual(expSha2Priv, priv.getKeyData()));
-
-        KeyFactory keyFact = KeyFactory.getInstance("SPHINCS256", "BCPQC");
-
-        SPHINCSKey pub2 = (SPHINCSKey)keyFact.generatePublic(new X509EncodedKeySpec(pub.getEncoded()));
-
-        assertTrue(Arrays.areEqual(expSha2Pub, pub2.getKeyData()));
-
-        SPHINCSKey priv2 = (SPHINCSKey)keyFact.generatePrivate(new PKCS8EncodedKeySpec(priv.getEncoded()));
-
-        assertTrue(Arrays.areEqual(expSha2Priv, priv2.getKeyData()));
-    }
-
-    public void testPrivateKeyRecovery()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("SPHINCS256", "BCPQC");
-
-        kpg.initialize(new SPHINCS256KeyGenParameterSpec(), new RiggedRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        KeyFactory kFact = KeyFactory.getInstance("SPHINCS256", "BCPQC");
-
-        SPHINCSKey privKey = (SPHINCSKey)kFact.generatePrivate(new PKCS8EncodedKeySpec(kp.getPrivate().getEncoded()));
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        ObjectOutputStream oOut = new ObjectOutputStream(bOut);
-
-        oOut.writeObject(privKey);
-
-        oOut.close();
-
-        ObjectInputStream oIn = new ObjectInputStream(new ByteArrayInputStream(bOut.toByteArray()));
-
-        SPHINCSKey privKey2 = (SPHINCSKey)oIn.readObject();
-
-        assertEquals(privKey, privKey2);
-    }
-
-    public void testPublicKeyRecovery()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("SPHINCS256", "BCPQC");
-
-        kpg.initialize(new SPHINCS256KeyGenParameterSpec(), new RiggedRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        KeyFactory kFact = KeyFactory.getInstance("SPHINCS256", "BCPQC");
-
-        SPHINCSKey pubKey = (SPHINCSKey)kFact.generatePublic(new X509EncodedKeySpec(kp.getPublic().getEncoded()));
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        ObjectOutputStream oOut = new ObjectOutputStream(bOut);
-
-        oOut.writeObject(pubKey);
-
-        oOut.close();
-
-        ObjectInputStream oIn = new ObjectInputStream(new ByteArrayInputStream(bOut.toByteArray()));
-
-        SPHINCSKey pubKey2 = (SPHINCSKey)oIn.readObject();
-
-        assertEquals(pubKey, pubKey2);
-    }
-
-    public void testSphincsDefaultSha2KeyGen()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("SPHINCS256", "BCPQC");
-
-        kpg.initialize(new SPHINCS256KeyGenParameterSpec(SPHINCS256KeyGenParameterSpec.SHA512_256), new RiggedRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        SPHINCSKey pub = (SPHINCSKey)kp.getPublic();
-
-        assertTrue(Arrays.areEqual(expSha2Pub, pub.getKeyData()));
-
-        SPHINCSKey priv = (SPHINCSKey)kp.getPrivate();
-
-        assertTrue(Arrays.areEqual(expSha2Priv, priv.getKeyData()));
-
-        KeyFactory keyFact = KeyFactory.getInstance("SPHINCS256", "BCPQC");
-
-        SPHINCSKey pub2 = (SPHINCSKey)keyFact.generatePublic(new X509EncodedKeySpec(pub.getEncoded()));
-
-        assertTrue(Arrays.areEqual(expSha2Pub, pub2.getKeyData()));
-
-        SubjectPublicKeyInfo pkInfo = SubjectPublicKeyInfo.getInstance(pub2.getEncoded());
-
-        assertEquals(new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512_256), SPHINCS256KeyParams.getInstance(pkInfo.getAlgorithm().getParameters()).getTreeDigest());
-
-        SPHINCSKey priv2 = (SPHINCSKey)keyFact.generatePrivate(new PKCS8EncodedKeySpec(priv.getEncoded()));
-
-        assertTrue(Arrays.areEqual(expSha2Priv, priv2.getKeyData()));
-    }
-
-    public void testSphincsDefaultSha3KeyGen()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("SPHINCS256", "BCPQC");
-
-        kpg.initialize(new SPHINCS256KeyGenParameterSpec(SPHINCS256KeyGenParameterSpec.SHA3_256), new RiggedRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        SPHINCSKey pub = (SPHINCSKey)kp.getPublic();
-
-        assertTrue(Arrays.areEqual(expSha3Pub, pub.getKeyData()));
-
-        SPHINCSKey priv = (SPHINCSKey)kp.getPrivate();
-
-        assertTrue(Arrays.areEqual(expSha3Priv, priv.getKeyData()));
-
-        KeyFactory keyFact = KeyFactory.getInstance("SPHINCS256", "BCPQC");
-
-        SPHINCSKey pub2 = (SPHINCSKey)keyFact.generatePublic(new X509EncodedKeySpec(pub.getEncoded()));
-
-        assertTrue(Arrays.areEqual(expSha3Pub, pub2.getKeyData()));
-
-        SubjectPublicKeyInfo pkInfo = SubjectPublicKeyInfo.getInstance(pub2.getEncoded());
-
-        assertEquals(new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha3_256), SPHINCS256KeyParams.getInstance(pkInfo.getAlgorithm().getParameters()).getTreeDigest());
-
-        SPHINCSKey priv2 = (SPHINCSKey)keyFact.generatePrivate(new PKCS8EncodedKeySpec(priv.getEncoded()));
-
-        assertTrue(Arrays.areEqual(expSha3Priv, priv2.getKeyData()));
-    }
-
-    public void testSphincsSha2Signature()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("SPHINCS256", "BCPQC");
-
-        kpg.initialize(new SPHINCS256KeyGenParameterSpec(SPHINCS256KeyGenParameterSpec.SHA512_256), new RiggedRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        Signature sig = Signature.getInstance("SHA512withSPHINCS256", "BCPQC");
-
-        sig.initSign(kp.getPrivate());
-
-        sig.update(msg, 0, msg.length);
-
-        byte[] s = sig.sign();
-
-        assertTrue(Arrays.areEqual(expSha2Sig, s));
-    }
-
-    public void testSphincsSha3Signature()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("SPHINCS256", "BCPQC");
-
-        kpg.initialize(new SPHINCS256KeyGenParameterSpec(SPHINCS256KeyGenParameterSpec.SHA3_256), new RiggedRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        Signature sig = Signature.getInstance("SHA3-512withSPHINCS256", "BCPQC");
-
-        sig.initSign(kp.getPrivate());
-
-        sig.update(msg, 0, msg.length);
-
-        byte[] s = sig.sign();
-
-        assertTrue(Arrays.areEqual(expSha3Sig, s));
-    }
-
-    public void testSphincsRandomSigSHA3()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("SPHINCS256", "BCPQC");
-
-        kpg.initialize(new SPHINCS256KeyGenParameterSpec(SPHINCS256KeyGenParameterSpec.SHA3_256), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        Signature sig = Signature.getInstance("SHA3-512withSPHINCS256", "BCPQC");
-
-        // random should be ignored...
-        sig.initSign(kp.getPrivate(), new SecureRandom());
-
-        sig.update(msg, 0, msg.length);
-
-        byte[] s = sig.sign();
-
-        sig = Signature.getInstance("SHA3-512withSPHINCS256", "BCPQC");
-
-        sig.initVerify(kp.getPublic());
-
-        sig.update(msg, 0, msg.length);
-
-        assertTrue(sig.verify(s));
-
-        sig = Signature.getInstance("SHA512withSPHINCS256", "BCPQC");
-        try
-        {
-            sig.initVerify(kp.getPublic());
-            fail("no message");
-        }
-        catch (InvalidKeyException e)
-        {
-            assertEquals("SPHINCS-256 signature for tree digest: 2.16.840.1.101.3.4.2.8", e.getMessage());
-        }
-
-        try
-        {
-            sig.initSign(kp.getPrivate());
-            fail("no message");
-        }
-        catch (InvalidKeyException e)
-        {
-            assertEquals("SPHINCS-256 signature for tree digest: 2.16.840.1.101.3.4.2.8", e.getMessage());
-        }
-    }
-
-    public void testSphincsRandomSigSHA2()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("SPHINCS256", "BCPQC");
-
-        kpg.initialize(new SPHINCS256KeyGenParameterSpec(SPHINCS256KeyGenParameterSpec.SHA512_256), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        Signature sig = Signature.getInstance("SHA512withSPHINCS256", "BCPQC");
-
-        // random should be ignored...
-        sig.initSign(kp.getPrivate(), new SecureRandom());
-
-        sig.update(msg, 0, msg.length);
-
-        byte[] s = sig.sign();
-
-        sig = Signature.getInstance("SHA512withSPHINCS256", "BCPQC");
-
-        sig.initVerify(kp.getPublic());
-
-        sig.update(msg, 0, msg.length);
-
-        assertTrue(sig.verify(s));
-
-        sig = Signature.getInstance("SHA3-512withSPHINCS256", "BCPQC");
-        try
-        {
-            sig.initVerify(kp.getPublic());
-            fail("no message");
-        }
-        catch (InvalidKeyException e)
-        {
-            assertEquals("SPHINCS-256 signature for tree digest: 2.16.840.1.101.3.4.2.6", e.getMessage());
-        }
-
-        try
-        {
-            sig.initSign(kp.getPrivate());
-            fail("no message");
-        }
-        catch (InvalidKeyException e)
-        {
-            assertEquals("SPHINCS-256 signature for tree digest: 2.16.840.1.101.3.4.2.6", e.getMessage());
-        }
-    }
-
-    private static class RiggedRandom
-        extends SecureRandom
-    {
-        public void nextBytes(byte[] bytes)
-        {
-            for (int i = 0; i != bytes.length; i++)
-            {
-                bytes[i] = (byte)(i & 0xff);
-            }
-        }
-    }
-}
-

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/XMSSMTTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/XMSSMTTest.java
deleted file mode 100644
index eec4c90..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/XMSSMTTest.java
+++ /dev/null

@@ -1,627 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.Signature;
-import java.security.SignatureException;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-
-import junit.framework.TestCase;
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.bc.BCObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Xof;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.digests.SHAKEDigest;
-import org.bouncycastle.pqc.jcajce.interfaces.StateAwareSignature;
-import org.bouncycastle.pqc.jcajce.interfaces.XMSSMTKey;
-import org.bouncycastle.pqc.jcajce.interfaces.XMSSMTPrivateKey;
-import org.bouncycastle.pqc.jcajce.provider.BouncyCastlePQCProvider;
-import org.bouncycastle.pqc.jcajce.spec.XMSSMTParameterSpec;
-import org.bouncycastle.pqc.jcajce.spec.XMSSParameterSpec;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Base64;
-
-/**
- * Test cases for the use of XMSS^MT with the BCPQC provider.
- */
-public class XMSSMTTest
-    extends TestCase
-{
-    private static final byte[] msg = Strings.toByteArray("Cthulhu Fthagn --What a wonderful phrase!Cthulhu Fthagn --Say it and you're crazed!");
-
-    private static byte[] testPrivKey = Base64.decode(
-        "MIIHuAIBADAkBgorBgEEAYGwGgIDMBYCAQACAQoCAQIwCwYJYIZIAWUDBAIBBIIHizCCB4cCAQAwgYsCAQAEILF57l4FB6N/vvGoIQ" +
-            "TjZ5gaZRgFQUPBjH7y6mfZgdvaBCBvDUjbkmb9GoHYbyKHxGlJ/dmHAkXahPNNfRR9AZCOlwQgBfd9vy9CNN4k4NIYjRvtz7QgMjjb" +
-            "kt5WAdQej5KzNM0EIPTPrmKVwjXe4F8QlmZOUZP28jDG/ZJpxR5712m2e4ywoIIG8gSCBu6s7QAFc3IALG9yZy5ib3VuY3ljYXN0bG" +
-            "UucHFjLmNyeXB0by54bXNzLkJEU1N0YXRlTWFwz+vLa6D+CbwCAAFMAAhiZHNTdGF0ZXQAD0xqYXZhL3V0aWwvTWFwO3hwc3IAEWph" +
-            "dmEudXRpbC5UcmVlTWFwDMH2Pi0lauYDAAFMAApjb21wYXJhdG9ydAAWTGphdmEvdXRpbC9Db21wYXJhdG9yO3hwcHcEAAAAAXNyAB" +
-            "FqYXZhLmxhbmcuSW50ZWdlchLioKT3gYc4AgABSQAFdmFsdWV4cgAQamF2YS5sYW5nLk51bWJlcoaslR0LlOCLAgAAeHAAAAABc3IA" +
-            "JG9yZy5ib3VuY3ljYXN0bGUucHFjLmNyeXB0by54bXNzLkJEUwAAAAAAAAABAgAKSQAFaW5kZXhJAAFrSQAKdHJlZUhlaWdodFoABH" +
-            "VzZWRMABJhdXRoZW50aWNhdGlvblBhdGh0ABBMamF2YS91dGlsL0xpc3Q7TAAEa2VlcHEAfgABTAAGcmV0YWlucQB+AAFMAARyb290" +
-            "dAArTG9yZy9ib3VuY3ljYXN0bGUvcHFjL2NyeXB0by94bXNzL1hNU1NOb2RlO0wABXN0YWNrdAARTGphdmEvdXRpbC9TdGFjaztMAB" +
-            "F0cmVlSGFzaEluc3RhbmNlc3EAfgAKeHAAAAAAAAAAAwAAAAUAc3IAE2phdmEudXRpbC5BcnJheUxpc3R4gdIdmcdhnQMAAUkABHNp" +
-            "emV4cAAAAAV3BAAAAAVzcgApb3JnLmJvdW5jeWNhc3RsZS5wcWMuY3J5cHRvLnhtc3MuWE1TU05vZGUAAAAAAAAAAQIAAkkABmhlaW" +
-            "dodFsABXZhbHVldAACW0J4cAAAAAB1cgACW0Ks8xf4BghU4AIAAHhwAAAAIKblKPny5XBcLTom61U/VvUCJ+/xEX/qJaRXitEAu89F" +
-            "c3EAfgAQAAAAAXVxAH4AEwAAACDLWNO9lh3R8LdD5dVoQ5r85BH+XbLY3a/Bbf2ABa7AEXNxAH4AEAAAAAJ1cQB+ABMAAAAgv7gBYE" +
-            "q+h3U9GsU5dqmQp/p2ap7tr5wv6X8mYVgNJPhzcQB+ABAAAAADdXEAfgATAAAAIDLtl68/OsguE7QTZ2UzFfcjGv3fGoiBomQNlyEs" +
-            "VWT1c3EAfgAQAAAABHVxAH4AEwAAACC2CKhUAp92/hJwuyEIJXxBcHsTg/vgBg3FfHaFJh85cXhzcQB+AANwdwQAAAAAeHNxAH4AA3" +
-            "B3BAAAAAJzcQB+AAYAAAACc3IAFGphdmEudXRpbC5MaW5rZWRMaXN0DClTXUpgiCIDAAB4cHcEAAAAA3NxAH4AEAAAAAJ1cQB+ABMA" +
-            "AAAgl/DnFFIHZ6u8yNQSOIh47zRoRZLfkj8/CzUHM54wKQtzcQB+ABAAAAACdXEAfgATAAAAIPx12RSLQNhXo5DWenzn18i5c11MQ8" +
-            "E21a3fKBI1c1xTc3EAfgAQAAAAAnVxAH4AEwAAACAUw9Wnqw/IS+TLVVj5zAOe0lMvf+x3x61nHfjYAXY5BnhzcQB+AAYAAAADc3EA" +
-            "fgAgdwQAAAABc3EAfgAQAAAAA3VxAH4AEwAAACC4x1ONSAJrJ0+2gqZxhi6MJ7jY69JS2b425N3ZUAwiKnh4c3EAfgAQAAAABXVxAH" +
-            "4AEwAAACD0z65ilcI13uBfEJZmTlGT9vIwxv2SacUee9dptnuMsHNyAA9qYXZhLnV0aWwuU3RhY2sQ/irCuwmGHQIAAHhyABBqYXZh" +
-            "LnV0aWwuVmVjdG9y2Zd9W4A7rwEDAANJABFjYXBhY2l0eUluY3JlbWVudEkADGVsZW1lbnRDb3VudFsAC2VsZW1lbnREYXRhdAATW0" +
-            "xqYXZhL2xhbmcvT2JqZWN0O3hwAAAAAAAAAAB1cgATW0xqYXZhLmxhbmcuT2JqZWN0O5DOWJ8QcylsAgAAeHAAAAAKcHBwcHBwcHBw" +
-            "cHhzcQB+AA4AAAACdwQAAAACc3IALG9yZy5ib3VuY3ljYXN0bGUucHFjLmNyeXB0by54bXNzLkJEU1RyZWVIYXNoAAAAAAAAAAECAA" +
-            "ZaAAhmaW5pc2hlZEkABmhlaWdodEkADWluaXRpYWxIZWlnaHRaAAtpbml0aWFsaXplZEkACW5leHRJbmRleEwACHRhaWxOb2RlcQB+" +
-            "AAt4cAEAAAAAAAAAAAAAAAAAc3EAfgAQAAAAAHVxAH4AEwAAACBIFJAzhXYHQfeDbwNePGtSxwbQECJRTd1ut5zN8RA3yXNxAH4ANQ" +
-            "EAAAABAAAAAQAAAAAAc3EAfgAQAAAAAXVxAH4AEwAAACCugtHVqJDME59RRNQ0b2Podg5KdFxCIEOqJbBvwDzxCXh4");
-
-    private static byte[] testPublicKey = Base64.decode(
-        "MHIwJAYKKwYBBAGBsBoCAzAWAgEAAgEEAgECMAsGCWCGSAFlAwQCCwNKADBHAgEABCDIZh5Q96JIc0h+AmYHd3UP1ldE5buCIeHXsN" +
-            "xBgGEtbAQgxENVtn9cR2bPbe3IZcmy6JmI6fvHt5yMkJ1lgQZFw6A=");
-
-    public void setUp()
-    {
-        if (Security.getProvider(BouncyCastlePQCProvider.PROVIDER_NAME) == null)
-        {
-            Security.addProvider(new BouncyCastlePQCProvider());
-        }
-    }
-
-    public void testPrivateKeyRecovery()
-        throws Exception
-    {
-        KeyFactory kFact = KeyFactory.getInstance("XMSSMT", "BCPQC");
-
-        XMSSMTKey privKey = (XMSSMTKey)kFact.generatePrivate(new PKCS8EncodedKeySpec(testPrivKey));
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        ObjectOutputStream oOut = new ObjectOutputStream(bOut);
-
-        oOut.writeObject(privKey);
-
-        oOut.close();
-
-        ObjectInputStream oIn = new ObjectInputStream(new ByteArrayInputStream(bOut.toByteArray()));
-
-        XMSSMTKey privKey2 = (XMSSMTKey)oIn.readObject();
-
-        assertEquals(privKey, privKey2);
-    }
-
-    public void testPublicKeyRecovery()
-        throws Exception
-    {
-        KeyFactory kFact = KeyFactory.getInstance("XMSSMT", "BCPQC");
-
-        XMSSMTKey pubKey = (XMSSMTKey)kFact.generatePublic(new X509EncodedKeySpec(testPublicKey));
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        ObjectOutputStream oOut = new ObjectOutputStream(bOut);
-
-        oOut.writeObject(pubKey);
-
-        oOut.close();
-
-        ObjectInputStream oIn = new ObjectInputStream(new ByteArrayInputStream(bOut.toByteArray()));
-
-        XMSSMTKey pubKey2 = (XMSSMTKey)oIn.readObject();
-
-        assertEquals(pubKey, pubKey2);
-    }
-
-    public void testKeyExtraction()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSSMT", "BCPQC");
-
-        kpg.initialize(new XMSSMTParameterSpec(20, 10, XMSSMTParameterSpec.SHA256), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        Signature sig = Signature.getInstance("SHA256withXMSSMT-SHA256", "BCPQC");
-
-        assertTrue(sig instanceof StateAwareSignature);
-
-        StateAwareSignature xmssSig = (StateAwareSignature)sig;
-
-        xmssSig.initSign(kp.getPrivate());
-
-        assertTrue(xmssSig.isSigningCapable());
-
-        xmssSig.update(msg, 0, msg.length);
-
-        byte[] s = sig.sign();
-
-        PrivateKey nKey = xmssSig.getUpdatedPrivateKey();
-
-        assertFalse(kp.getPrivate().equals(nKey));
-        assertFalse(xmssSig.isSigningCapable());
-
-        xmssSig.update(msg, 0, msg.length);
-
-        try
-        {
-            sig.sign();
-            fail("no exception after key extraction");
-        }
-        catch (SignatureException e)
-        {
-            assertEquals("signing key no longer usable", e.getMessage());
-        }
-
-        try
-        {
-            xmssSig.getUpdatedPrivateKey();
-            fail("no exception after key extraction");
-        }
-        catch (IllegalStateException e)
-        {
-            assertEquals("signature object not in a signing state", e.getMessage());
-        }
-
-        xmssSig.initSign(nKey);
-
-        xmssSig.update(msg, 0, msg.length);
-
-        s = sig.sign();
-
-        xmssSig.initVerify(kp.getPublic());
-
-        xmssSig.update(msg, 0, msg.length);
-
-        assertTrue(xmssSig.verify(s));
-    }
-
-    public void testXMSSMTSha256SignatureMultiple()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSSMT", "BCPQC");
-
-        kpg.initialize(new XMSSMTParameterSpec(20, 10, XMSSMTParameterSpec.SHA256), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        StateAwareSignature sig1 = (StateAwareSignature)Signature.getInstance("SHA256withXMSSMT-SHA256", "BCPQC");
-
-        StateAwareSignature sig2 = (StateAwareSignature)Signature.getInstance("SHA256withXMSSMT-SHA256", "BCPQC");
-
-        StateAwareSignature sig3 = (StateAwareSignature)Signature.getInstance("SHA256withXMSSMT-SHA256", "BCPQC");
-
-        sig1.initSign(kp.getPrivate());
-
-        sig2.initSign(sig1.getUpdatedPrivateKey());
-
-        sig3.initSign(sig2.getUpdatedPrivateKey());
-
-        sig1.update(msg, 0, msg.length);
-
-        byte[] s1 = sig1.sign();
-
-        sig2.update(msg, 0, msg.length);
-
-        byte[] s2 = sig2.sign();
-
-        sig3.update(msg, 0, msg.length);
-
-        byte[] s3 = sig3.sign();
-
-        sig1.initVerify(kp.getPublic());
-
-        sig1.update(msg, 0, msg.length);
-
-        assertTrue(sig1.verify(s1));
-
-        sig1.update(msg, 0, msg.length);
-
-        assertTrue(sig1.verify(s2));
-
-        sig1.update(msg, 0, msg.length);
-
-        assertTrue(sig1.verify(s3));
-    }
-
-    public void testXMSSMTSha512KeyFactory()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSSMT", "BCPQC");
-
-        kpg.initialize(new XMSSMTParameterSpec(20, 10, XMSSMTParameterSpec.SHA512), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        KeyFactory keyFactory = KeyFactory.getInstance("XMSSMT", "BCPQC");
-
-        XMSSMTKey privKey = (XMSSMTKey)keyFactory.generatePrivate(new PKCS8EncodedKeySpec(kp.getPrivate().getEncoded()));
-
-        assertEquals(kp.getPrivate(), privKey);
-
-        XMSSMTKey pubKey = (XMSSMTKey)keyFactory.generatePublic(new X509EncodedKeySpec(kp.getPublic().getEncoded()));
-
-        assertEquals(kp.getPublic(), pubKey);
-
-        assertEquals(20, privKey.getHeight());
-        assertEquals(10, privKey.getLayers());
-        assertEquals(XMSSParameterSpec.SHA512, privKey.getTreeDigest());
-
-        assertEquals(20, pubKey.getHeight());
-        assertEquals(10, pubKey.getLayers());
-        assertEquals(XMSSParameterSpec.SHA512, pubKey.getTreeDigest());
-    }
-
-    public void testXMSSMTSha256Signature()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSSMT", "BCPQC");
-
-        kpg.initialize(new XMSSMTParameterSpec(10, 5, XMSSMTParameterSpec.SHA256), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        Signature sig = Signature.getInstance("SHA256withXMSSMT", "BCPQC");
-
-        assertTrue(sig instanceof StateAwareSignature);
-
-        StateAwareSignature xmssSig = (StateAwareSignature)sig;
-
-        xmssSig.initSign(kp.getPrivate());
-
-        xmssSig.update(msg, 0, msg.length);
-
-        byte[] s = sig.sign();
-
-        xmssSig.initVerify(kp.getPublic());
-
-        xmssSig.update(msg, 0, msg.length);
-
-        assertTrue(xmssSig.verify(s));
-    }
-
-    public void testXMSSMTSha512Signature()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSSMT", "BCPQC");
-
-        kpg.initialize(new XMSSMTParameterSpec(10, 5, XMSSMTParameterSpec.SHA512), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        Signature sig = Signature.getInstance("SHA256withXMSSMT", "BCPQC");
-
-        assertTrue(sig instanceof StateAwareSignature);
-
-        StateAwareSignature xmssSig = (StateAwareSignature)sig;
-
-        xmssSig.initSign(kp.getPrivate());
-
-        xmssSig.update(msg, 0, msg.length);
-
-        byte[] s = sig.sign();
-
-        xmssSig.initVerify(kp.getPublic());
-
-        xmssSig.update(msg, 0, msg.length);
-
-        assertTrue(xmssSig.verify(s));
-    }
-
-    public void testXMSSMTShake128Signature()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSSMT", "BCPQC");
-
-        kpg.initialize(new XMSSMTParameterSpec(4, 2, XMSSMTParameterSpec.SHAKE128), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        Signature sig = Signature.getInstance("SHAKE128withXMSSMT-SHAKE128", "BCPQC");
-
-        assertTrue(sig instanceof StateAwareSignature);
-
-        StateAwareSignature xmssSig = (StateAwareSignature)sig;
-
-        xmssSig.initSign(kp.getPrivate());
-
-        xmssSig.update(msg, 0, msg.length);
-
-        byte[] s = sig.sign();
-
-        xmssSig.initVerify(kp.getPublic());
-
-        xmssSig.update(msg, 0, msg.length);
-
-        assertTrue(xmssSig.verify(s));
-    }
-
-    public void testXMSSMTShake256Signature()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSSMT", "BCPQC");
-
-        kpg.initialize(new XMSSMTParameterSpec(4, 2, XMSSMTParameterSpec.SHAKE256), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        Signature sig = Signature.getInstance("SHAKE256withXMSSMT-SHAKE256", "BCPQC");
-
-        assertTrue(sig instanceof StateAwareSignature);
-
-        StateAwareSignature xmssSig = (StateAwareSignature)sig;
-
-        xmssSig.initSign(kp.getPrivate());
-
-        xmssSig.update(msg, 0, msg.length);
-
-        byte[] s = sig.sign();
-
-        xmssSig.initVerify(kp.getPublic());
-
-        xmssSig.update(msg, 0, msg.length);
-
-        assertTrue(xmssSig.verify(s));
-    }
-
-    public void testKeyRebuild()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSSMT", "BCPQC");
-
-        kpg.initialize(new XMSSMTParameterSpec(6, 3, XMSSMTParameterSpec.SHA256), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        Signature sig = Signature.getInstance("SHA256withXMSSMT", "BCPQC");
-
-        assertTrue(sig instanceof StateAwareSignature);
-
-        StateAwareSignature xmssSig = (StateAwareSignature)sig;
-
-        xmssSig.initSign(kp.getPrivate());
-
-        for (int i = 0; i != 5; i++)
-        {
-            xmssSig.update(msg, 0, msg.length);
-
-            xmssSig.sign();
-        }
-
-        PrivateKey pKey = xmssSig.getUpdatedPrivateKey();
-
-        PrivateKeyInfo pKeyInfo = PrivateKeyInfo.getInstance(pKey.getEncoded());
-
-        KeyFactory keyFactory = KeyFactory.getInstance("XMSSMT", "BCPQC");
-
-        ASN1Sequence seq = ASN1Sequence.getInstance(pKeyInfo.parsePrivateKey());
-
-        // create a new PrivateKeyInfo containing a key with no BDS state.
-        pKeyInfo = new PrivateKeyInfo(pKeyInfo.getPrivateKeyAlgorithm(),
-            new DERSequence(new ASN1Encodable[] { seq.getObjectAt(0), seq.getObjectAt(1) }));
-
-        XMSSMTKey privKey = (XMSSMTKey)keyFactory.generatePrivate(new PKCS8EncodedKeySpec(pKeyInfo.getEncoded()));
-
-        xmssSig.initSign(pKey);
-
-        xmssSig.update(msg, 0, msg.length);
-
-        byte[] sig1 = xmssSig.sign();
-
-        xmssSig.initSign((PrivateKey)privKey);
-
-        xmssSig.update(msg, 0, msg.length);
-
-        byte[] sig2 = xmssSig.sign();
-
-        // make sure we get the same signature as the two keys should now
-        // be in the same state.
-        assertTrue(Arrays.areEqual(sig1, sig2));
-    }
-
-    public void testXMSSMTSha256KeyFactory()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSSMT", "BCPQC");
-
-        kpg.initialize(new XMSSMTParameterSpec(10, 2, XMSSParameterSpec.SHA256), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        KeyFactory keyFactory = KeyFactory.getInstance("XMSSMT", "BCPQC");
-
-        XMSSMTKey privKey = (XMSSMTKey)keyFactory.generatePrivate(new PKCS8EncodedKeySpec(kp.getPrivate().getEncoded()));
-
-        assertEquals(kp.getPrivate(), privKey);
-
-        PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(kp.getPublic().getEncoded()));
-
-        assertEquals(kp.getPublic(), pubKey);
-
-        assertEquals(10, privKey.getHeight());
-        assertEquals(XMSSParameterSpec.SHA256, privKey.getTreeDigest());
-
-        testSig("SHA256withXMSSMT", pubKey, (PrivateKey)privKey);
-    }
-
-    private void testSig(String algorithm, PublicKey pubKey, PrivateKey privKey)
-        throws Exception
-    {
-        byte[] message = Strings.toByteArray("hello, world!");
-
-        Signature s1 = Signature.getInstance(algorithm, "BCPQC");
-        Signature s2 = Signature.getInstance(algorithm, "BCPQC");
-
-        s1.initSign(privKey);
-
-        for (int i = 0; i != 100; i++)
-        {
-            s1.update(message, 0, message.length);
-
-            byte[] sig = s1.sign();
-
-            s2.initVerify(pubKey);
-
-            s2.update(message, 0, message.length);
-
-            assertTrue(s2.verify(sig));
-        }
-    }
-
-    public void testPrehashWithWithout()
-        throws Exception
-    {
-        testPrehashAndWithoutPrehash("XMSSMT-SHA256", "SHA256", new SHA256Digest());
-        testPrehashAndWithoutPrehash("XMSSMT-SHAKE128", "SHAKE128", new SHAKEDigest(128));
-        testPrehashAndWithoutPrehash("XMSSMT-SHA512", "SHA512", new SHA512Digest());
-        testPrehashAndWithoutPrehash("XMSSMT-SHAKE256", "SHAKE256", new SHAKEDigest(256));
-
-        testPrehashAndWithoutPrehash(BCObjectIdentifiers.xmss_mt_SHA256ph, BCObjectIdentifiers.xmss_mt_SHA256, "SHA256", new SHA256Digest());
-        testPrehashAndWithoutPrehash(BCObjectIdentifiers.xmss_mt_SHAKE128ph, BCObjectIdentifiers.xmss_mt_SHAKE128, "SHAKE128", new SHAKEDigest(128));
-        testPrehashAndWithoutPrehash(BCObjectIdentifiers.xmss_mt_SHA512ph, BCObjectIdentifiers.xmss_mt_SHA512, "SHA512", new SHA512Digest());
-        testPrehashAndWithoutPrehash(BCObjectIdentifiers.xmss_mt_SHAKE256ph, BCObjectIdentifiers.xmss_mt_SHAKE256, "SHAKE256", new SHAKEDigest(256));
-    }
-
-    public void testExhaustion()
-        throws Exception
-    {
-        StateAwareSignature s1 = (StateAwareSignature)Signature.getInstance(BCObjectIdentifiers.xmss_mt_SHA256.getId(), "BCPQC");
-        Signature s2 = Signature.getInstance(BCObjectIdentifiers.xmss_mt_SHA256.getId(), "BCPQC");
-
-        byte[] message = Strings.toByteArray("hello, world!");
-
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSSMT", "BCPQC");
-
-        kpg.initialize(new XMSSMTParameterSpec(4, 2,"SHA256"), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        XMSSMTPrivateKey privKey = (XMSSMTPrivateKey)kp.getPrivate();
-
-        assertEquals(16, privKey.getUsagesRemaining());
-
-        s1.initSign(privKey);
-
-        do
-        {
-            s1.update(message, 0, message.length);
-
-            byte[] sig = s1.sign();
-
-            s2.initVerify(kp.getPublic());
-
-            s2.update(message, 0, message.length);
-
-            assertTrue(s2.verify(sig));
-
-            privKey = (XMSSMTPrivateKey)s1.getUpdatedPrivateKey();
-
-            s1.initSign(privKey);
-        }
-        while (s1.isSigningCapable());
-
-        assertEquals(0, privKey.getUsagesRemaining());
-    }
-
-    private void testPrehashAndWithoutPrehash(String baseAlgorithm, String digestName, Digest digest)
-        throws Exception
-    {
-        Signature s1 = Signature.getInstance(digestName + "with" + baseAlgorithm, "BCPQC");
-        Signature s2 = Signature.getInstance(baseAlgorithm, "BCPQC");
-
-        doTestPrehashAndWithoutPrehash(digestName, digest, s1, s2);
-    }
-
-    private void testPrehashAndWithoutPrehash(ASN1ObjectIdentifier oid1, ASN1ObjectIdentifier oid2, String digestName, Digest digest)
-        throws Exception
-    {
-        Signature s1 = Signature.getInstance(oid1.getId(), "BCPQC");
-        Signature s2 = Signature.getInstance(oid2.getId(), "BCPQC");
-
-        doTestPrehashAndWithoutPrehash(digestName, digest, s1, s2);
-    }
-
-    private void doTestPrehashAndWithoutPrehash(String digestName, Digest digest, Signature s1, Signature s2)
-        throws Exception
-    {
-        byte[] message = Strings.toByteArray("hello, world!");
-
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSSMT", "BCPQC");
-
-        kpg.initialize(new XMSSMTParameterSpec(4, 2, digestName), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        s1.initSign(kp.getPrivate());
-
-        s1.update(message, 0, message.length);
-
-        byte[] sig = s1.sign();
-
-        s2.initVerify(kp.getPublic());
-
-        digest.update(message, 0, message.length);
-
-        byte[] dig = new byte[(digest instanceof Xof) ? digest.getDigestSize() * 2 : digest.getDigestSize()];
-
-        if (digest instanceof Xof)
-        {
-            ((Xof)digest).doFinal(dig, 0, dig.length);
-        }
-        else
-        {
-            digest.doFinal(dig, 0);
-        }
-        s2.update(dig);
-
-        assertTrue(s2.verify(sig));
-    }
-
-    public void testReserialization()
-        throws Exception
-    {
-        String digest = "SHA512";
-        String sigAlg = digest+"withXMSSMT";
-        byte[] payload = Strings.toByteArray("Hello, world!");
-        
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSSMT", "BCPQC");
-        kpg.initialize(new XMSSMTParameterSpec(4, 2, digest));
-        KeyPair keyPair = kpg.generateKeyPair();
-
-        PrivateKey privateKey = keyPair.getPrivate();
-        PublicKey publicKey = keyPair.getPublic();
-
-        for (int i = 0; i != 10; i++)
-        {
-            StateAwareSignature signer = (StateAwareSignature)Signature.getInstance(sigAlg, "BCPQC");
-            signer.initSign(privateKey);
-            signer.update(payload);
-
-            byte[] signature = signer.sign();
-
-            // serialise private key
-            byte[] enc = signer.getUpdatedPrivateKey().getEncoded();
-            privateKey = KeyFactory.getInstance("XMSSMT").generatePrivate(new PKCS8EncodedKeySpec(enc));
-
-            Signature verifier = Signature.getInstance(sigAlg, "BCPQC");
-            verifier.initVerify(publicKey);
-            verifier.update(payload);
-            assertTrue(verifier.verify(signature));
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/XMSSTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/XMSSTest.java
deleted file mode 100644
index 8c7bffb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/test/XMSSTest.java
+++ /dev/null

@@ -1,678 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.security.KeyFactory;
-import java.security.KeyPair;
-import java.security.KeyPairGenerator;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Security;
-import java.security.Signature;
-import java.security.SignatureException;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-
-import junit.framework.TestCase;
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.bc.BCObjectIdentifiers;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Xof;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.digests.SHAKEDigest;
-import org.bouncycastle.pqc.jcajce.interfaces.StateAwareSignature;
-import org.bouncycastle.pqc.jcajce.interfaces.XMSSKey;
-import org.bouncycastle.pqc.jcajce.interfaces.XMSSPrivateKey;
-import org.bouncycastle.pqc.jcajce.provider.BouncyCastlePQCProvider;
-import org.bouncycastle.pqc.jcajce.spec.XMSSParameterSpec;
-import org.bouncycastle.util.Arrays;
-import org.bouncycastle.util.Strings;
-import org.bouncycastle.util.encoders.Base64;
-
-/**
- * Test cases for the use of XMSS with the BCPQC provider.
- */
-public class XMSSTest
-    extends TestCase
-{
-    private static byte[] msg = Strings.toByteArray("Cthulhu Fthagn --What a wonderful phrase!Cthulhu Fthagn --Say it and you're crazed!");
-
-    private static byte[] testPrivKey = Base64.decode(
-        "MIIJUQIBADAhBgorBgEEAYGwGgICMBMCAQACAQowCwYJYIZIAWUDBAIBBIIJJzCCCSMCAQAwgYsCAQAEIJz4Lh9eEhuxG4dgjfRXOw" +
-            "K7Um5YmC6Xf4lkXvtPgsdnBCDNR477ikIt1sOIr3+ElyurEY2gvVYydvk+LZm+OY/pagQgwCnFSoMAerORUDoJHb9tXqrCzIp52yYz" +
-            "gr3TOIKhzcAEIOCommSN0UszkpJUMLzJxe856LQbH7hl73xPpFnCwVJtoIIIjgSCCIqs7QAFc3IAJG9yZy5ib3VuY3ljYXN0bGUucH" +
-            "FjLmNyeXB0by54bXNzLkJEUwAAAAAAAAABAgAKSQAFaW5kZXhJAAFrSQAKdHJlZUhlaWdodFoABHVzZWRMABJhdXRoZW50aWNhdGlv" +
-            "blBhdGh0ABBMamF2YS91dGlsL0xpc3Q7TAAEa2VlcHQAD0xqYXZhL3V0aWwvTWFwO0wABnJldGFpbnEAfgACTAAEcm9vdHQAK0xvcm" +
-            "cvYm91bmN5Y2FzdGxlL3BxYy9jcnlwdG8veG1zcy9YTVNTTm9kZTtMAAVzdGFja3QAEUxqYXZhL3V0aWwvU3RhY2s7TAARdHJlZUhh" +
-            "c2hJbnN0YW5jZXNxAH4AAXhwAAAAAAAAAAIAAAAKAHNyABNqYXZhLnV0aWwuQXJyYXlMaXN0eIHSHZnHYZ0DAAFJAARzaXpleHAAAA" +
-            "AKdwQAAAAKc3IAKW9yZy5ib3VuY3ljYXN0bGUucHFjLmNyeXB0by54bXNzLlhNU1NOb2RlAAAAAAAAAAECAAJJAAZoZWlnaHRbAAV2" +
-            "YWx1ZXQAAltCeHAAAAAAdXIAAltCrPMX+AYIVOACAAB4cAAAACAGQv71vuxiZWXV4/Ju/9iKZCWJJH/tGib2csoUJOc8eHNxAH4ACA" +
-            "AAAAF1cQB+AAsAAAAgsqaSHpyaapwnlBv57C8sKLYUAp3Oe8jY2EZ8hSA7VQVzcQB+AAgAAAACdXEAfgALAAAAIL5Eb9aOASc8bJNt" +
-            "AwbO7pmTD7rMl74XiufBHOqgjXR+c3EAfgAIAAAAA3VxAH4ACwAAACDDX+WyjGU4eUb5OvHYbjVsjUAPHSSGRCfhC8BmTMD8gXNxAH" +
-            "4ACAAAAAR1cQB+AAsAAAAgxdz9x1wcJzZuwWSubFsFwD6IICfG+nj2kRbZtGP0LvlzcQB+AAgAAAAFdXEAfgALAAAAINrZJ2N7sn7i" +
-            "mddC8uuL3kwvsem8S/HLNVvFdu7mDjUVc3EAfgAIAAAABnVxAH4ACwAAACAnH0jqcIwZ43zMTbOz5l/SPBYA8I2G3ThJxyK3+CFqX3" +
-            "NxAH4ACAAAAAd1cQB+AAsAAAAgUesW9Krrb+DRkRfvw1GedWY2mkicW9gWysuxdpcwQpJzcQB+AAgAAAAIdXEAfgALAAAAILTstGe7" +
-            "7ZTz+Tu9hXo6W6Ceek8iqoMWR2LnlB4MlHDNc3EAfgAIAAAACXVxAH4ACwAAACBcak0jZQNXH/RqUaXXchab6lVlt0tFPwjDyjA6zj" +
-            "yigHhzcgARamF2YS51dGlsLlRyZWVNYXAMwfY+LSVq5gMAAUwACmNvbXBhcmF0b3J0ABZMamF2YS91dGlsL0NvbXBhcmF0b3I7eHBw" +
-            "dwQAAAAAeHNxAH4AH3B3BAAAAAFzcgARamF2YS5sYW5nLkludGVnZXIS4qCk94GHOAIAAUkABXZhbHVleHIAEGphdmEubGFuZy5OdW" +
-            "1iZXKGrJUdC5TgiwIAAHhwAAAACHNyABRqYXZhLnV0aWwuTGlua2VkTGlzdAwpU11KYIgiAwAAeHB3BAAAAAFzcQB+AAgAAAAIdXEA" +
-            "fgALAAAAINAd+MxJvrqmIxJYJvpW7TJZBtAw8xVVrWffg0v/FqNgeHhzcQB+AAgAAAAKdXEAfgALAAAAIOCommSN0UszkpJUMLzJxe" +
-            "856LQbH7hl73xPpFnCwVJtc3IAD2phdmEudXRpbC5TdGFjaxD+KsK7CYYdAgAAeHIAEGphdmEudXRpbC5WZWN0b3LZl31bgDuvAQMA" +
-            "A0kAEWNhcGFjaXR5SW5jcmVtZW50SQAMZWxlbWVudENvdW50WwALZWxlbWVudERhdGF0ABNbTGphdmEvbGFuZy9PYmplY3Q7eHAAAA" +
-            "AAAAAAAHVyABNbTGphdmEubGFuZy5PYmplY3Q7kM5YnxBzKWwCAAB4cAAAAApwcHBwcHBwcHBweHNxAH4ABgAAAAh3BAAAAAhzcgAs" +
-            "b3JnLmJvdW5jeWNhc3RsZS5wcWMuY3J5cHRvLnhtc3MuQkRTVHJlZUhhc2gAAAAAAAAAAQIABloACGZpbmlzaGVkSQAGaGVpZ2h0SQ" +
-            "ANaW5pdGlhbEhlaWdodFoAC2luaXRpYWxpemVkSQAJbmV4dEluZGV4TAAIdGFpbE5vZGVxAH4AA3hwAQAAAAAAAAAAAAAAAABzcQB+" +
-            "AAgAAAAAdXEAfgALAAAAIJlIeq2/6feYEOIoFJ14wZsogn4eAI7kNj3Y4NZtAGY0c3EAfgAzAQAAAAEAAAABAAAAAABzcQB+AAgAAA" +
-            "ABdXEAfgALAAAAIO5nPo5M/pLgkDLgzkCTUy+VjaPEo3cgMm5Mrg11jKXoc3EAfgAzAQAAAAIAAAACAAAAAABzcQB+AAgAAAACdXEA" +
-            "fgALAAAAIKGPe8aqDKAN6p7i5wpnVgBr+wigNp8CRKtJI1FjDgnLc3EAfgAzAQAAAAMAAAADAAAAAABzcQB+AAgAAAADdXEAfgALAA" +
-            "AAIEFdO93VUT6Q6tt4ZJaVf+Uh3BJ7ez9megbGCGEvjD1Sc3EAfgAzAQAAAAQAAAAEAAAAAABzcQB+AAgAAAAEdXEAfgALAAAAIGkP" +
-            "gbAYQss69U6Ak7S2yciX1cnj+9C3KjFh5j5pILQoc3EAfgAzAQAAAAUAAAAFAAAAAABzcQB+AAgAAAAFdXEAfgALAAAAICZR+aZttx" +
-            "PqjHYIQlaFac2mK5WiEiSy8Je+XmItQ6Xac3EAfgAzAQAAAAYAAAAGAAAAAABzcQB+AAgAAAAGdXEAfgALAAAAINoMTeI/1jvR+IIh" +
-            "yA+vQ0xR9/8utcwXpV+hT/qkVNtCc3EAfgAzAQAAAAcAAAAHAAAAAABzcQB+AAgAAAAHdXEAfgALAAAAIFmxQ2yQ05Na9oL4WA2Qhp" +
-            "qICwl81rpce4LFUAtTdj95eA==");
-
-    private static final byte[] testPublicKey = Base64.decode(
-        "MIGxMCEGCisGAQQBgbAaAgIwEwIBAAIBCjALBglghkgBZQMEAgMDgYsAMIGHAgEABEDcKHL+5XfQ9jTGJptcqN71MmzT1qe/s42wwR" +
-            "6TkILd1jH6e5vP9Iwp+hANEWJdbxYX4gyyQQpudfOQ6+7xLJNaBEAmGsvLXJAJXu5NTICpC5LpKrWWxrz6tKRiLP10EBbxtLwM3wCW" +
-            "6+d4CehmSP7B0ffx6AzJtD6l6T+lxyO0EMXG");
-
-    public void setUp()
-    {
-        if (Security.getProvider(BouncyCastlePQCProvider.PROVIDER_NAME) == null)
-        {
-            Security.addProvider(new BouncyCastlePQCProvider());
-        }
-    }
-
-    public void testPrivateKeyRecovery()
-        throws Exception
-    {
-        KeyFactory kFact = KeyFactory.getInstance("XMSS", "BCPQC");
-
-        XMSSKey privKey = (XMSSKey)kFact.generatePrivate(new PKCS8EncodedKeySpec(testPrivKey));
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        ObjectOutputStream oOut = new ObjectOutputStream(bOut);
-
-        oOut.writeObject(privKey);
-
-        oOut.close();
-
-        ObjectInputStream oIn = new ObjectInputStream(new ByteArrayInputStream(bOut.toByteArray()));
-
-        XMSSKey privKey2 = (XMSSKey)oIn.readObject();
-
-        assertEquals(privKey, privKey2);
-    }
-
-    public void testPublicKeyRecovery()
-        throws Exception
-    {
-        KeyFactory kFact = KeyFactory.getInstance("XMSS", "BCPQC");
-
-        XMSSKey pubKey = (XMSSKey)kFact.generatePublic(new X509EncodedKeySpec(testPublicKey));
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        ObjectOutputStream oOut = new ObjectOutputStream(bOut);
-
-        oOut.writeObject(pubKey);
-
-        oOut.close();
-
-        ObjectInputStream oIn = new ObjectInputStream(new ByteArrayInputStream(bOut.toByteArray()));
-
-        XMSSKey pubKey2 = (XMSSKey)oIn.readObject();
-
-        assertEquals(pubKey, pubKey2);
-    }
-
-    public void testXMSSSha256Signature()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSS", "BCPQC");
-
-        kpg.initialize(new XMSSParameterSpec(10, XMSSParameterSpec.SHA256), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        Signature sig = Signature.getInstance("SHA256withXMSS", "BCPQC");
-
-        assertTrue(sig instanceof StateAwareSignature);
-
-        StateAwareSignature xmssSig = (StateAwareSignature)sig;
-
-        xmssSig.initSign(kp.getPrivate());
-
-        xmssSig.update(msg, 0, msg.length);
-
-        byte[] s = sig.sign();
-
-        xmssSig.initVerify(kp.getPublic());
-
-        xmssSig.update(msg, 0, msg.length);
-
-        assertTrue(xmssSig.verify(s));
-    }
-
-    public void testXMSSSha512Signature()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSS", "BCPQC");
-
-        kpg.initialize(new XMSSParameterSpec(10, XMSSParameterSpec.SHA512), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        Signature sig = Signature.getInstance("SHA512withXMSS", "BCPQC");
-
-        assertTrue(sig instanceof StateAwareSignature);
-
-        StateAwareSignature xmssSig = (StateAwareSignature)sig;
-
-        xmssSig.initSign(kp.getPrivate());
-
-        xmssSig.update(msg, 0, msg.length);
-
-        byte[] s = sig.sign();
-
-        xmssSig.initVerify(kp.getPublic());
-
-        xmssSig.update(msg, 0, msg.length);
-
-        assertTrue(xmssSig.verify(s));
-    }
-
-    public void testXMSSShake128Signature()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSS", "BCPQC");
-
-        kpg.initialize(new XMSSParameterSpec(5, XMSSParameterSpec.SHAKE128), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        Signature sig = Signature.getInstance("SHAKE128withXMSS", "BCPQC");
-
-        assertTrue(sig instanceof StateAwareSignature);
-
-        StateAwareSignature xmssSig = (StateAwareSignature)sig;
-
-        xmssSig.initSign(kp.getPrivate());
-
-        xmssSig.update(msg, 0, msg.length);
-
-        byte[] s = sig.sign();
-
-        xmssSig.initVerify(kp.getPublic());
-
-        xmssSig.update(msg, 0, msg.length);
-
-        assertTrue(xmssSig.verify(s));
-    }
-
-    public void testXMSSShake256Signature()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSS", "BCPQC");
-
-        kpg.initialize(new XMSSParameterSpec(5, XMSSParameterSpec.SHAKE256), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        Signature sig = Signature.getInstance("SHAKE256withXMSS", "BCPQC");
-
-        assertTrue(sig instanceof StateAwareSignature);
-
-        StateAwareSignature xmssSig = (StateAwareSignature)sig;
-
-        xmssSig.initSign(kp.getPrivate());
-
-        xmssSig.update(msg, 0, msg.length);
-
-        byte[] s = sig.sign();
-
-        xmssSig.initVerify(kp.getPublic());
-
-        xmssSig.update(msg, 0, msg.length);
-
-        assertTrue(xmssSig.verify(s));
-    }
-
-    public void testXMSSSha256SignatureMultiple()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSS", "BCPQC");
-
-        kpg.initialize(new XMSSParameterSpec(10, XMSSParameterSpec.SHA256), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        StateAwareSignature sig1 = (StateAwareSignature)Signature.getInstance("SHA256withXMSS", "BCPQC");
-
-        StateAwareSignature sig2 = (StateAwareSignature)Signature.getInstance("SHA256withXMSS", "BCPQC");
-
-        StateAwareSignature sig3 = (StateAwareSignature)Signature.getInstance("SHA256withXMSS", "BCPQC");
-
-        sig1.initSign(kp.getPrivate());
-
-        sig2.initSign(sig1.getUpdatedPrivateKey());
-
-        sig3.initSign(sig2.getUpdatedPrivateKey());
-
-        sig1.update(msg, 0, msg.length);
-
-        byte[] s1 = sig1.sign();
-
-        sig2.update(msg, 0, msg.length);
-
-        byte[] s2 = sig2.sign();
-
-        sig3.update(msg, 0, msg.length);
-
-        byte[] s3 = sig3.sign();
-
-        sig1.initVerify(kp.getPublic());
-
-        sig1.update(msg, 0, msg.length);
-
-        assertTrue(sig1.verify(s1));
-
-        sig1.update(msg, 0, msg.length);
-
-        assertTrue(sig1.verify(s2));
-
-        sig1.update(msg, 0, msg.length);
-
-        assertTrue(sig1.verify(s3));
-    }
-
-    public void testXMSSSha256KeyFactory()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSS", "BCPQC");
-
-        kpg.initialize(new XMSSParameterSpec(10, XMSSParameterSpec.SHA256), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        KeyFactory keyFactory = KeyFactory.getInstance("XMSS", "BCPQC");
-
-        XMSSKey privKey = (XMSSKey)keyFactory.generatePrivate(new PKCS8EncodedKeySpec(kp.getPrivate().getEncoded()));
-
-        assertEquals(kp.getPrivate(), privKey);
-
-        PublicKey pubKey = keyFactory.generatePublic(new X509EncodedKeySpec(kp.getPublic().getEncoded()));
-
-        assertEquals(kp.getPublic(), pubKey);
-
-        assertEquals(10, privKey.getHeight());
-        assertEquals(XMSSParameterSpec.SHA256, privKey.getTreeDigest());
-
-        testSig("SHA256withXMSS", pubKey, (PrivateKey)privKey);
-    }
-
-    public void testXMSSSha512KeyFactory()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSS", "BCPQC");
-
-        kpg.initialize(new XMSSParameterSpec(10, XMSSParameterSpec.SHA512), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        KeyFactory keyFactory = KeyFactory.getInstance("XMSS", "BCPQC");
-
-        XMSSKey privKey = (XMSSKey)keyFactory.generatePrivate(new PKCS8EncodedKeySpec(kp.getPrivate().getEncoded()));
-
-        assertEquals(kp.getPrivate(), privKey);
-
-        XMSSKey pubKey = (XMSSKey)keyFactory.generatePublic(new X509EncodedKeySpec(kp.getPublic().getEncoded()));
-
-        assertEquals(kp.getPublic(), pubKey);
-
-        assertEquals(10, privKey.getHeight());
-        assertEquals(XMSSParameterSpec.SHA512, privKey.getTreeDigest());
-
-        assertEquals(10, pubKey.getHeight());
-        assertEquals(XMSSParameterSpec.SHA512, pubKey.getTreeDigest());
-    }
-
-    public void testXMSSShake128KeyFactory()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSS", "BCPQC");
-
-        kpg.initialize(new XMSSParameterSpec(10, XMSSParameterSpec.SHAKE128), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        KeyFactory keyFactory = KeyFactory.getInstance("XMSS", "BCPQC");
-
-        XMSSKey privKey = (XMSSKey)keyFactory.generatePrivate(new PKCS8EncodedKeySpec(kp.getPrivate().getEncoded()));
-
-        assertEquals(kp.getPrivate(), privKey);
-
-        XMSSKey pubKey = (XMSSKey)keyFactory.generatePublic(new X509EncodedKeySpec(kp.getPublic().getEncoded()));
-
-        assertEquals(kp.getPublic(), pubKey);
-
-        assertEquals(10, privKey.getHeight());
-        assertEquals(XMSSParameterSpec.SHAKE128, privKey.getTreeDigest());
-
-        assertEquals(10, pubKey.getHeight());
-        assertEquals(XMSSParameterSpec.SHAKE128, pubKey.getTreeDigest());
-    }
-
-    public void testXMSSShake256KeyFactory()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSS", "BCPQC");
-
-        kpg.initialize(new XMSSParameterSpec(10, XMSSParameterSpec.SHAKE256), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        KeyFactory keyFactory = KeyFactory.getInstance("XMSS", "BCPQC");
-
-        XMSSKey privKey = (XMSSKey)keyFactory.generatePrivate(new PKCS8EncodedKeySpec(kp.getPrivate().getEncoded()));
-
-        assertEquals(kp.getPrivate(), privKey);
-
-        XMSSKey pubKey = (XMSSKey)keyFactory.generatePublic(new X509EncodedKeySpec(kp.getPublic().getEncoded()));
-
-        assertEquals(kp.getPublic(), pubKey);
-
-        assertEquals(10, privKey.getHeight());
-        assertEquals(XMSSParameterSpec.SHAKE256, privKey.getTreeDigest());
-
-        assertEquals(10, pubKey.getHeight());
-        assertEquals(XMSSParameterSpec.SHAKE256, pubKey.getTreeDigest());
-    }
-
-    private void testSig(String algorithm, PublicKey pubKey, PrivateKey privKey)
-        throws Exception
-    {
-        byte[] message = Strings.toByteArray("hello, world!");
-
-        Signature s = Signature.getInstance(algorithm, "BCPQC");
-
-        s.initSign(privKey);
-
-        s.update(message, 0, message.length);
-
-        byte[] sig = s.sign();
-
-        s.initVerify(pubKey);
-
-        s.update(message, 0, message.length);
-
-        assertTrue(s.verify(sig));
-    }
-
-    public void testKeyExtraction()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSS", "BCPQC");
-
-        kpg.initialize(new XMSSParameterSpec(10, XMSSParameterSpec.SHA256), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        Signature sig = Signature.getInstance("SHA256withXMSS", "BCPQC");
-
-        assertTrue(sig instanceof StateAwareSignature);
-
-        StateAwareSignature xmssSig = (StateAwareSignature)sig;
-
-        xmssSig.initSign(kp.getPrivate());
-
-        assertTrue(xmssSig.isSigningCapable());
-
-        xmssSig.update(msg, 0, msg.length);
-
-        byte[] s = xmssSig.sign();
-
-        PrivateKey nKey = xmssSig.getUpdatedPrivateKey();
-
-        assertFalse(kp.getPrivate().equals(nKey));
-        assertFalse(xmssSig.isSigningCapable());
-
-        xmssSig.update(msg, 0, msg.length);
-
-        try
-        {
-            xmssSig.sign();
-            fail("no exception after key extraction");
-        }
-        catch (SignatureException e)
-        {
-            assertEquals("signing key no longer usable", e.getMessage());
-        }
-
-        try
-        {
-            xmssSig.getUpdatedPrivateKey();
-            fail("no exception after key extraction");
-        }
-        catch (IllegalStateException e)
-        {
-            assertEquals("signature object not in a signing state", e.getMessage());
-        }
-
-        xmssSig.initSign(nKey);
-
-        xmssSig.update(msg, 0, msg.length);
-
-        s = sig.sign();
-
-        xmssSig.initVerify(kp.getPublic());
-
-        xmssSig.update(msg, 0, msg.length);
-
-        assertTrue(xmssSig.verify(s));
-    }
-
-    public void testKeyRebuild()
-        throws Exception
-    {
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSS", "BCPQC");
-
-        kpg.initialize(new XMSSParameterSpec(10, XMSSParameterSpec.SHA256), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        Signature sig = Signature.getInstance("SHA256withXMSS", "BCPQC");
-
-        assertTrue(sig instanceof StateAwareSignature);
-
-        StateAwareSignature xmssSig = (StateAwareSignature)sig;
-
-        xmssSig.initSign(kp.getPrivate());
-
-        for (int i = 0; i != 5; i++)
-        {
-            xmssSig.update(msg, 0, msg.length);
-
-            xmssSig.sign();
-        }
-
-        PrivateKey pKey = xmssSig.getUpdatedPrivateKey();
-
-        PrivateKeyInfo pKeyInfo = PrivateKeyInfo.getInstance(pKey.getEncoded());
-
-        KeyFactory keyFactory = KeyFactory.getInstance("XMSS", "BCPQC");
-
-        ASN1Sequence seq = ASN1Sequence.getInstance(pKeyInfo.parsePrivateKey());
-
-        // create a new PrivateKeyInfo containing a key with no BDS state.
-        pKeyInfo = new PrivateKeyInfo(pKeyInfo.getPrivateKeyAlgorithm(),
-            new DERSequence(new ASN1Encodable[]{seq.getObjectAt(0), seq.getObjectAt(1)}));
-
-        XMSSKey privKey = (XMSSKey)keyFactory.generatePrivate(new PKCS8EncodedKeySpec(pKeyInfo.getEncoded()));
-
-        xmssSig.initSign(pKey);
-
-        xmssSig.update(msg, 0, msg.length);
-
-        byte[] sig1 = xmssSig.sign();
-
-        xmssSig.initSign((PrivateKey)privKey);
-
-        xmssSig.update(msg, 0, msg.length);
-
-        byte[] sig2 = xmssSig.sign();
-
-        // make sure we get the same signature as the two keys should now
-        // be in the same state.
-        assertTrue(Arrays.areEqual(sig1, sig2));
-    }
-
-    public void testPrehashWithWithout()
-        throws Exception
-    {
-        testPrehashAndWithoutPrehash("XMSS-SHA256", "SHA256", new SHA256Digest());
-        testPrehashAndWithoutPrehash("XMSS-SHAKE128", "SHAKE128", new SHAKEDigest(128));
-        testPrehashAndWithoutPrehash("XMSS-SHA512", "SHA512", new SHA512Digest());
-        testPrehashAndWithoutPrehash("XMSS-SHAKE256", "SHAKE256", new SHAKEDigest(256));
-
-        testPrehashAndWithoutPrehash(BCObjectIdentifiers.xmss_SHA256ph, BCObjectIdentifiers.xmss_SHA256, "SHA256", new SHA256Digest());
-        testPrehashAndWithoutPrehash(BCObjectIdentifiers.xmss_SHAKE128ph, BCObjectIdentifiers.xmss_SHAKE128, "SHAKE128", new SHAKEDigest(128));
-        testPrehashAndWithoutPrehash(BCObjectIdentifiers.xmss_SHA512ph, BCObjectIdentifiers.xmss_SHA512, "SHA512", new SHA512Digest());
-        testPrehashAndWithoutPrehash(BCObjectIdentifiers.xmss_SHAKE256ph, BCObjectIdentifiers.xmss_SHAKE256, "SHAKE256", new SHAKEDigest(256));
-    }
-
-    public void testExhaustion()
-        throws Exception
-    {
-        StateAwareSignature s1 = (StateAwareSignature)Signature.getInstance(BCObjectIdentifiers.xmss_SHA256.getId(), "BCPQC");
-        Signature s2 = Signature.getInstance(BCObjectIdentifiers.xmss_SHA256.getId(), "BCPQC");
-
-        byte[] message = Strings.toByteArray("hello, world!");
-
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSS", "BCPQC");
-
-        kpg.initialize(new XMSSParameterSpec(2, "SHA256"), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        XMSSPrivateKey privKey = (XMSSPrivateKey)kp.getPrivate();
-
-        assertEquals(4, privKey.getUsagesRemaining());
-
-        s1.initSign(privKey);
-        
-        do
-        {
-            s1.update(message, 0, message.length);
-
-            byte[] sig = s1.sign();
-
-            s2.initVerify(kp.getPublic());
-
-            s2.update(message, 0, message.length);
-
-            assertTrue(s2.verify(sig));
-
-            privKey = (XMSSPrivateKey)s1.getUpdatedPrivateKey();
-
-            s1.initSign(privKey);
-        }
-        while (s1.isSigningCapable());
-
-        assertEquals(0, privKey.getUsagesRemaining());
-    }
-
-    private void testPrehashAndWithoutPrehash(String baseAlgorithm, String digestName, Digest digest)
-        throws Exception
-    {
-        Signature s1 = Signature.getInstance(digestName + "with" + baseAlgorithm, "BCPQC");
-        Signature s2 = Signature.getInstance(baseAlgorithm, "BCPQC");
-
-        doTestPrehashAndWithoutPrehash(digestName, digest, s1, s2);
-    }
-
-    private void testPrehashAndWithoutPrehash(ASN1ObjectIdentifier oid1, ASN1ObjectIdentifier oid2, String digestName, Digest digest)
-        throws Exception
-    {
-        Signature s1 = Signature.getInstance(oid1.getId(), "BCPQC");
-        Signature s2 = Signature.getInstance(oid2.getId(), "BCPQC");
-
-        doTestPrehashAndWithoutPrehash(digestName, digest, s1, s2);
-    }
-
-    private void doTestPrehashAndWithoutPrehash(String digestName, Digest digest, Signature s1, Signature s2)
-        throws Exception
-    {
-        byte[] message = Strings.toByteArray("hello, world!");
-
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSS", "BCPQC");
-
-        kpg.initialize(new XMSSParameterSpec(2, digestName), new SecureRandom());
-
-        KeyPair kp = kpg.generateKeyPair();
-
-        s1.initSign(kp.getPrivate());
-
-        s1.update(message, 0, message.length);
-
-        byte[] sig = s1.sign();
-
-        s2.initVerify(kp.getPublic());
-
-        digest.update(message, 0, message.length);
-
-        byte[] dig = new byte[(digest instanceof Xof) ? digest.getDigestSize() * 2 : digest.getDigestSize()];
-
-        if (digest instanceof Xof)
-        {
-            ((Xof)digest).doFinal(dig, 0, dig.length);
-        }
-        else
-        {
-            digest.doFinal(dig, 0);
-        }
-        s2.update(dig);
-
-        assertTrue(s2.verify(sig));
-    }
-
-    public void testReserialization()
-        throws Exception
-    {
-        String digest = "SHA512";
-        String sigAlg = digest + "withXMSS";
-        byte[] payload = Strings.toByteArray("Hello, world!");
-
-        KeyPairGenerator kpg = KeyPairGenerator.getInstance("XMSS", "BCPQC");
-        kpg.initialize(new XMSSParameterSpec(4, digest));
-        KeyPair keyPair = kpg.generateKeyPair();
-
-        PrivateKey privateKey = keyPair.getPrivate();
-        PublicKey publicKey = keyPair.getPublic();
-
-        for (int i = 0; i != 10; i++)
-        {
-            StateAwareSignature signer = (StateAwareSignature)Signature.getInstance(sigAlg, "BCPQC");
-            signer.initSign(privateKey);
-            signer.update(payload);
-
-            byte[] signature = signer.sign();
-
-            // serialise private key
-            byte[] enc = signer.getUpdatedPrivateKey().getEncoded();
-            privateKey = KeyFactory.getInstance("XMSS").generatePrivate(new PKCS8EncodedKeySpec(enc));
-            Signature verifier = Signature.getInstance(sigAlg, "BCPQC");
-            verifier.initVerify(publicKey);
-            verifier.update(payload);
-            assertTrue(verifier.verify(signature));
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/util/AsymmetricBlockCipher.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/util/AsymmetricBlockCipher.java
deleted file mode 100644
index 2995412..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/util/AsymmetricBlockCipher.java
+++ /dev/null

@@ -1,522 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.util;
-
-import java.io.ByteArrayOutputStream;
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.InvalidParameterException;
-import java.security.Key;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.BadPaddingException;
-import javax.crypto.IllegalBlockSizeException;
-import javax.crypto.ShortBufferException;
-
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-
-
-/**
- * The AsymmetricBlockCipher class extends CipherSpiExt.
- * NOTE: Some Ciphers are using Padding. OneAndZeroesPadding is used as default
- * padding. However padding can still be specified, but mode is not supported;
- * if you try to instantiate the cipher with something else than "NONE" as mode
- * NoSuchAlgorithmException is thrown.
- */
-public abstract class AsymmetricBlockCipher
-    extends CipherSpiExt
-{
-
-    /**
-     * ParameterSpec used with this cipher
-     */
-    protected AlgorithmParameterSpec paramSpec;
-
-    /**
-     * Internal buffer
-     */
-    protected ByteArrayOutputStream buf;
-
-    /**
-     * The maximum number of bytes the cipher can decrypt.
-     */
-    protected int maxPlainTextSize;
-
-    /**
-     * The maximum number of bytes the cipher can encrypt.
-     */
-    protected int cipherTextSize;
-
-    /**
-     * The AsymmetricBlockCipher() constructor
-     */
-    public AsymmetricBlockCipher()
-    {
-        buf = new ByteArrayOutputStream();
-    }
-
-    /**
-     * Return the block size (in bytes). Note: although the ciphers extending
-     * this class are not block ciphers, the method was adopted to return the
-     * maximal plaintext and ciphertext sizes for non hybrid ciphers. If the
-     * cipher is hybrid, it returns 0.
-     *
-     * @return if the cipher is not a hybrid one the max plain/cipher text size
-     *         is returned, otherwise 0 is returned
-     */
-    public final int getBlockSize()
-    {
-        return opMode == ENCRYPT_MODE ? maxPlainTextSize : cipherTextSize;
-    }
-
-    /**
-     * @return <tt>null</tt> since no initialization vector is used.
-     */
-    public final byte[] getIV()
-    {
-        return null;
-    }
-
-    /**
-     * Return the length in bytes that an output buffer would need to be in
-     * order to hold the result of the next update or doFinal operation, given
-     * the input length <tt>inLen</tt> (in bytes). This call takes into
-     * account any unprocessed (buffered) data from a previous update call, and
-     * padding. The actual output length of the next update() or doFinal() call
-     * may be smaller than the length returned by this method.
-     * <p>
-     * If the input length plus the length of the buffered data exceeds the
-     * maximum length, <tt>0</tt> is returned.
-     * </p>
-     * @param inLen the length of the input
-     * @return the length of the ciphertext or <tt>0</tt> if the input is too
-     *         long.
-     */
-    public final int getOutputSize(int inLen)
-    {
-
-        int totalLen = inLen + buf.size();
-
-        int maxLen = getBlockSize();
-
-        if (totalLen > maxLen)
-        {
-            // the length of the input exceeds the maximal supported length
-            return 0;
-        }
-
-        return opMode == ENCRYPT_MODE ? cipherTextSize : maxPlainTextSize;
-    }
-
-    /**
-     * Returns the parameters used with this cipher.
-     * <p>
-     * The returned parameters may be the same that were used to initialize this
-     * cipher, or may contain the default set of parameters or a set of randomly
-     * generated parameters used by the underlying cipher implementation
-     * (provided that the underlying cipher implementation uses a default set of
-     * parameters or creates new parameters if it needs parameters but was not
-     * initialized with any).
-     * </p>
-     *
-     * @return the parameters used with this cipher, or null if this cipher does
-     *         not use any parameters.
-     */
-    public final AlgorithmParameterSpec getParameters()
-    {
-        return paramSpec;
-    }
-
-    /**
-     * Initializes the cipher for encryption by forwarding it to
-     * initEncrypt(Key, FlexiSecureRandom).
-     * <p>
-     * If this cipher requires any algorithm parameters that cannot be derived
-     * from the given key, the underlying cipher implementation is supposed to
-     * generate the required parameters itself (using provider-specific default
-     * or random values) if it is being initialized for encryption, and raise an
-     * InvalidKeyException if it is being initialized for decryption. The
-     * generated parameters can be retrieved using engineGetParameters or
-     * engineGetIV (if the parameter is an IV).
-     * </p>
-     * @param key the encryption or decryption key.
-     * @throws InvalidKeyException if the given key is inappropriate for initializing this
-     * cipher.
-     */
-    public final void initEncrypt(Key key)
-        throws InvalidKeyException
-    {
-        try
-        {
-            initEncrypt(key, null, CryptoServicesRegistrar.getSecureRandom());
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            throw new InvalidParameterException(
-                "This cipher needs algorithm parameters for initialization (cannot be null).");
-        }
-    }
-
-    /**
-     * Initialize this cipher for encryption by forwarding it to
-     * initEncrypt(Key, FlexiSecureRandom, AlgorithmParameterSpec).
-     * <p>
-     * If this cipher requires any algorithm parameters that cannot be derived
-     * from the given key, the underlying cipher implementation is supposed to
-     * generate the required parameters itself (using provider-specific default
-     * or random values) if it is being initialized for encryption, and raise an
-     * InvalidKeyException if it is being initialized for decryption. The
-     * generated parameters can be retrieved using engineGetParameters or
-     * engineGetIV (if the parameter is an IV).
-     * </p>
-     * @param key    the encryption or decryption key.
-     * @param random the source of randomness.
-     * @throws InvalidKeyException if the given key is inappropriate for initializing this
-     * cipher.
-     */
-    public final void initEncrypt(Key key, SecureRandom random)
-        throws InvalidKeyException
-    {
-
-        try
-        {
-            initEncrypt(key, null, random);
-        }
-        catch (InvalidAlgorithmParameterException iape)
-        {
-            throw new InvalidParameterException(
-                "This cipher needs algorithm parameters for initialization (cannot be null).");
-        }
-    }
-
-    /**
-     * Initializes the cipher for encryption by forwarding it to
-     * initEncrypt(Key, FlexiSecureRandom, AlgorithmParameterSpec).
-     *
-     * @param key    the encryption or decryption key.
-     * @param params the algorithm parameters.
-     * @throws InvalidKeyException if the given key is inappropriate for initializing this
-     * cipher.
-     * @throws InvalidAlgorithmParameterException if the given algortihm parameters are inappropriate for
-     * this cipher, or if this cipher is being initialized for
-     * decryption and requires algorithm parameters and params
-     * is null.
-     */
-    public final void initEncrypt(Key key, AlgorithmParameterSpec params)
-        throws InvalidKeyException, InvalidAlgorithmParameterException
-    {
-        initEncrypt(key, params, CryptoServicesRegistrar.getSecureRandom());
-    }
-
-    /**
-     * This method initializes the AsymmetricBlockCipher with a certain key for
-     * data encryption.
-     * <p>
-     * If this cipher (including its underlying feedback or padding scheme)
-     * requires any random bytes (e.g., for parameter generation), it will get
-     * them from random.
-     * </p><p>
-     * Note that when a Cipher object is initialized, it loses all
-     * previously-acquired state. In other words, initializing a Cipher is
-     * equivalent to creating a new instance of that Cipher and initializing it
-     * </p>
-     *
-     * @param key          the key which has to be used to encrypt data.
-     * @param secureRandom the source of randomness.
-     * @param params       the algorithm parameters.
-     * @throws InvalidKeyException if the given key is inappropriate for initializing this
-     * cipher
-     * @throws InvalidAlgorithmParameterException if the given algorithm parameters are inappropriate for
-     * this cipher, or if this cipher is being initialized for
-     * decryption and requires algorithm parameters and params
-     * is null.
-     */
-    public final void initEncrypt(Key key, AlgorithmParameterSpec params,
-                                  SecureRandom secureRandom)
-        throws InvalidKeyException,
-        InvalidAlgorithmParameterException
-    {
-        opMode = ENCRYPT_MODE;
-        initCipherEncrypt(key, params, secureRandom);
-    }
-
-    /**
-     * Initialize the cipher for decryption by forwarding it to
-     * {@link #initDecrypt(Key, AlgorithmParameterSpec)}.
-     * <p>
-     * If this cipher requires any algorithm parameters that cannot be derived
-     * from the given key, the underlying cipher implementation is supposed to
-     * generate the required parameters itself (using provider-specific default
-     * or random values) if it is being initialized for encryption, and raise an
-     * InvalidKeyException if it is being initialized for decryption. The
-     * generated parameters can be retrieved using engineGetParameters or
-     * engineGetIV (if the parameter is an IV).
-     * </p>
-     * @param key the encryption or decryption key.
-     * @throws InvalidKeyException if the given key is inappropriate for initializing this
-     * cipher.
-     */
-    public final void initDecrypt(Key key)
-        throws InvalidKeyException
-    {
-        try
-        {
-            initDecrypt(key, null);
-        }
-        catch (InvalidAlgorithmParameterException iape)
-        {
-            throw new InvalidParameterException(
-                "This cipher needs algorithm parameters for initialization (cannot be null).");
-        }
-    }
-
-    /**
-     * This method initializes the AsymmetricBlockCipher with a certain key for
-     * data decryption.
-     * <p>
-     * If this cipher (including its underlying feedback or padding scheme)
-     * requires any random bytes (e.g., for parameter generation), it will get
-     * them from random.
-     * </p><p>
-     * Note that when a Cipher object is initialized, it loses all
-     * previously-acquired state. In other words, initializing a Cipher is
-     * equivalent to creating a new instance of that Cipher and initializing it
-     * </p>
-     *
-     * @param key    the key which has to be used to decrypt data.
-     * @param params the algorithm parameters.
-     * @throws InvalidKeyException if the given key is inappropriate for initializing this
-     * cipher
-     * @throws InvalidAlgorithmParameterException if the given algorithm parameters are inappropriate for
-     * this cipher, or if this cipher is being initialized for
-     * decryption and requires algorithm parameters and params
-     * is null.
-     */
-    public final void initDecrypt(Key key, AlgorithmParameterSpec params)
-        throws InvalidKeyException, InvalidAlgorithmParameterException
-    {
-        opMode = DECRYPT_MODE;
-        initCipherDecrypt(key, params);
-    }
-
-    /**
-     * Continue a multiple-part encryption or decryption operation. This method
-     * just writes the input into an internal buffer.
-     *
-     * @param input byte array containing the next part of the input
-     * @param inOff index in the array where the input starts
-     * @param inLen length of the input
-     * @return a new buffer with the result (always empty)
-     */
-    public final byte[] update(byte[] input, int inOff, int inLen)
-    {
-        if (inLen != 0)
-        {
-            buf.write(input, inOff, inLen);
-        }
-        return new byte[0];
-    }
-
-    /**
-     * Continue a multiple-part encryption or decryption operation (depending on
-     * how this cipher was initialized), processing another data part.
-     *
-     * @param input  the input buffer
-     * @param inOff  the offset where the input starts
-     * @param inLen  the input length
-     * @param output the output buffer
-     * @param outOff the offset where the result is stored
-     * @return the length of the output (always 0)
-     */
-    public final int update(byte[] input, int inOff, int inLen, byte[] output,
-                            int outOff)
-    {
-        update(input, inOff, inLen);
-        return 0;
-    }
-
-    /**
-     * Finish a multiple-part encryption or decryption operation (depending on
-     * how this cipher was initialized).
-     *
-     * @param input the input buffer
-     * @param inOff the offset where the input starts
-     * @param inLen the input length
-     * @return a new buffer with the result
-     * @throws IllegalBlockSizeException if the plaintext or ciphertext size is too large.
-     * @throws BadPaddingException if the ciphertext is invalid.
-     */
-    public final byte[] doFinal(byte[] input, int inOff, int inLen)
-        throws IllegalBlockSizeException, BadPaddingException
-    {
-
-        checkLength(inLen);
-        update(input, inOff, inLen);
-        byte[] mBytes = buf.toByteArray();
-        buf.reset();
-
-        switch (opMode)
-        {
-        case ENCRYPT_MODE:
-            return messageEncrypt(mBytes);
-
-        case DECRYPT_MODE:
-            return messageDecrypt(mBytes);
-
-        default:
-            return null;
-
-        }
-    }
-
-    /**
-     * Finish a multiple-part encryption or decryption operation (depending on
-     * how this cipher was initialized).
-     *
-     * @param input  the input buffer
-     * @param inOff  the offset where the input starts
-     * @param inLen  the input length
-     * @param output the buffer for the result
-     * @param outOff the offset where the result is stored
-     * @return the output length
-     * @throws ShortBufferException if the output buffer is too small to hold the result.
-     * @throws IllegalBlockSizeException if the plaintext or ciphertext size is too large.
-     * @throws BadPaddingException if the ciphertext is invalid.
-     */
-    public final int doFinal(byte[] input, int inOff, int inLen, byte[] output,
-                             int outOff)
-        throws ShortBufferException, IllegalBlockSizeException,
-        BadPaddingException
-    {
-
-        if (output.length < getOutputSize(inLen))
-        {
-            throw new ShortBufferException("Output buffer too short.");
-        }
-
-        byte[] out = doFinal(input, inOff, inLen);
-        System.arraycopy(out, 0, output, outOff, out.length);
-        return out.length;
-    }
-
-    /**
-     * Since asymmetric block ciphers do not support modes, this method does
-     * nothing.
-     *
-     * @param modeName the cipher mode (unused)
-     */
-    protected final void setMode(String modeName)
-    {
-        // empty
-    }
-
-    /**
-     * Since asymmetric block ciphers do not support padding, this method does
-     * nothing.
-     *
-     * @param paddingName the name of the padding scheme (not used)
-     */
-    protected final void setPadding(String paddingName)
-    {
-        // empty
-    }
-
-    /**
-     * Check if the message length plus the length of the input length can be
-     * en/decrypted. This method uses the specific values
-     * {@link #maxPlainTextSize} and {@link #cipherTextSize} which are set by
-     * the implementations. If the input length plus the length of the internal
-     * buffer is greater than {@link #maxPlainTextSize} for encryption or not
-     * equal to {@link #cipherTextSize} for decryption, an
-     * {@link IllegalBlockSizeException} will be thrown.
-     *
-     * @param inLen length of the input to check
-     * @throws IllegalBlockSizeException if the input length is invalid.
-     */
-    protected void checkLength(int inLen)
-        throws IllegalBlockSizeException
-    {
-
-        int inLength = inLen + buf.size();
-
-        if (opMode == ENCRYPT_MODE)
-        {
-            if (inLength > maxPlainTextSize)
-            {
-                throw new IllegalBlockSizeException(
-                    "The length of the plaintext (" + inLength
-                        + " bytes) is not supported by "
-                        + "the cipher (max. " + maxPlainTextSize
-                        + " bytes).");
-            }
-        }
-        else if (opMode == DECRYPT_MODE)
-        {
-            if (inLength != cipherTextSize)
-            {
-                throw new IllegalBlockSizeException(
-                    "Illegal ciphertext length (expected " + cipherTextSize
-                        + " bytes, was " + inLength + " bytes).");
-            }
-        }
-
-    }
-
-    /**
-     * Initialize the AsymmetricBlockCipher with a certain key for data
-     * encryption.
-     *
-     * @param key    the key which has to be used to encrypt data
-     * @param params the algorithm parameters
-     * @param sr     the source of randomness
-     * @throws InvalidKeyException if the given key is inappropriate for initializing this
-     * cipher.
-     * @throws InvalidAlgorithmParameterException if the given parameters are inappropriate for
-     * initializing this cipher.
-     */
-    protected abstract void initCipherEncrypt(Key key,
-                                              AlgorithmParameterSpec params, SecureRandom sr)
-        throws InvalidKeyException, InvalidAlgorithmParameterException;
-
-    /**
-     * Initialize the AsymmetricBlockCipher with a certain key for data
-     * encryption.
-     *
-     * @param key    the key which has to be used to decrypt data
-     * @param params the algorithm parameters
-     * @throws InvalidKeyException if the given key is inappropriate for initializing this
-     * cipher
-     * @throws InvalidAlgorithmParameterException if the given parameters are inappropriate for
-     * initializing this cipher.
-     */
-    protected abstract void initCipherDecrypt(Key key,
-                                              AlgorithmParameterSpec params)
-        throws InvalidKeyException,
-        InvalidAlgorithmParameterException;
-
-    /**
-     * Encrypt the message stored in input. The method should also perform an
-     * additional length check.
-     *
-     * @param input the message to be encrypted (usually the message length is
-     *              less than or equal to maxPlainTextSize)
-     * @return the encrypted message (it has length equal to maxCipherTextSize_)
-     * @throws IllegalBlockSizeException if the input is inappropriate for this cipher.
-     * @throws BadPaddingException if the input format is invalid.
-     */
-    protected abstract byte[] messageEncrypt(byte[] input)
-        throws IllegalBlockSizeException, BadPaddingException;
-
-    /**
-     * Decrypt the ciphertext stored in input. The method should also perform an
-     * additional length check.
-     *
-     * @param input the ciphertext to be decrypted (the ciphertext length is
-     *              less than or equal to maxCipherTextSize)
-     * @return the decrypted message
-     * @throws IllegalBlockSizeException if the input is inappropriate for this cipher.
-     * @throws BadPaddingException if the input format is invalid.
-     */
-    protected abstract byte[] messageDecrypt(byte[] input)
-        throws IllegalBlockSizeException, BadPaddingException;
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/util/AsymmetricHybridCipher.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/util/AsymmetricHybridCipher.java
deleted file mode 100644
index d8153c4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/util/AsymmetricHybridCipher.java
+++ /dev/null

@@ -1,399 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.util;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.InvalidParameterException;
-import java.security.Key;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.BadPaddingException;
-import javax.crypto.ShortBufferException;
-
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-
-/**
- * The AsymmetricHybridCipher class extends CipherSpiExt.
- * NOTE: Some Ciphers are using Padding. OneAndZeroesPadding is used as default
- * padding. However padding can still be specified, but mode is not supported;
- * if you try to instantiate the cipher with something else than "NONE" as mode,
- * NoSuchAlgorithmException is thrown.
- */
-public abstract class AsymmetricHybridCipher
-    extends CipherSpiExt
-{
-
-    /**
-     * ParameterSpec used with this cipher
-     */
-    protected AlgorithmParameterSpec paramSpec;
-
-    /**
-     * Since asymmetric hybrid ciphers do not support modes, this method does
-     * nothing.
-     *
-     * @param modeName the cipher mode (unused)
-     */
-    protected final void setMode(String modeName)
-    {
-        // empty
-    }
-
-    /**
-     * Since asymmetric hybrid ciphers do not support padding, this method does
-     * nothing.
-     *
-     * @param paddingName the name of the padding scheme (not used)
-     */
-    protected final void setPadding(String paddingName)
-    {
-        // empty
-    }
-
-    /**
-     * @return <tt>null</tt> since no initialization vector is used.
-     */
-    public final byte[] getIV()
-    {
-        return null;
-    }
-
-    /**
-     * @return 0 since the implementing algorithms are not block ciphers
-     */
-    public final int getBlockSize()
-    {
-        return 0;
-    }
-
-    /**
-     * Return the parameters used with this cipher.
-     * <p>
-     * The returned parameters may be the same that were used to initialize this
-     * cipher, or may contain the default set of parameters or a set of randomly
-     * generated parameters used by the underlying cipher implementation
-     * (provided that the underlying cipher implementation uses a default set of
-     * parameters or creates new parameters if it needs parameters but was not
-     * initialized with any).
-     * </p>
-     * @return the parameters used with this cipher, or <tt>null</tt> if this
-     *         cipher does not use any parameters.
-     */
-    public final AlgorithmParameterSpec getParameters()
-    {
-        return paramSpec;
-    }
-
-    /**
-     * Return the length in bytes that an output buffer would need to be in
-     * order to hold the result of the next update or doFinal operation, given
-     * the input length <tt>inLen</tt> (in bytes). This call takes into
-     * account any unprocessed (buffered) data from a previous update call, and
-     * padding. The actual output length of the next update() or doFinal() call
-     * may be smaller than the length returned by this method.
-     *
-     * @param inLen the length of the input
-     * @return the length of the output of the next <tt>update()</tt> or
-     *         <tt>doFinal()</tt> call
-     */
-    public final int getOutputSize(int inLen)
-    {
-        return opMode == ENCRYPT_MODE ? encryptOutputSize(inLen)
-            : decryptOutputSize(inLen);
-    }
-
-    /**
-     * Initialize the cipher for encryption by forwarding it to
-     * {@link #initEncrypt(Key, AlgorithmParameterSpec, SecureRandom)}.
-     * <p>
-     * If this cipher requires any algorithm parameters that cannot be derived
-     * from the given key, the underlying cipher implementation is supposed to
-     * generate the required parameters itself (using provider-specific default
-     * or random values) if it is being initialized for encryption, and raise an
-     * InvalidKeyException if it is being initialized for decryption. The
-     * generated parameters can be retrieved using {@link #getParameters()}.
-     * </p>
-     * @param key the encryption key
-     * @throws InvalidKeyException if the given key is inappropriate for initializing this
-     * cipher.
-     * @throws InvalidParameterException if this cipher needs algorithm parameters for
-     * initialization and cannot generate parameters itself.
-     */
-    public final void initEncrypt(Key key)
-        throws InvalidKeyException
-    {
-        try
-        {
-            initEncrypt(key, null, CryptoServicesRegistrar.getSecureRandom());
-        }
-        catch (InvalidAlgorithmParameterException e)
-        {
-            throw new InvalidParameterException(
-                "This cipher needs algorithm parameters for initialization (cannot be null).");
-        }
-    }
-
-    /**
-     * Initialize this cipher for encryption by forwarding it to
-     * {@link #initEncrypt(Key, AlgorithmParameterSpec, SecureRandom)}.
-     * <p>
-     * If this cipher requires any algorithm parameters that cannot be derived
-     * from the given key, the underlying cipher implementation is supposed to
-     * generate the required parameters itself (using provider-specific default
-     * or random values) if it is being initialized for encryption, and raise an
-     * InvalidKeyException if it is being initialized for decryption. The
-     * generated parameters can be retrieved using {@link #getParameters()}.
-     * </p>
-     * @param key    the encryption key
-     * @param random the source of randomness
-     * @throws InvalidKeyException if the given key is inappropriate for initializing this
-     * cipher.
-     * @throws InvalidParameterException if this cipher needs algorithm parameters for
-     * initialization and cannot generate parameters itself.
-     */
-    public final void initEncrypt(Key key, SecureRandom random)
-        throws InvalidKeyException
-    {
-        try
-        {
-            initEncrypt(key, null, random);
-        }
-        catch (InvalidAlgorithmParameterException iape)
-        {
-            throw new InvalidParameterException(
-                "This cipher needs algorithm parameters for initialization (cannot be null).");
-        }
-    }
-
-    /**
-     * Initialize the cipher for encryption by forwarding it to initEncrypt(Key,
-     * FlexiSecureRandom, AlgorithmParameterSpec).
-     *
-     * @param key    the encryption key
-     * @param params the algorithm parameters
-     * @throws InvalidKeyException if the given key is inappropriate for initializing this
-     * cipher.
-     * @throws InvalidAlgorithmParameterException if the given algorithm parameters are inappropriate for
-     * this cipher, or if this cipher is initialized with
-     * <tt>null</tt> parameters and cannot generate parameters
-     * itself.
-     */
-    public final void initEncrypt(Key key, AlgorithmParameterSpec params)
-        throws InvalidKeyException, InvalidAlgorithmParameterException
-    {
-        initEncrypt(key, params, CryptoServicesRegistrar.getSecureRandom());
-    }
-
-    /**
-     * Initialize the cipher with a certain key for data encryption.
-     * <p>
-     * If this cipher requires any random bytes (e.g., for parameter
-     * generation), it will get them from <tt>random</tt>.
-     * </p><p>
-     * Note that when a Cipher object is initialized, it loses all
-     * previously-acquired state. In other words, initializing a Cipher is
-     * equivalent to creating a new instance of that Cipher and initializing it.
-     * </p>
-     * @param key    the encryption key
-     * @param random the source of randomness
-     * @param params the algorithm parameters
-     * @throws InvalidKeyException if the given key is inappropriate for initializing this
-     * cipher
-     * @throws InvalidAlgorithmParameterException if the given algorithm parameters are inappropriate for
-     * this cipher, or if this cipher is initialized with
-     * <tt>null</tt> parameters and cannot generate parameters
-     * itself.
-     */
-    public final void initEncrypt(Key key, AlgorithmParameterSpec params,
-                                  SecureRandom random)
-        throws InvalidKeyException,
-        InvalidAlgorithmParameterException
-    {
-        opMode = ENCRYPT_MODE;
-        initCipherEncrypt(key, params, random);
-    }
-
-    /**
-     * Initialize the cipher for decryption by forwarding it to initDecrypt(Key,
-     * FlexiSecureRandom).
-     * <p>
-     * If this cipher requires any algorithm parameters that cannot be derived
-     * from the given key, the underlying cipher implementation is supposed to
-     * generate the required parameters itself (using provider-specific default
-     * or random values) if it is being initialized for encryption, and raise an
-     * InvalidKeyException if it is being initialized for decryption. The
-     * generated parameters can be retrieved using {@link #getParameters()}.
-     * </p>
-     * @param key the decryption key
-     * @throws InvalidKeyException if the given key is inappropriate for initializing this
-     * cipher.
-     */
-    public final void initDecrypt(Key key)
-        throws InvalidKeyException
-    {
-        try
-        {
-            initDecrypt(key, null);
-        }
-        catch (InvalidAlgorithmParameterException iape)
-        {
-            throw new InvalidParameterException(
-                "This cipher needs algorithm parameters for initialization (cannot be null).");
-        }
-    }
-
-    /**
-     * Initialize the cipher with a certain key for data decryption.
-     * <p>
-     * If this cipher requires any random bytes (e.g., for parameter
-     * generation), it will get them from <tt>random</tt>.
-     * </p><p>
-     * Note that when a Cipher object is initialized, it loses all
-     * previously-acquired state. In other words, initializing a Cipher is
-     * equivalent to creating a new instance of that Cipher and initializing it
-     * </p>
-     * @param key    the decryption key
-     * @param params the algorithm parameters
-     * @throws InvalidKeyException if the given key is inappropriate for initializing this
-     * cipher
-     * @throws InvalidAlgorithmParameterException if the given algorithm parameters are inappropriate for
-     * this cipher, or if this cipher is initialized with
-     * <tt>null</tt> parameters and cannot generate parameters
-     * itself.
-     */
-    public final void initDecrypt(Key key, AlgorithmParameterSpec params)
-        throws InvalidKeyException, InvalidAlgorithmParameterException
-    {
-        opMode = DECRYPT_MODE;
-        initCipherDecrypt(key, params);
-    }
-
-    /**
-     * Continue a multiple-part encryption or decryption operation (depending on
-     * how this cipher was initialized), processing another data part.
-     *
-     * @param input the input buffer
-     * @param inOff the offset where the input starts
-     * @param inLen the input length
-     * @return a new buffer with the result (maybe an empty byte array)
-     */
-    public abstract byte[] update(byte[] input, int inOff, int inLen);
-
-    /**
-     * Continue a multiple-part encryption or decryption operation (depending on
-     * how this cipher was initialized), processing another data part.
-     *
-     * @param input  the input buffer
-     * @param inOff  the offset where the input starts
-     * @param inLen  the input length
-     * @param output the output buffer
-     * @param outOff the offset where the result is stored
-     * @return the length of the output
-     * @throws ShortBufferException if the output buffer is too small to hold the result.
-     */
-    public final int update(byte[] input, int inOff, int inLen, byte[] output,
-                            int outOff)
-        throws ShortBufferException
-    {
-        if (output.length < getOutputSize(inLen))
-        {
-            throw new ShortBufferException("output");
-        }
-        byte[] out = update(input, inOff, inLen);
-        System.arraycopy(out, 0, output, outOff, out.length);
-        return out.length;
-    }
-
-    /**
-     * Finish a multiple-part encryption or decryption operation (depending on
-     * how this cipher was initialized).
-     *
-     * @param input the input buffer
-     * @param inOff the offset where the input starts
-     * @param inLen the input length
-     * @return a new buffer with the result
-     * @throws BadPaddingException if the ciphertext is invalid.
-     */
-    public abstract byte[] doFinal(byte[] input, int inOff, int inLen)
-        throws BadPaddingException;
-
-    /**
-     * Finish a multiple-part encryption or decryption operation (depending on
-     * how this cipher was initialized).
-     *
-     * @param input  the input buffer
-     * @param inOff  the offset where the input starts
-     * @param inLen  the input length
-     * @param output the buffer for the result
-     * @param outOff the offset where the result is stored
-     * @return the output length
-     * @throws ShortBufferException if the output buffer is too small to hold the result.
-     * @throws BadPaddingException if the ciphertext is invalid.
-     */
-    public final int doFinal(byte[] input, int inOff, int inLen, byte[] output,
-                             int outOff)
-        throws ShortBufferException, BadPaddingException
-    {
-
-        if (output.length < getOutputSize(inLen))
-        {
-            throw new ShortBufferException("Output buffer too short.");
-        }
-        byte[] out = doFinal(input, inOff, inLen);
-        System.arraycopy(out, 0, output, outOff, out.length);
-        return out.length;
-    }
-
-    /**
-     * Compute the output size of an update() or doFinal() operation of a hybrid
-     * asymmetric cipher in encryption mode when given input of the specified
-     * length.
-     *
-     * @param inLen the length of the input
-     * @return the output size
-     */
-    protected abstract int encryptOutputSize(int inLen);
-
-    /**
-     * Compute the output size of an update() or doFinal() operation of a hybrid
-     * asymmetric cipher in decryption mode when given input of the specified
-     * length.
-     *
-     * @param inLen the length of the input
-     * @return the output size
-     */
-    protected abstract int decryptOutputSize(int inLen);
-
-    /**
-     * Initialize the AsymmetricHybridCipher with a certain key for data
-     * encryption.
-     *
-     * @param key    the key which has to be used to encrypt data
-     * @param params the algorithm parameters
-     * @param sr     the source of randomness
-     * @throws InvalidKeyException if the given key is inappropriate for initializing this
-     * cipher.
-     * @throws InvalidAlgorithmParameterException if the given parameters are inappropriate for
-     * initializing this cipher.
-     */
-    protected abstract void initCipherEncrypt(Key key,
-                                              AlgorithmParameterSpec params, SecureRandom sr)
-        throws InvalidKeyException, InvalidAlgorithmParameterException;
-
-    /**
-     * Initialize the AsymmetricHybridCipher with a certain key for data
-     * encryption.
-     *
-     * @param key    the key which has to be used to decrypt data
-     * @param params the algorithm parameters
-     * @throws InvalidKeyException if the given key is inappropriate for initializing this
-     * cipher
-     * @throws InvalidAlgorithmParameterException if the given parameters are inappropriate for
-     * initializing this cipher.
-     */
-    protected abstract void initCipherDecrypt(Key key,
-                                              AlgorithmParameterSpec params)
-        throws InvalidKeyException,
-        InvalidAlgorithmParameterException;
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/util/CipherSpiExt.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/util/CipherSpiExt.java
deleted file mode 100644
index 05f37d2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/util/CipherSpiExt.java
+++ /dev/null

@@ -1,634 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.util;
-
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.InvalidKeyException;
-import java.security.InvalidParameterException;
-import java.security.Key;
-import java.security.NoSuchAlgorithmException;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import javax.crypto.BadPaddingException;
-import javax.crypto.CipherSpi;
-import javax.crypto.IllegalBlockSizeException;
-import javax.crypto.NoSuchPaddingException;
-import javax.crypto.ShortBufferException;
-
-/**
- * The CipherSpiExt class extends CipherSpi.
- */
-public abstract class CipherSpiExt
-    extends CipherSpi
-{
-
-    /**
-     * Constant specifying encrypt mode.
-     */
-    public static final int ENCRYPT_MODE = javax.crypto.Cipher.ENCRYPT_MODE;
-
-    /**
-     * Constant specifying decrypt mode.
-     */
-    public static final int DECRYPT_MODE = javax.crypto.Cipher.DECRYPT_MODE;
-
-    /**
-     * The operation mode for this cipher ({@link #ENCRYPT_MODE} or
-     * {@link #DECRYPT_MODE}).
-     */
-    protected int opMode;
-
-    // ****************************************************
-    // JCA adapter methods
-    // ****************************************************
-
-    /**
-     * Initialize this cipher object with a proper key and some random seed.
-     * Before a cipher object is ready for data processing, it has to be
-     * initialized according to the desired cryptographic operation, which is
-     * specified by the <tt>opMode</tt> parameter.
-     * <p>
-     * If this cipher (including its underlying mode or padding scheme) requires
-     * any random bytes, it will obtain them from <tt>random</tt>.
-     * </p><p>
-     * Note: If the mode needs an initialization vector, a blank array is used
-     * in this case.
-     * @param opMode the operation mode ({@link #ENCRYPT_MODE} or
-     *               {@link #DECRYPT_MODE})
-     * @param key    the key
-     * @param random the random seed
-     * @throws java.security.InvalidKeyException if the key is inappropriate for initializing this cipher.
-     */
-    protected final void engineInit(int opMode, java.security.Key key,
-                                    java.security.SecureRandom random)
-        throws java.security.InvalidKeyException
-    {
-
-        try
-        {
-            engineInit(opMode, key,
-                (java.security.spec.AlgorithmParameterSpec)null, random);
-        }
-        catch (java.security.InvalidAlgorithmParameterException e)
-        {
-            throw new InvalidParameterException(e.getMessage());
-        }
-    }
-
-    /**
-     * Initialize this cipher with a key, a set of algorithm parameters, and a
-     * source of randomness. The cipher is initialized for encryption or
-     * decryption, depending on the value of <tt>opMode</tt>.
-     * <p>
-     * If this cipher (including its underlying mode or padding scheme) requires
-     * any random bytes, it will obtain them from <tt>random</tt>. Note that
-     * when a cipher object is initialized, it loses all
-     * previously-acquired state. In other words, initializing a Cipher is
-     * equivalent to creating a new instance of that Cipher and initializing it.
-     * </p><p>
-     * Note: If the mode needs an initialization vector, a try to retrieve it
-     * from the AlgorithmParametersSpec is made.
-     * </p>
-     * @param opMode    the operation mode ({@link #ENCRYPT_MODE} or
-     *                  {@link #DECRYPT_MODE})
-     * @param key       the key
-     * @param algParams the algorithm parameters
-     * @param random    the random seed
-     * @throws java.security.InvalidKeyException if the key is inappropriate for initializing this block
-     * cipher.
-     * @throws java.security.InvalidAlgorithmParameterException if the parameters are inappropriate for initializing this
-     * block cipher.
-     */
-    protected final void engineInit(int opMode, java.security.Key key,
-                                    java.security.AlgorithmParameters algParams,
-                                    java.security.SecureRandom random)
-        throws java.security.InvalidKeyException,
-        java.security.InvalidAlgorithmParameterException
-    {
-
-        // if algParams are not specified, initialize without them
-        if (algParams == null)
-        {
-            engineInit(opMode, key, random);
-            return;
-        }
-
-        AlgorithmParameterSpec paramSpec = null;
-        // XXX getting AlgorithmParameterSpec from AlgorithmParameters
-
-        engineInit(opMode, key, paramSpec, random);
-    }
-
-    /**
-     * Initialize this cipher with a key, a set of algorithm parameters, and a
-     * source of randomness. The cipher is initialized for one of the following
-     * four operations: encryption, decryption, key wrapping or key unwrapping,
-     * depending on the value of opMode. If this cipher (including its
-     * underlying feedback or padding scheme) requires any random bytes (e.g.,
-     * for parameter generation), it will get them from random. Note that when a
-     * Cipher object is initialized, it loses all previously-acquired state. In
-     * other words, initializing a Cipher is equivalent to creating a new
-     * instance of that Cipher and initializing it.
-     *
-     * @param opMode   the operation mode ({@link #ENCRYPT_MODE} or
-     *                 {@link #DECRYPT_MODE})
-     * @param key      the encryption key
-     * @param params   the algorithm parameters
-     * @param javaRand the source of randomness
-     * @throws java.security.InvalidKeyException if the given key is inappropriate for initializing this
-     * cipher
-     * @throws java.security.InvalidAlgorithmParameterException if the given algorithm parameters are inappropriate for
-     * this cipher, or if this cipher is being initialized for
-     * decryption and requires algorithm parameters and the
-     * parameters are null.
-     */
-    protected void engineInit(int opMode, java.security.Key key,
-                              java.security.spec.AlgorithmParameterSpec params,
-                              java.security.SecureRandom javaRand)
-        throws java.security.InvalidKeyException,
-        java.security.InvalidAlgorithmParameterException
-    {
-
-        if ((params != null) && !(params instanceof AlgorithmParameterSpec))
-        {
-            throw new java.security.InvalidAlgorithmParameterException();
-        }
-
-        if ((key == null) || !(key instanceof Key))
-        {
-            throw new java.security.InvalidKeyException();
-        }
-
-        this.opMode = opMode;
-
-        if (opMode == ENCRYPT_MODE)
-        {
-            SecureRandom flexiRand = javaRand;
-            initEncrypt((Key)key, (AlgorithmParameterSpec)params, flexiRand);
-
-        }
-        else if (opMode == DECRYPT_MODE)
-        {
-            initDecrypt((Key)key, (AlgorithmParameterSpec)params);
-
-        }
-    }
-
-    /**
-     * Return the result of the last step of a multi-step en-/decryption
-     * operation or the result of a single-step en-/decryption operation by
-     * processing the given input data and any remaining buffered data. The data
-     * to be processed is given in an input byte array. Beginning at
-     * inputOffset, only the first inputLen bytes are en-/decrypted, including
-     * any buffered bytes of a previous update operation. If necessary, padding
-     * is performed. The result is returned as a output byte array.
-     *
-     * @param input the byte array holding the data to be processed
-     * @param inOff the offset indicating the start position within the input
-     *              byte array
-     * @param inLen the number of bytes to be processed
-     * @return the byte array containing the en-/decrypted data
-     * @throws javax.crypto.IllegalBlockSizeException if the ciphertext length is not a multiple of the
-     * blocklength.
-     * @throws javax.crypto.BadPaddingException if unpadding is not possible.
-     */
-    protected final byte[] engineDoFinal(byte[] input, int inOff, int inLen)
-        throws javax.crypto.IllegalBlockSizeException,
-        javax.crypto.BadPaddingException
-    {
-        return doFinal(input, inOff, inLen);
-    }
-
-    /**
-     * Perform the last step of a multi-step en-/decryption operation or a
-     * single-step en-/decryption operation by processing the given input data
-     * and any remaining buffered data. The data to be processed is given in an
-     * input byte array. Beginning at inputOffset, only the first inputLen bytes
-     * are en-/decrypted, including any buffered bytes of a previous update
-     * operation. If necessary, padding is performed. The result is stored in
-     * the given output byte array, beginning at outputOffset. The number of
-     * bytes stored in this byte array are returned.
-     *
-     * @param input  the byte array holding the data to be processed
-     * @param inOff  the offset indicating the start position within the input
-     *               byte array
-     * @param inLen  the number of bytes to be processed
-     * @param output the byte array for holding the result
-     * @param outOff the offset indicating the start position within the output
-     *               byte array to which the en/decrypted data is written
-     * @return the number of bytes stored in the output byte array
-     * @throws javax.crypto.ShortBufferException if the output buffer is too short to hold the output.
-     * @throws javax.crypto.IllegalBlockSizeException if the ciphertext length is not a multiple of the
-     * blocklength.
-     * @throws javax.crypto.BadPaddingException if unpadding is not possible.
-     */
-    protected final int engineDoFinal(byte[] input, int inOff, int inLen,
-                                      byte[] output, int outOff)
-        throws javax.crypto.ShortBufferException,
-        javax.crypto.IllegalBlockSizeException,
-        javax.crypto.BadPaddingException
-    {
-        return doFinal(input, inOff, inLen, output, outOff);
-    }
-
-    /**
-     * @return the block size (in bytes), or 0 if the underlying algorithm is
-     *         not a block cipher
-     */
-    protected final int engineGetBlockSize()
-    {
-        return getBlockSize();
-    }
-
-    /**
-     * Return the key size of the given key object in bits.
-     *
-     * @param key the key object
-     * @return the key size in bits of the given key object
-     * @throws java.security.InvalidKeyException if key is invalid.
-     */
-    protected final int engineGetKeySize(java.security.Key key)
-        throws java.security.InvalidKeyException
-    {
-        if (!(key instanceof Key))
-        {
-            throw new java.security.InvalidKeyException("Unsupported key.");
-        }
-        return getKeySize((Key)key);
-    }
-
-    /**
-     * Return the initialization vector. This is useful in the context of
-     * password-based encryption or decryption, where the IV is derived from a
-     * user-provided passphrase.
-     *
-     * @return the initialization vector in a new buffer, or <tt>null</tt> if
-     *         the underlying algorithm does not use an IV, or if the IV has not
-     *         yet been set.
-     */
-    protected final byte[] engineGetIV()
-    {
-        return getIV();
-    }
-
-    /**
-     * Return the length in bytes that an output buffer would need to be in
-     * order to hold the result of the next update or doFinal operation, given
-     * the input length inputLen (in bytes).
-     * <p>
-     * This call takes into account any unprocessed (buffered) data from a
-     * previous update call, and padding.
-     * </p><p>
-     * The actual output length of the next update or doFinal call may be
-     * smaller than the length returned by this method.
-     * </p>
-     * @param inLen the input length (in bytes)
-     * @return the required output buffer size (in bytes)
-     */
-    protected final int engineGetOutputSize(int inLen)
-    {
-        return getOutputSize(inLen);
-    }
-
-    /**
-     * Returns the parameters used with this cipher.
-     * <p>
-     * The returned parameters may be the same that were used to initialize this
-     * cipher, or may contain the default set of parameters or a set of randomly
-     * generated parameters used by the underlying cipher implementation
-     * (provided that the underlying cipher implementation uses a default set of
-     * parameters or creates new parameters if it needs parameters but was not
-     * initialized with any).
-     * </p>
-     * @return the parameters used with this cipher, or null if this cipher does
-     *         not use any parameters.
-     */
-    protected final java.security.AlgorithmParameters engineGetParameters()
-    {
-        // TODO
-        return null;
-    }
-
-    /**
-     * Set the mode of this cipher.
-     *
-     * @param modeName the cipher mode
-     * @throws java.security.NoSuchAlgorithmException if neither the mode with the given name nor the default
-     * mode can be found
-     */
-    protected final void engineSetMode(String modeName)
-        throws java.security.NoSuchAlgorithmException
-    {
-        setMode(modeName);
-    }
-
-    /**
-     * Set the padding scheme of this cipher.
-     *
-     * @param paddingName the padding scheme
-     * @throws javax.crypto.NoSuchPaddingException if the requested padding scheme cannot be found.
-     */
-    protected final void engineSetPadding(String paddingName)
-        throws javax.crypto.NoSuchPaddingException
-    {
-        setPadding(paddingName);
-    }
-
-    /**
-     * Return the result of the next step of a multi-step en-/decryption
-     * operation. The data to be processed is given in an input byte array.
-     * Beginning at inputOffset, only the first inputLen bytes are
-     * en-/decrypted. The result is returned as a byte array.
-     *
-     * @param input the byte array holding the data to be processed
-     * @param inOff the offset indicating the start position within the input
-     *              byte array
-     * @param inLen the number of bytes to be processed
-     * @return the byte array containing the en-/decrypted data
-     */
-    protected final byte[] engineUpdate(byte[] input, int inOff, int inLen)
-    {
-        return update(input, inOff, inLen);
-    }
-
-    /**
-     * Perform the next step of a multi-step en-/decryption operation. The data
-     * to be processed is given in an input byte array. Beginning at
-     * inputOffset, only the first inputLen bytes are en-/decrypted. The result
-     * is stored in the given output byte array, beginning at outputOffset. The
-     * number of bytes stored in this output byte array are returned.
-     *
-     * @param input  the byte array holding the data to be processed
-     * @param inOff  the offset indicating the start position within the input
-     *               byte array
-     * @param inLen  the number of bytes to be processed
-     * @param output the byte array for holding the result
-     * @param outOff the offset indicating the start position within the output
-     *               byte array to which the en-/decrypted data is written
-     * @return the number of bytes that are stored in the output byte array
-     * @throws javax.crypto.ShortBufferException if the output buffer is too short to hold the output.
-     */
-    protected final int engineUpdate(final byte[] input, final int inOff,
-                                     final int inLen, byte[] output, final int outOff)
-        throws javax.crypto.ShortBufferException
-    {
-        return update(input, inOff, inLen, output, outOff);
-    }
-
-    /**
-     * Initialize this cipher with a key, a set of algorithm parameters, and a
-     * source of randomness for encryption.
-     * <p>
-     * If this cipher requires any algorithm parameters and paramSpec is null,
-     * the underlying cipher implementation is supposed to generate the required
-     * parameters itself (using provider-specific default or random values) if
-     * it is being initialized for encryption, and raise an
-     * InvalidAlgorithmParameterException if it is being initialized for
-     * decryption. The generated parameters can be retrieved using
-     * engineGetParameters or engineGetIV (if the parameter is an IV).
-     * </p><p>
-     * If this cipher (including its underlying feedback or padding scheme)
-     * requires any random bytes (e.g., for parameter generation), it will get
-     * them from random.
-     * </p><p>
-     * Note that when a cipher object is initialized, it loses all
-     * previously-acquired state. In other words, initializing a Cipher is
-     * equivalent to creating a new instance of that Cipher and initializing it.
-     *
-     * @param key          the encryption key
-     * @param cipherParams the cipher parameters
-     * @param random       the source of randomness
-     * @throws InvalidKeyException if the given key is inappropriate for initializing this
-     * block cipher.
-     * @throws InvalidAlgorithmParameterException if the parameters are inappropriate for initializing this
-     * block cipher.
-     */
-    public abstract void initEncrypt(Key key,
-                                     AlgorithmParameterSpec cipherParams, SecureRandom random)
-        throws InvalidKeyException, InvalidAlgorithmParameterException;
-
-    /**
-     * Initialize this cipher with a key, a set of algorithm parameters, and a
-     * source of randomness for decryption.
-     * <p>
-     * If this cipher requires any algorithm parameters and paramSpec is null,
-     * the underlying cipher implementation is supposed to generate the required
-     * parameters itself (using provider-specific default or random values) if
-     * it is being initialized for encryption, and throw an
-     * {@link InvalidAlgorithmParameterException} if it is being initialized for
-     * decryption. The generated parameters can be retrieved using
-     * engineGetParameters or engineGetIV (if the parameter is an IV).
-     * </p><p>
-     * If this cipher (including its underlying feedback or padding scheme)
-     * requires any random bytes (e.g., for parameter generation), it will get
-     * them from random.
-     * </p><p>
-     * Note that when a cipher object is initialized, it loses all
-     * previously-acquired state. In other words, initializing a Cipher is
-     * equivalent to creating a new instance of that Cipher and initializing it.
-     *
-     * @param key          the encryption key
-     * @param cipherParams the cipher parameters
-     * @throws InvalidKeyException if the given key is inappropriate for initializing this
-     * block cipher.
-     * @throws InvalidAlgorithmParameterException if the parameters are inappropriate for initializing this
-     * block cipher.
-     */
-    public abstract void initDecrypt(Key key,
-                                     AlgorithmParameterSpec cipherParams)
-        throws InvalidKeyException,
-        InvalidAlgorithmParameterException;
-
-    /**
-     * @return the name of this cipher
-     */
-    public abstract String getName();
-
-    /**
-     * @return the block size (in bytes), or 0 if the underlying algorithm is
-     *         not a block cipher
-     */
-    public abstract int getBlockSize();
-
-    /**
-     * Returns the length in bytes that an output buffer would need to be in
-     * order to hold the result of the next update or doFinal operation, given
-     * the input length inputLen (in bytes).
-     * <p>
-     * This call takes into account any unprocessed (buffered) data from a
-     * previous update call, and padding.
-     * </p><p>
-     * The actual output length of the next update or doFinal call may be
-     * smaller than the length returned by this method.
-     *
-     * @param inputLen the input length (in bytes)
-     * @return the required output buffer size (in bytes)
-     */
-    public abstract int getOutputSize(int inputLen);
-
-    /**
-     * Return the key size of the given key object in bits.
-     *
-     * @param key the key object
-     * @return the key size in bits of the given key object
-     * @throws InvalidKeyException if key is invalid.
-     */
-    public abstract int getKeySize(Key key)
-        throws InvalidKeyException;
-
-    /**
-     * Returns the parameters used with this cipher.
-     * <p>
-     * The returned parameters may be the same that were used to initialize this
-     * cipher, or may contain the default set of parameters or a set of randomly
-     * generated parameters used by the underlying cipher implementation
-     * (provided that the underlying cipher implementation uses a default set of
-     * parameters or creates new parameters if it needs parameters but was not
-     * initialized with any).
-     *
-     * @return the parameters used with this cipher, or null if this cipher does
-     *         not use any parameters.
-     */
-    public abstract AlgorithmParameterSpec getParameters();
-
-    /**
-     * Return the initialization vector. This is useful in the context of
-     * password-based encryption or decryption, where the IV is derived from a
-     * user-provided passphrase.
-     *
-     * @return the initialization vector in a new buffer, or <tt>null</tt> if
-     *         the underlying algorithm does not use an IV, or if the IV has not
-     *         yet been set.
-     */
-    public abstract byte[] getIV();
-
-    /**
-     * Set the mode of this cipher.
-     *
-     * @param mode the cipher mode
-     * @throws NoSuchAlgorithmException if the requested mode cannot be found.
-     */
-    protected abstract void setMode(String mode)
-        throws NoSuchAlgorithmException;
-
-    /**
-     * Set the padding mechanism of this cipher.
-     *
-     * @param padding the padding mechanism
-     * @throws NoSuchPaddingException if the requested padding scheme cannot be found.
-     */
-    protected abstract void setPadding(String padding)
-        throws NoSuchPaddingException;
-
-    /**
-     * Continue a multiple-part encryption or decryption operation (depending on
-     * how this cipher was initialized), processing another data part.
-     *
-     * @param input the input buffer
-     * @return a new buffer with the result (maybe an empty byte array)
-     */
-    public final byte[] update(byte[] input)
-    {
-        return update(input, 0, input.length);
-    }
-
-    /**
-     * Continue a multiple-part encryption or decryption operation (depending on
-     * how this cipher was initialized), processing another data part.
-     *
-     * @param input the input buffer
-     * @param inOff the offset where the input starts
-     * @param inLen the input length
-     * @return a new buffer with the result (maybe an empty byte array)
-     */
-    public abstract byte[] update(byte[] input, int inOff, int inLen);
-
-    /**
-     * Continue a multiple-part encryption or decryption operation (depending on
-     * how this cipher was initialized), processing another data part.
-     *
-     * @param input  the input buffer
-     * @param inOff  the offset where the input starts
-     * @param inLen  the input length
-     * @param output the output buffer
-     * @param outOff the offset where the result is stored
-     * @return the length of the output
-     * @throws ShortBufferException if the output buffer is too small to hold the result.
-     */
-    public abstract int update(byte[] input, int inOff, int inLen,
-                               byte[] output, int outOff)
-        throws ShortBufferException;
-
-    /**
-     * Finish a multiple-part encryption or decryption operation (depending on
-     * how this cipher was initialized).
-     *
-     * @return a new buffer with the result
-     * @throws IllegalBlockSizeException if this cipher is a block cipher and the total input
-     * length is not a multiple of the block size (for
-     * encryption when no padding is used or for decryption).
-     * @throws BadPaddingException if this cipher is a block cipher and unpadding fails.
-     */
-    public final byte[] doFinal()
-        throws IllegalBlockSizeException,
-        BadPaddingException
-    {
-        return doFinal(null, 0, 0);
-    }
-
-    /**
-     * Finish a multiple-part encryption or decryption operation (depending on
-     * how this cipher was initialized).
-     *
-     * @param input the input buffer
-     * @return a new buffer with the result
-     * @throws IllegalBlockSizeException if this cipher is a block cipher and the total input
-     * length is not a multiple of the block size (for
-     * encryption when no padding is used or for decryption).
-     * @throws BadPaddingException if this cipher is a block cipher and unpadding fails.
-     */
-    public final byte[] doFinal(byte[] input)
-        throws IllegalBlockSizeException,
-        BadPaddingException
-    {
-        return doFinal(input, 0, input.length);
-    }
-
-    /**
-     * Finish a multiple-part encryption or decryption operation (depending on
-     * how this cipher was initialized).
-     *
-     * @param input the input buffer
-     * @param inOff the offset where the input starts
-     * @param inLen the input length
-     * @return a new buffer with the result
-     * @throws IllegalBlockSizeException if this cipher is a block cipher and the total input
-     * length is not a multiple of the block size (for
-     * encryption when no padding is used or for decryption).
-     * @throws BadPaddingException if this cipher is a block cipher and unpadding fails.
-     */
-    public abstract byte[] doFinal(byte[] input, int inOff, int inLen)
-        throws IllegalBlockSizeException, BadPaddingException;
-
-    /**
-     * Finish a multiple-part encryption or decryption operation (depending on
-     * how this cipher was initialized).
-     *
-     * @param input  the input buffer
-     * @param inOff  the offset where the input starts
-     * @param inLen  the input length
-     * @param output the buffer for the result
-     * @param outOff the offset where the result is stored
-     * @return the output length
-     * @throws ShortBufferException if the output buffer is too small to hold the result.
-     * @throws IllegalBlockSizeException if this cipher is a block cipher and the total input
-     * length is not a multiple of the block size (for
-     * encryption when no padding is used or for decryption).
-     * @throws BadPaddingException if this cipher is a block cipher and unpadding fails.
-     */
-    public abstract int doFinal(byte[] input, int inOff, int inLen,
-                                byte[] output, int outOff)
-        throws ShortBufferException,
-        IllegalBlockSizeException, BadPaddingException;
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/util/KeyUtil.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/util/KeyUtil.java
deleted file mode 100644
index ba31e4d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/util/KeyUtil.java
+++ /dev/null

@@ -1,72 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.util;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-
-public class KeyUtil
-{
-    public static byte[] getEncodedSubjectPublicKeyInfo(AlgorithmIdentifier algId, ASN1Encodable keyData)
-    {
-        try
-        {
-            return getEncodedSubjectPublicKeyInfo(new SubjectPublicKeyInfo(algId, keyData));
-        }
-        catch (Exception e)
-        {
-            return null;
-        }
-    }
-
-    public static byte[] getEncodedSubjectPublicKeyInfo(AlgorithmIdentifier algId, byte[] keyData)
-    {
-        try
-        {
-            return getEncodedSubjectPublicKeyInfo(new SubjectPublicKeyInfo(algId, keyData));
-        }
-        catch (Exception e)
-        {
-            return null;
-        }
-    }
-
-    public static byte[] getEncodedSubjectPublicKeyInfo(SubjectPublicKeyInfo info)
-    {
-         try
-         {
-             return info.getEncoded(ASN1Encoding.DER);
-         }
-         catch (Exception e)
-         {
-             return null;
-         }
-    }
-
-    public static byte[] getEncodedPrivateKeyInfo(AlgorithmIdentifier algId, ASN1Encodable privKey)
-    {
-         try
-         {
-             PrivateKeyInfo info = new PrivateKeyInfo(algId, privKey.toASN1Primitive());
-
-             return getEncodedPrivateKeyInfo(info);
-         }
-         catch (Exception e)
-         {
-             return null;
-         }
-    }
-
-    public static byte[] getEncodedPrivateKeyInfo(PrivateKeyInfo info)
-    {
-         try
-         {
-             return info.getEncoded(ASN1Encoding.DER);
-         }
-         catch (Exception e)
-         {
-             return null;
-         }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/BCXMSSMTPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/BCXMSSMTPrivateKey.java
deleted file mode 100644
index 4bc1774..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/BCXMSSMTPrivateKey.java
+++ /dev/null

@@ -1,146 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.xmss;
-
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.security.PrivateKey;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.pqc.asn1.XMSSMTKeyParams;
-import org.bouncycastle.pqc.crypto.util.PrivateKeyFactory;
-import org.bouncycastle.pqc.crypto.util.PrivateKeyInfoFactory;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMTPrivateKeyParameters;
-import org.bouncycastle.pqc.jcajce.interfaces.XMSSMTPrivateKey;
-import org.bouncycastle.util.Arrays;
-
-public class BCXMSSMTPrivateKey
-    implements PrivateKey, XMSSMTPrivateKey
-{
-    private static final long serialVersionUID = 7682140473044521395L;
-
-    private transient ASN1ObjectIdentifier treeDigest;
-    private transient XMSSMTPrivateKeyParameters keyParams;
-    private transient ASN1Set attributes;
-
-    public BCXMSSMTPrivateKey(
-        ASN1ObjectIdentifier treeDigest,
-        XMSSMTPrivateKeyParameters keyParams)
-    {
-        this.treeDigest = treeDigest;
-        this.keyParams = keyParams;
-    }
-
-    public BCXMSSMTPrivateKey(PrivateKeyInfo keyInfo)
-        throws IOException
-    {
-        init(keyInfo);
-    }
-
-    private void init(PrivateKeyInfo keyInfo)
-        throws IOException
-    {
-        this.attributes = keyInfo.getAttributes();
-        XMSSMTKeyParams keyParams = XMSSMTKeyParams.getInstance(keyInfo.getPrivateKeyAlgorithm().getParameters());
-        this.treeDigest = keyParams.getTreeDigest().getAlgorithm();
-        this.keyParams = (XMSSMTPrivateKeyParameters)PrivateKeyFactory.createKey(keyInfo);
-    }
-
-    public long getUsagesRemaining()
-    {
-        return keyParams.getUsagesRemaining();
-    }
-
-    public String getAlgorithm()
-    {
-        return "XMSSMT";
-    }
-
-    public String getFormat()
-    {
-        return "PKCS#8";
-    }
-
-    public byte[] getEncoded()
-    {
-        try
-        {
-            PrivateKeyInfo pki = PrivateKeyInfoFactory.createPrivateKeyInfo(keyParams, attributes);
-
-            return pki.getEncoded();
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-    }
-
-    CipherParameters getKeyParams()
-    {
-        return keyParams;
-    }
-
-    public boolean equals(Object o)
-    {
-        if (o == this)
-        {
-            return true;
-        }
-
-        if (o instanceof BCXMSSMTPrivateKey)
-        {
-            BCXMSSMTPrivateKey otherKey = (BCXMSSMTPrivateKey)o;
-
-            return treeDigest.equals(otherKey.treeDigest) && Arrays.areEqual(keyParams.toByteArray(), otherKey.keyParams.toByteArray());
-        }
-
-        return false;
-    }
-
-    public int hashCode()
-    {
-        return treeDigest.hashCode() + 37 * Arrays.hashCode(keyParams.toByteArray());
-    }
-
-    ASN1ObjectIdentifier getTreeDigestOID()
-    {
-        return treeDigest;
-    }
-
-    public int getHeight()
-    {
-        return keyParams.getParameters().getHeight();
-    }
-
-    public int getLayers()
-    {
-        return keyParams.getParameters().getLayers();
-    }
-
-    public String getTreeDigest()
-    {
-        return DigestUtil.getXMSSDigestName(treeDigest);
-    }
-
-    private void readObject(
-        ObjectInputStream in)
-        throws IOException, ClassNotFoundException
-    {
-        in.defaultReadObject();
-
-        byte[] enc = (byte[])in.readObject();
-
-        init(PrivateKeyInfo.getInstance(enc));
-    }
-
-    private void writeObject(
-        ObjectOutputStream out)
-        throws IOException
-    {
-        out.defaultWriteObject();
-
-        out.writeObject(this.getEncoded());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/BCXMSSMTPublicKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/BCXMSSMTPublicKey.java
deleted file mode 100644
index 7c943c1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/BCXMSSMTPublicKey.java
+++ /dev/null

@@ -1,134 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.xmss;
-
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.security.PublicKey;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.pqc.asn1.XMSSMTKeyParams;
-import org.bouncycastle.pqc.crypto.util.PublicKeyFactory;
-import org.bouncycastle.pqc.crypto.util.SubjectPublicKeyInfoFactory;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMTPublicKeyParameters;
-import org.bouncycastle.pqc.jcajce.interfaces.XMSSMTKey;
-import org.bouncycastle.util.Arrays;
-
-public class BCXMSSMTPublicKey
-    implements PublicKey, XMSSMTKey
-{
-    private static final long serialVersionUID = 3230324130542413475L;
-
-    private transient ASN1ObjectIdentifier treeDigest;
-    private transient XMSSMTPublicKeyParameters keyParams;
-
-    public BCXMSSMTPublicKey(ASN1ObjectIdentifier treeDigest, XMSSMTPublicKeyParameters keyParams)
-    {
-        this.treeDigest = treeDigest;
-        this.keyParams = keyParams;
-    }
-
-    public BCXMSSMTPublicKey(SubjectPublicKeyInfo keyInfo)
-        throws IOException
-    {
-        init(keyInfo);
-    }
-
-    private void init(SubjectPublicKeyInfo keyInfo)
-        throws IOException
-    {
-        XMSSMTKeyParams keyParams = XMSSMTKeyParams.getInstance(keyInfo.getAlgorithm().getParameters());
-        this.treeDigest = keyParams.getTreeDigest().getAlgorithm();
-        this.keyParams = (XMSSMTPublicKeyParameters)PublicKeyFactory.createKey(keyInfo);
-    }
-
-    public boolean equals(Object o)
-    {
-        if (o == this)
-        {
-            return true;
-        }
-
-        if (o instanceof BCXMSSMTPublicKey)
-        {
-            BCXMSSMTPublicKey otherKey = (BCXMSSMTPublicKey)o;
-
-            return treeDigest.equals(otherKey.treeDigest) && Arrays.areEqual(keyParams.toByteArray(), otherKey.keyParams.toByteArray());
-        }
-
-        return false;
-    }
-
-    public int hashCode()
-    {
-        return treeDigest.hashCode() + 37 * Arrays.hashCode(keyParams.toByteArray());
-    }
-
-    /**
-     * @return name of the algorithm - "XMSSMT"
-     */
-    public final String getAlgorithm()
-    {
-        return "XMSSMT";
-    }
-
-    public byte[] getEncoded()
-    {
-        try
-        {
-            SubjectPublicKeyInfo pki = SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(keyParams);
-
-            return pki.getEncoded();
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-    }
-
-    public String getFormat()
-    {
-        return "X.509";
-    }
-
-    CipherParameters getKeyParams()
-    {
-        return keyParams;
-    }
-
-    public int getHeight()
-    {
-        return keyParams.getParameters().getHeight();
-    }
-
-    public int getLayers()
-    {
-        return keyParams.getParameters().getLayers();
-    }
-
-    public String getTreeDigest()
-    {
-        return DigestUtil.getXMSSDigestName(treeDigest);
-    }
-
-    private void readObject(
-        ObjectInputStream in)
-        throws IOException, ClassNotFoundException
-    {
-        in.defaultReadObject();
-
-        byte[] enc = (byte[])in.readObject();
-
-        init(SubjectPublicKeyInfo.getInstance(enc));
-    }
-
-    private void writeObject(
-        ObjectOutputStream out)
-        throws IOException
-    {
-        out.defaultWriteObject();
-
-        out.writeObject(this.getEncoded());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/BCXMSSPrivateKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/BCXMSSPrivateKey.java
deleted file mode 100644
index 651ce11..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/BCXMSSPrivateKey.java
+++ /dev/null

@@ -1,141 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.xmss;
-
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.security.PrivateKey;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Set;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.pqc.asn1.XMSSKeyParams;
-import org.bouncycastle.pqc.crypto.util.PrivateKeyFactory;
-import org.bouncycastle.pqc.crypto.util.PrivateKeyInfoFactory;
-import org.bouncycastle.pqc.crypto.xmss.XMSSPrivateKeyParameters;
-import org.bouncycastle.pqc.jcajce.interfaces.XMSSPrivateKey;
-import org.bouncycastle.util.Arrays;
-
-public class BCXMSSPrivateKey
-    implements PrivateKey, XMSSPrivateKey
-{
-    private static final long serialVersionUID = 8568701712864512338L;
-
-    private transient XMSSPrivateKeyParameters keyParams;
-    private transient ASN1ObjectIdentifier treeDigest;
-    private transient ASN1Set attributes;
-
-    public BCXMSSPrivateKey(
-        ASN1ObjectIdentifier treeDigest,
-        XMSSPrivateKeyParameters keyParams)
-    {
-        this.treeDigest = treeDigest;
-        this.keyParams = keyParams;
-    }
-
-    public BCXMSSPrivateKey(PrivateKeyInfo keyInfo)
-        throws IOException
-    {
-        init(keyInfo);
-    }
-
-    private void init(PrivateKeyInfo keyInfo)
-        throws IOException
-    {
-        this.attributes = keyInfo.getAttributes();
-        XMSSKeyParams keyParams = XMSSKeyParams.getInstance(keyInfo.getPrivateKeyAlgorithm().getParameters());
-        this.treeDigest = keyParams.getTreeDigest().getAlgorithm();
-        this.keyParams = (XMSSPrivateKeyParameters)PrivateKeyFactory.createKey(keyInfo);
-    }
-
-    public long getUsagesRemaining()
-    {
-        return keyParams.getUsagesRemaining();
-    }
-
-    public String getAlgorithm()
-    {
-        return "XMSS";
-    }
-
-    public String getFormat()
-    {
-        return "PKCS#8";
-    }
-
-    public byte[] getEncoded()
-    {
-        try
-        {
-            PrivateKeyInfo pki = PrivateKeyInfoFactory.createPrivateKeyInfo(keyParams, attributes);
-
-            return pki.getEncoded();
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-    }
-
-    public boolean equals(Object o)
-    {
-        if (o == this)
-        {
-            return true;
-        }
-
-        if (o instanceof BCXMSSPrivateKey)
-        {
-            BCXMSSPrivateKey otherKey = (BCXMSSPrivateKey)o;
-
-            return treeDigest.equals(otherKey.treeDigest) && Arrays.areEqual(keyParams.toByteArray(), otherKey.keyParams.toByteArray());
-        }
-
-        return false;
-    }
-
-    public int hashCode()
-    {
-        return treeDigest.hashCode() + 37 * Arrays.hashCode(keyParams.toByteArray());
-    }
-
-    CipherParameters getKeyParams()
-    {
-        return keyParams;
-    }
-
-    ASN1ObjectIdentifier getTreeDigestOID()
-    {
-        return treeDigest;
-    }
-
-    public int getHeight()
-    {
-        return keyParams.getParameters().getHeight();
-    }
-
-    public String getTreeDigest()
-    {
-        return DigestUtil.getXMSSDigestName(treeDigest);
-    }
-
-    private void readObject(
-        ObjectInputStream in)
-        throws IOException, ClassNotFoundException
-    {
-        in.defaultReadObject();
-
-        byte[] enc = (byte[])in.readObject();
-
-        init(PrivateKeyInfo.getInstance(enc));
-    }
-
-    private void writeObject(
-        ObjectOutputStream out)
-        throws IOException
-    {
-        out.defaultWriteObject();
-
-        out.writeObject(this.getEncoded());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/BCXMSSPublicKey.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/BCXMSSPublicKey.java
deleted file mode 100644
index 35e74c6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/BCXMSSPublicKey.java
+++ /dev/null

@@ -1,130 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.xmss;
-
-import java.io.IOException;
-import java.io.ObjectInputStream;
-import java.io.ObjectOutputStream;
-import java.security.PublicKey;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.pqc.asn1.XMSSKeyParams;
-import org.bouncycastle.pqc.crypto.util.PublicKeyFactory;
-import org.bouncycastle.pqc.crypto.util.SubjectPublicKeyInfoFactory;
-import org.bouncycastle.pqc.crypto.xmss.XMSSPublicKeyParameters;
-import org.bouncycastle.pqc.jcajce.interfaces.XMSSKey;
-import org.bouncycastle.util.Arrays;
-
-public class BCXMSSPublicKey
-    implements PublicKey, XMSSKey
-{
-    private static final long serialVersionUID = -5617456225328969766L;
-    
-    private transient XMSSPublicKeyParameters keyParams;
-    private transient ASN1ObjectIdentifier treeDigest;
-
-    public BCXMSSPublicKey(
-        ASN1ObjectIdentifier treeDigest,
-        XMSSPublicKeyParameters keyParams)
-    {
-        this.treeDigest = treeDigest;
-        this.keyParams = keyParams;
-    }
-
-    public BCXMSSPublicKey(SubjectPublicKeyInfo keyInfo)
-        throws IOException
-    {
-        init(keyInfo);
-    }
-
-    private void init(SubjectPublicKeyInfo keyInfo)
-        throws IOException
-    {
-        XMSSKeyParams keyParams = XMSSKeyParams.getInstance(keyInfo.getAlgorithm().getParameters());
-        this.treeDigest = keyParams.getTreeDigest().getAlgorithm();
-        this.keyParams = (XMSSPublicKeyParameters)PublicKeyFactory.createKey(keyInfo);
-    }
-
-    /**
-     * @return name of the algorithm - "XMSS"
-     */
-    public final String getAlgorithm()
-    {
-        return "XMSS";
-    }
-
-    public byte[] getEncoded()
-    {
-        try
-        {
-            SubjectPublicKeyInfo pki = SubjectPublicKeyInfoFactory.createSubjectPublicKeyInfo(keyParams);
-            return pki.getEncoded();
-        }
-        catch (IOException e)
-        {
-            return null;
-        }
-    }
-
-    public String getFormat()
-    {
-        return "X.509";
-    }
-
-    CipherParameters getKeyParams()
-    {
-        return keyParams;
-    }
-
-    public boolean equals(Object o)
-    {
-        if (o == this)
-        {
-            return true;
-        }
-
-        if (o instanceof BCXMSSPublicKey)
-        {
-            BCXMSSPublicKey otherKey = (BCXMSSPublicKey)o;
-
-            return treeDigest.equals(otherKey.treeDigest) && Arrays.areEqual(keyParams.toByteArray(), otherKey.keyParams.toByteArray());
-        }
-
-        return false;
-    }
-
-    public int hashCode()
-    {
-        return treeDigest.hashCode() + 37 * Arrays.hashCode(keyParams.toByteArray());
-    }
-
-    public int getHeight()
-    {
-        return keyParams.getParameters().getHeight();
-    }
-
-    public String getTreeDigest()
-    {
-        return DigestUtil.getXMSSDigestName(treeDigest);
-    }
-
-    private void readObject(
-        ObjectInputStream in)
-        throws IOException, ClassNotFoundException
-    {
-        in.defaultReadObject();
-
-        byte[] enc = (byte[])in.readObject();
-
-        init(SubjectPublicKeyInfo.getInstance(enc));
-    }
-
-    private void writeObject(
-        ObjectOutputStream out)
-        throws IOException
-    {
-        out.defaultWriteObject();
-
-        out.writeObject(this.getEncoded());
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/DigestUtil.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/DigestUtil.java
deleted file mode 100644
index 95beb30..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/DigestUtil.java
+++ /dev/null

@@ -1,83 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.xmss;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.Xof;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.digests.SHAKEDigest;
-import org.bouncycastle.pqc.jcajce.spec.XMSSParameterSpec;
-
-class DigestUtil
-{
-    static Digest getDigest(ASN1ObjectIdentifier oid)
-    {
-        if (oid.equals(NISTObjectIdentifiers.id_sha256))
-        {
-            return new SHA256Digest();
-        }
-        if (oid.equals(NISTObjectIdentifiers.id_sha512))
-        {
-            return new SHA512Digest();
-        }
-        if (oid.equals(NISTObjectIdentifiers.id_shake128))
-        {
-            return new SHAKEDigest(128);
-        }
-        if (oid.equals(NISTObjectIdentifiers.id_shake256))
-        {
-            return new SHAKEDigest(256);
-        }
-
-        throw new IllegalArgumentException("unrecognized digest OID: " + oid);
-    }
-
-    public static byte[] getDigestResult(Digest digest)
-    {
-        byte[] hash = new byte[DigestUtil.getDigestSize(digest)];
-
-        if (digest instanceof Xof)
-        {
-            ((Xof)digest).doFinal(hash, 0, hash.length);
-        }
-        else
-        {
-            digest.doFinal(hash, 0);
-        }
-
-        return hash;
-    }
-
-    public static int getDigestSize(Digest digest)
-    {
-        if (digest instanceof Xof)
-        {
-            return digest.getDigestSize() * 2;
-        }
-
-        return digest.getDigestSize();
-    }
-
-    public static String getXMSSDigestName(ASN1ObjectIdentifier treeDigest)
-    {
-        if (treeDigest.equals(NISTObjectIdentifiers.id_sha256))
-        {
-            return XMSSParameterSpec.SHA256;
-        }
-        if (treeDigest.equals(NISTObjectIdentifiers.id_sha512))
-        {
-            return XMSSParameterSpec.SHA512;
-        }
-        if (treeDigest.equals(NISTObjectIdentifiers.id_shake128))
-        {
-            return XMSSParameterSpec.SHAKE128;
-        }
-        if (treeDigest.equals(NISTObjectIdentifiers.id_shake256))
-        {
-            return XMSSParameterSpec.SHAKE256;
-        }
-
-        throw new IllegalArgumentException("unrecognized digest OID: " + treeDigest);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/XMSSKeyFactorySpi.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/XMSSKeyFactorySpi.java
deleted file mode 100644
index dbf2762..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/XMSSKeyFactorySpi.java
+++ /dev/null

@@ -1,116 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.xmss;
-
-import java.io.IOException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.KeyFactorySpi;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.KeySpec;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.jcajce.provider.util.AsymmetricKeyInfoConverter;
-
-public class XMSSKeyFactorySpi
-    extends KeyFactorySpi
-    implements AsymmetricKeyInfoConverter
-{
-    public PrivateKey engineGeneratePrivate(KeySpec keySpec)
-        throws InvalidKeySpecException
-    {
-        if (keySpec instanceof PKCS8EncodedKeySpec)
-        {
-            // get the DER-encoded Key according to PKCS#8 from the spec
-            byte[] encKey = ((PKCS8EncodedKeySpec)keySpec).getEncoded();
-
-            try
-            {
-                return generatePrivate(PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(encKey)));
-            }
-            catch (Exception e)
-            {
-                throw new InvalidKeySpecException(e.toString());
-            }
-        }
-
-        throw new InvalidKeySpecException("unsupported key specification: "
-            + keySpec.getClass() + ".");
-    }
-
-    public PublicKey engineGeneratePublic(KeySpec keySpec)
-        throws InvalidKeySpecException
-    {
-        if (keySpec instanceof X509EncodedKeySpec)
-        {
-            // get the DER-encoded Key according to X.509 from the spec
-            byte[] encKey = ((X509EncodedKeySpec)keySpec).getEncoded();
-
-            // decode the SubjectPublicKeyInfo data structure to the pki object
-            try
-            {
-                return generatePublic(SubjectPublicKeyInfo.getInstance(encKey));
-            }
-            catch (Exception e)
-            {
-                throw new InvalidKeySpecException(e.toString());
-            }
-        }
-
-        throw new InvalidKeySpecException("unknown key specification: " + keySpec + ".");
-    }
-
-    public final KeySpec engineGetKeySpec(Key key, Class keySpec)
-        throws InvalidKeySpecException
-    {
-        if (key instanceof BCXMSSPrivateKey)
-        {
-            if (PKCS8EncodedKeySpec.class.isAssignableFrom(keySpec))
-            {
-                return new PKCS8EncodedKeySpec(key.getEncoded());
-            }
-        }
-        else if (key instanceof BCXMSSPublicKey)
-        {
-            if (X509EncodedKeySpec.class.isAssignableFrom(keySpec))
-            {
-                return new X509EncodedKeySpec(key.getEncoded());
-            }
-        }
-        else
-        {
-            throw new InvalidKeySpecException("unsupported key type: "
-                + key.getClass() + ".");
-        }
-
-        throw new InvalidKeySpecException("unknown key specification: "
-            + keySpec + ".");
-    }
-
-    public final Key engineTranslateKey(Key key)
-        throws InvalidKeyException
-    {
-        if (key instanceof BCXMSSPrivateKey || key instanceof BCXMSSPublicKey)
-        {
-            return key;
-        }
-
-        throw new InvalidKeyException("unsupported key type");
-    }
-
-    public PrivateKey generatePrivate(PrivateKeyInfo keyInfo)
-        throws IOException
-    {
-        return new BCXMSSPrivateKey(keyInfo);
-    }
-
-    public PublicKey generatePublic(SubjectPublicKeyInfo keyInfo)
-        throws IOException
-    {
-        return new BCXMSSPublicKey(keyInfo);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/XMSSKeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/XMSSKeyPairGeneratorSpi.java
deleted file mode 100644
index 6ea6fea..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/XMSSKeyPairGeneratorSpi.java
+++ /dev/null

@@ -1,97 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.xmss;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyPair;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.digests.SHAKEDigest;
-import org.bouncycastle.pqc.crypto.xmss.XMSSKeyGenerationParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSKeyPairGenerator;
-import org.bouncycastle.pqc.crypto.xmss.XMSSParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSPublicKeyParameters;
-import org.bouncycastle.pqc.jcajce.spec.XMSSParameterSpec;
-
-public class XMSSKeyPairGeneratorSpi
-    extends java.security.KeyPairGenerator
-{
-    private XMSSKeyGenerationParameters param;
-    private ASN1ObjectIdentifier treeDigest;
-    private XMSSKeyPairGenerator engine = new XMSSKeyPairGenerator();
-
-    private SecureRandom random = CryptoServicesRegistrar.getSecureRandom();
-    private boolean initialised = false;
-
-    public XMSSKeyPairGeneratorSpi()
-    {
-        super("XMSS");
-    }
-
-    public void initialize(
-        int strength,
-        SecureRandom random)
-    {
-        throw new IllegalArgumentException("use AlgorithmParameterSpec");
-    }
-
-    public void initialize(
-        AlgorithmParameterSpec params,
-        SecureRandom random)
-        throws InvalidAlgorithmParameterException
-    {
-        if (!(params instanceof XMSSParameterSpec))
-        {
-            throw new InvalidAlgorithmParameterException("parameter object not a XMSSParameterSpec");
-        }
-
-        XMSSParameterSpec xmssParams = (XMSSParameterSpec)params;
-
-        if (xmssParams.getTreeDigest().equals(XMSSParameterSpec.SHA256))
-        {
-            treeDigest = NISTObjectIdentifiers.id_sha256;
-            param = new XMSSKeyGenerationParameters(new XMSSParameters(xmssParams.getHeight(), new SHA256Digest()), random);
-        }
-        else if (xmssParams.getTreeDigest().equals(XMSSParameterSpec.SHA512))
-        {
-            treeDigest = NISTObjectIdentifiers.id_sha512;
-            param = new XMSSKeyGenerationParameters(new XMSSParameters(xmssParams.getHeight(), new SHA512Digest()), random);
-        }
-        else if (xmssParams.getTreeDigest().equals(XMSSParameterSpec.SHAKE128))
-        {
-            treeDigest = NISTObjectIdentifiers.id_shake128;
-            param = new XMSSKeyGenerationParameters(new XMSSParameters(xmssParams.getHeight(), new SHAKEDigest(128)), random);
-        }
-        else if (xmssParams.getTreeDigest().equals(XMSSParameterSpec.SHAKE256))
-        {
-            treeDigest = NISTObjectIdentifiers.id_shake256;
-            param = new XMSSKeyGenerationParameters(new XMSSParameters(xmssParams.getHeight(), new SHAKEDigest(256)), random);
-        }
-
-        engine.init(param);
-        initialised = true;
-    }
-
-    public KeyPair generateKeyPair()
-    {
-        if (!initialised)
-        {
-            param = new XMSSKeyGenerationParameters(new XMSSParameters(10, new SHA512Digest()), random);
-
-            engine.init(param);
-            initialised = true;
-        }
-
-        AsymmetricCipherKeyPair pair = engine.generateKeyPair();
-        XMSSPublicKeyParameters pub = (XMSSPublicKeyParameters)pair.getPublic();
-        XMSSPrivateKeyParameters priv = (XMSSPrivateKeyParameters)pair.getPrivate();
-
-        return new KeyPair(new BCXMSSPublicKey(treeDigest, pub), new BCXMSSPrivateKey(treeDigest, priv));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/XMSSMTKeyFactorySpi.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/XMSSMTKeyFactorySpi.java
deleted file mode 100644
index abcb6e9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/XMSSMTKeyFactorySpi.java
+++ /dev/null

@@ -1,116 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.xmss;
-
-import java.io.IOException;
-import java.security.InvalidKeyException;
-import java.security.Key;
-import java.security.KeyFactorySpi;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.spec.InvalidKeySpecException;
-import java.security.spec.KeySpec;
-import java.security.spec.PKCS8EncodedKeySpec;
-import java.security.spec.X509EncodedKeySpec;
-
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.jcajce.provider.util.AsymmetricKeyInfoConverter;
-
-public class XMSSMTKeyFactorySpi
-    extends KeyFactorySpi
-    implements AsymmetricKeyInfoConverter
-{
-    public PrivateKey engineGeneratePrivate(KeySpec keySpec)
-        throws InvalidKeySpecException
-    {
-        if (keySpec instanceof PKCS8EncodedKeySpec)
-        {
-            // get the DER-encoded Key according to PKCS#8 from the spec
-            byte[] encKey = ((PKCS8EncodedKeySpec)keySpec).getEncoded();
-
-            try
-            {
-                return generatePrivate(PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(encKey)));
-            }
-            catch (Exception e)
-            {
-                throw new InvalidKeySpecException(e.toString());
-            }
-        }
-
-        throw new InvalidKeySpecException("unsupported key specification: "
-            + keySpec.getClass() + ".");
-    }
-
-    public PublicKey engineGeneratePublic(KeySpec keySpec)
-        throws InvalidKeySpecException
-    {
-        if (keySpec instanceof X509EncodedKeySpec)
-        {
-            // get the DER-encoded Key according to X.509 from the spec
-            byte[] encKey = ((X509EncodedKeySpec)keySpec).getEncoded();
-
-            // decode the SubjectPublicKeyInfo data structure to the pki object
-            try
-            {
-                return generatePublic(SubjectPublicKeyInfo.getInstance(encKey));
-            }
-            catch (Exception e)
-            {
-                throw new InvalidKeySpecException(e.toString());
-            }
-        }
-
-        throw new InvalidKeySpecException("unknown key specification: " + keySpec + ".");
-    }
-
-    public final KeySpec engineGetKeySpec(Key key, Class keySpec)
-        throws InvalidKeySpecException
-    {
-        if (key instanceof BCXMSSMTPrivateKey)
-        {
-            if (PKCS8EncodedKeySpec.class.isAssignableFrom(keySpec))
-            {
-                return new PKCS8EncodedKeySpec(key.getEncoded());
-            }
-        }
-        else if (key instanceof BCXMSSMTPublicKey)
-        {
-            if (X509EncodedKeySpec.class.isAssignableFrom(keySpec))
-            {
-                return new X509EncodedKeySpec(key.getEncoded());
-            }
-        }
-        else
-        {
-            throw new InvalidKeySpecException("unsupported key type: "
-                + key.getClass() + ".");
-        }
-
-        throw new InvalidKeySpecException("unknown key specification: "
-            + keySpec + ".");
-    }
-
-    public final Key engineTranslateKey(Key key)
-        throws InvalidKeyException
-    {
-        if (key instanceof BCXMSSMTPrivateKey || key instanceof BCXMSSMTPublicKey)
-        {
-            return key;
-        }
-
-        throw new InvalidKeyException("unsupported key type");
-    }
-
-    public PrivateKey generatePrivate(PrivateKeyInfo keyInfo)
-        throws IOException
-    {
-        return new BCXMSSMTPrivateKey(keyInfo);
-    }
-
-    public PublicKey generatePublic(SubjectPublicKeyInfo keyInfo)
-        throws IOException
-    {
-        return new BCXMSSMTPublicKey(keyInfo);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/XMSSMTKeyPairGeneratorSpi.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/XMSSMTKeyPairGeneratorSpi.java
deleted file mode 100644
index bd4a9d7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/XMSSMTKeyPairGeneratorSpi.java
+++ /dev/null

@@ -1,98 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.xmss;
-
-import java.security.InvalidAlgorithmParameterException;
-import java.security.KeyPair;
-import java.security.SecureRandom;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
-import org.bouncycastle.crypto.AsymmetricCipherKeyPair;
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.digests.SHAKEDigest;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMTKeyGenerationParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMTKeyPairGenerator;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMTParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMTPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMTPublicKeyParameters;
-import org.bouncycastle.pqc.jcajce.spec.XMSSMTParameterSpec;
-import org.bouncycastle.pqc.jcajce.spec.XMSSParameterSpec;
-
-public class XMSSMTKeyPairGeneratorSpi
-    extends java.security.KeyPairGenerator
-{
-    private XMSSMTKeyGenerationParameters param;
-    private XMSSMTKeyPairGenerator engine = new XMSSMTKeyPairGenerator();
-    private ASN1ObjectIdentifier treeDigest;
-
-    private SecureRandom random = CryptoServicesRegistrar.getSecureRandom();
-    private boolean initialised = false;
-
-    public XMSSMTKeyPairGeneratorSpi()
-    {
-        super("XMSSMT");
-    }
-
-    public void initialize(
-        int strength,
-        SecureRandom random)
-    {
-        throw new IllegalArgumentException("use AlgorithmParameterSpec");
-    }
-
-    public void initialize(
-        AlgorithmParameterSpec params,
-        SecureRandom random)
-        throws InvalidAlgorithmParameterException
-    {
-        if (!(params instanceof XMSSMTParameterSpec))
-        {
-            throw new InvalidAlgorithmParameterException("parameter object not a XMSSMTParameterSpec");
-        }
-
-        XMSSMTParameterSpec xmssParams = (XMSSMTParameterSpec)params;
-
-        if (xmssParams.getTreeDigest().equals(XMSSParameterSpec.SHA256))
-        {
-            treeDigest = NISTObjectIdentifiers.id_sha256;
-            param = new XMSSMTKeyGenerationParameters(new XMSSMTParameters(xmssParams.getHeight(), xmssParams.getLayers(), new SHA256Digest()), random);
-        }
-        else if (xmssParams.getTreeDigest().equals(XMSSParameterSpec.SHA512))
-        {
-            treeDigest = NISTObjectIdentifiers.id_sha512;
-            param = new XMSSMTKeyGenerationParameters(new XMSSMTParameters(xmssParams.getHeight(), xmssParams.getLayers(), new SHA512Digest()), random);
-        }
-        else if (xmssParams.getTreeDigest().equals(XMSSParameterSpec.SHAKE128))
-        {
-            treeDigest = NISTObjectIdentifiers.id_shake128;
-            param = new XMSSMTKeyGenerationParameters(new XMSSMTParameters(xmssParams.getHeight(), xmssParams.getLayers(), new SHAKEDigest(128)), random);
-        }
-        else if (xmssParams.getTreeDigest().equals(XMSSParameterSpec.SHAKE256))
-        {
-            treeDigest = NISTObjectIdentifiers.id_shake256;
-            param = new XMSSMTKeyGenerationParameters(new XMSSMTParameters(xmssParams.getHeight(), xmssParams.getLayers(), new SHAKEDigest(256)), random);
-        }
-
-        engine.init(param);
-        initialised = true;
-    }
-
-    public KeyPair generateKeyPair()
-    {
-        if (!initialised)
-        {
-            param = new XMSSMTKeyGenerationParameters(new XMSSMTParameters(10, 20, new SHA512Digest()), random);
-
-            engine.init(param);
-            initialised = true;
-        }
-
-        AsymmetricCipherKeyPair pair = engine.generateKeyPair();
-        XMSSMTPublicKeyParameters pub = (XMSSMTPublicKeyParameters)pair.getPublic();
-        XMSSMTPrivateKeyParameters priv = (XMSSMTPrivateKeyParameters)pair.getPrivate();
-
-        return new KeyPair(new BCXMSSMTPublicKey(treeDigest, pub), new BCXMSSMTPrivateKey(treeDigest, priv));
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/XMSSMTSignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/XMSSMTSignatureSpi.java
deleted file mode 100644
index a58b232..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/XMSSMTSignatureSpi.java
+++ /dev/null

@@ -1,243 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.xmss;
-
-import java.security.InvalidKeyException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Signature;
-import java.security.SignatureException;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.NullDigest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.digests.SHAKEDigest;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMTPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSMTSigner;
-import org.bouncycastle.pqc.jcajce.interfaces.StateAwareSignature;
-
-public class XMSSMTSignatureSpi
-    extends Signature
-    implements StateAwareSignature
-{
-    protected XMSSMTSignatureSpi(String algorithm)
-    {
-        super(algorithm);
-    }
-
-    private Digest digest;
-    private XMSSMTSigner signer;
-    private ASN1ObjectIdentifier treeDigest;
-    private SecureRandom random;
-
-    protected XMSSMTSignatureSpi(String sigName, Digest digest, XMSSMTSigner signer)
-    {
-        super(sigName);
-
-        this.digest = digest;
-        this.signer = signer;
-    }
-
-    protected void engineInitVerify(PublicKey publicKey)
-        throws InvalidKeyException
-    {
-        if (publicKey instanceof BCXMSSMTPublicKey)
-        {
-            CipherParameters param = ((BCXMSSMTPublicKey)publicKey).getKeyParams();
-
-            treeDigest = null;
-            digest.reset();
-            signer.init(false, param);
-        }
-        else
-        {
-            throw new InvalidKeyException("unknown public key passed to XMSSMT");
-        }
-    }
-
-    protected void engineInitSign(PrivateKey privateKey, SecureRandom random)
-        throws InvalidKeyException
-    {
-        this.random = random;
-        engineInitSign(privateKey);
-    }
-
-    protected void engineInitSign(PrivateKey privateKey)
-        throws InvalidKeyException
-    {
-        if (privateKey instanceof BCXMSSMTPrivateKey)
-        {
-            CipherParameters param = ((BCXMSSMTPrivateKey)privateKey).getKeyParams();
-
-            treeDigest = ((BCXMSSMTPrivateKey)privateKey).getTreeDigestOID();
-            if (random != null)
-            {
-                param = new ParametersWithRandom(param, random);
-            }
-
-            digest.reset();
-            signer.init(true, param);
-        }
-        else
-        {
-            throw new InvalidKeyException("unknown private key passed to XMSSMT");
-        }
-    }
-
-    protected void engineUpdate(byte b)
-        throws SignatureException
-    {
-        digest.update(b);
-    }
-
-    protected void engineUpdate(byte[] b, int off, int len)
-        throws SignatureException
-    {
-        digest.update(b, off, len);
-    }
-
-    protected byte[] engineSign()
-        throws SignatureException
-    {
-        byte[] hash = DigestUtil.getDigestResult(digest);
-
-        try
-        {
-            byte[] sig = signer.generateSignature(hash);
-
-            return sig;
-        }
-        catch (Exception e)
-        {
-            if (e instanceof IllegalStateException)
-            {
-                throw new SignatureException(e.getMessage());
-            }
-            throw new SignatureException(e.toString());
-        }
-    }
-
-    protected boolean engineVerify(byte[] sigBytes)
-        throws SignatureException
-    {
-        byte[] hash = DigestUtil.getDigestResult(digest);
-
-        return signer.verifySignature(hash, sigBytes);
-    }
-
-    protected void engineSetParameter(AlgorithmParameterSpec params)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    /**
-     * @deprecated replaced with #engineSetParameter(java.security.spec.AlgorithmParameterSpec)
-     */
-    protected void engineSetParameter(String param, Object value)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    /**
-     * @deprecated
-     */
-    protected Object engineGetParameter(String param)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    public boolean isSigningCapable()
-    {
-        return treeDigest != null && signer.getUsagesRemaining() != 0;
-    }
-
-
-    public PrivateKey getUpdatedPrivateKey()
-    {
-        if (treeDigest == null)
-        {
-            throw new IllegalStateException("signature object not in a signing state");
-        }
-        PrivateKey rKey = new BCXMSSMTPrivateKey(treeDigest, (XMSSMTPrivateKeyParameters)signer.getUpdatedPrivateKey());
-
-        treeDigest = null;
-
-        return rKey;
-    }
-
-    static public class withSha256
-        extends XMSSMTSignatureSpi
-    {
-        public withSha256()
-        {
-            super("XMSSMT-SHA256", new NullDigest(), new XMSSMTSigner());
-        }
-    }
-
-    static public class withShake128
-        extends XMSSMTSignatureSpi
-    {
-        public withShake128()
-        {
-            super("XMSSMT-SHAKE128", new NullDigest(), new XMSSMTSigner());
-        }
-    }
-
-    static public class withSha512
-        extends XMSSMTSignatureSpi
-    {
-        public withSha512()
-        {
-            super("XMSSMT-SHA512", new NullDigest(), new XMSSMTSigner());
-        }
-    }
-
-    static public class withShake256
-        extends XMSSMTSignatureSpi
-    {
-        public withShake256()
-        {
-            super("XMSSMT-SHAKE256", new NullDigest(), new XMSSMTSigner());
-        }
-    }
-
-    static public class withSha256andPrehash
-        extends XMSSMTSignatureSpi
-    {
-        public withSha256andPrehash()
-        {
-            super("SHA256withXMSSMT-SHA256", new SHA256Digest(), new XMSSMTSigner());
-        }
-    }
-
-    static public class withShake128andPrehash
-        extends XMSSMTSignatureSpi
-    {
-        public withShake128andPrehash()
-        {
-            super("SHAKE128withXMSSMT-SHAKE128", new SHAKEDigest(128), new XMSSMTSigner());
-        }
-    }
-
-    static public class withSha512andPrehash
-        extends XMSSMTSignatureSpi
-    {
-        public withSha512andPrehash()
-        {
-            super("SHA512withXMSSMT-SHA512", new SHA512Digest(), new XMSSMTSigner());
-        }
-    }
-
-    static public class withShake256andPrehash
-        extends XMSSMTSignatureSpi
-    {
-        public withShake256andPrehash()
-        {
-            super("SHAKE256withXMSSMT-SHAKE256", new SHAKEDigest(256), new XMSSMTSigner());
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/XMSSSignatureSpi.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/XMSSSignatureSpi.java
deleted file mode 100644
index 00a54a1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/provider/xmss/XMSSSignatureSpi.java
+++ /dev/null

@@ -1,243 +0,0 @@
-package org.bouncycastle.pqc.jcajce.provider.xmss;
-
-import java.security.InvalidKeyException;
-import java.security.PrivateKey;
-import java.security.PublicKey;
-import java.security.SecureRandom;
-import java.security.Signature;
-import java.security.SignatureException;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.crypto.CipherParameters;
-import org.bouncycastle.crypto.Digest;
-import org.bouncycastle.crypto.digests.NullDigest;
-import org.bouncycastle.crypto.digests.SHA256Digest;
-import org.bouncycastle.crypto.digests.SHA512Digest;
-import org.bouncycastle.crypto.digests.SHAKEDigest;
-import org.bouncycastle.crypto.params.ParametersWithRandom;
-import org.bouncycastle.pqc.crypto.xmss.XMSSPrivateKeyParameters;
-import org.bouncycastle.pqc.crypto.xmss.XMSSSigner;
-import org.bouncycastle.pqc.jcajce.interfaces.StateAwareSignature;
-
-public class XMSSSignatureSpi
-    extends Signature
-    implements StateAwareSignature
-{
-    protected XMSSSignatureSpi(String algorithm)
-    {
-        super(algorithm);
-    }
-
-    private Digest digest;
-    private XMSSSigner signer;
-    private SecureRandom random;
-    private ASN1ObjectIdentifier treeDigest;
-
-    protected XMSSSignatureSpi(String sigName, Digest digest, XMSSSigner signer)
-    {
-        super(sigName);
-
-        this.digest = digest;
-        this.signer = signer;
-    }
-
-    protected void engineInitVerify(PublicKey publicKey)
-        throws InvalidKeyException
-    {
-        if (publicKey instanceof BCXMSSPublicKey)
-        {
-            CipherParameters param = ((BCXMSSPublicKey)publicKey).getKeyParams();
-
-            treeDigest = null;
-            digest.reset();
-            signer.init(false, param);
-        }
-        else
-        {
-            throw new InvalidKeyException("unknown public key passed to XMSS");
-        }
-    }
-
-    protected void engineInitSign(PrivateKey privateKey, SecureRandom random)
-        throws InvalidKeyException
-    {
-        this.random = random;
-        engineInitSign(privateKey);
-    }
-
-    protected void engineInitSign(PrivateKey privateKey)
-        throws InvalidKeyException
-    {
-        if (privateKey instanceof BCXMSSPrivateKey)
-        {
-            CipherParameters param = ((BCXMSSPrivateKey)privateKey).getKeyParams();
-
-            treeDigest = ((BCXMSSPrivateKey)privateKey).getTreeDigestOID();
-            if (random != null)
-            {
-                param = new ParametersWithRandom(param, random);
-            }
-
-            digest.reset();
-            signer.init(true, param);
-        }
-        else
-        {
-            throw new InvalidKeyException("unknown private key passed to XMSS");
-        }
-    }
-
-    protected void engineUpdate(byte b)
-        throws SignatureException
-    {
-        digest.update(b);
-    }
-
-    protected void engineUpdate(byte[] b, int off, int len)
-        throws SignatureException
-    {
-        digest.update(b, off, len);
-    }
-
-    protected byte[] engineSign()
-        throws SignatureException
-    {
-        byte[] hash = DigestUtil.getDigestResult(digest);
-
-        try
-        {
-            byte[] sig = signer.generateSignature(hash);
-
-            return sig;
-        }
-        catch (Exception e)
-        {
-            if (e instanceof IllegalStateException)
-            {
-                throw new SignatureException(e.getMessage());
-            }
-            throw new SignatureException(e.toString());
-        }
-    }
-
-    protected boolean engineVerify(byte[] sigBytes)
-        throws SignatureException
-    {
-        byte[] hash = DigestUtil.getDigestResult(digest);
-
-        return signer.verifySignature(hash, sigBytes);
-    }
-
-    protected void engineSetParameter(AlgorithmParameterSpec params)
-    {
-        // TODO
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    /**
-     * @deprecated replaced with #engineSetParameter(java.security.spec.AlgorithmParameterSpec)
-     */
-    protected void engineSetParameter(String param, Object value)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    /**
-     * @deprecated
-     */
-    protected Object engineGetParameter(String param)
-    {
-        throw new UnsupportedOperationException("engineSetParameter unsupported");
-    }
-
-    public boolean isSigningCapable()
-    {
-        return treeDigest != null && signer.getUsagesRemaining() != 0;
-    }
-
-    public PrivateKey getUpdatedPrivateKey()
-    {
-        if (treeDigest == null)
-        {
-            throw new IllegalStateException("signature object not in a signing state");
-        }
-        PrivateKey rKey = new BCXMSSPrivateKey(treeDigest, (XMSSPrivateKeyParameters)signer.getUpdatedPrivateKey());
-
-        treeDigest = null;
-
-        return rKey;
-    }
-
-    static public class withSha256
-        extends XMSSSignatureSpi
-    {
-        public withSha256()
-        {
-            super("XMSS-SHA256", new NullDigest(), new XMSSSigner());
-        }
-    }
-
-    static public class withShake128
-        extends XMSSSignatureSpi
-    {
-        public withShake128()
-        {
-            super("XMSS-SHAKE128", new NullDigest(), new XMSSSigner());
-        }
-    }
-
-    static public class withSha512
-        extends XMSSSignatureSpi
-    {
-        public withSha512()
-        {
-            super("XMSS-SHA512", new NullDigest(), new XMSSSigner());
-        }
-    }
-
-    static public class withShake256
-        extends XMSSSignatureSpi
-    {
-        public withShake256()
-        {
-            super("XMSS-SHAKE256", new NullDigest(), new XMSSSigner());
-        }
-    }
-
-    static public class withSha256andPrehash
-        extends XMSSSignatureSpi
-    {
-        public withSha256andPrehash()
-        {
-            super("SHA256withXMSS-SHA256", new SHA256Digest(), new XMSSSigner());
-        }
-    }
-
-    static public class withShake128andPrehash
-        extends XMSSSignatureSpi
-    {
-        public withShake128andPrehash()
-        {
-            super("SHAKE128withXMSSMT-SHAKE128", new SHAKEDigest(128), new XMSSSigner());
-        }
-    }
-
-    static public class withSha512andPrehash
-        extends XMSSSignatureSpi
-    {
-        public withSha512andPrehash()
-        {
-            super("SHA512withXMSS-SHA512", new SHA512Digest(), new XMSSSigner());
-        }
-    }
-
-    static public class withShake256andPrehash
-        extends XMSSSignatureSpi
-    {
-        public withShake256andPrehash()
-        {
-            super("SHAKE256withXMSS-SHAKE256", new SHAKEDigest(256), new XMSSSigner());
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/McElieceCCA2KeyGenParameterSpec.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/McElieceCCA2KeyGenParameterSpec.java
deleted file mode 100644
index 9b41ac6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/McElieceCCA2KeyGenParameterSpec.java
+++ /dev/null

@@ -1,219 +0,0 @@
-package org.bouncycastle.pqc.jcajce.spec;
-
-import java.security.InvalidParameterException;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.pqc.math.linearalgebra.PolynomialRingGF2;
-
-/**
- * This class provides a specification for the parameters that are used by the
- * McEliece, McElieceCCA2, and Niederreiter key pair generators.
- */
-public class McElieceCCA2KeyGenParameterSpec
-    implements AlgorithmParameterSpec
-{
-    public static final String SHA1 = "SHA-1";
-    public static final String SHA224 = "SHA-224";
-    public static final String SHA256 = "SHA-256";
-    public static final String SHA384 = "SHA-384";
-    public static final String SHA512 = "SHA-512";
-
-    /**
-     * The default extension degree
-     */
-    public static final int DEFAULT_M = 11;
-
-    /**
-     * The default error correcting capability.
-     */
-    public static final int DEFAULT_T = 50;
-
-    /**
-     * extension degree of the finite field GF(2^m)
-     */
-    private final int m;
-
-    /**
-     * error correction capability of the code
-     */
-    private final int t;
-
-    /**
-     * length of the code
-     */
-    private final int n;
-
-    /**
-     * the field polynomial
-     */
-    private int fieldPoly;
-
-    private final String digest;
-
-    /**
-     * Constructor. Set the default parameters: extension degree.
-     */
-    public McElieceCCA2KeyGenParameterSpec()
-    {
-        this(DEFAULT_M, DEFAULT_T, SHA256);
-    }
-
-    /**
-     * Constructor.
-     *
-     * @param keysize the length of a Goppa code
-     * @throws IllegalArgumentException if <tt>keysize &lt; 1</tt>.
-     */
-    public McElieceCCA2KeyGenParameterSpec(int keysize)
-    {
-        this(keysize, SHA256);
-    }
-
-    public McElieceCCA2KeyGenParameterSpec(int keysize, String digest)
-    {
-        if (keysize < 1)
-        {
-            throw new IllegalArgumentException("key size must be positive");
-        }
-        int m = 0;
-        int n = 1;
-        while (n < keysize)
-        {
-            n <<= 1;
-            m++;
-        }
-        t = (n >>> 1) / m;
-
-        this.m = m;
-        this.n = n;
-        this.fieldPoly = PolynomialRingGF2.getIrreduciblePolynomial(m);
-        this.digest = digest;
-    }
-
-    /**
-     * Constructor.
-     *
-     * @param m degree of the finite field GF(2^m)
-     * @param t error correction capability of the code
-     * @throws InvalidParameterException if <tt>m &lt; 1</tt> or <tt>m &gt; 32</tt> or
-     * <tt>t &lt; 0</tt> or <tt>t &gt; n</tt>.
-     */
-    public McElieceCCA2KeyGenParameterSpec(int m, int t)
-    {
-        this(m, t, SHA256);
-    }
-
-    public McElieceCCA2KeyGenParameterSpec(int m, int t, String digest)
-    {
-        if (m < 1)
-        {
-            throw new IllegalArgumentException("m must be positive");
-        }
-        if (m > 32)
-        {
-            throw new IllegalArgumentException("m is too large");
-        }
-        this.m = m;
-        n = 1 << m;
-        if (t < 0)
-        {
-            throw new IllegalArgumentException("t must be positive");
-        }
-        if (t > n)
-        {
-            throw new IllegalArgumentException("t must be less than n = 2^m");
-        }
-        this.t = t;
-        fieldPoly = PolynomialRingGF2.getIrreduciblePolynomial(m);
-        this.digest = digest;
-    }
-
-    /**
-     * Constructor.
-     *
-     * @param m    degree of the finite field GF(2^m)
-     * @param t    error correction capability of the code
-     * @param poly the field polynomial
-     * @throws IllegalArgumentException if <tt>m &lt; 1</tt> or <tt>m &gt; 32</tt> or
-     * <tt>t &lt; 0</tt> or <tt>t &gt; n</tt> or
-     * <tt>poly</tt> is not an irreducible field polynomial.
-     */
-    public McElieceCCA2KeyGenParameterSpec(int m, int t, int poly)
-    {
-        this(m, t, poly, SHA256);
-    }
-
-    public McElieceCCA2KeyGenParameterSpec(int m, int t, int poly, String digest)
-    {
-        this.m = m;
-        if (m < 1)
-        {
-            throw new IllegalArgumentException("m must be positive");
-        }
-        if (m > 32)
-        {
-            throw new IllegalArgumentException(" m is too large");
-        }
-        this.n = 1 << m;
-        this.t = t;
-        if (t < 0)
-        {
-            throw new IllegalArgumentException("t must be positive");
-        }
-        if (t > n)
-        {
-            throw new IllegalArgumentException("t must be less than n = 2^m");
-        }
-        if ((PolynomialRingGF2.degree(poly) == m)
-            && (PolynomialRingGF2.isIrreducible(poly)))
-        {
-            this.fieldPoly = poly;
-        }
-        else
-        {
-            throw new IllegalArgumentException(
-                "polynomial is not a field polynomial for GF(2^m)");
-        }
-        this.digest = digest;
-    }
-
-    /**
-     * @return the extension degree of the finite field GF(2^m)
-     */
-    public int getM()
-    {
-        return m;
-    }
-
-    /**
-     * @return the length of the code
-     */
-    public int getN()
-    {
-        return n;
-    }
-
-    /**
-     * @return the error correction capability of the code
-     */
-    public int getT()
-    {
-        return t;
-    }
-
-    /**
-     * @return the field polynomial
-     */
-    public int getFieldPoly()
-    {
-        return fieldPoly;
-    }
-
-    /**
-     * Return CCA-2 digest.
-     */
-    public String getDigest()
-    {
-        return digest;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/McElieceKeyGenParameterSpec.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/McElieceKeyGenParameterSpec.java
deleted file mode 100644
index b5bbd23..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/McElieceKeyGenParameterSpec.java
+++ /dev/null

@@ -1,186 +0,0 @@
-package org.bouncycastle.pqc.jcajce.spec;
-
-import java.security.InvalidParameterException;
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.pqc.math.linearalgebra.PolynomialRingGF2;
-
-/**
- * This class provides a specification for the parameters that are used by the
- * McEliece, McElieceCCA2, and Niederreiter key pair generators.
- */
-public class McElieceKeyGenParameterSpec
-    implements AlgorithmParameterSpec
-{
-
-    /**
-     * The default extension degree
-     */
-    public static final int DEFAULT_M = 11;
-
-    /**
-     * The default error correcting capability.
-     */
-    public static final int DEFAULT_T = 50;
-
-    /**
-     * extension degree of the finite field GF(2^m)
-     */
-    private int m;
-
-    /**
-     * error correction capability of the code
-     */
-    private int t;
-
-    /**
-     * length of the code
-     */
-    private int n;
-
-    /**
-     * the field polynomial
-     */
-    private int fieldPoly;
-
-    /**
-     * Constructor. Set the default parameters: extension degree.
-     */
-    public McElieceKeyGenParameterSpec()
-    {
-        this(DEFAULT_M, DEFAULT_T);
-    }
-
-    /**
-     * Constructor.
-     *
-     * @param keysize the length of a Goppa code
-     * @throws IllegalArgumentException if <tt>keysize &lt; 1</tt>.
-     */
-    public McElieceKeyGenParameterSpec(int keysize)
-    {
-        if (keysize < 1)
-        {
-            throw new IllegalArgumentException("key size must be positive");
-        }
-        m = 0;
-        n = 1;
-        while (n < keysize)
-        {
-            n <<= 1;
-            m++;
-        }
-        t = n >>> 1;
-        t /= m;
-        fieldPoly = PolynomialRingGF2.getIrreduciblePolynomial(m);
-    }
-
-    /**
-     * Constructor.
-     *
-     * @param m degree of the finite field GF(2^m)
-     * @param t error correction capability of the code
-     * @throws InvalidParameterException if <tt>m &lt; 1</tt> or <tt>m &gt; 32</tt> or
-     * <tt>t &lt; 0</tt> or <tt>t &gt; n</tt>.
-     */
-    public McElieceKeyGenParameterSpec(int m, int t)
-        throws InvalidParameterException
-    {
-        if (m < 1)
-        {
-            throw new IllegalArgumentException("m must be positive");
-        }
-        if (m > 32)
-        {
-            throw new IllegalArgumentException("m is too large");
-        }
-        this.m = m;
-        n = 1 << m;
-        if (t < 0)
-        {
-            throw new IllegalArgumentException("t must be positive");
-        }
-        if (t > n)
-        {
-            throw new IllegalArgumentException("t must be less than n = 2^m");
-        }
-        this.t = t;
-        fieldPoly = PolynomialRingGF2.getIrreduciblePolynomial(m);
-    }
-
-    /**
-     * Constructor.
-     *
-     * @param m    degree of the finite field GF(2^m)
-     * @param t    error correction capability of the code
-     * @param poly the field polynomial
-     * @throws IllegalArgumentException if <tt>m &lt; 1</tt> or <tt>m &gt; 32</tt> or
-     * <tt>t &lt; 0</tt> or <tt>t &gt; n</tt> or
-     * <tt>poly</tt> is not an irreducible field polynomial.
-     */
-    public McElieceKeyGenParameterSpec(int m, int t, int poly)
-    {
-        this.m = m;
-        if (m < 1)
-        {
-            throw new IllegalArgumentException("m must be positive");
-        }
-        if (m > 32)
-        {
-            throw new IllegalArgumentException(" m is too large");
-        }
-        this.n = 1 << m;
-        this.t = t;
-        if (t < 0)
-        {
-            throw new IllegalArgumentException("t must be positive");
-        }
-        if (t > n)
-        {
-            throw new IllegalArgumentException("t must be less than n = 2^m");
-        }
-        if ((PolynomialRingGF2.degree(poly) == m)
-            && (PolynomialRingGF2.isIrreducible(poly)))
-        {
-            this.fieldPoly = poly;
-        }
-        else
-        {
-            throw new IllegalArgumentException(
-                "polynomial is not a field polynomial for GF(2^m)");
-        }
-    }
-
-    /**
-     * @return the extension degree of the finite field GF(2^m)
-     */
-    public int getM()
-    {
-        return m;
-    }
-
-    /**
-     * @return the length of the code
-     */
-    public int getN()
-    {
-        return n;
-    }
-
-    /**
-     * @return the error correction capability of the code
-     */
-    public int getT()
-    {
-        return t;
-    }
-
-    /**
-     * @return the field polynomial
-     */
-    public int getFieldPoly()
-    {
-        return fieldPoly;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/QTESLAParameterSpec.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/QTESLAParameterSpec.java
deleted file mode 100644
index f86980a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/QTESLAParameterSpec.java
+++ /dev/null

@@ -1,44 +0,0 @@
-package org.bouncycastle.pqc.jcajce.spec;
-
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.pqc.crypto.qtesla.QTESLASecurityCategory;
-
-/**
- * qTESLA parameter details. These are divided up on the basis of the security categories for each
- * individual parameter set.
- */
-public class QTESLAParameterSpec
-    implements AlgorithmParameterSpec
-{
-    /**
-     * Available security categories.
-     */
-    public static final String HEURISTIC_I = QTESLASecurityCategory.getName(QTESLASecurityCategory.HEURISTIC_I);
-    public static final String HEURISTIC_III_SIZE = QTESLASecurityCategory.getName(QTESLASecurityCategory.HEURISTIC_III_SIZE);
-    public static final String HEURISTIC_III_SPEED = QTESLASecurityCategory.getName(QTESLASecurityCategory.HEURISTIC_III_SPEED);
-    public static final String PROVABLY_SECURE_I = QTESLASecurityCategory.getName(QTESLASecurityCategory.PROVABLY_SECURE_I);
-    public static final String PROVABLY_SECURE_III = QTESLASecurityCategory.getName(QTESLASecurityCategory.PROVABLY_SECURE_III);
-
-    private String securityCategory;
-
-    /**
-     * Base constructor.
-     *
-     * @param securityCategory the security category we want this parameterSpec to match.
-     */
-    public QTESLAParameterSpec(String securityCategory)
-    {
-        this.securityCategory = securityCategory;
-    }
-
-    /**
-     * Return the security category.
-     *
-     * @return the security category.
-     */
-    public String getSecurityCategory()
-    {
-        return securityCategory;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/RainbowParameterSpec.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/RainbowParameterSpec.java
deleted file mode 100644
index 85a71e4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/RainbowParameterSpec.java
+++ /dev/null

@@ -1,117 +0,0 @@
-package org.bouncycastle.pqc.jcajce.spec;
-
-import java.security.spec.AlgorithmParameterSpec;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * This class provides methods for setting and getting the Rainbow-parameters
- * like number of Vinegar-variables in the layers, number of layers and so on.
- * <p>
- * More detailed information about the needed parameters for the Rainbow
- * Signature Scheme is to be found in the paper of Jintai Ding, Dieter Schmidt:
- * Rainbow, a New Multivariable Polynomial Signature Scheme. ACNS 2005: 164-175
- * (http://dx.doi.org/10.1007/11496137_12)
- * </p>
- */
-public class RainbowParameterSpec
-    implements AlgorithmParameterSpec
-{
-
-    /**
-     * DEFAULT PARAMS
-     */
-    /*
-      * Vi = vinegars per layer whereas n is vu (vu = 33 = n) such that
-      *
-      * v1 = 6; o1 = 12-6 = 6
-      *
-      * v2 = 12; o2 = 17-12 = 5
-      *
-      * v3 = 17; o3 = 22-17 = 5
-      *
-      * v4 = 22; o4 = 33-22 = 11
-      *
-      * v5 = 33; (o5 = 0)
-      */
-    private static final int[] DEFAULT_VI = {6, 12, 17, 22, 33};
-
-    private int[] vi;// set of vinegar vars per layer.
-
-    /**
-     * Default Constructor The elements of the array containing the number of
-     * Vinegar variables in each layer are set to the default values here.
-     */
-    public RainbowParameterSpec()
-    {
-        this.vi = DEFAULT_VI;
-    }
-
-    /**
-     * Constructor with parameters
-     *
-     * @param vi The elements of the array containing the number of Vinegar
-     *           variables per layer are set to the values of the input array.
-     * @throws IllegalArgumentException if the variables are invalid.
-     */
-    public RainbowParameterSpec(int[] vi)
-    {
-        this.vi = vi;
-
-        checkParams();
-    }
-
-    private void checkParams()
-    {
-        if (vi == null)
-        {
-            throw new IllegalArgumentException("no layers defined.");
-        }
-        if (vi.length > 1)
-        {
-            for (int i = 0; i < vi.length - 1; i++)
-            {
-                if (vi[i] >= vi[i + 1])
-                {
-                    throw new IllegalArgumentException(
-                        "v[i] has to be smaller than v[i+1]");
-                }
-            }
-        }
-        else
-        {
-            throw new IllegalArgumentException(
-                "Rainbow needs at least 1 layer, such that v1 < v2.");
-        }
-    }
-
-    /**
-     * Getter for the number of layers
-     *
-     * @return the number of layers
-     */
-    public int getNumOfLayers()
-    {
-        return this.vi.length - 1;
-    }
-
-    /**
-     * Getter for the number of all the polynomials in Rainbow
-     *
-     * @return the number of the polynomials
-     */
-    public int getDocumentLength()
-    {
-        return vi[vi.length - 1] - vi[0];
-    }
-
-    /**
-     * Getter for the array containing the number of Vinegar-variables per layer
-     *
-     * @return the numbers of vinegars per layer
-     */
-    public int[] getVi()
-    {
-        return Arrays.clone(this.vi);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/RainbowPrivateKeySpec.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/RainbowPrivateKeySpec.java
deleted file mode 100644
index 5a10199..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/RainbowPrivateKeySpec.java
+++ /dev/null

@@ -1,125 +0,0 @@
-package org.bouncycastle.pqc.jcajce.spec;
-
-import java.security.spec.KeySpec;
-
-import org.bouncycastle.pqc.crypto.rainbow.Layer;
-
-/**
- * This class provides a specification for a RainbowSignature private key.
- *
- * @see KeySpec
- */
-public class RainbowPrivateKeySpec
-    implements KeySpec
-{
-    /*
-      * invertible affine linear map L1
-      */
-    // the inverse of A1, (n-v1 x n-v1 matrix)
-    private short[][] A1inv;
-
-    // translation vector of L1
-    private short[] b1;
-
-    /*
-      * invertible affine linear map L2
-      */
-    // the inverse of A2, (n x n matrix)
-    private short[][] A2inv;
-
-    // translation vector of L2
-    private short[] b2;
-
-    /*
-      * components of F
-      */
-    // the number of Vinegar-variables per layer.
-    private int[] vi;
-
-    // contains the polynomials with their coefficients of private map F
-    private Layer[] layers;
-
-    /**
-     * Constructor
-     *
-     * @param A1inv  the inverse of A1(the matrix part of the affine linear map L1)
-     *               (n-v1 x n-v1 matrix)
-     * @param b1     translation vector, part of the linear affine map L1
-     * @param A2inv  the inverse of A2(the matrix part of the affine linear map L2)
-     *               (n x n matrix)
-     * @param b2     translation vector, part of the linear affine map L2
-     * @param vi     the number of Vinegar-variables per layer
-     * @param layers the polynomials with their coefficients of private map F
-     */
-    public RainbowPrivateKeySpec(short[][] A1inv, short[] b1,
-                                 short[][] A2inv, short[] b2, int[] vi, Layer[] layers)
-    {
-        this.A1inv = A1inv;
-        this.b1 = b1;
-        this.A2inv = A2inv;
-        this.b2 = b2;
-        this.vi = vi;
-        this.layers = layers;
-    }
-
-    /**
-     * Getter for the translation part of the private quadratic map L1.
-     *
-     * @return b1 the translation part of L1
-     */
-    public short[] getB1()
-    {
-        return this.b1;
-    }
-
-    /**
-     * Getter for the inverse matrix of A1.
-     *
-     * @return the A1inv inverse
-     */
-    public short[][] getInvA1()
-    {
-        return this.A1inv;
-    }
-
-    /**
-     * Getter for the translation part of the private quadratic map L2.
-     *
-     * @return b2 the translation part of L2
-     */
-    public short[] getB2()
-    {
-        return this.b2;
-    }
-
-    /**
-     * Getter for the inverse matrix of A2
-     *
-     * @return the A2inv
-     */
-    public short[][] getInvA2()
-    {
-        return this.A2inv;
-    }
-
-    /**
-     * Returns the layers contained in the private key
-     *
-     * @return layers
-     */
-    public Layer[] getLayers()
-    {
-        return this.layers;
-    }
-
-    /**
-     * /** Returns the array of vi-s
-     *
-     * @return the vi
-     */
-    public int[] getVi()
-    {
-        return vi;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/RainbowPublicKeySpec.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/RainbowPublicKeySpec.java
deleted file mode 100644
index dbcf3e7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/RainbowPublicKeySpec.java
+++ /dev/null

@@ -1,68 +0,0 @@
-package org.bouncycastle.pqc.jcajce.spec;
-
-
-import java.security.spec.KeySpec;
-
-/**
- * This class provides a specification for a RainbowSignature public key.
- *
- * @see KeySpec
- */
-public class RainbowPublicKeySpec
-    implements KeySpec
-{
-    private short[][] coeffquadratic;
-    private short[][] coeffsingular;
-    private short[] coeffscalar;
-    private int docLength; // length of possible document to sign
-
-    /**
-     * Constructor
-     *
-     * @param docLength
-     * @param coeffquadratic
-     * @param coeffSingular
-     * @param coeffScalar
-     */
-    public RainbowPublicKeySpec(int docLength,
-                                short[][] coeffquadratic, short[][] coeffSingular,
-                                short[] coeffScalar)
-    {
-        this.docLength = docLength;
-        this.coeffquadratic = coeffquadratic;
-        this.coeffsingular = coeffSingular;
-        this.coeffscalar = coeffScalar;
-    }
-
-    /**
-     * @return the docLength
-     */
-    public int getDocLength()
-    {
-        return this.docLength;
-    }
-
-    /**
-     * @return the coeffquadratic
-     */
-    public short[][] getCoeffQuadratic()
-    {
-        return coeffquadratic;
-    }
-
-    /**
-     * @return the coeffsingular
-     */
-    public short[][] getCoeffSingular()
-    {
-        return coeffsingular;
-    }
-
-    /**
-     * @return the coeffscalar
-     */
-    public short[] getCoeffScalar()
-    {
-        return coeffscalar;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/SPHINCS256KeyGenParameterSpec.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/SPHINCS256KeyGenParameterSpec.java
deleted file mode 100644
index fe2fc1a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/SPHINCS256KeyGenParameterSpec.java
+++ /dev/null

@@ -1,45 +0,0 @@
-package org.bouncycastle.pqc.jcajce.spec;
-
-import java.security.spec.AlgorithmParameterSpec;
-
-/**
- * Key generation spec for SPHINCS-256 to allow specifying of tree hash.
- */
-public class SPHINCS256KeyGenParameterSpec
-    implements AlgorithmParameterSpec
-{
-    /**
-     * Use SHA512-256 for the tree generation function.
-     */
-    public static final String SHA512_256 = "SHA512-256";
-
-    /**
-     * Use SHA3-256 for the tree generation function.
-     */
-    public static final String SHA3_256 = "SHA3-256";
-
-    private final String treeHash;
-
-    /**
-     * Default constructor SHA512-256
-     */
-    public SPHINCS256KeyGenParameterSpec()
-    {
-        this(SHA512_256);
-    }
-
-    /**
-     * Specify the treehash, one of SHA512-256, or SHA3-256.
-     *
-     * @param treeHash the hash for building the public key tree.
-     */
-    public SPHINCS256KeyGenParameterSpec(String treeHash)
-    {
-        this.treeHash = treeHash;
-    }
-
-    public String getTreeDigest()
-    {
-        return treeHash;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/XMSSMTParameterSpec.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/XMSSMTParameterSpec.java
deleted file mode 100644
index d905522..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/XMSSMTParameterSpec.java
+++ /dev/null

@@ -1,53 +0,0 @@
-package org.bouncycastle.pqc.jcajce.spec;
-
-import java.security.spec.AlgorithmParameterSpec;
-
-public class XMSSMTParameterSpec
-    implements AlgorithmParameterSpec
-{
-    /**
-     * Use SHA-256 for the tree generation function.
-     */
-    public static final String SHA256 = "SHA256";
-
-    /**
-     * Use SHA512 for the tree generation function.
-     */
-    public static final String SHA512 = "SHA512";
-
-    /**
-     * Use SHAKE128 for the tree generation function.
-     */
-    public static final String SHAKE128 = "SHAKE128";
-
-    /**
-     * Use SHAKE256 for the tree generation function.
-     */
-    public static final String SHAKE256 = "SHAKE256";
-
-    private final int height;
-    private final int layers;
-    private final String treeDigest;
-
-    public XMSSMTParameterSpec(int height, int layers, String treeDigest)
-    {
-        this.height = height;
-        this.layers = layers;
-        this.treeDigest = treeDigest;
-    }
-
-    public String getTreeDigest()
-    {
-        return treeDigest;
-    }
-
-    public int getHeight()
-    {
-        return height;
-    }
-
-    public int getLayers()
-    {
-        return layers;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/XMSSParameterSpec.java b/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/XMSSParameterSpec.java
deleted file mode 100644
index 72cef09..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/jcajce/spec/XMSSParameterSpec.java
+++ /dev/null

@@ -1,46 +0,0 @@
-package org.bouncycastle.pqc.jcajce.spec;
-
-import java.security.spec.AlgorithmParameterSpec;
-
-public class XMSSParameterSpec
-    implements AlgorithmParameterSpec
-{
-    /**
-     * Use SHA-256 for the tree generation function.
-     */
-    public static final String SHA256 = "SHA256";
-
-    /**
-     * Use SHA512 for the tree generation function.
-     */
-    public static final String SHA512 = "SHA512";
-
-    /**
-     * Use SHAKE128 for the tree generation function.
-     */
-    public static final String SHAKE128 = "SHAKE128";
-
-    /**
-     * Use SHAKE256 for the tree generation function.
-     */
-    public static final String SHAKE256 = "SHAKE256";
-
-    private final int height;
-    private final String treeDigest;
-
-    public XMSSParameterSpec(int height, String treeDigest)
-    {
-        this.height = height;
-        this.treeDigest = treeDigest;
-    }
-
-    public String getTreeDigest()
-    {
-        return treeDigest;
-    }
-
-    public int getHeight()
-    {
-        return height;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/BigEndianConversions.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/BigEndianConversions.java
deleted file mode 100644
index 90926f6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/BigEndianConversions.java
+++ /dev/null

@@ -1,306 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-
-/**
- * This is a utility class containing data type conversions using big-endian
- * byte order.
- *
- * @see LittleEndianConversions
- */
-public final class BigEndianConversions
-{
-
-    /**
-     * Default constructor (private).
-     */
-    private BigEndianConversions()
-    {
-        // empty
-    }
-
-    /**
-     * Convert an integer to an octet string of length 4 according to IEEE 1363,
-     * Section 5.5.3.
-     *
-     * @param x the integer to convert
-     * @return the converted integer
-     */
-    public static byte[] I2OSP(int x)
-    {
-        byte[] result = new byte[4];
-        result[0] = (byte)(x >>> 24);
-        result[1] = (byte)(x >>> 16);
-        result[2] = (byte)(x >>> 8);
-        result[3] = (byte)x;
-        return result;
-    }
-
-    /**
-     * Convert an integer to an octet string according to IEEE 1363, Section
-     * 5.5.3. Length checking is performed.
-     *
-     * @param x    the integer to convert
-     * @param oLen the desired length of the octet string
-     * @return an octet string of length <tt>oLen</tt> representing the
-     *         integer <tt>x</tt>, or <tt>null</tt> if the integer is
-     *         negative
-     * @throws ArithmeticException if <tt>x</tt> can't be encoded into <tt>oLen</tt>
-     * octets.
-     */
-    public static byte[] I2OSP(int x, int oLen)
-        throws ArithmeticException
-    {
-        if (x < 0)
-        {
-            return null;
-        }
-        int octL = IntegerFunctions.ceilLog256(x);
-        if (octL > oLen)
-        {
-            throw new ArithmeticException(
-                "Cannot encode given integer into specified number of octets.");
-        }
-        byte[] result = new byte[oLen];
-        for (int i = oLen - 1; i >= oLen - octL; i--)
-        {
-            result[i] = (byte)(x >>> (8 * (oLen - 1 - i)));
-        }
-        return result;
-    }
-
-    /**
-     * Convert an integer to an octet string of length 4 according to IEEE 1363,
-     * Section 5.5.3.
-     *
-     * @param input  the integer to convert
-     * @param output byte array holding the output
-     * @param outOff offset in output array where the result is stored
-     */
-    public static void I2OSP(int input, byte[] output, int outOff)
-    {
-        output[outOff++] = (byte)(input >>> 24);
-        output[outOff++] = (byte)(input >>> 16);
-        output[outOff++] = (byte)(input >>> 8);
-        output[outOff] = (byte)input;
-    }
-
-    /**
-     * Convert an integer to an octet string of length 8 according to IEEE 1363,
-     * Section 5.5.3.
-     *
-     * @param input the integer to convert
-     * @return the converted integer
-     */
-    public static byte[] I2OSP(long input)
-    {
-        byte[] output = new byte[8];
-        output[0] = (byte)(input >>> 56);
-        output[1] = (byte)(input >>> 48);
-        output[2] = (byte)(input >>> 40);
-        output[3] = (byte)(input >>> 32);
-        output[4] = (byte)(input >>> 24);
-        output[5] = (byte)(input >>> 16);
-        output[6] = (byte)(input >>> 8);
-        output[7] = (byte)input;
-        return output;
-    }
-
-    /**
-     * Convert an integer to an octet string of length 8 according to IEEE 1363,
-     * Section 5.5.3.
-     *
-     * @param input  the integer to convert
-     * @param output byte array holding the output
-     * @param outOff offset in output array where the result is stored
-     */
-    public static void I2OSP(long input, byte[] output, int outOff)
-    {
-        output[outOff++] = (byte)(input >>> 56);
-        output[outOff++] = (byte)(input >>> 48);
-        output[outOff++] = (byte)(input >>> 40);
-        output[outOff++] = (byte)(input >>> 32);
-        output[outOff++] = (byte)(input >>> 24);
-        output[outOff++] = (byte)(input >>> 16);
-        output[outOff++] = (byte)(input >>> 8);
-        output[outOff] = (byte)input;
-    }
-
-    /**
-     * Convert an integer to an octet string of the specified length according
-     * to IEEE 1363, Section 5.5.3. No length checking is performed (i.e., if
-     * the integer cannot be encoded into <tt>length</tt> octets, it is
-     * truncated).
-     *
-     * @param input  the integer to convert
-     * @param output byte array holding the output
-     * @param outOff offset in output array where the result is stored
-     * @param length the length of the encoding
-     */
-    public static void I2OSP(int input, byte[] output, int outOff, int length)
-    {
-        for (int i = length - 1; i >= 0; i--)
-        {
-            output[outOff + i] = (byte)(input >>> (8 * (length - 1 - i)));
-        }
-    }
-
-    /**
-     * Convert an octet string to an integer according to IEEE 1363, Section
-     * 5.5.3.
-     *
-     * @param input the byte array holding the octet string
-     * @return an integer representing the octet string <tt>input</tt>, or
-     *         <tt>0</tt> if the represented integer is negative or too large
-     *         or the byte array is empty
-     * @throws ArithmeticException if the length of the given octet string is larger than 4.
-     */
-    public static int OS2IP(byte[] input)
-    {
-        if (input.length > 4)
-        {
-            throw new ArithmeticException("invalid input length");
-        }
-        if (input.length == 0)
-        {
-            return 0;
-        }
-        int result = 0;
-        for (int j = 0; j < input.length; j++)
-        {
-            result |= (input[j] & 0xff) << (8 * (input.length - 1 - j));
-        }
-        return result;
-    }
-
-    /**
-     * Convert a byte array of length 4 beginning at <tt>offset</tt> into an
-     * integer.
-     *
-     * @param input the byte array
-     * @param inOff the offset into the byte array
-     * @return the resulting integer
-     */
-    public static int OS2IP(byte[] input, int inOff)
-    {
-        int result = (input[inOff++] & 0xff) << 24;
-        result |= (input[inOff++] & 0xff) << 16;
-        result |= (input[inOff++] & 0xff) << 8;
-        result |= input[inOff] & 0xff;
-        return result;
-    }
-
-    /**
-     * Convert an octet string to an integer according to IEEE 1363, Section
-     * 5.5.3.
-     *
-     * @param input the byte array holding the octet string
-     * @param inOff the offset in the input byte array where the octet string
-     *              starts
-     * @param inLen the length of the encoded integer
-     * @return an integer representing the octet string <tt>bytes</tt>, or
-     *         <tt>0</tt> if the represented integer is negative or too large
-     *         or the byte array is empty
-     */
-    public static int OS2IP(byte[] input, int inOff, int inLen)
-    {
-        if ((input.length == 0) || input.length < inOff + inLen - 1)
-        {
-            return 0;
-        }
-        int result = 0;
-        for (int j = 0; j < inLen; j++)
-        {
-            result |= (input[inOff + j] & 0xff) << (8 * (inLen - j - 1));
-        }
-        return result;
-    }
-
-    /**
-     * Convert a byte array of length 8 beginning at <tt>inOff</tt> into a
-     * long integer.
-     *
-     * @param input the byte array
-     * @param inOff the offset into the byte array
-     * @return the resulting long integer
-     */
-    public static long OS2LIP(byte[] input, int inOff)
-    {
-        long result = ((long)input[inOff++] & 0xff) << 56;
-        result |= ((long)input[inOff++] & 0xff) << 48;
-        result |= ((long)input[inOff++] & 0xff) << 40;
-        result |= ((long)input[inOff++] & 0xff) << 32;
-        result |= ((long)input[inOff++] & 0xff) << 24;
-        result |= (input[inOff++] & 0xff) << 16;
-        result |= (input[inOff++] & 0xff) << 8;
-        result |= input[inOff] & 0xff;
-        return result;
-    }
-
-    /**
-     * Convert an int array into a byte array.
-     *
-     * @param input the int array
-     * @return the converted array
-     */
-    public static byte[] toByteArray(final int[] input)
-    {
-        byte[] result = new byte[input.length << 2];
-        for (int i = 0; i < input.length; i++)
-        {
-            I2OSP(input[i], result, i << 2);
-        }
-        return result;
-    }
-
-    /**
-     * Convert an int array into a byte array of the specified length. No length
-     * checking is performed (i.e., if the last integer cannot be encoded into
-     * <tt>length % 4</tt> octets, it is truncated).
-     *
-     * @param input  the int array
-     * @param length the length of the converted array
-     * @return the converted array
-     */
-    public static byte[] toByteArray(final int[] input, int length)
-    {
-        final int intLen = input.length;
-        byte[] result = new byte[length];
-        int index = 0;
-        for (int i = 0; i <= intLen - 2; i++, index += 4)
-        {
-            I2OSP(input[i], result, index);
-        }
-        I2OSP(input[intLen - 1], result, index, length - index);
-        return result;
-    }
-
-    /**
-     * Convert a byte array into an int array.
-     *
-     * @param input the byte array
-     * @return the converted array
-     */
-    public static int[] toIntArray(byte[] input)
-    {
-        final int intLen = (input.length + 3) / 4;
-        final int lastLen = input.length & 0x03;
-        int[] result = new int[intLen];
-
-        int index = 0;
-        for (int i = 0; i <= intLen - 2; i++, index += 4)
-        {
-            result[i] = OS2IP(input, index);
-        }
-        if (lastLen != 0)
-        {
-            result[intLen - 1] = OS2IP(input, index, lastLen);
-        }
-        else
-        {
-            result[intLen - 1] = OS2IP(input, index);
-        }
-
-        return result;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/BigIntUtils.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/BigIntUtils.java
deleted file mode 100644
index b99ed41..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/BigIntUtils.java
+++ /dev/null

@@ -1,138 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-import java.math.BigInteger;
-
-/**
- * FIXME: is this really necessary?!
- */
-public final class BigIntUtils
-{
-
-    /**
-     * Default constructor (private).
-     */
-    private BigIntUtils()
-    {
-        // empty
-    }
-
-    /**
-     * Checks if two BigInteger arrays contain the same entries
-     *
-     * @param a first BigInteger array
-     * @param b second BigInteger array
-     * @return true or false
-     */
-    public static boolean equals(BigInteger[] a, BigInteger[] b)
-    {
-        int flag = 0;
-
-        if (a.length != b.length)
-        {
-            return false;
-        }
-        for (int i = 0; i < a.length; i++)
-        {
-            // avoid branches here!
-            // problem: compareTo on BigIntegers is not
-            // guaranteed constant-time!
-            flag |= a[i].compareTo(b[i]);
-        }
-        return flag == 0;
-    }
-
-    /**
-     * Fill the given BigInteger array with the given value.
-     *
-     * @param array the array
-     * @param value the value
-     */
-    public static void fill(BigInteger[] array, BigInteger value)
-    {
-        for (int i = array.length - 1; i >= 0; i--)
-        {
-            array[i] = value;
-        }
-    }
-
-    /**
-     * Generates a subarray of a given BigInteger array.
-     *
-     * @param input -
-     *              the input BigInteger array
-     * @param start -
-     *              the start index
-     * @param end   -
-     *              the end index
-     * @return a subarray of <tt>input</tt>, ranging from <tt>start</tt> to
-     *         <tt>end</tt>
-     */
-    public static BigInteger[] subArray(BigInteger[] input, int start, int end)
-    {
-        BigInteger[] result = new BigInteger[end - start];
-        System.arraycopy(input, start, result, 0, end - start);
-        return result;
-    }
-
-    /**
-     * Converts a BigInteger array into an integer array
-     *
-     * @param input -
-     *              the BigInteger array
-     * @return the integer array
-     */
-    public static int[] toIntArray(BigInteger[] input)
-    {
-        int[] result = new int[input.length];
-        for (int i = 0; i < input.length; i++)
-        {
-            result[i] = input[i].intValue();
-        }
-        return result;
-    }
-
-    /**
-     * Converts a BigInteger array into an integer array, reducing all
-     * BigIntegers mod q.
-     *
-     * @param q     -
-     *              the modulus
-     * @param input -
-     *              the BigInteger array
-     * @return the integer array
-     */
-    public static int[] toIntArrayModQ(int q, BigInteger[] input)
-    {
-        BigInteger bq = BigInteger.valueOf(q);
-        int[] result = new int[input.length];
-        for (int i = 0; i < input.length; i++)
-        {
-            result[i] = input[i].mod(bq).intValue();
-        }
-        return result;
-    }
-
-    /**
-     * Return the value of <tt>big</tt> as a byte array. Although BigInteger
-     * has such a method, it uses an extra bit to indicate the sign of the
-     * number. For elliptic curve cryptography, the numbers usually are
-     * positive. Thus, this helper method returns a byte array of minimal
-     * length, ignoring the sign of the number.
-     *
-     * @param value the <tt>BigInteger</tt> value to be converted to a byte
-     *              array
-     * @return the value <tt>big</tt> as byte array
-     */
-    public static byte[] toMinimalByteArray(BigInteger value)
-    {
-        byte[] valBytes = value.toByteArray();
-        if ((valBytes.length == 1) || (value.bitLength() & 0x07) != 0)
-        {
-            return valBytes;
-        }
-        byte[] result = new byte[value.bitLength() >> 3];
-        System.arraycopy(valBytes, 1, result, 0, result.length);
-        return result;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/ByteUtils.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/ByteUtils.java
deleted file mode 100644
index 5ad91f4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/ByteUtils.java
+++ /dev/null

@@ -1,414 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-/**
- * This class is a utility class for manipulating byte arrays.
- */
-public final class ByteUtils
-{
-
-    private static final char[] HEX_CHARS = {'0', '1', '2', '3', '4', '5',
-        '6', '7', '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};
-
-    /**
-     * Default constructor (private)
-     */
-    private ByteUtils()
-    {
-        // empty
-    }
-
-    /**
-     * Compare two byte arrays (perform null checks beforehand).
-     *
-     * @param left  the first byte array
-     * @param right the second byte array
-     * @return the result of the comparison
-     */
-    public static boolean equals(byte[] left, byte[] right)
-    {
-        if (left == null)
-        {
-            return right == null;
-        }
-        if (right == null)
-        {
-            return false;
-        }
-
-        if (left.length != right.length)
-        {
-            return false;
-        }
-        boolean result = true;
-        for (int i = left.length - 1; i >= 0; i--)
-        {
-            result &= left[i] == right[i];
-        }
-        return result;
-    }
-
-    /**
-     * Compare two two-dimensional byte arrays. No null checks are performed.
-     *
-     * @param left  the first byte array
-     * @param right the second byte array
-     * @return the result of the comparison
-     */
-    public static boolean equals(byte[][] left, byte[][] right)
-    {
-        if (left.length != right.length)
-        {
-            return false;
-        }
-
-        boolean result = true;
-        for (int i = left.length - 1; i >= 0; i--)
-        {
-            result &= ByteUtils.equals(left[i], right[i]);
-        }
-
-        return result;
-    }
-
-    /**
-     * Compare two three-dimensional byte arrays. No null checks are performed.
-     *
-     * @param left  the first byte array
-     * @param right the second byte array
-     * @return the result of the comparison
-     */
-    public static boolean equals(byte[][][] left, byte[][][] right)
-    {
-        if (left.length != right.length)
-        {
-            return false;
-        }
-
-        boolean result = true;
-        for (int i = left.length - 1; i >= 0; i--)
-        {
-            if (left[i].length != right[i].length)
-            {
-                return false;
-            }
-            for (int j = left[i].length - 1; j >= 0; j--)
-            {
-                result &= ByteUtils.equals(left[i][j], right[i][j]);
-            }
-        }
-
-        return result;
-    }
-
-    /**
-     * Computes a hashcode based on the contents of a one-dimensional byte array
-     * rather than its identity.
-     *
-     * @param array the array to compute the hashcode of
-     * @return the hashcode
-     */
-    public static int deepHashCode(byte[] array)
-    {
-        int result = 1;
-        for (int i = 0; i < array.length; i++)
-        {
-            result = 31 * result + array[i];
-        }
-        return result;
-    }
-
-    /**
-     * Computes a hashcode based on the contents of a two-dimensional byte array
-     * rather than its identity.
-     *
-     * @param array the array to compute the hashcode of
-     * @return the hashcode
-     */
-    public static int deepHashCode(byte[][] array)
-    {
-        int result = 1;
-        for (int i = 0; i < array.length; i++)
-        {
-            result = 31 * result + deepHashCode(array[i]);
-        }
-        return result;
-    }
-
-    /**
-     * Computes a hashcode based on the contents of a three-dimensional byte
-     * array rather than its identity.
-     *
-     * @param array the array to compute the hashcode of
-     * @return the hashcode
-     */
-    public static int deepHashCode(byte[][][] array)
-    {
-        int result = 1;
-        for (int i = 0; i < array.length; i++)
-        {
-            result = 31 * result + deepHashCode(array[i]);
-        }
-        return result;
-    }
-
-
-    /**
-     * Return a clone of the given byte array (performs null check beforehand).
-     *
-     * @param array the array to clone
-     * @return the clone of the given array, or <tt>null</tt> if the array is
-     *         <tt>null</tt>
-     */
-    public static byte[] clone(byte[] array)
-    {
-        if (array == null)
-        {
-            return null;
-        }
-        byte[] result = new byte[array.length];
-        System.arraycopy(array, 0, result, 0, array.length);
-        return result;
-    }
-
-    /**
-     * Convert a string containing hexadecimal characters to a byte-array.
-     *
-     * @param s a hex string
-     * @return a byte array with the corresponding value
-     */
-    public static byte[] fromHexString(String s)
-    {
-        char[] rawChars = s.toUpperCase().toCharArray();
-
-        int hexChars = 0;
-        for (int i = 0; i < rawChars.length; i++)
-        {
-            if ((rawChars[i] >= '0' && rawChars[i] <= '9')
-                || (rawChars[i] >= 'A' && rawChars[i] <= 'F'))
-            {
-                hexChars++;
-            }
-        }
-
-        byte[] byteString = new byte[(hexChars + 1) >> 1];
-
-        int pos = hexChars & 1;
-
-        for (int i = 0; i < rawChars.length; i++)
-        {
-            if (rawChars[i] >= '0' && rawChars[i] <= '9')
-            {
-                byteString[pos >> 1] <<= 4;
-                byteString[pos >> 1] |= rawChars[i] - '0';
-            }
-            else if (rawChars[i] >= 'A' && rawChars[i] <= 'F')
-            {
-                byteString[pos >> 1] <<= 4;
-                byteString[pos >> 1] |= rawChars[i] - 'A' + 10;
-            }
-            else
-            {
-                continue;
-            }
-            pos++;
-        }
-
-        return byteString;
-    }
-
-    /**
-     * Convert a byte array to the corresponding hexstring.
-     *
-     * @param input the byte array to be converted
-     * @return the corresponding hexstring
-     */
-    public static String toHexString(byte[] input)
-    {
-        String result = "";
-        for (int i = 0; i < input.length; i++)
-        {
-            result += HEX_CHARS[(input[i] >>> 4) & 0x0f];
-            result += HEX_CHARS[(input[i]) & 0x0f];
-        }
-        return result;
-    }
-
-    /**
-     * Convert a byte array to the corresponding hex string.
-     *
-     * @param input     the byte array to be converted
-     * @param prefix    the prefix to put at the beginning of the hex string
-     * @param seperator a separator string
-     * @return the corresponding hex string
-     */
-    public static String toHexString(byte[] input, String prefix,
-                                     String seperator)
-    {
-        String result = new String(prefix);
-        for (int i = 0; i < input.length; i++)
-        {
-            result += HEX_CHARS[(input[i] >>> 4) & 0x0f];
-            result += HEX_CHARS[(input[i]) & 0x0f];
-            if (i < input.length - 1)
-            {
-                result += seperator;
-            }
-        }
-        return result;
-    }
-
-    /**
-     * Convert a byte array to the corresponding bit string.
-     *
-     * @param input the byte array to be converted
-     * @return the corresponding bit string
-     */
-    public static String toBinaryString(byte[] input)
-    {
-        String result = "";
-        int i;
-        for (i = 0; i < input.length; i++)
-        {
-            int e = input[i];
-            for (int ii = 0; ii < 8; ii++)
-            {
-                int b = (e >>> ii) & 1;
-                result += b;
-            }
-            if (i != input.length - 1)
-            {
-                result += " ";
-            }
-        }
-        return result;
-    }
-
-    /**
-     * Compute the bitwise XOR of two arrays of bytes. The arrays have to be of
-     * same length. No length checking is performed.
-     *
-     * @param x1 the first array
-     * @param x2 the second array
-     * @return x1 XOR x2
-     */
-    public static byte[] xor(byte[] x1, byte[] x2)
-    {
-        byte[] out = new byte[x1.length];
-
-        for (int i = x1.length - 1; i >= 0; i--)
-        {
-            out[i] = (byte)(x1[i] ^ x2[i]);
-        }
-        return out;
-    }
-
-    /**
-     * Concatenate two byte arrays. No null checks are performed.
-     *
-     * @param x1 the first array
-     * @param x2 the second array
-     * @return (x2||x1) (little-endian order, i.e. x1 is at lower memory
-     *         addresses)
-     */
-    public static byte[] concatenate(byte[] x1, byte[] x2)
-    {
-        byte[] result = new byte[x1.length + x2.length];
-
-        System.arraycopy(x1, 0, result, 0, x1.length);
-        System.arraycopy(x2, 0, result, x1.length, x2.length);
-
-        return result;
-    }
-
-    /**
-     * Convert a 2-dimensional byte array into a 1-dimensional byte array by
-     * concatenating all entries.
-     *
-     * @param array a 2-dimensional byte array
-     * @return the concatenated input array
-     */
-    public static byte[] concatenate(byte[][] array)
-    {
-        int rowLength = array[0].length;
-        byte[] result = new byte[array.length * rowLength];
-        int index = 0;
-        for (int i = 0; i < array.length; i++)
-        {
-            System.arraycopy(array[i], 0, result, index, rowLength);
-            index += rowLength;
-        }
-        return result;
-    }
-
-    /**
-     * Split a byte array <tt>input</tt> into two arrays at <tt>index</tt>,
-     * i.e. the first array will have the lower <tt>index</tt> bytes, the
-     * second one the higher <tt>input.length - index</tt> bytes.
-     *
-     * @param input the byte array to be split
-     * @param index the index where the byte array is split
-     * @return the splitted input array as an array of two byte arrays
-     * @throws ArrayIndexOutOfBoundsException if <tt>index</tt> is out of bounds
-     */
-    public static byte[][] split(byte[] input, int index)
-        throws ArrayIndexOutOfBoundsException
-    {
-        if (index > input.length)
-        {
-            throw new ArrayIndexOutOfBoundsException();
-        }
-        byte[][] result = new byte[2][];
-        result[0] = new byte[index];
-        result[1] = new byte[input.length - index];
-        System.arraycopy(input, 0, result[0], 0, index);
-        System.arraycopy(input, index, result[1], 0, input.length - index);
-        return result;
-    }
-
-    /**
-     * Generate a subarray of a given byte array.
-     *
-     * @param input the input byte array
-     * @param start the start index
-     * @param end   the end index
-     * @return a subarray of <tt>input</tt>, ranging from <tt>start</tt>
-     *         (inclusively) to <tt>end</tt> (exclusively)
-     */
-    public static byte[] subArray(byte[] input, int start, int end)
-    {
-        byte[] result = new byte[end - start];
-        System.arraycopy(input, start, result, 0, end - start);
-        return result;
-    }
-
-    /**
-     * Generate a subarray of a given byte array.
-     *
-     * @param input the input byte array
-     * @param start the start index
-     * @return a subarray of <tt>input</tt>, ranging from <tt>start</tt> to
-     *         the end of the array
-     */
-    public static byte[] subArray(byte[] input, int start)
-    {
-        return subArray(input, start, input.length);
-    }
-
-    /**
-     * Rewrite a byte array as a char array
-     *
-     * @param input -
-     *              the byte array
-     * @return char array
-     */
-    public static char[] toCharArray(byte[] input)
-    {
-        char[] result = new char[input.length];
-        for (int i = 0; i < input.length; i++)
-        {
-            result[i] = (char)input[i];
-        }
-        return result;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/CharUtils.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/CharUtils.java
deleted file mode 100644
index 1800685..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/CharUtils.java
+++ /dev/null

@@ -1,98 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-public final class CharUtils
-{
-
-    /**
-     * Default constructor (private)
-     */
-    private CharUtils()
-    {
-        // empty
-    }
-
-    /**
-     * Return a clone of the given char array. No null checks are performed.
-     *
-     * @param array the array to clone
-     * @return the clone of the given array
-     */
-    public static char[] clone(char[] array)
-    {
-        char[] result = new char[array.length];
-        System.arraycopy(array, 0, result, 0, array.length);
-        return result;
-    }
-
-    /**
-     * Convert the given char array into a byte array.
-     *
-     * @param chars the char array
-     * @return the converted array
-     */
-    public static byte[] toByteArray(char[] chars)
-    {
-        byte[] result = new byte[chars.length];
-        for (int i = chars.length - 1; i >= 0; i--)
-        {
-            result[i] = (byte)chars[i];
-        }
-        return result;
-    }
-
-    /**
-     * Convert the given char array into a
-     * byte array for use with PBE encryption.
-     *
-     * @param chars the char array
-     * @return the converted array
-     */
-    public static byte[] toByteArrayForPBE(char[] chars)
-    {
-
-        byte[] out = new byte[chars.length];
-
-        for (int i = 0; i < chars.length; i++)
-        {
-            out[i] = (byte)chars[i];
-        }
-
-        int length = out.length * 2;
-        byte[] ret = new byte[length + 2];
-
-        int j = 0;
-        for (int i = 0; i < out.length; i++)
-        {
-            j = i * 2;
-            ret[j] = 0;
-            ret[j + 1] = out[i];
-        }
-
-        ret[length] = 0;
-        ret[length + 1] = 0;
-
-        return ret;
-    }
-
-    /**
-     * Compare two char arrays. No null checks are performed.
-     *
-     * @param left  the char byte array
-     * @param right the second char array
-     * @return the result of the comparison
-     */
-    public static boolean equals(char[] left, char[] right)
-    {
-        if (left.length != right.length)
-        {
-            return false;
-        }
-        boolean result = true;
-        for (int i = left.length - 1; i >= 0; i--)
-        {
-            result &= left[i] == right[i];
-        }
-        return result;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2Matrix.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2Matrix.java
deleted file mode 100644
index 2841d17..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2Matrix.java
+++ /dev/null

@@ -1,1325 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * This class describes some operations with matrices over finite field GF(2)
- * and is used in ecc and MQ-PKC (also has some specific methods and
- * implementation)
- */
-public class GF2Matrix
-    extends Matrix
-{
-
-    /**
-     * For the matrix representation the array of type int[][] is used, thus one
-     * element of the array keeps 32 elements of the matrix (from one row and 32
-     * columns)
-     */
-    private int[][] matrix;
-
-    /**
-     * the length of each array representing a row of this matrix, computed as
-     * <tt>(numColumns + 31) / 32</tt>
-     */
-    private int length;
-
-    /**
-     * Create the matrix from encoded form.
-     *
-     * @param enc the encoded matrix
-     */
-    public GF2Matrix(byte[] enc)
-    {
-        if (enc.length < 9)
-        {
-            throw new ArithmeticException(
-                "given array is not an encoded matrix over GF(2)");
-        }
-
-        numRows = LittleEndianConversions.OS2IP(enc, 0);
-        numColumns = LittleEndianConversions.OS2IP(enc, 4);
-
-        int n = ((numColumns + 7) >>> 3) * numRows;
-
-        if ((numRows <= 0) || (n != (enc.length - 8)))
-        {
-            throw new ArithmeticException(
-                "given array is not an encoded matrix over GF(2)");
-        }
-
-        length = (numColumns + 31) >>> 5;
-        matrix = new int[numRows][length];
-
-        // number of "full" integer
-        int q = numColumns >> 5;
-        // number of bits in non-full integer
-        int r = numColumns & 0x1f;
-
-        int count = 8;
-        for (int i = 0; i < numRows; i++)
-        {
-            for (int j = 0; j < q; j++, count += 4)
-            {
-                matrix[i][j] = LittleEndianConversions.OS2IP(enc, count);
-            }
-            for (int j = 0; j < r; j += 8)
-            {
-                matrix[i][q] ^= (enc[count++] & 0xff) << j;
-            }
-        }
-    }
-
-    /**
-     * Create the matrix with the contents of the given array. The matrix is not
-     * copied. Unused coefficients are masked out.
-     *
-     * @param numColumns the number of columns
-     * @param matrix     the element array
-     */
-    public GF2Matrix(int numColumns, int[][] matrix)
-    {
-        if (matrix[0].length != (numColumns + 31) >> 5)
-        {
-            throw new ArithmeticException(
-                "Int array does not match given number of columns.");
-        }
-        this.numColumns = numColumns;
-        numRows = matrix.length;
-        length = matrix[0].length;
-        int rest = numColumns & 0x1f;
-        int bitMask;
-        if (rest == 0)
-        {
-            bitMask = 0xffffffff;
-        }
-        else
-        {
-            bitMask = (1 << rest) - 1;
-        }
-        for (int i = 0; i < numRows; i++)
-        {
-            matrix[i][length - 1] &= bitMask;
-        }
-        this.matrix = matrix;
-    }
-
-    /**
-     * Create an nxn matrix of the given type.
-     *
-     * @param n            the number of rows (and columns)
-     * @param typeOfMatrix the martix type (see {@link Matrix} for predefined
-     *                     constants)
-     */
-    public GF2Matrix(int n, char typeOfMatrix)
-    {
-        this(n, typeOfMatrix, new java.security.SecureRandom());
-    }
-
-    /**
-     * Create an nxn matrix of the given type.
-     *
-     * @param n            the matrix size
-     * @param typeOfMatrix the matrix type
-     * @param sr           the source of randomness
-     */
-    public GF2Matrix(int n, char typeOfMatrix, SecureRandom sr)
-    {
-        if (n <= 0)
-        {
-            throw new ArithmeticException("Size of matrix is non-positive.");
-        }
-
-        switch (typeOfMatrix)
-        {
-
-        case Matrix.MATRIX_TYPE_ZERO:
-            assignZeroMatrix(n, n);
-            break;
-
-        case Matrix.MATRIX_TYPE_UNIT:
-            assignUnitMatrix(n);
-            break;
-
-        case Matrix.MATRIX_TYPE_RANDOM_LT:
-            assignRandomLowerTriangularMatrix(n, sr);
-            break;
-
-        case Matrix.MATRIX_TYPE_RANDOM_UT:
-            assignRandomUpperTriangularMatrix(n, sr);
-            break;
-
-        case Matrix.MATRIX_TYPE_RANDOM_REGULAR:
-            assignRandomRegularMatrix(n, sr);
-            break;
-
-        default:
-            throw new ArithmeticException("Unknown matrix type.");
-        }
-    }
-
-    /**
-     * Copy constructor.
-     *
-     * @param a another {@link GF2Matrix}
-     */
-    public GF2Matrix(GF2Matrix a)
-    {
-        numColumns = a.getNumColumns();
-        numRows = a.getNumRows();
-        length = a.length;
-        matrix = new int[a.matrix.length][];
-        for (int i = 0; i < matrix.length; i++)
-        {
-            matrix[i] = IntUtils.clone(a.matrix[i]);
-        }
-
-    }
-
-    /**
-     * create the mxn zero matrix
-     */
-    private GF2Matrix(int m, int n)
-    {
-        if ((n <= 0) || (m <= 0))
-        {
-            throw new ArithmeticException("size of matrix is non-positive");
-        }
-
-        assignZeroMatrix(m, n);
-    }
-
-    /**
-     * Create the mxn zero matrix.
-     *
-     * @param m number of rows
-     * @param n number of columns
-     */
-    private void assignZeroMatrix(int m, int n)
-    {
-        numRows = m;
-        numColumns = n;
-        length = (n + 31) >>> 5;
-        matrix = new int[numRows][length];
-        for (int i = 0; i < numRows; i++)
-        {
-            for (int j = 0; j < length; j++)
-            {
-                matrix[i][j] = 0;
-            }
-        }
-    }
-
-    /**
-     * Create the mxn unit matrix.
-     *
-     * @param n number of rows (and columns)
-     */
-    private void assignUnitMatrix(int n)
-    {
-        numRows = n;
-        numColumns = n;
-        length = (n + 31) >>> 5;
-        matrix = new int[numRows][length];
-        for (int i = 0; i < numRows; i++)
-        {
-            for (int j = 0; j < length; j++)
-            {
-                matrix[i][j] = 0;
-            }
-        }
-        for (int i = 0; i < numRows; i++)
-        {
-            int rest = i & 0x1f;
-            matrix[i][i >>> 5] = 1 << rest;
-        }
-    }
-
-    /**
-     * Create a nxn random lower triangular matrix.
-     *
-     * @param n  number of rows (and columns)
-     * @param sr source of randomness
-     */
-    private void assignRandomLowerTriangularMatrix(int n, SecureRandom sr)
-    {
-        numRows = n;
-        numColumns = n;
-        length = (n + 31) >>> 5;
-        matrix = new int[numRows][length];
-        for (int i = 0; i < numRows; i++)
-        {
-            int q = i >>> 5;
-            int r = i & 0x1f;
-            int s = 31 - r;
-            r = 1 << r;
-            for (int j = 0; j < q; j++)
-            {
-                matrix[i][j] = sr.nextInt();
-            }
-            matrix[i][q] = (sr.nextInt() >>> s) | r;
-            for (int j = q + 1; j < length; j++)
-            {
-                matrix[i][j] = 0;
-            }
-
-        }
-
-    }
-
-    /**
-     * Create a nxn random upper triangular matrix.
-     *
-     * @param n  number of rows (and columns)
-     * @param sr source of randomness
-     */
-    private void assignRandomUpperTriangularMatrix(int n, SecureRandom sr)
-    {
-        numRows = n;
-        numColumns = n;
-        length = (n + 31) >>> 5;
-        matrix = new int[numRows][length];
-        int rest = n & 0x1f;
-        int help;
-        if (rest == 0)
-        {
-            help = 0xffffffff;
-        }
-        else
-        {
-            help = (1 << rest) - 1;
-        }
-        for (int i = 0; i < numRows; i++)
-        {
-            int q = i >>> 5;
-            int r = i & 0x1f;
-            int s = r;
-            r = 1 << r;
-            for (int j = 0; j < q; j++)
-            {
-                matrix[i][j] = 0;
-            }
-            matrix[i][q] = (sr.nextInt() << s) | r;
-            for (int j = q + 1; j < length; j++)
-            {
-                matrix[i][j] = sr.nextInt();
-            }
-            matrix[i][length - 1] &= help;
-        }
-
-    }
-
-    /**
-     * Create an nxn random regular matrix.
-     *
-     * @param n  number of rows (and columns)
-     * @param sr source of randomness
-     */
-    private void assignRandomRegularMatrix(int n, SecureRandom sr)
-    {
-        numRows = n;
-        numColumns = n;
-        length = (n + 31) >>> 5;
-        matrix = new int[numRows][length];
-        GF2Matrix lm = new GF2Matrix(n, Matrix.MATRIX_TYPE_RANDOM_LT, sr);
-        GF2Matrix um = new GF2Matrix(n, Matrix.MATRIX_TYPE_RANDOM_UT, sr);
-        GF2Matrix rm = (GF2Matrix)lm.rightMultiply(um);
-        Permutation perm = new Permutation(n, sr);
-        int[] p = perm.getVector();
-        for (int i = 0; i < n; i++)
-        {
-            System.arraycopy(rm.matrix[i], 0, matrix[p[i]], 0, length);
-        }
-    }
-
-    /**
-     * Create a nxn random regular matrix and its inverse.
-     *
-     * @param n  number of rows (and columns)
-     * @param sr source of randomness
-     * @return the created random regular matrix and its inverse
-     */
-    public static GF2Matrix[] createRandomRegularMatrixAndItsInverse(int n,
-                                                                     SecureRandom sr)
-    {
-
-        GF2Matrix[] result = new GF2Matrix[2];
-
-        // ------------------------------------
-        // First part: create regular matrix
-        // ------------------------------------
-
-        // ------
-        int length = (n + 31) >> 5;
-        GF2Matrix lm = new GF2Matrix(n, Matrix.MATRIX_TYPE_RANDOM_LT, sr);
-        GF2Matrix um = new GF2Matrix(n, Matrix.MATRIX_TYPE_RANDOM_UT, sr);
-        GF2Matrix rm = (GF2Matrix)lm.rightMultiply(um);
-        Permutation p = new Permutation(n, sr);
-        int[] pVec = p.getVector();
-
-        int[][] matrix = new int[n][length];
-        for (int i = 0; i < n; i++)
-        {
-            System.arraycopy(rm.matrix[pVec[i]], 0, matrix[i], 0, length);
-        }
-
-        result[0] = new GF2Matrix(n, matrix);
-
-        // ------------------------------------
-        // Second part: create inverse matrix
-        // ------------------------------------
-
-        // inverse to lm
-        GF2Matrix invLm = new GF2Matrix(n, Matrix.MATRIX_TYPE_UNIT);
-        for (int i = 0; i < n; i++)
-        {
-            int rest = i & 0x1f;
-            int q = i >>> 5;
-            int r = 1 << rest;
-            for (int j = i + 1; j < n; j++)
-            {
-                int b = (lm.matrix[j][q]) & r;
-                if (b != 0)
-                {
-                    for (int k = 0; k <= q; k++)
-                    {
-                        invLm.matrix[j][k] ^= invLm.matrix[i][k];
-                    }
-                }
-            }
-        }
-        // inverse to um
-        GF2Matrix invUm = new GF2Matrix(n, Matrix.MATRIX_TYPE_UNIT);
-        for (int i = n - 1; i >= 0; i--)
-        {
-            int rest = i & 0x1f;
-            int q = i >>> 5;
-            int r = 1 << rest;
-            for (int j = i - 1; j >= 0; j--)
-            {
-                int b = (um.matrix[j][q]) & r;
-                if (b != 0)
-                {
-                    for (int k = q; k < length; k++)
-                    {
-                        invUm.matrix[j][k] ^= invUm.matrix[i][k];
-                    }
-                }
-            }
-        }
-
-        // inverse matrix
-        result[1] = (GF2Matrix)invUm.rightMultiply(invLm.rightMultiply(p));
-
-        return result;
-    }
-
-    /**
-     * @return the array keeping the matrix elements
-     */
-    public int[][] getIntArray()
-    {
-        return matrix;
-    }
-
-    /**
-     * @return the length of each array representing a row of this matrix
-     */
-    public int getLength()
-    {
-        return length;
-    }
-
-    /**
-     * Return the row of this matrix with the given index.
-     *
-     * @param index the index
-     * @return the row of this matrix with the given index
-     */
-    public int[] getRow(int index)
-    {
-        return matrix[index];
-    }
-
-    /**
-     * Returns encoded matrix, i.e., this matrix in byte array form
-     *
-     * @return the encoded matrix
-     */
-    public byte[] getEncoded()
-    {
-        int n = (numColumns + 7) >>> 3;
-        n *= numRows;
-        n += 8;
-        byte[] enc = new byte[n];
-
-        LittleEndianConversions.I2OSP(numRows, enc, 0);
-        LittleEndianConversions.I2OSP(numColumns, enc, 4);
-
-        // number of "full" integer
-        int q = numColumns >>> 5;
-        // number of bits in non-full integer
-        int r = numColumns & 0x1f;
-
-        int count = 8;
-        for (int i = 0; i < numRows; i++)
-        {
-            for (int j = 0; j < q; j++, count += 4)
-            {
-                LittleEndianConversions.I2OSP(matrix[i][j], enc, count);
-            }
-            for (int j = 0; j < r; j += 8)
-            {
-                enc[count++] = (byte)((matrix[i][q] >>> j) & 0xff);
-            }
-
-        }
-        return enc;
-    }
-
-
-    /**
-     * Returns the percentage of the number of "ones" in this matrix.
-     *
-     * @return the Hamming weight of this matrix (as a ratio).
-     */
-    public double getHammingWeight()
-    {
-        double counter = 0.0;
-        double elementCounter = 0.0;
-        int rest = numColumns & 0x1f;
-        int d;
-        if (rest == 0)
-        {
-            d = length;
-        }
-        else
-        {
-            d = length - 1;
-        }
-
-        for (int i = 0; i < numRows; i++)
-        {
-
-            for (int j = 0; j < d; j++)
-            {
-                int a = matrix[i][j];
-                for (int k = 0; k < 32; k++)
-                {
-                    int b = (a >>> k) & 1;
-                    counter = counter + b;
-                    elementCounter = elementCounter + 1;
-                }
-            }
-            int a = matrix[i][length - 1];
-            for (int k = 0; k < rest; k++)
-            {
-                int b = (a >>> k) & 1;
-                counter = counter + b;
-                elementCounter = elementCounter + 1;
-            }
-        }
-
-        return counter / elementCounter;
-    }
-
-    /**
-     * Check if this is the zero matrix (i.e., all entries are zero).
-     *
-     * @return <tt>true</tt> if this is the zero matrix
-     */
-    public boolean isZero()
-    {
-        for (int i = 0; i < numRows; i++)
-        {
-            for (int j = 0; j < length; j++)
-            {
-                if (matrix[i][j] != 0)
-                {
-                    return false;
-                }
-            }
-        }
-        return true;
-    }
-
-    /**
-     * Get the quadratic submatrix of this matrix consisting of the leftmost
-     * <tt>numRows</tt> columns.
-     *
-     * @return the <tt>(numRows x numRows)</tt> submatrix
-     */
-    public GF2Matrix getLeftSubMatrix()
-    {
-        if (numColumns <= numRows)
-        {
-            throw new ArithmeticException("empty submatrix");
-        }
-        int length = (numRows + 31) >> 5;
-        int[][] result = new int[numRows][length];
-        int bitMask = (1 << (numRows & 0x1f)) - 1;
-        if (bitMask == 0)
-        {
-            bitMask = -1;
-        }
-        for (int i = numRows - 1; i >= 0; i--)
-        {
-            System.arraycopy(matrix[i], 0, result[i], 0, length);
-            result[i][length - 1] &= bitMask;
-        }
-        return new GF2Matrix(numRows, result);
-    }
-
-    /**
-     * Compute the full form matrix <tt>(this | Id)</tt> from this matrix in
-     * left compact form, where <tt>Id</tt> is the <tt>k x k</tt> identity
-     * matrix and <tt>k</tt> is the number of rows of this matrix.
-     *
-     * @return <tt>(this | Id)</tt>
-     */
-    public GF2Matrix extendLeftCompactForm()
-    {
-        int newNumColumns = numColumns + numRows;
-        GF2Matrix result = new GF2Matrix(numRows, newNumColumns);
-
-        int ind = numRows - 1 + numColumns;
-        for (int i = numRows - 1; i >= 0; i--, ind--)
-        {
-            // copy this matrix to first columns
-            System.arraycopy(matrix[i], 0, result.matrix[i], 0, length);
-            // store the identity in last columns
-            result.matrix[i][ind >> 5] |= 1 << (ind & 0x1f);
-        }
-
-        return result;
-    }
-
-    /**
-     * Get the submatrix of this matrix consisting of the rightmost
-     * <tt>numColumns-numRows</tt> columns.
-     *
-     * @return the <tt>(numRows x (numColumns-numRows))</tt> submatrix
-     */
-    public GF2Matrix getRightSubMatrix()
-    {
-        if (numColumns <= numRows)
-        {
-            throw new ArithmeticException("empty submatrix");
-        }
-
-        int q = numRows >> 5;
-        int r = numRows & 0x1f;
-
-        GF2Matrix result = new GF2Matrix(numRows, numColumns - numRows);
-
-        for (int i = numRows - 1; i >= 0; i--)
-        {
-            // if words have to be shifted
-            if (r != 0)
-            {
-                int ind = q;
-                // process all but last word
-                for (int j = 0; j < result.length - 1; j++)
-                {
-                    // shift to correct position
-                    result.matrix[i][j] = (matrix[i][ind++] >>> r)
-                        | (matrix[i][ind] << (32 - r));
-                }
-                // process last word
-                result.matrix[i][result.length - 1] = matrix[i][ind++] >>> r;
-                if (ind < length)
-                {
-                    result.matrix[i][result.length - 1] |= matrix[i][ind] << (32 - r);
-                }
-            }
-            else
-            {
-                // no shifting necessary
-                System.arraycopy(matrix[i], q, result.matrix[i], 0,
-                    result.length);
-            }
-        }
-        return result;
-    }
-
-    /**
-     * Compute the full form matrix <tt>(Id | this)</tt> from this matrix in
-     * right compact form, where <tt>Id</tt> is the <tt>k x k</tt> identity
-     * matrix and <tt>k</tt> is the number of rows of this matrix.
-     *
-     * @return <tt>(Id | this)</tt>
-     */
-    public GF2Matrix extendRightCompactForm()
-    {
-        GF2Matrix result = new GF2Matrix(numRows, numRows + numColumns);
-
-        int q = numRows >> 5;
-        int r = numRows & 0x1f;
-
-        for (int i = numRows - 1; i >= 0; i--)
-        {
-            // store the identity in first columns
-            result.matrix[i][i >> 5] |= 1 << (i & 0x1f);
-
-            // copy this matrix to last columns
-
-            // if words have to be shifted
-            if (r != 0)
-            {
-                int ind = q;
-                // process all but last word
-                for (int j = 0; j < length - 1; j++)
-                {
-                    // obtain matrix word
-                    int mw = matrix[i][j];
-                    // shift to correct position
-                    result.matrix[i][ind++] |= mw << r;
-                    result.matrix[i][ind] |= mw >>> (32 - r);
-                }
-                // process last word
-                int mw = matrix[i][length - 1];
-                result.matrix[i][ind++] |= mw << r;
-                if (ind < result.length)
-                {
-                    result.matrix[i][ind] |= mw >>> (32 - r);
-                }
-            }
-            else
-            {
-                // no shifting necessary
-                System.arraycopy(matrix[i], 0, result.matrix[i], q, length);
-            }
-        }
-
-        return result;
-    }
-
-    /**
-     * Compute the transpose of this matrix.
-     *
-     * @return <tt>(this)<sup>T</sup></tt>
-     */
-    public Matrix computeTranspose()
-    {
-        int[][] result = new int[numColumns][(numRows + 31) >>> 5];
-        for (int i = 0; i < numRows; i++)
-        {
-            for (int j = 0; j < numColumns; j++)
-            {
-                int qs = j >>> 5;
-                int rs = j & 0x1f;
-                int b = (matrix[i][qs] >>> rs) & 1;
-                int qt = i >>> 5;
-                int rt = i & 0x1f;
-                if (b == 1)
-                {
-                    result[j][qt] |= 1 << rt;
-                }
-            }
-        }
-
-        return new GF2Matrix(numRows, result);
-    }
-
-    /**
-     * Compute the inverse of this matrix.
-     *
-     * @return the inverse of this matrix (newly created).
-     * @throws ArithmeticException if this matrix is not invertible.
-     */
-    public Matrix computeInverse()
-    {
-        if (numRows != numColumns)
-        {
-            throw new ArithmeticException("Matrix is not invertible.");
-        }
-
-        // clone this matrix
-        int[][] tmpMatrix = new int[numRows][length];
-        for (int i = numRows - 1; i >= 0; i--)
-        {
-            tmpMatrix[i] = IntUtils.clone(matrix[i]);
-        }
-
-        // initialize inverse matrix as unit matrix
-        int[][] invMatrix = new int[numRows][length];
-        for (int i = numRows - 1; i >= 0; i--)
-        {
-            int q = i >> 5;
-            int r = i & 0x1f;
-            invMatrix[i][q] = 1 << r;
-        }
-
-        // simultaneously compute Gaussian reduction of tmpMatrix and unit
-        // matrix
-        for (int i = 0; i < numRows; i++)
-        {
-            // i = q * 32 + (i mod 32)
-            int q = i >> 5;
-            int bitMask = 1 << (i & 0x1f);
-            // if diagonal element is zero
-            if ((tmpMatrix[i][q] & bitMask) == 0)
-            {
-                boolean foundNonZero = false;
-                // find a non-zero element in the same column
-                for (int j = i + 1; j < numRows; j++)
-                {
-                    if ((tmpMatrix[j][q] & bitMask) != 0)
-                    {
-                        // found it, swap rows ...
-                        foundNonZero = true;
-                        swapRows(tmpMatrix, i, j);
-                        swapRows(invMatrix, i, j);
-                        // ... and quit searching
-                        j = numRows;
-                        continue;
-                    }
-                }
-                // if no non-zero element was found ...
-                if (!foundNonZero)
-                {
-                    // ... the matrix is not invertible
-                    throw new ArithmeticException("Matrix is not invertible.");
-                }
-            }
-
-            // normalize all but i-th row
-            for (int j = numRows - 1; j >= 0; j--)
-            {
-                if ((j != i) && ((tmpMatrix[j][q] & bitMask) != 0))
-                {
-                    addToRow(tmpMatrix[i], tmpMatrix[j], q);
-                    addToRow(invMatrix[i], invMatrix[j], 0);
-                }
-            }
-        }
-
-        return new GF2Matrix(numColumns, invMatrix);
-    }
-
-    /**
-     * Compute the product of a permutation matrix (which is generated from an
-     * n-permutation) and this matrix.
-     *
-     * @param p the permutation
-     * @return {@link GF2Matrix} <tt>P*this</tt>
-     */
-    public Matrix leftMultiply(Permutation p)
-    {
-        int[] pVec = p.getVector();
-        if (pVec.length != numRows)
-        {
-            throw new ArithmeticException("length mismatch");
-        }
-
-        int[][] result = new int[numRows][];
-
-        for (int i = numRows - 1; i >= 0; i--)
-        {
-            result[i] = IntUtils.clone(matrix[pVec[i]]);
-        }
-
-        return new GF2Matrix(numRows, result);
-    }
-
-    /**
-     * compute product a row vector and this matrix
-     *
-     * @param vec a vector over GF(2)
-     * @return Vector product a*matrix
-     */
-    public Vector leftMultiply(Vector vec)
-    {
-
-        if (!(vec instanceof GF2Vector))
-        {
-            throw new ArithmeticException("vector is not defined over GF(2)");
-        }
-
-        if (vec.length != numRows)
-        {
-            throw new ArithmeticException("length mismatch");
-        }
-
-        int[] v = ((GF2Vector)vec).getVecArray();
-        int[] res = new int[length];
-
-        int q = numRows >> 5;
-        int r = 1 << (numRows & 0x1f);
-
-        // compute scalar products with full words of vector
-        int row = 0;
-        for (int i = 0; i < q; i++)
-        {
-            int bitMask = 1;
-            do
-            {
-                int b = v[i] & bitMask;
-                if (b != 0)
-                {
-                    for (int j = 0; j < length; j++)
-                    {
-                        res[j] ^= matrix[row][j];
-                    }
-                }
-                row++;
-                bitMask <<= 1;
-            }
-            while (bitMask != 0);
-        }
-
-        // compute scalar products with last word of vector
-        int bitMask = 1;
-        while (bitMask != r)
-        {
-            int b = v[q] & bitMask;
-            if (b != 0)
-            {
-                for (int j = 0; j < length; j++)
-                {
-                    res[j] ^= matrix[row][j];
-                }
-            }
-            row++;
-            bitMask <<= 1;
-        }
-
-        return new GF2Vector(res, numColumns);
-    }
-
-    /**
-     * Compute the product of the matrix <tt>(this | Id)</tt> and a column
-     * vector, where <tt>Id</tt> is a <tt>(numRows x numRows)</tt> unit
-     * matrix.
-     *
-     * @param vec the vector over GF(2)
-     * @return <tt>(this | Id)*vector</tt>
-     */
-    public Vector leftMultiplyLeftCompactForm(Vector vec)
-    {
-        if (!(vec instanceof GF2Vector))
-        {
-            throw new ArithmeticException("vector is not defined over GF(2)");
-        }
-
-        if (vec.length != numRows)
-        {
-            throw new ArithmeticException("length mismatch");
-        }
-
-        int[] v = ((GF2Vector)vec).getVecArray();
-        int[] res = new int[(numRows + numColumns + 31) >>> 5];
-
-        // process full words of vector
-        int words = numRows >>> 5;
-        int row = 0;
-        for (int i = 0; i < words; i++)
-        {
-            int bitMask = 1;
-            do
-            {
-                int b = v[i] & bitMask;
-                if (b != 0)
-                {
-                    // compute scalar product part
-                    for (int j = 0; j < length; j++)
-                    {
-                        res[j] ^= matrix[row][j];
-                    }
-                    // set last bit
-                    int q = (numColumns + row) >>> 5;
-                    int r = (numColumns + row) & 0x1f;
-                    res[q] |= 1 << r;
-                }
-                row++;
-                bitMask <<= 1;
-            }
-            while (bitMask != 0);
-        }
-
-        // process last word of vector
-        int rem = 1 << (numRows & 0x1f);
-        int bitMask = 1;
-        while (bitMask != rem)
-        {
-            int b = v[words] & bitMask;
-            if (b != 0)
-            {
-                // compute scalar product part
-                for (int j = 0; j < length; j++)
-                {
-                    res[j] ^= matrix[row][j];
-                }
-                // set last bit
-                int q = (numColumns + row) >>> 5;
-                int r = (numColumns + row) & 0x1f;
-                res[q] |= 1 << r;
-            }
-            row++;
-            bitMask <<= 1;
-        }
-
-        return new GF2Vector(res, numRows + numColumns);
-    }
-
-    /**
-     * Compute the product of this matrix and a matrix A over GF(2).
-     *
-     * @param mat a matrix A over GF(2)
-     * @return matrix product <tt>this*matrixA</tt>
-     */
-    public Matrix rightMultiply(Matrix mat)
-    {
-        if (!(mat instanceof GF2Matrix))
-        {
-            throw new ArithmeticException("matrix is not defined over GF(2)");
-        }
-
-        if (mat.numRows != numColumns)
-        {
-            throw new ArithmeticException("length mismatch");
-        }
-
-        GF2Matrix a = (GF2Matrix)mat;
-        GF2Matrix result = new GF2Matrix(numRows, mat.numColumns);
-
-        int d;
-        int rest = numColumns & 0x1f;
-        if (rest == 0)
-        {
-            d = length;
-        }
-        else
-        {
-            d = length - 1;
-        }
-        for (int i = 0; i < numRows; i++)
-        {
-            int count = 0;
-            for (int j = 0; j < d; j++)
-            {
-                int e = matrix[i][j];
-                for (int h = 0; h < 32; h++)
-                {
-                    int b = e & (1 << h);
-                    if (b != 0)
-                    {
-                        for (int g = 0; g < a.length; g++)
-                        {
-                            result.matrix[i][g] ^= a.matrix[count][g];
-                        }
-                    }
-                    count++;
-                }
-            }
-            int e = matrix[i][length - 1];
-            for (int h = 0; h < rest; h++)
-            {
-                int b = e & (1 << h);
-                if (b != 0)
-                {
-                    for (int g = 0; g < a.length; g++)
-                    {
-                        result.matrix[i][g] ^= a.matrix[count][g];
-                    }
-                }
-                count++;
-            }
-
-        }
-
-        return result;
-    }
-
-    /**
-     * Compute the product of this matrix and a permutation matrix which is
-     * generated from an n-permutation.
-     *
-     * @param p the permutation
-     * @return {@link GF2Matrix} <tt>this*P</tt>
-     */
-    public Matrix rightMultiply(Permutation p)
-    {
-
-        int[] pVec = p.getVector();
-        if (pVec.length != numColumns)
-        {
-            throw new ArithmeticException("length mismatch");
-        }
-
-        GF2Matrix result = new GF2Matrix(numRows, numColumns);
-
-        for (int i = numColumns - 1; i >= 0; i--)
-        {
-            int q = i >>> 5;
-            int r = i & 0x1f;
-            int pq = pVec[i] >>> 5;
-            int pr = pVec[i] & 0x1f;
-            for (int j = numRows - 1; j >= 0; j--)
-            {
-                result.matrix[j][q] |= ((matrix[j][pq] >>> pr) & 1) << r;
-            }
-        }
-
-        return result;
-    }
-
-    /**
-     * Compute the product of this matrix and the given column vector.
-     *
-     * @param vec the vector over GF(2)
-     * @return <tt>this*vector</tt>
-     */
-    public Vector rightMultiply(Vector vec)
-    {
-        if (!(vec instanceof GF2Vector))
-        {
-            throw new ArithmeticException("vector is not defined over GF(2)");
-        }
-
-        if (vec.length != numColumns)
-        {
-            throw new ArithmeticException("length mismatch");
-        }
-
-        int[] v = ((GF2Vector)vec).getVecArray();
-        int[] res = new int[(numRows + 31) >>> 5];
-
-        for (int i = 0; i < numRows; i++)
-        {
-            // compute full word scalar products
-            int help = 0;
-            for (int j = 0; j < length; j++)
-            {
-                help ^= matrix[i][j] & v[j];
-            }
-            // compute single word scalar product
-            int bitValue = 0;
-            for (int j = 0; j < 32; j++)
-            {
-                bitValue ^= (help >>> j) & 1;
-            }
-            // set result bit
-            if (bitValue == 1)
-            {
-                res[i >>> 5] |= 1 << (i & 0x1f);
-            }
-        }
-
-        return new GF2Vector(res, numRows);
-    }
-
-    /**
-     * Compute the product of the matrix <tt>(Id | this)</tt> and a column
-     * vector, where <tt>Id</tt> is a <tt>(numRows x numRows)</tt> unit
-     * matrix.
-     *
-     * @param vec the vector over GF(2)
-     * @return <tt>(Id | this)*vector</tt>
-     */
-    public Vector rightMultiplyRightCompactForm(Vector vec)
-    {
-        if (!(vec instanceof GF2Vector))
-        {
-            throw new ArithmeticException("vector is not defined over GF(2)");
-        }
-
-        if (vec.length != numColumns + numRows)
-        {
-            throw new ArithmeticException("length mismatch");
-        }
-
-        int[] v = ((GF2Vector)vec).getVecArray();
-        int[] res = new int[(numRows + 31) >>> 5];
-
-        int q = numRows >> 5;
-        int r = numRows & 0x1f;
-
-        // for all rows
-        for (int i = 0; i < numRows; i++)
-        {
-            // get vector bit
-            int help = (v[i >> 5] >>> (i & 0x1f)) & 1;
-
-            // compute full word scalar products
-            int vInd = q;
-            // if words have to be shifted
-            if (r != 0)
-            {
-                int vw = 0;
-                // process all but last word
-                for (int j = 0; j < length - 1; j++)
-                {
-                    // shift to correct position
-                    vw = (v[vInd++] >>> r) | (v[vInd] << (32 - r));
-                    help ^= matrix[i][j] & vw;
-                }
-                // process last word
-                vw = v[vInd++] >>> r;
-                if (vInd < v.length)
-                {
-                    vw |= v[vInd] << (32 - r);
-                }
-                help ^= matrix[i][length - 1] & vw;
-            }
-            else
-            {
-                // no shifting necessary
-                for (int j = 0; j < length; j++)
-                {
-                    help ^= matrix[i][j] & v[vInd++];
-                }
-            }
-
-            // compute single word scalar product
-            int bitValue = 0;
-            for (int j = 0; j < 32; j++)
-            {
-                bitValue ^= help & 1;
-                help >>>= 1;
-            }
-
-            // set result bit
-            if (bitValue == 1)
-            {
-                res[i >> 5] |= 1 << (i & 0x1f);
-            }
-        }
-
-        return new GF2Vector(res, numRows);
-    }
-
-    /**
-     * Compare this matrix with another object.
-     *
-     * @param other another object
-     * @return the result of the comparison
-     */
-    public boolean equals(Object other)
-    {
-
-        if (!(other instanceof GF2Matrix))
-        {
-            return false;
-        }
-        GF2Matrix otherMatrix = (GF2Matrix)other;
-
-        if ((numRows != otherMatrix.numRows)
-            || (numColumns != otherMatrix.numColumns)
-            || (length != otherMatrix.length))
-        {
-            return false;
-        }
-
-        for (int i = 0; i < numRows; i++)
-        {
-            if (!IntUtils.equals(matrix[i], otherMatrix.matrix[i]))
-            {
-                return false;
-            }
-        }
-
-        return true;
-    }
-
-    /**
-     * @return the hash code of this matrix
-     */
-    public int hashCode()
-    {
-        int hash = (numRows * 31 + numColumns) * 31 + length;
-        for (int i = 0; i < numRows; i++)
-        {
-            hash = hash * 31 + Arrays.hashCode(matrix[i]);
-        }
-        return hash;
-    }
-
-    /**
-     * @return a human readable form of the matrix
-     */
-    public String toString()
-    {
-        int rest = numColumns & 0x1f;
-        int d;
-        if (rest == 0)
-        {
-            d = length;
-        }
-        else
-        {
-            d = length - 1;
-        }
-
-        StringBuffer buf = new StringBuffer();
-        for (int i = 0; i < numRows; i++)
-        {
-            buf.append(i + ": ");
-            for (int j = 0; j < d; j++)
-            {
-                int a = matrix[i][j];
-                for (int k = 0; k < 32; k++)
-                {
-                    int b = (a >>> k) & 1;
-                    if (b == 0)
-                    {
-                        buf.append('0');
-                    }
-                    else
-                    {
-                        buf.append('1');
-                    }
-                }
-                buf.append(' ');
-            }
-            int a = matrix[i][length - 1];
-            for (int k = 0; k < rest; k++)
-            {
-                int b = (a >>> k) & 1;
-                if (b == 0)
-                {
-                    buf.append('0');
-                }
-                else
-                {
-                    buf.append('1');
-                }
-            }
-            buf.append('\n');
-        }
-
-        return buf.toString();
-    }
-
-    /**
-     * Swap two rows of the given matrix.
-     *
-     * @param matrix the matrix
-     * @param first  the index of the first row
-     * @param second the index of the second row
-     */
-    private static void swapRows(int[][] matrix, int first, int second)
-    {
-        int[] tmp = matrix[first];
-        matrix[first] = matrix[second];
-        matrix[second] = tmp;
-    }
-
-    /**
-     * Partially add one row to another.
-     *
-     * @param fromRow    the addend
-     * @param toRow      the row to add to
-     * @param startIndex the array index to start from
-     */
-    private static void addToRow(int[] fromRow, int[] toRow, int startIndex)
-    {
-        for (int i = toRow.length - 1; i >= startIndex; i--)
-        {
-            toRow[i] = fromRow[i] ^ toRow[i];
-        }
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2Polynomial.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2Polynomial.java
deleted file mode 100644
index f241ba3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2Polynomial.java
+++ /dev/null

@@ -1,2035 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-
-import java.math.BigInteger;
-import java.util.Random;
-
-import org.bouncycastle.util.Arrays;
-
-
-/**
- * This class stores very long strings of bits and does some basic arithmetics.
- * It is used by <tt>GF2nField</tt>, <tt>GF2nPolynomialField</tt> and
- * <tt>GFnPolynomialElement</tt>.
- *
- * @see GF2nPolynomialElement
- * @see GF2nField
- */
-public class GF2Polynomial
-{
-
-    // number of bits stored in this GF2Polynomial
-    private int len;
-
-    // number of int used in value
-    private int blocks;
-
-    // storage
-    private int[] value;
-
-    // Random source
-    private static Random rand = new Random();
-
-    // Lookup-Table for vectorMult: parity[a]= #1(a) mod 2 == 1
-    private static final boolean[] parity = {false, true, true, false, true,
-        false, false, true, true, false, false, true, false, true, true,
-        false, true, false, false, true, false, true, true, false, false,
-        true, true, false, true, false, false, true, true, false, false,
-        true, false, true, true, false, false, true, true, false, true,
-        false, false, true, false, true, true, false, true, false, false,
-        true, true, false, false, true, false, true, true, false, true,
-        false, false, true, false, true, true, false, false, true, true,
-        false, true, false, false, true, false, true, true, false, true,
-        false, false, true, true, false, false, true, false, true, true,
-        false, false, true, true, false, true, false, false, true, true,
-        false, false, true, false, true, true, false, true, false, false,
-        true, false, true, true, false, false, true, true, false, true,
-        false, false, true, true, false, false, true, false, true, true,
-        false, false, true, true, false, true, false, false, true, false,
-        true, true, false, true, false, false, true, true, false, false,
-        true, false, true, true, false, false, true, true, false, true,
-        false, false, true, true, false, false, true, false, true, true,
-        false, true, false, false, true, false, true, true, false, false,
-        true, true, false, true, false, false, true, false, true, true,
-        false, true, false, false, true, true, false, false, true, false,
-        true, true, false, true, false, false, true, false, true, true,
-        false, false, true, true, false, true, false, false, true, true,
-        false, false, true, false, true, true, false, false, true, true,
-        false, true, false, false, true, false, true, true, false, true,
-        false, false, true, true, false, false, true, false, true, true,
-        false};
-
-    // Lookup-Table for Squaring: squaringTable[a]=a^2
-    private static final short[] squaringTable = {0x0000, 0x0001, 0x0004,
-        0x0005, 0x0010, 0x0011, 0x0014, 0x0015, 0x0040, 0x0041, 0x0044,
-        0x0045, 0x0050, 0x0051, 0x0054, 0x0055, 0x0100, 0x0101, 0x0104,
-        0x0105, 0x0110, 0x0111, 0x0114, 0x0115, 0x0140, 0x0141, 0x0144,
-        0x0145, 0x0150, 0x0151, 0x0154, 0x0155, 0x0400, 0x0401, 0x0404,
-        0x0405, 0x0410, 0x0411, 0x0414, 0x0415, 0x0440, 0x0441, 0x0444,
-        0x0445, 0x0450, 0x0451, 0x0454, 0x0455, 0x0500, 0x0501, 0x0504,
-        0x0505, 0x0510, 0x0511, 0x0514, 0x0515, 0x0540, 0x0541, 0x0544,
-        0x0545, 0x0550, 0x0551, 0x0554, 0x0555, 0x1000, 0x1001, 0x1004,
-        0x1005, 0x1010, 0x1011, 0x1014, 0x1015, 0x1040, 0x1041, 0x1044,
-        0x1045, 0x1050, 0x1051, 0x1054, 0x1055, 0x1100, 0x1101, 0x1104,
-        0x1105, 0x1110, 0x1111, 0x1114, 0x1115, 0x1140, 0x1141, 0x1144,
-        0x1145, 0x1150, 0x1151, 0x1154, 0x1155, 0x1400, 0x1401, 0x1404,
-        0x1405, 0x1410, 0x1411, 0x1414, 0x1415, 0x1440, 0x1441, 0x1444,
-        0x1445, 0x1450, 0x1451, 0x1454, 0x1455, 0x1500, 0x1501, 0x1504,
-        0x1505, 0x1510, 0x1511, 0x1514, 0x1515, 0x1540, 0x1541, 0x1544,
-        0x1545, 0x1550, 0x1551, 0x1554, 0x1555, 0x4000, 0x4001, 0x4004,
-        0x4005, 0x4010, 0x4011, 0x4014, 0x4015, 0x4040, 0x4041, 0x4044,
-        0x4045, 0x4050, 0x4051, 0x4054, 0x4055, 0x4100, 0x4101, 0x4104,
-        0x4105, 0x4110, 0x4111, 0x4114, 0x4115, 0x4140, 0x4141, 0x4144,
-        0x4145, 0x4150, 0x4151, 0x4154, 0x4155, 0x4400, 0x4401, 0x4404,
-        0x4405, 0x4410, 0x4411, 0x4414, 0x4415, 0x4440, 0x4441, 0x4444,
-        0x4445, 0x4450, 0x4451, 0x4454, 0x4455, 0x4500, 0x4501, 0x4504,
-        0x4505, 0x4510, 0x4511, 0x4514, 0x4515, 0x4540, 0x4541, 0x4544,
-        0x4545, 0x4550, 0x4551, 0x4554, 0x4555, 0x5000, 0x5001, 0x5004,
-        0x5005, 0x5010, 0x5011, 0x5014, 0x5015, 0x5040, 0x5041, 0x5044,
-        0x5045, 0x5050, 0x5051, 0x5054, 0x5055, 0x5100, 0x5101, 0x5104,
-        0x5105, 0x5110, 0x5111, 0x5114, 0x5115, 0x5140, 0x5141, 0x5144,
-        0x5145, 0x5150, 0x5151, 0x5154, 0x5155, 0x5400, 0x5401, 0x5404,
-        0x5405, 0x5410, 0x5411, 0x5414, 0x5415, 0x5440, 0x5441, 0x5444,
-        0x5445, 0x5450, 0x5451, 0x5454, 0x5455, 0x5500, 0x5501, 0x5504,
-        0x5505, 0x5510, 0x5511, 0x5514, 0x5515, 0x5540, 0x5541, 0x5544,
-        0x5545, 0x5550, 0x5551, 0x5554, 0x5555};
-
-    // pre-computed Bitmask for fast masking, bitMask[a]=0x1 << a
-    private static final int[] bitMask = {0x00000001, 0x00000002, 0x00000004,
-        0x00000008, 0x00000010, 0x00000020, 0x00000040, 0x00000080,
-        0x00000100, 0x00000200, 0x00000400, 0x00000800, 0x00001000,
-        0x00002000, 0x00004000, 0x00008000, 0x00010000, 0x00020000,
-        0x00040000, 0x00080000, 0x00100000, 0x00200000, 0x00400000,
-        0x00800000, 0x01000000, 0x02000000, 0x04000000, 0x08000000,
-        0x10000000, 0x20000000, 0x40000000, 0x80000000, 0x00000000};
-
-    // pre-computed Bitmask for fast masking, rightMask[a]=0xffffffff >>> (32-a)
-    private static final int[] reverseRightMask = {0x00000000, 0x00000001,
-        0x00000003, 0x00000007, 0x0000000f, 0x0000001f, 0x0000003f,
-        0x0000007f, 0x000000ff, 0x000001ff, 0x000003ff, 0x000007ff,
-        0x00000fff, 0x00001fff, 0x00003fff, 0x00007fff, 0x0000ffff,
-        0x0001ffff, 0x0003ffff, 0x0007ffff, 0x000fffff, 0x001fffff,
-        0x003fffff, 0x007fffff, 0x00ffffff, 0x01ffffff, 0x03ffffff,
-        0x07ffffff, 0x0fffffff, 0x1fffffff, 0x3fffffff, 0x7fffffff,
-        0xffffffff};
-
-    /**
-     * Creates a new GF2Polynomial of the given <i>length</i> and value zero.
-     *
-     * @param length the desired number of bits to store
-     */
-    public GF2Polynomial(int length)
-    {
-        int l = length;
-        if (l < 1)
-        {
-            l = 1;
-        }
-        blocks = ((l - 1) >> 5) + 1;
-        value = new int[blocks];
-        len = l;
-    }
-
-    /**
-     * Creates a new GF2Polynomial of the given <i>length</i> and random value.
-     *
-     * @param length the desired number of bits to store
-     * @param rand   SecureRandom to use for randomization
-     */
-    public GF2Polynomial(int length, Random rand)
-    {
-        int l = length;
-        if (l < 1)
-        {
-            l = 1;
-        }
-        blocks = ((l - 1) >> 5) + 1;
-        value = new int[blocks];
-        len = l;
-        randomize(rand);
-    }
-
-    /**
-     * Creates a new GF2Polynomial of the given <i>length</i> and value
-     * selected by <i>value</i>:
-     * <UL>
-     * <LI>ZERO</LI>
-     * <LI>ONE</LI>
-     * <LI>RANDOM</LI>
-     * <LI>X</LI>
-     * <LI>ALL</LI>
-     * </UL>
-     *
-     * @param length the desired number of bits to store
-     * @param value  the value described by a String
-     */
-    public GF2Polynomial(int length, String value)
-    {
-        int l = length;
-        if (l < 1)
-        {
-            l = 1;
-        }
-        blocks = ((l - 1) >> 5) + 1;
-        this.value = new int[blocks];
-        len = l;
-        if (value.equalsIgnoreCase("ZERO"))
-        {
-            assignZero();
-        }
-        else if (value.equalsIgnoreCase("ONE"))
-        {
-            assignOne();
-        }
-        else if (value.equalsIgnoreCase("RANDOM"))
-        {
-            randomize();
-        }
-        else if (value.equalsIgnoreCase("X"))
-        {
-            assignX();
-        }
-        else if (value.equalsIgnoreCase("ALL"))
-        {
-            assignAll();
-        }
-        else
-        {
-            throw new IllegalArgumentException(
-                "Error: GF2Polynomial was called using " + value
-                    + " as value!");
-        }
-
-    }
-
-    /**
-     * Creates a new GF2Polynomial of the given <i>length</i> using the given
-     * int[]. LSB is contained in bs[0].
-     *
-     * @param length the desired number of bits to store
-     * @param bs     contains the desired value, LSB in bs[0]
-     */
-    public GF2Polynomial(int length, int[] bs)
-    {
-        int leng = length;
-        if (leng < 1)
-        {
-            leng = 1;
-        }
-        blocks = ((leng - 1) >> 5) + 1;
-        value = new int[blocks];
-        len = leng;
-        int l = Math.min(blocks, bs.length);
-        System.arraycopy(bs, 0, value, 0, l);
-        zeroUnusedBits();
-    }
-
-    /**
-     * Creates a new GF2Polynomial by converting the given byte[] <i>os</i>
-     * according to 1363 and using the given <i>length</i>.
-     *
-     * @param length the intended length of this polynomial
-     * @param os     the octet string to assign to this polynomial
-     * @see "P1363 5.5.2 p22f, OS2BSP"
-     */
-    public GF2Polynomial(int length, byte[] os)
-    {
-        int l = length;
-        if (l < 1)
-        {
-            l = 1;
-        }
-        blocks = ((l - 1) >> 5) + 1;
-        value = new int[blocks];
-        len = l;
-        int i, m;
-        int k = Math.min(((os.length - 1) >> 2) + 1, blocks);
-        for (i = 0; i < k - 1; i++)
-        {
-            m = os.length - (i << 2) - 1;
-            value[i] = (os[m]) & 0x000000ff;
-            value[i] |= (os[m - 1] << 8) & 0x0000ff00;
-            value[i] |= (os[m - 2] << 16) & 0x00ff0000;
-            value[i] |= (os[m - 3] << 24) & 0xff000000;
-        }
-        i = k - 1;
-        m = os.length - (i << 2) - 1;
-        value[i] = os[m] & 0x000000ff;
-        if (m > 0)
-        {
-            value[i] |= (os[m - 1] << 8) & 0x0000ff00;
-        }
-        if (m > 1)
-        {
-            value[i] |= (os[m - 2] << 16) & 0x00ff0000;
-        }
-        if (m > 2)
-        {
-            value[i] |= (os[m - 3] << 24) & 0xff000000;
-        }
-        zeroUnusedBits();
-        reduceN();
-    }
-
-    /**
-     * Creates a new GF2Polynomial by converting the given FlexiBigInt <i>bi</i>
-     * according to 1363 and using the given <i>length</i>.
-     *
-     * @param length the intended length of this polynomial
-     * @param bi     the FlexiBigInt to assign to this polynomial
-     * @see "P1363 5.5.1 p22, I2BSP"
-     */
-    public GF2Polynomial(int length, BigInteger bi)
-    {
-        int l = length;
-        if (l < 1)
-        {
-            l = 1;
-        }
-        blocks = ((l - 1) >> 5) + 1;
-        value = new int[blocks];
-        len = l;
-        int i;
-        byte[] val = bi.toByteArray();
-        if (val[0] == 0)
-        {
-            byte[] dummy = new byte[val.length - 1];
-            System.arraycopy(val, 1, dummy, 0, dummy.length);
-            val = dummy;
-        }
-        int ov = val.length & 0x03;
-        int k = ((val.length - 1) >> 2) + 1;
-        for (i = 0; i < ov; i++)
-        {
-            value[k - 1] |= (val[i] & 0x000000ff) << ((ov - 1 - i) << 3);
-        }
-        int m = 0;
-        for (i = 0; i <= (val.length - 4) >> 2; i++)
-        {
-            m = val.length - 1 - (i << 2);
-            value[i] = (val[m]) & 0x000000ff;
-            value[i] |= ((val[m - 1]) << 8) & 0x0000ff00;
-            value[i] |= ((val[m - 2]) << 16) & 0x00ff0000;
-            value[i] |= ((val[m - 3]) << 24) & 0xff000000;
-        }
-        if ((len & 0x1f) != 0)
-        {
-            value[blocks - 1] &= reverseRightMask[len & 0x1f];
-        }
-        reduceN();
-    }
-
-    /**
-     * Creates a new GF2Polynomial by cloneing the given GF2Polynomial <i>b</i>.
-     *
-     * @param b the GF2Polynomial to clone
-     */
-    public GF2Polynomial(GF2Polynomial b)
-    {
-        len = b.len;
-        blocks = b.blocks;
-        value = IntUtils.clone(b.value);
-    }
-
-    /**
-     * @return a copy of this GF2Polynomial
-     */
-    public Object clone()
-    {
-        return new GF2Polynomial(this);
-    }
-
-    /**
-     * Returns the length of this GF2Polynomial. The length can be greater than
-     * the degree. To get the degree call reduceN() before calling getLength().
-     *
-     * @return the length of this GF2Polynomial
-     */
-    public int getLength()
-    {
-        return len;
-    }
-
-    /**
-     * Returns the value of this GF2Polynomial in an int[].
-     *
-     * @return the value of this GF2Polynomial in a new int[], LSB in int[0]
-     */
-    public int[] toIntegerArray()
-    {
-        int[] result;
-        result = new int[blocks];
-        System.arraycopy(value, 0, result, 0, blocks);
-        return result;
-    }
-
-    /**
-     * Returns a string representing this GF2Polynomials value using hexadecimal
-     * or binary radix in MSB-first order.
-     *
-     * @param radix the radix to use (2 or 16, otherwise 2 is used)
-     * @return a String representing this GF2Polynomials value.
-     */
-    public String toString(int radix)
-    {
-        final char[] HEX_CHARS = {'0', '1', '2', '3', '4', '5', '6', '7', '8',
-            '9', 'a', 'b', 'c', 'd', 'e', 'f'};
-        final String[] BIN_CHARS = {"0000", "0001", "0010", "0011", "0100",
-            "0101", "0110", "0111", "1000", "1001", "1010", "1011", "1100",
-            "1101", "1110", "1111"};
-        String res;
-        int i;
-        res = new String();
-        if (radix == 16)
-        {
-            for (i = blocks - 1; i >= 0; i--)
-            {
-                res += HEX_CHARS[(value[i] >>> 28) & 0x0f];
-                res += HEX_CHARS[(value[i] >>> 24) & 0x0f];
-                res += HEX_CHARS[(value[i] >>> 20) & 0x0f];
-                res += HEX_CHARS[(value[i] >>> 16) & 0x0f];
-                res += HEX_CHARS[(value[i] >>> 12) & 0x0f];
-                res += HEX_CHARS[(value[i] >>> 8) & 0x0f];
-                res += HEX_CHARS[(value[i] >>> 4) & 0x0f];
-                res += HEX_CHARS[(value[i]) & 0x0f];
-                res += " ";
-            }
-        }
-        else
-        {
-            for (i = blocks - 1; i >= 0; i--)
-            {
-                res += BIN_CHARS[(value[i] >>> 28) & 0x0f];
-                res += BIN_CHARS[(value[i] >>> 24) & 0x0f];
-                res += BIN_CHARS[(value[i] >>> 20) & 0x0f];
-                res += BIN_CHARS[(value[i] >>> 16) & 0x0f];
-                res += BIN_CHARS[(value[i] >>> 12) & 0x0f];
-                res += BIN_CHARS[(value[i] >>> 8) & 0x0f];
-                res += BIN_CHARS[(value[i] >>> 4) & 0x0f];
-                res += BIN_CHARS[(value[i]) & 0x0f];
-                res += " ";
-            }
-        }
-        return res;
-    }
-
-    /**
-     * Converts this polynomial to a byte[] (octet string) according to 1363.
-     *
-     * @return a byte[] representing the value of this polynomial
-     * @see "P1363 5.5.2 p22f, BS2OSP"
-     */
-    public byte[] toByteArray()
-    {
-        int k = ((len - 1) >> 3) + 1;
-        int ov = k & 0x03;
-        int m;
-        byte[] res = new byte[k];
-        int i;
-        for (i = 0; i < (k >> 2); i++)
-        {
-            m = k - (i << 2) - 1;
-            res[m] = (byte)((value[i] & 0x000000ff));
-            res[m - 1] = (byte)((value[i] & 0x0000ff00) >>> 8);
-            res[m - 2] = (byte)((value[i] & 0x00ff0000) >>> 16);
-            res[m - 3] = (byte)((value[i] & 0xff000000) >>> 24);
-        }
-        for (i = 0; i < ov; i++)
-        {
-            m = (ov - i - 1) << 3;
-            res[i] = (byte)((value[blocks - 1] & (0x000000ff << m)) >>> m);
-        }
-        return res;
-    }
-
-    /**
-     * Converts this polynomial to an integer according to 1363.
-     *
-     * @return a FlexiBigInt representing the value of this polynomial
-     * @see "P1363 5.5.1 p22, BS2IP"
-     */
-    public BigInteger toFlexiBigInt()
-    {
-        if (len == 0 || isZero())
-        {
-            return new BigInteger(0, new byte[0]);
-        }
-        return new BigInteger(1, toByteArray());
-    }
-
-    /**
-     * Sets the LSB to 1 and all other to 0, assigning 'one' to this
-     * GF2Polynomial.
-     */
-    public void assignOne()
-    {
-        int i;
-        for (i = 1; i < blocks; i++)
-        {
-            value[i] = 0x00;
-        }
-        value[0] = 0x01;
-    }
-
-    /**
-     * Sets Bit 1 to 1 and all other to 0, assigning 'x' to this GF2Polynomial.
-     */
-    public void assignX()
-    {
-        int i;
-        for (i = 1; i < blocks; i++)
-        {
-            value[i] = 0x00;
-        }
-        value[0] = 0x02;
-    }
-
-    /**
-     * Sets all Bits to 1.
-     */
-    public void assignAll()
-    {
-        int i;
-        for (i = 0; i < blocks; i++)
-        {
-            value[i] = 0xffffffff;
-        }
-        zeroUnusedBits();
-    }
-
-    /**
-     * Resets all bits to zero.
-     */
-    public void assignZero()
-    {
-        int i;
-        for (i = 0; i < blocks; i++)
-        {
-            value[i] = 0x00;
-        }
-    }
-
-    /**
-     * Fills all len bits of this GF2Polynomial with random values.
-     */
-    public void randomize()
-    {
-        int i;
-        for (i = 0; i < blocks; i++)
-        {
-            value[i] = rand.nextInt();
-        }
-        zeroUnusedBits();
-    }
-
-    /**
-     * Fills all len bits of this GF2Polynomial with random values using the
-     * specified source of randomness.
-     *
-     * @param rand the source of randomness
-     */
-    public void randomize(Random rand)
-    {
-        int i;
-        for (i = 0; i < blocks; i++)
-        {
-            value[i] = rand.nextInt();
-        }
-        zeroUnusedBits();
-    }
-
-    /**
-     * Returns true if two GF2Polynomials have the same size and value and thus
-     * are equal.
-     *
-     * @param other the other GF2Polynomial
-     * @return true if this GF2Polynomial equals <i>b</i> (<i>this</i> ==
-     *         <i>b</i>)
-     */
-    public boolean equals(Object other)
-    {
-        if (other == null || !(other instanceof GF2Polynomial))
-        {
-            return false;
-        }
-
-        GF2Polynomial otherPol = (GF2Polynomial)other;
-
-        if (len != otherPol.len)
-        {
-            return false;
-        }
-        for (int i = 0; i < blocks; i++)
-        {
-            if (value[i] != otherPol.value[i])
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    /**
-     * @return the hash code of this polynomial
-     */
-    public int hashCode()
-    {
-        return len + Arrays.hashCode(value);
-    }
-
-    /**
-     * Tests if all bits equal zero.
-     *
-     * @return true if this GF2Polynomial equals 'zero' (<i>this</i> == 0)
-     */
-    public boolean isZero()
-    {
-        int i;
-        if (len == 0)
-        {
-            return true;
-        }
-        for (i = 0; i < blocks; i++)
-        {
-            if (value[i] != 0)
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    /**
-     * Tests if all bits are reset to 0 and LSB is set to 1.
-     *
-     * @return true if this GF2Polynomial equals 'one' (<i>this</i> == 1)
-     */
-    public boolean isOne()
-    {
-        int i;
-        for (i = 1; i < blocks; i++)
-        {
-            if (value[i] != 0)
-            {
-                return false;
-            }
-        }
-        if (value[0] != 0x01)
-        {
-            return false;
-        }
-        return true;
-    }
-
-    /**
-     * Adds <i>b</i> to this GF2Polynomial and assigns the result to this
-     * GF2Polynomial. <i>b</i> can be of different size.
-     *
-     * @param b GF2Polynomial to add to this GF2Polynomial
-     */
-    public void addToThis(GF2Polynomial b)
-    {
-        expandN(b.len);
-        xorThisBy(b);
-    }
-
-    /**
-     * Adds two GF2Polynomials, <i>this</i> and <i>b</i>, and returns the
-     * result. <i>this</i> and <i>b</i> can be of different size.
-     *
-     * @param b a GF2Polynomial
-     * @return a new GF2Polynomial (<i>this</i> + <i>b</i>)
-     */
-    public GF2Polynomial add(GF2Polynomial b)
-    {
-        return xor(b);
-    }
-
-    /**
-     * Subtracts <i>b</i> from this GF2Polynomial and assigns the result to
-     * this GF2Polynomial. <i>b</i> can be of different size.
-     *
-     * @param b a GF2Polynomial
-     */
-    public void subtractFromThis(GF2Polynomial b)
-    {
-        expandN(b.len);
-        xorThisBy(b);
-    }
-
-    /**
-     * Subtracts two GF2Polynomials, <i>this</i> and <i>b</i>, and returns the
-     * result in a new GF2Polynomial. <i>this</i> and <i>b</i> can be of
-     * different size.
-     *
-     * @param b a GF2Polynomial
-     * @return a new GF2Polynomial (<i>this</i> - <i>b</i>)
-     */
-    public GF2Polynomial subtract(GF2Polynomial b)
-    {
-        return xor(b);
-    }
-
-    /**
-     * Toggles the LSB of this GF2Polynomial, increasing its value by 'one'.
-     */
-    public void increaseThis()
-    {
-        xorBit(0);
-    }
-
-    /**
-     * Toggles the LSB of this GF2Polynomial, increasing the value by 'one' and
-     * returns the result in a new GF2Polynomial.
-     *
-     * @return <tt>this + 1</tt>
-     */
-    public GF2Polynomial increase()
-    {
-        GF2Polynomial result = new GF2Polynomial(this);
-        result.increaseThis();
-        return result;
-    }
-
-    /**
-     * Multiplies this GF2Polynomial with <i>b</i> and returns the result in a
-     * new GF2Polynomial. This method does not reduce the result in GF(2^N).
-     * This method uses classic multiplication (schoolbook).
-     *
-     * @param b a GF2Polynomial
-     * @return a new GF2Polynomial (<i>this</i> * <i>b</i>)
-     */
-    public GF2Polynomial multiplyClassic(GF2Polynomial b)
-    {
-        GF2Polynomial result = new GF2Polynomial(Math.max(len, b.len) << 1);
-        GF2Polynomial[] m = new GF2Polynomial[32];
-        int i, j;
-        m[0] = new GF2Polynomial(this);
-        for (i = 1; i <= 31; i++)
-        {
-            m[i] = m[i - 1].shiftLeft();
-        }
-        for (i = 0; i < b.blocks; i++)
-        {
-            for (j = 0; j <= 31; j++)
-            {
-                if ((b.value[i] & bitMask[j]) != 0)
-                {
-                    result.xorThisBy(m[j]);
-                }
-            }
-            for (j = 0; j <= 31; j++)
-            {
-                m[j].shiftBlocksLeft();
-            }
-        }
-        return result;
-    }
-
-    /**
-     * Multiplies this GF2Polynomial with <i>b</i> and returns the result in a
-     * new GF2Polynomial. This method does not reduce the result in GF(2^N).
-     * This method uses Karatzuba multiplication.
-     *
-     * @param b a GF2Polynomial
-     * @return a new GF2Polynomial (<i>this</i> * <i>b</i>)
-     */
-    public GF2Polynomial multiply(GF2Polynomial b)
-    {
-        int n = Math.max(len, b.len);
-        expandN(n);
-        b.expandN(n);
-        return karaMult(b);
-    }
-
-    /**
-     * Does the recursion for Karatzuba multiplication.
-     */
-    private GF2Polynomial karaMult(GF2Polynomial b)
-    {
-        GF2Polynomial result = new GF2Polynomial(len << 1);
-        if (len <= 32)
-        {
-            result.value = mult32(value[0], b.value[0]);
-            return result;
-        }
-        if (len <= 64)
-        {
-            result.value = mult64(value, b.value);
-            return result;
-        }
-        if (len <= 128)
-        {
-            result.value = mult128(value, b.value);
-            return result;
-        }
-        if (len <= 256)
-        {
-            result.value = mult256(value, b.value);
-            return result;
-        }
-        if (len <= 512)
-        {
-            result.value = mult512(value, b.value);
-            return result;
-        }
-
-        int n = IntegerFunctions.floorLog(len - 1);
-        n = bitMask[n];
-
-        GF2Polynomial a0 = lower(((n - 1) >> 5) + 1);
-        GF2Polynomial a1 = upper(((n - 1) >> 5) + 1);
-        GF2Polynomial b0 = b.lower(((n - 1) >> 5) + 1);
-        GF2Polynomial b1 = b.upper(((n - 1) >> 5) + 1);
-
-        GF2Polynomial c = a1.karaMult(b1); // c = a1*b1
-        GF2Polynomial e = a0.karaMult(b0); // e = a0*b0
-        a0.addToThis(a1); // a0 = a0 + a1
-        b0.addToThis(b1); // b0 = b0 + b1
-        GF2Polynomial d = a0.karaMult(b0); // d = (a0+a1)*(b0+b1)
-
-        result.shiftLeftAddThis(c, n << 1);
-        result.shiftLeftAddThis(c, n);
-        result.shiftLeftAddThis(d, n);
-        result.shiftLeftAddThis(e, n);
-        result.addToThis(e);
-        return result;
-    }
-
-    /**
-     * 16-Integer Version of Karatzuba multiplication.
-     */
-    private static int[] mult512(int[] a, int[] b)
-    {
-        int[] result = new int[32];
-        int[] a0 = new int[8];
-        System.arraycopy(a, 0, a0, 0, Math.min(8, a.length));
-        int[] a1 = new int[8];
-        if (a.length > 8)
-        {
-            System.arraycopy(a, 8, a1, 0, Math.min(8, a.length - 8));
-        }
-        int[] b0 = new int[8];
-        System.arraycopy(b, 0, b0, 0, Math.min(8, b.length));
-        int[] b1 = new int[8];
-        if (b.length > 8)
-        {
-            System.arraycopy(b, 8, b1, 0, Math.min(8, b.length - 8));
-        }
-        int[] c = mult256(a1, b1);
-        result[31] ^= c[15];
-        result[30] ^= c[14];
-        result[29] ^= c[13];
-        result[28] ^= c[12];
-        result[27] ^= c[11];
-        result[26] ^= c[10];
-        result[25] ^= c[9];
-        result[24] ^= c[8];
-        result[23] ^= c[7] ^ c[15];
-        result[22] ^= c[6] ^ c[14];
-        result[21] ^= c[5] ^ c[13];
-        result[20] ^= c[4] ^ c[12];
-        result[19] ^= c[3] ^ c[11];
-        result[18] ^= c[2] ^ c[10];
-        result[17] ^= c[1] ^ c[9];
-        result[16] ^= c[0] ^ c[8];
-        result[15] ^= c[7];
-        result[14] ^= c[6];
-        result[13] ^= c[5];
-        result[12] ^= c[4];
-        result[11] ^= c[3];
-        result[10] ^= c[2];
-        result[9] ^= c[1];
-        result[8] ^= c[0];
-        a1[0] ^= a0[0];
-        a1[1] ^= a0[1];
-        a1[2] ^= a0[2];
-        a1[3] ^= a0[3];
-        a1[4] ^= a0[4];
-        a1[5] ^= a0[5];
-        a1[6] ^= a0[6];
-        a1[7] ^= a0[7];
-        b1[0] ^= b0[0];
-        b1[1] ^= b0[1];
-        b1[2] ^= b0[2];
-        b1[3] ^= b0[3];
-        b1[4] ^= b0[4];
-        b1[5] ^= b0[5];
-        b1[6] ^= b0[6];
-        b1[7] ^= b0[7];
-        int[] d = mult256(a1, b1);
-        result[23] ^= d[15];
-        result[22] ^= d[14];
-        result[21] ^= d[13];
-        result[20] ^= d[12];
-        result[19] ^= d[11];
-        result[18] ^= d[10];
-        result[17] ^= d[9];
-        result[16] ^= d[8];
-        result[15] ^= d[7];
-        result[14] ^= d[6];
-        result[13] ^= d[5];
-        result[12] ^= d[4];
-        result[11] ^= d[3];
-        result[10] ^= d[2];
-        result[9] ^= d[1];
-        result[8] ^= d[0];
-        int[] e = mult256(a0, b0);
-        result[23] ^= e[15];
-        result[22] ^= e[14];
-        result[21] ^= e[13];
-        result[20] ^= e[12];
-        result[19] ^= e[11];
-        result[18] ^= e[10];
-        result[17] ^= e[9];
-        result[16] ^= e[8];
-        result[15] ^= e[7] ^ e[15];
-        result[14] ^= e[6] ^ e[14];
-        result[13] ^= e[5] ^ e[13];
-        result[12] ^= e[4] ^ e[12];
-        result[11] ^= e[3] ^ e[11];
-        result[10] ^= e[2] ^ e[10];
-        result[9] ^= e[1] ^ e[9];
-        result[8] ^= e[0] ^ e[8];
-        result[7] ^= e[7];
-        result[6] ^= e[6];
-        result[5] ^= e[5];
-        result[4] ^= e[4];
-        result[3] ^= e[3];
-        result[2] ^= e[2];
-        result[1] ^= e[1];
-        result[0] ^= e[0];
-        return result;
-    }
-
-    /**
-     * 8-Integer Version of Karatzuba multiplication.
-     */
-    private static int[] mult256(int[] a, int[] b)
-    {
-        int[] result = new int[16];
-        int[] a0 = new int[4];
-        System.arraycopy(a, 0, a0, 0, Math.min(4, a.length));
-        int[] a1 = new int[4];
-        if (a.length > 4)
-        {
-            System.arraycopy(a, 4, a1, 0, Math.min(4, a.length - 4));
-        }
-        int[] b0 = new int[4];
-        System.arraycopy(b, 0, b0, 0, Math.min(4, b.length));
-        int[] b1 = new int[4];
-        if (b.length > 4)
-        {
-            System.arraycopy(b, 4, b1, 0, Math.min(4, b.length - 4));
-        }
-        if (a1[3] == 0 && a1[2] == 0 && b1[3] == 0 && b1[2] == 0)
-        {
-            if (a1[1] == 0 && b1[1] == 0)
-            {
-                if (a1[0] != 0 || b1[0] != 0)
-                { // [3]=[2]=[1]=0, [0]!=0
-                    int[] c = mult32(a1[0], b1[0]);
-                    result[9] ^= c[1];
-                    result[8] ^= c[0];
-                    result[5] ^= c[1];
-                    result[4] ^= c[0];
-                }
-            }
-            else
-            { // [3]=[2]=0 [1]!=0, [0]!=0
-                int[] c = mult64(a1, b1);
-                result[11] ^= c[3];
-                result[10] ^= c[2];
-                result[9] ^= c[1];
-                result[8] ^= c[0];
-                result[7] ^= c[3];
-                result[6] ^= c[2];
-                result[5] ^= c[1];
-                result[4] ^= c[0];
-            }
-        }
-        else
-        { // [3]!=0 [2]!=0 [1]!=0, [0]!=0
-            int[] c = mult128(a1, b1);
-            result[15] ^= c[7];
-            result[14] ^= c[6];
-            result[13] ^= c[5];
-            result[12] ^= c[4];
-            result[11] ^= c[3] ^ c[7];
-            result[10] ^= c[2] ^ c[6];
-            result[9] ^= c[1] ^ c[5];
-            result[8] ^= c[0] ^ c[4];
-            result[7] ^= c[3];
-            result[6] ^= c[2];
-            result[5] ^= c[1];
-            result[4] ^= c[0];
-        }
-        a1[0] ^= a0[0];
-        a1[1] ^= a0[1];
-        a1[2] ^= a0[2];
-        a1[3] ^= a0[3];
-        b1[0] ^= b0[0];
-        b1[1] ^= b0[1];
-        b1[2] ^= b0[2];
-        b1[3] ^= b0[3];
-        int[] d = mult128(a1, b1);
-        result[11] ^= d[7];
-        result[10] ^= d[6];
-        result[9] ^= d[5];
-        result[8] ^= d[4];
-        result[7] ^= d[3];
-        result[6] ^= d[2];
-        result[5] ^= d[1];
-        result[4] ^= d[0];
-        int[] e = mult128(a0, b0);
-        result[11] ^= e[7];
-        result[10] ^= e[6];
-        result[9] ^= e[5];
-        result[8] ^= e[4];
-        result[7] ^= e[3] ^ e[7];
-        result[6] ^= e[2] ^ e[6];
-        result[5] ^= e[1] ^ e[5];
-        result[4] ^= e[0] ^ e[4];
-        result[3] ^= e[3];
-        result[2] ^= e[2];
-        result[1] ^= e[1];
-        result[0] ^= e[0];
-        return result;
-    }
-
-    /**
-     * 4-Integer Version of Karatzuba multiplication.
-     */
-    private static int[] mult128(int[] a, int[] b)
-    {
-        int[] result = new int[8];
-        int[] a0 = new int[2];
-        System.arraycopy(a, 0, a0, 0, Math.min(2, a.length));
-        int[] a1 = new int[2];
-        if (a.length > 2)
-        {
-            System.arraycopy(a, 2, a1, 0, Math.min(2, a.length - 2));
-        }
-        int[] b0 = new int[2];
-        System.arraycopy(b, 0, b0, 0, Math.min(2, b.length));
-        int[] b1 = new int[2];
-        if (b.length > 2)
-        {
-            System.arraycopy(b, 2, b1, 0, Math.min(2, b.length - 2));
-        }
-        if (a1[1] == 0 && b1[1] == 0)
-        {
-            if (a1[0] != 0 || b1[0] != 0)
-            {
-                int[] c = mult32(a1[0], b1[0]);
-                result[5] ^= c[1];
-                result[4] ^= c[0];
-                result[3] ^= c[1];
-                result[2] ^= c[0];
-            }
-        }
-        else
-        {
-            int[] c = mult64(a1, b1);
-            result[7] ^= c[3];
-            result[6] ^= c[2];
-            result[5] ^= c[1] ^ c[3];
-            result[4] ^= c[0] ^ c[2];
-            result[3] ^= c[1];
-            result[2] ^= c[0];
-        }
-        a1[0] ^= a0[0];
-        a1[1] ^= a0[1];
-        b1[0] ^= b0[0];
-        b1[1] ^= b0[1];
-        if (a1[1] == 0 && b1[1] == 0)
-        {
-            int[] d = mult32(a1[0], b1[0]);
-            result[3] ^= d[1];
-            result[2] ^= d[0];
-        }
-        else
-        {
-            int[] d = mult64(a1, b1);
-            result[5] ^= d[3];
-            result[4] ^= d[2];
-            result[3] ^= d[1];
-            result[2] ^= d[0];
-        }
-        if (a0[1] == 0 && b0[1] == 0)
-        {
-            int[] e = mult32(a0[0], b0[0]);
-            result[3] ^= e[1];
-            result[2] ^= e[0];
-            result[1] ^= e[1];
-            result[0] ^= e[0];
-        }
-        else
-        {
-            int[] e = mult64(a0, b0);
-            result[5] ^= e[3];
-            result[4] ^= e[2];
-            result[3] ^= e[1] ^ e[3];
-            result[2] ^= e[0] ^ e[2];
-            result[1] ^= e[1];
-            result[0] ^= e[0];
-        }
-        return result;
-    }
-
-    /**
-     * 2-Integer Version of Karatzuba multiplication.
-     */
-    private static int[] mult64(int[] a, int[] b)
-    {
-        int[] result = new int[4];
-        int a0 = a[0];
-        int a1 = 0;
-        if (a.length > 1)
-        {
-            a1 = a[1];
-        }
-        int b0 = b[0];
-        int b1 = 0;
-        if (b.length > 1)
-        {
-            b1 = b[1];
-        }
-        if (a1 != 0 || b1 != 0)
-        {
-            int[] c = mult32(a1, b1);
-            result[3] ^= c[1];
-            result[2] ^= c[0] ^ c[1];
-            result[1] ^= c[0];
-        }
-        int[] d = mult32(a0 ^ a1, b0 ^ b1);
-        result[2] ^= d[1];
-        result[1] ^= d[0];
-        int[] e = mult32(a0, b0);
-        result[2] ^= e[1];
-        result[1] ^= e[0] ^ e[1];
-        result[0] ^= e[0];
-        return result;
-    }
-
-    /**
-     * 4-Byte Version of Karatzuba multiplication. Here the actual work is done.
-     */
-    private static int[] mult32(int a, int b)
-    {
-        int[] result = new int[2];
-        if (a == 0 || b == 0)
-        {
-            return result;
-        }
-        long b2 = b;
-        b2 &= 0x00000000ffffffffL;
-        int i;
-        long h = 0;
-        for (i = 1; i <= 32; i++)
-        {
-            if ((a & bitMask[i - 1]) != 0)
-            {
-                h ^= b2;
-            }
-            b2 <<= 1;
-        }
-        result[1] = (int)(h >>> 32);
-        result[0] = (int)(h & 0x00000000ffffffffL);
-        return result;
-    }
-
-    /**
-     * Returns a new GF2Polynomial containing the upper <i>k</i> bytes of this
-     * GF2Polynomial.
-     *
-     * @param k
-     * @return a new GF2Polynomial containing the upper <i>k</i> bytes of this
-     *         GF2Polynomial
-     * @see GF2Polynomial#karaMult
-     */
-    private GF2Polynomial upper(int k)
-    {
-        int j = Math.min(k, blocks - k);
-        GF2Polynomial result = new GF2Polynomial(j << 5);
-        if (blocks >= k)
-        {
-            System.arraycopy(value, k, result.value, 0, j);
-        }
-        return result;
-    }
-
-    /**
-     * Returns a new GF2Polynomial containing the lower <i>k</i> bytes of this
-     * GF2Polynomial.
-     *
-     * @param k
-     * @return a new GF2Polynomial containing the lower <i>k</i> bytes of this
-     *         GF2Polynomial
-     * @see GF2Polynomial#karaMult
-     */
-    private GF2Polynomial lower(int k)
-    {
-        GF2Polynomial result = new GF2Polynomial(k << 5);
-        System.arraycopy(value, 0, result.value, 0, Math.min(k, blocks));
-        return result;
-    }
-
-    /**
-     * Returns the remainder of <i>this</i> divided by <i>g</i> in a new
-     * GF2Polynomial.
-     *
-     * @param g GF2Polynomial != 0
-     * @return a new GF2Polynomial (<i>this</i> % <i>g</i>)
-     */
-    public GF2Polynomial remainder(GF2Polynomial g)
-        throws RuntimeException
-    {
-        /* a div b = q / r */
-        GF2Polynomial a = new GF2Polynomial(this);
-        GF2Polynomial b = new GF2Polynomial(g);
-        GF2Polynomial j;
-        int i;
-        if (b.isZero())
-        {
-            throw new RuntimeException();
-        }
-        a.reduceN();
-        b.reduceN();
-        if (a.len < b.len)
-        {
-            return a;
-        }
-        i = a.len - b.len;
-        while (i >= 0)
-        {
-            j = b.shiftLeft(i);
-            a.subtractFromThis(j);
-            a.reduceN();
-            i = a.len - b.len;
-        }
-        return a;
-    }
-
-    /**
-     * Returns the absolute quotient of <i>this</i> divided by <i>g</i> in a
-     * new GF2Polynomial.
-     *
-     * @param g GF2Polynomial != 0
-     * @return a new GF2Polynomial |_ <i>this</i> / <i>g</i> _|
-     */
-    public GF2Polynomial quotient(GF2Polynomial g)
-        throws RuntimeException
-    {
-        /* a div b = q / r */
-        GF2Polynomial q = new GF2Polynomial(len);
-        GF2Polynomial a = new GF2Polynomial(this);
-        GF2Polynomial b = new GF2Polynomial(g);
-        GF2Polynomial j;
-        int i;
-        if (b.isZero())
-        {
-            throw new RuntimeException();
-        }
-        a.reduceN();
-        b.reduceN();
-        if (a.len < b.len)
-        {
-            return new GF2Polynomial(0);
-        }
-        i = a.len - b.len;
-        q.expandN(i + 1);
-
-        while (i >= 0)
-        {
-            j = b.shiftLeft(i);
-            a.subtractFromThis(j);
-            a.reduceN();
-            q.xorBit(i);
-            i = a.len - b.len;
-        }
-
-        return q;
-    }
-
-    /**
-     * Divides <i>this</i> by <i>g</i> and returns the quotient and remainder
-     * in a new GF2Polynomial[2], quotient in [0], remainder in [1].
-     *
-     * @param g GF2Polynomial != 0
-     * @return a new GF2Polynomial[2] containing quotient and remainder
-     */
-    public GF2Polynomial[] divide(GF2Polynomial g)
-        throws RuntimeException
-    {
-        /* a div b = q / r */
-        GF2Polynomial[] result = new GF2Polynomial[2];
-        GF2Polynomial q = new GF2Polynomial(len);
-        GF2Polynomial a = new GF2Polynomial(this);
-        GF2Polynomial b = new GF2Polynomial(g);
-        GF2Polynomial j;
-        int i;
-        if (b.isZero())
-        {
-            throw new RuntimeException();
-        }
-        a.reduceN();
-        b.reduceN();
-        if (a.len < b.len)
-        {
-            result[0] = new GF2Polynomial(0);
-            result[1] = a;
-            return result;
-        }
-        i = a.len - b.len;
-        q.expandN(i + 1);
-
-        while (i >= 0)
-        {
-            j = b.shiftLeft(i);
-            a.subtractFromThis(j);
-            a.reduceN();
-            q.xorBit(i);
-            i = a.len - b.len;
-        }
-
-        result[0] = q;
-        result[1] = a;
-        return result;
-    }
-
-    /**
-     * Returns the greatest common divisor of <i>this</i> and <i>g</i> in a
-     * new GF2Polynomial.
-     *
-     * @param g GF2Polynomial != 0
-     * @return a new GF2Polynomial gcd(<i>this</i>,<i>g</i>)
-     * @throws ArithmeticException if <i>this</i> and <i>g</i> both are equal to zero
-     */
-    public GF2Polynomial gcd(GF2Polynomial g)
-        throws RuntimeException
-    {
-        if (isZero() && g.isZero())
-        {
-            throw new ArithmeticException("Both operands of gcd equal zero.");
-        }
-        if (isZero())
-        {
-            return new GF2Polynomial(g);
-        }
-        if (g.isZero())
-        {
-            return new GF2Polynomial(this);
-        }
-        GF2Polynomial a = new GF2Polynomial(this);
-        GF2Polynomial b = new GF2Polynomial(g);
-        GF2Polynomial c;
-
-        while (!b.isZero())
-        {
-            c = a.remainder(b);
-            a = b;
-            b = c;
-        }
-
-        return a;
-    }
-
-    /**
-     * Checks if <i>this</i> is irreducible, according to IEEE P1363, A.5.5,
-     * p103.<br>
-     * Note: The algorithm from IEEE P1363, A5.5 can be used to check a
-     * polynomial with coefficients in GF(2^r) for irreducibility. As this class
-     * only represents polynomials with coefficients in GF(2), the algorithm is
-     * adapted to the case r=1.
-     *
-     * @return true if <i>this</i> is irreducible
-     * @see "P1363, A.5.5, p103"
-     */
-    public boolean isIrreducible()
-    {
-        if (isZero())
-        {
-            return false;
-        }
-        GF2Polynomial f = new GF2Polynomial(this);
-        int d, i;
-        GF2Polynomial u, g;
-        GF2Polynomial dummy;
-        f.reduceN();
-        d = f.len - 1;
-        u = new GF2Polynomial(f.len, "X");
-
-        for (i = 1; i <= (d >> 1); i++)
-        {
-            u.squareThisPreCalc();
-            u = u.remainder(f);
-            dummy = u.add(new GF2Polynomial(32, "X"));
-            if (!dummy.isZero())
-            {
-                g = f.gcd(dummy);
-                if (!g.isOne())
-                {
-                    return false;
-                }
-            }
-            else
-            {
-                return false;
-            }
-        }
-
-        return true;
-    }
-
-    /**
-     * Reduces this GF2Polynomial using the trinomial x^<i>m</i> + x^<i>tc</i> +
-     * 1.
-     *
-     * @param m  the degree of the used field
-     * @param tc degree of the middle x in the trinomial
-     */
-    void reduceTrinomial(int m, int tc)
-    {
-        int i;
-        int p0, p1;
-        int q0, q1;
-        long t;
-        p0 = m >>> 5; // block which contains 2^m
-        q0 = 32 - (m & 0x1f); // (32-index) of 2^m within block p0
-        p1 = (m - tc) >>> 5; // block which contains 2^tc
-        q1 = 32 - ((m - tc) & 0x1f); // (32-index) of 2^tc within block q1
-        int max = ((m << 1) - 2) >>> 5; // block which contains 2^(2m-2)
-        int min = p0; // block which contains 2^m
-        for (i = max; i > min; i--)
-        { // for i = maxBlock to minBlock
-            // reduce coefficients contained in t
-            // t = block[i]
-            t = value[i] & 0x00000000ffffffffL;
-            // block[i-p0-1] ^= t << q0
-            value[i - p0 - 1] ^= (int)(t << q0);
-            // block[i-p0] ^= t >>> (32-q0)
-            value[i - p0] ^= t >>> (32 - q0);
-            // block[i-p1-1] ^= << q1
-            value[i - p1 - 1] ^= (int)(t << q1);
-            // block[i-p1] ^= t >>> (32-q1)
-            value[i - p1] ^= t >>> (32 - q1);
-            value[i] = 0x00;
-        }
-        // reduce last coefficients in block containing 2^m
-        t = value[min] & 0x00000000ffffffffL & (0xffffffffL << (m & 0x1f)); // t
-        // contains the last coefficients > m
-        value[0] ^= t >>> (32 - q0);
-        if (min - p1 - 1 >= 0)
-        {
-            value[min - p1 - 1] ^= (int)(t << q1);
-        }
-        value[min - p1] ^= t >>> (32 - q1);
-
-        value[min] &= reverseRightMask[m & 0x1f];
-        blocks = ((m - 1) >>> 5) + 1;
-        len = m;
-    }
-
-    /**
-     * Reduces this GF2Polynomial using the pentanomial x^<i>m</i> + x^<i>pc[2]</i> +
-     * x^<i>pc[1]</i> + x^<i>pc[0]</i> + 1.
-     *
-     * @param m  the degree of the used field
-     * @param pc degrees of the middle x's in the pentanomial
-     */
-    void reducePentanomial(int m, int[] pc)
-    {
-        int i;
-        int p0, p1, p2, p3;
-        int q0, q1, q2, q3;
-        long t;
-        p0 = m >>> 5;
-        q0 = 32 - (m & 0x1f);
-        p1 = (m - pc[0]) >>> 5;
-        q1 = 32 - ((m - pc[0]) & 0x1f);
-        p2 = (m - pc[1]) >>> 5;
-        q2 = 32 - ((m - pc[1]) & 0x1f);
-        p3 = (m - pc[2]) >>> 5;
-        q3 = 32 - ((m - pc[2]) & 0x1f);
-        int max = ((m << 1) - 2) >>> 5;
-        int min = p0;
-        for (i = max; i > min; i--)
-        {
-            t = value[i] & 0x00000000ffffffffL;
-            value[i - p0 - 1] ^= (int)(t << q0);
-            value[i - p0] ^= t >>> (32 - q0);
-            value[i - p1 - 1] ^= (int)(t << q1);
-            value[i - p1] ^= t >>> (32 - q1);
-            value[i - p2 - 1] ^= (int)(t << q2);
-            value[i - p2] ^= t >>> (32 - q2);
-            value[i - p3 - 1] ^= (int)(t << q3);
-            value[i - p3] ^= t >>> (32 - q3);
-            value[i] = 0;
-        }
-        t = value[min] & 0x00000000ffffffffL & (0xffffffffL << (m & 0x1f));
-        value[0] ^= t >>> (32 - q0);
-        if (min - p1 - 1 >= 0)
-        {
-            value[min - p1 - 1] ^= (int)(t << q1);
-        }
-        value[min - p1] ^= t >>> (32 - q1);
-        if (min - p2 - 1 >= 0)
-        {
-            value[min - p2 - 1] ^= (int)(t << q2);
-        }
-        value[min - p2] ^= t >>> (32 - q2);
-        if (min - p3 - 1 >= 0)
-        {
-            value[min - p3 - 1] ^= (int)(t << q3);
-        }
-        value[min - p3] ^= t >>> (32 - q3);
-        value[min] &= reverseRightMask[m & 0x1f];
-
-        blocks = ((m - 1) >>> 5) + 1;
-        len = m;
-    }
-
-    /**
-     * Reduces len by finding the most significant bit set to one and reducing
-     * len and blocks.
-     */
-    public void reduceN()
-    {
-        int i, j, h;
-        i = blocks - 1;
-        while ((value[i] == 0) && (i > 0))
-        {
-            i--;
-        }
-        h = value[i];
-        j = 0;
-        while (h != 0)
-        {
-            h >>>= 1;
-            j++;
-        }
-        len = (i << 5) + j;
-        blocks = i + 1;
-    }
-
-    /**
-     * Expands len and int[] value to <i>i</i>. This is useful before adding
-     * two GF2Polynomials of different size.
-     *
-     * @param i the intended length
-     */
-    public void expandN(int i)
-    {
-        int k;
-        int[] bs;
-        if (len >= i)
-        {
-            return;
-        }
-        len = i;
-        k = ((i - 1) >>> 5) + 1;
-        if (blocks >= k)
-        {
-            return;
-        }
-        if (value.length >= k)
-        {
-            int j;
-            for (j = blocks; j < k; j++)
-            {
-                value[j] = 0;
-            }
-            blocks = k;
-            return;
-        }
-        bs = new int[k];
-        System.arraycopy(value, 0, bs, 0, blocks);
-        blocks = k;
-        value = null;
-        value = bs;
-    }
-
-    /**
-     * Squares this GF2Polynomial and expands it accordingly. This method does
-     * not reduce the result in GF(2^N). There exists a faster method for
-     * squaring in GF(2^N).
-     *
-     * @see GF2nPolynomialElement#square
-     */
-    public void squareThisBitwise()
-    {
-        int i, h, j, k;
-        if (isZero())
-        {
-            return;
-        }
-        int[] result = new int[blocks << 1];
-        for (i = blocks - 1; i >= 0; i--)
-        {
-            h = value[i];
-            j = 0x00000001;
-            for (k = 0; k < 16; k++)
-            {
-                if ((h & 0x01) != 0)
-                {
-                    result[i << 1] |= j;
-                }
-                if ((h & 0x00010000) != 0)
-                {
-                    result[(i << 1) + 1] |= j;
-                }
-                j <<= 2;
-                h >>>= 1;
-            }
-        }
-        value = null;
-        value = result;
-        blocks = result.length;
-        len = (len << 1) - 1;
-    }
-
-    /**
-     * Squares this GF2Polynomial by using precomputed values of squaringTable.
-     * This method does not reduce the result in GF(2^N).
-     */
-    public void squareThisPreCalc()
-    {
-        int i;
-        if (isZero())
-        {
-            return;
-        }
-        if (value.length >= (blocks << 1))
-        {
-            for (i = blocks - 1; i >= 0; i--)
-            {
-                value[(i << 1) + 1] = GF2Polynomial.squaringTable[(value[i] & 0x00ff0000) >>> 16]
-                    | (GF2Polynomial.squaringTable[(value[i] & 0xff000000) >>> 24] << 16);
-                value[i << 1] = GF2Polynomial.squaringTable[value[i] & 0x000000ff]
-                    | (GF2Polynomial.squaringTable[(value[i] & 0x0000ff00) >>> 8] << 16);
-            }
-            blocks <<= 1;
-            len = (len << 1) - 1;
-        }
-        else
-        {
-            int[] result = new int[blocks << 1];
-            for (i = 0; i < blocks; i++)
-            {
-                result[i << 1] = GF2Polynomial.squaringTable[value[i] & 0x000000ff]
-                    | (GF2Polynomial.squaringTable[(value[i] & 0x0000ff00) >>> 8] << 16);
-                result[(i << 1) + 1] = GF2Polynomial.squaringTable[(value[i] & 0x00ff0000) >>> 16]
-                    | (GF2Polynomial.squaringTable[(value[i] & 0xff000000) >>> 24] << 16);
-            }
-            value = null;
-            value = result;
-            blocks <<= 1;
-            len = (len << 1) - 1;
-        }
-    }
-
-    /**
-     * Does a vector-multiplication modulo 2 and returns the result as boolean.
-     *
-     * @param b GF2Polynomial
-     * @return this x <i>b</i> as boolean (1-&gt;true, 0-&gt;false)
-     */
-    public boolean vectorMult(GF2Polynomial b)
-        throws RuntimeException
-    {
-        int i;
-        int h;
-        boolean result = false;
-        if (len != b.len)
-        {
-            throw new RuntimeException();
-        }
-        for (i = 0; i < blocks; i++)
-        {
-            h = value[i] & b.value[i];
-            result ^= parity[h & 0x000000ff];
-            result ^= parity[(h >>> 8) & 0x000000ff];
-            result ^= parity[(h >>> 16) & 0x000000ff];
-            result ^= parity[(h >>> 24) & 0x000000ff];
-        }
-        return result;
-    }
-
-    /**
-     * Returns the bitwise exclusive-or of <i>this</i> and <i>b</i> in a new
-     * GF2Polynomial. <i>this</i> and <i>b</i> can be of different size.
-     *
-     * @param b GF2Polynomial
-     * @return a new GF2Polynomial (<i>this</i> ^ <i>b</i>)
-     */
-    public GF2Polynomial xor(GF2Polynomial b)
-    {
-        int i;
-        GF2Polynomial result;
-        int k = Math.min(blocks, b.blocks);
-        if (len >= b.len)
-        {
-            result = new GF2Polynomial(this);
-            for (i = 0; i < k; i++)
-            {
-                result.value[i] ^= b.value[i];
-            }
-        }
-        else
-        {
-            result = new GF2Polynomial(b);
-            for (i = 0; i < k; i++)
-            {
-                result.value[i] ^= value[i];
-            }
-        }
-        // If we xor'ed some bits too many by proceeding blockwise,
-        // restore them to zero:
-        result.zeroUnusedBits();
-        return result;
-    }
-
-    /**
-     * Computes the bitwise exclusive-or of this GF2Polynomial and <i>b</i> and
-     * stores the result in this GF2Polynomial. <i>b</i> can be of different
-     * size.
-     *
-     * @param b GF2Polynomial
-     */
-    public void xorThisBy(GF2Polynomial b)
-    {
-        int i;
-        for (i = 0; i < Math.min(blocks, b.blocks); i++)
-        {
-            value[i] ^= b.value[i];
-        }
-        // If we xor'ed some bits too many by proceeding blockwise,
-        // restore them to zero:
-        zeroUnusedBits();
-    }
-
-    /**
-     * If {@link #len} is not a multiple of the block size (32), some extra bits
-     * of the last block might have been modified during a blockwise operation.
-     * This method compensates for that by restoring these "extra" bits to zero.
-     */
-    private void zeroUnusedBits()
-    {
-        if ((len & 0x1f) != 0)
-        {
-            value[blocks - 1] &= reverseRightMask[len & 0x1f];
-        }
-    }
-
-    /**
-     * Sets the bit at position <i>i</i>.
-     *
-     * @param i int
-     * @throws RuntimeException if (<i>i</i> &lt; 0) || (<i>i</i> &gt; (len - 1))
-     */
-    public void setBit(int i)
-        throws RuntimeException
-    {
-        if (i < 0 || i > (len - 1))
-        {
-            throw new RuntimeException();
-        }
-        value[i >>> 5] |= bitMask[i & 0x1f];
-        return;
-    }
-
-    /**
-     * Returns the bit at position <i>i</i>.
-     *
-     * @param i int
-     * @return the bit at position <i>i</i> if <i>i</i> is a valid position, 0
-     *         otherwise.
-     */
-    public int getBit(int i)
-    {
-        if (i < 0)
-        {
-            throw new RuntimeException();
-        }
-        if (i > (len - 1))
-        {
-            return 0;
-        }
-        return ((value[i >>> 5] & bitMask[i & 0x1f]) != 0) ? 1 : 0;
-    }
-
-    /**
-     * Resets the bit at position <i>i</i>.
-     *
-     * @param i int
-     * @throws RuntimeException if (<i>i</i> &lt; 0) || (<i>i</i> &gt; (len - 1))
-     */
-    public void resetBit(int i)
-        throws RuntimeException
-    {
-        if (i < 0)
-        {
-            throw new RuntimeException();
-        }
-        if (i > (len - 1))
-        {
-            return;
-        }
-        value[i >>> 5] &= ~bitMask[i & 0x1f];
-    }
-
-    /**
-     * Xors the bit at position <i>i</i>.
-     *
-     * @param i int
-     * @throws RuntimeException if (<i>i</i> &lt; 0) || (<i>i</i> &gt; (len - 1))
-     */
-    public void xorBit(int i)
-        throws RuntimeException
-    {
-        if (i < 0 || i > (len - 1))
-        {
-            throw new RuntimeException();
-        }
-        value[i >>> 5] ^= bitMask[i & 0x1f];
-    }
-
-    /**
-     * Tests the bit at position <i>i</i>.
-     *
-     * @param i the position of the bit to be tested
-     * @return true if the bit at position <i>i</i> is set (a(<i>i</i>) ==
-     *         1). False if (<i>i</i> &lt; 0) || (<i>i</i> &gt; (len - 1))
-     */
-    public boolean testBit(int i)
-    {
-        if (i < 0)
-        {
-            throw new RuntimeException();
-        }
-        if (i > (len - 1))
-        {
-            return false;
-        }
-        return (value[i >>> 5] & bitMask[i & 0x1f]) != 0;
-    }
-
-    /**
-     * Returns this GF2Polynomial shift-left by 1 in a new GF2Polynomial.
-     *
-     * @return a new GF2Polynomial (this &lt;&lt; 1)
-     */
-    public GF2Polynomial shiftLeft()
-    {
-        GF2Polynomial result = new GF2Polynomial(len + 1, value);
-        int i;
-        for (i = result.blocks - 1; i >= 1; i--)
-        {
-            result.value[i] <<= 1;
-            result.value[i] |= result.value[i - 1] >>> 31;
-        }
-        result.value[0] <<= 1;
-        return result;
-    }
-
-    /**
-     * Shifts-left this by one and enlarges the size of value if necesary.
-     */
-    public void shiftLeftThis()
-    {
-        /** @todo This is untested. */
-        int i;
-        if ((len & 0x1f) == 0)
-        { // check if blocks increases
-            len += 1;
-            blocks += 1;
-            if (blocks > value.length)
-            { // enlarge value
-                int[] bs = new int[blocks];
-                System.arraycopy(value, 0, bs, 0, value.length);
-                value = null;
-                value = bs;
-            }
-            for (i = blocks - 1; i >= 1; i--)
-            {
-                value[i] |= value[i - 1] >>> 31;
-                value[i - 1] <<= 1;
-            }
-        }
-        else
-        {
-            len += 1;
-            for (i = blocks - 1; i >= 1; i--)
-            {
-                value[i] <<= 1;
-                value[i] |= value[i - 1] >>> 31;
-            }
-            value[0] <<= 1;
-        }
-    }
-
-    /**
-     * Returns this GF2Polynomial shift-left by <i>k</i> in a new
-     * GF2Polynomial.
-     *
-     * @param k int
-     * @return a new GF2Polynomial (this &lt;&lt; <i>k</i>)
-     */
-    public GF2Polynomial shiftLeft(int k)
-    {
-        // Variant 2, requiring a modified shiftBlocksLeft(k)
-        // In case of modification, consider a rename to doShiftBlocksLeft()
-        // with an explicit note that this method assumes that the polynomial
-        // has already been resized. Or consider doing things inline.
-        // Construct the resulting polynomial of appropriate length:
-        GF2Polynomial result = new GF2Polynomial(len + k, value);
-        // Shift left as many multiples of the block size as possible:
-        if (k >= 32)
-        {
-            result.doShiftBlocksLeft(k >>> 5);
-        }
-        // Shift left by the remaining (<32) amount:
-        final int remaining = k & 0x1f;
-        if (remaining != 0)
-        {
-            for (int i = result.blocks - 1; i >= 1; i--)
-            {
-                result.value[i] <<= remaining;
-                result.value[i] |= result.value[i - 1] >>> (32 - remaining);
-            }
-            result.value[0] <<= remaining;
-        }
-        return result;
-    }
-
-    /**
-     * Shifts left b and adds the result to Its a fast version of
-     * <tt>this = add(b.shl(k));</tt>
-     *
-     * @param b GF2Polynomial to shift and add to this
-     * @param k the amount to shift
-     * @see GF2nPolynomialElement#invertEEA
-     */
-    public void shiftLeftAddThis(GF2Polynomial b, int k)
-    {
-        if (k == 0)
-        {
-            addToThis(b);
-            return;
-        }
-        int i;
-        expandN(b.len + k);
-        int d = k >>> 5;
-        for (i = b.blocks - 1; i >= 0; i--)
-        {
-            if ((i + d + 1 < blocks) && ((k & 0x1f) != 0))
-            {
-                value[i + d + 1] ^= b.value[i] >>> (32 - (k & 0x1f));
-            }
-            value[i + d] ^= b.value[i] << (k & 0x1f);
-        }
-    }
-
-    /**
-     * Shifts-left this GF2Polynomial's value blockwise 1 block resulting in a
-     * shift-left by 32.
-     *
-     * @see GF2Polynomial#multiply
-     */
-    void shiftBlocksLeft()
-    {
-        blocks += 1;
-        len += 32;
-        if (blocks <= value.length)
-        {
-            int i;
-            for (i = blocks - 1; i >= 1; i--)
-            {
-                value[i] = value[i - 1];
-            }
-            value[0] = 0x00;
-        }
-        else
-        {
-            int[] result = new int[blocks];
-            System.arraycopy(value, 0, result, 1, blocks - 1);
-            value = null;
-            value = result;
-        }
-    }
-
-    /**
-     * Shifts left this GF2Polynomial's value blockwise <i>b</i> blocks
-     * resulting in a shift-left by b*32. This method assumes that {@link #len}
-     * and {@link #blocks} have already been updated to reflect the final state.
-     *
-     * @param b shift amount (in blocks)
-     */
-    private void doShiftBlocksLeft(int b)
-    {
-        if (blocks <= value.length)
-        {
-            int i;
-            for (i = blocks - 1; i >= b; i--)
-            {
-                value[i] = value[i - b];
-            }
-            for (i = 0; i < b; i++)
-            {
-                value[i] = 0x00;
-            }
-        }
-        else
-        {
-            int[] result = new int[blocks];
-            System.arraycopy(value, 0, result, b, blocks - b);
-            value = null;
-            value = result;
-        }
-    }
-
-    /**
-     * Returns this GF2Polynomial shift-right by 1 in a new GF2Polynomial.
-     *
-     * @return a new GF2Polynomial (this &lt;&lt; 1)
-     */
-    public GF2Polynomial shiftRight()
-    {
-        GF2Polynomial result = new GF2Polynomial(len - 1);
-        int i;
-        System.arraycopy(value, 0, result.value, 0, result.blocks);
-        for (i = 0; i <= result.blocks - 2; i++)
-        {
-            result.value[i] >>>= 1;
-            result.value[i] |= result.value[i + 1] << 31;
-        }
-        result.value[result.blocks - 1] >>>= 1;
-        if (result.blocks < blocks)
-        {
-            result.value[result.blocks - 1] |= value[result.blocks] << 31;
-        }
-        return result;
-    }
-
-    /**
-     * Shifts-right this GF2Polynomial by 1.
-     */
-    public void shiftRightThis()
-    {
-        int i;
-        len -= 1;
-        blocks = ((len - 1) >>> 5) + 1;
-        for (i = 0; i <= blocks - 2; i++)
-        {
-            value[i] >>>= 1;
-            value[i] |= value[i + 1] << 31;
-        }
-        value[blocks - 1] >>>= 1;
-        if ((len & 0x1f) == 0)
-        {
-            value[blocks - 1] |= value[blocks] << 31;
-        }
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2Vector.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2Vector.java
deleted file mode 100644
index e972f6f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2Vector.java
+++ /dev/null

@@ -1,541 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * This class implements the abstract class <tt>Vector</tt> for the case of
- * vectors over the finite field GF(2). <br>
- * For the vector representation the array of type int[] is used, thus one
- * element of the array holds 32 elements of the vector.
- *
- * @see Vector
- */
-public class GF2Vector
-    extends Vector
-{
-
-    /**
-     * holds the elements of this vector
-     */
-    private int[] v;
-
-    /**
-     * Construct the zero vector of the given length.
-     *
-     * @param length the length of the vector
-     */
-    public GF2Vector(int length)
-    {
-        if (length < 0)
-        {
-            throw new ArithmeticException("Negative length.");
-        }
-        this.length = length;
-        v = new int[(length + 31) >> 5];
-    }
-
-    /**
-     * Construct a random GF2Vector of the given length.
-     *
-     * @param length the length of the vector
-     * @param sr     the source of randomness
-     */
-    public GF2Vector(int length, SecureRandom sr)
-    {
-        this.length = length;
-
-        int size = (length + 31) >> 5;
-        v = new int[size];
-
-        // generate random elements
-        for (int i = size - 1; i >= 0; i--)
-        {
-            v[i] = sr.nextInt();
-        }
-
-        // erase unused bits
-        int r = length & 0x1f;
-        if (r != 0)
-        {
-            // erase unused bits
-            v[size - 1] &= (1 << r) - 1;
-        }
-    }
-
-    /**
-     * Construct a random GF2Vector of the given length with the specified
-     * number of non-zero coefficients.
-     *
-     * @param length the length of the vector
-     * @param t      the number of non-zero coefficients
-     * @param sr     the source of randomness
-     */
-    public GF2Vector(int length, int t, SecureRandom sr)
-    {
-        if (t > length)
-        {
-            throw new ArithmeticException(
-                "The hamming weight is greater than the length of vector.");
-        }
-        this.length = length;
-
-        int size = (length + 31) >> 5;
-        v = new int[size];
-
-        int[] help = new int[length];
-        for (int i = 0; i < length; i++)
-        {
-            help[i] = i;
-        }
-
-        int m = length;
-        for (int i = 0; i < t; i++)
-        {
-            int j = RandUtils.nextInt(sr, m);
-            setBit(help[j]);
-            m--;
-            help[j] = help[m];
-        }
-    }
-
-    /**
-     * Construct a GF2Vector of the given length and with elements from the
-     * given array. The array is copied and unused bits are masked out.
-     *
-     * @param length the length of the vector
-     * @param v      the element array
-     */
-    public GF2Vector(int length, int[] v)
-    {
-        if (length < 0)
-        {
-            throw new ArithmeticException("negative length");
-        }
-        this.length = length;
-
-        int size = (length + 31) >> 5;
-
-        if (v.length != size)
-        {
-            throw new ArithmeticException("length mismatch");
-        }
-
-        this.v = IntUtils.clone(v);
-
-        int r = length & 0x1f;
-        if (r != 0)
-        {
-            // erase unused bits
-            this.v[size - 1] &= (1 << r) - 1;
-        }
-    }
-
-    /**
-     * Copy constructor.
-     *
-     * @param other another {@link GF2Vector}
-     */
-    public GF2Vector(GF2Vector other)
-    {
-        this.length = other.length;
-        this.v = IntUtils.clone(other.v);
-    }
-
-    /**
-     * Construct a new {@link GF2Vector} of the given length and with the given
-     * element array. The array is not changed and only a reference to the array
-     * is stored. No length checking is performed either.
-     *
-     * @param v      the element array
-     * @param length the length of the vector
-     */
-    protected GF2Vector(int[] v, int length)
-    {
-        this.v = v;
-        this.length = length;
-    }
-
-    /**
-     * Construct a new GF2Vector with the given length out of the encoded
-     * vector.
-     *
-     * @param length the length of the vector
-     * @param encVec the encoded vector
-     * @return the decoded vector
-     */
-    public static GF2Vector OS2VP(int length, byte[] encVec)
-    {
-        if (length < 0)
-        {
-            throw new ArithmeticException("negative length");
-        }
-
-        int byteLen = (length + 7) >> 3;
-
-        if (encVec.length > byteLen)
-        {
-            throw new ArithmeticException("length mismatch");
-        }
-
-        return new GF2Vector(length, LittleEndianConversions.toIntArray(encVec));
-    }
-
-    /**
-     * Encode this vector as byte array.
-     *
-     * @return the encoded vector
-     */
-    public byte[] getEncoded()
-    {
-        int byteLen = (length + 7) >> 3;
-        return LittleEndianConversions.toByteArray(v, byteLen);
-    }
-
-    /**
-     * @return the int array representation of this vector
-     */
-    public int[] getVecArray()
-    {
-        return v;
-    }
-
-    /**
-     * Return the Hamming weight of this vector, i.e., compute the number of
-     * units of this vector.
-     *
-     * @return the Hamming weight of this vector
-     */
-    public int getHammingWeight()
-    {
-        int weight = 0;
-        for (int i = 0; i < v.length; i++)
-        {
-            int e = v[i];
-            for (int j = 0; j < 32; j++)
-            {
-                int b = e & 1;
-                if (b != 0)
-                {
-                    weight++;
-                }
-                e >>>= 1;
-            }
-        }
-        return weight;
-    }
-
-    /**
-     * @return whether this is the zero vector (i.e., all elements are zero)
-     */
-    public boolean isZero()
-    {
-        for (int i = v.length - 1; i >= 0; i--)
-        {
-            if (v[i] != 0)
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    /**
-     * Return the value of the bit of this vector at the specified index.
-     *
-     * @param index the index
-     * @return the value of the bit (0 or 1)
-     */
-    public int getBit(int index)
-    {
-        if (index >= length)
-        {
-            throw new IndexOutOfBoundsException();
-        }
-        int q = index >> 5;
-        int r = index & 0x1f;
-        return (v[q] & (1 << r)) >>> r;
-    }
-
-    /**
-     * Set the coefficient at the given index to 1. If the index is out of
-     * bounds, do nothing.
-     *
-     * @param index the index of the coefficient to set
-     */
-    public void setBit(int index)
-    {
-        if (index >= length)
-        {
-            throw new IndexOutOfBoundsException();
-        }
-        v[index >> 5] |= 1 << (index & 0x1f);
-    }
-
-    /**
-     * Adds another GF2Vector to this vector.
-     *
-     * @param other another GF2Vector
-     * @return <tt>this + other</tt>
-     * @throws ArithmeticException if the other vector is not a GF2Vector or has another
-     * length.
-     */
-    public Vector add(Vector other)
-    {
-        if (!(other instanceof GF2Vector))
-        {
-            throw new ArithmeticException("vector is not defined over GF(2)");
-        }
-
-        GF2Vector otherVec = (GF2Vector)other;
-        if (length != otherVec.length)
-        {
-            throw new ArithmeticException("length mismatch");
-        }
-
-        int[] vec = IntUtils.clone(((GF2Vector)other).v);
-
-        for (int i = vec.length - 1; i >= 0; i--)
-        {
-            vec[i] ^= v[i];
-        }
-
-        return new GF2Vector(length, vec);
-    }
-
-    /**
-     * Multiply this vector with a permutation.
-     *
-     * @param p the permutation
-     * @return <tt>this*p = p*this</tt>
-     */
-    public Vector multiply(Permutation p)
-    {
-        int[] pVec = p.getVector();
-        if (length != pVec.length)
-        {
-            throw new ArithmeticException("length mismatch");
-        }
-
-        GF2Vector result = new GF2Vector(length);
-
-        for (int i = 0; i < pVec.length; i++)
-        {
-            int e = v[pVec[i] >> 5] & (1 << (pVec[i] & 0x1f));
-            if (e != 0)
-            {
-                result.v[i >> 5] |= 1 << (i & 0x1f);
-            }
-        }
-
-        return result;
-    }
-
-    /**
-     * Return a new vector consisting of the elements of this vector with the
-     * indices given by the set <tt>setJ</tt>.
-     *
-     * @param setJ the set of indices of elements to extract
-     * @return the new {@link GF2Vector}
-     *         <tt>[this_setJ[0], this_setJ[1], ..., this_setJ[#setJ-1]]</tt>
-     */
-    public GF2Vector extractVector(int[] setJ)
-    {
-        int k = setJ.length;
-        if (setJ[k - 1] > length)
-        {
-            throw new ArithmeticException("invalid index set");
-        }
-
-        GF2Vector result = new GF2Vector(k);
-
-        for (int i = 0; i < k; i++)
-        {
-            int e = v[setJ[i] >> 5] & (1 << (setJ[i] & 0x1f));
-            if (e != 0)
-            {
-                result.v[i >> 5] |= 1 << (i & 0x1f);
-            }
-        }
-
-        return result;
-    }
-
-    /**
-     * Return a new vector consisting of the first <tt>k</tt> elements of this
-     * vector.
-     *
-     * @param k the number of elements to extract
-     * @return a new {@link GF2Vector} consisting of the first <tt>k</tt>
-     *         elements of this vector
-     */
-    public GF2Vector extractLeftVector(int k)
-    {
-        if (k > length)
-        {
-            throw new ArithmeticException("invalid length");
-        }
-
-        if (k == length)
-        {
-            return new GF2Vector(this);
-        }
-
-        GF2Vector result = new GF2Vector(k);
-
-        int q = k >> 5;
-        int r = k & 0x1f;
-
-        System.arraycopy(v, 0, result.v, 0, q);
-        if (r != 0)
-        {
-            result.v[q] = v[q] & ((1 << r) - 1);
-        }
-
-        return result;
-    }
-
-    /**
-     * Return a new vector consisting of the last <tt>k</tt> elements of this
-     * vector.
-     *
-     * @param k the number of elements to extract
-     * @return a new {@link GF2Vector} consisting of the last <tt>k</tt>
-     *         elements of this vector
-     */
-    public GF2Vector extractRightVector(int k)
-    {
-        if (k > length)
-        {
-            throw new ArithmeticException("invalid length");
-        }
-
-        if (k == length)
-        {
-            return new GF2Vector(this);
-        }
-
-        GF2Vector result = new GF2Vector(k);
-
-        int q = (length - k) >> 5;
-        int r = (length - k) & 0x1f;
-        int length = (k + 31) >> 5;
-
-        int ind = q;
-        // if words have to be shifted
-        if (r != 0)
-        {
-            // process all but last word
-            for (int i = 0; i < length - 1; i++)
-            {
-                result.v[i] = (v[ind++] >>> r) | (v[ind] << (32 - r));
-            }
-            // process last word
-            result.v[length - 1] = v[ind++] >>> r;
-            if (ind < v.length)
-            {
-                result.v[length - 1] |= v[ind] << (32 - r);
-            }
-        }
-        else
-        {
-            // no shift necessary
-            System.arraycopy(v, q, result.v, 0, length);
-        }
-
-        return result;
-    }
-
-    /**
-     * Rewrite this vector as a vector over <tt>GF(2<sup>m</sup>)</tt> with
-     * <tt>t</tt> elements.
-     *
-     * @param field the finite field <tt>GF(2<sup>m</sup>)</tt>
-     * @return the converted vector over <tt>GF(2<sup>m</sup>)</tt>
-     */
-    public GF2mVector toExtensionFieldVector(GF2mField field)
-    {
-        int m = field.getDegree();
-        if ((length % m) != 0)
-        {
-            throw new ArithmeticException("conversion is impossible");
-        }
-
-        int t = length / m;
-        int[] result = new int[t];
-        int count = 0;
-        for (int i = t - 1; i >= 0; i--)
-        {
-            for (int j = field.getDegree() - 1; j >= 0; j--)
-            {
-                int q = count >>> 5;
-                int r = count & 0x1f;
-
-                int e = (v[q] >>> r) & 1;
-                if (e == 1)
-                {
-                    result[i] ^= 1 << j;
-                }
-                count++;
-            }
-        }
-        return new GF2mVector(field, result);
-    }
-
-    /**
-     * Check if the given object is equal to this vector.
-     *
-     * @param other vector
-     * @return the result of the comparison
-     */
-    public boolean equals(Object other)
-    {
-
-        if (!(other instanceof GF2Vector))
-        {
-            return false;
-        }
-        GF2Vector otherVec = (GF2Vector)other;
-
-        return (length == otherVec.length) && IntUtils.equals(v, otherVec.v);
-    }
-
-    /**
-     * @return the hash code of this vector
-     */
-    public int hashCode()
-    {
-        int hash = length;
-        hash = hash * 31 + Arrays.hashCode(v);
-        return hash;
-    }
-
-    /**
-     * @return a human readable form of this vector
-     */
-    public String toString()
-    {
-        StringBuffer buf = new StringBuffer();
-        for (int i = 0; i < length; i++)
-        {
-            if ((i != 0) && ((i & 0x1f) == 0))
-            {
-                buf.append(' ');
-            }
-            int q = i >> 5;
-            int r = i & 0x1f;
-            int bit = v[q] & (1 << r);
-            if (bit == 0)
-            {
-                buf.append('0');
-            }
-            else
-            {
-                buf.append('1');
-            }
-        }
-        return buf.toString();
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2mField.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2mField.java
deleted file mode 100644
index 75eb7ee..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2mField.java
+++ /dev/null

@@ -1,371 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-
-/**
- * This class describes operations with elements from the finite field F =
- * GF(2^m). ( GF(2^m)= GF(2)[A] where A is a root of irreducible polynomial with
- * degree m, each field element B has a polynomial basis representation, i.e. it
- * is represented by a different binary polynomial of degree less than m, B =
- * poly(A) ) All operations are defined only for field with 1&lt; m &lt;32. For the
- * representation of field elements the map f: F-&gt;Z, poly(A)-&gt;poly(2) is used,
- * where integers have the binary representation. For example: A^7+A^3+A+1 -&gt;
- * (00...0010001011)=139 Also for elements type Integer is used.
- *
- * @see PolynomialRingGF2
- */
-public class GF2mField
-{
-
-    /*
-      * degree - degree of the field polynomial - the field polynomial ring -
-      * polynomial ring over the finite field GF(2)
-      */
-
-    private int degree = 0;
-
-    private int polynomial;
-
-    /**
-     * create a finite field GF(2^m)
-     *
-     * @param degree the degree of the field
-     */
-    public GF2mField(int degree)
-    {
-        if (degree >= 32)
-        {
-            throw new IllegalArgumentException(
-                " Error: the degree of field is too large ");
-        }
-        if (degree < 1)
-        {
-            throw new IllegalArgumentException(
-                " Error: the degree of field is non-positive ");
-        }
-        this.degree = degree;
-        polynomial = PolynomialRingGF2.getIrreduciblePolynomial(degree);
-    }
-
-    /**
-     * create a finite field GF(2^m) with the fixed field polynomial
-     *
-     * @param degree the degree of the field
-     * @param poly   the field polynomial
-     */
-    public GF2mField(int degree, int poly)
-    {
-        if (degree != PolynomialRingGF2.degree(poly))
-        {
-            throw new IllegalArgumentException(
-                " Error: the degree is not correct");
-        }
-        if (!PolynomialRingGF2.isIrreducible(poly))
-        {
-            throw new IllegalArgumentException(
-                " Error: given polynomial is reducible");
-        }
-        this.degree = degree;
-        polynomial = poly;
-
-    }
-
-    public GF2mField(byte[] enc)
-    {
-        if (enc.length != 4)
-        {
-            throw new IllegalArgumentException(
-                "byte array is not an encoded finite field");
-        }
-        polynomial = LittleEndianConversions.OS2IP(enc);
-        if (!PolynomialRingGF2.isIrreducible(polynomial))
-        {
-            throw new IllegalArgumentException(
-                "byte array is not an encoded finite field");
-        }
-
-        degree = PolynomialRingGF2.degree(polynomial);
-    }
-
-    public GF2mField(GF2mField field)
-    {
-        degree = field.degree;
-        polynomial = field.polynomial;
-    }
-
-    /**
-     * return degree of the field
-     *
-     * @return degree of the field
-     */
-    public int getDegree()
-    {
-        return degree;
-    }
-
-    /**
-     * return the field polynomial
-     *
-     * @return the field polynomial
-     */
-    public int getPolynomial()
-    {
-        return polynomial;
-    }
-
-    /**
-     * return the encoded form of this field
-     *
-     * @return the field in byte array form
-     */
-    public byte[] getEncoded()
-    {
-        return LittleEndianConversions.I2OSP(polynomial);
-    }
-
-    /**
-     * Return sum of two elements
-     *
-     * @param a
-     * @param b
-     * @return a+b
-     */
-    public int add(int a, int b)
-    {
-        return a ^ b;
-    }
-
-    /**
-     * Return product of two elements
-     *
-     * @param a
-     * @param b
-     * @return a*b
-     */
-    public int mult(int a, int b)
-    {
-        return PolynomialRingGF2.modMultiply(a, b, polynomial);
-    }
-
-    /**
-     * compute exponentiation a^k
-     *
-     * @param a a field element a
-     * @param k k degree
-     * @return a^k
-     */
-    public int exp(int a, int k)
-    {
-        if (k == 0)
-        {
-            return 1;
-        }
-        if (a == 0)
-        {
-            return 0;
-        }
-        if (a == 1)
-        {
-            return 1;
-        }
-        int result = 1;
-        if (k < 0)
-        {
-            a = inverse(a);
-            k = -k;
-        }
-        while (k != 0)
-        {
-            if ((k & 1) == 1)
-            {
-                result = mult(result, a);
-            }
-            a = mult(a, a);
-            k >>>= 1;
-        }
-        return result;
-    }
-
-    /**
-     * compute the multiplicative inverse of a
-     *
-     * @param a a field element a
-     * @return a<sup>-1</sup>
-     */
-    public int inverse(int a)
-    {
-        int d = (1 << degree) - 2;
-
-        return exp(a, d);
-    }
-
-    /**
-     * compute the square root of an integer
-     *
-     * @param a a field element a
-     * @return a<sup>1/2</sup>
-     */
-    public int sqRoot(int a)
-    {
-        for (int i = 1; i < degree; i++)
-        {
-            a = mult(a, a);
-        }
-        return a;
-    }
-
-    /**
-     * create a random field element using PRNG sr
-     *
-     * @param sr SecureRandom
-     * @return a random element
-     */
-    public int getRandomElement(SecureRandom sr)
-    {
-        int result = RandUtils.nextInt(sr, 1 << degree);
-        return result;
-    }
-
-    /**
-     * create a random non-zero field element
-     *
-     * @return a random element
-     */
-    public int getRandomNonZeroElement()
-    {
-        return getRandomNonZeroElement(CryptoServicesRegistrar.getSecureRandom());
-    }
-
-    /**
-     * create a random non-zero field element using PRNG sr
-     *
-     * @param sr SecureRandom
-     * @return a random non-zero element
-     */
-    public int getRandomNonZeroElement(SecureRandom sr)
-    {
-        int controltime = 1 << 20;
-        int count = 0;
-        int result = RandUtils.nextInt(sr, 1 << degree);
-        while ((result == 0) && (count < controltime))
-        {
-            result = RandUtils.nextInt(sr, 1 << degree);
-            count++;
-        }
-        if (count == controltime)
-        {
-            result = 1;
-        }
-        return result;
-    }
-
-    /**
-     * @return true if e is encoded element of this field and false otherwise
-     */
-    public boolean isElementOfThisField(int e)
-    {
-        // e is encoded element of this field iff 0<= e < |2^m|
-        if (degree == 31)
-        {
-            return e >= 0;
-        }
-        return e >= 0 && e < (1 << degree);
-    }
-
-    /*
-      * help method for visual control
-      */
-    public String elementToStr(int a)
-    {
-        String s = "";
-        for (int i = 0; i < degree; i++)
-        {
-            if (((byte)a & 0x01) == 0)
-            {
-                s = "0" + s;
-            }
-            else
-            {
-                s = "1" + s;
-            }
-            a >>>= 1;
-        }
-        return s;
-    }
-
-    /**
-     * checks if given object is equal to this field.
-     * <p>
-     * The method returns false whenever the given object is not GF2m.
-     *
-     * @param other object
-     * @return true or false
-     */
-    public boolean equals(Object other)
-    {
-        if ((other == null) || !(other instanceof GF2mField))
-        {
-            return false;
-        }
-
-        GF2mField otherField = (GF2mField)other;
-
-        if ((degree == otherField.degree)
-            && (polynomial == otherField.polynomial))
-        {
-            return true;
-        }
-
-        return false;
-    }
-
-    public int hashCode()
-    {
-        return polynomial;
-    }
-
-    /**
-     * Returns a human readable form of this field.
-     *
-     * @return a human readable form of this field.
-     */
-    public String toString()
-    {
-        String str = "Finite Field GF(2^" + degree + ") = " + "GF(2)[X]/<"
-            + polyToString(polynomial) + "> ";
-        return str;
-    }
-
-    private static String polyToString(int p)
-    {
-        String str = "";
-        if (p == 0)
-        {
-            str = "0";
-        }
-        else
-        {
-            byte b = (byte)(p & 0x01);
-            if (b == 1)
-            {
-                str = "1";
-            }
-            p >>>= 1;
-            int i = 1;
-            while (p != 0)
-            {
-                b = (byte)(p & 0x01);
-                if (b == 1)
-                {
-                    str = str + "+x^" + i;
-                }
-                p >>>= 1;
-                i++;
-            }
-        }
-        return str;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2mMatrix.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2mMatrix.java
deleted file mode 100644
index 8dfdb9b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2mMatrix.java
+++ /dev/null

@@ -1,377 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-/**
- * This class describes some operations with matrices over finite field <i>GF(2<sup>m</sup>)</i>
- * with small <i>m</i> (1&lt; m &lt;32).
- *
- * @see Matrix
- */
-public class GF2mMatrix
-    extends Matrix
-{
-
-    /**
-     * finite field GF(2^m)
-     */
-    protected GF2mField field;
-
-    /**
-     * For the matrix representation the array of type int[][] is used, thus
-     * every element of the array keeps one element of the matrix (element from
-     * finite field GF(2^m))
-     */
-    protected int[][] matrix;
-
-    /**
-     * Constructor.
-     *
-     * @param field a finite field GF(2^m)
-     * @param enc   byte[] matrix in byte array form
-     */
-    public GF2mMatrix(GF2mField field, byte[] enc)
-    {
-
-        this.field = field;
-
-        // decode matrix
-        int d = 8;
-        int count = 1;
-        while (field.getDegree() > d)
-        {
-            count++;
-            d += 8;
-        }
-
-        if (enc.length < 5)
-        {
-            throw new IllegalArgumentException(
-                " Error: given array is not encoded matrix over GF(2^m)");
-        }
-
-        this.numRows = ((enc[3] & 0xff) << 24) ^ ((enc[2] & 0xff) << 16)
-            ^ ((enc[1] & 0xff) << 8) ^ (enc[0] & 0xff);
-
-        int n = count * this.numRows;
-
-        if ((this.numRows <= 0) || (((enc.length - 4) % n) != 0))
-        {
-            throw new IllegalArgumentException(
-                " Error: given array is not encoded matrix over GF(2^m)");
-        }
-
-        this.numColumns = (enc.length - 4) / n;
-
-        matrix = new int[this.numRows][this.numColumns];
-        count = 4;
-        for (int i = 0; i < this.numRows; i++)
-        {
-            for (int j = 0; j < this.numColumns; j++)
-            {
-                for (int jj = 0; jj < d; jj += 8)
-                {
-                    matrix[i][j] ^= (enc[count++] & 0x000000ff) << jj;
-                }
-                if (!this.field.isElementOfThisField(matrix[i][j]))
-                {
-                    throw new IllegalArgumentException(
-                        " Error: given array is not encoded matrix over GF(2^m)");
-                }
-            }
-        }
-    }
-
-    /**
-     * Copy constructor.
-     *
-     * @param other another {@link GF2mMatrix}
-     */
-    public GF2mMatrix(GF2mMatrix other)
-    {
-        numRows = other.numRows;
-        numColumns = other.numColumns;
-        field = other.field;
-        matrix = new int[numRows][];
-        for (int i = 0; i < numRows; i++)
-        {
-            matrix[i] = IntUtils.clone(other.matrix[i]);
-        }
-    }
-
-    /**
-     * Constructor.
-     *
-     * @param field  a finite field GF(2^m)
-     * @param matrix the matrix as int array. Only the reference is copied.
-     */
-    protected GF2mMatrix(GF2mField field, int[][] matrix)
-    {
-        this.field = field;
-        this.matrix = matrix;
-        numRows = matrix.length;
-        numColumns = matrix[0].length;
-    }
-
-    /**
-     * @return a byte array encoding of this matrix
-     */
-    public byte[] getEncoded()
-    {
-        int d = 8;
-        int count = 1;
-        while (field.getDegree() > d)
-        {
-            count++;
-            d += 8;
-        }
-
-        byte[] bf = new byte[this.numRows * this.numColumns * count + 4];
-        bf[0] = (byte)(this.numRows & 0xff);
-        bf[1] = (byte)((this.numRows >>> 8) & 0xff);
-        bf[2] = (byte)((this.numRows >>> 16) & 0xff);
-        bf[3] = (byte)((this.numRows >>> 24) & 0xff);
-
-        count = 4;
-        for (int i = 0; i < this.numRows; i++)
-        {
-            for (int j = 0; j < this.numColumns; j++)
-            {
-                for (int jj = 0; jj < d; jj += 8)
-                {
-                    bf[count++] = (byte)(matrix[i][j] >>> jj);
-                }
-            }
-        }
-
-        return bf;
-    }
-
-    /**
-     * Check if this is the zero matrix (i.e., all entries are zero).
-     *
-     * @return <tt>true</tt> if this is the zero matrix
-     */
-    public boolean isZero()
-    {
-        for (int i = 0; i < numRows; i++)
-        {
-            for (int j = 0; j < numColumns; j++)
-            {
-                if (matrix[i][j] != 0)
-                {
-                    return false;
-                }
-            }
-        }
-        return true;
-    }
-
-    /**
-     * Compute the inverse of this matrix.
-     *
-     * @return the inverse of this matrix (newly created).
-     */
-    public Matrix computeInverse()
-    {
-        if (numRows != numColumns)
-        {
-            throw new ArithmeticException("Matrix is not invertible.");
-        }
-
-        // clone this matrix
-        int[][] tmpMatrix = new int[numRows][numRows];
-        for (int i = numRows - 1; i >= 0; i--)
-        {
-            tmpMatrix[i] = IntUtils.clone(matrix[i]);
-        }
-
-        // initialize inverse matrix as unit matrix
-        int[][] invMatrix = new int[numRows][numRows];
-        for (int i = numRows - 1; i >= 0; i--)
-        {
-            invMatrix[i][i] = 1;
-        }
-
-        // simultaneously compute Gaussian reduction of tmpMatrix and unit
-        // matrix
-        for (int i = 0; i < numRows; i++)
-        {
-            // if diagonal element is zero
-            if (tmpMatrix[i][i] == 0)
-            {
-                boolean foundNonZero = false;
-                // find a non-zero element in the same column
-                for (int j = i + 1; j < numRows; j++)
-                {
-                    if (tmpMatrix[j][i] != 0)
-                    {
-                        // found it, swap rows ...
-                        foundNonZero = true;
-                        swapColumns(tmpMatrix, i, j);
-                        swapColumns(invMatrix, i, j);
-                        // ... and quit searching
-                        j = numRows;
-                        continue;
-                    }
-                }
-                // if no non-zero element was found
-                if (!foundNonZero)
-                {
-                    // the matrix is not invertible
-                    throw new ArithmeticException("Matrix is not invertible.");
-                }
-            }
-
-            // normalize i-th row
-            int coef = tmpMatrix[i][i];
-            int invCoef = field.inverse(coef);
-            multRowWithElementThis(tmpMatrix[i], invCoef);
-            multRowWithElementThis(invMatrix[i], invCoef);
-
-            // normalize all other rows
-            for (int j = 0; j < numRows; j++)
-            {
-                if (j != i)
-                {
-                    coef = tmpMatrix[j][i];
-                    if (coef != 0)
-                    {
-                        int[] tmpRow = multRowWithElement(tmpMatrix[i], coef);
-                        int[] tmpInvRow = multRowWithElement(invMatrix[i], coef);
-                        addToRow(tmpRow, tmpMatrix[j]);
-                        addToRow(tmpInvRow, invMatrix[j]);
-                    }
-                }
-            }
-        }
-
-        return new GF2mMatrix(field, invMatrix);
-    }
-
-    private static void swapColumns(int[][] matrix, int first, int second)
-    {
-        int[] tmp = matrix[first];
-        matrix[first] = matrix[second];
-        matrix[second] = tmp;
-    }
-
-    private void multRowWithElementThis(int[] row, int element)
-    {
-        for (int i = row.length - 1; i >= 0; i--)
-        {
-            row[i] = field.mult(row[i], element);
-        }
-    }
-
-    private int[] multRowWithElement(int[] row, int element)
-    {
-        int[] result = new int[row.length];
-        for (int i = row.length - 1; i >= 0; i--)
-        {
-            result[i] = field.mult(row[i], element);
-        }
-        return result;
-    }
-
-    /**
-     * Add one row to another.
-     *
-     * @param fromRow the addend
-     * @param toRow   the row to add to
-     */
-    private void addToRow(int[] fromRow, int[] toRow)
-    {
-        for (int i = toRow.length - 1; i >= 0; i--)
-        {
-            toRow[i] = field.add(fromRow[i], toRow[i]);
-        }
-    }
-
-    public Matrix rightMultiply(Matrix a)
-    {
-        throw new RuntimeException("Not implemented.");
-    }
-
-    public Matrix rightMultiply(Permutation perm)
-    {
-        throw new RuntimeException("Not implemented.");
-    }
-
-    public Vector leftMultiply(Vector vector)
-    {
-        throw new RuntimeException("Not implemented.");
-    }
-
-    public Vector rightMultiply(Vector vector)
-    {
-        throw new RuntimeException("Not implemented.");
-    }
-
-    /**
-     * Checks if given object is equal to this matrix. The method returns false
-     * whenever the given object is not a matrix over GF(2^m).
-     *
-     * @param other object
-     * @return true or false
-     */
-    public boolean equals(Object other)
-    {
-
-        if (other == null || !(other instanceof GF2mMatrix))
-        {
-            return false;
-        }
-
-        GF2mMatrix otherMatrix = (GF2mMatrix)other;
-
-        if ((!this.field.equals(otherMatrix.field))
-            || (otherMatrix.numRows != this.numColumns)
-            || (otherMatrix.numColumns != this.numColumns))
-        {
-            return false;
-        }
-
-        for (int i = 0; i < this.numRows; i++)
-        {
-            for (int j = 0; j < this.numColumns; j++)
-            {
-                if (this.matrix[i][j] != otherMatrix.matrix[i][j])
-                {
-                    return false;
-                }
-            }
-        }
-
-        return true;
-    }
-
-    public int hashCode()
-    {
-        int hash = (this.field.hashCode() * 31 + numRows) * 31 + numColumns;
-        for (int i = 0; i < this.numRows; i++)
-        {
-            for (int j = 0; j < this.numColumns; j++)
-            {
-                hash = hash * 31 + matrix[i][j];
-            }
-        }
-        return hash;
-    }
-
-    public String toString()
-    {
-        String str = this.numRows + " x " + this.numColumns + " Matrix over "
-            + this.field.toString() + ": \n";
-
-        for (int i = 0; i < this.numRows; i++)
-        {
-            for (int j = 0; j < this.numColumns; j++)
-            {
-                str = str + this.field.elementToStr(matrix[i][j]) + " : ";
-            }
-            str = str + "\n";
-        }
-
-        return str;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2mVector.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2mVector.java
deleted file mode 100644
index 17b92df..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2mVector.java
+++ /dev/null

@@ -1,258 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * This class implements vectors over the finite field
- * <tt>GF(2<sup>m</sup>)</tt> for small <tt>m</tt> (i.e.,
- * <tt>1&lt;m&lt;32</tt>). It extends the abstract class {@link Vector}.
- */
-public class GF2mVector
-    extends Vector
-{
-
-    /**
-     * the finite field this vector is defined over
-     */
-    private GF2mField field;
-
-    /**
-     * the element array
-     */
-    private int[] vector;
-
-    /**
-     * creates the vector over GF(2^m) of given length and with elements from
-     * array v (beginning at the first bit)
-     *
-     * @param field finite field
-     * @param v     array with elements of vector
-     */
-    public GF2mVector(GF2mField field, byte[] v)
-    {
-        this.field = new GF2mField(field);
-
-        // decode vector
-        int d = 8;
-        int count = 1;
-        while (field.getDegree() > d)
-        {
-            count++;
-            d += 8;
-        }
-
-        if ((v.length % count) != 0)
-        {
-            throw new IllegalArgumentException(
-                "Byte array is not an encoded vector over the given finite field.");
-        }
-
-        length = v.length / count;
-        vector = new int[length];
-        count = 0;
-        for (int i = 0; i < vector.length; i++)
-        {
-            for (int j = 0; j < d; j += 8)
-            {
-                vector[i] |= (v[count++] & 0xff) << j;
-            }
-            if (!field.isElementOfThisField(vector[i]))
-            {
-                throw new IllegalArgumentException(
-                    "Byte array is not an encoded vector over the given finite field.");
-            }
-        }
-    }
-
-    /**
-     * Create a new vector over <tt>GF(2<sup>m</sup>)</tt> of the given
-     * length and element array.
-     *
-     * @param field  the finite field <tt>GF(2<sup>m</sup>)</tt>
-     * @param vector the element array
-     */
-    public GF2mVector(GF2mField field, int[] vector)
-    {
-        this.field = field;
-        length = vector.length;
-        for (int i = vector.length - 1; i >= 0; i--)
-        {
-            if (!field.isElementOfThisField(vector[i]))
-            {
-                throw new ArithmeticException(
-                    "Element array is not specified over the given finite field.");
-            }
-        }
-        this.vector = IntUtils.clone(vector);
-    }
-
-    /**
-     * Copy constructor.
-     *
-     * @param other another {@link GF2mVector}
-     */
-    public GF2mVector(GF2mVector other)
-    {
-        field = new GF2mField(other.field);
-        length = other.length;
-        vector = IntUtils.clone(other.vector);
-    }
-
-    /**
-     * @return the finite field this vector is defined over
-     */
-    public GF2mField getField()
-    {
-        return field;
-    }
-
-    /**
-     * @return int[] form of this vector
-     */
-    public int[] getIntArrayForm()
-    {
-        return IntUtils.clone(vector);
-    }
-
-    /**
-     * @return a byte array encoding of this vector
-     */
-    public byte[] getEncoded()
-    {
-        int d = 8;
-        int count = 1;
-        while (field.getDegree() > d)
-        {
-            count++;
-            d += 8;
-        }
-
-        byte[] res = new byte[vector.length * count];
-        count = 0;
-        for (int i = 0; i < vector.length; i++)
-        {
-            for (int j = 0; j < d; j += 8)
-            {
-                res[count++] = (byte)(vector[i] >>> j);
-            }
-        }
-
-        return res;
-    }
-
-    /**
-     * @return whether this is the zero vector (i.e., all elements are zero)
-     */
-    public boolean isZero()
-    {
-        for (int i = vector.length - 1; i >= 0; i--)
-        {
-            if (vector[i] != 0)
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    /**
-     * Add another vector to this vector. Method is not yet implemented.
-     *
-     * @param addend the other vector
-     * @return <tt>this + addend</tt>
-     * @throws ArithmeticException if the other vector is not defined over the same field as
-     * this vector.
-     * <p>
-     * TODO: implement this method
-     */
-    public Vector add(Vector addend)
-    {
-        throw new RuntimeException("not implemented");
-    }
-
-    /**
-     * Multiply this vector with a permutation.
-     *
-     * @param p the permutation
-     * @return <tt>this*p = p*this</tt>
-     */
-    public Vector multiply(Permutation p)
-    {
-        int[] pVec = p.getVector();
-        if (length != pVec.length)
-        {
-            throw new ArithmeticException(
-                "permutation size and vector size mismatch");
-        }
-
-        int[] result = new int[length];
-        for (int i = 0; i < pVec.length; i++)
-        {
-            result[i] = vector[pVec[i]];
-        }
-
-        return new GF2mVector(field, result);
-    }
-
-    /**
-     * Compare this vector with another object.
-     *
-     * @param other the other object
-     * @return the result of the comparison
-     */
-    public boolean equals(Object other)
-    {
-
-        if (!(other instanceof GF2mVector))
-        {
-            return false;
-        }
-        GF2mVector otherVec = (GF2mVector)other;
-
-        if (!field.equals(otherVec.field))
-        {
-            return false;
-        }
-
-        return IntUtils.equals(vector, otherVec.vector);
-    }
-
-    /**
-     * @return the hash code of this vector
-     */
-    public int hashCode()
-    {
-        int hash = this.field.hashCode();
-        hash = hash * 31 + Arrays.hashCode(vector);
-        return hash;
-    }
-
-    /**
-     * @return a human readable form of this vector
-     */
-    public String toString()
-    {
-        StringBuffer buf = new StringBuffer();
-        for (int i = 0; i < vector.length; i++)
-        {
-            for (int j = 0; j < field.getDegree(); j++)
-            {
-                int r = j & 0x1f;
-                int bitMask = 1 << r;
-                int coeff = vector[i] & bitMask;
-                if (coeff != 0)
-                {
-                    buf.append('1');
-                }
-                else
-                {
-                    buf.append('0');
-                }
-            }
-            buf.append(' ');
-        }
-        return buf.toString();
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2nElement.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2nElement.java
deleted file mode 100644
index 3c7c3a2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2nElement.java
+++ /dev/null

@@ -1,178 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-
-/**
- * This abstract class implements an element of the finite field <i>GF(2)<sup>n
- * </sup></i> in either <i>optimal normal basis</i> representation (<i>ONB</i>)
- * or in <i>polynomial</i> representation. It is extended by the classes <a
- * href = GF2nONBElement.html><tt> GF2nONBElement</tt></a> and <a href =
- * GF2nPolynomialElement.html> <tt>GF2nPolynomialElement</tt> </a>.
- *
- * @see GF2nPolynomialElement
- * @see GF2nONBElement
- * @see GF2nONBField
- */
-public abstract class GF2nElement
-    implements GFElement
-{
-
-    // /////////////////////////////////////////////////////////////////////
-    // member variables
-    // /////////////////////////////////////////////////////////////////////
-
-    /**
-     * holds a pointer to this element's corresponding field.
-     */
-    protected GF2nField mField;
-
-    /**
-     * holds the extension degree <i>n</i> of this element's corresponding
-     * field.
-     */
-    protected int mDegree;
-
-    // /////////////////////////////////////////////////////////////////////
-    // pseudo-constructors
-    // /////////////////////////////////////////////////////////////////////
-
-    /**
-     * @return a copy of this GF2nElement
-     */
-    public abstract Object clone();
-
-    // /////////////////////////////////////////////////////////////////////
-    // assignments
-    // /////////////////////////////////////////////////////////////////////
-
-    /**
-     * Assign the value 0 to this element.
-     */
-    abstract void assignZero();
-
-    /**
-     * Assigns the value 1 to this element.
-     */
-    abstract void assignOne();
-
-    // /////////////////////////////////////////////////////////////////////
-    // access
-    // /////////////////////////////////////////////////////////////////////
-
-    /**
-     * Returns whether the rightmost bit of the bit representation is set. This
-     * is needed for data conversion according to 1363.
-     *
-     * @return true if the rightmost bit of this element is set
-     */
-    public abstract boolean testRightmostBit();
-
-    /**
-     * Checks whether the indexed bit of the bit representation is set
-     *
-     * @param index the index of the bit to test
-     * @return <tt>true</tt> if the indexed bit is set
-     */
-    abstract boolean testBit(int index);
-
-    /**
-     * Returns the field of this element.
-     *
-     * @return the field of this element
-     */
-    public final GF2nField getField()
-    {
-        return mField;
-    }
-
-    // /////////////////////////////////////////////////////////////////////
-    // arithmetic
-    // /////////////////////////////////////////////////////////////////////
-
-    /**
-     * Returns <tt>this</tt> element + 1.
-     *
-     * @return <tt>this</tt> + 1
-     */
-    public abstract GF2nElement increase();
-
-    /**
-     * Increases this element by one.
-     */
-    public abstract void increaseThis();
-
-    /**
-     * Compute the difference of this element and <tt>minuend</tt>.
-     *
-     * @param minuend the minuend
-     * @return <tt>this - minuend</tt> (newly created)
-     */
-    public final GFElement subtract(GFElement minuend)
-    {
-        return add(minuend);
-    }
-
-    /**
-     * Compute the difference of this element and <tt>minuend</tt>,
-     * overwriting this element.
-     *
-     * @param minuend the minuend
-     */
-    public final void subtractFromThis(GFElement minuend)
-    {
-        addToThis(minuend);
-    }
-
-    /**
-     * Returns <tt>this</tt> element to the power of 2.
-     *
-     * @return <tt>this</tt><sup>2</sup>
-     */
-    public abstract GF2nElement square();
-
-    /**
-     * Squares <tt>this</tt> element.
-     */
-    public abstract void squareThis();
-
-    /**
-     * Compute the square root of this element and return the result in a new
-     * {@link GF2nElement}.
-     *
-     * @return <tt>this<sup>1/2</sup></tt> (newly created)
-     */
-    public abstract GF2nElement squareRoot();
-
-    /**
-     * Compute the square root of this element.
-     */
-    public abstract void squareRootThis();
-
-    /**
-     * Performs a basis transformation of this element to the given GF2nField
-     * <tt>basis</tt>.
-     *
-     * @param basis the GF2nField representation to transform this element to
-     * @return this element in the representation of <tt>basis</tt>
-     */
-    public final GF2nElement convert(GF2nField basis)
-    {
-        return mField.convert(this, basis);
-    }
-
-    /**
-     * Returns the trace of this element.
-     *
-     * @return the trace of this element
-     */
-    public abstract int trace();
-
-    /**
-     * Solves a quadratic equation.<br>
-     * Let z<sup>2</sup> + z = <tt>this</tt>. Then this method returns z.
-     *
-     * @return z with z<sup>2</sup> + z = <tt>this</tt>
-     */
-    public abstract GF2nElement solveQuadraticEquation()
-        throws RuntimeException;
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2nField.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2nField.java
deleted file mode 100644
index 091a200..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2nField.java
+++ /dev/null

@@ -1,291 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-
-import java.security.SecureRandom;
-import java.util.Vector;
-
-
-/**
- * This abstract class defines the finite field <i>GF(2<sup>n</sup>)</i>. It
- * holds the extension degree <i>n</i>, the characteristic, the irreducible
- * fieldpolynomial and conversion matrices. GF2nField is implemented by the
- * classes GF2nPolynomialField and GF2nONBField.
- *
- * @see GF2nONBField
- * @see GF2nPolynomialField
- */
-public abstract class GF2nField
-{
-
-    protected final SecureRandom random;
-
-    /**
-     * the degree of this field
-     */
-    protected int mDegree;
-
-    /**
-     * the irreducible fieldPolynomial stored in normal order (also for ONB)
-     */
-    protected GF2Polynomial fieldPolynomial;
-
-    /**
-     * holds a list of GF2nFields to which elements have been converted and thus
-     * a COB-Matrix exists
-     */
-    protected Vector fields;
-
-    /**
-     * the COB matrices
-     */
-    protected Vector matrices;
-
-    protected GF2nField(SecureRandom random)
-    {
-        this.random = random;
-    }
-
-    /**
-     * Returns the degree <i>n</i> of this field.
-     *
-     * @return the degree <i>n</i> of this field
-     */
-    public final int getDegree()
-    {
-        return mDegree;
-    }
-
-    /**
-     * Returns the fieldpolynomial as a new Bitstring.
-     *
-     * @return a copy of the fieldpolynomial as a new Bitstring
-     */
-    public final GF2Polynomial getFieldPolynomial()
-    {
-        if (fieldPolynomial == null)
-        {
-            computeFieldPolynomial();
-        }
-        return new GF2Polynomial(fieldPolynomial);
-    }
-
-    /**
-     * Decides whether the given object <tt>other</tt> is the same as this
-     * field.
-     *
-     * @param other another object
-     * @return (this == other)
-     */
-    public final boolean equals(Object other)
-    {
-        if (other == null || !(other instanceof GF2nField))
-        {
-            return false;
-        }
-
-        GF2nField otherField = (GF2nField)other;
-
-        if (otherField.mDegree != mDegree)
-        {
-            return false;
-        }
-        if (!fieldPolynomial.equals(otherField.fieldPolynomial))
-        {
-            return false;
-        }
-        if ((this instanceof GF2nPolynomialField)
-            && !(otherField instanceof GF2nPolynomialField))
-        {
-            return false;
-        }
-        if ((this instanceof GF2nONBField)
-            && !(otherField instanceof GF2nONBField))
-        {
-            return false;
-        }
-        return true;
-    }
-
-    /**
-     * @return the hash code of this field
-     */
-    public int hashCode()
-    {
-        return mDegree + fieldPolynomial.hashCode();
-    }
-
-    /**
-     * Computes a random root from the given irreducible fieldpolynomial
-     * according to IEEE 1363 algorithm A.5.6. This cal take very long for big
-     * degrees.
-     *
-     * @param B0FieldPolynomial the fieldpolynomial if the other basis as a Bitstring
-     * @return a random root of BOFieldPolynomial in representation according to
-     *         this field
-     * @see "P1363 A.5.6, p103f"
-     */
-    protected abstract GF2nElement getRandomRoot(GF2Polynomial B0FieldPolynomial);
-
-    /**
-     * Computes the change-of-basis matrix for basis conversion according to
-     * 1363. The result is stored in the lists fields and matrices.
-     *
-     * @param B1 the GF2nField to convert to
-     * @see "P1363 A.7.3, p111ff"
-     */
-    protected abstract void computeCOBMatrix(GF2nField B1);
-
-    /**
-     * Computes the fieldpolynomial. This can take a long time for big degrees.
-     */
-    protected abstract void computeFieldPolynomial();
-
-    /**
-     * Inverts the given matrix represented as bitstrings.
-     *
-     * @param matrix the matrix to invert as a Bitstring[]
-     * @return matrix^(-1)
-     */
-    protected final GF2Polynomial[] invertMatrix(GF2Polynomial[] matrix)
-    {
-        GF2Polynomial[] a = new GF2Polynomial[matrix.length];
-        GF2Polynomial[] inv = new GF2Polynomial[matrix.length];
-        GF2Polynomial dummy;
-        int i, j;
-        // initialize a as a copy of matrix and inv as E(inheitsmatrix)
-        for (i = 0; i < mDegree; i++)
-        {
-            a[i] = new GF2Polynomial(matrix[i]);
-            inv[i] = new GF2Polynomial(mDegree);
-            inv[i].setBit(mDegree - 1 - i);
-        }
-        // construct triangle matrix so that for each a[i] the first i bits are
-        // zero
-        for (i = 0; i < mDegree - 1; i++)
-        {
-            // find column where bit i is set
-            j = i;
-            while ((j < mDegree) && !a[j].testBit(mDegree - 1 - i))
-            {
-                j++;
-            }
-            if (j >= mDegree)
-            {
-                throw new RuntimeException(
-                    "GF2nField.invertMatrix: Matrix cannot be inverted!");
-            }
-            if (i != j)
-            { // swap a[i]/a[j] and inv[i]/inv[j]
-                dummy = a[i];
-                a[i] = a[j];
-                a[j] = dummy;
-                dummy = inv[i];
-                inv[i] = inv[j];
-                inv[j] = dummy;
-            }
-            for (j = i + 1; j < mDegree; j++)
-            { // add column i to all columns>i
-                // having their i-th bit set
-                if (a[j].testBit(mDegree - 1 - i))
-                {
-                    a[j].addToThis(a[i]);
-                    inv[j].addToThis(inv[i]);
-                }
-            }
-        }
-        // construct Einheitsmatrix from a
-        for (i = mDegree - 1; i > 0; i--)
-        {
-            for (j = i - 1; j >= 0; j--)
-            { // eliminate the i-th bit in all
-                // columns < i
-                if (a[j].testBit(mDegree - 1 - i))
-                {
-                    a[j].addToThis(a[i]);
-                    inv[j].addToThis(inv[i]);
-                }
-            }
-        }
-        return inv;
-    }
-
-    /**
-     * Converts the given element in representation according to this field to a
-     * new element in representation according to B1 using the change-of-basis
-     * matrix calculated by computeCOBMatrix.
-     *
-     * @param elem  the GF2nElement to convert
-     * @param basis the basis to convert <tt>elem</tt> to
-     * @return <tt>elem</tt> converted to a new element representation
-     *         according to <tt>basis</tt>
-     * @see GF2nField#computeCOBMatrix
-     * @see GF2nField#getRandomRoot
-     * @see GF2nPolynomial
-     * @see "P1363 A.7 p109ff"
-     */
-    public final GF2nElement convert(GF2nElement elem, GF2nField basis)
-        throws RuntimeException
-    {
-        if (basis == this)
-        {
-            return (GF2nElement)elem.clone();
-        }
-        if (fieldPolynomial.equals(basis.fieldPolynomial))
-        {
-            return (GF2nElement)elem.clone();
-        }
-        if (mDegree != basis.mDegree)
-        {
-            throw new RuntimeException("GF2nField.convert: B1 has a"
-                + " different degree and thus cannot be coverted to!");
-        }
-
-        int i;
-        GF2Polynomial[] COBMatrix;
-        i = fields.indexOf(basis);
-        if (i == -1)
-        {
-            computeCOBMatrix(basis);
-            i = fields.indexOf(basis);
-        }
-        COBMatrix = (GF2Polynomial[])matrices.elementAt(i);
-
-        GF2nElement elemCopy = (GF2nElement)elem.clone();
-        if (elemCopy instanceof GF2nONBElement)
-        {
-            // remember: ONB treats its bits in reverse order
-            ((GF2nONBElement)elemCopy).reverseOrder();
-        }
-        GF2Polynomial bs = new GF2Polynomial(mDegree, elemCopy.toFlexiBigInt());
-        bs.expandN(mDegree);
-        GF2Polynomial result = new GF2Polynomial(mDegree);
-        for (i = 0; i < mDegree; i++)
-        {
-            if (bs.vectorMult(COBMatrix[i]))
-            {
-                result.setBit(mDegree - 1 - i);
-            }
-        }
-        if (basis instanceof GF2nPolynomialField)
-        {
-            return new GF2nPolynomialElement((GF2nPolynomialField)basis,
-                result);
-        }
-        else if (basis instanceof GF2nONBField)
-        {
-            GF2nONBElement res = new GF2nONBElement((GF2nONBField)basis,
-                result.toFlexiBigInt());
-            // TODO Remember: ONB treats its Bits in reverse order !!!
-            res.reverseOrder();
-            return res;
-        }
-        else
-        {
-            throw new RuntimeException(
-                "GF2nField.convert: B1 must be an instance of "
-                    + "GF2nPolynomialField or GF2nONBField!");
-        }
-
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2nONBElement.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2nONBElement.java
deleted file mode 100644
index d5d9c05..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2nONBElement.java
+++ /dev/null

@@ -1,1150 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * This class implements an element of the finite field <i>GF(2<sup>n </sup>)</i>.
- * It is represented in an optimal normal basis representation and holds the
- * pointer <tt>mField</tt> to its corresponding field.
- *
- * @see GF2nField
- * @see GF2nElement
- */
-public class GF2nONBElement
-    extends GF2nElement
-{
-
-    // /////////////////////////////////////////////////////////////////////
-    // member variables
-    // /////////////////////////////////////////////////////////////////////
-
-    private static final long[] mBitmask = new long[]{0x0000000000000001L,
-        0x0000000000000002L, 0x0000000000000004L, 0x0000000000000008L,
-        0x0000000000000010L, 0x0000000000000020L, 0x0000000000000040L,
-        0x0000000000000080L, 0x0000000000000100L, 0x0000000000000200L,
-        0x0000000000000400L, 0x0000000000000800L, 0x0000000000001000L,
-        0x0000000000002000L, 0x0000000000004000L, 0x0000000000008000L,
-        0x0000000000010000L, 0x0000000000020000L, 0x0000000000040000L,
-        0x0000000000080000L, 0x0000000000100000L, 0x0000000000200000L,
-        0x0000000000400000L, 0x0000000000800000L, 0x0000000001000000L,
-        0x0000000002000000L, 0x0000000004000000L, 0x0000000008000000L,
-        0x0000000010000000L, 0x0000000020000000L, 0x0000000040000000L,
-        0x0000000080000000L, 0x0000000100000000L, 0x0000000200000000L,
-        0x0000000400000000L, 0x0000000800000000L, 0x0000001000000000L,
-        0x0000002000000000L, 0x0000004000000000L, 0x0000008000000000L,
-        0x0000010000000000L, 0x0000020000000000L, 0x0000040000000000L,
-        0x0000080000000000L, 0x0000100000000000L, 0x0000200000000000L,
-        0x0000400000000000L, 0x0000800000000000L, 0x0001000000000000L,
-        0x0002000000000000L, 0x0004000000000000L, 0x0008000000000000L,
-        0x0010000000000000L, 0x0020000000000000L, 0x0040000000000000L,
-        0x0080000000000000L, 0x0100000000000000L, 0x0200000000000000L,
-        0x0400000000000000L, 0x0800000000000000L, 0x1000000000000000L,
-        0x2000000000000000L, 0x4000000000000000L, 0x8000000000000000L};
-
-    private static final long[] mMaxmask = new long[]{0x0000000000000001L,
-        0x0000000000000003L, 0x0000000000000007L, 0x000000000000000FL,
-        0x000000000000001FL, 0x000000000000003FL, 0x000000000000007FL,
-        0x00000000000000FFL, 0x00000000000001FFL, 0x00000000000003FFL,
-        0x00000000000007FFL, 0x0000000000000FFFL, 0x0000000000001FFFL,
-        0x0000000000003FFFL, 0x0000000000007FFFL, 0x000000000000FFFFL,
-        0x000000000001FFFFL, 0x000000000003FFFFL, 0x000000000007FFFFL,
-        0x00000000000FFFFFL, 0x00000000001FFFFFL, 0x00000000003FFFFFL,
-        0x00000000007FFFFFL, 0x0000000000FFFFFFL, 0x0000000001FFFFFFL,
-        0x0000000003FFFFFFL, 0x0000000007FFFFFFL, 0x000000000FFFFFFFL,
-        0x000000001FFFFFFFL, 0x000000003FFFFFFFL, 0x000000007FFFFFFFL,
-        0x00000000FFFFFFFFL, 0x00000001FFFFFFFFL, 0x00000003FFFFFFFFL,
-        0x00000007FFFFFFFFL, 0x0000000FFFFFFFFFL, 0x0000001FFFFFFFFFL,
-        0x0000003FFFFFFFFFL, 0x0000007FFFFFFFFFL, 0x000000FFFFFFFFFFL,
-        0x000001FFFFFFFFFFL, 0x000003FFFFFFFFFFL, 0x000007FFFFFFFFFFL,
-        0x00000FFFFFFFFFFFL, 0x00001FFFFFFFFFFFL, 0x00003FFFFFFFFFFFL,
-        0x00007FFFFFFFFFFFL, 0x0000FFFFFFFFFFFFL, 0x0001FFFFFFFFFFFFL,
-        0x0003FFFFFFFFFFFFL, 0x0007FFFFFFFFFFFFL, 0x000FFFFFFFFFFFFFL,
-        0x001FFFFFFFFFFFFFL, 0x003FFFFFFFFFFFFFL, 0x007FFFFFFFFFFFFFL,
-        0x00FFFFFFFFFFFFFFL, 0x01FFFFFFFFFFFFFFL, 0x03FFFFFFFFFFFFFFL,
-        0x07FFFFFFFFFFFFFFL, 0x0FFFFFFFFFFFFFFFL, 0x1FFFFFFFFFFFFFFFL,
-        0x3FFFFFFFFFFFFFFFL, 0x7FFFFFFFFFFFFFFFL, 0xFFFFFFFFFFFFFFFFL};
-
-    // mIBy64[j * 16 + i] = (j * 16 + i)/64
-    // i =
-    // 0 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15
-    //
-    private static final int[] mIBY64 = new int[]{
-        // j =
-        0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 0
-        0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 1
-        0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 2
-        0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, // 3
-        1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, // 4
-        1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, // 5
-        1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, // 6
-        1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, 1, // 7
-        2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, // 8
-        2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, // 9
-        2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, // 10
-        2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, 2, // 11
-        3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, // 12
-        3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, // 13
-        3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, // 14
-        3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, 3, // 15
-        4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, // 16
-        4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, // 17
-        4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, // 18
-        4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, 4, // 19
-        5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, // 20
-        5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, // 21
-        5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, // 22
-        5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5 // 23
-    };
-
-    private static final int MAXLONG = 64;
-
-    /**
-     * holds the lenght of the polynomial with 64 bit sized fields.
-     */
-    private int mLength;
-
-    /**
-     * holds the value of mDeg % MAXLONG.
-     */
-    private int mBit;
-
-    /**
-     * holds this element in ONB representation.
-     */
-    private long[] mPol;
-
-    // /////////////////////////////////////////////////////////////////////
-    // constructors
-    // /////////////////////////////////////////////////////////////////////
-
-    /**
-     * Construct a random element over the field <tt>gf2n</tt>, using the
-     * specified source of randomness.
-     *
-     * @param gf2n the field
-     * @param rand the source of randomness
-     */
-    public GF2nONBElement(GF2nONBField gf2n, SecureRandom rand)
-    {
-        mField = gf2n;
-        mDegree = mField.getDegree();
-        mLength = gf2n.getONBLength();
-        mBit = gf2n.getONBBit();
-        mPol = new long[mLength];
-        if (mLength > 1)
-        {
-            for (int j = 0; j < mLength - 1; j++)
-            {
-                mPol[j] = rand.nextLong();
-            }
-            long last = rand.nextLong();
-            mPol[mLength - 1] = last >>> (MAXLONG - mBit);
-        }
-        else
-        {
-            mPol[0] = rand.nextLong();
-            mPol[0] = mPol[0] >>> (MAXLONG - mBit);
-        }
-    }
-
-    /**
-     * Construct a new GF2nONBElement from its encoding.
-     *
-     * @param gf2n the field
-     * @param e    the encoded element
-     */
-    public GF2nONBElement(GF2nONBField gf2n, byte[] e)
-    {
-        mField = gf2n;
-        mDegree = mField.getDegree();
-        mLength = gf2n.getONBLength();
-        mBit = gf2n.getONBBit();
-        mPol = new long[mLength];
-        assign(e);
-    }
-
-    /**
-     * Construct the element of the field <tt>gf2n</tt> with the specified
-     * value <tt>val</tt>.
-     *
-     * @param gf2n the field
-     * @param val  the value represented by a BigInteger
-     */
-    public GF2nONBElement(GF2nONBField gf2n, BigInteger val)
-    {
-        mField = gf2n;
-        mDegree = mField.getDegree();
-        mLength = gf2n.getONBLength();
-        mBit = gf2n.getONBBit();
-        mPol = new long[mLength];
-        assign(val);
-    }
-
-    /**
-     * Construct the element of the field <tt>gf2n</tt> with the specified
-     * value <tt>val</tt>.
-     *
-     * @param gf2n the field
-     * @param val  the value in ONB representation
-     */
-    private GF2nONBElement(GF2nONBField gf2n, long[] val)
-    {
-        mField = gf2n;
-        mDegree = mField.getDegree();
-        mLength = gf2n.getONBLength();
-        mBit = gf2n.getONBBit();
-        mPol = val;
-    }
-
-    // /////////////////////////////////////////////////////////////////////
-    // pseudo-constructors
-    // /////////////////////////////////////////////////////////////////////
-
-    /**
-     * Copy constructor.
-     *
-     * @param gf2n the field
-     */
-    public GF2nONBElement(GF2nONBElement gf2n)
-    {
-
-        mField = gf2n.mField;
-        mDegree = mField.getDegree();
-        mLength = ((GF2nONBField)mField).getONBLength();
-        mBit = ((GF2nONBField)mField).getONBBit();
-        mPol = new long[mLength];
-        assign(gf2n.getElement());
-    }
-
-    /**
-     * Create a new GF2nONBElement by cloning this GF2nPolynomialElement.
-     *
-     * @return a copy of this element
-     */
-    public Object clone()
-    {
-        return new GF2nONBElement(this);
-    }
-
-    /**
-     * Create the zero element.
-     *
-     * @param gf2n the finite field
-     * @return the zero element in the given finite field
-     */
-    public static GF2nONBElement ZERO(GF2nONBField gf2n)
-    {
-        long[] polynomial = new long[gf2n.getONBLength()];
-        return new GF2nONBElement(gf2n, polynomial);
-    }
-
-    /**
-     * Create the one element.
-     *
-     * @param gf2n the finite field
-     * @return the one element in the given finite field
-     */
-    public static GF2nONBElement ONE(GF2nONBField gf2n)
-    {
-        int mLength = gf2n.getONBLength();
-        long[] polynomial = new long[mLength];
-
-        // fill mDegree coefficients with one's
-        for (int i = 0; i < mLength - 1; i++)
-        {
-            polynomial[i] = 0xffffffffffffffffL;
-        }
-        polynomial[mLength - 1] = mMaxmask[gf2n.getONBBit() - 1];
-
-        return new GF2nONBElement(gf2n, polynomial);
-    }
-
-    // /////////////////////////////////////////////////////////////////////
-    // assignments
-    // /////////////////////////////////////////////////////////////////////
-
-    /**
-     * assigns to this element the zero element
-     */
-    void assignZero()
-    {
-        mPol = new long[mLength];
-    }
-
-    /**
-     * assigns to this element the one element
-     */
-    void assignOne()
-    {
-        // fill mDegree coefficients with one's
-        for (int i = 0; i < mLength - 1; i++)
-        {
-            mPol[i] = 0xffffffffffffffffL;
-        }
-        mPol[mLength - 1] = mMaxmask[mBit - 1];
-    }
-
-    /**
-     * assigns to this element the value <tt>val</tt>.
-     *
-     * @param val the value represented by a BigInteger
-     */
-    private void assign(BigInteger val)
-    {
-        assign(val.toByteArray());
-    }
-
-    /**
-     * assigns to this element the value <tt>val</tt>.
-     *
-     * @param val the value in ONB representation
-     */
-    private void assign(long[] val)
-    {
-        System.arraycopy(val, 0, mPol, 0, mLength);
-    }
-
-    /**
-     * assigns to this element the value <tt>val</tt>. First: inverting the
-     * order of val into reversed[]. That means: reversed[0] = val[length - 1],
-     * ..., reversed[reversed.length - 1] = val[0]. Second: mPol[0] = sum{i = 0,
-     * ... 7} (val[i]<<(i*8)) .... mPol[1] = sum{i = 8, ... 15} (val[i]<<(i*8))
-     *
-     * @param val the value in ONB representation
-     */
-    private void assign(byte[] val)
-    {
-        int j;
-        mPol = new long[mLength];
-        for (j = 0; j < val.length; j++)
-        {
-            mPol[j >>> 3] |= (val[val.length - 1 - j] & 0x00000000000000ffL) << ((j & 0x07) << 3);
-        }
-    }
-
-    // /////////////////////////////////////////////////////////////////
-    // comparison
-    // /////////////////////////////////////////////////////////////////
-
-    /**
-     * Checks whether this element is zero.
-     *
-     * @return <tt>true</tt> if <tt>this</tt> is the zero element
-     */
-    public boolean isZero()
-    {
-
-        boolean result = true;
-
-        for (int i = 0; i < mLength && result; i++)
-        {
-            result = result && ((mPol[i] & 0xFFFFFFFFFFFFFFFFL) == 0);
-        }
-
-        return result;
-    }
-
-    /**
-     * Checks whether this element is one.
-     *
-     * @return <tt>true</tt> if <tt>this</tt> is the one element
-     */
-    public boolean isOne()
-    {
-
-        boolean result = true;
-
-        for (int i = 0; i < mLength - 1 && result; i++)
-        {
-            result = result
-                && ((mPol[i] & 0xFFFFFFFFFFFFFFFFL) == 0xFFFFFFFFFFFFFFFFL);
-        }
-
-        if (result)
-        {
-            result = result
-                && ((mPol[mLength - 1] & mMaxmask[mBit - 1]) == mMaxmask[mBit - 1]);
-        }
-
-        return result;
-    }
-
-    /**
-     * Compare this element with another object.
-     *
-     * @param other the other object
-     * @return <tt>true</tt> if the two objects are equal, <tt>false</tt>
-     *         otherwise
-     */
-    public boolean equals(Object other)
-    {
-        if (other == null || !(other instanceof GF2nONBElement))
-        {
-            return false;
-        }
-
-        GF2nONBElement otherElem = (GF2nONBElement)other;
-
-        for (int i = 0; i < mLength; i++)
-        {
-            if (mPol[i] != otherElem.mPol[i])
-            {
-                return false;
-            }
-        }
-
-        return true;
-    }
-
-    /**
-     * @return the hash code of this element
-     */
-    public int hashCode()
-    {
-        return Arrays.hashCode(mPol);
-    }
-
-    // /////////////////////////////////////////////////////////////////////
-    // access
-    // /////////////////////////////////////////////////////////////////////
-
-    /**
-     * Returns whether the highest bit of the bit representation is set
-     *
-     * @return true, if the highest bit of mPol is set, false, otherwise
-     */
-    public boolean testRightmostBit()
-    {
-        // due to the reverse bit order (compared to 1363) this method returns
-        // the value of the leftmost bit
-        return (mPol[mLength - 1] & mBitmask[mBit - 1]) != 0L;
-    }
-
-    /**
-     * Checks whether the indexed bit of the bit representation is set. Warning:
-     * GF2nONBElement currently stores its bits in reverse order (compared to
-     * 1363) !!!
-     *
-     * @param index the index of the bit to test
-     * @return <tt>true</tt> if the indexed bit of mPol is set, <tt>false</tt>
-     *         otherwise.
-     */
-    boolean testBit(int index)
-    {
-        if (index < 0 || index > mDegree)
-        {
-            return false;
-        }
-        long test = mPol[index >>> 6] & mBitmask[index & 0x3f];
-        return test != 0x0L;
-    }
-
-    /**
-     * @return this element in its ONB representation
-     */
-    private long[] getElement()
-    {
-
-        long[] result = new long[mPol.length];
-        System.arraycopy(mPol, 0, result, 0, mPol.length);
-
-        return result;
-    }
-
-    /**
-     * Returns the ONB representation of this element. The Bit-Order is
-     * exchanged (according to 1363)!
-     *
-     * @return this element in its representation and reverse bit-order
-     */
-    private long[] getElementReverseOrder()
-    {
-        long[] result = new long[mPol.length];
-        for (int i = 0; i < mDegree; i++)
-        {
-            if (testBit(mDegree - i - 1))
-            {
-                result[i >>> 6] |= mBitmask[i & 0x3f];
-            }
-        }
-        return result;
-    }
-
-    /**
-     * Reverses the bit-order in this element(according to 1363). This is a
-     * hack!
-     */
-    void reverseOrder()
-    {
-        mPol = getElementReverseOrder();
-    }
-
-    // /////////////////////////////////////////////////////////////////////
-    // arithmetic
-    // /////////////////////////////////////////////////////////////////////
-
-    /**
-     * Compute the sum of this element and <tt>addend</tt>.
-     *
-     * @param addend the addend
-     * @return <tt>this + other</tt> (newly created)
-     */
-    public GFElement add(GFElement addend)
-        throws RuntimeException
-    {
-        GF2nONBElement result = new GF2nONBElement(this);
-        result.addToThis(addend);
-        return result;
-    }
-
-    /**
-     * Compute <tt>this + addend</tt> (overwrite <tt>this</tt>).
-     *
-     * @param addend the addend
-     */
-    public void addToThis(GFElement addend)
-        throws RuntimeException
-    {
-        if (!(addend instanceof GF2nONBElement))
-        {
-            throw new RuntimeException();
-        }
-        if (!mField.equals(((GF2nONBElement)addend).mField))
-        {
-            throw new RuntimeException();
-        }
-
-        for (int i = 0; i < mLength; i++)
-        {
-            mPol[i] ^= ((GF2nONBElement)addend).mPol[i];
-        }
-    }
-
-    /**
-     * returns <tt>this</tt> element + 1.
-     *
-     * @return <tt>this</tt> + 1
-     */
-    public GF2nElement increase()
-    {
-        GF2nONBElement result = new GF2nONBElement(this);
-        result.increaseThis();
-        return result;
-    }
-
-    /**
-     * increases <tt>this</tt> element.
-     */
-    public void increaseThis()
-    {
-        addToThis(ONE((GF2nONBField)mField));
-    }
-
-    /**
-     * Compute the product of this element and <tt>factor</tt>.
-     *
-     * @param factor the factor
-     * @return <tt>this * factor</tt> (newly created)
-     */
-    public GFElement multiply(GFElement factor)
-        throws RuntimeException
-    {
-        GF2nONBElement result = new GF2nONBElement(this);
-        result.multiplyThisBy(factor);
-        return result;
-    }
-
-    /**
-     * Compute <tt>this * factor</tt> (overwrite <tt>this</tt>).
-     *
-     * @param factor the factor
-     */
-    public void multiplyThisBy(GFElement factor)
-        throws RuntimeException
-    {
-
-        if (!(factor instanceof GF2nONBElement))
-        {
-            throw new RuntimeException("The elements have different"
-                + " representation: not yet" + " implemented");
-        }
-        if (!mField.equals(((GF2nONBElement)factor).mField))
-        {
-            throw new RuntimeException();
-        }
-
-        if (equals(factor))
-        {
-            squareThis();
-        }
-        else
-        {
-
-            long[] a = mPol;
-            long[] b = ((GF2nONBElement)factor).mPol;
-            long[] c = new long[mLength];
-
-            int[][] m = ((GF2nONBField)mField).mMult;
-
-            int degf, degb, s, fielda, fieldb, bita, bitb;
-            degf = mLength - 1;
-            degb = mBit - 1;
-            s = 0;
-
-            long TWOTOMAXLONGM1 = mBitmask[MAXLONG - 1];
-            long TWOTODEGB = mBitmask[degb];
-
-            boolean old, now;
-
-            // the product c of a and b (a*b = c) is calculated in mDegree
-            // cicles
-            // in every cicle one coefficient of c is calculated and stored
-            // k indicates the coefficient
-            //
-            for (int k = 0; k < mDegree; k++)
-            {
-
-                s = 0;
-
-                for (int i = 0; i < mDegree; i++)
-                {
-
-                    // fielda = i / MAXLONG
-                    //
-                    fielda = mIBY64[i];
-
-                    // bita = i % MAXLONG
-                    //
-                    bita = i & (MAXLONG - 1);
-
-                    // fieldb = m[i][0] / MAXLONG
-                    //
-                    fieldb = mIBY64[m[i][0]];
-
-                    // bitb = m[i][0] % MAXLONG
-                    //
-                    bitb = m[i][0] & (MAXLONG - 1);
-
-                    if ((a[fielda] & mBitmask[bita]) != 0)
-                    {
-
-                        if ((b[fieldb] & mBitmask[bitb]) != 0)
-                        {
-                            s ^= 1;
-                        }
-
-                        if (m[i][1] != -1)
-                        {
-
-                            // fieldb = m[i][1] / MAXLONG
-                            //
-                            fieldb = mIBY64[m[i][1]];
-
-                            // bitb = m[i][1] % MAXLONG
-                            //
-                            bitb = m[i][1] & (MAXLONG - 1);
-
-                            if ((b[fieldb] & mBitmask[bitb]) != 0)
-                            {
-                                s ^= 1;
-                            }
-
-                        }
-                    }
-                }
-                fielda = mIBY64[k];
-                bita = k & (MAXLONG - 1);
-
-                if (s != 0)
-                {
-                    c[fielda] ^= mBitmask[bita];
-                }
-
-                // Circular shift of x and y one bit to the right,
-                // respectively.
-
-                if (mLength > 1)
-                {
-
-                    // Shift x.
-                    //
-                    old = (a[degf] & 1) == 1;
-
-                    for (int i = degf - 1; i >= 0; i--)
-                    {
-                        now = (a[i] & 1) != 0;
-
-                        a[i] = a[i] >>> 1;
-
-                        if (old)
-                        {
-                            a[i] ^= TWOTOMAXLONGM1;
-                        }
-
-                        old = now;
-                    }
-                    a[degf] = a[degf] >>> 1;
-
-                    if (old)
-                    {
-                        a[degf] ^= TWOTODEGB;
-                    }
-
-                    // Shift y.
-                    //
-                    old = (b[degf] & 1) == 1;
-
-                    for (int i = degf - 1; i >= 0; i--)
-                    {
-                        now = (b[i] & 1) != 0;
-
-                        b[i] = b[i] >>> 1;
-
-                        if (old)
-                        {
-                            b[i] ^= TWOTOMAXLONGM1;
-                        }
-
-                        old = now;
-                    }
-
-                    b[degf] = b[degf] >>> 1;
-
-                    if (old)
-                    {
-                        b[degf] ^= TWOTODEGB;
-                    }
-                }
-                else
-                {
-                    old = (a[0] & 1) == 1;
-                    a[0] = a[0] >>> 1;
-
-                    if (old)
-                    {
-                        a[0] ^= TWOTODEGB;
-                    }
-
-                    old = (b[0] & 1) == 1;
-                    b[0] = b[0] >>> 1;
-
-                    if (old)
-                    {
-                        b[0] ^= TWOTODEGB;
-                    }
-                }
-            }
-            assign(c);
-        }
-    }
-
-    /**
-     * returns <tt>this</tt> element to the power of 2.
-     *
-     * @return <tt>this</tt><sup>2</sup>
-     */
-    public GF2nElement square()
-    {
-        GF2nONBElement result = new GF2nONBElement(this);
-        result.squareThis();
-        return result;
-    }
-
-    /**
-     * squares <tt>this</tt> element.
-     */
-    public void squareThis()
-    {
-
-        long[] pol = getElement();
-
-        int f = mLength - 1;
-        int b = mBit - 1;
-
-        // Shift the coefficients one bit to the left.
-        //
-        long TWOTOMAXLONGM1 = mBitmask[MAXLONG - 1];
-        boolean old, now;
-
-        old = (pol[f] & mBitmask[b]) != 0;
-
-        for (int i = 0; i < f; i++)
-        {
-
-            now = (pol[i] & TWOTOMAXLONGM1) != 0;
-
-            pol[i] = pol[i] << 1;
-
-            if (old)
-            {
-                pol[i] ^= 1;
-            }
-
-            old = now;
-        }
-        now = (pol[f] & mBitmask[b]) != 0;
-
-        pol[f] = pol[f] << 1;
-
-        if (old)
-        {
-            pol[f] ^= 1;
-        }
-
-        // Set the bit with index mDegree to zero.
-        //
-        if (now)
-        {
-            pol[f] ^= mBitmask[b + 1];
-        }
-
-        assign(pol);
-    }
-
-    /**
-     * Compute the multiplicative inverse of this element.
-     *
-     * @return <tt>this<sup>-1</sup></tt> (newly created)
-     * @throws ArithmeticException if <tt>this</tt> is the zero element.
-     */
-    public GFElement invert()
-        throws ArithmeticException
-    {
-        GF2nONBElement result = new GF2nONBElement(this);
-        result.invertThis();
-        return result;
-    }
-
-    /**
-     * Multiplicatively invert of this element (overwrite <tt>this</tt>).
-     *
-     * @throws ArithmeticException if <tt>this</tt> is the zero element.
-     */
-    public void invertThis()
-        throws ArithmeticException
-    {
-
-        if (isZero())
-        {
-            throw new ArithmeticException();
-        }
-        int r = 31; // mDegree kann nur 31 Bits lang sein!!!
-
-        // Bitlaenge von mDegree:
-        for (boolean found = false; !found && r >= 0; r--)
-        {
-
-            if (((mDegree - 1) & mBitmask[r]) != 0)
-            {
-                found = true;
-            }
-        }
-        r++;
-
-        GF2nElement m = ZERO((GF2nONBField)mField);
-        GF2nElement n = new GF2nONBElement(this);
-
-        int k = 1;
-
-        for (int i = r - 1; i >= 0; i--)
-        {
-            m = (GF2nElement)n.clone();
-            for (int j = 1; j <= k; j++)
-            {
-                m.squareThis();
-            }
-
-            n.multiplyThisBy(m);
-
-            k <<= 1;
-            if (((mDegree - 1) & mBitmask[i]) != 0)
-            {
-                n.squareThis();
-
-                n.multiplyThisBy(this);
-
-                k++;
-            }
-        }
-        n.squareThis();
-    }
-
-    /**
-     * returns the root of<tt>this</tt> element.
-     *
-     * @return <tt>this</tt><sup>1/2</sup>
-     */
-    public GF2nElement squareRoot()
-    {
-        GF2nONBElement result = new GF2nONBElement(this);
-        result.squareRootThis();
-        return result;
-    }
-
-    /**
-     * square roots <tt>this</tt> element.
-     */
-    public void squareRootThis()
-    {
-
-        long[] pol = getElement();
-
-        int f = mLength - 1;
-        int b = mBit - 1;
-
-        // Shift the coefficients one bit to the right.
-        //
-        long TWOTOMAXLONGM1 = mBitmask[MAXLONG - 1];
-        boolean old, now;
-
-        old = (pol[0] & 1) != 0;
-
-        for (int i = f; i >= 0; i--)
-        {
-            now = (pol[i] & 1) != 0;
-            pol[i] = pol[i] >>> 1;
-
-            if (old)
-            {
-                if (i == f)
-                {
-                    pol[i] ^= mBitmask[b];
-                }
-                else
-                {
-                    pol[i] ^= TWOTOMAXLONGM1;
-                }
-            }
-            old = now;
-        }
-        assign(pol);
-    }
-
-    /**
-     * Returns the trace of this element.
-     *
-     * @return the trace of this element
-     */
-    public int trace()
-    {
-
-        // trace = sum of coefficients
-        //
-
-        int result = 0;
-
-        int max = mLength - 1;
-
-        for (int i = 0; i < max; i++)
-        {
-
-            for (int j = 0; j < MAXLONG; j++)
-            {
-
-                if ((mPol[i] & mBitmask[j]) != 0)
-                {
-                    result ^= 1;
-                }
-            }
-        }
-
-        int b = mBit;
-
-        for (int j = 0; j < b; j++)
-        {
-
-            if ((mPol[max] & mBitmask[j]) != 0)
-            {
-                result ^= 1;
-            }
-        }
-        return result;
-    }
-
-    /**
-     * Solves a quadratic equation.<br>
-     * Let z<sup>2</sup> + z = <tt>this</tt>. Then this method returns z.
-     *
-     * @return z with z<sup>2</sup> + z = <tt>this</tt>
-     */
-    public GF2nElement solveQuadraticEquation()
-        throws RuntimeException
-    {
-
-        if (trace() == 1)
-        {
-            throw new RuntimeException();
-        }
-
-        long TWOTOMAXLONGM1 = mBitmask[MAXLONG - 1];
-        long ZERO = 0L;
-        long ONE = 1L;
-
-        long[] p = new long[mLength];
-        long z = 0L;
-        int j = 1;
-        for (int i = 0; i < mLength - 1; i++)
-        {
-
-            for (j = 1; j < MAXLONG; j++)
-            {
-
-                //
-                if (!((((mBitmask[j] & mPol[i]) != ZERO) && ((z & mBitmask[j - 1]) != ZERO)) || (((mPol[i] & mBitmask[j]) == ZERO) && ((z & mBitmask[j - 1]) == ZERO))))
-                {
-                    z ^= mBitmask[j];
-                }
-            }
-            p[i] = z;
-
-            if (((TWOTOMAXLONGM1 & z) != ZERO && (ONE & mPol[i + 1]) == ONE)
-                || ((TWOTOMAXLONGM1 & z) == ZERO && (ONE & mPol[i + 1]) == ZERO))
-            {
-                z = ZERO;
-            }
-            else
-            {
-                z = ONE;
-            }
-        }
-
-        int b = mDegree & (MAXLONG - 1);
-
-        long LASTLONG = mPol[mLength - 1];
-
-        for (j = 1; j < b; j++)
-        {
-            if (!((((mBitmask[j] & LASTLONG) != ZERO) && ((mBitmask[j - 1] & z) != ZERO)) || (((mBitmask[j] & LASTLONG) == ZERO) && ((mBitmask[j - 1] & z) == ZERO))))
-            {
-                z ^= mBitmask[j];
-            }
-        }
-        p[mLength - 1] = z;
-        return new GF2nONBElement((GF2nONBField)mField, p);
-    }
-
-    // /////////////////////////////////////////////////////////////////
-    // conversion
-    // /////////////////////////////////////////////////////////////////
-
-    /**
-     * Returns a String representation of this element.
-     *
-     * @return String representation of this element with the specified radix
-     */
-    public String toString()
-    {
-        return toString(16);
-    }
-
-    /**
-     * Returns a String representation of this element. <tt>radix</tt>
-     * specifies the radix of the String representation.<br>
-     * NOTE: ONLY <tt>radix = 2</tt> or <tt>radix = 16</tt> IS IMPLEMENTED
-     *
-     * @param radix specifies the radix of the String representation
-     * @return String representation of this element with the specified radix
-     */
-    public String toString(int radix)
-    {
-        String s = "";
-
-        long[] a = getElement();
-        int b = mBit;
-
-        if (radix == 2)
-        {
-
-            for (int j = b - 1; j >= 0; j--)
-            {
-                if ((a[a.length - 1] & ((long)1 << j)) == 0)
-                {
-                    s += "0";
-                }
-                else
-                {
-                    s += "1";
-                }
-            }
-
-            for (int i = a.length - 2; i >= 0; i--)
-            {
-                for (int j = MAXLONG - 1; j >= 0; j--)
-                {
-                    if ((a[i] & mBitmask[j]) == 0)
-                    {
-                        s += "0";
-                    }
-                    else
-                    {
-                        s += "1";
-                    }
-                }
-            }
-        }
-        else if (radix == 16)
-        {
-            final char[] HEX_CHARS = {'0', '1', '2', '3', '4', '5', '6', '7',
-                '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'};
-            for (int i = a.length - 1; i >= 0; i--)
-            {
-                s += HEX_CHARS[(int)(a[i] >>> 60) & 0x0f];
-                s += HEX_CHARS[(int)(a[i] >>> 56) & 0x0f];
-                s += HEX_CHARS[(int)(a[i] >>> 52) & 0x0f];
-                s += HEX_CHARS[(int)(a[i] >>> 48) & 0x0f];
-                s += HEX_CHARS[(int)(a[i] >>> 44) & 0x0f];
-                s += HEX_CHARS[(int)(a[i] >>> 40) & 0x0f];
-                s += HEX_CHARS[(int)(a[i] >>> 36) & 0x0f];
-                s += HEX_CHARS[(int)(a[i] >>> 32) & 0x0f];
-                s += HEX_CHARS[(int)(a[i] >>> 28) & 0x0f];
-                s += HEX_CHARS[(int)(a[i] >>> 24) & 0x0f];
-                s += HEX_CHARS[(int)(a[i] >>> 20) & 0x0f];
-                s += HEX_CHARS[(int)(a[i] >>> 16) & 0x0f];
-                s += HEX_CHARS[(int)(a[i] >>> 12) & 0x0f];
-                s += HEX_CHARS[(int)(a[i] >>> 8) & 0x0f];
-                s += HEX_CHARS[(int)(a[i] >>> 4) & 0x0f];
-                s += HEX_CHARS[(int)(a[i]) & 0x0f];
-                s += " ";
-            }
-        }
-        return s;
-    }
-
-    /**
-     * Returns this element as FlexiBigInt. The conversion is <a href =
-     * "http://grouper.ieee.org/groups/1363/">P1363</a>-conform.
-     *
-     * @return this element as BigInteger
-     */
-    public BigInteger toFlexiBigInt()
-    {
-        /** @todo this method does not reverse the bit-order as it should!!! */
-
-        return new BigInteger(1, toByteArray());
-    }
-
-    /**
-     * Returns this element as byte array. The conversion is <a href =
-     * "http://grouper.ieee.org/groups/1363/">P1363</a>-conform.
-     *
-     * @return this element as byte array
-     */
-    public byte[] toByteArray()
-    {
-        /** @todo this method does not reverse the bit-order as it should!!! */
-
-        int k = ((mDegree - 1) >> 3) + 1;
-        byte[] result = new byte[k];
-        int i;
-        for (i = 0; i < k; i++)
-        {
-            result[k - i - 1] = (byte)((mPol[i >>> 3] & (0x00000000000000ffL << ((i & 0x07) << 3))) >>> ((i & 0x07) << 3));
-        }
-        return result;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2nONBField.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2nONBField.java
deleted file mode 100644
index f91b94a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2nONBField.java
+++ /dev/null

@@ -1,547 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-
-import java.security.SecureRandom;
-import java.util.Random;
-import java.util.Vector;
-
-
-/**
- * This class implements the abstract class <tt>GF2nField</tt> for ONB
- * representation. It computes the fieldpolynomial, multiplication matrix and
- * one of its roots mONBRoot, (see for example <a
- * href=http://www2.certicom.com/ecc/intro.htm>Certicoms Whitepapers</a>).
- * GF2nField is used by GF2nONBElement which implements the elements of this
- * field.
- *
- * @see GF2nField
- * @see GF2nONBElement
- */
-public class GF2nONBField
-    extends GF2nField
-{
-
-    // ///////////////////////////////////////////////////////////////////
-    // Hashtable for irreducible normal polynomials //
-    // ///////////////////////////////////////////////////////////////////
-
-    // i*5 + 0 i*5 + 1 i*5 + 2 i*5 + 3 i*5 + 4
-    /*
-     * private static int[][] mNB = {{0, 0, 0}, {0, 0, 0}, {1, 0, 0}, {1, 0, 0},
-     * {1, 0, 0}, // i = 0 {2, 0, 0}, {1, 0, 0}, {1, 0, 0}, {4, 3, 1}, {1, 0,
-     * 0}, // i = 1 {3, 0, 0}, {2, 0, 0}, {3, 0, 0}, {4, 3, 1}, {5, 0, 0}, // i =
-     * 2 {1, 0, 0}, {5, 3, 1}, {3, 0, 0}, {3, 0, 0}, {5, 2, 1}, // i = 3 {3, 0,
-     * 0}, {2, 0, 0}, {1, 0, 0}, {5, 0, 0}, {4, 3, 1}, // i = 4 {3, 0, 0}, {4,
-     * 3, 1}, {5, 2, 1}, {1, 0, 0}, {2, 0, 0}, // i = 5 {1, 0, 0}, {3, 0, 0},
-     * {7, 3, 2}, {10, 0, 0}, {7, 0, 0}, // i = 6 {2, 0, 0}, {9, 0, 0}, {6, 4,
-     * 1}, {6, 5, 1}, {4, 0, 0}, // i = 7 {5, 4, 3}, {3, 0, 0}, {7, 0, 0}, {6,
-     * 4, 3}, {5, 0, 0}, // i = 8 {4, 3, 1}, {1, 0, 0}, {5, 0, 0}, {5, 3, 2},
-     * {9, 0, 0}, // i = 9 {4, 3, 2}, {6, 3, 1}, {3, 0, 0}, {6, 2, 1}, {9, 0,
-     * 0}, // i = 10 {7, 0, 0}, {7, 4, 2}, {4, 0, 0}, {19, 0, 0}, {7, 4, 2}, //
-     * i = 11 {1, 0, 0}, {5, 2, 1}, {29, 0, 0}, {1, 0, 0}, {4, 3, 1}, // i = 12
-     * {18, 0, 0}, {3, 0, 0}, {5, 2, 1}, {9, 0, 0}, {6, 5, 2}, // i = 13 {5, 3,
-     * 1}, {6, 0, 0}, {10, 9, 3}, {25, 0, 0}, {35, 0, 0}, // i = 14 {6, 3, 1},
-     * {21, 0, 0}, {6, 5, 2}, {6, 5, 3}, {9, 0, 0}, // i = 15 {9, 4, 2}, {4, 0,
-     * 0}, {8, 3, 1}, {7, 4, 2}, {5, 0, 0}, // i = 16 {8, 2, 1}, {21, 0, 0},
-     * {13, 0, 0}, {7, 6, 2}, {38, 0, 0}, // i = 17 {27, 0, 0}, {8, 5, 1}, {21,
-     * 0, 0}, {2, 0, 0}, {21, 0, 0}, // i = 18 {11, 0, 0}, {10, 9, 6}, {6, 0,
-     * 0}, {11, 0, 0}, {6, 3, 1}, // i = 19 {15, 0, 0}, {7, 6, 1}, {29, 0, 0},
-     * {9, 0, 0}, {4, 3, 1}, // i = 20 {4, 0, 0}, {15, 0, 0}, {9, 7, 4}, {17, 0,
-     * 0}, {5, 4, 2}, // i = 21 {33, 0, 0}, {10, 0, 0}, {5, 4, 3}, {9, 0, 0},
-     * {5, 3, 2}, // i = 22 {8, 7, 5}, {4, 2, 1}, {5, 2, 1}, {33, 0, 0}, {8, 0,
-     * 0}, // i = 23 {4, 3, 1}, {18, 0, 0}, {6, 2, 1}, {2, 0, 0}, {19, 0, 0}, //
-     * i = 24 {7, 6, 5}, {21, 0, 0}, {1, 0, 0}, {7, 2, 1}, {5, 0, 0}, // i = 25
-     * {3, 0, 0}, {8, 3, 2}, {17, 0, 0}, {9, 8, 2}, {57, 0, 0}, // i = 26 {11,
-     * 0, 0}, {5, 3, 2}, {21, 0, 0}, {8, 7, 1}, {8, 5, 3}, // i = 27 {15, 0, 0},
-     * {10, 4, 1}, {21, 0, 0}, {5, 3, 2}, {7, 4, 2}, // i = 28 {52, 0, 0}, {71,
-     * 0, 0}, {14, 0, 0}, {27, 0, 0}, {10, 9, 7}, // i = 29 {53, 0, 0}, {3, 0,
-     * 0}, {6, 3, 2}, {1, 0, 0}, {15, 0, 0}, // i = 30 {62, 0, 0}, {9, 0, 0},
-     * {6, 5, 2}, {8, 6, 5}, {31, 0, 0}, // i = 31 {5, 3, 2}, {18, 0, 0 }, {27,
-     * 0, 0}, {7, 6, 3}, {10, 8, 7}, // i = 32 {9, 8, 3}, {37, 0, 0}, {6, 0, 0},
-     * {15, 3, 2}, {34, 0, 0}, // i = 33 {11, 0, 0}, {6, 5, 2}, {1, 0, 0}, {8,
-     * 5, 2}, {13, 0, 0}, // i = 34 {6, 0, 0}, {11, 3, 2}, {8, 0, 0}, {31, 0,
-     * 0}, {4, 2, 1}, // i = 35 {3, 0, 0}, {7, 6, 1}, {81, 0, 0}, {56, 0, 0},
-     * {9, 8, 7}, // i = 36 {24, 0, 0}, {11, 0, 0}, {7, 6, 5}, {6, 5, 2}, {6, 5,
-     * 2}, // i = 37 {8, 7, 6}, {9, 0, 0}, {7, 2, 1}, {15, 0, 0}, {87, 0, 0}, //
-     * i = 38 {8, 3, 2}, {3, 0, 0}, {9, 4, 2}, {9, 0, 0}, {34, 0, 0}, // i = 39
-     * {5, 3, 2}, {14, 0, 0}, {55, 0, 0}, {8, 7, 1}, {27, 0, 0}, // i = 40 {9,
-     * 5, 2}, {10, 9, 5}, {43, 0, 0}, {8, 6, 2}, {6, 0, 0}, // i = 41 {7, 0, 0},
-     * {11, 10, 8}, {105, 0, 0}, {6, 5, 2}, {73, 0, 0}}; // i = 42
-     */
-    // /////////////////////////////////////////////////////////////////////
-    // member variables
-    // /////////////////////////////////////////////////////////////////////
-    private static final int MAXLONG = 64;
-
-    /**
-     * holds the length of the array-representation of degree mDegree.
-     */
-    private int mLength;
-
-    /**
-     * holds the number of relevant bits in mONBPol[mLength-1].
-     */
-    private int mBit;
-
-    /**
-     * holds the type of mONB
-     */
-    private int mType;
-
-    /**
-     * holds the multiplication matrix
-     */
-    int[][] mMult;
-
-    // /////////////////////////////////////////////////////////////////////
-    // constructors
-    // /////////////////////////////////////////////////////////////////////
-
-    /**
-     * constructs an instance of the finite field with 2<sup>deg</sup>
-     * elements and characteristic 2.
-     *
-     * @param deg -the extention degree of this field
-     * @param random - a source of randomness for generating polynomials on the field.
-     */
-    public GF2nONBField(int deg, SecureRandom random)
-        throws RuntimeException
-    {
-        super(random);
-
-        if (deg < 3)
-        {
-            throw new IllegalArgumentException("k must be at least 3");
-        }
-
-        mDegree = deg;
-        mLength = mDegree / MAXLONG;
-        mBit = mDegree & (MAXLONG - 1);
-        if (mBit == 0)
-        {
-            mBit = MAXLONG;
-        }
-        else
-        {
-            mLength++;
-        }
-
-        computeType();
-
-        // only ONB-implementations for type 1 and type 2
-        //
-        if (mType < 3)
-        {
-            mMult = new int[mDegree][2];
-            for (int i = 0; i < mDegree; i++)
-            {
-                mMult[i][0] = -1;
-                mMult[i][1] = -1;
-            }
-            computeMultMatrix();
-        }
-        else
-        {
-            throw new RuntimeException("\nThe type of this field is "
-                + mType);
-        }
-        computeFieldPolynomial();
-        fields = new Vector();
-        matrices = new Vector();
-    }
-
-    // /////////////////////////////////////////////////////////////////////
-    // access
-    // /////////////////////////////////////////////////////////////////////
-
-    int getONBLength()
-    {
-        return mLength;
-    }
-
-    int getONBBit()
-    {
-        return mBit;
-    }
-
-    // /////////////////////////////////////////////////////////////////////
-    // arithmetic
-    // /////////////////////////////////////////////////////////////////////
-
-    /**
-     * Computes a random root of the given polynomial.
-     *
-     * @param polynomial a polynomial
-     * @return a random root of the polynomial
-     * @see "P1363 A.5.6, p103f"
-     */
-    protected GF2nElement getRandomRoot(GF2Polynomial polynomial)
-    {
-        // We are in B1!!!
-        GF2nPolynomial c;
-        GF2nPolynomial ut;
-        GF2nElement u;
-        GF2nPolynomial h;
-        int hDegree;
-        // 1. Set g(t) <- f(t)
-        GF2nPolynomial g = new GF2nPolynomial(polynomial, this);
-        int gDegree = g.getDegree();
-        int i;
-
-        // 2. while deg(g) > 1
-        while (gDegree > 1)
-        {
-            do
-            {
-                // 2.1 choose random u (element of) GF(2^m)
-                u = new GF2nONBElement(this, random);
-                ut = new GF2nPolynomial(2, GF2nONBElement.ZERO(this));
-                // 2.2 Set c(t) <- ut
-                ut.set(1, u);
-                c = new GF2nPolynomial(ut);
-                // 2.3 For i from 1 to m-1 do
-                for (i = 1; i <= mDegree - 1; i++)
-                {
-                    // 2.3.1 c(t) <- (c(t)^2 + ut) mod g(t)
-                    c = c.multiplyAndReduce(c, g);
-                    c = c.add(ut);
-                }
-                // 2.4 set h(t) <- GCD(c(t), g(t))
-                h = c.gcd(g);
-                // 2.5 if h(t) is constant or deg(g) = deg(h) then go to
-                // step 2.1
-                hDegree = h.getDegree();
-                gDegree = g.getDegree();
-            }
-            while ((hDegree == 0) || (hDegree == gDegree));
-            // 2.6 If 2deg(h) > deg(g) then set g(t) <- g(t)/h(t) ...
-            if ((hDegree << 1) > gDegree)
-            {
-                g = g.quotient(h);
-            }
-            else
-            {
-                // ... else g(t) <- h(t)
-                g = new GF2nPolynomial(h);
-            }
-            gDegree = g.getDegree();
-        }
-        // 3. Output g(0)
-        return g.at(0);
-
-    }
-
-    /**
-     * Computes the change-of-basis matrix for basis conversion according to
-     * 1363. The result is stored in the lists fields and matrices.
-     *
-     * @param B1 the GF2nField to convert to
-     * @see "P1363 A.7.3, p111ff"
-     */
-    protected void computeCOBMatrix(GF2nField B1)
-    {
-        // we are in B0 here!
-        if (mDegree != B1.mDegree)
-        {
-            throw new IllegalArgumentException(
-                "GF2nField.computeCOBMatrix: B1 has a "
-                    + "different degree and thus cannot be coverted to!");
-        }
-        int i, j;
-        GF2nElement[] gamma;
-        GF2nElement u;
-        GF2Polynomial[] COBMatrix = new GF2Polynomial[mDegree];
-        for (i = 0; i < mDegree; i++)
-        {
-            COBMatrix[i] = new GF2Polynomial(mDegree);
-        }
-
-        // find Random Root
-        do
-        {
-            // u is in representation according to B1
-            u = B1.getRandomRoot(fieldPolynomial);
-        }
-        while (u.isZero());
-
-        gamma = new GF2nPolynomialElement[mDegree];
-        // build gamma matrix by squaring
-        gamma[0] = (GF2nElement)u.clone();
-        for (i = 1; i < mDegree; i++)
-        {
-            gamma[i] = gamma[i - 1].square();
-        }
-        // convert horizontal gamma matrix by vertical Bitstrings
-        for (i = 0; i < mDegree; i++)
-        {
-            for (j = 0; j < mDegree; j++)
-            {
-                if (gamma[i].testBit(j))
-                {
-                    COBMatrix[mDegree - j - 1].setBit(mDegree - i - 1);
-                }
-            }
-        }
-
-        fields.addElement(B1);
-        matrices.addElement(COBMatrix);
-        B1.fields.addElement(this);
-        B1.matrices.addElement(invertMatrix(COBMatrix));
-    }
-
-    /**
-     * Computes the field polynomial for a ONB according to IEEE 1363 A.7.2
-     * (p110f).
-     *
-     * @see "P1363 A.7.2, p110f"
-     */
-    protected void computeFieldPolynomial()
-    {
-        if (mType == 1)
-        {
-            fieldPolynomial = new GF2Polynomial(mDegree + 1, "ALL");
-        }
-        else if (mType == 2)
-        {
-            // 1. q = 1
-            GF2Polynomial q = new GF2Polynomial(mDegree + 1, "ONE");
-            // 2. p = t+1
-            GF2Polynomial p = new GF2Polynomial(mDegree + 1, "X");
-            p.addToThis(q);
-            GF2Polynomial r;
-            int i;
-            // 3. for i = 1 to (m-1) do
-            for (i = 1; i < mDegree; i++)
-            {
-                // r <- q
-                r = q;
-                // q <- p
-                q = p;
-                // p = tq+r
-                p = q.shiftLeft();
-                p.addToThis(r);
-            }
-            fieldPolynomial = p;
-        }
-    }
-
-    /**
-     * Compute the inverse of a matrix <tt>a</tt>.
-     *
-     * @param a the matrix
-     * @return <tt>a<sup>-1</sup></tt>
-     */
-    int[][] invMatrix(int[][] a)
-    {
-
-        int[][] A = new int[mDegree][mDegree];
-        A = a;
-        int[][] inv = new int[mDegree][mDegree];
-
-        for (int i = 0; i < mDegree; i++)
-        {
-            inv[i][i] = 1;
-        }
-
-        for (int i = 0; i < mDegree; i++)
-        {
-            for (int j = i; j < mDegree; j++)
-            {
-                A[mDegree - 1 - i][j] = A[i][i];
-            }
-        }
-        return null;
-    }
-
-    private void computeType()
-        throws RuntimeException
-    {
-        if ((mDegree & 7) == 0)
-        {
-            throw new RuntimeException(
-                "The extension degree is divisible by 8!");
-        }
-        // checking for the type
-        int s = 0;
-        int k = 0;
-        mType = 1;
-        for (int d = 0; d != 1; mType++)
-        {
-            s = mType * mDegree + 1;
-            if (IntegerFunctions.isPrime(s))
-            {
-                k = IntegerFunctions.order(2, s);
-                d = IntegerFunctions.gcd(mType * mDegree / k, mDegree);
-            }
-        }
-        mType--;
-        if (mType == 1)
-        {
-            s = (mDegree << 1) + 1;
-            if (IntegerFunctions.isPrime(s))
-            {
-                k = IntegerFunctions.order(2, s);
-                int d = IntegerFunctions.gcd((mDegree << 1) / k, mDegree);
-                if (d == 1)
-                {
-                    mType++;
-                }
-            }
-        }
-    }
-
-    private void computeMultMatrix()
-    {
-
-        if ((mType & 7) != 0)
-        {
-            int p = mType * mDegree + 1;
-
-            // compute sequence F[1] ... F[p-1] via A.3.7. of 1363.
-            // F[0] will not be filled!
-            //
-            int[] F = new int[p];
-
-            int u;
-            if (mType == 1)
-            {
-                u = 1;
-            }
-            else if (mType == 2)
-            {
-                u = p - 1;
-            }
-            else
-            {
-                u = elementOfOrder(mType, p);
-            }
-
-            int w = 1;
-            int n;
-            for (int j = 0; j < mType; j++)
-            {
-                n = w;
-
-                for (int i = 0; i < mDegree; i++)
-                {
-                    F[n] = i;
-                    n = (n << 1) % p;
-                    if (n < 0)
-                    {
-                        n += p;
-                    }
-                }
-                w = u * w % p;
-                if (w < 0)
-                {
-                    w += p;
-                }
-            }
-
-            // building the matrix (mDegree * 2)
-            //
-            if (mType == 1)
-            {
-                for (int k = 1; k < p - 1; k++)
-                {
-                    if (mMult[F[k + 1]][0] == -1)
-                    {
-                        mMult[F[k + 1]][0] = F[p - k];
-                    }
-                    else
-                    {
-                        mMult[F[k + 1]][1] = F[p - k];
-                    }
-                }
-
-                int m_2 = mDegree >> 1;
-                for (int k = 1; k <= m_2; k++)
-                {
-
-                    if (mMult[k - 1][0] == -1)
-                    {
-                        mMult[k - 1][0] = m_2 + k - 1;
-                    }
-                    else
-                    {
-                        mMult[k - 1][1] = m_2 + k - 1;
-                    }
-
-                    if (mMult[m_2 + k - 1][0] == -1)
-                    {
-                        mMult[m_2 + k - 1][0] = k - 1;
-                    }
-                    else
-                    {
-                        mMult[m_2 + k - 1][1] = k - 1;
-                    }
-                }
-            }
-            else if (mType == 2)
-            {
-                for (int k = 1; k < p - 1; k++)
-                {
-                    if (mMult[F[k + 1]][0] == -1)
-                    {
-                        mMult[F[k + 1]][0] = F[p - k];
-                    }
-                    else
-                    {
-                        mMult[F[k + 1]][1] = F[p - k];
-                    }
-                }
-            }
-            else
-            {
-                throw new RuntimeException("only type 1 or type 2 implemented");
-            }
-        }
-        else
-        {
-            throw new RuntimeException("bisher nur fuer Gausssche Normalbasen"
-                + " implementiert");
-        }
-    }
-
-    private int elementOfOrder(int k, int p)
-    {
-        Random random = new Random();
-        int m = 0;
-        while (m == 0)
-        {
-            m = random.nextInt();
-            m %= p - 1;
-            if (m < 0)
-            {
-                m += p - 1;
-            }
-        }
-
-        int l = IntegerFunctions.order(m, p);
-
-        while (l % k != 0 || l == 0)
-        {
-            while (m == 0)
-            {
-                m = random.nextInt();
-                m %= p - 1;
-                if (m < 0)
-                {
-                    m += p - 1;
-                }
-            }
-            l = IntegerFunctions.order(m, p);
-        }
-        int r = m;
-
-        l = k / l;
-
-        for (int i = 2; i <= l; i++)
-        {
-            r *= m;
-        }
-
-        return r;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2nPolynomial.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2nPolynomial.java
deleted file mode 100644
index 29d69d8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2nPolynomial.java
+++ /dev/null

@@ -1,561 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-
-/**
- * This class implements polynomials over GF2nElements.
- *
- * @see GF2nElement
- */
-
-public class GF2nPolynomial
-{
-
-    private GF2nElement[] coeff; // keeps the coefficients of this polynomial
-
-    private int size; // the size of this polynomial
-
-    /**
-     * Creates a new PolynomialGF2n of size <i>deg</i> and elem as
-     * coefficients.
-     *
-     * @param deg  -
-     *             the maximum degree + 1
-     * @param elem -
-     *             a GF2nElement
-     */
-    public GF2nPolynomial(int deg, GF2nElement elem)
-    {
-        size = deg;
-        coeff = new GF2nElement[size];
-        for (int i = 0; i < size; i++)
-        {
-            coeff[i] = (GF2nElement)elem.clone();
-        }
-    }
-
-    /**
-     * Creates a new PolynomialGF2n of size <i>deg</i>.
-     *
-     * @param deg the maximum degree + 1
-     */
-    private GF2nPolynomial(int deg)
-    {
-        size = deg;
-        coeff = new GF2nElement[size];
-    }
-
-    /**
-     * Creates a new PolynomialGF2n by cloning the given PolynomialGF2n <i>a</i>.
-     *
-     * @param a the PolynomialGF2n to clone
-     */
-    public GF2nPolynomial(GF2nPolynomial a)
-    {
-        int i;
-        coeff = new GF2nElement[a.size];
-        size = a.size;
-        for (i = 0; i < size; i++)
-        {
-            coeff[i] = (GF2nElement)a.coeff[i].clone();
-        }
-    }
-
-    /**
-     * Creates a new PolynomialGF2n from the given Bitstring <i>polynomial</i>
-     * over the GF2nField <i>B1</i>.
-     *
-     * @param polynomial the Bitstring to use
-     * @param B1         the field
-     */
-    public GF2nPolynomial(GF2Polynomial polynomial, GF2nField B1)
-    {
-        size = B1.getDegree() + 1;
-        coeff = new GF2nElement[size];
-        int i;
-        if (B1 instanceof GF2nONBField)
-        {
-            for (i = 0; i < size; i++)
-            {
-                if (polynomial.testBit(i))
-                {
-                    coeff[i] = GF2nONBElement.ONE((GF2nONBField)B1);
-                }
-                else
-                {
-                    coeff[i] = GF2nONBElement.ZERO((GF2nONBField)B1);
-                }
-            }
-        }
-        else if (B1 instanceof GF2nPolynomialField)
-        {
-            for (i = 0; i < size; i++)
-            {
-                if (polynomial.testBit(i))
-                {
-                    coeff[i] = GF2nPolynomialElement
-                        .ONE((GF2nPolynomialField)B1);
-                }
-                else
-                {
-                    coeff[i] = GF2nPolynomialElement
-                        .ZERO((GF2nPolynomialField)B1);
-                }
-            }
-        }
-        else
-        {
-            throw new IllegalArgumentException(
-                "PolynomialGF2n(Bitstring, GF2nField): B1 must be "
-                    + "an instance of GF2nONBField or GF2nPolynomialField!");
-        }
-    }
-
-    public final void assignZeroToElements()
-    {
-        int i;
-        for (i = 0; i < size; i++)
-        {
-            coeff[i].assignZero();
-        }
-    }
-
-    /**
-     * Returns the size (=maximum degree + 1) of this PolynomialGF2n. This is
-     * not the degree, use getDegree instead.
-     *
-     * @return the size (=maximum degree + 1) of this PolynomialGF2n.
-     */
-    public final int size()
-    {
-        return size;
-    }
-
-    /**
-     * Returns the degree of this PolynomialGF2n.
-     *
-     * @return the degree of this PolynomialGF2n.
-     */
-    public final int getDegree()
-    {
-        int i;
-        for (i = size - 1; i >= 0; i--)
-        {
-            if (!coeff[i].isZero())
-            {
-                return i;
-            }
-        }
-        return -1;
-    }
-
-    /**
-     * Enlarges the size of this PolynomialGF2n to <i>k</i> + 1.
-     *
-     * @param k the new maximum degree
-     */
-    public final void enlarge(int k)
-    {
-        if (k <= size)
-        {
-            return;
-        }
-        int i;
-        GF2nElement[] res = new GF2nElement[k];
-        System.arraycopy(coeff, 0, res, 0, size);
-        GF2nField f = coeff[0].getField();
-        if (coeff[0] instanceof GF2nPolynomialElement)
-        {
-            for (i = size; i < k; i++)
-            {
-                res[i] = GF2nPolynomialElement.ZERO((GF2nPolynomialField)f);
-            }
-        }
-        else if (coeff[0] instanceof GF2nONBElement)
-        {
-            for (i = size; i < k; i++)
-            {
-                res[i] = GF2nONBElement.ZERO((GF2nONBField)f);
-            }
-        }
-        size = k;
-        coeff = res;
-    }
-
-    public final void shrink()
-    {
-        int i = size - 1;
-        while (coeff[i].isZero() && (i > 0))
-        {
-            i--;
-        }
-        i++;
-        if (i < size)
-        {
-            GF2nElement[] res = new GF2nElement[i];
-            System.arraycopy(coeff, 0, res, 0, i);
-            coeff = res;
-            size = i;
-        }
-    }
-
-    /**
-     * Sets the coefficient at <i>index</i> to <i>elem</i>.
-     *
-     * @param index the index
-     * @param elem  the GF2nElement to store as coefficient <i>index</i>
-     */
-    public final void set(int index, GF2nElement elem)
-    {
-        if (!(elem instanceof GF2nPolynomialElement)
-            && !(elem instanceof GF2nONBElement))
-        {
-            throw new IllegalArgumentException(
-                "PolynomialGF2n.set f must be an "
-                    + "instance of either GF2nPolynomialElement or GF2nONBElement!");
-        }
-        coeff[index] = (GF2nElement)elem.clone();
-    }
-
-    /**
-     * Returns the coefficient at <i>index</i>.
-     *
-     * @param index the index
-     * @return the GF2nElement stored as coefficient <i>index</i>
-     */
-    public final GF2nElement at(int index)
-    {
-        return coeff[index];
-    }
-
-    /**
-     * Returns true if all coefficients equal zero.
-     *
-     * @return true if all coefficients equal zero.
-     */
-    public final boolean isZero()
-    {
-        int i;
-        for (i = 0; i < size; i++)
-        {
-            if (coeff[i] != null)
-            {
-                if (!coeff[i].isZero())
-                {
-                    return false;
-                }
-            }
-        }
-        return true;
-    }
-
-    public final boolean equals(Object other)
-    {
-        if (other == null || !(other instanceof GF2nPolynomial))
-        {
-            return false;
-        }
-
-        GF2nPolynomial otherPol = (GF2nPolynomial)other;
-
-        if (getDegree() != otherPol.getDegree())
-        {
-            return false;
-        }
-        int i;
-        for (i = 0; i < size; i++)
-        {
-            if (!coeff[i].equals(otherPol.coeff[i]))
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    /**
-     * @return the hash code of this polynomial
-     */
-    public int hashCode()
-    {
-        return getDegree() + coeff.hashCode();
-    }
-
-    /**
-     * Adds the PolynomialGF2n <tt>b</tt> to <tt>this</tt> and returns the
-     * result in a new <tt>PolynomialGF2n</tt>.
-     *
-     * @param b -
-     *          the <tt>PolynomialGF2n</tt> to add
-     * @return <tt>this + b</tt>
-     */
-    public final GF2nPolynomial add(GF2nPolynomial b)
-    {
-        GF2nPolynomial result;
-        if (size() >= b.size())
-        {
-            result = new GF2nPolynomial(size());
-            int i;
-            for (i = 0; i < b.size(); i++)
-            {
-                result.coeff[i] = (GF2nElement)coeff[i].add(b.coeff[i]);
-            }
-            for (; i < size(); i++)
-            {
-                result.coeff[i] = coeff[i];
-            }
-        }
-        else
-        {
-            result = new GF2nPolynomial(b.size());
-            int i;
-            for (i = 0; i < size(); i++)
-            {
-                result.coeff[i] = (GF2nElement)coeff[i].add(b.coeff[i]);
-            }
-            for (; i < b.size(); i++)
-            {
-                result.coeff[i] = b.coeff[i];
-            }
-        }
-        return result;
-    }
-
-    /**
-     * Multiplies the scalar <i>s</i> to each coefficient of this
-     * PolynomialGF2n and returns the result in a new PolynomialGF2n.
-     *
-     * @param s the scalar to multiply
-     * @return <i>this</i> x <i>s</i>
-     */
-    public final GF2nPolynomial scalarMultiply(GF2nElement s)
-    {
-        GF2nPolynomial result = new GF2nPolynomial(size());
-        int i;
-        for (i = 0; i < size(); i++)
-        {
-            result.coeff[i] = (GF2nElement)coeff[i].multiply(s); // result[i]
-            // =
-            // a[i]*s
-        }
-        return result;
-    }
-
-    /**
-     * Multiplies <i>this</i> by <i>b</i> and returns the result in a new
-     * PolynomialGF2n.
-     *
-     * @param b the PolynomialGF2n to multiply
-     * @return <i>this</i> * <i>b</i>
-     */
-    public final GF2nPolynomial multiply(GF2nPolynomial b)
-    {
-        int i, j;
-        int aDegree = size();
-        int bDegree = b.size();
-        if (aDegree != bDegree)
-        {
-            throw new IllegalArgumentException(
-                "PolynomialGF2n.multiply: this and b must "
-                    + "have the same size!");
-        }
-        GF2nPolynomial result = new GF2nPolynomial((aDegree << 1) - 1);
-        for (i = 0; i < size(); i++)
-        {
-            for (j = 0; j < b.size(); j++)
-            {
-                if (result.coeff[i + j] == null)
-                {
-                    result.coeff[i + j] = (GF2nElement)coeff[i]
-                        .multiply(b.coeff[j]);
-                }
-                else
-                {
-                    result.coeff[i + j] = (GF2nElement)result.coeff[i + j]
-                        .add(coeff[i].multiply(b.coeff[j]));
-                }
-            }
-        }
-        return result;
-    }
-
-    /**
-     * Multiplies <i>this</i> by <i>b</i>, reduces the result by <i>g</i> and
-     * returns it in a new PolynomialGF2n.
-     *
-     * @param b the PolynomialGF2n to multiply
-     * @param g the modul
-     * @return <i>this</i> * <i>b</i> mod <i>g</i>
-     */
-    public final GF2nPolynomial multiplyAndReduce(GF2nPolynomial b,
-                                                  GF2nPolynomial g)
-    {
-        return multiply(b).reduce(g);
-    }
-
-    /**
-     * Reduces <i>this</i> by <i>g</i> and returns the result in a new
-     * PolynomialGF2n.
-     *
-     * @param g -
-     *          the modulus
-     * @return <i>this</i> % <i>g</i>
-     */
-    public final GF2nPolynomial reduce(GF2nPolynomial g)
-        throws RuntimeException, ArithmeticException
-    {
-        return remainder(g); // return this % g
-    }
-
-    /**
-     * Shifts left <i>this</i> by <i>amount</i> and stores the result in
-     * <i>this</i> PolynomialGF2n.
-     *
-     * @param amount the amount to shift the coefficients
-     */
-    public final void shiftThisLeft(int amount)
-    {
-        if (amount > 0)
-        {
-            int i;
-            int oldSize = size;
-            GF2nField f = coeff[0].getField();
-            enlarge(size + amount);
-            for (i = oldSize - 1; i >= 0; i--)
-            {
-                coeff[i + amount] = coeff[i];
-            }
-            if (coeff[0] instanceof GF2nPolynomialElement)
-            {
-                for (i = amount - 1; i >= 0; i--)
-                {
-                    coeff[i] = GF2nPolynomialElement
-                        .ZERO((GF2nPolynomialField)f);
-                }
-            }
-            else if (coeff[0] instanceof GF2nONBElement)
-            {
-                for (i = amount - 1; i >= 0; i--)
-                {
-                    coeff[i] = GF2nONBElement.ZERO((GF2nONBField)f);
-                }
-            }
-        }
-    }
-
-    public final GF2nPolynomial shiftLeft(int amount)
-    {
-        if (amount <= 0)
-        {
-            return new GF2nPolynomial(this);
-        }
-        GF2nPolynomial result = new GF2nPolynomial(size + amount, coeff[0]);
-        result.assignZeroToElements();
-        for (int i = 0; i < size; i++)
-        {
-            result.coeff[i + amount] = coeff[i];
-        }
-        return result;
-    }
-
-    /**
-     * Divides <i>this</i> by <i>b</i> and stores the result in a new
-     * PolynomialGF2n[2], quotient in result[0] and remainder in result[1].
-     *
-     * @param b the divisor
-     * @return the quotient and remainder of <i>this</i> / <i>b</i>
-     */
-    public final GF2nPolynomial[] divide(GF2nPolynomial b)
-    {
-        GF2nPolynomial[] result = new GF2nPolynomial[2];
-        GF2nPolynomial a = new GF2nPolynomial(this);
-        a.shrink();
-        GF2nPolynomial shift;
-        GF2nElement factor;
-        int bDegree = b.getDegree();
-        GF2nElement inv = (GF2nElement)b.coeff[bDegree].invert();
-        if (a.getDegree() < bDegree)
-        {
-            result[0] = new GF2nPolynomial(this);
-            result[0].assignZeroToElements();
-            result[0].shrink();
-            result[1] = new GF2nPolynomial(this);
-            result[1].shrink();
-            return result;
-        }
-        result[0] = new GF2nPolynomial(this);
-        result[0].assignZeroToElements();
-        int i = a.getDegree() - bDegree;
-        while (i >= 0)
-        {
-            factor = (GF2nElement)a.coeff[a.getDegree()].multiply(inv);
-            shift = b.scalarMultiply(factor);
-            shift.shiftThisLeft(i);
-            a = a.add(shift);
-            a.shrink();
-            result[0].coeff[i] = (GF2nElement)factor.clone();
-            i = a.getDegree() - bDegree;
-        }
-        result[1] = a;
-        result[0].shrink();
-        return result;
-    }
-
-    /**
-     * Divides <i>this</i> by <i>b</i> and stores the remainder in a new
-     * PolynomialGF2n.
-     *
-     * @param b the divisor
-     * @return the remainder <i>this</i> % <i>b</i>
-     */
-    public final GF2nPolynomial remainder(GF2nPolynomial b)
-        throws RuntimeException, ArithmeticException
-    {
-        GF2nPolynomial[] result = new GF2nPolynomial[2];
-        result = divide(b);
-        return result[1];
-    }
-
-    /**
-     * Divides <i>this</i> by <i>b</i> and stores the quotient in a new
-     * PolynomialGF2n.
-     *
-     * @param b the divisor
-     * @return the quotient <i>this</i> / <i>b</i>
-     */
-    public final GF2nPolynomial quotient(GF2nPolynomial b)
-        throws RuntimeException, ArithmeticException
-    {
-        GF2nPolynomial[] result = new GF2nPolynomial[2];
-        result = divide(b);
-        return result[0];
-    }
-
-    /**
-     * Computes the greatest common divisor of <i>this</i> and <i>g</i> and
-     * returns the result in a new PolynomialGF2n.
-     *
-     * @param g -
-     *          a GF2nPolynomial
-     * @return gcd(<i>this</i>, <i>g</i>)
-     */
-    public final GF2nPolynomial gcd(GF2nPolynomial g)
-    {
-        GF2nPolynomial a = new GF2nPolynomial(this);
-        GF2nPolynomial b = new GF2nPolynomial(g);
-        a.shrink();
-        b.shrink();
-        GF2nPolynomial c;
-        GF2nPolynomial result;
-        GF2nElement alpha;
-        while (!b.isZero())
-        {
-            c = a.remainder(b);
-            a = b;
-            b = c;
-        }
-        alpha = a.coeff[a.getDegree()];
-        result = a.scalarMultiply((GF2nElement)alpha.invert());
-        return result;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2nPolynomialElement.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2nPolynomialElement.java
deleted file mode 100644
index 36b2033..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2nPolynomialElement.java
+++ /dev/null

@@ -1,1015 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-
-import java.math.BigInteger;
-import java.util.Random;
-
-
-/**
- * This class implements elements of finite binary fields <i>GF(2<sup>n</sup>)</i>
- * using polynomial representation. For more information on the arithmetic see
- * for example IEEE Standard 1363 or <a
- * href=http://www.certicom.com/research/online.html> Certicom online-tutorial</a>.
- *
- * @see "GF2nField"
- * @see GF2nPolynomialField
- * @see GF2nONBElement
- * @see GF2Polynomial
- */
-public class GF2nPolynomialElement
-    extends GF2nElement
-{
-
-    // pre-computed Bitmask for fast masking, bitMask[a]=0x1 << a
-    private static final int[] bitMask = {0x00000001, 0x00000002, 0x00000004,
-        0x00000008, 0x00000010, 0x00000020, 0x00000040, 0x00000080,
-        0x00000100, 0x00000200, 0x00000400, 0x00000800, 0x00001000,
-        0x00002000, 0x00004000, 0x00008000, 0x00010000, 0x00020000,
-        0x00040000, 0x00080000, 0x00100000, 0x00200000, 0x00400000,
-        0x00800000, 0x01000000, 0x02000000, 0x04000000, 0x08000000,
-        0x10000000, 0x20000000, 0x40000000, 0x80000000, 0x00000000};
-
-    // the used GF2Polynomial which stores the coefficients
-    private GF2Polynomial polynomial;
-
-    /**
-     * Create a new random GF2nPolynomialElement using the given field and
-     * source of randomness.
-     *
-     * @param f    the GF2nField to use
-     * @param rand the source of randomness
-     */
-    public GF2nPolynomialElement(GF2nPolynomialField f, Random rand)
-    {
-        mField = f;
-        mDegree = mField.getDegree();
-        polynomial = new GF2Polynomial(mDegree);
-        randomize(rand);
-    }
-
-    /**
-     * Creates a new GF2nPolynomialElement using the given field and Bitstring.
-     *
-     * @param f  the GF2nPolynomialField to use
-     * @param bs the desired value as Bitstring
-     */
-    public GF2nPolynomialElement(GF2nPolynomialField f, GF2Polynomial bs)
-    {
-        mField = f;
-        mDegree = mField.getDegree();
-        polynomial = new GF2Polynomial(bs);
-        polynomial.expandN(mDegree);
-    }
-
-    /**
-     * Creates a new GF2nPolynomialElement using the given field <i>f</i> and
-     * byte[] <i>os</i> as value. The conversion is done according to 1363.
-     *
-     * @param f  the GF2nField to use
-     * @param os the octet string to assign to this GF2nPolynomialElement
-     * @see "P1363 5.5.5 p23, OS2FEP/OS2BSP"
-     */
-    public GF2nPolynomialElement(GF2nPolynomialField f, byte[] os)
-    {
-        mField = f;
-        mDegree = mField.getDegree();
-        polynomial = new GF2Polynomial(mDegree, os);
-        polynomial.expandN(mDegree);
-    }
-
-    /**
-     * Creates a new GF2nPolynomialElement using the given field <i>f</i> and
-     * int[] <i>is</i> as value.
-     *
-     * @param f  the GF2nField to use
-     * @param is the integer string to assign to this GF2nPolynomialElement
-     */
-    public GF2nPolynomialElement(GF2nPolynomialField f, int[] is)
-    {
-        mField = f;
-        mDegree = mField.getDegree();
-        polynomial = new GF2Polynomial(mDegree, is);
-        polynomial.expandN(f.mDegree);
-    }
-
-    /**
-     * Creates a new GF2nPolynomialElement by cloning the given
-     * GF2nPolynomialElement <i>b</i>.
-     *
-     * @param other the GF2nPolynomialElement to clone
-     */
-    public GF2nPolynomialElement(GF2nPolynomialElement other)
-    {
-        mField = other.mField;
-        mDegree = other.mDegree;
-        polynomial = new GF2Polynomial(other.polynomial);
-    }
-
-    // /////////////////////////////////////////////////////////////////////
-    // pseudo-constructors
-    // /////////////////////////////////////////////////////////////////////
-
-    /**
-     * Creates a new GF2nPolynomialElement by cloning this
-     * GF2nPolynomialElement.
-     *
-     * @return a copy of this element
-     */
-    public Object clone()
-    {
-        return new GF2nPolynomialElement(this);
-    }
-
-    // /////////////////////////////////////////////////////////////////////
-    // assignments
-    // /////////////////////////////////////////////////////////////////////
-
-    /**
-     * Assigns the value 'zero' to this Polynomial.
-     */
-    void assignZero()
-    {
-        polynomial.assignZero();
-    }
-
-    /**
-     * Create the zero element.
-     *
-     * @param f the finite field
-     * @return the zero element in the given finite field
-     */
-    public static GF2nPolynomialElement ZERO(GF2nPolynomialField f)
-    {
-        GF2Polynomial polynomial = new GF2Polynomial(f.getDegree());
-        return new GF2nPolynomialElement(f, polynomial);
-    }
-
-    /**
-     * Create the one element.
-     *
-     * @param f the finite field
-     * @return the one element in the given finite field
-     */
-    public static GF2nPolynomialElement ONE(GF2nPolynomialField f)
-    {
-        GF2Polynomial polynomial = new GF2Polynomial(f.getDegree(),
-            new int[]{1});
-        return new GF2nPolynomialElement(f, polynomial);
-    }
-
-    /**
-     * Assigns the value 'one' to this Polynomial.
-     */
-    void assignOne()
-    {
-        polynomial.assignOne();
-    }
-
-    /**
-     * Assign a random value to this GF2nPolynomialElement using the specified
-     * source of randomness.
-     *
-     * @param rand the source of randomness
-     */
-    private void randomize(Random rand)
-    {
-        polynomial.expandN(mDegree);
-        polynomial.randomize(rand);
-    }
-
-    // /////////////////////////////////////////////////////////////////////
-    // comparison
-    // /////////////////////////////////////////////////////////////////////
-
-    /**
-     * Checks whether this element is zero.
-     *
-     * @return <tt>true</tt> if <tt>this</tt> is the zero element
-     */
-    public boolean isZero()
-    {
-        return polynomial.isZero();
-    }
-
-    /**
-     * Tests if the GF2nPolynomialElement has 'one' as value.
-     *
-     * @return true if <i>this</i> equals one (this == 1)
-     */
-    public boolean isOne()
-    {
-        return polynomial.isOne();
-    }
-
-    /**
-     * Compare this element with another object.
-     *
-     * @param other the other object
-     * @return <tt>true</tt> if the two objects are equal, <tt>false</tt>
-     *         otherwise
-     */
-    public boolean equals(Object other)
-    {
-        if (other == null || !(other instanceof GF2nPolynomialElement))
-        {
-            return false;
-        }
-        GF2nPolynomialElement otherElem = (GF2nPolynomialElement)other;
-
-        if (mField != otherElem.mField)
-        {
-            if (!mField.getFieldPolynomial().equals(
-                otherElem.mField.getFieldPolynomial()))
-            {
-                return false;
-            }
-        }
-
-        return polynomial.equals(otherElem.polynomial);
-    }
-
-    /**
-     * @return the hash code of this element
-     */
-    public int hashCode()
-    {
-        return mField.hashCode() + polynomial.hashCode();
-    }
-
-    // /////////////////////////////////////////////////////////////////////
-    // access
-    // /////////////////////////////////////////////////////////////////////
-
-    /**
-     * Returns the value of this GF2nPolynomialElement in a new Bitstring.
-     *
-     * @return the value of this GF2nPolynomialElement in a new Bitstring
-     */
-    private GF2Polynomial getGF2Polynomial()
-    {
-        return new GF2Polynomial(polynomial);
-    }
-
-    /**
-     * Checks whether the indexed bit of the bit representation is set.
-     *
-     * @param index the index of the bit to test
-     * @return <tt>true</tt> if the indexed bit is set
-     */
-    boolean testBit(int index)
-    {
-        return polynomial.testBit(index);
-    }
-
-    /**
-     * Returns whether the rightmost bit of the bit representation is set. This
-     * is needed for data conversion according to 1363.
-     *
-     * @return true if the rightmost bit of this element is set
-     */
-    public boolean testRightmostBit()
-    {
-        return polynomial.testBit(0);
-    }
-
-    /**
-     * Compute the sum of this element and <tt>addend</tt>.
-     *
-     * @param addend the addend
-     * @return <tt>this + other</tt> (newly created)
-     */
-    public GFElement add(GFElement addend)
-        throws RuntimeException
-    {
-        GF2nPolynomialElement result = new GF2nPolynomialElement(this);
-        result.addToThis(addend);
-        return result;
-    }
-
-    /**
-     * Compute <tt>this + addend</tt> (overwrite <tt>this</tt>).
-     *
-     * @param addend the addend
-     */
-    public void addToThis(GFElement addend)
-        throws RuntimeException
-    {
-        if (!(addend instanceof GF2nPolynomialElement))
-        {
-            throw new RuntimeException();
-        }
-        if (!mField.equals(((GF2nPolynomialElement)addend).mField))
-        {
-            throw new RuntimeException();
-        }
-        polynomial.addToThis(((GF2nPolynomialElement)addend).polynomial);
-    }
-
-    /**
-     * Returns <tt>this</tt> element + 'one".
-     *
-     * @return <tt>this</tt> + 'one'
-     */
-    public GF2nElement increase()
-    {
-        GF2nPolynomialElement result = new GF2nPolynomialElement(this);
-        result.increaseThis();
-        return result;
-    }
-
-    /**
-     * Increases this element by 'one'.
-     */
-    public void increaseThis()
-    {
-        polynomial.increaseThis();
-    }
-
-    /**
-     * Compute the product of this element and <tt>factor</tt>.
-     *
-     * @param factor the factor
-     * @return <tt>this * factor</tt> (newly created)
-     */
-    public GFElement multiply(GFElement factor)
-        throws RuntimeException
-    {
-        GF2nPolynomialElement result = new GF2nPolynomialElement(this);
-        result.multiplyThisBy(factor);
-        return result;
-    }
-
-    /**
-     * Compute <tt>this * factor</tt> (overwrite <tt>this</tt>).
-     *
-     * @param factor the factor
-     */
-    public void multiplyThisBy(GFElement factor)
-        throws RuntimeException
-    {
-        if (!(factor instanceof GF2nPolynomialElement))
-        {
-            throw new RuntimeException();
-        }
-        if (!mField.equals(((GF2nPolynomialElement)factor).mField))
-        {
-            throw new RuntimeException();
-        }
-        if (equals(factor))
-        {
-            squareThis();
-            return;
-        }
-        polynomial = polynomial
-            .multiply(((GF2nPolynomialElement)factor).polynomial);
-        reduceThis();
-    }
-
-    /**
-     * Compute the multiplicative inverse of this element.
-     *
-     * @return <tt>this<sup>-1</sup></tt> (newly created)
-     * @throws ArithmeticException if <tt>this</tt> is the zero element.
-     * @see GF2nPolynomialElement#invertMAIA
-     * @see GF2nPolynomialElement#invertEEA
-     * @see GF2nPolynomialElement#invertSquare
-     */
-    public GFElement invert()
-        throws ArithmeticException
-    {
-        return invertMAIA();
-    }
-
-    /**
-     * Calculates the multiplicative inverse of <i>this</i> and returns the
-     * result in a new GF2nPolynomialElement.
-     *
-     * @return <i>this</i>^(-1)
-     * @throws ArithmeticException if <i>this</i> equals zero
-     */
-    public GF2nPolynomialElement invertEEA()
-        throws ArithmeticException
-    {
-        if (isZero())
-        {
-            throw new ArithmeticException();
-        }
-        GF2Polynomial b = new GF2Polynomial(mDegree + 32, "ONE");
-        b.reduceN();
-        GF2Polynomial c = new GF2Polynomial(mDegree + 32);
-        c.reduceN();
-        GF2Polynomial u = getGF2Polynomial();
-        GF2Polynomial v = mField.getFieldPolynomial();
-        GF2Polynomial h;
-        int j;
-        u.reduceN();
-        while (!u.isOne())
-        {
-            u.reduceN();
-            v.reduceN();
-            j = u.getLength() - v.getLength();
-            if (j < 0)
-            {
-                h = u;
-                u = v;
-                v = h;
-                h = b;
-                b = c;
-                c = h;
-                j = -j;
-                c.reduceN(); // this increases the performance
-            }
-            u.shiftLeftAddThis(v, j);
-            b.shiftLeftAddThis(c, j);
-        }
-        b.reduceN();
-        return new GF2nPolynomialElement((GF2nPolynomialField)mField, b);
-    }
-
-    /**
-     * Calculates the multiplicative inverse of <i>this</i> and returns the
-     * result in a new GF2nPolynomialElement.
-     *
-     * @return <i>this</i>^(-1)
-     * @throws ArithmeticException if <i>this</i> equals zero
-     */
-    public GF2nPolynomialElement invertSquare()
-        throws ArithmeticException
-    {
-        GF2nPolynomialElement n;
-        GF2nPolynomialElement u;
-        int i, j, k, b;
-
-        if (isZero())
-        {
-            throw new ArithmeticException();
-        }
-        // b = (n-1)
-        b = mField.getDegree() - 1;
-        // n = a
-        n = new GF2nPolynomialElement(this);
-        n.polynomial.expandN((mDegree << 1) + 32); // increase performance
-        n.polynomial.reduceN();
-        // k = 1
-        k = 1;
-
-        // for i = (r-1) downto 0 do, r=bitlength(b)
-        for (i = IntegerFunctions.floorLog(b) - 1; i >= 0; i--)
-        {
-            // u = n
-            u = new GF2nPolynomialElement(n);
-            // for j = 1 to k do
-            for (j = 1; j <= k; j++)
-            {
-                // u = u^2
-                u.squareThisPreCalc();
-            }
-            // n = nu
-            n.multiplyThisBy(u);
-            // k = 2k
-            k <<= 1;
-            // if b(i)==1
-            if ((b & bitMask[i]) != 0)
-            {
-                // n = n^2 * b
-                n.squareThisPreCalc();
-                n.multiplyThisBy(this);
-                // k = k+1
-                k += 1;
-            }
-        }
-
-        // outpur n^2
-        n.squareThisPreCalc();
-        return n;
-    }
-
-    /**
-     * Calculates the multiplicative inverse of <i>this</i> using the modified
-     * almost inverse algorithm and returns the result in a new
-     * GF2nPolynomialElement.
-     *
-     * @return <i>this</i>^(-1)
-     * @throws ArithmeticException if <i>this</i> equals zero
-     */
-    public GF2nPolynomialElement invertMAIA()
-        throws ArithmeticException
-    {
-        if (isZero())
-        {
-            throw new ArithmeticException();
-        }
-        GF2Polynomial b = new GF2Polynomial(mDegree, "ONE");
-        GF2Polynomial c = new GF2Polynomial(mDegree);
-        GF2Polynomial u = getGF2Polynomial();
-        GF2Polynomial v = mField.getFieldPolynomial();
-        GF2Polynomial h;
-        while (true)
-        {
-            while (!u.testBit(0))
-            { // x|u (x divides u)
-                u.shiftRightThis(); // u = u / x
-                if (!b.testBit(0))
-                {
-                    b.shiftRightThis();
-                }
-                else
-                {
-                    b.addToThis(mField.getFieldPolynomial());
-                    b.shiftRightThis();
-                }
-            }
-            if (u.isOne())
-            {
-                return new GF2nPolynomialElement((GF2nPolynomialField)mField,
-                    b);
-            }
-            u.reduceN();
-            v.reduceN();
-            if (u.getLength() < v.getLength())
-            {
-                h = u;
-                u = v;
-                v = h;
-                h = b;
-                b = c;
-                c = h;
-            }
-            u.addToThis(v);
-            b.addToThis(c);
-        }
-    }
-
-    /**
-     * This method is used internally to map the square()-calls within
-     * GF2nPolynomialElement to one of the possible squaring methods.
-     *
-     * @return <tt>this<sup>2</sup></tt> (newly created)
-     * @see GF2nPolynomialElement#squarePreCalc
-     */
-    public GF2nElement square()
-    {
-        return squarePreCalc();
-    }
-
-    /**
-     * This method is used internally to map the square()-calls within
-     * GF2nPolynomialElement to one of the possible squaring methods.
-     */
-    public void squareThis()
-    {
-        squareThisPreCalc();
-    }
-
-    /**
-     * Squares this GF2nPolynomialElement using GF2nField's squaring matrix.
-     * This is supposed to be fast when using a polynomial (no tri- or
-     * pentanomial) as fieldpolynomial. Use squarePreCalc when using a tri- or
-     * pentanomial as fieldpolynomial instead.
-     *
-     * @return <tt>this<sup>2</sup></tt> (newly created)
-     * @see GF2Polynomial#vectorMult
-     * @see GF2nPolynomialElement#squarePreCalc
-     * @see GF2nPolynomialElement#squareBitwise
-     */
-    public GF2nPolynomialElement squareMatrix()
-    {
-        GF2nPolynomialElement result = new GF2nPolynomialElement(this);
-        result.squareThisMatrix();
-        result.reduceThis();
-        return result;
-    }
-
-    /**
-     * Squares this GF2nPolynomialElement using GF2nFields squaring matrix. This
-     * is supposed to be fast when using a polynomial (no tri- or pentanomial)
-     * as fieldpolynomial. Use squarePreCalc when using a tri- or pentanomial as
-     * fieldpolynomial instead.
-     *
-     * @see GF2Polynomial#vectorMult
-     * @see GF2nPolynomialElement#squarePreCalc
-     * @see GF2nPolynomialElement#squareBitwise
-     */
-    public void squareThisMatrix()
-    {
-        GF2Polynomial result = new GF2Polynomial(mDegree);
-        for (int i = 0; i < mDegree; i++)
-        {
-            if (polynomial
-                .vectorMult(((GF2nPolynomialField)mField).squaringMatrix[mDegree
-                    - i - 1]))
-            {
-                result.setBit(i);
-
-            }
-        }
-        polynomial = result;
-    }
-
-    /**
-     * Squares this GF2nPolynomialElement by shifting left its Bitstring and
-     * reducing. This is supposed to be the slowest method. Use squarePreCalc or
-     * squareMatrix instead.
-     *
-     * @return <tt>this<sup>2</sup></tt> (newly created)
-     * @see GF2nPolynomialElement#squareMatrix
-     * @see GF2nPolynomialElement#squarePreCalc
-     * @see GF2Polynomial#squareThisBitwise
-     */
-    public GF2nPolynomialElement squareBitwise()
-    {
-        GF2nPolynomialElement result = new GF2nPolynomialElement(this);
-        result.squareThisBitwise();
-        result.reduceThis();
-        return result;
-    }
-
-    /**
-     * Squares this GF2nPolynomialElement by shifting left its Bitstring and
-     * reducing. This is supposed to be the slowest method. Use squarePreCalc or
-     * squareMatrix instead.
-     *
-     * @see GF2nPolynomialElement#squareMatrix
-     * @see GF2nPolynomialElement#squarePreCalc
-     * @see GF2Polynomial#squareThisBitwise
-     */
-    public void squareThisBitwise()
-    {
-        polynomial.squareThisBitwise();
-        reduceThis();
-    }
-
-    /**
-     * Squares this GF2nPolynomialElement by using precalculated values and
-     * reducing. This is supposed to de fastest when using a trinomial or
-     * pentanomial as field polynomial. Use squareMatrix when using a ordinary
-     * polynomial as field polynomial.
-     *
-     * @return <tt>this<sup>2</sup></tt> (newly created)
-     * @see GF2nPolynomialElement#squareMatrix
-     * @see GF2Polynomial#squareThisPreCalc
-     */
-    public GF2nPolynomialElement squarePreCalc()
-    {
-        GF2nPolynomialElement result = new GF2nPolynomialElement(this);
-        result.squareThisPreCalc();
-        result.reduceThis();
-        return result;
-    }
-
-    /**
-     * Squares this GF2nPolynomialElement by using precalculated values and
-     * reducing. This is supposed to de fastest when using a tri- or pentanomial
-     * as fieldpolynomial. Use squareMatrix when using a ordinary polynomial as
-     * fieldpolynomial.
-     *
-     * @see GF2nPolynomialElement#squareMatrix
-     * @see GF2Polynomial#squareThisPreCalc
-     */
-    public void squareThisPreCalc()
-    {
-        polynomial.squareThisPreCalc();
-        reduceThis();
-    }
-
-    /**
-     * Calculates <i>this</i> to the power of <i>k</i> and returns the result
-     * in a new GF2nPolynomialElement.
-     *
-     * @param k the power
-     * @return <i>this</i>^<i>k</i> in a new GF2nPolynomialElement
-     */
-    public GF2nPolynomialElement power(int k)
-    {
-        if (k == 1)
-        {
-            return new GF2nPolynomialElement(this);
-        }
-
-        GF2nPolynomialElement result = GF2nPolynomialElement
-            .ONE((GF2nPolynomialField)mField);
-        if (k == 0)
-        {
-            return result;
-        }
-
-        GF2nPolynomialElement x = new GF2nPolynomialElement(this);
-        x.polynomial.expandN((x.mDegree << 1) + 32); // increase performance
-        x.polynomial.reduceN();
-
-        for (int i = 0; i < mDegree; i++)
-        {
-            if ((k & (1 << i)) != 0)
-            {
-                result.multiplyThisBy(x);
-            }
-            x.square();
-        }
-
-        return result;
-    }
-
-    /**
-     * Compute the square root of this element and return the result in a new
-     * {@link GF2nPolynomialElement}.
-     *
-     * @return <tt>this<sup>1/2</sup></tt> (newly created)
-     */
-    public GF2nElement squareRoot()
-    {
-        GF2nPolynomialElement result = new GF2nPolynomialElement(this);
-        result.squareRootThis();
-        return result;
-    }
-
-    /**
-     * Compute the square root of this element.
-     */
-    public void squareRootThis()
-    {
-        // increase performance
-        polynomial.expandN((mDegree << 1) + 32);
-        polynomial.reduceN();
-        for (int i = 0; i < mField.getDegree() - 1; i++)
-        {
-            squareThis();
-        }
-    }
-
-    /**
-     * Solves the quadratic equation <tt>z<sup>2</sup> + z = this</tt> if
-     * such a solution exists. This method returns one of the two possible
-     * solutions. The other solution is <tt>z + 1</tt>. Use z.increase() to
-     * compute this solution.
-     *
-     * @return a GF2nPolynomialElement representing one z satisfying the
-     *         equation <tt>z<sup>2</sup> + z = this</tt>
-     * @see "IEEE 1363, Annex A.4.7"
-     */
-    public GF2nElement solveQuadraticEquation()
-        throws RuntimeException
-    {
-        if (isZero())
-        {
-            return ZERO((GF2nPolynomialField)mField);
-        }
-
-        if ((mDegree & 1) == 1)
-        {
-            return halfTrace();
-        }
-
-        // TODO this can be sped-up by precomputation of p and w's
-        GF2nPolynomialElement z, w;
-        do
-        {
-            // step 1.
-            GF2nPolynomialElement p = new GF2nPolynomialElement(
-                (GF2nPolynomialField)mField, new Random());
-            // step 2.
-            z = ZERO((GF2nPolynomialField)mField);
-            w = (GF2nPolynomialElement)p.clone();
-            // step 3.
-            for (int i = 1; i < mDegree; i++)
-            {
-                // compute z = z^2 + w^2 * this
-                // and w = w^2 + p
-                z.squareThis();
-                w.squareThis();
-                z.addToThis(w.multiply(this));
-                w.addToThis(p);
-            }
-        }
-        while (w.isZero()); // step 4.
-
-        if (!equals(z.square().add(z)))
-        {
-            throw new RuntimeException();
-        }
-
-        // step 5.
-        return z;
-    }
-
-    /**
-     * Returns the trace of this GF2nPolynomialElement.
-     *
-     * @return the trace of this GF2nPolynomialElement
-     */
-    public int trace()
-    {
-        GF2nPolynomialElement t = new GF2nPolynomialElement(this);
-        int i;
-
-        for (i = 1; i < mDegree; i++)
-        {
-            t.squareThis();
-            t.addToThis(this);
-        }
-
-        if (t.isOne())
-        {
-            return 1;
-        }
-        return 0;
-    }
-
-    /**
-     * Returns the half-trace of this GF2nPolynomialElement.
-     *
-     * @return a GF2nPolynomialElement representing the half-trace of this
-     *         GF2nPolynomialElement.
-     */
-    private GF2nPolynomialElement halfTrace()
-        throws RuntimeException
-    {
-        if ((mDegree & 0x01) == 0)
-        {
-            throw new RuntimeException();
-        }
-        int i;
-        GF2nPolynomialElement h = new GF2nPolynomialElement(this);
-
-        for (i = 1; i <= ((mDegree - 1) >> 1); i++)
-        {
-            h.squareThis();
-            h.squareThis();
-            h.addToThis(this);
-        }
-
-        return h;
-    }
-
-    /**
-     * Reduces this GF2nPolynomialElement modulo the field-polynomial.
-     *
-     * @see GF2Polynomial#reduceTrinomial
-     * @see GF2Polynomial#reducePentanomial
-     */
-    private void reduceThis()
-    {
-        if (polynomial.getLength() > mDegree)
-        { // really reduce ?
-            if (((GF2nPolynomialField)mField).isTrinomial())
-            { // fieldpolonomial
-                // is trinomial
-                int tc;
-                try
-                {
-                    tc = ((GF2nPolynomialField)mField).getTc();
-                }
-                catch (RuntimeException NATExc)
-                {
-                    throw new RuntimeException(
-                        "GF2nPolynomialElement.reduce: the field"
-                            + " polynomial is not a trinomial");
-                }
-                if (((mDegree - tc) <= 32) // do we have to use slow
-                    // bitwise reduction ?
-                    || (polynomial.getLength() > (mDegree << 1)))
-                {
-                    reduceTrinomialBitwise(tc);
-                    return;
-                }
-                polynomial.reduceTrinomial(mDegree, tc);
-                return;
-            }
-            else if (((GF2nPolynomialField)mField).isPentanomial())
-            { // fieldpolynomial
-                // is
-                // pentanomial
-                int[] pc;
-                try
-                {
-                    pc = ((GF2nPolynomialField)mField).getPc();
-                }
-                catch (RuntimeException NATExc)
-                {
-                    throw new RuntimeException(
-                        "GF2nPolynomialElement.reduce: the field"
-                            + " polynomial is not a pentanomial");
-                }
-                if (((mDegree - pc[2]) <= 32) // do we have to use slow
-                    // bitwise reduction ?
-                    || (polynomial.getLength() > (mDegree << 1)))
-                {
-                    reducePentanomialBitwise(pc);
-                    return;
-                }
-                polynomial.reducePentanomial(mDegree, pc);
-                return;
-            }
-            else
-            { // fieldpolynomial is something else
-                polynomial = polynomial.remainder(mField.getFieldPolynomial());
-                polynomial.expandN(mDegree);
-                return;
-            }
-        }
-        if (polynomial.getLength() < mDegree)
-        {
-            polynomial.expandN(mDegree);
-        }
-    }
-
-    /**
-     * Reduce this GF2nPolynomialElement using the trinomial x^n + x^tc + 1 as
-     * fieldpolynomial. The coefficients are reduced bit by bit.
-     */
-    private void reduceTrinomialBitwise(int tc)
-    {
-        int i;
-        int k = mDegree - tc;
-        for (i = polynomial.getLength() - 1; i >= mDegree; i--)
-        {
-            if (polynomial.testBit(i))
-            {
-
-                polynomial.xorBit(i);
-                polynomial.xorBit(i - k);
-                polynomial.xorBit(i - mDegree);
-
-            }
-        }
-        polynomial.reduceN();
-        polynomial.expandN(mDegree);
-    }
-
-    /**
-     * Reduce this GF2nPolynomialElement using the pentanomial x^n + x^pc[2] +
-     * x^pc[1] + x^pc[0] + 1 as fieldpolynomial. The coefficients are reduced
-     * bit by bit.
-     */
-    private void reducePentanomialBitwise(int[] pc)
-    {
-        int i;
-        int k = mDegree - pc[2];
-        int l = mDegree - pc[1];
-        int m = mDegree - pc[0];
-        for (i = polynomial.getLength() - 1; i >= mDegree; i--)
-        {
-            if (polynomial.testBit(i))
-            {
-                polynomial.xorBit(i);
-                polynomial.xorBit(i - k);
-                polynomial.xorBit(i - l);
-                polynomial.xorBit(i - m);
-                polynomial.xorBit(i - mDegree);
-
-            }
-        }
-        polynomial.reduceN();
-        polynomial.expandN(mDegree);
-    }
-
-    // /////////////////////////////////////////////////////////////////////
-    // conversion
-    // /////////////////////////////////////////////////////////////////////
-
-    /**
-     * Returns a string representing this Bitstrings value using hexadecimal
-     * radix in MSB-first order.
-     *
-     * @return a String representing this Bitstrings value.
-     */
-    public String toString()
-    {
-        return polynomial.toString(16);
-    }
-
-    /**
-     * Returns a string representing this Bitstrings value using hexadecimal or
-     * binary radix in MSB-first order.
-     *
-     * @param radix the radix to use (2 or 16, otherwise 2 is used)
-     * @return a String representing this Bitstrings value.
-     */
-    public String toString(int radix)
-    {
-        return polynomial.toString(radix);
-    }
-
-    /**
-     * Converts this GF2nPolynomialElement to a byte[] according to 1363.
-     *
-     * @return a byte[] representing the value of this GF2nPolynomialElement
-     * @see "P1363 5.5.2 p22f BS2OSP, FE2OSP"
-     */
-    public byte[] toByteArray()
-    {
-        return polynomial.toByteArray();
-    }
-
-    /**
-     * Converts this GF2nPolynomialElement to an integer according to 1363.
-     *
-     * @return a BigInteger representing the value of this
-     *         GF2nPolynomialElement
-     * @see "P1363 5.5.1 p22 BS2IP"
-     */
-    public BigInteger toFlexiBigInt()
-    {
-        return polynomial.toFlexiBigInt();
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2nPolynomialField.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2nPolynomialField.java
deleted file mode 100644
index 6ed15f6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GF2nPolynomialField.java
+++ /dev/null

@@ -1,559 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-
-import java.security.SecureRandom;
-import java.util.Vector;
-
-
-/**
- * This class implements the abstract class <tt>GF2nField</tt> for polynomial
- * representation. It computes the field polynomial and the squaring matrix.
- * GF2nField is used by GF2nPolynomialElement which implements the elements of
- * this field.
- *
- * @see GF2nField
- * @see GF2nPolynomialElement
- */
-public class GF2nPolynomialField
-    extends GF2nField
-{
-
-    /**
-     * Matrix used for fast squaring
-     */
-    GF2Polynomial[] squaringMatrix;
-
-    // field polynomial is a trinomial
-    private boolean isTrinomial = false;
-
-    // field polynomial is a pentanomial
-    private boolean isPentanomial = false;
-
-    // middle coefficient of the field polynomial in case it is a trinomial
-    private int tc;
-
-    // middle 3 coefficients of the field polynomial in case it is a pentanomial
-    private int[] pc = new int[3];
-
-    /**
-     * constructs an instance of the finite field with 2<sup>deg</sup>
-     * elements and characteristic 2.
-     *
-     * @param deg the extention degree of this field
-     * @param random     source of randomness for generating new polynomials.
-     */
-    public GF2nPolynomialField(int deg, SecureRandom random)
-    {
-        super(random);
-
-        if (deg < 3)
-        {
-            throw new IllegalArgumentException("k must be at least 3");
-        }
-        mDegree = deg;
-        computeFieldPolynomial();
-        computeSquaringMatrix();
-        fields = new Vector();
-        matrices = new Vector();
-    }
-
-    /**
-     * constructs an instance of the finite field with 2<sup>deg</sup>
-     * elements and characteristic 2.
-     *
-     * @param deg  the degree of this field
-     * @param random     source of randomness for generating new polynomials.
-     * @param file true if you want to read the field polynomial from the
-     *             file false if you want to use a random fielpolynomial
-     *             (this can take very long for huge degrees)
-     */
-    public GF2nPolynomialField(int deg, SecureRandom random, boolean file)
-    {
-        super(random);
-
-        if (deg < 3)
-        {
-            throw new IllegalArgumentException("k must be at least 3");
-        }
-        mDegree = deg;
-        if (file)
-        {
-            computeFieldPolynomial();
-        }
-        else
-        {
-            computeFieldPolynomial2();
-        }
-        computeSquaringMatrix();
-        fields = new Vector();
-        matrices = new Vector();
-    }
-
-    /**
-     * Creates a new GF2nField of degree <i>i</i> and uses the given
-     * <i>polynomial</i> as field polynomial. The <i>polynomial</i> is checked
-     * whether it is irreducible. This can take some time if <i>i</i> is huge!
-     *
-     * @param deg        degree of the GF2nField
-     * @param random     source of randomness for generating new polynomials.
-     * @param polynomial the field polynomial to use
-     */
-    public GF2nPolynomialField(int deg, SecureRandom random, GF2Polynomial polynomial)
-        throws RuntimeException
-    {
-        super(random);
-
-        if (deg < 3)
-        {
-            throw new IllegalArgumentException("degree must be at least 3");
-        }
-        if (polynomial.getLength() != deg + 1)
-        {
-            throw new RuntimeException();
-        }
-        if (!polynomial.isIrreducible())
-        {
-            throw new RuntimeException();
-        }
-        mDegree = deg;
-        // fieldPolynomial = new Bitstring(polynomial);
-        fieldPolynomial = polynomial;
-        computeSquaringMatrix();
-        int k = 2; // check if the polynomial is a trinomial or pentanomial
-        for (int j = 1; j < fieldPolynomial.getLength() - 1; j++)
-        {
-            if (fieldPolynomial.testBit(j))
-            {
-                k++;
-                if (k == 3)
-                {
-                    tc = j;
-                }
-                if (k <= 5)
-                {
-                    pc[k - 3] = j;
-                }
-            }
-        }
-        if (k == 3)
-        {
-            isTrinomial = true;
-        }
-        if (k == 5)
-        {
-            isPentanomial = true;
-        }
-        fields = new Vector();
-        matrices = new Vector();
-    }
-
-    /**
-     * Returns true if the field polynomial is a trinomial. The coefficient can
-     * be retrieved using getTc().
-     *
-     * @return true if the field polynomial is a trinomial
-     */
-    public boolean isTrinomial()
-    {
-        return isTrinomial;
-    }
-
-    /**
-     * Returns true if the field polynomial is a pentanomial. The coefficients
-     * can be retrieved using getPc().
-     *
-     * @return true if the field polynomial is a pentanomial
-     */
-    public boolean isPentanomial()
-    {
-        return isPentanomial;
-    }
-
-    /**
-     * Returns the degree of the middle coefficient of the used field trinomial
-     * (x^n + x^(getTc()) + 1).
-     *
-     * @return the middle coefficient of the used field trinomial
-     */
-    public int getTc()
-        throws RuntimeException
-    {
-        if (!isTrinomial)
-        {
-            throw new RuntimeException();
-        }
-        return tc;
-    }
-
-    /**
-     * Returns the degree of the middle coefficients of the used field
-     * pentanomial (x^n + x^(getPc()[2]) + x^(getPc()[1]) + x^(getPc()[0]) + 1).
-     *
-     * @return the middle coefficients of the used field pentanomial
-     */
-    public int[] getPc()
-        throws RuntimeException
-    {
-        if (!isPentanomial)
-        {
-            throw new RuntimeException();
-        }
-        int[] result = new int[3];
-        System.arraycopy(pc, 0, result, 0, 3);
-        return result;
-    }
-
-    /**
-     * Return row vector i of the squaring matrix.
-     *
-     * @param i the index of the row vector to return
-     * @return a copy of squaringMatrix[i]
-     * @see GF2nPolynomialElement#squareMatrix
-     */
-    public GF2Polynomial getSquaringVector(int i)
-    {
-        return new GF2Polynomial(squaringMatrix[i]);
-    }
-
-    /**
-     * Compute a random root of the given GF2Polynomial.
-     *
-     * @param polynomial the polynomial
-     * @return a random root of <tt>polynomial</tt>
-     */
-    protected GF2nElement getRandomRoot(GF2Polynomial polynomial)
-    {
-        // We are in B1!!!
-        GF2nPolynomial c;
-        GF2nPolynomial ut;
-        GF2nElement u;
-        GF2nPolynomial h;
-        int hDegree;
-        // 1. Set g(t) <- f(t)
-        GF2nPolynomial g = new GF2nPolynomial(polynomial, this);
-        int gDegree = g.getDegree();
-        int i;
-
-        // 2. while deg(g) > 1
-        while (gDegree > 1)
-        {
-            do
-            {
-                // 2.1 choose random u (element of) GF(2^m)
-                u = new GF2nPolynomialElement(this, random);
-                ut = new GF2nPolynomial(2, GF2nPolynomialElement.ZERO(this));
-                // 2.2 Set c(t) <- ut
-                ut.set(1, u);
-                c = new GF2nPolynomial(ut);
-                // 2.3 For i from 1 to m-1 do
-                for (i = 1; i <= mDegree - 1; i++)
-                {
-                    // 2.3.1 c(t) <- (c(t)^2 + ut) mod g(t)
-                    c = c.multiplyAndReduce(c, g);
-                    c = c.add(ut);
-                }
-                // 2.4 set h(t) <- GCD(c(t), g(t))
-                h = c.gcd(g);
-                // 2.5 if h(t) is constant or deg(g) = deg(h) then go to
-                // step 2.1
-                hDegree = h.getDegree();
-                gDegree = g.getDegree();
-            }
-            while ((hDegree == 0) || (hDegree == gDegree));
-            // 2.6 If 2deg(h) > deg(g) then set g(t) <- g(t)/h(t) ...
-            if ((hDegree << 1) > gDegree)
-            {
-                g = g.quotient(h);
-            }
-            else
-            {
-                // ... else g(t) <- h(t)
-                g = new GF2nPolynomial(h);
-            }
-            gDegree = g.getDegree();
-        }
-        // 3. Output g(0)
-        return g.at(0);
-
-    }
-
-    /**
-     * Computes the change-of-basis matrix for basis conversion according to
-     * 1363. The result is stored in the lists fields and matrices.
-     *
-     * @param B1 the GF2nField to convert to
-     * @see "P1363 A.7.3, p111ff"
-     */
-    protected void computeCOBMatrix(GF2nField B1)
-    {
-        // we are in B0 here!
-        if (mDegree != B1.mDegree)
-        {
-            throw new IllegalArgumentException(
-                "GF2nPolynomialField.computeCOBMatrix: B1 has a different "
-                    + "degree and thus cannot be coverted to!");
-        }
-        if (B1 instanceof GF2nONBField)
-        {
-            // speedup (calculation is done in PolynomialElements instead of
-            // ONB)
-            B1.computeCOBMatrix(this);
-            return;
-        }
-        int i, j;
-        GF2nElement[] gamma;
-        GF2nElement u;
-        GF2Polynomial[] COBMatrix = new GF2Polynomial[mDegree];
-        for (i = 0; i < mDegree; i++)
-        {
-            COBMatrix[i] = new GF2Polynomial(mDegree);
-        }
-
-        // find Random Root
-        do
-        {
-            // u is in representation according to B1
-            u = B1.getRandomRoot(fieldPolynomial);
-        }
-        while (u.isZero());
-
-        // build gamma matrix by multiplying by u
-        if (u instanceof GF2nONBElement)
-        {
-            gamma = new GF2nONBElement[mDegree];
-            gamma[mDegree - 1] = GF2nONBElement.ONE((GF2nONBField)B1);
-        }
-        else
-        {
-            gamma = new GF2nPolynomialElement[mDegree];
-            gamma[mDegree - 1] = GF2nPolynomialElement
-                .ONE((GF2nPolynomialField)B1);
-        }
-        gamma[mDegree - 2] = u;
-        for (i = mDegree - 3; i >= 0; i--)
-        {
-            gamma[i] = (GF2nElement)gamma[i + 1].multiply(u);
-        }
-        if (B1 instanceof GF2nONBField)
-        {
-            // convert horizontal gamma matrix by vertical Bitstrings
-            for (i = 0; i < mDegree; i++)
-            {
-                for (j = 0; j < mDegree; j++)
-                {
-                    // TODO remember: ONB treats its Bits in reverse order !!!
-                    if (gamma[i].testBit(mDegree - j - 1))
-                    {
-                        COBMatrix[mDegree - j - 1].setBit(mDegree - i - 1);
-                    }
-                }
-            }
-        }
-        else
-        {
-            // convert horizontal gamma matrix by vertical Bitstrings
-            for (i = 0; i < mDegree; i++)
-            {
-                for (j = 0; j < mDegree; j++)
-                {
-                    if (gamma[i].testBit(j))
-                    {
-                        COBMatrix[mDegree - j - 1].setBit(mDegree - i - 1);
-                    }
-                }
-            }
-        }
-
-        // store field and matrix for further use
-        fields.addElement(B1);
-        matrices.addElement(COBMatrix);
-        // store field and inverse matrix for further use in B1
-        B1.fields.addElement(this);
-        B1.matrices.addElement(invertMatrix(COBMatrix));
-    }
-
-    /**
-     * Computes a new squaring matrix used for fast squaring.
-     *
-     * @see GF2nPolynomialElement#square
-     */
-    private void computeSquaringMatrix()
-    {
-        GF2Polynomial[] d = new GF2Polynomial[mDegree - 1];
-        int i, j;
-        squaringMatrix = new GF2Polynomial[mDegree];
-        for (i = 0; i < squaringMatrix.length; i++)
-        {
-            squaringMatrix[i] = new GF2Polynomial(mDegree, "ZERO");
-        }
-
-        for (i = 0; i < mDegree - 1; i++)
-        {
-            d[i] = new GF2Polynomial(1, "ONE").shiftLeft(mDegree + i)
-                .remainder(fieldPolynomial);
-        }
-        for (i = 1; i <= Math.abs(mDegree >> 1); i++)
-        {
-            for (j = 1; j <= mDegree; j++)
-            {
-                if (d[mDegree - (i << 1)].testBit(mDegree - j))
-                {
-                    squaringMatrix[j - 1].setBit(mDegree - i);
-                }
-            }
-        }
-        for (i = Math.abs(mDegree >> 1) + 1; i <= mDegree; i++)
-        {
-            squaringMatrix[(i << 1) - mDegree - 1].setBit(mDegree - i);
-        }
-
-    }
-
-    /**
-     * Computes the field polynomial. This can take a long time for big degrees.
-     */
-    protected void computeFieldPolynomial()
-    {
-        if (testTrinomials())
-        {
-            return;
-        }
-        if (testPentanomials())
-        {
-            return;
-        }
-        testRandom();
-    }
-
-    /**
-     * Computes the field polynomial. This can take a long time for big degrees.
-     */
-    protected void computeFieldPolynomial2()
-    {
-        if (testTrinomials())
-        {
-            return;
-        }
-        if (testPentanomials())
-        {
-            return;
-        }
-        testRandom();
-    }
-
-    /**
-     * Tests all trinomials of degree (n+1) until a irreducible is found and
-     * stores the result in <i>field polynomial</i>. Returns false if no
-     * irreducible trinomial exists in GF(2^n). This can take very long for huge
-     * degrees.
-     *
-     * @return true if an irreducible trinomial is found
-     */
-    private boolean testTrinomials()
-    {
-        int i, l;
-        boolean done = false;
-        l = 0;
-
-        fieldPolynomial = new GF2Polynomial(mDegree + 1);
-        fieldPolynomial.setBit(0);
-        fieldPolynomial.setBit(mDegree);
-        for (i = 1; (i < mDegree) && !done; i++)
-        {
-            fieldPolynomial.setBit(i);
-            done = fieldPolynomial.isIrreducible();
-            l++;
-            if (done)
-            {
-                isTrinomial = true;
-                tc = i;
-                return done;
-            }
-            fieldPolynomial.resetBit(i);
-            done = fieldPolynomial.isIrreducible();
-        }
-
-        return done;
-    }
-
-    /**
-     * Tests all pentanomials of degree (n+1) until a irreducible is found and
-     * stores the result in <i>field polynomial</i>. Returns false if no
-     * irreducible pentanomial exists in GF(2^n). This can take very long for
-     * huge degrees.
-     *
-     * @return true if an irreducible pentanomial is found
-     */
-    private boolean testPentanomials()
-    {
-        int i, j, k, l;
-        boolean done = false;
-        l = 0;
-
-        fieldPolynomial = new GF2Polynomial(mDegree + 1);
-        fieldPolynomial.setBit(0);
-        fieldPolynomial.setBit(mDegree);
-        for (i = 1; (i <= (mDegree - 3)) && !done; i++)
-        {
-            fieldPolynomial.setBit(i);
-            for (j = i + 1; (j <= (mDegree - 2)) && !done; j++)
-            {
-                fieldPolynomial.setBit(j);
-                for (k = j + 1; (k <= (mDegree - 1)) && !done; k++)
-                {
-                    fieldPolynomial.setBit(k);
-                    if (((mDegree & 1) != 0) | ((i & 1) != 0) | ((j & 1) != 0)
-                        | ((k & 1) != 0))
-                    {
-                        done = fieldPolynomial.isIrreducible();
-                        l++;
-                        if (done)
-                        {
-                            isPentanomial = true;
-                            pc[0] = i;
-                            pc[1] = j;
-                            pc[2] = k;
-                            return done;
-                        }
-                    }
-                    fieldPolynomial.resetBit(k);
-                }
-                fieldPolynomial.resetBit(j);
-            }
-            fieldPolynomial.resetBit(i);
-        }
-
-        return done;
-    }
-
-    /**
-     * Tests random polynomials of degree (n+1) until an irreducible is found
-     * and stores the result in <i>field polynomial</i>. This can take very
-     * long for huge degrees.
-     *
-     * @return true
-     */
-    private boolean testRandom()
-    {
-        int l;
-        boolean done = false;
-
-        fieldPolynomial = new GF2Polynomial(mDegree + 1);
-        l = 0;
-        while (!done)
-        {
-            l++;
-            fieldPolynomial.randomize();
-            fieldPolynomial.setBit(mDegree);
-            fieldPolynomial.setBit(0);
-            if (fieldPolynomial.isIrreducible())
-            {
-                done = true;
-                return done;
-            }
-        }
-
-        return done;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GFElement.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GFElement.java
deleted file mode 100644
index aa3b428..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GFElement.java
+++ /dev/null

@@ -1,151 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-import java.math.BigInteger;
-
-
-/**
- * This interface defines a finite field element. It is implemented by the
- * class {@link GF2nElement}.
- *
- * @see GF2nElement
- */
-public interface GFElement
-{
-
-    /**
-     * @return a copy of this GFElement
-     */
-    Object clone();
-
-    // /////////////////////////////////////////////////////////////////
-    // comparison
-    // /////////////////////////////////////////////////////////////////
-
-    /**
-     * Compare this curve with another object.
-     *
-     * @param other the other object
-     * @return the result of the comparison
-     */
-    boolean equals(Object other);
-
-    /**
-     * @return the hash code of this element
-     */
-    int hashCode();
-
-    /**
-     * Checks whether this element is zero.
-     *
-     * @return <tt>true</tt> if <tt>this</tt> is the zero element
-     */
-    boolean isZero();
-
-    /**
-     * Checks whether this element is one.
-     *
-     * @return <tt>true</tt> if <tt>this</tt> is the one element
-     */
-    boolean isOne();
-
-    // /////////////////////////////////////////////////////////////////////
-    // arithmetic
-    // /////////////////////////////////////////////////////////////////////
-
-    /**
-     * Compute the sum of this element and the addend.
-     *
-     * @param addend the addend
-     * @return <tt>this + other</tt> (newly created)
-     */
-    GFElement add(GFElement addend)
-        throws RuntimeException;
-
-    /**
-     * Compute the sum of this element and the addend, overwriting this element.
-     *
-     * @param addend the addend
-     */
-    void addToThis(GFElement addend)
-        throws RuntimeException;
-
-    /**
-     * Compute the difference of this element and <tt>minuend</tt>.
-     *
-     * @param minuend the minuend
-     * @return <tt>this - minuend</tt> (newly created)
-     */
-    GFElement subtract(GFElement minuend)
-        throws RuntimeException;
-
-    /**
-     * Compute the difference of this element and <tt>minuend</tt>,
-     * overwriting this element.
-     *
-     * @param minuend the minuend
-     */
-    void subtractFromThis(GFElement minuend);
-
-    /**
-     * Compute the product of this element and <tt>factor</tt>.
-     *
-     * @param factor the factor
-     * @return <tt>this * factor</tt> (newly created)
-     */
-    GFElement multiply(GFElement factor)
-        throws RuntimeException;
-
-    /**
-     * Compute <tt>this * factor</tt> (overwrite <tt>this</tt>).
-     *
-     * @param factor the factor
-     */
-    void multiplyThisBy(GFElement factor)
-        throws RuntimeException;
-
-    /**
-     * Compute the multiplicative inverse of this element.
-     *
-     * @return <tt>this<sup>-1</sup></tt> (newly created)
-     * @throws ArithmeticException if <tt>this</tt> is the zero element.
-     */
-    GFElement invert()
-        throws ArithmeticException;
-
-    // /////////////////////////////////////////////////////////////////////
-    // conversion
-    // /////////////////////////////////////////////////////////////////////
-
-    /**
-     * Returns this element as FlexiBigInt. The conversion is <a
-     * href="http://grouper.ieee.org/groups/1363/">P1363</a>-conform.
-     *
-     * @return this element as BigInt
-     */
-    BigInteger toFlexiBigInt();
-
-    /**
-     * Returns this element as byte array. The conversion is <a href =
-     * "http://grouper.ieee.org/groups/1363/">P1363</a>-conform.
-     *
-     * @return this element as byte array
-     */
-    byte[] toByteArray();
-
-    /**
-     * Return a String representation of this element.
-     *
-     * @return String representation of this element
-     */
-    String toString();
-
-    /**
-     * Return a String representation of this element. <tt>radix</tt>
-     * specifies the radix of the String representation.
-     *
-     * @param radix specifies the radix of the String representation
-     * @return String representation of this element with the specified radix
-     */
-    String toString(int radix);
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GoppaCode.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GoppaCode.java
deleted file mode 100644
index cf82eae..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/GoppaCode.java
+++ /dev/null

@@ -1,310 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-import java.security.SecureRandom;
-
-/**
- * This class describes decoding operations of an irreducible binary Goppa code.
- * A check matrix H of the Goppa code and an irreducible Goppa polynomial are
- * used the operations are worked over a finite field GF(2^m)
- *
- * @see GF2mField
- * @see PolynomialGF2mSmallM
- */
-public final class GoppaCode
-{
-
-    /**
-     * Default constructor (private).
-     */
-    private GoppaCode()
-    {
-        // empty
-    }
-
-    /**
-     * This class is a container for two instances of {@link GF2Matrix} and one
-     * instance of {@link Permutation}. It is used to hold the systematic form
-     * <tt>S*H*P = (Id|M)</tt> of the check matrix <tt>H</tt> as returned by
-     * {@link GoppaCode#computeSystematicForm(GF2Matrix, SecureRandom)}.
-     *
-     * @see GF2Matrix
-     * @see Permutation
-     */
-    public static class MaMaPe
-    {
-
-        private GF2Matrix s, h;
-
-        private Permutation p;
-
-        /**
-         * Construct a new {@link MaMaPe} container with the given parameters.
-         *
-         * @param s the first matrix
-         * @param h the second matrix
-         * @param p the permutation
-         */
-        public MaMaPe(GF2Matrix s, GF2Matrix h, Permutation p)
-        {
-            this.s = s;
-            this.h = h;
-            this.p = p;
-        }
-
-        /**
-         * @return the first matrix
-         */
-        public GF2Matrix getFirstMatrix()
-        {
-            return s;
-        }
-
-        /**
-         * @return the second matrix
-         */
-        public GF2Matrix getSecondMatrix()
-        {
-            return h;
-        }
-
-        /**
-         * @return the permutation
-         */
-        public Permutation getPermutation()
-        {
-            return p;
-        }
-    }
-
-    /**
-     * This class is a container for an instance of {@link GF2Matrix} and one
-     * int[]. It is used to hold a generator matrix and the set of indices such
-     * that the submatrix of the generator matrix consisting of the specified
-     * columns is the identity.
-     *
-     * @see GF2Matrix
-     * @see Permutation
-     */
-    public static class MatrixSet
-    {
-
-        private GF2Matrix g;
-
-        private int[] setJ;
-
-        /**
-         * Construct a new {@link MatrixSet} container with the given
-         * parameters.
-         *
-         * @param g    the generator matrix
-         * @param setJ the set of indices such that the submatrix of the
-         *             generator matrix consisting of the specified columns
-         *             is the identity
-         */
-        public MatrixSet(GF2Matrix g, int[] setJ)
-        {
-            this.g = g;
-            this.setJ = setJ;
-        }
-
-        /**
-         * @return the generator matrix
-         */
-        public GF2Matrix getG()
-        {
-            return g;
-        }
-
-        /**
-         * @return the set of indices such that the submatrix of the generator
-         *         matrix consisting of the specified columns is the identity
-         */
-        public int[] getSetJ()
-        {
-            return setJ;
-        }
-    }
-
-    /**
-     * Construct the check matrix of a Goppa code in canonical form from the
-     * irreducible Goppa polynomial over the finite field
-     * <tt>GF(2<sup>m</sup>)</tt>.
-     *
-     * @param field the finite field
-     * @param gp    the irreducible Goppa polynomial
-     */
-    public static GF2Matrix createCanonicalCheckMatrix(GF2mField field,
-                                                       PolynomialGF2mSmallM gp)
-    {
-        int m = field.getDegree();
-        int n = 1 << m;
-        int t = gp.getDegree();
-
-        /* create matrix H over GF(2^m) */
-
-        int[][] hArray = new int[t][n];
-
-        // create matrix YZ
-        int[][] yz = new int[t][n];
-        for (int j = 0; j < n; j++)
-        {
-            // here j is used as index and as element of field GF(2^m)
-            yz[0][j] = field.inverse(gp.evaluateAt(j));
-        }
-
-        for (int i = 1; i < t; i++)
-        {
-            for (int j = 0; j < n; j++)
-            {
-                // here j is used as index and as element of field GF(2^m)
-                yz[i][j] = field.mult(yz[i - 1][j], j);
-            }
-        }
-
-        // create matrix H = XYZ
-        for (int i = 0; i < t; i++)
-        {
-            for (int j = 0; j < n; j++)
-            {
-                for (int k = 0; k <= i; k++)
-                {
-                    hArray[i][j] = field.add(hArray[i][j], field.mult(yz[k][j],
-                        gp.getCoefficient(t + k - i)));
-                }
-            }
-        }
-
-        /* convert to matrix over GF(2) */
-
-        int[][] result = new int[t * m][(n + 31) >>> 5];
-
-        for (int j = 0; j < n; j++)
-        {
-            int q = j >>> 5;
-            int r = 1 << (j & 0x1f);
-            for (int i = 0; i < t; i++)
-            {
-                int e = hArray[i][j];
-                for (int u = 0; u < m; u++)
-                {
-                    int b = (e >>> u) & 1;
-                    if (b != 0)
-                    {
-                        int ind = (i + 1) * m - u - 1;
-                        result[ind][q] ^= r;
-                    }
-                }
-            }
-        }
-
-        return new GF2Matrix(n, result);
-    }
-
-    /**
-     * Given a check matrix <tt>H</tt>, compute matrices <tt>S</tt>,
-     * <tt>M</tt>, and a random permutation <tt>P</tt> such that
-     * <tt>S*H*P = (Id|M)</tt>. Return <tt>S^-1</tt>, <tt>M</tt>, and
-     * <tt>P</tt> as {@link MaMaPe}. The matrix <tt>(Id | M)</tt> is called
-     * the systematic form of H.
-     *
-     * @param h  the check matrix
-     * @param sr a source of randomness
-     * @return the tuple <tt>(S^-1, M, P)</tt>
-     */
-    public static MaMaPe computeSystematicForm(GF2Matrix h, SecureRandom sr)
-    {
-        int n = h.getNumColumns();
-        GF2Matrix hp, sInv;
-        GF2Matrix s = null;
-        Permutation p;
-        boolean found = false;
-
-        do
-        {
-            p = new Permutation(n, sr);
-            hp = (GF2Matrix)h.rightMultiply(p);
-            sInv = hp.getLeftSubMatrix();
-            try
-            {
-                found = true;
-                s = (GF2Matrix)sInv.computeInverse();
-            }
-            catch (ArithmeticException ae)
-            {
-                found = false;
-            }
-        }
-        while (!found);
-
-        GF2Matrix shp = (GF2Matrix)s.rightMultiply(hp);
-        GF2Matrix m = shp.getRightSubMatrix();
-
-        return new MaMaPe(sInv, m, p);
-    }
-
-    /**
-     * Find an error vector <tt>e</tt> over <tt>GF(2)</tt> from an input
-     * syndrome <tt>s</tt> over <tt>GF(2<sup>m</sup>)</tt>.
-     *
-     * @param syndVec      the syndrome
-     * @param field        the finite field
-     * @param gp           the irreducible Goppa polynomial
-     * @param sqRootMatrix the matrix for computing square roots in
-     *                     <tt>(GF(2<sup>m</sup>))<sup>t</sup></tt>
-     * @return the error vector
-     */
-    public static GF2Vector syndromeDecode(GF2Vector syndVec, GF2mField field,
-                                           PolynomialGF2mSmallM gp, PolynomialGF2mSmallM[] sqRootMatrix)
-    {
-
-        int n = 1 << field.getDegree();
-
-        // the error vector
-        GF2Vector errors = new GF2Vector(n);
-
-        // if the syndrome vector is zero, the error vector is also zero
-        if (!syndVec.isZero())
-        {
-            // convert syndrome vector to polynomial over GF(2^m)
-            PolynomialGF2mSmallM syndrome = new PolynomialGF2mSmallM(syndVec
-                .toExtensionFieldVector(field));
-
-            // compute T = syndrome^-1 mod gp
-            PolynomialGF2mSmallM t = syndrome.modInverse(gp);
-
-            // compute tau = sqRoot(T + X) mod gp
-            PolynomialGF2mSmallM tau = t.addMonomial(1);
-            tau = tau.modSquareRootMatrix(sqRootMatrix);
-
-            // compute polynomials a and b satisfying a + b*tau = 0 mod gp
-            PolynomialGF2mSmallM[] ab = tau.modPolynomialToFracton(gp);
-
-            // compute the polynomial a^2 + X*b^2
-            PolynomialGF2mSmallM a2 = ab[0].multiply(ab[0]);
-            PolynomialGF2mSmallM b2 = ab[1].multiply(ab[1]);
-            PolynomialGF2mSmallM xb2 = b2.multWithMonomial(1);
-            PolynomialGF2mSmallM a2plusXb2 = a2.add(xb2);
-
-            // normalize a^2 + X*b^2 to obtain the error locator polynomial
-            int headCoeff = a2plusXb2.getHeadCoefficient();
-            int invHeadCoeff = field.inverse(headCoeff);
-            PolynomialGF2mSmallM elp = a2plusXb2.multWithElement(invHeadCoeff);
-
-            // for all elements i of GF(2^m)
-            for (int i = 0; i < n; i++)
-            {
-                // evaluate the error locator polynomial at i
-                int z = elp.evaluateAt(i);
-                // if polynomial evaluates to zero
-                if (z == 0)
-                {
-                    // set the i-th coefficient of the error vector
-                    errors.setBit(i);
-                }
-            }
-        }
-
-        return errors;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/IntUtils.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/IntUtils.java
deleted file mode 100644
index c57eb7d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/IntUtils.java
+++ /dev/null

@@ -1,179 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-public final class IntUtils
-{
-
-    /**
-     * Default constructor (private).
-     */
-    private IntUtils()
-    {
-        // empty
-    }
-
-    /**
-     * Compare two int arrays. No null checks are performed.
-     *
-     * @param left  the first int array
-     * @param right the second int array
-     * @return the result of the comparison
-     */
-    public static boolean equals(int[] left, int[] right)
-    {
-        if (left.length != right.length)
-        {
-            return false;
-        }
-        boolean result = true;
-        for (int i = left.length - 1; i >= 0; i--)
-        {
-            result &= left[i] == right[i];
-        }
-        return result;
-    }
-
-    /**
-     * Return a clone of the given int array. No null checks are performed.
-     *
-     * @param array the array to clone
-     * @return the clone of the given array
-     */
-    public static int[] clone(int[] array)
-    {
-        int[] result = new int[array.length];
-        System.arraycopy(array, 0, result, 0, array.length);
-        return result;
-    }
-
-    /**
-     * Fill the given int array with the given value.
-     *
-     * @param array the array
-     * @param value the value
-     */
-    public static void fill(int[] array, int value)
-    {
-        for (int i = array.length - 1; i >= 0; i--)
-        {
-            array[i] = value;
-        }
-    }
-
-    /**
-     * Sorts this array of integers according to the Quicksort algorithm. After
-     * calling this method this array is sorted in ascending order with the
-     * smallest integer taking position 0 in the array.
-     * <p>
-     * This implementation is based on the quicksort algorithm as described in
-     * <code>Data Structures In Java</code> by Thomas A. Standish, Chapter 10,
-     * ISBN 0-201-30564-X.
-     *
-     * @param source the array of integers that needs to be sorted.
-     */
-    public static void quicksort(int[] source)
-    {
-        quicksort(source, 0, source.length - 1);
-    }
-
-    /**
-     * Sort a subarray of a source array. The subarray is specified by its start
-     * and end index.
-     *
-     * @param source the int array to be sorted
-     * @param left   the start index of the subarray
-     * @param right  the end index of the subarray
-     */
-    public static void quicksort(int[] source, int left, int right)
-    {
-        if (right > left)
-        {
-            int index = partition(source, left, right, right);
-            quicksort(source, left, index - 1);
-            quicksort(source, index + 1, right);
-        }
-    }
-
-    /**
-     * Split a subarray of a source array into two partitions. The left
-     * partition contains elements that have value less than or equal to the
-     * pivot element, the right partition contains the elements that have larger
-     * value.
-     *
-     * @param source     the int array whose subarray will be splitted
-     * @param left       the start position of the subarray
-     * @param right      the end position of the subarray
-     * @param pivotIndex the index of the pivot element inside the array
-     * @return the new index of the pivot element inside the array
-     */
-    private static int partition(int[] source, int left, int right,
-                                 int pivotIndex)
-    {
-
-        int pivot = source[pivotIndex];
-        source[pivotIndex] = source[right];
-        source[right] = pivot;
-
-        int index = left;
-
-        for (int i = left; i < right; i++)
-        {
-            if (source[i] <= pivot)
-            {
-                int tmp = source[index];
-                source[index] = source[i];
-                source[i] = tmp;
-                index++;
-            }
-        }
-
-        int tmp = source[index];
-        source[index] = source[right];
-        source[right] = tmp;
-
-        return index;
-    }
-
-    /**
-     * Generates a subarray of a given int array.
-     *
-     * @param input -
-     *              the input int array
-     * @param start -
-     *              the start index
-     * @param end   -
-     *              the end index
-     * @return a subarray of <tt>input</tt>, ranging from <tt>start</tt> to
-     *         <tt>end</tt>
-     */
-    public static int[] subArray(final int[] input, final int start,
-                                 final int end)
-    {
-        int[] result = new int[end - start];
-        System.arraycopy(input, start, result, 0, end - start);
-        return result;
-    }
-
-    /**
-     * @param input an int array
-     * @return a human readable form of the given int array
-     */
-    public static String toString(int[] input)
-    {
-        String result = "";
-        for (int i = 0; i < input.length; i++)
-        {
-            result += input[i] + " ";
-        }
-        return result;
-    }
-
-    /**
-     * @param input an int arary
-     * @return the int array as hex string
-     */
-    public static String toHexString(int[] input)
-    {
-        return ByteUtils.toHexString(BigEndianConversions.toByteArray(input));
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/IntegerFunctions.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/IntegerFunctions.java
deleted file mode 100644
index e004bdc..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/IntegerFunctions.java
+++ /dev/null

@@ -1,1395 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.util.BigIntegers;
-
-/**
- * Class of number-theory related functions for use with integers represented as
- * <tt>int</tt>'s or <tt>BigInteger</tt> objects.
- */
-public final class IntegerFunctions
-{
-
-    private static final BigInteger ZERO = BigInteger.valueOf(0);
-
-    private static final BigInteger ONE = BigInteger.valueOf(1);
-
-    private static final BigInteger TWO = BigInteger.valueOf(2);
-
-    private static final BigInteger FOUR = BigInteger.valueOf(4);
-
-    private static final int[] SMALL_PRIMES = {3, 5, 7, 11, 13, 17, 19, 23,
-        29, 31, 37, 41};
-
-    private static final long SMALL_PRIME_PRODUCT = 3L * 5 * 7 * 11 * 13 * 17
-        * 19 * 23 * 29 * 31 * 37 * 41;
-
-    private static SecureRandom sr = null;
-
-    // the jacobi function uses this lookup table
-    private static final int[] jacobiTable = {0, 1, 0, -1, 0, -1, 0, 1};
-
-    private IntegerFunctions()
-    {
-        // empty
-    }
-
-    /**
-     * Computes the value of the Jacobi symbol (A|B). The following properties
-     * hold for the Jacobi symbol which makes it a very efficient way to
-     * evaluate the Legendre symbol
-     * <p>
-     * (A|B) = 0 IF gcd(A,B) &gt; 1<br>
-     * (-1|B) = 1 IF n = 1 (mod 1)<br>
-     * (-1|B) = -1 IF n = 3 (mod 4)<br>
-     * (A|B) (C|B) = (AC|B)<br>
-     * (A|B) (A|C) = (A|CB)<br>
-     * (A|B) = (C|B) IF A = C (mod B)<br>
-     * (2|B) = 1 IF N = 1 OR 7 (mod 8)<br>
-     * (2|B) = 1 IF N = 3 OR 5 (mod 8)
-     *
-     * @param A integer value
-     * @param B integer value
-     * @return value of the jacobi symbol (A|B)
-     */
-    public static int jacobi(BigInteger A, BigInteger B)
-    {
-        BigInteger a, b, v;
-        long k = 1;
-
-        k = 1;
-
-        // test trivial cases
-        if (B.equals(ZERO))
-        {
-            a = A.abs();
-            return a.equals(ONE) ? 1 : 0;
-        }
-
-        if (!A.testBit(0) && !B.testBit(0))
-        {
-            return 0;
-        }
-
-        a = A;
-        b = B;
-
-        if (b.signum() == -1)
-        { // b < 0
-            b = b.negate(); // b = -b
-            if (a.signum() == -1)
-            {
-                k = -1;
-            }
-        }
-
-        v = ZERO;
-        while (!b.testBit(0))
-        {
-            v = v.add(ONE); // v = v + 1
-            b = b.divide(TWO); // b = b/2
-        }
-
-        if (v.testBit(0))
-        {
-            k = k * jacobiTable[a.intValue() & 7];
-        }
-
-        if (a.signum() < 0)
-        { // a < 0
-            if (b.testBit(1))
-            {
-                k = -k; // k = -k
-            }
-            a = a.negate(); // a = -a
-        }
-
-        // main loop
-        while (a.signum() != 0)
-        {
-            v = ZERO;
-            while (!a.testBit(0))
-            { // a is even
-                v = v.add(ONE);
-                a = a.divide(TWO);
-            }
-            if (v.testBit(0))
-            {
-                k = k * jacobiTable[b.intValue() & 7];
-            }
-
-            if (a.compareTo(b) < 0)
-            { // a < b
-                // swap and correct intermediate result
-                BigInteger x = a;
-                a = b;
-                b = x;
-                if (a.testBit(1) && b.testBit(1))
-                {
-                    k = -k;
-                }
-            }
-            a = a.subtract(b);
-        }
-
-        return b.equals(ONE) ? (int)k : 0;
-    }
-
-    /**
-     * Computes the square root of a BigInteger modulo a prime employing the
-     * Shanks-Tonelli algorithm.
-     *
-     * @param a value out of which we extract the square root
-     * @param p prime modulus that determines the underlying field
-     * @return a number <tt>b</tt> such that b<sup>2</sup> = a (mod p) if
-     *         <tt>a</tt> is a quadratic residue modulo <tt>p</tt>.
-     * @throws IllegalArgumentException if <tt>a</tt> is a quadratic non-residue modulo <tt>p</tt>
-     */
-    public static BigInteger ressol(BigInteger a, BigInteger p)
-        throws IllegalArgumentException
-    {
-
-        BigInteger v = null;
-
-        if (a.compareTo(ZERO) < 0)
-        {
-            a = a.add(p);
-        }
-
-        if (a.equals(ZERO))
-        {
-            return ZERO;
-        }
-
-        if (p.equals(TWO))
-        {
-            return a;
-        }
-
-        // p = 3 mod 4
-        if (p.testBit(0) && p.testBit(1))
-        {
-            if (jacobi(a, p) == 1)
-            { // a quadr. residue mod p
-                v = p.add(ONE); // v = p+1
-                v = v.shiftRight(2); // v = v/4
-                return a.modPow(v, p); // return a^v mod p
-                // return --> a^((p+1)/4) mod p
-            }
-            throw new IllegalArgumentException("No quadratic residue: " + a + ", " + p);
-        }
-
-        long t = 0;
-
-        // initialization
-        // compute k and s, where p = 2^s (2k+1) +1
-
-        BigInteger k = p.subtract(ONE); // k = p-1
-        long s = 0;
-        while (!k.testBit(0))
-        { // while k is even
-            s++; // s = s+1
-            k = k.shiftRight(1); // k = k/2
-        }
-
-        k = k.subtract(ONE); // k = k - 1
-        k = k.shiftRight(1); // k = k/2
-
-        // initial values
-        BigInteger r = a.modPow(k, p); // r = a^k mod p
-
-        BigInteger n = r.multiply(r).remainder(p); // n = r^2 % p
-        n = n.multiply(a).remainder(p); // n = n * a % p
-        r = r.multiply(a).remainder(p); // r = r * a %p
-
-        if (n.equals(ONE))
-        {
-            return r;
-        }
-
-        // non-quadratic residue
-        BigInteger z = TWO; // z = 2
-        while (jacobi(z, p) == 1)
-        {
-            // while z quadratic residue
-            z = z.add(ONE); // z = z + 1
-        }
-
-        v = k;
-        v = v.multiply(TWO); // v = 2k
-        v = v.add(ONE); // v = 2k + 1
-        BigInteger c = z.modPow(v, p); // c = z^v mod p
-
-        // iteration
-        while (n.compareTo(ONE) == 1)
-        { // n > 1
-            k = n; // k = n
-            t = s; // t = s
-            s = 0;
-
-            while (!k.equals(ONE))
-            { // k != 1
-                k = k.multiply(k).mod(p); // k = k^2 % p
-                s++; // s = s + 1
-            }
-
-            t -= s; // t = t - s
-            if (t == 0)
-            {
-                throw new IllegalArgumentException("No quadratic residue: " + a + ", " + p);
-            }
-
-            v = ONE;
-            for (long i = 0; i < t - 1; i++)
-            {
-                v = v.shiftLeft(1); // v = 1 * 2^(t - 1)
-            }
-            c = c.modPow(v, p); // c = c^v mod p
-            r = r.multiply(c).remainder(p); // r = r * c % p
-            c = c.multiply(c).remainder(p); // c = c^2 % p
-            n = n.multiply(c).mod(p); // n = n * c % p
-        }
-        return r;
-    }
-
-    /**
-     * Computes the greatest common divisor of the two specified integers
-     *
-     * @param u - first integer
-     * @param v - second integer
-     * @return gcd(a, b)
-     */
-    public static int gcd(int u, int v)
-    {
-        return BigInteger.valueOf(u).gcd(BigInteger.valueOf(v)).intValue();
-    }
-
-    /**
-     * Extended euclidian algorithm (computes gcd and representation).
-     *
-     * @param a the first integer
-     * @param b the second integer
-     * @return <tt>(g,u,v)</tt>, where <tt>g = gcd(abs(a),abs(b)) = ua + vb</tt>
-     */
-    public static int[] extGCD(int a, int b)
-    {
-        BigInteger ba = BigInteger.valueOf(a);
-        BigInteger bb = BigInteger.valueOf(b);
-        BigInteger[] bresult = extgcd(ba, bb);
-        int[] result = new int[3];
-        result[0] = bresult[0].intValue();
-        result[1] = bresult[1].intValue();
-        result[2] = bresult[2].intValue();
-        return result;
-    }
-
-    public static BigInteger divideAndRound(BigInteger a, BigInteger b)
-    {
-        if (a.signum() < 0)
-        {
-            return divideAndRound(a.negate(), b).negate();
-        }
-        if (b.signum() < 0)
-        {
-            return divideAndRound(a, b.negate()).negate();
-        }
-        return a.shiftLeft(1).add(b).divide(b.shiftLeft(1));
-    }
-
-    public static BigInteger[] divideAndRound(BigInteger[] a, BigInteger b)
-    {
-        BigInteger[] out = new BigInteger[a.length];
-        for (int i = 0; i < a.length; i++)
-        {
-            out[i] = divideAndRound(a[i], b);
-        }
-        return out;
-    }
-
-    /**
-     * Compute the smallest integer that is greater than or equal to the
-     * logarithm to the base 2 of the given BigInteger.
-     *
-     * @param a the integer
-     * @return ceil[log(a)]
-     */
-    public static int ceilLog(BigInteger a)
-    {
-        int result = 0;
-        BigInteger p = ONE;
-        while (p.compareTo(a) < 0)
-        {
-            result++;
-            p = p.shiftLeft(1);
-        }
-        return result;
-    }
-
-    /**
-     * Compute the smallest integer that is greater than or equal to the
-     * logarithm to the base 2 of the given integer.
-     *
-     * @param a the integer
-     * @return ceil[log(a)]
-     */
-    public static int ceilLog(int a)
-    {
-        int log = 0;
-        int i = 1;
-        while (i < a)
-        {
-            i <<= 1;
-            log++;
-        }
-        return log;
-    }
-
-    /**
-     * Compute <tt>ceil(log_256 n)</tt>, the number of bytes needed to encode
-     * the integer <tt>n</tt>.
-     *
-     * @param n the integer
-     * @return the number of bytes needed to encode <tt>n</tt>
-     */
-    public static int ceilLog256(int n)
-    {
-        if (n == 0)
-        {
-            return 1;
-        }
-        int m;
-        if (n < 0)
-        {
-            m = -n;
-        }
-        else
-        {
-            m = n;
-        }
-
-        int d = 0;
-        while (m > 0)
-        {
-            d++;
-            m >>>= 8;
-        }
-        return d;
-    }
-
-    /**
-     * Compute <tt>ceil(log_256 n)</tt>, the number of bytes needed to encode
-     * the long integer <tt>n</tt>.
-     *
-     * @param n the long integer
-     * @return the number of bytes needed to encode <tt>n</tt>
-     */
-    public static int ceilLog256(long n)
-    {
-        if (n == 0)
-        {
-            return 1;
-        }
-        long m;
-        if (n < 0)
-        {
-            m = -n;
-        }
-        else
-        {
-            m = n;
-        }
-
-        int d = 0;
-        while (m > 0)
-        {
-            d++;
-            m >>>= 8;
-        }
-        return d;
-    }
-
-    /**
-     * Compute the integer part of the logarithm to the base 2 of the given
-     * integer.
-     *
-     * @param a the integer
-     * @return floor[log(a)]
-     */
-    public static int floorLog(BigInteger a)
-    {
-        int result = -1;
-        BigInteger p = ONE;
-        while (p.compareTo(a) <= 0)
-        {
-            result++;
-            p = p.shiftLeft(1);
-        }
-        return result;
-    }
-
-    /**
-     * Compute the integer part of the logarithm to the base 2 of the given
-     * integer.
-     *
-     * @param a the integer
-     * @return floor[log(a)]
-     */
-    public static int floorLog(int a)
-    {
-        int h = 0;
-        if (a <= 0)
-        {
-            return -1;
-        }
-        int p = a >>> 1;
-        while (p > 0)
-        {
-            h++;
-            p >>>= 1;
-        }
-
-        return h;
-    }
-
-    /**
-     * Compute the largest <tt>h</tt> with <tt>2^h | a</tt> if <tt>a!=0</tt>.
-     *
-     * @param a an integer
-     * @return the largest <tt>h</tt> with <tt>2^h | a</tt> if <tt>a!=0</tt>,
-     *         <tt>0</tt> otherwise
-     */
-    public static int maxPower(int a)
-    {
-        int h = 0;
-        if (a != 0)
-        {
-            int p = 1;
-            while ((a & p) == 0)
-            {
-                h++;
-                p <<= 1;
-            }
-        }
-
-        return h;
-    }
-
-    /**
-     * @param a an integer
-     * @return the number of ones in the binary representation of an integer
-     *         <tt>a</tt>
-     */
-    public static int bitCount(int a)
-    {
-        int h = 0;
-        while (a != 0)
-        {
-            h += a & 1;
-            a >>>= 1;
-        }
-
-        return h;
-    }
-
-    /**
-     * determines the order of g modulo p, p prime and 1 &lt; g &lt; p. This algorithm
-     * is only efficient for small p (see X9.62-1998, p. 68).
-     *
-     * @param g an integer with 1 &lt; g &lt; p
-     * @param p a prime
-     * @return the order k of g (that is k is the smallest integer with
-     *         g<sup>k</sup> = 1 mod p
-     */
-    public static int order(int g, int p)
-    {
-        int b, j;
-
-        b = g % p; // Reduce g mod p first.
-        j = 1;
-
-        // Check whether g == 0 mod p (avoiding endless loop).
-        if (b == 0)
-        {
-            throw new IllegalArgumentException(g + " is not an element of Z/("
-                + p + "Z)^*; it is not meaningful to compute its order.");
-        }
-
-        // Compute the order of g mod p:
-        while (b != 1)
-        {
-            b *= g;
-            b %= p;
-            if (b < 0)
-            {
-                b += p;
-            }
-            j++;
-        }
-
-        return j;
-    }
-
-    /**
-     * Reduces an integer into a given interval
-     *
-     * @param n     - the integer
-     * @param begin - left bound of the interval
-     * @param end   - right bound of the interval
-     * @return <tt>n</tt> reduced into <tt>[begin,end]</tt>
-     */
-    public static BigInteger reduceInto(BigInteger n, BigInteger begin,
-                                        BigInteger end)
-    {
-        return n.subtract(begin).mod(end.subtract(begin)).add(begin);
-    }
-
-    /**
-     * Compute <tt>a<sup>e</sup></tt>.
-     *
-     * @param a the base
-     * @param e the exponent
-     * @return <tt>a<sup>e</sup></tt>
-     */
-    public static int pow(int a, int e)
-    {
-        int result = 1;
-        while (e > 0)
-        {
-            if ((e & 1) == 1)
-            {
-                result *= a;
-            }
-            a *= a;
-            e >>>= 1;
-        }
-        return result;
-    }
-
-    /**
-     * Compute <tt>a<sup>e</sup></tt>.
-     *
-     * @param a the base
-     * @param e the exponent
-     * @return <tt>a<sup>e</sup></tt>
-     */
-    public static long pow(long a, int e)
-    {
-        long result = 1;
-        while (e > 0)
-        {
-            if ((e & 1) == 1)
-            {
-                result *= a;
-            }
-            a *= a;
-            e >>>= 1;
-        }
-        return result;
-    }
-
-    /**
-     * Compute <tt>a<sup>e</sup> mod n</tt>.
-     *
-     * @param a the base
-     * @param e the exponent
-     * @param n the modulus
-     * @return <tt>a<sup>e</sup> mod n</tt>
-     */
-    public static int modPow(int a, int e, int n)
-    {
-        if (n <= 0 || (n * n) > Integer.MAX_VALUE || e < 0)
-        {
-            return 0;
-        }
-        int result = 1;
-        a = (a % n + n) % n;
-        while (e > 0)
-        {
-            if ((e & 1) == 1)
-            {
-                result = (result * a) % n;
-            }
-            a = (a * a) % n;
-            e >>>= 1;
-        }
-        return result;
-    }
-
-    /**
-     * Extended euclidian algorithm (computes gcd and representation).
-     *
-     * @param a - the first integer
-     * @param b - the second integer
-     * @return <tt>(d,u,v)</tt>, where <tt>d = gcd(a,b) = ua + vb</tt>
-     */
-    public static BigInteger[] extgcd(BigInteger a, BigInteger b)
-    {
-        BigInteger u = ONE;
-        BigInteger v = ZERO;
-        BigInteger d = a;
-        if (b.signum() != 0)
-        {
-            BigInteger v1 = ZERO;
-            BigInteger v3 = b;
-            while (v3.signum() != 0)
-            {
-                BigInteger[] tmp = d.divideAndRemainder(v3);
-                BigInteger q = tmp[0];
-                BigInteger t3 = tmp[1];
-                BigInteger t1 = u.subtract(q.multiply(v1));
-                u = v1;
-                d = v3;
-                v1 = t1;
-                v3 = t3;
-            }
-            v = d.subtract(a.multiply(u)).divide(b);
-        }
-        return new BigInteger[]{d, u, v};
-    }
-
-    /**
-     * Computation of the least common multiple of a set of BigIntegers.
-     *
-     * @param numbers - the set of numbers
-     * @return the lcm(numbers)
-     */
-    public static BigInteger leastCommonMultiple(BigInteger[] numbers)
-    {
-        int n = numbers.length;
-        BigInteger result = numbers[0];
-        for (int i = 1; i < n; i++)
-        {
-            BigInteger gcd = result.gcd(numbers[i]);
-            result = result.multiply(numbers[i]).divide(gcd);
-        }
-        return result;
-    }
-
-    /**
-     * Returns a long integer whose value is <tt>(a mod m</tt>). This method
-     * differs from <tt>%</tt> in that it always returns a <i>non-negative</i>
-     * integer.
-     *
-     * @param a value on which the modulo operation has to be performed.
-     * @param m the modulus.
-     * @return <tt>a mod m</tt>
-     */
-    public static long mod(long a, long m)
-    {
-        long result = a % m;
-        if (result < 0)
-        {
-            result += m;
-        }
-        return result;
-    }
-
-    /**
-     * Computes the modular inverse of an integer a
-     *
-     * @param a   - the integer to invert
-     * @param mod - the modulus
-     * @return <tt>a<sup>-1</sup> mod n</tt>
-     */
-    public static int modInverse(int a, int mod)
-    {
-        return BigInteger.valueOf(a).modInverse(BigInteger.valueOf(mod))
-            .intValue();
-    }
-
-    /**
-     * Computes the modular inverse of an integer a
-     *
-     * @param a   - the integer to invert
-     * @param mod - the modulus
-     * @return <tt>a<sup>-1</sup> mod n</tt>
-     */
-    public static long modInverse(long a, long mod)
-    {
-        return BigInteger.valueOf(a).modInverse(BigInteger.valueOf(mod))
-            .longValue();
-    }
-
-    /**
-     * Tests whether an integer <tt>a</tt> is power of another integer
-     * <tt>p</tt>.
-     *
-     * @param a - the first integer
-     * @param p - the second integer
-     * @return n if a = p^n or -1 otherwise
-     */
-    public static int isPower(int a, int p)
-    {
-        if (a <= 0)
-        {
-            return -1;
-        }
-        int n = 0;
-        int d = a;
-        while (d > 1)
-        {
-            if (d % p != 0)
-            {
-                return -1;
-            }
-            d /= p;
-            n++;
-        }
-        return n;
-    }
-
-    /**
-     * Find and return the least non-trivial divisor of an integer <tt>a</tt>.
-     *
-     * @param a - the integer
-     * @return divisor p &gt;1 or 1 if a = -1,0,1
-     */
-    public static int leastDiv(int a)
-    {
-        if (a < 0)
-        {
-            a = -a;
-        }
-        if (a == 0)
-        {
-            return 1;
-        }
-        if ((a & 1) == 0)
-        {
-            return 2;
-        }
-        int p = 3;
-        while (p <= (a / p))
-        {
-            if ((a % p) == 0)
-            {
-                return p;
-            }
-            p += 2;
-        }
-
-        return a;
-    }
-
-    /**
-     * Miller-Rabin-Test, determines wether the given integer is probably prime
-     * or composite. This method returns <tt>true</tt> if the given integer is
-     * prime with probability <tt>1 - 2<sup>-20</sup></tt>.
-     *
-     * @param n the integer to test for primality
-     * @return <tt>true</tt> if the given integer is prime with probability
-     *         2<sup>-100</sup>, <tt>false</tt> otherwise
-     */
-    public static boolean isPrime(int n)
-    {
-        if (n < 2)
-        {
-            return false;
-        }
-        if (n == 2)
-        {
-            return true;
-        }
-        if ((n & 1) == 0)
-        {
-            return false;
-        }
-        if (n < 42)
-        {
-            for (int i = 0; i < SMALL_PRIMES.length; i++)
-            {
-                if (n == SMALL_PRIMES[i])
-                {
-                    return true;
-                }
-            }
-        }
-
-        if ((n % 3 == 0) || (n % 5 == 0) || (n % 7 == 0) || (n % 11 == 0)
-            || (n % 13 == 0) || (n % 17 == 0) || (n % 19 == 0)
-            || (n % 23 == 0) || (n % 29 == 0) || (n % 31 == 0)
-            || (n % 37 == 0) || (n % 41 == 0))
-        {
-            return false;
-        }
-
-        return BigInteger.valueOf(n).isProbablePrime(20);
-    }
-
-    /**
-     * Short trial-division test to find out whether a number is not prime. This
-     * test is usually used before a Miller-Rabin primality test.
-     *
-     * @param candidate the number to test
-     * @return <tt>true</tt> if the number has no factor of the tested primes,
-     *         <tt>false</tt> if the number is definitely composite
-     */
-    public static boolean passesSmallPrimeTest(BigInteger candidate)
-    {
-        final int[] smallPrime = {2, 3, 5, 7, 11, 13, 17, 19, 23, 29, 31, 37,
-            41, 43, 47, 53, 59, 61, 67, 71, 73, 79, 83, 89, 97, 101, 103,
-            107, 109, 113, 127, 131, 137, 139, 149, 151, 157, 163, 167,
-            173, 179, 181, 191, 193, 197, 199, 211, 223, 227, 229, 233,
-            239, 241, 251, 257, 263, 269, 271, 277, 281, 283, 293, 307,
-            311, 313, 317, 331, 337, 347, 349, 353, 359, 367, 373, 379,
-            383, 389, 397, 401, 409, 419, 421, 431, 433, 439, 443, 449,
-            457, 461, 463, 467, 479, 487, 491, 499, 503, 509, 521, 523,
-            541, 547, 557, 563, 569, 571, 577, 587, 593, 599, 601, 607,
-            613, 617, 619, 631, 641, 643, 647, 653, 659, 661, 673, 677,
-            683, 691, 701, 709, 719, 727, 733, 739, 743, 751, 757, 761,
-            769, 773, 787, 797, 809, 811, 821, 823, 827, 829, 839, 853,
-            857, 859, 863, 877, 881, 883, 887, 907, 911, 919, 929, 937,
-            941, 947, 953, 967, 971, 977, 983, 991, 997, 1009, 1013, 1019,
-            1021, 1031, 1033, 1039, 1049, 1051, 1061, 1063, 1069, 1087,
-            1091, 1093, 1097, 1103, 1109, 1117, 1123, 1129, 1151, 1153,
-            1163, 1171, 1181, 1187, 1193, 1201, 1213, 1217, 1223, 1229,
-            1231, 1237, 1249, 1259, 1277, 1279, 1283, 1289, 1291, 1297,
-            1301, 1303, 1307, 1319, 1321, 1327, 1361, 1367, 1373, 1381,
-            1399, 1409, 1423, 1427, 1429, 1433, 1439, 1447, 1451, 1453,
-            1459, 1471, 1481, 1483, 1487, 1489, 1493, 1499};
-
-        for (int i = 0; i < smallPrime.length; i++)
-        {
-            if (candidate.mod(BigInteger.valueOf(smallPrime[i])).equals(
-                ZERO))
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    /**
-     * Returns the largest prime smaller than the given integer
-     *
-     * @param n - upper bound
-     * @return the largest prime smaller than <tt>n</tt>, or <tt>1</tt> if
-     *         <tt>n &lt;= 2</tt>
-     */
-    public static int nextSmallerPrime(int n)
-    {
-        if (n <= 2)
-        {
-            return 1;
-        }
-
-        if (n == 3)
-        {
-            return 2;
-        }
-
-        if ((n & 1) == 0)
-        {
-            n--;
-        }
-        else
-        {
-            n -= 2;
-        }
-
-        while (n > 3 && !isPrime(n))
-        {
-            n -= 2;
-        }
-        return n;
-    }
-
-    /**
-     * Compute the next probable prime greater than <tt>n</tt> with the
-     * specified certainty.
-     *
-     * @param n         a integer number
-     * @param certainty the certainty that the generated number is prime
-     * @return the next prime greater than <tt>n</tt>
-     */
-    public static BigInteger nextProbablePrime(BigInteger n, int certainty)
-    {
-
-        if (n.signum() < 0 || n.signum() == 0 || n.equals(ONE))
-        {
-            return TWO;
-        }
-
-        BigInteger result = n.add(ONE);
-
-        // Ensure an odd number
-        if (!result.testBit(0))
-        {
-            result = result.add(ONE);
-        }
-
-        while (true)
-        {
-            // Do cheap "pre-test" if applicable
-            if (result.bitLength() > 6)
-            {
-                long r = result.remainder(
-                    BigInteger.valueOf(SMALL_PRIME_PRODUCT)).longValue();
-                if ((r % 3 == 0) || (r % 5 == 0) || (r % 7 == 0)
-                    || (r % 11 == 0) || (r % 13 == 0) || (r % 17 == 0)
-                    || (r % 19 == 0) || (r % 23 == 0) || (r % 29 == 0)
-                    || (r % 31 == 0) || (r % 37 == 0) || (r % 41 == 0))
-                {
-                    result = result.add(TWO);
-                    continue; // Candidate is composite; try another
-                }
-            }
-
-            // All candidates of bitLength 2 and 3 are prime by this point
-            if (result.bitLength() < 4)
-            {
-                return result;
-            }
-
-            // The expensive test
-            if (result.isProbablePrime(certainty))
-            {
-                return result;
-            }
-
-            result = result.add(TWO);
-        }
-    }
-
-    /**
-     * Compute the next probable prime greater than <tt>n</tt> with the default
-     * certainty (20).
-     *
-     * @param n a integer number
-     * @return the next prime greater than <tt>n</tt>
-     */
-    public static BigInteger nextProbablePrime(BigInteger n)
-    {
-        return nextProbablePrime(n, 20);
-    }
-
-    /**
-     * Computes the next prime greater than n.
-     *
-     * @param n a integer number
-     * @return the next prime greater than n
-     */
-    public static BigInteger nextPrime(long n)
-    {
-        long i;
-        boolean found = false;
-        long result = 0;
-
-        if (n <= 1)
-        {
-            return BigInteger.valueOf(2);
-        }
-        if (n == 2)
-        {
-            return BigInteger.valueOf(3);
-        }
-
-        for (i = n + 1 + (n & 1); (i <= n << 1) && !found; i += 2)
-        {
-            for (long j = 3; (j <= i >> 1) && !found; j += 2)
-            {
-                if (i % j == 0)
-                {
-                    found = true;
-                }
-            }
-            if (found)
-            {
-                found = false;
-            }
-            else
-            {
-                result = i;
-                found = true;
-            }
-        }
-        return BigInteger.valueOf(result);
-    }
-
-    /**
-     * Computes the binomial coefficient (n|t) ("n over t"). Formula:
-     * <ul>
-     * <li>if n !=0 and t != 0 then (n|t) = Mult(i=1, t): (n-(i-1))/i</li>
-     * <li>if t = 0 then (n|t) = 1</li>
-     * <li>if n = 0 and t &gt; 0 then (n|t) = 0</li>
-     * </ul>
-     *
-     * @param n - the "upper" integer
-     * @param t - the "lower" integer
-     * @return the binomialcoefficient "n over t" as BigInteger
-     */
-    public static BigInteger binomial(int n, int t)
-    {
-
-        BigInteger result = ONE;
-
-        if (n == 0)
-        {
-            if (t == 0)
-            {
-                return result;
-            }
-            return ZERO;
-        }
-
-        // the property (n|t) = (n|n-t) be used to reduce numbers of operations
-        if (t > (n >>> 1))
-        {
-            t = n - t;
-        }
-
-        for (int i = 1; i <= t; i++)
-        {
-            result = (result.multiply(BigInteger.valueOf(n - (i - 1))))
-                .divide(BigInteger.valueOf(i));
-        }
-
-        return result;
-    }
-
-    public static BigInteger randomize(BigInteger upperBound)
-    {
-        if (sr == null)
-        {
-            sr = CryptoServicesRegistrar.getSecureRandom();
-        }
-        return randomize(upperBound, sr);
-    }
-
-    public static BigInteger randomize(BigInteger upperBound,
-                                       SecureRandom prng)
-    {
-        int blen = upperBound.bitLength();
-        BigInteger randomNum = BigInteger.valueOf(0);
-
-        if (prng == null)
-        {
-            prng = sr != null ? sr : CryptoServicesRegistrar.getSecureRandom();
-        }
-
-        for (int i = 0; i < 20; i++)
-        {
-            randomNum = BigIntegers.createRandomBigInteger(blen, prng);
-            if (randomNum.compareTo(upperBound) < 0)
-            {
-                return randomNum;
-            }
-        }
-        return randomNum.mod(upperBound);
-    }
-
-    /**
-     * Extract the truncated square root of a BigInteger.
-     *
-     * @param a - value out of which we extract the square root
-     * @return the truncated square root of <tt>a</tt>
-     */
-    public static BigInteger squareRoot(BigInteger a)
-    {
-        int bl;
-        BigInteger result, remainder, b;
-
-        if (a.compareTo(ZERO) < 0)
-        {
-            throw new ArithmeticException(
-                "cannot extract root of negative number" + a + ".");
-        }
-
-        bl = a.bitLength();
-        result = ZERO;
-        remainder = ZERO;
-
-        // if the bit length is odd then extra step
-        if ((bl & 1) != 0)
-        {
-            result = result.add(ONE);
-            bl--;
-        }
-
-        while (bl > 0)
-        {
-            remainder = remainder.multiply(FOUR);
-            remainder = remainder.add(BigInteger.valueOf((a.testBit(--bl) ? 2
-                : 0)
-                + (a.testBit(--bl) ? 1 : 0)));
-            b = result.multiply(FOUR).add(ONE);
-            result = result.multiply(TWO);
-            if (remainder.compareTo(b) != -1)
-            {
-                result = result.add(ONE);
-                remainder = remainder.subtract(b);
-            }
-        }
-
-        return result;
-    }
-
-    /**
-     * Takes an approximation of the root from an integer base, using newton's
-     * algorithm
-     *
-     * @param base the base to take the root from
-     * @param root the root, for example 2 for a square root
-     */
-    public static float intRoot(int base, int root)
-    {
-        float gNew = base / root;
-        float gOld = 0;
-        int counter = 0;
-        while (Math.abs(gOld - gNew) > 0.0001)
-        {
-            float gPow = floatPow(gNew, root);
-            while (Float.isInfinite(gPow))
-            {
-                gNew = (gNew + gOld) / 2;
-                gPow = floatPow(gNew, root);
-            }
-            counter += 1;
-            gOld = gNew;
-            gNew = gOld - (gPow - base) / (root * floatPow(gOld, root - 1));
-        }
-        return gNew;
-    }
-
-    /**
-     * int power of a base float, only use for small ints
-     *
-     * @param f base float
-     * @param i power to be raised to.
-     * @return int power i of f
-     */
-    public static float floatPow(float f, int i)
-    {
-        float g = 1;
-        for (; i > 0; i--)
-        {
-            g *= f;
-        }
-        return g;
-    }
-
-    /**
-     * calculate the logarithm to the base 2.
-     *
-     * @param x any double value
-     * @return log_2(x)
-     * @deprecated use MathFunctions.log(double) instead
-     */
-    public static double log(double x)
-    {
-        if (x > 0 && x < 1)
-        {
-            double d = 1 / x;
-            double result = -log(d);
-            return result;
-        }
-
-        int tmp = 0;
-        double tmp2 = 1;
-        double d = x;
-
-        while (d > 2)
-        {
-            d = d / 2;
-            tmp += 1;
-            tmp2 *= 2;
-        }
-        double rem = x / tmp2;
-        rem = logBKM(rem);
-        return tmp + rem;
-    }
-
-    /**
-     * calculate the logarithm to the base 2.
-     *
-     * @param x any long value &gt;=1
-     * @return log_2(x)
-     * @deprecated use MathFunctions.log(long) instead
-     */
-    public static double log(long x)
-    {
-        int tmp = floorLog(BigInteger.valueOf(x));
-        long tmp2 = 1 << tmp;
-        double rem = (double)x / (double)tmp2;
-        rem = logBKM(rem);
-        return tmp + rem;
-    }
-
-    /**
-     * BKM Algorithm to calculate logarithms to the base 2.
-     *
-     * @param arg a double value with 1<= arg<= 4.768462058
-     * @return log_2(arg)
-     * @deprecated use MathFunctions.logBKM(double) instead
-     */
-    private static double logBKM(double arg)
-    {
-        double ae[] = // A_e[k] = log_2 (1 + 0.5^k)
-            {
-                1.0000000000000000000000000000000000000000000000000000000000000000000000000000,
-                0.5849625007211561814537389439478165087598144076924810604557526545410982276485,
-                0.3219280948873623478703194294893901758648313930245806120547563958159347765589,
-                0.1699250014423123629074778878956330175196288153849621209115053090821964552970,
-                0.0874628412503394082540660108104043540112672823448206881266090643866965081686,
-                0.0443941193584534376531019906736094674630459333742491317685543002674288465967,
-                0.0223678130284545082671320837460849094932677948156179815932199216587899627785,
-                0.0112272554232541203378805844158839407281095943600297940811823651462712311786,
-                0.0056245491938781069198591026740666017211096815383520359072957784732489771013,
-                0.0028150156070540381547362547502839489729507927389771959487826944878598909400,
-                0.0014081943928083889066101665016890524233311715793462235597709051792834906001,
-                0.0007042690112466432585379340422201964456668872087249334581924550139514213168,
-                0.0003521774803010272377989609925281744988670304302127133979341729842842377649,
-                0.0001760994864425060348637509459678580940163670081839283659942864068257522373,
-                0.0000880524301221769086378699983597183301490534085738474534831071719854721939,
-                0.0000440268868273167176441087067175806394819146645511899503059774914593663365,
-                0.0000220136113603404964890728830697555571275493801909791504158295359319433723,
-                0.0000110068476674814423006223021573490183469930819844945565597452748333526464,
-                0.0000055034343306486037230640321058826431606183125807276574241540303833251704,
-                0.0000027517197895612831123023958331509538486493412831626219340570294203116559,
-                0.0000013758605508411382010566802834037147561973553922354232704569052932922954,
-                0.0000006879304394358496786728937442939160483304056131990916985043387874690617,
-                0.0000003439652607217645360118314743718005315334062644619363447395987584138324,
-                0.0000001719826406118446361936972479533123619972434705828085978955697643547921,
-                0.0000000859913228686632156462565208266682841603921494181830811515318381744650,
-                0.0000000429956620750168703982940244684787907148132725669106053076409624949917,
-                0.0000000214978311976797556164155504126645192380395989504741781512309853438587,
-                0.0000000107489156388827085092095702361647949603617203979413516082280717515504,
-                0.0000000053744578294520620044408178949217773318785601260677517784797554422804,
-                0.0000000026872289172287079490026152352638891824761667284401180026908031182361,
-                0.0000000013436144592400232123622589569799954658536700992739887706412976115422,
-                0.0000000006718072297764289157920422846078078155859484240808550018085324187007,
-                0.0000000003359036149273187853169587152657145221968468364663464125722491530858,
-                0.0000000001679518074734354745159899223037458278711244127245990591908996412262,
-                0.0000000000839759037391617577226571237484864917411614198675604731728132152582,
-                0.0000000000419879518701918839775296677020135040214077417929807824842667285938,
-                0.0000000000209939759352486932678195559552767641474249812845414125580747434389,
-                0.0000000000104969879676625344536740142096218372850561859495065136990936290929,
-                0.0000000000052484939838408141817781356260462777942148580518406975851213868092,
-                0.0000000000026242469919227938296243586262369156865545638305682553644113887909,
-                0.0000000000013121234959619935994960031017850191710121890821178731821983105443,
-                0.0000000000006560617479811459709189576337295395590603644549624717910616347038,
-                0.0000000000003280308739906102782522178545328259781415615142931952662153623493,
-                0.0000000000001640154369953144623242936888032768768777422997704541618141646683,
-                0.0000000000000820077184976595619616930350508356401599552034612281802599177300,
-                0.0000000000000410038592488303636807330652208397742314215159774270270147020117,
-                0.0000000000000205019296244153275153381695384157073687186580546938331088730952,
-                0.0000000000000102509648122077001764119940017243502120046885379813510430378661,
-                0.0000000000000051254824061038591928917243090559919209628584150482483994782302,
-                0.0000000000000025627412030519318726172939815845367496027046030028595094737777,
-                0.0000000000000012813706015259665053515049475574143952543145124550608158430592,
-                0.0000000000000006406853007629833949364669629701200556369782295210193569318434,
-                0.0000000000000003203426503814917330334121037829290364330169106716787999052925,
-                0.0000000000000001601713251907458754080007074659337446341494733882570243497196,
-                0.0000000000000000800856625953729399268240176265844257044861248416330071223615,
-                0.0000000000000000400428312976864705191179247866966320469710511619971334577509,
-                0.0000000000000000200214156488432353984854413866994246781519154793320684126179,
-                0.0000000000000000100107078244216177339743404416874899847406043033792202127070,
-                0.0000000000000000050053539122108088756700751579281894640362199287591340285355,
-                0.0000000000000000025026769561054044400057638132352058574658089256646014899499,
-                0.0000000000000000012513384780527022205455634651853807110362316427807660551208,
-                0.0000000000000000006256692390263511104084521222346348012116229213309001913762,
-                0.0000000000000000003128346195131755552381436585278035120438976487697544916191,
-                0.0000000000000000001564173097565877776275512286165232838833090480508502328437,
-                0.0000000000000000000782086548782938888158954641464170239072244145219054734086,
-                0.0000000000000000000391043274391469444084776945327473574450334092075712154016,
-                0.0000000000000000000195521637195734722043713378812583900953755962557525252782,
-                0.0000000000000000000097760818597867361022187915943503728909029699365320287407,
-                0.0000000000000000000048880409298933680511176764606054809062553340323879609794,
-                0.0000000000000000000024440204649466840255609083961603140683286362962192177597,
-                0.0000000000000000000012220102324733420127809717395445504379645613448652614939,
-                0.0000000000000000000006110051162366710063906152551383735699323415812152114058,
-                0.0000000000000000000003055025581183355031953399739107113727036860315024588989,
-                0.0000000000000000000001527512790591677515976780735407368332862218276873443537,
-                0.0000000000000000000000763756395295838757988410584167137033767056170417508383,
-                0.0000000000000000000000381878197647919378994210346199431733717514843471513618,
-                0.0000000000000000000000190939098823959689497106436628681671067254111334889005,
-                0.0000000000000000000000095469549411979844748553534196582286585751228071408728,
-                0.0000000000000000000000047734774705989922374276846068851506055906657137209047,
-                0.0000000000000000000000023867387352994961187138442777065843718711089344045782,
-                0.0000000000000000000000011933693676497480593569226324192944532044984865894525,
-                0.0000000000000000000000005966846838248740296784614396011477934194852481410926,
-                0.0000000000000000000000002983423419124370148392307506484490384140516252814304,
-                0.0000000000000000000000001491711709562185074196153830361933046331030629430117,
-                0.0000000000000000000000000745855854781092537098076934460888486730708440475045,
-                0.0000000000000000000000000372927927390546268549038472050424734256652501673274,
-                0.0000000000000000000000000186463963695273134274519237230207489851150821191330,
-                0.0000000000000000000000000093231981847636567137259618916352525606281553180093,
-                0.0000000000000000000000000046615990923818283568629809533488457973317312233323,
-                0.0000000000000000000000000023307995461909141784314904785572277779202790023236,
-                0.0000000000000000000000000011653997730954570892157452397493151087737428485431,
-                0.0000000000000000000000000005826998865477285446078726199923328593402722606924,
-                0.0000000000000000000000000002913499432738642723039363100255852559084863397344,
-                0.0000000000000000000000000001456749716369321361519681550201473345138307215067,
-                0.0000000000000000000000000000728374858184660680759840775119123438968122488047,
-                0.0000000000000000000000000000364187429092330340379920387564158411083803465567,
-                0.0000000000000000000000000000182093714546165170189960193783228378441837282509,
-                0.0000000000000000000000000000091046857273082585094980096891901482445902524441,
-                0.0000000000000000000000000000045523428636541292547490048446022564529197237262,
-                0.0000000000000000000000000000022761714318270646273745024223029238091160103901};
-        int n = 53;
-        double x = 1;
-        double y = 0;
-        double z;
-        double s = 1;
-        int k;
-
-        for (k = 0; k < n; k++)
-        {
-            z = x + x * s;
-            if (z <= arg)
-            {
-                x = z;
-                y += ae[k];
-            }
-            s *= 0.5;
-        }
-        return y;
-    }
-
-    public static boolean isIncreasing(int[] a)
-    {
-        for (int i = 1; i < a.length; i++)
-        {
-            if (a[i - 1] >= a[i])
-            {
-                System.out.println("a[" + (i - 1) + "] = " + a[i - 1] + " >= "
-                    + a[i] + " = a[" + i + "]");
-                return false;
-            }
-        }
-        return true;
-    }
-
-    public static byte[] integerToOctets(BigInteger val)
-    {
-        byte[] valBytes = val.abs().toByteArray();
-
-        // check whether the array includes a sign bit
-        if ((val.bitLength() & 7) != 0)
-        {
-            return valBytes;
-        }
-        // get rid of the sign bit (first byte)
-        byte[] tmp = new byte[val.bitLength() >> 3];
-        System.arraycopy(valBytes, 1, tmp, 0, tmp.length);
-        return tmp;
-    }
-
-    public static BigInteger octetsToInteger(byte[] data, int offset,
-                                             int length)
-    {
-        byte[] val = new byte[length + 1];
-
-        val[0] = 0;
-        System.arraycopy(data, offset, val, 1, length);
-        return new BigInteger(val);
-    }
-
-    public static BigInteger octetsToInteger(byte[] data)
-    {
-        return octetsToInteger(data, 0, data.length);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/LittleEndianConversions.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/LittleEndianConversions.java
deleted file mode 100644
index c97fdc5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/LittleEndianConversions.java
+++ /dev/null

@@ -1,230 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-/**
- * This is a utility class containing data type conversions using little-endian
- * byte order.
- *
- * @see BigEndianConversions
- */
-public final class LittleEndianConversions
-{
-
-    /**
-     * Default constructor (private).
-     */
-    private LittleEndianConversions()
-    {
-        // empty
-    }
-
-    /**
-     * Convert an octet string of length 4 to an integer. No length checking is
-     * performed.
-     *
-     * @param input the byte array holding the octet string
-     * @return an integer representing the octet string <tt>input</tt>
-     * @throws ArithmeticException if the length of the given octet string is larger than 4.
-     */
-    public static int OS2IP(byte[] input)
-    {
-        return ((input[0] & 0xff)) | ((input[1] & 0xff) << 8)
-            | ((input[2] & 0xff) << 16) | ((input[3] & 0xff)) << 24;
-    }
-
-    /**
-     * Convert an byte array of length 4 beginning at <tt>offset</tt> into an
-     * integer.
-     *
-     * @param input the byte array
-     * @param inOff the offset into the byte array
-     * @return the resulting integer
-     */
-    public static int OS2IP(byte[] input, int inOff)
-    {
-        int result = input[inOff++] & 0xff;
-        result |= (input[inOff++] & 0xff) << 8;
-        result |= (input[inOff++] & 0xff) << 16;
-        result |= (input[inOff] & 0xff) << 24;
-        return result;
-    }
-
-    /**
-     * Convert a byte array of the given length beginning at <tt>offset</tt>
-     * into an integer.
-     *
-     * @param input the byte array
-     * @param inOff the offset into the byte array
-     * @param inLen the length of the encoding
-     * @return the resulting integer
-     */
-    public static int OS2IP(byte[] input, int inOff, int inLen)
-    {
-        int result = 0;
-        for (int i = inLen - 1; i >= 0; i--)
-        {
-            result |= (input[inOff + i] & 0xff) << (8 * i);
-        }
-        return result;
-    }
-
-    /**
-     * Convert a byte array of length 8 beginning at <tt>inOff</tt> into a
-     * long integer.
-     *
-     * @param input the byte array
-     * @param inOff the offset into the byte array
-     * @return the resulting long integer
-     */
-    public static long OS2LIP(byte[] input, int inOff)
-    {
-        long result = input[inOff++] & 0xff;
-        result |= (input[inOff++] & 0xff) << 8;
-        result |= (input[inOff++] & 0xff) << 16;
-        result |= ((long)input[inOff++] & 0xff) << 24;
-        result |= ((long)input[inOff++] & 0xff) << 32;
-        result |= ((long)input[inOff++] & 0xff) << 40;
-        result |= ((long)input[inOff++] & 0xff) << 48;
-        result |= ((long)input[inOff++] & 0xff) << 56;
-        return result;
-    }
-
-    /**
-     * Convert an integer to an octet string of length 4.
-     *
-     * @param x the integer to convert
-     * @return the converted integer
-     */
-    public static byte[] I2OSP(int x)
-    {
-        byte[] result = new byte[4];
-        result[0] = (byte)x;
-        result[1] = (byte)(x >>> 8);
-        result[2] = (byte)(x >>> 16);
-        result[3] = (byte)(x >>> 24);
-        return result;
-    }
-
-    /**
-     * Convert an integer into a byte array beginning at the specified offset.
-     *
-     * @param value  the integer to convert
-     * @param output the byte array to hold the result
-     * @param outOff the integer offset into the byte array
-     */
-    public static void I2OSP(int value, byte[] output, int outOff)
-    {
-        output[outOff++] = (byte)value;
-        output[outOff++] = (byte)(value >>> 8);
-        output[outOff++] = (byte)(value >>> 16);
-        output[outOff++] = (byte)(value >>> 24);
-    }
-
-    /**
-     * Convert an integer to a byte array beginning at the specified offset. No
-     * length checking is performed (i.e., if the integer cannot be encoded with
-     * <tt>length</tt> octets, it is truncated).
-     *
-     * @param value  the integer to convert
-     * @param output the byte array to hold the result
-     * @param outOff the integer offset into the byte array
-     * @param outLen the length of the encoding
-     */
-    public static void I2OSP(int value, byte[] output, int outOff, int outLen)
-    {
-        for (int i = outLen - 1; i >= 0; i--)
-        {
-            output[outOff + i] = (byte)(value >>> (8 * i));
-        }
-    }
-
-    /**
-     * Convert an integer to a byte array of length 8.
-     *
-     * @param input the integer to convert
-     * @return the converted integer
-     */
-    public static byte[] I2OSP(long input)
-    {
-        byte[] output = new byte[8];
-        output[0] = (byte)input;
-        output[1] = (byte)(input >>> 8);
-        output[2] = (byte)(input >>> 16);
-        output[3] = (byte)(input >>> 24);
-        output[4] = (byte)(input >>> 32);
-        output[5] = (byte)(input >>> 40);
-        output[6] = (byte)(input >>> 48);
-        output[7] = (byte)(input >>> 56);
-        return output;
-    }
-
-    /**
-     * Convert an integer to a byte array of length 8.
-     *
-     * @param input  the integer to convert
-     * @param output byte array holding the output
-     * @param outOff offset in output array where the result is stored
-     */
-    public static void I2OSP(long input, byte[] output, int outOff)
-    {
-        output[outOff++] = (byte)input;
-        output[outOff++] = (byte)(input >>> 8);
-        output[outOff++] = (byte)(input >>> 16);
-        output[outOff++] = (byte)(input >>> 24);
-        output[outOff++] = (byte)(input >>> 32);
-        output[outOff++] = (byte)(input >>> 40);
-        output[outOff++] = (byte)(input >>> 48);
-        output[outOff] = (byte)(input >>> 56);
-    }
-
-    /**
-     * Convert an int array to a byte array of the specified length. No length
-     * checking is performed (i.e., if the last integer cannot be encoded with
-     * <tt>length % 4</tt> octets, it is truncated).
-     *
-     * @param input  the int array
-     * @param outLen the length of the converted array
-     * @return the converted array
-     */
-    public static byte[] toByteArray(int[] input, int outLen)
-    {
-        int intLen = input.length;
-        byte[] result = new byte[outLen];
-        int index = 0;
-        for (int i = 0; i <= intLen - 2; i++, index += 4)
-        {
-            I2OSP(input[i], result, index);
-        }
-        I2OSP(input[intLen - 1], result, index, outLen - index);
-        return result;
-    }
-
-    /**
-     * Convert a byte array to an int array.
-     *
-     * @param input the byte array
-     * @return the converted array
-     */
-    public static int[] toIntArray(byte[] input)
-    {
-        int intLen = (input.length + 3) / 4;
-        int lastLen = input.length & 0x03;
-        int[] result = new int[intLen];
-
-        int index = 0;
-        for (int i = 0; i <= intLen - 2; i++, index += 4)
-        {
-            result[i] = OS2IP(input, index);
-        }
-        if (lastLen != 0)
-        {
-            result[intLen - 1] = OS2IP(input, index, lastLen);
-        }
-        else
-        {
-            result[intLen - 1] = OS2IP(input, index);
-        }
-
-        return result;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/Matrix.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/Matrix.java
deleted file mode 100644
index 2c9a0eb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/Matrix.java
+++ /dev/null

@@ -1,131 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-/**
- * This abstract class defines matrices. It holds the number of rows and the
- * number of columns of the matrix and defines some basic methods.
- */
-public abstract class Matrix
-{
-
-    /**
-     * number of rows
-     */
-    protected int numRows;
-
-    /**
-     * number of columns
-     */
-    protected int numColumns;
-
-    // ----------------------------------------------------
-    // some constants (matrix types)
-    // ----------------------------------------------------
-
-    /**
-     * zero matrix
-     */
-    public static final char MATRIX_TYPE_ZERO = 'Z';
-
-    /**
-     * unit matrix
-     */
-    public static final char MATRIX_TYPE_UNIT = 'I';
-
-    /**
-     * random lower triangular matrix
-     */
-    public static final char MATRIX_TYPE_RANDOM_LT = 'L';
-
-    /**
-     * random upper triangular matrix
-     */
-    public static final char MATRIX_TYPE_RANDOM_UT = 'U';
-
-    /**
-     * random regular matrix
-     */
-    public static final char MATRIX_TYPE_RANDOM_REGULAR = 'R';
-
-    // ----------------------------------------------------
-    // getters
-    // ----------------------------------------------------
-
-    /**
-     * @return the number of rows in the matrix
-     */
-    public int getNumRows()
-    {
-        return numRows;
-    }
-
-    /**
-     * @return the number of columns in the binary matrix
-     */
-    public int getNumColumns()
-    {
-        return numColumns;
-    }
-
-    /**
-     * @return the encoded matrix, i.e., this matrix in byte array form.
-     */
-    public abstract byte[] getEncoded();
-
-    // ----------------------------------------------------
-    // arithmetic
-    // ----------------------------------------------------
-
-    /**
-     * Compute the inverse of this matrix.
-     *
-     * @return the inverse of this matrix (newly created).
-     */
-    public abstract Matrix computeInverse();
-
-    /**
-     * Check if this is the zero matrix (i.e., all entries are zero).
-     *
-     * @return <tt>true</tt> if this is the zero matrix
-     */
-    public abstract boolean isZero();
-
-    /**
-     * Compute the product of this matrix and another matrix.
-     *
-     * @param a the other matrix
-     * @return <tt>this * a</tt> (newly created)
-     */
-    public abstract Matrix rightMultiply(Matrix a);
-
-    /**
-     * Compute the product of this matrix and a permutation.
-     *
-     * @param p the permutation
-     * @return <tt>this * p</tt> (newly created)
-     */
-    public abstract Matrix rightMultiply(Permutation p);
-
-    /**
-     * Compute the product of a vector and this matrix. If the length of the
-     * vector is greater than the number of rows of this matrix, the matrix is
-     * multiplied by each m-bit part of the vector.
-     *
-     * @param vector a vector
-     * @return <tt>vector * this</tt> (newly created)
-     */
-    public abstract Vector leftMultiply(Vector vector);
-
-    /**
-     * Compute the product of this matrix and a vector.
-     *
-     * @param vector a vector
-     * @return <tt>this * vector</tt> (newly created)
-     */
-    public abstract Vector rightMultiply(Vector vector);
-
-    /**
-     * @return a human readable form of the matrix.
-     */
-    public abstract String toString();
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/Permutation.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/Permutation.java
deleted file mode 100644
index e0a07b8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/Permutation.java
+++ /dev/null

@@ -1,249 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * This class implements permutations of the set {0,1,...,n-1} for some given n
- * &gt; 0, i.e., ordered sequences containing each number <tt>m</tt> (<tt>0 &lt;=
- * m &lt; n</tt>)
- * once and only once.
- */
-public class Permutation
-{
-
-    /**
-     * perm holds the elements of the permutation vector, i.e. <tt>[perm(0),
-     * perm(1), ..., perm(n-1)]</tt>
-     */
-    private int[] perm;
-
-    /**
-     * Create the identity permutation of the given size.
-     *
-     * @param n the size of the permutation
-     */
-    public Permutation(int n)
-    {
-        if (n <= 0)
-        {
-            throw new IllegalArgumentException("invalid length");
-        }
-
-        perm = new int[n];
-        for (int i = n - 1; i >= 0; i--)
-        {
-            perm[i] = i;
-        }
-    }
-
-    /**
-     * Create a permutation using the given permutation vector.
-     *
-     * @param perm the permutation vector
-     */
-    public Permutation(int[] perm)
-    {
-        if (!isPermutation(perm))
-        {
-            throw new IllegalArgumentException(
-                "array is not a permutation vector");
-        }
-
-        this.perm = IntUtils.clone(perm);
-    }
-
-    /**
-     * Create a permutation from an encoded permutation.
-     *
-     * @param enc the encoded permutation
-     */
-    public Permutation(byte[] enc)
-    {
-        if (enc.length <= 4)
-        {
-            throw new IllegalArgumentException("invalid encoding");
-        }
-
-        int n = LittleEndianConversions.OS2IP(enc, 0);
-        int size = IntegerFunctions.ceilLog256(n - 1);
-
-        if (enc.length != 4 + n * size)
-        {
-            throw new IllegalArgumentException("invalid encoding");
-        }
-
-        perm = new int[n];
-        for (int i = 0; i < n; i++)
-        {
-            perm[i] = LittleEndianConversions.OS2IP(enc, 4 + i * size, size);
-        }
-
-        if (!isPermutation(perm))
-        {
-            throw new IllegalArgumentException("invalid encoding");
-        }
-
-    }
-
-    /**
-     * Create a random permutation of the given size.
-     *
-     * @param n  the size of the permutation
-     * @param sr the source of randomness
-     */
-    public Permutation(int n, SecureRandom sr)
-    {
-        if (n <= 0)
-        {
-            throw new IllegalArgumentException("invalid length");
-        }
-
-        perm = new int[n];
-
-        int[] help = new int[n];
-        for (int i = 0; i < n; i++)
-        {
-            help[i] = i;
-        }
-
-        int k = n;
-        for (int j = 0; j < n; j++)
-        {
-            int i = RandUtils.nextInt(sr, k);
-            k--;
-            perm[j] = help[i];
-            help[i] = help[k];
-        }
-    }
-
-    /**
-     * Encode this permutation as byte array.
-     *
-     * @return the encoded permutation
-     */
-    public byte[] getEncoded()
-    {
-        int n = perm.length;
-        int size = IntegerFunctions.ceilLog256(n - 1);
-        byte[] result = new byte[4 + n * size];
-        LittleEndianConversions.I2OSP(n, result, 0);
-        for (int i = 0; i < n; i++)
-        {
-            LittleEndianConversions.I2OSP(perm[i], result, 4 + i * size, size);
-        }
-        return result;
-    }
-
-    /**
-     * @return the permutation vector <tt>(perm(0),perm(1),...,perm(n-1))</tt>
-     */
-    public int[] getVector()
-    {
-        return IntUtils.clone(perm);
-    }
-
-    /**
-     * Compute the inverse permutation <tt>P<sup>-1</sup></tt>.
-     *
-     * @return <tt>this<sup>-1</sup></tt>
-     */
-    public Permutation computeInverse()
-    {
-        Permutation result = new Permutation(perm.length);
-        for (int i = perm.length - 1; i >= 0; i--)
-        {
-            result.perm[perm[i]] = i;
-        }
-        return result;
-    }
-
-    /**
-     * Compute the product of this permutation and another permutation.
-     *
-     * @param p the other permutation
-     * @return <tt>this * p</tt>
-     */
-    public Permutation rightMultiply(Permutation p)
-    {
-        if (p.perm.length != perm.length)
-        {
-            throw new IllegalArgumentException("length mismatch");
-        }
-        Permutation result = new Permutation(perm.length);
-        for (int i = perm.length - 1; i >= 0; i--)
-        {
-            result.perm[i] = perm[p.perm[i]];
-        }
-        return result;
-    }
-
-    /**
-     * checks if given object is equal to this permutation.
-     * <p>
-     * The method returns false whenever the given object is not permutation.
-     *
-     * @param other -
-     *              permutation
-     * @return true or false
-     */
-    public boolean equals(Object other)
-    {
-
-        if (!(other instanceof Permutation))
-        {
-            return false;
-        }
-        Permutation otherPerm = (Permutation)other;
-
-        return IntUtils.equals(perm, otherPerm.perm);
-    }
-
-    /**
-     * @return a human readable form of the permutation
-     */
-    public String toString()
-    {
-        String result = "[" + perm[0];
-        for (int i = 1; i < perm.length; i++)
-        {
-            result += ", " + perm[i];
-        }
-        result += "]";
-        return result;
-    }
-
-    /**
-     * @return the hash code of this permutation
-     */
-    public int hashCode()
-    {
-        return Arrays.hashCode(perm);
-    }
-
-    /**
-     * Check that the given array corresponds to a permutation of the set
-     * <tt>{0, 1, ..., n-1}</tt>.
-     *
-     * @param perm permutation vector
-     * @return true if perm represents an n-permutation and false otherwise
-     */
-    private boolean isPermutation(int[] perm)
-    {
-        int n = perm.length;
-        boolean[] onlyOnce = new boolean[n];
-
-        for (int i = 0; i < n; i++)
-        {
-            if ((perm[i] < 0) || (perm[i] >= n) || onlyOnce[perm[i]])
-            {
-                return false;
-            }
-            onlyOnce[perm[i]] = true;
-        }
-
-        return true;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/PolynomialGF2mSmallM.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/PolynomialGF2mSmallM.java
deleted file mode 100644
index 866b6f7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/PolynomialGF2mSmallM.java
+++ /dev/null

@@ -1,1124 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-import java.security.SecureRandom;
-
-/**
- * This class describes operations with polynomials from the ring R =
- * GF(2^m)[X], where 2 &lt;= m &lt;=31.
- *
- * @see GF2mField
- * @see PolynomialRingGF2m
- */
-public class PolynomialGF2mSmallM
-{
-
-    /**
-     * the finite field GF(2^m)
-     */
-    private GF2mField field;
-
-    /**
-     * the degree of this polynomial
-     */
-    private int degree;
-
-    /**
-     * For the polynomial representation the map f: R->Z*,
-     * <tt>poly(X) -> [coef_0, coef_1, ...]</tt> is used, where
-     * <tt>coef_i</tt> is the <tt>i</tt>th coefficient of the polynomial
-     * represented as int (see {@link GF2mField}). The polynomials are stored
-     * as int arrays.
-     */
-    private int[] coefficients;
-
-    /*
-      * some types of polynomials
-      */
-
-    /**
-     * Constant used for polynomial construction (see constructor
-     * {@link #PolynomialGF2mSmallM(GF2mField, int, char, SecureRandom)}).
-     */
-    public static final char RANDOM_IRREDUCIBLE_POLYNOMIAL = 'I';
-
-    /**
-     * Construct the zero polynomial over the finite field GF(2^m).
-     *
-     * @param field the finite field GF(2^m)
-     */
-    public PolynomialGF2mSmallM(GF2mField field)
-    {
-        this.field = field;
-        degree = -1;
-        coefficients = new int[1];
-    }
-
-    /**
-     * Construct a polynomial over the finite field GF(2^m).
-     *
-     * @param field            the finite field GF(2^m)
-     * @param deg              degree of polynomial
-     * @param typeOfPolynomial type of polynomial
-     * @param sr               PRNG
-     */
-    public PolynomialGF2mSmallM(GF2mField field, int deg,
-                                char typeOfPolynomial, SecureRandom sr)
-    {
-        this.field = field;
-
-        switch (typeOfPolynomial)
-        {
-        case PolynomialGF2mSmallM.RANDOM_IRREDUCIBLE_POLYNOMIAL:
-            coefficients = createRandomIrreduciblePolynomial(deg, sr);
-            break;
-        default:
-            throw new IllegalArgumentException(" Error: type "
-                + typeOfPolynomial
-                + " is not defined for GF2smallmPolynomial");
-        }
-        computeDegree();
-    }
-
-    /**
-     * Create an irreducible polynomial with the given degree over the field
-     * <tt>GF(2^m)</tt>.
-     *
-     * @param deg polynomial degree
-     * @param sr  source of randomness
-     * @return the generated irreducible polynomial
-     */
-    private int[] createRandomIrreduciblePolynomial(int deg, SecureRandom sr)
-    {
-        int[] resCoeff = new int[deg + 1];
-        resCoeff[deg] = 1;
-        resCoeff[0] = field.getRandomNonZeroElement(sr);
-        for (int i = 1; i < deg; i++)
-        {
-            resCoeff[i] = field.getRandomElement(sr);
-        }
-        while (!isIrreducible(resCoeff))
-        {
-            int n = RandUtils.nextInt(sr, deg);
-            if (n == 0)
-            {
-                resCoeff[0] = field.getRandomNonZeroElement(sr);
-            }
-            else
-            {
-                resCoeff[n] = field.getRandomElement(sr);
-            }
-        }
-        return resCoeff;
-    }
-
-    /**
-     * Construct a monomial of the given degree over the finite field GF(2^m).
-     *
-     * @param field  the finite field GF(2^m)
-     * @param degree the degree of the monomial
-     */
-    public PolynomialGF2mSmallM(GF2mField field, int degree)
-    {
-        this.field = field;
-        this.degree = degree;
-        coefficients = new int[degree + 1];
-        coefficients[degree] = 1;
-    }
-
-    /**
-     * Construct the polynomial over the given finite field GF(2^m) from the
-     * given coefficient vector.
-     *
-     * @param field  finite field GF2m
-     * @param coeffs the coefficient vector
-     */
-    public PolynomialGF2mSmallM(GF2mField field, int[] coeffs)
-    {
-        this.field = field;
-        coefficients = normalForm(coeffs);
-        computeDegree();
-    }
-
-    /**
-     * Create a polynomial over the finite field GF(2^m).
-     *
-     * @param field the finite field GF(2^m)
-     * @param enc   byte[] polynomial in byte array form
-     */
-    public PolynomialGF2mSmallM(GF2mField field, byte[] enc)
-    {
-        this.field = field;
-
-        // decodes polynomial
-        int d = 8;
-        int count = 1;
-        while (field.getDegree() > d)
-        {
-            count++;
-            d += 8;
-        }
-
-        if ((enc.length % count) != 0)
-        {
-            throw new IllegalArgumentException(
-                " Error: byte array is not encoded polynomial over given finite field GF2m");
-        }
-
-        coefficients = new int[enc.length / count];
-        count = 0;
-        for (int i = 0; i < coefficients.length; i++)
-        {
-            for (int j = 0; j < d; j += 8)
-            {
-                coefficients[i] ^= (enc[count++] & 0x000000ff) << j;
-            }
-            if (!this.field.isElementOfThisField(coefficients[i]))
-            {
-                throw new IllegalArgumentException(
-                    " Error: byte array is not encoded polynomial over given finite field GF2m");
-            }
-        }
-        // if HC = 0 for non-zero polynomial, returns error
-        if ((coefficients.length != 1)
-            && (coefficients[coefficients.length - 1] == 0))
-        {
-            throw new IllegalArgumentException(
-                " Error: byte array is not encoded polynomial over given finite field GF2m");
-        }
-        computeDegree();
-    }
-
-    /**
-     * Copy constructor.
-     *
-     * @param other another {@link PolynomialGF2mSmallM}
-     */
-    public PolynomialGF2mSmallM(PolynomialGF2mSmallM other)
-    {
-        // field needs not to be cloned since it is immutable
-        field = other.field;
-        degree = other.degree;
-        coefficients = IntUtils.clone(other.coefficients);
-    }
-
-    /**
-     * Create a polynomial over the finite field GF(2^m) out of the given
-     * coefficient vector. The finite field is also obtained from the
-     * {@link GF2mVector}.
-     *
-     * @param vect the coefficient vector
-     */
-    public PolynomialGF2mSmallM(GF2mVector vect)
-    {
-        this(vect.getField(), vect.getIntArrayForm());
-    }
-
-    /*
-      * ------------------------
-      */
-
-    /**
-     * Return the degree of this polynomial
-     *
-     * @return int degree of this polynomial if this is zero polynomial return
-     *         -1
-     */
-    public int getDegree()
-    {
-        int d = coefficients.length - 1;
-        if (coefficients[d] == 0)
-        {
-            return -1;
-        }
-        return d;
-    }
-
-    /**
-     * @return the head coefficient of this polynomial
-     */
-    public int getHeadCoefficient()
-    {
-        if (degree == -1)
-        {
-            return 0;
-        }
-        return coefficients[degree];
-    }
-
-    /**
-     * Return the head coefficient of a polynomial.
-     *
-     * @param a the polynomial
-     * @return the head coefficient of <tt>a</tt>
-     */
-    private static int headCoefficient(int[] a)
-    {
-        int degree = computeDegree(a);
-        if (degree == -1)
-        {
-            return 0;
-        }
-        return a[degree];
-    }
-
-    /**
-     * Return the coefficient with the given index.
-     *
-     * @param index the index
-     * @return the coefficient with the given index
-     */
-    public int getCoefficient(int index)
-    {
-        if ((index < 0) || (index > degree))
-        {
-            return 0;
-        }
-        return coefficients[index];
-    }
-
-    /**
-     * Returns encoded polynomial, i.e., this polynomial in byte array form
-     *
-     * @return the encoded polynomial
-     */
-    public byte[] getEncoded()
-    {
-        int d = 8;
-        int count = 1;
-        while (field.getDegree() > d)
-        {
-            count++;
-            d += 8;
-        }
-
-        byte[] res = new byte[coefficients.length * count];
-        count = 0;
-        for (int i = 0; i < coefficients.length; i++)
-        {
-            for (int j = 0; j < d; j += 8)
-            {
-                res[count++] = (byte)(coefficients[i] >>> j);
-            }
-        }
-
-        return res;
-    }
-
-    /**
-     * Evaluate this polynomial <tt>p</tt> at a value <tt>e</tt> (in
-     * <tt>GF(2^m)</tt>) with the Horner scheme.
-     *
-     * @param e the element of the finite field GF(2^m)
-     * @return <tt>this(e)</tt>
-     */
-    public int evaluateAt(int e)
-    {
-        int result = coefficients[degree];
-        for (int i = degree - 1; i >= 0; i--)
-        {
-            result = field.mult(result, e) ^ coefficients[i];
-        }
-        return result;
-    }
-
-    /**
-     * Compute the sum of this polynomial and the given polynomial.
-     *
-     * @param addend the addend
-     * @return <tt>this + a</tt> (newly created)
-     */
-    public PolynomialGF2mSmallM add(PolynomialGF2mSmallM addend)
-    {
-        int[] resultCoeff = add(coefficients, addend.coefficients);
-        return new PolynomialGF2mSmallM(field, resultCoeff);
-    }
-
-    /**
-     * Add the given polynomial to this polynomial (overwrite this).
-     *
-     * @param addend the addend
-     */
-    public void addToThis(PolynomialGF2mSmallM addend)
-    {
-        coefficients = add(coefficients, addend.coefficients);
-        computeDegree();
-    }
-
-    /**
-     * Compute the sum of two polynomials a and b over the finite field
-     * <tt>GF(2^m)</tt>.
-     *
-     * @param a the first polynomial
-     * @param b the second polynomial
-     * @return a + b
-     */
-    private int[] add(int[] a, int[] b)
-    {
-        int[] result, addend;
-        if (a.length < b.length)
-        {
-            result = new int[b.length];
-            System.arraycopy(b, 0, result, 0, b.length);
-            addend = a;
-        }
-        else
-        {
-            result = new int[a.length];
-            System.arraycopy(a, 0, result, 0, a.length);
-            addend = b;
-        }
-
-        for (int i = addend.length - 1; i >= 0; i--)
-        {
-            result[i] = field.add(result[i], addend[i]);
-        }
-
-        return result;
-    }
-
-    /**
-     * Compute the sum of this polynomial and the monomial of the given degree.
-     *
-     * @param degree the degree of the monomial
-     * @return <tt>this + X^k</tt>
-     */
-    public PolynomialGF2mSmallM addMonomial(int degree)
-    {
-        int[] monomial = new int[degree + 1];
-        monomial[degree] = 1;
-        int[] resultCoeff = add(coefficients, monomial);
-        return new PolynomialGF2mSmallM(field, resultCoeff);
-    }
-
-    /**
-     * Compute the product of this polynomial with an element from GF(2^m).
-     *
-     * @param element an element of the finite field GF(2^m)
-     * @return <tt>this * element</tt> (newly created)
-     * @throws ArithmeticException if <tt>element</tt> is not an element of the finite
-     * field this polynomial is defined over.
-     */
-    public PolynomialGF2mSmallM multWithElement(int element)
-    {
-        if (!field.isElementOfThisField(element))
-        {
-            throw new ArithmeticException(
-                "Not an element of the finite field this polynomial is defined over.");
-        }
-        int[] resultCoeff = multWithElement(coefficients, element);
-        return new PolynomialGF2mSmallM(field, resultCoeff);
-    }
-
-    /**
-     * Multiply this polynomial with an element from GF(2^m).
-     *
-     * @param element an element of the finite field GF(2^m)
-     * @throws ArithmeticException if <tt>element</tt> is not an element of the finite
-     * field this polynomial is defined over.
-     */
-    public void multThisWithElement(int element)
-    {
-        if (!field.isElementOfThisField(element))
-        {
-            throw new ArithmeticException(
-                "Not an element of the finite field this polynomial is defined over.");
-        }
-        coefficients = multWithElement(coefficients, element);
-        computeDegree();
-    }
-
-    /**
-     * Compute the product of a polynomial a with an element from the finite
-     * field <tt>GF(2^m)</tt>.
-     *
-     * @param a       the polynomial
-     * @param element an element of the finite field GF(2^m)
-     * @return <tt>a * element</tt>
-     */
-    private int[] multWithElement(int[] a, int element)
-    {
-        int degree = computeDegree(a);
-        if (degree == -1 || element == 0)
-        {
-            return new int[1];
-        }
-
-        if (element == 1)
-        {
-            return IntUtils.clone(a);
-        }
-
-        int[] result = new int[degree + 1];
-        for (int i = degree; i >= 0; i--)
-        {
-            result[i] = field.mult(a[i], element);
-        }
-
-        return result;
-    }
-
-    /**
-     * Compute the product of this polynomial with a monomial X^k.
-     *
-     * @param k the degree of the monomial
-     * @return <tt>this * X^k</tt>
-     */
-    public PolynomialGF2mSmallM multWithMonomial(int k)
-    {
-        int[] resultCoeff = multWithMonomial(coefficients, k);
-        return new PolynomialGF2mSmallM(field, resultCoeff);
-    }
-
-    /**
-     * Compute the product of a polynomial with a monomial X^k.
-     *
-     * @param a the polynomial
-     * @param k the degree of the monomial
-     * @return <tt>a * X^k</tt>
-     */
-    private static int[] multWithMonomial(int[] a, int k)
-    {
-        int d = computeDegree(a);
-        if (d == -1)
-        {
-            return new int[1];
-        }
-        int[] result = new int[d + k + 1];
-        System.arraycopy(a, 0, result, k, d + 1);
-        return result;
-    }
-
-    /**
-     * Divide this polynomial by the given polynomial.
-     *
-     * @param f a polynomial
-     * @return polynomial pair = {q,r} where this = q*f+r and deg(r) &lt;
-     *         deg(f);
-     */
-    public PolynomialGF2mSmallM[] div(PolynomialGF2mSmallM f)
-    {
-        int[][] resultCoeffs = div(coefficients, f.coefficients);
-        return new PolynomialGF2mSmallM[]{
-            new PolynomialGF2mSmallM(field, resultCoeffs[0]),
-            new PolynomialGF2mSmallM(field, resultCoeffs[1])};
-    }
-
-    /**
-     * Compute the result of the division of two polynomials over the field
-     * <tt>GF(2^m)</tt>.
-     *
-     * @param a the first polynomial
-     * @param f the second polynomial
-     * @return int[][] {q,r}, where a = q*f+r and deg(r) &lt; deg(f);
-     */
-    private int[][] div(int[] a, int[] f)
-    {
-        int df = computeDegree(f);
-        int da = computeDegree(a) + 1;
-        if (df == -1)
-        {
-            throw new ArithmeticException("Division by zero.");
-        }
-        int[][] result = new int[2][];
-        result[0] = new int[1];
-        result[1] = new int[da];
-        int hc = headCoefficient(f);
-        hc = field.inverse(hc);
-        result[0][0] = 0;
-        System.arraycopy(a, 0, result[1], 0, result[1].length);
-        while (df <= computeDegree(result[1]))
-        {
-            int[] q;
-            int[] coeff = new int[1];
-            coeff[0] = field.mult(headCoefficient(result[1]), hc);
-            q = multWithElement(f, coeff[0]);
-            int n = computeDegree(result[1]) - df;
-            q = multWithMonomial(q, n);
-            coeff = multWithMonomial(coeff, n);
-            result[0] = add(coeff, result[0]);
-            result[1] = add(q, result[1]);
-        }
-        return result;
-    }
-
-    /**
-     * Return the greatest common divisor of this and a polynomial <i>f</i>
-     *
-     * @param f polynomial
-     * @return GCD(this, f)
-     */
-    public PolynomialGF2mSmallM gcd(PolynomialGF2mSmallM f)
-    {
-        int[] resultCoeff = gcd(coefficients, f.coefficients);
-        return new PolynomialGF2mSmallM(field, resultCoeff);
-    }
-
-    /**
-     * Return the greatest common divisor of two polynomials over the field
-     * <tt>GF(2^m)</tt>.
-     *
-     * @param f the first polynomial
-     * @param g the second polynomial
-     * @return <tt>gcd(f, g)</tt>
-     */
-    private int[] gcd(int[] f, int[] g)
-    {
-        int[] a = f;
-        int[] b = g;
-        if (computeDegree(a) == -1)
-        {
-            return b;
-        }
-        while (computeDegree(b) != -1)
-        {
-            int[] c = mod(a, b);
-            a = new int[b.length];
-            System.arraycopy(b, 0, a, 0, a.length);
-            b = new int[c.length];
-            System.arraycopy(c, 0, b, 0, b.length);
-        }
-        int coeff = field.inverse(headCoefficient(a));
-        return multWithElement(a, coeff);
-    }
-
-    /**
-     * Compute the product of this polynomial and the given factor using a
-     * Karatzuba like scheme.
-     *
-     * @param factor the polynomial
-     * @return <tt>this * factor</tt>
-     */
-    public PolynomialGF2mSmallM multiply(PolynomialGF2mSmallM factor)
-    {
-        int[] resultCoeff = multiply(coefficients, factor.coefficients);
-        return new PolynomialGF2mSmallM(field, resultCoeff);
-    }
-
-    /**
-     * Compute the product of two polynomials over the field <tt>GF(2^m)</tt>
-     * using a Karatzuba like multiplication.
-     *
-     * @param a the first polynomial
-     * @param b the second polynomial
-     * @return a * b
-     */
-    private int[] multiply(int[] a, int[] b)
-    {
-        int[] mult1, mult2;
-        if (computeDegree(a) < computeDegree(b))
-        {
-            mult1 = b;
-            mult2 = a;
-        }
-        else
-        {
-            mult1 = a;
-            mult2 = b;
-        }
-
-        mult1 = normalForm(mult1);
-        mult2 = normalForm(mult2);
-
-        if (mult2.length == 1)
-        {
-            return multWithElement(mult1, mult2[0]);
-        }
-
-        int d1 = mult1.length;
-        int d2 = mult2.length;
-        int[] result = new int[d1 + d2 - 1];
-
-        if (d2 != d1)
-        {
-            int[] res1 = new int[d2];
-            int[] res2 = new int[d1 - d2];
-            System.arraycopy(mult1, 0, res1, 0, res1.length);
-            System.arraycopy(mult1, d2, res2, 0, res2.length);
-            res1 = multiply(res1, mult2);
-            res2 = multiply(res2, mult2);
-            res2 = multWithMonomial(res2, d2);
-            result = add(res1, res2);
-        }
-        else
-        {
-            d2 = (d1 + 1) >>> 1;
-            int d = d1 - d2;
-            int[] firstPartMult1 = new int[d2];
-            int[] firstPartMult2 = new int[d2];
-            int[] secondPartMult1 = new int[d];
-            int[] secondPartMult2 = new int[d];
-            System
-                .arraycopy(mult1, 0, firstPartMult1, 0,
-                    firstPartMult1.length);
-            System.arraycopy(mult1, d2, secondPartMult1, 0,
-                secondPartMult1.length);
-            System
-                .arraycopy(mult2, 0, firstPartMult2, 0,
-                    firstPartMult2.length);
-            System.arraycopy(mult2, d2, secondPartMult2, 0,
-                secondPartMult2.length);
-            int[] helpPoly1 = add(firstPartMult1, secondPartMult1);
-            int[] helpPoly2 = add(firstPartMult2, secondPartMult2);
-            int[] res1 = multiply(firstPartMult1, firstPartMult2);
-            int[] res2 = multiply(helpPoly1, helpPoly2);
-            int[] res3 = multiply(secondPartMult1, secondPartMult2);
-            res2 = add(res2, res1);
-            res2 = add(res2, res3);
-            res3 = multWithMonomial(res3, d2);
-            result = add(res2, res3);
-            result = multWithMonomial(result, d2);
-            result = add(result, res1);
-        }
-
-        return result;
-    }
-
-    /*
-      * ---------------- PART II ----------------
-      *
-      */
-
-    /**
-     * Check a polynomial for irreducibility over the field <tt>GF(2^m)</tt>.
-     *
-     * @param a the polynomial to check
-     * @return true if a is irreducible, false otherwise
-     */
-    private boolean isIrreducible(int[] a)
-    {
-        if (a[0] == 0)
-        {
-            return false;
-        }
-        int d = computeDegree(a) >> 1;
-        int[] u = {0, 1};
-        final int[] Y = {0, 1};
-        int fieldDegree = field.getDegree();
-        for (int i = 0; i < d; i++)
-        {
-            for (int j = fieldDegree - 1; j >= 0; j--)
-            {
-                u = modMultiply(u, u, a);
-            }
-            u = normalForm(u);
-            int[] g = gcd(add(u, Y), a);
-            if (computeDegree(g) != 0)
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    /**
-     * Reduce this polynomial modulo another polynomial.
-     *
-     * @param f the reduction polynomial
-     * @return <tt>this mod f</tt>
-     */
-    public PolynomialGF2mSmallM mod(PolynomialGF2mSmallM f)
-    {
-        int[] resultCoeff = mod(coefficients, f.coefficients);
-        return new PolynomialGF2mSmallM(field, resultCoeff);
-    }
-
-    /**
-     * Reduce a polynomial modulo another polynomial.
-     *
-     * @param a the polynomial
-     * @param f the reduction polynomial
-     * @return <tt>a mod f</tt>
-     */
-    private int[] mod(int[] a, int[] f)
-    {
-        int df = computeDegree(f);
-        if (df == -1)
-        {
-            throw new ArithmeticException("Division by zero");
-        }
-        int[] result = new int[a.length];
-        int hc = headCoefficient(f);
-        hc = field.inverse(hc);
-        System.arraycopy(a, 0, result, 0, result.length);
-        while (df <= computeDegree(result))
-        {
-            int[] q;
-            int coeff = field.mult(headCoefficient(result), hc);
-            q = multWithMonomial(f, computeDegree(result) - df);
-            q = multWithElement(q, coeff);
-            result = add(q, result);
-        }
-        return result;
-    }
-
-    /**
-     * Compute the product of this polynomial and another polynomial modulo a
-     * third polynomial.
-     *
-     * @param a another polynomial
-     * @param b the reduction polynomial
-     * @return <tt>this * a mod b</tt>
-     */
-    public PolynomialGF2mSmallM modMultiply(PolynomialGF2mSmallM a,
-                                            PolynomialGF2mSmallM b)
-    {
-        int[] resultCoeff = modMultiply(coefficients, a.coefficients,
-            b.coefficients);
-        return new PolynomialGF2mSmallM(field, resultCoeff);
-    }
-
-    /**
-     * Square this polynomial using a squaring matrix.
-     *
-     * @param matrix the squaring matrix
-     * @return <tt>this^2</tt> modulo the reduction polynomial implicitly
-     *         given via the squaring matrix
-     */
-    public PolynomialGF2mSmallM modSquareMatrix(PolynomialGF2mSmallM[] matrix)
-    {
-
-        int length = matrix.length;
-
-        int[] resultCoeff = new int[length];
-        int[] thisSquare = new int[length];
-
-        // square each entry of this polynomial
-        for (int i = 0; i < coefficients.length; i++)
-        {
-            thisSquare[i] = field.mult(coefficients[i], coefficients[i]);
-        }
-
-        // do matrix-vector multiplication
-        for (int i = 0; i < length; i++)
-        {
-            // compute scalar product of i-th row and coefficient vector
-            for (int j = 0; j < length; j++)
-            {
-                if (i >= matrix[j].coefficients.length)
-                {
-                    continue;
-                }
-                int scalarTerm = field.mult(matrix[j].coefficients[i],
-                    thisSquare[j]);
-                resultCoeff[i] = field.add(resultCoeff[i], scalarTerm);
-            }
-        }
-
-        return new PolynomialGF2mSmallM(field, resultCoeff);
-    }
-
-    /**
-     * Compute the product of two polynomials modulo a third polynomial over the
-     * finite field <tt>GF(2^m)</tt>.
-     *
-     * @param a the first polynomial
-     * @param b the second polynomial
-     * @param g the reduction polynomial
-     * @return <tt>a * b mod g</tt>
-     */
-    private int[] modMultiply(int[] a, int[] b, int[] g)
-    {
-        return mod(multiply(a, b), g);
-    }
-
-    /**
-     * Compute the square root of this polynomial modulo the given polynomial.
-     *
-     * @param a the reduction polynomial
-     * @return <tt>this^(1/2) mod a</tt>
-     */
-    public PolynomialGF2mSmallM modSquareRoot(PolynomialGF2mSmallM a)
-    {
-        int[] resultCoeff = IntUtils.clone(coefficients);
-        int[] help = modMultiply(resultCoeff, resultCoeff, a.coefficients);
-        while (!isEqual(help, coefficients))
-        {
-            resultCoeff = normalForm(help);
-            help = modMultiply(resultCoeff, resultCoeff, a.coefficients);
-        }
-
-        return new PolynomialGF2mSmallM(field, resultCoeff);
-    }
-
-    /**
-     * Compute the square root of this polynomial using a square root matrix.
-     *
-     * @param matrix the matrix for computing square roots in
-     *               <tt>(GF(2^m))^t</tt> the polynomial ring defining the
-     *               square root matrix
-     * @return <tt>this^(1/2)</tt> modulo the reduction polynomial implicitly
-     *         given via the square root matrix
-     */
-    public PolynomialGF2mSmallM modSquareRootMatrix(
-        PolynomialGF2mSmallM[] matrix)
-    {
-
-        int length = matrix.length;
-
-        int[] resultCoeff = new int[length];
-
-        // do matrix multiplication
-        for (int i = 0; i < length; i++)
-        {
-            // compute scalar product of i-th row and j-th column
-            for (int j = 0; j < length; j++)
-            {
-                if (i >= matrix[j].coefficients.length)
-                {
-                    continue;
-                }
-                if (j < coefficients.length)
-                {
-                    int scalarTerm = field.mult(matrix[j].coefficients[i],
-                        coefficients[j]);
-                    resultCoeff[i] = field.add(resultCoeff[i], scalarTerm);
-                }
-            }
-        }
-
-        // compute the square root of each entry of the result coefficients
-        for (int i = 0; i < length; i++)
-        {
-            resultCoeff[i] = field.sqRoot(resultCoeff[i]);
-        }
-
-        return new PolynomialGF2mSmallM(field, resultCoeff);
-    }
-
-    /**
-     * Compute the result of the division of this polynomial by another
-     * polynomial modulo a third polynomial.
-     *
-     * @param divisor the divisor
-     * @param modulus the reduction polynomial
-     * @return <tt>this * divisor^(-1) mod modulus</tt>
-     */
-    public PolynomialGF2mSmallM modDiv(PolynomialGF2mSmallM divisor,
-                                       PolynomialGF2mSmallM modulus)
-    {
-        int[] resultCoeff = modDiv(coefficients, divisor.coefficients,
-            modulus.coefficients);
-        return new PolynomialGF2mSmallM(field, resultCoeff);
-    }
-
-    /**
-     * Compute the result of the division of two polynomials modulo a third
-     * polynomial over the field <tt>GF(2^m)</tt>.
-     *
-     * @param a the first polynomial
-     * @param b the second polynomial
-     * @param g the reduction polynomial
-     * @return <tt>a * b^(-1) mod g</tt>
-     */
-    private int[] modDiv(int[] a, int[] b, int[] g)
-    {
-        int[] r0 = normalForm(g);
-        int[] r1 = mod(b, g);
-        int[] s0 = {0};
-        int[] s1 = mod(a, g);
-        int[] s2;
-        int[][] q;
-        while (computeDegree(r1) != -1)
-        {
-            q = div(r0, r1);
-            r0 = normalForm(r1);
-            r1 = normalForm(q[1]);
-            s2 = add(s0, modMultiply(q[0], s1, g));
-            s0 = normalForm(s1);
-            s1 = normalForm(s2);
-
-        }
-        int hc = headCoefficient(r0);
-        s0 = multWithElement(s0, field.inverse(hc));
-        return s0;
-    }
-
-    /**
-     * Compute the inverse of this polynomial modulo the given polynomial.
-     *
-     * @param a the reduction polynomial
-     * @return <tt>this^(-1) mod a</tt>
-     */
-    public PolynomialGF2mSmallM modInverse(PolynomialGF2mSmallM a)
-    {
-        int[] unit = {1};
-        int[] resultCoeff = modDiv(unit, coefficients, a.coefficients);
-        return new PolynomialGF2mSmallM(field, resultCoeff);
-    }
-
-    /**
-     * Compute a polynomial pair (a,b) from this polynomial and the given
-     * polynomial g with the property b*this = a mod g and deg(a)&lt;=deg(g)/2.
-     *
-     * @param g the reduction polynomial
-     * @return PolynomialGF2mSmallM[] {a,b} with b*this = a mod g and deg(a)&lt;=
-     *         deg(g)/2
-     */
-    public PolynomialGF2mSmallM[] modPolynomialToFracton(PolynomialGF2mSmallM g)
-    {
-        int dg = g.degree >> 1;
-        int[] a0 = normalForm(g.coefficients);
-        int[] a1 = mod(coefficients, g.coefficients);
-        int[] b0 = {0};
-        int[] b1 = {1};
-        while (computeDegree(a1) > dg)
-        {
-            int[][] q = div(a0, a1);
-            a0 = a1;
-            a1 = q[1];
-            int[] b2 = add(b0, modMultiply(q[0], b1, g.coefficients));
-            b0 = b1;
-            b1 = b2;
-        }
-
-        return new PolynomialGF2mSmallM[]{
-            new PolynomialGF2mSmallM(field, a1),
-            new PolynomialGF2mSmallM(field, b1)};
-    }
-
-    /**
-     * checks if given object is equal to this polynomial.
-     * <p>
-     * The method returns false whenever the given object is not polynomial over
-     * GF(2^m).
-     *
-     * @param other object
-     * @return true or false
-     */
-    public boolean equals(Object other)
-    {
-
-        if (other == null || !(other instanceof PolynomialGF2mSmallM))
-        {
-            return false;
-        }
-
-        PolynomialGF2mSmallM p = (PolynomialGF2mSmallM)other;
-
-        if ((field.equals(p.field)) && (degree == p.degree)
-            && (isEqual(coefficients, p.coefficients)))
-        {
-            return true;
-        }
-
-        return false;
-    }
-
-    /**
-     * Compare two polynomials given as int arrays.
-     *
-     * @param a the first polynomial
-     * @param b the second polynomial
-     * @return <tt>true</tt> if <tt>a</tt> and <tt>b</tt> represent the
-     *         same polynomials, <tt>false</tt> otherwise
-     */
-    private static boolean isEqual(int[] a, int[] b)
-    {
-        int da = computeDegree(a);
-        int db = computeDegree(b);
-        if (da != db)
-        {
-            return false;
-        }
-        for (int i = 0; i <= da; i++)
-        {
-            if (a[i] != b[i])
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    /**
-     * @return the hash code of this polynomial
-     */
-    public int hashCode()
-    {
-        int hash = field.hashCode();
-        for (int j = 0; j < coefficients.length; j++)
-        {
-            hash = hash * 31 + coefficients[j];
-        }
-        return hash;
-    }
-
-    /**
-     * Returns a human readable form of the polynomial.
-     *
-     * @return a human readable form of the polynomial.
-     */
-    public String toString()
-    {
-        String str = " Polynomial over " + field.toString() + ": \n";
-
-        for (int i = 0; i < coefficients.length; i++)
-        {
-            str = str + field.elementToStr(coefficients[i]) + "Y^" + i + "+";
-        }
-        str = str + ";";
-
-        return str;
-    }
-
-    /**
-     * Compute the degree of this polynomial. If this is the zero polynomial,
-     * the degree is -1.
-     */
-    private void computeDegree()
-    {
-        for (degree = coefficients.length - 1; degree >= 0
-            && coefficients[degree] == 0; degree--)
-        {
-            ;
-        }
-    }
-
-    /**
-     * Compute the degree of a polynomial.
-     *
-     * @param a the polynomial
-     * @return the degree of the polynomial <tt>a</tt>. If <tt>a</tt> is
-     *         the zero polynomial, return -1.
-     */
-    private static int computeDegree(int[] a)
-    {
-        int degree;
-        for (degree = a.length - 1; degree >= 0 && a[degree] == 0; degree--)
-        {
-            ;
-        }
-        return degree;
-    }
-
-    /**
-     * Strip leading zero coefficients from the given polynomial.
-     *
-     * @param a the polynomial
-     * @return the reduced polynomial
-     */
-    private static int[] normalForm(int[] a)
-    {
-        int d = computeDegree(a);
-
-        // if a is the zero polynomial
-        if (d == -1)
-        {
-            // return new zero polynomial
-            return new int[1];
-        }
-
-        // if a already is in normal form
-        if (a.length == d + 1)
-        {
-            // return a clone of a
-            return IntUtils.clone(a);
-        }
-
-        // else, reduce a
-        int[] result = new int[d + 1];
-        System.arraycopy(a, 0, result, 0, d + 1);
-        return result;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/PolynomialRingGF2.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/PolynomialRingGF2.java
deleted file mode 100644
index a0e2bac..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/PolynomialRingGF2.java
+++ /dev/null

@@ -1,278 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-/**
- * This class describes operations with polynomials over finite field GF(2), i e
- * polynomial ring R = GF(2)[X]. All operations are defined only for polynomials
- * with degree &lt;=32. For the polynomial representation the map f: R-&gt;Z,
- * poly(X)-&gt;poly(2) is used, where integers have the binary representation. For
- * example: X^7+X^3+X+1 -&gt; (00...0010001011)=139 Also for polynomials type
- * Integer is used.
- *
- * @see GF2mField
- */
-public final class PolynomialRingGF2
-{
-
-    /**
-     * Default constructor (private).
-     */
-    private PolynomialRingGF2()
-    {
-        // empty
-    }
-
-    /**
-     * Return sum of two polyomials
-     *
-     * @param p polynomial
-     * @param q polynomial
-     * @return p+q
-     */
-
-    public static int add(int p, int q)
-    {
-        return p ^ q;
-    }
-
-    /**
-     * Return product of two polynomials
-     *
-     * @param p polynomial
-     * @param q polynomial
-     * @return p*q
-     */
-
-    public static long multiply(int p, int q)
-    {
-        long result = 0;
-        if (q != 0)
-        {
-            long q1 = q & 0x00000000ffffffffL;
-
-            while (p != 0)
-            {
-                byte b = (byte)(p & 0x01);
-                if (b == 1)
-                {
-                    result ^= q1;
-                }
-                p >>>= 1;
-                q1 <<= 1;
-
-            }
-        }
-        return result;
-    }
-
-    /**
-     * Compute the product of two polynomials modulo a third polynomial.
-     *
-     * @param a the first polynomial
-     * @param b the second polynomial
-     * @param r the reduction polynomial
-     * @return <tt>a * b mod r</tt>
-     */
-    public static int modMultiply(int a, int b, int r)
-    {
-        int result = 0;
-        int p = remainder(a, r);
-        int q = remainder(b, r);
-        if (q != 0)
-        {
-            int d = 1 << degree(r);
-
-            while (p != 0)
-            {
-                byte pMod2 = (byte)(p & 0x01);
-                if (pMod2 == 1)
-                {
-                    result ^= q;
-                }
-                p >>>= 1;
-                q <<= 1;
-                if (q >= d)
-                {
-                    q ^= r;
-                }
-            }
-        }
-        return result;
-    }
-
-    /**
-     * Return the degree of a polynomial
-     *
-     * @param p polynomial p
-     * @return degree(p)
-     */
-
-    public static int degree(int p)
-    {
-        int result = -1;
-        while (p != 0)
-        {
-            result++;
-            p >>>= 1;
-        }
-        return result;
-    }
-
-    /**
-     * Return the degree of a polynomial
-     *
-     * @param p polynomial p
-     * @return degree(p)
-     */
-
-    public static int degree(long p)
-    {
-        int result = 0;
-        while (p != 0)
-        {
-            result++;
-            p >>>= 1;
-        }
-        return result - 1;
-    }
-
-    /**
-     * Return the remainder of a polynomial division of two polynomials.
-     *
-     * @param p dividend
-     * @param q divisor
-     * @return <tt>p mod q</tt>
-     */
-    public static int remainder(int p, int q)
-    {
-        int result = p;
-
-        if (q == 0)
-        {
-            System.err.println("Error: to be divided by 0");
-            return 0;
-        }
-
-        while (degree(result) >= degree(q))
-        {
-            result ^= q << (degree(result) - degree(q));
-        }
-
-        return result;
-    }
-
-    /**
-     * Return the rest of devision two polynomials
-     *
-     * @param p polinomial
-     * @param q polinomial
-     * @return p mod q
-     */
-
-    public static int rest(long p, int q)
-    {
-        long p1 = p;
-        if (q == 0)
-        {
-            System.err.println("Error: to be divided by 0");
-            return 0;
-        }
-        long q1 = q & 0x00000000ffffffffL;
-        while ((p1 >>> 32) != 0)
-        {
-            p1 ^= q1 << (degree(p1) - degree(q1));
-        }
-
-        int result = (int)(p1 & 0xffffffff);
-        while (degree(result) >= degree(q))
-        {
-            result ^= q << (degree(result) - degree(q));
-        }
-
-        return result;
-    }
-
-    /**
-     * Return the greatest common divisor of two polynomials
-     *
-     * @param p polinomial
-     * @param q polinomial
-     * @return GCD(p, q)
-     */
-
-    public static int gcd(int p, int q)
-    {
-        int a, b, c;
-        a = p;
-        b = q;
-        while (b != 0)
-        {
-            c = remainder(a, b);
-            a = b;
-            b = c;
-
-        }
-        return a;
-    }
-
-    /**
-     * Checking polynomial for irreducibility
-     *
-     * @param p polinomial
-     * @return true if p is irreducible and false otherwise
-     */
-
-    public static boolean isIrreducible(int p)
-    {
-        if (p == 0)
-        {
-            return false;
-        }
-        int d = degree(p) >>> 1;
-        int u = 2;
-        for (int i = 0; i < d; i++)
-        {
-            u = modMultiply(u, u, p);
-            if (gcd(u ^ 2, p) != 1)
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    /**
-     * Creates irreducible polynomial with degree d
-     *
-     * @param deg polynomial degree
-     * @return irreducible polynomial p
-     */
-    public static int getIrreduciblePolynomial(int deg)
-    {
-        if (deg < 0)
-        {
-            System.err.println("The Degree is negative");
-            return 0;
-        }
-        if (deg > 31)
-        {
-            System.err.println("The Degree is more then 31");
-            return 0;
-        }
-        if (deg == 0)
-        {
-            return 1;
-        }
-        int a = 1 << deg;
-        a++;
-        int b = 1 << (deg + 1);
-        for (int i = a; i < b; i += 2)
-        {
-            if (isIrreducible(i))
-            {
-                return i;
-            }
-        }
-        return 0;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/PolynomialRingGF2m.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/PolynomialRingGF2m.java
deleted file mode 100644
index 9e5d413..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/PolynomialRingGF2m.java
+++ /dev/null

@@ -1,175 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-/**
- * This class represents polynomial rings <tt>GF(2^m)[X]/p(X)</tt> for
- * <tt>m&lt;32</tt>. If <tt>p(X)</tt> is irreducible, the polynomial ring
- * is in fact an extension field of <tt>GF(2^m)</tt>.
- */
-public class PolynomialRingGF2m
-{
-
-    /**
-     * the finite field this polynomial ring is defined over
-     */
-    private GF2mField field;
-
-    /**
-     * the reduction polynomial
-     */
-    private PolynomialGF2mSmallM p;
-
-    /**
-     * the squaring matrix for this polynomial ring (given as the array of its
-     * row vectors)
-     */
-    protected PolynomialGF2mSmallM[] sqMatrix;
-
-    /**
-     * the matrix for computing square roots in this polynomial ring (given as
-     * the array of its row vectors). This matrix is computed as the inverse of
-     * the squaring matrix.
-     */
-    protected PolynomialGF2mSmallM[] sqRootMatrix;
-
-    /**
-     * Constructor.
-     *
-     * @param field the finite field
-     * @param p     the reduction polynomial
-     */
-    public PolynomialRingGF2m(GF2mField field, PolynomialGF2mSmallM p)
-    {
-        this.field = field;
-        this.p = p;
-        computeSquaringMatrix();
-        computeSquareRootMatrix();
-    }
-
-    /**
-     * @return the squaring matrix for this polynomial ring
-     */
-    public PolynomialGF2mSmallM[] getSquaringMatrix()
-    {
-        return sqMatrix;
-    }
-
-    /**
-     * @return the matrix for computing square roots for this polynomial ring
-     */
-    public PolynomialGF2mSmallM[] getSquareRootMatrix()
-    {
-        return sqRootMatrix;
-    }
-
-    /**
-     * Compute the squaring matrix for this polynomial ring, using the base
-     * field and the reduction polynomial.
-     */
-    private void computeSquaringMatrix()
-    {
-        int numColumns = p.getDegree();
-        sqMatrix = new PolynomialGF2mSmallM[numColumns];
-        for (int i = 0; i < numColumns >> 1; i++)
-        {
-            int[] monomCoeffs = new int[(i << 1) + 1];
-            monomCoeffs[i << 1] = 1;
-            sqMatrix[i] = new PolynomialGF2mSmallM(field, monomCoeffs);
-        }
-        for (int i = numColumns >> 1; i < numColumns; i++)
-        {
-            int[] monomCoeffs = new int[(i << 1) + 1];
-            monomCoeffs[i << 1] = 1;
-            PolynomialGF2mSmallM monomial = new PolynomialGF2mSmallM(field,
-                monomCoeffs);
-            sqMatrix[i] = monomial.mod(p);
-        }
-    }
-
-    /**
-     * Compute the matrix for computing square roots in this polynomial ring by
-     * inverting the squaring matrix.
-     */
-    private void computeSquareRootMatrix()
-    {
-        int numColumns = p.getDegree();
-
-        // clone squaring matrix
-        PolynomialGF2mSmallM[] tmpMatrix = new PolynomialGF2mSmallM[numColumns];
-        for (int i = numColumns - 1; i >= 0; i--)
-        {
-            tmpMatrix[i] = new PolynomialGF2mSmallM(sqMatrix[i]);
-        }
-
-        // initialize square root matrix as unit matrix
-        sqRootMatrix = new PolynomialGF2mSmallM[numColumns];
-        for (int i = numColumns - 1; i >= 0; i--)
-        {
-            sqRootMatrix[i] = new PolynomialGF2mSmallM(field, i);
-        }
-
-        // simultaneously compute Gaussian reduction of squaring matrix and unit
-        // matrix
-        for (int i = 0; i < numColumns; i++)
-        {
-            // if diagonal element is zero
-            if (tmpMatrix[i].getCoefficient(i) == 0)
-            {
-                boolean foundNonZero = false;
-                // find a non-zero element in the same row
-                for (int j = i + 1; j < numColumns; j++)
-                {
-                    if (tmpMatrix[j].getCoefficient(i) != 0)
-                    {
-                        // found it, swap columns ...
-                        foundNonZero = true;
-                        swapColumns(tmpMatrix, i, j);
-                        swapColumns(sqRootMatrix, i, j);
-                        // ... and quit searching
-                        j = numColumns;
-                        continue;
-                    }
-                }
-                // if no non-zero element was found
-                if (!foundNonZero)
-                {
-                    // the matrix is not invertible
-                    throw new ArithmeticException(
-                        "Squaring matrix is not invertible.");
-                }
-            }
-
-            // normalize i-th column
-            int coef = tmpMatrix[i].getCoefficient(i);
-            int invCoef = field.inverse(coef);
-            tmpMatrix[i].multThisWithElement(invCoef);
-            sqRootMatrix[i].multThisWithElement(invCoef);
-
-            // normalize all other columns
-            for (int j = 0; j < numColumns; j++)
-            {
-                if (j != i)
-                {
-                    coef = tmpMatrix[j].getCoefficient(i);
-                    if (coef != 0)
-                    {
-                        PolynomialGF2mSmallM tmpSqColumn = tmpMatrix[i]
-                            .multWithElement(coef);
-                        PolynomialGF2mSmallM tmpInvColumn = sqRootMatrix[i]
-                            .multWithElement(coef);
-                        tmpMatrix[j].addToThis(tmpSqColumn);
-                        sqRootMatrix[j].addToThis(tmpInvColumn);
-                    }
-                }
-            }
-        }
-    }
-
-    private static void swapColumns(PolynomialGF2mSmallM[] matrix, int first,
-                                    int second)
-    {
-        PolynomialGF2mSmallM tmp = matrix[first];
-        matrix[first] = matrix[second];
-        matrix[second] = tmp;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/RandUtils.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/RandUtils.java
deleted file mode 100644
index dbb1d4a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/RandUtils.java
+++ /dev/null

@@ -1,25 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-import java.security.SecureRandom;
-
-public class RandUtils
-{
-    static int nextInt(SecureRandom rand, int n)
-    {
-
-        if ((n & -n) == n)  // i.e., n is a power of 2
-        {
-            return (int)((n * (long)(rand.nextInt() >>> 1)) >> 31);
-        }
-
-        int bits, value;
-        do
-        {
-            bits = rand.nextInt() >>> 1;
-            value = bits % n;
-        }
-        while (bits - value + (n - 1) < 0);
-
-        return value;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/Vector.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/Vector.java
deleted file mode 100644
index 7e17164..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/linearalgebra/Vector.java
+++ /dev/null

@@ -1,69 +0,0 @@
-package org.bouncycastle.pqc.math.linearalgebra;
-
-/**
- * This abstract class defines vectors. It holds the length of vector.
- */
-public abstract class Vector
-{
-
-    /**
-     * the length of this vector
-     */
-    protected int length;
-
-    /**
-     * @return the length of this vector
-     */
-    public final int getLength()
-    {
-        return length;
-    }
-
-    /**
-     * @return this vector as byte array
-     */
-    public abstract byte[] getEncoded();
-
-    /**
-     * Return whether this is the zero vector (i.e., all elements are zero).
-     *
-     * @return <tt>true</tt> if this is the zero vector, <tt>false</tt>
-     *         otherwise
-     */
-    public abstract boolean isZero();
-
-    /**
-     * Add another vector to this vector.
-     *
-     * @param addend the other vector
-     * @return <tt>this + addend</tt>
-     */
-    public abstract Vector add(Vector addend);
-
-    /**
-     * Multiply this vector with a permutation.
-     *
-     * @param p the permutation
-     * @return <tt>this*p = p*this</tt>
-     */
-    public abstract Vector multiply(Permutation p);
-
-    /**
-     * Check if the given object is equal to this vector.
-     *
-     * @param other vector
-     * @return the result of the comparison
-     */
-    public abstract boolean equals(Object other);
-
-    /**
-     * @return the hash code of this vector
-     */
-    public abstract int hashCode();
-
-    /**
-     * @return a human readable form of this vector
-     */
-    public abstract String toString();
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/euclid/BigIntEuclidean.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/euclid/BigIntEuclidean.java
deleted file mode 100644
index 5fb3058..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/euclid/BigIntEuclidean.java
+++ /dev/null

@@ -1,54 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.euclid;
-
-import java.math.BigInteger;
-
-/**
- * Extended Euclidean Algorithm in <code>BigInteger</code>s
- */
-public class BigIntEuclidean
-{
-    public BigInteger x, y, gcd;
-
-    private BigIntEuclidean()
-    {
-    }
-
-    /**
-     * Runs the EEA on two <code>BigInteger</code>s<br>
-     * Implemented from pseudocode on <a href="http://en.wikipedia.org/wiki/Extended_Euclidean_algorithm">Wikipedia</a>.
-     *
-     * @param a
-     * @param b
-     * @return a <code>BigIntEuclidean</code> object that contains the result in the variables <code>x</code>, <code>y</code>, and <code>gcd</code>
-     */
-    public static BigIntEuclidean calculate(BigInteger a, BigInteger b)
-    {
-        BigInteger x = BigInteger.ZERO;
-        BigInteger lastx = BigInteger.ONE;
-        BigInteger y = BigInteger.ONE;
-        BigInteger lasty = BigInteger.ZERO;
-        while (!b.equals(BigInteger.ZERO))
-        {
-            BigInteger[] quotientAndRemainder = a.divideAndRemainder(b);
-            BigInteger quotient = quotientAndRemainder[0];
-
-            BigInteger temp = a;
-            a = b;
-            b = quotientAndRemainder[1];
-
-            temp = x;
-            x = lastx.subtract(quotient.multiply(x));
-            lastx = temp;
-
-            temp = y;
-            y = lasty.subtract(quotient.multiply(y));
-            lasty = temp;
-        }
-
-        BigIntEuclidean result = new BigIntEuclidean();
-        result.x = lastx;
-        result.y = lasty;
-        result.gcd = a;
-        return result;
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/euclid/IntEuclidean.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/euclid/IntEuclidean.java
deleted file mode 100644
index c959a26..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/euclid/IntEuclidean.java
+++ /dev/null

@@ -1,51 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.euclid;
-
-/**
- * Extended Euclidean Algorithm in <code>int</code>s
- */
-public class IntEuclidean
-{
-    public int x, y, gcd;
-
-    private IntEuclidean()
-    {
-    }
-
-    /**
-     * Runs the EEA on two <code>int</code>s<br>
-     * Implemented from pseudocode on <a href="http://en.wikipedia.org/wiki/Extended_Euclidean_algorithm">Wikipedia</a>.
-     *
-     * @param a
-     * @param b
-     * @return a <code>IntEuclidean</code> object that contains the result in the variables <code>x</code>, <code>y</code>, and <code>gcd</code>
-     */
-    public static IntEuclidean calculate(int a, int b)
-    {
-        int x = 0;
-        int lastx = 1;
-        int y = 1;
-        int lasty = 0;
-        while (b != 0)
-        {
-            int quotient = a / b;
-
-            int temp = a;
-            a = b;
-            b = temp % b;
-
-            temp = x;
-            x = lastx - quotient * x;
-            lastx = temp;
-
-            temp = y;
-            y = lasty - quotient * y;
-            lasty = temp;
-        }
-
-        IntEuclidean result = new IntEuclidean();
-        result.x = lastx;
-        result.y = lasty;
-        result.gcd = a;
-        return result;
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/euclid/test/AllTests.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/euclid/test/AllTests.java
deleted file mode 100644
index 5764981..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/euclid/test/AllTests.java
+++ /dev/null

@@ -1,44 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.euclid.test;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-
-public class AllTests
-    extends TestCase
-{
-    public static void main (String[] args)
-    {
-        junit.textui.TestRunner.run(suite());
-    }
-    
-    public static Test suite()
-    {
-        TestSuite suite = new TestSuite("NTRU Euclid Tests");
-        
-        suite.addTestSuite(BigIntEuclideanTest.class);
-        suite.addTestSuite(IntEuclideanTest.class);
-
-        return new BCTestSetup(suite);
-    }
-
-    static class BCTestSetup
-        extends TestSetup
-    {
-        public BCTestSetup(Test test)
-        {
-            super(test);
-        }
-
-        protected void setUp()
-        {
-
-        }
-
-        protected void tearDown()
-        {
-
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/euclid/test/BigIntEuclideanTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/euclid/test/BigIntEuclideanTest.java
deleted file mode 100644
index 2cb9467..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/euclid/test/BigIntEuclideanTest.java
+++ /dev/null

@@ -1,23 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.euclid.test;
-
-import java.math.BigInteger;
-
-import junit.framework.TestCase;
-import org.bouncycastle.pqc.math.ntru.euclid.BigIntEuclidean;
-
-public class BigIntEuclideanTest
-    extends TestCase
-{
-    public void testCalculate()
-    {
-        BigIntEuclidean r = BigIntEuclidean.calculate(BigInteger.valueOf(120), BigInteger.valueOf(23));
-        assertEquals(BigInteger.valueOf(-9), r.x);
-        assertEquals(BigInteger.valueOf(47), r.y);
-        assertEquals(BigInteger.valueOf(1), r.gcd);
-
-        r = BigIntEuclidean.calculate(BigInteger.valueOf(126), BigInteger.valueOf(231));
-        assertEquals(BigInteger.valueOf(2), r.x);
-        assertEquals(BigInteger.valueOf(-1), r.y);
-        assertEquals(BigInteger.valueOf(21), r.gcd);
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/euclid/test/IntEuclideanTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/euclid/test/IntEuclideanTest.java
deleted file mode 100644
index ab2ba25..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/euclid/test/IntEuclideanTest.java
+++ /dev/null

@@ -1,43 +0,0 @@
-/**
- * Copyright (c) 2011 Tim Buktu (tbuktu@hotmail.com)
- *
- * Permission is hereby granted, free of charge, to any person obtaining a
- * copy of this software and associated documentation files (the "Software"),
- * to deal in the Software without restriction, including without limitation
- * the rights to use, copy, modify, merge, publish, distribute, sublicense,
- * and/or sell copies of the Software, and to permit persons to whom the
- * Software is furnished to do so, subject to the following conditions:
- *
- * The above copyright notice and this permission notice shall be included in
- * all copies or substantial portions of the Software.
- *
- * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
- * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
- * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
- * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
- * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
- * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
- * DEALINGS IN THE SOFTWARE.
- */
-
-package org.bouncycastle.pqc.math.ntru.euclid.test;
-
-import junit.framework.TestCase;
-import org.bouncycastle.pqc.math.ntru.euclid.IntEuclidean;
-
-public class IntEuclideanTest
-    extends TestCase
-{
-    public void testCalculate()
-    {
-        IntEuclidean r = IntEuclidean.calculate(120, 23);
-        assertEquals(-9, r.x);
-        assertEquals(47, r.y);
-        assertEquals(1, r.gcd);
-
-        r = IntEuclidean.calculate(126, 231);
-        assertEquals(2, r.x);
-        assertEquals(-1, r.y);
-        assertEquals(21, r.gcd);
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/BigDecimalPolynomial.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/BigDecimalPolynomial.java
deleted file mode 100644
index 697f51a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/BigDecimalPolynomial.java
+++ /dev/null

@@ -1,258 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.polynomial;
-
-import java.math.BigDecimal;
-
-/**
- * A polynomial with {@link BigDecimal} coefficients.
- * Some methods (like <code>add</code>) change the polynomial, others (like <code>mult</code>) do
- * not but return the result as a new polynomial.
- */
-public class BigDecimalPolynomial
-{
-    private static final BigDecimal ZERO = new BigDecimal("0");
-    private static final BigDecimal ONE_HALF = new BigDecimal("0.5");
-
-    BigDecimal[] coeffs;
-
-    /**
-     * Constructs a new polynomial with <code>N</code> coefficients initialized to 0.
-     *
-     * @param N the number of coefficients
-     */
-    BigDecimalPolynomial(int N)
-    {
-        coeffs = new BigDecimal[N];
-        for (int i = 0; i < N; i++)
-        {
-            coeffs[i] = ZERO;
-        }
-    }
-
-    /**
-     * Constructs a new polynomial with a given set of coefficients.
-     *
-     * @param coeffs the coefficients
-     */
-    BigDecimalPolynomial(BigDecimal[] coeffs)
-    {
-        this.coeffs = coeffs;
-    }
-
-    /**
-     * Constructs a <code>BigDecimalPolynomial</code> from a <code>BigIntPolynomial</code>. The two polynomials are independent of each other.
-     *
-     * @param p the original polynomial
-     */
-    public BigDecimalPolynomial(BigIntPolynomial p)
-    {
-        int N = p.coeffs.length;
-        coeffs = new BigDecimal[N];
-        for (int i = 0; i < N; i++)
-        {
-            coeffs[i] = new BigDecimal(p.coeffs[i]);
-        }
-    }
-
-    /**
-     * Divides all coefficients by 2.
-     */
-    public void halve()
-    {
-        for (int i = 0; i < coeffs.length; i++)
-        {
-            coeffs[i] = coeffs[i].multiply(ONE_HALF);
-        }
-    }
-
-    /**
-     * Multiplies the polynomial by another. Does not change this polynomial
-     * but returns the result as a new polynomial.
-     *
-     * @param poly2 the polynomial to multiply by
-     * @return a new polynomial
-     */
-    public BigDecimalPolynomial mult(BigIntPolynomial poly2)
-    {
-        return mult(new BigDecimalPolynomial(poly2));
-    }
-
-    /**
-     * Multiplies the polynomial by another, taking the indices mod N. Does not
-     * change this polynomial but returns the result as a new polynomial.
-     *
-     * @param poly2 the polynomial to multiply by
-     * @return a new polynomial
-     */
-    public BigDecimalPolynomial mult(BigDecimalPolynomial poly2)
-    {
-        int N = coeffs.length;
-        if (poly2.coeffs.length != N)
-        {
-            throw new IllegalArgumentException("Number of coefficients must be the same");
-        }
-
-        BigDecimalPolynomial c = multRecursive(poly2);
-
-        if (c.coeffs.length > N)
-        {
-            for (int k = N; k < c.coeffs.length; k++)
-            {
-                c.coeffs[k - N] = c.coeffs[k - N].add(c.coeffs[k]);
-            }
-            c.coeffs = copyOf(c.coeffs, N);
-        }
-        return c;
-    }
-
-    /**
-     * Karazuba multiplication
-     */
-    private BigDecimalPolynomial multRecursive(BigDecimalPolynomial poly2)
-    {
-        BigDecimal[] a = coeffs;
-        BigDecimal[] b = poly2.coeffs;
-
-        int n = poly2.coeffs.length;
-        if (n <= 1)
-        {
-            BigDecimal[] c = coeffs.clone();
-            for (int i = 0; i < coeffs.length; i++)
-            {
-                c[i] = c[i].multiply(poly2.coeffs[0]);
-            }
-            return new BigDecimalPolynomial(c);
-        }
-        else
-        {
-            int n1 = n / 2;
-
-            BigDecimalPolynomial a1 = new BigDecimalPolynomial(copyOf(a, n1));
-            BigDecimalPolynomial a2 = new BigDecimalPolynomial(copyOfRange(a, n1, n));
-            BigDecimalPolynomial b1 = new BigDecimalPolynomial(copyOf(b, n1));
-            BigDecimalPolynomial b2 = new BigDecimalPolynomial(copyOfRange(b, n1, n));
-
-            BigDecimalPolynomial A = (BigDecimalPolynomial)a1.clone();
-            A.add(a2);
-            BigDecimalPolynomial B = (BigDecimalPolynomial)b1.clone();
-            B.add(b2);
-
-            BigDecimalPolynomial c1 = a1.multRecursive(b1);
-            BigDecimalPolynomial c2 = a2.multRecursive(b2);
-            BigDecimalPolynomial c3 = A.multRecursive(B);
-            c3.sub(c1);
-            c3.sub(c2);
-
-            BigDecimalPolynomial c = new BigDecimalPolynomial(2 * n - 1);
-            for (int i = 0; i < c1.coeffs.length; i++)
-            {
-                c.coeffs[i] = c1.coeffs[i];
-            }
-            for (int i = 0; i < c3.coeffs.length; i++)
-            {
-                c.coeffs[n1 + i] = c.coeffs[n1 + i].add(c3.coeffs[i]);
-            }
-            for (int i = 0; i < c2.coeffs.length; i++)
-            {
-                c.coeffs[2 * n1 + i] = c.coeffs[2 * n1 + i].add(c2.coeffs[i]);
-            }
-            return c;
-        }
-    }
-
-    /**
-     * Adds another polynomial which can have a different number of coefficients.
-     *
-     * @param b another polynomial
-     */
-    public void add(BigDecimalPolynomial b)
-    {
-        if (b.coeffs.length > coeffs.length)
-        {
-            int N = coeffs.length;
-            coeffs = copyOf(coeffs, b.coeffs.length);
-            for (int i = N; i < coeffs.length; i++)
-            {
-                coeffs[i] = ZERO;
-            }
-        }
-        for (int i = 0; i < b.coeffs.length; i++)
-        {
-            coeffs[i] = coeffs[i].add(b.coeffs[i]);
-        }
-    }
-
-    /**
-     * Subtracts another polynomial which can have a different number of coefficients.
-     *
-     * @param b
-     */
-    void sub(BigDecimalPolynomial b)
-    {
-        if (b.coeffs.length > coeffs.length)
-        {
-            int N = coeffs.length;
-            coeffs = copyOf(coeffs, b.coeffs.length);
-            for (int i = N; i < coeffs.length; i++)
-            {
-                coeffs[i] = ZERO;
-            }
-        }
-        for (int i = 0; i < b.coeffs.length; i++)
-        {
-            coeffs[i] = coeffs[i].subtract(b.coeffs[i]);
-        }
-    }
-
-    /**
-     * Rounds all coefficients to the nearest integer.
-     *
-     * @return a new polynomial with <code>BigInteger</code> coefficients
-     */
-    public BigIntPolynomial round()
-    {
-        int N = coeffs.length;
-        BigIntPolynomial p = new BigIntPolynomial(N);
-        for (int i = 0; i < N; i++)
-        {
-            p.coeffs[i] = coeffs[i].setScale(0, BigDecimal.ROUND_HALF_EVEN).toBigInteger();
-        }
-        return p;
-    }
-
-    /**
-     * Makes a copy of the polynomial that is independent of the original.
-     */
-    public Object clone()
-    {
-        return new BigDecimalPolynomial(coeffs.clone());
-    }
-
-    private BigDecimal[] copyOf(BigDecimal[] a, int length)
-    {
-        BigDecimal[] tmp = new BigDecimal[length];
-
-        System.arraycopy(a, 0, tmp, 0, a.length < length ? a.length : length);
-
-        return tmp;
-    }
-
-    private BigDecimal[] copyOfRange(BigDecimal[] a, int from, int to)
-    {
-        int          newLength = to - from;
-        BigDecimal[] tmp = new BigDecimal[to - from];
-
-        System.arraycopy(a, from, tmp, 0, (a.length - from) < newLength ? (a.length - from) : newLength);
-
-        return tmp;
-    }
-
-    public BigDecimal[] getCoeffs()
-    {
-        BigDecimal[] tmp = new BigDecimal[coeffs.length];
-
-        System.arraycopy(coeffs, 0, tmp, 0, coeffs.length);
-
-        return tmp;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/BigIntPolynomial.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/BigIntPolynomial.java
deleted file mode 100644
index 604d7b4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/BigIntPolynomial.java
+++ /dev/null

@@ -1,394 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.polynomial;
-
-import java.math.BigDecimal;
-import java.math.BigInteger;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-
-import org.bouncycastle.crypto.CryptoServicesRegistrar;
-import org.bouncycastle.util.Arrays;
-
-/**
- * A polynomial with {@link BigInteger} coefficients.<br>
- * Some methods (like <code>add</code>) change the polynomial, others (like <code>mult</code>) do
- * not but return the result as a new polynomial.
- */
-public class BigIntPolynomial
-{
-    private final static double LOG_10_2 = Math.log10(2);
-
-    BigInteger[] coeffs;
-
-    /**
-     * Constructs a new polynomial with <code>N</code> coefficients initialized to 0.
-     *
-     * @param N the number of coefficients
-     */
-    BigIntPolynomial(int N)
-    {
-        coeffs = new BigInteger[N];
-        for (int i = 0; i < N; i++)
-        {
-            coeffs[i] = Constants.BIGINT_ZERO;
-        }
-    }
-
-    /**
-     * Constructs a new polynomial with a given set of coefficients.
-     *
-     * @param coeffs the coefficients
-     */
-    BigIntPolynomial(BigInteger[] coeffs)
-    {
-        this.coeffs = coeffs;
-    }
-
-    /**
-     * Constructs a <code>BigIntPolynomial</code> from a <code>IntegerPolynomial</code>. The two polynomials are
-     * independent of each other.
-     *
-     * @param p the original polynomial
-     */
-    public BigIntPolynomial(IntegerPolynomial p)
-    {
-        coeffs = new BigInteger[p.coeffs.length];
-        for (int i = 0; i < coeffs.length; i++)
-        {
-            coeffs[i] = BigInteger.valueOf(p.coeffs[i]);
-        }
-    }
-
-    /**
-     * Generates a random polynomial with <code>numOnes</code> coefficients equal to 1,
-     * <code>numNegOnes</code> coefficients equal to -1, and the rest equal to 0.
-     *
-     * @param N          number of coefficients
-     * @param numOnes    number of 1's
-     * @param numNegOnes number of -1's
-     * @return a random polynomial.
-     */
-    static BigIntPolynomial generateRandomSmall(int N, int numOnes, int numNegOnes)
-    {
-        List coeffs = new ArrayList();
-        for (int i = 0; i < numOnes; i++)
-        {
-            coeffs.add(Constants.BIGINT_ONE);
-        }
-        for (int i = 0; i < numNegOnes; i++)
-        {
-            coeffs.add(BigInteger.valueOf(-1));
-        }
-        while (coeffs.size() < N)
-        {
-            coeffs.add(Constants.BIGINT_ZERO);
-        }
-        Collections.shuffle(coeffs, CryptoServicesRegistrar.getSecureRandom());
-
-        BigIntPolynomial poly = new BigIntPolynomial(N);
-        for (int i = 0; i < coeffs.size(); i++)
-        {
-            poly.coeffs[i] = (BigInteger)coeffs.get(i);
-        }
-        return poly;
-    }
-
-    /**
-     * Multiplies the polynomial by another, taking the indices mod N. Does not
-     * change this polynomial but returns the result as a new polynomial.<br>
-     * Both polynomials must have the same number of coefficients.
-     *
-     * @param poly2 the polynomial to multiply by
-     * @return a new polynomial
-     */
-    public BigIntPolynomial mult(BigIntPolynomial poly2)
-    {
-        int N = coeffs.length;
-        if (poly2.coeffs.length != N)
-        {
-            throw new IllegalArgumentException("Number of coefficients must be the same");
-        }
-
-        BigIntPolynomial c = multRecursive(poly2);
-
-        if (c.coeffs.length > N)
-        {
-            for (int k = N; k < c.coeffs.length; k++)
-            {
-                c.coeffs[k - N] = c.coeffs[k - N].add(c.coeffs[k]);
-            }
-            c.coeffs = Arrays.copyOf(c.coeffs, N);
-        }
-        return c;
-    }
-
-    /**
-     * Karazuba multiplication
-     */
-    private BigIntPolynomial multRecursive(BigIntPolynomial poly2)
-    {
-        BigInteger[] a = coeffs;
-        BigInteger[] b = poly2.coeffs;
-
-        int n = poly2.coeffs.length;
-        if (n <= 1)
-        {
-            BigInteger[] c = Arrays.clone(coeffs);
-            for (int i = 0; i < coeffs.length; i++)
-            {
-                c[i] = c[i].multiply(poly2.coeffs[0]);
-            }
-            return new BigIntPolynomial(c);
-        }
-        else
-        {
-            int n1 = n / 2;
-
-            BigIntPolynomial a1 = new BigIntPolynomial(Arrays.copyOf(a, n1));
-            BigIntPolynomial a2 = new BigIntPolynomial(Arrays.copyOfRange(a, n1, n));
-            BigIntPolynomial b1 = new BigIntPolynomial(Arrays.copyOf(b, n1));
-            BigIntPolynomial b2 = new BigIntPolynomial(Arrays.copyOfRange(b, n1, n));
-
-            BigIntPolynomial A = (BigIntPolynomial)a1.clone();
-            A.add(a2);
-            BigIntPolynomial B = (BigIntPolynomial)b1.clone();
-            B.add(b2);
-
-            BigIntPolynomial c1 = a1.multRecursive(b1);
-            BigIntPolynomial c2 = a2.multRecursive(b2);
-            BigIntPolynomial c3 = A.multRecursive(B);
-            c3.sub(c1);
-            c3.sub(c2);
-
-            BigIntPolynomial c = new BigIntPolynomial(2 * n - 1);
-            for (int i = 0; i < c1.coeffs.length; i++)
-            {
-                c.coeffs[i] = c1.coeffs[i];
-            }
-            for (int i = 0; i < c3.coeffs.length; i++)
-            {
-                c.coeffs[n1 + i] = c.coeffs[n1 + i].add(c3.coeffs[i]);
-            }
-            for (int i = 0; i < c2.coeffs.length; i++)
-            {
-                c.coeffs[2 * n1 + i] = c.coeffs[2 * n1 + i].add(c2.coeffs[i]);
-            }
-            return c;
-        }
-    }
-
-    /**
-     * Adds another polynomial which can have a different number of coefficients,
-     * and takes the coefficient values mod <code>modulus</code>.
-     *
-     * @param b another polynomial
-     */
-    void add(BigIntPolynomial b, BigInteger modulus)
-    {
-        add(b);
-        mod(modulus);
-    }
-
-    /**
-     * Adds another polynomial which can have a different number of coefficients.
-     *
-     * @param b another polynomial
-     */
-    public void add(BigIntPolynomial b)
-    {
-        if (b.coeffs.length > coeffs.length)
-        {
-            int N = coeffs.length;
-            coeffs = Arrays.copyOf(coeffs, b.coeffs.length);
-            for (int i = N; i < coeffs.length; i++)
-            {
-                coeffs[i] = Constants.BIGINT_ZERO;
-            }
-        }
-        for (int i = 0; i < b.coeffs.length; i++)
-        {
-            coeffs[i] = coeffs[i].add(b.coeffs[i]);
-        }
-    }
-
-    /**
-     * Subtracts another polynomial which can have a different number of coefficients.
-     *
-     * @param b another polynomial
-     */
-    public void sub(BigIntPolynomial b)
-    {
-        if (b.coeffs.length > coeffs.length)
-        {
-            int N = coeffs.length;
-            coeffs = Arrays.copyOf(coeffs, b.coeffs.length);
-            for (int i = N; i < coeffs.length; i++)
-            {
-                coeffs[i] = Constants.BIGINT_ZERO;
-            }
-        }
-        for (int i = 0; i < b.coeffs.length; i++)
-        {
-            coeffs[i] = coeffs[i].subtract(b.coeffs[i]);
-        }
-    }
-
-    /**
-     * Multiplies each coefficient by a <code>BigInteger</code>. Does not return a new polynomial but modifies this polynomial.
-     *
-     * @param factor
-     */
-    public void mult(BigInteger factor)
-    {
-        for (int i = 0; i < coeffs.length; i++)
-        {
-            coeffs[i] = coeffs[i].multiply(factor);
-        }
-    }
-
-    /**
-     * Multiplies each coefficient by a <code>int</code>. Does not return a new polynomial but modifies this polynomial.
-     *
-     * @param factor
-     */
-    void mult(int factor)
-    {
-        mult(BigInteger.valueOf(factor));
-    }
-
-    /**
-     * Divides each coefficient by a <code>BigInteger</code> and rounds the result to the nearest whole number.<br>
-     * Does not return a new polynomial but modifies this polynomial.
-     *
-     * @param divisor the number to divide by
-     */
-    public void div(BigInteger divisor)
-    {
-        BigInteger d = divisor.add(Constants.BIGINT_ONE).divide(BigInteger.valueOf(2));
-        for (int i = 0; i < coeffs.length; i++)
-        {
-            coeffs[i] = coeffs[i].compareTo(Constants.BIGINT_ZERO) > 0 ? coeffs[i].add(d) : coeffs[i].add(d.negate());
-            coeffs[i] = coeffs[i].divide(divisor);
-        }
-    }
-
-    /**
-     * Divides each coefficient by a <code>BigDecimal</code> and rounds the result to <code>decimalPlaces</code> places.
-     *
-     * @param divisor       the number to divide by
-     * @param decimalPlaces the number of fractional digits to round the result to
-     * @return a new <code>BigDecimalPolynomial</code>
-     */
-    public BigDecimalPolynomial div(BigDecimal divisor, int decimalPlaces)
-    {
-        BigInteger max = maxCoeffAbs();
-        int coeffLength = (int)(max.bitLength() * LOG_10_2) + 1;
-        // factor = 1/divisor
-        BigDecimal factor = Constants.BIGDEC_ONE.divide(divisor, coeffLength + decimalPlaces + 1, BigDecimal.ROUND_HALF_EVEN);
-
-        // multiply each coefficient by factor
-        BigDecimalPolynomial p = new BigDecimalPolynomial(coeffs.length);
-        for (int i = 0; i < coeffs.length; i++)
-        // multiply, then truncate after decimalPlaces so subsequent operations aren't slowed down
-        {
-            p.coeffs[i] = new BigDecimal(coeffs[i]).multiply(factor).setScale(decimalPlaces, BigDecimal.ROUND_HALF_EVEN);
-        }
-
-        return p;
-    }
-
-    /**
-     * Returns the base10 length of the largest coefficient.
-     *
-     * @return length of the longest coefficient
-     */
-    public int getMaxCoeffLength()
-    {
-        return (int)(maxCoeffAbs().bitLength() * LOG_10_2) + 1;
-    }
-
-    private BigInteger maxCoeffAbs()
-    {
-        BigInteger max = coeffs[0].abs();
-        for (int i = 1; i < coeffs.length; i++)
-        {
-            BigInteger coeff = coeffs[i].abs();
-            if (coeff.compareTo(max) > 0)
-            {
-                max = coeff;
-            }
-        }
-        return max;
-    }
-
-    /**
-     * Takes each coefficient modulo a number.
-     *
-     * @param modulus
-     */
-    public void mod(BigInteger modulus)
-    {
-        for (int i = 0; i < coeffs.length; i++)
-        {
-            coeffs[i] = coeffs[i].mod(modulus);
-        }
-    }
-
-    /**
-     * Returns the sum of all coefficients, i.e. evaluates the polynomial at 0.
-     *
-     * @return the sum of all coefficients
-     */
-    BigInteger sumCoeffs()
-    {
-        BigInteger sum = Constants.BIGINT_ZERO;
-        for (int i = 0; i < coeffs.length; i++)
-        {
-            sum = sum.add(coeffs[i]);
-        }
-        return sum;
-    }
-
-    /**
-     * Makes a copy of the polynomial that is independent of the original.
-     */
-    public Object clone()
-    {
-        return new BigIntPolynomial(coeffs.clone());
-    }
-
-    public int hashCode()
-    {
-        final int prime = 31;
-        int result = 1;
-        result = prime * result + Arrays.hashCode(coeffs);
-        return result;
-    }
-
-    public boolean equals(Object obj)
-    {
-        if (this == obj)
-        {
-            return true;
-        }
-        if (obj == null)
-        {
-            return false;
-        }
-        if (getClass() != obj.getClass())
-        {
-            return false;
-        }
-        BigIntPolynomial other = (BigIntPolynomial)obj;
-        if (!Arrays.areEqual(coeffs, other.coeffs))
-        {
-            return false;
-        }
-        return true;
-    }
-
-    public BigInteger[] getCoeffs()
-    {
-        return Arrays.clone(coeffs);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/Constants.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/Constants.java
deleted file mode 100644
index 2b41b19..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/Constants.java
+++ /dev/null

@@ -1,12 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.polynomial;
-
-import java.math.BigDecimal;
-import java.math.BigInteger;
-
-public class Constants
-{
-    static final BigInteger BIGINT_ZERO = BigInteger.valueOf(0);
-    static final BigInteger BIGINT_ONE = BigInteger.valueOf(1);
-
-    static final BigDecimal BIGDEC_ONE = BigDecimal.valueOf(1);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/DenseTernaryPolynomial.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/DenseTernaryPolynomial.java
deleted file mode 100644
index 85730da..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/DenseTernaryPolynomial.java
+++ /dev/null

@@ -1,142 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.polynomial;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.pqc.math.ntru.util.Util;
-import org.bouncycastle.util.Arrays;
-
-/**
- * A <code>TernaryPolynomial</code> with a "high" number of nonzero coefficients.
- */
-public class DenseTernaryPolynomial
-    extends IntegerPolynomial
-    implements TernaryPolynomial
-{
-
-    /**
-     * Constructs a new <code>DenseTernaryPolynomial</code> with <code>N</code> coefficients.
-     *
-     * @param N the number of coefficients
-     */
-    DenseTernaryPolynomial(int N)
-    {
-        super(N);
-        checkTernarity();
-    }
-
-    /**
-     * Constructs a <code>DenseTernaryPolynomial</code> from a <code>IntegerPolynomial</code>. The two polynomials are
-     * independent of each other.
-     *
-     * @param intPoly the original polynomial
-     */
-    public DenseTernaryPolynomial(IntegerPolynomial intPoly)
-    {
-        this(intPoly.coeffs);
-    }
-
-    /**
-     * Constructs a new <code>DenseTernaryPolynomial</code> with a given set of coefficients.
-     *
-     * @param coeffs the coefficients
-     */
-    public DenseTernaryPolynomial(int[] coeffs)
-    {
-        super(coeffs);
-        checkTernarity();
-    }
-
-    private void checkTernarity()
-    {
-        for (int i = 0; i != coeffs.length; i++)
-        {
-            int c = coeffs[i];
-            if (c < -1 || c > 1)
-            {
-                throw new IllegalStateException("Illegal value: " + c + ", must be one of {-1, 0, 1}");
-            }
-        }
-    }
-
-    /**
-     * Generates a random polynomial with <code>numOnes</code> coefficients equal to 1,
-     * <code>numNegOnes</code> coefficients equal to -1, and the rest equal to 0.
-     *
-     * @param N          number of coefficients
-     * @param numOnes    number of 1's
-     * @param numNegOnes number of -1's
-     */
-    public static DenseTernaryPolynomial generateRandom(int N, int numOnes, int numNegOnes, SecureRandom random)
-    {
-        int[] coeffs = Util.generateRandomTernary(N, numOnes, numNegOnes, random);
-        return new DenseTernaryPolynomial(coeffs);
-    }
-
-    /**
-     * Generates a polynomial with coefficients randomly selected from <code>{-1, 0, 1}</code>.
-     *
-     * @param N number of coefficients
-     */
-    public static DenseTernaryPolynomial generateRandom(int N, SecureRandom random)
-    {
-        DenseTernaryPolynomial poly = new DenseTernaryPolynomial(N);
-        for (int i = 0; i < N; i++)
-        {
-            poly.coeffs[i] = random.nextInt(3) - 1;
-        }
-        return poly;
-    }
-
-    public IntegerPolynomial mult(IntegerPolynomial poly2, int modulus)
-    {
-        // even on 32-bit systems, LongPolynomial5 multiplies faster than IntegerPolynomial
-        if (modulus == 2048)
-        {
-            IntegerPolynomial poly2Pos = (IntegerPolynomial)poly2.clone();
-            poly2Pos.modPositive(2048);
-            LongPolynomial5 poly5 = new LongPolynomial5(poly2Pos);
-            return poly5.mult(this).toIntegerPolynomial();
-        }
-        else
-        {
-            return super.mult(poly2, modulus);
-        }
-    }
-
-    public int[] getOnes()
-    {
-        int N = coeffs.length;
-        int[] ones = new int[N];
-        int onesIdx = 0;
-        for (int i = 0; i < N; i++)
-        {
-            int c = coeffs[i];
-            if (c == 1)
-            {
-                ones[onesIdx++] = i;
-            }
-        }
-        return Arrays.copyOf(ones, onesIdx);
-    }
-
-    public int[] getNegOnes()
-    {
-        int N = coeffs.length;
-        int[] negOnes = new int[N];
-        int negOnesIdx = 0;
-        for (int i = 0; i < N; i++)
-        {
-            int c = coeffs[i];
-            if (c == -1)
-            {
-                negOnes[negOnesIdx++] = i;
-            }
-        }
-        return Arrays.copyOf(negOnes, negOnesIdx);
-    }
-
-    public int size()
-    {
-        return coeffs.length;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/IntegerPolynomial.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/IntegerPolynomial.java
deleted file mode 100644
index bcf8958..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/IntegerPolynomial.java
+++ /dev/null

@@ -1,1379 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.polynomial;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.math.BigInteger;
-import java.util.ArrayList;
-import java.util.Iterator;
-import java.util.LinkedList;
-import java.util.List;
-import java.util.concurrent.Callable;
-import java.util.concurrent.ExecutorService;
-import java.util.concurrent.Executors;
-import java.util.concurrent.Future;
-import java.util.concurrent.LinkedBlockingQueue;
-
-import org.bouncycastle.pqc.math.ntru.euclid.BigIntEuclidean;
-import org.bouncycastle.pqc.math.ntru.util.ArrayEncoder;
-import org.bouncycastle.pqc.math.ntru.util.Util;
-import org.bouncycastle.util.Arrays;
-
-/**
- * A polynomial with <code>int</code> coefficients.<br>
- * Some methods (like <code>add</code>) change the polynomial, others (like <code>mult</code>) do
- * not but return the result as a new polynomial.
- */
-public class IntegerPolynomial
-    implements Polynomial
-{
-    private static final int NUM_EQUAL_RESULTANTS = 3;
-    /**
-     * Prime numbers &gt; 4500 for resultant computation. Starting them below ~4400 causes incorrect results occasionally.
-     * Fortunately, 4500 is about the optimum number for performance.<br/>
-     * This array contains enough prime numbers so primes never have to be computed on-line for any standard {@link org.bouncycastle.pqc.crypto.ntru.NTRUSigningParameters}.
-     */
-    private static final int[] PRIMES = new int[]{
-        4507, 4513, 4517, 4519, 4523, 4547, 4549, 4561, 4567, 4583,
-        4591, 4597, 4603, 4621, 4637, 4639, 4643, 4649, 4651, 4657,
-        4663, 4673, 4679, 4691, 4703, 4721, 4723, 4729, 4733, 4751,
-        4759, 4783, 4787, 4789, 4793, 4799, 4801, 4813, 4817, 4831,
-        4861, 4871, 4877, 4889, 4903, 4909, 4919, 4931, 4933, 4937,
-        4943, 4951, 4957, 4967, 4969, 4973, 4987, 4993, 4999, 5003,
-        5009, 5011, 5021, 5023, 5039, 5051, 5059, 5077, 5081, 5087,
-        5099, 5101, 5107, 5113, 5119, 5147, 5153, 5167, 5171, 5179,
-        5189, 5197, 5209, 5227, 5231, 5233, 5237, 5261, 5273, 5279,
-        5281, 5297, 5303, 5309, 5323, 5333, 5347, 5351, 5381, 5387,
-        5393, 5399, 5407, 5413, 5417, 5419, 5431, 5437, 5441, 5443,
-        5449, 5471, 5477, 5479, 5483, 5501, 5503, 5507, 5519, 5521,
-        5527, 5531, 5557, 5563, 5569, 5573, 5581, 5591, 5623, 5639,
-        5641, 5647, 5651, 5653, 5657, 5659, 5669, 5683, 5689, 5693,
-        5701, 5711, 5717, 5737, 5741, 5743, 5749, 5779, 5783, 5791,
-        5801, 5807, 5813, 5821, 5827, 5839, 5843, 5849, 5851, 5857,
-        5861, 5867, 5869, 5879, 5881, 5897, 5903, 5923, 5927, 5939,
-        5953, 5981, 5987, 6007, 6011, 6029, 6037, 6043, 6047, 6053,
-        6067, 6073, 6079, 6089, 6091, 6101, 6113, 6121, 6131, 6133,
-        6143, 6151, 6163, 6173, 6197, 6199, 6203, 6211, 6217, 6221,
-        6229, 6247, 6257, 6263, 6269, 6271, 6277, 6287, 6299, 6301,
-        6311, 6317, 6323, 6329, 6337, 6343, 6353, 6359, 6361, 6367,
-        6373, 6379, 6389, 6397, 6421, 6427, 6449, 6451, 6469, 6473,
-        6481, 6491, 6521, 6529, 6547, 6551, 6553, 6563, 6569, 6571,
-        6577, 6581, 6599, 6607, 6619, 6637, 6653, 6659, 6661, 6673,
-        6679, 6689, 6691, 6701, 6703, 6709, 6719, 6733, 6737, 6761,
-        6763, 6779, 6781, 6791, 6793, 6803, 6823, 6827, 6829, 6833,
-        6841, 6857, 6863, 6869, 6871, 6883, 6899, 6907, 6911, 6917,
-        6947, 6949, 6959, 6961, 6967, 6971, 6977, 6983, 6991, 6997,
-        7001, 7013, 7019, 7027, 7039, 7043, 7057, 7069, 7079, 7103,
-        7109, 7121, 7127, 7129, 7151, 7159, 7177, 7187, 7193, 7207,
-        7211, 7213, 7219, 7229, 7237, 7243, 7247, 7253, 7283, 7297,
-        7307, 7309, 7321, 7331, 7333, 7349, 7351, 7369, 7393, 7411,
-        7417, 7433, 7451, 7457, 7459, 7477, 7481, 7487, 7489, 7499,
-        7507, 7517, 7523, 7529, 7537, 7541, 7547, 7549, 7559, 7561,
-        7573, 7577, 7583, 7589, 7591, 7603, 7607, 7621, 7639, 7643,
-        7649, 7669, 7673, 7681, 7687, 7691, 7699, 7703, 7717, 7723,
-        7727, 7741, 7753, 7757, 7759, 7789, 7793, 7817, 7823, 7829,
-        7841, 7853, 7867, 7873, 7877, 7879, 7883, 7901, 7907, 7919,
-        7927, 7933, 7937, 7949, 7951, 7963, 7993, 8009, 8011, 8017,
-        8039, 8053, 8059, 8069, 8081, 8087, 8089, 8093, 8101, 8111,
-        8117, 8123, 8147, 8161, 8167, 8171, 8179, 8191, 8209, 8219,
-        8221, 8231, 8233, 8237, 8243, 8263, 8269, 8273, 8287, 8291,
-        8293, 8297, 8311, 8317, 8329, 8353, 8363, 8369, 8377, 8387,
-        8389, 8419, 8423, 8429, 8431, 8443, 8447, 8461, 8467, 8501,
-        8513, 8521, 8527, 8537, 8539, 8543, 8563, 8573, 8581, 8597,
-        8599, 8609, 8623, 8627, 8629, 8641, 8647, 8663, 8669, 8677,
-        8681, 8689, 8693, 8699, 8707, 8713, 8719, 8731, 8737, 8741,
-        8747, 8753, 8761, 8779, 8783, 8803, 8807, 8819, 8821, 8831,
-        8837, 8839, 8849, 8861, 8863, 8867, 8887, 8893, 8923, 8929,
-        8933, 8941, 8951, 8963, 8969, 8971, 8999, 9001, 9007, 9011,
-        9013, 9029, 9041, 9043, 9049, 9059, 9067, 9091, 9103, 9109,
-        9127, 9133, 9137, 9151, 9157, 9161, 9173, 9181, 9187, 9199,
-        9203, 9209, 9221, 9227, 9239, 9241, 9257, 9277, 9281, 9283,
-        9293, 9311, 9319, 9323, 9337, 9341, 9343, 9349, 9371, 9377,
-        9391, 9397, 9403, 9413, 9419, 9421, 9431, 9433, 9437, 9439,
-        9461, 9463, 9467, 9473, 9479, 9491, 9497, 9511, 9521, 9533,
-        9539, 9547, 9551, 9587, 9601, 9613, 9619, 9623, 9629, 9631,
-        9643, 9649, 9661, 9677, 9679, 9689, 9697, 9719, 9721, 9733,
-        9739, 9743, 9749, 9767, 9769, 9781, 9787, 9791, 9803, 9811,
-        9817, 9829, 9833, 9839, 9851, 9857, 9859, 9871, 9883, 9887,
-        9901, 9907, 9923, 9929, 9931, 9941, 9949, 9967, 9973};
-    private static final List BIGINT_PRIMES;
-
-    static
-    {
-        BIGINT_PRIMES = new ArrayList();
-        for (int i = 0; i != PRIMES.length; i++)
-        {
-            BIGINT_PRIMES.add(BigInteger.valueOf(PRIMES[i]));
-        }
-    }
-
-    public int[] coeffs;
-
-    /**
-     * Constructs a new polynomial with <code>N</code> coefficients initialized to 0.
-     *
-     * @param N the number of coefficients
-     */
-    public IntegerPolynomial(int N)
-    {
-        coeffs = new int[N];
-    }
-
-    /**
-     * Constructs a new polynomial with a given set of coefficients.
-     *
-     * @param coeffs the coefficients
-     */
-    public IntegerPolynomial(int[] coeffs)
-    {
-        this.coeffs = coeffs;
-    }
-
-    /**
-     * Constructs a <code>IntegerPolynomial</code> from a <code>BigIntPolynomial</code>. The two polynomials are independent of each other.
-     *
-     * @param p the original polynomial
-     */
-    public IntegerPolynomial(BigIntPolynomial p)
-    {
-        coeffs = new int[p.coeffs.length];
-        for (int i = 0; i < p.coeffs.length; i++)
-        {
-            coeffs[i] = p.coeffs[i].intValue();
-        }
-    }
-
-    /**
-     * Decodes a byte array to a polynomial with <code>N</code> ternary coefficients<br>
-     * Ignores any excess bytes.
-     *
-     * @param data an encoded ternary polynomial
-     * @param N    number of coefficients
-     * @return the decoded polynomial
-     */
-    public static IntegerPolynomial fromBinary3Sves(byte[] data, int N)
-    {
-        return new IntegerPolynomial(ArrayEncoder.decodeMod3Sves(data, N));
-    }
-
-    /**
-     * Converts a byte array produced by {@link #toBinary3Tight()} to a polynomial.
-     *
-     * @param b a byte array
-     * @param N number of coefficients
-     * @return the decoded polynomial
-     */
-    public static IntegerPolynomial fromBinary3Tight(byte[] b, int N)
-    {
-        return new IntegerPolynomial(ArrayEncoder.decodeMod3Tight(b, N));
-    }
-
-    /**
-     * Reads data produced by {@link #toBinary3Tight()} from an input stream and converts it to a polynomial.
-     *
-     * @param is an input stream
-     * @param N  number of coefficients
-     * @return the decoded polynomial
-     */
-    public static IntegerPolynomial fromBinary3Tight(InputStream is, int N)
-        throws IOException
-    {
-        return new IntegerPolynomial(ArrayEncoder.decodeMod3Tight(is, N));
-    }
-
-    /**
-     * Returns a polynomial with N coefficients between <code>0</code> and <code>q-1</code>.<br>
-     * <code>q</code> must be a power of 2.<br>
-     * Ignores any excess bytes.
-     *
-     * @param data an encoded ternary polynomial
-     * @param N    number of coefficients
-     * @param q
-     * @return the decoded polynomial
-     */
-    public static IntegerPolynomial fromBinary(byte[] data, int N, int q)
-    {
-        return new IntegerPolynomial(ArrayEncoder.decodeModQ(data, N, q));
-    }
-
-    /**
-     * Returns a polynomial with N coefficients between <code>0</code> and <code>q-1</code>.<br>
-     * <code>q</code> must be a power of 2.<br>
-     * Ignores any excess bytes.
-     *
-     * @param is an encoded ternary polynomial
-     * @param N  number of coefficients
-     * @param q
-     * @return the decoded polynomial
-     */
-    public static IntegerPolynomial fromBinary(InputStream is, int N, int q)
-        throws IOException
-    {
-        return new IntegerPolynomial(ArrayEncoder.decodeModQ(is, N, q));
-    }
-
-    /**
-     * Encodes a polynomial with ternary coefficients to binary.
-     * <code>coeffs[2*i]</code> and <code>coeffs[2*i+1]</code> must not both equal -1 for any integer <code>i</code>,
-     * so this method is only safe to use with polynomials produced by <code>fromBinary3Sves()</code>.
-     *
-     * @return the encoded polynomial
-     */
-    public byte[] toBinary3Sves()
-    {
-        return ArrayEncoder.encodeMod3Sves(coeffs);
-    }
-
-    /**
-     * Converts a polynomial with ternary coefficients to binary.
-     *
-     * @return the encoded polynomial
-     */
-    public byte[] toBinary3Tight()
-    {
-        BigInteger sum = Constants.BIGINT_ZERO;
-        for (int i = coeffs.length - 1; i >= 0; i--)
-        {
-            sum = sum.multiply(BigInteger.valueOf(3));
-            sum = sum.add(BigInteger.valueOf(coeffs[i] + 1));
-        }
-
-        int size = (BigInteger.valueOf(3).pow(coeffs.length).bitLength() + 7) / 8;
-        byte[] arr = sum.toByteArray();
-
-        if (arr.length < size)
-        {
-            // pad with leading zeros so arr.length==size
-            byte[] arr2 = new byte[size];
-            System.arraycopy(arr, 0, arr2, size - arr.length, arr.length);
-            return arr2;
-        }
-
-        if (arr.length > size)
-        // drop sign bit
-        {
-            arr = Arrays.copyOfRange(arr, 1, arr.length);
-        }
-        return arr;
-    }
-
-    /**
-     * Encodes a polynomial whose coefficients are between 0 and q, to binary. q must be a power of 2.
-     *
-     * @param q
-     * @return the encoded polynomial
-     */
-    public byte[] toBinary(int q)
-    {
-        return ArrayEncoder.encodeModQ(coeffs, q);
-    }
-
-    /**
-     * Multiplies the polynomial with another, taking the values mod modulus and the indices mod N
-     */
-    public IntegerPolynomial mult(IntegerPolynomial poly2, int modulus)
-    {
-        IntegerPolynomial c = mult(poly2);
-        c.mod(modulus);
-        return c;
-    }
-
-    /**
-     * Multiplies the polynomial with another, taking the indices mod N
-     */
-    public IntegerPolynomial mult(IntegerPolynomial poly2)
-    {
-        int N = coeffs.length;
-        if (poly2.coeffs.length != N)
-        {
-            throw new IllegalArgumentException("Number of coefficients must be the same");
-        }
-
-        IntegerPolynomial c = multRecursive(poly2);
-
-        if (c.coeffs.length > N)
-        {
-            for (int k = N; k < c.coeffs.length; k++)
-            {
-                c.coeffs[k - N] += c.coeffs[k];
-            }
-            c.coeffs = Arrays.copyOf(c.coeffs, N);
-        }
-        return c;
-    }
-
-    public BigIntPolynomial mult(BigIntPolynomial poly2)
-    {
-        return new BigIntPolynomial(this).mult(poly2);
-    }
-
-    /**
-     * Karazuba multiplication
-     */
-    private IntegerPolynomial multRecursive(IntegerPolynomial poly2)
-    {
-        int[] a = coeffs;
-        int[] b = poly2.coeffs;
-
-        int n = poly2.coeffs.length;
-        if (n <= 32)
-        {
-            int cn = 2 * n - 1;
-            IntegerPolynomial c = new IntegerPolynomial(new int[cn]);
-            for (int k = 0; k < cn; k++)
-            {
-                for (int i = Math.max(0, k - n + 1); i <= Math.min(k, n - 1); i++)
-                {
-                    c.coeffs[k] += b[i] * a[k - i];
-                }
-            }
-            return c;
-        }
-        else
-        {
-            int n1 = n / 2;
-
-            IntegerPolynomial a1 = new IntegerPolynomial(Arrays.copyOf(a, n1));
-            IntegerPolynomial a2 = new IntegerPolynomial(Arrays.copyOfRange(a, n1, n));
-            IntegerPolynomial b1 = new IntegerPolynomial(Arrays.copyOf(b, n1));
-            IntegerPolynomial b2 = new IntegerPolynomial(Arrays.copyOfRange(b, n1, n));
-
-            IntegerPolynomial A = (IntegerPolynomial)a1.clone();
-            A.add(a2);
-            IntegerPolynomial B = (IntegerPolynomial)b1.clone();
-            B.add(b2);
-
-            IntegerPolynomial c1 = a1.multRecursive(b1);
-            IntegerPolynomial c2 = a2.multRecursive(b2);
-            IntegerPolynomial c3 = A.multRecursive(B);
-            c3.sub(c1);
-            c3.sub(c2);
-
-            IntegerPolynomial c = new IntegerPolynomial(2 * n - 1);
-            for (int i = 0; i < c1.coeffs.length; i++)
-            {
-                c.coeffs[i] = c1.coeffs[i];
-            }
-            for (int i = 0; i < c3.coeffs.length; i++)
-            {
-                c.coeffs[n1 + i] += c3.coeffs[i];
-            }
-            for (int i = 0; i < c2.coeffs.length; i++)
-            {
-                c.coeffs[2 * n1 + i] += c2.coeffs[i];
-            }
-            return c;
-        }
-    }
-
-    /**
-     * Computes the inverse mod <code>q; q</code> must be a power of 2.<br>
-     * Returns <code>null</code> if the polynomial is not invertible.
-     *
-     * @param q the modulus
-     * @return a new polynomial
-     */
-    public IntegerPolynomial invertFq(int q)
-    {
-        int N = coeffs.length;
-        int k = 0;
-        IntegerPolynomial b = new IntegerPolynomial(N + 1);
-        b.coeffs[0] = 1;
-        IntegerPolynomial c = new IntegerPolynomial(N + 1);
-        IntegerPolynomial f = new IntegerPolynomial(N + 1);
-        f.coeffs = Arrays.copyOf(coeffs, N + 1);
-        f.modPositive(2);
-        // set g(x) = x^N − 1
-        IntegerPolynomial g = new IntegerPolynomial(N + 1);
-        g.coeffs[0] = 1;
-        g.coeffs[N] = 1;
-        while (true)
-        {
-            while (f.coeffs[0] == 0)
-            {
-                for (int i = 1; i <= N; i++)
-                {
-                    f.coeffs[i - 1] = f.coeffs[i];   // f(x) = f(x) / x
-                    c.coeffs[N + 1 - i] = c.coeffs[N - i];   // c(x) = c(x) * x
-                }
-                f.coeffs[N] = 0;
-                c.coeffs[0] = 0;
-                k++;
-                if (f.equalsZero())
-                {
-                    return null;   // not invertible
-                }
-            }
-            if (f.equalsOne())
-            {
-                break;
-            }
-            if (f.degree() < g.degree())
-            {
-                // exchange f and g
-                IntegerPolynomial temp = f;
-                f = g;
-                g = temp;
-                // exchange b and c
-                temp = b;
-                b = c;
-                c = temp;
-            }
-            f.add(g, 2);
-            b.add(c, 2);
-        }
-
-        if (b.coeffs[N] != 0)
-        {
-            return null;
-        }
-        // Fq(x) = x^(N-k) * b(x)
-        IntegerPolynomial Fq = new IntegerPolynomial(N);
-        int j = 0;
-        k %= N;
-        for (int i = N - 1; i >= 0; i--)
-        {
-            j = i - k;
-            if (j < 0)
-            {
-                j += N;
-            }
-            Fq.coeffs[j] = b.coeffs[i];
-        }
-
-        return mod2ToModq(Fq, q);
-    }
-
-    /**
-     * Computes the inverse mod q from the inverse mod 2
-     *
-     * @param Fq
-     * @param q
-     * @return The inverse of this polynomial mod q
-     */
-    private IntegerPolynomial mod2ToModq(IntegerPolynomial Fq, int q)
-    {
-        if (Util.is64BitJVM() && q == 2048)
-        {
-            LongPolynomial2 thisLong = new LongPolynomial2(this);
-            LongPolynomial2 FqLong = new LongPolynomial2(Fq);
-            int v = 2;
-            while (v < q)
-            {
-                v *= 2;
-                LongPolynomial2 temp = (LongPolynomial2)FqLong.clone();
-                temp.mult2And(v - 1);
-                FqLong = thisLong.mult(FqLong).mult(FqLong);
-                temp.subAnd(FqLong, v - 1);
-                FqLong = temp;
-            }
-            return FqLong.toIntegerPolynomial();
-        }
-        else
-        {
-            int v = 2;
-            while (v < q)
-            {
-                v *= 2;
-                IntegerPolynomial temp = new IntegerPolynomial(Arrays.copyOf(Fq.coeffs, Fq.coeffs.length));
-                temp.mult2(v);
-                Fq = mult(Fq, v).mult(Fq, v);
-                temp.sub(Fq, v);
-                Fq = temp;
-            }
-            return Fq;
-        }
-    }
-
-    /**
-     * Computes the inverse mod 3.
-     * Returns <code>null</code> if the polynomial is not invertible.
-     *
-     * @return a new polynomial
-     */
-    public IntegerPolynomial invertF3()
-    {
-        int N = coeffs.length;
-        int k = 0;
-        IntegerPolynomial b = new IntegerPolynomial(N + 1);
-        b.coeffs[0] = 1;
-        IntegerPolynomial c = new IntegerPolynomial(N + 1);
-        IntegerPolynomial f = new IntegerPolynomial(N + 1);
-        f.coeffs = Arrays.copyOf(coeffs, N + 1);
-        f.modPositive(3);
-        // set g(x) = x^N − 1
-        IntegerPolynomial g = new IntegerPolynomial(N + 1);
-        g.coeffs[0] = -1;
-        g.coeffs[N] = 1;
-        while (true)
-        {
-            while (f.coeffs[0] == 0)
-            {
-                for (int i = 1; i <= N; i++)
-                {
-                    f.coeffs[i - 1] = f.coeffs[i];   // f(x) = f(x) / x
-                    c.coeffs[N + 1 - i] = c.coeffs[N - i];   // c(x) = c(x) * x
-                }
-                f.coeffs[N] = 0;
-                c.coeffs[0] = 0;
-                k++;
-                if (f.equalsZero())
-                {
-                    return null;   // not invertible
-                }
-            }
-            if (f.equalsAbsOne())
-            {
-                break;
-            }
-            if (f.degree() < g.degree())
-            {
-                // exchange f and g
-                IntegerPolynomial temp = f;
-                f = g;
-                g = temp;
-                // exchange b and c
-                temp = b;
-                b = c;
-                c = temp;
-            }
-            if (f.coeffs[0] == g.coeffs[0])
-            {
-                f.sub(g, 3);
-                b.sub(c, 3);
-            }
-            else
-            {
-                f.add(g, 3);
-                b.add(c, 3);
-            }
-        }
-
-        if (b.coeffs[N] != 0)
-        {
-            return null;
-        }
-        // Fp(x) = [+-] x^(N-k) * b(x)
-        IntegerPolynomial Fp = new IntegerPolynomial(N);
-        int j = 0;
-        k %= N;
-        for (int i = N - 1; i >= 0; i--)
-        {
-            j = i - k;
-            if (j < 0)
-            {
-                j += N;
-            }
-            Fp.coeffs[j] = f.coeffs[0] * b.coeffs[i];
-        }
-
-        Fp.ensurePositive(3);
-        return Fp;
-    }
-
-    /**
-     * Resultant of this polynomial with <code>x^n-1</code> using a probabilistic algorithm.
-     * <p>
-     * Unlike EESS, this implementation does not compute all resultants modulo primes
-     * such that their product exceeds the maximum possible resultant, but rather stops
-     * when <code>NUM_EQUAL_RESULTANTS</code> consecutive modular resultants are equal.<br>
-     * This means the return value may be incorrect. Experiments show this happens in
-     * about 1 out of 100 cases when <code>N=439</code> and <code>NUM_EQUAL_RESULTANTS=2</code>,
-     * so the likelyhood of leaving the loop too early is <code>(1/100)^(NUM_EQUAL_RESULTANTS-1)</code>.
-     * <p>
-     * Because of the above, callers must verify the output and try a different polynomial if necessary.
-     *
-     * @return <code>(rho, res)</code> satisfying <code>res = rho*this + t*(x^n-1)</code> for some integer <code>t</code>.
-     */
-    public Resultant resultant()
-    {
-        int N = coeffs.length;
-
-        // Compute resultants modulo prime numbers. Continue until NUM_EQUAL_RESULTANTS consecutive modular resultants are equal.
-        LinkedList<ModularResultant> modResultants = new LinkedList<ModularResultant>();
-        BigInteger pProd = Constants.BIGINT_ONE;
-        BigInteger res = Constants.BIGINT_ONE;
-        int numEqual = 1;   // number of consecutive modular resultants equal to each other
-
-        PrimeGenerator primes = new PrimeGenerator();
-
-        while (true)
-        {
-            BigInteger prime = primes.nextPrime();
-            ModularResultant crr = resultant(prime.intValue());
-            modResultants.add(crr);
-
-            BigInteger temp = pProd.multiply(prime);
-            BigIntEuclidean er = BigIntEuclidean.calculate(prime, pProd);
-            BigInteger resPrev = res;
-            res = res.multiply(er.x.multiply(prime));
-            BigInteger res2 = crr.res.multiply(er.y.multiply(pProd));
-            res = res.add(res2).mod(temp);
-            pProd = temp;
-
-            BigInteger pProd2 = pProd.divide(BigInteger.valueOf(2));
-            BigInteger pProd2n = pProd2.negate();
-            if (res.compareTo(pProd2) > 0)
-            {
-                res = res.subtract(pProd);
-            }
-            else if (res.compareTo(pProd2n) < 0)
-            {
-                res = res.add(pProd);
-            }
-
-            if (res.equals(resPrev))
-            {
-                numEqual++;
-                if (numEqual >= NUM_EQUAL_RESULTANTS)
-                {
-                    break;
-                }
-            }
-            else
-            {
-                numEqual = 1;
-            }
-        }
-
-        // Combine modular rho's to obtain the final rho.
-        // For efficiency, first combine all pairs of small resultants to bigger resultants,
-        // then combine pairs of those, etc. until only one is left.
-        while (modResultants.size() > 1)
-        {
-            ModularResultant modRes1 = modResultants.removeFirst();
-            ModularResultant modRes2 = modResultants.removeFirst();
-            ModularResultant modRes3 = ModularResultant.combineRho(modRes1, modRes2);
-            modResultants.addLast(modRes3);
-        }
-        BigIntPolynomial rhoP = modResultants.getFirst().rho;
-
-        BigInteger pProd2 = pProd.divide(BigInteger.valueOf(2));
-        BigInteger pProd2n = pProd2.negate();
-        if (res.compareTo(pProd2) > 0)
-        {
-            res = res.subtract(pProd);
-        }
-        if (res.compareTo(pProd2n) < 0)
-        {
-            res = res.add(pProd);
-        }
-
-        for (int i = 0; i < N; i++)
-        {
-            BigInteger c = rhoP.coeffs[i];
-            if (c.compareTo(pProd2) > 0)
-            {
-                rhoP.coeffs[i] = c.subtract(pProd);
-            }
-            if (c.compareTo(pProd2n) < 0)
-            {
-                rhoP.coeffs[i] = c.add(pProd);
-            }
-        }
-
-        return new Resultant(rhoP, res);
-    }
-
-    /**
-     * Multithreaded version of {@link #resultant()}.
-     *
-     * @return <code>(rho, res)</code> satisfying <code>res = rho*this + t*(x^n-1)</code> for some integer <code>t</code>.
-     */
-    public Resultant resultantMultiThread()
-    {
-        int N = coeffs.length;
-
-        // upper bound for resultant(f, g) = ||f, 2||^deg(g) * ||g, 2||^deg(f) = squaresum(f)^(N/2) * 2^(deg(f)/2) because g(x)=x^N-1
-        // see http://jondalon.mathematik.uni-osnabrueck.de/staff/phpages/brunsw/CompAlg.pdf chapter 3
-        BigInteger max = squareSum().pow((N + 1) / 2);
-        max = max.multiply(BigInteger.valueOf(2).pow((degree() + 1) / 2));
-        BigInteger max2 = max.multiply(BigInteger.valueOf(2));
-
-        // compute resultants modulo prime numbers
-        BigInteger prime = BigInteger.valueOf(10000);
-        BigInteger pProd = Constants.BIGINT_ONE;
-        LinkedBlockingQueue<Future<ModularResultant>> resultantTasks = new LinkedBlockingQueue<Future<ModularResultant>>();
-        Iterator<BigInteger> primes = BIGINT_PRIMES.iterator();
-        ExecutorService executor = Executors.newFixedThreadPool(Runtime.getRuntime().availableProcessors());
-        while (pProd.compareTo(max2) < 0)
-        {
-            if (primes.hasNext())
-            {
-                prime = primes.next();
-            }
-            else
-            {
-                prime = prime.nextProbablePrime();
-            }
-            Future<ModularResultant> task = executor.submit(new ModResultantTask(prime.intValue()));
-            resultantTasks.add(task);
-            pProd = pProd.multiply(prime);
-        }
-
-        // Combine modular resultants to obtain the resultant.
-        // For efficiency, first combine all pairs of small resultants to bigger resultants,
-        // then combine pairs of those, etc. until only one is left.
-        ModularResultant overallResultant = null;
-        while (!resultantTasks.isEmpty())
-        {
-            try
-            {
-                Future<ModularResultant> modRes1 = resultantTasks.take();
-                Future<ModularResultant> modRes2 = resultantTasks.poll();
-                if (modRes2 == null)
-                {
-                    // modRes1 is the only one left
-                    overallResultant = modRes1.get();
-                    break;
-                }
-                Future<ModularResultant> newTask = executor.submit(new CombineTask(modRes1.get(), modRes2.get()));
-                resultantTasks.add(newTask);
-            }
-            catch (Exception e)
-            {
-                throw new IllegalStateException(e.toString());
-            }
-        }
-        executor.shutdown();
-        BigInteger res = overallResultant.res;
-        BigIntPolynomial rhoP = overallResultant.rho;
-
-        BigInteger pProd2 = pProd.divide(BigInteger.valueOf(2));
-        BigInteger pProd2n = pProd2.negate();
-
-        if (res.compareTo(pProd2) > 0)
-        {
-            res = res.subtract(pProd);
-        }
-        if (res.compareTo(pProd2n) < 0)
-        {
-            res = res.add(pProd);
-        }
-
-        for (int i = 0; i < N; i++)
-        {
-            BigInteger c = rhoP.coeffs[i];
-            if (c.compareTo(pProd2) > 0)
-            {
-                rhoP.coeffs[i] = c.subtract(pProd);
-            }
-            if (c.compareTo(pProd2n) < 0)
-            {
-                rhoP.coeffs[i] = c.add(pProd);
-            }
-        }
-
-        return new Resultant(rhoP, res);
-    }
-
-    /**
-     * Resultant of this polynomial with <code>x^n-1 mod p</code>.
-     *
-     * @return <code>(rho, res)</code> satisfying <code>res = rho*this + t*(x^n-1) mod p</code> for some integer <code>t</code>.
-     */
-    public ModularResultant resultant(int p)
-    {
-        // Add a coefficient as the following operations involve polynomials of degree deg(f)+1
-        int[] fcoeffs = Arrays.copyOf(coeffs, coeffs.length + 1);
-        IntegerPolynomial f = new IntegerPolynomial(fcoeffs);
-        int N = fcoeffs.length;
-
-        IntegerPolynomial a = new IntegerPolynomial(N);
-        a.coeffs[0] = -1;
-        a.coeffs[N - 1] = 1;
-        IntegerPolynomial b = new IntegerPolynomial(f.coeffs);
-        IntegerPolynomial v1 = new IntegerPolynomial(N);
-        IntegerPolynomial v2 = new IntegerPolynomial(N);
-        v2.coeffs[0] = 1;
-        int da = N - 1;
-        int db = b.degree();
-        int ta = da;
-        int c = 0;
-        int r = 1;
-        while (db > 0)
-        {
-            c = Util.invert(b.coeffs[db], p);
-            c = (c * a.coeffs[da]) % p;
-            a.multShiftSub(b, c, da - db, p);
-            v1.multShiftSub(v2, c, da - db, p);
-
-            da = a.degree();
-            if (da < db)
-            {
-                r *= Util.pow(b.coeffs[db], ta - da, p);
-                r %= p;
-                if (ta % 2 == 1 && db % 2 == 1)
-                {
-                    r = (-r) % p;
-                }
-                IntegerPolynomial temp = a;
-                a = b;
-                b = temp;
-                int tempdeg = da;
-                da = db;
-                temp = v1;
-                v1 = v2;
-                v2 = temp;
-                ta = db;
-                db = tempdeg;
-            }
-        }
-        r *= Util.pow(b.coeffs[0], da, p);
-        r %= p;
-        c = Util.invert(b.coeffs[0], p);
-        v2.mult(c);
-        v2.mod(p);
-        v2.mult(r);
-        v2.mod(p);
-
-        // drop the highest coefficient so #coeffs matches the original input
-        v2.coeffs = Arrays.copyOf(v2.coeffs, v2.coeffs.length - 1);
-        return new ModularResultant(new BigIntPolynomial(v2), BigInteger.valueOf(r), BigInteger.valueOf(p));
-    }
-
-    /**
-     * Computes <code>this-b*c*(x^k) mod p</code> and stores the result in this polynomial.<br/>
-     * See steps 4a,4b in EESS algorithm 2.2.7.1.
-     *
-     * @param b
-     * @param c
-     * @param k
-     * @param p
-     */
-    private void multShiftSub(IntegerPolynomial b, int c, int k, int p)
-    {
-        int N = coeffs.length;
-        for (int i = k; i < N; i++)
-        {
-            coeffs[i] = (coeffs[i] - b.coeffs[i - k] * c) % p;
-        }
-    }
-
-    /**
-     * Adds the squares of all coefficients.
-     *
-     * @return the sum of squares
-     */
-    private BigInteger squareSum()
-    {
-        BigInteger sum = Constants.BIGINT_ZERO;
-        for (int i = 0; i < coeffs.length; i++)
-        {
-            sum = sum.add(BigInteger.valueOf(coeffs[i] * coeffs[i]));
-        }
-        return sum;
-    }
-
-    /**
-     * Returns the degree of the polynomial
-     *
-     * @return the degree
-     */
-    int degree()
-    {
-        int degree = coeffs.length - 1;
-        while (degree > 0 && coeffs[degree] == 0)
-        {
-            degree--;
-        }
-        return degree;
-    }
-
-    /**
-     * Adds another polynomial which can have a different number of coefficients,
-     * and takes the coefficient values mod <code>modulus</code>.
-     *
-     * @param b another polynomial
-     */
-    public void add(IntegerPolynomial b, int modulus)
-    {
-        add(b);
-        mod(modulus);
-    }
-
-    /**
-     * Adds another polynomial which can have a different number of coefficients.
-     *
-     * @param b another polynomial
-     */
-    public void add(IntegerPolynomial b)
-    {
-        if (b.coeffs.length > coeffs.length)
-        {
-            coeffs = Arrays.copyOf(coeffs, b.coeffs.length);
-        }
-        for (int i = 0; i < b.coeffs.length; i++)
-        {
-            coeffs[i] += b.coeffs[i];
-        }
-    }
-
-    /**
-     * Subtracts another polynomial which can have a different number of coefficients,
-     * and takes the coefficient values mod <code>modulus</code>.
-     *
-     * @param b another polynomial
-     */
-    public void sub(IntegerPolynomial b, int modulus)
-    {
-        sub(b);
-        mod(modulus);
-    }
-
-    /**
-     * Subtracts another polynomial which can have a different number of coefficients.
-     *
-     * @param b another polynomial
-     */
-    public void sub(IntegerPolynomial b)
-    {
-        if (b.coeffs.length > coeffs.length)
-        {
-            coeffs = Arrays.copyOf(coeffs, b.coeffs.length);
-        }
-        for (int i = 0; i < b.coeffs.length; i++)
-        {
-            coeffs[i] -= b.coeffs[i];
-        }
-    }
-
-    /**
-     * Subtracts a <code>int</code> from each coefficient. Does not return a new polynomial but modifies this polynomial.
-     *
-     * @param b
-     */
-    void sub(int b)
-    {
-        for (int i = 0; i < coeffs.length; i++)
-        {
-            coeffs[i] -= b;
-        }
-    }
-
-    /**
-     * Multiplies each coefficient by a <code>int</code>. Does not return a new polynomial but modifies this polynomial.
-     *
-     * @param factor
-     */
-    public void mult(int factor)
-    {
-        for (int i = 0; i < coeffs.length; i++)
-        {
-            coeffs[i] *= factor;
-        }
-    }
-
-    /**
-     * Multiplies each coefficient by a 2 and applies a modulus. Does not return a new polynomial but modifies this polynomial.
-     *
-     * @param modulus a modulus
-     */
-    private void mult2(int modulus)
-    {
-        for (int i = 0; i < coeffs.length; i++)
-        {
-            coeffs[i] *= 2;
-            coeffs[i] %= modulus;
-        }
-    }
-
-    /**
-     * Multiplies each coefficient by a 2 and applies a modulus. Does not return a new polynomial but modifies this polynomial.
-     *
-     * @param modulus a modulus
-     */
-    public void mult3(int modulus)
-    {
-        for (int i = 0; i < coeffs.length; i++)
-        {
-            coeffs[i] *= 3;
-            coeffs[i] %= modulus;
-        }
-    }
-
-    /**
-     * Divides each coefficient by <code>k</code> and rounds to the nearest integer. Does not return a new polynomial but modifies this polynomial.
-     *
-     * @param k the divisor
-     */
-    public void div(int k)
-    {
-        int k2 = (k + 1) / 2;
-        for (int i = 0; i < coeffs.length; i++)
-        {
-            coeffs[i] += coeffs[i] > 0 ? k2 : -k2;
-            coeffs[i] /= k;
-        }
-    }
-
-    /**
-     * Takes each coefficient modulo 3 such that all coefficients are ternary.
-     */
-    public void mod3()
-    {
-        for (int i = 0; i < coeffs.length; i++)
-        {
-            coeffs[i] %= 3;
-            if (coeffs[i] > 1)
-            {
-                coeffs[i] -= 3;
-            }
-            if (coeffs[i] < -1)
-            {
-                coeffs[i] += 3;
-            }
-        }
-    }
-
-    /**
-     * Ensures all coefficients are between 0 and <code>modulus-1</code>
-     *
-     * @param modulus a modulus
-     */
-    public void modPositive(int modulus)
-    {
-        mod(modulus);
-        ensurePositive(modulus);
-    }
-
-    /**
-     * Reduces all coefficients to the interval [-modulus/2, modulus/2)
-     */
-    void modCenter(int modulus)
-    {
-        mod(modulus);
-        for (int j = 0; j < coeffs.length; j++)
-        {
-            while (coeffs[j] < modulus / 2)
-            {
-                coeffs[j] += modulus;
-            }
-            while (coeffs[j] >= modulus / 2)
-            {
-                coeffs[j] -= modulus;
-            }
-        }
-    }
-
-    /**
-     * Takes each coefficient modulo <code>modulus</code>.
-     */
-    public void mod(int modulus)
-    {
-        for (int i = 0; i < coeffs.length; i++)
-        {
-            coeffs[i] %= modulus;
-        }
-    }
-
-    /**
-     * Adds <code>modulus</code> until all coefficients are above 0.
-     *
-     * @param modulus a modulus
-     */
-    public void ensurePositive(int modulus)
-    {
-        for (int i = 0; i < coeffs.length; i++)
-        {
-            while (coeffs[i] < 0)
-            {
-                coeffs[i] += modulus;
-            }
-        }
-    }
-
-    /**
-     * Computes the centered euclidean norm of the polynomial.
-     *
-     * @param q a modulus
-     * @return the centered norm
-     */
-    public long centeredNormSq(int q)
-    {
-        int N = coeffs.length;
-        IntegerPolynomial p = (IntegerPolynomial)clone();
-        p.shiftGap(q);
-
-        long sum = 0;
-        long sqSum = 0;
-        for (int i = 0; i != p.coeffs.length; i++)
-        {
-            int c = p.coeffs[i];
-            sum += c;
-            sqSum += c * c;
-        }
-
-        long centeredNormSq = sqSum - sum * sum / N;
-        return centeredNormSq;
-    }
-
-    /**
-     * Shifts all coefficients so the largest gap is centered around <code>-q/2</code>.
-     *
-     * @param q a modulus
-     */
-    void shiftGap(int q)
-    {
-        modCenter(q);
-
-        int[] sorted = Arrays.clone(coeffs);
-
-        sort(sorted);
-
-        int maxrange = 0;
-        int maxrangeStart = 0;
-        for (int i = 0; i < sorted.length - 1; i++)
-        {
-            int range = sorted[i + 1] - sorted[i];
-            if (range > maxrange)
-            {
-                maxrange = range;
-                maxrangeStart = sorted[i];
-            }
-        }
-
-        int pmin = sorted[0];
-        int pmax = sorted[sorted.length - 1];
-
-        int j = q - pmax + pmin;
-        int shift;
-        if (j > maxrange)
-        {
-            shift = (pmax + pmin) / 2;
-        }
-        else
-        {
-            shift = maxrangeStart + maxrange / 2 + q / 2;
-        }
-
-        sub(shift);
-    }
-
-    private void sort(int[] ints)
-    {
-        boolean swap = true;
-
-        while (swap)
-        {
-            swap = false;
-            for (int i = 0; i != ints.length - 1; i++)
-            {
-                if (ints[i] > ints[i+1])
-                {
-                    int tmp = ints[i];
-                    ints[i] = ints[i+1];
-                    ints[i+1] = tmp;
-                    swap = true;
-                }
-            }
-        }
-    }
-
-    /**
-     * Shifts the values of all coefficients to the interval <code>[-q/2, q/2]</code>.
-     *
-     * @param q a modulus
-     */
-    public void center0(int q)
-    {
-        for (int i = 0; i < coeffs.length; i++)
-        {
-            while (coeffs[i] < -q / 2)
-            {
-                coeffs[i] += q;
-            }
-            while (coeffs[i] > q / 2)
-            {
-                coeffs[i] -= q;
-            }
-        }
-    }
-
-    /**
-     * Returns the sum of all coefficients, i.e. evaluates the polynomial at 0.
-     *
-     * @return the sum of all coefficients
-     */
-    public int sumCoeffs()
-    {
-        int sum = 0;
-        for (int i = 0; i < coeffs.length; i++)
-        {
-            sum += coeffs[i];
-        }
-        return sum;
-    }
-
-    /**
-     * Tests if <code>p(x) = 0</code>.
-     *
-     * @return true iff all coefficients are zeros
-     */
-    private boolean equalsZero()
-    {
-        for (int i = 0; i < coeffs.length; i++)
-        {
-            if (coeffs[i] != 0)
-            {
-                return false;
-            }
-        }
-        return true;
-    }
-
-    /**
-     * Tests if <code>p(x) = 1</code>.
-     *
-     * @return true iff all coefficients are equal to zero, except for the lowest coefficient which must equal 1
-     */
-    public boolean equalsOne()
-    {
-        for (int i = 1; i < coeffs.length; i++)
-        {
-            if (coeffs[i] != 0)
-            {
-                return false;
-            }
-        }
-        return coeffs[0] == 1;
-    }
-
-    /**
-     * Tests if <code>|p(x)| = 1</code>.
-     *
-     * @return true iff all coefficients are equal to zero, except for the lowest coefficient which must equal 1 or -1
-     */
-    private boolean equalsAbsOne()
-    {
-        for (int i = 1; i < coeffs.length; i++)
-        {
-            if (coeffs[i] != 0)
-            {
-                return false;
-            }
-        }
-        return Math.abs(coeffs[0]) == 1;
-    }
-
-    /**
-     * Counts the number of coefficients equal to an integer
-     *
-     * @param value an integer
-     * @return the number of coefficients equal to <code>value</code>
-     */
-    public int count(int value)
-    {
-        int count = 0;
-        for (int i = 0; i != coeffs.length; i++)
-        {
-            if (coeffs[i] == value)
-            {
-                count++;
-            }
-        }
-        return count;
-    }
-
-    /**
-     * Multiplication by <code>X</code> in <code>Z[X]/Z[X^n-1]</code>.
-     */
-    public void rotate1()
-    {
-        int clast = coeffs[coeffs.length - 1];
-        for (int i = coeffs.length - 1; i > 0; i--)
-        {
-            coeffs[i] = coeffs[i - 1];
-        }
-        coeffs[0] = clast;
-    }
-
-    public void clear()
-    {
-        for (int i = 0; i < coeffs.length; i++)
-        {
-            coeffs[i] = 0;
-        }
-    }
-
-    public IntegerPolynomial toIntegerPolynomial()
-    {
-        return (IntegerPolynomial)clone();
-    }
-
-    public Object clone()
-    {
-        return new IntegerPolynomial(coeffs.clone());
-    }
-
-    public boolean equals(Object obj)
-    {
-        if (obj instanceof IntegerPolynomial)
-        {
-            return Arrays.areEqual(coeffs, ((IntegerPolynomial)obj).coeffs);
-        }
-        else
-        {
-            return false;
-        }
-    }
-
-    /**
-     * Calls {@link IntegerPolynomial#resultant(int)
-     */
-    private class ModResultantTask
-        implements Callable<ModularResultant>
-    {
-        private int modulus;
-
-        private ModResultantTask(int modulus)
-        {
-            this.modulus = modulus;
-        }
-
-        public ModularResultant call()
-        {
-            return resultant(modulus);
-        }
-    }
-
-    /**
-     * Calls {@link ModularResultant#combineRho(ModularResultant, ModularResultant)
-     */
-    private class CombineTask
-        implements Callable<ModularResultant>
-    {
-        private ModularResultant modRes1;
-        private ModularResultant modRes2;
-
-        private CombineTask(ModularResultant modRes1, ModularResultant modRes2)
-        {
-            this.modRes1 = modRes1;
-            this.modRes2 = modRes2;
-        }
-
-        public ModularResultant call()
-        {
-            return ModularResultant.combineRho(modRes1, modRes2);
-        }
-    }
-
-    private class PrimeGenerator
-    {
-        private int index = 0;
-        private BigInteger prime;
-
-        public BigInteger nextPrime()
-        {
-            if (index < BIGINT_PRIMES.size())
-            {
-                prime = (BigInteger)BIGINT_PRIMES.get(index++);
-            }
-            else
-            {
-                prime = prime.nextProbablePrime();
-            }
-
-            return prime;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/LongPolynomial2.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/LongPolynomial2.java
deleted file mode 100644
index d71615a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/LongPolynomial2.java
+++ /dev/null

@@ -1,255 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.polynomial;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * A polynomial class that combines two coefficients into one <code>long</code> value for
- * faster multiplication in 64 bit environments.<br>
- * Coefficients can be between 0 and 2047 and are stored in pairs in the bits 0..10 and 24..34 of a <code>long</code> number.
- */
-public class LongPolynomial2
-{
-    private long[] coeffs;   // each representing two coefficients in the original IntegerPolynomial
-    private int numCoeffs;
-
-    /**
-     * Constructs a <code>LongPolynomial2</code> from a <code>IntegerPolynomial</code>. The two polynomials are independent of each other.
-     *
-     * @param p the original polynomial. Coefficients must be between 0 and 2047.
-     */
-    public LongPolynomial2(IntegerPolynomial p)
-    {
-        numCoeffs = p.coeffs.length;
-        coeffs = new long[(numCoeffs + 1) / 2];
-        int idx = 0;
-        for (int pIdx = 0; pIdx < numCoeffs; )
-        {
-            int c0 = p.coeffs[pIdx++];
-            while (c0 < 0)
-            {
-                c0 += 2048;
-            }
-            long c1 = pIdx < numCoeffs ? p.coeffs[pIdx++] : 0;
-            while (c1 < 0)
-            {
-                c1 += 2048;
-            }
-            coeffs[idx] = c0 + (c1 << 24);
-            idx++;
-        }
-    }
-
-    private LongPolynomial2(long[] coeffs)
-    {
-        this.coeffs = coeffs;
-    }
-
-    private LongPolynomial2(int N)
-    {
-        coeffs = new long[N];
-    }
-
-    /**
-     * Multiplies the polynomial with another, taking the indices mod N and the values mod 2048.
-     */
-    public LongPolynomial2 mult(LongPolynomial2 poly2)
-    {
-        int N = coeffs.length;
-        if (poly2.coeffs.length != N || numCoeffs != poly2.numCoeffs)
-        {
-            throw new IllegalArgumentException("Number of coefficients must be the same");
-        }
-
-        LongPolynomial2 c = multRecursive(poly2);
-
-        if (c.coeffs.length > N)
-        {
-            if (numCoeffs % 2 == 0)
-            {
-                for (int k = N; k < c.coeffs.length; k++)
-                {
-                    c.coeffs[k - N] = (c.coeffs[k - N] + c.coeffs[k]) & 0x7FF0007FFL;
-                }
-                c.coeffs = Arrays.copyOf(c.coeffs, N);
-            }
-            else
-            {
-                for (int k = N; k < c.coeffs.length; k++)
-                {
-                    c.coeffs[k - N] = c.coeffs[k - N] + (c.coeffs[k - 1] >> 24);
-                    c.coeffs[k - N] = c.coeffs[k - N] + ((c.coeffs[k] & 2047) << 24);
-                    c.coeffs[k - N] &= 0x7FF0007FFL;
-                }
-                c.coeffs = Arrays.copyOf(c.coeffs, N);
-                c.coeffs[c.coeffs.length - 1] &= 2047;
-            }
-        }
-
-        c = new LongPolynomial2(c.coeffs);
-        c.numCoeffs = numCoeffs;
-        return c;
-    }
-
-    public IntegerPolynomial toIntegerPolynomial()
-    {
-        int[] intCoeffs = new int[numCoeffs];
-        int uIdx = 0;
-        for (int i = 0; i < coeffs.length; i++)
-        {
-            intCoeffs[uIdx++] = (int)(coeffs[i] & 2047);
-            if (uIdx < numCoeffs)
-            {
-                intCoeffs[uIdx++] = (int)((coeffs[i] >> 24) & 2047);
-            }
-        }
-        return new IntegerPolynomial(intCoeffs);
-    }
-
-    /**
-     * Karazuba multiplication
-     */
-    private LongPolynomial2 multRecursive(LongPolynomial2 poly2)
-    {
-        long[] a = coeffs;
-        long[] b = poly2.coeffs;
-
-        int n = poly2.coeffs.length;
-        if (n <= 32)
-        {
-            int cn = 2 * n;
-            LongPolynomial2 c = new LongPolynomial2(new long[cn]);
-            for (int k = 0; k < cn; k++)
-            {
-                for (int i = Math.max(0, k - n + 1); i <= Math.min(k, n - 1); i++)
-                {
-                    long c0 = a[k - i] * b[i];
-                    long cu = c0 & 0x7FF000000L + (c0 & 2047);
-                    long co = (c0 >>> 48) & 2047;
-
-                    c.coeffs[k] = (c.coeffs[k] + cu) & 0x7FF0007FFL;
-                    c.coeffs[k + 1] = (c.coeffs[k + 1] + co) & 0x7FF0007FFL;
-                }
-            }
-            return c;
-        }
-        else
-        {
-            int n1 = n / 2;
-
-            LongPolynomial2 a1 = new LongPolynomial2(Arrays.copyOf(a, n1));
-            LongPolynomial2 a2 = new LongPolynomial2(Arrays.copyOfRange(a, n1, n));
-            LongPolynomial2 b1 = new LongPolynomial2(Arrays.copyOf(b, n1));
-            LongPolynomial2 b2 = new LongPolynomial2(Arrays.copyOfRange(b, n1, n));
-
-            LongPolynomial2 A = (LongPolynomial2)a1.clone();
-            A.add(a2);
-            LongPolynomial2 B = (LongPolynomial2)b1.clone();
-            B.add(b2);
-
-            LongPolynomial2 c1 = a1.multRecursive(b1);
-            LongPolynomial2 c2 = a2.multRecursive(b2);
-            LongPolynomial2 c3 = A.multRecursive(B);
-            c3.sub(c1);
-            c3.sub(c2);
-
-            LongPolynomial2 c = new LongPolynomial2(2 * n);
-            for (int i = 0; i < c1.coeffs.length; i++)
-            {
-                c.coeffs[i] = c1.coeffs[i] & 0x7FF0007FFL;
-            }
-            for (int i = 0; i < c3.coeffs.length; i++)
-            {
-                c.coeffs[n1 + i] = (c.coeffs[n1 + i] + c3.coeffs[i]) & 0x7FF0007FFL;
-            }
-            for (int i = 0; i < c2.coeffs.length; i++)
-            {
-                c.coeffs[2 * n1 + i] = (c.coeffs[2 * n1 + i] + c2.coeffs[i]) & 0x7FF0007FFL;
-            }
-            return c;
-        }
-    }
-
-    /**
-     * Adds another polynomial which can have a different number of coefficients.
-     *
-     * @param b another polynomial
-     */
-    private void add(LongPolynomial2 b)
-    {
-        if (b.coeffs.length > coeffs.length)
-        {
-            coeffs = Arrays.copyOf(coeffs, b.coeffs.length);
-        }
-        for (int i = 0; i < b.coeffs.length; i++)
-        {
-            coeffs[i] = (coeffs[i] + b.coeffs[i]) & 0x7FF0007FFL;
-        }
-    }
-
-    /**
-     * Subtracts another polynomial which can have a different number of coefficients.
-     *
-     * @param b another polynomial
-     */
-    private void sub(LongPolynomial2 b)
-    {
-        if (b.coeffs.length > coeffs.length)
-        {
-            coeffs = Arrays.copyOf(coeffs, b.coeffs.length);
-        }
-        for (int i = 0; i < b.coeffs.length; i++)
-        {
-            coeffs[i] = (0x0800000800000L + coeffs[i] - b.coeffs[i]) & 0x7FF0007FFL;
-        }
-    }
-
-    /**
-     * Subtracts another polynomial which must have the same number of coefficients,
-     * and applies an AND mask to the upper and lower halves of each coefficients.
-     *
-     * @param b    another polynomial
-     * @param mask a bit mask less than 2048 to apply to each 11-bit coefficient
-     */
-    public void subAnd(LongPolynomial2 b, int mask)
-    {
-        long longMask = (((long)mask) << 24) + mask;
-        for (int i = 0; i < b.coeffs.length; i++)
-        {
-            coeffs[i] = (0x0800000800000L + coeffs[i] - b.coeffs[i]) & longMask;
-        }
-    }
-
-    /**
-     * Multiplies this polynomial by 2 and applies an AND mask to the upper and
-     * lower halves of each coefficients.
-     *
-     * @param mask a bit mask less than 2048 to apply to each 11-bit coefficient
-     */
-    public void mult2And(int mask)
-    {
-        long longMask = (((long)mask) << 24) + mask;
-        for (int i = 0; i < coeffs.length; i++)
-        {
-            coeffs[i] = (coeffs[i] << 1) & longMask;
-        }
-    }
-
-    public Object clone()
-    {
-        LongPolynomial2 p = new LongPolynomial2(coeffs.clone());
-        p.numCoeffs = numCoeffs;
-        return p;
-    }
-
-    public boolean equals(Object obj)
-    {
-        if (obj instanceof LongPolynomial2)
-        {
-            return Arrays.areEqual(coeffs, ((LongPolynomial2)obj).coeffs);
-        }
-        else
-        {
-            return false;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/LongPolynomial5.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/LongPolynomial5.java
deleted file mode 100644
index c804cc8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/LongPolynomial5.java
+++ /dev/null

@@ -1,149 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.polynomial;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * A polynomial class that combines five coefficients into one <code>long</code> value for
- * faster multiplication by a ternary polynomial.<br>
- * Coefficients can be between 0 and 2047 and are stored in bits 0..11, 12..23, ..., 48..59 of a <code>long</code> number.
- */
-public class LongPolynomial5
-{
-    private long[] coeffs;   // groups of 5 coefficients
-    private int numCoeffs;
-
-    /**
-     * Constructs a <code>LongPolynomial5</code> from a <code>IntegerPolynomial</code>. The two polynomials are independent of each other.
-     *
-     * @param p the original polynomial. Coefficients must be between 0 and 2047.
-     */
-    public LongPolynomial5(IntegerPolynomial p)
-    {
-        numCoeffs = p.coeffs.length;
-
-        coeffs = new long[(numCoeffs + 4) / 5];
-        int cIdx = 0;
-        int shift = 0;
-        for (int i = 0; i < numCoeffs; i++)
-        {
-            coeffs[cIdx] |= ((long)p.coeffs[i]) << shift;
-            shift += 12;
-            if (shift >= 60)
-            {
-                shift = 0;
-                cIdx++;
-            }
-        }
-    }
-
-    private LongPolynomial5(long[] coeffs, int numCoeffs)
-    {
-        this.coeffs = coeffs;
-        this.numCoeffs = numCoeffs;
-    }
-
-    /**
-     * Multiplies the polynomial with a <code>TernaryPolynomial</code>, taking the indices mod N and the values mod 2048.
-     */
-    public LongPolynomial5 mult(TernaryPolynomial poly2)
-    {
-        long[][] prod = new long[5][coeffs.length + (poly2.size() + 4) / 5 - 1];   // intermediate results, the subarrays are shifted by 0,...,4 coefficients
-
-        // multiply ones
-        int[] ones = poly2.getOnes();
-        for (int idx = 0; idx != ones.length; idx++)
-        {
-            int pIdx = ones[idx];
-            int cIdx = pIdx / 5;
-            int m = pIdx - cIdx * 5;   // m = pIdx % 5
-            for (int i = 0; i < coeffs.length; i++)
-            {
-                prod[m][cIdx] = (prod[m][cIdx] + coeffs[i]) & 0x7FF7FF7FF7FF7FFL;
-                cIdx++;
-            }
-        }
-
-        // multiply negative ones
-        int[] negOnes = poly2.getNegOnes();
-        for (int idx = 0; idx != negOnes.length; idx++)
-        {
-            int pIdx = negOnes[idx];
-            int cIdx = pIdx / 5;
-            int m = pIdx - cIdx * 5;   // m = pIdx % 5
-            for (int i = 0; i < coeffs.length; i++)
-            {
-                prod[m][cIdx] = (0x800800800800800L + prod[m][cIdx] - coeffs[i]) & 0x7FF7FF7FF7FF7FFL;
-                cIdx++;
-            }
-        }
-
-        // combine shifted coefficients (5 arrays) into a single array of length prod[*].length+1
-        long[] cCoeffs = Arrays.copyOf(prod[0], prod[0].length + 1);
-        for (int m = 1; m <= 4; m++)
-        {
-            int shift = m * 12;
-            int shift60 = 60 - shift;
-            long mask = (1L << shift60) - 1;
-            int pLen = prod[m].length;
-            for (int i = 0; i < pLen; i++)
-            {
-                long upper, lower;
-                upper = prod[m][i] >> shift60;
-                lower = prod[m][i] & mask;
-
-                cCoeffs[i] = (cCoeffs[i] + (lower << shift)) & 0x7FF7FF7FF7FF7FFL;
-                int nextIdx = i + 1;
-                cCoeffs[nextIdx] = (cCoeffs[nextIdx] + upper) & 0x7FF7FF7FF7FF7FFL;
-            }
-        }
-
-        // reduce indices of cCoeffs modulo numCoeffs
-        int shift = 12 * (numCoeffs % 5);
-        for (int cIdx = coeffs.length - 1; cIdx < cCoeffs.length; cIdx++)
-        {
-            long iCoeff;   // coefficient to shift into the [0..numCoeffs-1] range
-            int newIdx;
-            if (cIdx == coeffs.length - 1)
-            {
-                iCoeff = numCoeffs == 5 ? 0 : cCoeffs[cIdx] >> shift;
-                newIdx = 0;
-            }
-            else
-            {
-                iCoeff = cCoeffs[cIdx];
-                newIdx = cIdx * 5 - numCoeffs;
-            }
-
-            int base = newIdx / 5;
-            int m = newIdx - base * 5;   // m = newIdx % 5
-            long lower = iCoeff << (12 * m);
-            long upper = iCoeff >> (12 * (5 - m));
-            cCoeffs[base] = (cCoeffs[base] + lower) & 0x7FF7FF7FF7FF7FFL;
-            int base1 = base + 1;
-            if (base1 < coeffs.length)
-            {
-                cCoeffs[base1] = (cCoeffs[base1] + upper) & 0x7FF7FF7FF7FF7FFL;
-            }
-        }
-
-        return new LongPolynomial5(cCoeffs, numCoeffs);
-    }
-
-    public IntegerPolynomial toIntegerPolynomial()
-    {
-        int[] intCoeffs = new int[numCoeffs];
-        int cIdx = 0;
-        int shift = 0;
-        for (int i = 0; i < numCoeffs; i++)
-        {
-            intCoeffs[i] = (int)((coeffs[cIdx] >> shift) & 2047);
-            shift += 12;
-            if (shift >= 60)
-            {
-                shift = 0;
-                cIdx++;
-            }
-        }
-        return new IntegerPolynomial(intCoeffs);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/ModularResultant.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/ModularResultant.java
deleted file mode 100644
index 5f77192..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/ModularResultant.java
+++ /dev/null

@@ -1,46 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.polynomial;
-
-import java.math.BigInteger;
-
-import org.bouncycastle.pqc.math.ntru.euclid.BigIntEuclidean;
-
-/**
- * A resultant modulo a <code>BigInteger</code>
- */
-public class ModularResultant
-    extends Resultant
-{
-    BigInteger modulus;
-
-    ModularResultant(BigIntPolynomial rho, BigInteger res, BigInteger modulus)
-    {
-        super(rho, res);
-        this.modulus = modulus;
-    }
-
-    /**
-     * Calculates a <code>rho</code> modulo <code>m1*m2</code> from
-     * two resultants whose <code>rho</code>s are modulo <code>m1</code> and <code>m2</code>.<br/>
-     * </code>res</code> is set to <code>null</code>.
-     *
-     * @param modRes1
-     * @param modRes2
-     * @return <code>rho</code> modulo <code>modRes1.modulus * modRes2.modulus</code>, and <code>null</code> for </code>res</code>.
-     */
-    static ModularResultant combineRho(ModularResultant modRes1, ModularResultant modRes2)
-    {
-        BigInteger mod1 = modRes1.modulus;
-        BigInteger mod2 = modRes2.modulus;
-        BigInteger prod = mod1.multiply(mod2);
-        BigIntEuclidean er = BigIntEuclidean.calculate(mod2, mod1);
-
-        BigIntPolynomial rho1 = (BigIntPolynomial)modRes1.rho.clone();
-        rho1.mult(er.x.multiply(mod2));
-        BigIntPolynomial rho2 = (BigIntPolynomial)modRes2.rho.clone();
-        rho2.mult(er.y.multiply(mod1));
-        rho1.add(rho2);
-        rho1.mod(prod);
-
-        return new ModularResultant(rho1, null, prod);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/Polynomial.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/Polynomial.java
deleted file mode 100644
index 69193e3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/Polynomial.java
+++ /dev/null

@@ -1,42 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.polynomial;
-
-public interface Polynomial
-{
-
-    /**
-     * Multiplies the polynomial by an <code>IntegerPolynomial</code>,
-     * taking the indices mod <code>N</code>.
-     *
-     * @param poly2 a polynomial
-     * @return the product of the two polynomials
-     */
-    IntegerPolynomial mult(IntegerPolynomial poly2);
-
-    /**
-     * Multiplies the polynomial by an <code>IntegerPolynomial</code>,
-     * taking the coefficient values mod <code>modulus</code> and the indices mod <code>N</code>.
-     *
-     * @param poly2   a polynomial
-     * @param modulus a modulus to apply
-     * @return the product of the two polynomials
-     */
-    IntegerPolynomial mult(IntegerPolynomial poly2, int modulus);
-
-    /**
-     * Returns a polynomial that is equal to this polynomial (in the sense that {@link #mult(IntegerPolynomial, int)}
-     * returns equal <code>IntegerPolynomial</code>s). The new polynomial is guaranteed to be independent of the original.
-     *
-     * @return a new <code>IntegerPolynomial</code>.
-     */
-    IntegerPolynomial toIntegerPolynomial();
-
-    /**
-     * Multiplies the polynomial by a <code>BigIntPolynomial</code>, taking the indices mod N. Does not
-     * change this polynomial but returns the result as a new polynomial.<br>
-     * Both polynomials must have the same number of coefficients.
-     *
-     * @param poly2 the polynomial to multiply by
-     * @return a new polynomial
-     */
-    BigIntPolynomial mult(BigIntPolynomial poly2);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/ProductFormPolynomial.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/ProductFormPolynomial.java
deleted file mode 100644
index dd18902..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/ProductFormPolynomial.java
+++ /dev/null

@@ -1,153 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.polynomial;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.SecureRandom;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * A polynomial of the form <code>f1*f2+f3</code>, where
- * <code>f1,f2,f3</code> are very sparsely populated ternary polynomials.
- */
-public class ProductFormPolynomial
-    implements Polynomial
-{
-    private SparseTernaryPolynomial f1, f2, f3;
-
-    public ProductFormPolynomial(SparseTernaryPolynomial f1, SparseTernaryPolynomial f2, SparseTernaryPolynomial f3)
-    {
-        this.f1 = f1;
-        this.f2 = f2;
-        this.f3 = f3;
-    }
-
-    public static ProductFormPolynomial generateRandom(int N, int df1, int df2, int df3Ones, int df3NegOnes, SecureRandom random)
-    {
-        SparseTernaryPolynomial f1 = SparseTernaryPolynomial.generateRandom(N, df1, df1, random);
-        SparseTernaryPolynomial f2 = SparseTernaryPolynomial.generateRandom(N, df2, df2, random);
-        SparseTernaryPolynomial f3 = SparseTernaryPolynomial.generateRandom(N, df3Ones, df3NegOnes, random);
-        return new ProductFormPolynomial(f1, f2, f3);
-    }
-
-    public static ProductFormPolynomial fromBinary(byte[] data, int N, int df1, int df2, int df3Ones, int df3NegOnes)
-        throws IOException
-    {
-        return fromBinary(new ByteArrayInputStream(data), N, df1, df2, df3Ones, df3NegOnes);
-    }
-
-    public static ProductFormPolynomial fromBinary(InputStream is, int N, int df1, int df2, int df3Ones, int df3NegOnes)
-        throws IOException
-    {
-        SparseTernaryPolynomial f1;
-
-        f1 = SparseTernaryPolynomial.fromBinary(is, N, df1, df1);
-        SparseTernaryPolynomial f2 = SparseTernaryPolynomial.fromBinary(is, N, df2, df2);
-        SparseTernaryPolynomial f3 = SparseTernaryPolynomial.fromBinary(is, N, df3Ones, df3NegOnes);
-        return new ProductFormPolynomial(f1, f2, f3);
-    }
-
-    public byte[] toBinary()
-    {
-        byte[] f1Bin = f1.toBinary();
-        byte[] f2Bin = f2.toBinary();
-        byte[] f3Bin = f3.toBinary();
-
-        byte[] all = Arrays.copyOf(f1Bin, f1Bin.length + f2Bin.length + f3Bin.length);
-        System.arraycopy(f2Bin, 0, all, f1Bin.length, f2Bin.length);
-        System.arraycopy(f3Bin, 0, all, f1Bin.length + f2Bin.length, f3Bin.length);
-        return all;
-    }
-
-    public IntegerPolynomial mult(IntegerPolynomial b)
-    {
-        IntegerPolynomial c = f1.mult(b);
-        c = f2.mult(c);
-        c.add(f3.mult(b));
-        return c;
-    }
-
-    public BigIntPolynomial mult(BigIntPolynomial b)
-    {
-        BigIntPolynomial c = f1.mult(b);
-        c = f2.mult(c);
-        c.add(f3.mult(b));
-        return c;
-    }
-
-    public IntegerPolynomial toIntegerPolynomial()
-    {
-        IntegerPolynomial i = f1.mult(f2.toIntegerPolynomial());
-        i.add(f3.toIntegerPolynomial());
-        return i;
-    }
-
-    public IntegerPolynomial mult(IntegerPolynomial poly2, int modulus)
-    {
-        IntegerPolynomial c = mult(poly2);
-        c.mod(modulus);
-        return c;
-    }
-
-    public int hashCode()
-    {
-        final int prime = 31;
-        int result = 1;
-        result = prime * result + ((f1 == null) ? 0 : f1.hashCode());
-        result = prime * result + ((f2 == null) ? 0 : f2.hashCode());
-        result = prime * result + ((f3 == null) ? 0 : f3.hashCode());
-        return result;
-    }
-
-    public boolean equals(Object obj)
-    {
-        if (this == obj)
-        {
-            return true;
-        }
-        if (obj == null)
-        {
-            return false;
-        }
-        if (getClass() != obj.getClass())
-        {
-            return false;
-        }
-        ProductFormPolynomial other = (ProductFormPolynomial)obj;
-        if (f1 == null)
-        {
-            if (other.f1 != null)
-            {
-                return false;
-            }
-        }
-        else if (!f1.equals(other.f1))
-        {
-            return false;
-        }
-        if (f2 == null)
-        {
-            if (other.f2 != null)
-            {
-                return false;
-            }
-        }
-        else if (!f2.equals(other.f2))
-        {
-            return false;
-        }
-        if (f3 == null)
-        {
-            if (other.f3 != null)
-            {
-                return false;
-            }
-        }
-        else if (!f3.equals(other.f3))
-        {
-            return false;
-        }
-        return true;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/Resultant.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/Resultant.java
deleted file mode 100644
index ec58577..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/Resultant.java
+++ /dev/null

@@ -1,28 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.polynomial;
-
-import java.math.BigInteger;
-
-/**
- * Contains a resultant and a polynomial <code>rho</code> such that
- * <code>res = rho*this + t*(x^n-1) for some integer t</code>.
- *
- * @see IntegerPolynomial#resultant()
- * @see IntegerPolynomial#resultant(int)
- */
-public class Resultant
-{
-    /**
-     * A polynomial such that <code>res = rho*this + t*(x^n-1) for some integer t</code>
-     */
-    public BigIntPolynomial rho;
-    /**
-     * Resultant of a polynomial with <code>x^n-1</code>
-     */
-    public BigInteger res;
-
-    Resultant(BigIntPolynomial rho, BigInteger res)
-    {
-        this.rho = rho;
-        this.res = res;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/SparseTernaryPolynomial.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/SparseTernaryPolynomial.java
deleted file mode 100644
index 3c91339..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/SparseTernaryPolynomial.java
+++ /dev/null

@@ -1,320 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.polynomial;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import org.bouncycastle.pqc.math.ntru.util.ArrayEncoder;
-import org.bouncycastle.pqc.math.ntru.util.Util;
-import org.bouncycastle.util.Arrays;
-
-/**
- * A <code>TernaryPolynomial</code> with a "low" number of nonzero coefficients.
- */
-public class SparseTernaryPolynomial
-    implements TernaryPolynomial
-{
-    /**
-     * Number of bits to use for each coefficient. Determines the upper bound for <code>N</code>.
-     */
-    private static final int BITS_PER_INDEX = 11;
-
-    private int N;
-    private int[] ones;
-    private int[] negOnes;
-
-    /**
-     * Constructs a new polynomial.
-     *
-     * @param N       total number of coefficients including zeros
-     * @param ones    indices of coefficients equal to 1
-     * @param negOnes indices of coefficients equal to -1
-     */
-    SparseTernaryPolynomial(int N, int[] ones, int[] negOnes)
-    {
-        this.N = N;
-        this.ones = ones;
-        this.negOnes = negOnes;
-    }
-
-    /**
-     * Constructs a <code>DenseTernaryPolynomial</code> from a <code>IntegerPolynomial</code>. The two polynomials are
-     * independent of each other.
-     *
-     * @param intPoly the original polynomial
-     */
-    public SparseTernaryPolynomial(IntegerPolynomial intPoly)
-    {
-        this(intPoly.coeffs);
-    }
-
-    /**
-     * Constructs a new <code>SparseTernaryPolynomial</code> with a given set of coefficients.
-     *
-     * @param coeffs the coefficients
-     */
-    public SparseTernaryPolynomial(int[] coeffs)
-    {
-        N = coeffs.length;
-        ones = new int[N];
-        negOnes = new int[N];
-        int onesIdx = 0;
-        int negOnesIdx = 0;
-        for (int i = 0; i < N; i++)
-        {
-            int c = coeffs[i];
-            switch (c)
-            {
-            case 1:
-                ones[onesIdx++] = i;
-                break;
-            case -1:
-                negOnes[negOnesIdx++] = i;
-                break;
-            case 0:
-                break;
-            default:
-                throw new IllegalArgumentException("Illegal value: " + c + ", must be one of {-1, 0, 1}");
-            }
-        }
-        ones = Arrays.copyOf(ones, onesIdx);
-        negOnes = Arrays.copyOf(negOnes, negOnesIdx);
-    }
-
-    /**
-     * Decodes a byte array encoded with {@link #toBinary()} to a ploynomial.
-     *
-     * @param is         an input stream containing an encoded polynomial
-     * @param N          number of coefficients including zeros
-     * @param numOnes    number of coefficients equal to 1
-     * @param numNegOnes number of coefficients equal to -1
-     * @return the decoded polynomial
-     * @throws IOException
-     */
-    public static SparseTernaryPolynomial fromBinary(InputStream is, int N, int numOnes, int numNegOnes)
-        throws IOException
-    {
-        int maxIndex = 1 << BITS_PER_INDEX;
-        int bitsPerIndex = 32 - Integer.numberOfLeadingZeros(maxIndex - 1);
-
-        int data1Len = (numOnes * bitsPerIndex + 7) / 8;
-        byte[] data1 = Util.readFullLength(is, data1Len);
-        int[] ones = ArrayEncoder.decodeModQ(data1, numOnes, maxIndex);
-
-        int data2Len = (numNegOnes * bitsPerIndex + 7) / 8;
-        byte[] data2 = Util.readFullLength(is, data2Len);
-        int[] negOnes = ArrayEncoder.decodeModQ(data2, numNegOnes, maxIndex);
-
-        return new SparseTernaryPolynomial(N, ones, negOnes);
-    }
-
-    /**
-     * Generates a random polynomial with <code>numOnes</code> coefficients equal to 1,
-     * <code>numNegOnes</code> coefficients equal to -1, and the rest equal to 0.
-     *
-     * @param N          number of coefficients
-     * @param numOnes    number of 1's
-     * @param numNegOnes number of -1's
-     */
-    public static SparseTernaryPolynomial generateRandom(int N, int numOnes, int numNegOnes, SecureRandom random)
-    {
-        int[] coeffs = Util.generateRandomTernary(N, numOnes, numNegOnes, random);
-        return new SparseTernaryPolynomial(coeffs);
-    }
-
-    public IntegerPolynomial mult(IntegerPolynomial poly2)
-    {
-        int[] b = poly2.coeffs;
-        if (b.length != N)
-        {
-            throw new IllegalArgumentException("Number of coefficients must be the same");
-        }
-
-        int[] c = new int[N];
-        for (int idx = 0; idx != ones.length; idx++)
-        {
-            int i = ones[idx];
-            int j = N - 1 - i;
-            for (int k = N - 1; k >= 0; k--)
-            {
-                c[k] += b[j];
-                j--;
-                if (j < 0)
-                {
-                    j = N - 1;
-                }
-            }
-        }
-
-        for (int idx = 0; idx != negOnes.length; idx++)
-        {
-            int i = negOnes[idx];
-            int j = N - 1 - i;
-            for (int k = N - 1; k >= 0; k--)
-            {
-                c[k] -= b[j];
-                j--;
-                if (j < 0)
-                {
-                    j = N - 1;
-                }
-            }
-        }
-
-        return new IntegerPolynomial(c);
-    }
-
-    public IntegerPolynomial mult(IntegerPolynomial poly2, int modulus)
-    {
-        IntegerPolynomial c = mult(poly2);
-        c.mod(modulus);
-        return c;
-    }
-
-    public BigIntPolynomial mult(BigIntPolynomial poly2)
-    {
-        BigInteger[] b = poly2.coeffs;
-        if (b.length != N)
-        {
-            throw new IllegalArgumentException("Number of coefficients must be the same");
-        }
-
-        BigInteger[] c = new BigInteger[N];
-        for (int i = 0; i < N; i++)
-        {
-            c[i] = BigInteger.ZERO;
-        }
-
-        for (int idx = 0; idx != ones.length; idx++)
-        {
-            int i = ones[idx];
-            int j = N - 1 - i;
-            for (int k = N - 1; k >= 0; k--)
-            {
-                c[k] = c[k].add(b[j]);
-                j--;
-                if (j < 0)
-                {
-                    j = N - 1;
-                }
-            }
-        }
-
-        for (int idx = 0; idx != negOnes.length; idx++)
-        {
-            int i = negOnes[idx];
-            int j = N - 1 - i;
-            for (int k = N - 1; k >= 0; k--)
-            {
-                c[k] = c[k].subtract(b[j]);
-                j--;
-                if (j < 0)
-                {
-                    j = N - 1;
-                }
-            }
-        }
-
-        return new BigIntPolynomial(c);
-    }
-
-    public int[] getOnes()
-    {
-        return ones;
-    }
-
-    public int[] getNegOnes()
-    {
-        return negOnes;
-    }
-
-    /**
-     * Encodes the polynomial to a byte array writing <code>BITS_PER_INDEX</code> bits for each coefficient.
-     *
-     * @return the encoded polynomial
-     */
-    public byte[] toBinary()
-    {
-        int maxIndex = 1 << BITS_PER_INDEX;
-        byte[] bin1 = ArrayEncoder.encodeModQ(ones, maxIndex);
-        byte[] bin2 = ArrayEncoder.encodeModQ(negOnes, maxIndex);
-
-        byte[] bin = Arrays.copyOf(bin1, bin1.length + bin2.length);
-        System.arraycopy(bin2, 0, bin, bin1.length, bin2.length);
-        return bin;
-    }
-
-    public IntegerPolynomial toIntegerPolynomial()
-    {
-        int[] coeffs = new int[N];
-        for (int idx = 0; idx != ones.length; idx++)
-        {
-            int i = ones[idx];
-            coeffs[i] = 1;
-        }
-        for (int idx = 0; idx != negOnes.length; idx++)
-        {
-            int i = negOnes[idx];
-            coeffs[i] = -1;
-        }
-        return new IntegerPolynomial(coeffs);
-    }
-
-    public int size()
-    {
-        return N;
-    }
-
-    public void clear()
-    {
-        for (int i = 0; i < ones.length; i++)
-        {
-            ones[i] = 0;
-        }
-        for (int i = 0; i < negOnes.length; i++)
-        {
-            negOnes[i] = 0;
-        }
-    }
-
-    public int hashCode()
-    {
-        final int prime = 31;
-        int result = 1;
-        result = prime * result + N;
-        result = prime * result + Arrays.hashCode(negOnes);
-        result = prime * result + Arrays.hashCode(ones);
-        return result;
-    }
-
-    public boolean equals(Object obj)
-    {
-        if (this == obj)
-        {
-            return true;
-        }
-        if (obj == null)
-        {
-            return false;
-        }
-        if (getClass() != obj.getClass())
-        {
-            return false;
-        }
-        SparseTernaryPolynomial other = (SparseTernaryPolynomial)obj;
-        if (N != other.N)
-        {
-            return false;
-        }
-        if (!Arrays.areEqual(negOnes, other.negOnes))
-        {
-            return false;
-        }
-        if (!Arrays.areEqual(ones, other.ones))
-        {
-            return false;
-        }
-        return true;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/TernaryPolynomial.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/TernaryPolynomial.java
deleted file mode 100644
index 822b64b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/TernaryPolynomial.java
+++ /dev/null

@@ -1,25 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.polynomial;
-
-/**
- * A polynomial whose coefficients are all equal to -1, 0, or 1
- */
-public interface TernaryPolynomial
-    extends Polynomial
-{
-
-    /**
-     * Multiplies the polynomial by an <code>IntegerPolynomial</code>, taking the indices mod N
-     */
-    IntegerPolynomial mult(IntegerPolynomial poly2);
-
-    int[] getOnes();
-
-    int[] getNegOnes();
-
-    /**
-     * Returns the maximum number of coefficients the polynomial can have
-     */
-    int size();
-
-    void clear();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/test/AllTests.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/test/AllTests.java
deleted file mode 100644
index 35d585b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/test/AllTests.java
+++ /dev/null

@@ -1,49 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.polynomial.test;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-
-public class AllTests
-    extends TestCase
-{
-    public static void main (String[] args)
-    {
-        junit.textui.TestRunner.run(suite());
-    }
-    
-    public static Test suite()
-    {
-        TestSuite suite = new TestSuite("NTRU Polynomial Tests");
-        
-        suite.addTestSuite(BigDecimalPolynomialTest.class);
-        suite.addTestSuite(BigIntPolynomialTest.class);
-        suite.addTestSuite(IntegerPolynomialTest.class);
-        suite.addTestSuite(LongPolynomial2Test.class);
-        suite.addTestSuite(LongPolynomial5Test.class);
-        suite.addTestSuite(ProductFormPolynomialTest.class);
-        suite.addTestSuite(SparseTernaryPolynomialTest.class);
-
-        return new BCTestSetup(suite);
-    }
-
-    static class BCTestSetup
-        extends TestSetup
-    {
-        public BCTestSetup(Test test)
-        {
-            super(test);
-        }
-
-        protected void setUp()
-        {
-
-        }
-
-        protected void tearDown()
-        {
-
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/test/BigDecimalPolynomialTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/test/BigDecimalPolynomialTest.java
deleted file mode 100644
index 06e9e04..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/test/BigDecimalPolynomialTest.java
+++ /dev/null

@@ -1,47 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.polynomial.test;
-
-import java.math.BigDecimal;
-import java.security.SecureRandom;
-
-import junit.framework.TestCase;
-import org.bouncycastle.pqc.math.ntru.polynomial.BigDecimalPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.BigIntPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.DenseTernaryPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.IntegerPolynomial;
-
-public class BigDecimalPolynomialTest
-    extends TestCase
-{
-    public void testMult()
-    {
-        BigDecimalPolynomial a = new BigDecimalPolynomial(new BigIntPolynomial(new IntegerPolynomial(new int[]{4, -1, 9, 2, 1, -5, 12, -7, 0, -9, 5})));
-        BigDecimalPolynomial b = new BigDecimalPolynomial(new BigIntPolynomial(new IntegerPolynomial(new int[]{-6, 0, 0, 13, 3, -2, -4, 10, 11, 2, -1})));
-        BigDecimalPolynomial c = a.mult(b);
-        BigDecimal[] expectedCoeffs = new BigDecimalPolynomial(new BigIntPolynomial(new IntegerPolynomial(new int[]{2, -189, 77, 124, -29, 0, -75, 124, -49, 267, 34}))).getCoeffs();
-
-        BigDecimal[] cCoeffs = c.getCoeffs();
-
-        assertEquals(expectedCoeffs.length, cCoeffs.length);
-        for (int i = 0; i != cCoeffs.length; i++)
-        {
-            assertEquals(expectedCoeffs[i], cCoeffs[i]);
-        }
-
-        // multiply a polynomial by its inverse modulo 2048 and check that the result is 1
-        SecureRandom random = new SecureRandom();
-        IntegerPolynomial d, dInv;
-        do
-        {
-            d = DenseTernaryPolynomial.generateRandom(1001, 333, 334, random);
-            dInv = d.invertFq(2048);
-        }
-        while (dInv == null);
-
-        d.mod(2048);
-        BigDecimalPolynomial e = new BigDecimalPolynomial(new BigIntPolynomial(d));
-        BigIntPolynomial f = new BigIntPolynomial(dInv);
-        IntegerPolynomial g = new IntegerPolynomial(e.mult(f).round());
-        g.modPositive(2048);
-        assertTrue(g.equalsOne());
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/test/BigIntPolynomialTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/test/BigIntPolynomialTest.java
deleted file mode 100644
index a6ad36e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/test/BigIntPolynomialTest.java
+++ /dev/null

@@ -1,26 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.polynomial.test;
-
-import java.math.BigInteger;
-
-import junit.framework.TestCase;
-import org.bouncycastle.pqc.math.ntru.polynomial.BigIntPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.IntegerPolynomial;
-
-public class BigIntPolynomialTest
-    extends TestCase
-{
-    public void testMult()
-    {
-        BigIntPolynomial a = new BigIntPolynomial(new IntegerPolynomial(new int[]{4, -1, 9, 2, 1, -5, 12, -7, 0, -9, 5}));
-        BigIntPolynomial b = new BigIntPolynomial(new IntegerPolynomial(new int[]{-6, 0, 0, 13, 3, -2, -4, 10, 11, 2, -1}));
-        BigIntPolynomial c = a.mult(b);
-        BigInteger[] expectedCoeffs = new BigIntPolynomial(new IntegerPolynomial(new int[]{2, -189, 77, 124, -29, 0, -75, 124, -49, 267, 34})).getCoeffs();
-        BigInteger[] cCoeffs = c.getCoeffs();
-
-        assertEquals(expectedCoeffs.length, cCoeffs.length);
-        for (int i = 0; i != cCoeffs.length; i++)
-        {
-            assertEquals(expectedCoeffs[i], cCoeffs[i]);
-        }
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/test/IntegerPolynomialTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/test/IntegerPolynomialTest.java
deleted file mode 100644
index 8f6e489..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/test/IntegerPolynomialTest.java
+++ /dev/null

@@ -1,230 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.polynomial.test;
-
-import java.math.BigInteger;
-import java.security.SecureRandom;
-
-import junit.framework.TestCase;
-import org.bouncycastle.pqc.crypto.ntru.NTRUSigningKeyGenerationParameters;
-import org.bouncycastle.pqc.math.ntru.polynomial.BigIntPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.DenseTernaryPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.IntegerPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.Resultant;
-import org.bouncycastle.util.Arrays;
-
-
-public class IntegerPolynomialTest
-    extends TestCase
-{
-    public void testMult()
-    {
-        // multiplication modulo q
-        IntegerPolynomial a = new IntegerPolynomial(new int[]{-1, 1, 1, 0, -1, 0, 1, 0, 0, 1, -1});
-        IntegerPolynomial b = new IntegerPolynomial(new int[]{14, 11, 26, 24, 14, 16, 30, 7, 25, 6, 19});
-        IntegerPolynomial c = a.mult(b, 32);
-        assertEqualsMod(new int[]{3, -7, -10, -11, 10, 7, 6, 7, 5, -3, -7}, c.coeffs, 32);
-
-        a = new IntegerPolynomial(new int[]{15, 27, 18, 16, 12, 13, 16, 2, 28, 22, 26});
-        b = new IntegerPolynomial(new int[]{-1, 0, 1, 1, 0, 1, 0, 0, -1, 0, -1});
-        c = a.mult(b, 32);
-        assertEqualsMod(new int[]{8, 25, 22, 20, 12, 24, 15, 19, 12, 19, 16}, c.coeffs, 32);
-
-        // multiplication without a modulus
-        a = new IntegerPolynomial(new int[]{1, 1, 0, 0, -1, -1, 0, 0, -1, 0, 1});
-        b = new IntegerPolynomial(new int[]{704, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0});
-        c = a.mult(b);
-
-        // mult(p, modulus) should give the same result as mult(p) followed by modulus
-        a = new IntegerPolynomial(new int[]{1, 0, -1, 1, 0, 1, 1, 1, -1, 1, -1});
-        b = new IntegerPolynomial(new int[]{0, 1, 1, 0, 0, -1, -1, 1, 1, -1, 1});
-        c = a.mult(b);
-        c.modPositive(20);
-        IntegerPolynomial d = a.mult(b, 20);
-        d.modPositive(20);
-        assertTrue(Arrays.areEqual(c.coeffs, d.coeffs));
-    }
-
-    void assertEqualsMod(int[] arr1, int[] arr2, int m)
-    {
-        assertEquals(arr1.length, arr2.length);
-        for (int i = 0; i < arr1.length; i++)
-        {
-            assertEquals((arr1[i] + m) % m, (arr2[i] + m) % m);
-        }
-    }
-
-    public void testInvertFq()
-    {
-        SecureRandom random = new SecureRandom();
-        // Verify an example from the NTRU tutorial
-        IntegerPolynomial a = new IntegerPolynomial(new int[]{-1, 1, 1, 0, -1, 0, 1, 0, 0, 1, -1});
-        IntegerPolynomial b = a.invertFq(32);
-        assertEqualsMod(new int[]{5, 9, 6, 16, 4, 15, 16, 22, 20, 18, 30}, b.coeffs, 32);
-        verifyInverse(a, b, 32);
-
-        // test 3 random polynomials
-        int numInvertible = 0;
-        while (numInvertible < 3)
-        {
-            a = DenseTernaryPolynomial.generateRandom(853, random);
-            b = a.invertFq(2048);
-            if (b != null)
-            {
-                numInvertible++;
-                verifyInverse(a, b, 2048);
-            }
-        }
-
-        // test a non-invertible polynomial
-        a = new IntegerPolynomial(new int[]{-1, 0, 1, 1, 0, 0, -1, 0, -1, 0, 1});
-        b = a.invertFq(32);
-        assertNull(b);
-    }
-
-    public void testInvertF3()
-    {
-        IntegerPolynomial a = new IntegerPolynomial(new int[]{-1, 1, 1, 0, -1, 0, 1, 0, 0, 1, -1});
-        IntegerPolynomial b = a.invertF3();
-        assertEqualsMod(new int[]{1, 2, 0, 2, 2, 1, 0, 2, 1, 2, 0}, b.coeffs, 3);
-        verifyInverse(a, b, 3);
-
-        // test a non-invertible polynomial
-        a = new IntegerPolynomial(new int[]{0, 1, -1, 1, 0, 0, 0, 0, -1, 0, 0});
-        b = a.invertF3();
-        assertNull(b);
-    }
-
-    // tests if a*b=1 (mod modulus)
-    private void verifyInverse(IntegerPolynomial a, IntegerPolynomial b, int modulus)
-    {
-        IntegerPolynomial c = a.mult(b, modulus);
-        for (int i = 1; i < c.coeffs.length; i++)
-        {
-            c.coeffs[i] %= modulus;
-        }
-        c.ensurePositive(modulus);
-        assertTrue(c.equalsOne());
-    }
-
-    public void testFromToBinary()
-    {
-        byte[] a = new byte[]{-44, -33, 30, -109, 101, -28, -6, -105, -45, 113, -72, 99, 101, 15, 9, 49, -80, -76, 58, 42, -57, -113, -89, -14, -125, 24, 125, -16, 37, -58, 10, -49, -77, -31, 120, 103, -29, 105, -56, -126, -92, 36, 125, 127, -90, 38, 9, 4, 104, 10, -78, -106, -88, -1, -1, -43, -19, 90, 41, 0, -43, 102, 118, -72, -122, 19, -76, 57, -59, -2, 35, 47, 83, 114, 86, -115, -125, 58, 75, 115, -29, -6, 108, 6, -77, -51, 127, -8, -8, -58, -30, -126, 110, -5, -35, -41, -37, 69, 22, -48, 26, 4, -120, -19, -32, -81, -77, 124, -7, -2, -46, -96, 38, -35, 88, 4, -5, 16, 101, 29, 7, 2, 88, 35, -64, 31, -66, -70, 120, -97, 76, -74, -97, -61, 52, -56, 87, -35, 5, 95, -93, -30, 10, 38, 17, -102, -25, 86, 7, -43, 44, -52, -108, 33, -18, -110, -9, -115, 66, -71, 66, 1, -90, -72, 90, -88, -38, 75, 47, -124, -120, -15, -49, -8, 85, 5, 17, -88, 76, 99, -4, 83, 16, -91, 82, 116, 112, -83, 56, -45, -26, 125, 13, -75, -115, 92, -12, -59, 3, -12, 14, -6, 43, -17, 121, 122, 22, 92, -74, 99, -59, -103, 113, 8, -103, 114, 99, -48, 92, -88, 77, 81, 5, 31, -4, -69, -24, 23, 94, 126, 71, 93, 20, 77, 82, -54, -14, 86, 45, -81, 0, 52, -63, -66, 48, 104, -54, 15, -73, -2, -52, 115, 76, 28, -5, -94, -63, 117, -69, 0, 61, 22, -1, 71, -115, 9, -73, -100, -128, -31, 106, -74, -61, -37, 98, -6, 11, -5, 6, -18, -53, -6, 11, -49, 62, 23, 6, -128, 38, -91, 89, -34, 18, -38, -110, -101, 43, 36, 62, 101, 112, 59, -91, 78, -81, 61, 126, -21, -42, -110, -38, -27, 69, 57, 9, 24, -50, -118, 31, -17, 42, 87, -54, 122, -16, 42, -47, -19, -80, 16, 54, -97, -89, 81, -22, -35, 45, 54, -46, 22, -122, -95, -17, 7, -127, 105, -100, -56, -98, -105, 101, -81, 104, 121, -7, 33, 126, 110, -125, -85, 111, -52, 123, -98, 41, -42, 88, -68, -17, 39, -19, -96, -10, -117, 13, -88, -75, -101, -16, -7, 73, 23, -12, 41, -116, -105, -64, -4, 103, 49, -15, -49, 60, 88, -25, -21, 42, 26, 95, -90, -83, -69, 64, -2, 50, -116, -64, 26, -29, -93, -120, -70, 32, -38, 39, -126, -19, 103, 127, 65, 54, 110, 94, 126, -82, -80, -18, 43, 45, 56, -118, 109, 36, -8, 10, 113, 69, 53, -122, -127, 92, -127, -73, 70, -19, -105, -80, -15, -5, 99, -109, -27, 119, -76, -57, -48, 42, -35, 23, 39, -126, 44, -107, -100, -125, 117, -50, 115, -79, -16, 104, 8, -102, 83, -73, 21, -85, 113, -87, -54, 93, 63, -108, -64, 109, -74, 15, 14, -119, -6, -68, 45, 37, -15, -97, -95, -55, 89, 25, -63, -92, -80, -27, -8, 55, 50, 96, -91, 40, -74, 110, -96, 94, 6, 85, 92, 0, 34, -122, 5, -126, 123, 37, -90, -94, 60, 14, 36, 49, -98, -23, 57, 75, 63, 106, -7, -36, -89, 84, 71, 60, -21, 104, -47, 90, -52, -66, 88, -91, -81, -3, 116, 23, 62, -47, -84, -118, 65, 31, 7, -103, 37, -29, 115, -114, 73, 12, -121, 96, -91, -7, 56, 10, -72, 27, -45, 122, -27, -38, 74, 64, 30, -60, 64, -21, 48, 101, 113, 126, -60, -103, 71, 100, -117, 124, -125, 116, 78, 114, -74, 42, -81, -54, 34, 33, -10, 19, 23, 24, 40, 0, -8, 78, 100, 73, -88, -95, -62, -115, -18, 47, 10, -14, -39, 82, 27, -9, -115, -70, 92, -6, 39, 45, -71, -109, -41, 94, -88, -63, 19, -58, -37, -31, 1, 127, -42, 125, -120, -57, 120, -86, -6, 17, -27, -37, 47, 55, -22, -11, -31, 38, -1, 29, 56, -34, -104, -66, -62, 72, -11, -30, -30, 61, -31, 10, -63, 116, -84, 118, -127, 6, 17, -36, 91, 123, 77, 35, 22, 110, 114, 107, -3, 52, 11, 86, 68, -56, 0, 119, -43, -73, 112, 89, -4, -122, -71, -26, 103, -118, -61, -112, -108, -44, -25, -22, 4, 24, 53, -5, -71, 9, -41, 84, -28, 22, 99, 39, -26, -2, -51, 68, 63, -15, 99, 66, -78, 46, -89, 21, -38, -114, -51, 100, -59, 84, -76, -105, 51, 28, 19, 74, 42, 91, -73, 12, -89, -128, 34, 38, -100, 121, -78, 114, -28, 127, -29, 50, 105, -6, 36, 98, -35, 79, -58, 5, -13, -86, -101, -108, -99, -70, 25, 103, 63, 57, 79, -12, -63, 125, -54, 61, 15, 6, -79, 90, 76, 103, -45, 7, 39, 93, 107, 58, 76, 80, 56, -108, 55, -22, 36, 125, -91, -65, 11, 69, 10, -19, -14, -4, -26, -36, 114, 124, 63, -31, 88, 92, 108, 33, -52, -22, 80, -65, 57, 126, 43, -13, 122, -8, 68, 72, 92, -50, 100, -91, 1, -81, 75, 95, -11, -99, 38, 121, -20, -70, 82, -125, -94, -18, 16, 59, 89, 18, -96, 91, -97, 62, -96, 127, 45, 70, 16, 84, -43, -75, -118, 81, 58, 84, -115, -120, -3, 41, -103, -70, 123, 26, 101, 33, 58, 13, -11, -73, -84, -47, -7, 81, -63, 60, -45, 30, 100, -51, -15, 73, 58, -119, -3, 62, -63, -17, -69, -44, 60, -54, -115, -59, 23, -59, 98, -89, -72, 20, -96, 27, 53, -89, 59, -85, -29, 120, 23, 62, 8, -86, 113, 87, -15, 102, 106, -104, 57, -57, 37, 110, 118, 109, 25, 64, 26, -20, -86, -2, 60, -70, -33, 67, 13, -28, -29, -63, -37, 67, 99, 84, 121, -126, -38, 45, 24, 122, 51, 11, -19, -80, 26, -106, -95, 82, 69, -2, -75, 62, 106, -120, 87, -107, 87, 17, 102, -52, -16, 22, 12, -86, -48, -95, -61, 109, 64, -29, 111, 40, -90, -35, 49, 88, -15, 122, 127, 87, 113, 116, 93, 100, 28, -70, -87, -40, -1, -126, -114, 7, 79, 16, 2, -47, -98, -102, 49, 58, 61, -32, 44, 18, -26, 37, 27, -123, -76, 56, 91, 51, -21, -48, -122, -33, 40, -8, -62, -56, -126, 91, -51, 76, -29, 127, -22, -18, -110, 27, 13, -111, 81, 51, -104, 70, 98, 12, 120, -7, 15, 104, -43, -104, 124, 46, 116, 7, -26, 21, 33, 105, 17, -99, -42, -106, 8, -85, 39, 8, 79, -54, -81, 109, 40, 25, 29, -18, -90, 22, 85, -12, -16, 61, 49, -31, 127, 64, 5, 25, 39, -65, -42, 13, -97, -92, 36, -126, -18, -4, -22, -14, 109, -93, -76, -5, 13, 74, 44, 103, 79, 110, 85, 58, 39, -24, 119, 120, 122, 120, 43, 110, 67, 21, 47, 39, -48, 7, 91, -51, 126, 100, -38, -124, 0, -97, 99, -123, 118, -27, 8, 102, -106, -23, -53, -4, -56, -9, -126, -85, 93, -4, -5, 4, 49, 29, 2, 63, 78, -32, -106, 118, 111, 52, 54, 74, 53, 106, 39, -95, -38, -18, 118, -5, 94, -83, -97, -27, 62, -56, -90, -36, 43, 43, -113, 119, -89, 44, -108, -46, 66, 28, 66, -38, 3, -62, -83, -35, -127, -2, 51, 104, 105, 40, 76, -10, -124, -95, 52, 11, 101, -32, -122, -73, -17, 37, -126, 68, -126, 55, 112, -126, 38, 99, -63, 123, -74, -31, 58, 8, 93, -68, 111, -22, -24, -23, 9, -87, -25, -115, 81, -116, -91, 60, 96, -102, -1, -7, 73, 99, 46, -78, 62, 48, -116, -52, -44, -5, 82, -45, 5, -55, -101, 101, 65, -109, -108, 26, 98, -55, 11, -86, 57, 30, 92, -58, 20, 82, 65, 103, 27, -64, 76, 123, -56, -16, -111, -83, 125, 65, 111, 9, 123, 14, 119, 126, -80, 79, 94, -19, 66, -25, 35, 112, -64, 10, -66, -86, 51, 56, -78, 103, 92, -116, 8, 75, 41, -49, -79, -53, 125, -32, -76, -27, 59, -8, -4, -94, -104, -15, 79, -7, -124, 32, -87, -104, 85, -118, -36, 125, 65, 111, -105, 5, -105, 40, -50, 2, 118, 123, -54, 59, -22, 94, 20, 99, -87, -27, 28, -30, -109, 72, -19, 92, 60, 19, 115, 47, 96, -96, 10, -74, 60, 96, -86, 101, 101, 68, -44, -72, 9, -36, 126, 96, -45, -12, 9, 14, -15, 79, -79, -48, 8, -107, -81, 47, 35, -36, -107, -120, -36, -124, 37, 103, -60, -35, -74, 100, -38, -88, -99, -99, -94, -107, 79, 115, 108, 54, 119, 73, 84, 110, -74, 92, 57, 108, 80, 47, -36, -119, -115, 58, -62, -4, -97, 43, -98, 5, 112, 47, 59, -89, 82, -69, -103, 39, -29, 75, -9, -94, -72, 99, -64, 22, -10, 21, 89, 101, 21, 94, -30, -17, 73, -36, -68, -89, -91, -94, 99, -106, 119, -116, 123, -19, 54, -99, 64, -119, 82, 120, -106, -99, 80, 69, 29, -48, 77, 28, 13, 92, -107, -77, 94, -116, 108, 89, -115, 96, -41, 25, 99, -65, 118, -5, -16, 48, -122, 5, 50, -123, -115, 13, 24, 7, 15, -103, -62, -71, 92, -82, -5, -70, 49, -6, -51, -17, -47, 12, 46, -86, 30, 93, 84, -101, 43, -92, -87, -118, -110, -32, 52, 115, -4, 36, -2, -79, -69, -46, -110, 70, -82, 6, 21, -27, -11, 94, 42, -81, -96, 116, -102, -38, 36, 32, 91, 28, 80, -45, 116, -94, -33, -5, -102, 64, -96, 27, -2, 100, -126, 59, -71, 33, -36, -124, 123, 99, -76, 108, 127, -11, -24, -19, 84, -6, 19, 105, -19, -18, 120, -14, 23, 39, 54, 87, 105, 58, -95, -15, 127, -65, 114, 49, 4, -66, 32, -7, 84, 43, -103, 76, 11, 36, -68, -3, -98, -5, -43, 35, -48, 20, -40, -33, -123, 1, -54, -44, 99, -68, 8, -100, 97, -49, -10, 110, 49, 84, 46, -85, 98, -103, -58, -4, 104, -100, -40, -79, 67, -20, -95, 85, 51, 73, 10, -25, 102, 68, -97, -83, -39, 35, 2, -111, 71, 62, -89, 20, 25, -126, 17, -81, -29, 39, -27, -55, 55, -122, 97, 23, -99, 55, 86, 33, -9, 8, 55, -40, -84, 39, 38, 37, -29, 87, 113, -118, -26, 123, -95, 24, -126, 119, -94, 17, 83, -43, 10, 63, -98, 72, 8, 16, -95, -96, 119, -91, 6, 71, -60, 1, -77, 4, 53, -121, 55, 7, 36, -86, -49, -118, -121, 56, 84, -49, -57, -99, 3, -68, 37, -108, -72, 114, -74, 120, 3, 121, -28, -106, 54, -20, 63, -121, -85, -59, -111, 32, 13, -69, 122, 90, 5, 40, 88, 15, -90, 125, -28, 89, 95, 73, 96, 60, -60, -51, 102, 7, 57, 91, 59, 15, 92, -76, -34, -23, -77, 90, 45, 91, 77, -63, 94, -127, 74, -97, -44, 50, -87, -94, -25, -71, 112, 127, -117, 6, 32, -113, 54, 83, -31, 111, -73, 53, 34, -32, -98, 125, -39, 63, 15, 72, -69, 87, -118, 108, 17, 84, 15, 61, -47, 54, -24, -79, 91, 28, -28, 66, 53, 22, 9, -28, -12, 38, 64, 75, -122, 96, -59, -45, 4, -19, 47, -30, 75, -94, 62, -64, 76, -49, 19, -66, -34, 3, 84, -2, -54, 13, -84, 86, -117, 94, -27, 89, 16, 96, 52, -77, -36, -116, 27, -52, -33, -50, 14, -59, 77, 93, -109, 8, -89, 81, -114, -29, -94, 73, -119, -56, -19, 88, -17, -33, 125, -18, -68, 113, 40, -128, -112, -119, -106, -106, -30, 23, -77, 49, 3, 98, -101, 99, -107, -121, -12, -112, 24, -74, -74, 79, -17, 96, 65, -52, 86, -63, 45, 84, 119, -42, 61, -91, 29, -87, 65, -85, 99, -14, 71, 33, -41, -48, -2, -121, 78, -38, 41, -7, -37, 48, 122, 61, -124, 42, -22, 24, 2, -49, 74, -81, -88, -89, -107, 109, 53, -68, 90, -117, 123, -109, -28, 12, 80, 120, 26, -104, 73, 70, -36, 34, -80, -104, 23, 16, 14, -96, -5, 27, 71, 25, -8, -125, 58, 88, -52, -97, -97, -93, 11, -44, 116, 42, -102, -100, -31, -86, 71, 84, 70, 27, 117, -67, 92, -84, -13, 54, -102, 34, 5, 19, -76, 71, 89, 22, -49, -34, -29};
-        IntegerPolynomial poly = IntegerPolynomial.fromBinary(a, 1499, 2048);
-        byte[] b = poly.toBinary(2048);
-        // verify that bytes 0..2047 match, ignore non-relevant bits of byte 2048
-        assertTrue(Arrays.areEqual(copyOf(a, 2047), copyOf(b, 2047)));
-        assertEquals((a[a.length - 1] & 1) >> (7 - (1499 * 11) % 8), (b[b.length - 1] & 1) >> (7 - (1499 * 11) % 8));
-    }
-
-    public void testFromToBinary3Sves()
-    {
-        byte[] a = new byte[]{-112, -78, 19, 15, 99, -65, -56, -90, 44, -93, -109, 104, 40, 90, -84, -21, -124, 51, -33, 4, -51, -106, 33, 86, -76, 42, 41, -17, 47, 79, 81, -29, 15, 116, 101, 120, 116, 32, 116, 111, 32, 101, 110, 99, 114, 121, 112, 116, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0};
-        IntegerPolynomial poly = IntegerPolynomial.fromBinary3Sves(a, 1499);
-        byte[] b = poly.toBinary3Sves();
-        assertTrue(Arrays.areEqual(a, b));
-    }
-
-    public void testFromToBinary3Tight()
-    {
-        int[] c = new int[]{0, 0, 0, 0, 0, 0, 0, 1, 0, 0, -1, -1, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, -1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 1, -1, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 1, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 1, 0, 0, 0, -1, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 1, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 1, 0, 1, 0, 1, 0, -1, 0, 0, 1, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, -1, -1, 0, 1, 0, 0, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, -1, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 1, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 1, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, -1, -1, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, -1, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, -1, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, -1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, -1, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 1, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, -1, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, -1, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 1, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 1, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0};
-        IntegerPolynomial poly1 = new IntegerPolynomial(c);
-        IntegerPolynomial poly2 = IntegerPolynomial.fromBinary3Tight(poly1.toBinary3Tight(), c.length);
-        assertTrue(Arrays.areEqual(poly1.coeffs, poly2.coeffs));
-
-        IntegerPolynomial poly3 = new IntegerPolynomial(new int[]{0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, -1, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, -1, -1, 0, 0, 0, 1, 0, -1, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 1, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, -1, 1, 0, 0, 0, 1, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 1, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 1, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, -1, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, -1, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 1, 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, -1, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 1, -1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, -1, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, -1, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 1, 0, -1, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 1, 1, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, -1, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 1, 1, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, -1, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, -1, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, -1, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 1, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, -1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0});
-        byte[] arr = poly3.toBinary3Tight();
-        IntegerPolynomial poly4 = IntegerPolynomial.fromBinary3Tight(arr, 1499);
-        assertTrue(Arrays.areEqual(poly3.coeffs, poly4.coeffs));
-
-        IntegerPolynomial poly5 = new IntegerPolynomial(new int[]{0, 0, 0, 1, -1, -1, -1});
-        arr = poly5.toBinary3Tight();
-        IntegerPolynomial poly6 = IntegerPolynomial.fromBinary3Tight(arr, 7);
-        assertTrue(Arrays.areEqual(poly5.coeffs, poly6.coeffs));
-
-        SecureRandom random = new SecureRandom();
-
-        for (int i = 0; i < 100; i++)
-        {
-            IntegerPolynomial poly7 = DenseTernaryPolynomial.generateRandom(157, random);
-            arr = poly7.toBinary3Tight();
-            IntegerPolynomial poly8 = IntegerPolynomial.fromBinary3Tight(arr, 157);
-            assertTrue(Arrays.areEqual(poly7.coeffs, poly8.coeffs));
-        }
-    }
-
-    public void testResultant()
-    {
-        SecureRandom random = new SecureRandom();
-        NTRUSigningKeyGenerationParameters params = NTRUSigningKeyGenerationParameters.APR2011_439;
-        IntegerPolynomial a = DenseTernaryPolynomial.generateRandom(params.N, params.d, params.d, random);
-        verifyResultant(a, a.resultant());
-
-        a = new IntegerPolynomial(new int[]{0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 1, 0, 0, 0, 0, 0, 1, -1, 0, 0, -1, 0, 0, 0, 1, 0, 0, 0, -1, -1, 0, -1, 1, -1, 0, -1, 0, -1, -1, -1, 0, 0, 0, 1, 1, -1, -1, -1, 0, -1, -1, 0, 0, 1, 0, 0, 0, 0, 0, -1, 0, 0, 1, 0, 0, 1, 1, -1, 0, 1, -1, 0, 1, 0, 1, 0, -1, -1, 0, 1, 0, -1, 1, 1, 1, 1, 0, 0, -1, -1, 1, 0, 0, -1, -1, 0, -1, 0, 0, 0, 1, 0, 1, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 1, -1, 0, 0, 0, 0, -1, 0, 0, 0, 1, 0, 1, 0, 1, -1, 0, 0, 1, 1, 1, 0, 0, 0, -1, 0, 0, 0, 0, 1, 0, 1, 0, -1, -1, 0, -1, -1, -1, 0, -1, -1, 0, 0, 0, 1, 1, 0, 0, 0, 1, 0, 0, 1, -1, 0, 1, 0, -1, 0, 0, 0, 0, 0, 0, -1, -1, 0, -1, -1, 1, 1, 0, 0, -1, 1, 0, 0, 0, -1, 1, -1, 0, -1, 0, 0, 0, -1, 0, 0, 0, 0, 0, -1, 1, 1, 0, 0, -1, 1, 0, 0, 1, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 0, 0, 1, -1, 0, 1, 0, -1, -1, 0, 0, 0, 0, 0, 1, -1, 0, 0, 0, 1, -1, 1, -1, -1, 1, -1, 0, 1, 0, 0, 0, 1, 0, 0, 1, -1, 0, 0, 0, 0, 0, 0, 0, -1, 0, 1, 0, -1, 0, 1, -1, 0, 0, 1, 1, 0, 0, 1, 1, 0, -1, 0, -1, 1, -1, -1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 1, -1, 0, 0, 1, -1, 1, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, -1, 1, 0, -1, -1, 0, 0, -1, 0, 1, 1, -1, 1, -1, 0, 0, 0, 1});
-        verifyResultant(a, a.resultant());
-    }
-
-    // verifies that res=rho*a mod x^n-1
-    private void verifyResultant(IntegerPolynomial a, Resultant r)
-    {
-        BigIntPolynomial b = new BigIntPolynomial(a).mult(r.rho);
-        BigInteger[]     bCoeffs = b.getCoeffs();
-
-        for (int j = 1; j < bCoeffs.length - 1; j++)
-        {
-            assertEquals(BigInteger.ZERO, bCoeffs[j]);
-        }
-        if (r.res.equals(BigInteger.ZERO))
-        {
-            assertEquals(BigInteger.ZERO, bCoeffs[0].subtract(bCoeffs[bCoeffs.length - 1]));
-        }
-        else
-        {
-            assertEquals(BigInteger.ZERO, (bCoeffs[0].subtract(bCoeffs[bCoeffs.length - 1]).mod(r.res)));
-        }
-        assertEquals(bCoeffs[0].subtract(r.res), bCoeffs[bCoeffs.length - 1].negate());
-    }
-
-    public void testResultantMod()
-    {
-        int p = 46337;   // prime; must be less than sqrt(2^31) or integer overflows will occur
-
-        IntegerPolynomial a = new IntegerPolynomial(new int[]{0, 0, 0, 0, 0, 0, 0, 0, -1, 0, 1, 0, 0, 0, 0, 0, 1, -1, 0, 0, -1, 0, 0, 0, 1, 0, 0, 0, -1, -1, 0, -1, 1, -1, 0, -1, 0, -1, -1, -1, 0, 0, 0, 1, 1, -1, -1, -1, 0, -1, -1, 0, 0, 1, 0, 0, 0, 0, 0, -1, 0, 0, 1, 0, 0, 1, 1, -1, 0, 1, -1, 0, 1, 0, 1, 0, -1, -1, 0, 1, 0, -1, 1, 1, 1, 1, 0, 0, -1, -1, 1, 0, 0, -1, -1, 0, -1, 0, 0, 0, 1, 0, 1, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, 0, 1, 0, 0, 1, -1, 0, 0, 0, 0, -1, 0, 0, 0, 1, 0, 1, 0, 1, -1, 0, 0, 1, 1, 1, 0, 0, 0, -1, 0, 0, 0, 0, 1, 0, 1, 0, -1, -1, 0, -1, -1, -1, 0, -1, -1, 0, 0, 0, 1, 1, 0, 0, 0, 1, 0, 0, 1, -1, 0, 1, 0, -1, 0, 0, 0, 0, 0, 0, -1, -1, 0, -1, -1, 1, 1, 0, 0, -1, 1, 0, 0, 0, -1, 1, -1, 0, -1, 0, 0, 0, -1, 0, 0, 0, 0, 0, -1, 1, 1, 0, 0, -1, 1, 0, 0, 1, 0, 0, 0, 1, 0, 1, 0, 0, 0, 0, 0, 0, 1, -1, 0, 1, 0, -1, -1, 0, 0, 0, 0, 0, 1, -1, 0, 0, 0, 1, -1, 1, -1, -1, 1, -1, 0, 1, 0, 0, 0, 1, 0, 0, 1, -1, 0, 0, 0, 0, 0, 0, 0, -1, 0, 1, 0, -1, 0, 1, -1, 0, 0, 1, 1, 0, 0, 1, 1, 0, -1, 0, -1, 1, -1, -1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 1, -1, 0, 0, 1, -1, 1, 0, 0, 1, 0, 0, 0, 0, 1, 0, 0, 0, 0, 0, 0, 0, 0, -1, 1, 0, -1, -1, 0, 0, -1, 0, 1, 1, -1, 1, -1, 0, 0, 0, 1});
-        verifyResultant(a, a.resultant(p), p);
-
-        SecureRandom random = new SecureRandom();
-
-        for (int i = 0; i < 10; i++)
-        {
-            a = DenseTernaryPolynomial.generateRandom(853, random);
-            verifyResultant(a, a.resultant(p), p);
-        }
-    }
-
-    // verifies that res=rho*a mod x^n-1 mod p
-    private void verifyResultant(IntegerPolynomial a, Resultant r, int p)
-    {
-        BigIntPolynomial b = new BigIntPolynomial(a).mult(r.rho);
-        b.mod(BigInteger.valueOf(p));
-        BigInteger[]     bCoeffs = b.getCoeffs();
-
-        for (int j = 1; j < bCoeffs.length - 1; j++)
-        {
-            assertEquals(BigInteger.ZERO, bCoeffs[j]);
-        }
-        if (r.res.equals(BigInteger.ZERO))
-        {
-            assertEquals(BigInteger.ZERO, bCoeffs[0].subtract(bCoeffs[bCoeffs.length - 1]));
-        }
-        else
-        {
-            assertEquals(BigInteger.ZERO, (bCoeffs[0].subtract(bCoeffs[bCoeffs.length - 1]).subtract(r.res).mod(BigInteger.valueOf(p))));
-        }
-        assertEquals(BigInteger.ZERO, bCoeffs[0].subtract(r.res).subtract(bCoeffs[bCoeffs.length - 1].negate()).mod(BigInteger.valueOf(p)));
-    }
-
-    private byte[] copyOf(byte[] src, int length)
-    {
-        byte[] tmp = new byte[length];
-        System.arraycopy(src, 0, tmp, 0, tmp.length);
-        return tmp;
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/test/LongPolynomial2Test.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/test/LongPolynomial2Test.java
deleted file mode 100644
index c842064..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/test/LongPolynomial2Test.java
+++ /dev/null

@@ -1,60 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.polynomial.test;
-
-import java.util.Random;
-
-import junit.framework.TestCase;
-import org.bouncycastle.pqc.math.ntru.polynomial.IntegerPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.LongPolynomial2;
-import org.bouncycastle.util.Arrays;
-
-public class LongPolynomial2Test
-    extends TestCase
-{
-    public void testMult()
-    {
-        IntegerPolynomial i1 = new IntegerPolynomial(new int[]{1368, 2047, 672, 871, 1662, 1352, 1099, 1608});
-        IntegerPolynomial i2 = new IntegerPolynomial(new int[]{1729, 1924, 806, 179, 1530, 1381, 1695, 60});
-        LongPolynomial2 a = new LongPolynomial2(i1);
-        LongPolynomial2 b = new LongPolynomial2(i2);
-        IntegerPolynomial c1 = i1.mult(i2, 2048);
-        IntegerPolynomial c2 = a.mult(b).toIntegerPolynomial();
-        assertTrue(Arrays.areEqual(c1.coeffs, c2.coeffs));
-
-        // test 10 random polynomials
-        Random rng = new Random();
-        for (int i = 0; i < 10; i++)
-        {
-            int N = 2 + rng.nextInt(2000);
-            i1 = PolynomialGenerator.generateRandom(N, 2048);
-            i2 = PolynomialGenerator.generateRandom(N, 2048);
-            a = new LongPolynomial2(i1);
-            b = new LongPolynomial2(i2);
-            c1 = i1.mult(i2);
-            c1.modPositive(2048);
-            c2 = a.mult(b).toIntegerPolynomial();
-            assertTrue(Arrays.areEqual(c1.coeffs, c2.coeffs));
-        }
-    }
-
-    public void testSubAnd()
-    {
-        IntegerPolynomial i1 = new IntegerPolynomial(new int[]{1368, 2047, 672, 871, 1662, 1352, 1099, 1608});
-        IntegerPolynomial i2 = new IntegerPolynomial(new int[]{1729, 1924, 806, 179, 1530, 1381, 1695, 60});
-        LongPolynomial2 a = new LongPolynomial2(i1);
-        LongPolynomial2 b = new LongPolynomial2(i2);
-        a.subAnd(b, 2047);
-        i1.sub(i2);
-        i1.modPositive(2048);
-        assertTrue(Arrays.areEqual(a.toIntegerPolynomial().coeffs, i1.coeffs));
-    }
-
-    public void testMult2And()
-    {
-        IntegerPolynomial i1 = new IntegerPolynomial(new int[]{1368, 2047, 672, 871, 1662, 1352, 1099, 1608});
-        LongPolynomial2 i2 = new LongPolynomial2(i1);
-        i2.mult2And(2047);
-        i1.mult(2);
-        i1.modPositive(2048);
-        assertTrue(Arrays.areEqual(i1.coeffs, i2.toIntegerPolynomial().coeffs));
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/test/LongPolynomial5Test.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/test/LongPolynomial5Test.java
deleted file mode 100644
index cf91ac2..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/test/LongPolynomial5Test.java
+++ /dev/null

@@ -1,62 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.polynomial.test;
-
-import java.security.SecureRandom;
-
-import junit.framework.TestCase;
-import org.bouncycastle.pqc.math.ntru.polynomial.DenseTernaryPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.IntegerPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.LongPolynomial5;
-import org.bouncycastle.util.Arrays;
-
-public class LongPolynomial5Test
-    extends TestCase
-{
-    public void testMult()
-    {
-        testMult(new int[]{2}, new int[]{-1});
-        testMult(new int[]{2, 0}, new int[]{-1, 0});
-        testMult(new int[]{2, 0, 3}, new int[]{-1, 0, 1});
-        testMult(new int[]{2, 0, 3, 1}, new int[]{-1, 0, 1, 1});
-        testMult(new int[]{2, 0, 3, 1, 2}, new int[]{-1, 0, 1, 1, 0});
-        testMult(new int[]{2, 0, 3, 1, 1, 5}, new int[]{1, -1, 1, 1, 0, 1});
-        testMult(new int[]{2, 0, 3, 1, 1, 5, 1, 4}, new int[]{1, 0, 1, 1, -1, 1, 0, -1});
-        testMult(new int[]{1368, 2047, 672, 871, 1662, 1352, 1099, 1608}, new int[]{1, 0, 1, 1, -1, 1, 0, -1});
-
-        // test random polynomials
-        SecureRandom rng = new SecureRandom();
-        for (int i = 0; i < 10; i++)
-        {
-            int[] coeffs1 = new int[rng.nextInt(2000) + 1];
-            int[] coeffs2 = DenseTernaryPolynomial.generateRandom(coeffs1.length, rng).coeffs;
-            testMult(coeffs1, coeffs2);
-        }
-    }
-
-    private void testMult(int[] coeffs1, int[] coeffs2)
-    {
-        IntegerPolynomial i1 = new IntegerPolynomial(coeffs1);
-        IntegerPolynomial i2 = new IntegerPolynomial(coeffs2);
-
-        LongPolynomial5 a = new LongPolynomial5(i1);
-        DenseTernaryPolynomial b = new DenseTernaryPolynomial(i2);
-        IntegerPolynomial c1 = i1.mult(i2, 2048);
-        IntegerPolynomial c2 = a.mult(b).toIntegerPolynomial();
-        assertEqualsMod(c1.coeffs, c2.coeffs, 2048);
-    }
-
-    private void assertEqualsMod(int[] arr1, int[] arr2, int m)
-    {
-        assertEquals(arr1.length, arr2.length);
-        for (int i = 0; i < arr1.length; i++)
-        {
-            assertEquals((arr1[i] + m) % m, (arr2[i] + m) % m);
-        }
-    }
-
-    public void testToIntegerPolynomial()
-    {
-        int[] coeffs = new int[]{2, 0, 3, 1, 1, 5, 1, 4};
-        LongPolynomial5 p = new LongPolynomial5(new IntegerPolynomial(coeffs));
-        assertTrue(Arrays.areEqual(coeffs, p.toIntegerPolynomial().coeffs));
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/test/PolynomialGenerator.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/test/PolynomialGenerator.java
deleted file mode 100644
index 8f931d7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/test/PolynomialGenerator.java
+++ /dev/null

@@ -1,27 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.polynomial.test;
-
-import java.util.Random;
-
-import org.bouncycastle.pqc.math.ntru.polynomial.IntegerPolynomial;
-
-public class PolynomialGenerator
-{
-    /**
-     * Creates a random polynomial with <code>N</code> coefficients
-     * between <code>0</code> and <code>q-1</code>.
-     *
-     * @param N length of the polynomial
-     * @param q coefficients will all be below this number
-     * @return a random polynomial
-     */
-    public static IntegerPolynomial generateRandom(int N, int q)
-    {
-        Random rng = new Random();
-        int[] coeffs = new int[N];
-        for (int i = 0; i < N; i++)
-        {
-            coeffs[i] = rng.nextInt(q);
-        }
-        return new IntegerPolynomial(coeffs);
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/test/ProductFormPolynomialTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/test/ProductFormPolynomialTest.java
deleted file mode 100644
index 9fbbb98..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/test/ProductFormPolynomialTest.java
+++ /dev/null

@@ -1,47 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.polynomial.test;
-
-import java.security.SecureRandom;
-
-import junit.framework.TestCase;
-import org.bouncycastle.pqc.crypto.ntru.NTRUEncryptionKeyGenerationParameters;
-import org.bouncycastle.pqc.math.ntru.polynomial.IntegerPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.ProductFormPolynomial;
-
-public class ProductFormPolynomialTest
-    extends TestCase
-{
-    private NTRUEncryptionKeyGenerationParameters params;
-    private int N;
-    private int df1;
-    private int df2;
-    private int df3;
-    private int q;
-
-    public void setUp()
-    {
-        params = NTRUEncryptionKeyGenerationParameters.APR2011_439_FAST;
-        N = params.N;
-        df1 = params.df1;
-        df2 = params.df2;
-        df3 = params.df3;
-        q = params.q;
-    }
-
-    public void testFromToBinary()
-        throws Exception
-    {
-        ProductFormPolynomial p1 = ProductFormPolynomial.generateRandom(N, df1, df2, df3, df3 - 1, new SecureRandom());
-        byte[] bin1 = p1.toBinary();
-        ProductFormPolynomial p2 = ProductFormPolynomial.fromBinary(bin1, N, df1, df2, df3, df3 - 1);
-        assertEquals(p1, p2);
-    }
-
-    public void testMult()
-    {
-        ProductFormPolynomial p1 = ProductFormPolynomial.generateRandom(N, df1, df2, df3, df3 - 1, new SecureRandom());
-        IntegerPolynomial p2 = PolynomialGenerator.generateRandom(N, q);
-        IntegerPolynomial p3 = p1.mult(p2);
-        IntegerPolynomial p4 = p1.toIntegerPolynomial().mult(p2);
-        assertEquals(p3, p4);
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/test/SparseTernaryPolynomialTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/test/SparseTernaryPolynomialTest.java
deleted file mode 100644
index 3d434c6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/polynomial/test/SparseTernaryPolynomialTest.java
+++ /dev/null

@@ -1,45 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.polynomial.test;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.security.SecureRandom;
-
-import junit.framework.TestCase;
-import org.bouncycastle.pqc.math.ntru.polynomial.BigIntPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.DenseTernaryPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.IntegerPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.SparseTernaryPolynomial;
-
-public class SparseTernaryPolynomialTest
-    extends TestCase
-{
-
-    /**
-     * tests mult(IntegerPolynomial) and mult(BigIntPolynomial)
-     */
-    public void testMult()
-    {
-        SecureRandom random = new SecureRandom();
-        SparseTernaryPolynomial p1 = SparseTernaryPolynomial.generateRandom(1000, 500, 500, random);
-        IntegerPolynomial p2 = DenseTernaryPolynomial.generateRandom(1000, random);
-
-        IntegerPolynomial prod1 = p1.mult(p2);
-        IntegerPolynomial prod2 = p1.mult(p2);
-        assertEquals(prod1, prod2);
-
-        BigIntPolynomial p3 = new BigIntPolynomial(p2);
-        BigIntPolynomial prod3 = p1.mult(p3);
-
-        assertEquals(new BigIntPolynomial(prod1), prod3);
-    }
-
-    public void testFromToBinary()
-        throws IOException
-    {
-        SecureRandom random = new SecureRandom();
-        SparseTernaryPolynomial poly1 = SparseTernaryPolynomial.generateRandom(1000, 100, 101, random);
-        ByteArrayInputStream poly1Stream = new ByteArrayInputStream(poly1.toBinary());
-        SparseTernaryPolynomial poly2 = SparseTernaryPolynomial.fromBinary(poly1Stream, 1000, 100, 101);
-        assertEquals(poly1, poly2);
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/util/ArrayEncoder.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/util/ArrayEncoder.java
deleted file mode 100644
index 017e104..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/util/ArrayEncoder.java
+++ /dev/null

@@ -1,294 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.util;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.math.BigInteger;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * Converts a coefficient array to a compact byte array and vice versa.
- */
-public class ArrayEncoder
-{
-    /**
-     * Bit string to coefficient conversion table from P1363.1. Also found at
-     * {@link http://stackoverflow.com/questions/1562548/how-to-make-a-message-into-a-polynomial}
-     * <p>
-     * Convert each three-bit quantity to two ternary coefficients as follows, and concatenate the resulting
-     * ternary quantities to obtain [the output].
-     * </p><p>
-     * <code>
-     * {0, 0, 0} -> {0, 0}<br/>
-     * {0, 0, 1} -> {0, 1}<br/>
-     * {0, 1, 0} -> {0, -1}<br/>
-     * {0, 1, 1} -> {1, 0}<br/>
-     * {1, 0, 0} -> {1, 1}<br/>
-     * {1, 0, 1} -> {1, -1}<br/>
-     * {1, 1, 0} -> {-1, 0}<br/>
-     * {1, 1, 1} -> {-1, 1}<br/>
-     * </code>
-     * </p>
-     */
-    private static final int[] COEFF1_TABLE = {0, 0, 0, 1, 1, 1, -1, -1};
-    private static final int[] COEFF2_TABLE = {0, 1, -1, 0, 1, -1, 0, 1};
-    /**
-     * Coefficient to bit string conversion table from P1363.1. Also found at
-     * {@link http://stackoverflow.com/questions/1562548/how-to-make-a-message-into-a-polynomial}
-     * <p>
-     * Convert each set of two ternary coefficients to three bits as follows, and concatenate the resulting bit
-     * quantities to obtain [the output]:
-     * </p><p>
-     * <code>
-     * {-1, -1} -> set "fail" to 1 and set bit string to {1, 1, 1}
-     * {-1, 0} -> {1, 1, 0}<br/>
-     * {-1, 1} -> {1, 1, 1}<br/>
-     * {0, -1} -> {0, 1, 0}<br/>
-     * {0, 0} -> {0, 0, 0}<br/>
-     * {0, 1} -> {0, 0, 1}<br/>
-     * {1, -1} -> {1, 0, 1}<br/>
-     * {1, 0} -> {0, 1, 1}<br/>
-     * {1, 1} -> {1, 0, 0}<br/>
-     * </code>   \
-     * </p>
-     */
-    private static final int[] BIT1_TABLE = {1, 1, 1, 0, 0, 0, 1, 0, 1};
-    private static final int[] BIT2_TABLE = {1, 1, 1, 1, 0, 0, 0, 1, 0};
-    private static final int[] BIT3_TABLE = {1, 0, 1, 0, 0, 1, 1, 1, 0};
-
-    /**
-     * Encodes an int array whose elements are between 0 and <code>q</code>,
-     * to a byte array leaving no gaps between bits.<br>
-     * <code>q</code> must be a power of 2.
-     *
-     * @param a the input array
-     * @param q the modulus
-     * @return the encoded array
-     */
-    public static byte[] encodeModQ(int[] a, int q)
-    {
-        int bitsPerCoeff = 31 - Integer.numberOfLeadingZeros(q);
-        int numBits = a.length * bitsPerCoeff;
-        int numBytes = (numBits + 7) / 8;
-        byte[] data = new byte[numBytes];
-        int bitIndex = 0;
-        int byteIndex = 0;
-        for (int i = 0; i < a.length; i++)
-        {
-            for (int j = 0; j < bitsPerCoeff; j++)
-            {
-                int currentBit = (a[i] >> j) & 1;
-                data[byteIndex] |= currentBit << bitIndex;
-                if (bitIndex == 7)
-                {
-                    bitIndex = 0;
-                    byteIndex++;
-                }
-                else
-                {
-                    bitIndex++;
-                }
-            }
-        }
-        return data;
-    }
-
-    /**
-     * Decodes a <code>byte</code> array encoded with {@link #encodeModQ(int[], int)} back to an <code>int</code> array.<br>
-     * <code>N</code> is the number of coefficients. <code>q</code> must be a power of <code>2</code>.<br>
-     * Ignores any excess bytes.
-     *
-     * @param data an encoded ternary polynomial
-     * @param N    number of coefficients
-     * @param q
-     * @return an array containing <code>N</code> coefficients between <code>0</code> and <code>q-1</code>
-     */
-    public static int[] decodeModQ(byte[] data, int N, int q)
-    {
-        int[] coeffs = new int[N];
-        int bitsPerCoeff = 31 - Integer.numberOfLeadingZeros(q);
-        int numBits = N * bitsPerCoeff;
-        int coeffIndex = 0;
-        for (int bitIndex = 0; bitIndex < numBits; bitIndex++)
-        {
-            if (bitIndex > 0 && bitIndex % bitsPerCoeff == 0)
-            {
-                coeffIndex++;
-            }
-            int bit = getBit(data, bitIndex);
-            coeffs[coeffIndex] += bit << (bitIndex % bitsPerCoeff);
-        }
-        return coeffs;
-    }
-
-    /**
-     * Decodes data encoded with {@link #encodeModQ(int[], int)} back to an <code>int</code> array.<br>
-     * <code>N</code> is the number of coefficients. <code>q</code> must be a power of <code>2</code>.<br>
-     * Ignores any excess bytes.
-     *
-     * @param is an encoded ternary polynomial
-     * @param N  number of coefficients
-     * @param q
-     * @return the decoded polynomial
-     */
-    public static int[] decodeModQ(InputStream is, int N, int q)
-        throws IOException
-    {
-        int qBits = 31 - Integer.numberOfLeadingZeros(q);
-        int size = (N * qBits + 7) / 8;
-        byte[] arr = Util.readFullLength(is, size);
-        return decodeModQ(arr, N, q);
-    }
-
-    /**
-     * Decodes a <code>byte</code> array encoded with {@link #encodeMod3Sves(int[])} back to an <code>int</code> array
-     * with <code>N</code> coefficients between <code>-1</code> and <code>1</code>.<br>
-     * Ignores any excess bytes.<br>
-     * See P1363.1 section 9.2.2.
-     *
-     * @param data an encoded ternary polynomial
-     * @param N    number of coefficients
-     * @return the decoded coefficients
-     */
-    public static int[] decodeMod3Sves(byte[] data, int N)
-    {
-        int[] coeffs = new int[N];
-        int coeffIndex = 0;
-        for (int bitIndex = 0; bitIndex < data.length * 8; )
-        {
-            int bit1 = getBit(data, bitIndex++);
-            int bit2 = getBit(data, bitIndex++);
-            int bit3 = getBit(data, bitIndex++);
-            int coeffTableIndex = bit1 * 4 + bit2 * 2 + bit3;
-            coeffs[coeffIndex++] = COEFF1_TABLE[coeffTableIndex];
-            coeffs[coeffIndex++] = COEFF2_TABLE[coeffTableIndex];
-            // ignore bytes that can't fit
-            if (coeffIndex > N - 2)
-            {
-                break;
-            }
-        }
-        return coeffs;
-    }
-
-    /**
-     * Encodes an <code>int</code> array whose elements are between <code>-1</code> and <code>1</code>, to a byte array.
-     * <code>coeffs[2*i]</code> and <code>coeffs[2*i+1]</code> must not both equal -1 for any integer <code>i</code>,
-     * so this method is only safe to use with arrays produced by {@link #decodeMod3Sves(byte[], int)}.<br>
-     * See P1363.1 section 9.2.3.
-     *
-     * @param arr
-     * @return the encoded array
-     */
-    public static byte[] encodeMod3Sves(int[] arr)
-    {
-        int numBits = (arr.length * 3 + 1) / 2;
-        int numBytes = (numBits + 7) / 8;
-        byte[] data = new byte[numBytes];
-        int bitIndex = 0;
-        int byteIndex = 0;
-        for (int i = 0; i < arr.length / 2 * 2; )
-        {   // if length is an odd number, throw away the highest coeff
-            int coeff1 = arr[i++] + 1;
-            int coeff2 = arr[i++] + 1;
-            if (coeff1 == 0 && coeff2 == 0)
-            {
-                throw new IllegalStateException("Illegal encoding!");
-            }
-            int bitTableIndex = coeff1 * 3 + coeff2;
-            int[] bits = new int[]{BIT1_TABLE[bitTableIndex], BIT2_TABLE[bitTableIndex], BIT3_TABLE[bitTableIndex]};
-            for (int j = 0; j < 3; j++)
-            {
-                data[byteIndex] |= bits[j] << bitIndex;
-                if (bitIndex == 7)
-                {
-                    bitIndex = 0;
-                    byteIndex++;
-                }
-                else
-                {
-                    bitIndex++;
-                }
-            }
-        }
-        return data;
-    }
-
-    /**
-     * Encodes an <code>int</code> array whose elements are between <code>-1</code> and <code>1</code>, to a byte array.
-     *
-     * @return the encoded array
-     */
-    public static byte[] encodeMod3Tight(int[] intArray)
-    {
-        BigInteger sum = BigInteger.ZERO;
-        for (int i = intArray.length - 1; i >= 0; i--)
-        {
-            sum = sum.multiply(BigInteger.valueOf(3));
-            sum = sum.add(BigInteger.valueOf(intArray[i] + 1));
-        }
-
-        int size = (BigInteger.valueOf(3).pow(intArray.length).bitLength() + 7) / 8;
-        byte[] arr = sum.toByteArray();
-
-        if (arr.length < size)
-        {
-            // pad with leading zeros so arr.length==size
-            byte[] arr2 = new byte[size];
-            System.arraycopy(arr, 0, arr2, size - arr.length, arr.length);
-            return arr2;
-        }
-
-        if (arr.length > size)
-        // drop sign bit
-        {
-            arr = Arrays.copyOfRange(arr, 1, arr.length);
-        }
-        return arr;
-    }
-
-    /**
-     * Converts a byte array produced by {@link #encodeMod3Tight(int[])} back to an <code>int</code> array.
-     *
-     * @param b a byte array
-     * @param N number of coefficients
-     * @return the decoded array
-     */
-    public static int[] decodeMod3Tight(byte[] b, int N)
-    {
-        BigInteger sum = new BigInteger(1, b);
-        int[] coeffs = new int[N];
-        for (int i = 0; i < N; i++)
-        {
-            coeffs[i] = sum.mod(BigInteger.valueOf(3)).intValue() - 1;
-            if (coeffs[i] > 1)
-            {
-                coeffs[i] -= 3;
-            }
-            sum = sum.divide(BigInteger.valueOf(3));
-        }
-        return coeffs;
-    }
-
-    /**
-     * Converts data produced by {@link #encodeMod3Tight(int[])} back to an <code>int</code> array.
-     *
-     * @param is an input stream containing the data to decode
-     * @param N  number of coefficients
-     * @return the decoded array
-     */
-    public static int[] decodeMod3Tight(InputStream is, int N)
-        throws IOException
-    {
-        int size = (int)Math.ceil(N * Math.log(3) / Math.log(2) / 8);
-        byte[] arr = Util.readFullLength(is, size);
-        return decodeMod3Tight(arr, N);
-    }
-
-    private static int getBit(byte[] arr, int bitIndex)
-    {
-        int byteIndex = bitIndex / 8;
-        int arrElem = arr[byteIndex] & 0xFF;
-        return (arrElem >> (bitIndex % 8)) & 1;
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/util/Util.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/util/Util.java
deleted file mode 100644
index 92c2ed4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/util/Util.java
+++ /dev/null

@@ -1,158 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.util;
-
-import java.io.IOException;
-import java.io.InputStream;
-import java.security.SecureRandom;
-import java.util.ArrayList;
-import java.util.Collections;
-import java.util.List;
-
-import org.bouncycastle.pqc.math.ntru.euclid.IntEuclidean;
-import org.bouncycastle.pqc.math.ntru.polynomial.DenseTernaryPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.SparseTernaryPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.TernaryPolynomial;
-import org.bouncycastle.util.Integers;
-
-public class Util
-{
-    private static volatile boolean IS_64_BITNESS_KNOWN;
-    private static volatile boolean IS_64_BIT_JVM;
-
-    /**
-     * Calculates the inverse of n mod modulus
-     */
-    public static int invert(int n, int modulus)
-    {
-        n %= modulus;
-        if (n < 0)
-        {
-            n += modulus;
-        }
-        return IntEuclidean.calculate(n, modulus).x;
-    }
-
-    /**
-     * Calculates a^b mod modulus
-     */
-    public static int pow(int a, int b, int modulus)
-    {
-        int p = 1;
-        for (int i = 0; i < b; i++)
-        {
-            p = (p * a) % modulus;
-        }
-        return p;
-    }
-
-    /**
-     * Calculates a^b mod modulus
-     */
-    public static long pow(long a, int b, long modulus)
-    {
-        long p = 1;
-        for (int i = 0; i < b; i++)
-        {
-            p = (p * a) % modulus;
-        }
-        return p;
-    }
-
-    /**
-     * Generates a "sparse" or "dense" polynomial containing numOnes ints equal to 1,
-     * numNegOnes int equal to -1, and the rest equal to 0.
-     *
-     * @param N
-     * @param numOnes
-     * @param numNegOnes
-     * @param sparse     whether to create a {@link SparseTernaryPolynomial} or {@link DenseTernaryPolynomial}
-     * @return a ternary polynomial
-     */
-    public static TernaryPolynomial generateRandomTernary(int N, int numOnes, int numNegOnes, boolean sparse, SecureRandom random)
-    {
-        if (sparse)
-        {
-            return SparseTernaryPolynomial.generateRandom(N, numOnes, numNegOnes, random);
-        }
-        else
-        {
-            return DenseTernaryPolynomial.generateRandom(N, numOnes, numNegOnes, random);
-        }
-    }
-
-    /**
-     * Generates an array containing numOnes ints equal to 1,
-     * numNegOnes int equal to -1, and the rest equal to 0.
-     *
-     * @param N
-     * @param numOnes
-     * @param numNegOnes
-     * @return an array of integers
-     */
-    public static int[] generateRandomTernary(int N, int numOnes, int numNegOnes, SecureRandom random)
-    {
-        Integer one = Integers.valueOf(1);
-        Integer minusOne = Integers.valueOf(-1);
-        Integer zero = Integers.valueOf(0);
-
-        List list = new ArrayList();
-        for (int i = 0; i < numOnes; i++)
-        {
-            list.add(one);
-        }
-        for (int i = 0; i < numNegOnes; i++)
-        {
-            list.add(minusOne);
-        }
-        while (list.size() < N)
-        {
-            list.add(zero);
-        }
-
-        Collections.shuffle(list, random);
-
-        int[] arr = new int[N];
-        for (int i = 0; i < N; i++)
-        {
-            arr[i] = ((Integer)list.get(i)).intValue();
-        }
-        return arr;
-    }
-
-    /**
-     * Takes an educated guess as to whether 64 bits are supported by the JVM.
-     *
-     * @return <code>true</code> if 64-bit support detected, <code>false</code> otherwise
-     */
-    public static boolean is64BitJVM()
-    {
-        if (!IS_64_BITNESS_KNOWN)
-        {
-            String arch = System.getProperty("os.arch");
-            String sunModel = System.getProperty("sun.arch.data.model");
-            IS_64_BIT_JVM = "amd64".equals(arch) || "x86_64".equals(arch) || "ppc64".equals(arch) || "64".equals(sunModel);
-            IS_64_BITNESS_KNOWN = true;
-        }
-        return IS_64_BIT_JVM;
-    }
-
-    /**
-     * Reads a given number of bytes from an <code>InputStream</code>.
-     * If there are not enough bytes in the stream, an <code>IOException</code>
-     * is thrown.
-     *
-     * @param is
-     * @param length
-     * @return an array of length <code>length</code>
-     * @throws IOException
-     */
-    public static byte[] readFullLength(InputStream is, int length)
-        throws IOException
-    {
-        byte[] arr = new byte[length];
-        if (is.read(arr) != arr.length)
-        {
-            throw new IOException("Not enough bytes to read.");
-        }
-        return arr;
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/util/test/AllTests.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/util/test/AllTests.java
deleted file mode 100644
index c4969d0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/util/test/AllTests.java
+++ /dev/null

@@ -1,43 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.util.test;
-
-import junit.extensions.TestSetup;
-import junit.framework.Test;
-import junit.framework.TestCase;
-import junit.framework.TestSuite;
-
-public class AllTests
-    extends TestCase
-{
-    public static void main (String[] args)
-    {
-        junit.textui.TestRunner.run(suite());
-    }
-    
-    public static Test suite()
-    {
-        TestSuite suite = new TestSuite("NTRU ArrayEncoder Tests");
-        
-        suite.addTestSuite(ArrayEncoderTest.class);
-        
-        return new BCTestSetup(suite);
-    }
-
-    static class BCTestSetup
-        extends TestSetup
-    {
-        public BCTestSetup(Test test)
-        {
-            super(test);
-        }
-
-        protected void setUp()
-        {
-
-        }
-
-        protected void tearDown()
-        {
-
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/util/test/ArrayEncoderTest.java b/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/util/test/ArrayEncoderTest.java
deleted file mode 100644
index 6dbdea3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/pqc/math/ntru/util/test/ArrayEncoderTest.java
+++ /dev/null

@@ -1,42 +0,0 @@
-package org.bouncycastle.pqc.math.ntru.util.test;
-
-import java.security.SecureRandom;
-import java.util.Random;
-
-import junit.framework.TestCase;
-import org.bouncycastle.pqc.math.ntru.polynomial.DenseTernaryPolynomial;
-import org.bouncycastle.pqc.math.ntru.polynomial.test.PolynomialGenerator;
-import org.bouncycastle.pqc.math.ntru.util.ArrayEncoder;
-import org.bouncycastle.util.Arrays;
-
-public class ArrayEncoderTest
-    extends TestCase
-{
-    public void testEncodeDecodeModQ()
-    {
-        int[] coeffs = PolynomialGenerator.generateRandom(1000, 2048).coeffs;
-        byte[] data = ArrayEncoder.encodeModQ(coeffs, 2048);
-        int[] coeffs2 = ArrayEncoder.decodeModQ(data, 1000, 2048);
-        assertTrue(Arrays.areEqual(coeffs, coeffs2));
-    }
-
-    public void testEncodeDecodeMod3Sves()
-    {
-        Random rng = new Random();
-        byte[] data = new byte[180];
-        rng.nextBytes(data);
-        int[] coeffs = ArrayEncoder.decodeMod3Sves(data, 960);
-        byte[] data2 = ArrayEncoder.encodeMod3Sves(coeffs);
-        assertTrue(Arrays.areEqual(data, data2));
-    }
-
-    public void testEncodeDecodeMod3Tight()
-    {
-        SecureRandom random = new SecureRandom();
-
-        int[] coeffs = DenseTernaryPolynomial.generateRandom(1000, random).coeffs;
-        byte[] data = ArrayEncoder.encodeMod3Tight(coeffs);
-        int[] coeffs2 = ArrayEncoder.decodeMod3Tight(data, 1000);
-        assertTrue(Arrays.areEqual(coeffs, coeffs2));
-    }
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/util/Fingerprint.java b/bcprov/src/main/java/org/bouncycastle/util/Fingerprint.java
index 7027d49..d190ea6 100644
--- a/bcprov/src/main/java/org/bouncycastle/util/Fingerprint.java
+++ b/bcprov/src/main/java/org/bouncycastle/util/Fingerprint.java

@@ -1,7 +1,10 @@
 package org.bouncycastle.util;
 
-import org.bouncycastle.crypto.digests.SHA512tDigest;
-import org.bouncycastle.crypto.digests.SHAKEDigest;
+// Android-changed: Use Android digests
+// import org.bouncycastle.crypto.digests.SHA512tDigest;
+// import org.bouncycastle.crypto.digests.SHAKEDigest;
+import org.bouncycastle.crypto.Digest;
+import org.bouncycastle.crypto.digests.AndroidDigestFactory;
 
 /**
  * Basic 20 byte finger print class.
@@ -38,13 +41,15 @@
         this.fingerprint = calculateFingerprint(source, bitLength);
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
     /**
      * Base constructor - for backwards compatibility.
      *
      * @param source original data to calculate the fingerprint from.
      * @param useSHA512t use the old SHA512/160 calculation.
      * @deprecated use the SHAKE only version.
-     */
+     *
     public Fingerprint(byte[] source, boolean useSHA512t)
     {
         if (useSHA512t)
@@ -56,6 +61,8 @@
             this.fingerprint = calculateFingerprint(source);
         }
     }
+    */
+    // END Android-removed: Unsupported algorithms
 
     public byte[] getFingerprint()
     {
@@ -109,6 +116,7 @@
         return calculateFingerprint(input, 160);
     }
 
+    /*
     /**
      * Return a byte array containing a calculated fingerprint for the passed in input data.
      * This calculation is compatible with the BC FIPS API.
@@ -124,17 +132,29 @@
             throw new IllegalArgumentException("bitLength must be a multiple of 8");
         }
 
-        SHAKEDigest digest = new SHAKEDigest(256);
+        // Android-changed: Use SHA-256 instead of SHAKE-256, since we don't support SHAKE
+        // SHAKEDigest digest = new SHAKEDigest(256);
+        Digest digest = AndroidDigestFactory.getSHA256();
 
         digest.update(input, 0, input.length);
 
         byte[] rv = new byte[bitLength / 8];
 
-        digest.doFinal(rv, 0, bitLength / 8);
+        // Android-changed: Hash and truncate since SHA-256 doesn't support variable length output
+        //
+        // digest.doFinal(rv, 0, bitLength / 8);
+        byte[] untruncated = new byte[32];
+        digest.doFinal(untruncated, 0);
+        if ((bitLength / 8) >= 32) {
+            return untruncated;
+        }
+
+        System.arraycopy(untruncated, 0, rv, 0, rv.length);
 
         return rv;
     }
 
+    // BEGIN Android-removed: Unsupported algorithms
     /**
      * Return a byte array containing a calculated fingerprint for the passed in input data.
      * The fingerprint is based on SHA512/160.
@@ -142,7 +162,7 @@
      * @param input data to base the fingerprint on.
      * @return a byte array containing a 20 byte fingerprint.
      * @deprecated use the SHAKE based version.
-     */
+     *
     public static byte[] calculateFingerprintSHA512_160(byte[] input)
     {
         SHA512tDigest digest = new SHA512tDigest(160);
@@ -155,4 +175,6 @@
 
         return rv;
     }
+    */
+    // END Android-removed: Unsupported algorithms
 }

diff --git a/bcprov/src/main/java/org/bouncycastle/util/MemoableResetException.java b/bcprov/src/main/java/org/bouncycastle/util/MemoableResetException.java
deleted file mode 100644
index 6552bd4..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/MemoableResetException.java
+++ /dev/null

@@ -1,22 +0,0 @@
-package org.bouncycastle.util;
-
-/**
- * Exception to be thrown on a failure to reset an object implementing Memoable.
- * <p>
- * The exception extends ClassCastException to enable users to have a single handling case,
- * only introducing specific handling of this one if required.
- * </p>
- */
-public class MemoableResetException
-    extends ClassCastException
-{
-    /**
-     * Basic Constructor.
-     *
-     * @param msg message to be associated with this exception.
-     */
-    public MemoableResetException(String msg)
-    {
-        super(msg);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/util/Shorts.java b/bcprov/src/main/java/org/bouncycastle/util/Shorts.java
deleted file mode 100644
index 258e01e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/Shorts.java
+++ /dev/null

@@ -1,9 +0,0 @@
-package org.bouncycastle.util;
-
-public class Shorts
-{
-    public static Short valueOf(short value)
-    {
-        return Short.valueOf(value);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/util/StreamParser.java b/bcprov/src/main/java/org/bouncycastle/util/StreamParser.java
deleted file mode 100644
index 13f2b16..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/StreamParser.java
+++ /dev/null

@@ -1,10 +0,0 @@
-package org.bouncycastle.util;
-
-import java.util.Collection;
-
-public interface StreamParser
-{
-    Object read() throws StreamParsingException;
-
-    Collection readAll() throws StreamParsingException;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/util/StreamParsingException.java b/bcprov/src/main/java/org/bouncycastle/util/StreamParsingException.java
deleted file mode 100644
index 0a76378..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/StreamParsingException.java
+++ /dev/null

@@ -1,18 +0,0 @@
-package org.bouncycastle.util;
-
-public class StreamParsingException 
-    extends Exception
-{
-    Throwable _e;
-
-    public StreamParsingException(String message, Throwable e)
-    {
-        super(message);
-        _e = e;
-    }
-
-    public Throwable getCause()
-    {
-        return _e;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/util/Times.java b/bcprov/src/main/java/org/bouncycastle/util/Times.java
deleted file mode 100644
index 617d00b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/Times.java
+++ /dev/null

@@ -1,9 +0,0 @@
-package org.bouncycastle.util;
-
-public final class Times
-{
-    public static long nanoTime()
-    {
-        return System.nanoTime();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/util/encoders/BufferedDecoder.java b/bcprov/src/main/java/org/bouncycastle/util/encoders/BufferedDecoder.java
deleted file mode 100644
index eea85b9..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/encoders/BufferedDecoder.java
+++ /dev/null

@@ -1,96 +0,0 @@
-package org.bouncycastle.util.encoders;
-
-
-/**
- * A buffering class to allow translation from one format to another to
- * be done in discrete chunks.
- */
-public class BufferedDecoder
-{
-    protected byte[]        buf;
-    protected int           bufOff;
-
-    protected Translator    translator;
-
-    /**
-     * @param translator the translator to use.
-     * @param bufSize amount of input to buffer for each chunk.
-     */
-    public BufferedDecoder(
-        Translator  translator,
-        int         bufSize)
-    {
-        this.translator = translator;
-
-        if ((bufSize % translator.getEncodedBlockSize()) != 0)
-        {
-            throw new IllegalArgumentException("buffer size not multiple of input block size");
-        }
-
-        buf = new byte[bufSize];
-        bufOff = 0;
-    }
-
-    public int processByte(
-        byte        in,
-        byte[]      out,
-        int         outOff)
-    {
-        int         resultLen = 0;
-
-        buf[bufOff++] = in;
-
-        if (bufOff == buf.length)
-        {
-            resultLen = translator.decode(buf, 0, buf.length, out, outOff);
-            bufOff = 0;
-        }
-
-        return resultLen;
-    }
-
-    public int processBytes(
-        byte[]      in,
-        int         inOff,
-        int         len,
-        byte[]      out,
-        int         outOff)
-    {
-        if (len < 0)
-        {
-            throw new IllegalArgumentException("Can't have a negative input length!");
-        }
-
-        int resultLen = 0;
-        int gapLen = buf.length - bufOff;
-
-        if (len > gapLen)
-        {
-            System.arraycopy(in, inOff, buf, bufOff, gapLen);
-
-            resultLen += translator.decode(buf, 0, buf.length, out, outOff);
-
-            bufOff = 0;
-
-            len -= gapLen;
-            inOff += gapLen;
-            outOff += resultLen;
-
-            int chunkSize = len - (len % buf.length);
-
-            resultLen += translator.decode(in, inOff, chunkSize, out, outOff);
-
-            len -= chunkSize;
-            inOff += chunkSize;
-        }
-
-        if (len != 0)
-        {
-            System.arraycopy(in, inOff, buf, bufOff, len);
-
-            bufOff += len;
-        }
-
-        return resultLen;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/util/encoders/BufferedEncoder.java b/bcprov/src/main/java/org/bouncycastle/util/encoders/BufferedEncoder.java
deleted file mode 100644
index 60a098d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/encoders/BufferedEncoder.java
+++ /dev/null

@@ -1,96 +0,0 @@
-package org.bouncycastle.util.encoders;
-
-
-/**
- * A buffering class to allow translation from one format to another to
- * be done in discrete chunks.
- */
-public class BufferedEncoder
-{
-    protected byte[]        buf;
-    protected int           bufOff;
-
-    protected Translator    translator;
-
-    /**
-     * @param translator the translator to use.
-     * @param bufSize amount of input to buffer for each chunk.
-     */
-    public BufferedEncoder(
-        Translator  translator,
-        int         bufSize)
-    {
-        this.translator = translator;
-
-        if ((bufSize % translator.getEncodedBlockSize()) != 0)
-        {
-            throw new IllegalArgumentException("buffer size not multiple of input block size");
-        }
-
-        buf = new byte[bufSize];
-        bufOff = 0;
-    }
-
-    public int processByte(
-        byte        in,
-        byte[]      out,
-        int         outOff)
-    {
-        int         resultLen = 0;
-
-        buf[bufOff++] = in;
-
-        if (bufOff == buf.length)
-        {
-            resultLen = translator.encode(buf, 0, buf.length, out, outOff);
-            bufOff = 0;
-        }
-
-        return resultLen;
-    }
-
-    public int processBytes(
-        byte[]      in,
-        int         inOff,
-        int         len,
-        byte[]      out,
-        int         outOff)
-    {
-        if (len < 0)
-        {
-            throw new IllegalArgumentException("Can't have a negative input length!");
-        }
-
-        int resultLen = 0;
-        int gapLen = buf.length - bufOff;
-
-        if (len > gapLen)
-        {
-            System.arraycopy(in, inOff, buf, bufOff, gapLen);
-
-            resultLen += translator.encode(buf, 0, buf.length, out, outOff);
-
-            bufOff = 0;
-
-            len -= gapLen;
-            inOff += gapLen;
-            outOff += resultLen;
-
-            int chunkSize = len - (len % buf.length);
-
-            resultLen += translator.encode(in, inOff, chunkSize, out, outOff);
-
-            len -= chunkSize;
-            inOff += chunkSize;
-        }
-
-        if (len != 0)
-        {
-            System.arraycopy(in, inOff, buf, bufOff, len);
-
-            bufOff += len;
-        }
-
-        return resultLen;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/util/encoders/HexTranslator.java b/bcprov/src/main/java/org/bouncycastle/util/encoders/HexTranslator.java
deleted file mode 100644
index 3fff65a..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/encoders/HexTranslator.java
+++ /dev/null

@@ -1,87 +0,0 @@
-package org.bouncycastle.util.encoders;
-
-/**
- * Converters for going from hex to binary and back. Note: this class assumes ASCII processing.
- */
-public class HexTranslator
-    implements Translator
-{
-    private static final byte[]   hexTable = 
-        { 
-            (byte)'0', (byte)'1', (byte)'2', (byte)'3', (byte)'4', (byte)'5', (byte)'6', (byte)'7',
-            (byte)'8', (byte)'9', (byte)'a', (byte)'b', (byte)'c', (byte)'d', (byte)'e', (byte)'f'
-        };
-
-    /**
-     * size of the output block on encoding produced by getDecodedBlockSize()
-     * bytes.
-     */
-    public int getEncodedBlockSize()
-    {
-        return 2;
-    }
-
-    public int encode(
-        byte[]  in,
-        int     inOff,
-        int     length,
-        byte[]  out,
-        int     outOff)
-    {
-        for (int i = 0, j = 0; i < length; i++, j += 2)
-        {
-            out[outOff + j] = hexTable[(in[inOff] >> 4) & 0x0f];
-            out[outOff + j + 1] = hexTable[in[inOff] & 0x0f];
-
-            inOff++;
-        }
-
-        return length * 2;
-    }
-
-    /**
-     * size of the output block on decoding produced by getEncodedBlockSize()
-     * bytes.
-     */
-    public int getDecodedBlockSize()
-    {
-        return 1;
-    }
-
-    public int decode(
-        byte[]  in,
-        int     inOff,
-        int     length,
-        byte[]  out,
-        int     outOff)
-    {
-        int halfLength = length / 2;
-        byte left, right;
-        for (int i = 0; i < halfLength; i++)
-        {
-            left  = in[inOff + i * 2];
-            right = in[inOff + i * 2 + 1];
-            
-            if (left < (byte)'a')
-            {
-                out[outOff] = (byte)((left - '0') << 4);
-            }
-            else
-            {
-                out[outOff] = (byte)((left - 'a' + 10) << 4);
-            }
-            if (right < (byte)'a')
-            {
-                out[outOff] += (byte)(right - '0');
-            }
-            else
-            {
-                out[outOff] += (byte)(right - 'a' + 10);
-            }
-
-            outOff++;
-        }
-
-        return halfLength;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/util/encoders/Translator.java b/bcprov/src/main/java/org/bouncycastle/util/encoders/Translator.java
deleted file mode 100644
index 885ab53..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/encoders/Translator.java
+++ /dev/null

@@ -1,23 +0,0 @@
-package org.bouncycastle.util.encoders;
-
-/**
- * General interface for a translator.
- */
-public interface Translator
-{
-    /**
-     * size of the output block on encoding produced by getDecodedBlockSize()
-     * bytes.
-     */
-    public int getEncodedBlockSize();
-
-    public int encode(byte[] in, int inOff, int length, byte[] out, int outOff);
-
-    /**
-     * size of the output block on decoding produced by getEncodedBlockSize()
-     * bytes.
-     */
-    public int getDecodedBlockSize();
-
-    public int decode(byte[] in, int inOff, int length, byte[] out, int outOff);
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/util/encoders/UrlBase64.java b/bcprov/src/main/java/org/bouncycastle/util/encoders/UrlBase64.java
deleted file mode 100644
index 3b83e95..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/encoders/UrlBase64.java
+++ /dev/null

@@ -1,129 +0,0 @@
-package org.bouncycastle.util.encoders;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-
-/**
- * Convert binary data to and from UrlBase64 encoding.  This is identical to
- * Base64 encoding, except that the padding character is "." and the other 
- * non-alphanumeric characters are "-" and "_" instead of "+" and "/".
- * <p>
- * The purpose of UrlBase64 encoding is to provide a compact encoding of binary
- * data that is safe for use as an URL parameter. Base64 encoding does not
- * produce encoded values that are safe for use in URLs, since "/" can be 
- * interpreted as a path delimiter; "+" is the encoded form of a space; and
- * "=" is used to separate a name from the corresponding value in an URL 
- * parameter.
- */
-public class UrlBase64
-{
-    private static final Encoder encoder = new UrlBase64Encoder();
-    
-    /**
-     * Encode the input data producing a URL safe base 64 encoded byte array.
-     *
-     * @return a byte array containing the URL safe base 64 encoded data.
-     */
-    public static byte[] encode(
-        byte[]    data)
-    {
-        ByteArrayOutputStream    bOut = new ByteArrayOutputStream();
-        
-        try
-        {
-            encoder.encode(data, 0, data.length, bOut);
-        }
-        catch (Exception e)
-        {
-            throw new EncoderException("exception encoding URL safe base64 data: " + e.getMessage(), e);
-        }
-        
-        return bOut.toByteArray();
-    }
-
-    /**
-     * Encode the byte data writing it to the given output stream.
-     *
-     * @return the number of bytes produced.
-     */
-    public static int encode(
-        byte[]                data,
-        OutputStream    out)
-        throws IOException
-    {
-        return encoder.encode(data, 0, data.length, out);
-    }
-    
-    /**
-     * Decode the URL safe base 64 encoded input data - white space will be ignored.
-     *
-     * @return a byte array representing the decoded data.
-     */
-    public static byte[] decode(
-        byte[]    data)
-    {
-        ByteArrayOutputStream    bOut = new ByteArrayOutputStream();
-        
-        try
-        {
-            encoder.decode(data, 0, data.length, bOut);
-        }
-        catch (Exception e)
-        {
-            throw new DecoderException("exception decoding URL safe base64 string: " + e.getMessage(), e);
-        }
-        
-        return bOut.toByteArray();
-    }
-    
-    /**
-     * decode the URL safe base 64 encoded byte data writing it to the given output stream,
-     * whitespace characters will be ignored.
-     *
-     * @return the number of bytes produced.
-     */
-    public static int decode(
-        byte[]                data,
-        OutputStream    out)
-        throws IOException
-    {
-        return encoder.decode(data, 0, data.length, out);
-    }
-    
-    /**
-     * decode the URL safe base 64 encoded String data - whitespace will be ignored.
-     *
-     * @return a byte array representing the decoded data.
-     */
-    public static byte[] decode(
-        String    data)
-    {
-        ByteArrayOutputStream    bOut = new ByteArrayOutputStream();
-        
-        try
-        {
-            encoder.decode(data, bOut);
-        }
-        catch (Exception e)
-        {
-            throw new DecoderException("exception decoding URL safe base64 string: " + e.getMessage(), e);
-        }
-        
-        return bOut.toByteArray();
-    }
-    
-    /**
-     * Decode the URL safe base 64 encoded String data writing it to the given output stream,
-     * whitespace characters will be ignored.
-     *
-     * @return the number of bytes produced.
-     */
-    public static int decode(
-        String                data,
-        OutputStream    out)
-        throws IOException
-    {
-        return encoder.decode(data, out);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/util/encoders/UrlBase64Encoder.java b/bcprov/src/main/java/org/bouncycastle/util/encoders/UrlBase64Encoder.java
deleted file mode 100644
index a5fff5e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/encoders/UrlBase64Encoder.java
+++ /dev/null

@@ -1,25 +0,0 @@
-package org.bouncycastle.util.encoders;
-
-/**
- * Convert binary data to and from UrlBase64 encoding.  This is identical to
- * Base64 encoding, except that the padding character is "." and the other 
- * non-alphanumeric characters are "-" and "_" instead of "+" and "/".
- * <p>
- * The purpose of UrlBase64 encoding is to provide a compact encoding of binary
- * data that is safe for use as an URL parameter. Base64 encoding does not
- * produce encoded values that are safe for use in URLs, since "/" can be 
- * interpreted as a path delimiter; "+" is the encoded form of a space; and
- * "=" is used to separate a name from the corresponding value in an URL 
- * parameter.
- */
-public class UrlBase64Encoder extends Base64Encoder
-{
-    public UrlBase64Encoder()
-    {
-        encodingTable[encodingTable.length - 2] = (byte) '-';
-        encodingTable[encodingTable.length - 1] = (byte) '_';
-        padding = (byte) '.';
-        // we must re-create the decoding table with the new encoded values.
-        initialiseDecodingTable();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/util/encoders/package.html b/bcprov/src/main/java/org/bouncycastle/util/encoders/package.html
deleted file mode 100644
index 3be222b..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/encoders/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Classes for producing and reading Base64 and Hex strings.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/util/io/BufferingOutputStream.java b/bcprov/src/main/java/org/bouncycastle/util/io/BufferingOutputStream.java
deleted file mode 100644
index 9d5fe14..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/io/BufferingOutputStream.java
+++ /dev/null

@@ -1,108 +0,0 @@
-package org.bouncycastle.util.io;
-
-import java.io.IOException;
-import java.io.OutputStream;
-
-import org.bouncycastle.util.Arrays;
-
-/**
- * An output stream that buffers data to be feed into an encapsulated output stream.
- * <p>
- * The stream zeroes out the internal buffer on each flush.
- * </p>
- */
-public class BufferingOutputStream
-    extends OutputStream
-{
-    private final OutputStream other;
-    private final byte[] buf;
-
-    private int   bufOff;
-
-    /**
-     * Create a buffering stream with the default buffer size (4096).
-     *
-     * @param other output stream to be wrapped.
-     */
-    public BufferingOutputStream(OutputStream other)
-    {
-        this.other = other;
-        this.buf = new byte[4096];
-    }
-
-    /**
-     * Create a buffering stream with a specified buffer size.
-     *
-     * @param other output stream to be wrapped.
-     * @param bufferSize size in bytes for internal buffer.
-     */
-    public BufferingOutputStream(OutputStream other, int bufferSize)
-    {
-        this.other = other;
-        this.buf = new byte[bufferSize];
-    }
-
-    public void write(byte[] bytes, int offset, int len)
-        throws IOException
-    {
-        if (len < buf.length - bufOff)
-        {
-            System.arraycopy(bytes, offset, buf, bufOff, len);
-            bufOff += len;
-        }
-        else
-        {
-            int gap = buf.length - bufOff;
-
-            System.arraycopy(bytes, offset, buf, bufOff, gap);
-            bufOff += gap;
-
-            flush();
-
-            offset += gap;
-            len -= gap;
-            while (len >= buf.length)
-            {
-                other.write(bytes, offset, buf.length);
-                offset += buf.length;
-                len -= buf.length;
-            }
-
-            if (len > 0)
-            {
-                System.arraycopy(bytes, offset, buf, bufOff, len);
-                bufOff += len;
-            }
-        }
-    }
-
-    public void write(int b)
-        throws IOException
-    {
-        buf[bufOff++] = (byte)b;
-        if (bufOff == buf.length)
-        {
-            flush();
-        }
-    }
-
-    /**
-     * Flush the internal buffer to the encapsulated output stream. Zero the buffer contents when done.
-     *
-     * @throws IOException on error.
-     */
-    public void flush()
-        throws IOException
-    {
-        other.write(buf, 0, bufOff);
-        bufOff = 0;
-        Arrays.fill(buf, (byte)0);
-    }
-
-    public void close()
-        throws IOException
-    {
-        flush();
-        other.close();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/util/io/package.html b/bcprov/src/main/java/org/bouncycastle/util/io/package.html
deleted file mode 100644
index e987cca..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/io/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-General purpose I/O helper classes and wrappers.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/util/io/pem/package.html b/bcprov/src/main/java/org/bouncycastle/util/io/pem/package.html
deleted file mode 100644
index c5cc4a5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/io/pem/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Classes for reading and writing raw PEM objects.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/util/package.html b/bcprov/src/main/java/org/bouncycastle/util/package.html
deleted file mode 100644
index c9247ea..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-General purpose utility classes used throughout the APIs.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/util/test/FixedSecureRandom.java b/bcprov/src/main/java/org/bouncycastle/util/test/FixedSecureRandom.java
deleted file mode 100644
index 63c7a82..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/test/FixedSecureRandom.java
+++ /dev/null

@@ -1,335 +0,0 @@
-package org.bouncycastle.util.test;
-
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.security.Provider;
-import java.security.SecureRandom;
-
-import org.bouncycastle.util.Pack;
-import org.bouncycastle.util.encoders.Hex;
-
-/**
- * A secure random that returns pre-seeded data to calls of nextBytes() or generateSeed().
- */
-public class FixedSecureRandom
-    extends SecureRandom
-{
-    private static java.math.BigInteger REGULAR = new java.math.BigInteger("01020304ffffffff0506070811111111", 16);
-    private static java.math.BigInteger ANDROID = new java.math.BigInteger("1111111105060708ffffffff01020304", 16);
-    private static java.math.BigInteger CLASSPATH = new java.math.BigInteger("3020104ffffffff05060708111111", 16);
-
-    private static final boolean isAndroidStyle;
-    private static final boolean isClasspathStyle;
-    private static final boolean isRegularStyle;
-
-    static
-    {
-        java.math.BigInteger check1 = new java.math.BigInteger(128, new RandomChecker());
-        java.math.BigInteger check2 = new java.math.BigInteger(120, new RandomChecker());
-
-        isAndroidStyle = check1.equals(ANDROID);
-        isRegularStyle = check1.equals(REGULAR);
-        isClasspathStyle = check2.equals(CLASSPATH);
-    }
-
-    private byte[]       _data;
-    private int          _index;
-
-    /**
-     * Base class for sources of fixed "Randomness"
-     */
-    public static class Source
-    {
-        byte[] data;
-
-        Source(byte[] data)
-        {
-            this.data = data;
-        }
-    }
-
-    /**
-     * Data Source - in this case we just expect requests for byte arrays.
-     */
-    public static class Data
-        extends Source
-    {
-        public Data(byte[] data)
-        {
-            super(data);
-        }
-    }
-
-    /**
-     * BigInteger Source - in this case we expect requests for data that will be used
-     * for BigIntegers. The FixedSecureRandom will attempt to compensate for platform differences here.
-     */
-    public static class BigInteger
-        extends Source
-    {
-        public BigInteger(byte[] data)
-        {
-            super(data);
-        }
-
-        public BigInteger(int bitLength, byte[] data)
-        {
-            super(expandToBitLength(bitLength, data));
-        }
-
-        public BigInteger(String hexData)
-        {
-            this(Hex.decode(hexData));
-        }
-
-        public BigInteger(int bitLength, String hexData)
-        {
-            super(expandToBitLength(bitLength, Hex.decode(hexData)));
-        }
-    }
-
-    public FixedSecureRandom(byte[] value)
-    {
-        this(new Source[] { new Data(value) });
-    }
-
-    public FixedSecureRandom(
-        byte[][] values)
-    {
-        this(buildDataArray(values));
-    }
-
-    private static Data[] buildDataArray(byte[][] values)
-    {
-        Data[] res = new Data[values.length];
-
-        for (int i = 0; i != values.length; i++)
-        {
-            res[i] = new Data(values[i]);
-        }
-
-        return res;
-    }
-
-    public FixedSecureRandom(
-        Source[] sources)
-    {
-        super(null, new DummyProvider());   // to prevent recursion in provider creation
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-
-        if (isRegularStyle)
-        {
-            if (isClasspathStyle)
-            {
-                for (int i = 0; i != sources.length; i++)
-                {
-                    try
-                    {
-                        if (sources[i] instanceof BigInteger)
-                        {
-                            byte[] data = sources[i].data;
-                            int len = data.length - (data.length % 4);
-                            for (int w = data.length - len - 1; w >= 0; w--)
-                            {
-                                bOut.write(data[w]);
-                            }
-                            for (int w = data.length - len; w < data.length; w += 4)
-                            {
-                                bOut.write(data, w, 4);
-                            }
-                        }
-                        else
-                        {
-                            bOut.write(sources[i].data);
-                        }
-                    }
-                    catch (IOException e)
-                    {
-                        throw new IllegalArgumentException("can't save value source.");
-                    }
-                }
-            }
-            else
-            {
-                for (int i = 0; i != sources.length; i++)
-                {
-                    try
-                    {
-                        bOut.write(sources[i].data);
-                    }
-                    catch (IOException e)
-                    {
-                        throw new IllegalArgumentException("can't save value source.");
-                    }
-                }
-            }
-        }
-        else if (isAndroidStyle)
-        {
-            for (int i = 0; i != sources.length; i++)
-            {
-                try
-                {
-                    if (sources[i] instanceof BigInteger)
-                    {
-                        byte[] data = sources[i].data;
-                        int len = data.length - (data.length % 4);
-                        for (int w = 0; w < len; w += 4)
-                        {
-                            bOut.write(data, data.length - (w + 4), 4);
-                        }
-                        if (data.length - len != 0)
-                        {
-                            for (int w = 0; w != 4 - (data.length - len); w++)
-                            {
-                                bOut.write(0);
-                            }
-                        }
-                        for (int w = 0; w != data.length - len; w++)
-                        {
-                            bOut.write(data[len + w]);
-                        }
-                    }
-                    else
-                    {
-                        bOut.write(sources[i].data);
-                    }
-                }
-                catch (IOException e)
-                {
-                    throw new IllegalArgumentException("can't save value source.");
-                }
-            }
-        }
-        else
-        {
-            throw new IllegalStateException("Unrecognized BigInteger implementation");
-        }
-
-        _data = bOut.toByteArray();
-    }
-
-    public void nextBytes(byte[] bytes)
-    {
-        System.arraycopy(_data, _index, bytes, 0, bytes.length);
-
-        _index += bytes.length;
-    }
-
-    public byte[] generateSeed(int numBytes)
-    {
-        byte[] bytes = new byte[numBytes];
-
-        this.nextBytes(bytes);
-
-        return bytes;
-    }
-
-    //
-    // classpath's implementation of SecureRandom doesn't currently go back to nextBytes
-    // when next is called. We can't override next as it's a final method.
-    //
-    public int nextInt()
-    {
-        int val = 0;
-        
-        val |= nextValue() << 24;
-        val |= nextValue() << 16;
-        val |= nextValue() << 8;
-        val |= nextValue();
-
-        return val;
-    }
-    
-    //
-    // classpath's implementation of SecureRandom doesn't currently go back to nextBytes
-    // when next is called. We can't override next as it's a final method.
-    //
-    public long nextLong()
-    {
-        long val = 0;
-        
-        val |= (long)nextValue() << 56;
-        val |= (long)nextValue() << 48;
-        val |= (long)nextValue() << 40;
-        val |= (long)nextValue() << 32;
-        val |= (long)nextValue() << 24;
-        val |= (long)nextValue() << 16;
-        val |= (long)nextValue() << 8;
-        val |= (long)nextValue();
-        
-        return val;
-    }
-
-    public boolean isExhausted()
-    {
-        return _index == _data.length;
-    }
-
-    private int nextValue()
-    {
-        return _data[_index++] & 0xff;
-    }
-
-    private static class RandomChecker
-        extends SecureRandom
-    {
-        RandomChecker()
-        {
-            super(null, new DummyProvider());       // to prevent recursion in provider creation
-        }
-
-        byte[] data = Hex.decode("01020304ffffffff0506070811111111");
-        int    index = 0;
-
-        public void nextBytes(byte[] bytes)
-        {
-            System.arraycopy(data, index, bytes, 0, bytes.length);
-
-            index += bytes.length;
-        }
-    }
-
-    private static byte[] expandToBitLength(int bitLength, byte[] v)
-    {
-        if ((bitLength + 7) / 8 > v.length)
-        {
-            byte[] tmp = new byte[(bitLength + 7) / 8];
-
-            System.arraycopy(v, 0, tmp, tmp.length - v.length, v.length);
-            if (isAndroidStyle)
-            {
-                if (bitLength % 8 != 0)
-                {
-                    int i = Pack.bigEndianToInt(tmp, 0);
-                    Pack.intToBigEndian(i << (8 - (bitLength % 8)), tmp, 0);
-                }
-            }
-
-            return tmp;
-        }
-        else
-        {
-            if (isAndroidStyle && bitLength < (v.length * 8))
-            {
-                if (bitLength % 8 != 0)
-                {
-                    int i = Pack.bigEndianToInt(v, 0);
-                    Pack.intToBigEndian(i << (8 - (bitLength % 8)), v, 0);
-                }
-            }
-        }
-
-        return v;
-    }
-
-    private static class DummyProvider
-        extends Provider
-    {
-        DummyProvider()
-        {
-            super("BCFIPS_FIXED_RNG", 1.0, "BCFIPS Fixed Secure Random Provider");
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/util/test/NumberParsing.java b/bcprov/src/main/java/org/bouncycastle/util/test/NumberParsing.java
deleted file mode 100644
index a060dd8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/test/NumberParsing.java
+++ /dev/null

@@ -1,34 +0,0 @@
-package org.bouncycastle.util.test;
-
-/**
- * Parsing
- */
-public final class NumberParsing
-{
-    private NumberParsing() 
-    {
-        // Hide constructor
-    }
-    
-    public static long decodeLongFromHex(String longAsString) 
-    {
-        if ((longAsString.charAt(1) == 'x')
-            || (longAsString.charAt(1) == 'X'))
-        {
-            return Long.parseLong(longAsString.substring(2), 16);
-        }
-
-        return Long.parseLong(longAsString, 16);
-    }
-    
-    public static int decodeIntFromHex(String intAsString)
-    {
-        if ((intAsString.charAt(1) == 'x')
-            || (intAsString.charAt(1) == 'X'))
-        {
-            return Integer.parseInt(intAsString.substring(2), 16);
-        }
-
-        return Integer.parseInt(intAsString, 16);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/util/test/SimpleTest.java b/bcprov/src/main/java/org/bouncycastle/util/test/SimpleTest.java
deleted file mode 100644
index 146fb12..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/test/SimpleTest.java
+++ /dev/null

@@ -1,207 +0,0 @@
-package org.bouncycastle.util.test;
-
-import java.io.PrintStream;
-
-import org.bouncycastle.util.Arrays;
-
-public abstract class SimpleTest
-    implements Test
-{
-    public abstract String getName();
-
-    private TestResult success()
-    {
-        return SimpleTestResult.successful(this, "Okay");
-    }
-
-    protected void fail(
-        String message)
-    {
-        throw new TestFailedException(SimpleTestResult.failed(this, message));
-    }
-
-    protected void isTrue(
-        boolean value)
-    {
-        if (!value)
-        {
-            throw new TestFailedException(SimpleTestResult.failed(this, "no message"));
-        }
-    }
-
-    protected void isTrue(
-        String message,
-        boolean value)
-    {
-        if (!value)
-        {
-            throw new TestFailedException(SimpleTestResult.failed(this, message));
-        }
-    }
-
-    protected void isEquals(
-        Object a,
-        Object b)
-    {
-        if (!a.equals(b))
-        {
-            throw new TestFailedException(SimpleTestResult.failed(this, "no message"));
-        }
-    }
-
-    protected void isEquals(
-        int a,
-        int b)
-    {
-        if (a != b)
-        {
-            throw new TestFailedException(SimpleTestResult.failed(this, "no message"));
-        }
-    }
-
-    protected void isEquals(
-        long a,
-        long b)
-    {
-        if (a != b)
-        {
-            throw new TestFailedException(SimpleTestResult.failed(this, "no message"));
-        }
-    }
-
-    protected void isEquals(
-        String message,
-        boolean a,
-        boolean b)
-    {
-        if (a != b)
-        {
-            throw new TestFailedException(SimpleTestResult.failed(this, message));
-        }
-    }
-
-    protected void isEquals(
-        String message,
-        long a,
-        long b)
-    {
-        if (a != b)
-        {
-            throw new TestFailedException(SimpleTestResult.failed(this, message));
-        }
-    }
-
-    protected void isEquals(
-        String message,
-        Object a,
-        Object b)
-    {
-        if (a == null && b == null)
-        {
-            return;
-        }
-        else if (a == null)
-        {
-            throw new TestFailedException(SimpleTestResult.failed(this, message));
-        }
-        else if (b == null)
-        {
-            throw new TestFailedException(SimpleTestResult.failed(this, message));
-        }
-
-        if (!a.equals(b))
-        {
-            throw new TestFailedException(SimpleTestResult.failed(this, message));
-        }
-    }
-
-    protected boolean areEqual(byte[][] left, byte[][] right)
-    {
-        if (left == null && right == null)
-        {
-            return true;
-        }
-        else if (left == null || right == null)
-        {
-            return false;
-        }
-
-        if (left.length != right.length)
-        {
-            return false;
-        }
-
-        for (int t = 0; t < left.length; t++)
-        {
-            if (areEqual(left[t], right[t]))
-            {
-                continue;
-            }
-            return false;
-        }
-
-        return true;
-    }
-
-
-    protected void fail(
-        String message,
-        Throwable throwable)
-    {
-        throw new TestFailedException(SimpleTestResult.failed(this, message, throwable));
-    }
-
-    protected void fail(
-        String message,
-        Object expected,
-        Object found)
-    {
-        throw new TestFailedException(SimpleTestResult.failed(this, message, expected, found));
-    }
-
-    protected boolean areEqual(
-        byte[] a,
-        byte[] b)
-    {
-        return Arrays.areEqual(a, b);
-    }
-
-    public TestResult perform()
-    {
-        try
-        {
-            performTest();
-            return success();
-        }
-        catch (TestFailedException e)
-        {
-            return e.getResult();
-        }
-        catch (Exception e)
-        {
-            return SimpleTestResult.failed(this, "Exception: " + e, e);
-        }
-    }
-
-    protected static void runTest(
-        Test test)
-    {
-        runTest(test, System.out);
-    }
-
-    protected static void runTest(
-        Test test,
-        PrintStream out)
-    {
-        TestResult result = test.perform();
-
-        out.println(result.toString());
-        if (result.getException() != null)
-        {
-            result.getException().printStackTrace(out);
-        }
-    }
-
-    public abstract void performTest()
-        throws Exception;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/util/test/SimpleTestResult.java b/bcprov/src/main/java/org/bouncycastle/util/test/SimpleTestResult.java
deleted file mode 100644
index e047ac8..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/test/SimpleTestResult.java
+++ /dev/null

@@ -1,82 +0,0 @@
-package org.bouncycastle.util.test;
-
-import org.bouncycastle.util.Strings;
-
-public class SimpleTestResult implements TestResult
-{
-    private static final String SEPARATOR = Strings.lineSeparator();
-
-    private boolean             success;
-    private String              message;
-    private Throwable           exception;
-
-    public SimpleTestResult(boolean success, String message)
-    {
-        this.success = success;
-        this.message = message;
-    }
-
-    public SimpleTestResult(boolean success, String message, Throwable exception)
-    {
-        this.success = success;
-        this.message = message;
-        this.exception = exception;
-    }
-
-    public static TestResult successful(
-        Test test, 
-        String message)
-    {
-        return new SimpleTestResult(true, test.getName() + ": " + message);
-    }
-
-    public static TestResult failed(
-        Test test, 
-        String message)
-    {
-        return new SimpleTestResult(false, test.getName() + ": " + message);
-    }
-    
-    public static TestResult failed(
-        Test test, 
-        String message, 
-        Throwable t)
-    {
-        return new SimpleTestResult(false, test.getName() + ": " + message, t);
-    }
-    
-    public static TestResult failed(
-        Test test, 
-        String message, 
-        Object expected, 
-        Object found)
-    {
-        return failed(test, message + SEPARATOR + "Expected: " + expected + SEPARATOR + "Found   : " + found);
-    }
-    
-    public static String failedMessage(String algorithm, String testName, String expected,
-            String actual)
-    {
-        StringBuffer sb = new StringBuffer(algorithm);
-        sb.append(" failing ").append(testName);
-        sb.append(SEPARATOR).append("    expected: ").append(expected);
-        sb.append(SEPARATOR).append("    got     : ").append(actual);
-
-        return sb.toString();
-    }
-
-    public boolean isSuccessful()
-    {
-        return success;
-    }
-
-    public String toString()
-    {
-        return message;
-    }
-
-    public Throwable getException()
-    {
-        return exception;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/util/test/Test.java b/bcprov/src/main/java/org/bouncycastle/util/test/Test.java
deleted file mode 100644
index e631cd0..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/test/Test.java
+++ /dev/null

@@ -1,8 +0,0 @@
-package org.bouncycastle.util.test;
-
-public interface Test
-{
-    String getName();
-
-    TestResult perform();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/util/test/TestFailedException.java b/bcprov/src/main/java/org/bouncycastle/util/test/TestFailedException.java
deleted file mode 100644
index 21e95d3..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/test/TestFailedException.java
+++ /dev/null

@@ -1,18 +0,0 @@
-package org.bouncycastle.util.test;
-
-public class TestFailedException 
-    extends RuntimeException
-{
-    private TestResult _result;
-    
-    public TestFailedException(
-        TestResult result)
-    {
-        _result = result;
-    }
-    
-    public TestResult getResult()
-    {
-        return _result;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/util/test/TestRandomBigInteger.java b/bcprov/src/main/java/org/bouncycastle/util/test/TestRandomBigInteger.java
deleted file mode 100644
index db27989..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/test/TestRandomBigInteger.java
+++ /dev/null

@@ -1,52 +0,0 @@
-package org.bouncycastle.util.test;
-
-import org.bouncycastle.util.BigIntegers;
-
-/**
- * A fixed secure random designed to return data for someone needing to create a single BigInteger.
- */
-public class TestRandomBigInteger
-    extends FixedSecureRandom
-{
-    /**
-     * Constructor from a base 10 represention of a BigInteger.
-     *
-     * @param encoding a base 10 represention of a BigInteger.
-     */
-    public TestRandomBigInteger(String encoding)
-    {
-        this(encoding, 10);
-    }
-
-    /**
-     * Constructor from a base radix represention of a BigInteger.
-     *
-     * @param encoding a String BigInteger of base radix.
-     * @param radix the radix to use.
-     */
-    public TestRandomBigInteger(String encoding, int radix)
-    {
-        super(new FixedSecureRandom.Source[] { new FixedSecureRandom.BigInteger(BigIntegers.asUnsignedByteArray(new java.math.BigInteger(encoding, radix))) });
-    }
-
-    /**
-     * Constructor based on a byte array.
-     *
-     * @param encoding a 2's complement representation of the BigInteger.
-     */
-    public TestRandomBigInteger(byte[] encoding)
-    {
-        super(new FixedSecureRandom.Source[] { new FixedSecureRandom.BigInteger(encoding) });
-    }
-
-    /**
-     * Constructor which ensures encoding will produce a BigInteger from a request from the passed in bitLength.
-     *
-     * @param bitLength bit length for the BigInteger data request.
-     * @param encoding bytes making up the encoding.
-     */
-    public TestRandomBigInteger(int bitLength, byte[] encoding)
-    {
-        super(new FixedSecureRandom.Source[] { new FixedSecureRandom.BigInteger(bitLength, encoding) });
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/util/test/TestRandomData.java b/bcprov/src/main/java/org/bouncycastle/util/test/TestRandomData.java
deleted file mode 100644
index e069041..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/test/TestRandomData.java
+++ /dev/null

@@ -1,30 +0,0 @@
-package org.bouncycastle.util.test;
-
-import org.bouncycastle.util.encoders.Hex;
-
-/**
- * A fixed secure random designed to return data for someone needing random bytes.
- */
-public class TestRandomData
-    extends FixedSecureRandom
-{
-    /**
-     * Constructor from a Hex encoding of the data.
-     *
-     * @param encoding a Hex encoding of the data to be returned.
-     */
-    public TestRandomData(String encoding)
-    {
-        super(new Source[] { new FixedSecureRandom.Data(Hex.decode(encoding)) });
-    }
-
-    /**
-     * Constructor from an array of bytes.
-     *
-     * @param encoding a byte array representing the data to be returned.
-     */
-    public TestRandomData(byte[] encoding)
-    {
-        super(new Source[] { new FixedSecureRandom.Data(encoding) });
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/util/test/TestRandomEntropySourceProvider.java b/bcprov/src/main/java/org/bouncycastle/util/test/TestRandomEntropySourceProvider.java
deleted file mode 100644
index e18dafe..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/test/TestRandomEntropySourceProvider.java
+++ /dev/null

@@ -1,57 +0,0 @@
-package org.bouncycastle.util.test;
-
-import java.security.SecureRandom;
-
-import org.bouncycastle.crypto.prng.EntropySource;
-import org.bouncycastle.crypto.prng.EntropySourceProvider;
-
-/**
- * A class for returning "quick entropy" for testing purposes.
- */
-public class TestRandomEntropySourceProvider
-    implements EntropySourceProvider
-{
-    private final SecureRandom _sr;
-    private final boolean      _predictionResistant;
-
-    /**
-     * Create a test entropy source provider.
-     *
-     * @param isPredictionResistant boolean indicating if the SecureRandom is based on prediction resistant entropy or not (true if it is).
-     */
-    public TestRandomEntropySourceProvider(boolean isPredictionResistant)
-    {
-        _sr = new SecureRandom();
-        _predictionResistant = isPredictionResistant;
-    }
-
-    /**
-     * Return an entropy source that will create bitsRequired bits of entropy on
-     * each invocation of getEntropy().
-     *
-     * @param bitsRequired size (in bits) of entropy to be created by the provided source.
-     * @return an EntropySource that generates bitsRequired bits of entropy on each call to its getEntropy() method.
-     */
-    public EntropySource get(final int bitsRequired)
-    {
-        return new EntropySource()
-        {
-            public boolean isPredictionResistant()
-            {
-                return _predictionResistant;
-            }
-
-            public byte[] getEntropy()
-            {
-                byte[] rv = new byte[(bitsRequired + 7) / 8];
-                _sr.nextBytes(rv);
-                return rv;
-            }
-
-            public int entropySize()
-            {
-                return bitsRequired;
-            }
-        };
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/util/test/TestResult.java b/bcprov/src/main/java/org/bouncycastle/util/test/TestResult.java
deleted file mode 100644
index 0a1885f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/test/TestResult.java
+++ /dev/null

@@ -1,10 +0,0 @@
-package org.bouncycastle.util.test;
-
-public interface TestResult
-{
-    public boolean isSuccessful();
-    
-    public Throwable getException();
-    
-    public String toString();
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/util/test/UncloseableOutputStream.java b/bcprov/src/main/java/org/bouncycastle/util/test/UncloseableOutputStream.java
deleted file mode 100644
index d20a28f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/test/UncloseableOutputStream.java
+++ /dev/null

@@ -1,28 +0,0 @@
-package org.bouncycastle.util.test;
-
-import java.io.FilterOutputStream;
-import java.io.IOException;
-import java.io.OutputStream;
-
-/**
- * This is a testing utility class to check the property that an {@link OutputStream} is never
- * closed in some particular context - typically when wrapped by another {@link OutputStream} that
- * should not be forwarding its {@link OutputStream#close()} calls. Not needed in production code.
- */
-public class UncloseableOutputStream extends FilterOutputStream
-{
-    public UncloseableOutputStream(OutputStream s)
-    {
-        super(s);
-    }
-
-    public void close()
-    {
-        throw new RuntimeException("close() called on UncloseableOutputStream");
-    }
-
-    public void write(byte[] b, int off, int len) throws IOException
-    {
-        out.write(b, off, len);
-    }
- }

diff --git a/bcprov/src/main/java/org/bouncycastle/util/test/package.html b/bcprov/src/main/java/org/bouncycastle/util/test/package.html
deleted file mode 100644
index e723fd1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/util/test/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Light weight test API. If you can use Junit!
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/x509/CertPathReviewerException.java b/bcprov/src/main/java/org/bouncycastle/x509/CertPathReviewerException.java
deleted file mode 100644
index 173d478..0000000
--- a/bcprov/src/main/java/org/bouncycastle/x509/CertPathReviewerException.java
+++ /dev/null

@@ -1,72 +0,0 @@
-package org.bouncycastle.x509;
-
-import java.security.cert.CertPath;
-
-import org.bouncycastle.i18n.ErrorBundle;
-import org.bouncycastle.i18n.LocalizedException;
-
-public class CertPathReviewerException extends LocalizedException
-{
-
-    private int index = -1;
-    
-    private CertPath certPath = null;
-    
-    public CertPathReviewerException(ErrorBundle errorMessage, Throwable throwable)
-    {
-        super(errorMessage, throwable);
-    }
-
-    public CertPathReviewerException(ErrorBundle errorMessage)
-    {
-        super(errorMessage);
-    }
-
-    public CertPathReviewerException(
-            ErrorBundle errorMessage, 
-            Throwable throwable,
-            CertPath certPath,
-            int index)
-    {
-        super(errorMessage, throwable);
-        if (certPath == null || index == -1)
-        {
-            throw new IllegalArgumentException();
-        }
-        if (index < -1 || (certPath != null && index >= certPath.getCertificates().size()))
-        {
-            throw new IndexOutOfBoundsException();
-        }
-        this.certPath = certPath;
-        this.index = index;
-    }
-    
-    public CertPathReviewerException(
-            ErrorBundle errorMessage, 
-            CertPath certPath,
-            int index)
-    {
-        super(errorMessage);
-        if (certPath == null || index == -1)
-        {
-            throw new IllegalArgumentException();
-        }
-        if (index < -1 || (certPath != null && index >= certPath.getCertificates().size()))
-        {
-            throw new IndexOutOfBoundsException();
-        }
-        this.certPath = certPath;
-        this.index = index;
-    }
-    
-    public CertPath getCertPath()
-    {
-        return certPath;
-    }
-    
-    public int getIndex()
-    {
-        return index;
-    }
-
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/x509/CertPathReviewerMessages_de.properties b/bcprov/src/main/java/org/bouncycastle/x509/CertPathReviewerMessages_de.properties
deleted file mode 100644
index b9398ea..0000000
--- a/bcprov/src/main/java/org/bouncycastle/x509/CertPathReviewerMessages_de.properties
+++ /dev/null

@@ -1,621 +0,0 @@
-
-## constructor exceptions 
-
-# cert path is empty
-CertPathReviewer.emptyCertPath.title = Zertifizierungspfad ist leer
-CertPathReviewer.emptyCertPath.text = PKIXCertPathReviewer: der Zertifizierungspfad ist leer.
-CertPathReviewer.emptyCertPath.summary = PKIXCertPathReviewer: der Zertifizierungspfad ist leer.
-CertPathReviewer.emptyCertPath.details = PKIXCertPathReviewer: der Zertifizierungspfad ist leer.
-
-## name constraints processing errors
-
-# cert DN is not in the permitted tree
-# {0} DN as String 
-CertPathReviewer.notPermittedDN.title = Fehler bei der Namensbeschränkung: Zertifikats DN ist nicht erlaubt
-CertPathReviewer.notPermittedDN.text = Fehler bei der Namensbeschränkung: Der Zertifikats DN {0} ist nicht erlaubt.
-CertPathReviewer.notPermittedDN.summary = Fehler bei der Namensbeschränkung: Der Zertifikats DN ist nicht erlaubt.
-CertPathReviewer.notPermittedDN.details = Fehler bei der Namensbeschränkung: Der Zertifikats DN {0} ist nicht im Set der erlaubten DNs.
-
-# cert DN is in the excluded tree
-# {0} DN as String
-CertPathReviewer.excludedDN.title = Fehler bei der Namensbeschränkung: Zertifikats DN ist ausgeschlossen
-CertPathReviewer.excludedDN.text = Fehler bei der Namensbeschränkung: Der Zertifikats DN {0} ist ausgeschlossen.
-CertPathReviewer.excludedDN.summary = Fehler bei der Namensbeschränkung: Der Zertifikats DN ist ausgeschlossen
-CertPathReviewer.excludedDN.details = Fehler bei der Namensbeschränkung: Der Zertifikats DN ist {0} is innerhalb des Sets von ausgeschlossenen DNs.
-
-# cert email is not in the permitted tree
-# {0} email address as String
-CertPathReviewer.notPermittedEmail.title = Fehler bei der Namensbeschränkung: nicht erlaubte Email Addresse
-CertPathReviewer.notPermittedEmail.text = Fehler bei der Namensbeschränkung: Das Zertifikat enthält die nicht erlaubte Email Addresse {0}.
-CertPathReviewer.notPermittedEmail.summary = Fehler bei der Namensbeschränkung: Die Email Addresse ist nicht erlaubt.
-CertPathReviewer.notPermittedEmail.details = Fehler bei der Namensbeschränkung: Das Zertifikat enthält die Email Addresse {0}, welche nicht im Set der erlaubten Email Addressen ist.
-
-# cert email is in the excluded tree
-# {0} email as String
-CertPathReviewer.excludedEmail.title = Fehler bei der Namensbeschränkung: Email Addresse ausgeschlossen
-CertPathReviewer.excludedEmail.text = Fehler bei der Namensbeschränkung: Die Email Addresse {0} im Zertifikat ist ausgeschlossen. 
-CertPathReviewer.excludedEmail.summary = Fehler bei der Namensbeschränkung: Die Email Addresse ist ausgeschlossen.
-CertPathReviewer.excludedEmail.details = Fehler bei der Namensbeschränkung: Das Zertifikat enthält die Email Addresse {0}, welche im Set der ausgeschlossenen Email Addressen ist.
-
-# cert IP is not in the permitted tree
-# {0} ip address as String
-CertPathReviewer.notPermittedIP.title = Fehler bei der Namensbeschränkung: nicht erlaubte IP Addresse
-CertPathReviewer.notPermittedIP.text = Fehler bei der Namensbeschränkung: Das Zertifikat enthält die nicht erlaubte IP Addresse {0}.
-CertPathReviewer.notPermittedIP.summary = Fehler bei der Namensbeschränkung: Die IP Addresse ist nicht erlaubt.
-CertPathReviewer.notPermittedIP.details = Fehler bei der Namensbeschränkung: Das Zertifikat enthält die IP Addresse {0}, welche nicht im Set der erlaubten IP Addressen ist.
-
-# cert ip is in the excluded tree
-# {0} ip address as String
-CertPathReviewer.excludedIP.title = Fehler bei der Namensbeschränkung: Ausgeschlossene IP Addresse
-CertPathReviewer.excludedIP.text = Fehler bei der Namensbeschränkung: Das Zertifikat enhält die ausgeschlossene IP Addresse {0}.
-CertPathReviewer.excludedIP.summary = Fehler bei der Namensbeschränkung: Die IP Addresse im Zertifikat ist ausgeschlossen.
-CertPathReviewer.excludedIP.details = Fehler bei der Namensbeschränkung: Das Zertifikat enthält die IP Addresse {0}, welche im Set der ausgeschlossenen IP Addressen ist.
-
-# error processing the name constraints extension
-CertPathReviewer.ncExtError.title = Prüfen der Namensbeschränkungen fehlgeschlagen
-CertPathReviewer.ncExtError.text = Prüfen der Namensbeschränkungen fehlgeschlagen: Es gab Fehler bei der Verarbeitung der Name Constraints Erweiterung des Zertifikats.
-CertPathReviewer.ncExtError.summary = Prüfen der Namensbeschränkungen fehlgeschlagen: Fehler bei der Verarbeitung der Name Constraints Erweiterung.
-CertPathReviewer.ncExtError.details = Prüfen der Namensbeschränkungen fehlgeschlagen: Es gab Fehler bei der Verarbeitung der Name Constraints Erweiterung des Zertifikats.
-
-# error processing the subject alternative name extension
-CertPathReviewer.subjAltNameExtError.title = Prüfen der Namensbeschränkungen fehlgeschlagen
-CertPathReviewer.subjAltNameExtError.text = Prüfen der Namensbeschränkungen fehlgeschlagen: Es gab Fehler bei der Verarbeitung der Subject Alternative Name Erweiterung des Zertifikats.
-CertPathReviewer.subjAltNameExtError.summary = Prüfen der Namensbeschränkungen fehlgeschlagen: Fehler bei der Verarbeitung der Subject Alternative Name Erweiterung.
-CertPathReviewer.subjAltNameExtError.details = Prüfen der Namensbeschränkungen fehlgeschlagen: Es gab Fehler bei der Verarbeitung der Subject Alternative Name Erweiterung des Zertifikats.
-
-# exception extracting subject name when checking subtrees
-# {0} subject Principal
-CertPathReviewer.ncSubjectNameError.title = Prüfen der Namensbeschränkungen fehlgeschlagen
-CertPathReviewer.ncSubjectNameError.text = Prüfen der Namensbeschränkungen fehlgeschlagen: Es gab einen Fehler beim auslesen des DN des Zertifikats.
-CertPathReviewer.ncSubjectNameError.summary = Prüfen der Namensbeschränkungen fehlgeschlagen: Fehler beim auslesen des DNs.
-CertPathReviewer.ncSubjectNameError.details = Prüfen der Namensbeschränkungen fehlgeschlagen: Es gab einen Fehler beim auslesen des DN des Zertifikats.
-
-
-## path length errors
-
-# max path length extended
-CertPathReviewer.pathLenghtExtended.title = Maximale Pfadlänge überschritten 
-CertPathReviewer.pathLenghtExtended.text = Zertifizierungspfad ungültig: die Maximale Pfadlänge ist überschritten.
-CertPathReviewer.pathLenghtExtended.summary = Zertifizierungspfad ungültig: die Maximale Pfadlänge ist überschritten.
-CertPathReviewer.pathLenghtExtended.details = Zertifizierungspfad ungültig: die Maximale Pfadlänge ist überschritten.
-
-# error reading length constraint from basic constraint extension
-CertPathReviewer.processLengthConstError.title = Prüfen der Pfadlänge fehlgeschlagen
-CertPathReviewer.processLengthConstError.text = Prüfen der Pfadlänge fehlgeschlagen: Es gab einen Fehler bei der Verarbeitung der subject alternative name Erweiterung des Zertifikats. 
-CertPathReviewer.processLengthConstError.summary = Fehler bei der Verarbeitung der subject alternative name Erweiterung.
-CertPathReviewer.processLengthConstError.details = Prüfen der Pfadlänge fehlgeschlagen: Es gab einen Fehler bei der Verarbeitung der subject alternative name Erweiterung des Zertifikats.
-
-
-## path length notifications
-
-# total path length as defined in rfc 3280
-# {0} the path length as Integer
-CertPathReviewer.totalPathLength.title = Totale Pfadlänge
-CertPathReviewer.totalPathLength.text = Die totale Pfadlänge ohne self-signed Zertifikate ist {0}.
-CertPathReviewer.totalPathLength.summary = Die totale Pfadlänge ohne self-signed Zertifikate ist {0}.
-CertPathReviewer.totalPathLength.details = Die totale Pfadlänge ohne self-signed Zertifikate, wie beschrieben in RFC 3280, ist {0}.
-
-
-## critical extensions errors
-
-# one unknown critical extension
-# {0} extension as String
-CertPathReviewer.unknownCriticalExt.title = Unbekannte kritische Erweiterung
-CertPathReviewer.unknownCriticalExt.text = Das Zertifikat enhält eine unbekannte kritische Erweiterung mit der OID {0}.
-CertPathReviewer.unknownCriticalExt.summary = Unbekannte kritische Erweiterung: {0}.
-CertPathReviewer.unknownCriticalExt.details = Das Zertifikat enhält eine unbekannte kritische Erweiterung mit der OID {0}.
-
-# more unknown critical extensions
-# {0} extensions as Set of Strings
-CertPathReviewer.unknownCriticalExts.title = Unbekannte kritische Erweiterung
-CertPathReviewer.unknownCriticalExts.text = Das Zertifikat enhält zwei oder mehr unbekannte kritische Erweiterungen mit den OIDs {0}.
-CertPathReviewer.unknownCriticalExts.summary = Unbekannte kritische Erweiterungen: {0}.
-CertPathReviewer.unknownCriticalExts.details = Das Zertifikat enhält zwei oder mehr unbekannte kritische Erweiterungen mit den OIDs {0}.
-
-# error processing critical extension
-# {0} the message of the underlying exception
-# {1} the underlying exception
-# {2} the name of the exception
-CertPathReviewer.criticalExtensionError.title = Fehler bei der Verarbeitung einer kritischen Erweiterung
-CertPathReviewer.criticalExtensionError.text = Fehler bei der Verarbeitung einer kritischen Erweiterung. Es gab eine {2}.
-CertPathReviewer.criticalExtensionError.summary = Fehler bei der Verarbeitung einer kritischen Erweiterung. Es gab eine {2}.
-CertPathReviewer.criticalExtensionError.details = Fehler bei der Verarbeitung einer kritischen Erweiterung. Es gab eine {2}. Grund: {0}.
-
-# error initializing the certpath checkers
-# {0} the message of the underlying exception
-# {1} the underlying exception
-# {2} the name of the exception
-CertPathReviewer.certPathCheckerError.title = Prüfen der kritischen Erweiterungen fehlgeschlagen
-CertPathReviewer.certPathCheckerError.text = Prüfen der kritischen Erweiterungen fehlgeschlagen: Es gab eine {2} bei der Initialisierung eines CertPathChecker.
-CertPathReviewer.certPathCheckerError.summary = Prüfen der kritischen Erweiterungen fehlgeschlagen: {2} bei der Initialisierung eines CertPathChecker.
-CertPathReviewer.certPathCheckerError.details = Prüfen der kritischen Erweiterungen fehlgeschlagen: Es gab eine {2} bei der Initialisierung eines CertPathChecker. Grund: {0}
-
-
-## check signature errors
-
-CertPathReviewer.rootKeyIsValidButNotATrustAnchor.title = rootKeyIsValidButNotATrustAnchor
-CertPathReviewer.rootKeyIsValidButNotATrustAnchor.text = Das Zertifikat hat eine gültige Signatur, ist aber kein vertrauenswürdiges Root Zertifikat.
-CertPathReviewer.rootKeyIsValidButNotATrustAnchor.summary = Das Zertifikat hat eine gültige Signatur, ist aber kein vertrauenswürdiges Root Zertifikat.
-CertPathReviewer.rootKeyIsValidButNotATrustAnchor.details = Das Zertifikat hat eine gültige Signatur, ist aber kein vertrauenswürdiges Root Zertifikat.
-
-# trustanchor found, but certificate validation failed
-CertPathReviewer.trustButInvalidCert.title = Vertrauenswürdiges Root Zertifikat invalid
-CertPathReviewer.trustButInvalidCert.text = Ein Root Zertifikat wurde gefunden. Es hat aber einen anderen öffentlichen Schlüssel als verwendet wurde um das erste Zertifikat des Zertifizierungspfades zu signieren.
-CertPathReviewer.trustButInvalidCert.summary = Ein Root Zertifikat wurde gefunden. Es hat aber einen anderen öffentlichen Schlüssel als verwendet wurde um das erste Zertifikat des Zertifizierungspfades zu signieren.
-CertPathReviewer.trustButInvalidCert.details = Ein Root Zertifikat wurde gefunden. Es hat aber einen anderen öffentlichen Schlüssel als verwendet wurde um das erste Zertifikat des Zertifizierungspfades zu signieren.
-
-# trustanchor - cannot extract issuer
-CertPathReviewer.trustAnchorIssuerError.title = Kann kein vertrauenswürdiges Root Zertifikat finden
-CertPathReviewer.trustAnchorIssuerError.text = Kann kein vertrauenswürdiges Root Zertifikat finden: Der Herausgeber vom Zertifikat kann nicht auslesen werden.
-CertPathReviewer.trustAnchorIssuerError.summary = Kann kein vertrauenswürdiges Root Zertifikat finden: Der Herausgeber vom Zertifikat kann nicht auslesen werden.
-CertPathReviewer.trustAnchorIssuerError.details = Kann kein vertrauenswürdiges Root Zertifikat finden: Der Herausgeber vom Zertifikat kann nicht auslesen werden.
-
-# no trustanchor was found for the certificate path
-# {0} issuer of the root certificate of the path
-# {1} number of trusted root certificates (trustanchors) provided
-CertPathReviewer.noTrustAnchorFound.title = Kein vertrauenswürdiges Root Zertifikat gefunden
-CertPathReviewer.noTrustAnchorFound.text = Das Root Zertifikat der Zertifizierungspfads wurde nicht von einer vertrauenswürdigen CA ausgestellt. Der Name der CA ist "{0}".
-CertPathReviewer.noTrustAnchorFound.summary = Das Root Zertifikat der Zertifizierungspfads wurde nicht von einer vertrauenswürdigen CA ausgestellt.
-CertPathReviewer.noTrustAnchorFound.details = Das Root Zertifikat der Zertifizierungspfads wurde nicht von einer vertrauenswürdigen CA ausgestellt. Der Name der CA ist "{0}". Der Root-Zertifikat-Speicher enthält {1} CA(s).
-
-# conflicting trust anchors
-# {0} number of trustanchors found (Integer)
-# {1} the ca name
-CertPathReviewer.conflictingTrustAnchors.title = Korrupter Root-Zertifikat-Speicher
-CertPathReviewer.conflictingTrustAnchors.text = Warnung: Es sind {0} öffentliche Schlüssel für die CA "{1}" im Root-Zertifikat-Speicher vorhanden - bitte prüfen Sie mit der CA welches der richtige Schlüssel ist.
-CertPathReviewer.conflictingTrustAnchors.summary = Warnung: Es sind {0} öffentliche Schlüssel für die CA "{1}" im Root-Zertifikat-Speicher vorhanden - bitte prüfen Sie mit der CA welches der richtige Schlüssel ist.
-CertPathReviewer.conflictingTrustAnchors.details = Warnung: Es sind {0} öffentliche Schlüssel für die CA "{1}" im Root-Zertifikat-Speicher vorhanden - bitte prüfen Sie mit der CA welches der richtige Schlüssel ist.
-
-# trustanchor DN is invalid
-# {0} DN of the Trustanchor
-CertPathReviewer.trustDNInvalid.title = DN des vertrauenswürdigen Root Zertifikats mit falschem Format.
-CertPathReviewer.trustDNInvalid.text = Der DN des vertrauenswürdigen Root Zertifikats hat ein falsches Format: {0}.
-CertPathReviewer.trustDNInvalid.summary = Der DN des vertrauenswürdigen Root Zertifikats hat ein falsches Format: {0}.
-CertPathReviewer.trustDNInvalid.details = Der DN des vertrauenswürdigen Root Zertifikats hat ein falsches Format: {0}. Es ist kein gültiger X.500 Name. Siehe RFC 1779 oder RFC 2253. 
-
-# trustanchor public key algorithm error
-CertPathReviewer.trustPubKeyError.title = Fehler bei der Verarbeitung des öffentlichen Schlüssels der vertrauenswürdigen Root Zertifikats
-CertPathReviewer.trustPubKeyError.text = Fehler bei der Verarbeitung des öffentlichen Schlüssels der vertrauenswürdigen Root Zertifikats.
-CertPathReviewer.trustPubKeyError.summary = Fehler bei der Verarbeitung des öffentlichen Schlüssels der vertrauenswürdigen Root Zertifikats.
-CertPathReviewer.trustPubKeyError.details = Fehler bei der Verarbeitung des öffentlichen Schlüssels der vertrauenswürdigen Root Zertifikats. Der AlorithmIdentifier vom Schlüssel kann nicht ausgelesen werden.
-
-# can not verifiy signature: issuer public key unknown
-CertPathReviewer.NoIssuerPublicKey.title = Zertifikats Signatur kann nicht geprüft werden 
-CertPathReviewer.NoIssuerPublicKey.text = Die Zertifikats Signatur kann nicht geprüft werden: Der öffentliche Schlüssel des Herausgebers ist unbekannt.
-CertPathReviewer.NoIssuerPublicKey.summary = Die Zertifikats Signatur kann nicht geprüft werden: Der öffentliche Schlüssel des Herausgebers ist unbekannt.
-CertPathReviewer.NoIssuerPublicKey.details = Die Zertifikats Signatur kann nicht geprüft werden: Der öffentliche Schlüssel des Herausgebers ist unbekannt.
-
-# signature can not be verified
-# {0} message of the underlying exception (english)
-# {1} the underlying exception
-# {2} the name of the exception
-CertPathReviewer.signatureNotVerified.title = Zertifikats Signatur ist ungültig
-CertPathReviewer.signatureNotVerified.text = Die Zertifikats Signatur ist ungültig. Es gab eine {2}.
-CertPathReviewer.signatureNotVerified.summary = Die Zertifikats Signatur ist ungültig.
-CertPathReviewer.signatureNotVerified.details = Die Zertifikats Signatur ist ungültig. Es gab eine {2}. Grund: {0}
-
-# certificate expired
-# {0} the date the certificate expired 
-CertPathReviewer.certificateExpired.title = Zertifikat ist abgelaufen
-CertPathReviewer.certificateExpired.text = Das Zertifikat ist ungültig. Es ist am {0,date} {0,time,full} abgelaufen.
-CertPathReviewer.certificateExpired.summary = Das Zertifikat ist abgelaufen am {0,date} {0,time,full}.
-CertPathReviewer.certificateExpired.details = Das Zertifikat ist ungültig. Es ist am {0,date} {0,time,full} abgelaufen. 
-
-# certificate not yet valid
-# {0} the date from which on the certificate is valid
-CertPathReviewer.certificateNotYetValid.title = Das Zertifikat ist noch nicht gültig
-CertPathReviewer.certificateNotYetValid.text = Das Zertifikat ist ungültig. Es ist erst gültig ab {0,date} {0,time,full}.
-CertPathReviewer.certificateNotYetValid.summary = Das Zertifikat ist nicht gültig bis {0,date} {0,time,full}.
-CertPathReviewer.certificateNotYetValid.details = Das Zertifikat ist ungültig. Es ist erst gültig ab {0,date} {0,time,full}. 
-
-# certificate invalid issuer DN
-# {0} expected issuer DN as String
-# {1} found issuer DN as String
-CertPathReviewer.certWrongIssuer.title = Falscher Herausgeber
-CertPathReviewer.certWrongIssuer.text = Das Herausgeber des Zertifikats ist ungültig. Erwartet {0}, gefunden {1}. 
-CertPathReviewer.certWrongIssuer.summary = Das Herausgeber des Zertifikats ist ungültig. 
-CertPathReviewer.certWrongIssuer.details = Das Herausgeber des Zertifikats ist ungültig. Erwartet {0}, gefunden {1}.
-
-# intermediate certificate is no ca cert
-CertPathReviewer.noCACert.title = Zertifikat ist kein CA Zertifikat
-CertPathReviewer.noCACert.text = Das Zertifikat ist kein CA Zertifikat.
-CertPathReviewer.noCACert.summary = Das Zertifikat ist kein CA Zertifikat.
-CertPathReviewer.noCACert.details = Das Zertifikat ist kein CA Zertifikat, wird aber wie eines gebraucht.
-
-# cert laks basic constraints
-CertPathReviewer.noBasicConstraints.title = Zertifikat hat keine Basiseinschränkungen
-CertPathReviewer.noBasicConstraints.text = Das Zertifikat hat keine Basiseinschränkungen.
-CertPathReviewer.noBasicConstraints.summary = Das Zertifikat hat keine Basiseinschränkungen.
-CertPathReviewer.noBasicConstraints.details = Das Zertifikat hat keine Basiseinschränkungen.
-
-# error processing basic constraints
-CertPathReviewer.errorProcesingBC.title = Fehler bei der Verarbeitung der Basiseinschränkungen
-CertPathReviewer.errorProcesingBC.text = Es gab einen Fehler bei der Verarbeitung der Basiseinschränkungen des Zertifikats.
-CertPathReviewer.errorProcesingBC.summary = Fehler bei der Verarbeitung der Basiseinschränkungen 
-CertPathReviewer.errorProcesingBC.details = Es gab einen Fehler bei der Verarbeitung der Basiseinschränkungen des Zertifikats.
-
-# certificate not usable for signing certs
-CertPathReviewer.noCertSign.title = Schlüssel nicht nutzbar für Zertifikatssignaturen
-CertPathReviewer.noCertSign.text = Der Schlüssel kann nicht zum Signieren von Zertifikaten verwendet werden.
-CertPathReviewer.noCertSign.summary = Der Schlüssel kann nicht zum Signieren von Zertifikaten verwendet werden.
-CertPathReviewer.noCertSign.details = Der Schlüssel kann nicht zum Signieren von Zertifikaten verwendet werden.
-
-# error processing public key
-CertPathReviewer.pubKeyError.title = Fehler bei der Verarbeitung des öffentlichen Schlüssels
-CertPathReviewer.pubKeyError.text = Fehler bei der Verarbeitung des öffentlichen Schlüssels des Zertifikats.
-CertPathReviewer.pubKeyError.summary = Fehler bei der Verarbeitung des öffentlichen Schlüssels des Zertifikats.
-CertPathReviewer.pubKeyError.details = Fehler bei der Verarbeitung des öffentlichen Schlüssels des Zertifikats. Der AlorithmIdentifier konnte nicht extrahiert werden.
-
-
-## check signatures notifications
-
-#
-# trust anchor has no keyusage certSign
-CertPathReviewer.trustKeyUsage.title = Root-Zertifikat Schlüsselverwendung
-CertPathReviewer.trustKeyUsage.text = Das Root-Zertifikat darf nicht zum Signieren von Zertifikaten verwendet werden.
-CertPathReviewer.trustKeyUsage.summary = Das Root-Zertifikat darf nicht zum Signieren von Zertifikaten verwendet werden.
-CertPathReviewer.trustKeyUsage.details = Das Root-Zertifikat darf nicht zum Signieren von Zertifikaten verwendet werden.
-
-# certificate path validation date
-# {0} date for which the cert path is validated
-# {1} current date
-CertPathReviewer.certPathValidDate.title = Datum der Zertifikatspfad Validierung
-CertPathReviewer.certPathValidDate.text = Der Zertifikatspfad wurde am {0,date} {0,time,full} angewendet. Er wurde am {1,date} {1,time,full} geprüft.
-CertPathReviewer.certPathValidDate.summary = Der Zertifikatspfad wurde am {0,date} {0,time,full} angewendet. Er wurde am {1,date} {1,time,full} geprüft.
-CertPathReviewer.certPathValidDate.details = Der Zertifikatspfad wurde am {0,date} {0,time,full} angewendet. Er wurde am {1,date} {1,time,full} geprüft.
-
-
-## check policy errors
-
-# error processing certificate policy extension
-CertPathReviewer.policyExtError.title = Prüfen der Policy fehlgeschlagen
-CertPathReviewer.policyExtError.text = Prüfen der Policy fehlgeschlagen: Es gab einen Fehler bei der Verarbeitung der Policy Erweiterung. 
-CertPathReviewer.policyExtError.summary = Fehler bei der Verarbeitung der Policy Erweiterung.
-CertPathReviewer.policyExtError.details = Prüfen der Policy fehlgeschlagen: Es gab einen Fehler bei der Verarbeitung der Policy Erweiterung. 
-
-# error processing policy constraints extension
-CertPathReviewer.policyConstExtError.title = Prüfen der Policy fehlgeschlagen
-CertPathReviewer.policyConstExtError.text = Prüfen der Policy fehlgeschlagen: Es gab einen Fehler bei der Verarbeitung der Policy Constraints Erweiterung.
-CertPathReviewer.policyConstExtError.summary = Fehler bei der Verarbeitung der Policy Constraints Erweiterung.
-CertPathReviewer.policyConstExtError.details = Prüfen der Policy fehlgeschlagen: Es gab einen Fehler bei der Verarbeitung der Policy Constraints Erweiterung.
-
-# error processing policy mapping extension
-CertPathReviewer.policyMapExtError.title = Prüfen der Policy fehlgeschlagen
-CertPathReviewer.policyMapExtError.text = Prüfen der Policy fehlgeschlagen: Es gab einen Fehler bei der Verarbeitung der Policy Mapping Erweiterung.
-CertPathReviewer.policyMapExtError.summary = Fehler bei der Verarbeitung der Policy Mapping Erweiterung.
-CertPathReviewer.policyMapExtError.details = Prüfen der Policy fehlgeschlagen: Es gab einen Fehler bei der Verarbeitung der Policy Mapping Erweiterung.
-
-# error processing inhibit any policy extension
-CertPathReviewer.policyInhibitExtError.title = Prüfen der Policy fehlgeschlagen
-CertPathReviewer.policyInhibitExtError.text = Prüfen der Policy fehlgeschlagen: Es gab einen Fehler bei der Verarbeitung der Inhibit Any Policy Erweiterung.
-CertPathReviewer.policyInhibitExtError.summary = Fehler bei der Verarbeitung der Inhibit Any Policy Erweiterung.
-CertPathReviewer.policyInhibitExtError.details = Prüfen der Policy fehlgeschlagen: Es gab einen Fehler bei der Verarbeitung der Inhibit Any Policy Erweiterung.
-
-# error building qualifier set
-CertPathReviewer.policyQualifierError.title = Prüfen der Policy fehlgeschlagen
-CertPathReviewer.policyQualifierError.text = Prüfen der Policy fehlgeschlagen: Fehler beim erstellen des Policy Qualifier Set.
-CertPathReviewer.policyQualifierError.summary = Prüfen der Policy fehlgeschlagen: Fehler beim erstellen des Policy Qualifier Set.
-CertPathReviewer.policyQualifierError.details = Prüfen der Policy fehlgeschlagen: Fehler beim erstellen des Policy Qualifier Set.
-
-# no valid policy tree - explicit policy required
-CertPathReviewer.noValidPolicyTree.title = Prüfen der Policy fehlgeschlagen
-CertPathReviewer.noValidPolicyTree.text = Prüfen der Policy fehlgeschlagen: Kein gültiger Policy Baum gefunden, als einer erwartet wurde.
-CertPathReviewer.noValidPolicyTree.summary = Prüfen der Policy fehlgeschlagen: Kein gültiger Policy Baum gefunden, als einer erwartet wurde.
-CertPathReviewer.noValidPolicyTree.details = Prüfen der Policy fehlgeschlagen: Kein gültiger Policy Baum gefunden, als einer erwartet wurde.
-
-# expicit policy requested, but no policy available
-CertPathReviewer.explicitPolicy.title = Prüfen der Policy fehlgeschlagen
-CertPathReviewer.explicitPolicy.text = Prüfen der Policy fehlgeschlagen: Policy verlang, aber keine Policy vorhanden.
-CertPathReviewer.explicitPolicy.summary = Prüfen der Policy fehlgeschlagen: Policy verlang, aber keine Policy vorhanden.
-CertPathReviewer.explicitPolicy.details = Prüfen der Policy fehlgeschlagen: Policy verlang, aber keine Policy vorhanden.
-
-# path processing failed on policy
-CertPathReviewer.invalidPolicy.title = Pfad Validierung wegen der Policy fehlgeschlagen
-CertPathReviewer.invalidPolicy.text = Pfad Validierung wegen der Policy fehlgeschlagen.
-CertPathReviewer.invalidPolicy.summary = Pfad Validierung wegen der Policy fehlgeschlagen.
-CertPathReviewer.invalidPolicy.details = Pfad Validierung wegen der Policy fehlgeschlagen.
-
-# invalid policy mapping
-CertPathReviewer.invalidPolicyMapping.title = Ungültiges Policy Mapping 
-CertPathReviewer.invalidPolicyMapping.text = Das Zertifikat enthält ein Ungültiges Policy Mapping.
-CertPathReviewer.invalidPolicyMapping.summary = Das Zertifikat enthält ein Ungültiges Policy Mapping. 
-CertPathReviewer.invalidPolicyMapping.details = Das Zertifikat enthält ein Ungültiges Policy Mapping, das den Wert Any Policy enthält.
-
-## check CRL notifications
-
-# found local valid CRL
-# {0} thisUpdate of the CRL
-# {1} nextUpdate of the CRL
-CertPathReviewer.localValidCRL.title = Gültige Zertifikatssperrliste (CRL) gefunden
-CertPathReviewer.localValidCRL.text = Gültige Zertifikatssperrliste (CRL) im lokalen Speicher gefunden. Herausgegeben am {0,date}, nächstes Update am {1,date}.
-CertPathReviewer.localValidCRL.summary = Gültige Zertifikatssperrliste (CRL) im lokalen Speicher gefunden. Herausgegeben am {0,date}, nächstes Update am {1,date}.
-CertPathReviewer.localValidCRL.details = Gültige Zertifikatssperrliste (CRL) im lokalen Speicher gefunden. Herausgegeben am {0,date}, nächstes Update am {1,date}.
-
-
-# found matching CRL, but not valid
-# {0} thisUpdate of the CRL
-# {1} nextUpdate of the CRL
-CertPathReviewer.localInvalidCRL.title = Lokale Zertifikatssperrliste (CRL) veraltet
-CertPathReviewer.localInvalidCRL.text = Eine lokale Zertifikatssperrliste (CRL) wurde nicht genutzt, da sie veraltet ist. Herausgegeben am {0,date}, nächstes Update am {1,date}.
-CertPathReviewer.localInvalidCRL.summary = Eine lokale Zertifikatssperrliste (CRL) wurde nicht genutzt, da sie veraltet ist. Herausgegeben am {0,date}, nächstes Update am {1,date}.
-CertPathReviewer.localInvalidCRL.details = Eine lokale Zertifikatssperrliste (CRL) wurde nicht genutzt, da sie veraltet ist. Herausgegeben am {0,date}, nächstes Update am {1,date}.
-
-# found a valid crl at crl distribution point
-# {0} thisUpdate of the CRL
-# {1} nextUpdate of the CRL
-# {2} the url of the distribution point
-CertPathReviewer.onlineValidCRL.title = Gültige Zertifikatssperrliste (CRL) von einem CDP
-CertPathReviewer.onlineValidCRL.text = Gültige Zertifikatssperrliste (CRL) gefunden von: {2}. Herausgegeben am {0,date}, nächstes Update am {1,date}.
-CertPathReviewer.onlineValidCRL.summary = Gültige Zertifikatssperrliste (CRL) gefunden von: {2}. Herausgegeben am {0,date}, nächstes Update am {1,date}.
-CertPathReviewer.onlineValidCRL.details = Gültige Zertifikatssperrliste (CRL) gefunden von: {2}. Herausgegeben am {0,date}, nächstes Update am {1,date}.
-
-# found an invalid CRL at crl distribution point
-# {0} thisUpdate of the CRL
-# {1} nextUpdate of the CRL
-# {2} the url of the distribution point
-CertPathReviewer.onlineInvalidCRL.title = Veraltete Zertifikatssperrliste (CRL) von einem CDP
-CertPathReviewer.onlineInvalidCRL.text = Die Zertifikatssperrliste (CRL) von {2} ist veraltet. Herausgegeben am {0,date}, nächstes Update am {1,date}.
-CertPathReviewer.onlineInvalidCRL.summary = Die Zertifikatssperrliste (CRL) von {2} ist veraltet. Herausgegeben am {0,date}, nächstes Update am {1,date}.
-CertPathReviewer.onlineInvalidCRL.details = Die Zertifikatssperrliste (CRL) von {2} ist veraltet. Herausgegeben am {0,date}, nächstes Update am {1,date}.
-
-#found a CRL at a crl distribution point, but issued by another CA
-# {0} issuer of the CRL
-# {1} expected issuer
-# {2} the url of the distribution point
-CertPathReviewer.onlineCRLWrongCA.title = Zertifikatssperrliste (CRL) von CDP mit falschem Herausgeber
-CertPathReviewer.onlineCRLWrongCA.text = Die Zertifikatssperrliste (CRL) von {2} wurde von {0} herausgegeben, erwartet wurde {1}.
-CertPathReviewer.onlineCRLWrongCA.summary = Die Zertifikatssperrliste (CRL) von {2} hat einen falschen Herausgeber.
-CertPathReviewer.onlineCRLWrongCA.details = Die Zertifikatssperrliste (CRL) von {2} wurde von {0} herausgegeben, erwartet wurde {1}.
-
-# Certificate not revoked
-CertPathReviewer.notRevoked.title = Zertifikat nicht revoziert
-CertPathReviewer.notRevoked.text = Das Zertifikat ist nicht revoziert.
-CertPathReviewer.notRevoked.summary = Das Zertifikat ist nicht revoziert.
-CertPathReviewer.notRevoked.details = Das Zertifikat ist nicht revoziert.
-
-# CRL found: certificate was revoked, but after the validationDate
-# {0} the date the certificate was revoked
-# {1} the reason for revoking the certificate
-CertPathReviewer.revokedAfterValidation.title = Zertifikat revoziert nach dem Validierungdatum
-CertPathReviewer.revokedAfterValidation.text = Das Zertifikat wurde nach dem Validierungdatum am {0,date} {0,time,full} revoziert. Grund: {1}.
-CertPathReviewer.revokedAfterValidation.summary = Das Zertifikat wurde nach dem Validierungdatum am {0,date} {0,time,full} revoziert.
-CertPathReviewer.revokedAfterValidation.details = Das Zertifikat wurde nach dem Validierungdatum am {0,date} {0,time,full} revoziert. Grund: {1}.
-
-# updated crl available
-# {0} date since when the update is available
-CertPathReviewer.crlUpdateAvailable.title = Zertifikatssperrlisten (CRL) Update erhältlich
-CertPathReviewer.crlUpdateAvailable.text = Ein Update für die Zertifikatssperrliste (CRL) für dieses Zertifikat ist erhältlich seit {0,date} {0,time,full}.
-CertPathReviewer.crlUpdateAvailable.summary = Ein Update für die Zertifikatssperrliste (CRL) für dieses Zertifikat ist erhältlich seit {0,date} {0,time,full}.
-CertPathReviewer.crlUpdateAvailable.details = Ein Update für die Zertifikatssperrliste (CRL) für dieses Zertifikat ist erhältlich seit {0,date} {0,time,full}.
-
-# crl distribution point url
-# {0} the crl distribution point url as String
-CertPathReviewer.crlDistPoint.title = CDP
-CertPathReviewer.crlDistPoint.text = Eine Zertifikatssperrliste (CRL) kann von {0} geladen werden.
-CertPathReviewer.crlDistPoint.summary = Eine Zertifikatssperrliste (CRL) kann von {0} geladen werden.
-CertPathReviewer.crlDistPoint.details = Eine Zertifikatssperrliste (CRL) kann von {0} geladen werden.
-
-# ocsp location
-# {0} the url on which the ocsp service can be found
-CertPathReviewer.ocspLocation.title = OCSP Server 
-CertPathReviewer.ocspLocation.text = OCSP Server: {0}.
-CertPathReviewer.ocspLocation.summary = OCSP Server: {0}.
-CertPathReviewer.ocspLocation.details = OCSP Server: {0}.
-
-# unable to get crl from crl distribution point
-# {0} the url of the distribution point
-# {1} the message of the occurred exception
-# {2} the occurred exception
-# {3} the name of the exception
-CertPathReviewer.loadCrlDistPointError.title = Kann Zertifikatssperrliste (CRL) nicht von CDP laden
-CertPathReviewer.loadCrlDistPointError.text = Kann die Zertifikatssperrliste (CRL) von {0} nicht laden. Es gab eine {2}.
-CertPathReviewer.loadCrlDistPointError.summary = Kann die Zertifikatssperrliste (CRL) von {0} nicht laden. Es gab eine {2}.
-CertPathReviewer.loadCrlDistPointError.details = Kann die Zertifikatssperrliste (CRL) von {0} nicht laden. Es gab eine {2}. Grund: {1}.
-
-# no crl found in certstores
-# {0} the issuers which we searched for
-# {1} list of crl issuer names that are found in the certstores
-# {2} number of crls in the certstores
-CertPathReviewer.noCrlInCertstore.title = Keine Zertifikatssperrliste (CRL) im lokalen Speicher
-CertPathReviewer.noCrlInCertstore.text = Es wurde keine Zertifikatssperrliste (CRL) im lokalen Speicher gefunden.
-CertPathReviewer.noCrlInCertstore.summary = Es wurde keine Zertifikatssperrliste (CRL) im lokalen Speicher gefunden.
-CertPathReviewer.noCrlInCertstore.details = Es wurde keine Zertifikatssperrliste (CRL) für den Herausgeber {0} im lokalen Speicher gefunden. \
-Die {2} Zertifikatssperrlisten im lokalen Speicher wurden hearusgegeben von {1}.
-
-
-## check CRL exceptions
-
-# cannot extract issuer from certificate
-CertPathReviewer.crlIssuerException.title = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen
-CertPathReviewer.crlIssuerException.text = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Kann den Herausgeber vom Zertifikat nicht extrahieren.
-CertPathReviewer.crlIssuerException.summary = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Kann den Herausgeber vom Zertifikat nicht extrahieren.
-CertPathReviewer.crlIssuerException.details = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Kann den Herausgeber vom Zertifikat nicht extrahieren.
-
-# cannot extract crls
-# {0} message from the underlying exception
-# {1} the underlying exception
-# {2} the name of the exception
-CertPathReviewer.crlExtractionError.title = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen
-CertPathReviewer.crlExtractionError.text = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Es gab eine {2} beim laden der Zertifikatssperrliste (CRL) aus dem lokalen Speicher.
-CertPathReviewer.crlExtractionError.summary = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Es gab eine {2} beim laden der Zertifikatssperrliste (CRL) aus dem lokalen Speicher.
-CertPathReviewer.crlExtractionError.details = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Es gab eine {2} beim laden der Zertifikatssperrliste (CRL) aus dem lokalen Speicher. Grund: {0}.
-
-# Issuer certificate key usage extension does not permit crl signing
-CertPathReviewer.noCrlSigningPermited.title = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen
-CertPathReviewer.noCrlSigningPermited.text = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Das Herausgeber Zertifikat erlaubt keine Signieren von Zertifikatssperrlisten (CRL).
-CertPathReviewer.noCrlSigningPermited.summary = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Das Herausgeber Zertifikat erlaubt keine Signieren von Zertifikatssperrlisten (CRL).
-CertPathReviewer.noCrlSigningPermited.details = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Das Herausgeber Zertifikat erlaubt keine Signieren von Zertifikatssperrlisten (CRL).
-
-# can not verify crl: issuer public key unknown
-CertPathReviewer.crlNoIssuerPublicKey.title = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen
-CertPathReviewer.crlNoIssuerPublicKey.text = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Kann die Zertifikatssperrliste (CRL) nicht verifizieren. Der öffentliche Schlüssel des Herausgebers ist unbekannt.
-CertPathReviewer.crlNoIssuerPublicKey.summary = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Kann die Zertifikatssperrliste (CRL) nicht verifizieren. Der öffentliche Schlüssel des Herausgebers ist unbekannt.
-CertPathReviewer.crlNoIssuerPublicKey.details = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Kann die Zertifikatssperrliste (CRL) nicht verifizieren. Der öffentliche Schlüssel des Herausgebers ist unbekannt.
-
-# crl verification failed
-CertPathReviewer.crlVerifyFailed.title = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen
-CertPathReviewer.crlVerifyFailed.text = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Die Signatur der Zertifikatssperrliste (CRL) ist ungültig.
-CertPathReviewer.crlVerifyFailed.summary = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Die Signatur der Zertifikatssperrliste (CRL) ist ungültig.
-CertPathReviewer.crlVerifyFailed.details = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Die Signatur der Zertifikatssperrliste (CRL) ist ungültig.
-
-# no valid CRL found
-CertPathReviewer.noValidCrlFound.title = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen
-CertPathReviewer.noValidCrlFound.text = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: keine gültige Zertifikatssperrliste (CRL) gefunden.
-CertPathReviewer.noValidCrlFound.summary = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: keine gültige Zertifikatssperrliste (CRL) gefunden.
-CertPathReviewer.noValidCrlFound.details = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: keine gültige Zertifikatssperrliste (CRL) gefunden.
-
-# No base CRL for delta CRL
-CertPathReviewer.noBaseCRL.title = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen
-CertPathReviewer.noBaseCRL.text = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: keine Basis CRL für die Delta CRL gefunden.
-CertPathReviewer.noBaseCRL.summary = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: keine Basis CRL für die Delta CRL gefunden.
-CertPathReviewer.noBaseCRL.details = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: keine Basis CRL für die Delta CRL gefunden.
-
-# certificate revoked
-# {0} the date the certificate was revoked
-# {1} the reason for revoking the certificate
-CertPathReviewer.certRevoked.title = Zertifikat wurde revoziert
-CertPathReviewer.certRevoked.text = Das Zertifikat wurde am {0,date} {0,time,full} revoziert. Grund: {1}.
-CertPathReviewer.certRevoked.summary = Das Zertifikat wurde am {0,date} {0,time,full} revoziert.
-CertPathReviewer.certRevoked.details = Das Zertifikat wurde am {0,date} {0,time,full} revoziert. Grund: {1}.
-
-# error processing issuing distribution point extension
-CertPathReviewer.distrPtExtError.title = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen
-CertPathReviewer.distrPtExtError.text = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Es gab einen Fehler bei der Verarbeitung der Issuing Distribution Point Erweiterung. 
-CertPathReviewer.distrPtExtError.summary = Fehler bei der Verarbeitung der Issuing Distribution Point Erweiterung.
-CertPathReviewer.distrPtExtError.details = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Es gab einen Fehler bei der Verarbeitung der Issuing Distribution Point Erweiterung.
-
-# error processing crl distribution points extension
-CertPathReviewer.crlDistPtExtError.title = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen
-CertPathReviewer.crlDistPtExtError.text = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Es gab einen Fehler bei der Verarbeitung der CRL Distribution Points Erweiterung.
-CertPathReviewer.crlDistPtExtError.summary = Fehler bei der Verarbeitung der CRL Distribution Points Erweiterung.
-CertPathReviewer.crlDistPtExtError.details = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Es gab einen Fehler bei der Verarbeitung der CRL Distribution Points Erweiterung.
-
-# error processing the authority info access extension
-CertPathReviewer.crlAuthInfoAccError.title = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen
-CertPathReviewer.crlAuthInfoAccError.text = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Es gab einen Fehler bei der Verarbeitung der Authority Info Access Erweiterung.
-CertPathReviewer.crlAuthInfoAccError.summary = Fehler bei der Verarbeitung der Authority Info Access Erweiterung.
-CertPathReviewer.crlAuthInfoAccError.details = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Es gab einen Fehler bei der Verarbeitung der Authority Info Access Erweiterung.
-
-# error processing delta crl indicator extension
-CertPathReviewer.deltaCrlExtError.title = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen
-CertPathReviewer.deltaCrlExtError.text = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Es gab einen Fehler bei der Verarbeitung der Delta CRL Indicator Erweiterung. 
-CertPathReviewer.deltaCrlExtError.summary = Fehler bei der Verarbeitung der Delta CRL Indicator Erweiterung.
-CertPathReviewer.deltaCrlExtError.details = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Es gab einen Fehler bei der Verarbeitung der Delta CRL Indicator Erweiterung.
-
-# error porcessing crl number extension
-CertPathReviewer.crlNbrExtError.title = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen
-CertPathReviewer.crlNbrExtError.text = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Es gab einen Fehler bei der Verarbeitung der CRL Number Erweiterung.
-CertPathReviewer.crlNbrExtError.summary = Fehler bei der Verarbeitung der CRL Number Erweiterung.
-CertPathReviewer.crlNbrExtError.details = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Es gab einen Fehler bei der Verarbeitung der CRL Number Erweiterung.
-
-# error processing crl reason code extension
-CertPathReviewer.crlReasonExtError.title = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen
-CertPathReviewer.crlReasonExtError.text = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Es gab einen Fehler bei der Verarbeitung der CRL Reason Code Erweiterung.
-CertPathReviewer.crlReasonExtError.summary = Fehler bei der Verarbeitung der CRL Reason Code Erweiterung.
-CertPathReviewer.crlReasonExtError.details = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Es gab einen Fehler bei der Verarbeitung der CRL Reason Code Erweiterung.
-
-# error processing basic constraints extension
-CertPathReviewer.crlBCExtError.title = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen
-CertPathReviewer.crlBCExtError.text = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Es gab einen Fehler bei der Verarbeitung der CRL Reason Code Erweiterung.
-CertPathReviewer.crlBCExtError.summary = Fehler bei der Verarbeitung der CRL Reason Code Erweiterung.
-CertPathReviewer.crlBCExtError.details = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Es gab einen Fehler bei der Verarbeitung der CRL Reason Code Erweiterung.
-
-# CA Cert CRL only contains user certificates
-CertPathReviewer.crlOnlyUserCert.title = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen
-CertPathReviewer.crlOnlyUserCert.text = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Die Zertifikatssperrliste (CRL) enthält nur User Zertifikate.
-CertPathReviewer.crlOnlyUserCert.summary = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Die Zertifikatssperrliste (CRL) enthält nur User Zertifikate.
-CertPathReviewer.crlOnlyUserCert.details = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Die Zertifikatssperrliste (CRL) enthält nur User Zertifikate.
-
-# End CRL only contains CA certificates
-CertPathReviewer.crlOnlyCaCert.title = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen
-CertPathReviewer.crlOnlyCaCert.text = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Die Zertifikatssperrliste (CRL) enthält nur CA Zertifikate.
-CertPathReviewer.crlOnlyCaCert.summary = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Die Zertifikatssperrliste (CRL) enthält nur CA Zertifikate.
-CertPathReviewer.crlOnlyCaCert.details = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Die Zertifikatssperrliste (CRL) enthält nur CA Zertifikate.
-
-# onlyContainsAttributeCerts boolean is asserted
-CertPathReviewer.crlOnlyAttrCert.title = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen
-CertPathReviewer.crlOnlyAttrCert.text = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Die Zertifikatssperrliste (CRL) enthält nur Attribut Zertifikate.
-CertPathReviewer.crlOnlyAttrCert.summary = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Die Zertifikatssperrliste (CRL) enthält nur Attribut Zertifikate.
-CertPathReviewer.crlOnlyAttrCert.details = Prüfung der Zertifikatssperrliste (CRL) fehlgeschlagen: Die Zertifikatssperrliste (CRL) enthält nur Attribut Zertifikate.
-
-
-## QcStatement notifications
-
-# unkown statement
-# {0} statement OID
-# {1} statement as ANS1Sequence
-CertPathReviewer.QcUnknownStatement.title = Unbekanntes Statement in der QcStatement Erweiterung 
-CertPathReviewer.QcUnknownStatement.text = Unbekanntes Statement in der QcStatement Erweiterung: OID = {0}
-CertPathReviewer.QcUnknownStatement.summary = Unbekanntes Statement in der QcStatement Erweiterung: OID = {0}
-CertPathReviewer.QcUnknownStatement.details = Unbekanntes Statement in der QcStatement Erweiterung: OID = {0}, statement = {1}
-
-# QcLimitValue Alpha currency code
-# {0} currency code
-# {1} limit value
-# {2} monetary value as MonetaryValue
-CertPathReviewer.QcLimitValueAlpha.title = Transaction Value Limit
-CertPathReviewer.QcLimitValueAlpha.text = Dieses Zertifikat hat ein Wertlimite von {1,number, ###,###,###,##0.00#} {0} für Transaktionen.
-CertPathReviewer.QcLimitValueAlpha.summary = Wertlimite von {1,number, ###,###,###,##0.00#} {0} für Transaktionen.
-CertPathReviewer.QcLimitValueAlpha.details = Dieses Zertifikat hat eine Wertlimite für Transaktionen für welche\
- das Zertifikat genutzt werden kann, gemäss der Richtlinie 1999/93/EG des Europäischen Parlaments und\
- des Rates über gemeinschaftliche Rahmenbedingungen für elektronische Signaturen und gemäss der Umsetzung der\
- Richtlinie im Land, das im Herausgeber dieses Zertifikats angegeben ist. Die Limite für diese Zertifikat ist {1,number, ###,###,###,##0.00#} {0}.
-
-# QcLimitValue Numeric currency code
-# {0} currency code
-# {1} limit value
-# {2} monetary value as MonetaryValue
-CertPathReviewer.QcLimitValueNum.title = Transaction Value Limit
-CertPathReviewer.QcLimitValueNum.text = Dieses Zertifikat hat eine Wertlimite für Transaktionen von {1,number, ###,###,###,##0.00#} der Währung {0} (Siehe RFC 4217 für Währungscodes).
-CertPathReviewer.QcLimitValueNum.summary = Wertlimite für Transaktionen von {1,number, ###,###,###,##0.00#} der Währung {0} (Siehe RFC 4217 für Währungscodes).
-CertPathReviewer.QcLimitValueNum.details = Dieses Zertifikat hat eine Wertlimite für Transaktionen für welche\
- das Zertifikat genutzt werden kann, gemäss der Richtlinie 1999/93/EG des Europäischen Parlaments und\
- des Rates über gemeinschaftliche Rahmenbedingungen für elektronische Signaturen und gemäss der Umsetzung der\
- Richtlinie im Land, das im Herausgeber dieses Zertifikats angegeben ist. Die Limite für diese Zertifikat ist {1,number, ###,###,###,##0.00#} der Währung {0} (Siehe RFC 4217 für Währungscodes).
-
-# QcSSCD
-CertPathReviewer.QcSSCD.title = QcSSCD Statement
-CertPathReviewer.QcSSCD.text = (SSCD) Der Herausgeber macht geltend, dass der Private Schlüssel, der mit diesem Zertifikat verbunden ist, nach den Anforderungen die im Anhang III der Richtlinie 1999/93/EG des Europäischen Parlaments und des Rates über gemeinschaftliche Rahmenbedingungen für elektronische Signaturen geschützt ist.
-CertPathReviewer.QcSSCD.summary = (SSCD) Der Herausgeber macht geltend, dass der Private Schlüssel, der mit diesem Zertifikat verbunden ist, nach den Anforderungen die im Anhang III der Richtlinie 1999/93/EG des Europäischen Parlaments und des Rates über gemeinschaftliche Rahmenbedingungen für elektronische Signaturen geschützt ist.
-CertPathReviewer.QcSSCD.details = (SSCD) Der Herausgeber macht geltend, dass der Private Schlüssel, der mit diesem Zertifikat verbunden ist, nach den Anforderungen die im Anhang III der Richtlinie 1999/93/EG des Europäischen Parlaments und des Rates über gemeinschaftliche Rahmenbedingungen für elektronische Signaturen geschützt ist.
-
-# QcEuCompliance
-CertPathReviewer.QcEuCompliance.title = Qualifiziertes Zertifikat
-CertPathReviewer.QcEuCompliance.text = Dieses Zertifikat wurde als Qualifiziertes Zertifikat herausgegeben gemäss Anhang I und II der Richtlinie 1999/93/EG des Europäischen Parlaments und des Rates über gemeinschaftliche Rahmenbedingungen für elektronische Signaturen und gemäss der Umsetzung der Richtlinie im Land, das im Herausgeber dieses Zertifikats angegeben ist.
-CertPathReviewer.QcEuCompliance.summary = Dieses Zertifikat wurde als Qualifiziertes Zertifikat herausgegeben gemäss Anhang I und II der Richtlinie 1999/93/EG des Europäischen Parlaments und des Rates über gemeinschaftliche Rahmenbedingungen für elektronische Signaturen und gemäss der Umsetzung der Richtlinie in dem Land, das im Herausgeber dieses Zertifikats angegeben ist.
-CertPathReviewer.QcEuCompliance.details = Dieses Zertifikat wurde als Qualifiziertes Zertifikat herausgegeben gemäss Anhang I und II der Richtlinie 1999/93/EG des Europäischen Parlaments und des Rates über gemeinschaftliche Rahmenbedingungen für elektronische Signaturen und gemäss der Umsetzung der Richtlinie in dem Land, das im Herausgeber dieses Zertifikats angegeben ist.
-
-## QcStatement errors
-
-# error processing the QcStatement extension
-CertPathReviewer.QcStatementExtError.title = Fehler bei der Verarbeitung der QcStatement Erweiterung
-CertPathReviewer.QcStatementExtError.text = Fehler bei der Verarbeitung der QcStatement Erweiterung.
-CertPathReviewer.QcStatementExtError.summary = Fehler bei der Verarbeitung der QcStatement Erweiterung.
-CertPathReviewer.QcStatementExtError.details = Fehler bei der Verarbeitung der QcStatement Erweiterung.
-
-## unknown/generic errors
-CertPathReviewer.unknown.title = Unbekannter Fehler 
-CertPathReviewer.unknown.text = Unbekannter Fehler {0}
-CertPathReviewer.unknown.summary = Unbekannter Fehler 
-CertPathReviewer.unknown.details = Unbekannter Fehler {0}
-
-#
-# crl reasons
-#
-unspecified = Nicht spezifiziert
-keyCompromise = Schlüssel Kompromittierung
-cACompromise = CA Kompromittierung
-affiliationChanged = Veränderte Zugehörigkeit
-superseded = Ersetzt
-cessationOfOperation = Einstellen der Tätigkeiten
-certificateHold = Zertifikat vorübergehend gesperrt
-unknown = Unbekannt
-removeFromCRL = Entferne von der CRL
-privilegeWithdrawn = Zurückgezogene Rechte
-aACompromise = AA Kompromittierung
-
-#
-#
-#
-missingIssuer = The missing certificate was issued by
-missingSerial = with the serial number

diff --git a/bcprov/src/main/java/org/bouncycastle/x509/CertPathValidatorUtilities.java b/bcprov/src/main/java/org/bouncycastle/x509/CertPathValidatorUtilities.java
deleted file mode 100644
index 7d788cb..0000000
--- a/bcprov/src/main/java/org/bouncycastle/x509/CertPathValidatorUtilities.java
+++ /dev/null

@@ -1,854 +0,0 @@
-package org.bouncycastle.x509;
-
-import java.io.ByteArrayInputStream;
-import java.io.ByteArrayOutputStream;
-import java.io.IOException;
-import java.math.BigInteger;
-import java.security.GeneralSecurityException;
-import java.security.KeyFactory;
-import java.security.PublicKey;
-import java.security.cert.CRLException;
-import java.security.cert.CertPathValidatorException;
-import java.security.cert.CertStore;
-import java.security.cert.CertStoreException;
-import java.security.cert.Certificate;
-import java.security.cert.CertificateException;
-import java.security.cert.PKIXParameters;
-import java.security.cert.PolicyQualifierInfo;
-import java.security.cert.X509CRL;
-import java.security.cert.X509CRLEntry;
-import java.security.cert.X509Certificate;
-import java.security.interfaces.DSAParams;
-import java.security.interfaces.DSAPublicKey;
-import java.security.spec.DSAPublicKeySpec;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Date;
-import java.util.Enumeration;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-
-import javax.security.auth.x500.X500Principal;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Enumerated;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1OutputStream;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.CRLReason;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.IssuingDistributionPoint;
-import org.bouncycastle.asn1.x509.PolicyInformation;
-import org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
-import org.bouncycastle.asn1.x509.X509Extension;
-import org.bouncycastle.jcajce.PKIXCertStoreSelector;
-import org.bouncycastle.jce.exception.ExtCertPathValidatorException;
-import org.bouncycastle.jce.provider.AnnotatedException;
-import org.bouncycastle.jce.provider.BouncyCastleProvider;
-import org.bouncycastle.jce.provider.PKIXPolicyNode;
-import org.bouncycastle.util.Encodable;
-import org.bouncycastle.util.Selector;
-import org.bouncycastle.util.Store;
-import org.bouncycastle.util.StoreException;
-
-class CertPathValidatorUtilities
-{
-    protected static final PKIXCRLUtil CRL_UTIL = new PKIXCRLUtil();
-
-    protected static final String CERTIFICATE_POLICIES = Extension.certificatePolicies.getId();
-    protected static final String BASIC_CONSTRAINTS = Extension.basicConstraints.getId();
-    protected static final String POLICY_MAPPINGS = Extension.policyMappings.getId();
-    protected static final String SUBJECT_ALTERNATIVE_NAME = Extension.subjectAlternativeName.getId();
-    protected static final String NAME_CONSTRAINTS = Extension.nameConstraints.getId();
-    protected static final String KEY_USAGE = Extension.keyUsage.getId();
-    protected static final String INHIBIT_ANY_POLICY = Extension.inhibitAnyPolicy.getId();
-    protected static final String ISSUING_DISTRIBUTION_POINT = Extension.issuingDistributionPoint.getId();
-    protected static final String DELTA_CRL_INDICATOR = Extension.deltaCRLIndicator.getId();
-    protected static final String POLICY_CONSTRAINTS = Extension.policyConstraints.getId();
-    protected static final String FRESHEST_CRL = Extension.freshestCRL.getId();
-    protected static final String CRL_DISTRIBUTION_POINTS = Extension.cRLDistributionPoints.getId();
-    protected static final String AUTHORITY_KEY_IDENTIFIER = Extension.authorityKeyIdentifier.getId();
-
-    protected static final String ANY_POLICY = "2.5.29.32.0";
-
-    protected static final String CRL_NUMBER = Extension.cRLNumber.getId();
-
-    /*
-    * key usage bits
-    */
-    protected static final int KEY_CERT_SIGN = 5;
-    protected static final int CRL_SIGN = 6;
-
-    protected static final String[] crlReasons = new String[]{
-        "unspecified",
-        "keyCompromise",
-        "cACompromise",
-        "affiliationChanged",
-        "superseded",
-        "cessationOfOperation",
-        "certificateHold",
-        "unknown",
-        "removeFromCRL",
-        "privilegeWithdrawn",
-        "aACompromise"};
-
-
-
-
-    /**
-     * Returns the issuer of an attribute certificate or certificate.
-     *
-     * @param cert The attribute certificate or certificate.
-     * @return The issuer as <code>X500Principal</code>.
-     */
-    protected static X500Principal getEncodedIssuerPrincipal(
-        Object cert)
-    {
-        if (cert instanceof X509Certificate)
-        {
-            return ((X509Certificate)cert).getIssuerX500Principal();
-        }
-        else
-        {
-            return (X500Principal)((X509AttributeCertificate)cert).getIssuer().getPrincipals()[0];
-        }
-    }
-
-    protected static Date getValidDate(PKIXParameters paramsPKIX)
-    {
-        Date validDate = paramsPKIX.getDate();
-
-        if (validDate == null)
-        {
-            validDate = new Date();
-        }
-
-        return validDate;
-    }
-
-    protected static X500Principal getSubjectPrincipal(X509Certificate cert)
-    {
-        return cert.getSubjectX500Principal();
-    }
-
-    protected static boolean isSelfIssued(X509Certificate cert)
-    {
-        return cert.getSubjectDN().equals(cert.getIssuerDN());
-    }
-
-
-    /**
-     * Extract the value of the given extension, if it exists.
-     *
-     * @param ext The extension object.
-     * @param oid The object identifier to obtain.
-     * @throws AnnotatedException if the extension cannot be read.
-     */
-    protected static ASN1Primitive getExtensionValue(
-        java.security.cert.X509Extension ext,
-        String oid)
-        throws AnnotatedException
-    {
-        byte[] bytes = ext.getExtensionValue(oid);
-        if (bytes == null)
-        {
-            return null;
-        }
-
-        return getObject(oid, bytes);
-    }
-
-    private static ASN1Primitive getObject(
-        String oid,
-        byte[] ext)
-        throws AnnotatedException
-    {
-        try
-        {
-            ASN1InputStream aIn = new ASN1InputStream(ext);
-            ASN1OctetString octs = (ASN1OctetString)aIn.readObject();
-
-            aIn = new ASN1InputStream(octs.getOctets());
-            return aIn.readObject();
-        }
-        catch (Exception e)
-        {
-            throw new AnnotatedException("exception processing extension " + oid, e);
-        }
-    }
-
-    protected static X500Principal getIssuerPrincipal(X509CRL crl)
-    {
-        return crl.getIssuerX500Principal();
-    }
-
-    protected static AlgorithmIdentifier getAlgorithmIdentifier(
-        PublicKey key)
-        throws CertPathValidatorException
-    {
-        try
-        {
-            ASN1InputStream aIn = new ASN1InputStream(key.getEncoded());
-
-            SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(aIn.readObject());
-
-            return info.getAlgorithmId();
-        }
-        catch (Exception e)
-        {
-            throw new ExtCertPathValidatorException("Subject public key cannot be decoded.", e);
-        }
-    }
-
-    // crl checking
-
-
-    //
-    // policy checking
-    //
-
-    protected static final Set getQualifierSet(ASN1Sequence qualifiers)
-        throws CertPathValidatorException
-    {
-        Set pq = new HashSet();
-
-        if (qualifiers == null)
-        {
-            return pq;
-        }
-
-        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
-        ASN1OutputStream aOut = new ASN1OutputStream(bOut);
-
-        Enumeration e = qualifiers.getObjects();
-
-        while (e.hasMoreElements())
-        {
-            try
-            {
-                aOut.writeObject((ASN1Encodable)e.nextElement());
-
-                pq.add(new PolicyQualifierInfo(bOut.toByteArray()));
-            }
-            catch (IOException ex)
-            {
-                throw new ExtCertPathValidatorException("Policy qualifier info cannot be decoded.", ex);
-            }
-
-            bOut.reset();
-        }
-
-        return pq;
-    }
-
-    protected static PKIXPolicyNode removePolicyNode(
-        PKIXPolicyNode validPolicyTree,
-        List[] policyNodes,
-        PKIXPolicyNode _node)
-    {
-        PKIXPolicyNode _parent = (PKIXPolicyNode)_node.getParent();
-
-        if (validPolicyTree == null)
-        {
-            return null;
-        }
-
-        if (_parent == null)
-        {
-            for (int j = 0; j < policyNodes.length; j++)
-            {
-                policyNodes[j] = new ArrayList();
-            }
-
-            return null;
-        }
-        else
-        {
-            _parent.removeChild(_node);
-            removePolicyNodeRecurse(policyNodes, _node);
-
-            return validPolicyTree;
-        }
-    }
-
-    private static void removePolicyNodeRecurse(
-        List[] policyNodes,
-        PKIXPolicyNode _node)
-    {
-        policyNodes[_node.getDepth()].remove(_node);
-
-        if (_node.hasChildren())
-        {
-            Iterator _iter = _node.getChildren();
-            while (_iter.hasNext())
-            {
-                PKIXPolicyNode _child = (PKIXPolicyNode)_iter.next();
-                removePolicyNodeRecurse(policyNodes, _child);
-            }
-        }
-    }
-
-
-    protected static boolean processCertD1i(
-        int index,
-        List[] policyNodes,
-        ASN1ObjectIdentifier pOid,
-        Set pq)
-    {
-        List policyNodeVec = policyNodes[index - 1];
-
-        for (int j = 0; j < policyNodeVec.size(); j++)
-        {
-            PKIXPolicyNode node = (PKIXPolicyNode)policyNodeVec.get(j);
-            Set expectedPolicies = node.getExpectedPolicies();
-
-            if (expectedPolicies.contains(pOid.getId()))
-            {
-                Set childExpectedPolicies = new HashSet();
-                childExpectedPolicies.add(pOid.getId());
-
-                PKIXPolicyNode child = new PKIXPolicyNode(new ArrayList(),
-                    index,
-                    childExpectedPolicies,
-                    node,
-                    pq,
-                    pOid.getId(),
-                    false);
-                node.addChild(child);
-                policyNodes[index].add(child);
-
-                return true;
-            }
-        }
-
-        return false;
-    }
-
-    protected static void processCertD1ii(
-        int index,
-        List[] policyNodes,
-        ASN1ObjectIdentifier _poid,
-        Set _pq)
-    {
-        List policyNodeVec = policyNodes[index - 1];
-
-        for (int j = 0; j < policyNodeVec.size(); j++)
-        {
-            PKIXPolicyNode _node = (PKIXPolicyNode)policyNodeVec.get(j);
-
-            if (ANY_POLICY.equals(_node.getValidPolicy()))
-            {
-                Set _childExpectedPolicies = new HashSet();
-                _childExpectedPolicies.add(_poid.getId());
-
-                PKIXPolicyNode _child = new PKIXPolicyNode(new ArrayList(),
-                    index,
-                    _childExpectedPolicies,
-                    _node,
-                    _pq,
-                    _poid.getId(),
-                    false);
-                _node.addChild(_child);
-                policyNodes[index].add(_child);
-                return;
-            }
-        }
-    }
-
-    protected static void prepareNextCertB1(
-        int i,
-        List[] policyNodes,
-        String id_p,
-        Map m_idp,
-        X509Certificate cert
-    )
-        throws AnnotatedException, CertPathValidatorException
-    {
-        boolean idp_found = false;
-        Iterator nodes_i = policyNodes[i].iterator();
-        while (nodes_i.hasNext())
-        {
-            PKIXPolicyNode node = (PKIXPolicyNode)nodes_i.next();
-            if (node.getValidPolicy().equals(id_p))
-            {
-                idp_found = true;
-                node.setExpectedPolicies((Set)m_idp.get(id_p));
-                break;
-            }
-        }
-
-        if (!idp_found)
-        {
-            nodes_i = policyNodes[i].iterator();
-            while (nodes_i.hasNext())
-            {
-                PKIXPolicyNode node = (PKIXPolicyNode)nodes_i.next();
-                if (ANY_POLICY.equals(node.getValidPolicy()))
-                {
-                    Set pq = null;
-                    ASN1Sequence policies = null;
-                    try
-                    {
-                        policies = DERSequence.getInstance(getExtensionValue(cert, CERTIFICATE_POLICIES));
-                    }
-                    catch (Exception e)
-                    {
-                        throw new AnnotatedException("Certificate policies cannot be decoded.", e);
-                    }
-                    Enumeration e = policies.getObjects();
-                    while (e.hasMoreElements())
-                    {
-                        PolicyInformation pinfo = null;
-
-                        try
-                        {
-                            pinfo = PolicyInformation.getInstance(e.nextElement());
-                        }
-                        catch (Exception ex)
-                        {
-                            throw new AnnotatedException("Policy information cannot be decoded.", ex);
-                        }
-                        if (ANY_POLICY.equals(pinfo.getPolicyIdentifier().getId()))
-                        {
-                            try
-                            {
-                                pq = getQualifierSet(pinfo.getPolicyQualifiers());
-                            }
-                            catch (CertPathValidatorException ex)
-                            {
-                                throw new ExtCertPathValidatorException(
-                                    "Policy qualifier info set could not be built.", ex);
-                            }
-                            break;
-                        }
-                    }
-                    boolean ci = false;
-                    if (cert.getCriticalExtensionOIDs() != null)
-                    {
-                        ci = cert.getCriticalExtensionOIDs().contains(CERTIFICATE_POLICIES);
-                    }
-
-                    PKIXPolicyNode p_node = (PKIXPolicyNode)node.getParent();
-                    if (ANY_POLICY.equals(p_node.getValidPolicy()))
-                    {
-                        PKIXPolicyNode c_node = new PKIXPolicyNode(
-                            new ArrayList(), i,
-                            (Set)m_idp.get(id_p),
-                            p_node, pq, id_p, ci);
-                        p_node.addChild(c_node);
-                        policyNodes[i].add(c_node);
-                    }
-                    break;
-                }
-            }
-        }
-    }
-
-    protected static PKIXPolicyNode prepareNextCertB2(
-        int i,
-        List[] policyNodes,
-        String id_p,
-        PKIXPolicyNode validPolicyTree)
-    {
-        Iterator nodes_i = policyNodes[i].iterator();
-        while (nodes_i.hasNext())
-        {
-            PKIXPolicyNode node = (PKIXPolicyNode)nodes_i.next();
-            if (node.getValidPolicy().equals(id_p))
-            {
-                PKIXPolicyNode p_node = (PKIXPolicyNode)node.getParent();
-                p_node.removeChild(node);
-                nodes_i.remove();
-                for (int k = (i - 1); k >= 0; k--)
-                {
-                    List nodes = policyNodes[k];
-                    for (int l = 0; l < nodes.size(); l++)
-                    {
-                        PKIXPolicyNode node2 = (PKIXPolicyNode)nodes.get(l);
-                        if (!node2.hasChildren())
-                        {
-                            validPolicyTree = removePolicyNode(validPolicyTree, policyNodes, node2);
-                            if (validPolicyTree == null)
-                            {
-                                break;
-                            }
-                        }
-                    }
-                }
-            }
-        }
-        return validPolicyTree;
-    }
-
-    protected static boolean isAnyPolicy(
-        Set policySet)
-    {
-        return policySet == null || policySet.contains(ANY_POLICY) || policySet.isEmpty();
-    }
-
-    /**
-     * Return a Collection of all certificates or attribute certificates found
-     * in the X509Store's that are matching the certSelect criteriums.
-     *
-     * @param certSelect a {@link Selector} object that will be used to select
-     *                   the certificates
-     * @param certStores a List containing only {@link X509Store} objects. These
-     *                   are used to search for certificates.
-     * @return a Collection of all found {@link X509Certificate} or
-     *         {@link org.bouncycastle.x509.X509AttributeCertificate} objects.
-     *         May be empty but never <code>null</code>.
-     */
-    protected static Collection findCertificates(X509CertStoreSelector certSelect,
-                                                 List certStores)
-        throws AnnotatedException
-    {
-        Set certs = new HashSet();
-        Iterator iter = certStores.iterator();
-        org.bouncycastle.jcajce.provider.asymmetric.x509.CertificateFactory certFact = new org.bouncycastle.jcajce.provider.asymmetric.x509.CertificateFactory();
-
-        while (iter.hasNext())
-        {
-            Object obj = iter.next();
-
-            if (obj instanceof Store)
-            {
-                Store certStore = (Store)obj;
-                try
-                {
-                    for (Iterator it = certStore.getMatches(certSelect).iterator(); it.hasNext();)
-                    {
-                        Object cert = it.next();
-
-                        if (cert instanceof Encodable)
-                        {
-                            certs.add(certFact.engineGenerateCertificate(new ByteArrayInputStream(((Encodable)cert).getEncoded())));
-                        }
-                        else if (cert instanceof Certificate)
-                        {
-                             certs.add(cert);
-                        }
-                        else
-                        {
-                            throw new AnnotatedException(
-                                    "Unknown object found in certificate store.");
-                        }
-                    }
-                }
-                catch (StoreException e)
-                {
-                    throw new AnnotatedException(
-                            "Problem while picking certificates from X.509 store.", e);
-                }
-                catch (IOException e)
-                {
-                    throw new AnnotatedException(
-                            "Problem while extracting certificates from X.509 store.", e);
-                }
-                catch (CertificateException e)
-                {
-                    throw new AnnotatedException(
-                            "Problem while extracting certificates from X.509 store.", e);
-                }
-            }
-            else
-            {
-                CertStore certStore = (CertStore)obj;
-
-                try
-                {
-                    certs.addAll(certStore.getCertificates(certSelect));
-                }
-                catch (CertStoreException e)
-                {
-                    throw new AnnotatedException(
-                        "Problem while picking certificates from certificate store.",
-                        e);
-                }
-            }
-        }
-        return certs;
-    }
-
-    protected static Collection findCertificates(PKIXCertStoreSelector certSelect,
-                                                 List certStores)
-        throws AnnotatedException
-    {
-        Set certs = new HashSet();
-        Iterator iter = certStores.iterator();
-
-        while (iter.hasNext())
-        {
-            Object obj = iter.next();
-
-            if (obj instanceof Store)
-            {
-                Store certStore = (Store)obj;
-                try
-                {
-                    certs.addAll(certStore.getMatches(certSelect));
-                }
-                catch (StoreException e)
-                {
-                    throw new AnnotatedException(
-                            "Problem while picking certificates from X.509 store.", e);
-                }
-            }
-            else
-            {
-                CertStore certStore = (CertStore)obj;
-
-                try
-                {
-                    certs.addAll(PKIXCertStoreSelector.getCertificates(certSelect, certStore));
-                }
-                catch (CertStoreException e)
-                {
-                    throw new AnnotatedException(
-                        "Problem while picking certificates from certificate store.",
-                        e);
-                }
-            }
-        }
-        return certs;
-    }
-
-    protected static Collection findCertificates(X509AttributeCertStoreSelector certSelect,
-                                                 List certStores)
-        throws AnnotatedException
-    {
-        Set certs = new HashSet();
-        Iterator iter = certStores.iterator();
-
-        while (iter.hasNext())
-        {
-            Object obj = iter.next();
-
-            if (obj instanceof X509Store)
-            {
-                X509Store certStore = (X509Store)obj;
-                try
-                {
-                    certs.addAll(certStore.getMatches(certSelect));
-                }
-                catch (StoreException e)
-                {
-                    throw new AnnotatedException(
-                            "Problem while picking certificates from X.509 store.", e);
-                }
-            }
-        }
-        return certs;
-    }
-
-    private static BigInteger getSerialNumber(
-        Object cert)
-    {
-        if (cert instanceof X509Certificate)
-        {
-            return ((X509Certificate)cert).getSerialNumber();
-        }
-        else
-        {
-            return ((X509AttributeCertificate)cert).getSerialNumber();
-        }
-    }
-
-    protected static void getCertStatus(
-        Date validDate,
-        X509CRL crl,
-        Object cert,
-        CertStatus certStatus)
-        throws AnnotatedException
-    {
-        X509CRLEntry crl_entry = null;
-
-        boolean isIndirect;
-        try
-        {
-            isIndirect = isIndirectCRL(crl);
-        }
-        catch (CRLException exception)
-        {
-            throw new AnnotatedException("Failed check for indirect CRL.", exception);
-        }
-
-        if (isIndirect)
-        {
-            crl_entry = crl.getRevokedCertificate(getSerialNumber(cert));
-
-            if (crl_entry == null)
-            {
-                return;
-            }
-
-            X500Principal certIssuer = crl_entry.getCertificateIssuer();
-
-            if (certIssuer == null)
-            {
-                certIssuer = getIssuerPrincipal(crl);
-            }
-
-            if (!getEncodedIssuerPrincipal(cert).equals(certIssuer))
-            {
-                return;
-            }
-        }
-        else if (!getEncodedIssuerPrincipal(cert).equals(getIssuerPrincipal(crl)))
-        {
-            return;  // not for our issuer, ignore
-        }
-        else
-        {
-            crl_entry = crl.getRevokedCertificate(getSerialNumber(cert));
-
-            if (crl_entry == null)
-            {
-                return;
-            }
-        }
-
-        ASN1Enumerated reasonCode = null;
-        if (crl_entry.hasExtensions())
-        {
-            try
-            {
-                reasonCode = ASN1Enumerated
-                    .getInstance(CertPathValidatorUtilities
-                        .getExtensionValue(crl_entry,
-                            X509Extension.reasonCode.getId()));
-            }
-            catch (Exception e)
-            {
-                throw new AnnotatedException(
-                    "Reason code CRL entry extension could not be decoded.",
-                    e);
-            }
-        }
-
-        // for reason keyCompromise, caCompromise, aACompromise or
-        // unspecified
-        if (!(validDate.getTime() < crl_entry.getRevocationDate().getTime())
-            || reasonCode == null
-            || reasonCode.getValue().intValue() == 0
-            || reasonCode.getValue().intValue() == 1
-            || reasonCode.getValue().intValue() == 2
-            || reasonCode.getValue().intValue() == 8)
-        {
-
-            // (i) or (j) (1)
-            if (reasonCode != null)
-            {
-                certStatus.setCertStatus(reasonCode.getValue().intValue());
-            }
-            // (i) or (j) (2)
-            else
-            {
-                certStatus.setCertStatus(CRLReason.unspecified);
-            }
-            certStatus.setRevocationDate(crl_entry.getRevocationDate());
-        }
-    }
-
-    /**
-     * Return the next working key inheriting DSA parameters if necessary.
-     * <p>
-     * This methods inherits DSA parameters from the indexed certificate or
-     * previous certificates in the certificate chain to the returned
-     * <code>PublicKey</code>. The list is searched upwards, meaning the end
-     * certificate is at position 0 and previous certificates are following.
-     * </p>
-     * <p>
-     * If the indexed certificate does not contain a DSA key this method simply
-     * returns the public key. If the DSA key already contains DSA parameters
-     * the key is also only returned.
-     * </p>
-     *
-     * @param certs The certification path.
-     * @param index The index of the certificate which contains the public key
-     *              which should be extended with DSA parameters.
-     * @return The public key of the certificate in list position
-     *         <code>index</code> extended with DSA parameters if applicable.
-     * @throws CertPathValidatorException if DSA parameters cannot be inherited.
-     */
-    protected static PublicKey getNextWorkingKey(List certs, int index)
-        throws CertPathValidatorException
-    {
-        Certificate cert = (Certificate)certs.get(index);
-        PublicKey pubKey = cert.getPublicKey();
-        if (!(pubKey instanceof DSAPublicKey))
-        {
-            return pubKey;
-        }
-        DSAPublicKey dsaPubKey = (DSAPublicKey)pubKey;
-        if (dsaPubKey.getParams() != null)
-        {
-            return dsaPubKey;
-        }
-        for (int i = index + 1; i < certs.size(); i++)
-        {
-            X509Certificate parentCert = (X509Certificate)certs.get(i);
-            pubKey = parentCert.getPublicKey();
-            if (!(pubKey instanceof DSAPublicKey))
-            {
-                throw new CertPathValidatorException(
-                    "DSA parameters cannot be inherited from previous certificate.");
-            }
-            DSAPublicKey prevDSAPubKey = (DSAPublicKey)pubKey;
-            if (prevDSAPubKey.getParams() == null)
-            {
-                continue;
-            }
-            DSAParams dsaParams = prevDSAPubKey.getParams();
-            DSAPublicKeySpec dsaPubKeySpec = new DSAPublicKeySpec(
-                dsaPubKey.getY(), dsaParams.getP(), dsaParams.getQ(), dsaParams.getG());
-            try
-            {
-                KeyFactory keyFactory = KeyFactory.getInstance("DSA", BouncyCastleProvider.PROVIDER_NAME);
-                return keyFactory.generatePublic(dsaPubKeySpec);
-            }
-            catch (Exception exception)
-            {
-                throw new RuntimeException(exception.getMessage());
-            }
-        }
-        throw new CertPathValidatorException("DSA parameters cannot be inherited from previous certificate.");
-    }
-
-    protected static void verifyX509Certificate(X509Certificate cert, PublicKey publicKey,
-                                                String sigProvider)
-        throws GeneralSecurityException
-    {
-        if (sigProvider == null)
-        {
-            cert.verify(publicKey);
-        }
-        else
-        {
-            cert.verify(publicKey, sigProvider);
-        }
-    }
-
-    static boolean isIndirectCRL(X509CRL crl)
-        throws CRLException
-    {
-        try
-        {
-            byte[] idp = crl.getExtensionValue(Extension.issuingDistributionPoint.getId());
-            return idp != null
-                && IssuingDistributionPoint.getInstance(ASN1OctetString.getInstance(idp).getOctets()).isIndirectCRL();
-        }
-        catch (Exception e)
-        {
-            throw new CRLException(
-                    "Exception reading IssuingDistributionPoint: " + e);
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/x509/CertStatus.java b/bcprov/src/main/java/org/bouncycastle/x509/CertStatus.java
deleted file mode 100644
index f12910d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/x509/CertStatus.java
+++ /dev/null

@@ -1,46 +0,0 @@
-package org.bouncycastle.x509;
-
-import java.util.Date;
-
-class CertStatus
-{
-    public static final int UNREVOKED = 11;
-
-    public static final int UNDETERMINED = 12;
-
-    int certStatus = UNREVOKED;
-
-    Date revocationDate = null;
-
-    /**
-     * @return Returns the revocationDate.
-     */
-    public Date getRevocationDate()
-    {
-        return revocationDate;
-    }
-
-    /**
-     * @param revocationDate The revocationDate to set.
-     */
-    public void setRevocationDate(Date revocationDate)
-    {
-        this.revocationDate = revocationDate;
-    }
-
-    /**
-     * @return Returns the certStatus.
-     */
-    public int getCertStatus()
-    {
-        return certStatus;
-    }
-
-    /**
-     * @param certStatus The certStatus to set.
-     */
-    public void setCertStatus(int certStatus)
-    {
-        this.certStatus = certStatus;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/x509/NoSuchParserException.java b/bcprov/src/main/java/org/bouncycastle/x509/NoSuchParserException.java
deleted file mode 100644
index c25b9dd..0000000
--- a/bcprov/src/main/java/org/bouncycastle/x509/NoSuchParserException.java
+++ /dev/null

@@ -1,10 +0,0 @@
-package org.bouncycastle.x509;
-
-public class NoSuchParserException
-    extends Exception
-{
-    public NoSuchParserException(String message)
-    {
-        super(message);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/x509/PKIXCRLUtil.java b/bcprov/src/main/java/org/bouncycastle/x509/PKIXCRLUtil.java
deleted file mode 100644
index bfa9f2d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/x509/PKIXCRLUtil.java
+++ /dev/null

@@ -1,153 +0,0 @@
-package org.bouncycastle.x509;
-
-import java.security.cert.CertStore;
-import java.security.cert.CertStoreException;
-import java.security.cert.PKIXParameters;
-import java.security.cert.X509CRL;
-import java.security.cert.X509Certificate;
-import java.util.Collection;
-import java.util.Date;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Set;
-
-import org.bouncycastle.jce.provider.AnnotatedException;
-import org.bouncycastle.util.StoreException;
-
-class PKIXCRLUtil
-{
-    public Set findCRLs(X509CRLStoreSelector crlselect, ExtendedPKIXParameters paramsPKIX, Date currentDate)
-        throws AnnotatedException
-    {
-        Set initialSet = new HashSet();
-
-        // get complete CRL(s)
-        try
-        {
-            initialSet.addAll(findCRLs(crlselect, paramsPKIX.getAdditionalStores()));
-            initialSet.addAll(findCRLs(crlselect, paramsPKIX.getStores()));
-            initialSet.addAll(findCRLs(crlselect, paramsPKIX.getCertStores()));
-        }
-        catch (AnnotatedException e)
-        {
-            throw new AnnotatedException("Exception obtaining complete CRLs.", e);
-        }
-
-        Set finalSet = new HashSet();
-        Date validityDate = currentDate;
-
-        if (paramsPKIX.getDate() != null)
-        {
-            validityDate = paramsPKIX.getDate();
-        }
-
-        // based on RFC 5280 6.3.3
-        for (Iterator it = initialSet.iterator(); it.hasNext();)
-        {
-            X509CRL crl = (X509CRL)it.next();
-
-            if (crl.getNextUpdate().after(validityDate))
-            {
-                X509Certificate cert = crlselect.getCertificateChecking();
-
-                if (cert != null)
-                {
-                    if (crl.getThisUpdate().before(cert.getNotAfter()))
-                    {
-                        finalSet.add(crl);
-                    }
-                }
-                else
-                {
-                    finalSet.add(crl);
-                }
-            }
-        }
-
-        return finalSet;
-    }
-
-    public Set findCRLs(X509CRLStoreSelector crlselect, PKIXParameters paramsPKIX)
-        throws AnnotatedException
-    {
-        Set completeSet = new HashSet();
-
-        // get complete CRL(s)
-        try
-        {
-            completeSet.addAll(findCRLs(crlselect, paramsPKIX.getCertStores()));
-        }
-        catch (AnnotatedException e)
-        {
-            throw new AnnotatedException("Exception obtaining complete CRLs.", e);
-        }
-
-        return completeSet;
-    }
-
-/**
-     * Return a Collection of all CRLs found in the X509Store's that are
-     * matching the crlSelect criteriums.
-     *
-     * @param crlSelect a {@link X509CRLStoreSelector} object that will be used
-     *            to select the CRLs
-     * @param crlStores a List containing only
-     *            {@link org.bouncycastle.x509.X509Store  X509Store} objects.
-     *            These are used to search for CRLs
-     *
-     * @return a Collection of all found {@link java.security.cert.X509CRL X509CRL} objects. May be
-     *         empty but never <code>null</code>.
-     */
-    private final Collection findCRLs(X509CRLStoreSelector crlSelect,
-        List crlStores) throws AnnotatedException
-    {
-        Set crls = new HashSet();
-        Iterator iter = crlStores.iterator();
-
-        AnnotatedException lastException = null;
-        boolean foundValidStore = false;
-
-        while (iter.hasNext())
-        {
-            Object obj = iter.next();
-
-            if (obj instanceof X509Store)
-            {
-                X509Store store = (X509Store)obj;
-
-                try
-                {
-                    crls.addAll(store.getMatches(crlSelect));
-                    foundValidStore = true;
-                }
-                catch (StoreException e)
-                {
-                    lastException = new AnnotatedException(
-                        "Exception searching in X.509 CRL store.", e);
-                }
-            }
-            else
-            {
-                CertStore store = (CertStore)obj;
-
-                try
-                {
-                    crls.addAll(store.getCRLs(crlSelect));
-                    foundValidStore = true;
-                }
-                catch (CertStoreException e)
-                {
-                    lastException = new AnnotatedException(
-                        "Exception searching in X.509 CRL store.", e);
-                }
-            }
-        }
-        if (!foundValidStore && lastException != null)
-        {
-            throw lastException;
-        }
-        return crls;
-    }
-
-}
\ No newline at end of file

diff --git a/bcprov/src/main/java/org/bouncycastle/x509/PKIXCertPathReviewer.java b/bcprov/src/main/java/org/bouncycastle/x509/PKIXCertPathReviewer.java
deleted file mode 100644
index 33bc83d..0000000
--- a/bcprov/src/main/java/org/bouncycastle/x509/PKIXCertPathReviewer.java
+++ /dev/null

@@ -1,2535 +0,0 @@
-package org.bouncycastle.x509;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.math.BigInteger;
-import java.net.HttpURLConnection;
-import java.net.InetAddress;
-import java.net.URL;
-import java.security.GeneralSecurityException;
-import java.security.PublicKey;
-import java.security.SignatureException;
-import java.security.cert.CertPath;
-import java.security.cert.CertPathValidatorException;
-import java.security.cert.CertificateExpiredException;
-import java.security.cert.CertificateFactory;
-import java.security.cert.CertificateNotYetValidException;
-import java.security.cert.PKIXCertPathChecker;
-import java.security.cert.PKIXParameters;
-import java.security.cert.PolicyNode;
-import java.security.cert.TrustAnchor;
-import java.security.cert.X509CRL;
-import java.security.cert.X509CRLEntry;
-import java.security.cert.X509CertSelector;
-import java.security.cert.X509Certificate;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.Date;
-import java.util.Enumeration;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.Set;
-import java.util.Vector;
-
-import javax.security.auth.x500.X500Principal;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1Enumerated;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1OctetString;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.ASN1TaggedObject;
-import org.bouncycastle.asn1.DERIA5String;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.x509.AccessDescription;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.AuthorityInformationAccess;
-import org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
-import org.bouncycastle.asn1.x509.BasicConstraints;
-import org.bouncycastle.asn1.x509.CRLDistPoint;
-import org.bouncycastle.asn1.x509.DistributionPoint;
-import org.bouncycastle.asn1.x509.DistributionPointName;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.GeneralNames;
-import org.bouncycastle.asn1.x509.GeneralSubtree;
-import org.bouncycastle.asn1.x509.IssuingDistributionPoint;
-import org.bouncycastle.asn1.x509.NameConstraints;
-import org.bouncycastle.asn1.x509.PolicyInformation;
-import org.bouncycastle.asn1.x509.qualified.Iso4217CurrencyCode;
-import org.bouncycastle.asn1.x509.qualified.MonetaryValue;
-import org.bouncycastle.asn1.x509.qualified.QCStatement;
-import org.bouncycastle.i18n.ErrorBundle;
-import org.bouncycastle.i18n.LocaleString;
-import org.bouncycastle.i18n.filter.TrustedInput;
-import org.bouncycastle.i18n.filter.UntrustedInput;
-import org.bouncycastle.i18n.filter.UntrustedUrlInput;
-import org.bouncycastle.jce.provider.AnnotatedException;
-import org.bouncycastle.jce.provider.PKIXNameConstraintValidator;
-import org.bouncycastle.jce.provider.PKIXNameConstraintValidatorException;
-import org.bouncycastle.jce.provider.PKIXPolicyNode;
-import org.bouncycastle.util.Integers;
-
-/**
- * PKIXCertPathReviewer<br>
- * Validation of X.509 Certificate Paths. Tries to find as much errors in the Path as possible.
- */
-public class PKIXCertPathReviewer extends CertPathValidatorUtilities
-{
-    
-    private static final String QC_STATEMENT = Extension.qCStatements.getId();
-    private static final String CRL_DIST_POINTS = Extension.cRLDistributionPoints.getId();
-    private static final String AUTH_INFO_ACCESS = Extension.authorityInfoAccess.getId();
-    
-    private static final String RESOURCE_NAME = "org.bouncycastle.x509.CertPathReviewerMessages";
-    
-    // input parameters
-    
-    protected CertPath certPath;
-
-    protected PKIXParameters pkixParams;
-
-    protected Date validDate;
-
-    // state variables
-    
-    protected List certs;
-
-    protected int n;
-    
-    // output variables
-    
-    protected List[] notifications;
-    protected List[] errors;
-    protected TrustAnchor trustAnchor;
-    protected PublicKey subjectPublicKey;
-    protected PolicyNode policyTree;
-    
-    private boolean initialized;
-    
-    /** 
-     * Initializes the PKIXCertPathReviewer with the given {@link CertPath} and {@link PKIXParameters} params
-     * @param certPath the {@link CertPath} to validate
-     * @param params the {@link PKIXParameters} to use
-     * @throws CertPathReviewerException if the certPath is empty
-     * @throws IllegalStateException if the {@link PKIXCertPathReviewer} is already initialized
-     */
-    public void init(CertPath certPath, PKIXParameters params)
-            throws CertPathReviewerException
-    {
-        if (initialized)
-        {
-            throw new IllegalStateException("object is already initialized!");
-        }
-        initialized = true;
-        
-        // check input parameters
-        if (certPath == null)
-        {
-            throw new NullPointerException("certPath was null");
-        }
-        this.certPath = certPath;
-
-        certs = certPath.getCertificates();
-        n = certs.size();
-        if (certs.isEmpty())
-        {
-            throw new CertPathReviewerException(
-                    new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.emptyCertPath"));
-        }
-
-        pkixParams = (PKIXParameters) params.clone();
-
-        // 6.1.1 - Inputs
-
-        // a) done
-
-        // b)
-
-        validDate = getValidDate(pkixParams);
-
-        // c) part of pkixParams
-
-        // d) done at the beginning of checkSignatures
-
-        // e) f) g) part of pkixParams
-        
-        // initialize output parameters
-        
-        notifications = null;
-        errors = null;
-        trustAnchor = null;
-        subjectPublicKey = null;
-        policyTree = null;
-    }
-    
-    /**
-     * Creates a PKIXCertPathReviewer and initializes it with the given {@link CertPath} and {@link PKIXParameters} params
-     * @param certPath the {@link CertPath} to validate
-     * @param params the {@link PKIXParameters} to use
-     * @throws CertPathReviewerException if the certPath is empty
-     */
-    public PKIXCertPathReviewer(CertPath certPath, PKIXParameters params)
-            throws CertPathReviewerException
-    {
-        init(certPath, params);
-    }
-    
-    /**
-     * Creates an empty PKIXCertPathReviewer. Don't forget to call init() to initialize the object.
-     */
-    public PKIXCertPathReviewer()
-    {
-        // do nothing
-    }
-    
-    /**
-     * 
-     * @return the CertPath that was validated
-     */
-    public CertPath getCertPath()
-    {
-        return certPath;
-    }
-    
-    /**
-     * 
-     * @return the size of the CertPath
-     */
-    public int getCertPathSize()
-    {
-        return n;
-    }
-
-    /**
-     * Returns an Array of Lists which contains a List of global error messages 
-     * and a List of error messages for each certificate in the path.
-     * The global error List is at index 0. The error lists for each certificate at index 1 to n. 
-     * The error messages are of type.
-     * @return the Array of Lists which contain the error messages
-     * @throws IllegalStateException if the {@link PKIXCertPathReviewer} was not initialized
-     */
-    public List[] getErrors()
-    {
-        doChecks();
-        return errors;
-    }
-    
-    /**
-     * Returns an List of error messages for the certificate at the given index in the CertPath.
-     * If index == -1 then the list of global errors is returned with errors not specific to a certificate. 
-     * @param index the index of the certificate in the CertPath
-     * @return List of error messages for the certificate
-     * @throws IllegalStateException if the {@link PKIXCertPathReviewer} was not initialized
-     */
-    public List getErrors(int index)
-    {
-        doChecks();
-        return errors[index + 1];
-    }
-
-    /**
-     * Returns an Array of Lists which contains a List of global notification messages 
-     * and a List of botification messages for each certificate in the path.
-     * The global notificatio List is at index 0. The notification lists for each certificate at index 1 to n. 
-     * The error messages are of type.
-     * @return the Array of Lists which contain the notification messages
-     * @throws IllegalStateException if the {@link PKIXCertPathReviewer} was not initialized
-     */
-    public List[] getNotifications()
-    {
-        doChecks();
-        return notifications;
-    }
-    
-    /**
-     * Returns an List of notification messages for the certificate at the given index in the CertPath.
-     * If index == -1 then the list of global notifications is returned with notifications not specific to a certificate. 
-     * @param index the index of the certificate in the CertPath
-     * @return List of notification messages for the certificate
-     * @throws IllegalStateException if the {@link PKIXCertPathReviewer} was not initialized
-     */
-    public List getNotifications(int index)
-    {
-        doChecks();
-        return notifications[index + 1];
-    }
-
-    /**
-     * 
-     * @return the valid policy tree, <b>null</b> if no valid policy exists.
-     * @throws IllegalStateException if the {@link PKIXCertPathReviewer} was not initialized
-     */
-    public PolicyNode getPolicyTree()
-    {
-        doChecks();
-        return policyTree;
-    }
-
-    /**
-     * 
-     * @return the PublicKey if the last certificate in the CertPath
-     * @throws IllegalStateException if the {@link PKIXCertPathReviewer} was not initialized
-     */
-    public PublicKey getSubjectPublicKey()
-    {
-        doChecks();
-        return subjectPublicKey;
-    }
-
-    /**
-     * 
-     * @return the TrustAnchor for the CertPath, <b>null</b> if no valid TrustAnchor was found.
-     * @throws IllegalStateException if the {@link PKIXCertPathReviewer} was not initialized
-     */
-    public TrustAnchor getTrustAnchor()
-    {
-        doChecks();
-        return trustAnchor;
-    }
-    
-    /**
-     * 
-     * @return if the CertPath is valid
-     * @throws IllegalStateException if the {@link PKIXCertPathReviewer} was not initialized
-     */
-    public boolean isValidCertPath()
-    {
-        doChecks();
-        boolean valid = true;
-        for (int i = 0; i < errors.length; i++)
-        {
-            if (!errors[i].isEmpty())
-            {
-                valid = false;
-                break;
-            }
-        }
-        return valid;
-    }
-    
-    protected void addNotification(ErrorBundle msg)
-    {
-        notifications[0].add(msg);
-    }
-    
-    protected void addNotification(ErrorBundle msg, int index)
-    {
-        if (index < -1 || index >= n)
-        {
-            throw new IndexOutOfBoundsException();
-        }
-        notifications[index + 1].add(msg);
-    }
-
-    protected void addError(ErrorBundle msg) 
-    {
-        errors[0].add(msg);
-    }
-    
-    protected void addError(ErrorBundle msg, int index)
-    {
-        if (index < -1 || index >= n)
-        {
-            throw new IndexOutOfBoundsException();
-        }
-        errors[index + 1].add(msg);
-    }
-    
-    protected void doChecks()
-    {
-        if (!initialized)
-        {
-            throw new IllegalStateException("Object not initialized. Call init() first.");
-        }
-        if (notifications == null)
-        {
-            // initialize lists
-            notifications = new List[n+1];
-            errors = new List[n+1];
-            
-            for (int i = 0; i < notifications.length; i++)
-            {
-                notifications[i] = new ArrayList();
-                errors[i] = new ArrayList();
-            }
-            
-            // check Signatures
-            checkSignatures();
-            
-            // check Name Constraints
-            checkNameConstraints();
-            
-            // check Path Length
-            checkPathLength();
-            
-            // check Policy
-            checkPolicy();
-            
-            // check other critical extensions
-            checkCriticalExtensions();
-            
-        }
-    }
-
-    private void checkNameConstraints()
-    {
-        X509Certificate cert = null;
-        
-        //
-        // Setup
-        //
-        
-        // (b)  and (c)
-        PKIXNameConstraintValidator nameConstraintValidator = new PKIXNameConstraintValidator();
-
-        //
-        // process each certificate except the last in the path
-        //
-        int index;
-        int i;
-        
-        try 
-        {
-            for (index = certs.size()-1; index>0; index--) 
-            {
-                i = n - index;
-                
-                //
-                // certificate processing
-                //    
-                
-                cert = (X509Certificate) certs.get(index);
-                
-                // b),c)
-                
-                if (!isSelfIssued(cert))
-                {
-                    X500Principal principal = getSubjectPrincipal(cert);
-                    ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(principal.getEncoded()));
-                    ASN1Sequence    dns;
-    
-                    try
-                    {
-                        dns = (ASN1Sequence)aIn.readObject();
-                    }
-                    catch (IOException e)
-                    {
-                        ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.ncSubjectNameError", 
-                                new Object[] {new UntrustedInput(principal)});
-                        throw new CertPathReviewerException(msg,e,certPath,index);
-                    }
-    
-                    try
-                    {
-                        nameConstraintValidator.checkPermittedDN(dns);
-                    }
-                    catch (PKIXNameConstraintValidatorException cpve)
-                    {
-                        ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.notPermittedDN", 
-                                new Object[] {new UntrustedInput(principal.getName())});
-                        throw new CertPathReviewerException(msg,cpve,certPath,index);
-                    }
-                    
-                    try
-                    {
-                        nameConstraintValidator.checkExcludedDN(dns);
-                    }
-                    catch (PKIXNameConstraintValidatorException cpve)
-                    {
-                        ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.excludedDN",
-                                new Object[] {new UntrustedInput(principal.getName())});
-                        throw new CertPathReviewerException(msg,cpve,certPath,index);
-                    }
-            
-                    ASN1Sequence altName;
-                    try 
-                    {
-                        altName = (ASN1Sequence)getExtensionValue(cert, SUBJECT_ALTERNATIVE_NAME);
-                    }
-                    catch (AnnotatedException ae)
-                    {
-                        ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.subjAltNameExtError");
-                        throw new CertPathReviewerException(msg,ae,certPath,index);
-                    }
-                    
-                    if (altName != null)
-                    {
-                        for (int j = 0; j < altName.size(); j++)
-                        {
-                            GeneralName name = GeneralName.getInstance(altName.getObjectAt(j));
-
-                            try
-                            {
-                                nameConstraintValidator.checkPermitted(name);
-                                nameConstraintValidator.checkExcluded(name);
-                            }
-                            catch (PKIXNameConstraintValidatorException cpve)
-                            {
-                                ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.notPermittedEmail",
-                                        new Object[] {new UntrustedInput(name)});
-                                throw new CertPathReviewerException(msg,cpve,certPath,index);
-                            }
-//                            switch(o.getTagNo())            TODO - move resources to PKIXNameConstraints
-//                            {
-//                            case 1:
-//                                String email = DERIA5String.getInstance(o, true).getString();
-//
-//                                try
-//                                {
-//                                    checkPermittedEmail(permittedSubtreesEmail, email);
-//                                }
-//                                catch (CertPathValidatorException cpve)
-//                                {
-//                                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.notPermittedEmail",
-//                                            new Object[] {new UntrustedInput(email)});
-//                                    throw new CertPathReviewerException(msg,cpve,certPath,index);
-//                                }
-//
-//                                try
-//                                {
-//                                    checkExcludedEmail(excludedSubtreesEmail, email);
-//                                }
-//                                catch (CertPathValidatorException cpve)
-//                                {
-//                                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.excludedEmail",
-//                                            new Object[] {new UntrustedInput(email)});
-//                                    throw new CertPathReviewerException(msg,cpve,certPath,index);
-//                                }
-//
-//                                break;
-//                            case 4:
-//                                ASN1Sequence altDN = ASN1Sequence.getInstance(o, true);
-//
-//                                try
-//                                {
-//                                    checkPermittedDN(permittedSubtreesDN, altDN);
-//                                }
-//                                catch (CertPathValidatorException cpve)
-//                                {
-//                                    X509Name altDNName = new X509Name(altDN);
-//                                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.notPermittedDN",
-//                                            new Object[] {new UntrustedInput(altDNName)});
-//                                    throw new CertPathReviewerException(msg,cpve,certPath,index);
-//                                }
-//
-//                                try
-//                                {
-//                                    checkExcludedDN(excludedSubtreesDN, altDN);
-//                                }
-//                                catch (CertPathValidatorException cpve)
-//                                {
-//                                    X509Name altDNName = new X509Name(altDN);
-//                                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.excludedDN",
-//                                            new Object[] {new UntrustedInput(altDNName)});
-//                                    throw new CertPathReviewerException(msg,cpve,certPath,index);
-//                                }
-//
-//                                break;
-//                            case 7:
-//                                byte[] ip = ASN1OctetString.getInstance(o, true).getOctets();
-//
-//                                try
-//                                {
-//                                    checkPermittedIP(permittedSubtreesIP, ip);
-//                                }
-//                                catch (CertPathValidatorException cpve)
-//                                {
-//                                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.notPermittedIP",
-//                                            new Object[] {IPtoString(ip)});
-//                                    throw new CertPathReviewerException(msg,cpve,certPath,index);
-//                                }
-//
-//                                try
-//                                {
-//                                    checkExcludedIP(excludedSubtreesIP, ip);
-//                                }
-//                                catch (CertPathValidatorException cpve)
-//                                {
-//                                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.excludedIP",
-//                                            new Object[] {IPtoString(ip)});
-//                                    throw new CertPathReviewerException(msg,cpve,certPath,index);
-//                                }
-//                            }
-                        }
-                    }
-                }
-                
-                //
-                // prepare for next certificate
-                //
-                
-                //
-                // (g) handle the name constraints extension
-                //
-                ASN1Sequence ncSeq;
-                try 
-                {
-                    ncSeq = (ASN1Sequence)getExtensionValue(cert, NAME_CONSTRAINTS);
-                }
-                catch (AnnotatedException ae)
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.ncExtError");
-                    throw new CertPathReviewerException(msg,ae,certPath,index);
-                }
-                
-                if (ncSeq != null)
-                {
-                    NameConstraints nc = NameConstraints.getInstance(ncSeq);
-
-                    //
-                    // (g) (1) permitted subtrees
-                    //
-                    GeneralSubtree[] permitted = nc.getPermittedSubtrees();
-                    if (permitted != null)
-                    {
-                        nameConstraintValidator.intersectPermittedSubtree(permitted);
-                    }
-                
-                    //
-                    // (g) (2) excluded subtrees
-                    //
-                    GeneralSubtree[] excluded = nc.getExcludedSubtrees();
-                    if (excluded != null)
-                    {
-                        for (int c = 0; c != excluded.length; c++)
-                        {
-                             nameConstraintValidator.addExcludedSubtree(excluded[c]);
-                        }
-                    }
-                }
-                
-            } // for
-        }
-        catch (CertPathReviewerException cpre)
-        {
-            addError(cpre.getErrorMessage(),cpre.getIndex());
-        }
-        
-    }
-
-    /*
-     * checks: - path length constraints and reports - total path length
-     */
-    private void checkPathLength()
-    {
-        // init
-        int maxPathLength = n;
-        int totalPathLength = 0;
-
-        X509Certificate cert = null;
-
-        int i;
-        for (int index = certs.size() - 1; index > 0; index--)
-        {
-            i = n - index;
-
-            cert = (X509Certificate) certs.get(index);
-
-            // l)
-
-            if (!isSelfIssued(cert))
-            {
-                if (maxPathLength <= 0)
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.pathLengthExtended");
-                    addError(msg);
-                }
-                maxPathLength--;
-                totalPathLength++;
-            }
-
-            // m)
-
-            BasicConstraints bc;
-            try
-            {
-                bc = BasicConstraints.getInstance(getExtensionValue(cert,
-                        BASIC_CONSTRAINTS));
-            }
-            catch (AnnotatedException ae)
-            {
-                ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.processLengthConstError");
-                addError(msg,index);
-                bc = null;
-            }
-
-            if (bc != null)
-            {
-                BigInteger _pathLengthConstraint = bc.getPathLenConstraint();
-
-                if (_pathLengthConstraint != null)
-                {
-                    int _plc = _pathLengthConstraint.intValue();
-
-                    if (_plc < maxPathLength)
-                    {
-                        maxPathLength = _plc;
-                    }
-                }
-            }
-
-        }
-
-        ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.totalPathLength",
-                new Object[]{Integers.valueOf(totalPathLength)});
-        
-        addNotification(msg);
-    }
-
-    /*
-     * checks: - signatures - name chaining - validity of certificates - todo:
-     * if certificate revoked (if specified in the parameters)
-     */
-    private void checkSignatures()
-    {
-        // 1.6.1 - Inputs
-        
-        // d)
-        
-        TrustAnchor trust = null;
-        X500Principal trustPrincipal = null;
-        
-        // validation date
-        {
-            ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.certPathValidDate",
-                    new Object[] {new TrustedInput(validDate), new TrustedInput(new Date())});
-            addNotification(msg);
-        }
-        
-        // find trust anchors
-        try
-        {
-            X509Certificate cert = (X509Certificate) certs.get(certs.size() - 1);
-            Collection trustColl = getTrustAnchors(cert,pkixParams.getTrustAnchors());
-            if (trustColl.size() > 1)
-            {
-                // conflicting trust anchors                
-                ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,
-                        "CertPathReviewer.conflictingTrustAnchors",
-                        new Object[]{Integers.valueOf(trustColl.size()),
-                            new UntrustedInput(cert.getIssuerX500Principal())});
-                addError(msg);
-            }
-            else if (trustColl.isEmpty())
-            {
-                ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,
-                        "CertPathReviewer.noTrustAnchorFound",
-                        new Object[]{new UntrustedInput(cert.getIssuerX500Principal()),
-                            Integers.valueOf(pkixParams.getTrustAnchors().size())});
-                addError(msg);
-            }
-            else
-            {
-                PublicKey trustPublicKey;
-                trust = (TrustAnchor) trustColl.iterator().next();
-                if (trust.getTrustedCert() != null)
-                {
-                    trustPublicKey = trust.getTrustedCert().getPublicKey();
-                }
-                else
-                {
-                    trustPublicKey = trust.getCAPublicKey();
-                }
-                try
-                {
-                    CertPathValidatorUtilities.verifyX509Certificate(cert, trustPublicKey,
-                        pkixParams.getSigProvider());
-                }
-                catch (SignatureException e)
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.trustButInvalidCert");
-                    addError(msg);
-                }
-                catch (Exception e)
-                {
-                    // do nothing, error occurs again later
-                }
-            }
-        }
-        catch (CertPathReviewerException cpre)
-        {
-            addError(cpre.getErrorMessage());
-        }
-        catch (Throwable t)
-        {
-            ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,
-                    "CertPathReviewer.unknown",
-                    new Object[] {new UntrustedInput(t.getMessage()), new UntrustedInput(t)});
-            addError(msg);
-        }
-        
-        if (trust != null)
-        {
-            // get the name of the trustAnchor
-            X509Certificate sign = trust.getTrustedCert();
-            try
-            {
-                if (sign != null)
-                {
-                    trustPrincipal = getSubjectPrincipal(sign);
-                }
-                else
-                {
-                    trustPrincipal = new X500Principal(trust.getCAName());
-                }
-            }
-            catch (IllegalArgumentException ex)
-            {
-                ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.trustDNInvalid",
-                        new Object[] {new UntrustedInput(trust.getCAName())});
-                addError(msg);
-            }
-            
-            // test key usages of the trust anchor
-            if (sign != null)
-            {
-                boolean[] ku = sign.getKeyUsage(); 
-                if (ku != null && !ku[5])
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME, "CertPathReviewer.trustKeyUsage");
-                    addNotification(msg);
-                }
-            }
-        }
-        
-        // 1.6.2 - Initialization
-        
-        PublicKey workingPublicKey = null;
-        X500Principal workingIssuerName = trustPrincipal;
-        
-        X509Certificate sign = null;
-
-        AlgorithmIdentifier workingAlgId = null;
-        ASN1ObjectIdentifier workingPublicKeyAlgorithm = null;
-        ASN1Encodable workingPublicKeyParameters = null;
-        
-        if (trust != null)
-        {
-            sign = trust.getTrustedCert();
-            
-            if (sign != null)
-            {
-                workingPublicKey = sign.getPublicKey();
-            }
-            else
-            {
-                workingPublicKey = trust.getCAPublicKey();
-            }
-        
-            try
-            {
-                workingAlgId = getAlgorithmIdentifier(workingPublicKey);
-                workingPublicKeyAlgorithm = workingAlgId.getAlgorithm();
-                workingPublicKeyParameters = workingAlgId.getParameters();
-            }
-            catch (CertPathValidatorException ex)
-            {
-                ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.trustPubKeyError");
-                addError(msg);
-                workingAlgId = null;
-            }
-            
-        }
-
-        // Basic cert checks
-
-        X509Certificate cert = null;
-        int i;
-
-        for (int index = certs.size() - 1; index >= 0; index--)
-        {
-            //
-            // i as defined in the algorithm description
-            //
-            i = n - index;
-
-            //
-            // set certificate to be checked in this round
-            // sign and workingPublicKey and workingIssuerName are set
-            // at the end of the for loop and initialied the
-            // first time from the TrustAnchor
-            //
-            cert = (X509Certificate) certs.get(index);
-
-            // verify signature
-            if (workingPublicKey != null)
-            {
-                try
-                {
-                    CertPathValidatorUtilities.verifyX509Certificate(cert, workingPublicKey,
-                        pkixParams.getSigProvider());
-                }
-                catch (GeneralSecurityException ex)
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.signatureNotVerified",
-                            new Object[] {ex.getMessage(),ex,ex.getClass().getName()}); 
-                    addError(msg,index);
-                }
-            }
-            else if (isSelfIssued(cert))
-            {
-                try
-                {
-                    CertPathValidatorUtilities.verifyX509Certificate(cert, cert.getPublicKey(),
-                        pkixParams.getSigProvider());
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.rootKeyIsValidButNotATrustAnchor");
-                    addError(msg, index);
-                }
-                catch (GeneralSecurityException ex)
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.signatureNotVerified",
-                            new Object[] {ex.getMessage(),ex,ex.getClass().getName()}); 
-                    addError(msg,index);
-                }
-            }
-            else
-            {
-                ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.NoIssuerPublicKey");
-                // if there is an authority key extension add the serial and issuer of the missing certificate
-                byte[] akiBytes = cert.getExtensionValue(Extension.authorityKeyIdentifier.getId());
-                if (akiBytes != null)
-                {
-                    AuthorityKeyIdentifier aki = AuthorityKeyIdentifier.getInstance(
-                        DEROctetString.getInstance(akiBytes).getOctets());
-                    GeneralNames issuerNames = aki.getAuthorityCertIssuer();
-                    if (issuerNames != null)
-                    {
-                        GeneralName name = issuerNames.getNames()[0];
-                        BigInteger serial = aki.getAuthorityCertSerialNumber();
-                        if (serial != null)
-                        {
-                            Object[] extraArgs = {new LocaleString(RESOURCE_NAME, "missingIssuer"), " \"", name ,
-                                    "\" ", new LocaleString(RESOURCE_NAME, "missingSerial") , " ", serial};
-                            msg.setExtraArguments(extraArgs);
-                        }
-                    }
-                }
-                addError(msg,index);
-            }
-
-            // certificate valid?
-            try
-            {
-                cert.checkValidity(validDate);
-            }
-            catch (CertificateNotYetValidException cnve)
-            {
-                ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.certificateNotYetValid",
-                        new Object[] {new TrustedInput(cert.getNotBefore())});
-                addError(msg,index);
-            }
-            catch (CertificateExpiredException cee)
-            {
-                ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.certificateExpired",
-                        new Object[] {new TrustedInput(cert.getNotAfter())});
-                addError(msg,index);
-            }
-
-            // certificate revoked?
-            if (pkixParams.isRevocationEnabled())
-            {
-                // read crl distribution points extension
-                CRLDistPoint crlDistPoints = null;
-                try
-                {
-                    ASN1Primitive crl_dp = getExtensionValue(cert,CRL_DIST_POINTS);
-                    if (crl_dp != null)
-                    {
-                        crlDistPoints = CRLDistPoint.getInstance(crl_dp);
-                    }
-                }
-                catch (AnnotatedException ae)
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.crlDistPtExtError");
-                    addError(msg,index);
-                }
-
-                // read authority information access extension
-                AuthorityInformationAccess authInfoAcc = null;
-                try
-                {
-                    ASN1Primitive auth_info_acc = getExtensionValue(cert,AUTH_INFO_ACCESS);
-                    if (auth_info_acc != null)
-                    {
-                        authInfoAcc = AuthorityInformationAccess.getInstance(auth_info_acc);
-                    }
-                }
-                catch (AnnotatedException ae)
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.crlAuthInfoAccError");
-                    addError(msg,index);
-                }
-                
-                Vector crlDistPointUrls = getCRLDistUrls(crlDistPoints);
-                Vector ocspUrls = getOCSPUrls(authInfoAcc);
-                
-                // add notifications with the crl distribution points
-                
-                // output crl distribution points
-                Iterator urlIt = crlDistPointUrls.iterator();
-                while (urlIt.hasNext())
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.crlDistPoint",
-                                new Object[] {new UntrustedUrlInput(urlIt.next())});
-                    addNotification(msg,index);
-                }
-                
-                // output ocsp urls
-                urlIt = ocspUrls.iterator();
-                while (urlIt.hasNext())
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.ocspLocation",
-                            new Object[] {new UntrustedUrlInput(urlIt.next())});
-                    addNotification(msg,index);
-                }
-                
-                // TODO also support Netscapes revocation-url and/or OCSP instead of CRLs for revocation checking
-                // check CRLs
-                try 
-                {
-                    checkRevocation(pkixParams, cert, validDate, sign, workingPublicKey, crlDistPointUrls, ocspUrls, index);
-                }
-                catch (CertPathReviewerException cpre)
-                {
-                    addError(cpre.getErrorMessage(),index);
-                }
-            }
-
-            // certificate issuer correct
-            if (workingIssuerName != null && !cert.getIssuerX500Principal().equals(workingIssuerName))
-            {
-                ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.certWrongIssuer",
-                            new Object[] {workingIssuerName.getName(),
-                            cert.getIssuerX500Principal().getName()});
-                addError(msg,index);
-            }
-
-            //
-            // prepare for next certificate
-            //
-            if (i != n)
-            {
-
-                if (cert != null && cert.getVersion() == 1)
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.noCACert");
-                    addError(msg,index);
-                }
-
-                // k)
-
-                BasicConstraints bc;
-                try
-                {
-                    bc = BasicConstraints.getInstance(getExtensionValue(cert,
-                            BASIC_CONSTRAINTS));
-                    if (bc != null)
-                    {
-                        if (!bc.isCA())
-                        {
-                            ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.noCACert");
-                            addError(msg,index);
-                        }
-                    }
-                    else
-                    {
-                        ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.noBasicConstraints");
-                        addError(msg,index);
-                    }
-                }
-                catch (AnnotatedException ae)
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.errorProcesingBC");
-                    addError(msg,index);
-                }
-
-                // n)
-
-                boolean[] _usage = cert.getKeyUsage();
-
-                if ((_usage != null) && !_usage[KEY_CERT_SIGN])
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.noCertSign");
-                    addError(msg,index);
-                }
-
-            } // if
-
-            // set signing certificate for next round
-            sign = cert;
-            
-            // c)
-
-            workingIssuerName = cert.getSubjectX500Principal();
-
-            // d) e) f)
-
-            try
-            {
-                workingPublicKey = getNextWorkingKey(certs, index);
-                workingAlgId = getAlgorithmIdentifier(workingPublicKey);
-                workingPublicKeyAlgorithm = workingAlgId.getAlgorithm();
-                workingPublicKeyParameters = workingAlgId.getParameters();
-            }
-            catch (CertPathValidatorException ex)
-            {
-                ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.pubKeyError");
-                addError(msg,index);
-                workingAlgId = null;
-                workingPublicKeyAlgorithm = null;
-                workingPublicKeyParameters = null;
-            }
-
-        } // for
-
-        trustAnchor = trust;
-        subjectPublicKey = workingPublicKey;
-    }
-
-    private void checkPolicy()
-    {
-        //
-        // 6.1.1 Inputs
-        //
-
-        // c) Initial Policy Set
-
-        Set userInitialPolicySet = pkixParams.getInitialPolicies();
-
-        // e) f) g) are part of pkixParams
-
-        //
-        // 6.1.2 Initialization
-        //
-
-        // a) valid policy tree
-
-        List[] policyNodes = new ArrayList[n + 1];
-        for (int j = 0; j < policyNodes.length; j++)
-        {
-            policyNodes[j] = new ArrayList();
-        }
-
-        Set policySet = new HashSet();
-
-        policySet.add(ANY_POLICY);
-
-        PKIXPolicyNode validPolicyTree = new PKIXPolicyNode(new ArrayList(), 0,
-                policySet, null, new HashSet(), ANY_POLICY, false);
-
-        policyNodes[0].add(validPolicyTree);
-
-        // d) explicit policy
-
-        int explicitPolicy;
-        if (pkixParams.isExplicitPolicyRequired())
-        {
-            explicitPolicy = 0;
-        }
-        else
-        {
-            explicitPolicy = n + 1;
-        }
-
-        // e) inhibit any policy
-
-        int inhibitAnyPolicy;
-        if (pkixParams.isAnyPolicyInhibited())
-        {
-            inhibitAnyPolicy = 0;
-        }
-        else
-        {
-            inhibitAnyPolicy = n + 1;
-        }
-
-        // f) policy mapping
-
-        int policyMapping;
-        if (pkixParams.isPolicyMappingInhibited())
-        {
-            policyMapping = 0;
-        }
-        else
-        {
-            policyMapping = n + 1;
-        }
-
-        Set acceptablePolicies = null;
-
-        //
-        // 6.1.3 Basic Certificate processing
-        //
-
-        X509Certificate cert = null;
-        int index;
-        int i;
-
-        try 
-        {
-            for (index = certs.size() - 1; index >= 0; index--)
-            {
-                // i as defined in the algorithm description
-                i = n - index;
-    
-                // set certificate to be checked in this round
-                cert = (X509Certificate) certs.get(index);
-    
-                // d) process policy information
-    
-                ASN1Sequence certPolicies;
-                try 
-                {
-                    certPolicies = (ASN1Sequence) getExtensionValue(
-                        cert, CERTIFICATE_POLICIES);
-                }
-                catch (AnnotatedException ae)
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.policyExtError");
-                    throw new CertPathReviewerException(msg,ae,certPath,index);
-                }
-                if (certPolicies != null && validPolicyTree != null)
-                {
-
-                    // d) 1)
-
-                    Enumeration e = certPolicies.getObjects();
-                    Set pols = new HashSet();
-
-                    while (e.hasMoreElements())
-                    {
-                        PolicyInformation pInfo = PolicyInformation.getInstance(e.nextElement());
-                        ASN1ObjectIdentifier pOid = pInfo.getPolicyIdentifier();
-
-                        pols.add(pOid.getId());
-
-                        if (!ANY_POLICY.equals(pOid.getId()))
-                        {
-                            Set pq;
-                            try
-                            {
-                                pq = getQualifierSet(pInfo.getPolicyQualifiers());
-                            }
-                            catch (CertPathValidatorException cpve)
-                            {
-                                ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.policyQualifierError");
-                                throw new CertPathReviewerException(msg,cpve,certPath,index);
-                            }
-
-                            boolean match = processCertD1i(i, policyNodes, pOid, pq);
-
-                            if (!match)
-                            {
-                                processCertD1ii(i, policyNodes, pOid, pq);
-                            }
-                        }
-                    }
-
-                    if (acceptablePolicies == null || acceptablePolicies.contains(ANY_POLICY))
-                    {
-                        acceptablePolicies = pols;
-                    }
-                    else
-                    {
-                        Iterator it = acceptablePolicies.iterator();
-                        Set t1 = new HashSet();
-
-                        while (it.hasNext())
-                        {
-                            Object o = it.next();
-
-                            if (pols.contains(o))
-                            {
-                                t1.add(o);
-                            }
-                        }
-
-                        acceptablePolicies = t1;
-                    }
-
-                    // d) 2)
-
-                    if ((inhibitAnyPolicy > 0) || ((i < n) && isSelfIssued(cert)))
-                    {
-                        e = certPolicies.getObjects();
-
-                        while (e.hasMoreElements())
-                        {
-                            PolicyInformation pInfo = PolicyInformation.getInstance(e.nextElement());
-
-                            if (ANY_POLICY.equals(pInfo.getPolicyIdentifier().getId()))
-                            {
-                                Set _apq;
-                                try
-                                {
-                                    _apq = getQualifierSet(pInfo.getPolicyQualifiers());
-                                }
-                                catch (CertPathValidatorException cpve)
-                                {
-                                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.policyQualifierError");
-                                    throw new CertPathReviewerException(msg,cpve,certPath,index);
-                                }
-                                List _nodes = policyNodes[i - 1];
-
-                                for (int k = 0; k < _nodes.size(); k++)
-                                {
-                                    PKIXPolicyNode _node = (PKIXPolicyNode) _nodes.get(k);
-
-                                    Iterator _policySetIter = _node.getExpectedPolicies().iterator();
-                                    while (_policySetIter.hasNext())
-                                    {
-                                        Object _tmp = _policySetIter.next();
-
-                                        String _policy;
-                                        if (_tmp instanceof String)
-                                        {
-                                            _policy = (String) _tmp;
-                                        }
-                                        else if (_tmp instanceof ASN1ObjectIdentifier)
-                                        {
-                                            _policy = ((ASN1ObjectIdentifier) _tmp).getId();
-                                        }
-                                        else
-                                        {
-                                            continue;
-                                        }
-
-                                        boolean _found = false;
-                                        Iterator _childrenIter = _node
-                                                .getChildren();
-
-                                        while (_childrenIter.hasNext())
-                                        {
-                                            PKIXPolicyNode _child = (PKIXPolicyNode) _childrenIter.next();
-
-                                            if (_policy.equals(_child.getValidPolicy()))
-                                            {
-                                                _found = true;
-                                            }
-                                        }
-
-                                        if (!_found)
-                                        {
-                                            Set _newChildExpectedPolicies = new HashSet();
-                                            _newChildExpectedPolicies.add(_policy);
-
-                                            PKIXPolicyNode _newChild = new PKIXPolicyNode(
-                                                    new ArrayList(), i,
-                                                    _newChildExpectedPolicies,
-                                                    _node, _apq, _policy, false);
-                                            _node.addChild(_newChild);
-                                            policyNodes[i].add(_newChild);
-                                        }
-                                    }
-                                }
-                                break;
-                            }
-                        }
-                    }
-
-                    //
-                    // (d) (3)
-                    //
-                    for (int j = (i - 1); j >= 0; j--)
-                    {
-                        List nodes = policyNodes[j];
-
-                        for (int k = 0; k < nodes.size(); k++)
-                        {
-                            PKIXPolicyNode node = (PKIXPolicyNode) nodes.get(k);
-                            if (!node.hasChildren())
-                            {
-                                validPolicyTree = removePolicyNode(
-                                        validPolicyTree, policyNodes, node);
-                                if (validPolicyTree == null)
-                                {
-                                    break;
-                                }
-                            }
-                        }
-                    }
-
-                    //
-                    // d (4)
-                    //
-                    Set criticalExtensionOids = cert.getCriticalExtensionOIDs();
-
-                    if (criticalExtensionOids != null)
-                    {
-                        boolean critical = criticalExtensionOids.contains(CERTIFICATE_POLICIES);
-
-                        List nodes = policyNodes[i];
-                        for (int j = 0; j < nodes.size(); j++)
-                        {
-                            PKIXPolicyNode node = (PKIXPolicyNode) nodes.get(j);
-                            node.setCritical(critical);
-                        }
-                    }
-
-                }
-                
-                // e)
-                
-                if (certPolicies == null) 
-                {
-                    validPolicyTree = null;
-                }
-                
-                // f)
-                
-                if (explicitPolicy <= 0 && validPolicyTree == null)
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.noValidPolicyTree");
-                    throw new CertPathReviewerException(msg);
-                }
-    
-                //
-                // 6.1.4 preparation for next Certificate
-                //
-    
-                if (i != n)
-                {
-                    
-                    // a)
-                    
-                    ASN1Primitive pm;
-                    try
-                    {
-                        pm = getExtensionValue(cert, POLICY_MAPPINGS);
-                    }
-                    catch (AnnotatedException ae)
-                    {
-                        ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.policyMapExtError");
-                        throw new CertPathReviewerException(msg,ae,certPath,index);
-                    }
-                    
-                    if (pm != null) 
-                    {
-                        ASN1Sequence mappings = (ASN1Sequence) pm;
-                        for (int j = 0; j < mappings.size(); j++) 
-                        {
-                            ASN1Sequence mapping = (ASN1Sequence) mappings.getObjectAt(j);
-                            ASN1ObjectIdentifier ip_id = (ASN1ObjectIdentifier) mapping.getObjectAt(0);
-                            ASN1ObjectIdentifier sp_id = (ASN1ObjectIdentifier) mapping.getObjectAt(1);
-                            if (ANY_POLICY.equals(ip_id.getId())) 
-                            {
-                                ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.invalidPolicyMapping");
-                                throw new CertPathReviewerException(msg,certPath,index);
-                            }
-                            if (ANY_POLICY.equals(sp_id.getId()))
-                            {
-                                ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.invalidPolicyMapping");
-                                throw new CertPathReviewerException(msg,certPath,index);
-                            }
-                        }
-                    }
-                    
-                    // b)
-                    
-                    if (pm != null)
-                    {
-                        ASN1Sequence mappings = (ASN1Sequence)pm;
-                        Map m_idp = new HashMap();
-                        Set s_idp = new HashSet();
-                        
-                        for (int j = 0; j < mappings.size(); j++)
-                        {
-                            ASN1Sequence mapping = (ASN1Sequence)mappings.getObjectAt(j);
-                            String id_p = ((ASN1ObjectIdentifier)mapping.getObjectAt(0)).getId();
-                            String sd_p = ((ASN1ObjectIdentifier)mapping.getObjectAt(1)).getId();
-                            Set tmp;
-                            
-                            if (!m_idp.containsKey(id_p))
-                            {
-                                tmp = new HashSet();
-                                tmp.add(sd_p);
-                                m_idp.put(id_p, tmp);
-                                s_idp.add(id_p);
-                            }
-                            else
-                            {
-                                tmp = (Set)m_idp.get(id_p);
-                                tmp.add(sd_p);
-                            }
-                        }
-    
-                        Iterator it_idp = s_idp.iterator();
-                        while (it_idp.hasNext())
-                        {
-                            String id_p = (String)it_idp.next();
-                            
-                            //
-                            // (1)
-                            //
-                            if (policyMapping > 0)
-                            {
-                                try
-                                {
-                                    prepareNextCertB1(i,policyNodes,id_p,m_idp,cert);
-                                }
-                                catch (AnnotatedException ae)
-                                {
-                                    // error processing certificate policies extension
-                                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.policyExtError");
-                                    throw new CertPathReviewerException(msg,ae,certPath,index);
-                                }
-                                catch (CertPathValidatorException cpve)
-                                {
-                                    // error building qualifier set
-                                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.policyQualifierError");
-                                    throw new CertPathReviewerException(msg,cpve,certPath,index);
-                                }
-                                
-                                //
-                                // (2)
-                                // 
-                            }
-                            else if (policyMapping <= 0)
-                            {
-                                validPolicyTree = prepareNextCertB2(i,policyNodes,id_p,validPolicyTree);
-                            }
-                            
-                        }
-                    }
-                    
-                    //
-                    // h)
-                    //
-                    
-                    if (!isSelfIssued(cert)) 
-                    {
-                        
-                        // (1)
-                        if (explicitPolicy != 0)
-                        {
-                            explicitPolicy--;
-                        }
-                        
-                        // (2)
-                        if (policyMapping != 0)
-                        {
-                            policyMapping--;
-                        }
-                        
-                        // (3)
-                        if (inhibitAnyPolicy != 0)
-                        {
-                            inhibitAnyPolicy--;
-                        }
-                        
-                    }
-    
-                    //
-                    // i)
-                    //
-                    
-                    try
-                    {
-                        ASN1Sequence pc = (ASN1Sequence) getExtensionValue(cert,POLICY_CONSTRAINTS);
-                        if (pc != null)
-                        {
-                            Enumeration policyConstraints = pc.getObjects();
-                            
-                            while (policyConstraints.hasMoreElements())
-                            {
-                                ASN1TaggedObject constraint = (ASN1TaggedObject) policyConstraints.nextElement();
-                                int tmpInt; 
-                                
-                                switch (constraint.getTagNo())
-                                {
-                                case 0:
-                                    tmpInt = ASN1Integer.getInstance(constraint, false).getValue().intValue();
-                                    if (tmpInt < explicitPolicy)
-                                    {
-                                        explicitPolicy = tmpInt;
-                                    }
-                                    break;
-                                case 1:
-                                    tmpInt = ASN1Integer.getInstance(constraint, false).getValue().intValue();
-                                    if (tmpInt < policyMapping)
-                                    {
-                                        policyMapping = tmpInt;
-                                    }
-                                break;
-                                }
-                            }
-                        }
-                    }
-                    catch (AnnotatedException ae)
-                    {
-                        ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.policyConstExtError");
-                        throw new CertPathReviewerException(msg,certPath,index);
-                    }
-    
-                    //
-                    // j)
-                    //
-                    
-                    try 
-                    {
-                        ASN1Integer iap = (ASN1Integer)getExtensionValue(cert, INHIBIT_ANY_POLICY);
-                        
-                        if (iap != null)
-                        {
-                            int _inhibitAnyPolicy = iap.getValue().intValue();
-                        
-                            if (_inhibitAnyPolicy < inhibitAnyPolicy)
-                            {
-                                inhibitAnyPolicy = _inhibitAnyPolicy;
-                            }
-                        }
-                    }
-                    catch (AnnotatedException ae)
-                    {
-                        ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.policyInhibitExtError");
-                        throw new CertPathReviewerException(msg,certPath,index);
-                    }
-                }
-    
-            }
-    
-            //
-            // 6.1.5 Wrap up
-            //
-    
-            //
-            // a)
-            //
-            
-            if (!isSelfIssued(cert) && explicitPolicy > 0) 
-            {
-                explicitPolicy--;
-            }
-    
-            //
-            // b)
-            //
-            
-            try
-            {
-                ASN1Sequence pc = (ASN1Sequence) getExtensionValue(cert, POLICY_CONSTRAINTS);
-                if (pc != null)
-                {
-                    Enumeration policyConstraints = pc.getObjects();
-        
-                    while (policyConstraints.hasMoreElements())
-                    {
-                        ASN1TaggedObject    constraint = (ASN1TaggedObject)policyConstraints.nextElement();
-                        switch (constraint.getTagNo())
-                        {
-                        case 0:
-                            int tmpInt = ASN1Integer.getInstance(constraint, false).getValue().intValue();
-                            if (tmpInt == 0)
-                            {
-                                explicitPolicy = 0;
-                            }
-                            break;
-                        }
-                    }
-                }
-            }
-            catch (AnnotatedException e)
-            {
-                ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.policyConstExtError");
-                throw new CertPathReviewerException(msg,certPath,index);
-            }
-            
-            
-            //
-            // (g)
-            //
-            PKIXPolicyNode intersection;
-            
-    
-            //
-            // (g) (i)
-            //
-            if (validPolicyTree == null)
-            { 
-                if (pkixParams.isExplicitPolicyRequired())
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.explicitPolicy");
-                    throw new CertPathReviewerException(msg,certPath,index);
-                }
-                intersection = null;
-            }
-            else if (isAnyPolicy(userInitialPolicySet)) // (g) (ii)
-            {
-                if (pkixParams.isExplicitPolicyRequired())
-                {
-                    if (acceptablePolicies.isEmpty())
-                    {
-                        ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.explicitPolicy");
-                        throw new CertPathReviewerException(msg,certPath,index);
-                    }
-                    else
-                    {
-                        Set _validPolicyNodeSet = new HashSet();
-                        
-                        for (int j = 0; j < policyNodes.length; j++)
-                        {
-                            List      _nodeDepth = policyNodes[j];
-                            
-                            for (int k = 0; k < _nodeDepth.size(); k++)
-                            {
-                                PKIXPolicyNode _node = (PKIXPolicyNode)_nodeDepth.get(k);
-                                
-                                if (ANY_POLICY.equals(_node.getValidPolicy()))
-                                {
-                                    Iterator _iter = _node.getChildren();
-                                    while (_iter.hasNext())
-                                    {
-                                        _validPolicyNodeSet.add(_iter.next());
-                                    }
-                                }
-                            }
-                        }
-                        
-                        Iterator _vpnsIter = _validPolicyNodeSet.iterator();
-                        while (_vpnsIter.hasNext())
-                        {
-                            PKIXPolicyNode _node = (PKIXPolicyNode)_vpnsIter.next();
-                            String _validPolicy = _node.getValidPolicy();
-                            
-                            if (!acceptablePolicies.contains(_validPolicy))
-                            {
-                                //validPolicyTree = removePolicyNode(validPolicyTree, policyNodes, _node);
-                            }
-                        }
-                        if (validPolicyTree != null)
-                        {
-                            for (int j = (n - 1); j >= 0; j--)
-                            {
-                                List      nodes = policyNodes[j];
-                                
-                                for (int k = 0; k < nodes.size(); k++)
-                                {
-                                    PKIXPolicyNode node = (PKIXPolicyNode)nodes.get(k);
-                                    if (!node.hasChildren())
-                                    {
-                                        validPolicyTree = removePolicyNode(validPolicyTree, policyNodes, node);
-                                    }
-                                }
-                            }
-                        }
-                    }
-                }
-    
-                intersection = validPolicyTree;
-            }
-            else
-            {
-                //
-                // (g) (iii)
-                //
-                // This implementation is not exactly same as the one described in RFC3280.
-                // However, as far as the validation result is concerned, both produce 
-                // adequate result. The only difference is whether AnyPolicy is remain 
-                // in the policy tree or not. 
-                //
-                // (g) (iii) 1
-                //
-                Set _validPolicyNodeSet = new HashSet();
-                
-                for (int j = 0; j < policyNodes.length; j++)
-                {
-                    List      _nodeDepth = policyNodes[j];
-                    
-                    for (int k = 0; k < _nodeDepth.size(); k++)
-                    {
-                        PKIXPolicyNode _node = (PKIXPolicyNode)_nodeDepth.get(k);
-                        
-                        if (ANY_POLICY.equals(_node.getValidPolicy()))
-                        {
-                            Iterator _iter = _node.getChildren();
-                            while (_iter.hasNext())
-                            {
-                                PKIXPolicyNode _c_node = (PKIXPolicyNode)_iter.next();
-                                if (!ANY_POLICY.equals(_c_node.getValidPolicy()))
-                                {
-                                    _validPolicyNodeSet.add(_c_node);
-                                }
-                            }
-                        }
-                    }
-                }
-                
-                //
-                // (g) (iii) 2
-                //
-                Iterator _vpnsIter = _validPolicyNodeSet.iterator();
-                while (_vpnsIter.hasNext())
-                {
-                    PKIXPolicyNode _node = (PKIXPolicyNode)_vpnsIter.next();
-                    String _validPolicy = _node.getValidPolicy();
-    
-                    if (!userInitialPolicySet.contains(_validPolicy))
-                    {
-                        validPolicyTree = removePolicyNode(validPolicyTree, policyNodes, _node);
-                    }
-                }
-                
-                //
-                // (g) (iii) 4
-                //
-                if (validPolicyTree != null)
-                {
-                    for (int j = (n - 1); j >= 0; j--)
-                    {
-                        List      nodes = policyNodes[j];
-                        
-                        for (int k = 0; k < nodes.size(); k++)
-                        {
-                            PKIXPolicyNode node = (PKIXPolicyNode)nodes.get(k);
-                            if (!node.hasChildren())
-                            {
-                                validPolicyTree = removePolicyNode(validPolicyTree, policyNodes, node);
-                            }
-                        }
-                    }
-                }
-                
-                intersection = validPolicyTree;
-            }
-     
-            if ((explicitPolicy <= 0) && (intersection == null))
-            {
-                ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.invalidPolicy");
-                throw new CertPathReviewerException(msg);
-            }
-            
-            validPolicyTree = intersection;
-        }
-        catch (CertPathReviewerException cpre)
-        {
-            addError(cpre.getErrorMessage(),cpre.getIndex());
-            validPolicyTree = null;
-        }
-    }
-
-    private void checkCriticalExtensions()
-    {
-        //      
-        // initialise CertPathChecker's
-        //
-        List  pathCheckers = pkixParams.getCertPathCheckers();
-        Iterator certIter = pathCheckers.iterator();
-        
-        try
-        {
-            try
-            {
-                while (certIter.hasNext())
-                {
-                    ((PKIXCertPathChecker)certIter.next()).init(false);
-                }
-            }
-            catch (CertPathValidatorException cpve)
-            {
-                ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.certPathCheckerError",
-                        new Object[] {cpve.getMessage(),cpve,cpve.getClass().getName()});
-                throw new CertPathReviewerException(msg,cpve);
-            }
-            
-            //
-            // process critical extesions for each certificate
-            //
-            
-            X509Certificate cert = null;
-            
-            int index;
-            
-            for (index = certs.size()-1; index >= 0; index--)
-            {
-                cert = (X509Certificate) certs.get(index);
-                
-                Set criticalExtensions = cert.getCriticalExtensionOIDs();
-                if (criticalExtensions == null || criticalExtensions.isEmpty())
-                {
-                    continue;
-                }
-                // remove already processed extensions
-                criticalExtensions.remove(KEY_USAGE);
-                criticalExtensions.remove(CERTIFICATE_POLICIES);
-                criticalExtensions.remove(POLICY_MAPPINGS);
-                criticalExtensions.remove(INHIBIT_ANY_POLICY);
-                criticalExtensions.remove(ISSUING_DISTRIBUTION_POINT);
-                criticalExtensions.remove(DELTA_CRL_INDICATOR);
-                criticalExtensions.remove(POLICY_CONSTRAINTS);
-                criticalExtensions.remove(BASIC_CONSTRAINTS);
-                criticalExtensions.remove(SUBJECT_ALTERNATIVE_NAME);
-                criticalExtensions.remove(NAME_CONSTRAINTS);
-                
-                // process qcStatements extension
-                if (criticalExtensions.contains(QC_STATEMENT))
-                {
-                    if (processQcStatements(cert,index)) 
-                    {
-                        criticalExtensions.remove(QC_STATEMENT);
-                    }
-                }
-                
-                Iterator tmpIter = pathCheckers.iterator();
-                while (tmpIter.hasNext())
-                {
-                    try
-                    {
-                        ((PKIXCertPathChecker)tmpIter.next()).check(cert, criticalExtensions);
-                    }
-                    catch (CertPathValidatorException e)
-                    {
-                        ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.criticalExtensionError",
-                                new Object[] {e.getMessage(),e,e.getClass().getName()});
-                        throw new CertPathReviewerException(msg,e.getCause(),certPath,index);
-                    }
-                }
-                if (!criticalExtensions.isEmpty())
-                {
-                    ErrorBundle msg;
-                    Iterator it = criticalExtensions.iterator();
-                    while (it.hasNext())
-                    {
-                        msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.unknownCriticalExt",
-                                new Object[] {new ASN1ObjectIdentifier((String) it.next())});
-                        addError(msg, index);
-                    }
-                }
-            }
-        }
-        catch (CertPathReviewerException cpre)
-        {
-            addError(cpre.getErrorMessage(),cpre.getIndex());
-        }
-    }
-    
-    private boolean processQcStatements(
-            X509Certificate cert,
-            int index)
-    {   
-        try
-        {
-            boolean unknownStatement = false;
-            
-            ASN1Sequence qcSt = (ASN1Sequence) getExtensionValue(cert,QC_STATEMENT);
-            for (int j = 0; j < qcSt.size(); j++)
-            {
-                QCStatement stmt = QCStatement.getInstance(qcSt.getObjectAt(j));
-                if (QCStatement.id_etsi_qcs_QcCompliance.equals(stmt.getStatementId()))
-                {
-                    // process statement - just write a notification that the certificate contains this statement
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.QcEuCompliance");
-                    addNotification(msg,index);
-                }
-                else if (QCStatement.id_qcs_pkixQCSyntax_v1.equals(stmt.getStatementId()))
-                {
-                    // process statement - just recognize the statement
-                }
-                else if (QCStatement.id_etsi_qcs_QcSSCD.equals(stmt.getStatementId()))
-                {
-                    // process statement - just write a notification that the certificate contains this statement
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.QcSSCD");
-                    addNotification(msg,index);
-                }
-                else if (QCStatement.id_etsi_qcs_LimiteValue.equals(stmt.getStatementId()))
-                {
-                    // process statement - write a notification containing the limit value
-                    MonetaryValue limit = MonetaryValue.getInstance(stmt.getStatementInfo());
-                    Iso4217CurrencyCode currency = limit.getCurrency();
-                    double value = limit.getAmount().doubleValue() * Math.pow(10,limit.getExponent().doubleValue());
-                    ErrorBundle msg;
-                    if (limit.getCurrency().isAlphabetic())
-                    {
-                        msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.QcLimitValueAlpha",
-                                new Object[] {limit.getCurrency().getAlphabetic(),
-                                              new TrustedInput(new Double(value)),
-                                              limit});
-                    }
-                    else
-                    {
-                        msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.QcLimitValueNum",
-                                new Object[]{Integers.valueOf(limit.getCurrency().getNumeric()),
-                                    new TrustedInput(new Double(value)),
-                                    limit});
-                    }
-                    addNotification(msg,index);
-                }
-                else
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.QcUnknownStatement",
-                            new Object[] {stmt.getStatementId(),new UntrustedInput(stmt)});
-                    addNotification(msg,index);
-                    unknownStatement = true;
-                }
-            }
-            
-            return !unknownStatement;
-        }
-        catch (AnnotatedException ae)
-        {
-            ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.QcStatementExtError");
-            addError(msg,index);
-        }
-        
-        return false;
-    }
-    
-    private String IPtoString(byte[] ip)
-    {
-        String result;
-        try
-        {
-            result = InetAddress.getByAddress(ip).getHostAddress();
-        }
-        catch (Exception e)
-        {
-            StringBuffer b = new StringBuffer();
-            
-            for (int i = 0; i != ip.length; i++)
-            {
-                b.append(Integer.toHexString(ip[i] & 0xff));
-                b.append(' ');
-            }
-            
-            result = b.toString();
-        }
-        
-        return result;
-    }
-    
-    protected void checkRevocation(PKIXParameters paramsPKIX,
-            X509Certificate cert,
-            Date validDate,
-            X509Certificate sign,
-            PublicKey workingPublicKey,
-            Vector crlDistPointUrls,
-            Vector ocspUrls,
-            int index)
-        throws CertPathReviewerException
-    {
-        checkCRLs(paramsPKIX, cert, validDate, sign, workingPublicKey, crlDistPointUrls, index);
-    }
-    
-    protected void checkCRLs(
-            PKIXParameters paramsPKIX,
-            X509Certificate cert,
-            Date validDate,
-            X509Certificate sign,
-            PublicKey workingPublicKey,
-            Vector crlDistPointUrls,
-            int index) 
-        throws CertPathReviewerException
-    {
-        X509CRLStoreSelector crlselect;
-        crlselect = new X509CRLStoreSelector();
-        
-        try
-        {
-            crlselect.addIssuerName(getEncodedIssuerPrincipal(cert).getEncoded());
-        }
-        catch (IOException e)
-        {
-            ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.crlIssuerException");
-            throw new CertPathReviewerException(msg,e);
-        }
-    
-        crlselect.setCertificateChecking(cert);
-    
-        Iterator crl_iter;
-        try 
-        {
-            Collection crl_coll = CRL_UTIL.findCRLs(crlselect, paramsPKIX);
-            crl_iter = crl_coll.iterator();
-            
-            if (crl_coll.isEmpty())
-            {
-                // notifcation - no local crls found
-                crl_coll = CRL_UTIL.findCRLs(new X509CRLStoreSelector(),paramsPKIX);
-                Iterator it = crl_coll.iterator();
-                List nonMatchingCrlNames = new ArrayList();
-                while (it.hasNext())
-                {
-                    nonMatchingCrlNames.add(((X509CRL) it.next()).getIssuerX500Principal());
-                }
-                int numbOfCrls = nonMatchingCrlNames.size();
-                ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,
-                        "CertPathReviewer.noCrlInCertstore",
-                        new Object[]{new UntrustedInput(crlselect.getIssuerNames()),
-                            new UntrustedInput(nonMatchingCrlNames),
-                            Integers.valueOf(numbOfCrls)});
-                addNotification(msg,index);
-            }
-
-        }
-        catch (AnnotatedException ae)
-        {
-            ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.crlExtractionError",
-                    new Object[] {ae.getCause().getMessage(),ae.getCause(),ae.getCause().getClass().getName()});
-            addError(msg,index);
-            crl_iter = new ArrayList().iterator();
-        }
-        boolean validCrlFound = false;
-        X509CRL crl = null;
-        while (crl_iter.hasNext())
-        {
-            crl = (X509CRL)crl_iter.next();
-            
-            if (crl.getNextUpdate() == null
-                || paramsPKIX.getDate().before(crl.getNextUpdate()))
-            {
-                validCrlFound = true;
-                ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,
-                        "CertPathReviewer.localValidCRL",
-                        new Object[] {new TrustedInput(crl.getThisUpdate()), new TrustedInput(crl.getNextUpdate())});
-                addNotification(msg,index);
-                break;
-            }
-            else
-            {
-                ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,
-                        "CertPathReviewer.localInvalidCRL",
-                        new Object[] {new TrustedInput(crl.getThisUpdate()), new TrustedInput(crl.getNextUpdate())});
-                addNotification(msg,index);
-            }
-        }
-        
-        // if no valid crl was found in the CertStores try to get one from a
-        // crl distribution point
-        if (!validCrlFound)
-        {
-            X509CRL onlineCRL = null;
-            Iterator urlIt = crlDistPointUrls.iterator();
-            while (urlIt.hasNext())
-            {
-                try
-                {
-                    String location = (String) urlIt.next();
-                    onlineCRL = getCRL(location);
-                    if (onlineCRL != null)
-                    {
-                        // check if crl issuer is correct
-                        if (!cert.getIssuerX500Principal().equals(onlineCRL.getIssuerX500Principal()))
-                        {
-                            ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,
-                                        "CertPathReviewer.onlineCRLWrongCA",
-                                        new Object[] {new UntrustedInput(onlineCRL.getIssuerX500Principal().getName()),
-                                                      new UntrustedInput(cert.getIssuerX500Principal().getName()),
-                                                      new UntrustedUrlInput(location)});
-                            addNotification(msg,index);
-                            continue;
-                        }
-                        
-                        if (onlineCRL.getNextUpdate() == null
-                            || pkixParams.getDate().before(onlineCRL.getNextUpdate()))
-                        {
-                            validCrlFound = true;
-                            ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,
-                                    "CertPathReviewer.onlineValidCRL",
-                                    new Object[] {new TrustedInput(onlineCRL.getThisUpdate()),
-                                                  new TrustedInput(onlineCRL.getNextUpdate()),
-                                                  new UntrustedUrlInput(location)});
-                            addNotification(msg,index);
-                            crl = onlineCRL;
-                            break;
-                        }
-                        else
-                        {
-                            ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,
-                                    "CertPathReviewer.onlineInvalidCRL",
-                                    new Object[] {new TrustedInput(onlineCRL.getThisUpdate()),
-                                                  new TrustedInput(onlineCRL.getNextUpdate()),
-                                                  new UntrustedUrlInput(location)});
-                            addNotification(msg,index);
-                        }
-                    }
-                }
-                catch (CertPathReviewerException cpre)
-                {
-                    addNotification(cpre.getErrorMessage(),index);
-                }
-            }
-        }
-        
-        // check the crl
-        X509CRLEntry crl_entry;
-        if (crl != null)
-        {
-            if (sign != null)
-            {
-                boolean[] keyusage = sign.getKeyUsage();
-
-                if (keyusage != null
-                    && (keyusage.length < 7 || !keyusage[CRL_SIGN]))
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.noCrlSigningPermited");
-                    throw new CertPathReviewerException(msg);
-                }
-            }
-
-            if (workingPublicKey != null)
-            {
-                try
-                {
-                    crl.verify(workingPublicKey, "BC");
-                }
-                catch (Exception e)
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.crlVerifyFailed");
-                    throw new CertPathReviewerException(msg,e);
-                }
-            }
-            else // issuer public key not known
-            {
-                ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.crlNoIssuerPublicKey");
-                throw new CertPathReviewerException(msg);
-            }
-
-            crl_entry = crl.getRevokedCertificate(cert.getSerialNumber());
-            if (crl_entry != null)
-            {
-                String reason = null;
-                
-                if (crl_entry.hasExtensions())
-                {
-                    ASN1Enumerated reasonCode;
-                    try
-                    {
-                        reasonCode = ASN1Enumerated.getInstance(getExtensionValue(crl_entry, Extension.reasonCode.getId()));
-                    }
-                    catch (AnnotatedException ae)
-                    {
-                        ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.crlReasonExtError");
-                        throw new CertPathReviewerException(msg,ae);
-                    }
-                    if (reasonCode != null)
-                    {
-                        reason = crlReasons[reasonCode.getValue().intValue()];
-                    }
-                }
-
-                if (reason == null)
-                {
-                    reason = crlReasons[7]; // unknown
-                }
-
-                // i18n reason
-                LocaleString ls = new LocaleString(RESOURCE_NAME, reason);
-                
-                if (!validDate.before(crl_entry.getRevocationDate()))
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.certRevoked",
-                            new Object[] {new TrustedInput(crl_entry.getRevocationDate()),ls});
-                    throw new CertPathReviewerException(msg);
-                }
-                else // cert was revoked after validation date
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.revokedAfterValidation",
-                            new Object[] {new TrustedInput(crl_entry.getRevocationDate()),ls});
-                    addNotification(msg,index);
-                }
-            }
-            else // cert is not revoked
-            {
-                ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.notRevoked");
-                addNotification(msg,index);
-            }
-            
-            //
-            // warn if a new crl is available
-            //
-            if (crl.getNextUpdate() != null && crl.getNextUpdate().before(pkixParams.getDate()))
-            {
-                ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.crlUpdateAvailable",
-                        new Object[] {new TrustedInput(crl.getNextUpdate())});
-                addNotification(msg,index);
-            }
-            
-            //
-            // check the DeltaCRL indicator, base point and the issuing distribution point
-            //
-            ASN1Primitive idp;
-            try
-            {
-                idp = getExtensionValue(crl, ISSUING_DISTRIBUTION_POINT);
-            }
-            catch (AnnotatedException ae)
-            {
-                ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.distrPtExtError");
-                throw new CertPathReviewerException(msg);
-            }
-            ASN1Primitive dci;
-            try
-            {
-                dci = getExtensionValue(crl, DELTA_CRL_INDICATOR);
-            }
-            catch (AnnotatedException ae)
-            {
-                ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.deltaCrlExtError");
-                throw new CertPathReviewerException(msg);
-            }
-
-            if (dci != null)
-            {
-                X509CRLStoreSelector baseSelect = new X509CRLStoreSelector();
-
-                try
-                {
-                    baseSelect.addIssuerName(getIssuerPrincipal(crl).getEncoded());
-                }
-                catch (IOException e)
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.crlIssuerException");
-                    throw new CertPathReviewerException(msg,e);
-                }
-
-                baseSelect.setMinCRLNumber(((ASN1Integer)dci).getPositiveValue());
-                try
-                {
-                    baseSelect.setMaxCRLNumber(((ASN1Integer)getExtensionValue(crl, CRL_NUMBER)).getPositiveValue().subtract(BigInteger.valueOf(1)));
-                }
-                catch (AnnotatedException ae)
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.crlNbrExtError");
-                    throw new CertPathReviewerException(msg,ae);
-                }
-                
-                boolean  foundBase = false;
-                Iterator it;
-                try 
-                {
-                    it  = CRL_UTIL.findCRLs(baseSelect, paramsPKIX).iterator();
-                }
-                catch (AnnotatedException ae)
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.crlExtractionError");
-                    throw new CertPathReviewerException(msg,ae);
-                }
-                while (it.hasNext())
-                {
-                    X509CRL base = (X509CRL)it.next();
-
-                    ASN1Primitive baseIdp;
-                    try
-                    {
-                        baseIdp = getExtensionValue(base, ISSUING_DISTRIBUTION_POINT);
-                    }
-                    catch (AnnotatedException ae)
-                    {
-                        ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.distrPtExtError");
-                        throw new CertPathReviewerException(msg,ae);
-                    }
-                    
-                    if (idp == null)
-                    {
-                        if (baseIdp == null)
-                        {
-                            foundBase = true;
-                            break;
-                        }
-                    }
-                    else
-                    {
-                        if (idp.equals(baseIdp))
-                        {
-                            foundBase = true;
-                            break;
-                        }
-                    }
-                }
-                
-                if (!foundBase)
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.noBaseCRL");
-                    throw new CertPathReviewerException(msg);
-                }
-            }
-
-            if (idp != null)
-            {
-                IssuingDistributionPoint    p = IssuingDistributionPoint.getInstance(idp);
-                BasicConstraints bc = null;
-                try
-                {
-                    bc = BasicConstraints.getInstance(getExtensionValue(cert, BASIC_CONSTRAINTS));
-                }
-                catch (AnnotatedException ae)
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.crlBCExtError");
-                    throw new CertPathReviewerException(msg,ae);
-                }
-                
-                if (p.onlyContainsUserCerts() && (bc != null && bc.isCA()))
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.crlOnlyUserCert");
-                    throw new CertPathReviewerException(msg);
-                }
-                
-                if (p.onlyContainsCACerts() && (bc == null || !bc.isCA()))
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.crlOnlyCaCert");
-                    throw new CertPathReviewerException(msg);
-                }
-                
-                if (p.onlyContainsAttributeCerts())
-                {
-                    ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.crlOnlyAttrCert");
-                    throw new CertPathReviewerException(msg);
-                }
-            }
-        }
-        
-        if (!validCrlFound)
-        {
-            ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.noValidCrlFound");
-            throw new CertPathReviewerException(msg);
-        }
-    
-    }
-    
-    protected Vector getCRLDistUrls(CRLDistPoint crlDistPoints)
-    {
-        Vector urls = new Vector();
-        
-        if (crlDistPoints != null)
-        {
-            DistributionPoint[] distPoints = crlDistPoints.getDistributionPoints();
-            for (int i = 0; i < distPoints.length; i++)
-            {
-                DistributionPointName dp_name = distPoints[i].getDistributionPoint();
-                if (dp_name.getType() == DistributionPointName.FULL_NAME)
-                {
-                    GeneralName[] generalNames = GeneralNames.getInstance(dp_name.getName()).getNames();
-                    for (int j = 0; j < generalNames.length; j++)
-                    {
-                        if (generalNames[j].getTagNo() == GeneralName.uniformResourceIdentifier)
-                        {
-                            String url = ((DERIA5String) generalNames[j].getName()).getString();
-                            urls.add(url);
-                        }
-                    }
-                }
-            }
-        }
-        return urls;
-    }
-    
-    protected Vector getOCSPUrls(AuthorityInformationAccess authInfoAccess)
-    {
-        Vector urls = new Vector();
-        
-        if (authInfoAccess != null)
-        {
-            AccessDescription[] ads = authInfoAccess.getAccessDescriptions();
-            for (int i = 0; i < ads.length; i++)
-            {
-                if (ads[i].getAccessMethod().equals(AccessDescription.id_ad_ocsp))
-                {
-                    GeneralName name = ads[i].getAccessLocation();
-                    if (name.getTagNo() == GeneralName.uniformResourceIdentifier)
-                    {
-                        String url = ((DERIA5String) name.getName()).getString();
-                        urls.add(url);
-                    }
-                }
-            }
-        }
-        
-        return urls;
-    }
-    
-    private X509CRL getCRL(String location) throws CertPathReviewerException
-    {
-        X509CRL result = null;
-        try
-        {
-            URL url = new URL(location);
-            
-            if (url.getProtocol().equals("http") || url.getProtocol().equals("https"))
-            {
-                HttpURLConnection conn = (HttpURLConnection) url.openConnection();
-                conn.setUseCaches(false);
-                //conn.setConnectTimeout(2000);
-                conn.setDoInput(true);
-                conn.connect();
-                if (conn.getResponseCode() == HttpURLConnection.HTTP_OK)
-                {
-                    CertificateFactory cf = CertificateFactory.getInstance("X.509","BC");
-                    result = (X509CRL) cf.generateCRL(conn.getInputStream());
-                }
-                else
-                {
-                    throw new Exception(conn.getResponseMessage());
-                }
-            }
-        }
-        catch (Exception e)
-        {
-            ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,
-                    "CertPathReviewer.loadCrlDistPointError",
-                    new Object[] {new UntrustedInput(location),
-                                  e.getMessage(),e,e.getClass().getName()});
-            throw new CertPathReviewerException(msg);
-        }
-        return result;
-    }
-    
-    protected Collection getTrustAnchors(X509Certificate cert, Set trustanchors) throws CertPathReviewerException
-    {
-        Collection trustColl = new ArrayList();
-        Iterator it = trustanchors.iterator();
-        
-        X509CertSelector certSelectX509 = new X509CertSelector();
-
-        try
-        {
-            certSelectX509.setSubject(getEncodedIssuerPrincipal(cert).getEncoded());
-            byte[] ext = cert.getExtensionValue(Extension.authorityKeyIdentifier.getId());
-
-            if (ext != null)
-            {
-                ASN1OctetString oct = (ASN1OctetString)ASN1Primitive.fromByteArray(ext);
-                AuthorityKeyIdentifier authID = AuthorityKeyIdentifier.getInstance(ASN1Primitive.fromByteArray(oct.getOctets()));
-
-                certSelectX509.setSerialNumber(authID.getAuthorityCertSerialNumber());
-                byte[] keyID = authID.getKeyIdentifier();
-                if (keyID != null)
-                {
-                    certSelectX509.setSubjectKeyIdentifier(new DEROctetString(keyID).getEncoded());
-                }
-            }
-        }
-        catch (IOException ex)
-        {
-            ErrorBundle msg = new ErrorBundle(RESOURCE_NAME,"CertPathReviewer.trustAnchorIssuerError");
-            throw new CertPathReviewerException(msg);
-        }
-
-        while (it.hasNext())
-        {
-            TrustAnchor trust = (TrustAnchor) it.next();
-            if (trust.getTrustedCert() != null)
-            {
-                if (certSelectX509.match(trust.getTrustedCert()))
-                {
-                    trustColl.add(trust);
-                }
-            }
-            else if (trust.getCAName() != null && trust.getCAPublicKey() != null)
-            {
-                X500Principal certIssuer = getEncodedIssuerPrincipal(cert);
-                X500Principal caName = new X500Principal(trust.getCAName());
-                if (certIssuer.equals(caName))
-                {
-                    trustColl.add(trust);
-                }
-            }
-        }
-        return trustColl;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/x509/X509AttributeCertStoreSelector.java b/bcprov/src/main/java/org/bouncycastle/x509/X509AttributeCertStoreSelector.java
deleted file mode 100644
index 437bde7..0000000
--- a/bcprov/src/main/java/org/bouncycastle/x509/X509AttributeCertStoreSelector.java
+++ /dev/null

@@ -1,484 +0,0 @@
-package org.bouncycastle.x509;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.security.cert.CertificateExpiredException;
-import java.security.cert.CertificateNotYetValidException;
-import java.util.Collection;
-import java.util.Collections;
-import java.util.Date;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.Set;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Primitive;
-import org.bouncycastle.asn1.DEROctetString;
-import org.bouncycastle.asn1.x509.Extension;
-import org.bouncycastle.asn1.x509.GeneralName;
-import org.bouncycastle.asn1.x509.Target;
-import org.bouncycastle.asn1.x509.TargetInformation;
-import org.bouncycastle.asn1.x509.Targets;
-import org.bouncycastle.util.Selector;
-
-/**
- * This class is an <code>Selector</code> like implementation to select
- * attribute certificates from a given set of criteria.
- * 
- * @see org.bouncycastle.x509.X509AttributeCertificate
- * @see org.bouncycastle.x509.X509Store
- * @deprecated use org.bouncycastle.cert.X509AttributeCertificateSelector and org.bouncycastle.cert.X509AttributeCertificateSelectorBuilder.
- */
-public class X509AttributeCertStoreSelector
-    implements Selector
-{
-
-    // TODO: name constraints???
-
-    private AttributeCertificateHolder holder;
-
-    private AttributeCertificateIssuer issuer;
-
-    private BigInteger serialNumber;
-
-    private Date attributeCertificateValid;
-
-    private X509AttributeCertificate attributeCert;
-
-    private Collection targetNames = new HashSet();
-
-    private Collection targetGroups = new HashSet();
-
-    public X509AttributeCertStoreSelector()
-    {
-        super();
-    }
-
-    /**
-     * Decides if the given attribute certificate should be selected.
-     * 
-     * @param obj The attribute certificate which should be checked.
-     * @return <code>true</code> if the attribute certificate can be selected,
-     *         <code>false</code> otherwise.
-     */
-    public boolean match(Object obj)
-    {
-        if (!(obj instanceof X509AttributeCertificate))
-        {
-            return false;
-        }
-
-        X509AttributeCertificate attrCert = (X509AttributeCertificate) obj;
-
-        if (this.attributeCert != null)
-        {
-            if (!this.attributeCert.equals(attrCert))
-            {
-                return false;
-            }
-        }
-        if (serialNumber != null)
-        {
-            if (!attrCert.getSerialNumber().equals(serialNumber))
-            {
-                return false;
-            }
-        }
-        if (holder != null)
-        {
-            if (!attrCert.getHolder().equals(holder))
-            {
-                return false;
-            }
-        }
-        if (issuer != null)
-        {
-            if (!attrCert.getIssuer().equals(issuer))
-            {
-                return false;
-            }
-        }
-
-        if (attributeCertificateValid != null)
-        {
-            try
-            {
-                attrCert.checkValidity(attributeCertificateValid);
-            }
-            catch (CertificateExpiredException e)
-            {
-                return false;
-            }
-            catch (CertificateNotYetValidException e)
-            {
-                return false;
-            }
-        }
-        if (!targetNames.isEmpty() || !targetGroups.isEmpty())
-        {
-
-            byte[] targetInfoExt = attrCert
-                .getExtensionValue(Extension.targetInformation.getId());
-            if (targetInfoExt != null)
-            {
-                TargetInformation targetinfo;
-                try
-                {
-                    targetinfo = TargetInformation
-                        .getInstance(new ASN1InputStream(
-                            ((DEROctetString) DEROctetString
-                                .fromByteArray(targetInfoExt)).getOctets())
-                            .readObject());
-                }
-                catch (IOException e)
-                {
-                    return false;
-                }
-                catch (IllegalArgumentException e)
-                {
-                    return false;
-                }
-                Targets[] targetss = targetinfo.getTargetsObjects();
-                if (!targetNames.isEmpty())
-                {
-                    boolean found = false;
-
-                    for (int i=0; i<targetss.length; i++)
-                    {
-                        Targets t = targetss[i];
-                        Target[] targets = t.getTargets();
-                        for (int j=0; j<targets.length; j++)
-                        {
-                            if (targetNames.contains(GeneralName.getInstance(targets[j]
-                                                       .getTargetName())))
-                            {
-                                found = true;
-                                break;
-                            }
-                        }
-                    }
-                    if (!found)
-                    {
-                        return false;
-                    }
-                }
-                if (!targetGroups.isEmpty())
-                {
-                    boolean found = false;
-
-                    for (int i=0; i<targetss.length; i++)
-                    {
-                        Targets t = targetss[i];
-                        Target[] targets = t.getTargets();
-                        for (int j=0; j<targets.length; j++)
-                        {
-                            if (targetGroups.contains(GeneralName.getInstance(targets[j]
-                                                        .getTargetGroup())))
-                            {
-                                found = true;
-                                break;
-                            }
-                        }
-                    }
-                    if (!found)
-                    {
-                        return false;
-                    }
-                }
-            }
-        }
-        return true;
-    }
-
-    /**
-     * Returns a clone of this object.
-     * 
-     * @return the clone.
-     */
-    public Object clone()
-    {
-        X509AttributeCertStoreSelector sel = new X509AttributeCertStoreSelector();
-        sel.attributeCert = attributeCert;
-        sel.attributeCertificateValid = getAttributeCertificateValid();
-        sel.holder = holder;
-        sel.issuer = issuer;
-        sel.serialNumber = serialNumber;
-        sel.targetGroups = getTargetGroups();
-        sel.targetNames = getTargetNames();
-        return sel;
-    }
-
-    /**
-     * Returns the attribute certificate which must be matched.
-     * 
-     * @return Returns the attribute certificate.
-     */
-    public X509AttributeCertificate getAttributeCert()
-    {
-        return attributeCert;
-    }
-
-    /**
-     * Set the attribute certificate to be matched. If <code>null</code> is
-     * given any will do.
-     * 
-     * @param attributeCert The attribute certificate to set.
-     */
-    public void setAttributeCert(X509AttributeCertificate attributeCert)
-    {
-        this.attributeCert = attributeCert;
-    }
-
-    /**
-     * Get the criteria for the validity.
-     * 
-     * @return Returns the attributeCertificateValid.
-     */
-    public Date getAttributeCertificateValid()
-    {
-        if (attributeCertificateValid != null)
-        {
-            return new Date(attributeCertificateValid.getTime());
-        }
-
-        return null;
-    }
-
-    /**
-     * Set the time, when the certificate must be valid. If <code>null</code>
-     * is given any will do.
-     * 
-     * @param attributeCertificateValid The attribute certificate validation
-     *            time to set.
-     */
-    public void setAttributeCertificateValid(Date attributeCertificateValid)
-    {
-        if (attributeCertificateValid != null)
-        {
-            this.attributeCertificateValid = new Date(attributeCertificateValid
-                .getTime());
-        }
-        else
-        {
-            this.attributeCertificateValid = null;
-        }
-    }
-
-    /**
-     * Gets the holder.
-     * 
-     * @return Returns the holder.
-     */
-    public AttributeCertificateHolder getHolder()
-    {
-        return holder;
-    }
-
-    /**
-     * Sets the holder. If <code>null</code> is given any will do.
-     * 
-     * @param holder The holder to set.
-     */
-    public void setHolder(AttributeCertificateHolder holder)
-    {
-        this.holder = holder;
-    }
-
-    /**
-     * Returns the issuer criterion.
-     * 
-     * @return Returns the issuer.
-     */
-    public AttributeCertificateIssuer getIssuer()
-    {
-        return issuer;
-    }
-
-    /**
-     * Sets the issuer the attribute certificate must have. If <code>null</code>
-     * is given any will do.
-     * 
-     * @param issuer The issuer to set.
-     */
-    public void setIssuer(AttributeCertificateIssuer issuer)
-    {
-        this.issuer = issuer;
-    }
-
-    /**
-     * Gets the serial number the attribute certificate must have.
-     * 
-     * @return Returns the serialNumber.
-     */
-    public BigInteger getSerialNumber()
-    {
-        return serialNumber;
-    }
-
-    /**
-     * Sets the serial number the attribute certificate must have. If
-     * <code>null</code> is given any will do.
-     * 
-     * @param serialNumber The serialNumber to set.
-     */
-    public void setSerialNumber(BigInteger serialNumber)
-    {
-        this.serialNumber = serialNumber;
-    }
-
-    /**
-     * Adds a target name criterion for the attribute certificate to the target
-     * information extension criteria. The <code>X509AttributeCertificate</code>
-     * must contain at least one of the specified target names.
-     * <p>
-     * Each attribute certificate may contain a target information extension
-     * limiting the servers where this attribute certificate can be used. If
-     * this extension is not present, the attribute certificate is not targeted
-     * and may be accepted by any server.
-     *
-     * @param name The name as a GeneralName (not <code>null</code>)
-     */
-    public void addTargetName(GeneralName name)
-    {
-        targetNames.add(name);
-    }
-
-    /**
-     * Adds a target name criterion for the attribute certificate to the target
-     * information extension criteria. The <code>X509AttributeCertificate</code>
-     * must contain at least one of the specified target names.
-     * <p>
-     * Each attribute certificate may contain a target information extension
-     * limiting the servers where this attribute certificate can be used. If
-     * this extension is not present, the attribute certificate is not targeted
-     * and may be accepted by any server.
-     *
-     * @param name a byte array containing the name in ASN.1 DER encoded form of a GeneralName
-     * @throws IOException if a parsing error occurs.
-     */
-    public void addTargetName(byte[] name) throws IOException
-    {
-        addTargetName(GeneralName.getInstance(ASN1Primitive.fromByteArray(name)));
-    }
-
-    /**
-     * Adds a collection with target names criteria. If <code>null</code> is
-     * given any will do.
-     * <p>
-     * The collection consists of either GeneralName objects or byte[] arrays representing
-     * DER encoded GeneralName structures.
-     * 
-     * @param names A collection of target names.
-     * @throws IOException if a parsing error occurs.
-     * @see #addTargetName(byte[])
-     * @see #addTargetName(GeneralName)
-     */
-    public void setTargetNames(Collection names) throws IOException
-    {
-        targetNames = extractGeneralNames(names);
-    }
-
-    /**
-     * Gets the target names. The collection consists of <code>GeneralName</code>
-     * objects.
-     * <p>
-     * The returned collection is immutable.
-     * 
-     * @return The collection of target names
-     * @see #setTargetNames(Collection)
-     */
-    public Collection getTargetNames()
-    {
-        return Collections.unmodifiableCollection(targetNames);
-    }
-
-    /**
-     * Adds a target group criterion for the attribute certificate to the target
-     * information extension criteria. The <code>X509AttributeCertificate</code>
-     * must contain at least one of the specified target groups.
-     * <p>
-     * Each attribute certificate may contain a target information extension
-     * limiting the servers where this attribute certificate can be used. If
-     * this extension is not present, the attribute certificate is not targeted
-     * and may be accepted by any server.
-     *
-     * @param group The group as GeneralName form (not <code>null</code>)
-     */
-    public void addTargetGroup(GeneralName group)
-    {
-        targetGroups.add(group);
-    }
-
-    /**
-     * Adds a target group criterion for the attribute certificate to the target
-     * information extension criteria. The <code>X509AttributeCertificate</code>
-     * must contain at least one of the specified target groups.
-     * <p>
-     * Each attribute certificate may contain a target information extension
-     * limiting the servers where this attribute certificate can be used. If
-     * this extension is not present, the attribute certificate is not targeted
-     * and may be accepted by any server.
-     *
-     * @param name a byte array containing the group in ASN.1 DER encoded form of a GeneralName
-     * @throws IOException if a parsing error occurs.
-     */
-    public void addTargetGroup(byte[] name) throws IOException
-    {
-        addTargetGroup(GeneralName.getInstance(ASN1Primitive.fromByteArray(name)));
-    }
-
-    /**
-     * Adds a collection with target groups criteria. If <code>null</code> is
-     * given any will do.
-     * <p>
-     * The collection consists of <code>GeneralName</code> objects or <code>byte[]</code> representing DER
-     * encoded GeneralNames.
-     * 
-     * @param names A collection of target groups.
-     * @throws IOException if a parsing error occurs.
-     * @see #addTargetGroup(byte[])
-     * @see #addTargetGroup(GeneralName)
-     */
-    public void setTargetGroups(Collection names) throws IOException
-    {
-        targetGroups = extractGeneralNames(names);
-    }
-
-
-
-    /**
-     * Gets the target groups. The collection consists of <code>GeneralName</code> objects.
-     * <p>
-     * The returned collection is immutable.
-     *
-     * @return The collection of target groups.
-     * @see #setTargetGroups(Collection)
-     */
-    public Collection getTargetGroups()
-    {
-        return Collections.unmodifiableCollection(targetGroups);
-    }
-
-    private Set extractGeneralNames(Collection names)
-        throws IOException
-    {
-        if (names == null || names.isEmpty())
-        {
-            return new HashSet();
-        }
-        Set temp = new HashSet();
-        for (Iterator it = names.iterator(); it.hasNext();)
-        {
-            Object o = it.next();
-            if (o instanceof GeneralName)
-            {
-                temp.add(o);
-            }
-            else
-            {
-                temp.add(GeneralName.getInstance(ASN1Primitive.fromByteArray((byte[])o)));
-            }
-        }
-        return temp;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/x509/X509CertPairStoreSelector.java b/bcprov/src/main/java/org/bouncycastle/x509/X509CertPairStoreSelector.java
deleted file mode 100644
index 187b098..0000000
--- a/bcprov/src/main/java/org/bouncycastle/x509/X509CertPairStoreSelector.java
+++ /dev/null

@@ -1,155 +0,0 @@
-package org.bouncycastle.x509;
-
-import org.bouncycastle.util.Selector;
-
-/**
- * This class is an <code>Selector</code> like implementation to select
- * certificates pairs, which are e.g. used for cross certificates. The set of
- * criteria is given from two
- * {@link org.bouncycastle.x509.X509CertStoreSelector}s which must be both
- * matched.
- * 
- * @see org.bouncycastle.x509.X509AttributeCertificate
- * @see org.bouncycastle.x509.X509Store
- */
-public class X509CertPairStoreSelector implements Selector
-{
-
-    private X509CertStoreSelector forwardSelector;
-
-    private X509CertStoreSelector reverseSelector;
-
-    private X509CertificatePair certPair;
-
-    public X509CertPairStoreSelector()
-    {
-    }
-
-    /**
-     * Returns the certificate pair which is used for testing on equality.
-     * 
-     * @return Returns the certificate pair which is checked.
-     */
-    public X509CertificatePair getCertPair()
-    {
-        return certPair;
-    }
-
-    /**
-     * Set the certificate pair which is used for testing on equality.
-     * 
-     * @param certPair The certPairChecking to set.
-     */
-    public void setCertPair(X509CertificatePair certPair)
-    {
-        this.certPair = certPair;
-    }
-
-    /**
-     * @param forwardSelector The certificate selector for the forward part in
-     *            the pair.
-     */
-    public void setForwardSelector(X509CertStoreSelector forwardSelector)
-    {
-        this.forwardSelector = forwardSelector;
-    }
-
-    /**
-     * @param reverseSelector The certificate selector for the reverse part in
-     *            the pair.
-     */
-    public void setReverseSelector(X509CertStoreSelector reverseSelector)
-    {
-        this.reverseSelector = reverseSelector;
-    }
-
-    /**
-     * Returns a clone of this selector.
-     * 
-     * @return A clone of this selector.
-     * @see java.lang.Object#clone()
-     */
-    public Object clone()
-    {
-        X509CertPairStoreSelector cln = new X509CertPairStoreSelector();
-
-        cln.certPair = certPair;
-        
-        if (forwardSelector != null)
-        {
-            cln.setForwardSelector((X509CertStoreSelector) forwardSelector
-                    .clone());
-        }
-
-        if (reverseSelector != null)
-        {
-            cln.setReverseSelector((X509CertStoreSelector) reverseSelector
-                    .clone());
-        }
-
-        return cln;
-    }
-
-    /**
-     * Decides if the given certificate pair should be selected. If
-     * <code>obj</code> is not a {@link X509CertificatePair} this method
-     * returns <code>false</code>.
-     * 
-     * @param obj The {@link X509CertificatePair} which should be tested.
-     * @return <code>true</code> if the object matches this selector.
-     */
-    public boolean match(Object obj)
-    {
-        try
-        {
-            if (!(obj instanceof X509CertificatePair))
-            {
-                return false;
-            }
-            X509CertificatePair pair = (X509CertificatePair)obj;
-
-            if (forwardSelector != null
-                    && !forwardSelector.match((Object)pair.getForward()))
-            {
-                return false;
-            }
-
-            if (reverseSelector != null
-                    && !reverseSelector.match((Object)pair.getReverse()))
-            {
-                return false;
-            }
-
-            if (certPair != null)
-            {
-                return certPair.equals(obj);
-            }
-
-            return true;
-        }
-        catch (Exception e)
-        {
-            return false;
-        }
-    }
-
-    /**
-     * Returns the certicate selector for the forward part.
-     * 
-     * @return Returns the certicate selector for the forward part.
-     */
-    public X509CertStoreSelector getForwardSelector()
-    {
-        return forwardSelector;
-    }
-
-    /**
-     * Returns the certicate selector for the reverse part.
-     * 
-     * @return Returns the reverse selector for teh reverse part.
-     */
-    public X509CertStoreSelector getReverseSelector()
-    {
-        return reverseSelector;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/x509/X509CertificatePair.java b/bcprov/src/main/java/org/bouncycastle/x509/X509CertificatePair.java
deleted file mode 100644
index d864b71..0000000
--- a/bcprov/src/main/java/org/bouncycastle/x509/X509CertificatePair.java
+++ /dev/null

@@ -1,172 +0,0 @@
-package org.bouncycastle.x509;
-
-import java.io.IOException;
-import java.security.cert.CertificateEncodingException;
-import java.security.cert.CertificateParsingException;
-import java.security.cert.X509Certificate;
-
-import org.bouncycastle.asn1.ASN1Encoding;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.x509.Certificate;
-import org.bouncycastle.asn1.x509.CertificatePair;
-import org.bouncycastle.jcajce.util.BCJcaJceHelper;
-import org.bouncycastle.jcajce.util.JcaJceHelper;
-import org.bouncycastle.jce.provider.X509CertificateObject;
-
-/**
- * This class contains a cross certificate pair. Cross certificates pairs may
- * contain two cross signed certificates from two CAs. A certificate from the
- * other CA to this CA is contained in the forward certificate, the certificate
- * from this CA to the other CA is contained in the reverse certificate.
- */
-public class X509CertificatePair
-{
-    private final JcaJceHelper bcHelper = new BCJcaJceHelper(); // needed to force provider loading
-
-    private X509Certificate forward;
-    private X509Certificate reverse;
-
-    // TODO: should get rid of this class
-    /**
-     * Constructor.
-     *
-     * @param forward Certificate from the other CA to this CA.
-     * @param reverse Certificate from this CA to the other CA.
-     */
-    public X509CertificatePair(
-        X509Certificate forward,
-        X509Certificate reverse)
-    {
-        this.forward = forward;
-        this.reverse = reverse;
-    }
-
-    /**
-     * Constructor from a ASN.1 CertificatePair structure.
-     *
-     * @param pair The <code>CertificatePair</code> ASN.1 object.
-     */
-    public X509CertificatePair(
-        CertificatePair pair)
-        throws CertificateParsingException
-    {
-        if (pair.getForward() != null)
-        {
-            this.forward = new X509CertificateObject(pair.getForward());
-        }
-        if (pair.getReverse() != null)
-        {
-            this.reverse = new X509CertificateObject(pair.getReverse());
-        }
-    }
-    
-    public byte[] getEncoded()
-        throws CertificateEncodingException
-    {
-        Certificate f = null;
-        Certificate r = null;
-        try
-        {
-            if (forward != null)
-            {
-                f = Certificate.getInstance(new ASN1InputStream(
-                    forward.getEncoded()).readObject());
-                if (f == null)
-                {
-                    throw new CertificateEncodingException("unable to get encoding for forward");
-                }
-            }
-            if (reverse != null)
-            {
-                r = Certificate.getInstance(new ASN1InputStream(
-                    reverse.getEncoded()).readObject());
-                if (r == null)
-                {
-                    throw new CertificateEncodingException("unable to get encoding for reverse");
-                }
-            }
-            return new CertificatePair(f, r).getEncoded(ASN1Encoding.DER);
-        }
-        catch (IllegalArgumentException e)
-        {
-            throw new ExtCertificateEncodingException(e.toString(), e);
-        }
-        catch (IOException e)
-        {
-            throw new ExtCertificateEncodingException(e.toString(), e);
-        }
-    }
-
-    /**
-     * Returns the certificate from the other CA to this CA.
-     *
-     * @return Returns the forward certificate.
-     */
-    public X509Certificate getForward()
-    {
-        return forward;
-    }
-
-    /**
-     * Return the certificate from this CA to the other CA.
-     *
-     * @return Returns the reverse certificate.
-     */
-    public X509Certificate getReverse()
-    {
-        return reverse;
-    }
-
-    public boolean equals(Object o)
-    {
-        if (o == null)
-        {
-            return false;
-        }
-        if (!(o instanceof X509CertificatePair))
-        {
-            return false;
-        }
-        X509CertificatePair pair = (X509CertificatePair)o;
-        boolean equalReverse = true;
-        boolean equalForward = true;
-        if (forward != null)
-        {
-            equalForward = this.forward.equals(pair.forward);
-        }
-        else
-        {
-            if (pair.forward != null)
-            {
-                equalForward = false;
-            }
-        }
-        if (reverse != null)
-        {
-            equalReverse = this.reverse.equals(pair.reverse);
-        }
-        else
-        {
-            if (pair.reverse != null)
-            {
-                equalReverse = false;
-            }
-        }
-        return equalForward && equalReverse;
-    }
-
-    public int hashCode()
-    {
-        int hash = -1;
-        if (forward != null)
-        {
-            hash ^= forward.hashCode();
-        }
-        if (reverse != null)
-        {
-            hash *= 17;
-            hash ^= reverse.hashCode();
-        }
-        return hash;
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/x509/X509Store.java b/bcprov/src/main/java/org/bouncycastle/x509/X509Store.java
deleted file mode 100644
index 61d921c..0000000
--- a/bcprov/src/main/java/org/bouncycastle/x509/X509Store.java
+++ /dev/null

@@ -1,82 +0,0 @@
-package org.bouncycastle.x509;
-
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.Provider;
-import java.util.Collection;
-
-import org.bouncycastle.util.Selector;
-import org.bouncycastle.util.Store;
-
-/**
- * @deprecated use CollectionStore - this class will be removed.
- */
-public class X509Store
-    implements Store
-{
-    public static X509Store getInstance(String type, X509StoreParameters parameters)
-        throws NoSuchStoreException
-    {
-        try
-        {
-            X509Util.Implementation impl = X509Util.getImplementation("X509Store", type);
-
-            return createStore(impl, parameters);
-        }
-        catch (NoSuchAlgorithmException e)
-        {
-            throw new NoSuchStoreException(e.getMessage());
-        }
-    }
-
-    public static X509Store getInstance(String type, X509StoreParameters parameters, String provider)
-        throws NoSuchStoreException, NoSuchProviderException
-    {
-        return getInstance(type, parameters, X509Util.getProvider(provider));
-    }
-
-    public static X509Store getInstance(String type, X509StoreParameters parameters, Provider provider)
-        throws NoSuchStoreException
-    {
-        try
-        {
-            X509Util.Implementation impl = X509Util.getImplementation("X509Store", type, provider);
-
-            return createStore(impl, parameters);
-        }
-        catch (NoSuchAlgorithmException e)
-        {
-            throw new NoSuchStoreException(e.getMessage());
-        }
-    }
-
-    private static X509Store createStore(X509Util.Implementation impl, X509StoreParameters parameters)
-    {
-        X509StoreSpi spi = (X509StoreSpi)impl.getEngine();
-
-        spi.engineInit(parameters);
-
-        return new X509Store(impl.getProvider(), spi);
-    }
-
-    private Provider     _provider;
-    private X509StoreSpi _spi;
-
-    private X509Store(
-        Provider provider,
-        X509StoreSpi spi)
-    {
-        _provider = provider;
-        _spi = spi;
-    }
-
-    public Provider getProvider()
-    {
-       return _provider;
-    }
-
-    public Collection getMatches(Selector selector)
-    {
-        return _spi.engineGetMatches(selector);
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/x509/X509StreamParser.java b/bcprov/src/main/java/org/bouncycastle/x509/X509StreamParser.java
deleted file mode 100644
index 3ad2846..0000000
--- a/bcprov/src/main/java/org/bouncycastle/x509/X509StreamParser.java
+++ /dev/null

@@ -1,161 +0,0 @@
-package org.bouncycastle.x509;
-
-import org.bouncycastle.x509.util.StreamParser;
-import org.bouncycastle.x509.util.StreamParsingException;
-
-import java.io.ByteArrayInputStream;
-import java.io.InputStream;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.Provider;
-import java.util.Collection;
-
-/**
- *
- * This class allows access to different implementations for reading X.509
- * objects from streams.
- * <p>
- * A X509StreamParser is used to read a collection of objects or a single object
- * of a certain X.509 object structure. E.g. one X509StreamParser can read
- * certificates, another one CRLs, certification paths, attribute certificates
- * and so on. The kind of object structure is specified with the
- * <code>algorithm</code> parameter to the <code>getInstance</code> methods.
- * <p>
- * Implementations must implement the
- * {@link org.bouncycastle.x509.X509StreamParserSpi}.
- */
-public class X509StreamParser
-    implements StreamParser
-{
-    /**
-     * Generates a StreamParser object that implements the specified type. If
-     * the default provider package provides an implementation of the requested
-     * type, an instance of StreamParser containing that implementation is
-     * returned. If the type is not available in the default package, other
-     * packages are searched.
-     *
-     * @param type
-     *            The name of the requested X.509 object type.
-     * @return a StreamParser object for the specified type.
-     *
-     * @exception NoSuchParserException
-     *                if the requested type is not available in the default
-     *                provider package or any of the other provider packages
-     *                that were searched.
-     */
-    public static X509StreamParser getInstance(String type)
-        throws NoSuchParserException
-    {
-        try
-        {
-            X509Util.Implementation impl = X509Util.getImplementation("X509StreamParser", type);
-
-            return createParser(impl);
-        }
-        catch (NoSuchAlgorithmException e)
-        {
-            throw new NoSuchParserException(e.getMessage());
-        }
-    }
-
-    /**
-     * Generates a X509StreamParser object for the specified type from the
-     * specified provider.
-     *
-     * @param type
-     *            the name of the requested X.509 object type.
-     * @param provider
-     *            the name of the provider.
-     *
-     * @return a X509StreamParser object for the specified type.
-     *
-     * @exception NoSuchParserException
-     *                if the type is not available from the specified provider.
-     *
-     * @exception NoSuchProviderException
-     *                if the provider can not be found.
-     *
-     * @see Provider
-     */
-    public static X509StreamParser getInstance(String type, String provider)
-        throws NoSuchParserException, NoSuchProviderException
-    {
-        return getInstance(type, X509Util.getProvider(provider));
-    }
-
-    /**
-     * Generates a X509StreamParser object for the specified type from the
-     * specified provider.
-     *
-     * @param type
-     *            the name of the requested X.509 object type.
-     * @param provider
-     *            the Provider to use.
-     *
-     * @return a X509StreamParser object for the specified type.
-     *
-     * @exception NoSuchParserException
-     *                if the type is not available from the specified provider.
-     *
-     * @see Provider
-     */
-    public static X509StreamParser getInstance(String type, Provider provider)
-        throws NoSuchParserException
-    {
-        try
-        {
-            X509Util.Implementation impl = X509Util.getImplementation("X509StreamParser", type, provider);
-
-            return createParser(impl);
-        }
-        catch (NoSuchAlgorithmException e)
-        {
-            throw new NoSuchParserException(e.getMessage());
-        }
-    }
-
-    private static X509StreamParser createParser(X509Util.Implementation impl)
-    {
-        X509StreamParserSpi spi = (X509StreamParserSpi)impl.getEngine();
-
-        return new X509StreamParser(impl.getProvider(), spi);
-    }
-
-    private Provider            _provider;
-    private X509StreamParserSpi _spi;
-
-    private X509StreamParser(
-        Provider provider,
-        X509StreamParserSpi spi)
-    {
-        _provider = provider;
-        _spi = spi;
-    }
-
-    public Provider getProvider()
-    {
-        return _provider;
-    }
-
-    public void init(InputStream stream)
-    {
-        _spi.engineInit(stream);
-    }
-
-    public void init(byte[] data)
-    {
-        _spi.engineInit(new ByteArrayInputStream(data));
-    }
-
-    public Object read()
-        throws StreamParsingException
-    {
-        return _spi.engineRead();
-    }
-
-    public Collection readAll()
-        throws StreamParsingException
-    {
-        return _spi.engineReadAll();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/x509/X509StreamParserSpi.java b/bcprov/src/main/java/org/bouncycastle/x509/X509StreamParserSpi.java
deleted file mode 100644
index 6929eb1..0000000
--- a/bcprov/src/main/java/org/bouncycastle/x509/X509StreamParserSpi.java
+++ /dev/null

@@ -1,45 +0,0 @@
-package org.bouncycastle.x509;
-
-import org.bouncycastle.x509.util.StreamParsingException;
-
-import java.io.InputStream;
-import java.util.Collection;
-
-/**
- * This abstract class defines the service provider interface (SPI) for
- * X509StreamParser.
- *
- * @see org.bouncycastle.x509.X509StreamParser
- *
- */
-public abstract class X509StreamParserSpi
-{
-    /**
-     * Initializes this stream parser with the input stream.
-     *
-     * @param in The input stream.
-     */
-    public abstract void engineInit(InputStream in);
-
-    /**
-     * Returns the next X.509 object of the type of this SPI from the given
-     * input stream.
-     *
-     * @return the next X.509 object in the stream or <code>null</code> if the
-     *         end of the stream is reached.
-     * @exception StreamParsingException
-     *                if the object cannot be created from input stream.
-     */
-    public abstract Object engineRead() throws StreamParsingException;
-
-    /**
-     * Returns all X.509 objects of the type of this SPI from
-     * the given input stream.
-     *
-     * @return A collection of all X.509 objects in the input stream or
-     *         <code>null</code> if the end of the stream is reached.
-     * @exception StreamParsingException
-     *                if an object cannot be created from input stream.
-     */
-    public abstract Collection engineReadAll() throws StreamParsingException;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/x509/X509Util.java b/bcprov/src/main/java/org/bouncycastle/x509/X509Util.java
index d002111..4762ec5 100644
--- a/bcprov/src/main/java/org/bouncycastle/x509/X509Util.java
+++ b/bcprov/src/main/java/org/bouncycastle/x509/X509Util.java

@@ -25,12 +25,14 @@
 import org.bouncycastle.asn1.ASN1Integer;
 import org.bouncycastle.asn1.ASN1ObjectIdentifier;
 import org.bouncycastle.asn1.DERNull;
-import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
 import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
 import org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
 import org.bouncycastle.asn1.pkcs.RSASSAPSSparams;
-import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
 import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
 import org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
 import org.bouncycastle.jce.X509Principal;
@@ -44,8 +46,10 @@
     
     static
     {   
-        algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption);
-        algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption);
+        // BEGIN Android-removed: Unsupported algorithms
+        // algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption);
+        // algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption);
+        // END Android-removed: Unsupported algorithms
         algorithms.put("MD5WITHRSAENCRYPTION", PKCSObjectIdentifiers.md5WithRSAEncryption);
         algorithms.put("MD5WITHRSA", PKCSObjectIdentifiers.md5WithRSAEncryption);
         algorithms.put("SHA1WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha1WithRSAEncryption);
@@ -63,12 +67,14 @@
         algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
         algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
         algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
-        algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
-        algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
-        algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
-        algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
-        algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
-        algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
+        // BEGIN Android-removed: Unsupported algorithms
+        // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
+        // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
+        // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
+        // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
+        // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
+        // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
+        // END Android-removed: Unsupported algorithms
         algorithms.put("SHA1WITHDSA", X9ObjectIdentifiers.id_dsa_with_sha1);
         algorithms.put("DSAWITHSHA1", X9ObjectIdentifiers.id_dsa_with_sha1);
         algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224);
@@ -81,11 +87,13 @@
         algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256);
         algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384);
         algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512);
-        algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
-        algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
-        algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-        algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
-        algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+        // BEGIN Android-removed: Unsupported algorithms
+        // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
+        // algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
+        // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+        // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+        // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+        // END Android-removed: Unsupported algorithms
 
         //
         // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field. 
@@ -105,8 +113,10 @@
         //
         // RFC 4491
         //
-        noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
-        noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+        // BEGIN Android-removed: Unsupported algorithms
+        // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
+        // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+        // END Android-removed: Unsupported algorithms
 
         //
         // explicit params

diff --git a/bcprov/src/main/java/org/bouncycastle/x509/X509V2CRLGenerator.java b/bcprov/src/main/java/org/bouncycastle/x509/X509V2CRLGenerator.java
deleted file mode 100644
index 0bbaf4f..0000000
--- a/bcprov/src/main/java/org/bouncycastle/x509/X509V2CRLGenerator.java
+++ /dev/null

@@ -1,454 +0,0 @@
-package org.bouncycastle.x509;
-
-import java.io.IOException;
-import java.math.BigInteger;
-import java.security.GeneralSecurityException;
-import java.security.InvalidKeyException;
-import java.security.NoSuchAlgorithmException;
-import java.security.NoSuchProviderException;
-import java.security.PrivateKey;
-import java.security.SecureRandom;
-import java.security.SignatureException;
-import java.security.cert.CRLException;
-import java.security.cert.X509CRL;
-import java.security.cert.X509CRLEntry;
-import java.util.Date;
-import java.util.Iterator;
-import java.util.Set;
-
-import javax.security.auth.x500.X500Principal;
-
-import org.bouncycastle.asn1.ASN1Encodable;
-import org.bouncycastle.asn1.ASN1EncodableVector;
-import org.bouncycastle.asn1.ASN1GeneralizedTime;
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.ASN1Integer;
-import org.bouncycastle.asn1.ASN1ObjectIdentifier;
-import org.bouncycastle.asn1.ASN1Sequence;
-import org.bouncycastle.asn1.DERBitString;
-import org.bouncycastle.asn1.DERSequence;
-import org.bouncycastle.asn1.x509.AlgorithmIdentifier;
-import org.bouncycastle.asn1.x509.CertificateList;
-import org.bouncycastle.asn1.x509.Extensions;
-import org.bouncycastle.asn1.x509.TBSCertList;
-import org.bouncycastle.asn1.x509.Time;
-import org.bouncycastle.asn1.x509.V2TBSCertListGenerator;
-import org.bouncycastle.asn1.x509.X509Extensions;
-import org.bouncycastle.asn1.x509.X509ExtensionsGenerator;
-import org.bouncycastle.asn1.x509.X509Name;
-import org.bouncycastle.jcajce.util.BCJcaJceHelper;
-import org.bouncycastle.jcajce.util.JcaJceHelper;
-import org.bouncycastle.jce.X509Principal;
-import org.bouncycastle.jce.provider.X509CRLObject;
-
-/**
- * class to produce an X.509 Version 2 CRL.
- *  @deprecated use org.bouncycastle.cert.X509v2CRLBuilder.
- */
-public class X509V2CRLGenerator
-{
-    private final JcaJceHelper bcHelper = new BCJcaJceHelper(); // needed to force provider loading
-
-    private V2TBSCertListGenerator      tbsGen;
-    private ASN1ObjectIdentifier         sigOID;
-    private AlgorithmIdentifier         sigAlgId;
-    private String                      signatureAlgorithm;
-    private X509ExtensionsGenerator     extGenerator;
-
-    public X509V2CRLGenerator()
-    {
-        tbsGen = new V2TBSCertListGenerator();
-        extGenerator = new X509ExtensionsGenerator();
-    }
-
-    /**
-     * reset the generator
-     */
-    public void reset()
-    {
-        tbsGen = new V2TBSCertListGenerator();
-        extGenerator.reset();
-    }
-
-    /**
-     * Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the
-     * certificate.
-     */
-    public void setIssuerDN(
-        X500Principal   issuer)
-    {
-        try
-        {
-            tbsGen.setIssuer(new X509Principal(issuer.getEncoded()));
-        }
-        catch (IOException e)
-        {
-            throw new IllegalArgumentException("can't process principal: " + e);
-        }
-    }
-
-    /**
-     * Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the
-     * certificate.
-     */
-    public void setIssuerDN(
-        X509Name   issuer)
-    {
-        tbsGen.setIssuer(issuer);
-    }
-
-    public void setThisUpdate(
-        Date    date)
-    {
-        tbsGen.setThisUpdate(new Time(date));
-    }
-
-    public void setNextUpdate(
-        Date    date)
-    {
-        tbsGen.setNextUpdate(new Time(date));
-    }
-
-    /**
-     * Reason being as indicated by CRLReason, i.e. CRLReason.keyCompromise
-     * or 0 if CRLReason is not to be used
-     **/
-    public void addCRLEntry(BigInteger userCertificate, Date revocationDate, int reason)
-    {
-        tbsGen.addCRLEntry(new ASN1Integer(userCertificate), new Time(revocationDate), reason);
-    }
-
-    /**
-     * Add a CRL entry with an Invalidity Date extension as well as a CRLReason extension.
-     * Reason being as indicated by CRLReason, i.e. CRLReason.keyCompromise
-     * or 0 if CRLReason is not to be used
-     **/
-    public void addCRLEntry(BigInteger userCertificate, Date revocationDate, int reason, Date invalidityDate)
-    {
-        tbsGen.addCRLEntry(new ASN1Integer(userCertificate), new Time(revocationDate), reason, new ASN1GeneralizedTime(invalidityDate));
-    }
-   
-    /**
-     * Add a CRL entry with extensions.
-     **/
-    public void addCRLEntry(BigInteger userCertificate, Date revocationDate, X509Extensions extensions)
-    {
-        tbsGen.addCRLEntry(new ASN1Integer(userCertificate), new Time(revocationDate), Extensions.getInstance(extensions));
-    }
-    
-    /**
-     * Add the CRLEntry objects contained in a previous CRL.
-     * 
-     * @param other the X509CRL to source the other entries from. 
-     */
-    public void addCRL(X509CRL other)
-        throws CRLException
-    {
-        Set revocations = other.getRevokedCertificates();
-
-        if (revocations != null)
-        {
-            Iterator it = revocations.iterator();
-            while (it.hasNext())
-            {
-                X509CRLEntry entry = (X509CRLEntry)it.next();
-
-                ASN1InputStream aIn = new ASN1InputStream(entry.getEncoded());
-
-                try
-                {
-                    tbsGen.addCRLEntry(ASN1Sequence.getInstance(aIn.readObject()));
-                }
-                catch (IOException e)
-                {
-                    throw new CRLException("exception processing encoding of CRL: " + e.toString());
-                }
-            }
-        }
-    }
-    
-    /**
-     * Set the signature algorithm. This can be either a name or an OID, names
-     * are treated as case insensitive.
-     * 
-     * @param signatureAlgorithm string representation of the algorithm name.
-     */
-    public void setSignatureAlgorithm(
-        String  signatureAlgorithm)
-    {
-        this.signatureAlgorithm = signatureAlgorithm;
-
-        try
-        {
-            sigOID = X509Util.getAlgorithmOID(signatureAlgorithm);
-        }
-        catch (Exception e)
-        {
-            throw new IllegalArgumentException("Unknown signature type requested");
-        }
-
-        sigAlgId = X509Util.getSigAlgID(sigOID, signatureAlgorithm);
-
-        tbsGen.setSignature(sigAlgId);
-    }
-
-    /**
-     * add a given extension field for the standard extensions tag (tag 0)
-     */
-    public void addExtension(
-        String          oid,
-        boolean         critical,
-        ASN1Encodable    value)
-    {
-        this.addExtension(new ASN1ObjectIdentifier(oid), critical, value);
-    }
-
-    /**
-     * add a given extension field for the standard extensions tag (tag 0)
-     */
-    public void addExtension(
-        ASN1ObjectIdentifier oid,
-        boolean             critical,
-        ASN1Encodable value)
-    {
-        extGenerator.addExtension(new ASN1ObjectIdentifier(oid.getId()), critical, value);
-    }
-
-    /**
-     * add a given extension field for the standard extensions tag (tag 0)
-     */
-    public void addExtension(
-        String          oid,
-        boolean         critical,
-        byte[]          value)
-    {
-        this.addExtension(new ASN1ObjectIdentifier(oid), critical, value);
-    }
-
-    /**
-     * add a given extension field for the standard extensions tag (tag 0)
-     */
-    public void addExtension(
-        ASN1ObjectIdentifier oid,
-        boolean             critical,
-        byte[]              value)
-    {
-        extGenerator.addExtension(new ASN1ObjectIdentifier(oid.getId()), critical, value);
-    }
-
-    /**
-     * generate an X509 CRL, based on the current issuer and subject
-     * using the default provider "BC".
-     * @deprecated use generate(key, "BC")
-     */
-    public X509CRL generateX509CRL(
-        PrivateKey      key)
-        throws SecurityException, SignatureException, InvalidKeyException
-    {
-        try
-        {
-            return generateX509CRL(key, "BC", null);
-        }
-        catch (NoSuchProviderException e)
-        {
-            throw new SecurityException("BC provider not installed!");
-        }
-    }
-
-    /**
-     * generate an X509 CRL, based on the current issuer and subject
-     * using the default provider "BC" and an user defined SecureRandom object as
-     * source of randomness.
-     * @deprecated use generate(key, random, "BC")
-     */
-    public X509CRL generateX509CRL(
-        PrivateKey      key,
-        SecureRandom    random)
-        throws SecurityException, SignatureException, InvalidKeyException
-    {
-        try
-        {
-            return generateX509CRL(key, "BC", random);
-        }
-        catch (NoSuchProviderException e)
-        {
-            throw new SecurityException("BC provider not installed!");
-        }
-    }
-
-    /**
-     * generate an X509 certificate, based on the current issuer and subject
-     * using the passed in provider for the signing.
-     * @deprecated use generate()
-     */
-    public X509CRL generateX509CRL(
-        PrivateKey      key,
-        String          provider)
-        throws NoSuchProviderException, SecurityException, SignatureException, InvalidKeyException
-    {
-        return generateX509CRL(key, provider, null);
-    }
-
-    /**
-     * generate an X509 CRL, based on the current issuer and subject,
-     * using the passed in provider for the signing.
-     * @deprecated use generate()
-     */
-    public X509CRL generateX509CRL(
-        PrivateKey      key,
-        String          provider,
-        SecureRandom    random)
-        throws NoSuchProviderException, SecurityException, SignatureException, InvalidKeyException
-    {
-        try
-        {
-            return generate(key, provider, random);
-        }
-        catch (NoSuchProviderException e)
-        {
-            throw e;
-        }
-        catch (SignatureException e)
-        {
-            throw e;
-        }
-        catch (InvalidKeyException e)
-        {
-            throw e;
-        }
-        catch (GeneralSecurityException e)
-        {
-            throw new SecurityException("exception: " + e);
-        }
-    }
-    
-    /**
-     * generate an X509 CRL, based on the current issuer and subject
-     * using the default provider.
-     * <p>
-     * <b>Note:</b> this differs from the deprecated method in that the default provider is
-     * used - not "BC".
-     * </p>
-     */
-    public X509CRL generate(
-        PrivateKey      key)
-        throws CRLException, IllegalStateException, NoSuchAlgorithmException, SignatureException, InvalidKeyException
-    {
-        return generate(key, (SecureRandom)null);
-    }
-
-    /**
-     * generate an X509 CRL, based on the current issuer and subject
-     * using the default provider and an user defined SecureRandom object as
-     * source of randomness.
-     * <p>
-     * <b>Note:</b> this differs from the deprecated method in that the default provider is
-     * used - not "BC".
-     * </p>
-     */
-    public X509CRL generate(
-        PrivateKey      key,
-        SecureRandom    random)
-        throws CRLException, IllegalStateException, NoSuchAlgorithmException, SignatureException, InvalidKeyException
-    {
-        TBSCertList tbsCrl = generateCertList();
-        byte[] signature;
-
-        try
-        {
-            signature = X509Util.calculateSignature(sigOID, signatureAlgorithm, key, random, tbsCrl);
-        }
-        catch (IOException e)
-        {
-            throw new ExtCRLException("cannot generate CRL encoding", e);
-        }
-
-        return generateJcaObject(tbsCrl, signature);
-    }
-
-    /**
-     * generate an X509 certificate, based on the current issuer and subject
-     * using the passed in provider for the signing.
-     */
-    public X509CRL generate(
-        PrivateKey      key,
-        String          provider)
-        throws CRLException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException
-    {
-        return generate(key, provider, null);
-    }
-
-    /**
-     * generate an X509 CRL, based on the current issuer and subject,
-     * using the passed in provider for the signing.
-     */
-    public X509CRL generate(
-        PrivateKey      key,
-        String          provider,
-        SecureRandom    random)
-        throws CRLException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException
-    {
-        TBSCertList tbsCrl = generateCertList();
-        byte[] signature;
-
-        try
-        {
-            signature = X509Util.calculateSignature(sigOID, signatureAlgorithm, provider, key, random, tbsCrl);
-        }
-        catch (IOException e)
-        {
-            throw new ExtCRLException("cannot generate CRL encoding", e);
-        }
-
-        return generateJcaObject(tbsCrl, signature);
-    }
-
-    private TBSCertList generateCertList()
-    {
-        if (!extGenerator.isEmpty())
-        {
-            tbsGen.setExtensions(extGenerator.generate());
-        }
-
-        return tbsGen.generateTBSCertList();
-    }
-
-    private X509CRL generateJcaObject(TBSCertList tbsCrl, byte[] signature)
-        throws CRLException
-    {
-        ASN1EncodableVector v = new ASN1EncodableVector();
-
-        v.add(tbsCrl);
-        v.add(sigAlgId);
-        v.add(new DERBitString(signature));
-
-        return new X509CRLObject(new CertificateList(new DERSequence(v)));
-    }
-
-    /**
-     * Return an iterator of the signature names supported by the generator.
-     * 
-     * @return an iterator containing recognised names.
-     */
-    public Iterator getSignatureAlgNames()
-    {
-        return X509Util.getAlgNames();
-    }
-
-    private static class ExtCRLException
-        extends CRLException
-    {
-        Throwable cause;
-
-        ExtCRLException(String message, Throwable cause)
-        {
-            super(message);
-            this.cause = cause;
-        }
-
-        public Throwable getCause()
-        {
-            return cause;
-        }
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/x509/examples/package.html b/bcprov/src/main/java/org/bouncycastle/x509/examples/package.html
deleted file mode 100644
index 6262157..0000000
--- a/bcprov/src/main/java/org/bouncycastle/x509/examples/package.html
+++ /dev/null

@@ -1,7 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-<p>
-Examples for X.509 attribute certificates.
-<p>
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/x509/extension/package.html b/bcprov/src/main/java/org/bouncycastle/x509/extension/package.html
deleted file mode 100644
index abc2da5..0000000
--- a/bcprov/src/main/java/org/bouncycastle/x509/extension/package.html
+++ /dev/null

@@ -1,5 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-Helper classes for dealing with common X.509 extensions.
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/x509/package.html b/bcprov/src/main/java/org/bouncycastle/x509/package.html
deleted file mode 100644
index b6b5298..0000000
--- a/bcprov/src/main/java/org/bouncycastle/x509/package.html
+++ /dev/null

@@ -1,7 +0,0 @@
-<html>
-<body bgcolor="#ffffff">
-<p>
-Classes for supporting the generation of X.509 certificates and X.509 attribute certificates.
-<p>
-</body>
-</html>

diff --git a/bcprov/src/main/java/org/bouncycastle/x509/util/LDAPStoreHelper.java b/bcprov/src/main/java/org/bouncycastle/x509/util/LDAPStoreHelper.java
deleted file mode 100644
index 68e450e..0000000
--- a/bcprov/src/main/java/org/bouncycastle/x509/util/LDAPStoreHelper.java
+++ /dev/null

@@ -1,1116 +0,0 @@
-package org.bouncycastle.x509.util;
-
-import java.io.ByteArrayInputStream;
-import java.io.IOException;
-import java.security.Principal;
-import java.security.cert.CertificateParsingException;
-import java.security.cert.X509CRL;
-import java.security.cert.X509Certificate;
-import java.sql.Date;
-import java.util.ArrayList;
-import java.util.Collection;
-import java.util.HashMap;
-import java.util.HashSet;
-import java.util.Iterator;
-import java.util.List;
-import java.util.Map;
-import java.util.Properties;
-import java.util.Set;
-
-import javax.naming.Context;
-import javax.naming.NamingEnumeration;
-import javax.naming.NamingException;
-import javax.naming.directory.Attribute;
-import javax.naming.directory.DirContext;
-import javax.naming.directory.InitialDirContext;
-import javax.naming.directory.SearchControls;
-import javax.naming.directory.SearchResult;
-import javax.security.auth.x500.X500Principal;
-
-import org.bouncycastle.asn1.ASN1InputStream;
-import org.bouncycastle.asn1.x509.Certificate;
-import org.bouncycastle.asn1.x509.CertificatePair;
-import org.bouncycastle.jce.X509LDAPCertStoreParameters;
-import org.bouncycastle.jce.provider.X509AttrCertParser;
-import org.bouncycastle.jce.provider.X509CRLParser;
-import org.bouncycastle.jce.provider.X509CertPairParser;
-import org.bouncycastle.jce.provider.X509CertParser;
-import org.bouncycastle.util.StoreException;
-import org.bouncycastle.x509.X509AttributeCertStoreSelector;
-import org.bouncycastle.x509.X509AttributeCertificate;
-import org.bouncycastle.x509.X509CRLStoreSelector;
-import org.bouncycastle.x509.X509CertPairStoreSelector;
-import org.bouncycastle.x509.X509CertStoreSelector;
-import org.bouncycastle.x509.X509CertificatePair;
-
-/**
- * This is a general purpose implementation to get X.509 certificates, CRLs,
- * attribute certificates and cross certificates from a LDAP location.
- * <p>
- * At first a search is performed in the ldap*AttributeNames of the
- * {@link org.bouncycastle.jce.X509LDAPCertStoreParameters} with the given
- * information of the subject (for all kind of certificates) or issuer (for
- * CRLs), respectively, if a {@link org.bouncycastle.x509.X509CertStoreSelector} or
- * {@link org.bouncycastle.x509.X509AttributeCertificate} is given with that
- * details.
- * </p><p>
- * For the used schemes see:
- * <ul>
- * <li><a href="http://www.ietf.org/rfc/rfc2587.txt">RFC 2587</a>
- * <li><a
- * href="http://www3.ietf.org/proceedings/01mar/I-D/pkix-ldap-schema-01.txt">Internet
- * X.509 Public Key Infrastructure Additional LDAP Schema for PKIs and PMIs</a>
- * </ul>
- */
-public class LDAPStoreHelper
-{
-
-    // TODO: cache results
-
-    private X509LDAPCertStoreParameters params;
-
-    public LDAPStoreHelper(X509LDAPCertStoreParameters params)
-    {
-        this.params = params;
-    }
-
-    /**
-     * Initial Context Factory.
-     */
-    private static String LDAP_PROVIDER = "com.sun.jndi.ldap.LdapCtxFactory";
-
-    /**
-     * Processing referrals..
-     */
-    private static String REFERRALS_IGNORE = "ignore";
-
-    /**
-     * Security level to be used for LDAP connections.
-     */
-    private static final String SEARCH_SECURITY_LEVEL = "none";
-
-    /**
-     * Package Prefix for loading URL context factories.
-     */
-    private static final String URL_CONTEXT_PREFIX = "com.sun.jndi.url";
-
-    private DirContext connectLDAP() throws NamingException
-    {
-        Properties props = new Properties();
-        props.setProperty(Context.INITIAL_CONTEXT_FACTORY, LDAP_PROVIDER);
-        props.setProperty(Context.BATCHSIZE, "0");
-
-        props.setProperty(Context.PROVIDER_URL, params.getLdapURL());
-        props.setProperty(Context.URL_PKG_PREFIXES, URL_CONTEXT_PREFIX);
-        props.setProperty(Context.REFERRAL, REFERRALS_IGNORE);
-        props.setProperty(Context.SECURITY_AUTHENTICATION,
-            SEARCH_SECURITY_LEVEL);
-
-        DirContext ctx = new InitialDirContext(props);
-        return ctx;
-    }
-
-    private String parseDN(String subject, String dNAttributeName)
-    {
-        String temp = subject;
-        int begin = temp.toLowerCase().indexOf(
-            dNAttributeName.toLowerCase() + "=");
-        if (begin == -1)
-        {
-            return "";
-        }
-        temp = temp.substring(begin + dNAttributeName.length());
-        int end = temp.indexOf(',');
-        if (end == -1)
-        {
-            end = temp.length();
-        }
-        while (temp.charAt(end - 1) == '\\')
-        {
-            end = temp.indexOf(',', end + 1);
-            if (end == -1)
-            {
-                end = temp.length();
-            }
-        }
-        temp = temp.substring(0, end);
-        begin = temp.indexOf('=');
-        temp = temp.substring(begin + 1);
-        if (temp.charAt(0) == ' ')
-        {
-            temp = temp.substring(1);
-        }
-        if (temp.startsWith("\""))
-        {
-            temp = temp.substring(1);
-        }
-        if (temp.endsWith("\""))
-        {
-            temp = temp.substring(0, temp.length() - 1);
-        }
-        return temp;
-    }
-
-    private Set createCerts(List list, X509CertStoreSelector xselector)
-        throws StoreException
-    {
-        Set certSet = new HashSet();
-
-        Iterator it = list.iterator();
-        X509CertParser parser = new X509CertParser();
-        while (it.hasNext())
-        {
-            try
-            {
-                parser.engineInit(new ByteArrayInputStream((byte[])it
-                    .next()));
-                X509Certificate cert = (X509Certificate)parser
-                    .engineRead();
-                if (xselector.match((Object)cert))
-                {
-                    certSet.add(cert);
-                }
-
-            }
-            catch (Exception e)
-            {
-
-            }
-        }
-
-        return certSet;
-    }
-
-    /**
-     * Can use the subject and serial and the subject and serialNumber of the
-     * certificate of the given of the X509CertStoreSelector. If a certificate
-     * for checking is given this has higher precedence.
-     *
-     * @param xselector             The selector with the search criteria.
-     * @param attrs                 Attributes which contain the certificates in the LDAP
-     *                              directory.
-     * @param attrNames             Attribute names in teh LDAP directory which correspond to the
-     *                              subjectAttributeNames.
-     * @param subjectAttributeNames Subject attribute names (like "CN", "O", "OU") to use to
-     *                              search in the LDAP directory
-     * @return A list of found DER encoded certificates.
-     * @throws StoreException if an error occurs while searching.
-     */
-    private List certSubjectSerialSearch(X509CertStoreSelector xselector,
-                                         String[] attrs, String attrNames[], String subjectAttributeNames[])
-        throws StoreException
-    {
-        // TODO: support also subjectAltNames?
-        List list = new ArrayList();
-
-        String subject = null;
-        String serial = null;
-
-        subject = getSubjectAsString(xselector);
-
-        if (xselector.getSerialNumber() != null)
-        {
-            serial = xselector.getSerialNumber().toString();
-        }
-        if (xselector.getCertificate() != null)
-        {
-            subject = xselector.getCertificate().getSubjectX500Principal().getName("RFC1779");
-            serial = xselector.getCertificate().getSerialNumber().toString();
-        }
-
-        String attrValue = null;
-        if (subject != null)
-        {
-            for (int i = 0; i < subjectAttributeNames.length; i++)
-            {
-                attrValue = parseDN(subject, subjectAttributeNames[i]);
-                list
-                    .addAll(search(attrNames, "*" + attrValue + "*",
-                        attrs));
-            }
-        }
-        if (serial != null && params.getSearchForSerialNumberIn() != null)
-        {
-            attrValue = serial;
-            list.addAll(search(
-                splitString(params.getSearchForSerialNumberIn()),
-                                                  attrValue, attrs));
-        }
-        if (serial == null && subject == null)
-        {
-            list.addAll(search(attrNames, "*", attrs));
-        }
-
-        return list;
-    }
-
-
-
-    /**
-     * Can use the subject of the forward certificate of the set certificate
-     * pair or the subject of the forward
-     * {@link org.bouncycastle.x509.X509CertStoreSelector} of the given
-     * selector.
-     *
-     * @param xselector             The selector with the search criteria.
-     * @param attrs                 Attributes which contain the attribute certificates in the
-     *                              LDAP directory.
-     * @param attrNames             Attribute names in the LDAP directory which correspond to the
-     *                              subjectAttributeNames.
-     * @param subjectAttributeNames Subject attribute names (like "CN", "O", "OU") to use to
-     *                              search in the LDAP directory
-     * @return A list of found DER encoded certificate pairs.
-     * @throws StoreException if an error occurs while searching.
-     */
-    private List crossCertificatePairSubjectSearch(
-        X509CertPairStoreSelector xselector, String[] attrs,
-        String attrNames[], String subjectAttributeNames[])
-        throws StoreException
-    {
-        List list = new ArrayList();
-
-        // search for subject
-        String subject = null;
-
-        if (xselector.getForwardSelector() != null)
-        {
-            subject = getSubjectAsString(xselector.getForwardSelector());
-        }
-        if (xselector.getCertPair() != null)
-        {
-            if (xselector.getCertPair().getForward() != null)
-            {
-                subject = xselector.getCertPair().getForward()
-                    .getSubjectX500Principal().getName("RFC1779");
-            }
-        }
-        String attrValue = null;
-        if (subject != null)
-        {
-            for (int i = 0; i < subjectAttributeNames.length; i++)
-            {
-                attrValue = parseDN(subject, subjectAttributeNames[i]);
-                list
-                    .addAll(search(attrNames, "*" + attrValue + "*",
-                        attrs));
-            }
-        }
-        if (subject == null)
-        {
-            list.addAll(search(attrNames, "*", attrs));
-        }
-
-        return list;
-    }
-
-    /**
-     * Can use the entityName of the holder of the attribute certificate, the
-     * serialNumber of attribute certificate and the serialNumber of the
-     * associated certificate of the given of the X509AttributeCertSelector.
-     *
-     * @param xselector             The selector with the search criteria.
-     * @param attrs                 Attributes which contain the attribute certificates in the
-     *                              LDAP directory.
-     * @param attrNames             Attribute names in the LDAP directory which correspond to the
-     *                              subjectAttributeNames.
-     * @param subjectAttributeNames Subject attribute names (like "CN", "O", "OU") to use to
-     *                              search in the LDAP directory
-     * @return A list of found DER encoded attribute certificates.
-     * @throws StoreException if an error occurs while searching.
-     */
-    private List attrCertSubjectSerialSearch(
-        X509AttributeCertStoreSelector xselector, String[] attrs,
-        String attrNames[], String subjectAttributeNames[])
-        throws StoreException
-    {
-        List list = new ArrayList();
-
-        // search for serialNumber of associated cert,
-        // serialNumber of the attribute certificate or DN in the entityName
-        // of the holder
-
-        String subject = null;
-        String serial = null;
-
-        Collection serials = new HashSet();
-        Principal principals[] = null;
-        if (xselector.getHolder() != null)
-        {
-            // serialNumber of associated cert
-            if (xselector.getHolder().getSerialNumber() != null)
-            {
-                serials.add(xselector.getHolder().getSerialNumber()
-                    .toString());
-            }
-            // DN in the entityName of the holder
-            if (xselector.getHolder().getEntityNames() != null)
-            {
-                principals = xselector.getHolder().getEntityNames();
-            }
-        }
-
-        if (xselector.getAttributeCert() != null)
-        {
-            if (xselector.getAttributeCert().getHolder().getEntityNames() != null)
-            {
-                principals = xselector.getAttributeCert().getHolder()
-                    .getEntityNames();
-            }
-            // serialNumber of the attribute certificate
-            serials.add(xselector.getAttributeCert().getSerialNumber()
-                .toString());
-        }
-        if (principals != null)
-        {
-            // only first should be relevant
-            if (principals[0] instanceof X500Principal)
-            {
-                subject = ((X500Principal)principals[0])
-                    .getName("RFC1779");
-            }
-            else
-            {
-                // strange ...
-                subject = principals[0].getName();
-            }
-        }
-        if (xselector.getSerialNumber() != null)
-        {
-            serials.add(xselector.getSerialNumber().toString());
-        }
-
-        String attrValue = null;
-        if (subject != null)
-        {
-            for (int i = 0; i < subjectAttributeNames.length; i++)
-            {
-                attrValue = parseDN(subject, subjectAttributeNames[i]);
-                list
-                    .addAll(search(attrNames, "*" + attrValue + "*",
-                        attrs));
-            }
-        }
-        if (serials.size() > 0
-            && params.getSearchForSerialNumberIn() != null)
-        {
-            Iterator it = serials.iterator();
-            while (it.hasNext())
-            {
-                serial = (String)it.next();
-                list.addAll(search(splitString(params.getSearchForSerialNumberIn()), serial, attrs));
-            }
-        }
-        if (serials.size() == 0 && subject == null)
-        {
-            list.addAll(search(attrNames, "*", attrs));
-        }
-
-        return list;
-    }
-
-    /**
-     * Can use the issuer of the given of the X509CRLStoreSelector.
-     *
-     * @param xselector            The selector with the search criteria.
-     * @param attrs                Attributes which contain the attribute certificates in the
-     *                             LDAP directory.
-     * @param attrNames            Attribute names in the LDAP directory which correspond to the
-     *                             subjectAttributeNames.
-     * @param issuerAttributeNames Issuer attribute names (like "CN", "O", "OU") to use to search
-     *                             in the LDAP directory
-     * @return A list of found DER encoded CRLs.
-     * @throws StoreException if an error occurs while searching.
-     */
-    private List cRLIssuerSearch(X509CRLStoreSelector xselector,
-                                 String[] attrs, String attrNames[], String issuerAttributeNames[])
-        throws StoreException
-    {
-        List list = new ArrayList();
-
-        String issuer = null;
-        Collection issuers = new HashSet();
-        if (xselector.getIssuers() != null)
-        {
-            issuers.addAll(xselector.getIssuers());
-        }
-        if (xselector.getCertificateChecking() != null)
-        {
-            issuers.add(getCertificateIssuer(xselector.getCertificateChecking()));
-        }
-        if (xselector.getAttrCertificateChecking() != null)
-        {
-            Principal principals[] = xselector.getAttrCertificateChecking().getIssuer().getPrincipals();
-            for (int i=0; i<principals.length; i++)
-            {
-                if (principals[i] instanceof X500Principal)
-                {
-                    issuers.add(principals[i]);        
-                }
-            }
-        }
-        Iterator it = issuers.iterator();
-        while (it.hasNext())
-        {
-            issuer = ((X500Principal)it.next()).getName("RFC1779");
-            String attrValue = null;
-
-            for (int i = 0; i < issuerAttributeNames.length; i++)
-            {
-                attrValue = parseDN(issuer, issuerAttributeNames[i]);
-                list
-                    .addAll(search(attrNames, "*" + attrValue + "*",
-                        attrs));
-            }
-        }
-        if (issuer == null)
-        {
-            list.addAll(search(attrNames, "*", attrs));
-        }
-
-        return list;
-    }
-
-    /**
-     * Returns a <code>List</code> of encodings of the certificates, attribute
-     * certificates, CRL or certificate pairs.
-     *
-     * @param attributeNames The attribute names to look for in the LDAP.
-     * @param attributeValue The value the attribute name must have.
-     * @param attrs          The attributes in the LDAP which hold the certificate,
-     *                       attribute certificate, certificate pair or CRL in a found
-     *                       entry.
-     * @return A <code>List</code> of byte arrays with the encodings.
-     * @throws StoreException if an error occurs getting the results from the LDAP
-     *                        directory.
-     */
-    private List search(String attributeNames[], String attributeValue,
-                        String[] attrs) throws StoreException
-    {
-        String filter = null;
-        if (attributeNames == null)
-        {
-            filter = null;
-        }
-        else
-        {
-            filter = "";
-            if (attributeValue.equals("**"))
-            {
-                attributeValue = "*";
-            }
-            for (int i = 0; i < attributeNames.length; i++)
-            {
-                filter += "(" + attributeNames[i] + "=" + attributeValue + ")";
-            }
-            filter = "(|" + filter + ")";
-        }
-        String filter2 = "";
-        for (int i = 0; i < attrs.length; i++)
-        {
-            filter2 += "(" + attrs[i] + "=*)";
-        }
-        filter2 = "(|" + filter2 + ")";
-
-        String filter3 = "(&" + filter + "" + filter2 + ")";
-        if (filter == null)
-        {
-            filter3 = filter2;
-        }
-        List list;
-        list = getFromCache(filter3);
-        if (list != null)
-        {
-            return list;
-        }
-        DirContext ctx = null;
-        list = new ArrayList();
-        try
-        {
-
-            ctx = connectLDAP();
-
-            SearchControls constraints = new SearchControls();
-            constraints.setSearchScope(SearchControls.SUBTREE_SCOPE);
-            constraints.setCountLimit(0);
-            constraints.setReturningAttributes(attrs);
-            NamingEnumeration results = ctx.search(params.getBaseDN(), filter3,
-                constraints);
-            while (results.hasMoreElements())
-            {
-                SearchResult sr = (SearchResult)results.next();
-                NamingEnumeration enumeration = ((Attribute)(sr
-                    .getAttributes().getAll().next())).getAll();
-                while (enumeration.hasMore())
-                {
-                    list.add(enumeration.next());
-                }
-            }
-            addToCache(filter3, list);
-        }
-        catch (NamingException e)
-        {
-            // skip exception, unfortunately if an attribute type is not
-            // supported an exception is thrown
-
-        }
-        finally
-        {
-            try
-            {
-                if (null != ctx)
-                {
-                    ctx.close();
-                }
-            }
-            catch (Exception e)
-            {
-            }
-        }
-        return list;
-    }
-
-    private Set createCRLs(List list, X509CRLStoreSelector xselector)
-        throws StoreException
-    {
-        Set crlSet = new HashSet();
-
-        X509CRLParser parser = new X509CRLParser();
-        Iterator it = list.iterator();
-        while (it.hasNext())
-        {
-            try
-            {
-                parser.engineInit(new ByteArrayInputStream((byte[])it
-                    .next()));
-                X509CRL crl = (X509CRL)parser.engineRead();
-                if (xselector.match((Object)crl))
-                {
-                    crlSet.add(crl);
-                }
-            }
-            catch (StreamParsingException e)
-            {
-
-            }
-        }
-
-        return crlSet;
-    }
-
-    private Set createCrossCertificatePairs(List list,
-                                            X509CertPairStoreSelector xselector) throws StoreException
-    {
-        Set certPairSet = new HashSet();
-
-        int i = 0;
-        while (i < list.size())
-        {
-            X509CertificatePair pair;
-            try
-            {
-                // first try to decode it as certificate pair
-                try
-                {
-                    X509CertPairParser parser = new X509CertPairParser();
-                    parser.engineInit(new ByteArrayInputStream(
-                        (byte[])list.get(i)));
-                    pair = (X509CertificatePair)parser.engineRead();
-                }
-                catch (StreamParsingException e)
-                {
-                    // now try it to construct it the forward and reverse
-                    // certificate
-                    byte[] forward = (byte[])list.get(i);
-                    byte[] reverse = (byte[])list.get(i + 1);
-                    pair = new X509CertificatePair(new CertificatePair(
-                        Certificate
-                            .getInstance(new ASN1InputStream(
-                            forward).readObject()),
-                        Certificate
-                            .getInstance(new ASN1InputStream(
-                                reverse).readObject())));
-                    i++;
-                }
-                if (xselector.match((Object)pair))
-                {
-                    certPairSet.add(pair);
-                }
-            }
-            catch (CertificateParsingException e)
-            {
-                // try next
-            }
-            catch (IOException e)
-            {
-                // try next
-            }
-            i++;
-        }
-
-        return certPairSet;
-    }
-
-    private Set createAttributeCertificates(List list,
-                                            X509AttributeCertStoreSelector xselector) throws StoreException
-    {
-        Set certSet = new HashSet();
-
-        Iterator it = list.iterator();
-        X509AttrCertParser parser = new X509AttrCertParser();
-        while (it.hasNext())
-        {
-            try
-            {
-                parser.engineInit(new ByteArrayInputStream((byte[])it
-                    .next()));
-                X509AttributeCertificate cert = (X509AttributeCertificate)parser
-                    .engineRead();
-                if (xselector.match((Object)cert))
-                {
-                    certSet.add(cert);
-                }
-            }
-            catch (StreamParsingException e)
-            {
-
-            }
-        }
-
-        return certSet;
-    }
-
-    /**
-     * Returns the CRLs for issued certificates for other CAs matching the given
-     * selector. <br>
-     * The authorityRevocationList attribute includes revocation information
-     * regarding certificates issued to other CAs.
-     *
-     * @param selector The CRL selector to use to find the CRLs.
-     * @return A possible empty collection with CRLs
-     * @throws StoreException
-     */
-    public Collection getAuthorityRevocationLists(X509CRLStoreSelector selector)
-        throws StoreException
-    {
-        String[] attrs = splitString(params.getAuthorityRevocationListAttribute());
-        String attrNames[] = splitString(params
-            .getLdapAuthorityRevocationListAttributeName());
-        String issuerAttributeNames[] = splitString(params
-            .getAuthorityRevocationListIssuerAttributeName());
-
-        List list = cRLIssuerSearch(selector, attrs, attrNames,
-            issuerAttributeNames);
-        Set resultSet = createCRLs(list, selector);
-        if (resultSet.size() == 0)
-        {
-            X509CRLStoreSelector emptySelector = new X509CRLStoreSelector();
-            list = cRLIssuerSearch(emptySelector, attrs, attrNames,
-                issuerAttributeNames);
-
-            resultSet.addAll(createCRLs(list, selector));
-        }
-        return resultSet;
-    }
-
-    /**
-     * Returns the revocation list for revoked attribute certificates.
-     * <p>
-     * The attributeCertificateRevocationList holds a list of attribute
-     * certificates that have been revoked.
-     * </p>
-     * @param selector The CRL selector to use to find the CRLs.
-     * @return A possible empty collection with CRLs.
-     * @throws StoreException
-     */
-    public Collection getAttributeCertificateRevocationLists(
-        X509CRLStoreSelector selector) throws StoreException
-    {
-        String[] attrs = splitString(params
-            .getAttributeCertificateRevocationListAttribute());
-        String attrNames[] = splitString(params
-            .getLdapAttributeCertificateRevocationListAttributeName());
-        String issuerAttributeNames[] = splitString(params
-            .getAttributeCertificateRevocationListIssuerAttributeName());
-
-        List list = cRLIssuerSearch(selector, attrs, attrNames,
-            issuerAttributeNames);
-        Set resultSet = createCRLs(list, selector);
-        if (resultSet.size() == 0)
-        {
-            X509CRLStoreSelector emptySelector = new X509CRLStoreSelector();
-            list = cRLIssuerSearch(emptySelector, attrs, attrNames,
-                issuerAttributeNames);
-
-            resultSet.addAll(createCRLs(list, selector));
-        }
-        return resultSet;
-    }
-
-    /**
-     * Returns the revocation list for revoked attribute certificates for an
-     * attribute authority
-     * <p>
-     * The attributeAuthorityList holds a list of AA certificates that have been
-     * revoked.
-     * </p>
-     * @param selector The CRL selector to use to find the CRLs.
-     * @return A possible empty collection with CRLs
-     * @throws StoreException
-     */
-    public Collection getAttributeAuthorityRevocationLists(
-        X509CRLStoreSelector selector) throws StoreException
-    {
-        String[] attrs = splitString(params.getAttributeAuthorityRevocationListAttribute());
-        String attrNames[] = splitString(params
-            .getLdapAttributeAuthorityRevocationListAttributeName());
-        String issuerAttributeNames[] = splitString(params
-            .getAttributeAuthorityRevocationListIssuerAttributeName());
-
-        List list = cRLIssuerSearch(selector, attrs, attrNames,
-            issuerAttributeNames);
-        Set resultSet = createCRLs(list, selector);
-        if (resultSet.size() == 0)
-        {
-            X509CRLStoreSelector emptySelector = new X509CRLStoreSelector();
-            list = cRLIssuerSearch(emptySelector, attrs, attrNames,
-                issuerAttributeNames);
-
-            resultSet.addAll(createCRLs(list, selector));
-        }
-        return resultSet;
-    }
-
-    /**
-     * Returns cross certificate pairs.
-     *
-     * @param selector The selector to use to find the cross certificates.
-     * @return A possible empty collection with {@link X509CertificatePair}s
-     * @throws StoreException
-     */
-    public Collection getCrossCertificatePairs(
-        X509CertPairStoreSelector selector) throws StoreException
-    {
-        String[] attrs = splitString(params.getCrossCertificateAttribute());
-        String attrNames[] = splitString(params.getLdapCrossCertificateAttributeName());
-        String subjectAttributeNames[] = splitString(params
-            .getCrossCertificateSubjectAttributeName());
-        List list = crossCertificatePairSubjectSearch(selector, attrs,
-            attrNames, subjectAttributeNames);
-        Set resultSet = createCrossCertificatePairs(list, selector);
-        if (resultSet.size() == 0)
-        {
-            X509CertStoreSelector emptyCertselector = new X509CertStoreSelector();
-            X509CertPairStoreSelector emptySelector = new X509CertPairStoreSelector();
-
-            emptySelector.setForwardSelector(emptyCertselector);
-            emptySelector.setReverseSelector(emptyCertselector);
-            list = crossCertificatePairSubjectSearch(emptySelector, attrs,
-                attrNames, subjectAttributeNames);
-            resultSet.addAll(createCrossCertificatePairs(list, selector));
-        }
-        return resultSet;
-    }
-
-    /**
-     * Returns end certificates.
-     * <p>
-     * The attributeDescriptorCertificate is self signed by a source of
-     * authority and holds a description of the privilege and its delegation
-     * rules.
-     *
-     * @param selector The selector to find the certificates.
-     * @return A possible empty collection with certificates.
-     * @throws StoreException
-     */
-    public Collection getUserCertificates(X509CertStoreSelector selector)
-        throws StoreException
-    {
-        String[] attrs = splitString(params.getUserCertificateAttribute());
-        String attrNames[] = splitString(params.getLdapUserCertificateAttributeName());
-        String subjectAttributeNames[] = splitString(params
-            .getUserCertificateSubjectAttributeName());
-
-        List list = certSubjectSerialSearch(selector, attrs, attrNames,
-            subjectAttributeNames);
-        Set resultSet = createCerts(list, selector);
-        if (resultSet.size() == 0)
-        {
-            X509CertStoreSelector emptySelector = new X509CertStoreSelector();
-            list = certSubjectSerialSearch(emptySelector, attrs, attrNames,
-                subjectAttributeNames);
-            resultSet.addAll(createCerts(list, selector));
-        }
-
-        return resultSet;
-    }
-
-    /**
-     * Returns attribute certificates for an attribute authority
-     * <p>
-     * The aAcertificate holds the privileges of an attribute authority.
-     * </p>
-     * @param selector The selector to find the attribute certificates.
-     * @return A possible empty collection with attribute certificates.
-     * @throws StoreException
-     */
-    public Collection getAACertificates(X509AttributeCertStoreSelector selector)
-        throws StoreException
-    {
-        String[] attrs = splitString(params.getAACertificateAttribute());
-        String attrNames[] = splitString(params.getLdapAACertificateAttributeName());
-        String subjectAttributeNames[] = splitString(params.getAACertificateSubjectAttributeName());
-
-        List list = attrCertSubjectSerialSearch(selector, attrs, attrNames,
-            subjectAttributeNames);
-        Set resultSet = createAttributeCertificates(list, selector);
-        if (resultSet.size() == 0)
-        {
-            X509AttributeCertStoreSelector emptySelector = new X509AttributeCertStoreSelector();
-            list = attrCertSubjectSerialSearch(emptySelector, attrs, attrNames,
-                subjectAttributeNames);
-            resultSet.addAll(createAttributeCertificates(list, selector));
-        }
-
-        return resultSet;
-    }
-
-    /**
-     * Returns an attribute certificate for an authority
-     * <p>
-     * The attributeDescriptorCertificate is self signed by a source of
-     * authority and holds a description of the privilege and its delegation
-     * rules.
-     * </p>
-     * @param selector The selector to find the attribute certificates.
-     * @return A possible empty collection with attribute certificates.
-     * @throws StoreException
-     */
-    public Collection getAttributeDescriptorCertificates(
-        X509AttributeCertStoreSelector selector) throws StoreException
-    {
-        String[] attrs = splitString(params.getAttributeDescriptorCertificateAttribute());
-        String attrNames[] = splitString(params
-            .getLdapAttributeDescriptorCertificateAttributeName());
-        String subjectAttributeNames[] = splitString(params
-            .getAttributeDescriptorCertificateSubjectAttributeName());
-
-        List list = attrCertSubjectSerialSearch(selector, attrs, attrNames,
-            subjectAttributeNames);
-        Set resultSet = createAttributeCertificates(list, selector);
-        if (resultSet.size() == 0)
-        {
-            X509AttributeCertStoreSelector emptySelector = new X509AttributeCertStoreSelector();
-            list = attrCertSubjectSerialSearch(emptySelector, attrs, attrNames,
-                subjectAttributeNames);
-            resultSet.addAll(createAttributeCertificates(list, selector));
-        }
-
-        return resultSet;
-    }
-
-    /**
-     * Returns CA certificates.
-     * <p>
-     * The cACertificate attribute of a CA's directory entry shall be used to
-     * store self-issued certificates (if any) and certificates issued to this
-     * CA by CAs in the same realm as this CA.
-     * </p>
-     * @param selector The selector to find the certificates.
-     * @return A possible empty collection with certificates.
-     * @throws StoreException
-     */
-    public Collection getCACertificates(X509CertStoreSelector selector)
-        throws StoreException
-    {
-        String[] attrs = splitString(params.getCACertificateAttribute());
-        String attrNames[] = splitString(params.getLdapCACertificateAttributeName());
-        String subjectAttributeNames[] = splitString(params
-            .getCACertificateSubjectAttributeName());
-        List list = certSubjectSerialSearch(selector, attrs, attrNames,
-            subjectAttributeNames);
-        Set resultSet = createCerts(list, selector);
-        if (resultSet.size() == 0)
-        {
-            X509CertStoreSelector emptySelector = new X509CertStoreSelector();
-            list = certSubjectSerialSearch(emptySelector, attrs, attrNames,
-                subjectAttributeNames);
-            resultSet.addAll(createCerts(list, selector));
-        }
-        return resultSet;
-    }
-
-    /**
-     * Returns the delta revocation list for revoked certificates.
-     *
-     * @param selector The CRL selector to use to find the CRLs.
-     * @return A possible empty collection with CRLs.
-     * @throws StoreException
-     */
-    public Collection getDeltaCertificateRevocationLists(
-        X509CRLStoreSelector selector) throws StoreException
-    {
-        String[] attrs = splitString(params.getDeltaRevocationListAttribute());
-        String attrNames[] = splitString(params.getLdapDeltaRevocationListAttributeName());
-        String issuerAttributeNames[] = splitString(params
-            .getDeltaRevocationListIssuerAttributeName());
-        List list = cRLIssuerSearch(selector, attrs, attrNames,
-            issuerAttributeNames);
-        Set resultSet = createCRLs(list, selector);
-        if (resultSet.size() == 0)
-        {
-            X509CRLStoreSelector emptySelector = new X509CRLStoreSelector();
-            list = cRLIssuerSearch(emptySelector, attrs, attrNames,
-                issuerAttributeNames);
-
-            resultSet.addAll(createCRLs(list, selector));
-        }
-        return resultSet;
-    }
-
-    /**
-     * Returns an attribute certificate for an user.
-     * <p>
-     * The attributeCertificateAttribute holds the privileges of a user
-     * </p>
-     * @param selector The selector to find the attribute certificates.
-     * @return A possible empty collection with attribute certificates.
-     * @throws StoreException
-     */
-    public Collection getAttributeCertificateAttributes(
-        X509AttributeCertStoreSelector selector) throws StoreException
-    {
-        String[] attrs = splitString(params.getAttributeCertificateAttributeAttribute());
-        String attrNames[] = splitString(params
-            .getLdapAttributeCertificateAttributeAttributeName());
-        String subjectAttributeNames[] = splitString(params
-            .getAttributeCertificateAttributeSubjectAttributeName());
-        List list = attrCertSubjectSerialSearch(selector, attrs, attrNames,
-            subjectAttributeNames);
-        Set resultSet = createAttributeCertificates(list, selector);
-        if (resultSet.size() == 0)
-        {
-            X509AttributeCertStoreSelector emptySelector = new X509AttributeCertStoreSelector();
-            list = attrCertSubjectSerialSearch(emptySelector, attrs, attrNames,
-                subjectAttributeNames);
-            resultSet.addAll(createAttributeCertificates(list, selector));
-        }
-
-        return resultSet;
-    }
-
-    /**
-     * Returns the certificate revocation lists for revoked certificates.
-     *
-     * @param selector The CRL selector to use to find the CRLs.
-     * @return A possible empty collection with CRLs.
-     * @throws StoreException
-     */
-    public Collection getCertificateRevocationLists(
-        X509CRLStoreSelector selector) throws StoreException
-    {
-        String[] attrs = splitString(params.getCertificateRevocationListAttribute());
-        String attrNames[] = splitString(params
-            .getLdapCertificateRevocationListAttributeName());
-        String issuerAttributeNames[] = splitString(params
-            .getCertificateRevocationListIssuerAttributeName());
-        List list = cRLIssuerSearch(selector, attrs, attrNames,
-            issuerAttributeNames);
-        Set resultSet = createCRLs(list, selector);
-        if (resultSet.size() == 0)
-        {
-            X509CRLStoreSelector emptySelector = new X509CRLStoreSelector();
-            list = cRLIssuerSearch(emptySelector, attrs, attrNames,
-                issuerAttributeNames);
-
-            resultSet.addAll(createCRLs(list, selector));
-        }
-        return resultSet;
-    }
-
-    private Map cacheMap = new HashMap(cacheSize);
-
-    private static int cacheSize = 32;
-
-    private static long lifeTime = 60 * 1000;
-
-    private synchronized void addToCache(String searchCriteria, List list)
-    {
-        Date now = new Date(System.currentTimeMillis());
-        List cacheEntry = new ArrayList();
-        cacheEntry.add(now);
-        cacheEntry.add(list);
-        if (cacheMap.containsKey(searchCriteria))
-        {
-            cacheMap.put(searchCriteria, cacheEntry);
-        }
-        else
-        {
-            if (cacheMap.size() >= cacheSize)
-            {
-                // replace oldest
-                Iterator it = cacheMap.entrySet().iterator();
-                long oldest = now.getTime();
-                Object replace = null;
-                while (it.hasNext())
-                {
-                    Map.Entry entry = (Map.Entry)it.next();
-                    long current = ((Date)((List)entry.getValue()).get(0))
-                        .getTime();
-                    if (current < oldest)
-                    {
-                        oldest = current;
-                        replace = entry.getKey();
-                    }
-                }
-                cacheMap.remove(replace);
-            }
-            cacheMap.put(searchCriteria, cacheEntry);
-        }
-    }
-
-    private List getFromCache(String searchCriteria)
-    {
-        List entry = (List)cacheMap.get(searchCriteria);
-        long now = System.currentTimeMillis();
-        if (entry != null)
-        {
-            // too old
-            if (((Date)entry.get(0)).getTime() < (now - lifeTime))
-            {
-                return null;
-            }
-            return (List)entry.get(1);
-        }
-        return null;
-    }
-
-    /*
-     * spilt string based on spaces
-     */
-    private String[] splitString(String str)
-    {
-        return str.split("\\s+");
-    }
-
-    private String getSubjectAsString(X509CertStoreSelector xselector)
-    {
-        try
-        {
-            byte[] encSubject = xselector.getSubjectAsBytes();
-            if (encSubject != null)
-            {
-                return new X500Principal(encSubject).getName("RFC1779");
-            }
-        }
-        catch (IOException e)
-        {
-            throw new StoreException("exception processing name: " + e.getMessage(), e);
-        }
-        return null;
-    }
-
-    private X500Principal getCertificateIssuer(X509Certificate cert)
-    {
-        return cert.getIssuerX500Principal();
-    }
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/x509/util/StreamParser.java b/bcprov/src/main/java/org/bouncycastle/x509/util/StreamParser.java
deleted file mode 100644
index 2604894..0000000
--- a/bcprov/src/main/java/org/bouncycastle/x509/util/StreamParser.java
+++ /dev/null

@@ -1,10 +0,0 @@
-package org.bouncycastle.x509.util;
-
-import java.util.Collection;
-
-public interface StreamParser
-{
-    Object read() throws StreamParsingException;
-
-    Collection readAll() throws StreamParsingException;
-}

diff --git a/bcprov/src/main/java/org/bouncycastle/x509/util/StreamParsingException.java b/bcprov/src/main/java/org/bouncycastle/x509/util/StreamParsingException.java
deleted file mode 100644
index 8f69ff6..0000000
--- a/bcprov/src/main/java/org/bouncycastle/x509/util/StreamParsingException.java
+++ /dev/null

@@ -1,18 +0,0 @@
-package org.bouncycastle.x509.util;
-
-public class StreamParsingException 
-    extends Exception
-{
-    Throwable _e;
-
-    public StreamParsingException(String message, Throwable e)
-    {
-        super(message);
-        _e = e;
-    }
-
-    public Throwable getCause()
-    {
-        return _e;
-    }
-}

diff --git a/bouncycastle.config b/bouncycastle.config
deleted file mode 100644
index 12ccaaa..0000000
--- a/bouncycastle.config
+++ /dev/null

@@ -1,691 +0,0 @@
-# directories
-UNNEEDED_BCPROV_SOURCES=" \
-org/bouncycastle/asn1/bsi \
-org/bouncycastle/asn1/cmp \
-org/bouncycastle/asn1/cms/ecc \
-org/bouncycastle/asn1/crmf \
-org/bouncycastle/asn1/cryptopro \
-org/bouncycastle/asn1/dvcs \
-org/bouncycastle/asn1/esf \
-org/bouncycastle/asn1/ess \
-org/bouncycastle/asn1/gnu \
-org/bouncycastle/asn1/icao \
-org/bouncycastle/asn1/microsoft \
-org/bouncycastle/asn1/mozilla \
-org/bouncycastle/asn1/ocsp \
-org/bouncycastle/asn1/smime \
-org/bouncycastle/asn1/test \
-org/bouncycastle/asn1/tsp \
-org/bouncycastle/asn1/ua \
-org/bouncycastle/asn1/x509/qualified \
-org/bouncycastle/asn1/x509/sigi \
-org/bouncycastle/crypto/agreement/jpake \
-org/bouncycastle/crypto/agreement/kdf \
-org/bouncycastle/crypto/agreement/srp \
-org/bouncycastle/crypto/agreement/test \
-org/bouncycastle/crypto/commitments \
-org/bouncycastle/crypto/ec/test \
-org/bouncycastle/crypto/examples \
-org/bouncycastle/crypto/kems \
-org/bouncycastle/crypto/parsers \
-org/bouncycastle/crypto/prng \
-org/bouncycastle/crypto/test/ \
-org/bouncycastle/crypto/tls/ \
-org/bouncycastle/i18n/ \
-org/bouncycastle/jcajce/io \
-org/bouncycastle/jcajce/provider/asymmetric/dstu \
-org/bouncycastle/jcajce/provider/asymmetric/ecgost \
-org/bouncycastle/jcajce/provider/asymmetric/elgamal \
-org/bouncycastle/jcajce/provider/asymmetric/gost \
-org/bouncycastle/jcajce/provider/asymmetric/ies \
-org/bouncycastle/jce/examples \
-org/bouncycastle/jce/provider/test \
-org/bouncycastle/math/ec/custom/djb \
-org/bouncycastle/math/ec/tools \
-org/bouncycastle/ocsp \
-org/bouncycastle/pqc \
-org/bouncycastle/util/test \
-org/bouncycastle/x509/examples \
-"
-
-# files
-UNNEEDED_BCPROV_SOURCES+=" \
-org/bouncycastle/LICENSE.java \
-org/bouncycastle/asn1/BERSequenceGenerator.java \
-org/bouncycastle/asn1/DERGenerator.java \
-org/bouncycastle/asn1/DERSequenceGenerator.java \
-org/bouncycastle/asn1/DERT61UTF8String.java \
-org/bouncycastle/asn1/cms/AuthEnvelopedData.java \
-org/bouncycastle/asn1/cms/AuthEnvelopedDataParser.java \
-org/bouncycastle/asn1/cms/AuthenticatedData.java \
-org/bouncycastle/asn1/cms/AuthenticatedDataParser.java \
-org/bouncycastle/asn1/cms/CCMParameters.java \
-org/bouncycastle/asn1/cms/CompressedData.java \
-org/bouncycastle/asn1/cms/CompressedDataParser.java \
-org/bouncycastle/asn1/cms/ContentInfoParser.java \
-org/bouncycastle/asn1/cms/DigestedData.java \
-org/bouncycastle/asn1/cms/EncryptedContentInfo.java \
-org/bouncycastle/asn1/cms/EncryptedContentInfoParser.java \
-org/bouncycastle/asn1/cms/EncryptedData.java \
-org/bouncycastle/asn1/cms/EnvelopedData.java \
-org/bouncycastle/asn1/cms/EnvelopedDataParser.java \
-org/bouncycastle/asn1/cms/Evidence.java \
-org/bouncycastle/asn1/cms/KEKIdentifier.java \
-org/bouncycastle/asn1/cms/KEKRecipientInfo.java \
-org/bouncycastle/asn1/cms/KeyAgreeRecipientIdentifier.java \
-org/bouncycastle/asn1/cms/KeyAgreeRecipientInfo.java \
-org/bouncycastle/asn1/cms/KeyTransRecipientInfo.java \
-org/bouncycastle/asn1/cms/MetaData.java \
-org/bouncycastle/asn1/cms/OriginatorIdentifierOrKey.java \
-org/bouncycastle/asn1/cms/OriginatorInfo.java \
-org/bouncycastle/asn1/cms/OriginatorPublicKey.java \
-org/bouncycastle/asn1/cms/OtherKeyAttribute.java \
-org/bouncycastle/asn1/cms/OtherRecipientInfo.java \
-org/bouncycastle/asn1/cms/OtherRevocationInfoFormat.java \
-org/bouncycastle/asn1/cms/PasswordRecipientInfo.java \
-org/bouncycastle/asn1/cms/RecipientEncryptedKey.java \
-org/bouncycastle/asn1/cms/RecipientIdentifier.java \
-org/bouncycastle/asn1/cms/RecipientInfo.java \
-org/bouncycastle/asn1/cms/RecipientKeyIdentifier.java \
-org/bouncycastle/asn1/cms/SCVPReqRes.java \
-org/bouncycastle/asn1/cms/SignedDataParser.java \
-org/bouncycastle/asn1/cms/TimeStampAndCRL.java \
-org/bouncycastle/asn1/cms/TimeStampTokenEvidence.java \
-org/bouncycastle/asn1/cms/TimeStampedData.java \
-org/bouncycastle/asn1/cms/TimeStampedDataParser.java \
-org/bouncycastle/asn1/eac/BidirectionalMap.java \
-org/bouncycastle/asn1/eac/CVCertificate.java \
-org/bouncycastle/asn1/eac/CVCertificateRequest.java \
-org/bouncycastle/asn1/eac/CertificateBody.java \
-org/bouncycastle/asn1/eac/CertificateHolderAuthorization.java \
-org/bouncycastle/asn1/eac/CertificateHolderReference.java \
-org/bouncycastle/asn1/eac/CertificationAuthorityReference.java \
-org/bouncycastle/asn1/eac/EACTags.java \
-org/bouncycastle/asn1/eac/ECDSAPublicKey.java \
-org/bouncycastle/asn1/eac/Flags.java \
-org/bouncycastle/asn1/eac/PackedDate.java \
-org/bouncycastle/asn1/eac/PublicKeyDataObject.java \
-org/bouncycastle/asn1/eac/RSAPublicKey.java \
-org/bouncycastle/asn1/eac/UnsignedInteger.java \
-org/bouncycastle/asn1/isismtt/ocsp/CertHash.java \
-org/bouncycastle/asn1/isismtt/ocsp/RequestedCertificate.java \
-org/bouncycastle/asn1/isismtt/x509/AdditionalInformationSyntax.java \
-org/bouncycastle/asn1/isismtt/x509/AdmissionSyntax.java \
-org/bouncycastle/asn1/isismtt/x509/Admissions.java \
-org/bouncycastle/asn1/isismtt/x509/DeclarationOfMajority.java \
-org/bouncycastle/asn1/isismtt/x509/MonetaryLimit.java \
-org/bouncycastle/asn1/isismtt/x509/NamingAuthority.java \
-org/bouncycastle/asn1/isismtt/x509/ProcurationSyntax.java \
-org/bouncycastle/asn1/isismtt/x509/ProfessionInfo.java \
-org/bouncycastle/asn1/isismtt/x509/Restriction.java \
-org/bouncycastle/asn1/misc/CAST5CBCParameters.java \
-org/bouncycastle/asn1/misc/IDEACBCPar.java \
-org/bouncycastle/asn1/oiw/ElGamalParameter.java \
-org/bouncycastle/asn1/pkcs/Attribute.java \
-org/bouncycastle/asn1/pkcs/RC2CBCParameter.java \
-org/bouncycastle/asn1/pkcs/SignerInfo.java \
-org/bouncycastle/asn1/teletrust/TeleTrusTNamedCurves.java \
-org/bouncycastle/asn1/util/DERDump.java \
-org/bouncycastle/asn1/util/Dump.java \
-org/bouncycastle/asn1/x509/AccessDescription.java \
-org/bouncycastle/asn1/x509/AuthorityInformationAccess.java \
-org/bouncycastle/asn1/x509/CertPolicyId.java \
-org/bouncycastle/asn1/x509/CertificatePair.java \
-org/bouncycastle/asn1/x509/CertificatePolicies.java \
-org/bouncycastle/asn1/x509/DisplayText.java \
-org/bouncycastle/asn1/x509/GeneralNamesBuilder.java \
-org/bouncycastle/asn1/x509/IetfAttrSyntax.java \
-org/bouncycastle/asn1/x509/NoticeReference.java \
-org/bouncycastle/asn1/x509/PolicyMappings.java \
-org/bouncycastle/asn1/x509/PolicyQualifierId.java \
-org/bouncycastle/asn1/x509/PolicyQualifierInfo.java \
-org/bouncycastle/asn1/x509/PrivateKeyUsagePeriod.java \
-org/bouncycastle/asn1/x509/RoleSyntax.java \
-org/bouncycastle/asn1/x509/SubjectDirectoryAttributes.java \
-org/bouncycastle/asn1/x509/Target.java \
-org/bouncycastle/asn1/x509/TargetInformation.java \
-org/bouncycastle/asn1/x509/Targets.java \
-org/bouncycastle/asn1/x509/UserNotice.java \
-org/bouncycastle/asn1/x509/V2AttributeCertificateInfoGenerator.java \
-org/bouncycastle/asn1/x509/V2TBSCertListGenerator.java \
-org/bouncycastle/asn1/x509/X509AttributeIdentifiers.java \
-org/bouncycastle/asn1/x9/KeySpecificInfo.java \
-org/bouncycastle/asn1/x9/OtherInfo.java \
-org/bouncycastle/crypto/BufferedAsymmetricBlockCipher.java \
-org/bouncycastle/crypto/Commitment.java \
-org/bouncycastle/crypto/Committer.java \
-org/bouncycastle/crypto/DigestDerivationFunction.java \
-org/bouncycastle/crypto/EphemeralKeyPair.java \
-org/bouncycastle/crypto/KeyEncapsulation.java \
-org/bouncycastle/crypto/KeyEncoder.java \
-org/bouncycastle/crypto/KeyParser.java \
-org/bouncycastle/crypto/MacDerivationFunction.java \
-org/bouncycastle/crypto/MaxBytesExceededException.java \
-org/bouncycastle/crypto/agreement/DHAgreement.java \
-org/bouncycastle/crypto/agreement/DHStandardGroups.java \
-org/bouncycastle/crypto/agreement/ECDHCBasicAgreement.java \
-org/bouncycastle/crypto/agreement/ECMQVBasicAgreement.java \
-org/bouncycastle/crypto/generators/BCrypt.java \
-org/bouncycastle/crypto/generators/OpenBSDBCrypt.java \
-org/bouncycastle/crypto/digests/GOST3411Digest.java \
-org/bouncycastle/crypto/digests/MD2Digest.java \
-org/bouncycastle/crypto/digests/MD4Digest.java \
-org/bouncycastle/crypto/digests/NonMemoableDigest.java \
-org/bouncycastle/crypto/digests/RIPEMD128Digest.java \
-org/bouncycastle/crypto/digests/RIPEMD160Digest.java \
-org/bouncycastle/crypto/digests/RIPEMD256Digest.java \
-org/bouncycastle/crypto/digests/RIPEMD320Digest.java \
-org/bouncycastle/crypto/digests/SHA3Digest.java \
-org/bouncycastle/crypto/digests/SHA512tDigest.java \
-org/bouncycastle/crypto/digests/SM3Digest.java \
-org/bouncycastle/crypto/digests/ShortenedDigest.java \
-org/bouncycastle/crypto/digests/SkeinDigest.java \
-org/bouncycastle/crypto/digests/SkeinEngine.java \
-org/bouncycastle/crypto/digests/TigerDigest.java \
-org/bouncycastle/crypto/digests/WhirlpoolDigest.java \
-org/bouncycastle/crypto/ec/ECDecryptor.java \
-org/bouncycastle/crypto/ec/ECElGamalDecryptor.java \
-org/bouncycastle/crypto/ec/ECElGamalEncryptor.java \
-org/bouncycastle/crypto/ec/ECEncryptor.java \
-org/bouncycastle/crypto/ec/ECFixedTransform.java \
-org/bouncycastle/crypto/ec/ECNewPublicKeyTransform.java \
-org/bouncycastle/crypto/ec/ECNewRandomnessTransform.java \
-org/bouncycastle/crypto/ec/ECPair.java \
-org/bouncycastle/crypto/ec/ECPairFactorTransform.java \
-org/bouncycastle/crypto/ec/ECPairTransform.java \
-org/bouncycastle/crypto/ec/ECUtil.java \
-org/bouncycastle/crypto/encodings/ISO9796d1Encoding.java \
-org/bouncycastle/crypto/engines/AESLightEngine.java \
-org/bouncycastle/crypto/engines/AESWrapPadEngine.java \
-org/bouncycastle/crypto/engines/CAST5Engine.java \
-org/bouncycastle/crypto/engines/CAST6Engine.java \
-org/bouncycastle/crypto/engines/CamelliaEngine.java \
-org/bouncycastle/crypto/engines/CamelliaLightEngine.java \
-org/bouncycastle/crypto/engines/CamelliaWrapEngine.java \
-org/bouncycastle/crypto/engines/ChaChaEngine.java \
-org/bouncycastle/crypto/engines/CramerShoupCiphertext.java \
-org/bouncycastle/crypto/engines/CramerShoupCoreEngine.java \
-org/bouncycastle/crypto/engines/ElGamalEngine.java \
-org/bouncycastle/crypto/engines/GOST28147Engine.java \
-org/bouncycastle/crypto/engines/Grain128Engine.java \
-org/bouncycastle/crypto/engines/Grainv1Engine.java \
-org/bouncycastle/crypto/engines/HC128Engine.java \
-org/bouncycastle/crypto/engines/HC256Engine.java \
-org/bouncycastle/crypto/engines/IDEAEngine.java \
-org/bouncycastle/crypto/engines/IESEngine.java \
-org/bouncycastle/crypto/engines/ISAACEngine.java \
-org/bouncycastle/crypto/engines/NaccacheSternEngine.java \
-org/bouncycastle/crypto/engines/NoekeonEngine.java \
-org/bouncycastle/crypto/engines/NullEngine.java \
-org/bouncycastle/crypto/engines/RC2WrapEngine.java \
-org/bouncycastle/crypto/engines/RC532Engine.java \
-org/bouncycastle/crypto/engines/RC564Engine.java \
-org/bouncycastle/crypto/engines/RC6Engine.java \
-org/bouncycastle/crypto/engines/RFC3211WrapEngine.java \
-org/bouncycastle/crypto/engines/RFC5649WrapEngine.java \
-org/bouncycastle/crypto/engines/RSABlindingEngine.java \
-org/bouncycastle/crypto/engines/RSAEngine.java \
-org/bouncycastle/crypto/engines/RijndaelEngine.java \
-org/bouncycastle/crypto/engines/SEEDEngine.java \
-org/bouncycastle/crypto/engines/SEEDWrapEngine.java \
-org/bouncycastle/crypto/engines/Salsa20Engine.java \
-org/bouncycastle/crypto/engines/SerpentEngine.java \
-org/bouncycastle/crypto/engines/Shacal2Engine.java \
-org/bouncycastle/crypto/engines/SkipjackEngine.java \
-org/bouncycastle/crypto/engines/TEAEngine.java \
-org/bouncycastle/crypto/engines/ThreefishEngine.java \
-org/bouncycastle/crypto/engines/VMPCEngine.java \
-org/bouncycastle/crypto/engines/VMPCKSA3Engine.java \
-org/bouncycastle/crypto/engines/XSalsa20Engine.java \
-org/bouncycastle/crypto/engines/XTEAEngine.java \
-org/bouncycastle/crypto/generators/BaseKDFBytesGenerator.java \
-org/bouncycastle/crypto/generators/CramerShoupKeyPairGenerator.java \
-org/bouncycastle/crypto/generators/CramerShoupParametersGenerator.java \
-org/bouncycastle/crypto/generators/DHKeyPairGenerator.java \
-org/bouncycastle/crypto/generators/DSTU4145KeyPairGenerator.java \
-org/bouncycastle/crypto/generators/ElGamalKeyPairGenerator.java \
-org/bouncycastle/crypto/generators/ElGamalParametersGenerator.java \
-org/bouncycastle/crypto/generators/EphemeralKeyPairGenerator.java \
-org/bouncycastle/crypto/generators/GOST3410KeyPairGenerator.java \
-org/bouncycastle/crypto/generators/GOST3410ParametersGenerator.java \
-org/bouncycastle/crypto/generators/HKDFBytesGenerator.java \
-org/bouncycastle/crypto/generators/KDF1BytesGenerator.java \
-org/bouncycastle/crypto/generators/KDF2BytesGenerator.java \
-org/bouncycastle/crypto/generators/KDFCounterBytesGenerator.java \
-org/bouncycastle/crypto/generators/KDFDoublePipelineIterationBytesGenerator.java \
-org/bouncycastle/crypto/generators/KDFFeedbackBytesGenerator.java \
-org/bouncycastle/crypto/generators/MGF1BytesGenerator.java \
-org/bouncycastle/crypto/generators/NaccacheSternKeyPairGenerator.java \
-org/bouncycastle/crypto/generators/Poly1305KeyGenerator.java \
-org/bouncycastle/crypto/generators/RSABlindingFactorGenerator.java \
-org/bouncycastle/crypto/generators/SCrypt.java \
-org/bouncycastle/crypto/io/CipherIOException.java \
-org/bouncycastle/crypto/io/CipherInputStream.java \
-org/bouncycastle/crypto/io/CipherOutputStream.java \
-org/bouncycastle/crypto/io/InvalidCipherTextIOException.java \
-org/bouncycastle/crypto/io/SignerInputStream.java \
-org/bouncycastle/crypto/io/SignerOutputStream.java \
-org/bouncycastle/crypto/macs/BlockCipherMac.java \
-org/bouncycastle/crypto/macs/CFBBlockCipherMac.java \
-org/bouncycastle/crypto/macs/CMac.java \
-org/bouncycastle/crypto/macs/CMacWithIV.java \
-org/bouncycastle/crypto/macs/GMac.java \
-org/bouncycastle/crypto/macs/GOST28147Mac.java \
-org/bouncycastle/crypto/macs/ISO9797Alg3Mac.java \
-org/bouncycastle/crypto/macs/OldHMac.java \
-org/bouncycastle/crypto/macs/Poly1305.java \
-org/bouncycastle/crypto/macs/SipHash.java \
-org/bouncycastle/crypto/macs/SkeinMac.java \
-org/bouncycastle/crypto/macs/VMPCMac.java \
-org/bouncycastle/crypto/modes/EAXBlockCipher.java \
-org/bouncycastle/crypto/modes/GCFBBlockCipher.java \
-org/bouncycastle/crypto/modes/GOFBBlockCipher.java \
-org/bouncycastle/crypto/modes/OCBBlockCipher.java \
-org/bouncycastle/crypto/modes/OldCTSBlockCipher.java \
-org/bouncycastle/crypto/modes/OpenPGPCFBBlockCipher.java \
-org/bouncycastle/crypto/modes/NISTCTSBlockCipher.java \
-org/bouncycastle/crypto/modes/PGPCFBBlockCipher.java \
-org/bouncycastle/crypto/modes/PaddedBlockCipher.java \
-org/bouncycastle/crypto/modes/gcm/BasicGCMExponentiator.java \
-org/bouncycastle/crypto/modes/gcm/BasicGCMMultiplier.java \
-org/bouncycastle/crypto/modes/gcm/Tables64kGCMMultiplier.java \
-org/bouncycastle/crypto/params/CCMParameters.java \
-org/bouncycastle/crypto/params/CramerShoupKeyGenerationParameters.java \
-org/bouncycastle/crypto/params/CramerShoupKeyParameters.java \
-org/bouncycastle/crypto/params/CramerShoupParameters.java \
-org/bouncycastle/crypto/params/CramerShoupPrivateKeyParameters.java \
-org/bouncycastle/crypto/params/CramerShoupPublicKeyParameters.java \
-org/bouncycastle/crypto/params/ElGamalKeyGenerationParameters.java \
-org/bouncycastle/crypto/params/ElGamalKeyParameters.java \
-org/bouncycastle/crypto/params/ElGamalParameters.java \
-org/bouncycastle/crypto/params/ElGamalPrivateKeyParameters.java \
-org/bouncycastle/crypto/params/ElGamalPublicKeyParameters.java \
-org/bouncycastle/crypto/params/GOST3410KeyGenerationParameters.java \
-org/bouncycastle/crypto/params/GOST3410KeyParameters.java \
-org/bouncycastle/crypto/params/GOST3410Parameters.java \
-org/bouncycastle/crypto/params/GOST3410PrivateKeyParameters.java \
-org/bouncycastle/crypto/params/GOST3410PublicKeyParameters.java \
-org/bouncycastle/crypto/params/GOST3410ValidationParameters.java \
-org/bouncycastle/crypto/params/HKDFParameters.java \
-org/bouncycastle/crypto/params/IESParameters.java \
-org/bouncycastle/crypto/params/IESWithCipherParameters.java \
-org/bouncycastle/crypto/params/ISO18033KDFParameters.java \
-org/bouncycastle/crypto/params/KDFCounterParameters.java \
-org/bouncycastle/crypto/params/KDFDoublePipelineIterationParameters.java \
-org/bouncycastle/crypto/params/KDFFeedbackParameters.java \
-org/bouncycastle/crypto/params/KDFParameters.java \
-org/bouncycastle/crypto/params/MGFParameters.java \
-org/bouncycastle/crypto/params/MQVPrivateParameters.java \
-org/bouncycastle/crypto/params/MQVPublicParameters.java \
-org/bouncycastle/crypto/params/NaccacheSternKeyGenerationParameters.java \
-org/bouncycastle/crypto/params/NaccacheSternKeyParameters.java \
-org/bouncycastle/crypto/params/NaccacheSternPrivateKeyParameters.java \
-org/bouncycastle/crypto/params/ParametersWithSBox.java \
-org/bouncycastle/crypto/params/ParametersWithSalt.java \
-org/bouncycastle/crypto/params/RC5Parameters.java \
-org/bouncycastle/crypto/params/RSABlindingParameters.java \
-org/bouncycastle/crypto/params/SRP6GroupParameters.java \
-org/bouncycastle/crypto/params/SkeinParameters.java \
-org/bouncycastle/crypto/params/TweakableBlockCipherParameters.java \
-org/bouncycastle/crypto/signers/DSADigestSigner.java \
-org/bouncycastle/crypto/signers/DSTU4145Signer.java \
-org/bouncycastle/crypto/signers/ECGOST3410Signer.java \
-org/bouncycastle/crypto/signers/ECNRSigner.java \
-org/bouncycastle/crypto/signers/GOST3410Signer.java \
-org/bouncycastle/crypto/signers/GenericSigner.java \
-org/bouncycastle/crypto/signers/HMacDSAKCalculator.java \
-org/bouncycastle/crypto/signers/ISO9796d2PSSSigner.java \
-org/bouncycastle/crypto/signers/ISO9796d2Signer.java \
-org/bouncycastle/crypto/signers/PSSSigner.java \
-org/bouncycastle/crypto/signers/X931Signer.java \
-org/bouncycastle/crypto/util/PrivateKeyInfoFactory.java \
-org/bouncycastle/crypto/util/SubjectPublicKeyInfoFactory.java \
-org/bouncycastle/jcajce/PKCS12Key.java \
-org/bouncycastle/jcajce/PKCS12KeyWithParameters.java \
-org/bouncycastle/jcajce/provider/asymmetric/DSTU4145.java \
-org/bouncycastle/jcajce/provider/asymmetric/ECGOST.java \
-org/bouncycastle/jcajce/provider/asymmetric/ElGamal.java \
-org/bouncycastle/jcajce/provider/asymmetric/GOST.java \
-org/bouncycastle/jcajce/provider/asymmetric/IES.java \
-org/bouncycastle/jcajce/provider/asymmetric/dh/IESCipher.java \
-org/bouncycastle/jcajce/provider/asymmetric/ec/IESCipher.java \
-org/bouncycastle/jcajce/provider/asymmetric/rsa/ISOSignatureSpi.java \
-org/bouncycastle/jcajce/provider/asymmetric/rsa/PSSSignatureSpi.java \
-org/bouncycastle/jcajce/provider/asymmetric/rsa/X931SignatureSpi.java \
-org/bouncycastle/jcajce/provider/asymmetric/util/GOST3410Util.java \
-org/bouncycastle/jcajce/provider/asymmetric/util/IESUtil.java \
-org/bouncycastle/jcajce/provider/digest/GOST3411.java \
-org/bouncycastle/jcajce/provider/digest/MD2.java \
-org/bouncycastle/jcajce/provider/digest/MD4.java \
-org/bouncycastle/jcajce/provider/digest/RIPEMD128.java \
-org/bouncycastle/jcajce/provider/digest/RIPEMD160.java \
-org/bouncycastle/jcajce/provider/digest/RIPEMD256.java \
-org/bouncycastle/jcajce/provider/digest/RIPEMD320.java \
-org/bouncycastle/jcajce/provider/digest/SHA3.java \
-org/bouncycastle/jcajce/provider/digest/SM3.java \
-org/bouncycastle/jcajce/provider/digest/Skein.java \
-org/bouncycastle/jcajce/provider/digest/Tiger.java \
-org/bouncycastle/jcajce/provider/digest/Whirlpool.java \
-org/bouncycastle/jcajce/provider/symmetric/CAST5.java \
-org/bouncycastle/jcajce/provider/symmetric/CAST6.java \
-org/bouncycastle/jcajce/provider/symmetric/Camellia.java \
-org/bouncycastle/jcajce/provider/symmetric/ChaCha.java \
-org/bouncycastle/jcajce/provider/symmetric/GOST28147.java \
-org/bouncycastle/jcajce/provider/symmetric/Grain128.java \
-org/bouncycastle/jcajce/provider/symmetric/Grainv1.java \
-org/bouncycastle/jcajce/provider/symmetric/HC128.java \
-org/bouncycastle/jcajce/provider/symmetric/HC256.java \
-org/bouncycastle/jcajce/provider/symmetric/IDEA.java \
-org/bouncycastle/jcajce/provider/symmetric/Noekeon.java \
-org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java \
-org/bouncycastle/jcajce/provider/symmetric/RC5.java \
-org/bouncycastle/jcajce/provider/symmetric/RC6.java \
-org/bouncycastle/jcajce/provider/symmetric/Rijndael.java \
-org/bouncycastle/jcajce/provider/symmetric/SEED.java \
-org/bouncycastle/jcajce/provider/symmetric/Salsa20.java \
-org/bouncycastle/jcajce/provider/symmetric/Serpent.java \
-org/bouncycastle/jcajce/provider/symmetric/Shacal2.java \
-org/bouncycastle/jcajce/provider/symmetric/SipHash.java \
-org/bouncycastle/jcajce/provider/symmetric/Skipjack.java \
-org/bouncycastle/jcajce/provider/symmetric/TEA.java \
-org/bouncycastle/jcajce/provider/symmetric/Threefish.java \
-org/bouncycastle/jcajce/provider/symmetric/VMPC.java \
-org/bouncycastle/jcajce/provider/symmetric/VMPCKSA3.java \
-org/bouncycastle/jcajce/provider/symmetric/XSalsa20.java \
-org/bouncycastle/jcajce/provider/symmetric/XTEA.java \
-org/bouncycastle/jcajce/spec/GOST28147ParameterSpec.java \
-org/bouncycastle/jcajce/spec/RepeatedSecretKeySpec.java \
-org/bouncycastle/jcajce/spec/SkeinParameterSpec.java \
-org/bouncycastle/jce/ECGOST3410NamedCurveTable.java \
-org/bouncycastle/jce/ECKeyUtil.java \
-org/bouncycastle/jce/ECPointUtil.java \
-org/bouncycastle/jce/MultiCertStoreParameters.java \
-org/bouncycastle/jce/PKCS12Util.java \
-org/bouncycastle/jce/X509KeyUsage.java \
-org/bouncycastle/jce/X509LDAPCertStoreParameters.java \
-org/bouncycastle/jce/exception/ExtCertificateEncodingException.java \
-org/bouncycastle/jce/exception/ExtIOException.java \
-org/bouncycastle/jce/interfaces/ElGamalKey.java \
-org/bouncycastle/jce/interfaces/ElGamalPrivateKey.java \
-org/bouncycastle/jce/interfaces/ElGamalPublicKey.java \
-org/bouncycastle/jce/interfaces/GOST3410Key.java \
-org/bouncycastle/jce/interfaces/GOST3410Params.java \
-org/bouncycastle/jce/interfaces/GOST3410PrivateKey.java \
-org/bouncycastle/jce/interfaces/GOST3410PublicKey.java \
-org/bouncycastle/jce/interfaces/IESKey.java \
-org/bouncycastle/jce/interfaces/MQVPrivateKey.java \
-org/bouncycastle/jce/interfaces/MQVPublicKey.java \
-org/bouncycastle/jce/provider/BrokenJCEBlockCipher.java \
-org/bouncycastle/jce/provider/BrokenKDF2BytesGenerator.java \
-org/bouncycastle/jce/provider/BrokenPBE.java \
-org/bouncycastle/jce/provider/JCEElGamalPrivateKey.java \
-org/bouncycastle/jce/provider/JCEElGamalPublicKey.java \
-org/bouncycastle/jce/provider/MultiCertStoreSpi.java \
-org/bouncycastle/jce/provider/PKIXAttrCertPathBuilderSpi.java \
-org/bouncycastle/jce/provider/PKIXAttrCertPathValidatorSpi.java \
-org/bouncycastle/jce/provider/RFC3281CertPathUtilities.java \
-org/bouncycastle/jce/provider/X509AttrCertParser.java \
-org/bouncycastle/jce/provider/X509CRLParser.java \
-org/bouncycastle/jce/provider/X509CertPairParser.java \
-org/bouncycastle/jce/provider/X509CertParser.java \
-org/bouncycastle/jce/provider/X509LDAPCertStoreSpi.java \
-org/bouncycastle/jce/provider/X509StoreAttrCertCollection.java \
-org/bouncycastle/jce/provider/X509StoreCRLCollection.java \
-org/bouncycastle/jce/provider/X509StoreCertCollection.java \
-org/bouncycastle/jce/provider/X509StoreCertPairCollection.java \
-org/bouncycastle/jce/provider/X509StoreLDAPAttrCerts.java \
-org/bouncycastle/jce/provider/X509StoreLDAPCRLs.java \
-org/bouncycastle/jce/provider/X509StoreLDAPCertPairs.java \
-org/bouncycastle/jce/provider/X509StoreLDAPCerts.java \
-org/bouncycastle/jce/spec/ElGamalGenParameterSpec.java \
-org/bouncycastle/jce/spec/ElGamalKeySpec.java \
-org/bouncycastle/jce/spec/ElGamalParameterSpec.java \
-org/bouncycastle/jce/spec/ElGamalPrivateKeySpec.java \
-org/bouncycastle/jce/spec/ElGamalPublicKeySpec.java \
-org/bouncycastle/jce/spec/GOST28147ParameterSpec.java \
-org/bouncycastle/jce/spec/GOST3410ParameterSpec.java \
-org/bouncycastle/jce/spec/GOST3410PrivateKeySpec.java \
-org/bouncycastle/jce/spec/GOST3410PublicKeyParameterSetSpec.java \
-org/bouncycastle/jce/spec/GOST3410PublicKeySpec.java \
-org/bouncycastle/jce/spec/IEKeySpec.java \
-org/bouncycastle/jce/spec/IESParameterSpec.java \
-org/bouncycastle/jce/spec/MQVPrivateKeySpec.java \
-org/bouncycastle/jce/spec/MQVPublicKeySpec.java \
-org/bouncycastle/jce/spec/RepeatedSecretKeySpec.java \
-org/bouncycastle/math/ec/DoubleAddMultiplier.java \
-org/bouncycastle/math/ec/MixedNafR2LMultiplier.java \
-org/bouncycastle/math/ec/MontgomeryLadderMultiplier.java \
-org/bouncycastle/math/ec/NafL2RMultiplier.java \
-org/bouncycastle/math/ec/NafR2LMultiplier.java \
-org/bouncycastle/math/ec/ReferenceMultiplier.java \
-org/bouncycastle/math/ec/ScaleYPointMap.java \
-org/bouncycastle/math/ec/ZSignedDigitL2RMultiplier.java \
-org/bouncycastle/math/ec/ZSignedDigitR2LMultiplier.java \
-org/bouncycastle/math/raw/Mont256.java \
-org/bouncycastle/util/MemoableResetException.java \
-org/bouncycastle/util/Shorts.java \
-org/bouncycastle/util/StreamParser.java \
-org/bouncycastle/util/StreamParsingException.java \
-org/bouncycastle/util/Times.java \
-org/bouncycastle/util/encoders/BufferedDecoder.java \
-org/bouncycastle/util/encoders/BufferedEncoder.java \
-org/bouncycastle/util/encoders/HexTranslator.java \
-org/bouncycastle/util/encoders/Translator.java \
-org/bouncycastle/util/encoders/UrlBase64.java \
-org/bouncycastle/util/encoders/UrlBase64Encoder.java \
-org/bouncycastle/util/io/BufferingOutputStream.java \
-org/bouncycastle/x509/CertPathReviewerException.java \
-org/bouncycastle/x509/CertPathReviewerMessages_de.properties \
-org/bouncycastle/x509/NoSuchParserException.java \
-org/bouncycastle/x509/PKIXCRLUtil.java \
-org/bouncycastle/x509/PKIXCertPathReviewer.java \
-org/bouncycastle/x509/CertPathValidatorUtilities.java \
-org/bouncycastle/x509/CertStatus.java \
-org/bouncycastle/x509/X509AttributeCertStoreSelector.java \
-org/bouncycastle/x509/X509CertPairStoreSelector.java \
-org/bouncycastle/x509/X509CertificatePair.java \
-org/bouncycastle/x509/X509Store.java \
-org/bouncycastle/x509/X509StreamParser.java \
-org/bouncycastle/x509/X509StreamParserSpi.java \
-org/bouncycastle/x509/X509V2CRLGenerator.java \
-org/bouncycastle/x509/util/LDAPStoreHelper.java \
-org/bouncycastle/x509/util/StreamParser.java \
-org/bouncycastle/x509/util/StreamParsingException.java \
-"
-
-# directories
-UNNEEDED_BCPKIX_SOURCES=" \
-docs \
-org/bouncycastle/cert/bc \
-org/bouncycastle/cert/cmp \
-org/bouncycastle/cert/crmf \
-org/bouncycastle/cert/dane \
-org/bouncycastle/cert/ocsp \
-org/bouncycastle/cert/path \
-org/bouncycastle/cert/selector/jcajce \
-org/bouncycastle/cert/test \
-org/bouncycastle/cms/bc \
-org/bouncycastle/cms/test \
-org/bouncycastle/dvcs \
-org/bouncycastle/eac \
-org/bouncycastle/mozilla \
-org/bouncycastle/openssl \
-org/bouncycastle/operator/test \
-org/bouncycastle/pkcs \
-org/bouncycastle/pkix \
-org/bouncycastle/tsp \
-org/bouncycastle/voms \
-"
-
-# files
-UNNEEDED_BCPKIX_SOURCES+=" \
-org/bouncycastle/cert/CertRuntimeException.java \
-org/bouncycastle/cert/X509ContentVerifierProviderBuilder.java \
-org/bouncycastle/cert/X509ExtensionUtils.java \
-org/bouncycastle/cert/X509v1CertificateBuilder.java \
-org/bouncycastle/cert/X509v2AttributeCertificateBuilder.java \
-org/bouncycastle/cert/X509v2CRLBuilder.java \
-org/bouncycastle/cert/X509v3CertificateBuilder.java \
-org/bouncycastle/cert/jcajce/CertHelper.java \
-org/bouncycastle/cert/jcajce/DefaultCertHelper.java \
-org/bouncycastle/cert/jcajce/JcaAttrCertStore.java \
-org/bouncycastle/cert/jcajce/JcaAttributeCertificateIssuer.java \
-org/bouncycastle/cert/jcajce/JcaCRLStore.java \
-org/bouncycastle/cert/jcajce/JcaCertStoreBuilder.java \
-org/bouncycastle/cert/jcajce/JcaX500NameUtil.java \
-org/bouncycastle/cert/jcajce/JcaX509AttributeCertificateHolder.java \
-org/bouncycastle/cert/jcajce/JcaX509CRLConverter.java \
-org/bouncycastle/cert/jcajce/JcaX509CRLHolder.java \
-org/bouncycastle/cert/jcajce/JcaX509CertificateConverter.java \
-org/bouncycastle/cert/jcajce/JcaX509ContentVerifierProviderBuilder.java \
-org/bouncycastle/cert/jcajce/JcaX509ExtensionUtils.java \
-org/bouncycastle/cert/jcajce/JcaX509v1CertificateBuilder.java \
-org/bouncycastle/cert/jcajce/JcaX509v2CRLBuilder.java \
-org/bouncycastle/cert/jcajce/JcaX509v3CertificateBuilder.java \
-org/bouncycastle/cert/jcajce/NamedCertHelper.java \
-org/bouncycastle/cert/jcajce/ProviderCertHelper.java \
-org/bouncycastle/cert/selector/X509AttributeCertificateHolderSelector.java \
-org/bouncycastle/cert/selector/X509AttributeCertificateHolderSelectorBuilder.java \
-org/bouncycastle/cms/AuthAttributesProvider.java \
-org/bouncycastle/cms/CMSAlgorithm.java \
-org/bouncycastle/cms/CMSAuthEnvelopedData.java \
-org/bouncycastle/cms/CMSAuthEnvelopedGenerator.java \
-org/bouncycastle/cms/CMSAuthenticatedData.java \
-org/bouncycastle/cms/CMSAuthenticatedDataGenerator.java \
-org/bouncycastle/cms/CMSAuthenticatedDataParser.java \
-org/bouncycastle/cms/CMSAuthenticatedDataStreamGenerator.java \
-org/bouncycastle/cms/CMSAuthenticatedGenerator.java \
-org/bouncycastle/cms/CMSCompressedData.java \
-org/bouncycastle/cms/CMSCompressedDataGenerator.java \
-org/bouncycastle/cms/CMSCompressedDataParser.java \
-org/bouncycastle/cms/CMSCompressedDataStreamGenerator.java \
-org/bouncycastle/cms/CMSConfig.java \
-org/bouncycastle/cms/CMSContentInfoParser.java \
-org/bouncycastle/cms/CMSDigestedData.java \
-org/bouncycastle/cms/CMSEncryptedData.java \
-org/bouncycastle/cms/CMSEncryptedDataGenerator.java \
-org/bouncycastle/cms/CMSEncryptedGenerator.java \
-org/bouncycastle/cms/CMSEnvelopedData.java \
-org/bouncycastle/cms/CMSEnvelopedDataGenerator.java \
-org/bouncycastle/cms/CMSEnvelopedDataParser.java \
-org/bouncycastle/cms/CMSEnvelopedDataStreamGenerator.java \
-org/bouncycastle/cms/CMSEnvelopedGenerator.java \
-org/bouncycastle/cms/CMSEnvelopedHelper.java \
-org/bouncycastle/cms/CMSProcessableFile.java \
-org/bouncycastle/cms/CMSProcessableInputStream.java \
-org/bouncycastle/cms/CMSSecureReadable.java \
-org/bouncycastle/cms/CMSSignedDataParser.java \
-org/bouncycastle/cms/CMSSignedDataStreamGenerator.java \
-org/bouncycastle/cms/CMSStreamException.java \
-org/bouncycastle/cms/CMSTypedStream.java \
-org/bouncycastle/cms/DefaultAuthenticatedAttributeTableGenerator.java \
-org/bouncycastle/cms/KEKRecipient.java \
-org/bouncycastle/cms/KEKRecipientId.java \
-org/bouncycastle/cms/KEKRecipientInfoGenerator.java \
-org/bouncycastle/cms/KEKRecipientInformation.java \
-org/bouncycastle/cms/KeyAgreeRecipient.java \
-org/bouncycastle/cms/KeyAgreeRecipientId.java \
-org/bouncycastle/cms/KeyAgreeRecipientInfoGenerator.java \
-org/bouncycastle/cms/KeyAgreeRecipientInformation.java \
-org/bouncycastle/cms/KeyTransRecipient.java \
-org/bouncycastle/cms/KeyTransRecipientId.java \
-org/bouncycastle/cms/KeyTransRecipientInfoGenerator.java \
-org/bouncycastle/cms/KeyTransRecipientInformation.java \
-org/bouncycastle/cms/OriginatorId.java \
-org/bouncycastle/cms/OriginatorInfoGenerator.java \
-org/bouncycastle/cms/OriginatorInformation.java \
-org/bouncycastle/cms/PasswordRecipientId.java \
-org/bouncycastle/cms/PasswordRecipientInfoGenerator.java \
-org/bouncycastle/cms/PasswordRecipientInformation.java \
-org/bouncycastle/cms/RecipientId.java \
-org/bouncycastle/cms/RecipientInfoGenerator.java \
-org/bouncycastle/cms/RecipientInformation.java \
-org/bouncycastle/cms/RecipientInformationStore.java \
-org/bouncycastle/cms/SignerInformationVerifierProvider.java \
-org/bouncycastle/cms/jcajce/CMSUtils.java \
-org/bouncycastle/cms/jcajce/DefaultJcaJceExtHelper.java \
-org/bouncycastle/cms/jcajce/EnvelopedDataHelper.java \
-org/bouncycastle/cms/jcajce/JcaJceExtHelper.java \
-org/bouncycastle/cms/jcajce/JcaSelectorConverter.java \
-org/bouncycastle/cms/jcajce/JcaSignerId.java \
-org/bouncycastle/cms/jcajce/JcaSimpleSignerInfoGeneratorBuilder.java \
-org/bouncycastle/cms/jcajce/JcaX509CertSelectorConverter.java \
-org/bouncycastle/cms/jcajce/JceAlgorithmIdentifierConverter.java \
-org/bouncycastle/cms/jcajce/JceCMSContentEncryptorBuilder.java \
-org/bouncycastle/cms/jcajce/JceCMSMacCalculatorBuilder.java \
-org/bouncycastle/cms/jcajce/JceKEKAuthenticatedRecipient.java \
-org/bouncycastle/cms/jcajce/JceKEKEnvelopedRecipient.java \
-org/bouncycastle/cms/jcajce/JceKEKRecipient.java \
-org/bouncycastle/cms/jcajce/JceKEKRecipientInfoGenerator.java \
-org/bouncycastle/cms/jcajce/JceKeyAgreeAuthenticatedRecipient.java \
-org/bouncycastle/cms/jcajce/JceKeyAgreeEnvelopedRecipient.java \
-org/bouncycastle/cms/jcajce/JceKeyAgreeRecipient.java \
-org/bouncycastle/cms/jcajce/JceKeyAgreeRecipientId.java \
-org/bouncycastle/cms/jcajce/JceKeyAgreeRecipientInfoGenerator.java \
-org/bouncycastle/cms/jcajce/JceKeyTransAuthenticatedRecipient.java \
-org/bouncycastle/cms/jcajce/JceKeyTransEnvelopedRecipient.java \
-org/bouncycastle/cms/jcajce/JceKeyTransRecipient.java \
-org/bouncycastle/cms/jcajce/JceKeyTransRecipientId.java \
-org/bouncycastle/cms/jcajce/JceKeyTransRecipientInfoGenerator.java \
-org/bouncycastle/cms/jcajce/JcePasswordAuthenticatedRecipient.java \
-org/bouncycastle/cms/jcajce/JcePasswordEnvelopedRecipient.java \
-org/bouncycastle/cms/jcajce/JcePasswordRecipient.java \
-org/bouncycastle/cms/jcajce/JcePasswordRecipientInfoGenerator.java \
-org/bouncycastle/cms/jcajce/NamedJcaJceExtHelper.java \
-org/bouncycastle/cms/jcajce/ProviderJcaJceExtHelper.java \
-org/bouncycastle/cms/jcajce/ZlibCompressor.java \
-org/bouncycastle/cms/jcajce/ZlibExpanderProvider.java \
-org/bouncycastle/operator/AlgorithmNameFinder.java \
-org/bouncycastle/operator/AsymmetricKeyUnwrapper.java \
-org/bouncycastle/operator/AsymmetricKeyWrapper.java \
-org/bouncycastle/operator/BufferingContentSigner.java \
-org/bouncycastle/operator/DefaultAlgorithmNameFinder.java \
-org/bouncycastle/operator/DefaultSecretKeySizeProvider.java \
-org/bouncycastle/operator/InputDecryptorProvider.java \
-org/bouncycastle/operator/InputExpander.java \
-org/bouncycastle/operator/InputExpanderProvider.java \
-org/bouncycastle/operator/KeyUnwrapper.java \
-org/bouncycastle/operator/KeyWrapper.java \
-org/bouncycastle/operator/MacCalculatorProvider.java \
-org/bouncycastle/operator/OutputCompressor.java \
-org/bouncycastle/operator/OutputEncryptor.java \
-org/bouncycastle/operator/SecretKeySizeProvider.java \
-org/bouncycastle/operator/SymmetricKeyUnwrapper.java \
-org/bouncycastle/operator/SymmetricKeyWrapper.java \
-org/bouncycastle/operator/bc/AESUtil.java \
-org/bouncycastle/operator/bc/BcAESSymmetricKeyUnwrapper.java \
-org/bouncycastle/operator/bc/BcAESSymmetricKeyWrapper.java \
-org/bouncycastle/operator/bc/BcAsymmetricKeyUnwrapper.java \
-org/bouncycastle/operator/bc/BcAsymmetricKeyWrapper.java \
-org/bouncycastle/operator/bc/BcContentSignerBuilder.java \
-org/bouncycastle/operator/bc/BcContentVerifierProviderBuilder.java \
-org/bouncycastle/operator/bc/BcDSAContentSignerBuilder.java \
-org/bouncycastle/operator/bc/BcDSAContentVerifierProviderBuilder.java \
-org/bouncycastle/operator/bc/BcRSAAsymmetricKeyUnwrapper.java \
-org/bouncycastle/operator/bc/BcRSAAsymmetricKeyWrapper.java \
-org/bouncycastle/operator/bc/BcRSAContentSignerBuilder.java \
-org/bouncycastle/operator/bc/BcRSAContentVerifierProviderBuilder.java \
-org/bouncycastle/operator/bc/BcSignerOutputStream.java \
-org/bouncycastle/operator/bc/BcSymmetricKeyUnwrapper.java \
-org/bouncycastle/operator/bc/BcSymmetricKeyWrapper.java \
-org/bouncycastle/operator/bc/CamelliaUtil.java \
-org/bouncycastle/operator/bc/OperatorUtils.java \
-org/bouncycastle/operator/bc/SEEDUtil.java \
-org/bouncycastle/operator/jcajce/JcaAlgorithmParametersConverter.java \
-org/bouncycastle/operator/jcajce/JceAsymmetricKeyUnwrapper.java \
-org/bouncycastle/operator/jcajce/JceAsymmetricKeyWrapper.java \
-org/bouncycastle/operator/jcajce/JceGenericKey.java \
-org/bouncycastle/operator/jcajce/JceSymmetricKeyUnwrapper.java \
-org/bouncycastle/operator/jcajce/JceSymmetricKeyWrapper.java \
-org/bouncycastle/operator/jcajce/OperatorUtils.java \
-"
-
-# needed sources to copy in
-NEEDED_BCPROV_SOURCES="org"
-
-# needed sources to copy in
-NEEDED_BCPKIX_SOURCES="org"
-
-# list of patch files to apply in the given order
-BOUNCYCASTLE_BCPROV_PATCHES="patches/bcprov.patch"
-BOUNCYCASTLE_BCPKIX_PATCHES="patches/bcpkix.patch"

diff --git a/import_bouncycastle.sh b/import_bouncycastle.sh
deleted file mode 100755
index 45cdae8..0000000
--- a/import_bouncycastle.sh
+++ /dev/null

@@ -1,284 +0,0 @@
-#!/bin/bash
-#
-# Copyright (C) 2010 The Android Open Source Project
-#
-# Licensed under the Apache License, Version 2.0 (the "License");
-# you may not use this file except in compliance with the License.
-# You may obtain a copy of the License at
-#
-#      http://www.apache.org/licenses/LICENSE-2.0
-#
-# Unless required by applicable law or agreed to in writing, software
-# distributed under the License is distributed on an "AS IS" BASIS,
-# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
-# See the License for the specific language governing permissions and
-# limitations under the License.
-#
-
-#
-# This script imports new versions of Bouncy Castle
-# (http://bouncycastle.org) into the Android source tree.  To run, (1)
-# fetch the appropriate tarballs (bcprov and bcpkix) from the Bouncy
-# Castle repository, (2) check the checksum, and then (3) run:
-#   ./import_bouncycastle.sh import bcprov-jdk*-*.tar.gz
-#
-# IMPORTANT: See README.android for additional details.
-
-# turn on exit on error as well as a warning when it happens
-set -e
-trap  "echo WARNING: Exiting on non-zero subprocess exit code" ERR;
-
-cd $(dirname $0)
-
-function die() {
-  declare -r message=$1
-
-  echo $message
-  exit 1
-}
-
-function usage() {
-  declare -r message=$1
-
-  if [ ! "$message" = "" ]; then
-    echo $message
-  fi
-  echo "Usage:"
-  echo "  ./import_bouncycastle.sh import </path/to/bcprov-jdk*-*.tar.gz>"
-  echo "  ./import_bouncycastle.sh regenerate <patch/*.patch>"
-  echo "  ./import_bouncycastle.sh generate <patch/*.patch> </path/to/bcprov-jdk*-*.tar.gz>"
-  exit 1
-}
-
-function main() {
-  if [ ! -d patches ]; then
-    die "Bouncy Castle patch directory patches/ not found"
-  fi
-
-  if [ ! -f bouncycastle.version ]; then
-    die "bouncycastle.version not found"
-  fi
-
-  source ./bouncycastle.version
-  if [ "$BOUNCYCASTLE_JDK" == "" -o "$BOUNCYCASTLE_VERSION" == "" ]; then
-    die "Invalid bouncycastle.version; see README.android for more information"
-  fi
-
-  BOUNCYCASTLE_BCPROV_DIR=bcprov-jdk$BOUNCYCASTLE_JDK-$BOUNCYCASTLE_VERSION
-  BOUNCYCASTLE_BCPROV_DIR_ORIG=$BOUNCYCASTLE_BCPROV_DIR.orig
-
-  BOUNCYCASTLE_BCPKIX_DIR=bcpkix-jdk$BOUNCYCASTLE_JDK-$BOUNCYCASTLE_VERSION
-  BOUNCYCASTLE_BCPKIX_DIR_ORIG=$BOUNCYCASTLE_BCPKIX_DIR.orig
-
-  if [ ! -f bouncycastle.config ]; then
-    die "bouncycastle.config not found"
-  fi
-
-  source ./bouncycastle.config
-  if [ "$UNNEEDED_BCPROV_SOURCES" == "" -o "$NEEDED_BCPROV_SOURCES" == "" \
-    -o "$UNNEEDED_BCPKIX_SOURCES" == "" -o "$NEEDED_BCPKIX_SOURCES" == "" ]; then
-    die "Invalid bouncycastle.config; see README.android for more information"
-  fi
-
-  declare -r command=$1
-  shift || usage "No command specified. Try import, regenerate, or generate."
-  if [ "$command" = "import" ]; then
-    declare -r bcprov_tar=$1
-    shift || usage "No tar file specified."
-    declare -r bcpkix_tar=`echo $bcprov_tar | sed s/bcprov/bcpkix/`
-    import $bcprov_tar $BOUNCYCASTLE_BCPROV_DIR $BOUNCYCASTLE_BCPROV_DIR_ORIG bcprov "$BOUNCYCASTLE_BCPROV_PATCHES" "$NEEDED_BCPROV_SOURCES" "$UNNEEDED_BCPROV_SOURCES"
-    import $bcpkix_tar $BOUNCYCASTLE_BCPKIX_DIR $BOUNCYCASTLE_BCPKIX_DIR_ORIG bcpkix "$BOUNCYCASTLE_BCPKIX_PATCHES" "$NEEDED_BCPKIX_SOURCES" "$UNNEEDED_BCPKIX_SOURCES"
-  elif [ "$command" = "regenerate" ]; then
-    declare -r patch=$1
-    shift || usage "No patch file specified."
-    if [[ $BOUNCYCASTLE_BCPROV_PATCHES == *$patch* ]]; then
-      [ -d $BOUNCYCASTLE_BCPROV_DIR ] || usage "$BOUNCYCASTLE_BCPROV_DIR not found, did you mean to use generate?"
-      [ -d $BOUNCYCASTLE_BCPROV_DIR_ORIG ] || usage "$BOUNCYCASTLE_BCPROV_DIR_ORIG not found, did you mean to use generate?"
-      regenerate $patch $BOUNCYCASTLE_BCPROV_DIR $BOUNCYCASTLE_BCPROV_DIR_ORIG
-    elif [[ $BOUNCYCASTLE_BCPKIX_PATCHES == *$patch* ]]; then
-      [ -d $BOUNCYCASTLE_BCPKIX_DIR ] || usage "$BOUNCYCASTLE_BCPROV_DIR not found, did you mean to use generate?"
-      [ -d $BOUNCYCASTLE_BCPKIX_DIR_ORIG ] || usage "$BOUNCYCASTLE_BCPKIX_DIR_ORIG not found, did you mean to use generate?"
-      regenerate $patch $BOUNCYCASTLE_BCPKIX_DIR $BOUNCYCASTLE_BCPKIX_DIR_ORIG
-    else
-      usage "Unknown patch file $patch specified"
-    fi
-  elif [ "$command" = "generate" ]; then
-    declare -r patch=$1
-    shift || usage "No patch file specified."
-    declare -r bcprov_tar=$1
-    shift || usage "No tar file specified."
-    declare -r bcpkix_tar=`echo $bcprov_tar | sed s/bcprov/bcpkix/`
-    if [[ $BOUNCYCASTLE_BCPROV_PATCHES == *$patch* ]]; then
-      generate $patch $bcprov_tar $BOUNCYCASTLE_BCPROV_DIR $BOUNCYCASTLE_BCPROV_DIR_ORIG bcprov "$BOUNCYCASTLE_BCPROV_PATCHES" "$NEEDED_BCPROV_SOURCES" "$UNNEEDED_BCPROV_SOURCES"
-    elif [[ $BOUNCYCASTLE_BCPKIX_PATCHES == *$patch* ]]; then
-      generate $patch $bcpkix_tar $BOUNCYCASTLE_BCPKIX_DIR $BOUNCYCASTLE_BCPKIX_DIR_ORIG bcpkix "$BOUNCYCASTLE_BCPKIX_PATCHES" "$NEEDED_BCPKIX_SOURCES" "$UNNEEDED_BCPKIX_SOURCES"
-    else
-      usage "Unknown patch file $patch specified"
-    fi
-  else
-    usage "Unknown command specified $command. Try import, regenerate, or generate."
-  fi
-}
-
-function import() {
-  declare -r bouncycastle_source=$1
-  declare -r bouncycastle_dir=$2
-  declare -r bouncycastle_dir_orig=$3
-  declare -r bouncycastle_out_dir=$4
-  declare -r bouncycastle_patches=$5
-  declare -r needed_sources=$6
-  declare -r unneeded_sources=$7
-
-  untar $bouncycastle_source $bouncycastle_dir $bouncycastle_dir_orig "$unneeded_sources"
-  applypatches $bouncycastle_dir "$bouncycastle_patches" "$unneeded_sources"
-
-  cd $bouncycastle_dir
-
-  sed 's/<p>/& <BR>/g' LICENSE.html | html2text -width 102 -nobs -ascii > ../NOTICE
-  touch ../MODULE_LICENSE_BSD_LIKE
-
-  cd ..
-
-  rm -r $bouncycastle_out_dir/src
-  mkdir -p $bouncycastle_out_dir/src/main/java/
-  for i in $needed_sources; do
-    echo "Updating $i"
-    mv $bouncycastle_dir/$i $bouncycastle_out_dir/src/main/java/
-  done
-
-  cleantar $bouncycastle_dir $bouncycastle_dir_orig
-}
-
-function regenerate() {
-  declare -r patch=$1
-  declare -r bouncycastle_dir=$2
-  declare -r bouncycastle_dir_orig=$3
-
-  generatepatch $patch $bouncycastle_dir $bouncycastle_dir_orig
-}
-
-function update_timestamps() {
-  declare -r git_dir="$1"
-  declare -r target_dir="$2"
-
-  echo -n "Restoring timestamps for ${target_dir}... "
-
-  find "$git_dir" -type f -print0 | while IFS= read -r -d $'\0' file; do
-    file_rev="$(git rev-list -n 1 HEAD "$file")"
-    if [ "$file_rev" == "" ]; then
-      echo
-      echo -n "WARNING: No file revision for file $file..."
-      continue
-    fi
-    file_time="$(git show --pretty=format:%ai --abbrev-commit "$file_rev" | head -n 1)"
-    touch -d "$file_time" "${target_dir}${file#$git_dir}"
-  done
-
-  echo "done."
-}
-
-function generate() {
-  declare -r patch=$1
-  declare -r bouncycastle_source=$2
-  declare -r bouncycastle_dir=$3
-  declare -r bouncycastle_dir_orig=$4
-  declare -r bouncycastle_out_dir=$5
-  declare -r bouncycastle_patches=$6
-  declare -r needed_sources=$7
-  declare -r unneeded_sources=$8
-
-  untar $bouncycastle_source $bouncycastle_dir $bouncycastle_dir_orig "$unneeded_sources"
-  applypatches $bouncycastle_dir "$bouncycastle_patches" "$unneeded_sources"
-
-  for i in $needed_sources; do
-    echo "Restoring $i"
-    rm -r $bouncycastle_dir/$i
-    cp -rf $bouncycastle_out_dir/src/main/java/$i $bouncycastle_dir/$i
-    update_timestamps $bouncycastle_out_dir/src/main/java/$i $bouncycastle_dir/$i
-  done
-
-  generatepatch $patch $bouncycastle_dir $bouncycastle_dir_orig
-  cleantar $bouncycastle_dir $bouncycastle_dir_orig
-}
-
-function untar() {
-  declare -r bouncycastle_source=$1
-  declare -r bouncycastle_dir=$2
-  declare -r bouncycastle_dir_orig=$3
-  declare -r unneeded_sources=$4
-
-  # Remove old source
-  cleantar $bouncycastle_dir $bouncycastle_dir_orig
-
-  # Process new source
-  tar -zxf $bouncycastle_source
-  mv $bouncycastle_dir $bouncycastle_dir_orig
-  find $bouncycastle_dir_orig -type f -print0 | xargs -0 chmod a-w
-  (cd $bouncycastle_dir_orig && unzip -q src.zip)
-  tar -zxf $bouncycastle_source
-  (cd $bouncycastle_dir && unzip -q src.zip)
-
-  # Prune unnecessary sources
-  echo "Removing $unneeded_sources"
-  (cd $bouncycastle_dir_orig && rm -rf $unneeded_sources)
-  (cd $bouncycastle_dir      && rm -r  $unneeded_sources)
-
-  echo "Removing package.html files"
-  find $bouncycastle_dir_orig -name package.html -print0 | xargs -0 rm
-  find $bouncycastle_dir -name package.html -print0 | xargs -0 rm
-}
-
-function cleantar() {
-  declare -r bouncycastle_dir=$1
-  declare -r bouncycastle_dir_orig=$2
-
-  rm -rf $bouncycastle_dir_orig
-  rm -rf $bouncycastle_dir
-}
-
-function applypatches () {
-  declare -r bouncycastle_dir=$1
-  declare -r bouncycastle_patches=$2
-  declare -r unneeded_sources=$3
-
-  cd $bouncycastle_dir
-
-  # Apply appropriate patches
-  for i in $bouncycastle_patches; do
-    echo "Applying patch $i"
-    patch -p1 --merge < ../$i || die "Could not apply patches/$i. Fix source and run: $0 regenerate $i"
-
-    # make sure no unneeded sources got into the patch
-    problem=0
-    for s in $unneeded_sources; do
-      if [ -e $s ]; then
-        echo Unneeded source $s restored by patch $i
-        problem=1
-      fi
-    done
-    if [ $problem = 1 ]; then
-      exit 1
-    fi
-  done
-
-  # Cleanup patch output
-  find . -type f -name "*.orig" -print0 | xargs -0 rm -f
-
-  cd ..
-}
-
-function generatepatch() {
-  declare -r patch=$1
-  declare -r bouncycastle_dir=$2
-  declare -r bouncycastle_dir_orig=$3
-
-  # Cleanup stray files before generating patch
-  find $bouncycastle_dir -type f -name "*.orig" -print0 | xargs -0 rm -f
-  find $bouncycastle_dir -type f -name "*~" -print0 | xargs -0 rm -f
-
-  rm -f $patch
-  LC_ALL=C TZ=UTC0 diff -Naur $bouncycastle_dir_orig $bouncycastle_dir >> $patch && die "ERROR: No diff for patch $path in file $i"
-  echo "Generated patch $patch"
-}
-
-main $@

diff --git a/jarjar-rules.txt b/jarjar-rules.txt
deleted file mode 100644
index 2f40de1..0000000
--- a/jarjar-rules.txt
+++ /dev/null

@@ -1 +0,0 @@
-rule org.bouncycastle.** com.android.@0

diff --git a/patches/README b/patches/README
deleted file mode 100644
index 522ff97..0000000
--- a/patches/README
+++ /dev/null

@@ -1,42 +0,0 @@
-bcprov.patch:
-
-patch against Bouncy Castle's bcprov:
-
-The main differences involve removing algorithms not included in the
-reference implementation (RI).  The libcore
-java.security.StandardNames test support class provides the most
-up-do-date documentation of differences between the RI's list of
-supported algorithms and Android's. Some notable omissions versus the
-RI:
-- LDAP
-- MD2
-- RC2
-
-Other performance (both speed and memory) and correctness changes:
-- singleton DERNull (BouncyCastle now does this but we make constructor private to be sure)
-- similarly made DERBoolean constructor private and moved to DERBoolean.{getInstance,TRUE,FALSE}
-- removed use of Boolean constructor (not-upstreamable due to J2ME requirement upstream)
-- DERObjectIdentifier interns its internal String indentifer value
-- changed uses of 'new Integer' to 'Integers.valueOf'
-- X509CertificateObject.getEncoded caches its result
-- removed references to SecretKeyFactory.PBE/PKCS5 SecretKeyFactory.PBE/PKCS12
-- OpenSSLDigest uses NativeCrypto JNI API
-- JDKKeyStore made more tolerant of non-existant aliases
-- Make BouncyCastleProvider.PROVIDER_NAME final
-- Added wrapper for SecretKeyFactory.PBKDF2WithHmacSHA1
-
-Other security changes:
-- Blacklist fraudulent Comodo certificates in PKIXCertPathValidatorSpi
-- Blacklist compromised DigiNotar Root CA by public key to block cross-signed intermediates
-
-Other changes:
-- Log entry and exit to DHParametersHelper.generateSafePrimes which has long, unpredictable runtime
-
-
-bcpkix.patch:
-
-patch against Bouncy Castle's bcpkix:
-
-The main differences involve:
-- removing algorithms not in our bcprov (MD2, MD4, SHA224, RIPEMD, GOST)
-- using the singleton DERNull.INSTANCE

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1ApplicationSpecific.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1ApplicationSpecific.java
new file mode 100644
index 0000000..6a6c511
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1ApplicationSpecific.java

@@ -0,0 +1,248 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.encoders.Hex;
+
+/**
+ * Base class for an ASN.1 ApplicationSpecific object
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class ASN1ApplicationSpecific
+    extends ASN1Primitive
+{
+    protected final boolean   isConstructed;
+    protected final int       tag;
+    protected final byte[]    octets;
+
+    ASN1ApplicationSpecific(
+        boolean isConstructed,
+        int tag,
+        byte[] octets)
+    {
+        this.isConstructed = isConstructed;
+        this.tag = tag;
+        this.octets = Arrays.clone(octets);
+    }
+
+    /**
+     * Return an ASN1ApplicationSpecific from the passed in object, which may be a byte array, or null.
+     *
+     * @param obj the object to be converted.
+     * @return obj's representation as an ASN1ApplicationSpecific object.
+     */
+    public static ASN1ApplicationSpecific getInstance(Object obj)
+    {
+        if (obj == null || obj instanceof ASN1ApplicationSpecific)
+        {
+            return (ASN1ApplicationSpecific)obj;
+        }
+        else if (obj instanceof byte[])
+        {
+            try
+            {
+                return ASN1ApplicationSpecific.getInstance(ASN1Primitive.fromByteArray((byte[])obj));
+            }
+            catch (IOException e)
+            {
+                throw new IllegalArgumentException("Failed to construct object from byte[]: " + e.getMessage());
+            }
+        }
+
+        throw new IllegalArgumentException("unknown object in getInstance: " + obj.getClass().getName());
+    }
+
+    protected static int getLengthOfHeader(byte[] data)
+    {
+        int length = data[1] & 0xff; // TODO: assumes 1 byte tag
+
+        if (length == 0x80)
+        {
+            return 2;      // indefinite-length encoding
+        }
+
+        if (length > 127)
+        {
+            int size = length & 0x7f;
+
+            // Note: The invalid long form "0xff" (see X.690 8.1.3.5c) will be caught here
+            if (size > 4)
+            {
+                throw new IllegalStateException("DER length more than 4 bytes: " + size);
+            }
+
+            return size + 2;
+        }
+
+        return 2;
+    }
+
+    /**
+     * Return true if the object is marked as constructed, false otherwise.
+     *
+     * @return true if constructed, otherwise false.
+     */
+    public boolean isConstructed()
+    {
+        return isConstructed;
+    }
+
+    /**
+     * Return the contents of this object as a byte[]
+     *
+     * @return the encoded contents of the object.
+     */
+    public byte[] getContents()
+    {
+        return Arrays.clone(octets);
+    }
+
+    /**
+     * Return the tag number associated with this object,
+     *
+     * @return the application tag number.
+     */
+    public int getApplicationTag() 
+    {
+        return tag;
+    }
+
+    /**
+     * Return the enclosed object assuming explicit tagging.
+     *
+     * @return  the resulting object
+     * @throws IOException if reconstruction fails.
+     */
+    public ASN1Primitive getObject()
+        throws IOException 
+    {
+        return ASN1Primitive.fromByteArray(getContents());
+    }
+
+    /**
+     * Return the enclosed object assuming implicit tagging.
+     *
+     * @param derTagNo the type tag that should be applied to the object's contents.
+     * @return  the resulting object
+     * @throws IOException if reconstruction fails.
+     */
+    public ASN1Primitive getObject(int derTagNo)
+        throws IOException
+    {
+        if (derTagNo >= 0x1f)
+        {
+            throw new IOException("unsupported tag number");
+        }
+
+        byte[] orig = this.getEncoded();
+        byte[] tmp = replaceTagNumber(derTagNo, orig);
+
+        if ((orig[0] & BERTags.CONSTRUCTED) != 0)
+        {
+            tmp[0] |= BERTags.CONSTRUCTED;
+        }
+
+        return ASN1Primitive.fromByteArray(tmp);
+    }
+
+    int encodedLength()
+        throws IOException
+    {
+        return StreamUtil.calculateTagLength(tag) + StreamUtil.calculateBodyLength(octets.length) + octets.length;
+    }
+
+    /* (non-Javadoc)
+     * @see org.bouncycastle.asn1.ASN1Primitive#encode(org.bouncycastle.asn1.DEROutputStream)
+     */
+    void encode(ASN1OutputStream out) throws IOException
+    {
+        int classBits = BERTags.APPLICATION;
+        if (isConstructed)
+        {
+            classBits |= BERTags.CONSTRUCTED;
+        }
+
+        out.writeEncoded(classBits, tag, octets);
+    }
+    
+    boolean asn1Equals(
+        ASN1Primitive o)
+    {
+        if (!(o instanceof ASN1ApplicationSpecific))
+        {
+            return false;
+        }
+
+        ASN1ApplicationSpecific other = (ASN1ApplicationSpecific)o;
+
+        return isConstructed == other.isConstructed
+            && tag == other.tag
+            && Arrays.areEqual(octets, other.octets);
+    }
+
+    public int hashCode()
+    {
+        return (isConstructed ? 1 : 0) ^ tag ^ Arrays.hashCode(octets);
+    }
+
+    private byte[] replaceTagNumber(int newTag, byte[] input)
+        throws IOException
+    {
+        int tagNo = input[0] & 0x1f;
+        int index = 1;
+        //
+        // with tagged object tag number is bottom 5 bits, or stored at the start of the content
+        //
+        if (tagNo == 0x1f)
+        {
+            int b = input[index++] & 0xff;
+
+            // X.690-0207 8.1.2.4.2
+            // "c) bits 7 to 1 of the first subsequent octet shall not all be zero."
+            if ((b & 0x7f) == 0) // Note: -1 will pass
+            {
+                throw new IOException("corrupted stream - invalid high tag number found");
+            }
+
+            while ((b & 0x80) != 0)
+            {
+                b = input[index++] & 0xff;
+            }
+        }
+
+        byte[] tmp = new byte[input.length - index + 1];
+
+        System.arraycopy(input, index, tmp, 1, tmp.length - 1);
+
+        tmp[0] = (byte)newTag;
+
+        return tmp;
+    }
+
+    public String toString()
+    {
+        StringBuffer sb = new StringBuffer();
+        sb.append("[");
+        if (isConstructed())
+        {
+            sb.append("CONSTRUCTED ");
+        }
+        sb.append("APPLICATION ");
+        sb.append(Integer.toString(getApplicationTag()));
+        sb.append("]");
+        // @todo content encoding somehow?
+        if (this.octets != null)
+        {
+            sb.append(" #");
+            sb.append(Hex.toHexString(this.octets));
+        }
+        else
+        {
+            sb.append(" #null");
+        }
+        sb.append(" ");
+        return sb.toString();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1ApplicationSpecificParser.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1ApplicationSpecificParser.java
new file mode 100644
index 0000000..ff1d48c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1ApplicationSpecificParser.java

@@ -0,0 +1,21 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+/**
+ * Interface to parse ASN.1 ApplicationSpecific objects.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface ASN1ApplicationSpecificParser
+    extends ASN1Encodable, InMemoryRepresentable
+{
+    /**
+     * Read the next object in the parser.
+     *
+     * @return an ASN1Encodable
+     * @throws IOException on a parsing or decoding error.
+     */
+    ASN1Encodable readObject()
+        throws IOException;
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1BitString.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1BitString.java
new file mode 100644
index 0000000..9975e8f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1BitString.java

@@ -0,0 +1,296 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.ByteArrayOutputStream;
+import java.io.EOFException;
+import java.io.IOException;
+import java.io.InputStream;
+
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.io.Streams;
+
+/**
+ * Base class for BIT STRING objects
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public abstract class ASN1BitString
+    extends ASN1Primitive
+    implements ASN1String
+{
+    private static final char[]  table = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' };
+
+    protected final byte[]      data;
+    protected final int         padBits;
+
+    /**
+     * @param bitString an int containing the BIT STRING
+     * @return the correct number of pad bits for a bit string defined in
+     * a 32 bit constant
+     */
+    static protected int getPadBits(
+        int bitString)
+    {
+        int val = 0;
+        for (int i = 3; i >= 0; i--)
+        {
+            //
+            // this may look a little odd, but if it isn't done like this pre jdk1.2
+            // JVM's break!
+            //
+            if (i != 0)
+            {
+                if ((bitString >> (i * 8)) != 0)
+                {
+                    val = (bitString >> (i * 8)) & 0xFF;
+                    break;
+                }
+            }
+            else
+            {
+                if (bitString != 0)
+                {
+                    val = bitString & 0xFF;
+                    break;
+                }
+            }
+        }
+
+        if (val == 0)
+        {
+            return 0;
+        }
+
+
+        int bits = 1;
+
+        while (((val <<= 1) & 0xFF) != 0)
+        {
+            bits++;
+        }
+
+        return 8 - bits;
+    }
+
+    /**
+     * @param bitString an int containing the BIT STRING
+     * @return the correct number of bytes for a bit string defined in
+     * a 32 bit constant
+     */
+    static protected byte[] getBytes(int bitString)
+    {
+        if (bitString == 0)
+        {
+            return new byte[0];
+        }
+
+        int bytes = 4;
+        for (int i = 3; i >= 1; i--)
+        {
+            if ((bitString & (0xFF << (i * 8))) != 0)
+            {
+                break;
+            }
+            bytes--;
+        }
+
+        byte[] result = new byte[bytes];
+        for (int i = 0; i < bytes; i++)
+        {
+            result[i] = (byte) ((bitString >> (i * 8)) & 0xFF);
+        }
+
+        return result;
+    }
+
+    /**
+     * Base constructor.
+     *
+     * @param data the octets making up the bit string.
+     * @param padBits the number of extra bits at the end of the string.
+     */
+    public ASN1BitString(
+        byte[]  data,
+        int     padBits)
+    {
+        if (data == null)
+        {
+            throw new NullPointerException("data cannot be null");
+        }
+        if (data.length == 0 && padBits != 0)
+        {
+            throw new IllegalArgumentException("zero length data with non-zero pad bits");
+        }
+        if (padBits > 7 || padBits < 0)
+        {
+            throw new IllegalArgumentException("pad bits cannot be greater than 7 or less than 0");
+        }
+
+        this.data = Arrays.clone(data);
+        this.padBits = padBits;
+    }
+
+    /**
+     * Return a String representation of this BIT STRING
+     *
+     * @return a String representation.
+     */
+    public String getString()
+    {
+        StringBuffer          buf = new StringBuffer("#");
+        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
+        ASN1OutputStream aOut = new ASN1OutputStream(bOut);
+
+        try
+        {
+            aOut.writeObject(this);
+        }
+        catch (IOException e)
+        {
+            throw new ASN1ParsingException("Internal error encoding BitString: " + e.getMessage(), e);
+        }
+
+        byte[]    string = bOut.toByteArray();
+
+        for (int i = 0; i != string.length; i++)
+        {
+            buf.append(table[(string[i] >>> 4) & 0xf]);
+            buf.append(table[string[i] & 0xf]);
+        }
+
+        return buf.toString();
+    }
+
+    /**
+     * @return the value of the bit string as an int (truncating if necessary)
+     */
+    public int intValue()
+    {
+        int value = 0;
+        byte[] string = data;
+
+        if (padBits > 0 && data.length <= 4)
+        {
+            string = derForm(data, padBits);
+        }
+
+        for (int i = 0; i != string.length && i != 4; i++)
+        {
+            value |= (string[i] & 0xff) << (8 * i);
+        }
+
+        return value;
+    }
+
+    /**
+     * Return the octets contained in this BIT STRING, checking that this BIT STRING really
+     * does represent an octet aligned string. Only use this method when the standard you are
+     * following dictates that the BIT STRING will be octet aligned.
+     *
+     * @return a copy of the octet aligned data.
+     */
+    public byte[] getOctets()
+    {
+        if (padBits != 0)
+        {
+            throw new IllegalStateException("attempt to get non-octet aligned data from BIT STRING");
+        }
+
+        return Arrays.clone(data);
+    }
+
+    public byte[] getBytes()
+    {
+        return derForm(data, padBits);
+    }
+
+    public int getPadBits()
+    {
+        return padBits;
+    }
+
+    public String toString()
+    {
+        return getString();
+    }
+
+    @libcore.api.CorePlatformApi
+    public int hashCode()
+    {
+        return padBits ^ Arrays.hashCode(this.getBytes());
+    }
+
+    protected boolean asn1Equals(
+        ASN1Primitive o)
+    {
+        if (!(o instanceof ASN1BitString))
+        {
+            return false;
+        }
+
+        ASN1BitString other = (ASN1BitString)o;
+
+        return this.padBits == other.padBits
+            && Arrays.areEqual(this.getBytes(), other.getBytes());
+    }
+
+    protected static byte[] derForm(byte[] data, int padBits)
+    {
+        byte[] rv = Arrays.clone(data);
+        // DER requires pad bits be zero
+        if (padBits > 0)
+        {
+            rv[data.length - 1] &= 0xff << padBits;
+        }
+
+        return rv;
+    }
+
+    static ASN1BitString fromInputStream(int length, InputStream stream)
+        throws IOException
+    {
+        if (length < 1)
+        {
+            throw new IllegalArgumentException("truncated BIT STRING detected");
+        }
+
+        int padBits = stream.read();
+        byte[] data = new byte[length - 1];
+
+        if (data.length != 0)
+        {
+            if (Streams.readFully(stream, data) != data.length)
+            {
+                throw new EOFException("EOF encountered in middle of BIT STRING");
+            }
+
+            if (padBits > 0 && padBits < 8)
+            {
+                if (data[data.length - 1] != (byte)(data[data.length - 1] & (0xff << padBits)))
+                {
+                    return new DLBitString(data, padBits);
+                }
+            }
+        }
+
+        return new DERBitString(data, padBits);
+    }
+
+    public ASN1Primitive getLoadedObject()
+    {
+        return this.toASN1Primitive();
+    }
+
+    ASN1Primitive toDERObject()
+    {
+        return new DERBitString(data, padBits);
+    }
+
+    ASN1Primitive toDLObject()
+    {
+        return new DLBitString(data, padBits);
+    }
+
+    abstract void encode(ASN1OutputStream out)
+        throws IOException;
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Boolean.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Boolean.java
new file mode 100644
index 0000000..5390b32
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Boolean.java

@@ -0,0 +1,218 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * Public facade of ASN.1 Boolean data.
+ * <p>
+ * Use following to place a new instance of ASN.1 Boolean in your dataset:
+ * <ul>
+ * <li> ASN1Boolean.TRUE literal</li>
+ * <li> ASN1Boolean.FALSE literal</li>
+ * <li> {@link ASN1Boolean#getInstance(boolean) ASN1Boolean.getInstance(boolean)}</li>
+ * <li> {@link ASN1Boolean#getInstance(int) ASN1Boolean.getInstance(int)}</li>
+ * </ul>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ASN1Boolean
+    extends ASN1Primitive
+{
+    private static final byte[] TRUE_VALUE = new byte[] { (byte)0xff };
+    private static final byte[] FALSE_VALUE = new byte[] { 0 };
+
+    private final byte[]         value;
+
+    public static final ASN1Boolean FALSE = new ASN1Boolean(false);
+    public static final ASN1Boolean TRUE  = new ASN1Boolean(true);
+
+    /**
+     * Return a boolean from the passed in object.
+     *
+     * @param obj an ASN1Boolean or an object that can be converted into one.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     * @return an ASN1Boolean instance.
+     */
+    public static ASN1Boolean getInstance(
+        Object  obj)
+    {
+        if (obj == null || obj instanceof ASN1Boolean)
+        {
+            return (ASN1Boolean)obj;
+        }
+
+        if (obj instanceof byte[])
+        {
+            byte[] enc = (byte[])obj;
+            try
+            {
+                return (ASN1Boolean)fromByteArray(enc);
+            }
+            catch (IOException e)
+            {
+                throw new IllegalArgumentException("failed to construct boolean from byte[]: " + e.getMessage());
+            }
+        }
+
+        throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName());
+    }
+
+    /**
+     * Return an ASN1Boolean from the passed in boolean.
+     * @param value true or false depending on the ASN1Boolean wanted.
+     * @return an ASN1Boolean instance.
+     */
+    public static ASN1Boolean getInstance(
+        boolean  value)
+    {
+        return (value ? TRUE : FALSE);
+    }
+
+    /**
+     * Return an ASN1Boolean from the passed in value.
+     * @param value non-zero (true) or zero (false) depending on the ASN1Boolean wanted.
+     * @return an ASN1Boolean instance.
+     */
+    public static ASN1Boolean getInstance(
+        int value)
+    {
+        return (value != 0 ? TRUE : FALSE);
+    }
+
+    // BEGIN Android-added: Unknown reason
+    /**
+     * return a ASN1Boolean from the passed in array.
+     */
+    public static ASN1Boolean getInstance(
+        byte[] octets)
+    {
+        return (octets[0] != 0) ? TRUE : FALSE;
+    }
+
+    // END Android-added: Unknown reason
+    /**
+     * Return a Boolean from a tagged object.
+     *
+     * @param obj the tagged object holding the object we want
+     * @param explicit true if the object is meant to be explicitly
+     *              tagged false otherwise.
+     * @exception IllegalArgumentException if the tagged object cannot
+     *               be converted.
+     * @return an ASN1Boolean instance.
+     */
+    public static ASN1Boolean getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        ASN1Primitive o = obj.getObject();
+
+        if (explicit || o instanceof ASN1Boolean)
+        {
+            return getInstance(o);
+        }
+        else
+        {
+            return ASN1Boolean.fromOctetString(((ASN1OctetString)o).getOctets());
+        }
+    }
+
+    ASN1Boolean(
+        byte[] value)
+    {
+        if (value.length != 1)
+        {
+            throw new IllegalArgumentException("byte value should have 1 byte in it");
+        }
+
+        if (value[0] == 0)
+        {
+            this.value = FALSE_VALUE;
+        }
+        else if ((value[0] & 0xff) == 0xff)
+        {
+            this.value = TRUE_VALUE;
+        }
+        else
+        {
+            this.value = Arrays.clone(value);
+        }
+    }
+
+    /**
+     * @deprecated use getInstance(boolean) method.
+     * @param value true or false.
+     */
+    // Android-changed: Reduce visibility to protected
+    protected ASN1Boolean(
+        boolean     value)
+    {
+        this.value = (value) ? TRUE_VALUE : FALSE_VALUE;
+    }
+
+    public boolean isTrue()
+    {
+        return (value[0] != 0);
+    }
+
+    boolean isConstructed()
+    {
+        return false;
+    }
+
+    int encodedLength()
+    {
+        return 3;
+    }
+
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        out.writeEncoded(BERTags.BOOLEAN, value);
+    }
+
+    protected boolean asn1Equals(
+        ASN1Primitive  o)
+    {
+        if (o instanceof ASN1Boolean)
+        {
+            return (value[0] == ((ASN1Boolean)o).value[0]);
+        }
+
+        return false;
+    }
+
+    public int hashCode()
+    {
+        return value[0];
+    }
+
+
+    public String toString()
+    {
+      return (value[0] != 0) ? "TRUE" : "FALSE";
+    }
+
+    static ASN1Boolean fromOctetString(byte[] value)
+    {
+        if (value.length != 1)
+        {
+            throw new IllegalArgumentException("BOOLEAN value should have 1 byte in it");
+        }
+
+        if (value[0] == 0)
+        {
+            return FALSE;
+        }
+        else if ((value[0] & 0xff) == 0xff)
+        {
+            return TRUE;
+        }
+        else
+        {
+            return new ASN1Boolean(value);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Choice.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Choice.java
new file mode 100644
index 0000000..5e35a56
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Choice.java

@@ -0,0 +1,29 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+/**
+ * Marker interface for CHOICE objects - if you implement this in a role your
+ * own object any attempt to tag the object implicitly will convert the tag to
+ * an explicit one as the encoding rules require.
+ * <p>
+ * If you use this interface your class should also implement the getInstance()
+ * pattern which takes a tag object and the tagging mode used.
+ * </p>
+ * <p><b>X.690</b></p>
+ * <p><b>8: Basic encoding rules</b></p>
+ * <p><b>8.13 Encoding of a choice value </b></p>
+ * <p>
+ * The encoding of a choice value shall be the same as the encoding of a value of the chosen type.
+ * <blockquote>
+ * NOTE 1 &mdash; The encoding may be primitive or constructed depending on the chosen type.
+ * </blockquote>
+ * <blockquote>
+ * NOTE 2 &mdash; The tag used in the identifier octets is the tag of the chosen type,
+ * as specified in the ASN.1 definition of the choice type.
+ * </blockquote>
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface ASN1Choice
+{
+    // marker interface
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Encodable.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Encodable.java
new file mode 100644
index 0000000..aa0f2a1
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Encodable.java

@@ -0,0 +1,16 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+/**
+ * Basic interface to produce serialisers for ASN.1 encodings.
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public interface ASN1Encodable
+{
+    /**
+     * Return an object, possibly constructed, of ASN.1 primitives
+     * @return an ASN.1 primitive.
+     */
+    ASN1Primitive toASN1Primitive();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1EncodableVector.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1EncodableVector.java
new file mode 100644
index 0000000..53718b2
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1EncodableVector.java

@@ -0,0 +1,70 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.util.Enumeration;
+import java.util.Vector;
+
+/**
+ * Mutable class for building ASN.1 constructed objects such as SETs or SEQUENCEs.
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public class ASN1EncodableVector
+{
+    private final Vector v = new Vector();
+
+    /**
+     * Base constructor.
+     */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public ASN1EncodableVector()
+    {
+    }
+
+    /**
+     * Add an encodable to the vector.
+     *
+     * @param obj the encodable to add.
+     */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public void add(ASN1Encodable obj)
+    {
+        v.addElement(obj);
+    }
+
+    /**
+     * Add the contents of another vector.
+     *
+     * @param other the vector to add.
+     */
+    public void addAll(ASN1EncodableVector other)
+    {
+        for (Enumeration en = other.v.elements(); en.hasMoreElements();)
+        {
+            v.addElement(en.nextElement());
+        }
+    }
+
+    /**
+     * Return the object at position i in this vector.
+     *
+     * @param i the index of the object of interest.
+     * @return the object at position i.
+     */
+    public ASN1Encodable get(int i)
+    {
+        return (ASN1Encodable)v.elementAt(i);
+    }
+
+    /**
+     * Return the size of the vector.
+     *
+     * @return the object count in the vector.
+     */
+    public int size()
+    {
+        return v.size();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Encoding.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Encoding.java
new file mode 100644
index 0000000..0947056
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Encoding.java

@@ -0,0 +1,24 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+/**
+ * Supported encoding formats.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface ASN1Encoding
+{
+    /**
+     * DER - distinguished encoding rules.
+     */
+    static final String DER = "DER";
+
+    /**
+     * DL - definite length encoding.
+     */
+    static final String DL = "DL";
+
+    /**
+     * BER - basic encoding rules.
+     */
+    static final String BER = "BER";
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Enumerated.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Enumerated.java
new file mode 100644
index 0000000..3695b9e
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Enumerated.java

@@ -0,0 +1,184 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Properties;
+
+/**
+ * Class representing the ASN.1 ENUMERATED type.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ASN1Enumerated
+    extends ASN1Primitive
+{
+    private final byte[] bytes;
+
+    /**
+     * return an enumerated from the passed in object
+     *
+     * @param obj an ASN1Enumerated or an object that can be converted into one.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     * @return an ASN1Enumerated instance, or null.
+     */
+    public static ASN1Enumerated getInstance(
+        Object  obj)
+    {
+        if (obj == null || obj instanceof ASN1Enumerated)
+        {
+            return (ASN1Enumerated)obj;
+        }
+
+        if (obj instanceof byte[])
+        {
+            try
+            {
+                return (ASN1Enumerated)fromByteArray((byte[])obj);
+            }
+            catch (Exception e)
+            {
+                throw new IllegalArgumentException("encoding error in getInstance: " + e.toString());
+            }
+        }
+
+        throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName());
+    }
+
+    /**
+     * return an Enumerated from a tagged object.
+     *
+     * @param obj the tagged object holding the object we want
+     * @param explicit true if the object is meant to be explicitly
+     *              tagged false otherwise.
+     * @exception IllegalArgumentException if the tagged object cannot
+     *               be converted.
+     * @return an ASN1Enumerated instance, or null.
+     */
+    public static ASN1Enumerated getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        ASN1Primitive o = obj.getObject();
+
+        if (explicit || o instanceof ASN1Enumerated)
+        {
+            return getInstance(o);
+        }
+        else
+        {
+            return fromOctetString(((ASN1OctetString)o).getOctets());
+        }
+    }
+
+    /**
+     * Constructor from int.
+     *
+     * @param value the value of this enumerated.
+     */
+    public ASN1Enumerated(
+        int         value)
+    {
+        bytes = BigInteger.valueOf(value).toByteArray();
+    }
+
+    /**
+     * Constructor from BigInteger
+     *
+     * @param value the value of this enumerated.
+     */
+    public ASN1Enumerated(
+        BigInteger   value)
+    {
+        bytes = value.toByteArray();
+    }
+
+    /**
+     * Constructor from encoded BigInteger.
+     *
+     * @param bytes the value of this enumerated as an encoded BigInteger (signed).
+     */
+    public ASN1Enumerated(
+        byte[]   bytes)
+    {
+        if (!Properties.isOverrideSet("com.android.org.bouncycastle.asn1.allow_unsafe_integer"))
+        {
+            if (ASN1Integer.isMalformed(bytes))
+            {
+                throw new IllegalArgumentException("malformed enumerated");
+            }
+        }
+        this.bytes = Arrays.clone(bytes);
+    }
+
+    public BigInteger getValue()
+    {
+        return new BigInteger(bytes);
+    }
+
+    boolean isConstructed()
+    {
+        return false;
+    }
+
+    int encodedLength()
+    {
+        return 1 + StreamUtil.calculateBodyLength(bytes.length) + bytes.length;
+    }
+
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        out.writeEncoded(BERTags.ENUMERATED, bytes);
+    }
+    
+    boolean asn1Equals(
+        ASN1Primitive  o)
+    {
+        if (!(o instanceof ASN1Enumerated))
+        {
+            return false;
+        }
+
+        ASN1Enumerated other = (ASN1Enumerated)o;
+
+        return Arrays.areEqual(this.bytes, other.bytes);
+    }
+
+    public int hashCode()
+    {
+        return Arrays.hashCode(bytes);
+    }
+
+    private static ASN1Enumerated[] cache = new ASN1Enumerated[12];
+
+    static ASN1Enumerated fromOctetString(byte[] enc)
+    {
+        if (enc.length > 1)
+        {
+            return new ASN1Enumerated(enc);
+        }
+
+        if (enc.length == 0)
+        {
+            throw new IllegalArgumentException("ENUMERATED has zero length");
+        }
+        int value = enc[0] & 0xff;
+
+        if (value >= cache.length)
+        {
+            return new ASN1Enumerated(Arrays.clone(enc));
+        }
+
+        ASN1Enumerated possibleMatch = cache[value];
+
+        if (possibleMatch == null)
+        {
+            possibleMatch = cache[value] = new ASN1Enumerated(Arrays.clone(enc));
+        }
+
+        return possibleMatch;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Exception.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Exception.java
new file mode 100644
index 0000000..fd80dca
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Exception.java

@@ -0,0 +1,46 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+/**
+ * Exception thrown in cases of corrupted or unexpected data in a stream.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ASN1Exception
+    extends IOException
+{
+    private Throwable cause;
+
+    /**
+     * Base constructor
+     *
+     * @param message a message concerning the exception.
+     */
+    ASN1Exception(String message)
+    {
+        super(message);
+    }
+
+    /**
+     * Constructor when this exception is due to another one.
+     *
+     * @param message a message concerning the exception.
+     * @param cause the exception that caused this exception to be thrown.
+     */
+    ASN1Exception(String message, Throwable cause)
+    {
+        super(message);
+        this.cause = cause;
+    }
+
+    /**
+     * Return the underlying cause of this exception, if any.
+     *
+     * @return the exception causing this one, null if there isn't one.
+     */
+    public Throwable getCause()
+    {
+        return cause;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1External.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1External.java
new file mode 100644
index 0000000..df55fa5
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1External.java

@@ -0,0 +1,294 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+/**
+ * Class representing the DER-type External
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class ASN1External
+    extends ASN1Primitive
+{
+    protected ASN1ObjectIdentifier directReference;
+    protected ASN1Integer indirectReference;
+    protected ASN1Primitive dataValueDescriptor;
+    protected int encoding;
+    protected ASN1Primitive externalContent;
+
+    /**
+     * Construct an EXTERNAL object, the input encoding vector must have exactly two elements on it.
+     * <p>
+     * Acceptable input formats are:
+     * <ul>
+     * <li> {@link ASN1ObjectIdentifier} + data {@link DERTaggedObject} (direct reference form)</li>
+     * <li> {@link ASN1Integer} + data {@link DERTaggedObject} (indirect reference form)</li>
+     * <li> Anything but {@link DERTaggedObject} + data {@link DERTaggedObject} (data value form)</li>
+     * </ul>
+     *
+     * @throws IllegalArgumentException if input size is wrong, or
+     */
+    public ASN1External(ASN1EncodableVector vector)
+    {
+        int offset = 0;
+
+        ASN1Primitive enc = getObjFromVector(vector, offset);
+        if (enc instanceof ASN1ObjectIdentifier)
+        {
+            directReference = (ASN1ObjectIdentifier)enc;
+            offset++;
+            enc = getObjFromVector(vector, offset);
+        }
+        if (enc instanceof ASN1Integer)
+        {
+            indirectReference = (ASN1Integer) enc;
+            offset++;
+            enc = getObjFromVector(vector, offset);
+        }
+        if (!(enc instanceof ASN1TaggedObject))
+        {
+            dataValueDescriptor = (ASN1Primitive) enc;
+            offset++;
+            enc = getObjFromVector(vector, offset);
+        }
+
+        if (vector.size() != offset + 1)
+        {
+            throw new IllegalArgumentException("input vector too large");
+        }
+
+        if (!(enc instanceof ASN1TaggedObject))
+        {
+            throw new IllegalArgumentException("No tagged object found in vector. Structure doesn't seem to be of type External");
+        }
+        ASN1TaggedObject obj = (ASN1TaggedObject)enc;
+        setEncoding(obj.getTagNo());
+        externalContent = obj.getObject();
+    }
+
+    private ASN1Primitive getObjFromVector(ASN1EncodableVector v, int index)
+    {
+        if (v.size() <= index)
+        {
+            throw new IllegalArgumentException("too few objects in input vector");
+        }
+
+        return v.get(index).toASN1Primitive();
+    }
+
+    /**
+     * Creates a new instance of External
+     * See X.690 for more informations about the meaning of these parameters
+     * @param directReference The direct reference or <code>null</code> if not set.
+     * @param indirectReference The indirect reference or <code>null</code> if not set.
+     * @param dataValueDescriptor The data value descriptor or <code>null</code> if not set.
+     * @param externalData The external data in its encoded form.
+     */
+    public ASN1External(ASN1ObjectIdentifier directReference, ASN1Integer indirectReference, ASN1Primitive dataValueDescriptor, DERTaggedObject externalData)
+    {
+        this(directReference, indirectReference, dataValueDescriptor, externalData.getTagNo(), externalData.toASN1Primitive());
+    }
+
+    /**
+     * Creates a new instance of External.
+     * See X.690 for more informations about the meaning of these parameters
+     * @param directReference The direct reference or <code>null</code> if not set.
+     * @param indirectReference The indirect reference or <code>null</code> if not set.
+     * @param dataValueDescriptor The data value descriptor or <code>null</code> if not set.
+     * @param encoding The encoding to be used for the external data
+     * @param externalData The external data
+     */
+    public ASN1External(ASN1ObjectIdentifier directReference, ASN1Integer indirectReference, ASN1Primitive dataValueDescriptor, int encoding, ASN1Primitive externalData)
+    {
+        setDirectReference(directReference);
+        setIndirectReference(indirectReference);
+        setDataValueDescriptor(dataValueDescriptor);
+        setEncoding(encoding);
+        setExternalContent(externalData.toASN1Primitive());
+    }
+
+    ASN1Primitive toDERObject()
+     {
+         if (this instanceof DERExternal)
+         {
+             return this;
+         }
+
+         return new DERExternal(directReference, indirectReference, dataValueDescriptor, encoding, externalContent);
+     }
+
+    /* (non-Javadoc)
+     * @see java.lang.Object#hashCode()
+     */
+    public int hashCode()
+    {
+        int ret = 0;
+        if (directReference != null)
+        {
+            ret = directReference.hashCode();
+        }
+        if (indirectReference != null)
+        {
+            ret ^= indirectReference.hashCode();
+        }
+        if (dataValueDescriptor != null)
+        {
+            ret ^= dataValueDescriptor.hashCode();
+        }
+        ret ^= externalContent.hashCode();
+        return ret;
+    }
+
+    boolean isConstructed()
+    {
+        return true;
+    }
+
+    int encodedLength()
+        throws IOException
+    {
+        return this.getEncoded().length;
+    }
+
+    /* (non-Javadoc)
+     * @see org.bouncycastle.asn1.ASN1Primitive#asn1Equals(org.bouncycastle.asn1.ASN1Primitive)
+     */
+    boolean asn1Equals(ASN1Primitive o)
+    {
+        if (!(o instanceof ASN1External))
+        {
+            return false;
+        }
+        if (this == o)
+        {
+            return true;
+        }
+        ASN1External other = (ASN1External)o;
+        if (directReference != null)
+        {
+            if (other.directReference == null || !other.directReference.equals(directReference))  
+            {
+                return false;
+            }
+        }
+        if (indirectReference != null)
+        {
+            if (other.indirectReference == null || !other.indirectReference.equals(indirectReference))
+            {
+                return false;
+            }
+        }
+        if (dataValueDescriptor != null)
+        {
+            if (other.dataValueDescriptor == null || !other.dataValueDescriptor.equals(dataValueDescriptor))
+            {
+                return false;
+            }
+        }
+        return externalContent.equals(other.externalContent);
+    }
+
+    /**
+     * Returns the data value descriptor
+     * @return The descriptor
+     */
+    public ASN1Primitive getDataValueDescriptor()
+    {
+        return dataValueDescriptor;
+    }
+
+    /**
+     * Returns the direct reference of the external element
+     * @return The reference
+     */
+    public ASN1ObjectIdentifier getDirectReference()
+    {
+        return directReference;
+    }
+
+    /**
+     * Returns the encoding of the content. Valid values are
+     * <ul>
+     * <li><code>0</code> single-ASN1-type</li>
+     * <li><code>1</code> OCTET STRING</li>
+     * <li><code>2</code> BIT STRING</li>
+     * </ul>
+     * @return The encoding
+     */
+    public int getEncoding()
+    {
+        return encoding;
+    }
+    
+    /**
+     * Returns the content of this element
+     * @return The content
+     */
+    public ASN1Primitive getExternalContent()
+    {
+        return externalContent;
+    }
+    
+    /**
+     * Returns the indirect reference of this element
+     * @return The reference
+     */
+    public ASN1Integer getIndirectReference()
+    {
+        return indirectReference;
+    }
+    
+    /**
+     * Sets the data value descriptor
+     * @param dataValueDescriptor The descriptor
+     */
+    private void setDataValueDescriptor(ASN1Primitive dataValueDescriptor)
+    {
+        this.dataValueDescriptor = dataValueDescriptor;
+    }
+
+    /**
+     * Sets the direct reference of the external element
+     * @param directReferemce The reference
+     */
+    private void setDirectReference(ASN1ObjectIdentifier directReferemce)
+    {
+        this.directReference = directReferemce;
+    }
+    
+    /**
+     * Sets the encoding of the content. Valid values are
+     * <ul>
+     * <li><code>0</code> single-ASN1-type</li>
+     * <li><code>1</code> OCTET STRING</li>
+     * <li><code>2</code> BIT STRING</li>
+     * </ul>
+     * @param encoding The encoding
+     */
+    private void setEncoding(int encoding)
+    {
+        if (encoding < 0 || encoding > 2)
+        {
+            throw new IllegalArgumentException("invalid encoding value: " + encoding);
+        }
+        this.encoding = encoding;
+    }
+    
+    /**
+     * Sets the content of this element
+     * @param externalContent The content
+     */
+    private void setExternalContent(ASN1Primitive externalContent)
+    {
+        this.externalContent = externalContent;
+    }
+    
+    /**
+     * Sets the indirect reference of this element
+     * @param indirectReference The reference
+     */
+    private void setIndirectReference(ASN1Integer indirectReference)
+    {
+        this.indirectReference = indirectReference;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1GeneralizedTime.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1GeneralizedTime.java
new file mode 100644
index 0000000..4c0eb25
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1GeneralizedTime.java

@@ -0,0 +1,476 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
+// Android-added: Localization support
+import java.util.Calendar;
+import java.util.Date;
+import java.util.Locale;
+import java.util.SimpleTimeZone;
+import java.util.TimeZone;
+
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * Base class representing the ASN.1 GeneralizedTime type.
+ * <p>
+ * The main difference between these and UTC time is a 4 digit year.
+ * </p>
+ * <p>
+ * One second resolution date+time on UTC timezone (Z)
+ * with 4 digit year (valid from 0001 to 9999).
+ * </p><p>
+ * Timestamp format is:  yyyymmddHHMMSS'Z'
+ * </p><p>
+ * <h2>X.690</h2>
+ * This is what is called "restricted string",
+ * and it uses ASCII characters to encode digits and supplemental data.
+ *
+ * <h3>11: Restrictions on BER employed by both CER and DER</h3>
+ * <h4>11.7 GeneralizedTime </h4>
+ * <p>
+ * <b>11.7.1</b> The encoding shall terminate with a "Z",
+ * as described in the ITU-T Rec. X.680 | ISO/IEC 8824-1 clause on
+ * GeneralizedTime.
+ * </p><p>
+ * <b>11.7.2</b> The seconds element shall always be present.
+ * </p>
+ * <p>
+ * <b>11.7.3</b> The fractional-seconds elements, if present,
+ * shall omit all trailing zeros; if the elements correspond to 0,
+ * they shall be wholly omitted, and the decimal point element also
+ * shall be omitted.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ASN1GeneralizedTime
+    extends ASN1Primitive
+{
+    protected byte[] time;
+
+    /**
+     * return a generalized time from the passed in object
+     *
+     * @param obj an ASN1GeneralizedTime or an object that can be converted into one.
+     * @return an ASN1GeneralizedTime instance, or null.
+     * @throws IllegalArgumentException if the object cannot be converted.
+     */
+    public static ASN1GeneralizedTime getInstance(
+        Object obj)
+    {
+        if (obj == null || obj instanceof ASN1GeneralizedTime)
+        {
+            return (ASN1GeneralizedTime)obj;
+        }
+
+        if (obj instanceof byte[])
+        {
+            try
+            {
+                return (ASN1GeneralizedTime)fromByteArray((byte[])obj);
+            }
+            catch (Exception e)
+            {
+                throw new IllegalArgumentException("encoding error in getInstance: " + e.toString());
+            }
+        }
+
+        throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName());
+    }
+
+    /**
+     * return a Generalized Time object from a tagged object.
+     *
+     * @param obj      the tagged object holding the object we want
+     * @param explicit true if the object is meant to be explicitly
+     *                 tagged false otherwise.
+     * @return an ASN1GeneralizedTime instance.
+     * @throws IllegalArgumentException if the tagged object cannot
+     * be converted.
+     */
+    public static ASN1GeneralizedTime getInstance(
+        ASN1TaggedObject obj,
+        boolean explicit)
+    {
+        ASN1Primitive o = obj.getObject();
+
+        if (explicit || o instanceof ASN1GeneralizedTime)
+        {
+            return getInstance(o);
+        }
+        else
+        {
+            return new ASN1GeneralizedTime(((ASN1OctetString)o).getOctets());
+        }
+    }
+
+    /**
+     * The correct format for this is YYYYMMDDHHMMSS[.f]Z, or without the Z
+     * for local time, or Z+-HHMM on the end, for difference between local
+     * time and UTC time. The fractional second amount f must consist of at
+     * least one number with trailing zeroes removed.
+     *
+     * @param time the time string.
+     * @throws IllegalArgumentException if String is an illegal format.
+     */
+    public ASN1GeneralizedTime(
+        String time)
+    {
+        this.time = Strings.toByteArray(time);
+        try
+        {
+            this.getDate();
+        }
+        catch (ParseException e)
+        {
+            throw new IllegalArgumentException("invalid date string: " + e.getMessage());
+        }
+    }
+
+    /**
+     * Base constructor from a java.util.date object
+     *
+     * @param time a date object representing the time of interest.
+     */
+    public ASN1GeneralizedTime(
+        Date time)
+    {
+        // Android-changed: Use localized version
+        // SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", DateUtil.EN_Locale);
+        SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", Locale.US);
+
+        dateF.setTimeZone(new SimpleTimeZone(0, "Z"));
+
+        this.time = Strings.toByteArray(dateF.format(time));
+    }
+
+    /**
+     * Base constructor from a java.util.date and Locale - you may need to use this if the default locale
+     * doesn't use a Gregorian calender so that the GeneralizedTime produced is compatible with other ASN.1 implementations.
+     *
+     * @param time a date object representing the time of interest.
+     * @param locale an appropriate Locale for producing an ASN.1 GeneralizedTime value.
+     */
+    public ASN1GeneralizedTime(
+        Date time,
+        Locale locale)
+    {
+        // BEGIN Android-changed: Use localized version
+        // SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", locale);
+        SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", Locale.US);
+        dateF.setCalendar(Calendar.getInstance(Locale.US));
+        // END Android-changed: Use localized version
+
+        dateF.setTimeZone(new SimpleTimeZone(0, "Z"));
+
+        this.time = Strings.toByteArray(dateF.format(time));
+    }
+
+    ASN1GeneralizedTime(
+        byte[] bytes)
+    {
+        this.time = bytes;
+    }
+
+    /**
+     * Return the time.
+     *
+     * @return The time string as it appeared in the encoded object.
+     */
+    public String getTimeString()
+    {
+        return Strings.fromByteArray(time);
+    }
+
+    /**
+     * return the time - always in the form of
+     * YYYYMMDDhhmmssGMT(+hh:mm|-hh:mm).
+     * <p>
+     * Normally in a certificate we would expect "Z" rather than "GMT",
+     * however adding the "GMT" means we can just use:
+     * <pre>
+     *     dateF = new SimpleDateFormat("yyyyMMddHHmmssz");
+     * </pre>
+     * To read in the time and get a date which is compatible with our local
+     * time zone.
+     * @return a String representation of the time.
+     */
+    public String getTime()
+    {
+        String stime = Strings.fromByteArray(time);
+
+        //
+        // standardise the format.
+        //
+        if (stime.charAt(stime.length() - 1) == 'Z')
+        {
+            return stime.substring(0, stime.length() - 1) + "GMT+00:00";
+        }
+        else
+        {
+            int signPos = stime.length() - 5;
+            char sign = stime.charAt(signPos);
+            if (sign == '-' || sign == '+')
+            {
+                return stime.substring(0, signPos)
+                    + "GMT"
+                    + stime.substring(signPos, signPos + 3)
+                    + ":"
+                    + stime.substring(signPos + 3);
+            }
+            else
+            {
+                signPos = stime.length() - 3;
+                sign = stime.charAt(signPos);
+                if (sign == '-' || sign == '+')
+                {
+                    return stime.substring(0, signPos)
+                        + "GMT"
+                        + stime.substring(signPos)
+                        + ":00";
+                }
+            }
+        }
+        return stime + calculateGMTOffset();
+    }
+
+    private String calculateGMTOffset()
+    {
+        String sign = "+";
+        TimeZone timeZone = TimeZone.getDefault();
+        int offset = timeZone.getRawOffset();
+        if (offset < 0)
+        {
+            sign = "-";
+            offset = -offset;
+        }
+        int hours = offset / (60 * 60 * 1000);
+        int minutes = (offset - (hours * 60 * 60 * 1000)) / (60 * 1000);
+
+        try
+        {
+            if (timeZone.useDaylightTime() && timeZone.inDaylightTime(this.getDate()))
+            {
+                hours += sign.equals("+") ? 1 : -1;
+            }
+        }
+        catch (ParseException e)
+        {
+            // we'll do our best and ignore daylight savings
+        }
+
+        return "GMT" + sign + convert(hours) + ":" + convert(minutes);
+    }
+
+    private String convert(int time)
+    {
+        if (time < 10)
+        {
+            return "0" + time;
+        }
+
+        return Integer.toString(time);
+    }
+
+    public Date getDate()
+        throws ParseException
+    {
+        SimpleDateFormat dateF;
+        String stime = Strings.fromByteArray(time);
+        String d = stime;
+
+        if (stime.endsWith("Z"))
+        {
+            if (hasFractionalSeconds())
+            {
+                // Android-changed: Use localized version
+                // dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS'Z'");
+                dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS'Z'", Locale.US);
+            }
+            else if (hasSeconds())
+            {
+                // Android-changed: Use localized version
+                // dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'");
+                dateF = new SimpleDateFormat("yyyyMMddHHmmss'Z'", Locale.US);
+            }
+            else if (hasMinutes())
+            {
+                // Android-changed: Use localized version
+                // dateF = new SimpleDateFormat("yyyyMMddHHmm'Z'");
+                dateF = new SimpleDateFormat("yyyyMMddHHmm'Z'", Locale.US);
+            }
+            else
+            {
+                // Android-changed: Use localized version
+                // dateF = new SimpleDateFormat("yyyyMMddHH'Z'");
+                dateF = new SimpleDateFormat("yyyyMMddHH'Z'", Locale.US);
+            }
+
+            dateF.setTimeZone(new SimpleTimeZone(0, "Z"));
+        }
+        else if (stime.indexOf('-') > 0 || stime.indexOf('+') > 0)
+        {
+            d = this.getTime();
+            if (hasFractionalSeconds())
+            {
+                // Android-changed: Use localized version
+                // dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSSz");
+                dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSSz", Locale.US);
+            }
+            else if (hasSeconds())
+            {
+                // Android-changed: Use localized version
+                // dateF = new SimpleDateFormat("yyyyMMddHHmmssz");
+                dateF = new SimpleDateFormat("yyyyMMddHHmmssz", Locale.US);
+            }
+            else if (hasMinutes())
+            {
+                // Android-changed: Use localized version
+                // dateF = new SimpleDateFormat("yyyyMMddHHmmz");
+                dateF = new SimpleDateFormat("yyyyMMddHHmmz", Locale.US);
+            }
+            else
+            {
+                // Android-changed: Use localized version
+                // dateF = new SimpleDateFormat("yyyyMMddHHz");
+                dateF = new SimpleDateFormat("yyyyMMddHHz", Locale.US);
+            }
+
+            dateF.setTimeZone(new SimpleTimeZone(0, "Z"));
+        }
+        else
+        {
+            if (hasFractionalSeconds())
+            {
+                // Android-changed: Use localized version
+                // dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS");
+                dateF = new SimpleDateFormat("yyyyMMddHHmmss.SSS", Locale.US);
+            }
+            else if (hasSeconds())
+            {
+                // Android-changed: Use localized version
+                // dateF = new SimpleDateFormat("yyyyMMddHHmmss");
+                dateF = new SimpleDateFormat("yyyyMMddHHmmss", Locale.US);
+            }
+            else if (hasMinutes())
+            {
+                // Android-changed: Use localized version
+                // dateF = new SimpleDateFormat("yyyyMMddHHmm");
+                dateF = new SimpleDateFormat("yyyyMMddHHmm", Locale.US);
+            }
+            else
+            {
+                // Android-changed: Use localized version
+                // dateF = new SimpleDateFormat("yyyyMMddHH");
+                dateF = new SimpleDateFormat("yyyyMMddHH", Locale.US);
+            }
+
+            dateF.setTimeZone(new SimpleTimeZone(0, TimeZone.getDefault().getID()));
+        }
+
+        if (hasFractionalSeconds())
+        {
+            // java misinterprets extra digits as being milliseconds...
+            String frac = d.substring(14);
+            int index;
+            for (index = 1; index < frac.length(); index++)
+            {
+                char ch = frac.charAt(index);
+                if (!('0' <= ch && ch <= '9'))
+                {
+                    break;
+                }
+            }
+
+            if (index - 1 > 3)
+            {
+                frac = frac.substring(0, 4) + frac.substring(index);
+                d = d.substring(0, 14) + frac;
+            }
+            else if (index - 1 == 1)
+            {
+                frac = frac.substring(0, index) + "00" + frac.substring(index);
+                d = d.substring(0, 14) + frac;
+            }
+            else if (index - 1 == 2)
+            {
+                frac = frac.substring(0, index) + "0" + frac.substring(index);
+                d = d.substring(0, 14) + frac;
+            }
+        }
+
+        return DateUtil.epochAdjust(dateF.parse(d));
+    }
+
+    protected boolean hasFractionalSeconds()
+    {
+        for (int i = 0; i != time.length; i++)
+        {
+            if (time[i] == '.')
+            {
+                if (i == 14)
+                {
+                    return true;
+                }
+            }
+        }
+        return false;
+    }
+
+    protected boolean hasSeconds()
+    {
+        return isDigit(12) && isDigit(13);
+    }
+
+    protected boolean hasMinutes()
+    {
+        return isDigit(10) && isDigit(11);
+    }
+
+    private boolean isDigit(int pos)
+    {
+        return time.length > pos && time[pos] >= '0' && time[pos] <= '9';
+    }
+
+    boolean isConstructed()
+    {
+        return false;
+    }
+
+    int encodedLength()
+    {
+        int length = time.length;
+
+        return 1 + StreamUtil.calculateBodyLength(length) + length;
+    }
+
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        out.writeEncoded(BERTags.GENERALIZED_TIME, time);
+    }
+
+    ASN1Primitive toDERObject()
+    {
+        return new DERGeneralizedTime(time);
+    }
+
+    boolean asn1Equals(
+        ASN1Primitive o)
+    {
+        if (!(o instanceof ASN1GeneralizedTime))
+        {
+            return false;
+        }
+
+        return Arrays.areEqual(time, ((ASN1GeneralizedTime)o).time);
+    }
+
+    public int hashCode()
+    {
+        return Arrays.hashCode(time);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Generator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Generator.java
new file mode 100644
index 0000000..3799c6f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Generator.java

@@ -0,0 +1,30 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.OutputStream;
+
+/**
+ * Basic class for streaming generators.
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class ASN1Generator
+{
+    protected OutputStream _out;
+
+    /**
+     * Base constructor.
+     *
+     * @param out the end output stream that object encodings are written to.
+     */
+    public ASN1Generator(OutputStream out)
+    {
+        _out = out;
+    }
+
+    /**
+     * Return the actual stream object encodings are written to.
+     *
+     * @return the stream that is directly encoded to.
+     */
+    public abstract OutputStream getRawOutputStream();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1InputStream.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1InputStream.java
new file mode 100644
index 0000000..d3f5189
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1InputStream.java

@@ -0,0 +1,485 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.ByteArrayInputStream;
+import java.io.EOFException;
+import java.io.FilterInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+
+import com.android.org.bouncycastle.util.io.Streams;
+
+/**
+ * A general purpose ASN.1 decoder - note: this class differs from the
+ * others in that it returns null after it has read the last object in
+ * the stream. If an ASN.1 NULL is encountered a DER/BER Null object is
+ * returned.
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public class ASN1InputStream
+    extends FilterInputStream
+    implements BERTags
+{
+    private final int limit;
+    private final boolean lazyEvaluate;
+
+    private final byte[][] tmpBuffers;
+
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public ASN1InputStream(
+        InputStream is)
+    {
+        this(is, StreamUtil.findLimit(is));
+    }
+
+    /**
+     * Create an ASN1InputStream based on the input byte array. The length of DER objects in
+     * the stream is automatically limited to the length of the input array.
+     * 
+     * @param input array containing ASN.1 encoded data.
+     */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public ASN1InputStream(
+        byte[] input)
+    {
+        this(new ByteArrayInputStream(input), input.length);
+    }
+
+    /**
+     * Create an ASN1InputStream based on the input byte array. The length of DER objects in
+     * the stream is automatically limited to the length of the input array.
+     *
+     * @param input array containing ASN.1 encoded data.
+     * @param lazyEvaluate true if parsing inside constructed objects can be delayed.
+     */
+    public ASN1InputStream(
+        byte[] input,
+        boolean lazyEvaluate)
+    {
+        this(new ByteArrayInputStream(input), input.length, lazyEvaluate);
+    }
+    
+    /**
+     * Create an ASN1InputStream where no DER object will be longer than limit.
+     * 
+     * @param input stream containing ASN.1 encoded data.
+     * @param limit maximum size of a DER encoded object.
+     */
+    public ASN1InputStream(
+        InputStream input,
+        int         limit)
+    {
+        this(input, limit, false);
+    }
+
+    /**
+     * Create an ASN1InputStream where no DER object will be longer than limit, and constructed
+     * objects such as sequences will be parsed lazily.
+     *
+     * @param input stream containing ASN.1 encoded data.
+     * @param lazyEvaluate true if parsing inside constructed objects can be delayed.
+     */
+    public ASN1InputStream(
+        InputStream input,
+        boolean     lazyEvaluate)
+    {
+        this(input, StreamUtil.findLimit(input), lazyEvaluate);
+    }
+
+    /**
+     * Create an ASN1InputStream where no DER object will be longer than limit, and constructed
+     * objects such as sequences will be parsed lazily.
+     *
+     * @param input stream containing ASN.1 encoded data.
+     * @param limit maximum size of a DER encoded object.
+     * @param lazyEvaluate true if parsing inside constructed objects can be delayed.
+     */
+    public ASN1InputStream(
+        InputStream input,
+        int         limit,
+        boolean     lazyEvaluate)
+    {
+        super(input);
+        this.limit = limit;
+        this.lazyEvaluate = lazyEvaluate;
+        this.tmpBuffers = new byte[11][];
+    }
+
+    int getLimit()
+    {
+        return limit;
+    }
+
+    protected int readLength()
+        throws IOException
+    {
+        return readLength(this, limit);
+    }
+
+    protected void readFully(
+        byte[]  bytes)
+        throws IOException
+    {
+        if (Streams.readFully(this, bytes) != bytes.length)
+        {
+            throw new EOFException("EOF encountered in middle of object");
+        }
+    }
+
+    /**
+     * build an object given its tag and the number of bytes to construct it from.
+     *
+     * @param tag the full tag details.
+     * @param tagNo the tagNo defined.
+     * @param length the length of the object.
+     * @return the resulting primitive.
+     * @throws java.io.IOException on processing exception.
+     */
+    protected ASN1Primitive buildObject(
+        int       tag,
+        int       tagNo,
+        int       length)
+        throws IOException
+    {
+        boolean isConstructed = (tag & CONSTRUCTED) != 0;
+
+        DefiniteLengthInputStream defIn = new DefiniteLengthInputStream(this, length);
+
+        if ((tag & APPLICATION) != 0)
+        {
+            return new DLApplicationSpecific(isConstructed, tagNo, defIn.toByteArray());
+        }
+
+        if ((tag & TAGGED) != 0)
+        {
+            return new ASN1StreamParser(defIn).readTaggedObject(isConstructed, tagNo);
+        }
+
+        if (isConstructed)
+        {
+            // TODO There are other tags that may be constructed (e.g. BIT_STRING)
+            switch (tagNo)
+            {
+                case OCTET_STRING:
+                    //
+                    // yes, people actually do this...
+                    //
+                    ASN1EncodableVector v = buildDEREncodableVector(defIn);
+                    ASN1OctetString[] strings = new ASN1OctetString[v.size()];
+
+                    for (int i = 0; i != strings.length; i++)
+                    {
+                        strings[i] = (ASN1OctetString)v.get(i);
+                    }
+
+                    return new BEROctetString(strings);
+                case SEQUENCE:
+                    if (lazyEvaluate)
+                    {
+                        return new LazyEncodedSequence(defIn.toByteArray());
+                    }
+                    else
+                    {
+                        return DERFactory.createSequence(buildDEREncodableVector(defIn));   
+                    }
+                case SET:
+                    return DERFactory.createSet(buildDEREncodableVector(defIn));
+                case EXTERNAL:
+                    return new DLExternal(buildDEREncodableVector(defIn));
+                default:
+                    throw new IOException("unknown tag " + tagNo + " encountered");
+            }
+        }
+
+        return createPrimitiveDERObject(tagNo, defIn, tmpBuffers);
+    }
+
+    ASN1EncodableVector buildEncodableVector()
+        throws IOException
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+        ASN1Primitive o;
+
+        while ((o = readObject()) != null)
+        {
+            v.add(o);
+        }
+
+        return v;
+    }
+
+    ASN1EncodableVector buildDEREncodableVector(
+        DefiniteLengthInputStream dIn) throws IOException
+    {
+        return new ASN1InputStream(dIn).buildEncodableVector();
+    }
+
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public ASN1Primitive readObject()
+        throws IOException
+    {
+        int tag = read();
+        if (tag <= 0)
+        {
+            if (tag == 0)
+            {
+                throw new IOException("unexpected end-of-contents marker");
+            }
+
+            return null;
+        }
+
+        //
+        // calculate tag number
+        //
+        int tagNo = readTagNumber(this, tag);
+
+        boolean isConstructed = (tag & CONSTRUCTED) != 0;
+
+        //
+        // calculate length
+        //
+        int length = readLength();
+
+        if (length < 0) // indefinite-length method
+        {
+            if (!isConstructed)
+            {
+                throw new IOException("indefinite-length primitive encoding encountered");
+            }
+
+            IndefiniteLengthInputStream indIn = new IndefiniteLengthInputStream(this, limit);
+            ASN1StreamParser sp = new ASN1StreamParser(indIn, limit);
+
+            if ((tag & APPLICATION) != 0)
+            {
+                return new BERApplicationSpecificParser(tagNo, sp).getLoadedObject();
+            }
+
+            if ((tag & TAGGED) != 0)
+            {
+                return new BERTaggedObjectParser(true, tagNo, sp).getLoadedObject();
+            }
+
+            // TODO There are other tags that may be constructed (e.g. BIT_STRING)
+            switch (tagNo)
+            {
+                case OCTET_STRING:
+                    return new BEROctetStringParser(sp).getLoadedObject();
+                case SEQUENCE:
+                    return new BERSequenceParser(sp).getLoadedObject();
+                case SET:
+                    return new BERSetParser(sp).getLoadedObject();
+                case EXTERNAL:
+                    return new DERExternalParser(sp).getLoadedObject();
+                default:
+                    throw new IOException("unknown BER object encountered");
+            }
+        }
+        else
+        {
+            try
+            {
+                return buildObject(tag, tagNo, length);
+            }
+            catch (IllegalArgumentException e)
+            {
+                throw new ASN1Exception("corrupted stream detected", e);
+            }
+        }
+    }
+
+    static int readTagNumber(InputStream s, int tag) 
+        throws IOException
+    {
+        int tagNo = tag & 0x1f;
+
+        //
+        // with tagged object tag number is bottom 5 bits, or stored at the start of the content
+        //
+        if (tagNo == 0x1f)
+        {
+            tagNo = 0;
+
+            int b = s.read();
+
+            // X.690-0207 8.1.2.4.2
+            // "c) bits 7 to 1 of the first subsequent octet shall not all be zero."
+            if ((b & 0x7f) == 0) // Note: -1 will pass
+            {
+                throw new IOException("corrupted stream - invalid high tag number found");
+            }
+
+            while ((b >= 0) && ((b & 0x80) != 0))
+            {
+                tagNo |= (b & 0x7f);
+                tagNo <<= 7;
+                b = s.read();
+            }
+
+            if (b < 0)
+            {
+                throw new EOFException("EOF found inside tag value.");
+            }
+            
+            tagNo |= (b & 0x7f);
+        }
+        
+        return tagNo;
+    }
+
+    static int readLength(InputStream s, int limit)
+        throws IOException
+    {
+        int length = s.read();
+        if (length < 0)
+        {
+            throw new EOFException("EOF found when length expected");
+        }
+
+        if (length == 0x80)
+        {
+            return -1;      // indefinite-length encoding
+        }
+
+        if (length > 127)
+        {
+            int size = length & 0x7f;
+
+            // Note: The invalid long form "0xff" (see X.690 8.1.3.5c) will be caught here
+            if (size > 4)
+            {
+                throw new IOException("DER length more than 4 bytes: " + size);
+            }
+
+            length = 0;
+            for (int i = 0; i < size; i++)
+            {
+                int next = s.read();
+
+                if (next < 0)
+                {
+                    throw new EOFException("EOF found reading length");
+                }
+
+                length = (length << 8) + next;
+            }
+
+            if (length < 0)
+            {
+                throw new IOException("corrupted stream - negative length found");
+            }
+
+            if (length >= limit)   // after all we must have read at least 1 byte
+            {
+                throw new IOException("corrupted stream - out of bounds length found");
+            }
+        }
+
+        return length;
+    }
+
+    private static byte[] getBuffer(DefiniteLengthInputStream defIn, byte[][] tmpBuffers)
+        throws IOException
+    {
+        int len = defIn.getRemaining();
+        if (defIn.getRemaining() < tmpBuffers.length)
+        {
+            byte[] buf = tmpBuffers[len];
+
+            if (buf == null)
+            {
+                buf = tmpBuffers[len] = new byte[len];
+            }
+
+            Streams.readFully(defIn, buf);
+
+            return buf;
+        }
+        else
+        {
+            return defIn.toByteArray();
+        }
+    }
+
+    private static char[] getBMPCharBuffer(DefiniteLengthInputStream defIn)
+        throws IOException
+    {
+        int len = defIn.getRemaining() / 2;
+        char[] buf = new char[len];
+        int totalRead = 0;
+        while (totalRead < len)
+        {
+            int ch1 = defIn.read();
+            if (ch1 < 0)
+            {
+                break;
+            }
+            int ch2 = defIn.read();
+            if (ch2 < 0)
+            {
+                break;
+            }
+            buf[totalRead++] = (char)((ch1 << 8) | (ch2 & 0xff));
+        }
+
+        return buf;
+    }
+
+    static ASN1Primitive createPrimitiveDERObject(
+        int     tagNo,
+        DefiniteLengthInputStream defIn,
+        byte[][] tmpBuffers)
+        throws IOException
+    {
+        switch (tagNo)
+        {
+            case BIT_STRING:
+                return ASN1BitString.fromInputStream(defIn.getRemaining(), defIn);
+            case BMP_STRING:
+                return new DERBMPString(getBMPCharBuffer(defIn));
+            case BOOLEAN:
+                return ASN1Boolean.fromOctetString(getBuffer(defIn, tmpBuffers));
+            case ENUMERATED:
+                return ASN1Enumerated.fromOctetString(getBuffer(defIn, tmpBuffers));
+            case GENERALIZED_TIME:
+                return new ASN1GeneralizedTime(defIn.toByteArray());
+            case GENERAL_STRING:
+                return new DERGeneralString(defIn.toByteArray());
+            case IA5_STRING:
+                return new DERIA5String(defIn.toByteArray());
+            case INTEGER:
+                return new ASN1Integer(defIn.toByteArray(), false);
+            case NULL:
+                return DERNull.INSTANCE;   // actual content is ignored (enforce 0 length?)
+            case NUMERIC_STRING:
+                return new DERNumericString(defIn.toByteArray());
+            case OBJECT_IDENTIFIER:
+                return ASN1ObjectIdentifier.fromOctetString(getBuffer(defIn, tmpBuffers));
+            case OCTET_STRING:
+                return new DEROctetString(defIn.toByteArray());
+            case PRINTABLE_STRING:
+                return new DERPrintableString(defIn.toByteArray());
+            case T61_STRING:
+                return new DERT61String(defIn.toByteArray());
+            case UNIVERSAL_STRING:
+                return new DERUniversalString(defIn.toByteArray());
+            case UTC_TIME:
+                return new ASN1UTCTime(defIn.toByteArray());
+            case UTF8_STRING:
+                return new DERUTF8String(defIn.toByteArray());
+            case VISIBLE_STRING:
+                return new DERVisibleString(defIn.toByteArray());
+            case GRAPHIC_STRING:
+                return new DERGraphicString(defIn.toByteArray());
+            case VIDEOTEX_STRING:
+                return new DERVideotexString(defIn.toByteArray());
+            default:
+                throw new IOException("unknown tag " + tagNo + " encountered");
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Integer.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Integer.java
new file mode 100644
index 0000000..6ccfae0
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Integer.java

@@ -0,0 +1,227 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Properties;
+
+/**
+ * Class representing the ASN.1 INTEGER type.
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public class ASN1Integer
+    extends ASN1Primitive
+{
+    private final byte[] bytes;
+
+    /**
+     * Return an integer from the passed in object.
+     *
+     * @param obj an ASN1Integer or an object that can be converted into one.
+     * @return an ASN1Integer instance.
+     * @throws IllegalArgumentException if the object cannot be converted.
+     */
+    public static ASN1Integer getInstance(
+        Object obj)
+    {
+        if (obj == null || obj instanceof ASN1Integer)
+        {
+            return (ASN1Integer)obj;
+        }
+
+        if (obj instanceof byte[])
+        {
+            try
+            {
+                return (ASN1Integer)fromByteArray((byte[])obj);
+            }
+            catch (Exception e)
+            {
+                throw new IllegalArgumentException("encoding error in getInstance: " + e.toString());
+            }
+        }
+
+        throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName());
+    }
+
+    /**
+     * Return an Integer from a tagged object.
+     *
+     * @param obj      the tagged object holding the object we want
+     * @param explicit true if the object is meant to be explicitly
+     *                 tagged false otherwise.
+     * @return an ASN1Integer instance.
+     * @throws IllegalArgumentException if the tagged object cannot
+     * be converted.
+     */
+    public static ASN1Integer getInstance(
+        ASN1TaggedObject obj,
+        boolean explicit)
+    {
+        ASN1Primitive o = obj.getObject();
+
+        if (explicit || o instanceof ASN1Integer)
+        {
+            return getInstance(o);
+        }
+        else
+        {
+            return new ASN1Integer(ASN1OctetString.getInstance(o).getOctets());
+        }
+    }
+
+    /**
+     * Construct an INTEGER from the passed in long value.
+     *
+     * @param value the long representing the value desired.
+     */
+    public ASN1Integer(
+        long value)
+    {
+        bytes = BigInteger.valueOf(value).toByteArray();
+    }
+
+    /**
+     * Construct an INTEGER from the passed in BigInteger value.
+     *
+     * @param value the BigInteger representing the value desired.
+     */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public ASN1Integer(
+        BigInteger value)
+    {
+        bytes = value.toByteArray();
+    }
+
+    /**
+     * Construct an INTEGER from the passed in byte array.
+     *
+     * <p>
+     * <b>NB: Strict Validation applied by default.</b>
+     * </p>
+     * <p>
+     * It has turned out that there are still a few applications that struggle with
+     * the ASN.1 BER encoding rules for an INTEGER as described in:
+     *
+     * https://www.itu.int/ITU-T/studygroups/com17/languages/X.690-0207.pdf
+     * Section 8.3.2.
+     * </p>
+     * <p>
+     * Users can set the 'org.bouncycastle.asn1.allow_unsafe_integer' to 'true'
+     * and a looser validation will be applied. Users must recognise that this is
+     * not ideal and may pave the way for an exploit based around a faulty encoding
+     * in the future.
+     * </p>
+     *
+     * @param bytes the byte array representing a 2's complement encoding of a BigInteger.
+     */
+    public ASN1Integer(
+        byte[] bytes)
+    {
+        this(bytes, true);
+    }
+
+    ASN1Integer(byte[] bytes, boolean clone)
+    {
+        // Apply loose validation, see note in public constructor ANS1Integer(byte[])
+        if (!Properties.isOverrideSet("com.android.org.bouncycastle.asn1.allow_unsafe_integer"))
+        {
+            if (isMalformed(bytes))
+            {                           
+                throw new IllegalArgumentException("malformed integer");
+            }
+        }
+        this.bytes = (clone) ? Arrays.clone(bytes) : bytes;
+    }
+
+    /**
+     * Apply the correct validation for an INTEGER primitive following the BER rules.
+     *
+     * @param bytes The raw encoding of the integer.
+     * @return true if the (in)put fails this validation.
+     */
+    static boolean isMalformed(byte[] bytes)
+    {
+        if (bytes.length > 1)
+        {
+            if (bytes[0] == 0 && (bytes[1] & 0x80) == 0)
+            {
+                return true;
+            }
+            if (bytes[0] == (byte)0xff && (bytes[1] & 0x80) != 0)
+            {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    public BigInteger getValue()
+    {
+        return new BigInteger(bytes);
+    }
+
+    /**
+     * in some cases positive values get crammed into a space,
+     * that's not quite big enough...
+     *
+     * @return the BigInteger that results from treating this ASN.1 INTEGER as unsigned.
+     */
+    public BigInteger getPositiveValue()
+    {
+        return new BigInteger(1, bytes);
+    }
+
+    boolean isConstructed()
+    {
+        return false;
+    }
+
+    int encodedLength()
+    {
+        return 1 + StreamUtil.calculateBodyLength(bytes.length) + bytes.length;
+    }
+
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        out.writeEncoded(BERTags.INTEGER, bytes);
+    }
+
+    public int hashCode()
+    {
+        int value = 0;
+
+        for (int i = 0; i != bytes.length; i++)
+        {
+            value ^= (bytes[i] & 0xff) << (i % 4);
+        }
+
+        return value;
+    }
+
+    boolean asn1Equals(
+        ASN1Primitive o)
+    {
+        if (!(o instanceof ASN1Integer))
+        {
+            return false;
+        }
+
+        ASN1Integer other = (ASN1Integer)o;
+
+        return Arrays.areEqual(bytes, other.bytes);
+    }
+
+    public String toString()
+    {
+        return getValue().toString();
+    }
+
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Null.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Null.java
new file mode 100644
index 0000000..a0876fc
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Null.java

@@ -0,0 +1,87 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+/***************************************************************/
+/******    DO NOT EDIT THIS CLASS bc-java SOURCE FILE     ******/
+/***************************************************************/
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+/**
+ * A NULL object - use DERNull.INSTANCE for populating structures.
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public abstract class ASN1Null
+    extends ASN1Primitive
+{
+    ASN1Null()
+    {
+
+    }
+
+    /**
+     * Return an instance of ASN.1 NULL from the passed in object.
+     * <p>
+     * Accepted inputs:
+     * <ul>
+     * <li> null &rarr; null
+     * <li> {@link ASN1Null} object
+     * <li> a byte[] containing ASN.1 NULL object
+     * </ul>
+     * </p>
+     *
+     * @param o object to be converted.
+     * @return an instance of ASN1Null, or null.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     */
+    public static ASN1Null getInstance(Object o)
+    {
+        if (o instanceof ASN1Null)
+        {
+            return (ASN1Null)o;
+        }
+
+        if (o != null)
+        {
+            try
+            {
+                return ASN1Null.getInstance(ASN1Primitive.fromByteArray((byte[])o));
+            }
+            catch (IOException e)
+            {
+                throw new IllegalArgumentException("failed to construct NULL from byte[]: " + e.getMessage());
+            }
+            catch (ClassCastException e)
+            {
+                throw new IllegalArgumentException("unknown object in getInstance(): " + o.getClass().getName());
+            }
+        }
+
+        return null;
+    }
+
+    @libcore.api.CorePlatformApi
+    public int hashCode()
+    {
+        return -1;
+    }
+
+    boolean asn1Equals(
+        ASN1Primitive o)
+    {
+        if (!(o instanceof ASN1Null))
+        {
+            return false;
+        }
+        
+        return true;
+    }
+
+    abstract void encode(ASN1OutputStream out)
+        throws IOException;
+
+    public String toString()
+    {
+         return "NULL";
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Object.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Object.java
new file mode 100644
index 0000000..c8afd01
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Object.java

@@ -0,0 +1,122 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+
+import com.android.org.bouncycastle.util.Encodable;
+
+/**
+ * Base class for defining an ASN.1 object.
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public abstract class ASN1Object
+    implements ASN1Encodable, Encodable
+{
+    @libcore.api.CorePlatformApi
+    public ASN1Object() {
+    }
+
+    /**
+     * Return the default BER or DER encoding for this object.
+     *
+     * @return BER/DER byte encoded object.
+     * @throws java.io.IOException on encoding error.
+     */
+    @libcore.api.CorePlatformApi
+    public byte[] getEncoded()
+        throws IOException
+    {
+        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
+        ASN1OutputStream      aOut = new ASN1OutputStream(bOut);
+
+        aOut.writeObject(this);
+
+        return bOut.toByteArray();
+    }
+
+    /**
+     * Return either the default for "BER" or a DER encoding if "DER" is specified.
+     *
+     * @param encoding name of encoding to use.
+     * @return byte encoded object.
+     * @throws IOException on encoding error.
+     */
+    @libcore.api.CorePlatformApi
+    public byte[] getEncoded(
+        String encoding)
+        throws IOException
+    {
+        if (encoding.equals(ASN1Encoding.DER))
+        {
+            ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
+            DEROutputStream         dOut = new DEROutputStream(bOut);
+
+            dOut.writeObject(this);
+
+            return bOut.toByteArray();
+        }
+        else if (encoding.equals(ASN1Encoding.DL))
+        {
+            ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
+            DLOutputStream          dOut = new DLOutputStream(bOut);
+
+            dOut.writeObject(this);
+
+            return bOut.toByteArray();
+        }
+
+        return this.getEncoded();
+    }
+
+    public int hashCode()
+    {
+        return this.toASN1Primitive().hashCode();
+    }
+
+    public boolean equals(
+        Object  o)
+    {
+        if (this == o)
+        {
+            return true;
+        }
+
+        if (!(o instanceof ASN1Encodable))
+        {
+            return false;
+        }
+
+        ASN1Encodable other = (ASN1Encodable)o;
+
+        return this.toASN1Primitive().equals(other.toASN1Primitive());
+    }
+
+    /**
+     * @deprecated use toASN1Primitive()
+     * @return the underlying primitive type.
+     */
+    public ASN1Primitive toASN1Object()
+    {
+        return this.toASN1Primitive();
+    }
+
+    /**
+     * Return true if obj is a byte array and represents an object with the given tag value.
+     *
+     * @param obj object of interest.
+     * @param tagValue tag value to check for.
+     * @return  true if obj is a byte encoding starting with the given tag value, false otherwise.
+     */
+    protected static boolean hasEncodedTagValue(Object obj, int tagValue)
+    {
+        return (obj instanceof byte[]) && ((byte[])obj)[0] == tagValue;
+    }
+
+    /**
+     * Method providing a primitive representation of this object suitable for encoding.
+     * @return a primitive representation of this object.
+     */
+    public abstract ASN1Primitive toASN1Primitive();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1ObjectIdentifier.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1ObjectIdentifier.java
new file mode 100644
index 0000000..d49d4c8
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1ObjectIdentifier.java

@@ -0,0 +1,490 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.math.BigInteger;
+import java.util.concurrent.ConcurrentHashMap;
+import java.util.concurrent.ConcurrentMap;
+
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * Class representing the ASN.1 OBJECT IDENTIFIER type.
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public class ASN1ObjectIdentifier
+    extends ASN1Primitive
+{
+    private final String identifier;
+
+    private byte[] body;
+
+    /**
+     * Return an OID from the passed in object
+     *
+     * @param obj an ASN1ObjectIdentifier or an object that can be converted into one.
+     * @return an ASN1ObjectIdentifier instance, or null.
+     * @throws IllegalArgumentException if the object cannot be converted.
+     */
+    @libcore.api.CorePlatformApi
+    public static ASN1ObjectIdentifier getInstance(
+        Object obj)
+    {
+        if (obj == null || obj instanceof ASN1ObjectIdentifier)
+        {
+            return (ASN1ObjectIdentifier)obj;
+        }
+
+        if (obj instanceof ASN1Encodable)
+        {
+            ASN1Primitive primitive = ((ASN1Encodable)obj).toASN1Primitive();
+
+            if (primitive instanceof ASN1ObjectIdentifier)
+            {
+                return (ASN1ObjectIdentifier)primitive;
+            }
+        }
+
+        if (obj instanceof byte[])
+        {
+            byte[] enc = (byte[])obj;
+            try
+            {
+                return (ASN1ObjectIdentifier)fromByteArray(enc);
+            }
+            catch (IOException e)
+            {
+                throw new IllegalArgumentException("failed to construct object identifier from byte[]: " + e.getMessage());
+            }
+        }
+
+        throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName());
+    }
+
+    /**
+     * Return an OBJECT IDENTIFIER from a tagged object.
+     *
+     * @param obj      the tagged object holding the object we want
+     * @param explicit true if the object is meant to be explicitly
+     *                 tagged false otherwise.
+     * @return an ASN1ObjectIdentifier instance, or null.
+     * @throws IllegalArgumentException if the tagged object cannot
+     * be converted.
+     */
+    public static ASN1ObjectIdentifier getInstance(
+        ASN1TaggedObject obj,
+        boolean explicit)
+    {
+        ASN1Primitive o = obj.getObject();
+
+        if (explicit || o instanceof ASN1ObjectIdentifier)
+        {
+            return getInstance(o);
+        }
+        else
+        {
+            return ASN1ObjectIdentifier.fromOctetString(ASN1OctetString.getInstance(o).getOctets());
+        }
+    }
+
+    private static final long LONG_LIMIT = (Long.MAX_VALUE >> 7) - 0x7f;
+
+    ASN1ObjectIdentifier(
+        byte[] bytes)
+    {
+        StringBuffer objId = new StringBuffer();
+        long value = 0;
+        BigInteger bigValue = null;
+        boolean first = true;
+
+        for (int i = 0; i != bytes.length; i++)
+        {
+            int b = bytes[i] & 0xff;
+
+            if (value <= LONG_LIMIT)
+            {
+                value += (b & 0x7f);
+                if ((b & 0x80) == 0)             // end of number reached
+                {
+                    if (first)
+                    {
+                        if (value < 40)
+                        {
+                            objId.append('0');
+                        }
+                        else if (value < 80)
+                        {
+                            objId.append('1');
+                            value -= 40;
+                        }
+                        else
+                        {
+                            objId.append('2');
+                            value -= 80;
+                        }
+                        first = false;
+                    }
+
+                    objId.append('.');
+                    objId.append(value);
+                    value = 0;
+                }
+                else
+                {
+                    value <<= 7;
+                }
+            }
+            else
+            {
+                if (bigValue == null)
+                {
+                    bigValue = BigInteger.valueOf(value);
+                }
+                bigValue = bigValue.or(BigInteger.valueOf(b & 0x7f));
+                if ((b & 0x80) == 0)
+                {
+                    if (first)
+                    {
+                        objId.append('2');
+                        bigValue = bigValue.subtract(BigInteger.valueOf(80));
+                        first = false;
+                    }
+
+                    objId.append('.');
+                    objId.append(bigValue);
+                    bigValue = null;
+                    value = 0;
+                }
+                else
+                {
+                    bigValue = bigValue.shiftLeft(7);
+                }
+            }
+        }
+
+        // Android-changed: Intern the identifier so there aren't hundreds of duplicates in practice.
+        this.identifier = objId.toString().intern();
+        this.body = Arrays.clone(bytes);
+    }
+
+    /**
+     * Create an OID based on the passed in String.
+     *
+     * @param identifier a string representation of an OID.
+     */
+    @libcore.api.CorePlatformApi
+    public ASN1ObjectIdentifier(
+        String identifier)
+    {
+        if (identifier == null)
+        {
+            throw new IllegalArgumentException("'identifier' cannot be null");
+        }
+        if (!isValidIdentifier(identifier))
+        {
+            throw new IllegalArgumentException("string " + identifier + " not an OID");
+        }
+
+        // Android-changed: Intern the identifier so there aren't hundreds of duplicates in practice.
+        this.identifier = identifier.intern();
+    }
+
+    /**
+     * Create an OID that creates a branch under the current one.
+     *
+     * @param branchID node numbers for the new branch.
+     * @return the OID for the new created branch.
+     */
+    ASN1ObjectIdentifier(ASN1ObjectIdentifier oid, String branchID)
+    {
+        if (!isValidBranchID(branchID, 0))
+        {
+            throw new IllegalArgumentException("string " + branchID + " not a valid OID branch");
+        }
+
+        this.identifier = oid.getId() + "." + branchID;
+    }
+
+    /**
+     * Return the OID as a string.
+     *
+     * @return the string representation of the OID carried by this object.
+     */
+    @libcore.api.CorePlatformApi
+    public String getId()
+    {
+        return identifier;
+    }
+
+    /**
+     * Return an OID that creates a branch under the current one.
+     *
+     * @param branchID node numbers for the new branch.
+     * @return the OID for the new created branch.
+     */
+    public ASN1ObjectIdentifier branch(String branchID)
+    {
+        return new ASN1ObjectIdentifier(this, branchID);
+    }
+
+    /**
+     * Return true if this oid is an extension of the passed in branch - stem.
+     *
+     * @param stem the arc or branch that is a possible parent.
+     * @return true if the branch is on the passed in stem, false otherwise.
+     */
+    public boolean on(ASN1ObjectIdentifier stem)
+    {
+        String id = getId(), stemId = stem.getId();
+        return id.length() > stemId.length() && id.charAt(stemId.length()) == '.' && id.startsWith(stemId);
+    }
+
+    private void writeField(
+        ByteArrayOutputStream out,
+        long fieldValue)
+    {
+        byte[] result = new byte[9];
+        int pos = 8;
+        result[pos] = (byte)((int)fieldValue & 0x7f);
+        while (fieldValue >= (1L << 7))
+        {
+            fieldValue >>= 7;
+            result[--pos] = (byte)((int)fieldValue & 0x7f | 0x80);
+        }
+        out.write(result, pos, 9 - pos);
+    }
+
+    private void writeField(
+        ByteArrayOutputStream out,
+        BigInteger fieldValue)
+    {
+        int byteCount = (fieldValue.bitLength() + 6) / 7;
+        if (byteCount == 0)
+        {
+            out.write(0);
+        }
+        else
+        {
+            BigInteger tmpValue = fieldValue;
+            byte[] tmp = new byte[byteCount];
+            for (int i = byteCount - 1; i >= 0; i--)
+            {
+                tmp[i] = (byte)((tmpValue.intValue() & 0x7f) | 0x80);
+                tmpValue = tmpValue.shiftRight(7);
+            }
+            tmp[byteCount - 1] &= 0x7f;
+            out.write(tmp, 0, tmp.length);
+        }
+    }
+
+    private void doOutput(ByteArrayOutputStream aOut)
+    {
+        OIDTokenizer tok = new OIDTokenizer(identifier);
+        int first = Integer.parseInt(tok.nextToken()) * 40;
+
+        String secondToken = tok.nextToken();
+        if (secondToken.length() <= 18)
+        {
+            writeField(aOut, first + Long.parseLong(secondToken));
+        }
+        else
+        {
+            writeField(aOut, new BigInteger(secondToken).add(BigInteger.valueOf(first)));
+        }
+
+        while (tok.hasMoreTokens())
+        {
+            String token = tok.nextToken();
+            if (token.length() <= 18)
+            {
+                writeField(aOut, Long.parseLong(token));
+            }
+            else
+            {
+                writeField(aOut, new BigInteger(token));
+            }
+        }
+    }
+
+    private synchronized byte[] getBody()
+    {
+        if (body == null)
+        {
+            ByteArrayOutputStream bOut = new ByteArrayOutputStream();
+
+            doOutput(bOut);
+
+            body = bOut.toByteArray();
+        }
+
+        return body;
+    }
+
+    boolean isConstructed()
+    {
+        return false;
+    }
+
+    int encodedLength()
+        throws IOException
+    {
+        int length = getBody().length;
+
+        return 1 + StreamUtil.calculateBodyLength(length) + length;
+    }
+
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        byte[] enc = getBody();
+
+        out.write(BERTags.OBJECT_IDENTIFIER);
+        out.writeLength(enc.length);
+        out.write(enc);
+    }
+
+    public int hashCode()
+    {
+        return identifier.hashCode();
+    }
+
+    boolean asn1Equals(
+        ASN1Primitive o)
+    {
+        if (o == this)
+        {
+            return true;
+        }
+
+        if (!(o instanceof ASN1ObjectIdentifier))
+        {
+            return false;
+        }
+
+        return identifier.equals(((ASN1ObjectIdentifier)o).identifier);
+    }
+
+    public String toString()
+    {
+        return getId();
+    }
+
+    private static boolean isValidBranchID(
+        String branchID, int start)
+    {
+        boolean periodAllowed = false;
+
+        int pos = branchID.length();
+        while (--pos >= start)
+        {
+            char ch = branchID.charAt(pos);
+
+            // TODO Leading zeroes?
+            if ('0' <= ch && ch <= '9')
+            {
+                periodAllowed = true;
+                continue;
+            }
+
+            if (ch == '.')
+            {
+                if (!periodAllowed)
+                {
+                    return false;
+                }
+
+                periodAllowed = false;
+                continue;
+            }
+
+            return false;
+        }
+
+        return periodAllowed;
+    }
+
+    private static boolean isValidIdentifier(
+        String identifier)
+    {
+        if (identifier.length() < 3 || identifier.charAt(1) != '.')
+        {
+            return false;
+        }
+
+        char first = identifier.charAt(0);
+        if (first < '0' || first > '2')
+        {
+            return false;
+        }
+
+        return isValidBranchID(identifier, 2);
+    }
+
+    /**
+     * Intern will return a reference to a pooled version of this object, unless it
+     * is not present in which case intern will add it.
+     * <p>
+     * The pool is also used by the ASN.1 parsers to limit the number of duplicated OID
+     * objects in circulation.
+     * </p>
+     *
+     * @return a reference to the identifier in the pool.
+     */
+    public ASN1ObjectIdentifier intern()
+    {
+        final OidHandle hdl = new OidHandle(getBody());
+        ASN1ObjectIdentifier oid = pool.get(hdl);
+        if (oid == null)
+        {
+            oid = pool.putIfAbsent(hdl, this);
+            if (oid == null)
+            {
+                oid = this;
+            }
+        }
+        return oid;
+    }
+
+    private static final ConcurrentMap<OidHandle, ASN1ObjectIdentifier> pool = new ConcurrentHashMap<OidHandle, ASN1ObjectIdentifier>();
+
+    private static class OidHandle
+    {
+        private final int key;
+        private final byte[] enc;
+
+        OidHandle(byte[] enc)
+        {
+            this.key = Arrays.hashCode(enc);
+            this.enc = enc;
+        }
+
+        public int hashCode()
+        {
+            return key;
+        }
+
+        public boolean equals(Object o)
+        {
+            if (o instanceof OidHandle)
+            {
+                return Arrays.areEqual(enc, ((OidHandle)o).enc);
+            }
+
+            return false;
+        }
+    }
+
+    static ASN1ObjectIdentifier fromOctetString(byte[] enc)
+    {
+        final OidHandle hdl = new OidHandle(enc);
+        ASN1ObjectIdentifier oid = pool.get(hdl);
+        if (oid == null)
+        {
+            return new ASN1ObjectIdentifier(enc);
+        }
+        return oid;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1OctetString.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1OctetString.java
new file mode 100644
index 0000000..ded2e14
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1OctetString.java

@@ -0,0 +1,257 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Strings;
+import com.android.org.bouncycastle.util.encoders.Hex;
+
+/**
+ * Abstract base for the ASN.1 OCTET STRING data type
+ * <p>
+ * This supports BER, and DER forms of the data.
+ * </p><p>
+ * DER form is always primitive single OCTET STRING, while
+ * BER support includes the constructed forms.
+ * </p>
+ * <p><b>X.690</b></p>
+ * <p><b>8: Basic encoding rules</b></p>
+ * <p><b>8.7 Encoding of an octetstring value</b></p>
+ * <p>
+ * <b>8.7.1</b> The encoding of an octetstring value shall be
+ * either primitive or constructed at the option of the sender.
+ * <blockquote>
+ * NOTE &mdash; Where it is necessary to transfer part of an octet string
+ * before the entire OCTET STRING is available, the constructed encoding
+ * is used.
+ * </blockquote>
+ * <p>
+ * <b>8.7.2</b> The primitive encoding contains zero,
+ * one or more contents octets equal in value to the octets
+ * in the data value, in the order they appear in the data value,
+ * and with the most significant bit of an octet of the data value
+ * aligned with the most significant bit of an octet of the contents octets.
+ * </p>
+ * <p>
+ * <b>8.7.3</b> The contents octets for the constructed encoding shall consist
+ * of zero, one, or more encodings.
+ * </p>
+ * <blockquote>
+ * NOTE &mdash; Each such encoding includes identifier, length, and contents octets,
+ * and may include end-of-contents octets if it is constructed.
+ * </blockquote>
+ * <p>
+ * <b>8.7.3.1</b> To encode an octetstring value in this way,
+ * it is segmented. Each segment shall consist of a series of
+ * consecutive octets of the value. There shall be no significance
+ * placed on the segment boundaries.</p>
+ * <blockquote>
+ * NOTE &mdash; A segment may be of size zero, i.e. contain no octets.
+ * </blockquote>
+ * <p>
+ * <b>8.7.3.2</b> Each encoding in the contents octets shall represent
+ * a segment of the overall octetstring, the encoding arising from
+ * a recursive application of this subclause.
+ * In this recursive application, each segment is treated as if it were
+ * a octetstring value. The encodings of the segments shall appear in the contents
+ * octets in the order in which their octets appear in the overall value.
+ * </p>
+ * <blockquote>
+ * NOTE 1 &mdash; As a consequence of this recursion,
+ * each encoding in the contents octets may itself
+ * be primitive or constructed.
+ * However, such encodings will usually be primitive.
+ * </blockquote>
+ * <blockquote>
+ * NOTE 2 &mdash; In particular, the tags in the contents octets are always universal class, number 4.
+ * </blockquote>
+ * <p><b>9: Canonical encoding rules</b></p>
+ * <p><b>9.1 Length forms</b></p>
+ * <p>
+ * If the encoding is constructed, it shall employ the indefinite-length form.
+ * If the encoding is primitive, it shall include the fewest length octets necessary.
+ * [Contrast with 8.1.3.2 b).]
+ * </p>
+ * <p><b>9.2 String encoding forms</b></p>
+ * <p>
+ * BIT STRING, OCTET STRING,and restricted character string
+ * values shall be encoded with a primitive encoding if they would
+ * require no more than 1000 contents octets, and as a constructed
+ * encoding otherwise. The string fragments contained in
+ * the constructed encoding shall be encoded with a primitive encoding.
+ * The encoding of each fragment, except possibly
+ * the last, shall have 1000 contents octets. (Contrast with 8.21.6.)
+ * </p><p>
+ * <b>10: Distinguished encoding rules</b>
+ * </p><p>
+ * <b>10.1 Length forms</b>
+ * The definite form of length encoding shall be used,
+ * encoded in the minimum number of octets.
+ * [Contrast with 8.1.3.2 b).] 
+ * </p><p>
+ * <b>10.2 String encoding forms</b>
+ * For BIT STRING, OCTET STRING and restricted character string types,
+ * the constructed form of encoding shall not be used.
+ * (Contrast with 8.21.6.)
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public abstract class ASN1OctetString
+    extends ASN1Primitive
+    implements ASN1OctetStringParser
+{
+    byte[]  string;
+
+    /**
+     * return an Octet String from a tagged object.
+     *
+     * @param obj the tagged object holding the object we want.
+     * @param explicit true if the object is meant to be explicitly
+     *              tagged false otherwise.
+     * @exception IllegalArgumentException if the tagged object cannot
+     *              be converted.
+     */
+    public static ASN1OctetString getInstance(
+        ASN1TaggedObject    obj,
+        boolean             explicit)
+    {
+        ASN1Primitive o = obj.getObject();
+
+        if (explicit || o instanceof ASN1OctetString)
+        {
+            return getInstance(o);
+        }
+        else
+        {
+            return BEROctetString.fromSequence(ASN1Sequence.getInstance(o));
+        }
+    }
+    
+    /**
+     * return an Octet String from the given object.
+     *
+     * @param obj the object we want converted.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     */
+    public static ASN1OctetString getInstance(
+        Object  obj)
+    {
+        if (obj == null || obj instanceof ASN1OctetString)
+        {
+            return (ASN1OctetString)obj;
+        }
+        else if (obj instanceof byte[])
+        {
+            try
+            {
+                return ASN1OctetString.getInstance(ASN1Primitive.fromByteArray((byte[])obj));
+            }
+            catch (IOException e)
+            {
+                throw new IllegalArgumentException("failed to construct OCTET STRING from byte[]: " + e.getMessage());
+            }
+        }
+        else if (obj instanceof ASN1Encodable)
+        {
+            ASN1Primitive primitive = ((ASN1Encodable)obj).toASN1Primitive();
+
+            if (primitive instanceof ASN1OctetString)
+            {
+                return (ASN1OctetString)primitive;
+            }
+        }
+
+        throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName());
+    }
+
+    /**
+     * Base constructor.
+     *
+     * @param string the octets making up the octet string.
+     */
+    public ASN1OctetString(
+        byte[]  string)
+    {
+        if (string == null)
+        {
+            throw new NullPointerException("string cannot be null");
+        }
+        this.string = string;
+    }
+
+    /**
+     * Return the content of the OCTET STRING as an InputStream.
+     *
+     * @return an InputStream representing the OCTET STRING's content.
+     */
+    public InputStream getOctetStream()
+    {
+        return new ByteArrayInputStream(string);
+    }
+
+    /**
+     * Return the parser associated with this object.
+     *
+     * @return a parser based on this OCTET STRING
+     */
+    public ASN1OctetStringParser parser()
+    {
+        return this;
+    }
+
+    /**
+     * Return the content of the OCTET STRING as a byte array.
+     *
+     * @return the byte[] representing the OCTET STRING's content.
+     */
+    @libcore.api.CorePlatformApi
+    public byte[] getOctets()
+    {
+        return string;
+    }
+
+    @libcore.api.CorePlatformApi
+    public int hashCode()
+    {
+        return Arrays.hashCode(this.getOctets());
+    }
+
+    boolean asn1Equals(
+        ASN1Primitive o)
+    {
+        if (!(o instanceof ASN1OctetString))
+        {
+            return false;
+        }
+
+        ASN1OctetString  other = (ASN1OctetString)o;
+
+        return Arrays.areEqual(string, other.string);
+    }
+
+    public ASN1Primitive getLoadedObject()
+    {
+        return this.toASN1Primitive();
+    }
+
+    ASN1Primitive toDERObject()
+    {
+        return new DEROctetString(string);
+    }
+
+    ASN1Primitive toDLObject()
+    {
+        return new DEROctetString(string);
+    }
+
+    abstract void encode(ASN1OutputStream out)
+        throws IOException;
+
+    public String toString()
+    {
+      return "#" + Strings.fromByteArray(Hex.encode(string));
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1OctetStringParser.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1OctetStringParser.java
new file mode 100644
index 0000000..74d2bfe
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1OctetStringParser.java

@@ -0,0 +1,19 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.InputStream;
+
+/**
+ * A basic parser for an OCTET STRING object
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface ASN1OctetStringParser
+    extends ASN1Encodable, InMemoryRepresentable
+{
+    /**
+     * Return the content of the OCTET STRING as an InputStream.
+     *
+     * @return an InputStream representing the OCTET STRING's content.
+     */
+    public InputStream getOctetStream();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1OutputStream.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1OutputStream.java
new file mode 100644
index 0000000..34f5ba7
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1OutputStream.java

@@ -0,0 +1,196 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+import java.io.OutputStream;
+
+/**
+ * Stream that produces output based on the default encoding for the passed in objects.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ASN1OutputStream
+{
+    private OutputStream os;
+
+    public ASN1OutputStream(
+        OutputStream    os)
+    {
+        this.os = os;
+    }
+
+    void writeLength(
+        int length)
+        throws IOException
+    {
+        if (length > 127)
+        {
+            int size = 1;
+            int val = length;
+
+            while ((val >>>= 8) != 0)
+            {
+                size++;
+            }
+
+            write((byte)(size | 0x80));
+
+            for (int i = (size - 1) * 8; i >= 0; i -= 8)
+            {
+                write((byte)(length >> i));
+            }
+        }
+        else
+        {
+            write((byte)length);
+        }
+    }
+
+    void write(int b)
+        throws IOException
+    {
+        os.write(b);
+    }
+
+    void write(byte[] bytes)
+        throws IOException
+    {
+        os.write(bytes);
+    }
+
+    void write(byte[] bytes, int off, int len)
+        throws IOException
+    {
+        os.write(bytes, off, len);
+    }
+
+    void writeEncoded(
+        int     tag,
+        byte[]  bytes)
+        throws IOException
+    {
+        write(tag);
+        writeLength(bytes.length);
+        write(bytes);
+    }
+
+    void writeTag(int flags, int tagNo)
+        throws IOException
+    {
+        if (tagNo < 31)
+        {
+            write(flags | tagNo);
+        }
+        else
+        {
+            write(flags | 0x1f);
+            if (tagNo < 128)
+            {
+                write(tagNo);
+            }
+            else
+            {
+                byte[] stack = new byte[5];
+                int pos = stack.length;
+
+                stack[--pos] = (byte)(tagNo & 0x7F);
+
+                do
+                {
+                    tagNo >>= 7;
+                    stack[--pos] = (byte)(tagNo & 0x7F | 0x80);
+                }
+                while (tagNo > 127);
+
+                write(stack, pos, stack.length - pos);
+            }
+        }
+    }
+
+    void writeEncoded(int flags, int tagNo, byte[] bytes)
+        throws IOException
+    {
+        writeTag(flags, tagNo);
+        writeLength(bytes.length);
+        write(bytes);
+    }
+
+    protected void writeNull()
+        throws IOException
+    {
+        os.write(BERTags.NULL);
+        os.write(0x00);
+    }
+
+    public void writeObject(
+        ASN1Encodable obj)
+        throws IOException
+    {
+        if (obj != null)
+        {
+            obj.toASN1Primitive().encode(this);
+        }
+        else
+        {
+            throw new IOException("null object detected");
+        }
+    }
+
+    void writeImplicitObject(ASN1Primitive obj)
+        throws IOException
+    {
+        if (obj != null)
+        {
+            obj.encode(new ImplicitOutputStream(os));
+        }
+        else
+        {
+            throw new IOException("null object detected");
+        }
+    }
+
+    public void close()
+        throws IOException
+    {
+        os.close();
+    }
+
+    public void flush()
+        throws IOException
+    {
+        os.flush();
+    }
+
+    ASN1OutputStream getDERSubStream()
+    {
+        return new DEROutputStream(os);
+    }
+
+    ASN1OutputStream getDLSubStream()
+    {
+        return new DLOutputStream(os);
+    }
+
+    private class ImplicitOutputStream
+        extends ASN1OutputStream
+    {
+        private boolean first = true;
+
+        public ImplicitOutputStream(OutputStream os)
+        {
+            super(os);
+        }
+
+        public void write(int b)
+            throws IOException
+        {
+            if (first)
+            {
+                first = false;
+            }
+            else
+            {
+                super.write(b);
+            }
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1ParsingException.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1ParsingException.java
new file mode 100644
index 0000000..32efabf
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1ParsingException.java

@@ -0,0 +1,44 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+/**
+ * Exception thrown when correctly encoded, but unexpected data is found in a stream while building an object.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ASN1ParsingException
+    extends IllegalStateException
+{
+    private Throwable cause;
+
+    /**
+     * Base constructor
+     *
+     * @param message a message concerning the exception.
+     */
+    public ASN1ParsingException(String message)
+    {
+        super(message);
+    }
+
+    /**
+     * Constructor when this exception is due to another one.
+     *
+     * @param message a message concerning the exception.
+     * @param cause the exception that caused this exception to be thrown.
+     */
+    public ASN1ParsingException(String message, Throwable cause)
+    {
+        super(message);
+        this.cause = cause;
+    }
+
+    /**
+     * Return the underlying cause of this exception, if any.
+     *
+     * @return the exception causing this one, null if there isn't one.
+     */
+    public Throwable getCause()
+    {
+        return cause;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Primitive.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Primitive.java
new file mode 100644
index 0000000..e2aab07
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Primitive.java

@@ -0,0 +1,104 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+/**
+ * Base class for ASN.1 primitive objects. These are the actual objects used to generate byte encodings.
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public abstract class ASN1Primitive
+    extends ASN1Object
+{
+    ASN1Primitive()
+    {
+
+    }
+
+    /**
+     * Create a base ASN.1 object from a byte stream.
+     *
+     * @param data the byte stream to parse.
+     * @return the base ASN.1 object represented by the byte stream.
+     * @exception IOException if there is a problem parsing the data, or parsing the stream did not exhaust the available data.
+     */
+    public static ASN1Primitive fromByteArray(byte[] data)
+        throws IOException
+    {
+        ASN1InputStream aIn = new ASN1InputStream(data);
+
+        try
+        {
+            ASN1Primitive o = aIn.readObject();
+
+            if (aIn.available() != 0)
+            {
+                throw new IOException("Extra data detected in stream");
+            }
+
+            return o;
+        }
+        catch (ClassCastException e)
+        {
+            throw new IOException("cannot recognise object in stream");
+        }
+    }
+
+    public final boolean equals(Object o)
+    {
+        if (this == o)
+        {
+            return true;
+        }
+
+        return (o instanceof ASN1Encodable) && asn1Equals(((ASN1Encodable)o).toASN1Primitive());
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        return this;
+    }
+
+    /**
+     * Return the current object as one which encodes using Distinguished Encoding Rules.
+     *
+     * @return a DER version of this.
+     */
+    ASN1Primitive toDERObject()
+    {
+        return this;
+    }
+
+    /**
+     * Return the current object as one which encodes using Definite Length encoding.
+     *
+     * @return a DL version of this.
+     */
+    ASN1Primitive toDLObject()
+    {
+        return this;
+    }
+
+    public abstract int hashCode();
+
+    /**
+     * Return true if this objected is a CONSTRUCTED one, false otherwise.
+     * @return true if CONSTRUCTED bit set on object's tag, false otherwise.
+     */
+    abstract boolean isConstructed();
+
+    /**
+     * Return the length of the encoding this object will produce.
+     * @return the length of the object's encoding.
+     * @throws IOException if the encoding length cannot be calculated.
+     */
+    abstract int encodedLength() throws IOException;
+
+    abstract void encode(ASN1OutputStream out) throws IOException;
+
+    /**
+     * Equality (similarity) comparison for two ASN1Primitive objects.
+     */
+    abstract boolean asn1Equals(ASN1Primitive o);
+}
\ No newline at end of file

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Sequence.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Sequence.java
new file mode 100644
index 0000000..e84992f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Sequence.java

@@ -0,0 +1,402 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+import java.util.Enumeration;
+import java.util.Iterator;
+import java.util.Vector;
+
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * ASN.1 <code>SEQUENCE</code> and <code>SEQUENCE OF</code> constructs.
+ * <p>
+ * DER form is always definite form length fields, while
+ * BER support uses indefinite form.
+ * <hr>
+ * <p><b>X.690</b></p>
+ * <p><b>8: Basic encoding rules</b></p>
+ * <p><b>8.9 Encoding of a sequence value </b></p>
+ * 8.9.1 The encoding of a sequence value shall be constructed.
+ * <p>
+ * <b>8.9.2</b> The contents octets shall consist of the complete
+ * encoding of one data value from each of the types listed in
+ * the ASN.1 definition of the sequence type, in the order of
+ * their appearance in the definition, unless the type was referenced
+ * with the keyword <b>OPTIONAL</b> or the keyword <b>DEFAULT</b>.
+ * </p><p>
+ * <b>8.9.3</b> The encoding of a data value may, but need not,
+ * be present for a type which was referenced with the keyword
+ * <b>OPTIONAL</b> or the keyword <b>DEFAULT</b>.
+ * If present, it shall appear in the encoding at the point
+ * corresponding to the appearance of the type in the ASN.1 definition.
+ * </p><p>
+ * <b>8.10 Encoding of a sequence-of value </b>
+ * </p><p>
+ * <b>8.10.1</b> The encoding of a sequence-of value shall be constructed.
+ * <p>
+ * <b>8.10.2</b> The contents octets shall consist of zero,
+ * one or more complete encodings of data values from the type listed in
+ * the ASN.1 definition.
+ * <p>
+ * <b>8.10.3</b> The order of the encodings of the data values shall be
+ * the same as the order of the data values in the sequence-of value to
+ * be encoded.
+ * </p>
+ * <p><b>9: Canonical encoding rules</b></p>
+ * <p><b>9.1 Length forms</b></p>
+ * If the encoding is constructed, it shall employ the indefinite-length form.
+ * If the encoding is primitive, it shall include the fewest length octets necessary.
+ * [Contrast with 8.1.3.2 b).]
+ *
+ * <p><b>11: Restrictions on BER employed by both CER and DER</b></p>
+ * <p><b>11.5 Set and sequence components with default value</b></p>
+ * <p>
+ * The encoding of a set value or sequence value shall not include
+ * an encoding for any component value which is equal to
+ * its default value.
+ * </p>
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public abstract class ASN1Sequence
+    extends ASN1Primitive
+    implements com.android.org.bouncycastle.util.Iterable<ASN1Encodable>
+{
+    protected Vector seq = new Vector();
+
+    /**
+     * Return an ASN1Sequence from the given object.
+     *
+     * @param obj the object we want converted.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     * @return an ASN1Sequence instance, or null.
+     */
+    public static ASN1Sequence getInstance(
+        Object  obj)
+    {
+        if (obj == null || obj instanceof ASN1Sequence)
+        {
+            return (ASN1Sequence)obj;
+        }
+        else if (obj instanceof ASN1SequenceParser)
+        {
+            return ASN1Sequence.getInstance(((ASN1SequenceParser)obj).toASN1Primitive());
+        }
+        else if (obj instanceof byte[])
+        {
+            try
+            {
+                return ASN1Sequence.getInstance(fromByteArray((byte[])obj));
+            }
+            catch (IOException e)
+            {
+                throw new IllegalArgumentException("failed to construct sequence from byte[]: " + e.getMessage());
+            }
+        }
+        else if (obj instanceof ASN1Encodable)
+        {
+            ASN1Primitive primitive = ((ASN1Encodable)obj).toASN1Primitive();
+
+            if (primitive instanceof ASN1Sequence)
+            {
+                return (ASN1Sequence)primitive;
+            }
+        }
+
+        throw new IllegalArgumentException("unknown object in getInstance: " + obj.getClass().getName());
+    }
+
+    /**
+     * Return an ASN1 SEQUENCE from a tagged object. There is a special
+     * case here, if an object appears to have been explicitly tagged on 
+     * reading but we were expecting it to be implicitly tagged in the 
+     * normal course of events it indicates that we lost the surrounding
+     * sequence - so we need to add it back (this will happen if the tagged
+     * object is a sequence that contains other sequences). If you are
+     * dealing with implicitly tagged sequences you really <b>should</b>
+     * be using this method.
+     *
+     * @param obj the tagged object.
+     * @param explicit true if the object is meant to be explicitly tagged,
+     *          false otherwise.
+     * @exception IllegalArgumentException if the tagged object cannot
+     *          be converted.
+     * @return an ASN1Sequence instance.
+     */
+    public static ASN1Sequence getInstance(
+        ASN1TaggedObject    obj,
+        boolean             explicit)
+    {
+        if (explicit)
+        {
+            if (!obj.isExplicit())
+            {
+                throw new IllegalArgumentException("object implicit - explicit expected.");
+            }
+
+            return ASN1Sequence.getInstance(obj.getObject().toASN1Primitive());
+        }
+        else
+        {
+            ASN1Primitive o = obj.getObject();
+
+            //
+            // constructed object which appears to be explicitly tagged
+            // when it should be implicit means we have to add the
+            // surrounding sequence.
+            //
+            if (obj.isExplicit())
+            {
+                if (obj instanceof BERTaggedObject)
+                {
+                    return new BERSequence(o);
+                }
+                else
+                {
+                    return new DLSequence(o);
+                }
+            }
+            else
+            {
+                if (o instanceof ASN1Sequence)
+                {
+                    return (ASN1Sequence)o;
+                }
+            }
+        }
+
+        throw new IllegalArgumentException("unknown object in getInstance: " + obj.getClass().getName());
+    }
+
+    /**
+     * Create an empty SEQUENCE
+     */
+    protected ASN1Sequence()
+    {
+    }
+
+    /**
+     * Create a SEQUENCE containing one object.
+     * @param obj the object to be put in the SEQUENCE.
+     */
+    protected ASN1Sequence(
+        ASN1Encodable obj)
+    {
+        seq.addElement(obj);
+    }
+
+    /**
+     * Create a SEQUENCE containing a vector of objects.
+     * @param v the vector of objects to be put in the SEQUENCE.
+     */
+    protected ASN1Sequence(
+        ASN1EncodableVector v)
+    {
+        for (int i = 0; i != v.size(); i++)
+        {
+            seq.addElement(v.get(i));
+        }
+    }
+
+    /**
+     * Create a SEQUENCE containing an array of objects.
+     * @param array the array of objects to be put in the SEQUENCE.
+     */
+    protected ASN1Sequence(
+        ASN1Encodable[]   array)
+    {
+        for (int i = 0; i != array.length; i++)
+        {
+            seq.addElement(array[i]);
+        }
+    }
+
+    public ASN1Encodable[] toArray()
+    {
+        ASN1Encodable[] values = new ASN1Encodable[this.size()];
+
+        for (int i = 0; i != this.size(); i++)
+        {
+            values[i] = this.getObjectAt(i);
+        }
+
+        return values;
+    }
+
+    public Enumeration getObjects()
+    {
+        return seq.elements();
+    }
+
+    public ASN1SequenceParser parser()
+    {
+        final ASN1Sequence outer = this;
+
+        return new ASN1SequenceParser()
+        {
+            private final int max = size();
+
+            private int index;
+
+            public ASN1Encodable readObject() throws IOException
+            {
+                if (index == max)
+                {
+                    return null;
+                }
+                
+                ASN1Encodable obj = getObjectAt(index++);
+                if (obj instanceof ASN1Sequence)
+                {
+                    return ((ASN1Sequence)obj).parser();
+                }
+                if (obj instanceof ASN1Set)
+                {
+                    return ((ASN1Set)obj).parser();
+                }
+
+                return obj;
+            }
+
+            public ASN1Primitive getLoadedObject()
+            {
+                return outer;
+            }
+            
+            public ASN1Primitive toASN1Primitive()
+            {
+                return outer;
+            }
+        };
+    }
+
+    /**
+     * Return the object at the sequence position indicated by index.
+     *
+     * @param index the sequence number (starting at zero) of the object
+     * @return the object at the sequence position indicated by index.
+     */
+    @libcore.api.CorePlatformApi
+    public ASN1Encodable getObjectAt(
+        int index)
+    {
+        return (ASN1Encodable)seq.elementAt(index);
+    }
+
+    /**
+     * Return the number of objects in this sequence.
+     *
+     * @return the number of objects in this sequence.
+     */
+    @libcore.api.CorePlatformApi
+    public int size()
+    {
+        return seq.size();
+    }
+
+    @libcore.api.CorePlatformApi
+    public int hashCode()
+    {
+        Enumeration             e = this.getObjects();
+        int                     hashCode = size();
+
+        while (e.hasMoreElements())
+        {
+            Object o = getNext(e);
+            hashCode *= 17;
+
+            hashCode ^= o.hashCode();
+        }
+
+        return hashCode;
+    }
+
+    boolean asn1Equals(
+        ASN1Primitive o)
+    {
+        if (!(o instanceof ASN1Sequence))
+        {
+            return false;
+        }
+        
+        ASN1Sequence   other = (ASN1Sequence)o;
+
+        if (this.size() != other.size())
+        {
+            return false;
+        }
+
+        Enumeration s1 = this.getObjects();
+        Enumeration s2 = other.getObjects();
+
+        while (s1.hasMoreElements())
+        {
+            ASN1Encodable obj1 = getNext(s1);
+            ASN1Encodable obj2 = getNext(s2);
+
+            ASN1Primitive o1 = obj1.toASN1Primitive();
+            ASN1Primitive o2 = obj2.toASN1Primitive();
+
+            if (o1 == o2 || o1.equals(o2))
+            {
+                continue;
+            }
+
+            return false;
+        }
+
+        return true;
+    }
+
+    private ASN1Encodable getNext(Enumeration e)
+    {
+        ASN1Encodable encObj = (ASN1Encodable)e.nextElement();
+
+        return encObj;
+    }
+
+    /**
+     * Change current SEQUENCE object to be encoded as {@link DERSequence}.
+     * This is part of Distinguished Encoding Rules form serialization.
+     */
+    ASN1Primitive toDERObject()
+    {
+        ASN1Sequence derSeq = new DERSequence();
+
+        derSeq.seq = this.seq;
+
+        return derSeq;
+    }
+
+    /**
+     * Change current SEQUENCE object to be encoded as {@link DLSequence}.
+     * This is part of Direct Length form serialization.
+     */
+    ASN1Primitive toDLObject()
+    {
+        ASN1Sequence dlSeq = new DLSequence();
+
+        dlSeq.seq = this.seq;
+
+        return dlSeq;
+    }
+
+    boolean isConstructed()
+    {
+        return true;
+    }
+
+    abstract void encode(ASN1OutputStream out)
+        throws IOException;
+
+    public String toString() 
+    {
+        return seq.toString();
+    }
+
+    public Iterator<ASN1Encodable> iterator()
+    {
+        return new Arrays.Iterator<ASN1Encodable>(toArray());
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1SequenceParser.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1SequenceParser.java
new file mode 100644
index 0000000..50842c4
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1SequenceParser.java

@@ -0,0 +1,21 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+/**
+ * A basic parser for a SEQUENCE object
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface ASN1SequenceParser
+    extends ASN1Encodable, InMemoryRepresentable
+{
+    /**
+     * Read the next object from the underlying object representing a SEQUENCE.
+     *
+     * @throws IOException for bad input stream.
+     * @return the next object, null if we are at the end.
+     */
+    ASN1Encodable readObject()
+        throws IOException;
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Set.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Set.java
new file mode 100644
index 0000000..a9541aa
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1Set.java

@@ -0,0 +1,569 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+import java.util.Enumeration;
+import java.util.Iterator;
+import java.util.Vector;
+
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * ASN.1 <code>SET</code> and <code>SET OF</code> constructs.
+ * <p>
+ * Note: This does not know which syntax the set is!
+ * (The difference: ordering of SET elements or not ordering.)
+ * </p><p>
+ * DER form is always definite form length fields, while
+ * BER support uses indefinite form.
+ * </p><p>
+ * The CER form support does not exist.
+ * </p><p>
+ * <h2>X.690</h2>
+ * <h3>8: Basic encoding rules</h3>
+ * <h4>8.11 Encoding of a set value </h4>
+ * <b>8.11.1</b> The encoding of a set value shall be constructed
+ * <p>
+ * <b>8.11.2</b> The contents octets shall consist of the complete
+ * encoding of a data value from each of the types listed in the
+ * ASN.1 definition of the set type, in an order chosen by the sender,
+ * unless the type was referenced with the keyword
+ * <b>OPTIONAL</b> or the keyword <b>DEFAULT</b>.
+ * </p><p>
+ * <b>8.11.3</b> The encoding of a data value may, but need not,
+ * be present for a type which was referenced with the keyword
+ * <b>OPTIONAL</b> or the keyword <b>DEFAULT</b>.
+ * <blockquote>
+ * NOTE &mdash; The order of data values in a set value is not significant,
+ * and places no constraints on the order during transfer
+ * </blockquote>
+ * <h4>8.12 Encoding of a set-of value</h4>
+ * <p>
+ * <b>8.12.1</b> The encoding of a set-of value shall be constructed.
+ * </p><p>
+ * <b>8.12.2</b> The text of 8.10.2 applies:
+ * <i>The contents octets shall consist of zero,
+ * one or more complete encodings of data values from the type listed in
+ * the ASN.1 definition.</i>
+ * </p><p>
+ * <b>8.12.3</b> The order of data values need not be preserved by
+ * the encoding and subsequent decoding.
+ *
+ * <h3>9: Canonical encoding rules</h3>
+ * <h4>9.1 Length forms</h4>
+ * If the encoding is constructed, it shall employ the indefinite-length form.
+ * If the encoding is primitive, it shall include the fewest length octets necessary.
+ * [Contrast with 8.1.3.2 b).]
+ * <h4>9.3 Set components</h4>
+ * The encodings of the component values of a set value shall
+ * appear in an order determined by their tags as specified
+ * in 8.6 of ITU-T Rec. X.680 | ISO/IEC 8824-1.
+ * Additionally, for the purposes of determining the order in which
+ * components are encoded when one or more component is an untagged
+ * choice type, each untagged choice type is ordered as though it
+ * has a tag equal to that of the smallest tag in that choice type
+ * or any untagged choice types nested within.
+ *
+ * <h3>10: Distinguished encoding rules</h3>
+ * <h4>10.1 Length forms</h4>
+ * The definite form of length encoding shall be used,
+ * encoded in the minimum number of octets.
+ * [Contrast with 8.1.3.2 b).]
+ * <h4>10.3 Set components</h4>
+ * The encodings of the component values of a set value shall appear
+ * in an order determined by their tags as specified
+ * in 8.6 of ITU-T Rec. X.680 | ISO/IEC 8824-1.
+ * <blockquote>
+ * NOTE &mdash; Where a component of the set is an untagged choice type,
+ * the location of that component in the ordering will depend on
+ * the tag of the choice component being encoded.
+ * </blockquote>
+ *
+ * <h3>11: Restrictions on BER employed by both CER and DER</h3>
+ * <h4>11.5 Set and sequence components with default value </h4>
+ * The encoding of a set value or sequence value shall not include
+ * an encoding for any component value which is equal to
+ * its default value.
+ * <h4>11.6 Set-of components </h4>
+ * <p>
+ * The encodings of the component values of a set-of value
+ * shall appear in ascending order, the encodings being compared
+ * as octet strings with the shorter components being padded at
+ * their trailing end with 0-octets.
+ * <blockquote>
+ * NOTE &mdash; The padding octets are for comparison purposes only
+ * and do not appear in the encodings.
+ * </blockquote>
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class ASN1Set
+    extends ASN1Primitive
+    implements com.android.org.bouncycastle.util.Iterable<ASN1Encodable>
+{
+    private Vector set = new Vector();
+    private boolean isSorted = false;
+
+    /**
+     * return an ASN1Set from the given object.
+     *
+     * @param obj the object we want converted.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     * @return an ASN1Set instance, or null.
+     */
+    public static ASN1Set getInstance(
+        Object  obj)
+    {
+        if (obj == null || obj instanceof ASN1Set)
+        {
+            return (ASN1Set)obj;
+        }
+        else if (obj instanceof ASN1SetParser)
+        {
+            return ASN1Set.getInstance(((ASN1SetParser)obj).toASN1Primitive());
+        }
+        else if (obj instanceof byte[])
+        {
+            try
+            {
+                return ASN1Set.getInstance(ASN1Primitive.fromByteArray((byte[])obj));
+            }
+            catch (IOException e)
+            {
+                throw new IllegalArgumentException("failed to construct set from byte[]: " + e.getMessage());
+            }
+        }
+        else if (obj instanceof ASN1Encodable)
+        {
+            ASN1Primitive primitive = ((ASN1Encodable)obj).toASN1Primitive();
+
+            if (primitive instanceof ASN1Set)
+            {
+                return (ASN1Set)primitive;
+            }
+        }
+
+        throw new IllegalArgumentException("unknown object in getInstance: " + obj.getClass().getName());
+    }
+
+    /**
+     * Return an ASN1 set from a tagged object. There is a special
+     * case here, if an object appears to have been explicitly tagged on 
+     * reading but we were expecting it to be implicitly tagged in the 
+     * normal course of events it indicates that we lost the surrounding
+     * set - so we need to add it back (this will happen if the tagged
+     * object is a sequence that contains other sequences). If you are
+     * dealing with implicitly tagged sets you really <b>should</b>
+     * be using this method.
+     *
+     * @param obj the tagged object.
+     * @param explicit true if the object is meant to be explicitly tagged
+     *          false otherwise.
+     * @exception IllegalArgumentException if the tagged object cannot
+     *          be converted.
+     * @return an ASN1Set instance.
+     */
+    public static ASN1Set getInstance(
+        ASN1TaggedObject    obj,
+        boolean             explicit)
+    {
+        if (explicit)
+        {
+            if (!obj.isExplicit())
+            {
+                throw new IllegalArgumentException("object implicit - explicit expected.");
+            }
+
+            return (ASN1Set)obj.getObject();
+        }
+        else
+        {
+            ASN1Primitive o = obj.getObject();
+
+            //
+            // constructed object which appears to be explicitly tagged
+            // and it's really implicit means we have to add the
+            // surrounding set.
+            //
+            if (obj.isExplicit())
+            {
+                if (obj instanceof BERTaggedObject)
+                {
+                    return new BERSet(o);
+                }
+                else
+                {
+                    return new DLSet(o);
+                }
+            }
+            else
+            {
+                if (o instanceof ASN1Set)
+                {
+                    return (ASN1Set)o;
+                }
+
+                //
+                // in this case the parser returns a sequence, convert it
+                // into a set.
+                //
+                if (o instanceof ASN1Sequence)
+                {
+                    ASN1Sequence s = (ASN1Sequence)o;
+
+                    if (obj instanceof BERTaggedObject)
+                    {
+                        return new BERSet(s.toArray());
+                    }
+                    else
+                    {
+                        return new DLSet(s.toArray());
+                    }
+                }
+            }
+        }
+
+        throw new IllegalArgumentException("unknown object in getInstance: " + obj.getClass().getName());
+    }
+
+    protected ASN1Set()
+    {
+    }
+
+    /**
+     * Create a SET containing one object
+     * @param obj object to be added to the SET.
+     */
+    protected ASN1Set(
+        ASN1Encodable obj)
+    {
+        set.addElement(obj);
+    }
+
+    /**
+     * Create a SET containing a vector of objects.
+     * @param v a vector of objects to make up the SET.
+     * @param doSort true if should be sorted DER style, false otherwise.
+     */
+    protected ASN1Set(
+        ASN1EncodableVector v,
+        boolean                  doSort)
+    {
+        for (int i = 0; i != v.size(); i++)
+        {
+            set.addElement(v.get(i));
+        }
+
+        if (doSort)
+        {
+            this.sort();
+        }
+    }
+
+    /**
+     * Create a SET containing an array of objects.
+     * @param array an array of objects to make up the SET.
+     * @param doSort true if should be sorted DER style, false otherwise.
+     */
+    protected ASN1Set(
+        ASN1Encodable[]   array,
+        boolean doSort)
+    {
+        for (int i = 0; i != array.length; i++)
+        {
+            set.addElement(array[i]);
+        }
+
+        if (doSort)
+        {
+            this.sort();
+        }
+    }
+
+    public Enumeration getObjects()
+    {
+        return set.elements();
+    }
+
+    /**
+     * return the object at the set position indicated by index.
+     *
+     * @param index the set number (starting at zero) of the object
+     * @return the object at the set position indicated by index.
+     */
+    public ASN1Encodable getObjectAt(
+        int index)
+    {
+        return (ASN1Encodable)set.elementAt(index);
+    }
+
+    /**
+     * return the number of objects in this set.
+     *
+     * @return the number of objects in this set.
+     */
+    public int size()
+    {
+        return set.size();
+    }
+
+    public ASN1Encodable[] toArray()
+    {
+        ASN1Encodable[] values = new ASN1Encodable[this.size()];
+
+        for (int i = 0; i != this.size(); i++)
+        {
+            values[i] = this.getObjectAt(i);
+        }
+
+        return values;
+    }
+
+    public ASN1SetParser parser()
+    {
+        final ASN1Set outer = this;
+
+        return new ASN1SetParser()
+        {
+            private final int max = size();
+
+            private int index;
+
+            public ASN1Encodable readObject() throws IOException
+            {
+                if (index == max)
+                {
+                    return null;
+                }
+
+                ASN1Encodable obj = getObjectAt(index++);
+                if (obj instanceof ASN1Sequence)
+                {
+                    return ((ASN1Sequence)obj).parser();
+                }
+                if (obj instanceof ASN1Set)
+                {
+                    return ((ASN1Set)obj).parser();
+                }
+
+                return obj;
+            }
+
+            public ASN1Primitive getLoadedObject()
+            {
+                return outer;
+            }
+
+            public ASN1Primitive toASN1Primitive()
+            {
+                return outer;
+            }
+        };
+    }
+
+    public int hashCode()
+    {
+        Enumeration             e = this.getObjects();
+        int                     hashCode = size();
+
+        while (e.hasMoreElements())
+        {
+            Object o = getNext(e);
+            hashCode *= 17;
+
+            hashCode ^= o.hashCode();
+        }
+
+        return hashCode;
+    }
+
+    /**
+     * Change current SET object to be encoded as {@link DERSet}.
+     * This is part of Distinguished Encoding Rules form serialization.
+     */
+    ASN1Primitive toDERObject()
+    {
+        if (isSorted)
+        {
+            ASN1Set derSet = new DERSet();
+
+            derSet.set = this.set;
+
+            return derSet;
+        }
+        else
+        {
+            Vector v = new Vector();
+
+            for (int i = 0; i != set.size(); i++)
+            {
+                v.addElement(set.elementAt(i));
+            }
+
+            ASN1Set derSet = new DERSet();
+
+            derSet.set = v;
+
+            derSet.sort();
+
+            return derSet;
+        }
+    }
+
+    /**
+     * Change current SET object to be encoded as {@link DLSet}.
+     * This is part of Direct Length form serialization.
+     */
+    ASN1Primitive toDLObject()
+    {
+        ASN1Set derSet = new DLSet();
+
+        derSet.set = this.set;
+
+        return derSet;
+    }
+
+    boolean asn1Equals(
+        ASN1Primitive o)
+    {
+        if (!(o instanceof ASN1Set))
+        {
+            return false;
+        }
+
+        ASN1Set   other = (ASN1Set)o;
+
+        if (this.size() != other.size())
+        {
+            return false;
+        }
+
+        Enumeration s1 = this.getObjects();
+        Enumeration s2 = other.getObjects();
+
+        while (s1.hasMoreElements())
+        {
+            ASN1Encodable obj1 = getNext(s1);
+            ASN1Encodable obj2 = getNext(s2);
+
+            ASN1Primitive o1 = obj1.toASN1Primitive();
+            ASN1Primitive o2 = obj2.toASN1Primitive();
+
+            if (o1 == o2 || o1.equals(o2))
+            {
+                continue;
+            }
+
+            return false;
+        }
+
+        return true;
+    }
+
+    private ASN1Encodable getNext(Enumeration e)
+    {
+        ASN1Encodable encObj = (ASN1Encodable)e.nextElement();
+
+        // unfortunately null was allowed as a substitute for DER null
+        if (encObj == null)
+        {
+            return DERNull.INSTANCE;
+        }
+
+        return encObj;
+    }
+
+    /**
+     * return true if a <= b (arrays are assumed padded with zeros).
+     */
+    private boolean lessThanOrEqual(
+         byte[] a,
+         byte[] b)
+    {
+        int len = Math.min(a.length, b.length);
+        for (int i = 0; i != len; ++i)
+        {
+            if (a[i] != b[i])
+            {
+                return (a[i] & 0xff) < (b[i] & 0xff);
+            }
+        }
+        return len == a.length;
+    }
+
+    private byte[] getDEREncoded(
+        ASN1Encodable obj)
+    {
+        try
+        {
+            return obj.toASN1Primitive().getEncoded(ASN1Encoding.DER);
+        }
+        catch (IOException e)
+        {
+            throw new IllegalArgumentException("cannot encode object added to SET");
+        }
+    }
+
+    protected void sort()
+    {
+        if (!isSorted)
+        {
+            isSorted = true;
+            if (set.size() > 1)
+            {
+                boolean    swapped = true;
+                int        lastSwap = set.size() - 1;
+
+                while (swapped)
+                {
+                    int    index = 0;
+                    int    swapIndex = 0;
+                    byte[] a = getDEREncoded((ASN1Encodable)set.elementAt(0));
+
+                    swapped = false;
+
+                    while (index != lastSwap)
+                    {
+                        byte[] b = getDEREncoded((ASN1Encodable)set.elementAt(index + 1));
+
+                        if (lessThanOrEqual(a, b))
+                        {
+                            a = b;
+                        }
+                        else
+                        {
+                            Object  o = set.elementAt(index);
+
+                            set.setElementAt(set.elementAt(index + 1), index);
+                            set.setElementAt(o, index + 1);
+
+                            swapped = true;
+                            swapIndex = index;
+                        }
+
+                        index++;
+                    }
+
+                    lastSwap = swapIndex;
+                }
+            }
+        }
+    }
+
+    boolean isConstructed()
+    {
+        return true;
+    }
+
+    abstract void encode(ASN1OutputStream out)
+            throws IOException;
+
+    public String toString() 
+    {
+        return set.toString();
+    }
+
+    public Iterator<ASN1Encodable> iterator()
+    {
+        return new Arrays.Iterator<ASN1Encodable>(toArray());
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1SetParser.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1SetParser.java
new file mode 100644
index 0000000..4baee4c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1SetParser.java

@@ -0,0 +1,21 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+/**
+ * A basic parser for a SET object
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface ASN1SetParser
+    extends ASN1Encodable, InMemoryRepresentable
+{
+    /**
+     * Read the next object from the underlying object representing a SET.
+     *
+     * @throws IOException for bad input stream.
+     * @return the next object, null if we are at the end.
+     */
+    public ASN1Encodable readObject()
+        throws IOException;
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1StreamParser.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1StreamParser.java
new file mode 100644
index 0000000..fe704c8
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1StreamParser.java

@@ -0,0 +1,251 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+
+/**
+ * A parser for ASN.1 streams which also returns, where possible, parsers for the objects it encounters.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ASN1StreamParser
+{
+    private final InputStream _in;
+    private final int         _limit;
+    private final byte[][] tmpBuffers;
+
+    public ASN1StreamParser(
+        InputStream in)
+    {
+        this(in, StreamUtil.findLimit(in));
+    }
+
+    public ASN1StreamParser(
+        InputStream in,
+        int         limit)
+    {
+        this._in = in;
+        this._limit = limit;
+
+        this.tmpBuffers = new byte[11][];
+    }
+
+    public ASN1StreamParser(
+        byte[] encoding)
+    {
+        this(new ByteArrayInputStream(encoding), encoding.length);
+    }
+
+    ASN1Encodable readIndef(int tagValue) throws IOException
+    {
+        // Note: INDEF => CONSTRUCTED
+
+        // TODO There are other tags that may be constructed (e.g. BIT_STRING)
+        switch (tagValue)
+        {
+            case BERTags.EXTERNAL:
+                return new DERExternalParser(this);
+            case BERTags.OCTET_STRING:
+                return new BEROctetStringParser(this);
+            case BERTags.SEQUENCE:
+                return new BERSequenceParser(this);
+            case BERTags.SET:
+                return new BERSetParser(this);
+            default:
+                throw new ASN1Exception("unknown BER object encountered: 0x" + Integer.toHexString(tagValue));
+        }
+    }
+
+    ASN1Encodable readImplicit(boolean constructed, int tag) throws IOException
+    {
+        if (_in instanceof IndefiniteLengthInputStream)
+        {
+            if (!constructed)
+            {
+                throw new IOException("indefinite-length primitive encoding encountered");
+            }
+            
+            return readIndef(tag);
+        }
+
+        if (constructed)
+        {
+            switch (tag)
+            {
+                case BERTags.SET:
+                    return new DERSetParser(this);
+                case BERTags.SEQUENCE:
+                    return new DERSequenceParser(this);
+                case BERTags.OCTET_STRING:
+                    return new BEROctetStringParser(this);
+            }
+        }
+        else
+        {
+            switch (tag)
+            {
+                case BERTags.SET:
+                    throw new ASN1Exception("sequences must use constructed encoding (see X.690 8.9.1/8.10.1)");
+                case BERTags.SEQUENCE:
+                    throw new ASN1Exception("sets must use constructed encoding (see X.690 8.11.1/8.12.1)");
+                case BERTags.OCTET_STRING:
+                    return new DEROctetStringParser((DefiniteLengthInputStream)_in);
+            }
+        }
+
+        throw new ASN1Exception("implicit tagging not implemented");
+    }
+
+    ASN1Primitive readTaggedObject(boolean constructed, int tag) throws IOException
+    {
+        if (!constructed)
+        {
+            // Note: !CONSTRUCTED => IMPLICIT
+            DefiniteLengthInputStream defIn = (DefiniteLengthInputStream)_in;
+            return new DERTaggedObject(false, tag, new DEROctetString(defIn.toByteArray()));
+        }
+
+        ASN1EncodableVector v = readVector();
+
+        if (_in instanceof IndefiniteLengthInputStream)
+        {
+            return v.size() == 1
+                ?   new BERTaggedObject(true, tag, v.get(0))
+                :   new BERTaggedObject(false, tag, BERFactory.createSequence(v));
+        }
+
+        return v.size() == 1
+            ?   new DERTaggedObject(true, tag, v.get(0))
+            :   new DERTaggedObject(false, tag, DERFactory.createSequence(v));
+    }
+
+    public ASN1Encodable readObject()
+        throws IOException
+    {
+        int tag = _in.read();
+        if (tag == -1)
+        {
+            return null;
+        }
+
+        //
+        // turn of looking for "00" while we resolve the tag
+        //
+        set00Check(false);
+
+        //
+        // calculate tag number
+        //
+        int tagNo = ASN1InputStream.readTagNumber(_in, tag);
+
+        boolean isConstructed = (tag & BERTags.CONSTRUCTED) != 0;
+
+        //
+        // calculate length
+        //
+        int length = ASN1InputStream.readLength(_in, _limit);
+
+        if (length < 0) // indefinite-length method
+        {
+            if (!isConstructed)
+            {
+                throw new IOException("indefinite-length primitive encoding encountered");
+            }
+
+            IndefiniteLengthInputStream indIn = new IndefiniteLengthInputStream(_in, _limit);
+            ASN1StreamParser sp = new ASN1StreamParser(indIn, _limit);
+
+            if ((tag & BERTags.APPLICATION) != 0)
+            {
+                return new BERApplicationSpecificParser(tagNo, sp);
+            }
+
+            if ((tag & BERTags.TAGGED) != 0)
+            {
+                return new BERTaggedObjectParser(true, tagNo, sp);
+            }
+
+            return sp.readIndef(tagNo);
+        }
+        else
+        {
+            DefiniteLengthInputStream defIn = new DefiniteLengthInputStream(_in, length);
+
+            if ((tag & BERTags.APPLICATION) != 0)
+            {
+                return new DLApplicationSpecific(isConstructed, tagNo, defIn.toByteArray());
+            }
+
+            if ((tag & BERTags.TAGGED) != 0)
+            {
+                return new BERTaggedObjectParser(isConstructed, tagNo, new ASN1StreamParser(defIn));
+            }
+
+            if (isConstructed)
+            {
+                // TODO There are other tags that may be constructed (e.g. BIT_STRING)
+                switch (tagNo)
+                {
+                    case BERTags.OCTET_STRING:
+                        //
+                        // yes, people actually do this...
+                        //
+                        return new BEROctetStringParser(new ASN1StreamParser(defIn));
+                    case BERTags.SEQUENCE:
+                        return new DERSequenceParser(new ASN1StreamParser(defIn));
+                    case BERTags.SET:
+                        return new DERSetParser(new ASN1StreamParser(defIn));
+                    case BERTags.EXTERNAL:
+                        return new DERExternalParser(new ASN1StreamParser(defIn));
+                    default:
+                        throw new IOException("unknown tag " + tagNo + " encountered");
+                }
+            }
+
+            // Some primitive encodings can be handled by parsers too...
+            switch (tagNo)
+            {
+                case BERTags.OCTET_STRING:
+                    return new DEROctetStringParser(defIn);
+            }
+
+            try
+            {
+                return ASN1InputStream.createPrimitiveDERObject(tagNo, defIn, tmpBuffers);
+            }
+            catch (IllegalArgumentException e)
+            {
+                throw new ASN1Exception("corrupted stream detected", e);
+            }
+        }
+    }
+
+    private void set00Check(boolean enabled)
+    {
+        if (_in instanceof IndefiniteLengthInputStream)
+        {
+            ((IndefiniteLengthInputStream)_in).setEofOn00(enabled);
+        }
+    }
+
+    ASN1EncodableVector readVector() throws IOException
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        ASN1Encodable obj;
+        while ((obj = readObject()) != null)
+        {
+            if (obj instanceof InMemoryRepresentable)
+            {
+                v.add(((InMemoryRepresentable)obj).getLoadedObject());
+            }
+            else
+            {
+                v.add(obj.toASN1Primitive());
+            }
+        }
+
+        return v;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1String.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1String.java
new file mode 100644
index 0000000..9d0ff38
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1String.java

@@ -0,0 +1,15 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+/**
+ * General interface implemented by ASN.1 STRING objects for extracting the content String.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface ASN1String
+{
+    /**
+     * Return a Java String representation of this STRING type's content.
+     * @return a Java String representation of this STRING.
+     */
+    public String getString();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1TaggedObject.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1TaggedObject.java
new file mode 100644
index 0000000..809173b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1TaggedObject.java

@@ -0,0 +1,247 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+/**
+ * ASN.1 TaggedObject - in ASN.1 notation this is any object preceded by
+ * a [n] where n is some number - these are assumed to follow the construction
+ * rules (as with sequences).
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public abstract class ASN1TaggedObject
+    extends ASN1Primitive
+    implements ASN1TaggedObjectParser
+{
+    int             tagNo;
+    boolean         empty = false;
+    boolean         explicit = true;
+    ASN1Encodable obj = null;
+
+    static public ASN1TaggedObject getInstance(
+        ASN1TaggedObject    obj,
+        boolean             explicit)
+    {
+        if (explicit)
+        {
+            return (ASN1TaggedObject)obj.getObject();
+        }
+
+        throw new IllegalArgumentException("implicitly tagged tagged object");
+    }
+
+    static public ASN1TaggedObject getInstance(
+        Object obj) 
+    {
+        if (obj == null || obj instanceof ASN1TaggedObject) 
+        {
+                return (ASN1TaggedObject)obj;
+        }
+        else if (obj instanceof byte[])
+        {
+            try
+            {
+                return ASN1TaggedObject.getInstance(fromByteArray((byte[])obj));
+            }
+            catch (IOException e)
+            {
+                throw new IllegalArgumentException("failed to construct tagged object from byte[]: " + e.getMessage());
+            }
+        }
+
+        throw new IllegalArgumentException("unknown object in getInstance: " + obj.getClass().getName());
+    }
+
+    /**
+     * Create a tagged object with the style given by the value of explicit.
+     * <p>
+     * If the object implements ASN1Choice the tag style will always be changed
+     * to explicit in accordance with the ASN.1 encoding rules.
+     * </p>
+     * @param explicit true if the object is explicitly tagged.
+     * @param tagNo the tag number for this object.
+     * @param obj the tagged object.
+     */
+    public ASN1TaggedObject(
+        boolean         explicit,
+        int             tagNo,
+        ASN1Encodable   obj)
+    {
+        if (obj instanceof ASN1Choice)
+        {
+            this.explicit = true;
+        }
+        else
+        {
+            this.explicit = explicit;
+        }
+        
+        this.tagNo = tagNo;
+
+        if (this.explicit)
+        {
+            this.obj = obj;
+        }
+        else
+        {
+            ASN1Primitive prim = obj.toASN1Primitive();
+
+            if (prim instanceof ASN1Set)
+            {
+                ASN1Set s = null;
+            }
+
+            this.obj = obj;
+        }
+    }
+    
+    boolean asn1Equals(
+        ASN1Primitive o)
+    {
+        if (!(o instanceof ASN1TaggedObject))
+        {
+            return false;
+        }
+        
+        ASN1TaggedObject other = (ASN1TaggedObject)o;
+        
+        if (tagNo != other.tagNo || empty != other.empty || explicit != other.explicit)
+        {
+            return false;
+        }
+        
+        if(obj == null)
+        {
+            if (other.obj != null)
+            {
+                return false;
+            }
+        }
+        else
+        {
+            if (!(obj.toASN1Primitive().equals(other.obj.toASN1Primitive())))
+            {
+                return false;
+            }
+        }
+        
+        return true;
+    }
+    
+    @libcore.api.CorePlatformApi
+    public int hashCode()
+    {
+        int code = tagNo;
+
+        // TODO: actually this is wrong - the problem is that a re-encoded
+        // object may end up with a different hashCode due to implicit
+        // tagging. As implicit tagging is ambiguous if a sequence is involved
+        // it seems the only correct method for both equals and hashCode is to
+        // compare the encodings...
+        if (obj != null)
+        {
+            code ^= obj.hashCode();
+        }
+
+        return code;
+    }
+
+    /**
+     * Return the tag number associated with this object.
+     *
+     * @return the tag number.
+     */
+    public int getTagNo()
+    {
+        return tagNo;
+    }
+
+    /**
+     * return whether or not the object may be explicitly tagged. 
+     * <p>
+     * Note: if the object has been read from an input stream, the only
+     * time you can be sure if isExplicit is returning the true state of
+     * affairs is if it returns false. An implicitly tagged object may appear
+     * to be explicitly tagged, so you need to understand the context under
+     * which the reading was done as well, see getObject below.
+     */
+    public boolean isExplicit()
+    {
+        return explicit;
+    }
+
+    public boolean isEmpty()
+    {
+        return empty;
+    }
+
+    /**
+     * Return whatever was following the tag.
+     * <p>
+     * Note: tagged objects are generally context dependent if you're
+     * trying to extract a tagged object you should be going via the
+     * appropriate getInstance method.
+     */
+    @libcore.api.CorePlatformApi
+    public ASN1Primitive getObject()
+    {
+        if (obj != null)
+        {
+            return obj.toASN1Primitive();
+        }
+
+        return null;
+    }
+
+    /**
+     * Return the object held in this tagged object as a parser assuming it has
+     * the type of the passed in tag. If the object doesn't have a parser
+     * associated with it, the base object is returned.
+     */
+    public ASN1Encodable getObjectParser(
+        int     tag,
+        boolean isExplicit)
+        throws IOException
+    {
+        switch (tag)
+        {
+        case BERTags.SET:
+            return ASN1Set.getInstance(this, isExplicit).parser();
+        case BERTags.SEQUENCE:
+            return ASN1Sequence.getInstance(this, isExplicit).parser();
+        case BERTags.OCTET_STRING:
+            return ASN1OctetString.getInstance(this, isExplicit).parser();
+        }
+
+        if (isExplicit)
+        {
+            return getObject();
+        }
+
+        throw new ASN1Exception("implicit tagging not implemented for tag: " + tag);
+    }
+
+    public ASN1Primitive getLoadedObject()
+    {
+        return this.toASN1Primitive();
+    }
+
+    ASN1Primitive toDERObject()
+    {
+        return new DERTaggedObject(explicit, tagNo, obj);
+    }
+
+    ASN1Primitive toDLObject()
+    {
+        return new DLTaggedObject(explicit, tagNo, obj);
+    }
+
+    abstract void encode(ASN1OutputStream out)
+        throws IOException;
+
+    public String toString()
+    {
+        return "[" + tagNo + "]" + obj;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1TaggedObjectParser.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1TaggedObjectParser.java
new file mode 100644
index 0000000..77eeca2
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1TaggedObjectParser.java

@@ -0,0 +1,29 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+/**
+ * Interface for the parsing of a generic tagged ASN.1 object.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface ASN1TaggedObjectParser
+    extends ASN1Encodable, InMemoryRepresentable
+{
+    /**
+     * Return the tag number associated with the underlying tagged object.
+     * @return the object's tag number.
+     */
+    int getTagNo();
+
+    /**
+     * Return a parser for the actual object tagged.
+     *
+     * @param tag the primitive tag value for the object tagged originally.
+     * @param isExplicit true if the tagging was done explicitly.
+     * @return a parser for the tagged object.
+     * @throws IOException if a parser cannot be constructed.
+     */
+    ASN1Encodable getObjectParser(int tag, boolean isExplicit)
+        throws IOException;
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1UTCTime.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1UTCTime.java
new file mode 100644
index 0000000..2c173f3
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ASN1UTCTime.java

@@ -0,0 +1,328 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
+// Android-added: Localization support
+import java.util.Calendar;
+import java.util.Date;
+import java.util.Locale;
+import java.util.SimpleTimeZone;
+
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+- * UTC time object.
+ * Internal facade of {@link ASN1UTCTime}.
+ * <p>
+ * This datatype is valid only from 1950-01-01 00:00:00 UTC until 2049-12-31 23:59:59 UTC.
+ * </p>
+ * <hr>
+ * <p><b>X.690</b></p>
+ * <p><b>11: Restrictions on BER employed by both CER and DER</b></p>
+ * <p><b>11.8 UTCTime </b></p>
+ * <b>11.8.1</b> The encoding shall terminate with "Z",
+ * as described in the ITU-T X.680 | ISO/IEC 8824-1 clause on UTCTime.
+ * <p>
+ * <b>11.8.2</b> The seconds element shall always be present.
+ * <p>
+ * <b>11.8.3</b> Midnight (GMT) shall be represented in the form:
+ * <blockquote>
+ * "YYMMDD000000Z"
+ * </blockquote>
+ * where "YYMMDD" represents the day following the midnight in question.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ASN1UTCTime
+    extends ASN1Primitive
+{
+    private byte[]      time;
+
+    /**
+     * Return an UTC Time from the passed in object.
+     *
+     * @param obj an ASN1UTCTime or an object that can be converted into one.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     * @return an ASN1UTCTime instance, or null.
+     */
+    public static ASN1UTCTime getInstance(
+        Object  obj)
+    {
+        if (obj == null || obj instanceof ASN1UTCTime)
+        {
+            return (ASN1UTCTime)obj;
+        }
+
+        if (obj instanceof byte[])
+        {
+            try
+            {
+                return (ASN1UTCTime)fromByteArray((byte[])obj);
+            }
+            catch (Exception e)
+            {
+                throw new IllegalArgumentException("encoding error in getInstance: " + e.toString());
+            }
+        }
+
+        throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName());
+    }
+
+    /**
+     * Return an UTC Time from a tagged object.
+     *
+     * @param obj the tagged object holding the object we want
+     * @param explicit true if the object is meant to be explicitly
+     *              tagged false otherwise.
+     * @exception IllegalArgumentException if the tagged object cannot
+     *               be converted.
+     * @return an ASN1UTCTime instance, or null.
+     */
+    public static ASN1UTCTime getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        ASN1Object o = obj.getObject();
+
+        if (explicit || o instanceof ASN1UTCTime)
+        {
+            return getInstance(o);
+        }
+        else
+        {
+            return new ASN1UTCTime(((ASN1OctetString)o).getOctets());
+        }
+    }
+
+    /**
+     * The correct format for this is YYMMDDHHMMSSZ (it used to be that seconds were
+     * never encoded. When you're creating one of these objects from scratch, that's
+     * what you want to use, otherwise we'll try to deal with whatever gets read from
+     * the input stream... (this is why the input format is different from the getTime()
+     * method output).
+     * <p>
+     *
+     * @param time the time string.
+     */
+    public ASN1UTCTime(
+        String time)
+    {
+        this.time = Strings.toByteArray(time);
+        try
+        {
+            this.getDate();
+        }
+        catch (ParseException e)
+        {
+            throw new IllegalArgumentException("invalid date string: " + e.getMessage());
+        }
+    }
+
+    /**
+     * Base constructor from a java.util.date object
+     * @param time the Date to build the time from.
+     */
+    public ASN1UTCTime(
+        Date time)
+    {
+        // Android-changed: Use localized version
+        // SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'", DateUtil.EN_Locale);
+        SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'", Locale.US);
+
+        dateF.setTimeZone(new SimpleTimeZone(0,"Z"));
+
+        this.time = Strings.toByteArray(dateF.format(time));
+    }
+
+    /**
+     * Base constructor from a java.util.date and Locale - you may need to use this if the default locale
+     * doesn't use a Gregorian calender so that the GeneralizedTime produced is compatible with other ASN.1 implementations.
+     *
+     * @param time a date object representing the time of interest.
+     * @param locale an appropriate Locale for producing an ASN.1 UTCTime value.
+     */
+    public ASN1UTCTime(
+        Date time,
+        Locale locale)
+    {
+        // BEGIN Android-changed: Use localized version
+        // SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'", locale);
+        SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmss'Z'", Locale.US);
+        dateF.setCalendar(Calendar.getInstance(locale));
+        // END Android-changed: Use localized version
+
+        dateF.setTimeZone(new SimpleTimeZone(0,"Z"));
+
+        this.time = Strings.toByteArray(dateF.format(time));
+    }
+
+    ASN1UTCTime(
+        byte[] time)
+    {
+        this.time = time;
+    }
+
+    /**
+     * Return the time as a date based on whatever a 2 digit year will return. For
+     * standardised processing use getAdjustedDate().
+     *
+     * @return the resulting date
+     * @exception ParseException if the date string cannot be parsed.
+     */
+    public Date getDate()
+        throws ParseException
+    {
+        // Android-changed: Use localized version
+        // SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmssz");
+        SimpleDateFormat dateF = new SimpleDateFormat("yyMMddHHmmssz", Locale.US);
+
+        return DateUtil.epochAdjust(dateF.parse(getTime()));
+    }
+
+    /**
+     * Return the time as an adjusted date
+     * in the range of 1950 - 2049.
+     *
+     * @return a date in the range of 1950 to 2049.
+     * @exception ParseException if the date string cannot be parsed.
+     */
+    public Date getAdjustedDate()
+        throws ParseException
+    {
+        // Android-changed: Use localized version
+        // SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmssz");
+        SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmssz", Locale.US);
+
+        dateF.setTimeZone(new SimpleTimeZone(0,"Z"));
+        
+        return DateUtil.epochAdjust(dateF.parse(getAdjustedTime()));
+    }
+
+    /**
+     * Return the time - always in the form of
+     *  YYMMDDhhmmssGMT(+hh:mm|-hh:mm).
+     * <p>
+     * Normally in a certificate we would expect "Z" rather than "GMT",
+     * however adding the "GMT" means we can just use:
+     * <pre>
+     *     dateF = new SimpleDateFormat("yyMMddHHmmssz");
+     * </pre>
+     * To read in the time and get a date which is compatible with our local
+     * time zone.
+     * <p>
+     * <b>Note:</b> In some cases, due to the local date processing, this
+     * may lead to unexpected results. If you want to stick the normal
+     * convention of 1950 to 2049 use the getAdjustedTime() method.
+     */
+    public String getTime()
+    {
+        String stime = Strings.fromByteArray(time);
+
+        //
+        // standardise the format.
+        //
+        if (stime.indexOf('-') < 0 && stime.indexOf('+') < 0)
+        {
+            if (stime.length() == 11)
+            {
+                return stime.substring(0, 10) + "00GMT+00:00";
+            }
+            else
+            {
+                return stime.substring(0, 12) + "GMT+00:00";
+            }
+        }
+        else
+        {
+            int index = stime.indexOf('-');
+            if (index < 0)
+            {
+                index = stime.indexOf('+');
+            }
+            String d = stime;
+
+            if (index == stime.length() - 3)
+            {
+                d += "00";
+            }
+
+            if (index == 10)
+            {
+                return d.substring(0, 10) + "00GMT" + d.substring(10, 13) + ":" + d.substring(13, 15);
+            }
+            else
+            {
+                return d.substring(0, 12) + "GMT" + d.substring(12, 15) + ":" +  d.substring(15, 17);
+            }
+        }
+    }
+
+    /**
+     * Return a time string as an adjusted date with a 4 digit year. This goes
+     * in the range of 1950 - 2049.
+     */
+    public String getAdjustedTime()
+    {
+        String   d = this.getTime();
+
+        if (d.charAt(0) < '5')
+        {
+            return "20" + d;
+        }
+        else
+        {
+            return "19" + d;
+        }
+    }
+
+    boolean isConstructed()
+    {
+        return false;
+    }
+
+    int encodedLength()
+    {
+        int length = time.length;
+
+        return 1 + StreamUtil.calculateBodyLength(length) + length;
+    }
+
+    void encode(
+        ASN1OutputStream  out)
+        throws IOException
+    {
+        out.write(BERTags.UTC_TIME);
+
+        int length = time.length;
+
+        out.writeLength(length);
+
+        for (int i = 0; i != length; i++)
+        {
+            out.write((byte)time[i]);
+        }
+    }
+
+    boolean asn1Equals(
+        ASN1Primitive o)
+    {
+        if (!(o instanceof ASN1UTCTime))
+        {
+            return false;
+        }
+
+        return Arrays.areEqual(time, ((ASN1UTCTime)o).time);
+    }
+
+    public int hashCode()
+    {
+        return Arrays.hashCode(time);
+    }
+
+    public String toString()
+    {
+      return Strings.fromByteArray(time);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERApplicationSpecific.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERApplicationSpecific.java
new file mode 100644
index 0000000..f2d136c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERApplicationSpecific.java

@@ -0,0 +1,116 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+
+/**
+ * An indefinite-length encoding version of an ASN.1 ApplicationSpecific object.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BERApplicationSpecific
+    extends ASN1ApplicationSpecific
+{
+    BERApplicationSpecific(
+        boolean isConstructed,
+        int tag,
+        byte[] octets)
+    {
+        super(isConstructed, tag, octets);
+    }
+
+    /**
+     * Create an application specific object with a tagging of explicit/constructed.
+     *
+     * @param tag the tag number for this object.
+     * @param object the object to be contained.
+     */
+    public BERApplicationSpecific(
+        int tag,
+        ASN1Encodable object)
+        throws IOException
+    {
+        this(true, tag, object);
+    }
+
+    /**
+     * Create an application specific object with the tagging style given by the value of constructed.
+     *
+     * @param constructed true if the object is constructed.
+     * @param tag the tag number for this object.
+     * @param object the object to be contained.
+     */
+    public BERApplicationSpecific(
+        boolean constructed,
+        int tag,
+        ASN1Encodable object)
+        throws IOException
+    {
+        super(constructed || object.toASN1Primitive().isConstructed(), tag, getEncoding(constructed, object));
+    }
+
+    private static byte[] getEncoding(boolean explicit, ASN1Encodable object)
+        throws IOException
+    {
+        byte[] data = object.toASN1Primitive().getEncoded(ASN1Encoding.BER);
+
+        if (explicit)
+        {
+            return data;
+        }
+        else
+        {
+            int lenBytes = getLengthOfHeader(data);
+            byte[] tmp = new byte[data.length - lenBytes];
+            System.arraycopy(data, lenBytes, tmp, 0, tmp.length);
+            return tmp;
+        }
+    }
+
+    /**
+     * Create an application specific object which is marked as constructed
+     *
+     * @param tagNo the tag number for this object.
+     * @param vec the objects making up the application specific object.
+     */
+    public BERApplicationSpecific(int tagNo, ASN1EncodableVector vec)
+    {
+        super(true, tagNo, getEncodedVector(vec));
+    }
+
+    private static byte[] getEncodedVector(ASN1EncodableVector vec)
+    {
+        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
+
+        for (int i = 0; i != vec.size(); i++)
+        {
+            try
+            {
+                bOut.write(((ASN1Object)vec.get(i)).getEncoded(ASN1Encoding.BER));
+            }
+            catch (IOException e)
+            {
+                throw new ASN1ParsingException("malformed object: " + e, e);
+            }
+        }
+        return bOut.toByteArray();
+    }
+
+    /* (non-Javadoc)
+     * @see org.bouncycastle.asn1.ASN1Primitive#encode(org.bouncycastle.asn1.DEROutputStream)
+     */
+    void encode(ASN1OutputStream out) throws IOException
+    {
+        int classBits = BERTags.APPLICATION;
+        if (isConstructed)
+        {
+            classBits |= BERTags.CONSTRUCTED;
+        }
+
+        out.writeTag(classBits, tag);
+        out.write(0x80);
+        out.write(octets);
+        out.write(0x00);
+        out.write(0x00);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERApplicationSpecificParser.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERApplicationSpecificParser.java
new file mode 100644
index 0000000..2474f18
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERApplicationSpecificParser.java

@@ -0,0 +1,61 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+/**
+ * A parser for indefinite-length ASN.1 ApplicationSpecific objects.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BERApplicationSpecificParser
+    implements ASN1ApplicationSpecificParser
+{
+    private final int tag;
+    private final ASN1StreamParser parser;
+
+    BERApplicationSpecificParser(int tag, ASN1StreamParser parser)
+    {
+        this.tag = tag;
+        this.parser = parser;
+    }
+
+    /**
+     * Return the object contained in this application specific object,
+     * @return the contained object.
+     * @throws IOException if the underlying stream cannot be read, or does not contain an ASN.1 encoding.
+     */
+    public ASN1Encodable readObject()
+        throws IOException
+    {
+        return parser.readObject();
+    }
+
+    /**
+     * Return an in-memory, encodable, representation of the application specific object.
+     *
+     * @return a BERApplicationSpecific.
+     * @throws IOException if there is an issue loading the data.
+     */
+    public ASN1Primitive getLoadedObject()
+        throws IOException
+    {
+         return new BERApplicationSpecific(tag, parser.readVector());
+    }
+
+    /**
+     * Return a BERApplicationSpecific representing this parser and its contents.
+     *
+     * @return a BERApplicationSpecific
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        try
+        {
+            return getLoadedObject();
+        }
+        catch (IOException e)
+        {
+            throw new ASN1ParsingException(e.getMessage(), e);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERConstructedOctetString.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERConstructedOctetString.java
new file mode 100644
index 0000000..23ffd48
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERConstructedOctetString.java

@@ -0,0 +1,146 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.util.Enumeration;
+import java.util.Vector;
+
+/**
+ * @deprecated use BEROctetString
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BERConstructedOctetString
+    extends BEROctetString
+{
+    private static final int MAX_LENGTH = 1000;
+
+    /**
+     * convert a vector of octet strings into a single byte string
+     */
+    static private byte[] toBytes(
+        Vector  octs)
+    {
+        ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
+
+        for (int i = 0; i != octs.size(); i++)
+        {
+            try
+            {
+                DEROctetString  o = (DEROctetString)octs.elementAt(i);
+
+                bOut.write(o.getOctets());
+            }
+            catch (ClassCastException e)
+            {
+                throw new IllegalArgumentException(octs.elementAt(i).getClass().getName() + " found in input should only contain DEROctetString");
+            }
+            catch (IOException e)
+            {
+                throw new IllegalArgumentException("exception converting octets " + e.toString());
+            }
+        }
+
+        return bOut.toByteArray();
+    }
+
+    private Vector  octs;
+
+    /**
+     * @param string the octets making up the octet string.
+     */
+    public BERConstructedOctetString(
+        byte[]  string)
+    {
+        super(string);
+    }
+
+    public BERConstructedOctetString(
+        Vector  octs)
+    {
+        super(toBytes(octs));
+
+        this.octs = octs;
+    }
+
+    public BERConstructedOctetString(
+        ASN1Primitive  obj)
+    {
+        super(toByteArray(obj));
+    }
+
+    private static byte[] toByteArray(ASN1Primitive obj)
+    {
+        try
+        {
+            return obj.getEncoded();
+        }
+        catch (IOException e)
+        {
+            throw new IllegalArgumentException("Unable to encode object");
+        }
+    }
+
+    public BERConstructedOctetString(
+        ASN1Encodable  obj)
+    {
+        this(obj.toASN1Primitive());
+    }
+
+    public byte[] getOctets()
+    {
+        return string;
+    }
+
+    /**
+     * return the DER octets that make up this string.
+     */
+    public Enumeration getObjects()
+    {
+        if (octs == null)
+        {
+            return generateOcts().elements();
+        }
+
+        return octs.elements();
+    }
+
+    private Vector generateOcts() 
+    { 
+        Vector vec = new Vector(); 
+        for (int i = 0; i < string.length; i += MAX_LENGTH) 
+        { 
+            int end; 
+
+            if (i + MAX_LENGTH > string.length) 
+            { 
+                end = string.length; 
+            } 
+            else 
+            { 
+                end = i + MAX_LENGTH; 
+            } 
+
+            byte[] nStr = new byte[end - i]; 
+
+            System.arraycopy(string, i, nStr, 0, nStr.length); 
+
+            vec.addElement(new DEROctetString(nStr)); 
+         } 
+        
+         return vec; 
+    }
+
+    public static BEROctetString fromSequence(ASN1Sequence seq)
+    {
+        Vector      v = new Vector();
+        Enumeration e = seq.getObjects();
+
+        while (e.hasMoreElements())
+        {
+            v.addElement(e.nextElement());
+        }
+
+        return new BERConstructedOctetString(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERFactory.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERFactory.java
new file mode 100644
index 0000000..4021d18
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERFactory.java

@@ -0,0 +1,18 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+class BERFactory
+{
+    static final BERSequence EMPTY_SEQUENCE = new BERSequence();
+    static final BERSet EMPTY_SET = new BERSet();
+
+    static BERSequence createSequence(ASN1EncodableVector v)
+    {
+        return v.size() < 1 ? EMPTY_SEQUENCE : new BERSequence(v);
+    }
+
+    static BERSet createSet(ASN1EncodableVector v)
+    {
+        return v.size() < 1 ? EMPTY_SET : new BERSet(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERGenerator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERGenerator.java
new file mode 100644
index 0000000..880d954
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERGenerator.java

@@ -0,0 +1,92 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+import java.io.OutputStream;
+
+/**
+ * Base class for generators for indefinite-length structures.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BERGenerator
+    extends ASN1Generator
+{
+    private boolean      _tagged = false;
+    private boolean      _isExplicit;
+    private int          _tagNo;
+
+    protected BERGenerator(
+        OutputStream out)
+    {
+        super(out);
+    }
+
+    protected BERGenerator(
+        OutputStream out,
+        int tagNo,
+        boolean isExplicit) 
+    {
+        super(out);
+        
+        _tagged = true;
+        _isExplicit = isExplicit;
+        _tagNo = tagNo;
+    }
+
+    public OutputStream getRawOutputStream()
+    {
+        return _out;
+    }
+    
+    private void writeHdr(
+        int tag)
+        throws IOException
+    {
+        _out.write(tag);
+        _out.write(0x80);
+    }
+    
+    protected void writeBERHeader(
+        int tag) 
+        throws IOException
+    {
+        if (_tagged)
+        {
+            int tagNum = _tagNo | BERTags.TAGGED;
+
+            if (_isExplicit)
+            {
+                writeHdr(tagNum | BERTags.CONSTRUCTED);
+                writeHdr(tag);
+            }
+            else
+            {   
+                if ((tag & BERTags.CONSTRUCTED) != 0)
+                {
+                    writeHdr(tagNum | BERTags.CONSTRUCTED);
+                }
+                else
+                {
+                    writeHdr(tagNum);
+                }
+            }
+        }
+        else
+        {
+            writeHdr(tag);
+        }
+    }
+
+    protected void writeBEREnd()
+        throws IOException
+    {
+        _out.write(0x00);
+        _out.write(0x00);
+        
+        if (_tagged && _isExplicit)  // write extra end for tag header
+        {
+            _out.write(0x00);
+            _out.write(0x00);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BEROctetString.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BEROctetString.java
new file mode 100644
index 0000000..41a906c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BEROctetString.java

@@ -0,0 +1,229 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.util.Enumeration;
+import java.util.Vector;
+
+/**
+ * ASN.1 OctetStrings, with indefinite length rules, and <i>constructed form</i> support.
+ * <p>
+ * The Basic Encoding Rules (BER) format allows encoding using so called "<i>constructed form</i>",
+ * which DER and CER formats forbid allowing only "primitive form".
+ * </p><p>
+ * This class <b>always</b> produces the constructed form with underlying segments
+ * in an indefinite length array.  If the input wasn't the same, then this output
+ * is not faithful reproduction.
+ * </p>
+ * <p>
+ * See {@link ASN1OctetString} for X.690 encoding rules of OCTET-STRING objects.
+ * </p>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BEROctetString
+    extends ASN1OctetString
+{
+    private static final int DEFAULT_LENGTH = 1000;
+
+    private final int chunkSize;
+    private final ASN1OctetString[] octs;
+
+    /**
+     * Convert a vector of octet strings into a single byte string
+     */
+    static private byte[] toBytes(
+        ASN1OctetString[]  octs)
+    {
+        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
+
+        for (int i = 0; i != octs.length; i++)
+        {
+            try
+            {
+                DEROctetString o = (DEROctetString)octs[i];
+
+                bOut.write(o.getOctets());
+            }
+            catch (ClassCastException e)
+            {
+                throw new IllegalArgumentException(octs[i].getClass().getName() + " found in input should only contain DEROctetString");
+            }
+            catch (IOException e)
+            {
+                throw new IllegalArgumentException("exception converting octets " + e.toString());
+            }
+        }
+
+        return bOut.toByteArray();
+    }
+
+    /**
+     * Create an OCTET-STRING object from a byte[]
+     * @param string the octets making up the octet string.
+     */
+    public BEROctetString(
+        byte[] string)
+    {
+        this(string, DEFAULT_LENGTH);
+    }
+
+    /**
+     * Multiple {@link ASN1OctetString} data blocks are input,
+     * the result is <i>constructed form</i>.
+     *
+     * @param octs an array of OCTET STRING to construct the BER OCTET STRING from.
+     */
+    public BEROctetString(
+        ASN1OctetString[] octs)
+    {
+        this(octs, DEFAULT_LENGTH);
+    }
+
+    /**
+     * Create an OCTET-STRING object from a byte[]
+     * @param string the octets making up the octet string.
+     * @param chunkSize the number of octets stored in each DER encoded component OCTET STRING.
+     */
+    public BEROctetString(
+        byte[] string,
+        int    chunkSize)
+    {
+        this(string, null, chunkSize);
+    }
+
+    /**
+     * Multiple {@link ASN1OctetString} data blocks are input,
+     * the result is <i>constructed form</i>.
+     *
+     * @param octs an array of OCTET STRING to construct the BER OCTET STRING from.
+     * @param chunkSize the number of octets stored in each DER encoded component OCTET STRING.
+     */
+    public BEROctetString(
+        ASN1OctetString[] octs,
+        int chunkSize)
+    {
+        this(toBytes(octs), octs, chunkSize);
+    }
+
+    private BEROctetString(byte[] string, ASN1OctetString[] octs, int chunkSize)
+    {
+        super(string);
+        this.octs = octs;
+        this.chunkSize = chunkSize;
+    }
+
+    /**
+     * Return a concatenated byte array of all the octets making up the constructed OCTET STRING
+     * @return the full OCTET STRING.
+     */
+    public byte[] getOctets()
+    {
+        return string;
+    }
+
+    /**
+     * Return the OCTET STRINGs that make up this string.
+     *
+     * @return an Enumeration of the component OCTET STRINGs.
+     */
+    public Enumeration getObjects()
+    {
+        if (octs == null)
+        {
+            return generateOcts().elements();
+        }
+
+        return new Enumeration()
+        {
+            int counter = 0;
+
+            public boolean hasMoreElements()
+            {
+                return counter < octs.length;
+            }
+
+            public Object nextElement()
+            {
+                return octs[counter++];
+            }
+        };
+    }
+
+    private Vector generateOcts()
+    { 
+        Vector vec = new Vector();
+        for (int i = 0; i < string.length; i += chunkSize)
+        { 
+            int end; 
+
+            if (i + chunkSize > string.length)
+            { 
+                end = string.length; 
+            } 
+            else 
+            { 
+                end = i + chunkSize;
+            } 
+
+            byte[] nStr = new byte[end - i]; 
+
+            System.arraycopy(string, i, nStr, 0, nStr.length);
+
+            vec.addElement(new DEROctetString(nStr));
+         } 
+        
+         return vec; 
+    }
+
+    boolean isConstructed()
+    {
+        return true;
+    }
+
+    int encodedLength()
+        throws IOException
+    {
+        int length = 0;
+        for (Enumeration e = getObjects(); e.hasMoreElements();)
+        {
+            length += ((ASN1Encodable)e.nextElement()).toASN1Primitive().encodedLength();
+        }
+
+        return 2 + length + 2;
+    }
+
+    public void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        out.write(BERTags.CONSTRUCTED | BERTags.OCTET_STRING);
+
+        out.write(0x80);
+
+        //
+        // write out the octet array
+        //
+        for (Enumeration e = getObjects(); e.hasMoreElements();)
+        {
+            out.writeObject((ASN1Encodable)e.nextElement());
+        }
+
+        out.write(0x00);
+        out.write(0x00);
+    }
+
+    static BEROctetString fromSequence(ASN1Sequence seq)
+    {
+        ASN1OctetString[]     v = new ASN1OctetString[seq.size()];
+        Enumeration e = seq.getObjects();
+        int                   index = 0;
+
+        while (e.hasMoreElements())
+        {
+            v[index++] = (ASN1OctetString)e.nextElement();
+        }
+
+        return new BEROctetString(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BEROctetStringGenerator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BEROctetStringGenerator.java
new file mode 100644
index 0000000..1fb1e57
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BEROctetStringGenerator.java

@@ -0,0 +1,134 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+import java.io.OutputStream;
+
+/**
+ * A generator for indefinite-length OCTET STRINGs
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BEROctetStringGenerator
+    extends BERGenerator
+{
+    /**
+     * Use the passed in stream as the target for the generator, writing out the header tag
+     * for a constructed OCTET STRING.
+     *
+     * @param out target stream
+     * @throws IOException if the target stream cannot be written to.
+     */
+    public BEROctetStringGenerator(OutputStream out) 
+        throws IOException
+    {
+        super(out);
+        
+        writeBERHeader(BERTags.CONSTRUCTED | BERTags.OCTET_STRING);
+    }
+
+    /**
+     * Use the passed in stream as the target for the generator, writing out the header tag
+     * for a tagged constructed OCTET STRING (possibly implicit).
+     *
+     * @param out target stream
+     * @param tagNo the tag number to introduce
+     * @param isExplicit true if this is an explicitly tagged object, false otherwise.
+     * @throws IOException if the target stream cannot be written to.
+     */
+    public BEROctetStringGenerator(
+        OutputStream out,
+        int tagNo,
+        boolean isExplicit) 
+        throws IOException
+    {
+        super(out, tagNo, isExplicit);
+        
+        writeBERHeader(BERTags.CONSTRUCTED | BERTags.OCTET_STRING);
+    }
+
+    /**
+     * Return a stream representing the content target for this OCTET STRING
+     *
+     * @return an OutputStream which chunks data in blocks of 1000 (CER limit).
+     */
+    public OutputStream getOctetOutputStream()
+    {
+        return getOctetOutputStream(new byte[1000]); // limit for CER encoding.
+    }
+
+    /**
+     * Return a stream representing the content target for this OCTET STRING
+     *
+     * @param buf the buffer to use for chunking the data.
+     * @return an OutputStream which chunks data in blocks of buf length.
+     */
+    public OutputStream getOctetOutputStream(
+        byte[] buf)
+    {
+        return new BufferedBEROctetStream(buf);
+    }
+   
+    private class BufferedBEROctetStream
+        extends OutputStream
+    {
+        private byte[] _buf;
+        private int    _off;
+        private DEROutputStream _derOut;
+
+        BufferedBEROctetStream(
+            byte[] buf)
+        {
+            _buf = buf;
+            _off = 0;
+            _derOut = new DEROutputStream(_out);
+        }
+        
+        public void write(
+            int b)
+            throws IOException
+        {
+            _buf[_off++] = (byte)b;
+
+            if (_off == _buf.length)
+            {
+                DEROctetString.encode(_derOut, _buf);
+                _off = 0;
+            }
+        }
+
+        public void write(byte[] b, int off, int len) throws IOException
+        {
+            while (len > 0)
+            {
+                int numToCopy = Math.min(len, _buf.length - _off);
+                System.arraycopy(b, off, _buf, _off, numToCopy);
+
+                _off += numToCopy;
+                if (_off < _buf.length)
+                {
+                    break;
+                }
+
+                DEROctetString.encode(_derOut, _buf);
+                _off = 0;
+
+                off += numToCopy;
+                len -= numToCopy;
+            }
+        }
+
+        public void close() 
+            throws IOException
+        {
+            if (_off != 0)
+            {
+                byte[] bytes = new byte[_off];
+                System.arraycopy(_buf, 0, bytes, 0, _off);
+                
+                DEROctetString.encode(_derOut, bytes);
+            }
+            
+             writeBEREnd();
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BEROctetStringParser.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BEROctetStringParser.java
new file mode 100644
index 0000000..674e488
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BEROctetStringParser.java

@@ -0,0 +1,62 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import com.android.org.bouncycastle.util.io.Streams;
+
+/**
+ * A parser for indefinite-length OCTET STRINGs.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BEROctetStringParser
+    implements ASN1OctetStringParser
+{
+    private ASN1StreamParser _parser;
+
+    BEROctetStringParser(
+        ASN1StreamParser parser)
+    {
+        _parser = parser;
+    }
+
+    /**
+     * Return an InputStream representing the contents of the OCTET STRING.
+     *
+     * @return an InputStream with its source as the OCTET STRING content.
+     */
+    public InputStream getOctetStream()
+    {
+        return new ConstructedOctetStream(_parser);
+    }
+
+    /**
+     * Return an in-memory, encodable, representation of the OCTET STRING.
+     *
+     * @return a BEROctetString.
+     * @throws IOException if there is an issue loading the data.
+     */
+    public ASN1Primitive getLoadedObject()
+        throws IOException
+    {
+        return new BEROctetString(Streams.readAll(getOctetStream()));
+    }
+
+    /**
+     * Return an BEROctetString representing this parser and its contents.
+     *
+     * @return an BEROctetString
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        try
+        {
+            return getLoadedObject();
+        }
+        catch (IOException e)
+        {
+            throw new ASN1ParsingException("IOException converting stream to byte array: " + e.getMessage(), e);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BEROutputStream.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BEROutputStream.java
new file mode 100644
index 0000000..7b36fff
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BEROutputStream.java

@@ -0,0 +1,53 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+import java.io.OutputStream;
+
+/**
+ * A class which writes indefinite and definite length objects. Objects which specify DER will be encoded accordingly, but DL or BER
+ * objects will be encoded as defined.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BEROutputStream
+    extends DEROutputStream
+{
+    /**
+     * Base constructor.
+     *
+     * @param os target output stream.
+     */
+    public BEROutputStream(
+        OutputStream    os)
+    {
+        super(os);
+    }
+
+    /**
+     * Write out an ASN.1 object.
+     *
+     * @param obj the object to be encoded.
+     * @throws IOException if there is an issue on encoding or output of the object.
+     */
+    public void writeObject(
+        Object    obj)
+        throws IOException
+    {
+        if (obj == null)
+        {
+            writeNull();
+        }
+        else if (obj instanceof ASN1Primitive)
+        {
+            ((ASN1Primitive)obj).encode(this);
+        }
+        else if (obj instanceof ASN1Encodable)
+        {
+            ((ASN1Encodable)obj).toASN1Primitive().encode(this);
+        }
+        else
+        {
+            throw new IOException("object not BEREncodable");
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERSequence.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERSequence.java
new file mode 100644
index 0000000..32611b6
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERSequence.java

@@ -0,0 +1,81 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+import java.util.Enumeration;
+
+/**
+ * Indefinite length SEQUENCE of objects.
+ * <p>
+ * Length field has value 0x80, and the sequence ends with two bytes of: 0x00, 0x00.
+ * </p><p>
+ * For X.690 syntax rules, see {@link ASN1Sequence}.
+ * </p>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BERSequence
+    extends ASN1Sequence
+{
+    /**
+     * Create an empty sequence
+     */
+    public BERSequence()
+    {
+    }
+
+    /**
+     * Create a sequence containing one object
+     */
+    public BERSequence(
+        ASN1Encodable obj)
+    {
+        super(obj);
+    }
+
+    /**
+     * Create a sequence containing a vector of objects.
+     */
+    public BERSequence(
+        ASN1EncodableVector v)
+    {
+        super(v);
+    }
+
+    /**
+     * Create a sequence containing an array of objects.
+     */
+    public BERSequence(
+        ASN1Encodable[]   array)
+    {
+        super(array);
+    }
+
+    int encodedLength()
+        throws IOException
+    {
+        int length = 0;
+        for (Enumeration e = getObjects(); e.hasMoreElements();)
+        {
+            length += ((ASN1Encodable)e.nextElement()).toASN1Primitive().encodedLength();
+        }
+
+        return 2 + length + 2;
+    }
+
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        out.write(BERTags.SEQUENCE | BERTags.CONSTRUCTED);
+        out.write(0x80);
+
+        Enumeration e = getObjects();
+        while (e.hasMoreElements())
+        {
+            out.writeObject((ASN1Encodable)e.nextElement());
+        }
+
+        out.write(0x00);
+        out.write(0x00);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERSequenceParser.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERSequenceParser.java
new file mode 100644
index 0000000..4963546
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERSequenceParser.java

@@ -0,0 +1,60 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+/**
+ * Parser for indefinite-length SEQUENCEs.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BERSequenceParser
+    implements ASN1SequenceParser
+{
+    private ASN1StreamParser _parser;
+
+    BERSequenceParser(ASN1StreamParser parser)
+    {
+        this._parser = parser;
+    }
+
+    /**
+     * Read the next object in the SEQUENCE.
+     *
+     * @return the next object in the SEQUENCE, null if there are no more.
+     * @throws IOException if there is an issue reading the underlying stream.
+     */
+    public ASN1Encodable readObject()
+        throws IOException
+    {
+        return _parser.readObject();
+    }
+
+    /**
+     * Return an in-memory, encodable, representation of the SEQUENCE.
+     *
+     * @return a BERSequence.
+     * @throws IOException if there is an issue loading the data.
+     */
+    public ASN1Primitive getLoadedObject()
+        throws IOException
+    {
+        return new BERSequence(_parser.readVector());
+    }
+
+    /**
+     * Return an BERSequence representing this parser and its contents.
+     *
+     * @return an BERSequence
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        try
+        {
+            return getLoadedObject();
+        }
+        catch (IOException e)
+        {
+            throw new IllegalStateException(e.getMessage());
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERSet.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERSet.java
new file mode 100644
index 0000000..78bb56b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERSet.java

@@ -0,0 +1,91 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+import java.util.Enumeration;
+
+/**
+ * Indefinite length <code>SET</code> and <code>SET OF</code> constructs.
+ * <p>
+ * Note: This does not know which syntax the set is!
+ * </p><p>
+ * Length field has value 0x80, and the set ends with two bytes of: 0x00, 0x00.
+ * </p><p>
+ * For X.690 syntax rules, see {@link ASN1Set}.
+ * </p><p>
+ * In brief: Constructing this form does not sort the supplied elements,
+ * nor does the sorting happen before serialization. This is different
+ * from the way {@link DERSet} does things.
+ * </p>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BERSet
+    extends ASN1Set
+{
+    /**
+     * Create an empty SET.
+     */
+    public BERSet()
+    {
+    }
+
+    /**
+     * Create a SET containing one object.
+     *
+     * @param obj - a single object that makes up the set.
+     */
+    public BERSet(
+        ASN1Encodable obj)
+    {
+        super(obj);
+    }
+
+    /**
+     * Create a SET containing multiple objects.
+     * @param v a vector of objects making up the set.
+     */
+    public BERSet(
+        ASN1EncodableVector v)
+    {
+        super(v, false);
+    }
+
+    /**
+     * Create a SET from an array of objects.
+     * @param a an array of ASN.1 objects.
+     */
+    public BERSet(
+        ASN1Encodable[]   a)
+    {
+        super(a, false);
+    }
+
+    int encodedLength()
+        throws IOException
+    {
+        int length = 0;
+        for (Enumeration e = getObjects(); e.hasMoreElements();)
+        {
+            length += ((ASN1Encodable)e.nextElement()).toASN1Primitive().encodedLength();
+        }
+
+        return 2 + length + 2;
+    }
+
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        out.write(BERTags.SET | BERTags.CONSTRUCTED);
+        out.write(0x80);
+
+        Enumeration e = getObjects();
+        while (e.hasMoreElements())
+        {
+            out.writeObject((ASN1Encodable)e.nextElement());
+        }
+
+        out.write(0x00);
+        out.write(0x00);
+    }
+}
\ No newline at end of file

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERSetParser.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERSetParser.java
new file mode 100644
index 0000000..8362aa1
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERSetParser.java

@@ -0,0 +1,60 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+/**
+ * Parser for indefinite-length SETs.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BERSetParser
+    implements ASN1SetParser
+{
+    private ASN1StreamParser _parser;
+
+    BERSetParser(ASN1StreamParser parser)
+    {
+        this._parser = parser;
+    }
+
+    /**
+     * Read the next object in the SET.
+     *
+     * @return the next object in the SET, null if there are no more.
+     * @throws IOException if there is an issue reading the underlying stream.
+     */
+    public ASN1Encodable readObject()
+        throws IOException
+    {
+        return _parser.readObject();
+    }
+
+    /**
+     * Return an in-memory, encodable, representation of the SET.
+     *
+     * @return a BERSet.
+     * @throws IOException if there is an issue loading the data.
+     */
+    public ASN1Primitive getLoadedObject()
+        throws IOException
+    {
+        return new BERSet(_parser.readVector());
+    }
+
+    /**
+     * Return an BERSet representing this parser and its contents.
+     *
+     * @return an BERSet
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        try
+        {
+            return getLoadedObject();
+        }
+        catch (IOException e)
+        {
+            throw new ASN1ParsingException(e.getMessage(), e);
+        }
+    }
+}
\ No newline at end of file

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERTaggedObject.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERTaggedObject.java
new file mode 100644
index 0000000..fae5488
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERTaggedObject.java

@@ -0,0 +1,149 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+import java.util.Enumeration;
+
+/**
+ * BER TaggedObject - in ASN.1 notation this is any object preceded by
+ * a [n] where n is some number - these are assumed to follow the construction
+ * rules (as with sequences).
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BERTaggedObject
+    extends ASN1TaggedObject
+{
+    /**
+     * @param tagNo the tag number for this object.
+     * @param obj the tagged object.
+     */
+    public BERTaggedObject(
+        int             tagNo,
+        ASN1Encodable    obj)
+    {
+        super(true, tagNo, obj);
+    }
+
+    /**
+     * @param explicit true if an explicitly tagged object.
+     * @param tagNo the tag number for this object.
+     * @param obj the tagged object.
+     */
+    public BERTaggedObject(
+        boolean         explicit,
+        int             tagNo,
+        ASN1Encodable    obj)
+    {
+        super(explicit, tagNo, obj);
+    }
+
+    /**
+     * create an implicitly tagged object that contains a zero
+     * length sequence.
+     */
+    public BERTaggedObject(
+        int             tagNo)
+    {
+        super(false, tagNo, new BERSequence());
+    }
+
+    boolean isConstructed()
+    {
+        if (!empty)
+        {
+            if (explicit)
+            {
+                return true;
+            }
+            else
+            {
+                ASN1Primitive primitive = obj.toASN1Primitive().toDERObject();
+
+                return primitive.isConstructed();
+            }
+        }
+        else
+        {
+            return true;
+        }
+    }
+
+    int encodedLength()
+        throws IOException
+    {
+        if (!empty)
+        {
+            ASN1Primitive primitive = obj.toASN1Primitive();
+            int length = primitive.encodedLength();
+
+            if (explicit)
+            {
+                return StreamUtil.calculateTagLength(tagNo) + StreamUtil.calculateBodyLength(length) + length;
+            }
+            else
+            {
+                // header length already in calculation
+                length = length - 1;
+
+                return StreamUtil.calculateTagLength(tagNo) + length;
+            }
+        }
+        else
+        {
+            return StreamUtil.calculateTagLength(tagNo) + 1;
+        }
+    }
+
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        out.writeTag(BERTags.CONSTRUCTED | BERTags.TAGGED, tagNo);
+        out.write(0x80);
+
+        if (!empty)
+        {
+            if (!explicit)
+            {
+                Enumeration e;
+                if (obj instanceof ASN1OctetString)
+                {
+                    if (obj instanceof BEROctetString)
+                    {
+                        e = ((BEROctetString)obj).getObjects();
+                    }
+                    else
+                    {
+                        ASN1OctetString             octs = (ASN1OctetString)obj;
+                        BEROctetString berO = new BEROctetString(octs.getOctets());
+                        e = berO.getObjects();
+                    }
+                }
+                else if (obj instanceof ASN1Sequence)
+                {
+                    e = ((ASN1Sequence)obj).getObjects();
+                }
+                else if (obj instanceof ASN1Set)
+                {
+                    e = ((ASN1Set)obj).getObjects();
+                }
+                else
+                {
+                    throw new ASN1Exception("not implemented: " + obj.getClass().getName());
+                }
+
+                while (e.hasMoreElements())
+                {
+                    out.writeObject((ASN1Encodable)e.nextElement());
+                }
+            }
+            else
+            {
+                out.writeObject(obj);
+            }
+        }
+
+        out.write(0x00);
+        out.write(0x00);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERTaggedObjectParser.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERTaggedObjectParser.java
new file mode 100644
index 0000000..efc2691
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERTaggedObjectParser.java

@@ -0,0 +1,100 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+/**
+ * Parser for indefinite-length tagged objects.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BERTaggedObjectParser
+    implements ASN1TaggedObjectParser
+{
+    private boolean _constructed;
+    private int _tagNumber;
+    private ASN1StreamParser _parser;
+
+    BERTaggedObjectParser(
+        boolean             constructed,
+        int                 tagNumber,
+        ASN1StreamParser    parser)
+    {
+        _constructed = constructed;
+        _tagNumber = tagNumber;
+        _parser = parser;
+    }
+
+    /**
+     * Return true if this tagged object is marked as constructed.
+     *
+     * @return true if constructed, false otherwise.
+     */
+    public boolean isConstructed()
+    {
+        return _constructed;
+    }
+
+    /**
+     * Return the tag number associated with this object.
+     *
+     * @return the tag number.
+     */
+    public int getTagNo()
+    {
+        return _tagNumber;
+    }
+
+    /**
+     * Return an object parser for the contents of this tagged object.
+     *
+     * @param tag the actual tag number of the object (needed if implicit).
+     * @param isExplicit true if the contained object was explicitly tagged, false if implicit.
+     * @return an ASN.1 encodable object parser.
+     * @throws IOException if there is an issue building the object parser from the stream.
+     */
+    public ASN1Encodable getObjectParser(
+        int     tag,
+        boolean isExplicit)
+        throws IOException
+    {
+        if (isExplicit)
+        {
+            if (!_constructed)
+            {
+                throw new IOException("Explicit tags must be constructed (see X.690 8.14.2)");
+            }
+            return _parser.readObject();
+        }
+
+        return _parser.readImplicit(_constructed, tag);
+    }
+
+    /**
+     * Return an in-memory, encodable, representation of the tagged object.
+     *
+     * @return an ASN1TaggedObject.
+     * @throws IOException if there is an issue loading the data.
+     */
+    public ASN1Primitive getLoadedObject()
+        throws IOException
+    {
+        return _parser.readTaggedObject(_constructed, _tagNumber);
+    }
+
+    /**
+     * Return an ASN1TaggedObject representing this parser and its contents.
+     *
+     * @return an ASN1TaggedObject
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        try
+        {
+            return this.getLoadedObject();
+        }
+        catch (IOException e)
+        {
+            throw new ASN1ParsingException(e.getMessage());
+        }
+    }
+}
\ No newline at end of file

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERTags.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERTags.java
new file mode 100644
index 0000000..a8a9644
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/BERTags.java

@@ -0,0 +1,40 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface BERTags
+{
+    public static final int BOOLEAN             = 0x01;
+    public static final int INTEGER             = 0x02;
+    public static final int BIT_STRING          = 0x03;
+    public static final int OCTET_STRING        = 0x04;
+    public static final int NULL                = 0x05;
+    public static final int OBJECT_IDENTIFIER   = 0x06;
+    public static final int EXTERNAL            = 0x08;
+    public static final int ENUMERATED          = 0x0a; // decimal 10
+    public static final int SEQUENCE            = 0x10; // decimal 16
+    public static final int SEQUENCE_OF         = 0x10; // for completeness - used to model a SEQUENCE of the same type.
+    public static final int SET                 = 0x11; // decimal 17
+    public static final int SET_OF              = 0x11; // for completeness - used to model a SET of the same type.
+
+
+    public static final int NUMERIC_STRING      = 0x12; // decimal 18
+    public static final int PRINTABLE_STRING    = 0x13; // decimal 19
+    public static final int T61_STRING          = 0x14; // decimal 20
+    public static final int VIDEOTEX_STRING     = 0x15; // decimal 21
+    public static final int IA5_STRING          = 0x16; // decimal 22
+    public static final int UTC_TIME            = 0x17; // decimal 23
+    public static final int GENERALIZED_TIME    = 0x18; // decimal 24
+    public static final int GRAPHIC_STRING      = 0x19; // decimal 25
+    public static final int VISIBLE_STRING      = 0x1a; // decimal 26
+    public static final int GENERAL_STRING      = 0x1b; // decimal 27
+    public static final int UNIVERSAL_STRING    = 0x1c; // decimal 28
+    public static final int BMP_STRING          = 0x1e; // decimal 30
+    public static final int UTF8_STRING         = 0x0c; // decimal 12
+    
+    public static final int CONSTRUCTED         = 0x20; // decimal 32
+    public static final int APPLICATION         = 0x40; // decimal 64
+    public static final int TAGGED              = 0x80; // decimal 128
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ConstructedOctetStream.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ConstructedOctetStream.java
new file mode 100644
index 0000000..7ef280d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ConstructedOctetStream.java

@@ -0,0 +1,112 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+class ConstructedOctetStream
+    extends InputStream
+{
+    private final ASN1StreamParser _parser;
+
+    private boolean                _first = true;
+    private InputStream            _currentStream;
+
+    ConstructedOctetStream(
+        ASN1StreamParser parser)
+    {
+        _parser = parser;
+    }
+
+    public int read(byte[] b, int off, int len) throws IOException
+    {
+        if (_currentStream == null)
+        {
+            if (!_first)
+            {
+                return -1;
+            }
+
+            ASN1OctetStringParser s = (ASN1OctetStringParser)_parser.readObject();
+
+            if (s == null)
+            {
+                return -1;
+            }
+
+            _first = false;
+            _currentStream = s.getOctetStream();
+        }
+
+        int totalRead = 0;
+
+        for (;;)
+        {
+            int numRead = _currentStream.read(b, off + totalRead, len - totalRead);
+
+            if (numRead >= 0)
+            {
+                totalRead += numRead;
+
+                if (totalRead == len)
+                {
+                    return totalRead;
+                }
+            }
+            else
+            {
+                ASN1OctetStringParser aos = (ASN1OctetStringParser)_parser.readObject();
+
+                if (aos == null)
+                {
+                    _currentStream = null;
+                    return totalRead < 1 ? -1 : totalRead;
+                }
+
+                _currentStream = aos.getOctetStream();
+            }
+        }
+    }
+
+    public int read()
+        throws IOException
+    {
+        if (_currentStream == null)
+        {
+            if (!_first)
+            {
+                return -1;
+            }
+
+            ASN1OctetStringParser s = (ASN1OctetStringParser)_parser.readObject();
+    
+            if (s == null)
+            {
+                return -1;
+            }
+    
+            _first = false;
+            _currentStream = s.getOctetStream();
+        }
+
+        for (;;)
+        {
+            int b = _currentStream.read();
+
+            if (b >= 0)
+            {
+                return b;
+            }
+
+            ASN1OctetStringParser s = (ASN1OctetStringParser)_parser.readObject();
+
+            if (s == null)
+            {
+                _currentStream = null;
+                return -1;
+            }
+
+            _currentStream = s.getOctetStream();
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERApplicationSpecific.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERApplicationSpecific.java
new file mode 100644
index 0000000..79698d4
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERApplicationSpecific.java

@@ -0,0 +1,126 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+
+/**
+ * A DER encoding version of an application specific object.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DERApplicationSpecific 
+    extends ASN1ApplicationSpecific
+{
+    DERApplicationSpecific(
+        boolean isConstructed,
+        int     tag,
+        byte[]  octets)
+    {
+        super(isConstructed, tag, octets);
+    }
+
+    /**
+     * Create an application specific object from the passed in data. This will assume
+     * the data does not represent a constructed object.
+     *
+     * @param tag the tag number for this object.
+     * @param octets the encoding of the object's body.
+     */
+    public DERApplicationSpecific(
+        int    tag,
+        byte[] octets)
+    {
+        this(false, tag, octets);
+    }
+
+    /**
+     * Create an application specific object with a tagging of explicit/constructed.
+     *
+     * @param tag the tag number for this object.
+     * @param object the object to be contained.
+     */
+    public DERApplicationSpecific(
+        int           tag,
+        ASN1Encodable object)
+        throws IOException 
+    {
+        this(true, tag, object);
+    }
+
+    /**
+     * Create an application specific object with the tagging style given by the value of constructed.
+     *
+     * @param constructed true if the object is constructed.
+     * @param tag the tag number for this object.
+     * @param object the object to be contained.
+     */
+    public DERApplicationSpecific(
+        boolean      constructed,
+        int          tag,
+        ASN1Encodable object)
+        throws IOException
+    {
+        super(constructed || object.toASN1Primitive().isConstructed(), tag, getEncoding(constructed, object));
+    }
+
+    private static byte[] getEncoding(boolean explicit, ASN1Encodable object)
+        throws IOException
+    {
+        byte[] data = object.toASN1Primitive().getEncoded(ASN1Encoding.DER);
+
+        if (explicit)
+        {
+            return data;
+        }
+        else
+        {
+            int lenBytes = getLengthOfHeader(data);
+            byte[] tmp = new byte[data.length - lenBytes];
+            System.arraycopy(data, lenBytes, tmp, 0, tmp.length);
+            return tmp;
+        }
+    }
+
+    /**
+     * Create an application specific object which is marked as constructed
+     *
+     * @param tagNo the tag number for this object.
+     * @param vec the objects making up the application specific object.
+     */
+    public DERApplicationSpecific(int tagNo, ASN1EncodableVector vec)
+    {
+        super(true, tagNo, getEncodedVector(vec));
+    }
+
+    private static byte[] getEncodedVector(ASN1EncodableVector vec)
+    {
+        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
+
+        for (int i = 0; i != vec.size(); i++)
+        {
+            try
+            {
+                bOut.write(((ASN1Object)vec.get(i)).getEncoded(ASN1Encoding.DER));
+            }
+            catch (IOException e)
+            {
+                throw new ASN1ParsingException("malformed object: " + e, e);
+            }
+        }
+        return bOut.toByteArray();
+    }
+
+    /* (non-Javadoc)
+     * @see org.bouncycastle.asn1.ASN1Primitive#encode(org.bouncycastle.asn1.DEROutputStream)
+     */
+    void encode(ASN1OutputStream out) throws IOException
+    {
+        int classBits = BERTags.APPLICATION;
+        if (isConstructed)
+        {
+            classBits |= BERTags.CONSTRUCTED;
+        }
+
+        out.writeEncoded(classBits, tag, octets);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERBMPString.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERBMPString.java
new file mode 100644
index 0000000..5901af2
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERBMPString.java

@@ -0,0 +1,164 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * DER BMPString object encodes BMP (<i>Basic Multilingual Plane</i>) subset
+ * (aka UCS-2) of UNICODE (ISO 10646) characters in codepoints 0 to 65535.
+ * <p>
+ * At ISO-10646:2011 the term "BMP" has been withdrawn, and replaced by
+ * term "UCS-2".
+ * </p>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DERBMPString
+    extends ASN1Primitive
+    implements ASN1String
+{
+    private final char[]  string;
+
+    /**
+     * Return a BMP String from the given object.
+     *
+     * @param obj the object we want converted.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     * @return a DERBMPString instance, or null.
+     */
+    public static DERBMPString getInstance(
+        Object  obj)
+    {
+        if (obj == null || obj instanceof DERBMPString)
+        {
+            return (DERBMPString)obj;
+        }
+
+        if (obj instanceof byte[])
+        {
+            try
+            {
+                return (DERBMPString)fromByteArray((byte[])obj);
+            }
+            catch (Exception e)
+            {
+                throw new IllegalArgumentException("encoding error in getInstance: " + e.toString());
+            }
+        }
+
+        throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName());
+    }
+
+    /**
+     * Return a BMP String from a tagged object.
+     *
+     * @param obj the tagged object holding the object we want
+     * @param explicit true if the object is meant to be explicitly
+     *              tagged false otherwise.
+     * @exception IllegalArgumentException if the tagged object cannot
+     *              be converted.
+     * @return a DERBMPString instance.
+     */
+    public static DERBMPString getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        ASN1Primitive o = obj.getObject();
+
+        if (explicit || o instanceof DERBMPString)
+        {
+            return getInstance(o);
+        }
+        else
+        {
+            return new DERBMPString(ASN1OctetString.getInstance(o).getOctets());
+        }
+    }
+
+    /**
+     * Basic constructor - byte encoded string.
+     * @param string the encoded BMP STRING to wrap.
+     */
+    DERBMPString(
+        byte[]   string)
+    {
+        char[]  cs = new char[string.length / 2];
+
+        for (int i = 0; i != cs.length; i++)
+        {
+            cs[i] = (char)((string[2 * i] << 8) | (string[2 * i + 1] & 0xff));
+        }
+
+        this.string = cs;
+    }
+
+    DERBMPString(char[] string)
+    {
+        this.string = string;
+    }
+
+    /**
+     * Basic constructor
+     * @param string a String to wrap as a BMP STRING.
+     */
+    public DERBMPString(
+        String   string)
+    {
+        this.string = string.toCharArray();
+    }
+
+    public String getString()
+    {
+        return new String(string);
+    }
+
+    public String toString()
+    {
+        return getString();
+    }
+
+    public int hashCode()
+    {
+        return Arrays.hashCode(string);
+    }
+
+    protected boolean asn1Equals(
+        ASN1Primitive o)
+    {
+        if (!(o instanceof DERBMPString))
+        {
+            return false;
+        }
+
+        DERBMPString  s = (DERBMPString)o;
+
+        return Arrays.areEqual(string, s.string);
+    }
+
+    boolean isConstructed()
+    {
+        return false;
+    }
+
+    int encodedLength()
+    {
+        return 1 + StreamUtil.calculateBodyLength(string.length * 2) + (string.length * 2);
+    }
+
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        out.write(BERTags.BMP_STRING);
+        out.writeLength(string.length * 2);
+
+        for (int i = 0; i != string.length; i++)
+        {
+            char c = string[i];
+
+            out.write((byte)(c >> 8));
+            out.write((byte)c);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERBitString.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERBitString.java
new file mode 100644
index 0000000..cad5042
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERBitString.java

@@ -0,0 +1,161 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+/**
+ * A BIT STRING with DER encoding - the first byte contains the count of padding bits included in the byte array's last byte.
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public class DERBitString
+    extends ASN1BitString
+{
+    /**
+     * return a Bit String from the passed in object
+     *
+     * @param obj a DERBitString or an object that can be converted into one.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     * @return a DERBitString instance, or null.
+     */
+    public static DERBitString getInstance(
+        Object  obj)
+    {
+        if (obj == null || obj instanceof DERBitString)
+        {
+            return (DERBitString)obj;
+        }
+        if (obj instanceof DLBitString)
+        {
+            return new DERBitString(((DLBitString)obj).data, ((DLBitString)obj).padBits);
+        }
+        if (obj instanceof byte[])
+        {
+            try
+            {
+                return (DERBitString)fromByteArray((byte[])obj);
+            }
+            catch (Exception e)
+            {
+                throw new IllegalArgumentException("encoding error in getInstance: " + e.toString());
+            }
+        }
+
+        throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName());
+    }
+
+    /**
+     * return a Bit String from a tagged object.
+     *
+     * @param obj the tagged object holding the object we want
+     * @param explicit true if the object is meant to be explicitly
+     *              tagged false otherwise.
+     * @exception IllegalArgumentException if the tagged object cannot
+     *               be converted.
+     * @return a DERBitString instance, or null.
+     */
+    public static DERBitString getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        ASN1Primitive o = obj.getObject();
+
+        if (explicit || o instanceof DERBitString)
+        {
+            return getInstance(o);
+        }
+        else
+        {
+            return fromOctetString(((ASN1OctetString)o).getOctets());
+        }
+    }
+    
+    protected DERBitString(
+        byte    data,
+        int     padBits)
+    {
+        this(toByteArray(data), padBits);
+    }
+
+    private static byte[] toByteArray(byte data)
+    {
+        byte[] rv = new byte[1];
+
+        rv[0] = data;
+
+        return rv;
+    }
+
+    /**
+     * @param data the octets making up the bit string.
+     * @param padBits the number of extra bits at the end of the string.
+     */
+    public DERBitString(
+        byte[]  data,
+        int     padBits)
+    {
+        super(data, padBits);
+    }
+
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public DERBitString(
+        byte[]  data)
+    {
+        this(data, 0);
+    }
+
+    public DERBitString(
+        int value)
+    {
+        super(getBytes(value), getPadBits(value));
+    }
+
+    public DERBitString(
+        ASN1Encodable obj)
+        throws IOException
+    {
+        super(obj.toASN1Primitive().getEncoded(ASN1Encoding.DER), 0);
+    }
+
+    boolean isConstructed()
+    {
+        return false;
+    }
+
+    int encodedLength()
+    {
+        return 1 + StreamUtil.calculateBodyLength(data.length + 1) + data.length + 1;
+    }
+
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        byte[] string = derForm(data, padBits);
+        byte[] bytes = new byte[string.length + 1];
+
+        bytes[0] = (byte)getPadBits();
+        System.arraycopy(string, 0, bytes, 1, bytes.length - 1);
+
+        out.writeEncoded(BERTags.BIT_STRING, bytes);
+    }
+
+    static DERBitString fromOctetString(byte[] bytes)
+    {
+        if (bytes.length < 1)
+        {
+            throw new IllegalArgumentException("truncated BIT STRING detected");
+        }
+
+        int padBits = bytes[0];
+        byte[] data = new byte[bytes.length - 1];
+
+        if (data.length != 0)
+        {
+            System.arraycopy(bytes, 1, data, 0, bytes.length - 1);
+        }
+
+        return new DERBitString(data, padBits);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERBoolean.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERBoolean.java
new file mode 100644
index 0000000..f3b4fdc
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERBoolean.java

@@ -0,0 +1,24 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+/**
+ * @deprecated use ASN1Boolean
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DERBoolean
+    extends ASN1Boolean
+{
+    /**
+     * @deprecated use getInstance(boolean) method.
+     * @param value
+     */
+    public DERBoolean(boolean value)
+    {
+        super(value);
+    }
+
+    DERBoolean(byte[] value)
+    {
+        super(value);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DEREncodableVector.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DEREncodableVector.java
new file mode 100644
index 0000000..4cd553b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DEREncodableVector.java

@@ -0,0 +1,21 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+/**
+ * a general class for building up a vector of DER encodable objects -
+ * this will eventually be superseded by ASN1EncodableVector so you should
+ * use that class in preference.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DEREncodableVector
+    extends ASN1EncodableVector
+{
+    /**
+     * @deprecated use ASN1EncodableVector instead.
+     */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    public DEREncodableVector()
+    {
+
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DEREnumerated.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DEREnumerated.java
new file mode 100644
index 0000000..5d3ce32
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DEREnumerated.java

@@ -0,0 +1,39 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.math.BigInteger;
+
+/**
+ * @deprecated Use ASN1Enumerated instead of this.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DEREnumerated
+    extends ASN1Enumerated
+{
+    /**
+     * @param bytes the value of this enumerated as an encoded BigInteger (signed).
+     * @deprecated use ASN1Enumerated
+     */
+    DEREnumerated(byte[] bytes)
+    {
+        super(bytes);
+    }
+
+    /**
+     * @param value the value of this enumerated.
+     * @deprecated use ASN1Enumerated
+     */
+    public DEREnumerated(BigInteger value)
+    {
+        super(value);
+    }
+
+    /**
+     * @param value the value of this enumerated.
+     * @deprecated use ASN1Enumerated
+     */
+    public DEREnumerated(int value)
+    {
+        super(value);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERExternal.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERExternal.java
new file mode 100644
index 0000000..d49f199
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERExternal.java

@@ -0,0 +1,87 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+
+/**
+ * Class representing the DER-type External
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DERExternal
+    extends ASN1External
+{
+    /**
+     * Construct a DER EXTERNAL object, the input encoding vector must have exactly two elements on it.
+     * <p>
+     * Acceptable input formats are:
+     * <ul>
+     * <li> {@link ASN1ObjectIdentifier} + data {@link DERTaggedObject} (direct reference form)</li>
+     * <li> {@link ASN1Integer} + data {@link DERTaggedObject} (indirect reference form)</li>
+     * <li> Anything but {@link DERTaggedObject} + data {@link DERTaggedObject} (data value form)</li>
+     * </ul>
+     *
+     * @throws IllegalArgumentException if input size is wrong, or
+     */
+    public DERExternal(ASN1EncodableVector vector)
+    {
+        super(vector);
+    }
+
+    /**
+     * Creates a new instance of DERExternal
+     * See X.690 for more informations about the meaning of these parameters
+     * @param directReference The direct reference or <code>null</code> if not set.
+     * @param indirectReference The indirect reference or <code>null</code> if not set.
+     * @param dataValueDescriptor The data value descriptor or <code>null</code> if not set.
+     * @param externalData The external data in its encoded form.
+     */
+    public DERExternal(ASN1ObjectIdentifier directReference, ASN1Integer indirectReference, ASN1Primitive dataValueDescriptor, DERTaggedObject externalData)
+    {
+        this(directReference, indirectReference, dataValueDescriptor, externalData.getTagNo(), externalData.toASN1Primitive());
+    }
+
+    /**
+     * Creates a new instance of DERExternal.
+     * See X.690 for more informations about the meaning of these parameters
+     * @param directReference The direct reference or <code>null</code> if not set.
+     * @param indirectReference The indirect reference or <code>null</code> if not set.
+     * @param dataValueDescriptor The data value descriptor or <code>null</code> if not set.
+     * @param encoding The encoding to be used for the external data
+     * @param externalData The external data
+     */
+    public DERExternal(ASN1ObjectIdentifier directReference, ASN1Integer indirectReference, ASN1Primitive dataValueDescriptor, int encoding, ASN1Primitive externalData)
+    {
+        super(directReference, indirectReference, dataValueDescriptor, encoding, externalData);
+    }
+
+    int encodedLength()
+        throws IOException
+    {
+        return this.getEncoded().length;
+    }
+
+    /* (non-Javadoc)
+     * @see org.bouncycastle.asn1.ASN1Primitive#encode(org.bouncycastle.asn1.DEROutputStream)
+     */
+    void encode(ASN1OutputStream out)
+        throws IOException
+    {
+        ByteArrayOutputStream baos = new ByteArrayOutputStream();
+        if (directReference != null)
+        {
+            baos.write(directReference.getEncoded(ASN1Encoding.DER));
+        }
+        if (indirectReference != null)
+        {
+            baos.write(indirectReference.getEncoded(ASN1Encoding.DER));
+        }
+        if (dataValueDescriptor != null)
+        {
+            baos.write(dataValueDescriptor.getEncoded(ASN1Encoding.DER));
+        }
+        DERTaggedObject obj = new DERTaggedObject(true, encoding, externalContent);
+        baos.write(obj.getEncoded(ASN1Encoding.DER));
+        out.writeEncoded(BERTags.CONSTRUCTED, BERTags.EXTERNAL, baos.toByteArray());
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERExternalParser.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERExternalParser.java
new file mode 100644
index 0000000..ede2658
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERExternalParser.java

@@ -0,0 +1,70 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+/**
+ * Parser DER EXTERNAL tagged objects.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DERExternalParser
+    implements ASN1Encodable, InMemoryRepresentable
+{
+    private ASN1StreamParser _parser;
+
+    /**
+     * Base constructor.
+     *
+     * @param parser the underlying parser to read the DER EXTERNAL from.
+     */
+    public DERExternalParser(ASN1StreamParser parser)
+    {
+        this._parser = parser;
+    }
+
+    public ASN1Encodable readObject()
+        throws IOException
+    {
+        return _parser.readObject();
+    }
+
+    /**
+     * Return an in-memory, encodable, representation of the EXTERNAL object.
+     *
+     * @return a DERExternal.
+     * @throws IOException if there is an issue loading the data.
+     */
+    public ASN1Primitive getLoadedObject()
+        throws IOException
+    {
+        try
+        {
+            return new DLExternal(_parser.readVector());
+        }
+        catch (IllegalArgumentException e)
+        {
+            throw new ASN1Exception(e.getMessage(), e);
+        }
+    }
+
+    /**
+     * Return an DERExternal representing this parser and its contents.
+     *
+     * @return an DERExternal
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        try
+        {
+            return getLoadedObject();
+        }
+        catch (IOException ioe)
+        {
+            throw new ASN1ParsingException("unable to get DER object", ioe);
+        }
+        catch (IllegalArgumentException ioe)
+        {
+            throw new ASN1ParsingException("unable to get DER object", ioe);
+        }
+    }
+}
\ No newline at end of file

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERFactory.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERFactory.java
new file mode 100644
index 0000000..dcd43aa
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERFactory.java

@@ -0,0 +1,18 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+class DERFactory
+{
+    static final ASN1Sequence EMPTY_SEQUENCE = new DERSequence();
+    static final ASN1Set EMPTY_SET = new DERSet();
+
+    static ASN1Sequence createSequence(ASN1EncodableVector v)
+    {
+        return v.size() < 1 ? EMPTY_SEQUENCE : new DLSequence(v);
+    }
+
+    static ASN1Set createSet(ASN1EncodableVector v)
+    {
+        return v.size() < 1 ? EMPTY_SET : new DLSet(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERGeneralString.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERGeneralString.java
new file mode 100644
index 0000000..f1060f8
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERGeneralString.java

@@ -0,0 +1,151 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * ASN.1 GENERAL-STRING data type.
+ * <p>
+ * This is an 8-bit encoded ISO 646 (ASCII) character set
+ * with optional escapes to other character sets.
+ * </p>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DERGeneralString 
+    extends ASN1Primitive
+    implements ASN1String
+{
+    private final byte[] string;
+
+    /**
+     * Return a GeneralString from the given object.
+     *
+     * @param obj the object we want converted.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     * @return a DERBMPString instance, or null.
+     */
+    public static DERGeneralString getInstance(
+        Object obj) 
+    {
+        if (obj == null || obj instanceof DERGeneralString) 
+        {
+            return (DERGeneralString) obj;
+        }
+
+        if (obj instanceof byte[])
+        {
+            try
+            {
+                return (DERGeneralString)fromByteArray((byte[])obj);
+            }
+            catch (Exception e)
+            {
+                throw new IllegalArgumentException("encoding error in getInstance: " + e.toString());
+            }
+        }
+
+        throw new IllegalArgumentException("illegal object in getInstance: "
+                + obj.getClass().getName());
+    }
+
+    /**
+     * Return a GeneralString from a tagged object.
+     *
+     * @param obj the tagged object holding the object we want
+     * @param explicit true if the object is meant to be explicitly
+     *              tagged false otherwise.
+     * @exception IllegalArgumentException if the tagged object cannot
+     *              be converted.
+     * @return a DERGeneralString instance.
+     */
+    public static DERGeneralString getInstance(
+        ASN1TaggedObject obj, 
+        boolean explicit) 
+    {
+        ASN1Primitive o = obj.getObject();
+
+        if (explicit || o instanceof DERGeneralString)
+        {
+            return getInstance(o);
+        }
+        else
+        {
+            return new DERGeneralString(((ASN1OctetString)o).getOctets());
+        }
+    }
+
+    DERGeneralString(byte[] string)
+    {
+        this.string = string;
+    }
+
+    /**
+     * Construct a GeneralString from the passed in String.
+     *
+     * @param string the string to be contained in this object.
+     */
+    public DERGeneralString(String string) 
+    {
+        this.string = Strings.toByteArray(string);
+    }
+
+    /**
+     * Return a Java String representation of our contained String.
+     *
+     * @return a Java String representing our contents.
+     */
+    public String getString() 
+    {
+        return Strings.fromByteArray(string);
+    }
+
+    public String toString()
+    {
+        return getString();
+    }
+
+    /**
+     * Return a byte array representation of our contained String.
+     *
+     * @return a byte array representing our contents.
+     */
+    public byte[] getOctets() 
+    {
+        return Arrays.clone(string);
+    }
+
+    boolean isConstructed()
+    {
+        return false;
+    }
+
+    int encodedLength()
+    {
+        return 1 + StreamUtil.calculateBodyLength(string.length) + string.length;
+    }
+
+    void encode(ASN1OutputStream out)
+        throws IOException 
+    {
+        out.writeEncoded(BERTags.GENERAL_STRING, string);
+    }
+    
+    public int hashCode() 
+    {
+        return Arrays.hashCode(string);
+    }
+    
+    boolean asn1Equals(ASN1Primitive o)
+    {
+        if (!(o instanceof DERGeneralString)) 
+        {
+            return false;
+        }
+        DERGeneralString s = (DERGeneralString)o;
+
+        return Arrays.areEqual(string, s.string);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERGeneralizedTime.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERGeneralizedTime.java
new file mode 100644
index 0000000..41fbfb6
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERGeneralizedTime.java

@@ -0,0 +1,118 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+import java.util.Date;
+
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * DER Generalized time object.
+ * <h3>11: Restrictions on BER employed by both CER and DER</h3>
+ * <h4>11.7 GeneralizedTime </h4>
+ * <p>
+ * <b>11.7.1</b> The encoding shall terminate with a "Z",
+ * as described in the ITU-T Rec. X.680 | ISO/IEC 8824-1 clause on
+ * GeneralizedTime.
+ * </p><p>
+ * <b>11.7.2</b> The seconds element shall always be present.
+ * </p>
+ * <p>
+ * <b>11.7.3</b> The fractional-seconds elements, if present,
+ * shall omit all trailing zeros; if the elements correspond to 0,
+ * they shall be wholly omitted, and the decimal point element also
+ * shall be omitted.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DERGeneralizedTime
+    extends ASN1GeneralizedTime
+{
+    public DERGeneralizedTime(byte[] time)
+    {
+        super(time);
+    }
+
+    public DERGeneralizedTime(Date time)
+    {
+        super(time);
+    }
+
+    public DERGeneralizedTime(String time)
+    {
+        super(time);
+    }
+
+    private byte[] getDERTime()
+    {
+        if (time[time.length - 1] == 'Z')
+        {
+            if (!hasMinutes())
+            {
+                byte[] derTime = new byte[time.length + 4];
+
+                System.arraycopy(time, 0, derTime, 0, time.length - 1);
+                System.arraycopy(Strings.toByteArray("0000Z"), 0, derTime, time.length - 1, 5);
+
+                return derTime;
+            }
+            else if (!hasSeconds())
+            {
+                byte[] derTime = new byte[time.length + 2];
+
+                System.arraycopy(time, 0, derTime, 0, time.length - 1);
+                System.arraycopy(Strings.toByteArray("00Z"), 0, derTime, time.length - 1, 3);
+
+                return derTime;
+            }
+            else if (hasFractionalSeconds())
+            {
+                int ind = time.length - 2;
+                while (ind > 0 && time[ind] == '0')
+                {
+                    ind--;
+                }
+
+                if (time[ind] == '.')
+                {
+                    byte[] derTime = new byte[ind + 1];
+
+                    System.arraycopy(time, 0, derTime, 0, ind);
+                    derTime[ind] = (byte)'Z';
+
+                    return derTime;
+                }
+                else
+                {
+                    byte[] derTime = new byte[ind + 2];
+
+                    System.arraycopy(time, 0, derTime, 0, ind + 1);
+                    derTime[ind + 1] = (byte)'Z';
+
+                    return derTime;
+                }
+            }
+            else
+            {
+                return time;
+            }
+        }
+        else
+        {
+            return time; // TODO: is there a better way?
+        }
+    }
+
+    int encodedLength()
+    {
+        int length = getDERTime().length;
+
+        return 1 + StreamUtil.calculateBodyLength(length) + length;
+    }
+
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        out.writeEncoded(BERTags.GENERALIZED_TIME, getDERTime());
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERGraphicString.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERGraphicString.java
new file mode 100644
index 0000000..a76ba80
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERGraphicString.java

@@ -0,0 +1,128 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DERGraphicString
+    extends ASN1Primitive
+    implements ASN1String
+{
+    private final byte[] string;
+    
+    /**
+     * return a Graphic String from the passed in object
+     *
+     * @param obj a DERGraphicString or an object that can be converted into one.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     * @return a DERGraphicString instance, or null.
+     */
+    public static DERGraphicString getInstance(
+        Object  obj)
+    {
+        if (obj == null || obj instanceof DERGraphicString)
+        {
+            return (DERGraphicString)obj;
+        }
+
+        if (obj instanceof byte[])
+        {
+            try
+            {
+                return (DERGraphicString)fromByteArray((byte[])obj);
+            }
+            catch (Exception e)
+            {
+                throw new IllegalArgumentException("encoding error in getInstance: " + e.toString());
+            }
+        }
+
+        throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName());
+    }
+
+    /**
+     * return a Graphic String from a tagged object.
+     *
+     * @param obj the tagged object holding the object we want
+     * @param explicit true if the object is meant to be explicitly
+     *              tagged false otherwise.
+     * @exception IllegalArgumentException if the tagged object cannot
+     *               be converted.
+     * @return a DERGraphicString instance, or null.
+     */
+    public static DERGraphicString getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        ASN1Primitive o = obj.getObject();
+
+        if (explicit || o instanceof DERGraphicString)
+        {
+            return getInstance(o);
+        }
+        else
+        {
+            return new DERGraphicString(((ASN1OctetString)o).getOctets());
+        }
+    }
+
+    /**
+     * basic constructor - with bytes.
+     * @param string the byte encoding of the characters making up the string.
+     */
+    public DERGraphicString(
+        byte[]   string)
+    {
+        this.string = Arrays.clone(string);
+    }
+    
+    public byte[] getOctets()
+    {
+        return Arrays.clone(string);
+    }
+
+    boolean isConstructed()
+    {
+        return false;
+    }
+
+    int encodedLength()
+    {
+        return 1 + StreamUtil.calculateBodyLength(string.length) + string.length;
+    }
+
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        out.writeEncoded(BERTags.GRAPHIC_STRING, string);
+    }
+
+    public int hashCode()
+    {
+        return Arrays.hashCode(string);
+    }
+
+    boolean asn1Equals(
+        ASN1Primitive o)
+    {
+        if (!(o instanceof DERGraphicString))
+        {
+            return false;
+        }
+
+        DERGraphicString  s = (DERGraphicString)o;
+
+        return Arrays.areEqual(string, s.string);
+    }
+
+    public String getString()
+    {
+        return Strings.fromByteArray(string);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERIA5String.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERIA5String.java
new file mode 100644
index 0000000..b29aed2
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERIA5String.java

@@ -0,0 +1,194 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * DER IA5String object - this is a ISO 646 (ASCII) string encoding code points 0 to 127.
+ * <p>
+ * Explicit character set escape sequences are not allowed.
+ * </p>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DERIA5String
+    extends ASN1Primitive
+    implements ASN1String
+{
+    private final byte[]  string;
+
+    /**
+     * Return an IA5 string from the passed in object
+     *
+     * @param obj a DERIA5String or an object that can be converted into one.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     * @return a DERIA5String instance, or null.
+     */
+    public static DERIA5String getInstance(
+        Object  obj)
+    {
+        if (obj == null || obj instanceof DERIA5String)
+        {
+            return (DERIA5String)obj;
+        }
+
+        if (obj instanceof byte[])
+        {
+            try
+            {
+                return (DERIA5String)fromByteArray((byte[])obj);
+            }
+            catch (Exception e)
+            {
+                throw new IllegalArgumentException("encoding error in getInstance: " + e.toString());
+            }
+        }
+
+        throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName());
+    }
+
+    /**
+     * Return an IA5 String from a tagged object.
+     *
+     * @param obj the tagged object holding the object we want
+     * @param explicit true if the object is meant to be explicitly
+     *              tagged false otherwise.
+     * @exception IllegalArgumentException if the tagged object cannot
+     *               be converted.
+     * @return a DERIA5String instance, or null.
+     */
+    public static DERIA5String getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        ASN1Primitive o = obj.getObject();
+
+        if (explicit || o instanceof DERIA5String)
+        {
+            return getInstance(o);
+        }
+        else
+        {
+            return new DERIA5String(((ASN1OctetString)o).getOctets());
+        }
+    }
+
+    /**
+     * Basic constructor - with bytes.
+     * @param string the byte encoding of the characters making up the string.
+     */
+    DERIA5String(
+        byte[]   string)
+    {
+        this.string = string;
+    }
+
+    /**
+     * Basic constructor - without validation.
+     * @param string the base string to use..
+     */
+    public DERIA5String(
+        String   string)
+    {
+        this(string, false);
+    }
+
+    /**
+     * Constructor with optional validation.
+     *
+     * @param string the base string to wrap.
+     * @param validate whether or not to check the string.
+     * @throws IllegalArgumentException if validate is true and the string
+     * contains characters that should not be in an IA5String.
+     */
+    public DERIA5String(
+        String   string,
+        boolean  validate)
+    {
+        if (string == null)
+        {
+            throw new NullPointerException("string cannot be null");
+        }
+        if (validate && !isIA5String(string))
+        {
+            throw new IllegalArgumentException("string contains illegal characters");
+        }
+
+        this.string = Strings.toByteArray(string);
+    }
+
+    public String getString()
+    {
+        return Strings.fromByteArray(string);
+    }
+
+    public String toString()
+    {
+        return getString();
+    }
+
+    public byte[] getOctets()
+    {
+        return Arrays.clone(string);
+    }
+
+    boolean isConstructed()
+    {
+        return false;
+    }
+
+    int encodedLength()
+    {
+        return 1 + StreamUtil.calculateBodyLength(string.length) + string.length;
+    }
+
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        out.writeEncoded(BERTags.IA5_STRING, string);
+    }
+
+    public int hashCode()
+    {
+        return Arrays.hashCode(string);
+    }
+
+    boolean asn1Equals(
+        ASN1Primitive o)
+    {
+        if (!(o instanceof DERIA5String))
+        {
+            return false;
+        }
+
+        DERIA5String  s = (DERIA5String)o;
+
+        return Arrays.areEqual(string, s.string);
+    }
+
+    /**
+     * return true if the passed in String can be represented without
+     * loss as an IA5String, false otherwise.
+     *
+     * @param str the string to check.
+     * @return true if character set in IA5String set, false otherwise.
+     */
+    public static boolean isIA5String(
+        String  str)
+    {
+        for (int i = str.length() - 1; i >= 0; i--)
+        {
+            char    ch = str.charAt(i);
+
+            if (ch > 0x007f)
+            {
+                return false;
+            }
+        }
+
+        return true;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERInteger.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERInteger.java
new file mode 100644
index 0000000..381f562
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERInteger.java

@@ -0,0 +1,36 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.math.BigInteger;
+
+/**
+ * @deprecated  Use ASN1Integer instead of this,
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public class DERInteger
+    extends ASN1Integer
+{
+    /**
+     * Constructor from a byte array containing a signed representation of the number.
+     *
+     * @param bytes a byte array containing the signed number.A copy is made of the byte array.
+     */
+    public DERInteger(byte[] bytes)
+    {
+        super(bytes, true);
+    }
+
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    public DERInteger(BigInteger value)
+    {
+        super(value);
+    }
+
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public DERInteger(long value)
+    {
+        super(value);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERNull.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERNull.java
new file mode 100644
index 0000000..13a21db
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERNull.java

@@ -0,0 +1,46 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+/**
+ * An ASN.1 DER NULL object.
+ * <p>
+ * Preferably use the constant:  DERNull.INSTANCE.
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public class DERNull
+    extends ASN1Null
+{
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public static final DERNull INSTANCE = new DERNull();
+
+    private static final byte[]  zeroBytes = new byte[0];
+
+    /**
+     * @deprecated use DERNull.INSTANCE
+     */
+    // Android-changed: Reduce visibility to protected.
+    protected DERNull()
+    {
+    }
+
+    boolean isConstructed()
+    {
+        return false;
+    }
+
+    int encodedLength()
+    {
+        return 2;
+    }
+
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        out.writeEncoded(BERTags.NULL, zeroBytes);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERNumericString.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERNumericString.java
new file mode 100644
index 0000000..f5633f7
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERNumericString.java

@@ -0,0 +1,198 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * DER NumericString object - this is an ascii string of characters {0,1,2,3,4,5,6,7,8,9, }.
+ * ASN.1 NUMERIC-STRING object.
+ * <p>
+ * This is an ASCII string of characters {0,1,2,3,4,5,6,7,8,9} + space.
+ * <p>
+ * See X.680 section 37.2.
+ * <p>
+ * Explicit character set escape sequences are not allowed.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DERNumericString
+    extends ASN1Primitive
+    implements ASN1String
+{
+    private final byte[]  string;
+
+    /**
+     * Return a Numeric string from the passed in object
+     *
+     * @param obj a DERNumericString or an object that can be converted into one.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     * @return a DERNumericString instance, or null
+     */
+    public static DERNumericString getInstance(
+        Object  obj)
+    {
+        if (obj == null || obj instanceof DERNumericString)
+        {
+            return (DERNumericString)obj;
+        }
+
+        if (obj instanceof byte[])
+        {
+            try
+            {
+                return (DERNumericString)fromByteArray((byte[])obj);
+            }
+            catch (Exception e)
+            {
+                throw new IllegalArgumentException("encoding error in getInstance: " + e.toString());
+            }
+        }
+
+        throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName());
+    }
+
+    /**
+     * Return an Numeric String from a tagged object.
+     *
+     * @param obj the tagged object holding the object we want
+     * @param explicit true if the object is meant to be explicitly
+     *              tagged false otherwise.
+     * @exception IllegalArgumentException if the tagged object cannot
+     *               be converted.
+     * @return a DERNumericString instance, or null.
+     */
+    public static DERNumericString getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        ASN1Primitive o = obj.getObject();
+
+        if (explicit || o instanceof DERNumericString)
+        {
+            return getInstance(o);
+        }
+        else
+        {
+            return new DERNumericString(ASN1OctetString.getInstance(o).getOctets());
+        }
+    }
+
+    /**
+     * Basic constructor - with bytes.
+     */
+    DERNumericString(
+        byte[]   string)
+    {
+        this.string = string;
+    }
+
+    /**
+     * Basic constructor -  without validation..
+     */
+    public DERNumericString(
+        String   string)
+    {
+        this(string, false);
+    }
+
+    /**
+     * Constructor with optional validation.
+     *
+     * @param string the base string to wrap.
+     * @param validate whether or not to check the string.
+     * @throws IllegalArgumentException if validate is true and the string
+     * contains characters that should not be in a NumericString.
+     */
+    public DERNumericString(
+        String   string,
+        boolean  validate)
+    {
+        if (validate && !isNumericString(string))
+        {
+            throw new IllegalArgumentException("string contains illegal characters");
+        }
+
+        this.string = Strings.toByteArray(string);
+    }
+
+    public String getString()
+    {
+        return Strings.fromByteArray(string);
+    }
+
+    public String toString()
+    {
+        return getString();
+    }
+
+    public byte[] getOctets()
+    {
+        return Arrays.clone(string);
+    }
+
+    boolean isConstructed()
+    {
+        return false;
+    }
+
+    int encodedLength()
+    {
+        return 1 + StreamUtil.calculateBodyLength(string.length) + string.length;
+    }
+
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        out.writeEncoded(BERTags.NUMERIC_STRING, string);
+    }
+
+    public int hashCode()
+    {
+        return Arrays.hashCode(string);
+    }
+
+    boolean asn1Equals(
+        ASN1Primitive o)
+    {
+        if (!(o instanceof DERNumericString))
+        {
+            return false;
+        }
+
+        DERNumericString  s = (DERNumericString)o;
+
+        return Arrays.areEqual(string, s.string);
+    }
+
+    /**
+     * Return true if the string can be represented as a NumericString ('0'..'9', ' ')
+     *
+     * @param str string to validate.
+     * @return true if numeric, fale otherwise.
+     */
+    public static boolean isNumericString(
+        String  str)
+    {
+        for (int i = str.length() - 1; i >= 0; i--)
+        {
+            char    ch = str.charAt(i);
+
+            if (ch > 0x007f)
+            {
+                return false;
+            }
+
+            if (('0' <= ch && ch <= '9') || ch == ' ')
+            {
+                continue;
+            }
+
+            return false;
+        }
+
+        return true;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERObjectIdentifier.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERObjectIdentifier.java
new file mode 100644
index 0000000..35efdf3
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERObjectIdentifier.java

@@ -0,0 +1,27 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+/**
+ *
+ * @deprecated Use ASN1ObjectIdentifier instead of this,
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DERObjectIdentifier
+    extends ASN1ObjectIdentifier
+{
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    public DERObjectIdentifier(String identifier)
+    {
+        super(identifier);
+    }
+
+    DERObjectIdentifier(byte[] bytes)
+    {
+        super(bytes);
+    }
+
+    DERObjectIdentifier(ASN1ObjectIdentifier oid, String branch)
+    {
+        super(oid, branch);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DEROctetString.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DEROctetString.java
new file mode 100644
index 0000000..42b30eb
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DEROctetString.java

@@ -0,0 +1,63 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+/**
+ * Carrier class for a DER encoding OCTET STRING
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public class DEROctetString
+    extends ASN1OctetString
+{
+    /**
+     * Base constructor.
+     *
+     * @param string the octets making up the octet string.
+     */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public DEROctetString(
+        byte[]  string)
+    {
+        super(string);
+    }
+
+    /**
+     * Constructor from the encoding of an ASN.1 object.
+     *
+     * @param obj the object to be encoded.
+     */
+    public DEROctetString(
+        ASN1Encodable obj)
+        throws IOException
+    {
+        super(obj.toASN1Primitive().getEncoded(ASN1Encoding.DER));
+    }
+
+    boolean isConstructed()
+    {
+        return false;
+    }
+
+    int encodedLength()
+    {
+        return 1 + StreamUtil.calculateBodyLength(string.length) + string.length;
+    }
+
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        out.writeEncoded(BERTags.OCTET_STRING, string);
+    }
+
+    static void encode(
+        DEROutputStream derOut,
+        byte[]          bytes)
+        throws IOException
+    {
+        derOut.writeEncoded(BERTags.OCTET_STRING, bytes);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DEROctetStringParser.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DEROctetStringParser.java
new file mode 100644
index 0000000..8ea3ef4
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DEROctetStringParser.java

@@ -0,0 +1,60 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+/**
+ * Parser for DER encoded OCTET STRINGS
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DEROctetStringParser
+    implements ASN1OctetStringParser
+{
+    private DefiniteLengthInputStream stream;
+
+    DEROctetStringParser(
+        DefiniteLengthInputStream stream)
+    {
+        this.stream = stream;
+    }
+
+    /**
+     * Return an InputStream representing the contents of the OCTET STRING.
+     *
+     * @return an InputStream with its source as the OCTET STRING content.
+     */
+    public InputStream getOctetStream()
+    {
+        return stream;
+    }
+
+    /**
+     * Return an in-memory, encodable, representation of the OCTET STRING.
+     *
+     * @return a DEROctetString.
+     * @throws IOException if there is an issue loading the data.
+     */
+    public ASN1Primitive getLoadedObject()
+        throws IOException
+    {
+        return new DEROctetString(stream.toByteArray());
+    }
+
+    /**
+     * Return an DEROctetString representing this parser and its contents.
+     *
+     * @return an DEROctetString
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        try
+        {
+            return getLoadedObject();
+        }
+        catch (IOException e)
+        {
+            throw new ASN1ParsingException("IOException converting stream to byte array: " + e.getMessage(), e);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DEROutputStream.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DEROutputStream.java
new file mode 100644
index 0000000..5b9d638
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DEROutputStream.java

@@ -0,0 +1,44 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+import java.io.OutputStream;
+
+/**
+ * Stream that outputs encoding based on distinguished encoding rules.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DEROutputStream
+    extends ASN1OutputStream
+{
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    public DEROutputStream(
+        OutputStream    os)
+    {
+        super(os);
+    }
+
+    public void writeObject(
+        ASN1Encodable obj)
+        throws IOException
+    {
+        if (obj != null)
+        {
+            obj.toASN1Primitive().toDERObject().encode(this);
+        }
+        else
+        {
+            throw new IOException("null object detected");
+        }
+    }
+
+    ASN1OutputStream getDERSubStream()
+    {
+        return this;
+    }
+
+    ASN1OutputStream getDLSubStream()
+    {
+        return this;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERPrintableString.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERPrintableString.java
new file mode 100644
index 0000000..7ecdda2
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERPrintableString.java

@@ -0,0 +1,241 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * DER PrintableString object.
+ * <p>
+ * X.680 section 37.4 defines PrintableString character codes as ASCII subset of following characters:
+ * </p>
+ * <ul>
+ * <li>Latin capital letters: 'A' .. 'Z'</li>
+ * <li>Latin small letters: 'a' .. 'z'</li>
+ * <li>Digits: '0'..'9'</li>
+ * <li>Space</li>
+ * <li>Apostrophe: '\''</li>
+ * <li>Left parenthesis: '('</li>
+ * <li>Right parenthesis: ')'</li>
+ * <li>Plus sign: '+'</li>
+ * <li>Comma: ','</li>
+ * <li>Hyphen-minus: '-'</li>
+ * <li>Full stop: '.'</li>
+ * <li>Solidus: '/'</li>
+ * <li>Colon: ':'</li>
+ * <li>Equals sign: '='</li>
+ * <li>Question mark: '?'</li>
+ * </ul>
+ * <p>
+ * Explicit character set escape sequences are not allowed.
+ * </p>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DERPrintableString
+    extends ASN1Primitive
+    implements ASN1String
+{
+    private final byte[]  string;
+
+    /**
+     * Return a printable string from the passed in object.
+     *
+     * @param obj a DERPrintableString or an object that can be converted into one.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     * @return a DERPrintableString instance, or null.
+     */
+    public static DERPrintableString getInstance(
+        Object  obj)
+    {
+        if (obj == null || obj instanceof DERPrintableString)
+        {
+            return (DERPrintableString)obj;
+        }
+
+        if (obj instanceof byte[])
+        {
+            try
+            {
+                return (DERPrintableString)fromByteArray((byte[])obj);
+            }
+            catch (Exception e)
+            {
+                throw new IllegalArgumentException("encoding error in getInstance: " + e.toString());
+            }
+        }
+
+        throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName());
+    }
+
+    /**
+     * Return a Printable String from a tagged object.
+     *
+     * @param obj the tagged object holding the object we want
+     * @param explicit true if the object is meant to be explicitly
+     *              tagged false otherwise.
+     * @exception IllegalArgumentException if the tagged object cannot
+     *               be converted.
+     * @return a DERPrintableString instance, or null.
+     */
+    public static DERPrintableString getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        ASN1Primitive o = obj.getObject();
+
+        if (explicit || o instanceof DERPrintableString)
+        {
+            return getInstance(o);
+        }
+        else
+        {
+            return new DERPrintableString(ASN1OctetString.getInstance(o).getOctets());
+        }
+    }
+
+    /**
+     * Basic constructor - byte encoded string.
+     */
+    DERPrintableString(
+        byte[]   string)
+    {
+        this.string = string;
+    }
+
+    /**
+     * Basic constructor - this does not validate the string
+     */
+    public DERPrintableString(
+        String   string)
+    {
+        this(string, false);
+    }
+
+    /**
+     * Constructor with optional validation.
+     *
+     * @param string the base string to wrap.
+     * @param validate whether or not to check the string.
+     * @throws IllegalArgumentException if validate is true and the string
+     * contains characters that should not be in a PrintableString.
+     */
+    public DERPrintableString(
+        String   string,
+        boolean  validate)
+    {
+        if (validate && !isPrintableString(string))
+        {
+            throw new IllegalArgumentException("string contains illegal characters");
+        }
+
+        this.string = Strings.toByteArray(string);
+    }
+
+    public String getString()
+    {
+        return Strings.fromByteArray(string);
+    }
+
+    public byte[] getOctets()
+    {
+        return Arrays.clone(string);
+    }
+
+    boolean isConstructed()
+    {
+        return false;
+    }
+
+    int encodedLength()
+    {
+        return 1 + StreamUtil.calculateBodyLength(string.length) + string.length;
+    }
+
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        out.writeEncoded(BERTags.PRINTABLE_STRING, string);
+    }
+
+    public int hashCode()
+    {
+        return Arrays.hashCode(string);
+    }
+
+    boolean asn1Equals(
+        ASN1Primitive o)
+    {
+        if (!(o instanceof DERPrintableString))
+        {
+            return false;
+        }
+
+        DERPrintableString  s = (DERPrintableString)o;
+
+        return Arrays.areEqual(string, s.string);
+    }
+
+    public String toString()
+    {
+        return getString();
+    }
+
+    /**
+     * return true if the passed in String can be represented without
+     * loss as a PrintableString, false otherwise.
+     *
+     * @return true if in printable set, false otherwise.
+     */
+    public static boolean isPrintableString(
+        String  str)
+    {
+        for (int i = str.length() - 1; i >= 0; i--)
+        {
+            char    ch = str.charAt(i);
+
+            if (ch > 0x007f)
+            {
+                return false;
+            }
+
+            if ('a' <= ch && ch <= 'z')
+            {
+                continue;
+            }
+
+            if ('A' <= ch && ch <= 'Z')
+            {
+                continue;
+            }
+
+            if ('0' <= ch && ch <= '9')
+            {
+                continue;
+            }
+
+            switch (ch)
+            {
+            case ' ':
+            case '\'':
+            case '(':
+            case ')':
+            case '+':
+            case '-':
+            case '.':
+            case ':':
+            case '=':
+            case '?':
+            case '/':
+            case ',':
+                continue;
+            }
+
+            return false;
+        }
+
+        return true;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERSequence.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERSequence.java
new file mode 100644
index 0000000..7cab8d6
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERSequence.java

@@ -0,0 +1,114 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+import java.util.Enumeration;
+
+/**
+ * Definite length SEQUENCE, encoding tells explicit number of bytes
+ * that the content of this sequence occupies.
+ * <p>
+ * For X.690 syntax rules, see {@link ASN1Sequence}.
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public class DERSequence
+    extends ASN1Sequence
+{
+    private int bodyLength = -1;
+
+    /**
+     * Create an empty sequence
+     */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public DERSequence()
+    {
+    }
+
+    /**
+     * Create a sequence containing one object
+     * @param obj the object to go in the sequence.
+     */
+    public DERSequence(
+        ASN1Encodable obj)
+    {
+        super(obj);
+    }
+
+    /**
+     * Create a sequence containing a vector of objects.
+     * @param v the vector of objects to make up the sequence.
+     */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public DERSequence(
+        ASN1EncodableVector v)
+    {
+        super(v);
+    }
+
+    /**
+     * Create a sequence containing an array of objects.
+     * @param array the array of objects to make up the sequence.
+     */
+    public DERSequence(
+        ASN1Encodable[]   array)
+    {
+        super(array);
+    }
+
+    private int getBodyLength()
+        throws IOException
+    {
+        if (bodyLength < 0)
+        {
+            int length = 0;
+
+            for (Enumeration e = this.getObjects(); e.hasMoreElements();)
+            {
+                Object    obj = e.nextElement();
+
+                length += ((ASN1Encodable)obj).toASN1Primitive().toDERObject().encodedLength();
+            }
+
+            bodyLength = length;
+        }
+
+        return bodyLength;
+    }
+
+    int encodedLength()
+        throws IOException
+    {
+        int length = getBodyLength();
+
+        return 1 + StreamUtil.calculateBodyLength(length) + length;
+    }
+
+    /*
+     * A note on the implementation:
+     * <p>
+     * As DER requires the constructed, definite-length model to
+     * be used for structured types, this varies slightly from the
+     * ASN.1 descriptions given. Rather than just outputting SEQUENCE,
+     * we also have to specify CONSTRUCTED, and the objects length.
+     */
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        ASN1OutputStream        dOut = out.getDERSubStream();
+        int                     length = getBodyLength();
+
+        out.write(BERTags.SEQUENCE | BERTags.CONSTRUCTED);
+        out.writeLength(length);
+
+        for (Enumeration e = this.getObjects(); e.hasMoreElements();)
+        {
+            Object    obj = e.nextElement();
+
+            dOut.writeObject((ASN1Encodable)obj);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERSequenceParser.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERSequenceParser.java
new file mode 100644
index 0000000..8958d7d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERSequenceParser.java

@@ -0,0 +1,60 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+/**
+ * Parser class for DER SEQUENCEs.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DERSequenceParser
+    implements ASN1SequenceParser
+{
+    private ASN1StreamParser _parser;
+
+    DERSequenceParser(ASN1StreamParser parser)
+    {
+        this._parser = parser;
+    }
+
+    /**
+     * Return the next object in the SEQUENCE.
+     *
+     * @return next object in SEQUENCE.
+     * @throws IOException if there is an issue loading the object.
+     */
+    public ASN1Encodable readObject()
+        throws IOException
+    {
+        return _parser.readObject();
+    }
+
+    /**
+     * Return an in memory, encodable, representation of the SEQUENCE.
+     *
+     * @return a DERSequence.
+     * @throws IOException if there is an issue loading the data.
+     */
+    public ASN1Primitive getLoadedObject()
+        throws IOException
+    {
+         return new DERSequence(_parser.readVector());
+    }
+
+    /**
+     * Return a DERSequence representing this parser and its contents.
+     *
+     * @return a DERSequence.
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        try
+        {
+            return getLoadedObject();
+        }
+        catch (IOException e)
+        {
+            throw new IllegalStateException(e.getMessage());
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERSet.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERSet.java
new file mode 100644
index 0000000..60be3a5
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERSet.java

@@ -0,0 +1,121 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+import java.util.Enumeration;
+
+/**
+ * A DER encoded SET object
+ * <p>
+ * For X.690 syntax rules, see {@link ASN1Set}.
+ * </p><p>
+ * For short: Constructing this form does sort the supplied elements,
+ * and the sorting happens also before serialization (if necesssary).
+ * This is different from the way {@link BERSet},{@link DLSet} does things.
+ * </p>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DERSet
+    extends ASN1Set
+{
+    private int bodyLength = -1;
+
+    /**
+     * create an empty set
+     */
+    public DERSet()
+    {
+    }
+
+    /**
+     * create a set containing one object
+     * @param obj the object to go in the set
+     */
+    public DERSet(
+        ASN1Encodable obj)
+    {
+        super(obj);
+    }
+
+    /**
+     * create a set containing a vector of objects.
+     * @param v the vector of objects to make up the set.
+     */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    public DERSet(
+        ASN1EncodableVector v)
+    {
+        super(v, true);
+    }
+    
+    /**
+     * create a set containing an array of objects.
+     * @param a the array of objects to make up the set.
+     */
+    public DERSet(
+        ASN1Encodable[]   a)
+    {
+        super(a, true);
+    }
+
+    DERSet(
+        ASN1EncodableVector v,
+        boolean                  doSort)
+    {
+        super(v, doSort);
+    }
+
+    private int getBodyLength()
+        throws IOException
+    {
+        if (bodyLength < 0)
+        {
+            int length = 0;
+
+            for (Enumeration e = this.getObjects(); e.hasMoreElements();)
+            {
+                Object    obj = e.nextElement();
+
+                length += ((ASN1Encodable)obj).toASN1Primitive().toDERObject().encodedLength();
+            }
+
+            bodyLength = length;
+        }
+
+        return bodyLength;
+    }
+
+    int encodedLength()
+        throws IOException
+    {
+        int length = getBodyLength();
+
+        return 1 + StreamUtil.calculateBodyLength(length) + length;
+    }
+
+    /*
+     * A note on the implementation:
+     * <p>
+     * As DER requires the constructed, definite-length model to
+     * be used for structured types, this varies slightly from the
+     * ASN.1 descriptions given. Rather than just outputting SET,
+     * we also have to specify CONSTRUCTED, and the objects length.
+     */
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        ASN1OutputStream        dOut = out.getDERSubStream();
+        int                     length = getBodyLength();
+
+        out.write(BERTags.SET | BERTags.CONSTRUCTED);
+        out.writeLength(length);
+
+        for (Enumeration e = this.getObjects(); e.hasMoreElements();)
+        {
+            Object    obj = e.nextElement();
+
+            dOut.writeObject((ASN1Encodable)obj);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERSetParser.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERSetParser.java
new file mode 100644
index 0000000..253ef53
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERSetParser.java

@@ -0,0 +1,60 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+/**
+ * Parser class for DER SETs.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DERSetParser
+    implements ASN1SetParser
+{
+    private ASN1StreamParser _parser;
+
+    DERSetParser(ASN1StreamParser parser)
+    {
+        this._parser = parser;
+    }
+
+    /**
+     * Return the next object in the SET.
+     *
+     * @return next object in SET.
+     * @throws IOException if there is an issue loading the object.
+     */
+    public ASN1Encodable readObject()
+        throws IOException
+    {
+        return _parser.readObject();
+    }
+
+    /**
+     * Return an in memory, encodable, representation of the SET.
+     *
+     * @return a DERSet.
+     * @throws IOException if there is an issue loading the data.
+     */
+    public ASN1Primitive getLoadedObject()
+        throws IOException
+    {
+        return new DERSet(_parser.readVector(), false);
+    }
+
+    /**
+     * Return a DERSet representing this parser and its contents.
+     *
+     * @return a DERSet
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        try
+        {
+            return getLoadedObject();
+        }
+        catch (IOException e)
+        {
+            throw new ASN1ParsingException(e.getMessage(), e);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERT61String.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERT61String.java
new file mode 100644
index 0000000..61bc1f1
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERT61String.java

@@ -0,0 +1,153 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * DER T61String (also the teletex string), try not to use this if you don't need to. The standard support the encoding for
+ * this has been withdrawn.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DERT61String
+    extends ASN1Primitive
+    implements ASN1String
+{
+    private byte[] string;
+
+    /**
+     * Return a T61 string from the passed in object.
+     *
+     * @param obj a DERT61String or an object that can be converted into one.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     * @return a DERT61String instance, or null
+     */
+    public static DERT61String getInstance(
+        Object  obj)
+    {
+        if (obj == null || obj instanceof DERT61String)
+        {
+            return (DERT61String)obj;
+        }
+
+        if (obj instanceof byte[])
+        {
+            try
+            {
+                return (DERT61String)fromByteArray((byte[])obj);
+            }
+            catch (Exception e)
+            {
+                throw new IllegalArgumentException("encoding error in getInstance: " + e.toString());
+            }
+        }
+
+        throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName());
+    }
+
+    /**
+     * Return an T61 String from a tagged object.
+     *
+     * @param obj the tagged object holding the object we want
+     * @param explicit true if the object is meant to be explicitly
+     *              tagged false otherwise.
+     * @exception IllegalArgumentException if the tagged object cannot
+     *               be converted.
+     * @return a DERT61String instance, or null
+     */
+    public static DERT61String getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        ASN1Primitive o = obj.getObject();
+
+        if (explicit || o instanceof DERT61String)
+        {
+            return getInstance(o);
+        }
+        else
+        {
+            return new DERT61String(ASN1OctetString.getInstance(o).getOctets());
+        }
+    }
+
+    /**
+     * Basic constructor - string encoded as a sequence of bytes.
+     *
+     * @param string the byte encoding of the string to be wrapped.
+     */
+    public DERT61String(
+        byte[]   string)
+    {
+        this.string = Arrays.clone(string);
+    }
+
+    /**
+     * Basic constructor - with string 8 bit assumed.
+     *
+     * @param string the string to be wrapped.
+     */
+    public DERT61String(
+        String   string)
+    {
+        this.string = Strings.toByteArray(string);
+    }
+
+    /**
+     * Decode the encoded string and return it, 8 bit encoding assumed.
+     * @return the decoded String
+     */
+    public String getString()
+    {
+        return Strings.fromByteArray(string);
+    }
+
+    public String toString()
+    {
+        return getString();
+    }
+
+    boolean isConstructed()
+    {
+        return false;
+    }
+
+    int encodedLength()
+    {
+        return 1 + StreamUtil.calculateBodyLength(string.length) + string.length;
+    }
+
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        out.writeEncoded(BERTags.T61_STRING, string);
+    }
+
+    /**
+     * Return the encoded string as a byte array.
+     * @return the actual bytes making up the encoded body of the T61 string.
+     */
+    public byte[] getOctets()
+    {
+        return Arrays.clone(string);
+    }
+
+    boolean asn1Equals(
+        ASN1Primitive o)
+    {
+        if (!(o instanceof DERT61String))
+        {
+            return false;
+        }
+
+        return Arrays.areEqual(string, ((DERT61String)o).string);
+    }
+    
+    public int hashCode()
+    {
+        return Arrays.hashCode(string);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERTaggedObject.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERTaggedObject.java
new file mode 100644
index 0000000..8f78e31
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERTaggedObject.java

@@ -0,0 +1,122 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+/**
+ * DER TaggedObject - in ASN.1 notation this is any object preceded by
+ * a [n] where n is some number - these are assumed to follow the construction
+ * rules (as with sequences).
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public class DERTaggedObject
+    extends ASN1TaggedObject
+{
+    private static final byte[] ZERO_BYTES = new byte[0];
+
+    /**
+     * @param explicit true if an explicitly tagged object.
+     * @param tagNo the tag number for this object.
+     * @param obj the tagged object.
+     */
+    public DERTaggedObject(
+        boolean       explicit,
+        int           tagNo,
+        ASN1Encodable obj)
+    {
+        super(explicit, tagNo, obj);
+    }
+
+    @libcore.api.CorePlatformApi
+    public DERTaggedObject(int tagNo, ASN1Encodable encodable)
+    {
+        super(true, tagNo, encodable);
+    }
+
+    boolean isConstructed()
+    {
+        if (!empty)
+        {
+            if (explicit)
+            {
+                return true;
+            }
+            else
+            {
+                ASN1Primitive primitive = obj.toASN1Primitive().toDERObject();
+
+                return primitive.isConstructed();
+            }
+        }
+        else
+        {
+            return true;
+        }
+    }
+
+    int encodedLength()
+        throws IOException
+    {
+        if (!empty)
+        {
+            ASN1Primitive primitive = obj.toASN1Primitive().toDERObject();
+            int length = primitive.encodedLength();
+
+            if (explicit)
+            {
+                return StreamUtil.calculateTagLength(tagNo) + StreamUtil.calculateBodyLength(length) + length;
+            }
+            else
+            {
+                // header length already in calculation
+                length = length - 1;
+
+                return StreamUtil.calculateTagLength(tagNo) + length;
+            }
+        }
+        else
+        {
+            return StreamUtil.calculateTagLength(tagNo) + 1;
+        }
+    }
+
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        if (!empty)
+        {
+            ASN1Primitive primitive = obj.toASN1Primitive().toDERObject();
+
+            if (explicit)
+            {
+                out.writeTag(BERTags.CONSTRUCTED | BERTags.TAGGED, tagNo);
+                out.writeLength(primitive.encodedLength());
+                out.writeObject(primitive);
+            }
+            else
+            {
+                //
+                // need to mark constructed types...
+                //
+                int flags;
+                if (primitive.isConstructed())
+                {
+                    flags = BERTags.CONSTRUCTED | BERTags.TAGGED;
+                }
+                else
+                {
+                    flags = BERTags.TAGGED;
+                }
+
+                out.writeTag(flags, tagNo);
+                out.writeImplicitObject(primitive);
+            }
+        }
+        else
+        {
+            out.writeEncoded(BERTags.CONSTRUCTED | BERTags.TAGGED, tagNo, ZERO_BYTES);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERTags.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERTags.java
new file mode 100644
index 0000000..eddc5f1
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERTags.java

@@ -0,0 +1,11 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+/**
+ * @deprecated use BERTags
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface DERTags
+    extends BERTags
+{
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERUTCTime.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERUTCTime.java
new file mode 100644
index 0000000..3f4de4b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERUTCTime.java

@@ -0,0 +1,29 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.util.Date;
+
+/**
+ * DER UTC time object.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DERUTCTime
+    extends ASN1UTCTime
+{
+    DERUTCTime(byte[] bytes)
+    {
+        super(bytes);
+    }
+
+    public DERUTCTime(Date time)
+    {
+        super(time);
+    }
+
+    public DERUTCTime(String time)
+    {
+        super(time);
+    }
+
+    // TODO: create proper DER encoding.
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERUTF8String.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERUTF8String.java
new file mode 100644
index 0000000..d4f15bf
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERUTF8String.java

@@ -0,0 +1,142 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * DER UTF8String object.
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public class DERUTF8String
+    extends ASN1Primitive
+    implements ASN1String
+{
+    private final byte[]  string;
+
+    /**
+     * Return an UTF8 string from the passed in object.
+     *
+     * @param obj a DERUTF8String or an object that can be converted into one.
+     * @exception IllegalArgumentException
+     *                if the object cannot be converted.
+     * @return a DERUTF8String instance, or null
+     */
+    public static DERUTF8String getInstance(Object obj)
+    {
+        if (obj == null || obj instanceof DERUTF8String)
+        {
+            return (DERUTF8String)obj;
+        }
+
+        if (obj instanceof byte[])
+        {
+            try
+            {
+                return (DERUTF8String)fromByteArray((byte[])obj);
+            }
+            catch (Exception e)
+            {
+                throw new IllegalArgumentException("encoding error in getInstance: " + e.toString());
+            }
+        }
+
+        throw new IllegalArgumentException("illegal object in getInstance: "
+                + obj.getClass().getName());
+    }
+
+    /**
+     * Return an UTF8 String from a tagged object.
+     * 
+     * @param obj
+     *            the tagged object holding the object we want
+     * @param explicit
+     *            true if the object is meant to be explicitly tagged false
+     *            otherwise.
+     * @exception IllegalArgumentException
+     *                if the tagged object cannot be converted.
+     * @return a DERUTF8String instance, or null
+     */
+    public static DERUTF8String getInstance(
+        ASN1TaggedObject obj,
+        boolean explicit)
+    {
+        ASN1Primitive o = obj.getObject();
+
+        if (explicit || o instanceof DERUTF8String)
+        {
+            return getInstance(o);
+        }
+        else
+        {
+            return new DERUTF8String(ASN1OctetString.getInstance(o).getOctets());
+        }
+    }
+
+    /*
+     * Basic constructor - byte encoded string.
+     */
+    DERUTF8String(byte[] string)
+    {
+        this.string = string;
+    }
+
+    /**
+     * Basic constructor
+     *
+     * @param string the string to be carried in the UTF8String object,
+     */
+    @libcore.api.CorePlatformApi
+    public DERUTF8String(String string)
+    {
+        this.string = Strings.toUTF8ByteArray(string);
+    }
+
+    @libcore.api.CorePlatformApi
+    public String getString()
+    {
+        return Strings.fromUTF8ByteArray(string);
+    }
+
+    public String toString()
+    {
+        return getString();
+    }
+
+    public int hashCode()
+    {
+        return Arrays.hashCode(string);
+    }
+
+    boolean asn1Equals(ASN1Primitive o)
+    {
+        if (!(o instanceof DERUTF8String))
+        {
+            return false;
+        }
+
+        DERUTF8String s = (DERUTF8String)o;
+
+        return Arrays.areEqual(string, s.string);
+    }
+
+    boolean isConstructed()
+    {
+        return false;
+    }
+
+    int encodedLength()
+        throws IOException
+    {
+        return 1 + StreamUtil.calculateBodyLength(string.length) + string.length;
+    }
+
+    void encode(ASN1OutputStream out)
+        throws IOException
+    {
+        out.writeEncoded(BERTags.UTF8_STRING, string);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERUniversalString.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERUniversalString.java
new file mode 100644
index 0000000..03b27fa
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERUniversalString.java

@@ -0,0 +1,156 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * DER UniversalString object - encodes UNICODE (ISO 10646) characters using 32-bit format. In Java we
+ * have no way of representing this directly so we rely on byte arrays to carry these.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DERUniversalString
+    extends ASN1Primitive
+    implements ASN1String
+{
+    private static final char[]  table = { '0', '1', '2', '3', '4', '5', '6', '7', '8', '9', 'A', 'B', 'C', 'D', 'E', 'F' };
+    private final byte[] string;
+    
+    /**
+     * Return a Universal String from the passed in object.
+     *
+     * @param obj a DERUniversalString or an object that can be converted into one.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     * @return a DERUniversalString instance, or null
+     */
+    public static DERUniversalString getInstance(
+        Object  obj)
+    {
+        if (obj == null || obj instanceof DERUniversalString)
+        {
+            return (DERUniversalString)obj;
+        }
+
+        if (obj instanceof byte[])
+        {
+            try
+            {
+                return (DERUniversalString)fromByteArray((byte[])obj);
+            }
+            catch (Exception e)
+            {
+                throw new IllegalArgumentException("encoding error getInstance: " + e.toString());
+            }
+        }
+
+        throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName());
+    }
+
+    /**
+     * Return a Universal String from a tagged object.
+     *
+     * @param obj the tagged object holding the object we want
+     * @param explicit true if the object is meant to be explicitly
+     *              tagged false otherwise.
+     * @exception IllegalArgumentException if the tagged object cannot
+     *               be converted.
+     * @return a DERUniversalString instance, or null
+     */
+    public static DERUniversalString getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        ASN1Primitive o = obj.getObject();
+
+        if (explicit || o instanceof DERUniversalString)
+        {
+            return getInstance(o);
+        }
+        else
+        {
+            return new DERUniversalString(((ASN1OctetString)o).getOctets());
+        }
+    }
+
+    /**
+     * Basic constructor - byte encoded string.
+     *
+     * @param string the byte encoding of the string to be carried in the UniversalString object,
+     */
+    public DERUniversalString(
+        byte[]   string)
+    {
+        this.string = Arrays.clone(string);
+    }
+
+    public String getString()
+    {
+        StringBuffer    buf = new StringBuffer("#");
+        ByteArrayOutputStream    bOut = new ByteArrayOutputStream();
+        ASN1OutputStream            aOut = new ASN1OutputStream(bOut);
+        
+        try
+        {
+            aOut.writeObject(this);
+        }
+        catch (IOException e)
+        {
+           throw new ASN1ParsingException("internal error encoding UniversalString");
+        }
+        
+        byte[]    string = bOut.toByteArray();
+        
+        for (int i = 0; i != string.length; i++)
+        {
+            buf.append(table[(string[i] >>> 4) & 0xf]);
+            buf.append(table[string[i] & 0xf]);
+        }
+        
+        return buf.toString();
+    }
+
+    public String toString()
+    {
+        return getString();
+    }
+
+    public byte[] getOctets()
+    {
+        return Arrays.clone(string);
+    }
+
+    boolean isConstructed()
+    {
+        return false;
+    }
+
+    int encodedLength()
+    {
+        return 1 + StreamUtil.calculateBodyLength(string.length) + string.length;
+    }
+
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        out.writeEncoded(BERTags.UNIVERSAL_STRING, this.getOctets());
+    }
+    
+    boolean asn1Equals(
+        ASN1Primitive o)
+    {
+        if (!(o instanceof DERUniversalString))
+        {
+            return false;
+        }
+
+        return Arrays.areEqual(string, ((DERUniversalString)o).string);
+    }
+    
+    public int hashCode()
+    {
+        return Arrays.hashCode(string);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERVideotexString.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERVideotexString.java
new file mode 100644
index 0000000..a53230c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERVideotexString.java

@@ -0,0 +1,128 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DERVideotexString
+    extends ASN1Primitive
+    implements ASN1String
+{
+    private final byte[] string;
+    
+    /**
+     * return a Videotex String from the passed in object
+     *
+     * @param obj a DERVideotexString or an object that can be converted into one.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     * @return a DERVideotexString instance, or null.
+     */
+    public static DERVideotexString getInstance(
+        Object  obj)
+    {
+        if (obj == null || obj instanceof DERVideotexString)
+        {
+            return (DERVideotexString)obj;
+        }
+
+        if (obj instanceof byte[])
+        {
+            try
+            {
+                return (DERVideotexString)fromByteArray((byte[])obj);
+            }
+            catch (Exception e)
+            {
+                throw new IllegalArgumentException("encoding error in getInstance: " + e.toString());
+            }
+        }
+
+        throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName());
+    }
+
+    /**
+     * return a Videotex String from a tagged object.
+     *
+     * @param obj the tagged object holding the object we want
+     * @param explicit true if the object is meant to be explicitly
+     *              tagged false otherwise.
+     * @exception IllegalArgumentException if the tagged object cannot
+     *               be converted.
+     * @return a DERVideotexString instance, or null.
+     */
+    public static DERVideotexString getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        ASN1Primitive o = obj.getObject();
+
+        if (explicit || o instanceof DERVideotexString)
+        {
+            return getInstance(o);
+        }
+        else
+        {
+            return new DERVideotexString(((ASN1OctetString)o).getOctets());
+        }
+    }
+
+    /**
+     * basic constructor - with bytes.
+     * @param string the byte encoding of the characters making up the string.
+     */
+    public DERVideotexString(
+        byte[]   string)
+    {
+        this.string = Arrays.clone(string);
+    }
+    
+    public byte[] getOctets()
+    {
+        return Arrays.clone(string);
+    }
+
+    boolean isConstructed()
+    {
+        return false;
+    }
+
+    int encodedLength()
+    {
+        return 1 + StreamUtil.calculateBodyLength(string.length) + string.length;
+    }
+
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        out.writeEncoded(BERTags.VIDEOTEX_STRING, string);
+    }
+
+    public int hashCode()
+    {
+        return Arrays.hashCode(string);
+    }
+
+    boolean asn1Equals(
+        ASN1Primitive o)
+    {
+        if (!(o instanceof DERVideotexString))
+        {
+            return false;
+        }
+
+        DERVideotexString  s = (DERVideotexString)o;
+
+        return Arrays.areEqual(string, s.string);
+    }
+
+    public String getString()
+    {
+        return Strings.fromByteArray(string);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERVisibleString.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERVisibleString.java
new file mode 100644
index 0000000..a7f4199
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DERVisibleString.java

@@ -0,0 +1,145 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * DER VisibleString object encoding ISO 646 (ASCII) character code points 32 to 126.
+ * <p>
+ * Explicit character set escape sequences are not allowed.
+ * </p>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DERVisibleString
+    extends ASN1Primitive
+    implements ASN1String
+{
+    private final byte[]  string;
+
+    /**
+     * Return a Visible String from the passed in object.
+     *
+     * @param obj a DERVisibleString or an object that can be converted into one.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     * @return a DERVisibleString instance, or null
+     */
+    public static DERVisibleString getInstance(
+        Object  obj)
+    {
+        if (obj == null || obj instanceof DERVisibleString)
+        {
+            return (DERVisibleString)obj;
+        }
+
+        if (obj instanceof byte[])
+        {
+            try
+            {
+                return (DERVisibleString)fromByteArray((byte[])obj);
+            }
+            catch (Exception e)
+            {
+                throw new IllegalArgumentException("encoding error in getInstance: " + e.toString());
+            }
+        }
+
+        throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName());
+    }
+
+    /**
+     * Return a Visible String from a tagged object.
+     *
+     * @param obj the tagged object holding the object we want
+     * @param explicit true if the object is meant to be explicitly
+     *              tagged false otherwise.
+     * @exception IllegalArgumentException if the tagged object cannot
+     *               be converted.
+     * @return a DERVisibleString instance, or null
+     */
+    public static DERVisibleString getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        ASN1Primitive o = obj.getObject();
+
+        if (explicit || o instanceof DERVisibleString)
+        {
+            return getInstance(o);
+        }
+        else
+        {
+            return new DERVisibleString(ASN1OctetString.getInstance(o).getOctets());
+        }
+    }
+
+    /*
+     * Basic constructor - byte encoded string.
+     */
+    DERVisibleString(
+        byte[]   string)
+    {
+        this.string = string;
+    }
+
+    /**
+     * Basic constructor
+     *
+     * @param string the string to be carried in the VisibleString object,
+     */
+    public DERVisibleString(
+        String   string)
+    {
+        this.string = Strings.toByteArray(string);
+    }
+
+    public String getString()
+    {
+        return Strings.fromByteArray(string);
+    }
+
+    public String toString()
+    {
+        return getString();
+    }
+
+    public byte[] getOctets()
+    {
+        return Arrays.clone(string);
+    }
+
+    boolean isConstructed()
+    {
+        return false;
+    }
+
+    int encodedLength()
+    {
+        return 1 + StreamUtil.calculateBodyLength(string.length) + string.length;
+    }
+
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        out.writeEncoded(BERTags.VISIBLE_STRING, this.string);
+    }
+    
+    boolean asn1Equals(
+        ASN1Primitive o)
+    {
+        if (!(o instanceof DERVisibleString))
+        {
+            return false;
+        }
+
+        return Arrays.areEqual(string, ((DERVisibleString)o).string);
+    }
+    
+    public int hashCode()
+    {
+        return Arrays.hashCode(string);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DLApplicationSpecific.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DLApplicationSpecific.java
new file mode 100644
index 0000000..1af00e3
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DLApplicationSpecific.java

@@ -0,0 +1,126 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+
+/**
+ * A DER encoding version of an application specific object.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DLApplicationSpecific
+    extends ASN1ApplicationSpecific
+{
+    DLApplicationSpecific(
+        boolean isConstructed,
+        int     tag,
+        byte[]  octets)
+    {
+        super(isConstructed, tag, octets);
+    }
+
+    /**
+     * Create an application specific object from the passed in data. This will assume
+     * the data does not represent a constructed object.
+     *
+     * @param tag the tag number for this object.
+     * @param octets the encoding of the object's body.
+     */
+    public DLApplicationSpecific(
+        int    tag,
+        byte[] octets)
+    {
+        this(false, tag, octets);
+    }
+
+    /**
+     * Create an application specific object with a tagging of explicit/constructed.
+     *
+     * @param tag the tag number for this object.
+     * @param object the object to be contained.
+     */
+    public DLApplicationSpecific(
+        int           tag,
+        ASN1Encodable object)
+        throws IOException
+    {
+        this(true, tag, object);
+    }
+
+    /**
+     * Create an application specific object with the tagging style given by the value of constructed.
+     *
+     * @param constructed true if the object is constructed.
+     * @param tag the tag number for this object.
+     * @param object the object to be contained.
+     */
+    public DLApplicationSpecific(
+        boolean      constructed,
+        int          tag,
+        ASN1Encodable object)
+        throws IOException
+    {
+        super(constructed || object.toASN1Primitive().isConstructed(), tag, getEncoding(constructed, object));
+    }
+
+    private static byte[] getEncoding(boolean explicit, ASN1Encodable object)
+        throws IOException
+    {
+        byte[] data = object.toASN1Primitive().getEncoded(ASN1Encoding.DL);
+
+        if (explicit)
+        {
+            return data;
+        }
+        else
+        {
+            int lenBytes = getLengthOfHeader(data);
+            byte[] tmp = new byte[data.length - lenBytes];
+            System.arraycopy(data, lenBytes, tmp, 0, tmp.length);
+            return tmp;
+        }
+    }
+
+    /**
+     * Create an application specific object which is marked as constructed
+     *
+     * @param tagNo the tag number for this object.
+     * @param vec the objects making up the application specific object.
+     */
+    public DLApplicationSpecific(int tagNo, ASN1EncodableVector vec)
+    {
+        super(true, tagNo, getEncodedVector(vec));
+    }
+
+    private static byte[] getEncodedVector(ASN1EncodableVector vec)
+    {
+        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
+
+        for (int i = 0; i != vec.size(); i++)
+        {
+            try
+            {
+                bOut.write(((ASN1Object)vec.get(i)).getEncoded(ASN1Encoding.DL));
+            }
+            catch (IOException e)
+            {
+                throw new ASN1ParsingException("malformed object: " + e, e);
+            }
+        }
+        return bOut.toByteArray();
+    }
+
+    /* (non-Javadoc)
+     * @see org.bouncycastle.asn1.ASN1Primitive#encode(org.bouncycastle.asn1.DEROutputStream)
+     */
+    void encode(ASN1OutputStream out) throws IOException
+    {
+        int classBits = BERTags.APPLICATION;
+        if (isConstructed)
+        {
+            classBits |= BERTags.CONSTRUCTED;
+        }
+
+        out.writeEncoded(classBits, tag, octets);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DLBitString.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DLBitString.java
new file mode 100644
index 0000000..3d911ac
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DLBitString.java

@@ -0,0 +1,158 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+/**
+ * A Definite length BIT STRING
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DLBitString
+    extends ASN1BitString
+{
+    /**
+     * return a Bit String that can be definite-length encoded from the passed in object.
+     *
+     * @param obj a DL or DER BitString or an object that can be converted into one.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     * @return an ASN1BitString instance, or null.
+     */
+    public static ASN1BitString getInstance(
+        Object  obj)
+    {
+        if (obj == null || obj instanceof DLBitString)
+        {
+            return (DLBitString)obj;
+        }
+        if (obj instanceof DERBitString)
+        {
+            return (DERBitString)obj;
+        }
+        if (obj instanceof byte[])
+        {
+            try
+            {
+                return (ASN1BitString)fromByteArray((byte[])obj);
+            }
+            catch (Exception e)
+            {
+                throw new IllegalArgumentException("encoding error in getInstance: " + e.toString());
+            }
+        }
+
+        throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName());
+    }
+
+    /**
+     * return a Bit String from a tagged object.
+     *
+     * @param obj the tagged object holding the object we want
+     * @param explicit true if the object is meant to be explicitly
+     *              tagged false otherwise.
+     * @exception IllegalArgumentException if the tagged object cannot
+     *               be converted.
+     * @return an ASN1BitString instance, or null.
+     */
+    public static ASN1BitString getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        ASN1Primitive o = obj.getObject();
+
+        if (explicit || o instanceof DLBitString)
+        {
+            return getInstance(o);
+        }
+        else
+        {
+            return fromOctetString(((ASN1OctetString)o).getOctets());
+        }
+    }
+
+    protected DLBitString(
+        byte    data,
+        int     padBits)
+    {
+        this(toByteArray(data), padBits);
+    }
+
+    private static byte[] toByteArray(byte data)
+    {
+        byte[] rv = new byte[1];
+
+        rv[0] = data;
+
+        return rv;
+    }
+
+    /**
+     * @param data the octets making up the bit string.
+     * @param padBits the number of extra bits at the end of the string.
+     */
+    public DLBitString(
+        byte[]  data,
+        int     padBits)
+    {
+        super(data, padBits);
+    }
+
+    public DLBitString(
+        byte[]  data)
+    {
+        this(data, 0);
+    }
+
+    public DLBitString(
+        int value)
+    {
+        super(getBytes(value), getPadBits(value));
+    }
+
+    public DLBitString(
+        ASN1Encodable obj)
+        throws IOException
+    {
+        super(obj.toASN1Primitive().getEncoded(ASN1Encoding.DER), 0);
+    }
+
+    boolean isConstructed()
+    {
+        return false;
+    }
+
+    int encodedLength()
+    {
+        return 1 + StreamUtil.calculateBodyLength(data.length + 1) + data.length + 1;
+    }
+
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        byte[] string = data;
+        byte[] bytes = new byte[string.length + 1];
+
+        bytes[0] = (byte)getPadBits();
+        System.arraycopy(string, 0, bytes, 1, bytes.length - 1);
+
+        out.writeEncoded(BERTags.BIT_STRING, bytes);
+    }
+
+    static DLBitString fromOctetString(byte[] bytes)
+    {
+        if (bytes.length < 1)
+        {
+            throw new IllegalArgumentException("truncated BIT STRING detected");
+        }
+
+        int padBits = bytes[0];
+        byte[] data = new byte[bytes.length - 1];
+
+        if (data.length != 0)
+        {
+            System.arraycopy(bytes, 1, data, 0, bytes.length - 1);
+        }
+
+        return new DLBitString(data, padBits);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DLExternal.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DLExternal.java
new file mode 100644
index 0000000..76ae064
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DLExternal.java

@@ -0,0 +1,87 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+
+/**
+ * Class representing the Definite-Length-type External
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DLExternal
+    extends ASN1External
+{
+    /**
+     * Construct a Definite-Length EXTERNAL object, the input encoding vector must have exactly two elements on it.
+     * <p>
+     * Acceptable input formats are:
+     * <ul>
+     * <li> {@link ASN1ObjectIdentifier} + data {@link DERTaggedObject} (direct reference form)</li>
+     * <li> {@link ASN1Integer} + data {@link DERTaggedObject} (indirect reference form)</li>
+     * <li> Anything but {@link DERTaggedObject} + data {@link DERTaggedObject} (data value form)</li>
+     * </ul>
+     *
+     * @throws IllegalArgumentException if input size is wrong, or
+     */
+    public DLExternal(ASN1EncodableVector vector)
+    {
+        super(vector);
+    }
+
+    /**
+     * Creates a new instance of DERExternal
+     * See X.690 for more informations about the meaning of these parameters
+     * @param directReference The direct reference or <code>null</code> if not set.
+     * @param indirectReference The indirect reference or <code>null</code> if not set.
+     * @param dataValueDescriptor The data value descriptor or <code>null</code> if not set.
+     * @param externalData The external data in its encoded form.
+     */
+    public DLExternal(ASN1ObjectIdentifier directReference, ASN1Integer indirectReference, ASN1Primitive dataValueDescriptor, DERTaggedObject externalData)
+    {
+        this(directReference, indirectReference, dataValueDescriptor, externalData.getTagNo(), externalData.toASN1Primitive());
+    }
+
+    /**
+     * Creates a new instance of Definite-Length External.
+     * See X.690 for more informations about the meaning of these parameters
+     * @param directReference The direct reference or <code>null</code> if not set.
+     * @param indirectReference The indirect reference or <code>null</code> if not set.
+     * @param dataValueDescriptor The data value descriptor or <code>null</code> if not set.
+     * @param encoding The encoding to be used for the external data
+     * @param externalData The external data
+     */
+    public DLExternal(ASN1ObjectIdentifier directReference, ASN1Integer indirectReference, ASN1Primitive dataValueDescriptor, int encoding, ASN1Primitive externalData)
+    {
+        super(directReference, indirectReference, dataValueDescriptor, encoding, externalData);
+    }
+
+    int encodedLength()
+        throws IOException
+    {
+        return this.getEncoded().length;
+    }
+
+    /* (non-Javadoc)
+     * @see org.bouncycastle.asn1.ASN1Primitive#encode(org.bouncycastle.asn1.DEROutputStream)
+     */
+    void encode(ASN1OutputStream out)
+        throws IOException
+    {
+        ByteArrayOutputStream baos = new ByteArrayOutputStream();
+        if (directReference != null)
+        {
+            baos.write(directReference.getEncoded(ASN1Encoding.DL));
+        }
+        if (indirectReference != null)
+        {
+            baos.write(indirectReference.getEncoded(ASN1Encoding.DL));
+        }
+        if (dataValueDescriptor != null)
+        {
+            baos.write(dataValueDescriptor.getEncoded(ASN1Encoding.DL));
+        }
+        DERTaggedObject obj = new DERTaggedObject(true, encoding, externalContent);
+        baos.write(obj.getEncoded(ASN1Encoding.DL));
+        out.writeEncoded(BERTags.CONSTRUCTED, BERTags.EXTERNAL, baos.toByteArray());
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DLOutputStream.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DLOutputStream.java
new file mode 100644
index 0000000..ff3614e
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DLOutputStream.java

@@ -0,0 +1,33 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+import java.io.OutputStream;
+
+/**
+ * Stream that outputs encoding based on definite length.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DLOutputStream
+    extends ASN1OutputStream
+{
+    public DLOutputStream(
+        OutputStream os)
+    {
+        super(os);
+    }
+
+    public void writeObject(
+        ASN1Encodable obj)
+        throws IOException
+    {
+        if (obj != null)
+        {
+            obj.toASN1Primitive().toDLObject().encode(this);
+        }
+        else
+        {
+            throw new IOException("null object detected");
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DLSequence.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DLSequence.java
new file mode 100644
index 0000000..d826994
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DLSequence.java

@@ -0,0 +1,106 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+import java.util.Enumeration;
+
+/**
+ * The DLSequence encodes a SEQUENCE using definite length form.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DLSequence
+    extends ASN1Sequence
+{
+    private int bodyLength = -1;
+
+    /**
+     * Create an empty sequence
+     */
+    public DLSequence()
+    {
+    }
+
+    /**
+     * create a sequence containing one object
+     * @param obj the object to go in the sequence.
+     */
+    public DLSequence(
+        ASN1Encodable obj)
+    {
+        super(obj);
+    }
+
+    /**
+     * create a sequence containing a vector of objects.
+     * @param v the vector of objects to make up the sequence.
+     */
+    public DLSequence(
+        ASN1EncodableVector v)
+    {
+        super(v);
+    }
+
+    /**
+     * create a sequence containing an array of objects.
+     * @param array the array of objects to make up the sequence.
+     */
+    public DLSequence(
+        ASN1Encodable[] array)
+    {
+        super(array);
+    }
+
+    private int getBodyLength()
+        throws IOException
+    {
+        if (bodyLength < 0)
+        {
+            int length = 0;
+
+            for (Enumeration e = this.getObjects(); e.hasMoreElements();)
+            {
+                Object obj = e.nextElement();
+
+                length += ((ASN1Encodable)obj).toASN1Primitive().toDLObject().encodedLength();
+            }
+
+            bodyLength = length;
+        }
+
+        return bodyLength;
+    }
+
+    int encodedLength()
+        throws IOException
+    {
+        int length = getBodyLength();
+
+        return 1 + StreamUtil.calculateBodyLength(length) + length;
+    }
+
+    /**
+     * A note on the implementation:
+     * <p>
+     * As DL requires the constructed, definite-length model to
+     * be used for structured types, this varies slightly from the
+     * ASN.1 descriptions given. Rather than just outputting SEQUENCE,
+     * we also have to specify CONSTRUCTED, and the objects length.
+     */
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        ASN1OutputStream dOut = out.getDLSubStream();
+        int length = getBodyLength();
+
+        out.write(BERTags.SEQUENCE | BERTags.CONSTRUCTED);
+        out.writeLength(length);
+
+        for (Enumeration e = this.getObjects(); e.hasMoreElements();)
+        {
+            Object obj = e.nextElement();
+
+            dOut.writeObject((ASN1Encodable)obj);
+        }
+    }
+}
\ No newline at end of file

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DLSet.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DLSet.java
new file mode 100644
index 0000000..3a01b8f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DLSet.java

@@ -0,0 +1,148 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+import java.util.Enumeration;
+
+/**
+ * The DLSet encodes ASN.1 SET value without element ordering,
+ * and always using definite length form.
+ * <hr>
+ * <h2>X.690</h2>
+ * <h3>8: Basic encoding rules</h3>
+ * <h4>8.11 Encoding of a set value </h4>
+ * <b>8.11.1</b> The encoding of a set value shall be constructed
+ * <p>
+ * <b>8.11.2</b> The contents octets shall consist of the complete
+ * encoding of a data value from each of the types listed in the
+ * ASN.1 definition of the set type, in an order chosen by the sender,
+ * unless the type was referenced with the keyword
+ * <b>OPTIONAL</b> or the keyword <b>DEFAULT</b>.
+ * <p>
+ * <b>8.11.3</b> The encoding of a data value may, but need not,
+ * be present for a type which was referenced with the keyword
+ * <b>OPTIONAL</b> or the keyword <b>DEFAULT</b>.
+ * <blockquote>
+ * NOTE &mdash; The order of data values in a set value is not significant,
+ * and places no constraints on the order during transfer
+ * </blockquote>
+ * <h3>9: Canonical encoding rules</h3>
+ * <h4>9.3 Set components</h4>
+ * The encodings of the component values of a set value shall
+ * appear in an order determined by their tags as specified
+ * in 8.6 of ITU-T Rec. X.680 | ISO/IEC 8824-1.
+ * Additionally, for the purposes of determining the order in which
+ * components are encoded when one or more component is an untagged
+ * choice type, each untagged choice type is ordered as though it
+ * has a tag equal to that of the smallest tag in that choice type
+ * or any untagged choice types nested within.
+ * <h3>10: Distinguished encoding rules</h3>
+ * <h4>10.3 Set components</h4>
+ * The encodings of the component values of a set value shall appear
+ * in an order determined by their tags as specified
+ * in 8.6 of ITU-T Rec. X.680 | ISO/IEC 8824-1.
+ * <blockquote>
+ * NOTE &mdash; Where a component of the set is an untagged choice type,
+ * the location of that component in the ordering will depend on
+ * the tag of the choice component being encoded.
+ * </blockquote>
+ * <h3>11: Restrictions on BER employed by both CER and DER</h3>
+ * <h4>11.5 Set and sequence components with default value </h4>
+ * The encoding of a set value or sequence value shall not include
+ * an encoding for any component value which is equal to
+ * its default value.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DLSet
+    extends ASN1Set
+{
+    private int bodyLength = -1;
+
+    /**
+     * create an empty set
+     */
+    public DLSet()
+    {
+    }
+
+    /**
+     * @param obj - a single object that makes up the set.
+     */
+    public DLSet(
+        ASN1Encodable obj)
+    {
+        super(obj);
+    }
+
+    /**
+     * @param v - a vector of objects making up the set.
+     */
+    public DLSet(
+        ASN1EncodableVector v)
+    {
+        super(v, false);
+    }
+
+    /**
+     * create a set from an array of objects.
+     */
+    public DLSet(
+        ASN1Encodable[] a)
+    {
+        super(a, false);
+    }
+
+    private int getBodyLength()
+        throws IOException
+    {
+        if (bodyLength < 0)
+        {
+            int length = 0;
+
+            for (Enumeration e = this.getObjects(); e.hasMoreElements();)
+            {
+                Object obj = e.nextElement();
+
+                length += ((ASN1Encodable)obj).toASN1Primitive().toDLObject().encodedLength();
+            }
+
+            bodyLength = length;
+        }
+
+        return bodyLength;
+    }
+
+    int encodedLength()
+        throws IOException
+    {
+        int length = getBodyLength();
+
+        return 1 + StreamUtil.calculateBodyLength(length) + length;
+    }
+
+    /**
+     * A note on the implementation:
+     * <p>
+     * As DL requires the constructed, definite-length model to
+     * be used for structured types, this varies slightly from the
+     * ASN.1 descriptions given. Rather than just outputting SET,
+     * we also have to specify CONSTRUCTED, and the objects length.
+     */
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        ASN1OutputStream dOut = out.getDLSubStream();
+        int length = getBodyLength();
+
+        out.write(BERTags.SET | BERTags.CONSTRUCTED);
+        out.writeLength(length);
+
+        for (Enumeration e = this.getObjects(); e.hasMoreElements();)
+        {
+            Object obj = e.nextElement();
+
+            dOut.writeObject((ASN1Encodable)obj);
+        }
+    }
+}
\ No newline at end of file

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DLTaggedObject.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DLTaggedObject.java
new file mode 100644
index 0000000..d9e1ed1
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DLTaggedObject.java

@@ -0,0 +1,114 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+/**
+ * Definite Length TaggedObject - in ASN.1 notation this is any object preceded by
+ * a [n] where n is some number - these are assumed to follow the construction
+ * rules (as with sequences).
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DLTaggedObject
+    extends ASN1TaggedObject
+{
+    private static final byte[] ZERO_BYTES = new byte[0];
+
+    /**
+     * @param explicit true if an explicitly tagged object.
+     * @param tagNo the tag number for this object.
+     * @param obj the tagged object.
+     */
+    public DLTaggedObject(
+        boolean explicit,
+        int tagNo,
+        ASN1Encodable obj)
+    {
+        super(explicit, tagNo, obj);
+    }
+
+    boolean isConstructed()
+    {
+        if (!empty)
+        {
+            if (explicit)
+            {
+                return true;
+            }
+            else
+            {
+                ASN1Primitive primitive = obj.toASN1Primitive().toDLObject();
+
+                return primitive.isConstructed();
+            }
+        }
+        else
+        {
+            return true;
+        }
+    }
+
+    int encodedLength()
+        throws IOException
+    {
+        if (!empty)
+        {
+            int length = obj.toASN1Primitive().toDLObject().encodedLength();
+
+            if (explicit)
+            {
+                return  StreamUtil.calculateTagLength(tagNo) + StreamUtil.calculateBodyLength(length) + length;
+            }
+            else
+            {
+                // header length already in calculation
+                length = length - 1;
+
+                return StreamUtil.calculateTagLength(tagNo) + length;
+            }
+        }
+        else
+        {
+            return StreamUtil.calculateTagLength(tagNo) + 1;
+        }
+    }
+
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        if (!empty)
+        {
+            ASN1Primitive primitive = obj.toASN1Primitive().toDLObject();
+
+            if (explicit)
+            {
+                out.writeTag(BERTags.CONSTRUCTED | BERTags.TAGGED, tagNo);
+                out.writeLength(primitive.encodedLength());
+                out.writeObject(primitive);
+            }
+            else
+            {
+                //
+                // need to mark constructed types...
+                //
+                int flags;
+                if (primitive.isConstructed())
+                {
+                    flags = BERTags.CONSTRUCTED | BERTags.TAGGED;
+                }
+                else
+                {
+                    flags = BERTags.TAGGED;
+                }
+
+                out.writeTag(flags, tagNo);
+                out.writeImplicitObject(primitive);
+            }
+        }
+        else
+        {
+            out.writeEncoded(BERTags.CONSTRUCTED | BERTags.TAGGED, tagNo, ZERO_BYTES);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DateUtil.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DateUtil.java
new file mode 100644
index 0000000..0c322a1
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DateUtil.java

@@ -0,0 +1,81 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.Locale;
+import java.util.Map;
+
+class DateUtil
+{
+    private static Long ZERO = longValueOf(0);
+
+    private static final Map localeCache = new HashMap();
+
+    static Locale EN_Locale = forEN();
+
+    private static Locale forEN()
+    {
+        if ("en".equalsIgnoreCase(Locale.getDefault().getLanguage()))
+        {
+            return Locale.getDefault();
+        }
+        
+        Locale[] locales = Locale.getAvailableLocales();
+        for (int i = 0; i != locales.length; i++)
+        {
+            if ("en".equalsIgnoreCase(locales[i].getLanguage()))
+            {
+                return locales[i];
+            }
+        }
+
+        return Locale.getDefault();
+    }
+
+    static Date epochAdjust(Date date)
+        throws ParseException
+    {
+        Locale locale = Locale.getDefault();
+        if (locale == null)
+        {
+            return date;
+        }
+
+        synchronized (localeCache)
+        {
+            Long adj = (Long)localeCache.get(locale);
+
+            if (adj == null)
+            {
+                SimpleDateFormat dateF = new SimpleDateFormat("yyyyMMddHHmmssz");
+                long v = dateF.parse("19700101000000GMT+00:00").getTime();
+
+                if (v == 0)
+                {
+                    adj = ZERO;
+                }
+                else
+                {
+                    adj = longValueOf(v);
+                }
+
+                localeCache.put(locale, adj);
+            }
+
+            if (adj != ZERO)
+            {
+                return new Date(date.getTime() - adj.longValue());
+            }
+
+            return date;
+        }
+    }
+
+    private static Long longValueOf(long v)
+    {
+        return Long.valueOf(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DefiniteLengthInputStream.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DefiniteLengthInputStream.java
new file mode 100644
index 0000000..af9ca63
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/DefiniteLengthInputStream.java

@@ -0,0 +1,109 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.EOFException;
+import java.io.IOException;
+import java.io.InputStream;
+
+import com.android.org.bouncycastle.util.io.Streams;
+
+/**
+ * Parse data stream of expected ASN.1 data expecting definite-length encoding..
+ */
+class DefiniteLengthInputStream
+        extends LimitedInputStream
+{
+    private static final byte[] EMPTY_BYTES = new byte[0];
+
+    private final int _originalLength;
+    private int _remaining;
+
+    DefiniteLengthInputStream(
+        InputStream in,
+        int         length)
+    {
+        super(in, length);
+
+        if (length < 0)
+        {
+            throw new IllegalArgumentException("negative lengths not allowed");
+        }
+
+        this._originalLength = length;
+        this._remaining = length;
+
+        if (length == 0)
+        {
+            setParentEofDetect(true);
+        }
+    }
+
+    int getRemaining()
+    {
+        return _remaining;
+    }
+
+    public int read()
+        throws IOException
+    {
+        if (_remaining == 0)
+        {
+            return -1;
+        }
+
+        int b = _in.read();
+
+        if (b < 0)
+        {
+            throw new EOFException("DEF length " + _originalLength + " object truncated by " + _remaining);
+        }
+
+        if (--_remaining == 0)
+        {
+            setParentEofDetect(true);
+        }
+
+        return b;
+    }
+
+    public int read(byte[] buf, int off, int len)
+        throws IOException
+    {
+        if (_remaining == 0)
+        {
+            return -1;
+        }
+
+        int toRead = Math.min(len, _remaining);
+        int numRead = _in.read(buf, off, toRead);
+
+        if (numRead < 0)
+        {
+            throw new EOFException("DEF length " + _originalLength + " object truncated by " + _remaining);
+        }
+
+        if ((_remaining -= numRead) == 0)
+        {
+            setParentEofDetect(true);
+        }
+
+        return numRead;
+    }
+
+    byte[] toByteArray()
+        throws IOException
+    {
+        if (_remaining == 0)
+        {
+            return EMPTY_BYTES;
+        }
+
+        byte[] bytes = new byte[_remaining];
+        if ((_remaining -= Streams.readFully(_in, bytes)) != 0)
+        {
+            throw new EOFException("DEF length " + _originalLength + " object truncated by " + _remaining);
+        }
+        setParentEofDetect(true);
+        return bytes;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/InMemoryRepresentable.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/InMemoryRepresentable.java
new file mode 100644
index 0000000..9c76383
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/InMemoryRepresentable.java

@@ -0,0 +1,19 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+
+/**
+ * Interface implemented by objects that can be converted from streaming to in-memory objects.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface InMemoryRepresentable
+{
+    /**
+     * Get the in-memory representation of the ASN.1 object.
+     * @return an ASN1Primitive representing the loaded object.
+     * @throws IOException for bad input data.
+     */
+    ASN1Primitive getLoadedObject()
+        throws IOException;
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/IndefiniteLengthInputStream.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/IndefiniteLengthInputStream.java
new file mode 100644
index 0000000..371ef46
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/IndefiniteLengthInputStream.java

@@ -0,0 +1,112 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.EOFException;
+import java.io.IOException;
+import java.io.InputStream;
+
+class IndefiniteLengthInputStream
+    extends LimitedInputStream
+{
+    private int _b1;
+    private int _b2;
+    private boolean _eofReached = false;
+    private boolean _eofOn00 = true;
+
+    IndefiniteLengthInputStream(
+        InputStream in,
+        int         limit)
+        throws IOException
+    {
+        super(in, limit);
+
+        _b1 = in.read();
+        _b2 = in.read();
+
+        if (_b2 < 0)
+        {
+            // Corrupted stream
+            throw new EOFException();
+        }
+
+        checkForEof();
+    }
+
+    void setEofOn00(
+        boolean eofOn00)
+    {
+        _eofOn00 = eofOn00;
+        checkForEof();
+    }
+
+    private boolean checkForEof()
+    {
+        if (!_eofReached && _eofOn00 && (_b1 == 0x00 && _b2 == 0x00))
+        {
+            _eofReached = true;
+            setParentEofDetect(true);
+        }
+        return _eofReached;
+    }
+
+    public int read(byte[] b, int off, int len)
+        throws IOException
+    {
+        // Only use this optimisation if we aren't checking for 00
+        if (_eofOn00 || len < 3)
+        {
+            return super.read(b, off, len);
+        }
+
+        if (_eofReached)
+        {
+            return -1;
+        }
+
+        int numRead = _in.read(b, off + 2, len - 2);
+
+        if (numRead < 0)
+        {
+            // Corrupted stream
+            throw new EOFException();
+        }
+
+        b[off] = (byte)_b1;
+        b[off + 1] = (byte)_b2;
+
+        _b1 = _in.read();
+        _b2 = _in.read();
+
+        if (_b2 < 0)
+        {
+            // Corrupted stream
+            throw new EOFException();
+        }
+
+        return numRead + 2;
+    }
+
+    public int read()
+        throws IOException
+    {
+        if (checkForEof())
+        {
+            return -1;
+        }
+
+        int b = _in.read();
+
+        if (b < 0)
+        {
+            // Corrupted stream
+            throw new EOFException();
+        }
+
+        int v = _b1;
+
+        _b1 = _b2;
+        _b2 = b;
+
+        return v;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/LazyConstructionEnumeration.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/LazyConstructionEnumeration.java
new file mode 100644
index 0000000..bd258c2
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/LazyConstructionEnumeration.java

@@ -0,0 +1,44 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+import java.util.Enumeration;
+
+class LazyConstructionEnumeration
+    implements Enumeration
+{
+    private ASN1InputStream aIn;
+    private Object          nextObj;
+
+    public LazyConstructionEnumeration(byte[] encoded)
+    {
+        aIn = new ASN1InputStream(encoded, true);
+        nextObj = readObject();
+    }
+
+    public boolean hasMoreElements()
+    {
+        return nextObj != null;
+    }
+
+    public Object nextElement()
+    {
+        Object o = nextObj;
+
+        nextObj = readObject();
+
+        return o;
+    }
+
+    private Object readObject()
+    {
+        try
+        {
+            return aIn.readObject();
+        }
+        catch (IOException e)
+        {
+            throw new ASN1ParsingException("malformed DER construction: " + e, e);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/LazyEncodedSequence.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/LazyEncodedSequence.java
new file mode 100644
index 0000000..6e9d42c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/LazyEncodedSequence.java

@@ -0,0 +1,110 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.IOException;
+import java.util.Enumeration;
+
+/**
+ * Note: this class is for processing DER/DL encoded sequences only.
+ */
+class LazyEncodedSequence
+    extends ASN1Sequence
+{
+    private byte[] encoded;
+
+    LazyEncodedSequence(
+        byte[] encoded)
+        throws IOException
+    {
+        this.encoded = encoded;
+    }
+
+    private void parse()
+    {
+        Enumeration en = new LazyConstructionEnumeration(encoded);
+
+        while (en.hasMoreElements())
+        {
+            seq.addElement(en.nextElement());
+        }
+
+        encoded = null;
+    }
+
+    public synchronized ASN1Encodable getObjectAt(int index)
+    {
+        if (encoded != null)
+        {
+            parse();
+        }
+
+        return super.getObjectAt(index);
+    }
+
+    public synchronized Enumeration getObjects()
+    {
+        if (encoded == null)
+        {
+            return super.getObjects();
+        }
+
+        return new LazyConstructionEnumeration(encoded);
+    }
+
+    public synchronized int size()
+    {
+        if (encoded != null)
+        {
+            parse();
+        }
+
+        return super.size();
+    }
+
+    ASN1Primitive toDERObject()
+    {
+        if (encoded != null)
+        {
+            parse();
+        }
+
+        return super.toDERObject();
+    }
+
+    ASN1Primitive toDLObject()
+    {
+        if (encoded != null)
+        {
+            parse();
+        }
+
+        return super.toDLObject();
+    }
+
+    int encodedLength()
+        throws IOException
+    {
+        if (encoded != null)
+        {
+            return 1 + StreamUtil.calculateBodyLength(encoded.length) + encoded.length;
+        }
+        else
+        {
+            return super.toDLObject().encodedLength();
+        }
+    }
+
+    void encode(
+        ASN1OutputStream out)
+        throws IOException
+    {
+        if (encoded != null)
+        {
+            out.writeEncoded(BERTags.SEQUENCE | BERTags.CONSTRUCTED, encoded);
+        }
+        else
+        {
+            super.toDLObject().encode(out);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/LimitedInputStream.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/LimitedInputStream.java
new file mode 100644
index 0000000..e4c8db4
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/LimitedInputStream.java

@@ -0,0 +1,36 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.InputStream;
+
+/**
+ * Internal use stream that allows reading of a limited number of bytes from a wrapped stream.
+ */
+abstract class LimitedInputStream
+        extends InputStream
+{
+    protected final InputStream _in;
+    private int _limit;
+
+    LimitedInputStream(
+        InputStream in,
+        int         limit)
+    {
+        this._in = in;
+        this._limit = limit;
+    }
+
+    int getRemaining()
+    {
+        // TODO: maybe one day this can become more accurate
+        return _limit;
+    }
+    
+    protected void setParentEofDetect(boolean on)
+    {
+        if (_in instanceof IndefiniteLengthInputStream)
+        {
+            ((IndefiniteLengthInputStream)_in).setEofOn00(on);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/OIDTokenizer.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/OIDTokenizer.java
new file mode 100644
index 0000000..41b9aa0
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/OIDTokenizer.java

@@ -0,0 +1,65 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+/**
+ * Class for breaking up an OID into it's component tokens, ala
+ * java.util.StringTokenizer. We need this class as some of the
+ * lightweight Java environment don't support classes like
+ * StringTokenizer.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class OIDTokenizer
+{
+    private String  oid;
+    private int     index;
+
+    /**
+     * Base constructor.
+     *
+     * @param oid the string representation of the OID.
+     */
+    public OIDTokenizer(
+        String oid)
+    {
+        this.oid = oid;
+        this.index = 0;
+    }
+
+    /**
+     * Return whether or not there are more tokens in this tokenizer.
+     *
+     * @return true if there are more tokens, false otherwise.
+     */
+    public boolean hasMoreTokens()
+    {
+        return (index != -1);
+    }
+
+    /**
+     * Return the next token in the underlying String.
+     *
+     * @return the next token.
+     */
+    public String nextToken()
+    {
+        if (index == -1)
+        {
+            return null;
+        }
+
+        String  token;
+        int     end = oid.indexOf('.', index);
+
+        if (end == -1)
+        {
+            token = oid.substring(index);
+            index = -1;
+            return token;
+        }
+
+        token = oid.substring(index, end);
+
+        index = end + 1;
+        return token;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/StreamUtil.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/StreamUtil.java
new file mode 100644
index 0000000..4673832
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/StreamUtil.java

@@ -0,0 +1,119 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1;
+
+import java.io.ByteArrayInputStream;
+import java.io.FileInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.nio.channels.FileChannel;
+
+class StreamUtil
+{
+    // Android-removed: Check max memory at runtime
+    // private static final long  MAX_MEMORY = Runtime.getRuntime().maxMemory();
+
+    /**
+     * Find out possible longest length...
+     *
+     * @param in input stream of interest
+     * @return length calculation or MAX_VALUE.
+     */
+    static int findLimit(InputStream in)
+    {
+        if (in instanceof LimitedInputStream)
+        {
+            return ((LimitedInputStream)in).getRemaining();
+        }
+        else if (in instanceof ASN1InputStream)
+        {
+            return ((ASN1InputStream)in).getLimit();
+        }
+        else if (in instanceof ByteArrayInputStream)
+        {
+            return ((ByteArrayInputStream)in).available();
+        }
+        else if (in instanceof FileInputStream)
+        {
+            try
+            {
+                FileChannel channel = ((FileInputStream)in).getChannel();
+                long  size = (channel != null) ? channel.size() : Integer.MAX_VALUE;
+
+                if (size < Integer.MAX_VALUE)
+                {
+                    return (int)size;
+                }
+            }
+            catch (IOException e)
+            {
+                // ignore - they'll find out soon enough!
+            }
+        }
+
+        // BEGIN Android-changed: Check max memory at runtime
+        long maxMemory = Runtime.getRuntime().maxMemory();
+        if (maxMemory > Integer.MAX_VALUE)
+        {
+            return Integer.MAX_VALUE;
+        }
+
+        return (int) maxMemory;
+        // END Android-changed: Check max memory at runtime
+    }
+
+    static int calculateBodyLength(
+        int length)
+    {
+        int count = 1;
+
+        if (length > 127)
+        {
+            int size = 1;
+            int val = length;
+
+            while ((val >>>= 8) != 0)
+            {
+                size++;
+            }
+
+            for (int i = (size - 1) * 8; i >= 0; i -= 8)
+            {
+                count++;
+            }
+        }
+
+        return count;
+    }
+
+    static int calculateTagLength(int tagNo)
+        throws IOException
+    {
+        int length = 1;
+
+        if (tagNo >= 31)
+        {
+            if (tagNo < 128)
+            {
+                length++;
+            }
+            else
+            {
+                byte[] stack = new byte[5];
+                int pos = stack.length;
+
+                stack[--pos] = (byte)(tagNo & 0x7F);
+
+                do
+                {
+                    tagNo >>= 7;
+                    stack[--pos] = (byte)(tagNo & 0x7F | 0x80);
+                }
+                while (tagNo > 127);
+
+                length += stack.length - pos;
+            }
+        }
+
+        return length;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/bc/BCObjectIdentifiers.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/bc/BCObjectIdentifiers.java
new file mode 100644
index 0000000..032216e
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/bc/BCObjectIdentifiers.java

@@ -0,0 +1,169 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.bc;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+
+/**
+ *  Object Identifiers belonging to iso.org.dod.internet.private.enterprise.legion-of-the-bouncy-castle (1.3.6.1.4.1.22554)
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface BCObjectIdentifiers
+{
+    /**
+     *  iso.org.dod.internet.private.enterprise.legion-of-the-bouncy-castle
+     *<p>
+     *  1.3.6.1.4.1.22554
+     */
+    public static final ASN1ObjectIdentifier bc = new ASN1ObjectIdentifier("1.3.6.1.4.1.22554");
+
+    /**
+     * pbe(1) algorithms
+     * <p>
+     * 1.3.6.1.4.1.22554.1
+     */
+    public static final ASN1ObjectIdentifier bc_pbe        = bc.branch("1");
+
+    /**
+     * SHA-1(1)
+     * <p>
+     * 1.3.6.1.4.1.22554.1.1
+     */
+    public static final ASN1ObjectIdentifier bc_pbe_sha1   = bc_pbe.branch("1");
+
+    /** SHA-2.SHA-256; 1.3.6.1.4.1.22554.1.2.1 */
+    public static final ASN1ObjectIdentifier bc_pbe_sha256 = bc_pbe.branch("2.1");
+    /** SHA-2.SHA-384; 1.3.6.1.4.1.22554.1.2.2 */
+    public static final ASN1ObjectIdentifier bc_pbe_sha384 = bc_pbe.branch("2.2");
+    /** SHA-2.SHA-512; 1.3.6.1.4.1.22554.1.2.3 */
+    public static final ASN1ObjectIdentifier bc_pbe_sha512 = bc_pbe.branch("2.3");
+    /** SHA-2.SHA-224; 1.3.6.1.4.1.22554.1.2.4 */
+    public static final ASN1ObjectIdentifier bc_pbe_sha224 = bc_pbe.branch("2.4");
+
+    /**
+     * PKCS-5(1)|PKCS-12(2)
+     */
+    /** SHA-1.PKCS5;  1.3.6.1.4.1.22554.1.1.1 */
+    public static final ASN1ObjectIdentifier bc_pbe_sha1_pkcs5    = bc_pbe_sha1.branch("1");
+    /** SHA-1.PKCS12; 1.3.6.1.4.1.22554.1.1.2 */
+    public static final ASN1ObjectIdentifier bc_pbe_sha1_pkcs12   = bc_pbe_sha1.branch("2");
+
+    /** SHA-256.PKCS12; 1.3.6.1.4.1.22554.1.2.1.1 */
+    public static final ASN1ObjectIdentifier bc_pbe_sha256_pkcs5  = bc_pbe_sha256.branch("1");
+    /** SHA-256.PKCS12; 1.3.6.1.4.1.22554.1.2.1.2 */
+    public static final ASN1ObjectIdentifier bc_pbe_sha256_pkcs12 = bc_pbe_sha256.branch("2");
+
+    /**
+     * AES(1) . (CBC-128(2)|CBC-192(22)|CBC-256(42))
+     */
+    /** 1.3.6.1.4.1.22554.1.1.2.1.2 */
+    public static final ASN1ObjectIdentifier bc_pbe_sha1_pkcs12_aes128_cbc   = bc_pbe_sha1_pkcs12.branch("1.2");
+    /** 1.3.6.1.4.1.22554.1.1.2.1.22 */
+    public static final ASN1ObjectIdentifier bc_pbe_sha1_pkcs12_aes192_cbc   = bc_pbe_sha1_pkcs12.branch("1.22");
+    /** 1.3.6.1.4.1.22554.1.1.2.1.42 */
+    public static final ASN1ObjectIdentifier bc_pbe_sha1_pkcs12_aes256_cbc   = bc_pbe_sha1_pkcs12.branch("1.42");
+
+    /** 1.3.6.1.4.1.22554.1.1.2.2.2 */
+    public static final ASN1ObjectIdentifier bc_pbe_sha256_pkcs12_aes128_cbc = bc_pbe_sha256_pkcs12.branch("1.2");
+    /** 1.3.6.1.4.1.22554.1.1.2.2.22 */
+    public static final ASN1ObjectIdentifier bc_pbe_sha256_pkcs12_aes192_cbc = bc_pbe_sha256_pkcs12.branch("1.22");
+    /** 1.3.6.1.4.1.22554.1.1.2.2.42 */
+    public static final ASN1ObjectIdentifier bc_pbe_sha256_pkcs12_aes256_cbc = bc_pbe_sha256_pkcs12.branch("1.42");
+
+    /**
+     * signature(2) algorithms
+     */
+    public static final ASN1ObjectIdentifier bc_sig        = bc.branch("2");
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    /**
+     * Sphincs-256
+     *
+    public static final ASN1ObjectIdentifier sphincs256                      = bc_sig.branch("1");
+    public static final ASN1ObjectIdentifier sphincs256_with_BLAKE512        = sphincs256.branch("1");
+    public static final ASN1ObjectIdentifier sphincs256_with_SHA512          = sphincs256.branch("2");
+    public static final ASN1ObjectIdentifier sphincs256_with_SHA3_512        = sphincs256.branch("3");
+
+    /**
+     * XMSS
+     */
+    public static final ASN1ObjectIdentifier xmss = bc_sig.branch("2");
+    public static final ASN1ObjectIdentifier xmss_SHA256ph = xmss.branch("1");
+    public static final ASN1ObjectIdentifier xmss_SHA512ph = xmss.branch("2");
+    public static final ASN1ObjectIdentifier xmss_SHAKE128ph = xmss.branch("3");
+    public static final ASN1ObjectIdentifier xmss_SHAKE256ph = xmss.branch("4");
+    public static final ASN1ObjectIdentifier xmss_SHA256 = xmss.branch("5");
+    public static final ASN1ObjectIdentifier xmss_SHA512 = xmss.branch("6");
+    public static final ASN1ObjectIdentifier xmss_SHAKE128 = xmss.branch("7");
+    public static final ASN1ObjectIdentifier xmss_SHAKE256 = xmss.branch("8");
+
+    /**
+     * XMSS^MT
+     */
+    public static final ASN1ObjectIdentifier xmss_mt = bc_sig.branch("3");
+    public static final ASN1ObjectIdentifier xmss_mt_SHA256ph = xmss_mt.branch("1");
+    public static final ASN1ObjectIdentifier xmss_mt_SHA512ph = xmss_mt.branch("2");
+    public static final ASN1ObjectIdentifier xmss_mt_SHAKE128ph = xmss_mt.branch("3");
+    public static final ASN1ObjectIdentifier xmss_mt_SHAKE256ph = xmss_mt.branch("4");
+    public static final ASN1ObjectIdentifier xmss_mt_SHA256 = xmss_mt.branch("5");
+    public static final ASN1ObjectIdentifier xmss_mt_SHA512 = xmss_mt.branch("6");
+    public static final ASN1ObjectIdentifier xmss_mt_SHAKE128 = xmss_mt.branch("7");
+    public static final ASN1ObjectIdentifier xmss_mt_SHAKE256 = xmss_mt.branch("8");
+
+    // old OIDs.
+    /**
+     * @deprecated use xmss_SHA256ph
+     */
+    public static final ASN1ObjectIdentifier xmss_with_SHA256          = xmss_SHA256ph;
+    /**
+     * @deprecated use xmss_SHA512ph
+     */
+    public static final ASN1ObjectIdentifier xmss_with_SHA512 = xmss_SHA512ph;
+    /**
+     * @deprecated use xmss_SHAKE128ph
+     */
+    public static final ASN1ObjectIdentifier xmss_with_SHAKE128 = xmss_SHAKE128ph;
+    /**
+     * @deprecated use xmss_SHAKE256ph
+     */
+    public static final ASN1ObjectIdentifier xmss_with_SHAKE256        = xmss_SHAKE256ph;
+
+    /**
+     * @deprecated use xmss_mt_SHA256ph
+     */
+    public static final ASN1ObjectIdentifier xmss_mt_with_SHA256          = xmss_mt_SHA256ph;
+    /**
+     * @deprecated use xmss_mt_SHA512ph
+     */
+    public static final ASN1ObjectIdentifier xmss_mt_with_SHA512          = xmss_mt_SHA512ph;
+    /**
+     * @deprecated use xmss_mt_SHAKE128ph
+     */
+    public static final ASN1ObjectIdentifier xmss_mt_with_SHAKE128        = xmss_mt_SHAKE128;
+    /**
+     * @deprecated use xmss_mt_SHAKE256ph
+     */
+    public static final ASN1ObjectIdentifier xmss_mt_with_SHAKE256        = xmss_mt_SHAKE256;
+
+    /**
+     * qTESLA
+     */
+    public static final ASN1ObjectIdentifier qTESLA = bc_sig.branch("4");
+    public static final ASN1ObjectIdentifier qTESLA_I = qTESLA.branch("1");
+    public static final ASN1ObjectIdentifier qTESLA_III_size = qTESLA.branch("2");
+    public static final ASN1ObjectIdentifier qTESLA_III_speed = qTESLA.branch("3");
+    public static final ASN1ObjectIdentifier qTESLA_p_I = qTESLA.branch("4");
+    public static final ASN1ObjectIdentifier qTESLA_p_III = qTESLA.branch("5");
+
+    /**
+     * key_exchange(3) algorithms
+     *
+    public static final ASN1ObjectIdentifier bc_exch = bc.branch("3");
+
+    /**
+     * NewHope
+     *
+    public static final ASN1ObjectIdentifier newHope = bc_exch.branch("1");
+    */
+    // END Android-removed: Unsupported algorithms
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/Attribute.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/Attribute.java
new file mode 100644
index 0000000..352198a
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/Attribute.java

@@ -0,0 +1,112 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.cms;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1Set;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * <a href="http://tools.ietf.org/html/rfc5652#page-14">RFC 5652</a>:
+ * Attribute is a pair of OID (as type identifier) + set of values.
+ * <p>
+ * <pre>
+ * Attribute ::= SEQUENCE {
+ *     attrType OBJECT IDENTIFIER,
+ *     attrValues SET OF AttributeValue
+ * }
+ * 
+ * AttributeValue ::= ANY
+ * </pre>
+ * <p>
+ * General rule on values is that same AttributeValue must not be included
+ * multiple times into the set. That is, if the value is a SET OF INTEGERs,
+ * then having same value repeated is wrong: (1, 1), but different values is OK: (1, 2).
+ * Normally the AttributeValue syntaxes are more complicated than that.
+ * <p>
+ * General rule of Attribute usage is that the {@link Attributes} containers
+ * must not have multiple Attribute:s with same attrType (OID) there.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class Attribute
+    extends ASN1Object
+{
+    private ASN1ObjectIdentifier attrType;
+    private ASN1Set             attrValues;
+
+    /**
+     * Return an Attribute object from the given object.
+     * <p>
+     * Accepted inputs:
+     * <ul>
+     * <li> null &rarr; null
+     * <li> {@link Attribute} object
+     * <li> {@link com.android.org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with Attribute structure inside
+     * </ul>
+     *
+     * @param o the object we want converted.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     */
+    public static Attribute getInstance(
+        Object o)
+    {
+        if (o instanceof Attribute)
+        {
+            return (Attribute)o;
+        }
+        
+        if (o != null)
+        {
+            return new Attribute(ASN1Sequence.getInstance(o));
+        }
+
+        return null;
+    }
+    
+    private Attribute(
+        ASN1Sequence seq)
+    {
+        attrType = (ASN1ObjectIdentifier)seq.getObjectAt(0);
+        attrValues = (ASN1Set)seq.getObjectAt(1);
+    }
+
+    public Attribute(
+        ASN1ObjectIdentifier attrType,
+        ASN1Set             attrValues)
+    {
+        this.attrType = attrType;
+        this.attrValues = attrValues;
+    }
+
+    public ASN1ObjectIdentifier getAttrType()
+    {
+        return attrType;
+    }
+    
+    public ASN1Set getAttrValues()
+    {
+        return attrValues;
+    }
+
+    public ASN1Encodable[] getAttributeValues()
+    {
+        return attrValues.toArray();
+    }
+
+    /** 
+     * Produce an object suitable for an ASN1OutputStream.
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(attrType);
+        v.add(attrValues);
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/AttributeTable.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/AttributeTable.java
new file mode 100644
index 0000000..29c1f16
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/AttributeTable.java

@@ -0,0 +1,242 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.cms;
+
+import java.util.Enumeration;
+import java.util.Hashtable;
+import java.util.Vector;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Set;
+import com.android.org.bouncycastle.asn1.DERSet;
+
+/**
+ * This is helper tool to construct {@link Attributes} sets.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class AttributeTable
+{
+    private Hashtable attributes = new Hashtable();
+
+    public AttributeTable(
+        Hashtable  attrs)
+    {
+        attributes = copyTable(attrs);
+    }
+
+    public AttributeTable(
+        ASN1EncodableVector v)
+    {
+        for (int i = 0; i != v.size(); i++)
+        {
+            Attribute   a = Attribute.getInstance(v.get(i));
+
+            addAttribute(a.getAttrType(), a);
+        }
+    }
+
+    public AttributeTable(
+        ASN1Set    s)
+    {
+        for (int i = 0; i != s.size(); i++)
+        {
+            Attribute   a = Attribute.getInstance(s.getObjectAt(i));
+
+            addAttribute(a.getAttrType(), a);
+        }
+    }
+
+    public AttributeTable(
+        Attribute    attr)
+    {
+        addAttribute(attr.getAttrType(), attr);
+    }
+
+    public AttributeTable(
+        Attributes    attrs)
+    {
+        this(ASN1Set.getInstance(attrs.toASN1Primitive()));
+    }
+
+    private void addAttribute(
+        ASN1ObjectIdentifier oid,
+        Attribute           a)
+    {
+        Object value = attributes.get(oid);
+        
+        if (value == null)
+        {
+            attributes.put(oid, a);
+        }
+        else
+        {
+            Vector v;
+            
+            if (value instanceof Attribute)
+            {
+                v = new Vector();
+                
+                v.addElement(value);
+                v.addElement(a);
+            }
+            else
+            {
+                v = (Vector)value;
+            
+                v.addElement(a);
+            }
+            
+            attributes.put(oid, v);
+        }
+    }
+
+    /**
+     * Return the first attribute matching the OBJECT IDENTIFIER oid.
+     * 
+     * @param oid type of attribute required.
+     * @return first attribute found of type oid.
+     */
+    public Attribute get(
+        ASN1ObjectIdentifier oid)
+    {
+        Object value = attributes.get(oid);
+        
+        if (value instanceof Vector)
+        {
+            return (Attribute)((Vector)value).elementAt(0);
+        }
+        
+        return (Attribute)value;
+    }
+
+    /**
+     * Return all the attributes matching the OBJECT IDENTIFIER oid. The vector will be 
+     * empty if there are no attributes of the required type present.
+     * 
+     * @param oid type of attribute required.
+     * @return a vector of all the attributes found of type oid.
+     */
+    public ASN1EncodableVector getAll(
+        ASN1ObjectIdentifier oid)
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+        
+        Object value = attributes.get(oid);
+        
+        if (value instanceof Vector)
+        {
+            Enumeration e = ((Vector)value).elements();
+            
+            while (e.hasMoreElements())
+            {
+                v.add((Attribute)e.nextElement());
+            }
+        }
+        else if (value != null)
+        {
+            v.add((Attribute)value);
+        }
+        
+        return v;
+    }
+
+    public int size()
+    {
+        int size = 0;
+
+        for (Enumeration en = attributes.elements(); en.hasMoreElements();)
+        {
+            Object o = en.nextElement();
+
+            if (o instanceof Vector)
+            {
+                size += ((Vector)o).size();
+            }
+            else
+            {
+                size++;
+            }
+        }
+
+        return size;
+    }
+
+    public Hashtable toHashtable()
+    {
+        return copyTable(attributes);
+    }
+    
+    public ASN1EncodableVector toASN1EncodableVector()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+        Enumeration          e = attributes.elements();
+        
+        while (e.hasMoreElements())
+        {
+            Object value = e.nextElement();
+            
+            if (value instanceof Vector)
+            {
+                Enumeration en = ((Vector)value).elements();
+                
+                while (en.hasMoreElements())
+                {
+                    v.add(Attribute.getInstance(en.nextElement()));
+                }
+            }
+            else
+            {
+                v.add(Attribute.getInstance(value));
+            }
+        }
+        
+        return v;
+    }
+
+    public Attributes toASN1Structure()
+    {
+        return new Attributes(this.toASN1EncodableVector());
+    }
+
+    private Hashtable copyTable(
+        Hashtable in)
+    {
+        Hashtable   out = new Hashtable();
+        Enumeration e = in.keys();
+        
+        while (e.hasMoreElements())
+        {
+            Object key = e.nextElement();
+            
+            out.put(key, in.get(key));
+        }
+        
+        return out;
+    }
+
+    /**
+     * Return a new table with the passed in attribute added.
+     *
+     * @param attrType the type of the attribute to add.
+     * @param attrValue the value corresponding to the attribute (will be wrapped in a SET).
+     * @return a new table with the extra attribute in it.
+     */
+    public AttributeTable add(ASN1ObjectIdentifier attrType, ASN1Encodable attrValue)
+    {
+        AttributeTable newTable = new AttributeTable(attributes);
+
+        newTable.addAttribute(attrType, new Attribute(attrType, new DERSet(attrValue)));
+
+        return newTable;
+    }
+
+    public AttributeTable remove(ASN1ObjectIdentifier attrType)
+    {
+        AttributeTable newTable = new AttributeTable(attributes);
+
+        newTable.attributes.remove(attrType);
+
+        return newTable;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/Attributes.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/Attributes.java
new file mode 100644
index 0000000..de1cf4b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/Attributes.java

@@ -0,0 +1,95 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.cms;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Set;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DLSet;
+
+/**
+ * <a href="http://tools.ietf.org/html/rfc5652">RFC 5652</a> defines
+ * 5 "SET OF Attribute" entities with 5 different names.
+ * This is common implementation for them all:
+ * <pre>
+ *   SignedAttributes      ::= SET SIZE (1..MAX) OF Attribute
+ *   UnsignedAttributes    ::= SET SIZE (1..MAX) OF Attribute
+ *   UnprotectedAttributes ::= SET SIZE (1..MAX) OF Attribute
+ *   AuthAttributes        ::= SET SIZE (1..MAX) OF Attribute
+ *   UnauthAttributes      ::= SET SIZE (1..MAX) OF Attribute
+ *
+ * Attributes ::=
+ *   SET SIZE(1..MAX) OF Attribute
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class Attributes
+    extends ASN1Object
+{
+    private ASN1Set attributes;
+
+    private Attributes(ASN1Set set)
+    {
+        attributes = set;
+    }
+
+    public Attributes(ASN1EncodableVector v)
+    {
+        attributes = new DLSet(v);
+    }
+
+    /**
+     * Return an Attribute set object from the given object.
+     * <p>
+     * Accepted inputs:
+     * <ul>
+     * <li> null &rarr; null
+     * <li> {@link Attributes} object
+     * <li> {@link com.android.org.bouncycastle.asn1.ASN1Set#getInstance(java.lang.Object) ASN1Set} input formats with Attributes structure inside
+     * </ul>
+     *
+     * @param obj the object we want converted.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     */
+    public static Attributes getInstance(Object obj)
+    {
+        if (obj instanceof Attributes)
+        {
+            return (Attributes)obj;
+        }
+        else if (obj != null)
+        {
+            return new Attributes(ASN1Set.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    public static Attributes getInstance(
+        ASN1TaggedObject obj,
+        boolean explicit)
+    {
+        return getInstance(ASN1Set.getInstance(obj, explicit));
+    }
+
+    public Attribute[] getAttributes()
+    {
+        Attribute[] rv = new Attribute[attributes.size()];
+
+        for (int i = 0; i != rv.length; i++)
+        {
+            rv[i] = Attribute.getInstance(attributes.getObjectAt(i));
+        }
+
+        return rv;
+    }
+
+    /** 
+     * Produce an object suitable for an ASN1OutputStream.
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        return attributes;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/CMSAlgorithmProtection.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/CMSAlgorithmProtection.java
new file mode 100644
index 0000000..34c16e3
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/CMSAlgorithmProtection.java

@@ -0,0 +1,138 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.cms;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+
+/**
+ * From RFC 6211
+ * <pre>
+ * CMSAlgorithmProtection ::= SEQUENCE {
+ *    digestAlgorithm         DigestAlgorithmIdentifier,
+ *    signatureAlgorithm  [1] SignatureAlgorithmIdentifier OPTIONAL,
+ *    macAlgorithm        [2] MessageAuthenticationCodeAlgorithm
+ *                                     OPTIONAL
+ * }
+ * (WITH COMPONENTS { signatureAlgorithm PRESENT,
+ *                    macAlgorithm ABSENT } |
+ *  WITH COMPONENTS { signatureAlgorithm ABSENT,
+ *                    macAlgorithm PRESENT })
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class CMSAlgorithmProtection
+    extends ASN1Object
+{
+    public static final int SIGNATURE = 1;
+    public static final int MAC = 2;
+
+    private final AlgorithmIdentifier digestAlgorithm;
+    private final AlgorithmIdentifier signatureAlgorithm;
+    private final AlgorithmIdentifier macAlgorithm;
+
+    public CMSAlgorithmProtection(AlgorithmIdentifier digestAlgorithm, int type, AlgorithmIdentifier algorithmIdentifier)
+    {
+        if (digestAlgorithm == null || algorithmIdentifier == null)
+        {
+            throw new NullPointerException("AlgorithmIdentifiers cannot be null");
+        }
+
+        this.digestAlgorithm = digestAlgorithm;
+
+        if (type == 1)
+        {
+            this.signatureAlgorithm = algorithmIdentifier;
+            this.macAlgorithm = null;
+        }
+        else if (type == 2)
+        {
+            this.signatureAlgorithm = null;
+            this.macAlgorithm = algorithmIdentifier;
+        }
+        else
+        {
+            throw new IllegalArgumentException("Unknown type: " + type);
+        }
+    }
+
+    private CMSAlgorithmProtection(ASN1Sequence sequence)
+    {
+        if (sequence.size() != 2)
+        {
+            throw new IllegalArgumentException("Sequence wrong size: One of signatureAlgorithm or macAlgorithm must be present");
+        }
+
+        this.digestAlgorithm = AlgorithmIdentifier.getInstance(sequence.getObjectAt(0));
+
+        ASN1TaggedObject tagged = ASN1TaggedObject.getInstance(sequence.getObjectAt(1));
+        if (tagged.getTagNo() == 1)
+        {
+            this.signatureAlgorithm = AlgorithmIdentifier.getInstance(tagged, false);
+            this.macAlgorithm = null;
+        }
+        else if (tagged.getTagNo() == 2)
+        {
+            this.signatureAlgorithm = null;
+
+            this.macAlgorithm = AlgorithmIdentifier.getInstance(tagged, false);
+        }
+        else
+        {
+            throw new IllegalArgumentException("Unknown tag found: " + tagged.getTagNo());
+        }
+    }
+
+    public static CMSAlgorithmProtection getInstance(
+        Object obj)
+    {
+        if (obj instanceof CMSAlgorithmProtection)
+        {
+            return (CMSAlgorithmProtection)obj;
+        }
+        else if (obj != null)
+        {
+            return new CMSAlgorithmProtection(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+
+    public AlgorithmIdentifier getDigestAlgorithm()
+    {
+        return digestAlgorithm;
+    }
+
+    public AlgorithmIdentifier getMacAlgorithm()
+    {
+        return macAlgorithm;
+    }
+
+    public AlgorithmIdentifier getSignatureAlgorithm()
+    {
+        return signatureAlgorithm;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(digestAlgorithm);
+        if (signatureAlgorithm != null)
+        {
+            v.add(new DERTaggedObject(false, 1, signatureAlgorithm));
+        }
+        if (macAlgorithm != null)
+        {
+            v.add(new DERTaggedObject(false, 2, macAlgorithm));
+        }
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/CMSAttributes.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/CMSAttributes.java
new file mode 100644
index 0000000..8700854
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/CMSAttributes.java

@@ -0,0 +1,38 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.cms;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+
+
+/**
+ * <a href="http://tools.ietf.org/html/rfc5652">RFC 5652</a> CMS attribute OID constants.
+ * and <a href="http://tools.ietf.org/html/rfc6211">RFC 6211</a> Algorithm Identifier Protection Attribute.
+ * <pre>
+ * contentType      ::= 1.2.840.113549.1.9.3
+ * messageDigest    ::= 1.2.840.113549.1.9.4
+ * signingTime      ::= 1.2.840.113549.1.9.5
+ * counterSignature ::= 1.2.840.113549.1.9.6
+ *
+ * contentHint      ::= 1.2.840.113549.1.9.16.2.4
+ * cmsAlgorithmProtect := 1.2.840.113549.1.9.52
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+
+public interface CMSAttributes
+{
+    /** PKCS#9: 1.2.840.113549.1.9.3 */
+    ASN1ObjectIdentifier  contentType = PKCSObjectIdentifiers.pkcs_9_at_contentType;
+    /** PKCS#9: 1.2.840.113549.1.9.4 */
+    ASN1ObjectIdentifier  messageDigest = PKCSObjectIdentifiers.pkcs_9_at_messageDigest;
+    /** PKCS#9: 1.2.840.113549.1.9.5 */
+    ASN1ObjectIdentifier  signingTime = PKCSObjectIdentifiers.pkcs_9_at_signingTime;
+    /** PKCS#9: 1.2.840.113549.1.9.6 */
+    ASN1ObjectIdentifier  counterSignature = PKCSObjectIdentifiers.pkcs_9_at_counterSignature;
+    /** PKCS#9: 1.2.840.113549.1.9.16.6.2.4 - See <a href="http://tools.ietf.org/html/rfc2634">RFC 2634</a> */
+    ASN1ObjectIdentifier  contentHint = PKCSObjectIdentifiers.id_aa_contentHint;
+
+    ASN1ObjectIdentifier  cmsAlgorithmProtect = PKCSObjectIdentifiers.id_aa_cmsAlgorithmProtect;
+
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/CMSObjectIdentifiers.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/CMSObjectIdentifiers.java
new file mode 100644
index 0000000..221fc58
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/CMSObjectIdentifiers.java

@@ -0,0 +1,47 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.cms;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface CMSObjectIdentifiers
+{
+    /** PKCS#7: 1.2.840.113549.1.7.1 */
+    static final ASN1ObjectIdentifier    data = PKCSObjectIdentifiers.data;
+    /** PKCS#7: 1.2.840.113549.1.7.2 */
+    static final ASN1ObjectIdentifier    signedData = PKCSObjectIdentifiers.signedData;
+    /** PKCS#7: 1.2.840.113549.1.7.3 */
+    static final ASN1ObjectIdentifier    envelopedData = PKCSObjectIdentifiers.envelopedData;
+    /** PKCS#7: 1.2.840.113549.1.7.4 */
+    static final ASN1ObjectIdentifier    signedAndEnvelopedData = PKCSObjectIdentifiers.signedAndEnvelopedData;
+    /** PKCS#7: 1.2.840.113549.1.7.5 */
+    static final ASN1ObjectIdentifier    digestedData = PKCSObjectIdentifiers.digestedData;
+    /** PKCS#7: 1.2.840.113549.1.7.6 */
+    static final ASN1ObjectIdentifier    encryptedData = PKCSObjectIdentifiers.encryptedData;
+    /** PKCS#9: 1.2.840.113549.1.9.16.1.2 -- smime ct authData */
+    static final ASN1ObjectIdentifier    authenticatedData = PKCSObjectIdentifiers.id_ct_authData;
+    /** PKCS#9: 1.2.840.113549.1.9.16.1.9 -- smime ct compressedData */
+    static final ASN1ObjectIdentifier    compressedData = PKCSObjectIdentifiers.id_ct_compressedData;
+    /** PKCS#9: 1.2.840.113549.1.9.16.1.23 -- smime ct authEnvelopedData */
+    static final ASN1ObjectIdentifier    authEnvelopedData = PKCSObjectIdentifiers.id_ct_authEnvelopedData;
+    /** PKCS#9: 1.2.840.113549.1.9.16.1.31 -- smime ct timestampedData*/
+    static final ASN1ObjectIdentifier    timestampedData = PKCSObjectIdentifiers.id_ct_timestampedData;
+
+    /**
+     * The other Revocation Info arc
+     * <p>
+     * <pre>
+     * id-ri OBJECT IDENTIFIER ::= { iso(1) identified-organization(3)
+     *        dod(6) internet(1) security(5) mechanisms(5) pkix(7) ri(16) }
+     * </pre>
+     */
+    static final ASN1ObjectIdentifier    id_ri = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.16");
+
+    /** 1.3.6.1.5.5.7.16.2 */
+    static final ASN1ObjectIdentifier    id_ri_ocsp_response = id_ri.branch("2");
+    /** 1.3.6.1.5.5.7.16.4 */
+    static final ASN1ObjectIdentifier    id_ri_scvp = id_ri.branch("4");
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/ContentInfo.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/ContentInfo.java
new file mode 100644
index 0000000..1be1615
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/ContentInfo.java

@@ -0,0 +1,132 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.cms;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.BERSequence;
+import com.android.org.bouncycastle.asn1.BERTaggedObject;
+
+/**
+ * <a href="http://tools.ietf.org/html/rfc5652#section-3">RFC 5652</a> ContentInfo, and 
+ * <a href="http://tools.ietf.org/html/rfc5652#section-5.2">RFC 5652</a> EncapsulatedContentInfo objects.
+ *
+ * <pre>
+ * ContentInfo ::= SEQUENCE {
+ *     contentType ContentType,
+ *     content [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL
+ * }
+ *
+ * EncapsulatedContentInfo ::= SEQUENCE {
+ *     eContentType ContentType,
+ *     eContent [0] EXPLICIT OCTET STRING OPTIONAL
+ * }
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ContentInfo
+    extends ASN1Object
+    implements CMSObjectIdentifiers
+{
+    private ASN1ObjectIdentifier contentType;
+    private ASN1Encodable        content;
+
+    /**
+     * Return an ContentInfo object from the given object.
+     * <p>
+     * Accepted inputs:
+     * <ul>
+     * <li> null &rarr; null
+     * <li> {@link ContentInfo} object
+     * <li> {@link com.android.org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with ContentInfo structure inside
+     * </ul>
+     *
+     * @param obj the object we want converted.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     */
+    public static ContentInfo getInstance(
+        Object  obj)
+    {
+        if (obj instanceof ContentInfo)
+        {
+            return (ContentInfo)obj;
+        }
+        else if (obj != null)
+        {
+            return new ContentInfo(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    public static ContentInfo getInstance(
+        ASN1TaggedObject obj,
+        boolean explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    /**
+     * @deprecated use getInstance()
+     */
+    public ContentInfo(
+        ASN1Sequence  seq)
+    {
+        if (seq.size() < 1 || seq.size() > 2)
+        {
+            throw new IllegalArgumentException("Bad sequence size: " + seq.size());
+        }
+
+        contentType = (ASN1ObjectIdentifier)seq.getObjectAt(0);
+
+        if (seq.size() > 1)
+        {
+            ASN1TaggedObject tagged = (ASN1TaggedObject)seq.getObjectAt(1);
+            if (!tagged.isExplicit() || tagged.getTagNo() != 0)
+            {
+                throw new IllegalArgumentException("Bad tag for 'content'");
+            }
+
+            content = tagged.getObject();
+        }
+    }
+
+    public ContentInfo(
+        ASN1ObjectIdentifier contentType,
+        ASN1Encodable        content)
+    {
+        this.contentType = contentType;
+        this.content = content;
+    }
+
+    public ASN1ObjectIdentifier getContentType()
+    {
+        return contentType;
+    }
+
+    public ASN1Encodable getContent()
+    {
+        return content;
+    }
+
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        v.add(contentType);
+
+        if (content != null)
+        {
+            v.add(new BERTaggedObject(0, content));
+        }
+
+        return new BERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/GCMParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/GCMParameters.java
new file mode 100644
index 0000000..faa2bbd
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/GCMParameters.java

@@ -0,0 +1,104 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.cms;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * <a href="http://tools.ietf.org/html/rfc5084">RFC 5084</a>: GCMParameters object.
+ * <p>
+ * <pre>
+ GCMParameters ::= SEQUENCE {
+   aes-nonce        OCTET STRING, -- recommended size is 12 octets
+   aes-ICVlen       AES-GCM-ICVlen DEFAULT 12 }
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class GCMParameters
+    extends ASN1Object
+{
+    private byte[] nonce;
+    private int icvLen;
+
+    /**
+     * Return an GCMParameters object from the given object.
+     * <p>
+     * Accepted inputs:
+     * <ul>
+     * <li> null &rarr; null
+     * <li> {@link com.android.org.bouncycastle.asn1.cms.GCMParameters} object
+     * <li> {@link com.android.org.bouncycastle.asn1.ASN1Sequence#getInstance(Object) ASN1Sequence} input formats with GCMParameters structure inside
+     * </ul>
+     *
+     * @param obj the object we want converted.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     */
+    public static GCMParameters getInstance(
+        Object  obj)
+    {
+        if (obj instanceof GCMParameters)
+        {
+            return (GCMParameters)obj;
+        }
+        else if (obj != null)
+        {
+            return new GCMParameters(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    private GCMParameters(
+        ASN1Sequence seq)
+    {
+        this.nonce = ASN1OctetString.getInstance(seq.getObjectAt(0)).getOctets();
+
+        if (seq.size() == 2)
+        {
+            this.icvLen = ASN1Integer.getInstance(seq.getObjectAt(1)).getValue().intValue();
+        }
+        else
+        {
+            this.icvLen = 12;
+        }
+    }
+
+    public GCMParameters(
+        byte[] nonce,
+        int    icvLen)
+    {
+        this.nonce = Arrays.clone(nonce);
+        this.icvLen = icvLen;
+    }
+
+    public byte[] getNonce()
+    {
+        return Arrays.clone(nonce);
+    }
+
+    public int getIcvLen()
+    {
+        return icvLen;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector    v = new ASN1EncodableVector();
+
+        v.add(new DEROctetString(nonce));
+
+        if (icvLen != 12)
+        {
+            v.add(new ASN1Integer(icvLen));
+        }
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/IssuerAndSerialNumber.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/IssuerAndSerialNumber.java
new file mode 100644
index 0000000..2c9d96b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/IssuerAndSerialNumber.java

@@ -0,0 +1,140 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.cms;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+import com.android.org.bouncycastle.asn1.x509.Certificate;
+import com.android.org.bouncycastle.asn1.x509.X509CertificateStructure;
+import com.android.org.bouncycastle.asn1.x509.X509Name;
+
+/**
+ * <a href="http://tools.ietf.org/html/rfc5652#section-10.2.4">RFC 5652</a>: IssuerAndSerialNumber object.
+ * <p>
+ * <pre>
+ * IssuerAndSerialNumber ::= SEQUENCE {
+ *     issuer Name,
+ *     serialNumber CertificateSerialNumber
+ * }
+ *
+ * CertificateSerialNumber ::= INTEGER  -- See RFC 5280
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class IssuerAndSerialNumber
+    extends ASN1Object
+{
+    private X500Name    name;
+    private ASN1Integer  serialNumber;
+
+    /**
+     * Return an IssuerAndSerialNumber object from the given object.
+     * <p>
+     * Accepted inputs:
+     * <ul>
+     * <li> null &rarr; null
+     * <li> {@link IssuerAndSerialNumber} object
+     * <li> {@link com.android.org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with IssuerAndSerialNumber structure inside
+     * </ul>
+     *
+     * @param obj the object we want converted.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     */
+    public static IssuerAndSerialNumber getInstance(
+        Object  obj)
+    {
+        if (obj instanceof IssuerAndSerialNumber)
+        {
+            return (IssuerAndSerialNumber)obj;
+        }
+        else if (obj != null)
+        {
+            return new IssuerAndSerialNumber(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    /**
+     * @deprecated  use getInstance() method.
+     */
+    public IssuerAndSerialNumber(
+        ASN1Sequence    seq)
+    {
+        this.name = X500Name.getInstance(seq.getObjectAt(0));
+        this.serialNumber = (ASN1Integer)seq.getObjectAt(1);
+    }
+
+    public IssuerAndSerialNumber(
+        Certificate certificate)
+    {
+        this.name = certificate.getIssuer();
+        this.serialNumber = certificate.getSerialNumber();
+    }
+
+    /**
+     * @deprecated use constructor taking Certificate
+     */
+    public IssuerAndSerialNumber(
+        X509CertificateStructure certificate)
+    {
+        this.name = certificate.getIssuer();
+        this.serialNumber = certificate.getSerialNumber();
+    }
+
+    public IssuerAndSerialNumber(
+        X500Name name,
+        BigInteger  serialNumber)
+    {
+        this.name = name;
+        this.serialNumber = new ASN1Integer(serialNumber);
+    }
+
+    /**
+     * @deprecated use X500Name constructor
+     */
+    public IssuerAndSerialNumber(
+        X509Name    name,
+        BigInteger  serialNumber)
+    {
+        this.name = X500Name.getInstance(name);
+        this.serialNumber = new ASN1Integer(serialNumber);
+    }
+
+    /**
+     * @deprecated use X500Name constructor
+     */
+    public IssuerAndSerialNumber(
+        X509Name    name,
+        ASN1Integer  serialNumber)
+    {
+        this.name = X500Name.getInstance(name);
+        this.serialNumber = serialNumber;
+    }
+
+    public X500Name getName()
+    {
+        return name;
+    }
+
+    public ASN1Integer getSerialNumber()
+    {
+        return serialNumber;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector    v = new ASN1EncodableVector();
+
+        v.add(name);
+        v.add(serialNumber);
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/SignedData.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/SignedData.java
new file mode 100644
index 0000000..19cf200
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/SignedData.java

@@ -0,0 +1,332 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.cms;
+
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1Set;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.BERSequence;
+import com.android.org.bouncycastle.asn1.BERSet;
+import com.android.org.bouncycastle.asn1.BERTaggedObject;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+
+/**
+ * <a href="http://tools.ietf.org/html/rfc5652#section-5.1">RFC 5652</a>:
+ * <p>
+ * A signed data object containing multitude of {@link SignerInfo}s.
+ * <pre>
+ * SignedData ::= SEQUENCE {
+ *     version CMSVersion,
+ *     digestAlgorithms DigestAlgorithmIdentifiers,
+ *     encapContentInfo EncapsulatedContentInfo,
+ *     certificates [0] IMPLICIT CertificateSet OPTIONAL,
+ *     crls [1] IMPLICIT CertificateRevocationLists OPTIONAL,
+ *     signerInfos SignerInfos
+ *   }
+ * 
+ * DigestAlgorithmIdentifiers ::= SET OF DigestAlgorithmIdentifier
+ * 
+ * SignerInfos ::= SET OF SignerInfo
+ * </pre>
+ * <p>
+ * The version calculation uses following ruleset from RFC 5652 section 5.1:
+ * <pre>
+ * IF ((certificates is present) AND
+ *    (any certificates with a type of other are present)) OR
+ *    ((crls is present) AND
+ *    (any crls with a type of other are present))
+ * THEN version MUST be 5
+ * ELSE
+ *    IF (certificates is present) AND
+ *       (any version 2 attribute certificates are present)
+ *    THEN version MUST be 4
+ *    ELSE
+ *       IF ((certificates is present) AND
+ *          (any version 1 attribute certificates are present)) OR
+ *          (any SignerInfo structures are version 3) OR
+ *          (encapContentInfo eContentType is other than id-data)
+ *       THEN version MUST be 3
+ *       ELSE version MUST be 1
+ * </pre>
+ * <p>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SignedData
+    extends ASN1Object
+{
+    private static final ASN1Integer VERSION_1 = new ASN1Integer(1);
+    private static final ASN1Integer VERSION_3 = new ASN1Integer(3);
+    private static final ASN1Integer VERSION_4 = new ASN1Integer(4);
+    private static final ASN1Integer VERSION_5 = new ASN1Integer(5);
+
+    private ASN1Integer version;
+    private ASN1Set     digestAlgorithms;
+    private ContentInfo contentInfo;
+    private ASN1Set     certificates;
+    private ASN1Set     crls;
+    private ASN1Set     signerInfos;
+    private boolean certsBer;
+    private boolean        crlsBer;
+
+    /**
+     * Return a SignedData object from the given object.
+     * <p>
+     * Accepted inputs:
+     * <ul>
+     * <li> null &rarr; null
+     * <li> {@link SignedData} object
+     * <li> {@link com.android.org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with SignedData structure inside
+     * </ul>
+     *
+     * @param o the object we want converted.
+     * @return a reference that can be assigned to SignedData (may be null)
+     * @throws IllegalArgumentException if the object cannot be converted.
+     */
+    public static SignedData getInstance(
+        Object  o)
+    {
+        if (o instanceof SignedData)
+        {
+            return (SignedData)o;
+        }
+        else if (o != null)
+        {
+            return new SignedData(ASN1Sequence.getInstance(o));
+        }
+
+        return null;
+    }
+
+    public SignedData(
+        ASN1Set     digestAlgorithms,
+        ContentInfo contentInfo,
+        ASN1Set     certificates,
+        ASN1Set     crls,
+        ASN1Set     signerInfos)
+    {
+        this.version = calculateVersion(contentInfo.getContentType(), certificates, crls, signerInfos);
+        this.digestAlgorithms = digestAlgorithms;
+        this.contentInfo = contentInfo;
+        this.certificates = certificates;
+        this.crls = crls;
+        this.signerInfos = signerInfos;
+        this.crlsBer = crls instanceof BERSet;
+        this.certsBer = certificates instanceof BERSet;
+    }
+
+
+    private ASN1Integer calculateVersion(
+        ASN1ObjectIdentifier contentOid,
+        ASN1Set certs,
+        ASN1Set crls,
+        ASN1Set signerInfs)
+    {
+        boolean otherCert = false;
+        boolean otherCrl = false;
+        boolean attrCertV1Found = false;
+        boolean attrCertV2Found = false;
+
+        if (certs != null)
+        {
+            for (Enumeration en = certs.getObjects(); en.hasMoreElements();)
+            {
+                Object obj = en.nextElement();
+                if (obj instanceof ASN1TaggedObject)
+                {
+                    ASN1TaggedObject tagged = ASN1TaggedObject.getInstance(obj);
+
+                    if (tagged.getTagNo() == 1)
+                    {
+                        attrCertV1Found = true;
+                    }
+                    else if (tagged.getTagNo() == 2)
+                    {
+                        attrCertV2Found = true;
+                    }
+                    else if (tagged.getTagNo() == 3)
+                    {
+                        otherCert = true;
+                    }
+                }
+            }
+        }
+
+        if (otherCert)
+        {
+            return new ASN1Integer(5);
+        }
+
+        if (crls != null)         // no need to check if otherCert is true
+        {
+            for (Enumeration en = crls.getObjects(); en.hasMoreElements();)
+            {
+                Object obj = en.nextElement();
+                if (obj instanceof ASN1TaggedObject)
+                {
+                    otherCrl = true;
+                }
+            }
+        }
+
+        if (otherCrl)
+        {
+            return VERSION_5;
+        }
+
+        if (attrCertV2Found)
+        {
+            return VERSION_4;
+        }
+
+        if (attrCertV1Found)
+        {
+            return VERSION_3;
+        }
+
+        if (checkForVersion3(signerInfs))
+        {
+            return VERSION_3;
+        }
+
+        if (!CMSObjectIdentifiers.data.equals(contentOid))
+        {
+            return VERSION_3;
+        }
+
+        return VERSION_1;
+    }
+
+    private boolean checkForVersion3(ASN1Set signerInfs)
+    {
+        for (Enumeration e = signerInfs.getObjects(); e.hasMoreElements();)
+        {
+            SignerInfo s = SignerInfo.getInstance(e.nextElement());
+
+            if (s.getVersion().getValue().intValue() == 3)
+            {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    private SignedData(
+        ASN1Sequence seq)
+    {
+        Enumeration     e = seq.getObjects();
+
+        version = ASN1Integer.getInstance(e.nextElement());
+        digestAlgorithms = ((ASN1Set)e.nextElement());
+        contentInfo = ContentInfo.getInstance(e.nextElement());
+
+        while (e.hasMoreElements())
+        {
+            ASN1Primitive o = (ASN1Primitive)e.nextElement();
+
+            //
+            // an interesting feature of SignedData is that there appear
+            // to be varying implementations...
+            // for the moment we ignore anything which doesn't fit.
+            //
+            if (o instanceof ASN1TaggedObject)
+            {
+                ASN1TaggedObject tagged = (ASN1TaggedObject)o;
+
+                switch (tagged.getTagNo())
+                {
+                case 0:
+                    certsBer = tagged instanceof BERTaggedObject;
+                    certificates = ASN1Set.getInstance(tagged, false);
+                    break;
+                case 1:
+                    crlsBer = tagged instanceof BERTaggedObject;
+                    crls = ASN1Set.getInstance(tagged, false);
+                    break;
+                default:
+                    throw new IllegalArgumentException("unknown tag value " + tagged.getTagNo());
+                }
+            }
+            else
+            {
+                signerInfos = (ASN1Set)o;
+            }
+        }
+    }
+
+    public ASN1Integer getVersion()
+    {
+        return version;
+    }
+
+    public ASN1Set getDigestAlgorithms()
+    {
+        return digestAlgorithms;
+    }
+
+    public ContentInfo getEncapContentInfo()
+    {
+        return contentInfo;
+    }
+
+    public ASN1Set getCertificates()
+    {
+        return certificates;
+    }
+
+    public ASN1Set getCRLs()
+    {
+        return crls;
+    }
+
+    public ASN1Set getSignerInfos()
+    {
+        return signerInfos;
+    }
+
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        v.add(version);
+        v.add(digestAlgorithms);
+        v.add(contentInfo);
+
+        if (certificates != null)
+        {
+            if (certsBer)
+            {
+                v.add(new BERTaggedObject(false, 0, certificates));
+            }
+            else
+            {
+                v.add(new DERTaggedObject(false, 0, certificates));
+            }
+        }
+
+        if (crls != null)
+        {
+            if (crlsBer)
+            {
+                v.add(new BERTaggedObject(false, 1, crls));
+            }
+            else
+            {
+                v.add(new DERTaggedObject(false, 1, crls));
+            }
+        }
+
+        v.add(signerInfos);
+
+        return new BERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/SignerIdentifier.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/SignerIdentifier.java
new file mode 100644
index 0000000..942f1d3
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/SignerIdentifier.java

@@ -0,0 +1,116 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.cms;
+
+import com.android.org.bouncycastle.asn1.ASN1Choice;
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+
+/**
+ * <a href="http://tools.ietf.org/html/rfc5652#section-5.3">RFC 5652</a>:
+ * Identify who signed the containing {@link SignerInfo} object.
+ * <p>
+ * The certificates referred to by this are at containing {@link SignedData} structure.
+ * <p>
+ * <pre>
+ * SignerIdentifier ::= CHOICE {
+ *     issuerAndSerialNumber IssuerAndSerialNumber,
+ *     subjectKeyIdentifier [0] SubjectKeyIdentifier 
+ * }
+ *
+ * SubjectKeyIdentifier ::= OCTET STRING
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SignerIdentifier
+    extends ASN1Object
+    implements ASN1Choice
+{
+    private ASN1Encodable id;
+    
+    public SignerIdentifier(
+        IssuerAndSerialNumber id)
+    {
+        this.id = id;
+    }
+    
+    public SignerIdentifier(
+        ASN1OctetString id)
+    {
+        this.id = new DERTaggedObject(false, 0, id);
+    }
+    
+    public SignerIdentifier(
+        ASN1Primitive id)
+    {
+        this.id = id;
+    }
+    
+    /**
+     * Return a SignerIdentifier object from the given object.
+     * <p>
+     * Accepted inputs:
+     * <ul>
+     * <li> null &rarr; null
+     * <li> {@link SignerIdentifier} object
+     * <li> {@link IssuerAndSerialNumber} object
+     * <li> {@link com.android.org.bouncycastle.asn1.ASN1OctetString#getInstance(java.lang.Object) ASN1OctetString} input formats with SignerIdentifier structure inside
+     * <li> {@link com.android.org.bouncycastle.asn1.ASN1Primitive ASN1Primitive} for SignerIdentifier constructor.
+     * </ul>
+     *
+     * @param o the object we want converted.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     */
+    public static SignerIdentifier getInstance(
+        Object o)
+    {
+        if (o == null || o instanceof SignerIdentifier)
+        {
+            return (SignerIdentifier)o;
+        }
+        
+        if (o instanceof IssuerAndSerialNumber)
+        {
+            return new SignerIdentifier((IssuerAndSerialNumber)o);
+        }
+        
+        if (o instanceof ASN1OctetString)
+        {
+            return new SignerIdentifier((ASN1OctetString)o);
+        }
+        
+        if (o instanceof ASN1Primitive)
+        {
+            return new SignerIdentifier((ASN1Primitive)o);
+        }
+        
+        throw new IllegalArgumentException(
+             "Illegal object in SignerIdentifier: " + o.getClass().getName());
+    } 
+
+    public boolean isTagged()
+    {
+        return (id instanceof ASN1TaggedObject);
+    }
+
+    public ASN1Encodable getId()
+    {
+        if (id instanceof ASN1TaggedObject)
+        {
+            return ASN1OctetString.getInstance((ASN1TaggedObject)id, false);
+        }
+
+        return id;
+    }
+
+    /** 
+     * Produce an object suitable for an ASN1OutputStream.
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        return id.toASN1Primitive();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/SignerInfo.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/SignerInfo.java
new file mode 100644
index 0000000..9a0d9b5
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/SignerInfo.java

@@ -0,0 +1,284 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.cms;
+
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1Set;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+
+/**
+ * <a href="http://tools.ietf.org/html/rfc5652#section-5.3">RFC 5652</a>:
+ * Signature container per Signer, see {@link SignerIdentifier}.
+ * <pre>
+ * PKCS#7:
+ *
+ * SignerInfo ::= SEQUENCE {
+ *     version                   Version,
+ *     sid                       SignerIdentifier,
+ *     digestAlgorithm           DigestAlgorithmIdentifier,
+ *     authenticatedAttributes   [0] IMPLICIT Attributes OPTIONAL,
+ *     digestEncryptionAlgorithm DigestEncryptionAlgorithmIdentifier,
+ *     encryptedDigest           EncryptedDigest,
+ *     unauthenticatedAttributes [1] IMPLICIT Attributes OPTIONAL
+ * }
+ *
+ * EncryptedDigest ::= OCTET STRING
+ *
+ * DigestAlgorithmIdentifier ::= AlgorithmIdentifier
+ *
+ * DigestEncryptionAlgorithmIdentifier ::= AlgorithmIdentifier
+ *
+ * -----------------------------------------
+ *
+ * RFC 5652:
+ *
+ * SignerInfo ::= SEQUENCE {
+ *     version            CMSVersion,
+ *     sid                SignerIdentifier,
+ *     digestAlgorithm    DigestAlgorithmIdentifier,
+ *     signedAttrs        [0] IMPLICIT SignedAttributes OPTIONAL,
+ *     signatureAlgorithm SignatureAlgorithmIdentifier,
+ *     signature          SignatureValue,
+ *     unsignedAttrs      [1] IMPLICIT UnsignedAttributes OPTIONAL
+ * }
+ *
+ * -- {@link SignerIdentifier} referenced certificates are at containing
+ * -- {@link SignedData} certificates element.
+ *
+ * SignerIdentifier ::= CHOICE {
+ *     issuerAndSerialNumber {@link IssuerAndSerialNumber},
+ *     subjectKeyIdentifier  [0] SubjectKeyIdentifier }
+ *
+ * -- See {@link Attributes} for generalized SET OF {@link Attribute}
+ *
+ * SignedAttributes   ::= SET SIZE (1..MAX) OF Attribute
+ * UnsignedAttributes ::= SET SIZE (1..MAX) OF Attribute
+ * 
+ * {@link Attribute} ::= SEQUENCE {
+ *     attrType   OBJECT IDENTIFIER,
+ *     attrValues SET OF AttributeValue }
+ *
+ * AttributeValue ::= ANY
+ * 
+ * SignatureValue ::= OCTET STRING
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SignerInfo
+    extends ASN1Object
+{
+    private ASN1Integer              version;
+    private SignerIdentifier        sid;
+    private AlgorithmIdentifier     digAlgorithm;
+    private ASN1Set                 authenticatedAttributes;
+    private AlgorithmIdentifier     digEncryptionAlgorithm;
+    private ASN1OctetString         encryptedDigest;
+    private ASN1Set                 unauthenticatedAttributes;
+
+    /**
+     * Return a SignerInfo object from the given input
+     * <p>
+     * Accepted inputs:
+     * <ul>
+     * <li> null &rarr; null
+     * <li> {@link SignerInfo} object
+     * <li> {@link com.android.org.bouncycastle.asn1.ASN1Sequence#getInstance(java.lang.Object) ASN1Sequence} input formats with SignerInfo structure inside
+     * </ul>
+     *
+     * @param o the object we want converted.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     */
+    public static SignerInfo getInstance(
+        Object  o)
+        throws IllegalArgumentException
+    {
+        if (o instanceof SignerInfo)
+        {
+            return (SignerInfo)o;
+        }
+        else if (o != null)
+        {
+            return new SignerInfo(ASN1Sequence.getInstance(o));
+        }
+
+        return null;
+    }
+
+    /**
+     *
+     * @param sid
+     * @param digAlgorithm            CMS knows as 'digestAlgorithm'
+     * @param authenticatedAttributes CMS knows as 'signedAttrs'
+     * @param digEncryptionAlgorithm  CMS knows as 'signatureAlgorithm'
+     * @param encryptedDigest         CMS knows as 'signature'
+     * @param unauthenticatedAttributes CMS knows as 'unsignedAttrs'
+     */
+    public SignerInfo(
+        SignerIdentifier        sid,
+        AlgorithmIdentifier     digAlgorithm,
+        ASN1Set                 authenticatedAttributes,
+        AlgorithmIdentifier     digEncryptionAlgorithm,
+        ASN1OctetString         encryptedDigest,
+        ASN1Set                 unauthenticatedAttributes)
+    {
+        if (sid.isTagged())
+        {
+            this.version = new ASN1Integer(3);
+        }
+        else
+        {
+            this.version = new ASN1Integer(1);
+        }
+
+        this.sid = sid;
+        this.digAlgorithm = digAlgorithm;
+        this.authenticatedAttributes = authenticatedAttributes;
+        this.digEncryptionAlgorithm = digEncryptionAlgorithm;
+        this.encryptedDigest = encryptedDigest;
+        this.unauthenticatedAttributes = unauthenticatedAttributes;
+    }
+
+    /**
+     *
+     * @param sid
+     * @param digAlgorithm            CMS knows as 'digestAlgorithm'
+     * @param authenticatedAttributes CMS knows as 'signedAttrs'
+     * @param digEncryptionAlgorithm  CMS knows as 'signatureAlgorithm'
+     * @param encryptedDigest         CMS knows as 'signature'
+     * @param unauthenticatedAttributes CMS knows as 'unsignedAttrs'
+     */
+    public SignerInfo(
+        SignerIdentifier        sid,
+        AlgorithmIdentifier     digAlgorithm,
+        Attributes              authenticatedAttributes,
+        AlgorithmIdentifier     digEncryptionAlgorithm,
+        ASN1OctetString         encryptedDigest,
+        Attributes              unauthenticatedAttributes)
+    {
+        if (sid.isTagged())
+        {
+            this.version = new ASN1Integer(3);
+        }
+        else
+        {
+            this.version = new ASN1Integer(1);
+        }
+
+        this.sid = sid;
+        this.digAlgorithm = digAlgorithm;
+        this.authenticatedAttributes = ASN1Set.getInstance(authenticatedAttributes);
+        this.digEncryptionAlgorithm = digEncryptionAlgorithm;
+        this.encryptedDigest = encryptedDigest;
+        this.unauthenticatedAttributes = ASN1Set.getInstance(unauthenticatedAttributes);
+    }
+
+    /**
+     * @deprecated use getInstance() method.
+     */
+    public SignerInfo(
+        ASN1Sequence seq)
+    {
+        Enumeration     e = seq.getObjects();
+
+        version = (ASN1Integer)e.nextElement();
+        sid = SignerIdentifier.getInstance(e.nextElement());
+        digAlgorithm = AlgorithmIdentifier.getInstance(e.nextElement());
+
+        Object obj = e.nextElement();
+
+        if (obj instanceof ASN1TaggedObject)
+        {
+            authenticatedAttributes = ASN1Set.getInstance((ASN1TaggedObject)obj, false);
+
+            digEncryptionAlgorithm = AlgorithmIdentifier.getInstance(e.nextElement());
+        }
+        else
+        {
+            authenticatedAttributes = null;
+            digEncryptionAlgorithm = AlgorithmIdentifier.getInstance(obj);
+        }
+
+        encryptedDigest = DEROctetString.getInstance(e.nextElement());
+
+        if (e.hasMoreElements())
+        {
+            unauthenticatedAttributes = ASN1Set.getInstance((ASN1TaggedObject)e.nextElement(), false);
+        }
+        else
+        {
+            unauthenticatedAttributes = null;
+        }
+    }
+
+    public ASN1Integer getVersion()
+    {
+        return version;
+    }
+
+    public SignerIdentifier getSID()
+    {
+        return sid;
+    }
+
+    public ASN1Set getAuthenticatedAttributes()
+    {
+        return authenticatedAttributes;
+    }
+
+    public AlgorithmIdentifier getDigestAlgorithm()
+    {
+        return digAlgorithm;
+    }
+
+    public ASN1OctetString getEncryptedDigest()
+    {
+        return encryptedDigest;
+    }
+
+    public AlgorithmIdentifier getDigestEncryptionAlgorithm()
+    {
+        return digEncryptionAlgorithm;
+    }
+
+    public ASN1Set getUnauthenticatedAttributes()
+    {
+        return unauthenticatedAttributes;
+    }
+
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(version);
+        v.add(sid);
+        v.add(digAlgorithm);
+
+        if (authenticatedAttributes != null)
+        {
+            v.add(new DERTaggedObject(false, 0, authenticatedAttributes));
+        }
+
+        v.add(digEncryptionAlgorithm);
+        v.add(encryptedDigest);
+
+        if (unauthenticatedAttributes != null)
+        {
+            v.add(new DERTaggedObject(false, 1, unauthenticatedAttributes));
+        }
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/Time.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/Time.java
new file mode 100644
index 0000000..612c672
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/cms/Time.java

@@ -0,0 +1,208 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.cms;
+
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
+// Android-added: Localization support
+import java.util.Calendar;
+import java.util.Date;
+import java.util.Locale;
+import java.util.SimpleTimeZone;
+
+import com.android.org.bouncycastle.asn1.ASN1Choice;
+import com.android.org.bouncycastle.asn1.ASN1GeneralizedTime;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.ASN1UTCTime;
+import com.android.org.bouncycastle.asn1.DERGeneralizedTime;
+import com.android.org.bouncycastle.asn1.DERUTCTime;
+
+/**
+ * <a href="http://tools.ietf.org/html/rfc5652#section-11.3">RFC 5652</a>:
+ * Dual-mode timestamp format producing either UTCTIme or GeneralizedTime.
+ * <p>
+ * <pre>
+ * Time ::= CHOICE {
+ *     utcTime        UTCTime,
+ *     generalTime    GeneralizedTime }
+ * </pre>
+ * <p>
+ * This has a constructor using java.util.Date for input which generates
+ * a {@link com.android.org.bouncycastle.asn1.DERUTCTime DERUTCTime} object if the
+ * supplied datetime is in range 1950-01-01-00:00:00 UTC until 2049-12-31-23:59:60 UTC.
+ * If the datetime value is outside that range, the generated object will be
+ * {@link com.android.org.bouncycastle.asn1.DERGeneralizedTime DERGeneralizedTime}.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class Time
+    extends ASN1Object
+    implements ASN1Choice
+{
+    ASN1Primitive time;
+
+    public static Time getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(obj.getObject());
+    }
+
+    /**
+     * @deprecated use getInstance()
+     */
+    public Time(
+        ASN1Primitive   time)
+    {
+        if (!(time instanceof ASN1UTCTime)
+            && !(time instanceof ASN1GeneralizedTime))
+        {
+            throw new IllegalArgumentException("unknown object passed to Time");
+        }
+
+        this.time = time; 
+    }
+
+    /**
+     * Creates a time object from a given date - if the date is between 1950
+     * and 2049 a UTCTime object is generated, otherwise a GeneralizedTime
+     * is used.
+     *
+     * @param time a date object representing the time of interest.
+     */
+    public Time(
+        Date    time)
+    {
+        SimpleTimeZone      tz = new SimpleTimeZone(0, "Z");
+        // Android-changed: Use localized version
+        // SimpleDateFormat    dateF = new SimpleDateFormat("yyyyMMddHHmmss");
+        SimpleDateFormat    dateF = new SimpleDateFormat("yyyyMMddHHmmss", Locale.US);
+
+        dateF.setTimeZone(tz);
+
+        String  d = dateF.format(time) + "Z";
+        int     year = Integer.parseInt(d.substring(0, 4));
+
+        if (year < 1950 || year > 2049)
+        {
+            this.time = new DERGeneralizedTime(d);
+        }
+        else
+        {
+            this.time = new DERUTCTime(d.substring(2));
+        }
+    }
+
+    /**
+     * Creates a time object from a given date and locale - if the date is between 1950
+     * and 2049 a UTCTime object is generated, otherwise a GeneralizedTime
+     * is used. You may need to use this constructor if the default locale
+     * doesn't use a Gregorian calender so that the GeneralizedTime produced is compatible with other ASN.1 implementations.
+     *
+     * @param time a date object representing the time of interest.
+     * @param locale an appropriate Locale for producing an ASN.1 GeneralizedTime value.
+     */
+    public Time(
+        Date    time,
+        Locale locale)
+    {
+        SimpleTimeZone      tz = new SimpleTimeZone(0, "Z");
+        // BEGIN Android-changed: Use localized version
+        // SimpleDateFormat    dateF = new SimpleDateFormat("yyyyMMddHHmmss", locale);
+        SimpleDateFormat    dateF = new SimpleDateFormat("yyyyMMddHHmmss", Locale.US);
+        dateF.setCalendar(Calendar.getInstance(locale));
+        // END Android-changed: Use localized version
+
+        dateF.setTimeZone(tz);
+
+        String  d = dateF.format(time) + "Z";
+        int     year = Integer.parseInt(d.substring(0, 4));
+
+        if (year < 1950 || year > 2049)
+        {
+            this.time = new DERGeneralizedTime(d);
+        }
+        else
+        {
+            this.time = new DERUTCTime(d.substring(2));
+        }
+    }
+
+    /**
+     * Return a Time object from the given object.
+     * <p>
+     * Accepted inputs:
+     * <ul>
+     * <li> null &rarr; null
+     * <li> {@link Time} object
+     * <li> {@link com.android.org.bouncycastle.asn1.DERUTCTime DERUTCTime} object
+     * <li> {@link com.android.org.bouncycastle.asn1.DERGeneralizedTime DERGeneralizedTime} object
+     * </ul>
+     *
+     * @param obj the object we want converted.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     */
+    public static Time getInstance(
+        Object  obj)
+    {
+        if (obj == null || obj instanceof Time)
+        {
+            return (Time)obj;
+        }
+        else if (obj instanceof ASN1UTCTime)
+        {
+            return new Time((ASN1UTCTime)obj);
+        }
+        else if (obj instanceof ASN1GeneralizedTime)
+        {
+            return new Time((ASN1GeneralizedTime)obj);
+        }
+
+        throw new IllegalArgumentException("unknown object in factory: " + obj.getClass().getName());
+    }
+
+    /**
+     * Get the date+tine as a String in full form century format.
+     */
+    public String getTime()
+    {
+        if (time instanceof ASN1UTCTime)
+        {
+            return ((ASN1UTCTime)time).getAdjustedTime();
+        }
+        else
+        {
+            return ((ASN1GeneralizedTime)time).getTime();
+        }
+    }
+
+    /**
+     * Get java.util.Date version of date+time.
+     */
+    public Date getDate()
+    {
+        try
+        {
+            if (time instanceof ASN1UTCTime)
+            {
+                return ((ASN1UTCTime)time).getAdjustedDate();
+            }
+            else
+            {
+                return ((ASN1GeneralizedTime)time).getDate();
+            }
+        }
+        catch (ParseException e)
+        {         // this should never happen
+            throw new IllegalStateException("invalid date string: " + e.getMessage());
+        }
+    }
+
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        return time;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/eac/EACObjectIdentifiers.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/eac/EACObjectIdentifiers.java
new file mode 100644
index 0000000..8c3719e
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/eac/EACObjectIdentifiers.java

@@ -0,0 +1,112 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.eac;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+
+/**
+ * German Federal Office for Information Security
+ * (Bundesamt f&uuml;r Sicherheit in der Informationstechnik)
+ * <a href="http://www.bsi.bund.de/">http://www.bsi.bund.de/</a>
+ * <p>
+ * <a href="https://www.bsi.bund.de/EN/Publications/TechnicalGuidelines/TR03110/BSITR03110.html">BSI TR-03110</a>
+ * Technical Guideline Advanced Security Mechanisms for Machine Readable Travel Documents
+ * <p>
+ * <a href="https://www.bsi.bund.de/SharedDocs/Downloads/EN/BSI/Publications/TechGuidelines/TR03110/TR-03110_v2.1_P3pdf.pdf">
+ * Technical Guideline TR-03110-3</a>
+ * Advanced Security Mechanisms for Machine Readable Travel Documents;
+ * Part 3: Common Specifications.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface EACObjectIdentifiers
+{
+    /**
+     * <pre>
+     * bsi-de OBJECT IDENTIFIER ::= {
+     *     itu-t(0) identified-organization(4) etsi(0)
+     *     reserved(127) etsi-identified-organization(0) 7
+     * }
+     * </pre>
+     * OID: 0.4.0.127.0.7
+     */
+    static final ASN1ObjectIdentifier    bsi_de      = new ASN1ObjectIdentifier("0.4.0.127.0.7");
+
+    /**
+     * <pre>
+     * id-PK OBJECT IDENTIFIER ::= {
+     *     bsi-de protocols(2) smartcard(2) 1
+     * }
+     * </pre>
+     * OID: 0.4.0.127.0.7.2.2.1
+     */
+    static final ASN1ObjectIdentifier    id_PK      = bsi_de.branch("2.2.1");
+
+    /** OID: 0.4.0.127.0.7.2.2.1.1 */
+    static final ASN1ObjectIdentifier    id_PK_DH   = id_PK.branch("1");
+    /** OID: 0.4.0.127.0.7.2.2.1.2 */
+    static final ASN1ObjectIdentifier    id_PK_ECDH = id_PK.branch("2");
+
+    /**
+     * <pre>
+     * id-CA OBJECT IDENTIFIER ::= {
+     *     bsi-de protocols(2) smartcard(2) 3
+     * }
+     * </pre>
+     * OID: 0.4.0.127.0.7.2.2.3
+     */
+    static final ASN1ObjectIdentifier    id_CA                   = bsi_de.branch("2.2.3");
+    /** OID: 0.4.0.127.0.7.2.2.3.1 */
+    static final ASN1ObjectIdentifier    id_CA_DH                = id_CA.branch("1");
+    /** OID: 0.4.0.127.0.7.2.2.3.1.1 */
+    static final ASN1ObjectIdentifier    id_CA_DH_3DES_CBC_CBC   = id_CA_DH.branch("1");
+    /** OID: 0.4.0.127.0.7.2.2.3.2 */
+    static final ASN1ObjectIdentifier    id_CA_ECDH              = id_CA.branch("2");
+    /** OID: 0.4.0.127.0.7.2.2.3.2.1 */
+    static final ASN1ObjectIdentifier    id_CA_ECDH_3DES_CBC_CBC = id_CA_ECDH.branch("1");
+
+    /**
+     * <pre>
+     * id-TA OBJECT IDENTIFIER ::= {
+     *     bsi-de protocols(2) smartcard(2) 2
+     * }
+     * </pre>
+     * OID: 0.4.0.127.0.7.2.2.2
+     */
+    static final ASN1ObjectIdentifier    id_TA = bsi_de.branch("2.2.2");
+
+    /** OID: 0.4.0.127.0.7.2.2.2.1 */
+    static final ASN1ObjectIdentifier    id_TA_RSA              = id_TA.branch("1");
+    /** OID: 0.4.0.127.0.7.2.2.2.1.1 */
+    static final ASN1ObjectIdentifier    id_TA_RSA_v1_5_SHA_1   = id_TA_RSA.branch("1");
+    /** OID: 0.4.0.127.0.7.2.2.2.1.2 */
+    static final ASN1ObjectIdentifier    id_TA_RSA_v1_5_SHA_256 = id_TA_RSA.branch("2");
+    /** OID: 0.4.0.127.0.7.2.2.2.1.3 */
+    static final ASN1ObjectIdentifier    id_TA_RSA_PSS_SHA_1    = id_TA_RSA.branch("3");
+    /** OID: 0.4.0.127.0.7.2.2.2.1.4 */
+    static final ASN1ObjectIdentifier    id_TA_RSA_PSS_SHA_256  = id_TA_RSA.branch("4");
+    /** OID: 0.4.0.127.0.7.2.2.2.1.5 */
+    static final ASN1ObjectIdentifier    id_TA_RSA_v1_5_SHA_512 = id_TA_RSA.branch("5");
+    /** OID: 0.4.0.127.0.7.2.2.2.1.6 */
+    static final ASN1ObjectIdentifier    id_TA_RSA_PSS_SHA_512  = id_TA_RSA.branch("6");
+    /** OID: 0.4.0.127.0.7.2.2.2.2 */
+    static final ASN1ObjectIdentifier    id_TA_ECDSA            = id_TA.branch("2");
+    /** OID: 0.4.0.127.0.7.2.2.2.2.1 */
+    static final ASN1ObjectIdentifier    id_TA_ECDSA_SHA_1      = id_TA_ECDSA.branch("1");
+    /** OID: 0.4.0.127.0.7.2.2.2.2.2 */
+    static final ASN1ObjectIdentifier    id_TA_ECDSA_SHA_224    = id_TA_ECDSA.branch("2");
+    /** OID: 0.4.0.127.0.7.2.2.2.2.3 */
+    static final ASN1ObjectIdentifier    id_TA_ECDSA_SHA_256    = id_TA_ECDSA.branch("3");
+    /** OID: 0.4.0.127.0.7.2.2.2.2.4 */
+    static final ASN1ObjectIdentifier    id_TA_ECDSA_SHA_384    = id_TA_ECDSA.branch("4");
+    /** OID: 0.4.0.127.0.7.2.2.2.2.5 */
+    static final ASN1ObjectIdentifier    id_TA_ECDSA_SHA_512    = id_TA_ECDSA.branch("5");
+
+    /**
+     * <pre>
+     * id-EAC-ePassport OBJECT IDENTIFIER ::= {
+     *     bsi-de applications(3) mrtd(1) roles(2) 1
+     * }
+     * </pre>
+     * OID: 0.4.0.127.0.7.3.1.2.1
+     */
+    static final ASN1ObjectIdentifier id_EAC_ePassport = bsi_de.branch("3.1.2.1");
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/gm/GMObjectIdentifiers.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/gm/GMObjectIdentifiers.java
new file mode 100644
index 0000000..3d1a30c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/gm/GMObjectIdentifiers.java

@@ -0,0 +1,88 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.gm;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface GMObjectIdentifiers
+{
+    ASN1ObjectIdentifier sm_scheme = new ASN1ObjectIdentifier("1.2.156.10197.1");
+
+    ASN1ObjectIdentifier sm6_ecb = sm_scheme.branch("101.1");
+    ASN1ObjectIdentifier sm6_cbc = sm_scheme.branch("101.2");
+    ASN1ObjectIdentifier sm6_ofb128 = sm_scheme.branch("101.3");
+    ASN1ObjectIdentifier sm6_cfb128 = sm_scheme.branch("101.4");
+
+    ASN1ObjectIdentifier sm1_ecb = sm_scheme.branch("102.1");
+    ASN1ObjectIdentifier sm1_cbc = sm_scheme.branch("102.2");
+    ASN1ObjectIdentifier sm1_ofb128 = sm_scheme.branch("102.3");
+    ASN1ObjectIdentifier sm1_cfb128 = sm_scheme.branch("102.4");
+    ASN1ObjectIdentifier sm1_cfb1 = sm_scheme.branch("102.5");
+    ASN1ObjectIdentifier sm1_cfb8 = sm_scheme.branch("102.6");
+
+    ASN1ObjectIdentifier ssf33_ecb = sm_scheme.branch("103.1");
+    ASN1ObjectIdentifier ssf33_cbc = sm_scheme.branch("103.2");
+    ASN1ObjectIdentifier ssf33_ofb128 = sm_scheme.branch("103.3");
+    ASN1ObjectIdentifier ssf33_cfb128 = sm_scheme.branch("103.4");
+    ASN1ObjectIdentifier ssf33_cfb1 = sm_scheme.branch("103.5");
+    ASN1ObjectIdentifier ssf33_cfb8 = sm_scheme.branch("103.6");
+
+    ASN1ObjectIdentifier sms4_ecb = sm_scheme.branch("104.1");
+    ASN1ObjectIdentifier sms4_cbc = sm_scheme.branch("104.2");
+    ASN1ObjectIdentifier sms4_ofb128 = sm_scheme.branch("104.3");
+    ASN1ObjectIdentifier sms4_cfb128 = sm_scheme.branch("104.4");
+    ASN1ObjectIdentifier sms4_cfb1 = sm_scheme.branch("104.5");
+    ASN1ObjectIdentifier sms4_cfb8 = sm_scheme.branch("104.6");
+    ASN1ObjectIdentifier sms4_ctr = sm_scheme.branch("104.7");
+    ASN1ObjectIdentifier sms4_gcm = sm_scheme.branch("104.8");
+    ASN1ObjectIdentifier sms4_ccm = sm_scheme.branch("104.9");
+    ASN1ObjectIdentifier sms4_xts = sm_scheme.branch("104.10");
+    ASN1ObjectIdentifier sms4_wrap = sm_scheme.branch("104.11");
+    ASN1ObjectIdentifier sms4_wrap_pad = sm_scheme.branch("104.12");
+    ASN1ObjectIdentifier sms4_ocb = sm_scheme.branch("104.100");
+
+    ASN1ObjectIdentifier sm5 = sm_scheme.branch("201");
+
+    ASN1ObjectIdentifier sm2p256v1 = sm_scheme.branch("301");
+    ASN1ObjectIdentifier sm2sign = sm_scheme.branch("301.1");
+    ASN1ObjectIdentifier sm2exchange = sm_scheme.branch("301.2");
+    ASN1ObjectIdentifier sm2encrypt = sm_scheme.branch("301.3");
+
+    ASN1ObjectIdentifier wapip192v1 = sm_scheme.branch("301.101");
+
+    ASN1ObjectIdentifier sm2encrypt_recommendedParameters = sm2encrypt.branch("1");
+    ASN1ObjectIdentifier sm2encrypt_specifiedParameters = sm2encrypt.branch("2");
+    ASN1ObjectIdentifier sm2encrypt_with_sm3 = sm2encrypt.branch("2.1");
+    ASN1ObjectIdentifier sm2encrypt_with_sha1 = sm2encrypt.branch("2.2");
+    ASN1ObjectIdentifier sm2encrypt_with_sha224 = sm2encrypt.branch("2.3");
+    ASN1ObjectIdentifier sm2encrypt_with_sha256 = sm2encrypt.branch("2.4");
+    ASN1ObjectIdentifier sm2encrypt_with_sha384 = sm2encrypt.branch("2.5");
+    ASN1ObjectIdentifier sm2encrypt_with_sha512 = sm2encrypt.branch("2.6");
+    ASN1ObjectIdentifier sm2encrypt_with_rmd160 =  sm2encrypt.branch("2.7");
+    ASN1ObjectIdentifier sm2encrypt_with_whirlpool =sm2encrypt.branch("2.8");
+    ASN1ObjectIdentifier sm2encrypt_with_blake2b512 = sm2encrypt.branch("2.9");
+    ASN1ObjectIdentifier sm2encrypt_with_blake2s256 = sm2encrypt.branch("2.10");
+    ASN1ObjectIdentifier sm2encrypt_with_md5 = sm2encrypt.branch("2.11");
+
+    ASN1ObjectIdentifier id_sm9PublicKey = sm_scheme.branch("302");
+    ASN1ObjectIdentifier sm9sign = sm_scheme.branch("302.1");
+    ASN1ObjectIdentifier sm9keyagreement = sm_scheme.branch("302.2");
+    ASN1ObjectIdentifier sm9encrypt = sm_scheme.branch("302.3");
+
+    ASN1ObjectIdentifier sm3 = sm_scheme.branch("401");
+
+    ASN1ObjectIdentifier hmac_sm3 = sm3.branch("2");
+
+    ASN1ObjectIdentifier sm2sign_with_sm3 = sm_scheme.branch("501");
+    ASN1ObjectIdentifier sm2sign_with_sha1 = sm_scheme.branch("502");
+    ASN1ObjectIdentifier sm2sign_with_sha256 = sm_scheme.branch("503");
+    ASN1ObjectIdentifier sm2sign_with_sha512 = sm_scheme.branch("504");
+    ASN1ObjectIdentifier sm2sign_with_sha224 = sm_scheme.branch("505");
+    ASN1ObjectIdentifier sm2sign_with_sha384 = sm_scheme.branch("506");
+    ASN1ObjectIdentifier sm2sign_with_rmd160 = sm_scheme.branch("507");
+    ASN1ObjectIdentifier sm2sign_with_whirlpool = sm_scheme.branch("520");
+    ASN1ObjectIdentifier sm2sign_with_blake2b512 = sm_scheme.branch("521");
+    ASN1ObjectIdentifier sm2sign_with_blake2s256 = sm_scheme.branch("522");
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/iana/IANAObjectIdentifiers.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/iana/IANAObjectIdentifiers.java
new file mode 100644
index 0000000..5baf01a
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/iana/IANAObjectIdentifiers.java

@@ -0,0 +1,62 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.iana;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+
+/**
+ * IANA:
+ *  { iso(1) identifier-organization(3) dod(6) internet(1) } == IETF defined things
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface IANAObjectIdentifiers
+{
+
+    /** { iso(1) identifier-organization(3) dod(6) internet(1) } == IETF defined things */
+    static final ASN1ObjectIdentifier   internet       = new ASN1ObjectIdentifier("1.3.6.1");
+    /** 1.3.6.1.1: Internet directory: X.500 */
+    static final ASN1ObjectIdentifier   directory      = internet.branch("1");
+    /** 1.3.6.1.2: Internet management */
+    static final ASN1ObjectIdentifier   mgmt           = internet.branch("2");
+    /** 1.3.6.1.3: */
+    static final ASN1ObjectIdentifier   experimental   = internet.branch("3");
+    /** 1.3.6.1.4: */
+    static final ASN1ObjectIdentifier   _private       = internet.branch("4");
+    /** 1.3.6.1.5: Security services */
+    static final ASN1ObjectIdentifier   security       = internet.branch("5");
+    /** 1.3.6.1.6: SNMPv2 -- never really used */
+    static final ASN1ObjectIdentifier   SNMPv2         = internet.branch("6");
+    /** 1.3.6.1.7: mail -- never really used */
+    static final ASN1ObjectIdentifier   mail           = internet.branch("7");
+
+
+    // id-SHA1 OBJECT IDENTIFIER ::=    
+    // {iso(1) identified-organization(3) dod(6) internet(1) security(5) mechanisms(5) ipsec(8) isakmpOakley(1)}
+    //
+
+
+    /** IANA security mechanisms; 1.3.6.1.5.5 */
+    static final ASN1ObjectIdentifier    security_mechanisms  = security.branch("5");
+    /** IANA security nametypes;  1.3.6.1.5.6 */
+    static final ASN1ObjectIdentifier    security_nametypes   = security.branch("6");
+
+    /** PKIX base OID:            1.3.6.1.5.6.6 */
+    static final ASN1ObjectIdentifier    pkix                 = security_mechanisms.branch("6");
+
+
+    /** IPSEC base OID:                        1.3.6.1.5.5.8 */
+    static final ASN1ObjectIdentifier    ipsec                = security_mechanisms.branch("8");
+    /** IPSEC ISAKMP-Oakley OID:               1.3.6.1.5.5.8.1 */
+    static final ASN1ObjectIdentifier    isakmpOakley         = ipsec.branch("1");
+
+    /** IPSEC ISAKMP-Oakley hmacMD5 OID:       1.3.6.1.5.5.8.1.1 */
+    static final ASN1ObjectIdentifier    hmacMD5              = isakmpOakley.branch("1");
+    /** IPSEC ISAKMP-Oakley hmacSHA1 OID:      1.3.6.1.5.5.8.1.2 */
+    static final ASN1ObjectIdentifier    hmacSHA1             = isakmpOakley.branch("2");
+    
+    /** IPSEC ISAKMP-Oakley hmacTIGER OID:     1.3.6.1.5.5.8.1.3 */
+    static final ASN1ObjectIdentifier    hmacTIGER            = isakmpOakley.branch("3");
+    
+    /** IPSEC ISAKMP-Oakley hmacRIPEMD160 OID: 1.3.6.1.5.5.8.1.4 */
+    static final ASN1ObjectIdentifier    hmacRIPEMD160        = isakmpOakley.branch("4");
+
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/isismtt/ISISMTTObjectIdentifiers.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/isismtt/ISISMTTObjectIdentifiers.java
new file mode 100644
index 0000000..e2f0901
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/isismtt/ISISMTTObjectIdentifiers.java

@@ -0,0 +1,212 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.isismtt;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+
+/**
+ * ISISMT -- Industrial Signature Interoperability Specification
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface ISISMTTObjectIdentifiers
+{
+
+    /** 1.3.36.8 */
+    static final ASN1ObjectIdentifier id_isismtt = new ASN1ObjectIdentifier("1.3.36.8");
+
+    /** 1.3.36.8.1 */
+    static final ASN1ObjectIdentifier id_isismtt_cp = id_isismtt.branch("1");
+
+    /**
+     * The id-isismtt-cp-accredited OID indicates that the certificate is a
+     * qualified certificate according to Directive 1999/93/EC of the European
+     * Parliament and of the Council of 13 December 1999 on a Community
+     * Framework for Electronic Signatures, which additionally conforms the
+     * special requirements of the SigG and has been issued by an accredited CA.
+     * <p>
+     * 1.3.36.8.1.1
+     */
+
+    static final ASN1ObjectIdentifier id_isismtt_cp_accredited = id_isismtt_cp.branch("1");
+
+    /** 1.3.36.8.3 */
+    static final ASN1ObjectIdentifier id_isismtt_at = id_isismtt.branch("3");
+
+    /**
+     * Certificate extensionDate of certificate generation
+     * <pre>
+     *     DateOfCertGenSyntax ::= GeneralizedTime
+     * </pre>
+     * OID: 1.3.36.8.3.1
+     */
+    static final ASN1ObjectIdentifier id_isismtt_at_dateOfCertGen = id_isismtt_at.branch("1");
+
+    /**
+     * Attribute to indicate that the certificate holder may sign in the name of
+     * a third person. May also be used as extension in a certificate.
+     * <p>
+     * OID: 1.3.36.8.3.2
+     */
+    static final ASN1ObjectIdentifier id_isismtt_at_procuration = id_isismtt_at.branch("2");
+
+    /**
+     * Attribute to indicate admissions to certain professions. May be used as
+     * attribute in attribute certificate or as extension in a certificate
+     * <p>
+     * OID: 1.3.36.8.3.3
+     */
+    static final ASN1ObjectIdentifier id_isismtt_at_admission = id_isismtt_at.branch("3");
+
+    /**
+     * Monetary limit for transactions. The QcEuMonetaryLimit QC statement MUST
+     * be used in new certificates in place of the extension/attribute
+     * MonetaryLimit since January 1, 2004. For the sake of backward
+     * compatibility with certificates already in use, SigG conforming
+     * components MUST support MonetaryLimit (as well as QcEuLimitValue).
+     * <p>
+     * OID: 1.3.36.8.3.4
+     */
+    static final ASN1ObjectIdentifier id_isismtt_at_monetaryLimit = id_isismtt_at.branch("4");
+
+    /**
+     * A declaration of majority. May be used as attribute in attribute
+     * certificate or as extension in a certificate
+     * <p>
+     * OID: 1.3.36.8.3.5
+     */
+    static final ASN1ObjectIdentifier id_isismtt_at_declarationOfMajority = id_isismtt_at.branch("5");
+
+    /**
+     * Serial number of the smart card containing the corresponding private key
+     * <pre>
+     *    ICCSNSyntax ::= OCTET STRING (SIZE(8..20))
+     * </pre>
+     * <p>
+     * OID: 1.3.36.8.3.6
+     */
+    static final ASN1ObjectIdentifier id_isismtt_at_iCCSN = id_isismtt_at.branch("6");
+
+    /**
+     * Reference for a file of a smartcard that stores the public key of this
+     * certificate and that is used as "security anchor".
+     * <pre>
+     *    PKReferenceSyntax ::= OCTET STRING (SIZE(20))
+     * </pre>
+     * <p>
+     * OID: 1.3.36.8.3.7
+     */
+    static final ASN1ObjectIdentifier id_isismtt_at_PKReference = id_isismtt_at.branch("7");
+
+    /**
+     * Some other restriction regarding the usage of this certificate. May be
+     * used as attribute in attribute certificate or as extension in a
+     * certificate.
+     * <pre>
+     *    RestrictionSyntax ::= DirectoryString (SIZE(1..1024))
+     * </pre>
+     * <p>
+     * OID: 1.3.36.8.3.8
+     * 
+     * @see com.android.org.bouncycastle.asn1.isismtt.x509.Restriction
+     */
+    static final ASN1ObjectIdentifier id_isismtt_at_restriction = id_isismtt_at.branch("8");
+
+    /**
+     * (Single)Request extension: Clients may include this extension in a
+     * (single) Request to request the responder to send the certificate in the
+     * response message along with the status information. Besides the LDAP
+     * service, this extension provides another mechanism for the distribution
+     * of certificates, which MAY optionally be provided by certificate
+     * repositories.
+     * <pre>
+     *    RetrieveIfAllowed ::= BOOLEAN
+     * </pre>
+     * <p>
+     * OID: 1.3.36.8.3.9
+     */
+    static final ASN1ObjectIdentifier id_isismtt_at_retrieveIfAllowed = id_isismtt_at.branch("9");
+
+    /**
+     * SingleOCSPResponse extension: The certificate requested by the client by
+     * inserting the RetrieveIfAllowed extension in the request, will be
+     * returned in this extension.
+     * <p>
+     * OID: 1.3.36.8.3.10
+     * 
+     * @see com.android.org.bouncycastle.asn1.isismtt.ocsp.RequestedCertificate
+     */
+    static final ASN1ObjectIdentifier id_isismtt_at_requestedCertificate = id_isismtt_at.branch("10");
+
+    /**
+     * Base ObjectIdentifier for naming authorities
+     * <p>
+     * OID: 1.3.36.8.3.11
+     */
+    static final ASN1ObjectIdentifier id_isismtt_at_namingAuthorities = id_isismtt_at.branch("11");
+
+    /**
+     * SingleOCSPResponse extension: Date, when certificate has been published
+     * in the directory and status information has become available. Currently,
+     * accrediting authorities enforce that SigG-conforming OCSP servers include
+     * this extension in the responses.
+     * 
+     * <pre>
+     *    CertInDirSince ::= GeneralizedTime
+     * </pre>
+     * <p>
+     * OID: 1.3.36.8.3.12
+     */
+    static final ASN1ObjectIdentifier id_isismtt_at_certInDirSince = id_isismtt_at.branch("12");
+
+    /**
+     * Hash of a certificate in OCSP.
+     * <p>
+     * OID: 1.3.36.8.3.13
+     * 
+     * @see com.android.org.bouncycastle.asn1.isismtt.ocsp.CertHash
+     */
+    static final ASN1ObjectIdentifier id_isismtt_at_certHash = id_isismtt_at.branch("13");
+
+    /**
+     * <pre>
+     *    NameAtBirth ::= DirectoryString(SIZE(1..64)
+     * </pre>
+     * 
+     * Used in
+     * {@link com.android.org.bouncycastle.asn1.x509.SubjectDirectoryAttributes SubjectDirectoryAttributes}
+     * <p>
+     * OID: 1.3.36.8.3.14
+     */
+    static final ASN1ObjectIdentifier id_isismtt_at_nameAtBirth = id_isismtt_at.branch("14");
+
+    /**
+     * Some other information of non-restrictive nature regarding the usage of
+     * this certificate. May be used as attribute in atribute certificate or as
+     * extension in a certificate.
+     * 
+     * <pre>
+     *    AdditionalInformationSyntax ::= DirectoryString (SIZE(1..2048))
+     * </pre>
+     * <p>
+     * OID: 1.3.36.8.3.15
+     * 
+     * @see com.android.org.bouncycastle.asn1.isismtt.x509.AdditionalInformationSyntax
+     */
+    static final ASN1ObjectIdentifier id_isismtt_at_additionalInformation = id_isismtt_at.branch("15");
+
+    /**
+     * Indicates that an attribute certificate exists, which limits the
+     * usability of this public key certificate. Whenever verifying a signature
+     * with the help of this certificate, the content of the corresponding
+     * attribute certificate should be concerned. This extension MUST be
+     * included in a PKC, if a corresponding attribute certificate (having the
+     * PKC as base certificate) contains some attribute that restricts the
+     * usability of the PKC too. Attribute certificates with restricting content
+     * MUST always be included in the signed document.
+     * <pre>
+     *    LiabilityLimitationFlagSyntax ::= BOOLEAN
+     * </pre>
+     * <p>
+     * OID: 0.2.262.1.10.12.0
+     */
+    static final ASN1ObjectIdentifier id_isismtt_at_liabilityLimitationFlag = new ASN1ObjectIdentifier("0.2.262.1.10.12.0");
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/kisa/KISAObjectIdentifiers.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/kisa/KISAObjectIdentifiers.java
new file mode 100644
index 0000000..2df49d6
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/kisa/KISAObjectIdentifiers.java

@@ -0,0 +1,33 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.kisa;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+
+/**
+ * Korea Information Security Agency (KISA)
+ * ({iso(1) member-body(2) kr(410) kisa(200004)})
+ * <p>
+ * See <a href="http://tools.ietf.org/html/rfc4010">RFC 4010</a>
+ * Use of the SEED Encryption Algorithm
+ * in Cryptographic Message Syntax (CMS),
+ * and <a href="http://tools.ietf.org/html/rfc4269">RFC 4269</a>
+ * The SEED Encryption Algorithm
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface KISAObjectIdentifiers
+{
+    /** RFC 4010, 4269: id-seedCBC; OID 1.2.410.200004.1.4 */
+    static final ASN1ObjectIdentifier id_seedCBC = new ASN1ObjectIdentifier("1.2.410.200004.1.4");
+
+    /** RFC 4269: id-seedMAC; OID 1.2.410.200004.1.7 */
+    static final ASN1ObjectIdentifier id_seedMAC = new ASN1ObjectIdentifier("1.2.410.200004.1.7");
+
+    /** RFC 4269: pbeWithSHA1AndSEED-CBC; OID 1.2.410.200004.1.15 */
+    static final ASN1ObjectIdentifier pbeWithSHA1AndSEED_CBC = new ASN1ObjectIdentifier("1.2.410.200004.1.15");
+
+    /** RFC 4010: id-npki-app-cmsSeed-wrap; OID 1.2.410.200004.7.1.1.1 */
+    static final ASN1ObjectIdentifier id_npki_app_cmsSeed_wrap = new ASN1ObjectIdentifier("1.2.410.200004.7.1.1.1");
+
+    /** RFC 4010: SeedEncryptionAlgorithmInCMS; OID 1.2.840.113549.1.9.16.0.24 */
+    static final ASN1ObjectIdentifier id_mod_cms_seed = new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.0.24");
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/misc/MiscObjectIdentifiers.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/misc/MiscObjectIdentifiers.java
new file mode 100644
index 0000000..59f0c86
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/misc/MiscObjectIdentifiers.java

@@ -0,0 +1,142 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.misc;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface MiscObjectIdentifiers
+{
+    //
+    // Netscape
+    //       iso/itu(2) joint-assign(16) us(840) uscompany(1) netscape(113730) cert-extensions(1) }
+    //
+    /**
+     * Netscape cert extensions OID base: 2.16.840.1.113730.1
+     */
+    ASN1ObjectIdentifier netscape = new ASN1ObjectIdentifier("2.16.840.1.113730.1");
+    /**
+     * Netscape cert CertType OID: 2.16.840.1.113730.1.1
+     */
+    ASN1ObjectIdentifier netscapeCertType = netscape.branch("1");
+    /**
+     * Netscape cert BaseURL OID: 2.16.840.1.113730.1.2
+     */
+    ASN1ObjectIdentifier netscapeBaseURL = netscape.branch("2");
+    /**
+     * Netscape cert RevocationURL OID: 2.16.840.1.113730.1.3
+     */
+    ASN1ObjectIdentifier netscapeRevocationURL = netscape.branch("3");
+    /**
+     * Netscape cert CARevocationURL OID: 2.16.840.1.113730.1.4
+     */
+    ASN1ObjectIdentifier netscapeCARevocationURL = netscape.branch("4");
+    /**
+     * Netscape cert RenewalURL OID: 2.16.840.1.113730.1.7
+     */
+    ASN1ObjectIdentifier netscapeRenewalURL = netscape.branch("7");
+    /**
+     * Netscape cert CApolicyURL OID: 2.16.840.1.113730.1.8
+     */
+    ASN1ObjectIdentifier netscapeCApolicyURL = netscape.branch("8");
+    /**
+     * Netscape cert SSLServerName OID: 2.16.840.1.113730.1.12
+     */
+    ASN1ObjectIdentifier netscapeSSLServerName = netscape.branch("12");
+    /**
+     * Netscape cert CertComment OID: 2.16.840.1.113730.1.13
+     */
+    ASN1ObjectIdentifier netscapeCertComment = netscape.branch("13");
+
+    //
+    // Verisign
+    //       iso/itu(2) joint-assign(16) us(840) uscompany(1) verisign(113733) cert-extensions(1) }
+    //
+    /**
+     * Verisign OID base: 2.16.840.1.113733.1
+     */
+    ASN1ObjectIdentifier verisign = new ASN1ObjectIdentifier("2.16.840.1.113733.1");
+
+    /**
+     * Verisign CZAG (Country,Zip,Age,Gender) Extension OID: 2.16.840.1.113733.1.6.3
+     */
+    ASN1ObjectIdentifier verisignCzagExtension = verisign.branch("6.3");
+
+    ASN1ObjectIdentifier verisignPrivate_6_9 = verisign.branch("6.9");
+    ASN1ObjectIdentifier verisignOnSiteJurisdictionHash = verisign.branch("6.11");
+    ASN1ObjectIdentifier verisignBitString_6_13 = verisign.branch("6.13");
+
+    /**
+     * Verisign D&amp;B D-U-N-S number Extension OID: 2.16.840.1.113733.1.6.15
+     */
+    ASN1ObjectIdentifier verisignDnbDunsNumber = verisign.branch("6.15");
+
+    ASN1ObjectIdentifier verisignIssStrongCrypto = verisign.branch("8.1");
+
+    //
+    // Novell
+    //       iso/itu(2) country(16) us(840) organization(1) novell(113719)
+    //
+    /**
+     * Novell OID base: 2.16.840.1.113719
+     */
+    ASN1ObjectIdentifier novell = new ASN1ObjectIdentifier("2.16.840.1.113719");
+    /**
+     * Novell SecurityAttribs OID: 2.16.840.1.113719.1.9.4.1
+     */
+    ASN1ObjectIdentifier novellSecurityAttribs = novell.branch("1.9.4.1");
+
+    //
+    // Entrust
+    //       iso(1) member-body(16) us(840) nortelnetworks(113533) entrust(7)
+    //
+    /**
+     * NortelNetworks Entrust OID base: 1.2.840.113533.7
+     */
+    ASN1ObjectIdentifier entrust = new ASN1ObjectIdentifier("1.2.840.113533.7");
+    /**
+     * NortelNetworks Entrust VersionExtension OID: 1.2.840.113533.7.65.0
+     */
+    ASN1ObjectIdentifier entrustVersionExtension = entrust.branch("65.0");
+
+    /**
+     * cast5CBC OBJECT IDENTIFIER ::= {iso(1) member-body(2) us(840) nt(113533) nsn(7) algorithms(66) 10} SEE RFC 2984
+     */
+    ASN1ObjectIdentifier cast5CBC = entrust.branch("66.10");
+
+    //
+    // Ascom
+    //
+    ASN1ObjectIdentifier as_sys_sec_alg_ideaCBC = new ASN1ObjectIdentifier("1.3.6.1.4.1.188.7.1.1.2");
+
+    //
+    // Peter Gutmann's Cryptlib
+    //
+    ASN1ObjectIdentifier cryptlib = new ASN1ObjectIdentifier("1.3.6.1.4.1.3029");
+
+    ASN1ObjectIdentifier cryptlib_algorithm = cryptlib.branch("1");
+    ASN1ObjectIdentifier cryptlib_algorithm_blowfish_ECB = cryptlib_algorithm.branch("1.1");
+    ASN1ObjectIdentifier cryptlib_algorithm_blowfish_CBC = cryptlib_algorithm.branch("1.2");
+    ASN1ObjectIdentifier cryptlib_algorithm_blowfish_CFB = cryptlib_algorithm.branch("1.3");
+    ASN1ObjectIdentifier cryptlib_algorithm_blowfish_OFB = cryptlib_algorithm.branch("1.4");
+
+    //
+    // Blake2b
+    //
+    ASN1ObjectIdentifier blake2 = new ASN1ObjectIdentifier("1.3.6.1.4.1.1722.12.2");
+
+    ASN1ObjectIdentifier id_blake2b160 = blake2.branch("1.5");
+    ASN1ObjectIdentifier id_blake2b256 = blake2.branch("1.8");
+    ASN1ObjectIdentifier id_blake2b384 = blake2.branch("1.12");
+    ASN1ObjectIdentifier id_blake2b512 = blake2.branch("1.16");
+
+    ASN1ObjectIdentifier id_blake2s128 = blake2.branch("2.4");
+    ASN1ObjectIdentifier id_blake2s160 = blake2.branch("2.5");
+    ASN1ObjectIdentifier id_blake2s224 = blake2.branch("2.7");
+    ASN1ObjectIdentifier id_blake2s256 = blake2.branch("2.8");
+
+    //
+    // Scrypt
+    ASN1ObjectIdentifier id_scrypt = new ASN1ObjectIdentifier("1.3.6.1.4.1.11591.4.11");
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/misc/NetscapeCertType.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/misc/NetscapeCertType.java
new file mode 100644
index 0000000..f8c20bf
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/misc/NetscapeCertType.java

@@ -0,0 +1,56 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.misc;
+
+import com.android.org.bouncycastle.asn1.DERBitString;
+
+/**
+ * The NetscapeCertType object.
+ * <pre>
+ *    NetscapeCertType ::= BIT STRING {
+ *         SSLClient               (0),
+ *         SSLServer               (1),
+ *         S/MIME                  (2),
+ *         Object Signing          (3),
+ *         Reserved                (4),
+ *         SSL CA                  (5),
+ *         S/MIME CA               (6),
+ *         Object Signing CA       (7) }
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class NetscapeCertType
+    extends DERBitString
+{
+    public static final int        sslClient        = (1 << 7); 
+    public static final int        sslServer        = (1 << 6);
+    public static final int        smime            = (1 << 5);
+    public static final int        objectSigning    = (1 << 4);
+    public static final int        reserved         = (1 << 3);
+    public static final int        sslCA            = (1 << 2);
+    public static final int        smimeCA          = (1 << 1);
+    public static final int        objectSigningCA  = (1 << 0);
+
+    /**
+     * Basic constructor.
+     * 
+     * @param usage - the bitwise OR of the Key Usage flags giving the
+     * allowed uses for the key.
+     * e.g. (X509NetscapeCertType.sslCA | X509NetscapeCertType.smimeCA)
+     */
+    public NetscapeCertType(
+        int usage)
+    {
+        super(getBytes(usage), getPadBits(usage));
+    }
+
+    public NetscapeCertType(
+        DERBitString usage)
+    {
+        super(usage.getBytes(), usage.getPadBits());
+    }
+
+    public String toString()
+    {
+        return "NetscapeCertType: 0x" + Integer.toHexString(data[0] & 0xff);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/misc/NetscapeRevocationURL.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/misc/NetscapeRevocationURL.java
new file mode 100644
index 0000000..b3a4bfe
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/misc/NetscapeRevocationURL.java

@@ -0,0 +1,22 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.misc;
+
+import com.android.org.bouncycastle.asn1.DERIA5String;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class NetscapeRevocationURL
+    extends DERIA5String
+{
+    public NetscapeRevocationURL(
+        DERIA5String str)
+    {
+        super(str.getString());
+    }
+
+    public String toString()
+    {
+        return "NetscapeRevocationURL: " + this.getString();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/misc/VerisignCzagExtension.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/misc/VerisignCzagExtension.java
new file mode 100644
index 0000000..c67c7ae
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/misc/VerisignCzagExtension.java

@@ -0,0 +1,22 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.misc;
+
+import com.android.org.bouncycastle.asn1.DERIA5String;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class VerisignCzagExtension
+    extends DERIA5String
+{
+    public VerisignCzagExtension(
+        DERIA5String str)
+    {
+        super(str.getString());
+    }
+
+    public String toString()
+    {
+        return "VerisignCzagExtension: " + this.getString();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/nist/NISTNamedCurves.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/nist/NISTNamedCurves.java
new file mode 100644
index 0000000..3e3e981
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/nist/NISTNamedCurves.java

@@ -0,0 +1,101 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.nist;
+
+import java.util.Enumeration;
+import java.util.Hashtable;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.sec.SECNamedCurves;
+import com.android.org.bouncycastle.asn1.sec.SECObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x9.X9ECParameters;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * Utility class for fetching curves using their NIST names as published in FIPS-PUB 186-3
+ * @hide This class is not part of the Android public SDK API
+ */
+public class NISTNamedCurves
+{
+    static final Hashtable objIds = new Hashtable();
+    static final Hashtable names = new Hashtable();
+
+    static void defineCurve(String name, ASN1ObjectIdentifier oid)
+    {
+        objIds.put(name, oid);
+        names.put(oid, name);
+    }
+
+    static
+    {
+        defineCurve("B-571", SECObjectIdentifiers.sect571r1);
+        defineCurve("B-409", SECObjectIdentifiers.sect409r1);
+        defineCurve("B-283", SECObjectIdentifiers.sect283r1);
+        defineCurve("B-233", SECObjectIdentifiers.sect233r1);
+        defineCurve("B-163", SECObjectIdentifiers.sect163r2);
+        defineCurve("K-571", SECObjectIdentifiers.sect571k1);
+        defineCurve("K-409", SECObjectIdentifiers.sect409k1);
+        defineCurve("K-283", SECObjectIdentifiers.sect283k1);
+        defineCurve("K-233", SECObjectIdentifiers.sect233k1);
+        defineCurve("K-163", SECObjectIdentifiers.sect163k1);
+        defineCurve("P-521", SECObjectIdentifiers.secp521r1);
+        defineCurve("P-384", SECObjectIdentifiers.secp384r1);
+        defineCurve("P-256", SECObjectIdentifiers.secp256r1);
+        defineCurve("P-224", SECObjectIdentifiers.secp224r1);
+        defineCurve("P-192", SECObjectIdentifiers.secp192r1);
+    }
+
+    public static X9ECParameters getByName(
+        String  name)
+    {
+        ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)objIds.get(Strings.toUpperCase(name));
+
+        if (oid != null)
+        {
+            return getByOID(oid);
+        }
+
+        return null;
+    }
+
+    /**
+     * return the X9ECParameters object for the named curve represented by
+     * the passed in object identifier. Null if the curve isn't present.
+     *
+     * @param oid an object identifier representing a named curve, if present.
+     */
+    public static X9ECParameters getByOID(
+        ASN1ObjectIdentifier  oid)
+    {
+        return SECNamedCurves.getByOID(oid);
+    }
+
+    /**
+     * return the object identifier signified by the passed in name. Null
+     * if there is no object identifier associated with name.
+     *
+     * @return the object identifier associated with name, if present.
+     */
+    public static ASN1ObjectIdentifier getOID(
+        String  name)
+    {
+        return (ASN1ObjectIdentifier)objIds.get(Strings.toUpperCase(name));
+    }
+
+    /**
+     * return the named curve name represented by the given object identifier.
+     */
+    public static String getName(
+        ASN1ObjectIdentifier  oid)
+    {
+        return (String)names.get(oid);
+    }
+
+    /**
+     * returns an enumeration containing the name strings for curves
+     * contained in this structure.
+     */
+    public static Enumeration getNames()
+    {
+        return objIds.keys();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/nist/NISTObjectIdentifiers.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/nist/NISTObjectIdentifiers.java
new file mode 100644
index 0000000..fc5adab
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/nist/NISTObjectIdentifiers.java

@@ -0,0 +1,155 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.nist;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+
+/**
+ *
+ * NIST:
+ *     iso/itu(2) joint-assign(16) us(840) organization(1) gov(101) csor(3) 
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface NISTObjectIdentifiers
+{
+    //
+    // nistalgorithms(4)
+    //
+    /** 2.16.840.1.101.3.4 -- algorithms */
+    static final ASN1ObjectIdentifier    nistAlgorithm           = new ASN1ObjectIdentifier("2.16.840.1.101.3.4");
+
+    /** 2.16.840.1.101.3.4.2 */
+    static final ASN1ObjectIdentifier    hashAlgs                = nistAlgorithm.branch("2");
+
+    /** 2.16.840.1.101.3.4.2.1 */
+    static final ASN1ObjectIdentifier    id_sha256               = hashAlgs.branch("1");
+    /** 2.16.840.1.101.3.4.2.2 */
+    static final ASN1ObjectIdentifier    id_sha384               = hashAlgs.branch("2");
+    /** 2.16.840.1.101.3.4.2.3 */
+    static final ASN1ObjectIdentifier    id_sha512               = hashAlgs.branch("3");
+    /** 2.16.840.1.101.3.4.2.4 */
+    static final ASN1ObjectIdentifier    id_sha224               = hashAlgs.branch("4");
+    /** 2.16.840.1.101.3.4.2.5 */
+    static final ASN1ObjectIdentifier    id_sha512_224           = hashAlgs.branch("5");
+    /** 2.16.840.1.101.3.4.2.6 */
+    static final ASN1ObjectIdentifier    id_sha512_256           = hashAlgs.branch("6");
+
+    /** 2.16.840.1.101.3.4.2.7 */
+    static final ASN1ObjectIdentifier    id_sha3_224 = hashAlgs.branch("7");
+    /** 2.16.840.1.101.3.4.2.8 */
+    static final ASN1ObjectIdentifier    id_sha3_256 = hashAlgs.branch("8");
+    /** 2.16.840.1.101.3.4.2.9 */
+    static final ASN1ObjectIdentifier    id_sha3_384 = hashAlgs.branch("9");
+    /** 2.16.840.1.101.3.4.2.10 */
+    static final ASN1ObjectIdentifier    id_sha3_512 = hashAlgs.branch("10");
+    /** 2.16.840.1.101.3.4.2.11 */
+    static final ASN1ObjectIdentifier    id_shake128 = hashAlgs.branch("11");
+    /** 2.16.840.1.101.3.4.2.12 */
+    static final ASN1ObjectIdentifier    id_shake256 = hashAlgs.branch("12");
+    /** 2.16.840.1.101.3.4.2.13 */
+    static final ASN1ObjectIdentifier    id_hmacWithSHA3_224 = hashAlgs.branch("13");
+    /** 2.16.840.1.101.3.4.2.14 */
+    static final ASN1ObjectIdentifier    id_hmacWithSHA3_256 = hashAlgs.branch("14");
+    /** 2.16.840.1.101.3.4.2.15 */
+    static final ASN1ObjectIdentifier    id_hmacWithSHA3_384 = hashAlgs.branch("15");
+    /** 2.16.840.1.101.3.4.2.16 */
+    static final ASN1ObjectIdentifier    id_hmacWithSHA3_512 = hashAlgs.branch("16");
+
+    /** 2.16.840.1.101.3.4.1 */
+    static final ASN1ObjectIdentifier    aes                     = nistAlgorithm.branch("1");
+    
+    /** 2.16.840.1.101.3.4.1.1 */
+    static final ASN1ObjectIdentifier    id_aes128_ECB           = aes.branch("1"); 
+    /** 2.16.840.1.101.3.4.1.2 */
+    static final ASN1ObjectIdentifier    id_aes128_CBC           = aes.branch("2");
+    /** 2.16.840.1.101.3.4.1.3 */
+    static final ASN1ObjectIdentifier    id_aes128_OFB           = aes.branch("3"); 
+    /** 2.16.840.1.101.3.4.1.4 */
+    static final ASN1ObjectIdentifier    id_aes128_CFB           = aes.branch("4"); 
+    /** 2.16.840.1.101.3.4.1.5 */
+    static final ASN1ObjectIdentifier    id_aes128_wrap          = aes.branch("5");
+    /** 2.16.840.1.101.3.4.1.6 */
+    static final ASN1ObjectIdentifier    id_aes128_GCM           = aes.branch("6");
+    /** 2.16.840.1.101.3.4.1.7 */
+    static final ASN1ObjectIdentifier    id_aes128_CCM           = aes.branch("7");
+    /** 2.16.840.1.101.3.4.1.28 */
+    static final ASN1ObjectIdentifier    id_aes128_wrap_pad      = aes.branch("8");
+
+    /** 2.16.840.1.101.3.4.1.21 */
+    static final ASN1ObjectIdentifier    id_aes192_ECB           = aes.branch("21"); 
+    /** 2.16.840.1.101.3.4.1.22 */
+    static final ASN1ObjectIdentifier    id_aes192_CBC           = aes.branch("22"); 
+    /** 2.16.840.1.101.3.4.1.23 */
+    static final ASN1ObjectIdentifier    id_aes192_OFB           = aes.branch("23"); 
+    /** 2.16.840.1.101.3.4.1.24 */
+    static final ASN1ObjectIdentifier    id_aes192_CFB           = aes.branch("24"); 
+    /** 2.16.840.1.101.3.4.1.25 */
+    static final ASN1ObjectIdentifier    id_aes192_wrap          = aes.branch("25");
+    /** 2.16.840.1.101.3.4.1.26 */
+    static final ASN1ObjectIdentifier    id_aes192_GCM           = aes.branch("26");
+    /** 2.16.840.1.101.3.4.1.27 */
+    static final ASN1ObjectIdentifier    id_aes192_CCM           = aes.branch("27");
+    /** 2.16.840.1.101.3.4.1.28 */
+    static final ASN1ObjectIdentifier    id_aes192_wrap_pad      = aes.branch("28");
+
+    /** 2.16.840.1.101.3.4.1.41 */
+    static final ASN1ObjectIdentifier    id_aes256_ECB           = aes.branch("41"); 
+    /** 2.16.840.1.101.3.4.1.42 */
+    static final ASN1ObjectIdentifier    id_aes256_CBC           = aes.branch("42");
+    /** 2.16.840.1.101.3.4.1.43 */
+    static final ASN1ObjectIdentifier    id_aes256_OFB           = aes.branch("43"); 
+    /** 2.16.840.1.101.3.4.1.44 */
+    static final ASN1ObjectIdentifier    id_aes256_CFB           = aes.branch("44"); 
+    /** 2.16.840.1.101.3.4.1.45 */
+    static final ASN1ObjectIdentifier    id_aes256_wrap          = aes.branch("45"); 
+    /** 2.16.840.1.101.3.4.1.46 */
+    static final ASN1ObjectIdentifier    id_aes256_GCM           = aes.branch("46");
+    /** 2.16.840.1.101.3.4.1.47 */
+    static final ASN1ObjectIdentifier    id_aes256_CCM           = aes.branch("47");
+    /** 2.16.840.1.101.3.4.1.48 */
+    static final ASN1ObjectIdentifier    id_aes256_wrap_pad      = aes.branch("48");
+
+    //
+    // signatures
+    //
+    /** 2.16.840.1.101.3.4.3 */
+    static final ASN1ObjectIdentifier    sigAlgs        = nistAlgorithm.branch("3");
+
+    static final ASN1ObjectIdentifier    id_dsa_with_sha2        = sigAlgs;
+
+    /** 2.16.840.1.101.3.4.3.1 */
+    static final ASN1ObjectIdentifier    dsa_with_sha224         = sigAlgs.branch("1");
+    /** 2.16.840.1.101.3.4.3.2 */
+    static final ASN1ObjectIdentifier    dsa_with_sha256         = sigAlgs.branch("2");
+    /** 2.16.840.1.101.3.4.3.3 */
+    static final ASN1ObjectIdentifier    dsa_with_sha384         = sigAlgs.branch("3");
+    /** 2.16.840.1.101.3.4.3.4 */
+    static final ASN1ObjectIdentifier    dsa_with_sha512         = sigAlgs.branch("4");
+    /** 2.16.840.1.101.3.4.3.5 */
+    static final ASN1ObjectIdentifier    id_dsa_with_sha3_224       = sigAlgs.branch("5");
+    /** 2.16.840.1.101.3.4.3.6 */
+    static final ASN1ObjectIdentifier    id_dsa_with_sha3_256       = sigAlgs.branch("6");
+    /** 2.16.840.1.101.3.4.3.7 */
+    static final ASN1ObjectIdentifier    id_dsa_with_sha3_384       = sigAlgs.branch("7");
+    /** 2.16.840.1.101.3.4.3.8 */
+    static final ASN1ObjectIdentifier    id_dsa_with_sha3_512       = sigAlgs.branch("8");
+
+    // ECDSA with SHA-3
+    /** 2.16.840.1.101.3.4.3.9 */
+    static final ASN1ObjectIdentifier    id_ecdsa_with_sha3_224       = sigAlgs.branch("9");
+    /** 2.16.840.1.101.3.4.3.10 */
+    static final ASN1ObjectIdentifier    id_ecdsa_with_sha3_256       = sigAlgs.branch("10");
+    /** 2.16.840.1.101.3.4.3.11 */
+    static final ASN1ObjectIdentifier    id_ecdsa_with_sha3_384       = sigAlgs.branch("11");
+    /** 2.16.840.1.101.3.4.3.12 */
+    static final ASN1ObjectIdentifier    id_ecdsa_with_sha3_512       = sigAlgs.branch("12");
+
+    // RSA PKCS #1 v1.5 Signature with SHA-3 family.
+    /** 2.16.840.1.101.3.4.3.9 */
+    static final ASN1ObjectIdentifier    id_rsassa_pkcs1_v1_5_with_sha3_224       = sigAlgs.branch("13");
+    /** 2.16.840.1.101.3.4.3.10 */
+    static final ASN1ObjectIdentifier    id_rsassa_pkcs1_v1_5_with_sha3_256       = sigAlgs.branch("14");
+    /** 2.16.840.1.101.3.4.3.11 */
+    static final ASN1ObjectIdentifier    id_rsassa_pkcs1_v1_5_with_sha3_384       = sigAlgs.branch("15");
+    /** 2.16.840.1.101.3.4.3.12 */
+    static final ASN1ObjectIdentifier    id_rsassa_pkcs1_v1_5_with_sha3_512       = sigAlgs.branch("16");
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/nsri/NSRIObjectIdentifiers.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/nsri/NSRIObjectIdentifiers.java
new file mode 100644
index 0000000..f31c29d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/nsri/NSRIObjectIdentifiers.java

@@ -0,0 +1,62 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.nsri;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface NSRIObjectIdentifiers
+{
+    ASN1ObjectIdentifier nsri = new ASN1ObjectIdentifier("1.2.410.200046");
+
+    ASN1ObjectIdentifier id_algorithm = nsri.branch("1");
+
+    ASN1ObjectIdentifier id_sea = id_algorithm.branch("1");
+    ASN1ObjectIdentifier id_pad = id_algorithm.branch("2");
+
+    ASN1ObjectIdentifier id_pad_null = id_algorithm.branch("0");
+    ASN1ObjectIdentifier id_pad_1 = id_algorithm.branch("1");
+
+    ASN1ObjectIdentifier id_aria128_ecb = id_sea.branch("1");
+    ASN1ObjectIdentifier id_aria128_cbc = id_sea.branch("2");
+    ASN1ObjectIdentifier id_aria128_cfb = id_sea.branch("3");
+    ASN1ObjectIdentifier id_aria128_ofb = id_sea.branch("4");
+    ASN1ObjectIdentifier id_aria128_ctr = id_sea.branch("5");
+
+    ASN1ObjectIdentifier id_aria192_ecb = id_sea.branch("6");
+    ASN1ObjectIdentifier id_aria192_cbc = id_sea.branch("7");
+    ASN1ObjectIdentifier id_aria192_cfb = id_sea.branch("8");
+    ASN1ObjectIdentifier id_aria192_ofb = id_sea.branch("9");
+    ASN1ObjectIdentifier id_aria192_ctr = id_sea.branch("10");
+
+    ASN1ObjectIdentifier id_aria256_ecb = id_sea.branch("11");
+    ASN1ObjectIdentifier id_aria256_cbc = id_sea.branch("12");
+    ASN1ObjectIdentifier id_aria256_cfb = id_sea.branch("13");
+    ASN1ObjectIdentifier id_aria256_ofb = id_sea.branch("14");
+    ASN1ObjectIdentifier id_aria256_ctr = id_sea.branch("15");
+
+    ASN1ObjectIdentifier id_aria128_cmac = id_sea.branch("21");
+    ASN1ObjectIdentifier id_aria192_cmac = id_sea.branch("22");
+    ASN1ObjectIdentifier id_aria256_cmac = id_sea.branch("23");
+
+    ASN1ObjectIdentifier id_aria128_ocb2 = id_sea.branch("31");
+    ASN1ObjectIdentifier id_aria192_ocb2 = id_sea.branch("32");
+    ASN1ObjectIdentifier id_aria256_ocb2 = id_sea.branch("33");
+
+    ASN1ObjectIdentifier id_aria128_gcm = id_sea.branch("34");
+    ASN1ObjectIdentifier id_aria192_gcm = id_sea.branch("35");
+    ASN1ObjectIdentifier id_aria256_gcm = id_sea.branch("36");
+
+    ASN1ObjectIdentifier id_aria128_ccm = id_sea.branch("37");
+    ASN1ObjectIdentifier id_aria192_ccm = id_sea.branch("38");
+    ASN1ObjectIdentifier id_aria256_ccm = id_sea.branch("39");
+
+    ASN1ObjectIdentifier id_aria128_kw = id_sea.branch("40");
+    ASN1ObjectIdentifier id_aria192_kw = id_sea.branch("41");
+    ASN1ObjectIdentifier id_aria256_kw = id_sea.branch("42");
+
+    ASN1ObjectIdentifier id_aria128_kwp = id_sea.branch("43");
+    ASN1ObjectIdentifier id_aria192_kwp = id_sea.branch("44");
+    ASN1ObjectIdentifier id_aria256_kwp = id_sea.branch("45");
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ntt/NTTObjectIdentifiers.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ntt/NTTObjectIdentifiers.java
new file mode 100644
index 0000000..a6a81b7
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ntt/NTTObjectIdentifiers.java

@@ -0,0 +1,27 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.ntt;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+
+/**
+ * From <a href="http://tools.ietf.org/html/rfc3657">RFC 3657</a>
+ * Use of the Camellia Encryption Algorithm
+ * in Cryptographic Message Syntax (CMS)
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface NTTObjectIdentifiers
+{
+    /** id-camellia128-cbc; OID 1.2.392.200011.61.1.1.1.2 */
+    static final ASN1ObjectIdentifier id_camellia128_cbc = new ASN1ObjectIdentifier("1.2.392.200011.61.1.1.1.2");
+    /** id-camellia192-cbc; OID 1.2.392.200011.61.1.1.1.3 */
+    static final ASN1ObjectIdentifier id_camellia192_cbc = new ASN1ObjectIdentifier("1.2.392.200011.61.1.1.1.3");
+    /** id-camellia256-cbc; OID 1.2.392.200011.61.1.1.1.4 */
+    static final ASN1ObjectIdentifier id_camellia256_cbc = new ASN1ObjectIdentifier("1.2.392.200011.61.1.1.1.4");
+
+    /** id-camellia128-wrap; OID 1.2.392.200011.61.1.1.3.2 */
+    static final ASN1ObjectIdentifier id_camellia128_wrap = new ASN1ObjectIdentifier("1.2.392.200011.61.1.1.3.2");
+    /** id-camellia192-wrap; OID 1.2.392.200011.61.1.1.3.3 */
+    static final ASN1ObjectIdentifier id_camellia192_wrap = new ASN1ObjectIdentifier("1.2.392.200011.61.1.1.3.3");
+    /** id-camellia256-wrap; OID 1.2.392.200011.61.1.1.3.4 */
+    static final ASN1ObjectIdentifier id_camellia256_wrap = new ASN1ObjectIdentifier("1.2.392.200011.61.1.1.3.4");
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/oiw/OIWObjectIdentifiers.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/oiw/OIWObjectIdentifiers.java
new file mode 100644
index 0000000..11e46b6
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/oiw/OIWObjectIdentifiers.java

@@ -0,0 +1,52 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.oiw;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+
+/**
+ * OIW organization's OIDs:
+ * <p>
+ * id-SHA1 OBJECT IDENTIFIER ::=    
+ *   {iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 }
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface OIWObjectIdentifiers
+{
+    /** OID: 1.3.14.3.2.2 */
+    static final ASN1ObjectIdentifier    md4WithRSA              = new ASN1ObjectIdentifier("1.3.14.3.2.2");
+    /** OID: 1.3.14.3.2.3 */
+    static final ASN1ObjectIdentifier    md5WithRSA              = new ASN1ObjectIdentifier("1.3.14.3.2.3");
+    /** OID: 1.3.14.3.2.4 */
+    static final ASN1ObjectIdentifier    md4WithRSAEncryption    = new ASN1ObjectIdentifier("1.3.14.3.2.4");
+    
+    /** OID: 1.3.14.3.2.6 */
+    static final ASN1ObjectIdentifier    desECB                  = new ASN1ObjectIdentifier("1.3.14.3.2.6");
+    /** OID: 1.3.14.3.2.7 */
+    static final ASN1ObjectIdentifier    desCBC                  = new ASN1ObjectIdentifier("1.3.14.3.2.7");
+    /** OID: 1.3.14.3.2.8 */
+    static final ASN1ObjectIdentifier    desOFB                  = new ASN1ObjectIdentifier("1.3.14.3.2.8");
+    /** OID: 1.3.14.3.2.9 */
+    static final ASN1ObjectIdentifier    desCFB                  = new ASN1ObjectIdentifier("1.3.14.3.2.9");
+
+    /** OID: 1.3.14.3.2.17 */
+    static final ASN1ObjectIdentifier    desEDE                  = new ASN1ObjectIdentifier("1.3.14.3.2.17");
+    
+    /** OID: 1.3.14.3.2.26 */
+    static final ASN1ObjectIdentifier    idSHA1                  = new ASN1ObjectIdentifier("1.3.14.3.2.26");
+
+    /** OID: 1.3.14.3.2.27 */
+    static final ASN1ObjectIdentifier    dsaWithSHA1             = new ASN1ObjectIdentifier("1.3.14.3.2.27");
+
+    /** OID: 1.3.14.3.2.29 */
+    static final ASN1ObjectIdentifier    sha1WithRSA             = new ASN1ObjectIdentifier("1.3.14.3.2.29");
+    
+    /**
+     * <pre>
+     * ElGamal Algorithm OBJECT IDENTIFIER ::=    
+     *   {iso(1) identified-organization(3) oiw(14) dirservsig(7) algorithm(2) encryption(1) 1 }
+     * </pre>
+     * OID: 1.3.14.7.2.1.1
+     */
+    static final ASN1ObjectIdentifier    elGamalAlgorithm        = new ASN1ObjectIdentifier("1.3.14.7.2.1.1");
+
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/Attribute.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/Attribute.java
new file mode 100644
index 0000000..2a3f3e9
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/Attribute.java

@@ -0,0 +1,92 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1Set;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class Attribute
+    extends ASN1Object
+{
+    private ASN1ObjectIdentifier attrType;
+    private ASN1Set              attrValues;
+
+    /**
+     * return an Attribute object from the given object.
+     *
+     * @param o the object we want converted.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     */
+    public static Attribute getInstance(
+        Object o)
+    {
+        if (o == null || o instanceof Attribute)
+        {
+            return (Attribute)o;
+        }
+        
+        if (o instanceof ASN1Sequence)
+        {
+            return new Attribute((ASN1Sequence)o);
+        }
+
+        throw new IllegalArgumentException("unknown object in factory: " + o.getClass().getName());
+    }
+    
+    public Attribute(
+        ASN1Sequence seq)
+    {
+        attrType = (ASN1ObjectIdentifier)seq.getObjectAt(0);
+        attrValues = (ASN1Set)seq.getObjectAt(1);
+    }
+
+    public Attribute(
+        ASN1ObjectIdentifier attrType,
+        ASN1Set             attrValues)
+    {
+        this.attrType = attrType;
+        this.attrValues = attrValues;
+    }
+
+    public ASN1ObjectIdentifier getAttrType()
+    {
+        return attrType;
+    }
+    
+    public ASN1Set getAttrValues()
+    {
+        return attrValues;
+    }
+
+    public ASN1Encodable[] getAttributeValues()
+    {
+        return attrValues.toArray();
+    }
+
+    /** 
+     * Produce an object suitable for an ASN1OutputStream.
+     * <pre>
+     * Attribute ::= SEQUENCE {
+     *     attrType OBJECT IDENTIFIER,
+     *     attrValues SET OF AttributeValue
+     * }
+     * </pre>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(attrType);
+        v.add(attrValues);
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/AuthenticatedSafe.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/AuthenticatedSafe.java
new file mode 100644
index 0000000..9f56717
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/AuthenticatedSafe.java

@@ -0,0 +1,87 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.BERSequence;
+import com.android.org.bouncycastle.asn1.DLSequence;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class AuthenticatedSafe
+    extends ASN1Object
+{
+    private ContentInfo[]    info;
+    private boolean  isBer = true;
+
+    private AuthenticatedSafe(
+        ASN1Sequence  seq)
+    {
+        info = new ContentInfo[seq.size()];
+
+        for (int i = 0; i != info.length; i++)
+        {
+            info[i] = ContentInfo.getInstance(seq.getObjectAt(i));
+        }
+
+        isBer = seq instanceof BERSequence;
+    }
+
+    public static AuthenticatedSafe getInstance(
+        Object o)
+    {
+        if (o instanceof AuthenticatedSafe)
+        {
+            return (AuthenticatedSafe)o;
+        }
+
+        if (o != null)
+        {
+            return new AuthenticatedSafe(ASN1Sequence.getInstance(o));
+        }
+
+        return null;
+    }
+
+    public AuthenticatedSafe(
+        ContentInfo[]       info)
+    {
+        this.info = copy(info);
+    }
+
+    public ContentInfo[] getContentInfo()
+    {
+        return copy(info);
+    }
+
+    private ContentInfo[] copy(ContentInfo[] infos)
+    {
+        ContentInfo[] tmp = new ContentInfo[infos.length];
+
+        System.arraycopy(infos, 0, tmp, 0, tmp.length);
+
+        return tmp;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        for (int i = 0; i != info.length; i++)
+        {
+            v.add(info[i]);
+        }
+
+        if (isBer)
+        {
+            return new BERSequence(v);
+        }
+        else
+        {
+            return new DLSequence(v);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/CRLBag.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/CRLBag.java
new file mode 100644
index 0000000..e1239fe
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/CRLBag.java

@@ -0,0 +1,88 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+
+/**
+ * CRL Bag for PKCS#12
+ * @hide This class is not part of the Android public SDK API
+ */
+public class CRLBag
+    extends ASN1Object
+{
+    private ASN1ObjectIdentifier crlId;
+    private ASN1Encodable crlValue;
+
+    private CRLBag(
+        ASN1Sequence seq)
+    {
+        this.crlId = (ASN1ObjectIdentifier)seq.getObjectAt(0);
+        this.crlValue = ((ASN1TaggedObject)seq.getObjectAt(1)).getObject();
+    }
+
+    public static CRLBag getInstance(Object o)
+    {
+        if (o instanceof CRLBag)
+        {
+            return (CRLBag)o;
+        }
+        else if (o != null)
+        {
+            return new CRLBag(ASN1Sequence.getInstance(o));
+        }
+
+        return null;
+    }
+
+    public CRLBag(
+        ASN1ObjectIdentifier crlId,
+        ASN1Encodable crlValue)
+    {
+        this.crlId = crlId;
+        this.crlValue = crlValue;
+    }
+
+    public ASN1ObjectIdentifier getCrlId()
+    {
+        return crlId;
+    }
+
+    public ASN1Encodable getCrlValue()
+    {
+        return crlValue;
+    }
+
+    /**
+     * <pre>
+     * CRLBag ::= SEQUENCE {
+     * crlId  BAG-TYPE.&amp;id ({CRLTypes}),
+     * crlValue  [0] EXPLICIT BAG-TYPE.&amp;Type ({CRLTypes}{&#64;crlId})
+     * }
+     *
+     * x509CRL BAG-TYPE ::= {OCTET STRING IDENTIFIED BY {certTypes 1}
+     * -- DER-encoded X.509 CRL stored in OCTET STRING
+	 *
+     * CRLTypes BAG-TYPE ::= {
+     * x509CRL,
+     * ... -- For future extensions
+     * }
+     * </pre>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        v.add(crlId);
+        v.add(new DERTaggedObject(0, crlValue));
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/CertBag.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/CertBag.java
new file mode 100644
index 0000000..7338256
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/CertBag.java

@@ -0,0 +1,70 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class CertBag
+    extends ASN1Object
+{
+    private ASN1ObjectIdentifier certId;
+    private ASN1Encodable certValue;
+
+    private CertBag(
+        ASN1Sequence    seq)
+    {
+        this.certId = (ASN1ObjectIdentifier)seq.getObjectAt(0);
+        this.certValue = ((DERTaggedObject)seq.getObjectAt(1)).getObject();
+    }
+
+    public static CertBag getInstance(Object o)
+    {
+        if (o instanceof CertBag)
+        {
+            return (CertBag)o;
+        }
+        else if (o != null)
+        {
+            return new CertBag(ASN1Sequence.getInstance(o));
+        }
+
+        return null;
+    }
+
+    public CertBag(
+        ASN1ObjectIdentifier certId,
+        ASN1Encodable        certValue)
+    {
+        this.certId = certId;
+        this.certValue = certValue;
+    }
+
+    public ASN1ObjectIdentifier getCertId()
+    {
+        return certId;
+    }
+
+    public ASN1Encodable getCertValue()
+    {
+        return certValue;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        v.add(certId);
+        v.add(new DERTaggedObject(0, certValue));
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/CertificationRequest.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/CertificationRequest.java
new file mode 100644
index 0000000..034b63d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/CertificationRequest.java

@@ -0,0 +1,96 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+
+/**
+ * PKCS10 Certification request object.
+ * <pre>
+ * CertificationRequest ::= SEQUENCE {
+ *   certificationRequestInfo  CertificationRequestInfo,
+ *   signatureAlgorithm        AlgorithmIdentifier{{ SignatureAlgorithms }},
+ *   signature                 BIT STRING
+ * }
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class CertificationRequest
+    extends ASN1Object
+{
+    protected CertificationRequestInfo reqInfo = null;
+    protected AlgorithmIdentifier sigAlgId = null;
+    protected DERBitString sigBits = null;
+
+    public static CertificationRequest getInstance(Object o)
+    {
+        if (o instanceof CertificationRequest)
+        {
+            return (CertificationRequest)o;
+        }
+
+        if (o != null)
+        {
+            return new CertificationRequest(ASN1Sequence.getInstance(o));
+        }
+
+        return null;
+    }
+
+    protected CertificationRequest()
+    {
+    }
+
+    public CertificationRequest(
+        CertificationRequestInfo requestInfo,
+        AlgorithmIdentifier     algorithm,
+        DERBitString            signature)
+    {
+        this.reqInfo = requestInfo;
+        this.sigAlgId = algorithm;
+        this.sigBits = signature;
+    }
+
+    /**
+     * @deprecated use getInstance()
+     */
+    public CertificationRequest(
+        ASN1Sequence seq)
+    {
+        reqInfo = CertificationRequestInfo.getInstance(seq.getObjectAt(0));
+        sigAlgId = AlgorithmIdentifier.getInstance(seq.getObjectAt(1));
+        sigBits = (DERBitString)seq.getObjectAt(2);
+    }
+
+    public CertificationRequestInfo getCertificationRequestInfo()
+    {
+        return reqInfo;
+    }
+
+    public AlgorithmIdentifier getSignatureAlgorithm()
+    {
+        return sigAlgId;
+    }
+
+    public DERBitString getSignature()
+    {
+        return sigBits;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        // Construct the CertificateRequest
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        v.add(reqInfo);
+        v.add(sigAlgId);
+        v.add(sigBits);
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/CertificationRequestInfo.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/CertificationRequestInfo.java
new file mode 100644
index 0000000..f97a309
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/CertificationRequestInfo.java

@@ -0,0 +1,186 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1Set;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import com.android.org.bouncycastle.asn1.x509.X509Name;
+
+/**
+ * PKCS10 CertificationRequestInfo object.
+ * <pre>
+ *  CertificationRequestInfo ::= SEQUENCE {
+ *   version             INTEGER { v1(0) } (v1,...),
+ *   subject             Name,
+ *   subjectPKInfo   SubjectPublicKeyInfo{{ PKInfoAlgorithms }},
+ *   attributes          [0] Attributes{{ CRIAttributes }}
+ *  }
+ *
+ *  Attributes { ATTRIBUTE:IOSet } ::= SET OF Attribute{{ IOSet }}
+ *
+ *  Attribute { ATTRIBUTE:IOSet } ::= SEQUENCE {
+ *    type    ATTRIBUTE.&amp;id({IOSet}),
+ *    values  SET SIZE(1..MAX) OF ATTRIBUTE.&amp;Type({IOSet}{\@type})
+ *  }
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class CertificationRequestInfo
+    extends ASN1Object
+{
+    ASN1Integer              version = new ASN1Integer(0);
+    X500Name                subject;
+    SubjectPublicKeyInfo    subjectPKInfo;
+    ASN1Set                 attributes = null;
+
+    public static CertificationRequestInfo getInstance(
+        Object  obj)
+    {
+        if (obj instanceof CertificationRequestInfo)
+        {
+            return (CertificationRequestInfo)obj;
+        }
+        else if (obj != null)
+        {
+            return new CertificationRequestInfo(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    /**
+     * Basic constructor.
+     * <p>
+     * Note: Early on a lot of CAs would only accept messages with attributes missing. As the ASN.1 def shows
+     * the attributes field is not optional so should always at least contain an empty set. If a fully compliant
+     * request is required, pass in an empty set, the class will otherwise interpret a null as it should
+     * encode the request with the field missing.
+     * </p>
+     *
+     * @param subject subject to be associated with the public key
+     * @param pkInfo public key to be associated with subject
+     * @param attributes any attributes to be associated with the request.
+     */
+    public CertificationRequestInfo(
+        X500Name                subject,
+        SubjectPublicKeyInfo    pkInfo,
+        ASN1Set                 attributes)
+    {
+        if ((subject == null) || (pkInfo == null))
+        {
+            throw new IllegalArgumentException("Not all mandatory fields set in CertificationRequestInfo generator.");
+        }
+
+        validateAttributes(attributes);
+
+        this.subject = subject;
+        this.subjectPKInfo = pkInfo;
+        this.attributes = attributes;
+    }
+
+    /**
+     * @deprecated use X500Name method.
+     */
+    public CertificationRequestInfo(
+        X509Name                subject,
+        SubjectPublicKeyInfo    pkInfo,
+        ASN1Set                 attributes)
+    {
+        this(X500Name.getInstance(subject.toASN1Primitive()), pkInfo, attributes);
+    }
+
+    /**
+     * @deprecated use getInstance().
+     */
+    public CertificationRequestInfo(
+        ASN1Sequence  seq)
+    {
+        version = (ASN1Integer)seq.getObjectAt(0);
+
+        subject = X500Name.getInstance(seq.getObjectAt(1));
+        subjectPKInfo = SubjectPublicKeyInfo.getInstance(seq.getObjectAt(2));
+
+        //
+        // some CertificationRequestInfo objects seem to treat this field
+        // as optional.
+        //
+        if (seq.size() > 3)
+        {
+            ASN1TaggedObject tagobj = (ASN1TaggedObject)seq.getObjectAt(3);
+            attributes = ASN1Set.getInstance(tagobj, false);
+        }
+
+        validateAttributes(attributes);
+
+        if ((subject == null) || (version == null) || (subjectPKInfo == null))
+        {
+            throw new IllegalArgumentException("Not all mandatory fields set in CertificationRequestInfo generator.");
+        }
+    }
+
+    public ASN1Integer getVersion()
+    {
+        return version;
+    }
+
+    public X500Name getSubject()
+    {
+        return subject;
+    }
+
+    public SubjectPublicKeyInfo getSubjectPublicKeyInfo()
+    {
+        return subjectPKInfo;
+    }
+
+    public ASN1Set getAttributes()
+    {
+        return attributes;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        v.add(version);
+        v.add(subject);
+        v.add(subjectPKInfo);
+
+        if (attributes != null)
+        {
+            v.add(new DERTaggedObject(false, 0, attributes));
+        }
+
+        return new DERSequence(v);
+    }
+
+    private static void validateAttributes(ASN1Set attributes)
+    {
+        if (attributes == null)
+        {
+            return;
+        }
+
+        for (Enumeration en = attributes.getObjects(); en.hasMoreElements();)
+        {
+            Attribute attr = Attribute.getInstance(en.nextElement());
+            if (attr.getAttrType().equals(PKCSObjectIdentifiers.pkcs_9_at_challengePassword))
+            {
+                if (attr.getAttrValues().size() != 1)
+                {
+                    throw new IllegalArgumentException("challengePassword attribute must have one value");
+                }
+            }
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/ContentInfo.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/ContentInfo.java
new file mode 100644
index 0000000..8568cc5
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/ContentInfo.java

@@ -0,0 +1,106 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.BERSequence;
+import com.android.org.bouncycastle.asn1.BERTaggedObject;
+import com.android.org.bouncycastle.asn1.DLSequence;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ContentInfo
+    extends ASN1Object
+    implements PKCSObjectIdentifiers
+{
+    private ASN1ObjectIdentifier contentType;
+    private ASN1Encodable content;
+    private boolean       isBer = true;
+
+    public static ContentInfo getInstance(
+        Object  obj)
+    {
+        if (obj instanceof ContentInfo)
+        {
+            return (ContentInfo)obj;
+        }
+
+        if (obj != null)
+        {
+            return new ContentInfo(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    private ContentInfo(
+        ASN1Sequence  seq)
+    {
+        Enumeration   e = seq.getObjects();
+
+        contentType = (ASN1ObjectIdentifier)e.nextElement();
+
+        if (e.hasMoreElements())
+        {
+            content = ((ASN1TaggedObject)e.nextElement()).getObject();
+        }
+
+        isBer = seq instanceof BERSequence;
+    }
+
+    public ContentInfo(
+        ASN1ObjectIdentifier contentType,
+        ASN1Encodable content)
+    {
+        this.contentType = contentType;
+        this.content = content;
+    }
+
+    public ASN1ObjectIdentifier getContentType()
+    {
+        return contentType;
+    }
+
+    public ASN1Encodable getContent()
+    {
+        return content;
+    }
+
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     * <pre>
+     * ContentInfo ::= SEQUENCE {
+     *          contentType ContentType,
+     *          content
+     *          [0] EXPLICIT ANY DEFINED BY contentType OPTIONAL }
+     * </pre>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(contentType);
+
+        if (content != null)
+        {
+            v.add(new BERTaggedObject(true, 0, content));
+        }
+
+        if (isBer)
+        {
+            return new BERSequence(v);
+        }
+        else
+        {
+            return new DLSequence(v);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/DHParameter.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/DHParameter.java
new file mode 100644
index 0000000..d238173
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/DHParameter.java

@@ -0,0 +1,108 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import java.math.BigInteger;
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DHParameter
+    extends ASN1Object
+{
+    ASN1Integer      p, g, l;
+
+    public DHParameter(
+        BigInteger  p,
+        BigInteger  g,
+        int         l)
+    {
+        this.p = new ASN1Integer(p);
+        this.g = new ASN1Integer(g);
+
+        if (l != 0)
+        {
+            this.l = new ASN1Integer(l);
+        }
+        else
+        {
+            this.l = null;
+        }
+    }
+
+    public static DHParameter getInstance(
+        Object  obj)
+    {
+        if (obj instanceof DHParameter)
+        {
+            return (DHParameter)obj;
+        }
+
+        if (obj != null)
+        {
+            return new DHParameter(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    private DHParameter(
+        ASN1Sequence  seq)
+    {
+        Enumeration     e = seq.getObjects();
+
+        p = ASN1Integer.getInstance(e.nextElement());
+        g = ASN1Integer.getInstance(e.nextElement());
+
+        if (e.hasMoreElements())
+        {
+            l = (ASN1Integer)e.nextElement();
+        }
+        else
+        {
+            l = null;
+        }
+    }
+
+    public BigInteger getP()
+    {
+        return p.getPositiveValue();
+    }
+
+    public BigInteger getG()
+    {
+        return g.getPositiveValue();
+    }
+
+    public BigInteger getL()
+    {
+        if (l == null)
+        {
+            return null;
+        }
+
+        return l.getPositiveValue();
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        v.add(p);
+        v.add(g);
+
+        if (this.getL() != null)
+        {
+            v.add(l);
+        }
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/EncryptedData.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/EncryptedData.java
new file mode 100644
index 0000000..108e5bf
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/EncryptedData.java

@@ -0,0 +1,115 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.BERSequence;
+import com.android.org.bouncycastle.asn1.BERTaggedObject;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+
+/**
+ * The EncryptedData object.
+ * <pre>
+ *      EncryptedData ::= SEQUENCE {
+ *           version Version,
+ *           encryptedContentInfo EncryptedContentInfo
+ *      }
+ *
+ *
+ *      EncryptedContentInfo ::= SEQUENCE {
+ *          contentType ContentType,
+ *          contentEncryptionAlgorithm  ContentEncryptionAlgorithmIdentifier,
+ *          encryptedContent [0] IMPLICIT EncryptedContent OPTIONAL
+ *    }
+ *
+ *    EncryptedContent ::= OCTET STRING
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class EncryptedData
+    extends ASN1Object
+{
+    ASN1Sequence                data;
+
+    public static EncryptedData getInstance(
+         Object  obj)
+    {
+         if (obj instanceof EncryptedData)
+         {
+             return (EncryptedData)obj;
+         }
+
+         if (obj != null)
+         {
+             return new EncryptedData(ASN1Sequence.getInstance(obj));
+         }
+
+         return null;
+    }
+     
+    private EncryptedData(
+        ASN1Sequence seq)
+    {
+        int version = ((ASN1Integer)seq.getObjectAt(0)).getValue().intValue();
+
+        if (version != 0)
+        {
+            throw new IllegalArgumentException("sequence not version 0");
+        }
+
+        this.data = ASN1Sequence.getInstance(seq.getObjectAt(1));
+    }
+
+    public EncryptedData(
+        ASN1ObjectIdentifier contentType,
+        AlgorithmIdentifier     encryptionAlgorithm,
+        ASN1Encodable content)
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(contentType);
+        v.add(encryptionAlgorithm.toASN1Primitive());
+        v.add(new BERTaggedObject(false, 0, content));
+
+        data = new BERSequence(v);
+    }
+        
+    public ASN1ObjectIdentifier getContentType()
+    {
+        return ASN1ObjectIdentifier.getInstance(data.getObjectAt(0));
+    }
+
+    public AlgorithmIdentifier getEncryptionAlgorithm()
+    {
+        return AlgorithmIdentifier.getInstance(data.getObjectAt(1));
+    }
+
+    public ASN1OctetString getContent()
+    {
+        if (data.size() == 3)
+        {
+            ASN1TaggedObject o = ASN1TaggedObject.getInstance(data.getObjectAt(2));
+
+            return ASN1OctetString.getInstance(o, false);
+        }
+
+        return null;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(new ASN1Integer(0));
+        v.add(data);
+
+        return new BERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/EncryptedPrivateKeyInfo.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/EncryptedPrivateKeyInfo.java
new file mode 100644
index 0000000..fe92da5
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/EncryptedPrivateKeyInfo.java

@@ -0,0 +1,90 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class EncryptedPrivateKeyInfo
+    extends ASN1Object
+{
+    private AlgorithmIdentifier algId;
+    private ASN1OctetString     data;
+
+    private EncryptedPrivateKeyInfo(
+        ASN1Sequence  seq)
+    {
+        Enumeration e = seq.getObjects();
+
+        algId = AlgorithmIdentifier.getInstance(e.nextElement());
+        data = ASN1OctetString.getInstance(e.nextElement());
+    }
+
+    public EncryptedPrivateKeyInfo(
+        AlgorithmIdentifier algId,
+        byte[]              encoding)
+    {
+        this.algId = algId;
+        this.data = new DEROctetString(encoding);
+    }
+
+    public static EncryptedPrivateKeyInfo getInstance(
+        Object  obj)
+    {
+        if (obj instanceof EncryptedPrivateKeyInfo)
+        {
+            return (EncryptedPrivateKeyInfo)obj;
+        }
+        else if (obj != null)
+        { 
+            return new EncryptedPrivateKeyInfo(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+    
+    public AlgorithmIdentifier getEncryptionAlgorithm()
+    {
+        return algId;
+    }
+
+    public byte[] getEncryptedData()
+    {
+        return data.getOctets();
+    }
+
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     * <pre>
+     * EncryptedPrivateKeyInfo ::= SEQUENCE {
+     *      encryptionAlgorithm AlgorithmIdentifier {{KeyEncryptionAlgorithms}},
+     *      encryptedData EncryptedData
+     * }
+     *
+     * EncryptedData ::= OCTET STRING
+     *
+     * KeyEncryptionAlgorithms ALGORITHM-IDENTIFIER ::= {
+     *          ... -- For local profiles
+     * }
+     * </pre>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(algId);
+        v.add(data);
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/EncryptionScheme.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/EncryptionScheme.java
new file mode 100644
index 0000000..7c61ef3
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/EncryptionScheme.java

@@ -0,0 +1,66 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class EncryptionScheme
+    extends ASN1Object
+{
+    private AlgorithmIdentifier algId;
+
+    public EncryptionScheme(
+        ASN1ObjectIdentifier objectId)
+    {
+        this.algId = new AlgorithmIdentifier(objectId);
+    }
+
+    public EncryptionScheme(
+        ASN1ObjectIdentifier objectId,
+        ASN1Encodable parameters)
+    {
+        this.algId = new AlgorithmIdentifier(objectId, parameters);
+    }
+
+    private EncryptionScheme(
+        ASN1Sequence  seq)
+    {   
+        this.algId = AlgorithmIdentifier.getInstance(seq);
+    }
+
+    public static EncryptionScheme getInstance(Object obj)
+    {
+        if (obj instanceof EncryptionScheme)
+        {
+            return (EncryptionScheme)obj;
+        }
+        else if (obj != null)
+        {
+            return new EncryptionScheme(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    public ASN1ObjectIdentifier getAlgorithm()
+    {
+        return algId.getAlgorithm();
+    }
+
+    public ASN1Encodable getParameters()
+    {
+        return algId.getParameters();
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        return algId.toASN1Primitive();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/IssuerAndSerialNumber.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/IssuerAndSerialNumber.java
new file mode 100644
index 0000000..e547468
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/IssuerAndSerialNumber.java

@@ -0,0 +1,89 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+import com.android.org.bouncycastle.asn1.x509.X509Name;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class IssuerAndSerialNumber
+    extends ASN1Object
+{
+    X500Name name;
+    ASN1Integer  certSerialNumber;
+
+    public static IssuerAndSerialNumber getInstance(
+        Object  obj)
+    {
+        if (obj instanceof IssuerAndSerialNumber)
+        {
+            return (IssuerAndSerialNumber)obj;
+        }
+        else if (obj != null)
+        {
+            return new IssuerAndSerialNumber(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    private IssuerAndSerialNumber(
+        ASN1Sequence    seq)
+    {
+        this.name = X500Name.getInstance(seq.getObjectAt(0));
+        this.certSerialNumber = (ASN1Integer)seq.getObjectAt(1);
+    }
+
+    public IssuerAndSerialNumber(
+        X509Name    name,
+        BigInteger  certSerialNumber)
+    {
+        this.name = X500Name.getInstance(name.toASN1Primitive());
+        this.certSerialNumber = new ASN1Integer(certSerialNumber);
+    }
+
+    public IssuerAndSerialNumber(
+        X509Name    name,
+        ASN1Integer  certSerialNumber)
+    {
+        this.name = X500Name.getInstance(name.toASN1Primitive());
+        this.certSerialNumber = certSerialNumber;
+    }
+
+    public IssuerAndSerialNumber(
+        X500Name    name,
+        BigInteger  certSerialNumber)
+    {
+        this.name = name;
+        this.certSerialNumber = new ASN1Integer(certSerialNumber);
+    }
+
+    public X500Name getName()
+    {
+        return name;
+    }
+
+    public ASN1Integer getCertificateSerialNumber()
+    {
+        return certSerialNumber;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector    v = new ASN1EncodableVector();
+
+        v.add(name);
+        v.add(certSerialNumber);
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/KeyDerivationFunc.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/KeyDerivationFunc.java
new file mode 100644
index 0000000..ce574d7
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/KeyDerivationFunc.java

@@ -0,0 +1,60 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class KeyDerivationFunc
+    extends ASN1Object
+{
+    private AlgorithmIdentifier algId;
+
+    public KeyDerivationFunc(
+        ASN1ObjectIdentifier objectId,
+        ASN1Encodable parameters)
+    {
+        this.algId = new AlgorithmIdentifier(objectId, parameters);
+    }
+
+    private KeyDerivationFunc(
+        ASN1Sequence seq)
+    {
+        this.algId = AlgorithmIdentifier.getInstance(seq);
+    }
+
+    public static KeyDerivationFunc getInstance(Object obj)
+    {
+        if (obj instanceof KeyDerivationFunc)
+        {
+            return (KeyDerivationFunc)obj;
+        }
+        else if (obj != null)
+        {
+            return new KeyDerivationFunc(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    public ASN1ObjectIdentifier getAlgorithm()
+    {
+        return algId.getAlgorithm();
+    }
+
+    public ASN1Encodable getParameters()
+    {
+        return algId.getParameters();
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        return algId.toASN1Primitive();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/MacData.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/MacData.java
new file mode 100644
index 0000000..0171ae8
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/MacData.java

@@ -0,0 +1,111 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.x509.DigestInfo;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class MacData
+    extends ASN1Object
+{
+    private static final BigInteger ONE = BigInteger.valueOf(1);
+
+    DigestInfo                  digInfo;
+    byte[]                      salt;
+    BigInteger                  iterationCount;
+
+    public static MacData getInstance(
+        Object  obj)
+    {
+        if (obj instanceof MacData)
+        {
+            return (MacData)obj;
+        }
+        else if (obj != null)
+        {
+            return new MacData(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    private MacData(
+        ASN1Sequence seq)
+    {
+        this.digInfo = DigestInfo.getInstance(seq.getObjectAt(0));
+
+        this.salt = Arrays.clone(ASN1OctetString.getInstance(seq.getObjectAt(1)).getOctets());
+
+        if (seq.size() == 3)
+        {
+            this.iterationCount = ASN1Integer.getInstance(seq.getObjectAt(2)).getValue();
+        }
+        else
+        {
+            this.iterationCount = ONE;
+        }
+    }
+
+    public MacData(
+        DigestInfo  digInfo,
+        byte[]      salt,
+        int         iterationCount)
+    {
+        this.digInfo = digInfo;
+        this.salt = Arrays.clone(salt);
+        this.iterationCount = BigInteger.valueOf(iterationCount);
+    }
+
+    public DigestInfo getMac()
+    {
+        return digInfo;
+    }
+
+    public byte[] getSalt()
+    {
+        return Arrays.clone(salt);
+    }
+
+    public BigInteger getIterationCount()
+    {
+        return iterationCount;
+    }
+
+    /**
+     * <pre>
+     * MacData ::= SEQUENCE {
+     *     mac      DigestInfo,
+     *     macSalt  OCTET STRING,
+     *     iterations INTEGER DEFAULT 1
+     *     -- Note: The default is for historic reasons and its use is deprecated. A
+     *     -- higher value, like 1024 is recommended.
+     * </pre>
+     * @return the basic ASN1Primitive construction.
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        v.add(digInfo);
+        v.add(new DEROctetString(salt));
+        
+        if (!iterationCount.equals(ONE))
+        {
+            v.add(new ASN1Integer(iterationCount));
+        }
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/PBEParameter.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/PBEParameter.java
new file mode 100644
index 0000000..f3c6766
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/PBEParameter.java

@@ -0,0 +1,77 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PBEParameter
+    extends ASN1Object
+{
+    ASN1Integer      iterations;
+    ASN1OctetString salt;
+
+    public PBEParameter(
+        byte[]      salt,
+        int         iterations)
+    {
+        if (salt.length != 8)
+        {
+            throw new IllegalArgumentException("salt length must be 8");
+        }
+        this.salt = new DEROctetString(salt);
+        this.iterations = new ASN1Integer(iterations);
+    }
+
+    private PBEParameter(
+        ASN1Sequence  seq)
+    {
+        salt = (ASN1OctetString)seq.getObjectAt(0);
+        iterations = (ASN1Integer)seq.getObjectAt(1);
+    }
+
+    public static PBEParameter getInstance(
+        Object  obj)
+    {
+        if (obj instanceof PBEParameter)
+        {
+            return (PBEParameter)obj;
+        }
+        else if (obj != null)
+        {
+            return new PBEParameter(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    public BigInteger getIterationCount()
+    {
+        return iterations.getValue();
+    }
+
+    public byte[] getSalt()
+    {
+        return salt.getOctets();
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        v.add(salt);
+        v.add(iterations);
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/PBES2Parameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/PBES2Parameters.java
new file mode 100644
index 0000000..fb631f7
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/PBES2Parameters.java

@@ -0,0 +1,81 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PBES2Parameters
+    extends ASN1Object
+    implements PKCSObjectIdentifiers
+{
+    private KeyDerivationFunc func;
+    private EncryptionScheme scheme;
+
+    public static PBES2Parameters getInstance(
+        Object  obj)
+    {
+        if (obj instanceof PBES2Parameters)
+        {
+            return (PBES2Parameters)obj;
+        }
+        if (obj != null)
+        {
+            return new PBES2Parameters(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    public PBES2Parameters(KeyDerivationFunc keyDevFunc, EncryptionScheme encScheme)
+    {
+        this.func = keyDevFunc;
+        this.scheme = encScheme;
+    }
+
+    private PBES2Parameters(
+        ASN1Sequence  obj)
+    {
+        Enumeration e = obj.getObjects();
+        ASN1Sequence  funcSeq = ASN1Sequence.getInstance(((ASN1Encodable)e.nextElement()).toASN1Primitive());
+
+        if (funcSeq.getObjectAt(0).equals(id_PBKDF2))
+        {
+            func = new KeyDerivationFunc(id_PBKDF2, PBKDF2Params.getInstance(funcSeq.getObjectAt(1)));
+        }
+        else
+        {
+            func = KeyDerivationFunc.getInstance(funcSeq);
+        }
+
+        scheme = EncryptionScheme.getInstance(e.nextElement());
+    }
+
+    public KeyDerivationFunc getKeyDerivationFunc()
+    {
+        return func;
+    }
+
+    public EncryptionScheme getEncryptionScheme()
+    {
+        return scheme;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        v.add(func);
+        v.add(scheme);
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/PBKDF2Params.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/PBKDF2Params.java
new file mode 100644
index 0000000..5049077
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/PBKDF2Params.java

@@ -0,0 +1,265 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import java.math.BigInteger;
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DERNull;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * <pre>
+ *     PBKDF2-params ::= SEQUENCE {
+ *               salt CHOICE {
+ *                      specified OCTET STRING,
+ *                      otherSource AlgorithmIdentifier {{PBKDF2-SaltSources}}
+ *               },
+ *              iterationCount INTEGER (1..MAX),
+ *              keyLength INTEGER (1..MAX) OPTIONAL,
+ *              prf AlgorithmIdentifier {{PBKDF2-PRFs}} DEFAULT algid-hmacWithSHA1 }
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PBKDF2Params
+    extends ASN1Object
+{
+    private static final AlgorithmIdentifier algid_hmacWithSHA1 = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_hmacWithSHA1, DERNull.INSTANCE);
+
+    private final ASN1OctetString octStr;
+    private final ASN1Integer iterationCount;
+    private final ASN1Integer keyLength;
+    private final AlgorithmIdentifier prf;
+
+    /**
+     * Create PBKDF2Params from the passed in object,
+     *
+     * @param obj either PBKDF2Params or an ASN1Sequence.
+     * @return a PBKDF2Params instance.
+     */
+    public static PBKDF2Params getInstance(
+        Object obj)
+    {
+        if (obj instanceof PBKDF2Params)
+        {
+            return (PBKDF2Params)obj;
+        }
+
+        if (obj != null)
+        {
+            return new PBKDF2Params(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    /**
+     * Create a PBKDF2Params with the specified salt, iteration count, and algid-hmacWithSHA1 for the prf.
+     *
+     * @param salt           input salt.
+     * @param iterationCount input iteration count.
+     */
+    public PBKDF2Params(
+        byte[] salt,
+        int iterationCount)
+    {
+        this(salt, iterationCount, 0);
+    }
+
+    /**
+     * Create a PBKDF2Params with the specified salt, iteration count, keyLength, and algid-hmacWithSHA1 for the prf.
+     *
+     * @param salt           input salt.
+     * @param iterationCount input iteration count.
+     * @param keyLength      intended key length to be produced.
+     */
+    public PBKDF2Params(
+        byte[] salt,
+        int iterationCount,
+        int keyLength)
+    {
+        this(salt, iterationCount, keyLength, null);
+    }
+
+    /**
+     * Create a PBKDF2Params with the specified salt, iteration count, keyLength, and a defined prf.
+     *
+     * @param salt           input salt.
+     * @param iterationCount input iteration count.
+     * @param keyLength      intended key length to be produced.
+     * @param prf            the pseudo-random function to use.
+     */
+    public PBKDF2Params(
+        byte[] salt,
+        int iterationCount,
+        int keyLength,
+        AlgorithmIdentifier prf)
+    {
+        this.octStr = new DEROctetString(Arrays.clone(salt));
+        this.iterationCount = new ASN1Integer(iterationCount);
+
+        if (keyLength > 0)
+        {
+            this.keyLength = new ASN1Integer(keyLength);
+        }
+        else
+        {
+            this.keyLength = null;
+        }
+
+        this.prf = prf;
+    }
+
+    /**
+     * Create a PBKDF2Params with the specified salt, iteration count, and a defined prf.
+     *
+     * @param salt           input salt.
+     * @param iterationCount input iteration count.
+     * @param prf            the pseudo-random function to use.
+     */
+    public PBKDF2Params(
+        byte[] salt,
+        int iterationCount,
+        AlgorithmIdentifier prf)
+    {
+        this(salt, iterationCount, 0, prf);
+    }
+
+    private PBKDF2Params(
+        ASN1Sequence seq)
+    {
+        Enumeration e = seq.getObjects();
+
+        octStr = (ASN1OctetString)e.nextElement();
+        iterationCount = (ASN1Integer)e.nextElement();
+
+        if (e.hasMoreElements())
+        {
+            Object o = e.nextElement();
+
+            if (o instanceof ASN1Integer)
+            {
+                keyLength = ASN1Integer.getInstance(o);
+                if (e.hasMoreElements())
+                {
+                    o = e.nextElement();
+                }
+                else
+                {
+                    o = null;
+                }
+            }
+            else
+            {
+                keyLength = null;
+            }
+
+            if (o != null)
+            {
+                prf = AlgorithmIdentifier.getInstance(o);
+            }
+            else
+            {
+                prf = null;
+            }
+        }
+        else
+        {
+            keyLength = null;
+            prf = null;
+        }
+    }
+
+    /**
+     * Return the salt to use.
+     *
+     * @return the input salt.
+     */
+    public byte[] getSalt()
+    {
+        return octStr.getOctets();
+    }
+
+    /**
+     * Return the iteration count to use.
+     *
+     * @return the input iteration count.
+     */
+    public BigInteger getIterationCount()
+    {
+        return iterationCount.getValue();
+    }
+
+    /**
+     * Return the intended length in octets of the derived key.
+     *
+     * @return length in octets for derived key, if specified.
+     */
+    public BigInteger getKeyLength()
+    {
+        if (keyLength != null)
+        {
+            return keyLength.getValue();
+        }
+
+        return null;
+    }
+
+    /**
+     * Return true if the PRF is the default (hmacWithSHA1)
+     *
+     * @return true if PRF is default, false otherwise.
+     */
+    public boolean isDefaultPrf()
+    {
+        return prf == null || prf.equals(algid_hmacWithSHA1);
+    }
+
+    /**
+     * Return the algId of the underlying pseudo random function to use.
+     *
+     * @return the prf algorithm identifier.
+     */
+    public AlgorithmIdentifier getPrf()
+    {
+        if (prf != null)
+        {
+            return prf;
+        }
+
+        return algid_hmacWithSHA1;
+    }
+
+    /**
+     * Return an ASN.1 structure suitable for encoding.
+     *
+     * @return the object as an ASN.1 encodable structure.
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(octStr);
+        v.add(iterationCount);
+
+        if (keyLength != null)
+        {
+            v.add(keyLength);
+        }
+
+        if (prf != null && !prf.equals(algid_hmacWithSHA1))
+        {
+            v.add(prf);
+        }
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/PKCS12PBEParams.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/PKCS12PBEParams.java
new file mode 100644
index 0000000..2166413
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/PKCS12PBEParams.java

@@ -0,0 +1,73 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PKCS12PBEParams
+    extends ASN1Object
+{
+    ASN1Integer      iterations;
+    ASN1OctetString iv;
+
+    public PKCS12PBEParams(
+        byte[]      salt,
+        int         iterations)
+    {
+        this.iv = new DEROctetString(salt);
+        this.iterations = new ASN1Integer(iterations);
+    }
+
+    private PKCS12PBEParams(
+        ASN1Sequence  seq)
+    {
+        iv = (ASN1OctetString)seq.getObjectAt(0);
+        iterations = ASN1Integer.getInstance(seq.getObjectAt(1));
+    }
+
+    public static PKCS12PBEParams getInstance(
+        Object  obj)
+    {
+        if (obj instanceof PKCS12PBEParams)
+        {
+            return (PKCS12PBEParams)obj;
+        }
+        else if (obj != null)
+        {
+            return new PKCS12PBEParams(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    public BigInteger getIterations()
+    {
+        return iterations.getValue();
+    }
+
+    public byte[] getIV()
+    {
+        return iv.getOctets();
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        v.add(iv);
+        v.add(iterations);
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java
new file mode 100644
index 0000000..98155aa
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/PKCSObjectIdentifiers.java

@@ -0,0 +1,441 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+
+/**
+ * pkcs-1 OBJECT IDENTIFIER ::=<p>
+ *   { iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 1 }
+ * @hide This class is not part of the Android public SDK API
+ *
+ */
+@libcore.api.CorePlatformApi
+public interface PKCSObjectIdentifiers
+{
+    /** PKCS#1: 1.2.840.113549.1.1 */
+    ASN1ObjectIdentifier    pkcs_1                    = new ASN1ObjectIdentifier("1.2.840.113549.1.1");
+    /** PKCS#1: 1.2.840.113549.1.1.1 */
+    ASN1ObjectIdentifier    rsaEncryption             = pkcs_1.branch("1");
+    // BEGIN Android-removed: MD2 and MD4 are unsupported
+    /*
+    /** PKCS#1: 1.2.840.113549.1.1.2 *
+    ASN1ObjectIdentifier    md2WithRSAEncryption      = pkcs_1.branch("2");
+    /** PKCS#1: 1.2.840.113549.1.1.3 *
+    ASN1ObjectIdentifier    md4WithRSAEncryption      = pkcs_1.branch("3");
+    */
+    // END Android-removed: MD2 and MD4 are unsupported
+    /** PKCS#1: 1.2.840.113549.1.1.4 */
+    ASN1ObjectIdentifier    md5WithRSAEncryption      = pkcs_1.branch("4");
+    /** PKCS#1: 1.2.840.113549.1.1.5 */
+    ASN1ObjectIdentifier    sha1WithRSAEncryption     = pkcs_1.branch("5");
+    /** PKCS#1: 1.2.840.113549.1.1.6 */
+    ASN1ObjectIdentifier    srsaOAEPEncryptionSET     = pkcs_1.branch("6");
+    /** PKCS#1: 1.2.840.113549.1.1.7 */
+    ASN1ObjectIdentifier    id_RSAES_OAEP             = pkcs_1.branch("7");
+    /** PKCS#1: 1.2.840.113549.1.1.8 */
+    ASN1ObjectIdentifier    id_mgf1                   = pkcs_1.branch("8");
+    /** PKCS#1: 1.2.840.113549.1.1.9 */
+    ASN1ObjectIdentifier    id_pSpecified             = pkcs_1.branch("9");
+    /** PKCS#1: 1.2.840.113549.1.1.10 */
+    ASN1ObjectIdentifier    id_RSASSA_PSS             = pkcs_1.branch("10");
+    /** PKCS#1: 1.2.840.113549.1.1.11 */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    ASN1ObjectIdentifier    sha256WithRSAEncryption   = pkcs_1.branch("11");
+    /** PKCS#1: 1.2.840.113549.1.1.12 */
+    ASN1ObjectIdentifier    sha384WithRSAEncryption   = pkcs_1.branch("12");
+    /** PKCS#1: 1.2.840.113549.1.1.13 */
+    ASN1ObjectIdentifier    sha512WithRSAEncryption   = pkcs_1.branch("13");
+    /** PKCS#1: 1.2.840.113549.1.1.14 */
+    ASN1ObjectIdentifier    sha224WithRSAEncryption   = pkcs_1.branch("14");
+    /** PKCS#1: 1.2.840.113549.1.1.15 */
+    ASN1ObjectIdentifier    sha512_224WithRSAEncryption   = pkcs_1.branch("15");
+    /** PKCS#1: 1.2.840.113549.1.1.16 */
+    ASN1ObjectIdentifier    sha512_256WithRSAEncryption   = pkcs_1.branch("16");
+
+    //
+    // pkcs-3 OBJECT IDENTIFIER ::= {
+    //       iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 3 }
+    //
+    /** PKCS#3: 1.2.840.113549.1.3 */
+    ASN1ObjectIdentifier    pkcs_3                  = new ASN1ObjectIdentifier("1.2.840.113549.1.3");
+    /** PKCS#3: 1.2.840.113549.1.3.1 */
+    ASN1ObjectIdentifier    dhKeyAgreement          = pkcs_3.branch("1");
+
+    //
+    // pkcs-5 OBJECT IDENTIFIER ::= {
+    //       iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 5 }
+    //
+    /** PKCS#5: 1.2.840.113549.1.5 */
+    ASN1ObjectIdentifier    pkcs_5                  = new ASN1ObjectIdentifier("1.2.840.113549.1.5");
+
+    /** PKCS#5: 1.2.840.113549.1.5.1 */
+    ASN1ObjectIdentifier    pbeWithMD2AndDES_CBC    = pkcs_5.branch("1");
+    /** PKCS#5: 1.2.840.113549.1.5.4 */
+    ASN1ObjectIdentifier    pbeWithMD2AndRC2_CBC    = pkcs_5.branch("4");
+    /** PKCS#5: 1.2.840.113549.1.5.3 */
+    ASN1ObjectIdentifier    pbeWithMD5AndDES_CBC    = pkcs_5.branch("3");
+    /** PKCS#5: 1.2.840.113549.1.5.6 */
+    ASN1ObjectIdentifier    pbeWithMD5AndRC2_CBC    = pkcs_5.branch("6");
+    /** PKCS#5: 1.2.840.113549.1.5.10 */
+    ASN1ObjectIdentifier    pbeWithSHA1AndDES_CBC   = pkcs_5.branch("10");
+    /** PKCS#5: 1.2.840.113549.1.5.11 */
+    ASN1ObjectIdentifier    pbeWithSHA1AndRC2_CBC   = pkcs_5.branch("11");
+    /** PKCS#5: 1.2.840.113549.1.5.13 */
+    ASN1ObjectIdentifier    id_PBES2                = pkcs_5.branch("13");
+    /** PKCS#5: 1.2.840.113549.1.5.12 */
+    ASN1ObjectIdentifier    id_PBKDF2               = pkcs_5.branch("12");
+
+    //
+    // encryptionAlgorithm OBJECT IDENTIFIER ::= {
+    //       iso(1) member-body(2) us(840) rsadsi(113549) 3 }
+    //
+    /**  1.2.840.113549.3 */
+    ASN1ObjectIdentifier    encryptionAlgorithm     = new ASN1ObjectIdentifier("1.2.840.113549.3");
+
+    /**  1.2.840.113549.3.7 */
+    ASN1ObjectIdentifier    des_EDE3_CBC            = encryptionAlgorithm.branch("7");
+    /**  1.2.840.113549.3.2 */
+    ASN1ObjectIdentifier    RC2_CBC                 = encryptionAlgorithm.branch("2");
+    /**  1.2.840.113549.3.4 */
+    ASN1ObjectIdentifier    rc4                     = encryptionAlgorithm.branch("4");
+
+    //
+    // object identifiers for digests
+    //
+    /**  1.2.840.113549.2 */
+    ASN1ObjectIdentifier    digestAlgorithm        = new ASN1ObjectIdentifier("1.2.840.113549.2");
+    //
+    // md2 OBJECT IDENTIFIER ::=
+    //      {iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 2}
+    //
+    // BEGIN android-removed
+    // /**  1.2.840.113549.2.2 */
+    // ASN1ObjectIdentifier    md2                    = digestAlgorithm.branch("2");
+    // END android-removed
+
+    //
+    // md4 OBJECT IDENTIFIER ::=
+    //      {iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 4}
+    //
+    // BEGIN android-removed
+    // /**  1.2.840.113549.2.4 */
+    // ASN1ObjectIdentifier    md4                    = digestAlgorithm.branch("4");
+    // END android-removed
+
+    //
+    // md5 OBJECT IDENTIFIER ::=
+    //      {iso(1) member-body(2) US(840) rsadsi(113549) digestAlgorithm(2) 5}
+    //
+    /**  1.2.840.113549.2.5 */
+    ASN1ObjectIdentifier    md5                    = digestAlgorithm.branch("5");
+
+    /**  1.2.840.113549.2.7 */
+    ASN1ObjectIdentifier    id_hmacWithSHA1        = digestAlgorithm.branch("7").intern();
+    /**  1.2.840.113549.2.8 */
+    ASN1ObjectIdentifier    id_hmacWithSHA224      = digestAlgorithm.branch("8").intern();
+    /**  1.2.840.113549.2.9 */
+    ASN1ObjectIdentifier    id_hmacWithSHA256      = digestAlgorithm.branch("9").intern();
+    /**  1.2.840.113549.2.10 */
+    ASN1ObjectIdentifier    id_hmacWithSHA384      = digestAlgorithm.branch("10").intern();
+    /**  1.2.840.113549.2.11 */
+    ASN1ObjectIdentifier    id_hmacWithSHA512      = digestAlgorithm.branch("11").intern();
+
+    //
+    // pkcs-7 OBJECT IDENTIFIER ::= {
+    //       iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 7 }
+    //
+    /** pkcs#7: 1.2.840.113549.1.7 */
+    ASN1ObjectIdentifier    pkcs_7                  = new ASN1ObjectIdentifier("1.2.840.113549.1.7").intern();
+    /** PKCS#7: 1.2.840.113549.1.7.1 */
+    ASN1ObjectIdentifier    data                    = new ASN1ObjectIdentifier("1.2.840.113549.1.7.1").intern();
+    /** PKCS#7: 1.2.840.113549.1.7.2 */
+    ASN1ObjectIdentifier    signedData              = new ASN1ObjectIdentifier("1.2.840.113549.1.7.2").intern();
+    /** PKCS#7: 1.2.840.113549.1.7.3 */
+    ASN1ObjectIdentifier    envelopedData           = new ASN1ObjectIdentifier("1.2.840.113549.1.7.3").intern();
+    /** PKCS#7: 1.2.840.113549.1.7.4 */
+    ASN1ObjectIdentifier    signedAndEnvelopedData  = new ASN1ObjectIdentifier("1.2.840.113549.1.7.4").intern();
+    /** PKCS#7: 1.2.840.113549.1.7.5 */
+    ASN1ObjectIdentifier    digestedData            = new ASN1ObjectIdentifier("1.2.840.113549.1.7.5").intern();
+    /** PKCS#7: 1.2.840.113549.1.7.76 */
+    ASN1ObjectIdentifier    encryptedData           = new ASN1ObjectIdentifier("1.2.840.113549.1.7.6").intern();
+
+    //
+    // pkcs-9 OBJECT IDENTIFIER ::= {
+    //       iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 9 }
+    //
+    /** PKCS#9: 1.2.840.113549.1.9 */
+    ASN1ObjectIdentifier    pkcs_9                  = new ASN1ObjectIdentifier("1.2.840.113549.1.9");
+
+    /** PKCS#9: 1.2.840.113549.1.9.1 */
+    ASN1ObjectIdentifier    pkcs_9_at_emailAddress        = pkcs_9.branch("1").intern();
+    /** PKCS#9: 1.2.840.113549.1.9.2 */
+    ASN1ObjectIdentifier    pkcs_9_at_unstructuredName    = pkcs_9.branch("2").intern();
+    /** PKCS#9: 1.2.840.113549.1.9.3 */
+    ASN1ObjectIdentifier    pkcs_9_at_contentType         = pkcs_9.branch("3").intern();
+    /** PKCS#9: 1.2.840.113549.1.9.4 */
+    ASN1ObjectIdentifier    pkcs_9_at_messageDigest       = pkcs_9.branch("4").intern();
+    /** PKCS#9: 1.2.840.113549.1.9.5 */
+    ASN1ObjectIdentifier    pkcs_9_at_signingTime         = pkcs_9.branch("5").intern();
+    /** PKCS#9: 1.2.840.113549.1.9.6 */
+    ASN1ObjectIdentifier    pkcs_9_at_counterSignature    = pkcs_9.branch("6").intern();
+    /** PKCS#9: 1.2.840.113549.1.9.7 */
+    ASN1ObjectIdentifier    pkcs_9_at_challengePassword   = pkcs_9.branch("7").intern();
+    /** PKCS#9: 1.2.840.113549.1.9.8 */
+    ASN1ObjectIdentifier    pkcs_9_at_unstructuredAddress = pkcs_9.branch("8").intern();
+    /** PKCS#9: 1.2.840.113549.1.9.9 */
+    ASN1ObjectIdentifier    pkcs_9_at_extendedCertificateAttributes = pkcs_9.branch("9").intern();
+
+    /** PKCS#9: 1.2.840.113549.1.9.13 */
+    ASN1ObjectIdentifier    pkcs_9_at_signingDescription = pkcs_9.branch("13").intern();
+    /** PKCS#9: 1.2.840.113549.1.9.14 */
+    ASN1ObjectIdentifier    pkcs_9_at_extensionRequest   = pkcs_9.branch("14").intern();
+    /** PKCS#9: 1.2.840.113549.1.9.15 */
+    ASN1ObjectIdentifier    pkcs_9_at_smimeCapabilities  = pkcs_9.branch("15").intern();
+    /** PKCS#9: 1.2.840.113549.1.9.16 */
+    ASN1ObjectIdentifier    id_smime                     = pkcs_9.branch("16").intern();
+
+    /** PKCS#9: 1.2.840.113549.1.9.20 */
+    ASN1ObjectIdentifier    pkcs_9_at_friendlyName  = pkcs_9.branch("20").intern();
+    /** PKCS#9: 1.2.840.113549.1.9.21 */
+    ASN1ObjectIdentifier    pkcs_9_at_localKeyId    = pkcs_9.branch("21").intern();
+
+    /** PKCS#9: 1.2.840.113549.1.9.22.1
+     * @deprecated use x509Certificate instead */
+    ASN1ObjectIdentifier    x509certType            = pkcs_9.branch("22.1");
+
+    /** PKCS#9: 1.2.840.113549.1.9.22 */
+    ASN1ObjectIdentifier    certTypes               = pkcs_9.branch("22");
+    /** PKCS#9: 1.2.840.113549.1.9.22.1 */
+    ASN1ObjectIdentifier    x509Certificate         = certTypes.branch("1").intern();
+    /** PKCS#9: 1.2.840.113549.1.9.22.2 */
+    ASN1ObjectIdentifier    sdsiCertificate         = certTypes.branch("2").intern();
+
+    /** PKCS#9: 1.2.840.113549.1.9.23 */
+    ASN1ObjectIdentifier    crlTypes                = pkcs_9.branch("23");
+    /** PKCS#9: 1.2.840.113549.1.9.23.1 */
+    ASN1ObjectIdentifier    x509Crl                 = crlTypes.branch("1").intern();
+
+    /** RFC 6211 -  id-aa-cmsAlgorithmProtect OBJECT IDENTIFIER ::= {
+            iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
+            pkcs9(9) 52 }  */
+    ASN1ObjectIdentifier   id_aa_cmsAlgorithmProtect = pkcs_9.branch("52").intern();
+
+    //
+    // SMIME capability sub oids.
+    //
+    /** PKCS#9: 1.2.840.113549.1.9.15.1 -- smime capability */
+    ASN1ObjectIdentifier    preferSignedData        = pkcs_9.branch("15.1");
+    /** PKCS#9: 1.2.840.113549.1.9.15.2 -- smime capability  */
+    ASN1ObjectIdentifier    canNotDecryptAny        = pkcs_9.branch("15.2");
+    /** PKCS#9: 1.2.840.113549.1.9.15.3 -- smime capability  */
+    ASN1ObjectIdentifier    sMIMECapabilitiesVersions = pkcs_9.branch("15.3");
+
+    //
+    // id-ct OBJECT IDENTIFIER ::= {iso(1) member-body(2) usa(840)
+    // rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) ct(1)}
+    //
+    /** PKCS#9: 1.2.840.113549.1.9.16.1 -- smime ct */
+    ASN1ObjectIdentifier    id_ct = new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.1");
+
+    /** PKCS#9: 1.2.840.113549.1.9.16.1.2 -- smime ct authData */
+    ASN1ObjectIdentifier    id_ct_authData          = id_ct.branch("2");
+    /** PKCS#9: 1.2.840.113549.1.9.16.1.4 -- smime ct TSTInfo*/
+    ASN1ObjectIdentifier    id_ct_TSTInfo           = id_ct.branch("4");
+    /** PKCS#9: 1.2.840.113549.1.9.16.1.9 -- smime ct compressedData */
+    ASN1ObjectIdentifier    id_ct_compressedData    = id_ct.branch("9");
+    /** PKCS#9: 1.2.840.113549.1.9.16.1.23 -- smime ct authEnvelopedData */
+    ASN1ObjectIdentifier    id_ct_authEnvelopedData = id_ct.branch("23");
+    /** PKCS#9: 1.2.840.113549.1.9.16.1.31 -- smime ct timestampedData*/
+    ASN1ObjectIdentifier    id_ct_timestampedData   = id_ct.branch("31");
+
+
+    /** S/MIME: Algorithm Identifiers ; 1.2.840.113549.1.9.16.3 */
+    ASN1ObjectIdentifier id_alg                  = id_smime.branch("3");
+    /** PKCS#9: 1.2.840.113549.1.9.16.3.9 */
+    ASN1ObjectIdentifier id_alg_PWRI_KEK         = id_alg.branch("9");
+    /**
+     * <pre>
+     * -- RSA-KEM Key Transport Algorithm  RFC 5990
+     *
+     * id-rsa-kem OID ::= {
+     *      iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1)
+     *      pkcs-9(9) smime(16) alg(3) 14
+     *   }
+     * </pre>
+     */
+    ASN1ObjectIdentifier id_rsa_KEM              = id_alg.branch("14");
+
+    //
+    // id-cti OBJECT IDENTIFIER ::= {iso(1) member-body(2) usa(840)
+    // rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) cti(6)}
+    //
+    /** PKCS#9: 1.2.840.113549.1.9.16.6 -- smime cti */
+    ASN1ObjectIdentifier    id_cti = new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.6");
+    
+    /** PKCS#9: 1.2.840.113549.1.9.16.6.1 -- smime cti proofOfOrigin */
+    ASN1ObjectIdentifier    id_cti_ets_proofOfOrigin   = id_cti.branch("1");
+    /** PKCS#9: 1.2.840.113549.1.9.16.6.2 -- smime cti proofOfReceipt*/
+    ASN1ObjectIdentifier    id_cti_ets_proofOfReceipt  = id_cti.branch("2");
+    /** PKCS#9: 1.2.840.113549.1.9.16.6.3 -- smime cti proofOfDelivery */
+    ASN1ObjectIdentifier    id_cti_ets_proofOfDelivery = id_cti.branch("3");
+    /** PKCS#9: 1.2.840.113549.1.9.16.6.4 -- smime cti proofOfSender */
+    ASN1ObjectIdentifier    id_cti_ets_proofOfSender   = id_cti.branch("4");
+    /** PKCS#9: 1.2.840.113549.1.9.16.6.5 -- smime cti proofOfApproval */
+    ASN1ObjectIdentifier    id_cti_ets_proofOfApproval = id_cti.branch("5");
+    /** PKCS#9: 1.2.840.113549.1.9.16.6.6 -- smime cti proofOfCreation */
+    ASN1ObjectIdentifier    id_cti_ets_proofOfCreation = id_cti.branch("6");
+    
+    //
+    // id-aa OBJECT IDENTIFIER ::= {iso(1) member-body(2) usa(840)
+    // rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) attributes(2)}
+    //
+    /** PKCS#9: 1.2.840.113549.1.9.16.2 - smime attributes */
+    ASN1ObjectIdentifier    id_aa = new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.2");
+
+
+    /** PKCS#9: 1.2.840.113549.1.9.16.2.1 -- smime attribute receiptRequest */
+    ASN1ObjectIdentifier id_aa_receiptRequest = id_aa.branch("1");
+    
+    /** PKCS#9: 1.2.840.113549.1.9.16.2.4 - See <a href="http://tools.ietf.org/html/rfc2634">RFC 2634</a> */
+    ASN1ObjectIdentifier id_aa_contentHint      = id_aa.branch("4"); // See RFC 2634
+    /** PKCS#9: 1.2.840.113549.1.9.16.2.5 */
+    ASN1ObjectIdentifier id_aa_msgSigDigest     = id_aa.branch("5");
+    /** PKCS#9: 1.2.840.113549.1.9.16.2.10 */
+    ASN1ObjectIdentifier id_aa_contentReference = id_aa.branch("10");
+    /*
+     * id-aa-encrypKeyPref OBJECT IDENTIFIER ::= {id-aa 11}
+     * 
+     */
+    /** PKCS#9: 1.2.840.113549.1.9.16.2.11 */
+    ASN1ObjectIdentifier id_aa_encrypKeyPref        = id_aa.branch("11");
+    /** PKCS#9: 1.2.840.113549.1.9.16.2.12 */
+    ASN1ObjectIdentifier id_aa_signingCertificate   = id_aa.branch("12");
+    /** PKCS#9: 1.2.840.113549.1.9.16.2.47 */
+    ASN1ObjectIdentifier id_aa_signingCertificateV2 = id_aa.branch("47");
+
+    /** PKCS#9: 1.2.840.113549.1.9.16.2.7 - See <a href="http://tools.ietf.org/html/rfc2634">RFC 2634</a> */
+    ASN1ObjectIdentifier id_aa_contentIdentifier = id_aa.branch("7"); // See RFC 2634
+
+    /*
+     * RFC 3126
+     */
+    /** PKCS#9: 1.2.840.113549.1.9.16.2.14 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */
+    ASN1ObjectIdentifier id_aa_signatureTimeStampToken = id_aa.branch("14");
+    
+    /** PKCS#9: 1.2.840.113549.1.9.16.2.15 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */
+    ASN1ObjectIdentifier id_aa_ets_sigPolicyId = id_aa.branch("15");
+    /** PKCS#9: 1.2.840.113549.1.9.16.2.16 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */
+    ASN1ObjectIdentifier id_aa_ets_commitmentType = id_aa.branch("16");
+    /** PKCS#9: 1.2.840.113549.1.9.16.2.17 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */
+    ASN1ObjectIdentifier id_aa_ets_signerLocation = id_aa.branch("17");
+    /** PKCS#9: 1.2.840.113549.1.9.16.2.18 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */
+    ASN1ObjectIdentifier id_aa_ets_signerAttr = id_aa.branch("18");
+    /** PKCS#9: 1.2.840.113549.1.9.16.6.2.19 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */
+    ASN1ObjectIdentifier id_aa_ets_otherSigCert = id_aa.branch("19");
+    /** PKCS#9: 1.2.840.113549.1.9.16.2.20 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */
+    ASN1ObjectIdentifier id_aa_ets_contentTimestamp = id_aa.branch("20");
+    /** PKCS#9: 1.2.840.113549.1.9.16.2.21 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */
+    ASN1ObjectIdentifier id_aa_ets_certificateRefs = id_aa.branch("21");
+    /** PKCS#9: 1.2.840.113549.1.9.16.2.22 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */
+    ASN1ObjectIdentifier id_aa_ets_revocationRefs = id_aa.branch("22");
+    /** PKCS#9: 1.2.840.113549.1.9.16.2.23 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */
+    ASN1ObjectIdentifier id_aa_ets_certValues = id_aa.branch("23");
+    /** PKCS#9: 1.2.840.113549.1.9.16.2.24 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */
+    ASN1ObjectIdentifier id_aa_ets_revocationValues = id_aa.branch("24");
+    /** PKCS#9: 1.2.840.113549.1.9.16.2.25 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */
+    ASN1ObjectIdentifier id_aa_ets_escTimeStamp = id_aa.branch("25");
+    /** PKCS#9: 1.2.840.113549.1.9.16.2.26 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */
+    ASN1ObjectIdentifier id_aa_ets_certCRLTimestamp = id_aa.branch("26");
+    /** PKCS#9: 1.2.840.113549.1.9.16.2.27 - <a href="http://tools.ietf.org/html/rfc3126">RFC 3126</a> */
+    ASN1ObjectIdentifier id_aa_ets_archiveTimestamp = id_aa.branch("27");
+
+    /** PKCS#9: 1.2.840.113549.1.9.16.2.37 - <a href="https://tools.ietf.org/html/rfc4108#section-2.2.5">RFC 4108</a> */
+    ASN1ObjectIdentifier id_aa_decryptKeyID = id_aa.branch("37");
+
+    /** PKCS#9: 1.2.840.113549.1.9.16.2.38 - <a href="https://tools.ietf.org/html/rfc4108#section-2.2.6">RFC 4108</a> */
+    ASN1ObjectIdentifier id_aa_implCryptoAlgs = id_aa.branch("38");
+
+    /** PKCS#9: 1.2.840.113549.1.9.16.2.54 <a href="https://tools.ietf.org/html/rfc7030">RFC7030</a>*/
+    ASN1ObjectIdentifier id_aa_asymmDecryptKeyID = id_aa.branch("54");
+
+    /** PKCS#9: 1.2.840.113549.1.9.16.2.43   <a href="https://tools.ietf.org/html/rfc7030">RFC7030</a>*/
+    ASN1ObjectIdentifier id_aa_implCompressAlgs = id_aa.branch("43");
+    /** PKCS#9: 1.2.840.113549.1.9.16.2.40   <a href="https://tools.ietf.org/html/rfc7030">RFC7030</a>*/
+    ASN1ObjectIdentifier id_aa_communityIdentifiers = id_aa.branch("40");
+
+    /** @deprecated use id_aa_ets_sigPolicyId instead */
+    ASN1ObjectIdentifier id_aa_sigPolicyId    = id_aa_ets_sigPolicyId;
+    /** @deprecated use id_aa_ets_commitmentType instead */
+    ASN1ObjectIdentifier id_aa_commitmentType = id_aa_ets_commitmentType;
+    /** @deprecated use id_aa_ets_signerLocation instead */
+    ASN1ObjectIdentifier id_aa_signerLocation = id_aa_ets_signerLocation;
+    /** @deprecated use id_aa_ets_otherSigCert instead */
+    ASN1ObjectIdentifier id_aa_otherSigCert   = id_aa_ets_otherSigCert;
+    
+    /**
+     * id-spq OBJECT IDENTIFIER ::= {iso(1) member-body(2) usa(840)
+     * rsadsi(113549) pkcs(1) pkcs-9(9) smime(16) id-spq(5)}; <p>
+     * 1.2.840.113549.1.9.16.5
+     */
+    final String id_spq = "1.2.840.113549.1.9.16.5";
+
+    /** SMIME SPQ URI:     1.2.840.113549.1.9.16.5.1 */
+    ASN1ObjectIdentifier id_spq_ets_uri     = new ASN1ObjectIdentifier(id_spq + ".1");
+    /** SMIME SPQ UNOTICE: 1.2.840.113549.1.9.16.5.2 */
+    ASN1ObjectIdentifier id_spq_ets_unotice = new ASN1ObjectIdentifier(id_spq + ".2");
+
+    //
+    // pkcs-12 OBJECT IDENTIFIER ::= {
+    //       iso(1) member-body(2) us(840) rsadsi(113549) pkcs(1) 12 }
+    //
+    /** PKCS#12: 1.2.840.113549.1.12 */
+    ASN1ObjectIdentifier   pkcs_12                  = new ASN1ObjectIdentifier("1.2.840.113549.1.12");
+    /** PKCS#12: 1.2.840.113549.1.12.10.1 */
+    ASN1ObjectIdentifier   bagtypes                 = pkcs_12.branch("10.1");
+
+    /** PKCS#12: 1.2.840.113549.1.12.10.1.1 */
+    ASN1ObjectIdentifier    keyBag                  = bagtypes.branch("1");
+    /** PKCS#12: 1.2.840.113549.1.12.10.1.2 */
+    ASN1ObjectIdentifier    pkcs8ShroudedKeyBag     = bagtypes.branch("2");
+    /** PKCS#12: 1.2.840.113549.1.12.10.1.3 */
+    ASN1ObjectIdentifier    certBag                 = bagtypes.branch("3");
+    /** PKCS#12: 1.2.840.113549.1.12.10.1.4 */
+    ASN1ObjectIdentifier    crlBag                  = bagtypes.branch("4");
+    /** PKCS#12: 1.2.840.113549.1.12.10.1.5 */
+    ASN1ObjectIdentifier    secretBag               = bagtypes.branch("5");
+    /** PKCS#12: 1.2.840.113549.1.12.10.1.6 */
+    ASN1ObjectIdentifier    safeContentsBag         = bagtypes.branch("6");
+
+    /** PKCS#12: 1.2.840.113549.1.12.1 */
+    ASN1ObjectIdentifier    pkcs_12PbeIds           = pkcs_12.branch("1");
+
+    /** PKCS#12: 1.2.840.113549.1.12.1.1 */
+    ASN1ObjectIdentifier    pbeWithSHAAnd128BitRC4          = pkcs_12PbeIds.branch("1");
+    /** PKCS#12: 1.2.840.113549.1.12.1.2 */
+    ASN1ObjectIdentifier    pbeWithSHAAnd40BitRC4           = pkcs_12PbeIds.branch("2");
+    /** PKCS#12: 1.2.840.113549.1.12.1.3 */
+    ASN1ObjectIdentifier    pbeWithSHAAnd3_KeyTripleDES_CBC = pkcs_12PbeIds.branch("3");
+    /** PKCS#12: 1.2.840.113549.1.12.1.4 */
+    ASN1ObjectIdentifier    pbeWithSHAAnd2_KeyTripleDES_CBC = pkcs_12PbeIds.branch("4");
+    /** PKCS#12: 1.2.840.113549.1.12.1.5 */
+    ASN1ObjectIdentifier    pbeWithSHAAnd128BitRC2_CBC      = pkcs_12PbeIds.branch("5");
+    /** PKCS#12: 1.2.840.113549.1.12.1.6 */
+    ASN1ObjectIdentifier    pbeWithSHAAnd40BitRC2_CBC       = pkcs_12PbeIds.branch("6");
+
+    /**
+     * PKCS#12: 1.2.840.113549.1.12.1.6
+     * @deprecated use pbeWithSHAAnd40BitRC2_CBC
+     */
+    ASN1ObjectIdentifier    pbewithSHAAnd40BitRC2_CBC = pkcs_12PbeIds.branch("6");
+
+    /** PKCS#9: 1.2.840.113549.1.9.16.3.6 */
+    ASN1ObjectIdentifier    id_alg_CMS3DESwrap = new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.3.6");
+    /** PKCS#9: 1.2.840.113549.1.9.16.3.7 */
+    ASN1ObjectIdentifier    id_alg_CMSRC2wrap  = new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.3.7");
+    /** PKCS#9: 1.2.840.113549.1.9.16.3.5 */
+    ASN1ObjectIdentifier    id_alg_ESDH  = new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.3.5");
+    /** PKCS#9: 1.2.840.113549.1.9.16.3.10 */
+    ASN1ObjectIdentifier    id_alg_SSDH  = new ASN1ObjectIdentifier("1.2.840.113549.1.9.16.3.10");
+}
+

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/Pfx.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/Pfx.java
new file mode 100644
index 0000000..8cb9473
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/Pfx.java

@@ -0,0 +1,89 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.BERSequence;
+
+/**
+ * the infamous Pfx from PKCS12
+ * @hide This class is not part of the Android public SDK API
+ */
+public class Pfx
+    extends ASN1Object
+    implements PKCSObjectIdentifiers
+{
+    private ContentInfo             contentInfo;
+    private MacData                 macData = null;
+
+    private Pfx(
+        ASN1Sequence   seq)
+    {
+        BigInteger  version = ASN1Integer.getInstance(seq.getObjectAt(0)).getValue();
+        if (version.intValue() != 3)
+        {
+            throw new IllegalArgumentException("wrong version for PFX PDU");
+        }
+
+        contentInfo = ContentInfo.getInstance(seq.getObjectAt(1));
+
+        if (seq.size() == 3)
+        {
+            macData = MacData.getInstance(seq.getObjectAt(2));
+        }
+    }
+
+    public static Pfx getInstance(
+        Object  obj)
+    {
+        if (obj instanceof Pfx)
+        {
+            return (Pfx)obj;
+        }
+
+        if (obj != null)
+        {
+            return new Pfx(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    public Pfx(
+        ContentInfo     contentInfo,
+        MacData         macData)
+    {
+        this.contentInfo = contentInfo;
+        this.macData = macData;
+    }
+
+    public ContentInfo getAuthSafe()
+    {
+        return contentInfo;
+    }
+
+    public MacData getMacData()
+    {
+        return macData;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(new ASN1Integer(3));
+        v.add(contentInfo);
+
+        if (macData != null)
+        {
+            v.add(macData);
+        }
+
+        return new BERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/PrivateKeyInfo.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/PrivateKeyInfo.java
new file mode 100644
index 0000000..06f45c3
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/PrivateKeyInfo.java

@@ -0,0 +1,254 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import java.io.IOException;
+import java.math.BigInteger;
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1BitString;
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1Set;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.util.BigIntegers;
+
+/**
+ * RFC 5958
+ *
+ * <pre>
+ *  [IMPLICIT TAGS]
+ *
+ *  OneAsymmetricKey ::= SEQUENCE {
+ *      version                   Version,
+ *      privateKeyAlgorithm       PrivateKeyAlgorithmIdentifier,
+ *      privateKey                PrivateKey,
+ *      attributes            [0] Attributes OPTIONAL,
+ *      ...,
+ *      [[2: publicKey        [1] PublicKey OPTIONAL ]],
+ *      ...
+ *  }
+ *
+ *  PrivateKeyInfo ::= OneAsymmetricKey
+ *
+ *  Version ::= INTEGER { v1(0), v2(1) } (v1, ..., v2)
+ *
+ *  PrivateKeyAlgorithmIdentifier ::= AlgorithmIdentifier
+ *                                     { PUBLIC-KEY,
+ *                                       { PrivateKeyAlgorithms } }
+ *
+ *  PrivateKey ::= OCTET STRING
+ *                     -- Content varies based on type of key.  The
+ *                     -- algorithm identifier dictates the format of
+ *                     -- the key.
+ *
+ *  PublicKey ::= BIT STRING
+ *                     -- Content varies based on type of key.  The
+ *                     -- algorithm identifier dictates the format of
+ *                     -- the key.
+ *
+ *  Attributes ::= SET OF Attribute { { OneAsymmetricKeyAttributes } }
+ *  </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public class PrivateKeyInfo
+    extends ASN1Object
+{
+    private ASN1Integer version;
+    private AlgorithmIdentifier privateKeyAlgorithm;
+    private ASN1OctetString privateKey;
+    private ASN1Set attributes;
+    private ASN1BitString publicKey;
+
+    public static PrivateKeyInfo getInstance(ASN1TaggedObject obj, boolean explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    @libcore.api.CorePlatformApi
+    public static PrivateKeyInfo getInstance(Object obj)
+    {
+        if (obj instanceof PrivateKeyInfo)
+        {
+            return (PrivateKeyInfo)obj;
+        }
+        else if (obj != null)
+        {
+            return new PrivateKeyInfo(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    private static int getVersionValue(ASN1Integer version)
+    {
+        BigInteger bigValue = version.getValue();
+        if (bigValue.compareTo(BigIntegers.ZERO) < 0 || bigValue.compareTo(BigIntegers.ONE) > 0)
+        {
+            throw new IllegalArgumentException("invalid version for private key info");
+        }
+        return bigValue.intValue();
+    }
+
+    public PrivateKeyInfo(
+        AlgorithmIdentifier privateKeyAlgorithm,
+        ASN1Encodable privateKey)
+        throws IOException
+    {
+        this(privateKeyAlgorithm, privateKey, null, null);
+    }
+
+    public PrivateKeyInfo(
+        AlgorithmIdentifier privateKeyAlgorithm,
+        ASN1Encodable privateKey,
+        ASN1Set attributes)
+        throws IOException
+    {
+        this(privateKeyAlgorithm, privateKey, attributes, null);
+    }
+
+    public PrivateKeyInfo(
+        AlgorithmIdentifier privateKeyAlgorithm,
+        ASN1Encodable privateKey,
+        ASN1Set attributes,
+        byte[] publicKey)
+        throws IOException
+    {
+        this.version = new ASN1Integer(publicKey != null ? BigIntegers.ONE : BigIntegers.ZERO);
+        this.privateKeyAlgorithm = privateKeyAlgorithm;
+        this.privateKey = new DEROctetString(privateKey);
+        this.attributes = attributes;
+        this.publicKey = publicKey == null ? null : new DERBitString(publicKey);
+    }
+
+    private PrivateKeyInfo(ASN1Sequence seq)
+    {
+        Enumeration e = seq.getObjects();
+
+        this.version = ASN1Integer.getInstance(e.nextElement());
+
+        int versionValue = getVersionValue(version);
+
+        this.privateKeyAlgorithm = AlgorithmIdentifier.getInstance(e.nextElement());
+        this.privateKey = ASN1OctetString.getInstance(e.nextElement());
+
+        int lastTag = -1;
+        while (e.hasMoreElements())
+        {
+            ASN1TaggedObject tagged = (ASN1TaggedObject)e.nextElement();
+
+            int tag = tagged.getTagNo();
+            if (tag <= lastTag)
+            {
+                throw new IllegalArgumentException("invalid optional field in private key info");
+            }
+
+            lastTag = tag;
+
+            switch (tag)
+            {
+            case 0:
+            {
+                this.attributes = ASN1Set.getInstance(tagged, false);
+                break;
+            }
+            case 1:
+            {
+                if (versionValue < 1)
+                {
+                    throw new IllegalArgumentException("'publicKey' requires version v2(1) or later");
+                }
+
+                this.publicKey = DERBitString.getInstance(tagged, false);
+                break;
+            }
+            default:
+            {
+                throw new IllegalArgumentException("unknown optional field in private key info");
+            }
+            }
+        }
+    }
+
+    public ASN1Set getAttributes()
+    {
+        return attributes;
+    }
+
+    @libcore.api.CorePlatformApi
+    public AlgorithmIdentifier getPrivateKeyAlgorithm()
+    {
+        return privateKeyAlgorithm;
+    }
+
+    public ASN1Encodable parsePrivateKey()
+        throws IOException
+    {
+        return ASN1Primitive.fromByteArray(privateKey.getOctets());
+    }
+
+    /**
+     * Return true if a public key is present, false otherwise.
+     *
+     * @return true if public included, otherwise false.
+     */
+    public boolean hasPublicKey()
+    {
+        return publicKey != null;
+    }
+
+    /**
+     * for when the public key is an encoded object - if the bitstring
+     * can't be decoded this routine throws an IOException.
+     *
+     * @return the public key as an ASN.1 primitive.
+     * @throws IOException - if the bit string doesn't represent a DER
+     * encoded object.
+     */
+    public ASN1Encodable parsePublicKey()
+        throws IOException
+    {
+        return publicKey == null ? null : ASN1Primitive.fromByteArray(publicKey.getOctets());
+    }
+
+    /**
+     * for when the public key is raw bits.
+     *
+     * @return the public key as the raw bit string...
+     */
+    public ASN1BitString getPublicKeyData()
+    {
+        return publicKey;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(version);
+        v.add(privateKeyAlgorithm);
+        v.add(privateKey);
+
+        if (attributes != null)
+        {
+            v.add(new DERTaggedObject(false, 0, attributes));
+        }
+
+        if (publicKey != null)
+        {
+            v.add(new DERTaggedObject(false, 1, publicKey));
+        }
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/RSAESOAEPparams.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/RSAESOAEPparams.java
new file mode 100644
index 0000000..f47ccf8
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/RSAESOAEPparams.java

@@ -0,0 +1,159 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERNull;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+import com.android.org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class RSAESOAEPparams
+    extends ASN1Object
+{
+    private AlgorithmIdentifier hashAlgorithm;
+    private AlgorithmIdentifier maskGenAlgorithm;
+    private AlgorithmIdentifier pSourceAlgorithm;
+    
+    public final static AlgorithmIdentifier DEFAULT_HASH_ALGORITHM = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE);
+    public final static AlgorithmIdentifier DEFAULT_MASK_GEN_FUNCTION = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, DEFAULT_HASH_ALGORITHM);
+    public final static AlgorithmIdentifier DEFAULT_P_SOURCE_ALGORITHM = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_pSpecified, new DEROctetString(new byte[0]));
+    
+    public static RSAESOAEPparams getInstance(
+        Object  obj)
+    {
+        if (obj instanceof RSAESOAEPparams)
+        {
+            return (RSAESOAEPparams)obj;
+        }
+        else if (obj != null)
+        {
+            return new RSAESOAEPparams(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+    
+    /**
+     * The default version
+     */
+    public RSAESOAEPparams()
+    {
+        hashAlgorithm = DEFAULT_HASH_ALGORITHM;
+        maskGenAlgorithm = DEFAULT_MASK_GEN_FUNCTION;
+        pSourceAlgorithm = DEFAULT_P_SOURCE_ALGORITHM;
+    }
+    
+    public RSAESOAEPparams(
+        AlgorithmIdentifier hashAlgorithm,
+        AlgorithmIdentifier maskGenAlgorithm,
+        AlgorithmIdentifier pSourceAlgorithm)
+    {
+        this.hashAlgorithm = hashAlgorithm;
+        this.maskGenAlgorithm = maskGenAlgorithm;
+        this.pSourceAlgorithm = pSourceAlgorithm;
+    }
+
+    /**
+     * @deprecated use getInstance()
+     * @param seq
+     */
+    public RSAESOAEPparams(
+        ASN1Sequence seq)
+    {
+        hashAlgorithm = DEFAULT_HASH_ALGORITHM;
+        maskGenAlgorithm = DEFAULT_MASK_GEN_FUNCTION;
+        pSourceAlgorithm = DEFAULT_P_SOURCE_ALGORITHM;
+        
+        for (int i = 0; i != seq.size(); i++)
+        {
+            ASN1TaggedObject    o = (ASN1TaggedObject)seq.getObjectAt(i);
+            
+            switch (o.getTagNo())
+            {
+            case 0:
+                hashAlgorithm = AlgorithmIdentifier.getInstance(o, true);
+                break;
+            case 1:
+                maskGenAlgorithm = AlgorithmIdentifier.getInstance(o, true);
+                break;
+            case 2:
+                pSourceAlgorithm = AlgorithmIdentifier.getInstance(o, true);
+                break;
+            default:
+                throw new IllegalArgumentException("unknown tag");
+            }
+        }
+    }
+    
+    public AlgorithmIdentifier getHashAlgorithm()
+    {
+        return hashAlgorithm;
+    }
+    
+    public AlgorithmIdentifier getMaskGenAlgorithm()
+    {
+        return maskGenAlgorithm;
+    }
+    
+    public AlgorithmIdentifier getPSourceAlgorithm()
+    {
+        return pSourceAlgorithm;
+    }
+    
+    /**
+     * <pre>
+     *  RSAES-OAEP-params ::= SEQUENCE {
+     *     hashAlgorithm      [0] OAEP-PSSDigestAlgorithms     DEFAULT sha1,
+     *     maskGenAlgorithm   [1] PKCS1MGFAlgorithms  DEFAULT mgf1SHA1,
+     *     pSourceAlgorithm   [2] PKCS1PSourceAlgorithms  DEFAULT pSpecifiedEmpty
+     *   }
+     *  
+     *   OAEP-PSSDigestAlgorithms    ALGORITHM-IDENTIFIER ::= {
+     *     { OID id-sha1 PARAMETERS NULL   }|
+     *     { OID id-sha256 PARAMETERS NULL }|
+     *     { OID id-sha384 PARAMETERS NULL }|
+     *     { OID id-sha512 PARAMETERS NULL },
+     *     ...  -- Allows for future expansion --
+     *   }
+     *   PKCS1MGFAlgorithms    ALGORITHM-IDENTIFIER ::= {
+     *     { OID id-mgf1 PARAMETERS OAEP-PSSDigestAlgorithms },
+     *    ...  -- Allows for future expansion --
+     *   }
+     *   PKCS1PSourceAlgorithms    ALGORITHM-IDENTIFIER ::= {
+     *     { OID id-pSpecified PARAMETERS OCTET STRING },
+     *     ...  -- Allows for future expansion --
+     *  }
+     * </pre>
+     * @return the asn1 primitive representing the parameters.
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+        
+        if (!hashAlgorithm.equals(DEFAULT_HASH_ALGORITHM))
+        {
+            v.add(new DERTaggedObject(true, 0, hashAlgorithm));
+        }
+        
+        if (!maskGenAlgorithm.equals(DEFAULT_MASK_GEN_FUNCTION))
+        {
+            v.add(new DERTaggedObject(true, 1, maskGenAlgorithm));
+        }
+        
+        if (!pSourceAlgorithm.equals(DEFAULT_P_SOURCE_ALGORITHM))
+        {
+            v.add(new DERTaggedObject(true, 2, pSourceAlgorithm));
+        }
+        
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/RSAPrivateKey.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/RSAPrivateKey.java
new file mode 100644
index 0000000..f319444
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/RSAPrivateKey.java

@@ -0,0 +1,191 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import java.math.BigInteger;
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class RSAPrivateKey
+    extends ASN1Object
+{
+    private BigInteger version;
+    private BigInteger modulus;
+    private BigInteger publicExponent;
+    private BigInteger privateExponent;
+    private BigInteger prime1;
+    private BigInteger prime2;
+    private BigInteger exponent1;
+    private BigInteger exponent2;
+    private BigInteger coefficient;
+    private ASN1Sequence otherPrimeInfos = null;
+
+    public static RSAPrivateKey getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static RSAPrivateKey getInstance(
+        Object obj)
+    {
+        if (obj instanceof RSAPrivateKey)
+        {
+            return (RSAPrivateKey)obj;
+        }
+
+        if (obj != null)
+        {
+            return new RSAPrivateKey(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+    
+    public RSAPrivateKey(
+        BigInteger modulus,
+        BigInteger publicExponent,
+        BigInteger privateExponent,
+        BigInteger prime1,
+        BigInteger prime2,
+        BigInteger exponent1,
+        BigInteger exponent2,
+        BigInteger coefficient)
+    {
+        this.version = BigInteger.valueOf(0);
+        this.modulus = modulus;
+        this.publicExponent = publicExponent;
+        this.privateExponent = privateExponent;
+        this.prime1 = prime1;
+        this.prime2 = prime2;
+        this.exponent1 = exponent1;
+        this.exponent2 = exponent2;
+        this.coefficient = coefficient;
+    }
+
+    private RSAPrivateKey(
+        ASN1Sequence seq)
+    {
+        Enumeration e = seq.getObjects();
+
+        BigInteger v = ((ASN1Integer)e.nextElement()).getValue();
+        if (v.intValue() != 0 && v.intValue() != 1)
+        {
+            throw new IllegalArgumentException("wrong version for RSA private key");
+        }
+
+        version = v;
+        modulus = ((ASN1Integer)e.nextElement()).getValue();
+        publicExponent = ((ASN1Integer)e.nextElement()).getValue();
+        privateExponent = ((ASN1Integer)e.nextElement()).getValue();
+        prime1 = ((ASN1Integer)e.nextElement()).getValue();
+        prime2 = ((ASN1Integer)e.nextElement()).getValue();
+        exponent1 = ((ASN1Integer)e.nextElement()).getValue();
+        exponent2 = ((ASN1Integer)e.nextElement()).getValue();
+        coefficient = ((ASN1Integer)e.nextElement()).getValue();
+        
+        if (e.hasMoreElements())
+        {
+            otherPrimeInfos = (ASN1Sequence)e.nextElement();
+        }
+    }
+
+    public BigInteger getVersion()
+    {
+        return version;
+    }
+    
+    public BigInteger getModulus()
+    {
+        return modulus;
+    }
+
+    public BigInteger getPublicExponent()
+    {
+        return publicExponent;
+    }
+
+    public BigInteger getPrivateExponent()
+    {
+        return privateExponent;
+    }
+
+    public BigInteger getPrime1()
+    {
+        return prime1;
+    }
+
+    public BigInteger getPrime2()
+    {
+        return prime2;
+    }
+
+    public BigInteger getExponent1()
+    {
+        return exponent1;
+    }
+
+    public BigInteger getExponent2()
+    {
+        return exponent2;
+    }
+
+    public BigInteger getCoefficient()
+    {
+        return coefficient;
+    }
+
+    /**
+     * This outputs the key in PKCS1v2 format.
+     * <pre>
+     *      RSAPrivateKey ::= SEQUENCE {
+     *                          version Version,
+     *                          modulus INTEGER, -- n
+     *                          publicExponent INTEGER, -- e
+     *                          privateExponent INTEGER, -- d
+     *                          prime1 INTEGER, -- p
+     *                          prime2 INTEGER, -- q
+     *                          exponent1 INTEGER, -- d mod (p-1)
+     *                          exponent2 INTEGER, -- d mod (q-1)
+     *                          coefficient INTEGER, -- (inverse of q) mod p
+     *                          otherPrimeInfos OtherPrimeInfos OPTIONAL
+     *                      }
+     *
+     *      Version ::= INTEGER { two-prime(0), multi(1) }
+     *        (CONSTRAINED BY {-- version must be multi if otherPrimeInfos present --})
+     * </pre>
+     * <p>
+     * This routine is written to output PKCS1 version 2.1, private keys.
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(new ASN1Integer(version));                       // version
+        v.add(new ASN1Integer(getModulus()));
+        v.add(new ASN1Integer(getPublicExponent()));
+        v.add(new ASN1Integer(getPrivateExponent()));
+        v.add(new ASN1Integer(getPrime1()));
+        v.add(new ASN1Integer(getPrime2()));
+        v.add(new ASN1Integer(getExponent1()));
+        v.add(new ASN1Integer(getExponent2()));
+        v.add(new ASN1Integer(getCoefficient()));
+
+        if (otherPrimeInfos != null)
+        {
+            v.add(otherPrimeInfos);
+        }
+        
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/RSAPrivateKeyStructure.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/RSAPrivateKeyStructure.java
new file mode 100644
index 0000000..08e3008
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/RSAPrivateKeyStructure.java

@@ -0,0 +1,191 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import java.math.BigInteger;
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * @deprecated use RSAPrivateKey
+ * @hide This class is not part of the Android public SDK API
+ */
+public class RSAPrivateKeyStructure
+    extends ASN1Object
+{
+    private int         version;
+    private BigInteger  modulus;
+    private BigInteger  publicExponent;
+    private BigInteger  privateExponent;
+    private BigInteger  prime1;
+    private BigInteger  prime2;
+    private BigInteger  exponent1;
+    private BigInteger  exponent2;
+    private BigInteger  coefficient;
+    private ASN1Sequence otherPrimeInfos = null;
+
+    public static RSAPrivateKeyStructure getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static RSAPrivateKeyStructure getInstance(
+        Object  obj)
+    {
+        if (obj instanceof RSAPrivateKeyStructure)
+        {
+            return (RSAPrivateKeyStructure)obj;
+        }
+        else if (obj instanceof ASN1Sequence)
+        {
+            return new RSAPrivateKeyStructure((ASN1Sequence)obj);
+        }
+
+        throw new IllegalArgumentException("unknown object in factory: " + obj.getClass().getName());
+    }
+    
+    public RSAPrivateKeyStructure(
+        BigInteger  modulus,
+        BigInteger  publicExponent,
+        BigInteger  privateExponent,
+        BigInteger  prime1,
+        BigInteger  prime2,
+        BigInteger  exponent1,
+        BigInteger  exponent2,
+        BigInteger  coefficient)
+    {
+        this.version = 0;
+        this.modulus = modulus;
+        this.publicExponent = publicExponent;
+        this.privateExponent = privateExponent;
+        this.prime1 = prime1;
+        this.prime2 = prime2;
+        this.exponent1 = exponent1;
+        this.exponent2 = exponent2;
+        this.coefficient = coefficient;
+    }
+
+    public RSAPrivateKeyStructure(
+        ASN1Sequence  seq)
+    {
+        Enumeration e = seq.getObjects();
+
+        BigInteger  v = ((ASN1Integer)e.nextElement()).getValue();
+        if (v.intValue() != 0 && v.intValue() != 1)
+        {
+            throw new IllegalArgumentException("wrong version for RSA private key");
+        }
+
+        version = v.intValue();
+        modulus = ((ASN1Integer)e.nextElement()).getValue();
+        publicExponent = ((ASN1Integer)e.nextElement()).getValue();
+        privateExponent = ((ASN1Integer)e.nextElement()).getValue();
+        prime1 = ((ASN1Integer)e.nextElement()).getValue();
+        prime2 = ((ASN1Integer)e.nextElement()).getValue();
+        exponent1 = ((ASN1Integer)e.nextElement()).getValue();
+        exponent2 = ((ASN1Integer)e.nextElement()).getValue();
+        coefficient = ((ASN1Integer)e.nextElement()).getValue();
+        
+        if (e.hasMoreElements())
+        {
+            otherPrimeInfos = (ASN1Sequence)e.nextElement();
+        }
+    }
+
+    public int getVersion()
+    {
+        return version;
+    }
+    
+    public BigInteger getModulus()
+    {
+        return modulus;
+    }
+
+    public BigInteger getPublicExponent()
+    {
+        return publicExponent;
+    }
+
+    public BigInteger getPrivateExponent()
+    {
+        return privateExponent;
+    }
+
+    public BigInteger getPrime1()
+    {
+        return prime1;
+    }
+
+    public BigInteger getPrime2()
+    {
+        return prime2;
+    }
+
+    public BigInteger getExponent1()
+    {
+        return exponent1;
+    }
+
+    public BigInteger getExponent2()
+    {
+        return exponent2;
+    }
+
+    public BigInteger getCoefficient()
+    {
+        return coefficient;
+    }
+
+    /**
+     * This outputs the key in PKCS1v2 format.
+     * <pre>
+     *      RSAPrivateKey ::= SEQUENCE {
+     *                          version Version,
+     *                          modulus INTEGER, -- n
+     *                          publicExponent INTEGER, -- e
+     *                          privateExponent INTEGER, -- d
+     *                          prime1 INTEGER, -- p
+     *                          prime2 INTEGER, -- q
+     *                          exponent1 INTEGER, -- d mod (p-1)
+     *                          exponent2 INTEGER, -- d mod (q-1)
+     *                          coefficient INTEGER, -- (inverse of q) mod p
+     *                          otherPrimeInfos OtherPrimeInfos OPTIONAL
+     *                      }
+     *
+     *      Version ::= INTEGER { two-prime(0), multi(1) }
+     *        (CONSTRAINED BY {-- version must be multi if otherPrimeInfos present --})
+     * </pre>
+     * <p>
+     * This routine is written to output PKCS1 version 2.1, private keys.
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        v.add(new ASN1Integer(version));                       // version
+        v.add(new ASN1Integer(getModulus()));
+        v.add(new ASN1Integer(getPublicExponent()));
+        v.add(new ASN1Integer(getPrivateExponent()));
+        v.add(new ASN1Integer(getPrime1()));
+        v.add(new ASN1Integer(getPrime2()));
+        v.add(new ASN1Integer(getExponent1()));
+        v.add(new ASN1Integer(getExponent2()));
+        v.add(new ASN1Integer(getCoefficient()));
+
+        if (otherPrimeInfos != null)
+        {
+            v.add(otherPrimeInfos);
+        }
+        
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/RSAPublicKey.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/RSAPublicKey.java
new file mode 100644
index 0000000..090763b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/RSAPublicKey.java

@@ -0,0 +1,99 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import java.math.BigInteger;
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class RSAPublicKey
+    extends ASN1Object
+{
+    private BigInteger modulus;
+    private BigInteger publicExponent;
+
+    public static RSAPublicKey getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static RSAPublicKey getInstance(
+        Object obj)
+    {
+        if (obj instanceof RSAPublicKey)
+        {
+            return (RSAPublicKey)obj;
+        }
+
+        if (obj != null)
+        {
+            return new RSAPublicKey(ASN1Sequence.getInstance(obj));
+        }
+        
+        return null;
+    }
+    
+    public RSAPublicKey(
+        BigInteger modulus,
+        BigInteger publicExponent)
+    {
+        this.modulus = modulus;
+        this.publicExponent = publicExponent;
+    }
+
+    private RSAPublicKey(
+        ASN1Sequence seq)
+    {
+        if (seq.size() != 2)
+        {
+            throw new IllegalArgumentException("Bad sequence size: "
+                    + seq.size());
+        }
+
+        Enumeration e = seq.getObjects();
+
+        modulus = ASN1Integer.getInstance(e.nextElement()).getPositiveValue();
+        publicExponent = ASN1Integer.getInstance(e.nextElement()).getPositiveValue();
+    }
+
+    public BigInteger getModulus()
+    {
+        return modulus;
+    }
+
+    public BigInteger getPublicExponent()
+    {
+        return publicExponent;
+    }
+
+    /**
+     * This outputs the key in PKCS1v2 format.
+     * <pre>
+     *      RSAPublicKey ::= SEQUENCE {
+     *                          modulus INTEGER, -- n
+     *                          publicExponent INTEGER, -- e
+     *                      }
+     * </pre>
+     * <p>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(new ASN1Integer(getModulus()));
+        v.add(new ASN1Integer(getPublicExponent()));
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/RSASSAPSSparams.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/RSASSAPSSparams.java
new file mode 100644
index 0000000..59b9351
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/RSASSAPSSparams.java

@@ -0,0 +1,176 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERNull;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+import com.android.org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class RSASSAPSSparams
+    extends ASN1Object
+{
+    private AlgorithmIdentifier hashAlgorithm;
+    private AlgorithmIdentifier maskGenAlgorithm;
+    private ASN1Integer          saltLength;
+    private ASN1Integer          trailerField;
+    
+    public final static AlgorithmIdentifier DEFAULT_HASH_ALGORITHM = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE);
+    public final static AlgorithmIdentifier DEFAULT_MASK_GEN_FUNCTION = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, DEFAULT_HASH_ALGORITHM);
+    public final static ASN1Integer          DEFAULT_SALT_LENGTH = new ASN1Integer(20);
+    public final static ASN1Integer          DEFAULT_TRAILER_FIELD = new ASN1Integer(1);
+    
+    public static RSASSAPSSparams getInstance(
+        Object  obj)
+    {
+        if (obj instanceof RSASSAPSSparams)
+        {
+            return (RSASSAPSSparams)obj;
+        }
+        else if (obj != null)
+        {
+            return new RSASSAPSSparams(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+    
+    /**
+     * The default version
+     */
+    public RSASSAPSSparams()
+    {
+        hashAlgorithm = DEFAULT_HASH_ALGORITHM;
+        maskGenAlgorithm = DEFAULT_MASK_GEN_FUNCTION;
+        saltLength = DEFAULT_SALT_LENGTH;
+        trailerField = DEFAULT_TRAILER_FIELD;
+    }
+    
+    public RSASSAPSSparams(
+        AlgorithmIdentifier hashAlgorithm,
+        AlgorithmIdentifier maskGenAlgorithm,
+        ASN1Integer          saltLength,
+        ASN1Integer          trailerField)
+    {
+        this.hashAlgorithm = hashAlgorithm;
+        this.maskGenAlgorithm = maskGenAlgorithm;
+        this.saltLength = saltLength;
+        this.trailerField = trailerField;
+    }
+    
+    private RSASSAPSSparams(
+        ASN1Sequence seq)
+    {
+        hashAlgorithm = DEFAULT_HASH_ALGORITHM;
+        maskGenAlgorithm = DEFAULT_MASK_GEN_FUNCTION;
+        saltLength = DEFAULT_SALT_LENGTH;
+        trailerField = DEFAULT_TRAILER_FIELD;
+        
+        for (int i = 0; i != seq.size(); i++)
+        {
+            ASN1TaggedObject    o = (ASN1TaggedObject)seq.getObjectAt(i);
+            
+            switch (o.getTagNo())
+            {
+            case 0:
+                hashAlgorithm = AlgorithmIdentifier.getInstance(o, true);
+                break;
+            case 1:
+                maskGenAlgorithm = AlgorithmIdentifier.getInstance(o, true);
+                break;
+            case 2:
+                saltLength = ASN1Integer.getInstance(o, true);
+                break;
+            case 3:
+                trailerField = ASN1Integer.getInstance(o, true);
+                break;
+            default:
+                throw new IllegalArgumentException("unknown tag");
+            }
+        }
+    }
+    
+    public AlgorithmIdentifier getHashAlgorithm()
+    {
+        return hashAlgorithm;
+    }
+    
+    public AlgorithmIdentifier getMaskGenAlgorithm()
+    {
+        return maskGenAlgorithm;
+    }
+    
+    public BigInteger getSaltLength()
+    {
+        return saltLength.getValue();
+    }
+    
+    public BigInteger getTrailerField()
+    {
+        return trailerField.getValue();
+    }
+    
+    /**
+     * <pre>
+     * RSASSA-PSS-params ::= SEQUENCE {
+     *   hashAlgorithm      [0] OAEP-PSSDigestAlgorithms  DEFAULT sha1,
+     *    maskGenAlgorithm   [1] PKCS1MGFAlgorithms  DEFAULT mgf1SHA1,
+     *    saltLength         [2] INTEGER  DEFAULT 20,
+     *    trailerField       [3] TrailerField  DEFAULT trailerFieldBC
+     *  }
+     *
+     * OAEP-PSSDigestAlgorithms    ALGORITHM-IDENTIFIER ::= {
+     *    { OID id-sha1 PARAMETERS NULL   }|
+     *    { OID id-sha256 PARAMETERS NULL }|
+     *    { OID id-sha384 PARAMETERS NULL }|
+     *    { OID id-sha512 PARAMETERS NULL },
+     *    ...  -- Allows for future expansion --
+     * }
+     *
+     * PKCS1MGFAlgorithms    ALGORITHM-IDENTIFIER ::= {
+     *   { OID id-mgf1 PARAMETERS OAEP-PSSDigestAlgorithms },
+     *    ...  -- Allows for future expansion --
+     * }
+     * 
+     * TrailerField ::= INTEGER { trailerFieldBC(1) }
+     * </pre>
+     * @return the asn1 primitive representing the parameters.
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+        
+        if (!hashAlgorithm.equals(DEFAULT_HASH_ALGORITHM))
+        {
+            v.add(new DERTaggedObject(true, 0, hashAlgorithm));
+        }
+        
+        if (!maskGenAlgorithm.equals(DEFAULT_MASK_GEN_FUNCTION))
+        {
+            v.add(new DERTaggedObject(true, 1, maskGenAlgorithm));
+        }
+        
+        if (!saltLength.equals(DEFAULT_SALT_LENGTH))
+        {
+            v.add(new DERTaggedObject(true, 2, saltLength));
+        }
+        
+        if (!trailerField.equals(DEFAULT_TRAILER_FIELD))
+        {
+            v.add(new DERTaggedObject(true, 3, trailerField));
+        }
+        
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/SafeBag.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/SafeBag.java
new file mode 100644
index 0000000..d37078f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/SafeBag.java

@@ -0,0 +1,100 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1Set;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DLSequence;
+import com.android.org.bouncycastle.asn1.DLTaggedObject;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SafeBag
+    extends ASN1Object
+{
+    private ASN1ObjectIdentifier bagId;
+    private ASN1Encodable bagValue;
+    private ASN1Set                     bagAttributes;
+
+    public SafeBag(
+        ASN1ObjectIdentifier oid,
+        ASN1Encodable obj)
+    {
+        this.bagId = oid;
+        this.bagValue = obj;
+        this.bagAttributes = null;
+    }
+
+    public SafeBag(
+        ASN1ObjectIdentifier oid,
+        ASN1Encodable obj,
+        ASN1Set                 bagAttributes)
+    {
+        this.bagId = oid;
+        this.bagValue = obj;
+        this.bagAttributes = bagAttributes;
+    }
+
+    public static SafeBag getInstance(
+        Object  obj)
+    {
+        if (obj instanceof SafeBag)
+        {
+            return (SafeBag)obj;
+        }
+
+        if (obj != null)
+        {
+            return new SafeBag(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    private SafeBag(
+        ASN1Sequence    seq)
+    {
+        this.bagId = (ASN1ObjectIdentifier)seq.getObjectAt(0);
+        this.bagValue = ((ASN1TaggedObject)seq.getObjectAt(1)).getObject();
+        if (seq.size() == 3)
+        {
+            this.bagAttributes = (ASN1Set)seq.getObjectAt(2);
+        }
+    }
+
+    public ASN1ObjectIdentifier getBagId()
+    {
+        return bagId;
+    }
+
+    public ASN1Encodable getBagValue()
+    {
+        return bagValue;
+    }
+
+    public ASN1Set getBagAttributes()
+    {
+        return bagAttributes;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(bagId);
+        v.add(new DLTaggedObject(true, 0, bagValue));
+
+        if (bagAttributes != null)
+        {
+            v.add(bagAttributes);
+        }
+
+        return new DLSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/SignedData.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/SignedData.java
new file mode 100644
index 0000000..6ebfdff
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/pkcs/SignedData.java

@@ -0,0 +1,169 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.pkcs;
+
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1Set;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.BERSequence;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+
+/**
+ * a PKCS#7 signed data object.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SignedData
+    extends ASN1Object
+    implements PKCSObjectIdentifiers
+{
+    private ASN1Integer              version;
+    private ASN1Set                 digestAlgorithms;
+    private ContentInfo             contentInfo;
+    private ASN1Set                 certificates;
+    private ASN1Set                 crls;
+    private ASN1Set                 signerInfos;
+
+    public static SignedData getInstance(
+        Object  o)
+    {
+        if (o instanceof SignedData)
+        {
+            return (SignedData)o;
+        }
+        else if (o != null)
+        {
+            return new SignedData(ASN1Sequence.getInstance(o));
+        }
+
+        return null;
+    }
+
+    public SignedData(
+        ASN1Integer        _version,
+        ASN1Set           _digestAlgorithms,
+        ContentInfo       _contentInfo,
+        ASN1Set           _certificates,
+        ASN1Set           _crls,
+        ASN1Set           _signerInfos)
+    {
+        version          = _version;
+        digestAlgorithms = _digestAlgorithms;
+        contentInfo      = _contentInfo;
+        certificates     = _certificates;
+        crls             = _crls;
+        signerInfos      = _signerInfos;
+    }
+
+    public SignedData(
+        ASN1Sequence seq)
+    {
+        Enumeration     e = seq.getObjects();
+
+        version = (ASN1Integer)e.nextElement();
+        digestAlgorithms = ((ASN1Set)e.nextElement());
+        contentInfo = ContentInfo.getInstance(e.nextElement());
+
+        while (e.hasMoreElements())
+        {
+            ASN1Primitive o = (ASN1Primitive)e.nextElement();
+
+            //
+            // an interesting feature of SignedData is that there appear to be varying implementations...
+            // for the moment we ignore anything which doesn't fit.
+            //
+            if (o instanceof ASN1TaggedObject)
+            {
+                ASN1TaggedObject tagged = (ASN1TaggedObject)o;
+
+                switch (tagged.getTagNo())
+                {
+                case 0:
+                    certificates = ASN1Set.getInstance(tagged, false);
+                    break;
+                case 1:
+                    crls = ASN1Set.getInstance(tagged, false);
+                    break;
+                default:
+                    throw new IllegalArgumentException("unknown tag value " + tagged.getTagNo());
+                }
+            }
+            else
+            {
+                signerInfos = (ASN1Set)o;
+            }
+        }
+    }
+
+    public ASN1Integer getVersion()
+    {
+        return version;
+    }
+
+    public ASN1Set getDigestAlgorithms()
+    {
+        return digestAlgorithms;
+    }
+
+    public ContentInfo getContentInfo()
+    {
+        return contentInfo;
+    }
+
+    public ASN1Set getCertificates()
+    {
+        return certificates;
+    }
+
+    public ASN1Set getCRLs()
+    {
+        return crls;
+    }
+
+    public ASN1Set getSignerInfos()
+    {
+        return signerInfos;
+    }
+
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     * <pre>
+     *  SignedData ::= SEQUENCE {
+     *      version Version,
+     *      digestAlgorithms DigestAlgorithmIdentifiers,
+     *      contentInfo ContentInfo,
+     *      certificates
+     *          [0] IMPLICIT ExtendedCertificatesAndCertificates
+     *                   OPTIONAL,
+     *      crls
+     *          [1] IMPLICIT CertificateRevocationLists OPTIONAL,
+     *      signerInfos SignerInfos }
+     * </pre>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(version);
+        v.add(digestAlgorithms);
+        v.add(contentInfo);
+
+        if (certificates != null)
+        {
+            v.add(new DERTaggedObject(false, 0, certificates));
+        }
+
+        if (crls != null)
+        {
+            v.add(new DERTaggedObject(false, 1, crls));
+        }
+
+        v.add(signerInfos);
+
+        return new BERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/sec/ECPrivateKey.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/sec/ECPrivateKey.java
new file mode 100644
index 0000000..6a84ade
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/sec/ECPrivateKey.java

@@ -0,0 +1,184 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.sec;
+
+import java.math.BigInteger;
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+import com.android.org.bouncycastle.util.BigIntegers;
+
+/**
+ * the elliptic curve private key object from SEC 1
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ECPrivateKey
+    extends ASN1Object
+{
+    private ASN1Sequence seq;
+
+    private ECPrivateKey(
+        ASN1Sequence seq)
+    {
+        this.seq = seq;
+    }
+
+    public static ECPrivateKey getInstance(
+        Object obj)
+    {
+        if (obj instanceof ECPrivateKey)
+        {
+            return (ECPrivateKey)obj;
+        }
+
+        if (obj != null)
+        {
+            return new ECPrivateKey(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    /**
+     * @deprecated use constructor which takes orderBitLength to guarantee correct encoding.
+     */
+    public ECPrivateKey(
+        BigInteger key)
+    {
+        this(key.bitLength(), key);
+    }
+
+    /**
+     * Base constructor.
+     *
+     * @param orderBitLength the bitLength of the order of the curve.
+     * @param key the private key value.
+     */
+    public ECPrivateKey(
+        int        orderBitLength,
+        BigInteger key)
+    {
+        byte[] bytes = BigIntegers.asUnsignedByteArray((orderBitLength + 7) / 8, key);
+
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(new ASN1Integer(1));
+        v.add(new DEROctetString(bytes));
+
+        seq = new DERSequence(v);
+    }
+
+    /**
+     * @deprecated use constructor which takes orderBitLength to guarantee correct encoding.
+     */
+    public ECPrivateKey(
+        BigInteger key,
+        ASN1Encodable parameters)
+    {
+        this(key, null, parameters);
+    }
+
+    /**
+     * @deprecated use constructor which takes orderBitLength to guarantee correct encoding.
+     */
+    public ECPrivateKey(
+        BigInteger key,
+        DERBitString publicKey,
+        ASN1Encodable parameters)
+    {
+        this(key.bitLength(), key, publicKey, parameters);
+    }
+
+    public ECPrivateKey(
+        int orderBitLength,
+        BigInteger key,
+        ASN1Encodable parameters)
+    {
+        this(orderBitLength, key, null, parameters);
+    }
+
+    public ECPrivateKey(
+        int orderBitLength,
+        BigInteger key,
+        DERBitString publicKey,
+        ASN1Encodable parameters)
+    {
+        byte[] bytes = BigIntegers.asUnsignedByteArray((orderBitLength + 7) / 8, key);
+
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(new ASN1Integer(1));
+        v.add(new DEROctetString(bytes));
+
+        if (parameters != null)
+        {
+            v.add(new DERTaggedObject(true, 0, parameters));
+        }
+
+        if (publicKey != null)
+        {
+            v.add(new DERTaggedObject(true, 1, publicKey));
+        }
+
+        seq = new DERSequence(v);
+    }
+
+    public BigInteger getKey()
+    {
+        ASN1OctetString octs = (ASN1OctetString)seq.getObjectAt(1);
+
+        return new BigInteger(1, octs.getOctets());
+    }
+
+    public DERBitString getPublicKey()
+    {
+        return (DERBitString)getObjectInTag(1);
+    }
+
+    public ASN1Primitive getParameters()
+    {
+        return getObjectInTag(0);
+    }
+
+    private ASN1Primitive getObjectInTag(int tagNo)
+    {
+        Enumeration e = seq.getObjects();
+
+        while (e.hasMoreElements())
+        {
+            ASN1Encodable obj = (ASN1Encodable)e.nextElement();
+
+            if (obj instanceof ASN1TaggedObject)
+            {
+                ASN1TaggedObject tag = (ASN1TaggedObject)obj;
+                if (tag.getTagNo() == tagNo)
+                {
+                    return tag.getObject().toASN1Primitive();
+                }
+            }
+        }
+        return null;
+    }
+
+    /**
+     * ECPrivateKey ::= SEQUENCE {
+     *     version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
+     *     privateKey OCTET STRING,
+     *     parameters [0] Parameters OPTIONAL,
+     *     publicKey [1] BIT STRING OPTIONAL }
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        return seq;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/sec/ECPrivateKeyStructure.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/sec/ECPrivateKeyStructure.java
new file mode 100644
index 0000000..65bb321
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/sec/ECPrivateKeyStructure.java

@@ -0,0 +1,130 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.sec;
+
+import java.math.BigInteger;
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+import com.android.org.bouncycastle.util.BigIntegers;
+
+/**
+ * the elliptic curve private key object from SEC 1
+ * @deprecated use ECPrivateKey
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ECPrivateKeyStructure
+    extends ASN1Object
+{
+    private ASN1Sequence  seq;
+
+    public ECPrivateKeyStructure(
+        ASN1Sequence  seq)
+    {
+        this.seq = seq;
+    }
+
+    public ECPrivateKeyStructure(
+        BigInteger  key)
+    {
+        byte[] bytes = BigIntegers.asUnsignedByteArray(key);
+
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(new ASN1Integer(1));
+        v.add(new DEROctetString(bytes));
+
+        seq = new DERSequence(v);
+    }
+
+    public ECPrivateKeyStructure(
+        BigInteger    key,
+        ASN1Encodable parameters)
+    {
+        this(key, null, parameters);
+    }
+
+    public ECPrivateKeyStructure(
+        BigInteger    key,
+        DERBitString  publicKey,
+        ASN1Encodable parameters)
+    {
+        byte[] bytes = BigIntegers.asUnsignedByteArray(key);
+
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(new ASN1Integer(1));
+        v.add(new DEROctetString(bytes));
+
+        if (parameters != null)
+        {
+            v.add(new DERTaggedObject(true, 0, parameters));
+        }
+
+        if (publicKey != null)
+        {
+            v.add(new DERTaggedObject(true, 1, publicKey));
+        }
+
+        seq = new DERSequence(v);
+    }
+
+    public BigInteger getKey()
+    {
+        ASN1OctetString  octs = (ASN1OctetString)seq.getObjectAt(1);
+
+        return new BigInteger(1, octs.getOctets());
+    }
+
+    public DERBitString getPublicKey()
+    {
+        return (DERBitString)getObjectInTag(1);
+    }
+
+    public ASN1Primitive getParameters()
+    {
+        return getObjectInTag(0);
+    }
+
+    private ASN1Primitive getObjectInTag(int tagNo)
+    {
+        Enumeration e = seq.getObjects();
+
+        while (e.hasMoreElements())
+        {
+            ASN1Encodable obj = (ASN1Encodable)e.nextElement();
+
+            if (obj instanceof ASN1TaggedObject)
+            {
+                ASN1TaggedObject tag = (ASN1TaggedObject)obj;
+                if (tag.getTagNo() == tagNo)
+                {
+                    return (ASN1Primitive)((ASN1Encodable)tag.getObject()).toASN1Primitive();
+                }
+            }
+        }
+        return null;
+    }
+
+    /**
+     * ECPrivateKey ::= SEQUENCE {
+     *     version INTEGER { ecPrivkeyVer1(1) } (ecPrivkeyVer1),
+     *     privateKey OCTET STRING,
+     *     parameters [0] Parameters OPTIONAL,
+     *     publicKey [1] BIT STRING OPTIONAL }
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        return seq;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/sec/SECNamedCurves.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/sec/SECNamedCurves.java
new file mode 100644
index 0000000..145e08f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/sec/SECNamedCurves.java

@@ -0,0 +1,1086 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.sec;
+
+import java.math.BigInteger;
+import java.util.Enumeration;
+import java.util.Hashtable;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.x9.X9ECParameters;
+import com.android.org.bouncycastle.asn1.x9.X9ECParametersHolder;
+import com.android.org.bouncycastle.asn1.x9.X9ECPoint;
+import com.android.org.bouncycastle.math.ec.ECConstants;
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.endo.GLVTypeBEndomorphism;
+import com.android.org.bouncycastle.math.ec.endo.GLVTypeBParameters;
+import com.android.org.bouncycastle.util.Strings;
+import com.android.org.bouncycastle.util.encoders.Hex;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SECNamedCurves
+{
+    private static ECCurve configureCurve(ECCurve curve)
+    {
+        return curve;
+    }
+
+    private static ECCurve configureCurveGLV(ECCurve c, GLVTypeBParameters p)
+    {
+        return c.configure().setEndomorphism(new GLVTypeBEndomorphism(c, p)).create();
+    }
+
+    private static BigInteger fromHex(
+        String hex)
+    {
+        return new BigInteger(1, Hex.decode(hex));
+    }
+
+    /*
+     * secp112r1
+     */
+    static X9ECParametersHolder secp112r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            // p = (2^128 - 3) / 76439
+            BigInteger p = fromHex("DB7C2ABF62E35E668076BEAD208B");
+            BigInteger a = fromHex("DB7C2ABF62E35E668076BEAD2088");
+            BigInteger b = fromHex("659EF8BA043916EEDE8911702B22");
+            byte[] S = Hex.decode("00F50B028E4D696E676875615175290472783FB1");
+            BigInteger n = fromHex("DB7C2ABF62E35E7628DFAC6561C5");
+            BigInteger h = BigInteger.valueOf(1);
+
+            ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("02"
+            //+ "09487239995A5EE76B55F9C2F098"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "09487239995A5EE76B55F9C2F098"
+                + "A89CE5AF8724C0A23E0E0FF77500"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * secp112r2
+     */
+    static X9ECParametersHolder secp112r2 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            // p = (2^128 - 3) / 76439
+            BigInteger p = fromHex("DB7C2ABF62E35E668076BEAD208B");
+            BigInteger a = fromHex("6127C24C05F38A0AAAF65C0EF02C");
+            BigInteger b = fromHex("51DEF1815DB5ED74FCC34C85D709");
+            byte[] S = Hex.decode("002757A1114D696E6768756151755316C05E0BD4");
+            BigInteger n = fromHex("36DF0AAFD8B8D7597CA10520D04B");
+            BigInteger h = BigInteger.valueOf(4);
+
+            ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("03"
+            //+ "4BA30AB5E892B4E1649DD0928643"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "4BA30AB5E892B4E1649DD0928643"
+                + "ADCD46F5882E3747DEF36E956E97"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * secp128r1
+     */
+    static X9ECParametersHolder secp128r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            // p = 2^128 - 2^97 - 1
+            BigInteger p = fromHex("FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF");
+            BigInteger a = fromHex("FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFC");
+            BigInteger b = fromHex("E87579C11079F43DD824993C2CEE5ED3");
+            byte[] S = Hex.decode("000E0D4D696E6768756151750CC03A4473D03679");
+            BigInteger n = fromHex("FFFFFFFE0000000075A30D1B9038A115");
+            BigInteger h = BigInteger.valueOf(1);
+
+            ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("03"
+            //+ "161FF7528B899B2D0C28607CA52C5B86"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "161FF7528B899B2D0C28607CA52C5B86"
+                + "CF5AC8395BAFEB13C02DA292DDED7A83"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * secp128r2
+     */
+    static X9ECParametersHolder secp128r2 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            // p = 2^128 - 2^97 - 1
+            BigInteger p = fromHex("FFFFFFFDFFFFFFFFFFFFFFFFFFFFFFFF");
+            BigInteger a = fromHex("D6031998D1B3BBFEBF59CC9BBFF9AEE1");
+            BigInteger b = fromHex("5EEEFCA380D02919DC2C6558BB6D8A5D");
+            byte[] S = Hex.decode("004D696E67687561517512D8F03431FCE63B88F4");
+            BigInteger n = fromHex("3FFFFFFF7FFFFFFFBE0024720613B5A3");
+            BigInteger h = BigInteger.valueOf(4);
+
+            ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("02"
+            //+ "7B6AA5D85E572983E6FB32A7CDEBC140"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "7B6AA5D85E572983E6FB32A7CDEBC140"
+                + "27B6916A894D3AEE7106FE805FC34B44"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * secp160k1
+     */
+    static X9ECParametersHolder secp160k1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            // p = 2^160 - 2^32 - 2^14 - 2^12 - 2^9 - 2^8 - 2^7 - 2^3 - 2^2 - 1
+            BigInteger p = fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73");
+            BigInteger a = ECConstants.ZERO;
+            BigInteger b = BigInteger.valueOf(7);
+            byte[] S = null;
+            BigInteger n = fromHex("0100000000000000000001B8FA16DFAB9ACA16B6B3");
+            BigInteger h = BigInteger.valueOf(1);
+
+            GLVTypeBParameters glv = new GLVTypeBParameters(
+                new BigInteger("9ba48cba5ebcb9b6bd33b92830b2a2e0e192f10a", 16),
+                new BigInteger("c39c6c3b3a36d7701b9c71a1f5804ae5d0003f4", 16),
+                new BigInteger[]{
+                    new BigInteger("9162fbe73984472a0a9e", 16),
+                    new BigInteger("-96341f1138933bc2f505", 16) },
+                new BigInteger[]{
+                    new BigInteger("127971af8721782ecffa3", 16),
+                    new BigInteger("9162fbe73984472a0a9e", 16) },
+                new BigInteger("9162fbe73984472a0a9d0590", 16),
+                new BigInteger("96341f1138933bc2f503fd44", 16),
+                176);
+
+            ECCurve curve = configureCurveGLV(new ECCurve.Fp(p, a, b, n, h), glv);
+//            ECPoint G = curve.decodePoint(Hex.decode("02"
+//                + "3B4C382CE37AA192A4019E763036F4F5DD4D7EBB"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "3B4C382CE37AA192A4019E763036F4F5DD4D7EBB"
+                + "938CF935318FDCED6BC28286531733C3F03C4FEE"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * secp160r1
+     */
+    static X9ECParametersHolder secp160r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            // p = 2^160 - 2^31 - 1
+            BigInteger p = fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFF");
+            BigInteger a = fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF7FFFFFFC");
+            BigInteger b = fromHex("1C97BEFC54BD7A8B65ACF89F81D4D4ADC565FA45");
+            byte[] S = Hex.decode("1053CDE42C14D696E67687561517533BF3F83345");
+            BigInteger n = fromHex("0100000000000000000001F4C8F927AED3CA752257");
+            BigInteger h = BigInteger.valueOf(1);
+
+            ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("02"
+                //+ "4A96B5688EF573284664698968C38BB913CBFC82"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "4A96B5688EF573284664698968C38BB913CBFC82"
+                + "23A628553168947D59DCC912042351377AC5FB32"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * secp160r2
+     */
+    static X9ECParametersHolder secp160r2 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            // p = 2^160 - 2^32 - 2^14 - 2^12 - 2^9 - 2^8 - 2^7 - 2^3 - 2^2 - 1
+            BigInteger p = fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC73");
+            BigInteger a = fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFAC70");
+            BigInteger b = fromHex("B4E134D3FB59EB8BAB57274904664D5AF50388BA");
+            byte[] S = Hex.decode("B99B99B099B323E02709A4D696E6768756151751");
+            BigInteger n = fromHex("0100000000000000000000351EE786A818F3A1A16B");
+            BigInteger h = BigInteger.valueOf(1);
+
+            ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("02"
+            //+ "52DCB034293A117E1F4FF11B30F7199D3144CE6D"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "52DCB034293A117E1F4FF11B30F7199D3144CE6D"
+                + "FEAFFEF2E331F296E071FA0DF9982CFEA7D43F2E"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * secp192k1
+     */
+    static X9ECParametersHolder secp192k1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            // p = 2^192 - 2^32 - 2^12 - 2^8 - 2^7 - 2^6 - 2^3 - 1
+            BigInteger p = fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37");
+            BigInteger a = ECConstants.ZERO;
+            BigInteger b = BigInteger.valueOf(3);
+            byte[] S = null;
+            BigInteger n = fromHex("FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D");
+            BigInteger h = BigInteger.valueOf(1);
+
+            GLVTypeBParameters glv = new GLVTypeBParameters(
+                new BigInteger("bb85691939b869c1d087f601554b96b80cb4f55b35f433c2", 16),
+                new BigInteger("3d84f26c12238d7b4f3d516613c1759033b1a5800175d0b1", 16),
+                new BigInteger[]{
+                    new BigInteger("71169be7330b3038edb025f1", 16),
+                    new BigInteger("-b3fb3400dec5c4adceb8655c", 16) },
+                new BigInteger[]{
+                    new BigInteger("12511cfe811d0f4e6bc688b4d", 16),
+                    new BigInteger("71169be7330b3038edb025f1", 16) },
+                new BigInteger("71169be7330b3038edb025f1d0f9", 16),
+                new BigInteger("b3fb3400dec5c4adceb8655d4c94", 16),
+                208);
+
+            ECCurve curve = configureCurveGLV(new ECCurve.Fp(p, a, b, n, h), glv);
+            //ECPoint G = curve.decodePoint(Hex.decode("03"
+            //+ "DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D"
+                + "9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * secp192r1
+     */
+    static X9ECParametersHolder secp192r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            // p = 2^192 - 2^64 - 1
+            BigInteger p = fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF");
+            BigInteger a = fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC");
+            BigInteger b = fromHex("64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1");
+            byte[] S = Hex.decode("3045AE6FC8422F64ED579528D38120EAE12196D5");
+            BigInteger n = fromHex("FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831");
+            BigInteger h = BigInteger.valueOf(1);
+
+            ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("03"
+            //+ "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012"
+                + "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * secp224k1
+     */
+    static X9ECParametersHolder secp224k1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            // p = 2^224 - 2^32 - 2^12 - 2^11 - 2^9 - 2^7 - 2^4 - 2 - 1
+            BigInteger p = fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFE56D");
+            BigInteger a = ECConstants.ZERO;
+            BigInteger b = BigInteger.valueOf(5);
+            byte[] S = null;
+            BigInteger n = fromHex("010000000000000000000000000001DCE8D2EC6184CAF0A971769FB1F7");
+            BigInteger h = BigInteger.valueOf(1);
+
+            GLVTypeBParameters glv = new GLVTypeBParameters(
+                new BigInteger("fe0e87005b4e83761908c5131d552a850b3f58b749c37cf5b84d6768", 16),
+                new BigInteger("60dcd2104c4cbc0be6eeefc2bdd610739ec34e317f9b33046c9e4788", 16),
+                new BigInteger[]{
+                    new BigInteger("6b8cf07d4ca75c88957d9d670591", 16),
+                    new BigInteger("-b8adf1378a6eb73409fa6c9c637d", 16) },
+                new BigInteger[]{
+                    new BigInteger("1243ae1b4d71613bc9f780a03690e", 16),
+                    new BigInteger("6b8cf07d4ca75c88957d9d670591", 16) },
+                new BigInteger("6b8cf07d4ca75c88957d9d67059037a4", 16),
+                new BigInteger("b8adf1378a6eb73409fa6c9c637ba7f5", 16),
+                240);
+
+            ECCurve curve = configureCurveGLV(new ECCurve.Fp(p, a, b, n, h), glv);
+            //ECPoint G = curve.decodePoint(Hex.decode("03"
+            //+ "A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C"
+                + "7E089FED7FBA344282CAFBD6F7E319F7C0B0BD59E2CA4BDB556D61A5"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * secp224r1
+     */
+    static X9ECParametersHolder secp224r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            // p = 2^224 - 2^96 + 1
+            BigInteger p = fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001");
+            BigInteger a = fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE");
+            BigInteger b = fromHex("B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4");
+            byte[] S = Hex.decode("BD71344799D5C7FCDC45B59FA3B9AB8F6A948BC5");
+            BigInteger n = fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D");
+            BigInteger h = BigInteger.valueOf(1);
+
+            ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("02"
+            //+ "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21"
+                + "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * secp256k1
+     */
+    static X9ECParametersHolder secp256k1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            // p = 2^256 - 2^32 - 2^9 - 2^8 - 2^7 - 2^6 - 2^4 - 1
+            BigInteger p = fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F");
+            BigInteger a = ECConstants.ZERO;
+            BigInteger b = BigInteger.valueOf(7);
+            byte[] S = null;
+            BigInteger n = fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141");
+            BigInteger h = BigInteger.valueOf(1);
+
+            GLVTypeBParameters glv = new GLVTypeBParameters(
+                new BigInteger("7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee", 16),
+                new BigInteger("5363ad4cc05c30e0a5261c028812645a122e22ea20816678df02967c1b23bd72", 16),
+                new BigInteger[]{
+                    new BigInteger("3086d221a7d46bcde86c90e49284eb15", 16),
+                    new BigInteger("-e4437ed6010e88286f547fa90abfe4c3", 16) },
+                new BigInteger[]{
+                    new BigInteger("114ca50f7a8e2f3f657c1108d9d44cfd8", 16),
+                    new BigInteger("3086d221a7d46bcde86c90e49284eb15", 16) },
+                new BigInteger("3086d221a7d46bcde86c90e49284eb153dab", 16),
+                new BigInteger("e4437ed6010e88286f547fa90abfe4c42212", 16),
+                272);
+
+            ECCurve curve = configureCurveGLV(new ECCurve.Fp(p, a, b, n, h), glv);
+            //ECPoint G = curve.decodePoint(Hex.decode("02"
+            //+ "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798"
+                + "483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * secp256r1
+     */
+    static X9ECParametersHolder secp256r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            // p = 2^224 (2^32 - 1) + 2^192 + 2^96 - 1
+            BigInteger p = fromHex("FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF");
+            BigInteger a = fromHex("FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC");
+            BigInteger b = fromHex("5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B");
+            byte[] S = Hex.decode("C49D360886E704936A6678E1139D26B7819F7E90");
+            BigInteger n = fromHex("FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551");
+            BigInteger h = BigInteger.valueOf(1);
+
+            ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("03"
+            //+ "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296"
+                + "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * secp384r1
+     */
+    static X9ECParametersHolder secp384r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            // p = 2^384 - 2^128 - 2^96 + 2^32 - 1
+            BigInteger p = fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF");
+            BigInteger a = fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC");
+            BigInteger b = fromHex("B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF");
+            byte[] S = Hex.decode("A335926AA319A27A1D00896A6773A4827ACDAC73");
+            BigInteger n = fromHex("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973");
+            BigInteger h = BigInteger.valueOf(1);
+
+            ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("03"
+            //+ "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7"
+                + "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * secp521r1
+     */
+    static X9ECParametersHolder secp521r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            // p = 2^521 - 1
+            BigInteger p = fromHex("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF");
+            BigInteger a = fromHex("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC");
+            BigInteger b = fromHex("0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00");
+            byte[] S = Hex.decode("D09E8800291CB85396CC6717393284AAA0DA64BA");
+            BigInteger n = fromHex("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409");
+            BigInteger h = BigInteger.valueOf(1);
+
+            ECCurve curve = configureCurve(new ECCurve.Fp(p, a, b, n, h));
+
+            //ECPoint G = curve.decodePoint(Hex.decode("02"
+            //+ "00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66"
+                + "011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * sect113r1
+     */
+    static X9ECParametersHolder sect113r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            int m = 113;
+            int k = 9;
+
+            BigInteger a = fromHex("003088250CA6E7C7FE649CE85820F7");
+            BigInteger b = fromHex("00E8BEE4D3E2260744188BE0E9C723");
+            byte[] S = Hex.decode("10E723AB14D696E6768756151756FEBF8FCB49A9");
+            BigInteger n = fromHex("0100000000000000D9CCEC8A39E56F");
+            BigInteger h = BigInteger.valueOf(2);
+
+            ECCurve curve = configureCurve(new ECCurve.F2m(m, k, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("03"
+            //+ "009D73616F35F4AB1407D73562C10F"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "009D73616F35F4AB1407D73562C10F"
+                + "00A52830277958EE84D1315ED31886"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * sect113r2
+     */
+    static X9ECParametersHolder sect113r2 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            int m = 113;
+            int k = 9;
+
+            BigInteger a = fromHex("00689918DBEC7E5A0DD6DFC0AA55C7");
+            BigInteger b = fromHex("0095E9A9EC9B297BD4BF36E059184F");
+            byte[] S = Hex.decode("10C0FB15760860DEF1EEF4D696E676875615175D");
+            BigInteger n = fromHex("010000000000000108789B2496AF93");
+            BigInteger h = BigInteger.valueOf(2);
+
+            ECCurve curve = configureCurve(new ECCurve.F2m(m, k, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("03"
+            //+ "01A57A6A7B26CA5EF52FCDB8164797"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "01A57A6A7B26CA5EF52FCDB8164797"
+                + "00B3ADC94ED1FE674C06E695BABA1D"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * sect131r1
+     */
+    static X9ECParametersHolder sect131r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            int m = 131;
+            int k1 = 2;
+            int k2 = 3;
+            int k3 = 8;
+
+            BigInteger a = fromHex("07A11B09A76B562144418FF3FF8C2570B8");
+            BigInteger b = fromHex("0217C05610884B63B9C6C7291678F9D341");
+            byte[] S = Hex.decode("4D696E676875615175985BD3ADBADA21B43A97E2");
+            BigInteger n = fromHex("0400000000000000023123953A9464B54D");
+            BigInteger h = BigInteger.valueOf(2);
+
+            ECCurve curve = configureCurve(new ECCurve.F2m(m, k1, k2, k3, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("03"
+            //+ "0081BAF91FDF9833C40F9C181343638399"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "0081BAF91FDF9833C40F9C181343638399"
+                + "078C6E7EA38C001F73C8134B1B4EF9E150"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * sect131r2
+     */
+    static X9ECParametersHolder sect131r2 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            int m = 131;
+            int k1 = 2;
+            int k2 = 3;
+            int k3 = 8;
+
+            BigInteger a = fromHex("03E5A88919D7CAFCBF415F07C2176573B2");
+            BigInteger b = fromHex("04B8266A46C55657AC734CE38F018F2192");
+            byte[] S = Hex.decode("985BD3ADBAD4D696E676875615175A21B43A97E3");
+            BigInteger n = fromHex("0400000000000000016954A233049BA98F");
+            BigInteger h = BigInteger.valueOf(2);
+
+            ECCurve curve = configureCurve(new ECCurve.F2m(m, k1, k2, k3, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("03"
+            //+ "0356DCD8F2F95031AD652D23951BB366A8"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "0356DCD8F2F95031AD652D23951BB366A8"
+                + "0648F06D867940A5366D9E265DE9EB240F"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * sect163k1
+     */
+    static X9ECParametersHolder sect163k1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            int m = 163;
+            int k1 = 3;
+            int k2 = 6;
+            int k3 = 7;
+
+            BigInteger a = BigInteger.valueOf(1);
+            BigInteger b = BigInteger.valueOf(1);
+            byte[] S = null;
+            BigInteger n = fromHex("04000000000000000000020108A2E0CC0D99F8A5EF");
+            BigInteger h = BigInteger.valueOf(2);
+
+            ECCurve curve = configureCurve(new ECCurve.F2m(m, k1, k2, k3, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("03"
+            //+ "02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8"
+                + "0289070FB05D38FF58321F2E800536D538CCDAA3D9"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * sect163r1
+     */
+    static X9ECParametersHolder sect163r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            int m = 163;
+            int k1 = 3;
+            int k2 = 6;
+            int k3 = 7;
+
+            BigInteger a = fromHex("07B6882CAAEFA84F9554FF8428BD88E246D2782AE2");
+            BigInteger b = fromHex("0713612DCDDCB40AAB946BDA29CA91F73AF958AFD9");
+            byte[] S = Hex.decode("24B7B137C8A14D696E6768756151756FD0DA2E5C");
+            BigInteger n = fromHex("03FFFFFFFFFFFFFFFFFFFF48AAB689C29CA710279B");
+            BigInteger h = BigInteger.valueOf(2);
+
+            ECCurve curve = configureCurve(new ECCurve.F2m(m, k1, k2, k3, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("03"
+            //+ "0369979697AB43897789566789567F787A7876A654"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "0369979697AB43897789566789567F787A7876A654"
+                + "00435EDB42EFAFB2989D51FEFCE3C80988F41FF883"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * sect163r2
+     */
+    static X9ECParametersHolder sect163r2 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            int m = 163;
+            int k1 = 3;
+            int k2 = 6;
+            int k3 = 7;
+
+            BigInteger a = BigInteger.valueOf(1);
+            BigInteger b = fromHex("020A601907B8C953CA1481EB10512F78744A3205FD");
+            byte[] S = Hex.decode("85E25BFE5C86226CDB12016F7553F9D0E693A268");
+            BigInteger n = fromHex("040000000000000000000292FE77E70C12A4234C33");
+            BigInteger h = BigInteger.valueOf(2);
+
+            ECCurve curve = configureCurve(new ECCurve.F2m(m, k1, k2, k3, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("03"
+            //+ "03F0EBA16286A2D57EA0991168D4994637E8343E36"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "03F0EBA16286A2D57EA0991168D4994637E8343E36"
+                + "00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * sect193r1
+     */
+    static X9ECParametersHolder sect193r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            int m = 193;
+            int k = 15;
+
+            BigInteger a = fromHex("0017858FEB7A98975169E171F77B4087DE098AC8A911DF7B01");
+            BigInteger b = fromHex("00FDFB49BFE6C3A89FACADAA7A1E5BBC7CC1C2E5D831478814");
+            byte[] S = Hex.decode("103FAEC74D696E676875615175777FC5B191EF30");
+            BigInteger n = fromHex("01000000000000000000000000C7F34A778F443ACC920EBA49");
+            BigInteger h = BigInteger.valueOf(2);
+
+            ECCurve curve = configureCurve(new ECCurve.F2m(m, k, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("03"
+            //+ "01F481BC5F0FF84A74AD6CDF6FDEF4BF6179625372D8C0C5E1"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "01F481BC5F0FF84A74AD6CDF6FDEF4BF6179625372D8C0C5E1"
+                + "0025E399F2903712CCF3EA9E3A1AD17FB0B3201B6AF7CE1B05"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * sect193r2
+     */
+    static X9ECParametersHolder sect193r2 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            int m = 193;
+            int k = 15;
+
+            BigInteger a = fromHex("0163F35A5137C2CE3EA6ED8667190B0BC43ECD69977702709B");
+            BigInteger b = fromHex("00C9BB9E8927D4D64C377E2AB2856A5B16E3EFB7F61D4316AE");
+            byte[] S = Hex.decode("10B7B4D696E676875615175137C8A16FD0DA2211");
+            BigInteger n = fromHex("010000000000000000000000015AAB561B005413CCD4EE99D5");
+            BigInteger h = BigInteger.valueOf(2);
+
+            ECCurve curve = configureCurve(new ECCurve.F2m(m, k, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("03"
+            //+ "00D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8F"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "00D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8F"
+                + "01CE94335607C304AC29E7DEFBD9CA01F596F927224CDECF6C"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * sect233k1
+     */
+    static X9ECParametersHolder sect233k1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            int m = 233;
+            int k = 74;
+
+            BigInteger a = ECConstants.ZERO;
+            BigInteger b = BigInteger.valueOf(1);
+            byte[] S = null;
+            BigInteger n = fromHex("8000000000000000000000000000069D5BB915BCD46EFB1AD5F173ABDF");
+            BigInteger h = BigInteger.valueOf(4);
+
+            ECCurve curve = configureCurve(new ECCurve.F2m(m, k, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("02"
+            //+ "017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126"
+                + "01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * sect233r1
+     */
+    static X9ECParametersHolder sect233r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            int m = 233;
+            int k = 74;
+
+            BigInteger a = BigInteger.valueOf(1);
+            BigInteger b = fromHex("0066647EDE6C332C7F8C0923BB58213B333B20E9CE4281FE115F7D8F90AD");
+            byte[] S = Hex.decode("74D59FF07F6B413D0EA14B344B20A2DB049B50C3");
+            BigInteger n = fromHex("01000000000000000000000000000013E974E72F8A6922031D2603CFE0D7");
+            BigInteger h = BigInteger.valueOf(2);
+
+            ECCurve curve = configureCurve(new ECCurve.F2m(m, k, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("03"
+            //+ "00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B"
+                + "01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * sect239k1
+     */
+    static X9ECParametersHolder sect239k1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            int m = 239;
+            int k = 158;
+
+            BigInteger a = ECConstants.ZERO;
+            BigInteger b = BigInteger.valueOf(1);
+            byte[] S = null;
+            BigInteger n = fromHex("2000000000000000000000000000005A79FEC67CB6E91F1C1DA800E478A5");
+            BigInteger h = BigInteger.valueOf(4);
+
+            ECCurve curve = configureCurve(new ECCurve.F2m(m, k, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("03"
+            //+ "29A0B6A887A983E9730988A68727A8B2D126C44CC2CC7B2A6555193035DC"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "29A0B6A887A983E9730988A68727A8B2D126C44CC2CC7B2A6555193035DC"
+                + "76310804F12E549BDB011C103089E73510ACB275FC312A5DC6B76553F0CA"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * sect283k1
+     */
+    static X9ECParametersHolder sect283k1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            int m = 283;
+            int k1 = 5;
+            int k2 = 7;
+            int k3 = 12;
+
+            BigInteger a = ECConstants.ZERO;
+            BigInteger b = BigInteger.valueOf(1);
+            byte[] S = null;
+            BigInteger n = fromHex("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE9AE2ED07577265DFF7F94451E061E163C61");
+            BigInteger h = BigInteger.valueOf(4);
+
+            ECCurve curve = configureCurve(new ECCurve.F2m(m, k1, k2, k3, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("02"
+            //+ "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836"
+                + "01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * sect283r1
+     */
+    static X9ECParametersHolder sect283r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            int m = 283;
+            int k1 = 5;
+            int k2 = 7;
+            int k3 = 12;
+
+            BigInteger a = BigInteger.valueOf(1);
+            BigInteger b = fromHex("027B680AC8B8596DA5A4AF8A19A0303FCA97FD7645309FA2A581485AF6263E313B79A2F5");
+            byte[] S = Hex.decode("77E2B07370EB0F832A6DD5B62DFC88CD06BB84BE");
+            BigInteger n = fromHex("03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEF90399660FC938A90165B042A7CEFADB307");
+            BigInteger h = BigInteger.valueOf(2);
+
+            ECCurve curve = configureCurve(new ECCurve.F2m(m, k1, k2, k3, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("03"
+            //+ "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053"
+                + "03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * sect409k1
+     */
+    static X9ECParametersHolder sect409k1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            int m = 409;
+            int k = 87;
+
+            BigInteger a = ECConstants.ZERO;
+            BigInteger b = BigInteger.valueOf(1);
+            byte[] S = null;
+            BigInteger n = fromHex("7FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE5F83B2D4EA20400EC4557D5ED3E3E7CA5B4B5C83B8E01E5FCF");
+            BigInteger h = BigInteger.valueOf(4);
+
+            ECCurve curve = configureCurve(new ECCurve.F2m(m, k, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("03"
+            //+ "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746"
+                + "01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * sect409r1
+     */
+    static X9ECParametersHolder sect409r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            int m = 409;
+            int k = 87;
+
+            BigInteger a = BigInteger.valueOf(1);
+            BigInteger b = fromHex("0021A5C2C8EE9FEB5C4B9A753B7B476B7FD6422EF1F3DD674761FA99D6AC27C8A9A197B272822F6CD57A55AA4F50AE317B13545F");
+            byte[] S = Hex.decode("4099B5A457F9D69F79213D094C4BCD4D4262210B");
+            BigInteger n = fromHex("010000000000000000000000000000000000000000000000000001E2AAD6A612F33307BE5FA47C3C9E052F838164CD37D9A21173");
+            BigInteger h = BigInteger.valueOf(2);
+
+            ECCurve curve = configureCurve(new ECCurve.F2m(m, k, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("03"
+            //+ "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7"
+                + "0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * sect571k1
+     */
+    static X9ECParametersHolder sect571k1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            int m = 571;
+            int k1 = 2;
+            int k2 = 5;
+            int k3 = 10;
+
+            BigInteger a = ECConstants.ZERO;
+            BigInteger b = BigInteger.valueOf(1);
+            byte[] S = null;
+            BigInteger n = fromHex("020000000000000000000000000000000000000000000000000000000000000000000000131850E1F19A63E4B391A8DB917F4138B630D84BE5D639381E91DEB45CFE778F637C1001");
+            BigInteger h = BigInteger.valueOf(4);
+
+            ECCurve curve = configureCurve(new ECCurve.F2m(m, k1, k2, k3, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("02"
+            //+ "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972"
+                + "0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+    /*
+     * sect571r1
+     */
+    static X9ECParametersHolder sect571r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            int m = 571;
+            int k1 = 2;
+            int k2 = 5;
+            int k3 = 10;
+
+            BigInteger a = BigInteger.valueOf(1);
+            BigInteger b = fromHex("02F40E7E2221F295DE297117B7F3D62F5C6A97FFCB8CEFF1CD6BA8CE4A9A18AD84FFABBD8EFA59332BE7AD6756A66E294AFD185A78FF12AA520E4DE739BACA0C7FFEFF7F2955727A");
+            byte[] S = Hex.decode("2AA058F73A0E33AB486B0F610410C53A7F132310");
+            BigInteger n = fromHex("03FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFE661CE18FF55987308059B186823851EC7DD9CA1161DE93D5174D66E8382E9BB2FE84E47");
+            BigInteger h = BigInteger.valueOf(2);
+
+            ECCurve curve = configureCurve(new ECCurve.F2m(m, k1, k2, k3, a, b, n, h));
+            //ECPoint G = curve.decodePoint(Hex.decode("03"
+            //+ "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19"));
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19"
+                + "037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B"));
+
+            return new X9ECParameters(curve, G, n, h, S);
+        }
+    };
+
+
+    static final Hashtable objIds = new Hashtable();
+    static final Hashtable curves = new Hashtable();
+    static final Hashtable names = new Hashtable();
+
+    static void defineCurve(String name, ASN1ObjectIdentifier oid, X9ECParametersHolder holder)
+    {
+        objIds.put(name, oid);
+        names.put(oid, name);
+        curves.put(oid, holder);
+    }
+
+    static
+    {
+        defineCurve("secp112r1", SECObjectIdentifiers.secp112r1, secp112r1);
+        defineCurve("secp112r2", SECObjectIdentifiers.secp112r2, secp112r2);
+        defineCurve("secp128r1", SECObjectIdentifiers.secp128r1, secp128r1);
+        defineCurve("secp128r2", SECObjectIdentifiers.secp128r2, secp128r2);
+        defineCurve("secp160k1", SECObjectIdentifiers.secp160k1, secp160k1);
+        defineCurve("secp160r1", SECObjectIdentifiers.secp160r1, secp160r1);
+        defineCurve("secp160r2", SECObjectIdentifiers.secp160r2, secp160r2);
+        defineCurve("secp192k1", SECObjectIdentifiers.secp192k1, secp192k1);
+        defineCurve("secp192r1", SECObjectIdentifiers.secp192r1, secp192r1);
+        defineCurve("secp224k1", SECObjectIdentifiers.secp224k1, secp224k1);
+        defineCurve("secp224r1", SECObjectIdentifiers.secp224r1, secp224r1); 
+        defineCurve("secp256k1", SECObjectIdentifiers.secp256k1, secp256k1);
+        defineCurve("secp256r1", SECObjectIdentifiers.secp256r1, secp256r1); 
+        defineCurve("secp384r1", SECObjectIdentifiers.secp384r1, secp384r1); 
+        defineCurve("secp521r1", SECObjectIdentifiers.secp521r1, secp521r1); 
+
+        defineCurve("sect113r1", SECObjectIdentifiers.sect113r1, sect113r1);
+        defineCurve("sect113r2", SECObjectIdentifiers.sect113r2, sect113r2);
+        defineCurve("sect131r1", SECObjectIdentifiers.sect131r1, sect131r1);
+        defineCurve("sect131r2", SECObjectIdentifiers.sect131r2, sect131r2);
+        defineCurve("sect163k1", SECObjectIdentifiers.sect163k1, sect163k1);
+        defineCurve("sect163r1", SECObjectIdentifiers.sect163r1, sect163r1);
+        defineCurve("sect163r2", SECObjectIdentifiers.sect163r2, sect163r2);
+        defineCurve("sect193r1", SECObjectIdentifiers.sect193r1, sect193r1);
+        defineCurve("sect193r2", SECObjectIdentifiers.sect193r2, sect193r2);
+        defineCurve("sect233k1", SECObjectIdentifiers.sect233k1, sect233k1);
+        defineCurve("sect233r1", SECObjectIdentifiers.sect233r1, sect233r1);
+        defineCurve("sect239k1", SECObjectIdentifiers.sect239k1, sect239k1);
+        defineCurve("sect283k1", SECObjectIdentifiers.sect283k1, sect283k1);
+        defineCurve("sect283r1", SECObjectIdentifiers.sect283r1, sect283r1);
+        defineCurve("sect409k1", SECObjectIdentifiers.sect409k1, sect409k1);
+        defineCurve("sect409r1", SECObjectIdentifiers.sect409r1, sect409r1);
+        defineCurve("sect571k1", SECObjectIdentifiers.sect571k1, sect571k1);
+        defineCurve("sect571r1", SECObjectIdentifiers.sect571r1, sect571r1); 
+    }
+
+    public static X9ECParameters getByName(
+        String name)
+    {
+        ASN1ObjectIdentifier oid = getOID(name);
+        return oid == null ? null : getByOID(oid);
+    }
+
+    /**
+     * return the X9ECParameters object for the named curve represented by
+     * the passed in object identifier. Null if the curve isn't present.
+     *
+     * @param oid an object identifier representing a named curve, if present.
+     */
+    public static X9ECParameters getByOID(
+        ASN1ObjectIdentifier oid)
+    {
+        X9ECParametersHolder holder = (X9ECParametersHolder)curves.get(oid);
+        return holder == null ? null : holder.getParameters();
+    }
+
+    /**
+     * return the object identifier signified by the passed in name. Null
+     * if there is no object identifier associated with name.
+     *
+     * @return the object identifier associated with name, if present.
+     */
+    public static ASN1ObjectIdentifier getOID(
+        String name)
+    {
+        return (ASN1ObjectIdentifier)objIds.get(Strings.toLowerCase(name));
+    }
+
+    /**
+     * return the named curve name represented by the given object identifier.
+     */
+    public static String getName(
+        ASN1ObjectIdentifier oid)
+    {
+        return (String)names.get(oid);
+    }
+
+    /**
+     * returns an enumeration containing the name strings for curves
+     * contained in this structure.
+     */
+    public static Enumeration getNames()
+    {
+        return names.elements();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/sec/SECObjectIdentifiers.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/sec/SECObjectIdentifiers.java
new file mode 100644
index 0000000..fd20d06
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/sec/SECObjectIdentifiers.java

@@ -0,0 +1,112 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.sec;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
+
+/**
+ * Certicom object identifiers
+ * <pre>
+ *  ellipticCurve OBJECT IDENTIFIER ::= {
+ *        iso(1) identified-organization(3) certicom(132) curve(0)
+ *  }
+ *  secg-scheme OBJECT IDENTIFIER ::= {
+ *     iso(1) identified-organization(3) certicom(132) schemes(1) }
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface SECObjectIdentifiers
+{
+    /** Base OID: 1.3.132.0 */
+    static final ASN1ObjectIdentifier ellipticCurve = new ASN1ObjectIdentifier("1.3.132.0");
+
+    /**  sect163k1 OID: 1.3.132.0.1 */
+    static final ASN1ObjectIdentifier sect163k1 = ellipticCurve.branch("1");
+    /**  sect163r1 OID: 1.3.132.0.2 */
+    static final ASN1ObjectIdentifier sect163r1 = ellipticCurve.branch("2");
+    /**  sect239k1 OID: 1.3.132.0.3 */
+    static final ASN1ObjectIdentifier sect239k1 = ellipticCurve.branch("3");
+    /**  sect113r1 OID: 1.3.132.0.4 */
+    static final ASN1ObjectIdentifier sect113r1 = ellipticCurve.branch("4");
+    /**  sect113r2 OID: 1.3.132.0.5 */
+    static final ASN1ObjectIdentifier sect113r2 = ellipticCurve.branch("5");
+    /**  secp112r1 OID: 1.3.132.0.6 */
+    static final ASN1ObjectIdentifier secp112r1 = ellipticCurve.branch("6");
+    /**  secp112r2 OID: 1.3.132.0.7 */
+    static final ASN1ObjectIdentifier secp112r2 = ellipticCurve.branch("7");
+    /**  secp160r1 OID: 1.3.132.0.8 */
+    static final ASN1ObjectIdentifier secp160r1 = ellipticCurve.branch("8");
+    /**  secp160k1 OID: 1.3.132.0.9 */
+    static final ASN1ObjectIdentifier secp160k1 = ellipticCurve.branch("9");
+    /**  secp256k1 OID: 1.3.132.0.10 */
+    static final ASN1ObjectIdentifier secp256k1 = ellipticCurve.branch("10");
+    /**  sect163r2 OID: 1.3.132.0.15 */
+    static final ASN1ObjectIdentifier sect163r2 = ellipticCurve.branch("15");
+    /**  sect283k1 OID: 1.3.132.0.16 */
+    static final ASN1ObjectIdentifier sect283k1 = ellipticCurve.branch("16");
+    /**  sect283r1 OID: 1.3.132.0.17 */
+    static final ASN1ObjectIdentifier sect283r1 = ellipticCurve.branch("17");
+    /**  sect131r1 OID: 1.3.132.0.22 */
+    static final ASN1ObjectIdentifier sect131r1 = ellipticCurve.branch("22");
+    /**  sect131r2 OID: 1.3.132.0.23 */
+    static final ASN1ObjectIdentifier sect131r2 = ellipticCurve.branch("23");
+    /**  sect193r1 OID: 1.3.132.0.24 */
+    static final ASN1ObjectIdentifier sect193r1 = ellipticCurve.branch("24");
+    /**  sect193r2 OID: 1.3.132.0.25 */
+    static final ASN1ObjectIdentifier sect193r2 = ellipticCurve.branch("25");
+    /**  sect233k1 OID: 1.3.132.0.26 */
+    static final ASN1ObjectIdentifier sect233k1 = ellipticCurve.branch("26");
+    /**  sect233r1 OID: 1.3.132.0.27 */
+    static final ASN1ObjectIdentifier sect233r1 = ellipticCurve.branch("27");
+    /**  secp128r1 OID: 1.3.132.0.28 */
+    static final ASN1ObjectIdentifier secp128r1 = ellipticCurve.branch("28");
+    /**  secp128r2 OID: 1.3.132.0.29 */
+    static final ASN1ObjectIdentifier secp128r2 = ellipticCurve.branch("29");
+    /**  secp160r2 OID: 1.3.132.0.30 */
+    static final ASN1ObjectIdentifier secp160r2 = ellipticCurve.branch("30");
+    /**  secp192k1 OID: 1.3.132.0.31 */
+    static final ASN1ObjectIdentifier secp192k1 = ellipticCurve.branch("31");
+    /**  secp224k1 OID: 1.3.132.0.32 */
+    static final ASN1ObjectIdentifier secp224k1 = ellipticCurve.branch("32");
+    /**  secp224r1 OID: 1.3.132.0.33 */
+    static final ASN1ObjectIdentifier secp224r1 = ellipticCurve.branch("33");
+    /**  secp384r1 OID: 1.3.132.0.34 */
+    static final ASN1ObjectIdentifier secp384r1 = ellipticCurve.branch("34");
+    /**  secp521r1 OID: 1.3.132.0.35 */
+    static final ASN1ObjectIdentifier secp521r1 = ellipticCurve.branch("35");
+    /**  sect409k1 OID: 1.3.132.0.36 */
+    static final ASN1ObjectIdentifier sect409k1 = ellipticCurve.branch("36");
+    /**  sect409r1 OID: 1.3.132.0.37 */
+    static final ASN1ObjectIdentifier sect409r1 = ellipticCurve.branch("37");
+    /**  sect571k1 OID: 1.3.132.0.38 */
+    static final ASN1ObjectIdentifier sect571k1 = ellipticCurve.branch("38");
+    /**  sect571r1 OID: 1.3.132.0.39 */
+    static final ASN1ObjectIdentifier sect571r1 = ellipticCurve.branch("39");
+
+    /**  secp192r1 OID: 1.3.132.0.prime192v1 */
+    static final ASN1ObjectIdentifier secp192r1 = X9ObjectIdentifiers.prime192v1;
+    /**  secp256r1 OID: 1.3.132.0.prime256v1 */
+    static final ASN1ObjectIdentifier secp256r1 = X9ObjectIdentifiers.prime256v1;
+
+    static final ASN1ObjectIdentifier secg_scheme = new ASN1ObjectIdentifier("1.3.132.1");
+
+    static final ASN1ObjectIdentifier dhSinglePass_stdDH_sha224kdf_scheme = secg_scheme.branch("11.0");
+    static final ASN1ObjectIdentifier dhSinglePass_stdDH_sha256kdf_scheme = secg_scheme.branch("11.1");
+    static final ASN1ObjectIdentifier dhSinglePass_stdDH_sha384kdf_scheme = secg_scheme.branch("11.2");
+    static final ASN1ObjectIdentifier dhSinglePass_stdDH_sha512kdf_scheme = secg_scheme.branch("11.3");
+
+    static final ASN1ObjectIdentifier dhSinglePass_cofactorDH_sha224kdf_scheme = secg_scheme.branch("14.0");
+    static final ASN1ObjectIdentifier dhSinglePass_cofactorDH_sha256kdf_scheme = secg_scheme.branch("14.1");
+    static final ASN1ObjectIdentifier dhSinglePass_cofactorDH_sha384kdf_scheme = secg_scheme.branch("14.2");
+    static final ASN1ObjectIdentifier dhSinglePass_cofactorDH_sha512kdf_scheme = secg_scheme.branch("14.3");
+
+    static final ASN1ObjectIdentifier mqvSinglePass_sha224kdf_scheme = secg_scheme.branch("15.0");
+    static final ASN1ObjectIdentifier mqvSinglePass_sha256kdf_scheme = secg_scheme.branch("15.1");
+    static final ASN1ObjectIdentifier mqvSinglePass_sha384kdf_scheme = secg_scheme.branch("15.2");
+    static final ASN1ObjectIdentifier mqvSinglePass_sha512kdf_scheme = secg_scheme.branch("15.3");
+
+    static final ASN1ObjectIdentifier mqvFull_sha224kdf_scheme = secg_scheme.branch("16.0");
+    static final ASN1ObjectIdentifier mqvFull_sha256kdf_scheme = secg_scheme.branch("16.1");
+    static final ASN1ObjectIdentifier mqvFull_sha384kdf_scheme = secg_scheme.branch("16.2");
+    static final ASN1ObjectIdentifier mqvFull_sha512kdf_scheme = secg_scheme.branch("16.3");
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/teletrust/TeleTrusTObjectIdentifiers.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/teletrust/TeleTrusTObjectIdentifiers.java
new file mode 100644
index 0000000..465fdb2
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/teletrust/TeleTrusTObjectIdentifiers.java

@@ -0,0 +1,79 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.teletrust;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+
+/**
+ * Object identifiers based on the TeleTrust branch.
+ * <pre>
+ * TeleTrusT:
+ *   { iso(1) identifier-organization(3) teleTrust(36) algorithm(3)
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface TeleTrusTObjectIdentifiers
+{
+    /** 1.3.36.3 */
+    static final ASN1ObjectIdentifier teleTrusTAlgorithm = new ASN1ObjectIdentifier("1.3.36.3");
+
+    /** 1.3.36.3.2.1 */
+    static final ASN1ObjectIdentifier    ripemd160           = teleTrusTAlgorithm.branch("2.1");
+    /** 1.3.36.3.2.2 */
+    static final ASN1ObjectIdentifier    ripemd128           = teleTrusTAlgorithm.branch("2.2");
+    /** 1.3.36.3.2.3 */
+    static final ASN1ObjectIdentifier    ripemd256           = teleTrusTAlgorithm.branch("2.3");
+
+    /** 1.3.36.3.3.1 */
+    static final ASN1ObjectIdentifier teleTrusTRSAsignatureAlgorithm = teleTrusTAlgorithm.branch("3.1");
+
+    /** 1.3.36.3.3.1.2 */
+    static final ASN1ObjectIdentifier rsaSignatureWithripemd160      = teleTrusTRSAsignatureAlgorithm.branch("2");
+    /** 1.3.36.3.3.1.3 */
+    static final ASN1ObjectIdentifier rsaSignatureWithripemd128      = teleTrusTRSAsignatureAlgorithm.branch("3");
+    /** 1.3.36.3.3.1.4 */
+    static final ASN1ObjectIdentifier rsaSignatureWithripemd256      = teleTrusTRSAsignatureAlgorithm.branch("4");
+
+    /** 1.3.36.3.3.2 */
+    static final ASN1ObjectIdentifier    ecSign               = teleTrusTAlgorithm.branch("3.2");
+
+    /** 1.3.36.3.3.2,1 */
+    static final ASN1ObjectIdentifier    ecSignWithSha1       = ecSign.branch("1");
+    /** 1.3.36.3.3.2.2 */
+    static final ASN1ObjectIdentifier    ecSignWithRipemd160  = ecSign.branch("2");
+
+    /** 1.3.36.3.3.2.8 */
+    static final ASN1ObjectIdentifier ecc_brainpool = teleTrusTAlgorithm.branch("3.2.8");
+    /** 1.3.36.3.3.2.8.1 */
+    static final ASN1ObjectIdentifier ellipticCurve = ecc_brainpool.branch("1");
+    /** 1.3.36.3.3.2.8.1.1 */
+    static final ASN1ObjectIdentifier versionOne = ellipticCurve.branch("1");
+
+    /** 1.3.36.3.3.2.8.1.1.1 */
+    static final ASN1ObjectIdentifier brainpoolP160r1 = versionOne.branch("1");
+    /** 1.3.36.3.3.2.8.1.1.2 */
+    static final ASN1ObjectIdentifier brainpoolP160t1 = versionOne.branch("2");
+    /** 1.3.36.3.3.2.8.1.1.3 */
+    static final ASN1ObjectIdentifier brainpoolP192r1 = versionOne.branch("3");
+    /** 1.3.36.3.3.2.8.1.1.4 */
+    static final ASN1ObjectIdentifier brainpoolP192t1 = versionOne.branch("4");
+    /** 1.3.36.3.3.2.8.1.1.5 */
+    static final ASN1ObjectIdentifier brainpoolP224r1 = versionOne.branch("5");
+    /** 1.3.36.3.3.2.8.1.1.6 */
+    static final ASN1ObjectIdentifier brainpoolP224t1 = versionOne.branch("6");
+    /** 1.3.36.3.3.2.8.1.1.7 */
+    static final ASN1ObjectIdentifier brainpoolP256r1 = versionOne.branch("7");
+    /** 1.3.36.3.3.2.8.1.1.8 */
+    static final ASN1ObjectIdentifier brainpoolP256t1 = versionOne.branch("8");
+    /** 1.3.36.3.3.2.8.1.1.9 */
+    static final ASN1ObjectIdentifier brainpoolP320r1 = versionOne.branch("9");
+    /** 1.3.36.3.3.2.8.1.1.10 */
+    static final ASN1ObjectIdentifier brainpoolP320t1 = versionOne.branch("10");
+    /** 1.3.36.3.3.2.8.1.1.11 */
+    static final ASN1ObjectIdentifier brainpoolP384r1 = versionOne.branch("11");
+    /** 1.3.36.3.3.2.8.1.1.12 */
+    static final ASN1ObjectIdentifier brainpoolP384t1 = versionOne.branch("12");
+    /** 1.3.36.3.3.2.8.1.1.13 */
+    static final ASN1ObjectIdentifier brainpoolP512r1 = versionOne.branch("13");
+    /** 1.3.36.3.3.2.8.1.1.14 */
+    static final ASN1ObjectIdentifier brainpoolP512t1 = versionOne.branch("14");
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/util/ASN1Dump.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/util/ASN1Dump.java
new file mode 100644
index 0000000..a20b16d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/util/ASN1Dump.java

@@ -0,0 +1,429 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.util;
+
+import java.io.IOException;
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1ApplicationSpecific;
+import com.android.org.bouncycastle.asn1.ASN1Boolean;
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Enumerated;
+import com.android.org.bouncycastle.asn1.ASN1External;
+import com.android.org.bouncycastle.asn1.ASN1GeneralizedTime;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1Set;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.ASN1UTCTime;
+import com.android.org.bouncycastle.asn1.BERApplicationSpecific;
+import com.android.org.bouncycastle.asn1.BEROctetString;
+import com.android.org.bouncycastle.asn1.BERSequence;
+import com.android.org.bouncycastle.asn1.BERSet;
+import com.android.org.bouncycastle.asn1.BERTaggedObject;
+import com.android.org.bouncycastle.asn1.BERTags;
+import com.android.org.bouncycastle.asn1.DERApplicationSpecific;
+import com.android.org.bouncycastle.asn1.DERBMPString;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.DERGraphicString;
+import com.android.org.bouncycastle.asn1.DERIA5String;
+import com.android.org.bouncycastle.asn1.DERNull;
+import com.android.org.bouncycastle.asn1.DERPrintableString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.DERSet;
+import com.android.org.bouncycastle.asn1.DERT61String;
+import com.android.org.bouncycastle.asn1.DERUTF8String;
+import com.android.org.bouncycastle.asn1.DERVideotexString;
+import com.android.org.bouncycastle.asn1.DERVisibleString;
+import com.android.org.bouncycastle.asn1.DLApplicationSpecific;
+import com.android.org.bouncycastle.util.Strings;
+import com.android.org.bouncycastle.util.encoders.Hex;
+
+/**
+ * Utility class for dumping ASN.1 objects as (hopefully) human friendly strings.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ASN1Dump
+{
+    private static final String  TAB = "    ";
+    private static final int SAMPLE_SIZE = 32;
+
+    /**
+     * dump a DER object as a formatted string with indentation
+     *
+     * @param obj the ASN1Primitive to be dumped out.
+     */
+    static void _dumpAsString(
+        String      indent,
+        boolean     verbose,
+        ASN1Primitive obj,
+        StringBuffer    buf)
+    {
+        String nl = Strings.lineSeparator();
+        if (obj instanceof ASN1Sequence)
+        {
+            Enumeration     e = ((ASN1Sequence)obj).getObjects();
+            String          tab = indent + TAB;
+
+            buf.append(indent);
+            if (obj instanceof BERSequence)
+            {
+                buf.append("BER Sequence");
+            }
+            else if (obj instanceof DERSequence)
+            {
+                buf.append("DER Sequence");
+            }
+            else
+            {
+                buf.append("Sequence");
+            }
+
+            buf.append(nl);
+
+            while (e.hasMoreElements())
+            {
+                Object  o = e.nextElement();
+
+                if (o == null || o.equals(DERNull.INSTANCE))
+                {
+                    buf.append(tab);
+                    buf.append("NULL");
+                    buf.append(nl);
+                }
+                else if (o instanceof ASN1Primitive)
+                {
+                    _dumpAsString(tab, verbose, (ASN1Primitive)o, buf);
+                }
+                else
+                {
+                    _dumpAsString(tab, verbose, ((ASN1Encodable)o).toASN1Primitive(), buf);
+                }
+            }
+        }
+        else if (obj instanceof ASN1TaggedObject)
+        {
+            String          tab = indent + TAB;
+
+            buf.append(indent);
+            if (obj instanceof BERTaggedObject)
+            {
+                buf.append("BER Tagged [");
+            }
+            else
+            {
+                buf.append("Tagged [");
+            }
+
+            ASN1TaggedObject o = (ASN1TaggedObject)obj;
+
+            buf.append(Integer.toString(o.getTagNo()));
+            buf.append(']');
+
+            if (!o.isExplicit())
+            {
+                buf.append(" IMPLICIT ");
+            }
+
+            buf.append(nl);
+
+            if (o.isEmpty())
+            {
+                buf.append(tab);
+                buf.append("EMPTY");
+                buf.append(nl);
+            }
+            else
+            {
+                _dumpAsString(tab, verbose, o.getObject(), buf);
+            }
+        }
+        else if (obj instanceof ASN1Set)
+        {
+            Enumeration     e = ((ASN1Set)obj).getObjects();
+            String          tab = indent + TAB;
+
+            buf.append(indent);
+
+            if (obj instanceof BERSet)
+            {
+                buf.append("BER Set");
+            }
+            else if (obj instanceof DERSet)
+            {
+                buf.append("DER Set");
+            }
+            else
+            {
+                buf.append("Set");
+            }
+            buf.append(nl);
+
+            while (e.hasMoreElements())
+            {
+                Object  o = e.nextElement();
+
+                if (o == null)
+                {
+                    buf.append(tab);
+                    buf.append("NULL");
+                    buf.append(nl);
+                }
+                else if (o instanceof ASN1Primitive)
+                {
+                    _dumpAsString(tab, verbose, (ASN1Primitive)o, buf);
+                }
+                else
+                {
+                    _dumpAsString(tab, verbose, ((ASN1Encodable)o).toASN1Primitive(), buf);
+                }
+            }
+        }
+        else if (obj instanceof ASN1OctetString)
+        {
+            ASN1OctetString oct = (ASN1OctetString)obj;
+
+            if (obj instanceof BEROctetString)
+            {
+                buf.append(indent + "BER Constructed Octet String" + "[" + oct.getOctets().length + "] ");
+            }
+            else
+            {
+                buf.append(indent + "DER Octet String" + "[" + oct.getOctets().length + "] ");
+            }
+            if (verbose)
+            {
+                buf.append(dumpBinaryDataAsString(indent, oct.getOctets()));
+            }
+            else
+            {
+                buf.append(nl);
+            }
+        }
+        else if (obj instanceof ASN1ObjectIdentifier)
+        {
+            buf.append(indent + "ObjectIdentifier(" + ((ASN1ObjectIdentifier)obj).getId() + ")" + nl);
+        }
+        else if (obj instanceof ASN1Boolean)
+        {
+            buf.append(indent + "Boolean(" + ((ASN1Boolean)obj).isTrue() + ")" + nl);
+        }
+        else if (obj instanceof ASN1Integer)
+        {
+            buf.append(indent + "Integer(" + ((ASN1Integer)obj).getValue() + ")" + nl);
+        }
+        else if (obj instanceof DERBitString)
+        {
+            DERBitString bt = (DERBitString)obj;
+            buf.append(indent + "DER Bit String" + "[" + bt.getBytes().length + ", " + bt.getPadBits() + "] ");
+            if (verbose)
+            {
+                buf.append(dumpBinaryDataAsString(indent, bt.getBytes()));
+            }
+            else
+            {
+                buf.append(nl);
+            }
+        }
+        else if (obj instanceof DERIA5String)
+        {
+            buf.append(indent + "IA5String(" + ((DERIA5String)obj).getString() + ") " + nl);
+        }
+        else if (obj instanceof DERUTF8String)
+        {
+            buf.append(indent + "UTF8String(" + ((DERUTF8String)obj).getString() + ") " + nl);
+        }
+        else if (obj instanceof DERPrintableString)
+        {
+            buf.append(indent + "PrintableString(" + ((DERPrintableString)obj).getString() + ") " + nl);
+        }
+        else if (obj instanceof DERVisibleString)
+        {
+            buf.append(indent + "VisibleString(" + ((DERVisibleString)obj).getString() + ") " + nl);
+        }
+        else if (obj instanceof DERBMPString)
+        {
+            buf.append(indent + "BMPString(" + ((DERBMPString)obj).getString() + ") " + nl);
+        }
+        else if (obj instanceof DERT61String)
+        {
+            buf.append(indent + "T61String(" + ((DERT61String)obj).getString() + ") " + nl);
+        }
+        else if (obj instanceof DERGraphicString)
+        {
+            buf.append(indent + "GraphicString(" + ((DERGraphicString)obj).getString() + ") " + nl);
+        }
+        else if (obj instanceof DERVideotexString)
+        {
+            buf.append(indent + "VideotexString(" + ((DERVideotexString)obj).getString() + ") " + nl);
+        }
+        else if (obj instanceof ASN1UTCTime)
+        {
+            buf.append(indent + "UTCTime(" + ((ASN1UTCTime)obj).getTime() + ") " + nl);
+        }
+        else if (obj instanceof ASN1GeneralizedTime)
+        {
+            buf.append(indent + "GeneralizedTime(" + ((ASN1GeneralizedTime)obj).getTime() + ") " + nl);
+        }
+        else if (obj instanceof BERApplicationSpecific)
+        {
+            buf.append(outputApplicationSpecific("BER", indent, verbose, obj, nl));
+        }
+        else if (obj instanceof DERApplicationSpecific)
+        {
+            buf.append(outputApplicationSpecific("DER", indent, verbose, obj, nl));
+        }
+        else if (obj instanceof DLApplicationSpecific)
+        {
+            buf.append(outputApplicationSpecific("", indent, verbose, obj, nl));
+        }
+        else if (obj instanceof ASN1Enumerated)
+        {
+            ASN1Enumerated en = (ASN1Enumerated) obj;
+            buf.append(indent + "DER Enumerated(" + en.getValue() + ")" + nl);
+        }
+        else if (obj instanceof ASN1External)
+        {
+            ASN1External ext = (ASN1External) obj;
+            buf.append(indent + "External " + nl);
+            String          tab = indent + TAB;
+            if (ext.getDirectReference() != null)
+            {
+                buf.append(tab + "Direct Reference: " + ext.getDirectReference().getId() + nl);
+            }
+            if (ext.getIndirectReference() != null)
+            {
+                buf.append(tab + "Indirect Reference: " + ext.getIndirectReference().toString() + nl);
+            }
+            if (ext.getDataValueDescriptor() != null)
+            {
+                _dumpAsString(tab, verbose, ext.getDataValueDescriptor(), buf);
+            }
+            buf.append(tab + "Encoding: " + ext.getEncoding() + nl);
+            _dumpAsString(tab, verbose, ext.getExternalContent(), buf);
+        }
+        else
+        {
+            buf.append(indent + obj.toString() + nl);
+        }
+    }
+    
+    private static String outputApplicationSpecific(String type, String indent, boolean verbose, ASN1Primitive obj, String nl)
+    {
+        ASN1ApplicationSpecific app = ASN1ApplicationSpecific.getInstance(obj);
+        StringBuffer buf = new StringBuffer();
+
+        if (app.isConstructed())
+        {
+            try
+            {
+                ASN1Sequence s = ASN1Sequence.getInstance(app.getObject(BERTags.SEQUENCE));
+                buf.append(indent + type + " ApplicationSpecific[" + app.getApplicationTag() + "]" + nl);
+                for (Enumeration e = s.getObjects(); e.hasMoreElements();)
+                {
+                    _dumpAsString(indent + TAB, verbose, (ASN1Primitive)e.nextElement(), buf);
+                }
+            }
+            catch (IOException e)
+            {
+                buf.append(e);
+            }
+            return buf.toString();
+        }
+
+        return indent + type + " ApplicationSpecific[" + app.getApplicationTag() + "] (" + Strings.fromByteArray(Hex.encode(app.getContents())) + ")" + nl;
+    }
+
+    /**
+     * dump out a DER object as a formatted string, in non-verbose mode.
+     *
+     * @param obj the ASN1Primitive to be dumped out.
+     * @return  the resulting string.
+     */
+    public static String dumpAsString(
+        Object   obj)
+    {
+        return dumpAsString(obj, false);
+    }
+
+    /**
+     * Dump out the object as a string.
+     *
+     * @param obj  the object to be dumped
+     * @param verbose  if true, dump out the contents of octet and bit strings.
+     * @return  the resulting string.
+     */
+    public static String dumpAsString(
+        Object   obj,
+        boolean  verbose)
+    {
+        StringBuffer buf = new StringBuffer();
+
+        if (obj instanceof ASN1Primitive)
+        {
+            _dumpAsString("", verbose, (ASN1Primitive)obj, buf);
+        }
+        else if (obj instanceof ASN1Encodable)
+        {
+            _dumpAsString("", verbose, ((ASN1Encodable)obj).toASN1Primitive(), buf);
+        }
+        else
+        {
+            return "unknown object type " + obj.toString();
+        }
+
+        return buf.toString();
+    }
+
+    private static String dumpBinaryDataAsString(String indent, byte[] bytes)
+    {
+        String nl = Strings.lineSeparator();
+        StringBuffer buf = new StringBuffer();
+
+        indent += TAB;
+        
+        buf.append(nl);
+        for (int i = 0; i < bytes.length; i += SAMPLE_SIZE)
+        {
+            if (bytes.length - i > SAMPLE_SIZE)
+            {
+                buf.append(indent);
+                buf.append(Strings.fromByteArray(Hex.encode(bytes, i, SAMPLE_SIZE)));
+                buf.append(TAB);
+                buf.append(calculateAscString(bytes, i, SAMPLE_SIZE));
+                buf.append(nl);
+            }
+            else
+            {
+                buf.append(indent);
+                buf.append(Strings.fromByteArray(Hex.encode(bytes, i, bytes.length - i)));
+                for (int j = bytes.length - i; j != SAMPLE_SIZE; j++)
+                {
+                    buf.append("  ");
+                }
+                buf.append(TAB);
+                buf.append(calculateAscString(bytes, i, bytes.length - i));
+                buf.append(nl);
+            }
+        }
+        
+        return buf.toString();
+    }
+
+    private static String calculateAscString(byte[] bytes, int off, int len)
+    {
+        StringBuffer buf = new StringBuffer();
+
+        for (int i = off; i != off + len; i++)
+        {
+            if (bytes[i] >= ' ' && bytes[i] <= '~')
+            {
+                buf.append((char)bytes[i]);
+            }
+        }
+
+        return buf.toString();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/AttributeTypeAndValue.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/AttributeTypeAndValue.java
new file mode 100644
index 0000000..eedf117
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/AttributeTypeAndValue.java

@@ -0,0 +1,77 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x500;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * Holding class for the AttributeTypeAndValue structures that make up an RDN.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class AttributeTypeAndValue
+    extends ASN1Object
+{
+    private ASN1ObjectIdentifier type;
+    private ASN1Encodable       value;
+
+    private AttributeTypeAndValue(ASN1Sequence seq)
+    {
+        type = (ASN1ObjectIdentifier)seq.getObjectAt(0);
+        value = (ASN1Encodable)seq.getObjectAt(1);
+    }
+
+    public static AttributeTypeAndValue getInstance(Object o)
+    {
+        if (o instanceof AttributeTypeAndValue)
+        {
+            return (AttributeTypeAndValue)o;
+        }
+        else if (o != null)
+        {
+            return new AttributeTypeAndValue(ASN1Sequence.getInstance(o));
+        }
+
+        throw new IllegalArgumentException("null value in getInstance()");
+    }
+
+    public AttributeTypeAndValue(
+        ASN1ObjectIdentifier type,
+        ASN1Encodable value)
+    {
+        this.type = type;
+        this.value = value;
+    }
+
+    public ASN1ObjectIdentifier getType()
+    {
+        return type;
+    }
+
+    public ASN1Encodable getValue()
+    {
+        return value;
+    }
+
+    /**
+     * <pre>
+     * AttributeTypeAndValue ::= SEQUENCE {
+     *           type         OBJECT IDENTIFIER,
+     *           value        ANY DEFINED BY type }
+     * </pre>
+     * @return a basic ASN.1 object representation.
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(type);
+        v.add(value);
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/DirectoryString.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/DirectoryString.java
new file mode 100644
index 0000000..568a09b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/DirectoryString.java

@@ -0,0 +1,130 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x500;
+
+import com.android.org.bouncycastle.asn1.ASN1Choice;
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1String;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERBMPString;
+import com.android.org.bouncycastle.asn1.DERPrintableString;
+import com.android.org.bouncycastle.asn1.DERT61String;
+import com.android.org.bouncycastle.asn1.DERUTF8String;
+import com.android.org.bouncycastle.asn1.DERUniversalString;
+
+/**
+ * The DirectoryString CHOICE object.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DirectoryString
+    extends ASN1Object
+    implements ASN1Choice, ASN1String
+{
+    private ASN1String string;
+
+    public static DirectoryString getInstance(Object o)
+    {
+        if (o == null || o instanceof DirectoryString)
+        {
+            return (DirectoryString)o;
+        }
+
+        if (o instanceof DERT61String)
+        {
+            return new DirectoryString((DERT61String)o);
+        }
+
+        if (o instanceof DERPrintableString)
+        {
+            return new DirectoryString((DERPrintableString)o);
+        }
+
+        if (o instanceof DERUniversalString)
+        {
+            return new DirectoryString((DERUniversalString)o);
+        }
+
+        if (o instanceof DERUTF8String)
+        {
+            return new DirectoryString((DERUTF8String)o);
+        }
+
+        if (o instanceof DERBMPString)
+        {
+            return new DirectoryString((DERBMPString)o);
+        }
+
+        throw new IllegalArgumentException("illegal object in getInstance: " + o.getClass().getName());
+    }
+
+    public static DirectoryString getInstance(ASN1TaggedObject o, boolean explicit)
+    {
+        if (!explicit)
+        {
+            throw new IllegalArgumentException("choice item must be explicitly tagged");
+        }
+
+        return getInstance(o.getObject());
+    }
+
+    private DirectoryString(
+        DERT61String string)
+    {
+        this.string = string;
+    }
+
+    private DirectoryString(
+        DERPrintableString string)
+    {
+        this.string = string;
+    }
+
+    private DirectoryString(
+        DERUniversalString string)
+    {
+        this.string = string;
+    }
+
+    private DirectoryString(
+        DERUTF8String string)
+    {
+        this.string = string;
+    }
+
+    private DirectoryString(
+        DERBMPString string)
+    {
+        this.string = string;
+    }
+
+    public DirectoryString(String string)
+    {
+        this.string = new DERUTF8String(string);
+    }
+
+    public String getString()
+    {
+        return string.getString();
+    }
+
+    public String toString()
+    {
+        return string.getString();
+    }
+
+    /**
+     * <pre>
+     *  DirectoryString ::= CHOICE {
+     *    teletexString               TeletexString (SIZE (1..MAX)),
+     *    printableString             PrintableString (SIZE (1..MAX)),
+     *    universalString             UniversalString (SIZE (1..MAX)),
+     *    utf8String                  UTF8String (SIZE (1..MAX)),
+     *    bmpString                   BMPString (SIZE (1..MAX))  }
+     * </pre>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        return ((ASN1Encodable)string).toASN1Primitive();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/RDN.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/RDN.java
new file mode 100644
index 0000000..8af82b1
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/RDN.java

@@ -0,0 +1,124 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x500;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Set;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.DERSet;
+
+/**
+ * Holding class for a single Relative Distinguished Name (RDN).
+ * @hide This class is not part of the Android public SDK API
+ */
+public class RDN
+    extends ASN1Object
+{
+    private ASN1Set values;
+
+    private RDN(ASN1Set values)
+    {
+        this.values = values;
+    }
+
+    public static RDN getInstance(Object obj)
+    {
+        if (obj instanceof RDN)
+        {
+            return (RDN)obj;
+        }
+        else if (obj != null)
+        {
+            return new RDN(ASN1Set.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    /**
+     * Create a single valued RDN.
+     *
+     * @param oid RDN type.
+     * @param value RDN value.
+     */
+    public RDN(ASN1ObjectIdentifier oid, ASN1Encodable value)
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(oid);
+        v.add(value);
+
+        this.values = new DERSet(new DERSequence(v));
+    }
+
+    public RDN(AttributeTypeAndValue attrTAndV)
+    {
+        this.values = new DERSet(attrTAndV);
+    }
+
+    /**
+     * Create a multi-valued RDN.
+     *
+     * @param aAndVs attribute type/value pairs making up the RDN
+     */
+    public RDN(AttributeTypeAndValue[] aAndVs)
+    {
+        this.values = new DERSet(aAndVs);
+    }
+
+    public boolean isMultiValued()
+    {
+        return this.values.size() > 1;
+    }
+
+    /**
+     * Return the number of AttributeTypeAndValue objects in this RDN,
+     *
+     * @return size of RDN, greater than 1 if multi-valued.
+     */
+    public int size()
+    {
+        return this.values.size();
+    }
+
+    public AttributeTypeAndValue getFirst()
+    {
+        if (this.values.size() == 0)
+        {
+            return null;
+        }
+
+        return AttributeTypeAndValue.getInstance(this.values.getObjectAt(0));
+    }
+
+    public AttributeTypeAndValue[] getTypesAndValues()
+    {
+        AttributeTypeAndValue[] tmp = new AttributeTypeAndValue[values.size()];
+
+        for (int i = 0; i != tmp.length; i++)
+        {
+            tmp[i] = AttributeTypeAndValue.getInstance(values.getObjectAt(i));
+        }
+
+        return tmp;
+    }
+
+    /**
+     * <pre>
+     * RelativeDistinguishedName ::=
+     *                     SET OF AttributeTypeAndValue
+
+     * AttributeTypeAndValue ::= SEQUENCE {
+     *        type     AttributeType,
+     *        value    AttributeValue }
+     * </pre>
+     * @return this object as its ASN1Primitive type
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        return values;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/X500Name.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/X500Name.java
new file mode 100644
index 0000000..773412b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/X500Name.java

@@ -0,0 +1,341 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x500;
+
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1Choice;
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.x500.style.BCStyle;
+
+/**
+ * The X.500 Name object.
+ * <pre>
+ *     Name ::= CHOICE {
+ *                       RDNSequence }
+ *
+ *     RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
+ *
+ *     RelativeDistinguishedName ::= SET SIZE (1..MAX) OF AttributeTypeAndValue
+ *
+ *     AttributeTypeAndValue ::= SEQUENCE {
+ *                                   type  OBJECT IDENTIFIER,
+ *                                   value ANY }
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class X500Name
+    extends ASN1Object
+    implements ASN1Choice
+{
+    private static X500NameStyle    defaultStyle = BCStyle.INSTANCE;
+
+    private boolean                 isHashCodeCalculated;
+    private int                     hashCodeValue;
+
+    private X500NameStyle style;
+    private RDN[] rdns;
+
+    /**
+     * @deprecated use the getInstance() method that takes a style.
+     */
+    public X500Name(X500NameStyle style, X500Name name)
+    {
+        this.rdns = name.rdns;
+        this.style = style;
+    }
+
+    /**
+     * Return a X500Name based on the passed in tagged object.
+     * 
+     * @param obj tag object holding name.
+     * @param explicit true if explicitly tagged false otherwise.
+     * @return the X500Name
+     */
+    public static X500Name getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        // must be true as choice item
+        return getInstance(ASN1Sequence.getInstance(obj, true));
+    }
+
+    public static X500Name getInstance(
+        Object  obj)
+    {
+        if (obj instanceof X500Name)
+        {
+            return (X500Name)obj;
+        }
+        else if (obj != null)
+        {
+            return new X500Name(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    public static X500Name getInstance(
+        X500NameStyle style,
+        Object        obj)
+    {
+        if (obj instanceof X500Name)
+        {
+            return new X500Name(style, (X500Name)obj);
+        }
+        else if (obj != null)
+        {
+            return new X500Name(style, ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    /**
+     * Constructor from ASN1Sequence
+     *
+     * the principal will be a list of constructed sets, each containing an (OID, String) pair.
+     */
+    private X500Name(
+        ASN1Sequence  seq)
+    {
+        this(defaultStyle, seq);
+    }
+
+    private X500Name(
+        X500NameStyle style,
+        ASN1Sequence  seq)
+    {
+        this.style = style;
+        this.rdns = new RDN[seq.size()];
+
+        int index = 0;
+
+        for (Enumeration e = seq.getObjects(); e.hasMoreElements();)
+        {
+            rdns[index++] = RDN.getInstance(e.nextElement());
+        }
+    }
+
+    public X500Name(
+        RDN[] rDNs)
+    {
+        this(defaultStyle, rDNs);
+    }
+
+    public X500Name(
+        X500NameStyle style,
+        RDN[]         rDNs)
+    {
+        this.rdns = copy(rDNs);
+        this.style = style;
+    }
+
+    public X500Name(
+        String dirName)
+    {
+        this(defaultStyle, dirName);
+    }
+
+    public X500Name(
+        X500NameStyle style,
+        String        dirName)
+    {
+        this(style.fromString(dirName));
+
+        this.style = style;
+    }
+
+    /**
+     * return an array of RDNs in structure order.
+     *
+     * @return an array of RDN objects.
+     */
+    public RDN[] getRDNs()
+    {
+        RDN[] tmp = new RDN[this.rdns.length];
+
+        System.arraycopy(rdns, 0, tmp, 0, tmp.length);
+
+        return tmp;
+    }
+
+    /**
+     * return an array of OIDs contained in the attribute type of each RDN in structure order.
+     *
+     * @return an array, possibly zero length, of ASN1ObjectIdentifiers objects.
+     */
+    public ASN1ObjectIdentifier[] getAttributeTypes()
+    {
+        int   count = 0;
+
+        for (int i = 0; i != rdns.length; i++)
+        {
+            RDN rdn = rdns[i];
+
+            count += rdn.size();
+        }
+
+        ASN1ObjectIdentifier[] res = new ASN1ObjectIdentifier[count];
+
+        count = 0;
+
+        for (int i = 0; i != rdns.length; i++)
+        {
+            RDN rdn = rdns[i];
+
+            if (rdn.isMultiValued())
+            {
+                AttributeTypeAndValue[] attr = rdn.getTypesAndValues();
+                for (int j = 0; j != attr.length; j++)
+                {
+                    res[count++] = attr[j].getType();
+                }
+            }
+            else if (rdn.size() != 0)
+            {
+                res[count++] = rdn.getFirst().getType();
+            }
+        }
+
+        return res;
+    }
+
+    /**
+     * return an array of RDNs containing the attribute type given by OID in structure order.
+     *
+     * @param attributeType the type OID we are looking for.
+     * @return an array, possibly zero length, of RDN objects.
+     */
+    public RDN[] getRDNs(ASN1ObjectIdentifier attributeType)
+    {
+        RDN[] res = new RDN[rdns.length];
+        int   count = 0;
+
+        for (int i = 0; i != rdns.length; i++)
+        {
+            RDN rdn = rdns[i];
+
+            if (rdn.isMultiValued())
+            {
+                AttributeTypeAndValue[] attr = rdn.getTypesAndValues();
+                for (int j = 0; j != attr.length; j++)
+                {
+                    if (attr[j].getType().equals(attributeType))
+                    {
+                        res[count++] = rdn;
+                        break;
+                    }
+                }
+            }
+            else
+            {
+                if (rdn.getFirst().getType().equals(attributeType))
+                {
+                    res[count++] = rdn;
+                }
+            }
+        }
+
+        RDN[] tmp = new RDN[count];
+
+        System.arraycopy(res, 0, tmp, 0, tmp.length);
+
+        return tmp;
+    }
+
+    private RDN[] copy(RDN[] rdns)
+    {
+        RDN[] tmp = new RDN[rdns.length];
+
+        System.arraycopy(rdns, 0, tmp, 0, tmp.length);
+
+        return tmp;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        return new DERSequence(rdns);
+    }
+
+    public int hashCode()
+    {
+        if (isHashCodeCalculated)
+        {
+            return hashCodeValue;
+        }
+
+        isHashCodeCalculated = true;
+
+        hashCodeValue = style.calculateHashCode(this);
+
+        return hashCodeValue;
+    }
+
+    /**
+     * test for equality - note: case is ignored.
+     */
+    public boolean equals(Object obj)
+    {
+        if (obj == this)
+        {
+            return true;
+        }
+
+        if (!(obj instanceof X500Name || obj instanceof ASN1Sequence))
+        {
+            return false;
+        }
+        
+        ASN1Primitive derO = ((ASN1Encodable)obj).toASN1Primitive();
+
+        if (this.toASN1Primitive().equals(derO))
+        {
+            return true;
+        }
+
+        try
+        {
+            return style.areEqual(this, new X500Name(ASN1Sequence.getInstance(((ASN1Encodable)obj).toASN1Primitive())));
+        }
+        catch (Exception e)
+        {
+            return false;
+        }
+    }
+    
+    public String toString()
+    {
+        return style.toString(this);
+    }
+
+    /**
+     * Set the default style for X500Name construction.
+     *
+     * @param style  an X500NameStyle
+     */
+    public static void setDefaultStyle(X500NameStyle style)
+    {
+        if (style == null)
+        {
+            throw new NullPointerException("cannot set style to null");
+        }
+
+        defaultStyle = style;
+    }
+
+    /**
+     * Return the current default style.
+     *
+     * @return default style for X500Name construction.
+     */
+    public static X500NameStyle getDefaultStyle()
+    {
+        return defaultStyle;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/X500NameBuilder.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/X500NameBuilder.java
new file mode 100644
index 0000000..d1681c0
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/X500NameBuilder.java

@@ -0,0 +1,145 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x500;
+
+import java.util.Vector;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.x500.style.BCStyle;
+
+/**
+ * A builder class for making X.500 Name objects.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class X500NameBuilder
+{
+    private X500NameStyle template;
+    private Vector rdns = new Vector();
+
+    /**
+     * Constructor using the default style (BCStyle).
+     */
+    public X500NameBuilder()
+    {
+        this(BCStyle.INSTANCE);
+    }
+
+    /**
+     * Constructor using a specified style.
+     *
+     * @param template the style template for string to DN conversion.
+     */
+    public X500NameBuilder(X500NameStyle template)
+    {
+        this.template = template;
+    }
+
+    /**
+     * Add an RDN based on a single OID and a string representation of its value.
+     *
+     * @param oid the OID for this RDN.
+     * @param value the string representation of the value the OID refers to.
+     * @return the current builder instance.
+     */
+    public X500NameBuilder addRDN(ASN1ObjectIdentifier oid, String value)
+    {
+        this.addRDN(oid, template.stringToValue(oid, value));
+
+        return this;
+    }
+
+    /**
+     * Add an RDN based on a single OID and an ASN.1 value.
+     *
+     * @param oid the OID for this RDN.
+     * @param value the ASN.1 value the OID refers to.
+     * @return the current builder instance.
+     */
+    public X500NameBuilder addRDN(ASN1ObjectIdentifier oid, ASN1Encodable value)
+    {
+        rdns.addElement(new RDN(oid, value));
+
+        return this;
+    }
+
+    /**
+     * Add an RDN based on the passed in AttributeTypeAndValue.
+     *
+     * @param attrTAndV the AttributeTypeAndValue to build the RDN from.
+     * @return the current builder instance.
+     */
+    public X500NameBuilder addRDN(AttributeTypeAndValue attrTAndV)
+    {
+        rdns.addElement(new RDN(attrTAndV));
+
+        return this;
+    }
+
+    /**
+     * Add a multi-valued RDN made up of the passed in OIDs and associated string values.
+     *
+     * @param oids the OIDs making up the RDN.
+     * @param values the string representation of the values the OIDs refer to.
+     * @return the current builder instance.
+     */
+    public X500NameBuilder addMultiValuedRDN(ASN1ObjectIdentifier[] oids, String[] values)
+    {
+        ASN1Encodable[] vals = new ASN1Encodable[values.length];
+
+        for (int i = 0; i != vals.length; i++)
+        {
+            vals[i] = template.stringToValue(oids[i], values[i]);
+        }
+
+        return addMultiValuedRDN(oids, vals);
+    }
+
+    /**
+     * Add a multi-valued RDN made up of the passed in OIDs and associated ASN.1 values.
+     *
+     * @param oids the OIDs making up the RDN.
+     * @param values the ASN.1 values the OIDs refer to.
+     * @return the current builder instance.
+     */
+    public X500NameBuilder addMultiValuedRDN(ASN1ObjectIdentifier[] oids, ASN1Encodable[] values)
+    {
+        AttributeTypeAndValue[] avs = new AttributeTypeAndValue[oids.length];
+
+        for (int i = 0; i != oids.length; i++)
+        {
+            avs[i] = new AttributeTypeAndValue(oids[i], values[i]);
+        }
+
+        return addMultiValuedRDN(avs);
+    }
+
+    /**
+     * Add an RDN based on the passed in AttributeTypeAndValues.
+     *
+     * @param attrTAndVs the AttributeTypeAndValues to build the RDN from.
+     * @return the current builder instance.
+     */
+    public X500NameBuilder addMultiValuedRDN(AttributeTypeAndValue[] attrTAndVs)
+    {
+        rdns.addElement(new RDN(attrTAndVs));
+
+        return this;
+    }
+
+    /**
+     * Build an X.500 name for the current builder state.
+     *
+     * @return a new X.500 name.
+     */
+    public X500Name build()
+    {
+        RDN[] vals = new RDN[rdns.size()];
+
+        for (int i = 0; i != vals.length; i++)
+        {
+            vals[i] = (RDN)rdns.elementAt(i);
+        }
+
+        return new X500Name(template, vals);
+    }
+}
\ No newline at end of file

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/X500NameStyle.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/X500NameStyle.java
new file mode 100644
index 0000000..5c9c2b8
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/X500NameStyle.java

@@ -0,0 +1,81 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x500;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+
+/**
+ * This interface provides a profile to conform to when
+ * DNs are being converted into strings and back. The idea being that we'll be able to deal with
+ * the number of standard ways the fields in a DN should be
+ * encoded into their ASN.1 counterparts - a number that is rapidly approaching the
+ * number of machines on the internet.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface X500NameStyle
+{
+    /**
+     * Convert the passed in String value into the appropriate ASN.1
+     * encoded object.
+     * 
+     * @param oid the OID associated with the value in the DN.
+     * @param value the value of the particular DN component.
+     * @return the ASN.1 equivalent for the value.
+     */
+    ASN1Encodable stringToValue(ASN1ObjectIdentifier oid, String value);
+
+    /**
+     * Return the OID associated with the passed in name.
+     *
+     * @param attrName the string to match.
+     * @return an OID
+     */
+    ASN1ObjectIdentifier attrNameToOID(String attrName);
+
+    /**
+     * Return an array of RDN generated from the passed in String.
+     * @param dirName  the String representation.
+     * @return  an array of corresponding RDNs.
+     */
+    RDN[] fromString(String dirName);
+
+    /**
+     * Return true if the two names are equal.
+     *
+     * @param name1 first name for comparison.
+     * @param name2 second name for comparison.
+     * @return true if name1 = name 2, false otherwise.
+     */
+    boolean areEqual(X500Name name1, X500Name name2);
+
+    /**
+     * Calculate a hashCode for the passed in name.
+     *
+     * @param name the name the hashCode is required for.
+     * @return the calculated hashCode.
+     */
+    int calculateHashCode(X500Name name);
+
+    /**
+     * Convert the passed in X500Name to a String.
+     * @param name the name to convert.
+     * @return a String representation.
+     */
+    String toString(X500Name name);
+
+    /**
+     * Return the display name for toString() associated with the OID.
+     *
+     * @param oid  the OID of interest.
+     * @return the name displayed in toString(), null if no mapping provided.
+     */
+    String oidToDisplayName(ASN1ObjectIdentifier oid);
+
+    /**
+     * Return the acceptable names in a String DN that map to OID.
+     *
+     * @param oid  the OID of interest.
+     * @return an array of String aliases for the OID, zero length if there are none.
+     */
+    String[] oidToAttrNames(ASN1ObjectIdentifier oid);
+}
\ No newline at end of file

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/style/AbstractX500NameStyle.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/style/AbstractX500NameStyle.java
new file mode 100644
index 0000000..ae582d1
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/style/AbstractX500NameStyle.java

@@ -0,0 +1,195 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x500.style;
+
+import java.io.IOException;
+import java.util.Enumeration;
+import java.util.Hashtable;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1ParsingException;
+import com.android.org.bouncycastle.asn1.DERUTF8String;
+import com.android.org.bouncycastle.asn1.x500.AttributeTypeAndValue;
+import com.android.org.bouncycastle.asn1.x500.RDN;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+import com.android.org.bouncycastle.asn1.x500.X500NameStyle;
+
+/**
+ * This class provides some default behavior and common implementation for a
+ * X500NameStyle. It should be easily extendable to support implementing the
+ * desired X500NameStyle.
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class AbstractX500NameStyle
+    implements X500NameStyle
+{
+
+    /**
+     * Tool function to shallow copy a Hashtable.
+     *
+     * @param paramsMap table to copy
+     * @return the copy of the table
+     */
+    public static Hashtable copyHashTable(Hashtable paramsMap)
+    {
+        Hashtable newTable = new Hashtable();
+
+        Enumeration keys = paramsMap.keys();
+        while (keys.hasMoreElements())
+        {
+            Object key = keys.nextElement();
+            newTable.put(key, paramsMap.get(key));
+        }
+
+        return newTable;
+    }
+
+    private int calcHashCode(ASN1Encodable enc)
+    {
+        String value = IETFUtils.valueToString(enc);
+        value = IETFUtils.canonicalize(value);
+        return value.hashCode();
+    }
+
+    public int calculateHashCode(X500Name name)
+    {
+        int hashCodeValue = 0;
+        RDN[] rdns = name.getRDNs();
+
+        // this needs to be order independent, like equals
+        for (int i = 0; i != rdns.length; i++)
+        {
+            if (rdns[i].isMultiValued())
+            {
+                AttributeTypeAndValue[] atv = rdns[i].getTypesAndValues();
+
+                for (int j = 0; j != atv.length; j++)
+                {
+                    hashCodeValue ^= atv[j].getType().hashCode();
+                    hashCodeValue ^= calcHashCode(atv[j].getValue());
+                }
+            }
+            else
+            {
+                hashCodeValue ^= rdns[i].getFirst().getType().hashCode();
+                hashCodeValue ^= calcHashCode(rdns[i].getFirst().getValue());
+            }
+        }
+
+        return hashCodeValue;
+    }
+
+
+    /**
+     * For all string values starting with '#' is assumed, that these are
+     * already valid ASN.1 objects encoded in hex.
+     * <p>
+     * All other string values are send to
+     * {@link AbstractX500NameStyle#encodeStringValue(ASN1ObjectIdentifier, String)}.
+     * </p>
+     * Subclasses should overwrite
+     * {@link AbstractX500NameStyle#encodeStringValue(ASN1ObjectIdentifier, String)}
+     * to change the encoding of specific types.
+     *
+     * @param oid the DN name of the value.
+     * @param value the String representation of the value.
+     */
+    public ASN1Encodable stringToValue(ASN1ObjectIdentifier oid, String value)
+    {
+        if (value.length() != 0 && value.charAt(0) == '#')
+        {
+            try
+            {
+                return IETFUtils.valueFromHexString(value, 1);
+            }
+            catch (IOException e)
+            {
+                throw new ASN1ParsingException("can't recode value for oid " + oid.getId());
+            }
+        }
+
+        if (value.length() != 0 && value.charAt(0) == '\\')
+        {
+            value = value.substring(1);
+        }
+
+        return encodeStringValue(oid, value);
+    }
+
+    /**
+     * Encoded every value into a UTF8String.
+     * <p>
+     * Subclasses should overwrite
+     * this method to change the encoding of specific types.
+     * </p>
+     *
+     * @param oid the DN oid of the value
+     * @param value the String representation of the value
+     * @return a the value encoded into a ASN.1 object. Never returns <code>null</code>.
+     */
+    protected ASN1Encodable encodeStringValue(ASN1ObjectIdentifier oid, String value)
+    {
+        return new DERUTF8String(value);
+    }
+
+    public boolean areEqual(X500Name name1, X500Name name2)
+    {
+        RDN[] rdns1 = name1.getRDNs();
+        RDN[] rdns2 = name2.getRDNs();
+
+        if (rdns1.length != rdns2.length)
+        {
+            return false;
+        }
+
+        boolean reverse = false;
+
+        if (rdns1[0].getFirst() != null && rdns2[0].getFirst() != null)
+        {
+            reverse = !rdns1[0].getFirst().getType().equals(rdns2[0].getFirst().getType());  // guess forward
+        }
+
+        for (int i = 0; i != rdns1.length; i++)
+        {
+            if (!foundMatch(reverse, rdns1[i], rdns2))
+            {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
+    private boolean foundMatch(boolean reverse, RDN rdn, RDN[] possRDNs)
+    {
+        if (reverse)
+        {
+            for (int i = possRDNs.length - 1; i >= 0; i--)
+            {
+                if (possRDNs[i] != null && rdnAreEqual(rdn, possRDNs[i]))
+                {
+                    possRDNs[i] = null;
+                    return true;
+                }
+            }
+        }
+        else
+        {
+            for (int i = 0; i != possRDNs.length; i++)
+            {
+                if (possRDNs[i] != null && rdnAreEqual(rdn, possRDNs[i]))
+                {
+                    possRDNs[i] = null;
+                    return true;
+                }
+            }
+        }
+
+        return false;
+    }
+
+    protected boolean rdnAreEqual(RDN rdn1, RDN rdn2)
+    {
+        return IETFUtils.rDNAreEqual(rdn1, rdn2);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/style/BCStrictStyle.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/style/BCStrictStyle.java
new file mode 100644
index 0000000..be5c761
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/style/BCStrictStyle.java

@@ -0,0 +1,38 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x500.style;
+
+import com.android.org.bouncycastle.asn1.x500.RDN;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+import com.android.org.bouncycastle.asn1.x500.X500NameStyle;
+
+/**
+ * Variation of BCStyle that insists on strict ordering for equality
+ * and hashCode comparisons
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BCStrictStyle
+    extends BCStyle
+{
+    public static final X500NameStyle INSTANCE = new BCStrictStyle();
+
+    public boolean areEqual(X500Name name1, X500Name name2)
+    {
+        RDN[] rdns1 = name1.getRDNs();
+        RDN[] rdns2 = name2.getRDNs();
+
+        if (rdns1.length != rdns2.length)
+        {
+            return false;
+        }
+
+        for (int i = 0; i != rdns1.length; i++)
+        {
+            if (!rdnAreEqual(rdns1[i], rdns2[i]))
+            {
+                return false;
+            }
+        }
+
+        return true;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/style/BCStyle.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/style/BCStyle.java
new file mode 100644
index 0000000..a7671ff
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/style/BCStyle.java

@@ -0,0 +1,352 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x500.style;
+
+import java.util.Hashtable;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1GeneralizedTime;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.DERIA5String;
+import com.android.org.bouncycastle.asn1.DERPrintableString;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x500.RDN;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+import com.android.org.bouncycastle.asn1.x500.X500NameStyle;
+import com.android.org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BCStyle
+    extends AbstractX500NameStyle
+{
+    /**
+     * country code - StringType(SIZE(2))
+     */
+    public static final ASN1ObjectIdentifier C = new ASN1ObjectIdentifier("2.5.4.6").intern();
+
+    /**
+     * organization - StringType(SIZE(1..64))
+     */
+    public static final ASN1ObjectIdentifier O = new ASN1ObjectIdentifier("2.5.4.10").intern();
+
+    /**
+     * organizational unit name - StringType(SIZE(1..64))
+     */
+    public static final ASN1ObjectIdentifier OU = new ASN1ObjectIdentifier("2.5.4.11").intern();
+
+    /**
+     * Title
+     */
+    public static final ASN1ObjectIdentifier T = new ASN1ObjectIdentifier("2.5.4.12").intern();
+
+    /**
+     * common name - StringType(SIZE(1..64))
+     */
+    public static final ASN1ObjectIdentifier CN = new ASN1ObjectIdentifier("2.5.4.3").intern();
+
+    /**
+     * device serial number name - StringType(SIZE(1..64))
+     */
+    public static final ASN1ObjectIdentifier SN = new ASN1ObjectIdentifier("2.5.4.5").intern();
+
+    /**
+     * street - StringType(SIZE(1..64))
+     */
+    public static final ASN1ObjectIdentifier STREET = new ASN1ObjectIdentifier("2.5.4.9").intern();
+
+    /**
+     * device serial number name - StringType(SIZE(1..64))
+     */
+    public static final ASN1ObjectIdentifier SERIALNUMBER = SN;
+
+    /**
+     * locality name - StringType(SIZE(1..64))
+     */
+    public static final ASN1ObjectIdentifier L = new ASN1ObjectIdentifier("2.5.4.7").intern();
+
+    /**
+     * state, or province name - StringType(SIZE(1..64))
+     */
+    public static final ASN1ObjectIdentifier ST = new ASN1ObjectIdentifier("2.5.4.8").intern();
+
+    /**
+     * Naming attributes of type X520name
+     */
+    public static final ASN1ObjectIdentifier SURNAME = new ASN1ObjectIdentifier("2.5.4.4").intern();
+    public static final ASN1ObjectIdentifier GIVENNAME = new ASN1ObjectIdentifier("2.5.4.42").intern();
+    public static final ASN1ObjectIdentifier INITIALS = new ASN1ObjectIdentifier("2.5.4.43").intern();
+    public static final ASN1ObjectIdentifier GENERATION = new ASN1ObjectIdentifier("2.5.4.44").intern();
+    public static final ASN1ObjectIdentifier UNIQUE_IDENTIFIER = new ASN1ObjectIdentifier("2.5.4.45").intern();
+
+    /**
+     * businessCategory - DirectoryString(SIZE(1..128)
+     */
+    public static final ASN1ObjectIdentifier BUSINESS_CATEGORY = new ASN1ObjectIdentifier("2.5.4.15").intern();
+
+    /**
+     * postalCode - DirectoryString(SIZE(1..40)
+     */
+    public static final ASN1ObjectIdentifier POSTAL_CODE = new ASN1ObjectIdentifier("2.5.4.17").intern();
+
+    /**
+     * dnQualifier - DirectoryString(SIZE(1..64)
+     */
+    public static final ASN1ObjectIdentifier DN_QUALIFIER = new ASN1ObjectIdentifier("2.5.4.46").intern();
+
+    /**
+     * RFC 3039 Pseudonym - DirectoryString(SIZE(1..64)
+     */
+    public static final ASN1ObjectIdentifier PSEUDONYM = new ASN1ObjectIdentifier("2.5.4.65").intern();
+
+
+    /**
+     * RFC 3039 DateOfBirth - GeneralizedTime - YYYYMMDD000000Z
+     */
+    public static final ASN1ObjectIdentifier DATE_OF_BIRTH = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.9.1").intern();
+
+    /**
+     * RFC 3039 PlaceOfBirth - DirectoryString(SIZE(1..128)
+     */
+    public static final ASN1ObjectIdentifier PLACE_OF_BIRTH = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.9.2").intern();
+
+    /**
+     * RFC 3039 Gender - PrintableString (SIZE(1)) -- "M", "F", "m" or "f"
+     */
+    public static final ASN1ObjectIdentifier GENDER = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.9.3").intern();
+
+    /**
+     * RFC 3039 CountryOfCitizenship - PrintableString (SIZE (2)) -- ISO 3166
+     * codes only
+     */
+    public static final ASN1ObjectIdentifier COUNTRY_OF_CITIZENSHIP = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.9.4").intern();
+
+    /**
+     * RFC 3039 CountryOfResidence - PrintableString (SIZE (2)) -- ISO 3166
+     * codes only
+     */
+    public static final ASN1ObjectIdentifier COUNTRY_OF_RESIDENCE = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.9.5").intern();
+
+
+    /**
+     * ISIS-MTT NameAtBirth - DirectoryString(SIZE(1..64)
+     */
+    public static final ASN1ObjectIdentifier NAME_AT_BIRTH = new ASN1ObjectIdentifier("1.3.36.8.3.14").intern();
+
+    /**
+     * RFC 3039 PostalAddress - SEQUENCE SIZE (1..6) OF
+     * DirectoryString(SIZE(1..30))
+     */
+    public static final ASN1ObjectIdentifier POSTAL_ADDRESS = new ASN1ObjectIdentifier("2.5.4.16").intern();
+
+    /**
+     * RFC 2256 dmdName
+     */
+    public static final ASN1ObjectIdentifier DMD_NAME = new ASN1ObjectIdentifier("2.5.4.54").intern();
+
+    /**
+     * id-at-telephoneNumber
+     */
+    public static final ASN1ObjectIdentifier TELEPHONE_NUMBER = X509ObjectIdentifiers.id_at_telephoneNumber;
+
+    /**
+     * id-at-name
+     */
+    public static final ASN1ObjectIdentifier NAME = X509ObjectIdentifiers.id_at_name;
+
+
+    /**
+     * id-at-organizationIdentifier
+     */
+    public static final ASN1ObjectIdentifier ORGANIZATION_IDENTIFIER = X509ObjectIdentifiers.id_at_organizationIdentifier;
+
+    /**
+     * Email address (RSA PKCS#9 extension) - IA5String.
+     * <p>Note: if you're trying to be ultra orthodox, don't use this! It shouldn't be in here.
+     */
+    public static final ASN1ObjectIdentifier EmailAddress = PKCSObjectIdentifiers.pkcs_9_at_emailAddress;
+
+    /**
+     * more from PKCS#9
+     */
+    public static final ASN1ObjectIdentifier UnstructuredName = PKCSObjectIdentifiers.pkcs_9_at_unstructuredName;
+    public static final ASN1ObjectIdentifier UnstructuredAddress = PKCSObjectIdentifiers.pkcs_9_at_unstructuredAddress;
+
+    /**
+     * email address in Verisign certificates
+     */
+    public static final ASN1ObjectIdentifier E = EmailAddress;
+
+    /*
+    * others...
+    */
+    public static final ASN1ObjectIdentifier DC = new ASN1ObjectIdentifier("0.9.2342.19200300.100.1.25");
+
+    /**
+     * LDAP User id.
+     */
+    public static final ASN1ObjectIdentifier UID = new ASN1ObjectIdentifier("0.9.2342.19200300.100.1.1");
+
+    /**
+     * default look up table translating OID values into their common symbols following
+     * the convention in RFC 2253 with a few extras
+     */
+    private static final Hashtable DefaultSymbols = new Hashtable();
+
+    /**
+     * look up table translating common symbols into their OIDS.
+     */
+    private static final Hashtable DefaultLookUp = new Hashtable();
+
+    static
+    {
+        DefaultSymbols.put(C, "C");
+        DefaultSymbols.put(O, "O");
+        DefaultSymbols.put(T, "T");
+        DefaultSymbols.put(OU, "OU");
+        DefaultSymbols.put(CN, "CN");
+        DefaultSymbols.put(L, "L");
+        DefaultSymbols.put(ST, "ST");
+        DefaultSymbols.put(SN, "SERIALNUMBER");
+        DefaultSymbols.put(EmailAddress, "E");
+        DefaultSymbols.put(DC, "DC");
+        DefaultSymbols.put(UID, "UID");
+        DefaultSymbols.put(STREET, "STREET");
+        DefaultSymbols.put(SURNAME, "SURNAME");
+        DefaultSymbols.put(GIVENNAME, "GIVENNAME");
+        DefaultSymbols.put(INITIALS, "INITIALS");
+        DefaultSymbols.put(GENERATION, "GENERATION");
+        DefaultSymbols.put(UnstructuredAddress, "unstructuredAddress");
+        DefaultSymbols.put(UnstructuredName, "unstructuredName");
+        DefaultSymbols.put(UNIQUE_IDENTIFIER, "UniqueIdentifier");
+        DefaultSymbols.put(DN_QUALIFIER, "DN");
+        DefaultSymbols.put(PSEUDONYM, "Pseudonym");
+        DefaultSymbols.put(POSTAL_ADDRESS, "PostalAddress");
+        DefaultSymbols.put(NAME_AT_BIRTH, "NameAtBirth");
+        DefaultSymbols.put(COUNTRY_OF_CITIZENSHIP, "CountryOfCitizenship");
+        DefaultSymbols.put(COUNTRY_OF_RESIDENCE, "CountryOfResidence");
+        DefaultSymbols.put(GENDER, "Gender");
+        DefaultSymbols.put(PLACE_OF_BIRTH, "PlaceOfBirth");
+        DefaultSymbols.put(DATE_OF_BIRTH, "DateOfBirth");
+        DefaultSymbols.put(POSTAL_CODE, "PostalCode");
+        DefaultSymbols.put(BUSINESS_CATEGORY, "BusinessCategory");
+        DefaultSymbols.put(TELEPHONE_NUMBER, "TelephoneNumber");
+        DefaultSymbols.put(NAME, "Name");
+        DefaultSymbols.put(ORGANIZATION_IDENTIFIER, "organizationIdentifier");
+
+        DefaultLookUp.put("c", C);
+        DefaultLookUp.put("o", O);
+        DefaultLookUp.put("t", T);
+        DefaultLookUp.put("ou", OU);
+        DefaultLookUp.put("cn", CN);
+        DefaultLookUp.put("l", L);
+        DefaultLookUp.put("st", ST);
+        DefaultLookUp.put("sn", SN);
+        DefaultLookUp.put("serialnumber", SN);
+        DefaultLookUp.put("street", STREET);
+        DefaultLookUp.put("emailaddress", E);
+        DefaultLookUp.put("dc", DC);
+        DefaultLookUp.put("e", E);
+        DefaultLookUp.put("uid", UID);
+        DefaultLookUp.put("surname", SURNAME);
+        DefaultLookUp.put("givenname", GIVENNAME);
+        DefaultLookUp.put("initials", INITIALS);
+        DefaultLookUp.put("generation", GENERATION);
+        DefaultLookUp.put("unstructuredaddress", UnstructuredAddress);
+        DefaultLookUp.put("unstructuredname", UnstructuredName);
+        DefaultLookUp.put("uniqueidentifier", UNIQUE_IDENTIFIER);
+        DefaultLookUp.put("dn", DN_QUALIFIER);
+        DefaultLookUp.put("pseudonym", PSEUDONYM);
+        DefaultLookUp.put("postaladdress", POSTAL_ADDRESS);
+        DefaultLookUp.put("nameofbirth", NAME_AT_BIRTH);
+        DefaultLookUp.put("countryofcitizenship", COUNTRY_OF_CITIZENSHIP);
+        DefaultLookUp.put("countryofresidence", COUNTRY_OF_RESIDENCE);
+        DefaultLookUp.put("gender", GENDER);
+        DefaultLookUp.put("placeofbirth", PLACE_OF_BIRTH);
+        DefaultLookUp.put("dateofbirth", DATE_OF_BIRTH);
+        DefaultLookUp.put("postalcode", POSTAL_CODE);
+        DefaultLookUp.put("businesscategory", BUSINESS_CATEGORY);
+        DefaultLookUp.put("telephonenumber", TELEPHONE_NUMBER);
+        DefaultLookUp.put("name", NAME);
+        DefaultLookUp.put("organizationidentifier", ORGANIZATION_IDENTIFIER);
+    }
+
+    /**
+     * Singleton instance.
+     */
+    public static final X500NameStyle INSTANCE = new BCStyle();
+
+    protected final Hashtable defaultLookUp;
+    protected final Hashtable defaultSymbols;
+
+    protected BCStyle()
+    {
+        defaultSymbols = copyHashTable(DefaultSymbols);
+        defaultLookUp = copyHashTable(DefaultLookUp);
+    }
+
+    protected ASN1Encodable encodeStringValue(ASN1ObjectIdentifier oid,
+    		String value) {
+    	if (oid.equals(EmailAddress) || oid.equals(DC))
+        {
+            return new DERIA5String(value);
+        }
+        else if (oid.equals(DATE_OF_BIRTH))  // accept time string as well as # (for compatibility)
+        {
+            return new ASN1GeneralizedTime(value);
+        }
+        else if (oid.equals(C) || oid.equals(SN) || oid.equals(DN_QUALIFIER)
+            || oid.equals(TELEPHONE_NUMBER))
+        {
+            return new DERPrintableString(value);
+        }
+    	
+    	return super.encodeStringValue(oid, value);
+    }
+
+    public String oidToDisplayName(ASN1ObjectIdentifier oid)
+    {
+        return (String)DefaultSymbols.get(oid);
+    }
+
+    public String[] oidToAttrNames(ASN1ObjectIdentifier oid)
+    {
+        return IETFUtils.findAttrNamesForOID(oid, defaultLookUp);
+    }
+
+    public ASN1ObjectIdentifier attrNameToOID(String attrName)
+    {
+        return IETFUtils.decodeAttrName(attrName, defaultLookUp);
+    }
+
+    public RDN[] fromString(String dirName)
+    {
+        return IETFUtils.rDNsFromString(dirName, this);
+    }
+
+    public String toString(X500Name name)
+    {
+        StringBuffer buf = new StringBuffer();
+        boolean first = true;
+
+        RDN[] rdns = name.getRDNs();
+
+        for (int i = 0; i < rdns.length; i++)
+        {
+            if (first)
+            {
+                first = false;
+            }
+            else
+            {
+                buf.append(',');
+            }
+
+            IETFUtils.appendRDN(buf, rdns[i], defaultSymbols);
+        }
+
+        return buf.toString();
+    }
+
+
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/style/IETFUtils.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/style/IETFUtils.java
new file mode 100644
index 0000000..c17e270
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/style/IETFUtils.java

@@ -0,0 +1,599 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x500.style;
+
+import java.io.IOException;
+import java.util.Enumeration;
+import java.util.Hashtable;
+import java.util.Vector;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1String;
+import com.android.org.bouncycastle.asn1.DERUniversalString;
+import com.android.org.bouncycastle.asn1.x500.AttributeTypeAndValue;
+import com.android.org.bouncycastle.asn1.x500.RDN;
+import com.android.org.bouncycastle.asn1.x500.X500NameBuilder;
+import com.android.org.bouncycastle.asn1.x500.X500NameStyle;
+import com.android.org.bouncycastle.util.Strings;
+import com.android.org.bouncycastle.util.encoders.Hex;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class IETFUtils
+{
+    private static String unescape(String elt)
+    {
+        if (elt.length() == 0 || (elt.indexOf('\\') < 0 && elt.indexOf('"') < 0))
+        {
+            return elt.trim();
+        }
+
+        char[] elts = elt.toCharArray();
+        boolean escaped = false;
+        boolean quoted = false;
+        StringBuffer buf = new StringBuffer(elt.length());
+        int start = 0;
+
+        // if it's an escaped hash string and not an actual encoding in string form
+        // we need to leave it escaped.
+        if (elts[0] == '\\')
+        {
+            if (elts[1] == '#')
+            {
+                start = 2;
+                buf.append("\\#");
+            }
+        }
+
+        boolean nonWhiteSpaceEncountered = false;
+        int     lastEscaped = 0;
+        char    hex1 = 0;
+
+        for (int i = start; i != elts.length; i++)
+        {
+            char c = elts[i];
+
+            if (c != ' ')
+            {
+                nonWhiteSpaceEncountered = true;
+            }
+
+            if (c == '"')
+            {
+                if (!escaped)
+                {
+                    quoted = !quoted;
+                }
+                else
+                {
+                    buf.append(c);
+                }
+                escaped = false;
+            }
+            else if (c == '\\' && !(escaped || quoted))
+            {
+                escaped = true;
+                lastEscaped = buf.length();
+            }
+            else
+            {
+                if (c == ' ' && !escaped && !nonWhiteSpaceEncountered)
+                {
+                    continue;
+                }
+                if (escaped && isHexDigit(c))
+                {
+                    if (hex1 != 0)
+                    {
+                        buf.append((char)(convertHex(hex1) * 16 + convertHex(c)));
+                        escaped = false;
+                        hex1 = 0;
+                        continue;
+                    }
+                    hex1 = c;
+                    continue;
+                }
+                buf.append(c);
+                escaped = false;
+            }
+        }
+
+        if (buf.length() > 0)
+        {
+            while (buf.charAt(buf.length() - 1) == ' ' && lastEscaped != (buf.length() - 1))
+            {
+                buf.setLength(buf.length() - 1);
+            }
+        }
+
+        return buf.toString();
+    }
+
+    private static boolean isHexDigit(char c)
+    {
+        return ('0' <= c && c <= '9') || ('a' <= c && c <= 'f') || ('A' <= c && c <= 'F');
+    }
+
+    private static int convertHex(char c)
+    {
+        if ('0' <= c && c <= '9')
+        {
+            return c - '0';
+        }
+        if ('a' <= c && c <= 'f')
+        {
+            return c - 'a' + 10;
+        }
+        return c - 'A' + 10;
+    }
+
+    public static RDN[] rDNsFromString(String name, X500NameStyle x500Style)
+    {
+        X500NameTokenizer nTok = new X500NameTokenizer(name);
+        X500NameBuilder builder = new X500NameBuilder(x500Style);
+
+        while (nTok.hasMoreTokens())
+        {
+            String  token = nTok.nextToken();
+
+            if (token.indexOf('+') > 0)
+            {
+                X500NameTokenizer   pTok = new X500NameTokenizer(token, '+');
+                X500NameTokenizer   vTok = new X500NameTokenizer(pTok.nextToken(), '=');
+
+                String              attr = vTok.nextToken();
+
+                if (!vTok.hasMoreTokens())
+                {
+                    throw new IllegalArgumentException("badly formatted directory string");
+                }
+
+                String               value = vTok.nextToken();
+                ASN1ObjectIdentifier oid = x500Style.attrNameToOID(attr.trim());
+
+                if (pTok.hasMoreTokens())
+                {
+                    Vector oids = new Vector();
+                    Vector values = new Vector();
+
+                    oids.addElement(oid);
+                    values.addElement(unescape(value));
+
+                    while (pTok.hasMoreTokens())
+                    {
+                        vTok = new X500NameTokenizer(pTok.nextToken(), '=');
+
+                        attr = vTok.nextToken();
+
+                        if (!vTok.hasMoreTokens())
+                        {
+                            throw new IllegalArgumentException("badly formatted directory string");
+                        }
+
+                        value = vTok.nextToken();
+                        oid = x500Style.attrNameToOID(attr.trim());
+
+
+                        oids.addElement(oid);
+                        values.addElement(unescape(value));
+                    }
+
+                    builder.addMultiValuedRDN(toOIDArray(oids), toValueArray(values));
+                }
+                else
+                {
+                    builder.addRDN(oid, unescape(value));
+                }
+            }
+            else
+            {
+                X500NameTokenizer   vTok = new X500NameTokenizer(token, '=');
+
+                String              attr = vTok.nextToken();
+
+                if (!vTok.hasMoreTokens())
+                {
+                    throw new IllegalArgumentException("badly formatted directory string");
+                }
+
+                String               value = vTok.nextToken();
+                ASN1ObjectIdentifier oid = x500Style.attrNameToOID(attr.trim());
+
+                builder.addRDN(oid, unescape(value));
+            }
+        }
+
+        return builder.build().getRDNs();
+    }
+
+    private static String[] toValueArray(Vector values)
+    {
+        String[] tmp = new String[values.size()];
+
+        for (int i = 0; i != tmp.length; i++)
+        {
+            tmp[i] = (String)values.elementAt(i);
+        }
+
+        return tmp;
+    }
+
+    private static ASN1ObjectIdentifier[] toOIDArray(Vector oids)
+    {
+        ASN1ObjectIdentifier[] tmp = new ASN1ObjectIdentifier[oids.size()];
+
+        for (int i = 0; i != tmp.length; i++)
+        {
+            tmp[i] = (ASN1ObjectIdentifier)oids.elementAt(i);
+        }
+
+        return tmp;
+    }
+
+    public static String[] findAttrNamesForOID(
+        ASN1ObjectIdentifier oid,
+        Hashtable            lookup)
+    {
+        int count = 0;
+        for (Enumeration en = lookup.elements(); en.hasMoreElements();)
+        {
+            if (oid.equals(en.nextElement()))
+            {
+                count++;
+            }
+        }
+
+        String[] aliases = new String[count];
+        count = 0;
+
+        for (Enumeration en = lookup.keys(); en.hasMoreElements();)
+        {
+            String key = (String)en.nextElement();
+            if (oid.equals(lookup.get(key)))
+            {
+                aliases[count++] = key;
+            }
+        }
+
+        return aliases;
+    }
+
+    public static ASN1ObjectIdentifier decodeAttrName(
+        String      name,
+        Hashtable   lookUp)
+    {
+        if (Strings.toUpperCase(name).startsWith("OID."))
+        {
+            return new ASN1ObjectIdentifier(name.substring(4));
+        }
+        else if (name.charAt(0) >= '0' && name.charAt(0) <= '9')
+        {
+            return new ASN1ObjectIdentifier(name);
+        }
+
+        ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)lookUp.get(Strings.toLowerCase(name));
+        if (oid == null)
+        {
+            throw new IllegalArgumentException("Unknown object id - " + name + " - passed to distinguished name");
+        }
+
+        return oid;
+    }
+
+    public static ASN1Encodable valueFromHexString(
+        String  str,
+        int     off)
+        throws IOException
+    {
+        byte[] data = new byte[(str.length() - off) / 2];
+        for (int index = 0; index != data.length; index++)
+        {
+            char left = str.charAt((index * 2) + off);
+            char right = str.charAt((index * 2) + off + 1);
+
+            data[index] = (byte)((convertHex(left) << 4) | convertHex(right));
+        }
+
+        return ASN1Primitive.fromByteArray(data);
+    }
+
+    public static void appendRDN(
+        StringBuffer          buf,
+        RDN                   rdn,
+        Hashtable             oidSymbols)
+    {
+        if (rdn.isMultiValued())
+        {
+            AttributeTypeAndValue[] atv = rdn.getTypesAndValues();
+            boolean firstAtv = true;
+
+            for (int j = 0; j != atv.length; j++)
+            {
+                if (firstAtv)
+                {
+                    firstAtv = false;
+                }
+                else
+                {
+                    buf.append('+');
+                }
+
+                IETFUtils.appendTypeAndValue(buf, atv[j], oidSymbols);
+            }
+        }
+        else
+        {
+            if (rdn.getFirst() != null)
+            {
+                IETFUtils.appendTypeAndValue(buf, rdn.getFirst(), oidSymbols);
+            }
+        }
+    }
+
+    public static void appendTypeAndValue(
+        StringBuffer          buf,
+        AttributeTypeAndValue typeAndValue,
+        Hashtable             oidSymbols)
+    {
+        String  sym = (String)oidSymbols.get(typeAndValue.getType());
+
+        if (sym != null)
+        {
+            buf.append(sym);
+        }
+        else
+        {
+            buf.append(typeAndValue.getType().getId());
+        }
+
+        buf.append('=');
+
+        buf.append(valueToString(typeAndValue.getValue()));
+    }
+
+    public static String valueToString(ASN1Encodable value)
+    {
+        StringBuffer vBuf = new StringBuffer();
+
+        if (value instanceof ASN1String && !(value instanceof DERUniversalString))
+        {
+            String v = ((ASN1String)value).getString();
+            if (v.length() > 0 && v.charAt(0) == '#')
+            {
+                vBuf.append("\\" + v);
+            }
+            else
+            {
+                vBuf.append(v);
+            }
+        }
+        else
+        {
+            try
+            {
+                vBuf.append("#" + bytesToString(Hex.encode(value.toASN1Primitive().getEncoded(ASN1Encoding.DER))));
+            }
+            catch (IOException e)
+            {
+                throw new IllegalArgumentException("Other value has no encoded form");
+            }
+        }
+
+        int     end = vBuf.length();
+        int     index = 0;
+
+        if (vBuf.length() >= 2 && vBuf.charAt(0) == '\\' && vBuf.charAt(1) == '#')
+        {
+            index += 2;
+        }
+
+        while (index != end)
+        {
+            if ((vBuf.charAt(index) == ',')
+               || (vBuf.charAt(index) == '"')
+               || (vBuf.charAt(index) == '\\')
+               || (vBuf.charAt(index) == '+')
+               || (vBuf.charAt(index) == '=')
+               || (vBuf.charAt(index) == '<')
+               || (vBuf.charAt(index) == '>')
+               || (vBuf.charAt(index) == ';'))
+            {
+                vBuf.insert(index, "\\");
+                index++;
+                end++;
+            }
+
+            index++;
+        }
+
+        int start = 0;
+        if (vBuf.length() > 0)
+        {
+            while (vBuf.length() > start && vBuf.charAt(start) == ' ')
+            {
+                vBuf.insert(start, "\\");
+                start += 2;
+            }
+        }
+
+        int endBuf = vBuf.length() - 1;
+
+        while (endBuf >= 0 && vBuf.charAt(endBuf) == ' ')
+        {
+            vBuf.insert(endBuf, '\\');
+            endBuf--;
+        }
+
+        return vBuf.toString();
+    }
+
+    private static String bytesToString(
+        byte[] data)
+    {
+        char[]  cs = new char[data.length];
+
+        for (int i = 0; i != cs.length; i++)
+        {
+            cs[i] = (char)(data[i] & 0xff);
+        }
+
+        return new String(cs);
+    }
+
+    public static String canonicalize(String s)
+    {
+        String value = Strings.toLowerCase(s);
+
+        if (value.length() > 0 && value.charAt(0) == '#')
+        {
+            ASN1Primitive obj = decodeObject(value);
+
+            if (obj instanceof ASN1String)
+            {
+                value = Strings.toLowerCase(((ASN1String)obj).getString());
+            }
+        }
+
+        if (value.length() > 1)
+        {
+            int start = 0;
+            while (start + 1 < value.length() && value.charAt(start) == '\\' && value.charAt(start + 1) == ' ')
+            {
+                start += 2;
+            }
+
+            int end = value.length() - 1;
+            while (end - 1 > 0 && value.charAt(end - 1) == '\\' && value.charAt(end) == ' ')
+            {
+                end -= 2;
+            }
+
+            if (start > 0 || end < value.length() - 1)
+            {
+                value = value.substring(start, end + 1);
+            }
+        }
+
+        value = stripInternalSpaces(value);
+
+        return value;
+    }
+
+    private static ASN1Primitive decodeObject(String oValue)
+    {
+        try
+        {
+            return ASN1Primitive.fromByteArray(Hex.decode(oValue.substring(1)));
+        }
+        catch (IOException e)
+        {
+            throw new IllegalStateException("unknown encoding in name: " + e);
+        }
+    }
+
+    public static String stripInternalSpaces(
+        String str)
+    {
+        StringBuffer res = new StringBuffer();
+
+        if (str.length() != 0)
+        {
+            char c1 = str.charAt(0);
+
+            res.append(c1);
+
+            for (int k = 1; k < str.length(); k++)
+            {
+                char c2 = str.charAt(k);
+                if (!(c1 == ' ' && c2 == ' '))
+                {
+                    res.append(c2);
+                }
+                c1 = c2;
+            }
+        }
+
+        return res.toString();
+    }
+
+    public static boolean rDNAreEqual(RDN rdn1, RDN rdn2)
+    {
+        if (rdn1.isMultiValued())
+        {
+            if (rdn2.isMultiValued())
+            {
+                AttributeTypeAndValue[] atvs1 = rdn1.getTypesAndValues();
+                AttributeTypeAndValue[] atvs2 = rdn2.getTypesAndValues();
+
+                if (atvs1.length != atvs2.length)
+                {
+                    return false;
+                }
+
+                for (int i = 0; i != atvs1.length; i++)
+                {
+                    if (!atvAreEqual(atvs1[i], atvs2[i]))
+                    {
+                        return false;
+                    }
+                }
+            }
+            else
+            {
+                return false;
+            }
+        }
+        else
+        {
+            if (!rdn2.isMultiValued())
+            {
+                return atvAreEqual(rdn1.getFirst(), rdn2.getFirst());
+            }
+            else
+            {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
+    private static boolean atvAreEqual(AttributeTypeAndValue atv1, AttributeTypeAndValue atv2)
+    {
+        if (atv1 == atv2)
+        {
+            return true;
+        }
+
+        if (atv1 == null)
+        {
+            return false;
+        }
+
+        if (atv2 == null)
+        {
+            return false;
+        }
+
+        ASN1ObjectIdentifier o1 = atv1.getType();
+        ASN1ObjectIdentifier o2 = atv2.getType();
+
+        if (!o1.equals(o2))
+        {
+            return false;
+        }
+
+        String v1 = IETFUtils.canonicalize(IETFUtils.valueToString(atv1.getValue()));
+        String v2 = IETFUtils.canonicalize(IETFUtils.valueToString(atv2.getValue()));
+
+        if (!v1.equals(v2))
+        {
+            return false;
+        }
+
+        return true;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/style/RFC4519Style.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/style/RFC4519Style.java
new file mode 100644
index 0000000..0499180
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/style/RFC4519Style.java

@@ -0,0 +1,252 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x500.style;
+
+import java.util.Hashtable;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.DERIA5String;
+import com.android.org.bouncycastle.asn1.DERPrintableString;
+import com.android.org.bouncycastle.asn1.x500.RDN;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+import com.android.org.bouncycastle.asn1.x500.X500NameStyle;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class RFC4519Style
+	extends AbstractX500NameStyle
+{
+    public static final ASN1ObjectIdentifier businessCategory = new ASN1ObjectIdentifier("2.5.4.15").intern();
+    public static final ASN1ObjectIdentifier c = new ASN1ObjectIdentifier("2.5.4.6").intern();
+    public static final ASN1ObjectIdentifier cn = new ASN1ObjectIdentifier("2.5.4.3").intern();
+    public static final ASN1ObjectIdentifier dc = new ASN1ObjectIdentifier("0.9.2342.19200300.100.1.25").intern();
+    public static final ASN1ObjectIdentifier description = new ASN1ObjectIdentifier("2.5.4.13").intern();
+    public static final ASN1ObjectIdentifier destinationIndicator = new ASN1ObjectIdentifier("2.5.4.27").intern();
+    public static final ASN1ObjectIdentifier distinguishedName = new ASN1ObjectIdentifier("2.5.4.49").intern();
+    public static final ASN1ObjectIdentifier dnQualifier = new ASN1ObjectIdentifier("2.5.4.46").intern();
+    public static final ASN1ObjectIdentifier enhancedSearchGuide = new ASN1ObjectIdentifier("2.5.4.47").intern();
+    public static final ASN1ObjectIdentifier facsimileTelephoneNumber = new ASN1ObjectIdentifier("2.5.4.23").intern();
+    public static final ASN1ObjectIdentifier generationQualifier = new ASN1ObjectIdentifier("2.5.4.44").intern();
+    public static final ASN1ObjectIdentifier givenName = new ASN1ObjectIdentifier("2.5.4.42").intern();
+    public static final ASN1ObjectIdentifier houseIdentifier = new ASN1ObjectIdentifier("2.5.4.51").intern();
+    public static final ASN1ObjectIdentifier initials = new ASN1ObjectIdentifier("2.5.4.43").intern();
+    public static final ASN1ObjectIdentifier internationalISDNNumber = new ASN1ObjectIdentifier("2.5.4.25").intern();
+    public static final ASN1ObjectIdentifier l = new ASN1ObjectIdentifier("2.5.4.7").intern();
+    public static final ASN1ObjectIdentifier member = new ASN1ObjectIdentifier("2.5.4.31").intern();
+    public static final ASN1ObjectIdentifier name = new ASN1ObjectIdentifier("2.5.4.41").intern();
+    public static final ASN1ObjectIdentifier o = new ASN1ObjectIdentifier("2.5.4.10").intern();
+    public static final ASN1ObjectIdentifier ou = new ASN1ObjectIdentifier("2.5.4.11").intern();
+    public static final ASN1ObjectIdentifier owner = new ASN1ObjectIdentifier("2.5.4.32").intern();
+    public static final ASN1ObjectIdentifier physicalDeliveryOfficeName = new ASN1ObjectIdentifier("2.5.4.19").intern();
+    public static final ASN1ObjectIdentifier postalAddress = new ASN1ObjectIdentifier("2.5.4.16").intern();
+    public static final ASN1ObjectIdentifier postalCode = new ASN1ObjectIdentifier("2.5.4.17").intern();
+    public static final ASN1ObjectIdentifier postOfficeBox = new ASN1ObjectIdentifier("2.5.4.18").intern();
+    public static final ASN1ObjectIdentifier preferredDeliveryMethod = new ASN1ObjectIdentifier("2.5.4.28").intern();
+    public static final ASN1ObjectIdentifier registeredAddress = new ASN1ObjectIdentifier("2.5.4.26").intern();
+    public static final ASN1ObjectIdentifier roleOccupant = new ASN1ObjectIdentifier("2.5.4.33").intern();
+    public static final ASN1ObjectIdentifier searchGuide = new ASN1ObjectIdentifier("2.5.4.14").intern();
+    public static final ASN1ObjectIdentifier seeAlso = new ASN1ObjectIdentifier("2.5.4.34").intern();
+    public static final ASN1ObjectIdentifier serialNumber = new ASN1ObjectIdentifier("2.5.4.5").intern();
+    public static final ASN1ObjectIdentifier sn = new ASN1ObjectIdentifier("2.5.4.4").intern();
+    public static final ASN1ObjectIdentifier st = new ASN1ObjectIdentifier("2.5.4.8").intern();
+    public static final ASN1ObjectIdentifier street = new ASN1ObjectIdentifier("2.5.4.9").intern();
+    public static final ASN1ObjectIdentifier telephoneNumber = new ASN1ObjectIdentifier("2.5.4.20").intern();
+    public static final ASN1ObjectIdentifier teletexTerminalIdentifier = new ASN1ObjectIdentifier("2.5.4.22").intern();
+    public static final ASN1ObjectIdentifier telexNumber = new ASN1ObjectIdentifier("2.5.4.21").intern();
+    public static final ASN1ObjectIdentifier title = new ASN1ObjectIdentifier("2.5.4.12").intern();
+    public static final ASN1ObjectIdentifier uid = new ASN1ObjectIdentifier("0.9.2342.19200300.100.1.1").intern();
+    public static final ASN1ObjectIdentifier uniqueMember = new ASN1ObjectIdentifier("2.5.4.50").intern();
+    public static final ASN1ObjectIdentifier userPassword = new ASN1ObjectIdentifier("2.5.4.35").intern();
+    public static final ASN1ObjectIdentifier x121Address = new ASN1ObjectIdentifier("2.5.4.24").intern();
+    public static final ASN1ObjectIdentifier x500UniqueIdentifier = new ASN1ObjectIdentifier("2.5.4.45").intern();
+
+    /**
+     * default look up table translating OID values into their common symbols following
+     * the convention in RFC 2253 with a few extras
+     */
+    private static final Hashtable DefaultSymbols = new Hashtable();
+
+    /**
+     * look up table translating common symbols into their OIDS.
+     */
+    private static final Hashtable DefaultLookUp = new Hashtable();
+
+    static
+    {
+        DefaultSymbols.put(businessCategory, "businessCategory");
+        DefaultSymbols.put(c, "c");
+        DefaultSymbols.put(cn, "cn");
+        DefaultSymbols.put(dc, "dc");
+        DefaultSymbols.put(description, "description");
+        DefaultSymbols.put(destinationIndicator, "destinationIndicator");
+        DefaultSymbols.put(distinguishedName, "distinguishedName");
+        DefaultSymbols.put(dnQualifier, "dnQualifier");
+        DefaultSymbols.put(enhancedSearchGuide, "enhancedSearchGuide");
+        DefaultSymbols.put(facsimileTelephoneNumber, "facsimileTelephoneNumber");
+        DefaultSymbols.put(generationQualifier, "generationQualifier");
+        DefaultSymbols.put(givenName, "givenName");
+        DefaultSymbols.put(houseIdentifier, "houseIdentifier");
+        DefaultSymbols.put(initials, "initials");
+        DefaultSymbols.put(internationalISDNNumber, "internationalISDNNumber");
+        DefaultSymbols.put(l, "l");
+        DefaultSymbols.put(member, "member");
+        DefaultSymbols.put(name, "name");
+        DefaultSymbols.put(o, "o");
+        DefaultSymbols.put(ou, "ou");
+        DefaultSymbols.put(owner, "owner");
+        DefaultSymbols.put(physicalDeliveryOfficeName, "physicalDeliveryOfficeName");
+        DefaultSymbols.put(postalAddress, "postalAddress");
+        DefaultSymbols.put(postalCode, "postalCode");
+        DefaultSymbols.put(postOfficeBox, "postOfficeBox");
+        DefaultSymbols.put(preferredDeliveryMethod, "preferredDeliveryMethod");
+        DefaultSymbols.put(registeredAddress, "registeredAddress");
+        DefaultSymbols.put(roleOccupant, "roleOccupant");
+        DefaultSymbols.put(searchGuide, "searchGuide");
+        DefaultSymbols.put(seeAlso, "seeAlso");
+        DefaultSymbols.put(serialNumber, "serialNumber");
+        DefaultSymbols.put(sn, "sn");
+        DefaultSymbols.put(st, "st");
+        DefaultSymbols.put(street, "street");
+        DefaultSymbols.put(telephoneNumber, "telephoneNumber");
+        DefaultSymbols.put(teletexTerminalIdentifier, "teletexTerminalIdentifier");
+        DefaultSymbols.put(telexNumber, "telexNumber");
+        DefaultSymbols.put(title, "title");
+        DefaultSymbols.put(uid, "uid");
+        DefaultSymbols.put(uniqueMember, "uniqueMember");
+        DefaultSymbols.put(userPassword, "userPassword");
+        DefaultSymbols.put(x121Address, "x121Address");
+        DefaultSymbols.put(x500UniqueIdentifier, "x500UniqueIdentifier");
+
+        DefaultLookUp.put("businesscategory", businessCategory);
+        DefaultLookUp.put("c", c);
+        DefaultLookUp.put("cn", cn);
+        DefaultLookUp.put("dc", dc);
+        DefaultLookUp.put("description", description);
+        DefaultLookUp.put("destinationindicator", destinationIndicator);
+        DefaultLookUp.put("distinguishedname", distinguishedName);
+        DefaultLookUp.put("dnqualifier", dnQualifier);
+        DefaultLookUp.put("enhancedsearchguide", enhancedSearchGuide);
+        DefaultLookUp.put("facsimiletelephonenumber", facsimileTelephoneNumber);
+        DefaultLookUp.put("generationqualifier", generationQualifier);
+        DefaultLookUp.put("givenname", givenName);
+        DefaultLookUp.put("houseidentifier", houseIdentifier);
+        DefaultLookUp.put("initials", initials);
+        DefaultLookUp.put("internationalisdnnumber", internationalISDNNumber);
+        DefaultLookUp.put("l", l);
+        DefaultLookUp.put("member", member);
+        DefaultLookUp.put("name", name);
+        DefaultLookUp.put("o", o);
+        DefaultLookUp.put("ou", ou);
+        DefaultLookUp.put("owner", owner);
+        DefaultLookUp.put("physicaldeliveryofficename", physicalDeliveryOfficeName);
+        DefaultLookUp.put("postaladdress", postalAddress);
+        DefaultLookUp.put("postalcode", postalCode);
+        DefaultLookUp.put("postofficebox", postOfficeBox);
+        DefaultLookUp.put("preferreddeliverymethod", preferredDeliveryMethod);
+        DefaultLookUp.put("registeredaddress", registeredAddress);
+        DefaultLookUp.put("roleoccupant", roleOccupant);
+        DefaultLookUp.put("searchguide", searchGuide);
+        DefaultLookUp.put("seealso", seeAlso);
+        DefaultLookUp.put("serialnumber", serialNumber);
+        DefaultLookUp.put("sn", sn);
+        DefaultLookUp.put("st", st);
+        DefaultLookUp.put("street", street);
+        DefaultLookUp.put("telephonenumber", telephoneNumber);
+        DefaultLookUp.put("teletexterminalidentifier", teletexTerminalIdentifier);
+        DefaultLookUp.put("telexnumber", telexNumber);
+        DefaultLookUp.put("title", title);
+        DefaultLookUp.put("uid", uid);
+        DefaultLookUp.put("uniquemember", uniqueMember);
+        DefaultLookUp.put("userpassword", userPassword);
+        DefaultLookUp.put("x121address", x121Address);
+        DefaultLookUp.put("x500uniqueidentifier", x500UniqueIdentifier);
+
+        // TODO: need to add correct matching for equality comparisons.
+    }
+
+    /**
+     * Singleton instance.
+     */
+    public static final X500NameStyle INSTANCE = new RFC4519Style();
+
+    protected final Hashtable defaultLookUp;
+    protected final Hashtable defaultSymbols;
+
+    protected RFC4519Style()
+    {
+        defaultSymbols = copyHashTable(DefaultSymbols);
+        defaultLookUp = copyHashTable(DefaultLookUp);
+    }
+
+    protected ASN1Encodable encodeStringValue(ASN1ObjectIdentifier oid,
+    		String value) {
+    	if (oid.equals(dc))
+        {
+            return new DERIA5String(value);
+        }
+        else if (oid.equals(c) || oid.equals(serialNumber) || oid.equals(dnQualifier)
+            || oid.equals(telephoneNumber))
+        {
+            return new DERPrintableString(value);
+        }
+
+    	return super.encodeStringValue(oid, value);
+    }
+
+    public String oidToDisplayName(ASN1ObjectIdentifier oid)
+    {
+        return (String)DefaultSymbols.get(oid);
+    }
+
+    public String[] oidToAttrNames(ASN1ObjectIdentifier oid)
+    {
+        return IETFUtils.findAttrNamesForOID(oid, defaultLookUp);
+    }
+
+    public ASN1ObjectIdentifier attrNameToOID(String attrName)
+    {
+        return IETFUtils.decodeAttrName(attrName, defaultLookUp);
+    }
+
+    // parse backwards
+    public RDN[] fromString(String dirName)
+    {
+        RDN[] tmp = IETFUtils.rDNsFromString(dirName, this);
+        RDN[] res = new RDN[tmp.length];
+
+        for (int i = 0; i != tmp.length; i++)
+        {
+            res[res.length - i - 1] = tmp[i];
+        }
+
+        return res;
+    }
+
+    // convert in reverse
+    public String toString(X500Name name)
+    {
+        StringBuffer buf = new StringBuffer();
+        boolean first = true;
+
+        RDN[] rdns = name.getRDNs();
+
+        for (int i = rdns.length - 1; i >= 0; i--)
+        {
+            if (first)
+            {
+                first = false;
+            }
+            else
+            {
+                buf.append(',');
+            }
+
+            IETFUtils.appendRDN(buf, rdns[i], defaultSymbols);
+        }
+
+        return buf.toString();
+    }
+
+    
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/style/X500NameTokenizer.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/style/X500NameTokenizer.java
new file mode 100644
index 0000000..3f08dad
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x500/style/X500NameTokenizer.java

@@ -0,0 +1,92 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x500.style;
+
+/**
+ * class for breaking up an X500 Name into it's component tokens, ala
+ * java.util.StringTokenizer. We need this class as some of the
+ * lightweight Java environment don't support classes like
+ * StringTokenizer.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class X500NameTokenizer
+{
+    private String          value;
+    private int             index;
+    private char            separator;
+    private StringBuffer    buf = new StringBuffer();
+
+    public X500NameTokenizer(
+        String  oid)
+    {
+        this(oid, ',');
+    }
+    
+    public X500NameTokenizer(
+        String  oid,
+        char    separator)
+    {
+        this.value = oid;
+        this.index = -1;
+        this.separator = separator;
+    }
+
+    public boolean hasMoreTokens()
+    {
+        return (index != value.length());
+    }
+
+    public String nextToken()
+    {
+        if (index == value.length())
+        {
+            return null;
+        }
+
+        int     end = index + 1;
+        boolean quoted = false;
+        boolean escaped = false;
+
+        buf.setLength(0);
+
+        while (end != value.length())
+        {
+            char    c = value.charAt(end);
+
+            if (c == '"')
+            {
+                if (!escaped)
+                {
+                    quoted = !quoted;
+                }
+                buf.append(c);
+                escaped = false;
+            }
+            else
+            {
+                if (escaped || quoted)
+                {
+                    buf.append(c);
+                    escaped = false;
+                }
+                else if (c == '\\')
+                {
+                    buf.append(c);
+                    escaped = true;
+                }
+                else if (c == separator)
+                {
+                    break;
+                }
+                else
+                {
+                    buf.append(c);
+                }
+            }
+            end++;
+        }
+
+        index = end;
+
+        return buf.toString();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/AlgorithmIdentifier.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/AlgorithmIdentifier.java
new file mode 100644
index 0000000..1e0c132
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/AlgorithmIdentifier.java

@@ -0,0 +1,116 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public class AlgorithmIdentifier
+    extends ASN1Object
+{
+    private ASN1ObjectIdentifier algorithm;
+    private ASN1Encodable       parameters;
+
+    public static AlgorithmIdentifier getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+    
+    public static AlgorithmIdentifier getInstance(
+        Object  obj)
+    {
+        if (obj instanceof AlgorithmIdentifier)
+        {
+            return (AlgorithmIdentifier)obj;
+        }
+        else if (obj != null)
+        {
+            return new AlgorithmIdentifier(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public AlgorithmIdentifier(
+        ASN1ObjectIdentifier algorithm)
+    {
+        this.algorithm = algorithm;
+    }
+
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public AlgorithmIdentifier(
+        ASN1ObjectIdentifier algorithm,
+        ASN1Encodable           parameters)
+    {
+        this.algorithm = algorithm;
+        this.parameters = parameters;
+    }
+
+    private AlgorithmIdentifier(
+        ASN1Sequence   seq)
+    {
+        if (seq.size() < 1 || seq.size() > 2)
+        {
+            throw new IllegalArgumentException("Bad sequence size: "
+                    + seq.size());
+        }
+        
+        algorithm = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
+
+        if (seq.size() == 2)
+        {
+            parameters = seq.getObjectAt(1);
+        }
+        else
+        {
+            parameters = null;
+        }
+    }
+
+    @libcore.api.CorePlatformApi
+    public ASN1ObjectIdentifier getAlgorithm()
+    {
+        return algorithm;
+    }
+
+    public ASN1Encodable getParameters()
+    {
+        return parameters;
+    }
+
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     * <pre>
+     *      AlgorithmIdentifier ::= SEQUENCE {
+     *                            algorithm OBJECT IDENTIFIER,
+     *                            parameters ANY DEFINED BY algorithm OPTIONAL }
+     * </pre>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        v.add(algorithm);
+
+        if (parameters != null)
+        {
+            v.add(parameters);
+        }
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/AttCertIssuer.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/AttCertIssuer.java
new file mode 100644
index 0000000..7d343dd
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/AttCertIssuer.java

@@ -0,0 +1,95 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1Choice;
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class AttCertIssuer
+    extends ASN1Object
+    implements ASN1Choice
+{
+    ASN1Encodable   obj;
+    ASN1Primitive choiceObj;
+    
+    public static AttCertIssuer getInstance(
+        Object  obj)
+    {
+        if (obj == null || obj instanceof AttCertIssuer)
+        {
+            return (AttCertIssuer)obj;
+        }
+        else if (obj instanceof V2Form)
+        {
+            return new AttCertIssuer(V2Form.getInstance(obj));
+        }
+        else if (obj instanceof GeneralNames)
+        {
+            return new AttCertIssuer((GeneralNames)obj);
+        }
+        else if (obj instanceof ASN1TaggedObject)
+        {
+            return new AttCertIssuer(V2Form.getInstance((ASN1TaggedObject)obj, false));
+        }
+        else if (obj instanceof ASN1Sequence)
+        {
+            return new AttCertIssuer(GeneralNames.getInstance(obj));
+        }
+
+        throw new IllegalArgumentException("unknown object in factory: " + obj.getClass().getName());
+    }
+    
+    public static AttCertIssuer getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(obj.getObject()); // must be explicitly tagged
+    }
+
+    /**
+     * Don't use this one if you are trying to be RFC 3281 compliant.
+     * Use it for v1 attribute certificates only.
+     * 
+     * @param names our GeneralNames structure
+     */
+    public AttCertIssuer(
+        GeneralNames  names)
+    {
+        obj = names;
+        choiceObj = obj.toASN1Primitive();
+    }
+    
+    public AttCertIssuer(
+        V2Form  v2Form)
+    {
+        obj = v2Form;
+        choiceObj = new DERTaggedObject(false, 0, obj);
+    }
+
+    public ASN1Encodable getIssuer()
+    {
+        return obj;
+    }
+    
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     * <pre>
+     *  AttCertIssuer ::= CHOICE {
+     *       v1Form   GeneralNames,  -- MUST NOT be used in this
+     *                               -- profile
+     *       v2Form   [0] V2Form     -- v2 only
+     *  }
+     * </pre>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        return choiceObj;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/AttCertValidityPeriod.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/AttCertValidityPeriod.java
new file mode 100644
index 0000000..1e7b5fa
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/AttCertValidityPeriod.java

@@ -0,0 +1,88 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1GeneralizedTime;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class AttCertValidityPeriod
+    extends ASN1Object
+{
+    ASN1GeneralizedTime  notBeforeTime;
+    ASN1GeneralizedTime  notAfterTime;
+
+    public static AttCertValidityPeriod getInstance(
+            Object  obj)
+    {
+        if (obj instanceof AttCertValidityPeriod)
+        {
+            return (AttCertValidityPeriod)obj;
+        }
+        else if (obj != null)
+        {
+            return new AttCertValidityPeriod(ASN1Sequence.getInstance(obj));
+        }
+        
+        return null;
+    }
+    
+    private AttCertValidityPeriod(
+        ASN1Sequence    seq)
+    {
+        if (seq.size() != 2)
+        {
+            throw new IllegalArgumentException("Bad sequence size: "
+                    + seq.size());
+        }
+
+        notBeforeTime = ASN1GeneralizedTime.getInstance(seq.getObjectAt(0));
+        notAfterTime = ASN1GeneralizedTime.getInstance(seq.getObjectAt(1));
+    }
+
+    /**
+     * @param notBeforeTime
+     * @param notAfterTime
+     */
+    public AttCertValidityPeriod(
+        ASN1GeneralizedTime notBeforeTime,
+        ASN1GeneralizedTime notAfterTime)
+    {
+        this.notBeforeTime = notBeforeTime;
+        this.notAfterTime = notAfterTime;
+    }
+
+    public ASN1GeneralizedTime getNotBeforeTime()
+    {
+        return notBeforeTime;
+    }
+
+    public ASN1GeneralizedTime getNotAfterTime()
+    {
+        return notAfterTime;
+    }
+
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     * <pre>
+     *  AttCertValidityPeriod  ::= SEQUENCE {
+     *       notBeforeTime  GeneralizedTime,
+     *       notAfterTime   GeneralizedTime
+     *  } 
+     * </pre>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        v.add(notBeforeTime);
+        v.add(notAfterTime);
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/Attribute.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/Attribute.java
new file mode 100644
index 0000000..4328173
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/Attribute.java

@@ -0,0 +1,97 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1Set;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class Attribute
+    extends ASN1Object
+{
+    private ASN1ObjectIdentifier attrType;
+    private ASN1Set             attrValues;
+
+    /**
+     * return an Attribute object from the given object.
+     *
+     * @param o the object we want converted.
+     * @exception IllegalArgumentException if the object cannot be converted.
+     */
+    public static Attribute getInstance(
+        Object o)
+    {
+        if (o instanceof Attribute)
+        {
+            return (Attribute)o;
+        }
+        
+        if (o != null)
+        {
+            return new Attribute(ASN1Sequence.getInstance(o));
+        }
+
+        return null;
+    }
+    
+    private Attribute(
+        ASN1Sequence seq)
+    {
+        if (seq.size() != 2)
+        {
+            throw new IllegalArgumentException("Bad sequence size: " + seq.size());
+        }
+
+        attrType = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
+        attrValues = ASN1Set.getInstance(seq.getObjectAt(1));
+    }
+
+    public Attribute(
+        ASN1ObjectIdentifier attrType,
+        ASN1Set             attrValues)
+    {
+        this.attrType = attrType;
+        this.attrValues = attrValues;
+    }
+
+    public ASN1ObjectIdentifier getAttrType()
+    {
+        return new ASN1ObjectIdentifier(attrType.getId());
+    }
+
+    public ASN1Encodable[] getAttributeValues()
+    {
+        return attrValues.toArray();
+    }
+
+    public ASN1Set getAttrValues()
+    {
+        return attrValues;
+    }
+
+    /** 
+     * Produce an object suitable for an ASN1OutputStream.
+     * <pre>
+     * Attribute ::= SEQUENCE {
+     *     attrType OBJECT IDENTIFIER,
+     *     attrValues SET OF AttributeValue
+     * }
+     * </pre>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(attrType);
+        v.add(attrValues);
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/AttributeCertificate.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/AttributeCertificate.java
new file mode 100644
index 0000000..af82c67
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/AttributeCertificate.java

@@ -0,0 +1,101 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class AttributeCertificate
+    extends ASN1Object
+{
+    AttributeCertificateInfo    acinfo;
+    AlgorithmIdentifier         signatureAlgorithm;
+    DERBitString                signatureValue;
+
+    /**
+     * @param obj
+     * @return an AttributeCertificate object
+     */
+    public static AttributeCertificate getInstance(Object obj)
+    {
+        if (obj instanceof AttributeCertificate)
+        {
+            return (AttributeCertificate)obj;
+        }
+        else if (obj != null)
+        {
+            return new AttributeCertificate(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+    
+    public AttributeCertificate(
+        AttributeCertificateInfo    acinfo,
+        AlgorithmIdentifier         signatureAlgorithm,
+        DERBitString                signatureValue)
+    {
+        this.acinfo = acinfo;
+        this.signatureAlgorithm = signatureAlgorithm;
+        this.signatureValue = signatureValue;
+    }
+
+    /**
+     * @deprecated use getInstance() method.
+     */
+    public AttributeCertificate(
+        ASN1Sequence    seq)
+    {
+        if (seq.size() != 3)
+        {
+            throw new IllegalArgumentException("Bad sequence size: "
+                    + seq.size());
+        }
+
+        this.acinfo = AttributeCertificateInfo.getInstance(seq.getObjectAt(0));
+        this.signatureAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(1));
+        this.signatureValue = DERBitString.getInstance(seq.getObjectAt(2));
+    }
+    
+    public AttributeCertificateInfo getAcinfo()
+    {
+        return acinfo;
+    }
+
+    public AlgorithmIdentifier getSignatureAlgorithm()
+    {
+        return signatureAlgorithm;
+    }
+
+    public DERBitString getSignatureValue()
+    {
+        return signatureValue;
+    }
+
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     * <pre>
+     *  AttributeCertificate ::= SEQUENCE {
+     *       acinfo               AttributeCertificateInfo,
+     *       signatureAlgorithm   AlgorithmIdentifier,
+     *       signatureValue       BIT STRING
+     *  }
+     * </pre>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        v.add(acinfo);
+        v.add(signatureAlgorithm);
+        v.add(signatureValue);
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/AttributeCertificateInfo.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/AttributeCertificateInfo.java
new file mode 100644
index 0000000..bc9e751
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/AttributeCertificateInfo.java

@@ -0,0 +1,184 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class AttributeCertificateInfo
+    extends ASN1Object
+{
+    private ASN1Integer             version;
+    private Holder                  holder;
+    private AttCertIssuer           issuer;
+    private AlgorithmIdentifier     signature;
+    private ASN1Integer              serialNumber;
+    private AttCertValidityPeriod   attrCertValidityPeriod;
+    private ASN1Sequence            attributes;
+    private DERBitString            issuerUniqueID;
+    private Extensions              extensions;
+
+    public static AttributeCertificateInfo getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static AttributeCertificateInfo getInstance(
+        Object  obj)
+    {
+        if (obj instanceof AttributeCertificateInfo)
+        {
+            return (AttributeCertificateInfo)obj;
+        }
+        else if (obj != null)
+        {
+            return new AttributeCertificateInfo(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    private AttributeCertificateInfo(
+        ASN1Sequence   seq)
+    {
+        if (seq.size() < 6 || seq.size() > 9)
+        {
+            throw new IllegalArgumentException("Bad sequence size: " + seq.size());
+        }
+
+        int start;
+        if (seq.getObjectAt(0) instanceof ASN1Integer)   // in version 1 certs version is DEFAULT  v1(0)
+        {
+            this.version = ASN1Integer.getInstance(seq.getObjectAt(0));
+            start = 1;
+        }
+        else
+        {
+            this.version = new ASN1Integer(0);
+            start = 0;
+        }
+
+        this.holder = Holder.getInstance(seq.getObjectAt(start));
+        this.issuer = AttCertIssuer.getInstance(seq.getObjectAt(start + 1));
+        this.signature = AlgorithmIdentifier.getInstance(seq.getObjectAt(start + 2));
+        this.serialNumber = ASN1Integer.getInstance(seq.getObjectAt(start + 3));
+        this.attrCertValidityPeriod = AttCertValidityPeriod.getInstance(seq.getObjectAt(start + 4));
+        this.attributes = ASN1Sequence.getInstance(seq.getObjectAt(start + 5));
+        
+        for (int i = start + 6; i < seq.size(); i++)
+        {
+            ASN1Encodable    obj = seq.getObjectAt(i);
+
+            if (obj instanceof DERBitString)
+            {
+                this.issuerUniqueID = DERBitString.getInstance(seq.getObjectAt(i));
+            }
+            else if (obj instanceof ASN1Sequence || obj instanceof Extensions)
+            {
+                this.extensions = Extensions.getInstance(seq.getObjectAt(i));
+            }
+        }
+    }
+    
+    public ASN1Integer getVersion()
+    {
+        return version;
+    }
+
+    public Holder getHolder()
+    {
+        return holder;
+    }
+
+    public AttCertIssuer getIssuer()
+    {
+        return issuer;
+    }
+
+    public AlgorithmIdentifier getSignature()
+    {
+        return signature;
+    }
+
+    public ASN1Integer getSerialNumber()
+    {
+        return serialNumber;
+    }
+
+    public AttCertValidityPeriod getAttrCertValidityPeriod()
+    {
+        return attrCertValidityPeriod;
+    }
+
+    public ASN1Sequence getAttributes()
+    {
+        return attributes;
+    }
+
+    public DERBitString getIssuerUniqueID()
+    {
+        return issuerUniqueID;
+    }
+
+    public Extensions getExtensions()
+    {
+        return extensions;
+    }
+
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     * <pre>
+     *  AttributeCertificateInfo ::= SEQUENCE {
+     *       version              AttCertVersion -- version is v2,
+     *       holder               Holder,
+     *       issuer               AttCertIssuer,
+     *       signature            AlgorithmIdentifier,
+     *       serialNumber         CertificateSerialNumber,
+     *       attrCertValidityPeriod   AttCertValidityPeriod,
+     *       attributes           SEQUENCE OF Attribute,
+     *       issuerUniqueID       UniqueIdentifier OPTIONAL,
+     *       extensions           Extensions OPTIONAL
+     *  }
+     *
+     *  AttCertVersion ::= INTEGER { v2(1) }
+     * </pre>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        if (version.getValue().intValue() != 0)
+        {
+            v.add(version);
+        }
+        v.add(holder);
+        v.add(issuer);
+        v.add(signature);
+        v.add(serialNumber);
+        v.add(attrCertValidityPeriod);
+        v.add(attributes);
+        
+        if (issuerUniqueID != null)
+        {
+            v.add(issuerUniqueID);
+        }
+        
+        if (extensions != null)
+        {
+            v.add(extensions);
+        }
+        
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java
new file mode 100644
index 0000000..5c10ce4
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/AuthorityKeyIdentifier.java

@@ -0,0 +1,238 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.math.BigInteger;
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+import com.android.org.bouncycastle.crypto.Digest;
+// Android-changed: Use Android digests
+// import org.bouncycastle.crypto.digests.SHA1Digest;
+import com.android.org.bouncycastle.crypto.digests.AndroidDigestFactory;
+import com.android.org.bouncycastle.util.encoders.Hex;
+
+/**
+ * The AuthorityKeyIdentifier object.
+ * <pre>
+ * id-ce-authorityKeyIdentifier OBJECT IDENTIFIER ::=  { id-ce 35 }
+ *
+ *   AuthorityKeyIdentifier ::= SEQUENCE {
+ *      keyIdentifier             [0] IMPLICIT KeyIdentifier           OPTIONAL,
+ *      authorityCertIssuer       [1] IMPLICIT GeneralNames            OPTIONAL,
+ *      authorityCertSerialNumber [2] IMPLICIT CertificateSerialNumber OPTIONAL  }
+ *
+ *   KeyIdentifier ::= OCTET STRING
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ *
+ */
+public class AuthorityKeyIdentifier
+    extends ASN1Object
+{
+    ASN1OctetString keyidentifier=null;
+    GeneralNames certissuer=null;
+    ASN1Integer certserno=null;
+
+    public static AuthorityKeyIdentifier getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static AuthorityKeyIdentifier getInstance(
+        Object  obj)
+    {
+        if (obj instanceof AuthorityKeyIdentifier)
+        {
+            return (AuthorityKeyIdentifier)obj;
+        }
+        if (obj != null)
+        {
+            return new AuthorityKeyIdentifier(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    public static AuthorityKeyIdentifier fromExtensions(Extensions extensions)
+    {
+         return AuthorityKeyIdentifier.getInstance(extensions.getExtensionParsedValue(Extension.authorityKeyIdentifier));
+    }
+
+    protected AuthorityKeyIdentifier(
+        ASN1Sequence   seq)
+    {
+        Enumeration     e = seq.getObjects();
+
+        while (e.hasMoreElements())
+        {
+            ASN1TaggedObject o = DERTaggedObject.getInstance(e.nextElement());
+
+            switch (o.getTagNo())
+            {
+            case 0:
+                this.keyidentifier = ASN1OctetString.getInstance(o, false);
+                break;
+            case 1:
+                this.certissuer = GeneralNames.getInstance(o, false);
+                break;
+            case 2:
+                this.certserno = ASN1Integer.getInstance(o, false);
+                break;
+            default:
+                throw new IllegalArgumentException("illegal tag");
+            }
+        }
+    }
+
+    /**
+     *
+     * Calulates the keyidentifier using a SHA1 hash over the BIT STRING
+     * from SubjectPublicKeyInfo as defined in RFC2459.
+     *
+     * Example of making a AuthorityKeyIdentifier:
+     * <pre>
+     *   SubjectPublicKeyInfo apki = new SubjectPublicKeyInfo((ASN1Sequence)new ASN1InputStream(
+     *       publicKey.getEncoded()).readObject());
+     *   AuthorityKeyIdentifier aki = new AuthorityKeyIdentifier(apki);
+     * </pre>
+     * @deprecated create the extension using org.bouncycastle.cert.X509ExtensionUtils
+     **/
+    public AuthorityKeyIdentifier(
+        SubjectPublicKeyInfo    spki)
+    {
+        // Android-changed: Use Android digests
+        // Digest  digest = new SHA1Digest();
+        Digest  digest = AndroidDigestFactory.getSHA1();
+        byte[]  resBuf = new byte[digest.getDigestSize()];
+
+        byte[] bytes = spki.getPublicKeyData().getBytes();
+        digest.update(bytes, 0, bytes.length);
+        digest.doFinal(resBuf, 0);
+        this.keyidentifier = new DEROctetString(resBuf);
+    }
+
+    /**
+     * create an AuthorityKeyIdentifier with the GeneralNames tag and
+     * the serial number provided as well.
+     * @deprecated create the extension using org.bouncycastle.cert.X509ExtensionUtils
+     */
+    public AuthorityKeyIdentifier(
+        SubjectPublicKeyInfo    spki,
+        GeneralNames            name,
+        BigInteger              serialNumber)
+    {
+        // Android-changed: Use Android digests
+        // Digest  digest = new SHA1Digest();
+        Digest  digest = AndroidDigestFactory.getSHA1();
+        byte[]  resBuf = new byte[digest.getDigestSize()];
+
+        byte[] bytes = spki.getPublicKeyData().getBytes();
+        digest.update(bytes, 0, bytes.length);
+        digest.doFinal(resBuf, 0);
+
+        this.keyidentifier = new DEROctetString(resBuf);
+        this.certissuer = GeneralNames.getInstance(name.toASN1Primitive());
+        this.certserno = new ASN1Integer(serialNumber);
+    }
+
+    /**
+     * create an AuthorityKeyIdentifier with the GeneralNames tag and
+     * the serial number provided.
+     */
+    public AuthorityKeyIdentifier(
+        GeneralNames            name,
+        BigInteger              serialNumber)
+    {
+        this((byte[])null, name, serialNumber);
+    }
+
+    /**
+      * create an AuthorityKeyIdentifier with a precomputed key identifier
+      */
+     public AuthorityKeyIdentifier(
+         byte[]                  keyIdentifier)
+     {
+         this(keyIdentifier, null, null);
+     }
+
+    /**
+     * create an AuthorityKeyIdentifier with a precomputed key identifier
+     * and the GeneralNames tag and the serial number provided as well.
+     */
+    public AuthorityKeyIdentifier(
+        byte[]                  keyIdentifier,
+        GeneralNames            name,
+        BigInteger              serialNumber)
+    {
+        this.keyidentifier = (keyIdentifier != null) ? new DEROctetString(keyIdentifier) : null;
+        this.certissuer = name;
+        this.certserno = (serialNumber != null) ? new ASN1Integer(serialNumber) : null;
+    }
+    
+    public byte[] getKeyIdentifier()
+    {
+        if (keyidentifier != null)
+        {
+            return keyidentifier.getOctets();
+        }
+
+        return null;
+    }
+
+    public GeneralNames getAuthorityCertIssuer()
+    {
+        return certissuer;
+    }
+    
+    public BigInteger getAuthorityCertSerialNumber()
+    {
+        if (certserno != null)
+        {
+            return certserno.getValue();
+        }
+        
+        return null;
+    }
+    
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        if (keyidentifier != null)
+        {
+            v.add(new DERTaggedObject(false, 0, keyidentifier));
+        }
+
+        if (certissuer != null)
+        {
+            v.add(new DERTaggedObject(false, 1, certissuer));
+        }
+
+        if (certserno != null)
+        {
+            v.add(new DERTaggedObject(false, 2, certserno));
+        }
+
+
+        return new DERSequence(v);
+    }
+
+    public String toString()
+    {
+        return ("AuthorityKeyIdentifier: KeyID(" + ((keyidentifier != null) ? Hex.toHexString(this.keyidentifier.getOctets()) : "null") + ")");
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/BasicConstraints.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/BasicConstraints.java
new file mode 100644
index 0000000..e61cf0f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/BasicConstraints.java

@@ -0,0 +1,170 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.asn1.ASN1Boolean;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public class BasicConstraints
+    extends ASN1Object
+{
+    ASN1Boolean  cA = ASN1Boolean.getInstance(false);
+    ASN1Integer  pathLenConstraint = null;
+
+    public static BasicConstraints getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    @libcore.api.CorePlatformApi
+    public static BasicConstraints getInstance(
+        Object  obj)
+    {
+        if (obj instanceof BasicConstraints)
+        {
+            return (BasicConstraints)obj;
+        }
+        if (obj instanceof X509Extension)
+        {
+            return getInstance(X509Extension.convertValueToObject((X509Extension)obj));
+        }
+        if (obj != null)
+        {
+            return new BasicConstraints(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    public static BasicConstraints fromExtensions(Extensions extensions)
+    {
+        return BasicConstraints.getInstance(extensions.getExtensionParsedValue(Extension.basicConstraints));
+    }
+
+    private BasicConstraints(
+        ASN1Sequence   seq)
+    {
+        if (seq.size() == 0)
+        {
+            this.cA = null;
+            this.pathLenConstraint = null;
+        }
+        else
+        {
+            if (seq.getObjectAt(0) instanceof ASN1Boolean)
+            {
+                this.cA = ASN1Boolean.getInstance(seq.getObjectAt(0));
+            }
+            else
+            {
+                this.cA = null;
+                this.pathLenConstraint = ASN1Integer.getInstance(seq.getObjectAt(0));
+            }
+            if (seq.size() > 1)
+            {
+                if (this.cA != null)
+                {
+                    this.pathLenConstraint = ASN1Integer.getInstance(seq.getObjectAt(1));
+                }
+                else
+                {
+                    throw new IllegalArgumentException("wrong sequence in constructor");
+                }
+            }
+        }
+    }
+
+    public BasicConstraints(
+        boolean cA)
+    {
+        if (cA)
+        {
+            this.cA = ASN1Boolean.getInstance(true);
+        }
+        else
+        {
+            this.cA = null;
+        }
+        this.pathLenConstraint = null;
+    }
+
+    /**
+     * create a cA=true object for the given path length constraint.
+     * 
+     * @param pathLenConstraint
+     */
+    public BasicConstraints(
+        int     pathLenConstraint)
+    {
+        this.cA = ASN1Boolean.getInstance(true);
+        this.pathLenConstraint = new ASN1Integer(pathLenConstraint);
+    }
+
+    @libcore.api.CorePlatformApi
+    public boolean isCA()
+    {
+        return (cA != null) && cA.isTrue();
+    }
+
+    public BigInteger getPathLenConstraint()
+    {
+        if (pathLenConstraint != null)
+        {
+            return pathLenConstraint.getValue();
+        }
+
+        return null;
+    }
+
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     * <pre>
+     * BasicConstraints := SEQUENCE {
+     *    cA                  BOOLEAN DEFAULT FALSE,
+     *    pathLenConstraint   INTEGER (0..MAX) OPTIONAL
+     * }
+     * </pre>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        if (cA != null)
+        {
+            v.add(cA);
+        }
+
+        if (pathLenConstraint != null)  // yes some people actually do this when cA is false...
+        {
+            v.add(pathLenConstraint);
+        }
+
+        return new DERSequence(v);
+    }
+
+    public String toString()
+    {
+        if (pathLenConstraint == null)
+        {
+            if (cA == null)
+            {
+                return "BasicConstraints: isCa(false)";
+            }
+            return "BasicConstraints: isCa(" + this.isCA() + ")";
+        }
+        return "BasicConstraints: isCa(" + this.isCA() + "), pathLenConstraint = " + pathLenConstraint.getValue();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/CRLDistPoint.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/CRLDistPoint.java
new file mode 100644
index 0000000..ded7d30
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/CRLDistPoint.java

@@ -0,0 +1,110 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class CRLDistPoint
+    extends ASN1Object
+{
+    ASN1Sequence  seq = null;
+
+    public static CRLDistPoint getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static CRLDistPoint fromExtensions(Extensions extensions)
+    {
+        return CRLDistPoint.getInstance(extensions.getExtensionParsedValue(Extension.cRLDistributionPoints));
+    }
+
+    public static CRLDistPoint getInstance(
+        Object  obj)
+    {
+        if (obj instanceof CRLDistPoint)
+        {
+            return (CRLDistPoint)obj;
+        }
+        else if (obj != null)
+        {
+            return new CRLDistPoint(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    private CRLDistPoint(
+        ASN1Sequence seq)
+    {
+        this.seq = seq;
+    }
+    
+    public CRLDistPoint(
+        DistributionPoint[] points)
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        for (int i = 0; i != points.length; i++)
+        {
+            v.add(points[i]);
+        }
+
+        seq = new DERSequence(v);
+    }
+
+    /**
+     * Return the distribution points making up the sequence.
+     * 
+     * @return DistributionPoint[]
+     */
+    public DistributionPoint[] getDistributionPoints()
+    {
+        DistributionPoint[]    dp = new DistributionPoint[seq.size()];
+        
+        for (int i = 0; i != seq.size(); i++)
+        {
+            dp[i] = DistributionPoint.getInstance(seq.getObjectAt(i));
+        }
+        
+        return dp;
+    }
+    
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     * <pre>
+     * CRLDistPoint ::= SEQUENCE SIZE {1..MAX} OF DistributionPoint
+     * </pre>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        return seq;
+    }
+
+    public String toString()
+    {
+        StringBuffer buf = new StringBuffer();
+        String       sep = Strings.lineSeparator();
+
+        buf.append("CRLDistPoint:");
+        buf.append(sep);
+        DistributionPoint dp[] = getDistributionPoints();
+        for (int i = 0; i != dp.length; i++)
+        {
+            buf.append("    ");
+            buf.append(dp[i]);
+            buf.append(sep);
+        }
+        return buf.toString();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/CRLNumber.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/CRLNumber.java
new file mode 100644
index 0000000..c02cec2
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/CRLNumber.java

@@ -0,0 +1,56 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+
+/**
+ * The CRLNumber object.
+ * <pre>
+ * CRLNumber::= INTEGER(0..MAX)
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class CRLNumber
+    extends ASN1Object
+{
+    private BigInteger number;
+
+    public CRLNumber(
+        BigInteger number)
+    {
+        this.number = number;
+    }
+
+    public BigInteger getCRLNumber()
+    {
+        return number;
+    }
+
+    public String toString()
+    {
+        return "CRLNumber: " + getCRLNumber();
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        return new ASN1Integer(number);
+    }
+
+    public static CRLNumber getInstance(Object o)
+    {
+        if (o instanceof CRLNumber)
+        {
+            return (CRLNumber)o;
+        }
+        else if (o != null)
+        {
+            return new CRLNumber(ASN1Integer.getInstance(o).getValue());
+        }
+
+        return null;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/CRLReason.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/CRLReason.java
new file mode 100644
index 0000000..ddd01dc
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/CRLReason.java

@@ -0,0 +1,153 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.math.BigInteger;
+import java.util.Hashtable;
+
+import com.android.org.bouncycastle.asn1.ASN1Enumerated;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.util.Integers;
+
+/**
+ * The CRLReason enumeration.
+ * <pre>
+ * CRLReason ::= ENUMERATED {
+ *  unspecified             (0),
+ *  keyCompromise           (1),
+ *  cACompromise            (2),
+ *  affiliationChanged      (3),
+ *  superseded              (4),
+ *  cessationOfOperation    (5),
+ *  certificateHold         (6),
+ *  removeFromCRL           (8),
+ *  privilegeWithdrawn      (9),
+ *  aACompromise           (10)
+ * }
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class CRLReason
+    extends ASN1Object
+{
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int UNSPECIFIED = 0;
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int KEY_COMPROMISE = 1;
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int CA_COMPROMISE = 2;
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int AFFILIATION_CHANGED = 3;
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int SUPERSEDED = 4;
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int CESSATION_OF_OPERATION  = 5;
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int CERTIFICATE_HOLD = 6;
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int REMOVE_FROM_CRL = 8;
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int PRIVILEGE_WITHDRAWN = 9;
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int AA_COMPROMISE = 10;
+
+    public static final int unspecified = 0;
+    public static final int keyCompromise = 1;
+    public static final int cACompromise = 2;
+    public static final int affiliationChanged = 3;
+    public static final int superseded = 4;
+    public static final int cessationOfOperation  = 5;
+    public static final int certificateHold = 6;
+    // 7 -> unknown
+    public static final int removeFromCRL = 8;
+    public static final int privilegeWithdrawn = 9;
+    public static final int aACompromise = 10;
+
+    private static final String[] reasonString =
+    {
+        "unspecified", "keyCompromise", "cACompromise", "affiliationChanged",
+        "superseded", "cessationOfOperation", "certificateHold", "unknown",
+        "removeFromCRL", "privilegeWithdrawn", "aACompromise"
+    };
+
+    private static final Hashtable table = new Hashtable();
+
+    private ASN1Enumerated value;
+
+    public static CRLReason getInstance(Object o)
+    {
+        if (o instanceof CRLReason)
+        {
+            return (CRLReason)o;
+        }
+        else if (o != null)
+        {
+            return lookup(ASN1Enumerated.getInstance(o).getValue().intValue());
+        }
+
+        return null;
+    }
+
+    private CRLReason(
+        int reason)
+    {
+        value = new ASN1Enumerated(reason);
+    }
+
+    public String toString()
+    {
+        String str;
+        int reason = getValue().intValue();
+        if (reason < 0 || reason > 10)
+        {
+            str = "invalid";
+        }
+        else
+        {
+            str = reasonString[reason];
+        }
+        return "CRLReason: " + str;
+    }
+
+    public BigInteger getValue()
+    {
+        return value.getValue();
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        return value;
+    }
+
+    public static CRLReason lookup(int value)
+    {
+        Integer idx = Integers.valueOf(value);
+
+        if (!table.containsKey(idx))
+        {
+            table.put(idx, new CRLReason(value));
+        }
+
+        return (CRLReason)table.get(idx);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/Certificate.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/Certificate.java
new file mode 100644
index 0000000..1ee3369
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/Certificate.java

@@ -0,0 +1,136 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+
+/**
+ * an X509Certificate structure.
+ * <pre>
+ *  Certificate ::= SEQUENCE {
+ *      tbsCertificate          TBSCertificate,
+ *      signatureAlgorithm      AlgorithmIdentifier,
+ *      signature               BIT STRING
+ *  }
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public class Certificate
+    extends ASN1Object
+{
+    ASN1Sequence  seq;
+    TBSCertificate tbsCert;
+    AlgorithmIdentifier     sigAlgId;
+    DERBitString            sig;
+
+    public static Certificate getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public static Certificate getInstance(
+        Object  obj)
+    {
+        if (obj instanceof Certificate)
+        {
+            return (Certificate)obj;
+        }
+        else if (obj != null)
+        {
+            return new Certificate(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    private Certificate(
+        ASN1Sequence seq)
+    {
+        this.seq = seq;
+
+        //
+        // correct x509 certficate
+        //
+        if (seq.size() == 3)
+        {
+            tbsCert = TBSCertificate.getInstance(seq.getObjectAt(0));
+            sigAlgId = AlgorithmIdentifier.getInstance(seq.getObjectAt(1));
+
+            sig = DERBitString.getInstance(seq.getObjectAt(2));
+        }
+        else
+        {
+            throw new IllegalArgumentException("sequence wrong size for a certificate");
+        }
+    }
+
+    public TBSCertificate getTBSCertificate()
+    {
+        return tbsCert;
+    }
+
+    public ASN1Integer getVersion()
+    {
+        return tbsCert.getVersion();
+    }
+
+    public int getVersionNumber()
+    {
+        return tbsCert.getVersionNumber();
+    }
+
+    public ASN1Integer getSerialNumber()
+    {
+        return tbsCert.getSerialNumber();
+    }
+
+    public X500Name getIssuer()
+    {
+        return tbsCert.getIssuer();
+    }
+
+    public Time getStartDate()
+    {
+        return tbsCert.getStartDate();
+    }
+
+    public Time getEndDate()
+    {
+        return tbsCert.getEndDate();
+    }
+
+    public X500Name getSubject()
+    {
+        return tbsCert.getSubject();
+    }
+
+    public SubjectPublicKeyInfo getSubjectPublicKeyInfo()
+    {
+        return tbsCert.getSubjectPublicKeyInfo();
+    }
+
+    public AlgorithmIdentifier getSignatureAlgorithm()
+    {
+        return sigAlgId;
+    }
+
+    public DERBitString getSignature()
+    {
+        return sig;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        return seq;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/CertificateList.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/CertificateList.java
new file mode 100644
index 0000000..749e268
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/CertificateList.java

@@ -0,0 +1,146 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+
+/**
+ * PKIX RFC-2459
+ *
+ * The X.509 v2 CRL syntax is as follows.  For signature calculation,
+ * the data that is to be signed is ASN.1 DER encoded.
+ *
+ * <pre>
+ * CertificateList  ::=  SEQUENCE  {
+ *      tbsCertList          TBSCertList,
+ *      signatureAlgorithm   AlgorithmIdentifier,
+ *      signatureValue       BIT STRING  }
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class CertificateList
+    extends ASN1Object
+{
+    TBSCertList            tbsCertList;
+    AlgorithmIdentifier    sigAlgId;
+    DERBitString           sig;
+    boolean                isHashCodeSet = false;
+    int                    hashCodeValue;
+
+    public static CertificateList getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static CertificateList getInstance(
+        Object  obj)
+    {
+        if (obj instanceof CertificateList)
+        {
+            return (CertificateList)obj;
+        }
+        else if (obj != null)
+        {
+            return new CertificateList(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    /**
+     * @deprecated use getInstance() method.
+     * @param seq
+     */
+    public CertificateList(
+        ASN1Sequence seq)
+    {
+        if (seq.size() == 3)
+        {
+            tbsCertList = TBSCertList.getInstance(seq.getObjectAt(0));
+            sigAlgId = AlgorithmIdentifier.getInstance(seq.getObjectAt(1));
+            sig = DERBitString.getInstance(seq.getObjectAt(2));
+        }
+        else
+        {
+            throw new IllegalArgumentException("sequence wrong size for CertificateList");
+        }
+    }
+
+    public TBSCertList getTBSCertList()
+    {
+        return tbsCertList;
+    }
+
+    public TBSCertList.CRLEntry[] getRevokedCertificates()
+    {
+        return tbsCertList.getRevokedCertificates();
+    }
+
+    public Enumeration getRevokedCertificateEnumeration()
+    {
+        return tbsCertList.getRevokedCertificateEnumeration();
+    }
+
+    public AlgorithmIdentifier getSignatureAlgorithm()
+    {
+        return sigAlgId;
+    }
+
+    public DERBitString getSignature()
+    {
+        return sig;
+    }
+
+    public int getVersionNumber()
+    {
+        return tbsCertList.getVersionNumber();
+    }
+
+    public X500Name getIssuer()
+    {
+        return tbsCertList.getIssuer();
+    }
+
+    public Time getThisUpdate()
+    {
+        return tbsCertList.getThisUpdate();
+    }
+
+    public Time getNextUpdate()
+    {
+        return tbsCertList.getNextUpdate();
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(tbsCertList);
+        v.add(sigAlgId);
+        v.add(sig);
+
+        return new DERSequence(v);
+    }
+
+    public int hashCode()
+    {
+        if (!isHashCodeSet)
+        {
+            hashCodeValue = super.hashCode();
+            isHashCodeSet = true;
+        }
+
+        return hashCodeValue;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/DSAParameter.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/DSAParameter.java
new file mode 100644
index 0000000..f8ba60b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/DSAParameter.java

@@ -0,0 +1,96 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.math.BigInteger;
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DSAParameter
+    extends ASN1Object
+{
+    ASN1Integer      p, q, g;
+
+    public static DSAParameter getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static DSAParameter getInstance(
+        Object obj)
+    {
+        if (obj instanceof DSAParameter)
+        {
+            return (DSAParameter)obj;
+        }
+        
+        if(obj != null)
+        {
+            return new DSAParameter(ASN1Sequence.getInstance(obj));
+        }
+        
+        return null;
+    }
+
+    public DSAParameter(
+        BigInteger  p,
+        BigInteger  q,
+        BigInteger  g)
+    {
+        this.p = new ASN1Integer(p);
+        this.q = new ASN1Integer(q);
+        this.g = new ASN1Integer(g);
+    }
+
+    private DSAParameter(
+        ASN1Sequence  seq)
+    {
+        if (seq.size() != 3)
+        {
+            throw new IllegalArgumentException("Bad sequence size: " + seq.size());
+        }
+        
+        Enumeration     e = seq.getObjects();
+
+        p = ASN1Integer.getInstance(e.nextElement());
+        q = ASN1Integer.getInstance(e.nextElement());
+        g = ASN1Integer.getInstance(e.nextElement());
+    }
+
+    public BigInteger getP()
+    {
+        return p.getPositiveValue();
+    }
+
+    public BigInteger getQ()
+    {
+        return q.getPositiveValue();
+    }
+
+    public BigInteger getG()
+    {
+        return g.getPositiveValue();
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        v.add(p);
+        v.add(q);
+        v.add(g);
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/DigestInfo.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/DigestInfo.java
new file mode 100644
index 0000000..0bbe596
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/DigestInfo.java

@@ -0,0 +1,90 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * The DigestInfo object.
+ * <pre>
+ * DigestInfo::=SEQUENCE{
+ *          digestAlgorithm  AlgorithmIdentifier,
+ *          digest OCTET STRING }
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DigestInfo
+    extends ASN1Object
+{
+    private byte[]                  digest;
+    private AlgorithmIdentifier     algId;
+
+    public static DigestInfo getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static DigestInfo getInstance(
+        Object  obj)
+    {
+        if (obj instanceof DigestInfo)
+        {
+            return (DigestInfo)obj;
+        }
+        else if (obj != null)
+        {
+            return new DigestInfo(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    public DigestInfo(
+        AlgorithmIdentifier  algId,
+        byte[]               digest)
+    {
+        this.digest = Arrays.clone(digest);
+        this.algId = algId;
+    }
+
+    public DigestInfo(
+        ASN1Sequence  obj)
+    {
+        Enumeration             e = obj.getObjects();
+
+        algId = AlgorithmIdentifier.getInstance(e.nextElement());
+        digest = ASN1OctetString.getInstance(e.nextElement()).getOctets();
+    }
+
+    public AlgorithmIdentifier getAlgorithmId()
+    {
+        return algId;
+    }
+
+    public byte[] getDigest()
+    {
+        return Arrays.clone(digest);
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        v.add(algId);
+        v.add(new DEROctetString(digest));
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/DistributionPoint.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/DistributionPoint.java
new file mode 100644
index 0000000..c6becea
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/DistributionPoint.java

@@ -0,0 +1,164 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * The DistributionPoint object.
+ * <pre>
+ * DistributionPoint ::= SEQUENCE {
+ *      distributionPoint [0] DistributionPointName OPTIONAL,
+ *      reasons           [1] ReasonFlags OPTIONAL,
+ *      cRLIssuer         [2] GeneralNames OPTIONAL
+ * }
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DistributionPoint
+    extends ASN1Object
+{
+    DistributionPointName       distributionPoint;
+    ReasonFlags                 reasons;
+    GeneralNames                cRLIssuer;
+
+    public static DistributionPoint getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static DistributionPoint getInstance(
+        Object obj)
+    {
+        if(obj == null || obj instanceof DistributionPoint) 
+        {
+            return (DistributionPoint)obj;
+        }
+        
+        if(obj instanceof ASN1Sequence) 
+        {
+            return new DistributionPoint((ASN1Sequence)obj);
+        }
+        
+        throw new IllegalArgumentException("Invalid DistributionPoint: " + obj.getClass().getName());
+    }
+
+    public DistributionPoint(
+        ASN1Sequence seq)
+    {
+        for (int i = 0; i != seq.size(); i++)
+        {
+            ASN1TaggedObject    t = ASN1TaggedObject.getInstance(seq.getObjectAt(i));
+            switch (t.getTagNo())
+            {
+            case 0:
+                distributionPoint = DistributionPointName.getInstance(t, true);
+                break;
+            case 1:
+                reasons = new ReasonFlags(DERBitString.getInstance(t, false));
+                break;
+            case 2:
+                cRLIssuer = GeneralNames.getInstance(t, false);
+                break;
+            default:
+                throw new IllegalArgumentException("Unknown tag encountered in structure: " + t.getTagNo());
+            }
+        }
+    }
+    
+    public DistributionPoint(
+        DistributionPointName distributionPoint,
+        ReasonFlags                 reasons,
+        GeneralNames            cRLIssuer)
+    {
+        this.distributionPoint = distributionPoint;
+        this.reasons = reasons;
+        this.cRLIssuer = cRLIssuer;
+    }
+    
+    public DistributionPointName getDistributionPoint()
+    {
+        return distributionPoint;
+    }
+
+    public ReasonFlags getReasons()
+    {
+        return reasons;
+    }
+    
+    public GeneralNames getCRLIssuer()
+    {
+        return cRLIssuer;
+    }
+    
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+        
+        if (distributionPoint != null)
+        {
+            //
+            // as this is a CHOICE it must be explicitly tagged
+            //
+            v.add(new DERTaggedObject(0, distributionPoint));
+        }
+
+        if (reasons != null)
+        {
+            v.add(new DERTaggedObject(false, 1, reasons));
+        }
+
+        if (cRLIssuer != null)
+        {
+            v.add(new DERTaggedObject(false, 2, cRLIssuer));
+        }
+
+        return new DERSequence(v);
+    }
+
+    public String toString()
+    {
+        String       sep = Strings.lineSeparator();
+        StringBuffer buf = new StringBuffer();
+        buf.append("DistributionPoint: [");
+        buf.append(sep);
+        if (distributionPoint != null)
+        {
+            appendObject(buf, sep, "distributionPoint", distributionPoint.toString());
+        }
+        if (reasons != null)
+        {
+            appendObject(buf, sep, "reasons", reasons.toString());
+        }
+        if (cRLIssuer != null)
+        {
+            appendObject(buf, sep, "cRLIssuer", cRLIssuer.toString());
+        }
+        buf.append("]");
+        buf.append(sep);
+        return buf.toString();
+    }
+
+    private void appendObject(StringBuffer buf, String sep, String name, String value)
+    {
+        String       indent = "    ";
+
+        buf.append(indent);
+        buf.append(name);
+        buf.append(":");
+        buf.append(sep);
+        buf.append(indent);
+        buf.append(indent);
+        buf.append(value);
+        buf.append(sep);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/DistributionPointName.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/DistributionPointName.java
new file mode 100644
index 0000000..19ab990
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/DistributionPointName.java

@@ -0,0 +1,141 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1Choice;
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Set;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * The DistributionPointName object.
+ * <pre>
+ * DistributionPointName ::= CHOICE {
+ *     fullName                 [0] GeneralNames,
+ *     nameRelativeToCRLIssuer  [1] RDN
+ * }
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DistributionPointName
+    extends ASN1Object
+    implements ASN1Choice
+{
+    ASN1Encodable        name;
+    int                 type;
+
+    public static final int FULL_NAME = 0;
+    public static final int NAME_RELATIVE_TO_CRL_ISSUER = 1;
+
+    public static DistributionPointName getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1TaggedObject.getInstance(obj, true));
+    }
+
+    public static DistributionPointName getInstance(
+        Object  obj)
+    {
+        if (obj == null || obj instanceof DistributionPointName)
+        {
+            return (DistributionPointName)obj;
+        }
+        else if (obj instanceof ASN1TaggedObject)
+        {
+            return new DistributionPointName((ASN1TaggedObject)obj);
+        }
+
+        throw new IllegalArgumentException("unknown object in factory: " + obj.getClass().getName());
+    }
+
+    public DistributionPointName(
+        int             type,
+        ASN1Encodable   name)
+    {
+        this.type = type;
+        this.name = name;
+    }
+
+    public DistributionPointName(
+        GeneralNames name)
+    {
+        this(FULL_NAME, name);
+    }
+
+    /**
+     * Return the tag number applying to the underlying choice.
+     * 
+     * @return the tag number for this point name.
+     */
+    public int getType()
+    {
+        return this.type;
+    }
+    
+    /**
+     * Return the tagged object inside the distribution point name.
+     * 
+     * @return the underlying choice item.
+     */
+    public ASN1Encodable getName()
+    {
+        return (ASN1Encodable)name;
+    }
+    
+    public DistributionPointName(
+        ASN1TaggedObject    obj)
+    {
+        this.type = obj.getTagNo();
+        
+        if (type == 0)
+        {
+            this.name = GeneralNames.getInstance(obj, false);
+        }
+        else
+        {
+            this.name = ASN1Set.getInstance(obj, false);
+        }
+    }
+    
+    public ASN1Primitive toASN1Primitive()
+    {
+        return new DERTaggedObject(false, type, name);
+    }
+
+    public String toString()
+    {
+        String       sep = Strings.lineSeparator();
+        StringBuffer buf = new StringBuffer();
+        buf.append("DistributionPointName: [");
+        buf.append(sep);
+        if (type == FULL_NAME)
+        {
+            appendObject(buf, sep, "fullName", name.toString());
+        }
+        else
+        {
+            appendObject(buf, sep, "nameRelativeToCRLIssuer", name.toString());
+        }
+        buf.append("]");
+        buf.append(sep);
+        return buf.toString();
+    }
+
+    private void appendObject(StringBuffer buf, String sep, String name, String value)
+    {
+        String       indent = "    ";
+
+        buf.append(indent);
+        buf.append(name);
+        buf.append(":");
+        buf.append(sep);
+        buf.append(indent);
+        buf.append(indent);
+        buf.append(value);
+        buf.append(sep);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/ExtendedKeyUsage.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/ExtendedKeyUsage.java
new file mode 100644
index 0000000..2916fe5
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/ExtendedKeyUsage.java

@@ -0,0 +1,194 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.util.Enumeration;
+import java.util.Hashtable;
+import java.util.Vector;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * The extendedKeyUsage object.
+ * <pre>
+ *      extendedKeyUsage ::= SEQUENCE SIZE (1..MAX) OF KeyPurposeId
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ExtendedKeyUsage
+    extends ASN1Object
+{
+    Hashtable     usageTable = new Hashtable();
+    ASN1Sequence  seq;
+
+    /**
+     * Return an ExtendedKeyUsage from the passed in tagged object.
+     *
+     * @param obj the tagged object containing the ExtendedKeyUsage
+     * @param explicit true if the tagged object should be interpreted as explicitly tagged, false if implicit.
+     * @return the ExtendedKeyUsage contained.
+     */
+    public static ExtendedKeyUsage getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    /**
+     * Return an ExtendedKeyUsage from the passed in object.
+     *
+     * @param obj an ExtendedKeyUsage, some form or encoding of one, or null.
+     * @return  an ExtendedKeyUsage object, or null if null is passed in.
+     */
+    public static ExtendedKeyUsage getInstance(
+        Object obj)
+    {
+        if (obj instanceof ExtendedKeyUsage) 
+        {
+            return (ExtendedKeyUsage)obj;
+        }
+        else if (obj != null)
+        {
+            return new ExtendedKeyUsage(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    /**
+     * Retrieve an ExtendedKeyUsage for a passed in Extensions object, if present.
+     *
+     * @param extensions the extensions object to be examined.
+     * @return  the ExtendedKeyUsage, null if the extension is not present.
+     */
+    public static ExtendedKeyUsage fromExtensions(Extensions extensions)
+    {
+        return ExtendedKeyUsage.getInstance(extensions.getExtensionParsedValue(Extension.extendedKeyUsage));
+    }
+
+    /**
+     * Base constructor, from a single KeyPurposeId.
+     *
+     * @param usage the keyPurposeId to be included.
+     */
+    public ExtendedKeyUsage(
+        KeyPurposeId  usage)
+    {
+        this.seq = new DERSequence(usage);
+
+        this.usageTable.put(usage, usage);
+    }
+    
+    private ExtendedKeyUsage(
+        ASN1Sequence  seq)
+    {
+        this.seq = seq;
+
+        Enumeration e = seq.getObjects();
+
+        while (e.hasMoreElements())
+        {
+            ASN1Encodable o = (ASN1Encodable)e.nextElement();
+            if (!(o.toASN1Primitive() instanceof ASN1ObjectIdentifier))
+            {
+                throw new IllegalArgumentException("Only ASN1ObjectIdentifiers allowed in ExtendedKeyUsage.");
+            }
+            this.usageTable.put(o, o);
+        }
+    }
+
+    /**
+     * Base constructor, from multiple KeyPurposeIds.
+     *
+     * @param usages an array of KeyPurposeIds.
+     */
+    public ExtendedKeyUsage(
+        KeyPurposeId[]  usages)
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        for (int i = 0; i != usages.length; i++)
+        {
+            v.add(usages[i]);
+            this.usageTable.put(usages[i], usages[i]);
+        }
+
+        this.seq = new DERSequence(v);
+    }
+
+    /**
+     * @deprecated use KeyPurposeId[] constructor.
+     */
+    public ExtendedKeyUsage(
+        Vector usages)
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+        Enumeration         e = usages.elements();
+
+        while (e.hasMoreElements())
+        {
+            KeyPurposeId  o = KeyPurposeId.getInstance(e.nextElement());
+
+            v.add(o);
+            this.usageTable.put(o, o);
+        }
+
+        this.seq = new DERSequence(v);
+    }
+
+    /**
+     * Return true if this ExtendedKeyUsage object contains the passed in keyPurposeId.
+     *
+     * @param keyPurposeId  the KeyPurposeId of interest.
+     * @return true if the keyPurposeId is present, false otherwise.
+     */
+    public boolean hasKeyPurposeId(
+        KeyPurposeId keyPurposeId)
+    {
+        return (usageTable.get(keyPurposeId) != null);
+    }
+    
+    /**
+     * Returns all extended key usages.
+     *
+     * @return An array with all key purposes.
+     */
+    public KeyPurposeId[] getUsages()
+    {
+        KeyPurposeId[] temp = new KeyPurposeId[seq.size()];
+
+        int i = 0;
+        for (Enumeration it = seq.getObjects(); it.hasMoreElements();)
+        {
+            temp[i++] = KeyPurposeId.getInstance(it.nextElement());
+        }
+        return temp;
+    }
+
+    /**
+     * Return the number of KeyPurposeIds present in this ExtendedKeyUsage.
+     *
+     * @return the number of KeyPurposeIds
+     */
+    public int size()
+    {
+        return usageTable.size();
+    }
+
+    /**
+     * Return the ASN.1 primitive form of this object.
+     *
+     * @return an ASN1Sequence.
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        return seq;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/Extension.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/Extension.java
new file mode 100644
index 0000000..027a96b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/Extension.java

@@ -0,0 +1,328 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.io.IOException;
+
+import com.android.org.bouncycastle.asn1.ASN1Boolean;
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * an object for the elements in the X.509 V3 extension block.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class Extension
+    extends ASN1Object
+{
+    /**
+     * Subject Directory Attributes
+     */
+    public static final ASN1ObjectIdentifier subjectDirectoryAttributes = new ASN1ObjectIdentifier("2.5.29.9").intern();
+    
+    /**
+     * Subject Key Identifier 
+     */
+    public static final ASN1ObjectIdentifier subjectKeyIdentifier = new ASN1ObjectIdentifier("2.5.29.14").intern();
+
+    /**
+     * Key Usage 
+     */
+    public static final ASN1ObjectIdentifier keyUsage = new ASN1ObjectIdentifier("2.5.29.15").intern();
+
+    /**
+     * Private Key Usage Period 
+     */
+    public static final ASN1ObjectIdentifier privateKeyUsagePeriod = new ASN1ObjectIdentifier("2.5.29.16").intern();
+
+    /**
+     * Subject Alternative Name 
+     */
+    public static final ASN1ObjectIdentifier subjectAlternativeName = new ASN1ObjectIdentifier("2.5.29.17").intern();
+
+    /**
+     * Issuer Alternative Name 
+     */
+    public static final ASN1ObjectIdentifier issuerAlternativeName = new ASN1ObjectIdentifier("2.5.29.18").intern();
+
+    /**
+     * Basic Constraints 
+     */
+    public static final ASN1ObjectIdentifier basicConstraints = new ASN1ObjectIdentifier("2.5.29.19").intern();
+
+    /**
+     * CRL Number 
+     */
+    public static final ASN1ObjectIdentifier cRLNumber = new ASN1ObjectIdentifier("2.5.29.20").intern();
+
+    /**
+     * Reason code 
+     */
+    public static final ASN1ObjectIdentifier reasonCode = new ASN1ObjectIdentifier("2.5.29.21").intern();
+
+    /**
+     * Hold Instruction Code 
+     */
+    public static final ASN1ObjectIdentifier instructionCode = new ASN1ObjectIdentifier("2.5.29.23").intern();
+
+    /**
+     * Invalidity Date 
+     */
+    public static final ASN1ObjectIdentifier invalidityDate = new ASN1ObjectIdentifier("2.5.29.24").intern();
+
+    /**
+     * Delta CRL indicator 
+     */
+    public static final ASN1ObjectIdentifier deltaCRLIndicator = new ASN1ObjectIdentifier("2.5.29.27").intern();
+
+    /**
+     * Issuing Distribution Point 
+     */
+    public static final ASN1ObjectIdentifier issuingDistributionPoint = new ASN1ObjectIdentifier("2.5.29.28").intern();
+
+    /**
+     * Certificate Issuer 
+     */
+    public static final ASN1ObjectIdentifier certificateIssuer = new ASN1ObjectIdentifier("2.5.29.29").intern();
+
+    /**
+     * Name Constraints 
+     */
+    public static final ASN1ObjectIdentifier nameConstraints = new ASN1ObjectIdentifier("2.5.29.30").intern();
+
+    /**
+     * CRL Distribution Points 
+     */
+    public static final ASN1ObjectIdentifier cRLDistributionPoints = new ASN1ObjectIdentifier("2.5.29.31").intern();
+
+    /**
+     * Certificate Policies 
+     */
+    public static final ASN1ObjectIdentifier certificatePolicies = new ASN1ObjectIdentifier("2.5.29.32").intern();
+
+    /**
+     * Policy Mappings 
+     */
+    public static final ASN1ObjectIdentifier policyMappings = new ASN1ObjectIdentifier("2.5.29.33").intern();
+
+    /**
+     * Authority Key Identifier 
+     */
+    public static final ASN1ObjectIdentifier authorityKeyIdentifier = new ASN1ObjectIdentifier("2.5.29.35").intern();
+
+    /**
+     * Policy Constraints 
+     */
+    public static final ASN1ObjectIdentifier policyConstraints = new ASN1ObjectIdentifier("2.5.29.36").intern();
+
+    /**
+     * Extended Key Usage 
+     */
+    public static final ASN1ObjectIdentifier extendedKeyUsage = new ASN1ObjectIdentifier("2.5.29.37").intern();
+
+    /**
+     * Freshest CRL
+     */
+    public static final ASN1ObjectIdentifier freshestCRL = new ASN1ObjectIdentifier("2.5.29.46").intern();
+     
+    /**
+     * Inhibit Any Policy
+     */
+    public static final ASN1ObjectIdentifier inhibitAnyPolicy = new ASN1ObjectIdentifier("2.5.29.54").intern();
+
+    /**
+     * Authority Info Access
+     */
+    public static final ASN1ObjectIdentifier authorityInfoAccess = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.1").intern();
+
+    /**
+     * Subject Info Access
+     */
+    public static final ASN1ObjectIdentifier subjectInfoAccess = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.11").intern();
+    
+    /**
+     * Logo Type
+     */
+    public static final ASN1ObjectIdentifier logoType = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.12").intern();
+
+    /**
+     * BiometricInfo
+     */
+    public static final ASN1ObjectIdentifier biometricInfo = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.2").intern();
+    
+    /**
+     * QCStatements
+     */
+    public static final ASN1ObjectIdentifier qCStatements = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.3").intern();
+
+    /**
+     * Audit identity extension in attribute certificates.
+     */
+    public static final ASN1ObjectIdentifier auditIdentity = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.4").intern();
+    
+    /**
+     * NoRevAvail extension in attribute certificates.
+     */
+    public static final ASN1ObjectIdentifier noRevAvail = new ASN1ObjectIdentifier("2.5.29.56").intern();
+
+    /**
+     * TargetInformation extension in attribute certificates.
+     */
+    public static final ASN1ObjectIdentifier targetInformation = new ASN1ObjectIdentifier("2.5.29.55").intern();
+
+    /**
+     * Expired Certificates on CRL extension
+     */
+    public static final ASN1ObjectIdentifier expiredCertsOnCRL = new ASN1ObjectIdentifier("2.5.29.60").intern();
+
+    private ASN1ObjectIdentifier extnId;
+    private boolean             critical;
+    private ASN1OctetString      value;
+
+    public Extension(
+        ASN1ObjectIdentifier extnId,
+        ASN1Boolean critical,
+        ASN1OctetString value)
+    {
+        this(extnId, critical.isTrue(), value);
+    }
+
+    public Extension(
+        ASN1ObjectIdentifier extnId,
+        boolean critical,
+        byte[] value)
+    {
+        this(extnId, critical, new DEROctetString(value));
+    }
+
+    public Extension(
+        ASN1ObjectIdentifier extnId,
+        boolean critical,
+        ASN1OctetString value)
+    {
+        this.extnId = extnId;
+        this.critical = critical;
+        this.value = value;
+    }
+
+    private Extension(ASN1Sequence seq)
+    {
+        if (seq.size() == 2)
+        {
+            this.extnId = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
+            this.critical = false;
+            this.value = ASN1OctetString.getInstance(seq.getObjectAt(1));
+        }
+        else if (seq.size() == 3)
+        {
+            this.extnId = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
+            this.critical = ASN1Boolean.getInstance(seq.getObjectAt(1)).isTrue();
+            this.value = ASN1OctetString.getInstance(seq.getObjectAt(2));
+        }
+        else
+        {
+            throw new IllegalArgumentException("Bad sequence size: " + seq.size());
+        }
+    }
+
+    public static Extension getInstance(Object obj)
+    {
+        if (obj instanceof Extension)
+        {
+            return (Extension)obj;
+        }
+        else if (obj != null)
+        {
+            return new Extension(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    public ASN1ObjectIdentifier getExtnId()
+    {
+        return extnId;
+    }
+
+    public boolean isCritical()
+    {
+        return critical;
+    }
+
+    public ASN1OctetString getExtnValue()
+    {
+        return value;
+    }
+
+    public ASN1Encodable getParsedValue()
+    {
+        return convertValueToObject(this);
+    }
+
+    public int hashCode()
+    {
+        if (this.isCritical())
+        {
+            return this.getExtnValue().hashCode() ^ this.getExtnId().hashCode();
+        }
+
+        return ~(this.getExtnValue().hashCode() ^ this.getExtnId().hashCode());
+    }
+
+    public boolean equals(
+        Object  o)
+    {
+        if (!(o instanceof Extension))
+        {
+            return false;
+        }
+
+        Extension other = (Extension)o;
+
+        return other.getExtnId().equals(this.getExtnId())
+            && other.getExtnValue().equals(this.getExtnValue())
+            && (other.isCritical() == this.isCritical());
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(extnId);
+
+        if (critical)
+        {
+            v.add(ASN1Boolean.getInstance(true));
+        }
+
+        v.add(value);
+
+        return new DERSequence(v);
+    }
+
+    /**
+     * Convert the value of the passed in extension to an object
+     * @param ext the extension to parse
+     * @return the object the value string contains
+     * @exception IllegalArgumentException if conversion is not possible
+     */
+    private static ASN1Primitive convertValueToObject(
+        Extension ext)
+        throws IllegalArgumentException
+    {
+        try
+        {
+            return ASN1Primitive.fromByteArray(ext.getExtnValue().getOctets());
+        }
+        catch (IOException e)
+        {
+            throw new IllegalArgumentException("can't convert extension: " +  e);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/Extensions.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/Extensions.java
new file mode 100644
index 0000000..54dbcb2
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/Extensions.java

@@ -0,0 +1,231 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.util.Enumeration;
+import java.util.Hashtable;
+import java.util.Vector;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class Extensions
+    extends ASN1Object
+{
+    private Hashtable extensions = new Hashtable();
+    private Vector ordering = new Vector();
+
+    public static Extensions getInstance(
+        ASN1TaggedObject obj,
+        boolean explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static Extensions getInstance(
+        Object obj)
+    {
+        if (obj instanceof Extensions)
+        {
+            return (Extensions)obj;
+        }
+        else if (obj != null)
+        {
+            return new Extensions(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    /**
+     * Constructor from ASN1Sequence.
+     * <p>
+     * The extensions are a list of constructed sequences, either with (OID, OctetString) or (OID, Boolean, OctetString)
+     * </p>
+     */
+    private Extensions(
+        ASN1Sequence seq)
+    {
+        Enumeration e = seq.getObjects();
+
+        while (e.hasMoreElements())
+        {
+            Extension ext = Extension.getInstance(e.nextElement());
+
+            if (extensions.containsKey(ext.getExtnId()))
+            {
+                throw new IllegalArgumentException("repeated extension found: " + ext.getExtnId());
+            }
+            
+            extensions.put(ext.getExtnId(), ext);
+            ordering.addElement(ext.getExtnId());
+        }
+    }
+
+    /**
+     * Base Constructor
+     *
+     * @param extension a single extension.
+     */
+    public Extensions(
+        Extension extension)
+    {
+        this.ordering.addElement(extension.getExtnId());
+        this.extensions.put(extension.getExtnId(), extension);
+    }
+
+    /**
+     * Base Constructor
+     *
+     * @param extensions an array of extensions.
+     */
+    public Extensions(
+        Extension[] extensions)
+    {
+        for (int i = 0; i != extensions.length; i++)
+        {
+            Extension ext = extensions[i];
+
+            this.ordering.addElement(ext.getExtnId());
+            this.extensions.put(ext.getExtnId(), ext);
+        }
+    }
+
+    /**
+     * return an Enumeration of the extension field's object ids.
+     */
+    public Enumeration oids()
+    {
+        return ordering.elements();
+    }
+
+    /**
+     * return the extension represented by the object identifier
+     * passed in.
+     *
+     * @return the extension if it's present, null otherwise.
+     */
+    public Extension getExtension(
+        ASN1ObjectIdentifier oid)
+    {
+        return (Extension)extensions.get(oid);
+    }
+
+    /**
+     * return the parsed value of the extension represented by the object identifier
+     * passed in.
+     *
+     * @return the parsed value of the extension if it's present, null otherwise.
+     */
+    public ASN1Encodable getExtensionParsedValue(ASN1ObjectIdentifier oid)
+    {
+        Extension ext = this.getExtension(oid);
+
+        if (ext != null)
+        {
+            return ext.getParsedValue();
+        }
+
+        return null;
+    }
+
+    /**
+     * <pre>
+     *     Extensions        ::=   SEQUENCE SIZE (1..MAX) OF Extension
+     *
+     *     Extension         ::=   SEQUENCE {
+     *        extnId            EXTENSION.&amp;id ({ExtensionSet}),
+     *        critical          BOOLEAN DEFAULT FALSE,
+     *        extnValue         OCTET STRING }
+     * </pre>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector vec = new ASN1EncodableVector();
+        Enumeration e = ordering.elements();
+
+        while (e.hasMoreElements())
+        {
+            ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement();
+            Extension ext = (Extension)extensions.get(oid);
+
+            vec.add(ext);
+        }
+
+        return new DERSequence(vec);
+    }
+
+    public boolean equivalent(
+        Extensions other)
+    {
+        if (extensions.size() != other.extensions.size())
+        {
+            return false;
+        }
+
+        Enumeration e1 = extensions.keys();
+
+        while (e1.hasMoreElements())
+        {
+            Object key = e1.nextElement();
+
+            if (!extensions.get(key).equals(other.extensions.get(key)))
+            {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
+    public ASN1ObjectIdentifier[] getExtensionOIDs()
+    {
+        return toOidArray(ordering);
+    }
+
+    public ASN1ObjectIdentifier[] getNonCriticalExtensionOIDs()
+    {
+        return getExtensionOIDs(false);
+    }
+
+    public ASN1ObjectIdentifier[] getCriticalExtensionOIDs()
+    {
+        return getExtensionOIDs(true);
+    }
+
+    private ASN1ObjectIdentifier[] getExtensionOIDs(boolean isCritical)
+    {
+        Vector oidVec = new Vector();
+
+        for (int i = 0; i != ordering.size(); i++)
+        {
+            Object oid = ordering.elementAt(i);
+
+            if (((Extension)extensions.get(oid)).isCritical() == isCritical)
+            {
+                oidVec.addElement(oid);
+            }
+        }
+
+        return toOidArray(oidVec);
+    }
+
+    private ASN1ObjectIdentifier[] toOidArray(Vector oidVec)
+    {
+        ASN1ObjectIdentifier[] oids = new ASN1ObjectIdentifier[oidVec.size()];
+
+        for (int i = 0; i != oids.length; i++)
+        {
+            oids[i] = (ASN1ObjectIdentifier)oidVec.elementAt(i);
+        }
+        return oids;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/ExtensionsGenerator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/ExtensionsGenerator.java
new file mode 100644
index 0000000..2aaba54
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/ExtensionsGenerator.java

@@ -0,0 +1,113 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.io.IOException;
+import java.util.Hashtable;
+import java.util.Vector;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+
+/**
+ * Generator for X.509 extensions
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ExtensionsGenerator
+{
+    private Hashtable extensions = new Hashtable();
+    private Vector extOrdering = new Vector();
+
+    /**
+     * Reset the generator
+     */
+    public void reset()
+    {
+        extensions = new Hashtable();
+        extOrdering = new Vector();
+    }
+
+    /**
+     * Add an extension with the given oid and the passed in value to be included
+     * in the OCTET STRING associated with the extension.
+     *
+     * @param oid  OID for the extension.
+     * @param critical  true if critical, false otherwise.
+     * @param value the ASN.1 object to be included in the extension.
+     */
+    public void addExtension(
+        ASN1ObjectIdentifier oid,
+        boolean              critical,
+        ASN1Encodable        value)
+        throws IOException
+    {
+        this.addExtension(oid, critical, value.toASN1Primitive().getEncoded(ASN1Encoding.DER));
+    }
+
+    /**
+     * Add an extension with the given oid and the passed in byte array to be wrapped in the
+     * OCTET STRING associated with the extension.
+     *
+     * @param oid OID for the extension.
+     * @param critical true if critical, false otherwise.
+     * @param value the byte array to be wrapped.
+     */
+    public void addExtension(
+        ASN1ObjectIdentifier oid,
+        boolean             critical,
+        byte[]              value)
+    {
+        if (extensions.containsKey(oid))
+        {
+            throw new IllegalArgumentException("extension " + oid + " already added");
+        }
+
+        extOrdering.addElement(oid);
+        extensions.put(oid, new Extension(oid, critical, new DEROctetString(value)));
+    }
+
+    /**
+     * Add a given extension.
+     *
+     * @param extension the full extension value.
+     */
+    public void addExtension(
+        Extension extension)
+    {
+        if (extensions.containsKey(extension.getExtnId()))
+        {
+            throw new IllegalArgumentException("extension " + extension.getExtnId() + " already added");
+        }
+
+        extOrdering.addElement(extension.getExtnId());
+        extensions.put(extension.getExtnId(), extension);
+    }
+
+    /**
+     * Return true if there are no extension present in this generator.
+     *
+     * @return true if empty, false otherwise
+     */
+    public boolean isEmpty()
+    {
+        return extOrdering.isEmpty();
+    }
+
+    /**
+     * Generate an Extensions object based on the current state of the generator.
+     *
+     * @return  an X09Extensions object.
+     */
+    public Extensions generate()
+    {
+        Extension[] exts = new Extension[extOrdering.size()];
+
+        for (int i = 0; i != extOrdering.size(); i++)
+        {
+            exts[i] = (Extension)extensions.get(extOrdering.elementAt(i));
+        }
+
+        return new Extensions(exts);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/GeneralName.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/GeneralName.java
new file mode 100644
index 0000000..0d344d9
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/GeneralName.java

@@ -0,0 +1,448 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.io.IOException;
+import java.util.StringTokenizer;
+
+import com.android.org.bouncycastle.asn1.ASN1Choice;
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERIA5String;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+import com.android.org.bouncycastle.util.IPAddress;
+
+/**
+ * The GeneralName object.
+ * <pre>
+ * GeneralName ::= CHOICE {
+ *      otherName                       [0]     OtherName,
+ *      rfc822Name                      [1]     IA5String,
+ *      dNSName                         [2]     IA5String,
+ *      x400Address                     [3]     ORAddress,
+ *      directoryName                   [4]     Name,
+ *      ediPartyName                    [5]     EDIPartyName,
+ *      uniformResourceIdentifier       [6]     IA5String,
+ *      iPAddress                       [7]     OCTET STRING,
+ *      registeredID                    [8]     OBJECT IDENTIFIER}
+ *
+ * OtherName ::= SEQUENCE {
+ *      type-id    OBJECT IDENTIFIER,
+ *      value      [0] EXPLICIT ANY DEFINED BY type-id }
+ *
+ * EDIPartyName ::= SEQUENCE {
+ *      nameAssigner            [0]     DirectoryString OPTIONAL,
+ *      partyName               [1]     DirectoryString }
+ * 
+ * Name ::= CHOICE { RDNSequence }
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public class GeneralName
+    extends ASN1Object
+    implements ASN1Choice
+{
+    @libcore.api.CorePlatformApi
+    public static final int otherName                     = 0;
+    public static final int rfc822Name                    = 1;
+    @libcore.api.CorePlatformApi
+    public static final int dNSName                       = 2;
+    public static final int x400Address                   = 3;
+    public static final int directoryName                 = 4;
+    public static final int ediPartyName                  = 5;
+    public static final int uniformResourceIdentifier     = 6;
+    @libcore.api.CorePlatformApi
+    public static final int iPAddress                     = 7;
+    public static final int registeredID                  = 8;
+
+    private ASN1Encodable obj;
+    private int           tag;
+
+    /**
+     * @deprecated use X500Name constructor.
+     * @param dirName
+     */
+        public GeneralName(
+        X509Name  dirName)
+    {
+        this.obj = X500Name.getInstance(dirName);
+        this.tag = 4;
+    }
+
+    public GeneralName(
+        X500Name  dirName)
+    {
+        this.obj = dirName;
+        this.tag = 4;
+    }
+
+    /**
+     * When the subjectAltName extension contains an Internet mail address,
+     * the address MUST be included as an rfc822Name. The format of an
+     * rfc822Name is an "addr-spec" as defined in RFC 822 [RFC 822].
+     *
+     * When the subjectAltName extension contains a domain name service
+     * label, the domain name MUST be stored in the dNSName (an IA5String).
+     * The name MUST be in the "preferred name syntax," as specified by RFC
+     * 1034 [RFC 1034].
+     *
+     * When the subjectAltName extension contains a URI, the name MUST be
+     * stored in the uniformResourceIdentifier (an IA5String). The name MUST
+     * be a non-relative URL, and MUST follow the URL syntax and encoding
+     * rules specified in [RFC 1738].  The name must include both a scheme
+     * (e.g., "http" or "ftp") and a scheme-specific-part.  The scheme-
+     * specific-part must include a fully qualified domain name or IP
+     * address as the host.
+     *
+     * When the subjectAltName extension contains a iPAddress, the address
+     * MUST be stored in the octet string in "network byte order," as
+     * specified in RFC 791 [RFC 791]. The least significant bit (LSB) of
+     * each octet is the LSB of the corresponding byte in the network
+     * address. For IP Version 4, as specified in RFC 791, the octet string
+     * MUST contain exactly four octets.  For IP Version 6, as specified in
+     * RFC 1883, the octet string MUST contain exactly sixteen octets [RFC
+     * 1883].
+     */
+    @libcore.api.CorePlatformApi
+    public GeneralName(
+        int           tag,
+        ASN1Encodable name)
+    {
+        this.obj = name;
+        this.tag = tag;
+    }
+    
+    /**
+     * Create a GeneralName for the given tag from the passed in String.
+     * <p>
+     * This constructor can handle:
+     * <ul>
+     * <li>rfc822Name
+     * <li>iPAddress
+     * <li>directoryName
+     * <li>dNSName
+     * <li>uniformResourceIdentifier
+     * <li>registeredID
+     * </ul>
+     * For x400Address, otherName and ediPartyName there is no common string
+     * format defined.
+     * <p>
+     * Note: A directory name can be encoded in different ways into a byte
+     * representation. Be aware of this if the byte representation is used for
+     * comparing results.
+     *
+     * @param tag tag number
+     * @param name string representation of name
+     * @throws IllegalArgumentException if the string encoding is not correct or     *             not supported.
+     */
+    @libcore.api.CorePlatformApi
+    public GeneralName(
+        int       tag,
+        String    name)
+    {
+        this.tag = tag;
+
+        if (tag == rfc822Name || tag == dNSName || tag == uniformResourceIdentifier)
+        {
+            this.obj = new DERIA5String(name);
+        }
+        else if (tag == registeredID)
+        {
+            this.obj = new ASN1ObjectIdentifier(name);
+        }
+        else if (tag == directoryName)
+        {
+            this.obj = new X500Name(name);
+        }
+        else if (tag == iPAddress)
+        {
+            byte[] enc = toGeneralNameEncoding(name);
+            if (enc != null)
+            {
+                this.obj = new DEROctetString(enc);
+            }
+            else
+            {
+                throw new IllegalArgumentException("IP Address is invalid");
+            }
+        }
+        else
+        {
+            throw new IllegalArgumentException("can't process String for tag: " + tag);
+        }
+    }
+    
+    public static GeneralName getInstance(
+        Object obj)
+    {
+        if (obj == null || obj instanceof GeneralName)
+        {
+            return (GeneralName)obj;
+        }
+
+        if (obj instanceof ASN1TaggedObject)
+        {
+            ASN1TaggedObject    tagObj = (ASN1TaggedObject)obj;
+            int                 tag = tagObj.getTagNo();
+
+            switch (tag)
+            {
+            case otherName:
+                return new GeneralName(tag, ASN1Sequence.getInstance(tagObj, false));
+            case rfc822Name:
+                return new GeneralName(tag, DERIA5String.getInstance(tagObj, false));
+            case dNSName:
+                return new GeneralName(tag, DERIA5String.getInstance(tagObj, false));
+            case x400Address:
+                throw new IllegalArgumentException("unknown tag: " + tag);
+            case directoryName:
+                return new GeneralName(tag, X500Name.getInstance(tagObj, true));
+            case ediPartyName:
+                return new GeneralName(tag, ASN1Sequence.getInstance(tagObj, false));
+            case uniformResourceIdentifier:
+                return new GeneralName(tag, DERIA5String.getInstance(tagObj, false));
+            case iPAddress:
+                return new GeneralName(tag, ASN1OctetString.getInstance(tagObj, false));
+            case registeredID:
+                return new GeneralName(tag, ASN1ObjectIdentifier.getInstance(tagObj, false));
+            }
+        }
+
+        if (obj instanceof byte[])
+        {
+            try
+            {
+                return getInstance(ASN1Primitive.fromByteArray((byte[])obj));
+            }
+            catch (IOException e)
+            {
+                throw new IllegalArgumentException("unable to parse encoded general name");
+            }
+        }
+
+        throw new IllegalArgumentException("unknown object in getInstance: " + obj.getClass().getName());
+    }
+
+    public static GeneralName getInstance(
+        ASN1TaggedObject tagObj,
+        boolean          explicit)
+    {
+        return GeneralName.getInstance(ASN1TaggedObject.getInstance(tagObj, true));
+    }
+
+    @libcore.api.CorePlatformApi
+    public int getTagNo()
+    {
+        return tag;
+    }
+
+    public ASN1Encodable getName()
+    {
+        return obj;
+    }
+
+    public String toString()
+    {
+        StringBuffer buf = new StringBuffer();
+
+        buf.append(tag);
+        buf.append(": ");
+        switch (tag)
+        {
+        case rfc822Name:
+        case dNSName:
+        case uniformResourceIdentifier:
+            buf.append(DERIA5String.getInstance(obj).getString());
+            break;
+        case directoryName:
+            buf.append(X500Name.getInstance(obj).toString());
+            break;
+        default:
+            buf.append(obj.toString());
+        }
+        return buf.toString();
+    }
+
+    private byte[] toGeneralNameEncoding(String ip)
+    {
+        if (IPAddress.isValidIPv6WithNetmask(ip) || IPAddress.isValidIPv6(ip))
+        {
+            int    slashIndex = ip.indexOf('/');
+
+            if (slashIndex < 0)
+            {
+                byte[] addr = new byte[16];
+                int[]  parsedIp = parseIPv6(ip);
+                copyInts(parsedIp, addr, 0);
+
+                return addr;
+            }
+            else
+            {
+                byte[] addr = new byte[32];
+                int[]  parsedIp = parseIPv6(ip.substring(0, slashIndex));
+                copyInts(parsedIp, addr, 0);
+                String mask = ip.substring(slashIndex + 1);
+                if (mask.indexOf(':') > 0)
+                {
+                    parsedIp = parseIPv6(mask);
+                }
+                else
+                {
+                    parsedIp = parseMask(mask);
+                }
+                copyInts(parsedIp, addr, 16);
+
+                return addr;
+            }
+        }
+        else if (IPAddress.isValidIPv4WithNetmask(ip) || IPAddress.isValidIPv4(ip))
+        {
+            int    slashIndex = ip.indexOf('/');
+
+            if (slashIndex < 0)
+            {
+                byte[] addr = new byte[4];
+
+                parseIPv4(ip, addr, 0);
+
+                return addr;
+            }
+            else
+            {
+                byte[] addr = new byte[8];
+
+                parseIPv4(ip.substring(0, slashIndex), addr, 0);
+
+                String mask = ip.substring(slashIndex + 1);
+                if (mask.indexOf('.') > 0)
+                {
+                    parseIPv4(mask, addr, 4);
+                }
+                else
+                {
+                    parseIPv4Mask(mask, addr, 4);
+                }
+
+                return addr;
+            }
+        }
+
+        return null;
+    }
+
+    private void parseIPv4Mask(String mask, byte[] addr, int offset)
+    {
+        int   maskVal = Integer.parseInt(mask);
+
+        for (int i = 0; i != maskVal; i++)
+        {
+            addr[(i / 8) + offset] |= 1 << (7 - (i % 8));
+        }
+    }
+
+    private void parseIPv4(String ip, byte[] addr, int offset)
+    {
+        StringTokenizer sTok = new StringTokenizer(ip, "./");
+        int    index = 0;
+
+        while (sTok.hasMoreTokens())
+        {
+            addr[offset + index++] = (byte)Integer.parseInt(sTok.nextToken());
+        }
+    }
+
+    private int[] parseMask(String mask)
+    {
+        int[] res = new int[8];
+        int   maskVal = Integer.parseInt(mask);
+
+        for (int i = 0; i != maskVal; i++)
+        {
+            res[i / 16] |= 1 << (15 - (i % 16));
+        }
+        return res;
+    }
+
+    private void copyInts(int[] parsedIp, byte[] addr, int offSet)
+    {
+        for (int i = 0; i != parsedIp.length; i++)
+        {
+            addr[(i * 2) + offSet] = (byte)(parsedIp[i] >> 8);
+            addr[(i * 2 + 1) + offSet] = (byte)parsedIp[i];
+        }
+    }
+
+    private int[] parseIPv6(String ip)
+    {
+        StringTokenizer sTok = new StringTokenizer(ip, ":", true);
+        int index = 0;
+        int[] val = new int[8];
+
+        if (ip.charAt(0) == ':' && ip.charAt(1) == ':')
+        {
+           sTok.nextToken(); // skip the first one
+        }
+
+        int doubleColon = -1;
+
+        while (sTok.hasMoreTokens())
+        {
+            String e = sTok.nextToken();
+
+            if (e.equals(":"))
+            {
+                doubleColon = index;
+                val[index++] = 0;
+            }
+            else
+            {
+                if (e.indexOf('.') < 0)
+                {
+                    val[index++] = Integer.parseInt(e, 16);
+                    if (sTok.hasMoreTokens())
+                    {
+                        sTok.nextToken();
+                    }
+                }
+                else
+                {
+                    StringTokenizer eTok = new StringTokenizer(e, ".");
+
+                    val[index++] = (Integer.parseInt(eTok.nextToken()) << 8) | Integer.parseInt(eTok.nextToken());
+                    val[index++] = (Integer.parseInt(eTok.nextToken()) << 8) | Integer.parseInt(eTok.nextToken());
+                }
+            }
+        }
+
+        if (index != val.length)
+        {
+            System.arraycopy(val, doubleColon, val, val.length - (index - doubleColon), index - doubleColon);
+            for (int i = doubleColon; i != val.length - (index - doubleColon); i++)
+            {
+                val[i] = 0;
+            }
+        }
+
+        return val;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        if (tag == directoryName)       // directoryName is explicitly tagged as it is a CHOICE
+        {
+            return new DERTaggedObject(true, tag, obj);
+        }
+        else
+        {
+            return new DERTaggedObject(false, tag, obj);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/GeneralNames.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/GeneralNames.java
new file mode 100644
index 0000000..5d4ae50
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/GeneralNames.java

@@ -0,0 +1,118 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class GeneralNames
+    extends ASN1Object
+{
+    private final GeneralName[] names;
+
+    public static GeneralNames getInstance(
+        Object  obj)
+    {
+        if (obj instanceof GeneralNames)
+        {
+            return (GeneralNames)obj;
+        }
+
+        if (obj != null)
+        {
+            return new GeneralNames(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    public static GeneralNames getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static GeneralNames fromExtensions(Extensions extensions, ASN1ObjectIdentifier extOID)
+    {
+        return GeneralNames.getInstance(extensions.getExtensionParsedValue(extOID));
+    }
+
+    /**
+     * Construct a GeneralNames object containing one GeneralName.
+     * 
+     * @param name the name to be contained.
+     */
+    public GeneralNames(
+        GeneralName  name)
+    {
+        this.names = new GeneralName[] { name };
+    }
+
+
+    public GeneralNames(
+        GeneralName[]  names)
+    {
+        this.names = copy(names);
+    }
+
+    private GeneralNames(
+        ASN1Sequence  seq)
+    {
+        this.names = new GeneralName[seq.size()];
+
+        for (int i = 0; i != seq.size(); i++)
+        {
+            names[i] = GeneralName.getInstance(seq.getObjectAt(i));
+        }
+    }
+
+    public GeneralName[] getNames()
+    {
+        return copy(names);
+    }
+
+    private GeneralName[] copy(GeneralName[] nms)
+    {
+        GeneralName[] tmp = new GeneralName[nms.length];
+
+        System.arraycopy(nms, 0, tmp, 0, tmp.length);
+
+        return tmp;
+    }
+
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     * <pre>
+     * GeneralNames ::= SEQUENCE SIZE {1..MAX} OF GeneralName
+     * </pre>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        return new DERSequence(names);
+    }
+
+    public String toString()
+    {
+        StringBuffer  buf = new StringBuffer();
+        String        sep = Strings.lineSeparator();
+
+        buf.append("GeneralNames:");
+        buf.append(sep);
+
+        for (int i = 0; i != names.length; i++)
+        {
+            buf.append("    ");
+            buf.append(names[i]);
+            buf.append(sep);
+        }
+        return buf.toString();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/GeneralSubtree.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/GeneralSubtree.java
new file mode 100644
index 0000000..4e24d59
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/GeneralSubtree.java

@@ -0,0 +1,220 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+
+/**
+ * Class for containing a restriction object subtrees in NameConstraints. See
+ * RFC 3280.
+ * 
+ * <pre>
+ *       
+ *       GeneralSubtree ::= SEQUENCE 
+ *       {
+ *         base                    GeneralName,
+ *         minimum         [0]     BaseDistance DEFAULT 0,
+ *         maximum         [1]     BaseDistance OPTIONAL 
+ *       }
+ * </pre>
+ * 
+ * @see com.android.org.bouncycastle.asn1.x509.NameConstraints
+ * @hide This class is not part of the Android public SDK API
+ * 
+ */
+public class GeneralSubtree 
+    extends ASN1Object
+{
+    private static final BigInteger ZERO = BigInteger.valueOf(0);
+
+    private GeneralName base;
+
+    private ASN1Integer minimum;
+
+    private ASN1Integer maximum;
+
+    private GeneralSubtree(
+        ASN1Sequence seq) 
+    {
+        base = GeneralName.getInstance(seq.getObjectAt(0));
+
+        switch (seq.size()) 
+        {
+        case 1:
+            break;
+        case 2:
+            ASN1TaggedObject o = ASN1TaggedObject.getInstance(seq.getObjectAt(1));
+            switch (o.getTagNo()) 
+            {
+            case 0:
+                minimum = ASN1Integer.getInstance(o, false);
+                break;
+            case 1:
+                maximum = ASN1Integer.getInstance(o, false);
+                break;
+            default:
+                throw new IllegalArgumentException("Bad tag number: "
+                        + o.getTagNo());
+            }
+            break;
+        case 3:
+        {
+            {
+                ASN1TaggedObject oMin = ASN1TaggedObject.getInstance(seq.getObjectAt(1));
+                if (oMin.getTagNo() != 0)
+                {
+                    throw new IllegalArgumentException("Bad tag number for 'minimum': " + oMin.getTagNo());
+                }
+                minimum = ASN1Integer.getInstance(oMin, false);
+            }
+
+            {
+                ASN1TaggedObject oMax = ASN1TaggedObject.getInstance(seq.getObjectAt(2));
+                if (oMax.getTagNo() != 1)
+                {
+                    throw new IllegalArgumentException("Bad tag number for 'maximum': " + oMax.getTagNo());
+                }
+                maximum = ASN1Integer.getInstance(oMax, false);
+            }
+
+            break;
+        }
+        default:
+            throw new IllegalArgumentException("Bad sequence size: "
+                    + seq.size());
+        }
+    }
+
+    /**
+     * Constructor from a given details.
+     * 
+     * According RFC 3280, the minimum and maximum fields are not used with any
+     * name forms, thus minimum MUST be zero, and maximum MUST be absent.
+     * <p>
+     * If minimum is <code>null</code>, zero is assumed, if
+     * maximum is <code>null</code>, maximum is absent.
+     * 
+     * @param base
+     *            A restriction.
+     * @param minimum
+     *            Minimum
+     * 
+     * @param maximum
+     *            Maximum
+     */
+    public GeneralSubtree(
+        GeneralName base,
+        BigInteger minimum,
+        BigInteger maximum)
+    {
+        this.base = base;
+        if (maximum != null)
+        {
+            this.maximum = new ASN1Integer(maximum);
+        }
+        if (minimum == null)
+        {
+            this.minimum = null;
+        }
+        else
+        {
+            this.minimum = new ASN1Integer(minimum);
+        }
+    }
+
+    public GeneralSubtree(GeneralName base)
+    {
+        this(base, null, null);
+    }
+
+    public static GeneralSubtree getInstance(
+        ASN1TaggedObject o,
+        boolean explicit)
+    {
+        return new GeneralSubtree(ASN1Sequence.getInstance(o, explicit));
+    }
+
+    public static GeneralSubtree getInstance(
+        Object obj)
+    {
+        if (obj == null)
+        {
+            return null;
+        }
+
+        if (obj instanceof GeneralSubtree)
+        {
+            return (GeneralSubtree) obj;
+        }
+
+        return new GeneralSubtree(ASN1Sequence.getInstance(obj));
+    }
+
+    public GeneralName getBase()
+    {
+        return base;
+    }
+
+    public BigInteger getMinimum()
+    {
+        if (minimum == null)
+        {
+            return ZERO;
+        }
+
+        return minimum.getValue();
+    }
+
+    public BigInteger getMaximum()
+    {
+        if (maximum == null)
+        {
+            return null;
+        }
+
+        return maximum.getValue();
+    }
+
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     * 
+     * Returns:
+     * 
+     * <pre>
+     *       GeneralSubtree ::= SEQUENCE 
+     *       {
+     *         base                    GeneralName,
+     *         minimum         [0]     BaseDistance DEFAULT 0,
+     *         maximum         [1]     BaseDistance OPTIONAL 
+     *       }
+     * </pre>
+     * 
+     * @return a ASN1Primitive
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(base);
+
+        if (minimum != null && !minimum.getValue().equals(ZERO))
+        {
+            v.add(new DERTaggedObject(false, 0, minimum));
+        }
+
+        if (maximum != null)
+        {
+            v.add(new DERTaggedObject(false, 1, maximum));
+        }
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/Holder.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/Holder.java
new file mode 100644
index 0000000..c22b33f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/Holder.java

@@ -0,0 +1,247 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+
+/**
+ * The Holder object.
+ * <p>
+ * For an v2 attribute certificate this is:
+ * 
+ * <pre>
+ *            Holder ::= SEQUENCE {
+ *                  baseCertificateID   [0] IssuerSerial OPTIONAL,
+ *                           -- the issuer and serial number of
+ *                           -- the holder's Public Key Certificate
+ *                  entityName          [1] GeneralNames OPTIONAL,
+ *                           -- the name of the claimant or role
+ *                  objectDigestInfo    [2] ObjectDigestInfo OPTIONAL
+ *                           -- used to directly authenticate the holder,
+ *                           -- for example, an executable
+ *            }
+ * </pre>
+ * 
+ * <p>
+ * For an v1 attribute certificate this is:
+ * 
+ * <pre>
+ *         subject CHOICE {
+ *          baseCertificateID [0] EXPLICIT IssuerSerial,
+ *          -- associated with a Public Key Certificate
+ *          subjectName [1] EXPLICIT GeneralNames },
+ *          -- associated with a name
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class Holder
+    extends ASN1Object
+{
+    public static final int V1_CERTIFICATE_HOLDER = 0;
+    public static final int V2_CERTIFICATE_HOLDER = 1;
+
+    IssuerSerial baseCertificateID;
+
+    GeneralNames entityName;
+
+    ObjectDigestInfo objectDigestInfo;
+
+    private int version = V2_CERTIFICATE_HOLDER;
+
+    public static Holder getInstance(Object obj)
+    {
+        if (obj instanceof Holder)
+        {
+            return (Holder)obj;
+        }
+        else if (obj instanceof ASN1TaggedObject)
+        {
+            return new Holder(ASN1TaggedObject.getInstance(obj));
+        }
+        else if (obj != null)
+        {
+            return new Holder(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    /**
+     * Constructor for a holder for an V1 attribute certificate.
+     * 
+     * @param tagObj The ASN.1 tagged holder object.
+     */
+    private Holder(ASN1TaggedObject tagObj)
+    {
+        switch (tagObj.getTagNo())
+        {
+        case 0:
+            baseCertificateID = IssuerSerial.getInstance(tagObj, true);
+            break;
+        case 1:
+            entityName = GeneralNames.getInstance(tagObj, true);
+            break;
+        default:
+            throw new IllegalArgumentException("unknown tag in Holder");
+        }
+        version = 0;
+    }
+
+    /**
+     * Constructor for a holder for an V2 attribute certificate.
+     * 
+     * @param seq The ASN.1 sequence.
+     */
+    private Holder(ASN1Sequence seq)
+    {
+        if (seq.size() > 3)
+        {
+            throw new IllegalArgumentException("Bad sequence size: "
+                + seq.size());
+        }
+
+        for (int i = 0; i != seq.size(); i++)
+        {
+            ASN1TaggedObject tObj = ASN1TaggedObject.getInstance(seq
+                .getObjectAt(i));
+
+            switch (tObj.getTagNo())
+            {
+            case 0:
+                baseCertificateID = IssuerSerial.getInstance(tObj, false);
+                break;
+            case 1:
+                entityName = GeneralNames.getInstance(tObj, false);
+                break;
+            case 2:
+                objectDigestInfo = ObjectDigestInfo.getInstance(tObj, false);
+                break;
+            default:
+                throw new IllegalArgumentException("unknown tag in Holder");
+            }
+        }
+        version = 1;
+    }
+
+    public Holder(IssuerSerial baseCertificateID)
+    {
+        this(baseCertificateID, V2_CERTIFICATE_HOLDER);
+    }
+
+    /**
+     * Constructs a holder from a IssuerSerial for a V1 or V2 certificate.
+     * .
+     * @param baseCertificateID The IssuerSerial.
+     * @param version The version of the attribute certificate. 
+     */
+    public Holder(IssuerSerial baseCertificateID, int version)
+    {
+        this.baseCertificateID = baseCertificateID;
+        this.version = version;
+    }
+    
+    /**
+     * Returns 1 for V2 attribute certificates or 0 for V1 attribute
+     * certificates. 
+     * @return The version of the attribute certificate.
+     */
+    public int getVersion()
+    {
+        return version;
+    }
+
+    /**
+     * Constructs a holder with an entityName for V2 attribute certificates.
+     * 
+     * @param entityName The entity or subject name.
+     */
+    public Holder(GeneralNames entityName)
+    {
+        this(entityName, V2_CERTIFICATE_HOLDER);
+    }
+
+    /**
+     * Constructs a holder with an entityName for V2 attribute certificates or
+     * with a subjectName for V1 attribute certificates.
+     * 
+     * @param entityName The entity or subject name.
+     * @param version The version of the attribute certificate. 
+     */
+    public Holder(GeneralNames entityName, int version)
+    {
+        this.entityName = entityName;
+        this.version = version;
+    }
+    
+    /**
+     * Constructs a holder from an object digest info.
+     * 
+     * @param objectDigestInfo The object digest info object.
+     */
+    public Holder(ObjectDigestInfo objectDigestInfo)
+    {
+        this.objectDigestInfo = objectDigestInfo;
+    }
+
+    public IssuerSerial getBaseCertificateID()
+    {
+        return baseCertificateID;
+    }
+
+    /**
+     * Returns the entityName for an V2 attribute certificate or the subjectName
+     * for an V1 attribute certificate.
+     * 
+     * @return The entityname or subjectname.
+     */
+    public GeneralNames getEntityName()
+    {
+        return entityName;
+    }
+
+    public ObjectDigestInfo getObjectDigestInfo()
+    {
+        return objectDigestInfo;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        if (version == 1)
+        {
+            ASN1EncodableVector v = new ASN1EncodableVector();
+
+            if (baseCertificateID != null)
+            {
+                v.add(new DERTaggedObject(false, 0, baseCertificateID));
+            }
+
+            if (entityName != null)
+            {
+                v.add(new DERTaggedObject(false, 1, entityName));
+            }
+
+            if (objectDigestInfo != null)
+            {
+                v.add(new DERTaggedObject(false, 2, objectDigestInfo));
+            }
+
+            return new DERSequence(v);
+        }
+        else
+        {
+            if (entityName != null)
+            {
+                return new DERTaggedObject(true, 1, entityName);
+            }
+            else
+            {
+                return new DERTaggedObject(true, 0, baseCertificateID);
+            }
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/IssuerSerial.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/IssuerSerial.java
new file mode 100644
index 0000000..9990388
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/IssuerSerial.java

@@ -0,0 +1,127 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class IssuerSerial
+    extends ASN1Object
+{
+    GeneralNames            issuer;
+    ASN1Integer              serial;
+    DERBitString            issuerUID;
+
+    public static IssuerSerial getInstance(
+            Object  obj)
+    {
+        if (obj instanceof IssuerSerial)
+        {
+            return (IssuerSerial)obj;
+        }
+
+        if (obj != null)
+        {
+            return new IssuerSerial(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    public static IssuerSerial getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+    
+    private IssuerSerial(
+        ASN1Sequence    seq)
+    {
+        if (seq.size() != 2 && seq.size() != 3)
+        {
+            throw new IllegalArgumentException("Bad sequence size: " + seq.size());
+        }
+        
+        issuer = GeneralNames.getInstance(seq.getObjectAt(0));
+        serial = ASN1Integer.getInstance(seq.getObjectAt(1));
+
+        if (seq.size() == 3)
+        {
+            issuerUID = DERBitString.getInstance(seq.getObjectAt(2));
+        }
+    }
+
+    public IssuerSerial(
+        X500Name   issuer,
+        BigInteger serial)
+    {
+        this(new GeneralNames(new GeneralName(issuer)), new ASN1Integer(serial));
+    }
+
+    public IssuerSerial(
+        GeneralNames    issuer,
+        BigInteger serial)
+    {
+        this(issuer, new ASN1Integer(serial));
+    }
+
+    public IssuerSerial(
+        GeneralNames    issuer,
+        ASN1Integer      serial)
+    {
+        this.issuer = issuer;
+        this.serial = serial;
+    }
+
+    public GeneralNames getIssuer()
+    {
+        return issuer;
+    }
+
+    public ASN1Integer getSerial()
+    {
+        return serial;
+    }
+
+    public DERBitString getIssuerUID()
+    {
+        return issuerUID;
+    }
+
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     * <pre>
+     *  IssuerSerial  ::=  SEQUENCE {
+     *       issuer         GeneralNames,
+     *       serial         CertificateSerialNumber,
+     *       issuerUID      UniqueIdentifier OPTIONAL
+     *  }
+     * </pre>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        v.add(issuer);
+        v.add(serial);
+
+        if (issuerUID != null)
+        {
+            v.add(issuerUID);
+        }
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/IssuingDistributionPoint.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/IssuingDistributionPoint.java
new file mode 100644
index 0000000..95d7a29
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/IssuingDistributionPoint.java

@@ -0,0 +1,277 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1Boolean;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * <pre>
+ * IssuingDistributionPoint ::= SEQUENCE { 
+ *   distributionPoint          [0] DistributionPointName OPTIONAL, 
+ *   onlyContainsUserCerts      [1] BOOLEAN DEFAULT FALSE, 
+ *   onlyContainsCACerts        [2] BOOLEAN DEFAULT FALSE, 
+ *   onlySomeReasons            [3] ReasonFlags OPTIONAL, 
+ *   indirectCRL                [4] BOOLEAN DEFAULT FALSE,
+ *   onlyContainsAttributeCerts [5] BOOLEAN DEFAULT FALSE }
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class IssuingDistributionPoint
+    extends ASN1Object
+{
+    private DistributionPointName distributionPoint;
+
+    private boolean onlyContainsUserCerts;
+
+    private boolean onlyContainsCACerts;
+
+    private ReasonFlags onlySomeReasons;
+
+    private boolean indirectCRL;
+
+    private boolean onlyContainsAttributeCerts;
+
+    private ASN1Sequence seq;
+
+    public static IssuingDistributionPoint getInstance(
+        ASN1TaggedObject obj,
+        boolean explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static IssuingDistributionPoint getInstance(
+        Object obj)
+    {
+        if (obj instanceof IssuingDistributionPoint)
+        {
+            return (IssuingDistributionPoint)obj;
+        }
+        else if (obj != null)
+        {
+            return new IssuingDistributionPoint(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    /**
+     * Constructor from given details.
+     * 
+     * @param distributionPoint
+     *            May contain an URI as pointer to most current CRL.
+     * @param onlyContainsUserCerts Covers revocation information for end certificates.
+     * @param onlyContainsCACerts Covers revocation information for CA certificates.
+     * 
+     * @param onlySomeReasons
+     *            Which revocation reasons does this point cover.
+     * @param indirectCRL
+     *            If <code>true</code> then the CRL contains revocation
+     *            information about certificates ssued by other CAs.
+     * @param onlyContainsAttributeCerts Covers revocation information for attribute certificates.
+     */
+    public IssuingDistributionPoint(
+        DistributionPointName distributionPoint,
+        boolean onlyContainsUserCerts,
+        boolean onlyContainsCACerts,
+        ReasonFlags onlySomeReasons,
+        boolean indirectCRL,
+        boolean onlyContainsAttributeCerts)
+    {
+        this.distributionPoint = distributionPoint;
+        this.indirectCRL = indirectCRL;
+        this.onlyContainsAttributeCerts = onlyContainsAttributeCerts;
+        this.onlyContainsCACerts = onlyContainsCACerts;
+        this.onlyContainsUserCerts = onlyContainsUserCerts;
+        this.onlySomeReasons = onlySomeReasons;
+
+        ASN1EncodableVector vec = new ASN1EncodableVector();
+        if (distributionPoint != null)
+        {                                    // CHOICE item so explicitly tagged
+            vec.add(new DERTaggedObject(true, 0, distributionPoint));
+        }
+        if (onlyContainsUserCerts)
+        {
+            vec.add(new DERTaggedObject(false, 1, ASN1Boolean.getInstance(true)));
+        }
+        if (onlyContainsCACerts)
+        {
+            vec.add(new DERTaggedObject(false, 2, ASN1Boolean.getInstance(true)));
+        }
+        if (onlySomeReasons != null)
+        {
+            vec.add(new DERTaggedObject(false, 3, onlySomeReasons));
+        }
+        if (indirectCRL)
+        {
+            vec.add(new DERTaggedObject(false, 4, ASN1Boolean.getInstance(true)));
+        }
+        if (onlyContainsAttributeCerts)
+        {
+            vec.add(new DERTaggedObject(false, 5, ASN1Boolean.getInstance(true)));
+        }
+
+        seq = new DERSequence(vec);
+    }
+
+    /**
+     * Shorthand Constructor from given details.
+     *
+     * @param distributionPoint
+     *            May contain an URI as pointer to most current CRL.
+     * @param indirectCRL
+     *            If <code>true</code> then the CRL contains revocation
+     *            information about certificates ssued by other CAs.
+     * @param onlyContainsAttributeCerts Covers revocation information for attribute certificates.
+     */
+    public IssuingDistributionPoint(
+        DistributionPointName distributionPoint,
+        boolean indirectCRL,
+        boolean onlyContainsAttributeCerts)
+    {
+        this(distributionPoint, false, false, null, indirectCRL, onlyContainsAttributeCerts);
+    }
+
+    /**
+     * Constructor from ASN1Sequence
+     */
+    private IssuingDistributionPoint(
+        ASN1Sequence seq)
+    {
+        this.seq = seq;
+
+        for (int i = 0; i != seq.size(); i++)
+        {
+            ASN1TaggedObject o = ASN1TaggedObject.getInstance(seq.getObjectAt(i));
+
+            switch (o.getTagNo())
+            {
+            case 0:
+                                                    // CHOICE so explicit
+                distributionPoint = DistributionPointName.getInstance(o, true);
+                break;
+            case 1:
+                onlyContainsUserCerts = ASN1Boolean.getInstance(o, false).isTrue();
+                break;
+            case 2:
+                onlyContainsCACerts = ASN1Boolean.getInstance(o, false).isTrue();
+                break;
+            case 3:
+                onlySomeReasons = new ReasonFlags(ReasonFlags.getInstance(o, false));
+                break;
+            case 4:
+                indirectCRL = ASN1Boolean.getInstance(o, false).isTrue();
+                break;
+            case 5:
+                onlyContainsAttributeCerts = ASN1Boolean.getInstance(o, false).isTrue();
+                break;
+            default:
+                throw new IllegalArgumentException(
+                        "unknown tag in IssuingDistributionPoint");
+            }
+        }
+    }
+
+    public boolean onlyContainsUserCerts()
+    {
+        return onlyContainsUserCerts;
+    }
+
+    public boolean onlyContainsCACerts()
+    {
+        return onlyContainsCACerts;
+    }
+
+    public boolean isIndirectCRL()
+    {
+        return indirectCRL;
+    }
+
+    public boolean onlyContainsAttributeCerts()
+    {
+        return onlyContainsAttributeCerts;
+    }
+
+    /**
+     * @return Returns the distributionPoint.
+     */
+    public DistributionPointName getDistributionPoint()
+    {
+        return distributionPoint;
+    }
+
+    /**
+     * @return Returns the onlySomeReasons.
+     */
+    public ReasonFlags getOnlySomeReasons()
+    {
+        return onlySomeReasons;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        return seq;
+    }
+
+    public String toString()
+    {
+        String       sep = Strings.lineSeparator();
+        StringBuffer buf = new StringBuffer();
+
+        buf.append("IssuingDistributionPoint: [");
+        buf.append(sep);
+        if (distributionPoint != null)
+        {
+            appendObject(buf, sep, "distributionPoint", distributionPoint.toString());
+        }
+        if (onlyContainsUserCerts)
+        {
+            appendObject(buf, sep, "onlyContainsUserCerts", booleanToString(onlyContainsUserCerts));
+        }
+        if (onlyContainsCACerts)
+        {
+            appendObject(buf, sep, "onlyContainsCACerts", booleanToString(onlyContainsCACerts));
+        }
+        if (onlySomeReasons != null)
+        {
+            appendObject(buf, sep, "onlySomeReasons", onlySomeReasons.toString());
+        }
+        if (onlyContainsAttributeCerts)
+        {
+            appendObject(buf, sep, "onlyContainsAttributeCerts", booleanToString(onlyContainsAttributeCerts));
+        }
+        if (indirectCRL)
+        {
+            appendObject(buf, sep, "indirectCRL", booleanToString(indirectCRL));
+        }
+        buf.append("]");
+        buf.append(sep);
+        return buf.toString();
+    }
+
+    private void appendObject(StringBuffer buf, String sep, String name, String value)
+    {
+        String       indent = "    ";
+
+        buf.append(indent);
+        buf.append(name);
+        buf.append(":");
+        buf.append(sep);
+        buf.append(indent);
+        buf.append(indent);
+        buf.append(value);
+        buf.append(sep);
+    }
+
+    private String booleanToString(boolean value)
+    {
+        return value ? "true" : "false";
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/KeyPurposeId.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/KeyPurposeId.java
new file mode 100644
index 0000000..fbc588a
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/KeyPurposeId.java

@@ -0,0 +1,187 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+
+/**
+ * The KeyPurposeId object.
+ * <pre>
+ *     KeyPurposeId ::= OBJECT IDENTIFIER
+ *
+ *     id-kp ::= OBJECT IDENTIFIER { iso(1) identified-organization(3)
+ *          dod(6) internet(1) security(5) mechanisms(5) pkix(7) 3}
+ *
+ * </pre>
+ * To create a new KeyPurposeId where none of the below suit, use
+ * <pre>
+ *     ASN1ObjectIdentifier newKeyPurposeIdOID = new ASN1ObjectIdentifier("1.3.6.1...");
+ *
+ *     KeyPurposeId newKeyPurposeId = KeyPurposeId.getInstance(newKeyPurposeIdOID);
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class KeyPurposeId
+    extends ASN1Object
+{
+    private static final ASN1ObjectIdentifier id_kp = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.3");
+
+    /**
+     * { 2 5 29 37 0 }
+     */
+    public static final KeyPurposeId anyExtendedKeyUsage = new KeyPurposeId(Extension.extendedKeyUsage.branch("0"));
+
+    /**
+     * { id-kp 1 }
+     */
+    public static final KeyPurposeId id_kp_serverAuth = new KeyPurposeId(id_kp.branch("1"));
+    /**
+     * { id-kp 2 }
+     */
+    public static final KeyPurposeId id_kp_clientAuth = new KeyPurposeId(id_kp.branch("2"));
+    /**
+     * { id-kp 3 }
+     */
+    public static final KeyPurposeId id_kp_codeSigning = new KeyPurposeId(id_kp.branch("3"));
+    /**
+     * { id-kp 4 }
+     */
+    public static final KeyPurposeId id_kp_emailProtection = new KeyPurposeId(id_kp.branch("4"));
+    /**
+     * Usage deprecated by RFC4945 - was { id-kp 5 }
+     */
+    public static final KeyPurposeId id_kp_ipsecEndSystem = new KeyPurposeId(id_kp.branch("5"));
+    /**
+     * Usage deprecated by RFC4945 - was { id-kp 6 }
+     */
+    public static final KeyPurposeId id_kp_ipsecTunnel = new KeyPurposeId(id_kp.branch("6"));
+    /**
+     * Usage deprecated by RFC4945 - was { idkp 7 }
+     */
+    public static final KeyPurposeId id_kp_ipsecUser = new KeyPurposeId(id_kp.branch("7"));
+    /**
+     * { id-kp 8 }
+     */
+    public static final KeyPurposeId id_kp_timeStamping = new KeyPurposeId(id_kp.branch("8"));
+    /**
+     * { id-kp 9 }
+     */
+    public static final KeyPurposeId id_kp_OCSPSigning = new KeyPurposeId(id_kp.branch("9"));
+    /**
+     * { id-kp 10 }
+     */
+    public static final KeyPurposeId id_kp_dvcs = new KeyPurposeId(id_kp.branch("10"));
+    /**
+     * { id-kp 11 }
+     */
+    public static final KeyPurposeId id_kp_sbgpCertAAServerAuth = new KeyPurposeId(id_kp.branch("11"));
+    /**
+     * { id-kp 12 }
+     */
+    public static final KeyPurposeId id_kp_scvp_responder = new KeyPurposeId(id_kp.branch("12"));
+    /**
+     * { id-kp 13 }
+     */
+    public static final KeyPurposeId id_kp_eapOverPPP = new KeyPurposeId(id_kp.branch("13"));
+    /**
+     * { id-kp 14 }
+     */
+    public static final KeyPurposeId id_kp_eapOverLAN = new KeyPurposeId(id_kp.branch("14"));
+    /**
+     * { id-kp 15 }
+     */
+    public static final KeyPurposeId id_kp_scvpServer = new KeyPurposeId(id_kp.branch("15"));
+    /**
+     * { id-kp 16 }
+     */
+    public static final KeyPurposeId id_kp_scvpClient = new KeyPurposeId(id_kp.branch("16"));
+    /**
+     * { id-kp 17 }
+     */
+    public static final KeyPurposeId id_kp_ipsecIKE = new KeyPurposeId(id_kp.branch("17"));
+    /**
+     * { id-kp 18 }
+     */
+    public static final KeyPurposeId id_kp_capwapAC = new KeyPurposeId(id_kp.branch("18"));
+    /**
+     * { id-kp 19 }
+     */
+    public static final KeyPurposeId id_kp_capwapWTP = new KeyPurposeId(id_kp.branch("19"));
+
+    //
+    // microsoft key purpose ids
+    //
+    /**
+     * { 1 3 6 1 4 1 311 20 2 2 }
+     */
+    public static final KeyPurposeId id_kp_smartcardlogon = new KeyPurposeId(new ASN1ObjectIdentifier("1.3.6.1.4.1.311.20.2.2"));
+
+
+    /**
+     *
+     */
+    public static final KeyPurposeId id_kp_macAddress = new KeyPurposeId(new ASN1ObjectIdentifier("1.3.6.1.1.1.1.22"));
+
+
+    /**
+     * Microsoft Server Gated Crypto (msSGC) see http://www.alvestrand.no/objectid/1.3.6.1.4.1.311.10.3.3.html
+     */
+    public static final KeyPurposeId id_kp_msSGC = new KeyPurposeId(new ASN1ObjectIdentifier("1.3.6.1.4.1.311.10.3.3"));
+
+    /**
+     * Netscape Server Gated Crypto (nsSGC) see http://www.alvestrand.no/objectid/2.16.840.1.113730.4.1.html
+     */
+    public static final KeyPurposeId id_kp_nsSGC = new KeyPurposeId(new ASN1ObjectIdentifier("2.16.840.1.113730.4.1"));
+
+
+    private ASN1ObjectIdentifier id;
+
+    private KeyPurposeId(ASN1ObjectIdentifier id)
+    {
+        this.id = id;
+    }
+
+    /**
+     * @param id string representation of an OID.
+     * @deprecated use getInstance and an OID or one of the constants above.
+     */
+    public KeyPurposeId(String id)
+    {
+        this(new ASN1ObjectIdentifier(id));
+    }
+
+    public static KeyPurposeId getInstance(Object o)
+    {
+        if (o instanceof KeyPurposeId)
+        {
+            return (KeyPurposeId)o;
+        }
+        else if (o != null)
+        {
+            return new KeyPurposeId(ASN1ObjectIdentifier.getInstance(o));
+        }
+
+        return null;
+    }
+
+    public ASN1ObjectIdentifier toOID()
+    {
+        return id;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        return id;
+    }
+
+    public String getId()
+    {
+        return id.getId();
+    }
+
+    public String toString()
+    {
+        return id.toString();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/KeyUsage.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/KeyUsage.java
new file mode 100644
index 0000000..b14334b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/KeyUsage.java

@@ -0,0 +1,115 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.DERBitString;
+
+/**
+ * The KeyUsage object.
+ * <pre>
+ *    id-ce-keyUsage OBJECT IDENTIFIER ::=  { id-ce 15 }
+ *
+ *    KeyUsage ::= BIT STRING {
+ *         digitalSignature        (0),
+ *         nonRepudiation          (1),
+ *         keyEncipherment         (2),
+ *         dataEncipherment        (3),
+ *         keyAgreement            (4),
+ *         keyCertSign             (5),
+ *         cRLSign                 (6),
+ *         encipherOnly            (7),
+ *         decipherOnly            (8) }
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class KeyUsage
+    extends ASN1Object
+{
+    public static final int        digitalSignature = (1 << 7); 
+    public static final int        nonRepudiation   = (1 << 6);
+    public static final int        keyEncipherment  = (1 << 5);
+    public static final int        dataEncipherment = (1 << 4);
+    public static final int        keyAgreement     = (1 << 3);
+    public static final int        keyCertSign      = (1 << 2);
+    public static final int        cRLSign          = (1 << 1);
+    public static final int        encipherOnly     = (1 << 0);
+    public static final int        decipherOnly     = (1 << 15);
+
+    private DERBitString bitString;
+
+    public static KeyUsage getInstance(Object obj)   // needs to be DERBitString for other VMs
+    {
+        if (obj instanceof KeyUsage)
+        {
+            return (KeyUsage)obj;
+        }
+        else if (obj != null)
+        {
+            return new KeyUsage(DERBitString.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    public static KeyUsage fromExtensions(Extensions extensions)
+    {
+        return KeyUsage.getInstance(extensions.getExtensionParsedValue(Extension.keyUsage));
+    }
+
+    /**
+     * Basic constructor.
+     * 
+     * @param usage - the bitwise OR of the Key Usage flags giving the
+     * allowed uses for the key.
+     * e.g. (KeyUsage.keyEncipherment | KeyUsage.dataEncipherment)
+     */
+    public KeyUsage(
+        int usage)
+    {
+        this.bitString = new DERBitString(usage);
+    }
+
+    private KeyUsage(
+        DERBitString bitString)
+    {
+        this.bitString = bitString;
+    }
+
+    /**
+     * Return true if a given usage bit is set, false otherwise.
+     *
+     * @param usages combination of usage flags.
+     * @return true if all bits are set, false otherwise.
+     */
+    public boolean hasUsages(int usages)
+    {
+        return (bitString.intValue() & usages) == usages;
+    }
+
+    public byte[] getBytes()
+    {
+        return bitString.getBytes();
+    }
+
+    public int getPadBits()
+    {
+        return bitString.getPadBits();
+    }
+
+    public String toString()
+    {
+        byte[] data = bitString.getBytes();
+
+        if (data.length == 1)
+        {
+            return "KeyUsage: 0x" + Integer.toHexString(data[0] & 0xff);
+        }
+        return "KeyUsage: 0x" + Integer.toHexString((data[1] & 0xff) << 8 | (data[0] & 0xff));
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        return bitString;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/NameConstraintValidator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/NameConstraintValidator.java
new file mode 100644
index 0000000..286a35b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/NameConstraintValidator.java

@@ -0,0 +1,22 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface NameConstraintValidator
+{
+    void checkPermitted(GeneralName name)
+        throws NameConstraintValidatorException;
+
+    void checkExcluded(GeneralName name)
+            throws NameConstraintValidatorException;
+
+    void intersectPermittedSubtree(GeneralSubtree permitted);
+
+    void intersectPermittedSubtree(GeneralSubtree[] permitted);
+
+    void intersectEmptyPermittedSubtree(int nameType);
+
+    void addExcludedSubtree(GeneralSubtree subtree);
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/NameConstraintValidatorException.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/NameConstraintValidatorException.java
new file mode 100644
index 0000000..26d88c0
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/NameConstraintValidatorException.java

@@ -0,0 +1,14 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class NameConstraintValidatorException
+    extends Exception
+{
+    public NameConstraintValidatorException(String msg)
+    {
+        super(msg);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/NameConstraints.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/NameConstraints.java
new file mode 100644
index 0000000..94e3401
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/NameConstraints.java

@@ -0,0 +1,131 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class NameConstraints
+    extends ASN1Object
+{
+    private GeneralSubtree[] permitted, excluded;
+
+    public static NameConstraints getInstance(Object obj)
+    {
+        if (obj instanceof NameConstraints)
+        {
+            return (NameConstraints)obj;
+        }
+        if (obj != null)
+        {
+            return new NameConstraints(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    private NameConstraints(ASN1Sequence seq)
+    {
+        Enumeration e = seq.getObjects();
+        while (e.hasMoreElements())
+        {
+            ASN1TaggedObject o = ASN1TaggedObject.getInstance(e.nextElement());
+            switch (o.getTagNo())
+            {
+            case 0:
+                permitted = createArray(ASN1Sequence.getInstance(o, false));
+                break;
+            case 1:
+                excluded = createArray(ASN1Sequence.getInstance(o, false));
+                break;
+            default:
+                throw new IllegalArgumentException("Unknown tag encountered: " + o.getTagNo());
+            }
+        }
+    }
+
+    /**
+     * Constructor from a given details.
+     * 
+     * <p>
+     * permitted and excluded are arrays of GeneralSubtree objects.
+     * 
+     * @param permitted
+     *            Permitted subtrees
+     * @param excluded
+     *            Excludes subtrees
+     */
+    public NameConstraints(
+        GeneralSubtree[] permitted,
+        GeneralSubtree[] excluded)
+    {
+        this.permitted = cloneSubtree(permitted);
+        this.excluded = cloneSubtree(excluded);
+    }
+
+    private GeneralSubtree[] createArray(ASN1Sequence subtree)
+    {
+        GeneralSubtree[] ar = new GeneralSubtree[subtree.size()];
+
+        for (int i = 0; i != ar.length; i++)
+        {
+            ar[i] = GeneralSubtree.getInstance(subtree.getObjectAt(i));
+        }
+
+        return ar;
+    }
+
+    public GeneralSubtree[] getPermittedSubtrees()
+    {
+        return cloneSubtree(permitted);
+    }
+
+    public GeneralSubtree[] getExcludedSubtrees()
+    {
+        return cloneSubtree(excluded);
+    }
+
+    /*
+     * NameConstraints ::= SEQUENCE { permittedSubtrees [0] GeneralSubtrees
+     * OPTIONAL, excludedSubtrees [1] GeneralSubtrees OPTIONAL }
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        if (permitted != null)
+        {
+            v.add(new DERTaggedObject(false, 0, new DERSequence(permitted)));
+        }
+
+        if (excluded != null)
+        {
+            v.add(new DERTaggedObject(false, 1, new DERSequence(excluded)));
+        }
+
+        return new DERSequence(v);
+    }
+
+    private static GeneralSubtree[] cloneSubtree(GeneralSubtree[] subtrees)
+    {
+        if (subtrees != null)
+        {
+            GeneralSubtree[] rv = new GeneralSubtree[subtrees.length];
+
+            System.arraycopy(subtrees, 0, rv, 0, rv.length);
+
+            return rv;
+        }
+
+        return null;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/ObjectDigestInfo.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/ObjectDigestInfo.java
new file mode 100644
index 0000000..ced50f4
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/ObjectDigestInfo.java

@@ -0,0 +1,192 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Enumerated;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * ObjectDigestInfo ASN.1 structure used in v2 attribute certificates.
+ * 
+ * <pre>
+ *  
+ *    ObjectDigestInfo ::= SEQUENCE {
+ *         digestedObjectType  ENUMERATED {
+ *                 publicKey            (0),
+ *                 publicKeyCert        (1),
+ *                 otherObjectTypes     (2) },
+ *                         -- otherObjectTypes MUST NOT
+ *                         -- be used in this profile
+ *         otherObjectTypeID   OBJECT IDENTIFIER OPTIONAL,
+ *         digestAlgorithm     AlgorithmIdentifier,
+ *         objectDigest        BIT STRING
+ *    }
+ *   
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ * 
+ */
+public class ObjectDigestInfo
+    extends ASN1Object
+{
+    /**
+     * The public key is hashed.
+     */
+    public final static int publicKey = 0;
+
+    /**
+     * The public key certificate is hashed.
+     */
+    public final static int publicKeyCert = 1;
+
+    /**
+     * An other object is hashed.
+     */
+    public final static int otherObjectDigest = 2;
+
+    ASN1Enumerated digestedObjectType;
+
+    ASN1ObjectIdentifier otherObjectTypeID;
+
+    AlgorithmIdentifier digestAlgorithm;
+
+    DERBitString objectDigest;
+
+    public static ObjectDigestInfo getInstance(
+        Object obj)
+    {
+        if (obj instanceof ObjectDigestInfo)
+        {
+            return (ObjectDigestInfo)obj;
+        }
+
+        if (obj != null)
+        {
+            return new ObjectDigestInfo(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    public static ObjectDigestInfo getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    /**
+     * Constructor from given details.
+     * <p>
+     * If <code>digestedObjectType</code> is not {@link #publicKeyCert} or
+     * {@link #publicKey} <code>otherObjectTypeID</code> must be given,
+     * otherwise it is ignored.
+     * 
+     * @param digestedObjectType The digest object type.
+     * @param otherObjectTypeID The object type ID for
+     *            <code>otherObjectDigest</code>.
+     * @param digestAlgorithm The algorithm identifier for the hash.
+     * @param objectDigest The hash value.
+     */
+    public ObjectDigestInfo(
+        int digestedObjectType,
+        ASN1ObjectIdentifier otherObjectTypeID,
+        AlgorithmIdentifier digestAlgorithm,
+        byte[] objectDigest)
+    {
+        this.digestedObjectType = new ASN1Enumerated(digestedObjectType);
+        if (digestedObjectType == otherObjectDigest)
+        {
+            this.otherObjectTypeID = otherObjectTypeID;
+        }
+
+        this.digestAlgorithm = digestAlgorithm;
+        this.objectDigest = new DERBitString(objectDigest);
+    }
+
+    private ObjectDigestInfo(
+        ASN1Sequence seq)
+    {
+        if (seq.size() > 4 || seq.size() < 3)
+        {
+            throw new IllegalArgumentException("Bad sequence size: "
+                + seq.size());
+        }
+
+        digestedObjectType = ASN1Enumerated.getInstance(seq.getObjectAt(0));
+
+        int offset = 0;
+
+        if (seq.size() == 4)
+        {
+            otherObjectTypeID = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(1));
+            offset++;
+        }
+
+        digestAlgorithm = AlgorithmIdentifier.getInstance(seq.getObjectAt(1 + offset));
+
+        objectDigest = DERBitString.getInstance(seq.getObjectAt(2 + offset));
+    }
+
+    public ASN1Enumerated getDigestedObjectType()
+    {
+        return digestedObjectType;
+    }
+
+    public ASN1ObjectIdentifier getOtherObjectTypeID()
+    {
+        return otherObjectTypeID;
+    }
+
+    public AlgorithmIdentifier getDigestAlgorithm()
+    {
+        return digestAlgorithm;
+    }
+
+    public DERBitString getObjectDigest()
+    {
+        return objectDigest;
+    }
+
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     * 
+     * <pre>
+     *  
+     *    ObjectDigestInfo ::= SEQUENCE {
+     *         digestedObjectType  ENUMERATED {
+     *                 publicKey            (0),
+     *                 publicKeyCert        (1),
+     *                 otherObjectTypes     (2) },
+     *                         -- otherObjectTypes MUST NOT
+     *                         -- be used in this profile
+     *         otherObjectTypeID   OBJECT IDENTIFIER OPTIONAL,
+     *         digestAlgorithm     AlgorithmIdentifier,
+     *         objectDigest        BIT STRING
+     *    }
+     *   
+     * </pre>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(digestedObjectType);
+
+        if (otherObjectTypeID != null)
+        {
+            v.add(otherObjectTypeID);
+        }
+
+        v.add(digestAlgorithm);
+        v.add(objectDigest);
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/OtherName.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/OtherName.java
new file mode 100644
index 0000000..cd48c0d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/OtherName.java

@@ -0,0 +1,94 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+
+/**
+ * The OtherName object.
+ * <pre>
+ * OtherName ::= SEQUENCE {
+ *      type-id    OBJECT IDENTIFIER,
+ *      value      [0] EXPLICIT ANY DEFINED BY type-id }
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class OtherName
+    extends ASN1Object
+{
+    private final ASN1ObjectIdentifier typeID;
+    private final ASN1Encodable value;
+
+    /**
+     * OtherName factory method.
+     * @param obj the object used to construct an instance of <code>
+     * OtherName</code>. It must be an instance of <code>OtherName
+     * </code> or <code>ASN1Sequence</code>.
+     * @return the instance of <code>OtherName</code> built from the
+     * supplied object.
+     * @throws java.lang.IllegalArgumentException if the object passed
+     * to the factory is not an instance of <code>OtherName</code> or something that
+     * can be converted into an appropriate <code>ASN1Sequence</code>.
+     */
+    public static OtherName getInstance(
+        Object obj)
+    {
+
+        if (obj instanceof OtherName)
+        {
+            return (OtherName)obj;
+        }
+        else if (obj != null)
+        {
+            return new OtherName(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    /**
+     * Base constructor.
+     * @param typeID the type of the other name.
+     * @param value the ANY object that represents the value.
+     */
+    public OtherName(
+        ASN1ObjectIdentifier typeID,
+        ASN1Encodable value)
+    {
+        this.typeID = typeID;
+        this.value  = value;
+    }
+
+    private OtherName(ASN1Sequence seq)
+    {
+        this.typeID = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
+        this.value = ASN1TaggedObject.getInstance(seq.getObjectAt(1)).getObject(); // explicitly tagged
+    }
+
+    public ASN1ObjectIdentifier getTypeID()
+    {
+        return typeID;
+    }
+
+    public ASN1Encodable getValue()
+    {
+        return value;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(typeID);
+        v.add(new DERTaggedObject(true, 0, value));
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/PKIXNameConstraintValidator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/PKIXNameConstraintValidator.java
new file mode 100644
index 0000000..b434d60
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/PKIXNameConstraintValidator.java

@@ -0,0 +1,2090 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.io.IOException;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.Set;
+
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DERIA5String;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Integers;
+import com.android.org.bouncycastle.util.Strings;
+import com.android.org.bouncycastle.util.encoders.Hex;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PKIXNameConstraintValidator
+    implements NameConstraintValidator
+{
+    private Set excludedSubtreesDN = new HashSet();
+
+    private Set excludedSubtreesDNS = new HashSet();
+
+    private Set excludedSubtreesEmail = new HashSet();
+
+    private Set excludedSubtreesURI = new HashSet();
+
+    private Set excludedSubtreesIP = new HashSet();
+
+    private Set excludedSubtreesOtherName = new HashSet();
+
+    private Set permittedSubtreesDN;
+
+    private Set permittedSubtreesDNS;
+
+    private Set permittedSubtreesEmail;
+
+    private Set permittedSubtreesURI;
+
+    private Set permittedSubtreesIP;
+
+    private Set permittedSubtreesOtherName;
+
+    public PKIXNameConstraintValidator()
+    {
+    }
+
+    /**
+     * Checks if the given GeneralName is in the permitted set.
+     *
+     * @param name The GeneralName
+     * @throws NameConstraintValidatorException If the <code>name</code>
+     */
+    public void checkPermitted(GeneralName name)
+        throws NameConstraintValidatorException
+    {
+        switch (name.getTagNo())
+        {
+        case GeneralName.otherName:
+            checkPermittedOtherName(permittedSubtreesOtherName, OtherName.getInstance(name.getName()));
+            break;
+        case GeneralName.rfc822Name:
+            checkPermittedEmail(permittedSubtreesEmail,
+                extractNameAsString(name));
+            break;
+        case GeneralName.dNSName:
+            checkPermittedDNS(permittedSubtreesDNS, DERIA5String.getInstance(
+                name.getName()).getString());
+            break;
+        case GeneralName.directoryName:
+            checkPermittedDN(X500Name.getInstance(name.getName()));
+            break;
+        case GeneralName.uniformResourceIdentifier:
+            checkPermittedURI(permittedSubtreesURI, DERIA5String.getInstance(
+                name.getName()).getString());
+            break;
+        case GeneralName.iPAddress:
+            byte[] ip = ASN1OctetString.getInstance(name.getName()).getOctets();
+
+            checkPermittedIP(permittedSubtreesIP, ip);
+            break;
+        default:
+            throw new IllegalStateException("Unknown tag encountered: " + name.getTagNo());
+        }
+    }
+
+    /**
+     * Check if the given GeneralName is contained in the excluded set.
+     *
+     * @param name The GeneralName.
+     * @throws NameConstraintValidatorException If the <code>name</code> is
+     * excluded.
+     */
+    public void checkExcluded(GeneralName name)
+        throws NameConstraintValidatorException
+    {
+        switch (name.getTagNo())
+        {
+        case GeneralName.otherName:
+            checkExcludedOtherName(excludedSubtreesOtherName, OtherName.getInstance(name.getName()));
+            break;
+        case GeneralName.rfc822Name:
+            checkExcludedEmail(excludedSubtreesEmail, extractNameAsString(name));
+            break;
+        case GeneralName.dNSName:
+            checkExcludedDNS(excludedSubtreesDNS, DERIA5String.getInstance(
+                name.getName()).getString());
+            break;
+        case GeneralName.directoryName:
+            checkExcludedDN(X500Name.getInstance(name.getName()));
+            break;
+        case GeneralName.uniformResourceIdentifier:
+            checkExcludedURI(excludedSubtreesURI, DERIA5String.getInstance(
+                name.getName()).getString());
+            break;
+        case GeneralName.iPAddress:
+            byte[] ip = ASN1OctetString.getInstance(name.getName()).getOctets();
+
+            checkExcludedIP(excludedSubtreesIP, ip);
+            break;
+        default:
+            throw new IllegalStateException("Unknown tag encountered: " + name.getTagNo());
+        }
+    }
+
+    public void intersectPermittedSubtree(GeneralSubtree permitted)
+    {
+        intersectPermittedSubtree(new GeneralSubtree[]{permitted});
+    }
+
+    /**
+     * Updates the permitted set of these name constraints with the intersection
+     * with the given subtree.
+     *
+     * @param permitted The permitted subtrees
+     */
+    public void intersectPermittedSubtree(GeneralSubtree[] permitted)
+    {
+        Map subtreesMap = new HashMap();
+
+        // group in sets in a map ordered by tag no.
+        for (int i = 0; i != permitted.length; i++)
+        {
+            GeneralSubtree subtree = permitted[i];
+            Integer tagNo = Integers.valueOf(subtree.getBase().getTagNo());
+            if (subtreesMap.get(tagNo) == null)
+            {
+                subtreesMap.put(tagNo, new HashSet());
+            }
+            ((Set)subtreesMap.get(tagNo)).add(subtree);
+        }
+
+        for (Iterator it = subtreesMap.entrySet().iterator(); it.hasNext(); )
+        {
+            Map.Entry entry = (Map.Entry)it.next();
+
+            // go through all subtree groups
+            int nameType = ((Integer)entry.getKey()).intValue();
+            switch (nameType)
+            {
+            case GeneralName.otherName:
+                permittedSubtreesOtherName = intersectOtherName(permittedSubtreesOtherName,
+                    (Set)entry.getValue());
+                break;
+            case GeneralName.rfc822Name:
+                permittedSubtreesEmail = intersectEmail(permittedSubtreesEmail,
+                    (Set)entry.getValue());
+                break;
+            case GeneralName.dNSName:
+                permittedSubtreesDNS = intersectDNS(permittedSubtreesDNS,
+                    (Set)entry.getValue());
+                break;
+            case GeneralName.directoryName:
+                permittedSubtreesDN = intersectDN(permittedSubtreesDN,
+                    (Set)entry.getValue());
+                break;
+            case GeneralName.uniformResourceIdentifier:
+                permittedSubtreesURI = intersectURI(permittedSubtreesURI,
+                    (Set)entry.getValue());
+                break;
+            case GeneralName.iPAddress:
+                permittedSubtreesIP = intersectIP(permittedSubtreesIP,
+                    (Set)entry.getValue());
+                break;
+            default:
+                throw new IllegalStateException("Unknown tag encountered: " + nameType);
+            }
+        }
+    }
+
+    public void intersectEmptyPermittedSubtree(int nameType)
+    {
+        switch (nameType)
+        {
+        case GeneralName.otherName:
+            permittedSubtreesOtherName = new HashSet();
+            break;
+        case GeneralName.rfc822Name:
+            permittedSubtreesEmail = new HashSet();
+            break;
+        case GeneralName.dNSName:
+            permittedSubtreesDNS = new HashSet();
+            break;
+        case GeneralName.directoryName:
+            permittedSubtreesDN = new HashSet();
+            break;
+        case GeneralName.uniformResourceIdentifier:
+            permittedSubtreesURI = new HashSet();
+            break;
+        case GeneralName.iPAddress:
+            permittedSubtreesIP = new HashSet();
+            break;
+        default:
+            throw new IllegalStateException("Unknown tag encountered: " + nameType);
+        }
+    }
+
+    /**
+     * Adds a subtree to the excluded set of these name constraints.
+     *
+     * @param subtree A subtree with an excluded GeneralName.
+     */
+    public void addExcludedSubtree(GeneralSubtree subtree)
+    {
+        GeneralName base = subtree.getBase();
+
+        switch (base.getTagNo())
+        {
+        case GeneralName.otherName:
+            excludedSubtreesOtherName = unionOtherName(excludedSubtreesOtherName,
+                OtherName.getInstance(base.getName()));
+            break;
+        case GeneralName.rfc822Name:
+            excludedSubtreesEmail = unionEmail(excludedSubtreesEmail,
+                extractNameAsString(base));
+            break;
+        case GeneralName.dNSName:
+            excludedSubtreesDNS = unionDNS(excludedSubtreesDNS,
+                extractNameAsString(base));
+            break;
+        case GeneralName.directoryName:
+            excludedSubtreesDN = unionDN(excludedSubtreesDN,
+                (ASN1Sequence)base.getName().toASN1Primitive());
+            break;
+        case GeneralName.uniformResourceIdentifier:
+            excludedSubtreesURI = unionURI(excludedSubtreesURI,
+                extractNameAsString(base));
+            break;
+        case GeneralName.iPAddress:
+            excludedSubtreesIP = unionIP(excludedSubtreesIP, ASN1OctetString
+                .getInstance(base.getName()).getOctets());
+            break;
+        default:
+            throw new IllegalStateException("Unknown tag encountered: " + base.getTagNo());
+        }
+    }
+
+    public int hashCode()
+    {
+        return hashCollection(excludedSubtreesDN)
+            + hashCollection(excludedSubtreesDNS)
+            + hashCollection(excludedSubtreesEmail)
+            + hashCollection(excludedSubtreesIP)
+            + hashCollection(excludedSubtreesURI)
+            + hashCollection(excludedSubtreesOtherName)
+            + hashCollection(permittedSubtreesDN)
+            + hashCollection(permittedSubtreesDNS)
+            + hashCollection(permittedSubtreesEmail)
+            + hashCollection(permittedSubtreesIP)
+            + hashCollection(permittedSubtreesURI)
+            + hashCollection(permittedSubtreesOtherName);
+    }
+
+    public boolean equals(Object o)
+    {
+        if (!(o instanceof PKIXNameConstraintValidator))
+        {
+            return false;
+        }
+        PKIXNameConstraintValidator constraintValidator = (PKIXNameConstraintValidator)o;
+        return collectionsAreEqual(constraintValidator.excludedSubtreesDN, excludedSubtreesDN)
+            && collectionsAreEqual(constraintValidator.excludedSubtreesDNS, excludedSubtreesDNS)
+            && collectionsAreEqual(constraintValidator.excludedSubtreesEmail, excludedSubtreesEmail)
+            && collectionsAreEqual(constraintValidator.excludedSubtreesIP, excludedSubtreesIP)
+            && collectionsAreEqual(constraintValidator.excludedSubtreesURI, excludedSubtreesURI)
+            && collectionsAreEqual(constraintValidator.excludedSubtreesOtherName, excludedSubtreesOtherName)
+            && collectionsAreEqual(constraintValidator.permittedSubtreesDN, permittedSubtreesDN)
+            && collectionsAreEqual(constraintValidator.permittedSubtreesDNS, permittedSubtreesDNS)
+            && collectionsAreEqual(constraintValidator.permittedSubtreesEmail, permittedSubtreesEmail)
+            && collectionsAreEqual(constraintValidator.permittedSubtreesIP, permittedSubtreesIP)
+            && collectionsAreEqual(constraintValidator.permittedSubtreesURI, permittedSubtreesURI)
+            && collectionsAreEqual(constraintValidator.permittedSubtreesOtherName, permittedSubtreesOtherName);
+    }
+
+    public String toString()
+    {
+        String temp = "";
+        temp += "permitted:\n";
+        if (permittedSubtreesDN != null)
+        {
+            temp += "DN:\n";
+            temp += permittedSubtreesDN.toString() + "\n";
+        }
+        if (permittedSubtreesDNS != null)
+        {
+            temp += "DNS:\n";
+            temp += permittedSubtreesDNS.toString() + "\n";
+        }
+        if (permittedSubtreesEmail != null)
+        {
+            temp += "Email:\n";
+            temp += permittedSubtreesEmail.toString() + "\n";
+        }
+        if (permittedSubtreesURI != null)
+        {
+            temp += "URI:\n";
+            temp += permittedSubtreesURI.toString() + "\n";
+        }
+        if (permittedSubtreesIP != null)
+        {
+            temp += "IP:\n";
+            temp += stringifyIPCollection(permittedSubtreesIP) + "\n";
+        }
+        if (permittedSubtreesOtherName != null)
+        {
+            temp += "OtherName:\n";
+            temp += stringifyOtherNameCollection(permittedSubtreesOtherName) + "\n";
+        }
+        temp += "excluded:\n";
+        if (!excludedSubtreesDN.isEmpty())
+        {
+            temp += "DN:\n";
+            temp += excludedSubtreesDN.toString() + "\n";
+        }
+        if (!excludedSubtreesDNS.isEmpty())
+        {
+            temp += "DNS:\n";
+            temp += excludedSubtreesDNS.toString() + "\n";
+        }
+        if (!excludedSubtreesEmail.isEmpty())
+        {
+            temp += "Email:\n";
+            temp += excludedSubtreesEmail.toString() + "\n";
+        }
+        if (!excludedSubtreesURI.isEmpty())
+        {
+            temp += "URI:\n";
+            temp += excludedSubtreesURI.toString() + "\n";
+        }
+        if (!excludedSubtreesIP.isEmpty())
+        {
+            temp += "IP:\n";
+            temp += stringifyIPCollection(excludedSubtreesIP) + "\n";
+        }
+        if (!excludedSubtreesOtherName.isEmpty())
+        {
+            temp += "OtherName:\n";
+            temp += stringifyOtherNameCollection(excludedSubtreesOtherName) + "\n";
+        }
+        return temp;
+    }
+
+    private void checkPermittedDN(X500Name dns)
+        throws NameConstraintValidatorException
+    {
+        checkPermittedDN(permittedSubtreesDN, ASN1Sequence.getInstance(dns.toASN1Primitive()));
+    }
+
+    private void checkExcludedDN(X500Name dns)
+        throws NameConstraintValidatorException
+    {
+        checkExcludedDN(excludedSubtreesDN, ASN1Sequence.getInstance(dns));
+    }
+
+    private static boolean withinDNSubtree(
+        ASN1Sequence dns,
+        ASN1Sequence subtree)
+    {
+        if (subtree.size() < 1)
+        {
+            return false;
+        }
+
+        if (subtree.size() > dns.size())
+        {
+            return false;
+        }
+
+        for (int j = subtree.size() - 1; j >= 0; j--)
+        {
+            if (!subtree.getObjectAt(j).equals(dns.getObjectAt(j)))
+            {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
+    private void checkPermittedDN(Set permitted, ASN1Sequence dns)
+        throws NameConstraintValidatorException
+    {
+        if (permitted == null)
+        {
+            return;
+        }
+
+        if (permitted.isEmpty() && dns.size() == 0)
+        {
+            return;
+        }
+        Iterator it = permitted.iterator();
+
+        while (it.hasNext())
+        {
+            ASN1Sequence subtree = (ASN1Sequence)it.next();
+
+            if (withinDNSubtree(dns, subtree))
+            {
+                return;
+            }
+        }
+
+        throw new NameConstraintValidatorException(
+            "Subject distinguished name is not from a permitted subtree");
+    }
+
+    private void checkExcludedDN(Set excluded, ASN1Sequence dns)
+        throws NameConstraintValidatorException
+    {
+        if (excluded.isEmpty())
+        {
+            return;
+        }
+
+        Iterator it = excluded.iterator();
+
+        while (it.hasNext())
+        {
+            ASN1Sequence subtree = (ASN1Sequence)it.next();
+
+            if (withinDNSubtree(dns, subtree))
+            {
+                throw new NameConstraintValidatorException(
+                    "Subject distinguished name is from an excluded subtree");
+            }
+        }
+    }
+
+    private Set intersectDN(Set permitted, Set dns)
+    {
+        Set intersect = new HashSet();
+        for (Iterator it = dns.iterator(); it.hasNext(); )
+        {
+            ASN1Sequence dn = ASN1Sequence.getInstance(((GeneralSubtree)it
+                .next()).getBase().getName().toASN1Primitive());
+            if (permitted == null)
+            {
+                if (dn != null)
+                {
+                    intersect.add(dn);
+                }
+            }
+            else
+            {
+                Iterator _iter = permitted.iterator();
+                while (_iter.hasNext())
+                {
+                    ASN1Sequence subtree = (ASN1Sequence)_iter.next();
+
+                    if (withinDNSubtree(dn, subtree))
+                    {
+                        intersect.add(dn);
+                    }
+                    else if (withinDNSubtree(subtree, dn))
+                    {
+                        intersect.add(subtree);
+                    }
+                }
+            }
+        }
+        return intersect;
+    }
+
+    private Set unionDN(Set excluded, ASN1Sequence dn)
+    {
+        if (excluded.isEmpty())
+        {
+            if (dn == null)
+            {
+                return excluded;
+            }
+            excluded.add(dn);
+
+            return excluded;
+        }
+        else
+        {
+            Set intersect = new HashSet();
+
+            Iterator it = excluded.iterator();
+            while (it.hasNext())
+            {
+                ASN1Sequence subtree = (ASN1Sequence)it.next();
+
+                if (withinDNSubtree(dn, subtree))
+                {
+                    intersect.add(subtree);
+                }
+                else if (withinDNSubtree(subtree, dn))
+                {
+                    intersect.add(dn);
+                }
+                else
+                {
+                    intersect.add(subtree);
+                    intersect.add(dn);
+                }
+            }
+
+            return intersect;
+        }
+    }
+
+    private Set intersectOtherName(Set permitted, Set otherNames)
+    {
+        Set intersect = new HashSet(permitted);
+
+        intersect.retainAll(otherNames);
+
+        return intersect;
+    }
+
+
+    private Set unionOtherName(Set permitted, OtherName otherName)
+    {
+        Set union = new HashSet(permitted);
+
+        union.add(otherName);
+
+        return union;
+    }
+
+    private Set intersectEmail(Set permitted, Set emails)
+    {
+        Set intersect = new HashSet();
+        for (Iterator it = emails.iterator(); it.hasNext(); )
+        {
+            String email = extractNameAsString(((GeneralSubtree)it.next())
+                .getBase());
+
+            if (permitted == null)
+            {
+                if (email != null)
+                {
+                    intersect.add(email);
+                }
+            }
+            else
+            {
+                Iterator it2 = permitted.iterator();
+                while (it2.hasNext())
+                {
+                    String _permitted = (String)it2.next();
+
+                    intersectEmail(email, _permitted, intersect);
+                }
+            }
+        }
+        return intersect;
+    }
+
+    private Set unionEmail(Set excluded, String email)
+    {
+        if (excluded.isEmpty())
+        {
+            if (email == null)
+            {
+                return excluded;
+            }
+            excluded.add(email);
+            return excluded;
+        }
+        else
+        {
+            Set union = new HashSet();
+
+            Iterator it = excluded.iterator();
+            while (it.hasNext())
+            {
+                String _excluded = (String)it.next();
+
+                unionEmail(_excluded, email, union);
+            }
+
+            return union;
+        }
+    }
+
+    /**
+     * Returns the intersection of the permitted IP ranges in
+     * <code>permitted</code> with <code>ip</code>.
+     *
+     * @param permitted A <code>Set</code> of permitted IP addresses with
+     *                  their subnet mask as byte arrays.
+     * @param ips       The IP address with its subnet mask.
+     * @return The <code>Set</code> of permitted IP ranges intersected with
+     * <code>ip</code>.
+     */
+    private Set intersectIP(Set permitted, Set ips)
+    {
+        Set intersect = new HashSet();
+        for (Iterator it = ips.iterator(); it.hasNext(); )
+        {
+            byte[] ip = ASN1OctetString.getInstance(
+                ((GeneralSubtree)it.next()).getBase().getName()).getOctets();
+            if (permitted == null)
+            {
+                if (ip != null)
+                {
+                    intersect.add(ip);
+                }
+            }
+            else
+            {
+                Iterator it2 = permitted.iterator();
+                while (it2.hasNext())
+                {
+                    byte[] _permitted = (byte[])it2.next();
+                    intersect.addAll(intersectIPRange(_permitted, ip));
+                }
+            }
+        }
+        return intersect;
+    }
+
+    /**
+     * Returns the union of the excluded IP ranges in <code>excluded</code>
+     * with <code>ip</code>.
+     *
+     * @param excluded A <code>Set</code> of excluded IP addresses with their
+     *                 subnet mask as byte arrays.
+     * @param ip       The IP address with its subnet mask.
+     * @return The <code>Set</code> of excluded IP ranges unified with
+     * <code>ip</code> as byte arrays.
+     */
+    private Set unionIP(Set excluded, byte[] ip)
+    {
+        if (excluded.isEmpty())
+        {
+            if (ip == null)
+            {
+                return excluded;
+            }
+            excluded.add(ip);
+
+            return excluded;
+        }
+        else
+        {
+            Set union = new HashSet();
+
+            Iterator it = excluded.iterator();
+            while (it.hasNext())
+            {
+                byte[] _excluded = (byte[])it.next();
+                union.addAll(unionIPRange(_excluded, ip));
+            }
+
+            return union;
+        }
+    }
+
+    /**
+     * Calculates the union if two IP ranges.
+     *
+     * @param ipWithSubmask1 The first IP address with its subnet mask.
+     * @param ipWithSubmask2 The second IP address with its subnet mask.
+     * @return A <code>Set</code> with the union of both addresses.
+     */
+    private Set unionIPRange(byte[] ipWithSubmask1, byte[] ipWithSubmask2)
+    {
+        Set set = new HashSet();
+
+        // difficult, adding always all IPs is not wrong
+        if (Arrays.areEqual(ipWithSubmask1, ipWithSubmask2))
+        {
+            set.add(ipWithSubmask1);
+        }
+        else
+        {
+            set.add(ipWithSubmask1);
+            set.add(ipWithSubmask2);
+        }
+        return set;
+    }
+
+    /**
+     * Calculates the interesction if two IP ranges.
+     *
+     * @param ipWithSubmask1 The first IP address with its subnet mask.
+     * @param ipWithSubmask2 The second IP address with its subnet mask.
+     * @return A <code>Set</code> with the single IP address with its subnet
+     * mask as a byte array or an empty <code>Set</code>.
+     */
+    private Set intersectIPRange(byte[] ipWithSubmask1, byte[] ipWithSubmask2)
+    {
+        if (ipWithSubmask1.length != ipWithSubmask2.length)
+        {
+            return Collections.EMPTY_SET;
+        }
+        byte[][] temp = extractIPsAndSubnetMasks(ipWithSubmask1, ipWithSubmask2);
+        byte ip1[] = temp[0];
+        byte subnetmask1[] = temp[1];
+        byte ip2[] = temp[2];
+        byte subnetmask2[] = temp[3];
+
+        byte minMax[][] = minMaxIPs(ip1, subnetmask1, ip2, subnetmask2);
+        byte[] min;
+        byte[] max;
+        max = min(minMax[1], minMax[3]);
+        min = max(minMax[0], minMax[2]);
+
+        // minimum IP address must be bigger than max
+        if (compareTo(min, max) == 1)
+        {
+            return Collections.EMPTY_SET;
+        }
+        // OR keeps all significant bits
+        byte[] ip = or(minMax[0], minMax[2]);
+        byte[] subnetmask = or(subnetmask1, subnetmask2);
+        return Collections.singleton(ipWithSubnetMask(ip, subnetmask));
+    }
+
+    /**
+     * Concatenates the IP address with its subnet mask.
+     *
+     * @param ip         The IP address.
+     * @param subnetMask Its subnet mask.
+     * @return The concatenated IP address with its subnet mask.
+     */
+    private byte[] ipWithSubnetMask(byte[] ip, byte[] subnetMask)
+    {
+        int ipLength = ip.length;
+        byte[] temp = new byte[ipLength * 2];
+        System.arraycopy(ip, 0, temp, 0, ipLength);
+        System.arraycopy(subnetMask, 0, temp, ipLength, ipLength);
+        return temp;
+    }
+
+    /**
+     * Splits the IP addresses and their subnet mask.
+     *
+     * @param ipWithSubmask1 The first IP address with the subnet mask.
+     * @param ipWithSubmask2 The second IP address with the subnet mask.
+     * @return An array with two elements. Each element contains the IP address
+     * and the subnet mask in this order.
+     */
+    private byte[][] extractIPsAndSubnetMasks(
+        byte[] ipWithSubmask1,
+        byte[] ipWithSubmask2)
+    {
+        int ipLength = ipWithSubmask1.length / 2;
+        byte ip1[] = new byte[ipLength];
+        byte subnetmask1[] = new byte[ipLength];
+        System.arraycopy(ipWithSubmask1, 0, ip1, 0, ipLength);
+        System.arraycopy(ipWithSubmask1, ipLength, subnetmask1, 0, ipLength);
+
+        byte ip2[] = new byte[ipLength];
+        byte subnetmask2[] = new byte[ipLength];
+        System.arraycopy(ipWithSubmask2, 0, ip2, 0, ipLength);
+        System.arraycopy(ipWithSubmask2, ipLength, subnetmask2, 0, ipLength);
+        return new byte[][]
+            {ip1, subnetmask1, ip2, subnetmask2};
+    }
+
+    /**
+     * Based on the two IP addresses and their subnet masks the IP range is
+     * computed for each IP address - subnet mask pair and returned as the
+     * minimum IP address and the maximum address of the range.
+     *
+     * @param ip1         The first IP address.
+     * @param subnetmask1 The subnet mask of the first IP address.
+     * @param ip2         The second IP address.
+     * @param subnetmask2 The subnet mask of the second IP address.
+     * @return A array with two elements. The first/second element contains the
+     * min and max IP address of the first/second IP address and its
+     * subnet mask.
+     */
+    private byte[][] minMaxIPs(
+        byte[] ip1,
+        byte[] subnetmask1,
+        byte[] ip2,
+        byte[] subnetmask2)
+    {
+        int ipLength = ip1.length;
+        byte[] min1 = new byte[ipLength];
+        byte[] max1 = new byte[ipLength];
+
+        byte[] min2 = new byte[ipLength];
+        byte[] max2 = new byte[ipLength];
+
+        for (int i = 0; i < ipLength; i++)
+        {
+            min1[i] = (byte)(ip1[i] & subnetmask1[i]);
+            max1[i] = (byte)(ip1[i] & subnetmask1[i] | ~subnetmask1[i]);
+
+            min2[i] = (byte)(ip2[i] & subnetmask2[i]);
+            max2[i] = (byte)(ip2[i] & subnetmask2[i] | ~subnetmask2[i]);
+        }
+
+        return new byte[][]{min1, max1, min2, max2};
+    }
+
+    private void checkPermittedEmail(Set permitted, String email)
+        throws NameConstraintValidatorException
+    {
+        if (permitted == null)
+        {
+            return;
+        }
+
+        Iterator it = permitted.iterator();
+
+        while (it.hasNext())
+        {
+            String str = ((String)it.next());
+
+            if (emailIsConstrained(email, str))
+            {
+                return;
+            }
+        }
+
+        if (email.length() == 0 && permitted.size() == 0)
+        {
+            return;
+        }
+
+        throw new NameConstraintValidatorException(
+            "Subject email address is not from a permitted subtree.");
+    }
+
+    private void checkPermittedOtherName(Set permitted, OtherName name)
+        throws NameConstraintValidatorException
+    {
+        if (permitted == null)
+        {
+            return;
+        }
+
+        Iterator it = permitted.iterator();
+
+        while (it.hasNext())
+        {
+            OtherName str = ((OtherName)it.next());
+
+            if (otherNameIsConstrained(name, str))
+            {
+                return;
+            }
+        }
+
+        throw new NameConstraintValidatorException(
+            "Subject OtherName is not from a permitted subtree.");
+    }
+
+    private void checkExcludedOtherName(Set excluded, OtherName name)
+        throws NameConstraintValidatorException
+    {
+        if (excluded.isEmpty())
+        {
+            return;
+        }
+
+        Iterator it = excluded.iterator();
+
+        while (it.hasNext())
+        {
+            OtherName str = OtherName.getInstance(it.next());
+
+            if (otherNameIsConstrained(name, str))
+            {
+                throw new NameConstraintValidatorException(
+                    "OtherName is from an excluded subtree.");
+            }
+        }
+    }
+
+    private void checkExcludedEmail(Set excluded, String email)
+        throws NameConstraintValidatorException
+    {
+        if (excluded.isEmpty())
+        {
+            return;
+        }
+
+        Iterator it = excluded.iterator();
+
+        while (it.hasNext())
+        {
+            String str = (String)it.next();
+
+            if (emailIsConstrained(email, str))
+            {
+                throw new NameConstraintValidatorException(
+                    "Email address is from an excluded subtree.");
+            }
+        }
+    }
+
+    /**
+     * Checks if the IP <code>ip</code> is included in the permitted set
+     * <code>permitted</code>.
+     *
+     * @param permitted A <code>Set</code> of permitted IP addresses with
+     *                  their subnet mask as byte arrays.
+     * @param ip        The IP address.
+     * @throws NameConstraintValidatorException if the IP is not permitted.
+     */
+    private void checkPermittedIP(Set permitted, byte[] ip)
+        throws NameConstraintValidatorException
+    {
+        if (permitted == null)
+        {
+            return;
+        }
+
+        Iterator it = permitted.iterator();
+
+        while (it.hasNext())
+        {
+            byte[] ipWithSubnet = (byte[])it.next();
+
+            if (isIPConstrained(ip, ipWithSubnet))
+            {
+                return;
+            }
+        }
+        if (ip.length == 0 && permitted.size() == 0)
+        {
+            return;
+        }
+        throw new NameConstraintValidatorException(
+            "IP is not from a permitted subtree.");
+    }
+
+    /**
+     * Checks if the IP <code>ip</code> is included in the excluded set
+     * <code>excluded</code>.
+     *
+     * @param excluded A <code>Set</code> of excluded IP addresses with their
+     *                 subnet mask as byte arrays.
+     * @param ip       The IP address.
+     * @throws NameConstraintValidatorException if the IP is excluded.
+     */
+    private void checkExcludedIP(Set excluded, byte[] ip)
+        throws NameConstraintValidatorException
+    {
+        if (excluded.isEmpty())
+        {
+            return;
+        }
+
+        Iterator it = excluded.iterator();
+
+        while (it.hasNext())
+        {
+            byte[] ipWithSubnet = (byte[])it.next();
+
+            if (isIPConstrained(ip, ipWithSubnet))
+            {
+                throw new NameConstraintValidatorException(
+                    "IP is from an excluded subtree.");
+            }
+        }
+    }
+
+    /**
+     * Checks if the IP address <code>ip</code> is constrained by
+     * <code>constraint</code>.
+     *
+     * @param ip         The IP address.
+     * @param constraint The constraint. This is an IP address concatenated with
+     *                   its subnetmask.
+     * @return <code>true</code> if constrained, <code>false</code>
+     * otherwise.
+     */
+    private boolean isIPConstrained(byte ip[], byte[] constraint)
+    {
+        int ipLength = ip.length;
+
+        if (ipLength != (constraint.length / 2))
+        {
+            return false;
+        }
+
+        byte[] subnetMask = new byte[ipLength];
+        System.arraycopy(constraint, ipLength, subnetMask, 0, ipLength);
+
+        byte[] permittedSubnetAddress = new byte[ipLength];
+
+        byte[] ipSubnetAddress = new byte[ipLength];
+
+        // the resulting IP address by applying the subnet mask
+        for (int i = 0; i < ipLength; i++)
+        {
+            permittedSubnetAddress[i] = (byte)(constraint[i] & subnetMask[i]);
+            ipSubnetAddress[i] = (byte)(ip[i] & subnetMask[i]);
+        }
+
+        return Arrays.areEqual(permittedSubnetAddress, ipSubnetAddress);
+    }
+
+    private boolean otherNameIsConstrained(OtherName name, OtherName constraint)
+    {
+        if (constraint.equals(name))
+        {
+            return true;
+        }
+
+        return false;
+    }
+
+    private boolean emailIsConstrained(String email, String constraint)
+    {
+        String sub = email.substring(email.indexOf('@') + 1);
+        // a particular mailbox
+        if (constraint.indexOf('@') != -1)
+        {
+            if (email.equalsIgnoreCase(constraint))
+            {
+                return true;
+            }
+        }
+        // on particular host
+        else if (!(constraint.charAt(0) == '.'))
+        {
+            if (sub.equalsIgnoreCase(constraint))
+            {
+                return true;
+            }
+        }
+        // address in sub domain
+        else if (withinDomain(sub, constraint))
+        {
+            return true;
+        }
+        return false;
+    }
+
+    private boolean withinDomain(String testDomain, String domain)
+    {
+        String tempDomain = domain;
+        if (tempDomain.startsWith("."))
+        {
+            tempDomain = tempDomain.substring(1);
+        }
+        String[] domainParts = Strings.split(tempDomain, '.');
+        String[] testDomainParts = Strings.split(testDomain, '.');
+        // must have at least one subdomain
+        if (testDomainParts.length <= domainParts.length)
+        {
+            return false;
+        }
+        int d = testDomainParts.length - domainParts.length;
+        for (int i = -1; i < domainParts.length; i++)
+        {
+            if (i == -1)
+            {
+                if (testDomainParts[i + d].equals(""))
+                {
+                    return false;
+                }
+            }
+            else if (!domainParts[i].equalsIgnoreCase(testDomainParts[i + d]))
+            {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    private void checkPermittedDNS(Set permitted, String dns)
+        throws NameConstraintValidatorException
+    {
+        if (permitted == null)
+        {
+            return;
+        }
+
+        Iterator it = permitted.iterator();
+
+        while (it.hasNext())
+        {
+            String str = ((String)it.next());
+
+            // is sub domain
+            if (withinDomain(dns, str) || dns.equalsIgnoreCase(str))
+            {
+                return;
+            }
+        }
+        if (dns.length() == 0 && permitted.size() == 0)
+        {
+            return;
+        }
+        throw new NameConstraintValidatorException(
+            "DNS is not from a permitted subtree.");
+    }
+
+    private void checkExcludedDNS(Set excluded, String dns)
+        throws NameConstraintValidatorException
+    {
+        if (excluded.isEmpty())
+        {
+            return;
+        }
+
+        Iterator it = excluded.iterator();
+
+        while (it.hasNext())
+        {
+            String str = ((String)it.next());
+
+            // is sub domain or the same
+            if (withinDomain(dns, str) || dns.equalsIgnoreCase(str))
+            {
+                throw new NameConstraintValidatorException(
+                    "DNS is from an excluded subtree.");
+            }
+        }
+    }
+
+    /**
+     * The common part of <code>email1</code> and <code>email2</code> is
+     * added to the union <code>union</code>. If <code>email1</code> and
+     * <code>email2</code> have nothing in common they are added both.
+     *
+     * @param email1 Email address constraint 1.
+     * @param email2 Email address constraint 2.
+     * @param union  The union.
+     */
+    private void unionEmail(String email1, String email2, Set union)
+    {
+        // email1 is a particular address
+        if (email1.indexOf('@') != -1)
+        {
+            String _sub = email1.substring(email1.indexOf('@') + 1);
+            // both are a particular mailbox
+            if (email2.indexOf('@') != -1)
+            {
+                if (email1.equalsIgnoreCase(email2))
+                {
+                    union.add(email1);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+            // email2 specifies a domain
+            else if (email2.startsWith("."))
+            {
+                if (withinDomain(_sub, email2))
+                {
+                    union.add(email2);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+            // email2 specifies a particular host
+            else
+            {
+                if (_sub.equalsIgnoreCase(email2))
+                {
+                    union.add(email2);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+        }
+        // email1 specifies a domain
+        else if (email1.startsWith("."))
+        {
+            if (email2.indexOf('@') != -1)
+            {
+                String _sub = email2.substring(email1.indexOf('@') + 1);
+                if (withinDomain(_sub, email1))
+                {
+                    union.add(email1);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+            // email2 specifies a domain
+            else if (email2.startsWith("."))
+            {
+                if (withinDomain(email1, email2)
+                    || email1.equalsIgnoreCase(email2))
+                {
+                    union.add(email2);
+                }
+                else if (withinDomain(email2, email1))
+                {
+                    union.add(email1);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+            else
+            {
+                if (withinDomain(email2, email1))
+                {
+                    union.add(email1);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+        }
+        // email specifies a host
+        else
+        {
+            if (email2.indexOf('@') != -1)
+            {
+                String _sub = email2.substring(email1.indexOf('@') + 1);
+                if (_sub.equalsIgnoreCase(email1))
+                {
+                    union.add(email1);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+            // email2 specifies a domain
+            else if (email2.startsWith("."))
+            {
+                if (withinDomain(email1, email2))
+                {
+                    union.add(email2);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+            // email2 specifies a particular host
+            else
+            {
+                if (email1.equalsIgnoreCase(email2))
+                {
+                    union.add(email1);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+        }
+    }
+
+    private void unionURI(String email1, String email2, Set union)
+    {
+        // email1 is a particular address
+        if (email1.indexOf('@') != -1)
+        {
+            String _sub = email1.substring(email1.indexOf('@') + 1);
+            // both are a particular mailbox
+            if (email2.indexOf('@') != -1)
+            {
+                if (email1.equalsIgnoreCase(email2))
+                {
+                    union.add(email1);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+            // email2 specifies a domain
+            else if (email2.startsWith("."))
+            {
+                if (withinDomain(_sub, email2))
+                {
+                    union.add(email2);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+            // email2 specifies a particular host
+            else
+            {
+                if (_sub.equalsIgnoreCase(email2))
+                {
+                    union.add(email2);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+        }
+        // email1 specifies a domain
+        else if (email1.startsWith("."))
+        {
+            if (email2.indexOf('@') != -1)
+            {
+                String _sub = email2.substring(email1.indexOf('@') + 1);
+                if (withinDomain(_sub, email1))
+                {
+                    union.add(email1);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+            // email2 specifies a domain
+            else if (email2.startsWith("."))
+            {
+                if (withinDomain(email1, email2)
+                    || email1.equalsIgnoreCase(email2))
+                {
+                    union.add(email2);
+                }
+                else if (withinDomain(email2, email1))
+                {
+                    union.add(email1);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+            else
+            {
+                if (withinDomain(email2, email1))
+                {
+                    union.add(email1);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+        }
+        // email specifies a host
+        else
+        {
+            if (email2.indexOf('@') != -1)
+            {
+                String _sub = email2.substring(email1.indexOf('@') + 1);
+                if (_sub.equalsIgnoreCase(email1))
+                {
+                    union.add(email1);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+            // email2 specifies a domain
+            else if (email2.startsWith("."))
+            {
+                if (withinDomain(email1, email2))
+                {
+                    union.add(email2);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+            // email2 specifies a particular host
+            else
+            {
+                if (email1.equalsIgnoreCase(email2))
+                {
+                    union.add(email1);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+        }
+    }
+
+    private Set intersectDNS(Set permitted, Set dnss)
+    {
+        Set intersect = new HashSet();
+        for (Iterator it = dnss.iterator(); it.hasNext(); )
+        {
+            String dns = extractNameAsString(((GeneralSubtree)it.next())
+                .getBase());
+            if (permitted == null)
+            {
+                if (dns != null)
+                {
+                    intersect.add(dns);
+                }
+            }
+            else
+            {
+                Iterator _iter = permitted.iterator();
+                while (_iter.hasNext())
+                {
+                    String _permitted = (String)_iter.next();
+
+                    if (withinDomain(_permitted, dns))
+                    {
+                        intersect.add(_permitted);
+                    }
+                    else if (withinDomain(dns, _permitted))
+                    {
+                        intersect.add(dns);
+                    }
+                }
+            }
+        }
+
+        return intersect;
+    }
+
+    private Set unionDNS(Set excluded, String dns)
+    {
+        if (excluded.isEmpty())
+        {
+            if (dns == null)
+            {
+                return excluded;
+            }
+            excluded.add(dns);
+
+            return excluded;
+        }
+        else
+        {
+            Set union = new HashSet();
+
+            Iterator _iter = excluded.iterator();
+            while (_iter.hasNext())
+            {
+                String _permitted = (String)_iter.next();
+
+                if (withinDomain(_permitted, dns))
+                {
+                    union.add(dns);
+                }
+                else if (withinDomain(dns, _permitted))
+                {
+                    union.add(_permitted);
+                }
+                else
+                {
+                    union.add(_permitted);
+                    union.add(dns);
+                }
+            }
+
+            return union;
+        }
+    }
+
+    /**
+     * The most restricting part from <code>email1</code> and
+     * <code>email2</code> is added to the intersection <code>intersect</code>.
+     *
+     * @param email1    Email address constraint 1.
+     * @param email2    Email address constraint 2.
+     * @param intersect The intersection.
+     */
+    private void intersectEmail(String email1, String email2, Set intersect)
+    {
+        // email1 is a particular address
+        if (email1.indexOf('@') != -1)
+        {
+            String _sub = email1.substring(email1.indexOf('@') + 1);
+            // both are a particular mailbox
+            if (email2.indexOf('@') != -1)
+            {
+                if (email1.equalsIgnoreCase(email2))
+                {
+                    intersect.add(email1);
+                }
+            }
+            // email2 specifies a domain
+            else if (email2.startsWith("."))
+            {
+                if (withinDomain(_sub, email2))
+                {
+                    intersect.add(email1);
+                }
+            }
+            // email2 specifies a particular host
+            else
+            {
+                if (_sub.equalsIgnoreCase(email2))
+                {
+                    intersect.add(email1);
+                }
+            }
+        }
+        // email specifies a domain
+        else if (email1.startsWith("."))
+        {
+            if (email2.indexOf('@') != -1)
+            {
+                String _sub = email2.substring(email1.indexOf('@') + 1);
+                if (withinDomain(_sub, email1))
+                {
+                    intersect.add(email2);
+                }
+            }
+            // email2 specifies a domain
+            else if (email2.startsWith("."))
+            {
+                if (withinDomain(email1, email2)
+                    || email1.equalsIgnoreCase(email2))
+                {
+                    intersect.add(email1);
+                }
+                else if (withinDomain(email2, email1))
+                {
+                    intersect.add(email2);
+                }
+            }
+            else
+            {
+                if (withinDomain(email2, email1))
+                {
+                    intersect.add(email2);
+                }
+            }
+        }
+        // email1 specifies a host
+        else
+        {
+            if (email2.indexOf('@') != -1)
+            {
+                String _sub = email2.substring(email2.indexOf('@') + 1);
+                if (_sub.equalsIgnoreCase(email1))
+                {
+                    intersect.add(email2);
+                }
+            }
+            // email2 specifies a domain
+            else if (email2.startsWith("."))
+            {
+                if (withinDomain(email1, email2))
+                {
+                    intersect.add(email1);
+                }
+            }
+            // email2 specifies a particular host
+            else
+            {
+                if (email1.equalsIgnoreCase(email2))
+                {
+                    intersect.add(email1);
+                }
+            }
+        }
+    }
+
+    private void checkExcludedURI(Set excluded, String uri)
+        throws NameConstraintValidatorException
+    {
+        if (excluded.isEmpty())
+        {
+            return;
+        }
+
+        Iterator it = excluded.iterator();
+
+        while (it.hasNext())
+        {
+            String str = ((String)it.next());
+
+            if (isUriConstrained(uri, str))
+            {
+                throw new NameConstraintValidatorException(
+                    "URI is from an excluded subtree.");
+            }
+        }
+    }
+
+    private Set intersectURI(Set permitted, Set uris)
+    {
+        Set intersect = new HashSet();
+        for (Iterator it = uris.iterator(); it.hasNext(); )
+        {
+            String uri = extractNameAsString(((GeneralSubtree)it.next())
+                .getBase());
+            if (permitted == null)
+            {
+                if (uri != null)
+                {
+                    intersect.add(uri);
+                }
+            }
+            else
+            {
+                Iterator _iter = permitted.iterator();
+                while (_iter.hasNext())
+                {
+                    String _permitted = (String)_iter.next();
+                    intersectURI(_permitted, uri, intersect);
+                }
+            }
+        }
+        return intersect;
+    }
+
+    private Set unionURI(Set excluded, String uri)
+    {
+        if (excluded.isEmpty())
+        {
+            if (uri == null)
+            {
+                return excluded;
+            }
+            excluded.add(uri);
+
+            return excluded;
+        }
+        else
+        {
+            Set union = new HashSet();
+
+            Iterator _iter = excluded.iterator();
+            while (_iter.hasNext())
+            {
+                String _excluded = (String)_iter.next();
+
+                unionURI(_excluded, uri, union);
+            }
+
+            return union;
+        }
+    }
+
+    private void intersectURI(String email1, String email2, Set intersect)
+    {
+        // email1 is a particular address
+        if (email1.indexOf('@') != -1)
+        {
+            String _sub = email1.substring(email1.indexOf('@') + 1);
+            // both are a particular mailbox
+            if (email2.indexOf('@') != -1)
+            {
+                if (email1.equalsIgnoreCase(email2))
+                {
+                    intersect.add(email1);
+                }
+            }
+            // email2 specifies a domain
+            else if (email2.startsWith("."))
+            {
+                if (withinDomain(_sub, email2))
+                {
+                    intersect.add(email1);
+                }
+            }
+            // email2 specifies a particular host
+            else
+            {
+                if (_sub.equalsIgnoreCase(email2))
+                {
+                    intersect.add(email1);
+                }
+            }
+        }
+        // email specifies a domain
+        else if (email1.startsWith("."))
+        {
+            if (email2.indexOf('@') != -1)
+            {
+                String _sub = email2.substring(email1.indexOf('@') + 1);
+                if (withinDomain(_sub, email1))
+                {
+                    intersect.add(email2);
+                }
+            }
+            // email2 specifies a domain
+            else if (email2.startsWith("."))
+            {
+                if (withinDomain(email1, email2)
+                    || email1.equalsIgnoreCase(email2))
+                {
+                    intersect.add(email1);
+                }
+                else if (withinDomain(email2, email1))
+                {
+                    intersect.add(email2);
+                }
+            }
+            else
+            {
+                if (withinDomain(email2, email1))
+                {
+                    intersect.add(email2);
+                }
+            }
+        }
+        // email1 specifies a host
+        else
+        {
+            if (email2.indexOf('@') != -1)
+            {
+                String _sub = email2.substring(email2.indexOf('@') + 1);
+                if (_sub.equalsIgnoreCase(email1))
+                {
+                    intersect.add(email2);
+                }
+            }
+            // email2 specifies a domain
+            else if (email2.startsWith("."))
+            {
+                if (withinDomain(email1, email2))
+                {
+                    intersect.add(email1);
+                }
+            }
+            // email2 specifies a particular host
+            else
+            {
+                if (email1.equalsIgnoreCase(email2))
+                {
+                    intersect.add(email1);
+                }
+            }
+        }
+    }
+
+    private void checkPermittedURI(Set permitted, String uri)
+        throws NameConstraintValidatorException
+    {
+        if (permitted == null)
+        {
+            return;
+        }
+
+        Iterator it = permitted.iterator();
+
+        while (it.hasNext())
+        {
+            String str = ((String)it.next());
+
+            if (isUriConstrained(uri, str))
+            {
+                return;
+            }
+        }
+        if (uri.length() == 0 && permitted.size() == 0)
+        {
+            return;
+        }
+        throw new NameConstraintValidatorException(
+            "URI is not from a permitted subtree.");
+    }
+
+    private boolean isUriConstrained(String uri, String constraint)
+    {
+        String host = extractHostFromURL(uri);
+        // a host
+        if (!constraint.startsWith("."))
+        {
+            if (host.equalsIgnoreCase(constraint))
+            {
+                return true;
+            }
+        }
+
+        // in sub domain or domain
+        else if (withinDomain(host, constraint))
+        {
+            return true;
+        }
+
+        return false;
+    }
+
+    private static String extractHostFromURL(String url)
+    {
+        // see RFC 1738
+        // remove ':' after protocol, e.g. http:
+        String sub = url.substring(url.indexOf(':') + 1);
+        // extract host from Common Internet Scheme Syntax, e.g. http://
+        if (sub.indexOf("//") != -1)
+        {
+            sub = sub.substring(sub.indexOf("//") + 2);
+        }
+        // first remove port, e.g. http://test.com:21
+        if (sub.lastIndexOf(':') != -1)
+        {
+            sub = sub.substring(0, sub.lastIndexOf(':'));
+        }
+        // remove user and password, e.g. http://john:password@test.com
+        sub = sub.substring(sub.indexOf(':') + 1);
+        sub = sub.substring(sub.indexOf('@') + 1);
+        // remove local parts, e.g. http://test.com/bla
+        if (sub.indexOf('/') != -1)
+        {
+            sub = sub.substring(0, sub.indexOf('/'));
+        }
+        return sub;
+    }
+
+    private String extractNameAsString(GeneralName name)
+    {
+        return DERIA5String.getInstance(name.getName()).getString();
+    }
+
+    /**
+     * Returns the maximum IP address.
+     *
+     * @param ip1 The first IP address.
+     * @param ip2 The second IP address.
+     * @return The maximum IP address.
+     */
+    private static byte[] max(byte[] ip1, byte[] ip2)
+    {
+        for (int i = 0; i < ip1.length; i++)
+        {
+            if ((ip1[i] & 0xFFFF) > (ip2[i] & 0xFFFF))
+            {
+                return ip1;
+            }
+        }
+        return ip2;
+    }
+
+    /**
+     * Returns the minimum IP address.
+     *
+     * @param ip1 The first IP address.
+     * @param ip2 The second IP address.
+     * @return The minimum IP address.
+     */
+    private static byte[] min(byte[] ip1, byte[] ip2)
+    {
+        for (int i = 0; i < ip1.length; i++)
+        {
+            if ((ip1[i] & 0xFFFF) < (ip2[i] & 0xFFFF))
+            {
+                return ip1;
+            }
+        }
+        return ip2;
+    }
+
+    /**
+     * Compares IP address <code>ip1</code> with <code>ip2</code>. If ip1
+     * is equal to ip2 0 is returned. If ip1 is bigger 1 is returned, -1
+     * otherwise.
+     *
+     * @param ip1 The first IP address.
+     * @param ip2 The second IP address.
+     * @return 0 if ip1 is equal to ip2, 1 if ip1 is bigger, -1 otherwise.
+     */
+    private static int compareTo(byte[] ip1, byte[] ip2)
+    {
+        if (Arrays.areEqual(ip1, ip2))
+        {
+            return 0;
+        }
+        if (Arrays.areEqual(max(ip1, ip2), ip1))
+        {
+            return 1;
+        }
+        return -1;
+    }
+
+    /**
+     * Returns the logical OR of the IP addresses <code>ip1</code> and
+     * <code>ip2</code>.
+     *
+     * @param ip1 The first IP address.
+     * @param ip2 The second IP address.
+     * @return The OR of <code>ip1</code> and <code>ip2</code>.
+     */
+    private static byte[] or(byte[] ip1, byte[] ip2)
+    {
+        byte[] temp = new byte[ip1.length];
+        for (int i = 0; i < ip1.length; i++)
+        {
+            temp[i] = (byte)(ip1[i] | ip2[i]);
+        }
+        return temp;
+    }
+
+    private int hashCollection(Collection coll)
+    {
+        if (coll == null)
+        {
+            return 0;
+        }
+        int hash = 0;
+        Iterator it1 = coll.iterator();
+        while (it1.hasNext())
+        {
+            Object o = it1.next();
+            if (o instanceof byte[])
+            {
+                hash += Arrays.hashCode((byte[])o);
+            }
+            else
+            {
+                hash += o.hashCode();
+            }
+        }
+        return hash;
+    }
+
+    private boolean collectionsAreEqual(Collection coll1, Collection coll2)
+    {
+        if (coll1 == coll2)
+        {
+            return true;
+        }
+        if (coll1 == null || coll2 == null)
+        {
+            return false;
+        }
+        if (coll1.size() != coll2.size())
+        {
+            return false;
+        }
+        Iterator it1 = coll1.iterator();
+
+        while (it1.hasNext())
+        {
+            Object a = it1.next();
+            Iterator it2 = coll2.iterator();
+            boolean found = false;
+            while (it2.hasNext())
+            {
+                Object b = it2.next();
+                if (equals(a, b))
+                {
+                    found = true;
+                    break;
+                }
+            }
+            if (!found)
+            {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    private boolean equals(Object o1, Object o2)
+    {
+        if (o1 == o2)
+        {
+            return true;
+        }
+        if (o1 == null || o2 == null)
+        {
+            return false;
+        }
+        if (o1 instanceof byte[] && o2 instanceof byte[])
+        {
+            return Arrays.areEqual((byte[])o1, (byte[])o2);
+        }
+        else
+        {
+            return o1.equals(o2);
+        }
+    }
+
+    /**
+     * Stringifies an IPv4 or v6 address with subnet mask.
+     *
+     * @param ip The IP with subnet mask.
+     * @return The stringified IP address.
+     */
+    private String stringifyIP(byte[] ip)
+    {
+        StringBuilder temp = new StringBuilder();
+        for (int i = 0; i < ip.length / 2; i++)
+        {
+            if (temp.length() > 0)
+            {
+                temp.append(".");
+            }
+            temp.append(Integer.toString(ip[i] & 0x00FF));
+        }
+
+        temp.append("/");
+        boolean first = true;
+        for (int i = ip.length / 2; i < ip.length; i++)
+        {
+            if (first)
+            {
+                first = false;
+            }
+            else
+            {
+                temp.append(".");
+            }
+            temp.append(Integer.toString(ip[i] & 0x00FF));
+        }
+
+        return temp.toString();
+    }
+
+    private String stringifyIPCollection(Set ips)
+    {
+        StringBuilder temp = new StringBuilder();
+        temp.append("[");
+        for (Iterator it = ips.iterator(); it.hasNext(); )
+        {
+            if (temp.length() > 1)
+            {
+                temp.append(",");
+            }
+            temp.append(stringifyIP((byte[])it.next()));
+        }
+        temp.append("]");
+        return temp.toString();
+    }
+
+    private String stringifyOtherNameCollection(Set otherNames)
+    {
+        StringBuilder temp = new StringBuilder();
+        temp.append("[");
+        for (Iterator it = otherNames.iterator(); it.hasNext(); )
+        {
+            if (temp.length() > 1)
+            {
+                temp.append(",");
+            }
+            OtherName name = OtherName.getInstance(it.next());
+            temp.append(name.getTypeID().getId());
+            temp.append(":");
+            try
+            {
+                temp.append(Hex.toHexString(name.getValue().toASN1Primitive().getEncoded()));
+            }
+            catch (IOException e)
+            {
+                temp.append(e.toString());
+            }
+        }
+        temp.append("]");
+        return temp.toString();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/PolicyConstraints.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/PolicyConstraints.java
new file mode 100644
index 0000000..7c4518b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/PolicyConstraints.java

@@ -0,0 +1,108 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+
+/**
+ * PKIX RFC 5280
+ * <pre>
+ * id-ce-policyConstraints OBJECT IDENTIFIER ::=  { id-ce 36 }
+ *
+ * PolicyConstraints ::= SEQUENCE {
+ *      requireExplicitPolicy           [0] SkipCerts OPTIONAL,
+ *      inhibitPolicyMapping            [1] SkipCerts OPTIONAL }
+ *
+ * SkipCerts ::= INTEGER (0..MAX)
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PolicyConstraints
+    extends ASN1Object
+{
+    private BigInteger requireExplicitPolicyMapping;
+    private BigInteger inhibitPolicyMapping;
+
+    public PolicyConstraints(BigInteger requireExplicitPolicyMapping, BigInteger inhibitPolicyMapping)
+    {
+        this.requireExplicitPolicyMapping = requireExplicitPolicyMapping;
+        this.inhibitPolicyMapping = inhibitPolicyMapping;
+    }
+
+    private PolicyConstraints(ASN1Sequence seq)
+    {
+        for (int i = 0; i != seq.size(); i++)
+        {
+            ASN1TaggedObject to = ASN1TaggedObject.getInstance(seq.getObjectAt(i));
+
+            if (to.getTagNo() == 0)
+            {
+                requireExplicitPolicyMapping = ASN1Integer.getInstance(to, false).getValue();
+            }
+            else if (to.getTagNo() == 1)
+            {
+                inhibitPolicyMapping = ASN1Integer.getInstance(to, false).getValue();
+            }
+            else
+            {
+                throw new IllegalArgumentException("Unknown tag encountered.");
+            }
+        }
+    }
+
+    public static PolicyConstraints getInstance(
+        Object  obj)
+    {
+        if (obj instanceof PolicyConstraints)
+        {
+            return (PolicyConstraints)obj;
+        }
+
+        if (obj != null)
+        {
+            return new PolicyConstraints(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    public static PolicyConstraints fromExtensions(Extensions extensions)
+    {
+        return PolicyConstraints.getInstance(extensions.getExtensionParsedValue(Extension.policyConstraints));
+    }
+
+    public BigInteger getRequireExplicitPolicyMapping()
+    {
+        return requireExplicitPolicyMapping;
+    }
+
+    public BigInteger getInhibitPolicyMapping()
+    {
+        return inhibitPolicyMapping;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        if (requireExplicitPolicyMapping != null)
+        {
+            v.add(new DERTaggedObject(false,0, new ASN1Integer(requireExplicitPolicyMapping)));
+        }
+
+        if (inhibitPolicyMapping != null)
+        {
+            v.add(new DERTaggedObject(false, 1, new ASN1Integer(inhibitPolicyMapping)));
+        }
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/PolicyInformation.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/PolicyInformation.java
new file mode 100644
index 0000000..55f02bb
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/PolicyInformation.java

@@ -0,0 +1,120 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PolicyInformation
+    extends ASN1Object
+{
+    private ASN1ObjectIdentifier   policyIdentifier;
+    private ASN1Sequence          policyQualifiers;
+
+    private PolicyInformation(
+        ASN1Sequence seq)
+    {
+        if (seq.size() < 1 || seq.size() > 2)
+        {
+            throw new IllegalArgumentException("Bad sequence size: "
+                    + seq.size());
+        }
+
+        policyIdentifier = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
+
+        if (seq.size() > 1)
+        {
+            policyQualifiers = ASN1Sequence.getInstance(seq.getObjectAt(1));
+        }
+    }
+
+    public PolicyInformation(
+        ASN1ObjectIdentifier policyIdentifier)
+    {
+        this.policyIdentifier = policyIdentifier;
+    }
+
+    public PolicyInformation(
+        ASN1ObjectIdentifier policyIdentifier,
+        ASN1Sequence        policyQualifiers)
+    {
+        this.policyIdentifier = policyIdentifier;
+        this.policyQualifiers = policyQualifiers;
+    }
+
+    public static PolicyInformation getInstance(
+        Object obj)
+    {
+        if (obj == null || obj instanceof PolicyInformation)
+        {
+            return (PolicyInformation)obj;
+        }
+
+        return new PolicyInformation(ASN1Sequence.getInstance(obj));
+    }
+
+    public ASN1ObjectIdentifier getPolicyIdentifier()
+    {
+        return policyIdentifier;
+    }
+    
+    public ASN1Sequence getPolicyQualifiers()
+    {
+        return policyQualifiers;
+    }
+    
+    /*
+     * <pre>
+     * PolicyInformation ::= SEQUENCE {
+     *      policyIdentifier   CertPolicyId,
+     *      policyQualifiers   SEQUENCE SIZE (1..MAX) OF
+     *              PolicyQualifierInfo OPTIONAL }
+     * </pre>
+     */ 
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+        
+        v.add(policyIdentifier);
+
+        if (policyQualifiers != null)
+        {
+            v.add(policyQualifiers);
+        }
+        
+        return new DERSequence(v);
+    }
+
+    public String toString()
+    {
+        StringBuffer sb = new StringBuffer();
+
+        sb.append("Policy information: ");
+        sb.append(policyIdentifier);
+
+        if (policyQualifiers != null)
+        {
+            StringBuffer p = new StringBuffer();
+            for (int i = 0; i < policyQualifiers.size(); i++)
+            {
+                if (p.length() != 0)
+                {
+                    p.append(", ");
+                }
+                p.append(PolicyQualifierInfo.getInstance(policyQualifiers.getObjectAt(i)));
+            }
+
+            sb.append("[");
+            sb.append(p);
+            sb.append("]");
+        }
+
+        return sb.toString();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/PolicyQualifierId.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/PolicyQualifierId.java
new file mode 100644
index 0000000..3c530e5
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/PolicyQualifierId.java

@@ -0,0 +1,33 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+
+/**
+ * PolicyQualifierId, used in the CertificatePolicies
+ * X509V3 extension.
+ * 
+ * <pre>
+ *    id-qt          OBJECT IDENTIFIER ::=  { id-pkix 2 }
+ *    id-qt-cps      OBJECT IDENTIFIER ::=  { id-qt 1 }
+ *    id-qt-unotice  OBJECT IDENTIFIER ::=  { id-qt 2 }
+ *  PolicyQualifierId ::=
+ *       OBJECT IDENTIFIER (id-qt-cps | id-qt-unotice)
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PolicyQualifierId extends ASN1ObjectIdentifier 
+{
+   private static final String id_qt = "1.3.6.1.5.5.7.2";
+
+   private PolicyQualifierId(String id) 
+      {
+         super(id);
+      }
+   
+   public static final PolicyQualifierId id_qt_cps =
+       new PolicyQualifierId(id_qt + ".1");
+   public static final PolicyQualifierId id_qt_unotice =
+       new PolicyQualifierId(id_qt + ".2");
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/PolicyQualifierInfo.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/PolicyQualifierInfo.java
new file mode 100644
index 0000000..fefa880
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/PolicyQualifierInfo.java

@@ -0,0 +1,119 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DERIA5String;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * Policy qualifiers, used in the X509V3 CertificatePolicies
+ * extension.
+ * 
+ * <pre>
+ *   PolicyQualifierInfo ::= SEQUENCE {
+ *       policyQualifierId  PolicyQualifierId,
+ *       qualifier          ANY DEFINED BY policyQualifierId }
+ *
+ *  PolicyQualifierId ::= OBJECT IDENTIFIER ( id-qt-cps | id-qt-unotice )
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PolicyQualifierInfo
+    extends ASN1Object
+{
+   private ASN1ObjectIdentifier policyQualifierId;
+   private ASN1Encodable        qualifier;
+
+   /**
+    * Creates a new <code>PolicyQualifierInfo</code> instance.
+    *
+    * @param policyQualifierId a <code>PolicyQualifierId</code> value
+    * @param qualifier the qualifier, defined by the above field.
+    */
+   public PolicyQualifierInfo(
+       ASN1ObjectIdentifier policyQualifierId,
+       ASN1Encodable qualifier) 
+   {
+      this.policyQualifierId = policyQualifierId;
+      this.qualifier = qualifier;
+   }
+
+   /**
+    * Creates a new <code>PolicyQualifierInfo</code> containing a
+    * cPSuri qualifier.
+    *
+    * @param cps the CPS (certification practice statement) uri as a
+    * <code>String</code>.
+    */
+   public PolicyQualifierInfo(
+       String cps) 
+   {
+      policyQualifierId = PolicyQualifierId.id_qt_cps;
+      qualifier = new DERIA5String (cps);
+   }
+
+   /**
+    * Creates a new <code>PolicyQualifierInfo</code> instance.
+    *
+    * @param as <code>PolicyQualifierInfo</code> X509 structure
+    * encoded as an ASN1Sequence.
+    * @deprecated use PolicyQualifierInfo.getInstance()
+    */
+   public PolicyQualifierInfo(
+       ASN1Sequence as)
+   {
+        if (as.size() != 2)
+        {
+            throw new IllegalArgumentException("Bad sequence size: "
+                    + as.size());
+        }
+
+        policyQualifierId = ASN1ObjectIdentifier.getInstance(as.getObjectAt(0));
+        qualifier = as.getObjectAt(1);
+   }
+
+   public static PolicyQualifierInfo getInstance(
+       Object obj)
+   {
+        if (obj instanceof PolicyQualifierInfo)
+        {
+            return (PolicyQualifierInfo)obj;
+        }
+        else if (obj != null)
+        {
+            return new PolicyQualifierInfo(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+   }
+
+
+   public ASN1ObjectIdentifier getPolicyQualifierId()
+   {
+       return policyQualifierId;
+   }
+
+   public ASN1Encodable getQualifier()
+   {
+       return qualifier;
+   }
+   
+   /**
+    * Returns a DER-encodable representation of this instance. 
+    *
+    * @return a <code>ASN1Primitive</code> value
+    */
+   public ASN1Primitive toASN1Primitive()
+   {
+      ASN1EncodableVector dev = new ASN1EncodableVector();
+      dev.add(policyQualifierId);
+      dev.add(qualifier);
+
+      return new DERSequence(dev);
+   }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/RSAPublicKeyStructure.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/RSAPublicKeyStructure.java
new file mode 100644
index 0000000..13ebc34
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/RSAPublicKeyStructure.java

@@ -0,0 +1,100 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.math.BigInteger;
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * @deprecated use org.bouncycastle.asn1.pkcs.RSAPublicKey
+ * @hide This class is not part of the Android public SDK API
+ */
+public class RSAPublicKeyStructure
+    extends ASN1Object
+{
+    private BigInteger  modulus;
+    private BigInteger  publicExponent;
+
+    public static RSAPublicKeyStructure getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static RSAPublicKeyStructure getInstance(
+        Object obj)
+    {
+        if(obj == null || obj instanceof RSAPublicKeyStructure) 
+        {
+            return (RSAPublicKeyStructure)obj;
+        }
+        
+        if(obj instanceof ASN1Sequence) 
+        {
+            return new RSAPublicKeyStructure((ASN1Sequence)obj);
+        }
+        
+        throw new IllegalArgumentException("Invalid RSAPublicKeyStructure: " + obj.getClass().getName());
+    }
+    
+    public RSAPublicKeyStructure(
+        BigInteger  modulus,
+        BigInteger  publicExponent)
+    {
+        this.modulus = modulus;
+        this.publicExponent = publicExponent;
+    }
+
+    public RSAPublicKeyStructure(
+        ASN1Sequence  seq)
+    {
+        if (seq.size() != 2)
+        {
+            throw new IllegalArgumentException("Bad sequence size: "
+                    + seq.size());
+        }
+
+        Enumeration e = seq.getObjects();
+
+        modulus = ASN1Integer.getInstance(e.nextElement()).getPositiveValue();
+        publicExponent = ASN1Integer.getInstance(e.nextElement()).getPositiveValue();
+    }
+
+    public BigInteger getModulus()
+    {
+        return modulus;
+    }
+
+    public BigInteger getPublicExponent()
+    {
+        return publicExponent;
+    }
+
+    /**
+     * This outputs the key in PKCS1v2 format.
+     * <pre>
+     *      RSAPublicKey ::= SEQUENCE {
+     *                          modulus INTEGER, -- n
+     *                          publicExponent INTEGER, -- e
+     *                      }
+     * </pre>
+     * <p>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        v.add(new ASN1Integer(getModulus()));
+        v.add(new ASN1Integer(getPublicExponent()));
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/ReasonFlags.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/ReasonFlags.java
new file mode 100644
index 0000000..79d22f6
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/ReasonFlags.java

@@ -0,0 +1,87 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.DERBitString;
+
+/**
+ * The ReasonFlags object.
+ * <pre>
+ * ReasonFlags ::= BIT STRING {
+ *      unused                  (0),
+ *      keyCompromise           (1),
+ *      cACompromise            (2),
+ *      affiliationChanged      (3),
+ *      superseded              (4),
+ *      cessationOfOperation    (5),
+ *      certificateHold         (6),
+ *      privilegeWithdrawn      (7),
+ *      aACompromise            (8) }
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ReasonFlags
+    extends DERBitString
+{
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int UNUSED                  = (1 << 7);
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int KEY_COMPROMISE          = (1 << 6);
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int CA_COMPROMISE           = (1 << 5);
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int AFFILIATION_CHANGED     = (1 << 4);
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int SUPERSEDED              = (1 << 3);
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int CESSATION_OF_OPERATION  = (1 << 2);
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int CERTIFICATE_HOLD        = (1 << 1);
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int PRIVILEGE_WITHDRAWN     = (1 << 0);
+    /**
+     * @deprecated use lower case version
+     */
+    public static final int AA_COMPROMISE           = (1 << 15);
+    
+    public static final int unused                  = (1 << 7);
+    public static final int keyCompromise           = (1 << 6);
+    public static final int cACompromise            = (1 << 5);
+    public static final int affiliationChanged      = (1 << 4);
+    public static final int superseded              = (1 << 3);
+    public static final int cessationOfOperation    = (1 << 2);
+    public static final int certificateHold         = (1 << 1);
+    public static final int privilegeWithdrawn      = (1 << 0);
+    public static final int aACompromise            = (1 << 15);
+
+    /**
+     * @param reasons - the bitwise OR of the Key Reason flags giving the
+     * allowed uses for the key.
+     */
+    public ReasonFlags(
+        int reasons)
+    {
+        super(getBytes(reasons), getPadBits(reasons));
+    }
+
+    public ReasonFlags(
+        DERBitString reasons)
+    {
+        super(reasons.getBytes(), reasons.getPadBits());
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/SubjectKeyIdentifier.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/SubjectKeyIdentifier.java
new file mode 100644
index 0000000..4a7dbcb
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/SubjectKeyIdentifier.java

@@ -0,0 +1,71 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * The SubjectKeyIdentifier object.
+ * <pre>
+ * SubjectKeyIdentifier::= OCTET STRING
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SubjectKeyIdentifier
+    extends ASN1Object
+{
+    private byte[] keyidentifier;
+
+    public static SubjectKeyIdentifier getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1OctetString.getInstance(obj, explicit));
+    }
+
+    public static SubjectKeyIdentifier getInstance(
+        Object obj)
+    {
+        if (obj instanceof SubjectKeyIdentifier)
+        {
+            return (SubjectKeyIdentifier)obj;
+        }
+        else if (obj != null)
+        {
+            return new SubjectKeyIdentifier(ASN1OctetString.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    public static SubjectKeyIdentifier fromExtensions(Extensions extensions)
+    {
+        return SubjectKeyIdentifier.getInstance(extensions.getExtensionParsedValue(Extension.subjectKeyIdentifier));
+    }
+
+    public SubjectKeyIdentifier(
+        byte[] keyid)
+    {
+        this.keyidentifier = Arrays.clone(keyid);
+    }
+
+    protected SubjectKeyIdentifier(
+        ASN1OctetString keyid)
+    {
+        this(keyid.getOctets());
+    }
+
+    public byte[] getKeyIdentifier()
+    {
+        return Arrays.clone(keyidentifier);
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        return new DEROctetString(getKeyIdentifier());
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/SubjectPublicKeyInfo.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/SubjectPublicKeyInfo.java
new file mode 100644
index 0000000..72cfbe7
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/SubjectPublicKeyInfo.java

@@ -0,0 +1,159 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.io.IOException;
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * The object that contains the public key stored in a certificate.
+ * <p>
+ * The getEncoded() method in the public keys in the JCE produces a DER
+ * encoded one of these.
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public class SubjectPublicKeyInfo
+    extends ASN1Object
+{
+    private AlgorithmIdentifier     algId;
+    private DERBitString            keyData;
+
+    public static SubjectPublicKeyInfo getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public static SubjectPublicKeyInfo getInstance(
+        Object  obj)
+    {
+        if (obj instanceof SubjectPublicKeyInfo)
+        {
+            return (SubjectPublicKeyInfo)obj;
+        }
+        else if (obj != null)
+        {
+            return new SubjectPublicKeyInfo(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    public SubjectPublicKeyInfo(
+        AlgorithmIdentifier algId,
+        ASN1Encodable       publicKey)
+        throws IOException
+    {
+        this.keyData = new DERBitString(publicKey);
+        this.algId = algId;
+    }
+
+    public SubjectPublicKeyInfo(
+        AlgorithmIdentifier algId,
+        byte[]              publicKey)
+    {
+        this.keyData = new DERBitString(publicKey);
+        this.algId = algId;
+    }
+
+    /**
+     @deprecated use SubjectPublicKeyInfo.getInstance()
+     */
+    public SubjectPublicKeyInfo(
+        ASN1Sequence  seq)
+    {
+        if (seq.size() != 2)
+        {
+            throw new IllegalArgumentException("Bad sequence size: "
+                    + seq.size());
+        }
+
+        Enumeration         e = seq.getObjects();
+
+        this.algId = AlgorithmIdentifier.getInstance(e.nextElement());
+        this.keyData = DERBitString.getInstance(e.nextElement());
+    }
+
+    public AlgorithmIdentifier getAlgorithm()
+    {
+        return algId;
+    }
+
+    /**
+     * @deprecated use getAlgorithm()
+     * @return    alg ID.
+     */
+    public AlgorithmIdentifier getAlgorithmId()
+    {
+        return algId;
+    }
+
+    /**
+     * for when the public key is an encoded object - if the bitstring
+     * can't be decoded this routine throws an IOException.
+     *
+     * @exception IOException - if the bit string doesn't represent a DER
+     * encoded object.
+     * @return the public key as an ASN.1 primitive.
+     */
+    public ASN1Primitive parsePublicKey()
+        throws IOException
+    {
+        return ASN1Primitive.fromByteArray(keyData.getOctets());
+    }
+
+    /**
+     * for when the public key is an encoded object - if the bitstring
+     * can't be decoded this routine throws an IOException.
+     *
+     * @exception IOException - if the bit string doesn't represent a DER
+     * encoded object.
+     * @deprecated use parsePublicKey
+     * @return the public key as an ASN.1 primitive.
+     */
+    public ASN1Primitive getPublicKey()
+        throws IOException
+    {
+        return ASN1Primitive.fromByteArray(keyData.getOctets());
+    }
+
+    /**
+     * for when the public key is raw bits.
+     *
+     * @return the public key as the raw bit string...
+     */
+    public DERBitString getPublicKeyData()
+    {
+        return keyData;
+    }
+
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     * <pre>
+     * SubjectPublicKeyInfo ::= SEQUENCE {
+     *                          algorithm AlgorithmIdentifier,
+     *                          publicKey BIT STRING }
+     * </pre>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        v.add(algId);
+        v.add(keyData);
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/TBSCertList.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/TBSCertList.java
new file mode 100644
index 0000000..616bc1c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/TBSCertList.java

@@ -0,0 +1,315 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.util.Enumeration;
+import java.util.NoSuchElementException;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1GeneralizedTime;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.ASN1UTCTime;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+
+/**
+ * PKIX RFC-2459 - TBSCertList object.
+ * <pre>
+ * TBSCertList  ::=  SEQUENCE  {
+ *      version                 Version OPTIONAL,
+ *                                   -- if present, shall be v2
+ *      signature               AlgorithmIdentifier,
+ *      issuer                  Name,
+ *      thisUpdate              Time,
+ *      nextUpdate              Time OPTIONAL,
+ *      revokedCertificates     SEQUENCE OF SEQUENCE  {
+ *           userCertificate         CertificateSerialNumber,
+ *           revocationDate          Time,
+ *           crlEntryExtensions      Extensions OPTIONAL
+ *                                         -- if present, shall be v2
+ *                                }  OPTIONAL,
+ *      crlExtensions           [0]  EXPLICIT Extensions OPTIONAL
+ *                                         -- if present, shall be v2
+ *                                }
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class TBSCertList
+    extends ASN1Object
+{
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class CRLEntry
+        extends ASN1Object
+    {
+        ASN1Sequence  seq;
+
+        Extensions    crlEntryExtensions;
+
+        private CRLEntry(
+            ASN1Sequence  seq)
+        {
+            if (seq.size() < 2 || seq.size() > 3)
+            {
+                throw new IllegalArgumentException("Bad sequence size: " + seq.size());
+            }
+            
+            this.seq = seq;
+        }
+
+        public static CRLEntry getInstance(Object o)
+        {
+            if (o instanceof CRLEntry)
+            {
+                return ((CRLEntry)o);
+            }
+            else if (o != null)
+            {
+                return new CRLEntry(ASN1Sequence.getInstance(o));
+            }
+
+            return null;
+        }
+
+        public ASN1Integer getUserCertificate()
+        {
+            return ASN1Integer.getInstance(seq.getObjectAt(0));
+        }
+
+        public Time getRevocationDate()
+        {
+            return Time.getInstance(seq.getObjectAt(1));
+        }
+
+        public Extensions getExtensions()
+        {
+            if (crlEntryExtensions == null && seq.size() == 3)
+            {
+                crlEntryExtensions = Extensions.getInstance(seq.getObjectAt(2));
+            }
+            
+            return crlEntryExtensions;
+        }
+
+        public ASN1Primitive toASN1Primitive()
+        {
+            return seq;
+        }
+
+        public boolean hasExtensions()
+        {
+            return seq.size() == 3;
+        }
+    }
+
+    private class RevokedCertificatesEnumeration
+        implements Enumeration
+    {
+        private final Enumeration en;
+
+        RevokedCertificatesEnumeration(Enumeration en)
+        {
+            this.en = en;
+        }
+
+        public boolean hasMoreElements()
+        {
+            return en.hasMoreElements();
+        }
+
+        public Object nextElement()
+        {
+            return CRLEntry.getInstance(en.nextElement());
+        }
+    }
+
+    private class EmptyEnumeration
+        implements Enumeration
+    {
+        public boolean hasMoreElements()
+        {
+            return false;
+        }
+
+        public Object nextElement()
+        {
+            throw new NoSuchElementException("Empty Enumeration");
+        }
+    }
+
+    ASN1Integer             version;
+    AlgorithmIdentifier     signature;
+    X500Name                issuer;
+    Time                    thisUpdate;
+    Time                    nextUpdate;
+    ASN1Sequence            revokedCertificates;
+    Extensions              crlExtensions;
+
+    public static TBSCertList getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static TBSCertList getInstance(
+        Object  obj)
+    {
+        if (obj instanceof TBSCertList)
+        {
+            return (TBSCertList)obj;
+        }
+        else if (obj != null)
+        {
+            return new TBSCertList(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    public TBSCertList(
+        ASN1Sequence  seq)
+    {
+        if (seq.size() < 3 || seq.size() > 7)
+        {
+            throw new IllegalArgumentException("Bad sequence size: " + seq.size());
+        }
+
+        int seqPos = 0;
+
+        if (seq.getObjectAt(seqPos) instanceof ASN1Integer)
+        {
+            version = ASN1Integer.getInstance(seq.getObjectAt(seqPos++));
+        }
+        else
+        {
+            version = null;  // version is optional
+        }
+
+        signature = AlgorithmIdentifier.getInstance(seq.getObjectAt(seqPos++));
+        issuer = X500Name.getInstance(seq.getObjectAt(seqPos++));
+        thisUpdate = Time.getInstance(seq.getObjectAt(seqPos++));
+
+        if (seqPos < seq.size()
+            && (seq.getObjectAt(seqPos) instanceof ASN1UTCTime
+               || seq.getObjectAt(seqPos) instanceof ASN1GeneralizedTime
+               || seq.getObjectAt(seqPos) instanceof Time))
+        {
+            nextUpdate = Time.getInstance(seq.getObjectAt(seqPos++));
+        }
+
+        if (seqPos < seq.size()
+            && !(seq.getObjectAt(seqPos) instanceof ASN1TaggedObject))
+        {
+            revokedCertificates = ASN1Sequence.getInstance(seq.getObjectAt(seqPos++));
+        }
+
+        if (seqPos < seq.size()
+            && seq.getObjectAt(seqPos) instanceof ASN1TaggedObject)
+        {
+            crlExtensions = Extensions.getInstance(ASN1Sequence.getInstance((ASN1TaggedObject)seq.getObjectAt(seqPos), true));
+        }
+    }
+
+    public int getVersionNumber()
+    {
+        if (version == null)
+        {
+            return 1;
+        }
+        return version.getValue().intValue() + 1;
+    }
+
+    public ASN1Integer getVersion()
+    {
+        return version;
+    }
+
+    public AlgorithmIdentifier getSignature()
+    {
+        return signature;
+    }
+
+    public X500Name getIssuer()
+    {
+        return issuer;
+    }
+
+    public Time getThisUpdate()
+    {
+        return thisUpdate;
+    }
+
+    public Time getNextUpdate()
+    {
+        return nextUpdate;
+    }
+
+    public CRLEntry[] getRevokedCertificates()
+    {
+        if (revokedCertificates == null)
+        {
+            return new CRLEntry[0];
+        }
+
+        CRLEntry[] entries = new CRLEntry[revokedCertificates.size()];
+
+        for (int i = 0; i < entries.length; i++)
+        {
+            entries[i] = CRLEntry.getInstance(revokedCertificates.getObjectAt(i));
+        }
+        
+        return entries;
+    }
+
+    public Enumeration getRevokedCertificateEnumeration()
+    {
+        if (revokedCertificates == null)
+        {
+            return new EmptyEnumeration();
+        }
+
+        return new RevokedCertificatesEnumeration(revokedCertificates.getObjects());
+    }
+
+    public Extensions getExtensions()
+    {
+        return crlExtensions;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        if (version != null)
+        {
+            v.add(version);
+        }
+        v.add(signature);
+        v.add(issuer);
+
+        v.add(thisUpdate);
+        if (nextUpdate != null)
+        {
+            v.add(nextUpdate);
+        }
+
+        // Add CRLEntries if they exist
+        if (revokedCertificates != null)
+        {
+            v.add(revokedCertificates);
+        }
+
+        if (crlExtensions != null)
+        {
+            v.add(new DERTaggedObject(0, crlExtensions));
+        }
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/TBSCertificate.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/TBSCertificate.java
new file mode 100644
index 0000000..74ae7f0
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/TBSCertificate.java

@@ -0,0 +1,226 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+
+/**
+ * The TBSCertificate object.
+ * <pre>
+ * TBSCertificate ::= SEQUENCE {
+ *      version          [ 0 ]  Version DEFAULT v1(0),
+ *      serialNumber            CertificateSerialNumber,
+ *      signature               AlgorithmIdentifier,
+ *      issuer                  Name,
+ *      validity                Validity,
+ *      subject                 Name,
+ *      subjectPublicKeyInfo    SubjectPublicKeyInfo,
+ *      issuerUniqueID    [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL,
+ *      subjectUniqueID   [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL,
+ *      extensions        [ 3 ] Extensions OPTIONAL
+ *      }
+ * </pre>
+ * <p>
+ * Note: issuerUniqueID and subjectUniqueID are both deprecated by the IETF. This class
+ * will parse them, but you really shouldn't be creating new ones.
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public class TBSCertificate
+    extends ASN1Object
+{
+    ASN1Sequence            seq;
+
+    ASN1Integer             version;
+    ASN1Integer             serialNumber;
+    AlgorithmIdentifier     signature;
+    X500Name                issuer;
+    Time                    startDate, endDate;
+    X500Name                subject;
+    SubjectPublicKeyInfo    subjectPublicKeyInfo;
+    DERBitString            issuerUniqueId;
+    DERBitString            subjectUniqueId;
+    Extensions              extensions;
+
+    public static TBSCertificate getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static TBSCertificate getInstance(
+        Object  obj)
+    {
+        if (obj instanceof TBSCertificate)
+        {
+            return (TBSCertificate)obj;
+        }
+        else if (obj != null)
+        {
+            return new TBSCertificate(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    private TBSCertificate(
+        ASN1Sequence seq)
+    {
+        int         seqStart = 0;
+
+        this.seq = seq;
+
+        //
+        // some certficates don't include a version number - we assume v1
+        //
+        if (seq.getObjectAt(0) instanceof ASN1TaggedObject)
+        {
+            version = ASN1Integer.getInstance((ASN1TaggedObject)seq.getObjectAt(0), true);
+        }
+        else
+        {
+            seqStart = -1;          // field 0 is missing!
+            version = new ASN1Integer(0);
+        }
+
+        boolean isV1 = false;
+        boolean isV2 = false;
+ 
+        if (version.getValue().equals(BigInteger.valueOf(0)))
+        {
+            isV1 = true;
+        }
+        else if (version.getValue().equals(BigInteger.valueOf(1)))
+        {
+            isV2 = true;
+        }
+        else if (!version.getValue().equals(BigInteger.valueOf(2)))
+        {
+            throw new IllegalArgumentException("version number not recognised");
+        }
+
+        serialNumber = ASN1Integer.getInstance(seq.getObjectAt(seqStart + 1));
+
+        signature = AlgorithmIdentifier.getInstance(seq.getObjectAt(seqStart + 2));
+        issuer = X500Name.getInstance(seq.getObjectAt(seqStart + 3));
+
+        //
+        // before and after dates
+        //
+        ASN1Sequence  dates = (ASN1Sequence)seq.getObjectAt(seqStart + 4);
+
+        startDate = Time.getInstance(dates.getObjectAt(0));
+        endDate = Time.getInstance(dates.getObjectAt(1));
+
+        subject = X500Name.getInstance(seq.getObjectAt(seqStart + 5));
+
+        //
+        // public key info.
+        //
+        subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(seq.getObjectAt(seqStart + 6));
+
+        int extras = seq.size() - (seqStart + 6) - 1;
+        if (extras != 0 && isV1)
+        {
+            throw new IllegalArgumentException("version 1 certificate contains extra data");
+        }
+        
+        while (extras > 0)
+        {
+            ASN1TaggedObject extra = (ASN1TaggedObject)seq.getObjectAt(seqStart + 6 + extras);
+
+            switch (extra.getTagNo())
+            {
+            case 1:
+                issuerUniqueId = DERBitString.getInstance(extra, false);
+                break;
+            case 2:
+                subjectUniqueId = DERBitString.getInstance(extra, false);
+                break;
+            case 3:
+                if (isV2)
+                {
+                    throw new IllegalArgumentException("version 2 certificate cannot contain extensions");
+                }
+                extensions = Extensions.getInstance(ASN1Sequence.getInstance(extra, true));
+                break;
+            default:
+                throw new IllegalArgumentException("Unknown tag encountered in structure: " + extra.getTagNo());
+            }
+            extras--;
+        }
+    }
+
+    public int getVersionNumber()
+    {
+        return version.getValue().intValue() + 1;
+    }
+
+    public ASN1Integer getVersion()
+    {
+        return version;
+    }
+
+    public ASN1Integer getSerialNumber()
+    {
+        return serialNumber;
+    }
+
+    public AlgorithmIdentifier getSignature()
+    {
+        return signature;
+    }
+
+    public X500Name getIssuer()
+    {
+        return issuer;
+    }
+
+    public Time getStartDate()
+    {
+        return startDate;
+    }
+
+    public Time getEndDate()
+    {
+        return endDate;
+    }
+
+    public X500Name getSubject()
+    {
+        return subject;
+    }
+
+    public SubjectPublicKeyInfo getSubjectPublicKeyInfo()
+    {
+        return subjectPublicKeyInfo;
+    }
+
+    public DERBitString getIssuerUniqueId()
+    {
+        return issuerUniqueId;
+    }
+
+    public DERBitString getSubjectUniqueId()
+    {
+        return subjectUniqueId;
+    }
+
+    public Extensions getExtensions()
+    {
+        return extensions;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        return seq;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/TBSCertificateStructure.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/TBSCertificateStructure.java
new file mode 100644
index 0000000..107cd1c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/TBSCertificateStructure.java

@@ -0,0 +1,197 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+
+/**
+ * The TBSCertificate object.
+ * <pre>
+ * TBSCertificate ::= SEQUENCE {
+ *      version          [ 0 ]  Version DEFAULT v1(0),
+ *      serialNumber            CertificateSerialNumber,
+ *      signature               AlgorithmIdentifier,
+ *      issuer                  Name,
+ *      validity                Validity,
+ *      subject                 Name,
+ *      subjectPublicKeyInfo    SubjectPublicKeyInfo,
+ *      issuerUniqueID    [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL,
+ *      subjectUniqueID   [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL,
+ *      extensions        [ 3 ] Extensions OPTIONAL
+ *      }
+ * </pre>
+ * <p>
+ * Note: issuerUniqueID and subjectUniqueID are both deprecated by the IETF. This class
+ * will parse them, but you really shouldn't be creating new ones.
+ * @deprecated use TBSCertificate
+ * @hide This class is not part of the Android public SDK API
+ */
+public class TBSCertificateStructure
+    extends ASN1Object
+    implements X509ObjectIdentifiers, PKCSObjectIdentifiers
+{
+    ASN1Sequence            seq;
+
+    ASN1Integer             version;
+    ASN1Integer             serialNumber;
+    AlgorithmIdentifier     signature;
+    X500Name                issuer;
+    Time                    startDate, endDate;
+    X500Name                subject;
+    SubjectPublicKeyInfo    subjectPublicKeyInfo;
+    DERBitString            issuerUniqueId;
+    DERBitString            subjectUniqueId;
+    X509Extensions          extensions;
+
+    public static TBSCertificateStructure getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static TBSCertificateStructure getInstance(
+        Object  obj)
+    {
+        if (obj instanceof TBSCertificateStructure)
+        {
+            return (TBSCertificateStructure)obj;
+        }
+        else if (obj != null)
+        {
+            return new TBSCertificateStructure(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    public TBSCertificateStructure(
+        ASN1Sequence  seq)
+    {
+        int         seqStart = 0;
+
+        this.seq = seq;
+
+        //
+        // some certficates don't include a version number - we assume v1
+        //
+        if (seq.getObjectAt(0) instanceof DERTaggedObject)
+        {
+            version = ASN1Integer.getInstance((ASN1TaggedObject)seq.getObjectAt(0), true);
+        }
+        else
+        {
+            seqStart = -1;          // field 0 is missing!
+            version = new ASN1Integer(0);
+        }
+
+        serialNumber = ASN1Integer.getInstance(seq.getObjectAt(seqStart + 1));
+
+        signature = AlgorithmIdentifier.getInstance(seq.getObjectAt(seqStart + 2));
+        issuer = X500Name.getInstance(seq.getObjectAt(seqStart + 3));
+
+        //
+        // before and after dates
+        //
+        ASN1Sequence  dates = (ASN1Sequence)seq.getObjectAt(seqStart + 4);
+
+        startDate = Time.getInstance(dates.getObjectAt(0));
+        endDate = Time.getInstance(dates.getObjectAt(1));
+
+        subject = X500Name.getInstance(seq.getObjectAt(seqStart + 5));
+
+        //
+        // public key info.
+        //
+        subjectPublicKeyInfo = SubjectPublicKeyInfo.getInstance(seq.getObjectAt(seqStart + 6));
+
+        for (int extras = seq.size() - (seqStart + 6) - 1; extras > 0; extras--)
+        {
+            DERTaggedObject extra = (DERTaggedObject)seq.getObjectAt(seqStart + 6 + extras);
+
+            switch (extra.getTagNo())
+            {
+            case 1:
+                issuerUniqueId = DERBitString.getInstance(extra, false);
+                break;
+            case 2:
+                subjectUniqueId = DERBitString.getInstance(extra, false);
+                break;
+            case 3:
+                extensions = X509Extensions.getInstance(extra);
+            }
+        }
+    }
+
+    public int getVersion()
+    {
+        return version.getValue().intValue() + 1;
+    }
+
+    public ASN1Integer getVersionNumber()
+    {
+        return version;
+    }
+
+    public ASN1Integer getSerialNumber()
+    {
+        return serialNumber;
+    }
+
+    public AlgorithmIdentifier getSignature()
+    {
+        return signature;
+    }
+
+    public X500Name getIssuer()
+    {
+        return issuer;
+    }
+
+    public Time getStartDate()
+    {
+        return startDate;
+    }
+
+    public Time getEndDate()
+    {
+        return endDate;
+    }
+
+    public X500Name getSubject()
+    {
+        return subject;
+    }
+
+    public SubjectPublicKeyInfo getSubjectPublicKeyInfo()
+    {
+        return subjectPublicKeyInfo;
+    }
+
+    public DERBitString getIssuerUniqueId()
+    {
+        return issuerUniqueId;
+    }
+
+    public DERBitString getSubjectUniqueId()
+    {
+        return subjectUniqueId;
+    }
+
+    public X509Extensions getExtensions()
+    {
+        return extensions;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        return seq;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/Time.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/Time.java
new file mode 100644
index 0000000..db488ba
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/Time.java

@@ -0,0 +1,184 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.text.ParseException;
+import java.text.SimpleDateFormat;
+// Android-added: Localization support
+import java.util.Calendar;
+import java.util.Date;
+import java.util.Locale;
+import java.util.SimpleTimeZone;
+
+import com.android.org.bouncycastle.asn1.ASN1Choice;
+import com.android.org.bouncycastle.asn1.ASN1GeneralizedTime;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.ASN1UTCTime;
+import com.android.org.bouncycastle.asn1.DERGeneralizedTime;
+import com.android.org.bouncycastle.asn1.DERUTCTime;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public class Time
+    extends ASN1Object
+    implements ASN1Choice
+{
+    ASN1Primitive time;
+
+    public static Time getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(obj.getObject()); // must be explicitly tagged
+    }
+
+    public Time(
+        ASN1Primitive   time)
+    {
+        if (!(time instanceof ASN1UTCTime)
+            && !(time instanceof ASN1GeneralizedTime))
+        {
+            throw new IllegalArgumentException("unknown object passed to Time");
+        }
+
+        this.time = time; 
+    }
+
+    /**
+     * Creates a time object from a given date - if the date is between 1950
+     * and 2049 a UTCTime object is generated, otherwise a GeneralizedTime
+     * is used.
+     *
+     * @param time a date object representing the time of interest.
+     */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public Time(
+        Date    time)
+    {
+        SimpleTimeZone      tz = new SimpleTimeZone(0, "Z");
+        // Android-changed: Use localized version
+        // SimpleDateFormat    dateF = new SimpleDateFormat("yyyyMMddHHmmss");
+        SimpleDateFormat    dateF = new SimpleDateFormat("yyyyMMddHHmmss", Locale.US);
+
+        dateF.setTimeZone(tz);
+
+        String  d = dateF.format(time) + "Z";
+        int     year = Integer.parseInt(d.substring(0, 4));
+
+        if (year < 1950 || year > 2049)
+        {
+            this.time = new DERGeneralizedTime(d);
+        }
+        else
+        {
+            this.time = new DERUTCTime(d.substring(2));
+        }
+    }
+
+    /**
+     * Creates a time object from a given date and locale - if the date is between 1950
+     * and 2049 a UTCTime object is generated, otherwise a GeneralizedTime
+     * is used. You may need to use this constructor if the default locale
+     * doesn't use a Gregorian calender so that the GeneralizedTime produced is compatible with other ASN.1 implementations.
+     *
+     * @param time a date object representing the time of interest.
+     * @param locale an appropriate Locale for producing an ASN.1 GeneralizedTime value.
+     */
+    public Time(
+        Date    time,
+        Locale locale)
+    {
+        SimpleTimeZone      tz = new SimpleTimeZone(0, "Z");
+        // BEGIN Android-changed: Use localized version
+        // SimpleDateFormat    dateF = new SimpleDateFormat("yyyyMMddHHmmss", locale);
+        SimpleDateFormat    dateF = new SimpleDateFormat("yyyyMMddHHmmss", Locale.US);
+        dateF.setCalendar(Calendar.getInstance(locale));
+        // END android-changed
+
+        dateF.setTimeZone(tz);
+
+        String  d = dateF.format(time) + "Z";
+        int     year = Integer.parseInt(d.substring(0, 4));
+
+        if (year < 1950 || year > 2049)
+        {
+            this.time = new DERGeneralizedTime(d);
+        }
+        else
+        {
+            this.time = new DERUTCTime(d.substring(2));
+        }
+    }
+
+    public static Time getInstance(
+        Object  obj)
+    {
+        if (obj == null || obj instanceof Time)
+        {
+            return (Time)obj;
+        }
+        else if (obj instanceof ASN1UTCTime)
+        {
+            return new Time((ASN1UTCTime)obj);
+        }
+        else if (obj instanceof ASN1GeneralizedTime)
+        {
+            return new Time((ASN1GeneralizedTime)obj);
+        }
+
+        throw new IllegalArgumentException("unknown object in factory: " + obj.getClass().getName());
+    }
+
+    public String getTime()
+    {
+        if (time instanceof ASN1UTCTime)
+        {
+            return ((ASN1UTCTime)time).getAdjustedTime();
+        }
+        else
+        {
+            return ((ASN1GeneralizedTime)time).getTime();
+        }
+    }
+
+    public Date getDate()
+    {
+        try
+        {
+            if (time instanceof ASN1UTCTime)
+            {
+                return ((ASN1UTCTime)time).getAdjustedDate();
+            }
+            else
+            {
+                return ((ASN1GeneralizedTime)time).getDate();
+            }
+        }
+        catch (ParseException e)
+        {         // this should never happen
+            throw new IllegalStateException("invalid date string: " + e.getMessage());
+        }
+    }
+
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     * <pre>
+     * Time ::= CHOICE {
+     *             utcTime        UTCTime,
+     *             generalTime    GeneralizedTime }
+     * </pre>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        return time;
+    }
+
+    public String toString()
+    {
+        return getTime();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/V1TBSCertificateGenerator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/V1TBSCertificateGenerator.java
new file mode 100644
index 0000000..fa780e1
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/V1TBSCertificateGenerator.java

@@ -0,0 +1,146 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1UTCTime;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+
+/**
+ * Generator for Version 1 TBSCertificateStructures.
+ * <pre>
+ * TBSCertificate ::= SEQUENCE {
+ *      version          [ 0 ]  Version DEFAULT v1(0),
+ *      serialNumber            CertificateSerialNumber,
+ *      signature               AlgorithmIdentifier,
+ *      issuer                  Name,
+ *      validity                Validity,
+ *      subject                 Name,
+ *      subjectPublicKeyInfo    SubjectPublicKeyInfo,
+ *      }
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ *
+ */
+public class V1TBSCertificateGenerator
+{
+    DERTaggedObject         version = new DERTaggedObject(true, 0, new ASN1Integer(0));
+
+    ASN1Integer              serialNumber;
+    AlgorithmIdentifier     signature;
+    X500Name                issuer;
+    Time                    startDate, endDate;
+    X500Name                subject;
+    SubjectPublicKeyInfo    subjectPublicKeyInfo;
+
+    public V1TBSCertificateGenerator()
+    {
+    }
+
+    public void setSerialNumber(
+        ASN1Integer  serialNumber)
+    {
+        this.serialNumber = serialNumber;
+    }
+
+    public void setSignature(
+        AlgorithmIdentifier    signature)
+    {
+        this.signature = signature;
+    }
+
+        /**
+     * @deprecated use X500Name method
+     */
+    public void setIssuer(
+        X509Name    issuer)
+    {
+        this.issuer = X500Name.getInstance(issuer.toASN1Primitive());
+    }
+
+    public void setIssuer(
+        X500Name issuer)
+    {
+        this.issuer = issuer;
+    }
+
+    public void setStartDate(
+        Time startDate)
+    {
+        this.startDate = startDate;
+    }
+
+    public void setStartDate(
+        ASN1UTCTime startDate)
+    {
+        this.startDate = new Time(startDate);
+    }
+
+    public void setEndDate(
+        Time endDate)
+    {
+        this.endDate = endDate;
+    }
+
+    public void setEndDate(
+        ASN1UTCTime endDate)
+    {
+        this.endDate = new Time(endDate);
+    }
+
+    /**
+     * @deprecated use X500Name method
+     */
+    public void setSubject(
+        X509Name    subject)
+    {
+        this.subject = X500Name.getInstance(subject.toASN1Primitive());
+    }
+
+    public void setSubject(
+        X500Name subject)
+    {
+        this.subject = subject;
+    }
+
+    public void setSubjectPublicKeyInfo(
+        SubjectPublicKeyInfo    pubKeyInfo)
+    {
+        this.subjectPublicKeyInfo = pubKeyInfo;
+    }
+
+    public TBSCertificate generateTBSCertificate()
+    {
+        if ((serialNumber == null) || (signature == null)
+            || (issuer == null) || (startDate == null) || (endDate == null)
+            || (subject == null) || (subjectPublicKeyInfo == null))
+        {
+            throw new IllegalStateException("not all mandatory fields set in V1 TBScertificate generator");
+        }
+
+        ASN1EncodableVector  seq = new ASN1EncodableVector();
+
+        // seq.add(version); - not required as default value.
+        seq.add(serialNumber);
+        seq.add(signature);
+        seq.add(issuer);
+
+        //
+        // before and after dates
+        //
+        ASN1EncodableVector  validity = new ASN1EncodableVector();
+
+        validity.add(startDate);
+        validity.add(endDate);
+
+        seq.add(new DERSequence(validity));
+
+        seq.add(subject);
+
+        seq.add(subjectPublicKeyInfo);
+
+        return TBSCertificate.getInstance(new DERSequence(seq));
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/V2Form.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/V2Form.java
new file mode 100644
index 0000000..a526395
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/V2Form.java

@@ -0,0 +1,161 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class V2Form
+    extends ASN1Object
+{
+    GeneralNames        issuerName;
+    IssuerSerial        baseCertificateID;
+    ObjectDigestInfo    objectDigestInfo;
+
+    public static V2Form getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static V2Form getInstance(
+        Object  obj)
+    {
+        if (obj instanceof V2Form)
+        {
+            return (V2Form)obj;
+        }
+        else if (obj != null)
+        {
+            return new V2Form(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+    
+    public V2Form(
+        GeneralNames    issuerName)
+    {
+        this(issuerName, null, null);
+    }
+
+    public V2Form(
+        GeneralNames    issuerName,
+        IssuerSerial    baseCertificateID)
+    {
+        this(issuerName, baseCertificateID, null);
+    }
+
+    public V2Form(
+        GeneralNames    issuerName,
+        ObjectDigestInfo objectDigestInfo)
+    {
+        this(issuerName, null, objectDigestInfo);
+    }
+
+    public V2Form(
+        GeneralNames    issuerName,
+        IssuerSerial    baseCertificateID,
+        ObjectDigestInfo objectDigestInfo)
+    {
+        this.issuerName = issuerName;
+        this.baseCertificateID = baseCertificateID;
+        this.objectDigestInfo = objectDigestInfo;
+    }
+
+    /**
+     * @deprecated use getInstance().
+     */
+    public V2Form(
+        ASN1Sequence seq)
+    {
+        if (seq.size() > 3)
+        {
+            throw new IllegalArgumentException("Bad sequence size: " + seq.size());
+        }
+        
+        int    index = 0;
+
+        if (!(seq.getObjectAt(0) instanceof ASN1TaggedObject))
+        {
+            index++;
+            this.issuerName = GeneralNames.getInstance(seq.getObjectAt(0));
+        }
+
+        for (int i = index; i != seq.size(); i++)
+        {
+            ASN1TaggedObject o = ASN1TaggedObject.getInstance(seq.getObjectAt(i));
+            if (o.getTagNo() == 0)
+            {
+                baseCertificateID = IssuerSerial.getInstance(o, false);
+            }
+            else if (o.getTagNo() == 1)
+            {
+                objectDigestInfo = ObjectDigestInfo.getInstance(o, false);
+            }
+            else 
+            {
+                throw new IllegalArgumentException("Bad tag number: "
+                        + o.getTagNo());
+            }
+        }
+    }
+    
+    public GeneralNames getIssuerName()
+    {
+        return issuerName;
+    }
+
+    public IssuerSerial getBaseCertificateID()
+    {
+        return baseCertificateID;
+    }
+
+    public ObjectDigestInfo getObjectDigestInfo()
+    {
+        return objectDigestInfo;
+    }
+
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     * <pre>
+     *  V2Form ::= SEQUENCE {
+     *       issuerName            GeneralNames  OPTIONAL,
+     *       baseCertificateID     [0] IssuerSerial  OPTIONAL,
+     *       objectDigestInfo      [1] ObjectDigestInfo  OPTIONAL
+     *         -- issuerName MUST be present in this profile
+     *         -- baseCertificateID and objectDigestInfo MUST NOT
+     *         -- be present in this profile
+     *  }
+     * </pre>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        if (issuerName != null)
+        {
+            v.add(issuerName);
+        }
+
+        if (baseCertificateID != null)
+        {
+            v.add(new DERTaggedObject(false, 0, baseCertificateID));
+        }
+
+        if (objectDigestInfo != null)
+        {
+            v.add(new DERTaggedObject(false, 1, objectDigestInfo));
+        }
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/V3TBSCertificateGenerator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/V3TBSCertificateGenerator.java
new file mode 100644
index 0000000..ec0888a
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/V3TBSCertificateGenerator.java

@@ -0,0 +1,233 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1UTCTime;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.DERTaggedObject;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+
+/**
+ * Generator for Version 3 TBSCertificateStructures.
+ * <pre>
+ * TBSCertificate ::= SEQUENCE {
+ *      version          [ 0 ]  Version DEFAULT v1(0),
+ *      serialNumber            CertificateSerialNumber,
+ *      signature               AlgorithmIdentifier,
+ *      issuer                  Name,
+ *      validity                Validity,
+ *      subject                 Name,
+ *      subjectPublicKeyInfo    SubjectPublicKeyInfo,
+ *      issuerUniqueID    [ 1 ] IMPLICIT UniqueIdentifier OPTIONAL,
+ *      subjectUniqueID   [ 2 ] IMPLICIT UniqueIdentifier OPTIONAL,
+ *      extensions        [ 3 ] Extensions OPTIONAL
+ *      }
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ *
+ */
+@libcore.api.CorePlatformApi
+public class V3TBSCertificateGenerator
+{
+    DERTaggedObject         version = new DERTaggedObject(true, 0, new ASN1Integer(2));
+
+    ASN1Integer              serialNumber;
+    AlgorithmIdentifier     signature;
+    X500Name                issuer;
+    Time                    startDate, endDate;
+    X500Name                subject;
+    SubjectPublicKeyInfo    subjectPublicKeyInfo;
+    Extensions              extensions;
+
+    private boolean altNamePresentAndCritical;
+    private DERBitString issuerUniqueID;
+    private DERBitString subjectUniqueID;
+
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public V3TBSCertificateGenerator()
+    {
+    }
+
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public void setSerialNumber(
+        ASN1Integer  serialNumber)
+    {
+        this.serialNumber = serialNumber;
+    }
+
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public void setSignature(
+        AlgorithmIdentifier    signature)
+    {
+        this.signature = signature;
+    }
+
+        /**
+     * @deprecated use X500Name method
+     */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public void setIssuer(
+        X509Name    issuer)
+    {
+        this.issuer = X500Name.getInstance(issuer);
+    }
+
+    public void setIssuer(
+        X500Name issuer)
+    {
+        this.issuer = issuer;
+    }
+    
+    public void setStartDate(
+        ASN1UTCTime startDate)
+    {
+        this.startDate = new Time(startDate);
+    }
+
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public void setStartDate(
+        Time startDate)
+    {
+        this.startDate = startDate;
+    }
+
+    public void setEndDate(
+        ASN1UTCTime endDate)
+    {
+        this.endDate = new Time(endDate);
+    }
+
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public void setEndDate(
+        Time endDate)
+    {
+        this.endDate = endDate;
+    }
+
+        /**
+     * @deprecated use X500Name method
+     */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public void setSubject(
+        X509Name    subject)
+    {
+        this.subject = X500Name.getInstance(subject.toASN1Primitive());
+    }
+
+    public void setSubject(
+        X500Name subject)
+    {
+        this.subject = subject;
+    }
+
+    public void setIssuerUniqueID(
+        DERBitString uniqueID)
+    {
+        this.issuerUniqueID = uniqueID;
+    }
+
+    public void setSubjectUniqueID(
+        DERBitString uniqueID)
+    {
+        this.subjectUniqueID = uniqueID;
+    }
+
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public void setSubjectPublicKeyInfo(
+        SubjectPublicKeyInfo    pubKeyInfo)
+    {
+        this.subjectPublicKeyInfo = pubKeyInfo;
+    }
+
+    /**
+     * @deprecated use method taking Extensions
+     * @param extensions
+     */
+    public void setExtensions(
+        X509Extensions    extensions)
+    {
+        setExtensions(Extensions.getInstance(extensions));
+    }
+
+    public void setExtensions(
+        Extensions    extensions)
+    {
+        this.extensions = extensions;
+        if (extensions != null)
+        {
+            Extension altName = extensions.getExtension(Extension.subjectAlternativeName);
+
+            if (altName != null && altName.isCritical())
+            {
+                altNamePresentAndCritical = true;
+            }
+        }
+    }
+
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public TBSCertificate generateTBSCertificate()
+    {
+        if ((serialNumber == null) || (signature == null)
+            || (issuer == null) || (startDate == null) || (endDate == null)
+            || (subject == null && !altNamePresentAndCritical) || (subjectPublicKeyInfo == null))
+        {
+            throw new IllegalStateException("not all mandatory fields set in V3 TBScertificate generator");
+        }
+
+        ASN1EncodableVector  v = new ASN1EncodableVector();
+
+        v.add(version);
+        v.add(serialNumber);
+        v.add(signature);
+        v.add(issuer);
+
+        //
+        // before and after dates
+        //
+        ASN1EncodableVector  validity = new ASN1EncodableVector();
+
+        validity.add(startDate);
+        validity.add(endDate);
+
+        v.add(new DERSequence(validity));
+
+        if (subject != null)
+        {
+            v.add(subject);
+        }
+        else
+        {
+            v.add(new DERSequence());
+        }
+
+        v.add(subjectPublicKeyInfo);
+
+        if (issuerUniqueID != null)
+        {
+            v.add(new DERTaggedObject(false, 1, issuerUniqueID));
+        }
+
+        if (subjectUniqueID != null)
+        {
+            v.add(new DERTaggedObject(false, 2, subjectUniqueID));
+        }
+
+        if (extensions != null)
+        {
+            v.add(new DERTaggedObject(true, 3, extensions));
+        }
+
+        return TBSCertificate.getInstance(new DERSequence(v));
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/X509CertificateStructure.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/X509CertificateStructure.java
new file mode 100644
index 0000000..658d6cc
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/X509CertificateStructure.java

@@ -0,0 +1,131 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+
+/**
+ * an X509Certificate structure.
+ * <pre>
+ *  Certificate ::= SEQUENCE {
+ *      tbsCertificate          TBSCertificate,
+ *      signatureAlgorithm      AlgorithmIdentifier,
+ *      signature               BIT STRING
+ *  }
+ * </pre>
+ * @deprecated use org.bouncycastle.asn1.x509.Certificate
+ * @hide This class is not part of the Android public SDK API
+ */
+public class X509CertificateStructure
+    extends ASN1Object
+    implements X509ObjectIdentifiers, PKCSObjectIdentifiers
+{
+    ASN1Sequence  seq;
+    TBSCertificateStructure tbsCert;
+    AlgorithmIdentifier     sigAlgId;
+    DERBitString            sig;
+
+    public static X509CertificateStructure getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static X509CertificateStructure getInstance(
+        Object  obj)
+    {
+        if (obj instanceof X509CertificateStructure)
+        {
+            return (X509CertificateStructure)obj;
+        }
+        else if (obj != null)
+        {
+            return new X509CertificateStructure(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    public X509CertificateStructure(
+        ASN1Sequence  seq)
+    {
+        this.seq = seq;
+
+        //
+        // correct x509 certficate
+        //
+        if (seq.size() == 3)
+        {
+            tbsCert = TBSCertificateStructure.getInstance(seq.getObjectAt(0));
+            sigAlgId = AlgorithmIdentifier.getInstance(seq.getObjectAt(1));
+
+            sig = DERBitString.getInstance(seq.getObjectAt(2));
+        }
+        else
+        {
+            throw new IllegalArgumentException("sequence wrong size for a certificate");
+        }
+    }
+
+    public TBSCertificateStructure getTBSCertificate()
+    {
+        return tbsCert;
+    }
+
+    public int getVersion()
+    {
+        return tbsCert.getVersion();
+    }
+
+    public ASN1Integer getSerialNumber()
+    {
+        return tbsCert.getSerialNumber();
+    }
+
+    public X500Name getIssuer()
+    {
+        return tbsCert.getIssuer();
+    }
+
+    public Time getStartDate()
+    {
+        return tbsCert.getStartDate();
+    }
+
+    public Time getEndDate()
+    {
+        return tbsCert.getEndDate();
+    }
+
+    public X500Name getSubject()
+    {
+        return tbsCert.getSubject();
+    }
+
+    public SubjectPublicKeyInfo getSubjectPublicKeyInfo()
+    {
+        return tbsCert.getSubjectPublicKeyInfo();
+    }
+
+    public AlgorithmIdentifier getSignatureAlgorithm()
+    {
+        return sigAlgId;
+    }
+
+    public DERBitString getSignature()
+    {
+        return sig;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        return seq;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/X509DefaultEntryConverter.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/X509DefaultEntryConverter.java
new file mode 100644
index 0000000..3a0d261
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/X509DefaultEntryConverter.java

@@ -0,0 +1,67 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.io.IOException;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.DERGeneralizedTime;
+import com.android.org.bouncycastle.asn1.DERIA5String;
+import com.android.org.bouncycastle.asn1.DERPrintableString;
+import com.android.org.bouncycastle.asn1.DERUTF8String;
+
+/**
+ * The default converter for X509 DN entries when going from their
+ * string value to ASN.1 strings.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class X509DefaultEntryConverter
+    extends X509NameEntryConverter
+{
+    /**
+     * Apply default coversion for the given value depending on the oid
+     * and the character range of the value.
+     * 
+     * @param oid the object identifier for the DN entry
+     * @param value the value associated with it
+     * @return the ASN.1 equivalent for the string value.
+     */
+    public ASN1Primitive getConvertedValue(
+        ASN1ObjectIdentifier  oid,
+        String               value)
+    {
+        if (value.length() != 0 && value.charAt(0) == '#')
+        {
+            try
+            {
+                return convertHexEncoded(value, 1);
+            }
+            catch (IOException e)
+            {
+                throw new RuntimeException("can't recode value for oid " + oid.getId());
+            }
+        }
+        else
+        {
+            if (value.length() != 0 && value.charAt(0) == '\\')
+            {
+                value = value.substring(1);
+            }
+            if (oid.equals(X509Name.EmailAddress) || oid.equals(X509Name.DC))
+            {
+                return new DERIA5String(value);
+            }
+            else if (oid.equals(X509Name.DATE_OF_BIRTH))  // accept time string as well as # (for compatibility)
+            {
+                return new DERGeneralizedTime(value);
+            }
+            else if (oid.equals(X509Name.C) || oid.equals(X509Name.SN) || oid.equals(X509Name.DN_QUALIFIER)
+                || oid.equals(X509Name.TELEPHONE_NUMBER))
+            {
+                 return new DERPrintableString(value);
+            }
+        }
+        
+        return new DERUTF8String(value);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/X509Extension.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/X509Extension.java
new file mode 100644
index 0000000..4139820
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/X509Extension.java

@@ -0,0 +1,251 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.io.IOException;
+
+import com.android.org.bouncycastle.asn1.ASN1Boolean;
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+
+/**
+ * an object for the elements in the X.509 V3 extension block.
+ * @deprecated use Extension
+ * @hide This class is not part of the Android public SDK API
+ */
+public class X509Extension
+{
+    /**
+     * Subject Directory Attributes
+     */
+    public static final ASN1ObjectIdentifier subjectDirectoryAttributes = new ASN1ObjectIdentifier("2.5.29.9");
+    
+    /**
+     * Subject Key Identifier 
+     */
+    public static final ASN1ObjectIdentifier subjectKeyIdentifier = new ASN1ObjectIdentifier("2.5.29.14");
+
+    /**
+     * Key Usage 
+     */
+    public static final ASN1ObjectIdentifier keyUsage = new ASN1ObjectIdentifier("2.5.29.15");
+
+    /**
+     * Private Key Usage Period 
+     */
+    public static final ASN1ObjectIdentifier privateKeyUsagePeriod = new ASN1ObjectIdentifier("2.5.29.16");
+
+    /**
+     * Subject Alternative Name 
+     */
+    public static final ASN1ObjectIdentifier subjectAlternativeName = new ASN1ObjectIdentifier("2.5.29.17");
+
+    /**
+     * Issuer Alternative Name 
+     */
+    public static final ASN1ObjectIdentifier issuerAlternativeName = new ASN1ObjectIdentifier("2.5.29.18");
+
+    /**
+     * Basic Constraints 
+     */
+    public static final ASN1ObjectIdentifier basicConstraints = new ASN1ObjectIdentifier("2.5.29.19");
+
+    /**
+     * CRL Number 
+     */
+    public static final ASN1ObjectIdentifier cRLNumber = new ASN1ObjectIdentifier("2.5.29.20");
+
+    /**
+     * Reason code 
+     */
+    public static final ASN1ObjectIdentifier reasonCode = new ASN1ObjectIdentifier("2.5.29.21");
+
+    /**
+     * Hold Instruction Code 
+     */
+    public static final ASN1ObjectIdentifier instructionCode = new ASN1ObjectIdentifier("2.5.29.23");
+
+    /**
+     * Invalidity Date 
+     */
+    public static final ASN1ObjectIdentifier invalidityDate = new ASN1ObjectIdentifier("2.5.29.24");
+
+    /**
+     * Delta CRL indicator 
+     */
+    public static final ASN1ObjectIdentifier deltaCRLIndicator = new ASN1ObjectIdentifier("2.5.29.27");
+
+    /**
+     * Issuing Distribution Point 
+     */
+    public static final ASN1ObjectIdentifier issuingDistributionPoint = new ASN1ObjectIdentifier("2.5.29.28");
+
+    /**
+     * Certificate Issuer 
+     */
+    public static final ASN1ObjectIdentifier certificateIssuer = new ASN1ObjectIdentifier("2.5.29.29");
+
+    /**
+     * Name Constraints 
+     */
+    public static final ASN1ObjectIdentifier nameConstraints = new ASN1ObjectIdentifier("2.5.29.30");
+
+    /**
+     * CRL Distribution Points 
+     */
+    public static final ASN1ObjectIdentifier cRLDistributionPoints = new ASN1ObjectIdentifier("2.5.29.31");
+
+    /**
+     * Certificate Policies 
+     */
+    public static final ASN1ObjectIdentifier certificatePolicies = new ASN1ObjectIdentifier("2.5.29.32");
+
+    /**
+     * Policy Mappings 
+     */
+    public static final ASN1ObjectIdentifier policyMappings = new ASN1ObjectIdentifier("2.5.29.33");
+
+    /**
+     * Authority Key Identifier 
+     */
+    public static final ASN1ObjectIdentifier authorityKeyIdentifier = new ASN1ObjectIdentifier("2.5.29.35");
+
+    /**
+     * Policy Constraints 
+     */
+    public static final ASN1ObjectIdentifier policyConstraints = new ASN1ObjectIdentifier("2.5.29.36");
+
+    /**
+     * Extended Key Usage 
+     */
+    public static final ASN1ObjectIdentifier extendedKeyUsage = new ASN1ObjectIdentifier("2.5.29.37");
+
+    /**
+     * Freshest CRL
+     */
+    public static final ASN1ObjectIdentifier freshestCRL = new ASN1ObjectIdentifier("2.5.29.46");
+     
+    /**
+     * Inhibit Any Policy
+     */
+    public static final ASN1ObjectIdentifier inhibitAnyPolicy = new ASN1ObjectIdentifier("2.5.29.54");
+
+    /**
+     * Authority Info Access
+     */
+    public static final ASN1ObjectIdentifier authorityInfoAccess = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.1");
+
+    /**
+     * Subject Info Access
+     */
+    public static final ASN1ObjectIdentifier subjectInfoAccess = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.11");
+    
+    /**
+     * Logo Type
+     */
+    public static final ASN1ObjectIdentifier logoType = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.12");
+
+    /**
+     * BiometricInfo
+     */
+    public static final ASN1ObjectIdentifier biometricInfo = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.2");
+    
+    /**
+     * QCStatements
+     */
+    public static final ASN1ObjectIdentifier qCStatements = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.3");
+
+    /**
+     * Audit identity extension in attribute certificates.
+     */
+    public static final ASN1ObjectIdentifier auditIdentity = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.4");
+    
+    /**
+     * NoRevAvail extension in attribute certificates.
+     */
+    public static final ASN1ObjectIdentifier noRevAvail = new ASN1ObjectIdentifier("2.5.29.56");
+
+    /**
+     * TargetInformation extension in attribute certificates.
+     */
+    public static final ASN1ObjectIdentifier targetInformation = new ASN1ObjectIdentifier("2.5.29.55");
+        
+    boolean             critical;
+    ASN1OctetString     value;
+
+    public X509Extension(
+        ASN1Boolean             critical,
+        ASN1OctetString         value)
+    {
+        this.critical = critical.isTrue();
+        this.value = value;
+    }
+
+    public X509Extension(
+        boolean                 critical,
+        ASN1OctetString         value)
+    {
+        this.critical = critical;
+        this.value = value;
+    }
+
+    public boolean isCritical()
+    {
+        return critical;
+    }
+
+    public ASN1OctetString getValue()
+    {
+        return value;
+    }
+
+    public ASN1Encodable getParsedValue()
+    {
+        return convertValueToObject(this);
+    }
+
+    public int hashCode()
+    {
+        if (this.isCritical())
+        {
+            return this.getValue().hashCode();
+        }
+
+        return ~this.getValue().hashCode();
+    }
+
+    public boolean equals(
+        Object  o)
+    {
+        if (!(o instanceof X509Extension))
+        {
+            return false;
+        }
+
+        X509Extension   other = (X509Extension)o;
+
+        return other.getValue().equals(this.getValue())
+            && (other.isCritical() == this.isCritical());
+    }
+
+    /**
+     * Convert the value of the passed in extension to an object
+     * @param ext the extension to parse
+     * @return the object the value string contains
+     * @exception IllegalArgumentException if conversion is not possible
+     */
+    public static ASN1Primitive convertValueToObject(
+        X509Extension ext)
+        throws IllegalArgumentException
+    {
+        try
+        {
+            return ASN1Primitive.fromByteArray(ext.getValue().getOctets());
+        }
+        catch (IOException e)
+        {
+            throw new IllegalArgumentException("can't convert extension: " +  e);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/X509Extensions.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/X509Extensions.java
new file mode 100644
index 0000000..4051b37
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/X509Extensions.java

@@ -0,0 +1,479 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.util.Enumeration;
+import java.util.Hashtable;
+import java.util.Vector;
+
+import com.android.org.bouncycastle.asn1.ASN1Boolean;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * @deprecated use Extensions
+ * @hide This class is not part of the Android public SDK API
+ */
+public class X509Extensions
+    extends ASN1Object
+{
+    /**
+     * Subject Directory Attributes
+     * @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier SubjectDirectoryAttributes = new ASN1ObjectIdentifier("2.5.29.9");
+    
+    /**
+     * Subject Key Identifier
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier SubjectKeyIdentifier = new ASN1ObjectIdentifier("2.5.29.14");
+
+    /**
+     * Key Usage
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier KeyUsage = new ASN1ObjectIdentifier("2.5.29.15");
+
+    /**
+     * Private Key Usage Period
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier PrivateKeyUsagePeriod = new ASN1ObjectIdentifier("2.5.29.16");
+
+    /**
+     * Subject Alternative Name
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier SubjectAlternativeName = new ASN1ObjectIdentifier("2.5.29.17");
+
+    /**
+     * Issuer Alternative Name
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier IssuerAlternativeName = new ASN1ObjectIdentifier("2.5.29.18");
+
+    /**
+     * Basic Constraints
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier BasicConstraints = new ASN1ObjectIdentifier("2.5.29.19");
+
+    /**
+     * CRL Number
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier CRLNumber = new ASN1ObjectIdentifier("2.5.29.20");
+
+    /**
+     * Reason code
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier ReasonCode = new ASN1ObjectIdentifier("2.5.29.21");
+
+    /**
+     * Hold Instruction Code
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier InstructionCode = new ASN1ObjectIdentifier("2.5.29.23");
+
+    /**
+     * Invalidity Date
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier InvalidityDate = new ASN1ObjectIdentifier("2.5.29.24");
+
+    /**
+     * Delta CRL indicator
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier DeltaCRLIndicator = new ASN1ObjectIdentifier("2.5.29.27");
+
+    /**
+     * Issuing Distribution Point
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier IssuingDistributionPoint = new ASN1ObjectIdentifier("2.5.29.28");
+
+    /**
+     * Certificate Issuer
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier CertificateIssuer = new ASN1ObjectIdentifier("2.5.29.29");
+
+    /**
+     * Name Constraints
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier NameConstraints = new ASN1ObjectIdentifier("2.5.29.30");
+
+    /**
+     * CRL Distribution Points
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier CRLDistributionPoints = new ASN1ObjectIdentifier("2.5.29.31");
+
+    /**
+     * Certificate Policies
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier CertificatePolicies = new ASN1ObjectIdentifier("2.5.29.32");
+
+    /**
+     * Policy Mappings
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier PolicyMappings = new ASN1ObjectIdentifier("2.5.29.33");
+
+    /**
+     * Authority Key Identifier
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier AuthorityKeyIdentifier = new ASN1ObjectIdentifier("2.5.29.35");
+
+    /**
+     * Policy Constraints
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier PolicyConstraints = new ASN1ObjectIdentifier("2.5.29.36");
+
+    /**
+     * Extended Key Usage
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier ExtendedKeyUsage = new ASN1ObjectIdentifier("2.5.29.37");
+
+    /**
+     * Freshest CRL
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier FreshestCRL = new ASN1ObjectIdentifier("2.5.29.46");
+     
+    /**
+     * Inhibit Any Policy
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier InhibitAnyPolicy = new ASN1ObjectIdentifier("2.5.29.54");
+
+    /**
+     * Authority Info Access
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier AuthorityInfoAccess = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.1");
+
+    /**
+     * Subject Info Access
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier SubjectInfoAccess = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.11");
+    
+    /**
+     * Logo Type
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier LogoType = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.12");
+
+    /**
+     * BiometricInfo
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier BiometricInfo = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.2");
+    
+    /**
+     * QCStatements
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier QCStatements = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.3");
+
+    /**
+     * Audit identity extension in attribute certificates.
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier AuditIdentity = new ASN1ObjectIdentifier("1.3.6.1.5.5.7.1.4");
+    
+    /**
+     * NoRevAvail extension in attribute certificates.
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier NoRevAvail = new ASN1ObjectIdentifier("2.5.29.56");
+
+    /**
+     * TargetInformation extension in attribute certificates.
+     *  @deprecated use X509Extension value.
+     */
+    public static final ASN1ObjectIdentifier TargetInformation = new ASN1ObjectIdentifier("2.5.29.55");
+    
+    private Hashtable               extensions = new Hashtable();
+    private Vector                  ordering = new Vector();
+
+    public static X509Extensions getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static X509Extensions getInstance(
+        Object  obj)
+    {
+        if (obj == null || obj instanceof X509Extensions)
+        {
+            return (X509Extensions)obj;
+        }
+
+        if (obj instanceof ASN1Sequence)
+        {
+            return new X509Extensions((ASN1Sequence)obj);
+        }
+
+        if (obj instanceof Extensions)
+        {
+            return new X509Extensions((ASN1Sequence)((Extensions)obj).toASN1Primitive());
+        }
+
+        if (obj instanceof ASN1TaggedObject)
+        {
+            return getInstance(((ASN1TaggedObject)obj).getObject());
+        }
+
+        throw new IllegalArgumentException("illegal object in getInstance: " + obj.getClass().getName());
+    }
+
+    /**
+     * Constructor from ASN1Sequence.
+     *
+     * the extensions are a list of constructed sequences, either with (OID, OctetString) or (OID, Boolean, OctetString)
+     */
+    public X509Extensions(
+        ASN1Sequence  seq)
+    {
+        Enumeration e = seq.getObjects();
+
+        while (e.hasMoreElements())
+        {
+            ASN1Sequence            s = ASN1Sequence.getInstance(e.nextElement());
+
+            if (s.size() == 3)
+            {
+                extensions.put(s.getObjectAt(0), new X509Extension(ASN1Boolean.getInstance(s.getObjectAt(1)), ASN1OctetString.getInstance(s.getObjectAt(2))));
+            }
+            else if (s.size() == 2)
+            {
+                extensions.put(s.getObjectAt(0), new X509Extension(false, ASN1OctetString.getInstance(s.getObjectAt(1))));
+            }
+            else
+            {
+                throw new IllegalArgumentException("Bad sequence size: " + s.size());
+            }
+
+            ordering.addElement(s.getObjectAt(0));
+        }
+    }
+
+    /**
+     * constructor from a table of extensions.
+     * <p>
+     * it's is assumed the table contains OID/String pairs.
+     */
+    public X509Extensions(
+        Hashtable  extensions)
+    {
+        this(null, extensions);
+    }
+
+    /**
+     * Constructor from a table of extensions with ordering.
+     * <p>
+     * It's is assumed the table contains OID/String pairs.
+     * @deprecated use Extensions
+     */
+    public X509Extensions(
+        Vector      ordering,
+        Hashtable   extensions)
+    {
+        Enumeration e;
+
+        if (ordering == null)
+        {
+            e = extensions.keys();
+        }
+        else
+        {
+            e = ordering.elements();
+        }
+
+        while (e.hasMoreElements())
+        {
+            this.ordering.addElement(ASN1ObjectIdentifier.getInstance(e.nextElement()));
+        }
+
+        e = this.ordering.elements();
+
+        while (e.hasMoreElements())
+        {
+            ASN1ObjectIdentifier     oid = ASN1ObjectIdentifier.getInstance(e.nextElement());
+            X509Extension           ext = (X509Extension)extensions.get(oid);
+
+            this.extensions.put(oid, ext);
+        }
+    }
+
+    /**
+     * Constructor from two vectors
+     * 
+     * @param objectIDs a vector of the object identifiers.
+     * @param values a vector of the extension values.
+     * @deprecated use Extensions
+     */
+    public X509Extensions(
+        Vector      objectIDs,
+        Vector      values)
+    {
+        Enumeration e = objectIDs.elements();
+
+        while (e.hasMoreElements())
+        {
+            this.ordering.addElement(e.nextElement()); 
+        }
+
+        int count = 0;
+        
+        e = this.ordering.elements();
+
+        while (e.hasMoreElements())
+        {
+            ASN1ObjectIdentifier     oid = (ASN1ObjectIdentifier)e.nextElement();
+            X509Extension           ext = (X509Extension)values.elementAt(count);
+
+            this.extensions.put(oid, ext);
+            count++;
+        }
+    }
+    
+    /**
+     * return an Enumeration of the extension field's object ids.
+     */
+    public Enumeration oids()
+    {
+        return ordering.elements();
+    }
+
+    /**
+     * return the extension represented by the object identifier
+     * passed in.
+     *
+     * @return the extension if it's present, null otherwise.
+     */
+    public X509Extension getExtension(
+        ASN1ObjectIdentifier oid)
+    {
+        return (X509Extension)extensions.get(oid);
+    }
+
+    /**
+     * <pre>
+     *     Extensions        ::=   SEQUENCE SIZE (1..MAX) OF Extension
+     *
+     *     Extension         ::=   SEQUENCE {
+     *        extnId            EXTENSION.&amp;id ({ExtensionSet}),
+     *        critical          BOOLEAN DEFAULT FALSE,
+     *        extnValue         OCTET STRING }
+     * </pre>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector     vec = new ASN1EncodableVector();
+        Enumeration             e = ordering.elements();
+
+        while (e.hasMoreElements())
+        {
+            ASN1ObjectIdentifier    oid = (ASN1ObjectIdentifier)e.nextElement();
+            X509Extension           ext = (X509Extension)extensions.get(oid);
+            ASN1EncodableVector     v = new ASN1EncodableVector();
+
+            v.add(oid);
+
+            if (ext.isCritical())
+            {
+                v.add(ASN1Boolean.TRUE);
+            }
+
+            v.add(ext.getValue());
+
+            vec.add(new DERSequence(v));
+        }
+
+        return new DERSequence(vec);
+    }
+
+    public boolean equivalent(
+        X509Extensions other)
+    {
+        if (extensions.size() != other.extensions.size())
+        {
+            return false;
+        }
+
+        Enumeration     e1 = extensions.keys();
+
+        while (e1.hasMoreElements())
+        {
+            Object  key = e1.nextElement();
+
+            if (!extensions.get(key).equals(other.extensions.get(key)))
+            {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
+    public ASN1ObjectIdentifier[] getExtensionOIDs()
+    {
+        return toOidArray(ordering);
+    }
+    
+    public ASN1ObjectIdentifier[] getNonCriticalExtensionOIDs()
+    {
+        return getExtensionOIDs(false);
+    }
+
+    public ASN1ObjectIdentifier[] getCriticalExtensionOIDs()
+    {
+        return getExtensionOIDs(true);
+    }
+
+    private ASN1ObjectIdentifier[] getExtensionOIDs(boolean isCritical)
+    {
+        Vector oidVec = new Vector();
+
+        for (int i = 0; i != ordering.size(); i++)
+        {
+            Object oid = ordering.elementAt(i);
+
+            if (((X509Extension)extensions.get(oid)).isCritical() == isCritical)
+            {
+                oidVec.addElement(oid);
+            }
+        }
+
+        return toOidArray(oidVec);
+    }
+
+    private ASN1ObjectIdentifier[] toOidArray(Vector oidVec)
+    {
+        ASN1ObjectIdentifier[] oids = new ASN1ObjectIdentifier[oidVec.size()];
+
+        for (int i = 0; i != oids.length; i++)
+        {
+            oids[i] = (ASN1ObjectIdentifier)oidVec.elementAt(i);
+        }
+        return oids;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/X509ExtensionsGenerator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/X509ExtensionsGenerator.java
new file mode 100644
index 0000000..0efa960
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/X509ExtensionsGenerator.java

@@ -0,0 +1,96 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.io.IOException;
+import java.util.Hashtable;
+import java.util.Vector;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+
+/**
+ * Generator for X.509 extensions
+ * @deprecated use org.bouncycastle.asn1.x509.ExtensionsGenerator
+ * @hide This class is not part of the Android public SDK API
+ */
+public class X509ExtensionsGenerator
+{
+    private Hashtable extensions = new Hashtable();
+    private Vector extOrdering = new Vector();
+
+    /**
+     * Reset the generator
+     */
+    public void reset()
+    {
+        extensions = new Hashtable();
+        extOrdering = new Vector();
+    }
+
+    /**
+     * Add an extension with the given oid and the passed in value to be included
+     * in the OCTET STRING associated with the extension.
+     *
+     * @param oid  OID for the extension.
+     * @param critical  true if critical, false otherwise.
+     * @param value the ASN.1 object to be included in the extension.
+     */
+    public void addExtension(
+        ASN1ObjectIdentifier oid,
+        boolean             critical,
+        ASN1Encodable       value)
+    {
+        try
+        {
+            this.addExtension(oid, critical, value.toASN1Primitive().getEncoded(ASN1Encoding.DER));
+        }
+        catch (IOException e)
+        {
+            throw new IllegalArgumentException("error encoding value: " + e);
+        }
+    }
+
+    /**
+     * Add an extension with the given oid and the passed in byte array to be wrapped in the
+     * OCTET STRING associated with the extension.
+     *
+     * @param oid OID for the extension.
+     * @param critical true if critical, false otherwise.
+     * @param value the byte array to be wrapped.
+     */
+    public void addExtension(
+        ASN1ObjectIdentifier oid,
+        boolean             critical,
+        byte[]              value)
+    {
+        if (extensions.containsKey(oid))
+        {
+            throw new IllegalArgumentException("extension " + oid + " already added");
+        }
+
+        extOrdering.addElement(oid);
+        extensions.put(oid, new X509Extension(critical, new DEROctetString(value)));
+    }
+
+    /**
+     * Return true if there are no extension present in this generator.
+     *
+     * @return true if empty, false otherwise
+     */
+    public boolean isEmpty()
+    {
+        return extOrdering.isEmpty();
+    }
+
+    /**
+     * Generate an X509Extensions object based on the current state of the generator.
+     *
+     * @return  an X09Extensions object.
+     */
+    public X509Extensions generate()
+    {
+        return new X509Extensions(extOrdering, extensions);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/X509Name.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/X509Name.java
new file mode 100644
index 0000000..c66d831
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/X509Name.java

@@ -0,0 +1,1398 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.io.IOException;
+import java.util.Enumeration;
+import java.util.Hashtable;
+import java.util.Vector;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1Set;
+import com.android.org.bouncycastle.asn1.ASN1String;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.DERSet;
+import com.android.org.bouncycastle.asn1.DERUniversalString;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+import com.android.org.bouncycastle.util.Strings;
+import com.android.org.bouncycastle.util.encoders.Hex;
+
+/**
+ * <pre>
+ *     RDNSequence ::= SEQUENCE OF RelativeDistinguishedName
+ *
+ *     RelativeDistinguishedName ::= SET SIZE (1..MAX) OF AttributeTypeAndValue
+ *
+ *     AttributeTypeAndValue ::= SEQUENCE {
+ *                                   type  OBJECT IDENTIFIER,
+ *                                   value ANY }
+ * </pre>
+ * @deprecated use org.bouncycastle.asn1.x500.X500Name.
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public class X509Name
+    extends ASN1Object
+{
+    /**
+     * country code - StringType(SIZE(2))
+     * @deprecated use a X500NameStyle
+     */
+    public static final ASN1ObjectIdentifier C = new ASN1ObjectIdentifier("2.5.4.6");
+
+    /**
+     * organization - StringType(SIZE(1..64))
+     * @deprecated use a X500NameStyle
+     */
+    @libcore.api.CorePlatformApi
+    public static final ASN1ObjectIdentifier O = new ASN1ObjectIdentifier("2.5.4.10");
+
+    /**
+     * organizational unit name - StringType(SIZE(1..64))
+     * @deprecated use a X500NameStyle
+     */
+    @libcore.api.CorePlatformApi
+    public static final ASN1ObjectIdentifier OU = new ASN1ObjectIdentifier("2.5.4.11");
+
+    /**
+     * Title
+     * @deprecated use a X500NameStyle
+     */
+    public static final ASN1ObjectIdentifier T = new ASN1ObjectIdentifier("2.5.4.12");
+
+    /**
+     * common name - StringType(SIZE(1..64))
+     * @deprecated use a X500NameStyle
+     */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public static final ASN1ObjectIdentifier CN = new ASN1ObjectIdentifier("2.5.4.3");
+
+    /**
+     * device serial number name - StringType(SIZE(1..64))
+     */
+    public static final ASN1ObjectIdentifier SN = new ASN1ObjectIdentifier("2.5.4.5");
+
+    /**
+     * street - StringType(SIZE(1..64))
+     */
+    public static final ASN1ObjectIdentifier STREET = new ASN1ObjectIdentifier("2.5.4.9");
+    
+    /**
+     * device serial number name - StringType(SIZE(1..64))
+     */
+    public static final ASN1ObjectIdentifier SERIALNUMBER = SN;
+
+    /**
+     * locality name - StringType(SIZE(1..64))
+     */
+    public static final ASN1ObjectIdentifier L = new ASN1ObjectIdentifier("2.5.4.7");
+
+    /**
+     * state, or province name - StringType(SIZE(1..64))
+     */
+    public static final ASN1ObjectIdentifier ST = new ASN1ObjectIdentifier("2.5.4.8");
+
+    /**
+     * Naming attributes of type X520name
+     */
+    public static final ASN1ObjectIdentifier SURNAME = new ASN1ObjectIdentifier("2.5.4.4");
+    public static final ASN1ObjectIdentifier GIVENNAME = new ASN1ObjectIdentifier("2.5.4.42");
+    public static final ASN1ObjectIdentifier INITIALS = new ASN1ObjectIdentifier("2.5.4.43");
+    public static final ASN1ObjectIdentifier GENERATION = new ASN1ObjectIdentifier("2.5.4.44");
+    public static final ASN1ObjectIdentifier UNIQUE_IDENTIFIER = new ASN1ObjectIdentifier("2.5.4.45");
+
+    /**
+     * businessCategory - DirectoryString(SIZE(1..128)
+     */
+    public static final ASN1ObjectIdentifier BUSINESS_CATEGORY = new ASN1ObjectIdentifier(
+                    "2.5.4.15");
+
+    /**
+     * postalCode - DirectoryString(SIZE(1..40)
+     */
+    public static final ASN1ObjectIdentifier POSTAL_CODE = new ASN1ObjectIdentifier(
+                    "2.5.4.17");
+    
+    /**
+     * dnQualifier - DirectoryString(SIZE(1..64)
+     */
+    public static final ASN1ObjectIdentifier DN_QUALIFIER = new ASN1ObjectIdentifier(
+                    "2.5.4.46");
+
+    /**
+     * RFC 3039 Pseudonym - DirectoryString(SIZE(1..64)
+     */
+    public static final ASN1ObjectIdentifier PSEUDONYM = new ASN1ObjectIdentifier(
+                    "2.5.4.65");
+
+
+    /**
+     * RFC 3039 DateOfBirth - GeneralizedTime - YYYYMMDD000000Z
+     */
+    public static final ASN1ObjectIdentifier DATE_OF_BIRTH = new ASN1ObjectIdentifier(
+                    "1.3.6.1.5.5.7.9.1");
+
+    /**
+     * RFC 3039 PlaceOfBirth - DirectoryString(SIZE(1..128)
+     */
+    public static final ASN1ObjectIdentifier PLACE_OF_BIRTH = new ASN1ObjectIdentifier(
+                    "1.3.6.1.5.5.7.9.2");
+
+    /**
+     * RFC 3039 Gender - PrintableString (SIZE(1)) -- "M", "F", "m" or "f"
+     */
+    public static final ASN1ObjectIdentifier GENDER = new ASN1ObjectIdentifier(
+                    "1.3.6.1.5.5.7.9.3");
+
+    /**
+     * RFC 3039 CountryOfCitizenship - PrintableString (SIZE (2)) -- ISO 3166
+     * codes only
+     */
+    public static final ASN1ObjectIdentifier COUNTRY_OF_CITIZENSHIP = new ASN1ObjectIdentifier(
+                    "1.3.6.1.5.5.7.9.4");
+
+    /**
+     * RFC 3039 CountryOfResidence - PrintableString (SIZE (2)) -- ISO 3166
+     * codes only
+     */
+    public static final ASN1ObjectIdentifier COUNTRY_OF_RESIDENCE = new ASN1ObjectIdentifier(
+                    "1.3.6.1.5.5.7.9.5");
+
+
+    /**
+     * ISIS-MTT NameAtBirth - DirectoryString(SIZE(1..64)
+     */
+    public static final ASN1ObjectIdentifier NAME_AT_BIRTH =  new ASN1ObjectIdentifier("1.3.36.8.3.14");
+
+    /**
+     * RFC 3039 PostalAddress - SEQUENCE SIZE (1..6) OF
+     * DirectoryString(SIZE(1..30))
+     */
+    public static final ASN1ObjectIdentifier POSTAL_ADDRESS = new ASN1ObjectIdentifier("2.5.4.16");
+
+    /**
+     * RFC 2256 dmdName
+     */
+    public static final ASN1ObjectIdentifier DMD_NAME = new ASN1ObjectIdentifier("2.5.4.54");
+
+    /**
+     * id-at-telephoneNumber
+     */
+    public static final ASN1ObjectIdentifier TELEPHONE_NUMBER = X509ObjectIdentifiers.id_at_telephoneNumber;
+
+    /**
+     * id-at-name
+     */
+    public static final ASN1ObjectIdentifier NAME = X509ObjectIdentifiers.id_at_name;
+
+    /**
+     * Email address (RSA PKCS#9 extension) - IA5String.
+     * <p>Note: if you're trying to be ultra orthodox, don't use this! It shouldn't be in here.
+     * @deprecated use a X500NameStyle
+     */
+    public static final ASN1ObjectIdentifier EmailAddress = PKCSObjectIdentifiers.pkcs_9_at_emailAddress;
+    
+    /**
+     * more from PKCS#9
+     */
+    public static final ASN1ObjectIdentifier UnstructuredName = PKCSObjectIdentifiers.pkcs_9_at_unstructuredName;
+    public static final ASN1ObjectIdentifier UnstructuredAddress = PKCSObjectIdentifiers.pkcs_9_at_unstructuredAddress;
+    
+    /**
+     * email address in Verisign certificates
+     */
+    public static final ASN1ObjectIdentifier E = EmailAddress;
+    
+    /*
+     * others...
+     */
+    public static final ASN1ObjectIdentifier DC = new ASN1ObjectIdentifier("0.9.2342.19200300.100.1.25");
+
+    /**
+     * LDAP User id.
+     */
+    public static final ASN1ObjectIdentifier UID = new ASN1ObjectIdentifier("0.9.2342.19200300.100.1.1");
+
+    /**
+     * determines whether or not strings should be processed and printed
+     * from back to front.
+     */
+    public static boolean DefaultReverse = false;
+
+    /**
+     * default look up table translating OID values into their common symbols following
+     * the convention in RFC 2253 with a few extras
+     */
+    @libcore.api.CorePlatformApi
+    public static final Hashtable DefaultSymbols = new Hashtable();
+
+    /**
+     * look up table translating OID values into their common symbols following the convention in RFC 2253
+     * 
+     */
+    public static final Hashtable RFC2253Symbols = new Hashtable();
+
+    /**
+     * look up table translating OID values into their common symbols following the convention in RFC 1779
+     * 
+     */
+    public static final Hashtable RFC1779Symbols = new Hashtable();
+
+    /**
+     * look up table translating common symbols into their OIDS.
+     */
+    public static final Hashtable DefaultLookUp = new Hashtable();
+
+    /**
+     * look up table translating OID values into their common symbols
+     * @deprecated use DefaultSymbols
+     */
+    public static final Hashtable OIDLookUp = DefaultSymbols;
+
+    /**
+     * look up table translating string values into their OIDS -
+     * @deprecated use DefaultLookUp
+     */
+    public static final Hashtable SymbolLookUp = DefaultLookUp;
+
+    // BEGIN Android-changed: Use Boolean class constants instead of Boolean constructor
+    private static final Boolean TRUE = Boolean.TRUE;
+    private static final Boolean FALSE = Boolean.FALSE;
+    // END Android-changed: Use Boolean class constants instead of Boolean constructor
+
+    static
+    {
+        DefaultSymbols.put(C, "C");
+        DefaultSymbols.put(O, "O");
+        DefaultSymbols.put(T, "T");
+        DefaultSymbols.put(OU, "OU");
+        DefaultSymbols.put(CN, "CN");
+        DefaultSymbols.put(L, "L");
+        DefaultSymbols.put(ST, "ST");
+        DefaultSymbols.put(SN, "SERIALNUMBER");
+        DefaultSymbols.put(EmailAddress, "E");
+        DefaultSymbols.put(DC, "DC");
+        DefaultSymbols.put(UID, "UID");
+        DefaultSymbols.put(STREET, "STREET");
+        DefaultSymbols.put(SURNAME, "SURNAME");
+        DefaultSymbols.put(GIVENNAME, "GIVENNAME");
+        DefaultSymbols.put(INITIALS, "INITIALS");
+        DefaultSymbols.put(GENERATION, "GENERATION");
+        DefaultSymbols.put(UnstructuredAddress, "unstructuredAddress");
+        DefaultSymbols.put(UnstructuredName, "unstructuredName");
+        DefaultSymbols.put(UNIQUE_IDENTIFIER, "UniqueIdentifier");
+        DefaultSymbols.put(DN_QUALIFIER, "DN");
+        DefaultSymbols.put(PSEUDONYM, "Pseudonym");
+        DefaultSymbols.put(POSTAL_ADDRESS, "PostalAddress");
+        DefaultSymbols.put(NAME_AT_BIRTH, "NameAtBirth");
+        DefaultSymbols.put(COUNTRY_OF_CITIZENSHIP, "CountryOfCitizenship");
+        DefaultSymbols.put(COUNTRY_OF_RESIDENCE, "CountryOfResidence");
+        DefaultSymbols.put(GENDER, "Gender");
+        DefaultSymbols.put(PLACE_OF_BIRTH, "PlaceOfBirth");
+        DefaultSymbols.put(DATE_OF_BIRTH, "DateOfBirth");
+        DefaultSymbols.put(POSTAL_CODE, "PostalCode");
+        DefaultSymbols.put(BUSINESS_CATEGORY, "BusinessCategory");
+        DefaultSymbols.put(TELEPHONE_NUMBER, "TelephoneNumber");
+        DefaultSymbols.put(NAME, "Name");
+
+        RFC2253Symbols.put(C, "C");
+        RFC2253Symbols.put(O, "O");
+        RFC2253Symbols.put(OU, "OU");
+        RFC2253Symbols.put(CN, "CN");
+        RFC2253Symbols.put(L, "L");
+        RFC2253Symbols.put(ST, "ST");
+        RFC2253Symbols.put(STREET, "STREET");
+        RFC2253Symbols.put(DC, "DC");
+        RFC2253Symbols.put(UID, "UID");
+
+        RFC1779Symbols.put(C, "C");
+        RFC1779Symbols.put(O, "O");
+        RFC1779Symbols.put(OU, "OU");
+        RFC1779Symbols.put(CN, "CN");
+        RFC1779Symbols.put(L, "L");
+        RFC1779Symbols.put(ST, "ST");
+        RFC1779Symbols.put(STREET, "STREET");
+
+        DefaultLookUp.put("c", C);
+        DefaultLookUp.put("o", O);
+        DefaultLookUp.put("t", T);
+        DefaultLookUp.put("ou", OU);
+        DefaultLookUp.put("cn", CN);
+        DefaultLookUp.put("l", L);
+        DefaultLookUp.put("st", ST);
+        DefaultLookUp.put("sn", SN);
+        DefaultLookUp.put("serialnumber", SN);
+        DefaultLookUp.put("street", STREET);
+        DefaultLookUp.put("emailaddress", E);
+        DefaultLookUp.put("dc", DC);
+        DefaultLookUp.put("e", E);
+        DefaultLookUp.put("uid", UID);
+        DefaultLookUp.put("surname", SURNAME);
+        DefaultLookUp.put("givenname", GIVENNAME);
+        DefaultLookUp.put("initials", INITIALS);
+        DefaultLookUp.put("generation", GENERATION);
+        DefaultLookUp.put("unstructuredaddress", UnstructuredAddress);
+        DefaultLookUp.put("unstructuredname", UnstructuredName);
+        DefaultLookUp.put("uniqueidentifier", UNIQUE_IDENTIFIER);
+        DefaultLookUp.put("dn", DN_QUALIFIER);
+        DefaultLookUp.put("pseudonym", PSEUDONYM);
+        DefaultLookUp.put("postaladdress", POSTAL_ADDRESS);
+        DefaultLookUp.put("nameofbirth", NAME_AT_BIRTH);
+        DefaultLookUp.put("countryofcitizenship", COUNTRY_OF_CITIZENSHIP);
+        DefaultLookUp.put("countryofresidence", COUNTRY_OF_RESIDENCE);
+        DefaultLookUp.put("gender", GENDER);
+        DefaultLookUp.put("placeofbirth", PLACE_OF_BIRTH);
+        DefaultLookUp.put("dateofbirth", DATE_OF_BIRTH);
+        DefaultLookUp.put("postalcode", POSTAL_CODE);
+        DefaultLookUp.put("businesscategory", BUSINESS_CATEGORY);
+        DefaultLookUp.put("telephonenumber", TELEPHONE_NUMBER);
+        DefaultLookUp.put("name", NAME);
+    }
+
+    private X509NameEntryConverter  converter = null;
+    private Vector                  ordering = new Vector();
+    private Vector                  values = new Vector();
+    private Vector                  added = new Vector();
+
+    private ASN1Sequence            seq;
+
+    private boolean                 isHashCodeCalculated;
+    private int                     hashCodeValue;
+
+    /**
+     * Return a X509Name based on the passed in tagged object.
+     * 
+     * @param obj tag object holding name.
+     * @param explicit true if explicitly tagged false otherwise.
+     * @return the X509Name
+     */
+    public static X509Name getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    @libcore.api.CorePlatformApi
+    public static X509Name getInstance(
+        Object  obj)
+    {
+        if (obj == null || obj instanceof X509Name)
+        {
+            return (X509Name)obj;
+        }
+        else if (obj instanceof X500Name)
+        {
+            return new X509Name(ASN1Sequence.getInstance(((X500Name)obj).toASN1Primitive()));
+        }
+        else if (obj != null)
+        {
+            return new X509Name(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    protected X509Name()
+    {
+        // constructure use by new X500 Name class
+    }
+    /**
+     * Constructor from ASN1Sequence
+     *
+     * the principal will be a list of constructed sets, each containing an (OID, String) pair.
+     * @deprecated use X500Name.getInstance()
+     */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    public X509Name(
+        ASN1Sequence  seq)
+    {
+        this.seq = seq;
+
+        Enumeration e = seq.getObjects();
+
+        while (e.hasMoreElements())
+        {
+            ASN1Set         set = ASN1Set.getInstance(((ASN1Encodable)e.nextElement()).toASN1Primitive());
+
+            for (int i = 0; i < set.size(); i++) 
+            {
+                   ASN1Sequence s = ASN1Sequence.getInstance(set.getObjectAt(i).toASN1Primitive());
+
+                   if (s.size() != 2)
+                   {
+                       throw new IllegalArgumentException("badly sized pair");
+                   }
+
+                   ordering.addElement(ASN1ObjectIdentifier.getInstance(s.getObjectAt(0)));
+                   
+                   ASN1Encodable value = s.getObjectAt(1);
+                   if (value instanceof ASN1String && !(value instanceof DERUniversalString))
+                   {
+                       String v = ((ASN1String)value).getString();
+                       if (v.length() > 0 && v.charAt(0) == '#')
+                       {
+                           values.addElement("\\" + v);
+                       }
+                       else
+                       {
+                           values.addElement(v);
+                       }
+                   }
+                   else
+                   {
+                       try
+                       {
+                           values.addElement("#" + bytesToString(Hex.encode(value.toASN1Primitive().getEncoded(ASN1Encoding.DER))));
+                       }
+                       catch (IOException e1)
+                       {
+                           throw new IllegalArgumentException("cannot encode value");
+                       }
+                   }
+                   added.addElement((i != 0) ? TRUE : FALSE);  // to allow earlier JDK compatibility
+            }
+        }
+    }
+
+    /**
+     * constructor from a table of attributes.
+     * <p>
+     * it's is assumed the table contains OID/String pairs, and the contents
+     * of the table are copied into an internal table as part of the
+     * construction process.
+     * <p>
+     * <b>Note:</b> if the name you are trying to generate should be
+     * following a specific ordering, you should use the constructor
+     * with the ordering specified below.
+     * @deprecated use an ordered constructor! The hashtable ordering is rarely correct
+     */
+    public X509Name(
+        Hashtable  attributes)
+    {
+        this(null, attributes);
+    }
+
+    /**
+     * Constructor from a table of attributes with ordering.
+     * <p>
+     * it's is assumed the table contains OID/String pairs, and the contents
+     * of the table are copied into an internal table as part of the
+     * construction process. The ordering vector should contain the OIDs
+     * in the order they are meant to be encoded or printed in toString.
+     */
+    public X509Name(
+        Vector      ordering,
+        Hashtable   attributes)
+    {
+        this(ordering, attributes, new X509DefaultEntryConverter());
+    }
+
+    /**
+     * Constructor from a table of attributes with ordering.
+     * <p>
+     * it's is assumed the table contains OID/String pairs, and the contents
+     * of the table are copied into an internal table as part of the
+     * construction process. The ordering vector should contain the OIDs
+     * in the order they are meant to be encoded or printed in toString.
+     * <p>
+     * The passed in converter will be used to convert the strings into their
+     * ASN.1 counterparts.
+     * @deprecated use X500Name, X500NameBuilder
+     */
+    public X509Name(
+        Vector                   ordering,
+        Hashtable                attributes,
+        X509NameEntryConverter   converter)
+    {
+        this.converter = converter;
+
+        if (ordering != null)
+        {
+            for (int i = 0; i != ordering.size(); i++)
+            {
+                this.ordering.addElement(ordering.elementAt(i));
+                this.added.addElement(FALSE);
+            }
+        }
+        else
+        {
+            Enumeration     e = attributes.keys();
+
+            while (e.hasMoreElements())
+            {
+                this.ordering.addElement(e.nextElement());
+                this.added.addElement(FALSE);
+            }
+        }
+
+        for (int i = 0; i != this.ordering.size(); i++)
+        {
+            ASN1ObjectIdentifier     oid = (ASN1ObjectIdentifier)this.ordering.elementAt(i);
+
+            if (attributes.get(oid) == null)
+            {
+                throw new IllegalArgumentException("No attribute for object id - " + oid.getId() + " - passed to distinguished name");
+            }
+
+            this.values.addElement(attributes.get(oid)); // copy the hash table
+        }
+    }
+
+    /**
+     * Takes two vectors one of the oids and the other of the values.
+     * @deprecated use X500Name, X500NameBuilder
+     */
+    public X509Name(
+        Vector  oids,
+        Vector  values)
+    {
+        this(oids, values, new X509DefaultEntryConverter());
+    }
+
+    /**
+     * Takes two vectors one of the oids and the other of the values.
+     * <p>
+     * The passed in converter will be used to convert the strings into their
+     * ASN.1 counterparts.
+     * @deprecated use X500Name, X500NameBuilder
+     */
+    public X509Name(
+        Vector                  oids,
+        Vector                  values,
+        X509NameEntryConverter  converter)
+    {
+        this.converter = converter;
+
+        if (oids.size() != values.size())
+        {
+            throw new IllegalArgumentException("oids vector must be same length as values.");
+        }
+
+        for (int i = 0; i < oids.size(); i++)
+        {
+            this.ordering.addElement(oids.elementAt(i));
+            this.values.addElement(values.elementAt(i));
+            this.added.addElement(FALSE);
+        }
+    }
+
+//    private Boolean isEncoded(String s)
+//    {
+//        if (s.charAt(0) == '#')
+//        {
+//            return TRUE;
+//        }
+//
+//        return FALSE;
+//    }
+
+    /**
+     * Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or
+     * some such, converting it into an ordered set of name attributes.
+     * @deprecated use X500Name, X500NameBuilder
+     */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public X509Name(
+        String  dirName)
+    {
+        this(DefaultReverse, DefaultLookUp, dirName);
+    }
+
+    /**
+     * Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or
+     * some such, converting it into an ordered set of name attributes with each
+     * string value being converted to its associated ASN.1 type using the passed
+     * in converter.
+     * @deprecated use X500Name, X500NameBuilder
+     */
+    public X509Name(
+        String                  dirName,
+        X509NameEntryConverter  converter)
+    {
+        this(DefaultReverse, DefaultLookUp, dirName, converter);
+    }
+
+    /**
+     * Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or
+     * some such, converting it into an ordered set of name attributes. If reverse
+     * is true, create the encoded version of the sequence starting from the
+     * last element in the string.
+     * @deprecated use X500Name, X500NameBuilder
+     */
+    public X509Name(
+        boolean reverse,
+        String  dirName)
+    {
+        this(reverse, DefaultLookUp, dirName);
+    }
+
+    /**
+     * Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or
+     * some such, converting it into an ordered set of name attributes with each
+     * string value being converted to its associated ASN.1 type using the passed
+     * in converter. If reverse is true the ASN.1 sequence representing the DN will
+     * be built by starting at the end of the string, rather than the start.
+     * @deprecated use X500Name, X500NameBuilder
+     */
+    public X509Name(
+        boolean                 reverse,
+        String                  dirName,
+        X509NameEntryConverter  converter)
+    {
+        this(reverse, DefaultLookUp, dirName, converter);
+    }
+
+    /**
+     * Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or
+     * some such, converting it into an ordered set of name attributes. lookUp
+     * should provide a table of lookups, indexed by lowercase only strings and
+     * yielding a ASN1ObjectIdentifier, other than that OID. and numeric oids
+     * will be processed automatically.
+     * <br>
+     * If reverse is true, create the encoded version of the sequence
+     * starting from the last element in the string.
+     * @param reverse true if we should start scanning from the end (RFC 2553).
+     * @param lookUp table of names and their oids.
+     * @param dirName the X.500 string to be parsed.
+     * @deprecated use X500Name, X500NameBuilder
+     */
+    public X509Name(
+        boolean     reverse,
+        Hashtable   lookUp,
+        String      dirName)
+    {
+        this(reverse, lookUp, dirName, new X509DefaultEntryConverter());
+    }
+
+    private ASN1ObjectIdentifier decodeOID(
+        String      name,
+        Hashtable   lookUp)
+    {
+        name = name.trim();
+        if (Strings.toUpperCase(name).startsWith("OID."))
+        {
+            return new ASN1ObjectIdentifier(name.substring(4));
+        }
+        else if (name.charAt(0) >= '0' && name.charAt(0) <= '9')
+        {
+            return new ASN1ObjectIdentifier(name);
+        }
+
+        ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)lookUp.get(Strings.toLowerCase(name));
+        if (oid == null)
+        {
+            throw new IllegalArgumentException("Unknown object id - " + name + " - passed to distinguished name");
+        }
+
+        return oid;
+    }
+
+    private String unescape(String elt)
+    {
+        if (elt.length() == 0 || (elt.indexOf('\\') < 0 && elt.indexOf('"') < 0))
+        {
+            return elt.trim();
+        }
+
+        char[] elts = elt.toCharArray();
+        boolean escaped = false;
+        boolean quoted = false;
+        StringBuffer buf = new StringBuffer(elt.length());
+        int start = 0;
+
+        // if it's an escaped hash string and not an actual encoding in string form
+        // we need to leave it escaped.
+        if (elts[0] == '\\')
+        {
+            if (elts[1] == '#')
+            {
+                start = 2;
+                buf.append("\\#");
+            }
+        }
+
+        boolean nonWhiteSpaceEncountered = false;
+        int     lastEscaped = 0;
+
+        for (int i = start; i != elts.length; i++)
+        {
+            char c = elts[i];
+
+            if (c != ' ')
+            {
+                nonWhiteSpaceEncountered = true;
+            }
+
+            if (c == '"')
+            {
+                if (!escaped)
+                {
+                    quoted = !quoted;
+                }
+                else
+                {
+                    buf.append(c);
+                }
+                escaped = false;
+            }
+            else if (c == '\\' && !(escaped || quoted))
+            {
+                escaped = true;
+                lastEscaped = buf.length();
+            }
+            else
+            {
+                if (c == ' ' && !escaped && !nonWhiteSpaceEncountered)
+                {
+                    continue;
+                }
+                buf.append(c);
+                escaped = false;
+            }
+        }
+
+        if (buf.length() > 0)
+        {
+            while (buf.charAt(buf.length() - 1) == ' ' && lastEscaped != (buf.length() - 1))
+            {
+                buf.setLength(buf.length() - 1);
+            }
+        }
+
+        return buf.toString();
+    }
+
+    /**
+     * Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or
+     * some such, converting it into an ordered set of name attributes. lookUp
+     * should provide a table of lookups, indexed by lowercase only strings and
+     * yielding a ASN1ObjectIdentifier, other than that OID. and numeric oids
+     * will be processed automatically. The passed in converter is used to convert the
+     * string values to the right of each equals sign to their ASN.1 counterparts.
+     * <br>
+     * @param reverse true if we should start scanning from the end, false otherwise.
+     * @param lookUp table of names and oids.
+     * @param dirName the string dirName
+     * @param converter the converter to convert string values into their ASN.1 equivalents
+     */
+    public X509Name(
+        boolean                 reverse,
+        Hashtable               lookUp,
+        String                  dirName,
+        X509NameEntryConverter  converter)
+    {
+        this.converter = converter;
+        X509NameTokenizer   nTok = new X509NameTokenizer(dirName);
+
+        while (nTok.hasMoreTokens())
+        {
+            String  token = nTok.nextToken();
+
+            if (token.indexOf('+') > 0)
+            {
+                X509NameTokenizer   pTok = new X509NameTokenizer(token, '+');
+
+                addEntry(lookUp, pTok.nextToken(), FALSE);
+
+                while (pTok.hasMoreTokens())
+                {
+                    addEntry(lookUp, pTok.nextToken(), TRUE);
+                }
+            }
+            else
+            {
+                addEntry(lookUp, token, FALSE);
+            }
+        }
+
+        if (reverse)
+        {
+            Vector  o = new Vector();
+            Vector  v = new Vector();
+            Vector  a = new Vector();
+
+            int count = 1;
+
+            for (int i = 0; i < this.ordering.size(); i++)
+            {
+                if (((Boolean)this.added.elementAt(i)).booleanValue())
+                {
+                    o.insertElementAt(this.ordering.elementAt(i), count);
+                    v.insertElementAt(this.values.elementAt(i), count);
+                    a.insertElementAt(this.added.elementAt(i), count);
+                    count++;
+                }
+                else
+                {
+                    o.insertElementAt(this.ordering.elementAt(i), 0);
+                    v.insertElementAt(this.values.elementAt(i), 0);
+                    a.insertElementAt(this.added.elementAt(i), 0);
+                    count = 1;
+                }
+            }
+
+            this.ordering = o;
+            this.values = v;
+            this.added = a;
+        }
+    }
+
+    private void addEntry(Hashtable lookUp, String token, Boolean isAdded)
+    {
+        X509NameTokenizer vTok;
+        String name;
+        String value;ASN1ObjectIdentifier oid;
+        vTok = new X509NameTokenizer(token, '=');
+
+        name = vTok.nextToken();
+
+        if (!vTok.hasMoreTokens())
+        {
+           throw new IllegalArgumentException("badly formatted directory string");
+        }
+
+        value = vTok.nextToken();
+
+        oid = decodeOID(name, lookUp);
+
+        this.ordering.addElement(oid);
+        this.values.addElement(unescape(value));
+        this.added.addElement(isAdded);
+    }
+
+    /**
+     * return a vector of the oids in the name, in the order they were found.
+     */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public Vector getOIDs()
+    {
+        Vector  v = new Vector();
+
+        for (int i = 0; i != ordering.size(); i++)
+        {
+            v.addElement(ordering.elementAt(i));
+        }
+
+        return v;
+    }
+
+    /**
+     * return a vector of the values found in the name, in the order they
+     * were found.
+     */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public Vector getValues()
+    {
+        Vector  v = new Vector();
+
+        for (int i = 0; i != values.size(); i++)
+        {
+            v.addElement(values.elementAt(i));
+        }
+
+        return v;
+    }
+
+    /**
+     * return a vector of the values found in the name, in the order they
+     * were found, with the DN label corresponding to passed in oid.
+     */
+    public Vector getValues(
+        ASN1ObjectIdentifier oid)
+    {
+        Vector  v = new Vector();
+
+        for (int i = 0; i != values.size(); i++)
+        {
+            if (ordering.elementAt(i).equals(oid))
+            {
+                String val = (String)values.elementAt(i);
+
+                if (val.length() > 2 && val.charAt(0) == '\\' && val.charAt(1) == '#')
+                {
+                    v.addElement(val.substring(1));
+                }
+                else
+                {
+                    v.addElement(val);
+                }
+            }
+        }
+
+        return v;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        if (seq == null)
+        {
+            ASN1EncodableVector  vec = new ASN1EncodableVector();
+            ASN1EncodableVector  sVec = new ASN1EncodableVector();
+            ASN1ObjectIdentifier  lstOid = null;
+            
+            for (int i = 0; i != ordering.size(); i++)
+            {
+                ASN1EncodableVector     v = new ASN1EncodableVector();
+                ASN1ObjectIdentifier     oid = (ASN1ObjectIdentifier)ordering.elementAt(i);
+
+                v.add(oid);
+
+                String  str = (String)values.elementAt(i);
+
+                v.add(converter.getConvertedValue(oid, str));
+ 
+                if (lstOid == null 
+                    || ((Boolean)this.added.elementAt(i)).booleanValue())
+                {
+                    sVec.add(new DERSequence(v));
+                }
+                else
+                {
+                    vec.add(new DERSet(sVec));
+                    sVec = new ASN1EncodableVector();
+                    
+                    sVec.add(new DERSequence(v));
+                }
+                
+                lstOid = oid;
+            }
+            
+            vec.add(new DERSet(sVec));
+            
+            seq = new DERSequence(vec);
+        }
+
+        return seq;
+    }
+
+    /**
+     * @param inOrder if true the order of both X509 names must be the same,
+     * as well as the values associated with each element.
+     */
+    public boolean equals(Object obj, boolean inOrder)
+    {
+        if (!inOrder)
+        {
+            return this.equals(obj);
+        }
+
+        if (obj == this)
+        {
+            return true;
+        }
+
+        if (!(obj instanceof X509Name || obj instanceof ASN1Sequence))
+        {
+            return false;
+        }
+
+        ASN1Primitive derO = ((ASN1Encodable)obj).toASN1Primitive();
+
+        if (this.toASN1Primitive().equals(derO))
+        {
+            return true;
+        }
+
+        X509Name other;
+
+        try
+        {
+            other = X509Name.getInstance(obj);
+        }
+        catch (IllegalArgumentException e)
+        {
+            return false;
+        }
+
+        int      orderingSize = ordering.size();
+
+        if (orderingSize != other.ordering.size())
+        {
+            return false;
+        }
+
+        for (int i = 0; i < orderingSize; i++)
+        {
+            ASN1ObjectIdentifier  oid = (ASN1ObjectIdentifier)ordering.elementAt(i);
+            ASN1ObjectIdentifier  oOid = (ASN1ObjectIdentifier)other.ordering.elementAt(i);
+
+            if (oid.equals(oOid))
+            {
+                String value = (String)values.elementAt(i);
+                String oValue = (String)other.values.elementAt(i);
+
+                if (!equivalentStrings(value, oValue))
+                {
+                    return false;
+                }
+            }
+            else
+            {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
+    public int hashCode()
+    {
+        if (isHashCodeCalculated)
+        {
+            return hashCodeValue;
+        }
+
+        isHashCodeCalculated = true;
+
+        // this needs to be order independent, like equals
+        for (int i = 0; i != ordering.size(); i += 1)
+        {
+            String value = (String)values.elementAt(i);
+
+            value = canonicalize(value);
+            value = stripInternalSpaces(value);
+
+            hashCodeValue ^= ordering.elementAt(i).hashCode();
+            hashCodeValue ^= value.hashCode();
+        }
+
+        return hashCodeValue;
+    }
+
+    /**
+     * test for equality - note: case is ignored.
+     */
+    public boolean equals(Object obj)
+    {
+        if (obj == this)
+        {
+            return true;
+        }
+
+        if (!(obj instanceof X509Name || obj instanceof ASN1Sequence))
+        {
+            return false;
+        }
+        
+        ASN1Primitive derO = ((ASN1Encodable)obj).toASN1Primitive();
+        
+        if (this.toASN1Primitive().equals(derO))
+        {
+            return true;
+        }
+
+        X509Name other;
+
+        try
+        {
+            other = X509Name.getInstance(obj);
+        }
+        catch (IllegalArgumentException e)
+        { 
+            return false;
+        }
+
+        int      orderingSize = ordering.size();
+
+        if (orderingSize != other.ordering.size())
+        {
+            return false;
+        }
+        
+        boolean[] indexes = new boolean[orderingSize];
+        int       start, end, delta;
+
+        if (ordering.elementAt(0).equals(other.ordering.elementAt(0)))   // guess forward
+        {
+            start = 0;
+            end = orderingSize;
+            delta = 1;
+        }
+        else  // guess reversed - most common problem
+        {
+            start = orderingSize - 1;
+            end = -1;
+            delta = -1;
+        }
+
+        for (int i = start; i != end; i += delta)
+        {
+            boolean              found = false;
+            ASN1ObjectIdentifier  oid = (ASN1ObjectIdentifier)ordering.elementAt(i);
+            String               value = (String)values.elementAt(i);
+
+            for (int j = 0; j < orderingSize; j++)
+            {
+                if (indexes[j])
+                {
+                    continue;
+                }
+
+                ASN1ObjectIdentifier oOid = (ASN1ObjectIdentifier)other.ordering.elementAt(j);
+
+                if (oid.equals(oOid))
+                {
+                    String oValue = (String)other.values.elementAt(j);
+
+                    if (equivalentStrings(value, oValue))
+                    {
+                        indexes[j] = true;
+                        found      = true;
+                        break;
+                    }
+                }
+            }
+
+            if (!found)
+            {
+                return false;
+            }
+        }
+        
+        return true;
+    }
+
+    private boolean equivalentStrings(String s1, String s2)
+    {
+        String value = canonicalize(s1);
+        String oValue = canonicalize(s2);
+        
+        if (!value.equals(oValue))
+        {
+            value = stripInternalSpaces(value);
+            oValue = stripInternalSpaces(oValue);
+
+            if (!value.equals(oValue))
+            {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
+    private String canonicalize(String s)
+    {
+        String value = Strings.toLowerCase(s.trim());
+        
+        if (value.length() > 0 && value.charAt(0) == '#')
+        {
+            ASN1Primitive obj = decodeObject(value);
+
+            if (obj instanceof ASN1String)
+            {
+                value = Strings.toLowerCase(((ASN1String)obj).getString().trim());
+            }
+        }
+
+        return value;
+    }
+
+    private ASN1Primitive decodeObject(String oValue)
+    {
+        try
+        {
+            return ASN1Primitive.fromByteArray(Hex.decode(oValue.substring(1)));
+        }
+        catch (IOException e)
+        {
+            throw new IllegalStateException("unknown encoding in name: " + e);
+        }
+    }
+
+    private String stripInternalSpaces(
+        String str)
+    {
+        StringBuffer res = new StringBuffer();
+
+        if (str.length() != 0)
+        {
+            char    c1 = str.charAt(0);
+
+            res.append(c1);
+
+            for (int k = 1; k < str.length(); k++)
+            {
+                char    c2 = str.charAt(k);
+                if (!(c1 == ' ' && c2 == ' '))
+                {
+                    res.append(c2);
+                }
+                c1 = c2;
+            }
+        }
+
+        return res.toString();
+    }
+
+    private void appendValue(
+        StringBuffer        buf,
+        Hashtable           oidSymbols,
+        ASN1ObjectIdentifier oid,
+        String              value)
+    {
+        String  sym = (String)oidSymbols.get(oid);
+
+        if (sym != null)
+        {
+            buf.append(sym);
+        }
+        else
+        {
+            buf.append(oid.getId());
+        }
+
+        buf.append('=');
+
+        int start = buf.length();
+        buf.append(value);
+        int end = buf.length();
+
+        if (value.length() >= 2 && value.charAt(0) == '\\' && value.charAt(1) == '#')
+        {
+            start += 2;
+        }
+
+        while (start < end && buf.charAt(start) == ' ')
+        {
+            buf.insert(start, "\\");
+            start += 2;
+            ++end;
+        }
+
+        while (--end > start && buf.charAt(end) == ' ')
+        {
+            buf.insert(end, '\\');
+        }
+
+        while (start <= end)
+        {
+            switch (buf.charAt(start))
+            {
+            case ',':
+            case '"':
+            case '\\':
+            case '+':
+            case '=':
+            case '<':
+            case '>':
+            case ';':
+                buf.insert(start, "\\");
+                start += 2;
+                ++end;
+                break;
+            default:
+                ++start;
+                break;
+            }
+        }
+    }
+
+    /**
+     * convert the structure to a string - if reverse is true the
+     * oids and values are listed out starting with the last element
+     * in the sequence (ala RFC 2253), otherwise the string will begin
+     * with the first element of the structure. If no string definition
+     * for the oid is found in oidSymbols the string value of the oid is
+     * added. Two standard symbol tables are provided DefaultSymbols, and
+     * RFC2253Symbols as part of this class.
+     *
+     * @param reverse if true start at the end of the sequence and work back.
+     * @param oidSymbols look up table strings for oids.
+     */
+    @libcore.api.CorePlatformApi
+    public String toString(
+        boolean     reverse,
+        Hashtable   oidSymbols)
+    {
+        StringBuffer            buf = new StringBuffer();
+        Vector                  components = new Vector();
+        boolean                 first = true;
+
+        StringBuffer ava = null;
+
+        for (int i = 0; i < ordering.size(); i++)
+        {
+            if (((Boolean)added.elementAt(i)).booleanValue())
+            {
+                ava.append('+');
+                appendValue(ava, oidSymbols,
+                    (ASN1ObjectIdentifier)ordering.elementAt(i),
+                    (String)values.elementAt(i));
+            }
+            else
+            {
+                ava = new StringBuffer();
+                appendValue(ava, oidSymbols,
+                    (ASN1ObjectIdentifier)ordering.elementAt(i),
+                    (String)values.elementAt(i));
+                components.addElement(ava);
+            }
+        }
+
+        if (reverse)
+        {
+            for (int i = components.size() - 1; i >= 0; i--)
+            {
+                if (first)
+                {
+                    first = false;
+                }
+                else
+                {
+                    buf.append(',');
+                }
+
+                buf.append(components.elementAt(i).toString());
+            }
+        }
+        else
+        {
+            for (int i = 0; i < components.size(); i++)
+            {
+                if (first)
+                {
+                    first = false;
+                }
+                else
+                {
+                    buf.append(',');
+                }
+
+                buf.append(components.elementAt(i).toString());
+            }
+        }
+
+        return buf.toString();
+    }
+
+    private String bytesToString(
+        byte[] data)
+    {
+        char[]  cs = new char[data.length];
+
+        for (int i = 0; i != cs.length; i++)
+        {
+            cs[i] = (char)(data[i] & 0xff);
+        }
+
+        return new String(cs);
+    }
+    
+    public String toString()
+    {
+        return toString(DefaultReverse, DefaultSymbols);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/X509NameEntryConverter.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/X509NameEntryConverter.java
new file mode 100644
index 0000000..913f49f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/X509NameEntryConverter.java

@@ -0,0 +1,116 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import java.io.IOException;
+
+import com.android.org.bouncycastle.asn1.ASN1InputStream;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.DERPrintableString;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * It turns out that the number of standard ways the fields in a DN should be 
+ * encoded into their ASN.1 counterparts is rapidly approaching the
+ * number of machines on the internet. By default the X509Name class 
+ * will produce UTF8Strings in line with the current recommendations (RFC 3280).
+ * <p>
+ * An example of an encoder look like below:
+ * <pre>
+ * public class X509DirEntryConverter
+ *     extends X509NameEntryConverter
+ * {
+ *     public ASN1Primitive getConvertedValue(
+ *         ASN1ObjectIdentifier  oid,
+ *         String               value)
+ *     {
+ *         if (str.length() != 0 &amp;&amp; str.charAt(0) == '#')
+ *         {
+ *             return convertHexEncoded(str, 1);
+ *         }
+ *         if (oid.equals(EmailAddress))
+ *         {
+ *             return new DERIA5String(str);
+ *         }
+ *         else if (canBePrintable(str))
+ *         {
+ *             return new DERPrintableString(str);
+ *         }
+ *         else if (canBeUTF8(str))
+ *         {
+ *             return new DERUTF8String(str);
+ *         }
+ *         else
+ *         {
+ *             return new DERBMPString(str);
+ *         }
+ *     }
+ * }
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class X509NameEntryConverter
+{
+    /**
+     * Convert an inline encoded hex string rendition of an ASN.1
+     * object back into its corresponding ASN.1 object.
+     * 
+     * @param str the hex encoded object
+     * @param off the index at which the encoding starts
+     * @return the decoded object
+     */
+    protected ASN1Primitive convertHexEncoded(
+        String  str,
+        int     off)
+        throws IOException
+    {
+        str = Strings.toLowerCase(str);
+        byte[] data = new byte[(str.length() - off) / 2];
+        for (int index = 0; index != data.length; index++)
+        {
+            char left = str.charAt((index * 2) + off);
+            char right = str.charAt((index * 2) + off + 1);
+            
+            if (left < 'a')
+            {
+                data[index] = (byte)((left - '0') << 4);
+            }
+            else
+            {
+                data[index] = (byte)((left - 'a' + 10) << 4);
+            }
+            if (right < 'a')
+            {
+                data[index] |= (byte)(right - '0');
+            }
+            else
+            {
+                data[index] |= (byte)(right - 'a' + 10);
+            }
+        }
+
+        ASN1InputStream aIn = new ASN1InputStream(data);
+                                            
+        return aIn.readObject();
+    }
+    
+    /**
+     * return true if the passed in String can be represented without
+     * loss as a PrintableString, false otherwise.
+     */
+    protected boolean canBePrintable(
+        String  str)
+    {
+        return DERPrintableString.isPrintableString(str);
+    }
+    
+    /**
+     * Convert the passed in String value into the appropriate ASN.1
+     * encoded object.
+     * 
+     * @param oid the oid associated with the value in the DN.
+     * @param value the value of the particular DN component.
+     * @return the ASN.1 equivalent for the value.
+     */
+    public abstract ASN1Primitive getConvertedValue(ASN1ObjectIdentifier oid, String value);
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/X509NameTokenizer.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/X509NameTokenizer.java
new file mode 100644
index 0000000..1c5bd57
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/X509NameTokenizer.java

@@ -0,0 +1,106 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+/**
+ * class for breaking up an X500 Name into it's component tokens, ala
+ * java.util.StringTokenizer. We need this class as some of the
+ * lightweight Java environment don't support classes like
+ * StringTokenizer.
+ * @deprecated use X500NameTokenizer
+ * @hide This class is not part of the Android public SDK API
+ */
+public class X509NameTokenizer
+{
+    private String          value;
+    private int             index;
+    private char separator;
+    private StringBuffer    buf = new StringBuffer();
+
+    public X509NameTokenizer(
+        String  oid)
+    {
+        this(oid, ',');
+    }
+    
+    public X509NameTokenizer(
+        String  oid,
+        char separator)
+    {
+        this.value = oid;
+        this.index = -1;
+        this.separator = separator;
+    }
+
+    public boolean hasMoreTokens()
+    {
+        return (index != value.length());
+    }
+
+    public String nextToken()
+    {
+        if (index == value.length())
+        {
+            return null;
+        }
+
+        int     end = index + 1;
+        boolean quoted = false;
+        boolean escaped = false;
+
+        buf.setLength(0);
+
+        while (end != value.length())
+        {
+            char    c = value.charAt(end);
+
+            if (c == '"')
+            {
+                if (!escaped)
+                {
+                    quoted = !quoted;
+                }
+                buf.append(c);
+                escaped = false;
+            }
+            else
+            {
+                if (escaped || quoted)
+                {
+                    buf.append(c);
+                    escaped = false;
+                }
+                else if (c == '\\')
+                {
+                    buf.append(c);
+                    escaped = true;
+                }
+                else if (c == separator)
+                {
+                    break;
+                }
+                else
+                {
+                    // BEGIN Android-added: Unknown reason
+                    // This was previously marked with the comment "copied from a newer version
+                    // of BouncyCastle", but I couldn't find any evidence that it ever was included
+                    // in any version of BC
+                    if (c == '#' && buf.charAt(buf.length() - 1) == '=')
+                    {
+                        buf.append('\\');
+                    }
+                    else if (c == '+' && separator != '+')
+                    {
+                        buf.append('\\');
+                    }
+                    // END Android-added: Unknown reason
+                    buf.append(c);
+                }
+            }
+            end++;
+        }
+
+        index = end;
+
+        return buf.toString();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/X509ObjectIdentifiers.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/X509ObjectIdentifiers.java
new file mode 100644
index 0000000..1054ace
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x509/X509ObjectIdentifiers.java

@@ -0,0 +1,87 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface X509ObjectIdentifiers
+{
+    
+    /** Subject RDN components: commonName = 2.5.4.3 */
+    static final ASN1ObjectIdentifier    commonName              = new ASN1ObjectIdentifier("2.5.4.3").intern();
+    /** Subject RDN components: countryName = 2.5.4.6 */
+    static final ASN1ObjectIdentifier    countryName             = new ASN1ObjectIdentifier("2.5.4.6").intern();
+    /** Subject RDN components: localityName = 2.5.4.7 */
+    static final ASN1ObjectIdentifier    localityName            = new ASN1ObjectIdentifier("2.5.4.7").intern();
+    /** Subject RDN components: stateOrProvinceName = 2.5.4.8 */
+    static final ASN1ObjectIdentifier    stateOrProvinceName     = new ASN1ObjectIdentifier("2.5.4.8").intern();
+    /** Subject RDN components: organization = 2.5.4.10 */
+    static final ASN1ObjectIdentifier    organization            = new ASN1ObjectIdentifier("2.5.4.10").intern();
+    /** Subject RDN components: organizationalUnitName = 2.5.4.11 */
+    static final ASN1ObjectIdentifier    organizationalUnitName  = new ASN1ObjectIdentifier("2.5.4.11").intern();
+
+    /** Subject RDN components: telephone_number = 2.5.4.20 */
+    static final ASN1ObjectIdentifier    id_at_telephoneNumber   = new ASN1ObjectIdentifier("2.5.4.20").intern();
+    /** Subject RDN components: name = 2.5.4.41 */
+    static final ASN1ObjectIdentifier    id_at_name              = new ASN1ObjectIdentifier("2.5.4.41").intern();
+
+    static final ASN1ObjectIdentifier    id_at_organizationIdentifier = new ASN1ObjectIdentifier("2.5.4.97").intern();
+
+    /**
+     * id-SHA1 OBJECT IDENTIFIER ::=    
+     *   {iso(1) identified-organization(3) oiw(14) secsig(3) algorithms(2) 26 }
+     * <p>
+     * OID: 1.3.14.3.2.27
+     */
+    static final ASN1ObjectIdentifier    id_SHA1                 = new ASN1ObjectIdentifier("1.3.14.3.2.26").intern();
+
+    /**
+     * ripemd160 OBJECT IDENTIFIER ::=
+     *      {iso(1) identified-organization(3) TeleTrust(36) algorithm(3) hashAlgorithm(2) RIPEMD-160(1)}
+     * <p>
+     * OID: 1.3.36.3.2.1
+     */
+    static final ASN1ObjectIdentifier    ripemd160               = new ASN1ObjectIdentifier("1.3.36.3.2.1").intern();
+
+    /**
+     * ripemd160WithRSAEncryption OBJECT IDENTIFIER ::=
+     *      {iso(1) identified-organization(3) TeleTrust(36) algorithm(3) signatureAlgorithm(3) rsaSignature(1) rsaSignatureWithripemd160(2) }
+     * <p>
+     * OID: 1.3.36.3.3.1.2
+     */
+    static final ASN1ObjectIdentifier    ripemd160WithRSAEncryption = new ASN1ObjectIdentifier("1.3.36.3.3.1.2").intern();
+
+
+    /** OID: 2.5.8.1.1  */
+    static final ASN1ObjectIdentifier    id_ea_rsa = new ASN1ObjectIdentifier("2.5.8.1.1").intern();
+    
+    /** id-pkix OID: 1.3.6.1.5.5.7
+     */
+    static final ASN1ObjectIdentifier  id_pkix = new ASN1ObjectIdentifier("1.3.6.1.5.5.7");
+
+    /**
+     * private internet extensions; OID = 1.3.6.1.5.5.7.1
+     */
+    static final ASN1ObjectIdentifier  id_pe   = id_pkix.branch("1");
+
+    /**
+     * ISO ARC for standard certificate and CRL extensions
+     * <p>
+     * OID: 2.5.29
+     */
+    static final ASN1ObjectIdentifier id_ce = new ASN1ObjectIdentifier("2.5.29");
+
+    /** id-pkix OID:         1.3.6.1.5.5.7.48  */
+    static final ASN1ObjectIdentifier  id_ad           = id_pkix.branch("48");
+    /** id-ad-caIssuers OID: 1.3.6.1.5.5.7.48.2  */
+    static final ASN1ObjectIdentifier  id_ad_caIssuers = id_ad.branch("2").intern();
+    /** id-ad-ocsp OID:      1.3.6.1.5.5.7.48.1  */
+    static final ASN1ObjectIdentifier  id_ad_ocsp      = id_ad.branch("1").intern();
+
+    /** OID for ocsp uri in AuthorityInformationAccess extension */
+    static final ASN1ObjectIdentifier ocspAccessMethod = id_ad_ocsp;
+    /** OID for crl uri in AuthorityInformationAccess extension */
+    static final ASN1ObjectIdentifier crlAccessMethod  = id_ad_caIssuers;
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/DHDomainParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/DHDomainParameters.java
new file mode 100644
index 0000000..df7689a
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/DHDomainParameters.java

@@ -0,0 +1,168 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x9;
+
+import java.math.BigInteger;
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * @deprecated use DomainParameters
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DHDomainParameters
+    extends ASN1Object
+{
+    private ASN1Integer p, g, q, j;
+    private DHValidationParms validationParms;
+
+    public static DHDomainParameters getInstance(ASN1TaggedObject obj, boolean explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static DHDomainParameters getInstance(Object obj)
+    {
+        if (obj == null || obj instanceof DHDomainParameters)
+        {
+            return (DHDomainParameters)obj;
+        }
+
+        if (obj instanceof ASN1Sequence)
+        {
+            return new DHDomainParameters((ASN1Sequence)obj);
+        }
+
+        throw new IllegalArgumentException("Invalid DHDomainParameters: "
+            + obj.getClass().getName());
+    }
+
+    public DHDomainParameters(BigInteger p, BigInteger g, BigInteger q, BigInteger j,
+        DHValidationParms validationParms)
+    {
+        if (p == null)
+        {
+            throw new IllegalArgumentException("'p' cannot be null");
+        }
+        if (g == null)
+        {
+            throw new IllegalArgumentException("'g' cannot be null");
+        }
+        if (q == null)
+        {
+            throw new IllegalArgumentException("'q' cannot be null");
+        }
+
+        this.p = new ASN1Integer(p);
+        this.g = new ASN1Integer(g);
+        this.q = new ASN1Integer(q);
+        this.j = new ASN1Integer(j);
+        this.validationParms = validationParms;
+    }
+
+    public DHDomainParameters(ASN1Integer p, ASN1Integer g, ASN1Integer q, ASN1Integer j,
+        DHValidationParms validationParms)
+    {
+        if (p == null)
+        {
+            throw new IllegalArgumentException("'p' cannot be null");
+        }
+        if (g == null)
+        {
+            throw new IllegalArgumentException("'g' cannot be null");
+        }
+        if (q == null)
+        {
+            throw new IllegalArgumentException("'q' cannot be null");
+        }
+
+        this.p = p;
+        this.g = g;
+        this.q = q;
+        this.j = j;
+        this.validationParms = validationParms;
+    }
+
+    private DHDomainParameters(ASN1Sequence seq)
+    {
+        if (seq.size() < 3 || seq.size() > 5)
+        {
+            throw new IllegalArgumentException("Bad sequence size: " + seq.size());
+        }
+
+        Enumeration e = seq.getObjects();
+        this.p = ASN1Integer.getInstance(e.nextElement());
+        this.g = ASN1Integer.getInstance(e.nextElement());
+        this.q = ASN1Integer.getInstance(e.nextElement());
+
+        ASN1Encodable next = getNext(e);
+
+        if (next != null && next instanceof ASN1Integer)
+        {
+            this.j = ASN1Integer.getInstance(next);
+            next = getNext(e);
+        }
+
+        if (next != null)
+        {
+            this.validationParms = DHValidationParms.getInstance(next.toASN1Primitive());
+        }
+    }
+
+    private static ASN1Encodable getNext(Enumeration e)
+    {
+        return e.hasMoreElements() ? (ASN1Encodable)e.nextElement() : null;
+    }
+
+    public ASN1Integer getP()
+    {
+        return this.p;
+    }
+
+    public ASN1Integer getG()
+    {
+        return this.g;
+    }
+
+    public ASN1Integer getQ()
+    {
+        return this.q;
+    }
+
+    public ASN1Integer getJ()
+    {
+        return this.j;
+    }
+
+    public DHValidationParms getValidationParms()
+    {
+        return this.validationParms;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+        v.add(this.p);
+        v.add(this.g);
+        v.add(this.q);
+
+        if (this.j != null)
+        {
+            v.add(this.j);
+        }
+
+        if (this.validationParms != null)
+        {
+            v.add(this.validationParms);
+        }
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/DHPublicKey.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/DHPublicKey.java
new file mode 100644
index 0000000..5de197c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/DHPublicKey.java

@@ -0,0 +1,100 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x9;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+
+/**
+ * X9.42 definition of a DHPublicKey
+ * <pre>
+ *     DHPublicKey ::= INTEGER
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DHPublicKey
+    extends ASN1Object
+{
+    private ASN1Integer y;
+
+    /**
+     * Return a DHPublicKey from the passed in tagged object.
+     *
+     * @param obj a tagged object.
+     * @param explicit true if the contents of the object is explictly tagged, false otherwise.
+     * @return a DHPublicKey
+     */
+    public static DHPublicKey getInstance(ASN1TaggedObject obj, boolean explicit)
+    {
+        return getInstance(ASN1Integer.getInstance(obj, explicit));
+    }
+
+    /**
+     * Return a DHPublicKey from the passed in object.
+     *
+     * @param obj an object for conversion or a byte[].
+     * @return a DHPublicKey
+     */
+    public static DHPublicKey getInstance(Object obj)
+    {
+        if (obj == null || obj instanceof DHPublicKey)
+        {
+            return (DHPublicKey)obj;
+        }
+
+        if (obj instanceof ASN1Integer)
+        {
+            return new DHPublicKey((ASN1Integer)obj);
+        }
+
+        throw new IllegalArgumentException("Invalid DHPublicKey: " + obj.getClass().getName());
+    }
+
+    private DHPublicKey(ASN1Integer y)
+    {
+        if (y == null)
+        {
+            throw new IllegalArgumentException("'y' cannot be null");
+        }
+
+        this.y = y;
+    }
+
+    /**
+     * Base constructor.
+     *
+     * @param y the public value Y.
+     */
+    public DHPublicKey(BigInteger y)
+    {
+        if (y == null)
+        {
+            throw new IllegalArgumentException("'y' cannot be null");
+        }
+
+        this.y = new ASN1Integer(y);
+    }
+
+    /**
+     * Return the public value Y for the key.
+     *
+     * @return the Y value.
+     */
+    public BigInteger getY()
+    {
+        return this.y.getPositiveValue();
+    }
+
+    /**
+     * Return an ASN.1 primitive representation of this object.
+     *
+     * @return an ASN1Integer.
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        return this.y;
+    }
+}
\ No newline at end of file

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/DHValidationParms.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/DHValidationParms.java
new file mode 100644
index 0000000..6ee0aaa
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/DHValidationParms.java

@@ -0,0 +1,84 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x9;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * @deprecated use ValidationParams
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DHValidationParms extends ASN1Object
+{
+    private DERBitString seed;
+    private ASN1Integer pgenCounter;
+
+    public static DHValidationParms getInstance(ASN1TaggedObject obj, boolean explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static DHValidationParms getInstance(Object obj)
+    {
+        if (obj instanceof DHValidationParms)
+        {
+            return (DHValidationParms)obj;
+        }
+        else if (obj != null)
+        {
+            return new DHValidationParms(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    public DHValidationParms(DERBitString seed, ASN1Integer pgenCounter)
+    {
+        if (seed == null)
+        {
+            throw new IllegalArgumentException("'seed' cannot be null");
+        }
+        if (pgenCounter == null)
+        {
+            throw new IllegalArgumentException("'pgenCounter' cannot be null");
+        }
+
+        this.seed = seed;
+        this.pgenCounter = pgenCounter;
+    }
+
+    private DHValidationParms(ASN1Sequence seq)
+    {
+        if (seq.size() != 2)
+        {
+            throw new IllegalArgumentException("Bad sequence size: " + seq.size());
+        }
+
+        this.seed = DERBitString.getInstance(seq.getObjectAt(0));
+        this.pgenCounter = ASN1Integer.getInstance(seq.getObjectAt(1));
+    }
+
+    public DERBitString getSeed()
+    {
+        return this.seed;
+    }
+
+    public ASN1Integer getPgenCounter()
+    {
+        return this.pgenCounter;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+        v.add(this.seed);
+        v.add(this.pgenCounter);
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/DomainParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/DomainParameters.java
new file mode 100644
index 0000000..9fcc193
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/DomainParameters.java

@@ -0,0 +1,225 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x9;
+
+import java.math.BigInteger;
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * X9.44 Diffie-Hellman domain parameters.
+ * <pre>
+ *    DomainParameters ::= SEQUENCE {
+ *       p                INTEGER,           -- odd prime, p=jq +1
+ *       g                INTEGER,           -- generator, g
+ *       q                INTEGER,           -- factor of p-1
+ *       j                INTEGER OPTIONAL,  -- subgroup factor, j &gt;= 2
+ *       validationParams  ValidationParams OPTIONAL
+ *    }
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DomainParameters
+    extends ASN1Object
+{
+    private final ASN1Integer p, g, q, j;
+    private final ValidationParams validationParams;
+
+    /**
+     * Return a DomainParameters object from the passed in tagged object.
+     *
+     * @param obj a tagged object.
+     * @param explicit true if the contents of the object is explictly tagged, false otherwise.
+     * @return a DomainParameters
+     */
+    public static DomainParameters getInstance(ASN1TaggedObject obj, boolean explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    /**
+     * Return a DomainParameters object from the passed in object.
+     *
+     * @param obj an object for conversion or a byte[].
+     * @return a DomainParameters
+     */
+    public static DomainParameters getInstance(Object obj)
+    {
+        if (obj instanceof DomainParameters)
+        {
+            return (DomainParameters)obj;
+        }
+        else if (obj != null)
+        {
+            return new DomainParameters(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    /**
+     * Base constructor - the full domain parameter set.
+     *
+     * @param p the prime p defining the Galois field.
+     * @param g the generator of the multiplicative subgroup of order g.
+     * @param q specifies the prime factor of p - 1
+     * @param j optionally specifies the value that satisfies the equation p = jq+1
+     * @param validationParams parameters for validating these domain parameters.
+     */
+    public DomainParameters(BigInteger p, BigInteger g, BigInteger q, BigInteger j,
+                            ValidationParams validationParams)
+    {
+        if (p == null)
+        {
+            throw new IllegalArgumentException("'p' cannot be null");
+        }
+        if (g == null)
+        {
+            throw new IllegalArgumentException("'g' cannot be null");
+        }
+        if (q == null)
+        {
+            throw new IllegalArgumentException("'q' cannot be null");
+        }
+
+        this.p = new ASN1Integer(p);
+        this.g = new ASN1Integer(g);
+        this.q = new ASN1Integer(q);
+
+        if (j != null)
+        {
+            this.j = new ASN1Integer(j);
+        }
+        else
+        {
+            this.j = null;
+        }
+        this.validationParams = validationParams;
+    }
+
+    private DomainParameters(ASN1Sequence seq)
+    {
+        if (seq.size() < 3 || seq.size() > 5)
+        {
+            throw new IllegalArgumentException("Bad sequence size: " + seq.size());
+        }
+
+        Enumeration e = seq.getObjects();
+        this.p = ASN1Integer.getInstance(e.nextElement());
+        this.g = ASN1Integer.getInstance(e.nextElement());
+        this.q = ASN1Integer.getInstance(e.nextElement());
+
+        ASN1Encodable next = getNext(e);
+
+        if (next != null && next instanceof ASN1Integer)
+        {
+            this.j = ASN1Integer.getInstance(next);
+            next = getNext(e);
+        }
+        else
+        {
+            this.j = null;
+        }
+
+        if (next != null)
+        {
+            this.validationParams = ValidationParams.getInstance(next.toASN1Primitive());
+        }
+        else
+        {
+            this.validationParams = null;
+        }
+    }
+
+    private static ASN1Encodable getNext(Enumeration e)
+    {
+        return e.hasMoreElements() ? (ASN1Encodable)e.nextElement() : null;
+    }
+
+    /**
+     * Return the prime p defining the Galois field.
+     *
+     * @return the prime p.
+     */
+    public BigInteger getP()
+    {
+        return this.p.getPositiveValue();
+    }
+
+    /**
+     * Return the generator of the multiplicative subgroup of order g.
+     *
+     * @return the generator g.
+     */
+    public BigInteger getG()
+    {
+        return this.g.getPositiveValue();
+    }
+
+    /**
+     * Return q, the prime factor of p - 1
+     *
+     * @return q value
+     */
+    public BigInteger getQ()
+    {
+        return this.q.getPositiveValue();
+    }
+
+    /**
+     * Return the value that satisfies the equation p = jq+1 (if present).
+     *
+     * @return j value or null.
+     */
+    public BigInteger getJ()
+    {
+        if (this.j == null)
+        {
+            return null;
+        }
+
+        return this.j.getPositiveValue();
+    }
+
+    /**
+     * Return the validation parameters for this set (if present).
+     *
+     * @return validation parameters, or null if absent.
+     */
+    public ValidationParams getValidationParams()
+    {
+        return this.validationParams;
+    }
+
+    /**
+     * Return an ASN.1 primitive representation of this object.
+     *
+     * @return a DERSequence containing the parameter values.
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+        v.add(this.p);
+        v.add(this.g);
+        v.add(this.q);
+
+        if (this.j != null)
+        {
+            v.add(this.j);
+        }
+
+        if (this.validationParams != null)
+        {
+            v.add(this.validationParams);
+        }
+
+        return new DERSequence(v);
+    }
+}
\ No newline at end of file

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/ECNamedCurveTable.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/ECNamedCurveTable.java
new file mode 100644
index 0000000..6e394d6
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/ECNamedCurveTable.java

@@ -0,0 +1,258 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x9;
+
+import java.util.Enumeration;
+import java.util.Vector;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+// Android-removed: Unsupported curves
+// import org.bouncycastle.asn1.anssi.ANSSINamedCurves;
+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
+// import org.bouncycastle.asn1.gm.GMNamedCurves;
+import com.android.org.bouncycastle.asn1.nist.NISTNamedCurves;
+import com.android.org.bouncycastle.asn1.sec.SECNamedCurves;
+// Android-removed: Unsupported curves
+// import org.bouncycastle.asn1.teletrust.TeleTrusTNamedCurves;
+import com.android.org.bouncycastle.crypto.ec.CustomNamedCurves;
+import com.android.org.bouncycastle.crypto.params.ECDomainParameters;
+
+/**
+ * A general class that reads all X9.62 style EC curve tables.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ECNamedCurveTable
+{
+    /**
+     * return a X9ECParameters object representing the passed in named
+     * curve. The routine returns null if the curve is not present.
+     *
+     * @param name the name of the curve requested
+     * @return an X9ECParameters object or null if the curve is not available.
+     */
+    public static X9ECParameters getByName(
+        String name)
+    {
+        X9ECParameters ecP = X962NamedCurves.getByName(name);
+
+        if (ecP == null)
+        {
+            ecP = SECNamedCurves.getByName(name);
+        }
+
+        if (ecP == null)
+        {
+            ecP = NISTNamedCurves.getByName(name);
+        }
+
+        // BEGIN Android-removed: Unsupported curves
+        /*
+        if (ecP == null)
+        {
+            ecP = TeleTrusTNamedCurves.getByName(name);
+        }
+
+        if (ecP == null)
+        {
+            ecP = ANSSINamedCurves.getByName(name);
+        }
+
+        if (ecP == null)
+        {
+            ecP = fromDomainParameters(ECGOST3410NamedCurves.getByName(name));
+        }
+
+        if (ecP == null)
+        {
+            ecP = GMNamedCurves.getByName(name);
+        }
+        */
+        // END Android-removed: Unsupported curves
+
+        return ecP;
+    }
+
+    /**
+     * return the object identifier signified by the passed in name. Null
+     * if there is no object identifier associated with name.
+     *
+     * @return the object identifier associated with name, if present.
+     */
+    public static ASN1ObjectIdentifier getOID(
+        String name)
+    {
+        ASN1ObjectIdentifier oid = X962NamedCurves.getOID(name);
+
+        if (oid == null)
+        {
+            oid = SECNamedCurves.getOID(name);
+        }
+
+        if (oid == null)
+        {
+            oid = NISTNamedCurves.getOID(name);
+        }
+
+        // BEGIN Android-removed: Unsupported curves
+        /*
+        if (oid == null)
+        {
+            oid = TeleTrusTNamedCurves.getOID(name);
+        }
+
+        if (oid == null)
+        {
+            oid = ANSSINamedCurves.getOID(name);
+        }
+
+        if (oid == null)
+        {
+            oid = ECGOST3410NamedCurves.getOID(name);
+        }
+
+        if (oid == null)
+        {
+            oid = GMNamedCurves.getOID(name);
+        }
+        */
+        // END Android-removed: Unsupported curves
+
+        return oid;
+    }
+
+    /**
+     * return a X9ECParameters object representing the passed in named
+     * curve.
+     *
+     * @param oid the object id of the curve requested
+     * @return a standard name for the curve.
+     */
+    public static String getName(
+        ASN1ObjectIdentifier oid)
+    {
+        String name = X962NamedCurves.getName(oid);
+
+        if (name == null)
+        {
+            name = SECNamedCurves.getName(oid);
+        }
+
+        if (name == null)
+        {
+            name = NISTNamedCurves.getName(oid);
+        }
+
+        // BEGIN Android-removed: Unsupported curves
+        /*
+        if (name == null)
+        {
+            name = TeleTrusTNamedCurves.getName(oid);
+        }
+
+        if (name == null)
+        {
+            name = ANSSINamedCurves.getName(oid);
+        }
+
+        if (name == null)
+        {
+            name = ECGOST3410NamedCurves.getName(oid);
+        }
+
+        if (name == null)
+        {
+            name = GMNamedCurves.getName(oid);
+        }
+
+        if (name == null)
+        {
+            name = CustomNamedCurves.getName(oid);
+        }
+        */
+        // END Android-removed: Unsupported curves
+
+        return name;
+    }
+
+    /**
+     * return a X9ECParameters object representing the passed in named
+     * curve.
+     *
+     * @param oid the object id of the curve requested
+     * @return an X9ECParameters object or null if the curve is not available.
+     */
+    public static X9ECParameters getByOID(
+        ASN1ObjectIdentifier oid)
+    {
+        X9ECParameters ecP = X962NamedCurves.getByOID(oid);
+
+        if (ecP == null)
+        {
+            ecP = SECNamedCurves.getByOID(oid);
+        }
+
+        // NOTE: All the NIST curves are currently from SEC, so no point in redundant OID lookup
+
+        // BEGIN Android-removed: Unsupported curves
+        /*
+        if (ecP == null)
+        {
+            ecP = TeleTrusTNamedCurves.getByOID(oid);
+        }
+
+        if (ecP == null)
+        {
+            ecP = ANSSINamedCurves.getByOID(oid);
+        }
+
+        if (ecP == null)
+        {
+            ecP = fromDomainParameters(ECGOST3410NamedCurves.getByOID(oid));
+        }
+
+        if (ecP == null)
+        {
+            ecP = GMNamedCurves.getByOID(oid);
+        }
+        */
+        // END Android-removed: Unsupported curves
+
+        return ecP;
+    }
+
+    /**
+     * return an enumeration of the names of the available curves.
+     *
+     * @return an enumeration of the names of the available curves.
+     */
+    public static Enumeration getNames()
+    {
+        Vector v = new Vector();
+
+        addEnumeration(v, X962NamedCurves.getNames());
+        addEnumeration(v, SECNamedCurves.getNames());
+        addEnumeration(v, NISTNamedCurves.getNames());
+        // BEGIN Android-removed: Unsupported curves
+        // addEnumeration(v, TeleTrusTNamedCurves.getNames());
+        // addEnumeration(v, ANSSINamedCurves.getNames());
+        // addEnumeration(v, ECGOST3410NamedCurves.getNames());
+        // addEnumeration(v, GMNamedCurves.getNames());
+        // END Android-removed: Unsupported curves
+
+        return v.elements();
+    }
+
+    private static void addEnumeration(
+        Vector v,
+        Enumeration e)
+    {
+        while (e.hasMoreElements())
+        {
+            v.addElement(e.nextElement());
+        }
+    }
+
+    private static X9ECParameters fromDomainParameters(ECDomainParameters dp)
+    {
+        return dp == null ? null : new X9ECParameters(dp.getCurve(), dp.getG(), dp.getN(), dp.getH(), dp.getSeed());
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/ValidationParams.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/ValidationParams.java
new file mode 100644
index 0000000..5f47e5a
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/ValidationParams.java

@@ -0,0 +1,104 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x9;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * Diffie-Hellman domain validation parameters.
+ * <pre>
+ * ValidationParams ::= SEQUENCE {
+ *    seed         BIT STRING,
+ *    pgenCounter  INTEGER
+ * }
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ValidationParams
+    extends ASN1Object
+{
+    private DERBitString seed;
+    private ASN1Integer pgenCounter;
+
+    public static ValidationParams getInstance(ASN1TaggedObject obj, boolean explicit)
+    {
+        return getInstance(ASN1Sequence.getInstance(obj, explicit));
+    }
+
+    public static ValidationParams getInstance(Object obj)
+    {
+        if (obj instanceof ValidationParams)
+        {
+            return (ValidationParams)obj;
+        }
+        else if (obj != null)
+        {
+            return new ValidationParams(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    public ValidationParams(byte[] seed, int pgenCounter)
+    {
+        if (seed == null)
+        {
+            throw new IllegalArgumentException("'seed' cannot be null");
+        }
+
+        this.seed = new DERBitString(seed);
+        this.pgenCounter = new ASN1Integer(pgenCounter);
+    }
+
+    public ValidationParams(DERBitString seed, ASN1Integer pgenCounter)
+    {
+        if (seed == null)
+        {
+            throw new IllegalArgumentException("'seed' cannot be null");
+        }
+        if (pgenCounter == null)
+        {
+            throw new IllegalArgumentException("'pgenCounter' cannot be null");
+        }
+
+        this.seed = seed;
+        this.pgenCounter = pgenCounter;
+    }
+
+    private ValidationParams(ASN1Sequence seq)
+    {
+        if (seq.size() != 2)
+        {
+            throw new IllegalArgumentException("Bad sequence size: " + seq.size());
+        }
+
+        this.seed = DERBitString.getInstance(seq.getObjectAt(0));
+        this.pgenCounter = ASN1Integer.getInstance(seq.getObjectAt(1));
+    }
+
+    public byte[] getSeed()
+    {
+        return this.seed.getBytes();
+    }
+
+    public BigInteger getPgenCounter()
+    {
+        return this.pgenCounter.getPositiveValue();
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+        v.add(this.seed);
+        v.add(this.pgenCounter);
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X962NamedCurves.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X962NamedCurves.java
new file mode 100644
index 0000000..d7669cc
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X962NamedCurves.java

@@ -0,0 +1,644 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x9;
+
+import java.math.BigInteger;
+import java.util.Enumeration;
+import java.util.Hashtable;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.util.Strings;
+import com.android.org.bouncycastle.util.encoders.Hex;
+
+
+/**
+ * Table of the current named curves defined in X.962 EC-DSA.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class X962NamedCurves
+{
+    static X9ECParametersHolder prime192v1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            BigInteger n = new BigInteger("ffffffffffffffffffffffff99def836146bc9b1b4d22831", 16);
+            BigInteger h = BigInteger.valueOf(1);
+
+            ECCurve cFp192v1 = new ECCurve.Fp(
+                new BigInteger("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", 16),
+                new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16),
+                new BigInteger("64210519e59c80e70fa7e9ab72243049feb8deecc146b9b1", 16),
+                n, h);
+
+            return new X9ECParameters(
+                cFp192v1,
+                new X9ECPoint(cFp192v1,
+                    Hex.decode("03188da80eb03090f67cbf20eb43a18800f4ff0afd82ff1012")),
+                n, h,
+                Hex.decode("3045AE6FC8422f64ED579528D38120EAE12196D5"));
+        }
+    };
+
+    static X9ECParametersHolder prime192v2 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            BigInteger n = new BigInteger("fffffffffffffffffffffffe5fb1a724dc80418648d8dd31", 16);
+            BigInteger h = BigInteger.valueOf(1);
+
+            ECCurve cFp192v2 = new ECCurve.Fp(
+                new BigInteger("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", 16),
+                new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16),
+                new BigInteger("cc22d6dfb95c6b25e49c0d6364a4e5980c393aa21668d953", 16),
+                n, h);
+
+            return new X9ECParameters(
+                cFp192v2,
+                new X9ECPoint(cFp192v2,
+                    Hex.decode("03eea2bae7e1497842f2de7769cfe9c989c072ad696f48034a")),
+                n, h,
+                Hex.decode("31a92ee2029fd10d901b113e990710f0d21ac6b6"));
+        }
+    };
+
+    static X9ECParametersHolder prime192v3 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            BigInteger n = new BigInteger("ffffffffffffffffffffffff7a62d031c83f4294f640ec13", 16);
+            BigInteger h = BigInteger.valueOf(1);
+
+            ECCurve cFp192v3 = new ECCurve.Fp(
+                new BigInteger("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF", 16),
+                new BigInteger("fffffffffffffffffffffffffffffffefffffffffffffffc", 16),
+                new BigInteger("22123dc2395a05caa7423daeccc94760a7d462256bd56916", 16),
+                n, h);
+
+            return new X9ECParameters(
+                cFp192v3,
+                new X9ECPoint(cFp192v3,
+                    Hex.decode("027d29778100c65a1da1783716588dce2b8b4aee8e228f1896")),
+                n, h,
+                Hex.decode("c469684435deb378c4b65ca9591e2a5763059a2e"));
+        }
+    };
+
+    static X9ECParametersHolder prime239v1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            BigInteger n = new BigInteger("7fffffffffffffffffffffff7fffff9e5e9a9f5d9071fbd1522688909d0b", 16);
+            BigInteger h = BigInteger.valueOf(1);
+
+            ECCurve cFp239v1 = new ECCurve.Fp(
+                new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"),
+                new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16),
+                new BigInteger("6b016c3bdcf18941d0d654921475ca71a9db2fb27d1d37796185c2942c0a", 16),
+                n, h);
+
+            return new X9ECParameters(
+                cFp239v1,
+                new X9ECPoint(cFp239v1,
+                    Hex.decode("020ffa963cdca8816ccc33b8642bedf905c3d358573d3f27fbbd3b3cb9aaaf")),
+                n, h,
+                Hex.decode("e43bb460f0b80cc0c0b075798e948060f8321b7d"));
+        }
+    };
+
+    static X9ECParametersHolder prime239v2 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            BigInteger n = new BigInteger("7fffffffffffffffffffffff800000cfa7e8594377d414c03821bc582063", 16);
+            BigInteger h = BigInteger.valueOf(1);
+
+            ECCurve cFp239v2 = new ECCurve.Fp(
+                new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"),
+                new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16),
+                new BigInteger("617fab6832576cbbfed50d99f0249c3fee58b94ba0038c7ae84c8c832f2c", 16),
+                n, h);
+
+            return new X9ECParameters(
+                cFp239v2,
+                new X9ECPoint(cFp239v2,
+                    Hex.decode("0238af09d98727705120c921bb5e9e26296a3cdcf2f35757a0eafd87b830e7")),
+                n, h,
+                Hex.decode("e8b4011604095303ca3b8099982be09fcb9ae616"));
+        }
+    };
+
+    static X9ECParametersHolder prime239v3 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            BigInteger n = new BigInteger("7fffffffffffffffffffffff7fffff975deb41b3a6057c3c432146526551", 16);
+            BigInteger h = BigInteger.valueOf(1);
+
+            ECCurve cFp239v3 = new ECCurve.Fp(
+                new BigInteger("883423532389192164791648750360308885314476597252960362792450860609699839"),
+                new BigInteger("7fffffffffffffffffffffff7fffffffffff8000000000007ffffffffffc", 16),
+                new BigInteger("255705fa2a306654b1f4cb03d6a750a30c250102d4988717d9ba15ab6d3e", 16),
+                n, h);
+
+            return new X9ECParameters(
+                cFp239v3,
+                new X9ECPoint(cFp239v3,
+                    Hex.decode("036768ae8e18bb92cfcf005c949aa2c6d94853d0e660bbf854b1c9505fe95a")),
+                n, h,
+                Hex.decode("7d7374168ffe3471b60a857686a19475d3bfa2ff"));
+        }
+    };
+
+    static X9ECParametersHolder prime256v1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            BigInteger n = new BigInteger("ffffffff00000000ffffffffffffffffbce6faada7179e84f3b9cac2fc632551", 16);
+            BigInteger h = BigInteger.valueOf(1);
+
+            ECCurve cFp256v1 = new ECCurve.Fp(
+                new BigInteger("115792089210356248762697446949407573530086143415290314195533631308867097853951"),
+                new BigInteger("ffffffff00000001000000000000000000000000fffffffffffffffffffffffc", 16),
+                new BigInteger("5ac635d8aa3a93e7b3ebbd55769886bc651d06b0cc53b0f63bce3c3e27d2604b", 16),
+                n, h);
+
+            return new X9ECParameters(
+                cFp256v1,
+                new X9ECPoint(cFp256v1,
+                    Hex.decode("036b17d1f2e12c4247f8bce6e563a440f277037d812deb33a0f4a13945d898c296")),
+                n, h,
+                Hex.decode("c49d360886e704936a6678e1139d26b7819f7e90"));
+        }
+    };
+
+    /*
+     * F2m Curves
+     */
+    static X9ECParametersHolder c2pnb163v1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            BigInteger c2m163v1n = new BigInteger("0400000000000000000001E60FC8821CC74DAEAFC1", 16);
+            BigInteger c2m163v1h = BigInteger.valueOf(2);
+
+            ECCurve c2m163v1 = new ECCurve.F2m(
+                163,
+                1, 2, 8,
+                new BigInteger("072546B5435234A422E0789675F432C89435DE5242", 16),
+                new BigInteger("00C9517D06D5240D3CFF38C74B20B6CD4D6F9DD4D9", 16),
+                c2m163v1n, c2m163v1h);
+
+            return new X9ECParameters(
+                c2m163v1,
+                new X9ECPoint(c2m163v1,
+                    Hex.decode("0307AF69989546103D79329FCC3D74880F33BBE803CB")),
+                c2m163v1n, c2m163v1h,
+                Hex.decode("D2C0FB15760860DEF1EEF4D696E6768756151754"));
+        }
+    };
+
+    static X9ECParametersHolder c2pnb163v2 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            BigInteger c2m163v2n = new BigInteger("03FFFFFFFFFFFFFFFFFFFDF64DE1151ADBB78F10A7", 16);
+            BigInteger c2m163v2h = BigInteger.valueOf(2);
+
+            ECCurve c2m163v2 = new ECCurve.F2m(
+                163,
+                1, 2, 8,
+                new BigInteger("0108B39E77C4B108BED981ED0E890E117C511CF072", 16),
+                new BigInteger("0667ACEB38AF4E488C407433FFAE4F1C811638DF20", 16),
+                c2m163v2n, c2m163v2h);
+
+            return new X9ECParameters(
+                c2m163v2,
+                new X9ECPoint(c2m163v2,
+                    Hex.decode("030024266E4EB5106D0A964D92C4860E2671DB9B6CC5")),
+                c2m163v2n, c2m163v2h,
+                null);
+        }
+    };
+
+    static X9ECParametersHolder c2pnb163v3 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            BigInteger c2m163v3n = new BigInteger("03FFFFFFFFFFFFFFFFFFFE1AEE140F110AFF961309", 16);
+            BigInteger c2m163v3h = BigInteger.valueOf(2);
+
+            ECCurve c2m163v3 = new ECCurve.F2m(
+                163,
+                1, 2, 8,
+                new BigInteger("07A526C63D3E25A256A007699F5447E32AE456B50E", 16),
+                new BigInteger("03F7061798EB99E238FD6F1BF95B48FEEB4854252B", 16),
+                c2m163v3n, c2m163v3h);
+
+            return new X9ECParameters(
+                c2m163v3,
+                new X9ECPoint(c2m163v3,
+                    Hex.decode("0202F9F87B7C574D0BDECF8A22E6524775F98CDEBDCB")),
+                c2m163v3n, c2m163v3h,
+                null);
+        }
+    };
+
+    static X9ECParametersHolder c2pnb176w1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            BigInteger c2m176w1n = new BigInteger("010092537397ECA4F6145799D62B0A19CE06FE26AD", 16);
+            BigInteger c2m176w1h = BigInteger.valueOf(0xFF6E);
+
+            ECCurve c2m176w1 = new ECCurve.F2m(
+                176,
+                1, 2, 43,
+                new BigInteger("00E4E6DB2995065C407D9D39B8D0967B96704BA8E9C90B", 16),
+                new BigInteger("005DDA470ABE6414DE8EC133AE28E9BBD7FCEC0AE0FFF2", 16),
+                c2m176w1n, c2m176w1h);
+
+            return new X9ECParameters(
+                c2m176w1,
+                new X9ECPoint(c2m176w1,
+                    Hex.decode("038D16C2866798B600F9F08BB4A8E860F3298CE04A5798")),
+                c2m176w1n, c2m176w1h,
+                null);
+        }
+    };
+
+    static X9ECParametersHolder c2tnb191v1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            BigInteger c2m191v1n = new BigInteger("40000000000000000000000004A20E90C39067C893BBB9A5", 16);
+            BigInteger c2m191v1h = BigInteger.valueOf(2);
+
+            ECCurve c2m191v1 = new ECCurve.F2m(
+                191,
+                9,
+                new BigInteger("2866537B676752636A68F56554E12640276B649EF7526267", 16),
+                new BigInteger("2E45EF571F00786F67B0081B9495A3D95462F5DE0AA185EC", 16),
+                c2m191v1n, c2m191v1h);
+
+            return new X9ECParameters(
+                c2m191v1,
+                new X9ECPoint(c2m191v1,
+                    Hex.decode("0236B3DAF8A23206F9C4F299D7B21A9C369137F2C84AE1AA0D")),
+                c2m191v1n, c2m191v1h,
+                Hex.decode("4E13CA542744D696E67687561517552F279A8C84"));
+        }
+    };
+
+    static X9ECParametersHolder c2tnb191v2 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            BigInteger c2m191v2n = new BigInteger("20000000000000000000000050508CB89F652824E06B8173", 16);
+            BigInteger c2m191v2h = BigInteger.valueOf(4);
+
+            ECCurve c2m191v2 = new ECCurve.F2m(
+                191,
+                9,
+                new BigInteger("401028774D7777C7B7666D1366EA432071274F89FF01E718", 16),
+                new BigInteger("0620048D28BCBD03B6249C99182B7C8CD19700C362C46A01", 16),
+                c2m191v2n, c2m191v2h);
+
+            return new X9ECParameters(
+                c2m191v2,
+                new X9ECPoint(c2m191v2,
+                    Hex.decode("023809B2B7CC1B28CC5A87926AAD83FD28789E81E2C9E3BF10")),
+                c2m191v2n, c2m191v2h,
+                null);
+        }
+    };
+
+    static X9ECParametersHolder c2tnb191v3 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            BigInteger c2m191v3n = new BigInteger("155555555555555555555555610C0B196812BFB6288A3EA3", 16);
+            BigInteger c2m191v3h = BigInteger.valueOf(6);
+
+            ECCurve c2m191v3 = new ECCurve.F2m(
+                191,
+                9,
+                new BigInteger("6C01074756099122221056911C77D77E77A777E7E7E77FCB", 16),
+                new BigInteger("71FE1AF926CF847989EFEF8DB459F66394D90F32AD3F15E8", 16),
+                c2m191v3n, c2m191v3h);
+
+            return new X9ECParameters(
+                c2m191v3,
+                new X9ECPoint(c2m191v3,
+                    Hex.decode("03375D4CE24FDE434489DE8746E71786015009E66E38A926DD")),
+                c2m191v3n, c2m191v3h,
+                null);
+        }
+    };
+
+    static X9ECParametersHolder c2pnb208w1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            BigInteger c2m208w1n = new BigInteger("0101BAF95C9723C57B6C21DA2EFF2D5ED588BDD5717E212F9D", 16);
+            BigInteger c2m208w1h = BigInteger.valueOf(0xFE48);
+
+            ECCurve c2m208w1 = new ECCurve.F2m(
+                208,
+                1, 2, 83,
+                new BigInteger("0", 16),
+                new BigInteger("00C8619ED45A62E6212E1160349E2BFA844439FAFC2A3FD1638F9E", 16),
+                c2m208w1n, c2m208w1h);
+
+            return new X9ECParameters(
+                c2m208w1,
+                new X9ECPoint(c2m208w1,
+                    Hex.decode("0289FDFBE4ABE193DF9559ECF07AC0CE78554E2784EB8C1ED1A57A")),
+                c2m208w1n, c2m208w1h,
+                null);
+        }
+    };
+
+    static X9ECParametersHolder c2tnb239v1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            BigInteger c2m239v1n = new BigInteger("2000000000000000000000000000000F4D42FFE1492A4993F1CAD666E447", 16);
+            BigInteger c2m239v1h = BigInteger.valueOf(4);
+
+            ECCurve c2m239v1 = new ECCurve.F2m(
+                239,
+                36,
+                new BigInteger("32010857077C5431123A46B808906756F543423E8D27877578125778AC76", 16),
+                new BigInteger("790408F2EEDAF392B012EDEFB3392F30F4327C0CA3F31FC383C422AA8C16", 16),
+                c2m239v1n, c2m239v1h);
+
+            return new X9ECParameters(
+                c2m239v1,
+                new X9ECPoint(c2m239v1,
+                    Hex.decode("0257927098FA932E7C0A96D3FD5B706EF7E5F5C156E16B7E7C86038552E91D")),
+                c2m239v1n, c2m239v1h,
+                null);
+        }
+    };
+
+    static X9ECParametersHolder c2tnb239v2 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            BigInteger c2m239v2n = new BigInteger("1555555555555555555555555555553C6F2885259C31E3FCDF154624522D", 16);
+            BigInteger c2m239v2h = BigInteger.valueOf(6);
+
+            ECCurve c2m239v2 = new ECCurve.F2m(
+                239,
+                36,
+                new BigInteger("4230017757A767FAE42398569B746325D45313AF0766266479B75654E65F", 16),
+                new BigInteger("5037EA654196CFF0CD82B2C14A2FCF2E3FF8775285B545722F03EACDB74B", 16),
+                c2m239v2n, c2m239v2h);
+
+            return new X9ECParameters(
+                c2m239v2,
+                new X9ECPoint(c2m239v2,
+                    Hex.decode("0228F9D04E900069C8DC47A08534FE76D2B900B7D7EF31F5709F200C4CA205")),
+                c2m239v2n, c2m239v2h,
+                null);
+        }
+    };
+
+    static X9ECParametersHolder c2tnb239v3 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            BigInteger c2m239v3n = new BigInteger("0CCCCCCCCCCCCCCCCCCCCCCCCCCCCCAC4912D2D9DF903EF9888B8A0E4CFF", 16);
+            BigInteger c2m239v3h = BigInteger.valueOf(10);
+
+            ECCurve c2m239v3 = new ECCurve.F2m(
+                239,
+                36,
+                new BigInteger("01238774666A67766D6676F778E676B66999176666E687666D8766C66A9F", 16),
+                new BigInteger("6A941977BA9F6A435199ACFC51067ED587F519C5ECB541B8E44111DE1D40", 16),
+                c2m239v3n, c2m239v3h);
+
+            return new X9ECParameters(
+                c2m239v3,
+                new X9ECPoint(c2m239v3,
+                    Hex.decode("0370F6E9D04D289C4E89913CE3530BFDE903977D42B146D539BF1BDE4E9C92")),
+                c2m239v3n, c2m239v3h,
+                null);
+        }
+    };
+
+    static X9ECParametersHolder c2pnb272w1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            BigInteger c2m272w1n = new BigInteger("0100FAF51354E0E39E4892DF6E319C72C8161603FA45AA7B998A167B8F1E629521", 16);
+            BigInteger c2m272w1h = BigInteger.valueOf(0xFF06);
+
+            ECCurve c2m272w1 = new ECCurve.F2m(
+                272,
+                1, 3, 56,
+                new BigInteger("0091A091F03B5FBA4AB2CCF49C4EDD220FB028712D42BE752B2C40094DBACDB586FB20", 16),
+                new BigInteger("7167EFC92BB2E3CE7C8AAAFF34E12A9C557003D7C73A6FAF003F99F6CC8482E540F7", 16),
+                c2m272w1n, c2m272w1h);
+
+            return new X9ECParameters(
+                c2m272w1,
+                new X9ECPoint(c2m272w1,
+                    Hex.decode("026108BABB2CEEBCF787058A056CBE0CFE622D7723A289E08A07AE13EF0D10D171DD8D")),
+                c2m272w1n, c2m272w1h,
+                null);
+        }
+    };
+
+    static X9ECParametersHolder c2pnb304w1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            BigInteger c2m304w1n = new BigInteger("0101D556572AABAC800101D556572AABAC8001022D5C91DD173F8FB561DA6899164443051D", 16);
+            BigInteger c2m304w1h = BigInteger.valueOf(0xFE2E);
+
+            ECCurve c2m304w1 = new ECCurve.F2m(
+                304,
+                1, 2, 11,
+                new BigInteger("00FD0D693149A118F651E6DCE6802085377E5F882D1B510B44160074C1288078365A0396C8E681", 16),
+                new BigInteger("00BDDB97E555A50A908E43B01C798EA5DAA6788F1EA2794EFCF57166B8C14039601E55827340BE", 16),
+                c2m304w1n, c2m304w1h);
+
+            return new X9ECParameters(
+                c2m304w1,
+                new X9ECPoint(c2m304w1,
+                    Hex.decode("02197B07845E9BE2D96ADB0F5F3C7F2CFFBD7A3EB8B6FEC35C7FD67F26DDF6285A644F740A2614")),
+                c2m304w1n, c2m304w1h,
+                null);
+        }
+    };
+
+    static X9ECParametersHolder c2tnb359v1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            BigInteger c2m359v1n = new BigInteger("01AF286BCA1AF286BCA1AF286BCA1AF286BCA1AF286BC9FB8F6B85C556892C20A7EB964FE7719E74F490758D3B", 16);
+            BigInteger c2m359v1h = BigInteger.valueOf(0x4C);
+
+            ECCurve c2m359v1 = new ECCurve.F2m(
+                359,
+                68,
+                new BigInteger("5667676A654B20754F356EA92017D946567C46675556F19556A04616B567D223A5E05656FB549016A96656A557", 16),
+                new BigInteger("2472E2D0197C49363F1FE7F5B6DB075D52B6947D135D8CA445805D39BC345626089687742B6329E70680231988", 16),
+                c2m359v1n, c2m359v1h);
+
+            return new X9ECParameters(
+                c2m359v1,
+                new X9ECPoint(c2m359v1,
+                    Hex.decode("033C258EF3047767E7EDE0F1FDAA79DAEE3841366A132E163ACED4ED2401DF9C6BDCDE98E8E707C07A2239B1B097")),
+                c2m359v1n, c2m359v1h,
+                null);
+        }
+    };
+
+    static X9ECParametersHolder c2pnb368w1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            BigInteger c2m368w1n = new BigInteger("010090512DA9AF72B08349D98A5DD4C7B0532ECA51CE03E2D10F3B7AC579BD87E909AE40A6F131E9CFCE5BD967", 16);
+            BigInteger c2m368w1h = BigInteger.valueOf(0xFF70);
+
+            ECCurve c2m368w1 = new ECCurve.F2m(
+                368,
+                1, 2, 85,
+                new BigInteger("00E0D2EE25095206F5E2A4F9ED229F1F256E79A0E2B455970D8D0D865BD94778C576D62F0AB7519CCD2A1A906AE30D", 16),
+                new BigInteger("00FC1217D4320A90452C760A58EDCD30C8DD069B3C34453837A34ED50CB54917E1C2112D84D164F444F8F74786046A", 16),
+                c2m368w1n, c2m368w1h);
+
+            return new X9ECParameters(
+                c2m368w1,
+                new X9ECPoint(c2m368w1,
+                    Hex.decode("021085E2755381DCCCE3C1557AFA10C2F0C0C2825646C5B34A394CBCFA8BC16B22E7E789E927BE216F02E1FB136A5F")),
+                c2m368w1n, c2m368w1h,
+                null);
+        }
+    };
+
+    static X9ECParametersHolder c2tnb431r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            BigInteger c2m431r1n = new BigInteger("0340340340340340340340340340340340340340340340340340340323C313FAB50589703B5EC68D3587FEC60D161CC149C1AD4A91", 16);
+            BigInteger c2m431r1h = BigInteger.valueOf(0x2760);
+
+            ECCurve c2m431r1 = new ECCurve.F2m(
+                431,
+                120,
+                new BigInteger("1A827EF00DD6FC0E234CAF046C6A5D8A85395B236CC4AD2CF32A0CADBDC9DDF620B0EB9906D0957F6C6FEACD615468DF104DE296CD8F", 16),
+                new BigInteger("10D9B4A3D9047D8B154359ABFB1B7F5485B04CEB868237DDC9DEDA982A679A5A919B626D4E50A8DD731B107A9962381FB5D807BF2618", 16),
+                c2m431r1n, c2m431r1h);
+
+            return new X9ECParameters(
+                c2m431r1,
+                new X9ECPoint(c2m431r1,
+                    Hex.decode("02120FC05D3C67A99DE161D2F4092622FECA701BE4F50F4758714E8A87BBF2A658EF8C21E7C5EFE965361F6C2999C0C247B0DBD70CE6B7")),
+                c2m431r1n, c2m431r1h,
+                null);
+        }
+    };
+
+    static final Hashtable objIds = new Hashtable();
+    static final Hashtable curves = new Hashtable();
+    static final Hashtable names = new Hashtable();
+
+    static void defineCurve(String name, ASN1ObjectIdentifier oid, X9ECParametersHolder holder)
+    {
+        objIds.put(name, oid);
+        names.put(oid, name);
+        curves.put(oid, holder);
+    }
+
+    static
+    {
+        defineCurve("prime192v1", X9ObjectIdentifiers.prime192v1, prime192v1);
+        defineCurve("prime192v2", X9ObjectIdentifiers.prime192v2, prime192v2);
+        defineCurve("prime192v3", X9ObjectIdentifiers.prime192v3, prime192v3);
+        defineCurve("prime239v1", X9ObjectIdentifiers.prime239v1, prime239v1);
+        defineCurve("prime239v2", X9ObjectIdentifiers.prime239v2, prime239v2);
+        defineCurve("prime239v3", X9ObjectIdentifiers.prime239v3, prime239v3);
+        defineCurve("prime256v1", X9ObjectIdentifiers.prime256v1, prime256v1);
+        defineCurve("c2pnb163v1", X9ObjectIdentifiers.c2pnb163v1, c2pnb163v1);
+        defineCurve("c2pnb163v2", X9ObjectIdentifiers.c2pnb163v2, c2pnb163v2);
+        defineCurve("c2pnb163v3", X9ObjectIdentifiers.c2pnb163v3, c2pnb163v3);
+        defineCurve("c2pnb176w1", X9ObjectIdentifiers.c2pnb176w1, c2pnb176w1);
+        defineCurve("c2tnb191v1", X9ObjectIdentifiers.c2tnb191v1, c2tnb191v1);
+        defineCurve("c2tnb191v2", X9ObjectIdentifiers.c2tnb191v2, c2tnb191v2);
+        defineCurve("c2tnb191v3", X9ObjectIdentifiers.c2tnb191v3, c2tnb191v3);
+        defineCurve("c2pnb208w1", X9ObjectIdentifiers.c2pnb208w1, c2pnb208w1);
+        defineCurve("c2tnb239v1", X9ObjectIdentifiers.c2tnb239v1, c2tnb239v1);
+        defineCurve("c2tnb239v2", X9ObjectIdentifiers.c2tnb239v2, c2tnb239v2);
+        defineCurve("c2tnb239v3", X9ObjectIdentifiers.c2tnb239v3, c2tnb239v3);
+        defineCurve("c2pnb272w1", X9ObjectIdentifiers.c2pnb272w1, c2pnb272w1);
+        defineCurve("c2pnb304w1", X9ObjectIdentifiers.c2pnb304w1, c2pnb304w1);
+        defineCurve("c2tnb359v1", X9ObjectIdentifiers.c2tnb359v1, c2tnb359v1);
+        defineCurve("c2pnb368w1", X9ObjectIdentifiers.c2pnb368w1, c2pnb368w1);
+        defineCurve("c2tnb431r1", X9ObjectIdentifiers.c2tnb431r1, c2tnb431r1);
+    }
+
+    public static X9ECParameters getByName(
+        String name)
+    {
+        ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)objIds.get(Strings.toLowerCase(name));
+
+        if (oid != null)
+        {
+            return getByOID(oid);
+        }
+
+        return null;
+    }
+
+    /**
+     * return the X9ECParameters object for the named curve represented by
+     * the passed in object identifier. Null if the curve isn't present.
+     *
+     * @param oid an object identifier representing a named curve, if present.
+     */
+    public static X9ECParameters getByOID(
+        ASN1ObjectIdentifier oid)
+    {
+        X9ECParametersHolder holder = (X9ECParametersHolder)curves.get(oid);
+
+        if (holder != null)
+        {
+            return holder.getParameters();
+        }
+
+        return null;
+    }
+
+    /**
+     * return the object identifier signified by the passed in name. Null
+     * if there is no object identifier associated with name.
+     *
+     * @return the object identifier associated with name, if present.
+     */
+    public static ASN1ObjectIdentifier getOID(
+        String name)
+    {
+        return (ASN1ObjectIdentifier)objIds.get(Strings.toLowerCase(name));
+    }
+
+    /**
+     * return the named curve name represented by the given object identifier.
+     */
+    public static String getName(
+        ASN1ObjectIdentifier oid)
+    {
+        return (String)names.get(oid);
+    }
+
+    /**
+     * returns an enumeration containing the name strings for curves
+     * contained in this structure.
+     */
+    public static Enumeration getNames()
+    {
+        return objIds.keys();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X962Parameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X962Parameters.java
new file mode 100644
index 0000000..96ae655
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X962Parameters.java

@@ -0,0 +1,114 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x9;
+
+import java.io.IOException;
+
+import com.android.org.bouncycastle.asn1.ASN1Choice;
+import com.android.org.bouncycastle.asn1.ASN1Null;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+
+/**
+ * The Parameters ASN.1 CHOICE from X9.62.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class X962Parameters
+    extends ASN1Object
+    implements ASN1Choice
+{
+    private ASN1Primitive           params = null;
+
+    public static X962Parameters getInstance(
+        Object obj)
+    {
+        if (obj == null || obj instanceof X962Parameters) 
+        {
+            return (X962Parameters)obj;
+        }
+        
+        if (obj instanceof ASN1Primitive) 
+        {
+            return new X962Parameters((ASN1Primitive)obj);
+        }
+
+        if (obj instanceof byte[])
+        {
+            try
+            {
+                return new X962Parameters(ASN1Primitive.fromByteArray((byte[])obj));
+            }
+            catch (Exception e)
+            {
+                throw new IllegalArgumentException("unable to parse encoded data: " + e.getMessage());
+            }
+        }
+
+        throw new IllegalArgumentException("unknown object in getInstance()");
+    }
+    
+    public static X962Parameters getInstance(
+        ASN1TaggedObject obj,
+        boolean          explicit)
+    {
+        return getInstance(obj.getObject()); // must be explicitly tagged
+    }
+    
+    public X962Parameters(
+        X9ECParameters      ecParameters)
+    {
+        this.params = ecParameters.toASN1Primitive();
+    }
+
+    public X962Parameters(
+        ASN1ObjectIdentifier  namedCurve)
+    {
+        this.params = namedCurve;
+    }
+
+    public X962Parameters(
+        ASN1Null           obj)
+    {
+        this.params = obj;
+    }
+
+    /**
+     * @deprecated use getInstance()
+     */
+    public X962Parameters(
+        ASN1Primitive           obj)
+    {
+        this.params = obj;
+    }
+
+    public boolean isNamedCurve()
+    {
+        return (params instanceof ASN1ObjectIdentifier);
+    }
+
+    public boolean isImplicitlyCA()
+    {
+        return (params instanceof ASN1Null);
+    }
+
+    public ASN1Primitive getParameters()
+    {
+        return params;
+    }
+
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     * <pre>
+     * Parameters ::= CHOICE {
+     *    ecParameters ECParameters,
+     *    namedCurve   CURVES.&amp;id({CurveNames}),
+     *    implicitlyCA NULL
+     * }
+     * </pre>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        return params;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X9Curve.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X9Curve.java
new file mode 100644
index 0000000..3b15664
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X9Curve.java

@@ -0,0 +1,164 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x9;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.math.ec.ECAlgorithms;
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * ASN.1 def for Elliptic-Curve Curve structure. See
+ * X9.62, for further details.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class X9Curve
+    extends ASN1Object
+    implements X9ObjectIdentifiers
+{
+    private ECCurve     curve;
+    private byte[]      seed;
+    private ASN1ObjectIdentifier fieldIdentifier = null;
+
+    public X9Curve(
+        ECCurve     curve)
+    {
+        this(curve, null);
+    }
+
+    public X9Curve(
+        ECCurve     curve,
+        byte[]      seed)
+    {
+        this.curve = curve;
+        this.seed = Arrays.clone(seed);
+        setFieldIdentifier();
+    }
+
+    public X9Curve(
+        X9FieldID     fieldID,
+        BigInteger    order,
+        BigInteger    cofactor,
+        ASN1Sequence  seq)
+    {   
+        fieldIdentifier = fieldID.getIdentifier();
+        if (fieldIdentifier.equals(prime_field))
+        {   
+            BigInteger p = ((ASN1Integer)fieldID.getParameters()).getValue();
+            BigInteger A = new BigInteger(1, ASN1OctetString.getInstance(seq.getObjectAt(0)).getOctets());      
+            BigInteger B = new BigInteger(1, ASN1OctetString.getInstance(seq.getObjectAt(1)).getOctets());      
+            curve = new ECCurve.Fp(p, A, B, order, cofactor);
+        }
+        else if (fieldIdentifier.equals(characteristic_two_field))
+        {
+            // Characteristic two field
+            ASN1Sequence parameters = ASN1Sequence.getInstance(fieldID.getParameters());
+            int m = ((ASN1Integer)parameters.getObjectAt(0)).getValue().
+                intValue();
+            ASN1ObjectIdentifier representation
+                = (ASN1ObjectIdentifier)parameters.getObjectAt(1);
+
+            int k1 = 0;
+            int k2 = 0;
+            int k3 = 0;
+
+            if (representation.equals(tpBasis))
+            {
+                // Trinomial basis representation
+                k1 = ASN1Integer.getInstance(parameters.getObjectAt(2)).getValue().intValue();
+            }   
+            else if (representation.equals(ppBasis))
+            {
+                // Pentanomial basis representation
+                ASN1Sequence pentanomial = ASN1Sequence.getInstance(parameters.getObjectAt(2));
+                k1 = ASN1Integer.getInstance(pentanomial.getObjectAt(0)).getValue().intValue();
+                k2 = ASN1Integer.getInstance(pentanomial.getObjectAt(1)).getValue().intValue();
+                k3 = ASN1Integer.getInstance(pentanomial.getObjectAt(2)).getValue().intValue();
+            }   
+            else
+            {
+                throw new IllegalArgumentException("This type of EC basis is not implemented");
+            }   
+            BigInteger A = new BigInteger(1, ASN1OctetString.getInstance(seq.getObjectAt(0)).getOctets());      
+            BigInteger B = new BigInteger(1, ASN1OctetString.getInstance(seq.getObjectAt(1)).getOctets());      
+            curve = new ECCurve.F2m(m, k1, k2, k3, A, B, order, cofactor);
+        }   
+        else
+        {
+            throw new IllegalArgumentException("This type of ECCurve is not implemented");
+        }   
+
+        if (seq.size() == 3)
+        {
+            seed = Arrays.clone(((DERBitString)seq.getObjectAt(2)).getBytes());
+        }   
+    }   
+
+    private void setFieldIdentifier()
+    {
+        if (ECAlgorithms.isFpCurve(curve))
+        {
+            fieldIdentifier = prime_field;
+        }
+        else if (ECAlgorithms.isF2mCurve(curve))
+        {
+            fieldIdentifier = characteristic_two_field;
+        }
+        else
+        {
+            throw new IllegalArgumentException("This type of ECCurve is not implemented");
+        }
+    }
+
+    public ECCurve  getCurve()
+    {
+        return curve;
+    }
+
+    public byte[]   getSeed()
+    {
+        return Arrays.clone(seed);
+    }
+
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     * <pre>
+     *  Curve ::= SEQUENCE {
+     *      a               FieldElement,
+     *      b               FieldElement,
+     *      seed            BIT STRING      OPTIONAL
+     *  }
+     * </pre>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        if (fieldIdentifier.equals(prime_field)) 
+        { 
+            v.add(new X9FieldElement(curve.getA()).toASN1Primitive());
+            v.add(new X9FieldElement(curve.getB()).toASN1Primitive());
+        } 
+        else if (fieldIdentifier.equals(characteristic_two_field)) 
+        {
+            v.add(new X9FieldElement(curve.getA()).toASN1Primitive());
+            v.add(new X9FieldElement(curve.getB()).toASN1Primitive());
+        }
+
+        if (seed != null)
+        {
+            v.add(new DERBitString(seed));
+        }
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X9ECParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X9ECParameters.java
new file mode 100644
index 0000000..691ac49
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X9ECParameters.java

@@ -0,0 +1,248 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x9;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.math.ec.ECAlgorithms;
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.ECPoint;
+import com.android.org.bouncycastle.math.field.PolynomialExtensionField;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * ASN.1 def for Elliptic-Curve ECParameters structure. See
+ * X9.62, for further details.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class X9ECParameters
+    extends ASN1Object
+    implements X9ObjectIdentifiers
+{
+    private static final BigInteger   ONE = BigInteger.valueOf(1);
+
+    private X9FieldID           fieldID;
+    private ECCurve             curve;
+    private X9ECPoint           g;
+    private BigInteger          n;
+    private BigInteger          h;
+    private byte[]              seed;
+
+    private X9ECParameters(
+        ASN1Sequence  seq)
+    {
+        if (!(seq.getObjectAt(0) instanceof ASN1Integer)
+            || !((ASN1Integer)seq.getObjectAt(0)).getValue().equals(ONE))
+        {
+            throw new IllegalArgumentException("bad version in X9ECParameters");
+        }
+
+        this.n = ((ASN1Integer)seq.getObjectAt(4)).getValue();
+
+        if (seq.size() == 6)
+        {
+            this.h = ((ASN1Integer)seq.getObjectAt(5)).getValue();
+        }
+
+        X9Curve x9c = new X9Curve(
+            X9FieldID.getInstance(seq.getObjectAt(1)), n, h,
+            ASN1Sequence.getInstance(seq.getObjectAt(2)));
+
+        this.curve = x9c.getCurve();
+        Object p = seq.getObjectAt(3);
+
+        if (p instanceof X9ECPoint)
+        {
+            this.g = (X9ECPoint)p;
+        }
+        else
+        {
+            this.g = new X9ECPoint(curve, (ASN1OctetString)p);
+        }
+
+        this.seed = x9c.getSeed();
+    }
+
+    public static X9ECParameters getInstance(Object obj)
+    {
+        if (obj instanceof X9ECParameters)
+        {
+            return (X9ECParameters)obj;
+        }
+
+        if (obj != null)
+        {
+            return new X9ECParameters(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    public X9ECParameters(
+        ECCurve     curve,
+        ECPoint     g,
+        BigInteger  n)
+    {
+        this(curve, g, n, null, null);
+    }
+
+    public X9ECParameters(
+        ECCurve     curve,
+        X9ECPoint     g,
+        BigInteger  n,
+        BigInteger  h)
+    {
+        this(curve, g, n, h, null);
+    }
+
+    public X9ECParameters(
+        ECCurve     curve,
+        ECPoint     g,
+        BigInteger  n,
+        BigInteger  h)
+    {
+        this(curve, g, n, h, null);
+    }
+
+    public X9ECParameters(
+        ECCurve     curve,
+        ECPoint     g,
+        BigInteger  n,
+        BigInteger  h,
+        byte[]      seed)
+    {
+        this(curve, new X9ECPoint(g), n, h, seed);
+    }
+
+    public X9ECParameters(
+        ECCurve     curve,
+        X9ECPoint   g,
+        BigInteger  n,
+        BigInteger  h,
+        byte[]      seed)
+    {
+        this.curve = curve;
+        this.g = g;
+        this.n = n;
+        this.h = h;
+        this.seed = Arrays.clone(seed);
+
+        if (ECAlgorithms.isFpCurve(curve))
+        {
+            this.fieldID = new X9FieldID(curve.getField().getCharacteristic());
+        }
+        else if (ECAlgorithms.isF2mCurve(curve))
+        {
+            PolynomialExtensionField field = (PolynomialExtensionField)curve.getField();
+            int[] exponents = field.getMinimalPolynomial().getExponentsPresent();
+            if (exponents.length == 3)
+            {
+                this.fieldID = new X9FieldID(exponents[2], exponents[1]);
+            }
+            else if (exponents.length == 5)
+            {
+                this.fieldID = new X9FieldID(exponents[4], exponents[1], exponents[2], exponents[3]);
+            }
+            else
+            {
+                throw new IllegalArgumentException("Only trinomial and pentomial curves are supported");
+            }
+        }
+        else
+        {
+            throw new IllegalArgumentException("'curve' is of an unsupported type");
+        }
+    }
+
+    public ECCurve getCurve()
+    {
+        return curve;
+    }
+
+    public ECPoint getG()
+    {
+        return g.getPoint();
+    }
+
+    public BigInteger getN()
+    {
+        return n;
+    }
+
+    public BigInteger getH()
+    {
+        return h;
+    }
+
+    public byte[] getSeed()
+    {
+        return Arrays.clone(seed);
+    }
+
+    /**
+     * Return the ASN.1 entry representing the Curve.
+     *
+     * @return the X9Curve for the curve in these parameters.
+     */
+    public X9Curve getCurveEntry()
+    {
+        return new X9Curve(curve, seed);
+    }
+
+    /**
+     * Return the ASN.1 entry representing the FieldID.
+     *
+     * @return the X9FieldID for the FieldID in these parameters.
+     */
+    public X9FieldID getFieldIDEntry()
+    {
+        return fieldID;
+    }
+
+    /**
+     * Return the ASN.1 entry representing the base point G.
+     *
+     * @return the X9ECPoint for the base point in these parameters.
+     */
+    public X9ECPoint getBaseEntry()
+    {
+        return g;
+    }
+
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     * <pre>
+     *  ECParameters ::= SEQUENCE {
+     *      version         INTEGER { ecpVer1(1) } (ecpVer1),
+     *      fieldID         FieldID {{FieldTypes}},
+     *      curve           X9Curve,
+     *      base            X9ECPoint,
+     *      order           INTEGER,
+     *      cofactor        INTEGER OPTIONAL
+     *  }
+     * </pre>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(new ASN1Integer(ONE));
+        v.add(fieldID);
+        v.add(new X9Curve(curve, seed));
+        v.add(g);
+        v.add(new ASN1Integer(n));
+
+        if (h != null)
+        {
+            v.add(new ASN1Integer(h));
+        }
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X9ECParametersHolder.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X9ECParametersHolder.java
new file mode 100644
index 0000000..ddc5700
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X9ECParametersHolder.java

@@ -0,0 +1,23 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x9;
+
+/**
+ * A holding class that allows for X9ECParameters to be lazily constructed.
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class X9ECParametersHolder
+{
+    private X9ECParameters params;
+
+    public synchronized X9ECParameters getParameters()
+    {
+        if (params == null)
+        {
+            params = createParameters();
+        }
+
+        return params;
+    }
+
+    protected abstract X9ECParameters createParameters();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X9ECPoint.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X9ECPoint.java
new file mode 100644
index 0000000..6776400
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X9ECPoint.java

@@ -0,0 +1,86 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x9;
+
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.ECPoint;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * Class for describing an ECPoint as a DER object.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class X9ECPoint
+    extends ASN1Object
+{
+    private final ASN1OctetString encoding;
+
+    private ECCurve c;
+    private ECPoint p;
+
+    public X9ECPoint(
+        ECPoint p)
+    {
+        this(p, false);
+    }
+
+    public X9ECPoint(
+        ECPoint p,
+        boolean compressed)
+    {
+        this.p = p.normalize();
+        this.encoding = new DEROctetString(p.getEncoded(compressed));
+    }
+
+    public X9ECPoint(
+        ECCurve          c,
+        byte[]           encoding)
+    {
+        this.c = c;
+        this.encoding = new DEROctetString(Arrays.clone(encoding));
+    }
+
+    public X9ECPoint(
+        ECCurve          c,
+        ASN1OctetString  s)
+    {
+        this(c, s.getOctets());
+    }
+
+    public byte[] getPointEncoding()
+    {
+        return Arrays.clone(encoding.getOctets());
+    }
+
+    public synchronized ECPoint getPoint()
+    {
+        if (p == null)
+        {
+            p = c.decodePoint(encoding.getOctets()).normalize();
+        }
+
+        return p;
+    }
+
+    public boolean isPointCompressed()
+    {
+        byte[] octets = encoding.getOctets();
+        return octets != null && octets.length > 0 && (octets[0] == 2 || octets[0] == 3);
+    }
+
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     * <pre>
+     *  ECPoint ::= OCTET STRING
+     * </pre>
+     * <p>
+     * Octet string produced using ECPoint.getEncoded().
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        return encoding;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X9FieldElement.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X9FieldElement.java
new file mode 100644
index 0000000..53f51e6
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X9FieldElement.java

@@ -0,0 +1,72 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x9;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+import com.android.org.bouncycastle.math.ec.ECFieldElement;
+
+/**
+ * class for processing an FieldElement as a DER object.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class X9FieldElement
+    extends ASN1Object
+{
+    protected ECFieldElement  f;
+    
+    private static X9IntegerConverter converter = new X9IntegerConverter();
+
+    public X9FieldElement(ECFieldElement f)
+    {
+        this.f = f;
+    }
+
+    /**
+     * @deprecated Will be removed
+     */
+    public X9FieldElement(BigInteger p, ASN1OctetString s)
+    {
+        this(new ECFieldElement.Fp(p, new BigInteger(1, s.getOctets())));
+    }
+
+    /**
+     * @deprecated Will be removed
+     */
+    public X9FieldElement(int m, int k1, int k2, int k3, ASN1OctetString s)
+    {
+        this(new ECFieldElement.F2m(m, k1, k2, k3, new BigInteger(1, s.getOctets())));
+    }
+
+    public ECFieldElement getValue()
+    {
+        return f;
+    }
+    
+    /**
+     * Produce an object suitable for an ASN1OutputStream.
+     * <pre>
+     *  FieldElement ::= OCTET STRING
+     * </pre>
+     * <p>
+     * <ol>
+     * <li> if <i>q</i> is an odd prime then the field element is
+     * processed as an Integer and converted to an octet string
+     * according to x 9.62 4.3.1.</li>
+     * <li> if <i>q</i> is 2<sup>m</sup> then the bit string
+     * contained in the field element is converted into an octet
+     * string with the same ordering padded at the front if necessary.
+     * </li>
+     * </ol>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        int byteCount = converter.getByteLength(f);
+        byte[] paddedBigInteger = converter.integerToBytes(f.toBigInteger(), byteCount);
+
+        return new DEROctetString(paddedBigInteger);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X9FieldID.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X9FieldID.java
new file mode 100644
index 0000000..9695a9a
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X9FieldID.java

@@ -0,0 +1,150 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x9;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DERSequence;
+
+/**
+ * ASN.1 def for Elliptic-Curve Field ID structure. See
+ * X9.62, for further details.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class X9FieldID
+    extends ASN1Object
+    implements X9ObjectIdentifiers
+{
+    private ASN1ObjectIdentifier     id;
+    private ASN1Primitive parameters;
+
+    /**
+     * Constructor for elliptic curves over prime fields
+     * <code>F<sub>2</sub></code>.
+     * @param primeP The prime <code>p</code> defining the prime field.
+     */
+    public X9FieldID(BigInteger primeP)
+    {
+        this.id = prime_field;
+        this.parameters = new ASN1Integer(primeP);
+    }
+
+    /**
+     * Constructor for elliptic curves over binary fields
+     * <code>F<sub>2<sup>m</sup></sub></code>.
+     * @param m  The exponent <code>m</code> of
+     * <code>F<sub>2<sup>m</sup></sub></code>.
+     * @param k1 The integer <code>k1</code> where <code>x<sup>m</sup> +
+     * x<sup>k1</sup> + 1</code>
+     * represents the reduction polynomial <code>f(z)</code>.
+     */
+    public X9FieldID(int m, int k1)
+    {
+        this(m, k1, 0, 0);
+    }
+
+    /**
+     * Constructor for elliptic curves over binary fields
+     * <code>F<sub>2<sup>m</sup></sub></code>.
+     * @param m  The exponent <code>m</code> of
+     * <code>F<sub>2<sup>m</sup></sub></code>.
+     * @param k1 The integer <code>k1</code> where <code>x<sup>m</sup> +
+     * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+     * represents the reduction polynomial <code>f(z)</code>.
+     * @param k2 The integer <code>k2</code> where <code>x<sup>m</sup> +
+     * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+     * represents the reduction polynomial <code>f(z)</code>.
+     * @param k3 The integer <code>k3</code> where <code>x<sup>m</sup> +
+     * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+     * represents the reduction polynomial <code>f(z)</code>..
+     */
+    public X9FieldID(int m, int k1, int k2, int k3)
+    {
+        this.id = characteristic_two_field;
+        ASN1EncodableVector fieldIdParams = new ASN1EncodableVector();
+        fieldIdParams.add(new ASN1Integer(m));
+        
+        if (k2 == 0) 
+        {
+            if (k3 != 0)
+            {
+                throw new IllegalArgumentException("inconsistent k values");
+            }
+
+            fieldIdParams.add(tpBasis);
+            fieldIdParams.add(new ASN1Integer(k1));
+        } 
+        else 
+        {
+            if (k2 <= k1 || k3 <= k2)
+            {
+                throw new IllegalArgumentException("inconsistent k values");
+            }
+
+            fieldIdParams.add(ppBasis);
+            ASN1EncodableVector pentanomialParams = new ASN1EncodableVector();
+            pentanomialParams.add(new ASN1Integer(k1));
+            pentanomialParams.add(new ASN1Integer(k2));
+            pentanomialParams.add(new ASN1Integer(k3));
+            fieldIdParams.add(new DERSequence(pentanomialParams));
+        }
+        
+        this.parameters = new DERSequence(fieldIdParams);
+    }
+
+    private X9FieldID(
+        ASN1Sequence  seq)
+    {
+        this.id = ASN1ObjectIdentifier.getInstance(seq.getObjectAt(0));
+        this.parameters = seq.getObjectAt(1).toASN1Primitive();
+    }
+
+    public static X9FieldID getInstance(Object obj)
+    {
+        if (obj instanceof X9FieldID)
+        {
+            return (X9FieldID)obj;
+        }
+
+        if (obj != null)
+        {
+            return new X9FieldID(ASN1Sequence.getInstance(obj));
+        }
+
+        return null;
+    }
+
+    public ASN1ObjectIdentifier getIdentifier()
+    {
+        return id;
+    }
+
+    public ASN1Primitive getParameters()
+    {
+        return parameters;
+    }
+
+    /**
+     * Produce a DER encoding of the following structure.
+     * <pre>
+     *  FieldID ::= SEQUENCE {
+     *      fieldType       FIELD-ID.&amp;id({IOSet}),
+     *      parameters      FIELD-ID.&amp;Type({IOSet}{&#64;fieldType})
+     *  }
+     * </pre>
+     */
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(this.id);
+        v.add(this.parameters);
+
+        return new DERSequence(v);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X9IntegerConverter.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X9IntegerConverter.java
new file mode 100644
index 0000000..58119f1
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X9IntegerConverter.java

@@ -0,0 +1,72 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x9;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.ECFieldElement;
+
+/**
+ * A class which converts integers to byte arrays, allowing padding and calculations
+ * to be done according the the filed size of the curve or field element involved.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class X9IntegerConverter
+{
+    /**
+     * Return the curve's field size in bytes.
+     *
+     * @param c the curve of interest.
+     * @return the field size in bytes (rounded up).
+     */
+    public int getByteLength(
+        ECCurve c)
+    {
+        return (c.getFieldSize() + 7) / 8;
+    }
+
+    /**
+     * Return the field element's field size in bytes.
+     *
+     * @param fe the field element of interest.
+     * @return the field size in bytes (rounded up).
+     */
+    public int getByteLength(
+        ECFieldElement fe)
+    {
+        return (fe.getFieldSize() + 7) / 8;
+    }
+
+    /**
+     * Convert an integer to a byte array, ensuring it is exactly qLength long.
+     *
+     * @param s the integer to be converted.
+     * @param qLength the length
+     * @return the resulting byte array.
+     */
+    public byte[] integerToBytes(
+        BigInteger s,
+        int        qLength)
+    {
+        byte[] bytes = s.toByteArray();
+        
+        if (qLength < bytes.length)
+        {
+            byte[] tmp = new byte[qLength];
+        
+            System.arraycopy(bytes, bytes.length - tmp.length, tmp, 0, tmp.length);
+            
+            return tmp;
+        }
+        else if (qLength > bytes.length)
+        {
+            byte[] tmp = new byte[qLength];
+        
+            System.arraycopy(bytes, 0, tmp, tmp.length - bytes.length, bytes.length);
+            
+            return tmp; 
+        }
+    
+        return bytes;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X9ObjectIdentifiers.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X9ObjectIdentifiers.java
new file mode 100644
index 0000000..d3ee31c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/asn1/x9/X9ObjectIdentifiers.java

@@ -0,0 +1,229 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.asn1.x9;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+
+/**
+ *
+ * Object identifiers for the various X9 standards.
+ * <pre>
+ * ansi-X9-62 OBJECT IDENTIFIER ::= { iso(1) member-body(2)
+ *                                    us(840) ansi-x962(10045) }
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public interface X9ObjectIdentifiers
+{
+    /** Base OID: 1.2.840.10045 */
+    ASN1ObjectIdentifier ansi_X9_62 = new ASN1ObjectIdentifier("1.2.840.10045");
+
+    /** OID: 1.2.840.10045.1 */
+    ASN1ObjectIdentifier id_fieldType = ansi_X9_62.branch("1");
+
+    /** OID: 1.2.840.10045.1.1 */
+    ASN1ObjectIdentifier prime_field = id_fieldType.branch("1");
+
+    /** OID: 1.2.840.10045.1.2 */
+    ASN1ObjectIdentifier characteristic_two_field = id_fieldType.branch("2");
+
+    /** OID: 1.2.840.10045.1.2.3.1 */
+    ASN1ObjectIdentifier gnBasis = characteristic_two_field.branch("3.1");
+
+    /** OID: 1.2.840.10045.1.2.3.2 */
+    ASN1ObjectIdentifier tpBasis = characteristic_two_field.branch("3.2");
+
+    /** OID: 1.2.840.10045.1.2.3.3 */
+    ASN1ObjectIdentifier ppBasis = characteristic_two_field.branch("3.3");
+
+    /** OID: 1.2.840.10045.4 */
+    ASN1ObjectIdentifier id_ecSigType = ansi_X9_62.branch("4");
+
+    /** OID: 1.2.840.10045.4.1 */
+    ASN1ObjectIdentifier ecdsa_with_SHA1 = id_ecSigType.branch("1");
+
+    /** OID: 1.2.840.10045.2 */
+    ASN1ObjectIdentifier id_publicKeyType = ansi_X9_62.branch("2");
+
+    /** OID: 1.2.840.10045.2.1 */
+    ASN1ObjectIdentifier id_ecPublicKey = id_publicKeyType.branch("1");
+
+    /** OID: 1.2.840.10045.4.3 */
+    ASN1ObjectIdentifier ecdsa_with_SHA2 = id_ecSigType.branch("3");
+
+    /** OID: 1.2.840.10045.4.3.1 */
+    ASN1ObjectIdentifier ecdsa_with_SHA224 = ecdsa_with_SHA2.branch("1");
+
+    /** OID: 1.2.840.10045.4.3.2 */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    ASN1ObjectIdentifier ecdsa_with_SHA256 = ecdsa_with_SHA2.branch("2");
+
+    /** OID: 1.2.840.10045.4.3.3 */
+    ASN1ObjectIdentifier ecdsa_with_SHA384 = ecdsa_with_SHA2.branch("3");
+
+    /** OID: 1.2.840.10045.4.3.4 */
+    ASN1ObjectIdentifier ecdsa_with_SHA512 = ecdsa_with_SHA2.branch("4");
+
+    /**
+     * Named curves base
+     * <p>
+     * OID: 1.2.840.10045.3
+     */
+    ASN1ObjectIdentifier ellipticCurve = ansi_X9_62.branch("3");
+
+    /**
+     * Two Curves
+     * <p>
+     * OID: 1.2.840.10045.3.0
+     */
+    ASN1ObjectIdentifier  cTwoCurve = ellipticCurve.branch("0");
+
+    /** Two Curve c2pnb163v1, OID: 1.2.840.10045.3.0.1 */
+    ASN1ObjectIdentifier c2pnb163v1 = cTwoCurve.branch("1");
+    /** Two Curve c2pnb163v2, OID: 1.2.840.10045.3.0.2 */
+    ASN1ObjectIdentifier c2pnb163v2 = cTwoCurve.branch("2");
+    /** Two Curve c2pnb163v3, OID: 1.2.840.10045.3.0.3 */
+    ASN1ObjectIdentifier c2pnb163v3 = cTwoCurve.branch("3");
+    /** Two Curve c2pnb176w1, OID: 1.2.840.10045.3.0.4 */
+    ASN1ObjectIdentifier c2pnb176w1 = cTwoCurve.branch("4");
+    /** Two Curve c2tnb191v1, OID: 1.2.840.10045.3.0.5 */
+    ASN1ObjectIdentifier c2tnb191v1 = cTwoCurve.branch("5");
+    /** Two Curve c2tnb191v2, OID: 1.2.840.10045.3.0.6 */
+    ASN1ObjectIdentifier c2tnb191v2 = cTwoCurve.branch("6");
+    /** Two Curve c2tnb191v3, OID: 1.2.840.10045.3.0.7 */
+    ASN1ObjectIdentifier c2tnb191v3 = cTwoCurve.branch("7");
+    /** Two Curve c2onb191v4, OID: 1.2.840.10045.3.0.8 */
+    ASN1ObjectIdentifier c2onb191v4 = cTwoCurve.branch("8");
+    /** Two Curve c2onb191v5, OID: 1.2.840.10045.3.0.9 */
+    ASN1ObjectIdentifier c2onb191v5 = cTwoCurve.branch("9");
+    /** Two Curve c2pnb208w1, OID: 1.2.840.10045.3.0.10 */
+    ASN1ObjectIdentifier c2pnb208w1 = cTwoCurve.branch("10");
+    /** Two Curve c2tnb239v1, OID: 1.2.840.10045.3.0.11 */
+    ASN1ObjectIdentifier c2tnb239v1 = cTwoCurve.branch("11");
+    /** Two Curve c2tnb239v2, OID: 1.2.840.10045.3.0.12 */
+    ASN1ObjectIdentifier c2tnb239v2 = cTwoCurve.branch("12");
+    /** Two Curve c2tnb239v3, OID: 1.2.840.10045.3.0.13 */
+    ASN1ObjectIdentifier c2tnb239v3 = cTwoCurve.branch("13");
+    /** Two Curve c2onb239v4, OID: 1.2.840.10045.3.0.14 */
+    ASN1ObjectIdentifier c2onb239v4 = cTwoCurve.branch("14");
+    /** Two Curve c2onb239v5, OID: 1.2.840.10045.3.0.15 */
+    ASN1ObjectIdentifier c2onb239v5 = cTwoCurve.branch("15");
+    /** Two Curve c2pnb272w1, OID: 1.2.840.10045.3.0.16 */
+    ASN1ObjectIdentifier c2pnb272w1 = cTwoCurve.branch("16");
+    /** Two Curve c2pnb304w1, OID: 1.2.840.10045.3.0.17 */
+    ASN1ObjectIdentifier c2pnb304w1 = cTwoCurve.branch("17");
+    /** Two Curve c2tnb359v1, OID: 1.2.840.10045.3.0.18 */
+    ASN1ObjectIdentifier c2tnb359v1 = cTwoCurve.branch("18");
+    /** Two Curve c2pnb368w1, OID: 1.2.840.10045.3.0.19 */
+    ASN1ObjectIdentifier c2pnb368w1 = cTwoCurve.branch("19");
+    /** Two Curve c2tnb431r1, OID: 1.2.840.10045.3.0.20 */
+    ASN1ObjectIdentifier c2tnb431r1 = cTwoCurve.branch("20");
+
+    /**
+     * Prime Curves
+     * <p>
+     * OID: 1.2.840.10045.3.1
+     */
+    ASN1ObjectIdentifier primeCurve = ellipticCurve.branch("1");
+
+    /** Prime Curve prime192v1, OID: 1.2.840.10045.3.1.1 */
+    ASN1ObjectIdentifier prime192v1 = primeCurve.branch("1");
+    /** Prime Curve prime192v2, OID: 1.2.840.10045.3.1.2 */
+    ASN1ObjectIdentifier prime192v2 = primeCurve.branch("2");
+    /** Prime Curve prime192v3, OID: 1.2.840.10045.3.1.3 */
+    ASN1ObjectIdentifier prime192v3 = primeCurve.branch("3");
+    /** Prime Curve prime239v1, OID: 1.2.840.10045.3.1.4 */
+    ASN1ObjectIdentifier prime239v1 = primeCurve.branch("4");
+    /** Prime Curve prime239v2, OID: 1.2.840.10045.3.1.5 */
+    ASN1ObjectIdentifier prime239v2 = primeCurve.branch("5");
+    /** Prime Curve prime239v3, OID: 1.2.840.10045.3.1.6 */
+    ASN1ObjectIdentifier prime239v3 = primeCurve.branch("6");
+    /** Prime Curve prime256v1, OID: 1.2.840.10045.3.1.7 */
+    ASN1ObjectIdentifier prime256v1 = primeCurve.branch("7");
+
+    /**
+     * DSA
+     * <pre>
+     * dsapublicnumber OBJECT IDENTIFIER ::= { iso(1) member-body(2)
+     *                                         us(840) ansi-x957(10040) number-type(4) 1 }
+     * </pre>
+     * Base OID: 1.2.840.10040.4.1
+     */
+    ASN1ObjectIdentifier id_dsa = new ASN1ObjectIdentifier("1.2.840.10040.4.1");
+
+    /**
+     * <pre>
+     * id-dsa-with-sha1 OBJECT IDENTIFIER ::= {
+     *     iso(1) member-body(2) us(840) x9-57(10040) x9cm(4) 3 }
+     * </pre>
+     * OID: 1.2.840.10040.4.3
+     */
+    ASN1ObjectIdentifier id_dsa_with_sha1 = new ASN1ObjectIdentifier("1.2.840.10040.4.3");
+
+    /**
+     * X9.63 - Signature Specification
+     * <p>
+     * Base OID: 1.3.133.16.840.63.0
+     */
+    ASN1ObjectIdentifier x9_63_scheme = new ASN1ObjectIdentifier("1.3.133.16.840.63.0");
+    /** OID: 1.3.133.16.840.63.0.2 */
+    ASN1ObjectIdentifier dhSinglePass_stdDH_sha1kdf_scheme      = x9_63_scheme.branch("2");
+    /** OID: 1.3.133.16.840.63.0.3 */
+    ASN1ObjectIdentifier dhSinglePass_cofactorDH_sha1kdf_scheme = x9_63_scheme.branch("3");
+    /** OID: 1.3.133.16.840.63.0.16 */
+    ASN1ObjectIdentifier mqvSinglePass_sha1kdf_scheme           = x9_63_scheme.branch("16");
+
+    /**
+     * X9.42
+     */
+
+    ASN1ObjectIdentifier ansi_X9_42 = new ASN1ObjectIdentifier("1.2.840.10046");
+
+    /**
+     * Diffie-Hellman
+     * <pre>
+     * dhpublicnumber OBJECT IDENTIFIER ::= {
+     *    iso(1) member-body(2)  us(840) ansi-x942(10046) number-type(2) 1
+     * }
+     * </pre>
+     * OID: 1.2.840.10046.2.1
+     */
+    ASN1ObjectIdentifier dhpublicnumber = ansi_X9_42.branch("2.1");
+
+    /** X9.42 schemas base OID: 1.2.840.10046.3 */
+    ASN1ObjectIdentifier x9_42_schemes = ansi_X9_42.branch("3");
+    /** X9.42 dhStatic OID: 1.2.840.10046.3.1 */
+    ASN1ObjectIdentifier dhStatic        = x9_42_schemes.branch("1");
+    /** X9.42 dhEphem OID: 1.2.840.10046.3.2 */
+    ASN1ObjectIdentifier dhEphem         = x9_42_schemes.branch("2");
+    /** X9.42 dhOneFlow OID: 1.2.840.10046.3.3 */
+    ASN1ObjectIdentifier dhOneFlow       = x9_42_schemes.branch("3");
+    /** X9.42 dhHybrid1 OID: 1.2.840.10046.3.4 */
+    ASN1ObjectIdentifier dhHybrid1       = x9_42_schemes.branch("4");
+    /** X9.42 dhHybrid2 OID: 1.2.840.10046.3.5 */
+    ASN1ObjectIdentifier dhHybrid2       = x9_42_schemes.branch("5");
+    /** X9.42 dhHybridOneFlow OID: 1.2.840.10046.3.6 */
+    ASN1ObjectIdentifier dhHybridOneFlow = x9_42_schemes.branch("6");
+    /** X9.42 MQV2 OID: 1.2.840.10046.3.7 */
+    ASN1ObjectIdentifier mqv2            = x9_42_schemes.branch("7");
+    /** X9.42 MQV1 OID: 1.2.840.10046.3.8 */
+    ASN1ObjectIdentifier mqv1            = x9_42_schemes.branch("8");
+
+    /**
+     * X9.44
+     * <pre>
+     *    x9-44 OID ::= {
+     *      iso(1) identified-organization(3) tc68(133) country(16) x9(840)
+     *      x9Standards(9) x9-44(44)
+     *   }
+     * </pre>
+     */
+
+    ASN1ObjectIdentifier x9_44 = new ASN1ObjectIdentifier("1.3.133.16.840.9.44");
+
+    ASN1ObjectIdentifier x9_44_components = x9_44.branch("1");
+
+    ASN1ObjectIdentifier id_kdf_kdf2 = x9_44_components.branch("1");
+    ASN1ObjectIdentifier id_kdf_kdf3 = x9_44_components.branch("2");
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/AsymmetricBlockCipher.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/AsymmetricBlockCipher.java
new file mode 100644
index 0000000..599610f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/AsymmetricBlockCipher.java

@@ -0,0 +1,47 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+
+/**
+ * base interface that a public/private key block cipher needs
+ * to conform to.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface AsymmetricBlockCipher
+{
+    /**
+     * initialise the cipher.
+     *
+     * @param forEncryption if true the cipher is initialised for 
+     *  encryption, if false for decryption.
+     * @param param the key and other data required by the cipher.
+     */
+    public void init(boolean forEncryption, CipherParameters param);
+
+    /**
+     * returns the largest size an input block can be.
+     *
+     * @return maximum size for an input block.
+     */
+    public int getInputBlockSize();
+
+    /**
+     * returns the maximum size of the block produced by this cipher.
+     *
+     * @return maximum size of the output block produced by the cipher.
+     */
+    public int getOutputBlockSize();
+
+    /**
+     * process the block of len bytes stored in in from offset inOff.
+     *
+     * @param in the input data
+     * @param inOff offset into the in array where the data starts
+     * @param len the length of the block to be processed.
+     * @return the resulting byte array of the encryption/decryption process.
+     * @exception InvalidCipherTextException data decrypts improperly.
+     * @exception DataLengthException the input data is too large for the cipher.
+     */
+    public byte[] processBlock(byte[] in, int inOff, int len)
+        throws InvalidCipherTextException;
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/AsymmetricCipherKeyPair.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/AsymmetricCipherKeyPair.java
new file mode 100644
index 0000000..1e14f2b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/AsymmetricCipherKeyPair.java

@@ -0,0 +1,63 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+import com.android.org.bouncycastle.crypto.params.AsymmetricKeyParameter;
+
+/**
+ * a holding class for public/private parameter pairs.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class AsymmetricCipherKeyPair
+{
+    private AsymmetricKeyParameter    publicParam;
+    private AsymmetricKeyParameter    privateParam;
+
+    /**
+     * basic constructor.
+     *
+     * @param publicParam a public key parameters object.
+     * @param privateParam the corresponding private key parameters.
+     */
+    public AsymmetricCipherKeyPair(
+        AsymmetricKeyParameter    publicParam,
+        AsymmetricKeyParameter    privateParam)
+    {
+        this.publicParam = publicParam;
+        this.privateParam = privateParam;
+    }
+
+    /**
+     * basic constructor.
+     *
+     * @param publicParam a public key parameters object.
+     * @param privateParam the corresponding private key parameters.
+     * @deprecated use AsymmetricKeyParameter
+     */
+    public AsymmetricCipherKeyPair(
+        CipherParameters    publicParam,
+        CipherParameters    privateParam)
+    {
+        this.publicParam = (AsymmetricKeyParameter)publicParam;
+        this.privateParam = (AsymmetricKeyParameter)privateParam;
+    }
+
+    /**
+     * return the public key parameters.
+     *
+     * @return the public key parameters.
+     */
+    public AsymmetricKeyParameter getPublic()
+    {
+        return publicParam;
+    }
+
+    /**
+     * return the private key parameters.
+     *
+     * @return the private key parameters.
+     */
+    public AsymmetricKeyParameter getPrivate()
+    {
+        return privateParam;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/AsymmetricCipherKeyPairGenerator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/AsymmetricCipherKeyPairGenerator.java
new file mode 100644
index 0000000..d58cd06
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/AsymmetricCipherKeyPairGenerator.java

@@ -0,0 +1,24 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+/**
+ * interface that a public/private key pair generator should conform to.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface AsymmetricCipherKeyPairGenerator
+{
+    /**
+     * intialise the key pair generator.
+     *
+     * @param param the parameters the key pair is to be initialised with.
+     */
+    public void init(KeyGenerationParameters param);
+
+    /**
+     * return an AsymmetricCipherKeyPair containing the generated keys.
+     *
+     * @return an AsymmetricCipherKeyPair containing the generated keys.
+     */
+    public AsymmetricCipherKeyPair generateKeyPair();
+}
+

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/BasicAgreement.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/BasicAgreement.java
new file mode 100644
index 0000000..932f5b6
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/BasicAgreement.java

@@ -0,0 +1,28 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+import java.math.BigInteger;
+
+/**
+ * The basic interface that basic Diffie-Hellman implementations
+ * conforms to.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface BasicAgreement
+{
+    /**
+     * initialise the agreement engine.
+     */
+    void init(CipherParameters param);
+
+    /**
+     * return the field size for the agreement algorithm in bytes.
+     */
+    int getFieldSize();
+
+    /**
+     * given a public key from a given party calculate the next
+     * message in the agreement sequence. 
+     */
+    BigInteger calculateAgreement(CipherParameters pubKey);
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/BlockCipher.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/BlockCipher.java
new file mode 100644
index 0000000..eaf9803
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/BlockCipher.java

@@ -0,0 +1,58 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+
+/**
+ * Block cipher engines are expected to conform to this interface.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface BlockCipher
+{
+    /**
+     * Initialise the cipher.
+     *
+     * @param forEncryption if true the cipher is initialised for
+     *  encryption, if false for decryption.
+     * @param params the key and other data required by the cipher.
+     * @exception IllegalArgumentException if the params argument is
+     * inappropriate.
+     */
+    public void init(boolean forEncryption, CipherParameters params)
+        throws IllegalArgumentException;
+
+    /**
+     * Return the name of the algorithm the cipher implements.
+     *
+     * @return the name of the algorithm the cipher implements.
+     */
+    public String getAlgorithmName();
+
+    /**
+     * Return the block size for this cipher (in bytes).
+     *
+     * @return the block size for this cipher in bytes.
+     */
+    public int getBlockSize();
+
+    /**
+     * Process one block of input from the array in and write it to
+     * the out array.
+     *
+     * @param in the array containing the input data.
+     * @param inOff offset into the in array the data starts at.
+     * @param out the array the output data will be copied into.
+     * @param outOff the offset into the out array the output will start at.
+     * @exception DataLengthException if there isn't enough data in in, or
+     * space in out.
+     * @exception IllegalStateException if the cipher isn't initialised.
+     * @return the number of bytes processed and produced.
+     */
+    public int processBlock(byte[] in, int inOff, byte[] out, int outOff)
+        throws DataLengthException, IllegalStateException;
+
+    /**
+     * Reset the cipher. After resetting the cipher is in the same state
+     * as it was after the last init (if there was one).
+     */
+    public void reset();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/BufferedBlockCipher.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/BufferedBlockCipher.java
new file mode 100644
index 0000000..f3cfea8
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/BufferedBlockCipher.java

@@ -0,0 +1,322 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+
+/**
+ * A wrapper class that allows block ciphers to be used to process data in
+ * a piecemeal fashion. The BufferedBlockCipher outputs a block only when the
+ * buffer is full and more data is being added, or on a doFinal.
+ * <p>
+ * Note: in the case where the underlying cipher is either a CFB cipher or an
+ * OFB one the last block may not be a multiple of the block size.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BufferedBlockCipher
+{
+    protected byte[]        buf;
+    protected int           bufOff;
+
+    protected boolean       forEncryption;
+    protected BlockCipher   cipher;
+
+    protected boolean       partialBlockOkay;
+    protected boolean       pgpCFB;
+
+    /**
+     * constructor for subclasses
+     */
+    protected BufferedBlockCipher()
+    {
+    }
+
+    /**
+     * Create a buffered block cipher without padding.
+     *
+     * @param cipher the underlying block cipher this buffering object wraps.
+     */
+    public BufferedBlockCipher(
+        BlockCipher     cipher)
+    {
+        this.cipher = cipher;
+
+        buf = new byte[cipher.getBlockSize()];
+        bufOff = 0;
+
+        //
+        // check if we can handle partial blocks on doFinal.
+        //
+        String  name = cipher.getAlgorithmName();
+        int     idx = name.indexOf('/') + 1;
+
+        pgpCFB = (idx > 0 && name.startsWith("PGP", idx));
+
+        if (pgpCFB || cipher instanceof StreamCipher)
+        {
+            partialBlockOkay = true;
+        }
+        else
+        {
+            partialBlockOkay = (idx > 0 && (name.startsWith("OpenPGP", idx)));
+        }
+    }
+
+    /**
+     * return the cipher this object wraps.
+     *
+     * @return the cipher this object wraps.
+     */
+    public BlockCipher getUnderlyingCipher()
+    {
+        return cipher;
+    }
+
+    /**
+     * initialise the cipher.
+     *
+     * @param forEncryption if true the cipher is initialised for
+     *  encryption, if false for decryption.
+     * @param params the key and other data required by the cipher.
+     * @exception IllegalArgumentException if the params argument is
+     * inappropriate.
+     */
+    public void init(
+        boolean             forEncryption,
+        CipherParameters    params)
+        throws IllegalArgumentException
+    {
+        this.forEncryption = forEncryption;
+
+        reset();
+
+        cipher.init(forEncryption, params);
+    }
+
+    /**
+     * return the blocksize for the underlying cipher.
+     *
+     * @return the blocksize for the underlying cipher.
+     */
+    public int getBlockSize()
+    {
+        return cipher.getBlockSize();
+    }
+
+    /**
+     * return the size of the output buffer required for an update 
+     * an input of len bytes.
+     *
+     * @param len the length of the input.
+     * @return the space required to accommodate a call to update
+     * with len bytes of input.
+     */
+    public int getUpdateOutputSize(
+        int len)
+    {
+        int total       = len + bufOff;
+        int leftOver;
+
+        if (pgpCFB)
+        {
+            if (forEncryption)
+            {
+                leftOver = total % buf.length - (cipher.getBlockSize() + 2);
+            }
+            else
+            {
+                leftOver = total % buf.length;
+            }
+        }
+        else
+        {
+            leftOver    = total % buf.length;
+        }
+
+        return total - leftOver;
+    }
+
+    /**
+     * return the size of the output buffer required for an update plus a
+     * doFinal with an input of 'length' bytes.
+     *
+     * @param length the length of the input.
+     * @return the space required to accommodate a call to update and doFinal
+     * with 'length' bytes of input.
+     */
+    public int getOutputSize(
+        int length)
+    {
+        // Note: Can assume partialBlockOkay is true for purposes of this calculation
+        return length + bufOff;
+    }
+
+    /**
+     * process a single byte, producing an output block if necessary.
+     *
+     * @param in the input byte.
+     * @param out the space for any output that might be produced.
+     * @param outOff the offset from which the output will be copied.
+     * @return the number of output bytes copied to out.
+     * @exception DataLengthException if there isn't enough space in out.
+     * @exception IllegalStateException if the cipher isn't initialised.
+     */
+    public int processByte(
+        byte        in,
+        byte[]      out,
+        int         outOff)
+        throws DataLengthException, IllegalStateException
+    {
+        int         resultLen = 0;
+
+        buf[bufOff++] = in;
+
+        if (bufOff == buf.length)
+        {
+            resultLen = cipher.processBlock(buf, 0, out, outOff);
+            bufOff = 0;
+        }
+
+        return resultLen;
+    }
+
+    /**
+     * process an array of bytes, producing output if necessary.
+     *
+     * @param in the input byte array.
+     * @param inOff the offset at which the input data starts.
+     * @param len the number of bytes to be copied out of the input array.
+     * @param out the space for any output that might be produced.
+     * @param outOff the offset from which the output will be copied.
+     * @return the number of output bytes copied to out.
+     * @exception DataLengthException if there isn't enough space in out.
+     * @exception IllegalStateException if the cipher isn't initialised.
+     */
+    public int processBytes(
+        byte[]      in,
+        int         inOff,
+        int         len,
+        byte[]      out,
+        int         outOff)
+        throws DataLengthException, IllegalStateException
+    {
+        if (len < 0)
+        {
+            throw new IllegalArgumentException("Can't have a negative input length!");
+        }
+
+        int blockSize   = getBlockSize();
+        int length      = getUpdateOutputSize(len);
+        
+        if (length > 0)
+        {
+            if ((outOff + length) > out.length)
+            {
+                throw new OutputLengthException("output buffer too short");
+            }
+        }
+
+        int resultLen = 0;
+        int gapLen = buf.length - bufOff;
+
+        if (len > gapLen)
+        {
+            System.arraycopy(in, inOff, buf, bufOff, gapLen);
+
+            resultLen += cipher.processBlock(buf, 0, out, outOff);
+
+            bufOff = 0;
+            len -= gapLen;
+            inOff += gapLen;
+
+            while (len > buf.length)
+            {
+                resultLen += cipher.processBlock(in, inOff, out, outOff + resultLen);
+
+                len -= blockSize;
+                inOff += blockSize;
+            }
+        }
+
+        System.arraycopy(in, inOff, buf, bufOff, len);
+
+        bufOff += len;
+
+        if (bufOff == buf.length)
+        {
+            resultLen += cipher.processBlock(buf, 0, out, outOff + resultLen);
+            bufOff = 0;
+        }
+
+        return resultLen;
+    }
+
+    /**
+     * Process the last block in the buffer.
+     *
+     * @param out the array the block currently being held is copied into.
+     * @param outOff the offset at which the copying starts.
+     * @return the number of output bytes copied to out.
+     * @exception DataLengthException if there is insufficient space in out for
+     * the output, or the input is not block size aligned and should be.
+     * @exception IllegalStateException if the underlying cipher is not
+     * initialised.
+     * @exception InvalidCipherTextException if padding is expected and not found.
+     * @exception DataLengthException if the input is not block size
+     * aligned.
+     */
+    public int doFinal(
+        byte[]  out,
+        int     outOff)
+        throws DataLengthException, IllegalStateException, InvalidCipherTextException
+    {
+        try
+        {
+            int resultLen = 0;
+
+            if (outOff + bufOff > out.length)
+            {
+                throw new OutputLengthException("output buffer too short for doFinal()");
+            }
+
+            if (bufOff != 0)
+            {
+                if (!partialBlockOkay)
+                {
+                    throw new DataLengthException("data not block size aligned");
+                }
+
+                cipher.processBlock(buf, 0, buf, 0);
+                resultLen = bufOff;
+                bufOff = 0;
+                System.arraycopy(buf, 0, out, outOff, resultLen);
+            }
+
+            return resultLen;
+        }
+        finally
+        {
+            reset();
+        }
+    }
+
+    /**
+     * Reset the buffer and cipher. After resetting the object is in the same
+     * state as it was after the last init (if there was one).
+     */
+    public void reset()
+    {
+        //
+        // clean the buffer.
+        //
+        for (int i = 0; i < buf.length; i++)
+        {
+            buf[i] = 0;
+        }
+
+        bufOff = 0;
+
+        //
+        // reset the underlying cipher.
+        //
+        cipher.reset();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/CipherKeyGenerator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/CipherKeyGenerator.java
new file mode 100644
index 0000000..a7212c9
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/CipherKeyGenerator.java

@@ -0,0 +1,40 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+import java.security.SecureRandom;
+
+/**
+ * The base class for symmetric, or secret, cipher key generators.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class CipherKeyGenerator
+{
+    protected SecureRandom  random;
+    protected int           strength;
+
+    /**
+     * initialise the key generator.
+     *
+     * @param param the parameters to be used for key generation
+     */
+    public void init(
+        KeyGenerationParameters param)
+    {
+        this.random = param.getRandom();
+        this.strength = (param.getStrength() + 7) / 8;
+    }
+
+    /**
+     * generate a secret key.
+     *
+     * @return a byte array containing the key value.
+     */
+    public byte[] generateKey()
+    {
+        byte[]  key = new byte[strength];
+
+        random.nextBytes(key);
+
+        return key;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/CipherParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/CipherParameters.java
new file mode 100644
index 0000000..889837f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/CipherParameters.java

@@ -0,0 +1,10 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+/**
+ * all parameter classes implement this.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface CipherParameters
+{
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/CryptoException.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/CryptoException.java
new file mode 100644
index 0000000..c9e822c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/CryptoException.java

@@ -0,0 +1,50 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+/**
+ * the foundation class for the hard exceptions thrown by the crypto packages.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class CryptoException 
+    extends Exception
+{
+    private Throwable cause;
+
+    /**
+     * base constructor.
+     */
+    public CryptoException()
+    {
+    }
+
+    /**
+     * create a CryptoException with the given message.
+     *
+     * @param message the message to be carried with the exception.
+     */
+    public CryptoException(
+        String  message)
+    {
+        super(message);
+    }
+
+    /**
+     * Create a CryptoException with the given message and underlying cause.
+     *
+     * @param message message describing exception.
+     * @param cause the throwable that was the underlying cause.
+     */
+    public CryptoException(
+        String  message,
+        Throwable cause)
+    {
+        super(message);
+
+        this.cause = cause;
+    }
+
+    public Throwable getCause()
+    {
+        return cause;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/CryptoServicesPermission.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/CryptoServicesPermission.java
new file mode 100644
index 0000000..c393a4d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/CryptoServicesPermission.java

@@ -0,0 +1,83 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+import java.security.Permission;
+import java.util.HashSet;
+import java.util.Set;
+
+/**
+ * Permissions that need to be configured if a SecurityManager is used.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class CryptoServicesPermission
+    extends Permission
+{
+    /**
+     * Enable the setting of global configuration properties. This permission implies THREAD_LOCAL_CONFIG
+     */
+    public static final String GLOBAL_CONFIG = "globalConfig";
+
+    /**
+     * Enable the setting of thread local configuration properties.
+     */
+    public static final String THREAD_LOCAL_CONFIG = "threadLocalConfig";
+
+    /**
+     * Enable the setting of the default SecureRandom.
+     */
+    public static final String DEFAULT_RANDOM = "defaultRandomConfig";
+
+    private final Set<String> actions = new HashSet<String>();
+
+    public CryptoServicesPermission(String name)
+    {
+        super(name);
+
+        this.actions.add(name);
+    }
+
+    public boolean implies(Permission permission)
+    {
+        if (permission instanceof CryptoServicesPermission)
+        {
+            CryptoServicesPermission other = (CryptoServicesPermission)permission;
+
+            if (this.getName().equals(other.getName()))
+            {
+                return true;
+            }
+
+            if (this.actions.containsAll(other.actions))
+            {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    public boolean equals(Object obj)
+    {
+        if (obj instanceof CryptoServicesPermission)
+        {
+            CryptoServicesPermission other = (CryptoServicesPermission)obj;
+
+            if (this.actions.equals(other.actions))
+            {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    public int hashCode()
+    {
+        return actions.hashCode();
+    }
+
+    public String getActions()
+    {
+        return actions.toString();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/CryptoServicesRegistrar.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/CryptoServicesRegistrar.java
new file mode 100644
index 0000000..2a855da
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/CryptoServicesRegistrar.java

@@ -0,0 +1,420 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+import java.math.BigInteger;
+import java.security.AccessController;
+import java.security.Permission;
+import java.security.PrivilegedAction;
+import java.security.SecureRandom;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.Map;
+
+import com.android.org.bouncycastle.asn1.x9.X9ECParameters;
+import com.android.org.bouncycastle.crypto.params.DHParameters;
+import com.android.org.bouncycastle.crypto.params.DHValidationParameters;
+import com.android.org.bouncycastle.crypto.params.DSAParameters;
+import com.android.org.bouncycastle.crypto.params.DSAValidationParameters;
+import com.android.org.bouncycastle.util.encoders.Hex;
+
+/**
+ * Basic registrar class for providing defaults for cryptography services in this module.
+ * @hide This class is not part of the Android public SDK API
+ */
+public final class CryptoServicesRegistrar
+{
+    private static final Permission CanSetDefaultProperty = new CryptoServicesPermission(CryptoServicesPermission.GLOBAL_CONFIG);
+    private static final Permission CanSetThreadProperty = new CryptoServicesPermission(CryptoServicesPermission.THREAD_LOCAL_CONFIG);
+    private static final Permission CanSetDefaultRandom = new CryptoServicesPermission(CryptoServicesPermission.DEFAULT_RANDOM);
+
+    private static final ThreadLocal<Map<String, Object[]>> threadProperties = new ThreadLocal<Map<String, Object[]>>();
+    private static final Map<String, Object[]> globalProperties = Collections.synchronizedMap(new HashMap<String, Object[]>());
+
+    private static volatile SecureRandom defaultSecureRandom;
+
+    static
+    {
+        // default domain parameters for DSA and Diffie-Hellman
+
+        DSAParameters def512Params = new DSAParameters(
+            new BigInteger("fca682ce8e12caba26efccf7110e526db078b05edecbcd1eb4a208f3ae1617ae01f35b91a47e6df63413c5e12ed0899bcd132acd50d99151bdc43ee737592e17", 16),
+            new BigInteger("962eddcc369cba8ebb260ee6b6a126d9346e38c5", 16),
+            new BigInteger("678471b27a9cf44ee91a49c5147db1a9aaf244f05a434d6486931d2d14271b9e35030b71fd73da179069b32e2935630e1c2062354d0da20a6c416e50be794ca4", 16),
+            new DSAValidationParameters(Hex.decode("b869c82b35d70e1b1ff91b28e37a62ecdc34409b"), 123));
+
+        DSAParameters def768Params = new DSAParameters(
+            new BigInteger("e9e642599d355f37c97ffd3567120b8e25c9cd43e927b3a9670fbec5" +
+                           "d890141922d2c3b3ad2480093799869d1e846aab49fab0ad26d2ce6a" +
+                           "22219d470bce7d777d4a21fbe9c270b57f607002f3cef8393694cf45" +
+                           "ee3688c11a8c56ab127a3daf", 16),
+            new BigInteger("9cdbd84c9f1ac2f38d0f80f42ab952e7338bf511", 16),
+            new BigInteger("30470ad5a005fb14ce2d9dcd87e38bc7d1b1c5facbaecbe95f190aa7" +
+                           "a31d23c4dbbcbe06174544401a5b2c020965d8c2bd2171d366844577" +
+                           "1f74ba084d2029d83c1c158547f3a9f1a2715be23d51ae4d3e5a1f6a" +
+                           "7064f316933a346d3f529252", 16),
+            new DSAValidationParameters(Hex.decode("77d0f8c4dad15eb8c4f2f8d6726cefd96d5bb399"), 263));
+
+        DSAParameters def1024Params = new DSAParameters(
+            new BigInteger("fd7f53811d75122952df4a9c2eece4e7f611b7523cef4400c31e3f80" +
+                            "b6512669455d402251fb593d8d58fabfc5f5ba30f6cb9b556cd7813b" +
+                            "801d346ff26660b76b9950a5a49f9fe8047b1022c24fbba9d7feb7c6" +
+                            "1bf83b57e7c6a8a6150f04fb83f6d3c51ec3023554135a169132f675" +
+                            "f3ae2b61d72aeff22203199dd14801c7", 16),
+            new BigInteger("9760508f15230bccb292b982a2eb840bf0581cf5", 16),
+            new BigInteger("f7e1a085d69b3ddecbbcab5c36b857b97994afbbfa3aea82f9574c0b" +
+                            "3d0782675159578ebad4594fe67107108180b449167123e84c281613" +
+                            "b7cf09328cc8a6e13c167a8b547c8d28e0a3ae1e2bb3a675916ea37f" +
+                            "0bfa213562f1fb627a01243bcca4f1bea8519089a883dfe15ae59f06" +
+                            "928b665e807b552564014c3bfecf492a", 16),
+            new DSAValidationParameters(Hex.decode("8d5155894229d5e689ee01e6018a237e2cae64cd"), 92));
+
+        DSAParameters def2048Params = new DSAParameters(
+            new BigInteger("95475cf5d93e596c3fcd1d902add02f427f5f3c7210313bb45fb4d5b" +
+                            "b2e5fe1cbd678cd4bbdd84c9836be1f31c0777725aeb6c2fc38b85f4" +
+                            "8076fa76bcd8146cc89a6fb2f706dd719898c2083dc8d896f84062e2" +
+                            "c9c94d137b054a8d8096adb8d51952398eeca852a0af12df83e475aa" +
+                            "65d4ec0c38a9560d5661186ff98b9fc9eb60eee8b030376b236bc73b" +
+                            "e3acdbd74fd61c1d2475fa3077b8f080467881ff7e1ca56fee066d79" +
+                            "506ade51edbb5443a563927dbc4ba520086746175c8885925ebc64c6" +
+                            "147906773496990cb714ec667304e261faee33b3cbdf008e0c3fa906" +
+                            "50d97d3909c9275bf4ac86ffcb3d03e6dfc8ada5934242dd6d3bcca2" +
+                            "a406cb0b", 16),
+            new BigInteger("f8183668ba5fc5bb06b5981e6d8b795d30b8978d43ca0ec572e37e09939a9773", 16),
+            new BigInteger("42debb9da5b3d88cc956e08787ec3f3a09bba5f48b889a74aaf53174" +
+                            "aa0fbe7e3c5b8fcd7a53bef563b0e98560328960a9517f4014d3325f" +
+                            "c7962bf1e049370d76d1314a76137e792f3f0db859d095e4a5b93202" +
+                            "4f079ecf2ef09c797452b0770e1350782ed57ddf794979dcef23cb96" +
+                            "f183061965c4ebc93c9c71c56b925955a75f94cccf1449ac43d586d0" +
+                            "beee43251b0b2287349d68de0d144403f13e802f4146d882e057af19" +
+                            "b6f6275c6676c8fa0e3ca2713a3257fd1b27d0639f695e347d8d1cf9" +
+                            "ac819a26ca9b04cb0eb9b7b035988d15bbac65212a55239cfc7e58fa" +
+                            "e38d7250ab9991ffbc97134025fe8ce04c4399ad96569be91a546f49" +
+                            "78693c7a", 16),
+            new DSAValidationParameters(Hex.decode("b0b4417601b59cbc9d8ac8f935cadaec4f5fbb2f23785609ae466748d9b5a536"), 497));
+
+        localSetGlobalProperty(Property.DSA_DEFAULT_PARAMS, def512Params, def768Params, def1024Params, def2048Params);
+        localSetGlobalProperty(Property.DH_DEFAULT_PARAMS, toDH(def512Params), toDH(def768Params), toDH(def1024Params), toDH(def2048Params));
+    }
+
+    private CryptoServicesRegistrar()
+    {
+
+    }
+
+    /**
+     * Return the default source of randomness.
+     *
+     * @return the default SecureRandom
+     * @throws IllegalStateException if no source of randomness has been provided.
+     */
+    public static SecureRandom getSecureRandom()
+    {
+        if (defaultSecureRandom == null)
+        {
+            return new SecureRandom();
+        }
+        
+        return defaultSecureRandom;
+    }
+
+    /**
+     * Set a default secure random to be used where none is otherwise provided.
+     *
+     * @param secureRandom the SecureRandom to use as the default.
+     */
+    public static void setSecureRandom(SecureRandom secureRandom)
+    {
+        checkPermission(CanSetDefaultRandom);
+
+        defaultSecureRandom = secureRandom;
+    }
+
+    /**
+     * Return the default value for a particular property if one exists. The look up is done on the thread's local
+     * configuration first and then on the global configuration in no local configuration exists.
+     *
+     * @param property the property to look up.
+     * @param <T> the type to be returned
+     * @return null if the property is not set, the default value otherwise,
+     */
+    public static <T> T getProperty(Property property)
+    {
+        Object[] values = lookupProperty(property);
+
+        if (values != null)
+        {
+            return (T)values[0];
+        }
+
+        return null;
+    }
+
+    private static Object[] lookupProperty(Property property)
+    {
+        Map<String, Object[]> properties = threadProperties.get();
+        Object[] values;
+
+        if (properties == null || !properties.containsKey(property.name))
+        {
+            values = globalProperties.get(property.name);
+        }
+        else
+        {
+            values = properties.get(property.name);
+        }
+        return values;
+    }
+
+    /**
+     * Return an array representing the current values for a sized property such as DH_DEFAULT_PARAMS or
+     * DSA_DEFAULT_PARAMS.
+     *
+     * @param property the name of the property to look up.
+     * @param <T> the base type of the array to be returned.
+     * @return null if the property is not set, an array of the current values otherwise.
+     */
+    public static <T> T[] getSizedProperty(Property property)
+    {
+        Object[] values = lookupProperty(property);
+
+        if (values == null)
+        {
+            return null;
+        }
+
+        return (T[])values.clone();
+    }
+
+    /**
+     * Return the value for a specific size for a sized property such as DH_DEFAULT_PARAMS or
+     * DSA_DEFAULT_PARAMS.
+     *
+     * @param property the name of the property to look up.
+     * @param size the size (in bits) of the defining value in the property type.
+     * @param <T> the type of the value to be returned.
+     * @return the current value for the size, null if there is no value set,
+     */
+    public static <T> T getSizedProperty(Property property, int size)
+    {
+        Object[] values = lookupProperty(property);
+
+        if (values == null)
+        {
+            return null;
+        }
+
+        if (property.type.isAssignableFrom(DHParameters.class))
+        {
+            for (int i = 0; i != values.length; i++)
+            {
+                DHParameters params = (DHParameters)values[i];
+
+                if (params.getP().bitLength() == size)
+                {
+                    return (T)params;
+                }
+            }
+        }
+        else if (property.type.isAssignableFrom(DSAParameters.class))
+        {
+            for (int i = 0; i != values.length; i++)
+            {
+                DSAParameters params = (DSAParameters)values[i];
+
+                if (params.getP().bitLength() == size)
+                {
+                    return (T)params;
+                }
+            }
+        }
+
+        return null;
+    }
+
+    /**
+     * Set the value of the the passed in property on the current thread only. More than
+     * one value can be passed in for a sized property. If more than one value is provided the
+     * first value in the argument list becomes the default value.
+     *
+     * @param property the name of the property to set.
+     * @param propertyValue the values to assign to the property.
+     * @param <T> the base type of the property value.
+     */
+    public static <T> void setThreadProperty(Property property, T... propertyValue)
+    {
+        checkPermission(CanSetThreadProperty);
+
+        if (!property.type.isAssignableFrom(propertyValue[0].getClass()))
+        {
+            throw new IllegalArgumentException("Bad property value passed");
+        }
+
+        localSetThread(property, propertyValue.clone());
+    }
+
+    /**
+     * Set the value of the the passed in property globally in the JVM. More than
+     * one value can be passed in for a sized property. If more than one value is provided the
+     * first value in the argument list becomes the default value.
+     *
+     * @param property the name of the property to set.
+     * @param propertyValue the values to assign to the property.
+     * @param <T> the base type of the property value.
+     */
+    public static <T> void setGlobalProperty(Property property, T... propertyValue)
+    {
+        checkPermission(CanSetDefaultProperty);
+
+        localSetGlobalProperty(property, propertyValue.clone());
+    }
+
+    private static <T> void localSetThread(Property property, T[] propertyValue)
+    {
+        Map<String, Object[]> properties = threadProperties.get();
+
+        if (properties == null)
+        {
+            properties = new HashMap<String, Object[]>();
+            threadProperties.set(properties);
+        }
+
+        properties.put(property.name, propertyValue);
+    }
+
+    private static <T> void localSetGlobalProperty(Property property, T... propertyValue)
+    {
+        if (!property.type.isAssignableFrom(propertyValue[0].getClass()))
+        {
+            throw new IllegalArgumentException("Bad property value passed");
+        }
+
+        // set the property for the current thread as well to avoid mass confusion
+        localSetThread(property, propertyValue);
+
+        globalProperties.put(property.name, propertyValue);
+    }
+
+    /**
+     * Clear the global value for the passed in property.
+     *
+     * @param property the property to be cleared.
+     * @param <T> the base type of the property value
+     * @return an array of T if a value was previously set, null otherwise.
+     */
+    public static <T> T[] clearGlobalProperty(Property property)
+    {
+        checkPermission(CanSetDefaultProperty);
+
+        // clear the property for the current thread as well to avoid confusion
+        localClearThreadProperty(property);
+
+        return (T[])globalProperties.remove(property.name);
+    }
+
+    /**
+     * Clear the thread local value for the passed in property.
+     *
+     * @param property the property to be cleared.
+     * @param <T> the base type of the property value
+     * @return an array of T if a value was previously set, null otherwise.
+     */
+    public static <T> T[] clearThreadProperty(Property property)
+    {
+        checkPermission(CanSetThreadProperty);
+
+        return (T[])localClearThreadProperty(property);
+    }
+
+    private static Object[] localClearThreadProperty(Property property)
+    {
+        Map<String, Object[]> properties = threadProperties.get();
+
+        if (properties == null)
+        {
+            properties = new HashMap<String, Object[]>();
+            threadProperties.set(properties);
+        }
+
+        return properties.remove(property.name);
+    }
+
+    private static void checkPermission(final Permission permission)
+    {
+        final SecurityManager securityManager = System.getSecurityManager();
+
+        if (securityManager != null)
+        {
+            AccessController.doPrivileged(new PrivilegedAction<Object>()
+            {
+                public Object run()
+                {
+                    securityManager.checkPermission(permission);
+
+                    return null;
+                }
+            });
+        }
+    }
+
+    private static DHParameters toDH(DSAParameters dsaParams)
+    {
+        int pSize = dsaParams.getP().bitLength();
+        int m = chooseLowerBound(pSize);
+        return new DHParameters(dsaParams.getP(), dsaParams.getG(), dsaParams.getQ(), m, 0, null,
+            new DHValidationParameters(dsaParams.getValidationParameters().getSeed(), dsaParams.getValidationParameters().getCounter()));
+    }
+
+    // based on lower limit of at least 2^{2 * bits_of_security}
+    private static int chooseLowerBound(int pSize)
+    {
+        int m = 160;
+        if (pSize > 1024)
+        {
+            if (pSize <= 2048)
+            {
+                m = 224;
+            }
+            else if (pSize <= 3072)
+            {
+                m = 256;
+            }
+            else if (pSize <= 7680)
+            {
+                m = 384;
+            }
+            else
+            {
+                m = 512;
+            }
+        }
+        return m;
+    }
+
+    /**
+     * Available properties that can be set.
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static final class Property
+    {
+        /**
+         * The parameters to be used for processing implicitlyCA X9.62 parameters
+         */
+        public static final Property EC_IMPLICITLY_CA = new Property("ecImplicitlyCA", X9ECParameters.class);
+        /**
+         * The default parameters for a particular size of Diffie-Hellman key.This is a sized property.
+         */
+        public static final Property DH_DEFAULT_PARAMS= new Property("dhDefaultParams", DHParameters.class);
+        /**
+         * The default parameters for a particular size of DSA key. This is a sized property.
+         */
+        public static final Property DSA_DEFAULT_PARAMS= new Property("dsaDefaultParams", DSAParameters.class);
+        private final String name;
+        private final Class type;
+
+        private Property(String name, Class type)
+        {
+            this.name = name;
+            this.type = type;
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/DSA.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/DSA.java
new file mode 100644
index 0000000..c3aeec4
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/DSA.java

@@ -0,0 +1,38 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+import java.math.BigInteger;
+
+/**
+ * interface for classes implementing algorithms modeled similar to the Digital Signature Alorithm.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface DSA
+{
+    /**
+     * initialise the signer for signature generation or signature
+     * verification.
+     *
+     * @param forSigning true if we are generating a signature, false
+     * otherwise.
+     * @param param key parameters for signature generation.
+     */
+    public void init(boolean forSigning, CipherParameters param);
+
+    /**
+     * sign the passed in message (usually the output of a hash function).
+     *
+     * @param message the message to be signed.
+     * @return two big integers representing the r and s values respectively.
+     */
+    public BigInteger[] generateSignature(byte[] message);
+
+    /**
+     * verify the message message against the signature values r and s.
+     *
+     * @param message the message that was supposed to have been signed.
+     * @param r the r signature value.
+     * @param s the s signature value.
+     */
+    public boolean verifySignature(byte[] message, BigInteger  r, BigInteger s);
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/DSAExt.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/DSAExt.java
new file mode 100644
index 0000000..da33337
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/DSAExt.java

@@ -0,0 +1,18 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+import java.math.BigInteger;
+
+/**
+ * An "extended" interface for classes implementing DSA-style algorithms, that provides access to
+ * the group order.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface DSAExt
+    extends DSA
+{
+    /**
+     * Get the order of the group that the r, s values in signatures belong to.
+     */
+    public BigInteger getOrder();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/DataLengthException.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/DataLengthException.java
new file mode 100644
index 0000000..cd969e0
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/DataLengthException.java

@@ -0,0 +1,31 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+/**
+ * this exception is thrown if a buffer that is meant to have output
+ * copied into it turns out to be too short, or if we've been given 
+ * insufficient input. In general this exception will get thrown rather
+ * than an ArrayOutOfBounds exception.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DataLengthException 
+    extends RuntimeCryptoException
+{
+    /**
+     * base constructor.
+     */
+    public DataLengthException()
+    {
+    }
+
+    /**
+     * create a DataLengthException with the given message.
+     *
+     * @param message the message to be carried with the exception.
+     */
+    public DataLengthException(
+        String  message)
+    {
+        super(message);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/DerivationFunction.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/DerivationFunction.java
new file mode 100644
index 0000000..bf01736
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/DerivationFunction.java

@@ -0,0 +1,14 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+/**
+ * base interface for general purpose byte derivation functions.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface DerivationFunction
+{
+    public void init(DerivationParameters param);
+
+    public int generateBytes(byte[] out, int outOff, int len)
+        throws DataLengthException, IllegalArgumentException;
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/DerivationParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/DerivationParameters.java
new file mode 100644
index 0000000..f5242b9
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/DerivationParameters.java

@@ -0,0 +1,10 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+/**
+ * Parameters for key/byte stream derivation classes
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface DerivationParameters
+{
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/Digest.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/Digest.java
new file mode 100644
index 0000000..3b0ae1b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/Digest.java

@@ -0,0 +1,53 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+/**
+ * interface that a message digest conforms to.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface Digest
+{
+    /**
+     * return the algorithm name
+     *
+     * @return the algorithm name
+     */
+    public String getAlgorithmName();
+
+    /**
+     * return the size, in bytes, of the digest produced by this message digest.
+     *
+     * @return the size, in bytes, of the digest produced by this message digest.
+     */
+    public int getDigestSize();
+
+    /**
+     * update the message digest with a single byte.
+     *
+     * @param in the input byte to be entered.
+     */
+    public void update(byte in);
+
+    /**
+     * update the message digest with a block of bytes.
+     *
+     * @param in the byte array containing the data.
+     * @param inOff the offset into the byte array where the data starts.
+     * @param len the length of the data.
+     */
+    public void update(byte[] in, int inOff, int len);
+
+    /**
+     * close the digest, producing the final digest value. The doFinal
+     * call leaves the digest reset.
+     *
+     * @param out the array the digest is to be copied into.
+     * @param outOff the offset into the out array the digest is to start at.
+     */
+    public int doFinal(byte[] out, int outOff);
+
+    /**
+     * reset the digest back to it's initial state.
+     */
+    public void reset();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/ExtendedDigest.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/ExtendedDigest.java
new file mode 100644
index 0000000..672b337
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/ExtendedDigest.java

@@ -0,0 +1,17 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface ExtendedDigest 
+    extends Digest
+{
+    /**
+     * Return the size in bytes of the internal buffer the digest applies it's compression
+     * function to.
+     * 
+     * @return byte length of the digests internal buffer.
+     */
+    public int getByteLength();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/InvalidCipherTextException.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/InvalidCipherTextException.java
new file mode 100644
index 0000000..33fcd58
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/InvalidCipherTextException.java

@@ -0,0 +1,42 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+/**
+ * this exception is thrown whenever we find something we don't expect in a
+ * message.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class InvalidCipherTextException 
+    extends CryptoException
+{
+    /**
+     * base constructor.
+     */
+    public InvalidCipherTextException()
+    {
+    }
+
+    /**
+     * create a InvalidCipherTextException with the given message.
+     *
+     * @param message the message to be carried with the exception.
+     */
+    public InvalidCipherTextException(
+        String  message)
+    {
+        super(message);
+    }
+
+    /**
+     * create a InvalidCipherTextException with the given message.
+     *
+     * @param message the message to be carried with the exception.
+     * @param cause the root cause of the exception.
+     */
+    public InvalidCipherTextException(
+        String  message,
+        Throwable cause)
+    {
+        super(message, cause);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/KeyGenerationParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/KeyGenerationParameters.java
new file mode 100644
index 0000000..2a43b18
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/KeyGenerationParameters.java

@@ -0,0 +1,50 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+import java.security.SecureRandom;
+
+/**
+ * The base class for parameters to key generators.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class KeyGenerationParameters
+{
+    private SecureRandom    random;
+    private int             strength;
+
+    /**
+     * initialise the generator with a source of randomness
+     * and a strength (in bits).
+     *
+     * @param random the random byte source.
+     * @param strength the size, in bits, of the keys we want to produce.
+     */
+    public KeyGenerationParameters(
+        SecureRandom    random,
+        int             strength)
+    {
+        this.random = random;
+        this.strength = strength;
+    }
+
+    /**
+     * return the random source associated with this
+     * generator.
+     *
+     * @return the generators random source.
+     */
+    public SecureRandom getRandom()
+    {
+        return random;
+    }
+
+    /**
+     * return the bit strength for keys produced by this generator,
+     *
+     * @return the strength of the keys this generator produces (in bits).
+     */
+    public int getStrength()
+    {
+        return strength;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/Mac.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/Mac.java
new file mode 100644
index 0000000..0577b4b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/Mac.java

@@ -0,0 +1,73 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+
+/**
+ * The base interface for implementations of message authentication codes (MACs).
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface Mac
+{
+    /**
+     * Initialise the MAC.
+     *
+     * @param params the key and other data required by the MAC.
+     * @exception IllegalArgumentException if the params argument is
+     * inappropriate.
+     */
+    public void init(CipherParameters params)
+        throws IllegalArgumentException;
+
+    /**
+     * Return the name of the algorithm the MAC implements.
+     *
+     * @return the name of the algorithm the MAC implements.
+     */
+    public String getAlgorithmName();
+
+    /**
+     * Return the block size for this MAC (in bytes).
+     *
+     * @return the block size for this MAC in bytes.
+     */
+    public int getMacSize();
+
+    /**
+     * add a single byte to the mac for processing.
+     *
+     * @param in the byte to be processed.
+     * @exception IllegalStateException if the MAC is not initialised.
+     */
+    public void update(byte in)
+        throws IllegalStateException;
+
+    /**
+     * @param in the array containing the input.
+     * @param inOff the index in the array the data begins at.
+     * @param len the length of the input starting at inOff.
+     * @exception IllegalStateException if the MAC is not initialised.
+     * @exception DataLengthException if there isn't enough data in in.
+     */
+    public void update(byte[] in, int inOff, int len)
+        throws DataLengthException, IllegalStateException;
+
+    /**
+     * Compute the final stage of the MAC writing the output to the out
+     * parameter.
+     * <p>
+     * doFinal leaves the MAC in the same state it was after the last init.
+     *
+     * @param out the array the MAC is to be output to.
+     * @param outOff the offset into the out buffer the output is to start at.
+     * @exception DataLengthException if there isn't enough space in out.
+     * @exception IllegalStateException if the MAC is not initialised.
+     */
+    public int doFinal(byte[] out, int outOff)
+        throws DataLengthException, IllegalStateException;
+
+    /**
+     * Reset the MAC. At the end of resetting the MAC should be in the
+     * in the same state it was after the last init (if there was one).
+     */
+    public void reset();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/OutputLengthException.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/OutputLengthException.java
new file mode 100644
index 0000000..8663c67
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/OutputLengthException.java

@@ -0,0 +1,14 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class OutputLengthException
+    extends DataLengthException
+{
+    public OutputLengthException(String msg)
+    {
+        super(msg);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/PBEParametersGenerator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/PBEParametersGenerator.java
new file mode 100644
index 0000000..d627727
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/PBEParametersGenerator.java

@@ -0,0 +1,173 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * super class for all Password Based Encryption (PBE) parameter generator classes.
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class PBEParametersGenerator
+{
+    protected byte[]  password;
+    protected byte[]  salt;
+    protected int     iterationCount;
+
+    /**
+     * base constructor.
+     */
+    protected PBEParametersGenerator()
+    {
+    }
+
+    /**
+     * initialise the PBE generator.
+     *
+     * @param password the password converted into bytes (see below).
+     * @param salt the salt to be mixed with the password.
+     * @param iterationCount the number of iterations the "mixing" function
+     * is to be applied for.
+     */
+    public void init(
+        byte[]  password,
+        byte[]  salt,
+        int     iterationCount)
+    {
+        this.password = password;
+        this.salt = salt;
+        this.iterationCount = iterationCount;
+    }
+
+    /**
+     * return the password byte array.
+     *
+     * @return the password byte array.
+     */
+    public byte[] getPassword()
+    {
+        return password;
+    }
+
+    /**
+     * return the salt byte array.
+     *
+     * @return the salt byte array.
+     */
+    public byte[] getSalt()
+    {
+        return salt;
+    }
+
+    /**
+     * return the iteration count.
+     *
+     * @return the iteration count.
+     */
+    public int getIterationCount()
+    {
+        return iterationCount;
+    }
+
+    /**
+     * generate derived parameters for a key of length keySize.
+     *
+     * @param keySize the length, in bits, of the key required.
+     * @return a parameters object representing a key.
+     */
+    public abstract CipherParameters generateDerivedParameters(int keySize);
+
+    /**
+     * generate derived parameters for a key of length keySize, and
+     * an initialisation vector (IV) of length ivSize.
+     *
+     * @param keySize the length, in bits, of the key required.
+     * @param ivSize the length, in bits, of the iv required.
+     * @return a parameters object representing a key and an IV.
+     */
+    public abstract CipherParameters generateDerivedParameters(int keySize, int ivSize);
+
+    /**
+     * generate derived parameters for a key of length keySize, specifically
+     * for use with a MAC.
+     *
+     * @param keySize the length, in bits, of the key required.
+     * @return a parameters object representing a key.
+     */
+    public abstract CipherParameters generateDerivedMacParameters(int keySize);
+
+    /**
+     * converts a password to a byte array according to the scheme in
+     * PKCS5 (ascii, no padding)
+     *
+     * @param password a character array representing the password.
+     * @return a byte array representing the password.
+     */
+    public static byte[] PKCS5PasswordToBytes(
+        char[]  password)
+    {
+        if (password != null)
+        {
+            byte[]  bytes = new byte[password.length];
+
+            for (int i = 0; i != bytes.length; i++)
+            {
+                bytes[i] = (byte)password[i];
+            }
+
+            return bytes;
+        }
+        else
+        {
+            return new byte[0];
+        }
+    }
+
+    /**
+     * converts a password to a byte array according to the scheme in
+     * PKCS5 (UTF-8, no padding)
+     *
+     * @param password a character array representing the password.
+     * @return a byte array representing the password.
+     */
+    public static byte[] PKCS5PasswordToUTF8Bytes(
+        char[]  password)
+    {
+        if (password != null)
+        {
+            return Strings.toUTF8ByteArray(password);
+        }
+        else
+        {
+            return new byte[0];
+        }
+    }
+
+    /**
+     * converts a password to a byte array according to the scheme in
+     * PKCS12 (unicode, big endian, 2 zero pad bytes at the end).
+     *
+     * @param password a character array representing the password.
+     * @return a byte array representing the password.
+     */
+    public static byte[] PKCS12PasswordToBytes(
+        char[]  password)
+    {
+        if (password != null && password.length > 0)
+        {
+                                       // +1 for extra 2 pad bytes.
+            byte[]  bytes = new byte[(password.length + 1) * 2];
+
+            for (int i = 0; i != password.length; i ++)
+            {
+                bytes[i * 2] = (byte)(password[i] >>> 8);
+                bytes[i * 2 + 1] = (byte)password[i];
+            }
+
+            return bytes;
+        }
+        else
+        {
+            return new byte[0];
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/RawAgreement.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/RawAgreement.java
new file mode 100644
index 0000000..ae575b6
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/RawAgreement.java

@@ -0,0 +1,14 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface RawAgreement
+{
+    void init(CipherParameters parameters);
+
+    int getAgreementSize();
+
+    void calculateAgreement(CipherParameters publicKey, byte[] buf, int off);
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/RuntimeCryptoException.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/RuntimeCryptoException.java
new file mode 100644
index 0000000..f0dc3f0
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/RuntimeCryptoException.java

@@ -0,0 +1,28 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+/**
+ * the foundation class for the exceptions thrown by the crypto packages.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class RuntimeCryptoException 
+    extends RuntimeException
+{
+    /**
+     * base constructor.
+     */
+    public RuntimeCryptoException()
+    {
+    }
+
+    /**
+     * create a RuntimeCryptoException with the given message.
+     *
+     * @param message the message to be carried with the exception.
+     */
+    public RuntimeCryptoException(
+        String  message)
+    {
+        super(message);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/Signer.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/Signer.java
new file mode 100644
index 0000000..b76c9fe
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/Signer.java

@@ -0,0 +1,45 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+/**
+ * Generic signer interface for hash based and message recovery signers.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface Signer 
+{
+    /**
+     * Initialise the signer for signing or verification.
+     * 
+     * @param forSigning true if for signing, false otherwise
+     * @param param necessary parameters.
+     */
+    public void init(boolean forSigning, CipherParameters param);
+
+    /**
+     * update the internal digest with the byte b
+     */
+    public void update(byte b);
+
+    /**
+     * update the internal digest with the byte array in
+     */
+    public void update(byte[] in, int off, int len);
+
+    /**
+     * generate a signature for the message we've been loaded with using
+     * the key we were initialised with.
+     */
+    public byte[] generateSignature()
+        throws CryptoException, DataLengthException;
+
+    /**
+     * return true if the internal state represents the signature described
+     * in the passed in array.
+     */
+    public boolean verifySignature(byte[] signature);
+    
+    /**
+     * reset the internal state
+     */
+    public void reset();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/SignerWithRecovery.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/SignerWithRecovery.java
new file mode 100644
index 0000000..e060f0c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/SignerWithRecovery.java

@@ -0,0 +1,36 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+/**
+ * Signer with message recovery.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface SignerWithRecovery 
+    extends Signer
+{
+    /**
+     * Returns true if the signer has recovered the full message as
+     * part of signature verification.
+     * 
+     * @return true if full message recovered.
+     */
+    public boolean hasFullMessage();
+    
+    /**
+     * Returns a reference to what message was recovered (if any).
+     * 
+     * @return full/partial message, null if nothing.
+     */
+    public byte[] getRecoveredMessage();
+
+    /**
+     * Perform an update with the recovered message before adding any other data. This must
+     * be the first update method called, and calling it will result in the signer assuming
+     * that further calls to update will include message content past what is recoverable.
+     *
+     * @param signature the signature that we are in the process of verifying.
+     * @throws IllegalStateException
+     */
+    public void updateWithRecoveredMessage(byte[] signature)
+        throws InvalidCipherTextException;
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/SkippingCipher.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/SkippingCipher.java
new file mode 100644
index 0000000..71e9098
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/SkippingCipher.java

@@ -0,0 +1,33 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+/**
+ * Ciphers producing a key stream which can be reset to particular points in the stream implement this.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface SkippingCipher
+{
+    /**
+     * Skip numberOfBytes forwards, or backwards.
+     *
+     * @param numberOfBytes the number of bytes to skip (positive forward, negative backwards).
+     * @return the number of bytes actually skipped.
+     * @throws java.lang.IllegalArgumentException if numberOfBytes is an invalid value.
+     */
+    long skip(long numberOfBytes);
+
+    /**
+     * Reset the cipher and then skip forward to a given position.
+     *
+     * @param position the number of bytes in to set the cipher state to.
+     * @return the byte position moved to.
+     */
+    long seekTo(long position);
+
+    /**
+     * Return the current "position" of the cipher
+     *
+     * @return the current byte position.
+     */
+    long getPosition();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/SkippingStreamCipher.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/SkippingStreamCipher.java
new file mode 100644
index 0000000..3fa1743
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/SkippingStreamCipher.java

@@ -0,0 +1,11 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+/**
+ * General interface for a stream cipher that supports skipping.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface SkippingStreamCipher
+    extends StreamCipher, SkippingCipher
+{
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/StreamBlockCipher.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/StreamBlockCipher.java
new file mode 100644
index 0000000..513ca36
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/StreamBlockCipher.java

@@ -0,0 +1,59 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+/**
+ * A parent class for block cipher modes that do not require block aligned data to be processed, but can function in
+ * a streaming mode.
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class StreamBlockCipher
+    implements BlockCipher, StreamCipher
+{
+    private final BlockCipher cipher;
+
+    protected StreamBlockCipher(BlockCipher cipher)
+    {
+        this.cipher = cipher;
+    }
+
+    /**
+     * return the underlying block cipher that we are wrapping.
+     *
+     * @return the underlying block cipher that we are wrapping.
+     */
+    public BlockCipher getUnderlyingCipher()
+    {
+        return cipher;
+    }
+
+    public final byte returnByte(byte in)
+    {
+        return calculateByte(in);
+    }
+
+    public int processBytes(byte[] in, int inOff, int len, byte[] out, int outOff)
+        throws DataLengthException
+    {
+        if (inOff + len > in.length)
+        {
+            throw new DataLengthException("input buffer too small");
+        }
+        if (outOff + len > out.length)
+        {
+            throw new OutputLengthException("output buffer too short");
+        }
+
+        int inStart = inOff;
+        int inEnd = inOff + len;
+        int outStart = outOff;
+
+        while (inStart < inEnd)
+        {
+             out[outStart++] = calculateByte(in[inStart++]);
+        }
+
+        return len;
+    }
+
+    protected abstract byte calculateByte(byte b);
+}
\ No newline at end of file

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/StreamCipher.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/StreamCipher.java
new file mode 100644
index 0000000..62bf84e
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/StreamCipher.java

@@ -0,0 +1,56 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+/**
+ * the interface stream ciphers conform to.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface StreamCipher
+{
+    /**
+     * Initialise the cipher.
+     *
+     * @param forEncryption if true the cipher is initialised for
+     *  encryption, if false for decryption.
+     * @param params the key and other data required by the cipher.
+     * @exception IllegalArgumentException if the params argument is
+     * inappropriate.
+     */
+    public void init(boolean forEncryption, CipherParameters params)
+        throws IllegalArgumentException;
+
+    /**
+     * Return the name of the algorithm the cipher implements.
+     *
+     * @return the name of the algorithm the cipher implements.
+     */
+    public String getAlgorithmName();
+
+    /**
+     * encrypt/decrypt a single byte returning the result.
+     *
+     * @param in the byte to be processed.
+     * @return the result of processing the input byte.
+     */
+    public byte returnByte(byte in);
+
+    /**
+     * process a block of bytes from in putting the result into out.
+     *
+     * @param in the input byte array.
+     * @param inOff the offset into the in array where the data to be processed starts.
+     * @param len the number of bytes to be processed.
+     * @param out the output buffer the processed bytes go into.
+     * @param outOff the offset into the output byte array the processed data starts at.
+     * @return the number of bytes produced - should always be len.
+     * @exception DataLengthException if the output buffer is too small.
+     */
+    public int processBytes(byte[] in, int inOff, int len, byte[] out, int outOff)
+        throws DataLengthException;
+
+    /**
+     * reset the cipher. This leaves it in the same state
+     * it was at after the last init (if there was one).
+     */
+    public void reset();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/Wrapper.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/Wrapper.java
new file mode 100644
index 0000000..53736d9
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/Wrapper.java

@@ -0,0 +1,22 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface Wrapper
+{
+    public void init(boolean forWrapping, CipherParameters param);
+
+    /**
+     * Return the name of the algorithm the wrapper implements.
+     *
+     * @return the name of the algorithm the wrapper implements.
+     */
+    public String getAlgorithmName();
+
+    public byte[] wrap(byte[] in, int inOff, int inLen);
+
+    public byte[] unwrap(byte[] in, int inOff, int inLen)
+        throws InvalidCipherTextException;
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/agreement/DHBasicAgreement.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/agreement/DHBasicAgreement.java
new file mode 100644
index 0000000..87d4b77
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/agreement/DHBasicAgreement.java

@@ -0,0 +1,89 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.agreement;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.crypto.BasicAgreement;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.params.AsymmetricKeyParameter;
+import com.android.org.bouncycastle.crypto.params.DHParameters;
+import com.android.org.bouncycastle.crypto.params.DHPrivateKeyParameters;
+import com.android.org.bouncycastle.crypto.params.DHPublicKeyParameters;
+import com.android.org.bouncycastle.crypto.params.ParametersWithRandom;
+
+/**
+ * a Diffie-Hellman key agreement class.
+ * <p>
+ * note: This is only the basic algorithm, it doesn't take advantage of
+ * long term public keys if they are available. See the DHAgreement class
+ * for a "better" implementation.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DHBasicAgreement
+    implements BasicAgreement
+{
+    private static final BigInteger ONE = BigInteger.valueOf(1);
+
+    private DHPrivateKeyParameters  key;
+    private DHParameters            dhParams;
+
+    public void init(
+        CipherParameters    param)
+    {
+        AsymmetricKeyParameter  kParam;
+
+        if (param instanceof ParametersWithRandom)
+        {
+            ParametersWithRandom rParam = (ParametersWithRandom)param;
+            kParam = (AsymmetricKeyParameter)rParam.getParameters();
+        }
+        else
+        {
+            kParam = (AsymmetricKeyParameter)param;
+        }
+
+        if (!(kParam instanceof DHPrivateKeyParameters))
+        {
+            throw new IllegalArgumentException("DHEngine expects DHPrivateKeyParameters");
+        }
+
+        this.key = (DHPrivateKeyParameters)kParam;
+        this.dhParams = key.getParameters();
+    }
+
+    public int getFieldSize()
+    {
+        return (key.getParameters().getP().bitLength() + 7) / 8;
+    }
+
+    /**
+     * given a short term public key from a given party calculate the next
+     * message in the agreement sequence. 
+     */
+    public BigInteger calculateAgreement(
+        CipherParameters   pubKey)
+    {
+        DHPublicKeyParameters   pub = (DHPublicKeyParameters)pubKey;
+
+        if (!pub.getParameters().equals(dhParams))
+        {
+            throw new IllegalArgumentException("Diffie-Hellman public key has wrong parameters.");
+        }
+
+        BigInteger p = dhParams.getP();
+
+        BigInteger peerY = pub.getY();
+        if (peerY == null || peerY.compareTo(ONE) <= 0 || peerY.compareTo(p.subtract(ONE)) >= 0)
+        {
+            throw new IllegalArgumentException("Diffie-Hellman public key is weak");
+        }
+
+        BigInteger result = peerY.modPow(key.getX(), p);
+        if (result.equals(ONE))
+        {
+            throw new IllegalStateException("Shared key can't be 1");
+        }
+
+        return result;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/agreement/ECDHBasicAgreement.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/agreement/ECDHBasicAgreement.java
new file mode 100644
index 0000000..824dc4b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/agreement/ECDHBasicAgreement.java

@@ -0,0 +1,80 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.agreement;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.crypto.BasicAgreement;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.params.ECDomainParameters;
+import com.android.org.bouncycastle.crypto.params.ECPrivateKeyParameters;
+import com.android.org.bouncycastle.crypto.params.ECPublicKeyParameters;
+import com.android.org.bouncycastle.math.ec.ECAlgorithms;
+import com.android.org.bouncycastle.math.ec.ECConstants;
+import com.android.org.bouncycastle.math.ec.ECPoint;
+
+/**
+ * P1363 7.2.1 ECSVDP-DH
+ *
+ * ECSVDP-DH is Elliptic Curve Secret Value Derivation Primitive,
+ * Diffie-Hellman version. It is based on the work of [DH76], [Mil86],
+ * and [Kob87]. This primitive derives a shared secret value from one
+ * party's private key and another party's public key, where both have
+ * the same set of EC domain parameters. If two parties correctly
+ * execute this primitive, they will produce the same output. This
+ * primitive can be invoked by a scheme to derive a shared secret key;
+ * specifically, it may be used with the schemes ECKAS-DH1 and
+ * DL/ECKAS-DH2. It assumes that the input keys are valid (see also
+ * Section 7.2.2).
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ECDHBasicAgreement
+    implements BasicAgreement
+{
+    private ECPrivateKeyParameters key;
+
+    public void init(
+        CipherParameters key)
+    {
+        this.key = (ECPrivateKeyParameters)key;
+    }
+
+    public int getFieldSize()
+    {
+        return (key.getParameters().getCurve().getFieldSize() + 7) / 8;
+    }
+
+    public BigInteger calculateAgreement(
+        CipherParameters pubKey)
+    {
+        ECPublicKeyParameters pub = (ECPublicKeyParameters)pubKey;
+        ECDomainParameters params = key.getParameters();
+        if (!params.equals(pub.getParameters()))
+        {
+            throw new IllegalStateException("ECDH public key has wrong domain parameters");
+        }
+
+        BigInteger d = key.getD();
+
+        // Always perform calculations on the exact curve specified by our private key's parameters
+        ECPoint Q = ECAlgorithms.cleanPoint(params.getCurve(), pub.getQ());
+        if (Q.isInfinity())
+        {
+            throw new IllegalStateException("Infinity is not a valid public key for ECDH");
+        }
+
+        BigInteger h = params.getH();
+        if (!h.equals(ECConstants.ONE))
+        {
+            d = params.getHInv().multiply(d).mod(params.getN());
+            Q = ECAlgorithms.referenceMultiply(Q, h);
+        }
+
+        ECPoint P = Q.multiply(d).normalize();
+        if (P.isInfinity())
+        {
+            throw new IllegalStateException("Infinity is not a valid agreement value for ECDH");
+        }
+
+        return P.getAffineXCoord().toBigInteger();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/AndroidDigestFactory.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/AndroidDigestFactory.java
new file mode 100644
index 0000000..580b1c7
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/AndroidDigestFactory.java

@@ -0,0 +1,111 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+/*
+ * Copyright (C) 2012 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.org.bouncycastle.crypto.digests;
+
+import java.security.Security;
+import java.util.Locale;
+
+import com.android.org.bouncycastle.crypto.Digest;
+
+/**
+ * Level of indirection to let us select OpenSSLDigest implementations
+ * for libcore but fallback to BouncyCastle ones on the RI.
+ * @hide This class is not part of the Android public SDK API
+ */
+public final class AndroidDigestFactory {
+    private static final AndroidDigestFactoryInterface CONSCRYPT;
+    private static final AndroidDigestFactoryInterface BC;
+
+    static {
+        BC = new AndroidDigestFactoryBouncyCastle();
+        if (Security.getProvider("AndroidOpenSSL") != null) {
+            CONSCRYPT = new AndroidDigestFactoryOpenSSL();
+        } else {
+            if (System.getProperty("java.vendor", "").toLowerCase(Locale.US).contains("android")) {
+                throw new AssertionError("Provider AndroidOpenSSL must exist");
+            }
+            CONSCRYPT = null;
+        }
+    }
+
+    public static Digest getMD5() {
+        if (CONSCRYPT != null) {
+            try {
+                return CONSCRYPT.getMD5();
+            } catch (Exception ignored) {
+            }
+        }
+
+        return BC.getMD5();
+    }
+
+    public static Digest getSHA1() {
+        if (CONSCRYPT != null) {
+            try {
+                return CONSCRYPT.getSHA1();
+            } catch (Exception ignored) {
+            }
+        }
+
+        return BC.getSHA1();
+    }
+
+    public static Digest getSHA224() {
+        if (CONSCRYPT != null) {
+            try {
+                return CONSCRYPT.getSHA224();
+            } catch (Exception ignored) {
+            }
+        }
+
+        return BC.getSHA224();
+    }
+
+    public static Digest getSHA256() {
+        if (CONSCRYPT != null) {
+            try {
+                return CONSCRYPT.getSHA256();
+            } catch (Exception ignored) {
+            }
+        }
+
+        return BC.getSHA256();
+    }
+
+    public static Digest getSHA384() {
+        if (CONSCRYPT != null) {
+            try {
+                return CONSCRYPT.getSHA384();
+            } catch (Exception ignored) {
+            }
+        }
+
+        return BC.getSHA384();
+    }
+
+    public static Digest getSHA512() {
+        if (CONSCRYPT != null) {
+            try {
+                return CONSCRYPT.getSHA512();
+            } catch (Exception ignored) {
+            }
+        }
+
+        return BC.getSHA512();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java
new file mode 100644
index 0000000..3b42f35
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/AndroidDigestFactoryBouncyCastle.java

@@ -0,0 +1,44 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+/*
+ * Copyright (C) 2012 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.org.bouncycastle.crypto.digests;
+
+import com.android.org.bouncycastle.crypto.Digest;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class AndroidDigestFactoryBouncyCastle implements AndroidDigestFactoryInterface {
+    public Digest getMD5() {
+        return new MD5Digest();
+    }
+    public Digest getSHA1() {
+        return new SHA1Digest();
+    }
+    public Digest getSHA224() {
+        return new SHA224Digest();
+    }
+    public Digest getSHA256() {
+        return new SHA256Digest();
+    }
+    public Digest getSHA384() {
+        return new SHA384Digest();
+    }
+    public Digest getSHA512() {
+        return new SHA512Digest();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java
new file mode 100644
index 0000000..d7320d1
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/AndroidDigestFactoryInterface.java

@@ -0,0 +1,29 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+/*
+ * Copyright (C) 2012 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.org.bouncycastle.crypto.digests;
+
+import com.android.org.bouncycastle.crypto.Digest;
+
+interface AndroidDigestFactoryInterface {
+    public Digest getMD5();
+    public Digest getSHA1();
+    public Digest getSHA224();
+    public Digest getSHA256();
+    public Digest getSHA384();
+    public Digest getSHA512();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java
new file mode 100644
index 0000000..ed52245
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/AndroidDigestFactoryOpenSSL.java

@@ -0,0 +1,44 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+/*
+ * Copyright (C) 2012 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.org.bouncycastle.crypto.digests;
+
+import com.android.org.bouncycastle.crypto.Digest;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class AndroidDigestFactoryOpenSSL implements AndroidDigestFactoryInterface {
+    public Digest getMD5() {
+        return new OpenSSLDigest.MD5();
+    }
+    public Digest getSHA1() {
+        return new OpenSSLDigest.SHA1();
+    }
+    public Digest getSHA224() {
+        return new OpenSSLDigest.SHA224();
+    }
+    public Digest getSHA256() {
+        return new OpenSSLDigest.SHA256();
+    }
+    public Digest getSHA384() {
+        return new OpenSSLDigest.SHA384();
+    }
+    public Digest getSHA512() {
+        return new OpenSSLDigest.SHA512();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/EncodableDigest.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/EncodableDigest.java
new file mode 100644
index 0000000..72f4945
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/EncodableDigest.java

@@ -0,0 +1,19 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.digests;
+
+/**
+ *  Encodable digests allow you to download an encoded copy of their internal state. This is useful for the situation where
+ *  you need to generate a signature on an external device and it allows for "sign with last round", so a copy of the
+ *  internal state of the digest, plus the last few blocks of the message are all that needs to be sent, rather than the
+ *  entire message.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface EncodableDigest
+{
+    /**
+     * Return an encoded byte array for the digest's internal state
+     *
+     * @return an encoding of the digests internal state.
+     */
+    byte[] getEncodedState();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/GeneralDigest.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/GeneralDigest.java
new file mode 100644
index 0000000..c075dce
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/GeneralDigest.java

@@ -0,0 +1,162 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.digests;
+
+import com.android.org.bouncycastle.crypto.ExtendedDigest;
+import com.android.org.bouncycastle.util.Memoable;
+import com.android.org.bouncycastle.util.Pack;
+
+/**
+ * base implementation of MD4 family style digest as outlined in
+ * "Handbook of Applied Cryptography", pages 344 - 347.
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class GeneralDigest
+    implements ExtendedDigest, Memoable
+{
+    private static final int BYTE_LENGTH = 64;
+
+    private final byte[]  xBuf = new byte[4];
+    private int           xBufOff;
+
+    private long    byteCount;
+
+    /**
+     * Standard constructor
+     */
+    protected GeneralDigest()
+    {
+        xBufOff = 0;
+    }
+
+    /**
+     * Copy constructor.  We are using copy constructors in place
+     * of the Object.clone() interface as this interface is not
+     * supported by J2ME.
+     */
+    protected GeneralDigest(GeneralDigest t)
+    {
+        copyIn(t);
+    }
+
+    protected GeneralDigest(byte[] encodedState)
+    {
+        System.arraycopy(encodedState, 0, xBuf, 0, xBuf.length);
+        xBufOff = Pack.bigEndianToInt(encodedState, 4);
+        byteCount = Pack.bigEndianToLong(encodedState, 8);
+    }
+
+    protected void copyIn(GeneralDigest t)
+    {
+        System.arraycopy(t.xBuf, 0, xBuf, 0, t.xBuf.length);
+
+        xBufOff = t.xBufOff;
+        byteCount = t.byteCount;
+    }
+
+    public void update(
+        byte in)
+    {
+        xBuf[xBufOff++] = in;
+
+        if (xBufOff == xBuf.length)
+        {
+            processWord(xBuf, 0);
+            xBufOff = 0;
+        }
+
+        byteCount++;
+    }
+
+    public void update(
+        byte[]  in,
+        int     inOff,
+        int     len)
+    {
+        len = Math.max(0,  len);
+
+        //
+        // fill the current word
+        //
+        int i = 0;
+        if (xBufOff != 0)
+        {
+            while (i < len)
+            {
+                xBuf[xBufOff++] = in[inOff + i++];
+                if (xBufOff == 4)
+                {
+                    processWord(xBuf, 0);
+                    xBufOff = 0;
+                    break;
+                }
+            }
+        }
+
+        //
+        // process whole words.
+        //
+        int limit = ((len - i) & ~3) + i;
+        for (; i < limit; i += 4)
+        {
+            processWord(in, inOff + i);
+        }
+
+        //
+        // load in the remainder.
+        //
+        while (i < len)
+        {
+            xBuf[xBufOff++] = in[inOff + i++];
+        }
+
+        byteCount += len;
+    }
+
+    public void finish()
+    {
+        long    bitLength = (byteCount << 3);
+
+        //
+        // add the pad bytes.
+        //
+        update((byte)128);
+
+        while (xBufOff != 0)
+        {
+            update((byte)0);
+        }
+
+        processLength(bitLength);
+
+        processBlock();
+    }
+
+    public void reset()
+    {
+        byteCount = 0;
+
+        xBufOff = 0;
+        for (int i = 0; i < xBuf.length; i++)
+        {
+            xBuf[i] = 0;
+        }
+    }
+
+    protected void populateState(byte[] state)
+    {
+        System.arraycopy(xBuf, 0, state, 0, xBufOff);
+        Pack.intToBigEndian(xBufOff, state, 4);
+        Pack.longToBigEndian(byteCount, state, 8);
+    }
+
+    public int getByteLength()
+    {
+        return BYTE_LENGTH;
+    }
+    
+    protected abstract void processWord(byte[] in, int inOff);
+
+    protected abstract void processLength(long bitLength);
+
+    protected abstract void processBlock();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/LongDigest.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/LongDigest.java
new file mode 100644
index 0000000..2c9aa03
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/LongDigest.java

@@ -0,0 +1,411 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.digests;
+
+import com.android.org.bouncycastle.crypto.ExtendedDigest;
+import com.android.org.bouncycastle.util.Memoable;
+import com.android.org.bouncycastle.util.Pack;
+
+/**
+ * Base class for SHA-384 and SHA-512.
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class LongDigest
+    implements ExtendedDigest, Memoable, EncodableDigest
+{
+    private static final int BYTE_LENGTH = 128;
+
+    private byte[] xBuf = new byte[8];
+    private int     xBufOff;
+
+    private long    byteCount1;
+    private long    byteCount2;
+
+    protected long    H1, H2, H3, H4, H5, H6, H7, H8;
+
+    private long[]  W = new long[80];
+    private int     wOff;
+
+    /**
+     * Constructor for variable length word
+     */
+    protected LongDigest()
+    {
+        xBufOff = 0;
+
+        reset();
+    }
+
+    /**
+     * Copy constructor.  We are using copy constructors in place
+     * of the Object.clone() interface as this interface is not
+     * supported by J2ME.
+     */
+    protected LongDigest(LongDigest t)
+    {
+        copyIn(t);
+    }
+
+    protected void copyIn(LongDigest t)
+    {
+        System.arraycopy(t.xBuf, 0, xBuf, 0, t.xBuf.length);
+
+        xBufOff = t.xBufOff;
+        byteCount1 = t.byteCount1;
+        byteCount2 = t.byteCount2;
+
+        H1 = t.H1;
+        H2 = t.H2;
+        H3 = t.H3;
+        H4 = t.H4;
+        H5 = t.H5;
+        H6 = t.H6;
+        H7 = t.H7;
+        H8 = t.H8;
+
+        System.arraycopy(t.W, 0, W, 0, t.W.length);
+        wOff = t.wOff;
+    }
+
+    protected void populateState(byte[] state)
+    {
+        System.arraycopy(xBuf, 0, state, 0, xBufOff);
+        Pack.intToBigEndian(xBufOff, state, 8);
+        Pack.longToBigEndian(byteCount1, state, 12);
+        Pack.longToBigEndian(byteCount2, state, 20);
+        Pack.longToBigEndian(H1, state, 28);
+        Pack.longToBigEndian(H2, state, 36);
+        Pack.longToBigEndian(H3, state, 44);
+        Pack.longToBigEndian(H4, state, 52);
+        Pack.longToBigEndian(H5, state, 60);
+        Pack.longToBigEndian(H6, state, 68);
+        Pack.longToBigEndian(H7, state, 76);
+        Pack.longToBigEndian(H8, state, 84);
+
+        Pack.intToBigEndian(wOff, state, 92);
+        for (int i = 0; i < wOff; i++)
+        {
+            Pack.longToBigEndian(W[i], state, 96 + (i * 8));
+        }
+    }
+
+    protected void restoreState(byte[] encodedState)
+    {
+        xBufOff = Pack.bigEndianToInt(encodedState, 8);
+        System.arraycopy(encodedState, 0, xBuf, 0, xBufOff);
+        byteCount1 = Pack.bigEndianToLong(encodedState, 12);
+        byteCount2 = Pack.bigEndianToLong(encodedState, 20);
+
+        H1 = Pack.bigEndianToLong(encodedState, 28);
+        H2 = Pack.bigEndianToLong(encodedState, 36);
+        H3 = Pack.bigEndianToLong(encodedState, 44);
+        H4 = Pack.bigEndianToLong(encodedState, 52);
+        H5 = Pack.bigEndianToLong(encodedState, 60);
+        H6 = Pack.bigEndianToLong(encodedState, 68);
+        H7 = Pack.bigEndianToLong(encodedState, 76);
+        H8 = Pack.bigEndianToLong(encodedState, 84);
+
+        wOff = Pack.bigEndianToInt(encodedState, 92);
+        for (int i = 0; i < wOff; i++)
+        {
+            W[i] = Pack.bigEndianToLong(encodedState, 96 + (i * 8));
+        }
+    }
+
+    protected int getEncodedStateSize()
+    {
+        return 96 + (wOff * 8);
+    }
+
+    public void update(
+        byte in)
+    {
+        xBuf[xBufOff++] = in;
+
+        if (xBufOff == xBuf.length)
+        {
+            processWord(xBuf, 0);
+            xBufOff = 0;
+        }
+
+        byteCount1++;
+    }
+
+    public void update(
+        byte[]  in,
+        int     inOff,
+        int     len)
+    {
+        //
+        // fill the current word
+        //
+        while ((xBufOff != 0) && (len > 0))
+        {
+            update(in[inOff]);
+
+            inOff++;
+            len--;
+        }
+
+        //
+        // process whole words.
+        //
+        while (len > xBuf.length)
+        {
+            processWord(in, inOff);
+
+            inOff += xBuf.length;
+            len -= xBuf.length;
+            byteCount1 += xBuf.length;
+        }
+
+        //
+        // load in the remainder.
+        //
+        while (len > 0)
+        {
+            update(in[inOff]);
+
+            inOff++;
+            len--;
+        }
+    }
+
+    public void finish()
+    {
+        adjustByteCounts();
+
+        long    lowBitLength = byteCount1 << 3;
+        long    hiBitLength = byteCount2;
+
+        //
+        // add the pad bytes.
+        //
+        update((byte)128);
+
+        while (xBufOff != 0)
+        {
+            update((byte)0);
+        }
+
+        processLength(lowBitLength, hiBitLength);
+
+        processBlock();
+    }
+
+    public void reset()
+    {
+        byteCount1 = 0;
+        byteCount2 = 0;
+
+        xBufOff = 0;
+        for (int i = 0; i < xBuf.length; i++)
+        {
+            xBuf[i] = 0;
+        }
+
+        wOff = 0;
+        for (int i = 0; i != W.length; i++)
+        {
+            W[i] = 0;
+        }
+    }
+
+    public int getByteLength()
+    {
+        return BYTE_LENGTH;
+    }
+
+    protected void processWord(
+        byte[]  in,
+        int     inOff)
+    {
+        W[wOff] = Pack.bigEndianToLong(in, inOff);
+
+        if (++wOff == 16)
+        {
+            processBlock();
+        }
+    }
+
+    /**
+     * adjust the byte counts so that byteCount2 represents the
+     * upper long (less 3 bits) word of the byte count.
+     */
+    private void adjustByteCounts()
+    {
+        if (byteCount1 > 0x1fffffffffffffffL)
+        {
+            byteCount2 += (byteCount1 >>> 61);
+            byteCount1 &= 0x1fffffffffffffffL;
+        }
+    }
+
+    protected void processLength(
+        long    lowW,
+        long    hiW)
+    {
+        if (wOff > 14)
+        {
+            processBlock();
+        }
+
+        W[14] = hiW;
+        W[15] = lowW;
+    }
+
+    protected void processBlock()
+    {
+        adjustByteCounts();
+
+        //
+        // expand 16 word block into 80 word blocks.
+        //
+        for (int t = 16; t <= 79; t++)
+        {
+            W[t] = Sigma1(W[t - 2]) + W[t - 7] + Sigma0(W[t - 15]) + W[t - 16];
+        }
+
+        //
+        // set up working variables.
+        //
+        long     a = H1;
+        long     b = H2;
+        long     c = H3;
+        long     d = H4;
+        long     e = H5;
+        long     f = H6;
+        long     g = H7;
+        long     h = H8;
+
+        int t = 0;
+        for(int i = 0; i < 10; i ++)
+        {
+          // t = 8 * i
+          h += Sum1(e) + Ch(e, f, g) + K[t] + W[t++];
+          d += h;
+          h += Sum0(a) + Maj(a, b, c);
+
+          // t = 8 * i + 1
+          g += Sum1(d) + Ch(d, e, f) + K[t] + W[t++];
+          c += g;
+          g += Sum0(h) + Maj(h, a, b);
+
+          // t = 8 * i + 2
+          f += Sum1(c) + Ch(c, d, e) + K[t] + W[t++];
+          b += f;
+          f += Sum0(g) + Maj(g, h, a);
+
+          // t = 8 * i + 3
+          e += Sum1(b) + Ch(b, c, d) + K[t] + W[t++];
+          a += e;
+          e += Sum0(f) + Maj(f, g, h);
+
+          // t = 8 * i + 4
+          d += Sum1(a) + Ch(a, b, c) + K[t] + W[t++];
+          h += d;
+          d += Sum0(e) + Maj(e, f, g);
+
+          // t = 8 * i + 5
+          c += Sum1(h) + Ch(h, a, b) + K[t] + W[t++];
+          g += c;
+          c += Sum0(d) + Maj(d, e, f);
+
+          // t = 8 * i + 6
+          b += Sum1(g) + Ch(g, h, a) + K[t] + W[t++];
+          f += b;
+          b += Sum0(c) + Maj(c, d, e);
+
+          // t = 8 * i + 7
+          a += Sum1(f) + Ch(f, g, h) + K[t] + W[t++];
+          e += a;
+          a += Sum0(b) + Maj(b, c, d);
+        }
+
+        H1 += a;
+        H2 += b;
+        H3 += c;
+        H4 += d;
+        H5 += e;
+        H6 += f;
+        H7 += g;
+        H8 += h;
+
+        //
+        // reset the offset and clean out the word buffer.
+        //
+        wOff = 0;
+        for (int i = 0; i < 16; i++)
+        {
+            W[i] = 0;
+        }
+    }
+
+    /* SHA-384 and SHA-512 functions (as for SHA-256 but for longs) */
+    private long Ch(
+        long    x,
+        long    y,
+        long    z)
+    {
+        return ((x & y) ^ ((~x) & z));
+    }
+
+    private long Maj(
+        long    x,
+        long    y,
+        long    z)
+    {
+        return ((x & y) ^ (x & z) ^ (y & z));
+    }
+
+    private long Sum0(
+        long    x)
+    {
+        return ((x << 36)|(x >>> 28)) ^ ((x << 30)|(x >>> 34)) ^ ((x << 25)|(x >>> 39));
+    }
+
+    private long Sum1(
+        long    x)
+    {
+        return ((x << 50)|(x >>> 14)) ^ ((x << 46)|(x >>> 18)) ^ ((x << 23)|(x >>> 41));
+    }
+
+    private long Sigma0(
+        long    x)
+    {
+        return ((x << 63)|(x >>> 1)) ^ ((x << 56)|(x >>> 8)) ^ (x >>> 7);
+    }
+
+    private long Sigma1(
+        long    x)
+    {
+        return ((x << 45)|(x >>> 19)) ^ ((x << 3)|(x >>> 61)) ^ (x >>> 6);
+    }
+
+    /* SHA-384 and SHA-512 Constants
+     * (represent the first 64 bits of the fractional parts of the
+     * cube roots of the first sixty-four prime numbers)
+     */
+    static final long K[] = {
+0x428a2f98d728ae22L, 0x7137449123ef65cdL, 0xb5c0fbcfec4d3b2fL, 0xe9b5dba58189dbbcL,
+0x3956c25bf348b538L, 0x59f111f1b605d019L, 0x923f82a4af194f9bL, 0xab1c5ed5da6d8118L,
+0xd807aa98a3030242L, 0x12835b0145706fbeL, 0x243185be4ee4b28cL, 0x550c7dc3d5ffb4e2L,
+0x72be5d74f27b896fL, 0x80deb1fe3b1696b1L, 0x9bdc06a725c71235L, 0xc19bf174cf692694L,
+0xe49b69c19ef14ad2L, 0xefbe4786384f25e3L, 0x0fc19dc68b8cd5b5L, 0x240ca1cc77ac9c65L,
+0x2de92c6f592b0275L, 0x4a7484aa6ea6e483L, 0x5cb0a9dcbd41fbd4L, 0x76f988da831153b5L,
+0x983e5152ee66dfabL, 0xa831c66d2db43210L, 0xb00327c898fb213fL, 0xbf597fc7beef0ee4L,
+0xc6e00bf33da88fc2L, 0xd5a79147930aa725L, 0x06ca6351e003826fL, 0x142929670a0e6e70L,
+0x27b70a8546d22ffcL, 0x2e1b21385c26c926L, 0x4d2c6dfc5ac42aedL, 0x53380d139d95b3dfL,
+0x650a73548baf63deL, 0x766a0abb3c77b2a8L, 0x81c2c92e47edaee6L, 0x92722c851482353bL,
+0xa2bfe8a14cf10364L, 0xa81a664bbc423001L, 0xc24b8b70d0f89791L, 0xc76c51a30654be30L,
+0xd192e819d6ef5218L, 0xd69906245565a910L, 0xf40e35855771202aL, 0x106aa07032bbd1b8L,
+0x19a4c116b8d2d0c8L, 0x1e376c085141ab53L, 0x2748774cdf8eeb99L, 0x34b0bcb5e19b48a8L,
+0x391c0cb3c5c95a63L, 0x4ed8aa4ae3418acbL, 0x5b9cca4f7763e373L, 0x682e6ff3d6b2b8a3L,
+0x748f82ee5defb2fcL, 0x78a5636f43172f60L, 0x84c87814a1f0ab72L, 0x8cc702081a6439ecL,
+0x90befffa23631e28L, 0xa4506cebde82bde9L, 0xbef9a3f7b2c67915L, 0xc67178f2e372532bL,
+0xca273eceea26619cL, 0xd186b8c721c0c207L, 0xeada7dd6cde0eb1eL, 0xf57d4f7fee6ed178L,
+0x06f067aa72176fbaL, 0x0a637dc5a2c898a6L, 0x113f9804bef90daeL, 0x1b710b35131c471bL,
+0x28db77f523047d84L, 0x32caab7b40c72493L, 0x3c9ebe0a15c9bebcL, 0x431d67c49c100d4cL,
+0x4cc5d4becb3e42b6L, 0x597f299cfc657e2aL, 0x5fcb6fab3ad6faecL, 0x6c44198c4a475817L
+    };
+
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/MD5Digest.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/MD5Digest.java
new file mode 100644
index 0000000..ab7b875
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/MD5Digest.java

@@ -0,0 +1,363 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.digests;
+
+
+import com.android.org.bouncycastle.util.Memoable;
+import com.android.org.bouncycastle.util.Pack;
+
+/**
+ * implementation of MD5 as outlined in "Handbook of Applied Cryptography", pages 346 - 347.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class MD5Digest
+    extends GeneralDigest
+    implements EncodableDigest
+{
+    private static final int    DIGEST_LENGTH = 16;
+
+    private int     H1, H2, H3, H4;         // IV's
+
+    private int[]   X = new int[16];
+    private int     xOff;
+
+    /**
+     * Standard constructor
+     */
+    public MD5Digest()
+    {
+        reset();
+    }
+
+    public MD5Digest(byte[] encodedState)
+    {
+        super(encodedState);
+
+        H1 = Pack.bigEndianToInt(encodedState, 16);
+        H2 = Pack.bigEndianToInt(encodedState, 20);
+        H3 = Pack.bigEndianToInt(encodedState, 24);
+        H4 = Pack.bigEndianToInt(encodedState, 28);
+
+        xOff = Pack.bigEndianToInt(encodedState, 32);
+        for (int i = 0; i != xOff; i++)
+        {
+            X[i] = Pack.bigEndianToInt(encodedState, 36 + (i * 4));
+        }
+    }
+
+    /**
+     * Copy constructor.  This will copy the state of the provided
+     * message digest.
+     */
+    public MD5Digest(MD5Digest t)
+    {
+        super(t);
+
+        copyIn(t);
+    }
+
+    private void copyIn(MD5Digest t)
+    {
+        super.copyIn(t);
+
+        H1 = t.H1;
+        H2 = t.H2;
+        H3 = t.H3;
+        H4 = t.H4;
+
+        System.arraycopy(t.X, 0, X, 0, t.X.length);
+        xOff = t.xOff;
+    }
+
+    public String getAlgorithmName()
+    {
+        return "MD5";
+    }
+
+    public int getDigestSize()
+    {
+        return DIGEST_LENGTH;
+    }
+
+    protected void processWord(
+        byte[]  in,
+        int     inOff)
+    {
+        X[xOff++] = (in[inOff] & 0xff) | ((in[inOff + 1] & 0xff) << 8)
+            | ((in[inOff + 2] & 0xff) << 16) | ((in[inOff + 3] & 0xff) << 24); 
+
+        if (xOff == 16)
+        {
+            processBlock();
+        }
+    }
+
+    protected void processLength(
+        long    bitLength)
+    {
+        if (xOff > 14)
+        {
+            processBlock();
+        }
+
+        X[14] = (int)(bitLength & 0xffffffff);
+        X[15] = (int)(bitLength >>> 32);
+    }
+
+    private void unpackWord(
+        int     word,
+        byte[]  out,
+        int     outOff)
+    {
+        out[outOff]     = (byte)word;
+        out[outOff + 1] = (byte)(word >>> 8);
+        out[outOff + 2] = (byte)(word >>> 16);
+        out[outOff + 3] = (byte)(word >>> 24);
+    }
+
+    public int doFinal(
+        byte[]  out,
+        int     outOff)
+    {
+        finish();
+
+        unpackWord(H1, out, outOff);
+        unpackWord(H2, out, outOff + 4);
+        unpackWord(H3, out, outOff + 8);
+        unpackWord(H4, out, outOff + 12);
+
+        reset();
+
+        return DIGEST_LENGTH;
+    }
+
+    /**
+     * reset the chaining variables to the IV values.
+     */
+    public void reset()
+    {
+        super.reset();
+
+        H1 = 0x67452301;
+        H2 = 0xefcdab89;
+        H3 = 0x98badcfe;
+        H4 = 0x10325476;
+
+        xOff = 0;
+
+        for (int i = 0; i != X.length; i++)
+        {
+            X[i] = 0;
+        }
+    }
+
+    //
+    // round 1 left rotates
+    //
+    private static final int S11 = 7;
+    private static final int S12 = 12;
+    private static final int S13 = 17;
+    private static final int S14 = 22;
+
+    //
+    // round 2 left rotates
+    //
+    private static final int S21 = 5;
+    private static final int S22 = 9;
+    private static final int S23 = 14;
+    private static final int S24 = 20;
+
+    //
+    // round 3 left rotates
+    //
+    private static final int S31 = 4;
+    private static final int S32 = 11;
+    private static final int S33 = 16;
+    private static final int S34 = 23;
+
+    //
+    // round 4 left rotates
+    //
+    private static final int S41 = 6;
+    private static final int S42 = 10;
+    private static final int S43 = 15;
+    private static final int S44 = 21;
+
+    /*
+     * rotate int x left n bits.
+     */
+    private int rotateLeft(
+        int x,
+        int n)
+    {
+        return (x << n) | (x >>> (32 - n));
+    }
+
+    /*
+     * F, G, H and I are the basic MD5 functions.
+     */
+    private int F(
+        int u,
+        int v,
+        int w)
+    {
+        return (u & v) | (~u & w);
+    }
+
+    private int G(
+        int u,
+        int v,
+        int w)
+    {
+        return (u & w) | (v & ~w);
+    }
+
+    private int H(
+        int u,
+        int v,
+        int w)
+    {
+        return u ^ v ^ w;
+    }
+
+    private int K(
+        int u,
+        int v,
+        int w)
+    {
+        return v ^ (u | ~w);
+    }
+
+    protected void processBlock()
+    {
+        int a = H1;
+        int b = H2;
+        int c = H3;
+        int d = H4;
+
+        //
+        // Round 1 - F cycle, 16 times.
+        //
+        a = rotateLeft(a + F(b, c, d) + X[ 0] + 0xd76aa478, S11) + b;
+        d = rotateLeft(d + F(a, b, c) + X[ 1] + 0xe8c7b756, S12) + a;
+        c = rotateLeft(c + F(d, a, b) + X[ 2] + 0x242070db, S13) + d;
+        b = rotateLeft(b + F(c, d, a) + X[ 3] + 0xc1bdceee, S14) + c;
+        a = rotateLeft(a + F(b, c, d) + X[ 4] + 0xf57c0faf, S11) + b;
+        d = rotateLeft(d + F(a, b, c) + X[ 5] + 0x4787c62a, S12) + a;
+        c = rotateLeft(c + F(d, a, b) + X[ 6] + 0xa8304613, S13) + d;
+        b = rotateLeft(b + F(c, d, a) + X[ 7] + 0xfd469501, S14) + c;
+        a = rotateLeft(a + F(b, c, d) + X[ 8] + 0x698098d8, S11) + b;
+        d = rotateLeft(d + F(a, b, c) + X[ 9] + 0x8b44f7af, S12) + a;
+        c = rotateLeft(c + F(d, a, b) + X[10] + 0xffff5bb1, S13) + d;
+        b = rotateLeft(b + F(c, d, a) + X[11] + 0x895cd7be, S14) + c;
+        a = rotateLeft(a + F(b, c, d) + X[12] + 0x6b901122, S11) + b;
+        d = rotateLeft(d + F(a, b, c) + X[13] + 0xfd987193, S12) + a;
+        c = rotateLeft(c + F(d, a, b) + X[14] + 0xa679438e, S13) + d;
+        b = rotateLeft(b + F(c, d, a) + X[15] + 0x49b40821, S14) + c;
+
+        //
+        // Round 2 - G cycle, 16 times.
+        //
+        a = rotateLeft(a + G(b, c, d) + X[ 1] + 0xf61e2562, S21) + b;
+        d = rotateLeft(d + G(a, b, c) + X[ 6] + 0xc040b340, S22) + a;
+        c = rotateLeft(c + G(d, a, b) + X[11] + 0x265e5a51, S23) + d;
+        b = rotateLeft(b + G(c, d, a) + X[ 0] + 0xe9b6c7aa, S24) + c;
+        a = rotateLeft(a + G(b, c, d) + X[ 5] + 0xd62f105d, S21) + b;
+        d = rotateLeft(d + G(a, b, c) + X[10] + 0x02441453, S22) + a;
+        c = rotateLeft(c + G(d, a, b) + X[15] + 0xd8a1e681, S23) + d;
+        b = rotateLeft(b + G(c, d, a) + X[ 4] + 0xe7d3fbc8, S24) + c;
+        a = rotateLeft(a + G(b, c, d) + X[ 9] + 0x21e1cde6, S21) + b;
+        d = rotateLeft(d + G(a, b, c) + X[14] + 0xc33707d6, S22) + a;
+        c = rotateLeft(c + G(d, a, b) + X[ 3] + 0xf4d50d87, S23) + d;
+        b = rotateLeft(b + G(c, d, a) + X[ 8] + 0x455a14ed, S24) + c;
+        a = rotateLeft(a + G(b, c, d) + X[13] + 0xa9e3e905, S21) + b;
+        d = rotateLeft(d + G(a, b, c) + X[ 2] + 0xfcefa3f8, S22) + a;
+        c = rotateLeft(c + G(d, a, b) + X[ 7] + 0x676f02d9, S23) + d;
+        b = rotateLeft(b + G(c, d, a) + X[12] + 0x8d2a4c8a, S24) + c;
+
+        //
+        // Round 3 - H cycle, 16 times.
+        //
+        a = rotateLeft(a + H(b, c, d) + X[ 5] + 0xfffa3942, S31) + b;
+        d = rotateLeft(d + H(a, b, c) + X[ 8] + 0x8771f681, S32) + a;
+        c = rotateLeft(c + H(d, a, b) + X[11] + 0x6d9d6122, S33) + d;
+        b = rotateLeft(b + H(c, d, a) + X[14] + 0xfde5380c, S34) + c;
+        a = rotateLeft(a + H(b, c, d) + X[ 1] + 0xa4beea44, S31) + b;
+        d = rotateLeft(d + H(a, b, c) + X[ 4] + 0x4bdecfa9, S32) + a;
+        c = rotateLeft(c + H(d, a, b) + X[ 7] + 0xf6bb4b60, S33) + d;
+        b = rotateLeft(b + H(c, d, a) + X[10] + 0xbebfbc70, S34) + c;
+        a = rotateLeft(a + H(b, c, d) + X[13] + 0x289b7ec6, S31) + b;
+        d = rotateLeft(d + H(a, b, c) + X[ 0] + 0xeaa127fa, S32) + a;
+        c = rotateLeft(c + H(d, a, b) + X[ 3] + 0xd4ef3085, S33) + d;
+        b = rotateLeft(b + H(c, d, a) + X[ 6] + 0x04881d05, S34) + c;
+        a = rotateLeft(a + H(b, c, d) + X[ 9] + 0xd9d4d039, S31) + b;
+        d = rotateLeft(d + H(a, b, c) + X[12] + 0xe6db99e5, S32) + a;
+        c = rotateLeft(c + H(d, a, b) + X[15] + 0x1fa27cf8, S33) + d;
+        b = rotateLeft(b + H(c, d, a) + X[ 2] + 0xc4ac5665, S34) + c;
+
+        //
+        // Round 4 - K cycle, 16 times.
+        //
+        a = rotateLeft(a + K(b, c, d) + X[ 0] + 0xf4292244, S41) + b;
+        d = rotateLeft(d + K(a, b, c) + X[ 7] + 0x432aff97, S42) + a;
+        c = rotateLeft(c + K(d, a, b) + X[14] + 0xab9423a7, S43) + d;
+        b = rotateLeft(b + K(c, d, a) + X[ 5] + 0xfc93a039, S44) + c;
+        a = rotateLeft(a + K(b, c, d) + X[12] + 0x655b59c3, S41) + b;
+        d = rotateLeft(d + K(a, b, c) + X[ 3] + 0x8f0ccc92, S42) + a;
+        c = rotateLeft(c + K(d, a, b) + X[10] + 0xffeff47d, S43) + d;
+        b = rotateLeft(b + K(c, d, a) + X[ 1] + 0x85845dd1, S44) + c;
+        a = rotateLeft(a + K(b, c, d) + X[ 8] + 0x6fa87e4f, S41) + b;
+        d = rotateLeft(d + K(a, b, c) + X[15] + 0xfe2ce6e0, S42) + a;
+        c = rotateLeft(c + K(d, a, b) + X[ 6] + 0xa3014314, S43) + d;
+        b = rotateLeft(b + K(c, d, a) + X[13] + 0x4e0811a1, S44) + c;
+        a = rotateLeft(a + K(b, c, d) + X[ 4] + 0xf7537e82, S41) + b;
+        d = rotateLeft(d + K(a, b, c) + X[11] + 0xbd3af235, S42) + a;
+        c = rotateLeft(c + K(d, a, b) + X[ 2] + 0x2ad7d2bb, S43) + d;
+        b = rotateLeft(b + K(c, d, a) + X[ 9] + 0xeb86d391, S44) + c;
+
+        H1 += a;
+        H2 += b;
+        H3 += c;
+        H4 += d;
+
+        //
+        // reset the offset and clean out the word buffer.
+        //
+        xOff = 0;
+        for (int i = 0; i != X.length; i++)
+        {
+            X[i] = 0;
+        }
+    }
+
+    public Memoable copy()
+    {
+        return new MD5Digest(this);
+    }
+
+    public void reset(Memoable other)
+    {
+        MD5Digest d = (MD5Digest)other;
+
+        copyIn(d);
+    }
+
+    public byte[] getEncodedState()
+    {
+        byte[] state = new byte[36 + xOff * 4];
+
+        super.populateState(state);
+
+        Pack.intToBigEndian(H1, state, 16);
+        Pack.intToBigEndian(H2, state, 20);
+        Pack.intToBigEndian(H3, state, 24);
+        Pack.intToBigEndian(H4, state, 28);
+        Pack.intToBigEndian(xOff, state, 32);
+
+        for (int i = 0; i != xOff; i++)
+        {
+            Pack.intToBigEndian(X[i], state, 36 + (i * 4));
+        }
+
+        return state;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/NullDigest.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/NullDigest.java
new file mode 100644
index 0000000..858cdc6
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/NullDigest.java

@@ -0,0 +1,69 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.digests;
+
+import java.io.ByteArrayOutputStream;
+
+import com.android.org.bouncycastle.crypto.Digest;
+import com.android.org.bouncycastle.util.Arrays;
+
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class NullDigest
+    implements Digest
+{
+    private OpenByteArrayOutputStream bOut = new OpenByteArrayOutputStream();
+
+    public String getAlgorithmName()
+    {
+        return "NULL";
+    }
+
+    public int getDigestSize()
+    {
+        return bOut.size();
+    }
+
+    public void update(byte in)
+    {
+        bOut.write(in);
+    }
+
+    public void update(byte[] in, int inOff, int len)
+    {
+        bOut.write(in, inOff, len);
+    }
+
+    public int doFinal(byte[] out, int outOff)
+    {
+        int size = bOut.size();
+
+        bOut.copy(out, outOff);
+
+        reset();
+        
+        return size;
+    }
+
+    public void reset()
+    {
+        bOut.reset();
+    }
+
+    private static class OpenByteArrayOutputStream
+        extends ByteArrayOutputStream
+    {
+        public void reset()
+        {
+            super.reset();
+
+            Arrays.clear(buf);
+        }
+
+        void copy(byte[] out, int outOff)
+        {
+            System.arraycopy(buf, 0, out, outOff, this.size());
+        }
+    }
+}
\ No newline at end of file

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/OpenSSLDigest.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/OpenSSLDigest.java
new file mode 100644
index 0000000..fc9732a
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/OpenSSLDigest.java

@@ -0,0 +1,117 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+/*
+ * Copyright (C) 2008 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.org.bouncycastle.crypto.digests;
+
+import com.android.org.bouncycastle.crypto.ExtendedDigest;
+import com.android.org.bouncycastle.jcajce.provider.keystore.bc.BcKeyStoreSpi;
+import java.security.DigestException;
+import java.security.MessageDigest;
+
+/**
+ * Implements the BouncyCastle Digest interface using OpenSSL's EVP API. This
+ * must be an ExtendedDigest for {@link BcKeyStoreSpi} to be able to use it.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class OpenSSLDigest implements ExtendedDigest {
+    private final MessageDigest delegate;
+
+    private final int byteSize;
+
+    public OpenSSLDigest(String algorithm, int byteSize) {
+        try {
+            delegate = MessageDigest.getInstance(algorithm, "AndroidOpenSSL");
+            this.byteSize = byteSize;
+        } catch (Exception e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    public String getAlgorithmName() {
+        return delegate.getAlgorithm();
+    }
+
+    public int getDigestSize() {
+        return delegate.getDigestLength();
+    }
+
+    public int getByteLength() {
+        return byteSize;
+    }
+
+    public void reset() {
+        delegate.reset();
+    }
+
+    public void update(byte in) {
+        delegate.update(in);
+    }
+
+    public void update(byte[] in, int inOff, int len) {
+        delegate.update(in, inOff, len);
+    }
+
+    public int doFinal(byte[] out, int outOff) {
+        try {
+            return delegate.digest(out, outOff, out.length - outOff);
+        } catch (DigestException e) {
+            throw new RuntimeException(e);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class MD5 extends OpenSSLDigest {
+        public MD5() { super("MD5", 64); }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class SHA1 extends OpenSSLDigest {
+        public SHA1() { super("SHA-1", 64); }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class SHA224 extends OpenSSLDigest {
+        public SHA224() { super("SHA-224", 64); }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class SHA256 extends OpenSSLDigest {
+        public SHA256() { super("SHA-256", 64); }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class SHA384 extends OpenSSLDigest {
+        public SHA384() { super("SHA-384", 128); }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class SHA512 extends OpenSSLDigest {
+        public SHA512() { super("SHA-512", 128); }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/SHA1Digest.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/SHA1Digest.java
new file mode 100644
index 0000000..ebc5bfe
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/SHA1Digest.java

@@ -0,0 +1,355 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.digests;
+
+import com.android.org.bouncycastle.util.Memoable;
+import com.android.org.bouncycastle.util.Pack;
+
+/**
+ * implementation of SHA-1 as outlined in "Handbook of Applied Cryptography", pages 346 - 349.
+ *
+ * It is interesting to ponder why the, apart from the extra IV, the other difference here from MD5
+ * is the "endianness" of the word processing!
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SHA1Digest
+    extends GeneralDigest
+    implements EncodableDigest
+{
+    private static final int    DIGEST_LENGTH = 20;
+
+    private int     H1, H2, H3, H4, H5;
+
+    private int[]   X = new int[80];
+    private int     xOff;
+
+    /**
+     * Standard constructor
+     */
+    public SHA1Digest()
+    {
+        reset();
+    }
+
+    /**
+     * Copy constructor.  This will copy the state of the provided
+     * message digest.
+     */
+    public SHA1Digest(SHA1Digest t)
+    {
+        super(t);
+
+        copyIn(t);
+    }
+
+    /**
+     * State constructor - create a digest initialised with the state of a previous one.
+     *
+     * @param encodedState the encoded state from the originating digest.
+     */
+    public SHA1Digest(byte[] encodedState)
+    {
+        super(encodedState);
+
+        H1 = Pack.bigEndianToInt(encodedState, 16);
+        H2 = Pack.bigEndianToInt(encodedState, 20);
+        H3 = Pack.bigEndianToInt(encodedState, 24);
+        H4 = Pack.bigEndianToInt(encodedState, 28);
+        H5 = Pack.bigEndianToInt(encodedState, 32);
+
+        xOff = Pack.bigEndianToInt(encodedState, 36);
+        for (int i = 0; i != xOff; i++)
+        {
+            X[i] = Pack.bigEndianToInt(encodedState, 40 + (i * 4));
+        }
+    }
+
+    private void copyIn(SHA1Digest t)
+    {
+        H1 = t.H1;
+        H2 = t.H2;
+        H3 = t.H3;
+        H4 = t.H4;
+        H5 = t.H5;
+
+        System.arraycopy(t.X, 0, X, 0, t.X.length);
+        xOff = t.xOff;
+    }
+
+    public String getAlgorithmName()
+    {
+        return "SHA-1";
+    }
+
+    public int getDigestSize()
+    {
+        return DIGEST_LENGTH;
+    }
+
+    protected void processWord(
+        byte[]  in,
+        int     inOff)
+    {
+        // Note: Inlined for performance
+//        X[xOff] = Pack.bigEndianToInt(in, inOff);
+        int n = in[  inOff] << 24;
+        n |= (in[++inOff] & 0xff) << 16;
+        n |= (in[++inOff] & 0xff) << 8;
+        n |= (in[++inOff] & 0xff);
+        X[xOff] = n;
+
+        if (++xOff == 16)
+        {
+            processBlock();
+        }        
+    }
+
+    protected void processLength(
+        long    bitLength)
+    {
+        if (xOff > 14)
+        {
+            processBlock();
+        }
+
+        X[14] = (int)(bitLength >>> 32);
+        X[15] = (int)bitLength;
+    }
+
+    public int doFinal(
+        byte[]  out,
+        int     outOff)
+    {
+        finish();
+
+        Pack.intToBigEndian(H1, out, outOff);
+        Pack.intToBigEndian(H2, out, outOff + 4);
+        Pack.intToBigEndian(H3, out, outOff + 8);
+        Pack.intToBigEndian(H4, out, outOff + 12);
+        Pack.intToBigEndian(H5, out, outOff + 16);
+
+        reset();
+
+        return DIGEST_LENGTH;
+    }
+
+    /**
+     * reset the chaining variables
+     */
+    public void reset()
+    {
+        super.reset();
+
+        H1 = 0x67452301;
+        H2 = 0xefcdab89;
+        H3 = 0x98badcfe;
+        H4 = 0x10325476;
+        H5 = 0xc3d2e1f0;
+
+        xOff = 0;
+        for (int i = 0; i != X.length; i++)
+        {
+            X[i] = 0;
+        }
+    }
+
+    //
+    // Additive constants
+    //
+    private static final int    Y1 = 0x5a827999;
+    private static final int    Y2 = 0x6ed9eba1;
+    private static final int    Y3 = 0x8f1bbcdc;
+    private static final int    Y4 = 0xca62c1d6;
+   
+    private int f(
+        int    u,
+        int    v,
+        int    w)
+    {
+        return ((u & v) | ((~u) & w));
+    }
+
+    private int h(
+        int    u,
+        int    v,
+        int    w)
+    {
+        return (u ^ v ^ w);
+    }
+
+    private int g(
+        int    u,
+        int    v,
+        int    w)
+    {
+        return ((u & v) | (u & w) | (v & w));
+    }
+
+    protected void processBlock()
+    {
+        //
+        // expand 16 word block into 80 word block.
+        //
+        for (int i = 16; i < 80; i++)
+        {
+            int t = X[i - 3] ^ X[i - 8] ^ X[i - 14] ^ X[i - 16];
+            X[i] = t << 1 | t >>> 31;
+        }
+
+        //
+        // set up working variables.
+        //
+        int     A = H1;
+        int     B = H2;
+        int     C = H3;
+        int     D = H4;
+        int     E = H5;
+
+        //
+        // round 1
+        //
+        int idx = 0;
+        
+        for (int j = 0; j < 4; j++)
+        {
+            // E = rotateLeft(A, 5) + f(B, C, D) + E + X[idx++] + Y1
+            // B = rotateLeft(B, 30)
+            E += (A << 5 | A >>> 27) + f(B, C, D) + X[idx++] + Y1;
+            B = B << 30 | B >>> 2;
+        
+            D += (E << 5 | E >>> 27) + f(A, B, C) + X[idx++] + Y1;
+            A = A << 30 | A >>> 2;
+       
+            C += (D << 5 | D >>> 27) + f(E, A, B) + X[idx++] + Y1;
+            E = E << 30 | E >>> 2;
+       
+            B += (C << 5 | C >>> 27) + f(D, E, A) + X[idx++] + Y1;
+            D = D << 30 | D >>> 2;
+
+            A += (B << 5 | B >>> 27) + f(C, D, E) + X[idx++] + Y1;
+            C = C << 30 | C >>> 2;
+        }
+        
+        //
+        // round 2
+        //
+        for (int j = 0; j < 4; j++)
+        {
+            // E = rotateLeft(A, 5) + h(B, C, D) + E + X[idx++] + Y2
+            // B = rotateLeft(B, 30)
+            E += (A << 5 | A >>> 27) + h(B, C, D) + X[idx++] + Y2;
+            B = B << 30 | B >>> 2;   
+            
+            D += (E << 5 | E >>> 27) + h(A, B, C) + X[idx++] + Y2;
+            A = A << 30 | A >>> 2;
+            
+            C += (D << 5 | D >>> 27) + h(E, A, B) + X[idx++] + Y2;
+            E = E << 30 | E >>> 2;
+            
+            B += (C << 5 | C >>> 27) + h(D, E, A) + X[idx++] + Y2;
+            D = D << 30 | D >>> 2;
+
+            A += (B << 5 | B >>> 27) + h(C, D, E) + X[idx++] + Y2;
+            C = C << 30 | C >>> 2;
+        }
+        
+        //
+        // round 3
+        //
+        for (int j = 0; j < 4; j++)
+        {
+            // E = rotateLeft(A, 5) + g(B, C, D) + E + X[idx++] + Y3
+            // B = rotateLeft(B, 30)
+            E += (A << 5 | A >>> 27) + g(B, C, D) + X[idx++] + Y3;
+            B = B << 30 | B >>> 2;
+            
+            D += (E << 5 | E >>> 27) + g(A, B, C) + X[idx++] + Y3;
+            A = A << 30 | A >>> 2;
+            
+            C += (D << 5 | D >>> 27) + g(E, A, B) + X[idx++] + Y3;
+            E = E << 30 | E >>> 2;
+            
+            B += (C << 5 | C >>> 27) + g(D, E, A) + X[idx++] + Y3;
+            D = D << 30 | D >>> 2;
+
+            A += (B << 5 | B >>> 27) + g(C, D, E) + X[idx++] + Y3;
+            C = C << 30 | C >>> 2;
+        }
+
+        //
+        // round 4
+        //
+        for (int j = 0; j <= 3; j++)
+        {
+            // E = rotateLeft(A, 5) + h(B, C, D) + E + X[idx++] + Y4
+            // B = rotateLeft(B, 30)
+            E += (A << 5 | A >>> 27) + h(B, C, D) + X[idx++] + Y4;
+            B = B << 30 | B >>> 2;
+            
+            D += (E << 5 | E >>> 27) + h(A, B, C) + X[idx++] + Y4;
+            A = A << 30 | A >>> 2;
+            
+            C += (D << 5 | D >>> 27) + h(E, A, B) + X[idx++] + Y4;
+            E = E << 30 | E >>> 2;
+            
+            B += (C << 5 | C >>> 27) + h(D, E, A) + X[idx++] + Y4;
+            D = D << 30 | D >>> 2;
+
+            A += (B << 5 | B >>> 27) + h(C, D, E) + X[idx++] + Y4;
+            C = C << 30 | C >>> 2;
+        }
+
+
+        H1 += A;
+        H2 += B;
+        H3 += C;
+        H4 += D;
+        H5 += E;
+
+        //
+        // reset start of the buffer.
+        //
+        xOff = 0;
+        for (int i = 0; i < 16; i++)
+        {
+            X[i] = 0;
+        }
+    }
+
+    public Memoable copy()
+    {
+        return new SHA1Digest(this);
+    }
+
+    public void reset(Memoable other)
+    {
+        SHA1Digest d = (SHA1Digest)other;
+
+        super.copyIn(d);
+        copyIn(d);
+    }
+
+    public byte[] getEncodedState()
+    {
+        byte[] state = new byte[40 + xOff * 4];
+
+        super.populateState(state);
+
+        Pack.intToBigEndian(H1, state, 16);
+        Pack.intToBigEndian(H2, state, 20);
+        Pack.intToBigEndian(H3, state, 24);
+        Pack.intToBigEndian(H4, state, 28);
+        Pack.intToBigEndian(H5, state, 32);
+        Pack.intToBigEndian(xOff, state, 36);
+
+        for (int i = 0; i != xOff; i++)
+        {
+            Pack.intToBigEndian(X[i], state, 40 + (i * 4));
+        }
+
+        return state;
+    }
+}
+
+
+
+

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/SHA224Digest.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/SHA224Digest.java
new file mode 100644
index 0000000..b17a503
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/SHA224Digest.java

@@ -0,0 +1,363 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.digests;
+
+
+import com.android.org.bouncycastle.util.Memoable;
+import com.android.org.bouncycastle.util.Pack;
+
+
+/**
+ * SHA-224 as described in RFC 3874
+ * <pre>
+ *         block  word  digest
+ * SHA-1   512    32    160
+ * SHA-224 512    32    224
+ * SHA-256 512    32    256
+ * SHA-384 1024   64    384
+ * SHA-512 1024   64    512
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SHA224Digest
+    extends GeneralDigest
+    implements EncodableDigest
+{
+    private static final int    DIGEST_LENGTH = 28;
+
+    private int     H1, H2, H3, H4, H5, H6, H7, H8;
+
+    private int[]   X = new int[64];
+    private int     xOff;
+
+    /**
+     * Standard constructor
+     */
+    public SHA224Digest()
+    {
+        reset();
+    }
+
+    /**
+     * Copy constructor.  This will copy the state of the provided
+     * message digest.
+     */
+    public SHA224Digest(SHA224Digest t)
+    {
+        super(t);
+
+        doCopy(t);
+    }
+
+    private void doCopy(SHA224Digest t)
+    {
+        super.copyIn(t);
+
+        H1 = t.H1;
+        H2 = t.H2;
+        H3 = t.H3;
+        H4 = t.H4;
+        H5 = t.H5;
+        H6 = t.H6;
+        H7 = t.H7;
+        H8 = t.H8;
+
+        System.arraycopy(t.X, 0, X, 0, t.X.length);
+        xOff = t.xOff;
+    }
+
+    /**
+     * State constructor - create a digest initialised with the state of a previous one.
+     *
+     * @param encodedState the encoded state from the originating digest.
+     */
+    public SHA224Digest(byte[] encodedState)
+    {
+        super(encodedState);
+
+        H1 = Pack.bigEndianToInt(encodedState, 16);
+        H2 = Pack.bigEndianToInt(encodedState, 20);
+        H3 = Pack.bigEndianToInt(encodedState, 24);
+        H4 = Pack.bigEndianToInt(encodedState, 28);
+        H5 = Pack.bigEndianToInt(encodedState, 32);
+        H6 = Pack.bigEndianToInt(encodedState, 36);
+        H7 = Pack.bigEndianToInt(encodedState, 40);
+        H8 = Pack.bigEndianToInt(encodedState, 44);
+
+        xOff = Pack.bigEndianToInt(encodedState, 48);
+        for (int i = 0; i != xOff; i++)
+        {
+            X[i] = Pack.bigEndianToInt(encodedState, 52 + (i * 4));
+        }
+    }
+
+    public String getAlgorithmName()
+    {
+        return "SHA-224";
+    }
+
+    public int getDigestSize()
+    {
+        return DIGEST_LENGTH;
+    }
+
+    protected void processWord(
+        byte[]  in,
+        int     inOff)
+    {
+        // Note: Inlined for performance
+//        X[xOff] = Pack.bigEndianToInt(in, inOff);
+        int n = in[  inOff] << 24;
+        n |= (in[++inOff] & 0xff) << 16;
+        n |= (in[++inOff] & 0xff) << 8;
+        n |= (in[++inOff] & 0xff);
+        X[xOff] = n;
+
+        if (++xOff == 16)
+        {
+            processBlock();
+        }
+    }
+
+    protected void processLength(
+        long    bitLength)
+    {
+        if (xOff > 14)
+        {
+            processBlock();
+        }
+
+        X[14] = (int)(bitLength >>> 32);
+        X[15] = (int)(bitLength & 0xffffffff);
+    }
+
+    public int doFinal(
+        byte[]  out,
+        int     outOff)
+    {
+        finish();
+
+        Pack.intToBigEndian(H1, out, outOff);
+        Pack.intToBigEndian(H2, out, outOff + 4);
+        Pack.intToBigEndian(H3, out, outOff + 8);
+        Pack.intToBigEndian(H4, out, outOff + 12);
+        Pack.intToBigEndian(H5, out, outOff + 16);
+        Pack.intToBigEndian(H6, out, outOff + 20);
+        Pack.intToBigEndian(H7, out, outOff + 24);
+
+        reset();
+
+        return DIGEST_LENGTH;
+    }
+
+    /**
+     * reset the chaining variables
+     */
+    public void reset()
+    {
+        super.reset();
+
+        /* SHA-224 initial hash value
+         */
+
+        H1 = 0xc1059ed8;
+        H2 = 0x367cd507;
+        H3 = 0x3070dd17;
+        H4 = 0xf70e5939;
+        H5 = 0xffc00b31;
+        H6 = 0x68581511;
+        H7 = 0x64f98fa7;
+        H8 = 0xbefa4fa4;
+
+        xOff = 0;
+        for (int i = 0; i != X.length; i++)
+        {
+            X[i] = 0;
+        }
+    }
+
+    protected void processBlock()
+    {
+        //
+        // expand 16 word block into 64 word blocks.
+        //
+        for (int t = 16; t <= 63; t++)
+        {
+            X[t] = Theta1(X[t - 2]) + X[t - 7] + Theta0(X[t - 15]) + X[t - 16];
+        }
+
+        //
+        // set up working variables.
+        //
+        int     a = H1;
+        int     b = H2;
+        int     c = H3;
+        int     d = H4;
+        int     e = H5;
+        int     f = H6;
+        int     g = H7;
+        int     h = H8;
+
+
+        int t = 0;     
+        for(int i = 0; i < 8; i ++)
+        {
+            // t = 8 * i
+            h += Sum1(e) + Ch(e, f, g) + K[t] + X[t];
+            d += h;
+            h += Sum0(a) + Maj(a, b, c);
+            ++t;
+
+            // t = 8 * i + 1
+            g += Sum1(d) + Ch(d, e, f) + K[t] + X[t];
+            c += g;
+            g += Sum0(h) + Maj(h, a, b);
+            ++t;
+
+            // t = 8 * i + 2
+            f += Sum1(c) + Ch(c, d, e) + K[t] + X[t];
+            b += f;
+            f += Sum0(g) + Maj(g, h, a);
+            ++t;
+
+            // t = 8 * i + 3
+            e += Sum1(b) + Ch(b, c, d) + K[t] + X[t];
+            a += e;
+            e += Sum0(f) + Maj(f, g, h);
+            ++t;
+
+            // t = 8 * i + 4
+            d += Sum1(a) + Ch(a, b, c) + K[t] + X[t];
+            h += d;
+            d += Sum0(e) + Maj(e, f, g);
+            ++t;
+
+            // t = 8 * i + 5
+            c += Sum1(h) + Ch(h, a, b) + K[t] + X[t];
+            g += c;
+            c += Sum0(d) + Maj(d, e, f);
+            ++t;
+
+            // t = 8 * i + 6
+            b += Sum1(g) + Ch(g, h, a) + K[t] + X[t];
+            f += b;
+            b += Sum0(c) + Maj(c, d, e);
+            ++t;
+
+            // t = 8 * i + 7
+            a += Sum1(f) + Ch(f, g, h) + K[t] + X[t];
+            e += a;
+            a += Sum0(b) + Maj(b, c, d);
+            ++t;
+        }
+
+        H1 += a;
+        H2 += b;
+        H3 += c;
+        H4 += d;
+        H5 += e;
+        H6 += f;
+        H7 += g;
+        H8 += h;
+
+        //
+        // reset the offset and clean out the word buffer.
+        //
+        xOff = 0;
+        for (int i = 0; i < 16; i++)
+        {
+            X[i] = 0;
+        }
+    }
+
+    /* SHA-224 functions */
+    private int Ch(
+        int    x,
+        int    y,
+        int    z)
+    {
+        return ((x & y) ^ ((~x) & z));
+    }
+
+    private int Maj(
+        int    x,
+        int    y,
+        int    z)
+    {
+        return ((x & y) ^ (x & z) ^ (y & z));
+    }
+
+    private int Sum0(
+        int    x)
+    {
+        return ((x >>> 2) | (x << 30)) ^ ((x >>> 13) | (x << 19)) ^ ((x >>> 22) | (x << 10));
+    }
+
+    private int Sum1(
+        int    x)
+    {
+        return ((x >>> 6) | (x << 26)) ^ ((x >>> 11) | (x << 21)) ^ ((x >>> 25) | (x << 7));
+    }
+
+    private int Theta0(
+        int    x)
+    {
+        return ((x >>> 7) | (x << 25)) ^ ((x >>> 18) | (x << 14)) ^ (x >>> 3);
+    }
+
+    private int Theta1(
+        int    x)
+    {
+        return ((x >>> 17) | (x << 15)) ^ ((x >>> 19) | (x << 13)) ^ (x >>> 10);
+    }
+
+    /* SHA-224 Constants
+     * (represent the first 32 bits of the fractional parts of the
+     * cube roots of the first sixty-four prime numbers)
+     */
+    static final int K[] = {
+        0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
+        0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
+        0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
+        0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
+        0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
+        0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070, 0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
+        0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
+    };
+
+    public Memoable copy()
+    {
+        return new SHA224Digest(this);
+    }
+
+    public void reset(Memoable other)
+    {
+        SHA224Digest d = (SHA224Digest)other;
+
+        doCopy(d);
+    }
+
+    public byte[] getEncodedState()
+    {
+        byte[] state = new byte[52 + xOff * 4];
+
+        super.populateState(state);
+
+        Pack.intToBigEndian(H1, state, 16);
+        Pack.intToBigEndian(H2, state, 20);
+        Pack.intToBigEndian(H3, state, 24);
+        Pack.intToBigEndian(H4, state, 28);
+        Pack.intToBigEndian(H5, state, 32);
+        Pack.intToBigEndian(H6, state, 36);
+        Pack.intToBigEndian(H7, state, 40);
+        Pack.intToBigEndian(H8, state, 44);
+        Pack.intToBigEndian(xOff, state, 48);
+
+        for (int i = 0; i != xOff; i++)
+        {
+            Pack.intToBigEndian(X[i], state, 52 + (i * 4));
+        }
+
+        return state;
+    }
+}
+

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/SHA256Digest.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/SHA256Digest.java
new file mode 100644
index 0000000..aeee4f9
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/SHA256Digest.java

@@ -0,0 +1,367 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.digests;
+
+
+import com.android.org.bouncycastle.util.Memoable;
+import com.android.org.bouncycastle.util.Pack;
+
+
+/**
+ * FIPS 180-2 implementation of SHA-256.
+ *
+ * <pre>
+ *         block  word  digest
+ * SHA-1   512    32    160
+ * SHA-256 512    32    256
+ * SHA-384 1024   64    384
+ * SHA-512 1024   64    512
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SHA256Digest
+    extends GeneralDigest
+    implements EncodableDigest
+{
+    private static final int    DIGEST_LENGTH = 32;
+
+    private int     H1, H2, H3, H4, H5, H6, H7, H8;
+
+    private int[]   X = new int[64];
+    private int     xOff;
+
+    /**
+     * Standard constructor
+     */
+    public SHA256Digest()
+    {
+        reset();
+    }
+
+    /**
+     * Copy constructor.  This will copy the state of the provided
+     * message digest.
+     */
+    public SHA256Digest(SHA256Digest t)
+    {
+        super(t);
+
+        copyIn(t);
+    }
+
+    private void copyIn(SHA256Digest t)
+    {
+        super.copyIn(t);
+
+        H1 = t.H1;
+        H2 = t.H2;
+        H3 = t.H3;
+        H4 = t.H4;
+        H5 = t.H5;
+        H6 = t.H6;
+        H7 = t.H7;
+        H8 = t.H8;
+
+        System.arraycopy(t.X, 0, X, 0, t.X.length);
+        xOff = t.xOff;
+    }
+
+    /**
+     * State constructor - create a digest initialised with the state of a previous one.
+     *
+     * @param encodedState the encoded state from the originating digest.
+     */
+    public SHA256Digest(byte[] encodedState)
+    {
+        super(encodedState);
+
+        H1 = Pack.bigEndianToInt(encodedState, 16);
+        H2 = Pack.bigEndianToInt(encodedState, 20);
+        H3 = Pack.bigEndianToInt(encodedState, 24);
+        H4 = Pack.bigEndianToInt(encodedState, 28);
+        H5 = Pack.bigEndianToInt(encodedState, 32);
+        H6 = Pack.bigEndianToInt(encodedState, 36);
+        H7 = Pack.bigEndianToInt(encodedState, 40);
+        H8 = Pack.bigEndianToInt(encodedState, 44);
+
+        xOff = Pack.bigEndianToInt(encodedState, 48);
+        for (int i = 0; i != xOff; i++)
+        {
+            X[i] = Pack.bigEndianToInt(encodedState, 52 + (i * 4));
+        }
+    }
+
+
+    public String getAlgorithmName()
+    {
+        return "SHA-256";
+    }
+
+    public int getDigestSize()
+    {
+        return DIGEST_LENGTH;
+    }
+
+    protected void processWord(
+        byte[]  in,
+        int     inOff)
+    {
+        // Note: Inlined for performance
+//        X[xOff] = Pack.bigEndianToInt(in, inOff);
+        int n = in[inOff] << 24;
+        n |= (in[++inOff] & 0xff) << 16;
+        n |= (in[++inOff] & 0xff) << 8;
+        n |= (in[++inOff] & 0xff);
+        X[xOff] = n;
+
+        if (++xOff == 16)
+        {
+            processBlock();
+        }
+    }
+
+    protected void processLength(
+        long    bitLength)
+    {
+        if (xOff > 14)
+        {
+            processBlock();
+        }
+
+        X[14] = (int)(bitLength >>> 32);
+        X[15] = (int)(bitLength & 0xffffffff);
+    }
+
+    public int doFinal(
+        byte[]  out,
+        int     outOff)
+    {
+        finish();
+
+        Pack.intToBigEndian(H1, out, outOff);
+        Pack.intToBigEndian(H2, out, outOff + 4);
+        Pack.intToBigEndian(H3, out, outOff + 8);
+        Pack.intToBigEndian(H4, out, outOff + 12);
+        Pack.intToBigEndian(H5, out, outOff + 16);
+        Pack.intToBigEndian(H6, out, outOff + 20);
+        Pack.intToBigEndian(H7, out, outOff + 24);
+        Pack.intToBigEndian(H8, out, outOff + 28);
+
+        reset();
+
+        return DIGEST_LENGTH;
+    }
+
+    /**
+     * reset the chaining variables
+     */
+    public void reset()
+    {
+        super.reset();
+
+        /* SHA-256 initial hash value
+         * The first 32 bits of the fractional parts of the square roots
+         * of the first eight prime numbers
+         */
+
+        H1 = 0x6a09e667;
+        H2 = 0xbb67ae85;
+        H3 = 0x3c6ef372;
+        H4 = 0xa54ff53a;
+        H5 = 0x510e527f;
+        H6 = 0x9b05688c;
+        H7 = 0x1f83d9ab;
+        H8 = 0x5be0cd19;
+
+        xOff = 0;
+        for (int i = 0; i != X.length; i++)
+        {
+            X[i] = 0;
+        }
+    }
+
+    protected void processBlock()
+    {
+        //
+        // expand 16 word block into 64 word blocks.
+        //
+        for (int t = 16; t <= 63; t++)
+        {
+            X[t] = Theta1(X[t - 2]) + X[t - 7] + Theta0(X[t - 15]) + X[t - 16];
+        }
+
+        //
+        // set up working variables.
+        //
+        int     a = H1;
+        int     b = H2;
+        int     c = H3;
+        int     d = H4;
+        int     e = H5;
+        int     f = H6;
+        int     g = H7;
+        int     h = H8;
+
+        int t = 0;     
+        for(int i = 0; i < 8; i ++)
+        {
+            // t = 8 * i
+            h += Sum1(e) + Ch(e, f, g) + K[t] + X[t];
+            d += h;
+            h += Sum0(a) + Maj(a, b, c);
+            ++t;
+
+            // t = 8 * i + 1
+            g += Sum1(d) + Ch(d, e, f) + K[t] + X[t];
+            c += g;
+            g += Sum0(h) + Maj(h, a, b);
+            ++t;
+
+            // t = 8 * i + 2
+            f += Sum1(c) + Ch(c, d, e) + K[t] + X[t];
+            b += f;
+            f += Sum0(g) + Maj(g, h, a);
+            ++t;
+
+            // t = 8 * i + 3
+            e += Sum1(b) + Ch(b, c, d) + K[t] + X[t];
+            a += e;
+            e += Sum0(f) + Maj(f, g, h);
+            ++t;
+
+            // t = 8 * i + 4
+            d += Sum1(a) + Ch(a, b, c) + K[t] + X[t];
+            h += d;
+            d += Sum0(e) + Maj(e, f, g);
+            ++t;
+
+            // t = 8 * i + 5
+            c += Sum1(h) + Ch(h, a, b) + K[t] + X[t];
+            g += c;
+            c += Sum0(d) + Maj(d, e, f);
+            ++t;
+
+            // t = 8 * i + 6
+            b += Sum1(g) + Ch(g, h, a) + K[t] + X[t];
+            f += b;
+            b += Sum0(c) + Maj(c, d, e);
+            ++t;
+
+            // t = 8 * i + 7
+            a += Sum1(f) + Ch(f, g, h) + K[t] + X[t];
+            e += a;
+            a += Sum0(b) + Maj(b, c, d);
+            ++t;
+        }
+
+        H1 += a;
+        H2 += b;
+        H3 += c;
+        H4 += d;
+        H5 += e;
+        H6 += f;
+        H7 += g;
+        H8 += h;
+
+        //
+        // reset the offset and clean out the word buffer.
+        //
+        xOff = 0;
+        for (int i = 0; i < 16; i++)
+        {
+            X[i] = 0;
+        }
+    }
+
+    /* SHA-256 functions */
+    private int Ch(
+        int    x,
+        int    y,
+        int    z)
+    {
+        return (x & y) ^ ((~x) & z);
+    }
+
+    private int Maj(
+        int    x,
+        int    y,
+        int    z)
+    {
+        return (x & y) ^ (x & z) ^ (y & z);
+    }
+
+    private int Sum0(
+        int    x)
+    {
+        return ((x >>> 2) | (x << 30)) ^ ((x >>> 13) | (x << 19)) ^ ((x >>> 22) | (x << 10));
+    }
+
+    private int Sum1(
+        int    x)
+    {
+        return ((x >>> 6) | (x << 26)) ^ ((x >>> 11) | (x << 21)) ^ ((x >>> 25) | (x << 7));
+    }
+
+    private int Theta0(
+        int    x)
+    {
+        return ((x >>> 7) | (x << 25)) ^ ((x >>> 18) | (x << 14)) ^ (x >>> 3);
+    }
+
+    private int Theta1(
+        int    x)
+    {
+        return ((x >>> 17) | (x << 15)) ^ ((x >>> 19) | (x << 13)) ^ (x >>> 10);
+    }
+
+    /* SHA-256 Constants
+     * (represent the first 32 bits of the fractional parts of the
+     * cube roots of the first sixty-four prime numbers)
+     */
+    static final int K[] = {
+        0x428a2f98, 0x71374491, 0xb5c0fbcf, 0xe9b5dba5, 0x3956c25b, 0x59f111f1, 0x923f82a4, 0xab1c5ed5,
+        0xd807aa98, 0x12835b01, 0x243185be, 0x550c7dc3, 0x72be5d74, 0x80deb1fe, 0x9bdc06a7, 0xc19bf174,
+        0xe49b69c1, 0xefbe4786, 0x0fc19dc6, 0x240ca1cc, 0x2de92c6f, 0x4a7484aa, 0x5cb0a9dc, 0x76f988da,
+        0x983e5152, 0xa831c66d, 0xb00327c8, 0xbf597fc7, 0xc6e00bf3, 0xd5a79147, 0x06ca6351, 0x14292967,
+        0x27b70a85, 0x2e1b2138, 0x4d2c6dfc, 0x53380d13, 0x650a7354, 0x766a0abb, 0x81c2c92e, 0x92722c85,
+        0xa2bfe8a1, 0xa81a664b, 0xc24b8b70, 0xc76c51a3, 0xd192e819, 0xd6990624, 0xf40e3585, 0x106aa070,
+        0x19a4c116, 0x1e376c08, 0x2748774c, 0x34b0bcb5, 0x391c0cb3, 0x4ed8aa4a, 0x5b9cca4f, 0x682e6ff3,
+        0x748f82ee, 0x78a5636f, 0x84c87814, 0x8cc70208, 0x90befffa, 0xa4506ceb, 0xbef9a3f7, 0xc67178f2
+    };
+
+    public Memoable copy()
+    {
+        return new SHA256Digest(this);
+    }
+
+    public void reset(Memoable other)
+    {
+        SHA256Digest d = (SHA256Digest)other;
+
+        copyIn(d);
+    }
+
+    public byte[] getEncodedState()
+    {
+        byte[] state = new byte[52 + xOff * 4];
+
+        super.populateState(state);
+
+        Pack.intToBigEndian(H1, state, 16);
+        Pack.intToBigEndian(H2, state, 20);
+        Pack.intToBigEndian(H3, state, 24);
+        Pack.intToBigEndian(H4, state, 28);
+        Pack.intToBigEndian(H5, state, 32);
+        Pack.intToBigEndian(H6, state, 36);
+        Pack.intToBigEndian(H7, state, 40);
+        Pack.intToBigEndian(H8, state, 44);
+        Pack.intToBigEndian(xOff, state, 48);
+
+        for (int i = 0; i != xOff; i++)
+        {
+            Pack.intToBigEndian(X[i], state, 52 + (i * 4));
+        }
+
+        return state;
+    }
+}
+

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/SHA384Digest.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/SHA384Digest.java
new file mode 100644
index 0000000..8ff6764
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/SHA384Digest.java

@@ -0,0 +1,118 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.digests;
+
+import com.android.org.bouncycastle.util.Memoable;
+import com.android.org.bouncycastle.util.Pack;
+
+
+/**
+ * FIPS 180-2 implementation of SHA-384.
+ *
+ * <pre>
+ *         block  word  digest
+ * SHA-1   512    32    160
+ * SHA-256 512    32    256
+ * SHA-384 1024   64    384
+ * SHA-512 1024   64    512
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SHA384Digest
+    extends LongDigest
+{
+    private static final int    DIGEST_LENGTH = 48;
+
+    /**
+     * Standard constructor
+     */
+    public SHA384Digest()
+    {
+    }
+
+    /**
+     * Copy constructor.  This will copy the state of the provided
+     * message digest.
+     */
+    public SHA384Digest(SHA384Digest t)
+    {
+        super(t);
+    }
+
+    /**
+     * State constructor - create a digest initialised with the state of a previous one.
+     *
+     * @param encodedState the encoded state from the originating digest.
+     */
+    public SHA384Digest(byte[] encodedState)
+    {
+        restoreState(encodedState);
+    }
+
+    public String getAlgorithmName()
+    {
+        return "SHA-384";
+    }
+
+    public int getDigestSize()
+    {
+        return DIGEST_LENGTH;
+    }
+
+    public int doFinal(
+        byte[]  out,
+        int     outOff)
+    {
+        finish();
+
+        Pack.longToBigEndian(H1, out, outOff);
+        Pack.longToBigEndian(H2, out, outOff + 8);
+        Pack.longToBigEndian(H3, out, outOff + 16);
+        Pack.longToBigEndian(H4, out, outOff + 24);
+        Pack.longToBigEndian(H5, out, outOff + 32);
+        Pack.longToBigEndian(H6, out, outOff + 40);
+
+        reset();
+
+        return DIGEST_LENGTH;
+    }
+
+    /**
+     * reset the chaining variables
+     */
+    public void reset()
+    {
+        super.reset();
+
+        /* SHA-384 initial hash value
+         * The first 64 bits of the fractional parts of the square roots
+         * of the 9th through 16th prime numbers
+         */
+        H1 = 0xcbbb9d5dc1059ed8l;
+        H2 = 0x629a292a367cd507l;
+        H3 = 0x9159015a3070dd17l;
+        H4 = 0x152fecd8f70e5939l;
+        H5 = 0x67332667ffc00b31l;
+        H6 = 0x8eb44a8768581511l;
+        H7 = 0xdb0c2e0d64f98fa7l;
+        H8 = 0x47b5481dbefa4fa4l;
+    }
+
+    public Memoable copy()
+    {
+        return new SHA384Digest(this);
+    }
+
+    public void reset(Memoable other)
+    {
+        SHA384Digest d = (SHA384Digest)other;
+
+        super.copyIn(d);
+    }
+
+    public byte[] getEncodedState()
+    {
+        byte[] encoded = new byte[getEncodedStateSize()];
+        super.populateState(encoded);
+        return encoded;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/SHA512Digest.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/SHA512Digest.java
new file mode 100644
index 0000000..882b671
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/digests/SHA512Digest.java

@@ -0,0 +1,121 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.digests;
+
+import com.android.org.bouncycastle.util.Memoable;
+import com.android.org.bouncycastle.util.Pack;
+
+
+/**
+ * FIPS 180-2 implementation of SHA-512.
+ *
+ * <pre>
+ *         block  word  digest
+ * SHA-1   512    32    160
+ * SHA-256 512    32    256
+ * SHA-384 1024   64    384
+ * SHA-512 1024   64    512
+ * </pre>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SHA512Digest
+    extends LongDigest
+{
+    private static final int    DIGEST_LENGTH = 64;
+
+    /**
+     * Standard constructor
+     */
+    public SHA512Digest()
+    {
+    }
+
+    /**
+     * Copy constructor.  This will copy the state of the provided
+     * message digest.
+     */
+    public SHA512Digest(SHA512Digest t)
+    {
+        super(t);
+    }
+
+    /**
+     * State constructor - create a digest initialised with the state of a previous one.
+     *
+     * @param encodedState the encoded state from the originating digest.
+     */
+    public SHA512Digest(byte[] encodedState)
+    {
+        restoreState(encodedState);
+    }
+
+    public String getAlgorithmName()
+    {
+        return "SHA-512";
+    }
+
+    public int getDigestSize()
+    {
+        return DIGEST_LENGTH;
+    }
+
+    public int doFinal(
+        byte[]  out,
+        int     outOff)
+    {
+        finish();
+
+        Pack.longToBigEndian(H1, out, outOff);
+        Pack.longToBigEndian(H2, out, outOff + 8);
+        Pack.longToBigEndian(H3, out, outOff + 16);
+        Pack.longToBigEndian(H4, out, outOff + 24);
+        Pack.longToBigEndian(H5, out, outOff + 32);
+        Pack.longToBigEndian(H6, out, outOff + 40);
+        Pack.longToBigEndian(H7, out, outOff + 48);
+        Pack.longToBigEndian(H8, out, outOff + 56);
+
+        reset();
+
+        return DIGEST_LENGTH;
+    }
+
+    /**
+     * reset the chaining variables
+     */
+    public void reset()
+    {
+        super.reset();
+
+        /* SHA-512 initial hash value
+         * The first 64 bits of the fractional parts of the square roots
+         * of the first eight prime numbers
+         */
+        H1 = 0x6a09e667f3bcc908L;
+        H2 = 0xbb67ae8584caa73bL;
+        H3 = 0x3c6ef372fe94f82bL;
+        H4 = 0xa54ff53a5f1d36f1L;
+        H5 = 0x510e527fade682d1L;
+        H6 = 0x9b05688c2b3e6c1fL;
+        H7 = 0x1f83d9abfb41bd6bL;
+        H8 = 0x5be0cd19137e2179L;
+    }
+
+    public Memoable copy()
+    {
+        return new SHA512Digest(this);
+    }
+
+    public void reset(Memoable other)
+    {
+        SHA512Digest d = (SHA512Digest)other;
+
+        copyIn(d);
+    }
+
+    public byte[] getEncodedState()
+    {
+        byte[] encoded = new byte[getEncodedStateSize()];
+        super.populateState(encoded);
+        return encoded;
+    }
+}
+

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/ec/CustomNamedCurves.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/ec/CustomNamedCurves.java
new file mode 100644
index 0000000..e8f250c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/ec/CustomNamedCurves.java

@@ -0,0 +1,802 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.ec;
+
+import java.math.BigInteger;
+import java.util.Enumeration;
+import java.util.Hashtable;
+import java.util.Vector;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cryptlib.CryptlibObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.gm.GMObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.sec.SECObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x9.X9ECParameters;
+import com.android.org.bouncycastle.asn1.x9.X9ECParametersHolder;
+import com.android.org.bouncycastle.asn1.x9.X9ECPoint;
+import com.android.org.bouncycastle.math.ec.ECCurve;
+// BEGIN android-removed
+// import org.bouncycastle.math.ec.custom.djb.Curve25519;
+// import org.bouncycastle.math.ec.custom.gm.SM2P256V1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecP128R1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecP160K1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecP160R1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecP160R2Curve;
+// END android-removed
+import com.android.org.bouncycastle.math.ec.custom.sec.SecP192K1Curve;
+import com.android.org.bouncycastle.math.ec.custom.sec.SecP192R1Curve;
+import com.android.org.bouncycastle.math.ec.custom.sec.SecP224K1Curve;
+import com.android.org.bouncycastle.math.ec.custom.sec.SecP224R1Curve;
+import com.android.org.bouncycastle.math.ec.custom.sec.SecP256K1Curve;
+import com.android.org.bouncycastle.math.ec.custom.sec.SecP256R1Curve;
+import com.android.org.bouncycastle.math.ec.custom.sec.SecP384R1Curve;
+import com.android.org.bouncycastle.math.ec.custom.sec.SecP521R1Curve;
+// BEGIN android-removed
+// import org.bouncycastle.math.ec.custom.sec.SecT113R1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT113R2Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT131R1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT131R2Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT163K1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT163R1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT163R2Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT193R1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT193R2Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT233K1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT233R1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT239K1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT283K1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT283R1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT409K1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT409R1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT571K1Curve;
+// import org.bouncycastle.math.ec.custom.sec.SecT571R1Curve;
+// END android-removed
+import com.android.org.bouncycastle.math.ec.endo.GLVTypeBEndomorphism;
+import com.android.org.bouncycastle.math.ec.endo.GLVTypeBParameters;
+import com.android.org.bouncycastle.util.Strings;
+import com.android.org.bouncycastle.util.encoders.Hex;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class CustomNamedCurves
+{
+    private static ECCurve configureCurve(ECCurve curve)
+    {
+        return curve;
+    }
+
+    private static ECCurve configureCurveGLV(ECCurve c, GLVTypeBParameters p)
+    {
+        return c.configure().setEndomorphism(new GLVTypeBEndomorphism(c, p)).create();
+    }
+
+    // BEGIN Android-removed: Unsupported curves
+    /*
+    /*
+     * curve25519
+     *
+    static X9ECParametersHolder curve25519 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = null;
+            ECCurve curve = configureCurve(new Curve25519());
+
+            /*
+             * NOTE: Curve25519 was specified in Montgomery form. Rewriting in Weierstrass form
+             * involves substitution of variables, so the base-point x coordinate is 9 + (486662 / 3).
+             * 
+             * The Curve25519 paper doesn't say which of the two possible y values the base
+             * point has. The choice here is guided by language in the Ed25519 paper.
+             * 
+             * (The other possible y value is 5F51E65E475F794B1FE122D388B72EB36DC2B28192839E4DD6163A5D81312C14) 
+             *
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "2AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAD245A"
+                + "20AE19A1B8A086B4E01EDD2C7748D14C923D4D7E6D7C61B229E9C5A27ECED3D9"));
+
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * secp128r1
+     *
+    static X9ECParametersHolder secp128r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = Hex.decode("000E0D4D696E6768756151750CC03A4473D03679");
+            ECCurve curve = configureCurve(new SecP128R1Curve());
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "161FF7528B899B2D0C28607CA52C5B86"
+                + "CF5AC8395BAFEB13C02DA292DDED7A83"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * secp160k1
+     *
+    static X9ECParametersHolder secp160k1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = null;
+            GLVTypeBParameters glv = new GLVTypeBParameters(
+                new BigInteger("9ba48cba5ebcb9b6bd33b92830b2a2e0e192f10a", 16),
+                new BigInteger("c39c6c3b3a36d7701b9c71a1f5804ae5d0003f4", 16),
+                new BigInteger[]{
+                    new BigInteger("9162fbe73984472a0a9e", 16),
+                    new BigInteger("-96341f1138933bc2f505", 16) },
+                new BigInteger[]{
+                    new BigInteger("127971af8721782ecffa3", 16),
+                    new BigInteger("9162fbe73984472a0a9e", 16) },
+                new BigInteger("9162fbe73984472a0a9d0590", 16),
+                new BigInteger("96341f1138933bc2f503fd44", 16),
+                176);
+            ECCurve curve = configureCurveGLV(new SecP160K1Curve(), glv);
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "3B4C382CE37AA192A4019E763036F4F5DD4D7EBB"
+                + "938CF935318FDCED6BC28286531733C3F03C4FEE"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * secp160r1
+     *
+    static X9ECParametersHolder secp160r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = Hex.decode("1053CDE42C14D696E67687561517533BF3F83345");
+            ECCurve curve = configureCurve(new SecP160R1Curve());
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "4A96B5688EF573284664698968C38BB913CBFC82"
+                + "23A628553168947D59DCC912042351377AC5FB32"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * secp160r2
+     *
+    static X9ECParametersHolder secp160r2 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = Hex.decode("B99B99B099B323E02709A4D696E6768756151751");
+            ECCurve curve = configureCurve(new SecP160R2Curve());
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "52DCB034293A117E1F4FF11B30F7199D3144CE6D"
+                + "FEAFFEF2E331F296E071FA0DF9982CFEA7D43F2E"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+    */
+    // END Android-removed: Unsupported curves
+
+    /*
+     * secp192k1
+     */
+    static X9ECParametersHolder secp192k1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = null;
+            GLVTypeBParameters glv = new GLVTypeBParameters(
+                new BigInteger("bb85691939b869c1d087f601554b96b80cb4f55b35f433c2", 16),
+                new BigInteger("3d84f26c12238d7b4f3d516613c1759033b1a5800175d0b1", 16),
+                new BigInteger[]{
+                    new BigInteger("71169be7330b3038edb025f1", 16),
+                    new BigInteger("-b3fb3400dec5c4adceb8655c", 16) },
+                new BigInteger[]{
+                    new BigInteger("12511cfe811d0f4e6bc688b4d", 16),
+                    new BigInteger("71169be7330b3038edb025f1", 16) },
+                new BigInteger("71169be7330b3038edb025f1d0f9", 16),
+                new BigInteger("b3fb3400dec5c4adceb8655d4c94", 16),
+                208);
+            ECCurve curve = configureCurveGLV(new SecP192K1Curve(), glv);
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "DB4FF10EC057E9AE26B07D0280B7F4341DA5D1B1EAE06C7D"
+                + "9B2F2F6D9C5628A7844163D015BE86344082AA88D95E2F9D"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * secp192r1
+     */
+    static X9ECParametersHolder secp192r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = Hex.decode("3045AE6FC8422F64ED579528D38120EAE12196D5");
+            ECCurve curve = configureCurve(new SecP192R1Curve());
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "188DA80EB03090F67CBF20EB43A18800F4FF0AFD82FF1012"
+                + "07192B95FFC8DA78631011ED6B24CDD573F977A11E794811"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * secp224k1
+     */
+    static X9ECParametersHolder secp224k1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = null;
+            GLVTypeBParameters glv = new GLVTypeBParameters(
+                new BigInteger("fe0e87005b4e83761908c5131d552a850b3f58b749c37cf5b84d6768", 16),
+                new BigInteger("60dcd2104c4cbc0be6eeefc2bdd610739ec34e317f9b33046c9e4788", 16),
+                new BigInteger[]{
+                    new BigInteger("6b8cf07d4ca75c88957d9d670591", 16),
+                    new BigInteger("-b8adf1378a6eb73409fa6c9c637d", 16) },
+                new BigInteger[]{
+                    new BigInteger("1243ae1b4d71613bc9f780a03690e", 16),
+                    new BigInteger("6b8cf07d4ca75c88957d9d670591", 16) },
+                new BigInteger("6b8cf07d4ca75c88957d9d67059037a4", 16),
+                new BigInteger("b8adf1378a6eb73409fa6c9c637ba7f5", 16),
+                240);
+            ECCurve curve = configureCurveGLV(new SecP224K1Curve(), glv);
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "A1455B334DF099DF30FC28A169A467E9E47075A90F7E650EB6B7A45C"
+                + "7E089FED7FBA344282CAFBD6F7E319F7C0B0BD59E2CA4BDB556D61A5"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * secp224r1
+     */
+    static X9ECParametersHolder secp224r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = Hex.decode("BD71344799D5C7FCDC45B59FA3B9AB8F6A948BC5");
+            ECCurve curve = configureCurve(new SecP224R1Curve());
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "B70E0CBD6BB4BF7F321390B94A03C1D356C21122343280D6115C1D21"
+                + "BD376388B5F723FB4C22DFE6CD4375A05A07476444D5819985007E34"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * secp256k1
+     */
+    static X9ECParametersHolder secp256k1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = null;
+            GLVTypeBParameters glv = new GLVTypeBParameters(
+                new BigInteger("7ae96a2b657c07106e64479eac3434e99cf0497512f58995c1396c28719501ee", 16),
+                new BigInteger("5363ad4cc05c30e0a5261c028812645a122e22ea20816678df02967c1b23bd72", 16),
+                new BigInteger[]{
+                    new BigInteger("3086d221a7d46bcde86c90e49284eb15", 16),
+                    new BigInteger("-e4437ed6010e88286f547fa90abfe4c3", 16) },
+                new BigInteger[]{
+                    new BigInteger("114ca50f7a8e2f3f657c1108d9d44cfd8", 16),
+                    new BigInteger("3086d221a7d46bcde86c90e49284eb15", 16) },
+                new BigInteger("3086d221a7d46bcde86c90e49284eb153dab", 16),
+                new BigInteger("e4437ed6010e88286f547fa90abfe4c42212", 16),
+                272);
+            ECCurve curve = configureCurveGLV(new SecP256K1Curve(), glv);
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "79BE667EF9DCBBAC55A06295CE870B07029BFCDB2DCE28D959F2815B16F81798"
+                + "483ADA7726A3C4655DA4FBFC0E1108A8FD17B448A68554199C47D08FFB10D4B8"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * secp256r1
+     */
+    static X9ECParametersHolder secp256r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = Hex.decode("C49D360886E704936A6678E1139D26B7819F7E90");
+            ECCurve curve = configureCurve(new SecP256R1Curve());
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "6B17D1F2E12C4247F8BCE6E563A440F277037D812DEB33A0F4A13945D898C296"
+                + "4FE342E2FE1A7F9B8EE7EB4A7C0F9E162BCE33576B315ECECBB6406837BF51F5"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * secp384r1
+     */
+    static X9ECParametersHolder secp384r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = Hex.decode("A335926AA319A27A1D00896A6773A4827ACDAC73");
+            ECCurve curve = configureCurve(new SecP384R1Curve());
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "AA87CA22BE8B05378EB1C71EF320AD746E1D3B628BA79B9859F741E082542A385502F25DBF55296C3A545E3872760AB7"
+                + "3617DE4A96262C6F5D9E98BF9292DC29F8F41DBD289A147CE9DA3113B5F0B8C00A60B1CE1D7E819D7A431D7C90EA0E5F"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * secp521r1
+     */
+    static X9ECParametersHolder secp521r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = Hex.decode("D09E8800291CB85396CC6717393284AAA0DA64BA");
+            ECCurve curve = configureCurve(new SecP521R1Curve());
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "00C6858E06B70404E9CD9E3ECB662395B4429C648139053FB521F828AF606B4D3DBAA14B5E77EFE75928FE1DC127A2FFA8DE3348B3C1856A429BF97E7E31C2E5BD66"
+                + "011839296A789A3BC0045C8A5FB42C7D1BD998F54449579B446817AFBD17273E662C97EE72995EF42640C550B9013FAD0761353C7086A272C24088BE94769FD16650"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    // BEGIN Android-removed: Unsupported curves
+    /*
+    /*
+     * sect113r1
+     *
+    static X9ECParametersHolder sect113r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = Hex.decode("10E723AB14D696E6768756151756FEBF8FCB49A9");
+            ECCurve curve = configureCurve(new SecT113R1Curve());
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "009D73616F35F4AB1407D73562C10F"
+                + "00A52830277958EE84D1315ED31886"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * sect113r2
+     *
+    static X9ECParametersHolder sect113r2 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = Hex.decode("10C0FB15760860DEF1EEF4D696E676875615175D");
+            ECCurve curve = configureCurve(new SecT113R2Curve());
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "01A57A6A7B26CA5EF52FCDB8164797"
+                + "00B3ADC94ED1FE674C06E695BABA1D"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * sect131r1
+     *
+    static X9ECParametersHolder sect131r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = Hex.decode("4D696E676875615175985BD3ADBADA21B43A97E2");
+            ECCurve curve = configureCurve(new SecT131R1Curve());
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "0081BAF91FDF9833C40F9C181343638399"
+                + "078C6E7EA38C001F73C8134B1B4EF9E150"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * sect131r2
+     *
+    static X9ECParametersHolder sect131r2 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = Hex.decode("985BD3ADBAD4D696E676875615175A21B43A97E3");
+            ECCurve curve = configureCurve(new SecT131R2Curve());
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "0356DCD8F2F95031AD652D23951BB366A8"
+                + "0648F06D867940A5366D9E265DE9EB240F"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * sect163k1
+     *
+    static X9ECParametersHolder sect163k1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = null;
+            ECCurve curve = configureCurve(new SecT163K1Curve());
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "02FE13C0537BBC11ACAA07D793DE4E6D5E5C94EEE8"
+                + "0289070FB05D38FF58321F2E800536D538CCDAA3D9"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * sect163r1
+     *
+    static X9ECParametersHolder sect163r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = Hex.decode("24B7B137C8A14D696E6768756151756FD0DA2E5C");
+            ECCurve curve = configureCurve(new SecT163R1Curve());
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "0369979697AB43897789566789567F787A7876A654"
+                + "00435EDB42EFAFB2989D51FEFCE3C80988F41FF883"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * sect163r2
+     *
+    static X9ECParametersHolder sect163r2 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = Hex.decode("85E25BFE5C86226CDB12016F7553F9D0E693A268");
+            ECCurve curve = configureCurve(new SecT163R2Curve());
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "03F0EBA16286A2D57EA0991168D4994637E8343E36"
+                + "00D51FBC6C71A0094FA2CDD545B11C5C0C797324F1"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * sect193r1
+     *
+    static X9ECParametersHolder sect193r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = Hex.decode("103FAEC74D696E676875615175777FC5B191EF30");
+            ECCurve curve = configureCurve(new SecT193R1Curve());
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "01F481BC5F0FF84A74AD6CDF6FDEF4BF6179625372D8C0C5E1"
+                + "0025E399F2903712CCF3EA9E3A1AD17FB0B3201B6AF7CE1B05"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * sect193r2
+     *
+    static X9ECParametersHolder sect193r2 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = Hex.decode("10B7B4D696E676875615175137C8A16FD0DA2211");
+            ECCurve curve = configureCurve(new SecT193R2Curve());
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "00D9B67D192E0367C803F39E1A7E82CA14A651350AAE617E8F"
+                + "01CE94335607C304AC29E7DEFBD9CA01F596F927224CDECF6C"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * sect233k1
+     *
+    static X9ECParametersHolder sect233k1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = null;
+            ECCurve curve = configureCurve(new SecT233K1Curve());
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "017232BA853A7E731AF129F22FF4149563A419C26BF50A4C9D6EEFAD6126"
+                + "01DB537DECE819B7F70F555A67C427A8CD9BF18AEB9B56E0C11056FAE6A3"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * sect233r1
+     *
+    static X9ECParametersHolder sect233r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = Hex.decode("74D59FF07F6B413D0EA14B344B20A2DB049B50C3");
+            ECCurve curve = configureCurve(new SecT233R1Curve());
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "00FAC9DFCBAC8313BB2139F1BB755FEF65BC391F8B36F8F8EB7371FD558B"
+                + "01006A08A41903350678E58528BEBF8A0BEFF867A7CA36716F7E01F81052"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * sect239k1
+     *
+    static X9ECParametersHolder sect239k1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = null;
+            ECCurve curve = configureCurve(new SecT239K1Curve());
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "29A0B6A887A983E9730988A68727A8B2D126C44CC2CC7B2A6555193035DC"
+                + "76310804F12E549BDB011C103089E73510ACB275FC312A5DC6B76553F0CA"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * sect283k1
+     *
+    static X9ECParametersHolder sect283k1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = null;
+            ECCurve curve = configureCurve(new SecT283K1Curve());
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "0503213F78CA44883F1A3B8162F188E553CD265F23C1567A16876913B0C2AC2458492836"
+                + "01CCDA380F1C9E318D90F95D07E5426FE87E45C0E8184698E45962364E34116177DD2259"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * sect283r1
+     *
+    static X9ECParametersHolder sect283r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = Hex.decode("77E2B07370EB0F832A6DD5B62DFC88CD06BB84BE");
+            ECCurve curve = configureCurve(new SecT283R1Curve());
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "05F939258DB7DD90E1934F8C70B0DFEC2EED25B8557EAC9C80E2E198F8CDBECD86B12053"
+                + "03676854FE24141CB98FE6D4B20D02B4516FF702350EDDB0826779C813F0DF45BE8112F4"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * sect409k1
+     *
+    static X9ECParametersHolder sect409k1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = null;
+            ECCurve curve = configureCurve(new SecT409K1Curve());
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "0060F05F658F49C1AD3AB1890F7184210EFD0987E307C84C27ACCFB8F9F67CC2C460189EB5AAAA62EE222EB1B35540CFE9023746"
+                + "01E369050B7C4E42ACBA1DACBF04299C3460782F918EA427E6325165E9EA10E3DA5F6C42E9C55215AA9CA27A5863EC48D8E0286B"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * sect409r1
+     *
+    static X9ECParametersHolder sect409r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = Hex.decode("4099B5A457F9D69F79213D094C4BCD4D4262210B");
+            ECCurve curve = configureCurve(new SecT409R1Curve());
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "015D4860D088DDB3496B0C6064756260441CDE4AF1771D4DB01FFE5B34E59703DC255A868A1180515603AEAB60794E54BB7996A7"
+                + "0061B1CFAB6BE5F32BBFA78324ED106A7636B9C5A7BD198D0158AA4F5488D08F38514F1FDF4B4F40D2181B3681C364BA0273C706"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * sect571k1
+     *
+    static X9ECParametersHolder sect571k1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = null;
+            ECCurve curve = configureCurve(new SecT571K1Curve());
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "026EB7A859923FBC82189631F8103FE4AC9CA2970012D5D46024804801841CA44370958493B205E647DA304DB4CEB08CBBD1BA39494776FB988B47174DCA88C7E2945283A01C8972"
+                + "0349DC807F4FBF374F4AEADE3BCA95314DD58CEC9F307A54FFC61EFC006D8A2C9D4979C0AC44AEA74FBEBBB9F772AEDCB620B01A7BA7AF1B320430C8591984F601CD4C143EF1C7A3"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * sect571r1
+     *
+    static X9ECParametersHolder sect571r1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = Hex.decode("2AA058F73A0E33AB486B0F610410C53A7F132310");
+            ECCurve curve = configureCurve(new SecT571R1Curve());
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "0303001D34B856296C16C0D40D3CD7750A93D1D2955FA80AA5F40FC8DB7B2ABDBDE53950F4C0D293CDD711A35B67FB1499AE60038614F1394ABFA3B4C850D927E1E7769C8EEC2D19"
+                + "037BF27342DA639B6DCCFFFEB73D69D78C6C27A6009CBBCA1980F8533921E8A684423E43BAB08A576291AF8F461BB2A8B3531D2F0485C19B16E2F1516E23DD3C1A4827AF1B8AC15B"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+
+    /*
+     * sm2p256v1
+     *
+    static X9ECParametersHolder sm2p256v1 = new X9ECParametersHolder()
+    {
+        protected X9ECParameters createParameters()
+        {
+            byte[] S = null;
+            ECCurve curve = configureCurve(new SM2P256V1Curve());
+            X9ECPoint G = new X9ECPoint(curve, Hex.decode("04"
+                + "32C4AE2C1F1981195F9904466A39C9948FE30BBFF2660BE1715A4589334C74C7"
+                + "BC3736A2F4F6779C59BDCEE36B692153D0A9877CC62A474002DF32E52139F0A0"));
+            return new X9ECParameters(curve, G, curve.getOrder(), curve.getCofactor(), S);
+        }
+    };
+    */
+    // END Android-removed: Unsupported curves
+
+    static final Hashtable nameToCurve = new Hashtable();
+    static final Hashtable nameToOID = new Hashtable();
+    static final Hashtable oidToCurve = new Hashtable();
+    static final Hashtable oidToName = new Hashtable();
+    static final Vector names = new Vector();
+
+    static void defineCurve(String name, X9ECParametersHolder holder)
+    {
+        names.addElement(name);
+        name = Strings.toLowerCase(name);
+        nameToCurve.put(name, holder);
+    }
+
+    static void defineCurveWithOID(String name, ASN1ObjectIdentifier oid, X9ECParametersHolder holder)
+    {
+        names.addElement(name);
+        oidToName.put(oid, name);
+        oidToCurve.put(oid, holder);
+        name = Strings.toLowerCase(name);
+        nameToOID.put(name, oid);
+        nameToCurve.put(name, holder);
+    }
+
+    static void defineCurveAlias(String name, ASN1ObjectIdentifier oid)
+    {
+        Object curve = oidToCurve.get(oid);
+        if (curve == null)
+        {
+            throw new IllegalStateException();
+        }
+
+        name = Strings.toLowerCase(name);
+        nameToOID.put(name, oid);
+        nameToCurve.put(name, curve);
+    }
+
+    static
+    {
+        // BEGIN Android-removed: Unsupported curves
+        /*
+        defineCurveWithOID("curve25519", CryptlibObjectIdentifiers.curvey25519, curve25519);
+
+//        defineCurveWithOID("secp112r1", SECObjectIdentifiers.secp112r1, secp112r1);
+//        defineCurveWithOID("secp112r2", SECObjectIdentifiers.secp112r2, secp112r2);
+        defineCurveWithOID("secp128r1", SECObjectIdentifiers.secp128r1, secp128r1);
+//        defineCurveWithOID("secp128r2", SECObjectIdentifiers.secp128r2, secp128r2);
+        defineCurveWithOID("secp160k1", SECObjectIdentifiers.secp160k1, secp160k1);
+        defineCurveWithOID("secp160r1", SECObjectIdentifiers.secp160r1, secp160r1);
+        defineCurveWithOID("secp160r2", SECObjectIdentifiers.secp160r2, secp160r2);
+        */
+        // END Android-removed: Unsupported curves
+        defineCurveWithOID("secp192k1", SECObjectIdentifiers.secp192k1, secp192k1);
+        defineCurveWithOID("secp192r1", SECObjectIdentifiers.secp192r1, secp192r1);
+        defineCurveWithOID("secp224k1", SECObjectIdentifiers.secp224k1, secp224k1);
+        defineCurveWithOID("secp224r1", SECObjectIdentifiers.secp224r1, secp224r1);
+        defineCurveWithOID("secp256k1", SECObjectIdentifiers.secp256k1, secp256k1);
+        defineCurveWithOID("secp256r1", SECObjectIdentifiers.secp256r1, secp256r1);
+        defineCurveWithOID("secp384r1", SECObjectIdentifiers.secp384r1, secp384r1);
+        defineCurveWithOID("secp521r1", SECObjectIdentifiers.secp521r1, secp521r1);
+
+        // BEGIN Android-removed: Unsupported curves
+        /*
+        defineCurveWithOID("sect113r1", SECObjectIdentifiers.sect113r1, sect113r1);
+        defineCurveWithOID("sect113r2", SECObjectIdentifiers.sect113r2, sect113r2);
+        defineCurveWithOID("sect131r1", SECObjectIdentifiers.sect131r1, sect131r1);
+        defineCurveWithOID("sect131r2", SECObjectIdentifiers.sect131r2, sect131r2);
+        defineCurveWithOID("sect163k1", SECObjectIdentifiers.sect163k1, sect163k1);
+        defineCurveWithOID("sect163r1", SECObjectIdentifiers.sect163r1, sect163r1);
+        defineCurveWithOID("sect163r2", SECObjectIdentifiers.sect163r2, sect163r2);
+        defineCurveWithOID("sect193r1", SECObjectIdentifiers.sect193r1, sect193r1);
+        defineCurveWithOID("sect193r2", SECObjectIdentifiers.sect193r2, sect193r2);
+        defineCurveWithOID("sect233k1", SECObjectIdentifiers.sect233k1, sect233k1);
+        defineCurveWithOID("sect233r1", SECObjectIdentifiers.sect233r1, sect233r1);
+        defineCurveWithOID("sect239k1", SECObjectIdentifiers.sect239k1, sect239k1);
+        defineCurveWithOID("sect283k1", SECObjectIdentifiers.sect283k1, sect283k1);
+        defineCurveWithOID("sect283r1", SECObjectIdentifiers.sect283r1, sect283r1);
+        defineCurveWithOID("sect409k1", SECObjectIdentifiers.sect409k1, sect409k1);
+        defineCurveWithOID("sect409r1", SECObjectIdentifiers.sect409r1, sect409r1);
+        defineCurveWithOID("sect571k1", SECObjectIdentifiers.sect571k1, sect571k1);
+        defineCurveWithOID("sect571r1", SECObjectIdentifiers.sect571r1, sect571r1);
+
+        defineCurveWithOID("sm2p256v1", GMObjectIdentifiers.sm2p256v1, sm2p256v1);
+
+        defineCurveAlias("B-163", SECObjectIdentifiers.sect163r2);
+        defineCurveAlias("B-233", SECObjectIdentifiers.sect233r1);
+        defineCurveAlias("B-283", SECObjectIdentifiers.sect283r1);
+        defineCurveAlias("B-409", SECObjectIdentifiers.sect409r1);
+        defineCurveAlias("B-571", SECObjectIdentifiers.sect571r1);
+
+        defineCurveAlias("K-163", SECObjectIdentifiers.sect163k1);
+        defineCurveAlias("K-233", SECObjectIdentifiers.sect233k1);
+        defineCurveAlias("K-283", SECObjectIdentifiers.sect283k1);
+        defineCurveAlias("K-409", SECObjectIdentifiers.sect409k1);
+        defineCurveAlias("K-571", SECObjectIdentifiers.sect571k1);
+        */
+        // END Android-removed: Unsupported curves
+
+        defineCurveAlias("P-192", SECObjectIdentifiers.secp192r1);
+        defineCurveAlias("P-224", SECObjectIdentifiers.secp224r1);
+        defineCurveAlias("P-256", SECObjectIdentifiers.secp256r1);
+        defineCurveAlias("P-384", SECObjectIdentifiers.secp384r1);
+        defineCurveAlias("P-521", SECObjectIdentifiers.secp521r1);
+    }
+
+    public static X9ECParameters getByName(String name)
+    {
+        X9ECParametersHolder holder = (X9ECParametersHolder)nameToCurve.get(Strings.toLowerCase(name));
+        return holder == null ? null : holder.getParameters();
+    }
+
+    /**
+     * return the X9ECParameters object for the named curve represented by the passed in object
+     * identifier. Null if the curve isn't present.
+     * 
+     * @param oid
+     *            an object identifier representing a named curve, if present.
+     */
+    public static X9ECParameters getByOID(ASN1ObjectIdentifier oid)
+    {
+        X9ECParametersHolder holder = (X9ECParametersHolder)oidToCurve.get(oid);
+        return holder == null ? null : holder.getParameters();
+    }
+
+    /**
+     * return the object identifier signified by the passed in name. Null if there is no object
+     * identifier associated with name.
+     * 
+     * @return the object identifier associated with name, if present.
+     */
+    public static ASN1ObjectIdentifier getOID(String name)
+    {
+        return (ASN1ObjectIdentifier)nameToOID.get(Strings.toLowerCase(name));
+    }
+
+    /**
+     * return the named curve name represented by the given object identifier.
+     */
+    public static String getName(ASN1ObjectIdentifier oid)
+    {
+        return (String)oidToName.get(oid);
+    }
+
+    /**
+     * returns an enumeration containing the name strings for curves contained in this structure.
+     */
+    public static Enumeration getNames()
+    {
+        return names.elements();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/encodings/OAEPEncoding.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/encodings/OAEPEncoding.java
new file mode 100644
index 0000000..7bfcf44
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/encodings/OAEPEncoding.java

@@ -0,0 +1,365 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.encodings;
+
+import java.security.SecureRandom;
+
+import com.android.org.bouncycastle.crypto.AsymmetricBlockCipher;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.CryptoServicesRegistrar;
+import com.android.org.bouncycastle.crypto.DataLengthException;
+import com.android.org.bouncycastle.crypto.Digest;
+import com.android.org.bouncycastle.crypto.InvalidCipherTextException;
+import com.android.org.bouncycastle.crypto.params.ParametersWithRandom;
+// Android-changed: Use Android digests
+// import org.bouncycastle.crypto.util.DigestFactory;
+import com.android.org.bouncycastle.crypto.digests.AndroidDigestFactory;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * Optimal Asymmetric Encryption Padding (OAEP) - see PKCS 1 V 2.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class OAEPEncoding
+    implements AsymmetricBlockCipher
+{
+    private byte[]                  defHash;
+    private Digest                  mgf1Hash;
+
+    private AsymmetricBlockCipher   engine;
+    private SecureRandom            random;
+    private boolean                 forEncryption;
+
+    public OAEPEncoding(
+        AsymmetricBlockCipher   cipher)
+    {
+        // Android-changed: Use Android digests
+        // this(cipher, DigestFactory.createSHA1(), null);
+        this(cipher, AndroidDigestFactory.getSHA1(), null);
+    }
+    
+    public OAEPEncoding(
+        AsymmetricBlockCipher       cipher,
+        Digest                      hash)
+    {
+        this(cipher, hash, null);
+    }
+    
+    public OAEPEncoding(
+        AsymmetricBlockCipher       cipher,
+        Digest                      hash,
+        byte[]                      encodingParams)
+    {
+        this(cipher, hash, hash, encodingParams);
+    }
+
+    public OAEPEncoding(
+        AsymmetricBlockCipher       cipher,
+        Digest                      hash,
+        Digest                      mgf1Hash,
+        byte[]                      encodingParams)
+    {
+        this.engine = cipher;
+        this.mgf1Hash = mgf1Hash;
+        this.defHash = new byte[hash.getDigestSize()];
+
+        hash.reset();
+
+        if (encodingParams != null)
+        {
+            hash.update(encodingParams, 0, encodingParams.length);
+        }
+
+        hash.doFinal(defHash, 0);
+    }
+
+    public AsymmetricBlockCipher getUnderlyingCipher()
+    {
+        return engine;
+    }
+
+    public void init(
+        boolean             forEncryption,
+        CipherParameters    param)
+    {
+        if (param instanceof ParametersWithRandom)
+        {
+            ParametersWithRandom  rParam = (ParametersWithRandom)param;
+
+            this.random = rParam.getRandom();
+        }
+        else
+        {   
+            this.random = CryptoServicesRegistrar.getSecureRandom();
+        }
+
+        engine.init(forEncryption, param);
+
+        this.forEncryption = forEncryption;
+    }
+
+    public int getInputBlockSize()
+    {
+        int     baseBlockSize = engine.getInputBlockSize();
+
+        if (forEncryption)
+        {
+            return baseBlockSize - 1 - 2 * defHash.length;
+        }
+        else
+        {
+            return baseBlockSize;
+        }
+    }
+
+    public int getOutputBlockSize()
+    {
+        int     baseBlockSize = engine.getOutputBlockSize();
+
+        if (forEncryption)
+        {
+            return baseBlockSize;
+        }
+        else
+        {
+            return baseBlockSize - 1 - 2 * defHash.length;
+        }
+    }
+
+    public byte[] processBlock(
+        byte[]  in,
+        int     inOff,
+        int     inLen)
+        throws InvalidCipherTextException
+    {
+        if (forEncryption)
+        {
+            return encodeBlock(in, inOff, inLen);
+        }
+        else
+        {
+            return decodeBlock(in, inOff, inLen);
+        }
+    }
+
+    public byte[] encodeBlock(
+        byte[]  in,
+        int     inOff,
+        int     inLen)
+        throws InvalidCipherTextException
+    {
+        if (inLen > getInputBlockSize())
+        {
+            throw new DataLengthException("input data too long");
+        }
+
+        byte[]  block = new byte[getInputBlockSize() + 1 + 2 * defHash.length];
+
+        //
+        // copy in the message
+        //
+        System.arraycopy(in, inOff, block, block.length - inLen, inLen);
+
+        //
+        // add sentinel
+        //
+        block[block.length - inLen - 1] = 0x01;
+
+        //
+        // as the block is already zeroed - there's no need to add PS (the >= 0 pad of 0)
+        //
+
+        //
+        // add the hash of the encoding params.
+        //
+        System.arraycopy(defHash, 0, block, defHash.length, defHash.length);
+
+        //
+        // generate the seed.
+        //
+        byte[]  seed = new byte[defHash.length];
+
+        random.nextBytes(seed);
+
+        //
+        // mask the message block.
+        //
+        byte[]  mask = maskGeneratorFunction1(seed, 0, seed.length, block.length - defHash.length);
+
+        for (int i = defHash.length; i != block.length; i++)
+        {
+            block[i] ^= mask[i - defHash.length];
+        }
+
+        //
+        // add in the seed
+        //
+        System.arraycopy(seed, 0, block, 0, defHash.length);
+
+        //
+        // mask the seed.
+        //
+        mask = maskGeneratorFunction1(
+                        block, defHash.length, block.length - defHash.length, defHash.length);
+
+        for (int i = 0; i != defHash.length; i++)
+        {
+            block[i] ^= mask[i];
+        }
+
+        return engine.processBlock(block, 0, block.length);
+    }
+
+    /**
+     * @exception InvalidCipherTextException if the decrypted block turns out to
+     * be badly formatted.
+     */
+    public byte[] decodeBlock(
+        byte[]  in,
+        int     inOff,
+        int     inLen)
+        throws InvalidCipherTextException
+    {
+        byte[]  data = engine.processBlock(in, inOff, inLen);
+        byte[]  block = new byte[engine.getOutputBlockSize()];
+
+        //
+        // as we may have zeros in our leading bytes for the block we produced
+        // on encryption, we need to make sure our decrypted block comes back
+        // the same size.
+        //
+        boolean wrongData = (block.length < (2 * defHash.length) + 1);
+
+        if (data.length <= block.length)
+        {
+            System.arraycopy(data, 0, block, block.length - data.length, data.length);
+        }
+        else
+        {
+            System.arraycopy(data, 0, block, 0, block.length);
+            wrongData = true;
+        }
+
+        //
+        // unmask the seed.
+        //
+        byte[] mask = maskGeneratorFunction1(
+                    block, defHash.length, block.length - defHash.length, defHash.length);
+
+        for (int i = 0; i != defHash.length; i++)
+        {
+            block[i] ^= mask[i];
+        }
+
+        //
+        // unmask the message block.
+        //
+        mask = maskGeneratorFunction1(block, 0, defHash.length, block.length - defHash.length);
+
+        for (int i = defHash.length; i != block.length; i++)
+        {
+            block[i] ^= mask[i - defHash.length];
+        }
+
+        //
+        // check the hash of the encoding params.
+        // long check to try to avoid this been a source of a timing attack.
+        //
+        boolean defHashWrong = false;
+
+        for (int i = 0; i != defHash.length; i++)
+        {
+            if (defHash[i] != block[defHash.length + i])
+            {
+                defHashWrong = true;
+            }
+        }
+
+        //
+        // find the data block
+        //
+        int start = block.length;
+
+        for (int index = 2 * defHash.length; index != block.length; index++)
+        {
+            if (block[index] != 0 & start == block.length)
+            {
+                start = index;
+            }
+        }
+
+        boolean dataStartWrong = (start > (block.length - 1) | block[start] != 1);
+
+        start++;
+
+        if (defHashWrong | wrongData | dataStartWrong)
+        {
+            Arrays.fill(block, (byte)0);
+            throw new InvalidCipherTextException("data wrong");
+        }
+
+        //
+        // extract the data block
+        //
+        byte[]  output = new byte[block.length - start];
+
+        System.arraycopy(block, start, output, 0, output.length);
+
+        return output;
+    }
+
+    /**
+     * int to octet string.
+     */
+    private void ItoOSP(
+        int     i,
+        byte[]  sp)
+    {
+        sp[0] = (byte)(i >>> 24);
+        sp[1] = (byte)(i >>> 16);
+        sp[2] = (byte)(i >>> 8);
+        sp[3] = (byte)(i >>> 0);
+    }
+
+    /**
+     * mask generator function, as described in PKCS1v2.
+     */
+    private byte[] maskGeneratorFunction1(
+        byte[]  Z,
+        int     zOff,
+        int     zLen,
+        int     length)
+    {
+        byte[]  mask = new byte[length];
+        byte[]  hashBuf = new byte[mgf1Hash.getDigestSize()];
+        byte[]  C = new byte[4];
+        int     counter = 0;
+
+        mgf1Hash.reset();
+
+        while (counter < (length / hashBuf.length))
+        {
+            ItoOSP(counter, C);
+
+            mgf1Hash.update(Z, zOff, zLen);
+            mgf1Hash.update(C, 0, C.length);
+            mgf1Hash.doFinal(hashBuf, 0);
+
+            System.arraycopy(hashBuf, 0, mask, counter * hashBuf.length, hashBuf.length);
+
+            counter++;
+        }
+
+        if ((counter * hashBuf.length) < length)
+        {
+            ItoOSP(counter, C);
+
+            mgf1Hash.update(Z, zOff, zLen);
+            mgf1Hash.update(C, 0, C.length);
+            mgf1Hash.doFinal(hashBuf, 0);
+
+            System.arraycopy(hashBuf, 0, mask, counter * hashBuf.length, mask.length - (counter * hashBuf.length));
+        }
+
+        return mask;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/encodings/PKCS1Encoding.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/encodings/PKCS1Encoding.java
new file mode 100644
index 0000000..4401740
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/encodings/PKCS1Encoding.java

@@ -0,0 +1,448 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.encodings;
+
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.security.SecureRandom;
+
+import com.android.org.bouncycastle.crypto.AsymmetricBlockCipher;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.CryptoServicesRegistrar;
+import com.android.org.bouncycastle.crypto.InvalidCipherTextException;
+import com.android.org.bouncycastle.crypto.params.AsymmetricKeyParameter;
+import com.android.org.bouncycastle.crypto.params.ParametersWithRandom;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * this does your basic PKCS 1 v1.5 padding - whether or not you should be using this
+ * depends on your application - see PKCS1 Version 2 for details.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PKCS1Encoding
+    implements AsymmetricBlockCipher
+{
+    /**
+     * @deprecated use NOT_STRICT_LENGTH_ENABLED_PROPERTY
+     */
+    public static final String STRICT_LENGTH_ENABLED_PROPERTY = "com.android.org.bouncycastle.pkcs1.strict";
+
+    /**
+     * some providers fail to include the leading zero in PKCS1 encoded blocks. If you need to
+     * work with one of these set the system property org.bouncycastle.pkcs1.not_strict to true.
+     * <p>
+     * The system property is checked during construction of the encoding object, it is set to
+     * false by default.
+     * </p>
+     */
+    public static final String NOT_STRICT_LENGTH_ENABLED_PROPERTY = "com.android.org.bouncycastle.pkcs1.not_strict";
+
+    private static final int HEADER_LENGTH = 10;
+
+    private SecureRandom random;
+    private AsymmetricBlockCipher engine;
+    private boolean forEncryption;
+    private boolean forPrivateKey;
+    private boolean useStrictLength;
+    private int pLen = -1;
+    private byte[] fallback = null;
+    private byte[] blockBuffer;
+
+    /**
+     * Basic constructor.
+     *
+     * @param cipher
+     */
+    public PKCS1Encoding(
+        AsymmetricBlockCipher cipher)
+    {
+        this.engine = cipher;
+        this.useStrictLength = useStrict();
+    }
+
+    /**
+     * Constructor for decryption with a fixed plaintext length.
+     *
+     * @param cipher The cipher to use for cryptographic operation.
+     * @param pLen   Length of the expected plaintext.
+     */
+    public PKCS1Encoding(
+        AsymmetricBlockCipher cipher,
+        int pLen)
+    {
+        this.engine = cipher;
+        this.useStrictLength = useStrict();
+        this.pLen = pLen;
+    }
+
+    /**
+     * Constructor for decryption with a fixed plaintext length and a fallback
+     * value that is returned, if the padding is incorrect.
+     *
+     * @param cipher   The cipher to use for cryptographic operation.
+     * @param fallback The fallback value, we don't do an arraycopy here.
+     */
+    public PKCS1Encoding(
+        AsymmetricBlockCipher cipher,
+        byte[] fallback)
+    {
+        this.engine = cipher;
+        this.useStrictLength = useStrict();
+        this.fallback = fallback;
+        this.pLen = fallback.length;
+    }
+
+
+    //
+    // for J2ME compatibility
+    //
+    private boolean useStrict()
+    {
+        // required if security manager has been installed.
+        String strict = (String)AccessController.doPrivileged(new PrivilegedAction()
+        {
+            public Object run()
+            {
+                return System.getProperty(STRICT_LENGTH_ENABLED_PROPERTY);
+            }
+        });
+        String notStrict = (String)AccessController.doPrivileged(new PrivilegedAction()
+        {
+            public Object run()
+            {
+                return System.getProperty(NOT_STRICT_LENGTH_ENABLED_PROPERTY);
+            }
+        });
+
+        if (notStrict != null)
+        {
+            return !notStrict.equals("true");
+        }
+
+        return strict == null || strict.equals("true");
+    }
+
+    public AsymmetricBlockCipher getUnderlyingCipher()
+    {
+        return engine;
+    }
+
+    public void init(
+        boolean forEncryption,
+        CipherParameters param)
+    {
+        AsymmetricKeyParameter kParam;
+
+        if (param instanceof ParametersWithRandom)
+        {
+            ParametersWithRandom rParam = (ParametersWithRandom)param;
+
+            this.random = rParam.getRandom();
+            kParam = (AsymmetricKeyParameter)rParam.getParameters();
+        }
+        else
+        {
+            kParam = (AsymmetricKeyParameter)param;
+            if (!kParam.isPrivate() && forEncryption)
+            {
+                this.random = CryptoServicesRegistrar.getSecureRandom();
+            }
+        }
+
+        engine.init(forEncryption, param);
+
+        this.forPrivateKey = kParam.isPrivate();
+        this.forEncryption = forEncryption;
+        this.blockBuffer = new byte[engine.getOutputBlockSize()];
+
+        if (pLen > 0 && fallback == null && random == null)
+        {
+           throw new IllegalArgumentException("encoder requires random");
+        }
+    }
+
+    public int getInputBlockSize()
+    {
+        int baseBlockSize = engine.getInputBlockSize();
+
+        if (forEncryption)
+        {
+            return baseBlockSize - HEADER_LENGTH;
+        }
+        else
+        {
+            return baseBlockSize;
+        }
+    }
+
+    public int getOutputBlockSize()
+    {
+        int baseBlockSize = engine.getOutputBlockSize();
+
+        if (forEncryption)
+        {
+            return baseBlockSize;
+        }
+        else
+        {
+            return baseBlockSize - HEADER_LENGTH;
+        }
+    }
+
+    public byte[] processBlock(
+        byte[] in,
+        int inOff,
+        int inLen)
+        throws InvalidCipherTextException
+    {
+        if (forEncryption)
+        {
+            return encodeBlock(in, inOff, inLen);
+        }
+        else
+        {
+            return decodeBlock(in, inOff, inLen);
+        }
+    }
+
+    private byte[] encodeBlock(
+        byte[] in,
+        int inOff,
+        int inLen)
+        throws InvalidCipherTextException
+    {
+        if (inLen > getInputBlockSize())
+        {
+            throw new IllegalArgumentException("input data too large");
+        }
+
+        byte[] block = new byte[engine.getInputBlockSize()];
+
+        if (forPrivateKey)
+        {
+            block[0] = 0x01;                        // type code 1
+
+            for (int i = 1; i != block.length - inLen - 1; i++)
+            {
+                block[i] = (byte)0xFF;
+            }
+        }
+        else
+        {
+            random.nextBytes(block);                // random fill
+
+            block[0] = 0x02;                        // type code 2
+
+            //
+            // a zero byte marks the end of the padding, so all
+            // the pad bytes must be non-zero.
+            //
+            for (int i = 1; i != block.length - inLen - 1; i++)
+            {
+                while (block[i] == 0)
+                {
+                    block[i] = (byte)random.nextInt();
+                }
+            }
+        }
+
+        block[block.length - inLen - 1] = 0x00;       // mark the end of the padding
+        System.arraycopy(in, inOff, block, block.length - inLen, inLen);
+
+        return engine.processBlock(block, 0, block.length);
+    }
+
+    /**
+     * Checks if the argument is a correctly PKCS#1.5 encoded Plaintext
+     * for encryption.
+     *
+     * @param encoded The Plaintext.
+     * @param pLen    Expected length of the plaintext.
+     * @return Either 0, if the encoding is correct, or -1, if it is incorrect.
+     */
+    private static int checkPkcs1Encoding(byte[] encoded, int pLen)
+    {
+        int correct = 0;
+        /*
+		 * Check if the first two bytes are 0 2
+		 */
+        correct |= (encoded[0] ^ 2);
+
+		/*
+		 * Now the padding check, check for no 0 byte in the padding
+		 */
+        int plen = encoded.length - (
+            pLen /* Lenght of the PMS */
+                + 1 /* Final 0-byte before PMS */
+        );
+
+        for (int i = 1; i < plen; i++)
+        {
+            int tmp = encoded[i];
+            tmp |= tmp >> 1;
+            tmp |= tmp >> 2;
+            tmp |= tmp >> 4;
+            correct |= (tmp & 1) - 1;
+        }
+
+		/*
+		 * Make sure the padding ends with a 0 byte.
+		 */
+        correct |= encoded[encoded.length - (pLen + 1)];
+
+		/*
+		 * Return 0 or 1, depending on the result.
+		 */
+        correct |= correct >> 1;
+        correct |= correct >> 2;
+        correct |= correct >> 4;
+        return ~((correct & 1) - 1);
+    }
+
+
+    /**
+     * Decode PKCS#1.5 encoding, and return a random value if the padding is not correct.
+     *
+     * @param in    The encrypted block.
+     * @param inOff Offset in the encrypted block.
+     * @param inLen Length of the encrypted block.
+     *              //@param pLen Length of the desired output.
+     * @return The plaintext without padding, or a random value if the padding was incorrect.
+     * @throws InvalidCipherTextException
+     */
+    private byte[] decodeBlockOrRandom(byte[] in, int inOff, int inLen)
+        throws InvalidCipherTextException
+    {
+        if (!forPrivateKey)
+        {
+            throw new InvalidCipherTextException("sorry, this method is only for decryption, not for signing");
+        }
+
+        byte[] block = engine.processBlock(in, inOff, inLen);
+        byte[] random;
+        if (this.fallback == null)
+        {
+            random = new byte[this.pLen];
+            this.random.nextBytes(random);
+        }
+        else
+        {
+            random = fallback;
+        }
+
+        byte[] data = (useStrictLength & (block.length != engine.getOutputBlockSize())) ? blockBuffer : block;
+
+		/*
+		 * Check the padding.
+		 */
+        int correct = PKCS1Encoding.checkPkcs1Encoding(data, this.pLen);
+		
+		/*
+		 * Now, to a constant time constant memory copy of the decrypted value
+		 * or the random value, depending on the validity of the padding.
+		 */
+        byte[] result = new byte[this.pLen];
+        for (int i = 0; i < this.pLen; i++)
+        {
+            result[i] = (byte)((data[i + (data.length - pLen)] & (~correct)) | (random[i] & correct));
+        }
+
+        Arrays.fill(data, (byte)0);
+
+        return result;
+    }
+
+    /**
+     * @throws InvalidCipherTextException if the decrypted block is not in PKCS1 format.
+     */
+    private byte[] decodeBlock(
+        byte[] in,
+        int inOff,
+        int inLen)
+        throws InvalidCipherTextException
+    {
+        /*
+         * If the length of the expected plaintext is known, we use a constant-time decryption.
+         * If the decryption fails, we return a random value.
+         */
+        if (this.pLen != -1)
+        {
+            return this.decodeBlockOrRandom(in, inOff, inLen);
+        }
+
+        byte[] block = engine.processBlock(in, inOff, inLen);
+        boolean incorrectLength = (useStrictLength & (block.length != engine.getOutputBlockSize()));
+
+        byte[] data;
+        if (block.length < getOutputBlockSize())
+        {
+            data = blockBuffer;
+        }
+        else
+        {
+            data = block;
+        }
+
+        byte type = data[0];
+
+        boolean badType;
+        if (forPrivateKey)
+        {
+            badType = (type != 2);
+        }
+        else
+        {
+            badType = (type != 1);
+        }
+
+        //
+        // find and extract the message block.
+        //
+        int start = findStart(type, data);
+
+        start++;           // data should start at the next byte
+
+        if (badType | start < HEADER_LENGTH)
+        {
+            Arrays.fill(data, (byte)0);
+            throw new InvalidCipherTextException("block incorrect");
+        }
+
+        // if we get this far, it's likely to be a genuine encoding error
+        if (incorrectLength)
+        {
+            Arrays.fill(data, (byte)0);
+            throw new InvalidCipherTextException("block incorrect size");
+        }
+
+        byte[] result = new byte[data.length - start];
+
+        System.arraycopy(data, start, result, 0, result.length);
+
+        return result;
+    }
+
+    private int findStart(byte type, byte[] block)
+        throws InvalidCipherTextException
+    {
+        int start = -1;
+        boolean padErr = false;
+
+        for (int i = 1; i != block.length; i++)
+        {
+            byte pad = block[i];
+
+            if (pad == 0 & start < 0)
+            {
+                start = i;
+            }
+            padErr |= (type == 1 & start < 0 & pad != (byte)0xff);
+        }
+
+        if (padErr)
+        {
+            return -1;
+        }
+
+        return start;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/AESEngine.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/AESEngine.java
new file mode 100644
index 0000000..77186ef
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/AESEngine.java

@@ -0,0 +1,631 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.engines;
+
+import com.android.org.bouncycastle.crypto.BlockCipher;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.DataLengthException;
+import com.android.org.bouncycastle.crypto.OutputLengthException;
+import com.android.org.bouncycastle.crypto.params.KeyParameter;
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Pack;
+
+/**
+ * an implementation of the AES (Rijndael), from FIPS-197.
+ * <p>
+ * For further details see: <a href="http://csrc.nist.gov/encryption/aes/">http://csrc.nist.gov/encryption/aes/</a>.
+ *
+ * This implementation is based on optimizations from Dr. Brian Gladman's paper and C code at
+ * <a href="http://fp.gladman.plus.com/cryptography_technology/rijndael/">http://fp.gladman.plus.com/cryptography_technology/rijndael/</a>
+ *
+ * There are three levels of tradeoff of speed vs memory
+ * Because java has no preprocessor, they are written as three separate classes from which to choose
+ *
+ * The fastest uses 8Kbytes of static tables to precompute round calculations, 4 256 word tables for encryption
+ * and 4 for decryption.
+ *
+ * The middle performance version uses only one 256 word table for each, for a total of 2Kbytes,
+ * adding 12 rotate operations per round to compute the values contained in the other tables from
+ * the contents of the first.
+ *
+ * The slowest version uses no static tables at all and computes the values in each round.
+ * <p>
+ * This file contains the middle performance version with 2Kbytes of static tables for round precomputation.
+ * @hide This class is not part of the Android public SDK API
+ *
+ */
+public class AESEngine
+    implements BlockCipher
+{
+    // The S box
+    private static final byte[] S = {
+        (byte)99, (byte)124, (byte)119, (byte)123, (byte)242, (byte)107, (byte)111, (byte)197,
+        (byte)48,   (byte)1, (byte)103,  (byte)43, (byte)254, (byte)215, (byte)171, (byte)118,
+        (byte)202, (byte)130, (byte)201, (byte)125, (byte)250,  (byte)89,  (byte)71, (byte)240,
+        (byte)173, (byte)212, (byte)162, (byte)175, (byte)156, (byte)164, (byte)114, (byte)192,
+        (byte)183, (byte)253, (byte)147,  (byte)38,  (byte)54,  (byte)63, (byte)247, (byte)204,
+        (byte)52, (byte)165, (byte)229, (byte)241, (byte)113, (byte)216,  (byte)49,  (byte)21,
+        (byte)4, (byte)199,  (byte)35, (byte)195,  (byte)24, (byte)150,   (byte)5, (byte)154,
+        (byte)7,  (byte)18, (byte)128, (byte)226, (byte)235,  (byte)39, (byte)178, (byte)117,
+        (byte)9, (byte)131,  (byte)44,  (byte)26,  (byte)27, (byte)110,  (byte)90, (byte)160,
+        (byte)82,  (byte)59, (byte)214, (byte)179,  (byte)41, (byte)227,  (byte)47, (byte)132,
+        (byte)83, (byte)209,   (byte)0, (byte)237,  (byte)32, (byte)252, (byte)177,  (byte)91,
+        (byte)106, (byte)203, (byte)190,  (byte)57,  (byte)74,  (byte)76,  (byte)88, (byte)207,
+        (byte)208, (byte)239, (byte)170, (byte)251,  (byte)67,  (byte)77,  (byte)51, (byte)133,
+        (byte)69, (byte)249,   (byte)2, (byte)127,  (byte)80,  (byte)60, (byte)159, (byte)168,
+        (byte)81, (byte)163,  (byte)64, (byte)143, (byte)146, (byte)157,  (byte)56, (byte)245,
+        (byte)188, (byte)182, (byte)218,  (byte)33,  (byte)16, (byte)255, (byte)243, (byte)210,
+        (byte)205,  (byte)12,  (byte)19, (byte)236,  (byte)95, (byte)151,  (byte)68,  (byte)23,
+        (byte)196, (byte)167, (byte)126,  (byte)61, (byte)100,  (byte)93,  (byte)25, (byte)115,
+        (byte)96, (byte)129,  (byte)79, (byte)220,  (byte)34,  (byte)42, (byte)144, (byte)136,
+        (byte)70, (byte)238, (byte)184,  (byte)20, (byte)222,  (byte)94,  (byte)11, (byte)219,
+        (byte)224,  (byte)50,  (byte)58,  (byte)10,  (byte)73,   (byte)6,  (byte)36,  (byte)92,
+        (byte)194, (byte)211, (byte)172,  (byte)98, (byte)145, (byte)149, (byte)228, (byte)121,
+        (byte)231, (byte)200,  (byte)55, (byte)109, (byte)141, (byte)213,  (byte)78, (byte)169,
+        (byte)108,  (byte)86, (byte)244, (byte)234, (byte)101, (byte)122, (byte)174,   (byte)8,
+        (byte)186, (byte)120,  (byte)37,  (byte)46,  (byte)28, (byte)166, (byte)180, (byte)198,
+        (byte)232, (byte)221, (byte)116,  (byte)31,  (byte)75, (byte)189, (byte)139, (byte)138,
+        (byte)112,  (byte)62, (byte)181, (byte)102,  (byte)72,   (byte)3, (byte)246,  (byte)14,
+        (byte)97,  (byte)53,  (byte)87, (byte)185, (byte)134, (byte)193,  (byte)29, (byte)158,
+        (byte)225, (byte)248, (byte)152,  (byte)17, (byte)105, (byte)217, (byte)142, (byte)148,
+        (byte)155,  (byte)30, (byte)135, (byte)233, (byte)206,  (byte)85,  (byte)40, (byte)223,
+        (byte)140, (byte)161, (byte)137,  (byte)13, (byte)191, (byte)230,  (byte)66, (byte)104,
+        (byte)65, (byte)153,  (byte)45,  (byte)15, (byte)176,  (byte)84, (byte)187,  (byte)22,
+    };
+
+    // The inverse S-box
+    private static final byte[] Si = {
+        (byte)82,   (byte)9, (byte)106, (byte)213,  (byte)48,  (byte)54, (byte)165,  (byte)56,
+        (byte)191,  (byte)64, (byte)163, (byte)158, (byte)129, (byte)243, (byte)215, (byte)251,
+        (byte)124, (byte)227,  (byte)57, (byte)130, (byte)155,  (byte)47, (byte)255, (byte)135,
+        (byte)52, (byte)142,  (byte)67,  (byte)68, (byte)196, (byte)222, (byte)233, (byte)203,
+        (byte)84, (byte)123, (byte)148,  (byte)50, (byte)166, (byte)194,  (byte)35,  (byte)61,
+        (byte)238,  (byte)76, (byte)149,  (byte)11,  (byte)66, (byte)250, (byte)195,  (byte)78,
+        (byte)8,  (byte)46, (byte)161, (byte)102,  (byte)40, (byte)217,  (byte)36, (byte)178,
+        (byte)118,  (byte)91, (byte)162,  (byte)73, (byte)109, (byte)139, (byte)209,  (byte)37,
+        (byte)114, (byte)248, (byte)246, (byte)100, (byte)134, (byte)104, (byte)152,  (byte)22,
+        (byte)212, (byte)164,  (byte)92, (byte)204,  (byte)93, (byte)101, (byte)182, (byte)146,
+        (byte)108, (byte)112,  (byte)72,  (byte)80, (byte)253, (byte)237, (byte)185, (byte)218,
+        (byte)94,  (byte)21,  (byte)70,  (byte)87, (byte)167, (byte)141, (byte)157, (byte)132,
+        (byte)144, (byte)216, (byte)171,   (byte)0, (byte)140, (byte)188, (byte)211,  (byte)10,
+        (byte)247, (byte)228,  (byte)88,   (byte)5, (byte)184, (byte)179,  (byte)69,   (byte)6,
+        (byte)208,  (byte)44,  (byte)30, (byte)143, (byte)202,  (byte)63,  (byte)15,   (byte)2,
+        (byte)193, (byte)175, (byte)189,   (byte)3,   (byte)1,  (byte)19, (byte)138, (byte)107,
+        (byte)58, (byte)145,  (byte)17,  (byte)65,  (byte)79, (byte)103, (byte)220, (byte)234,
+        (byte)151, (byte)242, (byte)207, (byte)206, (byte)240, (byte)180, (byte)230, (byte)115,
+        (byte)150, (byte)172, (byte)116,  (byte)34, (byte)231, (byte)173,  (byte)53, (byte)133,
+        (byte)226, (byte)249,  (byte)55, (byte)232,  (byte)28, (byte)117, (byte)223, (byte)110,
+        (byte)71, (byte)241,  (byte)26, (byte)113,  (byte)29,  (byte)41, (byte)197, (byte)137,
+        (byte)111, (byte)183,  (byte)98,  (byte)14, (byte)170,  (byte)24, (byte)190,  (byte)27,
+        (byte)252,  (byte)86,  (byte)62,  (byte)75, (byte)198, (byte)210, (byte)121,  (byte)32,
+        (byte)154, (byte)219, (byte)192, (byte)254, (byte)120, (byte)205,  (byte)90, (byte)244,
+        (byte)31, (byte)221, (byte)168,  (byte)51, (byte)136,   (byte)7, (byte)199,  (byte)49,
+        (byte)177,  (byte)18,  (byte)16,  (byte)89,  (byte)39, (byte)128, (byte)236,  (byte)95,
+        (byte)96,  (byte)81, (byte)127, (byte)169,  (byte)25, (byte)181,  (byte)74,  (byte)13,
+        (byte)45, (byte)229, (byte)122, (byte)159, (byte)147, (byte)201, (byte)156, (byte)239,
+        (byte)160, (byte)224,  (byte)59,  (byte)77, (byte)174,  (byte)42, (byte)245, (byte)176,
+        (byte)200, (byte)235, (byte)187,  (byte)60, (byte)131,  (byte)83, (byte)153,  (byte)97,
+        (byte)23,  (byte)43,   (byte)4, (byte)126, (byte)186, (byte)119, (byte)214,  (byte)38,
+        (byte)225, (byte)105,  (byte)20,  (byte)99,  (byte)85,  (byte)33,  (byte)12, (byte)125,
+        };
+
+    // vector used in calculating key schedule (powers of x in GF(256))
+    private static final int[] rcon = {
+         0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a,
+         0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91 };
+
+    // precomputation tables of calculations for rounds
+    private static final int[] T0 =
+    {
+     0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6, 0x0df2f2ff, 
+     0xbd6b6bd6, 0xb16f6fde, 0x54c5c591, 0x50303060, 0x03010102, 
+     0xa96767ce, 0x7d2b2b56, 0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 
+     0x9a7676ec, 0x45caca8f, 0x9d82821f, 0x40c9c989, 0x877d7dfa, 
+     0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb, 0xecadad41, 
+     0x67d4d4b3, 0xfda2a25f, 0xeaafaf45, 0xbf9c9c23, 0xf7a4a453, 
+     0x967272e4, 0x5bc0c09b, 0xc2b7b775, 0x1cfdfde1, 0xae93933d, 
+     0x6a26264c, 0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83, 
+     0x5c343468, 0xf4a5a551, 0x34e5e5d1, 0x08f1f1f9, 0x937171e2, 
+     0x73d8d8ab, 0x53313162, 0x3f15152a, 0x0c040408, 0x52c7c795, 
+     0x65232346, 0x5ec3c39d, 0x28181830, 0xa1969637, 0x0f05050a, 
+     0xb59a9a2f, 0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df, 
+     0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea, 0x1b090912, 
+     0x9e83831d, 0x742c2c58, 0x2e1a1a34, 0x2d1b1b36, 0xb26e6edc, 
+     0xee5a5ab4, 0xfba0a05b, 0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 
+     0xceb3b37d, 0x7b292952, 0x3ee3e3dd, 0x712f2f5e, 0x97848413, 
+     0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1, 0x60202040, 
+     0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6, 0xbe6a6ad4, 0x46cbcb8d, 
+     0xd9bebe67, 0x4b393972, 0xde4a4a94, 0xd44c4c98, 0xe85858b0, 
+     0x4acfcf85, 0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed, 
+     0xc5434386, 0xd74d4d9a, 0x55333366, 0x94858511, 0xcf45458a, 
+     0x10f9f9e9, 0x06020204, 0x817f7ffe, 0xf05050a0, 0x443c3c78, 
+     0xba9f9f25, 0xe3a8a84b, 0xf35151a2, 0xfea3a35d, 0xc0404080, 
+     0x8a8f8f05, 0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1, 
+     0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142, 0x30101020, 
+     0x1affffe5, 0x0ef3f3fd, 0x6dd2d2bf, 0x4ccdcd81, 0x140c0c18, 
+     0x35131326, 0x2fececc3, 0xe15f5fbe, 0xa2979735, 0xcc444488, 
+     0x3917172e, 0x57c4c493, 0xf2a7a755, 0x827e7efc, 0x473d3d7a, 
+     0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6, 0xa06060c0, 
+     0x98818119, 0xd14f4f9e, 0x7fdcdca3, 0x66222244, 0x7e2a2a54, 
+     0xab90903b, 0x8388880b, 0xca46468c, 0x29eeeec7, 0xd3b8b86b, 
+     0x3c141428, 0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad, 
+     0x3be0e0db, 0x56323264, 0x4e3a3a74, 0x1e0a0a14, 0xdb494992, 
+     0x0a06060c, 0x6c242448, 0xe45c5cb8, 0x5dc2c29f, 0x6ed3d3bd, 
+     0xefacac43, 0xa66262c4, 0xa8919139, 0xa4959531, 0x37e4e4d3, 
+     0x8b7979f2, 0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda, 
+     0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949, 0xb46c6cd8, 
+     0xfa5656ac, 0x07f4f4f3, 0x25eaeacf, 0xaf6565ca, 0x8e7a7af4, 
+     0xe9aeae47, 0x18080810, 0xd5baba6f, 0x887878f0, 0x6f25254a, 
+     0x722e2e5c, 0x241c1c38, 0xf1a6a657, 0xc7b4b473, 0x51c6c697, 
+     0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e, 0xdd4b4b96, 
+     0xdcbdbd61, 0x868b8b0d, 0x858a8a0f, 0x907070e0, 0x423e3e7c, 
+     0xc4b5b571, 0xaa6666cc, 0xd8484890, 0x05030306, 0x01f6f6f7, 
+     0x120e0e1c, 0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969, 
+     0x91868617, 0x58c1c199, 0x271d1d3a, 0xb99e9e27, 0x38e1e1d9, 
+     0x13f8f8eb, 0xb398982b, 0x33111122, 0xbb6969d2, 0x70d9d9a9, 
+     0x898e8e07, 0xa7949433, 0xb69b9b2d, 0x221e1e3c, 0x92878715, 
+     0x20e9e9c9, 0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5, 
+     0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a, 0xdabfbf65, 
+     0x31e6e6d7, 0xc6424284, 0xb86868d0, 0xc3414182, 0xb0999929, 
+     0x772d2d5a, 0x110f0f1e, 0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 
+     0x3a16162c};
+
+private static final int[] Tinv0 =
+    {
+     0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a, 0xcb6bab3b, 
+     0xf1459d1f, 0xab58faac, 0x9303e34b, 0x55fa3020, 0xf66d76ad, 
+     0x9176cc88, 0x254c02f5, 0xfcd7e54f, 0xd7cb2ac5, 0x80443526, 
+     0x8fa362b5, 0x495ab1de, 0x671bba25, 0x980eea45, 0xe1c0fe5d, 
+     0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b, 0xe75f8f03, 
+     0x959c9215, 0xeb7a6dbf, 0xda595295, 0x2d83bed4, 0xd3217458, 
+     0x2969e049, 0x44c8c98e, 0x6a89c275, 0x78798ef4, 0x6b3e5899, 
+     0xdd71b927, 0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d, 
+     0x184adf63, 0x82311ae5, 0x60335197, 0x457f5362, 0xe07764b1, 
+     0x84ae6bbb, 0x1ca081fe, 0x942b08f9, 0x58684870, 0x19fd458f, 
+     0x876cde94, 0xb7f87b52, 0x23d373ab, 0xe2024b72, 0x578f1fe3, 
+     0x2aab5566, 0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3, 
+     0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed, 0x2b1ccf8a, 
+     0x92b479a7, 0xf0f207f3, 0xa1e2694e, 0xcdf4da65, 0xd5be0506, 
+     0x1f6234d1, 0x8afea6c4, 0x9d532e34, 0xa055f3a2, 0x32e18a05, 
+     0x75ebf6a4, 0x39ec830b, 0xaaef6040, 0x069f715e, 0x51106ebd, 
+     0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d, 0xb58d5491, 
+     0x055dc471, 0x6fd40604, 0xff155060, 0x24fb9819, 0x97e9bdd6, 
+     0xcc434089, 0x779ed967, 0xbd42e8b0, 0x888b8907, 0x385b19e7, 
+     0xdbeec879, 0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000, 
+     0x83868009, 0x48ed2b32, 0xac70111e, 0x4e725a6c, 0xfbff0efd, 
+     0x5638850f, 0x1ed5ae3d, 0x27392d36, 0x64d90f0a, 0x21a65c68, 
+     0xd1545b9b, 0x3a2e3624, 0xb1670a0c, 0x0fe75793, 0xd296eeb4, 
+     0x9e919b1b, 0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c, 
+     0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12, 0x0b0d090e, 
+     0xadc78bf2, 0xb9a8b62d, 0xc8a91e14, 0x8519f157, 0x4c0775af, 
+     0xbbdd99ee, 0xfd607fa3, 0x9f2601f7, 0xbcf5725c, 0xc53b6644, 
+     0x347efb5b, 0x7629438b, 0xdcc623cb, 0x68fcedb6, 0x63f1e4b8, 
+     0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684, 0x7d244a85, 
+     0xf83dbbd2, 0x1132f9ae, 0x6da129c7, 0x4b2f9e1d, 0xf330b2dc, 
+     0xec52860d, 0xd0e3c177, 0x6c16b32b, 0x99b970a9, 0xfa489411, 
+     0x2264e947, 0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322, 
+     0xc74e4987, 0xc1d138d9, 0xfea2ca8c, 0x360bd498, 0xcf81f5a6, 
+     0x28de7aa5, 0x268eb7da, 0xa4bfad3f, 0xe49d3a2c, 0x0d927850, 
+     0x9bcc5f6a, 0x62467e54, 0xc2138df6, 0xe8b8d890, 0x5ef7392e, 
+     0xf5afc382, 0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf, 
+     0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb, 0x097826cd, 
+     0xf418596e, 0x01b79aec, 0xa89a4f83, 0x656e95e6, 0x7ee6ffaa, 
+     0x08cfbc21, 0xe6e815ef, 0xd99be7ba, 0xce366f4a, 0xd4099fea, 
+     0xd67cb029, 0xafb2a431, 0x31233f2a, 0x3094a5c6, 0xc066a235, 
+     0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733, 0x4a9804f1, 
+     0xf7daec41, 0x0e50cd7f, 0x2ff69117, 0x8dd64d76, 0x4db0ef43, 
+     0x544daacc, 0xdf0496e4, 0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, 
+     0x7f516546, 0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb, 
+     0x5a1d67b3, 0x52d2db92, 0x335610e9, 0x1347d66d, 0x8c61d79a, 
+     0x7a0ca137, 0x8e14f859, 0x893c13eb, 0xee27a9ce, 0x35c961b7, 
+     0xede51ce1, 0x3cb1477a, 0x59dfd29c, 0x3f73f255, 0x79ce1418, 
+     0xbf37c773, 0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478, 
+     0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2, 0x72c31d16, 
+     0x0c25e2bc, 0x8b493c28, 0x41950dff, 0x7101a839, 0xdeb30c08, 
+     0x9ce4b4d8, 0x90c15664, 0x6184cb7b, 0x70b632d5, 0x745c6c48, 
+     0x4257b8d0};
+
+    private static int shift(int r, int shift)
+    {
+        return (r >>> shift) | (r << -shift);
+    }
+
+    /* multiply four bytes in GF(2^8) by 'x' {02} in parallel */
+
+    private static final int m1 = 0x80808080;
+    private static final int m2 = 0x7f7f7f7f;
+    private static final int m3 = 0x0000001b;
+    private static final int m4 = 0xC0C0C0C0;
+    private static final int m5 = 0x3f3f3f3f;
+
+    private static int FFmulX(int x)
+    {
+        return (((x & m2) << 1) ^ (((x & m1) >>> 7) * m3));
+    }
+
+    private static int FFmulX2(int x)
+    {
+        int t0  = (x & m5) << 2;
+        int t1  = (x & m4);
+            t1 ^= (t1 >>> 1);
+        return t0 ^ (t1 >>> 2) ^ (t1 >>> 5);
+    }
+
+    /* 
+       The following defines provide alternative definitions of FFmulX that might
+       give improved performance if a fast 32-bit multiply is not available.
+       
+       private int FFmulX(int x) { int u = x & m1; u |= (u >> 1); return ((x & m2) << 1) ^ ((u >>> 3) | (u >>> 6)); } 
+       private static final int  m4 = 0x1b1b1b1b;
+       private int FFmulX(int x) { int u = x & m1; return ((x & m2) << 1) ^ ((u - (u >>> 7)) & m4); } 
+
+    */
+
+    private static int inv_mcol(int x)
+    {
+        int t0, t1;
+        t0  = x;
+        t1  = t0 ^ shift(t0, 8);
+        t0 ^= FFmulX(t1);
+        t1 ^= FFmulX2(t0);
+        t0 ^= t1 ^ shift(t1, 16);
+        return t0;
+    }
+
+    private static int subWord(int x)
+    {
+        return (S[x&255]&255 | ((S[(x>>8)&255]&255)<<8) | ((S[(x>>16)&255]&255)<<16) | S[(x>>24)&255]<<24);
+    }
+
+    /**
+     * Calculate the necessary round keys
+     * The number of calculations depends on key size and block size
+     * AES specified a fixed block size of 128 bits and key sizes 128/192/256 bits
+     * This code is written assuming those are the only possible values
+     */
+    private int[][] generateWorkingKey(byte[] key, boolean forEncryption)
+    {
+        int keyLen = key.length;
+        if (keyLen < 16 || keyLen > 32 || (keyLen & 7) != 0)
+        {
+            throw new IllegalArgumentException("Key length not 128/192/256 bits.");
+        }
+
+        int KC = keyLen >>> 2;
+        ROUNDS = KC + 6;  // This is not always true for the generalized Rijndael that allows larger block sizes
+        int[][] W = new int[ROUNDS+1][4];   // 4 words in a block
+
+        switch (KC)
+        {
+        case 4:
+        {
+            int t0 = Pack.littleEndianToInt(key,  0); W[0][0] = t0;
+            int t1 = Pack.littleEndianToInt(key,  4); W[0][1] = t1;
+            int t2 = Pack.littleEndianToInt(key,  8); W[0][2] = t2;
+            int t3 = Pack.littleEndianToInt(key, 12); W[0][3] = t3;
+
+            for (int i = 1; i <= 10; ++i)
+            {
+                int u = subWord(shift(t3, 8)) ^ rcon[i - 1];
+                t0 ^= u;  W[i][0] = t0;
+                t1 ^= t0; W[i][1] = t1;
+                t2 ^= t1; W[i][2] = t2;
+                t3 ^= t2; W[i][3] = t3;
+            }
+
+            break;
+        }
+        case 6:
+        {
+            int t0 = Pack.littleEndianToInt(key,  0); W[0][0] = t0;
+            int t1 = Pack.littleEndianToInt(key,  4); W[0][1] = t1;
+            int t2 = Pack.littleEndianToInt(key,  8); W[0][2] = t2;
+            int t3 = Pack.littleEndianToInt(key, 12); W[0][3] = t3;
+            int t4 = Pack.littleEndianToInt(key, 16); W[1][0] = t4;
+            int t5 = Pack.littleEndianToInt(key, 20); W[1][1] = t5;
+
+            int rcon = 1;
+            int u = subWord(shift(t5, 8)) ^ rcon; rcon <<= 1;
+            t0 ^= u;  W[1][2] = t0;
+            t1 ^= t0; W[1][3] = t1;
+            t2 ^= t1; W[2][0] = t2;
+            t3 ^= t2; W[2][1] = t3;
+            t4 ^= t3; W[2][2] = t4;
+            t5 ^= t4; W[2][3] = t5;
+
+            for (int i = 3; i < 12; i += 3)
+            {
+                u = subWord(shift(t5, 8)) ^ rcon; rcon <<= 1;
+                t0 ^= u;  W[i    ][0] = t0;
+                t1 ^= t0; W[i    ][1] = t1;
+                t2 ^= t1; W[i    ][2] = t2;
+                t3 ^= t2; W[i    ][3] = t3;
+                t4 ^= t3; W[i + 1][0] = t4;
+                t5 ^= t4; W[i + 1][1] = t5;
+                u = subWord(shift(t5, 8)) ^ rcon; rcon <<= 1;
+                t0 ^= u;  W[i + 1][2] = t0;
+                t1 ^= t0; W[i + 1][3] = t1;
+                t2 ^= t1; W[i + 2][0] = t2;
+                t3 ^= t2; W[i + 2][1] = t3;
+                t4 ^= t3; W[i + 2][2] = t4;
+                t5 ^= t4; W[i + 2][3] = t5;
+            }
+
+            u = subWord(shift(t5, 8)) ^ rcon;
+            t0 ^= u;  W[12][0] = t0;
+            t1 ^= t0; W[12][1] = t1;
+            t2 ^= t1; W[12][2] = t2;
+            t3 ^= t2; W[12][3] = t3;
+
+            break;
+        }
+        case 8:
+        {
+            int t0 = Pack.littleEndianToInt(key,  0); W[0][0] = t0;
+            int t1 = Pack.littleEndianToInt(key,  4); W[0][1] = t1;
+            int t2 = Pack.littleEndianToInt(key,  8); W[0][2] = t2;
+            int t3 = Pack.littleEndianToInt(key, 12); W[0][3] = t3;
+            int t4 = Pack.littleEndianToInt(key, 16); W[1][0] = t4;
+            int t5 = Pack.littleEndianToInt(key, 20); W[1][1] = t5;
+            int t6 = Pack.littleEndianToInt(key, 24); W[1][2] = t6;
+            int t7 = Pack.littleEndianToInt(key, 28); W[1][3] = t7;
+
+            int u, rcon = 1;
+
+            for (int i = 2; i < 14; i += 2)
+            {
+                u = subWord(shift(t7, 8)) ^ rcon; rcon <<= 1;
+                t0 ^= u;  W[i    ][0] = t0;
+                t1 ^= t0; W[i    ][1] = t1;
+                t2 ^= t1; W[i    ][2] = t2;
+                t3 ^= t2; W[i    ][3] = t3;
+                u = subWord(t3);
+                t4 ^= u;  W[i + 1][0] = t4;
+                t5 ^= t4; W[i + 1][1] = t5;
+                t6 ^= t5; W[i + 1][2] = t6;
+                t7 ^= t6; W[i + 1][3] = t7;
+            }
+
+            u = subWord(shift(t7, 8)) ^ rcon;
+            t0 ^= u;  W[14][0] = t0;
+            t1 ^= t0; W[14][1] = t1;
+            t2 ^= t1; W[14][2] = t2;
+            t3 ^= t2; W[14][3] = t3;
+
+            break;
+        }
+        default:
+        {
+            throw new IllegalStateException("Should never get here");
+        }
+        }
+
+        if (!forEncryption)
+        {
+            for (int j = 1; j < ROUNDS; j++)
+            {
+                for (int i = 0; i < 4; i++)
+                {
+                    W[j][i] = inv_mcol(W[j][i]);
+                }
+            }
+        }
+
+        return W;
+    }
+
+    private int         ROUNDS;
+    private int[][]     WorkingKey = null;
+    private int         C0, C1, C2, C3;
+    private boolean     forEncryption;
+
+    private byte[]      s;
+
+    private static final int BLOCK_SIZE = 16;
+
+    /**
+     * default constructor - 128 bit block size.
+     */
+    public AESEngine()
+    {
+    }
+
+    /**
+     * initialise an AES cipher.
+     *
+     * @param forEncryption whether or not we are for encryption.
+     * @param params the parameters required to set up the cipher.
+     * @exception IllegalArgumentException if the params argument is
+     * inappropriate.
+     */
+    public void init(
+        boolean           forEncryption,
+        CipherParameters  params)
+    {
+        if (params instanceof KeyParameter)
+        {
+            WorkingKey = generateWorkingKey(((KeyParameter)params).getKey(), forEncryption);
+            this.forEncryption = forEncryption;
+            if (forEncryption)
+            {
+                s = Arrays.clone(S);
+            }
+            else
+            {
+                s = Arrays.clone(Si);
+            }
+            return;
+        }
+
+        throw new IllegalArgumentException("invalid parameter passed to AES init - " + params.getClass().getName());
+    }
+
+    public String getAlgorithmName()
+    {
+        return "AES";
+    }
+
+    public int getBlockSize()
+    {
+        return BLOCK_SIZE;
+    }
+
+    public int processBlock(
+        byte[] in,
+        int inOff,
+        byte[] out,
+        int outOff)
+    {
+        if (WorkingKey == null)
+        {
+            throw new IllegalStateException("AES engine not initialised");
+        }
+
+        if ((inOff + (32 / 2)) > in.length)
+        {
+            throw new DataLengthException("input buffer too short");
+        }
+
+        if ((outOff + (32 / 2)) > out.length)
+        {
+            throw new OutputLengthException("output buffer too short");
+        }
+
+        if (forEncryption)
+        {
+            unpackBlock(in, inOff);
+            encryptBlock(WorkingKey);
+            packBlock(out, outOff);
+        }
+        else
+        {
+            unpackBlock(in, inOff);
+            decryptBlock(WorkingKey);
+            packBlock(out, outOff);
+        }
+
+        return BLOCK_SIZE;
+    }
+
+    public void reset()
+    {
+    }
+
+    private void unpackBlock(
+        byte[]      bytes,
+        int         off)
+    {
+        int     index = off;
+
+        C0 = (bytes[index++] & 0xff);
+        C0 |= (bytes[index++] & 0xff) << 8;
+        C0 |= (bytes[index++] & 0xff) << 16;
+        C0 |= bytes[index++] << 24;
+
+        C1 = (bytes[index++] & 0xff);
+        C1 |= (bytes[index++] & 0xff) << 8;
+        C1 |= (bytes[index++] & 0xff) << 16;
+        C1 |= bytes[index++] << 24;
+
+        C2 = (bytes[index++] & 0xff);
+        C2 |= (bytes[index++] & 0xff) << 8;
+        C2 |= (bytes[index++] & 0xff) << 16;
+        C2 |= bytes[index++] << 24;
+
+        C3 = (bytes[index++] & 0xff);
+        C3 |= (bytes[index++] & 0xff) << 8;
+        C3 |= (bytes[index++] & 0xff) << 16;
+        C3 |= bytes[index++] << 24;
+    }
+
+    private void packBlock(
+        byte[]      bytes,
+        int         off)
+    {
+        int     index = off;
+
+        bytes[index++] = (byte)C0;
+        bytes[index++] = (byte)(C0 >> 8);
+        bytes[index++] = (byte)(C0 >> 16);
+        bytes[index++] = (byte)(C0 >> 24);
+
+        bytes[index++] = (byte)C1;
+        bytes[index++] = (byte)(C1 >> 8);
+        bytes[index++] = (byte)(C1 >> 16);
+        bytes[index++] = (byte)(C1 >> 24);
+
+        bytes[index++] = (byte)C2;
+        bytes[index++] = (byte)(C2 >> 8);
+        bytes[index++] = (byte)(C2 >> 16);
+        bytes[index++] = (byte)(C2 >> 24);
+
+        bytes[index++] = (byte)C3;
+        bytes[index++] = (byte)(C3 >> 8);
+        bytes[index++] = (byte)(C3 >> 16);
+        bytes[index++] = (byte)(C3 >> 24);
+    }
+
+
+    private void encryptBlock(int[][] KW)
+    {
+        int t0 = this.C0 ^ KW[0][0];
+        int t1 = this.C1 ^ KW[0][1];
+        int t2 = this.C2 ^ KW[0][2];
+
+        int r = 1, r0, r1, r2, r3 = this.C3 ^ KW[0][3];
+        while (r < ROUNDS - 1)
+        {
+            r0 = T0[t0&255] ^ shift(T0[(t1>>8)&255], 24) ^ shift(T0[(t2>>16)&255], 16) ^ shift(T0[(r3>>24)&255], 8) ^ KW[r][0];
+            r1 = T0[t1&255] ^ shift(T0[(t2>>8)&255], 24) ^ shift(T0[(r3>>16)&255], 16) ^ shift(T0[(t0>>24)&255], 8) ^ KW[r][1];
+            r2 = T0[t2&255] ^ shift(T0[(r3>>8)&255], 24) ^ shift(T0[(t0>>16)&255], 16) ^ shift(T0[(t1>>24)&255], 8) ^ KW[r][2];
+            r3 = T0[r3&255] ^ shift(T0[(t0>>8)&255], 24) ^ shift(T0[(t1>>16)&255], 16) ^ shift(T0[(t2>>24)&255], 8) ^ KW[r++][3];
+            t0 = T0[r0&255] ^ shift(T0[(r1>>8)&255], 24) ^ shift(T0[(r2>>16)&255], 16) ^ shift(T0[(r3>>24)&255], 8) ^ KW[r][0];
+            t1 = T0[r1&255] ^ shift(T0[(r2>>8)&255], 24) ^ shift(T0[(r3>>16)&255], 16) ^ shift(T0[(r0>>24)&255], 8) ^ KW[r][1];
+            t2 = T0[r2&255] ^ shift(T0[(r3>>8)&255], 24) ^ shift(T0[(r0>>16)&255], 16) ^ shift(T0[(r1>>24)&255], 8) ^ KW[r][2];
+            r3 = T0[r3&255] ^ shift(T0[(r0>>8)&255], 24) ^ shift(T0[(r1>>16)&255], 16) ^ shift(T0[(r2>>24)&255], 8) ^ KW[r++][3];
+        }
+
+        r0 = T0[t0&255] ^ shift(T0[(t1>>8)&255], 24) ^ shift(T0[(t2>>16)&255], 16) ^ shift(T0[(r3>>24)&255], 8) ^ KW[r][0];
+        r1 = T0[t1&255] ^ shift(T0[(t2>>8)&255], 24) ^ shift(T0[(r3>>16)&255], 16) ^ shift(T0[(t0>>24)&255], 8) ^ KW[r][1];
+        r2 = T0[t2&255] ^ shift(T0[(r3>>8)&255], 24) ^ shift(T0[(t0>>16)&255], 16) ^ shift(T0[(t1>>24)&255], 8) ^ KW[r][2];
+        r3 = T0[r3&255] ^ shift(T0[(t0>>8)&255], 24) ^ shift(T0[(t1>>16)&255], 16) ^ shift(T0[(t2>>24)&255], 8) ^ KW[r++][3];
+
+        // the final round's table is a simple function of S so we don't use a whole other four tables for it
+
+        this.C0 = (S[r0&255]&255) ^ ((S[(r1>>8)&255]&255)<<8) ^ ((s[(r2>>16)&255]&255)<<16) ^ (s[(r3>>24)&255]<<24) ^ KW[r][0];
+        this.C1 = (s[r1&255]&255) ^ ((S[(r2>>8)&255]&255)<<8) ^ ((S[(r3>>16)&255]&255)<<16) ^ (s[(r0>>24)&255]<<24) ^ KW[r][1];
+        this.C2 = (s[r2&255]&255) ^ ((S[(r3>>8)&255]&255)<<8) ^ ((S[(r0>>16)&255]&255)<<16) ^ (S[(r1>>24)&255]<<24) ^ KW[r][2];
+        this.C3 = (s[r3&255]&255) ^ ((s[(r0>>8)&255]&255)<<8) ^ ((s[(r1>>16)&255]&255)<<16) ^ (S[(r2>>24)&255]<<24) ^ KW[r][3];
+    }
+
+    private void decryptBlock(int[][] KW)
+    {
+        int t0 = this.C0 ^ KW[ROUNDS][0];
+        int t1 = this.C1 ^ KW[ROUNDS][1];
+        int t2 = this.C2 ^ KW[ROUNDS][2];
+
+        int r = ROUNDS - 1, r0, r1, r2, r3 = this.C3 ^ KW[ROUNDS][3];
+        while (r > 1)
+        {
+            r0 = Tinv0[t0&255] ^ shift(Tinv0[(r3>>8)&255], 24) ^ shift(Tinv0[(t2>>16)&255], 16) ^ shift(Tinv0[(t1>>24)&255], 8) ^ KW[r][0];
+            r1 = Tinv0[t1&255] ^ shift(Tinv0[(t0>>8)&255], 24) ^ shift(Tinv0[(r3>>16)&255], 16) ^ shift(Tinv0[(t2>>24)&255], 8) ^ KW[r][1];
+            r2 = Tinv0[t2&255] ^ shift(Tinv0[(t1>>8)&255], 24) ^ shift(Tinv0[(t0>>16)&255], 16) ^ shift(Tinv0[(r3>>24)&255], 8) ^ KW[r][2];
+            r3 = Tinv0[r3&255] ^ shift(Tinv0[(t2>>8)&255], 24) ^ shift(Tinv0[(t1>>16)&255], 16) ^ shift(Tinv0[(t0>>24)&255], 8) ^ KW[r--][3];
+            t0 = Tinv0[r0&255] ^ shift(Tinv0[(r3>>8)&255], 24) ^ shift(Tinv0[(r2>>16)&255], 16) ^ shift(Tinv0[(r1>>24)&255], 8) ^ KW[r][0];
+            t1 = Tinv0[r1&255] ^ shift(Tinv0[(r0>>8)&255], 24) ^ shift(Tinv0[(r3>>16)&255], 16) ^ shift(Tinv0[(r2>>24)&255], 8) ^ KW[r][1];
+            t2 = Tinv0[r2&255] ^ shift(Tinv0[(r1>>8)&255], 24) ^ shift(Tinv0[(r0>>16)&255], 16) ^ shift(Tinv0[(r3>>24)&255], 8) ^ KW[r][2];
+            r3 = Tinv0[r3&255] ^ shift(Tinv0[(r2>>8)&255], 24) ^ shift(Tinv0[(r1>>16)&255], 16) ^ shift(Tinv0[(r0>>24)&255], 8) ^ KW[r--][3];
+        }
+
+        r0 = Tinv0[t0&255] ^ shift(Tinv0[(r3>>8)&255], 24) ^ shift(Tinv0[(t2>>16)&255], 16) ^ shift(Tinv0[(t1>>24)&255], 8) ^ KW[r][0];
+        r1 = Tinv0[t1&255] ^ shift(Tinv0[(t0>>8)&255], 24) ^ shift(Tinv0[(r3>>16)&255], 16) ^ shift(Tinv0[(t2>>24)&255], 8) ^ KW[r][1];
+        r2 = Tinv0[t2&255] ^ shift(Tinv0[(t1>>8)&255], 24) ^ shift(Tinv0[(t0>>16)&255], 16) ^ shift(Tinv0[(r3>>24)&255], 8) ^ KW[r][2];
+        r3 = Tinv0[r3&255] ^ shift(Tinv0[(t2>>8)&255], 24) ^ shift(Tinv0[(t1>>16)&255], 16) ^ shift(Tinv0[(t0>>24)&255], 8) ^ KW[r][3];
+        
+        // the final round's table is a simple function of Si so we don't use a whole other four tables for it
+
+        this.C0 = (Si[r0&255]&255) ^ ((s[(r3>>8)&255]&255)<<8) ^ ((s[(r2>>16)&255]&255)<<16) ^ (Si[(r1>>24)&255]<<24) ^ KW[0][0];
+        this.C1 = (s[r1&255]&255) ^ ((s[(r0>>8)&255]&255)<<8) ^ ((Si[(r3>>16)&255]&255)<<16) ^ (s[(r2>>24)&255]<<24) ^ KW[0][1];
+        this.C2 = (s[r2&255]&255) ^ ((Si[(r1>>8)&255]&255)<<8) ^ ((Si[(r0>>16)&255]&255)<<16) ^ (s[(r3>>24)&255]<<24) ^ KW[0][2];
+        this.C3 = (Si[r3&255]&255) ^ ((s[(r2>>8)&255]&255)<<8) ^ ((s[(r1>>16)&255]&255)<<16) ^ (s[(r0>>24)&255]<<24) ^ KW[0][3];
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/AESFastEngine.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/AESFastEngine.java
new file mode 100644
index 0000000..4d65710
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/AESFastEngine.java

@@ -0,0 +1,1012 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.engines;
+
+import com.android.org.bouncycastle.crypto.BlockCipher;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.DataLengthException;
+import com.android.org.bouncycastle.crypto.OutputLengthException;
+import com.android.org.bouncycastle.crypto.params.KeyParameter;
+import com.android.org.bouncycastle.util.Pack;
+
+/**
+ * an implementation of the AES (Rijndael), from FIPS-197.
+ * <p>
+ * For further details see: <a href="http://csrc.nist.gov/encryption/aes/">http://csrc.nist.gov/encryption/aes/</a>.
+ *
+ * This implementation is based on optimizations from Dr. Brian Gladman's paper and C code at
+ * <a href="http://fp.gladman.plus.com/cryptography_technology/rijndael/">http://fp.gladman.plus.com/cryptography_technology/rijndael/</a>
+ *
+ * There are three levels of tradeoff of speed vs memory
+ * Because java has no preprocessor, they are written as three separate classes from which to choose
+ *
+ * The fastest uses 8Kbytes of static tables to precompute round calculations, 4 256 word tables for encryption
+ * and 4 for decryption.
+ *
+ * The middle performance version uses only one 256 word table for each, for a total of 2Kbytes,
+ * adding 12 rotate operations per round to compute the values contained in the other tables from
+ * the contents of the first
+ *
+ * The slowest version uses no static tables at all and computes the values in each round
+ * </p>
+ * <p>
+ * This file contains the fast version with 8Kbytes of static tables for round precomputation.
+ * </p>
+ * @deprecated unfortunately this class is has a few side channel issues. In an environment where encryption/decryption may be closely observed it should not be used.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class AESFastEngine
+    implements BlockCipher
+{
+    // The S box
+    private static final byte[] S = {
+        (byte)99, (byte)124, (byte)119, (byte)123, (byte)242, (byte)107, (byte)111, (byte)197,
+        (byte)48,   (byte)1, (byte)103,  (byte)43, (byte)254, (byte)215, (byte)171, (byte)118,
+        (byte)202, (byte)130, (byte)201, (byte)125, (byte)250,  (byte)89,  (byte)71, (byte)240,
+        (byte)173, (byte)212, (byte)162, (byte)175, (byte)156, (byte)164, (byte)114, (byte)192,
+        (byte)183, (byte)253, (byte)147,  (byte)38,  (byte)54,  (byte)63, (byte)247, (byte)204,
+        (byte)52, (byte)165, (byte)229, (byte)241, (byte)113, (byte)216,  (byte)49,  (byte)21,
+        (byte)4, (byte)199,  (byte)35, (byte)195,  (byte)24, (byte)150,   (byte)5, (byte)154,
+        (byte)7,  (byte)18, (byte)128, (byte)226, (byte)235,  (byte)39, (byte)178, (byte)117,
+        (byte)9, (byte)131,  (byte)44,  (byte)26,  (byte)27, (byte)110,  (byte)90, (byte)160,
+        (byte)82,  (byte)59, (byte)214, (byte)179,  (byte)41, (byte)227,  (byte)47, (byte)132,
+        (byte)83, (byte)209,   (byte)0, (byte)237,  (byte)32, (byte)252, (byte)177,  (byte)91,
+        (byte)106, (byte)203, (byte)190,  (byte)57,  (byte)74,  (byte)76,  (byte)88, (byte)207,
+        (byte)208, (byte)239, (byte)170, (byte)251,  (byte)67,  (byte)77,  (byte)51, (byte)133,
+        (byte)69, (byte)249,   (byte)2, (byte)127,  (byte)80,  (byte)60, (byte)159, (byte)168,
+        (byte)81, (byte)163,  (byte)64, (byte)143, (byte)146, (byte)157,  (byte)56, (byte)245,
+        (byte)188, (byte)182, (byte)218,  (byte)33,  (byte)16, (byte)255, (byte)243, (byte)210,
+        (byte)205,  (byte)12,  (byte)19, (byte)236,  (byte)95, (byte)151,  (byte)68,  (byte)23,
+        (byte)196, (byte)167, (byte)126,  (byte)61, (byte)100,  (byte)93,  (byte)25, (byte)115,
+        (byte)96, (byte)129,  (byte)79, (byte)220,  (byte)34,  (byte)42, (byte)144, (byte)136,
+        (byte)70, (byte)238, (byte)184,  (byte)20, (byte)222,  (byte)94,  (byte)11, (byte)219,
+        (byte)224,  (byte)50,  (byte)58,  (byte)10,  (byte)73,   (byte)6,  (byte)36,  (byte)92,
+        (byte)194, (byte)211, (byte)172,  (byte)98, (byte)145, (byte)149, (byte)228, (byte)121,
+        (byte)231, (byte)200,  (byte)55, (byte)109, (byte)141, (byte)213,  (byte)78, (byte)169,
+        (byte)108,  (byte)86, (byte)244, (byte)234, (byte)101, (byte)122, (byte)174,   (byte)8,
+        (byte)186, (byte)120,  (byte)37,  (byte)46,  (byte)28, (byte)166, (byte)180, (byte)198,
+        (byte)232, (byte)221, (byte)116,  (byte)31,  (byte)75, (byte)189, (byte)139, (byte)138,
+        (byte)112,  (byte)62, (byte)181, (byte)102,  (byte)72,   (byte)3, (byte)246,  (byte)14,
+        (byte)97,  (byte)53,  (byte)87, (byte)185, (byte)134, (byte)193,  (byte)29, (byte)158,
+        (byte)225, (byte)248, (byte)152,  (byte)17, (byte)105, (byte)217, (byte)142, (byte)148,
+        (byte)155,  (byte)30, (byte)135, (byte)233, (byte)206,  (byte)85,  (byte)40, (byte)223,
+        (byte)140, (byte)161, (byte)137,  (byte)13, (byte)191, (byte)230,  (byte)66, (byte)104,
+        (byte)65, (byte)153,  (byte)45,  (byte)15, (byte)176,  (byte)84, (byte)187,  (byte)22,
+    };
+
+    // The inverse S-box
+    private static final byte[] Si = {
+        (byte)82,   (byte)9, (byte)106, (byte)213,  (byte)48,  (byte)54, (byte)165,  (byte)56,
+        (byte)191,  (byte)64, (byte)163, (byte)158, (byte)129, (byte)243, (byte)215, (byte)251,
+        (byte)124, (byte)227,  (byte)57, (byte)130, (byte)155,  (byte)47, (byte)255, (byte)135,
+        (byte)52, (byte)142,  (byte)67,  (byte)68, (byte)196, (byte)222, (byte)233, (byte)203,
+        (byte)84, (byte)123, (byte)148,  (byte)50, (byte)166, (byte)194,  (byte)35,  (byte)61,
+        (byte)238,  (byte)76, (byte)149,  (byte)11,  (byte)66, (byte)250, (byte)195,  (byte)78,
+        (byte)8,  (byte)46, (byte)161, (byte)102,  (byte)40, (byte)217,  (byte)36, (byte)178,
+        (byte)118,  (byte)91, (byte)162,  (byte)73, (byte)109, (byte)139, (byte)209,  (byte)37,
+        (byte)114, (byte)248, (byte)246, (byte)100, (byte)134, (byte)104, (byte)152,  (byte)22,
+        (byte)212, (byte)164,  (byte)92, (byte)204,  (byte)93, (byte)101, (byte)182, (byte)146,
+        (byte)108, (byte)112,  (byte)72,  (byte)80, (byte)253, (byte)237, (byte)185, (byte)218,
+        (byte)94,  (byte)21,  (byte)70,  (byte)87, (byte)167, (byte)141, (byte)157, (byte)132,
+        (byte)144, (byte)216, (byte)171,   (byte)0, (byte)140, (byte)188, (byte)211,  (byte)10,
+        (byte)247, (byte)228,  (byte)88,   (byte)5, (byte)184, (byte)179,  (byte)69,   (byte)6,
+        (byte)208,  (byte)44,  (byte)30, (byte)143, (byte)202,  (byte)63,  (byte)15,   (byte)2,
+        (byte)193, (byte)175, (byte)189,   (byte)3,   (byte)1,  (byte)19, (byte)138, (byte)107,
+        (byte)58, (byte)145,  (byte)17,  (byte)65,  (byte)79, (byte)103, (byte)220, (byte)234,
+        (byte)151, (byte)242, (byte)207, (byte)206, (byte)240, (byte)180, (byte)230, (byte)115,
+        (byte)150, (byte)172, (byte)116,  (byte)34, (byte)231, (byte)173,  (byte)53, (byte)133,
+        (byte)226, (byte)249,  (byte)55, (byte)232,  (byte)28, (byte)117, (byte)223, (byte)110,
+        (byte)71, (byte)241,  (byte)26, (byte)113,  (byte)29,  (byte)41, (byte)197, (byte)137,
+        (byte)111, (byte)183,  (byte)98,  (byte)14, (byte)170,  (byte)24, (byte)190,  (byte)27,
+        (byte)252,  (byte)86,  (byte)62,  (byte)75, (byte)198, (byte)210, (byte)121,  (byte)32,
+        (byte)154, (byte)219, (byte)192, (byte)254, (byte)120, (byte)205,  (byte)90, (byte)244,
+        (byte)31, (byte)221, (byte)168,  (byte)51, (byte)136,   (byte)7, (byte)199,  (byte)49,
+        (byte)177,  (byte)18,  (byte)16,  (byte)89,  (byte)39, (byte)128, (byte)236,  (byte)95,
+        (byte)96,  (byte)81, (byte)127, (byte)169,  (byte)25, (byte)181,  (byte)74,  (byte)13,
+        (byte)45, (byte)229, (byte)122, (byte)159, (byte)147, (byte)201, (byte)156, (byte)239,
+        (byte)160, (byte)224,  (byte)59,  (byte)77, (byte)174,  (byte)42, (byte)245, (byte)176,
+        (byte)200, (byte)235, (byte)187,  (byte)60, (byte)131,  (byte)83, (byte)153,  (byte)97,
+        (byte)23,  (byte)43,   (byte)4, (byte)126, (byte)186, (byte)119, (byte)214,  (byte)38,
+        (byte)225, (byte)105,  (byte)20,  (byte)99,  (byte)85,  (byte)33,  (byte)12, (byte)125,
+        };
+
+    // vector used in calculating key schedule (powers of x in GF(256))
+    private static final int[] rcon = {
+         0x01, 0x02, 0x04, 0x08, 0x10, 0x20, 0x40, 0x80, 0x1b, 0x36, 0x6c, 0xd8, 0xab, 0x4d, 0x9a,
+         0x2f, 0x5e, 0xbc, 0x63, 0xc6, 0x97, 0x35, 0x6a, 0xd4, 0xb3, 0x7d, 0xfa, 0xef, 0xc5, 0x91 };
+
+    // precomputation tables of calculations for rounds
+    private static final int[] T =
+    {
+     // T0
+     0xa56363c6, 0x847c7cf8, 0x997777ee, 0x8d7b7bf6, 0x0df2f2ff, 
+     0xbd6b6bd6, 0xb16f6fde, 0x54c5c591, 0x50303060, 0x03010102, 
+     0xa96767ce, 0x7d2b2b56, 0x19fefee7, 0x62d7d7b5, 0xe6abab4d, 
+     0x9a7676ec, 0x45caca8f, 0x9d82821f, 0x40c9c989, 0x877d7dfa, 
+     0x15fafaef, 0xeb5959b2, 0xc947478e, 0x0bf0f0fb, 0xecadad41, 
+     0x67d4d4b3, 0xfda2a25f, 0xeaafaf45, 0xbf9c9c23, 0xf7a4a453, 
+     0x967272e4, 0x5bc0c09b, 0xc2b7b775, 0x1cfdfde1, 0xae93933d, 
+     0x6a26264c, 0x5a36366c, 0x413f3f7e, 0x02f7f7f5, 0x4fcccc83, 
+     0x5c343468, 0xf4a5a551, 0x34e5e5d1, 0x08f1f1f9, 0x937171e2, 
+     0x73d8d8ab, 0x53313162, 0x3f15152a, 0x0c040408, 0x52c7c795, 
+     0x65232346, 0x5ec3c39d, 0x28181830, 0xa1969637, 0x0f05050a, 
+     0xb59a9a2f, 0x0907070e, 0x36121224, 0x9b80801b, 0x3de2e2df, 
+     0x26ebebcd, 0x6927274e, 0xcdb2b27f, 0x9f7575ea, 0x1b090912, 
+     0x9e83831d, 0x742c2c58, 0x2e1a1a34, 0x2d1b1b36, 0xb26e6edc, 
+     0xee5a5ab4, 0xfba0a05b, 0xf65252a4, 0x4d3b3b76, 0x61d6d6b7, 
+     0xceb3b37d, 0x7b292952, 0x3ee3e3dd, 0x712f2f5e, 0x97848413, 
+     0xf55353a6, 0x68d1d1b9, 0x00000000, 0x2cededc1, 0x60202040, 
+     0x1ffcfce3, 0xc8b1b179, 0xed5b5bb6, 0xbe6a6ad4, 0x46cbcb8d, 
+     0xd9bebe67, 0x4b393972, 0xde4a4a94, 0xd44c4c98, 0xe85858b0, 
+     0x4acfcf85, 0x6bd0d0bb, 0x2aefefc5, 0xe5aaaa4f, 0x16fbfbed, 
+     0xc5434386, 0xd74d4d9a, 0x55333366, 0x94858511, 0xcf45458a, 
+     0x10f9f9e9, 0x06020204, 0x817f7ffe, 0xf05050a0, 0x443c3c78, 
+     0xba9f9f25, 0xe3a8a84b, 0xf35151a2, 0xfea3a35d, 0xc0404080, 
+     0x8a8f8f05, 0xad92923f, 0xbc9d9d21, 0x48383870, 0x04f5f5f1, 
+     0xdfbcbc63, 0xc1b6b677, 0x75dadaaf, 0x63212142, 0x30101020, 
+     0x1affffe5, 0x0ef3f3fd, 0x6dd2d2bf, 0x4ccdcd81, 0x140c0c18, 
+     0x35131326, 0x2fececc3, 0xe15f5fbe, 0xa2979735, 0xcc444488, 
+     0x3917172e, 0x57c4c493, 0xf2a7a755, 0x827e7efc, 0x473d3d7a, 
+     0xac6464c8, 0xe75d5dba, 0x2b191932, 0x957373e6, 0xa06060c0, 
+     0x98818119, 0xd14f4f9e, 0x7fdcdca3, 0x66222244, 0x7e2a2a54, 
+     0xab90903b, 0x8388880b, 0xca46468c, 0x29eeeec7, 0xd3b8b86b, 
+     0x3c141428, 0x79dedea7, 0xe25e5ebc, 0x1d0b0b16, 0x76dbdbad, 
+     0x3be0e0db, 0x56323264, 0x4e3a3a74, 0x1e0a0a14, 0xdb494992, 
+     0x0a06060c, 0x6c242448, 0xe45c5cb8, 0x5dc2c29f, 0x6ed3d3bd, 
+     0xefacac43, 0xa66262c4, 0xa8919139, 0xa4959531, 0x37e4e4d3, 
+     0x8b7979f2, 0x32e7e7d5, 0x43c8c88b, 0x5937376e, 0xb76d6dda, 
+     0x8c8d8d01, 0x64d5d5b1, 0xd24e4e9c, 0xe0a9a949, 0xb46c6cd8, 
+     0xfa5656ac, 0x07f4f4f3, 0x25eaeacf, 0xaf6565ca, 0x8e7a7af4, 
+     0xe9aeae47, 0x18080810, 0xd5baba6f, 0x887878f0, 0x6f25254a, 
+     0x722e2e5c, 0x241c1c38, 0xf1a6a657, 0xc7b4b473, 0x51c6c697, 
+     0x23e8e8cb, 0x7cdddda1, 0x9c7474e8, 0x211f1f3e, 0xdd4b4b96, 
+     0xdcbdbd61, 0x868b8b0d, 0x858a8a0f, 0x907070e0, 0x423e3e7c, 
+     0xc4b5b571, 0xaa6666cc, 0xd8484890, 0x05030306, 0x01f6f6f7, 
+     0x120e0e1c, 0xa36161c2, 0x5f35356a, 0xf95757ae, 0xd0b9b969, 
+     0x91868617, 0x58c1c199, 0x271d1d3a, 0xb99e9e27, 0x38e1e1d9, 
+     0x13f8f8eb, 0xb398982b, 0x33111122, 0xbb6969d2, 0x70d9d9a9, 
+     0x898e8e07, 0xa7949433, 0xb69b9b2d, 0x221e1e3c, 0x92878715, 
+     0x20e9e9c9, 0x49cece87, 0xff5555aa, 0x78282850, 0x7adfdfa5, 
+     0x8f8c8c03, 0xf8a1a159, 0x80898909, 0x170d0d1a, 0xdabfbf65, 
+     0x31e6e6d7, 0xc6424284, 0xb86868d0, 0xc3414182, 0xb0999929, 
+     0x772d2d5a, 0x110f0f1e, 0xcbb0b07b, 0xfc5454a8, 0xd6bbbb6d, 
+     0x3a16162c, 
+
+     // T1
+     0x6363c6a5, 0x7c7cf884, 0x7777ee99, 0x7b7bf68d, 0xf2f2ff0d, 
+     0x6b6bd6bd, 0x6f6fdeb1, 0xc5c59154, 0x30306050, 0x01010203, 
+     0x6767cea9, 0x2b2b567d, 0xfefee719, 0xd7d7b562, 0xabab4de6, 
+     0x7676ec9a, 0xcaca8f45, 0x82821f9d, 0xc9c98940, 0x7d7dfa87, 
+     0xfafaef15, 0x5959b2eb, 0x47478ec9, 0xf0f0fb0b, 0xadad41ec, 
+     0xd4d4b367, 0xa2a25ffd, 0xafaf45ea, 0x9c9c23bf, 0xa4a453f7, 
+     0x7272e496, 0xc0c09b5b, 0xb7b775c2, 0xfdfde11c, 0x93933dae, 
+     0x26264c6a, 0x36366c5a, 0x3f3f7e41, 0xf7f7f502, 0xcccc834f, 
+     0x3434685c, 0xa5a551f4, 0xe5e5d134, 0xf1f1f908, 0x7171e293, 
+     0xd8d8ab73, 0x31316253, 0x15152a3f, 0x0404080c, 0xc7c79552, 
+     0x23234665, 0xc3c39d5e, 0x18183028, 0x969637a1, 0x05050a0f, 
+     0x9a9a2fb5, 0x07070e09, 0x12122436, 0x80801b9b, 0xe2e2df3d, 
+     0xebebcd26, 0x27274e69, 0xb2b27fcd, 0x7575ea9f, 0x0909121b, 
+     0x83831d9e, 0x2c2c5874, 0x1a1a342e, 0x1b1b362d, 0x6e6edcb2, 
+     0x5a5ab4ee, 0xa0a05bfb, 0x5252a4f6, 0x3b3b764d, 0xd6d6b761, 
+     0xb3b37dce, 0x2929527b, 0xe3e3dd3e, 0x2f2f5e71, 0x84841397, 
+     0x5353a6f5, 0xd1d1b968, 0x00000000, 0xededc12c, 0x20204060, 
+     0xfcfce31f, 0xb1b179c8, 0x5b5bb6ed, 0x6a6ad4be, 0xcbcb8d46, 
+     0xbebe67d9, 0x3939724b, 0x4a4a94de, 0x4c4c98d4, 0x5858b0e8, 
+     0xcfcf854a, 0xd0d0bb6b, 0xefefc52a, 0xaaaa4fe5, 0xfbfbed16, 
+     0x434386c5, 0x4d4d9ad7, 0x33336655, 0x85851194, 0x45458acf, 
+     0xf9f9e910, 0x02020406, 0x7f7ffe81, 0x5050a0f0, 0x3c3c7844, 
+     0x9f9f25ba, 0xa8a84be3, 0x5151a2f3, 0xa3a35dfe, 0x404080c0, 
+     0x8f8f058a, 0x92923fad, 0x9d9d21bc, 0x38387048, 0xf5f5f104, 
+     0xbcbc63df, 0xb6b677c1, 0xdadaaf75, 0x21214263, 0x10102030, 
+     0xffffe51a, 0xf3f3fd0e, 0xd2d2bf6d, 0xcdcd814c, 0x0c0c1814, 
+     0x13132635, 0xececc32f, 0x5f5fbee1, 0x979735a2, 0x444488cc, 
+     0x17172e39, 0xc4c49357, 0xa7a755f2, 0x7e7efc82, 0x3d3d7a47, 
+     0x6464c8ac, 0x5d5dbae7, 0x1919322b, 0x7373e695, 0x6060c0a0, 
+     0x81811998, 0x4f4f9ed1, 0xdcdca37f, 0x22224466, 0x2a2a547e, 
+     0x90903bab, 0x88880b83, 0x46468cca, 0xeeeec729, 0xb8b86bd3, 
+     0x1414283c, 0xdedea779, 0x5e5ebce2, 0x0b0b161d, 0xdbdbad76, 
+     0xe0e0db3b, 0x32326456, 0x3a3a744e, 0x0a0a141e, 0x494992db, 
+     0x06060c0a, 0x2424486c, 0x5c5cb8e4, 0xc2c29f5d, 0xd3d3bd6e, 
+     0xacac43ef, 0x6262c4a6, 0x919139a8, 0x959531a4, 0xe4e4d337, 
+     0x7979f28b, 0xe7e7d532, 0xc8c88b43, 0x37376e59, 0x6d6ddab7, 
+     0x8d8d018c, 0xd5d5b164, 0x4e4e9cd2, 0xa9a949e0, 0x6c6cd8b4, 
+     0x5656acfa, 0xf4f4f307, 0xeaeacf25, 0x6565caaf, 0x7a7af48e, 
+     0xaeae47e9, 0x08081018, 0xbaba6fd5, 0x7878f088, 0x25254a6f, 
+     0x2e2e5c72, 0x1c1c3824, 0xa6a657f1, 0xb4b473c7, 0xc6c69751, 
+     0xe8e8cb23, 0xdddda17c, 0x7474e89c, 0x1f1f3e21, 0x4b4b96dd, 
+     0xbdbd61dc, 0x8b8b0d86, 0x8a8a0f85, 0x7070e090, 0x3e3e7c42, 
+     0xb5b571c4, 0x6666ccaa, 0x484890d8, 0x03030605, 0xf6f6f701, 
+     0x0e0e1c12, 0x6161c2a3, 0x35356a5f, 0x5757aef9, 0xb9b969d0, 
+     0x86861791, 0xc1c19958, 0x1d1d3a27, 0x9e9e27b9, 0xe1e1d938, 
+     0xf8f8eb13, 0x98982bb3, 0x11112233, 0x6969d2bb, 0xd9d9a970, 
+     0x8e8e0789, 0x949433a7, 0x9b9b2db6, 0x1e1e3c22, 0x87871592, 
+     0xe9e9c920, 0xcece8749, 0x5555aaff, 0x28285078, 0xdfdfa57a, 
+     0x8c8c038f, 0xa1a159f8, 0x89890980, 0x0d0d1a17, 0xbfbf65da, 
+     0xe6e6d731, 0x424284c6, 0x6868d0b8, 0x414182c3, 0x999929b0, 
+     0x2d2d5a77, 0x0f0f1e11, 0xb0b07bcb, 0x5454a8fc, 0xbbbb6dd6, 
+     0x16162c3a, 
+
+     // T2
+     0x63c6a563, 0x7cf8847c, 0x77ee9977, 0x7bf68d7b, 0xf2ff0df2, 
+     0x6bd6bd6b, 0x6fdeb16f, 0xc59154c5, 0x30605030, 0x01020301, 
+     0x67cea967, 0x2b567d2b, 0xfee719fe, 0xd7b562d7, 0xab4de6ab, 
+     0x76ec9a76, 0xca8f45ca, 0x821f9d82, 0xc98940c9, 0x7dfa877d, 
+     0xfaef15fa, 0x59b2eb59, 0x478ec947, 0xf0fb0bf0, 0xad41ecad, 
+     0xd4b367d4, 0xa25ffda2, 0xaf45eaaf, 0x9c23bf9c, 0xa453f7a4, 
+     0x72e49672, 0xc09b5bc0, 0xb775c2b7, 0xfde11cfd, 0x933dae93, 
+     0x264c6a26, 0x366c5a36, 0x3f7e413f, 0xf7f502f7, 0xcc834fcc, 
+     0x34685c34, 0xa551f4a5, 0xe5d134e5, 0xf1f908f1, 0x71e29371, 
+     0xd8ab73d8, 0x31625331, 0x152a3f15, 0x04080c04, 0xc79552c7, 
+     0x23466523, 0xc39d5ec3, 0x18302818, 0x9637a196, 0x050a0f05, 
+     0x9a2fb59a, 0x070e0907, 0x12243612, 0x801b9b80, 0xe2df3de2, 
+     0xebcd26eb, 0x274e6927, 0xb27fcdb2, 0x75ea9f75, 0x09121b09, 
+     0x831d9e83, 0x2c58742c, 0x1a342e1a, 0x1b362d1b, 0x6edcb26e, 
+     0x5ab4ee5a, 0xa05bfba0, 0x52a4f652, 0x3b764d3b, 0xd6b761d6, 
+     0xb37dceb3, 0x29527b29, 0xe3dd3ee3, 0x2f5e712f, 0x84139784, 
+     0x53a6f553, 0xd1b968d1, 0x00000000, 0xedc12ced, 0x20406020, 
+     0xfce31ffc, 0xb179c8b1, 0x5bb6ed5b, 0x6ad4be6a, 0xcb8d46cb, 
+     0xbe67d9be, 0x39724b39, 0x4a94de4a, 0x4c98d44c, 0x58b0e858, 
+     0xcf854acf, 0xd0bb6bd0, 0xefc52aef, 0xaa4fe5aa, 0xfbed16fb, 
+     0x4386c543, 0x4d9ad74d, 0x33665533, 0x85119485, 0x458acf45, 
+     0xf9e910f9, 0x02040602, 0x7ffe817f, 0x50a0f050, 0x3c78443c, 
+     0x9f25ba9f, 0xa84be3a8, 0x51a2f351, 0xa35dfea3, 0x4080c040, 
+     0x8f058a8f, 0x923fad92, 0x9d21bc9d, 0x38704838, 0xf5f104f5, 
+     0xbc63dfbc, 0xb677c1b6, 0xdaaf75da, 0x21426321, 0x10203010, 
+     0xffe51aff, 0xf3fd0ef3, 0xd2bf6dd2, 0xcd814ccd, 0x0c18140c, 
+     0x13263513, 0xecc32fec, 0x5fbee15f, 0x9735a297, 0x4488cc44, 
+     0x172e3917, 0xc49357c4, 0xa755f2a7, 0x7efc827e, 0x3d7a473d, 
+     0x64c8ac64, 0x5dbae75d, 0x19322b19, 0x73e69573, 0x60c0a060, 
+     0x81199881, 0x4f9ed14f, 0xdca37fdc, 0x22446622, 0x2a547e2a, 
+     0x903bab90, 0x880b8388, 0x468cca46, 0xeec729ee, 0xb86bd3b8, 
+     0x14283c14, 0xdea779de, 0x5ebce25e, 0x0b161d0b, 0xdbad76db, 
+     0xe0db3be0, 0x32645632, 0x3a744e3a, 0x0a141e0a, 0x4992db49, 
+     0x060c0a06, 0x24486c24, 0x5cb8e45c, 0xc29f5dc2, 0xd3bd6ed3, 
+     0xac43efac, 0x62c4a662, 0x9139a891, 0x9531a495, 0xe4d337e4, 
+     0x79f28b79, 0xe7d532e7, 0xc88b43c8, 0x376e5937, 0x6ddab76d, 
+     0x8d018c8d, 0xd5b164d5, 0x4e9cd24e, 0xa949e0a9, 0x6cd8b46c, 
+     0x56acfa56, 0xf4f307f4, 0xeacf25ea, 0x65caaf65, 0x7af48e7a, 
+     0xae47e9ae, 0x08101808, 0xba6fd5ba, 0x78f08878, 0x254a6f25, 
+     0x2e5c722e, 0x1c38241c, 0xa657f1a6, 0xb473c7b4, 0xc69751c6, 
+     0xe8cb23e8, 0xdda17cdd, 0x74e89c74, 0x1f3e211f, 0x4b96dd4b, 
+     0xbd61dcbd, 0x8b0d868b, 0x8a0f858a, 0x70e09070, 0x3e7c423e, 
+     0xb571c4b5, 0x66ccaa66, 0x4890d848, 0x03060503, 0xf6f701f6, 
+     0x0e1c120e, 0x61c2a361, 0x356a5f35, 0x57aef957, 0xb969d0b9, 
+     0x86179186, 0xc19958c1, 0x1d3a271d, 0x9e27b99e, 0xe1d938e1, 
+     0xf8eb13f8, 0x982bb398, 0x11223311, 0x69d2bb69, 0xd9a970d9, 
+     0x8e07898e, 0x9433a794, 0x9b2db69b, 0x1e3c221e, 0x87159287, 
+     0xe9c920e9, 0xce8749ce, 0x55aaff55, 0x28507828, 0xdfa57adf, 
+     0x8c038f8c, 0xa159f8a1, 0x89098089, 0x0d1a170d, 0xbf65dabf, 
+     0xe6d731e6, 0x4284c642, 0x68d0b868, 0x4182c341, 0x9929b099, 
+     0x2d5a772d, 0x0f1e110f, 0xb07bcbb0, 0x54a8fc54, 0xbb6dd6bb, 
+     0x162c3a16, 
+
+     // T3
+     0xc6a56363, 0xf8847c7c, 0xee997777, 0xf68d7b7b, 0xff0df2f2, 
+     0xd6bd6b6b, 0xdeb16f6f, 0x9154c5c5, 0x60503030, 0x02030101, 
+     0xcea96767, 0x567d2b2b, 0xe719fefe, 0xb562d7d7, 0x4de6abab, 
+     0xec9a7676, 0x8f45caca, 0x1f9d8282, 0x8940c9c9, 0xfa877d7d, 
+     0xef15fafa, 0xb2eb5959, 0x8ec94747, 0xfb0bf0f0, 0x41ecadad, 
+     0xb367d4d4, 0x5ffda2a2, 0x45eaafaf, 0x23bf9c9c, 0x53f7a4a4, 
+     0xe4967272, 0x9b5bc0c0, 0x75c2b7b7, 0xe11cfdfd, 0x3dae9393, 
+     0x4c6a2626, 0x6c5a3636, 0x7e413f3f, 0xf502f7f7, 0x834fcccc, 
+     0x685c3434, 0x51f4a5a5, 0xd134e5e5, 0xf908f1f1, 0xe2937171, 
+     0xab73d8d8, 0x62533131, 0x2a3f1515, 0x080c0404, 0x9552c7c7, 
+     0x46652323, 0x9d5ec3c3, 0x30281818, 0x37a19696, 0x0a0f0505, 
+     0x2fb59a9a, 0x0e090707, 0x24361212, 0x1b9b8080, 0xdf3de2e2, 
+     0xcd26ebeb, 0x4e692727, 0x7fcdb2b2, 0xea9f7575, 0x121b0909, 
+     0x1d9e8383, 0x58742c2c, 0x342e1a1a, 0x362d1b1b, 0xdcb26e6e, 
+     0xb4ee5a5a, 0x5bfba0a0, 0xa4f65252, 0x764d3b3b, 0xb761d6d6, 
+     0x7dceb3b3, 0x527b2929, 0xdd3ee3e3, 0x5e712f2f, 0x13978484, 
+     0xa6f55353, 0xb968d1d1, 0x00000000, 0xc12ceded, 0x40602020, 
+     0xe31ffcfc, 0x79c8b1b1, 0xb6ed5b5b, 0xd4be6a6a, 0x8d46cbcb, 
+     0x67d9bebe, 0x724b3939, 0x94de4a4a, 0x98d44c4c, 0xb0e85858, 
+     0x854acfcf, 0xbb6bd0d0, 0xc52aefef, 0x4fe5aaaa, 0xed16fbfb, 
+     0x86c54343, 0x9ad74d4d, 0x66553333, 0x11948585, 0x8acf4545, 
+     0xe910f9f9, 0x04060202, 0xfe817f7f, 0xa0f05050, 0x78443c3c, 
+     0x25ba9f9f, 0x4be3a8a8, 0xa2f35151, 0x5dfea3a3, 0x80c04040, 
+     0x058a8f8f, 0x3fad9292, 0x21bc9d9d, 0x70483838, 0xf104f5f5, 
+     0x63dfbcbc, 0x77c1b6b6, 0xaf75dada, 0x42632121, 0x20301010, 
+     0xe51affff, 0xfd0ef3f3, 0xbf6dd2d2, 0x814ccdcd, 0x18140c0c, 
+     0x26351313, 0xc32fecec, 0xbee15f5f, 0x35a29797, 0x88cc4444, 
+     0x2e391717, 0x9357c4c4, 0x55f2a7a7, 0xfc827e7e, 0x7a473d3d, 
+     0xc8ac6464, 0xbae75d5d, 0x322b1919, 0xe6957373, 0xc0a06060, 
+     0x19988181, 0x9ed14f4f, 0xa37fdcdc, 0x44662222, 0x547e2a2a, 
+     0x3bab9090, 0x0b838888, 0x8cca4646, 0xc729eeee, 0x6bd3b8b8, 
+     0x283c1414, 0xa779dede, 0xbce25e5e, 0x161d0b0b, 0xad76dbdb, 
+     0xdb3be0e0, 0x64563232, 0x744e3a3a, 0x141e0a0a, 0x92db4949, 
+     0x0c0a0606, 0x486c2424, 0xb8e45c5c, 0x9f5dc2c2, 0xbd6ed3d3, 
+     0x43efacac, 0xc4a66262, 0x39a89191, 0x31a49595, 0xd337e4e4, 
+     0xf28b7979, 0xd532e7e7, 0x8b43c8c8, 0x6e593737, 0xdab76d6d, 
+     0x018c8d8d, 0xb164d5d5, 0x9cd24e4e, 0x49e0a9a9, 0xd8b46c6c, 
+     0xacfa5656, 0xf307f4f4, 0xcf25eaea, 0xcaaf6565, 0xf48e7a7a, 
+     0x47e9aeae, 0x10180808, 0x6fd5baba, 0xf0887878, 0x4a6f2525, 
+     0x5c722e2e, 0x38241c1c, 0x57f1a6a6, 0x73c7b4b4, 0x9751c6c6, 
+     0xcb23e8e8, 0xa17cdddd, 0xe89c7474, 0x3e211f1f, 0x96dd4b4b, 
+     0x61dcbdbd, 0x0d868b8b, 0x0f858a8a, 0xe0907070, 0x7c423e3e, 
+     0x71c4b5b5, 0xccaa6666, 0x90d84848, 0x06050303, 0xf701f6f6, 
+     0x1c120e0e, 0xc2a36161, 0x6a5f3535, 0xaef95757, 0x69d0b9b9, 
+     0x17918686, 0x9958c1c1, 0x3a271d1d, 0x27b99e9e, 0xd938e1e1, 
+     0xeb13f8f8, 0x2bb39898, 0x22331111, 0xd2bb6969, 0xa970d9d9, 
+     0x07898e8e, 0x33a79494, 0x2db69b9b, 0x3c221e1e, 0x15928787, 
+     0xc920e9e9, 0x8749cece, 0xaaff5555, 0x50782828, 0xa57adfdf, 
+     0x038f8c8c, 0x59f8a1a1, 0x09808989, 0x1a170d0d, 0x65dabfbf, 
+     0xd731e6e6, 0x84c64242, 0xd0b86868, 0x82c34141, 0x29b09999, 
+     0x5a772d2d, 0x1e110f0f, 0x7bcbb0b0, 0xa8fc5454, 0x6dd6bbbb, 
+     0x2c3a1616};
+
+    private static final int[] Tinv =
+    {
+     // Tinv0
+     0x50a7f451, 0x5365417e, 0xc3a4171a, 0x965e273a, 0xcb6bab3b, 
+     0xf1459d1f, 0xab58faac, 0x9303e34b, 0x55fa3020, 0xf66d76ad, 
+     0x9176cc88, 0x254c02f5, 0xfcd7e54f, 0xd7cb2ac5, 0x80443526, 
+     0x8fa362b5, 0x495ab1de, 0x671bba25, 0x980eea45, 0xe1c0fe5d, 
+     0x02752fc3, 0x12f04c81, 0xa397468d, 0xc6f9d36b, 0xe75f8f03, 
+     0x959c9215, 0xeb7a6dbf, 0xda595295, 0x2d83bed4, 0xd3217458, 
+     0x2969e049, 0x44c8c98e, 0x6a89c275, 0x78798ef4, 0x6b3e5899, 
+     0xdd71b927, 0xb64fe1be, 0x17ad88f0, 0x66ac20c9, 0xb43ace7d, 
+     0x184adf63, 0x82311ae5, 0x60335197, 0x457f5362, 0xe07764b1, 
+     0x84ae6bbb, 0x1ca081fe, 0x942b08f9, 0x58684870, 0x19fd458f, 
+     0x876cde94, 0xb7f87b52, 0x23d373ab, 0xe2024b72, 0x578f1fe3, 
+     0x2aab5566, 0x0728ebb2, 0x03c2b52f, 0x9a7bc586, 0xa50837d3, 
+     0xf2872830, 0xb2a5bf23, 0xba6a0302, 0x5c8216ed, 0x2b1ccf8a, 
+     0x92b479a7, 0xf0f207f3, 0xa1e2694e, 0xcdf4da65, 0xd5be0506, 
+     0x1f6234d1, 0x8afea6c4, 0x9d532e34, 0xa055f3a2, 0x32e18a05, 
+     0x75ebf6a4, 0x39ec830b, 0xaaef6040, 0x069f715e, 0x51106ebd, 
+     0xf98a213e, 0x3d06dd96, 0xae053edd, 0x46bde64d, 0xb58d5491, 
+     0x055dc471, 0x6fd40604, 0xff155060, 0x24fb9819, 0x97e9bdd6, 
+     0xcc434089, 0x779ed967, 0xbd42e8b0, 0x888b8907, 0x385b19e7, 
+     0xdbeec879, 0x470a7ca1, 0xe90f427c, 0xc91e84f8, 0x00000000, 
+     0x83868009, 0x48ed2b32, 0xac70111e, 0x4e725a6c, 0xfbff0efd, 
+     0x5638850f, 0x1ed5ae3d, 0x27392d36, 0x64d90f0a, 0x21a65c68, 
+     0xd1545b9b, 0x3a2e3624, 0xb1670a0c, 0x0fe75793, 0xd296eeb4, 
+     0x9e919b1b, 0x4fc5c080, 0xa220dc61, 0x694b775a, 0x161a121c, 
+     0x0aba93e2, 0xe52aa0c0, 0x43e0223c, 0x1d171b12, 0x0b0d090e, 
+     0xadc78bf2, 0xb9a8b62d, 0xc8a91e14, 0x8519f157, 0x4c0775af, 
+     0xbbdd99ee, 0xfd607fa3, 0x9f2601f7, 0xbcf5725c, 0xc53b6644, 
+     0x347efb5b, 0x7629438b, 0xdcc623cb, 0x68fcedb6, 0x63f1e4b8, 
+     0xcadc31d7, 0x10856342, 0x40229713, 0x2011c684, 0x7d244a85, 
+     0xf83dbbd2, 0x1132f9ae, 0x6da129c7, 0x4b2f9e1d, 0xf330b2dc, 
+     0xec52860d, 0xd0e3c177, 0x6c16b32b, 0x99b970a9, 0xfa489411, 
+     0x2264e947, 0xc48cfca8, 0x1a3ff0a0, 0xd82c7d56, 0xef903322, 
+     0xc74e4987, 0xc1d138d9, 0xfea2ca8c, 0x360bd498, 0xcf81f5a6, 
+     0x28de7aa5, 0x268eb7da, 0xa4bfad3f, 0xe49d3a2c, 0x0d927850, 
+     0x9bcc5f6a, 0x62467e54, 0xc2138df6, 0xe8b8d890, 0x5ef7392e, 
+     0xf5afc382, 0xbe805d9f, 0x7c93d069, 0xa92dd56f, 0xb31225cf, 
+     0x3b99acc8, 0xa77d1810, 0x6e639ce8, 0x7bbb3bdb, 0x097826cd, 
+     0xf418596e, 0x01b79aec, 0xa89a4f83, 0x656e95e6, 0x7ee6ffaa, 
+     0x08cfbc21, 0xe6e815ef, 0xd99be7ba, 0xce366f4a, 0xd4099fea, 
+     0xd67cb029, 0xafb2a431, 0x31233f2a, 0x3094a5c6, 0xc066a235, 
+     0x37bc4e74, 0xa6ca82fc, 0xb0d090e0, 0x15d8a733, 0x4a9804f1, 
+     0xf7daec41, 0x0e50cd7f, 0x2ff69117, 0x8dd64d76, 0x4db0ef43, 
+     0x544daacc, 0xdf0496e4, 0xe3b5d19e, 0x1b886a4c, 0xb81f2cc1, 
+     0x7f516546, 0x04ea5e9d, 0x5d358c01, 0x737487fa, 0x2e410bfb, 
+     0x5a1d67b3, 0x52d2db92, 0x335610e9, 0x1347d66d, 0x8c61d79a, 
+     0x7a0ca137, 0x8e14f859, 0x893c13eb, 0xee27a9ce, 0x35c961b7, 
+     0xede51ce1, 0x3cb1477a, 0x59dfd29c, 0x3f73f255, 0x79ce1418, 
+     0xbf37c773, 0xeacdf753, 0x5baafd5f, 0x146f3ddf, 0x86db4478, 
+     0x81f3afca, 0x3ec468b9, 0x2c342438, 0x5f40a3c2, 0x72c31d16, 
+     0x0c25e2bc, 0x8b493c28, 0x41950dff, 0x7101a839, 0xdeb30c08, 
+     0x9ce4b4d8, 0x90c15664, 0x6184cb7b, 0x70b632d5, 0x745c6c48, 
+     0x4257b8d0, 
+
+     // Tinv1
+     0xa7f45150, 0x65417e53, 0xa4171ac3, 0x5e273a96, 0x6bab3bcb, 
+     0x459d1ff1, 0x58faacab, 0x03e34b93, 0xfa302055, 0x6d76adf6, 
+     0x76cc8891, 0x4c02f525, 0xd7e54ffc, 0xcb2ac5d7, 0x44352680, 
+     0xa362b58f, 0x5ab1de49, 0x1bba2567, 0x0eea4598, 0xc0fe5de1, 
+     0x752fc302, 0xf04c8112, 0x97468da3, 0xf9d36bc6, 0x5f8f03e7, 
+     0x9c921595, 0x7a6dbfeb, 0x595295da, 0x83bed42d, 0x217458d3, 
+     0x69e04929, 0xc8c98e44, 0x89c2756a, 0x798ef478, 0x3e58996b, 
+     0x71b927dd, 0x4fe1beb6, 0xad88f017, 0xac20c966, 0x3ace7db4, 
+     0x4adf6318, 0x311ae582, 0x33519760, 0x7f536245, 0x7764b1e0, 
+     0xae6bbb84, 0xa081fe1c, 0x2b08f994, 0x68487058, 0xfd458f19, 
+     0x6cde9487, 0xf87b52b7, 0xd373ab23, 0x024b72e2, 0x8f1fe357, 
+     0xab55662a, 0x28ebb207, 0xc2b52f03, 0x7bc5869a, 0x0837d3a5, 
+     0x872830f2, 0xa5bf23b2, 0x6a0302ba, 0x8216ed5c, 0x1ccf8a2b, 
+     0xb479a792, 0xf207f3f0, 0xe2694ea1, 0xf4da65cd, 0xbe0506d5, 
+     0x6234d11f, 0xfea6c48a, 0x532e349d, 0x55f3a2a0, 0xe18a0532, 
+     0xebf6a475, 0xec830b39, 0xef6040aa, 0x9f715e06, 0x106ebd51, 
+     0x8a213ef9, 0x06dd963d, 0x053eddae, 0xbde64d46, 0x8d5491b5, 
+     0x5dc47105, 0xd406046f, 0x155060ff, 0xfb981924, 0xe9bdd697, 
+     0x434089cc, 0x9ed96777, 0x42e8b0bd, 0x8b890788, 0x5b19e738, 
+     0xeec879db, 0x0a7ca147, 0x0f427ce9, 0x1e84f8c9, 0x00000000, 
+     0x86800983, 0xed2b3248, 0x70111eac, 0x725a6c4e, 0xff0efdfb, 
+     0x38850f56, 0xd5ae3d1e, 0x392d3627, 0xd90f0a64, 0xa65c6821, 
+     0x545b9bd1, 0x2e36243a, 0x670a0cb1, 0xe757930f, 0x96eeb4d2, 
+     0x919b1b9e, 0xc5c0804f, 0x20dc61a2, 0x4b775a69, 0x1a121c16, 
+     0xba93e20a, 0x2aa0c0e5, 0xe0223c43, 0x171b121d, 0x0d090e0b, 
+     0xc78bf2ad, 0xa8b62db9, 0xa91e14c8, 0x19f15785, 0x0775af4c, 
+     0xdd99eebb, 0x607fa3fd, 0x2601f79f, 0xf5725cbc, 0x3b6644c5, 
+     0x7efb5b34, 0x29438b76, 0xc623cbdc, 0xfcedb668, 0xf1e4b863, 
+     0xdc31d7ca, 0x85634210, 0x22971340, 0x11c68420, 0x244a857d, 
+     0x3dbbd2f8, 0x32f9ae11, 0xa129c76d, 0x2f9e1d4b, 0x30b2dcf3, 
+     0x52860dec, 0xe3c177d0, 0x16b32b6c, 0xb970a999, 0x489411fa, 
+     0x64e94722, 0x8cfca8c4, 0x3ff0a01a, 0x2c7d56d8, 0x903322ef, 
+     0x4e4987c7, 0xd138d9c1, 0xa2ca8cfe, 0x0bd49836, 0x81f5a6cf, 
+     0xde7aa528, 0x8eb7da26, 0xbfad3fa4, 0x9d3a2ce4, 0x9278500d, 
+     0xcc5f6a9b, 0x467e5462, 0x138df6c2, 0xb8d890e8, 0xf7392e5e, 
+     0xafc382f5, 0x805d9fbe, 0x93d0697c, 0x2dd56fa9, 0x1225cfb3, 
+     0x99acc83b, 0x7d1810a7, 0x639ce86e, 0xbb3bdb7b, 0x7826cd09, 
+     0x18596ef4, 0xb79aec01, 0x9a4f83a8, 0x6e95e665, 0xe6ffaa7e, 
+     0xcfbc2108, 0xe815efe6, 0x9be7bad9, 0x366f4ace, 0x099fead4, 
+     0x7cb029d6, 0xb2a431af, 0x233f2a31, 0x94a5c630, 0x66a235c0, 
+     0xbc4e7437, 0xca82fca6, 0xd090e0b0, 0xd8a73315, 0x9804f14a, 
+     0xdaec41f7, 0x50cd7f0e, 0xf691172f, 0xd64d768d, 0xb0ef434d, 
+     0x4daacc54, 0x0496e4df, 0xb5d19ee3, 0x886a4c1b, 0x1f2cc1b8, 
+     0x5165467f, 0xea5e9d04, 0x358c015d, 0x7487fa73, 0x410bfb2e, 
+     0x1d67b35a, 0xd2db9252, 0x5610e933, 0x47d66d13, 0x61d79a8c, 
+     0x0ca1377a, 0x14f8598e, 0x3c13eb89, 0x27a9ceee, 0xc961b735, 
+     0xe51ce1ed, 0xb1477a3c, 0xdfd29c59, 0x73f2553f, 0xce141879, 
+     0x37c773bf, 0xcdf753ea, 0xaafd5f5b, 0x6f3ddf14, 0xdb447886, 
+     0xf3afca81, 0xc468b93e, 0x3424382c, 0x40a3c25f, 0xc31d1672, 
+     0x25e2bc0c, 0x493c288b, 0x950dff41, 0x01a83971, 0xb30c08de, 
+     0xe4b4d89c, 0xc1566490, 0x84cb7b61, 0xb632d570, 0x5c6c4874, 
+     0x57b8d042, 
+
+     // Tinv2
+     0xf45150a7, 0x417e5365, 0x171ac3a4, 0x273a965e, 0xab3bcb6b, 
+     0x9d1ff145, 0xfaacab58, 0xe34b9303, 0x302055fa, 0x76adf66d, 
+     0xcc889176, 0x02f5254c, 0xe54ffcd7, 0x2ac5d7cb, 0x35268044, 
+     0x62b58fa3, 0xb1de495a, 0xba25671b, 0xea45980e, 0xfe5de1c0, 
+     0x2fc30275, 0x4c8112f0, 0x468da397, 0xd36bc6f9, 0x8f03e75f, 
+     0x9215959c, 0x6dbfeb7a, 0x5295da59, 0xbed42d83, 0x7458d321, 
+     0xe0492969, 0xc98e44c8, 0xc2756a89, 0x8ef47879, 0x58996b3e, 
+     0xb927dd71, 0xe1beb64f, 0x88f017ad, 0x20c966ac, 0xce7db43a, 
+     0xdf63184a, 0x1ae58231, 0x51976033, 0x5362457f, 0x64b1e077, 
+     0x6bbb84ae, 0x81fe1ca0, 0x08f9942b, 0x48705868, 0x458f19fd, 
+     0xde94876c, 0x7b52b7f8, 0x73ab23d3, 0x4b72e202, 0x1fe3578f, 
+     0x55662aab, 0xebb20728, 0xb52f03c2, 0xc5869a7b, 0x37d3a508, 
+     0x2830f287, 0xbf23b2a5, 0x0302ba6a, 0x16ed5c82, 0xcf8a2b1c, 
+     0x79a792b4, 0x07f3f0f2, 0x694ea1e2, 0xda65cdf4, 0x0506d5be, 
+     0x34d11f62, 0xa6c48afe, 0x2e349d53, 0xf3a2a055, 0x8a0532e1, 
+     0xf6a475eb, 0x830b39ec, 0x6040aaef, 0x715e069f, 0x6ebd5110, 
+     0x213ef98a, 0xdd963d06, 0x3eddae05, 0xe64d46bd, 0x5491b58d, 
+     0xc471055d, 0x06046fd4, 0x5060ff15, 0x981924fb, 0xbdd697e9, 
+     0x4089cc43, 0xd967779e, 0xe8b0bd42, 0x8907888b, 0x19e7385b, 
+     0xc879dbee, 0x7ca1470a, 0x427ce90f, 0x84f8c91e, 0x00000000, 
+     0x80098386, 0x2b3248ed, 0x111eac70, 0x5a6c4e72, 0x0efdfbff, 
+     0x850f5638, 0xae3d1ed5, 0x2d362739, 0x0f0a64d9, 0x5c6821a6, 
+     0x5b9bd154, 0x36243a2e, 0x0a0cb167, 0x57930fe7, 0xeeb4d296, 
+     0x9b1b9e91, 0xc0804fc5, 0xdc61a220, 0x775a694b, 0x121c161a, 
+     0x93e20aba, 0xa0c0e52a, 0x223c43e0, 0x1b121d17, 0x090e0b0d, 
+     0x8bf2adc7, 0xb62db9a8, 0x1e14c8a9, 0xf1578519, 0x75af4c07, 
+     0x99eebbdd, 0x7fa3fd60, 0x01f79f26, 0x725cbcf5, 0x6644c53b, 
+     0xfb5b347e, 0x438b7629, 0x23cbdcc6, 0xedb668fc, 0xe4b863f1, 
+     0x31d7cadc, 0x63421085, 0x97134022, 0xc6842011, 0x4a857d24, 
+     0xbbd2f83d, 0xf9ae1132, 0x29c76da1, 0x9e1d4b2f, 0xb2dcf330, 
+     0x860dec52, 0xc177d0e3, 0xb32b6c16, 0x70a999b9, 0x9411fa48, 
+     0xe9472264, 0xfca8c48c, 0xf0a01a3f, 0x7d56d82c, 0x3322ef90, 
+     0x4987c74e, 0x38d9c1d1, 0xca8cfea2, 0xd498360b, 0xf5a6cf81, 
+     0x7aa528de, 0xb7da268e, 0xad3fa4bf, 0x3a2ce49d, 0x78500d92, 
+     0x5f6a9bcc, 0x7e546246, 0x8df6c213, 0xd890e8b8, 0x392e5ef7, 
+     0xc382f5af, 0x5d9fbe80, 0xd0697c93, 0xd56fa92d, 0x25cfb312, 
+     0xacc83b99, 0x1810a77d, 0x9ce86e63, 0x3bdb7bbb, 0x26cd0978, 
+     0x596ef418, 0x9aec01b7, 0x4f83a89a, 0x95e6656e, 0xffaa7ee6, 
+     0xbc2108cf, 0x15efe6e8, 0xe7bad99b, 0x6f4ace36, 0x9fead409, 
+     0xb029d67c, 0xa431afb2, 0x3f2a3123, 0xa5c63094, 0xa235c066, 
+     0x4e7437bc, 0x82fca6ca, 0x90e0b0d0, 0xa73315d8, 0x04f14a98, 
+     0xec41f7da, 0xcd7f0e50, 0x91172ff6, 0x4d768dd6, 0xef434db0, 
+     0xaacc544d, 0x96e4df04, 0xd19ee3b5, 0x6a4c1b88, 0x2cc1b81f, 
+     0x65467f51, 0x5e9d04ea, 0x8c015d35, 0x87fa7374, 0x0bfb2e41, 
+     0x67b35a1d, 0xdb9252d2, 0x10e93356, 0xd66d1347, 0xd79a8c61, 
+     0xa1377a0c, 0xf8598e14, 0x13eb893c, 0xa9ceee27, 0x61b735c9, 
+     0x1ce1ede5, 0x477a3cb1, 0xd29c59df, 0xf2553f73, 0x141879ce, 
+     0xc773bf37, 0xf753eacd, 0xfd5f5baa, 0x3ddf146f, 0x447886db, 
+     0xafca81f3, 0x68b93ec4, 0x24382c34, 0xa3c25f40, 0x1d1672c3, 
+     0xe2bc0c25, 0x3c288b49, 0x0dff4195, 0xa8397101, 0x0c08deb3, 
+     0xb4d89ce4, 0x566490c1, 0xcb7b6184, 0x32d570b6, 0x6c48745c, 
+     0xb8d04257, 
+
+     // Tinv3
+     0x5150a7f4, 0x7e536541, 0x1ac3a417, 0x3a965e27, 0x3bcb6bab, 
+     0x1ff1459d, 0xacab58fa, 0x4b9303e3, 0x2055fa30, 0xadf66d76, 
+     0x889176cc, 0xf5254c02, 0x4ffcd7e5, 0xc5d7cb2a, 0x26804435, 
+     0xb58fa362, 0xde495ab1, 0x25671bba, 0x45980eea, 0x5de1c0fe, 
+     0xc302752f, 0x8112f04c, 0x8da39746, 0x6bc6f9d3, 0x03e75f8f, 
+     0x15959c92, 0xbfeb7a6d, 0x95da5952, 0xd42d83be, 0x58d32174, 
+     0x492969e0, 0x8e44c8c9, 0x756a89c2, 0xf478798e, 0x996b3e58, 
+     0x27dd71b9, 0xbeb64fe1, 0xf017ad88, 0xc966ac20, 0x7db43ace, 
+     0x63184adf, 0xe582311a, 0x97603351, 0x62457f53, 0xb1e07764, 
+     0xbb84ae6b, 0xfe1ca081, 0xf9942b08, 0x70586848, 0x8f19fd45, 
+     0x94876cde, 0x52b7f87b, 0xab23d373, 0x72e2024b, 0xe3578f1f, 
+     0x662aab55, 0xb20728eb, 0x2f03c2b5, 0x869a7bc5, 0xd3a50837, 
+     0x30f28728, 0x23b2a5bf, 0x02ba6a03, 0xed5c8216, 0x8a2b1ccf, 
+     0xa792b479, 0xf3f0f207, 0x4ea1e269, 0x65cdf4da, 0x06d5be05, 
+     0xd11f6234, 0xc48afea6, 0x349d532e, 0xa2a055f3, 0x0532e18a, 
+     0xa475ebf6, 0x0b39ec83, 0x40aaef60, 0x5e069f71, 0xbd51106e, 
+     0x3ef98a21, 0x963d06dd, 0xddae053e, 0x4d46bde6, 0x91b58d54, 
+     0x71055dc4, 0x046fd406, 0x60ff1550, 0x1924fb98, 0xd697e9bd, 
+     0x89cc4340, 0x67779ed9, 0xb0bd42e8, 0x07888b89, 0xe7385b19, 
+     0x79dbeec8, 0xa1470a7c, 0x7ce90f42, 0xf8c91e84, 0x00000000, 
+     0x09838680, 0x3248ed2b, 0x1eac7011, 0x6c4e725a, 0xfdfbff0e, 
+     0x0f563885, 0x3d1ed5ae, 0x3627392d, 0x0a64d90f, 0x6821a65c, 
+     0x9bd1545b, 0x243a2e36, 0x0cb1670a, 0x930fe757, 0xb4d296ee, 
+     0x1b9e919b, 0x804fc5c0, 0x61a220dc, 0x5a694b77, 0x1c161a12, 
+     0xe20aba93, 0xc0e52aa0, 0x3c43e022, 0x121d171b, 0x0e0b0d09, 
+     0xf2adc78b, 0x2db9a8b6, 0x14c8a91e, 0x578519f1, 0xaf4c0775, 
+     0xeebbdd99, 0xa3fd607f, 0xf79f2601, 0x5cbcf572, 0x44c53b66, 
+     0x5b347efb, 0x8b762943, 0xcbdcc623, 0xb668fced, 0xb863f1e4, 
+     0xd7cadc31, 0x42108563, 0x13402297, 0x842011c6, 0x857d244a, 
+     0xd2f83dbb, 0xae1132f9, 0xc76da129, 0x1d4b2f9e, 0xdcf330b2, 
+     0x0dec5286, 0x77d0e3c1, 0x2b6c16b3, 0xa999b970, 0x11fa4894, 
+     0x472264e9, 0xa8c48cfc, 0xa01a3ff0, 0x56d82c7d, 0x22ef9033, 
+     0x87c74e49, 0xd9c1d138, 0x8cfea2ca, 0x98360bd4, 0xa6cf81f5, 
+     0xa528de7a, 0xda268eb7, 0x3fa4bfad, 0x2ce49d3a, 0x500d9278, 
+     0x6a9bcc5f, 0x5462467e, 0xf6c2138d, 0x90e8b8d8, 0x2e5ef739, 
+     0x82f5afc3, 0x9fbe805d, 0x697c93d0, 0x6fa92dd5, 0xcfb31225, 
+     0xc83b99ac, 0x10a77d18, 0xe86e639c, 0xdb7bbb3b, 0xcd097826, 
+     0x6ef41859, 0xec01b79a, 0x83a89a4f, 0xe6656e95, 0xaa7ee6ff, 
+     0x2108cfbc, 0xefe6e815, 0xbad99be7, 0x4ace366f, 0xead4099f, 
+     0x29d67cb0, 0x31afb2a4, 0x2a31233f, 0xc63094a5, 0x35c066a2, 
+     0x7437bc4e, 0xfca6ca82, 0xe0b0d090, 0x3315d8a7, 0xf14a9804, 
+     0x41f7daec, 0x7f0e50cd, 0x172ff691, 0x768dd64d, 0x434db0ef, 
+     0xcc544daa, 0xe4df0496, 0x9ee3b5d1, 0x4c1b886a, 0xc1b81f2c, 
+     0x467f5165, 0x9d04ea5e, 0x015d358c, 0xfa737487, 0xfb2e410b, 
+     0xb35a1d67, 0x9252d2db, 0xe9335610, 0x6d1347d6, 0x9a8c61d7, 
+     0x377a0ca1, 0x598e14f8, 0xeb893c13, 0xceee27a9, 0xb735c961, 
+     0xe1ede51c, 0x7a3cb147, 0x9c59dfd2, 0x553f73f2, 0x1879ce14, 
+     0x73bf37c7, 0x53eacdf7, 0x5f5baafd, 0xdf146f3d, 0x7886db44, 
+     0xca81f3af, 0xb93ec468, 0x382c3424, 0xc25f40a3, 0x1672c31d, 
+     0xbc0c25e2, 0x288b493c, 0xff41950d, 0x397101a8, 0x08deb30c, 
+     0xd89ce4b4, 0x6490c156, 0x7b6184cb, 0xd570b632, 0x48745c6c, 
+     0xd04257b8};
+
+    private static int shift(int r, int shift)
+    {
+        return (r >>> shift) | (r << -shift);
+    }
+
+    /* multiply four bytes in GF(2^8) by 'x' {02} in parallel */
+
+    private static final int m1 = 0x80808080;
+    private static final int m2 = 0x7f7f7f7f;
+    private static final int m3 = 0x0000001b;
+    private static final int m4 = 0xC0C0C0C0;
+    private static final int m5 = 0x3f3f3f3f;
+
+    private static int FFmulX(int x)
+    {
+        return (((x & m2) << 1) ^ (((x & m1) >>> 7) * m3));
+    }
+
+    private static int FFmulX2(int x)
+    {
+        int t0  = (x & m5) << 2;
+        int t1  = (x & m4);
+            t1 ^= (t1 >>> 1);
+        return t0 ^ (t1 >>> 2) ^ (t1 >>> 5);
+    }
+
+    /* 
+       The following defines provide alternative definitions of FFmulX that might
+       give improved performance if a fast 32-bit multiply is not available.
+       
+       private int FFmulX(int x) { int u = x & m1; u |= (u >> 1); return ((x & m2) << 1) ^ ((u >>> 3) | (u >>> 6)); } 
+       private static final int  m4 = 0x1b1b1b1b;
+       private int FFmulX(int x) { int u = x & m1; return ((x & m2) << 1) ^ ((u - (u >>> 7)) & m4); } 
+
+    */
+
+    private static int inv_mcol(int x)
+    {
+        int t0, t1;
+        t0  = x;
+        t1  = t0 ^ shift(t0, 8);
+        t0 ^= FFmulX(t1);
+        t1 ^= FFmulX2(t0);
+        t0 ^= t1 ^ shift(t1, 16);
+        return t0;
+    }
+
+    private static int subWord(int x)
+    {
+        int i0 = x, i1 = x >>> 8, i2 = x >>> 16, i3 = x >>> 24;
+        i0 = S[i0 & 255] & 255; i1 = S[i1 & 255] & 255; i2 = S[i2 & 255] & 255; i3 = S[i3 & 255] & 255;
+        return i0 | i1 << 8 | i2 << 16 | i3 << 24;
+    }
+
+    /**
+     * Calculate the necessary round keys
+     * The number of calculations depends on key size and block size
+     * AES specified a fixed block size of 128 bits and key sizes 128/192/256 bits
+     * This code is written assuming those are the only possible values
+     */
+    private int[][] generateWorkingKey(byte[] key, boolean forEncryption)
+    {
+        int keyLen = key.length;
+        if (keyLen < 16 || keyLen > 32 || (keyLen & 7) != 0)
+        {
+            throw new IllegalArgumentException("Key length not 128/192/256 bits.");
+        }
+
+        int KC = keyLen >>> 2;
+        ROUNDS = KC + 6;  // This is not always true for the generalized Rijndael that allows larger block sizes
+        int[][] W = new int[ROUNDS+1][4];   // 4 words in a block
+
+        switch (KC)
+        {
+        case 4:
+        {
+            int t0 = Pack.littleEndianToInt(key,  0); W[0][0] = t0;
+            int t1 = Pack.littleEndianToInt(key,  4); W[0][1] = t1;
+            int t2 = Pack.littleEndianToInt(key,  8); W[0][2] = t2;
+            int t3 = Pack.littleEndianToInt(key, 12); W[0][3] = t3;
+
+            for (int i = 1; i <= 10; ++i)
+            {
+                int u = subWord(shift(t3, 8)) ^ rcon[i - 1];
+                t0 ^= u;  W[i][0] = t0;
+                t1 ^= t0; W[i][1] = t1;
+                t2 ^= t1; W[i][2] = t2;
+                t3 ^= t2; W[i][3] = t3;
+            }
+
+            break;
+        }
+        case 6:
+        {
+            int t0 = Pack.littleEndianToInt(key,  0); W[0][0] = t0;
+            int t1 = Pack.littleEndianToInt(key,  4); W[0][1] = t1;
+            int t2 = Pack.littleEndianToInt(key,  8); W[0][2] = t2;
+            int t3 = Pack.littleEndianToInt(key, 12); W[0][3] = t3;
+            int t4 = Pack.littleEndianToInt(key, 16); W[1][0] = t4;
+            int t5 = Pack.littleEndianToInt(key, 20); W[1][1] = t5;
+
+            int rcon = 1;
+            int u = subWord(shift(t5, 8)) ^ rcon; rcon <<= 1;
+            t0 ^= u;  W[1][2] = t0;
+            t1 ^= t0; W[1][3] = t1;
+            t2 ^= t1; W[2][0] = t2;
+            t3 ^= t2; W[2][1] = t3;
+            t4 ^= t3; W[2][2] = t4;
+            t5 ^= t4; W[2][3] = t5;
+
+            for (int i = 3; i < 12; i += 3)
+            {
+                u = subWord(shift(t5, 8)) ^ rcon; rcon <<= 1;
+                t0 ^= u;  W[i    ][0] = t0;
+                t1 ^= t0; W[i    ][1] = t1;
+                t2 ^= t1; W[i    ][2] = t2;
+                t3 ^= t2; W[i    ][3] = t3;
+                t4 ^= t3; W[i + 1][0] = t4;
+                t5 ^= t4; W[i + 1][1] = t5;
+                u = subWord(shift(t5, 8)) ^ rcon; rcon <<= 1;
+                t0 ^= u;  W[i + 1][2] = t0;
+                t1 ^= t0; W[i + 1][3] = t1;
+                t2 ^= t1; W[i + 2][0] = t2;
+                t3 ^= t2; W[i + 2][1] = t3;
+                t4 ^= t3; W[i + 2][2] = t4;
+                t5 ^= t4; W[i + 2][3] = t5;
+            }
+
+            u = subWord(shift(t5, 8)) ^ rcon;
+            t0 ^= u;  W[12][0] = t0;
+            t1 ^= t0; W[12][1] = t1;
+            t2 ^= t1; W[12][2] = t2;
+            t3 ^= t2; W[12][3] = t3;
+
+            break;
+        }
+        case 8:
+        {
+            int t0 = Pack.littleEndianToInt(key,  0); W[0][0] = t0;
+            int t1 = Pack.littleEndianToInt(key,  4); W[0][1] = t1;
+            int t2 = Pack.littleEndianToInt(key,  8); W[0][2] = t2;
+            int t3 = Pack.littleEndianToInt(key, 12); W[0][3] = t3;
+            int t4 = Pack.littleEndianToInt(key, 16); W[1][0] = t4;
+            int t5 = Pack.littleEndianToInt(key, 20); W[1][1] = t5;
+            int t6 = Pack.littleEndianToInt(key, 24); W[1][2] = t6;
+            int t7 = Pack.littleEndianToInt(key, 28); W[1][3] = t7;
+
+            int u, rcon = 1;
+
+            for (int i = 2; i < 14; i += 2)
+            {
+                u = subWord(shift(t7, 8)) ^ rcon; rcon <<= 1;
+                t0 ^= u;  W[i    ][0] = t0;
+                t1 ^= t0; W[i    ][1] = t1;
+                t2 ^= t1; W[i    ][2] = t2;
+                t3 ^= t2; W[i    ][3] = t3;
+                u = subWord(t3);
+                t4 ^= u;  W[i + 1][0] = t4;
+                t5 ^= t4; W[i + 1][1] = t5;
+                t6 ^= t5; W[i + 1][2] = t6;
+                t7 ^= t6; W[i + 1][3] = t7;
+            }
+
+            u = subWord(shift(t7, 8)) ^ rcon;
+            t0 ^= u;  W[14][0] = t0;
+            t1 ^= t0; W[14][1] = t1;
+            t2 ^= t1; W[14][2] = t2;
+            t3 ^= t2; W[14][3] = t3;
+
+            break;
+        }
+        default:
+        {
+            throw new IllegalStateException("Should never get here");
+        }
+        }
+
+        if (!forEncryption)
+        {
+            for (int j = 1; j < ROUNDS; j++)
+            {
+                for (int i = 0; i < 4; i++)
+                {
+                    W[j][i] = inv_mcol(W[j][i]);
+                }
+            }
+        }
+
+        return W;
+    }
+
+    private int         ROUNDS;
+    private int[][]     WorkingKey = null;
+    private int         C0, C1, C2, C3;
+    private boolean     forEncryption;
+
+    private static final int BLOCK_SIZE = 16;
+
+    /**
+     * default constructor - 128 bit block size.
+     */
+    public AESFastEngine()
+    {
+    }
+
+    /**
+     * initialise an AES cipher.
+     *
+     * @param forEncryption whether or not we are for encryption.
+     * @param params the parameters required to set up the cipher.
+     * @exception IllegalArgumentException if the params argument is
+     * inappropriate.
+     */
+    public void init(
+        boolean           forEncryption,
+        CipherParameters  params)
+    {
+        if (params instanceof KeyParameter)
+        {
+            WorkingKey = generateWorkingKey(((KeyParameter)params).getKey(), forEncryption);
+            this.forEncryption = forEncryption;
+            return;
+        }
+
+        throw new IllegalArgumentException("invalid parameter passed to AES init - " + params.getClass().getName());
+    }
+
+    public String getAlgorithmName()
+    {
+        return "AES";
+    }
+
+    public int getBlockSize()
+    {
+        return BLOCK_SIZE;
+    }
+
+    public int processBlock(
+        byte[] in,
+        int inOff,
+        byte[] out,
+        int outOff)
+    {
+        if (WorkingKey == null)
+        {
+            throw new IllegalStateException("AES engine not initialised");
+        }
+
+        if ((inOff + (32 / 2)) > in.length)
+        {
+            throw new DataLengthException("input buffer too short");
+        }
+
+        if ((outOff + (32 / 2)) > out.length)
+        {
+            throw new OutputLengthException("output buffer too short");
+        }
+
+        unpackBlock(in, inOff);
+
+        if (forEncryption)
+        {
+            encryptBlock(WorkingKey);
+        }
+        else
+        {
+            decryptBlock(WorkingKey);
+        }
+
+        packBlock(out, outOff);
+
+        return BLOCK_SIZE;
+    }
+
+    public void reset()
+    {
+    }
+
+    private void unpackBlock(byte[] bytes, int off)
+    {
+        this.C0 = Pack.littleEndianToInt(bytes, off);
+        this.C1 = Pack.littleEndianToInt(bytes, off + 4);
+        this.C2 = Pack.littleEndianToInt(bytes, off + 8);
+        this.C3 = Pack.littleEndianToInt(bytes, off + 12);
+    }
+
+    private void packBlock(byte[] bytes, int off)
+    {
+        Pack.intToLittleEndian(this.C0, bytes, off);
+        Pack.intToLittleEndian(this.C1, bytes, off + 4);
+        Pack.intToLittleEndian(this.C2, bytes, off + 8);
+        Pack.intToLittleEndian(this.C3, bytes, off + 12);
+    }
+
+    private void encryptBlock(int[][] KW)
+    {
+        int t0 = this.C0 ^ KW[0][0];
+        int t1 = this.C1 ^ KW[0][1];
+        int t2 = this.C2 ^ KW[0][2];
+
+        /*
+         * Fast engine has precomputed rotr(T0, 8/16/24) tables T1/T2/T3.
+         *
+         * Placing all precomputes in one array requires offsets additions for 8/16/24 rotations but
+         * avoids additional array range checks on 3 more arrays (which on HotSpot are more
+         * expensive than the offset additions).
+         */
+        int r = 1, r0, r1, r2, r3 = this.C3 ^ KW[0][3];
+        int i0, i1, i2, i3;
+
+        while (r < ROUNDS - 1)
+        {
+            i0 = t0; i1 = t1 >>> 8; i2 = t2 >>> 16; i3 = r3 >>> 24;
+            i0 &= 255; i1 &= 255; i2 &= 255; i3 &= 255;
+            r0 = T[i0] ^ T[256 + i1] ^ T[512 + i2] ^ T[768 + i3] ^ KW[r][0];
+
+            i0 = t1; i1 = t2 >>> 8; i2 = r3 >>> 16; i3 = t0 >>> 24;
+            i0 &= 255; i1 &= 255; i2 &= 255; i3 &= 255;
+            r1 = T[i0] ^ T[256 + i1] ^ T[512 + i2] ^ T[768 + i3] ^ KW[r][1];
+
+            i0 = t2; i1 = r3 >>> 8; i2 = t0 >>> 16; i3 = t1 >>> 24;
+            i0 &= 255; i1 &= 255; i2 &= 255; i3 &= 255;
+            r2 = T[i0] ^ T[256 + i1] ^ T[512 + i2] ^ T[768 + i3] ^ KW[r][2];
+
+            i0 = r3; i1 = t0 >>> 8; i2 = t1 >>> 16; i3 = t2 >>> 24;
+            i0 &= 255; i1 &= 255; i2 &= 255; i3 &= 255;
+            r3 = T[i0] ^ T[256 + i1] ^ T[512 + i2] ^ T[768 + i3] ^ KW[r++][3];
+
+            i0 = r0; i1 = r1 >>> 8; i2 = r2 >>> 16; i3 = r3 >>> 24;
+            i0 &= 255; i1 &= 255; i2 &= 255; i3 &= 255;
+            t0 = T[i0] ^ T[256 + i1] ^ T[512 + i2] ^ T[768 + i3] ^ KW[r][0];
+
+            i0 = r1; i1 = r2 >>> 8; i2 = r3 >>> 16; i3 = r0 >>> 24;
+            i0 &= 255; i1 &= 255; i2 &= 255; i3 &= 255;
+            t1 = T[i0] ^ T[256 + i1] ^ T[512 + i2] ^ T[768 + i3] ^ KW[r][1];
+
+            i0 = r2; i1 = r3 >>> 8; i2 = r0 >>> 16; i3 = r1 >>> 24;
+            i0 &= 255; i1 &= 255; i2 &= 255; i3 &= 255;
+            t2 = T[i0] ^ T[256 + i1] ^ T[512 + i2] ^ T[768 + i3] ^ KW[r][2];
+
+            i0 = r3; i1 = r0 >>> 8; i2 = r1 >>> 16; i3 = r2 >>> 24;
+            i0 &= 255; i1 &= 255; i2 &= 255; i3 &= 255;
+            r3 = T[i0] ^ T[256 + i1] ^ T[512 + i2] ^ T[768 + i3] ^ KW[r++][3];
+        }
+
+        i0 = t0; i1 = t1 >>> 8; i2 = t2 >>> 16; i3 = r3 >>> 24;
+        i0 &= 255; i1 &= 255; i2 &= 255; i3 &= 255;
+        r0 = T[i0] ^ T[256 + i1] ^ T[512 + i2] ^ T[768 + i3] ^ KW[r][0];
+
+        i0 = t1; i1 = t2 >>> 8; i2 = r3 >>> 16; i3 = t0 >>> 24;
+        i0 &= 255; i1 &= 255; i2 &= 255; i3 &= 255;
+        r1 = T[i0] ^ T[256 + i1] ^ T[512 + i2] ^ T[768 + i3] ^ KW[r][1];
+
+        i0 = t2; i1 = r3 >>> 8; i2 = t0 >>> 16; i3 = t1 >>> 24;
+        i0 &= 255; i1 &= 255; i2 &= 255; i3 &= 255;
+        r2 = T[i0] ^ T[256 + i1] ^ T[512 + i2] ^ T[768 + i3] ^ KW[r][2];
+
+        i0 = r3; i1 = t0 >>> 8; i2 = t1 >>> 16; i3 = t2 >>> 24;
+        i0 &= 255; i1 &= 255; i2 &= 255; i3 &= 255;
+        r3 = T[i0] ^ T[256 + i1] ^ T[512 + i2] ^ T[768 + i3] ^ KW[r++][3];
+
+        // the final round's table is a simple function of S so we don't use a whole other four tables for it
+
+        i0 = r0; i1 = r1 >>> 8; i2 = r2 >>> 16; i3 = r3 >>> 24;
+        i0 = S[i0 & 255] & 255; i1 = S[i1 & 255] & 255; i2 = S[i2 & 255] & 255; i3 = S[i3 & 255] & 255;
+        this.C0 = i0 ^ i1 << 8 ^ i2 << 16 ^ i3 << 24 ^ KW[r][0];
+
+        i0 = r1; i1 = r2 >>> 8; i2 = r3 >>> 16; i3 = r0 >>> 24;
+        i0 = S[i0 & 255] & 255; i1 = S[i1 & 255] & 255; i2 = S[i2 & 255] & 255; i3 = S[i3 & 255] & 255;
+        this.C1 = i0 ^ i1 << 8 ^ i2 << 16 ^ i3 << 24 ^ KW[r][1];
+
+        i0 = r2; i1 = r3 >>> 8; i2 = r0 >>> 16; i3 = r1 >>> 24;
+        i0 = S[i0 & 255] & 255; i1 = S[i1 & 255] & 255; i2 = S[i2 & 255] & 255; i3 = S[i3 & 255] & 255;
+        this.C2 = i0 ^ i1 << 8 ^ i2 << 16 ^ i3 << 24 ^ KW[r][2];
+
+        i0 = r3; i1 = r0 >>> 8; i2 = r1 >>> 16; i3 = r2 >>> 24;
+        i0 = S[i0 & 255] & 255; i1 = S[i1 & 255] & 255; i2 = S[i2 & 255] & 255; i3 = S[i3 & 255] & 255;
+        this.C3 = i0 ^ i1 << 8 ^ i2 << 16 ^ i3 << 24 ^ KW[r][3];
+    }
+
+    private void decryptBlock(int[][] KW)
+    {
+        int t0 = this.C0 ^ KW[ROUNDS][0];
+        int t1 = this.C1 ^ KW[ROUNDS][1];
+        int t2 = this.C2 ^ KW[ROUNDS][2];
+
+        int r = ROUNDS - 1, r0, r1, r2, r3 = this.C3 ^ KW[ROUNDS][3];
+        int i0, i1, i2, i3;
+
+        while (r > 1)
+        {
+            i0 = t0; i1 = r3 >>> 8; i2 = t2 >>> 16; i3 = t1 >>> 24;
+            i0 &= 255; i1 &= 255; i2 &= 255; i3 &= 255;
+            r0 = Tinv[i0] ^ Tinv[256 + i1] ^ Tinv[512 + i2] ^ Tinv[768 + i3] ^ KW[r][0];
+
+            i0 = t1; i1 = t0 >>> 8; i2 = r3 >>> 16; i3 = t2 >>> 24;
+            i0 &= 255; i1 &= 255; i2 &= 255; i3 &= 255;
+            r1 = Tinv[i0] ^ Tinv[256 + i1] ^ Tinv[512 + i2] ^ Tinv[768 + i3] ^ KW[r][1];
+
+            i0 = t2; i1 = t1 >>> 8; i2 = t0 >>> 16; i3 = r3 >>> 24;
+            i0 &= 255; i1 &= 255; i2 &= 255; i3 &= 255;
+            r2 = Tinv[i0] ^ Tinv[256 + i1] ^ Tinv[512 + i2] ^ Tinv[768 + i3] ^ KW[r][2];
+
+            i0 = r3; i1 = t2 >>> 8; i2 = t1 >>> 16; i3 = t0 >>> 24;
+            i0 &= 255; i1 &= 255; i2 &= 255; i3 &= 255;
+            r3 = Tinv[i0] ^ Tinv[256 + i1] ^ Tinv[512 + i2] ^ Tinv[768 + i3] ^ KW[r--][3];
+
+            i0 = r0; i1 = r3 >>> 8; i2 = r2 >>> 16; i3 = r1 >>> 24;
+            i0 &= 255; i1 &= 255; i2 &= 255; i3 &= 255;
+            t0 = Tinv[i0] ^ Tinv[256 + i1] ^ Tinv[512 + i2] ^ Tinv[768 + i3] ^ KW[r][0];
+
+            i0 = r1; i1 = r0 >>> 8; i2 = r3 >>> 16; i3 = r2 >>> 24;
+            i0 &= 255; i1 &= 255; i2 &= 255; i3 &= 255;
+            t1 = Tinv[i0] ^ Tinv[256 + i1] ^ Tinv[512 + i2] ^ Tinv[768 + i3] ^ KW[r][1];
+
+            i0 = r2; i1 = r1 >>> 8; i2 = r0 >>> 16; i3 = r3 >>> 24;
+            i0 &= 255; i1 &= 255; i2 &= 255; i3 &= 255;
+            t2 = Tinv[i0] ^ Tinv[256 + i1] ^ Tinv[512 + i2] ^ Tinv[768 + i3] ^ KW[r][2];
+
+            i0 = r3; i1 = r2 >>> 8; i2 = r1 >>> 16; i3 = r0 >>> 24;
+            i0 &= 255; i1 &= 255; i2 &= 255; i3 &= 255;
+            r3 = Tinv[i0] ^ Tinv[256 + i1] ^ Tinv[512 + i2] ^ Tinv[768 + i3] ^ KW[r--][3];
+        }
+
+        i0 = t0; i1 = r3 >>> 8; i2 = t2 >>> 16; i3 = t1 >>> 24;
+        i0 &= 255; i1 &= 255; i2 &= 255; i3 &= 255;
+        r0 = Tinv[i0] ^ Tinv[256 + i1] ^ Tinv[512 + i2] ^ Tinv[768 + i3] ^ KW[1][0];
+
+        i0 = t1; i1 = t0 >>> 8; i2 = r3 >>> 16; i3 = t2 >>> 24;
+        i0 &= 255; i1 &= 255; i2 &= 255; i3 &= 255;
+        r1 = Tinv[i0] ^ Tinv[256 + i1] ^ Tinv[512 + i2] ^ Tinv[768 + i3] ^ KW[1][1];
+
+        i0 = t2; i1 = t1 >>> 8; i2 = t0 >>> 16; i3 = r3 >>> 24;
+        i0 &= 255; i1 &= 255; i2 &= 255; i3 &= 255;
+        r2 = Tinv[i0] ^ Tinv[256 + i1] ^ Tinv[512 + i2] ^ Tinv[768 + i3] ^ KW[1][2];
+
+        i0 = r3; i1 = t2 >>> 8; i2 = t1 >>> 16; i3 = t0 >>> 24;
+        i0 &= 255; i1 &= 255; i2 &= 255; i3 &= 255;
+        r3 = Tinv[i0] ^ Tinv[256 + i1] ^ Tinv[512 + i2] ^ Tinv[768 + i3] ^ KW[1][3];
+
+        // the final round's table is a simple function of Si so we don't use a whole other four tables for it
+
+        i0 = r0; i1 = r3 >>> 8; i2 = r2 >>> 16; i3 = r1 >>> 24;
+        i0 = Si[i0 & 255] & 255; i1 = Si[i1 & 255] & 255; i2 = Si[i2 & 255] & 255; i3 = Si[i3 & 255] & 255;
+        this.C0 = i0 ^ i1 << 8 ^ i2 << 16 ^ i3 << 24 ^ KW[0][0];
+
+        i0 = r1; i1 = r0 >>> 8; i2 = r3 >>> 16; i3 = r2 >>> 24;
+        i0 = Si[i0 & 255] & 255; i1 = Si[i1 & 255] & 255; i2 = Si[i2 & 255] & 255; i3 = Si[i3 & 255] & 255;
+        this.C1 = i0 ^ i1 << 8 ^ i2 << 16 ^ i3 << 24 ^ KW[0][1];
+
+        i0 = r2; i1 = r1 >>> 8; i2 = r0 >>> 16; i3 = r3 >>> 24;
+        i0 = Si[i0 & 255] & 255; i1 = Si[i1 & 255] & 255; i2 = Si[i2 & 255] & 255; i3 = Si[i3 & 255] & 255;
+        this.C2 = i0 ^ i1 << 8 ^ i2 << 16 ^ i3 << 24 ^ KW[0][2];
+
+        i0 = r3; i1 = r2 >>> 8; i2 = r1 >>> 16; i3 = r0 >>> 24;
+        i0 = Si[i0 & 255] & 255; i1 = Si[i1 & 255] & 255; i2 = Si[i2 & 255] & 255; i3 = Si[i3 & 255] & 255;
+        this.C3 = i0 ^ i1 << 8 ^ i2 << 16 ^ i3 << 24 ^ KW[0][3];
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/AESWrapEngine.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/AESWrapEngine.java
new file mode 100644
index 0000000..18c85b6
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/AESWrapEngine.java

@@ -0,0 +1,31 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.engines;
+
+/**
+ * an implementation of the AES Key Wrapper from the NIST Key Wrap
+ * Specification.
+ * <p>
+ * For further details see: <a href="http://csrc.nist.gov/encryption/kms/key-wrap.pdf">http://csrc.nist.gov/encryption/kms/key-wrap.pdf</a>.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class AESWrapEngine
+    extends RFC3394WrapEngine
+{
+    /**
+     * Create a regular AESWrapEngine specifying the encrypt for wrapping, decrypt for unwrapping.
+     */
+    public AESWrapEngine()
+    {
+        super(new AESEngine());
+    }
+
+    /**
+     * Create an AESWrapEngine where the underlying cipher is set to decrypt for wrapping, encrypt for unwrapping.
+     *
+     * @param useReverseDirection true if underlying cipher should be used in decryption mode, false otherwise.
+     */
+    public AESWrapEngine(boolean useReverseDirection)
+    {
+        super(new AESEngine(), useReverseDirection);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/BlowfishEngine.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/BlowfishEngine.java
new file mode 100644
index 0000000..860aa80
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/BlowfishEngine.java

@@ -0,0 +1,579 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.engines;
+
+import com.android.org.bouncycastle.crypto.BlockCipher;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.DataLengthException;
+import com.android.org.bouncycastle.crypto.OutputLengthException;
+import com.android.org.bouncycastle.crypto.params.KeyParameter;
+
+/**
+ * A class that provides Blowfish key encryption operations,
+ * such as encoding data and generating keys.
+ * All the algorithms herein are from Applied Cryptography
+ * and implement a simplified cryptography interface.
+ * @hide This class is not part of the Android public SDK API
+ */
+public final class BlowfishEngine
+implements BlockCipher
+{
+    private final static int[] 
+        KP = {
+                0x243F6A88, 0x85A308D3, 0x13198A2E, 0x03707344,
+                0xA4093822, 0x299F31D0, 0x082EFA98, 0xEC4E6C89,
+                0x452821E6, 0x38D01377, 0xBE5466CF, 0x34E90C6C,
+                0xC0AC29B7, 0xC97C50DD, 0x3F84D5B5, 0xB5470917,
+                0x9216D5D9, 0x8979FB1B
+             },
+
+        KS0 = {
+                0xD1310BA6, 0x98DFB5AC, 0x2FFD72DB, 0xD01ADFB7,
+                0xB8E1AFED, 0x6A267E96, 0xBA7C9045, 0xF12C7F99,
+                0x24A19947, 0xB3916CF7, 0x0801F2E2, 0x858EFC16,
+                0x636920D8, 0x71574E69, 0xA458FEA3, 0xF4933D7E,
+                0x0D95748F, 0x728EB658, 0x718BCD58, 0x82154AEE,
+                0x7B54A41D, 0xC25A59B5, 0x9C30D539, 0x2AF26013,
+                0xC5D1B023, 0x286085F0, 0xCA417918, 0xB8DB38EF,
+                0x8E79DCB0, 0x603A180E, 0x6C9E0E8B, 0xB01E8A3E,
+                0xD71577C1, 0xBD314B27, 0x78AF2FDA, 0x55605C60,
+                0xE65525F3, 0xAA55AB94, 0x57489862, 0x63E81440,
+                0x55CA396A, 0x2AAB10B6, 0xB4CC5C34, 0x1141E8CE,
+                0xA15486AF, 0x7C72E993, 0xB3EE1411, 0x636FBC2A,
+                0x2BA9C55D, 0x741831F6, 0xCE5C3E16, 0x9B87931E,
+                0xAFD6BA33, 0x6C24CF5C, 0x7A325381, 0x28958677,
+                0x3B8F4898, 0x6B4BB9AF, 0xC4BFE81B, 0x66282193,
+                0x61D809CC, 0xFB21A991, 0x487CAC60, 0x5DEC8032,
+                0xEF845D5D, 0xE98575B1, 0xDC262302, 0xEB651B88,
+                0x23893E81, 0xD396ACC5, 0x0F6D6FF3, 0x83F44239,
+                0x2E0B4482, 0xA4842004, 0x69C8F04A, 0x9E1F9B5E,
+                0x21C66842, 0xF6E96C9A, 0x670C9C61, 0xABD388F0,
+                0x6A51A0D2, 0xD8542F68, 0x960FA728, 0xAB5133A3,
+                0x6EEF0B6C, 0x137A3BE4, 0xBA3BF050, 0x7EFB2A98,
+                0xA1F1651D, 0x39AF0176, 0x66CA593E, 0x82430E88,
+                0x8CEE8619, 0x456F9FB4, 0x7D84A5C3, 0x3B8B5EBE,
+                0xE06F75D8, 0x85C12073, 0x401A449F, 0x56C16AA6,
+                0x4ED3AA62, 0x363F7706, 0x1BFEDF72, 0x429B023D,
+                0x37D0D724, 0xD00A1248, 0xDB0FEAD3, 0x49F1C09B,
+                0x075372C9, 0x80991B7B, 0x25D479D8, 0xF6E8DEF7,
+                0xE3FE501A, 0xB6794C3B, 0x976CE0BD, 0x04C006BA,
+                0xC1A94FB6, 0x409F60C4, 0x5E5C9EC2, 0x196A2463,
+                0x68FB6FAF, 0x3E6C53B5, 0x1339B2EB, 0x3B52EC6F,
+                0x6DFC511F, 0x9B30952C, 0xCC814544, 0xAF5EBD09,
+                0xBEE3D004, 0xDE334AFD, 0x660F2807, 0x192E4BB3,
+                0xC0CBA857, 0x45C8740F, 0xD20B5F39, 0xB9D3FBDB,
+                0x5579C0BD, 0x1A60320A, 0xD6A100C6, 0x402C7279,
+                0x679F25FE, 0xFB1FA3CC, 0x8EA5E9F8, 0xDB3222F8,
+                0x3C7516DF, 0xFD616B15, 0x2F501EC8, 0xAD0552AB,
+                0x323DB5FA, 0xFD238760, 0x53317B48, 0x3E00DF82,
+                0x9E5C57BB, 0xCA6F8CA0, 0x1A87562E, 0xDF1769DB,
+                0xD542A8F6, 0x287EFFC3, 0xAC6732C6, 0x8C4F5573,
+                0x695B27B0, 0xBBCA58C8, 0xE1FFA35D, 0xB8F011A0,
+                0x10FA3D98, 0xFD2183B8, 0x4AFCB56C, 0x2DD1D35B,
+                0x9A53E479, 0xB6F84565, 0xD28E49BC, 0x4BFB9790,
+                0xE1DDF2DA, 0xA4CB7E33, 0x62FB1341, 0xCEE4C6E8,
+                0xEF20CADA, 0x36774C01, 0xD07E9EFE, 0x2BF11FB4,
+                0x95DBDA4D, 0xAE909198, 0xEAAD8E71, 0x6B93D5A0,
+                0xD08ED1D0, 0xAFC725E0, 0x8E3C5B2F, 0x8E7594B7,
+                0x8FF6E2FB, 0xF2122B64, 0x8888B812, 0x900DF01C,
+                0x4FAD5EA0, 0x688FC31C, 0xD1CFF191, 0xB3A8C1AD,
+                0x2F2F2218, 0xBE0E1777, 0xEA752DFE, 0x8B021FA1,
+                0xE5A0CC0F, 0xB56F74E8, 0x18ACF3D6, 0xCE89E299,
+                0xB4A84FE0, 0xFD13E0B7, 0x7CC43B81, 0xD2ADA8D9,
+                0x165FA266, 0x80957705, 0x93CC7314, 0x211A1477,
+                0xE6AD2065, 0x77B5FA86, 0xC75442F5, 0xFB9D35CF,
+                0xEBCDAF0C, 0x7B3E89A0, 0xD6411BD3, 0xAE1E7E49,
+                0x00250E2D, 0x2071B35E, 0x226800BB, 0x57B8E0AF,
+                0x2464369B, 0xF009B91E, 0x5563911D, 0x59DFA6AA,
+                0x78C14389, 0xD95A537F, 0x207D5BA2, 0x02E5B9C5,
+                0x83260376, 0x6295CFA9, 0x11C81968, 0x4E734A41,
+                0xB3472DCA, 0x7B14A94A, 0x1B510052, 0x9A532915,
+                0xD60F573F, 0xBC9BC6E4, 0x2B60A476, 0x81E67400,
+                0x08BA6FB5, 0x571BE91F, 0xF296EC6B, 0x2A0DD915,
+                0xB6636521, 0xE7B9F9B6, 0xFF34052E, 0xC5855664,
+                0x53B02D5D, 0xA99F8FA1, 0x08BA4799, 0x6E85076A
+            },
+
+        KS1 = {
+                0x4B7A70E9, 0xB5B32944, 0xDB75092E, 0xC4192623,
+                0xAD6EA6B0, 0x49A7DF7D, 0x9CEE60B8, 0x8FEDB266,
+                0xECAA8C71, 0x699A17FF, 0x5664526C, 0xC2B19EE1,
+                0x193602A5, 0x75094C29, 0xA0591340, 0xE4183A3E,
+                0x3F54989A, 0x5B429D65, 0x6B8FE4D6, 0x99F73FD6,
+                0xA1D29C07, 0xEFE830F5, 0x4D2D38E6, 0xF0255DC1,
+                0x4CDD2086, 0x8470EB26, 0x6382E9C6, 0x021ECC5E,
+                0x09686B3F, 0x3EBAEFC9, 0x3C971814, 0x6B6A70A1,
+                0x687F3584, 0x52A0E286, 0xB79C5305, 0xAA500737,
+                0x3E07841C, 0x7FDEAE5C, 0x8E7D44EC, 0x5716F2B8,
+                0xB03ADA37, 0xF0500C0D, 0xF01C1F04, 0x0200B3FF,
+                0xAE0CF51A, 0x3CB574B2, 0x25837A58, 0xDC0921BD,
+                0xD19113F9, 0x7CA92FF6, 0x94324773, 0x22F54701,
+                0x3AE5E581, 0x37C2DADC, 0xC8B57634, 0x9AF3DDA7,
+                0xA9446146, 0x0FD0030E, 0xECC8C73E, 0xA4751E41,
+                0xE238CD99, 0x3BEA0E2F, 0x3280BBA1, 0x183EB331,
+                0x4E548B38, 0x4F6DB908, 0x6F420D03, 0xF60A04BF,
+                0x2CB81290, 0x24977C79, 0x5679B072, 0xBCAF89AF,
+                0xDE9A771F, 0xD9930810, 0xB38BAE12, 0xDCCF3F2E,
+                0x5512721F, 0x2E6B7124, 0x501ADDE6, 0x9F84CD87,
+                0x7A584718, 0x7408DA17, 0xBC9F9ABC, 0xE94B7D8C,
+                0xEC7AEC3A, 0xDB851DFA, 0x63094366, 0xC464C3D2,
+                0xEF1C1847, 0x3215D908, 0xDD433B37, 0x24C2BA16,
+                0x12A14D43, 0x2A65C451, 0x50940002, 0x133AE4DD,
+                0x71DFF89E, 0x10314E55, 0x81AC77D6, 0x5F11199B,
+                0x043556F1, 0xD7A3C76B, 0x3C11183B, 0x5924A509,
+                0xF28FE6ED, 0x97F1FBFA, 0x9EBABF2C, 0x1E153C6E,
+                0x86E34570, 0xEAE96FB1, 0x860E5E0A, 0x5A3E2AB3,
+                0x771FE71C, 0x4E3D06FA, 0x2965DCB9, 0x99E71D0F,
+                0x803E89D6, 0x5266C825, 0x2E4CC978, 0x9C10B36A,
+                0xC6150EBA, 0x94E2EA78, 0xA5FC3C53, 0x1E0A2DF4,
+                0xF2F74EA7, 0x361D2B3D, 0x1939260F, 0x19C27960,
+                0x5223A708, 0xF71312B6, 0xEBADFE6E, 0xEAC31F66,
+                0xE3BC4595, 0xA67BC883, 0xB17F37D1, 0x018CFF28,
+                0xC332DDEF, 0xBE6C5AA5, 0x65582185, 0x68AB9802,
+                0xEECEA50F, 0xDB2F953B, 0x2AEF7DAD, 0x5B6E2F84,
+                0x1521B628, 0x29076170, 0xECDD4775, 0x619F1510,
+                0x13CCA830, 0xEB61BD96, 0x0334FE1E, 0xAA0363CF,
+                0xB5735C90, 0x4C70A239, 0xD59E9E0B, 0xCBAADE14,
+                0xEECC86BC, 0x60622CA7, 0x9CAB5CAB, 0xB2F3846E,
+                0x648B1EAF, 0x19BDF0CA, 0xA02369B9, 0x655ABB50,
+                0x40685A32, 0x3C2AB4B3, 0x319EE9D5, 0xC021B8F7,
+                0x9B540B19, 0x875FA099, 0x95F7997E, 0x623D7DA8,
+                0xF837889A, 0x97E32D77, 0x11ED935F, 0x16681281,
+                0x0E358829, 0xC7E61FD6, 0x96DEDFA1, 0x7858BA99,
+                0x57F584A5, 0x1B227263, 0x9B83C3FF, 0x1AC24696,
+                0xCDB30AEB, 0x532E3054, 0x8FD948E4, 0x6DBC3128,
+                0x58EBF2EF, 0x34C6FFEA, 0xFE28ED61, 0xEE7C3C73,
+                0x5D4A14D9, 0xE864B7E3, 0x42105D14, 0x203E13E0,
+                0x45EEE2B6, 0xA3AAABEA, 0xDB6C4F15, 0xFACB4FD0,
+                0xC742F442, 0xEF6ABBB5, 0x654F3B1D, 0x41CD2105,
+                0xD81E799E, 0x86854DC7, 0xE44B476A, 0x3D816250,
+                0xCF62A1F2, 0x5B8D2646, 0xFC8883A0, 0xC1C7B6A3,
+                0x7F1524C3, 0x69CB7492, 0x47848A0B, 0x5692B285,
+                0x095BBF00, 0xAD19489D, 0x1462B174, 0x23820E00,
+                0x58428D2A, 0x0C55F5EA, 0x1DADF43E, 0x233F7061,
+                0x3372F092, 0x8D937E41, 0xD65FECF1, 0x6C223BDB,
+                0x7CDE3759, 0xCBEE7460, 0x4085F2A7, 0xCE77326E,
+                0xA6078084, 0x19F8509E, 0xE8EFD855, 0x61D99735,
+                0xA969A7AA, 0xC50C06C2, 0x5A04ABFC, 0x800BCADC,
+                0x9E447A2E, 0xC3453484, 0xFDD56705, 0x0E1E9EC9,
+                0xDB73DBD3, 0x105588CD, 0x675FDA79, 0xE3674340,
+                0xC5C43465, 0x713E38D8, 0x3D28F89E, 0xF16DFF20,
+                0x153E21E7, 0x8FB03D4A, 0xE6E39F2B, 0xDB83ADF7
+            },
+
+        KS2 = {
+                0xE93D5A68, 0x948140F7, 0xF64C261C, 0x94692934,
+                0x411520F7, 0x7602D4F7, 0xBCF46B2E, 0xD4A20068,
+                0xD4082471, 0x3320F46A, 0x43B7D4B7, 0x500061AF,
+                0x1E39F62E, 0x97244546, 0x14214F74, 0xBF8B8840,
+                0x4D95FC1D, 0x96B591AF, 0x70F4DDD3, 0x66A02F45,
+                0xBFBC09EC, 0x03BD9785, 0x7FAC6DD0, 0x31CB8504,
+                0x96EB27B3, 0x55FD3941, 0xDA2547E6, 0xABCA0A9A,
+                0x28507825, 0x530429F4, 0x0A2C86DA, 0xE9B66DFB,
+                0x68DC1462, 0xD7486900, 0x680EC0A4, 0x27A18DEE,
+                0x4F3FFEA2, 0xE887AD8C, 0xB58CE006, 0x7AF4D6B6,
+                0xAACE1E7C, 0xD3375FEC, 0xCE78A399, 0x406B2A42,
+                0x20FE9E35, 0xD9F385B9, 0xEE39D7AB, 0x3B124E8B,
+                0x1DC9FAF7, 0x4B6D1856, 0x26A36631, 0xEAE397B2,
+                0x3A6EFA74, 0xDD5B4332, 0x6841E7F7, 0xCA7820FB,
+                0xFB0AF54E, 0xD8FEB397, 0x454056AC, 0xBA489527,
+                0x55533A3A, 0x20838D87, 0xFE6BA9B7, 0xD096954B,
+                0x55A867BC, 0xA1159A58, 0xCCA92963, 0x99E1DB33,
+                0xA62A4A56, 0x3F3125F9, 0x5EF47E1C, 0x9029317C,
+                0xFDF8E802, 0x04272F70, 0x80BB155C, 0x05282CE3,
+                0x95C11548, 0xE4C66D22, 0x48C1133F, 0xC70F86DC,
+                0x07F9C9EE, 0x41041F0F, 0x404779A4, 0x5D886E17,
+                0x325F51EB, 0xD59BC0D1, 0xF2BCC18F, 0x41113564,
+                0x257B7834, 0x602A9C60, 0xDFF8E8A3, 0x1F636C1B,
+                0x0E12B4C2, 0x02E1329E, 0xAF664FD1, 0xCAD18115,
+                0x6B2395E0, 0x333E92E1, 0x3B240B62, 0xEEBEB922,
+                0x85B2A20E, 0xE6BA0D99, 0xDE720C8C, 0x2DA2F728,
+                0xD0127845, 0x95B794FD, 0x647D0862, 0xE7CCF5F0,
+                0x5449A36F, 0x877D48FA, 0xC39DFD27, 0xF33E8D1E,
+                0x0A476341, 0x992EFF74, 0x3A6F6EAB, 0xF4F8FD37,
+                0xA812DC60, 0xA1EBDDF8, 0x991BE14C, 0xDB6E6B0D,
+                0xC67B5510, 0x6D672C37, 0x2765D43B, 0xDCD0E804,
+                0xF1290DC7, 0xCC00FFA3, 0xB5390F92, 0x690FED0B,
+                0x667B9FFB, 0xCEDB7D9C, 0xA091CF0B, 0xD9155EA3,
+                0xBB132F88, 0x515BAD24, 0x7B9479BF, 0x763BD6EB,
+                0x37392EB3, 0xCC115979, 0x8026E297, 0xF42E312D,
+                0x6842ADA7, 0xC66A2B3B, 0x12754CCC, 0x782EF11C,
+                0x6A124237, 0xB79251E7, 0x06A1BBE6, 0x4BFB6350,
+                0x1A6B1018, 0x11CAEDFA, 0x3D25BDD8, 0xE2E1C3C9,
+                0x44421659, 0x0A121386, 0xD90CEC6E, 0xD5ABEA2A,
+                0x64AF674E, 0xDA86A85F, 0xBEBFE988, 0x64E4C3FE,
+                0x9DBC8057, 0xF0F7C086, 0x60787BF8, 0x6003604D,
+                0xD1FD8346, 0xF6381FB0, 0x7745AE04, 0xD736FCCC,
+                0x83426B33, 0xF01EAB71, 0xB0804187, 0x3C005E5F,
+                0x77A057BE, 0xBDE8AE24, 0x55464299, 0xBF582E61,
+                0x4E58F48F, 0xF2DDFDA2, 0xF474EF38, 0x8789BDC2,
+                0x5366F9C3, 0xC8B38E74, 0xB475F255, 0x46FCD9B9,
+                0x7AEB2661, 0x8B1DDF84, 0x846A0E79, 0x915F95E2,
+                0x466E598E, 0x20B45770, 0x8CD55591, 0xC902DE4C,
+                0xB90BACE1, 0xBB8205D0, 0x11A86248, 0x7574A99E,
+                0xB77F19B6, 0xE0A9DC09, 0x662D09A1, 0xC4324633,
+                0xE85A1F02, 0x09F0BE8C, 0x4A99A025, 0x1D6EFE10,
+                0x1AB93D1D, 0x0BA5A4DF, 0xA186F20F, 0x2868F169,
+                0xDCB7DA83, 0x573906FE, 0xA1E2CE9B, 0x4FCD7F52,
+                0x50115E01, 0xA70683FA, 0xA002B5C4, 0x0DE6D027,
+                0x9AF88C27, 0x773F8641, 0xC3604C06, 0x61A806B5,
+                0xF0177A28, 0xC0F586E0, 0x006058AA, 0x30DC7D62,
+                0x11E69ED7, 0x2338EA63, 0x53C2DD94, 0xC2C21634,
+                0xBBCBEE56, 0x90BCB6DE, 0xEBFC7DA1, 0xCE591D76,
+                0x6F05E409, 0x4B7C0188, 0x39720A3D, 0x7C927C24,
+                0x86E3725F, 0x724D9DB9, 0x1AC15BB4, 0xD39EB8FC,
+                0xED545578, 0x08FCA5B5, 0xD83D7CD3, 0x4DAD0FC4,
+                0x1E50EF5E, 0xB161E6F8, 0xA28514D9, 0x6C51133C,
+                0x6FD5C7E7, 0x56E14EC4, 0x362ABFCE, 0xDDC6C837,
+                0xD79A3234, 0x92638212, 0x670EFA8E, 0x406000E0
+            },
+
+        KS3 = {
+                0x3A39CE37, 0xD3FAF5CF, 0xABC27737, 0x5AC52D1B,
+                0x5CB0679E, 0x4FA33742, 0xD3822740, 0x99BC9BBE,
+                0xD5118E9D, 0xBF0F7315, 0xD62D1C7E, 0xC700C47B,
+                0xB78C1B6B, 0x21A19045, 0xB26EB1BE, 0x6A366EB4,
+                0x5748AB2F, 0xBC946E79, 0xC6A376D2, 0x6549C2C8,
+                0x530FF8EE, 0x468DDE7D, 0xD5730A1D, 0x4CD04DC6,
+                0x2939BBDB, 0xA9BA4650, 0xAC9526E8, 0xBE5EE304,
+                0xA1FAD5F0, 0x6A2D519A, 0x63EF8CE2, 0x9A86EE22,
+                0xC089C2B8, 0x43242EF6, 0xA51E03AA, 0x9CF2D0A4,
+                0x83C061BA, 0x9BE96A4D, 0x8FE51550, 0xBA645BD6,
+                0x2826A2F9, 0xA73A3AE1, 0x4BA99586, 0xEF5562E9,
+                0xC72FEFD3, 0xF752F7DA, 0x3F046F69, 0x77FA0A59,
+                0x80E4A915, 0x87B08601, 0x9B09E6AD, 0x3B3EE593,
+                0xE990FD5A, 0x9E34D797, 0x2CF0B7D9, 0x022B8B51,
+                0x96D5AC3A, 0x017DA67D, 0xD1CF3ED6, 0x7C7D2D28,
+                0x1F9F25CF, 0xADF2B89B, 0x5AD6B472, 0x5A88F54C,
+                0xE029AC71, 0xE019A5E6, 0x47B0ACFD, 0xED93FA9B,
+                0xE8D3C48D, 0x283B57CC, 0xF8D56629, 0x79132E28,
+                0x785F0191, 0xED756055, 0xF7960E44, 0xE3D35E8C,
+                0x15056DD4, 0x88F46DBA, 0x03A16125, 0x0564F0BD,
+                0xC3EB9E15, 0x3C9057A2, 0x97271AEC, 0xA93A072A,
+                0x1B3F6D9B, 0x1E6321F5, 0xF59C66FB, 0x26DCF319,
+                0x7533D928, 0xB155FDF5, 0x03563482, 0x8ABA3CBB,
+                0x28517711, 0xC20AD9F8, 0xABCC5167, 0xCCAD925F,
+                0x4DE81751, 0x3830DC8E, 0x379D5862, 0x9320F991,
+                0xEA7A90C2, 0xFB3E7BCE, 0x5121CE64, 0x774FBE32,
+                0xA8B6E37E, 0xC3293D46, 0x48DE5369, 0x6413E680,
+                0xA2AE0810, 0xDD6DB224, 0x69852DFD, 0x09072166,
+                0xB39A460A, 0x6445C0DD, 0x586CDECF, 0x1C20C8AE,
+                0x5BBEF7DD, 0x1B588D40, 0xCCD2017F, 0x6BB4E3BB,
+                0xDDA26A7E, 0x3A59FF45, 0x3E350A44, 0xBCB4CDD5,
+                0x72EACEA8, 0xFA6484BB, 0x8D6612AE, 0xBF3C6F47,
+                0xD29BE463, 0x542F5D9E, 0xAEC2771B, 0xF64E6370,
+                0x740E0D8D, 0xE75B1357, 0xF8721671, 0xAF537D5D,
+                0x4040CB08, 0x4EB4E2CC, 0x34D2466A, 0x0115AF84,
+                0xE1B00428, 0x95983A1D, 0x06B89FB4, 0xCE6EA048,
+                0x6F3F3B82, 0x3520AB82, 0x011A1D4B, 0x277227F8,
+                0x611560B1, 0xE7933FDC, 0xBB3A792B, 0x344525BD,
+                0xA08839E1, 0x51CE794B, 0x2F32C9B7, 0xA01FBAC9,
+                0xE01CC87E, 0xBCC7D1F6, 0xCF0111C3, 0xA1E8AAC7,
+                0x1A908749, 0xD44FBD9A, 0xD0DADECB, 0xD50ADA38,
+                0x0339C32A, 0xC6913667, 0x8DF9317C, 0xE0B12B4F,
+                0xF79E59B7, 0x43F5BB3A, 0xF2D519FF, 0x27D9459C,
+                0xBF97222C, 0x15E6FC2A, 0x0F91FC71, 0x9B941525,
+                0xFAE59361, 0xCEB69CEB, 0xC2A86459, 0x12BAA8D1,
+                0xB6C1075E, 0xE3056A0C, 0x10D25065, 0xCB03A442,
+                0xE0EC6E0E, 0x1698DB3B, 0x4C98A0BE, 0x3278E964,
+                0x9F1F9532, 0xE0D392DF, 0xD3A0342B, 0x8971F21E,
+                0x1B0A7441, 0x4BA3348C, 0xC5BE7120, 0xC37632D8,
+                0xDF359F8D, 0x9B992F2E, 0xE60B6F47, 0x0FE3F11D,
+                0xE54CDA54, 0x1EDAD891, 0xCE6279CF, 0xCD3E7E6F,
+                0x1618B166, 0xFD2C1D05, 0x848FD2C5, 0xF6FB2299,
+                0xF523F357, 0xA6327623, 0x93A83531, 0x56CCCD02,
+                0xACF08162, 0x5A75EBB5, 0x6E163697, 0x88D273CC,
+                0xDE966292, 0x81B949D0, 0x4C50901B, 0x71C65614,
+                0xE6C6C7BD, 0x327A140A, 0x45E1D006, 0xC3F27B9A,
+                0xC9AA53FD, 0x62A80F00, 0xBB25BFE2, 0x35BDD2F6,
+                0x71126905, 0xB2040222, 0xB6CBCF7C, 0xCD769C2B,
+                0x53113EC0, 0x1640E3D3, 0x38ABBD60, 0x2547ADF0,
+                0xBA38209C, 0xF746CE76, 0x77AFA1C5, 0x20756060,
+                0x85CBFE4E, 0x8AE88DD8, 0x7AAAF9B0, 0x4CF9AA7E,
+                0x1948C25C, 0x02FB8A8C, 0x01C36AE4, 0xD6EBE1F9,
+                0x90D4F869, 0xA65CDEA0, 0x3F09252D, 0xC208E69F,
+                0xB74E6132, 0xCE77E25B, 0x578FDFE3, 0x3AC372E6
+            };
+
+    //====================================
+    // Useful constants
+    //====================================
+
+    private static final int    ROUNDS = 16;
+    private static final int    BLOCK_SIZE = 8;  // bytes = 64 bits
+    private static final int    SBOX_SK = 256;
+    private static final int    P_SZ = ROUNDS+2;
+
+    private final int[] S0, S1, S2, S3;     // the s-boxes
+    private final int[] P;                  // the p-array
+
+    private boolean encrypting = false;
+
+    private byte[] workingKey = null;
+
+    public BlowfishEngine()
+    {
+        S0 = new int[SBOX_SK];
+        S1 = new int[SBOX_SK];
+        S2 = new int[SBOX_SK];
+        S3 = new int[SBOX_SK];
+        P = new int[P_SZ];
+    }
+
+    /**
+     * initialise a Blowfish cipher.
+     *
+     * @param encrypting whether or not we are for encryption.
+     * @param params the parameters required to set up the cipher.
+     * @exception IllegalArgumentException if the params argument is
+     * inappropriate.
+     */
+    public void init(
+        boolean             encrypting,
+        CipherParameters    params)
+    {
+        if (params instanceof KeyParameter)
+        {
+            this.encrypting = encrypting;
+            this.workingKey = ((KeyParameter)params).getKey();
+            setKey(this.workingKey);
+
+            return;
+        }
+
+        throw new IllegalArgumentException("invalid parameter passed to Blowfish init - " + params.getClass().getName());
+    }
+
+    public String getAlgorithmName()
+    {
+        return "Blowfish";
+    }
+
+    public final int processBlock(
+        byte[] in,
+        int inOff,
+        byte[] out,
+        int outOff)
+    {
+        if (workingKey == null)
+        {
+            throw new IllegalStateException("Blowfish not initialised");
+        }
+
+        if ((inOff + BLOCK_SIZE) > in.length)
+        {
+            throw new DataLengthException("input buffer too short");
+        }
+
+        if ((outOff + BLOCK_SIZE) > out.length)
+        {
+            throw new OutputLengthException("output buffer too short");
+        }
+
+        if (encrypting)
+        {
+            encryptBlock(in, inOff, out, outOff);
+        }
+        else
+        {    
+            decryptBlock(in, inOff, out, outOff);
+        }
+
+        return BLOCK_SIZE;
+    }
+
+    public void reset()
+    {
+    }
+
+    public int getBlockSize()
+    {
+        return BLOCK_SIZE;
+    }
+
+    //==================================
+    // Private Implementation
+    //==================================
+
+    private int F(int x)
+    {
+        return (((S0[(x >>> 24)] + S1[(x >>> 16) & 0xff])
+                            ^ S2[(x >>> 8) & 0xff]) + S3[x & 0xff]);
+    }
+
+    /**
+     * apply the encryption cycle to each value pair in the table.
+     */
+    private void processTable(
+        int     xl,
+        int     xr,
+        int[]   table)
+    {
+        int size = table.length;
+
+        for (int s = 0; s < size; s += 2)
+        {
+            xl ^= P[0];
+
+            for (int i = 1; i < ROUNDS; i += 2)
+            {
+                xr ^= F(xl) ^ P[i];
+                xl ^= F(xr) ^ P[i + 1];
+            }
+
+            xr ^= P[ROUNDS + 1];
+
+            table[s] = xr;
+            table[s + 1] = xl;
+
+            xr = xl;            // end of cycle swap
+            xl = table[s];
+        }
+    }
+
+    private void setKey(byte[] key)
+    {
+        /*
+         * - comments are from _Applied Crypto_, Schneier, p338
+         * please be careful comparing the two, AC numbers the
+         * arrays from 1, the enclosed code from 0.
+         *
+         * (1)
+         * Initialise the S-boxes and the P-array, with a fixed string
+         * This string contains the hexadecimal digits of pi (3.141...)
+         */
+        System.arraycopy(KS0, 0, S0, 0, SBOX_SK);
+        System.arraycopy(KS1, 0, S1, 0, SBOX_SK);
+        System.arraycopy(KS2, 0, S2, 0, SBOX_SK);
+        System.arraycopy(KS3, 0, S3, 0, SBOX_SK);
+
+        System.arraycopy(KP, 0, P, 0, P_SZ);
+
+        /*
+         * (2)
+         * Now, XOR P[0] with the first 32 bits of the key, XOR P[1] with the
+         * second 32-bits of the key, and so on for all bits of the key
+         * (up to P[17]).  Repeatedly cycle through the key bits until the
+         * entire P-array has been XOR-ed with the key bits
+         */
+        int keyLength = key.length;
+        int keyIndex = 0;
+
+        for (int i=0; i < P_SZ; i++)
+        {
+            // get the 32 bits of the key, in 4 * 8 bit chunks
+            int data = 0x0000000;
+            for (int j=0; j < 4; j++)
+            {
+                // create a 32 bit block
+                data = (data << 8) | (key[keyIndex++] & 0xff);
+
+                // wrap when we get to the end of the key
+                if (keyIndex >= keyLength)
+                {
+                    keyIndex = 0;
+                }
+            }
+            // XOR the newly created 32 bit chunk onto the P-array
+            P[i] ^= data;
+        }
+
+        /*
+         * (3)
+         * Encrypt the all-zero string with the Blowfish algorithm, using
+         * the subkeys described in (1) and (2)
+         *
+         * (4)
+         * Replace P1 and P2 with the output of step (3)
+         *
+         * (5)
+         * Encrypt the output of step(3) using the Blowfish algorithm,
+         * with the modified subkeys.
+         *
+         * (6)
+         * Replace P3 and P4 with the output of step (5)
+         *
+         * (7)
+         * Continue the process, replacing all elements of the P-array
+         * and then all four S-boxes in order, with the output of the
+         * continuously changing Blowfish algorithm
+         */
+
+        processTable(0, 0, P);
+        processTable(P[P_SZ - 2], P[P_SZ - 1], S0);
+        processTable(S0[SBOX_SK - 2], S0[SBOX_SK - 1], S1);
+        processTable(S1[SBOX_SK - 2], S1[SBOX_SK - 1], S2);
+        processTable(S2[SBOX_SK - 2], S2[SBOX_SK - 1], S3);
+    }
+
+    /**
+     * Encrypt the given input starting at the given offset and place
+     * the result in the provided buffer starting at the given offset.
+     * The input will be an exact multiple of our blocksize.
+     */
+    private void encryptBlock(
+        byte[]  src,
+        int     srcIndex,
+        byte[]  dst,
+        int     dstIndex)
+    {
+        int xl = BytesTo32bits(src, srcIndex);
+        int xr = BytesTo32bits(src, srcIndex+4);
+
+        xl ^= P[0];
+
+        for (int i = 1; i < ROUNDS; i += 2)
+        {
+            xr ^= F(xl) ^ P[i];
+            xl ^= F(xr) ^ P[i + 1];
+        }
+
+        xr ^= P[ROUNDS + 1];
+
+        Bits32ToBytes(xr, dst, dstIndex);
+        Bits32ToBytes(xl, dst, dstIndex + 4);
+    }
+
+    /**
+     * Decrypt the given input starting at the given offset and place
+     * the result in the provided buffer starting at the given offset.
+     * The input will be an exact multiple of our blocksize.
+     */
+    private void decryptBlock(
+        byte[] src, 
+        int srcIndex,
+        byte[] dst,
+        int dstIndex)
+    {
+        int xl = BytesTo32bits(src, srcIndex);
+        int xr = BytesTo32bits(src, srcIndex + 4);
+
+        xl ^= P[ROUNDS + 1];
+
+        for (int i = ROUNDS; i > 0 ; i -= 2)
+        {
+            xr ^= F(xl) ^ P[i];
+            xl ^= F(xr) ^ P[i - 1];
+        }
+
+        xr ^= P[0];
+
+        Bits32ToBytes(xr, dst, dstIndex);
+        Bits32ToBytes(xl, dst, dstIndex+4);
+    }
+
+    private int BytesTo32bits(byte[] b, int i)
+    {
+        return ((b[i]   & 0xff) << 24) | 
+             ((b[i+1] & 0xff) << 16) |
+             ((b[i+2] & 0xff) << 8) |
+             ((b[i+3] & 0xff));
+    }
+
+    private void Bits32ToBytes(int in,  byte[] b, int offset)
+    {
+        b[offset + 3] = (byte)in;
+        b[offset + 2] = (byte)(in >> 8);
+        b[offset + 1] = (byte)(in >> 16);
+        b[offset]     = (byte)(in >> 24);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/DESEngine.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/DESEngine.java
new file mode 100644
index 0000000..7d11710
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/DESEngine.java

@@ -0,0 +1,485 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.engines;
+
+import com.android.org.bouncycastle.crypto.BlockCipher;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.DataLengthException;
+import com.android.org.bouncycastle.crypto.OutputLengthException;
+import com.android.org.bouncycastle.crypto.params.KeyParameter;
+import com.android.org.bouncycastle.util.Pack;
+
+/**
+ * a class that provides a basic DES engine.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DESEngine
+    implements BlockCipher
+{
+    protected static final int  BLOCK_SIZE = 8;
+
+    private int[]               workingKey = null;
+
+    /**
+     * standard constructor.
+     */
+    public DESEngine()
+    {
+    }
+
+    /**
+     * initialise a DES cipher.
+     *
+     * @param encrypting whether or not we are for encryption.
+     * @param params the parameters required to set up the cipher.
+     * @exception IllegalArgumentException if the params argument is
+     * inappropriate.
+     */
+    public void init(
+        boolean           encrypting,
+        CipherParameters  params)
+    {
+        if (params instanceof KeyParameter)
+        {
+            if (((KeyParameter)params).getKey().length > 8)
+            {
+                throw new IllegalArgumentException("DES key too long - should be 8 bytes");
+            }
+            
+            workingKey = generateWorkingKey(encrypting,
+                                  ((KeyParameter)params).getKey());
+
+            return;
+        }
+
+        throw new IllegalArgumentException("invalid parameter passed to DES init - " + params.getClass().getName());
+    }
+
+    public String getAlgorithmName()
+    {
+        return "DES";
+    }
+
+    public int getBlockSize()
+    {
+        return BLOCK_SIZE;
+    }
+
+    public int processBlock(
+        byte[] in,
+        int inOff,
+        byte[] out,
+        int outOff)
+    {
+        if (workingKey == null)
+        {
+            throw new IllegalStateException("DES engine not initialised");
+        }
+
+        if ((inOff + BLOCK_SIZE) > in.length)
+        {
+            throw new DataLengthException("input buffer too short");
+        }
+
+        if ((outOff + BLOCK_SIZE) > out.length)
+        {
+            throw new OutputLengthException("output buffer too short");
+        }
+
+        desFunc(workingKey, in, inOff, out, outOff);
+
+        return BLOCK_SIZE;
+    }
+
+    public void reset()
+    {
+    }
+
+    /**
+     * what follows is mainly taken from "Applied Cryptography", by
+     * Bruce Schneier, however it also bears great resemblance to Richard
+     * Outerbridge's D3DES...
+     */
+
+//    private static final short[]    Df_Key =
+//        {
+//            0x01,0x23,0x45,0x67,0x89,0xab,0xcd,0xef,
+//            0xfe,0xdc,0xba,0x98,0x76,0x54,0x32,0x10,
+//            0x89,0xab,0xcd,0xef,0x01,0x23,0x45,0x67
+//        };
+
+    private static final short[]    bytebit =
+        {
+            0200, 0100, 040, 020, 010, 04, 02, 01
+        };
+
+    private static final int[]    bigbyte =
+        {
+            0x800000, 0x400000, 0x200000, 0x100000,
+            0x80000,  0x40000,  0x20000,  0x10000,
+            0x8000,      0x4000,   0x2000,   0x1000,
+            0x800,    0x400,    0x200,    0x100,
+            0x80,      0x40,        0x20,     0x10,
+            0x8,      0x4,      0x2,      0x1
+        };
+
+    /*
+     * Use the key schedule specified in the Standard (ANSI X3.92-1981).
+     */
+
+    private static final byte[]    pc1 =
+        {
+            56, 48, 40, 32, 24, 16,  8,   0, 57, 49, 41, 33, 25, 17,
+             9,  1, 58, 50, 42, 34, 26,  18, 10,  2, 59, 51, 43, 35,
+            62, 54, 46, 38, 30, 22, 14,   6, 61, 53, 45, 37, 29, 21,
+            13,  5, 60, 52, 44, 36, 28,  20, 12,  4, 27, 19, 11,  3
+        };
+
+    private static final byte[] totrot =
+        {
+            1, 2, 4, 6, 8, 10, 12, 14,
+            15, 17, 19, 21, 23, 25, 27, 28
+        };
+
+    private static final byte[] pc2 =
+        {
+            13, 16, 10, 23,  0,  4,  2, 27, 14,  5, 20,  9,
+            22, 18, 11,  3, 25,  7, 15,  6, 26, 19, 12,  1,
+            40, 51, 30, 36, 46, 54, 29, 39, 50, 44, 32, 47,
+            43, 48, 38, 55, 33, 52, 45, 41, 49, 35, 28, 31
+        };
+
+    private static final int[] SP1 = {
+        0x01010400, 0x00000000, 0x00010000, 0x01010404,
+        0x01010004, 0x00010404, 0x00000004, 0x00010000,
+        0x00000400, 0x01010400, 0x01010404, 0x00000400,
+        0x01000404, 0x01010004, 0x01000000, 0x00000004,
+        0x00000404, 0x01000400, 0x01000400, 0x00010400,
+        0x00010400, 0x01010000, 0x01010000, 0x01000404,
+        0x00010004, 0x01000004, 0x01000004, 0x00010004,
+        0x00000000, 0x00000404, 0x00010404, 0x01000000,
+        0x00010000, 0x01010404, 0x00000004, 0x01010000,
+        0x01010400, 0x01000000, 0x01000000, 0x00000400,
+        0x01010004, 0x00010000, 0x00010400, 0x01000004,
+        0x00000400, 0x00000004, 0x01000404, 0x00010404,
+        0x01010404, 0x00010004, 0x01010000, 0x01000404,
+        0x01000004, 0x00000404, 0x00010404, 0x01010400,
+        0x00000404, 0x01000400, 0x01000400, 0x00000000,
+        0x00010004, 0x00010400, 0x00000000, 0x01010004
+    };
+
+    private static final int[] SP2 = {
+        0x80108020, 0x80008000, 0x00008000, 0x00108020,
+        0x00100000, 0x00000020, 0x80100020, 0x80008020,
+        0x80000020, 0x80108020, 0x80108000, 0x80000000,
+        0x80008000, 0x00100000, 0x00000020, 0x80100020,
+        0x00108000, 0x00100020, 0x80008020, 0x00000000,
+        0x80000000, 0x00008000, 0x00108020, 0x80100000,
+        0x00100020, 0x80000020, 0x00000000, 0x00108000,
+        0x00008020, 0x80108000, 0x80100000, 0x00008020,
+        0x00000000, 0x00108020, 0x80100020, 0x00100000,
+        0x80008020, 0x80100000, 0x80108000, 0x00008000,
+        0x80100000, 0x80008000, 0x00000020, 0x80108020,
+        0x00108020, 0x00000020, 0x00008000, 0x80000000,
+        0x00008020, 0x80108000, 0x00100000, 0x80000020,
+        0x00100020, 0x80008020, 0x80000020, 0x00100020,
+        0x00108000, 0x00000000, 0x80008000, 0x00008020,
+        0x80000000, 0x80100020, 0x80108020, 0x00108000
+    };
+
+    private static final int[] SP3 = {
+        0x00000208, 0x08020200, 0x00000000, 0x08020008,
+        0x08000200, 0x00000000, 0x00020208, 0x08000200,
+        0x00020008, 0x08000008, 0x08000008, 0x00020000,
+        0x08020208, 0x00020008, 0x08020000, 0x00000208,
+        0x08000000, 0x00000008, 0x08020200, 0x00000200,
+        0x00020200, 0x08020000, 0x08020008, 0x00020208,
+        0x08000208, 0x00020200, 0x00020000, 0x08000208,
+        0x00000008, 0x08020208, 0x00000200, 0x08000000,
+        0x08020200, 0x08000000, 0x00020008, 0x00000208,
+        0x00020000, 0x08020200, 0x08000200, 0x00000000,
+        0x00000200, 0x00020008, 0x08020208, 0x08000200,
+        0x08000008, 0x00000200, 0x00000000, 0x08020008,
+        0x08000208, 0x00020000, 0x08000000, 0x08020208,
+        0x00000008, 0x00020208, 0x00020200, 0x08000008,
+        0x08020000, 0x08000208, 0x00000208, 0x08020000,
+        0x00020208, 0x00000008, 0x08020008, 0x00020200
+    };
+
+    private static final int[] SP4 = {
+        0x00802001, 0x00002081, 0x00002081, 0x00000080,
+        0x00802080, 0x00800081, 0x00800001, 0x00002001,
+        0x00000000, 0x00802000, 0x00802000, 0x00802081,
+        0x00000081, 0x00000000, 0x00800080, 0x00800001,
+        0x00000001, 0x00002000, 0x00800000, 0x00802001,
+        0x00000080, 0x00800000, 0x00002001, 0x00002080,
+        0x00800081, 0x00000001, 0x00002080, 0x00800080,
+        0x00002000, 0x00802080, 0x00802081, 0x00000081,
+        0x00800080, 0x00800001, 0x00802000, 0x00802081,
+        0x00000081, 0x00000000, 0x00000000, 0x00802000,
+        0x00002080, 0x00800080, 0x00800081, 0x00000001,
+        0x00802001, 0x00002081, 0x00002081, 0x00000080,
+        0x00802081, 0x00000081, 0x00000001, 0x00002000,
+        0x00800001, 0x00002001, 0x00802080, 0x00800081,
+        0x00002001, 0x00002080, 0x00800000, 0x00802001,
+        0x00000080, 0x00800000, 0x00002000, 0x00802080
+    };
+
+    private static final int[] SP5 = {
+        0x00000100, 0x02080100, 0x02080000, 0x42000100,
+        0x00080000, 0x00000100, 0x40000000, 0x02080000,
+        0x40080100, 0x00080000, 0x02000100, 0x40080100,
+        0x42000100, 0x42080000, 0x00080100, 0x40000000,
+        0x02000000, 0x40080000, 0x40080000, 0x00000000,
+        0x40000100, 0x42080100, 0x42080100, 0x02000100,
+        0x42080000, 0x40000100, 0x00000000, 0x42000000,
+        0x02080100, 0x02000000, 0x42000000, 0x00080100,
+        0x00080000, 0x42000100, 0x00000100, 0x02000000,
+        0x40000000, 0x02080000, 0x42000100, 0x40080100,
+        0x02000100, 0x40000000, 0x42080000, 0x02080100,
+        0x40080100, 0x00000100, 0x02000000, 0x42080000,
+        0x42080100, 0x00080100, 0x42000000, 0x42080100,
+        0x02080000, 0x00000000, 0x40080000, 0x42000000,
+        0x00080100, 0x02000100, 0x40000100, 0x00080000,
+        0x00000000, 0x40080000, 0x02080100, 0x40000100
+    };
+
+    private static final int[] SP6 = {
+        0x20000010, 0x20400000, 0x00004000, 0x20404010,
+        0x20400000, 0x00000010, 0x20404010, 0x00400000,
+        0x20004000, 0x00404010, 0x00400000, 0x20000010,
+        0x00400010, 0x20004000, 0x20000000, 0x00004010,
+        0x00000000, 0x00400010, 0x20004010, 0x00004000,
+        0x00404000, 0x20004010, 0x00000010, 0x20400010,
+        0x20400010, 0x00000000, 0x00404010, 0x20404000,
+        0x00004010, 0x00404000, 0x20404000, 0x20000000,
+        0x20004000, 0x00000010, 0x20400010, 0x00404000,
+        0x20404010, 0x00400000, 0x00004010, 0x20000010,
+        0x00400000, 0x20004000, 0x20000000, 0x00004010,
+        0x20000010, 0x20404010, 0x00404000, 0x20400000,
+        0x00404010, 0x20404000, 0x00000000, 0x20400010,
+        0x00000010, 0x00004000, 0x20400000, 0x00404010,
+        0x00004000, 0x00400010, 0x20004010, 0x00000000,
+        0x20404000, 0x20000000, 0x00400010, 0x20004010
+    };
+
+    private static final int[] SP7 = {
+        0x00200000, 0x04200002, 0x04000802, 0x00000000,
+        0x00000800, 0x04000802, 0x00200802, 0x04200800,
+        0x04200802, 0x00200000, 0x00000000, 0x04000002,
+        0x00000002, 0x04000000, 0x04200002, 0x00000802,
+        0x04000800, 0x00200802, 0x00200002, 0x04000800,
+        0x04000002, 0x04200000, 0x04200800, 0x00200002,
+        0x04200000, 0x00000800, 0x00000802, 0x04200802,
+        0x00200800, 0x00000002, 0x04000000, 0x00200800,
+        0x04000000, 0x00200800, 0x00200000, 0x04000802,
+        0x04000802, 0x04200002, 0x04200002, 0x00000002,
+        0x00200002, 0x04000000, 0x04000800, 0x00200000,
+        0x04200800, 0x00000802, 0x00200802, 0x04200800,
+        0x00000802, 0x04000002, 0x04200802, 0x04200000,
+        0x00200800, 0x00000000, 0x00000002, 0x04200802,
+        0x00000000, 0x00200802, 0x04200000, 0x00000800,
+        0x04000002, 0x04000800, 0x00000800, 0x00200002
+    };
+
+    private static final int[] SP8 = {
+        0x10001040, 0x00001000, 0x00040000, 0x10041040,
+        0x10000000, 0x10001040, 0x00000040, 0x10000000,
+        0x00040040, 0x10040000, 0x10041040, 0x00041000,
+        0x10041000, 0x00041040, 0x00001000, 0x00000040,
+        0x10040000, 0x10000040, 0x10001000, 0x00001040,
+        0x00041000, 0x00040040, 0x10040040, 0x10041000,
+        0x00001040, 0x00000000, 0x00000000, 0x10040040,
+        0x10000040, 0x10001000, 0x00041040, 0x00040000,
+        0x00041040, 0x00040000, 0x10041000, 0x00001000,
+        0x00000040, 0x10040040, 0x00001000, 0x00041040,
+        0x10001000, 0x00000040, 0x10000040, 0x10040000,
+        0x10040040, 0x10000000, 0x00040000, 0x10001040,
+        0x00000000, 0x10041040, 0x00040040, 0x10000040,
+        0x10040000, 0x10001000, 0x10001040, 0x00000000,
+        0x10041040, 0x00041000, 0x00041000, 0x00001040,
+        0x00001040, 0x00040040, 0x10000000, 0x10041000
+    };
+
+    /**
+     * generate an integer based working key based on our secret key
+     * and what we processing we are planning to do.
+     *
+     * Acknowledgements for this routine go to James Gillogly &amp; Phil Karn.
+     *         (whoever, and wherever they are!).
+     */
+    protected int[] generateWorkingKey(
+        boolean encrypting,
+        byte[]  key)
+    {
+        int[]       newKey = new int[32];
+        boolean[]   pc1m = new boolean[56],
+                    pcr = new boolean[56];
+
+        for (int j = 0; j < 56; j++)
+        {
+            int    l = pc1[j];
+
+            pc1m[j] = ((key[l >>> 3] & bytebit[l & 07]) != 0);
+        }
+
+        for (int i = 0; i < 16; i++)
+        {
+            int    l, m, n;
+
+            if (encrypting)
+            {
+                m = i << 1;
+            }
+            else
+            {
+                m = (15 - i) << 1;
+            }
+
+            n = m + 1;
+            newKey[m] = newKey[n] = 0;
+
+            for (int j = 0; j < 28; j++)
+            {
+                l = j + totrot[i];
+                if (l < 28)
+                {
+                    pcr[j] = pc1m[l];
+                }
+                else
+                {
+                    pcr[j] = pc1m[l - 28];
+                }
+            }
+
+            for (int j = 28; j < 56; j++)
+            {
+                l = j + totrot[i];
+                if (l < 56)
+                {
+                    pcr[j] = pc1m[l];
+                }
+                else
+                {
+                    pcr[j] = pc1m[l - 28];
+                }
+            }
+
+            for (int j = 0; j < 24; j++)
+            {
+                if (pcr[pc2[j]])
+                {
+                    newKey[m] |= bigbyte[j];
+                }
+
+                if (pcr[pc2[j + 24]])
+                {
+                    newKey[n] |= bigbyte[j];
+                }
+            }
+        }
+
+        //
+        // store the processed key
+        //
+        for (int i = 0; i != 32; i += 2)
+        {
+            int    i1, i2;
+
+            i1 = newKey[i];
+            i2 = newKey[i + 1];
+
+            newKey[i] = ((i1 & 0x00fc0000) << 6) | ((i1 & 0x00000fc0) << 10)
+                                   | ((i2 & 0x00fc0000) >>> 10) | ((i2 & 0x00000fc0) >>> 6);
+
+            newKey[i + 1] = ((i1 & 0x0003f000) << 12) | ((i1 & 0x0000003f) << 16)
+                                   | ((i2 & 0x0003f000) >>> 4) | (i2 & 0x0000003f);
+        }
+
+        return newKey;
+    }
+
+    /**
+     * the DES engine.
+     */
+    protected void desFunc(
+        int[]   wKey,
+        byte[]  in,
+        int     inOff,
+        byte[]  out,
+        int     outOff)
+    {
+        int     work, right, left;
+
+        left = Pack.bigEndianToInt(in, inOff);
+        right = Pack.bigEndianToInt(in, inOff + 4);
+
+        work = ((left >>> 4) ^ right) & 0x0f0f0f0f;
+        right ^= work;
+        left ^= (work << 4);
+        work = ((left >>> 16) ^ right) & 0x0000ffff;
+        right ^= work;
+        left ^= (work << 16);
+        work = ((right >>> 2) ^ left) & 0x33333333;
+        left ^= work;
+        right ^= (work << 2);
+        work = ((right >>> 8) ^ left) & 0x00ff00ff;
+        left ^= work;
+        right ^= (work << 8);
+        right = (right << 1) | (right >>> 31);
+        work = (left ^ right) & 0xaaaaaaaa;
+        left ^= work;
+        right ^= work;
+        left = (left << 1) | (left >>> 31);
+
+        for (int round = 0; round < 8; round++)
+        {
+            int     fval;
+
+            work  = (right << 28) | (right >>> 4);
+            work ^= wKey[round * 4 + 0];
+            fval  = SP7[ work      & 0x3f];
+            fval |= SP5[(work >>>  8) & 0x3f];
+            fval |= SP3[(work >>> 16) & 0x3f];
+            fval |= SP1[(work >>> 24) & 0x3f];
+            work  = right ^ wKey[round * 4 + 1];
+            fval |= SP8[ work      & 0x3f];
+            fval |= SP6[(work >>>  8) & 0x3f];
+            fval |= SP4[(work >>> 16) & 0x3f];
+            fval |= SP2[(work >>> 24) & 0x3f];
+            left ^= fval;
+            work  = (left << 28) | (left >>> 4);
+            work ^= wKey[round * 4 + 2];
+            fval  = SP7[ work      & 0x3f];
+            fval |= SP5[(work >>>  8) & 0x3f];
+            fval |= SP3[(work >>> 16) & 0x3f];
+            fval |= SP1[(work >>> 24) & 0x3f];
+            work  = left ^ wKey[round * 4 + 3];
+            fval |= SP8[ work      & 0x3f];
+            fval |= SP6[(work >>>  8) & 0x3f];
+            fval |= SP4[(work >>> 16) & 0x3f];
+            fval |= SP2[(work >>> 24) & 0x3f];
+            right ^= fval;
+        }
+
+        right = (right << 31) | (right >>> 1);
+        work = (left ^ right) & 0xaaaaaaaa;
+        left ^= work;
+        right ^= work;
+        left = (left << 31) | (left >>> 1);
+        work = ((left >>> 8) ^ right) & 0x00ff00ff;
+        right ^= work;
+        left ^= (work << 8);
+        work = ((left >>> 2) ^ right) & 0x33333333;
+        right ^= work;
+        left ^= (work << 2);
+        work = ((right >>> 16) ^ left) & 0x0000ffff;
+        left ^= work;
+        right ^= (work << 16);
+        work = ((right >>> 4) ^ left) & 0x0f0f0f0f;
+        left ^= work;
+        right ^= (work << 4);
+
+        Pack.intToBigEndian(right, out, outOff);
+        Pack.intToBigEndian(left, out, outOff + 4);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/DESedeEngine.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/DESedeEngine.java
new file mode 100644
index 0000000..885d0f8
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/DESedeEngine.java

@@ -0,0 +1,129 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.engines;
+
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.DataLengthException;
+import com.android.org.bouncycastle.crypto.OutputLengthException;
+import com.android.org.bouncycastle.crypto.params.KeyParameter;
+
+/**
+ * a class that provides a basic DESede (or Triple DES) engine.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DESedeEngine
+    extends DESEngine
+{
+    protected static final int  BLOCK_SIZE = 8;
+
+    private int[]               workingKey1 = null;
+    private int[]               workingKey2 = null;
+    private int[]               workingKey3 = null;
+
+    private boolean             forEncryption;
+
+    /**
+     * standard constructor.
+     */
+    public DESedeEngine()
+    {
+    }
+
+    /**
+     * initialise a DESede cipher.
+     *
+     * @param encrypting whether or not we are for encryption.
+     * @param params the parameters required to set up the cipher.
+     * @exception IllegalArgumentException if the params argument is
+     * inappropriate.
+     */
+    public void init(
+        boolean           encrypting,
+        CipherParameters  params)
+    {
+        if (!(params instanceof KeyParameter))
+        {
+            throw new IllegalArgumentException("invalid parameter passed to DESede init - " + params.getClass().getName());
+        }
+
+        byte[] keyMaster = ((KeyParameter)params).getKey();
+
+        if (keyMaster.length != 24 && keyMaster.length != 16)
+        {
+            throw new IllegalArgumentException("key size must be 16 or 24 bytes.");
+        }
+
+        this.forEncryption = encrypting;
+
+        byte[] key1 = new byte[8];
+        System.arraycopy(keyMaster, 0, key1, 0, key1.length);
+        workingKey1 = generateWorkingKey(encrypting, key1);
+
+        byte[] key2 = new byte[8];
+        System.arraycopy(keyMaster, 8, key2, 0, key2.length);
+        workingKey2 = generateWorkingKey(!encrypting, key2);
+
+        if (keyMaster.length == 24)
+        {
+            byte[] key3 = new byte[8];
+            System.arraycopy(keyMaster, 16, key3, 0, key3.length);
+            workingKey3 = generateWorkingKey(encrypting, key3);
+        }
+        else    // 16 byte key
+        {
+            workingKey3 = workingKey1;
+        }
+    }
+
+    public String getAlgorithmName()
+    {
+        return "DESede";
+    }
+
+    public int getBlockSize()
+    {
+        return BLOCK_SIZE;
+    }
+
+    public int processBlock(
+        byte[] in,
+        int inOff,
+        byte[] out,
+        int outOff)
+    {
+        if (workingKey1 == null)
+        {
+            throw new IllegalStateException("DESede engine not initialised");
+        }
+
+        if ((inOff + BLOCK_SIZE) > in.length)
+        {
+            throw new DataLengthException("input buffer too short");
+        }
+
+        if ((outOff + BLOCK_SIZE) > out.length)
+        {
+            throw new OutputLengthException("output buffer too short");
+        }
+
+        byte[] temp = new byte[BLOCK_SIZE];
+
+        if (forEncryption)
+        {
+            desFunc(workingKey1, in, inOff, temp, 0);
+            desFunc(workingKey2, temp, 0, temp, 0);
+            desFunc(workingKey3, temp, 0, out, outOff);
+        }
+        else
+        {
+            desFunc(workingKey3, in, inOff, temp, 0);
+            desFunc(workingKey2, temp, 0, temp, 0);
+            desFunc(workingKey1, temp, 0, out, outOff);
+        }
+
+        return BLOCK_SIZE;
+    }
+
+    public void reset()
+    {
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/DESedeWrapEngine.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/DESedeWrapEngine.java
new file mode 100644
index 0000000..f9b3de7
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/DESedeWrapEngine.java

@@ -0,0 +1,356 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.engines;
+
+import java.security.SecureRandom;
+
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.CryptoServicesRegistrar;
+import com.android.org.bouncycastle.crypto.Digest;
+import com.android.org.bouncycastle.crypto.InvalidCipherTextException;
+import com.android.org.bouncycastle.crypto.Wrapper;
+import com.android.org.bouncycastle.crypto.modes.CBCBlockCipher;
+import com.android.org.bouncycastle.crypto.params.KeyParameter;
+import com.android.org.bouncycastle.crypto.params.ParametersWithIV;
+import com.android.org.bouncycastle.crypto.params.ParametersWithRandom;
+// Android-changed: Use Android digests
+// import org.bouncycastle.crypto.util.DigestFactory;
+import com.android.org.bouncycastle.crypto.digests.AndroidDigestFactory;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * Wrap keys according to
+ * <A HREF="https://www.ietf.org/rfc/rfc3217.txt">
+ * RFC 3217</A>.
+ * <p>
+ * Note: 
+ * <ul>
+ * <li>if you are using this to wrap triple-des keys you need to set the
+ * parity bits on the key and, if it's a two-key triple-des key, pad it
+ * yourself.
+ * </ul>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DESedeWrapEngine
+    implements Wrapper
+{
+   /** Field engine */
+   private CBCBlockCipher engine;
+
+   /** Field param */
+   private KeyParameter param;
+
+   /** Field paramPlusIV */
+   private ParametersWithIV paramPlusIV;
+
+   /** Field iv */
+   private byte[] iv;
+
+   /** Field forWrapping */
+   private boolean forWrapping;
+
+   /** Field IV2           */
+   private static final byte[] IV2 = { (byte) 0x4a, (byte) 0xdd, (byte) 0xa2,
+                                       (byte) 0x2c, (byte) 0x79, (byte) 0xe8,
+                                       (byte) 0x21, (byte) 0x05 };
+
+    //
+    // checksum digest
+    //
+    // Android-changed: Use Android digests
+    // Digest  sha1 = DigestFactory.createSHA1();
+    Digest  sha1 = AndroidDigestFactory.getSHA1();
+    byte[]  digest = new byte[20];
+
+   /**
+    * Method init
+    *
+    * @param forWrapping true if for wrapping, false otherwise.
+    * @param param necessary parameters, may include KeyParameter, ParametersWithRandom, and ParametersWithIV
+    */
+    public void init(boolean forWrapping, CipherParameters param)
+    {
+
+        this.forWrapping = forWrapping;
+        this.engine = new CBCBlockCipher(new DESedeEngine());
+
+        SecureRandom sr;
+        if (param instanceof ParametersWithRandom)
+        {
+            ParametersWithRandom pr = (ParametersWithRandom) param;
+            param = pr.getParameters();
+            sr = pr.getRandom();
+        }
+        else
+        {
+            sr = CryptoServicesRegistrar.getSecureRandom();
+        }
+
+        if (param instanceof KeyParameter)
+        {
+            this.param = (KeyParameter)param;
+
+            if (this.forWrapping)
+            {
+
+                // Hm, we have no IV but we want to wrap ?!?
+                // well, then we have to create our own IV.
+                this.iv = new byte[8];
+                sr.nextBytes(iv);
+
+                this.paramPlusIV = new ParametersWithIV(this.param, this.iv);
+            }
+        }
+        else if (param instanceof ParametersWithIV)
+        {
+            this.paramPlusIV = (ParametersWithIV)param;
+            this.iv = this.paramPlusIV.getIV();
+            this.param = (KeyParameter)this.paramPlusIV.getParameters();
+
+            if (this.forWrapping)
+            {
+                if ((this.iv == null) || (this.iv.length != 8))
+                {
+                    throw new IllegalArgumentException("IV is not 8 octets");
+                }
+            }
+            else
+            {
+                throw new IllegalArgumentException(
+                        "You should not supply an IV for unwrapping");
+            }
+        }
+    }
+
+   /**
+    * Method getAlgorithmName
+    *
+    * @return the algorithm name "DESede".
+    */
+   public String getAlgorithmName() 
+   {
+      return "DESede";
+   }
+
+   /**
+    * Method wrap
+    *
+    * @param in byte array containing the encoded key.
+    * @param inOff off set into in that the data starts at.
+    * @param inLen  length of the data.
+    * @return the wrapped bytes.
+    */
+   public byte[] wrap(byte[] in, int inOff, int inLen) 
+   {
+      if (!forWrapping) 
+      {
+         throw new IllegalStateException("Not initialized for wrapping");
+      }
+
+      byte keyToBeWrapped[] = new byte[inLen];
+
+      System.arraycopy(in, inOff, keyToBeWrapped, 0, inLen);
+
+      // Compute the CMS Key Checksum, (section 5.6.1), call this CKS.
+      byte[] CKS = calculateCMSKeyChecksum(keyToBeWrapped);
+
+      // Let WKCKS = WK || CKS where || is concatenation.
+      byte[] WKCKS = new byte[keyToBeWrapped.length + CKS.length];
+
+      System.arraycopy(keyToBeWrapped, 0, WKCKS, 0, keyToBeWrapped.length);
+      System.arraycopy(CKS, 0, WKCKS, keyToBeWrapped.length, CKS.length);
+
+      // Encrypt WKCKS in CBC mode using KEK as the key and IV as the
+      // initialization vector. Call the results TEMP1.
+
+      int blockSize = engine.getBlockSize();
+
+      if (WKCKS.length % blockSize != 0) 
+      {
+         throw new IllegalStateException("Not multiple of block length");
+      }
+
+      engine.init(true, paramPlusIV);
+
+      byte TEMP1[] = new byte[WKCKS.length];
+
+      for (int currentBytePos = 0; currentBytePos != WKCKS.length; currentBytePos += blockSize) 
+      {
+         engine.processBlock(WKCKS, currentBytePos, TEMP1, currentBytePos);
+      }
+
+      // Let TEMP2 = IV || TEMP1.
+      byte[] TEMP2 = new byte[this.iv.length + TEMP1.length];
+
+      System.arraycopy(this.iv, 0, TEMP2, 0, this.iv.length);
+      System.arraycopy(TEMP1, 0, TEMP2, this.iv.length, TEMP1.length);
+
+      // Reverse the order of the octets in TEMP2 and call the result TEMP3.
+      byte[] TEMP3 = reverse(TEMP2);
+
+      // Encrypt TEMP3 in CBC mode using the KEK and an initialization vector
+      // of 0x 4a dd a2 2c 79 e8 21 05. The resulting cipher text is the desired
+      // result. It is 40 octets long if a 168 bit key is being wrapped.
+      ParametersWithIV param2 = new ParametersWithIV(this.param, IV2);
+
+      this.engine.init(true, param2);
+
+      for (int currentBytePos = 0; currentBytePos != TEMP3.length; currentBytePos += blockSize) 
+      {
+         engine.processBlock(TEMP3, currentBytePos, TEMP3, currentBytePos);
+      }
+
+      return TEMP3;
+   }
+
+   /**
+    * Method unwrap
+    *
+    * @param in byte array containing the wrapped key.
+    * @param inOff off set into in that the data starts at.
+    * @param inLen  length of the data.
+    * @return the unwrapped bytes.
+    * @throws InvalidCipherTextException
+    */
+    public byte[] unwrap(byte[] in, int inOff, int inLen)
+           throws InvalidCipherTextException 
+    {
+        if (forWrapping)
+        {
+            throw new IllegalStateException("Not set for unwrapping");
+        }
+        
+        if (in == null)
+        {
+            throw new InvalidCipherTextException("Null pointer as ciphertext");
+        }
+
+        final int blockSize = engine.getBlockSize();
+        if (inLen % blockSize != 0)
+        {
+            throw new InvalidCipherTextException("Ciphertext not multiple of " + blockSize);
+        }
+
+      /*
+      // Check if the length of the cipher text is reasonable given the key
+      // type. It must be 40 bytes for a 168 bit key and either 32, 40, or
+      // 48 bytes for a 128, 192, or 256 bit key. If the length is not supported
+      // or inconsistent with the algorithm for which the key is intended,
+      // return error.
+      //
+      // we do not accept 168 bit keys. it has to be 192 bit.
+      int lengthA = (estimatedKeyLengthInBit / 8) + 16;
+      int lengthB = estimatedKeyLengthInBit % 8;
+
+      if ((lengthA != keyToBeUnwrapped.length) || (lengthB != 0)) {
+         throw new XMLSecurityException("empty");
+      }
+      */
+
+      // Decrypt the cipher text with TRIPLedeS in CBC mode using the KEK
+      // and an initialization vector (IV) of 0x4adda22c79e82105. Call the output TEMP3.
+      ParametersWithIV param2 = new ParametersWithIV(this.param, IV2);
+
+      this.engine.init(false, param2);
+
+      byte TEMP3[] = new byte[inLen];
+
+      for (int currentBytePos = 0; currentBytePos != inLen; currentBytePos += blockSize) 
+      {
+         engine.processBlock(in, inOff + currentBytePos, TEMP3, currentBytePos);
+      }
+
+      // Reverse the order of the octets in TEMP3 and call the result TEMP2.
+      byte[] TEMP2 = reverse(TEMP3);
+
+      // Decompose TEMP2 into IV, the first 8 octets, and TEMP1, the remaining octets.
+      this.iv = new byte[8];
+
+      byte[] TEMP1 = new byte[TEMP2.length - 8];
+
+      System.arraycopy(TEMP2, 0, this.iv, 0, 8);
+      System.arraycopy(TEMP2, 8, TEMP1, 0, TEMP2.length - 8);
+
+      // Decrypt TEMP1 using TRIPLedeS in CBC mode using the KEK and the IV
+      // found in the previous step. Call the result WKCKS.
+      this.paramPlusIV = new ParametersWithIV(this.param, this.iv);
+
+      this.engine.init(false, this.paramPlusIV);
+
+      byte[] WKCKS = new byte[TEMP1.length];
+
+      for (int currentBytePos = 0; currentBytePos != WKCKS.length; currentBytePos += blockSize) 
+      {
+         engine.processBlock(TEMP1, currentBytePos, WKCKS, currentBytePos);
+      }
+
+      // Decompose WKCKS. CKS is the last 8 octets and WK, the wrapped key, are
+      // those octets before the CKS.
+      byte[] result = new byte[WKCKS.length - 8];
+      byte[] CKStoBeVerified = new byte[8];
+
+      System.arraycopy(WKCKS, 0, result, 0, WKCKS.length - 8);
+      System.arraycopy(WKCKS, WKCKS.length - 8, CKStoBeVerified, 0, 8);
+
+      // Calculate a CMS Key Checksum, (section 5.6.1), over the WK and compare
+      // with the CKS extracted in the above step. If they are not equal, return error.
+      if (!checkCMSKeyChecksum(result, CKStoBeVerified)) 
+      {
+         throw new InvalidCipherTextException(
+            "Checksum inside ciphertext is corrupted");
+      }
+
+      // WK is the wrapped key, now extracted for use in data decryption.
+      return result;
+   }
+
+    /**
+     * Some key wrap algorithms make use of the Key Checksum defined
+     * in CMS [CMS-Algorithms]. This is used to provide an integrity
+     * check value for the key being wrapped. The algorithm is
+     *
+     * - Compute the 20 octet SHA-1 hash on the key being wrapped.
+     * - Use the first 8 octets of this hash as the checksum value.
+     *
+     * For details see http://www.w3.org/TR/xmlenc-core/#sec-CMSKeyChecksum.
+     *
+     * @param key the key to check,
+     * @return the CMS checksum.
+     * @throws RuntimeException
+     */
+    private byte[] calculateCMSKeyChecksum(
+        byte[] key)
+    {
+        byte[]  result = new byte[8];
+
+        sha1.update(key, 0, key.length);
+        sha1.doFinal(digest, 0);
+
+        System.arraycopy(digest, 0, result, 0, 8);
+
+        return result;
+    }
+
+    /**
+     * For details see http://www.w3.org/TR/xmlenc-core/#sec-CMSKeyChecksum
+     *
+     * @param key key to be validated.
+     * @param checksum the checksum.
+     * @return true if okay, false otherwise.
+     */
+    private boolean checkCMSKeyChecksum(
+        byte[] key,
+        byte[] checksum)
+    {
+        return Arrays.constantTimeAreEqual(calculateCMSKeyChecksum(key), checksum);
+    }
+
+    private static byte[] reverse(byte[] bs)
+    {
+        byte[] result = new byte[bs.length];
+        for (int i = 0; i < bs.length; i++) 
+        {
+           result[i] = bs[bs.length - (i + 1)];
+        }
+        return result;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/RC2Engine.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/RC2Engine.java
new file mode 100644
index 0000000..05c3d1e
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/RC2Engine.java

@@ -0,0 +1,319 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.engines;
+
+import com.android.org.bouncycastle.crypto.BlockCipher;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.DataLengthException;
+import com.android.org.bouncycastle.crypto.OutputLengthException;
+import com.android.org.bouncycastle.crypto.params.KeyParameter;
+import com.android.org.bouncycastle.crypto.params.RC2Parameters;
+
+/**
+ * an implementation of RC2 as described in RFC 2268
+ *      "A Description of the RC2(r) Encryption Algorithm" R. Rivest.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class RC2Engine
+    implements BlockCipher
+{
+    //
+    // the values we use for key expansion (based on the digits of PI)
+    //
+    private static byte[] piTable =
+    {
+        (byte)0xd9, (byte)0x78, (byte)0xf9, (byte)0xc4, (byte)0x19, (byte)0xdd, (byte)0xb5, (byte)0xed, 
+        (byte)0x28, (byte)0xe9, (byte)0xfd, (byte)0x79, (byte)0x4a, (byte)0xa0, (byte)0xd8, (byte)0x9d, 
+        (byte)0xc6, (byte)0x7e, (byte)0x37, (byte)0x83, (byte)0x2b, (byte)0x76, (byte)0x53, (byte)0x8e, 
+        (byte)0x62, (byte)0x4c, (byte)0x64, (byte)0x88, (byte)0x44, (byte)0x8b, (byte)0xfb, (byte)0xa2, 
+        (byte)0x17, (byte)0x9a, (byte)0x59, (byte)0xf5, (byte)0x87, (byte)0xb3, (byte)0x4f, (byte)0x13, 
+        (byte)0x61, (byte)0x45, (byte)0x6d, (byte)0x8d, (byte)0x9, (byte)0x81, (byte)0x7d, (byte)0x32, 
+        (byte)0xbd, (byte)0x8f, (byte)0x40, (byte)0xeb, (byte)0x86, (byte)0xb7, (byte)0x7b, (byte)0xb, 
+        (byte)0xf0, (byte)0x95, (byte)0x21, (byte)0x22, (byte)0x5c, (byte)0x6b, (byte)0x4e, (byte)0x82, 
+        (byte)0x54, (byte)0xd6, (byte)0x65, (byte)0x93, (byte)0xce, (byte)0x60, (byte)0xb2, (byte)0x1c, 
+        (byte)0x73, (byte)0x56, (byte)0xc0, (byte)0x14, (byte)0xa7, (byte)0x8c, (byte)0xf1, (byte)0xdc, 
+        (byte)0x12, (byte)0x75, (byte)0xca, (byte)0x1f, (byte)0x3b, (byte)0xbe, (byte)0xe4, (byte)0xd1, 
+        (byte)0x42, (byte)0x3d, (byte)0xd4, (byte)0x30, (byte)0xa3, (byte)0x3c, (byte)0xb6, (byte)0x26, 
+        (byte)0x6f, (byte)0xbf, (byte)0xe, (byte)0xda, (byte)0x46, (byte)0x69, (byte)0x7, (byte)0x57, 
+        (byte)0x27, (byte)0xf2, (byte)0x1d, (byte)0x9b, (byte)0xbc, (byte)0x94, (byte)0x43, (byte)0x3, 
+        (byte)0xf8, (byte)0x11, (byte)0xc7, (byte)0xf6, (byte)0x90, (byte)0xef, (byte)0x3e, (byte)0xe7, 
+        (byte)0x6, (byte)0xc3, (byte)0xd5, (byte)0x2f, (byte)0xc8, (byte)0x66, (byte)0x1e, (byte)0xd7, 
+        (byte)0x8, (byte)0xe8, (byte)0xea, (byte)0xde, (byte)0x80, (byte)0x52, (byte)0xee, (byte)0xf7, 
+        (byte)0x84, (byte)0xaa, (byte)0x72, (byte)0xac, (byte)0x35, (byte)0x4d, (byte)0x6a, (byte)0x2a, 
+        (byte)0x96, (byte)0x1a, (byte)0xd2, (byte)0x71, (byte)0x5a, (byte)0x15, (byte)0x49, (byte)0x74, 
+        (byte)0x4b, (byte)0x9f, (byte)0xd0, (byte)0x5e, (byte)0x4, (byte)0x18, (byte)0xa4, (byte)0xec, 
+        (byte)0xc2, (byte)0xe0, (byte)0x41, (byte)0x6e, (byte)0xf, (byte)0x51, (byte)0xcb, (byte)0xcc, 
+        (byte)0x24, (byte)0x91, (byte)0xaf, (byte)0x50, (byte)0xa1, (byte)0xf4, (byte)0x70, (byte)0x39, 
+        (byte)0x99, (byte)0x7c, (byte)0x3a, (byte)0x85, (byte)0x23, (byte)0xb8, (byte)0xb4, (byte)0x7a, 
+        (byte)0xfc, (byte)0x2, (byte)0x36, (byte)0x5b, (byte)0x25, (byte)0x55, (byte)0x97, (byte)0x31, 
+        (byte)0x2d, (byte)0x5d, (byte)0xfa, (byte)0x98, (byte)0xe3, (byte)0x8a, (byte)0x92, (byte)0xae, 
+        (byte)0x5, (byte)0xdf, (byte)0x29, (byte)0x10, (byte)0x67, (byte)0x6c, (byte)0xba, (byte)0xc9, 
+        (byte)0xd3, (byte)0x0, (byte)0xe6, (byte)0xcf, (byte)0xe1, (byte)0x9e, (byte)0xa8, (byte)0x2c, 
+        (byte)0x63, (byte)0x16, (byte)0x1, (byte)0x3f, (byte)0x58, (byte)0xe2, (byte)0x89, (byte)0xa9, 
+        (byte)0xd, (byte)0x38, (byte)0x34, (byte)0x1b, (byte)0xab, (byte)0x33, (byte)0xff, (byte)0xb0, 
+        (byte)0xbb, (byte)0x48, (byte)0xc, (byte)0x5f, (byte)0xb9, (byte)0xb1, (byte)0xcd, (byte)0x2e, 
+        (byte)0xc5, (byte)0xf3, (byte)0xdb, (byte)0x47, (byte)0xe5, (byte)0xa5, (byte)0x9c, (byte)0x77, 
+        (byte)0xa, (byte)0xa6, (byte)0x20, (byte)0x68, (byte)0xfe, (byte)0x7f, (byte)0xc1, (byte)0xad 
+    };
+
+    private static final int BLOCK_SIZE = 8;
+
+    private int[]   workingKey;
+    private boolean encrypting;
+
+    private int[] generateWorkingKey(
+        byte[]      key,
+        int         bits)
+    {
+        int     x;
+        int[]   xKey = new int[128];
+
+        for (int i = 0; i != key.length; i++)
+        {
+            xKey[i] = key[i] & 0xff;
+        }
+
+        // Phase 1: Expand input key to 128 bytes
+        int len = key.length;
+
+        if (len < 128)
+        {
+            int     index = 0;
+
+            x = xKey[len - 1];
+
+            do
+            {
+                x = piTable[(x + xKey[index++]) & 255] & 0xff;
+                xKey[len++] = x;
+            }
+            while (len < 128);
+        }
+
+        // Phase 2 - reduce effective key size to "bits"
+        len = (bits + 7) >> 3;
+        x = piTable[xKey[128 - len] & (255 >> (7 & -bits))] & 0xff;
+        xKey[128 - len] = x;
+
+        for (int i = 128 - len - 1; i >= 0; i--)
+        {
+                x = piTable[x ^ xKey[i + len]] & 0xff;
+                xKey[i] = x;
+        }
+
+        // Phase 3 - copy to newKey in little-endian order 
+        int[] newKey = new int[64];
+
+        for (int i = 0; i != newKey.length; i++)
+        {
+            newKey[i] = (xKey[2 * i] + (xKey[2 * i + 1] << 8));
+        }
+
+        return newKey;
+    }
+
+    /**
+     * initialise a RC2 cipher.
+     *
+     * @param encrypting whether or not we are for encryption.
+     * @param params the parameters required to set up the cipher.
+     * @exception IllegalArgumentException if the params argument is
+     * inappropriate.
+     */
+    public void init(
+        boolean           encrypting,
+        CipherParameters  params)
+    {
+        this.encrypting = encrypting;
+
+        if (params instanceof RC2Parameters)
+        {
+            RC2Parameters   param = (RC2Parameters)params;
+
+            workingKey = generateWorkingKey(param.getKey(),
+                                            param.getEffectiveKeyBits());
+        }
+        else if (params instanceof KeyParameter)
+        {
+            byte[]    key = ((KeyParameter)params).getKey();
+
+            workingKey = generateWorkingKey(key, key.length * 8);
+        }
+        else
+        {
+            throw new IllegalArgumentException("invalid parameter passed to RC2 init - " + params.getClass().getName());
+        }
+
+    }
+
+    public void reset()
+    {
+    }
+
+    public String getAlgorithmName()
+    {
+        return "RC2";
+    }
+
+    public int getBlockSize()
+    {
+        return BLOCK_SIZE;
+    }
+
+    public final int processBlock(
+        byte[] in,
+        int inOff,
+        byte[] out,
+        int outOff)
+    {
+        if (workingKey == null)
+        {
+            throw new IllegalStateException("RC2 engine not initialised");
+        }
+
+        if ((inOff + BLOCK_SIZE) > in.length)
+        {
+            throw new DataLengthException("input buffer too short");
+        }
+
+        if ((outOff + BLOCK_SIZE) > out.length)
+        {
+            throw new OutputLengthException("output buffer too short");
+        }
+
+        if (encrypting)
+        {
+            encryptBlock(in, inOff, out, outOff);
+        }
+        else
+        {
+            decryptBlock(in, inOff, out, outOff);
+        }
+
+        return BLOCK_SIZE;
+    }
+
+    /**
+     * return the result rotating the 16 bit number in x left by y
+     */
+    private int rotateWordLeft(
+        int x,
+        int y)
+    {
+        x &= 0xffff;
+        return (x << y) | (x >> (16 - y));
+    }
+
+    private void encryptBlock(
+        byte[]  in,
+        int     inOff,
+        byte[]  out,
+        int     outOff)
+    {
+        int x76, x54, x32, x10;
+
+        x76 = ((in[inOff + 7] & 0xff) << 8) + (in[inOff + 6] & 0xff);
+        x54 = ((in[inOff + 5] & 0xff) << 8) + (in[inOff + 4] & 0xff);
+        x32 = ((in[inOff + 3] & 0xff) << 8) + (in[inOff + 2] & 0xff);
+        x10 = ((in[inOff + 1] & 0xff) << 8) + (in[inOff + 0] & 0xff);
+
+        for (int i = 0; i <= 16; i += 4)
+        {
+                x10 = rotateWordLeft(x10 + (x32 & ~x76) + (x54 & x76) + workingKey[i  ], 1);
+                x32 = rotateWordLeft(x32 + (x54 & ~x10) + (x76 & x10) + workingKey[i+1], 2);
+                x54 = rotateWordLeft(x54 + (x76 & ~x32) + (x10 & x32) + workingKey[i+2], 3);
+                x76 = rotateWordLeft(x76 + (x10 & ~x54) + (x32 & x54) + workingKey[i+3], 5);
+        }
+
+        x10 += workingKey[x76 & 63];
+        x32 += workingKey[x10 & 63];
+        x54 += workingKey[x32 & 63];
+        x76 += workingKey[x54 & 63];
+
+        for (int i = 20; i <= 40; i += 4)
+        {
+                x10 = rotateWordLeft(x10 + (x32 & ~x76) + (x54 & x76) + workingKey[i  ], 1);
+                x32 = rotateWordLeft(x32 + (x54 & ~x10) + (x76 & x10) + workingKey[i+1], 2);
+                x54 = rotateWordLeft(x54 + (x76 & ~x32) + (x10 & x32) + workingKey[i+2], 3);
+                x76 = rotateWordLeft(x76 + (x10 & ~x54) + (x32 & x54) + workingKey[i+3], 5);
+        }
+
+        x10 += workingKey[x76 & 63];
+        x32 += workingKey[x10 & 63];
+        x54 += workingKey[x32 & 63];
+        x76 += workingKey[x54 & 63];
+
+        for (int i = 44; i < 64; i += 4)
+        {
+                x10 = rotateWordLeft(x10 + (x32 & ~x76) + (x54 & x76) + workingKey[i  ], 1);
+                x32 = rotateWordLeft(x32 + (x54 & ~x10) + (x76 & x10) + workingKey[i+1], 2);
+                x54 = rotateWordLeft(x54 + (x76 & ~x32) + (x10 & x32) + workingKey[i+2], 3);
+                x76 = rotateWordLeft(x76 + (x10 & ~x54) + (x32 & x54) + workingKey[i+3], 5);
+        }
+
+        out[outOff + 0] = (byte)x10;
+        out[outOff + 1] = (byte)(x10 >> 8);
+        out[outOff + 2] = (byte)x32;
+        out[outOff + 3] = (byte)(x32 >> 8);
+        out[outOff + 4] = (byte)x54;
+        out[outOff + 5] = (byte)(x54 >> 8);
+        out[outOff + 6] = (byte)x76;
+        out[outOff + 7] = (byte)(x76 >> 8);
+    }
+
+    private void decryptBlock(
+        byte[]  in,
+        int     inOff,
+        byte[]  out,
+        int     outOff)
+    {
+        int x76, x54, x32, x10;
+
+        x76 = ((in[inOff + 7] & 0xff) << 8) + (in[inOff + 6] & 0xff);
+        x54 = ((in[inOff + 5] & 0xff) << 8) + (in[inOff + 4] & 0xff);
+        x32 = ((in[inOff + 3] & 0xff) << 8) + (in[inOff + 2] & 0xff);
+        x10 = ((in[inOff + 1] & 0xff) << 8) + (in[inOff + 0] & 0xff);
+
+        for (int i = 60; i >= 44; i -= 4)
+        {
+            x76 = rotateWordLeft(x76, 11) - ((x10 & ~x54) + (x32 & x54) + workingKey[i+3]);
+            x54 = rotateWordLeft(x54, 13) - ((x76 & ~x32) + (x10 & x32) + workingKey[i+2]);
+            x32 = rotateWordLeft(x32, 14) - ((x54 & ~x10) + (x76 & x10) + workingKey[i+1]);
+            x10 = rotateWordLeft(x10, 15) - ((x32 & ~x76) + (x54 & x76) + workingKey[i  ]);
+        }
+
+        x76 -= workingKey[x54 & 63];
+        x54 -= workingKey[x32 & 63];
+        x32 -= workingKey[x10 & 63];
+        x10 -= workingKey[x76 & 63];
+
+        for (int i = 40; i >= 20; i -= 4)
+        {
+            x76 = rotateWordLeft(x76, 11) - ((x10 & ~x54) + (x32 & x54) + workingKey[i+3]);
+            x54 = rotateWordLeft(x54, 13) - ((x76 & ~x32) + (x10 & x32) + workingKey[i+2]);
+            x32 = rotateWordLeft(x32, 14) - ((x54 & ~x10) + (x76 & x10) + workingKey[i+1]);
+            x10 = rotateWordLeft(x10, 15) - ((x32 & ~x76) + (x54 & x76) + workingKey[i  ]);
+        }
+
+        x76 -= workingKey[x54 & 63];
+        x54 -= workingKey[x32 & 63];
+        x32 -= workingKey[x10 & 63];
+        x10 -= workingKey[x76 & 63];
+
+        for (int i = 16; i >= 0; i -= 4)
+        {
+            x76 = rotateWordLeft(x76, 11) - ((x10 & ~x54) + (x32 & x54) + workingKey[i+3]);
+            x54 = rotateWordLeft(x54, 13) - ((x76 & ~x32) + (x10 & x32) + workingKey[i+2]);
+            x32 = rotateWordLeft(x32, 14) - ((x54 & ~x10) + (x76 & x10) + workingKey[i+1]);
+            x10 = rotateWordLeft(x10, 15) - ((x32 & ~x76) + (x54 & x76) + workingKey[i  ]);
+        }
+
+        out[outOff + 0] = (byte)x10;
+        out[outOff + 1] = (byte)(x10 >> 8);
+        out[outOff + 2] = (byte)x32;
+        out[outOff + 3] = (byte)(x32 >> 8);
+        out[outOff + 4] = (byte)x54;
+        out[outOff + 5] = (byte)(x54 >> 8);
+        out[outOff + 6] = (byte)x76;
+        out[outOff + 7] = (byte)(x76 >> 8);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/RC4Engine.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/RC4Engine.java
new file mode 100644
index 0000000..2a8b108
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/RC4Engine.java

@@ -0,0 +1,150 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.engines;
+
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.DataLengthException;
+import com.android.org.bouncycastle.crypto.OutputLengthException;
+import com.android.org.bouncycastle.crypto.StreamCipher;
+import com.android.org.bouncycastle.crypto.params.KeyParameter;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class RC4Engine implements StreamCipher
+{
+    private final static int STATE_LENGTH = 256;
+
+    /*
+     * variables to hold the state of the RC4 engine
+     * during encryption and decryption
+     */
+
+    private byte[]      engineState = null;
+    private int         x = 0;
+    private int         y = 0;
+    private byte[]      workingKey = null;
+
+    /**
+     * initialise a RC4 cipher.
+     *
+     * @param forEncryption whether or not we are for encryption.
+     * @param params the parameters required to set up the cipher.
+     * @exception IllegalArgumentException if the params argument is
+     * inappropriate.
+     */
+    public void init(
+        boolean             forEncryption, 
+        CipherParameters     params
+   )
+    {
+        if (params instanceof KeyParameter)
+        {
+            /* 
+             * RC4 encryption and decryption is completely
+             * symmetrical, so the 'forEncryption' is 
+             * irrelevant.
+             */
+            workingKey = ((KeyParameter)params).getKey();
+            setKey(workingKey);
+
+            return;
+        }
+
+        throw new IllegalArgumentException("invalid parameter passed to RC4 init - " + params.getClass().getName());
+    }
+
+    public String getAlgorithmName()
+    {
+        return "RC4";
+    }
+
+    public byte returnByte(byte in)
+    {
+        x = (x + 1) & 0xff;
+        y = (engineState[x] + y) & 0xff;
+
+        // swap
+        byte tmp = engineState[x];
+        engineState[x] = engineState[y];
+        engineState[y] = tmp;
+
+        // xor
+        return (byte)(in ^ engineState[(engineState[x] + engineState[y]) & 0xff]);
+    }
+
+    public int processBytes(
+        byte[]     in, 
+        int     inOff, 
+        int     len, 
+        byte[]     out, 
+        int     outOff)
+    {
+        if ((inOff + len) > in.length)
+        {
+            throw new DataLengthException("input buffer too short");
+        }
+
+        if ((outOff + len) > out.length)
+        {
+            throw new OutputLengthException("output buffer too short");
+        }
+
+        for (int i = 0; i < len ; i++)
+        {
+            x = (x + 1) & 0xff;
+            y = (engineState[x] + y) & 0xff;
+
+            // swap
+            byte tmp = engineState[x];
+            engineState[x] = engineState[y];
+            engineState[y] = tmp;
+
+            // xor
+            out[i+outOff] = (byte)(in[i + inOff]
+                    ^ engineState[(engineState[x] + engineState[y]) & 0xff]);
+        }
+
+        return len;
+    }
+
+    public void reset()
+    {
+        setKey(workingKey);
+    }
+
+    // Private implementation
+
+    private void setKey(byte[] keyBytes)
+    {
+        workingKey = keyBytes;
+
+        // System.out.println("the key length is ; "+ workingKey.length);
+
+        x = 0;
+        y = 0;
+
+        if (engineState == null)
+        {
+            engineState = new byte[STATE_LENGTH];
+        }
+
+        // reset the state of the engine
+        for (int i=0; i < STATE_LENGTH; i++)
+        {
+            engineState[i] = (byte)i;
+        }
+        
+        int i1 = 0;
+        int i2 = 0;
+
+        for (int i=0; i < STATE_LENGTH; i++)
+        {
+            i2 = ((keyBytes[i1] & 0xff) + engineState[i] + i2) & 0xff;
+            // do the byte-swap inline
+            byte tmp = engineState[i];
+            engineState[i] = engineState[i2];
+            engineState[i2] = tmp;
+            i1 = (i1+1) % keyBytes.length; 
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/RFC3394WrapEngine.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/RFC3394WrapEngine.java
new file mode 100644
index 0000000..b014a52
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/RFC3394WrapEngine.java

@@ -0,0 +1,197 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.engines;
+
+import com.android.org.bouncycastle.crypto.BlockCipher;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.DataLengthException;
+import com.android.org.bouncycastle.crypto.InvalidCipherTextException;
+import com.android.org.bouncycastle.crypto.Wrapper;
+import com.android.org.bouncycastle.crypto.params.KeyParameter;
+import com.android.org.bouncycastle.crypto.params.ParametersWithIV;
+import com.android.org.bouncycastle.crypto.params.ParametersWithRandom;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * an implementation of the AES Key Wrapper from the NIST Key Wrap
+ * Specification as described in RFC 3394.
+ * <p>
+ * For further details see: <a href="http://www.ietf.org/rfc/rfc3394.txt">http://www.ietf.org/rfc/rfc3394.txt</a>
+ * and  <a href="http://csrc.nist.gov/encryption/kms/key-wrap.pdf">http://csrc.nist.gov/encryption/kms/key-wrap.pdf</a>.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class RFC3394WrapEngine
+    implements Wrapper
+{
+    private BlockCipher     engine;
+    private boolean         wrapCipherMode;
+    private KeyParameter    param;
+    private boolean         forWrapping;
+
+    private byte[]          iv = {
+                              (byte)0xa6, (byte)0xa6, (byte)0xa6, (byte)0xa6,
+                              (byte)0xa6, (byte)0xa6, (byte)0xa6, (byte)0xa6 };
+
+    /**
+     * Create a RFC 3394 WrapEngine specifying the encrypt for wrapping, decrypt for unwrapping.
+     *
+     * @param engine the block cipher to be used for wrapping.
+     */
+    public RFC3394WrapEngine(BlockCipher engine)
+    {
+        this(engine, false);
+    }
+
+    /**
+     * Create a RFC 3394 WrapEngine specifying the direction for wrapping and unwrapping..
+     *
+     * @param engine the block cipher to be used for wrapping.
+     * @param useReverseDirection true if engine should be used in decryption mode for wrapping, false otherwise.
+     */
+    public RFC3394WrapEngine(BlockCipher engine, boolean useReverseDirection)
+    {
+        this.engine = engine;
+        this.wrapCipherMode = (useReverseDirection) ? false : true;
+    }
+
+    public void init(
+        boolean             forWrapping,
+        CipherParameters    param)
+    {
+        this.forWrapping = forWrapping;
+
+        if (param instanceof ParametersWithRandom)
+        {
+            param = ((ParametersWithRandom) param).getParameters();
+        }
+
+        if (param instanceof KeyParameter)
+        {
+            this.param = (KeyParameter)param;
+        }
+        else if (param instanceof ParametersWithIV)
+        {
+            this.iv = ((ParametersWithIV)param).getIV();
+            this.param = (KeyParameter)((ParametersWithIV) param).getParameters();
+            if (this.iv.length != 8)
+            {
+               throw new IllegalArgumentException("IV not equal to 8");
+            }
+        }
+    }
+
+    public String getAlgorithmName()
+    {
+        return engine.getAlgorithmName();
+    }
+
+    public byte[] wrap(
+        byte[]  in,
+        int     inOff,
+        int     inLen)
+    {
+        if (!forWrapping)
+        {
+            throw new IllegalStateException("not set for wrapping");
+        }
+
+        int     n = inLen / 8;
+
+        if ((n * 8) != inLen)
+        {
+            throw new DataLengthException("wrap data must be a multiple of 8 bytes");
+        }
+
+        byte[]  block = new byte[inLen + iv.length];
+        byte[]  buf = new byte[8 + iv.length];
+
+        System.arraycopy(iv, 0, block, 0, iv.length);
+        System.arraycopy(in, inOff, block, iv.length, inLen);
+
+        engine.init(wrapCipherMode, param);
+
+        for (int j = 0; j != 6; j++)
+        {
+            for (int i = 1; i <= n; i++)
+            {
+                System.arraycopy(block, 0, buf, 0, iv.length);
+                System.arraycopy(block, 8 * i, buf, iv.length, 8);
+                engine.processBlock(buf, 0, buf, 0);
+
+                int t = n * j + i;
+                for (int k = 1; t != 0; k++)
+                {
+                    byte    v = (byte)t;
+
+                    buf[iv.length - k] ^= v;
+
+                    t >>>= 8;
+                }
+
+                System.arraycopy(buf, 0, block, 0, 8);
+                System.arraycopy(buf, 8, block, 8 * i, 8);
+            }
+        }
+
+        return block;
+    }
+
+    public byte[] unwrap(
+        byte[]  in,
+        int     inOff,
+        int     inLen)
+        throws InvalidCipherTextException
+    {
+        if (forWrapping)
+        {
+            throw new IllegalStateException("not set for unwrapping");
+        }
+
+        int     n = inLen / 8;
+
+        if ((n * 8) != inLen)
+        {
+            throw new InvalidCipherTextException("unwrap data must be a multiple of 8 bytes");
+        }
+
+        byte[]  block = new byte[inLen - iv.length];
+        byte[]  a = new byte[iv.length];
+        byte[]  buf = new byte[8 + iv.length];
+
+        System.arraycopy(in, inOff, a, 0, iv.length);
+        System.arraycopy(in, inOff + iv.length, block, 0, inLen - iv.length);
+
+        engine.init(!wrapCipherMode, param);
+
+        n = n - 1;
+
+        for (int j = 5; j >= 0; j--)
+        {
+            for (int i = n; i >= 1; i--)
+            {
+                System.arraycopy(a, 0, buf, 0, iv.length);
+                System.arraycopy(block, 8 * (i - 1), buf, iv.length, 8);
+
+                int t = n * j + i;
+                for (int k = 1; t != 0; k++)
+                {
+                    byte    v = (byte)t;
+
+                    buf[iv.length - k] ^= v;
+
+                    t >>>= 8;
+                }
+
+                engine.processBlock(buf, 0, buf, 0);
+                System.arraycopy(buf, 0, a, 0, 8);
+                System.arraycopy(buf, 8, block, 8 * (i - 1), 8);
+            }
+        }
+
+        if (!Arrays.constantTimeAreEqual(a, iv))
+        {
+            throw new InvalidCipherTextException("checksum failed");
+        }
+
+        return block;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/RSABlindedEngine.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/RSABlindedEngine.java
new file mode 100644
index 0000000..3e89d40
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/RSABlindedEngine.java

@@ -0,0 +1,134 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.engines;
+
+import java.math.BigInteger;
+import java.security.SecureRandom;
+
+import com.android.org.bouncycastle.crypto.AsymmetricBlockCipher;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.CryptoServicesRegistrar;
+import com.android.org.bouncycastle.crypto.DataLengthException;
+import com.android.org.bouncycastle.crypto.params.ParametersWithRandom;
+import com.android.org.bouncycastle.crypto.params.RSAKeyParameters;
+import com.android.org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
+import com.android.org.bouncycastle.util.BigIntegers;
+
+/**
+ * this does your basic RSA algorithm with blinding
+ * @hide This class is not part of the Android public SDK API
+ */
+public class RSABlindedEngine
+    implements AsymmetricBlockCipher
+{
+    private static final BigInteger ONE = BigInteger.valueOf(1);
+
+    private RSACoreEngine    core = new RSACoreEngine();
+    private RSAKeyParameters key;
+    private SecureRandom     random;
+
+    /**
+     * initialise the RSA engine.
+     *
+     * @param forEncryption true if we are encrypting, false otherwise.
+     * @param param the necessary RSA key parameters.
+     */
+    public void init(
+        boolean             forEncryption,
+        CipherParameters    param)
+    {
+        core.init(forEncryption, param);
+
+        if (param instanceof ParametersWithRandom)
+        {
+            ParametersWithRandom    rParam = (ParametersWithRandom)param;
+
+            key = (RSAKeyParameters)rParam.getParameters();
+            random = rParam.getRandom();
+        }
+        else
+        {
+            key = (RSAKeyParameters)param;
+            random = CryptoServicesRegistrar.getSecureRandom();
+        }
+    }
+
+    /**
+     * Return the maximum size for an input block to this engine.
+     * For RSA this is always one byte less than the key size on
+     * encryption, and the same length as the key size on decryption.
+     *
+     * @return maximum size for an input block.
+     */
+    public int getInputBlockSize()
+    {
+        return core.getInputBlockSize();
+    }
+
+    /**
+     * Return the maximum size for an output block to this engine.
+     * For RSA this is always one byte less than the key size on
+     * decryption, and the same length as the key size on encryption.
+     *
+     * @return maximum size for an output block.
+     */
+    public int getOutputBlockSize()
+    {
+        return core.getOutputBlockSize();
+    }
+
+    /**
+     * Process a single block using the basic RSA algorithm.
+     *
+     * @param in the input array.
+     * @param inOff the offset into the input buffer where the data starts.
+     * @param inLen the length of the data to be processed.
+     * @return the result of the RSA process.
+     * @exception DataLengthException the input block is too large.
+     */
+    public byte[] processBlock(
+        byte[]  in,
+        int     inOff,
+        int     inLen)
+    {
+        if (key == null)
+        {
+            throw new IllegalStateException("RSA engine not initialised");
+        }
+
+        BigInteger input = core.convertInput(in, inOff, inLen);
+
+        BigInteger result;
+        if (key instanceof RSAPrivateCrtKeyParameters)
+        {
+            RSAPrivateCrtKeyParameters k = (RSAPrivateCrtKeyParameters)key;
+
+            BigInteger e = k.getPublicExponent();
+            if (e != null)   // can't do blinding without a public exponent
+            {
+                BigInteger m = k.getModulus();
+                BigInteger r = BigIntegers.createRandomInRange(ONE, m.subtract(ONE), random);
+
+                BigInteger blindedInput = r.modPow(e, m).multiply(input).mod(m);
+                BigInteger blindedResult = core.processBlock(blindedInput);
+
+                BigInteger rInv = r.modInverse(m);
+                result = blindedResult.multiply(rInv).mod(m);
+                // defence against Arjen Lenstra’s CRT attack
+                if (!input.equals(result.modPow(e, m)))
+                {
+                    throw new IllegalStateException("RSA engine faulty decryption/signing detected");
+                }
+            }
+            else
+            {
+                result = core.processBlock(input);
+            }
+        }
+        else
+        {
+            result = core.processBlock(input);
+        }
+
+        return core.convertOutput(result);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/RSACoreEngine.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/RSACoreEngine.java
new file mode 100644
index 0000000..66ae3b7
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/RSACoreEngine.java

@@ -0,0 +1,214 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.engines;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.DataLengthException;
+import com.android.org.bouncycastle.crypto.params.ParametersWithRandom;
+import com.android.org.bouncycastle.crypto.params.RSAKeyParameters;
+import com.android.org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * this does your basic RSA algorithm.
+ */
+class RSACoreEngine
+{
+    private RSAKeyParameters key;
+    private boolean          forEncryption;
+
+    /**
+     * initialise the RSA engine.
+     *
+     * @param forEncryption true if we are encrypting, false otherwise.
+     * @param param the necessary RSA key parameters.
+     */
+    public void init(
+        boolean          forEncryption,
+        CipherParameters param)
+    {
+        if (param instanceof ParametersWithRandom)
+        {
+            ParametersWithRandom    rParam = (ParametersWithRandom)param;
+
+            key = (RSAKeyParameters)rParam.getParameters();
+        }
+        else
+        {
+            key = (RSAKeyParameters)param;
+        }
+
+        this.forEncryption = forEncryption;
+    }
+
+    /**
+     * Return the maximum size for an input block to this engine.
+     * For RSA this is always one byte less than the key size on
+     * encryption, and the same length as the key size on decryption.
+     *
+     * @return maximum size for an input block.
+     */
+    public int getInputBlockSize()
+    {
+        int     bitSize = key.getModulus().bitLength();
+
+        if (forEncryption)
+        {
+            return (bitSize + 7) / 8 - 1;
+        }
+        else
+        {
+            return (bitSize + 7) / 8;
+        }
+    }
+
+    /**
+     * Return the maximum size for an output block to this engine.
+     * For RSA this is always one byte less than the key size on
+     * decryption, and the same length as the key size on encryption.
+     *
+     * @return maximum size for an output block.
+     */
+    public int getOutputBlockSize()
+    {
+        int     bitSize = key.getModulus().bitLength();
+
+        if (forEncryption)
+        {
+            return (bitSize + 7) / 8;
+        }
+        else
+        {
+            return (bitSize + 7) / 8 - 1;
+        }
+    }
+
+    public BigInteger convertInput(
+        byte[]  in,
+        int     inOff,
+        int     inLen)
+    {
+        if (inLen > (getInputBlockSize() + 1))
+        {
+            throw new DataLengthException("input too large for RSA cipher.");
+        }
+        else if (inLen == (getInputBlockSize() + 1) && !forEncryption)
+        {
+            throw new DataLengthException("input too large for RSA cipher.");
+        }
+
+        byte[]  block;
+
+        if (inOff != 0 || inLen != in.length)
+        {
+            block = new byte[inLen];
+
+            System.arraycopy(in, inOff, block, 0, inLen);
+        }
+        else
+        {
+            block = in;
+        }
+
+        BigInteger res = new BigInteger(1, block);
+        if (res.compareTo(key.getModulus()) >= 0)
+        {
+            throw new DataLengthException("input too large for RSA cipher.");
+        }
+
+        return res;
+    }
+
+    public byte[] convertOutput(
+        BigInteger result)
+    {
+        byte[]      output = result.toByteArray();
+
+        if (forEncryption)
+        {
+            if (output[0] == 0 && output.length > getOutputBlockSize())        // have ended up with an extra zero byte, copy down.
+            {
+                byte[]  tmp = new byte[output.length - 1];
+
+                System.arraycopy(output, 1, tmp, 0, tmp.length);
+
+                return tmp;
+            }
+
+            if (output.length < getOutputBlockSize())     // have ended up with less bytes than normal, lengthen
+            {
+                byte[]  tmp = new byte[getOutputBlockSize()];
+
+                System.arraycopy(output, 0, tmp, tmp.length - output.length, output.length);
+
+                return tmp;
+            }
+
+            return output;
+        }
+        else
+        {
+            byte[]  rv;
+            if (output[0] == 0)        // have ended up with an extra zero byte, copy down.
+            {
+                rv = new byte[output.length - 1];
+
+                System.arraycopy(output, 1, rv, 0, rv.length);
+            }
+            else        // maintain decryption time
+            {
+                rv = new byte[output.length];
+
+                System.arraycopy(output, 0, rv, 0, rv.length);
+            }
+
+            Arrays.fill(output, (byte)0);
+
+            return rv;
+        }
+    }
+
+    public BigInteger processBlock(BigInteger input)
+    {
+        if (key instanceof RSAPrivateCrtKeyParameters)
+        {
+            //
+            // we have the extra factors, use the Chinese Remainder Theorem - the author
+            // wishes to express his thanks to Dirk Bonekaemper at rtsffm.com for
+            // advice regarding the expression of this.
+            //
+            RSAPrivateCrtKeyParameters crtKey = (RSAPrivateCrtKeyParameters)key;
+
+            BigInteger p = crtKey.getP();
+            BigInteger q = crtKey.getQ();
+            BigInteger dP = crtKey.getDP();
+            BigInteger dQ = crtKey.getDQ();
+            BigInteger qInv = crtKey.getQInv();
+
+            BigInteger mP, mQ, h, m;
+
+            // mP = ((input mod p) ^ dP)) mod p
+            mP = (input.remainder(p)).modPow(dP, p);
+
+            // mQ = ((input mod q) ^ dQ)) mod q
+            mQ = (input.remainder(q)).modPow(dQ, q);
+
+            // h = qInv * (mP - mQ) mod p
+            h = mP.subtract(mQ);
+            h = h.multiply(qInv);
+            h = h.mod(p);               // mod (in Java) returns the positive residual
+
+            // m = h * q + mQ
+            m = h.multiply(q);
+            m = m.add(mQ);
+
+            return m;
+        }
+        else
+        {
+            return input.modPow(
+                        key.getExponent(), key.getModulus());
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/TwofishEngine.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/TwofishEngine.java
new file mode 100644
index 0000000..ef52518
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/engines/TwofishEngine.java

@@ -0,0 +1,682 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.engines;
+
+import com.android.org.bouncycastle.crypto.BlockCipher;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.DataLengthException;
+import com.android.org.bouncycastle.crypto.OutputLengthException;
+import com.android.org.bouncycastle.crypto.params.KeyParameter;
+
+/**
+ * A class that provides Twofish encryption operations.
+ *
+ * This Java implementation is based on the Java reference
+ * implementation provided by Bruce Schneier and developed
+ * by Raif S. Naffah.
+ * @hide This class is not part of the Android public SDK API
+ */
+public final class TwofishEngine
+    implements BlockCipher
+{
+    private static final byte[][] P =  {
+    {  // p0
+        (byte) 0xA9, (byte) 0x67, (byte) 0xB3, (byte) 0xE8,
+        (byte) 0x04, (byte) 0xFD, (byte) 0xA3, (byte) 0x76,
+        (byte) 0x9A, (byte) 0x92, (byte) 0x80, (byte) 0x78,
+        (byte) 0xE4, (byte) 0xDD, (byte) 0xD1, (byte) 0x38,
+        (byte) 0x0D, (byte) 0xC6, (byte) 0x35, (byte) 0x98,
+        (byte) 0x18, (byte) 0xF7, (byte) 0xEC, (byte) 0x6C,
+        (byte) 0x43, (byte) 0x75, (byte) 0x37, (byte) 0x26,
+        (byte) 0xFA, (byte) 0x13, (byte) 0x94, (byte) 0x48,
+        (byte) 0xF2, (byte) 0xD0, (byte) 0x8B, (byte) 0x30,
+        (byte) 0x84, (byte) 0x54, (byte) 0xDF, (byte) 0x23,
+        (byte) 0x19, (byte) 0x5B, (byte) 0x3D, (byte) 0x59,
+        (byte) 0xF3, (byte) 0xAE, (byte) 0xA2, (byte) 0x82,
+        (byte) 0x63, (byte) 0x01, (byte) 0x83, (byte) 0x2E,
+        (byte) 0xD9, (byte) 0x51, (byte) 0x9B, (byte) 0x7C,
+        (byte) 0xA6, (byte) 0xEB, (byte) 0xA5, (byte) 0xBE,
+        (byte) 0x16, (byte) 0x0C, (byte) 0xE3, (byte) 0x61,
+        (byte) 0xC0, (byte) 0x8C, (byte) 0x3A, (byte) 0xF5,
+        (byte) 0x73, (byte) 0x2C, (byte) 0x25, (byte) 0x0B,
+        (byte) 0xBB, (byte) 0x4E, (byte) 0x89, (byte) 0x6B,
+        (byte) 0x53, (byte) 0x6A, (byte) 0xB4, (byte) 0xF1,
+        (byte) 0xE1, (byte) 0xE6, (byte) 0xBD, (byte) 0x45,
+        (byte) 0xE2, (byte) 0xF4, (byte) 0xB6, (byte) 0x66,
+        (byte) 0xCC, (byte) 0x95, (byte) 0x03, (byte) 0x56,
+        (byte) 0xD4, (byte) 0x1C, (byte) 0x1E, (byte) 0xD7,
+        (byte) 0xFB, (byte) 0xC3, (byte) 0x8E, (byte) 0xB5,
+        (byte) 0xE9, (byte) 0xCF, (byte) 0xBF, (byte) 0xBA,
+        (byte) 0xEA, (byte) 0x77, (byte) 0x39, (byte) 0xAF,
+        (byte) 0x33, (byte) 0xC9, (byte) 0x62, (byte) 0x71,
+        (byte) 0x81, (byte) 0x79, (byte) 0x09, (byte) 0xAD,
+        (byte) 0x24, (byte) 0xCD, (byte) 0xF9, (byte) 0xD8,
+        (byte) 0xE5, (byte) 0xC5, (byte) 0xB9, (byte) 0x4D,
+        (byte) 0x44, (byte) 0x08, (byte) 0x86, (byte) 0xE7,
+        (byte) 0xA1, (byte) 0x1D, (byte) 0xAA, (byte) 0xED,
+        (byte) 0x06, (byte) 0x70, (byte) 0xB2, (byte) 0xD2,
+        (byte) 0x41, (byte) 0x7B, (byte) 0xA0, (byte) 0x11,
+        (byte) 0x31, (byte) 0xC2, (byte) 0x27, (byte) 0x90,
+        (byte) 0x20, (byte) 0xF6, (byte) 0x60, (byte) 0xFF,
+        (byte) 0x96, (byte) 0x5C, (byte) 0xB1, (byte) 0xAB,
+        (byte) 0x9E, (byte) 0x9C, (byte) 0x52, (byte) 0x1B,
+        (byte) 0x5F, (byte) 0x93, (byte) 0x0A, (byte) 0xEF,
+        (byte) 0x91, (byte) 0x85, (byte) 0x49, (byte) 0xEE,
+        (byte) 0x2D, (byte) 0x4F, (byte) 0x8F, (byte) 0x3B,
+        (byte) 0x47, (byte) 0x87, (byte) 0x6D, (byte) 0x46,
+        (byte) 0xD6, (byte) 0x3E, (byte) 0x69, (byte) 0x64,
+        (byte) 0x2A, (byte) 0xCE, (byte) 0xCB, (byte) 0x2F,
+        (byte) 0xFC, (byte) 0x97, (byte) 0x05, (byte) 0x7A,
+        (byte) 0xAC, (byte) 0x7F, (byte) 0xD5, (byte) 0x1A,
+        (byte) 0x4B, (byte) 0x0E, (byte) 0xA7, (byte) 0x5A,
+        (byte) 0x28, (byte) 0x14, (byte) 0x3F, (byte) 0x29,
+        (byte) 0x88, (byte) 0x3C, (byte) 0x4C, (byte) 0x02,
+        (byte) 0xB8, (byte) 0xDA, (byte) 0xB0, (byte) 0x17,
+        (byte) 0x55, (byte) 0x1F, (byte) 0x8A, (byte) 0x7D,
+        (byte) 0x57, (byte) 0xC7, (byte) 0x8D, (byte) 0x74,
+        (byte) 0xB7, (byte) 0xC4, (byte) 0x9F, (byte) 0x72,
+        (byte) 0x7E, (byte) 0x15, (byte) 0x22, (byte) 0x12,
+        (byte) 0x58, (byte) 0x07, (byte) 0x99, (byte) 0x34,
+        (byte) 0x6E, (byte) 0x50, (byte) 0xDE, (byte) 0x68,
+        (byte) 0x65, (byte) 0xBC, (byte) 0xDB, (byte) 0xF8,
+        (byte) 0xC8, (byte) 0xA8, (byte) 0x2B, (byte) 0x40,
+        (byte) 0xDC, (byte) 0xFE, (byte) 0x32, (byte) 0xA4,
+        (byte) 0xCA, (byte) 0x10, (byte) 0x21, (byte) 0xF0,
+        (byte) 0xD3, (byte) 0x5D, (byte) 0x0F, (byte) 0x00,
+        (byte) 0x6F, (byte) 0x9D, (byte) 0x36, (byte) 0x42,
+        (byte) 0x4A, (byte) 0x5E, (byte) 0xC1, (byte) 0xE0 },
+    {  // p1
+        (byte) 0x75, (byte) 0xF3, (byte) 0xC6, (byte) 0xF4,
+        (byte) 0xDB, (byte) 0x7B, (byte) 0xFB, (byte) 0xC8,
+        (byte) 0x4A, (byte) 0xD3, (byte) 0xE6, (byte) 0x6B,
+        (byte) 0x45, (byte) 0x7D, (byte) 0xE8, (byte) 0x4B,
+        (byte) 0xD6, (byte) 0x32, (byte) 0xD8, (byte) 0xFD,
+        (byte) 0x37, (byte) 0x71, (byte) 0xF1, (byte) 0xE1,
+        (byte) 0x30, (byte) 0x0F, (byte) 0xF8, (byte) 0x1B,
+        (byte) 0x87, (byte) 0xFA, (byte) 0x06, (byte) 0x3F,
+        (byte) 0x5E, (byte) 0xBA, (byte) 0xAE, (byte) 0x5B,
+        (byte) 0x8A, (byte) 0x00, (byte) 0xBC, (byte) 0x9D,
+        (byte) 0x6D, (byte) 0xC1, (byte) 0xB1, (byte) 0x0E,
+        (byte) 0x80, (byte) 0x5D, (byte) 0xD2, (byte) 0xD5,
+        (byte) 0xA0, (byte) 0x84, (byte) 0x07, (byte) 0x14,
+        (byte) 0xB5, (byte) 0x90, (byte) 0x2C, (byte) 0xA3,
+        (byte) 0xB2, (byte) 0x73, (byte) 0x4C, (byte) 0x54,
+        (byte) 0x92, (byte) 0x74, (byte) 0x36, (byte) 0x51,
+        (byte) 0x38, (byte) 0xB0, (byte) 0xBD, (byte) 0x5A,
+        (byte) 0xFC, (byte) 0x60, (byte) 0x62, (byte) 0x96,
+        (byte) 0x6C, (byte) 0x42, (byte) 0xF7, (byte) 0x10,
+        (byte) 0x7C, (byte) 0x28, (byte) 0x27, (byte) 0x8C,
+        (byte) 0x13, (byte) 0x95, (byte) 0x9C, (byte) 0xC7,
+        (byte) 0x24, (byte) 0x46, (byte) 0x3B, (byte) 0x70,
+        (byte) 0xCA, (byte) 0xE3, (byte) 0x85, (byte) 0xCB,
+        (byte) 0x11, (byte) 0xD0, (byte) 0x93, (byte) 0xB8,
+        (byte) 0xA6, (byte) 0x83, (byte) 0x20, (byte) 0xFF,
+        (byte) 0x9F, (byte) 0x77, (byte) 0xC3, (byte) 0xCC,
+        (byte) 0x03, (byte) 0x6F, (byte) 0x08, (byte) 0xBF,
+        (byte) 0x40, (byte) 0xE7, (byte) 0x2B, (byte) 0xE2,
+        (byte) 0x79, (byte) 0x0C, (byte) 0xAA, (byte) 0x82,
+        (byte) 0x41, (byte) 0x3A, (byte) 0xEA, (byte) 0xB9,
+        (byte) 0xE4, (byte) 0x9A, (byte) 0xA4, (byte) 0x97,
+        (byte) 0x7E, (byte) 0xDA, (byte) 0x7A, (byte) 0x17,
+        (byte) 0x66, (byte) 0x94, (byte) 0xA1, (byte) 0x1D,
+        (byte) 0x3D, (byte) 0xF0, (byte) 0xDE, (byte) 0xB3,
+        (byte) 0x0B, (byte) 0x72, (byte) 0xA7, (byte) 0x1C,
+        (byte) 0xEF, (byte) 0xD1, (byte) 0x53, (byte) 0x3E,
+        (byte) 0x8F, (byte) 0x33, (byte) 0x26, (byte) 0x5F,
+        (byte) 0xEC, (byte) 0x76, (byte) 0x2A, (byte) 0x49,
+        (byte) 0x81, (byte) 0x88, (byte) 0xEE, (byte) 0x21,
+        (byte) 0xC4, (byte) 0x1A, (byte) 0xEB, (byte) 0xD9,
+        (byte) 0xC5, (byte) 0x39, (byte) 0x99, (byte) 0xCD,
+        (byte) 0xAD, (byte) 0x31, (byte) 0x8B, (byte) 0x01,
+        (byte) 0x18, (byte) 0x23, (byte) 0xDD, (byte) 0x1F,
+        (byte) 0x4E, (byte) 0x2D, (byte) 0xF9, (byte) 0x48,
+        (byte) 0x4F, (byte) 0xF2, (byte) 0x65, (byte) 0x8E,
+        (byte) 0x78, (byte) 0x5C, (byte) 0x58, (byte) 0x19,
+        (byte) 0x8D, (byte) 0xE5, (byte) 0x98, (byte) 0x57,
+        (byte) 0x67, (byte) 0x7F, (byte) 0x05, (byte) 0x64,
+        (byte) 0xAF, (byte) 0x63, (byte) 0xB6, (byte) 0xFE,
+        (byte) 0xF5, (byte) 0xB7, (byte) 0x3C, (byte) 0xA5,
+        (byte) 0xCE, (byte) 0xE9, (byte) 0x68, (byte) 0x44,
+        (byte) 0xE0, (byte) 0x4D, (byte) 0x43, (byte) 0x69,
+        (byte) 0x29, (byte) 0x2E, (byte) 0xAC, (byte) 0x15,
+        (byte) 0x59, (byte) 0xA8, (byte) 0x0A, (byte) 0x9E,
+        (byte) 0x6E, (byte) 0x47, (byte) 0xDF, (byte) 0x34,
+        (byte) 0x35, (byte) 0x6A, (byte) 0xCF, (byte) 0xDC,
+        (byte) 0x22, (byte) 0xC9, (byte) 0xC0, (byte) 0x9B,
+        (byte) 0x89, (byte) 0xD4, (byte) 0xED, (byte) 0xAB,
+        (byte) 0x12, (byte) 0xA2, (byte) 0x0D, (byte) 0x52,
+        (byte) 0xBB, (byte) 0x02, (byte) 0x2F, (byte) 0xA9,
+        (byte) 0xD7, (byte) 0x61, (byte) 0x1E, (byte) 0xB4,
+        (byte) 0x50, (byte) 0x04, (byte) 0xF6, (byte) 0xC2,
+        (byte) 0x16, (byte) 0x25, (byte) 0x86, (byte) 0x56,
+        (byte) 0x55, (byte) 0x09, (byte) 0xBE, (byte) 0x91  }
+    };
+
+    /**
+    * Define the fixed p0/p1 permutations used in keyed S-box lookup.
+    * By changing the following constant definitions, the S-boxes will
+    * automatically get changed in the Twofish engine.
+    */
+    private static final int P_00 = 1;
+    private static final int P_01 = 0;
+    private static final int P_02 = 0;
+    private static final int P_03 = P_01 ^ 1;
+    private static final int P_04 = 1;
+
+    private static final int P_10 = 0;
+    private static final int P_11 = 0;
+    private static final int P_12 = 1;
+    private static final int P_13 = P_11 ^ 1;
+    private static final int P_14 = 0;
+
+    private static final int P_20 = 1;
+    private static final int P_21 = 1;
+    private static final int P_22 = 0;
+    private static final int P_23 = P_21 ^ 1;
+    private static final int P_24 = 0;
+
+    private static final int P_30 = 0;
+    private static final int P_31 = 1;
+    private static final int P_32 = 1;
+    private static final int P_33 = P_31 ^ 1;
+    private static final int P_34 = 1;
+
+    /* Primitive polynomial for GF(256) */
+    private static final int GF256_FDBK =   0x169;
+    private static final int GF256_FDBK_2 = GF256_FDBK / 2;
+    private static final int GF256_FDBK_4 = GF256_FDBK / 4;
+
+    private static final int RS_GF_FDBK = 0x14D; // field generator
+
+    //====================================
+    // Useful constants
+    //====================================
+
+    private static final int    ROUNDS = 16;
+    private static final int    MAX_ROUNDS = 16;  // bytes = 128 bits
+    private static final int    BLOCK_SIZE = 16;  // bytes = 128 bits
+    private static final int    MAX_KEY_BITS = 256;
+
+    private static final int    INPUT_WHITEN=0;
+    private static final int    OUTPUT_WHITEN=INPUT_WHITEN+BLOCK_SIZE/4; // 4
+    private static final int    ROUND_SUBKEYS=OUTPUT_WHITEN+BLOCK_SIZE/4;// 8
+
+    private static final int    TOTAL_SUBKEYS=ROUND_SUBKEYS+2*MAX_ROUNDS;// 40
+
+    private static final int    SK_STEP = 0x02020202;
+    private static final int    SK_BUMP = 0x01010101;
+    private static final int    SK_ROTL = 9;
+
+    private boolean encrypting = false;
+
+    private int[] gMDS0 = new int[MAX_KEY_BITS];
+    private int[] gMDS1 = new int[MAX_KEY_BITS];
+    private int[] gMDS2 = new int[MAX_KEY_BITS];
+    private int[] gMDS3 = new int[MAX_KEY_BITS];
+
+    /**
+     * gSubKeys[] and gSBox[] are eventually used in the 
+     * encryption and decryption methods.
+     */
+    private int[] gSubKeys;
+    private int[] gSBox;
+
+    private int k64Cnt = 0;
+
+    private byte[] workingKey = null;
+
+    public TwofishEngine()
+    {
+        // calculate the MDS matrix
+        int[] m1 = new int[2];
+        int[] mX = new int[2];
+        int[] mY = new int[2];
+        int j;
+
+        for (int i=0; i< MAX_KEY_BITS ; i++)
+        {
+            j = P[0][i] & 0xff;
+            m1[0] = j;
+            mX[0] = Mx_X(j) & 0xff;
+            mY[0] = Mx_Y(j) & 0xff;
+
+            j = P[1][i] & 0xff;
+            m1[1] = j;
+            mX[1] = Mx_X(j) & 0xff;
+            mY[1] = Mx_Y(j) & 0xff;
+
+            gMDS0[i] = m1[P_00]       | mX[P_00] <<  8 |
+                         mY[P_00] << 16 | mY[P_00] << 24;
+
+            gMDS1[i] = mY[P_10]       | mY[P_10] <<  8 |
+                         mX[P_10] << 16 | m1[P_10] << 24;
+
+            gMDS2[i] = mX[P_20]       | mY[P_20] <<  8 |
+                         m1[P_20] << 16 | mY[P_20] << 24;
+
+            gMDS3[i] = mX[P_30]       | m1[P_30] <<  8 |
+                         mY[P_30] << 16 | mX[P_30] << 24;
+        }
+    }
+
+    /**
+     * initialise a Twofish cipher.
+     *
+     * @param encrypting whether or not we are for encryption.
+     * @param params the parameters required to set up the cipher.
+     * @exception IllegalArgumentException if the params argument is
+     * inappropriate.
+     */
+    public void init(
+        boolean             encrypting,
+        CipherParameters    params)
+    {
+        if (params instanceof KeyParameter)
+        {
+            this.encrypting = encrypting;
+            this.workingKey = ((KeyParameter)params).getKey();
+            this.k64Cnt = (this.workingKey.length / 8); // pre-padded ?
+            setKey(this.workingKey);
+
+            return;
+        }
+
+        throw new IllegalArgumentException("invalid parameter passed to Twofish init - " + params.getClass().getName());
+    }
+
+    public String getAlgorithmName()
+    {
+        return "Twofish";
+    }
+
+    public int processBlock(
+        byte[] in,
+        int inOff,
+        byte[] out,
+        int outOff)
+    {
+        if (workingKey == null)
+        {
+            throw new IllegalStateException("Twofish not initialised");
+        }
+
+        if ((inOff + BLOCK_SIZE) > in.length)
+        {
+            throw new DataLengthException("input buffer too short");
+        }
+
+        if ((outOff + BLOCK_SIZE) > out.length)
+        {
+            throw new OutputLengthException("output buffer too short");
+        }
+
+        if (encrypting)
+        {
+            encryptBlock(in, inOff, out, outOff);
+        }
+        else
+        {    
+            decryptBlock(in, inOff, out, outOff);
+        }
+
+        return BLOCK_SIZE;
+    }
+
+    public void reset()
+    {
+        if (this.workingKey != null)
+        {
+            setKey(this.workingKey);
+        }
+    }
+
+    public int getBlockSize()
+    {
+        return BLOCK_SIZE;
+    }
+
+    //==================================
+    // Private Implementation
+    //==================================
+
+    private void setKey(byte[] key)
+    {
+        int[] k32e = new int[MAX_KEY_BITS/64]; // 4
+        int[] k32o = new int[MAX_KEY_BITS/64]; // 4 
+
+        int[] sBoxKeys = new int[MAX_KEY_BITS/64]; // 4 
+        gSubKeys = new int[TOTAL_SUBKEYS];
+
+        if (k64Cnt < 1) 
+        {
+            throw new IllegalArgumentException("Key size less than 64 bits");
+        }
+        
+        if (k64Cnt > 4)
+        {
+            throw new IllegalArgumentException("Key size larger than 256 bits");
+        }
+
+        /*
+         * k64Cnt is the number of 8 byte blocks (64 chunks)
+         * that are in the input key.  The input key is a
+         * maximum of 32 bytes (256 bits), so the range
+         * for k64Cnt is 1..4
+         */
+        for (int i=0; i<k64Cnt ; i++)
+        {
+            int p = i* 8;
+
+            k32e[i] = BytesTo32Bits(key, p);
+            k32o[i] = BytesTo32Bits(key, p+4);
+
+            sBoxKeys[k64Cnt-1-i] = RS_MDS_Encode(k32e[i], k32o[i]);
+        }
+
+        int q,A,B;
+        for (int i=0; i < TOTAL_SUBKEYS / 2 ; i++) 
+        {
+            q = i*SK_STEP;
+            A = F32(q,         k32e);
+            B = F32(q+SK_BUMP, k32o);
+            B = B << 8 | B >>> 24;
+            A += B;
+            gSubKeys[i*2] = A;
+            A += B;
+            gSubKeys[i*2 + 1] = A << SK_ROTL | A >>> (32-SK_ROTL);
+        }
+
+        /*
+         * fully expand the table for speed
+         */
+        int k0 = sBoxKeys[0];
+        int k1 = sBoxKeys[1];
+        int k2 = sBoxKeys[2];
+        int k3 = sBoxKeys[3];
+        int b0, b1, b2, b3;
+        gSBox = new int[4*MAX_KEY_BITS];
+        for (int i=0; i<MAX_KEY_BITS; i++)
+        {
+            b0 = b1 = b2 = b3 = i;
+            switch (k64Cnt & 3)
+            {
+                case 1:
+                    gSBox[i*2]       = gMDS0[(P[P_01][b0] & 0xff) ^ b0(k0)];
+                    gSBox[i*2+1]     = gMDS1[(P[P_11][b1] & 0xff) ^ b1(k0)];
+                    gSBox[i*2+0x200] = gMDS2[(P[P_21][b2] & 0xff) ^ b2(k0)];
+                    gSBox[i*2+0x201] = gMDS3[(P[P_31][b3] & 0xff) ^ b3(k0)];
+                break;
+                case 0: // 256 bits of key
+                    b0 = (P[P_04][b0] & 0xff) ^ b0(k3);
+                    b1 = (P[P_14][b1] & 0xff) ^ b1(k3);
+                    b2 = (P[P_24][b2] & 0xff) ^ b2(k3);
+                    b3 = (P[P_34][b3] & 0xff) ^ b3(k3);
+                    // fall through, having pre-processed b[0]..b[3] with k32[3]
+                case 3: // 192 bits of key
+                    b0 = (P[P_03][b0] & 0xff) ^ b0(k2);
+                    b1 = (P[P_13][b1] & 0xff) ^ b1(k2);
+                    b2 = (P[P_23][b2] & 0xff) ^ b2(k2);
+                    b3 = (P[P_33][b3] & 0xff) ^ b3(k2);
+                    // fall through, having pre-processed b[0]..b[3] with k32[2]
+                case 2: // 128 bits of key
+                    gSBox[i*2]   = gMDS0[(P[P_01]
+                        [(P[P_02][b0] & 0xff) ^ b0(k1)] & 0xff) ^ b0(k0)];
+                    gSBox[i*2+1] = gMDS1[(P[P_11]
+                        [(P[P_12][b1] & 0xff) ^ b1(k1)] & 0xff) ^ b1(k0)];
+                    gSBox[i*2+0x200] = gMDS2[(P[P_21]
+                        [(P[P_22][b2] & 0xff) ^ b2(k1)] & 0xff) ^ b2(k0)];
+                    gSBox[i*2+0x201] = gMDS3[(P[P_31]
+                        [(P[P_32][b3] & 0xff) ^ b3(k1)] & 0xff) ^ b3(k0)];
+                break;
+            }
+        }
+
+        /* 
+         * the function exits having setup the gSBox with the 
+         * input key material.
+         */
+    }
+
+    /**
+     * Encrypt the given input starting at the given offset and place
+     * the result in the provided buffer starting at the given offset.
+     * The input will be an exact multiple of our blocksize.
+     *
+     * encryptBlock uses the pre-calculated gSBox[] and subKey[]
+     * arrays.
+     */
+    private void encryptBlock(
+        byte[] src, 
+        int srcIndex,
+        byte[] dst,
+        int dstIndex)
+    {
+        int x0 = BytesTo32Bits(src, srcIndex) ^ gSubKeys[INPUT_WHITEN];
+        int x1 = BytesTo32Bits(src, srcIndex + 4) ^ gSubKeys[INPUT_WHITEN + 1];
+        int x2 = BytesTo32Bits(src, srcIndex + 8) ^ gSubKeys[INPUT_WHITEN + 2];
+        int x3 = BytesTo32Bits(src, srcIndex + 12) ^ gSubKeys[INPUT_WHITEN + 3];
+
+        int k = ROUND_SUBKEYS;
+        int t0, t1;
+        for (int r = 0; r < ROUNDS; r +=2)
+        {
+            t0 = Fe32_0(x0);
+            t1 = Fe32_3(x1);
+            x2 ^= t0 + t1 + gSubKeys[k++];
+            x2 = x2 >>>1 | x2 << 31;
+            x3 = (x3 << 1 | x3 >>> 31) ^ (t0 + 2*t1 + gSubKeys[k++]);
+
+            t0 = Fe32_0(x2);
+            t1 = Fe32_3(x3);
+            x0 ^= t0 + t1 + gSubKeys[k++];
+            x0 = x0 >>>1 | x0 << 31;
+            x1 = (x1 << 1 | x1 >>> 31) ^ (t0 + 2*t1 + gSubKeys[k++]);
+        }
+
+        Bits32ToBytes(x2 ^ gSubKeys[OUTPUT_WHITEN], dst, dstIndex);
+        Bits32ToBytes(x3 ^ gSubKeys[OUTPUT_WHITEN + 1], dst, dstIndex + 4);
+        Bits32ToBytes(x0 ^ gSubKeys[OUTPUT_WHITEN + 2], dst, dstIndex + 8);
+        Bits32ToBytes(x1 ^ gSubKeys[OUTPUT_WHITEN + 3], dst, dstIndex + 12);
+    }
+
+    /**
+     * Decrypt the given input starting at the given offset and place
+     * the result in the provided buffer starting at the given offset.
+     * The input will be an exact multiple of our blocksize.
+     */
+    private void decryptBlock(
+        byte[] src, 
+        int srcIndex,
+        byte[] dst,
+        int dstIndex)
+    {
+        int x2 = BytesTo32Bits(src, srcIndex) ^ gSubKeys[OUTPUT_WHITEN];
+        int x3 = BytesTo32Bits(src, srcIndex+4) ^ gSubKeys[OUTPUT_WHITEN + 1];
+        int x0 = BytesTo32Bits(src, srcIndex+8) ^ gSubKeys[OUTPUT_WHITEN + 2];
+        int x1 = BytesTo32Bits(src, srcIndex+12) ^ gSubKeys[OUTPUT_WHITEN + 3];
+
+        int k = ROUND_SUBKEYS + 2 * ROUNDS -1 ;
+        int t0, t1;
+        for (int r = 0; r< ROUNDS ; r +=2)
+        {
+            t0 = Fe32_0(x2);
+            t1 = Fe32_3(x3);
+            x1 ^= t0 + 2*t1 + gSubKeys[k--];
+            x0 = (x0 << 1 | x0 >>> 31) ^ (t0 + t1 + gSubKeys[k--]);
+            x1 = x1 >>>1 | x1 << 31;
+
+            t0 = Fe32_0(x0);
+            t1 = Fe32_3(x1);
+            x3 ^= t0 + 2*t1 + gSubKeys[k--];
+            x2 = (x2 << 1 | x2 >>> 31) ^ (t0 + t1 + gSubKeys[k--]);
+            x3 = x3 >>>1 | x3 << 31;
+        }
+
+        Bits32ToBytes(x0 ^ gSubKeys[INPUT_WHITEN], dst, dstIndex);
+        Bits32ToBytes(x1 ^ gSubKeys[INPUT_WHITEN + 1], dst, dstIndex + 4);
+        Bits32ToBytes(x2 ^ gSubKeys[INPUT_WHITEN + 2], dst, dstIndex + 8);
+        Bits32ToBytes(x3 ^ gSubKeys[INPUT_WHITEN + 3], dst, dstIndex + 12);
+    }
+
+    /* 
+     * TODO:  This can be optimised and made cleaner by combining
+     * the functionality in this function and applying it appropriately
+     * to the creation of the subkeys during key setup.
+     */
+    private int F32(int x, int[] k32)
+    {
+        int b0 = b0(x);
+        int b1 = b1(x);
+        int b2 = b2(x);
+        int b3 = b3(x);
+        int k0 = k32[0];
+        int k1 = k32[1];
+        int k2 = k32[2];
+        int k3 = k32[3];
+
+        int result = 0;
+        switch (k64Cnt & 3)
+        {
+            case 1:
+                result = gMDS0[(P[P_01][b0] & 0xff) ^ b0(k0)] ^
+                         gMDS1[(P[P_11][b1] & 0xff) ^ b1(k0)] ^
+                         gMDS2[(P[P_21][b2] & 0xff) ^ b2(k0)] ^
+                         gMDS3[(P[P_31][b3] & 0xff) ^ b3(k0)];
+                break;
+            case 0: /* 256 bits of key */
+                b0 = (P[P_04][b0] & 0xff) ^ b0(k3);
+                b1 = (P[P_14][b1] & 0xff) ^ b1(k3);
+                b2 = (P[P_24][b2] & 0xff) ^ b2(k3);
+                b3 = (P[P_34][b3] & 0xff) ^ b3(k3);
+            case 3: 
+                b0 = (P[P_03][b0] & 0xff) ^ b0(k2);
+                b1 = (P[P_13][b1] & 0xff) ^ b1(k2);
+                b2 = (P[P_23][b2] & 0xff) ^ b2(k2);
+                b3 = (P[P_33][b3] & 0xff) ^ b3(k2);
+            case 2:
+                result = 
+                gMDS0[(P[P_01][(P[P_02][b0]&0xff)^b0(k1)]&0xff)^b0(k0)] ^ 
+                gMDS1[(P[P_11][(P[P_12][b1]&0xff)^b1(k1)]&0xff)^b1(k0)] ^
+                gMDS2[(P[P_21][(P[P_22][b2]&0xff)^b2(k1)]&0xff)^b2(k0)] ^
+                gMDS3[(P[P_31][(P[P_32][b3]&0xff)^b3(k1)]&0xff)^b3(k0)];
+            break;
+        }
+        return result;
+    }
+
+    /**
+     * Use (12, 8) Reed-Solomon code over GF(256) to produce
+     * a key S-box 32-bit entity from 2 key material 32-bit
+     * entities.
+     *
+     * @param    k0 first 32-bit entity
+     * @param    k1 second 32-bit entity
+     * @return     Remainder polynomial generated using RS code
+     */
+    private int RS_MDS_Encode(int k0, int k1)
+    {
+        int r = k1;
+        for (int i = 0 ; i < 4 ; i++) // shift 1 byte at a time
+        {
+            r = RS_rem(r);
+        }
+        r ^= k0;
+        for (int i=0 ; i < 4 ; i++)
+        {
+            r = RS_rem(r);
+        }
+
+        return r;
+    }
+
+    /**
+     * Reed-Solomon code parameters: (12,8) reversible code:<p>
+     * <pre>
+     * g(x) = x^4 + (a+1/a)x^3 + ax^2 + (a+1/a)x + 1
+     * </pre>
+     * where a = primitive root of field generator 0x14D
+     */
+    private int RS_rem(int x)
+    {
+        int b = (x >>> 24) & 0xff;
+        int g2 = ((b << 1) ^ 
+                 ((b & 0x80) != 0 ? RS_GF_FDBK : 0)) & 0xff;
+        int g3 = ((b >>> 1) ^ 
+                 ((b & 0x01) != 0 ? (RS_GF_FDBK >>> 1) : 0)) ^ g2 ;
+        return ((x << 8) ^ (g3 << 24) ^ (g2 << 16) ^ (g3 << 8) ^ b);
+    }
+        
+    private int LFSR1(int x)
+    {
+        return (x >> 1) ^ 
+                (((x & 0x01) != 0) ? GF256_FDBK_2 : 0);
+    }
+
+    private int LFSR2(int x)
+    {
+        return (x >> 2) ^
+                (((x & 0x02) != 0) ? GF256_FDBK_2 : 0) ^
+                (((x & 0x01) != 0) ? GF256_FDBK_4 : 0);
+    }
+
+    private int Mx_X(int x)
+    {
+        return x ^ LFSR2(x);
+    } // 5B
+
+    private int Mx_Y(int x)
+    {
+        return x ^ LFSR1(x) ^ LFSR2(x);
+    } // EF
+
+    private int b0(int x)
+    {
+        return x & 0xff;
+    }
+
+    private int b1(int x)
+    {
+        return (x >>> 8) & 0xff;
+    }
+
+    private int b2(int x)
+    {
+        return (x >>> 16) & 0xff;
+    }
+
+    private int b3(int x)
+    {
+        return (x >>> 24) & 0xff;
+    }
+
+    private int Fe32_0(int x)
+    {
+        return gSBox[ 0x000 + 2*(x & 0xff) ] ^
+               gSBox[ 0x001 + 2*((x >>> 8) & 0xff) ] ^
+               gSBox[ 0x200 + 2*((x >>> 16) & 0xff) ] ^
+               gSBox[ 0x201 + 2*((x >>> 24) & 0xff) ];
+    }
+    
+    private int Fe32_3(int x)
+    {
+        return gSBox[ 0x000 + 2*((x >>> 24) & 0xff) ] ^
+               gSBox[ 0x001 + 2*(x & 0xff) ] ^
+               gSBox[ 0x200 + 2*((x >>> 8) & 0xff) ] ^
+               gSBox[ 0x201 + 2*((x >>> 16) & 0xff) ];
+    }
+    
+    private int BytesTo32Bits(byte[] b, int p)
+    {
+        return ((b[p] & 0xff)) | 
+             ((b[p+1] & 0xff) << 8) |
+             ((b[p+2] & 0xff) << 16) |
+             ((b[p+3] & 0xff) << 24);
+    }
+
+    private void Bits32ToBytes(int in,  byte[] b, int offset)
+    {
+        b[offset] = (byte)in;
+        b[offset + 1] = (byte)(in >> 8);
+        b[offset + 2] = (byte)(in >> 16);
+        b[offset + 3] = (byte)(in >> 24);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/DESKeyGenerator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/DESKeyGenerator.java
new file mode 100644
index 0000000..def7dd0
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/DESKeyGenerator.java

@@ -0,0 +1,52 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.generators;
+
+import com.android.org.bouncycastle.crypto.CipherKeyGenerator;
+import com.android.org.bouncycastle.crypto.KeyGenerationParameters;
+import com.android.org.bouncycastle.crypto.params.DESParameters;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DESKeyGenerator
+    extends CipherKeyGenerator
+{
+    /**
+     * initialise the key generator - if strength is set to zero
+     * the key generated will be 64 bits in size, otherwise
+     * strength can be 64 or 56 bits (if you don't count the parity bits).
+     *
+     * @param param the parameters to be used for key generation
+     */
+    public void init(
+        KeyGenerationParameters param)
+    {
+        super.init(param);
+
+        if (strength == 0 || strength == (56 / 8))
+        {
+            strength = DESParameters.DES_KEY_LENGTH;
+        }
+        else if (strength != DESParameters.DES_KEY_LENGTH)
+        {
+            throw new IllegalArgumentException("DES key must be "
+                    + (DESParameters.DES_KEY_LENGTH * 8)
+                    + " bits long.");
+        }
+    }
+
+    public byte[] generateKey()
+    {
+        byte[]  newKey = new byte[DESParameters.DES_KEY_LENGTH];
+
+        do
+        {
+            random.nextBytes(newKey);
+
+            DESParameters.setOddParity(newKey);
+        }
+        while (DESParameters.isWeakKey(newKey, 0));
+
+        return newKey;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/DESedeKeyGenerator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/DESedeKeyGenerator.java
new file mode 100644
index 0000000..a797969
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/DESedeKeyGenerator.java

@@ -0,0 +1,68 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.generators;
+
+import com.android.org.bouncycastle.crypto.KeyGenerationParameters;
+import com.android.org.bouncycastle.crypto.params.DESedeParameters;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DESedeKeyGenerator
+    extends DESKeyGenerator
+{
+    private static final int MAX_IT = 20;
+
+    /**
+     * initialise the key generator - if strength is set to zero
+     * the key generated will be 192 bits in size, otherwise
+     * strength can be 128 or 192 (or 112 or 168 if you don't count
+     * parity bits), depending on whether you wish to do 2-key or 3-key
+     * triple DES.
+     *
+     * @param param the parameters to be used for key generation
+     */
+    public void init(
+        KeyGenerationParameters param)
+    {
+        this.random = param.getRandom();
+        this.strength = (param.getStrength() + 7) / 8;
+
+        if (strength == 0 || strength == (168 / 8))
+        {
+            strength = DESedeParameters.DES_EDE_KEY_LENGTH;
+        }
+        else if (strength == (112 / 8))
+        {
+            strength = 2 * DESedeParameters.DES_KEY_LENGTH;
+        }
+        else if (strength != DESedeParameters.DES_EDE_KEY_LENGTH
+                && strength != (2 * DESedeParameters.DES_KEY_LENGTH))
+        {
+            throw new IllegalArgumentException("DESede key must be "
+                + (DESedeParameters.DES_EDE_KEY_LENGTH * 8) + " or "
+                + (2 * 8 * DESedeParameters.DES_KEY_LENGTH)
+                + " bits long.");
+        }
+    }
+
+    public byte[] generateKey()
+    {
+        byte[]  newKey = new byte[strength];
+        int     count = 0;
+
+        do
+        {
+            random.nextBytes(newKey);
+
+            DESedeParameters.setOddParity(newKey);
+        }
+        while (++count < MAX_IT && (DESedeParameters.isWeakKey(newKey, 0, newKey.length) || !DESedeParameters.isRealEDEKey(newKey, 0)));
+
+        if (DESedeParameters.isWeakKey(newKey, 0, newKey.length) || !DESedeParameters.isRealEDEKey(newKey, 0))
+        {
+            throw new IllegalStateException("Unable to generate DES-EDE key");
+        }
+
+        return newKey;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/DHBasicKeyPairGenerator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/DHBasicKeyPairGenerator.java
new file mode 100644
index 0000000..05d32d7
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/DHBasicKeyPairGenerator.java

@@ -0,0 +1,44 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.generators;
+
+import com.android.org.bouncycastle.crypto.AsymmetricCipherKeyPair;
+import com.android.org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
+import com.android.org.bouncycastle.crypto.KeyGenerationParameters;
+import com.android.org.bouncycastle.crypto.params.DHKeyGenerationParameters;
+import com.android.org.bouncycastle.crypto.params.DHParameters;
+import com.android.org.bouncycastle.crypto.params.DHPrivateKeyParameters;
+import com.android.org.bouncycastle.crypto.params.DHPublicKeyParameters;
+
+import java.math.BigInteger;
+
+/**
+ * a basic Diffie-Hellman key pair generator.
+ *
+ * This generates keys consistent for use with the basic algorithm for
+ * Diffie-Hellman.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DHBasicKeyPairGenerator
+    implements AsymmetricCipherKeyPairGenerator
+{
+    private DHKeyGenerationParameters param;
+
+    public void init(
+        KeyGenerationParameters param)
+    {
+        this.param = (DHKeyGenerationParameters)param;
+    }
+
+    public AsymmetricCipherKeyPair generateKeyPair()
+    {
+        DHKeyGeneratorHelper helper = DHKeyGeneratorHelper.INSTANCE;
+        DHParameters dhp = param.getParameters();
+
+        BigInteger x = helper.calculatePrivate(dhp, param.getRandom()); 
+        BigInteger y = helper.calculatePublic(dhp, x);
+
+        return new AsymmetricCipherKeyPair(
+            new DHPublicKeyParameters(y, dhp),
+            new DHPrivateKeyParameters(x, dhp));
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/DHKeyGeneratorHelper.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/DHKeyGeneratorHelper.java
new file mode 100644
index 0000000..9634068
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/DHKeyGeneratorHelper.java

@@ -0,0 +1,68 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.generators;
+
+import java.math.BigInteger;
+import java.security.SecureRandom;
+
+import com.android.org.bouncycastle.crypto.params.DHParameters;
+import com.android.org.bouncycastle.math.ec.WNafUtil;
+import com.android.org.bouncycastle.util.BigIntegers;
+
+class DHKeyGeneratorHelper
+{
+    static final DHKeyGeneratorHelper INSTANCE = new DHKeyGeneratorHelper();
+
+    private static final BigInteger ONE = BigInteger.valueOf(1);
+    private static final BigInteger TWO = BigInteger.valueOf(2);
+
+    private DHKeyGeneratorHelper()
+    {
+    }
+
+    BigInteger calculatePrivate(DHParameters dhParams, SecureRandom random)
+    {
+        int limit = dhParams.getL();
+
+        if (limit != 0)
+        {
+            int minWeight = limit >>> 2;
+            for (;;)
+            {
+                BigInteger x = BigIntegers.createRandomBigInteger(limit, random).setBit(limit - 1);
+                if (WNafUtil.getNafWeight(x) >= minWeight)
+                {
+                    return x;
+                }
+            }
+        }
+
+        BigInteger min = TWO;
+        int m = dhParams.getM();
+        if (m != 0)
+        {
+            min = ONE.shiftLeft(m - 1);
+        }
+
+        BigInteger q = dhParams.getQ();
+        if (q == null)
+        {
+            q = dhParams.getP();
+        }
+        BigInteger max = q.subtract(TWO);
+
+        int minWeight = max.bitLength() >>> 2;
+        for (;;)
+        {
+            BigInteger x = BigIntegers.createRandomInRange(min, max, random);
+            if (WNafUtil.getNafWeight(x) >= minWeight)
+            {
+                return x;
+            }
+        }
+    }
+
+    BigInteger calculatePublic(DHParameters dhParams, BigInteger x)
+    {
+        return dhParams.getG().modPow(x, dhParams.getP());
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/DHParametersGenerator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/DHParametersGenerator.java
new file mode 100644
index 0000000..3ff6115
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/DHParametersGenerator.java

@@ -0,0 +1,57 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.generators;
+
+import java.math.BigInteger;
+import java.security.SecureRandom;
+
+import com.android.org.bouncycastle.crypto.params.DHParameters;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DHParametersGenerator
+{
+    private int             size;
+    private int             certainty;
+    private SecureRandom    random;
+
+    private static final BigInteger TWO = BigInteger.valueOf(2);
+
+    /**
+     * Initialise the parameters generator.
+     * 
+     * @param size bit length for the prime p
+     * @param certainty level of certainty for the prime number tests
+     * @param random  a source of randomness
+     */
+    public void init(
+        int             size,
+        int             certainty,
+        SecureRandom    random)
+    {
+        this.size = size;
+        this.certainty = certainty;
+        this.random = random;
+    }
+
+    /**
+     * which generates the p and g values from the given parameters,
+     * returning the DHParameters object.
+     * <p>
+     * Note: can take a while...
+     * @return a generated Diffie-Hellman parameters object.
+     */
+    public DHParameters generateParameters()
+    {
+        //
+        // find a safe prime p where p = 2*q + 1, where p and q are prime.
+        //
+        BigInteger[] safePrimes = DHParametersHelper.generateSafePrimes(size, certainty, random);
+
+        BigInteger p = safePrimes[0];
+        BigInteger q = safePrimes[1];
+        BigInteger g = DHParametersHelper.selectGenerator(p, q, random);
+
+        return new DHParameters(p, g, q, TWO, null);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/DHParametersHelper.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/DHParametersHelper.java
new file mode 100644
index 0000000..6221516
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/DHParametersHelper.java

@@ -0,0 +1,111 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.generators;
+
+import java.math.BigInteger;
+import java.security.SecureRandom;
+
+// Android-added: Log long-running operation
+import java.util.logging.Logger;
+import com.android.org.bouncycastle.math.ec.WNafUtil;
+import com.android.org.bouncycastle.util.BigIntegers;
+
+class DHParametersHelper
+{
+    // Android-added: Log long-running operation
+    private static final Logger logger = Logger.getLogger(DHParametersHelper.class.getName());
+
+    private static final BigInteger ONE = BigInteger.valueOf(1);
+    private static final BigInteger TWO = BigInteger.valueOf(2);
+
+    /*
+     * Finds a pair of prime BigInteger's {p, q: p = 2q + 1}
+     * 
+     * (see: Handbook of Applied Cryptography 4.86)
+     */
+    static BigInteger[] generateSafePrimes(int size, int certainty, SecureRandom random)
+    {
+        // BEGIN Android-added: Log long-running operation
+        logger.info("Generating safe primes. This may take a long time.");
+        long start = System.currentTimeMillis();
+        int tries = 0;
+        // END Android-added: Log long-running operation
+        BigInteger p, q;
+        int qLength = size - 1;
+        int minWeight = size >>> 2;
+
+        for (;;)
+        {
+            // Android-added: Log long-running operation
+            tries++;
+            q = BigIntegers.createRandomPrime(qLength, 2, random);
+
+            // p <- 2q + 1
+            p = q.shiftLeft(1).add(ONE);
+
+            if (!p.isProbablePrime(certainty))
+            {
+                continue;
+            }
+
+            if (certainty > 2 && !q.isProbablePrime(certainty - 2))
+            {
+                continue;
+            }
+
+            /*
+             * Require a minimum weight of the NAF representation, since low-weight primes may be
+             * weak against a version of the number-field-sieve for the discrete-logarithm-problem.
+             * 
+             * See "The number field sieve for integers of low weight", Oliver Schirokauer.
+             */
+            if (WNafUtil.getNafWeight(p) < minWeight)
+            {
+                continue;
+            }
+
+            break;
+        }
+        // BEGIN Android-added: Log long-running operation
+        long end = System.currentTimeMillis();
+        long duration = end - start;
+        logger.info("Generated safe primes: " + tries + " tries took " + duration + "ms");
+        // END Android-added: Log long-running operation
+
+        return new BigInteger[] { p, q };
+    }
+
+    /*
+     * Select a high order element of the multiplicative group Zp*
+     * 
+     * p and q must be s.t. p = 2*q + 1, where p and q are prime (see generateSafePrimes)
+     */
+    static BigInteger selectGenerator(BigInteger p, BigInteger q, SecureRandom random)
+    {
+        BigInteger pMinusTwo = p.subtract(TWO);
+        BigInteger g;
+
+        /*
+         * (see: Handbook of Applied Cryptography 4.80)
+         */
+//        do
+//        {
+//            g = BigIntegers.createRandomInRange(TWO, pMinusTwo, random);
+//        }
+//        while (g.modPow(TWO, p).equals(ONE) || g.modPow(q, p).equals(ONE));
+
+
+        /*
+         * RFC 2631 2.2.1.2 (and see: Handbook of Applied Cryptography 4.81)
+         */
+        do
+        {
+            BigInteger h = BigIntegers.createRandomInRange(TWO, pMinusTwo, random);
+
+            g = h.modPow(TWO, p);
+        }
+        while (g.equals(ONE));
+
+
+        return g;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/DSAKeyPairGenerator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/DSAKeyPairGenerator.java
new file mode 100644
index 0000000..ec8945d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/DSAKeyPairGenerator.java

@@ -0,0 +1,71 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.generators;
+
+import java.math.BigInteger;
+import java.security.SecureRandom;
+
+import com.android.org.bouncycastle.crypto.AsymmetricCipherKeyPair;
+import com.android.org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
+import com.android.org.bouncycastle.crypto.KeyGenerationParameters;
+import com.android.org.bouncycastle.crypto.params.DSAKeyGenerationParameters;
+import com.android.org.bouncycastle.crypto.params.DSAParameters;
+import com.android.org.bouncycastle.crypto.params.DSAPrivateKeyParameters;
+import com.android.org.bouncycastle.crypto.params.DSAPublicKeyParameters;
+import com.android.org.bouncycastle.math.ec.WNafUtil;
+import com.android.org.bouncycastle.util.BigIntegers;
+
+/**
+ * a DSA key pair generator.
+ *
+ * This generates DSA keys in line with the method described 
+ * in <i>FIPS 186-3 B.1 FFC Key Pair Generation</i>.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DSAKeyPairGenerator
+    implements AsymmetricCipherKeyPairGenerator
+{
+    private static final BigInteger ONE = BigInteger.valueOf(1);
+
+    private DSAKeyGenerationParameters param;
+
+    public void init(
+        KeyGenerationParameters param)
+    {
+        this.param = (DSAKeyGenerationParameters)param;
+    }
+
+    public AsymmetricCipherKeyPair generateKeyPair()
+    {
+        DSAParameters dsaParams = param.getParameters();
+
+        BigInteger x = generatePrivateKey(dsaParams.getQ(), param.getRandom());
+        BigInteger y = calculatePublicKey(dsaParams.getP(), dsaParams.getG(), x);
+
+        return new AsymmetricCipherKeyPair(
+            new DSAPublicKeyParameters(y, dsaParams),
+            new DSAPrivateKeyParameters(x, dsaParams));
+    }
+
+    private static BigInteger generatePrivateKey(BigInteger q, SecureRandom random)
+    {
+        // B.1.2 Key Pair Generation by Testing Candidates
+        int minWeight = q.bitLength() >>> 2;
+        for (;;)
+        {
+            // TODO Prefer this method? (change test cases that used fixed random)
+            // B.1.1 Key Pair Generation Using Extra Random Bits
+//            BigInteger x = new BigInteger(q.bitLength() + 64, random).mod(q.subtract(ONE)).add(ONE);
+
+            BigInteger x = BigIntegers.createRandomInRange(ONE, q.subtract(ONE), random);
+            if (WNafUtil.getNafWeight(x) >= minWeight)
+            {
+                return x;
+            }
+        }
+    }
+
+    private static BigInteger calculatePublicKey(BigInteger p, BigInteger g, BigInteger x)
+    {
+        return g.modPow(x, p);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/DSAParametersGenerator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/DSAParametersGenerator.java
new file mode 100644
index 0000000..675d141
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/DSAParametersGenerator.java

@@ -0,0 +1,416 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.generators;
+
+import java.math.BigInteger;
+import java.security.SecureRandom;
+
+import com.android.org.bouncycastle.crypto.Digest;
+import com.android.org.bouncycastle.crypto.params.DSAParameterGenerationParameters;
+import com.android.org.bouncycastle.crypto.params.DSAParameters;
+import com.android.org.bouncycastle.crypto.params.DSAValidationParameters;
+// Android-changed: Use Android digests
+// import org.bouncycastle.crypto.util.DigestFactory;
+import com.android.org.bouncycastle.crypto.digests.AndroidDigestFactory;
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.BigIntegers;
+import com.android.org.bouncycastle.util.encoders.Hex;
+
+/**
+ * Generate suitable parameters for DSA, in line with FIPS 186-2, or FIPS 186-3.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DSAParametersGenerator
+{
+    private static final BigInteger ZERO = BigInteger.valueOf(0);
+    private static final BigInteger ONE = BigInteger.valueOf(1);
+    private static final BigInteger TWO = BigInteger.valueOf(2);
+
+    private Digest          digest;
+    private int             L, N;
+    private int             certainty;
+    private int             iterations;
+    private SecureRandom    random;
+    private boolean         use186_3;
+    private int             usageIndex;
+
+    public DSAParametersGenerator()
+    {
+        // Android-changed: Use Android digests
+        // this(DigestFactory.createSHA1());
+        this(AndroidDigestFactory.getSHA1());
+    }
+
+    public DSAParametersGenerator(Digest digest)
+    {
+        this.digest = digest;
+    }
+
+    /**
+     * initialise the key generator.
+     *
+     * @param size size of the key (range 2^512 -&gt; 2^1024 - 64 bit increments)
+     * @param certainty measure of robustness of prime (for FIPS 186-2 compliance this should be at least 80).
+     * @param random random byte source.
+     */
+    public void init(
+        int             size,
+        int             certainty,
+        SecureRandom    random)
+    {
+        this.L = size;
+        this.N = getDefaultN(size);
+        this.certainty = certainty;
+        this.iterations = Math.max(getMinimumIterations(L), (certainty + 1) / 2);
+        this.random = random;
+        this.use186_3 = false;
+        this.usageIndex = -1;
+    }
+
+    /**
+     * Initialise the key generator for DSA 2.
+     * <p>
+     *     Use this init method if you need to generate parameters for DSA 2 keys.
+     * </p>
+     *
+     * @param params  DSA 2 key generation parameters.
+     */
+    public void init(
+        DSAParameterGenerationParameters params)
+    {
+        int L = params.getL(), N = params.getN();
+
+        if ((L < 1024 || L > 3072) || L % 1024 != 0)
+        {
+            throw new IllegalArgumentException("L values must be between 1024 and 3072 and a multiple of 1024");
+        }
+        else if (L == 1024 && N != 160)
+        {
+            throw new IllegalArgumentException("N must be 160 for L = 1024");
+        }
+        else if (L == 2048 && (N != 224 && N != 256))
+        {
+            throw new IllegalArgumentException("N must be 224 or 256 for L = 2048");
+        }
+        else if (L == 3072 && N != 256)
+        {
+            throw new IllegalArgumentException("N must be 256 for L = 3072");
+        }
+
+        if (digest.getDigestSize() * 8 < N)
+        {
+            throw new IllegalStateException("Digest output size too small for value of N");
+        }
+
+        this.L = L;
+        this.N = N;
+        this.certainty = params.getCertainty();
+        this.iterations = Math.max(getMinimumIterations(L), (certainty + 1) / 2);
+        this.random = params.getRandom();
+        this.use186_3 = true;
+        this.usageIndex = params.getUsageIndex();
+    }
+
+    /**
+     * which generates the p and g values from the given parameters,
+     * returning the DSAParameters object.
+     * <p>
+     * Note: can take a while...
+     * @return a generated DSA parameters object.
+     */
+    public DSAParameters generateParameters()
+    {
+        return (use186_3)
+            ? generateParameters_FIPS186_3()
+            : generateParameters_FIPS186_2();
+    }
+
+    private DSAParameters generateParameters_FIPS186_2()
+    {
+        byte[]          seed = new byte[20];
+        byte[]          part1 = new byte[20];
+        byte[]          part2 = new byte[20];
+        byte[]          u = new byte[20];
+        int             n = (L - 1) / 160;
+        byte[]          w = new byte[L / 8];
+
+        // Android-changed: Use Android digests
+        // if (!(digest instanceof SHA1Digest))
+        if (!(digest.getAlgorithmName().equals("SHA-1")))
+        {
+            throw new IllegalStateException("can only use SHA-1 for generating FIPS 186-2 parameters");
+        }
+
+        for (;;)
+        {
+            random.nextBytes(seed);
+
+            hash(digest, seed, part1, 0);
+            System.arraycopy(seed, 0, part2, 0, seed.length);
+            inc(part2);
+            hash(digest, part2, part2, 0);
+
+            for (int i = 0; i != u.length; i++)
+            {
+                u[i] = (byte)(part1[i] ^ part2[i]);
+            }
+
+            u[0] |= (byte)0x80;
+            u[19] |= (byte)0x01;
+
+            BigInteger q = new BigInteger(1, u);
+
+            if (!isProbablePrime(q))
+            {
+                continue;
+            }
+
+            byte[] offset = Arrays.clone(seed);
+            inc(offset);
+
+            for (int counter = 0; counter < 4096; ++counter)
+            {
+                {
+                    for (int k = 1; k <= n; k++)
+                    {
+                        inc(offset);
+                        hash(digest, offset, w, w.length - k * part1.length);
+                    }
+
+                    int remaining = w.length - (n * part1.length);
+                    inc(offset);
+                    hash(digest, offset, part1, 0);
+                    System.arraycopy(part1, part1.length - remaining, w, 0, remaining);
+
+                    w[0] |= (byte)0x80;
+                }
+
+                BigInteger x = new BigInteger(1, w);
+
+                BigInteger c = x.mod(q.shiftLeft(1));
+
+                BigInteger p = x.subtract(c.subtract(ONE));
+
+                if (p.bitLength() != L)
+                {
+                    continue;
+                }
+
+                if (isProbablePrime(p))
+                {
+                    BigInteger g = calculateGenerator_FIPS186_2(p, q, random);
+
+                    return new DSAParameters(p, q, g, new DSAValidationParameters(seed, counter));
+                }
+            }
+        }
+    }
+
+    private static BigInteger calculateGenerator_FIPS186_2(BigInteger p, BigInteger q, SecureRandom r)
+    {
+        BigInteger e = p.subtract(ONE).divide(q);
+        BigInteger pSub2 = p.subtract(TWO);
+
+        for (;;)
+        {
+            BigInteger h = BigIntegers.createRandomInRange(TWO, pSub2, r);
+            BigInteger g = h.modPow(e, p);
+            if (g.bitLength() > 1)
+            {
+                return g;
+            }
+        }
+    }
+
+    /**
+     * generate suitable parameters for DSA, in line with
+     * <i>FIPS 186-3 A.1 Generation of the FFC Primes p and q</i>.
+     */
+    private DSAParameters generateParameters_FIPS186_3()
+    {
+// A.1.1.2 Generation of the Probable Primes p and q Using an Approved Hash Function
+        // FIXME This should be configurable (digest size in bits must be >= N)
+        Digest d = digest;
+        int outlen = d.getDigestSize() * 8;
+
+// 1. Check that the (L, N) pair is in the list of acceptable (L, N pairs) (see Section 4.2). If
+//    the pair is not in the list, then return INVALID.
+        // Note: checked at initialisation
+
+// 2. If (seedlen < N), then return INVALID.
+        // FIXME This should be configurable (must be >= N)
+        int seedlen = N;
+        byte[] seed = new byte[seedlen / 8];
+
+// 3. n = ceiling(L / outlen) - 1.
+        int n = (L - 1) / outlen;
+
+// 4. b = L - 1 - (n * outlen).
+        int b = (L - 1) % outlen;
+
+        byte[] w = new byte[L / 8];
+        byte[] output = new byte[d.getDigestSize()];
+        for (;;)
+        {
+// 5. Get an arbitrary sequence of seedlen bits as the domain_parameter_seed.
+            random.nextBytes(seed);
+
+// 6. U = Hash (domain_parameter_seed) mod 2^(N–1).
+            hash(d, seed, output, 0);
+
+            BigInteger U = new BigInteger(1, output).mod(ONE.shiftLeft(N - 1));
+
+// 7. q = 2^(N–1) + U + 1 – ( U mod 2).
+            BigInteger q = U.setBit(0).setBit(N - 1);
+
+// 8. Test whether or not q is prime as specified in Appendix C.3.
+            if (!isProbablePrime(q))
+            {
+// 9. If q is not a prime, then go to step 5.
+                continue;
+            }
+
+// 10. offset = 1.
+            // Note: 'offset' value managed incrementally
+            byte[] offset = Arrays.clone(seed);
+
+// 11. For counter = 0 to (4L – 1) do
+            int counterLimit = 4 * L;
+            for (int counter = 0; counter < counterLimit; ++counter)
+            {
+// 11.1 For j = 0 to n do
+//      Vj = Hash ((domain_parameter_seed + offset + j) mod 2^seedlen).
+// 11.2 W = V0 + (V1 ∗ 2^outlen) + ... + (V^(n–1) ∗ 2^((n–1) ∗ outlen)) + ((Vn mod 2^b) ∗ 2^(n ∗ outlen)).
+                {
+                    for (int j = 1; j <= n; ++j)
+                    {
+                        inc(offset);
+                        hash(d, offset, w, w.length - j * output.length);
+                    }
+
+                    int remaining = w.length - (n * output.length);
+                    inc(offset);
+                    hash(d, offset, output, 0);
+                    System.arraycopy(output, output.length - remaining, w, 0, remaining);
+
+// 11.3 X = W + 2^(L–1). Comment: 0 ≤ W < 2^(L–1); hence, 2^(L–1) ≤ X < 2^L.
+                    w[0] |= (byte)0x80;
+                }
+
+                BigInteger X = new BigInteger(1, w);
+ 
+// 11.4 c = X mod 2q.
+                BigInteger c = X.mod(q.shiftLeft(1));
+
+// 11.5 p = X - (c - 1). Comment: p ≡ 1 (mod 2q).
+                BigInteger p = X.subtract(c.subtract(ONE));
+
+// 11.6 If (p < 2^(L-1)), then go to step 11.9
+                if (p.bitLength() != L)
+                {
+                    continue;
+                }
+
+// 11.7 Test whether or not p is prime as specified in Appendix C.3.
+                if (isProbablePrime(p))
+                {
+// 11.8 If p is determined to be prime, then return VALID and the values of p, q and
+//      (optionally) the values of domain_parameter_seed and counter.
+                    if (usageIndex >= 0)
+                    {
+                        BigInteger g = calculateGenerator_FIPS186_3_Verifiable(d, p, q, seed, usageIndex);
+                        if (g != null)
+                        {
+                           return new DSAParameters(p, q, g, new DSAValidationParameters(seed, counter, usageIndex));
+                        }
+                    }
+
+                    BigInteger g = calculateGenerator_FIPS186_3_Unverifiable(p, q, random);
+
+                    return new DSAParameters(p, q, g, new DSAValidationParameters(seed, counter));
+                }
+
+// 11.9 offset = offset + n + 1.      Comment: Increment offset; then, as part of
+//                                    the loop in step 11, increment counter; if
+//                                    counter < 4L, repeat steps 11.1 through 11.8.
+                // Note: 'offset' value already incremented in inner loop
+            }
+// 12. Go to step 5.
+        }
+    }
+
+    private boolean isProbablePrime(BigInteger x)
+    {
+        /*
+         * TODO Use Primes class for FIPS 186-4 C.3 primality checking - but it breaks existing
+         * tests using FixedSecureRandom
+         */
+//        return !Primes.hasAnySmallFactors(x) && Primes.isMRProbablePrime(x, random, iterations);
+        return x.isProbablePrime(certainty);
+    }
+
+    private static BigInteger calculateGenerator_FIPS186_3_Unverifiable(BigInteger p, BigInteger q,
+        SecureRandom r)
+    {
+        return calculateGenerator_FIPS186_2(p, q, r);
+    }
+
+    private static BigInteger calculateGenerator_FIPS186_3_Verifiable(Digest d, BigInteger p, BigInteger q,
+        byte[] seed, int index)
+    {
+// A.2.3 Verifiable Canonical Generation of the Generator g
+        BigInteger e = p.subtract(ONE).divide(q);
+        byte[] ggen = Hex.decode("6767656E");
+
+        // 7. U = domain_parameter_seed || "ggen" || index || count.
+        byte[] U = new byte[seed.length + ggen.length + 1 + 2];
+        System.arraycopy(seed, 0, U, 0, seed.length);
+        System.arraycopy(ggen, 0, U, seed.length, ggen.length);
+        U[U.length - 3] = (byte)index;
+
+        byte[] w = new byte[d.getDigestSize()];
+        for (int count = 1; count < (1 << 16); ++count)
+        {
+            inc(U);
+            hash(d, U, w, 0);
+            BigInteger W = new BigInteger(1, w);
+            BigInteger g = W.modPow(e, p);
+            if (g.compareTo(TWO) >= 0)
+            {
+                return g;
+            }
+        }
+
+        return null;
+    }
+
+    private static void hash(Digest d, byte[] input, byte[] output, int outputPos)
+    {
+        d.update(input, 0, input.length);
+        d.doFinal(output, outputPos);
+    }
+
+    private static int getDefaultN(int L)
+    {
+        return L > 1024 ? 256 : 160;
+    }
+
+    private static int getMinimumIterations(int L)
+    {
+        // Values based on FIPS 186-4 C.3 Table C.1
+        return L <= 1024 ? 40 : (48 + 8 * ((L - 1) / 1024)); 
+    }
+
+    private static void inc(byte[] buf)
+    {
+        for (int i = buf.length - 1; i >= 0; --i)
+        {
+            byte b = (byte)((buf[i] + 1) & 0xff);
+            buf[i] = b;
+
+            if (b != 0)
+            {
+                break;
+            }
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/ECKeyPairGenerator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/ECKeyPairGenerator.java
new file mode 100644
index 0000000..bd5be97
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/ECKeyPairGenerator.java

@@ -0,0 +1,84 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.generators;
+
+import java.math.BigInteger;
+import java.security.SecureRandom;
+
+import com.android.org.bouncycastle.crypto.AsymmetricCipherKeyPair;
+import com.android.org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
+import com.android.org.bouncycastle.crypto.CryptoServicesRegistrar;
+import com.android.org.bouncycastle.crypto.KeyGenerationParameters;
+import com.android.org.bouncycastle.crypto.params.ECDomainParameters;
+import com.android.org.bouncycastle.crypto.params.ECKeyGenerationParameters;
+import com.android.org.bouncycastle.crypto.params.ECPrivateKeyParameters;
+import com.android.org.bouncycastle.crypto.params.ECPublicKeyParameters;
+import com.android.org.bouncycastle.math.ec.ECConstants;
+import com.android.org.bouncycastle.math.ec.ECMultiplier;
+import com.android.org.bouncycastle.math.ec.ECPoint;
+import com.android.org.bouncycastle.math.ec.FixedPointCombMultiplier;
+import com.android.org.bouncycastle.math.ec.WNafUtil;
+import com.android.org.bouncycastle.util.BigIntegers;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ECKeyPairGenerator
+    implements AsymmetricCipherKeyPairGenerator, ECConstants
+{
+    ECDomainParameters  params;
+    SecureRandom        random;
+
+    public void init(
+        KeyGenerationParameters param)
+    {
+        ECKeyGenerationParameters  ecP = (ECKeyGenerationParameters)param;
+
+        this.random = ecP.getRandom();
+        this.params = ecP.getDomainParameters();
+
+        if (this.random == null)
+        {
+            this.random = CryptoServicesRegistrar.getSecureRandom();
+        }
+    }
+
+    /**
+     * Given the domain parameters this routine generates an EC key
+     * pair in accordance with X9.62 section 5.2.1 pages 26, 27.
+     */
+    public AsymmetricCipherKeyPair generateKeyPair()
+    {
+        BigInteger n = params.getN();
+        int nBitLength = n.bitLength();
+        int minWeight = nBitLength >>> 2;
+
+        BigInteger d;
+        for (;;)
+        {
+            d = BigIntegers.createRandomBigInteger(nBitLength, random);
+
+            if (d.compareTo(TWO) < 0  || (d.compareTo(n) >= 0))
+            {
+                continue;
+            }
+
+            if (WNafUtil.getNafWeight(d) < minWeight)
+            {
+                continue;
+            }
+
+            break;
+        }
+
+        ECPoint Q = createBasePointMultiplier().multiply(params.getG(), d);
+
+        return new AsymmetricCipherKeyPair(
+            new ECPublicKeyParameters(Q, params),
+            new ECPrivateKeyParameters(d, params));
+    }
+
+    protected ECMultiplier createBasePointMultiplier()
+    {
+        return new FixedPointCombMultiplier();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java
new file mode 100644
index 0000000..116aa7d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/OpenSSLPBEParametersGenerator.java

@@ -0,0 +1,137 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.generators;
+
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.Digest;
+import com.android.org.bouncycastle.crypto.PBEParametersGenerator;
+import com.android.org.bouncycastle.crypto.params.KeyParameter;
+import com.android.org.bouncycastle.crypto.params.ParametersWithIV;
+// Android-changed: Use Android digests
+// import org.bouncycastle.crypto.util.DigestFactory;
+import com.android.org.bouncycastle.crypto.digests.AndroidDigestFactory;
+
+/**
+ * Generator for PBE derived keys and ivs as usd by OpenSSL.
+ * <p>
+ * The scheme is a simple extension of PKCS 5 V2.0 Scheme 1 using MD5 with an
+ * iteration count of 1.
+ * <p>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class OpenSSLPBEParametersGenerator
+    extends PBEParametersGenerator
+{
+    // Android-changed: Use Android digests
+    // private Digest  digest = DigestFactory.createMD5();
+    private Digest  digest = AndroidDigestFactory.getMD5();
+
+    /**
+     * Construct a OpenSSL Parameters generator. 
+     */
+    public OpenSSLPBEParametersGenerator()
+    {
+    }
+
+    /**
+     * Initialise - note the iteration count for this algorithm is fixed at 1.
+     * 
+     * @param password password to use.
+     * @param salt salt to use.
+     */
+    public void init(
+       byte[] password,
+       byte[] salt)
+    {
+        super.init(password, salt, 1);
+    }
+    
+    /**
+     * the derived key function, the ith hash of the password and the salt.
+     */
+    private byte[] generateDerivedKey(
+        int bytesNeeded)
+    {
+        byte[]  buf = new byte[digest.getDigestSize()];
+        byte[]  key = new byte[bytesNeeded];
+        int     offset = 0;
+        
+        for (;;)
+        {
+            digest.update(password, 0, password.length);
+            digest.update(salt, 0, salt.length);
+
+            digest.doFinal(buf, 0);
+            
+            int len = (bytesNeeded > buf.length) ? buf.length : bytesNeeded;
+            System.arraycopy(buf, 0, key, offset, len);
+            offset += len;
+
+            // check if we need any more
+            bytesNeeded -= len;
+            if (bytesNeeded == 0)
+            {
+                break;
+            }
+
+            // do another round
+            digest.reset();
+            digest.update(buf, 0, buf.length);
+        }
+        
+        return key;
+    }
+
+    /**
+     * Generate a key parameter derived from the password, salt, and iteration
+     * count we are currently initialised with.
+     *
+     * @param keySize the size of the key we want (in bits)
+     * @return a KeyParameter object.
+     * @exception IllegalArgumentException if the key length larger than the base hash size.
+     */
+    public CipherParameters generateDerivedParameters(
+        int keySize)
+    {
+        keySize = keySize / 8;
+
+        byte[]  dKey = generateDerivedKey(keySize);
+
+        return new KeyParameter(dKey, 0, keySize);
+    }
+
+    /**
+     * Generate a key with initialisation vector parameter derived from
+     * the password, salt, and iteration count we are currently initialised
+     * with.
+     *
+     * @param keySize the size of the key we want (in bits)
+     * @param ivSize the size of the iv we want (in bits)
+     * @return a ParametersWithIV object.
+     * @exception IllegalArgumentException if keySize + ivSize is larger than the base hash size.
+     */
+    public CipherParameters generateDerivedParameters(
+        int     keySize,
+        int     ivSize)
+    {
+        keySize = keySize / 8;
+        ivSize = ivSize / 8;
+
+        byte[]  dKey = generateDerivedKey(keySize + ivSize);
+
+        return new ParametersWithIV(new KeyParameter(dKey, 0, keySize), dKey, keySize, ivSize);
+    }
+
+    /**
+     * Generate a key parameter for use with a MAC derived from the password,
+     * salt, and iteration count we are currently initialised with.
+     *
+     * @param keySize the size of the key we want (in bits)
+     * @return a KeyParameter object.
+     * @exception IllegalArgumentException if the key length larger than the base hash size.
+     */
+    public CipherParameters generateDerivedMacParameters(
+        int keySize)
+    {
+        return generateDerivedParameters(keySize);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/PKCS12ParametersGenerator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/PKCS12ParametersGenerator.java
new file mode 100644
index 0000000..9177b21
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/PKCS12ParametersGenerator.java

@@ -0,0 +1,222 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.generators;
+
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.Digest;
+import com.android.org.bouncycastle.crypto.ExtendedDigest;
+import com.android.org.bouncycastle.crypto.PBEParametersGenerator;
+import com.android.org.bouncycastle.crypto.params.KeyParameter;
+import com.android.org.bouncycastle.crypto.params.ParametersWithIV;
+
+/**
+ * Generator for PBE derived keys and ivs as defined by PKCS 12 V1.0.
+ * <p>
+ * The document this implementation is based on can be found at
+ * <a href=http://www.rsasecurity.com/rsalabs/pkcs/pkcs-12/index.html>
+ * RSA's PKCS12 Page</a>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PKCS12ParametersGenerator
+    extends PBEParametersGenerator
+{
+    public static final int KEY_MATERIAL = 1;
+    public static final int IV_MATERIAL  = 2;
+    public static final int MAC_MATERIAL = 3;
+
+    private Digest digest;
+
+    private int     u;
+    private int     v;
+
+    /**
+     * Construct a PKCS 12 Parameters generator. This constructor will
+     * accept any digest which also implements ExtendedDigest.
+     *
+     * @param digest the digest to be used as the source of derived keys.
+     * @exception IllegalArgumentException if an unknown digest is passed in.
+     */
+    public PKCS12ParametersGenerator(
+        Digest  digest)
+    {
+        this.digest = digest;
+        if (digest instanceof ExtendedDigest)
+        {
+            u = digest.getDigestSize();
+            v = ((ExtendedDigest)digest).getByteLength();
+        }
+        else
+        {
+            throw new IllegalArgumentException("Digest " + digest.getAlgorithmName() + " unsupported");
+        }
+    }
+
+    /**
+     * add a + b + 1, returning the result in a. The a value is treated
+     * as a BigInteger of length (b.length * 8) bits. The result is 
+     * modulo 2^b.length in case of overflow.
+     */
+    private void adjust(
+        byte[]  a,
+        int     aOff,
+        byte[]  b)
+    {
+        int  x = (b[b.length - 1] & 0xff) + (a[aOff + b.length - 1] & 0xff) + 1;
+
+        a[aOff + b.length - 1] = (byte)x;
+        x >>>= 8;
+
+        for (int i = b.length - 2; i >= 0; i--)
+        {
+            x += (b[i] & 0xff) + (a[aOff + i] & 0xff);
+            a[aOff + i] = (byte)x;
+            x >>>= 8;
+        }
+    }
+
+    /**
+     * generation of a derived key ala PKCS12 V1.0.
+     */
+    private byte[] generateDerivedKey(
+        int idByte,
+        int n)
+    {
+        byte[]  D = new byte[v];
+        byte[]  dKey = new byte[n];
+
+        for (int i = 0; i != D.length; i++)
+        {
+            D[i] = (byte)idByte;
+        }
+
+        byte[]  S;
+
+        if ((salt != null) && (salt.length != 0))
+        {
+            S = new byte[v * ((salt.length + v - 1) / v)];
+
+            for (int i = 0; i != S.length; i++)
+            {
+                S[i] = salt[i % salt.length];
+            }
+        }
+        else
+        {
+            S = new byte[0];
+        }
+
+        byte[]  P;
+
+        if ((password != null) && (password.length != 0))
+        {
+            P = new byte[v * ((password.length + v - 1) / v)];
+
+            for (int i = 0; i != P.length; i++)
+            {
+                P[i] = password[i % password.length];
+            }
+        }
+        else
+        {
+            P = new byte[0];
+        }
+
+        byte[]  I = new byte[S.length + P.length];
+
+        System.arraycopy(S, 0, I, 0, S.length);
+        System.arraycopy(P, 0, I, S.length, P.length);
+
+        byte[]  B = new byte[v];
+        int     c = (n + u - 1) / u;
+        byte[]  A = new byte[u];
+
+        for (int i = 1; i <= c; i++)
+        {
+            digest.update(D, 0, D.length);
+            digest.update(I, 0, I.length);
+            digest.doFinal(A, 0);
+            for (int j = 1; j < iterationCount; j++)
+            {
+                digest.update(A, 0, A.length);
+                digest.doFinal(A, 0);
+            }
+
+            for (int j = 0; j != B.length; j++)
+            {
+                B[j] = A[j % A.length];
+            }
+
+            for (int j = 0; j != I.length / v; j++)
+            {
+                adjust(I, j * v, B);
+            }
+
+            if (i == c)
+            {
+                System.arraycopy(A, 0, dKey, (i - 1) * u, dKey.length - ((i - 1) * u));
+            }
+            else
+            {
+                System.arraycopy(A, 0, dKey, (i - 1) * u, A.length);
+            }
+        }
+
+        return dKey;
+    }
+
+    /**
+     * Generate a key parameter derived from the password, salt, and iteration
+     * count we are currently initialised with.
+     *
+     * @param keySize the size of the key we want (in bits)
+     * @return a KeyParameter object.
+     */
+    public CipherParameters generateDerivedParameters(
+        int keySize)
+    {
+        keySize = keySize / 8;
+
+        byte[]  dKey = generateDerivedKey(KEY_MATERIAL, keySize);
+
+        return new KeyParameter(dKey, 0, keySize);
+    }
+
+    /**
+     * Generate a key with initialisation vector parameter derived from
+     * the password, salt, and iteration count we are currently initialised
+     * with.
+     *
+     * @param keySize the size of the key we want (in bits)
+     * @param ivSize the size of the iv we want (in bits)
+     * @return a ParametersWithIV object.
+     */
+    public CipherParameters generateDerivedParameters(
+        int     keySize,
+        int     ivSize)
+    {
+        keySize = keySize / 8;
+        ivSize = ivSize / 8;
+
+        byte[]  dKey = generateDerivedKey(KEY_MATERIAL, keySize);
+
+        byte[]  iv = generateDerivedKey(IV_MATERIAL, ivSize);
+
+        return new ParametersWithIV(new KeyParameter(dKey, 0, keySize), iv, 0, ivSize);
+    }
+
+    /**
+     * Generate a key parameter for use with a MAC derived from the password,
+     * salt, and iteration count we are currently initialised with.
+     *
+     * @param keySize the size of the key we want (in bits)
+     * @return a KeyParameter object.
+     */
+    public CipherParameters generateDerivedMacParameters(
+        int keySize)
+    {
+        keySize = keySize / 8;
+
+        byte[]  dKey = generateDerivedKey(MAC_MATERIAL, keySize);
+
+        return new KeyParameter(dKey, 0, keySize);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/PKCS5S1ParametersGenerator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/PKCS5S1ParametersGenerator.java
new file mode 100644
index 0000000..d425074
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/PKCS5S1ParametersGenerator.java

@@ -0,0 +1,121 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.generators;
+
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.Digest;
+import com.android.org.bouncycastle.crypto.PBEParametersGenerator;
+import com.android.org.bouncycastle.crypto.params.KeyParameter;
+import com.android.org.bouncycastle.crypto.params.ParametersWithIV;
+
+/**
+ * Generator for PBE derived keys and ivs as defined by PKCS 5 V2.0 Scheme 1.
+ * Note this generator is limited to the size of the hash produced by the
+ * digest used to drive it.
+ * <p>
+ * The document this implementation is based on can be found at
+ * <a href=http://www.rsasecurity.com/rsalabs/pkcs/pkcs-5/index.html>
+ * RSA's PKCS5 Page</a>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PKCS5S1ParametersGenerator
+    extends PBEParametersGenerator
+{
+    private Digest  digest;
+
+    /**
+     * Construct a PKCS 5 Scheme 1 Parameters generator. 
+     *
+     * @param digest the digest to be used as the source of derived keys.
+     */
+    public PKCS5S1ParametersGenerator(
+        Digest  digest)
+    {
+        this.digest = digest;
+    }
+
+    /**
+     * the derived key function, the ith hash of the password and the salt.
+     */
+    private byte[] generateDerivedKey()
+    {
+        byte[] digestBytes = new byte[digest.getDigestSize()];
+
+        digest.update(password, 0, password.length);
+        digest.update(salt, 0, salt.length);
+
+        digest.doFinal(digestBytes, 0);
+        for (int i = 1; i < iterationCount; i++)
+        {
+            digest.update(digestBytes, 0, digestBytes.length);
+            digest.doFinal(digestBytes, 0);
+        }
+
+        return digestBytes;
+    }
+
+    /**
+     * Generate a key parameter derived from the password, salt, and iteration
+     * count we are currently initialised with.
+     *
+     * @param keySize the size of the key we want (in bits)
+     * @return a KeyParameter object.
+     * @exception IllegalArgumentException if the key length larger than the base hash size.
+     */
+    public CipherParameters generateDerivedParameters(
+        int keySize)
+    {
+        keySize = keySize / 8;
+
+        if (keySize > digest.getDigestSize())
+        {
+            throw new IllegalArgumentException(
+                   "Can't generate a derived key " + keySize + " bytes long.");
+        }
+
+        byte[]  dKey = generateDerivedKey();
+
+        return new KeyParameter(dKey, 0, keySize);
+    }
+
+    /**
+     * Generate a key with initialisation vector parameter derived from
+     * the password, salt, and iteration count we are currently initialised
+     * with.
+     *
+     * @param keySize the size of the key we want (in bits)
+     * @param ivSize the size of the iv we want (in bits)
+     * @return a ParametersWithIV object.
+     * @exception IllegalArgumentException if keySize + ivSize is larger than the base hash size.
+     */
+    public CipherParameters generateDerivedParameters(
+        int     keySize,
+        int     ivSize)
+    {
+        keySize = keySize / 8;
+        ivSize = ivSize / 8;
+
+        if ((keySize + ivSize) > digest.getDigestSize())
+        {
+            throw new IllegalArgumentException(
+                   "Can't generate a derived key " + (keySize + ivSize) + " bytes long.");
+        }
+
+        byte[]  dKey = generateDerivedKey();
+
+        return new ParametersWithIV(new KeyParameter(dKey, 0, keySize), dKey, keySize, ivSize);
+    }
+
+    /**
+     * Generate a key parameter for use with a MAC derived from the password,
+     * salt, and iteration count we are currently initialised with.
+     *
+     * @param keySize the size of the key we want (in bits)
+     * @return a KeyParameter object.
+     * @exception IllegalArgumentException if the key length larger than the base hash size.
+     */
+    public CipherParameters generateDerivedMacParameters(
+        int keySize)
+    {
+        return generateDerivedParameters(keySize);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java
new file mode 100644
index 0000000..62712be
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/PKCS5S2ParametersGenerator.java

@@ -0,0 +1,160 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.generators;
+
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.Digest;
+import com.android.org.bouncycastle.crypto.Mac;
+import com.android.org.bouncycastle.crypto.PBEParametersGenerator;
+import com.android.org.bouncycastle.crypto.macs.HMac;
+import com.android.org.bouncycastle.crypto.params.KeyParameter;
+import com.android.org.bouncycastle.crypto.params.ParametersWithIV;
+// Android-changed: Use Android digests
+// import org.bouncycastle.crypto.util.DigestFactory;
+import com.android.org.bouncycastle.crypto.digests.AndroidDigestFactory;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * Generator for PBE derived keys and ivs as defined by PKCS 5 V2.0 Scheme 2.
+ * This generator uses a SHA-1 HMac as the calculation function.
+ * <p>
+ * The document this implementation is based on can be found at
+ * <a href=http://www.rsasecurity.com/rsalabs/pkcs/pkcs-5/index.html>
+ * RSA's PKCS5 Page</a>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PKCS5S2ParametersGenerator
+    extends PBEParametersGenerator
+{
+    private Mac hMac;
+    private byte[] state;
+
+    /**
+     * construct a PKCS5 Scheme 2 Parameters generator.
+     */
+    public PKCS5S2ParametersGenerator()
+    {
+        // Android-changed: Use Android digests
+        // this(DigestFactory.createSHA1());
+        this(AndroidDigestFactory.getSHA1());
+    }
+
+    public PKCS5S2ParametersGenerator(Digest digest)
+    {
+        hMac = new HMac(digest);
+        state = new byte[hMac.getMacSize()];
+    }
+
+    private void F(
+        byte[]  S,
+        int     c,
+        byte[]  iBuf,
+        byte[]  out,
+        int     outOff)
+    {
+        if (c == 0)
+        {
+            throw new IllegalArgumentException("iteration count must be at least 1.");
+        }
+
+        if (S != null)
+        {
+            hMac.update(S, 0, S.length);
+        }
+
+        hMac.update(iBuf, 0, iBuf.length);
+        hMac.doFinal(state, 0);
+
+        System.arraycopy(state, 0, out, outOff, state.length);
+
+        for (int count = 1; count < c; count++)
+        {
+            hMac.update(state, 0, state.length);
+            hMac.doFinal(state, 0);
+
+            for (int j = 0; j != state.length; j++)
+            {
+                out[outOff + j] ^= state[j];
+            }
+        }
+    }
+
+    private byte[] generateDerivedKey(
+        int dkLen)
+    {
+        int     hLen = hMac.getMacSize();
+        int     l = (dkLen + hLen - 1) / hLen;
+        byte[]  iBuf = new byte[4];
+        byte[]  outBytes = new byte[l * hLen];
+        int     outPos = 0;
+
+        CipherParameters param = new KeyParameter(password);
+
+        hMac.init(param);
+
+        for (int i = 1; i <= l; i++)
+        {
+            // Increment the value in 'iBuf'
+            int pos = 3;
+            while (++iBuf[pos] == 0)
+            {
+                --pos;
+            }
+
+            F(salt, iterationCount, iBuf, outBytes, outPos);
+            outPos += hLen;
+        }
+
+        return outBytes;
+    }
+
+    /**
+     * Generate a key parameter derived from the password, salt, and iteration
+     * count we are currently initialised with.
+     *
+     * @param keySize the size of the key we want (in bits)
+     * @return a KeyParameter object.
+     */
+    public CipherParameters generateDerivedParameters(
+        int keySize)
+    {
+        keySize = keySize / 8;
+
+        byte[]  dKey = Arrays.copyOfRange(generateDerivedKey(keySize), 0, keySize);
+
+        return new KeyParameter(dKey, 0, keySize);
+    }
+
+    /**
+     * Generate a key with initialisation vector parameter derived from
+     * the password, salt, and iteration count we are currently initialised
+     * with.
+     *
+     * @param keySize the size of the key we want (in bits)
+     * @param ivSize the size of the iv we want (in bits)
+     * @return a ParametersWithIV object.
+     */
+    public CipherParameters generateDerivedParameters(
+        int     keySize,
+        int     ivSize)
+    {
+        keySize = keySize / 8;
+        ivSize = ivSize / 8;
+
+        byte[]  dKey = generateDerivedKey(keySize + ivSize);
+
+        return new ParametersWithIV(new KeyParameter(dKey, 0, keySize), dKey, keySize, ivSize);
+    }
+
+    /**
+     * Generate a key parameter for use with a MAC derived from the password,
+     * salt, and iteration count we are currently initialised with.
+     *
+     * @param keySize the size of the key we want (in bits)
+     * @return a KeyParameter object.
+     */
+    public CipherParameters generateDerivedMacParameters(
+        int keySize)
+    {
+        return generateDerivedParameters(keySize);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/RSAKeyPairGenerator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/RSAKeyPairGenerator.java
new file mode 100644
index 0000000..ebe1116
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/generators/RSAKeyPairGenerator.java

@@ -0,0 +1,234 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.generators;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.crypto.AsymmetricCipherKeyPair;
+import com.android.org.bouncycastle.crypto.AsymmetricCipherKeyPairGenerator;
+import com.android.org.bouncycastle.crypto.KeyGenerationParameters;
+import com.android.org.bouncycastle.crypto.params.RSAKeyGenerationParameters;
+import com.android.org.bouncycastle.crypto.params.RSAKeyParameters;
+import com.android.org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
+import com.android.org.bouncycastle.math.Primes;
+import com.android.org.bouncycastle.math.ec.WNafUtil;
+import com.android.org.bouncycastle.util.BigIntegers;
+
+/**
+ * an RSA key pair generator.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class RSAKeyPairGenerator
+    implements AsymmetricCipherKeyPairGenerator
+{
+    private static final BigInteger ONE = BigInteger.valueOf(1);
+
+    private RSAKeyGenerationParameters param;
+
+    public void init(KeyGenerationParameters param)
+    {
+        this.param = (RSAKeyGenerationParameters)param;
+    }
+
+    public AsymmetricCipherKeyPair generateKeyPair()
+    {
+        AsymmetricCipherKeyPair result = null;
+        boolean done = false;
+
+        //
+        // p and q values should have a length of half the strength in bits
+        //
+        int strength = param.getStrength();
+        int pbitlength = (strength + 1) / 2;
+        int qbitlength = strength - pbitlength;
+        int mindiffbits = (strength / 2) - 100;
+
+        if (mindiffbits < strength / 3)
+        {
+            mindiffbits = strength / 3;
+        }
+
+        int minWeight = strength >> 2;
+
+        // d lower bound is 2^(strength / 2)
+        BigInteger dLowerBound = BigInteger.valueOf(2).pow(strength / 2);
+        // squared bound (sqrt(2)*2^(nlen/2-1))^2
+        BigInteger squaredBound = ONE.shiftLeft(strength - 1);
+        // 2^(nlen/2 - 100)
+        BigInteger minDiff = ONE.shiftLeft(mindiffbits);
+
+        while (!done)
+        {
+            BigInteger p, q, n, d, e, pSub1, qSub1, gcd, lcm;
+
+            e = param.getPublicExponent();
+
+            p = chooseRandomPrime(pbitlength, e, squaredBound);
+
+            //
+            // generate a modulus of the required length
+            //
+            for (; ; )
+            {
+                q = chooseRandomPrime(qbitlength, e, squaredBound);
+
+                // p and q should not be too close together (or equal!)
+                BigInteger diff = q.subtract(p).abs();
+                if (diff.bitLength() < mindiffbits || diff.compareTo(minDiff) <= 0)
+                {
+                    continue;
+                }
+
+                //
+                // calculate the modulus
+                //
+                n = p.multiply(q);
+
+                if (n.bitLength() != strength)
+                {
+                    //
+                    // if we get here our primes aren't big enough, make the largest
+                    // of the two p and try again
+                    //
+                    p = p.max(q);
+                    continue;
+                }
+
+	            /*
+                 * Require a minimum weight of the NAF representation, since low-weight composites may
+	             * be weak against a version of the number-field-sieve for factoring.
+	             *
+	             * See "The number field sieve for integers of low weight", Oliver Schirokauer.
+	             */
+                if (WNafUtil.getNafWeight(n) < minWeight)
+                {
+                    p = chooseRandomPrime(pbitlength, e, squaredBound);
+                    continue;
+                }
+
+                break;
+            }
+
+            if (p.compareTo(q) < 0)
+            {
+                gcd = p;
+                p = q;
+                q = gcd;
+            }
+
+            pSub1 = p.subtract(ONE);
+            qSub1 = q.subtract(ONE);
+            gcd = pSub1.gcd(qSub1);
+            lcm = pSub1.divide(gcd).multiply(qSub1);
+
+            //
+            // calculate the private exponent
+            //
+            d = e.modInverse(lcm);
+
+            if (d.compareTo(dLowerBound) <= 0)
+            {
+                continue;
+            }
+            else
+            {
+                done = true;
+            }
+
+            //
+            // calculate the CRT factors
+            //
+            BigInteger dP, dQ, qInv;
+
+            dP = d.remainder(pSub1);
+            dQ = d.remainder(qSub1);
+            qInv = q.modInverse(p);
+
+            result = new AsymmetricCipherKeyPair(
+                new RSAKeyParameters(false, n, e),
+                new RSAPrivateCrtKeyParameters(n, e, d, p, q, dP, dQ, qInv));
+        }
+
+        return result;
+    }
+
+    /**
+     * Choose a random prime value for use with RSA
+     *
+     * @param bitlength the bit-length of the returned prime
+     * @param e         the RSA public exponent
+     * @return A prime p, with (p-1) relatively prime to e
+     */
+    protected BigInteger chooseRandomPrime(int bitlength, BigInteger e, BigInteger sqrdBound)
+    {
+        for (int i = 0; i != 5 * bitlength; i++)
+        {
+            BigInteger p = BigIntegers.createRandomPrime(bitlength, 1, param.getRandom());
+
+            if (p.mod(e).equals(ONE))
+            {
+                continue;
+            }
+
+            if (p.multiply(p).compareTo(sqrdBound) < 0)
+            {
+                continue;
+            }
+
+            if (!isProbablePrime(p))
+            {
+                continue;
+            }
+
+            if (!e.gcd(p.subtract(ONE)).equals(ONE))
+            {
+                continue;
+            }
+
+            return p;
+        }
+
+        throw new IllegalStateException("unable to generate prime number for RSA key");
+    }
+
+    protected boolean isProbablePrime(BigInteger x)
+    {
+        int iterations = getNumberOfIterations(x.bitLength(), param.getCertainty());
+
+        /*
+         * Primes class for FIPS 186-4 C.3 primality checking
+         */
+        return !Primes.hasAnySmallFactors(x) && Primes.isMRProbablePrime(x, param.getRandom(), iterations);
+    }
+
+    private static int getNumberOfIterations(int bits, int certainty)
+    {
+        /*
+         * NOTE: We enforce a minimum 'certainty' of 100 for bits >= 1024 (else 80). Where the
+         * certainty is higher than the FIPS 186-4 tables (C.2/C.3) cater to, extra iterations
+         * are added at the "worst case rate" for the excess.
+         */
+        if (bits >= 1536)
+        {
+            return  certainty <= 100 ? 3
+                :   certainty <= 128 ? 4
+                :   4 + (certainty - 128 + 1) / 2;
+        }
+        else if (bits >= 1024)
+        {
+            return  certainty <= 100 ? 4
+                :   certainty <= 112 ? 5
+                :   5 + (certainty - 112 + 1) / 2;
+        }
+        else if (bits >= 512)
+        {
+            return  certainty <= 80  ? 5
+                :   certainty <= 100 ? 7
+                :   7 + (certainty - 100 + 1) / 2;
+        }
+        else
+        {
+            return  certainty <= 80  ? 40
+                :   40 + (certainty - 80 + 1) / 2;
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/io/DigestInputStream.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/io/DigestInputStream.java
new file mode 100644
index 0000000..cd4a189
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/io/DigestInputStream.java

@@ -0,0 +1,56 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.io;
+
+import java.io.FilterInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+
+import com.android.org.bouncycastle.crypto.Digest;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DigestInputStream
+    extends FilterInputStream
+{
+    protected Digest digest;
+
+    public DigestInputStream(
+        InputStream stream,
+        Digest      digest)
+    {
+        super(stream);
+        this.digest = digest;
+    }
+
+    public int read()
+        throws IOException
+    {
+        int b = in.read();
+
+        if (b >= 0)
+        {
+            digest.update((byte)b);
+        }
+        return b;
+    }
+
+    public int read(
+        byte[] b,
+        int off,
+        int len)
+        throws IOException
+    {
+        int n = in.read(b, off, len);
+        if (n > 0)
+        {
+            digest.update(b, off, n);
+        }
+        return n;
+    }
+
+    public Digest getDigest()
+    {
+        return digest;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/io/DigestOutputStream.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/io/DigestOutputStream.java
new file mode 100644
index 0000000..06f05d7
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/io/DigestOutputStream.java

@@ -0,0 +1,46 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.io;
+
+import java.io.IOException;
+import java.io.OutputStream;
+
+import com.android.org.bouncycastle.crypto.Digest;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DigestOutputStream
+    extends OutputStream
+{
+    protected Digest digest;
+
+    public DigestOutputStream(
+        Digest          Digest)
+    {
+        this.digest = Digest;
+    }
+
+    public void write(int b)
+        throws IOException
+    {
+        digest.update((byte)b);
+    }
+
+    public void write(
+        byte[] b,
+        int off,
+        int len)
+        throws IOException
+    {
+        digest.update(b, off, len);
+    }
+
+    public byte[] getDigest()
+    {
+        byte[] res = new byte[digest.getDigestSize()];
+        
+        digest.doFinal(res, 0);
+        
+        return res;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/io/MacInputStream.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/io/MacInputStream.java
new file mode 100644
index 0000000..0278fe7
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/io/MacInputStream.java

@@ -0,0 +1,56 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.io;
+
+import java.io.FilterInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+
+import com.android.org.bouncycastle.crypto.Mac;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class MacInputStream
+    extends FilterInputStream
+{
+    protected Mac mac;
+
+    public MacInputStream(
+        InputStream stream,
+        Mac         mac)
+    {
+        super(stream);
+        this.mac = mac;
+    }
+
+    public int read()
+        throws IOException
+    {
+        int b = in.read();
+
+        if (b >= 0)
+        {
+            mac.update((byte)b);
+        }
+        return b;
+    }
+
+    public int read(
+        byte[] b,
+        int off,
+        int len)
+        throws IOException
+    {
+        int n = in.read(b, off, len);
+        if (n >= 0)
+        {
+            mac.update(b, off, n);
+        }
+        return n;
+    }
+
+    public Mac getMac()
+    {
+        return mac;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/io/MacOutputStream.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/io/MacOutputStream.java
new file mode 100644
index 0000000..47e7d8e
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/io/MacOutputStream.java

@@ -0,0 +1,46 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.io;
+
+import java.io.IOException;
+import java.io.OutputStream;
+
+import com.android.org.bouncycastle.crypto.Mac;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class MacOutputStream
+    extends OutputStream
+{
+    protected Mac mac;
+
+    public MacOutputStream(
+        Mac          mac)
+    {
+        this.mac = mac;
+    }
+
+    public void write(int b)
+        throws IOException
+    {
+        mac.update((byte)b);
+    }
+
+    public void write(
+        byte[] b,
+        int off,
+        int len)
+        throws IOException
+    {
+        mac.update(b, off, len);
+    }
+
+    public byte[] getMac()
+    {
+        byte[] res = new byte[mac.getMacSize()];
+
+        mac.doFinal(res, 0);
+
+        return res;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/macs/CBCBlockCipherMac.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/macs/CBCBlockCipherMac.java
new file mode 100644
index 0000000..8569ea0
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/macs/CBCBlockCipherMac.java

@@ -0,0 +1,231 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.macs;
+
+import com.android.org.bouncycastle.crypto.BlockCipher;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.Mac;
+import com.android.org.bouncycastle.crypto.modes.CBCBlockCipher;
+import com.android.org.bouncycastle.crypto.paddings.BlockCipherPadding;
+
+/**
+ * standard CBC Block Cipher MAC - if no padding is specified the default of
+ * pad of zeroes is used.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class CBCBlockCipherMac
+    implements Mac
+{
+    private byte[]              mac;
+
+    private byte[]              buf;
+    private int                 bufOff;
+    private BlockCipher         cipher;
+    private BlockCipherPadding  padding;
+
+    private int                 macSize;
+
+    /**
+     * create a standard MAC based on a CBC block cipher. This will produce an
+     * authentication code half the length of the block size of the cipher.
+     *
+     * @param cipher the cipher to be used as the basis of the MAC generation.
+     */
+    public CBCBlockCipherMac(
+        BlockCipher     cipher)
+    {
+        this(cipher, (cipher.getBlockSize() * 8) / 2, null);
+    }
+
+    /**
+     * create a standard MAC based on a CBC block cipher. This will produce an
+     * authentication code half the length of the block size of the cipher.
+     *
+     * @param cipher the cipher to be used as the basis of the MAC generation.
+     * @param padding the padding to be used to complete the last block.
+     */
+    public CBCBlockCipherMac(
+        BlockCipher         cipher,
+        BlockCipherPadding  padding)
+    {
+        this(cipher, (cipher.getBlockSize() * 8) / 2, padding);
+    }
+
+    /**
+     * create a standard MAC based on a block cipher with the size of the
+     * MAC been given in bits. This class uses CBC mode as the basis for the
+     * MAC generation.
+     * <p>
+     * Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
+     * or 16 bits if being used as a data authenticator (FIPS Publication 113),
+     * and in general should be less than the size of the block cipher as it reduces
+     * the chance of an exhaustive attack (see Handbook of Applied Cryptography).
+     *
+     * @param cipher the cipher to be used as the basis of the MAC generation.
+     * @param macSizeInBits the size of the MAC in bits, must be a multiple of 8.
+     */
+    public CBCBlockCipherMac(
+        BlockCipher     cipher,
+        int             macSizeInBits)
+    {
+        this(cipher, macSizeInBits, null);
+    }
+
+    /**
+     * create a standard MAC based on a block cipher with the size of the
+     * MAC been given in bits. This class uses CBC mode as the basis for the
+     * MAC generation.
+     * <p>
+     * Note: the size of the MAC must be at least 24 bits (FIPS Publication 81),
+     * or 16 bits if being used as a data authenticator (FIPS Publication 113),
+     * and in general should be less than the size of the block cipher as it reduces
+     * the chance of an exhaustive attack (see Handbook of Applied Cryptography).
+     *
+     * @param cipher the cipher to be used as the basis of the MAC generation.
+     * @param macSizeInBits the size of the MAC in bits, must be a multiple of 8.
+     * @param padding the padding to be used to complete the last block.
+     */
+    public CBCBlockCipherMac(
+        BlockCipher         cipher,
+        int                 macSizeInBits,
+        BlockCipherPadding  padding)
+    {
+        if ((macSizeInBits % 8) != 0)
+        {
+            throw new IllegalArgumentException("MAC size must be multiple of 8");
+        }
+
+        this.cipher = new CBCBlockCipher(cipher);
+        this.padding = padding;
+        this.macSize = macSizeInBits / 8;
+
+        mac = new byte[cipher.getBlockSize()];
+
+        buf = new byte[cipher.getBlockSize()];
+        bufOff = 0;
+    }
+
+    public String getAlgorithmName()
+    {
+        return cipher.getAlgorithmName();
+    }
+
+    public void init(
+        CipherParameters    params)
+    {
+        reset();
+
+        cipher.init(true, params);
+    }
+
+    public int getMacSize()
+    {
+        return macSize;
+    }
+
+    public void update(
+        byte        in)
+    {
+        if (bufOff == buf.length)
+        {
+            cipher.processBlock(buf, 0, mac, 0);
+            bufOff = 0;
+        }
+
+        buf[bufOff++] = in;
+    }
+
+    public void update(
+        byte[]      in,
+        int         inOff,
+        int         len)
+    {
+        if (len < 0)
+        {
+            throw new IllegalArgumentException("Can't have a negative input length!");
+        }
+
+        int blockSize = cipher.getBlockSize();
+        int gapLen = blockSize - bufOff;
+
+        if (len > gapLen)
+        {
+            System.arraycopy(in, inOff, buf, bufOff, gapLen);
+
+            cipher.processBlock(buf, 0, mac, 0);
+
+            bufOff = 0;
+            len -= gapLen;
+            inOff += gapLen;
+
+            while (len > blockSize)
+            {
+                cipher.processBlock(in, inOff, mac, 0);
+
+                len -= blockSize;
+                inOff += blockSize;
+            }
+        }
+
+        System.arraycopy(in, inOff, buf, bufOff, len);
+
+        bufOff += len;
+    }
+
+    public int doFinal(
+        byte[]  out,
+        int     outOff)
+    {
+        int blockSize = cipher.getBlockSize();
+
+        if (padding == null)
+        {
+            //
+            // pad with zeroes
+            //
+            while (bufOff < blockSize)
+            {
+                buf[bufOff] = 0;
+                bufOff++;
+            }
+        }
+        else
+        {
+            if (bufOff == blockSize)
+            {
+                cipher.processBlock(buf, 0, mac, 0);
+                bufOff = 0;
+            }
+
+            padding.addPadding(buf, bufOff);
+        }
+
+        cipher.processBlock(buf, 0, mac, 0);
+
+        System.arraycopy(mac, 0, out, outOff, macSize);
+
+        reset();
+
+        return macSize;
+    }
+
+    /**
+     * Reset the mac generator.
+     */
+    public void reset()
+    {
+        /*
+         * clean the buffer.
+         */
+        for (int i = 0; i < buf.length; i++)
+        {
+            buf[i] = 0;
+        }
+
+        bufOff = 0;
+
+        /*
+         * reset the underlying cipher.
+         */
+        cipher.reset();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/macs/HMac.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/macs/HMac.java
new file mode 100644
index 0000000..a77a0e8
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/macs/HMac.java

@@ -0,0 +1,239 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.macs;
+
+import java.util.Hashtable;
+
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.Digest;
+import com.android.org.bouncycastle.crypto.ExtendedDigest;
+import com.android.org.bouncycastle.crypto.Mac;
+import com.android.org.bouncycastle.crypto.params.KeyParameter;
+import com.android.org.bouncycastle.util.Integers;
+import com.android.org.bouncycastle.util.Memoable;
+
+/**
+ * HMAC implementation based on RFC2104
+ *
+ * H(K XOR opad, H(K XOR ipad, text))
+ * @hide This class is not part of the Android public SDK API
+ */
+public class HMac
+    implements Mac
+{
+    private final static byte IPAD = (byte)0x36;
+    private final static byte OPAD = (byte)0x5C;
+
+    private Digest digest;
+    private int digestSize;
+    private int blockLength;
+    private Memoable ipadState;
+    private Memoable opadState;
+
+    private byte[] inputPad;
+    private byte[] outputBuf;
+
+    private static Hashtable blockLengths;
+    
+    static
+    {
+        blockLengths = new Hashtable();
+        
+        // BEGIN Android-removed: Unsupported algorithms
+        // blockLengths.put("GOST3411", Integers.valueOf(32));
+        //
+        // blockLengths.put("MD2", Integers.valueOf(16));
+        // blockLengths.put("MD4", Integers.valueOf(64));
+        // END Android-removed: Unsupported algorithms
+        blockLengths.put("MD5", Integers.valueOf(64));
+
+        // BEGIN Android-removed: Unsupported algorithms
+        // blockLengths.put("RIPEMD128", Integers.valueOf(64));
+        // blockLengths.put("RIPEMD160", Integers.valueOf(64));
+        // END Android-removed: Unsupported algorithms
+        
+        blockLengths.put("SHA-1", Integers.valueOf(64));
+        blockLengths.put("SHA-224", Integers.valueOf(64));
+        blockLengths.put("SHA-256", Integers.valueOf(64));
+        blockLengths.put("SHA-384", Integers.valueOf(128));
+        blockLengths.put("SHA-512", Integers.valueOf(128));
+
+        // BEGIN Android-removed: Unsupported algorithms
+        // blockLengths.put("Tiger", Integers.valueOf(64));
+        // blockLengths.put("Whirlpool", Integers.valueOf(64));
+        // END Android-removed: Unsupported algorithms
+    }
+    
+    private static int getByteLength(
+        Digest digest)
+    {
+        if (digest instanceof ExtendedDigest)
+        {
+            return ((ExtendedDigest)digest).getByteLength();
+        }
+        
+        Integer  b = (Integer)blockLengths.get(digest.getAlgorithmName());
+        
+        if (b == null)
+        {       
+            throw new IllegalArgumentException("unknown digest passed: " + digest.getAlgorithmName());
+        }
+        
+        return b.intValue();
+    }
+    
+    /**
+     * Base constructor for one of the standard digest algorithms that the 
+     * byteLength of the algorithm is know for.
+     * 
+     * @param digest the digest.
+     */
+    public HMac(
+        Digest digest)
+    {
+        this(digest, getByteLength(digest));
+    }
+
+    private HMac(
+        Digest digest,
+        int    byteLength)
+    {
+        this.digest = digest;
+        this.digestSize = digest.getDigestSize();
+        this.blockLength = byteLength;
+        this.inputPad = new byte[blockLength];
+        this.outputBuf = new byte[blockLength + digestSize];
+    }
+
+    public String getAlgorithmName()
+    {
+        return digest.getAlgorithmName() + "/HMAC";
+    }
+
+    public Digest getUnderlyingDigest()
+    {
+        return digest;
+    }
+
+    public void init(
+        CipherParameters params)
+    {
+        digest.reset();
+
+        byte[] key = ((KeyParameter)params).getKey();
+        int keyLength = key.length;
+
+        if (keyLength > blockLength)
+        {
+            digest.update(key, 0, keyLength);
+            digest.doFinal(inputPad, 0);
+            
+            keyLength = digestSize;
+        }
+        else
+        {
+            System.arraycopy(key, 0, inputPad, 0, keyLength);
+        }
+
+        for (int i = keyLength; i < inputPad.length; i++)
+        {
+            inputPad[i] = 0;
+        }
+
+        System.arraycopy(inputPad, 0, outputBuf, 0, blockLength);
+
+        xorPad(inputPad, blockLength, IPAD);
+        xorPad(outputBuf, blockLength, OPAD);
+
+        if (digest instanceof Memoable)
+        {
+            opadState = ((Memoable)digest).copy();
+
+            ((Digest)opadState).update(outputBuf, 0, blockLength);
+        }
+
+        digest.update(inputPad, 0, inputPad.length);
+
+        if (digest instanceof Memoable)
+        {
+            ipadState = ((Memoable)digest).copy();
+        }
+    }
+
+    public int getMacSize()
+    {
+        return digestSize;
+    }
+
+    public void update(
+        byte in)
+    {
+        digest.update(in);
+    }
+
+    public void update(
+        byte[] in,
+        int inOff,
+        int len)
+    {
+        digest.update(in, inOff, len);
+    }
+
+    public int doFinal(
+        byte[] out,
+        int outOff)
+    {
+        digest.doFinal(outputBuf, blockLength);
+
+        if (opadState != null)
+        {
+            ((Memoable)digest).reset(opadState);
+            digest.update(outputBuf, blockLength, digest.getDigestSize());
+        }
+        else
+        {
+            digest.update(outputBuf, 0, outputBuf.length);
+        }
+
+        int len = digest.doFinal(out, outOff);
+
+        for (int i = blockLength; i < outputBuf.length; i++)
+        {
+            outputBuf[i] = 0;
+        }
+
+        if (ipadState != null)
+        {
+            ((Memoable)digest).reset(ipadState);
+        }
+        else
+        {
+            digest.update(inputPad, 0, inputPad.length);
+        }
+
+        return len;
+    }
+
+    /**
+     * Reset the mac generator.
+     */
+    public void reset()
+    {
+        /*
+         * reset the underlying digest.
+         */
+        digest.reset();
+
+        /*
+         * reinitialize the digest.
+         */
+        digest.update(inputPad, 0, inputPad.length);
+    }
+
+    private static void xorPad(byte[] pad, int len, byte n)
+    {
+        for (int i = 0; i < len; ++i)
+        {
+            pad[i] ^= n;
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/AEADBlockCipher.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/AEADBlockCipher.java
new file mode 100644
index 0000000..f5a6179
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/AEADBlockCipher.java

@@ -0,0 +1,148 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.modes;
+
+import com.android.org.bouncycastle.crypto.BlockCipher;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.DataLengthException;
+import com.android.org.bouncycastle.crypto.InvalidCipherTextException;
+
+/**
+ * A block cipher mode that includes authenticated encryption with a streaming mode and optional associated data.
+ * <p>
+ * Implementations of this interface may operate in a packet mode (where all input data is buffered and 
+ * processed dugin the call to {@link #doFinal(byte[], int)}), or in a streaming mode (where output data is
+ * incrementally produced with each call to {@link #processByte(byte, byte[], int)} or 
+ * {@link #processBytes(byte[], int, int, byte[], int)}.
+ * </p>
+ * This is important to consider during decryption: in a streaming mode, unauthenticated plaintext data
+ * may be output prior to the call to {@link #doFinal(byte[], int)} that results in an authentication
+ * failure. The higher level protocol utilising this cipher must ensure the plaintext data is handled 
+ * appropriately until the end of data is reached and the entire ciphertext is authenticated.
+ * @see com.android.org.bouncycastle.crypto.params.AEADParameters
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface AEADBlockCipher
+{
+    /**
+     * initialise the underlying cipher. Parameter can either be an AEADParameters or a ParametersWithIV object.
+     *
+     * @param forEncryption true if we are setting up for encryption, false otherwise.
+     * @param params the necessary parameters for the underlying cipher to be initialised.
+     * @exception IllegalArgumentException if the params argument is inappropriate.
+     */
+    public void init(boolean forEncryption, CipherParameters params)
+        throws IllegalArgumentException;
+
+    /**
+     * Return the name of the algorithm.
+     * 
+     * @return the algorithm name.
+     */
+    public String getAlgorithmName();
+
+    /**
+     * return the cipher this object wraps.
+     *
+     * @return the cipher this object wraps.
+     */
+    public BlockCipher getUnderlyingCipher();
+
+    /**
+     * Add a single byte to the associated data check.
+     * <br>If the implementation supports it, this will be an online operation and will not retain the associated data.
+     *
+     * @param in the byte to be processed.
+     */
+    public void processAADByte(byte in);
+
+    /**
+     * Add a sequence of bytes to the associated data check.
+     * <br>If the implementation supports it, this will be an online operation and will not retain the associated data.
+     *
+     * @param in the input byte array.
+     * @param inOff the offset into the in array where the data to be processed starts.
+     * @param len the number of bytes to be processed.
+     */
+    public void processAADBytes(byte[] in, int inOff, int len);
+
+    /**
+     * encrypt/decrypt a single byte.
+     *
+     * @param in the byte to be processed.
+     * @param out the output buffer the processed byte goes into.
+     * @param outOff the offset into the output byte array the processed data starts at.
+     * @return the number of bytes written to out.
+     * @exception DataLengthException if the output buffer is too small.
+     */
+    public int processByte(byte in, byte[] out, int outOff)
+        throws DataLengthException;
+
+    /**
+     * process a block of bytes from in putting the result into out.
+     *
+     * @param in the input byte array.
+     * @param inOff the offset into the in array where the data to be processed starts.
+     * @param len the number of bytes to be processed.
+     * @param out the output buffer the processed bytes go into.
+     * @param outOff the offset into the output byte array the processed data starts at.
+     * @return the number of bytes written to out.
+     * @exception DataLengthException if the output buffer is too small.
+     */
+    public int processBytes(byte[] in, int inOff, int len, byte[] out, int outOff)
+        throws DataLengthException;
+
+    /**
+     * Finish the operation either appending or verifying the MAC at the end of the data.
+     *
+     * @param out space for any resulting output data.
+     * @param outOff offset into out to start copying the data at.
+     * @return number of bytes written into out.
+     * @throws IllegalStateException if the cipher is in an inappropriate state.
+     * @throws com.android.org.bouncycastle.crypto.InvalidCipherTextException if the MAC fails to match.
+     */
+    public int doFinal(byte[] out, int outOff)
+        throws IllegalStateException, InvalidCipherTextException;
+
+    /**
+     * Return the value of the MAC associated with the last stream processed.
+     *
+     * @return MAC for plaintext data.
+     */
+    public byte[] getMac();
+
+    /**
+     * return the size of the output buffer required for a processBytes
+     * an input of len bytes.
+     * <p>
+     * The returned size may be dependent on the initialisation of this cipher
+     * and may not be accurate once subsequent input data is processed - this method
+     * should be invoked immediately prior to input data being processed.
+     * </p>
+     *
+     * @param len the length of the input.
+     * @return the space required to accommodate a call to processBytes
+     * with len bytes of input.
+     */
+    public int getUpdateOutputSize(int len);
+
+    /**
+     * return the size of the output buffer required for a processBytes plus a
+     * doFinal with an input of len bytes.
+     * <p>
+     * The returned size may be dependent on the initialisation of this cipher
+     * and may not be accurate once subsequent input data is processed - this method
+     * should be invoked immediately prior to a call to final processing of input data
+     * and a call to {@link #doFinal(byte[], int)}.
+     * </p>
+     * @param len the length of the input.
+     * @return the space required to accommodate a call to processBytes and doFinal
+     * with len bytes of input.
+     */
+    public int getOutputSize(int len);
+
+    /**
+     * Reset the cipher. After resetting the cipher is in the same state
+     * as it was after the last init (if there was one).
+     */
+    public void reset();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/CBCBlockCipher.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/CBCBlockCipher.java
new file mode 100644
index 0000000..765d4c0
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/CBCBlockCipher.java

@@ -0,0 +1,255 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.modes;
+
+import com.android.org.bouncycastle.crypto.BlockCipher;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.DataLengthException;
+import com.android.org.bouncycastle.crypto.params.ParametersWithIV;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * implements Cipher-Block-Chaining (CBC) mode on top of a simple cipher.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class CBCBlockCipher
+    implements BlockCipher
+{
+    private byte[]          IV;
+    private byte[]          cbcV;
+    private byte[]          cbcNextV;
+
+    private int             blockSize;
+    private BlockCipher     cipher = null;
+    private boolean         encrypting;
+
+    /**
+     * Basic constructor.
+     *
+     * @param cipher the block cipher to be used as the basis of chaining.
+     */
+    public CBCBlockCipher(
+        BlockCipher cipher)
+    {
+        this.cipher = cipher;
+        this.blockSize = cipher.getBlockSize();
+
+        this.IV = new byte[blockSize];
+        this.cbcV = new byte[blockSize];
+        this.cbcNextV = new byte[blockSize];
+    }
+
+    /**
+     * return the underlying block cipher that we are wrapping.
+     *
+     * @return the underlying block cipher that we are wrapping.
+     */
+    public BlockCipher getUnderlyingCipher()
+    {
+        return cipher;
+    }
+
+    /**
+     * Initialise the cipher and, possibly, the initialisation vector (IV).
+     * If an IV isn't passed as part of the parameter, the IV will be all zeros.
+     *
+     * @param encrypting if true the cipher is initialised for
+     *  encryption, if false for decryption.
+     * @param params the key and other data required by the cipher.
+     * @exception IllegalArgumentException if the params argument is
+     * inappropriate.
+     */
+    public void init(
+        boolean             encrypting,
+        CipherParameters    params)
+        throws IllegalArgumentException
+    {
+        boolean oldEncrypting = this.encrypting;
+
+        this.encrypting = encrypting;
+
+        if (params instanceof ParametersWithIV)
+        {
+            ParametersWithIV ivParam = (ParametersWithIV)params;
+            byte[] iv = ivParam.getIV();
+
+            if (iv.length != blockSize)
+            {
+                throw new IllegalArgumentException("initialisation vector must be the same length as block size");
+            }
+
+            System.arraycopy(iv, 0, IV, 0, iv.length);
+
+            reset();
+
+            // if null it's an IV changed only.
+            if (ivParam.getParameters() != null)
+            {
+                cipher.init(encrypting, ivParam.getParameters());
+            }
+            else if (oldEncrypting != encrypting)
+            {
+                throw new IllegalArgumentException("cannot change encrypting state without providing key.");
+            }
+        }
+        else
+        {
+            reset();
+
+            // if it's null, key is to be reused.
+            if (params != null)
+            {
+                cipher.init(encrypting, params);
+            }
+            else if (oldEncrypting != encrypting)
+            {
+                throw new IllegalArgumentException("cannot change encrypting state without providing key.");
+            }
+        }
+    }
+
+    /**
+     * return the algorithm name and mode.
+     *
+     * @return the name of the underlying algorithm followed by "/CBC".
+     */
+    public String getAlgorithmName()
+    {
+        return cipher.getAlgorithmName() + "/CBC";
+    }
+
+    /**
+     * return the block size of the underlying cipher.
+     *
+     * @return the block size of the underlying cipher.
+     */
+    public int getBlockSize()
+    {
+        return cipher.getBlockSize();
+    }
+
+    /**
+     * Process one block of input from the array in and write it to
+     * the out array.
+     *
+     * @param in the array containing the input data.
+     * @param inOff offset into the in array the data starts at.
+     * @param out the array the output data will be copied into.
+     * @param outOff the offset into the out array the output will start at.
+     * @exception DataLengthException if there isn't enough data in in, or
+     * space in out.
+     * @exception IllegalStateException if the cipher isn't initialised.
+     * @return the number of bytes processed and produced.
+     */
+    public int processBlock(
+        byte[]      in,
+        int         inOff,
+        byte[]      out,
+        int         outOff)
+        throws DataLengthException, IllegalStateException
+    {
+        return (encrypting) ? encryptBlock(in, inOff, out, outOff) : decryptBlock(in, inOff, out, outOff);
+    }
+
+    /**
+     * reset the chaining vector back to the IV and reset the underlying
+     * cipher.
+     */
+    public void reset()
+    {
+        System.arraycopy(IV, 0, cbcV, 0, IV.length);
+        Arrays.fill(cbcNextV, (byte)0);
+
+        cipher.reset();
+    }
+
+    /**
+     * Do the appropriate chaining step for CBC mode encryption.
+     *
+     * @param in the array containing the data to be encrypted.
+     * @param inOff offset into the in array the data starts at.
+     * @param out the array the encrypted data will be copied into.
+     * @param outOff the offset into the out array the output will start at.
+     * @exception DataLengthException if there isn't enough data in in, or
+     * space in out.
+     * @exception IllegalStateException if the cipher isn't initialised.
+     * @return the number of bytes processed and produced.
+     */
+    private int encryptBlock(
+        byte[]      in,
+        int         inOff,
+        byte[]      out,
+        int         outOff)
+        throws DataLengthException, IllegalStateException
+    {
+        if ((inOff + blockSize) > in.length)
+        {
+            throw new DataLengthException("input buffer too short");
+        }
+
+        /*
+         * XOR the cbcV and the input,
+         * then encrypt the cbcV
+         */
+        for (int i = 0; i < blockSize; i++)
+        {
+            cbcV[i] ^= in[inOff + i];
+        }
+
+        int length = cipher.processBlock(cbcV, 0, out, outOff);
+
+        /*
+         * copy ciphertext to cbcV
+         */
+        System.arraycopy(out, outOff, cbcV, 0, cbcV.length);
+
+        return length;
+    }
+
+    /**
+     * Do the appropriate chaining step for CBC mode decryption.
+     *
+     * @param in the array containing the data to be decrypted.
+     * @param inOff offset into the in array the data starts at.
+     * @param out the array the decrypted data will be copied into.
+     * @param outOff the offset into the out array the output will start at.
+     * @exception DataLengthException if there isn't enough data in in, or
+     * space in out.
+     * @exception IllegalStateException if the cipher isn't initialised.
+     * @return the number of bytes processed and produced.
+     */
+    private int decryptBlock(
+        byte[]      in,
+        int         inOff,
+        byte[]      out,
+        int         outOff)
+        throws DataLengthException, IllegalStateException
+    {
+        if ((inOff + blockSize) > in.length)
+        {
+            throw new DataLengthException("input buffer too short");
+        }
+
+        System.arraycopy(in, inOff, cbcNextV, 0, blockSize);
+
+        int length = cipher.processBlock(in, inOff, out, outOff);
+
+        /*
+         * XOR the cbcV and the output
+         */
+        for (int i = 0; i < blockSize; i++)
+        {
+            out[outOff + i] ^= cbcV[i];
+        }
+
+        /*
+         * swap the back up buffer into next position
+         */
+        byte[]  tmp;
+
+        tmp = cbcV;
+        cbcV = cbcNextV;
+        cbcNextV = tmp;
+
+        return length;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/CCMBlockCipher.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/CCMBlockCipher.java
new file mode 100644
index 0000000..9a74fc3
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/CCMBlockCipher.java

@@ -0,0 +1,461 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.modes;
+
+import java.io.ByteArrayOutputStream;
+
+import com.android.org.bouncycastle.crypto.BlockCipher;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.DataLengthException;
+import com.android.org.bouncycastle.crypto.InvalidCipherTextException;
+import com.android.org.bouncycastle.crypto.Mac;
+import com.android.org.bouncycastle.crypto.OutputLengthException;
+import com.android.org.bouncycastle.crypto.macs.CBCBlockCipherMac;
+import com.android.org.bouncycastle.crypto.params.AEADParameters;
+import com.android.org.bouncycastle.crypto.params.ParametersWithIV;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * Implements the Counter with Cipher Block Chaining mode (CCM) detailed in
+ * NIST Special Publication 800-38C.
+ * <p>
+ * <b>Note</b>: this mode is a packet mode - it needs all the data up front.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class CCMBlockCipher
+    implements AEADBlockCipher
+{
+    private BlockCipher           cipher;
+    private int                   blockSize;
+    private boolean               forEncryption;
+    private byte[]                nonce;
+    private byte[]                initialAssociatedText;
+    private int                   macSize;
+    private CipherParameters      keyParam;
+    private byte[]                macBlock;
+    private ExposedByteArrayOutputStream associatedText = new ExposedByteArrayOutputStream();
+    private ExposedByteArrayOutputStream data = new ExposedByteArrayOutputStream();
+
+    /**
+     * Basic constructor.
+     *
+     * @param c the block cipher to be used.
+     */
+    public CCMBlockCipher(BlockCipher c)
+    {
+        this.cipher = c;
+        this.blockSize = c.getBlockSize();
+        this.macBlock = new byte[blockSize];
+
+        if (blockSize != 16)
+        {
+            throw new IllegalArgumentException("cipher required with a block size of 16.");
+        }
+    }
+
+    /**
+     * return the underlying block cipher that we are wrapping.
+     *
+     * @return the underlying block cipher that we are wrapping.
+     */
+    public BlockCipher getUnderlyingCipher()
+    {
+        return cipher;
+    }
+
+
+    public void init(boolean forEncryption, CipherParameters params)
+          throws IllegalArgumentException
+    {
+        this.forEncryption = forEncryption;
+
+        CipherParameters cipherParameters;
+        if (params instanceof AEADParameters)
+        {
+            AEADParameters param = (AEADParameters)params;
+
+            nonce = param.getNonce();
+            initialAssociatedText = param.getAssociatedText();
+            macSize = param.getMacSize() / 8;
+            cipherParameters = param.getKey();
+        }
+        else if (params instanceof ParametersWithIV)
+        {
+            ParametersWithIV param = (ParametersWithIV)params;
+
+            nonce = param.getIV();
+            initialAssociatedText = null;
+            macSize = macBlock.length / 2;
+            cipherParameters = param.getParameters();
+        }
+        else
+        {
+            throw new IllegalArgumentException("invalid parameters passed to CCM: " + params.getClass().getName());
+        }
+
+        // NOTE: Very basic support for key re-use, but no performance gain from it
+        if (cipherParameters != null)
+        {
+            keyParam = cipherParameters;
+        }
+
+        if (nonce == null || nonce.length < 7 || nonce.length > 13)
+        {
+            throw new IllegalArgumentException("nonce must have length from 7 to 13 octets");
+        }
+
+        reset();
+    }
+
+    public String getAlgorithmName()
+    {
+        return cipher.getAlgorithmName() + "/CCM";
+    }
+
+    public void processAADByte(byte in)
+    {
+        associatedText.write(in);
+    }
+
+    public void processAADBytes(byte[] in, int inOff, int len)
+    {
+        // TODO: Process AAD online
+        associatedText.write(in, inOff, len);
+    }
+
+    public int processByte(byte in, byte[] out, int outOff)
+        throws DataLengthException, IllegalStateException
+    {
+        data.write(in);
+
+        return 0;
+    }
+
+    public int processBytes(byte[] in, int inOff, int inLen, byte[] out, int outOff)
+        throws DataLengthException, IllegalStateException
+    {
+        if (in.length < (inOff + inLen))
+        {
+            throw new DataLengthException("Input buffer too short");
+        }
+        data.write(in, inOff, inLen);
+
+        return 0;
+    }
+
+    public int doFinal(byte[] out, int outOff)
+        throws IllegalStateException, InvalidCipherTextException
+    {
+        int len = processPacket(data.getBuffer(), 0, data.size(), out, outOff);
+
+        reset();
+
+        return len;
+    }
+
+    public void reset()
+    {
+        cipher.reset();
+        associatedText.reset();
+        data.reset();
+    }
+
+    /**
+     * Returns a byte array containing the mac calculated as part of the
+     * last encrypt or decrypt operation.
+     *
+     * @return the last mac calculated.
+     */
+    public byte[] getMac()
+    {
+        byte[] mac = new byte[macSize];
+
+        System.arraycopy(macBlock, 0, mac, 0, mac.length);
+
+        return mac;
+    }
+
+    public int getUpdateOutputSize(int len)
+    {
+        return 0;
+    }
+
+    public int getOutputSize(int len)
+    {
+        int totalData = len + data.size();
+
+        if (forEncryption)
+        {
+             return totalData + macSize;
+        }
+
+        return totalData < macSize ? 0 : totalData - macSize;
+    }
+
+    /**
+     * Process a packet of data for either CCM decryption or encryption.
+     *
+     * @param in data for processing.
+     * @param inOff offset at which data starts in the input array.
+     * @param inLen length of the data in the input array.
+     * @return a byte array containing the processed input..
+     * @throws IllegalStateException if the cipher is not appropriately set up.
+     * @throws InvalidCipherTextException if the input data is truncated or the mac check fails.
+     */
+    public byte[] processPacket(byte[] in, int inOff, int inLen)
+        throws IllegalStateException, InvalidCipherTextException
+    {
+        byte[] output;
+
+        if (forEncryption)
+        {
+            output = new byte[inLen + macSize];
+        }
+        else
+        {
+            if (inLen < macSize)
+            {
+                throw new InvalidCipherTextException("data too short");
+            }
+            output = new byte[inLen - macSize];
+        }
+
+        processPacket(in, inOff, inLen, output, 0);
+
+        return output;
+    }
+
+    /**
+     * Process a packet of data for either CCM decryption or encryption.
+     *
+     * @param in data for processing.
+     * @param inOff offset at which data starts in the input array.
+     * @param inLen length of the data in the input array.
+     * @param output output array.
+     * @param outOff offset into output array to start putting processed bytes.
+     * @return the number of bytes added to output.
+     * @throws IllegalStateException if the cipher is not appropriately set up.
+     * @throws InvalidCipherTextException if the input data is truncated or the mac check fails.
+     * @throws DataLengthException if output buffer too short.
+     */
+    public int processPacket(byte[] in, int inOff, int inLen, byte[] output, int outOff)
+        throws IllegalStateException, InvalidCipherTextException, DataLengthException
+    {
+        // TODO: handle null keyParam (e.g. via RepeatedKeySpec)
+        // Need to keep the CTR and CBC Mac parts around and reset
+        if (keyParam == null)
+        {
+            throw new IllegalStateException("CCM cipher unitialized.");
+        }
+
+        int n = nonce.length;
+        int q = 15 - n;
+        if (q < 4)
+        {
+            int limitLen = 1 << (8 * q);
+            if (inLen >= limitLen)
+            {
+                throw new IllegalStateException("CCM packet too large for choice of q.");
+            }
+        }
+
+        byte[] iv = new byte[blockSize];
+        iv[0] = (byte)((q - 1) & 0x7);
+        System.arraycopy(nonce, 0, iv, 1, nonce.length);
+
+        BlockCipher ctrCipher = new SICBlockCipher(cipher);
+        ctrCipher.init(forEncryption, new ParametersWithIV(keyParam, iv));
+
+        int outputLen;
+        int inIndex = inOff;
+        int outIndex = outOff;
+
+        if (forEncryption)
+        {
+            outputLen = inLen + macSize;
+            if (output.length < (outputLen + outOff))
+            {
+                throw new OutputLengthException("Output buffer too short.");
+            }
+
+            calculateMac(in, inOff, inLen, macBlock);
+
+            byte[] encMac = new byte[blockSize];
+
+            ctrCipher.processBlock(macBlock, 0, encMac, 0);   // S0
+
+            while (inIndex < (inOff + inLen - blockSize))                 // S1...
+            {
+                ctrCipher.processBlock(in, inIndex, output, outIndex);
+                outIndex += blockSize;
+                inIndex += blockSize;
+            }
+
+            byte[] block = new byte[blockSize];
+
+            System.arraycopy(in, inIndex, block, 0, inLen + inOff - inIndex);
+
+            ctrCipher.processBlock(block, 0, block, 0);
+
+            System.arraycopy(block, 0, output, outIndex, inLen + inOff - inIndex);
+
+            System.arraycopy(encMac, 0, output, outOff + inLen, macSize);
+        }
+        else
+        {
+            if (inLen < macSize)
+            {
+                throw new InvalidCipherTextException("data too short");
+            }
+            outputLen = inLen - macSize;
+            if (output.length < (outputLen + outOff))
+            {
+                throw new OutputLengthException("Output buffer too short.");
+            }
+
+            System.arraycopy(in, inOff + outputLen, macBlock, 0, macSize);
+
+            ctrCipher.processBlock(macBlock, 0, macBlock, 0);
+
+            for (int i = macSize; i != macBlock.length; i++)
+            {
+                macBlock[i] = 0;
+            }
+
+            while (inIndex < (inOff + outputLen - blockSize))
+            {
+                ctrCipher.processBlock(in, inIndex, output, outIndex);
+                outIndex += blockSize;
+                inIndex += blockSize;
+            }
+
+            byte[] block = new byte[blockSize];
+
+            System.arraycopy(in, inIndex, block, 0, outputLen - (inIndex - inOff));
+
+            ctrCipher.processBlock(block, 0, block, 0);
+
+            System.arraycopy(block, 0, output, outIndex, outputLen - (inIndex - inOff));
+
+            byte[] calculatedMacBlock = new byte[blockSize];
+
+            calculateMac(output, outOff, outputLen, calculatedMacBlock);
+
+            if (!Arrays.constantTimeAreEqual(macBlock, calculatedMacBlock))
+            {
+                throw new InvalidCipherTextException("mac check in CCM failed");
+            }
+        }
+
+        return outputLen;
+    }
+
+    private int calculateMac(byte[] data, int dataOff, int dataLen, byte[] macBlock)
+    {
+        Mac cMac = new CBCBlockCipherMac(cipher, macSize * 8);
+
+        cMac.init(keyParam);
+
+        //
+        // build b0
+        //
+        byte[] b0 = new byte[16];
+
+        if (hasAssociatedText())
+        {
+            b0[0] |= 0x40;
+        }
+
+        b0[0] |= (((cMac.getMacSize() - 2) / 2) & 0x7) << 3;
+
+        b0[0] |= ((15 - nonce.length) - 1) & 0x7;
+
+        System.arraycopy(nonce, 0, b0, 1, nonce.length);
+
+        int q = dataLen;
+        int count = 1;
+        while (q > 0)
+        {
+            b0[b0.length - count] = (byte)(q & 0xff);
+            q >>>= 8;
+            count++;
+        }
+
+        cMac.update(b0, 0, b0.length);
+
+        //
+        // process associated text
+        //
+        if (hasAssociatedText())
+        {
+            int extra;
+
+            int textLength = getAssociatedTextLength();
+            if (textLength < ((1 << 16) - (1 << 8)))
+            {
+                cMac.update((byte)(textLength >> 8));
+                cMac.update((byte)textLength);
+
+                extra = 2;
+            }
+            else // can't go any higher than 2^32
+            {
+                cMac.update((byte)0xff);
+                cMac.update((byte)0xfe);
+                cMac.update((byte)(textLength >> 24));
+                cMac.update((byte)(textLength >> 16));
+                cMac.update((byte)(textLength >> 8));
+                cMac.update((byte)textLength);
+
+                extra = 6;
+            }
+
+            if (initialAssociatedText != null)
+            {
+                cMac.update(initialAssociatedText, 0, initialAssociatedText.length);
+            }
+            if (associatedText.size() > 0)
+            {
+                cMac.update(associatedText.getBuffer(), 0, associatedText.size());
+            }
+
+            extra = (extra + textLength) % 16;
+            if (extra != 0)
+            {
+                for (int i = extra; i != 16; i++)
+                {
+                    cMac.update((byte)0x00);
+                }
+            }
+        }
+
+        //
+        // add the text
+        //
+        cMac.update(data, dataOff, dataLen);
+
+        return cMac.doFinal(macBlock, 0);
+    }
+
+    private int getAssociatedTextLength()
+    {
+        return associatedText.size() + ((initialAssociatedText == null) ? 0 : initialAssociatedText.length);
+    }
+
+    private boolean hasAssociatedText()
+    {
+        return getAssociatedTextLength() > 0;
+    }
+
+    private class ExposedByteArrayOutputStream
+        extends ByteArrayOutputStream
+    {
+        public ExposedByteArrayOutputStream()
+        {
+        }
+
+        public byte[] getBuffer()
+        {
+            return this.buf;
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/CFBBlockCipher.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/CFBBlockCipher.java
new file mode 100644
index 0000000..276b154
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/CFBBlockCipher.java

@@ -0,0 +1,271 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.modes;
+
+import com.android.org.bouncycastle.crypto.BlockCipher;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.DataLengthException;
+import com.android.org.bouncycastle.crypto.StreamBlockCipher;
+import com.android.org.bouncycastle.crypto.params.ParametersWithIV;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * implements a Cipher-FeedBack (CFB) mode on top of a simple cipher.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class CFBBlockCipher
+    extends StreamBlockCipher
+{
+    private byte[]          IV;
+    private byte[]          cfbV;
+    private byte[]          cfbOutV;
+    private byte[]          inBuf;
+
+    private int             blockSize;
+    private BlockCipher     cipher = null;
+    private boolean         encrypting;
+    private int             byteCount;
+
+    /**
+     * Basic constructor.
+     *
+     * @param cipher the block cipher to be used as the basis of the
+     * feedback mode.
+     * @param bitBlockSize the block size in bits (note: a multiple of 8)
+     */
+    public CFBBlockCipher(
+        BlockCipher cipher,
+        int         bitBlockSize)
+    {
+        super(cipher);
+
+        this.cipher = cipher;
+        this.blockSize = bitBlockSize / 8;
+
+        this.IV = new byte[cipher.getBlockSize()];
+        this.cfbV = new byte[cipher.getBlockSize()];
+        this.cfbOutV = new byte[cipher.getBlockSize()];
+        this.inBuf = new byte[blockSize];
+    }
+
+    /**
+     * Initialise the cipher and, possibly, the initialisation vector (IV).
+     * If an IV isn't passed as part of the parameter, the IV will be all zeros.
+     * An IV which is too short is handled in FIPS compliant fashion.
+     *
+     * @param encrypting if true the cipher is initialised for
+     *  encryption, if false for decryption.
+     * @param params the key and other data required by the cipher.
+     * @exception IllegalArgumentException if the params argument is
+     * inappropriate.
+     */
+    public void init(
+        boolean             encrypting,
+        CipherParameters    params)
+        throws IllegalArgumentException
+    {
+        this.encrypting = encrypting;
+        
+        if (params instanceof ParametersWithIV)
+        {
+            ParametersWithIV ivParam = (ParametersWithIV)params;
+            byte[]      iv = ivParam.getIV();
+
+            if (iv.length < IV.length)
+            {
+                // prepend the supplied IV with zeros (per FIPS PUB 81)
+                System.arraycopy(iv, 0, IV, IV.length - iv.length, iv.length);
+                for (int i = 0; i < IV.length - iv.length; i++)
+                {
+                    IV[i] = 0;
+                }
+            }
+            else
+            {
+                System.arraycopy(iv, 0, IV, 0, IV.length);
+            }
+
+            reset();
+
+            // if null it's an IV changed only.
+            if (ivParam.getParameters() != null)
+            {
+                cipher.init(true, ivParam.getParameters());
+            }
+        }
+        else
+        {
+            reset();
+
+            // if it's null, key is to be reused.
+            if (params != null)
+            {
+                cipher.init(true, params);
+            }
+        }
+    }
+
+    /**
+     * return the algorithm name and mode.
+     *
+     * @return the name of the underlying algorithm followed by "/CFB"
+     * and the block size in bits.
+     */
+    public String getAlgorithmName()
+    {
+        return cipher.getAlgorithmName() + "/CFB" + (blockSize * 8);
+    }
+
+    protected byte calculateByte(byte in)
+          throws DataLengthException, IllegalStateException
+    {
+        return (encrypting) ? encryptByte(in) : decryptByte(in);
+    }
+
+    private byte encryptByte(byte in)
+    {
+        if (byteCount == 0)
+        {
+            cipher.processBlock(cfbV, 0, cfbOutV, 0);
+        }
+
+        byte rv = (byte)(cfbOutV[byteCount] ^ in);
+        inBuf[byteCount++] = rv;
+
+        if (byteCount == blockSize)
+        {
+            byteCount = 0;
+
+            System.arraycopy(cfbV, blockSize, cfbV, 0, cfbV.length - blockSize);
+            System.arraycopy(inBuf, 0, cfbV, cfbV.length - blockSize, blockSize);
+        }
+
+        return rv;
+    }
+
+    private byte decryptByte(byte in)
+    {
+        if (byteCount == 0)
+        {
+            cipher.processBlock(cfbV, 0, cfbOutV, 0);
+        }
+
+        inBuf[byteCount] = in;
+        byte rv = (byte)(cfbOutV[byteCount++] ^ in);
+
+        if (byteCount == blockSize)
+        {
+            byteCount = 0;
+
+            System.arraycopy(cfbV, blockSize, cfbV, 0, cfbV.length - blockSize);
+            System.arraycopy(inBuf, 0, cfbV, cfbV.length - blockSize, blockSize);
+        }
+
+        return rv;
+    }
+
+    /**
+     * return the block size we are operating at.
+     *
+     * @return the block size we are operating at (in bytes).
+     */
+    public int getBlockSize()
+    {
+        return blockSize;
+    }
+
+    /**
+     * Process one block of input from the array in and write it to
+     * the out array.
+     *
+     * @param in the array containing the input data.
+     * @param inOff offset into the in array the data starts at.
+     * @param out the array the output data will be copied into.
+     * @param outOff the offset into the out array the output will start at.
+     * @exception DataLengthException if there isn't enough data in in, or
+     * space in out.
+     * @exception IllegalStateException if the cipher isn't initialised.
+     * @return the number of bytes processed and produced.
+     */
+    public int processBlock(
+        byte[]      in,
+        int         inOff,
+        byte[]      out,
+        int         outOff)
+        throws DataLengthException, IllegalStateException
+    {
+        processBytes(in, inOff, blockSize, out, outOff);
+
+        return blockSize;
+    }
+
+    /**
+     * Do the appropriate processing for CFB mode encryption.
+     *
+     * @param in the array containing the data to be encrypted.
+     * @param inOff offset into the in array the data starts at.
+     * @param out the array the encrypted data will be copied into.
+     * @param outOff the offset into the out array the output will start at.
+     * @exception DataLengthException if there isn't enough data in in, or
+     * space in out.
+     * @exception IllegalStateException if the cipher isn't initialised.
+     * @return the number of bytes processed and produced.
+     */
+    public int encryptBlock(
+        byte[]      in,
+        int         inOff,
+        byte[]      out,
+        int         outOff)
+        throws DataLengthException, IllegalStateException
+    {
+        processBytes(in, inOff, blockSize, out, outOff);
+
+        return blockSize;
+    }
+
+    /**
+     * Do the appropriate processing for CFB mode decryption.
+     *
+     * @param in the array containing the data to be decrypted.
+     * @param inOff offset into the in array the data starts at.
+     * @param out the array the encrypted data will be copied into.
+     * @param outOff the offset into the out array the output will start at.
+     * @exception DataLengthException if there isn't enough data in in, or
+     * space in out.
+     * @exception IllegalStateException if the cipher isn't initialised.
+     * @return the number of bytes processed and produced.
+     */
+    public int decryptBlock(
+        byte[]      in,
+        int         inOff,
+        byte[]      out,
+        int         outOff)
+        throws DataLengthException, IllegalStateException
+    {
+        processBytes(in, inOff, blockSize, out, outOff);
+
+        return blockSize;
+    }
+
+    /**
+     * Return the current state of the initialisation vector.
+     *
+     * @return current IV
+     */
+    public byte[] getCurrentIV()
+    {
+        return Arrays.clone(cfbV);
+    }
+
+    /**
+     * reset the chaining vector back to the IV and reset the underlying
+     * cipher.
+     */
+    public void reset()
+    {
+        System.arraycopy(IV, 0, cfbV, 0, IV.length);
+        Arrays.fill(inBuf, (byte)0);
+        byteCount = 0;
+
+        cipher.reset();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/CTSBlockCipher.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/CTSBlockCipher.java
new file mode 100644
index 0000000..8233865
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/CTSBlockCipher.java

@@ -0,0 +1,290 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.modes;
+
+import com.android.org.bouncycastle.crypto.BlockCipher;
+import com.android.org.bouncycastle.crypto.BufferedBlockCipher;
+import com.android.org.bouncycastle.crypto.DataLengthException;
+import com.android.org.bouncycastle.crypto.InvalidCipherTextException;
+import com.android.org.bouncycastle.crypto.OutputLengthException;
+import com.android.org.bouncycastle.crypto.StreamBlockCipher;
+
+/**
+ * A Cipher Text Stealing (CTS) mode cipher. CTS allows block ciphers to
+ * be used to produce cipher text which is the same length as the plain text.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class CTSBlockCipher
+    extends BufferedBlockCipher
+{
+    private int     blockSize;
+
+    /**
+     * Create a buffered block cipher that uses Cipher Text Stealing
+     *
+     * @param cipher the underlying block cipher this buffering object wraps.
+     */
+    public CTSBlockCipher(
+        BlockCipher     cipher)
+    {
+        if (cipher instanceof StreamBlockCipher)
+        {
+            throw new IllegalArgumentException("CTSBlockCipher can only accept ECB, or CBC ciphers");
+        }
+
+        this.cipher = cipher;
+
+        blockSize = cipher.getBlockSize();
+
+        buf = new byte[blockSize * 2];
+        bufOff = 0;
+    }
+
+    /**
+     * return the size of the output buffer required for an update 
+     * an input of len bytes.
+     *
+     * @param len the length of the input.
+     * @return the space required to accommodate a call to update
+     * with len bytes of input.
+     */
+    public int getUpdateOutputSize(
+        int len)
+    {
+        int total       = len + bufOff;
+        int leftOver    = total % buf.length;
+
+        if (leftOver == 0)
+        {
+            return total - buf.length;
+        }
+
+        return total - leftOver;
+    }
+
+    /**
+     * return the size of the output buffer required for an update plus a
+     * doFinal with an input of len bytes.
+     *
+     * @param len the length of the input.
+     * @return the space required to accommodate a call to update and doFinal
+     * with len bytes of input.
+     */
+    public int getOutputSize(
+        int len)
+    {
+        return len + bufOff;
+    }
+
+    /**
+     * process a single byte, producing an output block if necessary.
+     *
+     * @param in the input byte.
+     * @param out the space for any output that might be produced.
+     * @param outOff the offset from which the output will be copied.
+     * @return the number of output bytes copied to out.
+     * @exception DataLengthException if there isn't enough space in out.
+     * @exception IllegalStateException if the cipher isn't initialised.
+     */
+    public int processByte(
+        byte        in,
+        byte[]      out,
+        int         outOff)
+        throws DataLengthException, IllegalStateException
+    {
+        int         resultLen = 0;
+
+        if (bufOff == buf.length)
+        {
+            resultLen = cipher.processBlock(buf, 0, out, outOff);
+            System.arraycopy(buf, blockSize, buf, 0, blockSize);
+
+            bufOff = blockSize;
+        }
+
+        buf[bufOff++] = in;
+
+        return resultLen;
+    }
+
+    /**
+     * process an array of bytes, producing output if necessary.
+     *
+     * @param in the input byte array.
+     * @param inOff the offset at which the input data starts.
+     * @param len the number of bytes to be copied out of the input array.
+     * @param out the space for any output that might be produced.
+     * @param outOff the offset from which the output will be copied.
+     * @return the number of output bytes copied to out.
+     * @exception DataLengthException if there isn't enough space in out.
+     * @exception IllegalStateException if the cipher isn't initialised.
+     */
+    public int processBytes(
+        byte[]      in,
+        int         inOff,
+        int         len,
+        byte[]      out,
+        int         outOff)
+        throws DataLengthException, IllegalStateException
+    {
+        if (len < 0)
+        {
+            throw new IllegalArgumentException("Can't have a negative input length!");
+        }
+
+        int blockSize   = getBlockSize();
+        int length      = getUpdateOutputSize(len);
+        
+        if (length > 0)
+        {
+            if ((outOff + length) > out.length)
+            {
+                throw new OutputLengthException("output buffer too short");
+            }
+        }
+
+        int resultLen = 0;
+        int gapLen = buf.length - bufOff;
+
+        if (len > gapLen)
+        {
+            System.arraycopy(in, inOff, buf, bufOff, gapLen);
+
+            resultLen += cipher.processBlock(buf, 0, out, outOff);
+            System.arraycopy(buf, blockSize, buf, 0, blockSize);
+
+            bufOff = blockSize;
+
+            len -= gapLen;
+            inOff += gapLen;
+
+            while (len > blockSize)
+            {
+                System.arraycopy(in, inOff, buf, bufOff, blockSize);
+                resultLen += cipher.processBlock(buf, 0, out, outOff + resultLen);
+                System.arraycopy(buf, blockSize, buf, 0, blockSize);
+
+                len -= blockSize;
+                inOff += blockSize;
+            }
+        }
+
+        System.arraycopy(in, inOff, buf, bufOff, len);
+
+        bufOff += len;
+
+        return resultLen;
+    }
+
+    /**
+     * Process the last block in the buffer.
+     *
+     * @param out the array the block currently being held is copied into.
+     * @param outOff the offset at which the copying starts.
+     * @return the number of output bytes copied to out.
+     * @exception DataLengthException if there is insufficient space in out for
+     * the output.
+     * @exception IllegalStateException if the underlying cipher is not
+     * initialised.
+     * @exception InvalidCipherTextException if cipher text decrypts wrongly (in
+     * case the exception will never get thrown).
+     */
+    public int doFinal(
+        byte[]  out,
+        int     outOff)
+        throws DataLengthException, IllegalStateException, InvalidCipherTextException
+    {
+        if (bufOff + outOff > out.length)
+        {
+            throw new OutputLengthException("output buffer to small in doFinal");
+        }
+
+        int     blockSize = cipher.getBlockSize();
+        int     len = bufOff - blockSize;
+        byte[]  block = new byte[blockSize];
+
+        if (forEncryption)
+        {
+            if (bufOff < blockSize)
+            {
+                throw new DataLengthException("need at least one block of input for CTS");
+            }
+
+            cipher.processBlock(buf, 0, block, 0);
+
+            if (bufOff > blockSize)
+            {
+                for (int i = bufOff; i != buf.length; i++)
+                {
+                    buf[i] = block[i - blockSize];
+                }
+
+                for (int i = blockSize; i != bufOff; i++)
+                {
+                    buf[i] ^= block[i - blockSize];
+                }
+
+                if (cipher instanceof CBCBlockCipher)
+                {
+                    BlockCipher c = ((CBCBlockCipher)cipher).getUnderlyingCipher();
+
+                    c.processBlock(buf, blockSize, out, outOff);
+                }
+                else
+                {
+                    cipher.processBlock(buf, blockSize, out, outOff);
+                }
+
+                System.arraycopy(block, 0, out, outOff + blockSize, len);
+            }
+            else
+            {
+                System.arraycopy(block, 0, out, outOff, blockSize);
+            }
+        }
+        else
+        {
+            if (bufOff < blockSize)
+            {
+                throw new DataLengthException("need at least one block of input for CTS");
+            }
+
+            byte[]  lastBlock = new byte[blockSize];
+
+            if (bufOff > blockSize)
+            {
+                if (cipher instanceof CBCBlockCipher)
+                {
+                    BlockCipher c = ((CBCBlockCipher)cipher).getUnderlyingCipher();
+
+                    c.processBlock(buf, 0, block, 0);
+                }
+                else
+                {
+                    cipher.processBlock(buf, 0, block, 0);
+                }
+
+                for (int i = blockSize; i != bufOff; i++)
+                {
+                    lastBlock[i - blockSize] = (byte)(block[i - blockSize] ^ buf[i]);
+                }
+
+                System.arraycopy(buf, blockSize, block, 0, len);
+
+                cipher.processBlock(block, 0, out, outOff);
+                System.arraycopy(lastBlock, 0, out, outOff + blockSize, len);
+            }
+            else
+            {
+                cipher.processBlock(buf, 0, block, 0);
+
+                System.arraycopy(block, 0, out, outOff, blockSize);
+            }
+        }
+
+        int offset = bufOff;
+
+        reset();
+
+        return offset;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/GCMBlockCipher.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/GCMBlockCipher.java
new file mode 100644
index 0000000..398d0f5
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/GCMBlockCipher.java

@@ -0,0 +1,692 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.modes;
+
+import com.android.org.bouncycastle.crypto.BlockCipher;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.DataLengthException;
+import com.android.org.bouncycastle.crypto.InvalidCipherTextException;
+import com.android.org.bouncycastle.crypto.OutputLengthException;
+import com.android.org.bouncycastle.crypto.modes.gcm.BasicGCMExponentiator;
+import com.android.org.bouncycastle.crypto.modes.gcm.GCMExponentiator;
+import com.android.org.bouncycastle.crypto.modes.gcm.GCMMultiplier;
+import com.android.org.bouncycastle.crypto.modes.gcm.GCMUtil;
+import com.android.org.bouncycastle.crypto.modes.gcm.Tables4kGCMMultiplier;
+import com.android.org.bouncycastle.crypto.params.AEADParameters;
+import com.android.org.bouncycastle.crypto.params.KeyParameter;
+import com.android.org.bouncycastle.crypto.params.ParametersWithIV;
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Pack;
+
+/**
+ * Implements the Galois/Counter mode (GCM) detailed in
+ * NIST Special Publication 800-38D.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class GCMBlockCipher
+    implements AEADBlockCipher
+{
+    private static final int BLOCK_SIZE = 16;
+    // BEGIN Android-added: Max input size limitation from NIST.
+    // 2^36-32 : limitation imposed by NIST GCM as otherwise the counter is wrapped and it can leak
+    // plaintext and authentication key
+    private static final long MAX_INPUT_SIZE = 68719476704L;
+    // END Android-added: Max input size limitation from NIST.
+
+    // not final due to a compiler bug
+    private BlockCipher   cipher;
+    private GCMMultiplier multiplier;
+    private GCMExponentiator exp;
+
+    // These fields are set by init and not modified by processing
+    private boolean             forEncryption;
+    private boolean             initialised;
+    private int                 macSize;
+    private byte[]              lastKey;
+    private byte[]              nonce;
+    private byte[]              initialAssociatedText;
+    private byte[]              H;
+    private byte[]              J0;
+
+    // These fields are modified during processing
+    private byte[]      bufBlock;
+    private byte[]      macBlock;
+    private byte[]      S, S_at, S_atPre;
+    private byte[]      counter;
+    private int         blocksRemaining;
+    private int         bufOff;
+    private long        totalLength;
+    private byte[]      atBlock;
+    private int         atBlockPos;
+    private long        atLength;
+    private long        atLengthPre;
+
+    public GCMBlockCipher(BlockCipher c)
+    {
+        this(c, null);
+    }
+
+    public GCMBlockCipher(BlockCipher c, GCMMultiplier m)
+    {
+        if (c.getBlockSize() != BLOCK_SIZE)
+        {
+            throw new IllegalArgumentException(
+                "cipher required with a block size of " + BLOCK_SIZE + ".");
+        }
+
+        if (m == null)
+        {
+            m = new Tables4kGCMMultiplier();
+        }
+
+        this.cipher = c;
+        this.multiplier = m;
+    }
+
+    public BlockCipher getUnderlyingCipher()
+    {
+        return cipher;
+    }
+
+    public String getAlgorithmName()
+    {
+        return cipher.getAlgorithmName() + "/GCM";
+    }
+
+    /**
+     * NOTE: MAC sizes from 32 bits to 128 bits (must be a multiple of 8) are supported. The default is 128 bits.
+     * Sizes less than 96 are not recommended, but are supported for specialized applications.
+     */
+    public void init(boolean forEncryption, CipherParameters params)
+        throws IllegalArgumentException
+    {
+        this.forEncryption = forEncryption;
+        this.macBlock = null;
+        this.initialised = true;
+
+        KeyParameter keyParam;
+        byte[] newNonce = null;
+
+        if (params instanceof AEADParameters)
+        {
+            AEADParameters param = (AEADParameters)params;
+
+            newNonce = param.getNonce();
+            initialAssociatedText = param.getAssociatedText();
+
+            int macSizeBits = param.getMacSize();
+            if (macSizeBits < 32 || macSizeBits > 128 || macSizeBits % 8 != 0)
+            {
+                throw new IllegalArgumentException("Invalid value for MAC size: " + macSizeBits);
+            }
+
+            macSize = macSizeBits / 8;
+            keyParam = param.getKey();
+        }
+        else if (params instanceof ParametersWithIV)
+        {
+            ParametersWithIV param = (ParametersWithIV)params;
+
+            newNonce = param.getIV();
+            initialAssociatedText  = null;
+            macSize = 16;
+            keyParam = (KeyParameter)param.getParameters();
+        }
+        else
+        {
+            throw new IllegalArgumentException("invalid parameters passed to GCM");
+        }
+
+        int bufLength = forEncryption ? BLOCK_SIZE : (BLOCK_SIZE + macSize);
+        this.bufBlock = new byte[bufLength];
+
+        if (newNonce == null || newNonce.length < 1)
+        {
+            throw new IllegalArgumentException("IV must be at least 1 byte");
+        }
+
+        if (forEncryption)
+        {
+            if (nonce != null && Arrays.areEqual(nonce, newNonce))
+            {
+                if (keyParam == null)
+                {
+                    throw new IllegalArgumentException("cannot reuse nonce for GCM encryption");
+                }
+                if (lastKey != null && Arrays.areEqual(lastKey, keyParam.getKey()))
+                {
+                    throw new IllegalArgumentException("cannot reuse nonce for GCM encryption");
+                }
+            }
+        }
+
+        nonce = newNonce;
+        if (keyParam != null)
+        {
+            lastKey = keyParam.getKey();
+        }
+
+        // TODO Restrict macSize to 16 if nonce length not 12?
+
+        // Cipher always used in forward mode
+        // if keyParam is null we're reusing the last key.
+        if (keyParam != null)
+        {
+            cipher.init(true, keyParam);
+
+            this.H = new byte[BLOCK_SIZE];
+            cipher.processBlock(H, 0, H, 0);
+
+            // GCMMultiplier tables don't change unless the key changes (and are expensive to init)
+            multiplier.init(H);
+            exp = null;
+        }
+        else if (this.H == null)
+        {
+            throw new IllegalArgumentException("Key must be specified in initial init");
+        }
+
+        this.J0 = new byte[BLOCK_SIZE];
+
+        if (nonce.length == 12)
+        {
+            System.arraycopy(nonce, 0, J0, 0, nonce.length);
+            this.J0[BLOCK_SIZE - 1] = 0x01;
+        }
+        else
+        {
+            gHASH(J0, nonce, nonce.length);
+            byte[] X = new byte[BLOCK_SIZE];
+            Pack.longToBigEndian((long)nonce.length * 8, X, 8);
+            gHASHBlock(J0, X);
+        }
+
+        this.S = new byte[BLOCK_SIZE];
+        this.S_at = new byte[BLOCK_SIZE];
+        this.S_atPre = new byte[BLOCK_SIZE];
+        this.atBlock = new byte[BLOCK_SIZE];
+        this.atBlockPos = 0;
+        this.atLength = 0;
+        this.atLengthPre = 0;
+        this.counter = Arrays.clone(J0);
+        this.blocksRemaining = -2;      // page 8, len(P) <= 2^39 - 256, 1 block used by tag but done on J0
+        this.bufOff = 0;
+        this.totalLength = 0;
+
+        if (initialAssociatedText != null)
+        {
+            processAADBytes(initialAssociatedText, 0, initialAssociatedText.length);
+        }
+    }
+
+    public byte[] getMac()
+    {
+        if (macBlock == null)
+        {
+            return new byte[macSize];
+        }
+        return Arrays.clone(macBlock);
+    }
+
+    public int getOutputSize(int len)
+    {
+        int totalData = len + bufOff;
+
+        if (forEncryption)
+        {
+            return totalData + macSize;
+        }
+
+        return totalData < macSize ? 0 : totalData - macSize;
+    }
+
+    // BEGIN Android-added: Max input size limitation from NIST.
+    /** Helper used to ensure that {@link #MAX_INPUT_SIZE} is not exceeded. */
+    private long getTotalInputSizeAfterNewInput(int newInputLen)
+    {
+        return totalLength + newInputLen + bufOff;
+    }
+    // END Android-added: Max input size limitation from NIST.
+
+    public int getUpdateOutputSize(int len)
+    {
+        int totalData = len + bufOff;
+        if (!forEncryption)
+        {
+            if (totalData < macSize)
+            {
+                return 0;
+            }
+            totalData -= macSize;
+        }
+        return totalData - totalData % BLOCK_SIZE;
+    }
+
+    public void processAADByte(byte in)
+    {
+        checkStatus();
+        // BEGIN Android-added: Max input size limitation from NIST.
+        if (getTotalInputSizeAfterNewInput(1) > MAX_INPUT_SIZE) {
+            throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes");
+        }
+        // END Android-added: Max input size limitation from NIST.
+
+        atBlock[atBlockPos] = in;
+        if (++atBlockPos == BLOCK_SIZE)
+        {
+            // Hash each block as it fills
+            gHASHBlock(S_at, atBlock);
+            atBlockPos = 0;
+            atLength += BLOCK_SIZE;
+        }
+    }
+
+    public void processAADBytes(byte[] in, int inOff, int len)
+    {
+        checkStatus();
+        // BEGIN Android-added: Max input size limitation from NIST.
+        if (getTotalInputSizeAfterNewInput(len) > MAX_INPUT_SIZE) {
+            throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes");
+        }
+        // END Android-added: Max input size limitation from NIST.
+
+        for (int i = 0; i < len; ++i)
+        {
+            atBlock[atBlockPos] = in[inOff + i];
+            if (++atBlockPos == BLOCK_SIZE)
+            {
+                // Hash each block as it fills
+                gHASHBlock(S_at, atBlock);
+                atBlockPos = 0;
+                atLength += BLOCK_SIZE;
+            }
+        }
+    }
+
+    private void initCipher()
+    {
+        if (atLength > 0)
+        {
+            System.arraycopy(S_at, 0, S_atPre, 0, BLOCK_SIZE);
+            atLengthPre = atLength;
+        }
+
+        // Finish hash for partial AAD block
+        if (atBlockPos > 0)
+        {
+            gHASHPartial(S_atPre, atBlock, 0, atBlockPos);
+            atLengthPre += atBlockPos;
+        }
+
+        if (atLengthPre > 0)
+        {
+            System.arraycopy(S_atPre, 0, S, 0, BLOCK_SIZE);
+        }
+    }
+
+    public int processByte(byte in, byte[] out, int outOff)
+        throws DataLengthException
+    {
+        checkStatus();
+        // BEGIN Android-added: Max input size limitation from NIST.
+        if (getTotalInputSizeAfterNewInput(1) > MAX_INPUT_SIZE) {
+            throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes");
+        }
+        // END Android-added: Max input size limitation from NIST.
+
+        bufBlock[bufOff] = in;
+        if (++bufOff == bufBlock.length)
+        {
+            processBlock(bufBlock, 0, out, outOff);
+            if (forEncryption)
+            {
+                bufOff = 0;
+            }
+            else
+            {
+                System.arraycopy(bufBlock, BLOCK_SIZE, bufBlock, 0, macSize);
+                bufOff = macSize;
+            }
+            return BLOCK_SIZE;
+        }
+        return 0;
+    }
+
+    public int processBytes(byte[] in, int inOff, int len, byte[] out, int outOff)
+        throws DataLengthException
+    {
+        checkStatus();
+        // BEGIN Android-added: Max input size limitation from NIST.
+        if (getTotalInputSizeAfterNewInput(len) > MAX_INPUT_SIZE) {
+            throw new DataLengthException("Input exceeded " + MAX_INPUT_SIZE + " bytes");
+        }
+        // END Android-added: Max input size limitation from NIST.
+
+        if ((in.length - inOff) < len)
+        {
+            throw new DataLengthException("Input buffer too short");
+        }
+
+        int resultLen = 0;
+
+        if (forEncryption)
+        {
+            if (bufOff != 0)
+            {
+                while (len > 0)
+                {
+                    --len;
+                    bufBlock[bufOff] = in[inOff++];
+                    if (++bufOff == BLOCK_SIZE)
+                    {
+                        processBlock(bufBlock, 0, out, outOff);
+                        bufOff = 0;
+                        resultLen += BLOCK_SIZE;
+                        break;
+                    }
+                }
+            }
+
+            while (len >= BLOCK_SIZE)
+            {
+                processBlock(in, inOff, out, outOff + resultLen);
+                inOff += BLOCK_SIZE;
+                len -= BLOCK_SIZE;
+                resultLen += BLOCK_SIZE;
+            }
+
+            if (len > 0)
+            {
+                System.arraycopy(in, inOff, bufBlock, 0, len);
+                bufOff = len;
+            }
+        }
+        else
+        {
+            for (int i = 0; i < len; ++i)
+            {
+                bufBlock[bufOff] = in[inOff + i];
+                if (++bufOff == bufBlock.length)
+                {
+                    processBlock(bufBlock, 0, out, outOff + resultLen);
+                    System.arraycopy(bufBlock, BLOCK_SIZE, bufBlock, 0, macSize);
+                    bufOff = macSize;
+                    resultLen += BLOCK_SIZE;
+                }
+            }
+        }
+
+        return resultLen;
+    }
+
+    public int doFinal(byte[] out, int outOff)
+        throws IllegalStateException, InvalidCipherTextException
+    {
+        checkStatus();
+
+        if (totalLength == 0)
+        {
+            initCipher();
+        }
+
+        int extra = bufOff;
+
+        if (forEncryption)
+        {
+            if ((out.length - outOff) < (extra + macSize))
+            {
+                throw new OutputLengthException("Output buffer too short");
+            }
+        }
+        else
+        {
+            if (extra < macSize)
+            {
+                throw new InvalidCipherTextException("data too short");
+            }
+            extra -= macSize;
+
+            if ((out.length - outOff) < extra)
+            {
+                throw new OutputLengthException("Output buffer too short");
+            }
+        }
+
+        if (extra > 0)
+        {
+            processPartial(bufBlock, 0, extra, out, outOff);
+        }
+
+        atLength += atBlockPos;
+
+        if (atLength > atLengthPre)
+        {
+            /*
+             *  Some AAD was sent after the cipher started. We determine the difference b/w the hash value
+             *  we actually used when the cipher started (S_atPre) and the final hash value calculated (S_at).
+             *  Then we carry this difference forward by multiplying by H^c, where c is the number of (full or
+             *  partial) cipher-text blocks produced, and adjust the current hash.
+             */
+
+            // Finish hash for partial AAD block
+            if (atBlockPos > 0)
+            {
+                gHASHPartial(S_at, atBlock, 0, atBlockPos);
+            }
+
+            // Find the difference between the AAD hashes
+            if (atLengthPre > 0)
+            {
+                GCMUtil.xor(S_at, S_atPre);
+            }
+
+            // Number of cipher-text blocks produced
+            long c = ((totalLength * 8) + 127) >>> 7;
+
+            // Calculate the adjustment factor
+            byte[] H_c = new byte[16];
+            if (exp == null)
+            {
+                exp = new BasicGCMExponentiator();
+                exp.init(H);
+            }
+            exp.exponentiateX(c, H_c);
+
+            // Carry the difference forward
+            GCMUtil.multiply(S_at, H_c);
+
+            // Adjust the current hash
+            GCMUtil.xor(S, S_at);
+        }
+
+        // Final gHASH
+        byte[] X = new byte[BLOCK_SIZE];
+        Pack.longToBigEndian(atLength * 8, X, 0);
+        Pack.longToBigEndian(totalLength * 8, X, 8);
+
+        gHASHBlock(S, X);
+
+        // T = MSBt(GCTRk(J0,S))
+        byte[] tag = new byte[BLOCK_SIZE];
+        cipher.processBlock(J0, 0, tag, 0);
+        GCMUtil.xor(tag, S);
+
+        int resultLen = extra;
+
+        // We place into macBlock our calculated value for T
+        this.macBlock = new byte[macSize];
+        System.arraycopy(tag, 0, macBlock, 0, macSize);
+
+        if (forEncryption)
+        {
+            // Append T to the message
+            System.arraycopy(macBlock, 0, out, outOff + bufOff, macSize);
+            resultLen += macSize;
+        }
+        else
+        {
+            // Retrieve the T value from the message and compare to calculated one
+            byte[] msgMac = new byte[macSize];
+            System.arraycopy(bufBlock, extra, msgMac, 0, macSize);
+            if (!Arrays.constantTimeAreEqual(this.macBlock, msgMac))
+            {
+                throw new InvalidCipherTextException("mac check in GCM failed");
+            }
+        }
+
+        reset(false);
+
+        return resultLen;
+    }
+
+    public void reset()
+    {
+        reset(true);
+    }
+
+    private void reset(
+        boolean clearMac)
+    {
+        cipher.reset();
+
+        // note: we do not reset the nonce.
+
+        S = new byte[BLOCK_SIZE];
+        S_at = new byte[BLOCK_SIZE];
+        S_atPre = new byte[BLOCK_SIZE];
+        atBlock = new byte[BLOCK_SIZE];
+        atBlockPos = 0;
+        atLength = 0;
+        atLengthPre = 0;
+        counter = Arrays.clone(J0);
+        blocksRemaining = -2;
+        bufOff = 0;
+        totalLength = 0;
+
+        if (bufBlock != null)
+        {
+            Arrays.fill(bufBlock, (byte)0);
+        }
+
+        if (clearMac)
+        {
+            macBlock = null;
+        }
+
+        if (forEncryption)
+        {
+            initialised = false;
+        }
+        else
+        {
+            if (initialAssociatedText != null)
+            {
+                processAADBytes(initialAssociatedText, 0, initialAssociatedText.length);
+            }
+        }
+    }
+
+    private void processBlock(byte[] buf, int bufOff, byte[] out, int outOff)
+    {
+        if ((out.length - outOff) < BLOCK_SIZE)
+        {
+            throw new OutputLengthException("Output buffer too short");
+        }
+        if (totalLength == 0)
+        {
+            initCipher();
+        }
+
+        byte[] ctrBlock = new byte[BLOCK_SIZE];
+        getNextCTRBlock(ctrBlock);
+
+        if (forEncryption)
+        {
+            GCMUtil.xor(ctrBlock, buf, bufOff);
+            gHASHBlock(S, ctrBlock);
+            System.arraycopy(ctrBlock, 0, out, outOff, BLOCK_SIZE);
+        }
+        else
+        {
+            gHASHBlock(S, buf, bufOff);
+            GCMUtil.xor(ctrBlock, 0, buf, bufOff, out, outOff);
+        }
+
+        totalLength += BLOCK_SIZE;
+    }
+
+    private void processPartial(byte[] buf, int off, int len, byte[] out, int outOff)
+    {
+        byte[] ctrBlock = new byte[BLOCK_SIZE];
+        getNextCTRBlock(ctrBlock);
+
+        if (forEncryption)
+        {
+            GCMUtil.xor(buf, off, ctrBlock, 0, len);
+            gHASHPartial(S, buf, off, len);
+        }
+        else
+        {
+            gHASHPartial(S, buf, off, len);
+            GCMUtil.xor(buf, off, ctrBlock, 0, len);
+        }
+
+        System.arraycopy(buf, off, out, outOff, len);
+        totalLength += len;
+    }
+
+    private void gHASH(byte[] Y, byte[] b, int len)
+    {
+        for (int pos = 0; pos < len; pos += BLOCK_SIZE)
+        {
+            int num = Math.min(len - pos, BLOCK_SIZE);
+            gHASHPartial(Y, b, pos, num);
+        }
+    }
+
+    private void gHASHBlock(byte[] Y, byte[] b)
+    {
+        GCMUtil.xor(Y, b);
+        multiplier.multiplyH(Y);
+    }
+
+    private void gHASHBlock(byte[] Y, byte[] b, int off)
+    {
+        GCMUtil.xor(Y, b, off);
+        multiplier.multiplyH(Y);
+    }
+
+    private void gHASHPartial(byte[] Y, byte[] b, int off, int len)
+    {
+        GCMUtil.xor(Y, b, off, len);
+        multiplier.multiplyH(Y);
+    }
+
+    private void getNextCTRBlock(byte[] block)
+    {
+        if (blocksRemaining == 0)
+        {
+            throw new IllegalStateException("Attempt to process too many blocks");
+        }
+        blocksRemaining--;
+
+        int c = 1;
+        c += counter[15] & 0xFF; counter[15] = (byte)c; c >>>= 8;
+        c += counter[14] & 0xFF; counter[14] = (byte)c; c >>>= 8;
+        c += counter[13] & 0xFF; counter[13] = (byte)c; c >>>= 8;
+        c += counter[12] & 0xFF; counter[12] = (byte)c;
+
+        cipher.processBlock(counter, 0, block, 0);
+    }
+
+    private void checkStatus()
+    {
+        if (!initialised)
+        {
+            if (forEncryption)
+            {
+                throw new IllegalStateException("GCM cipher cannot be reused for encryption");
+            }
+            throw new IllegalStateException("GCM cipher needs to be initialised");
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/OFBBlockCipher.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/OFBBlockCipher.java
new file mode 100644
index 0000000..311442d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/OFBBlockCipher.java

@@ -0,0 +1,180 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.modes;
+
+import com.android.org.bouncycastle.crypto.BlockCipher;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.DataLengthException;
+import com.android.org.bouncycastle.crypto.StreamBlockCipher;
+import com.android.org.bouncycastle.crypto.params.ParametersWithIV;
+
+/**
+ * implements a Output-FeedBack (OFB) mode on top of a simple cipher.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class OFBBlockCipher
+    extends StreamBlockCipher
+{
+    private int             byteCount;
+    private byte[]          IV;
+    private byte[]          ofbV;
+    private byte[]          ofbOutV;
+
+    private final int             blockSize;
+    private final BlockCipher     cipher;
+
+    /**
+     * Basic constructor.
+     *
+     * @param cipher the block cipher to be used as the basis of the
+     * feedback mode.
+     * @param blockSize the block size in bits (note: a multiple of 8)
+     */
+    public OFBBlockCipher(
+        BlockCipher cipher,
+        int         blockSize)
+    {
+        super(cipher);
+
+        this.cipher = cipher;
+        this.blockSize = blockSize / 8;
+
+        this.IV = new byte[cipher.getBlockSize()];
+        this.ofbV = new byte[cipher.getBlockSize()];
+        this.ofbOutV = new byte[cipher.getBlockSize()];
+    }
+
+    /**
+     * Initialise the cipher and, possibly, the initialisation vector (IV).
+     * If an IV isn't passed as part of the parameter, the IV will be all zeros.
+     * An IV which is too short is handled in FIPS compliant fashion.
+     *
+     * @param encrypting if true the cipher is initialised for
+     *  encryption, if false for decryption.
+     * @param params the key and other data required by the cipher.
+     * @exception IllegalArgumentException if the params argument is
+     * inappropriate.
+     */
+    public void init(
+        boolean             encrypting, //ignored by this OFB mode
+        CipherParameters    params)
+        throws IllegalArgumentException
+    {
+        if (params instanceof ParametersWithIV)
+        {
+            ParametersWithIV ivParam = (ParametersWithIV)params;
+            byte[]      iv = ivParam.getIV();
+
+            if (iv.length < IV.length)
+            {
+                // prepend the supplied IV with zeros (per FIPS PUB 81)
+                System.arraycopy(iv, 0, IV, IV.length - iv.length, iv.length); 
+                for (int i = 0; i < IV.length - iv.length; i++)
+                {
+                    IV[i] = 0;
+                }
+            }
+            else
+            {
+                System.arraycopy(iv, 0, IV, 0, IV.length);
+            }
+
+            reset();
+
+            // if null it's an IV changed only.
+            if (ivParam.getParameters() != null)
+            {
+                cipher.init(true, ivParam.getParameters());
+            }
+        }
+        else
+        {
+            reset();
+
+            // if it's null, key is to be reused.
+            if (params != null)
+            {
+                cipher.init(true, params);
+            }
+        }
+    }
+
+    /**
+     * return the algorithm name and mode.
+     *
+     * @return the name of the underlying algorithm followed by "/OFB"
+     * and the block size in bits
+     */
+    public String getAlgorithmName()
+    {
+        return cipher.getAlgorithmName() + "/OFB" + (blockSize * 8);
+    }
+
+
+    /**
+     * return the block size we are operating at (in bytes).
+     *
+     * @return the block size we are operating at (in bytes).
+     */
+    public int getBlockSize()
+    {
+        return blockSize;
+    }
+
+    /**
+     * Process one block of input from the array in and write it to
+     * the out array.
+     *
+     * @param in the array containing the input data.
+     * @param inOff offset into the in array the data starts at.
+     * @param out the array the output data will be copied into.
+     * @param outOff the offset into the out array the output will start at.
+     * @exception DataLengthException if there isn't enough data in in, or
+     * space in out.
+     * @exception IllegalStateException if the cipher isn't initialised.
+     * @return the number of bytes processed and produced.
+     */
+    public int processBlock(
+        byte[]      in,
+        int         inOff,
+        byte[]      out,
+        int         outOff)
+        throws DataLengthException, IllegalStateException
+    {
+        processBytes(in, inOff, blockSize, out, outOff);
+
+        return blockSize;
+    }
+
+    /**
+     * reset the feedback vector back to the IV and reset the underlying
+     * cipher.
+     */
+    public void reset()
+    {
+        System.arraycopy(IV, 0, ofbV, 0, IV.length);
+        byteCount = 0;
+
+        cipher.reset();
+    }
+
+    protected byte calculateByte(byte in)
+          throws DataLengthException, IllegalStateException
+    {
+        if (byteCount == 0)
+        {
+            cipher.processBlock(ofbV, 0, ofbOutV, 0);
+        }
+
+        byte rv = (byte)(ofbOutV[byteCount++] ^ in);
+
+        if (byteCount == blockSize)
+        {
+            byteCount = 0;
+
+            System.arraycopy(ofbV, blockSize, ofbV, 0, ofbV.length - blockSize);
+            System.arraycopy(ofbOutV, 0, ofbV, ofbV.length - blockSize, blockSize);
+        }
+
+        return rv;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/SICBlockCipher.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/SICBlockCipher.java
new file mode 100644
index 0000000..73bdc58
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/SICBlockCipher.java

@@ -0,0 +1,292 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.modes;
+
+import com.android.org.bouncycastle.crypto.BlockCipher;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.DataLengthException;
+import com.android.org.bouncycastle.crypto.SkippingStreamCipher;
+import com.android.org.bouncycastle.crypto.StreamBlockCipher;
+import com.android.org.bouncycastle.crypto.params.ParametersWithIV;
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Pack;
+
+/**
+ * Implements the Segmented Integer Counter (SIC) mode on top of a simple
+ * block cipher. This mode is also known as CTR mode.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SICBlockCipher
+    extends StreamBlockCipher
+    implements SkippingStreamCipher
+{
+    private final BlockCipher     cipher;
+    private final int             blockSize;
+
+    private byte[]          IV;
+    private byte[]          counter;
+    private byte[]          counterOut;
+    private int             byteCount;
+
+    /**
+     * Basic constructor.
+     *
+     * @param c the block cipher to be used.
+     */
+    public SICBlockCipher(BlockCipher c)
+    {
+        super(c);
+
+        this.cipher = c;
+        this.blockSize = cipher.getBlockSize();
+        this.IV = new byte[blockSize];
+        this.counter = new byte[blockSize];
+        this.counterOut = new byte[blockSize];
+        this.byteCount = 0;
+    }
+
+    public void init(
+        boolean             forEncryption, //ignored by this CTR mode
+        CipherParameters    params)
+        throws IllegalArgumentException
+    {
+        if (params instanceof ParametersWithIV)
+        {
+            ParametersWithIV ivParam = (ParametersWithIV)params;
+            this.IV = Arrays.clone(ivParam.getIV());
+
+            if (blockSize < IV.length)
+            {
+                throw new IllegalArgumentException("CTR/SIC mode requires IV no greater than: " + blockSize + " bytes.");
+            }
+
+            int maxCounterSize = (8 > blockSize / 2) ? blockSize / 2 : 8;
+
+            if (blockSize - IV.length > maxCounterSize)
+            {
+                throw new IllegalArgumentException("CTR/SIC mode requires IV of at least: " + (blockSize - maxCounterSize) + " bytes.");
+            }
+
+            // if null it's an IV changed only.
+            if (ivParam.getParameters() != null)
+            {
+                cipher.init(true, ivParam.getParameters());
+            }
+
+            reset();
+        }
+        else
+        {
+            throw new IllegalArgumentException("CTR/SIC mode requires ParametersWithIV");
+        }
+    }
+
+    public String getAlgorithmName()
+    {
+        return cipher.getAlgorithmName() + "/SIC";
+    }
+
+    public int getBlockSize()
+    {
+        return cipher.getBlockSize();
+    }
+
+    public int processBlock(byte[] in, int inOff, byte[] out, int outOff)
+          throws DataLengthException, IllegalStateException
+    {
+        processBytes(in, inOff, blockSize, out, outOff);
+
+        return blockSize;
+    }
+
+    protected byte calculateByte(byte in)
+          throws DataLengthException, IllegalStateException
+    {
+        if (byteCount == 0)
+        {
+            cipher.processBlock(counter, 0, counterOut, 0);
+
+            return (byte)(counterOut[byteCount++] ^ in);
+        }
+
+        byte rv = (byte)(counterOut[byteCount++] ^ in);
+
+        if (byteCount == counter.length)
+        {
+            byteCount = 0;
+
+            incrementCounterAt(0);
+
+            checkCounter();
+        }
+
+        return rv;
+    }
+
+    private void checkCounter()
+    {
+        // if the IV is the same as the blocksize we assume the user knows what they are doing
+        if (IV.length < blockSize)
+        {
+            for (int i = 0; i != IV.length; i++)
+            {
+                if (counter[i] != IV[i])
+                {
+                    throw new IllegalStateException("Counter in CTR/SIC mode out of range.");
+                }
+            }
+        }
+    }
+
+    private void incrementCounterAt(int pos)
+    {
+        int i = counter.length - pos;
+        while (--i >= 0)
+        {
+            if (++counter[i] != 0)
+            {
+                break;
+            }
+        }
+    }
+
+    private void incrementCounter(int offSet)
+    {
+        byte old = counter[counter.length - 1];
+
+        counter[counter.length - 1] += offSet;
+
+        if (old != 0 && counter[counter.length - 1] < old)
+        {
+            incrementCounterAt(1);
+        }
+    }
+
+    private void decrementCounterAt(int pos)
+    {
+        int i = counter.length - pos;
+        while (--i >= 0)
+        {
+            if (--counter[i] != -1)
+            {
+                return;
+            }
+        }
+    }
+
+    private void adjustCounter(long n)
+    {
+        if (n >= 0)
+        {
+            long numBlocks = (n + byteCount) / blockSize;
+
+            long rem = numBlocks;
+            if (rem > 255)
+            {
+                for (int i = 5; i >= 1; i--)
+                {
+                    long diff = 1L << (8 * i);
+                    while (rem >= diff)
+                    {
+                        incrementCounterAt(i);
+                        rem -= diff;
+                    }
+                }
+            }
+
+            incrementCounter((int)rem);
+
+            byteCount = (int)((n + byteCount) - (blockSize * numBlocks));
+        }
+        else
+        {
+            long numBlocks = (-n - byteCount) / blockSize;
+
+            long rem = numBlocks;
+            if (rem > 255)
+            {
+                for (int i = 5; i >= 1; i--)
+                {
+                    long diff = 1L << (8 * i);
+                    while (rem > diff)
+                    {
+                        decrementCounterAt(i);
+                        rem -= diff;
+                    }
+                }
+            }
+
+            for (long i = 0; i != rem; i++)
+            {
+                decrementCounterAt(0);
+            }
+
+            int gap = (int)(byteCount + n + (blockSize * numBlocks));
+
+            if (gap >= 0)
+            {
+                byteCount = 0;
+            }
+            else
+            {
+                decrementCounterAt(0);
+                byteCount =  blockSize + gap;
+            }
+        }
+    }
+
+    public void reset()
+    {
+        Arrays.fill(counter, (byte)0);
+        System.arraycopy(IV, 0, counter, 0, IV.length);
+        cipher.reset();
+        this.byteCount = 0;
+    }
+
+    public long skip(long numberOfBytes)
+    {
+        adjustCounter(numberOfBytes);
+
+        checkCounter();
+
+        cipher.processBlock(counter, 0, counterOut, 0);
+
+        return numberOfBytes;
+    }
+
+    public long seekTo(long position)
+    {
+        reset();
+
+        return skip(position);
+    }
+
+    public long getPosition()
+    {
+        byte[] res = new byte[counter.length];
+
+        System.arraycopy(counter, 0, res, 0, res.length);
+
+        for (int i = res.length - 1; i >= 1; i--)
+        {
+            int v;
+            if (i < IV.length)
+            {
+                v = (res[i] & 0xff) - (IV[i] & 0xff);
+            }
+            else
+            {
+                v = (res[i] & 0xff);
+            }
+
+            if (v < 0)
+            {
+               res[i - 1]--;
+               v += 256;
+            }
+
+            res[i] = (byte)v;
+        }
+
+        return Pack.bigEndianToLong(res, res.length - 8) * blockSize + byteCount;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/gcm/BasicGCMExponentiator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/gcm/BasicGCMExponentiator.java
new file mode 100644
index 0000000..dd1ed48
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/gcm/BasicGCMExponentiator.java

@@ -0,0 +1,41 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.modes.gcm;
+
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BasicGCMExponentiator
+    implements GCMExponentiator
+{
+    private long[] x;
+
+    public void init(byte[] x)
+    {
+        this.x = GCMUtil.asLongs(x);
+    }
+
+    public void exponentiateX(long pow, byte[] output)
+    {
+        // Initial value is little-endian 1
+        long[] y = GCMUtil.oneAsLongs();
+
+        if (pow > 0)
+        {
+            long[] powX = Arrays.clone(x);
+            do
+            {
+                if ((pow & 1L) != 0)
+                {
+                    GCMUtil.multiply(y, powX);
+                }
+                GCMUtil.square(powX, powX);
+                pow >>>= 1;
+            }
+            while (pow > 0);
+        }
+
+        GCMUtil.asBytes(y, output);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/gcm/GCMExponentiator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/gcm/GCMExponentiator.java
new file mode 100644
index 0000000..3e3629f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/gcm/GCMExponentiator.java

@@ -0,0 +1,11 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.modes.gcm;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface GCMExponentiator
+{
+    void init(byte[] x);
+    void exponentiateX(long pow, byte[] output);
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/gcm/GCMMultiplier.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/gcm/GCMMultiplier.java
new file mode 100644
index 0000000..44b627e
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/gcm/GCMMultiplier.java

@@ -0,0 +1,11 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.modes.gcm;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface GCMMultiplier
+{
+    void init(byte[] H);
+    void multiplyH(byte[] x);
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/gcm/GCMUtil.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/gcm/GCMUtil.java
new file mode 100644
index 0000000..36c74dd
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/gcm/GCMUtil.java

@@ -0,0 +1,389 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.modes.gcm;
+
+import com.android.org.bouncycastle.math.raw.Interleave;
+import com.android.org.bouncycastle.util.Pack;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class GCMUtil
+{
+    private static final int E1 = 0xe1000000;
+    private static final long E1L = (E1 & 0xFFFFFFFFL) << 32;
+
+    public static byte[] oneAsBytes()
+    {
+        byte[] tmp = new byte[16];
+        tmp[0] = (byte)0x80;
+        return tmp;
+    }
+
+    public static int[] oneAsInts()
+    {
+        int[] tmp = new int[4];
+        tmp[0] = 1 << 31;
+        return tmp;
+    }
+
+    public static long[] oneAsLongs()
+    {
+        long[] tmp = new long[2];
+        tmp[0] = 1L << 63;
+        return tmp;
+    }
+
+    public static byte[] asBytes(int[] x)
+    {
+        byte[] z = new byte[16];
+        Pack.intToBigEndian(x, z, 0);
+        return z;
+    }
+
+    public static void asBytes(int[] x, byte[] z)
+    {
+        Pack.intToBigEndian(x, z, 0);
+    }
+
+    public static byte[] asBytes(long[] x)
+    {
+        byte[] z = new byte[16];
+        Pack.longToBigEndian(x, z, 0);
+        return z;
+    }
+
+    public static void asBytes(long[] x, byte[] z)
+    {
+        Pack.longToBigEndian(x, z, 0);
+    }
+
+    public static int[] asInts(byte[] x)
+    {
+        int[] z = new int[4];
+        Pack.bigEndianToInt(x, 0, z);
+        return z;
+    }
+
+    public static void asInts(byte[] x, int[] z)
+    {
+        Pack.bigEndianToInt(x, 0, z);
+    }
+
+    public static long[] asLongs(byte[] x)
+    {
+        long[] z = new long[2];
+        Pack.bigEndianToLong(x, 0, z);
+        return z;
+    }
+
+    public static void asLongs(byte[] x, long[] z)
+    {
+        Pack.bigEndianToLong(x, 0, z);
+    }
+
+    public static void copy(int[] x, int[] z)
+    {
+        z[0] = x[0];
+        z[1] = x[1];
+        z[2] = x[2];
+        z[3] = x[3];
+    }
+
+    public static void copy(long[] x, long[] z)
+    {
+        z[0] = x[0];
+        z[1] = x[1];
+    }
+
+    public static void divideP(long[] x, long[] z)
+    {
+        long x0 = x[0], x1 = x[1];
+        long m = x0 >> 63;
+        x0 ^= (m & E1L);
+        z[0] = (x0 << 1) | (x1 >>> 63);
+        z[1] = (x1 << 1) | -m;
+    }
+
+    public static void multiply(byte[] x, byte[] y)
+    {
+        long[] t1 = GCMUtil.asLongs(x);
+        long[] t2 = GCMUtil.asLongs(y);
+        GCMUtil.multiply(t1, t2);
+        GCMUtil.asBytes(t1, x);
+    }
+
+    public static void multiply(int[] x, int[] y)
+    {
+        int y0 = y[0], y1 = y[1], y2 = y[2], y3 = y[3];
+        int z0 = 0, z1 = 0, z2 = 0, z3 = 0;
+
+        for (int i = 0; i < 4; ++i)
+        {
+            int bits = x[i];
+            for (int j = 0; j < 32; ++j)
+            {
+                int m1 = bits >> 31; bits <<= 1;
+                z0 ^= (y0 & m1);
+                z1 ^= (y1 & m1);
+                z2 ^= (y2 & m1);
+                z3 ^= (y3 & m1);
+
+                int m2 = (y3 << 31) >> 8;
+                y3 = (y3 >>> 1) | (y2 << 31);
+                y2 = (y2 >>> 1) | (y1 << 31);
+                y1 = (y1 >>> 1) | (y0 << 31);
+                y0 = (y0 >>> 1) ^ (m2 & E1);
+            }
+        }
+
+        x[0] = z0;
+        x[1] = z1;
+        x[2] = z2;
+        x[3] = z3;
+    }
+
+    public static void multiply(long[] x, long[] y)
+    {
+        long x0 = x[0], x1 = x[1];
+        long y0 = y[0], y1 = y[1];
+        long z0 = 0, z1 = 0, z2 = 0;
+
+        for (int j = 0; j < 64; ++j)
+        {
+            long m0 = x0 >> 63; x0 <<= 1;
+            z0 ^= (y0 & m0);
+            z1 ^= (y1 & m0);
+
+            long m1 = x1 >> 63; x1 <<= 1;
+            z1 ^= (y0 & m1);
+            z2 ^= (y1 & m1);
+
+            long c = (y1 << 63) >> 8;
+            y1 = (y1 >>> 1) | (y0 << 63);
+            y0 = (y0 >>> 1) ^ (c & E1L);
+        }
+
+        z0 ^= z2 ^ (z2 >>>  1) ^ (z2 >>>  2) ^ (z2 >>>  7);
+        z1 ^=      (z2 <<  63) ^ (z2 <<  62) ^ (z2 <<  57);
+
+        x[0] = z0;
+        x[1] = z1;
+    }
+
+    public static void multiplyP(int[] x)
+    {
+        int x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3];
+        int m = (x3 << 31) >> 31;
+        x[0] = (x0 >>> 1) ^ (m & E1);
+        x[1] = (x1 >>> 1) | (x0 << 31);
+        x[2] = (x2 >>> 1) | (x1 << 31);
+        x[3] = (x3 >>> 1) | (x2 << 31);
+    }
+
+    public static void multiplyP(int[] x, int[] z)
+    {
+        int x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3];
+        int m = (x3 << 31) >> 31;
+        z[0] = (x0 >>> 1) ^ (m & E1);
+        z[1] = (x1 >>> 1) | (x0 << 31);
+        z[2] = (x2 >>> 1) | (x1 << 31);
+        z[3] = (x3 >>> 1) | (x2 << 31);
+    }
+
+    public static void multiplyP(long[] x)
+    {
+        long x0 = x[0], x1 = x[1];
+        long m = (x1 << 63) >> 63;
+        x[0] = (x0 >>> 1) ^ (m & E1L);
+        x[1] = (x1 >>> 1) | (x0 << 63);
+    }
+
+    public static void multiplyP(long[] x, long[] z)
+    {
+        long x0 = x[0], x1 = x[1];
+        long m = (x1 << 63) >> 63;
+        z[0] = (x0 >>> 1) ^ (m & E1L);
+        z[1] = (x1 >>> 1) | (x0 << 63);
+    }
+
+    public static void multiplyP3(long[] x, long[] z)
+    {
+        long x0 = x[0], x1 = x[1];
+        long c = x1 << 61;
+        z[0] = (x0 >>> 3) ^ c ^ (c >>> 1) ^ (c >>> 2) ^ (c >>> 7);
+        z[1] = (x1 >>> 3) | (x0 << 61);
+    }
+
+    public static void multiplyP4(long[] x, long[] z)
+    {
+        long x0 = x[0], x1 = x[1];
+        long c = x1 << 60;
+        z[0] = (x0 >>> 4) ^ c ^ (c >>> 1) ^ (c >>> 2) ^ (c >>> 7);
+        z[1] = (x1 >>> 4) | (x0 << 60);
+    }
+
+    public static void multiplyP7(long[] x, long[] z)
+    {
+        long x0 = x[0], x1 = x[1];
+        long c = x1 << 57;
+        z[0] = (x0 >>> 7) ^ c ^ (c >>> 1) ^ (c >>> 2) ^ (c >>> 7);
+        z[1] = (x1 >>> 7) | (x0 << 57);
+    }
+
+    public static void multiplyP8(int[] x)
+    {
+        int x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3];
+        int c = x3 << 24;
+        x[0] = (x0 >>> 8) ^ c ^ (c >>> 1) ^ (c >>> 2) ^ (c >>> 7);
+        x[1] = (x1 >>> 8) | (x0 << 24);
+        x[2] = (x2 >>> 8) | (x1 << 24);
+        x[3] = (x3 >>> 8) | (x2 << 24);
+    }
+
+    public static void multiplyP8(int[] x, int[] y)
+    {
+        int x0 = x[0], x1 = x[1], x2 = x[2], x3 = x[3];
+        int c = x3 << 24;
+        y[0] = (x0 >>> 8) ^ c ^ (c >>> 1) ^ (c >>> 2) ^ (c >>> 7);
+        y[1] = (x1 >>> 8) | (x0 << 24);
+        y[2] = (x2 >>> 8) | (x1 << 24);
+        y[3] = (x3 >>> 8) | (x2 << 24);
+    }
+
+    public static void multiplyP8(long[] x)
+    {
+        long x0 = x[0], x1 = x[1];
+        long c = x1 << 56;
+        x[0] = (x0 >>> 8) ^ c ^ (c >>> 1) ^ (c >>> 2) ^ (c >>> 7);
+        x[1] = (x1 >>> 8) | (x0 << 56);
+    }
+
+    public static void multiplyP8(long[] x, long[] y)
+    {
+        long x0 = x[0], x1 = x[1];
+        long c = x1 << 56;
+        y[0] = (x0 >>> 8) ^ c ^ (c >>> 1) ^ (c >>> 2) ^ (c >>> 7);
+        y[1] = (x1 >>> 8) | (x0 << 56);
+    }
+
+    public static long[] pAsLongs()
+    {
+        long[] tmp = new long[2];
+        tmp[0] = 1L << 62;
+        return tmp;
+    }
+
+    public static void square(long[] x, long[] z)
+    {
+        long[] t  = new long[4];
+        Interleave.expand64To128Rev(x[0], t, 0);
+        Interleave.expand64To128Rev(x[1], t, 2);
+
+        long z0 = t[0], z1 = t[1], z2 = t[2], z3 = t[3];
+
+        z1 ^= z3 ^ (z3 >>>  1) ^ (z3 >>>  2) ^ (z3 >>>  7);
+        z2 ^=      (z3 <<  63) ^ (z3 <<  62) ^ (z3 <<  57);
+
+        z0 ^= z2 ^ (z2 >>>  1) ^ (z2 >>>  2) ^ (z2 >>>  7);
+        z1 ^=      (z2 <<  63) ^ (z2 <<  62) ^ (z2 <<  57);
+
+        z[0] = z0;
+        z[1] = z1;
+    }
+
+    public static void xor(byte[] x, byte[] y)
+    {
+        int i = 0;
+        do
+        {
+            x[i] ^= y[i]; ++i;
+            x[i] ^= y[i]; ++i;
+            x[i] ^= y[i]; ++i;
+            x[i] ^= y[i]; ++i;
+        }
+        while (i < 16);
+    }
+
+    public static void xor(byte[] x, byte[] y, int yOff)
+    {
+        int i = 0;
+        do
+        {
+            x[i] ^= y[yOff + i]; ++i;
+            x[i] ^= y[yOff + i]; ++i;
+            x[i] ^= y[yOff + i]; ++i;
+            x[i] ^= y[yOff + i]; ++i;
+        }
+        while (i < 16);
+    }
+
+    public static void xor(byte[] x, int xOff, byte[] y, int yOff, byte[] z, int zOff)
+    {
+        int i = 0;
+        do
+        {
+            z[zOff + i] = (byte)(x[xOff + i] ^ y[yOff + i]); ++i;
+            z[zOff + i] = (byte)(x[xOff + i] ^ y[yOff + i]); ++i;
+            z[zOff + i] = (byte)(x[xOff + i] ^ y[yOff + i]); ++i;
+            z[zOff + i] = (byte)(x[xOff + i] ^ y[yOff + i]); ++i;
+        }
+        while (i < 16);
+    }
+
+    public static void xor(byte[] x, byte[] y, int yOff, int yLen)
+    {
+        while (--yLen >= 0)
+        {
+            x[yLen] ^= y[yOff + yLen];
+        }
+    }
+
+    public static void xor(byte[] x, int xOff, byte[] y, int yOff, int len)
+    {
+        while (--len >= 0)
+        {
+            x[xOff + len] ^= y[yOff + len];
+        }
+    }
+
+    public static void xor(byte[] x, byte[] y, byte[] z)
+    {
+        int i = 0;
+        do
+        {
+            z[i] = (byte)(x[i] ^ y[i]); ++i;
+            z[i] = (byte)(x[i] ^ y[i]); ++i;
+            z[i] = (byte)(x[i] ^ y[i]); ++i;
+            z[i] = (byte)(x[i] ^ y[i]); ++i;
+        }
+        while (i < 16);
+    }
+
+    public static void xor(int[] x, int[] y)
+    {
+        x[0] ^= y[0];
+        x[1] ^= y[1];
+        x[2] ^= y[2];
+        x[3] ^= y[3];
+    }
+
+    public static void xor(int[] x, int[] y, int[] z)
+    {
+        z[0] = x[0] ^ y[0];
+        z[1] = x[1] ^ y[1];
+        z[2] = x[2] ^ y[2];
+        z[3] = x[3] ^ y[3];
+    }
+
+    public static void xor(long[] x, long[] y)
+    {
+        x[0] ^= y[0];
+        x[1] ^= y[1];
+    }
+
+    public static void xor(long[] x, long[] y, long[] z)
+    {
+        z[0] = x[0] ^ y[0];
+        z[1] = x[1] ^ y[1];
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/gcm/Tables1kGCMExponentiator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/gcm/Tables1kGCMExponentiator.java
new file mode 100644
index 0000000..1adb197
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/gcm/Tables1kGCMExponentiator.java

@@ -0,0 +1,63 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.modes.gcm;
+
+import java.util.Vector;
+
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class Tables1kGCMExponentiator
+    implements GCMExponentiator
+{
+    // A lookup table of the power-of-two powers of 'x'
+    // - lookupPowX2[i] = x^(2^i)
+    private Vector lookupPowX2;
+
+    public void init(byte[] x)
+    {
+        long[] y = GCMUtil.asLongs(x);
+        if (lookupPowX2 != null && Arrays.areEqual(y, (long[])lookupPowX2.elementAt(0)))
+        {
+            return;
+        }
+
+        lookupPowX2 = new Vector(8);
+        lookupPowX2.addElement(y);
+    }
+
+    public void exponentiateX(long pow, byte[] output)
+    {
+        long[] y = GCMUtil.oneAsLongs();
+        int bit = 0;
+        while (pow > 0)
+        {
+            if ((pow & 1L) != 0)
+            {
+                ensureAvailable(bit);
+                GCMUtil.multiply(y, (long[])lookupPowX2.elementAt(bit));
+            }
+            ++bit;
+            pow >>>= 1;
+        }
+
+        GCMUtil.asBytes(y, output);
+    }
+
+    private void ensureAvailable(int bit)
+    {
+        int count = lookupPowX2.size();
+        if (count <= bit)
+        {
+            long[] tmp = (long[])lookupPowX2.elementAt(count - 1);
+            do
+            {
+                tmp = Arrays.clone(tmp);
+                GCMUtil.square(tmp, tmp);
+                lookupPowX2.addElement(tmp);
+            }
+            while (++count <= bit);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/gcm/Tables4kGCMMultiplier.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/gcm/Tables4kGCMMultiplier.java
new file mode 100644
index 0000000..0580d01
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/gcm/Tables4kGCMMultiplier.java

@@ -0,0 +1,71 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.modes.gcm;
+
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Pack;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class Tables4kGCMMultiplier
+    implements GCMMultiplier
+{
+    private byte[] H;
+    private long[][] T;
+
+    public void init(byte[] H)
+    {
+        if (T == null)
+        {
+            T = new long[256][2];
+        }
+        else if (Arrays.areEqual(this.H, H))
+        {
+            return;
+        }
+
+        this.H = Arrays.clone(H);
+
+        // T[0] = 0
+
+        // T[1] = H.p^7
+        GCMUtil.asLongs(this.H, T[1]);
+        GCMUtil.multiplyP7(T[1], T[1]);
+
+        for (int n = 2; n < 256; n += 2)
+        {
+            // T[2.n] = T[n].p^-1
+            GCMUtil.divideP(T[n >> 1], T[n]);
+
+            // T[2.n + 1] = T[2.n] + T[1]
+            GCMUtil.xor(T[n], T[1], T[n + 1]);
+        }
+    }
+
+    public void multiplyH(byte[] x)
+    {
+//        long[] z = new long[2];
+//        GCMUtil.copy(T[x[15] & 0xFF], z);
+//        for (int i = 14; i >= 0; --i)
+//        {
+//            GCMUtil.multiplyP8(z);
+//            GCMUtil.xor(z, T[x[i] & 0xFF]);
+//        }
+//        Pack.longToBigEndian(z, x, 0);
+
+        long[] t = T[x[15] & 0xFF];
+        long z0 = t[0], z1 = t[1];
+
+        for (int i = 14; i >= 0; --i)
+        {
+            t = T[x[i] & 0xFF];
+
+            long c = z1 << 56;
+            z1 = t[1] ^ ((z1 >>> 8) | (z0 << 56));
+            z0 = t[0] ^ (z0 >>> 8) ^ c ^ (c >>> 1) ^ (c >>> 2) ^ (c >>> 7);
+        }
+
+        Pack.longToBigEndian(z0, x, 0);
+        Pack.longToBigEndian(z1, x, 8);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/gcm/Tables8kGCMMultiplier.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/gcm/Tables8kGCMMultiplier.java
new file mode 100644
index 0000000..8b2dd22
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/modes/gcm/Tables8kGCMMultiplier.java

@@ -0,0 +1,83 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.modes.gcm;
+
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Pack;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class Tables8kGCMMultiplier
+    implements GCMMultiplier
+{
+    private byte[] H;
+    private long[][][] T;
+
+    public void init(byte[] H)
+    {
+        if (T == null)
+        {
+            T = new long[32][16][2];
+        }
+        else if (Arrays.areEqual(this.H, H))
+        {
+            return;
+        }
+
+        this.H = Arrays.clone(H);
+
+        for (int i = 0; i < 32; ++i)
+        {
+            long[][] t = T[i];
+
+            // t[0] = 0
+
+            if (i == 0)
+            {
+                // t[1] = H.p^3
+                GCMUtil.asLongs(this.H, t[1]);
+                GCMUtil.multiplyP3(t[1], t[1]);
+            }
+            else
+            {
+                // t[1] = T[i-1][1].p^4
+                GCMUtil.multiplyP4(T[i - 1][1], t[1]);
+            }
+
+            for (int n = 2; n < 16; n += 2)
+            {
+                // t[2.n] = t[n].p^-1
+                GCMUtil.divideP(t[n >> 1], t[n]);
+
+                // t[2.n + 1] = t[2.n] + t[1]
+                GCMUtil.xor(t[n], t[1], t[n + 1]);
+            }
+        }
+
+    }
+
+    public void multiplyH(byte[] x)
+    {
+//        long[] z = new long[2];
+//        for (int i = 15; i >= 0; --i)
+//        {
+//            GCMUtil.xor(z, T[i + i + 1][(x[i] & 0x0F)]);
+//            GCMUtil.xor(z, T[i + i    ][(x[i] & 0xF0) >>> 4]);
+//        }
+//        Pack.longToBigEndian(z, x, 0);
+
+        long z0 = 0, z1 = 0;
+
+        for (int i = 15; i >= 0; --i)
+        {
+            long[] u = T[i + i + 1][(x[i] & 0x0F)];
+            long[] v = T[i + i    ][(x[i] & 0xF0) >>> 4];
+
+            z0 ^= u[0] ^ v[0];
+            z1 ^= u[1] ^ v[1];
+        }
+
+        Pack.longToBigEndian(z0, x, 0);
+        Pack.longToBigEndian(z1, x, 8);
+   }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/paddings/BlockCipherPadding.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/paddings/BlockCipherPadding.java
new file mode 100644
index 0000000..53a53fa
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/paddings/BlockCipherPadding.java

@@ -0,0 +1,50 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.paddings;
+
+import java.security.SecureRandom;
+
+import com.android.org.bouncycastle.crypto.InvalidCipherTextException;
+
+/**
+ * Block cipher padders are expected to conform to this interface
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface BlockCipherPadding
+{
+    /**
+     * Initialise the padder.
+     *
+     * @param random the source of randomness for the padding, if required.
+     */
+    public void init(SecureRandom random)
+        throws IllegalArgumentException;
+
+    /**
+     * Return the name of the algorithm the cipher implements.
+     *
+     * @return the name of the algorithm the cipher implements.
+     */
+    public String getPaddingName();
+
+    /**
+     * add the pad bytes to the passed in block, returning the
+     * number of bytes added.
+     * <p>
+     * Note: this assumes that the last block of plain text is always 
+     * passed to it inside in. i.e. if inOff is zero, indicating the
+     * entire block is to be overwritten with padding the value of in
+     * should be the same as the last block of plain text. The reason
+     * for this is that some modes such as "trailing bit compliment"
+     * base the padding on the last byte of plain text.
+     * </p>
+     */
+    public int addPadding(byte[] in, int inOff);
+
+    /**
+     * return the number of pad bytes present in the block.
+     * @exception InvalidCipherTextException if the padding is badly formed
+     * or invalid.
+     */
+    public int padCount(byte[] in)
+        throws InvalidCipherTextException;
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/paddings/ISO10126d2Padding.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/paddings/ISO10126d2Padding.java
new file mode 100644
index 0000000..2820e57
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/paddings/ISO10126d2Padding.java

@@ -0,0 +1,82 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.paddings;
+
+import java.security.SecureRandom;
+
+import com.android.org.bouncycastle.crypto.CryptoServicesRegistrar;
+import com.android.org.bouncycastle.crypto.InvalidCipherTextException;
+
+/**
+ * A padder that adds ISO10126-2 padding to a block.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ISO10126d2Padding
+    implements BlockCipherPadding
+{
+    SecureRandom    random;
+
+    /**
+     * Initialise the padder.
+     *
+     * @param random a SecureRandom if available.
+     */
+    public void init(SecureRandom random)
+        throws IllegalArgumentException
+    {
+        if (random != null)
+        {
+            this.random = random;
+        }
+        else
+        {
+            this.random = CryptoServicesRegistrar.getSecureRandom();
+        }
+    }
+
+    /**
+     * Return the name of the algorithm the padder implements.
+     *
+     * @return the name of the algorithm the padder implements.
+     */
+    public String getPaddingName()
+    {
+        return "ISO10126-2";
+    }
+
+    /**
+     * add the pad bytes to the passed in block, returning the
+     * number of bytes added.
+     */
+    public int addPadding(
+        byte[]  in,
+        int     inOff)
+    {
+        byte code = (byte)(in.length - inOff);
+
+        while (inOff < (in.length - 1))
+        {
+            in[inOff] = (byte)random.nextInt();
+            inOff++;
+        }
+
+        in[inOff] = code;
+
+        return code;
+    }
+
+    /**
+     * return the number of pad bytes present in the block.
+     */
+    public int padCount(byte[] in)
+        throws InvalidCipherTextException
+    {
+        int count = in[in.length - 1] & 0xff;
+
+        if (count > in.length)
+        {
+            throw new InvalidCipherTextException("pad block corrupted");
+        }
+
+        return count;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/paddings/ISO7816d4Padding.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/paddings/ISO7816d4Padding.java
new file mode 100644
index 0000000..d2eb0e3
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/paddings/ISO7816d4Padding.java

@@ -0,0 +1,79 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.paddings;
+
+import java.security.SecureRandom;
+
+import com.android.org.bouncycastle.crypto.InvalidCipherTextException;
+
+/**
+ * A padder that adds the padding according to the scheme referenced in
+ * ISO 7814-4 - scheme 2 from ISO 9797-1. The first byte is 0x80, rest is 0x00
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ISO7816d4Padding
+    implements BlockCipherPadding
+{
+    /**
+     * Initialise the padder.
+     *
+     * @param random - a SecureRandom if available.
+     */
+    public void init(SecureRandom random)
+        throws IllegalArgumentException
+    {
+        // nothing to do.
+    }
+
+    /**
+     * Return the name of the algorithm the padder implements.
+     *
+     * @return the name of the algorithm the padder implements.
+     */
+    public String getPaddingName()
+    {
+        return "ISO7816-4";
+    }
+
+    /**
+     * add the pad bytes to the passed in block, returning the
+     * number of bytes added.
+     */
+    public int addPadding(
+        byte[]  in,
+        int     inOff)
+    {
+        int added = (in.length - inOff);
+
+        in [inOff]= (byte) 0x80;
+        inOff ++;
+        
+        while (inOff < in.length)
+        {
+            in[inOff] = (byte) 0;
+            inOff++;
+        }
+
+        return added;
+    }
+
+    /**
+     * return the number of pad bytes present in the block.
+     */
+    public int padCount(byte[] in)
+        throws InvalidCipherTextException
+    {
+        int count = in.length - 1;
+
+        while (count > 0 && in[count] == 0)
+        {
+            count--;
+        }
+
+        if (in[count] != (byte)0x80)
+        {
+            throw new InvalidCipherTextException("pad block corrupted");
+        }
+        
+        return in.length - count;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/paddings/PKCS7Padding.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/paddings/PKCS7Padding.java
new file mode 100644
index 0000000..f1712b6
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/paddings/PKCS7Padding.java

@@ -0,0 +1,79 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.paddings;
+
+import java.security.SecureRandom;
+
+import com.android.org.bouncycastle.crypto.InvalidCipherTextException;
+
+/**
+ * A padder that adds PKCS7/PKCS5 padding to a block.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PKCS7Padding
+    implements BlockCipherPadding
+{
+    /**
+     * Initialise the padder.
+     *
+     * @param random - a SecureRandom if available.
+     */
+    public void init(SecureRandom random)
+        throws IllegalArgumentException
+    {
+        // nothing to do.
+    }
+
+    /**
+     * Return the name of the algorithm the padder implements.
+     *
+     * @return the name of the algorithm the padder implements.
+     */
+    public String getPaddingName()
+    {
+        return "PKCS7";
+    }
+
+    /**
+     * add the pad bytes to the passed in block, returning the
+     * number of bytes added.
+     */
+    public int addPadding(
+        byte[]  in,
+        int     inOff)
+    {
+        byte code = (byte)(in.length - inOff);
+
+        while (inOff < in.length)
+        {
+            in[inOff] = code;
+            inOff++;
+        }
+
+        return code;
+    }
+
+    /**
+     * return the number of pad bytes present in the block.
+     */
+    public int padCount(byte[] in)
+        throws InvalidCipherTextException
+    {
+        int count = in[in.length - 1] & 0xff;
+        byte countAsbyte = (byte)count;
+
+        // constant time version
+        boolean failed = (count > in.length | count == 0);
+
+        for (int i = 0; i < in.length; i++)
+        {
+            failed |= (in.length - i <= count) & (in[i] != countAsbyte);
+        }
+
+        if (failed)
+        {
+            throw new InvalidCipherTextException("pad block corrupted");
+        }
+
+        return count;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/paddings/PaddedBufferedBlockCipher.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/paddings/PaddedBufferedBlockCipher.java
new file mode 100644
index 0000000..54e0b85
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/paddings/PaddedBufferedBlockCipher.java

@@ -0,0 +1,301 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.paddings;
+
+import com.android.org.bouncycastle.crypto.BlockCipher;
+import com.android.org.bouncycastle.crypto.BufferedBlockCipher;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.DataLengthException;
+import com.android.org.bouncycastle.crypto.InvalidCipherTextException;
+import com.android.org.bouncycastle.crypto.OutputLengthException;
+import com.android.org.bouncycastle.crypto.params.ParametersWithRandom;
+
+/**
+ * A wrapper class that allows block ciphers to be used to process data in
+ * a piecemeal fashion with padding. The PaddedBufferedBlockCipher
+ * outputs a block only when the buffer is full and more data is being added,
+ * or on a doFinal (unless the current block in the buffer is a pad block).
+ * The default padding mechanism used is the one outlined in PKCS5/PKCS7.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PaddedBufferedBlockCipher
+    extends BufferedBlockCipher
+{
+    BlockCipherPadding  padding;
+
+    /**
+     * Create a buffered block cipher with the desired padding.
+     *
+     * @param cipher the underlying block cipher this buffering object wraps.
+     * @param padding the padding type.
+     */
+    public PaddedBufferedBlockCipher(
+        BlockCipher         cipher,
+        BlockCipherPadding  padding)
+    {
+        this.cipher = cipher;
+        this.padding = padding;
+
+        buf = new byte[cipher.getBlockSize()];
+        bufOff = 0;
+    }
+
+    /**
+     * Create a buffered block cipher PKCS7 padding
+     *
+     * @param cipher the underlying block cipher this buffering object wraps.
+     */
+    public PaddedBufferedBlockCipher(
+        BlockCipher     cipher)
+    {
+        this(cipher, new PKCS7Padding());
+    }
+
+    /**
+     * initialise the cipher.
+     *
+     * @param forEncryption if true the cipher is initialised for
+     *  encryption, if false for decryption.
+     * @param params the key and other data required by the cipher.
+     * @exception IllegalArgumentException if the params argument is
+     * inappropriate.
+     */
+    public void init(
+        boolean             forEncryption,
+        CipherParameters    params)
+        throws IllegalArgumentException
+    {
+        this.forEncryption = forEncryption;
+
+        reset();
+
+        if (params instanceof ParametersWithRandom)
+        {
+            ParametersWithRandom    p = (ParametersWithRandom)params;
+
+            padding.init(p.getRandom());
+
+            cipher.init(forEncryption, p.getParameters());
+        }
+        else
+        {
+            padding.init(null);
+
+            cipher.init(forEncryption, params);
+        }
+    }
+
+    /**
+     * return the minimum size of the output buffer required for an update
+     * plus a doFinal with an input of len bytes.
+     *
+     * @param len the length of the input.
+     * @return the space required to accommodate a call to update and doFinal
+     * with len bytes of input.
+     */
+    public int getOutputSize(
+        int len)
+    {
+        int total       = len + bufOff;
+        int leftOver    = total % buf.length;
+
+        if (leftOver == 0)
+        {
+            if (forEncryption)
+            {
+                return total + buf.length;
+            }
+
+            return total;
+        }
+
+        return total - leftOver + buf.length;
+    }
+
+    /**
+     * return the size of the output buffer required for an update 
+     * an input of len bytes.
+     *
+     * @param len the length of the input.
+     * @return the space required to accommodate a call to update
+     * with len bytes of input.
+     */
+    public int getUpdateOutputSize(
+        int len)
+    {
+        int total       = len + bufOff;
+        int leftOver    = total % buf.length;
+
+        if (leftOver == 0)
+        {
+            return Math.max(0, total - buf.length);
+        }
+
+        return total - leftOver;
+    }
+
+    /**
+     * process a single byte, producing an output block if neccessary.
+     *
+     * @param in the input byte.
+     * @param out the space for any output that might be produced.
+     * @param outOff the offset from which the output will be copied.
+     * @return the number of output bytes copied to out.
+     * @exception DataLengthException if there isn't enough space in out.
+     * @exception IllegalStateException if the cipher isn't initialised.
+     */
+    public int processByte(
+        byte        in,
+        byte[]      out,
+        int         outOff)
+        throws DataLengthException, IllegalStateException
+    {
+        int         resultLen = 0;
+
+        if (bufOff == buf.length)
+        {
+            resultLen = cipher.processBlock(buf, 0, out, outOff);
+            bufOff = 0;
+        }
+
+        buf[bufOff++] = in;
+
+        return resultLen;
+    }
+
+    /**
+     * process an array of bytes, producing output if necessary.
+     *
+     * @param in the input byte array.
+     * @param inOff the offset at which the input data starts.
+     * @param len the number of bytes to be copied out of the input array.
+     * @param out the space for any output that might be produced.
+     * @param outOff the offset from which the output will be copied.
+     * @return the number of output bytes copied to out.
+     * @exception DataLengthException if there isn't enough space in out.
+     * @exception IllegalStateException if the cipher isn't initialised.
+     */
+    public int processBytes(
+        byte[]      in,
+        int         inOff,
+        int         len,
+        byte[]      out,
+        int         outOff)
+        throws DataLengthException, IllegalStateException
+    {
+        if (len < 0)
+        {
+            throw new IllegalArgumentException("Can't have a negative input length!");
+        }
+
+        int blockSize   = getBlockSize();
+        int length      = getUpdateOutputSize(len);
+        
+        if (length > 0)
+        {
+            if ((outOff + length) > out.length)
+            {
+                throw new OutputLengthException("output buffer too short");
+            }
+        }
+
+        int resultLen = 0;
+        int gapLen = buf.length - bufOff;
+
+        if (len > gapLen)
+        {
+            System.arraycopy(in, inOff, buf, bufOff, gapLen);
+
+            resultLen += cipher.processBlock(buf, 0, out, outOff);
+
+            bufOff = 0;
+            len -= gapLen;
+            inOff += gapLen;
+
+            while (len > buf.length)
+            {
+                resultLen += cipher.processBlock(in, inOff, out, outOff + resultLen);
+
+                len -= blockSize;
+                inOff += blockSize;
+            }
+        }
+
+        System.arraycopy(in, inOff, buf, bufOff, len);
+
+        bufOff += len;
+
+        return resultLen;
+    }
+
+    /**
+     * Process the last block in the buffer. If the buffer is currently
+     * full and padding needs to be added a call to doFinal will produce
+     * 2 * getBlockSize() bytes.
+     *
+     * @param out the array the block currently being held is copied into.
+     * @param outOff the offset at which the copying starts.
+     * @return the number of output bytes copied to out.
+     * @exception DataLengthException if there is insufficient space in out for
+     * the output or we are decrypting and the input is not block size aligned.
+     * @exception IllegalStateException if the underlying cipher is not
+     * initialised.
+     * @exception InvalidCipherTextException if padding is expected and not found.
+     */
+    public int doFinal(
+        byte[]  out,
+        int     outOff)
+        throws DataLengthException, IllegalStateException, InvalidCipherTextException
+    {
+        int blockSize = cipher.getBlockSize();
+        int resultLen = 0;
+
+        if (forEncryption)
+        {
+            if (bufOff == blockSize)
+            {
+                if ((outOff + 2 * blockSize) > out.length)
+                {
+                    reset();
+
+                    throw new OutputLengthException("output buffer too short");
+                }
+
+                resultLen = cipher.processBlock(buf, 0, out, outOff);
+                bufOff = 0;
+            }
+
+            padding.addPadding(buf, bufOff);
+
+            resultLen += cipher.processBlock(buf, 0, out, outOff + resultLen);
+
+            reset();
+        }
+        else
+        {
+            if (bufOff == blockSize)
+            {
+                resultLen = cipher.processBlock(buf, 0, buf, 0);
+                bufOff = 0;
+            }
+            else
+            {
+                reset();
+
+                throw new DataLengthException("last block incomplete in decryption");
+            }
+
+            try
+            {
+                resultLen -= padding.padCount(buf);
+
+                System.arraycopy(buf, 0, out, outOff, resultLen);
+            }
+            finally
+            {
+                reset();
+            }
+        }
+
+        return resultLen;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/paddings/TBCPadding.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/paddings/TBCPadding.java
new file mode 100644
index 0000000..333eef0
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/paddings/TBCPadding.java

@@ -0,0 +1,91 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.paddings;
+
+import java.security.SecureRandom;
+
+import com.android.org.bouncycastle.crypto.InvalidCipherTextException;
+
+/**
+ * A padder that adds Trailing-Bit-Compliment padding to a block.
+ * <p>
+ * This padding pads the block out with the compliment of the last bit
+ * of the plain text.
+ * </p>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class TBCPadding
+    implements BlockCipherPadding
+{
+    /**
+     * Initialise the padder.
+     *
+     * @param random - a SecureRandom if available.
+     */
+    public void init(SecureRandom random)
+        throws IllegalArgumentException
+    {
+        // nothing to do.
+    }
+
+    /**
+     * Return the name of the algorithm the padder implements.
+     *
+     * @return the name of the algorithm the padder implements.
+     */
+    public String getPaddingName()
+    {
+        return "TBC";
+    }
+
+    /**
+     * add the pad bytes to the passed in block, returning the
+     * number of bytes added.
+     * <p>
+     * Note: this assumes that the last block of plain text is always 
+     * passed to it inside in. i.e. if inOff is zero, indicating the
+     * entire block is to be overwritten with padding the value of in
+     * should be the same as the last block of plain text.
+     * </p>
+     */
+    public int addPadding(
+        byte[]  in,
+        int     inOff)
+    {
+        int     count = in.length - inOff;
+        byte    code;
+        
+        if (inOff > 0)
+        {
+            code = (byte)((in[inOff - 1] & 0x01) == 0 ? 0xff : 0x00);
+        }
+        else
+        {
+            code = (byte)((in[in.length - 1] & 0x01) == 0 ? 0xff : 0x00);
+        }
+            
+        while (inOff < in.length)
+        {
+            in[inOff] = code;
+            inOff++;
+        }
+
+        return count;
+    }
+
+    /**
+     * return the number of pad bytes present in the block.
+     */
+    public int padCount(byte[] in)
+        throws InvalidCipherTextException
+    {
+        byte code = in[in.length - 1];
+
+        int index = in.length - 1;
+        while (index > 0 && in[index - 1] == code)
+        {
+            index--;
+        }
+
+        return in.length - index;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/paddings/X923Padding.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/paddings/X923Padding.java
new file mode 100644
index 0000000..c93135f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/paddings/X923Padding.java

@@ -0,0 +1,82 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.paddings;
+
+import java.security.SecureRandom;
+
+import com.android.org.bouncycastle.crypto.InvalidCipherTextException;
+
+/**
+ * A padder that adds X9.23 padding to a block - if a SecureRandom is
+ * passed in random padding is assumed, otherwise padding with zeros is used.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class X923Padding
+    implements BlockCipherPadding
+{
+    SecureRandom    random = null;
+
+    /**
+     * Initialise the padder.
+     *
+     * @param random a SecureRandom if one is available.
+     */
+    public void init(SecureRandom random)
+        throws IllegalArgumentException
+    {
+        this.random = random;
+    }
+
+    /**
+     * Return the name of the algorithm the padder implements.
+     *
+     * @return the name of the algorithm the padder implements.
+     */
+    public String getPaddingName()
+    {
+        return "X9.23";
+    }
+
+    /**
+     * add the pad bytes to the passed in block, returning the
+     * number of bytes added.
+     */
+    public int addPadding(
+        byte[]  in,
+        int     inOff)
+    {
+        byte code = (byte)(in.length - inOff);
+
+        while (inOff < in.length - 1)
+        {
+            if (random == null)
+            {
+                in[inOff] = 0;
+            }
+            else
+            {
+                in[inOff] = (byte)random.nextInt();
+            }
+            inOff++;
+        }
+
+        in[inOff] = code;
+
+        return code;
+    }
+
+    /**
+     * return the number of pad bytes present in the block.
+     */
+    public int padCount(byte[] in)
+        throws InvalidCipherTextException
+    {
+        int count = in[in.length - 1] & 0xff;
+
+        if (count > in.length)
+        {
+            throw new InvalidCipherTextException("pad block corrupted");
+        }
+
+        return count;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/paddings/ZeroBytePadding.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/paddings/ZeroBytePadding.java
new file mode 100644
index 0000000..783b2a9
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/paddings/ZeroBytePadding.java

@@ -0,0 +1,75 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.paddings;
+
+import java.security.SecureRandom;
+
+import com.android.org.bouncycastle.crypto.InvalidCipherTextException;
+
+/**
+ * A padder that adds NULL byte padding to a block.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ZeroBytePadding
+    implements BlockCipherPadding
+{
+    /**
+     * Initialise the padder.
+     *
+     * @param random - a SecureRandom if available.
+     */
+    public void init(SecureRandom random)
+        throws IllegalArgumentException
+    {
+        // nothing to do.
+    }
+
+    /**
+     * Return the name of the algorithm the padder implements.
+     *
+     * @return the name of the algorithm the padder implements.
+     */
+    public String getPaddingName()
+    {
+        return "ZeroByte";
+    }
+
+    /**
+     * add the pad bytes to the passed in block, returning the
+     * number of bytes added.
+     */
+    public int addPadding(
+        byte[]  in,
+        int     inOff)
+    {
+        int added = (in.length - inOff);
+
+        while (inOff < in.length)
+        {
+            in[inOff] = (byte) 0;
+            inOff++;
+        }
+
+        return added;
+    }
+
+    /**
+     * return the number of pad bytes present in the block.
+     */
+    public int padCount(byte[] in)
+        throws InvalidCipherTextException
+    {
+        int count = in.length;
+
+        while (count > 0)
+        {
+            if (in[count - 1] != 0)
+            {
+                break;
+            }
+
+            count--;
+        }
+
+        return in.length - count;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/AEADParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/AEADParameters.java
new file mode 100644
index 0000000..ad2a9d8
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/AEADParameters.java

@@ -0,0 +1,65 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class AEADParameters
+    implements CipherParameters
+{
+    private byte[] associatedText;
+    private byte[] nonce;
+    private KeyParameter key;
+    private int macSize;
+
+    /**
+     * Base constructor.
+     *
+     * @param key key to be used by underlying cipher
+     * @param macSize macSize in bits
+     * @param nonce nonce to be used
+     */
+   public AEADParameters(KeyParameter key, int macSize, byte[] nonce)
+    {
+       this(key, macSize, nonce, null);
+    }
+
+    /**
+     * Base constructor.
+     *
+     * @param key key to be used by underlying cipher
+     * @param macSize macSize in bits
+     * @param nonce nonce to be used
+     * @param associatedText initial associated text, if any
+     */
+    public AEADParameters(KeyParameter key, int macSize, byte[] nonce, byte[] associatedText)
+    {
+        this.key = key;
+        this.nonce = Arrays.clone(nonce);
+        this.macSize = macSize;
+        this.associatedText = Arrays.clone(associatedText);
+    }
+
+    public KeyParameter getKey()
+    {
+        return key;
+    }
+
+    public int getMacSize()
+    {
+        return macSize;
+    }
+
+    public byte[] getAssociatedText()
+    {
+        return Arrays.clone(associatedText);
+    }
+
+    public byte[] getNonce()
+    {
+        return Arrays.clone(nonce);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/AsymmetricKeyParameter.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/AsymmetricKeyParameter.java
new file mode 100644
index 0000000..6b498ce
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/AsymmetricKeyParameter.java

@@ -0,0 +1,24 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+import com.android.org.bouncycastle.crypto.CipherParameters;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class AsymmetricKeyParameter
+    implements CipherParameters
+{
+    boolean privateKey;
+
+    public AsymmetricKeyParameter(
+        boolean privateKey)
+    {
+        this.privateKey = privateKey;
+    }
+
+    public boolean isPrivate()
+    {
+        return privateKey;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DESParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DESParameters.java
new file mode 100644
index 0000000..60f610c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DESParameters.java

@@ -0,0 +1,111 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DESParameters
+    extends KeyParameter
+{
+    public DESParameters(
+        byte[]  key)
+    {
+        super(key);
+
+        if (isWeakKey(key, 0))
+        {
+            throw new IllegalArgumentException("attempt to create weak DES key");
+        }
+    }
+
+    /*
+     * DES Key length in bytes.
+     */
+    static public final int DES_KEY_LENGTH = 8;
+
+    /*
+     * Table of weak and semi-weak keys taken from Schneier pp281
+     */
+    static private final int N_DES_WEAK_KEYS = 16;
+
+    static private byte[] DES_weak_keys =
+    {
+        /* weak keys */
+        (byte)0x01,(byte)0x01,(byte)0x01,(byte)0x01, (byte)0x01,(byte)0x01,(byte)0x01,(byte)0x01,
+        (byte)0x1f,(byte)0x1f,(byte)0x1f,(byte)0x1f, (byte)0x0e,(byte)0x0e,(byte)0x0e,(byte)0x0e,
+        (byte)0xe0,(byte)0xe0,(byte)0xe0,(byte)0xe0, (byte)0xf1,(byte)0xf1,(byte)0xf1,(byte)0xf1,
+        (byte)0xfe,(byte)0xfe,(byte)0xfe,(byte)0xfe, (byte)0xfe,(byte)0xfe,(byte)0xfe,(byte)0xfe,
+
+        /* semi-weak keys */
+        (byte)0x01,(byte)0xfe,(byte)0x01,(byte)0xfe, (byte)0x01,(byte)0xfe,(byte)0x01,(byte)0xfe,
+        (byte)0x1f,(byte)0xe0,(byte)0x1f,(byte)0xe0, (byte)0x0e,(byte)0xf1,(byte)0x0e,(byte)0xf1,
+        (byte)0x01,(byte)0xe0,(byte)0x01,(byte)0xe0, (byte)0x01,(byte)0xf1,(byte)0x01,(byte)0xf1,
+        (byte)0x1f,(byte)0xfe,(byte)0x1f,(byte)0xfe, (byte)0x0e,(byte)0xfe,(byte)0x0e,(byte)0xfe,
+        (byte)0x01,(byte)0x1f,(byte)0x01,(byte)0x1f, (byte)0x01,(byte)0x0e,(byte)0x01,(byte)0x0e,
+        (byte)0xe0,(byte)0xfe,(byte)0xe0,(byte)0xfe, (byte)0xf1,(byte)0xfe,(byte)0xf1,(byte)0xfe,
+        (byte)0xfe,(byte)0x01,(byte)0xfe,(byte)0x01, (byte)0xfe,(byte)0x01,(byte)0xfe,(byte)0x01,
+        (byte)0xe0,(byte)0x1f,(byte)0xe0,(byte)0x1f, (byte)0xf1,(byte)0x0e,(byte)0xf1,(byte)0x0e,
+        (byte)0xe0,(byte)0x01,(byte)0xe0,(byte)0x01, (byte)0xf1,(byte)0x01,(byte)0xf1,(byte)0x01,
+        (byte)0xfe,(byte)0x1f,(byte)0xfe,(byte)0x1f, (byte)0xfe,(byte)0x0e,(byte)0xfe,(byte)0x0e,
+        (byte)0x1f,(byte)0x01,(byte)0x1f,(byte)0x01, (byte)0x0e,(byte)0x01,(byte)0x0e,(byte)0x01,
+        (byte)0xfe,(byte)0xe0,(byte)0xfe,(byte)0xe0, (byte)0xfe,(byte)0xf1,(byte)0xfe,(byte)0xf1
+    };
+
+    /**
+     * DES has 16 weak keys.  This method will check
+     * if the given DES key material is weak or semi-weak.
+     * Key material that is too short is regarded as weak.
+     * <p>
+     * See <a href="http://www.counterpane.com/applied.html">"Applied
+     * Cryptography"</a> by Bruce Schneier for more information.
+     *
+     * @return true if the given DES key material is weak or semi-weak,
+     *     false otherwise.
+     */
+    public static boolean isWeakKey(
+        byte[] key,
+        int offset)
+    {
+        if (key.length - offset < DES_KEY_LENGTH)
+        {
+            throw new IllegalArgumentException("key material too short.");
+        }
+
+        nextkey: for (int i = 0; i < N_DES_WEAK_KEYS; i++)
+        {
+            for (int j = 0; j < DES_KEY_LENGTH; j++)
+            {
+                if (key[j + offset] != DES_weak_keys[i * DES_KEY_LENGTH + j])
+                {
+                    continue nextkey;
+                }
+            }
+
+            return true;
+        }
+        return false;
+    }
+
+    /**
+     * DES Keys use the LSB as the odd parity bit.  This can
+     * be used to check for corrupt keys.
+     *
+     * @param bytes the byte array to set the parity on.
+     */
+    public static void setOddParity(
+        byte[] bytes)
+    {
+        for (int i = 0; i < bytes.length; i++)
+        {
+            int b = bytes[i];
+            bytes[i] = (byte)((b & 0xfe) |
+                            ((((b >> 1) ^
+                            (b >> 2) ^
+                            (b >> 3) ^
+                            (b >> 4) ^
+                            (b >> 5) ^
+                            (b >> 6) ^
+                            (b >> 7)) ^ 0x01) & 0x01));
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DESedeParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DESedeParameters.java
new file mode 100644
index 0000000..cc52d6d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DESedeParameters.java

@@ -0,0 +1,110 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DESedeParameters
+    extends DESParameters
+{
+    /*
+     * DES-EDE Key length in bytes.
+     */
+    static public final int DES_EDE_KEY_LENGTH = 24;
+
+    public DESedeParameters(
+        byte[]  key)
+    {
+        super(key);
+
+        if (isWeakKey(key, 0, key.length))
+        {
+            throw new IllegalArgumentException("attempt to create weak DESede key");
+        }
+    }
+
+    /**
+     * return true if the passed in key is a DES-EDE weak key.
+     *
+     * @param key bytes making up the key
+     * @param offset offset into the byte array the key starts at
+     * @param length number of bytes making up the key
+     */
+    public static boolean isWeakKey(
+        byte[]  key,
+        int     offset,
+        int     length)
+    {
+        for (int i = offset; i < length; i += DES_KEY_LENGTH)
+        {
+            if (DESParameters.isWeakKey(key, i))
+            {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    /**
+     * return true if the passed in key is a DES-EDE weak key.
+     *
+     * @param key bytes making up the key
+     * @param offset offset into the byte array the key starts at
+     */
+    public static boolean isWeakKey(
+        byte[]  key,
+        int     offset)
+    {
+        return isWeakKey(key, offset, key.length - offset);
+    }
+
+    /**
+     * return true if the passed in key is a real 2/3 part DES-EDE key.
+     *
+     * @param key bytes making up the key
+     * @param offset offset into the byte array the key starts at
+     */
+    public static boolean isRealEDEKey(byte[] key, int offset)
+    {
+        return key.length == 16 ? isReal2Key(key, offset) : isReal3Key(key, offset);
+    }
+
+    /**
+     * return true if the passed in key is a real 2 part DES-EDE key.
+     *
+     * @param key bytes making up the key
+     * @param offset offset into the byte array the key starts at
+     */
+    public static boolean isReal2Key(byte[] key, int offset)
+    {
+        boolean isValid = false;
+        for (int i = offset; i != offset + 8; i++)
+        {
+            if (key[i] != key[i + 8])
+            {
+                isValid = true;
+            }
+        }
+
+        return isValid;
+    }
+
+    /**
+     * return true if the passed in key is a real 3 part DES-EDE key.
+     *
+     * @param key bytes making up the key
+     * @param offset offset into the byte array the key starts at
+     */
+    public static boolean isReal3Key(byte[] key, int offset)
+    {
+        boolean diff12 = false, diff13 = false, diff23 = false;
+        for (int i = offset; i != offset + 8; i++)
+        {
+            diff12 |= (key[i] != key[i + 8]);
+            diff13 |= (key[i] != key[i + 16]);
+            diff23 |= (key[i + 8] != key[i + 16]);
+        }
+        return diff12 && diff13 && diff23;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DHKeyGenerationParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DHKeyGenerationParameters.java
new file mode 100644
index 0000000..93019fb
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DHKeyGenerationParameters.java

@@ -0,0 +1,34 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+import java.security.SecureRandom;
+
+import com.android.org.bouncycastle.crypto.KeyGenerationParameters;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DHKeyGenerationParameters
+    extends KeyGenerationParameters
+{
+    private DHParameters    params;
+
+    public DHKeyGenerationParameters(
+        SecureRandom    random,
+        DHParameters    params)
+    {
+        super(random, getStrength(params));
+
+        this.params = params;
+    }
+
+    public DHParameters getParameters()
+    {
+        return params;
+    }
+
+    static int getStrength(DHParameters params)
+    {
+        return params.getL() != 0 ? params.getL() : params.getP().bitLength();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DHKeyParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DHKeyParameters.java
new file mode 100644
index 0000000..202f71e
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DHKeyParameters.java

@@ -0,0 +1,58 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DHKeyParameters
+    extends AsymmetricKeyParameter
+{
+    private DHParameters    params;
+
+    protected DHKeyParameters(
+        boolean         isPrivate,
+        DHParameters    params)
+    {
+        super(isPrivate);
+
+        this.params = params;
+    }   
+
+    public DHParameters getParameters()
+    {
+        return params;
+    }
+
+    public boolean equals(
+        Object  obj)
+    {
+        if (!(obj instanceof DHKeyParameters))
+        {
+            return false;
+        }
+
+        DHKeyParameters    dhKey = (DHKeyParameters)obj;
+
+        if (params == null)
+        {
+            return dhKey.getParameters() == null;
+        }
+        else
+        { 
+            return params.equals(dhKey.getParameters());
+        }
+    }
+    
+    public int hashCode()
+    {
+        int code = isPrivate() ? 0 : 1;
+        
+        if (params != null)
+        {
+            code ^= params.hashCode();
+        }
+        
+        return code;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DHParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DHParameters.java
new file mode 100644
index 0000000..749c6d8
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DHParameters.java

@@ -0,0 +1,197 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.crypto.CipherParameters;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DHParameters
+    implements CipherParameters
+{
+    private static final int DEFAULT_MINIMUM_LENGTH = 160;
+
+    // not final due to compiler bug in "simpler" JDKs
+    private BigInteger              g;
+    private BigInteger              p;
+    private BigInteger              q;
+    private BigInteger              j;
+    private int                     m;
+    private int                     l;
+    private DHValidationParameters  validation;
+
+    private static int getDefaultMParam(
+        int lParam)
+    {
+        if (lParam == 0)
+        {
+            return DEFAULT_MINIMUM_LENGTH;
+        }
+
+        return lParam < DEFAULT_MINIMUM_LENGTH ? lParam : DEFAULT_MINIMUM_LENGTH;
+    }
+
+    public DHParameters(
+        BigInteger  p,
+        BigInteger  g)
+    {
+        this(p, g, null, 0);
+    }
+
+    public DHParameters(
+        BigInteger  p,
+        BigInteger  g,
+        BigInteger  q)
+    {
+        this(p, g, q, 0);
+    }
+
+    public DHParameters(
+        BigInteger  p,
+        BigInteger  g,
+        BigInteger  q,
+        int         l)
+    {
+        this(p, g, q, getDefaultMParam(l), l, null, null);
+    }
+
+    public DHParameters(
+        BigInteger  p,
+        BigInteger  g,
+        BigInteger  q,
+        int         m,
+        int         l)
+    {
+        this(p, g, q, m, l, null, null);
+    }
+
+    public DHParameters(
+        BigInteger              p,
+        BigInteger              g,
+        BigInteger              q,
+        BigInteger              j,
+        DHValidationParameters  validation)
+    {
+        this(p, g, q, DEFAULT_MINIMUM_LENGTH, 0, j, validation);
+    }
+
+    public DHParameters(
+        BigInteger              p,
+        BigInteger              g,
+        BigInteger              q,
+        int                     m,
+        int                     l,
+        BigInteger              j,
+        DHValidationParameters  validation)
+    {
+        if (l != 0)
+        {
+            if (l > p.bitLength())
+            {
+                throw new IllegalArgumentException("when l value specified, it must satisfy 2^(l-1) <= p");
+            }
+            if (l < m)
+            {
+                throw new IllegalArgumentException("when l value specified, it may not be less than m value");
+            }
+        }
+
+        if (m > p.bitLength())
+        {
+            throw new IllegalArgumentException("unsafe p value so small specific l required");
+        }
+
+        this.g = g;
+        this.p = p;
+        this.q = q;
+        this.m = m;
+        this.l = l;
+        this.j = j;
+        this.validation = validation;
+    }
+
+    public BigInteger getP()
+    {
+        return p;
+    }
+
+    public BigInteger getG()
+    {
+        return g;
+    }
+
+    public BigInteger getQ()
+    {
+        return q;
+    }
+
+    /**
+     * Return the subgroup factor J.
+     *
+     * @return subgroup factor
+     */
+    public BigInteger getJ()
+    {
+        return j;
+    }
+
+    /**
+     * Return the minimum length of the private value.
+     *
+     * @return the minimum length of the private value in bits.
+     */
+    public int getM()
+    {
+        return m;
+    }
+
+    /**
+     * Return the private value length in bits - if set, zero otherwise
+     *
+     * @return the private value length in bits, zero otherwise.
+     */
+    public int getL()
+    {
+        return l;
+    }
+
+    public DHValidationParameters getValidationParameters()
+    {
+        return validation;
+    }
+
+    public boolean equals(
+        Object  obj)
+    {
+        if (!(obj instanceof DHParameters))
+        {
+            return false;
+        }
+
+        DHParameters    pm = (DHParameters)obj;
+
+        if (this.getQ() != null)
+        {
+            if (!this.getQ().equals(pm.getQ()))
+            {
+                return false;
+            }
+        }
+        else
+        {
+            if (pm.getQ() != null)
+            {
+                return false;
+            }
+        }
+
+        return pm.getP().equals(p) && pm.getG().equals(g);
+    }
+    
+    public int hashCode()
+    {
+        return getP().hashCode() ^ getG().hashCode() ^ (getQ() != null ? getQ().hashCode() : 0);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DHPrivateKeyParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DHPrivateKeyParameters.java
new file mode 100644
index 0000000..deac14a
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DHPrivateKeyParameters.java

@@ -0,0 +1,45 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+import java.math.BigInteger;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DHPrivateKeyParameters
+    extends DHKeyParameters
+{
+    private BigInteger      x;
+
+    public DHPrivateKeyParameters(
+        BigInteger      x,
+        DHParameters    params)
+    {
+        super(true, params);
+
+        this.x = x;
+    }   
+
+    public BigInteger getX()
+    {
+        return x;
+    }
+
+    public int hashCode()
+    {
+        return x.hashCode() ^ super.hashCode();
+    }
+    
+    public boolean equals(
+        Object  obj)
+    {
+        if (!(obj instanceof DHPrivateKeyParameters))
+        {
+            return false;
+        }
+
+        DHPrivateKeyParameters  other = (DHPrivateKeyParameters)obj;
+
+        return other.getX().equals(this.x) && super.equals(obj);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DHPublicKeyParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DHPublicKeyParameters.java
new file mode 100644
index 0000000..8837876
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DHPublicKeyParameters.java

@@ -0,0 +1,76 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+import java.math.BigInteger;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DHPublicKeyParameters
+    extends DHKeyParameters
+{
+    private static final BigInteger ONE = BigInteger.valueOf(1);
+    private static final BigInteger TWO = BigInteger.valueOf(2);
+
+    private BigInteger      y;
+
+    public DHPublicKeyParameters(
+        BigInteger      y,
+        DHParameters    params)
+    {
+        super(false, params);
+
+        this.y = validate(y, params);
+    }   
+
+    private BigInteger validate(BigInteger y, DHParameters dhParams)
+    {
+        if (y == null)
+        {
+            throw new NullPointerException("y value cannot be null");
+        }
+
+        // TLS check
+        if (y.compareTo(TWO) < 0 || y.compareTo(dhParams.getP().subtract(TWO)) > 0)
+        {
+            throw new IllegalArgumentException("invalid DH public key");
+        }
+
+        if (dhParams.getQ() != null)
+        {
+            if (ONE.equals(y.modPow(dhParams.getQ(), dhParams.getP())))
+            {
+                return y;
+            }
+
+            throw new IllegalArgumentException("Y value does not appear to be in correct group");
+        }
+        else
+        {
+            return y;         // we can't validate without Q.
+        }
+    }
+
+    public BigInteger getY()
+    {
+        return y;
+    }
+
+    public int hashCode()
+    {
+        return y.hashCode() ^ super.hashCode();
+    }
+
+    public boolean equals(
+        Object  obj)
+    {
+        if (!(obj instanceof DHPublicKeyParameters))
+        {
+            return false;
+        }
+
+        DHPublicKeyParameters   other = (DHPublicKeyParameters)obj;
+
+        return other.getY().equals(y) && super.equals(obj);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DHValidationParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DHValidationParameters.java
new file mode 100644
index 0000000..3198e52
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DHValidationParameters.java

@@ -0,0 +1,54 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DHValidationParameters
+{
+    private byte[]  seed;
+    private int     counter;
+
+    public DHValidationParameters(
+        byte[]  seed,
+        int     counter)
+    {
+        this.seed = Arrays.clone(seed);
+        this.counter = counter;
+    }
+
+    public int getCounter()
+    {
+        return counter;
+    }
+
+    public byte[] getSeed()
+    {
+        return Arrays.clone(seed);
+    }
+
+    public boolean equals(
+        Object o)
+    {
+        if (!(o instanceof DHValidationParameters))
+        {
+            return false;
+        }
+
+        DHValidationParameters  other = (DHValidationParameters)o;
+
+        if (other.counter != this.counter)
+        {
+            return false;
+        }
+
+        return Arrays.areEqual(this.seed, other.seed);
+    }
+
+    public int hashCode()
+    {
+        return counter ^ Arrays.hashCode(seed);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DSAKeyGenerationParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DSAKeyGenerationParameters.java
new file mode 100644
index 0000000..e2b9d29
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DSAKeyGenerationParameters.java

@@ -0,0 +1,29 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+import java.security.SecureRandom;
+
+import com.android.org.bouncycastle.crypto.KeyGenerationParameters;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DSAKeyGenerationParameters
+    extends KeyGenerationParameters
+{
+    private DSAParameters    params;
+
+    public DSAKeyGenerationParameters(
+        SecureRandom    random,
+        DSAParameters   params)
+    {
+        super(random, params.getP().bitLength() - 1);
+
+        this.params = params;
+    }
+
+    public DSAParameters getParameters()
+    {
+        return params;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DSAKeyParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DSAKeyParameters.java
new file mode 100644
index 0000000..de2eb03
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DSAKeyParameters.java

@@ -0,0 +1,25 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DSAKeyParameters
+    extends AsymmetricKeyParameter
+{
+    private DSAParameters    params;
+
+    public DSAKeyParameters(
+        boolean         isPrivate,
+        DSAParameters   params)
+    {
+        super(isPrivate);
+
+        this.params = params;
+    }   
+
+    public DSAParameters getParameters()
+    {
+        return params;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DSAParameterGenerationParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DSAParameterGenerationParameters.java
new file mode 100644
index 0000000..8f3b5f5
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DSAParameterGenerationParameters.java

@@ -0,0 +1,84 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+import java.security.SecureRandom;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DSAParameterGenerationParameters
+{
+    public static final int DIGITAL_SIGNATURE_USAGE = 1;
+    public static final int KEY_ESTABLISHMENT_USAGE = 2;
+
+    private final int l;
+    private final int n;
+    private final int usageIndex;
+    private final int certainty;
+    private final SecureRandom random;
+
+    /**
+     * Construct without a usage index, this will do a random construction of G.
+     *
+     * @param L desired length of prime P in bits (the effective key size).
+     * @param N desired length of prime Q in bits.
+     * @param certainty certainty level for prime number generation.
+     * @param random the source of randomness to use.
+     */
+    public DSAParameterGenerationParameters(
+        int L,
+        int N,
+        int certainty,
+        SecureRandom random)
+    {
+        this(L, N, certainty, random, -1);
+    }
+
+    /**
+     * Construct for a specific usage index - this has the effect of using verifiable canonical generation of G.
+     *
+     * @param L desired length of prime P in bits (the effective key size).
+     * @param N desired length of prime Q in bits.
+     * @param certainty certainty level for prime number generation.
+     * @param random the source of randomness to use.
+     * @param usageIndex a valid usage index.
+     */
+    public DSAParameterGenerationParameters(
+        int L,
+        int N,
+        int certainty,
+        SecureRandom random,
+        int usageIndex)
+    {
+        this.l = L;
+        this.n = N;
+        this.certainty = certainty;
+        this.usageIndex = usageIndex;
+        this.random = random;
+    }
+
+    public int getL()
+    {
+        return l;
+    }
+
+    public int getN()
+    {
+        return n;
+    }
+
+    public int getCertainty()
+    {
+        return certainty;
+    }
+
+    public SecureRandom getRandom()
+    {
+        return random;
+    }
+
+    public int getUsageIndex()
+    {
+        return usageIndex;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DSAParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DSAParameters.java
new file mode 100644
index 0000000..0752009
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DSAParameters.java

@@ -0,0 +1,78 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.crypto.CipherParameters;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DSAParameters
+    implements CipherParameters
+{
+    private BigInteger              g;
+    private BigInteger              q;
+    private BigInteger              p;
+    private DSAValidationParameters validation;
+
+    public DSAParameters(
+        BigInteger  p,
+        BigInteger  q,
+        BigInteger  g)
+    {
+        this.g = g;
+        this.p = p;
+        this.q = q;
+    }   
+
+    public DSAParameters(
+        BigInteger              p,
+        BigInteger              q,
+        BigInteger              g,
+        DSAValidationParameters params)
+    {
+        this.g = g;
+        this.p = p;
+        this.q = q;
+        this.validation = params;
+    }   
+
+    public BigInteger getP()
+    {
+        return p;
+    }
+
+    public BigInteger getQ()
+    {
+        return q;
+    }
+
+    public BigInteger getG()
+    {
+        return g;
+    }
+
+    public DSAValidationParameters getValidationParameters()
+    {
+        return validation;
+    }
+
+    public boolean equals(
+        Object  obj)
+    {
+        if (!(obj instanceof DSAParameters))
+        {
+            return false;
+        }
+
+        DSAParameters    pm = (DSAParameters)obj;
+
+        return (pm.getP().equals(p) && pm.getQ().equals(q) && pm.getG().equals(g));
+    }
+    
+    public int hashCode()
+    {
+        return getP().hashCode() ^ getQ().hashCode() ^ getG().hashCode();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DSAPrivateKeyParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DSAPrivateKeyParameters.java
new file mode 100644
index 0000000..351fb0a
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DSAPrivateKeyParameters.java

@@ -0,0 +1,27 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+import java.math.BigInteger;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DSAPrivateKeyParameters
+    extends DSAKeyParameters
+{
+    private BigInteger      x;
+
+    public DSAPrivateKeyParameters(
+        BigInteger      x,
+        DSAParameters   params)
+    {
+        super(true, params);
+
+        this.x = x;
+    }   
+
+    public BigInteger getX()
+    {
+        return x;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DSAPublicKeyParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DSAPublicKeyParameters.java
new file mode 100644
index 0000000..128e667
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DSAPublicKeyParameters.java

@@ -0,0 +1,48 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+import java.math.BigInteger;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DSAPublicKeyParameters
+    extends DSAKeyParameters
+{
+    private static final BigInteger ONE = BigInteger.valueOf(1);
+    private static final BigInteger TWO = BigInteger.valueOf(2);
+
+    private BigInteger      y;
+
+    public DSAPublicKeyParameters(
+        BigInteger      y,
+        DSAParameters   params)
+    {
+        super(false, params);
+
+        this.y = validate(y, params);
+    }   
+
+    private BigInteger validate(BigInteger y, DSAParameters params)
+    {
+        if (params != null)
+        {
+            if (TWO.compareTo(y) <= 0 && params.getP().subtract(TWO).compareTo(y) >= 0
+                && ONE.equals(y.modPow(params.getQ(), params.getP())))
+            {
+                return y;
+            }
+
+            throw new IllegalArgumentException("y value does not appear to be in correct group");
+        }
+        else
+        {
+            return y;         // we can't validate without params, fortunately we can't use the key either...
+        }
+    }
+
+    public BigInteger getY()
+    {
+        return y;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DSAValidationParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DSAValidationParameters.java
new file mode 100644
index 0000000..56344e5
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/DSAValidationParameters.java

@@ -0,0 +1,69 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DSAValidationParameters
+{
+    private int usageIndex;
+    private byte[]  seed;
+    private int     counter;
+
+    public DSAValidationParameters(
+        byte[]  seed,
+        int     counter)
+    {
+        this(seed, counter, -1);
+    }
+
+    public DSAValidationParameters(
+        byte[]  seed,
+        int     counter,
+        int     usageIndex)
+    {
+        this.seed = Arrays.clone(seed);
+        this.counter = counter;
+        this.usageIndex = usageIndex;
+    }
+
+    public int getCounter()
+    {
+        return counter;
+    }
+
+    public byte[] getSeed()
+    {
+        return Arrays.clone(seed);
+    }
+
+    public int getUsageIndex()
+    {
+        return usageIndex;
+    }
+
+    public int hashCode()
+    {
+        return counter ^ Arrays.hashCode(seed);
+    }
+    
+    public boolean equals(
+        Object o)
+    {
+        if (!(o instanceof DSAValidationParameters))
+        {
+            return false;
+        }
+
+        DSAValidationParameters  other = (DSAValidationParameters)o;
+
+        if (other.counter != this.counter)
+        {
+            return false;
+        }
+
+        return Arrays.areEqual(this.seed, other.seed);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/ECDomainParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/ECDomainParameters.java
new file mode 100644
index 0000000..a3c5498
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/ECDomainParameters.java

@@ -0,0 +1,151 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.ec.ECAlgorithms;
+import com.android.org.bouncycastle.math.ec.ECConstants;
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.ECPoint;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ECDomainParameters
+    implements ECConstants
+{
+    private ECCurve     curve;
+    private byte[]      seed;
+    private ECPoint     G;
+    private BigInteger  n;
+    private BigInteger  h;
+    private BigInteger  hInv = null;
+
+    public ECDomainParameters(
+        ECCurve     curve,
+        ECPoint     G,
+        BigInteger  n)
+    {
+        this(curve, G, n, ONE, null);
+    }
+
+    public ECDomainParameters(
+        ECCurve     curve,
+        ECPoint     G,
+        BigInteger  n,
+        BigInteger  h)
+    {
+        this(curve, G, n, h, null);
+    }
+
+    public ECDomainParameters(
+        ECCurve     curve,
+        ECPoint     G,
+        BigInteger  n,
+        BigInteger  h,
+        byte[]      seed)
+    {
+        if (curve == null)
+        {
+            throw new NullPointerException("curve");
+        }
+        if (n == null)
+        {
+            throw new NullPointerException("n");
+        }
+        // we can't check for h == null here as h is optional in X9.62 as it is not required for ECDSA
+
+        this.curve = curve;
+        this.G = validate(curve, G);
+        this.n = n;
+        this.h = h;
+        this.seed = Arrays.clone(seed);
+    }
+
+    public ECCurve getCurve()
+    {
+        return curve;
+    }
+
+    public ECPoint getG()
+    {
+        return G;
+    }
+
+    public BigInteger getN()
+    {
+        return n;
+    }
+
+    public BigInteger getH()
+    {
+        return h;
+    }
+
+    public synchronized BigInteger getHInv()
+    {
+        if (hInv == null)
+        {
+            hInv = h.modInverse(n);
+        }
+        return hInv;
+    }
+
+    public byte[] getSeed()
+    {
+        return Arrays.clone(seed);
+    }
+
+    public boolean equals(
+        Object  obj)
+    {
+        if (this == obj)
+        {
+            return true;
+        }
+
+        if ((obj instanceof ECDomainParameters))
+        {
+            ECDomainParameters other = (ECDomainParameters)obj;
+
+            return this.curve.equals(other.curve) && this.G.equals(other.G) && this.n.equals(other.n) && this.h.equals(other.h);
+        }
+
+        return false;
+    }
+
+    public int hashCode()
+    {
+        int hc = curve.hashCode();
+        hc *= 37;
+        hc ^= G.hashCode();
+        hc *= 37;
+        hc ^= n.hashCode();
+        hc *= 37;
+        hc ^= h.hashCode();
+        return hc;
+    }
+
+    static ECPoint validate(ECCurve c, ECPoint q)
+    {
+        if (q == null)
+        {
+            throw new IllegalArgumentException("Point has null value");
+        }
+
+        q = ECAlgorithms.importPoint(c, q).normalize();
+
+        if (q.isInfinity())
+        {
+            throw new IllegalArgumentException("Point at infinity");
+        }
+
+        if (!q.isValid())
+        {
+            throw new IllegalArgumentException("Point not on curve");
+        }
+
+        return q;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/ECKeyGenerationParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/ECKeyGenerationParameters.java
new file mode 100644
index 0000000..0fdbb79
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/ECKeyGenerationParameters.java

@@ -0,0 +1,29 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+import java.security.SecureRandom;
+
+import com.android.org.bouncycastle.crypto.KeyGenerationParameters;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ECKeyGenerationParameters
+    extends KeyGenerationParameters
+{
+    private ECDomainParameters  domainParams;
+
+    public ECKeyGenerationParameters(
+        ECDomainParameters      domainParams,
+        SecureRandom            random)
+    {
+        super(random, domainParams.getN().bitLength());
+
+        this.domainParams = domainParams;
+    }
+
+    public ECDomainParameters getDomainParameters()
+    {
+        return domainParams;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/ECKeyParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/ECKeyParameters.java
new file mode 100644
index 0000000..4bdf6fa
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/ECKeyParameters.java

@@ -0,0 +1,25 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ECKeyParameters
+    extends AsymmetricKeyParameter
+{
+    ECDomainParameters params;
+
+    protected ECKeyParameters(
+        boolean             isPrivate,
+        ECDomainParameters  params)
+    {
+        super(isPrivate);
+
+        this.params = params;
+    }
+
+    public ECDomainParameters getParameters()
+    {
+        return params;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/ECNamedDomainParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/ECNamedDomainParameters.java
new file mode 100644
index 0000000..c252c67
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/ECNamedDomainParameters.java

@@ -0,0 +1,46 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.math.ec.ECConstants;
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.ECPoint;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ECNamedDomainParameters
+    extends ECDomainParameters
+{
+    private ASN1ObjectIdentifier name;
+
+    public ECNamedDomainParameters(ASN1ObjectIdentifier name, ECCurve curve, ECPoint G, BigInteger n)
+    {
+        this(name, curve, G, n, ECConstants.ONE, null);
+    }
+
+    public ECNamedDomainParameters(ASN1ObjectIdentifier name, ECCurve curve, ECPoint G, BigInteger n, BigInteger h)
+    {
+        this(name, curve, G, n, h, null);
+    }
+
+    public ECNamedDomainParameters(ASN1ObjectIdentifier name, ECCurve curve, ECPoint G, BigInteger n, BigInteger h, byte[] seed)
+    {
+        super(curve, G, n, h, seed);
+
+        this.name = name;
+    }
+
+    public ECNamedDomainParameters(ASN1ObjectIdentifier name, ECDomainParameters domainParameters)
+    {
+        super(domainParameters.getCurve(), domainParameters.getG(), domainParameters.getN(), domainParameters.getH(), domainParameters.getSeed());
+        this.name = name;
+    }
+
+    public ASN1ObjectIdentifier getName()
+    {
+        return name;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/ECPrivateKeyParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/ECPrivateKeyParameters.java
new file mode 100644
index 0000000..7a658c5
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/ECPrivateKeyParameters.java

@@ -0,0 +1,26 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+import java.math.BigInteger;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ECPrivateKeyParameters
+    extends ECKeyParameters
+{
+    BigInteger d;
+
+    public ECPrivateKeyParameters(
+        BigInteger          d,
+        ECDomainParameters  params)
+    {
+        super(true, params);
+        this.d = d;
+    }
+
+    public BigInteger getD()
+    {
+        return d;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/ECPublicKeyParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/ECPublicKeyParameters.java
new file mode 100644
index 0000000..8378f6d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/ECPublicKeyParameters.java

@@ -0,0 +1,27 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+import com.android.org.bouncycastle.math.ec.ECPoint;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ECPublicKeyParameters
+    extends ECKeyParameters
+{
+    private final ECPoint Q;
+
+    public ECPublicKeyParameters(
+        ECPoint             Q,
+        ECDomainParameters  params)
+    {
+        super(false, params);
+
+        this.Q = ECDomainParameters.validate(params.getCurve(), Q);
+    }
+
+    public ECPoint getQ()
+    {
+        return Q;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/KDFParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/KDFParameters.java
new file mode 100644
index 0000000..34f55f0
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/KDFParameters.java

@@ -0,0 +1,33 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+import com.android.org.bouncycastle.crypto.DerivationParameters;
+
+/**
+ * parameters for Key derivation functions for IEEE P1363a
+ * @hide This class is not part of the Android public SDK API
+ */
+public class KDFParameters
+    implements DerivationParameters
+{
+    byte[]  iv;
+    byte[]  shared;
+
+    public KDFParameters(
+        byte[]  shared,
+        byte[]  iv)
+    {
+        this.shared = shared;
+        this.iv = iv;
+    }
+
+    public byte[] getSharedSecret()
+    {
+        return shared;
+    }
+
+    public byte[] getIV()
+    {
+        return iv;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/KeyParameter.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/KeyParameter.java
new file mode 100644
index 0000000..ad8fa0c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/KeyParameter.java

@@ -0,0 +1,34 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+import com.android.org.bouncycastle.crypto.CipherParameters;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class KeyParameter
+    implements CipherParameters
+{
+    private byte[]  key;
+
+    public KeyParameter(
+        byte[]  key)
+    {
+        this(key, 0, key.length);
+    }
+
+    public KeyParameter(
+        byte[]  key,
+        int     keyOff,
+        int     keyLen)
+    {
+        this.key = new byte[keyLen];
+
+        System.arraycopy(key, keyOff, this.key, 0, keyLen);
+    }
+
+    public byte[] getKey()
+    {
+        return key;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/ParametersWithID.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/ParametersWithID.java
new file mode 100644
index 0000000..fa6e244
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/ParametersWithID.java

@@ -0,0 +1,32 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+import com.android.org.bouncycastle.crypto.CipherParameters;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ParametersWithID
+    implements CipherParameters
+{
+    private CipherParameters  parameters;
+    private byte[] id;
+
+    public ParametersWithID(
+        CipherParameters parameters,
+        byte[] id)
+    {
+        this.parameters = parameters;
+        this.id = id;
+    }
+
+    public byte[] getID()
+    {
+        return id;
+    }
+
+    public CipherParameters getParameters()
+    {
+        return parameters;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/ParametersWithIV.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/ParametersWithIV.java
new file mode 100644
index 0000000..7e51634
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/ParametersWithIV.java

@@ -0,0 +1,43 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+import com.android.org.bouncycastle.crypto.CipherParameters;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ParametersWithIV
+    implements CipherParameters
+{
+    private byte[]              iv;
+    private CipherParameters    parameters;
+
+    public ParametersWithIV(
+        CipherParameters    parameters,
+        byte[]              iv)
+    {
+        this(parameters, iv, 0, iv.length);
+    }
+
+    public ParametersWithIV(
+        CipherParameters    parameters,
+        byte[]              iv,
+        int                 ivOff,
+        int                 ivLen)
+    {
+        this.iv = new byte[ivLen];
+        this.parameters = parameters;
+
+        System.arraycopy(iv, ivOff, this.iv, 0, ivLen);
+    }
+
+    public byte[] getIV()
+    {
+        return iv;
+    }
+
+    public CipherParameters getParameters()
+    {
+        return parameters;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/ParametersWithRandom.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/ParametersWithRandom.java
new file mode 100644
index 0000000..8e83e6f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/ParametersWithRandom.java

@@ -0,0 +1,41 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+import java.security.SecureRandom;
+
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.CryptoServicesRegistrar;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ParametersWithRandom
+    implements CipherParameters
+{
+    private SecureRandom        random;
+    private CipherParameters    parameters;
+
+    public ParametersWithRandom(
+        CipherParameters    parameters,
+        SecureRandom        random)
+    {
+        this.random = random;
+        this.parameters = parameters;
+    }
+
+    public ParametersWithRandom(
+        CipherParameters    parameters)
+    {
+        this(parameters, CryptoServicesRegistrar.getSecureRandom());
+    }
+
+    public SecureRandom getRandom()
+    {
+        return random;
+    }
+
+    public CipherParameters getParameters()
+    {
+        return parameters;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/RC2Parameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/RC2Parameters.java
new file mode 100644
index 0000000..8206414
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/RC2Parameters.java

@@ -0,0 +1,30 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class RC2Parameters
+    extends KeyParameter
+{
+    private int     bits;
+
+    public RC2Parameters(
+        byte[]  key)
+    {
+        this(key, (key.length > 128) ? 1024 : (key.length * 8));
+    }
+
+    public RC2Parameters(
+        byte[]  key,
+        int     bits)
+    {
+        super(key);
+        this.bits = bits;
+    }
+
+    public int getEffectiveKeyBits()
+    {
+        return bits;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/RSAKeyGenerationParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/RSAKeyGenerationParameters.java
new file mode 100644
index 0000000..9dba8c4
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/RSAKeyGenerationParameters.java

@@ -0,0 +1,52 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+import java.math.BigInteger;
+import java.security.SecureRandom;
+
+import com.android.org.bouncycastle.crypto.KeyGenerationParameters;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class RSAKeyGenerationParameters
+    extends KeyGenerationParameters
+{
+    private BigInteger publicExponent;
+    private int certainty;
+
+    public RSAKeyGenerationParameters(
+        BigInteger      publicExponent,
+        SecureRandom    random,
+        int             strength,
+        int             certainty)
+    {
+        super(random, strength);
+
+        if (strength < 12)
+        {
+            throw new IllegalArgumentException("key strength too small");
+        }
+
+        //
+        // public exponent cannot be even
+        //
+        if (!publicExponent.testBit(0)) 
+        {
+                throw new IllegalArgumentException("public exponent cannot be even");
+        }
+        
+        this.publicExponent = publicExponent;
+        this.certainty = certainty;
+    }
+
+    public BigInteger getPublicExponent()
+    {
+        return publicExponent;
+    }
+
+    public int getCertainty()
+    {
+        return certainty;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/RSAKeyParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/RSAKeyParameters.java
new file mode 100644
index 0000000..a8832ba
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/RSAKeyParameters.java

@@ -0,0 +1,67 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+import java.math.BigInteger;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class RSAKeyParameters
+    extends AsymmetricKeyParameter
+{
+    private static final BigInteger ONE = BigInteger.valueOf(1);
+
+    private BigInteger      modulus;
+    private BigInteger      exponent;
+
+    public RSAKeyParameters(
+        boolean     isPrivate,
+        BigInteger  modulus,
+        BigInteger  exponent)
+    {
+        super(isPrivate);
+
+        if (!isPrivate)
+        {
+            if ((exponent.intValue() & 1) == 0)
+            {
+                throw new IllegalArgumentException("RSA publicExponent is even");
+            }
+        }
+
+        this.modulus = validate(modulus);
+        this.exponent = exponent;
+    }   
+
+    private BigInteger validate(BigInteger modulus)
+    {
+        if ((modulus.intValue() & 1) == 0)
+        {
+            throw new IllegalArgumentException("RSA modulus is even");
+        }
+
+        // the value is the product of the 132 smallest primes from 3 to 751
+        if (!modulus.gcd(new BigInteger("145188775577763990151158743208307020242261438098488931355057091965" +
+            "931517706595657435907891265414916764399268423699130577757433083166" +
+            "651158914570105971074227669275788291575622090199821297575654322355" +
+            "049043101306108213104080801056529374892690144291505781966373045481" +
+            "8359472391642885328171302299245556663073719855")).equals(ONE))
+        {
+            throw new IllegalArgumentException("RSA modulus has a small prime factor");
+        }
+
+        // TODO: add additional primePower/Composite test - expensive!!
+
+        return modulus;
+    }
+
+    public BigInteger getModulus()
+    {
+        return modulus;
+    }
+
+    public BigInteger getExponent()
+    {
+        return exponent;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/RSAPrivateCrtKeyParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/RSAPrivateCrtKeyParameters.java
new file mode 100644
index 0000000..81ecfa6
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/params/RSAPrivateCrtKeyParameters.java

@@ -0,0 +1,71 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.params;
+
+import java.math.BigInteger;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class RSAPrivateCrtKeyParameters
+    extends RSAKeyParameters
+{
+    private BigInteger  e;
+    private BigInteger  p;
+    private BigInteger  q;
+    private BigInteger  dP;
+    private BigInteger  dQ;
+    private BigInteger  qInv;
+
+    /**
+     * 
+     */
+    public RSAPrivateCrtKeyParameters(
+        BigInteger  modulus,
+        BigInteger  publicExponent,
+        BigInteger  privateExponent,
+        BigInteger  p,
+        BigInteger  q,
+        BigInteger  dP,
+        BigInteger  dQ,
+        BigInteger  qInv)
+    {
+        super(true, modulus, privateExponent);
+
+        this.e = publicExponent;
+        this.p = p;
+        this.q = q;
+        this.dP = dP;
+        this.dQ = dQ;
+        this.qInv = qInv;
+    }
+
+    public BigInteger getPublicExponent()
+    {
+        return e;
+    }
+
+    public BigInteger getP()
+    {
+        return p;
+    }
+
+    public BigInteger getQ()
+    {
+        return q;
+    }
+
+    public BigInteger getDP()
+    {
+        return dP;
+    }
+
+    public BigInteger getDQ()
+    {
+        return dQ;
+    }
+
+    public BigInteger getQInv()
+    {
+        return qInv;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/signers/DSAEncoding.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/signers/DSAEncoding.java
new file mode 100644
index 0000000..1a2e0c3
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/signers/DSAEncoding.java

@@ -0,0 +1,33 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.signers;
+
+import java.io.IOException;
+import java.math.BigInteger;
+
+/**
+ * An interface for different encoding formats for DSA signatures.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface DSAEncoding
+{
+    /**
+     * Decode the (r, s) pair of a DSA signature.
+     * 
+     * @param n the order of the group that r, s belong to.
+     * @param encoding an encoding of the (r, s) pair of a DSA signature.
+     * @return the (r, s) of a DSA signature, stored in an array of exactly two elements, r followed by s.
+     * @throws IOException
+     */
+    BigInteger[] decode(BigInteger n, byte[] encoding) throws IOException;
+
+    /**
+     * Encode the (r, s) pair of a DSA signature.
+     * 
+     * @param n the order of the group that r, s belong to.
+     * @param r the r value of a DSA signature.
+     * @param s the s value of a DSA signature.
+     * @return an encoding of the DSA signature given by the provided (r, s) pair.
+     * @throws IOException
+     */
+    byte[] encode(BigInteger n, BigInteger r, BigInteger s) throws IOException;
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/signers/DSAKCalculator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/signers/DSAKCalculator.java
new file mode 100644
index 0000000..e629d6c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/signers/DSAKCalculator.java

@@ -0,0 +1,43 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.signers;
+
+import java.math.BigInteger;
+import java.security.SecureRandom;
+
+/**
+ * Interface define calculators of K values for DSA/ECDSA.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface DSAKCalculator
+{
+    /**
+     * Return true if this calculator is deterministic, false otherwise.
+     *
+     * @return true if deterministic, otherwise false.
+     */
+    boolean isDeterministic();
+
+    /**
+     * Non-deterministic initialiser.
+     *
+     * @param n the order of the DSA group.
+     * @param random a source of randomness.
+     */
+    void init(BigInteger n, SecureRandom random);
+
+    /**
+     * Deterministic initialiser.
+     *
+     * @param n the order of the DSA group.
+     * @param d the DSA private value.
+     * @param message the message being signed.
+     */
+    void init(BigInteger n, BigInteger d, byte[] message);
+
+    /**
+     * Return the next valid value of K.
+     *
+     * @return a K value.
+     */
+    BigInteger nextK();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/signers/DSASigner.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/signers/DSASigner.java
new file mode 100644
index 0000000..268600b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/signers/DSASigner.java

@@ -0,0 +1,184 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.signers;
+
+import java.math.BigInteger;
+import java.security.SecureRandom;
+
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.CryptoServicesRegistrar;
+import com.android.org.bouncycastle.crypto.DSAExt;
+import com.android.org.bouncycastle.crypto.params.DSAKeyParameters;
+import com.android.org.bouncycastle.crypto.params.DSAParameters;
+import com.android.org.bouncycastle.crypto.params.DSAPrivateKeyParameters;
+import com.android.org.bouncycastle.crypto.params.DSAPublicKeyParameters;
+import com.android.org.bouncycastle.crypto.params.ParametersWithRandom;
+import com.android.org.bouncycastle.util.BigIntegers;
+
+/**
+ * The Digital Signature Algorithm - as described in "Handbook of Applied
+ * Cryptography", pages 452 - 453.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DSASigner
+    implements DSAExt
+{
+    private final DSAKCalculator kCalculator;
+
+    private DSAKeyParameters key;
+    private SecureRandom    random;
+
+    /**
+     * Default configuration, random K values.
+     */
+    public DSASigner()
+    {
+        this.kCalculator = new RandomDSAKCalculator();
+    }
+
+    /**
+     * Configuration with an alternate, possibly deterministic calculator of K.
+     *
+     * @param kCalculator a K value calculator.
+     */
+    public DSASigner(DSAKCalculator kCalculator)
+    {
+        this.kCalculator = kCalculator;
+    }
+
+    public void init(
+        boolean                 forSigning,
+        CipherParameters        param)
+    {
+        SecureRandom providedRandom = null;
+
+        if (forSigning)
+        {
+            if (param instanceof ParametersWithRandom)
+            {
+                ParametersWithRandom rParam = (ParametersWithRandom)param;
+
+                this.key = (DSAPrivateKeyParameters)rParam.getParameters();
+                providedRandom = rParam.getRandom();
+            }
+            else
+            {
+                this.key = (DSAPrivateKeyParameters)param;
+            }
+        }
+        else
+        {
+            this.key = (DSAPublicKeyParameters)param;
+        }
+
+        this.random = initSecureRandom(forSigning && !kCalculator.isDeterministic(), providedRandom);
+    }
+
+    public BigInteger getOrder()
+    {
+        return key.getParameters().getQ();
+    }
+
+    /**
+     * generate a signature for the given message using the key we were
+     * initialised with. For conventional DSA the message should be a SHA-1
+     * hash of the message of interest.
+     *
+     * @param message the message that will be verified later.
+     */
+    public BigInteger[] generateSignature(
+        byte[] message)
+    {
+        DSAParameters   params = key.getParameters();
+        BigInteger      q = params.getQ();
+        BigInteger      m = calculateE(q, message);
+        BigInteger      x = ((DSAPrivateKeyParameters)key).getX();
+
+        if (kCalculator.isDeterministic())
+        {
+            kCalculator.init(q, x, message);
+        }
+        else
+        {
+            kCalculator.init(q, random);
+        }
+
+        BigInteger  k = kCalculator.nextK();
+
+        // the randomizer is to conceal timing information related to k and x.
+        BigInteger  r = params.getG().modPow(k.add(getRandomizer(q, random)), params.getP()).mod(q);
+
+        k = k.modInverse(q).multiply(m.add(x.multiply(r)));
+
+        BigInteger  s = k.mod(q);
+
+        return new BigInteger[]{ r, s };
+    }
+
+    /**
+     * return true if the value r and s represent a DSA signature for
+     * the passed in message for standard DSA the message should be a
+     * SHA-1 hash of the real message to be verified.
+     */
+    public boolean verifySignature(
+        byte[]      message,
+        BigInteger  r,
+        BigInteger  s)
+    {
+        DSAParameters   params = key.getParameters();
+        BigInteger      q = params.getQ();
+        BigInteger      m = calculateE(q, message);
+        BigInteger      zero = BigInteger.valueOf(0);
+
+        if (zero.compareTo(r) >= 0 || q.compareTo(r) <= 0)
+        {
+            return false;
+        }
+
+        if (zero.compareTo(s) >= 0 || q.compareTo(s) <= 0)
+        {
+            return false;
+        }
+
+        BigInteger  w = s.modInverse(q);
+
+        BigInteger  u1 = m.multiply(w).mod(q);
+        BigInteger  u2 = r.multiply(w).mod(q);
+
+        BigInteger p = params.getP();
+        u1 = params.getG().modPow(u1, p);
+        u2 = ((DSAPublicKeyParameters)key).getY().modPow(u2, p);
+
+        BigInteger  v = u1.multiply(u2).mod(p).mod(q);
+
+        return v.equals(r);
+    }
+
+    private BigInteger calculateE(BigInteger n, byte[] message)
+    {
+        if (n.bitLength() >= message.length * 8)
+        {
+            return new BigInteger(1, message);
+        }
+        else
+        {
+            byte[] trunc = new byte[n.bitLength() / 8];
+
+            System.arraycopy(message, 0, trunc, 0, trunc.length);
+
+            return new BigInteger(1, trunc);
+        }
+    }
+
+    protected SecureRandom initSecureRandom(boolean needed, SecureRandom provided)
+    {
+        return !needed ? null : (provided != null) ? provided : CryptoServicesRegistrar.getSecureRandom();
+    }
+
+    private BigInteger getRandomizer(BigInteger q, SecureRandom provided)
+    {
+        // Calculate a random multiple of q to add to k. Note that g^q = 1 (mod p), so adding multiple of q to k does not change r.
+        int randomBits = 7;
+
+        return BigIntegers.createRandomBigInteger(randomBits, provided != null ? provided : CryptoServicesRegistrar.getSecureRandom()).add(BigInteger.valueOf(128)).multiply(q);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/signers/ECDSASigner.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/signers/ECDSASigner.java
new file mode 100644
index 0000000..41347ac
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/signers/ECDSASigner.java

@@ -0,0 +1,260 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.signers;
+
+import java.math.BigInteger;
+import java.security.SecureRandom;
+
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.CryptoServicesRegistrar;
+import com.android.org.bouncycastle.crypto.DSAExt;
+import com.android.org.bouncycastle.crypto.params.ECDomainParameters;
+import com.android.org.bouncycastle.crypto.params.ECKeyParameters;
+import com.android.org.bouncycastle.crypto.params.ECPrivateKeyParameters;
+import com.android.org.bouncycastle.crypto.params.ECPublicKeyParameters;
+import com.android.org.bouncycastle.crypto.params.ParametersWithRandom;
+import com.android.org.bouncycastle.math.ec.ECAlgorithms;
+import com.android.org.bouncycastle.math.ec.ECConstants;
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.ECFieldElement;
+import com.android.org.bouncycastle.math.ec.ECMultiplier;
+import com.android.org.bouncycastle.math.ec.ECPoint;
+import com.android.org.bouncycastle.math.ec.FixedPointCombMultiplier;
+
+/**
+ * EC-DSA as described in X9.62
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ECDSASigner
+    implements ECConstants, DSAExt
+{
+    private final DSAKCalculator kCalculator;
+
+    private ECKeyParameters key;
+    private SecureRandom    random;
+
+    /**
+     * Default configuration, random K values.
+     */
+    public ECDSASigner()
+    {
+        this.kCalculator = new RandomDSAKCalculator();
+    }
+
+    /**
+     * Configuration with an alternate, possibly deterministic calculator of K.
+     *
+     * @param kCalculator a K value calculator.
+     */
+    public ECDSASigner(DSAKCalculator kCalculator)
+    {
+        this.kCalculator = kCalculator;
+    }
+
+    public void init(
+        boolean                 forSigning,
+        CipherParameters        param)
+    {
+        SecureRandom providedRandom = null;
+
+        if (forSigning)
+        {
+            if (param instanceof ParametersWithRandom)
+            {
+                ParametersWithRandom rParam = (ParametersWithRandom)param;
+
+                this.key = (ECPrivateKeyParameters)rParam.getParameters();
+                providedRandom = rParam.getRandom();
+            }
+            else
+            {
+                this.key = (ECPrivateKeyParameters)param;
+            }
+        }
+        else
+        {
+            this.key = (ECPublicKeyParameters)param;
+        }
+
+        this.random = initSecureRandom(forSigning && !kCalculator.isDeterministic(), providedRandom);
+    }
+
+    public BigInteger getOrder()
+    {
+        return key.getParameters().getN();
+    }
+
+    // 5.3 pg 28
+    /**
+     * generate a signature for the given message using the key we were
+     * initialised with. For conventional DSA the message should be a SHA-1
+     * hash of the message of interest.
+     *
+     * @param message the message that will be verified later.
+     */
+    public BigInteger[] generateSignature(
+        byte[] message)
+    {
+        ECDomainParameters ec = key.getParameters();
+        BigInteger n = ec.getN();
+        BigInteger e = calculateE(n, message);
+        BigInteger d = ((ECPrivateKeyParameters)key).getD();
+
+        if (kCalculator.isDeterministic())
+        {
+            kCalculator.init(n, d, message);
+        }
+        else
+        {
+            kCalculator.init(n, random);
+        }
+
+        BigInteger r, s;
+
+        ECMultiplier basePointMultiplier = createBasePointMultiplier();
+
+        // 5.3.2
+        do // generate s
+        {
+            BigInteger k;
+            do // generate r
+            {
+                k = kCalculator.nextK();
+
+                ECPoint p = basePointMultiplier.multiply(ec.getG(), k).normalize();
+
+                // 5.3.3
+                r = p.getAffineXCoord().toBigInteger().mod(n);
+            }
+            while (r.equals(ZERO));
+
+            s = k.modInverse(n).multiply(e.add(d.multiply(r))).mod(n);
+        }
+        while (s.equals(ZERO));
+
+        return new BigInteger[]{ r, s };
+    }
+
+    // 5.4 pg 29
+    /**
+     * return true if the value r and s represent a DSA signature for
+     * the passed in message (for standard DSA the message should be
+     * a SHA-1 hash of the real message to be verified).
+     */
+    public boolean verifySignature(
+        byte[]      message,
+        BigInteger  r,
+        BigInteger  s)
+    {
+        ECDomainParameters ec = key.getParameters();
+        BigInteger n = ec.getN();
+        BigInteger e = calculateE(n, message);
+
+        // r in the range [1,n-1]
+        if (r.compareTo(ONE) < 0 || r.compareTo(n) >= 0)
+        {
+            return false;
+        }
+
+        // s in the range [1,n-1]
+        if (s.compareTo(ONE) < 0 || s.compareTo(n) >= 0)
+        {
+            return false;
+        }
+
+        BigInteger c = s.modInverse(n);
+
+        BigInteger u1 = e.multiply(c).mod(n);
+        BigInteger u2 = r.multiply(c).mod(n);
+
+        ECPoint G = ec.getG();
+        ECPoint Q = ((ECPublicKeyParameters)key).getQ();
+
+        ECPoint point = ECAlgorithms.sumOfTwoMultiplies(G, u1, Q, u2);
+
+        // components must be bogus.
+        if (point.isInfinity())
+        {
+            return false;
+        }
+
+        /*
+         * If possible, avoid normalizing the point (to save a modular inversion in the curve field).
+         * 
+         * There are ~cofactor elements of the curve field that reduce (modulo the group order) to 'r'.
+         * If the cofactor is known and small, we generate those possible field values and project each
+         * of them to the same "denominator" (depending on the particular projective coordinates in use)
+         * as the calculated point.X. If any of the projected values matches point.X, then we have:
+         *     (point.X / Denominator mod p) mod n == r
+         * as required, and verification succeeds.
+         * 
+         * Based on an original idea by Gregory Maxwell (https://github.com/gmaxwell), as implemented in
+         * the libsecp256k1 project (https://github.com/bitcoin/secp256k1).
+         */
+        ECCurve curve = point.getCurve();
+        if (curve != null)
+        {
+            BigInteger cofactor = curve.getCofactor();
+            if (cofactor != null && cofactor.compareTo(EIGHT) <= 0)
+            {
+                ECFieldElement D = getDenominator(curve.getCoordinateSystem(), point);
+                if (D != null && !D.isZero())
+                {
+                    ECFieldElement X = point.getXCoord();
+                    while (curve.isValidFieldElement(r))
+                    {
+                        ECFieldElement R = curve.fromBigInteger(r).multiply(D);
+                        if (R.equals(X))
+                        {
+                            return true;
+                        }
+                        r = r.add(n);
+                    }
+                    return false;
+                }
+            }
+        }
+
+        BigInteger v = point.normalize().getAffineXCoord().toBigInteger().mod(n);
+        return v.equals(r);
+    }
+
+    protected BigInteger calculateE(BigInteger n, byte[] message)
+    {
+        int log2n = n.bitLength();
+        int messageBitLength = message.length * 8;
+
+        BigInteger e = new BigInteger(1, message);
+        if (log2n < messageBitLength)
+        {
+            e = e.shiftRight(messageBitLength - log2n);
+        }
+        return e;
+    }
+
+    protected ECMultiplier createBasePointMultiplier()
+    {
+        return new FixedPointCombMultiplier();
+    }
+
+    protected ECFieldElement getDenominator(int coordinateSystem, ECPoint p)
+    {
+        switch (coordinateSystem)
+        {
+        case ECCurve.COORD_HOMOGENEOUS:
+        case ECCurve.COORD_LAMBDA_PROJECTIVE:
+        case ECCurve.COORD_SKEWED:
+            return p.getZCoord(0);
+        case ECCurve.COORD_JACOBIAN:
+        case ECCurve.COORD_JACOBIAN_CHUDNOVSKY:
+        case ECCurve.COORD_JACOBIAN_MODIFIED:
+            return p.getZCoord(0).square();
+        default:
+            return null;
+        }
+    }
+
+    protected SecureRandom initSecureRandom(boolean needed, SecureRandom provided)
+    {
+        return !needed ? null : (provided != null) ? provided : CryptoServicesRegistrar.getSecureRandom();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/signers/PlainDSAEncoding.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/signers/PlainDSAEncoding.java
new file mode 100644
index 0000000..c458002
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/signers/PlainDSAEncoding.java

@@ -0,0 +1,66 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.signers;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.BigIntegers;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PlainDSAEncoding
+    implements DSAEncoding
+{
+    public static final PlainDSAEncoding INSTANCE = new PlainDSAEncoding();
+
+    public byte[] encode(BigInteger n, BigInteger r, BigInteger s)
+    {
+        int valueLength = BigIntegers.getUnsignedByteLength(n);
+        byte[] result = new byte[valueLength * 2];
+        encodeValue(n, r, result, 0, valueLength);
+        encodeValue(n, s, result, valueLength, valueLength);
+        return result;
+    }
+
+    public BigInteger[] decode(BigInteger n, byte[] encoding)
+    {
+        int valueLength = BigIntegers.getUnsignedByteLength(n);
+        if (encoding.length != valueLength * 2)
+        {
+            throw new IllegalArgumentException("Encoding has incorrect length");
+        }
+
+        return new BigInteger[] {
+            decodeValue(n, encoding, 0, valueLength),
+            decodeValue(n, encoding, valueLength, valueLength),
+        };
+    }
+
+    protected BigInteger checkValue(BigInteger n, BigInteger x)
+    {
+        if (x.signum() < 0 || x.compareTo(n) >= 0)
+        {
+            throw new IllegalArgumentException("Value out of range");
+        }
+
+        return x;
+    }
+
+    protected BigInteger decodeValue(BigInteger n, byte[] buf, int off, int len)
+    {
+        byte[] bs = Arrays.copyOfRange(buf, off, off + len);
+        return checkValue(n, new BigInteger(1, bs));
+    }
+
+    private void encodeValue(BigInteger n, BigInteger x, byte[] buf, int off, int len)
+    {
+        byte[] bs = checkValue(n, x).toByteArray();
+        int bsOff = Math.max(0, bs.length - len);
+        int bsLen = bs.length - bsOff;
+
+        int pos = len - bsLen;
+        Arrays.fill(buf, off, off + pos, (byte)0);
+        System.arraycopy(bs, bsOff, buf, off + pos, bsLen);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/signers/RSADigestSigner.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/signers/RSADigestSigner.java
new file mode 100644
index 0000000..3f75879
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/signers/RSADigestSigner.java

@@ -0,0 +1,257 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.signers;
+
+import java.io.IOException;
+import java.util.Hashtable;
+
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.DERNull;
+import com.android.org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x509.DigestInfo;
+import com.android.org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.AsymmetricBlockCipher;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.CryptoException;
+import com.android.org.bouncycastle.crypto.DataLengthException;
+import com.android.org.bouncycastle.crypto.Digest;
+import com.android.org.bouncycastle.crypto.Signer;
+import com.android.org.bouncycastle.crypto.encodings.PKCS1Encoding;
+import com.android.org.bouncycastle.crypto.engines.RSABlindedEngine;
+import com.android.org.bouncycastle.crypto.params.AsymmetricKeyParameter;
+import com.android.org.bouncycastle.crypto.params.ParametersWithRandom;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class RSADigestSigner
+    implements Signer
+{
+    private final AsymmetricBlockCipher rsaEngine = new PKCS1Encoding(new RSABlindedEngine());
+    private final AlgorithmIdentifier algId;
+    private final Digest digest;
+    private boolean forSigning;
+
+    private static final Hashtable oidMap = new Hashtable();
+
+    /*
+     * Load OID table.
+     */
+    static
+    {
+        // BEGIN Android-removed: Unsupported algorithms
+        // oidMap.put("RIPEMD128", TeleTrusTObjectIdentifiers.ripemd128);
+        // oidMap.put("RIPEMD160", TeleTrusTObjectIdentifiers.ripemd160);
+        // oidMap.put("RIPEMD256", TeleTrusTObjectIdentifiers.ripemd256);
+        // END Android-removed: Unsupported algorithms
+
+        oidMap.put("SHA-1", X509ObjectIdentifiers.id_SHA1);
+        oidMap.put("SHA-224", NISTObjectIdentifiers.id_sha224);
+        oidMap.put("SHA-256", NISTObjectIdentifiers.id_sha256);
+        oidMap.put("SHA-384", NISTObjectIdentifiers.id_sha384);
+        oidMap.put("SHA-512", NISTObjectIdentifiers.id_sha512);
+        oidMap.put("SHA-512/224", NISTObjectIdentifiers.id_sha512_224);
+        oidMap.put("SHA-512/256", NISTObjectIdentifiers.id_sha512_256);
+
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        oidMap.put("SHA3-224", NISTObjectIdentifiers.id_sha3_224);
+        oidMap.put("SHA3-256", NISTObjectIdentifiers.id_sha3_256);
+        oidMap.put("SHA3-384", NISTObjectIdentifiers.id_sha3_384);
+        oidMap.put("SHA3-512", NISTObjectIdentifiers.id_sha3_512);
+
+        oidMap.put("MD2", PKCSObjectIdentifiers.md2);
+        oidMap.put("MD4", PKCSObjectIdentifiers.md4);
+        */
+        // END Android-removed: Unsupported algorithms
+        oidMap.put("MD5", PKCSObjectIdentifiers.md5);
+    }
+
+    public RSADigestSigner(
+        Digest digest)
+    {
+        this(digest, (ASN1ObjectIdentifier)oidMap.get(digest.getAlgorithmName()));
+    }
+
+    public RSADigestSigner(
+        Digest digest,
+        ASN1ObjectIdentifier digestOid)
+    {
+        this.digest = digest;
+        this.algId = new AlgorithmIdentifier(digestOid, DERNull.INSTANCE);
+    }
+
+    /**
+     * @deprecated
+     */
+    public String getAlgorithmName()
+    {
+        return digest.getAlgorithmName() + "withRSA";
+    }
+
+    /**
+     * initialise the signer for signing or verification.
+     *
+     * @param forSigning
+     *            true if for signing, false otherwise
+     * @param parameters
+     *            necessary parameters.
+     */
+    public void init(
+        boolean          forSigning,
+        CipherParameters parameters)
+    {
+        this.forSigning = forSigning;
+        AsymmetricKeyParameter k;
+
+        if (parameters instanceof ParametersWithRandom)
+        {
+            k = (AsymmetricKeyParameter)((ParametersWithRandom)parameters).getParameters();
+        }
+        else
+        {
+            k = (AsymmetricKeyParameter)parameters;
+        }
+
+        if (forSigning && !k.isPrivate())
+        {
+            throw new IllegalArgumentException("signing requires private key");
+        }
+
+        if (!forSigning && k.isPrivate())
+        {
+            throw new IllegalArgumentException("verification requires public key");
+        }
+
+        reset();
+
+        rsaEngine.init(forSigning, parameters);
+    }
+
+    /**
+     * update the internal digest with the byte b
+     */
+    public void update(
+        byte input)
+    {
+        digest.update(input);
+    }
+
+    /**
+     * update the internal digest with the byte array in
+     */
+    public void update(
+        byte[]  input,
+        int     inOff,
+        int     length)
+    {
+        digest.update(input, inOff, length);
+    }
+
+    /**
+     * Generate a signature for the message we've been loaded with using the key
+     * we were initialised with.
+     */
+    public byte[] generateSignature()
+        throws CryptoException, DataLengthException
+    {
+        if (!forSigning)
+        {
+            throw new IllegalStateException("RSADigestSigner not initialised for signature generation.");
+        }
+
+        byte[] hash = new byte[digest.getDigestSize()];
+        digest.doFinal(hash, 0);
+
+        try
+        {
+            byte[] data = derEncode(hash);
+            return rsaEngine.processBlock(data, 0, data.length);
+        }
+        catch (IOException e)
+        {
+            throw new CryptoException("unable to encode signature: " + e.getMessage(), e);
+        }
+    }
+
+    /**
+     * return true if the internal state represents the signature described in
+     * the passed in array.
+     */
+    public boolean verifySignature(
+        byte[] signature)
+    {
+        if (forSigning)
+        {
+            throw new IllegalStateException("RSADigestSigner not initialised for verification");
+        }
+
+        byte[] hash = new byte[digest.getDigestSize()];
+
+        digest.doFinal(hash, 0);
+
+        byte[] sig;
+        byte[] expected;
+
+        try
+        {
+            sig = rsaEngine.processBlock(signature, 0, signature.length);
+            expected = derEncode(hash);
+        }
+        catch (Exception e)
+        {
+            return false;
+        }
+
+        if (sig.length == expected.length)
+        {
+            return Arrays.constantTimeAreEqual(sig, expected);
+        }
+        else if (sig.length == expected.length - 2)  // NULL left out
+        {
+            int sigOffset = sig.length - hash.length - 2;
+            int expectedOffset = expected.length - hash.length - 2;
+
+            expected[1] -= 2;      // adjust lengths
+            expected[3] -= 2;
+
+            int nonEqual = 0;
+
+            for (int i = 0; i < hash.length; i++)
+            {
+                nonEqual |= (sig[sigOffset + i] ^ expected[expectedOffset + i]);
+            }
+
+            for (int i = 0; i < sigOffset; i++)
+            {
+                nonEqual |= (sig[i] ^ expected[i]);  // check header less NULL
+            }
+
+            return nonEqual == 0;
+        }
+        else
+        {
+            Arrays.constantTimeAreEqual(expected, expected);  // keep time "steady".
+
+            return false;
+        }
+    }
+
+    public void reset()
+    {
+        digest.reset();
+    }
+
+    private byte[] derEncode(
+        byte[] hash)
+        throws IOException
+    {
+        DigestInfo dInfo = new DigestInfo(algId, hash);
+
+        return dInfo.getEncoded(ASN1Encoding.DER);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/signers/RandomDSAKCalculator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/signers/RandomDSAKCalculator.java
new file mode 100644
index 0000000..39d2e36
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/signers/RandomDSAKCalculator.java

@@ -0,0 +1,49 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.signers;
+
+import java.math.BigInteger;
+import java.security.SecureRandom;
+
+import com.android.org.bouncycastle.util.BigIntegers;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class RandomDSAKCalculator
+    implements DSAKCalculator
+{
+    private static final BigInteger ZERO = BigInteger.valueOf(0);
+
+    private BigInteger q;
+    private SecureRandom random;
+
+    public boolean isDeterministic()
+    {
+        return false;
+    }
+
+    public void init(BigInteger n, SecureRandom random)
+    {
+        this.q = n;
+        this.random = random;
+    }
+
+    public void init(BigInteger n, BigInteger d, byte[] message)
+    {
+        throw new IllegalStateException("Operation not supported");
+    }
+
+    public BigInteger nextK()
+    {
+        int qBitLength = q.bitLength();
+
+        BigInteger k;
+        do
+        {
+            k = BigIntegers.createRandomBigInteger(qBitLength, random);
+        }
+        while (k.equals(ZERO) || k.compareTo(q) >= 0);
+
+        return k;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/signers/StandardDSAEncoding.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/signers/StandardDSAEncoding.java
new file mode 100644
index 0000000..7534ee1
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/signers/StandardDSAEncoding.java

@@ -0,0 +1,68 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.signers;
+
+import java.io.IOException;
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class StandardDSAEncoding
+    implements DSAEncoding
+{
+    public static final StandardDSAEncoding INSTANCE = new StandardDSAEncoding();
+
+    public byte[] encode(BigInteger n, BigInteger r, BigInteger s) throws IOException
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+        encodeValue(n, v, r);
+        encodeValue(n, v, s);
+        return new DERSequence(v).getEncoded(ASN1Encoding.DER);
+    }
+
+    public BigInteger[] decode(BigInteger n, byte[] encoding) throws IOException
+    {
+        ASN1Sequence seq = (ASN1Sequence)ASN1Primitive.fromByteArray(encoding);
+        if (seq.size() == 2)
+        {
+            BigInteger r = decodeValue(n, seq, 0);
+            BigInteger s = decodeValue(n, seq, 1);
+
+            byte[] expectedEncoding = encode(n, r, s);
+            if (Arrays.areEqual(expectedEncoding,  encoding))
+            {
+                return new BigInteger[]{ r, s };
+            }
+        }
+
+        throw new IllegalArgumentException("Malformed signature");
+    }
+
+    protected BigInteger checkValue(BigInteger n, BigInteger x)
+    {
+        if (x.signum() < 0 || (null != n && x.compareTo(n) >= 0))
+        {
+            throw new IllegalArgumentException("Value out of range");
+        }
+
+        return x;
+    }
+
+    protected BigInteger decodeValue(BigInteger n, ASN1Sequence s, int pos)
+    {
+        return checkValue(n, ((ASN1Integer)s.getObjectAt(pos)).getValue());
+    }
+
+    protected void encodeValue(BigInteger n, ASN1EncodableVector v, BigInteger x)
+    {
+        v.add(new ASN1Integer(checkValue(n, x)));
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/tls/CertificateType.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/tls/CertificateType.java
new file mode 100644
index 0000000..3c3ef04
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/tls/CertificateType.java

@@ -0,0 +1,17 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.tls;
+
+/**
+ * RFC 6091 
+ * @hide This class is not part of the Android public SDK API
+ */
+public class CertificateType
+{
+    public static final short X509 = 0;
+    public static final short OpenPGP = 1;
+    
+    /*
+     * RFC 7250
+     */
+    public static final short RawPublicKey = 2;
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/tls/TlsNoCloseNotifyException.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/tls/TlsNoCloseNotifyException.java
new file mode 100644
index 0000000..548fe21
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/tls/TlsNoCloseNotifyException.java

@@ -0,0 +1,21 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.tls;
+
+import java.io.EOFException;
+
+/**
+ * This exception will be thrown (only) when the connection is closed by the peer without sending a
+ * {@link AlertDescription#close_notify close_notify} warning alert. If this happens, the TLS
+ * protocol cannot rule out truncation of the connection data (potentially malicious). It may be
+ * possible to check for truncation via some property of a higher level protocol built upon TLS,
+ * e.g. the Content-Length header for HTTPS.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class TlsNoCloseNotifyException
+    extends EOFException
+{
+    public TlsNoCloseNotifyException()
+    {
+        super("No close_notify alert received before connection closed");
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/util/Pack.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/util/Pack.java
new file mode 100644
index 0000000..79acd5b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/util/Pack.java

@@ -0,0 +1,206 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.util;
+
+/**
+ * @deprecated use org.bouncycastle.util.pack
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class Pack
+{
+    public static int bigEndianToInt(byte[] bs, int off)
+    {
+        int n = bs[  off] << 24;
+        n |= (bs[++off] & 0xff) << 16;
+        n |= (bs[++off] & 0xff) << 8;
+        n |= (bs[++off] & 0xff);
+        return n;
+    }
+
+    public static void bigEndianToInt(byte[] bs, int off, int[] ns)
+    {
+        for (int i = 0; i < ns.length; ++i)
+        {
+            ns[i] = bigEndianToInt(bs, off);
+            off += 4;
+        }
+    }
+
+    public static byte[] intToBigEndian(int n)
+    {
+        byte[] bs = new byte[4];
+        intToBigEndian(n, bs, 0);
+        return bs;
+    }
+
+    public static void intToBigEndian(int n, byte[] bs, int off)
+    {
+        bs[  off] = (byte)(n >>> 24);
+        bs[++off] = (byte)(n >>> 16);
+        bs[++off] = (byte)(n >>>  8);
+        bs[++off] = (byte)(n       );
+    }
+
+    public static byte[] intToBigEndian(int[] ns)
+    {
+        byte[] bs = new byte[4 * ns.length];
+        intToBigEndian(ns, bs, 0);
+        return bs;
+    }
+
+    public static void intToBigEndian(int[] ns, byte[] bs, int off)
+    {
+        for (int i = 0; i < ns.length; ++i)
+        {
+            intToBigEndian(ns[i], bs, off);
+            off += 4;
+        }
+    }
+
+    public static long bigEndianToLong(byte[] bs, int off)
+    {
+        int hi = bigEndianToInt(bs, off);
+        int lo = bigEndianToInt(bs, off + 4);
+        return ((long)(hi & 0xffffffffL) << 32) | (long)(lo & 0xffffffffL);
+    }
+
+    public static void bigEndianToLong(byte[] bs, int off, long[] ns)
+    {
+        for (int i = 0; i < ns.length; ++i)
+        {
+            ns[i] = bigEndianToLong(bs, off);
+            off += 8;
+        }
+    }
+
+    public static byte[] longToBigEndian(long n)
+    {
+        byte[] bs = new byte[8];
+        longToBigEndian(n, bs, 0);
+        return bs;
+    }
+
+    public static void longToBigEndian(long n, byte[] bs, int off)
+    {
+        intToBigEndian((int)(n >>> 32), bs, off);
+        intToBigEndian((int)(n & 0xffffffffL), bs, off + 4);
+    }
+
+    public static byte[] longToBigEndian(long[] ns)
+    {
+        byte[] bs = new byte[8 * ns.length];
+        longToBigEndian(ns, bs, 0);
+        return bs;
+    }
+
+    public static void longToBigEndian(long[] ns, byte[] bs, int off)
+    {
+        for (int i = 0; i < ns.length; ++i)
+        {
+            longToBigEndian(ns[i], bs, off);
+            off += 8;
+        }
+    }
+
+    public static int littleEndianToInt(byte[] bs, int off)
+    {
+        int n = bs[  off] & 0xff;
+        n |= (bs[++off] & 0xff) << 8;
+        n |= (bs[++off] & 0xff) << 16;
+        n |= bs[++off] << 24;
+        return n;
+    }
+
+    public static void littleEndianToInt(byte[] bs, int off, int[] ns)
+    {
+        for (int i = 0; i < ns.length; ++i)
+        {
+            ns[i] = littleEndianToInt(bs, off);
+            off += 4;
+        }
+    }
+
+    public static void littleEndianToInt(byte[] bs, int bOff, int[] ns, int nOff, int count)
+    {
+        for (int i = 0; i < count; ++i)
+        {
+            ns[nOff + i] = littleEndianToInt(bs, bOff);
+            bOff += 4;
+        }
+    }
+
+    public static byte[] intToLittleEndian(int n)
+    {
+        byte[] bs = new byte[4];
+        intToLittleEndian(n, bs, 0);
+        return bs;
+    }
+
+    public static void intToLittleEndian(int n, byte[] bs, int off)
+    {
+        bs[  off] = (byte)(n       );
+        bs[++off] = (byte)(n >>>  8);
+        bs[++off] = (byte)(n >>> 16);
+        bs[++off] = (byte)(n >>> 24);
+    }
+
+    public static byte[] intToLittleEndian(int[] ns)
+    {
+        byte[] bs = new byte[4 * ns.length];
+        intToLittleEndian(ns, bs, 0);
+        return bs;
+    }
+
+    public static void intToLittleEndian(int[] ns, byte[] bs, int off)
+    {
+        for (int i = 0; i < ns.length; ++i)
+        {
+            intToLittleEndian(ns[i], bs, off);
+            off += 4;
+        }
+    }
+
+    public static long littleEndianToLong(byte[] bs, int off)
+    {
+        int lo = littleEndianToInt(bs, off);
+        int hi = littleEndianToInt(bs, off + 4);
+        return ((long)(hi & 0xffffffffL) << 32) | (long)(lo & 0xffffffffL);
+    }
+
+    public static void littleEndianToLong(byte[] bs, int off, long[] ns)
+    {
+        for (int i = 0; i < ns.length; ++i)
+        {
+            ns[i] = littleEndianToLong(bs, off);
+            off += 8;
+        }
+    }
+
+    public static byte[] longToLittleEndian(long n)
+    {
+        byte[] bs = new byte[8];
+        longToLittleEndian(n, bs, 0);
+        return bs;
+    }
+
+    public static void longToLittleEndian(long n, byte[] bs, int off)
+    {
+        intToLittleEndian((int)(n & 0xffffffffL), bs, off);
+        intToLittleEndian((int)(n >>> 32), bs, off + 4);
+    }
+
+    public static byte[] longToLittleEndian(long[] ns)
+    {
+        byte[] bs = new byte[8 * ns.length];
+        longToLittleEndian(ns, bs, 0);
+        return bs;
+    }
+
+    public static void longToLittleEndian(long[] ns, byte[] bs, int off)
+    {
+        for (int i = 0; i < ns.length; ++i)
+        {
+            longToLittleEndian(ns[i], bs, off);
+            off += 8;
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/util/PrivateKeyFactory.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/util/PrivateKeyFactory.java
new file mode 100644
index 0000000..9e7a017
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/util/PrivateKeyFactory.java

@@ -0,0 +1,330 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.util;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1InputStream;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.oiw.ElGamalParameter;
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
+// import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
+// import org.bouncycastle.asn1.edec.EdECObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.DHParameter;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import com.android.org.bouncycastle.asn1.pkcs.RSAPrivateKey;
+// import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.sec.ECPrivateKey;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x509.DSAParameter;
+import com.android.org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x9.ECNamedCurveTable;
+import com.android.org.bouncycastle.asn1.x9.X962Parameters;
+import com.android.org.bouncycastle.asn1.x9.X9ECParameters;
+import com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.ec.CustomNamedCurves;
+import com.android.org.bouncycastle.crypto.params.AsymmetricKeyParameter;
+import com.android.org.bouncycastle.crypto.params.DHParameters;
+import com.android.org.bouncycastle.crypto.params.DHPrivateKeyParameters;
+import com.android.org.bouncycastle.crypto.params.DSAParameters;
+import com.android.org.bouncycastle.crypto.params.DSAPrivateKeyParameters;
+import com.android.org.bouncycastle.crypto.params.ECDomainParameters;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.params.ECGOST3410Parameters;
+import com.android.org.bouncycastle.crypto.params.ECNamedDomainParameters;
+import com.android.org.bouncycastle.crypto.params.ECPrivateKeyParameters;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.params.ElGamalParameters;
+// import org.bouncycastle.crypto.params.ElGamalPrivateKeyParameters;
+// import org.bouncycastle.crypto.params.Ed25519PrivateKeyParameters;
+// import org.bouncycastle.crypto.params.Ed448PrivateKeyParameters;
+import com.android.org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.params.X25519PrivateKeyParameters;
+// import org.bouncycastle.crypto.params.X448PrivateKeyParameters;
+
+/**
+ * Factory for creating private key objects from PKCS8 PrivateKeyInfo objects.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PrivateKeyFactory
+{
+    /**
+     * Create a private key parameter from a PKCS8 PrivateKeyInfo encoding.
+     *
+     * @param privateKeyInfoData the PrivateKeyInfo encoding
+     * @return a suitable private key parameter
+     * @throws IOException on an error decoding the key
+     */
+    public static AsymmetricKeyParameter createKey(byte[] privateKeyInfoData)
+        throws IOException
+    {
+        return createKey(PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(privateKeyInfoData)));
+    }
+
+    /**
+     * Create a private key parameter from a PKCS8 PrivateKeyInfo encoding read from a
+     * stream.
+     *
+     * @param inStr the stream to read the PrivateKeyInfo encoding from
+     * @return a suitable private key parameter
+     * @throws IOException on an error decoding the key
+     */
+    public static AsymmetricKeyParameter createKey(InputStream inStr)
+        throws IOException
+    {
+        return createKey(PrivateKeyInfo.getInstance(new ASN1InputStream(inStr).readObject()));
+    }
+
+    /**
+     * Create a private key parameter from the passed in PKCS8 PrivateKeyInfo object.
+     *
+     * @param keyInfo the PrivateKeyInfo object containing the key material
+     * @return a suitable private key parameter
+     * @throws IOException on an error decoding the key
+     */
+    public static AsymmetricKeyParameter createKey(PrivateKeyInfo keyInfo)
+        throws IOException
+    {
+        AlgorithmIdentifier algId = keyInfo.getPrivateKeyAlgorithm();
+        ASN1ObjectIdentifier algOID = algId.getAlgorithm();
+
+        if (algOID.equals(PKCSObjectIdentifiers.rsaEncryption)
+            || algOID.equals(PKCSObjectIdentifiers.id_RSASSA_PSS)
+            || algOID.equals(X509ObjectIdentifiers.id_ea_rsa))
+        {
+            RSAPrivateKey keyStructure = RSAPrivateKey.getInstance(keyInfo.parsePrivateKey());
+
+            return new RSAPrivateCrtKeyParameters(keyStructure.getModulus(),
+                keyStructure.getPublicExponent(), keyStructure.getPrivateExponent(),
+                keyStructure.getPrime1(), keyStructure.getPrime2(), keyStructure.getExponent1(),
+                keyStructure.getExponent2(), keyStructure.getCoefficient());
+        }
+        // TODO?
+//      else if (algOID.equals(X9ObjectIdentifiers.dhpublicnumber))
+        else if (algOID.equals(PKCSObjectIdentifiers.dhKeyAgreement))
+        {
+            DHParameter params = DHParameter.getInstance(algId.getParameters());
+            ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey();
+
+            BigInteger lVal = params.getL();
+            int l = lVal == null ? 0 : lVal.intValue();
+            DHParameters dhParams = new DHParameters(params.getP(), params.getG(), null, l);
+
+            return new DHPrivateKeyParameters(derX.getValue(), dhParams);
+        }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        else if (algOID.equals(OIWObjectIdentifiers.elGamalAlgorithm))
+        {
+            ElGamalParameter params = ElGamalParameter.getInstance(algId.getParameters());
+            ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey();
+
+            return new ElGamalPrivateKeyParameters(derX.getValue(), new ElGamalParameters(
+                params.getP(), params.getG()));
+        }
+        */
+        // END Android-removed: Unsupported algorithms
+        else if (algOID.equals(X9ObjectIdentifiers.id_dsa))
+        {
+            ASN1Integer derX = (ASN1Integer)keyInfo.parsePrivateKey();
+            ASN1Encodable de = algId.getParameters();
+
+            DSAParameters parameters = null;
+            if (de != null)
+            {
+                DSAParameter params = DSAParameter.getInstance(de.toASN1Primitive());
+                parameters = new DSAParameters(params.getP(), params.getQ(), params.getG());
+            }
+
+            return new DSAPrivateKeyParameters(derX.getValue(), parameters);
+        }
+        else if (algOID.equals(X9ObjectIdentifiers.id_ecPublicKey))
+        {
+            X962Parameters params = new X962Parameters((ASN1Primitive)algId.getParameters());
+
+            X9ECParameters x9;
+            ECDomainParameters dParams;
+
+            if (params.isNamedCurve())
+            {
+                ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)params.getParameters();
+
+                x9 = CustomNamedCurves.getByOID(oid);
+                if (x9 == null)
+                {
+                    x9 = ECNamedCurveTable.getByOID(oid);
+                }
+                dParams = new ECNamedDomainParameters(
+                    oid, x9.getCurve(), x9.getG(), x9.getN(), x9.getH(), x9.getSeed());
+            }
+            else
+            {
+                x9 = X9ECParameters.getInstance(params.getParameters());
+                dParams = new ECDomainParameters(
+                    x9.getCurve(), x9.getG(), x9.getN(), x9.getH(), x9.getSeed());
+            }
+
+            ECPrivateKey ec = ECPrivateKey.getInstance(keyInfo.parsePrivateKey());
+            BigInteger d = ec.getKey();
+
+            return new ECPrivateKeyParameters(d, dParams);
+        }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        else if (algOID.equals(EdECObjectIdentifiers.id_X25519))
+        {
+            return new X25519PrivateKeyParameters(getRawKey(keyInfo, X25519PrivateKeyParameters.KEY_SIZE), 0);
+        }
+        else if (algOID.equals(EdECObjectIdentifiers.id_X448))
+        {
+            return new X448PrivateKeyParameters(getRawKey(keyInfo, X448PrivateKeyParameters.KEY_SIZE), 0);
+        }
+        else if (algOID.equals(EdECObjectIdentifiers.id_Ed25519))
+        {
+            return new Ed25519PrivateKeyParameters(getRawKey(keyInfo, Ed25519PrivateKeyParameters.KEY_SIZE), 0);
+        }
+        else if (algOID.equals(EdECObjectIdentifiers.id_Ed448))
+        {
+            return new Ed448PrivateKeyParameters(getRawKey(keyInfo, Ed448PrivateKeyParameters.KEY_SIZE), 0);
+        }
+        else if (
+            algOID.equals(CryptoProObjectIdentifiers.gostR3410_2001) ||
+                algOID.equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512) ||
+                algOID.equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256))
+        {
+            GOST3410PublicKeyAlgParameters gostParams = GOST3410PublicKeyAlgParameters.getInstance(keyInfo.getPrivateKeyAlgorithm().getParameters());
+            ECGOST3410Parameters ecSpec = null;
+            BigInteger d = null;
+            ASN1Primitive p = keyInfo.getPrivateKeyAlgorithm().getParameters().toASN1Primitive();
+            if (p instanceof ASN1Sequence && (ASN1Sequence.getInstance(p).size() == 2 || ASN1Sequence.getInstance(p).size() == 3))
+            {
+
+                ECDomainParameters ecP = ECGOST3410NamedCurves.getByOID(gostParams.getPublicKeyParamSet());
+
+                ecSpec = new ECGOST3410Parameters(
+                    new ECNamedDomainParameters(
+                        gostParams.getPublicKeyParamSet(), ecP),
+                    gostParams.getPublicKeyParamSet(),
+                    gostParams.getDigestParamSet(),
+                    gostParams.getEncryptionParamSet());
+                ASN1Encodable privKey = keyInfo.parsePrivateKey();
+                if (privKey instanceof ASN1Integer)
+                {
+                    d = ASN1Integer.getInstance(privKey).getPositiveValue();
+                }
+                else
+                {
+                    byte[] encVal = ASN1OctetString.getInstance(privKey).getOctets();
+                    byte[] dVal = new byte[encVal.length];
+
+                    for (int i = 0; i != encVal.length; i++)
+                    {
+                        dVal[i] = encVal[encVal.length - 1 - i];
+                    }
+
+                    d = new BigInteger(1, dVal);
+                }
+
+
+            }
+            else
+            {
+                X962Parameters params = X962Parameters.getInstance(keyInfo.getPrivateKeyAlgorithm().getParameters());
+
+                if (params.isNamedCurve())
+                {
+                    ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters());
+                    X9ECParameters ecP = ECNamedCurveTable.getByOID(oid);
+                    if (ecP == null)
+                    {
+                        ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid);
+                        ecSpec = new ECGOST3410Parameters(new ECNamedDomainParameters(
+                            oid,
+                            gParam.getCurve(),
+                            gParam.getG(),
+                            gParam.getN(),
+                            gParam.getH(),
+                            gParam.getSeed()), gostParams.getPublicKeyParamSet(), gostParams.getDigestParamSet(), gostParams.getEncryptionParamSet());
+                    }
+                    else
+                    {
+                        ecSpec = new ECGOST3410Parameters(new ECNamedDomainParameters(
+                            oid,
+                            ecP.getCurve(),
+                            ecP.getG(),
+                            ecP.getN(),
+                            ecP.getH(),
+                            ecP.getSeed()), gostParams.getPublicKeyParamSet(), gostParams.getDigestParamSet(), gostParams.getEncryptionParamSet());
+                    }
+                }
+                else if (params.isImplicitlyCA())
+                {
+                    ecSpec = null;
+                }
+                else
+                {
+                    X9ECParameters ecP = X9ECParameters.getInstance(params.getParameters());
+                    ecSpec = new ECGOST3410Parameters(new ECNamedDomainParameters(
+                        algOID,
+                        ecP.getCurve(),
+                        ecP.getG(),
+                        ecP.getN(),
+                        ecP.getH(),
+                        ecP.getSeed()), gostParams.getPublicKeyParamSet(), gostParams.getDigestParamSet(), gostParams.getEncryptionParamSet());
+                }
+
+                ASN1Encodable privKey = keyInfo.parsePrivateKey();
+                if (privKey instanceof ASN1Integer)
+                {
+                    ASN1Integer derD = ASN1Integer.getInstance(privKey);
+
+                    d = derD.getValue();
+                }
+                else
+                {
+                    org.bouncycastle.asn1.sec.ECPrivateKey ec = org.bouncycastle.asn1.sec.ECPrivateKey.getInstance(privKey);
+
+                    d = ec.getKey();
+                }
+
+            }
+
+            return new ECPrivateKeyParameters(
+                d,
+                new ECGOST3410Parameters(
+                    ecSpec,
+                    gostParams.getPublicKeyParamSet(),
+                    gostParams.getDigestParamSet(),
+                    gostParams.getEncryptionParamSet()));
+
+        }
+        */
+        // END Android-removed: Unsupported algorithms
+        else
+        {
+            throw new RuntimeException("algorithm identifier in private key not recognised");
+        }
+    }
+
+    private static byte[] getRawKey(PrivateKeyInfo keyInfo, int expectedSize)
+        throws IOException
+    {
+        byte[] result = ASN1OctetString.getInstance(keyInfo.parsePrivateKey()).getOctets();
+        if (expectedSize != result.length)
+        {
+            throw new RuntimeException("private key encoding has incorrect length");
+        }
+        return result;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/util/PublicKeyFactory.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/util/PublicKeyFactory.java
new file mode 100644
index 0000000..430e2dc
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/crypto/util/PublicKeyFactory.java

@@ -0,0 +1,556 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.crypto.util;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.math.BigInteger;
+import java.util.HashMap;
+import java.util.Map;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1InputStream;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
+// import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
+// import org.bouncycastle.asn1.edec.EdECObjectIdentifiers;
+// import org.bouncycastle.asn1.oiw.ElGamalParameter;
+import com.android.org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.DHParameter;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.RSAPublicKey;
+// import org.bouncycastle.asn1.rosstandart.RosstandartObjectIdentifiers;
+// import org.bouncycastle.asn1.ua.DSTU4145BinaryField;
+// import org.bouncycastle.asn1.ua.DSTU4145ECBinary;
+// import org.bouncycastle.asn1.ua.DSTU4145NamedCurves;
+// import org.bouncycastle.asn1.ua.DSTU4145Params;
+// import org.bouncycastle.asn1.ua.DSTU4145PointEncoder;
+// import org.bouncycastle.asn1.ua.UAObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x509.DSAParameter;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import com.android.org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x9.DHPublicKey;
+import com.android.org.bouncycastle.asn1.x9.DomainParameters;
+import com.android.org.bouncycastle.asn1.x9.ECNamedCurveTable;
+import com.android.org.bouncycastle.asn1.x9.ValidationParams;
+import com.android.org.bouncycastle.asn1.x9.X962Parameters;
+import com.android.org.bouncycastle.asn1.x9.X9ECParameters;
+import com.android.org.bouncycastle.asn1.x9.X9ECPoint;
+import com.android.org.bouncycastle.asn1.x9.X9IntegerConverter;
+import com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.ec.CustomNamedCurves;
+import com.android.org.bouncycastle.crypto.params.AsymmetricKeyParameter;
+import com.android.org.bouncycastle.crypto.params.DHParameters;
+import com.android.org.bouncycastle.crypto.params.DHPublicKeyParameters;
+import com.android.org.bouncycastle.crypto.params.DHValidationParameters;
+import com.android.org.bouncycastle.crypto.params.DSAParameters;
+import com.android.org.bouncycastle.crypto.params.DSAPublicKeyParameters;
+import com.android.org.bouncycastle.crypto.params.ECDomainParameters;
+// import org.bouncycastle.crypto.params.ECGOST3410Parameters;
+import com.android.org.bouncycastle.crypto.params.ECNamedDomainParameters;
+import com.android.org.bouncycastle.crypto.params.ECPublicKeyParameters;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.params.Ed25519PublicKeyParameters;
+// import org.bouncycastle.crypto.params.Ed448PublicKeyParameters;
+// import org.bouncycastle.crypto.params.ElGamalParameters;
+// import org.bouncycastle.crypto.params.ElGamalPublicKeyParameters;
+import com.android.org.bouncycastle.crypto.params.RSAKeyParameters;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.params.X25519PublicKeyParameters;
+// import org.bouncycastle.crypto.params.X448PublicKeyParameters;
+import com.android.org.bouncycastle.math.ec.ECCurve;
+
+/**
+ * Factory to create asymmetric public key parameters for asymmetric ciphers from range of
+ * ASN.1 encoded SubjectPublicKeyInfo objects.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PublicKeyFactory
+{
+    private static Map converters = new HashMap();
+
+    static
+    {
+        converters.put(PKCSObjectIdentifiers.rsaEncryption, new RSAConverter());
+        converters.put(PKCSObjectIdentifiers.id_RSASSA_PSS, new RSAConverter());
+        converters.put(X509ObjectIdentifiers.id_ea_rsa, new RSAConverter());
+        converters.put(X9ObjectIdentifiers.dhpublicnumber, new DHPublicNumberConverter());
+        converters.put(PKCSObjectIdentifiers.dhKeyAgreement, new DHAgreementConverter());
+        converters.put(X9ObjectIdentifiers.id_dsa, new DSAConverter());
+        converters.put(OIWObjectIdentifiers.dsaWithSHA1, new DSAConverter());
+        // Android-removed: Unsupported algorithm
+        // converters.put(OIWObjectIdentifiers.elGamalAlgorithm, new ElGamalConverter());
+        converters.put(X9ObjectIdentifiers.id_ecPublicKey, new ECConverter());
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        converters.put(CryptoProObjectIdentifiers.gostR3410_2001, new GOST3410_2001Converter());
+        converters.put(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_256, new GOST3410_2012Converter());
+        converters.put(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512, new GOST3410_2012Converter());
+        converters.put(UAObjectIdentifiers.dstu4145be, new DSTUConverter());
+        converters.put(UAObjectIdentifiers.dstu4145le, new DSTUConverter());
+        converters.put(EdECObjectIdentifiers.id_X25519, new X25519Converter());
+        converters.put(EdECObjectIdentifiers.id_X448, new X448Converter());
+        converters.put(EdECObjectIdentifiers.id_Ed25519, new Ed25519Converter());
+        converters.put(EdECObjectIdentifiers.id_Ed448, new Ed448Converter());
+        */
+        // END Android-removed: Unsupported algorithms
+    }
+
+    /**
+     * Create a public key from a SubjectPublicKeyInfo encoding
+     *
+     * @param keyInfoData the SubjectPublicKeyInfo encoding
+     * @return the appropriate key parameter
+     * @throws IOException on an error decoding the key
+     */
+    public static AsymmetricKeyParameter createKey(byte[] keyInfoData)
+        throws IOException
+    {
+        return createKey(SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(keyInfoData)));
+    }
+
+    /**
+     * Create a public key from a SubjectPublicKeyInfo encoding read from a stream
+     *
+     * @param inStr the stream to read the SubjectPublicKeyInfo encoding from
+     * @return the appropriate key parameter
+     * @throws IOException on an error decoding the key
+     */
+    public static AsymmetricKeyParameter createKey(InputStream inStr)
+        throws IOException
+    {
+        return createKey(SubjectPublicKeyInfo.getInstance(new ASN1InputStream(inStr).readObject()));
+    }
+
+    /**
+     * Create a public key from the passed in SubjectPublicKeyInfo
+     *
+     * @param keyInfo the SubjectPublicKeyInfo containing the key data
+     * @return the appropriate key parameter
+     * @throws IOException on an error decoding the key
+     */
+    public static AsymmetricKeyParameter createKey(SubjectPublicKeyInfo keyInfo)
+        throws IOException
+    {
+        return createKey(keyInfo, null);
+    }
+
+    /**
+     * Create a public key from the passed in SubjectPublicKeyInfo
+     *
+     * @param keyInfo       the SubjectPublicKeyInfo containing the key data
+     * @param defaultParams default parameters that might be needed.
+     * @return the appropriate key parameter
+     * @throws IOException on an error decoding the key
+     */
+    public static AsymmetricKeyParameter createKey(SubjectPublicKeyInfo keyInfo, Object defaultParams)
+        throws IOException
+    {
+        AlgorithmIdentifier algId = keyInfo.getAlgorithm();
+        SubjectPublicKeyInfoConverter converter = (SubjectPublicKeyInfoConverter)converters.get(algId.getAlgorithm());
+
+        if (converter != null)
+        {
+            return converter.getPublicKeyParameters(keyInfo, defaultParams);
+        }
+        else
+        {
+            throw new IOException("algorithm identifier in public key not recognised: " + algId.getAlgorithm());
+        }
+    }
+
+    private static abstract class SubjectPublicKeyInfoConverter
+    {
+        abstract AsymmetricKeyParameter getPublicKeyParameters(SubjectPublicKeyInfo keyInfo, Object defaultParams)
+            throws IOException;
+    }
+
+    private static class RSAConverter
+        extends SubjectPublicKeyInfoConverter
+    {
+        AsymmetricKeyParameter getPublicKeyParameters(SubjectPublicKeyInfo keyInfo, Object defaultParams)
+            throws IOException
+        {
+            RSAPublicKey pubKey = RSAPublicKey.getInstance(keyInfo.parsePublicKey());
+
+            return new RSAKeyParameters(false, pubKey.getModulus(), pubKey.getPublicExponent());
+        }
+    }
+
+    private static class DHPublicNumberConverter
+        extends SubjectPublicKeyInfoConverter
+    {
+        AsymmetricKeyParameter getPublicKeyParameters(SubjectPublicKeyInfo keyInfo, Object defaultParams)
+            throws IOException
+        {
+            DHPublicKey dhPublicKey = DHPublicKey.getInstance(keyInfo.parsePublicKey());
+
+            BigInteger y = dhPublicKey.getY();
+
+            DomainParameters dhParams = DomainParameters.getInstance(keyInfo.getAlgorithm().getParameters());
+
+            BigInteger p = dhParams.getP();
+            BigInteger g = dhParams.getG();
+            BigInteger q = dhParams.getQ();
+
+            BigInteger j = null;
+            if (dhParams.getJ() != null)
+            {
+                j = dhParams.getJ();
+            }
+
+            DHValidationParameters validation = null;
+            ValidationParams dhValidationParms = dhParams.getValidationParams();
+            if (dhValidationParms != null)
+            {
+                byte[] seed = dhValidationParms.getSeed();
+                BigInteger pgenCounter = dhValidationParms.getPgenCounter();
+
+                // TODO Check pgenCounter size?
+
+                validation = new DHValidationParameters(seed, pgenCounter.intValue());
+            }
+
+            return new DHPublicKeyParameters(y, new DHParameters(p, g, q, j, validation));
+        }
+    }
+
+    private static class DHAgreementConverter
+        extends SubjectPublicKeyInfoConverter
+    {
+        AsymmetricKeyParameter getPublicKeyParameters(SubjectPublicKeyInfo keyInfo, Object defaultParams)
+            throws IOException
+        {
+            DHParameter params = DHParameter.getInstance(keyInfo.getAlgorithm().getParameters());
+            ASN1Integer derY = (ASN1Integer)keyInfo.parsePublicKey();
+
+            BigInteger lVal = params.getL();
+            int l = lVal == null ? 0 : lVal.intValue();
+            DHParameters dhParams = new DHParameters(params.getP(), params.getG(), null, l);
+
+            return new DHPublicKeyParameters(derY.getValue(), dhParams);
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithm
+    /*
+    private static class ElGamalConverter
+        extends SubjectPublicKeyInfoConverter
+    {
+        AsymmetricKeyParameter getPublicKeyParameters(SubjectPublicKeyInfo keyInfo, Object defaultParams)
+            throws IOException
+        {
+            ElGamalParameter params = ElGamalParameter.getInstance(keyInfo.getAlgorithm().getParameters());
+            ASN1Integer derY = (ASN1Integer)keyInfo.parsePublicKey();
+
+            return new ElGamalPublicKeyParameters(derY.getValue(), new ElGamalParameters(
+                params.getP(), params.getG()));
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithm
+
+    private static class DSAConverter
+        extends SubjectPublicKeyInfoConverter
+    {
+        AsymmetricKeyParameter getPublicKeyParameters(SubjectPublicKeyInfo keyInfo, Object defaultParams)
+            throws IOException
+        {
+            ASN1Integer derY = (ASN1Integer)keyInfo.parsePublicKey();
+            ASN1Encodable de = keyInfo.getAlgorithm().getParameters();
+
+            DSAParameters parameters = null;
+            if (de != null)
+            {
+                DSAParameter params = DSAParameter.getInstance(de.toASN1Primitive());
+                parameters = new DSAParameters(params.getP(), params.getQ(), params.getG());
+            }
+
+            return new DSAPublicKeyParameters(derY.getValue(), parameters);
+        }
+    }
+
+    private static class ECConverter
+        extends SubjectPublicKeyInfoConverter
+    {
+        AsymmetricKeyParameter getPublicKeyParameters(SubjectPublicKeyInfo keyInfo, Object defaultParams)
+        {
+            X962Parameters params = X962Parameters.getInstance(keyInfo.getAlgorithm().getParameters());
+            ECDomainParameters dParams;
+
+            if (params.isNamedCurve())
+            {
+                ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)params.getParameters();
+
+                X9ECParameters x9 = CustomNamedCurves.getByOID(oid);
+                if (x9 == null)
+                {
+                    x9 = ECNamedCurveTable.getByOID(oid);
+                }
+                dParams = new ECNamedDomainParameters(
+                    oid, x9.getCurve(), x9.getG(), x9.getN(), x9.getH(), x9.getSeed());
+            }
+            else if (params.isImplicitlyCA())
+            {
+                dParams = (ECDomainParameters)defaultParams;
+            }
+            else
+            {
+                X9ECParameters x9 = X9ECParameters.getInstance(params.getParameters());
+                dParams = new ECDomainParameters(
+                    x9.getCurve(), x9.getG(), x9.getN(), x9.getH(), x9.getSeed());
+            }
+
+            DERBitString bits = keyInfo.getPublicKeyData();
+            byte[] data = bits.getBytes();
+            ASN1OctetString key = new DEROctetString(data);
+
+            //
+            // extra octet string - the old extra embedded octet string
+            //
+            if (data[0] == 0x04 && data[1] == data.length - 2
+                && (data[2] == 0x02 || data[2] == 0x03))
+            {
+                int qLength = new X9IntegerConverter().getByteLength(dParams.getCurve());
+
+                if (qLength >= data.length - 3)
+                {
+                    try
+                    {
+                        key = (ASN1OctetString)ASN1Primitive.fromByteArray(data);
+                    }
+                    catch (IOException ex)
+                    {
+                        throw new IllegalArgumentException("error recovering public key");
+                    }
+                }
+            }
+
+            X9ECPoint derQ = new X9ECPoint(dParams.getCurve(), key);
+
+            return new ECPublicKeyParameters(derQ.getPoint(), dParams);
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    private static class GOST3410_2001Converter
+        extends SubjectPublicKeyInfoConverter
+    {
+        AsymmetricKeyParameter getPublicKeyParameters(SubjectPublicKeyInfo keyInfo, Object defaultParams)
+        {
+            DERBitString bits = keyInfo.getPublicKeyData();
+            ASN1OctetString key;
+
+            try
+            {
+                key = (ASN1OctetString)ASN1Primitive.fromByteArray(bits.getBytes());
+            }
+            catch (IOException ex)
+            {
+                throw new IllegalArgumentException("error recovering public key");
+            }
+
+            byte[] keyEnc = key.getOctets();
+
+            byte[] x9Encoding = new byte[65];
+            x9Encoding[0] = 0x04;
+            for (int i = 1; i <= 32; ++i)
+            {
+                x9Encoding[i] = keyEnc[32 - i];
+                x9Encoding[i + 32] = keyEnc[64 - i];
+            }
+
+            GOST3410PublicKeyAlgParameters gostParams = GOST3410PublicKeyAlgParameters.getInstance(keyInfo.getAlgorithm().getParameters());
+
+            ECGOST3410Parameters ecDomainParameters =
+                new ECGOST3410Parameters(
+                    new ECNamedDomainParameters(gostParams.getPublicKeyParamSet(), ECGOST3410NamedCurves.getByOID(gostParams.getPublicKeyParamSet())),
+                    gostParams.getPublicKeyParamSet(),
+                    gostParams.getDigestParamSet(),
+                    gostParams.getEncryptionParamSet());
+
+
+            return new ECPublicKeyParameters(ecDomainParameters.getCurve().decodePoint(x9Encoding), ecDomainParameters);
+
+        }
+    }
+
+    private static class GOST3410_2012Converter
+        extends SubjectPublicKeyInfoConverter
+    {
+        AsymmetricKeyParameter getPublicKeyParameters(SubjectPublicKeyInfo keyInfo, Object defaultParams)
+        {
+            ASN1ObjectIdentifier algOid = keyInfo.getAlgorithm().getAlgorithm();
+            DERBitString bits = keyInfo.getPublicKeyData();
+            ASN1OctetString key;
+
+            try
+            {
+                key = (ASN1OctetString)ASN1Primitive.fromByteArray(bits.getBytes());
+            }
+            catch (IOException ex)
+            {
+                throw new IllegalArgumentException("error recovering public key");
+            }
+
+            byte[] keyEnc = key.getOctets();
+
+            int fieldSize = 32;
+            if (algOid.equals(RosstandartObjectIdentifiers.id_tc26_gost_3410_12_512))
+            {
+                fieldSize = 64;
+            }
+
+            int keySize = 2 * fieldSize;
+
+            byte[] x9Encoding = new byte[1 + keySize];
+            x9Encoding[0] = 0x04;
+            for (int i = 1; i <= fieldSize; ++i)
+            {
+                x9Encoding[i] = keyEnc[fieldSize - i];
+                x9Encoding[i + fieldSize] = keyEnc[keySize - i];
+            }
+
+            GOST3410PublicKeyAlgParameters gostParams = GOST3410PublicKeyAlgParameters.getInstance(keyInfo.getAlgorithm().getParameters());
+
+            ECGOST3410Parameters ecDomainParameters =
+                new ECGOST3410Parameters(
+                    new ECNamedDomainParameters(gostParams.getPublicKeyParamSet(), ECGOST3410NamedCurves.getByOID(gostParams.getPublicKeyParamSet())),
+                    gostParams.getPublicKeyParamSet(),
+                    gostParams.getDigestParamSet(),
+                    gostParams.getEncryptionParamSet());
+
+
+            return new ECPublicKeyParameters(ecDomainParameters.getCurve().decodePoint(x9Encoding), ecDomainParameters);
+        }
+    }
+
+    private static class DSTUConverter
+        extends SubjectPublicKeyInfoConverter
+    {
+        AsymmetricKeyParameter getPublicKeyParameters(SubjectPublicKeyInfo keyInfo, Object defaultParams)
+            throws IOException
+        {
+            DERBitString bits = keyInfo.getPublicKeyData();
+            ASN1OctetString key;
+
+            try
+            {
+                key = (ASN1OctetString)ASN1Primitive.fromByteArray(bits.getBytes());
+            }
+            catch (IOException ex)
+            {
+                throw new IllegalArgumentException("error recovering public key");
+            }
+
+            byte[] keyEnc = key.getOctets();
+
+            if (keyInfo.getAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le))
+            {
+                reverseBytes(keyEnc);
+            }
+
+            DSTU4145Params dstuParams = DSTU4145Params.getInstance(keyInfo.getAlgorithm().getParameters());
+
+            ECDomainParameters ecDomain;
+            if (dstuParams.isNamedCurve())
+            {
+                ASN1ObjectIdentifier curveOid = dstuParams.getNamedCurve();
+
+                ecDomain = DSTU4145NamedCurves.getByOID(curveOid);
+            }
+            else
+            {
+                DSTU4145ECBinary binary = dstuParams.getECBinary();
+                byte[] b_bytes = binary.getB();
+                if (keyInfo.getAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le))
+                {
+                    reverseBytes(b_bytes);
+                }
+                DSTU4145BinaryField field = binary.getField();
+                ECCurve curve = new ECCurve.F2m(field.getM(), field.getK1(), field.getK2(), field.getK3(), binary.getA(), new BigInteger(1, b_bytes));
+                byte[] g_bytes = binary.getG();
+                if (keyInfo.getAlgorithm().getAlgorithm().equals(UAObjectIdentifiers.dstu4145le))
+                {
+                    reverseBytes(g_bytes);
+                }
+                ecDomain = new ECDomainParameters(curve, DSTU4145PointEncoder.decodePoint(curve, g_bytes), binary.getN());
+            }
+
+            return new ECPublicKeyParameters(DSTU4145PointEncoder.decodePoint(ecDomain.getCurve(), keyEnc), ecDomain);
+        }
+
+        private void reverseBytes(byte[] bytes)
+        {
+            byte tmp;
+
+            for (int i = 0; i < bytes.length / 2; i++)
+            {
+                tmp = bytes[i];
+                bytes[i] = bytes[bytes.length - 1 - i];
+                bytes[bytes.length - 1 - i] = tmp;
+            }
+        }
+    }
+
+    private static class X25519Converter
+        extends SubjectPublicKeyInfoConverter
+    {
+        AsymmetricKeyParameter getPublicKeyParameters(SubjectPublicKeyInfo keyInfo, Object defaultParams)
+        {
+            return new X25519PublicKeyParameters(getRawKey(keyInfo, defaultParams, X25519PublicKeyParameters.KEY_SIZE), 0);
+        }
+    }
+
+    private static class X448Converter
+        extends SubjectPublicKeyInfoConverter
+    {
+        AsymmetricKeyParameter getPublicKeyParameters(SubjectPublicKeyInfo keyInfo, Object defaultParams)
+        {
+            return new X448PublicKeyParameters(getRawKey(keyInfo, defaultParams, X448PublicKeyParameters.KEY_SIZE), 0);
+        }
+    }
+
+    private static class Ed25519Converter
+        extends SubjectPublicKeyInfoConverter
+    {
+        AsymmetricKeyParameter getPublicKeyParameters(SubjectPublicKeyInfo keyInfo, Object defaultParams)
+        {
+            return new Ed25519PublicKeyParameters(getRawKey(keyInfo, defaultParams, Ed25519PublicKeyParameters.KEY_SIZE), 0);
+        }
+    }
+
+    private static class Ed448Converter
+        extends SubjectPublicKeyInfoConverter
+    {
+        AsymmetricKeyParameter getPublicKeyParameters(SubjectPublicKeyInfo keyInfo, Object defaultParams)
+        {
+            return new Ed448PublicKeyParameters(getRawKey(keyInfo, defaultParams, Ed448PublicKeyParameters.KEY_SIZE), 0);
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    private static byte[] getRawKey(SubjectPublicKeyInfo keyInfo, Object defaultParams, int expectedSize)
+    {
+        /*
+         * TODO[RFC 8422]
+         * - Require defaultParams == null?
+         * - Require keyInfo.getAlgorithm().getParameters() == null?
+         */
+        byte[] result = keyInfo.getPublicKeyData().getOctets();
+        if (expectedSize != result.length)
+        {
+            throw new RuntimeException("public key encoding has incorrect length");
+        }
+        return result;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/iana/AEADAlgorithm.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/iana/AEADAlgorithm.java
new file mode 100644
index 0000000..7456626
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/iana/AEADAlgorithm.java

@@ -0,0 +1,59 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.iana;
+
+/**
+ * RFC 5116 
+ * @hide This class is not part of the Android public SDK API
+ */
+public class AEADAlgorithm
+{
+    public static final int AEAD_AES_128_GCM = 1;
+    public static final int AEAD_AES_256_GCM = 2;
+    public static final int AEAD_AES_128_CCM = 3;
+    public static final int AEAD_AES_256_CCM = 4;
+
+    /*
+     * RFC 5282
+     */
+    public static final int AEAD_AES_128_GCM_8 = 5;
+    public static final int AEAD_AES_256_GCM_8 = 6;
+    public static final int AEAD_AES_128_GCM_12 = 7;
+    public static final int AEAD_AES_256_GCM_12 = 8;
+    public static final int AEAD_AES_128_CCM_SHORT = 9;
+    public static final int AEAD_AES_256_CCM_SHORT = 10;
+    public static final int AEAD_AES_128_CCM_SHORT_8 = 11;
+    public static final int AEAD_AES_256_CCM_SHORT_8 = 12;
+    public static final int AEAD_AES_128_CCM_SHORT_12 = 13;
+    public static final int AEAD_AES_256_CCM_SHORT_12 = 14;
+
+    /*
+     * RFC 5297
+     */
+    public static final int AEAD_AES_SIV_CMAC_256 = 15;
+    public static final int AEAD_AES_SIV_CMAC_384 = 16;
+    public static final int AEAD_AES_SIV_CMAC_512 = 17;
+
+    /*
+     * RFC 6655
+     */
+    public static final int AEAD_AES_128_CCM_8 = 18;
+    public static final int AEAD_AES_256_CCM_8 = 19;
+
+    /*
+     * RFC 7253
+     */
+    public static final int AEAD_AES_128_OCB_TAGLEN128 = 20;
+    public static final int AEAD_AES_128_OCB_TAGLEN96 = 21;
+    public static final int AEAD_AES_128_OCB_TAGLEN64 = 22;
+    public static final int AEAD_AES_192_OCB_TAGLEN128 = 23;
+    public static final int AEAD_AES_192_OCB_TAGLEN96 = 24;
+    public static final int AEAD_AES_192_OCB_TAGLEN64 = 25;
+    public static final int AEAD_AES_256_OCB_TAGLEN128 = 26;
+    public static final int AEAD_AES_256_OCB_TAGLEN96 = 27;
+    public static final int AEAD_AES_256_OCB_TAGLEN64 = 28;
+
+    /*
+     * RFC 7539
+     */
+    public static final int AEAD_CHACHA20_POLY1305 = 29;
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PBKDFKey.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PBKDFKey.java
new file mode 100644
index 0000000..6f8afac
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PBKDFKey.java

@@ -0,0 +1,13 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce;
+
+import javax.crypto.SecretKey;
+
+/**
+ * Base interface for keys associated with various password based key derivation functions (PBKDF).
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface PBKDFKey
+    extends SecretKey
+{
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PKCS12Key.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PKCS12Key.java
new file mode 100644
index 0000000..1f07c87
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PKCS12Key.java

@@ -0,0 +1,89 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce;
+
+import com.android.org.bouncycastle.crypto.PBEParametersGenerator;
+
+/**
+ * A password based key for use with PKCS#12.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PKCS12Key
+    implements PBKDFKey
+{
+    private final char[] password;
+    private final boolean useWrongZeroLengthConversion;
+    /**
+     * Basic constructor for a password based key - secret key generation parameters will be passed separately..
+     *
+     * @param password password to use.
+     */
+    public PKCS12Key(char[] password)
+    {
+        this(password, false);
+    }
+
+    /**
+     * Unfortunately there seems to be some confusion about how to handle zero length
+     * passwords.
+     *
+     * @param password password to use.
+     * @param useWrongZeroLengthConversion use the incorrect encoding approach (add pad bytes)
+     */
+    public PKCS12Key(char[] password, boolean useWrongZeroLengthConversion)
+    {
+        if (password == null)
+        {
+            password = new char[0];
+        }
+
+        this.password = new char[password.length];
+        this.useWrongZeroLengthConversion = useWrongZeroLengthConversion;
+
+        System.arraycopy(password, 0, this.password, 0, password.length);
+    }
+
+    /**
+     * Return a reference to the char[] array holding the password.
+     *
+     * @return a reference to the password array.
+     */
+    public char[] getPassword()
+    {
+        return password;
+    }
+
+    /**
+     * Return the password based key derivation function this key is for,
+     *
+     * @return the string "PKCS12"
+     */
+    public String getAlgorithm()
+    {
+        return "PKCS12";
+    }
+
+    /**
+     * Return the format encoding.
+     *
+     * @return the string "PKCS12", representing the char[] to byte[] conversion.
+     */
+    public String getFormat()
+    {
+        return "PKCS12";
+    }
+
+    /**
+     * Return the password converted to bytes.
+     *
+     * @return the password converted to a byte array.
+     */
+    public byte[] getEncoded()
+    {
+        if (useWrongZeroLengthConversion && password.length == 0)
+        {
+            return new byte[2];
+        }
+
+        return PBEParametersGenerator.PKCS12PasswordToBytes(password);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PKCS12KeyWithParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PKCS12KeyWithParameters.java
new file mode 100644
index 0000000..c1db2c6
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PKCS12KeyWithParameters.java

@@ -0,0 +1,71 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce;
+
+import javax.crypto.interfaces.PBEKey;
+
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * A password based key for use with PKCS#12 with full PBE parameters.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PKCS12KeyWithParameters
+    extends PKCS12Key
+    implements PBEKey
+{
+    private final byte[] salt;
+    private final int iterationCount;
+
+    /**
+     * Basic constructor for a password based key with generation parameters.
+     *
+     * @param password password to use.
+     * @param salt salt for generation algorithm
+     * @param iterationCount iteration count for generation algorithm.
+     */
+    public PKCS12KeyWithParameters(char[] password, byte[] salt, int iterationCount)
+    {
+        super(password);
+
+        this.salt = Arrays.clone(salt);
+        this.iterationCount = iterationCount;
+    }
+
+
+    /**
+     * Basic constructor for a password based key with generation parameters, specifying the wrong conversion for
+     * zero length passwords.
+     *
+     * @param password password to use.
+     * @param salt salt for generation algorithm
+     * @param iterationCount iteration count for generation algorithm.
+     * @param useWrongZeroLengthConversion use the incorrect encoding approach (add pad bytes)
+     */
+    public PKCS12KeyWithParameters(char[] password, boolean useWrongZeroLengthConversion, byte[] salt, int iterationCount)
+    {
+        super(password, useWrongZeroLengthConversion);
+
+        this.salt = Arrays.clone(salt);
+        this.iterationCount = iterationCount;
+    }
+
+    /**
+     * Return the salt to use in the key derivation function.
+     *
+     * @return the salt to use in the KDF.
+     */
+    public byte[] getSalt()
+    {
+        return salt;
+    }
+
+    /**
+     * Return the iteration count to use in the key derivation function.
+     *
+     * @return the iteration count to use in the KDF.
+     */
+    public int getIterationCount()
+    {
+        return iterationCount;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PKCS12StoreParameter.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PKCS12StoreParameter.java
new file mode 100644
index 0000000..fbc6ff1
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PKCS12StoreParameter.java

@@ -0,0 +1,64 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce;
+
+import java.io.OutputStream;
+import java.security.KeyStore;
+import java.security.KeyStore.LoadStoreParameter;
+import java.security.KeyStore.ProtectionParameter;
+
+/**
+ * LoadStoreParameter to allow for additional config with PKCS12 files.
+ * <p>
+ * Note: if you want a straight DER encoding of a PKCS#12 file you should use this.
+ * </p>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PKCS12StoreParameter
+    implements LoadStoreParameter
+{
+    private final OutputStream out;
+    private final ProtectionParameter protectionParameter;
+    private final boolean forDEREncoding;
+
+    public PKCS12StoreParameter(OutputStream out, char[] password)
+    {
+        this(out, password, false);
+    }
+
+    public PKCS12StoreParameter(OutputStream out, ProtectionParameter protectionParameter)
+    {
+        this(out, protectionParameter, false);
+    }
+
+    public PKCS12StoreParameter(OutputStream out, char[] password, boolean forDEREncoding)
+    {
+        this(out, new KeyStore.PasswordProtection(password), forDEREncoding);
+    }
+
+    public PKCS12StoreParameter(OutputStream out, ProtectionParameter protectionParameter, boolean forDEREncoding)
+    {
+        this.out = out;
+        this.protectionParameter = protectionParameter;
+        this.forDEREncoding = forDEREncoding;
+    }
+
+    public OutputStream getOutputStream()
+    {
+        return out;
+    }
+
+    public ProtectionParameter getProtectionParameter()
+    {
+        return protectionParameter;
+    }
+
+    /**
+     * Return whether the KeyStore used with this parameter should be DER encoded on saving.
+     *
+     * @return true for straight DER encoding, false otherwise,
+     */
+    public boolean isForDEREncoding()
+    {
+        return forDEREncoding;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PKIXCRLStore.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PKIXCRLStore.java
new file mode 100644
index 0000000..4e9a3e2
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PKIXCRLStore.java

@@ -0,0 +1,29 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce;
+
+import java.security.cert.CRL;
+import java.util.Collection;
+
+import com.android.org.bouncycastle.util.Selector;
+import com.android.org.bouncycastle.util.Store;
+import com.android.org.bouncycastle.util.StoreException;
+
+/**
+ * Generic interface for a PKIX based CRL store.
+ *
+ * @param <T> the CRL type.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface PKIXCRLStore<T extends CRL>
+    extends Store<T>
+{
+    /**
+     * Return the matches associated with the passed in selector.
+     *
+     * @param selector the selector defining the match criteria.
+     * @return a collection of matches with the selector, an empty selector if there are none.
+     * @throws StoreException in the event of an issue doing a match.
+     */
+    Collection<T> getMatches(Selector<T> selector)
+        throws StoreException;
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PKIXCRLStoreSelector.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PKIXCRLStoreSelector.java
new file mode 100644
index 0000000..1d3a3d4
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PKIXCRLStoreSelector.java

@@ -0,0 +1,350 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce;
+
+import java.math.BigInteger;
+import java.security.cert.CRL;
+import java.security.cert.CRLSelector;
+import java.security.cert.CertStore;
+import java.security.cert.CertStoreException;
+import java.security.cert.X509CRL;
+import java.security.cert.X509CRLSelector;
+import java.security.cert.X509Certificate;
+import java.util.Collection;
+
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.x509.Extension;
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Selector;
+
+/**
+ * This class is a Selector implementation for X.509 certificate revocation
+ * lists.
+ * 
+ * @see com.android.org.bouncycastle.util.Selector
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PKIXCRLStoreSelector<T extends CRL>
+    implements Selector<T>
+{
+    /**
+     * Builder for a PKIXCRLStoreSelector.
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Builder
+    {
+        private final CRLSelector baseSelector;
+
+        private boolean deltaCRLIndicator = false;
+        private boolean completeCRLEnabled = false;
+        private BigInteger maxBaseCRLNumber = null;
+        private byte[] issuingDistributionPoint = null;
+        private boolean issuingDistributionPointEnabled = false;
+
+        /**
+         * Constructor initializing a builder with a CertSelector.
+         *
+         * @param crlSelector the CertSelector to copy the match details from.
+         */
+        public Builder(CRLSelector crlSelector)
+        {
+            this.baseSelector = (CRLSelector)crlSelector.clone();
+        }
+
+
+        /**
+         * If set to <code>true</code> only complete CRLs are returned.
+         * <p>
+         * {@link #setCompleteCRLEnabled(boolean)} and
+         * {@link #setDeltaCRLIndicatorEnabled(boolean)} excluded each other.
+         *
+         * @param completeCRLEnabled <code>true</code> if only complete CRLs
+         *            should be returned.
+         */
+        public Builder setCompleteCRLEnabled(boolean completeCRLEnabled)
+        {
+            this.completeCRLEnabled = completeCRLEnabled;
+
+            return this;
+        }
+
+        /**
+         * If this is set to <code>true</code> the CRL reported contains the delta
+         * CRL indicator CRL extension.
+         * <p>
+         * {@link #setCompleteCRLEnabled(boolean)} and
+         * {@link #setDeltaCRLIndicatorEnabled(boolean)} excluded each other.
+         *
+         * @param deltaCRLIndicator <code>true</code> if the delta CRL indicator
+         *            extension must be in the CRL.
+         */
+        public Builder setDeltaCRLIndicatorEnabled(boolean deltaCRLIndicator)
+        {
+            this.deltaCRLIndicator = deltaCRLIndicator;
+
+            return this;
+        }
+
+        /**
+         * Sets the maximum base CRL number. Setting to <code>null</code> disables
+         * this cheack.
+         * <p>
+         * This is only meaningful for delta CRLs. Complete CRLs must have a CRL
+         * number which is greater or equal than the base number of the
+         * corresponding CRL.
+         *
+         * @param maxBaseCRLNumber The maximum base CRL number to set.
+         */
+        public void setMaxBaseCRLNumber(BigInteger maxBaseCRLNumber)
+        {
+            this.maxBaseCRLNumber = maxBaseCRLNumber;
+        }
+
+        /**
+         * Enables or disables the issuing distribution point check.
+         *
+         * @param issuingDistributionPointEnabled <code>true</code> to enable the
+         *            issuing distribution point check.
+         */
+        public void setIssuingDistributionPointEnabled(
+            boolean issuingDistributionPointEnabled)
+        {
+            this.issuingDistributionPointEnabled = issuingDistributionPointEnabled;
+        }
+
+        /**
+         * Sets the issuing distribution point.
+         * <p>
+         * The issuing distribution point extension is a CRL extension which
+         * identifies the scope and the distribution point of a CRL. The scope
+         * contains among others information about revocation reasons contained in
+         * the CRL. Delta CRLs and complete CRLs must have matching issuing
+         * distribution points.
+         * <p>
+         * The byte array is cloned to protect against subsequent modifications.
+         * <p>
+         * You must also enable or disable this criteria with
+         * {@link #setIssuingDistributionPointEnabled(boolean)}.
+         *
+         * @param issuingDistributionPoint The issuing distribution point to set.
+         *            This is the DER encoded OCTET STRING extension value.
+         * @see #getIssuingDistributionPoint()
+         */
+        public void setIssuingDistributionPoint(byte[] issuingDistributionPoint)
+        {
+            this.issuingDistributionPoint = Arrays.clone(issuingDistributionPoint);
+        }
+
+        /**
+         * Build a selector.
+         *
+         * @return a new PKIXCRLStoreSelector
+         */
+        public PKIXCRLStoreSelector<? extends CRL> build()
+        {
+            return new PKIXCRLStoreSelector(this);
+        }
+    }
+
+    private final CRLSelector baseSelector;
+    private final boolean deltaCRLIndicator;
+    private final boolean completeCRLEnabled;
+    private final BigInteger maxBaseCRLNumber;
+    private final byte[] issuingDistributionPoint;
+    private final boolean issuingDistributionPointEnabled;
+
+    private PKIXCRLStoreSelector(Builder baseBuilder)
+    {
+        this.baseSelector = baseBuilder.baseSelector;
+        this.deltaCRLIndicator = baseBuilder.deltaCRLIndicator;
+        this.completeCRLEnabled = baseBuilder.completeCRLEnabled;
+        this.maxBaseCRLNumber = baseBuilder.maxBaseCRLNumber;
+        this.issuingDistributionPoint = baseBuilder.issuingDistributionPoint;
+        this.issuingDistributionPointEnabled = baseBuilder.issuingDistributionPointEnabled;
+    }
+
+
+    /**
+     * Returns if the issuing distribution point criteria should be applied.
+     * Defaults to <code>false</code>.
+     * <p>
+     * You may also set the issuing distribution point criteria if not a missing
+     * issuing distribution point should be assumed.
+     * 
+     * @return Returns if the issuing distribution point check is enabled.
+     */
+    public boolean isIssuingDistributionPointEnabled()
+    {
+        return issuingDistributionPointEnabled;
+    }
+
+
+
+    public boolean match(CRL obj)
+    {
+        if (!(obj instanceof X509CRL))
+        {
+            return baseSelector.match(obj);
+        }
+
+        X509CRL crl = (X509CRL)obj;
+        ASN1Integer dci = null;
+        try
+        {
+            byte[] bytes = crl
+                .getExtensionValue(Extension.deltaCRLIndicator.getId());
+            if (bytes != null)
+            {
+                dci = ASN1Integer.getInstance(ASN1OctetString.getInstance(bytes).getOctets());
+            }
+        }
+        catch (Exception e)
+        {
+            return false;
+        }
+        if (isDeltaCRLIndicatorEnabled())
+        {
+            if (dci == null)
+            {
+                return false;
+            }
+        }
+        if (isCompleteCRLEnabled())
+        {
+            if (dci != null)
+            {
+                return false;
+            }
+        }
+        if (dci != null)
+        {
+
+            if (maxBaseCRLNumber != null)
+            {
+                if (dci.getPositiveValue().compareTo(maxBaseCRLNumber) == 1)
+                {
+                    return false;
+                }
+            }
+        }
+        if (issuingDistributionPointEnabled)
+        {
+            byte[] idp = crl
+                .getExtensionValue(Extension.issuingDistributionPoint
+                    .getId());
+            if (issuingDistributionPoint == null)
+            {
+                if (idp != null)
+                {
+                    return false;
+                }
+            }
+            else
+            {
+                if (!Arrays.areEqual(idp, issuingDistributionPoint))
+                {
+                    return false;
+                }
+            }
+
+        }
+        return baseSelector.match(obj);
+    }
+
+    /**
+     * Returns if this selector must match CRLs with the delta CRL indicator
+     * extension set. Defaults to <code>false</code>.
+     * 
+     * @return Returns <code>true</code> if only CRLs with the delta CRL
+     *         indicator extension are selected.
+     */
+    public boolean isDeltaCRLIndicatorEnabled()
+    {
+        return deltaCRLIndicator;
+    }
+
+    public Object clone()
+    {
+        return this;
+    }
+
+    /**
+     * If <code>true</code> only complete CRLs are returned. Defaults to
+     * <code>false</code>.
+     * 
+     * @return <code>true</code> if only complete CRLs are returned.
+     */
+    public boolean isCompleteCRLEnabled()
+    {
+        return completeCRLEnabled;
+    }
+
+    /**
+     * Get the maximum base CRL number. Defaults to <code>null</code>.
+     * 
+     * @return Returns the maximum base CRL number.
+     */
+    public BigInteger getMaxBaseCRLNumber()
+    {
+        return maxBaseCRLNumber;
+    }
+
+
+    /**
+     * Returns the issuing distribution point. Defaults to <code>null</code>,
+     * which is a missing issuing distribution point extension.
+     * <p>
+     * The internal byte array is cloned before it is returned.
+     * <p>
+     * The criteria must be enable with Builder.setIssuingDistributionPointEnabled(boolean)}.
+     * 
+     * @return Returns the issuing distribution point.
+     */
+    public byte[] getIssuingDistributionPoint()
+    {
+        return Arrays.clone(issuingDistributionPoint);
+    }
+
+    public X509Certificate getCertificateChecking()
+    {
+        if (baseSelector instanceof X509CRLSelector)
+        {
+            return ((X509CRLSelector)baseSelector).getCertificateChecking();
+        }
+
+        return null;
+    }
+
+    public static Collection<? extends CRL> getCRLs(final PKIXCRLStoreSelector selector, CertStore certStore)
+        throws CertStoreException
+    {
+        return certStore.getCRLs(new SelectorClone(selector));
+    }
+
+    private static class SelectorClone
+        extends X509CRLSelector
+    {
+        private final PKIXCRLStoreSelector selector;
+
+        SelectorClone(PKIXCRLStoreSelector selector)
+        {
+            this.selector = selector;
+
+            if (selector.baseSelector instanceof X509CRLSelector)
+            {
+                X509CRLSelector baseSelector = (X509CRLSelector)selector.baseSelector;
+
+                this.setCertificateChecking(baseSelector.getCertificateChecking());
+                this.setDateAndTime(baseSelector.getDateAndTime());
+                this.setIssuers(baseSelector.getIssuers());
+                this.setMinCRLNumber(baseSelector.getMinCRL());
+                this.setMaxCRLNumber(baseSelector.getMaxCRL());
+            }
+        }
+
+        public boolean match(CRL crl)
+        {
+            return (selector == null) ? (crl != null) : selector.match(crl);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PKIXCertStore.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PKIXCertStore.java
new file mode 100644
index 0000000..ef4e844
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PKIXCertStore.java

@@ -0,0 +1,29 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce;
+
+import java.security.cert.Certificate;
+import java.util.Collection;
+
+import com.android.org.bouncycastle.util.Selector;
+import com.android.org.bouncycastle.util.Store;
+import com.android.org.bouncycastle.util.StoreException;
+
+/**
+ * Generic interface for a PKIX based certificate store.
+ *
+ * @param <T> the certificate type.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface PKIXCertStore<T extends Certificate>
+    extends Store<T>
+{
+    /**
+     * Return the matches associated with the passed in selector.
+     *
+     * @param selector the selector defining the match criteria.
+     * @return a collection of matches with the selector, an empty selector if there are none.
+     * @throws StoreException in the event of an issue doing a match.
+     */
+    Collection<T> getMatches(Selector<T> selector)
+        throws StoreException;
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PKIXCertStoreSelector.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PKIXCertStoreSelector.java
new file mode 100644
index 0000000..a2cdb8c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PKIXCertStoreSelector.java

@@ -0,0 +1,122 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce;
+
+import java.io.IOException;
+import java.security.cert.CertSelector;
+import java.security.cert.CertStore;
+import java.security.cert.CertStoreException;
+import java.security.cert.Certificate;
+import java.security.cert.X509CertSelector;
+import java.util.Collection;
+
+import com.android.org.bouncycastle.util.Selector;
+
+/**
+ * This class is a Selector implementation for certificates.
+ * 
+ * @see com.android.org.bouncycastle.util.Selector
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PKIXCertStoreSelector<T extends Certificate>
+    implements Selector<T>
+{
+    /**
+     * Builder for a PKIXCertStoreSelector.
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Builder
+    {
+        private final CertSelector baseSelector;
+
+        /**
+         * Constructor initializing a builder with a CertSelector.
+         *
+         * @param certSelector the CertSelector to copy the match details from.
+         */
+        public Builder(CertSelector certSelector)
+        {
+            this.baseSelector = (CertSelector)certSelector.clone();
+        }
+
+        /**
+         * Build a selector.
+         *
+         * @return a new PKIXCertStoreSelector
+         */
+        public PKIXCertStoreSelector<? extends Certificate> build()
+        {
+            return new PKIXCertStoreSelector(baseSelector);
+        }
+    }
+
+    private final CertSelector baseSelector;
+
+    private PKIXCertStoreSelector(CertSelector baseSelector)
+    {
+        this.baseSelector = baseSelector;
+    }
+
+    public boolean match(Certificate cert)
+    {
+        return baseSelector.match(cert);
+    }
+
+    public Object clone()
+    {
+        return new PKIXCertStoreSelector(baseSelector);
+    }
+
+    public static Collection<? extends Certificate> getCertificates(final PKIXCertStoreSelector selector, CertStore certStore)
+        throws CertStoreException
+    {
+        return certStore.getCertificates(new SelectorClone(selector));
+    }
+
+    private static class SelectorClone
+        extends X509CertSelector
+    {
+        private final PKIXCertStoreSelector selector;
+
+        SelectorClone(PKIXCertStoreSelector selector)
+        {
+            this.selector = selector;
+
+            if (selector.baseSelector instanceof X509CertSelector)
+            {
+                X509CertSelector baseSelector = (X509CertSelector)selector.baseSelector;
+
+                this.setAuthorityKeyIdentifier(baseSelector.getAuthorityKeyIdentifier());
+                this.setBasicConstraints(baseSelector.getBasicConstraints());
+                this.setCertificate(baseSelector.getCertificate());
+                this.setCertificateValid(baseSelector.getCertificateValid());
+                this.setKeyUsage(baseSelector.getKeyUsage());
+                this.setMatchAllSubjectAltNames(baseSelector.getMatchAllSubjectAltNames());
+                this.setPrivateKeyValid(baseSelector.getPrivateKeyValid());
+                this.setSerialNumber(baseSelector.getSerialNumber());
+                this.setSubjectKeyIdentifier(baseSelector.getSubjectKeyIdentifier());
+                this.setSubjectPublicKey(baseSelector.getSubjectPublicKey());
+
+                try
+                {
+                    this.setExtendedKeyUsage(baseSelector.getExtendedKeyUsage());
+                    this.setIssuer(baseSelector.getIssuerAsBytes());
+                    this.setNameConstraints(baseSelector.getNameConstraints());
+                    this.setPathToNames(baseSelector.getPathToNames());
+                    this.setPolicy(baseSelector.getPolicy());
+                    this.setSubject(baseSelector.getSubjectAsBytes());
+                    this.setSubjectAlternativeNames(baseSelector.getSubjectAlternativeNames());
+                    this.setSubjectPublicKeyAlgID(baseSelector.getSubjectPublicKeyAlgID());
+                }
+                catch (IOException e)
+                {
+                    throw new IllegalStateException("base selector invalid: " + e.getMessage(), e);
+                }
+            }
+        }
+
+        public boolean match(Certificate certificate)
+        {
+            return (selector == null) ? (certificate != null) : selector.match(certificate);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PKIXExtendedBuilderParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PKIXExtendedBuilderParameters.java
new file mode 100644
index 0000000..7bd823b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PKIXExtendedBuilderParameters.java

@@ -0,0 +1,144 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce;
+
+import java.security.InvalidParameterException;
+import java.security.cert.CertPathParameters;
+import java.security.cert.PKIXBuilderParameters;
+import java.security.cert.X509Certificate;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Set;
+
+/**
+ * This class contains extended parameters for PKIX certification path builders.
+ * 
+ * @see PKIXBuilderParameters
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PKIXExtendedBuilderParameters
+    implements CertPathParameters
+{
+    /**
+     * Builder for a PKIXExtendedBuilderParameters object.
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Builder
+    {
+        private final PKIXExtendedParameters baseParameters;
+
+        private int maxPathLength = 5;
+        private Set<X509Certificate> excludedCerts = new HashSet<X509Certificate>();
+
+        public Builder(PKIXBuilderParameters baseParameters)
+        {
+            this.baseParameters = new PKIXExtendedParameters.Builder(baseParameters).build();
+            this.maxPathLength = baseParameters.getMaxPathLength();
+        }
+
+        public Builder(PKIXExtendedParameters baseParameters)
+        {
+            this.baseParameters = baseParameters;
+        }
+
+        /**
+         * Adds excluded certificates which are not used for building a
+         * certification path.
+         * <p>
+         * The given set is cloned to protect it against subsequent modifications.
+         *
+         * @param excludedCerts The excluded certificates to set.
+         */
+        public Builder addExcludedCerts(Set<X509Certificate> excludedCerts)
+        {
+            this.excludedCerts.addAll(excludedCerts);
+
+            return this;
+        }
+
+        /**
+         * Sets the maximum number of intermediate non-self-issued certificates in a
+         * certification path. The PKIX <code>CertPathBuilder</code> must not
+         * build paths longer then this length.
+         * <p>
+         * A value of 0 implies that the path can only contain a single certificate.
+         * A value of -1 does not limit the length. The default length is 5.
+         *
+         * <p>
+         *
+         * The basic constraints extension of a CA certificate overrides this value
+         * if smaller.
+         *
+         * @param maxPathLength the maximum number of non-self-issued intermediate
+         *            certificates in the certification path
+         * @throws InvalidParameterException if <code>maxPathLength</code> is set
+         *             to a value less than -1
+         *
+         * @see #getMaxPathLength
+         */
+        public Builder setMaxPathLength(int maxPathLength)
+        {
+            if (maxPathLength < -1)
+            {
+                throw new InvalidParameterException("The maximum path "
+                        + "length parameter can not be less than -1.");
+            }
+            this.maxPathLength = maxPathLength;
+
+            return this;
+        }
+
+        public PKIXExtendedBuilderParameters build()
+        {
+            return new PKIXExtendedBuilderParameters(this);
+        }
+    }
+
+    private final PKIXExtendedParameters baseParameters;
+    private final Set<X509Certificate> excludedCerts;
+    private final int maxPathLength;
+
+    private PKIXExtendedBuilderParameters(Builder builder)
+    {
+        this.baseParameters = builder.baseParameters;
+        this.excludedCerts = Collections.unmodifiableSet(builder.excludedCerts);
+        this.maxPathLength = builder.maxPathLength;
+    }
+
+    public PKIXExtendedParameters getBaseParameters()
+    {
+        return baseParameters;
+    }
+
+    /**
+     * Excluded certificates are not used for building a certification path.
+     * <p>
+     * The returned set is immutable.
+     * 
+     * @return Returns the excluded certificates.
+     */
+    public Set getExcludedCerts()
+    {
+        return excludedCerts;
+    }
+
+    /**
+     * Returns the value of the maximum number of intermediate non-self-issued
+     * certificates in the certification path.
+     * 
+     * @return the maximum number of non-self-issued intermediate certificates
+     *         in the certification path, or -1 if no limit exists.
+     */
+    public int getMaxPathLength()
+    {
+        return maxPathLength;
+    }
+
+    /**
+     * @return this object
+     */
+    public Object clone()
+    {
+        return this;
+    }
+}
+

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PKIXExtendedParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PKIXExtendedParameters.java
new file mode 100644
index 0000000..e07d543
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/PKIXExtendedParameters.java

@@ -0,0 +1,347 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce;
+
+import java.security.cert.CertPathParameters;
+import java.security.cert.CertSelector;
+import java.security.cert.CertStore;
+import java.security.cert.PKIXParameters;
+import java.security.cert.TrustAnchor;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Date;
+import java.util.HashMap;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import com.android.org.bouncycastle.asn1.x509.GeneralName;
+
+/**
+ * This class extends the PKIXParameters with a validity model parameter.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PKIXExtendedParameters
+    implements CertPathParameters
+{
+    /**
+     * This is the default PKIX validity model. Actually there are two variants
+     * of this: The PKIX model and the modified PKIX model. The PKIX model
+     * verifies that all involved certificates must have been valid at the
+     * current time. The modified PKIX model verifies that all involved
+     * certificates were valid at the signing time. Both are indirectly choosen
+     * with the {@link PKIXParameters#setDate(Date)} method, so this
+     * methods sets the Date when <em>all</em> certificates must have been
+     * valid.
+     */
+    public static final int PKIX_VALIDITY_MODEL = 0;
+
+    /**
+     * This model uses the following validity model. Each certificate must have
+     * been valid at the moment where is was used. That means the end
+     * certificate must have been valid at the time the signature was done. The
+     * CA certificate which signed the end certificate must have been valid,
+     * when the end certificate was signed. The CA (or Root CA) certificate must
+     * have been valid, when the CA certificate was signed and so on. So the
+     * {@link PKIXParameters#setDate(Date)} method sets the time, when
+     * the <em>end certificate</em> must have been valid. It is used e.g.
+     * in the German signature law.
+     */
+    public static final int CHAIN_VALIDITY_MODEL = 1;
+
+    /**
+     * Builder for a PKIXExtendedParameters object.
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Builder
+    {
+        private final PKIXParameters baseParameters;
+        private final Date date;
+
+        private PKIXCertStoreSelector targetConstraints;
+        private List<PKIXCertStore> extraCertStores = new ArrayList<PKIXCertStore>();
+        private Map<GeneralName, PKIXCertStore> namedCertificateStoreMap = new HashMap<GeneralName, PKIXCertStore>();
+        private List<PKIXCRLStore> extraCRLStores = new ArrayList<PKIXCRLStore>();
+        private Map<GeneralName, PKIXCRLStore> namedCRLStoreMap = new HashMap<GeneralName, PKIXCRLStore>();
+        private boolean revocationEnabled;
+        private int validityModel = PKIX_VALIDITY_MODEL;
+        private boolean useDeltas = false;
+        private Set<TrustAnchor> trustAnchors;
+
+        public Builder(PKIXParameters baseParameters)
+        {
+            this.baseParameters = (PKIXParameters)baseParameters.clone();
+            CertSelector constraints = baseParameters.getTargetCertConstraints();
+            if (constraints != null)
+            {
+                this.targetConstraints = new PKIXCertStoreSelector.Builder(constraints).build();
+            }
+            Date checkDate = baseParameters.getDate();
+            this.date = (checkDate == null) ? new Date() : checkDate;
+            this.revocationEnabled = baseParameters.isRevocationEnabled();
+            this.trustAnchors = baseParameters.getTrustAnchors();
+        }
+
+        public Builder(PKIXExtendedParameters baseParameters)
+        {
+            this.baseParameters = baseParameters.baseParameters;
+            this.date = baseParameters.date;
+            this.targetConstraints = baseParameters.targetConstraints;
+            this.extraCertStores = new ArrayList<PKIXCertStore>(baseParameters.extraCertStores);
+            this.namedCertificateStoreMap = new HashMap<GeneralName, PKIXCertStore>(baseParameters.namedCertificateStoreMap);
+            this.extraCRLStores = new ArrayList<PKIXCRLStore>(baseParameters.extraCRLStores);
+            this.namedCRLStoreMap = new HashMap<GeneralName, PKIXCRLStore>(baseParameters.namedCRLStoreMap);
+            this.useDeltas = baseParameters.useDeltas;
+            this.validityModel = baseParameters.validityModel;
+            this.revocationEnabled = baseParameters.isRevocationEnabled();
+            this.trustAnchors = baseParameters.getTrustAnchors();
+        }
+
+        public Builder addCertificateStore(PKIXCertStore store)
+        {
+            extraCertStores.add(store);
+
+            return this;
+        }
+
+        public Builder addNamedCertificateStore(GeneralName issuerAltName, PKIXCertStore store)
+        {
+            namedCertificateStoreMap.put(issuerAltName, store);
+
+            return this;
+        }
+
+        public Builder addCRLStore(PKIXCRLStore store)
+        {
+            extraCRLStores.add(store);
+
+            return this;
+        }
+
+        public Builder addNamedCRLStore(GeneralName issuerAltName, PKIXCRLStore store)
+        {
+            namedCRLStoreMap.put(issuerAltName, store);
+
+            return this;
+        }
+
+        public Builder setTargetConstraints(PKIXCertStoreSelector selector)
+        {
+            targetConstraints = selector;
+
+            return this;
+        }
+
+        /**
+         * Sets if delta CRLs should be used for checking the revocation status.
+         *
+         * @param useDeltas <code>true</code> if delta CRLs should be used.
+         */
+        public Builder setUseDeltasEnabled(boolean useDeltas)
+        {
+            this.useDeltas = useDeltas;
+
+            return this;
+        }
+
+        /**
+         * @param validityModel The validity model to set.
+         * @see #CHAIN_VALIDITY_MODEL
+         * @see #PKIX_VALIDITY_MODEL
+         */
+        public Builder setValidityModel(int validityModel)
+        {
+            this.validityModel = validityModel;
+
+            return this;
+        }
+
+        /**
+         * Set the trustAnchor to be used with these parameters.
+         *
+         * @param trustAnchor the trust anchor end-entity and CRLs must be based on.
+         * @return the current builder.
+         */
+        public Builder setTrustAnchor(TrustAnchor trustAnchor)
+        {
+            this.trustAnchors = Collections.singleton(trustAnchor);
+
+            return this;
+        }
+
+        /**
+         * Set the set of trustAnchors to be used with these parameters.
+         *
+         * @param trustAnchors  a set of trustAnchors, one of which a particular end-entity and it's associated CRLs must be based on.
+         * @return the current builder.
+         */
+        public Builder setTrustAnchors(Set<TrustAnchor> trustAnchors)
+        {
+            this.trustAnchors = trustAnchors;
+
+            return this;
+        }
+
+        /**
+         * Flag whether or not revocation checking is to be enabled.
+         *
+         * @param revocationEnabled  true if revocation checking to be enabled, false otherwise.
+         */
+        public void setRevocationEnabled(boolean revocationEnabled)
+        {
+            this.revocationEnabled = revocationEnabled;
+        }
+
+        public PKIXExtendedParameters build()
+        {
+            return new PKIXExtendedParameters(this);
+        }
+    }
+
+    private final PKIXParameters baseParameters;
+    private final PKIXCertStoreSelector targetConstraints;
+    private final Date date;
+    private final List<PKIXCertStore> extraCertStores;
+    private final Map<GeneralName, PKIXCertStore> namedCertificateStoreMap;
+    private final List<PKIXCRLStore> extraCRLStores;
+    private final Map<GeneralName, PKIXCRLStore> namedCRLStoreMap;
+    private final boolean revocationEnabled;
+    private final boolean useDeltas;
+    private final int validityModel;
+    private final Set<TrustAnchor> trustAnchors;
+
+    private PKIXExtendedParameters(Builder builder)
+    {
+        this.baseParameters = builder.baseParameters;
+        this.date = builder.date;
+        this.extraCertStores = Collections.unmodifiableList(builder.extraCertStores);
+        this.namedCertificateStoreMap = Collections.unmodifiableMap(new HashMap<GeneralName, PKIXCertStore>(builder.namedCertificateStoreMap));
+        this.extraCRLStores = Collections.unmodifiableList(builder.extraCRLStores);
+        this.namedCRLStoreMap = Collections.unmodifiableMap(new HashMap<GeneralName, PKIXCRLStore>(builder.namedCRLStoreMap));
+        this.targetConstraints = builder.targetConstraints;
+        this.revocationEnabled = builder.revocationEnabled;
+        this.useDeltas = builder.useDeltas;
+        this.validityModel = builder.validityModel;
+        this.trustAnchors = Collections.unmodifiableSet(builder.trustAnchors);
+    }
+
+    public List<PKIXCertStore> getCertificateStores()
+    {
+        return extraCertStores;
+    }
+
+
+    public Map<GeneralName, PKIXCertStore> getNamedCertificateStoreMap()
+    {
+        return namedCertificateStoreMap;
+    }
+
+    public List<PKIXCRLStore> getCRLStores()
+    {
+        return extraCRLStores;
+    }
+
+    public Map<GeneralName, PKIXCRLStore> getNamedCRLStoreMap()
+    {
+        return namedCRLStoreMap;
+    }
+
+    public Date getDate()
+    {
+        return new Date(date.getTime());
+    }
+
+
+
+
+    /**
+     * Defaults to <code>false</code>.
+     *
+     * @return Returns if delta CRLs should be used.
+     */
+    public boolean isUseDeltasEnabled()
+    {
+        return useDeltas;
+    }
+
+
+
+    /**
+     * @return Returns the validity model.
+     * @see #CHAIN_VALIDITY_MODEL
+     * @see #PKIX_VALIDITY_MODEL
+     */
+    public int getValidityModel()
+    {
+        return validityModel;
+    }
+
+    public Object clone()
+    {
+        return this;
+    }
+
+    /**
+     * Returns the required constraints on the target certificate.
+     * The constraints are returned as an instance of
+     * <code>Selector</code>. If <code>null</code>, no constraints are
+     * defined.
+     *
+     * @return a <code>Selector</code> specifying the constraints on the
+     *         target certificate or attribute certificate (or <code>null</code>)
+     * @see PKIXCertStoreSelector
+     */
+    public PKIXCertStoreSelector getTargetConstraints()
+    {
+        return targetConstraints;
+    }
+
+    public Set getTrustAnchors()
+    {
+        return trustAnchors;
+    }
+
+    public Set getInitialPolicies()
+    {
+        return baseParameters.getInitialPolicies();
+    }
+
+    public String getSigProvider()
+    {
+        return baseParameters.getSigProvider();
+    }
+
+    public boolean isExplicitPolicyRequired()
+    {
+        return baseParameters.isExplicitPolicyRequired();
+    }
+
+    public boolean isAnyPolicyInhibited()
+    {
+        return baseParameters.isAnyPolicyInhibited();
+    }
+
+    public boolean isPolicyMappingInhibited()
+    {
+        return baseParameters.isPolicyMappingInhibited();
+    }
+
+    public List getCertPathCheckers()
+    {
+        return baseParameters.getCertPathCheckers();
+    }
+
+    public List<CertStore> getCertStores()
+    {
+        return baseParameters.getCertStores();
+    }
+
+    public boolean isRevocationEnabled()
+    {
+        return revocationEnabled;
+    }
+
+    public boolean getPolicyQualifiersRejected()
+    {
+        return baseParameters.getPolicyQualifiersRejected();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/io/DigestUpdatingOutputStream.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/io/DigestUpdatingOutputStream.java
new file mode 100644
index 0000000..9eb6915
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/io/DigestUpdatingOutputStream.java

@@ -0,0 +1,35 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.io;
+
+import java.io.IOException;
+import java.io.OutputStream;
+import java.security.MessageDigest;
+
+class DigestUpdatingOutputStream
+    extends OutputStream
+{
+    private MessageDigest digest;
+
+    DigestUpdatingOutputStream(MessageDigest digest)
+    {
+        this.digest = digest;
+    }
+
+    public void write(byte[] bytes, int off, int len)
+        throws IOException
+    {
+        digest.update(bytes, off, len);
+    }
+
+    public void write(byte[] bytes)
+        throws IOException
+    {
+        digest.update(bytes);
+    }
+
+    public void write(int b)
+        throws IOException
+    {
+        digest.update((byte)b);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/io/MacUpdatingOutputStream.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/io/MacUpdatingOutputStream.java
new file mode 100644
index 0000000..c508880
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/io/MacUpdatingOutputStream.java

@@ -0,0 +1,36 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.io;
+
+import java.io.IOException;
+import java.io.OutputStream;
+
+import javax.crypto.Mac;
+
+class MacUpdatingOutputStream
+    extends OutputStream
+{
+    private Mac mac;
+
+    MacUpdatingOutputStream(Mac mac)
+    {
+        this.mac = mac;
+    }
+
+    public void write(byte[] bytes, int off, int len)
+        throws IOException
+    {
+        mac.update(bytes, off, len);
+    }
+
+    public void write(byte[] bytes)
+        throws IOException
+    {
+        mac.update(bytes);
+    }
+
+    public void write(int b)
+        throws IOException
+    {
+        mac.update((byte)b);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/io/OutputStreamFactory.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/io/OutputStreamFactory.java
new file mode 100644
index 0000000..2e44273
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/io/OutputStreamFactory.java

@@ -0,0 +1,48 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.io;
+
+import java.io.OutputStream;
+import java.security.MessageDigest;
+import java.security.Signature;
+
+import javax.crypto.Mac;
+
+/**
+ * Utility class for creating OutputStreams from different JCA/JCE operators.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class OutputStreamFactory
+{
+    /**
+     * Create an OutputStream that wraps a signature.
+     *
+     * @param signature the signature to be updated as the stream is written to.
+     * @return an OutputStream.
+     */
+    public static OutputStream createStream(Signature signature)
+    {
+        return new SignatureUpdatingOutputStream(signature);
+    }
+
+    /**
+     * Create an OutputStream that wraps a digest.
+     *
+     * @param digest the digest to be updated as the stream is written to.
+     * @return an OutputStream.
+     */
+    public static OutputStream createStream(MessageDigest digest)
+    {
+        return new DigestUpdatingOutputStream(digest);
+    }
+
+    /**
+     * Create an OutputStream that wraps a mac.
+     *
+     * @param mac the signature to be updated as the stream is written to.
+     * @return an OutputStream.
+     */
+    public static OutputStream createStream(Mac mac)
+    {
+        return new MacUpdatingOutputStream(mac);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/io/SignatureUpdatingOutputStream.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/io/SignatureUpdatingOutputStream.java
new file mode 100644
index 0000000..c96bcf2
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/io/SignatureUpdatingOutputStream.java

@@ -0,0 +1,57 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.io;
+
+import java.io.IOException;
+import java.io.OutputStream;
+import java.security.Signature;
+import java.security.SignatureException;
+
+class SignatureUpdatingOutputStream
+    extends OutputStream
+{
+    private Signature sig;
+
+    SignatureUpdatingOutputStream(Signature sig)
+    {
+        this.sig = sig;
+    }
+
+    public void write(byte[] bytes, int off, int len)
+        throws IOException
+    {
+        try
+        {
+            sig.update(bytes, off, len);
+        }
+        catch (SignatureException e)
+        {
+            throw new IOException(e.getMessage());
+        }
+    }
+
+    public void write(byte[] bytes)
+        throws IOException
+    {
+        try
+        {
+            sig.update(bytes);
+        }
+        catch (SignatureException e)
+        {
+            throw new IOException(e.getMessage());
+        }
+    }
+
+    public void write(int b)
+        throws IOException
+    {
+        try
+        {
+            sig.update((byte)b);
+        }
+        catch (SignatureException e)
+        {
+            throw new IOException(e.getMessage());
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/DH.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/DH.java
new file mode 100644
index 0000000..97d28f1
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/DH.java

@@ -0,0 +1,109 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.dh.KeyFactorySpi;
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+import com.android.org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DH
+{
+    private static final String PREFIX = "com.android.org.bouncycastle.jcajce.provider.asymmetric" + ".dh.";
+
+    private static final Map<String, String> generalDhAttributes = new HashMap<String, String>();
+
+    static
+    {
+        generalDhAttributes.put("SupportedKeyClasses", "javax.crypto.interfaces.DHPublicKey|javax.crypto.interfaces.DHPrivateKey");
+        generalDhAttributes.put("SupportedKeyFormats", "PKCS#8|X.509");
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Mappings
+        extends AsymmetricAlgorithmProvider
+    {
+        public Mappings()
+        {
+        }
+
+        public void configure(ConfigurableProvider provider)
+        {
+            provider.addAlgorithm("KeyPairGenerator.DH", PREFIX + "KeyPairGeneratorSpi");
+            provider.addAlgorithm("Alg.Alias.KeyPairGenerator.DIFFIEHELLMAN", "DH");
+
+            provider.addAttributes("KeyAgreement.DH", generalDhAttributes);
+            provider.addAlgorithm("KeyAgreement.DH", PREFIX + "KeyAgreementSpi");
+            provider.addAlgorithm("Alg.Alias.KeyAgreement.DIFFIEHELLMAN", "DH");
+            // BEGIN Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("KeyAgreement", PKCSObjectIdentifiers.id_alg_ESDH, PREFIX + "KeyAgreementSpi$DHwithRFC2631KDF");
+            // provider.addAlgorithm("KeyAgreement", PKCSObjectIdentifiers.id_alg_SSDH, PREFIX + "KeyAgreementSpi$DHwithRFC2631KDF");
+            // END Android-removed: Unsupported algorithms
+
+            provider.addAlgorithm("KeyFactory.DH", PREFIX + "KeyFactorySpi");
+            provider.addAlgorithm("Alg.Alias.KeyFactory.DIFFIEHELLMAN", "DH");
+
+            provider.addAlgorithm("AlgorithmParameters.DH", PREFIX + "AlgorithmParametersSpi");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.DIFFIEHELLMAN", "DH");
+
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator.DIFFIEHELLMAN", "DH");
+
+            provider.addAlgorithm("AlgorithmParameterGenerator.DH", PREFIX + "AlgorithmParameterGeneratorSpi");
+
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            provider.addAlgorithm("Cipher.IES", PREFIX + "IESCipher$IES");
+            provider.addAlgorithm("Cipher.IESwithAES-CBC", PREFIX + "IESCipher$IESwithAESCBC");
+            provider.addAlgorithm("Cipher.IESWITHAES-CBC", PREFIX + "IESCipher$IESwithAESCBC");
+            provider.addAlgorithm("Cipher.IESWITHDESEDE-CBC", PREFIX + "IESCipher$IESwithDESedeCBC");
+
+            provider.addAlgorithm("Cipher.DHIES", PREFIX + "IESCipher$IES");
+            provider.addAlgorithm("Cipher.DHIESwithAES-CBC", PREFIX + "IESCipher$IESwithAESCBC");
+            provider.addAlgorithm("Cipher.DHIESWITHAES-CBC", PREFIX + "IESCipher$IESwithAESCBC");
+            provider.addAlgorithm("Cipher.DHIESWITHDESEDE-CBC", PREFIX + "IESCipher$IESwithDESedeCBC");
+
+            provider.addAlgorithm("KeyAgreement.DHWITHSHA1KDF", PREFIX + "KeyAgreementSpi$DHwithSHA1KDF");
+            provider.addAlgorithm("KeyAgreement.DHWITHSHA224KDF", PREFIX + "KeyAgreementSpi$DHwithSHA224KDF");
+            provider.addAlgorithm("KeyAgreement.DHWITHSHA256KDF", PREFIX + "KeyAgreementSpi$DHwithSHA256KDF");
+            provider.addAlgorithm("KeyAgreement.DHWITHSHA384KDF", PREFIX + "KeyAgreementSpi$DHwithSHA384KDF");
+            provider.addAlgorithm("KeyAgreement.DHWITHSHA512KDF", PREFIX + "KeyAgreementSpi$DHwithSHA512KDF");
+
+            provider.addAlgorithm("KeyAgreement.DHUWITHSHA1KDF", PREFIX + "KeyAgreementSpi$DHUwithSHA1KDF");
+            provider.addAlgorithm("KeyAgreement.DHUWITHSHA224KDF", PREFIX + "KeyAgreementSpi$DHUwithSHA224KDF");
+            provider.addAlgorithm("KeyAgreement.DHUWITHSHA256KDF", PREFIX + "KeyAgreementSpi$DHUwithSHA256KDF");
+            provider.addAlgorithm("KeyAgreement.DHUWITHSHA384KDF", PREFIX + "KeyAgreementSpi$DHUwithSHA384KDF");
+            provider.addAlgorithm("KeyAgreement.DHUWITHSHA512KDF", PREFIX + "KeyAgreementSpi$DHUwithSHA512KDF");
+
+            provider.addAlgorithm("KeyAgreement.DHUWITHSHA1CKDF", PREFIX + "KeyAgreementSpi$DHUwithSHA1CKDF");
+            provider.addAlgorithm("KeyAgreement.DHUWITHSHA224CKDF", PREFIX + "KeyAgreementSpi$DHUwithSHA224CKDF");
+            provider.addAlgorithm("KeyAgreement.DHUWITHSHA256CKDF", PREFIX + "KeyAgreementSpi$DHUwithSHA256CKDF");
+            provider.addAlgorithm("KeyAgreement.DHUWITHSHA384CKDF", PREFIX + "KeyAgreementSpi$DHUwithSHA384CKDF");
+            provider.addAlgorithm("KeyAgreement.DHUWITHSHA512CKDF", PREFIX + "KeyAgreementSpi$DHUwithSHA512CKDF");
+
+            provider.addAlgorithm("KeyAgreement.MQVWITHSHA1KDF", PREFIX + "KeyAgreementSpi$MQVwithSHA1KDF");
+            provider.addAlgorithm("KeyAgreement.MQVWITHSHA224KDF", PREFIX + "KeyAgreementSpi$MQVwithSHA224KDF");
+            provider.addAlgorithm("KeyAgreement.MQVWITHSHA256KDF", PREFIX + "KeyAgreementSpi$MQVwithSHA256KDF");
+            provider.addAlgorithm("KeyAgreement.MQVWITHSHA384KDF", PREFIX + "KeyAgreementSpi$MQVwithSHA384KDF");
+            provider.addAlgorithm("KeyAgreement.MQVWITHSHA512KDF", PREFIX + "KeyAgreementSpi$MQVwithSHA512KDF");
+
+            provider.addAlgorithm("KeyAgreement.MQVWITHSHA1CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA1CKDF");
+            provider.addAlgorithm("KeyAgreement.MQVWITHSHA224CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA224CKDF");
+            provider.addAlgorithm("KeyAgreement.MQVWITHSHA256CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA256CKDF");
+            provider.addAlgorithm("KeyAgreement.MQVWITHSHA384CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA384CKDF");
+            provider.addAlgorithm("KeyAgreement.MQVWITHSHA512CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA512CKDF");
+            */
+            // END Android-removed: Unsupported algorithms
+
+            registerOid(provider, PKCSObjectIdentifiers.dhKeyAgreement, "DH", new KeyFactorySpi());
+            registerOid(provider, X9ObjectIdentifiers.dhpublicnumber, "DH", new KeyFactorySpi());
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/DSA.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/DSA.java
new file mode 100644
index 0000000..da4e38d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/DSA.java

@@ -0,0 +1,107 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric;
+
+import com.android.org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.dsa.DSAUtil;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.dsa.KeyFactorySpi;
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+import com.android.org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider;
+import com.android.org.bouncycastle.jcajce.provider.util.AsymmetricKeyInfoConverter;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DSA
+{
+    private static final String PREFIX = "com.android.org.bouncycastle.jcajce.provider.asymmetric" + ".dsa.";
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Mappings
+        extends AsymmetricAlgorithmProvider
+    {
+        public Mappings()
+        {
+        }
+        
+        public void configure(ConfigurableProvider provider)
+        {
+            provider.addAlgorithm("AlgorithmParameters.DSA", PREFIX + "AlgorithmParametersSpi");
+
+            provider.addAlgorithm("AlgorithmParameterGenerator.DSA", PREFIX + "AlgorithmParameterGeneratorSpi");
+
+            provider.addAlgorithm("KeyPairGenerator.DSA", PREFIX + "KeyPairGeneratorSpi");
+            provider.addAlgorithm("KeyFactory.DSA", PREFIX + "KeyFactorySpi");
+
+            // BEGIN Android-changed: Change primary ID from DSA to SHA1withDSA
+            // provider.addAlgorithm("Signature.DSA", PREFIX + "DSASigner$stdDSA");
+            provider.addAlgorithm("Signature.SHA1withDSA", PREFIX + "DSASigner$stdDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.DSA", "SHA1withDSA");
+            // END Android-changed: Change primary ID from DSA to SHA1withDSA
+            provider.addAlgorithm("Signature.NONEWITHDSA", PREFIX + "DSASigner$noneDSA");
+
+            provider.addAlgorithm("Alg.Alias.Signature.RAWDSA", "NONEWITHDSA");
+
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            provider.addAlgorithm("Signature.DETDSA", PREFIX + "DSASigner$detDSA");
+            provider.addAlgorithm("Signature.SHA1WITHDETDSA", PREFIX + "DSASigner$detDSA");
+            provider.addAlgorithm("Signature.SHA224WITHDETDSA", PREFIX + "DSASigner$detDSA224");
+            provider.addAlgorithm("Signature.SHA256WITHDETDSA", PREFIX + "DSASigner$detDSA256");
+            provider.addAlgorithm("Signature.SHA384WITHDETDSA", PREFIX + "DSASigner$detDSA384");
+            provider.addAlgorithm("Signature.SHA512WITHDETDSA", PREFIX + "DSASigner$detDSA512");
+
+            provider.addAlgorithm("Signature.DDSA", PREFIX + "DSASigner$detDSA");
+            provider.addAlgorithm("Signature.SHA1WITHDDSA", PREFIX + "DSASigner$detDSA");
+            provider.addAlgorithm("Signature.SHA224WITHDDSA", PREFIX + "DSASigner$detDSA224");
+            provider.addAlgorithm("Signature.SHA256WITHDDSA", PREFIX + "DSASigner$detDSA256");
+            provider.addAlgorithm("Signature.SHA384WITHDDSA", PREFIX + "DSASigner$detDSA384");
+            provider.addAlgorithm("Signature.SHA512WITHDDSA", PREFIX + "DSASigner$detDSA512");
+            provider.addAlgorithm("Signature.SHA3-224WITHDDSA", PREFIX + "DSASigner$detDSASha3_224");
+            provider.addAlgorithm("Signature.SHA3-256WITHDDSA", PREFIX + "DSASigner$detDSASha3_256");
+            provider.addAlgorithm("Signature.SHA3-384WITHDDSA", PREFIX + "DSASigner$detDSASha3_384");
+            provider.addAlgorithm("Signature.SHA3-512WITHDDSA", PREFIX + "DSASigner$detDSASha3_512");
+            */
+            // END Android-removed: Unsupported algorithms
+
+            addSignatureAlgorithm(provider, "SHA224", "DSA", PREFIX + "DSASigner$dsa224", NISTObjectIdentifiers.dsa_with_sha224);
+            addSignatureAlgorithm(provider, "SHA256", "DSA", PREFIX + "DSASigner$dsa256", NISTObjectIdentifiers.dsa_with_sha256);
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            addSignatureAlgorithm(provider, "SHA384", "DSA", PREFIX + "DSASigner$dsa384", NISTObjectIdentifiers.dsa_with_sha384);
+            addSignatureAlgorithm(provider, "SHA512", "DSA", PREFIX + "DSASigner$dsa512", NISTObjectIdentifiers.dsa_with_sha512);
+
+            addSignatureAlgorithm(provider, "SHA3-224", "DSA", PREFIX + "DSASigner$dsaSha3_224", NISTObjectIdentifiers.id_dsa_with_sha3_224);
+            addSignatureAlgorithm(provider, "SHA3-256", "DSA", PREFIX + "DSASigner$dsaSha3_256", NISTObjectIdentifiers.id_dsa_with_sha3_256);
+            addSignatureAlgorithm(provider, "SHA3-384", "DSA", PREFIX + "DSASigner$dsaSha3_384", NISTObjectIdentifiers.id_dsa_with_sha3_384);
+            addSignatureAlgorithm(provider, "SHA3-512", "DSA", PREFIX + "DSASigner$dsaSha3_512", NISTObjectIdentifiers.id_dsa_with_sha3_512);
+            */
+            // END Android-removed: Unsupported algorithms
+
+            // BEGIN Android-changed: Change primary ID from DSA to SHA1withDSA
+            provider.addAlgorithm("Alg.Alias.Signature.SHA/DSA", "SHA1withDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.SHA1withDSA", "SHA1withDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDSA", "SHA1withDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.1", "SHA1withDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.1.3.14.3.2.26with1.2.840.10040.4.3", "SHA1withDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.DSAwithSHA1", "SHA1withDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.DSAWITHSHA1", "SHA1withDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.SHA1WithDSA", "SHA1withDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.DSAWithSHA1", "SHA1withDSA");
+            // END Android-changed: Change primary ID from DSA to SHA1withDSA
+
+            AsymmetricKeyInfoConverter keyFact = new KeyFactorySpi();
+
+            for (int i = 0; i != DSAUtil.dsaOids.length; i++)
+            {
+                // BEGIN Android-changed: Change primary ID from DSA to SHA1withDSA
+                provider.addAlgorithm("Alg.Alias.Signature." + DSAUtil.dsaOids[i], "SHA1withDSA");
+                // END Android-changed: Change primary ID from DSA to SHA1withDSA
+
+                registerOid(provider, DSAUtil.dsaOids[i], "DSA", keyFact);
+                registerOidAlgorithmParameterGenerator(provider, DSAUtil.dsaOids[i], "DSA");
+            }
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/EC.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/EC.java
new file mode 100644
index 0000000..ffaecbf
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/EC.java

@@ -0,0 +1,310 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric;
+
+import java.util.HashMap;
+import java.util.Map;
+
+// BEGIN Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.bsi.BSIObjectIdentifiers;
+// import org.bouncycastle.asn1.eac.EACObjectIdentifiers;
+// import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+// import org.bouncycastle.asn1.sec.SECObjectIdentifiers;
+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+// END Android-removed: Unsupported algorithms
+import com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.ec.KeyFactorySpi;
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+import com.android.org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider;
+// BEGIN Android-removed: Unsupported algorithms
+// import org.bouncycastle.util.Properties;
+// END Android-removed: Unsupported algorithms
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class EC
+{
+    private static final String PREFIX = "com.android.org.bouncycastle.jcajce.provider.asymmetric" + ".ec.";
+
+    private static final Map<String, String> generalEcAttributes = new HashMap<String, String>();
+
+    static
+    {
+        generalEcAttributes.put("SupportedKeyClasses", "java.security.interfaces.ECPublicKey|java.security.interfaces.ECPrivateKey");
+        generalEcAttributes.put("SupportedKeyFormats", "PKCS#8|X.509");
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Mappings
+        extends AsymmetricAlgorithmProvider
+    {
+        public Mappings()
+        {
+        }
+
+        public void configure(ConfigurableProvider provider)
+        {
+            provider.addAlgorithm("AlgorithmParameters.EC", PREFIX + "AlgorithmParametersSpi");
+
+            provider.addAttributes("KeyAgreement.ECDH", generalEcAttributes);
+            provider.addAlgorithm("KeyAgreement.ECDH", PREFIX + "KeyAgreementSpi$DH");
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            provider.addAttributes("KeyAgreement.ECDHC", generalEcAttributes);
+            provider.addAlgorithm("KeyAgreement.ECDHC", PREFIX + "KeyAgreementSpi$DHC");
+            provider.addAttributes("KeyAgreement.ECCDH", generalEcAttributes);
+            provider.addAlgorithm("KeyAgreement.ECCDH", PREFIX + "KeyAgreementSpi$DHC");
+
+            provider.addAttributes("KeyAgreement.ECCDHU", generalEcAttributes);
+            provider.addAlgorithm("KeyAgreement.ECCDHU", PREFIX + "KeyAgreementSpi$DHUC");
+
+            provider.addAlgorithm("KeyAgreement.ECDHWITHSHA1KDF", PREFIX + "KeyAgreementSpi$DHwithSHA1KDFAndSharedInfo");
+            provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA1KDF", PREFIX + "KeyAgreementSpi$CDHwithSHA1KDFAndSharedInfo");
+
+            provider.addAlgorithm("KeyAgreement.ECDHWITHSHA224KDF", PREFIX + "KeyAgreementSpi$DHwithSHA224KDFAndSharedInfo");
+            provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA224KDF", PREFIX + "KeyAgreementSpi$CDHwithSHA224KDFAndSharedInfo");
+
+            provider.addAlgorithm("KeyAgreement.ECDHWITHSHA256KDF", PREFIX + "KeyAgreementSpi$DHwithSHA256KDFAndSharedInfo");
+            provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA256KDF", PREFIX + "KeyAgreementSpi$CDHwithSHA256KDFAndSharedInfo");
+
+            provider.addAlgorithm("KeyAgreement.ECDHWITHSHA384KDF", PREFIX + "KeyAgreementSpi$DHwithSHA384KDFAndSharedInfo");
+            provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA384KDF", PREFIX + "KeyAgreementSpi$CDHwithSHA384KDFAndSharedInfo");
+
+            provider.addAlgorithm("KeyAgreement.ECDHWITHSHA512KDF", PREFIX + "KeyAgreementSpi$DHwithSHA512KDFAndSharedInfo");
+            provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA512KDF", PREFIX + "KeyAgreementSpi$CDHwithSHA512KDFAndSharedInfo");
+
+            provider.addAlgorithm("KeyAgreement", X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA1KDFAndSharedInfo");
+            provider.addAlgorithm("KeyAgreement", X9ObjectIdentifiers.dhSinglePass_cofactorDH_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA1KDFAndSharedInfo");
+
+            provider.addAlgorithm("KeyAgreement", SECObjectIdentifiers.dhSinglePass_stdDH_sha224kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA224KDFAndSharedInfo");
+            provider.addAlgorithm("KeyAgreement", SECObjectIdentifiers.dhSinglePass_cofactorDH_sha224kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA224KDFAndSharedInfo");
+
+            provider.addAlgorithm("KeyAgreement", SECObjectIdentifiers.dhSinglePass_stdDH_sha256kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA256KDFAndSharedInfo");
+            provider.addAlgorithm("KeyAgreement", SECObjectIdentifiers.dhSinglePass_cofactorDH_sha256kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA256KDFAndSharedInfo");
+
+            provider.addAlgorithm("KeyAgreement", SECObjectIdentifiers.dhSinglePass_stdDH_sha384kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA384KDFAndSharedInfo");
+            provider.addAlgorithm("KeyAgreement", SECObjectIdentifiers.dhSinglePass_cofactorDH_sha384kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA384KDFAndSharedInfo");
+
+            provider.addAlgorithm("KeyAgreement", SECObjectIdentifiers.dhSinglePass_stdDH_sha512kdf_scheme, PREFIX + "KeyAgreementSpi$DHwithSHA512KDFAndSharedInfo");
+            provider.addAlgorithm("KeyAgreement", SECObjectIdentifiers.dhSinglePass_cofactorDH_sha512kdf_scheme, PREFIX + "KeyAgreementSpi$CDHwithSHA512KDFAndSharedInfo");
+
+            provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA1CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA1CKDF");
+            provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA256CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA256CKDF");
+            provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA384CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA384CKDF");
+            provider.addAlgorithm("KeyAgreement.ECCDHWITHSHA512CKDF", PREFIX + "KeyAgreementSpi$DHwithSHA512CKDF");
+
+            provider.addAlgorithm("KeyAgreement.ECCDHUWITHSHA1CKDF", PREFIX + "KeyAgreementSpi$DHUwithSHA1CKDF");
+            provider.addAlgorithm("KeyAgreement.ECCDHUWITHSHA224CKDF", PREFIX + "KeyAgreementSpi$DHUwithSHA224CKDF");
+            provider.addAlgorithm("KeyAgreement.ECCDHUWITHSHA256CKDF", PREFIX + "KeyAgreementSpi$DHUwithSHA256CKDF");
+            provider.addAlgorithm("KeyAgreement.ECCDHUWITHSHA384CKDF", PREFIX + "KeyAgreementSpi$DHUwithSHA384CKDF");
+            provider.addAlgorithm("KeyAgreement.ECCDHUWITHSHA512CKDF", PREFIX + "KeyAgreementSpi$DHUwithSHA512CKDF");
+
+            provider.addAlgorithm("KeyAgreement.ECCDHUWITHSHA1KDF", PREFIX + "KeyAgreementSpi$DHUwithSHA1KDF");
+            provider.addAlgorithm("KeyAgreement.ECCDHUWITHSHA224KDF", PREFIX + "KeyAgreementSpi$DHUwithSHA224KDF");
+            provider.addAlgorithm("KeyAgreement.ECCDHUWITHSHA256KDF", PREFIX + "KeyAgreementSpi$DHUwithSHA256KDF");
+            provider.addAlgorithm("KeyAgreement.ECCDHUWITHSHA384KDF", PREFIX + "KeyAgreementSpi$DHUwithSHA384KDF");
+            provider.addAlgorithm("KeyAgreement.ECCDHUWITHSHA512KDF", PREFIX + "KeyAgreementSpi$DHUwithSHA512KDF");
+
+            provider.addAlgorithm("KeyAgreement.ECKAEGWITHSHA1KDF", PREFIX + "KeyAgreementSpi$ECKAEGwithSHA1KDF");
+            provider.addAlgorithm("KeyAgreement.ECKAEGWITHSHA224KDF", PREFIX + "KeyAgreementSpi$ECKAEGwithSHA224KDF");
+            provider.addAlgorithm("KeyAgreement.ECKAEGWITHSHA256KDF", PREFIX + "KeyAgreementSpi$ECKAEGwithSHA256KDF");
+            provider.addAlgorithm("KeyAgreement.ECKAEGWITHSHA384KDF", PREFIX + "KeyAgreementSpi$ECKAEGwithSHA384KDF");
+            provider.addAlgorithm("KeyAgreement.ECKAEGWITHSHA512KDF", PREFIX + "KeyAgreementSpi$ECKAEGwithSHA512KDF");
+
+            provider.addAlgorithm("KeyAgreement", BSIObjectIdentifiers.ecka_eg_X963kdf_SHA1, PREFIX + "KeyAgreementSpi$ECKAEGwithSHA1KDF");
+            provider.addAlgorithm("KeyAgreement", BSIObjectIdentifiers.ecka_eg_X963kdf_SHA224, PREFIX + "KeyAgreementSpi$ECKAEGwithSHA224KDF");
+            provider.addAlgorithm("KeyAgreement", BSIObjectIdentifiers.ecka_eg_X963kdf_SHA256, PREFIX + "KeyAgreementSpi$ECKAEGwithSHA256KDF");
+            provider.addAlgorithm("KeyAgreement", BSIObjectIdentifiers.ecka_eg_X963kdf_SHA384, PREFIX + "KeyAgreementSpi$ECKAEGwithSHA384KDF");
+            provider.addAlgorithm("KeyAgreement", BSIObjectIdentifiers.ecka_eg_X963kdf_SHA512, PREFIX + "KeyAgreementSpi$ECKAEGwithSHA512KDF");
+
+            provider.addAlgorithm("KeyAgreement", BSIObjectIdentifiers.ecka_eg_X963kdf_RIPEMD160, PREFIX + "KeyAgreementSpi$ECKAEGwithRIPEMD160KDF");
+            provider.addAlgorithm("KeyAgreement.ECKAEGWITHRIPEMD160KDF", PREFIX + "KeyAgreementSpi$ECKAEGwithRIPEMD160KDF");
+            */
+            // END Android-removed: Unsupported algorithms
+
+            registerOid(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC", new KeyFactorySpi.EC());
+
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            registerOid(provider, X9ObjectIdentifiers.dhSinglePass_cofactorDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC());
+            registerOid(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV());
+
+            registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha224kdf_scheme, "EC", new KeyFactorySpi.EC());
+            registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha224kdf_scheme, "EC", new KeyFactorySpi.EC());
+
+            registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha256kdf_scheme, "EC", new KeyFactorySpi.EC());
+            registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha256kdf_scheme, "EC", new KeyFactorySpi.EC());
+
+            registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha384kdf_scheme, "EC", new KeyFactorySpi.EC());
+            registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha384kdf_scheme, "EC", new KeyFactorySpi.EC());
+
+            registerOid(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha512kdf_scheme, "EC", new KeyFactorySpi.EC());
+            registerOid(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha512kdf_scheme, "EC", new KeyFactorySpi.EC());
+
+            registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.id_ecPublicKey, "EC");
+
+            registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC");
+            registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.dhSinglePass_cofactorDH_sha1kdf_scheme, "EC");
+
+            registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha224kdf_scheme, "EC");
+            registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha224kdf_scheme, "EC");
+
+            registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha256kdf_scheme, "EC");
+            registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha256kdf_scheme, "EC");
+
+            registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha384kdf_scheme, "EC");
+            registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha384kdf_scheme, "EC");
+
+            registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_stdDH_sha512kdf_scheme, "EC");
+            registerOidAlgorithmParameters(provider, SECObjectIdentifiers.dhSinglePass_cofactorDH_sha512kdf_scheme, "EC");
+
+            if (!Properties.isOverrideSet("org.bouncycastle.ec.disable_mqv"))
+            {
+                provider.addAlgorithm("KeyAgreement.ECMQV", PREFIX + "KeyAgreementSpi$MQV");
+
+                provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA1CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA1CKDF");
+                provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA224CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA224CKDF");
+                provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA256CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA256CKDF");
+                provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA384CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA384CKDF");
+                provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA512CKDF", PREFIX + "KeyAgreementSpi$MQVwithSHA512CKDF");
+
+                provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA1KDF", PREFIX + "KeyAgreementSpi$MQVwithSHA1KDF");
+                provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA224KDF", PREFIX + "KeyAgreementSpi$MQVwithSHA224KDF");
+                provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA256KDF", PREFIX + "KeyAgreementSpi$MQVwithSHA256KDF");
+                provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA384KDF", PREFIX + "KeyAgreementSpi$MQVwithSHA384KDF");
+                provider.addAlgorithm("KeyAgreement.ECMQVWITHSHA512KDF", PREFIX + "KeyAgreementSpi$MQVwithSHA512KDF");
+
+                provider.addAlgorithm("KeyAgreement." + X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA1KDFAndSharedInfo");
+                provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha224kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA224KDFAndSharedInfo");
+                provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha256kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA256KDFAndSharedInfo");
+                provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha384kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA384KDFAndSharedInfo");
+                provider.addAlgorithm("KeyAgreement." + SECObjectIdentifiers.mqvSinglePass_sha512kdf_scheme, PREFIX + "KeyAgreementSpi$MQVwithSHA512KDFAndSharedInfo");
+
+            */
+            // END Android-removed: Unsupported algorithms
+                registerOid(provider, X9ObjectIdentifiers.dhSinglePass_stdDH_sha1kdf_scheme, "EC", new KeyFactorySpi.EC());
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+                registerOidAlgorithmParameters(provider, X9ObjectIdentifiers.mqvSinglePass_sha1kdf_scheme, "EC");
+
+                registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha224kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV());
+                registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha256kdf_scheme, "EC");
+
+                registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha256kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV());
+                registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha224kdf_scheme, "EC");
+
+                registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha384kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV());
+                registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha384kdf_scheme, "EC");
+
+                registerOid(provider, SECObjectIdentifiers.mqvSinglePass_sha512kdf_scheme, "ECMQV", new KeyFactorySpi.ECMQV());
+                registerOidAlgorithmParameters(provider, SECObjectIdentifiers.mqvSinglePass_sha512kdf_scheme, "EC");
+
+                provider.addAlgorithm("KeyFactory.ECMQV", PREFIX + "KeyFactorySpi$ECMQV");
+                provider.addAlgorithm("KeyPairGenerator.ECMQV", PREFIX + "KeyPairGeneratorSpi$ECMQV");
+            }
+            */
+            // END Android-removed: Unsupported algorithms
+
+            provider.addAlgorithm("KeyFactory.EC", PREFIX + "KeyFactorySpi$EC");
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            provider.addAlgorithm("KeyFactory.ECDSA", PREFIX + "KeyFactorySpi$ECDSA");
+            provider.addAlgorithm("KeyFactory.ECDH", PREFIX + "KeyFactorySpi$ECDH");
+            provider.addAlgorithm("KeyFactory.ECDHC", PREFIX + "KeyFactorySpi$ECDHC");
+            */
+            // END Android-removed: Unsupported algorithms
+
+            provider.addAlgorithm("KeyPairGenerator.EC", PREFIX + "KeyPairGeneratorSpi$EC");
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            provider.addAlgorithm("KeyPairGenerator.ECDSA", PREFIX + "KeyPairGeneratorSpi$ECDSA");
+            provider.addAlgorithm("KeyPairGenerator.ECDH", PREFIX + "KeyPairGeneratorSpi$ECDH");
+            provider.addAlgorithm("KeyPairGenerator.ECDHWITHSHA1KDF", PREFIX + "KeyPairGeneratorSpi$ECDH");
+            provider.addAlgorithm("KeyPairGenerator.ECDHC", PREFIX + "KeyPairGeneratorSpi$ECDHC");
+            provider.addAlgorithm("KeyPairGenerator.ECIES", PREFIX + "KeyPairGeneratorSpi$ECDH");
+
+            provider.addAlgorithm("Cipher.ECIES", PREFIX + "IESCipher$ECIES");
+
+            provider.addAlgorithm("Cipher.ECIESwithAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC");
+            provider.addAlgorithm("Cipher.ECIESWITHAES-CBC", PREFIX + "IESCipher$ECIESwithAESCBC");
+            provider.addAlgorithm("Cipher.ECIESwithDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC");
+            provider.addAlgorithm("Cipher.ECIESWITHDESEDE-CBC", PREFIX + "IESCipher$ECIESwithDESedeCBC");
+
+            provider.addAlgorithm("Signature.ECDSA", PREFIX + "SignatureSpi$ecDSA");
+            */
+            // END Android-removed: Unsupported algorithms
+
+            // BEGIN Android-changed: Change primary ID from ECDSA to SHA1withECDSA
+            provider.addAlgorithm("Signature.SHA1withECDSA", PREFIX + "SignatureSpi$ecDSA");
+            provider.addAlgorithm("Signature.NONEwithECDSA", PREFIX + "SignatureSpi$ecDSAnone");
+
+            provider.addAlgorithm("Alg.Alias.Signature.ECDSA", "SHA1withECDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.ECDSAwithSHA1", "SHA1withECDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHECDSA", "SHA1withECDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.ECDSAWITHSHA1", "SHA1withECDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.SHA1WithECDSA", "SHA1withECDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.ECDSAWithSHA1", "SHA1withECDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.1.2.840.10045.4.1", "SHA1withECDSA");
+            // END Android-changed: Change primary ID from ECDSA to SHA1withECDSA
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            provider.addAlgorithm("Alg.Alias.Signature." + TeleTrusTObjectIdentifiers.ecSignWithSha1, "ECDSA");
+
+            provider.addAlgorithm("Signature.ECDDSA", PREFIX + "SignatureSpi$ecDetDSA");
+            provider.addAlgorithm("Signature.SHA1WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA");
+            provider.addAlgorithm("Signature.SHA224WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA224");
+            provider.addAlgorithm("Signature.SHA256WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA256");
+            provider.addAlgorithm("Signature.SHA384WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA384");
+            provider.addAlgorithm("Signature.SHA512WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSA512");
+            provider.addAlgorithm("Signature.SHA3-224WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_224");
+            provider.addAlgorithm("Signature.SHA3-256WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_256");
+            provider.addAlgorithm("Signature.SHA3-384WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_384");
+            provider.addAlgorithm("Signature.SHA3-512WITHECDDSA", PREFIX + "SignatureSpi$ecDetDSASha3_512");
+
+            provider.addAlgorithm("Alg.Alias.Signature.DETECDSA", "ECDDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.SHA1WITHDETECDSA", "SHA1WITHECDDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.SHA224WITHDETECDSA", "SHA224WITHECDDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.SHA256WITHDETECDSA", "SHA256WITHECDDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.SHA384WITHDETECDSA", "SHA384WITHECDDSA");
+            provider.addAlgorithm("Alg.Alias.Signature.SHA512WITHDETECDSA", "SHA512WITHECDDSA");
+            */
+            // END Android-removed: Unsupported algorithms
+
+            addSignatureAlgorithm(provider, "SHA224", "ECDSA", PREFIX + "SignatureSpi$ecDSA224", X9ObjectIdentifiers.ecdsa_with_SHA224);
+            addSignatureAlgorithm(provider, "SHA256", "ECDSA", PREFIX + "SignatureSpi$ecDSA256", X9ObjectIdentifiers.ecdsa_with_SHA256);
+            addSignatureAlgorithm(provider, "SHA384", "ECDSA", PREFIX + "SignatureSpi$ecDSA384", X9ObjectIdentifiers.ecdsa_with_SHA384);
+            addSignatureAlgorithm(provider, "SHA512", "ECDSA", PREFIX + "SignatureSpi$ecDSA512", X9ObjectIdentifiers.ecdsa_with_SHA512);
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            addSignatureAlgorithm(provider, "SHA3-224", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_224", NISTObjectIdentifiers.id_ecdsa_with_sha3_224);
+            addSignatureAlgorithm(provider, "SHA3-256", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_256", NISTObjectIdentifiers.id_ecdsa_with_sha3_256);
+            addSignatureAlgorithm(provider, "SHA3-384", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_384", NISTObjectIdentifiers.id_ecdsa_with_sha3_384);
+            addSignatureAlgorithm(provider, "SHA3-512", "ECDSA", PREFIX + "SignatureSpi$ecDSASha3_512", NISTObjectIdentifiers.id_ecdsa_with_sha3_512);
+
+            addSignatureAlgorithm(provider, "RIPEMD160", "ECDSA", PREFIX + "SignatureSpi$ecDSARipeMD160",TeleTrusTObjectIdentifiers.ecSignWithRipemd160);
+
+            provider.addAlgorithm("Signature.SHA1WITHECNR", PREFIX + "SignatureSpi$ecNR");
+            provider.addAlgorithm("Signature.SHA224WITHECNR", PREFIX + "SignatureSpi$ecNR224");
+            provider.addAlgorithm("Signature.SHA256WITHECNR", PREFIX + "SignatureSpi$ecNR256");
+            provider.addAlgorithm("Signature.SHA384WITHECNR", PREFIX + "SignatureSpi$ecNR384");
+            provider.addAlgorithm("Signature.SHA512WITHECNR", PREFIX + "SignatureSpi$ecNR512");
+
+            addSignatureAlgorithm(provider, "SHA1", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", EACObjectIdentifiers.id_TA_ECDSA_SHA_1);
+            addSignatureAlgorithm(provider, "SHA224", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", EACObjectIdentifiers.id_TA_ECDSA_SHA_224);
+            addSignatureAlgorithm(provider, "SHA256", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", EACObjectIdentifiers.id_TA_ECDSA_SHA_256);
+            addSignatureAlgorithm(provider, "SHA384", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", EACObjectIdentifiers.id_TA_ECDSA_SHA_384);
+            addSignatureAlgorithm(provider, "SHA512", "CVC-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", EACObjectIdentifiers.id_TA_ECDSA_SHA_512);
+
+            addSignatureAlgorithm(provider, "SHA1", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA", BSIObjectIdentifiers.ecdsa_plain_SHA1);
+            addSignatureAlgorithm(provider, "SHA224", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA224", BSIObjectIdentifiers.ecdsa_plain_SHA224);
+            addSignatureAlgorithm(provider, "SHA256", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA256", BSIObjectIdentifiers.ecdsa_plain_SHA256);
+            addSignatureAlgorithm(provider, "SHA384", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA384", BSIObjectIdentifiers.ecdsa_plain_SHA384);
+            addSignatureAlgorithm(provider, "SHA512", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecCVCDSA512", BSIObjectIdentifiers.ecdsa_plain_SHA512);
+            addSignatureAlgorithm(provider, "RIPEMD160", "PLAIN-ECDSA", PREFIX + "SignatureSpi$ecPlainDSARP160", BSIObjectIdentifiers.ecdsa_plain_RIPEMD160);
+            */
+            // END Android-removed: Unsupported algorithms
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/RSA.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/RSA.java
new file mode 100644
index 0000000..cce3129
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/RSA.java

@@ -0,0 +1,312 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.rsa.KeyFactorySpi;
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+import com.android.org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider;
+import com.android.org.bouncycastle.jcajce.provider.util.AsymmetricKeyInfoConverter;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class RSA
+{
+    private static final String PREFIX = "com.android.org.bouncycastle.jcajce.provider.asymmetric" + ".rsa.";
+
+    private static final Map<String, String> generalRsaAttributes = new HashMap<String, String>();
+
+    static
+    {
+        generalRsaAttributes.put("SupportedKeyClasses", "javax.crypto.interfaces.RSAPublicKey|javax.crypto.interfaces.RSAPrivateKey");
+        generalRsaAttributes.put("SupportedKeyFormats", "PKCS#8|X.509");
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Mappings
+        extends AsymmetricAlgorithmProvider
+    {
+        public Mappings()
+        {
+        }
+
+        public void configure(ConfigurableProvider provider)
+        {
+            provider.addAlgorithm("AlgorithmParameters.OAEP", PREFIX + "AlgorithmParametersSpi$OAEP");
+            provider.addAlgorithm("AlgorithmParameters.PSS", PREFIX + "AlgorithmParametersSpi$PSS");
+
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSAPSS", "PSS");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RSASSA-PSS", "PSS");
+
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224withRSA/PSS", "PSS");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256withRSA/PSS", "PSS");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384withRSA/PSS", "PSS");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512withRSA/PSS", "PSS");
+
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA224WITHRSAANDMGF1", "PSS");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA256WITHRSAANDMGF1", "PSS");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA384WITHRSAANDMGF1", "PSS");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA512WITHRSAANDMGF1", "PSS");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA3-224WITHRSAANDMGF1", "PSS");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA3-256WITHRSAANDMGF1", "PSS");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA3-384WITHRSAANDMGF1", "PSS");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA3-512WITHRSAANDMGF1", "PSS");
+
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.RAWRSAPSS", "PSS");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAPSS", "PSS");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSASSA-PSS", "PSS");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.NONEWITHRSAANDMGF1", "PSS");
+            */
+            // END Android-removed: Unsupported algorithms
+
+            provider.addAttributes("Cipher.RSA", generalRsaAttributes);
+            provider.addAlgorithm("Cipher.RSA", PREFIX + "CipherSpi$NoPadding");
+            // Android-changed: Use an alias for RSA/RAW instead of a concrete implementation
+            provider.addAlgorithm("Alg.Alias.Cipher.RSA/RAW", "RSA");
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            provider.addAlgorithm("Cipher.RSA/PKCS1", PREFIX + "CipherSpi$PKCS1v1_5Padding");
+            provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.rsaEncryption, PREFIX + "CipherSpi$PKCS1v1_5Padding");
+            provider.addAlgorithm("Cipher", X509ObjectIdentifiers.id_ea_rsa, PREFIX + "CipherSpi$PKCS1v1_5Padding");
+            provider.addAlgorithm("Cipher.RSA/1", PREFIX + "CipherSpi$PKCS1v1_5Padding_PrivateOnly");
+            provider.addAlgorithm("Cipher.RSA/2", PREFIX + "CipherSpi$PKCS1v1_5Padding_PublicOnly");
+            provider.addAlgorithm("Cipher.RSA/OAEP", PREFIX + "CipherSpi$OAEPPadding");
+            provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.id_RSAES_OAEP, PREFIX + "CipherSpi$OAEPPadding");
+            provider.addAlgorithm("Cipher.RSA/ISO9796-1", PREFIX + "CipherSpi$ISO9796d1Padding");
+            */
+            // END Android-removed: Unsupported algorithms
+
+            provider.addAlgorithm("Alg.Alias.Cipher.RSA//RAW", "RSA");
+            provider.addAlgorithm("Alg.Alias.Cipher.RSA//NOPADDING", "RSA");
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            provider.addAlgorithm("Alg.Alias.Cipher.RSA//PKCS1PADDING", "RSA/PKCS1");
+            provider.addAlgorithm("Alg.Alias.Cipher.RSA//OAEPPADDING", "RSA/OAEP");
+            provider.addAlgorithm("Alg.Alias.Cipher.RSA//ISO9796-1PADDING", "RSA/ISO9796-1");
+            */
+            // END Android-removed: Unsupported algorithms
+
+            provider.addAlgorithm("KeyFactory.RSA", PREFIX + "KeyFactorySpi");
+            provider.addAlgorithm("KeyPairGenerator.RSA", PREFIX + "KeyPairGeneratorSpi");
+
+            AsymmetricKeyInfoConverter keyFact = new KeyFactorySpi();
+
+            registerOid(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA", keyFact);
+            registerOid(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA", keyFact);
+            registerOid(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "RSA", keyFact);
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            registerOid(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "RSA", keyFact);
+
+            registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.rsaEncryption, "RSA");
+            registerOidAlgorithmParameters(provider, X509ObjectIdentifiers.id_ea_rsa, "RSA");
+            registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSAES_OAEP, "OAEP");
+            registerOidAlgorithmParameters(provider, PKCSObjectIdentifiers.id_RSASSA_PSS, "PSS");
+
+            provider.addAlgorithm("Signature.RSASSA-PSS", PREFIX + "PSSSignatureSpi$PSSwithRSA");
+            provider.addAlgorithm("Signature." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA");
+            provider.addAlgorithm("Signature.OID." + PKCSObjectIdentifiers.id_RSASSA_PSS, PREFIX + "PSSSignatureSpi$PSSwithRSA");
+
+            provider.addAlgorithm("Signature.RSA", PREFIX + "DigestSignatureSpi$noneRSA");
+            provider.addAlgorithm("Signature.RAWRSASSA-PSS", PREFIX + "PSSSignatureSpi$nonePSS");
+
+            provider.addAlgorithm("Alg.Alias.Signature.RAWRSA", "RSA");
+            provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSA", "RSA");
+            provider.addAlgorithm("Alg.Alias.Signature.RAWRSAPSS", "RAWRSASSA-PSS");
+            provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAPSS", "RAWRSASSA-PSS");
+            provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSASSA-PSS", "RAWRSASSA-PSS");
+            provider.addAlgorithm("Alg.Alias.Signature.NONEWITHRSAANDMGF1", "RAWRSASSA-PSS");
+            provider.addAlgorithm("Alg.Alias.Signature.RSAPSS", "RSASSA-PSS");
+
+            addPSSSignature(provider, "SHA224", PREFIX + "PSSSignatureSpi$SHA224withRSA");
+            addPSSSignature(provider, "SHA256", PREFIX + "PSSSignatureSpi$SHA256withRSA");
+            addPSSSignature(provider, "SHA384", PREFIX + "PSSSignatureSpi$SHA384withRSA");
+            addPSSSignature(provider, "SHA512", PREFIX + "PSSSignatureSpi$SHA512withRSA");
+            addPSSSignature(provider, "SHA512(224)", PREFIX + "PSSSignatureSpi$SHA512_224withRSA");
+            addPSSSignature(provider, "SHA512(256)", PREFIX + "PSSSignatureSpi$SHA512_256withRSA");
+
+            addPSSSignature(provider, "SHA3-224", PREFIX + "PSSSignatureSpi$SHA3_224withRSA");
+            addPSSSignature(provider, "SHA3-256", PREFIX + "PSSSignatureSpi$SHA3_256withRSA");
+            addPSSSignature(provider, "SHA3-384", PREFIX + "PSSSignatureSpi$SHA3_384withRSA");
+            addPSSSignature(provider, "SHA3-512", PREFIX + "PSSSignatureSpi$SHA3_512withRSA");
+
+            if (provider.hasAlgorithm("MessageDigest", "MD2"))
+            {
+                addDigestSignature(provider, "MD2", PREFIX + "DigestSignatureSpi$MD2", PKCSObjectIdentifiers.md2WithRSAEncryption);
+            }
+
+            if (provider.hasAlgorithm("MessageDigest", "MD4"))
+            {
+                addDigestSignature(provider, "MD4", PREFIX + "DigestSignatureSpi$MD4", PKCSObjectIdentifiers.md4WithRSAEncryption);
+            }
+            */
+            // END Android-removed: Unsupported algorithms
+
+            if (provider.hasAlgorithm("MessageDigest", "MD5"))
+            {
+                addDigestSignature(provider, "MD5", PREFIX + "DigestSignatureSpi$MD5", PKCSObjectIdentifiers.md5WithRSAEncryption);
+                // Android-removed: Unsupported algorithms
+                // addISO9796Signature(provider, "MD5", PREFIX + "ISOSignatureSpi$MD5WithRSAEncryption");
+            }
+
+            if (provider.hasAlgorithm("MessageDigest", "SHA1"))
+            {
+                // BEGIN Android-removed: Unsupported algorithms
+                /*
+                provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1withRSA/PSS", "PSS");
+                provider.addAlgorithm("Alg.Alias.AlgorithmParameters.SHA1WITHRSAANDMGF1", "PSS");
+
+                addPSSSignature(provider, "SHA1", PREFIX + "PSSSignatureSpi$SHA1withRSA");
+                */
+                // END Android-removed: Unsupported algorithms
+                addDigestSignature(provider, "SHA1", PREFIX + "DigestSignatureSpi$SHA1", PKCSObjectIdentifiers.sha1WithRSAEncryption);
+                // Android-removed: Unsupported algorithms
+                // addISO9796Signature(provider, "SHA1", PREFIX + "ISOSignatureSpi$SHA1WithRSAEncryption");
+
+                provider.addAlgorithm("Alg.Alias.Signature." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA");
+                provider.addAlgorithm("Alg.Alias.Signature.OID." + OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA");
+
+                // BEGIN Android-removed: Unsupported algorithms
+                // addX931Signature(provider, "SHA1", PREFIX + "X931SignatureSpi$SHA1WithRSAEncryption");
+            }
+
+            addDigestSignature(provider, "SHA224", PREFIX + "DigestSignatureSpi$SHA224", PKCSObjectIdentifiers.sha224WithRSAEncryption);
+            addDigestSignature(provider, "SHA256", PREFIX + "DigestSignatureSpi$SHA256", PKCSObjectIdentifiers.sha256WithRSAEncryption);
+            addDigestSignature(provider, "SHA384", PREFIX + "DigestSignatureSpi$SHA384", PKCSObjectIdentifiers.sha384WithRSAEncryption);
+            addDigestSignature(provider, "SHA512", PREFIX + "DigestSignatureSpi$SHA512", PKCSObjectIdentifiers.sha512WithRSAEncryption);
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            addDigestSignature(provider, "SHA512(224)", PREFIX + "DigestSignatureSpi$SHA512_224", PKCSObjectIdentifiers.sha512_224WithRSAEncryption);
+            addDigestSignature(provider, "SHA512(256)", PREFIX + "DigestSignatureSpi$SHA512_256", PKCSObjectIdentifiers.sha512_256WithRSAEncryption);
+
+            addDigestSignature(provider, "SHA3-224", PREFIX + "DigestSignatureSpi$SHA3_224", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_224);
+            addDigestSignature(provider, "SHA3-256", PREFIX + "DigestSignatureSpi$SHA3_256", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_256);
+            addDigestSignature(provider, "SHA3-384", PREFIX + "DigestSignatureSpi$SHA3_384", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_384);
+            addDigestSignature(provider, "SHA3-512", PREFIX + "DigestSignatureSpi$SHA3_512", NISTObjectIdentifiers.id_rsassa_pkcs1_v1_5_with_sha3_512);
+
+            addISO9796Signature(provider, "SHA224", PREFIX + "ISOSignatureSpi$SHA224WithRSAEncryption");
+            addISO9796Signature(provider, "SHA256", PREFIX + "ISOSignatureSpi$SHA256WithRSAEncryption");
+            addISO9796Signature(provider, "SHA384", PREFIX + "ISOSignatureSpi$SHA384WithRSAEncryption");
+            addISO9796Signature(provider, "SHA512", PREFIX + "ISOSignatureSpi$SHA512WithRSAEncryption");
+            addISO9796Signature(provider, "SHA512(224)", PREFIX + "ISOSignatureSpi$SHA512_224WithRSAEncryption");
+            addISO9796Signature(provider, "SHA512(256)", PREFIX + "ISOSignatureSpi$SHA512_256WithRSAEncryption");
+
+            addX931Signature(provider, "SHA224", PREFIX + "X931SignatureSpi$SHA224WithRSAEncryption");
+            addX931Signature(provider, "SHA256", PREFIX + "X931SignatureSpi$SHA256WithRSAEncryption");
+            addX931Signature(provider, "SHA384", PREFIX + "X931SignatureSpi$SHA384WithRSAEncryption");
+            addX931Signature(provider, "SHA512", PREFIX + "X931SignatureSpi$SHA512WithRSAEncryption");
+            addX931Signature(provider, "SHA512(224)", PREFIX + "X931SignatureSpi$SHA512_224WithRSAEncryption");
+            addX931Signature(provider, "SHA512(256)", PREFIX + "X931SignatureSpi$SHA512_256WithRSAEncryption");
+
+            if (provider.hasAlgorithm("MessageDigest", "RIPEMD128"))
+            {
+                addDigestSignature(provider, "RIPEMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
+                addDigestSignature(provider, "RMD128", PREFIX + "DigestSignatureSpi$RIPEMD128", null);
+
+                addX931Signature(provider, "RMD128", PREFIX + "X931SignatureSpi$RIPEMD128WithRSAEncryption");
+                addX931Signature(provider, "RIPEMD128", PREFIX + "X931SignatureSpi$RIPEMD128WithRSAEncryption");
+            }
+
+            if (provider.hasAlgorithm("MessageDigest", "RIPEMD160"))
+            {
+                addDigestSignature(provider, "RIPEMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
+                addDigestSignature(provider, "RMD160", PREFIX + "DigestSignatureSpi$RIPEMD160", null);
+                provider.addAlgorithm("Alg.Alias.Signature.RIPEMD160WithRSA/ISO9796-2", "RIPEMD160withRSA/ISO9796-2");
+                provider.addAlgorithm("Signature.RIPEMD160withRSA/ISO9796-2", PREFIX + "ISOSignatureSpi$RIPEMD160WithRSAEncryption");
+
+                addX931Signature(provider, "RMD160", PREFIX + "X931SignatureSpi$RIPEMD160WithRSAEncryption");
+                addX931Signature(provider, "RIPEMD160", PREFIX + "X931SignatureSpi$RIPEMD160WithRSAEncryption");
+            }
+
+            if (provider.hasAlgorithm("MessageDigest", "RIPEMD256"))
+            {
+                addDigestSignature(provider, "RIPEMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
+                addDigestSignature(provider, "RMD256", PREFIX + "DigestSignatureSpi$RIPEMD256", null);
+            }
+
+            if (provider.hasAlgorithm("MessageDigest", "WHIRLPOOL"))
+            {
+                addISO9796Signature(provider, "Whirlpool", PREFIX + "ISOSignatureSpi$WhirlpoolWithRSAEncryption");
+                addISO9796Signature(provider, "WHIRLPOOL", PREFIX + "ISOSignatureSpi$WhirlpoolWithRSAEncryption");
+                addX931Signature(provider, "Whirlpool", PREFIX + "X931SignatureSpi$WhirlpoolWithRSAEncryption");
+                addX931Signature(provider, "WHIRLPOOL", PREFIX + "X931SignatureSpi$WhirlpoolWithRSAEncryption");
+            }
+            */
+            // END Android-removed: Unsupported algorithms
+        }
+
+        private void addDigestSignature(
+            ConfigurableProvider provider,
+            String digest,
+            String className,
+            ASN1ObjectIdentifier oid)
+        {
+            String mainName = digest + "WITHRSA";
+            String jdk11Variation1 = digest + "withRSA";
+            String jdk11Variation2 = digest + "WithRSA";
+            String alias = digest + "/" + "RSA";
+            String longName = digest + "WITHRSAENCRYPTION";
+            String longJdk11Variation1 = digest + "withRSAEncryption";
+            String longJdk11Variation2 = digest + "WithRSAEncryption";
+
+            provider.addAlgorithm("Signature." + mainName, className);
+            provider.addAlgorithm("Alg.Alias.Signature." + jdk11Variation1, mainName);
+            provider.addAlgorithm("Alg.Alias.Signature." + jdk11Variation2, mainName);
+            provider.addAlgorithm("Alg.Alias.Signature." + longName, mainName);
+            provider.addAlgorithm("Alg.Alias.Signature." + longJdk11Variation1, mainName);
+            provider.addAlgorithm("Alg.Alias.Signature." + longJdk11Variation2, mainName);
+            provider.addAlgorithm("Alg.Alias.Signature." + alias, mainName);
+
+            if (oid != null)
+            {
+                provider.addAlgorithm("Alg.Alias.Signature." + oid, mainName);
+                provider.addAlgorithm("Alg.Alias.Signature.OID." + oid, mainName);
+            }
+        }
+
+        private void addISO9796Signature(
+            ConfigurableProvider provider,
+            String digest,
+            String className)
+        {
+            provider.addAlgorithm("Alg.Alias.Signature." + digest + "withRSA/ISO9796-2", digest + "WITHRSA/ISO9796-2");
+            provider.addAlgorithm("Alg.Alias.Signature." + digest + "WithRSA/ISO9796-2", digest + "WITHRSA/ISO9796-2");
+            provider.addAlgorithm("Signature." + digest + "WITHRSA/ISO9796-2", className);
+        }
+
+        private void addPSSSignature(
+            ConfigurableProvider provider,
+            String digest,
+            String className)
+        {
+            provider.addAlgorithm("Alg.Alias.Signature." + digest + "withRSA/PSS", digest + "WITHRSAANDMGF1");
+            provider.addAlgorithm("Alg.Alias.Signature." + digest + "WithRSA/PSS", digest + "WITHRSAANDMGF1");
+            provider.addAlgorithm("Alg.Alias.Signature." + digest + "withRSAandMGF1", digest + "WITHRSAANDMGF1");
+            provider.addAlgorithm("Alg.Alias.Signature." + digest + "WithRSAAndMGF1", digest + "WITHRSAANDMGF1");
+            provider.addAlgorithm("Signature." + digest + "WITHRSAANDMGF1", className);
+        }
+
+        private void addX931Signature(
+            ConfigurableProvider provider,
+            String digest,
+            String className)
+        {
+            provider.addAlgorithm("Alg.Alias.Signature." + digest + "withRSA/X9.31", digest + "WITHRSA/X9.31");
+            provider.addAlgorithm("Alg.Alias.Signature." + digest + "WithRSA/X9.31", digest + "WITHRSA/X9.31");
+            provider.addAlgorithm("Signature." + digest + "WITHRSA/X9.31", className);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/X509.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/X509.java
new file mode 100644
index 0000000..4aae940
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/X509.java

@@ -0,0 +1,38 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric;
+
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+import com.android.org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider;
+
+/**
+ * For some reason the class path project thinks that such a KeyFactory will exist.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class X509
+{
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Mappings
+        extends AsymmetricAlgorithmProvider
+    {
+        public Mappings()
+        {
+
+        }
+
+        public void configure(ConfigurableProvider provider)
+        {
+            // BEGIN Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("KeyFactory.X.509", "org.bouncycastle.jcajce.provider.asymmetric.x509.KeyFactory");
+            // provider.addAlgorithm("Alg.Alias.KeyFactory.X509", "X.509");
+            // END Android-removed: Unsupported algorithms
+
+            //
+            // certificate factories.
+            //
+            provider.addAlgorithm("CertificateFactory.X.509", "com.android.org.bouncycastle.jcajce.provider.asymmetric.x509.CertificateFactory");
+            provider.addAlgorithm("Alg.Alias.CertificateFactory.X509", "X.509");
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/AlgorithmParameterGeneratorSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/AlgorithmParameterGeneratorSpi.java
new file mode 100644
index 0000000..39b08a2
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/AlgorithmParameterGeneratorSpi.java

@@ -0,0 +1,85 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.dh;
+
+import java.security.AlgorithmParameters;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.SecureRandom;
+import java.security.spec.AlgorithmParameterSpec;
+
+import javax.crypto.spec.DHGenParameterSpec;
+import javax.crypto.spec.DHParameterSpec;
+
+import com.android.org.bouncycastle.crypto.CryptoServicesRegistrar;
+import com.android.org.bouncycastle.crypto.generators.DHParametersGenerator;
+import com.android.org.bouncycastle.crypto.params.DHParameters;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.BaseAlgorithmParameterGeneratorSpi;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.PrimeCertaintyCalculator;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class AlgorithmParameterGeneratorSpi
+    extends BaseAlgorithmParameterGeneratorSpi
+{
+    protected SecureRandom random;
+    protected int strength = 2048;
+
+    private int l = 0;
+
+    protected void engineInit(
+        int strength,
+        SecureRandom random)
+    {
+        this.strength = strength;
+        this.random = random;
+    }
+
+    protected void engineInit(
+        AlgorithmParameterSpec genParamSpec,
+        SecureRandom random)
+        throws InvalidAlgorithmParameterException
+    {
+        if (!(genParamSpec instanceof DHGenParameterSpec))
+        {
+            throw new InvalidAlgorithmParameterException("DH parameter generator requires a DHGenParameterSpec for initialisation");
+        }
+        DHGenParameterSpec spec = (DHGenParameterSpec)genParamSpec;
+
+        this.strength = spec.getPrimeSize();
+        this.l = spec.getExponentSize();
+        this.random = random;
+    }
+
+    protected AlgorithmParameters engineGenerateParameters()
+    {
+        DHParametersGenerator pGen = new DHParametersGenerator();
+
+        int certainty = PrimeCertaintyCalculator.getDefaultCertainty(strength);
+
+        if (random != null)
+        {
+            pGen.init(strength, certainty, random);
+        }
+        else
+        {
+            pGen.init(strength, certainty, CryptoServicesRegistrar.getSecureRandom());
+        }
+
+        DHParameters p = pGen.generateParameters();
+
+        AlgorithmParameters params;
+
+        try
+        {
+            params = createParametersInstance("DH");
+            params.init(new DHParameterSpec(p.getP(), p.getG(), l));
+        }
+        catch (Exception e)
+        {
+            throw new RuntimeException(e.getMessage());
+        }
+
+        return params;
+    }
+
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/AlgorithmParametersSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/AlgorithmParametersSpi.java
new file mode 100644
index 0000000..377a9a0
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/AlgorithmParametersSpi.java

@@ -0,0 +1,146 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.dh;
+
+import java.io.IOException;
+import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.InvalidParameterSpecException;
+
+import javax.crypto.spec.DHParameterSpec;
+
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.pkcs.DHParameter;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class AlgorithmParametersSpi
+    extends java.security.AlgorithmParametersSpi
+{
+    DHParameterSpec     currentSpec;
+
+    protected boolean isASN1FormatString(String format)
+    {
+        return format == null || format.equals("ASN.1");
+    }
+
+    protected AlgorithmParameterSpec engineGetParameterSpec(
+        Class paramSpec)
+        throws InvalidParameterSpecException
+    {
+        if (paramSpec == null)
+        {
+            throw new NullPointerException("argument to getParameterSpec must not be null");
+        }
+
+        return localEngineGetParameterSpec(paramSpec);
+    }
+
+
+
+
+        /**
+         * Return the PKCS#3 ASN.1 structure DHParameter.
+         * <p>
+         * <pre>
+         *  DHParameter ::= SEQUENCE {
+         *                   prime INTEGER, -- p
+         *                   base INTEGER, -- g
+         *                   privateValueLength INTEGER OPTIONAL}
+         * </pre>
+         */
+        protected byte[] engineGetEncoded() 
+        {
+            DHParameter dhP = new DHParameter(currentSpec.getP(), currentSpec.getG(), currentSpec.getL());
+
+            try
+            {
+                return dhP.getEncoded(ASN1Encoding.DER);
+            }
+            catch (IOException e)
+            {
+                throw new RuntimeException("Error encoding DHParameters");
+            }
+        }
+
+        protected byte[] engineGetEncoded(
+            String format) 
+        {
+            if (isASN1FormatString(format))
+            {
+                return engineGetEncoded();
+            }
+
+            return null;
+        }
+
+        protected AlgorithmParameterSpec localEngineGetParameterSpec(
+            Class paramSpec) 
+            throws InvalidParameterSpecException
+        {
+            if (paramSpec == DHParameterSpec.class || paramSpec == AlgorithmParameterSpec.class)
+            {
+                return currentSpec;
+            }
+
+            throw new InvalidParameterSpecException("unknown parameter spec passed to DH parameters object.");
+        }
+
+        protected void engineInit(
+            AlgorithmParameterSpec paramSpec) 
+            throws InvalidParameterSpecException
+        {
+            if (!(paramSpec instanceof DHParameterSpec))
+            {
+                throw new InvalidParameterSpecException("DHParameterSpec required to initialise a Diffie-Hellman algorithm parameters object");
+            }
+
+            this.currentSpec = (DHParameterSpec)paramSpec;
+        }
+
+        protected void engineInit(
+            byte[] params) 
+            throws IOException
+        {
+            try
+            {
+                DHParameter dhP = DHParameter.getInstance(params);
+
+                if (dhP.getL() != null)
+                {
+                    currentSpec = new DHParameterSpec(dhP.getP(), dhP.getG(), dhP.getL().intValue());
+                }
+                else
+                {
+                    currentSpec = new DHParameterSpec(dhP.getP(), dhP.getG());
+                }
+            }
+            catch (ClassCastException e)
+            {
+                throw new IOException("Not a valid DH Parameter encoding.");
+            }
+            catch (ArrayIndexOutOfBoundsException e)
+            {
+                throw new IOException("Not a valid DH Parameter encoding.");
+            }
+        }
+
+        protected void engineInit(
+            byte[] params,
+            String format) 
+            throws IOException
+        {
+            if (isASN1FormatString(format))
+            {
+                engineInit(params);
+            }
+            else
+            {
+                throw new IOException("Unknown parameter format " + format);
+            }
+        }
+
+        protected String engineToString() 
+        {
+            return "Diffie-Hellman Parameters";
+        }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/BCDHPrivateKey.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/BCDHPrivateKey.java
new file mode 100644
index 0000000..68bca28
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/BCDHPrivateKey.java

@@ -0,0 +1,263 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.dh;
+
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.math.BigInteger;
+import java.util.Enumeration;
+
+import javax.crypto.interfaces.DHPrivateKey;
+import javax.crypto.spec.DHParameterSpec;
+import javax.crypto.spec.DHPrivateKeySpec;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.pkcs.DHParameter;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x9.DomainParameters;
+import com.android.org.bouncycastle.asn1.x9.ValidationParams;
+import com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.params.DHParameters;
+import com.android.org.bouncycastle.crypto.params.DHPrivateKeyParameters;
+import com.android.org.bouncycastle.crypto.params.DHValidationParameters;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl;
+import com.android.org.bouncycastle.jcajce.spec.DHDomainParameterSpec;
+import com.android.org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
+
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BCDHPrivateKey
+    implements DHPrivateKey, PKCS12BagAttributeCarrier
+{
+    static final long serialVersionUID = 311058815616901812L;
+    
+    private BigInteger      x;
+
+    private transient DHParameterSpec dhSpec;
+    private transient PrivateKeyInfo  info;
+    private transient DHPrivateKeyParameters dhPrivateKey;
+
+    private transient PKCS12BagAttributeCarrierImpl attrCarrier = new PKCS12BagAttributeCarrierImpl();
+
+    protected BCDHPrivateKey()
+    {
+    }
+
+    BCDHPrivateKey(
+        DHPrivateKey key)
+    {
+        this.x = key.getX();
+        this.dhSpec = key.getParams();
+    }
+
+    BCDHPrivateKey(
+        DHPrivateKeySpec spec)
+    {
+        this.x = spec.getX();
+        this.dhSpec = new DHParameterSpec(spec.getP(), spec.getG());
+    }
+
+    public BCDHPrivateKey(
+        PrivateKeyInfo info)
+        throws IOException
+    {
+        ASN1Sequence    seq = ASN1Sequence.getInstance(info.getPrivateKeyAlgorithm().getParameters());
+        ASN1Integer      derX = (ASN1Integer)info.parsePrivateKey();
+        ASN1ObjectIdentifier id = info.getPrivateKeyAlgorithm().getAlgorithm();
+
+        this.info = info;
+        this.x = derX.getValue();
+
+        if (id.equals(PKCSObjectIdentifiers.dhKeyAgreement))
+        {
+            DHParameter params = DHParameter.getInstance(seq);
+
+            if (params.getL() != null)
+            {
+                this.dhSpec = new DHParameterSpec(params.getP(), params.getG(), params.getL().intValue());
+                this.dhPrivateKey = new DHPrivateKeyParameters(x,
+                          new DHParameters(params.getP(), params.getG(), null, params.getL().intValue()));
+            }
+            else
+            {
+                this.dhSpec = new DHParameterSpec(params.getP(), params.getG());
+                this.dhPrivateKey = new DHPrivateKeyParameters(x,
+                          new DHParameters(params.getP(), params.getG()));
+            }
+        }
+        else if (id.equals(X9ObjectIdentifiers.dhpublicnumber))
+        {
+            DomainParameters params = DomainParameters.getInstance(seq);
+
+            this.dhSpec = new DHDomainParameterSpec(params.getP(), params.getQ(), params.getG(), params.getJ(), 0);
+            this.dhPrivateKey = new DHPrivateKeyParameters(x,
+                new DHParameters(params.getP(), params.getG(), params.getQ(), params.getJ(), null));
+        }
+        else
+        {
+            throw new IllegalArgumentException("unknown algorithm type: " + id);
+        }
+
+
+    }
+
+    BCDHPrivateKey(
+        DHPrivateKeyParameters params)
+    {
+        this.x = params.getX();
+        this.dhSpec = new DHDomainParameterSpec(params.getParameters());
+    }
+
+    public String getAlgorithm()
+    {
+        return "DH";
+    }
+
+    /**
+     * return the encoding format we produce in getEncoded().
+     *
+     * @return the string "PKCS#8"
+     */
+    public String getFormat()
+    {
+        return "PKCS#8";
+    }
+
+    /**
+     * Return a PKCS8 representation of the key. The sequence returned
+     * represents a full PrivateKeyInfo object.
+     *
+     * @return a PKCS8 representation of the key.
+     */
+    public byte[] getEncoded()
+    {
+        try
+        {
+            if (info != null)
+            {
+                return info.getEncoded(ASN1Encoding.DER);
+            }
+
+            PrivateKeyInfo          info;
+            if (dhSpec instanceof DHDomainParameterSpec && ((DHDomainParameterSpec)dhSpec).getQ() != null)
+            {
+                DHParameters params = ((DHDomainParameterSpec)dhSpec).getDomainParameters();
+                DHValidationParameters validationParameters = params.getValidationParameters();
+                ValidationParams vParams = null;
+                if (validationParameters != null)
+                {
+                    vParams = new ValidationParams(validationParameters.getSeed(), validationParameters.getCounter());
+                }
+                info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.dhpublicnumber, new DomainParameters(params.getP(), params.getG(), params.getQ(), params.getJ(), vParams).toASN1Primitive()), new ASN1Integer(getX()));
+            }
+            else
+            {
+                info = new PrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.dhKeyAgreement, new DHParameter(dhSpec.getP(), dhSpec.getG(), dhSpec.getL()).toASN1Primitive()), new ASN1Integer(getX()));
+            }
+            return info.getEncoded(ASN1Encoding.DER);
+        }
+        catch (Exception e)
+        {              
+            return null;
+        }
+    }
+
+    public String toString()
+    {
+        return DHUtil.privateKeyToString("DH", x, new DHParameters(dhSpec.getP(), dhSpec.getG()));
+    }
+
+    public DHParameterSpec getParams()
+    {
+        return dhSpec;
+    }
+
+    public BigInteger getX()
+    {
+        return x;
+    }
+
+    DHPrivateKeyParameters engineGetKeyParameters()
+    {
+        if (dhPrivateKey != null)
+        {
+            return dhPrivateKey;
+        }
+
+        if (dhSpec instanceof DHDomainParameterSpec)
+        {
+            return new DHPrivateKeyParameters(x, ((DHDomainParameterSpec)dhSpec).getDomainParameters());
+        }
+        return new DHPrivateKeyParameters(x, new DHParameters(dhSpec.getP(), dhSpec.getG(), null, dhSpec.getL()));
+    }
+
+    public boolean equals(
+        Object o)
+    {
+        if (!(o instanceof DHPrivateKey))
+        {
+            return false;
+        }
+
+        DHPrivateKey other = (DHPrivateKey)o;
+
+        return this.getX().equals(other.getX())
+            && this.getParams().getG().equals(other.getParams().getG())
+            && this.getParams().getP().equals(other.getParams().getP())
+            && this.getParams().getL() == other.getParams().getL();
+    }
+
+    public int hashCode()
+    {
+        return this.getX().hashCode() ^ this.getParams().getG().hashCode()
+                ^ this.getParams().getP().hashCode() ^ this.getParams().getL();
+    }
+
+    public void setBagAttribute(
+        ASN1ObjectIdentifier oid,
+        ASN1Encodable attribute)
+    {
+        attrCarrier.setBagAttribute(oid, attribute);
+    }
+
+    public ASN1Encodable getBagAttribute(
+        ASN1ObjectIdentifier oid)
+    {
+        return attrCarrier.getBagAttribute(oid);
+    }
+
+    public Enumeration getBagAttributeKeys()
+    {
+        return attrCarrier.getBagAttributeKeys();
+    }
+
+    private void readObject(
+        ObjectInputStream   in)
+        throws IOException, ClassNotFoundException
+    {
+        in.defaultReadObject();
+
+        this.dhSpec = new DHParameterSpec((BigInteger)in.readObject(), (BigInteger)in.readObject(), in.readInt());
+        this.info = null;
+        this.attrCarrier = new PKCS12BagAttributeCarrierImpl();
+    }
+
+    private void writeObject(
+        ObjectOutputStream  out)
+        throws IOException
+    {
+        out.defaultWriteObject();
+
+        out.writeObject(dhSpec.getP());
+        out.writeObject(dhSpec.getG());
+        out.writeInt(dhSpec.getL());
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/BCDHPublicKey.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/BCDHPublicKey.java
new file mode 100644
index 0000000..d788014
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/BCDHPublicKey.java

@@ -0,0 +1,257 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.dh;
+
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.math.BigInteger;
+
+import javax.crypto.interfaces.DHPublicKey;
+import javax.crypto.spec.DHParameterSpec;
+import javax.crypto.spec.DHPublicKeySpec;
+
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.pkcs.DHParameter;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import com.android.org.bouncycastle.asn1.x9.DomainParameters;
+import com.android.org.bouncycastle.asn1.x9.ValidationParams;
+import com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.params.DHParameters;
+import com.android.org.bouncycastle.crypto.params.DHPublicKeyParameters;
+import com.android.org.bouncycastle.crypto.params.DHValidationParameters;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil;
+import com.android.org.bouncycastle.jcajce.spec.DHDomainParameterSpec;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BCDHPublicKey
+    implements DHPublicKey
+{
+    static final long serialVersionUID = -216691575254424324L;
+    
+    private BigInteger              y;
+
+    private transient DHPublicKeyParameters   dhPublicKey;
+    private transient DHParameterSpec         dhSpec;
+    private transient SubjectPublicKeyInfo    info;
+    
+    BCDHPublicKey(
+        DHPublicKeySpec spec)
+    {
+        this.y = spec.getY();
+        this.dhSpec = new DHParameterSpec(spec.getP(), spec.getG());
+        this.dhPublicKey = new DHPublicKeyParameters(y, new DHParameters(spec.getP(), spec.getG()));
+    }
+
+    BCDHPublicKey(
+        DHPublicKey key)
+    {
+        this.y = key.getY();
+        this.dhSpec = key.getParams();
+        this.dhPublicKey = new DHPublicKeyParameters(y, new DHParameters(dhSpec.getP(), dhSpec.getG()));
+    }
+
+    BCDHPublicKey(
+        DHPublicKeyParameters params)
+    {
+        this.y = params.getY();
+        this.dhSpec = new DHDomainParameterSpec(params.getParameters());
+        this.dhPublicKey = params;
+    }
+
+    BCDHPublicKey(
+        BigInteger y,
+        DHParameterSpec dhSpec)
+    {
+        this.y = y;
+        this.dhSpec = dhSpec;
+
+        if (dhSpec instanceof DHDomainParameterSpec)
+        {
+            this.dhPublicKey = new DHPublicKeyParameters(y, ((DHDomainParameterSpec)dhSpec).getDomainParameters());
+        }
+        else
+        {
+            this.dhPublicKey = new DHPublicKeyParameters(y, new DHParameters(dhSpec.getP(), dhSpec.getG()));
+        }
+    }
+
+    public BCDHPublicKey(
+        SubjectPublicKeyInfo info)
+    {
+        this.info = info;
+
+        ASN1Integer              derY;
+        try
+        {
+            derY = (ASN1Integer)info.parsePublicKey();
+        }
+        catch (IOException e)
+        {
+            throw new IllegalArgumentException("invalid info structure in DH public key");
+        }
+
+        this.y = derY.getValue();
+
+        ASN1Sequence seq = ASN1Sequence.getInstance(info.getAlgorithm().getParameters());
+        ASN1ObjectIdentifier id = info.getAlgorithm().getAlgorithm();
+
+        // we need the PKCS check to handle older keys marked with the X9 oid.
+        if (id.equals(PKCSObjectIdentifiers.dhKeyAgreement) || isPKCSParam(seq))
+        {
+            DHParameter             params = DHParameter.getInstance(seq);
+
+            if (params.getL() != null)
+            {
+                this.dhSpec = new DHParameterSpec(params.getP(), params.getG(), params.getL().intValue());
+            }
+            else
+            {
+                this.dhSpec = new DHParameterSpec(params.getP(), params.getG());
+            }
+            this.dhPublicKey = new DHPublicKeyParameters(y, new DHParameters(dhSpec.getP(), dhSpec.getG()));
+        }
+        else if (id.equals(X9ObjectIdentifiers.dhpublicnumber))
+        {
+            DomainParameters params = DomainParameters.getInstance(seq);
+
+            ValidationParams validationParams = params.getValidationParams();
+            if (validationParams != null)
+            {
+                this.dhPublicKey = new DHPublicKeyParameters(y, new DHParameters(params.getP(), params.getG(), params.getQ(), params.getJ(),
+                                            new DHValidationParameters(validationParams.getSeed(), validationParams.getPgenCounter().intValue())));
+            }
+            else
+            {
+                this.dhPublicKey = new DHPublicKeyParameters(y, new DHParameters(params.getP(), params.getG(), params.getQ(), params.getJ(), null));
+            }
+            this.dhSpec = new DHDomainParameterSpec(dhPublicKey.getParameters());
+        }
+        else
+        {
+            throw new IllegalArgumentException("unknown algorithm type: " + id);
+        }
+    }
+
+    public String getAlgorithm()
+    {
+        return "DH";
+    }
+
+    public String getFormat()
+    {
+        return "X.509";
+    }
+
+    public byte[] getEncoded()
+    {
+        if (info != null)
+        {
+            return KeyUtil.getEncodedSubjectPublicKeyInfo(info);
+        }
+
+        if (dhSpec instanceof DHDomainParameterSpec && ((DHDomainParameterSpec)dhSpec).getQ() != null)
+        {
+            DHParameters params = ((DHDomainParameterSpec)dhSpec).getDomainParameters();
+            DHValidationParameters validationParameters = params.getValidationParameters();
+            ValidationParams vParams = null;
+            if (validationParameters != null)
+            {
+                vParams = new ValidationParams(validationParameters.getSeed(), validationParameters.getCounter());
+            }
+            return KeyUtil.getEncodedSubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.dhpublicnumber, new DomainParameters(params.getP(), params.getG(), params.getQ(), params.getJ(), vParams).toASN1Primitive()), new ASN1Integer(y));
+        }
+        return KeyUtil.getEncodedSubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.dhKeyAgreement, new DHParameter(dhSpec.getP(), dhSpec.getG(), dhSpec.getL()).toASN1Primitive()), new ASN1Integer(y));
+    }
+
+    public String toString()
+    {
+        return DHUtil.publicKeyToString("DH", y, new DHParameters(dhSpec.getP(), dhSpec.getG()));
+    }
+
+    public DHParameterSpec getParams()
+    {
+        return dhSpec;
+    }
+
+    public BigInteger getY()
+    {
+        return y;
+    }
+
+    public DHPublicKeyParameters engineGetKeyParameters()
+    {
+        return dhPublicKey;
+    }
+
+    private boolean isPKCSParam(ASN1Sequence seq)
+    {
+        if (seq.size() == 2)
+        {
+            return true;
+        }
+        
+        if (seq.size() > 3)
+        {
+            return false;
+        }
+
+        ASN1Integer l = ASN1Integer.getInstance(seq.getObjectAt(2));
+        ASN1Integer p = ASN1Integer.getInstance(seq.getObjectAt(0));
+
+        if (l.getValue().compareTo(BigInteger.valueOf(p.getValue().bitLength())) > 0)
+        {
+            return false;
+        }
+
+        return true;
+    }
+
+    public int hashCode()
+    {
+        return this.getY().hashCode() ^ this.getParams().getG().hashCode()
+                ^ this.getParams().getP().hashCode() ^ this.getParams().getL();
+    }
+
+    public boolean equals(
+        Object o)
+    {
+        if (!(o instanceof DHPublicKey))
+        {
+            return false;
+        }
+
+        DHPublicKey other = (DHPublicKey)o;
+
+        return this.getY().equals(other.getY())
+            && this.getParams().getG().equals(other.getParams().getG())
+            && this.getParams().getP().equals(other.getParams().getP())
+            && this.getParams().getL() == other.getParams().getL();
+    }
+
+    private void readObject(
+        ObjectInputStream   in)
+        throws IOException, ClassNotFoundException
+    {
+        in.defaultReadObject();
+
+        this.dhSpec = new DHParameterSpec((BigInteger)in.readObject(), (BigInteger)in.readObject(), in.readInt());
+        this.info = null;
+    }
+
+    private void writeObject(
+        ObjectOutputStream  out)
+        throws IOException
+    {
+        out.defaultWriteObject();
+
+        out.writeObject(dhSpec.getP());
+        out.writeObject(dhSpec.getG());
+        out.writeInt(dhSpec.getL());
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/DHUtil.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/DHUtil.java
new file mode 100644
index 0000000..ee1d621
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/DHUtil.java

@@ -0,0 +1,46 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.dh;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.crypto.params.DHParameters;
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Fingerprint;
+import com.android.org.bouncycastle.util.Strings;
+
+class DHUtil
+{
+    static String privateKeyToString(String algorithm, BigInteger x, DHParameters dhParams)
+    {
+        StringBuffer buf = new StringBuffer();
+        String       nl = Strings.lineSeparator();
+
+        BigInteger y = dhParams.getG().modPow(x, dhParams.getP());
+
+        buf.append(algorithm);
+        buf.append(" Private Key [").append(generateKeyFingerprint(y, dhParams)).append("]").append(nl);
+        buf.append("              Y: ").append(y.toString(16)).append(nl);
+
+        return buf.toString();
+    }
+
+    static String publicKeyToString(String algorithm, BigInteger y, DHParameters dhParams)
+    {
+        StringBuffer buf = new StringBuffer();
+        String       nl = Strings.lineSeparator();
+
+        buf.append(algorithm);
+        buf.append(" Public Key [").append(generateKeyFingerprint(y, dhParams)).append("]").append(nl);
+        buf.append("             Y: ").append(y.toString(16)).append(nl);
+
+        return buf.toString();
+    }
+
+    private static String generateKeyFingerprint(BigInteger y, DHParameters dhParams)
+    {
+            return new Fingerprint(
+                Arrays.concatenate(
+                    y.toByteArray(),
+                    dhParams.getP().toByteArray(), dhParams.getG().toByteArray())).toString();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java
new file mode 100644
index 0000000..9e812a6
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyAgreementSpi.java

@@ -0,0 +1,730 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.dh;
+
+import java.math.BigInteger;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.Key;
+import java.security.NoSuchAlgorithmException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.SecureRandom;
+import java.security.spec.AlgorithmParameterSpec;
+
+import javax.crypto.SecretKey;
+import javax.crypto.ShortBufferException;
+import javax.crypto.interfaces.DHPrivateKey;
+import javax.crypto.interfaces.DHPublicKey;
+import javax.crypto.spec.DHParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+
+import com.android.org.bouncycastle.crypto.BasicAgreement;
+import com.android.org.bouncycastle.crypto.DerivationFunction;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.agreement.DHUnifiedAgreement;
+// import org.bouncycastle.crypto.agreement.MQVBasicAgreement;
+// import org.bouncycastle.crypto.agreement.kdf.ConcatenationKDFGenerator;
+// import org.bouncycastle.crypto.agreement.kdf.DHKEKGenerator;
+// import org.bouncycastle.crypto.generators.KDF2BytesGenerator;
+// import org.bouncycastle.crypto.params.DHMQVPrivateParameters;
+// import org.bouncycastle.crypto.params.DHMQVPublicParameters;
+import com.android.org.bouncycastle.crypto.params.DHParameters;
+import com.android.org.bouncycastle.crypto.params.DHPrivateKeyParameters;
+import com.android.org.bouncycastle.crypto.params.DHPublicKeyParameters;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.params.DHUPrivateParameters;
+// import org.bouncycastle.crypto.params.DHUPublicParameters;
+// import org.bouncycastle.crypto.util.DigestFactory;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.BaseAgreementSpi;
+import com.android.org.bouncycastle.jcajce.spec.DHDomainParameterSpec;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jcajce.spec.DHUParameterSpec;
+// import org.bouncycastle.jcajce.spec.MQVParameterSpec;
+import com.android.org.bouncycastle.jcajce.spec.UserKeyingMaterialSpec;
+
+/**
+ * Diffie-Hellman key agreement. There's actually a better way of doing this
+ * if you are using long term public keys, see the light-weight version for
+ * details.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class KeyAgreementSpi
+    extends BaseAgreementSpi
+{
+    private static final BigInteger ONE = BigInteger.valueOf(1);
+    private static final BigInteger TWO = BigInteger.valueOf(2);
+
+    // Android-removed: Unsupported algorithms
+    // private final DHUnifiedAgreement unifiedAgreement;
+    private final BasicAgreement mqvAgreement;
+
+    // Android-removed: Unsupported algorithms
+    // private DHUParameterSpec dheParameters;
+    // private MQVParameterSpec mqvParameters;
+
+    private BigInteger      x;
+    private BigInteger      p;
+    private BigInteger      g;
+
+    private byte[]          result;
+
+    public KeyAgreementSpi()
+    {
+        this("Diffie-Hellman", null);
+    }
+
+    public KeyAgreementSpi(
+        String kaAlgorithm,
+        DerivationFunction kdf)
+    {
+        super(kaAlgorithm, kdf);
+        // Android-removed: Unsupported algorithm
+        // this.unifiedAgreement = null;
+        this.mqvAgreement = null;
+    }
+
+    // BEGIN Android-removed: Unsupported algorithm
+    /*
+    public KeyAgreementSpi(
+        String kaAlgorithm,
+        DHUnifiedAgreement unifiedAgreement,
+        DerivationFunction kdf)
+    {
+        super(kaAlgorithm, kdf);
+        this.unifiedAgreement = unifiedAgreement;
+        this.mqvAgreement = null;
+    }
+    */
+    // END Android-removed: Unsupported algorithm
+
+    public KeyAgreementSpi(
+        String kaAlgorithm,
+        BasicAgreement mqvAgreement,
+        DerivationFunction kdf)
+    {
+        super(kaAlgorithm, kdf);
+        // Android-removed: Unsupported algorithm
+        // this.unifiedAgreement = null;
+        this.mqvAgreement = mqvAgreement;
+    }
+
+    protected byte[] bigIntToBytes(
+        BigInteger    r)
+    {
+        //
+        // RFC 2631 (2.1.2) specifies that the secret should be padded with leading zeros if necessary
+        // must be the same length as p
+        //
+        int expectedLength = (p.bitLength() + 7) / 8;
+
+        byte[]    tmp = r.toByteArray();
+
+        if (tmp.length == expectedLength)
+        {
+            return tmp;
+        }
+
+        if (tmp[0] == 0 && tmp.length == expectedLength + 1)
+        {
+            byte[]    rv = new byte[tmp.length - 1];
+            
+            System.arraycopy(tmp, 1, rv, 0, rv.length);
+            return rv;
+        }
+
+        // tmp must be shorter than expectedLength
+        // pad to the left with zeros.
+        byte[]    rv = new byte[expectedLength];
+
+        System.arraycopy(tmp, 0, rv, rv.length - tmp.length, tmp.length);
+
+        return rv;
+    }
+    
+    protected Key engineDoPhase(
+        Key     key,
+        boolean lastPhase) 
+        throws InvalidKeyException, IllegalStateException
+    {
+        if (x == null)
+        {
+            throw new IllegalStateException("Diffie-Hellman not initialised.");
+        }
+
+        if (!(key instanceof DHPublicKey))
+        {
+            throw new InvalidKeyException("DHKeyAgreement doPhase requires DHPublicKey");
+        }
+        DHPublicKey pubKey = (DHPublicKey)key;
+
+        if (!pubKey.getParams().getG().equals(g) || !pubKey.getParams().getP().equals(p))
+        {
+            throw new InvalidKeyException("DHPublicKey not for this KeyAgreement!");
+        }
+
+        BigInteger peerY = ((DHPublicKey)key).getY();
+        if (peerY == null || peerY.compareTo(TWO) < 0
+            || peerY.compareTo(p.subtract(ONE)) >= 0)
+        {
+            throw new InvalidKeyException("Invalid DH PublicKey");
+        }
+
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        if (unifiedAgreement != null)
+        {
+            if (!lastPhase)
+            {
+                throw new IllegalStateException("unified Diffie-Hellman can use only two key pairs");
+            }
+
+            DHPublicKeyParameters staticKey = generatePublicKeyParameter((PublicKey)key);
+            DHPublicKeyParameters ephemKey = generatePublicKeyParameter(dheParameters.getOtherPartyEphemeralKey());
+
+            DHUPublicParameters pKey = new DHUPublicParameters(staticKey, ephemKey);
+
+            result = unifiedAgreement.calculateAgreement(pKey);
+
+            return null;
+        }
+        else if (mqvAgreement != null)
+        {
+            if (!lastPhase)
+            {
+                throw new IllegalStateException("MQV Diffie-Hellman can use only two key pairs");
+            }
+
+            DHPublicKeyParameters staticKey = generatePublicKeyParameter((PublicKey)key);
+            DHPublicKeyParameters ephemKey = generatePublicKeyParameter(mqvParameters.getOtherPartyEphemeralKey());
+
+            DHMQVPublicParameters pKey = new DHMQVPublicParameters(staticKey, ephemKey);
+
+            result = bigIntToBytes(mqvAgreement.calculateAgreement(pKey));
+
+            return null;
+        }
+        else
+        {
+        */
+        // END Android-removed: Unsupported algorithms
+            BigInteger res = peerY.modPow(x, p);
+            if (res.compareTo(ONE) == 0)
+            {
+                throw new InvalidKeyException("Shared key can't be 1");
+            }
+
+            result = bigIntToBytes(res);
+
+            if (lastPhase)
+            {
+                return null;
+            }
+
+            return new BCDHPublicKey(res, pubKey.getParams());
+        /*
+        }
+        */
+    }
+
+    protected byte[] engineGenerateSecret() 
+        throws IllegalStateException
+    {
+        if (x == null)
+        {
+            throw new IllegalStateException("Diffie-Hellman not initialised.");
+        }
+
+        return super.engineGenerateSecret();
+    }
+
+    protected int engineGenerateSecret(
+        byte[]  sharedSecret,
+        int     offset) 
+        throws IllegalStateException, ShortBufferException
+    {
+        if (x == null)
+        {
+            throw new IllegalStateException("Diffie-Hellman not initialised.");
+        }
+
+        return super.engineGenerateSecret(sharedSecret, offset);
+    }
+
+    protected SecretKey engineGenerateSecret(
+        String algorithm)
+        throws NoSuchAlgorithmException
+    {
+        if (x == null)
+        {
+            throw new IllegalStateException("Diffie-Hellman not initialised.");
+        }
+
+        // for JSSE compatibility
+        if (algorithm.equals("TlsPremasterSecret"))
+        {
+            return new SecretKeySpec(trimZeroes(result), algorithm);
+        }
+
+        return super.engineGenerateSecret(algorithm);
+    }
+
+    protected void engineInit(
+        Key                     key,
+        AlgorithmParameterSpec  params,
+        SecureRandom            random) 
+        throws InvalidKeyException, InvalidAlgorithmParameterException
+    {
+        if (!(key instanceof DHPrivateKey))
+        {
+            throw new InvalidKeyException("DHKeyAgreement requires DHPrivateKey for initialisation");
+        }
+        DHPrivateKey    privKey = (DHPrivateKey)key;
+
+        if (params != null)
+        {
+            if (params instanceof DHParameterSpec)    // p, g override.
+            {
+                DHParameterSpec p = (DHParameterSpec)params;
+
+                this.p = p.getP();
+                this.g = p.getG();
+                // Android-removed: Unsupported algorithm
+                // this.dheParameters = null;
+                this.ukmParameters = null;
+            }
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            else if (params instanceof DHUParameterSpec)
+            {
+                if (unifiedAgreement == null)
+                {
+                    throw new InvalidAlgorithmParameterException("agreement algorithm not DHU based");
+                }
+                this.p = privKey.getParams().getP();
+                this.g = privKey.getParams().getG();
+                this.dheParameters = (DHUParameterSpec)params;
+                this.ukmParameters = ((DHUParameterSpec)params).getUserKeyingMaterial();
+
+                if (dheParameters.getEphemeralPublicKey() != null)
+                {
+                    unifiedAgreement.init(new DHUPrivateParameters(generatePrivateKeyParameter(privKey),
+                        generatePrivateKeyParameter(dheParameters.getEphemeralPrivateKey()),
+                        generatePublicKeyParameter(dheParameters.getEphemeralPublicKey())));
+                }
+                else
+                {
+                    unifiedAgreement.init(new DHUPrivateParameters(generatePrivateKeyParameter(privKey),
+                            generatePrivateKeyParameter(dheParameters.getEphemeralPrivateKey())));
+                }
+            }
+            else if (params instanceof MQVParameterSpec)
+            {
+                if (mqvAgreement == null)
+                {
+                    throw new InvalidAlgorithmParameterException("agreement algorithm not MQV based");
+                }
+                this.p = privKey.getParams().getP();
+                this.g = privKey.getParams().getG();
+                this.mqvParameters = (MQVParameterSpec)params;
+                this.ukmParameters = ((MQVParameterSpec)params).getUserKeyingMaterial();
+
+                if (mqvParameters.getEphemeralPublicKey() != null)
+                {
+                    mqvAgreement.init(new DHMQVPrivateParameters(generatePrivateKeyParameter(privKey),
+                        generatePrivateKeyParameter(mqvParameters.getEphemeralPrivateKey()),
+                        generatePublicKeyParameter(mqvParameters.getEphemeralPublicKey())));
+                }
+                else
+                {
+                    mqvAgreement.init(new DHMQVPrivateParameters(generatePrivateKeyParameter(privKey),
+                            generatePrivateKeyParameter(mqvParameters.getEphemeralPrivateKey())));
+                }
+            }
+            */
+            // END Android-removed: Unsupported algorithms
+            else if (params instanceof UserKeyingMaterialSpec)
+            {
+                if (kdf == null)
+                {
+                    throw new InvalidAlgorithmParameterException("no KDF specified for UserKeyingMaterialSpec");
+                }
+                this.p = privKey.getParams().getP();
+                this.g = privKey.getParams().getG();
+                // Android-removed: Unsupported algorithm
+                // this.dheParameters = null;
+                this.ukmParameters = ((UserKeyingMaterialSpec)params).getUserKeyingMaterial();
+            }
+            else
+            {
+                throw new InvalidAlgorithmParameterException("DHKeyAgreement only accepts DHParameterSpec");
+            }
+        }
+        else
+        {
+            this.p = privKey.getParams().getP();
+            this.g = privKey.getParams().getG();
+        }
+
+        this.x = privKey.getX();
+        this.result = bigIntToBytes(x);
+    }
+
+    protected void engineInit(
+        Key             key,
+        SecureRandom    random) 
+        throws InvalidKeyException
+    {
+        if (!(key instanceof DHPrivateKey))
+        {
+            throw new InvalidKeyException("DHKeyAgreement requires DHPrivateKey");
+        }
+
+        DHPrivateKey    privKey = (DHPrivateKey)key;
+
+        this.p = privKey.getParams().getP();
+        this.g = privKey.getParams().getG();
+        this.x = privKey.getX();
+        this.result = bigIntToBytes(x);
+    }
+
+    protected byte[] calcSecret()
+    {
+        return result;
+    }
+
+    private DHPrivateKeyParameters generatePrivateKeyParameter(PrivateKey privKey)
+        throws InvalidKeyException
+    {
+        if (privKey instanceof DHPrivateKey)
+        {
+            if (privKey instanceof BCDHPrivateKey)
+            {
+                return ((BCDHPrivateKey)privKey).engineGetKeyParameters();
+            }
+            else
+            {
+                DHPrivateKey pub = (DHPrivateKey)privKey;
+
+                DHParameterSpec params = pub.getParams();
+                return new DHPrivateKeyParameters(pub.getX(),
+                            new DHParameters(params.getP(), params.getG(), null, params.getL()));
+            }
+        }
+        else
+        {
+            throw new InvalidKeyException("private key not a DHPrivateKey");
+        }
+    }
+
+    private DHPublicKeyParameters generatePublicKeyParameter(PublicKey pubKey)
+        throws InvalidKeyException
+    {
+        if (pubKey instanceof DHPublicKey)
+        {
+            if (pubKey instanceof BCDHPublicKey)
+            {
+                return ((BCDHPublicKey)pubKey).engineGetKeyParameters();
+            }
+            else
+            {
+                DHPublicKey pub = (DHPublicKey)pubKey;
+
+                DHParameterSpec params = pub.getParams();
+
+                if (params instanceof DHDomainParameterSpec)
+                {
+                    return new DHPublicKeyParameters(pub.getY(), ((DHDomainParameterSpec)params).getDomainParameters());
+                }
+                return new DHPublicKeyParameters(pub.getY(),
+                            new DHParameters(params.getP(), params.getG(), null, params.getL()));
+            }
+        }
+        else
+        {
+            throw new InvalidKeyException("public key not a DHPublicKey");
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    public static class DHwithRFC2631KDF
+        extends KeyAgreementSpi
+    {
+        public DHwithRFC2631KDF()
+        {
+            super("DHwithRFC2631KDF", new DHKEKGenerator(DigestFactory.createSHA1()));
+        }
+    }
+
+    public static class DHwithSHA1KDF
+        extends KeyAgreementSpi
+    {
+        public DHwithSHA1KDF()
+        {
+            super("DHwithSHA1CKDF", new KDF2BytesGenerator(DigestFactory.createSHA1()));
+        }
+    }
+
+    public static class DHwithSHA224KDF
+        extends KeyAgreementSpi
+    {
+        public DHwithSHA224KDF()
+        {
+            super("DHwithSHA224CKDF", new KDF2BytesGenerator(DigestFactory.createSHA224()));
+        }
+    }
+
+    public static class DHwithSHA256KDF
+        extends KeyAgreementSpi
+    {
+        public DHwithSHA256KDF()
+        {
+            super("DHwithSHA256CKDF", new KDF2BytesGenerator(DigestFactory.createSHA256()));
+        }
+    }
+
+    public static class DHwithSHA384KDF
+        extends KeyAgreementSpi
+    {
+        public DHwithSHA384KDF()
+        {
+            super("DHwithSHA384KDF", new KDF2BytesGenerator(DigestFactory.createSHA384()));
+        }
+    }
+
+    public static class DHwithSHA512KDF
+        extends KeyAgreementSpi
+    {
+        public DHwithSHA512KDF()
+        {
+            super("DHwithSHA512KDF", new KDF2BytesGenerator(DigestFactory.createSHA512()));
+        }
+    }
+
+    public static class DHwithSHA1CKDF
+        extends KeyAgreementSpi
+    {
+        public DHwithSHA1CKDF()
+        {
+            super("DHwithSHA1CKDF", new ConcatenationKDFGenerator(DigestFactory.createSHA1()));
+        }
+    }
+
+    public static class DHwithSHA224CKDF
+        extends KeyAgreementSpi
+    {
+        public DHwithSHA224CKDF()
+        {
+            super("DHwithSHA224CKDF", new ConcatenationKDFGenerator(DigestFactory.createSHA224()));
+        }
+    }
+
+    public static class DHwithSHA256CKDF
+        extends KeyAgreementSpi
+    {
+        public DHwithSHA256CKDF()
+        {
+            super("DHwithSHA256CKDF", new ConcatenationKDFGenerator(DigestFactory.createSHA256()));
+        }
+    }
+
+    public static class DHwithSHA384CKDF
+        extends KeyAgreementSpi
+    {
+        public DHwithSHA384CKDF()
+        {
+            super("DHwithSHA384CKDF", new ConcatenationKDFGenerator(DigestFactory.createSHA384()));
+        }
+    }
+
+    public static class DHwithSHA512CKDF
+        extends KeyAgreementSpi
+    {
+        public DHwithSHA512CKDF()
+        {
+            super("DHwithSHA512CKDF", new ConcatenationKDFGenerator(DigestFactory.createSHA512()));
+        }
+    }
+
+    public static class DHUwithSHA1KDF
+        extends KeyAgreementSpi
+    {
+        public DHUwithSHA1KDF()
+        {
+            super("DHUwithSHA1KDF", new DHUnifiedAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1()));
+        }
+    }
+
+    public static class DHUwithSHA224KDF
+        extends KeyAgreementSpi
+    {
+        public DHUwithSHA224KDF()
+        {
+            super("DHUwithSHA224KDF", new DHUnifiedAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA224()));
+        }
+    }
+
+    public static class DHUwithSHA256KDF
+        extends KeyAgreementSpi
+    {
+        public DHUwithSHA256KDF()
+        {
+            super("DHUwithSHA256KDF", new DHUnifiedAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA256()));
+        }
+    }
+
+    public static class DHUwithSHA384KDF
+        extends KeyAgreementSpi
+    {
+        public DHUwithSHA384KDF()
+        {
+            super("DHUwithSHA384KDF", new DHUnifiedAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA384()));
+        }
+    }
+
+    public static class DHUwithSHA512KDF
+        extends KeyAgreementSpi
+    {
+        public DHUwithSHA512KDF()
+        {
+            super("DHUwithSHA512KDF", new DHUnifiedAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA512()));
+        }
+    }
+
+    public static class DHUwithSHA1CKDF
+        extends KeyAgreementSpi
+    {
+        public DHUwithSHA1CKDF()
+        {
+            super("DHUwithSHA1CKDF", new DHUnifiedAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA1()));
+        }
+    }
+
+    public static class DHUwithSHA224CKDF
+        extends KeyAgreementSpi
+    {
+        public DHUwithSHA224CKDF()
+        {
+            super("DHUwithSHA224CKDF", new DHUnifiedAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA224()));
+        }
+    }
+
+    public static class DHUwithSHA256CKDF
+        extends KeyAgreementSpi
+    {
+        public DHUwithSHA256CKDF()
+        {
+            super("DHUwithSHA256CKDF", new DHUnifiedAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA256()));
+        }
+    }
+
+    public static class DHUwithSHA384CKDF
+        extends KeyAgreementSpi
+    {
+        public DHUwithSHA384CKDF()
+        {
+            super("DHUwithSHA384CKDF", new DHUnifiedAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA384()));
+        }
+    }
+
+    public static class DHUwithSHA512CKDF
+        extends KeyAgreementSpi
+    {
+        public DHUwithSHA512CKDF()
+        {
+            super("DHUwithSHA512CKDF", new DHUnifiedAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA512()));
+        }
+    }
+
+    public static class MQVwithSHA1KDF
+        extends KeyAgreementSpi
+    {
+        public MQVwithSHA1KDF()
+        {
+            super("MQVwithSHA1KDF", new MQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1()));
+        }
+    }
+
+    public static class MQVwithSHA224KDF
+        extends KeyAgreementSpi
+    {
+        public MQVwithSHA224KDF()
+        {
+            super("MQVwithSHA224KDF", new MQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA224()));
+        }
+    }
+
+    public static class MQVwithSHA256KDF
+        extends KeyAgreementSpi
+    {
+        public MQVwithSHA256KDF()
+        {
+            super("MQVwithSHA256KDF", new MQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA256()));
+        }
+    }
+
+    public static class MQVwithSHA384KDF
+        extends KeyAgreementSpi
+    {
+        public MQVwithSHA384KDF()
+        {
+            super("MQVwithSHA384KDF", new MQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA384()));
+        }
+    }
+
+    public static class MQVwithSHA512KDF
+        extends KeyAgreementSpi
+    {
+        public MQVwithSHA512KDF()
+        {
+            super("MQVwithSHA512KDF", new MQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA512()));
+        }
+    }
+
+    public static class MQVwithSHA1CKDF
+        extends KeyAgreementSpi
+    {
+        public MQVwithSHA1CKDF()
+        {
+            super("MQVwithSHA1CKDF", new MQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA1()));
+        }
+    }
+
+    public static class MQVwithSHA224CKDF
+        extends KeyAgreementSpi
+    {
+        public MQVwithSHA224CKDF()
+        {
+            super("MQVwithSHA224CKDF", new MQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA224()));
+        }
+    }
+
+    public static class MQVwithSHA256CKDF
+        extends KeyAgreementSpi
+    {
+        public MQVwithSHA256CKDF()
+        {
+            super("MQVwithSHA256CKDF", new MQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA256()));
+        }
+    }
+
+    public static class MQVwithSHA384CKDF
+        extends KeyAgreementSpi
+    {
+        public MQVwithSHA384CKDF()
+        {
+            super("MQVwithSHA384CKDF", new MQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA384()));
+        }
+    }
+
+    public static class MQVwithSHA512CKDF
+        extends KeyAgreementSpi
+    {
+        public MQVwithSHA512CKDF()
+        {
+            super("MQVwithSHA512CKDF", new MQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA512()));
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyFactorySpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyFactorySpi.java
new file mode 100644
index 0000000..9f94013
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyFactorySpi.java

@@ -0,0 +1,140 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.dh;
+
+import java.io.IOException;
+import java.security.InvalidKeyException;
+import java.security.Key;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.KeySpec;
+
+import javax.crypto.interfaces.DHPrivateKey;
+import javax.crypto.interfaces.DHPublicKey;
+import javax.crypto.spec.DHPrivateKeySpec;
+import javax.crypto.spec.DHPublicKeySpec;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.ExtendedInvalidKeySpecException;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class KeyFactorySpi
+    extends BaseKeyFactorySpi
+{
+    public KeyFactorySpi()
+    {
+    }
+
+    protected KeySpec engineGetKeySpec(
+        Key key,
+        Class spec)
+        throws InvalidKeySpecException
+    {
+        if (spec.isAssignableFrom(DHPrivateKeySpec.class) && key instanceof DHPrivateKey)
+        {
+            DHPrivateKey k = (DHPrivateKey)key;
+
+            return new DHPrivateKeySpec(k.getX(), k.getParams().getP(), k.getParams().getG());
+        }
+        else if (spec.isAssignableFrom(DHPublicKeySpec.class) && key instanceof DHPublicKey)
+        {
+            DHPublicKey k = (DHPublicKey)key;
+
+            return new DHPublicKeySpec(k.getY(), k.getParams().getP(), k.getParams().getG());
+        }
+
+        return super.engineGetKeySpec(key, spec);
+    }
+
+    protected Key engineTranslateKey(
+        Key key)
+        throws InvalidKeyException
+    {
+        if (key instanceof DHPublicKey)
+        {
+            return new BCDHPublicKey((DHPublicKey)key);
+        }
+        else if (key instanceof DHPrivateKey)
+        {
+            return new BCDHPrivateKey((DHPrivateKey)key);
+        }
+
+        throw new InvalidKeyException("key type unknown");
+    }
+
+    protected PrivateKey engineGeneratePrivate(
+        KeySpec keySpec)
+        throws InvalidKeySpecException
+    {
+        if (keySpec instanceof DHPrivateKeySpec)
+        {
+            return new BCDHPrivateKey((DHPrivateKeySpec)keySpec);
+        }
+
+        return super.engineGeneratePrivate(keySpec);
+    }
+
+    protected PublicKey engineGeneratePublic(
+        KeySpec keySpec)
+        throws InvalidKeySpecException
+    {
+        if (keySpec instanceof DHPublicKeySpec)
+        {
+            try
+            {
+                return new BCDHPublicKey((DHPublicKeySpec)keySpec);
+            }
+            catch (IllegalArgumentException e)
+            {
+                throw new ExtendedInvalidKeySpecException(e.getMessage(), e);
+            }
+        }
+
+        return super.engineGeneratePublic(keySpec);
+    }
+
+    public PrivateKey generatePrivate(PrivateKeyInfo keyInfo)
+        throws IOException
+    {
+        ASN1ObjectIdentifier algOid = keyInfo.getPrivateKeyAlgorithm().getAlgorithm();
+
+        if (algOid.equals(PKCSObjectIdentifiers.dhKeyAgreement))
+        {
+            return new BCDHPrivateKey(keyInfo);
+        }
+        else if (algOid.equals(X9ObjectIdentifiers.dhpublicnumber))
+        {
+            return new BCDHPrivateKey(keyInfo);
+        }
+        else
+        {
+            throw new IOException("algorithm identifier " + algOid + " in key not recognised");
+        }
+    }
+
+    public PublicKey generatePublic(SubjectPublicKeyInfo keyInfo)
+        throws IOException
+    {
+        ASN1ObjectIdentifier algOid = keyInfo.getAlgorithm().getAlgorithm();
+
+        if (algOid.equals(PKCSObjectIdentifiers.dhKeyAgreement))
+        {
+            return new BCDHPublicKey(keyInfo);
+        }
+        else if (algOid.equals(X9ObjectIdentifiers.dhpublicnumber))
+        {
+            return new BCDHPublicKey(keyInfo);
+        }
+        else
+        {
+            throw new IOException("algorithm identifier " + algOid + " in key not recognised");
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyPairGeneratorSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyPairGeneratorSpi.java
new file mode 100644
index 0000000..cb5f7d8
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dh/KeyPairGeneratorSpi.java

@@ -0,0 +1,141 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.dh;
+
+import java.security.InvalidAlgorithmParameterException;
+import java.security.KeyPair;
+import java.security.SecureRandom;
+import java.security.spec.AlgorithmParameterSpec;
+import java.util.Hashtable;
+
+import javax.crypto.spec.DHParameterSpec;
+
+import com.android.org.bouncycastle.crypto.AsymmetricCipherKeyPair;
+import com.android.org.bouncycastle.crypto.CryptoServicesRegistrar;
+import com.android.org.bouncycastle.crypto.generators.DHBasicKeyPairGenerator;
+import com.android.org.bouncycastle.crypto.generators.DHParametersGenerator;
+import com.android.org.bouncycastle.crypto.params.DHKeyGenerationParameters;
+import com.android.org.bouncycastle.crypto.params.DHParameters;
+import com.android.org.bouncycastle.crypto.params.DHPrivateKeyParameters;
+import com.android.org.bouncycastle.crypto.params.DHPublicKeyParameters;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.PrimeCertaintyCalculator;
+import com.android.org.bouncycastle.jcajce.spec.DHDomainParameterSpec;
+import com.android.org.bouncycastle.jce.provider.BouncyCastleProvider;
+import com.android.org.bouncycastle.util.Integers;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class KeyPairGeneratorSpi
+    extends java.security.KeyPairGenerator
+{
+    private static Hashtable params = new Hashtable();
+    private static Object    lock = new Object();
+
+    DHKeyGenerationParameters param;
+    DHBasicKeyPairGenerator engine = new DHBasicKeyPairGenerator();
+    int strength = 2048;
+    SecureRandom random = CryptoServicesRegistrar.getSecureRandom();
+    boolean initialised = false;
+
+    public KeyPairGeneratorSpi()
+    {
+        super("DH");
+    }
+
+    public void initialize(
+        int strength,
+        SecureRandom random)
+    {
+        this.strength = strength;
+        this.random = random;
+        this.initialised = false;
+    }
+
+    public void initialize(
+        AlgorithmParameterSpec params,
+        SecureRandom random)
+        throws InvalidAlgorithmParameterException
+    {
+        if (!(params instanceof DHParameterSpec))
+        {
+            throw new InvalidAlgorithmParameterException("parameter object not a DHParameterSpec");
+        }
+        DHParameterSpec dhParams = (DHParameterSpec)params;
+
+        try
+        {
+            param = convertParams(random, dhParams);
+        }
+        catch (IllegalArgumentException e)
+        {
+            throw new InvalidAlgorithmParameterException(e.getMessage(), e);
+        }
+        
+        engine.init(param);
+        initialised = true;
+    }
+
+    private DHKeyGenerationParameters convertParams(SecureRandom random, DHParameterSpec dhParams)
+    {
+        if (dhParams instanceof DHDomainParameterSpec)
+        {
+            return new DHKeyGenerationParameters(random, ((DHDomainParameterSpec)dhParams).getDomainParameters());
+        }
+        return new DHKeyGenerationParameters(random, new DHParameters(dhParams.getP(), dhParams.getG(), null, dhParams.getL()));
+    }
+
+    public KeyPair generateKeyPair()
+    {
+        if (!initialised)
+        {
+            Integer paramStrength = Integers.valueOf(strength);
+
+            if (params.containsKey(paramStrength))
+            {
+                param = (DHKeyGenerationParameters)params.get(paramStrength);
+            }
+            else
+            {
+                DHParameterSpec dhParams = BouncyCastleProvider.CONFIGURATION.getDHDefaultParameters(strength);
+
+                if (dhParams != null)
+                {   
+                    param = convertParams(random, dhParams);
+                }
+                else
+                {
+                    synchronized (lock)
+                    {
+                        // we do the check again in case we were blocked by a generator for
+                        // our key size.
+                        if (params.containsKey(paramStrength))
+                        {
+                            param = (DHKeyGenerationParameters)params.get(paramStrength);
+                        }
+                        else
+                        {
+
+                            DHParametersGenerator pGen = new DHParametersGenerator();
+
+                            pGen.init(strength, PrimeCertaintyCalculator.getDefaultCertainty(strength), random);
+
+                            param = new DHKeyGenerationParameters(random, pGen.generateParameters());
+
+                            params.put(paramStrength, param);
+                        }
+                    }
+                }
+            }
+
+            engine.init(param);
+
+            initialised = true;
+        }
+
+        AsymmetricCipherKeyPair pair = engine.generateKeyPair();
+        DHPublicKeyParameters pub = (DHPublicKeyParameters)pair.getPublic();
+        DHPrivateKeyParameters priv = (DHPrivateKeyParameters)pair.getPrivate();
+
+        return new KeyPair(new BCDHPublicKey(pub), new BCDHPrivateKey(priv));
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dsa/AlgorithmParameterGeneratorSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dsa/AlgorithmParameterGeneratorSpi.java
new file mode 100644
index 0000000..3655de0
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dsa/AlgorithmParameterGeneratorSpi.java

@@ -0,0 +1,115 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.dsa;
+
+import java.security.AlgorithmParameters;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidParameterException;
+import java.security.SecureRandom;
+import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.DSAParameterSpec;
+
+import com.android.org.bouncycastle.crypto.CryptoServicesRegistrar;
+import com.android.org.bouncycastle.crypto.digests.SHA256Digest;
+import com.android.org.bouncycastle.crypto.generators.DSAParametersGenerator;
+import com.android.org.bouncycastle.crypto.params.DSAParameterGenerationParameters;
+import com.android.org.bouncycastle.crypto.params.DSAParameters;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.BaseAlgorithmParameterGeneratorSpi;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.PrimeCertaintyCalculator;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class AlgorithmParameterGeneratorSpi
+    extends BaseAlgorithmParameterGeneratorSpi
+{
+    protected SecureRandom random;
+    // Android-changed: Change default strength to 1024
+    // In 1.57, the default strength was changed to 2048.  We keep it at 1024 for app
+    // compatibility, particularly because the default digest (SHA-1) doesn't have
+    // a sufficiently long digest to work with 2048-bit keys.
+    protected int strength = 1024;
+    protected DSAParameterGenerationParameters params;
+
+    protected void engineInit(
+        int strength,
+        SecureRandom random)
+    {
+        if (strength < 512 || strength > 3072)
+        {
+            throw new InvalidParameterException("strength must be from 512 - 3072");
+        }
+
+        if (strength <= 1024 && strength % 64 != 0)
+        {
+            throw new InvalidParameterException("strength must be a multiple of 64 below 1024 bits.");
+        }
+
+        if (strength > 1024 && strength % 1024 != 0)
+        {
+            throw new InvalidParameterException("strength must be a multiple of 1024 above 1024 bits.");
+        }
+
+        this.strength = strength;
+        this.random = random;
+    }
+
+    protected void engineInit(
+        AlgorithmParameterSpec genParamSpec,
+        SecureRandom random)
+        throws InvalidAlgorithmParameterException
+    {
+        throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DSA parameter generation.");
+    }
+
+    protected AlgorithmParameters engineGenerateParameters()
+    {
+        DSAParametersGenerator pGen;
+
+        if (strength <= 1024)
+        {
+            pGen = new DSAParametersGenerator();
+        }
+        else
+        {
+            pGen = new DSAParametersGenerator(new SHA256Digest());
+        }
+
+        if (random == null)
+        {
+            random = CryptoServicesRegistrar.getSecureRandom();
+        }
+
+        int certainty = PrimeCertaintyCalculator.getDefaultCertainty(strength);
+
+        if (strength == 1024)
+        {
+            params = new DSAParameterGenerationParameters(1024, 160, certainty, random);
+            pGen.init(params);
+        }
+        else if (strength > 1024)
+        {
+            params = new DSAParameterGenerationParameters(strength, 256, certainty, random);
+            pGen.init(params);
+        }
+        else
+        {
+            pGen.init(strength, certainty, random);
+        }
+
+        DSAParameters p = pGen.generateParameters();
+
+        AlgorithmParameters params;
+
+        try
+        {
+            params = createParametersInstance("DSA");
+            params.init(new DSAParameterSpec(p.getP(), p.getQ(), p.getG()));
+        }
+        catch (Exception e)
+        {
+            throw new RuntimeException(e.getMessage());
+        }
+
+        return params;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dsa/AlgorithmParametersSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dsa/AlgorithmParametersSpi.java
new file mode 100644
index 0000000..23124d6
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dsa/AlgorithmParametersSpi.java

@@ -0,0 +1,135 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.dsa;
+
+import java.io.IOException;
+import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.DSAParameterSpec;
+import java.security.spec.InvalidParameterSpecException;
+
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.x509.DSAParameter;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class AlgorithmParametersSpi
+    extends java.security.AlgorithmParametersSpi
+{
+    DSAParameterSpec currentSpec;
+
+    protected boolean isASN1FormatString(String format)
+    {
+        return format == null || format.equals("ASN.1");
+    }
+
+    protected AlgorithmParameterSpec engineGetParameterSpec(
+        Class paramSpec)
+        throws InvalidParameterSpecException
+    {
+        if (paramSpec == null)
+        {
+            throw new NullPointerException("argument to getParameterSpec must not be null");
+        }
+
+        return localEngineGetParameterSpec(paramSpec);
+    }
+
+    /**
+     * Return the X.509 ASN.1 structure DSAParameter.
+     * <pre>
+     *  DSAParameter ::= SEQUENCE {
+     *                   prime INTEGER, -- p
+     *                   subprime INTEGER, -- q
+     *                   base INTEGER, -- g}
+     * </pre>
+     */
+    protected byte[] engineGetEncoded()
+    {
+        DSAParameter dsaP = new DSAParameter(currentSpec.getP(), currentSpec.getQ(), currentSpec.getG());
+
+        try
+        {
+            return dsaP.getEncoded(ASN1Encoding.DER);
+        }
+        catch (IOException e)
+        {
+            throw new RuntimeException("Error encoding DSAParameters");
+        }
+    }
+
+    protected byte[] engineGetEncoded(
+        String format)
+    {
+        if (isASN1FormatString(format))
+        {
+            return engineGetEncoded();
+        }
+
+        return null;
+    }
+
+    protected AlgorithmParameterSpec localEngineGetParameterSpec(
+        Class paramSpec)
+        throws InvalidParameterSpecException
+    {
+        if (paramSpec == DSAParameterSpec.class || paramSpec == AlgorithmParameterSpec.class)
+        {
+            return currentSpec;
+        }
+
+        throw new InvalidParameterSpecException("unknown parameter spec passed to DSA parameters object.");
+    }
+
+    protected void engineInit(
+        AlgorithmParameterSpec paramSpec)
+        throws InvalidParameterSpecException
+    {
+        if (!(paramSpec instanceof DSAParameterSpec))
+        {
+            throw new InvalidParameterSpecException("DSAParameterSpec required to initialise a DSA algorithm parameters object");
+        }
+
+        this.currentSpec = (DSAParameterSpec)paramSpec;
+    }
+
+    protected void engineInit(
+        byte[] params)
+        throws IOException
+    {
+        try
+        {
+            DSAParameter dsaP = DSAParameter.getInstance(ASN1Primitive.fromByteArray(params));
+
+            currentSpec = new DSAParameterSpec(dsaP.getP(), dsaP.getQ(), dsaP.getG());
+        }
+        catch (ClassCastException e)
+        {
+            throw new IOException("Not a valid DSA Parameter encoding.");
+        }
+        catch (ArrayIndexOutOfBoundsException e)
+        {
+            throw new IOException("Not a valid DSA Parameter encoding.");
+        }
+    }
+
+    protected void engineInit(
+        byte[] params,
+        String format)
+        throws IOException
+    {
+        if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509"))
+        {
+            engineInit(params);
+        }
+        else
+        {
+            throw new IOException("Unknown parameter format " + format);
+        }
+    }
+
+    protected String engineToString()
+    {
+        return "DSA Parameters";
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dsa/BCDSAPrivateKey.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dsa/BCDSAPrivateKey.java
new file mode 100644
index 0000000..ee9bb18
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dsa/BCDSAPrivateKey.java

@@ -0,0 +1,185 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.dsa;
+
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.math.BigInteger;
+import java.security.interfaces.DSAParams;
+import java.security.interfaces.DSAPrivateKey;
+import java.security.spec.DSAParameterSpec;
+import java.security.spec.DSAPrivateKeySpec;
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x509.DSAParameter;
+import com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.params.DSAPrivateKeyParameters;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl;
+import com.android.org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BCDSAPrivateKey
+    implements DSAPrivateKey, PKCS12BagAttributeCarrier
+{
+    private static final long serialVersionUID = -4677259546958385734L;
+
+    private BigInteger          x;
+    private transient DSAParams dsaSpec;
+
+    private transient PKCS12BagAttributeCarrierImpl attrCarrier = new PKCS12BagAttributeCarrierImpl();
+
+    protected BCDSAPrivateKey()
+    {
+    }
+
+    BCDSAPrivateKey(
+        DSAPrivateKey key)
+    {
+        this.x = key.getX();
+        this.dsaSpec = key.getParams();
+    }
+
+    BCDSAPrivateKey(
+        DSAPrivateKeySpec spec)
+    {
+        this.x = spec.getX();
+        this.dsaSpec = new DSAParameterSpec(spec.getP(), spec.getQ(), spec.getG());
+    }
+
+    public BCDSAPrivateKey(
+        PrivateKeyInfo info)
+        throws IOException
+    {
+        DSAParameter    params = DSAParameter.getInstance(info.getPrivateKeyAlgorithm().getParameters());
+        ASN1Integer      derX = (ASN1Integer)info.parsePrivateKey();
+
+        this.x = derX.getValue();
+        this.dsaSpec = new DSAParameterSpec(params.getP(), params.getQ(), params.getG());
+    }
+
+    BCDSAPrivateKey(
+        DSAPrivateKeyParameters params)
+    {
+        this.x = params.getX();
+        this.dsaSpec = new DSAParameterSpec(params.getParameters().getP(), params.getParameters().getQ(), params.getParameters().getG());
+    }
+
+    public String getAlgorithm()
+    {
+        return "DSA";
+    }
+
+    /**
+     * return the encoding format we produce in getEncoded().
+     *
+     * @return the string "PKCS#8"
+     */
+    public String getFormat()
+    {
+        return "PKCS#8";
+    }
+
+    /**
+     * Return a PKCS8 representation of the key. The sequence returned
+     * represents a full PrivateKeyInfo object.
+     *
+     * @return a PKCS8 representation of the key.
+     */
+    public byte[] getEncoded()
+    {
+        return KeyUtil.getEncodedPrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa, new DSAParameter(dsaSpec.getP(), dsaSpec.getQ(), dsaSpec.getG()).toASN1Primitive()), new ASN1Integer(getX()));
+    }
+
+    public DSAParams getParams()
+    {
+        return dsaSpec;
+    }
+
+    public BigInteger getX()
+    {
+        return x;
+    }
+
+    public boolean equals(
+        Object o)
+    {
+        if (!(o instanceof DSAPrivateKey))
+        {
+            return false;
+        }
+        
+        DSAPrivateKey other = (DSAPrivateKey)o;
+        
+        return this.getX().equals(other.getX()) 
+            && this.getParams().getG().equals(other.getParams().getG()) 
+            && this.getParams().getP().equals(other.getParams().getP()) 
+            && this.getParams().getQ().equals(other.getParams().getQ());
+    }
+
+    public int hashCode()
+    {
+        return this.getX().hashCode() ^ this.getParams().getG().hashCode()
+                ^ this.getParams().getP().hashCode() ^ this.getParams().getQ().hashCode();
+    }
+
+    public void setBagAttribute(
+        ASN1ObjectIdentifier oid,
+        ASN1Encodable attribute)
+    {
+        attrCarrier.setBagAttribute(oid, attribute);
+    }
+
+    public ASN1Encodable getBagAttribute(
+        ASN1ObjectIdentifier oid)
+    {
+        return attrCarrier.getBagAttribute(oid);
+    }
+
+    public Enumeration getBagAttributeKeys()
+    {
+        return attrCarrier.getBagAttributeKeys();
+    }
+
+    private void readObject(
+        ObjectInputStream in)
+        throws IOException, ClassNotFoundException
+    {
+        in.defaultReadObject();
+
+        this.dsaSpec = new DSAParameterSpec((BigInteger)in.readObject(), (BigInteger)in.readObject(), (BigInteger)in.readObject());
+        this.attrCarrier = new PKCS12BagAttributeCarrierImpl();
+    }
+
+    private void writeObject(
+        ObjectOutputStream out)
+        throws IOException
+    {
+        out.defaultWriteObject();
+
+        out.writeObject(dsaSpec.getP());
+        out.writeObject(dsaSpec.getQ());
+        out.writeObject(dsaSpec.getG());
+    }
+
+    public String toString()
+    {
+        StringBuffer    buf = new StringBuffer();
+        String          nl = Strings.lineSeparator();
+
+        BigInteger y = getParams().getG().modPow(x, getParams().getP());
+
+        buf.append("DSA Private Key [").append(DSAUtil.generateKeyFingerprint(y, getParams())).append("]").append(nl);
+        buf.append("            Y: ").append(y.toString(16)).append(nl);
+
+        return buf.toString();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dsa/BCDSAPublicKey.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dsa/BCDSAPublicKey.java
new file mode 100644
index 0000000..42335fb
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dsa/BCDSAPublicKey.java

@@ -0,0 +1,222 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.dsa;
+
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.math.BigInteger;
+import java.security.interfaces.DSAParams;
+import java.security.interfaces.DSAPublicKey;
+import java.security.spec.DSAParameterSpec;
+import java.security.spec.DSAPublicKeySpec;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.DERNull;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x509.DSAParameter;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.params.DSAPublicKeyParameters;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BCDSAPublicKey
+    implements DSAPublicKey
+{
+    private static final long serialVersionUID = 1752452449903495175L;
+    private static BigInteger ZERO = BigInteger.valueOf(0);
+
+    private BigInteger      y;
+
+    private transient DSAPublicKeyParameters lwKeyParams;
+    private transient DSAParams              dsaSpec;
+
+    BCDSAPublicKey(
+        DSAPublicKeySpec spec)
+    {
+        this.y = spec.getY();
+        this.dsaSpec = new DSAParameterSpec(spec.getP(), spec.getQ(), spec.getG());
+        this.lwKeyParams = new DSAPublicKeyParameters(y, DSAUtil.toDSAParameters(dsaSpec));
+    }
+
+    BCDSAPublicKey(
+        DSAPublicKey key)
+    {
+        this.y = key.getY();
+        this.dsaSpec = key.getParams();
+        this.lwKeyParams = new DSAPublicKeyParameters(y, DSAUtil.toDSAParameters(dsaSpec));
+    }
+
+    BCDSAPublicKey(
+        DSAPublicKeyParameters params)
+    {
+        this.y = params.getY();
+        if (params != null)
+        {
+            this.dsaSpec = new DSAParameterSpec(params.getParameters().getP(), params.getParameters().getQ(), params.getParameters().getG());
+        }
+        else
+        {
+            this.dsaSpec = null;
+        }
+        this.lwKeyParams = params;
+    }
+
+    public BCDSAPublicKey(
+        SubjectPublicKeyInfo info)
+    {
+        ASN1Integer              derY;
+
+        try
+        {
+            derY = (ASN1Integer)info.parsePublicKey();
+        }
+        catch (IOException e)
+        {
+            throw new IllegalArgumentException("invalid info structure in DSA public key");
+        }
+
+        this.y = derY.getValue();
+
+        if (isNotNull(info.getAlgorithm().getParameters()))
+        {
+            DSAParameter params = DSAParameter.getInstance(info.getAlgorithm().getParameters());
+            
+            this.dsaSpec = new DSAParameterSpec(params.getP(), params.getQ(), params.getG());
+        }
+        else
+        {
+            this.dsaSpec = null;
+        }
+
+        this.lwKeyParams = new DSAPublicKeyParameters(y, DSAUtil.toDSAParameters(dsaSpec));
+    }
+
+    private boolean isNotNull(ASN1Encodable parameters)
+    {
+        return parameters != null && !DERNull.INSTANCE.equals(parameters.toASN1Primitive());
+    }
+
+    public String getAlgorithm()
+    {
+        return "DSA";
+    }
+
+    public String getFormat()
+    {
+        return "X.509";
+    }
+
+    DSAPublicKeyParameters engineGetKeyParameters()
+    {
+        return lwKeyParams;
+    }
+
+    public byte[] getEncoded()
+    {
+        if (dsaSpec == null)
+        {
+            return KeyUtil.getEncodedSubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa), new ASN1Integer(y));
+        }
+
+        return KeyUtil.getEncodedSubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa, new DSAParameter(dsaSpec.getP(), dsaSpec.getQ(), dsaSpec.getG()).toASN1Primitive()), new ASN1Integer(y));
+    }
+
+    public DSAParams getParams()
+    {
+        return dsaSpec;
+    }
+
+    public BigInteger getY()
+    {
+        return y;
+    }
+
+    public String toString()
+    {
+        StringBuffer    buf = new StringBuffer();
+        String          nl = Strings.lineSeparator();
+
+        buf.append("DSA Public Key [").append(DSAUtil.generateKeyFingerprint(y, getParams())).append("]").append(nl);
+        buf.append("            Y: ").append(this.getY().toString(16)).append(nl);
+
+        return buf.toString();
+    }
+
+    public int hashCode()
+    {
+        if (dsaSpec != null)
+        {
+            return this.getY().hashCode() ^ this.getParams().getG().hashCode()
+                ^ this.getParams().getP().hashCode() ^ this.getParams().getQ().hashCode();
+        }
+        else
+        {
+            return this.getY().hashCode();
+        }
+    }
+
+    public boolean equals(
+        Object o)
+    {
+        if (!(o instanceof DSAPublicKey))
+        {
+            return false;
+        }
+        
+        DSAPublicKey other = (DSAPublicKey)o;
+
+        if (this.dsaSpec != null)
+        {
+            return this.getY().equals(other.getY())
+                && other.getParams() != null
+                && this.getParams().getG().equals(other.getParams().getG())
+                && this.getParams().getP().equals(other.getParams().getP())
+                && this.getParams().getQ().equals(other.getParams().getQ());
+        }
+        else
+        {
+            return this.getY().equals(other.getY()) && other.getParams() == null;
+        }
+    }
+
+    private void readObject(
+        ObjectInputStream in)
+        throws IOException, ClassNotFoundException
+    {
+        in.defaultReadObject();
+
+        BigInteger p = (BigInteger)in.readObject();
+        if (p.equals(ZERO))
+        {
+            this.dsaSpec = null;
+        }
+        else
+        {
+            this.dsaSpec = new DSAParameterSpec(p, (BigInteger)in.readObject(), (BigInteger)in.readObject());
+        }
+        this.lwKeyParams = new DSAPublicKeyParameters(y, DSAUtil.toDSAParameters(dsaSpec));
+    }
+
+    private void writeObject(
+        ObjectOutputStream out)
+        throws IOException
+    {
+        out.defaultWriteObject();
+
+        if (dsaSpec == null)
+        {
+            out.writeObject(ZERO);
+        }
+        else
+        {
+            out.writeObject(dsaSpec.getP());
+            out.writeObject(dsaSpec.getQ());
+            out.writeObject(dsaSpec.getG());
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java
new file mode 100644
index 0000000..0ad2609
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSASigner.java

@@ -0,0 +1,394 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.dsa;
+
+import java.math.BigInteger;
+import java.security.InvalidKeyException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.SecureRandom;
+import java.security.SignatureException;
+import java.security.SignatureSpi;
+import java.security.spec.AlgorithmParameterSpec;
+
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.DSAExt;
+import com.android.org.bouncycastle.crypto.Digest;
+import com.android.org.bouncycastle.crypto.digests.NullDigest;
+// Android-added: Check DSA keys when generated
+import com.android.org.bouncycastle.crypto.params.DSAKeyParameters;
+import com.android.org.bouncycastle.crypto.params.DSAParameters;
+import com.android.org.bouncycastle.crypto.params.ParametersWithRandom;
+import com.android.org.bouncycastle.crypto.signers.DSAEncoding;
+// Android-removed: Unsupported algorithm
+// import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
+import com.android.org.bouncycastle.crypto.signers.StandardDSAEncoding;
+// Android-changed: Use Android digests
+// import org.bouncycastle.crypto.util.DigestFactory;
+import com.android.org.bouncycastle.crypto.digests.AndroidDigestFactory;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DSASigner
+    extends SignatureSpi
+    implements PKCSObjectIdentifiers, X509ObjectIdentifiers
+{
+    private Digest                  digest;
+    private DSAExt                  signer;
+    private DSAEncoding             encoding = StandardDSAEncoding.INSTANCE;
+    private SecureRandom            random;
+
+    protected DSASigner(
+        Digest digest,
+        DSAExt signer)
+    {
+        this.digest = digest;
+        this.signer = signer;
+    }
+
+    protected void engineInitVerify(
+        PublicKey   publicKey)
+        throws InvalidKeyException
+    {
+        CipherParameters    param = DSAUtil.generatePublicKeyParameter(publicKey);
+
+        digest.reset();
+        signer.init(false, param);
+    }
+
+    protected void engineInitSign(
+        PrivateKey      privateKey,
+        SecureRandom    random)
+        throws InvalidKeyException
+    {
+        this.random = random;
+        engineInitSign(privateKey);
+    }
+
+    protected void engineInitSign(
+        PrivateKey  privateKey)
+        throws InvalidKeyException
+    {
+        CipherParameters    param = DSAUtil.generatePrivateKeyParameter(privateKey);
+
+        // Android-added: Check DSA keys when generated
+        DSAParameters dsaParam = ((DSAKeyParameters) param).getParameters();
+        checkKey(dsaParam);
+
+        if (random != null)
+        {
+            param = new ParametersWithRandom(param, random);
+        }
+
+        digest.reset();
+        signer.init(true, param);
+    }
+
+    protected void engineUpdate(
+        byte    b)
+        throws SignatureException
+    {
+        digest.update(b);
+    }
+
+    protected void engineUpdate(
+        byte[]  b,
+        int     off,
+        int     len) 
+        throws SignatureException
+    {
+        digest.update(b, off, len);
+    }
+
+    protected byte[] engineSign()
+        throws SignatureException
+    {
+        byte[]  hash = new byte[digest.getDigestSize()];
+
+        digest.doFinal(hash, 0);
+
+        try
+        {
+            BigInteger[] sig = signer.generateSignature(hash);
+
+            return encoding.encode(signer.getOrder(), sig[0], sig[1]);
+        }
+        catch (Exception e)
+        {
+            throw new SignatureException(e.toString());
+        }
+    }
+
+    protected boolean engineVerify(
+        byte[]  sigBytes) 
+        throws SignatureException
+    {
+        byte[]  hash = new byte[digest.getDigestSize()];
+
+        digest.doFinal(hash, 0);
+
+        BigInteger[] sig;
+
+        try
+        {
+            sig = encoding.decode(signer.getOrder(), sigBytes);
+        }
+        catch (Exception e)
+        {
+            throw new SignatureException("error decoding signature bytes.");
+        }
+
+        return signer.verifySignature(hash, sig[0], sig[1]);
+    }
+
+    protected void engineSetParameter(
+        AlgorithmParameterSpec params)
+    {
+        throw new UnsupportedOperationException("engineSetParameter unsupported");
+    }
+
+    // BEGIN Android-added: Check DSA keys when generated
+    protected void checkKey(DSAParameters params) throws InvalidKeyException {
+        int valueL = params.getP().bitLength();
+        int valueN = params.getQ().bitLength();
+        int digestSize = digest.getDigestSize();
+
+        // The checks are consistent with DSAParametersGenerator's init method.
+        if ((valueL < 1024 || valueL > 3072) || valueL % 1024 != 0) {
+            throw new InvalidKeyException("valueL values must be between 1024 and 3072 and a multiple of 1024");
+        } else if (valueL == 1024 && valueN != 160) {
+            throw new InvalidKeyException("valueN must be 160 for valueL = 1024");
+        } else if (valueL == 2048 && (valueN != 224 && valueN != 256)) {
+            throw new InvalidKeyException("valueN must be 224 or 256 for valueL = 2048");
+        } else if (valueL == 3072 && valueN != 256) {
+            throw new InvalidKeyException("valueN must be 256 for valueL = 3072");
+        }
+        if (!(digest instanceof NullDigest) && valueN > digestSize * 8) {
+            throw new InvalidKeyException("Key is too strong for this signature algorithm");
+        }
+    }
+
+    // END Android-added: Check DSA keys when generated
+    /**
+     * @deprecated replaced with #engineSetParameter(java.security.spec.AlgorithmParameterSpec)
+     */
+    protected void engineSetParameter(
+        String  param,
+        Object  value)
+    {
+        throw new UnsupportedOperationException("engineSetParameter unsupported");
+    }
+
+    /**
+     * @deprecated
+     */
+    protected Object engineGetParameter(
+        String      param)
+    {
+        throw new UnsupportedOperationException("engineGetParameter unsupported");
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class stdDSA
+        extends DSASigner
+    {
+        public stdDSA()
+        {
+            // Android-changed: Use Android digests
+            // super(DigestFactory.createSHA1(), new org.bouncycastle.crypto.signers.DSASigner());
+            super(AndroidDigestFactory.getSHA1(), new com.android.org.bouncycastle.crypto.signers.DSASigner());
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithm
+    /*
+    static public class detDSA
+        extends DSASigner
+    {
+        public detDSA()
+        {
+            super(DigestFactory.createSHA1(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA1())));
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithm
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class dsa224
+        extends DSASigner
+    {
+        public dsa224()
+        {
+            // Android-changed: Use Android digests
+            // super(DigestFactory.createSHA224(), new org.bouncycastle.crypto.signers.DSASigner());
+            super(AndroidDigestFactory.getSHA224(), new com.android.org.bouncycastle.crypto.signers.DSASigner());
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithm
+    /*
+    static public class detDSA224
+        extends DSASigner
+    {
+        public detDSA224()
+        {
+            super(DigestFactory.createSHA224(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA224())));
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithm
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class dsa256
+        extends DSASigner
+    {
+        public dsa256()
+        {
+            // Android-changed: Use Android digests
+            // super(DigestFactory.createSHA256(), new org.bouncycastle.crypto.signers.DSASigner());
+            super(AndroidDigestFactory.getSHA256(), new com.android.org.bouncycastle.crypto.signers.DSASigner());
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    static public class detDSA256
+        extends DSASigner
+    {
+        public detDSA256()
+        {
+            super(DigestFactory.createSHA256(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA256())));
+        }
+    }
+
+    static public class dsa384
+        extends DSASigner
+    {
+        public dsa384()
+        {
+            super(DigestFactory.createSHA384(), new org.bouncycastle.crypto.signers.DSASigner());
+        }
+    }
+
+    static public class detDSA384
+        extends DSASigner
+    {
+        public detDSA384()
+        {
+            super(DigestFactory.createSHA384(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA384())));
+        }
+    }
+
+    static public class dsa512
+        extends DSASigner
+    {
+        public dsa512()
+        {
+            super(DigestFactory.createSHA512(), new org.bouncycastle.crypto.signers.DSASigner());
+        }
+    }
+
+    static public class detDSA512
+        extends DSASigner
+    {
+        public detDSA512()
+        {
+            super(DigestFactory.createSHA512(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA512())));
+        }
+    }
+
+    static public class dsaSha3_224
+        extends DSASigner
+    {
+        public dsaSha3_224()
+        {
+            super(DigestFactory.createSHA3_224(), new org.bouncycastle.crypto.signers.DSASigner());
+        }
+    }
+
+    static public class detDSASha3_224
+        extends DSASigner
+    {
+        public detDSASha3_224()
+        {
+            super(DigestFactory.createSHA3_224(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_224())));
+        }
+    }
+
+    static public class dsaSha3_256
+        extends DSASigner
+    {
+        public dsaSha3_256()
+        {
+            super(DigestFactory.createSHA3_256(), new org.bouncycastle.crypto.signers.DSASigner());
+        }
+    }
+
+    static public class detDSASha3_256
+        extends DSASigner
+    {
+        public detDSASha3_256()
+        {
+            super(DigestFactory.createSHA3_256(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_256())));
+        }
+    }
+
+    static public class dsaSha3_384
+        extends DSASigner
+    {
+        public dsaSha3_384()
+        {
+            super(DigestFactory.createSHA3_384(), new org.bouncycastle.crypto.signers.DSASigner());
+        }
+    }
+
+    static public class detDSASha3_384
+        extends DSASigner
+    {
+        public detDSASha3_384()
+        {
+            super(DigestFactory.createSHA3_384(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_384())));
+        }
+    }
+
+    static public class dsaSha3_512
+        extends DSASigner
+    {
+        public dsaSha3_512()
+        {
+            super(DigestFactory.createSHA3_512(), new org.bouncycastle.crypto.signers.DSASigner());
+        }
+    }
+
+    static public class detDSASha3_512
+        extends DSASigner
+    {
+        public detDSASha3_512()
+        {
+            super(DigestFactory.createSHA3_512(), new org.bouncycastle.crypto.signers.DSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_512())));
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class noneDSA
+        extends DSASigner
+    {
+        public noneDSA()
+        {
+            super(new NullDigest(), new com.android.org.bouncycastle.crypto.signers.DSASigner());
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java
new file mode 100644
index 0000000..8b05458
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dsa/DSAUtil.java

@@ -0,0 +1,113 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.dsa;
+
+import java.math.BigInteger;
+import java.security.InvalidKeyException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.interfaces.DSAParams;
+import java.security.interfaces.DSAPrivateKey;
+import java.security.interfaces.DSAPublicKey;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.params.AsymmetricKeyParameter;
+import com.android.org.bouncycastle.crypto.params.DSAParameters;
+import com.android.org.bouncycastle.crypto.params.DSAPrivateKeyParameters;
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Fingerprint;
+
+/**
+ * utility class for converting jce/jca DSA objects
+ * objects into their org.bouncycastle.crypto counterparts.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DSAUtil
+{
+    public static final ASN1ObjectIdentifier[] dsaOids =
+    {
+        X9ObjectIdentifiers.id_dsa,
+        OIWObjectIdentifiers.dsaWithSHA1,
+        X9ObjectIdentifiers.id_dsa_with_sha1
+    };
+
+    /**
+     * Return true if the passed in OID could be associated with a DSA key.
+     *
+     * @param algOid algorithm OID from a key.
+     * @return true if it's for a DSA key, false otherwise.
+     */
+    public static boolean isDsaOid(
+        ASN1ObjectIdentifier algOid)
+    {
+        for (int i = 0; i != dsaOids.length; i++)
+        {
+            if (algOid.equals(dsaOids[i]))
+            {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    static DSAParameters toDSAParameters(DSAParams spec)
+    {
+        if (spec != null)
+        {
+             return new DSAParameters(spec.getP(), spec.getQ(), spec.getG());
+        }
+
+        return null;
+    }
+
+    static public AsymmetricKeyParameter generatePublicKeyParameter(
+        PublicKey    key)
+        throws InvalidKeyException
+    {
+        if (key instanceof BCDSAPublicKey)
+        {
+            return ((BCDSAPublicKey)key).engineGetKeyParameters();
+        }
+
+        if (key instanceof DSAPublicKey)
+        {
+            return new BCDSAPublicKey((DSAPublicKey)key).engineGetKeyParameters();
+        }
+
+        try
+        {
+            byte[]  bytes = key.getEncoded();
+
+            BCDSAPublicKey bckey = new BCDSAPublicKey(SubjectPublicKeyInfo.getInstance(bytes));
+
+            return bckey.engineGetKeyParameters();
+        }
+        catch (Exception e)
+        {
+            throw new InvalidKeyException("can't identify DSA public key: " + key.getClass().getName());
+        }
+    }
+
+    static public AsymmetricKeyParameter generatePrivateKeyParameter(
+        PrivateKey    key)
+        throws InvalidKeyException
+    {
+        if (key instanceof DSAPrivateKey)
+        {
+            DSAPrivateKey    k = (DSAPrivateKey)key;
+
+            return new DSAPrivateKeyParameters(k.getX(),
+                new DSAParameters(k.getParams().getP(), k.getParams().getQ(), k.getParams().getG()));
+        }
+                        
+        throw new InvalidKeyException("can't identify DSA private key.");
+    }
+
+    static String generateKeyFingerprint(BigInteger y, DSAParams params)
+    {
+        return new Fingerprint(Arrays.concatenate(y.toByteArray(), params.getP().toByteArray(), params.getQ().toByteArray(), params.getG().toByteArray())).toString();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dsa/KeyFactorySpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dsa/KeyFactorySpi.java
new file mode 100644
index 0000000..4b178bd
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dsa/KeyFactorySpi.java

@@ -0,0 +1,214 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.dsa;
+
+import java.io.IOException;
+import java.security.InvalidKeyException;
+import java.security.Key;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.interfaces.DSAPrivateKey;
+import java.security.interfaces.DSAPublicKey;
+import java.security.spec.DSAPrivateKeySpec;
+import java.security.spec.DSAPublicKeySpec;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.KeySpec;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.params.DSAParameters;
+import com.android.org.bouncycastle.crypto.params.DSAPrivateKeyParameters;
+import com.android.org.bouncycastle.crypto.params.DSAPublicKeyParameters;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.util.OpenSSHPrivateKeyUtil;
+// import org.bouncycastle.crypto.util.OpenSSHPublicKeyUtil;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jce.spec.OpenSSHPrivateKeySpec;
+// import org.bouncycastle.jce.spec.OpenSSHPublicKeySpec;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class KeyFactorySpi
+    extends BaseKeyFactorySpi
+{
+    public KeyFactorySpi()
+    {
+    }
+
+    protected KeySpec engineGetKeySpec(
+        Key key,
+        Class spec)
+        throws InvalidKeySpecException
+    {
+        if (spec.isAssignableFrom(DSAPublicKeySpec.class) && key instanceof DSAPublicKey)
+        {
+            DSAPublicKey k = (DSAPublicKey)key;
+
+            return new DSAPublicKeySpec(k.getY(), k.getParams().getP(), k.getParams().getQ(), k.getParams().getG());
+        }
+        else if (spec.isAssignableFrom(DSAPrivateKeySpec.class) && key instanceof java.security.interfaces.DSAPrivateKey)
+        {
+            java.security.interfaces.DSAPrivateKey k = (java.security.interfaces.DSAPrivateKey)key;
+
+            return new DSAPrivateKeySpec(k.getX(), k.getParams().getP(), k.getParams().getQ(), k.getParams().getG());
+        }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        else if (spec.isAssignableFrom(OpenSSHPublicKeySpec.class) && key instanceof java.security.interfaces.DSAPublicKey)
+        {
+            DSAPublicKey k = (DSAPublicKey)key;
+            try
+            {
+                return new OpenSSHPublicKeySpec(OpenSSHPublicKeyUtil.encodePublicKey(new DSAPublicKeyParameters(k.getY(), new DSAParameters(k.getParams().getP(), k.getParams().getQ(), k.getParams().getG()))));
+            }
+            catch (IOException e)
+            {
+                throw new IllegalArgumentException("unable to produce encoding: " + e.getMessage());
+            }
+        }
+        else if (spec.isAssignableFrom(OpenSSHPrivateKeySpec.class) && key instanceof java.security.interfaces.DSAPrivateKey)
+        {
+            DSAPrivateKey k = (DSAPrivateKey)key;
+            try
+            {
+                return new OpenSSHPrivateKeySpec(OpenSSHPrivateKeyUtil.encodePrivateKey(new DSAPrivateKeyParameters(k.getX(), new DSAParameters(k.getParams().getP(), k.getParams().getQ(), k.getParams().getG()))));
+            }
+            catch (IOException e)
+            {
+                throw new IllegalArgumentException("unable to produce encoding: " + e.getMessage());
+            }
+        }
+        */
+        // END Android-removed: Unsupported algorithms
+
+        return super.engineGetKeySpec(key, spec);
+    }
+
+    protected Key engineTranslateKey(
+        Key key)
+        throws InvalidKeyException
+    {
+        if (key instanceof DSAPublicKey)
+        {
+            return new BCDSAPublicKey((DSAPublicKey)key);
+        }
+        else if (key instanceof DSAPrivateKey)
+        {
+            return new BCDSAPrivateKey((DSAPrivateKey)key);
+        }
+
+        throw new InvalidKeyException("key type unknown");
+    }
+
+    public PrivateKey generatePrivate(PrivateKeyInfo keyInfo)
+        throws IOException
+    {
+        ASN1ObjectIdentifier algOid = keyInfo.getPrivateKeyAlgorithm().getAlgorithm();
+
+        if (DSAUtil.isDsaOid(algOid))
+        {
+            return new BCDSAPrivateKey(keyInfo);
+        }
+        else
+        {
+            throw new IOException("algorithm identifier " + algOid + " in key not recognised");
+        }
+    }
+
+    public PublicKey generatePublic(SubjectPublicKeyInfo keyInfo)
+        throws IOException
+    {
+        ASN1ObjectIdentifier algOid = keyInfo.getAlgorithm().getAlgorithm();
+
+        if (DSAUtil.isDsaOid(algOid))
+        {
+            return new BCDSAPublicKey(keyInfo);
+        }
+        else
+        {
+            throw new IOException("algorithm identifier " + algOid + " in key not recognised");
+        }
+    }
+
+    protected PrivateKey engineGeneratePrivate(
+        KeySpec keySpec)
+        throws InvalidKeySpecException
+    {
+        if (keySpec instanceof DSAPrivateKeySpec)
+        {
+            return new BCDSAPrivateKey((DSAPrivateKeySpec)keySpec);
+        }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        else if (keySpec instanceof OpenSSHPrivateKeySpec)
+        {
+            CipherParameters params = OpenSSHPrivateKeyUtil.parsePrivateKeyBlob(((OpenSSHPrivateKeySpec)keySpec).getEncoded());
+            if (params instanceof DSAPrivateKeyParameters)
+            {
+                return engineGeneratePrivate(
+                    new DSAPrivateKeySpec(
+                        ((DSAPrivateKeyParameters)params).getX(),
+                        ((DSAPrivateKeyParameters)params).getParameters().getP(),
+                        ((DSAPrivateKeyParameters)params).getParameters().getQ(),
+                        ((DSAPrivateKeyParameters)params).getParameters().getG()));
+            }
+            else
+            {
+                throw new IllegalArgumentException("openssh private key is not dsa privare key");
+            }
+
+        }
+        */
+        // END Android-removed: Unsupported algorithms
+
+        return super.engineGeneratePrivate(keySpec);
+    }
+
+    protected PublicKey engineGeneratePublic(
+        KeySpec keySpec)
+        throws InvalidKeySpecException
+    {
+        if (keySpec instanceof DSAPublicKeySpec)
+        {
+            try
+            {
+                return new BCDSAPublicKey((DSAPublicKeySpec)keySpec);
+            }
+            catch (final Exception e)
+            {
+                throw new InvalidKeySpecException("invalid KeySpec: " + e.getMessage())
+                {
+                    public Throwable getCause()
+                    {
+                        return e;
+                    }
+                };
+            }
+        }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        else if (keySpec instanceof OpenSSHPublicKeySpec)
+        {
+            CipherParameters parameters = OpenSSHPublicKeyUtil.parsePublicKey(((OpenSSHPublicKeySpec)keySpec).getEncoded());
+
+            if (parameters instanceof DSAPublicKeyParameters)
+            {
+                return engineGeneratePublic(
+                    new DSAPublicKeySpec(((DSAPublicKeyParameters)parameters).getY(),
+                        ((DSAPublicKeyParameters)parameters).getParameters().getP(),
+                        ((DSAPublicKeyParameters)parameters).getParameters().getQ(),
+                        ((DSAPublicKeyParameters)parameters).getParameters().getG()));
+            }
+
+            throw new IllegalArgumentException("openssh public key is not dsa public key");
+
+        }
+        */
+        // END Android-removed: Unsupported algorithms
+
+        return super.engineGeneratePublic(keySpec);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dsa/KeyPairGeneratorSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dsa/KeyPairGeneratorSpi.java
new file mode 100644
index 0000000..6ff1651
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/dsa/KeyPairGeneratorSpi.java

@@ -0,0 +1,180 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.dsa;
+
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidParameterException;
+import java.security.KeyPair;
+import java.security.SecureRandom;
+import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.DSAParameterSpec;
+import java.util.Hashtable;
+
+import com.android.org.bouncycastle.crypto.AsymmetricCipherKeyPair;
+import com.android.org.bouncycastle.crypto.CryptoServicesRegistrar;
+import com.android.org.bouncycastle.crypto.digests.SHA256Digest;
+import com.android.org.bouncycastle.crypto.generators.DSAKeyPairGenerator;
+import com.android.org.bouncycastle.crypto.generators.DSAParametersGenerator;
+import com.android.org.bouncycastle.crypto.params.DSAKeyGenerationParameters;
+import com.android.org.bouncycastle.crypto.params.DSAParameterGenerationParameters;
+import com.android.org.bouncycastle.crypto.params.DSAParameters;
+import com.android.org.bouncycastle.crypto.params.DSAPrivateKeyParameters;
+import com.android.org.bouncycastle.crypto.params.DSAPublicKeyParameters;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.PrimeCertaintyCalculator;
+import com.android.org.bouncycastle.jce.provider.BouncyCastleProvider;
+import com.android.org.bouncycastle.util.Integers;
+import com.android.org.bouncycastle.util.Properties;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class KeyPairGeneratorSpi
+    extends java.security.KeyPairGenerator
+{
+    private static Hashtable params = new Hashtable();
+    private static Object    lock = new Object();
+
+    DSAKeyGenerationParameters param;
+    DSAKeyPairGenerator engine = new DSAKeyPairGenerator();
+    // Android-changed: Change default strength to 1024
+    // In 1.57, the default strength was changed to 2048.  We keep it at 1024 for app
+    // compatibility, particularly because the default digest (SHA-1) doesn't have
+    // a sufficiently long digest to work with 2048-bit keys.
+    int strength = 1024;
+
+    SecureRandom random = CryptoServicesRegistrar.getSecureRandom();
+    boolean initialised = false;
+
+    public KeyPairGeneratorSpi()
+    {
+        super("DSA");
+    }
+
+    public void initialize(
+        int strength,
+        SecureRandom random)
+    {
+        if (strength < 512 || strength > 4096 || ((strength < 1024) && strength % 64 != 0) || (strength >= 1024 && strength % 1024 != 0))
+        {
+            throw new InvalidParameterException("strength must be from 512 - 4096 and a multiple of 1024 above 1024");
+        }
+
+        // Android-added: Treat null SecureRandom as default
+        if (random == null) {
+            random = new SecureRandom();
+        }
+
+        DSAParameterSpec spec = BouncyCastleProvider.CONFIGURATION.getDSADefaultParameters(strength);
+
+        if (spec != null)
+        {
+            param = new DSAKeyGenerationParameters(random, new DSAParameters(spec.getP(), spec.getQ(), spec.getG()));
+
+            engine.init(param);
+            this.initialised = true;
+        }
+        else
+        {
+            this.strength = strength;
+            this.random = random;
+            this.initialised = false;
+        }
+    }
+
+    public void initialize(
+        AlgorithmParameterSpec params,
+        SecureRandom random)
+        throws InvalidAlgorithmParameterException
+    {
+        if (!(params instanceof DSAParameterSpec))
+        {
+            throw new InvalidAlgorithmParameterException("parameter object not a DSAParameterSpec");
+        }
+        DSAParameterSpec dsaParams = (DSAParameterSpec)params;
+
+        // Android-added: Treat null SecureRandom as default
+        if (random == null) {
+            random = new SecureRandom();
+        }
+
+        param = new DSAKeyGenerationParameters(random, new DSAParameters(dsaParams.getP(), dsaParams.getQ(), dsaParams.getG()));
+
+        engine.init(param);
+        initialised = true;
+    }
+
+    public KeyPair generateKeyPair()
+    {
+        if (!initialised)
+        {
+            Integer paramStrength = Integers.valueOf(strength);
+
+            if (params.containsKey(paramStrength))
+            {
+                param = (DSAKeyGenerationParameters)params.get(paramStrength);
+            }
+            else
+            {
+                synchronized (lock)
+                {
+                    // we do the check again in case we were blocked by a generator for
+                    // our key size.
+                    if (params.containsKey(paramStrength))
+                    {
+                        param = (DSAKeyGenerationParameters)params.get(paramStrength);
+                    }
+                    else
+                    {
+                        DSAParametersGenerator pGen;
+                        DSAParameterGenerationParameters dsaParams;
+
+                        int certainty = PrimeCertaintyCalculator.getDefaultCertainty(strength);
+
+                        // Typical combination of keysize and size of q.
+                        //     keysize = 1024, q's size = 160
+                        //     keysize = 2048, q's size = 224
+                        //     keysize = 2048, q's size = 256
+                        //     keysize = 3072, q's size = 256
+                        // For simplicity if keysize is greater than 1024 then we choose q's size to be 256.
+                        // For legacy keysize that is less than 1024-bit, we just use the 186-2 style parameters
+                        if (strength == 1024)
+                        {
+                            pGen = new DSAParametersGenerator();
+                            if (Properties.isOverrideSet("com.android.org.bouncycastle.dsa.FIPS186-2for1024bits"))
+                            {
+                                pGen.init(strength, certainty, random);
+                            }
+                            else
+                            {
+                                dsaParams = new DSAParameterGenerationParameters(1024, 160, certainty, random);
+                                pGen.init(dsaParams);
+                            }
+                        }
+                        else if (strength > 1024)
+                        {
+                            dsaParams = new DSAParameterGenerationParameters(strength, 256, certainty, random);
+                            pGen = new DSAParametersGenerator(new SHA256Digest());
+                            pGen.init(dsaParams);
+                        }
+                        else
+                        {
+                            pGen = new DSAParametersGenerator();
+                            pGen.init(strength, certainty, random);
+                        }
+                        param = new DSAKeyGenerationParameters(random, pGen.generateParameters());
+
+                        params.put(paramStrength, param);
+                    }
+                }
+            }
+
+            engine.init(param);
+            initialised = true;
+        }
+
+        AsymmetricCipherKeyPair pair = engine.generateKeyPair();
+        DSAPublicKeyParameters pub = (DSAPublicKeyParameters)pair.getPublic();
+        DSAPrivateKeyParameters priv = (DSAPrivateKeyParameters)pair.getPrivate();
+
+        return new KeyPair(new BCDSAPublicKey(pub), new BCDSAPrivateKey(priv));
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/ec/AlgorithmParametersSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/ec/AlgorithmParametersSpi.java
new file mode 100644
index 0000000..1a5daa9
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/ec/AlgorithmParametersSpi.java

@@ -0,0 +1,188 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.ec;
+
+import java.io.IOException;
+import java.math.BigInteger;
+import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.ECGenParameterSpec;
+import java.security.spec.ECParameterSpec;
+import java.security.spec.InvalidParameterSpecException;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.DERNull;
+import com.android.org.bouncycastle.asn1.x9.ECNamedCurveTable;
+import com.android.org.bouncycastle.asn1.x9.X962Parameters;
+import com.android.org.bouncycastle.asn1.x9.X9ECParameters;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
+import com.android.org.bouncycastle.jce.provider.BouncyCastleProvider;
+import com.android.org.bouncycastle.jce.spec.ECNamedCurveSpec;
+import com.android.org.bouncycastle.math.ec.ECCurve;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class AlgorithmParametersSpi
+    extends java.security.AlgorithmParametersSpi
+{
+    private ECParameterSpec ecParameterSpec;
+    private String curveName;
+
+    protected boolean isASN1FormatString(String format)
+    {
+        return format == null || format.equals("ASN.1");
+    }
+
+    @Override
+    protected void engineInit(AlgorithmParameterSpec algorithmParameterSpec)
+        throws InvalidParameterSpecException
+    {
+        if (algorithmParameterSpec instanceof ECGenParameterSpec)
+        {
+            ECGenParameterSpec ecGenParameterSpec = (ECGenParameterSpec)algorithmParameterSpec;
+            X9ECParameters params = ECUtils.getDomainParametersFromGenSpec(ecGenParameterSpec);
+
+            if (params == null)
+            {
+                throw new InvalidParameterSpecException("EC curve name not recognized: " + ecGenParameterSpec.getName());
+            }
+            curveName = ecGenParameterSpec.getName();
+            ECParameterSpec baseSpec = EC5Util.convertToSpec(params);
+            ecParameterSpec = new ECNamedCurveSpec(curveName,
+                baseSpec.getCurve(), baseSpec.getGenerator(), baseSpec.getOrder(), BigInteger.valueOf(baseSpec.getCofactor()));
+        }
+        else if (algorithmParameterSpec instanceof ECParameterSpec)
+        {
+            if (algorithmParameterSpec instanceof ECNamedCurveSpec)
+            {
+                curveName = ((ECNamedCurveSpec)algorithmParameterSpec).getName();
+            }
+            else
+            {
+                curveName = null;
+            }
+            ecParameterSpec = (ECParameterSpec)algorithmParameterSpec;
+        }
+        else
+        {
+            throw new InvalidParameterSpecException("AlgorithmParameterSpec class not recognized: " + algorithmParameterSpec.getClass().getName());
+        }
+    }
+
+    @Override
+    protected void engineInit(byte[] bytes)
+        throws IOException
+    {
+        engineInit(bytes, "ASN.1");
+    }
+
+    @Override
+    protected void engineInit(byte[] bytes, String format)
+        throws IOException
+    {
+        if (isASN1FormatString(format))
+        {
+            X962Parameters params = X962Parameters.getInstance(bytes);
+
+            ECCurve curve = EC5Util.getCurve(BouncyCastleProvider.CONFIGURATION, params);
+
+            if (params.isNamedCurve())
+            {
+                ASN1ObjectIdentifier curveId = ASN1ObjectIdentifier.getInstance(params.getParameters());
+
+                curveName = ECNamedCurveTable.getName(curveId);
+                if (curveName == null)
+                {
+                    curveName = curveId.getId();
+                }
+            }
+
+            ecParameterSpec = EC5Util.convertToSpec(params, curve);
+        }
+        else
+        {
+            throw new IOException("Unknown encoded parameters format in AlgorithmParameters object: " + format);
+        }
+    }
+
+    @Override
+    protected <T extends AlgorithmParameterSpec> T engineGetParameterSpec(Class<T> paramSpec)
+        throws InvalidParameterSpecException
+    {
+        if (ECParameterSpec.class.isAssignableFrom(paramSpec) || paramSpec == AlgorithmParameterSpec.class)
+        {
+            return (T)ecParameterSpec;
+        }
+        else if (ECGenParameterSpec.class.isAssignableFrom(paramSpec))
+        {
+            if (curveName != null)
+            {
+                ASN1ObjectIdentifier namedCurveOid = ECUtil.getNamedCurveOid(curveName);
+
+                if (namedCurveOid != null)
+                {
+                    return (T)new ECGenParameterSpec(namedCurveOid.getId());
+                }
+                return (T)new ECGenParameterSpec(curveName);
+            }
+            else
+            {
+                ASN1ObjectIdentifier namedCurveOid = ECUtil.getNamedCurveOid(EC5Util.convertSpec(ecParameterSpec, false));
+
+                if (namedCurveOid != null)
+                {
+                    return (T)new ECGenParameterSpec(namedCurveOid.getId());
+                }
+            }
+        }
+        throw new InvalidParameterSpecException("EC AlgorithmParameters cannot convert to " + paramSpec.getName());
+    }
+
+    @Override
+    protected byte[] engineGetEncoded()
+        throws IOException
+    {
+        return engineGetEncoded("ASN.1");
+    }
+
+    @Override
+    protected byte[] engineGetEncoded(String format)
+        throws IOException
+    {
+        if (isASN1FormatString(format))
+        {
+            X962Parameters params;
+
+            if (ecParameterSpec == null)     // implicitly CA
+            {
+                params = new X962Parameters(DERNull.INSTANCE);
+            }
+            else if (curveName != null)
+            {
+                params = new X962Parameters(ECUtil.getNamedCurveOid(curveName));
+            }
+            else
+            {
+                com.android.org.bouncycastle.jce.spec.ECParameterSpec ecSpec = EC5Util.convertSpec(ecParameterSpec, false);
+                X9ECParameters ecP = new X9ECParameters(
+                    ecSpec.getCurve(),
+                    ecSpec.getG(),
+                    ecSpec.getN(),
+                    ecSpec.getH(),
+                    ecSpec.getSeed());
+
+                params = new X962Parameters(ecP);
+            }
+
+            return params.getEncoded();
+        }
+
+        throw new IOException("Unknown parameters format in AlgorithmParameters object: " + format);
+    }
+
+    @Override
+    protected String engineToString()
+    {
+        return "EC AlgorithmParameters ";
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPrivateKey.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPrivateKey.java
new file mode 100644
index 0000000..c385035
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPrivateKey.java

@@ -0,0 +1,415 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.ec;
+
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.math.BigInteger;
+import java.security.interfaces.ECPrivateKey;
+import java.security.spec.ECParameterSpec;
+import java.security.spec.ECPoint;
+import java.security.spec.ECPrivateKeySpec;
+import java.security.spec.EllipticCurve;
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import com.android.org.bouncycastle.asn1.x9.X962Parameters;
+import com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.params.ECDomainParameters;
+import com.android.org.bouncycastle.crypto.params.ECPrivateKeyParameters;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl;
+import com.android.org.bouncycastle.jcajce.provider.config.ProviderConfiguration;
+import com.android.org.bouncycastle.jce.interfaces.ECPointEncoder;
+import com.android.org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
+import com.android.org.bouncycastle.jce.provider.BouncyCastleProvider;
+import com.android.org.bouncycastle.math.ec.ECCurve;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BCECPrivateKey
+    implements ECPrivateKey, com.android.org.bouncycastle.jce.interfaces.ECPrivateKey, PKCS12BagAttributeCarrier, ECPointEncoder
+{
+    static final long serialVersionUID = 994553197664784084L;
+
+    private String          algorithm = "EC";
+    private boolean         withCompression;
+
+    private transient BigInteger              d;
+    private transient ECParameterSpec         ecSpec;
+    private transient ProviderConfiguration   configuration;
+    private transient DERBitString            publicKey;
+
+    private transient PKCS12BagAttributeCarrierImpl attrCarrier = new PKCS12BagAttributeCarrierImpl();
+
+    protected BCECPrivateKey()
+    {
+    }
+
+    public BCECPrivateKey(
+        ECPrivateKey key,
+        ProviderConfiguration configuration)
+    {
+        this.d = key.getS();
+        this.algorithm = key.getAlgorithm();
+        this.ecSpec = key.getParams();
+        this.configuration = configuration;
+    }
+
+    public BCECPrivateKey(
+        String algorithm,
+        com.android.org.bouncycastle.jce.spec.ECPrivateKeySpec spec,
+        ProviderConfiguration configuration)
+    {
+        this.algorithm = algorithm;
+        this.d = spec.getD();
+
+        if (spec.getParams() != null) // can be null if implicitlyCA
+        {
+            ECCurve curve = spec.getParams().getCurve();
+            EllipticCurve ellipticCurve;
+
+            ellipticCurve = EC5Util.convertCurve(curve, spec.getParams().getSeed());
+
+            this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec.getParams());
+        }
+        else
+        {
+            this.ecSpec = null;
+        }
+
+        this.configuration = configuration;
+    }
+
+
+    public BCECPrivateKey(
+        String algorithm,
+        ECPrivateKeySpec spec,
+        ProviderConfiguration configuration)
+    {
+        this.algorithm = algorithm;
+        this.d = spec.getS();
+        this.ecSpec = spec.getParams();
+        this.configuration = configuration;
+    }
+
+    public BCECPrivateKey(
+        String algorithm,
+        BCECPrivateKey key)
+    {
+        this.algorithm = algorithm;
+        this.d = key.d;
+        this.ecSpec = key.ecSpec;
+        this.withCompression = key.withCompression;
+        this.attrCarrier = key.attrCarrier;
+        this.publicKey = key.publicKey;
+        this.configuration = key.configuration;
+    }
+
+    public BCECPrivateKey(
+        String algorithm,
+        ECPrivateKeyParameters params,
+        BCECPublicKey pubKey,
+        ECParameterSpec spec,
+        ProviderConfiguration configuration)
+    {
+        this.algorithm = algorithm;
+        this.d = params.getD();
+        this.configuration = configuration;
+
+        if (spec == null)
+        {
+            ECDomainParameters dp = params.getParameters();
+            EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed());
+
+            this.ecSpec = new ECParameterSpec(
+                ellipticCurve,
+                EC5Util.convertPoint(dp.getG()),
+                dp.getN(),
+                dp.getH().intValue());
+        }
+        else
+        {
+            this.ecSpec = spec;
+        }
+
+        this.publicKey = getPublicKeyDetails(pubKey);
+    }
+
+    public BCECPrivateKey(
+        String algorithm,
+        ECPrivateKeyParameters params,
+        BCECPublicKey pubKey,
+        com.android.org.bouncycastle.jce.spec.ECParameterSpec spec,
+        ProviderConfiguration configuration)
+    {
+        this.algorithm = algorithm;
+        this.d = params.getD();
+        this.configuration = configuration;
+
+        if (spec == null)
+        {
+            ECDomainParameters dp = params.getParameters();
+            EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed());
+
+            this.ecSpec = new ECParameterSpec(
+                ellipticCurve,
+                EC5Util.convertPoint(dp.getG()),
+                dp.getN(),
+                dp.getH().intValue());
+        }
+        else
+        {
+            EllipticCurve ellipticCurve = EC5Util.convertCurve(spec.getCurve(), spec.getSeed());
+
+            this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec);
+        }
+
+        try
+        {
+            this.publicKey = getPublicKeyDetails(pubKey);
+        }
+        catch (Exception e)
+        {
+            this.publicKey = null; // not all curves are encodable
+        }
+    }
+
+    public BCECPrivateKey(
+        String algorithm,
+        ECPrivateKeyParameters params,
+        ProviderConfiguration configuration)
+    {
+        this.algorithm = algorithm;
+        this.d = params.getD();
+        this.ecSpec = null;
+        this.configuration = configuration;
+    }
+
+    BCECPrivateKey(
+        String         algorithm,
+        PrivateKeyInfo info,
+        ProviderConfiguration configuration)
+        throws IOException
+    {
+        this.algorithm = algorithm;
+        this.configuration = configuration;
+        populateFromPrivKeyInfo(info);
+    }
+
+    private void populateFromPrivKeyInfo(PrivateKeyInfo info)
+        throws IOException
+    {
+        X962Parameters params = X962Parameters.getInstance(info.getPrivateKeyAlgorithm().getParameters());
+
+        ECCurve curve = EC5Util.getCurve(configuration, params);
+        ecSpec = EC5Util.convertToSpec(params, curve);
+
+        ASN1Encodable privKey = info.parsePrivateKey();
+        if (privKey instanceof ASN1Integer)
+        {
+            ASN1Integer          derD = ASN1Integer.getInstance(privKey);
+
+            this.d = derD.getValue();
+        }
+        else
+        {
+            com.android.org.bouncycastle.asn1.sec.ECPrivateKey ec = com.android.org.bouncycastle.asn1.sec.ECPrivateKey.getInstance(privKey);
+
+            this.d = ec.getKey();
+            this.publicKey = ec.getPublicKey();
+        }
+    }
+
+    public String getAlgorithm()
+    {
+        return algorithm;
+    }
+
+    /**
+     * return the encoding format we produce in getEncoded().
+     *
+     * @return the string "PKCS#8"
+     */
+    public String getFormat()
+    {
+        return "PKCS#8";
+    }
+
+    /**
+     * Return a PKCS8 representation of the key. The sequence returned
+     * represents a full PrivateKeyInfo object.
+     *
+     * @return a PKCS8 representation of the key.
+     */
+    public byte[] getEncoded()
+    {
+        X962Parameters  params = ECUtils.getDomainParametersFromName(ecSpec, withCompression);
+
+        int orderBitLength;
+        if (ecSpec == null)
+        {
+            orderBitLength = ECUtil.getOrderBitLength(configuration, null, this.getS());
+        }
+        else
+        {
+            orderBitLength = ECUtil.getOrderBitLength(configuration, ecSpec.getOrder(), this.getS());
+        }
+        
+        PrivateKeyInfo          info;
+        com.android.org.bouncycastle.asn1.sec.ECPrivateKey            keyStructure;
+
+        if (publicKey != null)
+        {
+            keyStructure = new com.android.org.bouncycastle.asn1.sec.ECPrivateKey(orderBitLength, this.getS(), publicKey, params);
+        }
+        else
+        {
+            keyStructure = new com.android.org.bouncycastle.asn1.sec.ECPrivateKey(orderBitLength, this.getS(), params);
+        }
+
+        try
+        {
+            info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params), keyStructure);
+
+            return info.getEncoded(ASN1Encoding.DER);
+        }
+        catch (IOException e)
+        {
+            return null;
+        }
+    }
+
+    public ECParameterSpec getParams()
+    {
+        return ecSpec;
+    }
+
+    public com.android.org.bouncycastle.jce.spec.ECParameterSpec getParameters()
+    {
+        if (ecSpec == null)
+        {
+            return null;
+        }
+        
+        return EC5Util.convertSpec(ecSpec, withCompression);
+    }
+
+    com.android.org.bouncycastle.jce.spec.ECParameterSpec engineGetSpec()
+    {
+        if (ecSpec != null)
+        {
+            return EC5Util.convertSpec(ecSpec, withCompression);
+        }
+
+        return configuration.getEcImplicitlyCa();
+    }
+
+    public BigInteger getS()
+    {
+        return d;
+    }
+
+    public BigInteger getD()
+    {
+        return d;
+    }
+    
+    public void setBagAttribute(
+        ASN1ObjectIdentifier oid,
+        ASN1Encodable        attribute)
+    {
+        attrCarrier.setBagAttribute(oid, attribute);
+    }
+
+    public ASN1Encodable getBagAttribute(
+        ASN1ObjectIdentifier oid)
+    {
+        return attrCarrier.getBagAttribute(oid);
+    }
+
+    public Enumeration getBagAttributeKeys()
+    {
+        return attrCarrier.getBagAttributeKeys();
+    }
+
+    public void setPointFormat(String style)
+    {
+       withCompression = !("UNCOMPRESSED".equalsIgnoreCase(style));
+    }
+
+    public boolean equals(Object o)
+    {
+        if (!(o instanceof BCECPrivateKey))
+        {
+            return false;
+        }
+
+        BCECPrivateKey other = (BCECPrivateKey)o;
+
+        return getD().equals(other.getD()) && (engineGetSpec().equals(other.engineGetSpec()));
+    }
+
+    public int hashCode()
+    {
+        return getD().hashCode() ^ engineGetSpec().hashCode();
+    }
+
+    public String toString()
+    {
+        return ECUtil.privateKeyToString("EC", d, engineGetSpec());
+    }
+
+    private com.android.org.bouncycastle.math.ec.ECPoint calculateQ(com.android.org.bouncycastle.jce.spec.ECParameterSpec spec)
+    {
+        return spec.getG().multiply(d).normalize();
+    }
+
+    private DERBitString getPublicKeyDetails(BCECPublicKey pub)
+    {
+        try
+        {
+            SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(pub.getEncoded()));
+
+            return info.getPublicKeyData();
+        }
+        catch (IOException e)
+        {   // should never happen
+            return null;
+        }
+    }
+
+    private void readObject(
+        ObjectInputStream in)
+        throws IOException, ClassNotFoundException
+    {
+        in.defaultReadObject();
+
+        byte[] enc = (byte[])in.readObject();
+
+        this.configuration = BouncyCastleProvider.CONFIGURATION;
+
+        populateFromPrivKeyInfo(PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(enc)));
+
+        this.attrCarrier = new PKCS12BagAttributeCarrierImpl();
+    }
+
+    private void writeObject(
+        ObjectOutputStream out)
+        throws IOException
+    {
+        out.defaultWriteObject();
+
+        out.writeObject(this.getEncoded());
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPublicKey.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPublicKey.java
new file mode 100644
index 0000000..56c1946
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/ec/BCECPublicKey.java

@@ -0,0 +1,345 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.ec;
+
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.security.interfaces.ECPublicKey;
+import java.security.spec.ECParameterSpec;
+import java.security.spec.ECPoint;
+import java.security.spec.ECPublicKeySpec;
+import java.security.spec.EllipticCurve;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import com.android.org.bouncycastle.asn1.x9.X962Parameters;
+import com.android.org.bouncycastle.asn1.x9.X9ECPoint;
+import com.android.org.bouncycastle.asn1.x9.X9IntegerConverter;
+import com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.params.ECDomainParameters;
+import com.android.org.bouncycastle.crypto.params.ECPublicKeyParameters;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil;
+import com.android.org.bouncycastle.jcajce.provider.config.ProviderConfiguration;
+import com.android.org.bouncycastle.jce.interfaces.ECPointEncoder;
+import com.android.org.bouncycastle.jce.provider.BouncyCastleProvider;
+import com.android.org.bouncycastle.math.ec.ECCurve;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BCECPublicKey
+    implements ECPublicKey, com.android.org.bouncycastle.jce.interfaces.ECPublicKey, ECPointEncoder
+{
+    static final long serialVersionUID = 2422789860422731812L;
+
+    private String    algorithm = "EC";
+    private boolean   withCompression;
+
+    private transient ECPublicKeyParameters   ecPublicKey;
+    private transient ECParameterSpec         ecSpec;
+    private transient ProviderConfiguration   configuration;
+
+    public BCECPublicKey(
+        String algorithm,
+        BCECPublicKey key)
+    {
+        this.algorithm = algorithm;
+        this.ecPublicKey = key.ecPublicKey;
+        this.ecSpec = key.ecSpec;
+        this.withCompression = key.withCompression;
+        this.configuration = key.configuration;
+    }
+    
+    public BCECPublicKey(
+        String algorithm,
+        ECPublicKeySpec spec,
+        ProviderConfiguration configuration)
+    {
+        this.algorithm = algorithm;
+        this.ecSpec = spec.getParams();
+        this.ecPublicKey = new ECPublicKeyParameters(EC5Util.convertPoint(ecSpec, spec.getW(), false), EC5Util.getDomainParameters(configuration, spec.getParams()));
+        this.configuration = configuration;
+    }
+
+    public BCECPublicKey(
+        String algorithm,
+        com.android.org.bouncycastle.jce.spec.ECPublicKeySpec spec,
+        ProviderConfiguration configuration)
+    {
+        this.algorithm = algorithm;
+
+        if (spec.getParams() != null) // can be null if implictlyCa
+        {
+            ECCurve curve = spec.getParams().getCurve();
+            EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getParams().getSeed());
+
+            // this may seem a little long-winded but it's how we pick up the custom curve.
+            this.ecPublicKey = new ECPublicKeyParameters(
+                spec.getQ(), ECUtil.getDomainParameters(configuration, spec.getParams()));
+            this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec.getParams());
+        }
+        else
+        {
+            com.android.org.bouncycastle.jce.spec.ECParameterSpec s = configuration.getEcImplicitlyCa();
+
+            this.ecPublicKey = new ECPublicKeyParameters(s.getCurve().createPoint(spec.getQ().getAffineXCoord().toBigInteger(), spec.getQ().getAffineYCoord().toBigInteger()), EC5Util.getDomainParameters(configuration, (ECParameterSpec)null));
+            this.ecSpec = null;
+        }
+
+        this.configuration = configuration;
+    }
+    
+    public BCECPublicKey(
+        String algorithm,
+        ECPublicKeyParameters params,
+        ECParameterSpec spec,
+        ProviderConfiguration configuration)
+    {
+        ECDomainParameters      dp = params.getParameters();
+
+        this.algorithm = algorithm;
+        this.ecPublicKey = params;
+
+        if (spec == null)
+        {
+            EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed());
+
+            this.ecSpec = createSpec(ellipticCurve, dp);
+        }
+        else
+        {
+            this.ecSpec = spec;
+        }
+
+        this.configuration = configuration;
+    }
+
+    public BCECPublicKey(
+        String algorithm,
+        ECPublicKeyParameters params,
+        com.android.org.bouncycastle.jce.spec.ECParameterSpec spec,
+        ProviderConfiguration configuration)
+    {
+        ECDomainParameters      dp = params.getParameters();
+
+        this.algorithm = algorithm;
+
+        if (spec == null)
+        {
+            EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed());
+
+            this.ecSpec = createSpec(ellipticCurve, dp);
+        }
+        else
+        {
+            EllipticCurve ellipticCurve = EC5Util.convertCurve(spec.getCurve(), spec.getSeed());
+
+            this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec);
+        }
+
+        this.ecPublicKey = params;
+        this.configuration = configuration;
+    }
+
+    /*
+     * called for implicitCA
+     */
+    public BCECPublicKey(
+        String algorithm,
+        ECPublicKeyParameters params,
+        ProviderConfiguration configuration)
+    {
+        this.algorithm = algorithm;
+        this.ecPublicKey = params;
+        this.ecSpec = null;
+        this.configuration = configuration;
+    }
+
+    public BCECPublicKey(
+        ECPublicKey key,
+        ProviderConfiguration configuration)
+    {
+        this.algorithm = key.getAlgorithm();
+        this.ecSpec = key.getParams();
+        this.ecPublicKey = new ECPublicKeyParameters(EC5Util.convertPoint(this.ecSpec, key.getW(), false), EC5Util.getDomainParameters(configuration, key.getParams()));
+    }
+
+    BCECPublicKey(
+        String algorithm,
+        SubjectPublicKeyInfo info,
+        ProviderConfiguration configuration)
+    {
+        this.algorithm = algorithm;
+        this.configuration = configuration;
+        populateFromPubKeyInfo(info);
+    }
+
+    private ECParameterSpec createSpec(EllipticCurve ellipticCurve, ECDomainParameters dp)
+    {
+        return new ECParameterSpec(
+            ellipticCurve,
+            EC5Util.convertPoint(dp.getG()),
+            dp.getN(),
+            dp.getH().intValue());
+    }
+
+    private void populateFromPubKeyInfo(SubjectPublicKeyInfo info)
+    {
+        X962Parameters params = X962Parameters.getInstance(info.getAlgorithm().getParameters());
+        ECCurve curve = EC5Util.getCurve(configuration, params);
+        ecSpec = EC5Util.convertToSpec(params, curve);
+
+        DERBitString    bits = info.getPublicKeyData();
+        byte[]          data = bits.getBytes();
+        ASN1OctetString key = new DEROctetString(data);
+
+        //
+        // extra octet string - one of our old certs...
+        //
+        if (data[0] == 0x04 && data[1] == data.length - 2
+            && (data[2] == 0x02 || data[2] == 0x03))
+        {
+            int qLength = new X9IntegerConverter().getByteLength(curve);
+
+            if (qLength >= data.length - 3)
+            {
+                try
+                {
+                    key = (ASN1OctetString) ASN1Primitive.fromByteArray(data);
+                }
+                catch (IOException ex)
+                {
+                    throw new IllegalArgumentException("error recovering public key");
+                }
+            }
+        }
+
+        X9ECPoint derQ = new X9ECPoint(curve, key);
+
+        this.ecPublicKey = new ECPublicKeyParameters(derQ.getPoint(), ECUtil.getDomainParameters(configuration, params));
+    }
+
+    public String getAlgorithm()
+    {
+        return algorithm;
+    }
+
+    public String getFormat()
+    {
+        return "X.509";
+    }
+
+    public byte[] getEncoded()
+    {
+        ASN1Encodable   params = ECUtils.getDomainParametersFromName(ecSpec, withCompression);
+        ASN1OctetString p = ASN1OctetString.getInstance(new X9ECPoint(ecPublicKey.getQ(), withCompression).toASN1Primitive());
+
+        // stored curve is null if ImplicitlyCa
+        SubjectPublicKeyInfo info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params), p.getOctets());
+
+        return KeyUtil.getEncodedSubjectPublicKeyInfo(info);
+    }
+
+    public ECParameterSpec getParams()
+    {
+        return ecSpec;
+    }
+
+    public com.android.org.bouncycastle.jce.spec.ECParameterSpec getParameters()
+    {
+        if (ecSpec == null)     // implictlyCA
+        {
+            return null;
+        }
+
+        return EC5Util.convertSpec(ecSpec, withCompression);
+    }
+
+    public ECPoint getW()
+    {
+        return EC5Util.convertPoint(ecPublicKey.getQ());
+    }
+
+    public com.android.org.bouncycastle.math.ec.ECPoint getQ()
+    {
+        com.android.org.bouncycastle.math.ec.ECPoint q = ecPublicKey.getQ();
+
+        if (ecSpec == null)
+        {
+            return q.getDetachedPoint();
+        }
+
+        return q;
+    }
+
+    ECPublicKeyParameters engineGetKeyParameters()
+    {
+        return ecPublicKey;
+    }
+
+    com.android.org.bouncycastle.jce.spec.ECParameterSpec engineGetSpec()
+    {
+        if (ecSpec != null)
+        {
+            return EC5Util.convertSpec(ecSpec, withCompression);
+        }
+
+        return configuration.getEcImplicitlyCa();
+    }
+
+    public String toString()
+    {
+        return ECUtil.publicKeyToString("EC", ecPublicKey.getQ(), engineGetSpec());
+    }
+    
+    public void setPointFormat(String style)
+    {
+       withCompression = !("UNCOMPRESSED".equalsIgnoreCase(style));
+    }
+
+    public boolean equals(Object o)
+    {
+        if (!(o instanceof BCECPublicKey))
+        {
+            return false;
+        }
+
+        BCECPublicKey other = (BCECPublicKey)o;
+
+        return ecPublicKey.getQ().equals(other.ecPublicKey.getQ()) && (engineGetSpec().equals(other.engineGetSpec()));
+    }
+
+    public int hashCode()
+    {
+        return ecPublicKey.getQ().hashCode() ^ engineGetSpec().hashCode();
+    }
+
+    private void readObject(
+        ObjectInputStream in)
+        throws IOException, ClassNotFoundException
+    {
+        in.defaultReadObject();
+
+        byte[] enc = (byte[])in.readObject();
+
+        this.configuration = BouncyCastleProvider.CONFIGURATION;
+
+        populateFromPubKeyInfo(SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(enc)));
+    }
+
+    private void writeObject(
+        ObjectOutputStream out)
+        throws IOException
+    {
+        out.defaultWriteObject();
+
+        out.writeObject(this.getEncoded());
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/ec/ECUtils.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/ec/ECUtils.java
new file mode 100644
index 0000000..020cfc8
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/ec/ECUtils.java

@@ -0,0 +1,97 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.ec;
+
+import java.math.BigInteger;
+import java.security.InvalidKeyException;
+import java.security.PublicKey;
+import java.security.spec.ECGenParameterSpec;
+import java.security.spec.ECParameterSpec;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.DERNull;
+import com.android.org.bouncycastle.asn1.x9.X962Parameters;
+import com.android.org.bouncycastle.asn1.x9.X9ECParameters;
+import com.android.org.bouncycastle.crypto.params.AsymmetricKeyParameter;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
+import com.android.org.bouncycastle.jce.spec.ECNamedCurveSpec;
+import com.android.org.bouncycastle.math.ec.ECCurve;
+
+class ECUtils
+{
+    static AsymmetricKeyParameter generatePublicKeyParameter(
+            PublicKey key)
+        throws InvalidKeyException
+    {
+        return (key instanceof BCECPublicKey) ? ((BCECPublicKey)key).engineGetKeyParameters() : ECUtil.generatePublicKeyParameter(key);
+    }
+
+    static X9ECParameters getDomainParametersFromGenSpec(ECGenParameterSpec genSpec)
+    {
+        return getDomainParametersFromName(genSpec.getName());
+    }
+
+    static X9ECParameters getDomainParametersFromName(String curveName)
+    {
+        X9ECParameters domainParameters;
+        try
+        {
+            if (curveName.charAt(0) >= '0' && curveName.charAt(0) <= '2')
+            {
+                ASN1ObjectIdentifier oidID = new ASN1ObjectIdentifier(curveName);
+                domainParameters = ECUtil.getNamedCurveByOid(oidID);
+            }
+            else
+            {
+                if (curveName.indexOf(' ') > 0)
+                {
+                    curveName = curveName.substring(curveName.indexOf(' ') + 1);
+                    domainParameters = ECUtil.getNamedCurveByName(curveName);
+                }
+                else
+                {
+                    domainParameters = ECUtil.getNamedCurveByName(curveName);
+                }
+            }
+        }
+        catch (IllegalArgumentException ex)
+        {
+            domainParameters = ECUtil.getNamedCurveByName(curveName);
+        }
+        return domainParameters;
+    }
+
+    static X962Parameters getDomainParametersFromName(ECParameterSpec ecSpec, boolean withCompression)
+    {
+        X962Parameters params;
+
+        if (ecSpec instanceof ECNamedCurveSpec)
+        {
+            ASN1ObjectIdentifier curveOid = ECUtil.getNamedCurveOid(((ECNamedCurveSpec)ecSpec).getName());
+            if (curveOid == null)
+            {
+                curveOid = new ASN1ObjectIdentifier(((ECNamedCurveSpec)ecSpec).getName());
+            }
+            params = new X962Parameters(curveOid);
+        }
+        else if (ecSpec == null)
+        {
+            params = new X962Parameters(DERNull.INSTANCE);
+        }
+        else
+        {
+            ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
+
+            X9ECParameters ecP = new X9ECParameters(
+                curve,
+                EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression),
+                ecSpec.getOrder(),
+                BigInteger.valueOf(ecSpec.getCofactor()),
+                ecSpec.getCurve().getSeed());
+
+            params = new X962Parameters(ecP);
+        }
+
+        return params;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java
new file mode 100644
index 0000000..a2dc9b1
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyAgreementSpi.java

@@ -0,0 +1,834 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.ec;
+
+import java.math.BigInteger;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.Key;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.SecureRandom;
+import java.security.spec.AlgorithmParameterSpec;
+
+import com.android.org.bouncycastle.asn1.x9.X9IntegerConverter;
+import com.android.org.bouncycastle.crypto.BasicAgreement;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.DerivationFunction;
+import com.android.org.bouncycastle.crypto.agreement.ECDHBasicAgreement;
+// BEGIN Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.agreement.ECDHCBasicAgreement;
+// import org.bouncycastle.crypto.agreement.ECDHCUnifiedAgreement;
+// import org.bouncycastle.crypto.agreement.ECMQVBasicAgreement;
+// import org.bouncycastle.crypto.agreement.kdf.ConcatenationKDFGenerator;
+// import org.bouncycastle.crypto.digests.RIPEMD160Digest;
+// import org.bouncycastle.crypto.generators.KDF2BytesGenerator;
+// import org.bouncycastle.crypto.params.ECDHUPrivateParameters;
+// import org.bouncycastle.crypto.params.ECDHUPublicParameters;
+// END Android-removed: Unsupported algorithms
+import com.android.org.bouncycastle.crypto.params.ECDomainParameters;
+import com.android.org.bouncycastle.crypto.params.ECPrivateKeyParameters;
+import com.android.org.bouncycastle.crypto.params.ECPublicKeyParameters;
+// BEGIN Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.params.MQVPrivateParameters;
+// import org.bouncycastle.crypto.params.MQVPublicParameters;
+// import org.bouncycastle.crypto.util.DigestFactory;
+// END Android-removed: Unsupported algorithms
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.BaseAgreementSpi;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
+// BEGIN Android-removed: Unsupported algorithms
+// import org.bouncycastle.jcajce.spec.DHUParameterSpec;
+// import org.bouncycastle.jcajce.spec.MQVParameterSpec;
+// END Android-removed: Unsupported algorithms
+import com.android.org.bouncycastle.jcajce.spec.UserKeyingMaterialSpec;
+import com.android.org.bouncycastle.jce.interfaces.ECPrivateKey;
+import com.android.org.bouncycastle.jce.interfaces.ECPublicKey;
+// BEGIN Android-removed: Unsupported algorithms
+// import org.bouncycastle.jce.interfaces.MQVPrivateKey;
+// import org.bouncycastle.jce.interfaces.MQVPublicKey;
+// END Android-removed: Unsupported algorithms
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * Diffie-Hellman key agreement using elliptic curve keys, ala IEEE P1363
+ * both the simple one, and the simple one with cofactors are supported.
+ * <p>
+ * Also, MQV key agreement per SEC-1
+ * @hide This class is not part of the Android public SDK API
+ */
+public class KeyAgreementSpi
+    extends BaseAgreementSpi
+{
+    private static final X9IntegerConverter converter = new X9IntegerConverter();
+
+    private String kaAlgorithm;
+
+    private ECDomainParameters parameters;
+    private Object agreement;
+
+    // Android-removed: Unsupported algorithms
+    // private MQVParameterSpec       mqvParameters;
+    // private DHUParameterSpec dheParameters;
+    private byte[] result;
+
+    protected KeyAgreementSpi(
+        String kaAlgorithm,
+        BasicAgreement agreement,
+        DerivationFunction kdf)
+    {
+        super(kaAlgorithm, kdf);
+
+        this.kaAlgorithm = kaAlgorithm;
+        this.agreement = agreement;
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    protected KeyAgreementSpi(
+        String kaAlgorithm,
+        ECDHCUnifiedAgreement agreement,
+        DerivationFunction kdf)
+    {
+        super(kaAlgorithm, kdf);
+
+        this.kaAlgorithm = kaAlgorithm;
+        this.agreement = agreement;
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    protected byte[] bigIntToBytes(
+        BigInteger r)
+    {
+        return converter.integerToBytes(r, converter.getByteLength(parameters.getCurve()));
+    }
+
+    protected Key engineDoPhase(
+        Key key,
+        boolean lastPhase)
+        throws InvalidKeyException, IllegalStateException
+    {
+        if (parameters == null)
+        {
+            throw new IllegalStateException(kaAlgorithm + " not initialised.");
+        }
+
+        if (!lastPhase)
+        {
+            throw new IllegalStateException(kaAlgorithm + " can only be between two parties.");
+        }
+
+        CipherParameters pubKey;
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        if (agreement instanceof ECMQVBasicAgreement)
+        {
+            if (!(key instanceof MQVPublicKey))
+            {
+                ECPublicKeyParameters staticKey = (ECPublicKeyParameters)
+                    ECUtils.generatePublicKeyParameter((PublicKey)key);
+                ECPublicKeyParameters ephemKey = (ECPublicKeyParameters)
+                    ECUtils.generatePublicKeyParameter(mqvParameters.getOtherPartyEphemeralKey());
+
+                pubKey = new MQVPublicParameters(staticKey, ephemKey);
+            }
+            else
+            {
+                MQVPublicKey mqvPubKey = (MQVPublicKey)key;
+                ECPublicKeyParameters staticKey = (ECPublicKeyParameters)
+                    ECUtils.generatePublicKeyParameter(mqvPubKey.getStaticKey());
+                ECPublicKeyParameters ephemKey = (ECPublicKeyParameters)
+                    ECUtils.generatePublicKeyParameter(mqvPubKey.getEphemeralKey());
+
+                pubKey = new MQVPublicParameters(staticKey, ephemKey);
+            }
+        }
+        else if (agreement instanceof ECDHCUnifiedAgreement)
+        {
+            ECPublicKeyParameters staticKey = (ECPublicKeyParameters)
+                ECUtils.generatePublicKeyParameter((PublicKey)key);
+            ECPublicKeyParameters ephemKey = (ECPublicKeyParameters)
+                ECUtils.generatePublicKeyParameter(dheParameters.getOtherPartyEphemeralKey());
+
+            pubKey = new ECDHUPublicParameters(staticKey, ephemKey);
+        }
+        else
+        */
+        // END Android-removed: Unsupported algorithms
+        {
+            if (!(key instanceof PublicKey))
+            {
+                throw new InvalidKeyException(kaAlgorithm + " key agreement requires "
+                    + getSimpleName(ECPublicKey.class) + " for doPhase");
+            }
+
+            pubKey = ECUtils.generatePublicKeyParameter((PublicKey)key);
+        }
+
+        try
+        {
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            if (agreement instanceof BasicAgreement)
+            {
+            */
+            // END Android-removed: Unsupported algorithms
+                result = bigIntToBytes(((BasicAgreement)agreement).calculateAgreement(pubKey));
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            }
+            else
+            {
+                result = ((ECDHCUnifiedAgreement)agreement).calculateAgreement(pubKey);
+            }
+            */
+            // END Android-removed: Unsupported algorithms
+        }
+        catch (final Exception e)
+        {
+            throw new InvalidKeyException("calculation failed: " + e.getMessage())
+            {
+                public Throwable getCause()
+                {
+                    return e;
+                }
+            };
+        }
+
+        return null;
+    }
+
+    protected void engineInit(
+        Key key,
+        AlgorithmParameterSpec params,
+        SecureRandom random)
+        throws InvalidKeyException, InvalidAlgorithmParameterException
+    {
+        // Android-removed: Unsupported algorithms
+        // if (params != null &&
+        //     !(params instanceof MQVParameterSpec || params instanceof UserKeyingMaterialSpec || params instanceof DHUParameterSpec))
+        if (params != null && !(params instanceof UserKeyingMaterialSpec))
+        {
+            throw new InvalidAlgorithmParameterException("No algorithm parameters supported");
+        }
+
+        initFromKey(key, params);
+    }
+
+    protected void engineInit(
+        Key key,
+        SecureRandom random)
+        throws InvalidKeyException
+    {
+        try
+        {
+            initFromKey(key, null);
+        }
+        catch (InvalidAlgorithmParameterException e)
+        {
+            // this should never occur.
+            throw new InvalidKeyException(e.getMessage());
+        }
+    }
+
+    private void initFromKey(Key key, AlgorithmParameterSpec parameterSpec)
+        throws InvalidKeyException, InvalidAlgorithmParameterException
+    {
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        if (agreement instanceof ECMQVBasicAgreement)
+        {
+            mqvParameters = null;
+            if (!(key instanceof MQVPrivateKey) && !(parameterSpec instanceof MQVParameterSpec))
+            {
+                throw new InvalidAlgorithmParameterException(kaAlgorithm + " key agreement requires "
+                    + getSimpleName(MQVParameterSpec.class) + " for initialisation");
+            }
+
+            ECPrivateKeyParameters staticPrivKey;
+            ECPrivateKeyParameters ephemPrivKey;
+            ECPublicKeyParameters ephemPubKey;
+            if (key instanceof MQVPrivateKey)
+            {
+                MQVPrivateKey mqvPrivKey = (MQVPrivateKey)key;
+                staticPrivKey = (ECPrivateKeyParameters)
+                    ECUtil.generatePrivateKeyParameter(mqvPrivKey.getStaticPrivateKey());
+                ephemPrivKey = (ECPrivateKeyParameters)
+                    ECUtil.generatePrivateKeyParameter(mqvPrivKey.getEphemeralPrivateKey());
+
+                ephemPubKey = null;
+                if (mqvPrivKey.getEphemeralPublicKey() != null)
+                {
+                    ephemPubKey = (ECPublicKeyParameters)
+                        ECUtils.generatePublicKeyParameter(mqvPrivKey.getEphemeralPublicKey());
+                }
+            }
+            else
+            {
+                MQVParameterSpec mqvParameterSpec = (MQVParameterSpec)parameterSpec;
+
+                staticPrivKey = (ECPrivateKeyParameters)
+                    ECUtil.generatePrivateKeyParameter((PrivateKey)key);
+                ephemPrivKey = (ECPrivateKeyParameters)
+                    ECUtil.generatePrivateKeyParameter(mqvParameterSpec.getEphemeralPrivateKey());
+
+                ephemPubKey = null;
+                if (mqvParameterSpec.getEphemeralPublicKey() != null)
+                {
+                    ephemPubKey = (ECPublicKeyParameters)
+                        ECUtils.generatePublicKeyParameter(mqvParameterSpec.getEphemeralPublicKey());
+                }
+                mqvParameters = mqvParameterSpec;
+                ukmParameters = mqvParameterSpec.getUserKeyingMaterial();
+            }
+
+            MQVPrivateParameters localParams = new MQVPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey);
+            this.parameters = staticPrivKey.getParameters();
+
+            // TODO Validate that all the keys are using the same parameters?
+
+            ((ECMQVBasicAgreement)agreement).init(localParams);
+        }
+        else if (parameterSpec instanceof DHUParameterSpec)
+        {
+            if (!(agreement instanceof ECDHCUnifiedAgreement))
+            {
+                throw new InvalidAlgorithmParameterException(kaAlgorithm + " key agreement cannot be used with "
+                    + getSimpleName(DHUParameterSpec.class));
+            }
+            DHUParameterSpec dheParameterSpec = (DHUParameterSpec)parameterSpec;
+            ECPrivateKeyParameters staticPrivKey;
+            ECPrivateKeyParameters ephemPrivKey;
+            ECPublicKeyParameters ephemPubKey;
+
+            staticPrivKey = (ECPrivateKeyParameters)
+                ECUtil.generatePrivateKeyParameter((PrivateKey)key);
+            ephemPrivKey = (ECPrivateKeyParameters)
+                ECUtil.generatePrivateKeyParameter(dheParameterSpec.getEphemeralPrivateKey());
+
+            ephemPubKey = null;
+            if (dheParameterSpec.getEphemeralPublicKey() != null)
+            {
+                ephemPubKey = (ECPublicKeyParameters)
+                    ECUtils.generatePublicKeyParameter(dheParameterSpec.getEphemeralPublicKey());
+            }
+            dheParameters = dheParameterSpec;
+            ukmParameters = dheParameterSpec.getUserKeyingMaterial();
+
+            ECDHUPrivateParameters localParams = new ECDHUPrivateParameters(staticPrivKey, ephemPrivKey, ephemPubKey);
+            this.parameters = staticPrivKey.getParameters();
+
+            ((ECDHCUnifiedAgreement)agreement).init(localParams);
+        }
+        else
+        */
+        // END Android-removed: Unsupported algorithms
+        {
+            if (!(key instanceof PrivateKey))
+            {
+                throw new InvalidKeyException(kaAlgorithm + " key agreement requires "
+                    + getSimpleName(ECPrivateKey.class) + " for initialisation");
+            }
+            if (kdf == null && parameterSpec instanceof UserKeyingMaterialSpec)
+            {
+                throw new InvalidAlgorithmParameterException("no KDF specified for UserKeyingMaterialSpec");
+            }
+            ECPrivateKeyParameters privKey = (ECPrivateKeyParameters)ECUtil.generatePrivateKeyParameter((PrivateKey)key);
+            this.parameters = privKey.getParameters();
+            ukmParameters = (parameterSpec instanceof UserKeyingMaterialSpec) ? ((UserKeyingMaterialSpec)parameterSpec).getUserKeyingMaterial() : null;
+            ((BasicAgreement)agreement).init(privKey);
+        }
+    }
+
+    private static String getSimpleName(Class clazz)
+    {
+        String fullName = clazz.getName();
+
+        return fullName.substring(fullName.lastIndexOf('.') + 1);
+    }
+    
+    protected byte[] calcSecret()
+    {
+        return Arrays.clone(result);
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class DH
+        extends KeyAgreementSpi
+    {
+        public DH()
+        {
+            super("ECDH", new ECDHBasicAgreement(), null);
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    public static class DHC
+        extends KeyAgreementSpi
+    {
+        public DHC()
+        {
+            super("ECDHC", new ECDHCBasicAgreement(), null);
+        }
+    }
+
+    public static class MQV
+        extends KeyAgreementSpi
+    {
+        public MQV()
+        {
+            super("ECMQV", new ECMQVBasicAgreement(), null);
+        }
+    }
+
+    public static class DHUC
+        extends KeyAgreementSpi
+    {
+        public DHUC()
+        {
+            super("ECCDHU", new ECDHCUnifiedAgreement(), null);
+        }
+    }
+
+    public static class DHwithSHA1KDF
+        extends KeyAgreementSpi
+    {
+        public DHwithSHA1KDF()
+        {
+            super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1()));
+        }
+    }
+
+    public static class DHwithSHA1KDFAndSharedInfo
+        extends KeyAgreementSpi
+    {
+        public DHwithSHA1KDFAndSharedInfo()
+        {
+            super("ECDHwithSHA1KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1()));
+        }
+    }
+
+    public static class CDHwithSHA1KDFAndSharedInfo
+        extends KeyAgreementSpi
+    {
+        public CDHwithSHA1KDFAndSharedInfo()
+        {
+            super("ECCDHwithSHA1KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1()));
+        }
+    }
+
+    public static class DHwithSHA224KDFAndSharedInfo
+        extends KeyAgreementSpi
+    {
+        public DHwithSHA224KDFAndSharedInfo()
+        {
+            super("ECDHwithSHA224KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA224()));
+        }
+    }
+
+    public static class CDHwithSHA224KDFAndSharedInfo
+        extends KeyAgreementSpi
+    {
+        public CDHwithSHA224KDFAndSharedInfo()
+        {
+            super("ECCDHwithSHA224KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA224()));
+        }
+    }
+
+    public static class DHwithSHA256KDFAndSharedInfo
+        extends KeyAgreementSpi
+    {
+        public DHwithSHA256KDFAndSharedInfo()
+        {
+            super("ECDHwithSHA256KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA256()));
+        }
+    }
+
+    public static class CDHwithSHA256KDFAndSharedInfo
+        extends KeyAgreementSpi
+    {
+        public CDHwithSHA256KDFAndSharedInfo()
+        {
+            super("ECCDHwithSHA256KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA256()));
+        }
+    }
+
+    public static class DHwithSHA384KDFAndSharedInfo
+        extends KeyAgreementSpi
+    {
+        public DHwithSHA384KDFAndSharedInfo()
+        {
+            super("ECDHwithSHA384KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA384()));
+        }
+    }
+
+    public static class CDHwithSHA384KDFAndSharedInfo
+        extends KeyAgreementSpi
+    {
+        public CDHwithSHA384KDFAndSharedInfo()
+        {
+            super("ECCDHwithSHA384KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA384()));
+        }
+    }
+
+    public static class DHwithSHA512KDFAndSharedInfo
+        extends KeyAgreementSpi
+    {
+        public DHwithSHA512KDFAndSharedInfo()
+        {
+            super("ECDHwithSHA512KDF", new ECDHBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA512()));
+        }
+    }
+
+    public static class CDHwithSHA512KDFAndSharedInfo
+        extends KeyAgreementSpi
+    {
+        public CDHwithSHA512KDFAndSharedInfo()
+        {
+            super("ECCDHwithSHA512KDF", new ECDHCBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA512()));
+        }
+    }
+
+    public static class MQVwithSHA1KDFAndSharedInfo
+        extends KeyAgreementSpi
+    {
+        public MQVwithSHA1KDFAndSharedInfo()
+        {
+            super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1()));
+        }
+    }
+
+    public static class MQVwithSHA224KDFAndSharedInfo
+        extends KeyAgreementSpi
+    {
+        public MQVwithSHA224KDFAndSharedInfo()
+        {
+            super("ECMQVwithSHA224KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA224()));
+        }
+    }
+
+    public static class MQVwithSHA256KDFAndSharedInfo
+        extends KeyAgreementSpi
+    {
+        public MQVwithSHA256KDFAndSharedInfo()
+        {
+            super("ECMQVwithSHA256KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA256()));
+        }
+    }
+
+    public static class MQVwithSHA384KDFAndSharedInfo
+        extends KeyAgreementSpi
+    {
+        public MQVwithSHA384KDFAndSharedInfo()
+        {
+            super("ECMQVwithSHA384KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA384()));
+        }
+    }
+
+    public static class MQVwithSHA512KDFAndSharedInfo
+        extends KeyAgreementSpi
+    {
+        public MQVwithSHA512KDFAndSharedInfo()
+        {
+            super("ECMQVwithSHA512KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA512()));
+        }
+    }
+
+    public static class DHwithSHA1CKDF
+        extends KeyAgreementSpi
+    {
+        public DHwithSHA1CKDF()
+        {
+            super("ECDHwithSHA1CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA1()));
+        }
+    }
+
+    public static class DHwithSHA256CKDF
+        extends KeyAgreementSpi
+    {
+        public DHwithSHA256CKDF()
+        {
+            super("ECDHwithSHA256CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA256()));
+        }
+    }
+
+    public static class DHwithSHA384CKDF
+        extends KeyAgreementSpi
+    {
+        public DHwithSHA384CKDF()
+        {
+            super("ECDHwithSHA384CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA384()));
+        }
+    }
+
+    public static class DHwithSHA512CKDF
+        extends KeyAgreementSpi
+    {
+        public DHwithSHA512CKDF()
+        {
+            super("ECDHwithSHA512CKDF", new ECDHCBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA512()));
+        }
+    }
+
+    public static class MQVwithSHA1CKDF
+        extends KeyAgreementSpi
+    {
+        public MQVwithSHA1CKDF()
+        {
+            super("ECMQVwithSHA1CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA1()));
+        }
+    }
+
+    public static class MQVwithSHA224CKDF
+        extends KeyAgreementSpi
+    {
+        public MQVwithSHA224CKDF()
+        {
+            super("ECMQVwithSHA224CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA224()));
+        }
+    }
+
+    public static class MQVwithSHA256CKDF
+        extends KeyAgreementSpi
+    {
+        public MQVwithSHA256CKDF()
+        {
+            super("ECMQVwithSHA256CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA256()));
+        }
+    }
+
+    public static class MQVwithSHA384CKDF
+        extends KeyAgreementSpi
+    {
+        public MQVwithSHA384CKDF()
+        {
+            super("ECMQVwithSHA384CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA384()));
+        }
+    }
+
+    public static class MQVwithSHA512CKDF
+        extends KeyAgreementSpi
+    {
+        public MQVwithSHA512CKDF()
+        {
+            super("ECMQVwithSHA512CKDF", new ECMQVBasicAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA512()));
+        }
+    }
+
+    public static class MQVwithSHA1KDF
+        extends KeyAgreementSpi
+    {
+        public MQVwithSHA1KDF()
+        {
+            super("ECMQVwithSHA1KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1()));
+        }
+    }
+
+    public static class MQVwithSHA224KDF
+        extends KeyAgreementSpi
+    {
+        public MQVwithSHA224KDF()
+        {
+            super("ECMQVwithSHA224KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA224()));
+        }
+    }
+
+    public static class MQVwithSHA256KDF
+        extends KeyAgreementSpi
+    {
+        public MQVwithSHA256KDF()
+        {
+            super("ECMQVwithSHA256KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA256()));
+        }
+    }
+
+    public static class MQVwithSHA384KDF
+        extends KeyAgreementSpi
+    {
+        public MQVwithSHA384KDF()
+        {
+            super("ECMQVwithSHA384KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA384()));
+        }
+    }
+
+    public static class MQVwithSHA512KDF
+        extends KeyAgreementSpi
+    {
+        public MQVwithSHA512KDF()
+        {
+            super("ECMQVwithSHA512KDF", new ECMQVBasicAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA512()));
+        }
+    }
+
+    public static class DHUwithSHA1CKDF
+        extends KeyAgreementSpi
+    {
+        public DHUwithSHA1CKDF()
+        {
+            super("ECCDHUwithSHA1CKDF", new ECDHCUnifiedAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA1()));
+        }
+    }
+
+    public static class DHUwithSHA224CKDF
+        extends KeyAgreementSpi
+    {
+        public DHUwithSHA224CKDF()
+        {
+            super("ECCDHUwithSHA224CKDF", new ECDHCUnifiedAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA224()));
+        }
+    }
+
+    public static class DHUwithSHA256CKDF
+        extends KeyAgreementSpi
+    {
+        public DHUwithSHA256CKDF()
+        {
+            super("ECCDHUwithSHA256CKDF", new ECDHCUnifiedAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA256()));
+        }
+    }
+
+    public static class DHUwithSHA384CKDF
+        extends KeyAgreementSpi
+    {
+        public DHUwithSHA384CKDF()
+        {
+            super("ECCDHUwithSHA384CKDF", new ECDHCUnifiedAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA384()));
+        }
+    }
+
+    public static class DHUwithSHA512CKDF
+        extends KeyAgreementSpi
+    {
+        public DHUwithSHA512CKDF()
+        {
+            super("ECCDHUwithSHA512CKDF", new ECDHCUnifiedAgreement(), new ConcatenationKDFGenerator(DigestFactory.createSHA512()));
+        }
+    }
+
+    public static class DHUwithSHA1KDF
+        extends KeyAgreementSpi
+    {
+        public DHUwithSHA1KDF()
+        {
+            super("ECCDHUwithSHA1KDF", new ECDHCUnifiedAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA1()));
+        }
+    }
+
+    public static class DHUwithSHA224KDF
+        extends KeyAgreementSpi
+    {
+        public DHUwithSHA224KDF()
+        {
+            super("ECCDHUwithSHA224KDF", new ECDHCUnifiedAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA224()));
+        }
+    }
+
+    public static class DHUwithSHA256KDF
+        extends KeyAgreementSpi
+    {
+        public DHUwithSHA256KDF()
+        {
+            super("ECCDHUwithSHA256KDF", new ECDHCUnifiedAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA256()));
+        }
+    }
+
+    public static class DHUwithSHA384KDF
+        extends KeyAgreementSpi
+    {
+        public DHUwithSHA384KDF()
+        {
+            super("ECCDHUwithSHA384KDF", new ECDHCUnifiedAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA384()));
+        }
+    }
+
+    public static class DHUwithSHA512KDF
+        extends KeyAgreementSpi
+    {
+        public DHUwithSHA512KDF()
+        {
+            super("ECCDHUwithSHA512KDF", new ECDHCUnifiedAgreement(), new KDF2BytesGenerator(DigestFactory.createSHA512()));
+        }
+    }
+
+    /**
+   	 * KeyAgreement according to BSI TR-03111 chapter 4.3.1
+   	 *
+   	public static class ECKAEGwithSHA1KDF
+   			extends KeyAgreementSpi
+   	{
+   		public ECKAEGwithSHA1KDF()
+   		{
+   			super("ECKAEGwithSHA1KDF", new ECDHBasicAgreement(),
+                   new KDF2BytesGenerator(DigestFactory.createSHA1()));
+   		}
+   	}
+
+    /**
+   	 * KeyAgreement according to BSI TR-03111 chapter 4.3.1
+   	 *
+   	public static class ECKAEGwithRIPEMD160KDF
+   			extends KeyAgreementSpi
+   	{
+   		public ECKAEGwithRIPEMD160KDF()
+   		{
+   			super("ECKAEGwithRIPEMD160KDF", new ECDHBasicAgreement(),
+                   new KDF2BytesGenerator(new RIPEMD160Digest()));
+   		}
+   	}
+
+    /**
+   	 * KeyAgreement according to BSI TR-03111 chapter 4.3.1
+   	 *
+   	public static class ECKAEGwithSHA224KDF
+   			extends KeyAgreementSpi
+   	{
+   		public ECKAEGwithSHA224KDF()
+   		{
+   			super("ECKAEGwithSHA224KDF", new ECDHBasicAgreement(),
+                   new KDF2BytesGenerator(DigestFactory.createSHA224()));
+   		}
+   	}
+
+	/**
+	 * KeyAgreement according to BSI TR-03111 chapter 4.3.1
+	 *
+	public static class ECKAEGwithSHA256KDF
+			extends KeyAgreementSpi
+	{
+		public ECKAEGwithSHA256KDF()
+		{
+			super("ECKAEGwithSHA256KDF", new ECDHBasicAgreement(),
+                new KDF2BytesGenerator(DigestFactory.createSHA256()));
+		}
+	}
+
+	/**
+	 * KeyAgreement according to BSI TR-03111 chapter 4.3.1
+	 *
+	public static class ECKAEGwithSHA384KDF
+			extends KeyAgreementSpi
+	{
+		public ECKAEGwithSHA384KDF()
+		{
+			super("ECKAEGwithSHA384KDF", new ECDHBasicAgreement(),
+                new KDF2BytesGenerator(DigestFactory.createSHA384()));
+		}
+	}
+
+	/**
+	 * KeyAgreement according to BSI TR-03111 chapter 4.3.1
+	 *
+	public static class ECKAEGwithSHA512KDF
+			extends KeyAgreementSpi
+	{
+		public ECKAEGwithSHA512KDF()
+		{
+			super("ECKAEGwithSHA512KDF", new ECDHBasicAgreement(),
+                new KDF2BytesGenerator(DigestFactory.createSHA512()));
+		}
+	}
+  */
+  // END Android-removed: Unsupported algorithms
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java
new file mode 100644
index 0000000..8877a9d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyFactorySpi.java

@@ -0,0 +1,369 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.ec;
+
+import java.io.IOException;
+import java.security.InvalidKeyException;
+import java.security.Key;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.interfaces.ECPrivateKey;
+import java.security.interfaces.ECPublicKey;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.KeySpec;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.params.ECDomainParameters;
+import com.android.org.bouncycastle.crypto.params.ECPublicKeyParameters;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.util.OpenSSHPublicKeyUtil;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
+import com.android.org.bouncycastle.jcajce.provider.config.ProviderConfiguration;
+import com.android.org.bouncycastle.jcajce.provider.util.AsymmetricKeyInfoConverter;
+import com.android.org.bouncycastle.jce.provider.BouncyCastleProvider;
+import com.android.org.bouncycastle.jce.spec.ECParameterSpec;
+import com.android.org.bouncycastle.jce.spec.ECPrivateKeySpec;
+import com.android.org.bouncycastle.jce.spec.ECPublicKeySpec;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jce.spec.OpenSSHPrivateKeySpec;
+// import org.bouncycastle.jce.spec.OpenSSHPublicKeySpec;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class KeyFactorySpi
+    extends BaseKeyFactorySpi
+    implements AsymmetricKeyInfoConverter
+{
+    String algorithm;
+    ProviderConfiguration configuration;
+
+    KeyFactorySpi(
+        String algorithm,
+        ProviderConfiguration configuration)
+    {
+        this.algorithm = algorithm;
+        this.configuration = configuration;
+    }
+
+    protected Key engineTranslateKey(
+        Key key)
+        throws InvalidKeyException
+    {
+        if (key instanceof ECPublicKey)
+        {
+            return new BCECPublicKey((ECPublicKey)key, configuration);
+        }
+        else if (key instanceof ECPrivateKey)
+        {
+            return new BCECPrivateKey((ECPrivateKey)key, configuration);
+        }
+
+        throw new InvalidKeyException("key type unknown");
+    }
+
+    protected KeySpec engineGetKeySpec(
+        Key key,
+        Class spec)
+        throws InvalidKeySpecException
+    {
+        if (spec.isAssignableFrom(java.security.spec.ECPublicKeySpec.class) && key instanceof ECPublicKey)
+        {
+            ECPublicKey k = (ECPublicKey)key;
+            if (k.getParams() != null)
+            {
+                return new java.security.spec.ECPublicKeySpec(k.getW(), k.getParams());
+            }
+            else
+            {
+                ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
+
+                return new java.security.spec.ECPublicKeySpec(k.getW(), EC5Util.convertSpec(EC5Util.convertCurve(implicitSpec.getCurve(), implicitSpec.getSeed()), implicitSpec));
+            }
+        }
+        else if (spec.isAssignableFrom(java.security.spec.ECPrivateKeySpec.class) && key instanceof ECPrivateKey)
+        {
+            ECPrivateKey k = (ECPrivateKey)key;
+
+            if (k.getParams() != null)
+            {
+                return new java.security.spec.ECPrivateKeySpec(k.getS(), k.getParams());
+            }
+            else
+            {
+                ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
+
+                return new java.security.spec.ECPrivateKeySpec(k.getS(), EC5Util.convertSpec(EC5Util.convertCurve(implicitSpec.getCurve(), implicitSpec.getSeed()), implicitSpec));
+            }
+        }
+        else if (spec.isAssignableFrom(com.android.org.bouncycastle.jce.spec.ECPublicKeySpec.class) && key instanceof ECPublicKey)
+        {
+            ECPublicKey k = (ECPublicKey)key;
+            if (k.getParams() != null)
+            {
+                return new com.android.org.bouncycastle.jce.spec.ECPublicKeySpec(EC5Util.convertPoint(k.getParams(), k.getW(), false), EC5Util.convertSpec(k.getParams(), false));
+            }
+            else
+            {
+                ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
+
+                return new com.android.org.bouncycastle.jce.spec.ECPublicKeySpec(EC5Util.convertPoint(k.getParams(), k.getW(), false), implicitSpec);
+            }
+        }
+        else if (spec.isAssignableFrom(com.android.org.bouncycastle.jce.spec.ECPrivateKeySpec.class) && key instanceof ECPrivateKey)
+        {
+            ECPrivateKey k = (ECPrivateKey)key;
+
+            if (k.getParams() != null)
+            {
+                return new com.android.org.bouncycastle.jce.spec.ECPrivateKeySpec(k.getS(), EC5Util.convertSpec(k.getParams(), false));
+            }
+            else
+            {
+                ECParameterSpec implicitSpec = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
+
+                return new com.android.org.bouncycastle.jce.spec.ECPrivateKeySpec(k.getS(), implicitSpec);
+            }
+        }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        else if (spec.isAssignableFrom(OpenSSHPublicKeySpec.class) && key instanceof ECPublicKey)
+        {
+            if (key instanceof BCECPublicKey)
+            {
+                BCECPublicKey bcPk = (BCECPublicKey)key;
+                ECParameterSpec sc = bcPk.getParameters();
+                try
+                {
+                    return new OpenSSHPublicKeySpec(
+                        OpenSSHPublicKeyUtil.encodePublicKey(
+                            new ECPublicKeyParameters(bcPk.getQ(), new ECDomainParameters(sc.getCurve(), sc.getG(), sc.getN(), sc.getH(), sc.getSeed()))));
+                }
+                catch (IOException e)
+                {
+                    throw new IllegalArgumentException("unable to produce encoding: " + e.getMessage());
+                }
+            }
+            else
+            {
+                throw new IllegalArgumentException("invalid key type: " + key.getClass().getName());
+            }
+        }
+        else if (spec.isAssignableFrom(OpenSSHPrivateKeySpec.class) && key instanceof ECPrivateKey)
+        {
+            if (key instanceof BCECPrivateKey)
+            {
+                try
+                {
+                    return new OpenSSHPrivateKeySpec(PrivateKeyInfo.getInstance(key.getEncoded()).parsePrivateKey().toASN1Primitive().getEncoded());
+                }
+                catch (IOException e)
+                {
+                    throw new IllegalArgumentException("cannot encoded key: " + e.getMessage());
+                }
+            }
+            else
+            {
+                throw new IllegalArgumentException("invalid key type: " + key.getClass().getName());
+            }
+
+        }
+        */
+        // END Android-removed: Unsupported algorithms
+
+        return super.engineGetKeySpec(key, spec);
+    }
+
+    protected PrivateKey engineGeneratePrivate(
+        KeySpec keySpec)
+        throws InvalidKeySpecException
+    {
+        if (keySpec instanceof ECPrivateKeySpec)
+        {
+            return new BCECPrivateKey(algorithm, (ECPrivateKeySpec)keySpec, configuration);
+        }
+        else if (keySpec instanceof java.security.spec.ECPrivateKeySpec)
+        {
+            return new BCECPrivateKey(algorithm, (java.security.spec.ECPrivateKeySpec)keySpec, configuration);
+        }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        else if (keySpec instanceof OpenSSHPrivateKeySpec)
+        {
+            org.bouncycastle.asn1.sec.ECPrivateKey ecKey = org.bouncycastle.asn1.sec.ECPrivateKey.getInstance(((OpenSSHPrivateKeySpec)keySpec).getEncoded());
+
+            try
+            {
+                return new BCECPrivateKey(algorithm, new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, ecKey.getParameters()), ecKey), configuration);
+            }
+            catch (IOException e)
+            {
+                throw new InvalidKeySpecException("bad encoding: " + e.getMessage());
+            }
+        }
+        */
+        // END Android-removed: Unsupported algorithms
+
+        return super.engineGeneratePrivate(keySpec);
+    }
+
+    protected PublicKey engineGeneratePublic(
+        KeySpec keySpec)
+        throws InvalidKeySpecException
+    {
+        try
+        {
+            if (keySpec instanceof ECPublicKeySpec)
+            {
+                return new BCECPublicKey(algorithm, (ECPublicKeySpec)keySpec, configuration);
+            }
+            else if (keySpec instanceof java.security.spec.ECPublicKeySpec)
+            {
+                return new BCECPublicKey(algorithm, (java.security.spec.ECPublicKeySpec)keySpec, configuration);
+            }
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            else if (keySpec instanceof OpenSSHPublicKeySpec)
+            {
+                CipherParameters params = OpenSSHPublicKeyUtil.parsePublicKey(((OpenSSHPublicKeySpec)keySpec).getEncoded());
+                if (params instanceof ECPublicKeyParameters)
+                {
+                    ECDomainParameters parameters = ((ECPublicKeyParameters)params).getParameters();
+                    return engineGeneratePublic(
+                        new ECPublicKeySpec(((ECPublicKeyParameters)params).getQ(),
+                            new ECParameterSpec(parameters.getCurve(), parameters.getG(), parameters.getN(), parameters.getH(), parameters.getSeed())
+                        ));
+                }
+                else
+                {
+                    throw new IllegalArgumentException("openssh key is not ec public key");
+                }
+            }
+            */
+            // END Android-removed: Unsupported algorithms
+        }
+        catch (Exception e)
+        {
+            throw new InvalidKeySpecException("invalid KeySpec: " + e.getMessage(), e);
+        }
+
+        return super.engineGeneratePublic(keySpec);
+    }
+
+    public PrivateKey generatePrivate(PrivateKeyInfo keyInfo)
+        throws IOException
+    {
+        ASN1ObjectIdentifier algOid = keyInfo.getPrivateKeyAlgorithm().getAlgorithm();
+
+        if (algOid.equals(X9ObjectIdentifiers.id_ecPublicKey))
+        {
+            return new BCECPrivateKey(algorithm, keyInfo, configuration);
+        }
+        else
+        {
+            throw new IOException("algorithm identifier " + algOid + " in key not recognised");
+        }
+    }
+
+    public PublicKey generatePublic(SubjectPublicKeyInfo keyInfo)
+        throws IOException
+    {
+        ASN1ObjectIdentifier algOid = keyInfo.getAlgorithm().getAlgorithm();
+
+        if (algOid.equals(X9ObjectIdentifiers.id_ecPublicKey))
+        {
+            return new BCECPublicKey(algorithm, keyInfo, configuration);
+        }
+        else
+        {
+            throw new IOException("algorithm identifier " + algOid + " in key not recognised");
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class EC
+        extends KeyFactorySpi
+    {
+        public EC()
+        {
+            super("EC", BouncyCastleProvider.CONFIGURATION);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class ECDSA
+        extends KeyFactorySpi
+    {
+        public ECDSA()
+        {
+            super("ECDSA", BouncyCastleProvider.CONFIGURATION);
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithm
+    /*
+    public static class ECGOST3410
+        extends KeyFactorySpi
+    {
+        public ECGOST3410()
+        {
+            super("ECGOST3410", BouncyCastleProvider.CONFIGURATION);
+        }
+    }
+
+    public static class ECGOST3410_2012
+        extends KeyFactorySpi
+    {
+        public ECGOST3410_2012()
+        {
+            super("ECGOST3410-2012", BouncyCastleProvider.CONFIGURATION);
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithm
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class ECDH
+        extends KeyFactorySpi
+    {
+        public ECDH()
+        {
+            super("ECDH", BouncyCastleProvider.CONFIGURATION);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class ECDHC
+        extends KeyFactorySpi
+    {
+        public ECDHC()
+        {
+            super("ECDHC", BouncyCastleProvider.CONFIGURATION);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class ECMQV
+        extends KeyFactorySpi
+    {
+        public ECMQV()
+        {
+            super("ECMQV", BouncyCastleProvider.CONFIGURATION);
+        }
+    }
+}
\ No newline at end of file

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java
new file mode 100644
index 0000000..ab97303
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/ec/KeyPairGeneratorSpi.java

@@ -0,0 +1,311 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.ec;
+
+import java.math.BigInteger;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidParameterException;
+import java.security.KeyPair;
+import java.security.SecureRandom;
+import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.ECGenParameterSpec;
+import java.util.Hashtable;
+import java.util.Map;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.x9.ECNamedCurveTable;
+import com.android.org.bouncycastle.asn1.x9.X9ECParameters;
+import com.android.org.bouncycastle.crypto.AsymmetricCipherKeyPair;
+import com.android.org.bouncycastle.crypto.CryptoServicesRegistrar;
+import com.android.org.bouncycastle.crypto.generators.ECKeyPairGenerator;
+import com.android.org.bouncycastle.crypto.params.ECDomainParameters;
+import com.android.org.bouncycastle.crypto.params.ECKeyGenerationParameters;
+import com.android.org.bouncycastle.crypto.params.ECPrivateKeyParameters;
+import com.android.org.bouncycastle.crypto.params.ECPublicKeyParameters;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
+import com.android.org.bouncycastle.jcajce.provider.config.ProviderConfiguration;
+import com.android.org.bouncycastle.jce.provider.BouncyCastleProvider;
+import com.android.org.bouncycastle.jce.spec.ECNamedCurveGenParameterSpec;
+import com.android.org.bouncycastle.jce.spec.ECNamedCurveSpec;
+import com.android.org.bouncycastle.jce.spec.ECParameterSpec;
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.ECPoint;
+import com.android.org.bouncycastle.util.Integers;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class KeyPairGeneratorSpi
+    extends java.security.KeyPairGenerator
+{
+    public KeyPairGeneratorSpi(String algorithmName)
+    {
+        super(algorithmName);
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class EC
+        extends KeyPairGeneratorSpi
+    {
+        ECKeyGenerationParameters   param;
+        ECKeyPairGenerator          engine = new ECKeyPairGenerator();
+        Object                      ecParams = null;
+        // Android-changed: Use 256-bit keys by default.
+        // 239-bit keys (the Bouncy Castle default) are less widely-supported than 256-bit ones,
+        // so we've changed the default strength to 256 for increased compatibility
+        int                         strength = 256;
+        SecureRandom                random = CryptoServicesRegistrar.getSecureRandom();
+        boolean                     initialised = false;
+        String                      algorithm;
+        ProviderConfiguration       configuration;
+
+        static private Hashtable    ecParameters;
+
+        static {
+            ecParameters = new Hashtable();
+
+            ecParameters.put(Integers.valueOf(192), new ECGenParameterSpec("prime192v1")); // a.k.a P-192
+            ecParameters.put(Integers.valueOf(239), new ECGenParameterSpec("prime239v1"));
+            ecParameters.put(Integers.valueOf(256), new ECGenParameterSpec("prime256v1")); // a.k.a P-256
+
+            ecParameters.put(Integers.valueOf(224), new ECGenParameterSpec("P-224"));
+            ecParameters.put(Integers.valueOf(384), new ECGenParameterSpec("P-384"));
+            ecParameters.put(Integers.valueOf(521), new ECGenParameterSpec("P-521"));
+        }
+
+        public EC()
+        {
+            super("EC");
+            this.algorithm = "EC";
+            this.configuration = BouncyCastleProvider.CONFIGURATION;
+        }
+
+        public EC(
+            String  algorithm,
+            ProviderConfiguration configuration)
+        {
+            super(algorithm);
+            this.algorithm = algorithm;
+            this.configuration = configuration;
+        }
+
+        public void initialize(
+            int             strength,
+            SecureRandom    random)
+        {
+            this.strength = strength;
+            // BEGIN Android-changed: Don't override this.random with null.
+            // Passing null just means to use a default random, which this.random is already
+            // initialized to, so just use that
+            if (random != null) {
+                this.random = random;
+            }
+            // END Android-changed: Don't override this.random with null.
+
+            ECGenParameterSpec ecParams = (ECGenParameterSpec)ecParameters.get(Integers.valueOf(strength));
+            if (ecParams == null)
+            {
+                throw new InvalidParameterException("unknown key size.");
+            }
+
+            try
+            {
+                initialize(ecParams, random);
+            }
+            catch (InvalidAlgorithmParameterException e)
+            {
+                throw new InvalidParameterException("key size not configurable.");
+            }
+        }
+
+        public void initialize(
+            AlgorithmParameterSpec  params,
+            SecureRandom            random)
+            throws InvalidAlgorithmParameterException
+        {
+            // BEGIN Android-added: Use existing SecureRandom if none is provided.
+            if (random == null) {
+                random = this.random;
+            }
+            // END Android-added: Use existing SecureRandom if none is provided.
+            if (params == null)
+            {
+                ECParameterSpec implicitCA = configuration.getEcImplicitlyCa();
+                if (implicitCA == null)
+                {
+                    throw new InvalidAlgorithmParameterException("null parameter passed but no implicitCA set");
+                }
+
+                this.ecParams = null;
+                this.param = createKeyGenParamsBC(implicitCA, random);
+            }
+            else if (params instanceof ECParameterSpec)
+            {
+                this.ecParams = params;
+                this.param = createKeyGenParamsBC((ECParameterSpec)params, random);
+            }
+            else if (params instanceof java.security.spec.ECParameterSpec)
+            {
+                this.ecParams = params;
+                this.param = createKeyGenParamsJCE((java.security.spec.ECParameterSpec)params, random);
+            }
+            else if (params instanceof ECGenParameterSpec)
+            {
+                initializeNamedCurve(((ECGenParameterSpec)params).getName(), random);
+            }
+            else if (params instanceof ECNamedCurveGenParameterSpec)
+            {
+                initializeNamedCurve(((ECNamedCurveGenParameterSpec)params).getName(), random);
+            }
+            else
+            {
+                throw new InvalidAlgorithmParameterException("parameter object not a ECParameterSpec");
+            }
+
+            engine.init(param);
+            initialised = true;
+        }
+
+        public KeyPair generateKeyPair()
+        {
+            if (!initialised)
+            {
+                initialize(strength, new SecureRandom());
+            }
+
+            AsymmetricCipherKeyPair     pair = engine.generateKeyPair();
+            ECPublicKeyParameters       pub = (ECPublicKeyParameters)pair.getPublic();
+            ECPrivateKeyParameters      priv = (ECPrivateKeyParameters)pair.getPrivate();
+
+            if (ecParams instanceof ECParameterSpec)
+            {
+                ECParameterSpec p = (ECParameterSpec)ecParams;
+
+                BCECPublicKey pubKey = new BCECPublicKey(algorithm, pub, p, configuration);
+                return new KeyPair(pubKey,
+                                   new BCECPrivateKey(algorithm, priv, pubKey, p, configuration));
+            }
+            else if (ecParams == null)
+            {
+               return new KeyPair(new BCECPublicKey(algorithm, pub, configuration),
+                                   new BCECPrivateKey(algorithm, priv, configuration));
+            }
+            else
+            {
+                java.security.spec.ECParameterSpec p = (java.security.spec.ECParameterSpec)ecParams;
+
+                BCECPublicKey pubKey = new BCECPublicKey(algorithm, pub, p, configuration);
+                
+                return new KeyPair(pubKey, new BCECPrivateKey(algorithm, priv, pubKey, p, configuration));
+            }
+        }
+
+        protected ECKeyGenerationParameters createKeyGenParamsBC(ECParameterSpec p, SecureRandom r)
+        {
+            return new ECKeyGenerationParameters(new ECDomainParameters(p.getCurve(), p.getG(), p.getN(), p.getH()), r);
+        }
+
+        protected ECKeyGenerationParameters createKeyGenParamsJCE(java.security.spec.ECParameterSpec p, SecureRandom r)
+        {
+            ECCurve curve = EC5Util.convertCurve(p.getCurve());
+            ECPoint g = EC5Util.convertPoint(curve, p.getGenerator(), false);
+            BigInteger n = p.getOrder();
+            BigInteger h = BigInteger.valueOf(p.getCofactor());
+            ECDomainParameters dp = new ECDomainParameters(curve, g, n, h);
+            return new ECKeyGenerationParameters(dp, r);
+        }
+
+        protected ECNamedCurveSpec createNamedCurveSpec(String curveName)
+            throws InvalidAlgorithmParameterException
+        {
+            // NOTE: Don't bother with custom curves here as the curve will be converted to JCE type shortly
+
+            X9ECParameters p = ECUtils.getDomainParametersFromName(curveName);
+            if (p == null)
+            {
+                try
+                {
+                    // Check whether it's actually an OID string (SunJSSE ServerHandshaker setupEphemeralECDHKeys bug)
+                    p = ECNamedCurveTable.getByOID(new ASN1ObjectIdentifier(curveName));
+                    if (p == null)
+                    {
+                        Map extraCurves = configuration.getAdditionalECParameters();
+
+                        p = (X9ECParameters)extraCurves.get(new ASN1ObjectIdentifier(curveName));
+
+                        if (p == null)
+                        {
+                            throw new InvalidAlgorithmParameterException("unknown curve OID: " + curveName);
+                        }
+                    }
+                }
+                catch (IllegalArgumentException ex)
+                {
+                    throw new InvalidAlgorithmParameterException("unknown curve name: " + curveName);
+                }
+            }
+
+            // Work-around for JDK bug -- it won't look up named curves properly if seed is present
+            byte[] seed = null; //p.getSeed();
+
+            return new ECNamedCurveSpec(curveName, p.getCurve(), p.getG(), p.getN(), p.getH(), seed);
+        }
+
+        protected void initializeNamedCurve(String curveName, SecureRandom random)
+            throws InvalidAlgorithmParameterException
+        {
+            ECNamedCurveSpec namedCurve = createNamedCurveSpec(curveName);
+            this.ecParams = namedCurve;
+            this.param = createKeyGenParamsJCE(namedCurve, random);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class ECDSA
+        extends EC
+    {
+        public ECDSA()
+        {
+            super("ECDSA", BouncyCastleProvider.CONFIGURATION);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class ECDH
+        extends EC
+    {
+        public ECDH()
+        {
+            super("ECDH", BouncyCastleProvider.CONFIGURATION);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class ECDHC
+        extends EC
+    {
+        public ECDHC()
+        {
+            super("ECDHC", BouncyCastleProvider.CONFIGURATION);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class ECMQV
+        extends EC
+    {
+        public ECMQV()
+        {
+            super("ECMQV", BouncyCastleProvider.CONFIGURATION);
+        }
+    }
+}
\ No newline at end of file

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java
new file mode 100644
index 0000000..9d3f46f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/ec/SignatureSpi.java

@@ -0,0 +1,394 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.ec;
+
+import java.security.InvalidKeyException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.DSAExt;
+import com.android.org.bouncycastle.crypto.Digest;
+import com.android.org.bouncycastle.crypto.digests.NullDigest;
+// BEGIN Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.digests.RIPEMD160Digest;
+// END Android-removed: Unsupported algorithms
+import com.android.org.bouncycastle.crypto.params.ParametersWithRandom;
+import com.android.org.bouncycastle.crypto.signers.DSAEncoding;
+import com.android.org.bouncycastle.crypto.signers.ECDSASigner;
+// BEGIN Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.signers.ECNRSigner;
+// import org.bouncycastle.crypto.signers.HMacDSAKCalculator;
+// END Android-removed: Unsupported algorithms
+import com.android.org.bouncycastle.crypto.signers.PlainDSAEncoding;
+import com.android.org.bouncycastle.crypto.signers.StandardDSAEncoding;
+// BEGIN Android-changed: Use Android digests
+// import org.bouncycastle.crypto.util.DigestFactory;
+import com.android.org.bouncycastle.crypto.digests.AndroidDigestFactory;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.DSABase;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SignatureSpi
+    extends DSABase
+{
+    SignatureSpi(Digest digest, DSAExt signer, DSAEncoding encoding)
+    {
+        super(digest, signer, encoding);
+    }
+
+    protected void engineInitVerify(PublicKey publicKey)
+        throws InvalidKeyException
+    {
+        CipherParameters param = ECUtils.generatePublicKeyParameter(publicKey);
+
+        digest.reset();
+        signer.init(false, param);
+    }
+
+    protected void engineInitSign(
+        PrivateKey privateKey)
+        throws InvalidKeyException
+    {
+        CipherParameters param = ECUtil.generatePrivateKeyParameter(privateKey);
+
+        digest.reset();
+
+        if (appRandom != null)
+        {
+            signer.init(true, new ParametersWithRandom(param, appRandom));
+        }
+        else
+        {
+            signer.init(true, param);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class ecDSA
+        extends SignatureSpi
+    {
+        public ecDSA()
+        {
+            // Android-changed: Use Android digests
+            // super(DigestFactory.createSHA1(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
+            super(AndroidDigestFactory.getSHA1(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithm
+    /*
+    static public class ecDetDSA
+        extends SignatureSpi
+    {
+        public ecDetDSA()
+        {
+            super(DigestFactory.createSHA1(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA1())), StandardDSAEncoding.INSTANCE);
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithm
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class ecDSAnone
+        extends SignatureSpi
+    {
+        public ecDSAnone()
+        {
+            super(new NullDigest(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class ecDSA224
+        extends SignatureSpi
+    {
+        public ecDSA224()
+        {
+            // Android-changed: Use Android digests
+            // super(DigestFactory.createSHA224(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
+            super(AndroidDigestFactory.getSHA224(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithm
+    /*
+    static public class ecDetDSA224
+        extends SignatureSpi
+    {
+        public ecDetDSA224()
+        {
+            super(DigestFactory.createSHA224(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA224())), StandardDSAEncoding.INSTANCE);
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithm
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class ecDSA256
+        extends SignatureSpi
+    {
+        public ecDSA256()
+        {
+            // Android-changed: Use Android digests
+            // super(DigestFactory.createSHA256(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
+            super(AndroidDigestFactory.getSHA256(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithm
+    /*
+    static public class ecDetDSA256
+        extends SignatureSpi
+    {
+        public ecDetDSA256()
+        {
+            super(DigestFactory.createSHA256(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA256())), StandardDSAEncoding.INSTANCE);
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithm
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class ecDSA384
+        extends SignatureSpi
+    {
+        public ecDSA384()
+        {
+            // Android-changed: Use Android digests
+            // super(DigestFactory.createSHA384(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
+            super(AndroidDigestFactory.getSHA384(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithm
+    /*
+    static public class ecDetDSA384
+        extends SignatureSpi
+    {
+        public ecDetDSA384()
+        {
+            super(DigestFactory.createSHA384(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA384())), StandardDSAEncoding.INSTANCE);
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class ecDSA512
+        extends SignatureSpi
+    {
+        public ecDSA512()
+        {
+            // Android-changed: Use Android digests
+            // super(DigestFactory.createSHA512(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
+            super(AndroidDigestFactory.getSHA512(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    static public class ecDetDSA512
+        extends SignatureSpi
+    {
+        public ecDetDSA512()
+        {
+            super(DigestFactory.createSHA512(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA512())), StandardDSAEncoding.INSTANCE);
+        }
+    }
+
+    static public class ecDSASha3_224
+        extends SignatureSpi
+    {
+        public ecDSASha3_224()
+        {
+            super(DigestFactory.createSHA3_224(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
+        }
+    }
+
+    static public class ecDetDSASha3_224
+        extends SignatureSpi
+    {
+        public ecDetDSASha3_224()
+        {
+            super(DigestFactory.createSHA3_224(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_224())), StandardDSAEncoding.INSTANCE);
+        }
+    }
+
+    static public class ecDSASha3_256
+        extends SignatureSpi
+    {
+        public ecDSASha3_256()
+        {
+            super(DigestFactory.createSHA3_256(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
+        }
+    }
+
+    static public class ecDetDSASha3_256
+        extends SignatureSpi
+    {
+        public ecDetDSASha3_256()
+        {
+            super(DigestFactory.createSHA3_256(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_256())), StandardDSAEncoding.INSTANCE);
+        }
+    }
+
+    static public class ecDSASha3_384
+        extends SignatureSpi
+    {
+        public ecDSASha3_384()
+        {
+            super(DigestFactory.createSHA3_384(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
+        }
+    }
+
+    static public class ecDetDSASha3_384
+        extends SignatureSpi
+    {
+        public ecDetDSASha3_384()
+        {
+            super(DigestFactory.createSHA3_384(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_384())), StandardDSAEncoding.INSTANCE);
+        }
+    }
+
+    static public class ecDSASha3_512
+        extends SignatureSpi
+    {
+        public ecDSASha3_512()
+        {
+            super(DigestFactory.createSHA3_512(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
+        }
+    }
+
+    static public class ecDetDSASha3_512
+        extends SignatureSpi
+    {
+        public ecDetDSASha3_512()
+        {
+            super(DigestFactory.createSHA3_512(), new ECDSASigner(new HMacDSAKCalculator(DigestFactory.createSHA3_512())), StandardDSAEncoding.INSTANCE);
+        }
+    }
+
+    static public class ecDSARipeMD160
+        extends SignatureSpi
+    {
+        public ecDSARipeMD160()
+        {
+            super(new RIPEMD160Digest(), new ECDSASigner(), StandardDSAEncoding.INSTANCE);
+        }
+    }
+
+    static public class ecNR
+        extends SignatureSpi
+    {
+        public ecNR()
+        {
+            super(DigestFactory.createSHA1(), new ECNRSigner(), StandardDSAEncoding.INSTANCE);
+        }
+    }
+
+    static public class ecNR224
+        extends SignatureSpi
+    {
+        public ecNR224()
+        {
+            super(DigestFactory.createSHA224(), new ECNRSigner(), StandardDSAEncoding.INSTANCE);
+        }
+    }
+
+    static public class ecNR256
+        extends SignatureSpi
+    {
+        public ecNR256()
+        {
+            super(DigestFactory.createSHA256(), new ECNRSigner(), StandardDSAEncoding.INSTANCE);
+        }
+    }
+
+    static public class ecNR384
+        extends SignatureSpi
+    {
+        public ecNR384()
+        {
+            super(DigestFactory.createSHA384(), new ECNRSigner(), StandardDSAEncoding.INSTANCE);
+        }
+    }
+
+    static public class ecNR512
+        extends SignatureSpi
+    {
+        public ecNR512()
+        {
+            super(DigestFactory.createSHA512(), new ECNRSigner(), StandardDSAEncoding.INSTANCE);
+        }
+    }
+
+    static public class ecCVCDSA
+        extends SignatureSpi
+    {
+        public ecCVCDSA()
+        {
+            super(DigestFactory.createSHA1(), new ECDSASigner(), PlainDSAEncoding.INSTANCE);
+        }
+    }
+
+    static public class ecCVCDSA224
+        extends SignatureSpi
+    {
+        public ecCVCDSA224()
+        {
+            super(DigestFactory.createSHA224(), new ECDSASigner(), PlainDSAEncoding.INSTANCE);
+        }
+    }
+
+    static public class ecCVCDSA256
+        extends SignatureSpi
+    {
+        public ecCVCDSA256()
+        {
+            super(DigestFactory.createSHA256(), new ECDSASigner(), PlainDSAEncoding.INSTANCE);
+        }
+    }
+
+    static public class ecCVCDSA384
+        extends SignatureSpi
+    {
+        public ecCVCDSA384()
+        {
+            super(DigestFactory.createSHA384(), new ECDSASigner(), PlainDSAEncoding.INSTANCE);
+        }
+    }
+
+    static public class ecCVCDSA512
+        extends SignatureSpi
+    {
+        public ecCVCDSA512()
+        {
+            super(DigestFactory.createSHA512(), new ECDSASigner(), PlainDSAEncoding.INSTANCE);
+        }
+    }
+
+    static public class ecPlainDSARP160
+        extends SignatureSpi
+    {
+        public ecPlainDSARP160()
+        {
+            super(new RIPEMD160Digest(), new ECDSASigner(), PlainDSAEncoding.INSTANCE);
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/rsa/AlgorithmParametersSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/rsa/AlgorithmParametersSpi.java
new file mode 100644
index 0000000..7dcccc8
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/rsa/AlgorithmParametersSpi.java

@@ -0,0 +1,286 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.rsa;
+
+import java.io.IOException;
+import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.InvalidParameterSpecException;
+import java.security.spec.MGF1ParameterSpec;
+import java.security.spec.PSSParameterSpec;
+
+import javax.crypto.spec.OAEPParameterSpec;
+import javax.crypto.spec.PSource;
+
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.DERNull;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.RSAESOAEPparams;
+import com.android.org.bouncycastle.asn1.pkcs.RSASSAPSSparams;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.jcajce.provider.util.DigestFactory;
+import com.android.org.bouncycastle.jcajce.util.MessageDigestUtils;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class AlgorithmParametersSpi
+    extends java.security.AlgorithmParametersSpi
+{
+    protected boolean isASN1FormatString(String format)
+    {
+        return format == null || format.equals("ASN.1");
+    }
+
+    protected AlgorithmParameterSpec engineGetParameterSpec(
+        Class paramSpec)
+        throws InvalidParameterSpecException
+    {
+        if (paramSpec == null)
+        {
+            throw new NullPointerException("argument to getParameterSpec must not be null");
+        }
+
+        return localEngineGetParameterSpec(paramSpec);
+    }
+
+    protected abstract AlgorithmParameterSpec localEngineGetParameterSpec(Class paramSpec)
+        throws InvalidParameterSpecException;
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class OAEP
+        extends AlgorithmParametersSpi
+    {
+        OAEPParameterSpec currentSpec;
+    
+        /**
+         * Return the PKCS#1 ASN.1 structure RSAES-OAEP-params.
+         */
+        protected byte[] engineGetEncoded() 
+        {
+            AlgorithmIdentifier hashAlgorithm = new AlgorithmIdentifier(
+                                                            DigestFactory.getOID(currentSpec.getDigestAlgorithm()),
+                                                            DERNull.INSTANCE);
+            MGF1ParameterSpec mgfSpec = (MGF1ParameterSpec)currentSpec.getMGFParameters();
+            AlgorithmIdentifier maskGenAlgorithm = new AlgorithmIdentifier(
+                                                            PKCSObjectIdentifiers.id_mgf1,
+                                                            new AlgorithmIdentifier(DigestFactory.getOID(mgfSpec.getDigestAlgorithm()), DERNull.INSTANCE));
+            PSource.PSpecified      pSource = (PSource.PSpecified)currentSpec.getPSource();
+            AlgorithmIdentifier pSourceAlgorithm = new AlgorithmIdentifier(
+                                                            PKCSObjectIdentifiers.id_pSpecified, new DEROctetString(pSource.getValue()));
+            RSAESOAEPparams oaepP = new RSAESOAEPparams(hashAlgorithm, maskGenAlgorithm, pSourceAlgorithm);
+    
+            try
+            {
+                return oaepP.getEncoded(ASN1Encoding.DER);
+            }
+            catch (IOException e)
+            {
+                throw new RuntimeException("Error encoding OAEPParameters");
+            }
+        }
+    
+        protected byte[] engineGetEncoded(
+            String format)
+        {
+            if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509"))
+            {
+                return engineGetEncoded();
+            }
+    
+            return null;
+        }
+    
+        protected AlgorithmParameterSpec localEngineGetParameterSpec(
+            Class paramSpec)
+            throws InvalidParameterSpecException
+        {
+            if (paramSpec == OAEPParameterSpec.class || paramSpec == AlgorithmParameterSpec.class)
+            {
+                return currentSpec;
+            }
+
+            throw new InvalidParameterSpecException("unknown parameter spec passed to OAEP parameters object.");
+        }
+    
+        protected void engineInit(
+            AlgorithmParameterSpec paramSpec)
+            throws InvalidParameterSpecException
+        {
+            if (!(paramSpec instanceof OAEPParameterSpec))
+            {
+                throw new InvalidParameterSpecException("OAEPParameterSpec required to initialise an OAEP algorithm parameters object");
+            }
+    
+            this.currentSpec = (OAEPParameterSpec)paramSpec;
+        }
+    
+        protected void engineInit(
+            byte[] params) 
+            throws IOException
+        {
+            try
+            {
+                RSAESOAEPparams oaepP = RSAESOAEPparams.getInstance(params);
+
+                if (!oaepP.getMaskGenAlgorithm().getAlgorithm().equals(PKCSObjectIdentifiers.id_mgf1))
+                {
+                    throw new IOException("unknown mask generation function: " + oaepP.getMaskGenAlgorithm().getAlgorithm());
+                }
+
+                currentSpec = new OAEPParameterSpec(
+                                       MessageDigestUtils.getDigestName(oaepP.getHashAlgorithm().getAlgorithm()),
+                                       OAEPParameterSpec.DEFAULT.getMGFAlgorithm(),
+                                       new MGF1ParameterSpec(MessageDigestUtils.getDigestName(AlgorithmIdentifier.getInstance(oaepP.getMaskGenAlgorithm().getParameters()).getAlgorithm())),
+                                       new PSource.PSpecified(ASN1OctetString.getInstance(oaepP.getPSourceAlgorithm().getParameters()).getOctets()));
+            }
+            catch (ClassCastException e)
+            {
+                throw new IOException("Not a valid OAEP Parameter encoding.");
+            }
+            catch (ArrayIndexOutOfBoundsException e)
+            {
+                throw new IOException("Not a valid OAEP Parameter encoding.");
+            }
+        }
+
+        protected void engineInit(
+            byte[] params,
+            String format)
+            throws IOException
+        {
+            if (format.equalsIgnoreCase("X.509")
+                    || format.equalsIgnoreCase("ASN.1"))
+            {
+                engineInit(params);
+            }
+            else
+            {
+                throw new IOException("Unknown parameter format " + format);
+            }
+        }
+    
+        protected String engineToString()
+        {
+            return "OAEP Parameters";
+        }
+    }
+    
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PSS
+        extends AlgorithmParametersSpi
+    {  
+        PSSParameterSpec currentSpec;
+    
+        /**
+         * Return the PKCS#1 ASN.1 structure RSASSA-PSS-params.
+         */
+        protected byte[] engineGetEncoded() 
+            throws IOException
+        {
+            PSSParameterSpec pssSpec = currentSpec;
+            AlgorithmIdentifier hashAlgorithm = new AlgorithmIdentifier(
+                                                DigestFactory.getOID(pssSpec.getDigestAlgorithm()),
+                                                DERNull.INSTANCE);
+            MGF1ParameterSpec mgfSpec = (MGF1ParameterSpec)pssSpec.getMGFParameters();
+            AlgorithmIdentifier maskGenAlgorithm = new AlgorithmIdentifier(
+                                                PKCSObjectIdentifiers.id_mgf1,
+                                                new AlgorithmIdentifier(DigestFactory.getOID(mgfSpec.getDigestAlgorithm()), DERNull.INSTANCE));
+            RSASSAPSSparams pssP = new RSASSAPSSparams(hashAlgorithm, maskGenAlgorithm, new ASN1Integer(pssSpec.getSaltLength()), new ASN1Integer(pssSpec.getTrailerField()));
+            
+            return pssP.getEncoded("DER");
+        }
+    
+        protected byte[] engineGetEncoded(
+            String format)
+            throws IOException
+        {
+            if (format.equalsIgnoreCase("X.509")
+                    || format.equalsIgnoreCase("ASN.1"))
+            {
+                return engineGetEncoded();
+            }
+    
+            return null;
+        }
+    
+        protected AlgorithmParameterSpec localEngineGetParameterSpec(
+            Class paramSpec)
+            throws InvalidParameterSpecException
+        {
+            if (paramSpec == PSSParameterSpec.class || paramSpec == AlgorithmParameterSpec.class)
+            {
+                return currentSpec;
+            }
+
+            throw new InvalidParameterSpecException("unknown parameter spec passed to PSS parameters object.");
+        }
+    
+        protected void engineInit(
+            AlgorithmParameterSpec paramSpec)
+            throws InvalidParameterSpecException
+        {
+            if (!(paramSpec instanceof PSSParameterSpec))
+            {
+                throw new InvalidParameterSpecException("PSSParameterSpec required to initialise an PSS algorithm parameters object");
+            }
+    
+            this.currentSpec = (PSSParameterSpec)paramSpec;
+        }
+    
+        protected void engineInit(
+            byte[] params) 
+            throws IOException
+        {
+            try
+            {
+                RSASSAPSSparams pssP = RSASSAPSSparams.getInstance(params);
+
+                if (!pssP.getMaskGenAlgorithm().getAlgorithm().equals(PKCSObjectIdentifiers.id_mgf1))
+                {
+                    throw new IOException("unknown mask generation function: " + pssP.getMaskGenAlgorithm().getAlgorithm());
+                }
+
+                currentSpec = new PSSParameterSpec(
+                                       MessageDigestUtils.getDigestName(pssP.getHashAlgorithm().getAlgorithm()),
+                                       PSSParameterSpec.DEFAULT.getMGFAlgorithm(),
+                                       new MGF1ParameterSpec(MessageDigestUtils.getDigestName(AlgorithmIdentifier.getInstance(pssP.getMaskGenAlgorithm().getParameters()).getAlgorithm())),
+                                       pssP.getSaltLength().intValue(),
+                                       pssP.getTrailerField().intValue());
+            }
+            catch (ClassCastException e)
+            {
+                throw new IOException("Not a valid PSS Parameter encoding.");
+            }
+            catch (ArrayIndexOutOfBoundsException e)
+            {
+                throw new IOException("Not a valid PSS Parameter encoding.");
+            }
+        }
+    
+        protected void engineInit(
+            byte[] params,
+            String format)
+            throws IOException
+        {
+            if (isASN1FormatString(format) || format.equalsIgnoreCase("X.509"))
+            {
+                engineInit(params);
+            }
+            else
+            {
+                throw new IOException("Unknown parameter format " + format);
+            }
+        }
+    
+        protected String engineToString()
+        {
+            return "PSS Parameters";
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPrivateCrtKey.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPrivateCrtKey.java
new file mode 100644
index 0000000..01043bd
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPrivateCrtKey.java

@@ -0,0 +1,243 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.rsa;
+
+import java.io.IOException;
+import java.math.BigInteger;
+import java.security.interfaces.RSAPrivateCrtKey;
+import java.security.spec.RSAPrivateCrtKeySpec;
+
+import com.android.org.bouncycastle.asn1.DERNull;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import com.android.org.bouncycastle.asn1.pkcs.RSAPrivateKey;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * A provider representation for a RSA private key, with CRT factors included.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BCRSAPrivateCrtKey
+    extends BCRSAPrivateKey
+    implements RSAPrivateCrtKey
+{
+    static final long serialVersionUID = 7834723820638524718L;
+    
+    private BigInteger  publicExponent;
+    private BigInteger  primeP;
+    private BigInteger  primeQ;
+    private BigInteger  primeExponentP;
+    private BigInteger  primeExponentQ;
+    private BigInteger  crtCoefficient;
+
+    /**
+     * construct a private key from it's org.bouncycastle.crypto equivalent.
+     *
+     * @param key the parameters object representing the private key.
+     */
+    BCRSAPrivateCrtKey(
+        RSAPrivateCrtKeyParameters key)
+    {
+        super(key);
+
+        this.publicExponent = key.getPublicExponent();
+        this.primeP = key.getP();
+        this.primeQ = key.getQ();
+        this.primeExponentP = key.getDP();
+        this.primeExponentQ = key.getDQ();
+        this.crtCoefficient = key.getQInv();
+    }
+
+    /**
+     * construct a private key from an RSAPrivateCrtKeySpec
+     *
+     * @param spec the spec to be used in construction.
+     */
+    BCRSAPrivateCrtKey(
+        RSAPrivateCrtKeySpec spec)
+    {
+        this.modulus = spec.getModulus();
+        this.publicExponent = spec.getPublicExponent();
+        this.privateExponent = spec.getPrivateExponent();
+        this.primeP = spec.getPrimeP();
+        this.primeQ = spec.getPrimeQ();
+        this.primeExponentP = spec.getPrimeExponentP();
+        this.primeExponentQ = spec.getPrimeExponentQ();
+        this.crtCoefficient = spec.getCrtCoefficient();
+    }
+
+    /**
+     * construct a private key from another RSAPrivateCrtKey.
+     *
+     * @param key the object implementing the RSAPrivateCrtKey interface.
+     */
+    BCRSAPrivateCrtKey(
+        RSAPrivateCrtKey key)
+    {
+        this.modulus = key.getModulus();
+        this.publicExponent = key.getPublicExponent();
+        this.privateExponent = key.getPrivateExponent();
+        this.primeP = key.getPrimeP();
+        this.primeQ = key.getPrimeQ();
+        this.primeExponentP = key.getPrimeExponentP();
+        this.primeExponentQ = key.getPrimeExponentQ();
+        this.crtCoefficient = key.getCrtCoefficient();
+    }
+
+    /**
+     * construct an RSA key from a private key info object.
+     */
+    BCRSAPrivateCrtKey(
+        PrivateKeyInfo info)
+        throws IOException
+    {
+        this(RSAPrivateKey.getInstance(info.parsePrivateKey()));
+    }
+
+    /**
+     * construct an RSA key from a ASN.1 RSA private key object.
+     */
+    BCRSAPrivateCrtKey(
+        RSAPrivateKey key)
+    {
+        this.modulus = key.getModulus();
+        this.publicExponent = key.getPublicExponent();
+        this.privateExponent = key.getPrivateExponent();
+        this.primeP = key.getPrime1();
+        this.primeQ = key.getPrime2();
+        this.primeExponentP = key.getExponent1();
+        this.primeExponentQ = key.getExponent2();
+        this.crtCoefficient = key.getCoefficient();
+    }
+
+    /**
+     * return the encoding format we produce in getEncoded().
+     *
+     * @return the encoding format we produce in getEncoded().
+     */
+    public String getFormat()
+    {
+        return "PKCS#8";
+    }
+
+    /**
+     * Return a PKCS8 representation of the key. The sequence returned
+     * represents a full PrivateKeyInfo object.
+     *
+     * @return a PKCS8 representation of the key.
+     */
+    public byte[] getEncoded()
+    {
+        return KeyUtil.getEncodedPrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new RSAPrivateKey(getModulus(), getPublicExponent(), getPrivateExponent(), getPrimeP(), getPrimeQ(), getPrimeExponentP(), getPrimeExponentQ(), getCrtCoefficient()));
+    }
+
+    /**
+     * return the public exponent.
+     *
+     * @return the public exponent.
+     */
+    public BigInteger getPublicExponent()
+    {
+        return publicExponent;
+    }
+
+    /**
+     * return the prime P.
+     *
+     * @return the prime P.
+     */
+    public BigInteger getPrimeP()
+    {
+        return primeP;
+    }
+
+    /**
+     * return the prime Q.
+     *
+     * @return the prime Q.
+     */
+    public BigInteger getPrimeQ()
+    {
+        return primeQ;
+    }
+
+    /**
+     * return the prime exponent for P.
+     *
+     * @return the prime exponent for P.
+     */
+    public BigInteger getPrimeExponentP()
+    {
+        return primeExponentP;
+    }
+
+    /**
+     * return the prime exponent for Q.
+     *
+     * @return the prime exponent for Q.
+     */
+    public BigInteger getPrimeExponentQ()
+    {
+        return primeExponentQ;
+    }
+
+    /**
+     * return the CRT coefficient.
+     *
+     * @return the CRT coefficient.
+     */
+    public BigInteger getCrtCoefficient()
+    {
+        return crtCoefficient;
+    }
+
+    public int hashCode()
+    {
+        return this.getModulus().hashCode()
+               ^ this.getPublicExponent().hashCode()
+               ^ this.getPrivateExponent().hashCode();
+    }
+
+    public boolean equals(Object o)
+    {
+        if (o == this)
+        {
+            return true;
+        }
+
+        if (!(o instanceof RSAPrivateCrtKey))
+        {
+            return false;
+        }
+
+        RSAPrivateCrtKey key = (RSAPrivateCrtKey)o;
+
+        return this.getModulus().equals(key.getModulus())
+         && this.getPublicExponent().equals(key.getPublicExponent())
+         && this.getPrivateExponent().equals(key.getPrivateExponent())
+         && this.getPrimeP().equals(key.getPrimeP())
+         && this.getPrimeQ().equals(key.getPrimeQ())
+         && this.getPrimeExponentP().equals(key.getPrimeExponentP())
+         && this.getPrimeExponentQ().equals(key.getPrimeExponentQ())
+         && this.getCrtCoefficient().equals(key.getCrtCoefficient());
+    }
+
+    public String toString()
+    {
+        StringBuffer    buf = new StringBuffer();
+        String          nl = Strings.lineSeparator();
+
+        buf.append("RSA Private CRT Key [").append(
+                    RSAUtil.generateKeyFingerprint(this.getModulus())).append("]")
+            .append(",[")
+            .append(RSAUtil.generateExponentFingerprint(this.getPublicExponent()))
+            .append("]")
+            .append(nl);
+        buf.append("             modulus: ").append(this.getModulus().toString(16)).append(nl);
+        buf.append("     public exponent: ").append(this.getPublicExponent().toString(16)).append(nl);
+        
+        return buf.toString();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPrivateKey.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPrivateKey.java
new file mode 100644
index 0000000..79cc2fb
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPrivateKey.java

@@ -0,0 +1,162 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.rsa;
+
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.math.BigInteger;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.spec.RSAPrivateKeySpec;
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.DERNull;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.crypto.params.RSAKeyParameters;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl;
+import com.android.org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BCRSAPrivateKey
+    implements RSAPrivateKey, PKCS12BagAttributeCarrier
+{
+    static final long serialVersionUID = 5110188922551353628L;
+
+    private static BigInteger ZERO = BigInteger.valueOf(0);
+
+    protected BigInteger modulus;
+    protected BigInteger privateExponent;
+
+    private transient PKCS12BagAttributeCarrierImpl   attrCarrier = new PKCS12BagAttributeCarrierImpl();
+
+    protected BCRSAPrivateKey()
+    {
+    }
+
+    BCRSAPrivateKey(
+        RSAKeyParameters key)
+    {
+        this.modulus = key.getModulus();
+        this.privateExponent = key.getExponent();
+    }
+
+    BCRSAPrivateKey(
+        RSAPrivateKeySpec spec)
+    {
+        this.modulus = spec.getModulus();
+        this.privateExponent = spec.getPrivateExponent();
+    }
+
+    BCRSAPrivateKey(
+        RSAPrivateKey key)
+    {
+        this.modulus = key.getModulus();
+        this.privateExponent = key.getPrivateExponent();
+    }
+
+    BCRSAPrivateKey(com.android.org.bouncycastle.asn1.pkcs.RSAPrivateKey key)
+    {
+        this.modulus = key.getModulus();
+        this.privateExponent = key.getPrivateExponent();
+    }
+
+    public BigInteger getModulus()
+    {
+        return modulus;
+    }
+
+    public BigInteger getPrivateExponent()
+    {
+        return privateExponent;
+    }
+
+    public String getAlgorithm()
+    {
+        return "RSA";
+    }
+
+    public String getFormat()
+    {
+        return "PKCS#8";
+    }
+
+    public byte[] getEncoded()
+    {
+        return KeyUtil.getEncodedPrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE), new com.android.org.bouncycastle.asn1.pkcs.RSAPrivateKey(getModulus(), ZERO, getPrivateExponent(), ZERO, ZERO, ZERO, ZERO, ZERO));
+    }
+
+    public boolean equals(Object o)
+    {
+        if (!(o instanceof RSAPrivateKey))
+        {
+            return false;
+        }
+
+        if (o == this)
+        {
+            return true;
+        }
+
+        RSAPrivateKey key = (RSAPrivateKey)o;
+
+        return getModulus().equals(key.getModulus())
+            && getPrivateExponent().equals(key.getPrivateExponent());
+    }
+
+    public int hashCode()
+    {
+        return getModulus().hashCode() ^ getPrivateExponent().hashCode();
+    }
+
+    public void setBagAttribute(
+        ASN1ObjectIdentifier oid,
+        ASN1Encodable attribute)
+    {
+        attrCarrier.setBagAttribute(oid, attribute);
+    }
+
+    public ASN1Encodable getBagAttribute(
+        ASN1ObjectIdentifier oid)
+    {
+        return attrCarrier.getBagAttribute(oid);
+    }
+
+    public Enumeration getBagAttributeKeys()
+    {
+        return attrCarrier.getBagAttributeKeys();
+    }
+
+    private void readObject(
+        ObjectInputStream   in)
+        throws IOException, ClassNotFoundException
+    {
+        in.defaultReadObject();
+
+        this.attrCarrier = new PKCS12BagAttributeCarrierImpl();
+    }
+
+    private void writeObject(
+        ObjectOutputStream  out)
+        throws IOException
+    {
+        out.defaultWriteObject();
+    }
+
+    public String toString()
+    {
+        StringBuffer    buf = new StringBuffer();
+        String          nl = Strings.lineSeparator();
+
+        buf.append("RSA Private Key [").append(
+                    RSAUtil.generateKeyFingerprint(this.getModulus())).append("],[]").append(nl);
+        buf.append("            modulus: ").append(this.getModulus().toString(16)).append(nl);
+
+        return buf.toString();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPublicKey.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPublicKey.java
new file mode 100644
index 0000000..2d502a1
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/rsa/BCRSAPublicKey.java

@@ -0,0 +1,180 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.rsa;
+
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.math.BigInteger;
+import java.security.interfaces.RSAPublicKey;
+import java.security.spec.RSAPublicKeySpec;
+
+import com.android.org.bouncycastle.asn1.DERNull;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import com.android.org.bouncycastle.crypto.params.RSAKeyParameters;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BCRSAPublicKey
+    implements RSAPublicKey
+{
+    private static final AlgorithmIdentifier DEFAULT_ALGORITHM_IDENTIFIER = new AlgorithmIdentifier(PKCSObjectIdentifiers.rsaEncryption, DERNull.INSTANCE);
+
+    static final long serialVersionUID = 2675817738516720772L;
+
+    private BigInteger modulus;
+    private BigInteger publicExponent;
+    private transient AlgorithmIdentifier algorithmIdentifier;
+
+    BCRSAPublicKey(
+        RSAKeyParameters key)
+    {
+        this.algorithmIdentifier = DEFAULT_ALGORITHM_IDENTIFIER;
+        this.modulus = key.getModulus();
+        this.publicExponent = key.getExponent();
+    }
+
+    BCRSAPublicKey(
+        RSAPublicKeySpec spec)
+    {
+        this.algorithmIdentifier = DEFAULT_ALGORITHM_IDENTIFIER;
+        this.modulus = spec.getModulus();
+        this.publicExponent = spec.getPublicExponent();
+    }
+
+    BCRSAPublicKey(
+        RSAPublicKey key)
+    {
+        this.algorithmIdentifier = DEFAULT_ALGORITHM_IDENTIFIER;
+        this.modulus = key.getModulus();
+        this.publicExponent = key.getPublicExponent();
+    }
+
+    BCRSAPublicKey(
+        SubjectPublicKeyInfo info)
+    {
+        populateFromPublicKeyInfo(info);
+    }
+
+    private void populateFromPublicKeyInfo(SubjectPublicKeyInfo info)
+    {
+        try
+        {
+            com.android.org.bouncycastle.asn1.pkcs.RSAPublicKey  pubKey = com.android.org.bouncycastle.asn1.pkcs.RSAPublicKey.getInstance(info.parsePublicKey());
+
+            this.algorithmIdentifier = info.getAlgorithm();
+            this.modulus = pubKey.getModulus();
+            this.publicExponent = pubKey.getPublicExponent();
+        }
+        catch (IOException e)
+        {
+            throw new IllegalArgumentException("invalid info structure in RSA public key");
+        }
+    }
+
+    /**
+     * return the modulus.
+     *
+     * @return the modulus.
+     */
+    public BigInteger getModulus()
+    {
+        return modulus;
+    }
+
+    /**
+     * return the public exponent.
+     *
+     * @return the public exponent.
+     */
+    public BigInteger getPublicExponent()
+    {
+        return publicExponent;
+    }
+
+    public String getAlgorithm()
+    {
+        return "RSA";
+    }
+
+    public String getFormat()
+    {
+        return "X.509";
+    }
+
+    public byte[] getEncoded()
+    {
+        return KeyUtil.getEncodedSubjectPublicKeyInfo(algorithmIdentifier, new com.android.org.bouncycastle.asn1.pkcs.RSAPublicKey(getModulus(), getPublicExponent()));
+    }
+
+    public int hashCode()
+    {
+        return this.getModulus().hashCode() ^ this.getPublicExponent().hashCode();
+    }
+
+    public boolean equals(Object o)
+    {
+        if (o == this)
+        {
+            return true;
+        }
+
+        if (!(o instanceof RSAPublicKey))
+        {
+            return false;
+        }
+
+        RSAPublicKey key = (RSAPublicKey)o;
+
+        return getModulus().equals(key.getModulus())
+            && getPublicExponent().equals(key.getPublicExponent());
+    }
+
+    public String toString()
+    {
+        StringBuffer    buf = new StringBuffer();
+        String          nl = Strings.lineSeparator();
+
+        buf.append("RSA Public Key [").append(RSAUtil.generateKeyFingerprint(this.getModulus())).append("]")
+            .append(",[")
+            .append(RSAUtil.generateExponentFingerprint(this.getPublicExponent()))
+            .append("]")
+            .append(nl);
+        buf.append("        modulus: ").append(this.getModulus().toString(16)).append(nl);
+        buf.append("public exponent: ").append(this.getPublicExponent().toString(16)).append(nl);
+        
+        return buf.toString();
+    }
+
+    private void readObject(
+        ObjectInputStream in)
+        throws IOException, ClassNotFoundException
+    {
+        in.defaultReadObject();
+
+        try
+        {
+            algorithmIdentifier = AlgorithmIdentifier.getInstance(in.readObject());
+        }
+        catch (Exception e)
+        {
+            algorithmIdentifier = DEFAULT_ALGORITHM_IDENTIFIER;
+        }
+    }
+
+    private void writeObject(
+        ObjectOutputStream out)
+        throws IOException
+    {
+        out.defaultWriteObject();
+
+        if (!algorithmIdentifier.equals(DEFAULT_ALGORITHM_IDENTIFIER))
+        {
+            out.writeObject(algorithmIdentifier.getEncoded());
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java
new file mode 100644
index 0000000..60f9296
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/rsa/CipherSpi.java

@@ -0,0 +1,627 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.rsa;
+
+import java.security.AlgorithmParameters;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.InvalidParameterException;
+import java.security.Key;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.interfaces.RSAPublicKey;
+import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.InvalidParameterSpecException;
+import java.security.spec.MGF1ParameterSpec;
+
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.ShortBufferException;
+import javax.crypto.spec.OAEPParameterSpec;
+import javax.crypto.spec.PSource;
+
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.AsymmetricBlockCipher;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.CryptoServicesRegistrar;
+import com.android.org.bouncycastle.crypto.Digest;
+import com.android.org.bouncycastle.crypto.InvalidCipherTextException;
+// Android-removed: Unsupported algorithm
+// import org.bouncycastle.crypto.encodings.ISO9796d1Encoding;
+import com.android.org.bouncycastle.crypto.encodings.OAEPEncoding;
+import com.android.org.bouncycastle.crypto.encodings.PKCS1Encoding;
+import com.android.org.bouncycastle.crypto.engines.RSABlindedEngine;
+import com.android.org.bouncycastle.crypto.params.ParametersWithRandom;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.BaseCipherSpi;
+import com.android.org.bouncycastle.jcajce.provider.util.BadBlockException;
+import com.android.org.bouncycastle.jcajce.provider.util.DigestFactory;
+// Android-changed: Use default provider for JCA algorithms instead of BC
+// Was: import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+import com.android.org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
+import com.android.org.bouncycastle.jcajce.util.JcaJceHelper;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class CipherSpi
+    extends BaseCipherSpi
+{
+    // Android-changed: Use default provider for JCA algorithms instead of BC
+    // Was: private final JcaJceHelper helper = new BCJcaJceHelper();
+    private final JcaJceHelper helper = new DefaultJcaJceHelper();
+
+    private AsymmetricBlockCipher   cipher;
+    private AlgorithmParameterSpec  paramSpec;
+    private AlgorithmParameters     engineParams;
+    private boolean                 publicKeyOnly = false;
+    private boolean                 privateKeyOnly = false;
+    private ErasableOutputStream    bOut = new ErasableOutputStream();
+
+    public CipherSpi(
+        AsymmetricBlockCipher engine)
+    {
+        cipher = engine;
+    }
+
+    public CipherSpi(
+        OAEPParameterSpec pSpec)
+    {
+        try
+        {
+            initFromSpec(pSpec);
+        }
+        catch (NoSuchPaddingException e)
+        {
+            throw new IllegalArgumentException(e.getMessage());
+        }
+    }
+
+    public CipherSpi(
+        boolean publicKeyOnly,
+        boolean privateKeyOnly,
+        AsymmetricBlockCipher engine)
+    {
+        this.publicKeyOnly = publicKeyOnly;
+        this.privateKeyOnly = privateKeyOnly;
+        cipher = engine;
+    }
+     
+    private void initFromSpec(
+        OAEPParameterSpec pSpec)
+        throws NoSuchPaddingException
+    {
+        MGF1ParameterSpec mgfParams = (MGF1ParameterSpec)pSpec.getMGFParameters();
+        Digest digest = DigestFactory.getDigest(mgfParams.getDigestAlgorithm());
+        
+        if (digest == null)
+        {
+            throw new NoSuchPaddingException("no match on OAEP constructor for digest algorithm: "+ mgfParams.getDigestAlgorithm());
+        }
+
+        cipher = new OAEPEncoding(new RSABlindedEngine(), digest, ((PSource.PSpecified)pSpec.getPSource()).getValue());
+        paramSpec = pSpec;
+    }
+    
+    protected int engineGetBlockSize() 
+    {
+        try
+        {
+            return cipher.getInputBlockSize();
+        }
+        catch (NullPointerException e)
+        {
+            throw new IllegalStateException("RSA Cipher not initialised");
+        }
+    }
+
+    protected int engineGetKeySize(
+        Key key)
+    {
+        if (key instanceof RSAPrivateKey)
+        {
+            RSAPrivateKey k = (RSAPrivateKey)key;
+
+            return k.getModulus().bitLength();
+        }
+        else if (key instanceof RSAPublicKey)
+        {
+            RSAPublicKey k = (RSAPublicKey)key;
+
+            return k.getModulus().bitLength();
+        }
+
+        throw new IllegalArgumentException("not an RSA key!");
+    }
+
+    protected int engineGetOutputSize(
+        int     inputLen) 
+    {
+        try
+        {
+            return cipher.getOutputBlockSize();
+        }
+        catch (NullPointerException e)
+        {
+            throw new IllegalStateException("RSA Cipher not initialised");
+        }
+    }
+
+    protected AlgorithmParameters engineGetParameters()
+    {
+        if (engineParams == null)
+        {
+            if (paramSpec != null)
+            {
+                try
+                {
+                    engineParams = helper.createAlgorithmParameters("OAEP");
+                    engineParams.init(paramSpec);
+                }
+                catch (Exception e)
+                {
+                    throw new RuntimeException(e.toString());
+                }
+            }
+        }
+
+        return engineParams;
+    }
+
+    protected void engineSetMode(
+        String mode)
+        throws NoSuchAlgorithmException
+    {
+        String md = Strings.toUpperCase(mode);
+        
+        if (md.equals("NONE") || md.equals("ECB"))
+        {
+            return;
+        }
+        
+        if (md.equals("1"))
+        {
+            privateKeyOnly = true;
+            publicKeyOnly = false;
+            return;
+        }
+        else if (md.equals("2"))
+        {
+            privateKeyOnly = false;
+            publicKeyOnly = true;
+            return;
+        }
+        
+        throw new NoSuchAlgorithmException("can't support mode " + mode);
+    }
+
+    protected void engineSetPadding(
+        String padding)
+        throws NoSuchPaddingException
+    {
+        String pad = Strings.toUpperCase(padding);
+
+        if (pad.equals("NOPADDING"))
+        {
+            cipher = new RSABlindedEngine();
+        }
+        else if (pad.equals("PKCS1PADDING"))
+        {
+            cipher = new PKCS1Encoding(new RSABlindedEngine());
+        }
+        // BEGIN Android-removed: Unsupported algorithm
+        // else if (pad.equals("ISO9796-1PADDING"))
+        // {
+        //     cipher = new ISO9796d1Encoding(new RSABlindedEngine());
+        // }
+        // END Android-removed: Unsupported algorithm
+        else if (pad.equals("OAEPWITHMD5ANDMGF1PADDING"))
+        {
+            initFromSpec(new OAEPParameterSpec("MD5", "MGF1", new MGF1ParameterSpec("MD5"), PSource.PSpecified.DEFAULT));
+        }
+        else if (pad.equals("OAEPPADDING"))
+        {
+            initFromSpec(OAEPParameterSpec.DEFAULT);
+        }
+        else if (pad.equals("OAEPWITHSHA1ANDMGF1PADDING") || pad.equals("OAEPWITHSHA-1ANDMGF1PADDING"))
+        {
+            initFromSpec(OAEPParameterSpec.DEFAULT);
+        }
+        else if (pad.equals("OAEPWITHSHA224ANDMGF1PADDING") || pad.equals("OAEPWITHSHA-224ANDMGF1PADDING"))
+        {
+            initFromSpec(new OAEPParameterSpec("SHA-224", "MGF1", new MGF1ParameterSpec("SHA-224"), PSource.PSpecified.DEFAULT));
+        }
+        else if (pad.equals("OAEPWITHSHA256ANDMGF1PADDING") || pad.equals("OAEPWITHSHA-256ANDMGF1PADDING"))
+        {
+            initFromSpec(new OAEPParameterSpec("SHA-256", "MGF1", MGF1ParameterSpec.SHA256, PSource.PSpecified.DEFAULT));
+        }
+        else if (pad.equals("OAEPWITHSHA384ANDMGF1PADDING") || pad.equals("OAEPWITHSHA-384ANDMGF1PADDING"))
+        {
+            initFromSpec(new OAEPParameterSpec("SHA-384", "MGF1", MGF1ParameterSpec.SHA384, PSource.PSpecified.DEFAULT));
+        }
+        else if (pad.equals("OAEPWITHSHA512ANDMGF1PADDING") || pad.equals("OAEPWITHSHA-512ANDMGF1PADDING"))
+        {
+            initFromSpec(new OAEPParameterSpec("SHA-512", "MGF1", MGF1ParameterSpec.SHA512, PSource.PSpecified.DEFAULT));
+        }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        else if (pad.equals("OAEPWITHSHA3-224ANDMGF1PADDING"))
+        {
+            initFromSpec(new OAEPParameterSpec("SHA3-224", "MGF1", new MGF1ParameterSpec("SHA3-224"), PSource.PSpecified.DEFAULT));
+        }
+        else if (pad.equals("OAEPWITHSHA3-256ANDMGF1PADDING"))
+        {
+            initFromSpec(new OAEPParameterSpec("SHA3-256", "MGF1", new MGF1ParameterSpec("SHA3-256"), PSource.PSpecified.DEFAULT));
+        }
+        else if (pad.equals("OAEPWITHSHA3-384ANDMGF1PADDING"))
+        {
+            initFromSpec(new OAEPParameterSpec("SHA3-384", "MGF1", new MGF1ParameterSpec("SHA3-384"), PSource.PSpecified.DEFAULT));
+        }
+        else if (pad.equals("OAEPWITHSHA3-512ANDMGF1PADDING"))
+        {
+            initFromSpec(new OAEPParameterSpec("SHA3-512", "MGF1", new MGF1ParameterSpec("SHA3-512"), PSource.PSpecified.DEFAULT));
+        }
+        */
+        // END Android-removed: Unsupported algorithms
+        else
+        {
+            throw new NoSuchPaddingException(padding + " unavailable with RSA.");
+        }
+    }
+
+    protected void engineInit(
+        int                     opmode,
+        Key key,
+        AlgorithmParameterSpec params,
+        SecureRandom random)
+    throws InvalidKeyException, InvalidAlgorithmParameterException
+    {
+        CipherParameters param;
+
+        if (params == null || params instanceof OAEPParameterSpec)
+        {
+            if (key instanceof RSAPublicKey)
+            {
+                if (privateKeyOnly && opmode == Cipher.ENCRYPT_MODE)
+                {
+                    throw new InvalidKeyException(
+                                "mode 1 requires RSAPrivateKey");
+                }
+
+                param = RSAUtil.generatePublicKeyParameter((RSAPublicKey)key);
+            }
+            else if (key instanceof RSAPrivateKey)
+            {
+                if (publicKeyOnly && opmode == Cipher.ENCRYPT_MODE)
+                {
+                    throw new InvalidKeyException(
+                                "mode 2 requires RSAPublicKey");
+                }
+
+                param = RSAUtil.generatePrivateKeyParameter((RSAPrivateKey)key);
+            }
+            else
+            {
+                throw new InvalidKeyException("unknown key type passed to RSA");
+            }
+            
+            if (params != null)
+            {
+                OAEPParameterSpec spec = (OAEPParameterSpec)params;
+                
+                paramSpec = params;
+                
+                if (!spec.getMGFAlgorithm().equalsIgnoreCase("MGF1") && !spec.getMGFAlgorithm().equals(PKCSObjectIdentifiers.id_mgf1.getId()))
+                {
+                    throw new InvalidAlgorithmParameterException("unknown mask generation function specified");
+                }
+                
+                if (!(spec.getMGFParameters() instanceof MGF1ParameterSpec))
+                {
+                    throw new InvalidAlgorithmParameterException("unkown MGF parameters");
+                }
+    
+                Digest digest = DigestFactory.getDigest(spec.getDigestAlgorithm());
+
+                if (digest == null)
+                {
+                    throw new InvalidAlgorithmParameterException("no match on digest algorithm: "+ spec.getDigestAlgorithm());
+                }
+
+                MGF1ParameterSpec mgfParams = (MGF1ParameterSpec)spec.getMGFParameters();
+                Digest mgfDigest = DigestFactory.getDigest(mgfParams.getDigestAlgorithm());
+                
+                if (mgfDigest == null)
+                {
+                    throw new InvalidAlgorithmParameterException("no match on MGF digest algorithm: "+ mgfParams.getDigestAlgorithm());
+                }
+
+                cipher = new OAEPEncoding(new RSABlindedEngine(), digest, mgfDigest, ((PSource.PSpecified)spec.getPSource()).getValue());
+            }
+        }
+        else
+        {
+            throw new InvalidAlgorithmParameterException("unknown parameter type: " + params.getClass().getName());
+        }
+
+        if (!(cipher instanceof RSABlindedEngine))
+        {
+            if (random != null)
+            {
+                param = new ParametersWithRandom(param, random);
+            }
+            else
+            {
+                param = new ParametersWithRandom(param, CryptoServicesRegistrar.getSecureRandom());
+            }
+        }
+
+        bOut.reset();
+
+        switch (opmode)
+        {
+        case Cipher.ENCRYPT_MODE:
+        case Cipher.WRAP_MODE:
+            cipher.init(true, param);
+            break;
+        case Cipher.DECRYPT_MODE:
+        case Cipher.UNWRAP_MODE:
+            cipher.init(false, param);
+            break;
+        default:
+            throw new InvalidParameterException("unknown opmode " + opmode + " passed to RSA");
+        }
+    }
+
+    protected void engineInit(
+        int                 opmode,
+        Key key,
+        AlgorithmParameters params,
+        SecureRandom random)
+    throws InvalidKeyException, InvalidAlgorithmParameterException
+    {
+        AlgorithmParameterSpec paramSpec = null;
+
+        if (params != null)
+        {
+            try
+            {
+                paramSpec = params.getParameterSpec(OAEPParameterSpec.class);
+            }
+            catch (InvalidParameterSpecException e)
+            {
+                throw new InvalidAlgorithmParameterException("cannot recognise parameters: " + e.toString(), e);
+            }
+        }
+
+        engineParams = params;
+        engineInit(opmode, key, paramSpec, random);
+    }
+
+    protected void engineInit(
+        int                 opmode,
+        Key key,
+        SecureRandom random)
+    throws InvalidKeyException
+    {
+        try
+        {
+            engineInit(opmode, key, (AlgorithmParameterSpec)null, random);
+        }
+        catch (InvalidAlgorithmParameterException e)
+        {
+            // this shouldn't happen
+            throw new InvalidKeyException("Eeeek! " + e.toString(), e);
+        }
+    }
+
+    protected byte[] engineUpdate(
+        byte[]  input,
+        int     inputOffset,
+        int     inputLen) 
+    {
+        bOut.write(input, inputOffset, inputLen);
+
+        if (cipher instanceof RSABlindedEngine)
+        {
+            if (bOut.size() > cipher.getInputBlockSize() + 1)
+            {
+                throw new ArrayIndexOutOfBoundsException("too much data for RSA block");
+            }
+        }
+        else
+        {
+            if (bOut.size() > cipher.getInputBlockSize())
+            {
+                throw new ArrayIndexOutOfBoundsException("too much data for RSA block");
+            }
+        }
+
+        return null;
+    }
+
+    protected int engineUpdate(
+        byte[]  input,
+        int     inputOffset,
+        int     inputLen,
+        byte[]  output,
+        int     outputOffset) 
+    {
+        bOut.write(input, inputOffset, inputLen);
+
+        if (cipher instanceof RSABlindedEngine)
+        {
+            if (bOut.size() > cipher.getInputBlockSize() + 1)
+            {
+                throw new ArrayIndexOutOfBoundsException("too much data for RSA block");
+            }
+        }
+        else
+        {
+            if (bOut.size() > cipher.getInputBlockSize())
+            {
+                throw new ArrayIndexOutOfBoundsException("too much data for RSA block");
+            }
+        }
+
+        return 0;
+    }
+
+    protected byte[] engineDoFinal(
+        byte[]  input,
+        int     inputOffset,
+        int     inputLen) 
+        throws IllegalBlockSizeException, BadPaddingException
+    {
+        if (input != null)
+        {
+            bOut.write(input, inputOffset, inputLen);
+        }
+
+        if (cipher instanceof RSABlindedEngine)
+        {
+            if (bOut.size() > cipher.getInputBlockSize() + 1)
+            {
+                throw new ArrayIndexOutOfBoundsException("too much data for RSA block");
+            }
+        }
+        else
+        {
+            if (bOut.size() > cipher.getInputBlockSize())
+            {
+                throw new ArrayIndexOutOfBoundsException("too much data for RSA block");
+            }
+        }
+
+        return getOutput();
+    }
+
+    protected int engineDoFinal(
+        byte[]  input,
+        int     inputOffset,
+        int     inputLen,
+        byte[]  output,
+        int     outputOffset) 
+        throws IllegalBlockSizeException, BadPaddingException, ShortBufferException
+    {
+        if (outputOffset + engineGetOutputSize(inputLen) > output.length)
+        {
+            throw new ShortBufferException("output buffer too short for input.");
+        }
+
+        if (input != null)
+        {
+            bOut.write(input, inputOffset, inputLen);
+        }
+
+        if (cipher instanceof RSABlindedEngine)
+        {
+            if (bOut.size() > cipher.getInputBlockSize() + 1)
+            {
+                throw new ArrayIndexOutOfBoundsException("too much data for RSA block");
+            }
+        }
+        else
+        {
+            if (bOut.size() > cipher.getInputBlockSize())
+            {
+                throw new ArrayIndexOutOfBoundsException("too much data for RSA block");
+            }
+        }
+
+        byte[]  out = getOutput();
+
+        for (int i = 0; i != out.length; i++)
+        {
+            output[outputOffset + i] = out[i];
+        }
+
+        return out.length;
+    }
+
+    private byte[] getOutput()
+        throws BadPaddingException
+    {
+        try
+        {
+            return cipher.processBlock(bOut.getBuf(), 0, bOut.size());
+        }
+        catch (InvalidCipherTextException e)
+        {
+            throw new BadBlockException("unable to decrypt block", e);
+        }
+        catch (ArrayIndexOutOfBoundsException e)
+        {
+            throw new BadBlockException("unable to decrypt block", e);
+        }
+        finally
+        {
+            bOut.erase();
+        }
+    }
+
+    /**
+     * classes that inherit from us.
+     * @hide This class is not part of the Android public SDK API
+     */
+
+    static public class NoPadding
+        extends CipherSpi
+    {
+        public NoPadding()
+        {
+            super(new RSABlindedEngine());
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    static public class PKCS1v1_5Padding
+        extends CipherSpi
+    {
+        public PKCS1v1_5Padding()
+        {
+            super(new PKCS1Encoding(new RSABlindedEngine()));
+        }
+    }
+
+    static public class PKCS1v1_5Padding_PrivateOnly
+        extends CipherSpi
+    {
+        public PKCS1v1_5Padding_PrivateOnly()
+        {
+            super(false, true, new PKCS1Encoding(new RSABlindedEngine()));
+        }
+    }
+
+    static public class PKCS1v1_5Padding_PublicOnly
+        extends CipherSpi
+    {
+        public PKCS1v1_5Padding_PublicOnly()
+        {
+            super(true, false, new PKCS1Encoding(new RSABlindedEngine()));
+        }
+    }
+
+    static public class OAEPPadding
+        extends CipherSpi
+    {
+        public OAEPPadding()
+        {
+            super(OAEPParameterSpec.DEFAULT);
+        }
+    }
+    
+    static public class ISO9796d1Padding
+        extends CipherSpi
+    {
+        public ISO9796d1Padding()
+        {
+            super(new ISO9796d1Encoding(new RSABlindedEngine()));
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java
new file mode 100644
index 0000000..9640d9d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/rsa/DigestSignatureSpi.java

@@ -0,0 +1,453 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.rsa;
+
+import java.io.IOException;
+import java.security.AlgorithmParameters;
+import java.security.InvalidKeyException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.SignatureException;
+import java.security.SignatureSpi;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.interfaces.RSAPublicKey;
+import java.security.spec.AlgorithmParameterSpec;
+
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.DERNull;
+import com.android.org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x509.DigestInfo;
+import com.android.org.bouncycastle.crypto.AsymmetricBlockCipher;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.Digest;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.digests.MD2Digest;
+// import org.bouncycastle.crypto.digests.MD4Digest;
+// import org.bouncycastle.crypto.digests.NullDigest;
+// import org.bouncycastle.crypto.digests.RIPEMD128Digest;
+// import org.bouncycastle.crypto.digests.RIPEMD160Digest;
+// import org.bouncycastle.crypto.digests.RIPEMD256Digest;
+import com.android.org.bouncycastle.crypto.encodings.PKCS1Encoding;
+import com.android.org.bouncycastle.crypto.engines.RSABlindedEngine;
+// Android-changed: Use Android digests
+// import org.bouncycastle.crypto.util.DigestFactory;
+import com.android.org.bouncycastle.crypto.digests.AndroidDigestFactory;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DigestSignatureSpi
+    extends SignatureSpi
+{
+    private Digest digest;
+    private AsymmetricBlockCipher cipher;
+    private AlgorithmIdentifier algId;
+
+    // care - this constructor is actually used by outside organisations
+    protected DigestSignatureSpi(
+        Digest digest,
+        AsymmetricBlockCipher cipher)
+    {
+        this.digest = digest;
+        this.cipher = cipher;
+        this.algId = null;
+    }
+
+    // care - this constructor is actually used by outside organisations
+    protected DigestSignatureSpi(
+        ASN1ObjectIdentifier objId,
+        Digest digest,
+        AsymmetricBlockCipher cipher)
+    {
+        this.digest = digest;
+        this.cipher = cipher;
+        this.algId = new AlgorithmIdentifier(objId, DERNull.INSTANCE);
+    }
+
+    protected void engineInitVerify(
+        PublicKey publicKey)
+        throws InvalidKeyException
+    {
+        if (!(publicKey instanceof RSAPublicKey))
+        {
+            throw new InvalidKeyException("Supplied key (" + getType(publicKey) + ") is not a RSAPublicKey instance");
+        }
+
+        CipherParameters param = RSAUtil.generatePublicKeyParameter((RSAPublicKey)publicKey);
+
+        digest.reset();
+        cipher.init(false, param);
+    }
+
+    protected void engineInitSign(
+        PrivateKey privateKey)
+        throws InvalidKeyException
+    {
+        if (!(privateKey instanceof RSAPrivateKey))
+        {
+            throw new InvalidKeyException("Supplied key (" + getType(privateKey) + ") is not a RSAPrivateKey instance");
+        }
+
+        CipherParameters param = RSAUtil.generatePrivateKeyParameter((RSAPrivateKey)privateKey);
+
+        digest.reset();
+
+        cipher.init(true, param);
+    }
+
+    private String getType(
+        Object o)
+    {
+        if (o == null)
+        {
+            return null;
+        }
+        
+        return o.getClass().getName();
+    }
+    
+    protected void engineUpdate(
+        byte    b)
+        throws SignatureException
+    {
+        digest.update(b);
+    }
+
+    protected void engineUpdate(
+        byte[]  b,
+        int     off,
+        int     len) 
+        throws SignatureException
+    {
+        digest.update(b, off, len);
+    }
+
+    protected byte[] engineSign()
+        throws SignatureException
+    {
+        byte[]  hash = new byte[digest.getDigestSize()];
+
+        digest.doFinal(hash, 0);
+
+        try
+        {
+            byte[]  bytes = derEncode(hash);
+
+            return cipher.processBlock(bytes, 0, bytes.length);
+        }
+        catch (ArrayIndexOutOfBoundsException e)
+        {
+            throw new SignatureException("key too small for signature type");
+        }
+        catch (Exception e)
+        {
+            throw new SignatureException(e.toString());
+        }
+    }
+
+    protected boolean engineVerify(
+        byte[]  sigBytes) 
+        throws SignatureException
+    {
+        byte[]  hash = new byte[digest.getDigestSize()];
+
+        digest.doFinal(hash, 0);
+
+        byte[]      sig;
+        byte[]      expected;
+
+        try
+        {
+            sig = cipher.processBlock(sigBytes, 0, sigBytes.length);
+
+            expected = derEncode(hash);
+        }
+        catch (Exception e)
+        {
+            return false;
+        }
+
+        if (sig.length == expected.length)
+        {
+            return Arrays.constantTimeAreEqual(sig, expected);
+        }
+        else if (sig.length == expected.length - 2)  // NULL left out
+        {
+            expected[1] -= 2;      // adjust lengths
+            expected[3] -= 2;
+
+            int sigOffset = 4 + expected[3];
+            int expectedOffset = sigOffset + 2;
+            int nonEqual = 0;
+
+            for (int i = 0; i < expected.length - expectedOffset; i++)
+            {
+                nonEqual |= (sig[sigOffset + i] ^ expected[expectedOffset + i]);
+            }
+
+            for (int i = 0; i < sigOffset; i++)
+            {
+                nonEqual |= (sig[i] ^ expected[i]);  // check header less NULL
+            }
+
+            return nonEqual == 0;
+        }
+        else
+        {
+            Arrays.constantTimeAreEqual(expected, expected);  // keep time "steady".
+
+            return false;
+        }
+    }
+
+    protected void engineSetParameter(
+        AlgorithmParameterSpec params)
+    {
+        throw new UnsupportedOperationException("engineSetParameter unsupported");
+    }
+
+    /**
+     * @deprecated replaced with #engineSetParameter(java.security.spec.AlgorithmParameterSpec)
+     */
+    protected void engineSetParameter(
+        String param,
+        Object value)
+    {
+        throw new UnsupportedOperationException("engineSetParameter unsupported");
+    }
+
+    /**
+     * @deprecated
+     */
+    protected Object engineGetParameter(
+        String param)
+    {
+        return null;
+    }
+
+    protected AlgorithmParameters engineGetParameters()
+    {
+        return null;
+    }
+
+    private byte[] derEncode(
+        byte[]  hash)
+        throws IOException
+    {
+        if (algId == null)
+        {
+            // For raw RSA, the DigestInfo must be prepared externally
+            return hash;
+        }
+
+        DigestInfo dInfo = new DigestInfo(algId, hash);
+
+        return dInfo.getEncoded(ASN1Encoding.DER);
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class SHA1
+        extends DigestSignatureSpi
+    {
+        public SHA1()
+        {
+            // Android-changed: Use Android digests
+            // super(OIWObjectIdentifiers.idSHA1, DigestFactory.createSHA1(), new PKCS1Encoding(new RSABlindedEngine()));
+            super(OIWObjectIdentifiers.idSHA1, AndroidDigestFactory.getSHA1(), new PKCS1Encoding(new RSABlindedEngine()));
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class SHA224
+        extends DigestSignatureSpi
+    {
+        public SHA224()
+        {
+            // Android-changed: Use Android digests
+            // super(NISTObjectIdentifiers.id_sha224, DigestFactory.createSHA224(), new PKCS1Encoding(new RSABlindedEngine()));
+            super(NISTObjectIdentifiers.id_sha224, AndroidDigestFactory.getSHA224(), new PKCS1Encoding(new RSABlindedEngine()));
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class SHA256
+        extends DigestSignatureSpi
+    {
+        public SHA256()
+        {
+            // Android-changed: Use Android digests
+            // super(NISTObjectIdentifiers.id_sha256, DigestFactory.createSHA256(), new PKCS1Encoding(new RSABlindedEngine()));
+            super(NISTObjectIdentifiers.id_sha256, AndroidDigestFactory.getSHA256(), new PKCS1Encoding(new RSABlindedEngine()));
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class SHA384
+        extends DigestSignatureSpi
+    {
+        public SHA384()
+        {
+            // Android-changed: Use Android digests
+            // super(NISTObjectIdentifiers.id_sha384, DigestFactory.createSHA384(), new PKCS1Encoding(new RSABlindedEngine()));
+            super(NISTObjectIdentifiers.id_sha384, AndroidDigestFactory.getSHA384(), new PKCS1Encoding(new RSABlindedEngine()));
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class SHA512
+        extends DigestSignatureSpi
+    {
+        public SHA512()
+        {
+            // Android-changed: Use Android digests
+            // super(NISTObjectIdentifiers.id_sha512, DigestFactory.createSHA512(), new PKCS1Encoding(new RSABlindedEngine()));
+            super(NISTObjectIdentifiers.id_sha512, AndroidDigestFactory.getSHA512(), new PKCS1Encoding(new RSABlindedEngine()));
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    static public class SHA512_224
+        extends DigestSignatureSpi
+    {
+        public SHA512_224()
+        {
+            super(NISTObjectIdentifiers.id_sha512_224, DigestFactory.createSHA512_224(), new PKCS1Encoding(new RSABlindedEngine()));
+        }
+    }
+
+    static public class SHA512_256
+        extends DigestSignatureSpi
+    {
+        public SHA512_256()
+        {
+            super(NISTObjectIdentifiers.id_sha512_256, DigestFactory.createSHA512_256(), new PKCS1Encoding(new RSABlindedEngine()));
+        }
+    }
+
+    static public class SHA3_224
+        extends DigestSignatureSpi
+    {
+        public SHA3_224()
+        {
+            super(NISTObjectIdentifiers.id_sha3_224, DigestFactory.createSHA3_224(), new PKCS1Encoding(new RSABlindedEngine()));
+        }
+    }
+
+    static public class SHA3_256
+        extends DigestSignatureSpi
+    {
+        public SHA3_256()
+        {
+            super(NISTObjectIdentifiers.id_sha3_256, DigestFactory.createSHA3_256(), new PKCS1Encoding(new RSABlindedEngine()));
+        }
+    }
+
+    static public class SHA3_384
+        extends DigestSignatureSpi
+    {
+        public SHA3_384()
+        {
+            super(NISTObjectIdentifiers.id_sha3_384, DigestFactory.createSHA3_384(), new PKCS1Encoding(new RSABlindedEngine()));
+        }
+    }
+
+    static public class SHA3_512
+        extends DigestSignatureSpi
+    {
+        public SHA3_512()
+        {
+            super(NISTObjectIdentifiers.id_sha3_512, DigestFactory.createSHA3_512(), new PKCS1Encoding(new RSABlindedEngine()));
+        }
+    }
+
+    static public class MD2
+        extends DigestSignatureSpi
+    {
+        public MD2()
+        {
+            super(PKCSObjectIdentifiers.md2, new MD2Digest(), new PKCS1Encoding(new RSABlindedEngine()));
+        }
+    }
+
+    static public class MD4
+        extends DigestSignatureSpi
+    {
+        public MD4()
+        {
+            super(PKCSObjectIdentifiers.md4, new MD4Digest(), new PKCS1Encoding(new RSABlindedEngine()));
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class MD5
+        extends DigestSignatureSpi
+    {
+        public MD5()
+        {
+            // Android-changed: Use Android digests
+            // super(PKCSObjectIdentifiers.md5, DigestFactory.createMD5(), new PKCS1Encoding(new RSABlindedEngine()));
+            super(PKCSObjectIdentifiers.md5, AndroidDigestFactory.getMD5(), new PKCS1Encoding(new RSABlindedEngine()));
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    static public class RIPEMD160
+        extends DigestSignatureSpi
+    {
+        public RIPEMD160()
+        {
+            super(TeleTrusTObjectIdentifiers.ripemd160, new RIPEMD160Digest(), new PKCS1Encoding(new RSABlindedEngine()));
+        }
+    }
+
+    static public class RIPEMD128
+        extends DigestSignatureSpi
+    {
+        public RIPEMD128()
+        {
+            super(TeleTrusTObjectIdentifiers.ripemd128, new RIPEMD128Digest(), new PKCS1Encoding(new RSABlindedEngine()));
+        }
+    }
+
+    static public class RIPEMD256
+        extends DigestSignatureSpi
+    {
+        public RIPEMD256()
+        {
+            super(TeleTrusTObjectIdentifiers.ripemd256, new RIPEMD256Digest(), new PKCS1Encoding(new RSABlindedEngine()));
+        }
+    }
+
+    static public class noneRSA
+        extends DigestSignatureSpi
+    {
+        public noneRSA()
+        {
+            super(new NullDigest(), new PKCS1Encoding(new RSABlindedEngine()));
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/rsa/KeyFactorySpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/rsa/KeyFactorySpi.java
new file mode 100644
index 0000000..5e39097
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/rsa/KeyFactorySpi.java

@@ -0,0 +1,257 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.rsa;
+
+import java.io.IOException;
+import java.security.InvalidKeyException;
+import java.security.Key;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.interfaces.RSAPrivateCrtKey;
+import java.security.interfaces.RSAPublicKey;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.KeySpec;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.spec.RSAPrivateCrtKeySpec;
+import java.security.spec.RSAPrivateKeySpec;
+import java.security.spec.RSAPublicKeySpec;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import com.android.org.bouncycastle.asn1.pkcs.RSAPrivateKey;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.params.RSAKeyParameters;
+import com.android.org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.util.OpenSSHPrivateKeyUtil;
+// import org.bouncycastle.crypto.util.OpenSSHPublicKeyUtil;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.BaseKeyFactorySpi;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.ExtendedInvalidKeySpecException;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jce.spec.OpenSSHPrivateKeySpec;
+// import org.bouncycastle.jce.spec.OpenSSHPublicKeySpec;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class KeyFactorySpi
+    extends BaseKeyFactorySpi
+{
+    public KeyFactorySpi()
+    {
+    }
+
+    protected KeySpec engineGetKeySpec(
+        Key key,
+        Class spec)
+        throws InvalidKeySpecException
+    {
+        if (spec.isAssignableFrom(RSAPublicKeySpec.class) && key instanceof RSAPublicKey)
+        {
+            RSAPublicKey k = (RSAPublicKey)key;
+
+            return new RSAPublicKeySpec(k.getModulus(), k.getPublicExponent());
+        }
+        else if (spec.isAssignableFrom(RSAPrivateKeySpec.class) && key instanceof java.security.interfaces.RSAPrivateKey)
+        {
+            java.security.interfaces.RSAPrivateKey k = (java.security.interfaces.RSAPrivateKey)key;
+
+            return new RSAPrivateKeySpec(k.getModulus(), k.getPrivateExponent());
+        }
+        else if (spec.isAssignableFrom(RSAPrivateCrtKeySpec.class) && key instanceof RSAPrivateCrtKey)
+        {
+            RSAPrivateCrtKey k = (RSAPrivateCrtKey)key;
+
+            return new RSAPrivateCrtKeySpec(
+                k.getModulus(), k.getPublicExponent(),
+                k.getPrivateExponent(),
+                k.getPrimeP(), k.getPrimeQ(),
+                k.getPrimeExponentP(), k.getPrimeExponentQ(),
+                k.getCrtCoefficient());
+        }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        else if (spec.isAssignableFrom(OpenSSHPublicKeySpec.class) && key instanceof RSAPublicKey)
+        {
+            try
+            {
+                return new OpenSSHPublicKeySpec(
+                    OpenSSHPublicKeyUtil.encodePublicKey(
+                        new RSAKeyParameters(
+                            false,
+                            ((RSAPublicKey)key).getModulus(),
+                            ((RSAPublicKey)key).getPublicExponent())
+                    )
+                );
+            }
+            catch (IOException e)
+            {
+                throw new IllegalArgumentException("unable to produce encoding: " + e.getMessage());
+            }
+        }
+        else if (spec.isAssignableFrom(OpenSSHPrivateKeySpec.class) && key instanceof RSAPrivateCrtKey)
+        {
+            try
+            {
+                return new OpenSSHPrivateKeySpec(OpenSSHPrivateKeyUtil.encodePrivateKey(new RSAPrivateCrtKeyParameters(
+                    ((RSAPrivateCrtKey)key).getModulus(),
+                    ((RSAPrivateCrtKey)key).getPublicExponent(),
+                    ((RSAPrivateCrtKey)key).getPrivateExponent(),
+                    ((RSAPrivateCrtKey)key).getPrimeP(),
+                    ((RSAPrivateCrtKey)key).getPrimeQ(),
+                    ((RSAPrivateCrtKey)key).getPrimeExponentP(),
+                    ((RSAPrivateCrtKey)key).getPrimeExponentQ(),
+                    ((RSAPrivateCrtKey)key).getCrtCoefficient()
+                )));
+            }
+            catch (IOException e)
+            {
+                throw new IllegalArgumentException("unable to produce encoding: " + e.getMessage());
+            }
+        }
+        */
+        // END Android-removed: Unsupported algorithms
+
+        return super.engineGetKeySpec(key, spec);
+    }
+
+    protected Key engineTranslateKey(
+        Key key)
+        throws InvalidKeyException
+    {
+        if (key instanceof RSAPublicKey)
+        {
+            return new BCRSAPublicKey((RSAPublicKey)key);
+        }
+        else if (key instanceof RSAPrivateCrtKey)
+        {
+            return new BCRSAPrivateCrtKey((RSAPrivateCrtKey)key);
+        }
+        else if (key instanceof java.security.interfaces.RSAPrivateKey)
+        {
+            return new BCRSAPrivateKey((java.security.interfaces.RSAPrivateKey)key);
+        }
+
+        throw new InvalidKeyException("key type unknown");
+    }
+
+    protected PrivateKey engineGeneratePrivate(
+        KeySpec keySpec)
+        throws InvalidKeySpecException
+    {
+        if (keySpec instanceof PKCS8EncodedKeySpec)
+        {
+            try
+            {
+                return generatePrivate(PrivateKeyInfo.getInstance(((PKCS8EncodedKeySpec)keySpec).getEncoded()));
+            }
+            catch (Exception e)
+            {
+                //
+                // in case it's just a RSAPrivateKey object... -- openSSL produces these
+                //
+                try
+                {
+                    return new BCRSAPrivateCrtKey(
+                        RSAPrivateKey.getInstance(((PKCS8EncodedKeySpec)keySpec).getEncoded()));
+                }
+                catch (Exception ex)
+                {
+                    throw new ExtendedInvalidKeySpecException("unable to process key spec: " + e.toString(), e);
+                }
+            }
+        }
+        else if (keySpec instanceof RSAPrivateCrtKeySpec)
+        {
+            return new BCRSAPrivateCrtKey((RSAPrivateCrtKeySpec)keySpec);
+        }
+        else if (keySpec instanceof RSAPrivateKeySpec)
+        {
+            return new BCRSAPrivateKey((RSAPrivateKeySpec)keySpec);
+        }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        else if (keySpec instanceof OpenSSHPrivateKeySpec)
+        {
+            CipherParameters parameters = OpenSSHPrivateKeyUtil.parsePrivateKeyBlob(((OpenSSHPrivateKeySpec)keySpec).getEncoded());
+
+            if (parameters instanceof RSAPrivateCrtKeyParameters)
+            {
+                return new BCRSAPrivateCrtKey((RSAPrivateCrtKeyParameters)parameters);
+            }
+
+            throw new InvalidKeySpecException("open SSH public key is not RSA private key");
+        }
+        */
+        // END Android-removed: Unsupported algorithms
+
+        throw new InvalidKeySpecException("unknown KeySpec type: " + keySpec.getClass().getName());
+    }
+
+    protected PublicKey engineGeneratePublic(
+        KeySpec keySpec)
+        throws InvalidKeySpecException
+    {
+        if (keySpec instanceof RSAPublicKeySpec)
+        {
+            return new BCRSAPublicKey((RSAPublicKeySpec)keySpec);
+        }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        else if (keySpec instanceof OpenSSHPublicKeySpec)
+        {
+
+            CipherParameters parameters = OpenSSHPublicKeyUtil.parsePublicKey(((OpenSSHPublicKeySpec)keySpec).getEncoded());
+            if (parameters instanceof RSAKeyParameters)
+            {
+                return new BCRSAPublicKey((RSAKeyParameters)parameters);
+            }
+
+            throw new InvalidKeySpecException("Open SSH public key is not RSA public key");
+
+        }
+        */
+        // END Android-removed: Unsupported algorithms
+
+        return super.engineGeneratePublic(keySpec);
+    }
+
+    public PrivateKey generatePrivate(PrivateKeyInfo keyInfo)
+        throws IOException
+    {
+        ASN1ObjectIdentifier algOid = keyInfo.getPrivateKeyAlgorithm().getAlgorithm();
+
+        if (RSAUtil.isRsaOid(algOid))
+        {
+            RSAPrivateKey rsaPrivKey = RSAPrivateKey.getInstance(keyInfo.parsePrivateKey());
+
+            if (rsaPrivKey.getCoefficient().intValue() == 0)
+            {
+                return new BCRSAPrivateKey(rsaPrivKey);
+            }
+            else
+            {
+                return new BCRSAPrivateCrtKey(keyInfo);
+            }
+        }
+        else
+        {
+            throw new IOException("algorithm identifier " + algOid + " in key not recognised");
+        }
+    }
+
+    public PublicKey generatePublic(SubjectPublicKeyInfo keyInfo)
+        throws IOException
+    {
+        ASN1ObjectIdentifier algOid = keyInfo.getAlgorithm().getAlgorithm();
+
+        if (RSAUtil.isRsaOid(algOid))
+        {
+            return new BCRSAPublicKey(keyInfo);
+        }
+        else
+        {
+            throw new IOException("algorithm identifier " + algOid + " in key not recognised");
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/rsa/KeyPairGeneratorSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/rsa/KeyPairGeneratorSpi.java
new file mode 100644
index 0000000..9b77311
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/rsa/KeyPairGeneratorSpi.java

@@ -0,0 +1,87 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.rsa;
+
+import java.math.BigInteger;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.KeyPair;
+import java.security.SecureRandom;
+import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.RSAKeyGenParameterSpec;
+
+import com.android.org.bouncycastle.crypto.AsymmetricCipherKeyPair;
+import com.android.org.bouncycastle.crypto.CryptoServicesRegistrar;
+import com.android.org.bouncycastle.crypto.generators.RSAKeyPairGenerator;
+import com.android.org.bouncycastle.crypto.params.RSAKeyGenerationParameters;
+import com.android.org.bouncycastle.crypto.params.RSAKeyParameters;
+import com.android.org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.PrimeCertaintyCalculator;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class KeyPairGeneratorSpi
+    extends java.security.KeyPairGenerator
+{
+    public KeyPairGeneratorSpi(
+        String algorithmName)
+    {
+        super(algorithmName);
+    }
+
+    final static BigInteger defaultPublicExponent = BigInteger.valueOf(0x10001);
+
+    RSAKeyGenerationParameters param;
+    RSAKeyPairGenerator engine;
+
+    public KeyPairGeneratorSpi()
+    {
+        super("RSA");
+
+        engine = new RSAKeyPairGenerator();
+        param = new RSAKeyGenerationParameters(defaultPublicExponent,
+            CryptoServicesRegistrar.getSecureRandom(), 2048, PrimeCertaintyCalculator.getDefaultCertainty(2048));
+        engine.init(param);
+    }
+
+    public void initialize(
+        int strength,
+        SecureRandom random)
+    {
+        param = new RSAKeyGenerationParameters(defaultPublicExponent,
+            // Android-changed: Replace null random with default implementation.
+            // random, strength, PrimeCertaintyCalculator.getDefaultCertainty(strength));
+            (random != null) ? random : new SecureRandom(), strength, PrimeCertaintyCalculator.getDefaultCertainty(strength));
+
+        engine.init(param);
+    }
+
+    public void initialize(
+        AlgorithmParameterSpec params,
+        SecureRandom random)
+        throws InvalidAlgorithmParameterException
+    {
+        if (!(params instanceof RSAKeyGenParameterSpec))
+        {
+            throw new InvalidAlgorithmParameterException("parameter object not a RSAKeyGenParameterSpec");
+        }
+        RSAKeyGenParameterSpec rsaParams = (RSAKeyGenParameterSpec)params;
+
+        param = new RSAKeyGenerationParameters(
+            rsaParams.getPublicExponent(),
+            // Android-changed: Replace null random with default implementation.
+            // random, rsaParams.getKeysize(), PrimeCertaintyCalculator.getDefaultCertainty(2048));
+            (random != null) ? random : new SecureRandom(), rsaParams.getKeysize(), PrimeCertaintyCalculator.getDefaultCertainty(2048));
+
+        engine.init(param);
+    }
+
+    public KeyPair generateKeyPair()
+    {
+        AsymmetricCipherKeyPair pair = engine.generateKeyPair();
+        RSAKeyParameters pub = (RSAKeyParameters)pair.getPublic();
+        RSAPrivateCrtKeyParameters priv = (RSAPrivateCrtKeyParameters)pair.getPrivate();
+
+        return new KeyPair(new BCRSAPublicKey(pub),
+            new BCRSAPrivateCrtKey(priv));
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/rsa/RSAUtil.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/rsa/RSAUtil.java
new file mode 100644
index 0000000..49b1c33
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/rsa/RSAUtil.java

@@ -0,0 +1,80 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.rsa;
+
+import java.math.BigInteger;
+import java.security.interfaces.RSAPrivateCrtKey;
+import java.security.interfaces.RSAPrivateKey;
+import java.security.interfaces.RSAPublicKey;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.params.RSAKeyParameters;
+import com.android.org.bouncycastle.crypto.params.RSAPrivateCrtKeyParameters;
+import com.android.org.bouncycastle.util.Fingerprint;
+
+/**
+ * utility class for converting java.security RSA objects into their
+ * org.bouncycastle.crypto counterparts.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class RSAUtil
+{
+    public static final ASN1ObjectIdentifier[] rsaOids =
+    {
+        PKCSObjectIdentifiers.rsaEncryption,
+        X509ObjectIdentifiers.id_ea_rsa,
+        PKCSObjectIdentifiers.id_RSAES_OAEP,
+        PKCSObjectIdentifiers.id_RSASSA_PSS
+    };
+
+    public static boolean isRsaOid(
+        ASN1ObjectIdentifier algOid)
+    {
+        for (int i = 0; i != rsaOids.length; i++)
+        {
+            if (algOid.equals(rsaOids[i]))
+            {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    static RSAKeyParameters generatePublicKeyParameter(
+        RSAPublicKey key)
+    {
+        return new RSAKeyParameters(false, key.getModulus(), key.getPublicExponent());
+
+    }
+
+    static RSAKeyParameters generatePrivateKeyParameter(
+        RSAPrivateKey key)
+    {
+        if (key instanceof RSAPrivateCrtKey)
+        {
+            RSAPrivateCrtKey k = (RSAPrivateCrtKey)key;
+
+            return new RSAPrivateCrtKeyParameters(k.getModulus(),
+                k.getPublicExponent(), k.getPrivateExponent(),
+                k.getPrimeP(), k.getPrimeQ(), k.getPrimeExponentP(), k.getPrimeExponentQ(), k.getCrtCoefficient());
+        }
+        else
+        {
+            RSAPrivateKey k = key;
+
+            return new RSAKeyParameters(true, k.getModulus(), k.getPrivateExponent());
+        }
+    }
+
+    static String generateKeyFingerprint(BigInteger modulus)
+    {
+        return new Fingerprint(modulus.toByteArray()).toString();
+    }
+
+    static String generateExponentFingerprint(BigInteger exponent)
+    {
+        return new Fingerprint(exponent.toByteArray(), 32).toString();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/BaseAgreementSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/BaseAgreementSpi.java
new file mode 100644
index 0000000..759bdc0
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/BaseAgreementSpi.java

@@ -0,0 +1,355 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.util;
+
+import java.security.NoSuchAlgorithmException;
+import java.util.HashMap;
+import java.util.Hashtable;
+import java.util.Map;
+
+import javax.crypto.KeyAgreementSpi;
+import javax.crypto.SecretKey;
+import javax.crypto.ShortBufferException;
+import javax.crypto.spec.SecretKeySpec;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// import org.bouncycastle.asn1.gnu.GNUObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.kisa.KISAObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.misc.MiscObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.DerivationFunction;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.agreement.kdf.DHKDFParameters;
+// import org.bouncycastle.crypto.agreement.kdf.DHKEKGenerator;
+import com.android.org.bouncycastle.crypto.params.DESParameters;
+import com.android.org.bouncycastle.crypto.params.KDFParameters;
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Integers;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class BaseAgreementSpi
+    extends KeyAgreementSpi
+{
+    private static final Map<String, ASN1ObjectIdentifier> defaultOids = new HashMap<String, ASN1ObjectIdentifier>();
+    private static final Map<String, Integer> keySizes = new HashMap<String, Integer>();
+    private static final Map<String, String> nameTable = new HashMap<String, String>();
+
+    private static final Hashtable oids = new Hashtable();
+    private static final Hashtable des = new Hashtable();
+
+    static
+    {
+        Integer i64 = Integers.valueOf(64);
+        Integer i128 = Integers.valueOf(128);
+        Integer i192 = Integers.valueOf(192);
+        Integer i256 = Integers.valueOf(256);
+
+        keySizes.put("DES", i64);
+        keySizes.put("DESEDE", i192);
+        keySizes.put("BLOWFISH", i128);
+        keySizes.put("AES", i256);
+
+        keySizes.put(NISTObjectIdentifiers.id_aes128_ECB.getId(), i128);
+        keySizes.put(NISTObjectIdentifiers.id_aes192_ECB.getId(), i192);
+        keySizes.put(NISTObjectIdentifiers.id_aes256_ECB.getId(), i256);
+        keySizes.put(NISTObjectIdentifiers.id_aes128_CBC.getId(), i128);
+        keySizes.put(NISTObjectIdentifiers.id_aes192_CBC.getId(), i192);
+        keySizes.put(NISTObjectIdentifiers.id_aes256_CBC.getId(), i256);
+        keySizes.put(NISTObjectIdentifiers.id_aes128_CFB.getId(), i128);
+        keySizes.put(NISTObjectIdentifiers.id_aes192_CFB.getId(), i192);
+        keySizes.put(NISTObjectIdentifiers.id_aes256_CFB.getId(), i256);
+        keySizes.put(NISTObjectIdentifiers.id_aes128_OFB.getId(), i128);
+        keySizes.put(NISTObjectIdentifiers.id_aes192_OFB.getId(), i192);
+        keySizes.put(NISTObjectIdentifiers.id_aes256_OFB.getId(), i256);
+        keySizes.put(NISTObjectIdentifiers.id_aes128_wrap.getId(), i128);
+        keySizes.put(NISTObjectIdentifiers.id_aes192_wrap.getId(), i192);
+        keySizes.put(NISTObjectIdentifiers.id_aes256_wrap.getId(), i256);
+        keySizes.put(NISTObjectIdentifiers.id_aes128_CCM.getId(), i128);
+        keySizes.put(NISTObjectIdentifiers.id_aes192_CCM.getId(), i192);
+        keySizes.put(NISTObjectIdentifiers.id_aes256_CCM.getId(), i256);
+        keySizes.put(NISTObjectIdentifiers.id_aes128_GCM.getId(), i128);
+        keySizes.put(NISTObjectIdentifiers.id_aes192_GCM.getId(), i192);
+        keySizes.put(NISTObjectIdentifiers.id_aes256_GCM.getId(), i256);
+        keySizes.put(NTTObjectIdentifiers.id_camellia128_wrap.getId(), i128);
+        keySizes.put(NTTObjectIdentifiers.id_camellia192_wrap.getId(), i192);
+        keySizes.put(NTTObjectIdentifiers.id_camellia256_wrap.getId(), i256);
+        keySizes.put(KISAObjectIdentifiers.id_npki_app_cmsSeed_wrap.getId(), i128);
+
+        keySizes.put(PKCSObjectIdentifiers.id_alg_CMS3DESwrap.getId(), i192);
+        keySizes.put(PKCSObjectIdentifiers.des_EDE3_CBC.getId(), i192);
+        keySizes.put(OIWObjectIdentifiers.desCBC.getId(), i64);
+
+        // Android-removed: Unsupported algorithms
+        // keySizes.put(CryptoProObjectIdentifiers.gostR28147_gcfb.getId(), i256);
+        // keySizes.put(CryptoProObjectIdentifiers.id_Gost28147_89_None_KeyWrap.getId(), i256);
+        // keySizes.put(CryptoProObjectIdentifiers.id_Gost28147_89_CryptoPro_KeyWrap.getId(), i256);
+
+        keySizes.put(PKCSObjectIdentifiers.id_hmacWithSHA1.getId(), Integers.valueOf(160));
+        keySizes.put(PKCSObjectIdentifiers.id_hmacWithSHA256.getId(), i256);
+        keySizes.put(PKCSObjectIdentifiers.id_hmacWithSHA384.getId(), Integers.valueOf(384));
+        keySizes.put(PKCSObjectIdentifiers.id_hmacWithSHA512.getId(), Integers.valueOf(512));
+
+        defaultOids.put("DESEDE", PKCSObjectIdentifiers.des_EDE3_CBC);
+        defaultOids.put("AES", NISTObjectIdentifiers.id_aes256_CBC);
+        defaultOids.put("CAMELLIA", NTTObjectIdentifiers.id_camellia256_cbc);
+        defaultOids.put("SEED", KISAObjectIdentifiers.id_seedCBC);
+        defaultOids.put("DES", OIWObjectIdentifiers.desCBC);
+
+        nameTable.put(MiscObjectIdentifiers.cast5CBC.getId(), "CAST5");
+        nameTable.put(MiscObjectIdentifiers.as_sys_sec_alg_ideaCBC.getId(), "IDEA");
+        nameTable.put(MiscObjectIdentifiers.cryptlib_algorithm_blowfish_ECB.getId(), "Blowfish");
+        nameTable.put(MiscObjectIdentifiers.cryptlib_algorithm_blowfish_CBC.getId(), "Blowfish");
+        nameTable.put(MiscObjectIdentifiers.cryptlib_algorithm_blowfish_CFB.getId(), "Blowfish");
+        nameTable.put(MiscObjectIdentifiers.cryptlib_algorithm_blowfish_OFB.getId(), "Blowfish");
+        nameTable.put(OIWObjectIdentifiers.desECB.getId(), "DES");
+        nameTable.put(OIWObjectIdentifiers.desCBC.getId(), "DES");
+        nameTable.put(OIWObjectIdentifiers.desCFB.getId(), "DES");
+        nameTable.put(OIWObjectIdentifiers.desOFB.getId(), "DES");
+        nameTable.put(OIWObjectIdentifiers.desEDE.getId(), "DESede");
+        nameTable.put(PKCSObjectIdentifiers.des_EDE3_CBC.getId(), "DESede");
+        nameTable.put(PKCSObjectIdentifiers.id_alg_CMS3DESwrap.getId(), "DESede");
+        nameTable.put(PKCSObjectIdentifiers.id_alg_CMSRC2wrap.getId(), "RC2");
+        nameTable.put(PKCSObjectIdentifiers.id_hmacWithSHA1.getId(), "HmacSHA1");
+        nameTable.put(PKCSObjectIdentifiers.id_hmacWithSHA224.getId(), "HmacSHA224");
+        nameTable.put(PKCSObjectIdentifiers.id_hmacWithSHA256.getId(), "HmacSHA256");
+        nameTable.put(PKCSObjectIdentifiers.id_hmacWithSHA384.getId(), "HmacSHA384");
+        nameTable.put(PKCSObjectIdentifiers.id_hmacWithSHA512.getId(), "HmacSHA512");
+        nameTable.put(NTTObjectIdentifiers.id_camellia128_cbc.getId(), "Camellia");
+        nameTable.put(NTTObjectIdentifiers.id_camellia192_cbc.getId(), "Camellia");
+        nameTable.put(NTTObjectIdentifiers.id_camellia256_cbc.getId(), "Camellia");
+        nameTable.put(NTTObjectIdentifiers.id_camellia128_wrap.getId(), "Camellia");
+        nameTable.put(NTTObjectIdentifiers.id_camellia192_wrap.getId(), "Camellia");
+        nameTable.put(NTTObjectIdentifiers.id_camellia256_wrap.getId(), "Camellia");
+        nameTable.put(KISAObjectIdentifiers.id_npki_app_cmsSeed_wrap.getId(), "SEED");
+        nameTable.put(KISAObjectIdentifiers.id_seedCBC.getId(), "SEED");
+        nameTable.put(KISAObjectIdentifiers.id_seedMAC.getId(), "SEED");
+        // Android-removed: Unsupported algorithm
+        // nameTable.put(CryptoProObjectIdentifiers.gostR28147_gcfb.getId(), "GOST28147");
+
+        nameTable.put(NISTObjectIdentifiers.id_aes128_wrap.getId(), "AES");
+        nameTable.put(NISTObjectIdentifiers.id_aes128_CCM.getId(), "AES");
+        nameTable.put(NISTObjectIdentifiers.id_aes128_CCM.getId(), "AES");
+
+        oids.put("DESEDE", PKCSObjectIdentifiers.des_EDE3_CBC);
+        oids.put("AES", NISTObjectIdentifiers.id_aes256_CBC);
+        oids.put("DES", OIWObjectIdentifiers.desCBC);
+
+        des.put("DES", "DES");
+        des.put("DESEDE", "DES");
+        des.put(OIWObjectIdentifiers.desCBC.getId(), "DES");
+        des.put(PKCSObjectIdentifiers.des_EDE3_CBC.getId(), "DES");
+        des.put(PKCSObjectIdentifiers.id_alg_CMS3DESwrap.getId(), "DES");
+    }
+
+    protected final String kaAlgorithm;
+    protected final DerivationFunction kdf;
+
+    protected byte[]     ukmParameters;
+
+    public BaseAgreementSpi(String kaAlgorithm, DerivationFunction kdf)
+    {
+        this.kaAlgorithm = kaAlgorithm;
+        this.kdf = kdf;
+    }
+
+    protected static String getAlgorithm(String algDetails)
+    {
+        if (algDetails.indexOf('[') > 0)
+        {
+            return algDetails.substring(0, algDetails.indexOf('['));
+        }
+
+        if (algDetails.startsWith(NISTObjectIdentifiers.aes.getId()))
+        {
+            return "AES";
+        }
+        // BEGIN Android-removed: Unsupported algorithm
+        // if (algDetails.startsWith(GNUObjectIdentifiers.Serpent.getId()))
+        // {
+        //     return "Serpent";
+        // }
+        // END Android-removed: Unsupported algorithms
+
+        String name = (String)nameTable.get(Strings.toUpperCase(algDetails));
+
+        if (name != null)
+        {
+            return name;
+        }
+
+        return algDetails;
+    }
+
+    protected static int getKeySize(String algDetails)
+    {
+        if (algDetails.indexOf('[') > 0)
+        {
+            return Integer.parseInt(algDetails.substring(algDetails.indexOf('[') + 1, algDetails.indexOf(']')));
+        }
+
+        String algKey = Strings.toUpperCase(algDetails);
+        if (!keySizes.containsKey(algKey))
+        {
+            return -1;
+        }
+
+        return ((Integer)keySizes.get(algKey)).intValue();
+    }
+
+    protected static byte[] trimZeroes(byte[] secret)
+    {
+        if (secret[0] != 0)
+        {
+            return secret;
+        }
+        else
+        {
+            int ind = 0;
+            while (ind < secret.length && secret[ind] == 0)
+            {
+                ind++;
+            }
+
+            byte[] rv = new byte[secret.length - ind];
+
+            System.arraycopy(secret, ind, rv, 0, rv.length);
+
+            return rv;
+        }
+    }
+
+    protected byte[] engineGenerateSecret()
+        throws IllegalStateException
+    {
+        if (kdf != null)
+        {
+            byte[] secret = calcSecret();
+            try
+            {
+                return getSharedSecretBytes(secret, null, secret.length * 8);
+            }
+            catch (NoSuchAlgorithmException e)
+            {
+                throw new IllegalStateException(e.getMessage());
+            }
+        }
+
+        return calcSecret();
+    }
+
+    protected int engineGenerateSecret(
+        byte[]  sharedSecret,
+        int     offset)
+        throws IllegalStateException, ShortBufferException
+    {
+        byte[] secret = engineGenerateSecret();
+
+        if (sharedSecret.length - offset < secret.length)
+        {
+            throw new ShortBufferException(kaAlgorithm + " key agreement: need " + secret.length + " bytes");
+        }
+
+        System.arraycopy(secret, 0, sharedSecret, offset, secret.length);
+
+        return secret.length;
+    }
+
+    protected SecretKey engineGenerateSecret(
+        String algorithm)
+        throws NoSuchAlgorithmException
+    {
+        String algKey = Strings.toUpperCase(algorithm);
+        String oidAlgorithm = algorithm;
+
+        if (oids.containsKey(algKey))
+        {
+            oidAlgorithm = ((ASN1ObjectIdentifier)oids.get(algKey)).getId();
+        }
+
+        int    keySize = getKeySize(oidAlgorithm);
+
+        byte[] secret = getSharedSecretBytes(calcSecret(), oidAlgorithm, keySize);
+
+        String algName = getAlgorithm(algorithm);
+
+        if (des.containsKey(algName))
+        {
+            DESParameters.setOddParity(secret);
+        }
+
+        return new SecretKeySpec(secret, algName);
+    }
+
+    private byte[] getSharedSecretBytes(byte[] secret, String oidAlgorithm, int keySize)
+        throws NoSuchAlgorithmException
+    {
+        if (kdf != null)
+        {
+            if (keySize < 0)
+            {
+                throw new NoSuchAlgorithmException("unknown algorithm encountered: " + oidAlgorithm);
+            }
+            byte[] keyBytes = new byte[keySize / 8];
+
+            // BEGIN Android-removed: Unsupported algorithm
+            /*
+            if (kdf instanceof DHKEKGenerator)
+            {
+                if (oidAlgorithm == null)
+                {
+                    throw new NoSuchAlgorithmException("algorithm OID is null");
+                }
+                ASN1ObjectIdentifier oid;
+                try
+                {
+                    oid = new ASN1ObjectIdentifier(oidAlgorithm);
+                }
+                catch (IllegalArgumentException e)
+                {
+                    throw new NoSuchAlgorithmException("no OID for algorithm: " + oidAlgorithm);
+                }
+                DHKDFParameters params = new DHKDFParameters(oid, keySize, secret, ukmParameters);
+
+                kdf.init(params);
+            }
+            else
+            */
+            // END Android-removed: Unsupported algorithm
+            {
+                KDFParameters params = new KDFParameters(secret, ukmParameters);
+
+                kdf.init(params);
+            }
+
+            kdf.generateBytes(keyBytes, 0, keyBytes.length);
+
+            Arrays.clear(secret);
+
+            return keyBytes;
+        }
+        else
+        {
+            if (keySize > 0)
+            {
+                byte[] keyBytes = new byte[keySize / 8];
+
+                System.arraycopy(secret, 0, keyBytes, 0, keyBytes.length);
+
+                Arrays.clear(secret);
+
+                return keyBytes;
+            }
+
+            return secret;
+        }
+    }
+
+    protected abstract byte[] calcSecret();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/BaseAlgorithmParameterGeneratorSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/BaseAlgorithmParameterGeneratorSpi.java
new file mode 100644
index 0000000..f0cb415
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/BaseAlgorithmParameterGeneratorSpi.java

@@ -0,0 +1,29 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.util;
+
+import java.security.AlgorithmParameterGeneratorSpi;
+import java.security.AlgorithmParameters;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+
+import com.android.org.bouncycastle.jcajce.util.BCJcaJceHelper;
+import com.android.org.bouncycastle.jcajce.util.JcaJceHelper;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class BaseAlgorithmParameterGeneratorSpi
+    extends AlgorithmParameterGeneratorSpi
+{
+    private final JcaJceHelper helper = new BCJcaJceHelper();
+
+    public BaseAlgorithmParameterGeneratorSpi()
+    {
+    }
+
+    protected final AlgorithmParameters createParametersInstance(String algorithm)
+        throws NoSuchAlgorithmException, NoSuchProviderException
+    {
+        return helper.createAlgorithmParameters(algorithm);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java
new file mode 100644
index 0000000..85a31be
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/BaseCipherSpi.java

@@ -0,0 +1,258 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.util;
+
+import java.io.ByteArrayOutputStream;
+import java.security.AlgorithmParameters;
+import java.security.InvalidKeyException;
+import java.security.Key;
+import java.security.KeyFactory;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.PrivateKey;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.spec.X509EncodedKeySpec;
+
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.CipherSpi;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.PBEParameterSpec;
+// Android-removed: Unsupported algorithms
+// import javax.crypto.spec.RC2ParameterSpec;
+// import javax.crypto.spec.RC5ParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+
+import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import com.android.org.bouncycastle.crypto.InvalidCipherTextException;
+import com.android.org.bouncycastle.crypto.Wrapper;
+import com.android.org.bouncycastle.jcajce.util.BCJcaJceHelper;
+import com.android.org.bouncycastle.jcajce.util.JcaJceHelper;
+import com.android.org.bouncycastle.jce.provider.BouncyCastleProvider;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class BaseCipherSpi
+    extends CipherSpi
+{
+    //
+    // specs we can handle.
+    //
+    private Class[]                 availableSpecs =
+                                    {
+                                        IvParameterSpec.class,
+                                        PBEParameterSpec.class,
+                                        // Android-removed: Unsupported algorithms
+                                        // RC2ParameterSpec.class,
+                                        // RC5ParameterSpec.class
+                                    };
+
+    private final JcaJceHelper helper = new BCJcaJceHelper();
+
+    protected AlgorithmParameters     engineParams = null;
+
+    protected Wrapper                 wrapEngine = null;
+
+    private int                       ivSize;
+    private byte[]                    iv;
+
+    protected BaseCipherSpi()
+    {
+    }
+
+    protected int engineGetBlockSize()
+    {
+        return 0;
+    }
+
+    protected byte[] engineGetIV()
+    {
+        return null;
+    }
+
+    protected int engineGetKeySize(
+        Key     key)
+    {
+        return key.getEncoded().length;
+    }
+
+    protected int engineGetOutputSize(
+        int     inputLen)
+    {
+        return -1;
+    }
+
+    protected AlgorithmParameters engineGetParameters()
+    {
+        return null;
+    }
+
+    protected final AlgorithmParameters createParametersInstance(String algorithm)
+        throws NoSuchAlgorithmException, NoSuchProviderException
+    {
+        return helper.createAlgorithmParameters(algorithm);
+    }
+
+    protected void engineSetMode(
+        String  mode)
+        throws NoSuchAlgorithmException
+    {
+        throw new NoSuchAlgorithmException("can't support mode " + mode);
+    }
+
+    protected void engineSetPadding(
+        String  padding)
+    throws NoSuchPaddingException
+    {
+        throw new NoSuchPaddingException("Padding " + padding + " unknown.");
+    }
+
+    protected byte[] engineWrap(
+        Key     key)
+    throws IllegalBlockSizeException, InvalidKeyException
+    {
+        byte[] encoded = key.getEncoded();
+        if (encoded == null)
+        {
+            throw new InvalidKeyException("Cannot wrap key, null encoding.");
+        }
+
+        try
+        {
+            if (wrapEngine == null)
+            {
+                return engineDoFinal(encoded, 0, encoded.length);
+            }
+            else
+            {
+                return wrapEngine.wrap(encoded, 0, encoded.length);
+            }
+        }
+        catch (BadPaddingException e)
+        {
+            throw new IllegalBlockSizeException(e.getMessage());
+        }
+    }
+
+    protected Key engineUnwrap(
+        byte[]  wrappedKey,
+        String  wrappedKeyAlgorithm,
+        int     wrappedKeyType)
+    throws InvalidKeyException
+    {
+        byte[] encoded;
+        try
+        {
+            if (wrapEngine == null)
+            {
+                encoded = engineDoFinal(wrappedKey, 0, wrappedKey.length);
+            }
+            else
+            {
+                encoded = wrapEngine.unwrap(wrappedKey, 0, wrappedKey.length);
+            }
+        }
+        catch (InvalidCipherTextException e)
+        {
+            throw new InvalidKeyException(e.getMessage());
+        }
+        catch (final BadPaddingException e)
+        {
+            throw new InvalidKeyException("unable to unwrap")
+            {
+                public synchronized Throwable getCause()
+                {
+                    return e;
+                }
+            };
+        }
+        catch (IllegalBlockSizeException e2)
+        {
+            throw new InvalidKeyException(e2.getMessage());
+        }
+
+        if (wrappedKeyType == Cipher.SECRET_KEY)
+        {
+            return new SecretKeySpec(encoded, wrappedKeyAlgorithm);
+        }
+        else if (wrappedKeyAlgorithm.equals("") && wrappedKeyType == Cipher.PRIVATE_KEY)
+        {
+            /*
+                 * The caller doesn't know the algorithm as it is part of
+                 * the encrypted data.
+                 */
+            try
+            {
+                PrivateKeyInfo       in = PrivateKeyInfo.getInstance(encoded);
+
+                PrivateKey privKey = BouncyCastleProvider.getPrivateKey(in);
+
+                if (privKey != null)
+                {
+                    return privKey;
+                }
+                else
+                {
+                    throw new InvalidKeyException("algorithm " + in.getPrivateKeyAlgorithm().getAlgorithm() + " not supported");
+                }
+            }
+            catch (Exception e)
+            {
+                throw new InvalidKeyException("Invalid key encoding.");
+            }
+        }
+        else
+        {
+            try
+            {
+                KeyFactory kf = helper.createKeyFactory(wrappedKeyAlgorithm);
+
+                if (wrappedKeyType == Cipher.PUBLIC_KEY)
+                {
+                    return kf.generatePublic(new X509EncodedKeySpec(encoded));
+                }
+                else if (wrappedKeyType == Cipher.PRIVATE_KEY)
+                {
+                    return kf.generatePrivate(new PKCS8EncodedKeySpec(encoded));
+                }
+            }
+            catch (NoSuchAlgorithmException e)
+            {
+                throw new InvalidKeyException("Unknown key type " + e.getMessage());
+            }
+            catch (InvalidKeySpecException e)
+            {
+                throw new InvalidKeyException("Unknown key type " + e.getMessage());
+            }
+            catch (NoSuchProviderException e)
+            {
+                throw new InvalidKeyException("Unknown key type " + e.getMessage());
+            }
+
+            throw new InvalidKeyException("Unknown key type " + wrappedKeyType);
+        }
+    }
+
+    protected static final class ErasableOutputStream
+        extends ByteArrayOutputStream
+    {
+        public ErasableOutputStream()
+        {
+        }
+
+        public byte[] getBuf()
+        {
+            return buf;
+        }
+
+        public void erase()
+        {
+            Arrays.fill(this.buf, (byte)0);
+            reset();
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/BaseKeyFactorySpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/BaseKeyFactorySpi.java
new file mode 100644
index 0000000..716bdce
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/BaseKeyFactorySpi.java

@@ -0,0 +1,81 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.util;
+
+import java.security.Key;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.KeySpec;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.spec.X509EncodedKeySpec;
+
+import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import com.android.org.bouncycastle.jcajce.provider.util.AsymmetricKeyInfoConverter;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class BaseKeyFactorySpi
+    extends java.security.KeyFactorySpi
+    implements AsymmetricKeyInfoConverter
+{
+    protected PrivateKey engineGeneratePrivate(
+        KeySpec keySpec)
+        throws InvalidKeySpecException
+    {
+        if (keySpec instanceof PKCS8EncodedKeySpec)
+        {
+            try
+            {
+                return generatePrivate(PrivateKeyInfo.getInstance(((PKCS8EncodedKeySpec)keySpec).getEncoded()));
+            }
+            catch (Exception e)
+            {
+                throw new InvalidKeySpecException("encoded key spec not recognized: " + e.getMessage());
+            }
+        }
+        else
+        {
+            throw new InvalidKeySpecException("key spec not recognized");
+        }
+    }
+
+    protected PublicKey engineGeneratePublic(
+        KeySpec keySpec)
+        throws InvalidKeySpecException
+    {
+        if (keySpec instanceof X509EncodedKeySpec)
+        {
+            try
+            {
+                return generatePublic(SubjectPublicKeyInfo.getInstance(((X509EncodedKeySpec)keySpec).getEncoded()));
+            }
+            catch (Exception e)
+            {
+                throw new InvalidKeySpecException("encoded key spec not recognized: " + e.getMessage());
+            }
+        }
+        else
+        {
+            throw new InvalidKeySpecException("key spec not recognized");
+        }
+    }
+
+    protected KeySpec engineGetKeySpec(
+        Key key,
+        Class spec)
+        throws InvalidKeySpecException
+    {
+        if (spec.isAssignableFrom(PKCS8EncodedKeySpec.class) && key.getFormat().equals("PKCS#8"))
+        {
+            return new PKCS8EncodedKeySpec(key.getEncoded());
+        }
+        else if (spec.isAssignableFrom(X509EncodedKeySpec.class) && key.getFormat().equals("X.509"))
+        {
+            return new X509EncodedKeySpec(key.getEncoded());
+        }
+
+        throw new InvalidKeySpecException("not implemented yet " + key + " " + spec);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/DHUtil.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/DHUtil.java
new file mode 100644
index 0000000..356f722
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/DHUtil.java

@@ -0,0 +1,57 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.util;
+
+import java.security.InvalidKeyException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+
+import javax.crypto.interfaces.DHPrivateKey;
+import javax.crypto.interfaces.DHPublicKey;
+
+import com.android.org.bouncycastle.crypto.params.AsymmetricKeyParameter;
+import com.android.org.bouncycastle.crypto.params.DHParameters;
+import com.android.org.bouncycastle.crypto.params.DHPrivateKeyParameters;
+import com.android.org.bouncycastle.crypto.params.DHPublicKeyParameters;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.dh.BCDHPublicKey;
+
+/**
+ * utility class for converting jce/jca DH objects
+ * objects into their org.bouncycastle.crypto counterparts.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DHUtil
+{
+    static public AsymmetricKeyParameter generatePublicKeyParameter(
+        PublicKey    key)
+        throws InvalidKeyException
+    {
+        if (key instanceof BCDHPublicKey)
+        {
+            return ((BCDHPublicKey)key).engineGetKeyParameters();
+        }
+        if (key instanceof DHPublicKey)
+        {
+            DHPublicKey    k = (DHPublicKey)key;
+
+            return new DHPublicKeyParameters(k.getY(),
+                new DHParameters(k.getParams().getP(), k.getParams().getG(), null, k.getParams().getL()));
+        }
+
+        throw new InvalidKeyException("can't identify DH public key.");
+    }
+
+    static public AsymmetricKeyParameter generatePrivateKeyParameter(
+        PrivateKey    key)
+        throws InvalidKeyException
+    {
+        if (key instanceof DHPrivateKey)
+        {
+            DHPrivateKey    k = (DHPrivateKey)key;
+
+            return new DHPrivateKeyParameters(k.getX(),
+                new DHParameters(k.getParams().getP(), k.getParams().getG(), null, k.getParams().getL()));
+        }
+                        
+        throw new InvalidKeyException("can't identify DH private key.");
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/DSABase.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/DSABase.java
new file mode 100644
index 0000000..f3d1caf
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/DSABase.java

@@ -0,0 +1,114 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.util;
+
+import java.math.BigInteger;
+import java.security.SignatureException;
+import java.security.SignatureSpi;
+import java.security.spec.AlgorithmParameterSpec;
+
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.DSAExt;
+import com.android.org.bouncycastle.crypto.Digest;
+import com.android.org.bouncycastle.crypto.signers.DSAEncoding;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class DSABase
+    extends SignatureSpi
+    implements PKCSObjectIdentifiers, X509ObjectIdentifiers
+{
+    protected Digest        digest;
+    protected DSAExt        signer;
+    protected DSAEncoding   encoding;
+
+    protected DSABase(
+        Digest                  digest,
+        DSAExt                  signer,
+        DSAEncoding             encoding)
+    {
+        this.digest = digest;
+        this.signer = signer;
+        this.encoding = encoding;
+    }
+
+    protected void engineUpdate(
+        byte    b)
+        throws SignatureException
+    {
+        digest.update(b);
+    }
+
+    protected void engineUpdate(
+        byte[]  b,
+        int     off,
+        int     len) 
+        throws SignatureException
+    {
+        digest.update(b, off, len);
+    }
+
+    protected byte[] engineSign()
+        throws SignatureException
+    {
+        byte[] hash = new byte[digest.getDigestSize()];
+        digest.doFinal(hash, 0);
+
+        try
+        {
+            BigInteger[] sig = signer.generateSignature(hash);
+
+            return encoding.encode(signer.getOrder(), sig[0], sig[1]);
+        }
+        catch (Exception e)
+        {
+            throw new SignatureException(e.toString());
+        }
+    }
+
+    protected boolean engineVerify(
+        byte[]  sigBytes) 
+        throws SignatureException
+    {
+        byte[] hash = new byte[digest.getDigestSize()];
+        digest.doFinal(hash, 0);
+
+        BigInteger[] sig;
+        try
+        {
+            sig = encoding.decode(signer.getOrder(), sigBytes);
+        }
+        catch (Exception e)
+        {
+            throw new SignatureException("error decoding signature bytes.");
+        }
+
+        return signer.verifySignature(hash, sig[0], sig[1]);
+    }
+
+    protected void engineSetParameter(
+        AlgorithmParameterSpec params)
+    {
+        throw new UnsupportedOperationException("engineSetParameter unsupported");
+    }
+
+    /**
+     * @deprecated replaced with "#engineSetParameter(java.security.spec.AlgorithmParameterSpec)"
+     */
+    protected void engineSetParameter(
+        String  param,
+        Object  value)
+    {
+        throw new UnsupportedOperationException("engineSetParameter unsupported");
+    }
+
+    /**
+     * @deprecated
+     */
+    protected Object engineGetParameter(
+        String      param)
+    {
+        throw new UnsupportedOperationException("engineSetParameter unsupported");
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/DSAEncoder.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/DSAEncoder.java
new file mode 100644
index 0000000..2d73fbb
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/DSAEncoder.java

@@ -0,0 +1,18 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.util;
+
+import java.io.IOException;
+import java.math.BigInteger;
+
+/**
+ * @deprecated No longer used
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface DSAEncoder
+{
+    byte[] encode(BigInteger r, BigInteger s)
+        throws IOException;
+
+    BigInteger[] decode(byte[] sig)
+        throws IOException;
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/EC5Util.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/EC5Util.java
new file mode 100644
index 0000000..24e2e95
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/EC5Util.java

@@ -0,0 +1,342 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.util;
+
+import java.math.BigInteger;
+import java.security.spec.ECField;
+import java.security.spec.ECFieldF2m;
+import java.security.spec.ECFieldFp;
+import java.security.spec.ECParameterSpec;
+import java.security.spec.ECPoint;
+import java.security.spec.EllipticCurve;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.Map;
+import java.util.Set;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.x9.ECNamedCurveTable;
+import com.android.org.bouncycastle.asn1.x9.X962Parameters;
+import com.android.org.bouncycastle.asn1.x9.X9ECParameters;
+import com.android.org.bouncycastle.crypto.ec.CustomNamedCurves;
+import com.android.org.bouncycastle.crypto.params.ECDomainParameters;
+import com.android.org.bouncycastle.jcajce.provider.config.ProviderConfiguration;
+import com.android.org.bouncycastle.jce.provider.BouncyCastleProvider;
+import com.android.org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
+import com.android.org.bouncycastle.jce.spec.ECNamedCurveSpec;
+import com.android.org.bouncycastle.math.ec.ECAlgorithms;
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.field.FiniteField;
+import com.android.org.bouncycastle.math.field.Polynomial;
+import com.android.org.bouncycastle.math.field.PolynomialExtensionField;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class EC5Util
+{
+    private static Map customCurves = new HashMap();
+
+    static
+    {
+        Enumeration e = CustomNamedCurves.getNames();
+        while (e.hasMoreElements())
+        {
+            String name = (String)e.nextElement();
+
+            X9ECParameters curveParams = ECNamedCurveTable.getByName(name);
+            if (curveParams != null)  // there may not be a regular curve, may just be a custom curve.
+            {
+                customCurves.put(curveParams.getCurve(), CustomNamedCurves.getByName(name).getCurve());
+            }
+        }
+
+        // BEGIN Android-removed: Unsupported curves
+        /*
+        X9ECParameters x9_25519 = CustomNamedCurves.getByName("Curve25519");
+        ECCurve c_25519 = x9_25519.getCurve();
+
+        customCurves.put(new ECCurve.Fp(
+            c_25519.getField().getCharacteristic(),
+            c_25519.getA().toBigInteger(),
+            c_25519.getB().toBigInteger(),
+            c_25519.getOrder(),
+            c_25519.getCofactor()
+            ), c_25519);
+        */
+        // END Android-removed: Unsupported curves
+    }
+
+    public static ECCurve getCurve(
+        ProviderConfiguration configuration,
+        X962Parameters params)
+    {
+        ECCurve curve;
+        Set acceptableCurves = configuration.getAcceptableNamedCurves();
+
+        if (params.isNamedCurve())
+        {
+            ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters());
+
+            if (acceptableCurves.isEmpty() || acceptableCurves.contains(oid))
+            {
+                X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
+
+                if (ecP == null)
+                {
+                    ecP = (X9ECParameters)configuration.getAdditionalECParameters().get(oid);
+                }
+
+                curve = ecP.getCurve();
+            }
+            else
+            {
+                throw new IllegalStateException("named curve not acceptable");
+            }
+        }
+        else if (params.isImplicitlyCA())
+        {
+            curve = configuration.getEcImplicitlyCa().getCurve();
+        }
+        else if (acceptableCurves.isEmpty())
+        {
+            X9ECParameters ecP = X9ECParameters.getInstance(params.getParameters());
+
+            curve = ecP.getCurve();
+        }
+        else
+        {
+            throw new IllegalStateException("encoded parameters not acceptable");
+        }
+
+        return curve;
+    }
+
+    public static ECDomainParameters getDomainParameters(
+        ProviderConfiguration configuration,
+        java.security.spec.ECParameterSpec params)
+    {
+        ECDomainParameters domainParameters;
+
+        if (params == null)
+        {
+            com.android.org.bouncycastle.jce.spec.ECParameterSpec iSpec = configuration.getEcImplicitlyCa();
+
+            domainParameters = new ECDomainParameters(iSpec.getCurve(), iSpec.getG(), iSpec.getN(), iSpec.getH(), iSpec.getSeed());
+        }
+        else
+        {
+            domainParameters = ECUtil.getDomainParameters(configuration, convertSpec(params, false));
+        }
+
+        return domainParameters;
+    }
+
+    public static ECParameterSpec convertToSpec(
+        X962Parameters params, ECCurve curve)
+    {
+        ECParameterSpec ecSpec;
+        EllipticCurve ellipticCurve;
+
+        if (params.isNamedCurve())
+        {
+            ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)params.getParameters();
+            X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
+            if (ecP == null)
+            {
+                Map additionalECParameters = BouncyCastleProvider.CONFIGURATION.getAdditionalECParameters();
+                if (!additionalECParameters.isEmpty())
+                {
+                    ecP = (X9ECParameters)additionalECParameters.get(oid);
+                }
+            }
+
+            ellipticCurve = EC5Util.convertCurve(curve, ecP.getSeed());
+
+            ecSpec = new ECNamedCurveSpec(
+                ECUtil.getCurveName(oid),
+                ellipticCurve,
+                convertPoint(ecP.getG()),
+                ecP.getN(),
+                ecP.getH());
+        }
+        else if (params.isImplicitlyCA())
+        {
+            ecSpec = null;
+        }
+        else
+        {
+            X9ECParameters ecP = X9ECParameters.getInstance(params.getParameters());
+
+            ellipticCurve = EC5Util.convertCurve(curve, ecP.getSeed());
+
+            if (ecP.getH() != null)
+            {
+                ecSpec = new ECParameterSpec(
+                    ellipticCurve,
+                    convertPoint(ecP.getG()),
+                    ecP.getN(),
+                    ecP.getH().intValue());
+            }
+            else
+            {
+                ecSpec = new ECParameterSpec(
+                    ellipticCurve,
+                    convertPoint(ecP.getG()),
+                    ecP.getN(),
+                    1);      // TODO: not strictly correct... need to fix the test data...
+            }
+        }
+
+        return ecSpec;
+    }
+
+    public static ECParameterSpec convertToSpec(
+        X9ECParameters domainParameters)
+    {
+        return new ECParameterSpec(
+            convertCurve(domainParameters.getCurve(), null),  // JDK 1.5 has trouble with this if it's not null...
+            EC5Util.convertPoint(domainParameters.getG()),
+            domainParameters.getN(),
+            domainParameters.getH().intValue());
+    }
+
+    public static ECParameterSpec convertToSpec(
+        ECDomainParameters domainParameters)
+    {
+        return new ECParameterSpec(
+            convertCurve(domainParameters.getCurve(), null),  // JDK 1.5 has trouble with this if it's not null...
+            EC5Util.convertPoint(domainParameters.getG()),
+            domainParameters.getN(),
+            domainParameters.getH().intValue());
+    }
+
+    public static EllipticCurve convertCurve(
+        ECCurve curve, 
+        byte[]  seed)
+    {
+        ECField field = convertField(curve.getField());
+        BigInteger a = curve.getA().toBigInteger(), b = curve.getB().toBigInteger();
+
+        // TODO: the Sun EC implementation doesn't currently handle the seed properly
+        // so at the moment it's set to null. Should probably look at making this configurable
+        return new EllipticCurve(field, a, b, null);
+    }
+
+    public static ECCurve convertCurve(
+        EllipticCurve ec)
+    {
+        ECField field = ec.getField();
+        BigInteger a = ec.getA();
+        BigInteger b = ec.getB();
+
+        if (field instanceof ECFieldFp)
+        {
+            ECCurve.Fp curve = new ECCurve.Fp(((ECFieldFp)field).getP(), a, b);
+
+            if (customCurves.containsKey(curve))
+            {
+                return (ECCurve)customCurves.get(curve);
+            }
+
+            return curve;
+        }
+        else
+        {
+            ECFieldF2m fieldF2m = (ECFieldF2m)field;
+            int m = fieldF2m.getM();
+            int ks[] = ECUtil.convertMidTerms(fieldF2m.getMidTermsOfReductionPolynomial());
+            return new ECCurve.F2m(m, ks[0], ks[1], ks[2], a, b); 
+        }
+    }
+
+    public static ECField convertField(FiniteField field)
+    {
+        if (ECAlgorithms.isFpField(field))
+        {
+            return new ECFieldFp(field.getCharacteristic());
+        }
+        else //if (ECAlgorithms.isF2mField(curveField))
+        {
+            Polynomial poly = ((PolynomialExtensionField)field).getMinimalPolynomial();
+            int[] exponents = poly.getExponentsPresent();
+            int[] ks = Arrays.reverse(Arrays.copyOfRange(exponents, 1, exponents.length - 1));
+            return new ECFieldF2m(poly.getDegree(), ks);
+        }
+    }
+
+    public static ECParameterSpec convertSpec(
+        EllipticCurve ellipticCurve,
+        com.android.org.bouncycastle.jce.spec.ECParameterSpec spec)
+    {
+        if (spec instanceof ECNamedCurveParameterSpec)
+        {
+            return new ECNamedCurveSpec(
+                ((ECNamedCurveParameterSpec)spec).getName(),
+                ellipticCurve,
+                convertPoint(spec.getG()),
+                spec.getN(),
+                spec.getH());
+        }
+        else
+        {
+            return new ECParameterSpec(
+                ellipticCurve,
+                convertPoint(spec.getG()),
+                spec.getN(),
+                spec.getH().intValue());
+        }
+    }
+
+    public static com.android.org.bouncycastle.jce.spec.ECParameterSpec convertSpec(
+        ECParameterSpec ecSpec,
+        boolean withCompression)
+    {
+        ECCurve curve = convertCurve(ecSpec.getCurve());
+
+        if (ecSpec instanceof ECNamedCurveSpec)
+        {
+            return new com.android.org.bouncycastle.jce.spec.ECNamedCurveParameterSpec(
+                ((ECNamedCurveSpec)ecSpec).getName(),
+                curve,
+                convertPoint(curve, ecSpec.getGenerator(), withCompression),
+                ecSpec.getOrder(),
+                BigInteger.valueOf(ecSpec.getCofactor()),
+                ecSpec.getCurve().getSeed());
+        }
+        else
+        {
+            return new com.android.org.bouncycastle.jce.spec.ECParameterSpec(
+                curve,
+                convertPoint(curve, ecSpec.getGenerator(), withCompression),
+                ecSpec.getOrder(),
+                BigInteger.valueOf(ecSpec.getCofactor()),
+                ecSpec.getCurve().getSeed());
+        }
+    }
+
+    public static com.android.org.bouncycastle.math.ec.ECPoint convertPoint(
+        ECParameterSpec ecSpec,
+        ECPoint point,
+        boolean withCompression)
+    {
+        return convertPoint(convertCurve(ecSpec.getCurve()), point, withCompression);
+    }
+
+    public static com.android.org.bouncycastle.math.ec.ECPoint convertPoint(
+        ECCurve curve,
+        ECPoint point,
+        boolean withCompression)
+    {
+        return curve.createPoint(point.getAffineX(), point.getAffineY());
+    }
+
+    public static ECPoint convertPoint(com.android.org.bouncycastle.math.ec.ECPoint point)
+    {
+        point = point.normalize();
+
+        return new ECPoint(
+            point.getAffineXCoord().toBigInteger(),
+            point.getAffineYCoord().toBigInteger());
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java
new file mode 100644
index 0000000..86ba281
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/ECUtil.java

@@ -0,0 +1,429 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.util;
+
+import java.math.BigInteger;
+import java.security.InvalidKeyException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.util.Enumeration;
+import java.util.Map;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import com.android.org.bouncycastle.asn1.x9.ECNamedCurveTable;
+import com.android.org.bouncycastle.asn1.x9.X962Parameters;
+import com.android.org.bouncycastle.asn1.x9.X9ECParameters;
+import com.android.org.bouncycastle.crypto.ec.CustomNamedCurves;
+import com.android.org.bouncycastle.crypto.params.AsymmetricKeyParameter;
+import com.android.org.bouncycastle.crypto.params.ECDomainParameters;
+import com.android.org.bouncycastle.crypto.params.ECNamedDomainParameters;
+import com.android.org.bouncycastle.crypto.params.ECPrivateKeyParameters;
+import com.android.org.bouncycastle.crypto.params.ECPublicKeyParameters;
+import com.android.org.bouncycastle.jcajce.provider.config.ProviderConfiguration;
+import com.android.org.bouncycastle.jce.interfaces.ECPrivateKey;
+import com.android.org.bouncycastle.jce.interfaces.ECPublicKey;
+import com.android.org.bouncycastle.jce.provider.BouncyCastleProvider;
+import com.android.org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
+import com.android.org.bouncycastle.jce.spec.ECParameterSpec;
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.ECPoint;
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Fingerprint;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * utility class for converting jce/jca ECDSA, ECDH, and ECDHC
+ * objects into their org.bouncycastle.crypto counterparts.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ECUtil
+{
+    /**
+     * Returns a sorted array of middle terms of the reduction polynomial.
+     * @param k The unsorted array of middle terms of the reduction polynomial
+     * of length 1 or 3.
+     * @return the sorted array of middle terms of the reduction polynomial.
+     * This array always has length 3.
+     */
+    static int[] convertMidTerms(
+        int[] k)
+    {
+        int[] res = new int[3];
+        
+        if (k.length == 1)
+        {
+            res[0] = k[0];
+        }
+        else
+        {
+            if (k.length != 3)
+            {
+                throw new IllegalArgumentException("Only Trinomials and pentanomials supported");
+            }
+
+            if (k[0] < k[1] && k[0] < k[2])
+            {
+                res[0] = k[0];
+                if (k[1] < k[2])
+                {
+                    res[1] = k[1];
+                    res[2] = k[2];
+                }
+                else
+                {
+                    res[1] = k[2];
+                    res[2] = k[1];
+                }
+            }
+            else if (k[1] < k[2])
+            {
+                res[0] = k[1];
+                if (k[0] < k[2])
+                {
+                    res[1] = k[0];
+                    res[2] = k[2];
+                }
+                else
+                {
+                    res[1] = k[2];
+                    res[2] = k[0];
+                }
+            }
+            else
+            {
+                res[0] = k[2];
+                if (k[0] < k[1])
+                {
+                    res[1] = k[0];
+                    res[2] = k[1];
+                }
+                else
+                {
+                    res[1] = k[1];
+                    res[2] = k[0];
+                }
+            }
+        }
+
+        return res;
+    }
+
+    public static ECDomainParameters getDomainParameters(
+        ProviderConfiguration configuration,
+        com.android.org.bouncycastle.jce.spec.ECParameterSpec params)
+    {
+        ECDomainParameters domainParameters;
+
+        if (params instanceof ECNamedCurveParameterSpec)
+        {
+            ECNamedCurveParameterSpec nParams = (ECNamedCurveParameterSpec)params;
+            ASN1ObjectIdentifier nameOid = ECUtil.getNamedCurveOid(nParams.getName());
+
+            domainParameters = new ECNamedDomainParameters(nameOid, nParams.getCurve(), nParams.getG(), nParams.getN(), nParams.getH(), nParams.getSeed());
+        }
+        else if (params == null)
+        {
+            com.android.org.bouncycastle.jce.spec.ECParameterSpec iSpec = configuration.getEcImplicitlyCa();
+
+            domainParameters = new ECDomainParameters(iSpec.getCurve(), iSpec.getG(), iSpec.getN(), iSpec.getH(), iSpec.getSeed());
+        }
+        else
+        {
+            domainParameters = new ECDomainParameters(params.getCurve(), params.getG(), params.getN(), params.getH(), params.getSeed());
+        }
+
+        return domainParameters;
+    }
+
+    public static ECDomainParameters getDomainParameters(
+        ProviderConfiguration configuration,
+        X962Parameters params)
+    {
+        ECDomainParameters domainParameters;
+
+        if (params.isNamedCurve())
+        {
+            ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters());
+            X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
+            if (ecP == null)
+            {
+                Map extraCurves = configuration.getAdditionalECParameters();
+
+                ecP = (X9ECParameters)extraCurves.get(oid);
+            }
+            domainParameters = new ECNamedDomainParameters(oid, ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH(), ecP.getSeed());
+        }
+        else if (params.isImplicitlyCA())
+        {
+            com.android.org.bouncycastle.jce.spec.ECParameterSpec iSpec = configuration.getEcImplicitlyCa();
+
+            domainParameters = new ECDomainParameters(iSpec.getCurve(), iSpec.getG(), iSpec.getN(), iSpec.getH(), iSpec.getSeed());
+        }
+        else
+        {
+            X9ECParameters ecP = X9ECParameters.getInstance(params.getParameters());
+
+            domainParameters = new ECDomainParameters(ecP.getCurve(), ecP.getG(), ecP.getN(), ecP.getH(), ecP.getSeed());
+        }
+
+        return domainParameters;
+    }
+
+    public static AsymmetricKeyParameter generatePublicKeyParameter(
+        PublicKey    key)
+        throws InvalidKeyException
+    {
+        if (key instanceof ECPublicKey)
+        {
+            ECPublicKey    k = (ECPublicKey)key;
+            ECParameterSpec s = k.getParameters();
+
+            return new ECPublicKeyParameters(
+                            k.getQ(),
+                            new ECDomainParameters(s.getCurve(), s.getG(), s.getN(), s.getH(), s.getSeed()));
+        }
+        else if (key instanceof java.security.interfaces.ECPublicKey)
+        {
+            java.security.interfaces.ECPublicKey pubKey = (java.security.interfaces.ECPublicKey)key;
+            ECParameterSpec s = EC5Util.convertSpec(pubKey.getParams(), false);
+            return new ECPublicKeyParameters(
+                EC5Util.convertPoint(pubKey.getParams(), pubKey.getW(), false),
+                            new ECDomainParameters(s.getCurve(), s.getG(), s.getN(), s.getH(), s.getSeed()));
+        }
+        else
+        {
+            // see if we can build a key from key.getEncoded()
+            try
+            {
+                byte[] bytes = key.getEncoded();
+
+                if (bytes == null)
+                {
+                    throw new InvalidKeyException("no encoding for EC public key");
+                }
+
+                PublicKey publicKey = BouncyCastleProvider.getPublicKey(SubjectPublicKeyInfo.getInstance(bytes));
+
+                if (publicKey instanceof java.security.interfaces.ECPublicKey)
+                {
+                    return ECUtil.generatePublicKeyParameter(publicKey);
+                }
+            }
+            catch (Exception e)
+            {
+                throw new InvalidKeyException("cannot identify EC public key: " + e.toString());
+            }
+        }
+
+        throw new InvalidKeyException("cannot identify EC public key.");
+    }
+
+    public static AsymmetricKeyParameter generatePrivateKeyParameter(
+        PrivateKey    key)
+        throws InvalidKeyException
+    {
+        if (key instanceof ECPrivateKey)
+        {
+            ECPrivateKey  k = (ECPrivateKey)key;
+            ECParameterSpec s = k.getParameters();
+
+            if (s == null)
+            {
+                s = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
+            }
+
+            if (k.getParameters() instanceof ECNamedCurveParameterSpec)
+            {
+                String name = ((ECNamedCurveParameterSpec)k.getParameters()).getName();
+                return new ECPrivateKeyParameters(
+                    k.getD(),
+                    new ECNamedDomainParameters(ECNamedCurveTable.getOID(name),
+                        s.getCurve(), s.getG(), s.getN(), s.getH(), s.getSeed()));
+            }
+            else
+            {
+                return new ECPrivateKeyParameters(
+                    k.getD(),
+                    new ECDomainParameters(s.getCurve(), s.getG(), s.getN(), s.getH(), s.getSeed()));
+            }
+        }
+        else if (key instanceof java.security.interfaces.ECPrivateKey)
+        {
+            java.security.interfaces.ECPrivateKey privKey = (java.security.interfaces.ECPrivateKey)key;
+            ECParameterSpec s = EC5Util.convertSpec(privKey.getParams(), false);
+            return new ECPrivateKeyParameters(
+                            privKey.getS(),
+                            new ECDomainParameters(s.getCurve(), s.getG(), s.getN(), s.getH(), s.getSeed()));
+        }
+        else
+        {
+            // see if we can build a key from key.getEncoded()
+            try
+            {
+                byte[] bytes = key.getEncoded();
+
+                if (bytes == null)
+                {
+                    throw new InvalidKeyException("no encoding for EC private key");
+                }
+
+                PrivateKey privateKey = BouncyCastleProvider.getPrivateKey(PrivateKeyInfo.getInstance(bytes));
+
+                if (privateKey instanceof java.security.interfaces.ECPrivateKey)
+                {
+                    return ECUtil.generatePrivateKeyParameter(privateKey);
+                }
+            }
+            catch (Exception e)
+            {
+                throw new InvalidKeyException("cannot identify EC private key: " + e.toString());
+            }
+        }
+
+        throw new InvalidKeyException("can't identify EC private key.");
+    }
+
+    public static int getOrderBitLength(ProviderConfiguration configuration, BigInteger order, BigInteger privateValue)
+    {
+        if (order == null)     // implicitly CA
+        {
+            ECParameterSpec implicitCA = configuration.getEcImplicitlyCa();
+
+            if (implicitCA == null)
+            {
+                return privateValue.bitLength();   // a guess but better than an exception!
+            }
+
+            return implicitCA.getN().bitLength();
+        }
+        else
+        {
+            return order.bitLength();
+        }
+    }
+
+    public static ASN1ObjectIdentifier getNamedCurveOid(
+        String curveName)
+    {
+        String name = curveName;
+
+        int spacePos = name.indexOf(' ');
+        if (spacePos > 0)
+        {
+            name = name.substring(spacePos + 1);
+        }
+
+        try
+        {
+            if (name.charAt(0) >= '0' && name.charAt(0) <= '2')
+            {
+                return new ASN1ObjectIdentifier(name);
+            }
+        }
+        catch (IllegalArgumentException ex)
+        {
+        }
+
+        return ECNamedCurveTable.getOID(name);
+    }
+
+    public static ASN1ObjectIdentifier getNamedCurveOid(
+        ECParameterSpec ecParameterSpec)
+    {
+        for (Enumeration names = ECNamedCurveTable.getNames(); names.hasMoreElements();)
+        {
+            String name = (String)names.nextElement();
+
+            X9ECParameters params = ECNamedCurveTable.getByName(name);
+
+            if (params.getN().equals(ecParameterSpec.getN())
+                && params.getH().equals(ecParameterSpec.getH())
+                && params.getCurve().equals(ecParameterSpec.getCurve())
+                && params.getG().equals(ecParameterSpec.getG()))
+            {
+                return com.android.org.bouncycastle.asn1.x9.ECNamedCurveTable.getOID(name);
+            }
+        }
+
+        return null;
+    }
+
+    public static X9ECParameters getNamedCurveByOid(
+        ASN1ObjectIdentifier oid)
+    {
+        X9ECParameters params = CustomNamedCurves.getByOID(oid);
+
+        if (params == null)
+        {
+            params = ECNamedCurveTable.getByOID(oid);
+        }
+
+        return params;
+    }
+
+    public static X9ECParameters getNamedCurveByName(
+        String curveName)
+    {
+        X9ECParameters params = CustomNamedCurves.getByName(curveName);
+
+        if (params == null)
+        {
+            params = ECNamedCurveTable.getByName(curveName);
+        }
+
+        return params;
+    }
+
+    public static String getCurveName(
+        ASN1ObjectIdentifier oid)
+    {
+        return ECNamedCurveTable.getName(oid);
+    }
+
+    public static String privateKeyToString(String algorithm, BigInteger d, com.android.org.bouncycastle.jce.spec.ECParameterSpec spec)
+    {
+        StringBuffer buf = new StringBuffer();
+        String nl = Strings.lineSeparator();
+
+        com.android.org.bouncycastle.math.ec.ECPoint q = calculateQ(d, spec);
+
+        buf.append(algorithm);
+        buf.append(" Private Key [").append(ECUtil.generateKeyFingerprint(q, spec)).append("]").append(nl);
+        buf.append("            X: ").append(q.getAffineXCoord().toBigInteger().toString(16)).append(nl);
+        buf.append("            Y: ").append(q.getAffineYCoord().toBigInteger().toString(16)).append(nl);
+
+        return buf.toString();
+    }
+
+    private static com.android.org.bouncycastle.math.ec.ECPoint calculateQ(BigInteger d, com.android.org.bouncycastle.jce.spec.ECParameterSpec spec)
+    {
+        return spec.getG().multiply(d).normalize();
+    }
+
+    public static String publicKeyToString(String algorithm, com.android.org.bouncycastle.math.ec.ECPoint q, com.android.org.bouncycastle.jce.spec.ECParameterSpec spec)
+    {
+        StringBuffer buf = new StringBuffer();
+        String nl = Strings.lineSeparator();
+
+        buf.append(algorithm);
+        buf.append(" Public Key [").append(ECUtil.generateKeyFingerprint(q, spec)).append("]").append(nl);
+        buf.append("            X: ").append(q.getAffineXCoord().toBigInteger().toString(16)).append(nl);
+        buf.append("            Y: ").append(q.getAffineYCoord().toBigInteger().toString(16)).append(nl);
+
+        return buf.toString();
+    }
+
+    public static String generateKeyFingerprint(ECPoint publicPoint, com.android.org.bouncycastle.jce.spec.ECParameterSpec spec)
+    {
+        ECCurve curve = spec.getCurve();
+        ECPoint g = spec.getG();
+
+        if (curve != null)
+        {
+            return new Fingerprint(Arrays.concatenate(publicPoint.getEncoded(false), curve.getA().getEncoded(), curve.getB().getEncoded(), g.getEncoded(false))).toString();
+        }
+
+        return new Fingerprint(publicPoint.getEncoded(false)).toString();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/ExtendedInvalidKeySpecException.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/ExtendedInvalidKeySpecException.java
new file mode 100644
index 0000000..a417462
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/ExtendedInvalidKeySpecException.java

@@ -0,0 +1,25 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.util;
+
+import java.security.spec.InvalidKeySpecException;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ExtendedInvalidKeySpecException
+    extends InvalidKeySpecException
+{
+    private Throwable cause;
+
+    public ExtendedInvalidKeySpecException(String msg, Throwable cause)
+    {
+        super(msg);
+
+        this.cause = cause;
+    }
+
+    public Throwable getCause()
+    {
+        return cause;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/KeyUtil.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/KeyUtil.java
new file mode 100644
index 0000000..5f6ad2a
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/KeyUtil.java

@@ -0,0 +1,76 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.util;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class KeyUtil
+{
+    public static byte[] getEncodedSubjectPublicKeyInfo(AlgorithmIdentifier algId, ASN1Encodable keyData)
+    {
+        try
+        {
+            return getEncodedSubjectPublicKeyInfo(new SubjectPublicKeyInfo(algId, keyData));
+        }
+        catch (Exception e)
+        {
+            return null;
+        }
+    }
+
+    public static byte[] getEncodedSubjectPublicKeyInfo(AlgorithmIdentifier algId, byte[] keyData)
+    {
+        try
+        {
+            return getEncodedSubjectPublicKeyInfo(new SubjectPublicKeyInfo(algId, keyData));
+        }
+        catch (Exception e)
+        {
+            return null;
+        }
+    }
+
+    public static byte[] getEncodedSubjectPublicKeyInfo(SubjectPublicKeyInfo info)
+    {
+         try
+         {
+             return info.getEncoded(ASN1Encoding.DER);
+         }
+         catch (Exception e)
+         {
+             return null;
+         }
+    }
+
+    public static byte[] getEncodedPrivateKeyInfo(AlgorithmIdentifier algId, ASN1Encodable privKey)
+    {
+         try
+         {
+             PrivateKeyInfo info = new PrivateKeyInfo(algId, privKey.toASN1Primitive());
+
+             return getEncodedPrivateKeyInfo(info);
+         }
+         catch (Exception e)
+         {
+             return null;
+         }
+    }
+
+    public static byte[] getEncodedPrivateKeyInfo(PrivateKeyInfo info)
+    {
+         try
+         {
+             return info.getEncoded(ASN1Encoding.DER);
+         }
+         catch (Exception e)
+         {
+             return null;
+         }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/PKCS12BagAttributeCarrierImpl.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/PKCS12BagAttributeCarrierImpl.java
new file mode 100644
index 0000000..1fdfb6f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/PKCS12BagAttributeCarrierImpl.java

@@ -0,0 +1,128 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.util;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.util.Enumeration;
+import java.util.Hashtable;
+import java.util.Vector;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1InputStream;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1OutputStream;
+import com.android.org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PKCS12BagAttributeCarrierImpl
+    implements PKCS12BagAttributeCarrier
+{
+    private Hashtable pkcs12Attributes;
+    private Vector pkcs12Ordering;
+
+    PKCS12BagAttributeCarrierImpl(Hashtable attributes, Vector ordering)
+    {
+        this.pkcs12Attributes = attributes;
+        this.pkcs12Ordering = ordering;
+    }
+
+    public PKCS12BagAttributeCarrierImpl()
+    {
+        this(new Hashtable(), new Vector());
+    }
+
+    public void setBagAttribute(
+        ASN1ObjectIdentifier oid,
+        ASN1Encodable        attribute)
+    {
+        if (pkcs12Attributes.containsKey(oid))
+        {                           // preserve original ordering
+            pkcs12Attributes.put(oid, attribute);
+        }
+        else
+        {
+            pkcs12Attributes.put(oid, attribute);
+            pkcs12Ordering.addElement(oid);
+        }
+    }
+
+    public ASN1Encodable getBagAttribute(
+        ASN1ObjectIdentifier oid)
+    {
+        return (ASN1Encodable)pkcs12Attributes.get(oid);
+    }
+
+    public Enumeration getBagAttributeKeys()
+    {
+        return pkcs12Ordering.elements();
+    }
+
+    int size()
+    {
+        return pkcs12Ordering.size();
+    }
+
+    Hashtable getAttributes()
+    {
+        return pkcs12Attributes;
+    }
+
+    Vector getOrdering()
+    {
+        return pkcs12Ordering;
+    }
+
+    public void writeObject(ObjectOutputStream out)
+        throws IOException
+    {
+        if (pkcs12Ordering.size() == 0)
+        {
+            out.writeObject(new Hashtable());
+            out.writeObject(new Vector());
+        }
+        else
+        {
+            ByteArrayOutputStream bOut = new ByteArrayOutputStream();
+            ASN1OutputStream aOut = new ASN1OutputStream(bOut);
+
+            Enumeration             e = this.getBagAttributeKeys();
+
+            while (e.hasMoreElements())
+            {
+                ASN1ObjectIdentifier    oid = (ASN1ObjectIdentifier)e.nextElement();
+
+                aOut.writeObject(oid);
+                aOut.writeObject((ASN1Encodable)pkcs12Attributes.get(oid));
+            }
+
+            out.writeObject(bOut.toByteArray());
+        }
+    }
+
+    public void readObject(ObjectInputStream in)
+        throws IOException, ClassNotFoundException
+    {
+        Object obj = in.readObject();
+
+        if (obj instanceof Hashtable)
+        {
+            this.pkcs12Attributes = (Hashtable)obj;
+            this.pkcs12Ordering = (Vector)in.readObject();
+        }
+        else
+        {
+            ASN1InputStream aIn = new ASN1InputStream((byte[])obj);
+
+            ASN1ObjectIdentifier    oid;
+
+            while ((oid = (ASN1ObjectIdentifier)aIn.readObject()) != null)
+            {
+                this.setBagAttribute(oid, aIn.readObject());
+            }
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/PrimeCertaintyCalculator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/PrimeCertaintyCalculator.java
new file mode 100644
index 0000000..f267aa3
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/util/PrimeCertaintyCalculator.java

@@ -0,0 +1,25 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.util;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PrimeCertaintyCalculator
+{
+    private PrimeCertaintyCalculator()
+    {
+
+    }
+
+    /**
+     * Return the current wisdom on prime certainty requirements.
+     *
+     * @param keySizeInBits size of the key being generated.
+     * @return a certainty value.
+     */
+    public static int getDefaultCertainty(int keySizeInBits)
+    {
+        // Based on FIPS 186-4 Table C.1
+        return keySizeInBits <= 1024 ? 80 : (96 + 16 * ((keySizeInBits - 1) / 1024));
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java
new file mode 100644
index 0000000..1f57708
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/x509/CertificateFactory.java

@@ -0,0 +1,460 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.x509;
+
+import java.io.BufferedInputStream;
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+// Android-added: Use PushbackInputStream
+import java.io.PushbackInputStream;
+import java.security.cert.CRL;
+import java.security.cert.CRLException;
+import java.security.cert.CertPath;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactorySpi;
+import java.security.cert.CertificateParsingException;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Iterator;
+import java.util.List;
+
+import com.android.org.bouncycastle.asn1.ASN1InputStream;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1Set;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.SignedData;
+import com.android.org.bouncycastle.asn1.x509.Certificate;
+import com.android.org.bouncycastle.asn1.x509.CertificateList;
+import com.android.org.bouncycastle.jcajce.util.BCJcaJceHelper;
+import com.android.org.bouncycastle.jcajce.util.JcaJceHelper;
+import com.android.org.bouncycastle.util.io.Streams;
+
+/**
+ * class for dealing with X509 certificates.
+ * <p>
+ * At the moment this will deal with "-----BEGIN CERTIFICATE-----" to "-----END CERTIFICATE-----"
+ * base 64 encoded certs, as well as the BER binaries of certificates and some classes of PKCS#7
+ * objects.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class CertificateFactory
+    extends CertificateFactorySpi
+{
+    private final JcaJceHelper bcHelper = new BCJcaJceHelper();
+
+    private static final PEMUtil PEM_CERT_PARSER = new PEMUtil("CERTIFICATE");
+    private static final PEMUtil PEM_CRL_PARSER = new PEMUtil("CRL");
+    private static final PEMUtil PEM_PKCS7_PARSER = new PEMUtil("PKCS7");
+
+    private ASN1Set sData = null;
+    private int                sDataObjectCount = 0;
+    private InputStream currentStream = null;
+    
+    private ASN1Set sCrlData = null;
+    private int                sCrlDataObjectCount = 0;
+    private InputStream currentCrlStream = null;
+
+    private java.security.cert.Certificate readDERCertificate(
+        ASN1InputStream dIn)
+        throws IOException, CertificateParsingException
+    {
+        return getCertificate(ASN1Sequence.getInstance(dIn.readObject()));
+    }
+
+    private java.security.cert.Certificate readPEMCertificate(
+        InputStream in)
+        throws IOException, CertificateParsingException
+    {
+        return getCertificate(PEM_CERT_PARSER.readPEMObject(in));
+    }
+
+    private java.security.cert.Certificate getCertificate(ASN1Sequence seq)
+        throws CertificateParsingException
+    {
+        if (seq == null)
+        {
+            return null;
+        }
+        
+        if (seq.size() > 1
+                && seq.getObjectAt(0) instanceof ASN1ObjectIdentifier)
+        {
+            if (seq.getObjectAt(0).equals(PKCSObjectIdentifiers.signedData))
+            {
+                sData = SignedData.getInstance(ASN1Sequence.getInstance(
+                    (ASN1TaggedObject)seq.getObjectAt(1), true)).getCertificates();
+
+                return getCertificate();
+            }
+        }
+
+        return new X509CertificateObject(bcHelper,
+                            Certificate.getInstance(seq));
+    }
+
+    private java.security.cert.Certificate getCertificate()
+        throws CertificateParsingException
+    {
+        if (sData != null)
+        {
+            while (sDataObjectCount < sData.size())
+            {
+                Object obj = sData.getObjectAt(sDataObjectCount++);
+
+                if (obj instanceof ASN1Sequence)
+                {
+                   return new X509CertificateObject(bcHelper,
+                                    Certificate.getInstance(obj));
+                }
+            }
+        }
+
+        return null;
+    }
+
+
+    protected CRL createCRL(CertificateList c)
+        throws CRLException
+    {
+        return new X509CRLObject(bcHelper, c);
+    }
+    
+    private CRL readPEMCRL(
+        InputStream in)
+        throws IOException, CRLException
+    {
+        return getCRL(PEM_CRL_PARSER.readPEMObject(in));
+    }
+
+    private CRL readDERCRL(
+        ASN1InputStream aIn)
+        throws IOException, CRLException
+    {
+        return getCRL(ASN1Sequence.getInstance(aIn.readObject()));
+    }
+
+    private CRL getCRL(ASN1Sequence seq)
+        throws CRLException
+    {
+        if (seq == null)
+        {
+            return null;
+        }
+        
+        if (seq.size() > 1
+                && seq.getObjectAt(0) instanceof ASN1ObjectIdentifier)
+        {
+            if (seq.getObjectAt(0).equals(PKCSObjectIdentifiers.signedData))
+            {
+                sCrlData = SignedData.getInstance(ASN1Sequence.getInstance(
+                    (ASN1TaggedObject)seq.getObjectAt(1), true)).getCRLs();
+
+                return getCRL();
+            }
+        }
+
+        return createCRL(
+                     CertificateList.getInstance(seq));
+    }
+
+    private CRL getCRL()
+        throws CRLException
+    {
+        if (sCrlData == null || sCrlDataObjectCount >= sCrlData.size())
+        {
+            return null;
+        }
+
+        return createCRL(
+                            CertificateList.getInstance(
+                                sCrlData.getObjectAt(sCrlDataObjectCount++)));
+    }
+
+    /**
+     * Generates a certificate object and initializes it with the data
+     * read from the input stream inStream.
+     */
+    public java.security.cert.Certificate engineGenerateCertificate(
+        InputStream in)
+        throws CertificateException
+    {
+        if (currentStream == null)
+        {
+            currentStream = in;
+            sData = null;
+            sDataObjectCount = 0;
+        }
+        else if (currentStream != in) // reset if input stream has changed
+        {
+            currentStream = in;
+            sData = null;
+            sDataObjectCount = 0;
+        }
+
+        try
+        {
+            if (sData != null)
+            {
+                if (sDataObjectCount != sData.size())
+                {
+                    return getCertificate();
+                }
+                else
+                {
+                    sData = null;
+                    sDataObjectCount = 0;
+                    return null;
+                }
+            }
+
+            InputStream pis;
+
+            if (in.markSupported())
+            {
+                pis = in;
+            }
+            else
+            {
+                // Android-changed: Use PushbackInputStream instead of ByteArrayInputStream.
+                // we want {@code in.available()} to return the number of available bytes if
+                // there is trailing data (otherwise it breaks
+                // libcore.java.security.cert.X509CertificateTest#test_Provider
+                // ). Which is not possible if we read the whole stream at this point.
+                // // pis = new ByteArrayInputStream(Streams.readAll(in));
+                pis = new PushbackInputStream(in);
+            }
+
+            // BEGIN Android-changed: Use PushbackInputStream
+            // pis.mark(1);
+            if (in.markSupported()) {
+                pis.mark(1);
+            }
+            // END Android-changed: Use PushbackInputStream
+
+            int tag = pis.read();
+
+            if (tag == -1)
+            {
+                return null;
+            }
+
+            // BEGIN Android-changed: Use PushbackInputStream
+            // pis.reset
+            if (in.markSupported()) {
+                pis.reset();
+            }
+            else
+            {
+                ((PushbackInputStream) pis).unread(tag);
+            }
+            // END Android-changed: Use PushbackInputStream
+
+            if (tag != 0x30)  // assume ascii PEM encoded.
+            {
+                return readPEMCertificate(pis);
+            }
+            else
+            {
+                return readDERCertificate(new ASN1InputStream(pis));
+            }
+        }
+        catch (Exception e)
+        {
+            throw new ExCertificateException("parsing issue: " + e.getMessage(), e);
+        }
+    }
+
+    /**
+     * Returns a (possibly empty) collection view of the certificates
+     * read from the given input stream inStream.
+     */
+    public Collection engineGenerateCertificates(
+        InputStream inStream)
+        throws CertificateException
+    {
+        java.security.cert.Certificate     cert;
+        // Android-removed: Don't read entire stream immediately.
+        // we want {@code in.available()} to return the number of available bytes if
+        // there is trailing data (otherwise it breaks
+        // libcore.java.security.cert.X509CertificateTest#test_Provider
+        // ). Which is not possible if we read the whole stream at this point.
+        // BufferedInputStream in = new BufferedInputStream(inStream);
+        List certs = new ArrayList();
+
+        // Android-changed: Read from original stream
+        // while ((cert = engineGenerateCertificate(in)) != null)
+        while ((cert = engineGenerateCertificate(inStream)) != null)
+        {
+            certs.add(cert);
+        }
+
+        return certs;
+    }
+
+    /**
+     * Generates a certificate revocation list (CRL) object and initializes
+     * it with the data read from the input stream inStream.
+     */
+    public CRL engineGenerateCRL(
+        InputStream in)
+        throws CRLException
+    {
+        if (currentCrlStream == null)
+        {
+            currentCrlStream = in;
+            sCrlData = null;
+            sCrlDataObjectCount = 0;
+        }
+        else if (currentCrlStream != in) // reset if input stream has changed
+        {
+            currentCrlStream = in;
+            sCrlData = null;
+            sCrlDataObjectCount = 0;
+        }
+
+        try
+        {
+            if (sCrlData != null)
+            {
+                if (sCrlDataObjectCount != sCrlData.size())
+                {
+                    return getCRL();
+                }
+                else
+                {
+                    sCrlData = null;
+                    sCrlDataObjectCount = 0;
+                    return null;
+                }
+            }
+
+            InputStream pis;
+
+            if (in.markSupported())
+            {
+                pis = in;
+            }
+            else
+            {
+                pis = new ByteArrayInputStream(Streams.readAll(in));
+            }
+
+            pis.mark(1);
+            int tag = pis.read();
+
+            if (tag == -1)
+            {
+                return null;
+            }
+
+            pis.reset();
+            if (tag != 0x30)  // assume ascii PEM encoded.
+            {
+                return readPEMCRL(pis);
+            }
+            else
+            {       // lazy evaluate to help processing of large CRLs
+                return readDERCRL(new ASN1InputStream(pis, true));
+            }
+        }
+        catch (CRLException e)
+        {
+            throw e;
+        }
+        catch (Exception e)
+        {
+            throw new CRLException(e.toString());
+        }
+    }
+
+    /**
+     * Returns a (possibly empty) collection view of the CRLs read from
+     * the given input stream inStream.
+     *
+     * The inStream may contain a sequence of DER-encoded CRLs, or
+     * a PKCS#7 CRL set.  This is a PKCS#7 SignedData object, with the
+     * only signficant field being crls.  In particular the signature
+     * and the contents are ignored.
+     */
+    public Collection engineGenerateCRLs(
+        InputStream inStream)
+        throws CRLException
+    {
+        CRL crl;
+        List crls = new ArrayList();
+        BufferedInputStream in = new BufferedInputStream(inStream);
+
+        while ((crl = engineGenerateCRL(in)) != null)
+        {
+            crls.add(crl);
+        }
+
+        return crls;
+    }
+
+    public Iterator engineGetCertPathEncodings()
+    {
+        return PKIXCertPath.certPathEncodings.iterator();
+    }
+
+    public CertPath engineGenerateCertPath(
+        InputStream inStream)
+        throws CertificateException
+    {
+        return engineGenerateCertPath(inStream, "PkiPath");
+    }
+
+    public CertPath engineGenerateCertPath(
+        InputStream inStream,
+        String encoding)
+        throws CertificateException
+    {
+        return new PKIXCertPath(inStream, encoding);
+    }
+
+    public CertPath engineGenerateCertPath(
+        List certificates)
+        throws CertificateException
+    {
+        Iterator iter = certificates.iterator();
+        Object obj;
+        while (iter.hasNext())
+        {
+            obj = iter.next();
+            if (obj != null)
+            {
+                if (!(obj instanceof X509Certificate))
+                {
+                    throw new CertificateException("list contains non X509Certificate object while creating CertPath\n" + obj.toString());
+                }
+            }
+        }
+        return new PKIXCertPath(certificates);
+    }
+
+    private class ExCertificateException
+        extends CertificateException
+    {
+        private Throwable cause;
+
+        public ExCertificateException(Throwable cause)
+        {
+            this.cause = cause;
+        }
+
+        public ExCertificateException(String msg, Throwable cause)
+        {
+            super(msg);
+
+            this.cause = cause;
+        }
+
+        public Throwable getCause()
+        {
+            return cause;
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/x509/ExtCRLException.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/x509/ExtCRLException.java
new file mode 100644
index 0000000..7282495
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/x509/ExtCRLException.java

@@ -0,0 +1,21 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.x509;
+
+import java.security.cert.CRLException;
+
+class ExtCRLException
+    extends CRLException
+{
+    Throwable cause;
+
+    ExtCRLException(String message, Throwable cause)
+    {
+        super(message);
+        this.cause = cause;
+    }
+
+    public Throwable getCause()
+    {
+        return cause;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/x509/KeyFactory.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/x509/KeyFactory.java
new file mode 100644
index 0000000..ed83a80
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/x509/KeyFactory.java

@@ -0,0 +1,99 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.x509;
+
+import java.security.InvalidKeyException;
+import java.security.Key;
+import java.security.KeyFactorySpi;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.KeySpec;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.spec.X509EncodedKeySpec;
+
+import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import com.android.org.bouncycastle.jce.provider.BouncyCastleProvider;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class KeyFactory
+    extends KeyFactorySpi
+{
+
+    protected PrivateKey engineGeneratePrivate(
+        KeySpec keySpec)
+        throws InvalidKeySpecException
+    {
+        if (keySpec instanceof PKCS8EncodedKeySpec)
+        {
+            try
+            {
+                PrivateKeyInfo info = PrivateKeyInfo.getInstance(((PKCS8EncodedKeySpec)keySpec).getEncoded());
+                PrivateKey     key = BouncyCastleProvider.getPrivateKey(info);
+
+                if (key != null)
+                {
+                    return key;
+                }
+
+                throw new InvalidKeySpecException("no factory found for OID: " + info.getPrivateKeyAlgorithm().getAlgorithm());
+            }
+            catch (Exception e)
+            {
+                throw new InvalidKeySpecException(e.toString());
+            }
+        }
+
+        throw new InvalidKeySpecException("Unknown KeySpec type: " + keySpec.getClass().getName());
+    }
+
+    protected PublicKey engineGeneratePublic(
+        KeySpec keySpec)
+        throws InvalidKeySpecException
+    {
+        if (keySpec instanceof X509EncodedKeySpec)
+        {
+            try
+            {
+                SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(((X509EncodedKeySpec)keySpec).getEncoded());
+                PublicKey            key = BouncyCastleProvider.getPublicKey(info);
+
+                if (key != null)
+                {
+                    return key;
+                }
+
+                throw new InvalidKeySpecException("no factory found for OID: " + info.getAlgorithm().getAlgorithm());
+            }
+            catch (Exception e)
+            {
+                throw new InvalidKeySpecException(e.toString());
+            }
+        }
+
+        throw new InvalidKeySpecException("Unknown KeySpec type: " + keySpec.getClass().getName());
+    }
+
+    protected KeySpec engineGetKeySpec(Key key, Class keySpec)
+        throws InvalidKeySpecException
+    {
+        if (keySpec.isAssignableFrom(PKCS8EncodedKeySpec.class) && key.getFormat().equals("PKCS#8"))
+        {
+            return new PKCS8EncodedKeySpec(key.getEncoded());
+        }
+        else if (keySpec.isAssignableFrom(X509EncodedKeySpec.class) && key.getFormat().equals("X.509"))
+        {
+            return new X509EncodedKeySpec(key.getEncoded());
+        }
+
+        throw new InvalidKeySpecException("not implemented yet " + key + " " + keySpec);
+    }
+
+    protected Key engineTranslateKey(Key key)
+        throws InvalidKeyException
+    {
+        throw new InvalidKeyException("not implemented yet " + key);
+    }
+}
\ No newline at end of file

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/x509/PEMUtil.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/x509/PEMUtil.java
new file mode 100644
index 0000000..b0483e4
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/x509/PEMUtil.java

@@ -0,0 +1,109 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.x509;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.util.encoders.Base64;
+
+class PEMUtil
+{
+    private final String _header1;
+    private final String _header2;
+    private final String _header3;
+    private final String _footer1;
+    private final String _footer2;
+    private final String _footer3;
+
+    PEMUtil(
+        String type)
+    {
+        _header1 = "-----BEGIN " + type + "-----";
+        _header2 = "-----BEGIN X509 " + type + "-----";
+        _header3 = "-----BEGIN PKCS7-----";
+        _footer1 = "-----END " + type + "-----";
+        _footer2 = "-----END X509 " + type + "-----";
+        _footer3 = "-----END PKCS7-----";
+    }
+
+    private String readLine(
+        InputStream in)
+        throws IOException
+    {
+        int             c;
+        StringBuffer l = new StringBuffer();
+
+        do
+        {
+            while (((c = in.read()) != '\r') && c != '\n' && (c >= 0))
+            {
+                l.append((char)c);
+            }
+        }
+        while (c >= 0 && l.length() == 0);
+
+        if (c < 0)
+        {
+            return null;
+        }
+
+        // make sure we parse to end of line.
+        if (c == '\r')
+        {
+            // a '\n' may follow
+            in.mark(1);
+            if (((c = in.read()) == '\n'))
+            {
+                in.mark(1);
+            }
+
+            if (c > 0)
+            {
+                in.reset();
+            }
+        }
+
+        return l.toString();
+    }
+
+    ASN1Sequence readPEMObject(
+        InputStream in)
+        throws IOException
+    {
+        String line;
+        StringBuffer pemBuf = new StringBuffer();
+
+        while ((line = readLine(in)) != null)
+        {
+            if (line.startsWith(_header1) || line.startsWith(_header2) || line.startsWith(_header3))
+            {
+                break;
+            }
+        }
+
+        while ((line = readLine(in)) != null)
+        {
+            if (line.startsWith(_footer1) || line.startsWith(_footer2) || line.startsWith(_footer3))
+            {
+                break;
+            }
+
+            pemBuf.append(line);
+        }
+
+        if (pemBuf.length() != 0)
+        {
+            try
+            {
+                return ASN1Sequence.getInstance(Base64.decode(pemBuf.toString()));
+            }
+            catch (Exception e)
+            {
+                throw new IOException("malformed PEM data encountered");
+            }
+        }
+
+        return null;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java
new file mode 100644
index 0000000..a438ccc
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/x509/PKIXCertPath.java

@@ -0,0 +1,382 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.x509;
+
+import java.io.BufferedInputStream;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStreamWriter;
+import java.security.NoSuchProviderException;
+import java.security.cert.CertPath;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.Enumeration;
+import java.util.Iterator;
+import java.util.List;
+import java.util.ListIterator;
+
+import javax.security.auth.x500.X500Principal;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1InputStream;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.DERSet;
+import com.android.org.bouncycastle.asn1.pkcs.ContentInfo;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.SignedData;
+import com.android.org.bouncycastle.jcajce.util.BCJcaJceHelper;
+import com.android.org.bouncycastle.jcajce.util.JcaJceHelper;
+import com.android.org.bouncycastle.util.io.pem.PemObject;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.util.io.pem.PemWriter;
+
+/**
+ * CertPath implementation for X.509 certificates.
+ * @hide This class is not part of the Android public SDK API
+ */
+public  class PKIXCertPath
+    extends CertPath
+{
+    private final JcaJceHelper helper = new BCJcaJceHelper();
+
+    static final List certPathEncodings;
+
+    static
+    {
+        List encodings = new ArrayList();
+        encodings.add("PkiPath");
+        // Android-removed: Unsupported algorithms
+        // encodings.add("PEM");
+        encodings.add("PKCS7");
+        certPathEncodings = Collections.unmodifiableList(encodings);
+    }
+
+    private List certificates;
+
+    /**
+     * @param certs
+     */
+    private List sortCerts(
+        List certs)
+    {
+        if (certs.size() < 2)
+        {
+            return certs;
+        }
+        
+        X500Principal issuer = ((X509Certificate)certs.get(0)).getIssuerX500Principal();
+        boolean         okay = true;
+        
+        for (int i = 1; i != certs.size(); i++) 
+        {
+            X509Certificate cert = (X509Certificate)certs.get(i);
+            
+            if (issuer.equals(cert.getSubjectX500Principal()))
+            {
+                issuer = ((X509Certificate)certs.get(i)).getIssuerX500Principal();
+            }
+            else
+            {
+                okay = false;
+                break;
+            }
+        }
+        
+        if (okay)
+        {
+            return certs;
+        }
+        
+        // find end-entity cert
+        List retList = new ArrayList(certs.size());
+        List orig = new ArrayList(certs);
+
+        for (int i = 0; i < certs.size(); i++)
+        {
+            X509Certificate cert = (X509Certificate)certs.get(i);
+            boolean         found = false;
+            
+            X500Principal subject = cert.getSubjectX500Principal();
+            
+            for (int j = 0; j != certs.size(); j++)
+            {
+                X509Certificate c = (X509Certificate)certs.get(j);
+                if (c.getIssuerX500Principal().equals(subject))
+                {
+                    found = true;
+                    break;
+                }
+            }
+            
+            if (!found)
+            {
+                retList.add(cert);
+                certs.remove(i);
+            }
+        }
+        
+        // can only have one end entity cert - something's wrong, give up.
+        if (retList.size() > 1)
+        {
+            return orig;
+        }
+
+        for (int i = 0; i != retList.size(); i++)
+        {
+            issuer = ((X509Certificate)retList.get(i)).getIssuerX500Principal();
+            
+            for (int j = 0; j < certs.size(); j++)
+            {
+                X509Certificate c = (X509Certificate)certs.get(j);
+                if (issuer.equals(c.getSubjectX500Principal()))
+                {
+                    retList.add(c);
+                    certs.remove(j);
+                    break;
+                }
+            }
+        }
+        
+        // make sure all certificates are accounted for.
+        if (certs.size() > 0)
+        {
+            return orig;
+        }
+        
+        return retList;
+    }
+
+    PKIXCertPath(List certificates)
+    {
+        super("X.509");
+        this.certificates = sortCerts(new ArrayList(certificates));
+    }
+
+    /**
+     * Creates a CertPath of the specified type.
+     * This constructor is protected because most users should use
+     * a CertificateFactory to create CertPaths.
+     **/
+    PKIXCertPath(
+        InputStream inStream,
+        String encoding)
+        throws CertificateException
+    {
+        super("X.509");
+        try
+        {
+            if (encoding.equalsIgnoreCase("PkiPath"))
+            {
+                ASN1InputStream derInStream = new ASN1InputStream(inStream);
+                ASN1Primitive derObject = derInStream.readObject();
+                if (!(derObject instanceof ASN1Sequence))
+                {
+                    throw new CertificateException("input stream does not contain a ASN1 SEQUENCE while reading PkiPath encoded data to load CertPath");
+                }
+                Enumeration e = ((ASN1Sequence)derObject).getObjects();
+                certificates = new ArrayList();
+                CertificateFactory certFactory = helper.createCertificateFactory("X.509");
+                while (e.hasMoreElements())
+                {
+                    ASN1Encodable element = (ASN1Encodable)e.nextElement();
+                    byte[] encoded = element.toASN1Primitive().getEncoded(ASN1Encoding.DER);
+                    certificates.add(0, certFactory.generateCertificate(
+                        new ByteArrayInputStream(encoded)));
+                }
+            }
+            else if (encoding.equalsIgnoreCase("PKCS7") || encoding.equalsIgnoreCase("PEM"))
+            {
+                inStream = new BufferedInputStream(inStream);
+                certificates = new ArrayList();
+                CertificateFactory certFactory= helper.createCertificateFactory("X.509");
+                Certificate cert;
+                while ((cert = certFactory.generateCertificate(inStream)) != null)
+                {
+                    certificates.add(cert);
+                }
+            }
+            else
+            {
+                throw new CertificateException("unsupported encoding: " + encoding);
+            }
+        }
+        catch (IOException ex)
+        {
+            throw new CertificateException("IOException throw while decoding CertPath:\n" + ex.toString());
+        }
+        catch (NoSuchProviderException ex)
+        {
+            throw new CertificateException("BouncyCastle provider not found while trying to get a CertificateFactory:\n" + ex.toString());
+        }
+
+        this.certificates = sortCerts(certificates);
+    }
+    
+    /**
+     * Returns an iteration of the encodings supported by this
+     * certification path, with the default encoding
+     * first. Attempts to modify the returned Iterator via its
+     * remove method result in an UnsupportedOperationException.
+     *
+     * @return an Iterator over the names of the supported encodings (as Strings)
+     **/
+    public Iterator getEncodings()
+    {
+        return certPathEncodings.iterator();
+    }
+
+    /**
+     * Returns the encoded form of this certification path, using
+     * the default encoding.
+     *
+     * @return the encoded bytes
+     * @exception java.security.cert.CertificateEncodingException if an encoding error occurs
+     **/
+    public byte[] getEncoded()
+        throws CertificateEncodingException
+    {
+        Iterator iter = getEncodings();
+        if (iter.hasNext())
+        {
+            Object enc = iter.next();
+            if (enc instanceof String)
+            {
+            return getEncoded((String)enc);
+            }
+        }
+        return null;
+    }
+
+    /**
+     * Returns the encoded form of this certification path, using
+     * the specified encoding.
+     *
+     * @param encoding the name of the encoding to use
+     * @return the encoded bytes
+     * @exception java.security.cert.CertificateEncodingException if an encoding error
+     * occurs or the encoding requested is not supported
+     *
+     **/
+    public byte[] getEncoded(String encoding)
+        throws CertificateEncodingException
+    {
+        if (encoding.equalsIgnoreCase("PkiPath"))
+        {
+            ASN1EncodableVector v = new ASN1EncodableVector();
+
+            ListIterator iter = certificates.listIterator(certificates.size());
+            while (iter.hasPrevious())
+            {
+                v.add(toASN1Object((X509Certificate)iter.previous()));
+            }
+
+            return toDEREncoded(new DERSequence(v));
+        }
+        else if (encoding.equalsIgnoreCase("PKCS7"))
+        {
+            ContentInfo encInfo = new ContentInfo(PKCSObjectIdentifiers.data, null);
+
+            ASN1EncodableVector v = new ASN1EncodableVector();
+            for (int i = 0; i != certificates.size(); i++)
+            {
+                v.add(toASN1Object((X509Certificate)certificates.get(i)));
+            }
+            
+            SignedData sd = new SignedData(
+                                     new ASN1Integer(1),
+                                     new DERSet(),
+                                     encInfo, 
+                                     new DERSet(v),
+                                     null, 
+                                     new DERSet());
+
+            return toDEREncoded(new ContentInfo(
+                    PKCSObjectIdentifiers.signedData, sd));
+        }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        else if (encoding.equalsIgnoreCase("PEM"))
+        {
+            ByteArrayOutputStream bOut = new ByteArrayOutputStream();
+            PemWriter pWrt = new PemWriter(new OutputStreamWriter(bOut));
+
+            try
+            {
+                for (int i = 0; i != certificates.size(); i++)
+                {
+                    pWrt.writeObject(new PemObject("CERTIFICATE", ((X509Certificate)certificates.get(i)).getEncoded()));
+                }
+            
+                pWrt.close();
+            }
+            catch (Exception e)
+            {
+                throw new CertificateEncodingException("can't encode certificate for PEM encoded path");
+            }
+
+            return bOut.toByteArray();
+        }
+        */
+        // END Android-removed: Unsupported algorithms
+        else
+        {
+            throw new CertificateEncodingException("unsupported encoding: " + encoding);
+        }
+    }
+
+    /**
+     * Returns the list of certificates in this certification
+     * path. The List returned must be immutable and thread-safe. 
+     *
+     * @return an immutable List of Certificates (may be empty, but not null)
+     **/
+    public List getCertificates()
+    {
+        return Collections.unmodifiableList(new ArrayList(certificates));
+    }
+
+    /**
+     * Return a DERObject containing the encoded certificate.
+     *
+     * @param cert the X509Certificate object to be encoded
+     *
+     * @return the DERObject
+     **/
+    private ASN1Primitive toASN1Object(
+        X509Certificate cert)
+        throws CertificateEncodingException
+    {
+        try
+        {
+            return new ASN1InputStream(cert.getEncoded()).readObject();
+        }
+        catch (Exception e)
+        {
+            throw new CertificateEncodingException("Exception while encoding certificate: " + e.toString());
+        }
+    }
+    
+    private byte[] toDEREncoded(ASN1Encodable obj)
+        throws CertificateEncodingException
+    {
+        try
+        {
+            return obj.toASN1Primitive().getEncoded(ASN1Encoding.DER);
+        }
+        catch (IOException e)
+        {
+            throw new CertificateEncodingException("Exception thrown: " + e);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CRLEntryObject.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CRLEntryObject.java
new file mode 100644
index 0000000..f9c39a8
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CRLEntryObject.java

@@ -0,0 +1,319 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.x509;
+
+import java.io.IOException;
+import java.math.BigInteger;
+import java.security.cert.CRLException;
+import java.security.cert.X509CRLEntry;
+import java.util.Date;
+import java.util.Enumeration;
+import java.util.HashSet;
+import java.util.Set;
+
+import javax.security.auth.x500.X500Principal;
+
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1Enumerated;
+import com.android.org.bouncycastle.asn1.ASN1InputStream;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.util.ASN1Dump;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+import com.android.org.bouncycastle.asn1.x509.CRLReason;
+import com.android.org.bouncycastle.asn1.x509.Extension;
+import com.android.org.bouncycastle.asn1.x509.Extensions;
+import com.android.org.bouncycastle.asn1.x509.GeneralName;
+import com.android.org.bouncycastle.asn1.x509.GeneralNames;
+import com.android.org.bouncycastle.asn1.x509.TBSCertList;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * The following extensions are listed in RFC 2459 as relevant to CRL Entries
+ * 
+ * ReasonCode Hode Instruction Code Invalidity Date Certificate Issuer
+ * (critical)
+ */
+class X509CRLEntryObject extends X509CRLEntry
+{
+    private TBSCertList.CRLEntry c;
+
+    private X500Name certificateIssuer;
+    private int           hashValue;
+    private boolean       isHashValueSet;
+
+    protected X509CRLEntryObject(TBSCertList.CRLEntry c)
+    {
+        this.c = c;
+        this.certificateIssuer = null;
+    }
+
+    /**
+     * Constructor for CRLEntries of indirect CRLs. If <code>isIndirect</code>
+     * is <code>false</code> {@link #getCertificateIssuer()} will always
+     * return <code>null</code>, <code>previousCertificateIssuer</code> is
+     * ignored. If this <code>isIndirect</code> is specified and this CRLEntry
+     * has no certificate issuer CRL entry extension
+     * <code>previousCertificateIssuer</code> is returned by
+     * {@link #getCertificateIssuer()}.
+     * 
+     * @param c
+     *            TBSCertList.CRLEntry object.
+     * @param isIndirect
+     *            <code>true</code> if the corresponding CRL is a indirect
+     *            CRL.
+     * @param previousCertificateIssuer
+     *            Certificate issuer of the previous CRLEntry.
+     */
+    protected X509CRLEntryObject(
+        TBSCertList.CRLEntry c,
+        boolean isIndirect,
+        X500Name previousCertificateIssuer)
+    {
+        this.c = c;
+        this.certificateIssuer = loadCertificateIssuer(isIndirect, previousCertificateIssuer);
+    }
+
+    /**
+     * Will return true if any extensions are present and marked as critical as
+     * we currently don't handle any extensions!
+     */
+    public boolean hasUnsupportedCriticalExtension()
+    {
+        Set extns = getCriticalExtensionOIDs();
+
+        return extns != null && !extns.isEmpty();
+    }
+
+    private X500Name loadCertificateIssuer(boolean isIndirect, X500Name previousCertificateIssuer)
+    {
+        if (!isIndirect)
+        {
+            return null;
+        }
+
+        Extension ext = getExtension(Extension.certificateIssuer);
+        if (ext == null)
+        {
+            return previousCertificateIssuer;
+        }
+
+        try
+        {
+            GeneralName[] names = GeneralNames.getInstance(ext.getParsedValue()).getNames();
+            for (int i = 0; i < names.length; i++)
+            {
+                if (names[i].getTagNo() == GeneralName.directoryName)
+                {
+                    return X500Name.getInstance(names[i].getName());
+                }
+            }
+            return null;
+        }
+        catch (Exception e)
+        {
+            return null;
+        }
+    }
+
+    public X500Principal getCertificateIssuer()
+    {
+        if (certificateIssuer == null)
+        {
+            return null;
+        }
+        try
+        {
+            return new X500Principal(certificateIssuer.getEncoded());
+        }
+        catch (IOException e)
+        {
+            return null;
+        }
+    }
+
+    private Set getExtensionOIDs(boolean critical)
+    {
+        Extensions extensions = c.getExtensions();
+
+        if (extensions != null)
+        {
+            Set set = new HashSet();
+            Enumeration e = extensions.oids();
+
+            while (e.hasMoreElements())
+            {
+                ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) e.nextElement();
+                Extension ext = extensions.getExtension(oid);
+
+                if (critical == ext.isCritical())
+                {
+                    set.add(oid.getId());
+                }
+            }
+
+            return set;
+        }
+
+        return null;
+    }
+
+    public Set getCriticalExtensionOIDs()
+    {
+        return getExtensionOIDs(true);
+    }
+
+    public Set getNonCriticalExtensionOIDs()
+    {
+        return getExtensionOIDs(false);
+    }
+
+    private Extension getExtension(ASN1ObjectIdentifier oid)
+    {
+        Extensions exts = c.getExtensions();
+
+        if (exts != null)
+        {
+            return exts.getExtension(oid);
+        }
+
+        return null;
+    }
+
+    public byte[] getExtensionValue(String oid)
+    {
+        Extension ext = getExtension(new ASN1ObjectIdentifier(oid));
+
+        if (ext != null)
+        {
+            try
+            {
+                return ext.getExtnValue().getEncoded();
+            }
+            catch (Exception e)
+            {
+                throw new IllegalStateException("Exception encoding: " + e.toString());
+            }
+        }
+
+        return null;
+    }
+
+    /**
+     * Cache the hashCode value - calculating it with the standard method.
+     * @return  calculated hashCode.
+     */
+    public int hashCode()
+    {
+        if (!isHashValueSet)
+        {
+            hashValue = super.hashCode();
+            isHashValueSet = true;
+        }
+
+        return hashValue;
+    }
+
+    public boolean equals(Object o)
+    {
+        if (o == this)
+        {
+            return true;
+        }
+
+        if (o instanceof X509CRLEntryObject)
+        {
+            X509CRLEntryObject other = (X509CRLEntryObject)o;
+
+            return this.c.equals(other.c);
+        }
+
+        return super.equals(this);
+    }
+
+    public byte[] getEncoded()
+        throws CRLException
+    {
+        try
+        {
+            return c.getEncoded(ASN1Encoding.DER);
+        }
+        catch (IOException e)
+        {
+            throw new CRLException(e.toString());
+        }
+    }
+
+    public BigInteger getSerialNumber()
+    {
+        return c.getUserCertificate().getValue();
+    }
+
+    public Date getRevocationDate()
+    {
+        return c.getRevocationDate().getDate();
+    }
+
+    public boolean hasExtensions()
+    {
+        return c.getExtensions() != null;
+    }
+
+    public String toString()
+    {
+        StringBuffer buf = new StringBuffer();
+        String nl = Strings.lineSeparator();
+
+        buf.append("      userCertificate: ").append(this.getSerialNumber()).append(nl);
+        buf.append("       revocationDate: ").append(this.getRevocationDate()).append(nl);
+        buf.append("       certificateIssuer: ").append(this.getCertificateIssuer()).append(nl);
+
+        Extensions extensions = c.getExtensions();
+
+        if (extensions != null)
+        {
+            Enumeration e = extensions.oids();
+            if (e.hasMoreElements())
+            {
+                buf.append("   crlEntryExtensions:").append(nl);
+
+                while (e.hasMoreElements())
+                {
+                    ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement();
+                    Extension ext = extensions.getExtension(oid);
+                    if (ext.getExtnValue() != null)
+                    {
+                        byte[]                  octs = ext.getExtnValue().getOctets();
+                        ASN1InputStream dIn = new ASN1InputStream(octs);
+                        buf.append("                       critical(").append(ext.isCritical()).append(") ");
+                        try
+                        {
+                            if (oid.equals(Extension.reasonCode))
+                            {
+                                buf.append(CRLReason.getInstance(ASN1Enumerated.getInstance(dIn.readObject()))).append(nl);
+                            }
+                            else if (oid.equals(Extension.certificateIssuer))
+                            {
+                                buf.append("Certificate issuer: ").append(GeneralNames.getInstance(dIn.readObject())).append(nl);
+                            }
+                            else 
+                            {
+                                buf.append(oid.getId());
+                                buf.append(" value = ").append(ASN1Dump.dumpAsString(dIn.readObject())).append(nl);
+                            }
+                        }
+                        catch (Exception ex)
+                        {
+                            buf.append(oid.getId());
+                            buf.append(" value = ").append("*****").append(nl);
+                        }
+                    }
+                    else
+                    {
+                        buf.append(nl);
+                    }
+                }
+            }
+        }
+
+        return buf.toString();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CRLObject.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CRLObject.java
new file mode 100644
index 0000000..bb91b05
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CRLObject.java

@@ -0,0 +1,682 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.x509;
+
+import java.io.IOException;
+import java.math.BigInteger;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.Principal;
+import java.security.Provider;
+import java.security.PublicKey;
+import java.security.Signature;
+import java.security.SignatureException;
+import java.security.cert.CRLException;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.X509CRL;
+import java.security.cert.X509CRLEntry;
+import java.security.cert.X509Certificate;
+import java.util.Collections;
+import java.util.Date;
+import java.util.Enumeration;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.Set;
+
+import javax.security.auth.x500.X500Principal;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1InputStream;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.util.ASN1Dump;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+import com.android.org.bouncycastle.asn1.x509.CRLDistPoint;
+import com.android.org.bouncycastle.asn1.x509.CRLNumber;
+import com.android.org.bouncycastle.asn1.x509.CertificateList;
+import com.android.org.bouncycastle.asn1.x509.Extension;
+import com.android.org.bouncycastle.asn1.x509.Extensions;
+import com.android.org.bouncycastle.asn1.x509.GeneralNames;
+import com.android.org.bouncycastle.asn1.x509.IssuingDistributionPoint;
+import com.android.org.bouncycastle.asn1.x509.TBSCertList;
+import com.android.org.bouncycastle.jcajce.util.JcaJceHelper;
+import com.android.org.bouncycastle.jce.X509Principal;
+import com.android.org.bouncycastle.util.Strings;
+import com.android.org.bouncycastle.util.encoders.Hex;
+
+/**
+ * The following extensions are listed in RFC 2459 as relevant to CRLs
+ *
+ * Authority Key Identifier
+ * Issuer Alternative Name
+ * CRL Number
+ * Delta CRL Indicator (critical)
+ * Issuing Distribution Point (critical)
+ */
+class X509CRLObject
+    extends X509CRL
+{
+    private JcaJceHelper bcHelper;
+    private CertificateList c;
+    private String sigAlgName;
+    private byte[] sigAlgParams;
+    private boolean isIndirect;
+    private boolean isHashCodeSet = false;
+    private int     hashCodeValue;
+
+    static boolean isIndirectCRL(X509CRL crl)
+        throws CRLException
+    {
+        try
+        {
+            byte[] idp = crl.getExtensionValue(Extension.issuingDistributionPoint.getId());
+            return idp != null
+                && IssuingDistributionPoint.getInstance(ASN1OctetString.getInstance(idp).getOctets()).isIndirectCRL();
+        }
+        catch (Exception e)
+        {
+            throw new ExtCRLException(
+                    "Exception reading IssuingDistributionPoint", e);
+        }
+    }
+
+    protected X509CRLObject(
+        JcaJceHelper bcHelper,
+        CertificateList c)
+        throws CRLException
+    {
+        this.bcHelper = bcHelper;
+        this.c = c;
+        
+        try
+        {
+            this.sigAlgName = X509SignatureUtil.getSignatureName(c.getSignatureAlgorithm());
+            
+            if (c.getSignatureAlgorithm().getParameters() != null)
+            {
+                this.sigAlgParams = ((ASN1Encodable)c.getSignatureAlgorithm().getParameters()).toASN1Primitive().getEncoded(ASN1Encoding.DER);
+            }
+            else
+            {
+                this.sigAlgParams = null;
+            }
+
+            this.isIndirect = isIndirectCRL(this);
+        }
+        catch (Exception e)
+        {
+            throw new CRLException("CRL contents invalid: " + e);
+        }
+    }
+
+    /**
+     * Will return true if any extensions are present and marked
+     * as critical as we currently dont handle any extensions!
+     */
+    public boolean hasUnsupportedCriticalExtension()
+    {
+        Set extns = getCriticalExtensionOIDs();
+
+        if (extns == null)
+        {
+            return false;
+        }
+
+        extns.remove(Extension.issuingDistributionPoint.getId());
+        extns.remove(Extension.deltaCRLIndicator.getId());
+
+        return !extns.isEmpty();
+    }
+
+    private Set getExtensionOIDs(boolean critical)
+    {
+        if (this.getVersion() == 2)
+        {
+            Extensions extensions = c.getTBSCertList().getExtensions();
+
+            if (extensions != null)
+            {
+                Set set = new HashSet();
+                Enumeration e = extensions.oids();
+
+                while (e.hasMoreElements())
+                {
+                    ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement();
+                    Extension ext = extensions.getExtension(oid);
+
+                    if (critical == ext.isCritical())
+                    {
+                        set.add(oid.getId());
+                    }
+                }
+
+                return set;
+            }
+        }
+
+        return null;
+    }
+
+    public Set getCriticalExtensionOIDs()
+    {
+        return getExtensionOIDs(true);
+    }
+
+    public Set getNonCriticalExtensionOIDs()
+    {
+        return getExtensionOIDs(false);
+    }
+
+    public byte[] getExtensionValue(String oid)
+    {
+        Extensions exts = c.getTBSCertList().getExtensions();
+
+        if (exts != null)
+        {
+            Extension ext = exts.getExtension(new ASN1ObjectIdentifier(oid));
+
+            if (ext != null)
+            {
+                try
+                {
+                    return ext.getExtnValue().getEncoded();
+                }
+                catch (Exception e)
+                {
+                    throw new IllegalStateException("error parsing " + e.toString());
+                }
+            }
+        }
+
+        return null;
+    }
+
+    public byte[] getEncoded()
+        throws CRLException
+    {
+        try
+        {
+            return c.getEncoded(ASN1Encoding.DER);
+        }
+        catch (IOException e)
+        {
+            throw new CRLException(e.toString());
+        }
+    }
+
+    public void verify(PublicKey key)
+        throws CRLException, NoSuchAlgorithmException,
+        InvalidKeyException, NoSuchProviderException, SignatureException
+    {
+        Signature sig;
+
+        try
+        {
+            sig = bcHelper.createSignature(getSigAlgName());
+        }
+        catch (Exception e)
+        {
+            sig = Signature.getInstance(getSigAlgName());
+        }
+
+        doVerify(key, sig);
+    }
+
+    public void verify(PublicKey key, String sigProvider)
+        throws CRLException, NoSuchAlgorithmException,
+        InvalidKeyException, NoSuchProviderException, SignatureException
+    {
+        Signature sig;
+
+        if (sigProvider != null)
+        {
+            sig = Signature.getInstance(getSigAlgName(), sigProvider);
+        }
+        else
+        {
+            sig = Signature.getInstance(getSigAlgName());
+        }
+
+        doVerify(key, sig);
+    }
+
+    public void verify(PublicKey key, Provider sigProvider)
+        throws CRLException, NoSuchAlgorithmException,
+        InvalidKeyException, SignatureException
+    {
+        Signature sig;
+
+        if (sigProvider != null)
+        {
+            sig = Signature.getInstance(getSigAlgName(), sigProvider);
+        }
+        else
+        {
+            sig = Signature.getInstance(getSigAlgName());
+        }
+
+        doVerify(key, sig);
+    }
+
+    private void doVerify(PublicKey key, Signature sig)
+        throws CRLException, NoSuchAlgorithmException,
+        InvalidKeyException, SignatureException
+    {
+        if (!c.getSignatureAlgorithm().equals(c.getTBSCertList().getSignature()))
+        {
+            throw new CRLException("Signature algorithm on CertificateList does not match TBSCertList.");
+        }
+
+        if (sigAlgParams != null)
+        {
+            try
+            {
+                // needs to be called before initVerify().
+                X509SignatureUtil.setSignatureParameters(sig, ASN1Primitive.fromByteArray(sigAlgParams));
+            }
+            catch (IOException e)
+            {
+                throw new SignatureException("cannot decode signature parameters: " + e.getMessage());
+            }
+        }
+
+        sig.initVerify(key);
+        sig.update(this.getTBSCertList());
+
+        if (!sig.verify(this.getSignature()))
+        {
+            throw new SignatureException("CRL does not verify with supplied public key.");
+        }
+    }
+
+    public int getVersion()
+    {
+        return c.getVersionNumber();
+    }
+
+    public Principal getIssuerDN()
+    {
+        return new X509Principal(X500Name.getInstance(c.getIssuer().toASN1Primitive()));
+    }
+
+    public X500Principal getIssuerX500Principal()
+    {
+        try
+        {
+            return new X500Principal(c.getIssuer().getEncoded());
+        }
+        catch (IOException e)
+        {
+            throw new IllegalStateException("can't encode issuer DN");
+        }
+    }
+
+    public Date getThisUpdate()
+    {
+        return c.getThisUpdate().getDate();
+    }
+
+    public Date getNextUpdate()
+    {
+        if (c.getNextUpdate() != null)
+        {
+            return c.getNextUpdate().getDate();
+        }
+
+        return null;
+    }
+ 
+    private Set loadCRLEntries()
+    {
+        Set entrySet = new HashSet();
+        Enumeration certs = c.getRevokedCertificateEnumeration();
+
+        X500Name previousCertificateIssuer = null; // the issuer
+        while (certs.hasMoreElements())
+        {
+            TBSCertList.CRLEntry entry = (TBSCertList.CRLEntry)certs.nextElement();
+            X509CRLEntryObject crlEntry = new X509CRLEntryObject(entry, isIndirect, previousCertificateIssuer);
+            entrySet.add(crlEntry);
+            if (isIndirect && entry.hasExtensions())
+            {
+                Extension currentCaName = entry.getExtensions().getExtension(Extension.certificateIssuer);
+
+                if (currentCaName != null)
+                {
+                    previousCertificateIssuer = X500Name.getInstance(GeneralNames.getInstance(currentCaName.getParsedValue()).getNames()[0].getName());
+                }
+            }
+        }
+
+        return entrySet;
+    }
+
+    public X509CRLEntry getRevokedCertificate(BigInteger serialNumber)
+    {
+        Enumeration certs = c.getRevokedCertificateEnumeration();
+
+        X500Name previousCertificateIssuer = null; // the issuer
+        while (certs.hasMoreElements())
+        {
+            TBSCertList.CRLEntry entry = (TBSCertList.CRLEntry)certs.nextElement();
+
+            if (serialNumber.equals(entry.getUserCertificate().getValue()))
+            {
+                return new X509CRLEntryObject(entry, isIndirect, previousCertificateIssuer);
+            }
+
+            if (isIndirect && entry.hasExtensions())
+            {
+                Extension currentCaName = entry.getExtensions().getExtension(Extension.certificateIssuer);
+
+                if (currentCaName != null)
+                {
+                    previousCertificateIssuer = X500Name.getInstance(GeneralNames.getInstance(currentCaName.getParsedValue()).getNames()[0].getName());
+                }
+            }
+        }
+
+        return null;
+    }
+
+    public Set getRevokedCertificates()
+    {
+        Set entrySet = loadCRLEntries();
+
+        if (!entrySet.isEmpty())
+        {
+            return Collections.unmodifiableSet(entrySet);
+        }
+
+        return null;
+    }
+
+    public byte[] getTBSCertList()
+        throws CRLException
+    {
+        try
+        {
+            return c.getTBSCertList().getEncoded("DER");
+        }
+        catch (IOException e)
+        {
+            throw new CRLException(e.toString());
+        }
+    }
+
+    public byte[] getSignature()
+    {
+        return c.getSignature().getOctets();
+    }
+
+    public String getSigAlgName()
+    {
+        return sigAlgName;
+    }
+
+    public String getSigAlgOID()
+    {
+        return c.getSignatureAlgorithm().getAlgorithm().getId();
+    }
+
+    public byte[] getSigAlgParams()
+    {
+        if (sigAlgParams != null)
+        {
+            byte[] tmp = new byte[sigAlgParams.length];
+            
+            System.arraycopy(sigAlgParams, 0, tmp, 0, tmp.length);
+            
+            return tmp;
+        }
+        
+        return null;
+    }
+
+    /**
+     * Returns a string representation of this CRL.
+     *
+     * @return a string representation of this CRL.
+     */
+    public String toString()
+    {
+        StringBuffer buf = new StringBuffer();
+        String nl = Strings.lineSeparator();
+
+        buf.append("              Version: ").append(this.getVersion()).append(
+            nl);
+        buf.append("             IssuerDN: ").append(this.getIssuerDN())
+            .append(nl);
+        buf.append("          This update: ").append(this.getThisUpdate())
+            .append(nl);
+        buf.append("          Next update: ").append(this.getNextUpdate())
+            .append(nl);
+        buf.append("  Signature Algorithm: ").append(this.getSigAlgName())
+            .append(nl);
+
+        byte[] sig = this.getSignature();
+
+        buf.append("            Signature: ").append(
+            new String(Hex.encode(sig, 0, 20))).append(nl);
+        for (int i = 20; i < sig.length; i += 20)
+        {
+            if (i < sig.length - 20)
+            {
+                buf.append("                       ").append(
+                    new String(Hex.encode(sig, i, 20))).append(nl);
+            }
+            else
+            {
+                buf.append("                       ").append(
+                    new String(Hex.encode(sig, i, sig.length - i))).append(nl);
+            }
+        }
+
+        Extensions extensions = c.getTBSCertList().getExtensions();
+
+        if (extensions != null)
+        {
+            Enumeration e = extensions.oids();
+
+            if (e.hasMoreElements())
+            {
+                buf.append("           Extensions: ").append(nl);
+            }
+
+            while (e.hasMoreElements())
+            {
+                ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) e.nextElement();
+                Extension ext = extensions.getExtension(oid);
+
+                if (ext.getExtnValue() != null)
+                {
+                    byte[] octs = ext.getExtnValue().getOctets();
+                    ASN1InputStream dIn = new ASN1InputStream(octs);
+                    buf.append("                       critical(").append(
+                        ext.isCritical()).append(") ");
+                    try
+                    {
+                        if (oid.equals(Extension.cRLNumber))
+                        {
+                            buf.append(
+                                new CRLNumber(ASN1Integer.getInstance(
+                                    dIn.readObject()).getPositiveValue()))
+                                .append(nl);
+                        }
+                        else if (oid.equals(Extension.deltaCRLIndicator))
+                        {
+                            buf.append(
+                                "Base CRL: "
+                                    + new CRLNumber(ASN1Integer.getInstance(
+                                        dIn.readObject()).getPositiveValue()))
+                                .append(nl);
+                        }
+                        else if (oid
+                            .equals(Extension.issuingDistributionPoint))
+                        {
+                            buf.append(
+                               IssuingDistributionPoint.getInstance(dIn.readObject())).append(nl);
+                        }
+                        else if (oid
+                            .equals(Extension.cRLDistributionPoints))
+                        {
+                            buf.append(
+                                CRLDistPoint.getInstance(dIn.readObject())).append(nl);
+                        }
+                        else if (oid.equals(Extension.freshestCRL))
+                        {
+                            buf.append(
+                                CRLDistPoint.getInstance(dIn.readObject())).append(nl);
+                        }
+                        else
+                        {
+                            buf.append(oid.getId());
+                            buf.append(" value = ").append(
+                                ASN1Dump.dumpAsString(dIn.readObject()))
+                                .append(nl);
+                        }
+                    }
+                    catch (Exception ex)
+                    {
+                        buf.append(oid.getId());
+                        buf.append(" value = ").append("*****").append(nl);
+                    }
+                }
+                else
+                {
+                    buf.append(nl);
+                }
+            }
+        }
+        Set set = getRevokedCertificates();
+        if (set != null)
+        {
+            Iterator it = set.iterator();
+            while (it.hasNext())
+            {
+                buf.append(it.next());
+                buf.append(nl);
+            }
+        }
+        return buf.toString();
+    }
+
+    /**
+     * Checks whether the given certificate is on this CRL.
+     *
+     * @param cert the certificate to check for.
+     * @return true if the given certificate is on this CRL,
+     * false otherwise.
+     */
+    public boolean isRevoked(Certificate cert)
+    {
+        if (!cert.getType().equals("X.509"))
+        {
+            throw new IllegalArgumentException("X.509 CRL used with non X.509 Cert");
+        }
+
+        Enumeration certs = c.getRevokedCertificateEnumeration();
+
+        X500Name caName = c.getIssuer();
+
+        if (certs.hasMoreElements())
+        {
+            BigInteger serial = ((X509Certificate)cert).getSerialNumber();
+
+            while (certs.hasMoreElements())
+            {
+                TBSCertList.CRLEntry entry = TBSCertList.CRLEntry.getInstance(certs.nextElement());
+
+                if (isIndirect && entry.hasExtensions())
+                {
+                    Extension currentCaName = entry.getExtensions().getExtension(Extension.certificateIssuer);
+
+                    if (currentCaName != null)
+                    {
+                        caName = X500Name.getInstance(GeneralNames.getInstance(currentCaName.getParsedValue()).getNames()[0].getName());
+                    }
+                }
+
+                if (entry.getUserCertificate().getValue().equals(serial))
+                {
+                    X500Name issuer;
+
+                    if (cert instanceof  X509Certificate)
+                    {
+                        issuer = X500Name.getInstance(((X509Certificate)cert).getIssuerX500Principal().getEncoded());
+                    }
+                    else
+                    {
+                        try
+                        {
+                            issuer = com.android.org.bouncycastle.asn1.x509.Certificate.getInstance(cert.getEncoded()).getIssuer();
+                        }
+                        catch (CertificateEncodingException e)
+                        {
+                            throw new IllegalArgumentException("Cannot process certificate: " + e.getMessage());
+                        }
+                    }
+
+                    if (!caName.equals(issuer))
+                    {
+                        return false;
+                    }
+
+                    return true;
+                }
+            }
+        }
+
+        return false;
+    }
+
+    public boolean equals(Object other)
+    {
+        if (this == other)
+        {
+            return true;
+        }
+
+        if (!(other instanceof X509CRL))
+        {
+            return false;
+        }
+
+        if (other instanceof X509CRLObject)
+        {
+            X509CRLObject crlObject = (X509CRLObject)other;
+
+            if (isHashCodeSet)
+            {
+                boolean otherIsHashCodeSet = crlObject.isHashCodeSet;
+                if (otherIsHashCodeSet)
+                {
+                    if (crlObject.hashCodeValue != hashCodeValue)
+                    {
+                        return false;
+                    }
+                }
+            }
+
+            return this.c.equals(crlObject.c);
+        }
+
+        return super.equals(other);
+    }
+
+    public int hashCode()
+    {
+        if (!isHashCodeSet)
+        {
+            isHashCodeSet = true;
+            hashCodeValue = super.hashCode();
+        }
+
+        return hashCodeValue;
+    }
+}
+

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java
new file mode 100644
index 0000000..68dedd5
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/x509/X509CertificateObject.java

@@ -0,0 +1,924 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.x509;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.math.BigInteger;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.Principal;
+import java.security.Provider;
+import java.security.PublicKey;
+import java.security.Signature;
+import java.security.SignatureException;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateExpiredException;
+import java.security.cert.CertificateNotYetValidException;
+import java.security.cert.CertificateParsingException;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.Date;
+import java.util.Enumeration;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+import javax.security.auth.x500.X500Principal;
+
+import com.android.org.bouncycastle.asn1.ASN1BitString;
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1InputStream;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1OutputStream;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1String;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.DERIA5String;
+import com.android.org.bouncycastle.asn1.DERNull;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+import com.android.org.bouncycastle.asn1.misc.MiscObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.misc.NetscapeCertType;
+import com.android.org.bouncycastle.asn1.misc.NetscapeRevocationURL;
+import com.android.org.bouncycastle.asn1.misc.VerisignCzagExtension;
+import com.android.org.bouncycastle.asn1.util.ASN1Dump;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+import com.android.org.bouncycastle.asn1.x500.style.RFC4519Style;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x509.BasicConstraints;
+import com.android.org.bouncycastle.asn1.x509.Extension;
+import com.android.org.bouncycastle.asn1.x509.Extensions;
+import com.android.org.bouncycastle.asn1.x509.GeneralName;
+import com.android.org.bouncycastle.asn1.x509.KeyUsage;
+// BEGIN Android-added: Unknown reason
+import com.android.org.bouncycastle.asn1.x509.X509Name;
+// END Android-added: Unknown reason
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl;
+import com.android.org.bouncycastle.jcajce.util.JcaJceHelper;
+import com.android.org.bouncycastle.jce.X509Principal;
+import com.android.org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
+import com.android.org.bouncycastle.jce.provider.BouncyCastleProvider;
+import com.android.org.bouncycastle.util.Integers;
+import com.android.org.bouncycastle.util.Strings;
+import com.android.org.bouncycastle.util.encoders.Hex;
+
+class X509CertificateObject
+    extends X509Certificate
+    implements PKCS12BagAttributeCarrier
+{
+    private JcaJceHelper bcHelper;
+    private com.android.org.bouncycastle.asn1.x509.Certificate    c;
+    private BasicConstraints            basicConstraints;
+    private boolean[]                   keyUsage;
+    private boolean                     hashValueSet;
+    private int                         hashValue;
+
+    private PKCS12BagAttributeCarrier   attrCarrier = new PKCS12BagAttributeCarrierImpl();
+
+    public X509CertificateObject(
+        JcaJceHelper bcHelper,
+        com.android.org.bouncycastle.asn1.x509.Certificate    c)
+        throws CertificateParsingException
+    {
+        this.bcHelper = bcHelper;
+        this.c = c;
+
+        try
+        {
+            byte[]  bytes = this.getExtensionBytes("2.5.29.19");
+
+            if (bytes != null)
+            {
+                basicConstraints = BasicConstraints.getInstance(ASN1Primitive.fromByteArray(bytes));
+            }
+        }
+        catch (Exception e)
+        {
+            throw new CertificateParsingException("cannot construct BasicConstraints: " + e);
+        }
+
+        try
+        {
+            byte[] bytes = this.getExtensionBytes("2.5.29.15");
+            if (bytes != null)
+            {
+                ASN1BitString bits = DERBitString.getInstance(ASN1Primitive.fromByteArray(bytes));
+
+                bytes = bits.getBytes();
+                int length = (bytes.length * 8) - bits.getPadBits();
+
+                keyUsage = new boolean[(length < 9) ? 9 : length];
+
+                for (int i = 0; i != length; i++)
+                {
+                    keyUsage[i] = (bytes[i / 8] & (0x80 >>> (i % 8))) != 0;
+                }
+            }
+            else
+            {
+                keyUsage = null;
+            }
+        }
+        catch (Exception e)
+        {
+            throw new CertificateParsingException("cannot construct KeyUsage: " + e);
+        }
+    }
+
+    public void checkValidity()
+        throws CertificateExpiredException, CertificateNotYetValidException
+    {
+        this.checkValidity(new Date());
+    }
+
+    public void checkValidity(
+        Date    date)
+        throws CertificateExpiredException, CertificateNotYetValidException
+    {
+        if (date.getTime() > this.getNotAfter().getTime())  // for other VM compatibility
+        {
+            throw new CertificateExpiredException("certificate expired on " + c.getEndDate().getTime());
+        }
+
+        if (date.getTime() < this.getNotBefore().getTime())
+        {
+            throw new CertificateNotYetValidException("certificate not valid till " + c.getStartDate().getTime());
+        }
+    }
+
+    public int getVersion()
+    {
+        return c.getVersionNumber();
+    }
+
+    public BigInteger getSerialNumber()
+    {
+        return c.getSerialNumber().getValue();
+    }
+
+    public Principal getIssuerDN()
+    {
+        try
+        {
+            return new X509Principal(X500Name.getInstance(c.getIssuer().getEncoded()));
+        }
+        catch (IOException e)
+        {
+            return null;
+        }
+    }
+
+    public X500Principal getIssuerX500Principal()
+    {
+        try
+        {
+            ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
+            ASN1OutputStream        aOut = new ASN1OutputStream(bOut);
+
+            aOut.writeObject(c.getIssuer());
+
+            return new X500Principal(bOut.toByteArray());
+        }
+        catch (IOException e)
+        {
+            throw new IllegalStateException("can't encode issuer DN");
+        }
+    }
+
+    public Principal getSubjectDN()
+    {
+        return new X509Principal(X500Name.getInstance(c.getSubject().toASN1Primitive()));
+    }
+
+    public X500Principal getSubjectX500Principal()
+    {
+        try
+        {
+            ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
+            ASN1OutputStream        aOut = new ASN1OutputStream(bOut);
+
+            aOut.writeObject(c.getSubject());
+
+            return new X500Principal(bOut.toByteArray());
+        }
+        catch (IOException e)
+        {
+            throw new IllegalStateException("can't encode issuer DN");
+        }
+    }
+
+    public Date getNotBefore()
+    {
+        return c.getStartDate().getDate();
+    }
+
+    public Date getNotAfter()
+    {
+        return c.getEndDate().getDate();
+    }
+
+    public byte[] getTBSCertificate()
+        throws CertificateEncodingException
+    {
+        try
+        {
+            return c.getTBSCertificate().getEncoded(ASN1Encoding.DER);
+        }
+        catch (IOException e)
+        {
+            throw new CertificateEncodingException(e.toString());
+        }
+    }
+
+    public byte[] getSignature()
+    {
+        return c.getSignature().getOctets();
+    }
+
+    /**
+     * return a more "meaningful" representation for the signature algorithm used in
+     * the certificate.
+     */
+    public String getSigAlgName()
+    {
+        return X509SignatureUtil.getSignatureName(c.getSignatureAlgorithm());
+    }
+
+    /**
+     * return the object identifier for the signature.
+     */
+    public String getSigAlgOID()
+    {
+        return c.getSignatureAlgorithm().getAlgorithm().getId();
+    }
+
+    /**
+     * return the signature parameters, or null if there aren't any.
+     */
+    public byte[] getSigAlgParams()
+    {
+        if (c.getSignatureAlgorithm().getParameters() != null)
+        {
+            try
+            {
+                return c.getSignatureAlgorithm().getParameters().toASN1Primitive().getEncoded(ASN1Encoding.DER);
+            }
+            catch (IOException e)
+            {
+                return null;
+            }
+        }
+        else
+        {
+            return null;
+        }
+    }
+
+    public boolean[] getIssuerUniqueID()
+    {
+        DERBitString    id = c.getTBSCertificate().getIssuerUniqueId();
+
+        if (id != null)
+        {
+            byte[]          bytes = id.getBytes();
+            boolean[]       boolId = new boolean[bytes.length * 8 - id.getPadBits()];
+
+            for (int i = 0; i != boolId.length; i++)
+            {
+                boolId[i] = (bytes[i / 8] & (0x80 >>> (i % 8))) != 0;
+            }
+
+            return boolId;
+        }
+            
+        return null;
+    }
+
+    public boolean[] getSubjectUniqueID()
+    {
+        DERBitString    id = c.getTBSCertificate().getSubjectUniqueId();
+
+        if (id != null)
+        {
+            byte[]          bytes = id.getBytes();
+            boolean[]       boolId = new boolean[bytes.length * 8 - id.getPadBits()];
+
+            for (int i = 0; i != boolId.length; i++)
+            {
+                boolId[i] = (bytes[i / 8] & (0x80 >>> (i % 8))) != 0;
+            }
+
+            return boolId;
+        }
+            
+        return null;
+    }
+
+    public boolean[] getKeyUsage()
+    {
+        return keyUsage;
+    }
+
+    public List getExtendedKeyUsage() 
+        throws CertificateParsingException
+    {
+        byte[]  bytes = this.getExtensionBytes("2.5.29.37");
+
+        if (bytes != null)
+        {
+            try
+            {
+                ASN1InputStream dIn = new ASN1InputStream(bytes);
+                ASN1Sequence    seq = (ASN1Sequence)dIn.readObject();
+                List            list = new ArrayList();
+
+                for (int i = 0; i != seq.size(); i++)
+                {
+                    list.add(((ASN1ObjectIdentifier)seq.getObjectAt(i)).getId());
+                }
+                
+                return Collections.unmodifiableList(list);
+            }
+            catch (Exception e)
+            {
+                throw new CertificateParsingException("error processing extended key usage extension");
+            }
+        }
+
+        return null;
+    }
+    
+    public int getBasicConstraints()
+    {
+        if (basicConstraints != null)
+        {
+            if (basicConstraints.isCA())
+            {
+                if (basicConstraints.getPathLenConstraint() == null)
+                {
+                    return Integer.MAX_VALUE;
+                }
+                else
+                {
+                    return basicConstraints.getPathLenConstraint().intValue();
+                }
+            }
+            else
+            {
+                return -1;
+            }
+        }
+
+        return -1;
+    }
+
+    public Collection getSubjectAlternativeNames()
+        throws CertificateParsingException
+    {
+        return getAlternativeNames(getExtensionBytes(Extension.subjectAlternativeName.getId()));
+    }
+
+    public Collection getIssuerAlternativeNames()
+        throws CertificateParsingException
+    {
+        return getAlternativeNames(getExtensionBytes(Extension.issuerAlternativeName.getId()));
+    }
+
+    public Set getCriticalExtensionOIDs() 
+    {
+        if (this.getVersion() == 3)
+        {
+            Set             set = new HashSet();
+            Extensions  extensions = c.getTBSCertificate().getExtensions();
+
+            if (extensions != null)
+            {
+                Enumeration     e = extensions.oids();
+
+                while (e.hasMoreElements())
+                {
+                    ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement();
+                    Extension       ext = extensions.getExtension(oid);
+
+                    if (ext.isCritical())
+                    {
+                        set.add(oid.getId());
+                    }
+                }
+
+                return set;
+            }
+        }
+
+        return null;
+    }
+
+    private byte[] getExtensionBytes(String oid)
+    {
+        Extensions exts = c.getTBSCertificate().getExtensions();
+
+        if (exts != null)
+        {
+            Extension   ext = exts.getExtension(new ASN1ObjectIdentifier(oid));
+            if (ext != null)
+            {
+                return ext.getExtnValue().getOctets();
+            }
+        }
+
+        return null;
+    }
+
+    public byte[] getExtensionValue(String oid) 
+    {
+        Extensions exts = c.getTBSCertificate().getExtensions();
+
+        if (exts != null)
+        {
+            Extension   ext = exts.getExtension(new ASN1ObjectIdentifier(oid));
+
+            if (ext != null)
+            {
+                try
+                {
+                    return ext.getExtnValue().getEncoded();
+                }
+                catch (Exception e)
+                {
+                    throw new IllegalStateException("error parsing " + e.toString());
+                }
+            }
+        }
+
+        return null;
+    }
+
+    public Set getNonCriticalExtensionOIDs() 
+    {
+        if (this.getVersion() == 3)
+        {
+            Set             set = new HashSet();
+            Extensions  extensions = c.getTBSCertificate().getExtensions();
+
+            if (extensions != null)
+            {
+                Enumeration     e = extensions.oids();
+
+                while (e.hasMoreElements())
+                {
+                    ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement();
+                    Extension       ext = extensions.getExtension(oid);
+
+                    if (!ext.isCritical())
+                    {
+                        set.add(oid.getId());
+                    }
+                }
+
+                return set;
+            }
+        }
+
+        return null;
+    }
+
+    public boolean hasUnsupportedCriticalExtension()
+    {
+        if (this.getVersion() == 3)
+        {
+            Extensions  extensions = c.getTBSCertificate().getExtensions();
+
+            if (extensions != null)
+            {
+                Enumeration     e = extensions.oids();
+
+                while (e.hasMoreElements())
+                {
+                    ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement();
+
+                    if (oid.equals(Extension.keyUsage)
+                     || oid.equals(Extension.certificatePolicies)
+                     || oid.equals(Extension.policyMappings)
+                     || oid.equals(Extension.inhibitAnyPolicy)
+                     || oid.equals(Extension.cRLDistributionPoints)
+                     || oid.equals(Extension.issuingDistributionPoint)
+                     || oid.equals(Extension.deltaCRLIndicator)
+                     || oid.equals(Extension.policyConstraints)
+                     || oid.equals(Extension.basicConstraints)
+                     || oid.equals(Extension.subjectAlternativeName)
+                     || oid.equals(Extension.nameConstraints))
+                    {
+                        continue;
+                    }
+
+                    Extension       ext = extensions.getExtension(oid);
+
+                    if (ext.isCritical())
+                    {
+                        return true;
+                    }
+                }
+            }
+        }
+
+        return false;
+    }
+
+    public PublicKey getPublicKey()
+    {
+        try
+        {
+            return BouncyCastleProvider.getPublicKey(c.getSubjectPublicKeyInfo());
+        }
+        catch (IOException e)
+        {
+            return null;   // should never happen...
+        }
+    }
+
+    // Android-added: Cache the encoded certificate
+    private byte[] encoded;
+    public byte[] getEncoded()
+        throws CertificateEncodingException
+    {
+        try
+        {
+            // BEGIN Android-changed: Cache the encoded certificate
+            if (encoded == null) {
+                encoded = c.getEncoded(ASN1Encoding.DER);
+            }
+            return encoded;
+            // END Android-changed: Cache the encoded certificate
+        }
+        catch (IOException e)
+        {
+            throw new CertificateEncodingException(e.toString());
+        }
+    }
+
+    public boolean equals(
+        Object o)
+    {
+        if (o == this)
+        {
+            return true;
+        }
+
+        if (o instanceof X509CertificateObject)
+        {
+            X509CertificateObject other = (X509CertificateObject)o;
+
+            if (this.hashValueSet && other.hashValueSet)
+            {
+                if (this.hashValue != other.hashValue)
+                {
+                    return false;
+                }
+            }
+
+            return this.c.equals(other.c);
+        }
+
+        return super.equals(o);
+    }
+
+    public synchronized int hashCode()
+    {
+        if (!hashValueSet)
+        {
+            hashValue = super.hashCode();
+            hashValueSet = true;
+        }
+
+        return hashValue;
+    }
+
+    /**
+     * Returns the original hash code for Certificates pre-JDK 1.8.
+     *
+     * @return the pre-JDK 1.8 hashcode calculation.
+     */
+    public int originalHashCode()
+    {
+        try
+        {
+            int hashCode = 0;
+            byte[] certData = this.getEncoded();
+            for (int i = 1; i < certData.length; i++)
+            {
+                 hashCode += certData[i] * i;
+            }
+            return hashCode;
+        }
+        catch (CertificateEncodingException e)
+        {
+            return 0;
+        }
+    }
+
+    public void setBagAttribute(
+        ASN1ObjectIdentifier oid,
+        ASN1Encodable        attribute)
+    {
+        attrCarrier.setBagAttribute(oid, attribute);
+    }
+
+    public ASN1Encodable getBagAttribute(
+        ASN1ObjectIdentifier oid)
+    {
+        return attrCarrier.getBagAttribute(oid);
+    }
+
+    public Enumeration getBagAttributeKeys()
+    {
+        return attrCarrier.getBagAttributeKeys();
+    }
+
+    public String toString()
+    {
+        StringBuffer    buf = new StringBuffer();
+        String          nl = Strings.lineSeparator();
+
+        buf.append("  [0]         Version: ").append(this.getVersion()).append(nl);
+        buf.append("         SerialNumber: ").append(this.getSerialNumber()).append(nl);
+        buf.append("             IssuerDN: ").append(this.getIssuerDN()).append(nl);
+        buf.append("           Start Date: ").append(this.getNotBefore()).append(nl);
+        buf.append("           Final Date: ").append(this.getNotAfter()).append(nl);
+        buf.append("            SubjectDN: ").append(this.getSubjectDN()).append(nl);
+        buf.append("           Public Key: ").append(this.getPublicKey()).append(nl);
+        buf.append("  Signature Algorithm: ").append(this.getSigAlgName()).append(nl);
+
+        byte[]  sig = this.getSignature();
+
+        buf.append("            Signature: ").append(new String(Hex.encode(sig, 0, 20))).append(nl);
+        for (int i = 20; i < sig.length; i += 20)
+        {
+            if (i < sig.length - 20)
+            {
+                buf.append("                       ").append(new String(Hex.encode(sig, i, 20))).append(nl);
+            }
+            else
+            {
+                buf.append("                       ").append(new String(Hex.encode(sig, i, sig.length - i))).append(nl);
+            }
+        }
+
+        Extensions extensions = c.getTBSCertificate().getExtensions();
+
+        if (extensions != null)
+        {
+            Enumeration     e = extensions.oids();
+
+            if (e.hasMoreElements())
+            {
+                buf.append("       Extensions: \n");
+            }
+
+            while (e.hasMoreElements())
+            {
+                ASN1ObjectIdentifier     oid = (ASN1ObjectIdentifier)e.nextElement();
+                Extension ext = extensions.getExtension(oid);
+
+                if (ext.getExtnValue() != null)
+                {
+                    byte[]                  octs = ext.getExtnValue().getOctets();
+                    ASN1InputStream         dIn = new ASN1InputStream(octs);
+                    buf.append("                       critical(").append(ext.isCritical()).append(") ");
+                    try
+                    {
+                        if (oid.equals(Extension.basicConstraints))
+                        {
+                            buf.append(BasicConstraints.getInstance(dIn.readObject())).append(nl);
+                        }
+                        else if (oid.equals(Extension.keyUsage))
+                        {
+                            buf.append(KeyUsage.getInstance(dIn.readObject())).append(nl);
+                        }
+                        else if (oid.equals(MiscObjectIdentifiers.netscapeCertType))
+                        {
+                            buf.append(new NetscapeCertType((DERBitString)dIn.readObject())).append(nl);
+                        }
+                        else if (oid.equals(MiscObjectIdentifiers.netscapeRevocationURL))
+                        {
+                            buf.append(new NetscapeRevocationURL((DERIA5String)dIn.readObject())).append(nl);
+                        }
+                        else if (oid.equals(MiscObjectIdentifiers.verisignCzagExtension))
+                        {
+                            buf.append(new VerisignCzagExtension((DERIA5String)dIn.readObject())).append(nl);
+                        }
+                        else 
+                        {
+                            buf.append(oid.getId());
+                            buf.append(" value = ").append(ASN1Dump.dumpAsString(dIn.readObject())).append(nl);
+                            //buf.append(" value = ").append("*****").append(nl);
+                        }
+                    }
+                    catch (Exception ex)
+                    {
+                        buf.append(oid.getId());
+                   //     buf.append(" value = ").append(new String(Hex.encode(ext.getExtnValue().getOctets()))).append(nl);
+                        buf.append(" value = ").append("*****").append(nl);
+                    }
+                }
+                else
+                {
+                    buf.append(nl);
+                }
+            }
+        }
+
+        return buf.toString();
+    }
+
+    public final void verify(
+        PublicKey   key)
+        throws CertificateException, NoSuchAlgorithmException,
+        InvalidKeyException, NoSuchProviderException, SignatureException
+    {
+        Signature   signature;
+        String      sigName = X509SignatureUtil.getSignatureName(c.getSignatureAlgorithm());
+        
+        try
+        {
+            signature = bcHelper.createSignature(sigName);
+        }
+        catch (Exception e)
+        {
+            signature = Signature.getInstance(sigName);
+        }
+        
+        checkSignature(key, signature);
+    }
+    
+    public final void verify(
+        PublicKey   key,
+        String      sigProvider)
+        throws CertificateException, NoSuchAlgorithmException,
+        InvalidKeyException, NoSuchProviderException, SignatureException
+    {
+        String    sigName = X509SignatureUtil.getSignatureName(c.getSignatureAlgorithm());
+        Signature signature;
+
+        if (sigProvider != null)
+        {
+            signature = Signature.getInstance(sigName, sigProvider);
+        }
+        else
+        {
+            signature = Signature.getInstance(sigName);
+        }
+        
+        checkSignature(key, signature);
+    }
+
+    public final void verify(
+        PublicKey   key,
+        Provider sigProvider)
+        throws CertificateException, NoSuchAlgorithmException,
+        InvalidKeyException, SignatureException
+    {
+        String    sigName = X509SignatureUtil.getSignatureName(c.getSignatureAlgorithm());
+        Signature signature;
+
+        if (sigProvider != null)
+        {
+            signature = Signature.getInstance(sigName, sigProvider);
+        }
+        else
+        {
+            signature = Signature.getInstance(sigName);
+        }
+
+        checkSignature(key, signature);
+    }
+
+    private void checkSignature(
+        PublicKey key, 
+        Signature signature) 
+        throws CertificateException, NoSuchAlgorithmException, 
+            SignatureException, InvalidKeyException
+    {
+        if (!isAlgIdEqual(c.getSignatureAlgorithm(), c.getTBSCertificate().getSignature()))
+        {
+            throw new CertificateException("signature algorithm in TBS cert not same as outer cert");
+        }
+
+        ASN1Encodable params = c.getSignatureAlgorithm().getParameters();
+
+        // TODO This should go after the initVerify?
+        X509SignatureUtil.setSignatureParameters(signature, params);
+
+        signature.initVerify(key);
+
+        signature.update(this.getTBSCertificate());
+
+        if (!signature.verify(this.getSignature()))
+        {
+            throw new SignatureException("certificate does not verify with supplied key");
+        }
+    }
+
+    private boolean isAlgIdEqual(AlgorithmIdentifier id1, AlgorithmIdentifier id2)
+    {
+        if (!id1.getAlgorithm().equals(id2.getAlgorithm()))
+        {
+            return false;
+        }
+
+        if (id1.getParameters() == null)
+        {
+            if (id2.getParameters() != null && !id2.getParameters().equals(DERNull.INSTANCE))
+            {
+                return false;
+            }
+
+            return true;
+        }
+
+        if (id2.getParameters() == null)
+        {
+            if (id1.getParameters() != null && !id1.getParameters().equals(DERNull.INSTANCE))
+            {
+                return false;
+            }
+
+            return true;
+        }
+        
+        return id1.getParameters().equals(id2.getParameters());
+    }
+
+    private static Collection getAlternativeNames(byte[] extVal)
+        throws CertificateParsingException
+    {
+        if (extVal == null)
+        {
+            return null;
+        }
+        try
+        {
+            Collection temp = new ArrayList();
+            Enumeration it = ASN1Sequence.getInstance(extVal).getObjects();
+            while (it.hasMoreElements())
+            {
+                GeneralName genName = GeneralName.getInstance(it.nextElement());
+                List list = new ArrayList();
+                list.add(Integers.valueOf(genName.getTagNo()));
+                switch (genName.getTagNo())
+                {
+                case GeneralName.ediPartyName:
+                case GeneralName.x400Address:
+                case GeneralName.otherName:
+                    list.add(genName.getEncoded());
+                    break;
+                case GeneralName.directoryName:
+                    // Android-changed: Unknown reason
+                    // list.add(X500Name.getInstance(RFC4519Style.INSTANCE, genName.getName()).toString());
+                    list.add(X509Name.getInstance(genName.getName()).toString(true, X509Name.DefaultSymbols));
+                    break;
+                case GeneralName.dNSName:
+                case GeneralName.rfc822Name:
+                case GeneralName.uniformResourceIdentifier:
+                    list.add(((ASN1String)genName.getName()).getString());
+                    break;
+                case GeneralName.registeredID:
+                    list.add(ASN1ObjectIdentifier.getInstance(genName.getName()).getId());
+                    break;
+                case GeneralName.iPAddress:
+                    byte[] addrBytes = DEROctetString.getInstance(genName.getName()).getOctets();
+                    final String addr;
+                    try
+                    {
+                        addr = InetAddress.getByAddress(addrBytes).getHostAddress();
+                    }
+                    catch (UnknownHostException e)
+                    {
+                        continue;
+                    }
+                    list.add(addr);
+                    break;
+                default:
+                    throw new IOException("Bad tag number: " + genName.getTagNo());
+                }
+
+                temp.add(Collections.unmodifiableList(list));
+            }
+            if (temp.size() == 0)
+            {
+                return null;
+            }
+            return Collections.unmodifiableCollection(temp);
+        }
+        catch (Exception e)
+        {
+            throw new CertificateParsingException(e.getMessage());
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java
new file mode 100644
index 0000000..ccb2eb9
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/asymmetric/x509/X509SignatureUtil.java

@@ -0,0 +1,130 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.asymmetric.x509;
+
+import java.io.IOException;
+import java.security.AlgorithmParameters;
+import java.security.GeneralSecurityException;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.Provider;
+import java.security.Security;
+import java.security.Signature;
+import java.security.SignatureException;
+import java.security.spec.PSSParameterSpec;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Null;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DERNull;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.RSASSAPSSparams;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
+import com.android.org.bouncycastle.jcajce.util.MessageDigestUtils;
+import com.android.org.bouncycastle.jce.provider.BouncyCastleProvider;
+
+class X509SignatureUtil
+{
+    private static final ASN1Null       derNull = DERNull.INSTANCE;
+
+    static void setSignatureParameters(
+        Signature signature,
+        ASN1Encodable params)
+        throws NoSuchAlgorithmException, SignatureException, InvalidKeyException
+    {
+        if (params != null && !derNull.equals(params))
+        {
+            AlgorithmParameters  sigParams = AlgorithmParameters.getInstance(signature.getAlgorithm(), signature.getProvider());
+            
+            try
+            {
+                sigParams.init(params.toASN1Primitive().getEncoded());
+            }
+            catch (IOException e)
+            {
+                throw new SignatureException("IOException decoding parameters: " + e.getMessage());
+            }
+            
+            if (signature.getAlgorithm().endsWith("MGF1"))
+            {
+                try
+                {
+                    signature.setParameter(sigParams.getParameterSpec(PSSParameterSpec.class));
+                }
+                catch (GeneralSecurityException e)
+                {
+                    throw new SignatureException("Exception extracting parameters: " + e.getMessage());
+                }
+            }
+        }
+    }
+    
+    static String getSignatureName(
+        AlgorithmIdentifier sigAlgId) 
+    {
+        ASN1Encodable params = sigAlgId.getParameters();
+        
+        if (params != null && !derNull.equals(params))
+        {
+            if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS))
+            {
+                RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params);
+                
+                return getDigestAlgName(rsaParams.getHashAlgorithm().getAlgorithm()) + "withRSAandMGF1";
+            }
+            if (sigAlgId.getAlgorithm().equals(X9ObjectIdentifiers.ecdsa_with_SHA2))
+            {
+                ASN1Sequence ecDsaParams = ASN1Sequence.getInstance(params);
+                
+                return getDigestAlgName((ASN1ObjectIdentifier)ecDsaParams.getObjectAt(0)) + "withECDSA";
+            }
+        }
+
+        Provider prov = Security.getProvider(BouncyCastleProvider.PROVIDER_NAME);
+
+        if (prov != null)
+        {
+            String      algName = prov.getProperty("Alg.Alias.Signature." + sigAlgId.getAlgorithm().getId());
+
+            if (algName != null)
+            {
+                return algName;
+            }
+        }
+
+        Provider[] provs = Security.getProviders();
+
+        //
+        // search every provider looking for a real algorithm
+        //
+        for (int i = 0; i != provs.length; i++)
+        {
+            String algName = provs[i].getProperty("Alg.Alias.Signature." + sigAlgId.getAlgorithm().getId());
+            if (algName != null)
+            {
+                return algName;
+            }
+        }
+
+        return sigAlgId.getAlgorithm().getId();
+    }
+    
+    /**
+     * Return the digest algorithm using one of the standard JCA string
+     * representations rather the the algorithm identifier (if possible).
+     */
+    private static String getDigestAlgName(
+        ASN1ObjectIdentifier digestAlgOID)
+    {
+        String name = MessageDigestUtils.getDigestName(digestAlgOID);
+
+        int dIndex = name.indexOf('-');
+        if (dIndex > 0 && !name.startsWith("SHA3"))
+        {
+            return name.substring(0, dIndex) + name.substring(dIndex + 1);
+        }
+
+        return MessageDigestUtils.getDigestName(digestAlgOID);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/config/ConfigurableProvider.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/config/ConfigurableProvider.java
new file mode 100644
index 0000000..569fd24
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/config/ConfigurableProvider.java

@@ -0,0 +1,57 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.config;
+
+import java.util.Map;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.jcajce.provider.util.AsymmetricKeyInfoConverter;
+
+/**
+ * Implemented by the BC provider. This allows setting of hidden parameters,
+ * such as the ImplicitCA parameters from X.962, if used.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface ConfigurableProvider
+{
+    /**
+     * Elliptic Curve CA parameters - thread local version
+     */
+    static final String THREAD_LOCAL_EC_IMPLICITLY_CA = "threadLocalEcImplicitlyCa";
+
+    /**
+     * Elliptic Curve CA parameters - VM wide version
+     */
+    static final String EC_IMPLICITLY_CA = "ecImplicitlyCa";
+
+    /**
+     * Diffie-Hellman Default Parameters - thread local version
+     */
+    static final String THREAD_LOCAL_DH_DEFAULT_PARAMS = "threadLocalDhDefaultParams";
+
+    /**
+     * Diffie-Hellman Default Parameters - VM wide version
+     */
+    static final String DH_DEFAULT_PARAMS = "DhDefaultParams";
+
+    /**
+     * A set of OBJECT IDENTIFIERs representing acceptable named curves for imported keys.
+     */
+    static final String ACCEPTABLE_EC_CURVES = "acceptableEcCurves";
+
+    /**
+     * A set of OBJECT IDENTIFIERs to EC Curves providing local curve name mapping.
+     */
+    static final String ADDITIONAL_EC_PARAMETERS = "additionalEcParameters";
+
+    void setParameter(String parameterName, Object parameter);
+
+    void addAlgorithm(String key, String value);
+
+    void addAlgorithm(String type, ASN1ObjectIdentifier oid, String className);
+
+    boolean hasAlgorithm(String type, String name);
+
+    void addKeyInfoConverter(ASN1ObjectIdentifier oid, AsymmetricKeyInfoConverter keyInfoConverter);
+
+    void addAttributes(String key, Map<String, String> attributeMap);
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/config/PKCS12StoreParameter.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/config/PKCS12StoreParameter.java
new file mode 100644
index 0000000..a44e1ab
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/config/PKCS12StoreParameter.java

@@ -0,0 +1,34 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.config;
+
+import java.io.OutputStream;
+import java.security.KeyStore;
+import java.security.KeyStore.ProtectionParameter;
+
+/**
+ * @deprecated use org.bouncycastle.jcajce.PKCS12StoreParameter
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PKCS12StoreParameter
+    extends com.android.org.bouncycastle.jcajce.PKCS12StoreParameter
+{
+    public PKCS12StoreParameter(OutputStream out, char[] password)
+    {
+        super(out, password, false);
+    }
+
+    public PKCS12StoreParameter(OutputStream out, ProtectionParameter protectionParameter)
+    {
+        super(out, protectionParameter, false);
+    }
+
+    public PKCS12StoreParameter(OutputStream out, char[] password, boolean forDEREncoding)
+    {
+        super(out, new KeyStore.PasswordProtection(password), forDEREncoding);
+    }
+
+    public PKCS12StoreParameter(OutputStream out, ProtectionParameter protectionParameter, boolean forDEREncoding)
+    {
+        super(out, protectionParameter, forDEREncoding);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/config/ProviderConfiguration.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/config/ProviderConfiguration.java
new file mode 100644
index 0000000..a7fcb82
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/config/ProviderConfiguration.java

@@ -0,0 +1,26 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.config;
+
+import java.security.spec.DSAParameterSpec;
+import java.util.Map;
+import java.util.Set;
+
+import javax.crypto.spec.DHParameterSpec;
+
+import com.android.org.bouncycastle.jce.spec.ECParameterSpec;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface ProviderConfiguration
+{
+    ECParameterSpec getEcImplicitlyCa();
+
+    DHParameterSpec getDHDefaultParameters(int keySize);
+
+    DSAParameterSpec getDSADefaultParameters(int keySize);
+
+    Set getAcceptableNamedCurves();
+
+    Map getAdditionalECParameters();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/config/ProviderConfigurationPermission.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/config/ProviderConfigurationPermission.java
new file mode 100644
index 0000000..26cec4e
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/config/ProviderConfigurationPermission.java

@@ -0,0 +1,161 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.config;
+
+import java.security.BasicPermission;
+import java.security.Permission;
+import java.util.StringTokenizer;
+
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * A permission class to define what can be done with the ConfigurableProvider interface.
+ * <p>
+ * Available permissions are "threadLocalEcImplicitlyCa" and "ecImplicitlyCa" which allow the setting
+ * of the thread local and global ecImplicitlyCa parameters respectively.
+ * </p>
+ * <p>
+ * Examples:
+ * <ul>
+ * <li>ProviderConfigurationPermission("BC"); // enable all permissions</li>
+ * <li>ProviderConfigurationPermission("BC", "threadLocalEcImplicitlyCa"); // enable thread local only</li>
+ * <li>ProviderConfigurationPermission("BC", "ecImplicitlyCa"); // enable global setting only</li>
+ * <li>ProviderConfigurationPermission("BC", "threadLocalEcImplicitlyCa, ecImplicitlyCa"); // enable both explicitly</li>
+ * </ul>
+ * <p>
+ * Note: permission checks are only enforced if a security manager is present.
+ * </p>
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ProviderConfigurationPermission
+    extends BasicPermission
+{
+    private static final int THREAD_LOCAL_EC_IMPLICITLY_CA = 0x01;
+    private static final int EC_IMPLICITLY_CA = 0x02;
+    private static final int THREAD_LOCAL_DH_DEFAULT_PARAMS = 0x04;
+    private static final int DH_DEFAULT_PARAMS = 0x08;
+    private static final int ACCEPTABLE_EC_CURVES = 0x10;
+    private static final int ADDITIONAL_EC_PARAMETERS = 0x20;
+
+    private static final int  ALL =
+            THREAD_LOCAL_EC_IMPLICITLY_CA | EC_IMPLICITLY_CA | THREAD_LOCAL_DH_DEFAULT_PARAMS | DH_DEFAULT_PARAMS |
+            ACCEPTABLE_EC_CURVES | ADDITIONAL_EC_PARAMETERS;
+
+    private static final String THREAD_LOCAL_EC_IMPLICITLY_CA_STR = "threadlocalecimplicitlyca";
+    private static final String EC_IMPLICITLY_CA_STR = "ecimplicitlyca";
+    private static final String THREAD_LOCAL_DH_DEFAULT_PARAMS_STR = "threadlocaldhdefaultparams";
+    private static final String DH_DEFAULT_PARAMS_STR = "dhdefaultparams";
+    private static final String ACCEPTABLE_EC_CURVES_STR = "acceptableeccurves";
+    private static final String ADDITIONAL_EC_PARAMETERS_STR = "additionalecparameters";
+    private static final String ALL_STR = "all";
+
+    private final String actions;
+    private final int permissionMask;
+
+    public ProviderConfigurationPermission(String name)
+    {
+        super(name);
+        this.actions = "all";
+        this.permissionMask = ALL;
+    }
+
+    public ProviderConfigurationPermission(String name, String actions)
+    {
+        super(name, actions);
+        this.actions = actions;
+        this.permissionMask = calculateMask(actions);
+    }
+
+    private int calculateMask(
+        String actions)
+    {
+        StringTokenizer tok = new StringTokenizer(Strings.toLowerCase(actions), " ,");
+        int             mask = 0;
+
+        while (tok.hasMoreTokens())
+        {
+            String s = tok.nextToken();
+
+            if (s.equals(THREAD_LOCAL_EC_IMPLICITLY_CA_STR))
+            {
+                mask |= THREAD_LOCAL_EC_IMPLICITLY_CA;
+            }
+            else if (s.equals(EC_IMPLICITLY_CA_STR))
+            {
+                mask |= EC_IMPLICITLY_CA;
+            }
+            else if (s.equals(THREAD_LOCAL_DH_DEFAULT_PARAMS_STR))
+            {
+                mask |= THREAD_LOCAL_DH_DEFAULT_PARAMS;
+            }
+            else if (s.equals(DH_DEFAULT_PARAMS_STR))
+            {
+                mask |= DH_DEFAULT_PARAMS;
+            }
+            else if (s.equals(ACCEPTABLE_EC_CURVES_STR))
+            {
+                mask |= ACCEPTABLE_EC_CURVES;
+            }
+            else if (s.equals(ADDITIONAL_EC_PARAMETERS_STR))
+            {
+                mask |= ADDITIONAL_EC_PARAMETERS;
+            }
+            else if (s.equals(ALL_STR))
+            {
+                mask |= ALL;
+            }
+        }
+
+        if (mask == 0)
+        {
+            throw new IllegalArgumentException("unknown permissions passed to mask");
+        }
+        
+        return mask;
+    }
+
+    public String getActions()
+    {
+        return actions;
+    }
+
+    public boolean implies(
+        Permission permission)
+    {
+        if (!(permission instanceof ProviderConfigurationPermission))
+        {
+            return false;
+        }
+
+        if (!this.getName().equals(permission.getName()))
+        {
+            return false;
+        }
+        
+        ProviderConfigurationPermission other = (ProviderConfigurationPermission)permission;
+        
+        return (this.permissionMask & other.permissionMask) == other.permissionMask;
+    }
+
+    public boolean equals(
+        Object obj)
+    {
+        if (obj == this)
+        {
+            return true;
+        }
+
+        if (obj instanceof ProviderConfigurationPermission)
+        {
+            ProviderConfigurationPermission other = (ProviderConfigurationPermission)obj;
+
+            return this.permissionMask == other.permissionMask && this.getName().equals(other.getName());
+        }
+
+        return false;
+    }
+
+    public int hashCode()
+    {
+        return this.getName().hashCode() + this.permissionMask;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/BCMessageDigest.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/BCMessageDigest.java
new file mode 100644
index 0000000..3e65224
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/BCMessageDigest.java

@@ -0,0 +1,51 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.digest;
+
+import java.security.MessageDigest;
+
+import com.android.org.bouncycastle.crypto.Digest;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BCMessageDigest
+    extends MessageDigest
+{
+    protected Digest  digest;
+
+    protected BCMessageDigest(
+        Digest digest)
+    {
+        super(digest.getAlgorithmName());
+
+        this.digest = digest;
+    }
+
+    public void engineReset() 
+    {
+        digest.reset();
+    }
+
+    public void engineUpdate(
+        byte    input) 
+    {
+        digest.update(input);
+    }
+
+    public void engineUpdate(
+        byte[]  input,
+        int     offset,
+        int     len) 
+    {
+        digest.update(input, offset, len);
+    }
+
+    public byte[] engineDigest() 
+    {
+        byte[]  digestBytes = new byte[digest.getDigestSize()];
+
+        digest.doFinal(digestBytes, 0);
+
+        return digestBytes;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/DigestAlgorithmProvider.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/DigestAlgorithmProvider.java
new file mode 100644
index 0000000..6597e1d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/DigestAlgorithmProvider.java

@@ -0,0 +1,37 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.digest;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+import com.android.org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
+
+abstract class DigestAlgorithmProvider
+    extends AlgorithmProvider
+{
+    protected void addHMACAlgorithm(
+        ConfigurableProvider provider,
+        String algorithm,
+        String algorithmClassName,
+        String keyGeneratorClassName)
+    {
+        String mainName = "HMAC" + algorithm;
+
+        provider.addAlgorithm("Mac." + mainName, algorithmClassName);
+        provider.addAlgorithm("Alg.Alias.Mac.HMAC-" + algorithm, mainName);
+        provider.addAlgorithm("Alg.Alias.Mac.HMAC/" + algorithm, mainName);
+        provider.addAlgorithm("KeyGenerator." + mainName, keyGeneratorClassName);
+        provider.addAlgorithm("Alg.Alias.KeyGenerator.HMAC-" + algorithm, mainName);
+        provider.addAlgorithm("Alg.Alias.KeyGenerator.HMAC/" + algorithm, mainName);
+    }
+
+    protected void addHMACAlias(
+        ConfigurableProvider provider,
+        String algorithm,
+        ASN1ObjectIdentifier oid)
+    {
+        String mainName = "HMAC" + algorithm;
+
+        provider.addAlgorithm("Alg.Alias.Mac." + oid, mainName);
+        provider.addAlgorithm("Alg.Alias.KeyGenerator." + oid, mainName);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/MD5.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/MD5.java
new file mode 100644
index 0000000..9f07673
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/MD5.java

@@ -0,0 +1,91 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.digest;
+
+import com.android.org.bouncycastle.asn1.iana.IANAObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.CipherKeyGenerator;
+import com.android.org.bouncycastle.crypto.digests.MD5Digest;
+import com.android.org.bouncycastle.crypto.macs.HMac;
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class MD5
+{
+    private MD5()
+    {
+
+    }
+
+    /**
+     * MD5 HashMac
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class HashMac
+        extends BaseMac
+    {
+        public HashMac()
+        {
+            super(new HMac(new MD5Digest()));
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class KeyGenerator
+        extends BaseKeyGenerator
+    {
+        public KeyGenerator()
+        {
+            super("HMACMD5", 128, new CipherKeyGenerator());
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class Digest
+        extends BCMessageDigest
+        implements Cloneable
+    {
+        public Digest()
+        {
+            super(new MD5Digest());
+        }
+
+        public Object clone()
+            throws CloneNotSupportedException
+        {
+            Digest d = (Digest)super.clone();
+            d.digest = new MD5Digest((MD5Digest)digest);
+
+            return d;
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Mappings
+        extends DigestAlgorithmProvider
+    {
+        private static final String PREFIX = MD5.class.getName();
+
+        public Mappings()
+        {
+        }
+
+        public void configure(ConfigurableProvider provider)
+        {
+            provider.addAlgorithm("MessageDigest.MD5", PREFIX + "$Digest");
+            provider.addAlgorithm("Alg.Alias.MessageDigest." + PKCSObjectIdentifiers.md5, "MD5");
+
+            addHMACAlgorithm(provider, "MD5", PREFIX + "$HashMac", PREFIX + "$KeyGenerator");
+            addHMACAlias(provider, "MD5", IANAObjectIdentifiers.hmacMD5);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA1.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA1.java
new file mode 100644
index 0000000..c4a7b24
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA1.java

@@ -0,0 +1,130 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.digest;
+
+import com.android.org.bouncycastle.asn1.iana.IANAObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.CipherKeyGenerator;
+import com.android.org.bouncycastle.crypto.digests.SHA1Digest;
+import com.android.org.bouncycastle.crypto.macs.HMac;
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SHA1
+{
+    private SHA1()
+    {
+
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class Digest
+        extends BCMessageDigest
+        implements Cloneable
+    {
+        public Digest()
+        {
+            super(new SHA1Digest());
+        }
+
+        public Object clone()
+            throws CloneNotSupportedException
+        {
+            Digest d = (Digest)super.clone();
+            d.digest = new SHA1Digest((SHA1Digest)digest);
+
+            return d;
+        }
+    }
+
+    /**
+     * SHA1 HMac
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class HashMac
+        extends BaseMac
+    {
+        public HashMac()
+        {
+            super(new HMac(new SHA1Digest()));
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class KeyGenerator
+        extends BaseKeyGenerator
+    {
+        public KeyGenerator()
+        {
+            super("HMACSHA1", 160, new CipherKeyGenerator());
+        }
+    }
+
+    /**
+     * SHA1 HMac
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class SHA1Mac
+        extends BaseMac
+    {
+        public SHA1Mac()
+        {
+            super(new HMac(new SHA1Digest()));
+        }
+    }
+
+    /**
+     * PBEWithHmacSHA
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PBEWithMacKeyFactory
+        extends PBESecretKeyFactory
+    {
+        public PBEWithMacKeyFactory()
+        {
+            super("PBEwithHmacSHA", null, false, PKCS12, SHA1, 160, 0);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Mappings
+        extends DigestAlgorithmProvider
+    {
+        private static final String PREFIX = SHA1.class.getName();
+
+        public Mappings()
+        {
+        }
+
+        public void configure(ConfigurableProvider provider)
+        {
+            provider.addAlgorithm("MessageDigest.SHA-1", PREFIX + "$Digest");
+            provider.addAlgorithm("Alg.Alias.MessageDigest.SHA1", "SHA-1");
+            provider.addAlgorithm("Alg.Alias.MessageDigest.SHA", "SHA-1");
+            provider.addAlgorithm("Alg.Alias.MessageDigest." + OIWObjectIdentifiers.idSHA1, "SHA-1");
+
+            addHMACAlgorithm(provider, "SHA1", PREFIX + "$HashMac", PREFIX + "$KeyGenerator");
+            addHMACAlias(provider, "SHA1", PKCSObjectIdentifiers.id_hmacWithSHA1);
+            addHMACAlias(provider, "SHA1", IANAObjectIdentifiers.hmacSHA1);
+
+            provider.addAlgorithm("Mac.PBEWITHHMACSHA", PREFIX + "$SHA1Mac");
+            provider.addAlgorithm("Mac.PBEWITHHMACSHA1", PREFIX + "$SHA1Mac");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHHMACSHA", "PBEWITHHMACSHA1");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + OIWObjectIdentifiers.idSHA1, "PBEWITHHMACSHA1");
+            provider.addAlgorithm("Alg.Alias.Mac." + OIWObjectIdentifiers.idSHA1, "PBEWITHHMACSHA");
+
+            provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACSHA1", PREFIX + "$PBEWithMacKeyFactory");
+          }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA224.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA224.java
new file mode 100644
index 0000000..9c0eda9
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA224.java

@@ -0,0 +1,94 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.digest;
+
+import com.android.org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.CipherKeyGenerator;
+import com.android.org.bouncycastle.crypto.digests.SHA224Digest;
+import com.android.org.bouncycastle.crypto.macs.HMac;
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SHA224
+{
+    private SHA224()
+    {
+
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class Digest
+        extends BCMessageDigest
+        implements Cloneable
+    {
+        public Digest()
+        {
+            super(new SHA224Digest());
+        }
+
+        public Object clone()
+            throws CloneNotSupportedException
+        {
+            Digest d = (Digest)super.clone();
+            d.digest = new SHA224Digest((SHA224Digest)digest);
+
+            return d;
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class HashMac
+        extends BaseMac
+    {
+        public HashMac()
+        {
+            super(new HMac(new SHA224Digest()));
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class KeyGenerator
+        extends BaseKeyGenerator
+    {
+        public KeyGenerator()
+        {
+            super("HMACSHA224", 224, new CipherKeyGenerator());
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Mappings
+        extends DigestAlgorithmProvider
+    {
+        private static final String PREFIX = SHA224.class.getName();
+
+        public Mappings()
+        {
+        }
+
+        public void configure(ConfigurableProvider provider)
+        {
+            provider.addAlgorithm("MessageDigest.SHA-224", PREFIX + "$Digest");
+            provider.addAlgorithm("Alg.Alias.MessageDigest.SHA224", "SHA-224");
+            provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha224, "SHA-224");
+
+            provider.addAlgorithm("Mac.PBEWITHHMACSHA224", PREFIX + "$HashMac");
+
+            addHMACAlgorithm(provider, "SHA224", PREFIX + "$HashMac",  PREFIX + "$KeyGenerator");
+            addHMACAlias(provider, "SHA224", PKCSObjectIdentifiers.id_hmacWithSHA224);
+
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA256.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA256.java
new file mode 100644
index 0000000..a5df2b6
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA256.java

@@ -0,0 +1,118 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.digest;
+
+import com.android.org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.CipherKeyGenerator;
+import com.android.org.bouncycastle.crypto.digests.SHA256Digest;
+import com.android.org.bouncycastle.crypto.macs.HMac;
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SHA256
+{
+    private SHA256()
+    {
+
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class Digest
+        extends BCMessageDigest
+        implements Cloneable
+    {
+        public Digest()
+        {
+            super(new SHA256Digest());
+        }
+
+        public Object clone()
+            throws CloneNotSupportedException
+        {
+            Digest d = (Digest)super.clone();
+            d.digest = new SHA256Digest((SHA256Digest)digest);
+
+            return d;
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class HashMac
+        extends BaseMac
+    {
+        public HashMac()
+        {
+            super(new HMac(new SHA256Digest()));
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    /**
+     * PBEWithHmacSHA
+     *
+    public static class PBEWithMacKeyFactory
+        extends PBESecretKeyFactory
+    {
+        public PBEWithMacKeyFactory()
+        {
+            super("PBEwithHmacSHA256", null, false, PKCS12, SHA256, 256, 0);
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    /**
+     * HMACSHA256
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class KeyGenerator
+        extends BaseKeyGenerator
+    {
+        public KeyGenerator()
+        {
+            super("HMACSHA256", 256, new CipherKeyGenerator());
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Mappings
+        extends DigestAlgorithmProvider
+    {
+        private static final String PREFIX = SHA256.class.getName();
+
+        public Mappings()
+        {
+        }
+
+        public void configure(ConfigurableProvider provider)
+        {
+            provider.addAlgorithm("MessageDigest.SHA-256", PREFIX + "$Digest");
+            provider.addAlgorithm("Alg.Alias.MessageDigest.SHA256", "SHA-256");
+            provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha256, "SHA-256");
+
+            // BEGIN Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("SecretKeyFactory.PBEWITHHMACSHA256", PREFIX + "$PBEWithMacKeyFactory");
+            // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHHMACSHA-256", "PBEWITHHMACSHA256");
+            // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + NISTObjectIdentifiers.id_sha256, "PBEWITHHMACSHA256");
+            // END Android-removed: Unsupported algorithms
+
+            provider.addAlgorithm("Mac.PBEWITHHMACSHA256", PREFIX + "$HashMac");
+
+            addHMACAlgorithm(provider, "SHA256", PREFIX + "$HashMac",  PREFIX + "$KeyGenerator");
+            addHMACAlias(provider, "SHA256", PKCSObjectIdentifiers.id_hmacWithSHA256);
+            addHMACAlias(provider, "SHA256", NISTObjectIdentifiers.id_sha256);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA384.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA384.java
new file mode 100644
index 0000000..57d32b0
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA384.java

@@ -0,0 +1,111 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.digest;
+
+import com.android.org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.CipherKeyGenerator;
+import com.android.org.bouncycastle.crypto.digests.SHA384Digest;
+import com.android.org.bouncycastle.crypto.macs.HMac;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.macs.OldHMac;
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SHA384
+{
+    private SHA384()
+    {
+
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class Digest
+        extends BCMessageDigest
+        implements Cloneable
+    {
+        public Digest()
+        {
+            super(new SHA384Digest());
+        }
+
+        public Object clone()
+            throws CloneNotSupportedException
+        {
+            Digest d = (Digest)super.clone();
+            d.digest = new SHA384Digest((SHA384Digest)digest);
+
+            return d;
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class HashMac
+        extends BaseMac
+    {
+        public HashMac()
+        {
+            super(new HMac(new SHA384Digest()));
+        }
+    }
+
+    /**
+     * HMACSHA384
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class KeyGenerator
+        extends BaseKeyGenerator
+    {
+        public KeyGenerator()
+        {
+            super("HMACSHA384", 384, new CipherKeyGenerator());
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    public static class OldSHA384
+        extends BaseMac
+    {
+        public OldSHA384()
+        {
+            super(new OldHMac(new SHA384Digest()));
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Mappings
+        extends DigestAlgorithmProvider
+    {
+        private static final String PREFIX = SHA384.class.getName();
+
+        public Mappings()
+        {
+        }
+
+        public void configure(ConfigurableProvider provider)
+        {
+            provider.addAlgorithm("MessageDigest.SHA-384", PREFIX + "$Digest");
+            provider.addAlgorithm("Alg.Alias.MessageDigest.SHA384", "SHA-384");
+            provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha384, "SHA-384");
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("Mac.OLDHMACSHA384", PREFIX + "$OldSHA384");
+
+            provider.addAlgorithm("Mac.PBEWITHHMACSHA384", PREFIX + "$HashMac");
+
+            addHMACAlgorithm(provider, "SHA384", PREFIX + "$HashMac",  PREFIX + "$KeyGenerator");
+            addHMACAlias(provider, "SHA384", PKCSObjectIdentifiers.id_hmacWithSHA384);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA512.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA512.java
new file mode 100644
index 0000000..5f3267f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/digest/SHA512.java

@@ -0,0 +1,215 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.digest;
+
+import com.android.org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.CipherKeyGenerator;
+import com.android.org.bouncycastle.crypto.digests.SHA512Digest;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.digests.SHA512tDigest;
+import com.android.org.bouncycastle.crypto.macs.HMac;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.macs.OldHMac;
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SHA512
+{
+    private SHA512()
+    {
+
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class Digest
+        extends BCMessageDigest
+        implements Cloneable
+    {
+        public Digest()
+        {
+            super(new SHA512Digest());
+        }
+
+        public Object clone()
+            throws CloneNotSupportedException
+        {
+            Digest d = (Digest)super.clone();
+            d.digest = new SHA512Digest((SHA512Digest)digest);
+
+            return d;
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    static public class DigestT
+        extends BCMessageDigest
+        implements Cloneable
+    {
+        public DigestT(int bitLength)
+        {
+            super(new SHA512tDigest(bitLength));
+        }
+
+        public Object clone()
+            throws CloneNotSupportedException
+        {
+            DigestT d = (DigestT)super.clone();
+            d.digest = new SHA512tDigest((SHA512tDigest)digest);
+
+            return d;
+        }
+    }
+
+    static public class DigestT224
+        extends DigestT
+    {
+        public DigestT224()
+        {
+            super(224);
+        }
+    }
+
+    static public class DigestT256
+        extends DigestT
+    {
+        public DigestT256()
+        {
+            super(256);
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class HashMac
+        extends BaseMac
+    {
+        public HashMac()
+        {
+            super(new HMac(new SHA512Digest()));
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    public static class HashMacT224
+        extends BaseMac
+    {
+        public HashMacT224()
+        {
+            super(new HMac(new SHA512tDigest(224)));
+        }
+    }
+
+    public static class HashMacT256
+        extends BaseMac
+    {
+        public HashMacT256()
+        {
+            super(new HMac(new SHA512tDigest(256)));
+        }
+    }
+
+    /**
+     * SHA-512 HMac
+     *
+    public static class OldSHA512
+        extends BaseMac
+    {
+        public OldSHA512()
+        {
+            super(new OldHMac(new SHA512Digest()));
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    /**
+     * HMACSHA512
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class KeyGenerator
+        extends BaseKeyGenerator
+    {
+        public KeyGenerator()
+        {
+            super("HMACSHA512", 512, new CipherKeyGenerator());
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    public static class KeyGeneratorT224
+        extends BaseKeyGenerator
+    {
+        public KeyGeneratorT224()
+        {
+            super("HMACSHA512/224", 224, new CipherKeyGenerator());
+        }
+    }
+
+    public static class KeyGeneratorT256
+        extends BaseKeyGenerator
+    {
+        public KeyGeneratorT256()
+        {
+            super("HMACSHA512/256", 256, new CipherKeyGenerator());
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Mappings
+        extends DigestAlgorithmProvider
+    {
+        private static final String PREFIX = SHA512.class.getName();
+
+        public Mappings()
+        {
+        }
+
+        public void configure(ConfigurableProvider provider)
+        {
+            provider.addAlgorithm("MessageDigest.SHA-512", PREFIX + "$Digest");
+            provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512", "SHA-512");
+            provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512, "SHA-512");
+
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            provider.addAlgorithm("MessageDigest.SHA-512/224", PREFIX + "$DigestT224");
+            provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512/224", "SHA-512/224");
+            provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_224, "SHA-512/224");
+
+            provider.addAlgorithm("MessageDigest.SHA-512/256", PREFIX + "$DigestT256");
+            provider.addAlgorithm("Alg.Alias.MessageDigest.SHA512256", "SHA-512/256");
+            provider.addAlgorithm("Alg.Alias.MessageDigest." + NISTObjectIdentifiers.id_sha512_256, "SHA-512/256");
+
+            provider.addAlgorithm("Mac.OLDHMACSHA512", PREFIX + "$OldSHA512");
+            */
+            // END Android-removed: Unsupported algorithms
+
+            provider.addAlgorithm("Mac.PBEWITHHMACSHA512", PREFIX + "$HashMac");
+
+            addHMACAlgorithm(provider, "SHA512", PREFIX + "$HashMac",  PREFIX + "$KeyGenerator");
+            addHMACAlias(provider, "SHA512", PKCSObjectIdentifiers.id_hmacWithSHA512);
+
+            // BEGIN Android-removed: Unsupported algorithms
+            // addHMACAlgorithm(provider, "SHA512/224", PREFIX + "$HashMacT224",  PREFIX + "$KeyGeneratorT224");
+            // addHMACAlgorithm(provider, "SHA512/256", PREFIX + "$HashMacT256",  PREFIX + "$KeyGeneratorT256");
+            // END Android-removed: Unsupported algorithms
+        }
+    }
+
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/BC.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/BC.java
new file mode 100644
index 0000000..aac3db9
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/BC.java

@@ -0,0 +1,35 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.keystore;
+
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+import com.android.org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BC
+{
+    private static final String PREFIX = "com.android.org.bouncycastle.jcajce.provider.keystore" + ".bc.";
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Mappings
+        extends AsymmetricAlgorithmProvider
+    {
+        public Mappings()
+        {
+        }
+
+        public void configure(ConfigurableProvider provider)
+        {
+            provider.addAlgorithm("KeyStore.BKS", PREFIX + "BcKeyStoreSpi$Std");
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("KeyStore.BKS-V1", PREFIX + "BcKeyStoreSpi$Version1");
+            provider.addAlgorithm("KeyStore.BouncyCastle", PREFIX + "BcKeyStoreSpi$BouncyCastleStore");
+            provider.addAlgorithm("Alg.Alias.KeyStore.UBER", "BouncyCastle");
+            provider.addAlgorithm("Alg.Alias.KeyStore.BOUNCYCASTLE", "BouncyCastle");
+            provider.addAlgorithm("Alg.Alias.KeyStore.bouncycastle", "BouncyCastle");
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/PKCS12.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/PKCS12.java
new file mode 100644
index 0000000..b9bdc2a
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/PKCS12.java

@@ -0,0 +1,41 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.keystore;
+
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+import com.android.org.bouncycastle.jcajce.provider.util.AsymmetricAlgorithmProvider;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PKCS12
+{
+    private static final String PREFIX = "com.android.org.bouncycastle.jcajce.provider.keystore" + ".pkcs12.";
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Mappings
+        extends AsymmetricAlgorithmProvider
+    {
+        public Mappings()
+        {
+        }
+        
+        public void configure(ConfigurableProvider provider)
+        {
+            provider.addAlgorithm("KeyStore.PKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore");
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            provider.addAlgorithm("KeyStore.BCPKCS12", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore");
+            provider.addAlgorithm("KeyStore.PKCS12-DEF", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore");
+
+            provider.addAlgorithm("KeyStore.PKCS12-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore");
+            provider.addAlgorithm("KeyStore.PKCS12-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$BCPKCS12KeyStore3DES");
+    
+            provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-40RC2", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore");
+            provider.addAlgorithm("KeyStore.PKCS12-DEF-3DES-3DES", PREFIX + "PKCS12KeyStoreSpi$DefPKCS12KeyStore3DES");
+            */
+            // END Android-removed: Unsupported algorithms
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/bc/BcKeyStoreSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/bc/BcKeyStoreSpi.java
new file mode 100644
index 0000000..37a1c08
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/bc/BcKeyStoreSpi.java

@@ -0,0 +1,1082 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.keystore.bc;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.DataInputStream;
+import java.io.DataOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.security.Key;
+import java.security.KeyStoreException;
+import java.security.KeyStoreSpi;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.SecureRandom;
+import java.security.UnrecoverableKeyException;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.spec.KeySpec;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.spec.X509EncodedKeySpec;
+import java.util.Date;
+import java.util.Enumeration;
+import java.util.Hashtable;
+
+import javax.crypto.Cipher;
+import javax.crypto.CipherInputStream;
+import javax.crypto.CipherOutputStream;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.PBEKeySpec;
+import javax.crypto.spec.PBEParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+
+import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.CryptoServicesRegistrar;
+import com.android.org.bouncycastle.crypto.Digest;
+import com.android.org.bouncycastle.crypto.PBEParametersGenerator;
+import com.android.org.bouncycastle.crypto.digests.SHA1Digest;
+import com.android.org.bouncycastle.crypto.generators.PKCS12ParametersGenerator;
+import com.android.org.bouncycastle.crypto.io.DigestInputStream;
+import com.android.org.bouncycastle.crypto.io.DigestOutputStream;
+import com.android.org.bouncycastle.crypto.io.MacInputStream;
+import com.android.org.bouncycastle.crypto.io.MacOutputStream;
+import com.android.org.bouncycastle.crypto.macs.HMac;
+// Android-changed: Use default provider for JCA algorithms instead of BC
+// Was: import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+import com.android.org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
+import com.android.org.bouncycastle.jcajce.util.JcaJceHelper;
+import com.android.org.bouncycastle.jce.interfaces.BCKeyStore;
+import com.android.org.bouncycastle.jce.provider.BouncyCastleProvider;
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.io.Streams;
+import com.android.org.bouncycastle.util.io.TeeOutputStream;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BcKeyStoreSpi
+    extends KeyStoreSpi
+    implements BCKeyStore
+{
+    private static final int    STORE_VERSION = 2;
+
+    private static final int    STORE_SALT_SIZE = 20;
+    private static final String STORE_CIPHER = "PBEWithSHAAndTwofish-CBC";
+
+    private static final int    KEY_SALT_SIZE = 20;
+    private static final int    MIN_ITERATIONS = 1024;
+
+    private static final String KEY_CIPHER = "PBEWithSHAAnd3-KeyTripleDES-CBC";
+
+    //
+    // generic object types
+    //
+    static final int NULL           = 0;
+    static final int CERTIFICATE    = 1;
+    static final int KEY            = 2;
+    static final int SECRET         = 3;
+    static final int SEALED         = 4;
+
+    //
+    // key types
+    //
+    static final int    KEY_PRIVATE = 0;
+    static final int    KEY_PUBLIC  = 1;
+    static final int    KEY_SECRET  = 2;
+
+    protected Hashtable       table = new Hashtable();
+
+    protected SecureRandom    random = CryptoServicesRegistrar.getSecureRandom();
+
+    protected int              version;
+
+    // Android-changed: Use default provider for JCA algorithms instead of BC
+    // Was: private final JcaJceHelper helper = new BCJcaJceHelper();
+    private final JcaJceHelper helper = new DefaultJcaJceHelper();
+
+    public BcKeyStoreSpi(int version)
+    {
+        this.version = version;
+    }
+
+    private class StoreEntry
+    {
+        int             type;
+        String          alias;
+        Object          obj;
+        Certificate[]   certChain;
+        Date            date = new Date();
+
+        StoreEntry(
+            String       alias,
+            Certificate  obj)
+        {
+            this.type = CERTIFICATE;
+            this.alias = alias;
+            this.obj = obj;
+            this.certChain = null;
+        }
+
+        StoreEntry(
+            String          alias,
+            byte[]          obj,
+            Certificate[]   certChain)
+        {
+            this.type = SECRET;
+            this.alias = alias;
+            this.obj = obj;
+            this.certChain = certChain;
+        }
+
+        StoreEntry(
+            String          alias,
+            Key             key,
+            char[]          password,
+            Certificate[]   certChain)
+            throws Exception
+        {
+            this.type = SEALED;
+            this.alias = alias;
+            this.certChain = certChain;
+
+            byte[] salt = new byte[KEY_SALT_SIZE];
+
+            random.setSeed(System.currentTimeMillis());
+            random.nextBytes(salt);
+
+            int iterationCount = MIN_ITERATIONS + (random.nextInt() & 0x3ff);
+
+
+            ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
+            DataOutputStream        dOut = new DataOutputStream(bOut);
+
+            dOut.writeInt(salt.length);
+            dOut.write(salt);
+            dOut.writeInt(iterationCount);
+
+            Cipher              cipher = makePBECipher(KEY_CIPHER, Cipher.ENCRYPT_MODE, password, salt, iterationCount);
+            CipherOutputStream  cOut = new CipherOutputStream(dOut, cipher);
+
+            dOut = new DataOutputStream(cOut);
+
+            encodeKey(key, dOut);
+
+            dOut.close();
+
+            obj = bOut.toByteArray();
+        }
+
+        StoreEntry(
+            String          alias,
+            Date            date,
+            int             type,
+            Object          obj)
+        {
+            this.alias = alias;
+            this.date = date;
+            this.type = type;
+            this.obj = obj;
+        }
+
+        StoreEntry(
+            String          alias,
+            Date            date,
+            int             type,
+            Object          obj,
+            Certificate[]   certChain)
+        {
+            this.alias = alias;
+            this.date = date;
+            this.type = type;
+            this.obj = obj;
+            this.certChain = certChain;
+        }
+
+        int getType()
+        {
+            return type;
+        }
+
+        String getAlias()
+        {
+            return alias;
+        }
+
+        Object getObject()
+        {
+            return obj;
+        }
+
+        Object getObject(
+            char[]  password)
+            throws NoSuchAlgorithmException, UnrecoverableKeyException
+        {
+            if (password == null || password.length == 0)
+            {
+                if (obj instanceof Key)
+                {
+                    return obj;
+                }
+            }
+
+            if (type == SEALED)
+            {
+                ByteArrayInputStream    bIn = new ByteArrayInputStream((byte[])obj);
+                DataInputStream         dIn = new DataInputStream(bIn);
+            
+                try
+                {
+                    byte[]      salt = new byte[dIn.readInt()];
+
+                    dIn.readFully(salt);
+
+                    int     iterationCount = dIn.readInt();
+                
+                    Cipher      cipher = makePBECipher(KEY_CIPHER, Cipher.DECRYPT_MODE, password, salt, iterationCount);
+
+                    CipherInputStream cIn = new CipherInputStream(dIn, cipher);
+
+                    try
+                    {
+                        return decodeKey(new DataInputStream(cIn));
+                    }
+                    catch (Exception x)
+                    {
+                        bIn = new ByteArrayInputStream((byte[])obj);
+                        dIn = new DataInputStream(bIn);
+            
+                        salt = new byte[dIn.readInt()];
+
+                        dIn.readFully(salt);
+
+                        iterationCount = dIn.readInt();
+
+                        cipher = makePBECipher("Broken" + KEY_CIPHER, Cipher.DECRYPT_MODE, password, salt, iterationCount);
+
+                        cIn = new CipherInputStream(dIn, cipher);
+
+                        Key k = null;
+
+                        try
+                        {
+                            k = decodeKey(new DataInputStream(cIn));
+                        }
+                        catch (Exception y)
+                        {
+                            bIn = new ByteArrayInputStream((byte[])obj);
+                            dIn = new DataInputStream(bIn);
+                
+                            salt = new byte[dIn.readInt()];
+
+                            dIn.readFully(salt);
+
+                            iterationCount = dIn.readInt();
+
+                            cipher = makePBECipher("Old" + KEY_CIPHER, Cipher.DECRYPT_MODE, password, salt, iterationCount);
+
+                            cIn = new CipherInputStream(dIn, cipher);
+
+                            k = decodeKey(new DataInputStream(cIn));
+                        }
+
+                        //
+                        // reencrypt key with correct cipher.
+                        //
+                        if (k != null)
+                        {
+                            ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
+                            DataOutputStream        dOut = new DataOutputStream(bOut);
+
+                            dOut.writeInt(salt.length);
+                            dOut.write(salt);
+                            dOut.writeInt(iterationCount);
+
+                            Cipher              out = makePBECipher(KEY_CIPHER, Cipher.ENCRYPT_MODE, password, salt, iterationCount);
+                            CipherOutputStream  cOut = new CipherOutputStream(dOut, out);
+
+                            dOut = new DataOutputStream(cOut);
+
+                            encodeKey(k, dOut);
+
+                            dOut.close();
+
+                            obj = bOut.toByteArray();
+
+                            return k;
+                        }
+                        else
+                        {
+                            throw new UnrecoverableKeyException("no match");
+                        }
+                    }
+                }
+                catch (Exception e)
+                {
+                    throw new UnrecoverableKeyException("no match");
+                }
+            }
+            else
+            {
+                throw new RuntimeException("forget something!");
+                // TODO
+                // if we get to here key was saved as byte data, which
+                // according to the docs means it must be a private key
+                // in EncryptedPrivateKeyInfo (PKCS8 format), later...
+                //
+            }
+        }
+
+        Certificate[] getCertificateChain()
+        {
+            return certChain;
+        }
+
+        Date getDate()
+        {
+            return date;
+        }
+    }
+
+    private void encodeCertificate(
+        Certificate         cert,
+        DataOutputStream    dOut)
+        throws IOException
+    {
+        try
+        {
+            byte[]      cEnc = cert.getEncoded();
+
+            dOut.writeUTF(cert.getType());
+            dOut.writeInt(cEnc.length);
+            dOut.write(cEnc);
+        }
+        catch (CertificateEncodingException ex)
+        {
+            throw new IOException(ex.toString());
+        }
+    }
+
+    private Certificate decodeCertificate(
+        DataInputStream   dIn)
+        throws IOException
+    {
+        String      type = dIn.readUTF();
+        byte[]      cEnc = new byte[dIn.readInt()];
+
+        dIn.readFully(cEnc);
+
+        try
+        {
+            CertificateFactory cFact = helper.createCertificateFactory(type);
+            ByteArrayInputStream bIn = new ByteArrayInputStream(cEnc);
+
+            return cFact.generateCertificate(bIn);
+        }
+        catch (NoSuchProviderException ex)
+        {
+            throw new IOException(ex.toString());
+        }
+        catch (CertificateException ex)
+        {
+            throw new IOException(ex.toString());
+        }
+    }
+
+    private void encodeKey(
+        Key                 key,
+        DataOutputStream    dOut)
+        throws IOException
+    {
+        byte[]      enc = key.getEncoded();
+
+        if (key instanceof PrivateKey)
+        {
+            dOut.write(KEY_PRIVATE);
+        }
+        else if (key instanceof PublicKey)
+        {
+            dOut.write(KEY_PUBLIC);
+        }
+        else
+        {
+            dOut.write(KEY_SECRET);
+        }
+    
+        dOut.writeUTF(key.getFormat());
+        dOut.writeUTF(key.getAlgorithm());
+        dOut.writeInt(enc.length);
+        dOut.write(enc);
+    }
+
+    private Key decodeKey(
+        DataInputStream dIn)
+        throws IOException
+    {
+        int         keyType = dIn.read();
+        String      format = dIn.readUTF();
+        String      algorithm = dIn.readUTF();
+        byte[]      enc = new byte[dIn.readInt()];
+        KeySpec     spec;
+
+        dIn.readFully(enc);
+
+        if (format.equals("PKCS#8") || format.equals("PKCS8"))
+        {
+            spec = new PKCS8EncodedKeySpec(enc);
+        }
+        else if (format.equals("X.509") || format.equals("X509"))
+        {
+            spec = new X509EncodedKeySpec(enc);
+        }
+        else if (format.equals("RAW"))
+        {
+            return new SecretKeySpec(enc, algorithm);
+        }
+        else
+        {
+            throw new IOException("Key format " + format + " not recognised!");
+        }
+
+        try
+        {
+            switch (keyType)
+            {
+            case KEY_PRIVATE:
+                return BouncyCastleProvider.getPrivateKey(PrivateKeyInfo.getInstance(enc));
+            case KEY_PUBLIC:
+                return  BouncyCastleProvider.getPublicKey(SubjectPublicKeyInfo.getInstance(enc));
+            case KEY_SECRET:
+                return  helper.createSecretKeyFactory(algorithm).generateSecret(spec);
+            default:
+                throw new IOException("Key type " + keyType + " not recognised!");
+            }
+        }
+        catch (Exception e)
+        {
+            throw new IOException("Exception creating key: " + e.toString());
+        }
+    }
+
+    protected Cipher makePBECipher(
+        String  algorithm,
+        int     mode,
+        char[]  password,
+        byte[]  salt,
+        int     iterationCount)
+        throws IOException
+    {
+        try
+        {
+            PBEKeySpec          pbeSpec = new PBEKeySpec(password);
+            SecretKeyFactory    keyFact = helper.createSecretKeyFactory(algorithm);
+            PBEParameterSpec    defParams = new PBEParameterSpec(salt, iterationCount);
+
+            Cipher cipher = helper.createCipher(algorithm);
+
+            cipher.init(mode, keyFact.generateSecret(pbeSpec), defParams);
+
+            return cipher;
+        }
+        catch (Exception e)
+        {
+            throw new IOException("Error initialising store of key store: " + e);
+        }
+    }
+
+    public void setRandom(
+            SecureRandom    rand)
+    {
+        this.random = rand;
+    }
+
+    public Enumeration engineAliases() 
+    {
+        return table.keys();
+    }
+
+    public boolean engineContainsAlias(
+        String  alias) 
+    {
+        return (table.get(alias) != null);
+    }
+
+    public void engineDeleteEntry(
+        String  alias) 
+        throws KeyStoreException
+    {
+        Object  entry = table.get(alias);
+
+        if (entry == null)
+        {
+            return;
+        }
+
+        table.remove(alias);
+    }
+
+    public Certificate engineGetCertificate(
+        String alias) 
+    {
+        StoreEntry  entry = (StoreEntry)table.get(alias);
+
+        if (entry != null)
+        {
+            if (entry.getType() == CERTIFICATE)
+            {
+                return (Certificate)entry.getObject();
+            }
+            else
+            {
+                Certificate[]   chain = entry.getCertificateChain();
+
+                if (chain != null)
+                {
+                    return chain[0];
+                }
+            }
+        }
+
+        return null;
+    }
+
+    public String engineGetCertificateAlias(
+        Certificate cert) 
+    {
+        Enumeration e = table.elements();
+        while (e.hasMoreElements())
+        {
+            StoreEntry  entry = (StoreEntry)e.nextElement();
+
+            if (entry.getObject() instanceof Certificate)
+            {
+                Certificate c = (Certificate)entry.getObject();
+
+                if (c.equals(cert))
+                {
+                    return entry.getAlias();
+                }
+            }
+            else
+            {
+                Certificate[]   chain = entry.getCertificateChain();
+
+                if (chain != null && chain[0].equals(cert))
+                {
+                    return entry.getAlias();
+                }
+            }
+        }
+
+        return null;
+    }
+    
+    public Certificate[] engineGetCertificateChain(
+        String alias) 
+    {
+        StoreEntry  entry = (StoreEntry)table.get(alias);
+
+        if (entry != null)
+        {
+            return entry.getCertificateChain();
+        }
+
+        return null;
+    }
+    
+    public Date engineGetCreationDate(String alias) 
+    {
+        StoreEntry  entry = (StoreEntry)table.get(alias);
+
+        if (entry != null)
+        {
+            return entry.getDate();
+        }
+
+        return null;
+    }
+
+    public Key engineGetKey(
+        String alias,
+        char[] password) 
+        throws NoSuchAlgorithmException, UnrecoverableKeyException
+    {
+        StoreEntry  entry = (StoreEntry)table.get(alias);
+
+        if (entry == null || entry.getType() == CERTIFICATE)
+        {
+            return null;
+        }
+
+        return (Key)entry.getObject(password);
+    }
+
+    public boolean engineIsCertificateEntry(
+        String alias) 
+    {
+        StoreEntry  entry = (StoreEntry)table.get(alias);
+
+        if (entry != null && entry.getType() == CERTIFICATE)
+        {
+            return true;
+        }
+    
+        return false;
+    }
+
+    public boolean engineIsKeyEntry(
+        String alias) 
+    {
+        StoreEntry  entry = (StoreEntry)table.get(alias);
+
+        if (entry != null && entry.getType() != CERTIFICATE)
+        {
+            return true;
+        }
+    
+        return false;
+    }
+
+    public void engineSetCertificateEntry(
+        String      alias,
+        Certificate cert) 
+        throws KeyStoreException
+    {
+        StoreEntry  entry = (StoreEntry)table.get(alias);
+
+        if (entry != null && entry.getType() != CERTIFICATE)
+        {
+            throw new KeyStoreException("key store already has a key entry with alias " + alias);
+        }
+
+        table.put(alias, new StoreEntry(alias, cert));
+    }
+
+    public void engineSetKeyEntry(
+        String alias,
+        byte[] key,
+        Certificate[] chain) 
+        throws KeyStoreException
+    {
+        table.put(alias, new StoreEntry(alias, key, chain));
+    }
+
+    public void engineSetKeyEntry(
+        String          alias,
+        Key             key,
+        char[]          password,
+        Certificate[]   chain) 
+        throws KeyStoreException
+    {
+        if ((key instanceof PrivateKey) && (chain == null))
+        {
+            throw new KeyStoreException("no certificate chain for private key");
+        }
+
+        try
+        {
+            table.put(alias, new StoreEntry(alias, key, password, chain));
+        }
+        catch (Exception e)
+        {
+            throw new KeyStoreException(e.toString());
+        }
+    }
+
+    public int engineSize() 
+    {
+        return table.size();
+    }
+
+    protected void loadStore(
+        InputStream in)
+        throws IOException
+    {
+        DataInputStream     dIn = new DataInputStream(in);
+        int                 type = dIn.read();
+
+        while (type > NULL)
+        {
+            String          alias = dIn.readUTF();
+            Date            date = new Date(dIn.readLong());
+            int             chainLength = dIn.readInt();
+            Certificate[]   chain = null;
+
+            if (chainLength != 0)
+            {
+                chain = new Certificate[chainLength];
+
+                for (int i = 0; i != chainLength; i++)
+                {
+                    chain[i] = decodeCertificate(dIn);
+                }
+            }
+
+            switch (type)
+            {
+            case CERTIFICATE:
+                    Certificate     cert = decodeCertificate(dIn);
+
+                    table.put(alias, new StoreEntry(alias, date, CERTIFICATE, cert));
+                    break;
+            case KEY:
+                    Key     key = decodeKey(dIn);
+                    table.put(alias, new StoreEntry(alias, date, KEY, key, chain));
+                    break;
+            case SECRET:
+            case SEALED:
+                    byte[]      b = new byte[dIn.readInt()];
+
+                    dIn.readFully(b);
+                    table.put(alias, new StoreEntry(alias, date, type, b, chain));
+                    break;
+            default:
+                    throw new IOException("Unknown object type in store.");
+            }
+
+            type = dIn.read();
+        }
+    }
+
+    protected void saveStore(
+        OutputStream    out)
+        throws IOException
+    {
+        Enumeration         e = table.elements();
+        DataOutputStream    dOut = new DataOutputStream(out);
+
+        while (e.hasMoreElements())
+        {
+            StoreEntry  entry = (StoreEntry)e.nextElement();
+
+            dOut.write(entry.getType());
+            dOut.writeUTF(entry.getAlias());
+            dOut.writeLong(entry.getDate().getTime());
+
+            Certificate[]   chain = entry.getCertificateChain();
+            if (chain == null)
+            {
+                dOut.writeInt(0);
+            }
+            else
+            {
+                dOut.writeInt(chain.length);
+                for (int i = 0; i != chain.length; i++)
+                {
+                    encodeCertificate(chain[i], dOut);
+                }
+            }
+
+            switch (entry.getType())
+            {
+            case CERTIFICATE:
+                    encodeCertificate((Certificate)entry.getObject(), dOut);
+                    break;
+            case KEY:
+                    encodeKey((Key)entry.getObject(), dOut);
+                    break;
+            case SEALED:
+            case SECRET:
+                    byte[]  b = (byte[])entry.getObject();
+
+                    dOut.writeInt(b.length);
+                    dOut.write(b);
+                    break;
+            default:
+                    throw new IOException("Unknown object type in store.");
+            }
+        }
+
+        dOut.write(NULL);
+    }
+
+    public void engineLoad(
+        InputStream stream,
+        char[]      password) 
+        throws IOException
+    {
+        table.clear();
+
+        if (stream == null)     // just initialising
+        {
+            return;
+        }
+
+        DataInputStream     dIn = new DataInputStream(stream);
+        int                 version = dIn.readInt();
+
+        if (version != STORE_VERSION)
+        {
+            if (version != 0 && version != 1)
+            {
+                throw new IOException("Wrong version of key store.");
+            }
+        }
+
+        int saltLength = dIn.readInt();
+        if (saltLength <= 0)
+        {
+            throw new IOException("Invalid salt detected");
+        }
+
+        byte[]      salt = new byte[saltLength];
+
+        dIn.readFully(salt);
+
+        int         iterationCount = dIn.readInt();
+
+        //
+        // we only do an integrity check if the password is provided.
+        //
+        HMac hMac = new HMac(new SHA1Digest());
+        if (password != null && password.length != 0)
+        {
+            byte[] passKey = PBEParametersGenerator.PKCS12PasswordToBytes(password);
+
+            PBEParametersGenerator pbeGen = new PKCS12ParametersGenerator(new SHA1Digest());
+            pbeGen.init(passKey, salt, iterationCount);
+
+            CipherParameters macParams;
+
+            if (version != 2)
+            {
+                macParams = pbeGen.generateDerivedMacParameters(hMac.getMacSize());
+            }
+            else
+            {
+                macParams = pbeGen.generateDerivedMacParameters(hMac.getMacSize() * 8);
+            }
+
+            Arrays.fill(passKey, (byte)0);
+
+            hMac.init(macParams);
+            MacInputStream mIn = new MacInputStream(dIn, hMac);
+
+            loadStore(mIn);
+
+            // Finalise our mac calculation
+            byte[] mac = new byte[hMac.getMacSize()];
+            hMac.doFinal(mac, 0);
+
+            // TODO Should this actually be reading the remainder of the stream?
+            // Read the original mac from the stream
+            byte[] oldMac = new byte[hMac.getMacSize()];
+            dIn.readFully(oldMac);
+
+            if (!Arrays.constantTimeAreEqual(mac, oldMac))
+            {
+                table.clear();
+                throw new IOException("KeyStore integrity check failed.");
+            }
+        }
+        else
+        {
+            loadStore(dIn);
+
+            // TODO Should this actually be reading the remainder of the stream?
+            // Parse the original mac from the stream too
+            byte[] oldMac = new byte[hMac.getMacSize()];
+            dIn.readFully(oldMac);
+        }
+    }
+
+
+    public void engineStore(OutputStream stream, char[] password) 
+        throws IOException
+    {
+        DataOutputStream    dOut = new DataOutputStream(stream);
+        byte[]              salt = new byte[STORE_SALT_SIZE];
+        int                 iterationCount = MIN_ITERATIONS + (random.nextInt() & 0x3ff);
+
+        random.nextBytes(salt);
+
+        dOut.writeInt(version);
+        dOut.writeInt(salt.length);
+        dOut.write(salt);
+        dOut.writeInt(iterationCount);
+
+        HMac                    hMac = new HMac(new SHA1Digest());
+        MacOutputStream         mOut = new MacOutputStream(hMac);
+        PBEParametersGenerator  pbeGen = new PKCS12ParametersGenerator(new SHA1Digest());
+        byte[]                  passKey = PBEParametersGenerator.PKCS12PasswordToBytes(password);
+
+        pbeGen.init(passKey, salt, iterationCount);
+
+        if (version < 2)
+        {
+            hMac.init(pbeGen.generateDerivedMacParameters(hMac.getMacSize()));
+        }
+        else
+        {
+            hMac.init(pbeGen.generateDerivedMacParameters(hMac.getMacSize() * 8));
+        }
+
+        for (int i = 0; i != passKey.length; i++)
+        {
+            passKey[i] = 0;
+        }
+
+        saveStore(new TeeOutputStream(dOut, mOut));
+
+        byte[]  mac = new byte[hMac.getMacSize()];
+
+        hMac.doFinal(mac, 0);
+
+        dOut.write(mac);
+
+        dOut.close();
+    }
+
+    /**
+     * the BouncyCastle store. This wont work with the key tool as the
+     * store is stored encrypted on disk, so the password is mandatory,
+     * however if you hard drive is in a bad part of town and you absolutely,
+     * positively, don't want nobody peeking at your things, this is the
+     * one to use, no problem! After all in a Bouncy Castle nothing can
+     * touch you.
+     *
+     * Also referred to by the alias UBER.
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class BouncyCastleStore
+        extends BcKeyStoreSpi
+    {
+        public BouncyCastleStore()
+        {
+            super(1);
+        }
+
+        public void engineLoad(
+            InputStream stream,
+            char[]      password) 
+            throws IOException
+        {
+            table.clear();
+    
+            if (stream == null)     // just initialising
+            {
+                return;
+            }
+    
+            DataInputStream     dIn = new DataInputStream(stream);
+            int                 version = dIn.readInt();
+    
+            if (version != STORE_VERSION)
+            {
+                if (version != 0 && version != 1)
+                {
+                    throw new IOException("Wrong version of key store.");
+                }
+            }
+    
+            byte[]      salt = new byte[dIn.readInt()];
+
+            if (salt.length != STORE_SALT_SIZE)
+            {
+                throw new IOException("Key store corrupted.");
+            }
+    
+            dIn.readFully(salt);
+    
+            int         iterationCount = dIn.readInt();
+    
+            if ((iterationCount < 0) || (iterationCount > (MIN_ITERATIONS << 6)))
+            {
+                throw new IOException("Key store corrupted.");
+            }
+    
+            String cipherAlg;
+            if (version == 0)
+            {
+                cipherAlg = "Old" + STORE_CIPHER;
+            }
+            else
+            {
+                cipherAlg = STORE_CIPHER;
+            }
+
+            Cipher cipher = this.makePBECipher(cipherAlg, Cipher.DECRYPT_MODE, password, salt, iterationCount);
+            CipherInputStream cIn = new CipherInputStream(dIn, cipher);
+
+            Digest dig = new SHA1Digest();
+            DigestInputStream  dgIn = new DigestInputStream(cIn, dig);
+    
+            this.loadStore(dgIn);
+
+            // Finalise our digest calculation
+            byte[] hash = new byte[dig.getDigestSize()];
+            dig.doFinal(hash, 0);
+
+            // TODO Should this actually be reading the remainder of the stream?
+            // Read the original digest from the stream
+            byte[] oldHash = new byte[dig.getDigestSize()];
+            Streams.readFully(cIn, oldHash);
+
+            if (!Arrays.constantTimeAreEqual(hash, oldHash))
+            {
+                table.clear();
+                throw new IOException("KeyStore integrity check failed.");
+            }
+        }
+
+        public void engineStore(OutputStream stream, char[] password) 
+            throws IOException
+        {
+            Cipher              cipher;
+            DataOutputStream    dOut = new DataOutputStream(stream);
+            byte[]              salt = new byte[STORE_SALT_SIZE];
+            int                 iterationCount = MIN_ITERATIONS + (random.nextInt() & 0x3ff);
+    
+            random.nextBytes(salt);
+    
+            dOut.writeInt(version);
+            dOut.writeInt(salt.length);
+            dOut.write(salt);
+            dOut.writeInt(iterationCount);
+    
+            cipher = this.makePBECipher(STORE_CIPHER, Cipher.ENCRYPT_MODE, password, salt, iterationCount);
+    
+            CipherOutputStream  cOut = new CipherOutputStream(dOut, cipher);
+            DigestOutputStream  dgOut = new DigestOutputStream(new SHA1Digest());
+    
+            this.saveStore(new TeeOutputStream(cOut, dgOut));
+    
+            byte[]  dig = dgOut.getDigest();
+
+            cOut.write(dig);
+    
+            cOut.close();
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Std
+       extends BcKeyStoreSpi
+    {
+        public Std()
+        {
+            super(STORE_VERSION);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Version1
+        extends BcKeyStoreSpi
+    {
+        public Version1()
+        {
+            super(1);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java
new file mode 100644
index 0000000..2354e19
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/keystore/pkcs12/PKCS12KeyStoreSpi.java

@@ -0,0 +1,1889 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.keystore.pkcs12;
+
+import java.io.BufferedInputStream;
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+import java.math.BigInteger;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.Key;
+import java.security.KeyStore;
+import java.security.KeyStore.LoadStoreParameter;
+import java.security.KeyStore.ProtectionParameter;
+import java.security.KeyStoreException;
+import java.security.KeyStoreSpi;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.Principal;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.SecureRandom;
+import java.security.UnrecoverableKeyException;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+import java.security.cert.X509Certificate;
+import java.security.spec.InvalidKeySpecException;
+import java.util.Collections;
+import java.util.Date;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Hashtable;
+import java.util.Map;
+import java.util.Set;
+import java.util.Vector;
+
+import javax.crypto.Cipher;
+import javax.crypto.Mac;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.SecretKey;
+import javax.crypto.SecretKeyFactory;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.PBEKeySpec;
+import javax.crypto.spec.PBEParameterSpec;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1InputStream;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1Set;
+import com.android.org.bouncycastle.asn1.BEROctetString;
+import com.android.org.bouncycastle.asn1.BEROutputStream;
+import com.android.org.bouncycastle.asn1.DERBMPString;
+import com.android.org.bouncycastle.asn1.DERNull;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+import com.android.org.bouncycastle.asn1.DEROutputStream;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.DERSet;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// import org.bouncycastle.asn1.cryptopro.GOST28147Parameters;
+import com.android.org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+// import org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.AuthenticatedSafe;
+import com.android.org.bouncycastle.asn1.pkcs.CertBag;
+import com.android.org.bouncycastle.asn1.pkcs.ContentInfo;
+import com.android.org.bouncycastle.asn1.pkcs.EncryptedData;
+import com.android.org.bouncycastle.asn1.pkcs.MacData;
+import com.android.org.bouncycastle.asn1.pkcs.PBES2Parameters;
+import com.android.org.bouncycastle.asn1.pkcs.PBKDF2Params;
+import com.android.org.bouncycastle.asn1.pkcs.PKCS12PBEParams;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.Pfx;
+import com.android.org.bouncycastle.asn1.pkcs.SafeBag;
+import com.android.org.bouncycastle.asn1.util.ASN1Dump;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
+import com.android.org.bouncycastle.asn1.x509.DigestInfo;
+import com.android.org.bouncycastle.asn1.x509.Extension;
+import com.android.org.bouncycastle.asn1.x509.SubjectKeyIdentifier;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import com.android.org.bouncycastle.asn1.x509.X509ObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.CryptoServicesRegistrar;
+import com.android.org.bouncycastle.crypto.Digest;
+// Android-changed: Use Android digests
+// import org.bouncycastle.crypto.util.DigestFactory;
+import com.android.org.bouncycastle.crypto.digests.AndroidDigestFactory;
+import com.android.org.bouncycastle.jcajce.PKCS12Key;
+import com.android.org.bouncycastle.jcajce.PKCS12StoreParameter;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec;
+import com.android.org.bouncycastle.jcajce.spec.PBKDF2KeySpec;
+import com.android.org.bouncycastle.jcajce.util.BCJcaJceHelper;
+import com.android.org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
+import com.android.org.bouncycastle.jcajce.util.JcaJceHelper;
+import com.android.org.bouncycastle.jce.interfaces.BCKeyStore;
+import com.android.org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
+import com.android.org.bouncycastle.jce.provider.BouncyCastleProvider;
+import com.android.org.bouncycastle.jce.provider.JDKPKCS12StoreParameter;
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Integers;
+import com.android.org.bouncycastle.util.Properties;
+import com.android.org.bouncycastle.util.Strings;
+import com.android.org.bouncycastle.util.encoders.Hex;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PKCS12KeyStoreSpi
+    extends KeyStoreSpi
+    implements PKCSObjectIdentifiers, X509ObjectIdentifiers, BCKeyStore
+{
+    static final String PKCS12_MAX_IT_COUNT_PROPERTY = "com.android.org.bouncycastle.pkcs12.max_it_count";
+
+    // Android-changed: Use default provider for JCA algorithms instead of BC
+    // Was: private final JcaJceHelper helper = new BCJcaJceHelper();
+    private final JcaJceHelper helper = new DefaultJcaJceHelper();
+
+    private static final int SALT_SIZE = 20;
+    private static final int MIN_ITERATIONS = 50 * 1024;
+
+    private static final DefaultSecretKeyProvider keySizeProvider = new DefaultSecretKeyProvider();
+
+    private IgnoresCaseHashtable keys = new IgnoresCaseHashtable();
+    private Hashtable localIds = new Hashtable();
+    private IgnoresCaseHashtable certs = new IgnoresCaseHashtable();
+    private Hashtable chainCerts = new Hashtable();
+    private Hashtable keyCerts = new Hashtable();
+
+    //
+    // generic object types
+    //
+    static final int NULL = 0;
+    static final int CERTIFICATE = 1;
+    static final int KEY = 2;
+    static final int SECRET = 3;
+    static final int SEALED = 4;
+
+    //
+    // key types
+    //
+    static final int KEY_PRIVATE = 0;
+    static final int KEY_PUBLIC = 1;
+    static final int KEY_SECRET = 2;
+
+    protected SecureRandom random = CryptoServicesRegistrar.getSecureRandom();
+
+    // use of final causes problems with JDK 1.2 compiler
+    private CertificateFactory certFact;
+    private ASN1ObjectIdentifier keyAlgorithm;
+    private ASN1ObjectIdentifier certAlgorithm;
+
+    private AlgorithmIdentifier macAlgorithm = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE);
+    private int itCount = 2 * MIN_ITERATIONS;
+    private int saltLength = 20;
+
+    private class CertId
+    {
+        byte[] id;
+
+        CertId(
+            PublicKey key)
+        {
+            this.id = createSubjectKeyId(key).getKeyIdentifier();
+        }
+
+        CertId(
+            byte[] id)
+        {
+            this.id = id;
+        }
+
+        public int hashCode()
+        {
+            return Arrays.hashCode(id);
+        }
+
+        public boolean equals(
+            Object o)
+        {
+            if (o == this)
+            {
+                return true;
+            }
+
+            if (!(o instanceof CertId))
+            {
+                return false;
+            }
+
+            CertId cId = (CertId)o;
+
+            return Arrays.areEqual(id, cId.id);
+        }
+    }
+
+    public PKCS12KeyStoreSpi(
+        JcaJceHelper helper,
+        ASN1ObjectIdentifier keyAlgorithm,
+        ASN1ObjectIdentifier certAlgorithm)
+    {
+        this.keyAlgorithm = keyAlgorithm;
+        this.certAlgorithm = certAlgorithm;
+
+        try
+        {
+            certFact = helper.createCertificateFactory("X.509");
+        }
+        catch (Exception e)
+        {
+            throw new IllegalArgumentException("can't create cert factory - " + e.toString());
+        }
+    }
+
+    private SubjectKeyIdentifier createSubjectKeyId(
+        PublicKey pubKey)
+    {
+        try
+        {
+            SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(pubKey.getEncoded());
+
+            return new SubjectKeyIdentifier(getDigest(info));
+        }
+        catch (Exception e)
+        {
+            throw new RuntimeException("error creating key");
+        }
+    }
+
+    private static byte[] getDigest(SubjectPublicKeyInfo spki)
+    {
+        // Android-changed: Use Android digests
+        // Digest digest = DigestFactory.createSHA1();
+        Digest digest = AndroidDigestFactory.getSHA1();
+        byte[]  resBuf = new byte[digest.getDigestSize()];
+
+        byte[] bytes = spki.getPublicKeyData().getBytes();
+        digest.update(bytes, 0, bytes.length);
+        digest.doFinal(resBuf, 0);
+        return resBuf;
+    }
+
+    public void setRandom(
+        SecureRandom rand)
+    {
+        this.random = rand;
+    }
+
+    public Enumeration engineAliases()
+    {
+        Hashtable tab = new Hashtable();
+
+        Enumeration e = certs.keys();
+        while (e.hasMoreElements())
+        {
+            tab.put(e.nextElement(), "cert");
+        }
+
+        e = keys.keys();
+        while (e.hasMoreElements())
+        {
+            String a = (String)e.nextElement();
+            if (tab.get(a) == null)
+            {
+                tab.put(a, "key");
+            }
+        }
+
+        return tab.keys();
+    }
+
+    public boolean engineContainsAlias(
+        String alias)
+    {
+        return (certs.get(alias) != null || keys.get(alias) != null);
+    }
+
+    /**
+     * this is not quite complete - we should follow up on the chain, a bit
+     * tricky if a certificate appears in more than one chain... the store method
+     * now prunes out unused certificates from the chain map if they are present.
+     */
+    public void engineDeleteEntry(
+        String alias)
+        throws KeyStoreException
+    {
+        Key k = (Key)keys.remove(alias);
+
+        Certificate c = (Certificate)certs.remove(alias);
+
+        if (c != null)
+        {
+            chainCerts.remove(new CertId(c.getPublicKey()));
+        }
+
+        if (k != null)
+        {
+            String id = (String)localIds.remove(alias);
+            if (id != null)
+            {
+                c = (Certificate)keyCerts.remove(id);
+            }
+            if (c != null)
+            {
+                chainCerts.remove(new CertId(c.getPublicKey()));
+            }
+        }
+    }
+
+    /**
+     * simply return the cert for the private key
+     */
+    public Certificate engineGetCertificate(
+        String alias)
+    {
+        if (alias == null)
+        {
+            throw new IllegalArgumentException("null alias passed to getCertificate.");
+        }
+
+        Certificate c = (Certificate)certs.get(alias);
+
+        //
+        // look up the key table - and try the local key id
+        //
+        if (c == null)
+        {
+            String id = (String)localIds.get(alias);
+            if (id != null)
+            {
+                c = (Certificate)keyCerts.get(id);
+            }
+            else
+            {
+                c = (Certificate)keyCerts.get(alias);
+            }
+        }
+
+        return c;
+    }
+
+    public String engineGetCertificateAlias(
+        Certificate cert)
+    {
+        Enumeration c = certs.elements();
+        Enumeration k = certs.keys();
+
+        while (c.hasMoreElements())
+        {
+            Certificate tc = (Certificate)c.nextElement();
+            String ta = (String)k.nextElement();
+
+            if (tc.equals(cert))
+            {
+                return ta;
+            }
+        }
+
+        c = keyCerts.elements();
+        k = keyCerts.keys();
+
+        while (c.hasMoreElements())
+        {
+            Certificate tc = (Certificate)c.nextElement();
+            String ta = (String)k.nextElement();
+
+            if (tc.equals(cert))
+            {
+                return ta;
+            }
+        }
+
+        return null;
+    }
+
+    public Certificate[] engineGetCertificateChain(
+        String alias)
+    {
+        if (alias == null)
+        {
+            throw new IllegalArgumentException("null alias passed to getCertificateChain.");
+        }
+
+        if (!engineIsKeyEntry(alias))
+        {
+            return null;
+        }
+
+        Certificate c = engineGetCertificate(alias);
+
+        if (c != null)
+        {
+            Vector cs = new Vector();
+
+            while (c != null)
+            {
+                X509Certificate x509c = (X509Certificate)c;
+                Certificate nextC = null;
+
+                byte[] bytes = x509c.getExtensionValue(Extension.authorityKeyIdentifier.getId());
+                if (bytes != null)
+                {
+                    try
+                    {
+                        ASN1InputStream aIn = new ASN1InputStream(bytes);
+
+                        byte[] authBytes = ((ASN1OctetString)aIn.readObject()).getOctets();
+                        aIn = new ASN1InputStream(authBytes);
+
+                        AuthorityKeyIdentifier id = AuthorityKeyIdentifier.getInstance(aIn.readObject());
+                        if (id.getKeyIdentifier() != null)
+                        {
+                            nextC = (Certificate)chainCerts.get(new CertId(id.getKeyIdentifier()));
+                        }
+
+                    }
+                    catch (IOException e)
+                    {
+                        throw new RuntimeException(e.toString());
+                    }
+                }
+
+                if (nextC == null)
+                {
+                    //
+                    // no authority key id, try the Issuer DN
+                    //
+                    Principal i = x509c.getIssuerDN();
+                    Principal s = x509c.getSubjectDN();
+
+                    if (!i.equals(s))
+                    {
+                        Enumeration e = chainCerts.keys();
+
+                        while (e.hasMoreElements())
+                        {
+                            X509Certificate crt = (X509Certificate)chainCerts.get(e.nextElement());
+                            Principal sub = crt.getSubjectDN();
+                            if (sub.equals(i))
+                            {
+                                try
+                                {
+                                    x509c.verify(crt.getPublicKey());
+                                    nextC = crt;
+                                    break;
+                                }
+                                catch (Exception ex)
+                                {
+                                    // continue
+                                }
+                            }
+                        }
+                    }
+                }
+
+                if (cs.contains(c))
+                {
+                    c = null;          // we've got a certificate chain loop time to stop
+                }
+                else
+                {
+                    cs.addElement(c);
+                    if (nextC != c)     // self signed - end of the chain
+                    {
+                        c = nextC;
+                    }
+                    else
+                    {
+                        c = null;
+                    }
+                }
+            }
+
+            Certificate[] certChain = new Certificate[cs.size()];
+
+            for (int i = 0; i != certChain.length; i++)
+            {
+                certChain[i] = (Certificate)cs.elementAt(i);
+            }
+
+            return certChain;
+        }
+
+        return null;
+    }
+
+    public Date engineGetCreationDate(String alias)
+    {
+        if (alias == null)
+        {
+            throw new NullPointerException("alias == null");
+        }
+        if (keys.get(alias) == null && certs.get(alias) == null)
+        {
+            return null;
+        }
+        return new Date();
+    }
+
+    public Key engineGetKey(
+        String alias,
+        char[] password)
+        throws NoSuchAlgorithmException, UnrecoverableKeyException
+    {
+        if (alias == null)
+        {
+            throw new IllegalArgumentException("null alias passed to getKey.");
+        }
+
+        return (Key)keys.get(alias);
+    }
+
+    public boolean engineIsCertificateEntry(
+        String alias)
+    {
+        return (certs.get(alias) != null && keys.get(alias) == null);
+    }
+
+    public boolean engineIsKeyEntry(
+        String alias)
+    {
+        return (keys.get(alias) != null);
+    }
+
+    public void engineSetCertificateEntry(
+        String alias,
+        Certificate cert)
+        throws KeyStoreException
+    {
+        if (keys.get(alias) != null)
+        {
+            throw new KeyStoreException("There is a key entry with the name " + alias + ".");
+        }
+
+        certs.put(alias, cert);
+        chainCerts.put(new CertId(cert.getPublicKey()), cert);
+    }
+
+    public void engineSetKeyEntry(
+        String alias,
+        byte[] key,
+        Certificate[] chain)
+        throws KeyStoreException
+    {
+        throw new RuntimeException("operation not supported");
+    }
+
+    public void engineSetKeyEntry(
+        String alias,
+        Key key,
+        char[] password,
+        Certificate[] chain)
+        throws KeyStoreException
+    {
+        if (!(key instanceof PrivateKey))
+        {
+            throw new KeyStoreException("PKCS12 does not support non-PrivateKeys");
+        }
+
+        if ((key instanceof PrivateKey) && (chain == null))
+        {
+            throw new KeyStoreException("no certificate chain for private key");
+        }
+
+        if (keys.get(alias) != null)
+        {
+            engineDeleteEntry(alias);
+        }
+
+        keys.put(alias, key);
+        if (chain != null)
+        {
+            certs.put(alias, chain[0]);
+
+            for (int i = 0; i != chain.length; i++)
+            {
+                chainCerts.put(new CertId(chain[i].getPublicKey()), chain[i]);
+            }
+        }
+    }
+
+    public int engineSize()
+    {
+        Hashtable tab = new Hashtable();
+
+        Enumeration e = certs.keys();
+        while (e.hasMoreElements())
+        {
+            tab.put(e.nextElement(), "cert");
+        }
+
+        e = keys.keys();
+        while (e.hasMoreElements())
+        {
+            String a = (String)e.nextElement();
+            if (tab.get(a) == null)
+            {
+                tab.put(a, "key");
+            }
+        }
+
+        return tab.size();
+    }
+
+    protected PrivateKey unwrapKey(
+        AlgorithmIdentifier algId,
+        byte[] data,
+        char[] password,
+        boolean wrongPKCS12Zero)
+        throws IOException
+    {
+        ASN1ObjectIdentifier algorithm = algId.getAlgorithm();
+        try
+        {
+            if (algorithm.on(PKCSObjectIdentifiers.pkcs_12PbeIds))
+            {
+                PKCS12PBEParams pbeParams = PKCS12PBEParams.getInstance(algId.getParameters());
+                PBEParameterSpec defParams = new PBEParameterSpec(
+                    pbeParams.getIV(),
+                    validateIterationCount(pbeParams.getIterations()));
+
+                Cipher cipher = helper.createCipher(algorithm.getId());
+
+                PKCS12Key key = new PKCS12Key(password, wrongPKCS12Zero);
+
+                cipher.init(Cipher.UNWRAP_MODE, key, defParams);
+
+                // we pass "" as the key algorithm type as it is unknown at this point
+                return (PrivateKey)cipher.unwrap(data, "", Cipher.PRIVATE_KEY);
+            }
+            else if (algorithm.equals(PKCSObjectIdentifiers.id_PBES2))
+            {
+
+                Cipher cipher = createCipher(Cipher.UNWRAP_MODE, password, algId);
+
+                // we pass "" as the key algorithm type as it is unknown at this point
+                return (PrivateKey)cipher.unwrap(data, "", Cipher.PRIVATE_KEY);
+            }
+        }
+        catch (Exception e)
+        {
+            throw new IOException("exception unwrapping private key - " + e.toString());
+        }
+
+        throw new IOException("exception unwrapping private key - cannot recognise: " + algorithm);
+    }
+
+    protected byte[] wrapKey(
+        String algorithm,
+        Key key,
+        PKCS12PBEParams pbeParams,
+        char[] password)
+        throws IOException
+    {
+        PBEKeySpec pbeSpec = new PBEKeySpec(password);
+        byte[] out;
+
+        try
+        {
+            SecretKeyFactory keyFact =  helper.createSecretKeyFactory(algorithm);
+            PBEParameterSpec defParams = new PBEParameterSpec(
+                pbeParams.getIV(),
+                pbeParams.getIterations().intValue());
+
+            Cipher cipher = helper.createCipher(algorithm);
+
+            cipher.init(Cipher.WRAP_MODE, keyFact.generateSecret(pbeSpec), defParams);
+
+            out = cipher.wrap(key);
+        }
+        catch (Exception e)
+        {
+            throw new IOException("exception encrypting data - " + e.toString());
+        }
+
+        return out;
+    }
+
+    protected byte[] cryptData(
+        boolean forEncryption,
+        AlgorithmIdentifier algId,
+        char[] password,
+        boolean wrongPKCS12Zero,
+        byte[] data)
+        throws IOException
+    {
+        ASN1ObjectIdentifier algorithm = algId.getAlgorithm();
+        int mode = forEncryption ? Cipher.ENCRYPT_MODE : Cipher.DECRYPT_MODE;
+
+        if (algorithm.on(PKCSObjectIdentifiers.pkcs_12PbeIds))
+        {
+            PKCS12PBEParams pbeParams = PKCS12PBEParams.getInstance(algId.getParameters());
+            try
+            {
+                PBEParameterSpec defParams = new PBEParameterSpec(
+                    pbeParams.getIV(),
+                    pbeParams.getIterations().intValue());
+                PKCS12Key key = new PKCS12Key(password, wrongPKCS12Zero);
+
+                Cipher cipher = helper.createCipher(algorithm.getId());
+
+                cipher.init(mode, key, defParams);
+                return cipher.doFinal(data);
+            }
+            catch (Exception e)
+            {
+                throw new IOException("exception decrypting data - " + e.toString());
+            }
+        }
+        else  if (algorithm.equals(PKCSObjectIdentifiers.id_PBES2))
+        {
+            try
+            {
+                Cipher cipher = createCipher(mode, password, algId);
+
+                return cipher.doFinal(data);
+            }
+            catch (Exception e)
+            {
+                throw new IOException("exception decrypting data - " + e.toString());
+            }
+        }
+        else
+        {
+            throw new IOException("unknown PBE algorithm: " + algorithm);
+        }
+    }
+
+    private Cipher createCipher(int mode, char[] password, AlgorithmIdentifier algId)
+        throws NoSuchAlgorithmException, InvalidKeySpecException, NoSuchPaddingException, InvalidKeyException, InvalidAlgorithmParameterException, NoSuchProviderException
+    {
+        PBES2Parameters alg = PBES2Parameters.getInstance(algId.getParameters());
+        PBKDF2Params func = PBKDF2Params.getInstance(alg.getKeyDerivationFunc().getParameters());
+        AlgorithmIdentifier encScheme = AlgorithmIdentifier.getInstance(alg.getEncryptionScheme());
+
+        SecretKeyFactory keyFact = helper.createSecretKeyFactory(alg.getKeyDerivationFunc().getAlgorithm().getId());
+        SecretKey key;
+
+        if (func.isDefaultPrf())
+        {
+            key = keyFact.generateSecret(new PBEKeySpec(password, func.getSalt(), validateIterationCount(func.getIterationCount()), keySizeProvider.getKeySize(encScheme)));
+        }
+        else
+        {
+            key = keyFact.generateSecret(new PBKDF2KeySpec(password, func.getSalt(), validateIterationCount(func.getIterationCount()), keySizeProvider.getKeySize(encScheme), func.getPrf()));
+        }
+
+        Cipher cipher = Cipher.getInstance(alg.getEncryptionScheme().getAlgorithm().getId());
+
+        ASN1Encodable encParams = alg.getEncryptionScheme().getParameters();
+        if (encParams instanceof ASN1OctetString)
+        {
+            cipher.init(mode, key, new IvParameterSpec(ASN1OctetString.getInstance(encParams).getOctets()));
+        }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        else
+        {
+            // TODO: at the moment it's just GOST, but...
+            GOST28147Parameters gParams = GOST28147Parameters.getInstance(encParams);
+
+            cipher.init(mode, key, new GOST28147ParameterSpec(gParams.getEncryptionParamSet(), gParams.getIV()));
+        }
+        */
+        // END Android-removed: Unsupported algorithms
+        return cipher;
+    }
+
+    public void engineLoad(
+        InputStream stream,
+        char[] password)
+        throws IOException
+    {
+        if (stream == null)     // just initialising
+        {
+            return;
+        }
+
+        if (password == null)
+        {
+            throw new NullPointerException("No password supplied for PKCS#12 KeyStore.");
+        }
+
+        BufferedInputStream bufIn = new BufferedInputStream(stream);
+
+        bufIn.mark(10);
+
+        int head = bufIn.read();
+
+        if (head != 0x30)
+        {
+            throw new IOException("stream does not represent a PKCS12 key store");
+        }
+
+        bufIn.reset();
+
+        ASN1InputStream bIn = new ASN1InputStream(bufIn);
+        
+        Pfx bag;
+        try
+        {
+            bag = Pfx.getInstance(bIn.readObject());
+        }
+        catch (Exception e)
+        {
+            throw new IOException(e.getMessage());
+        }
+
+        ContentInfo info = bag.getAuthSafe();
+        Vector chain = new Vector();
+        boolean unmarkedKey = false;
+        boolean wrongPKCS12Zero = false;
+
+        if (bag.getMacData() != null)           // check the mac code
+        {
+            MacData mData = bag.getMacData();
+            DigestInfo dInfo = mData.getMac();
+            macAlgorithm = dInfo.getAlgorithmId();
+            byte[] salt = mData.getSalt();
+            itCount = validateIterationCount(mData.getIterationCount());
+            saltLength = salt.length;
+
+            byte[] data = ((ASN1OctetString)info.getContent()).getOctets();
+
+            try
+            {
+                byte[] res = calculatePbeMac(macAlgorithm.getAlgorithm(), salt, itCount, password, false, data);
+                byte[] dig = dInfo.getDigest();
+
+                if (!Arrays.constantTimeAreEqual(res, dig))
+                {
+                    if (password.length > 0)
+                    {
+                        throw new IOException("PKCS12 key store mac invalid - wrong password or corrupted file.");
+                    }
+
+                    // Try with incorrect zero length password
+                    res = calculatePbeMac(macAlgorithm.getAlgorithm(), salt, itCount, password, true, data);
+
+                    if (!Arrays.constantTimeAreEqual(res, dig))
+                    {
+                        throw new IOException("PKCS12 key store mac invalid - wrong password or corrupted file.");
+                    }
+
+                    wrongPKCS12Zero = true;
+                }
+            }
+            catch (IOException e)
+            {
+                throw e;
+            }
+            catch (Exception e)
+            {
+                throw new IOException("error constructing MAC: " + e.toString());
+            }
+        }
+
+        keys = new IgnoresCaseHashtable();
+        localIds = new Hashtable();
+
+        if (info.getContentType().equals(data))
+        {
+            bIn = new ASN1InputStream(((ASN1OctetString)info.getContent()).getOctets());
+
+            AuthenticatedSafe authSafe = AuthenticatedSafe.getInstance(bIn.readObject());
+            ContentInfo[] c = authSafe.getContentInfo();
+
+            for (int i = 0; i != c.length; i++)
+            {
+                if (c[i].getContentType().equals(data))
+                {
+                    ASN1InputStream dIn = new ASN1InputStream(((ASN1OctetString)c[i].getContent()).getOctets());
+                    ASN1Sequence seq = (ASN1Sequence)dIn.readObject();
+
+                    for (int j = 0; j != seq.size(); j++)
+                    {
+                        SafeBag b = SafeBag.getInstance(seq.getObjectAt(j));
+                        if (b.getBagId().equals(pkcs8ShroudedKeyBag))
+                        {
+                            com.android.org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo eIn = com.android.org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo.getInstance(b.getBagValue());
+                            PrivateKey privKey = unwrapKey(eIn.getEncryptionAlgorithm(), eIn.getEncryptedData(), password, wrongPKCS12Zero);
+
+                            //
+                            // set the attributes on the key
+                            //
+                            String alias = null;
+                            ASN1OctetString localId = null;
+
+                            if (b.getBagAttributes() != null)
+                            {
+                                Enumeration e = b.getBagAttributes().getObjects();
+                                while (e.hasMoreElements())
+                                {
+                                    ASN1Sequence sq = (ASN1Sequence)e.nextElement();
+                                    ASN1ObjectIdentifier aOid = (ASN1ObjectIdentifier)sq.getObjectAt(0);
+                                    ASN1Set attrSet = (ASN1Set)sq.getObjectAt(1);
+                                    ASN1Primitive attr = null;
+
+                                    if (attrSet.size() > 0)
+                                    {
+                                        attr = (ASN1Primitive)attrSet.getObjectAt(0);
+
+                                        if (privKey instanceof PKCS12BagAttributeCarrier)
+                                        {
+                                            PKCS12BagAttributeCarrier bagAttr = (PKCS12BagAttributeCarrier)privKey;
+                                            ASN1Encodable existing = bagAttr.getBagAttribute(aOid);
+                                            if (existing != null)
+                                            {
+                                                // OK, but the value has to be the same
+                                                if (!existing.toASN1Primitive().equals(attr))
+                                                {
+                                                    throw new IOException(
+                                                        "attempt to add existing attribute with different value");
+                                                }
+                                            }
+                                            else
+                                            {
+                                                bagAttr.setBagAttribute(aOid, attr);
+                                            }
+                                        }
+                                    }
+
+                                    if (aOid.equals(pkcs_9_at_friendlyName))
+                                    {
+                                        alias = ((DERBMPString)attr).getString();
+                                        keys.put(alias, privKey);
+                                    }
+                                    else if (aOid.equals(pkcs_9_at_localKeyId))
+                                    {
+                                        localId = (ASN1OctetString)attr;
+                                    }
+                                }
+                            }
+
+                            if (localId != null)
+                            {
+                                String name = new String(Hex.encode(localId.getOctets()));
+
+                                if (alias == null)
+                                {
+                                    keys.put(name, privKey);
+                                }
+                                else
+                                {
+                                    localIds.put(alias, name);
+                                }
+                            }
+                            else
+                            {
+                                unmarkedKey = true;
+                                keys.put("unmarked", privKey);
+                            }
+                        }
+                        else if (b.getBagId().equals(certBag))
+                        {
+                            chain.addElement(b);
+                        }
+                        else
+                        {
+                            System.out.println("extra in data " + b.getBagId());
+                            System.out.println(ASN1Dump.dumpAsString(b));
+                        }
+                    }
+                }
+                else if (c[i].getContentType().equals(encryptedData))
+                {
+                    EncryptedData d = EncryptedData.getInstance(c[i].getContent());
+                    byte[] octets = cryptData(false, d.getEncryptionAlgorithm(),
+                        password, wrongPKCS12Zero, d.getContent().getOctets());
+                    ASN1Sequence seq = (ASN1Sequence)ASN1Primitive.fromByteArray(octets);
+
+                    for (int j = 0; j != seq.size(); j++)
+                    {
+                        SafeBag b = SafeBag.getInstance(seq.getObjectAt(j));
+
+                        if (b.getBagId().equals(certBag))
+                        {
+                            chain.addElement(b);
+                        }
+                        else if (b.getBagId().equals(pkcs8ShroudedKeyBag))
+                        {
+                            com.android.org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo eIn = com.android.org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo.getInstance(b.getBagValue());
+                            PrivateKey privKey = unwrapKey(eIn.getEncryptionAlgorithm(), eIn.getEncryptedData(), password, wrongPKCS12Zero);
+
+                            //
+                            // set the attributes on the key
+                            //
+                            PKCS12BagAttributeCarrier bagAttr = (PKCS12BagAttributeCarrier)privKey;
+                            String alias = null;
+                            ASN1OctetString localId = null;
+
+                            Enumeration e = b.getBagAttributes().getObjects();
+                            while (e.hasMoreElements())
+                            {
+                                ASN1Sequence sq = (ASN1Sequence)e.nextElement();
+                                ASN1ObjectIdentifier aOid = (ASN1ObjectIdentifier)sq.getObjectAt(0);
+                                ASN1Set attrSet = (ASN1Set)sq.getObjectAt(1);
+                                ASN1Primitive attr = null;
+
+                                if (attrSet.size() > 0)
+                                {
+                                    attr = (ASN1Primitive)attrSet.getObjectAt(0);
+
+                                    ASN1Encodable existing = bagAttr.getBagAttribute(aOid);
+                                    if (existing != null)
+                                    {
+                                        // OK, but the value has to be the same
+                                        if (!existing.toASN1Primitive().equals(attr))
+                                        {
+                                            throw new IOException(
+                                                "attempt to add existing attribute with different value");
+                                        }
+                                    }
+                                    else
+                                    {
+                                        bagAttr.setBagAttribute(aOid, attr);
+                                    }
+                                }
+
+                                if (aOid.equals(pkcs_9_at_friendlyName))
+                                {
+                                    alias = ((DERBMPString)attr).getString();
+                                    keys.put(alias, privKey);
+                                }
+                                else if (aOid.equals(pkcs_9_at_localKeyId))
+                                {
+                                    localId = (ASN1OctetString)attr;
+                                }
+                            }
+
+                            String name = new String(Hex.encode(localId.getOctets()));
+
+                            if (alias == null)
+                            {
+                                keys.put(name, privKey);
+                            }
+                            else
+                            {
+                                localIds.put(alias, name);
+                            }
+                        }
+                        else if (b.getBagId().equals(keyBag))
+                        {
+                            com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo kInfo = com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo.getInstance(b.getBagValue());
+                            PrivateKey privKey = BouncyCastleProvider.getPrivateKey(kInfo);
+
+                            //
+                            // set the attributes on the key
+                            //
+                            PKCS12BagAttributeCarrier bagAttr = (PKCS12BagAttributeCarrier)privKey;
+                            String alias = null;
+                            ASN1OctetString localId = null;
+
+                            Enumeration e = b.getBagAttributes().getObjects();
+                            while (e.hasMoreElements())
+                            {
+                                ASN1Sequence sq = ASN1Sequence.getInstance(e.nextElement());
+                                ASN1ObjectIdentifier aOid = ASN1ObjectIdentifier.getInstance(sq.getObjectAt(0));
+                                ASN1Set attrSet = ASN1Set.getInstance(sq.getObjectAt(1));
+                                ASN1Primitive attr = null;
+
+                                if (attrSet.size() > 0)
+                                {
+                                    attr = (ASN1Primitive)attrSet.getObjectAt(0);
+
+                                    ASN1Encodable existing = bagAttr.getBagAttribute(aOid);
+                                    if (existing != null)
+                                    {
+                                        // OK, but the value has to be the same
+                                        if (!existing.toASN1Primitive().equals(attr))
+                                        {
+                                            throw new IOException(
+                                                "attempt to add existing attribute with different value");
+                                        }
+                                    }
+                                    else
+                                    {
+                                        bagAttr.setBagAttribute(aOid, attr);
+                                    }
+
+                                    if (aOid.equals(pkcs_9_at_friendlyName))
+                                    {
+                                        alias = ((DERBMPString)attr).getString();
+                                        keys.put(alias, privKey);
+                                    }
+                                    else if (aOid.equals(pkcs_9_at_localKeyId))
+                                    {
+                                        localId = (ASN1OctetString)attr;
+                                    }
+                                }
+                            }
+
+                            String name = new String(Hex.encode(localId.getOctets()));
+
+                            if (alias == null)
+                            {
+                                keys.put(name, privKey);
+                            }
+                            else
+                            {
+                                localIds.put(alias, name);
+                            }
+                        }
+                        else
+                        {
+                            System.out.println("extra in encryptedData " + b.getBagId());
+                            System.out.println(ASN1Dump.dumpAsString(b));
+                        }
+                    }
+                }
+                else
+                {
+                    System.out.println("extra " + c[i].getContentType().getId());
+                    System.out.println("extra " + ASN1Dump.dumpAsString(c[i].getContent()));
+                }
+            }
+        }
+
+        certs = new IgnoresCaseHashtable();
+        chainCerts = new Hashtable();
+        keyCerts = new Hashtable();
+
+        for (int i = 0; i != chain.size(); i++)
+        {
+            SafeBag b = (SafeBag)chain.elementAt(i);
+            CertBag cb = CertBag.getInstance(b.getBagValue());
+
+            if (!cb.getCertId().equals(x509Certificate))
+            {
+                throw new RuntimeException("Unsupported certificate type: " + cb.getCertId());
+            }
+
+            Certificate cert;
+
+            try
+            {
+                ByteArrayInputStream cIn = new ByteArrayInputStream(
+                    ((ASN1OctetString)cb.getCertValue()).getOctets());
+                cert = certFact.generateCertificate(cIn);
+            }
+            catch (Exception e)
+            {
+                throw new RuntimeException(e.toString());
+            }
+
+            //
+            // set the attributes
+            //
+            ASN1OctetString localId = null;
+            String alias = null;
+
+            if (b.getBagAttributes() != null)
+            {
+                Enumeration e = b.getBagAttributes().getObjects();
+                while (e.hasMoreElements())
+                {
+                    ASN1Sequence sq = ASN1Sequence.getInstance(e.nextElement());
+                    ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(sq.getObjectAt(0));
+                    ASN1Set attrSet = ASN1Set.getInstance(sq.getObjectAt(1));
+
+                    if (attrSet.size() > 0)   // sometimes this is empty!
+                    {
+                        ASN1Primitive attr = (ASN1Primitive)attrSet.getObjectAt(0);
+                        PKCS12BagAttributeCarrier bagAttr = null;
+
+                        if (cert instanceof PKCS12BagAttributeCarrier)
+                        {
+                            bagAttr = (PKCS12BagAttributeCarrier)cert;
+
+                            ASN1Encodable existing = bagAttr.getBagAttribute(oid);
+                            if (existing != null)
+                            {
+                                // OK, but the value has to be the same
+                                if (!existing.toASN1Primitive().equals(attr))
+                                {
+                                    throw new IOException(
+                                        "attempt to add existing attribute with different value");
+                                }
+                            }
+                            else
+                            {
+                                bagAttr.setBagAttribute(oid, attr);
+                            }
+                        }
+
+                        if (oid.equals(pkcs_9_at_friendlyName))
+                        {
+                            alias = ((DERBMPString)attr).getString();
+                        }
+                        else if (oid.equals(pkcs_9_at_localKeyId))
+                        {
+                            localId = (ASN1OctetString)attr;
+                        }
+                    }
+                }
+            }
+
+            chainCerts.put(new CertId(cert.getPublicKey()), cert);
+
+            if (unmarkedKey)
+            {
+                if (keyCerts.isEmpty())
+                {
+                    String name = new String(Hex.encode(createSubjectKeyId(cert.getPublicKey()).getKeyIdentifier()));
+
+                    keyCerts.put(name, cert);
+                    keys.put(name, keys.remove("unmarked"));
+                }
+            }
+            else
+            {
+                //
+                // the local key id needs to override the friendly name
+                //
+                if (localId != null)
+                {
+                    String name = new String(Hex.encode(localId.getOctets()));
+
+                    keyCerts.put(name, cert);
+                }
+                if (alias != null)
+                {
+                    certs.put(alias, cert);
+                }
+            }
+        }
+    }
+
+    private int validateIterationCount(BigInteger i)
+    {
+        int count = i.intValue();
+
+        if (count < 0)
+        {
+            throw new IllegalStateException("negative iteration count found");
+        }
+
+        BigInteger maxValue = Properties.asBigInteger(PKCS12_MAX_IT_COUNT_PROPERTY);
+        if (maxValue != null)
+        {
+            if (maxValue.intValue() < count)
+            {
+                throw new IllegalStateException("iteration count " + count + " greater than " + maxValue.intValue());
+            }
+        }
+
+        return count;
+    }
+
+    public void engineStore(LoadStoreParameter param)
+        throws IOException,
+        NoSuchAlgorithmException, CertificateException
+    {
+        if (param == null)
+        {
+            throw new IllegalArgumentException("'param' arg cannot be null");
+        }
+
+        if (!(param instanceof PKCS12StoreParameter || param instanceof JDKPKCS12StoreParameter))
+        {
+            throw new IllegalArgumentException(
+                "No support for 'param' of type " + param.getClass().getName());
+        }
+
+        PKCS12StoreParameter bcParam;
+
+        if (param instanceof PKCS12StoreParameter)
+        {
+            bcParam = (PKCS12StoreParameter)param;
+        }
+        else
+        {
+            bcParam = new PKCS12StoreParameter(((JDKPKCS12StoreParameter)param).getOutputStream(),
+                param.getProtectionParameter(), ((JDKPKCS12StoreParameter)param).isUseDEREncoding());
+        }
+
+        char[] password;
+        ProtectionParameter protParam = param.getProtectionParameter();
+        if (protParam == null)
+        {
+            password = null;
+        }
+        else if (protParam instanceof KeyStore.PasswordProtection)
+        {
+            password = ((KeyStore.PasswordProtection)protParam).getPassword();
+        }
+        else
+        {
+            throw new IllegalArgumentException(
+                "No support for protection parameter of type " + protParam.getClass().getName());
+        }
+
+        doStore(bcParam.getOutputStream(), password, bcParam.isForDEREncoding());
+    }
+
+    public void engineStore(OutputStream stream, char[] password)
+        throws IOException
+    {
+        doStore(stream, password, false);
+    }
+
+    private void doStore(OutputStream stream, char[] password, boolean useDEREncoding)
+        throws IOException
+    {
+        if (password == null)
+        {
+            throw new NullPointerException("No password supplied for PKCS#12 KeyStore.");
+        }
+
+        //
+        // handle the key
+        //
+        ASN1EncodableVector keyS = new ASN1EncodableVector();
+
+        Enumeration ks = keys.keys();
+
+        while (ks.hasMoreElements())
+        {
+            byte[] kSalt = new byte[SALT_SIZE];
+
+            random.nextBytes(kSalt);
+
+            String name = (String)ks.nextElement();
+            PrivateKey privKey = (PrivateKey)keys.get(name);
+            PKCS12PBEParams kParams = new PKCS12PBEParams(kSalt, MIN_ITERATIONS);
+            byte[] kBytes = wrapKey(keyAlgorithm.getId(), privKey, kParams, password);
+            AlgorithmIdentifier kAlgId = new AlgorithmIdentifier(keyAlgorithm, kParams.toASN1Primitive());
+            com.android.org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo kInfo = new com.android.org.bouncycastle.asn1.pkcs.EncryptedPrivateKeyInfo(kAlgId, kBytes);
+            boolean attrSet = false;
+            ASN1EncodableVector kName = new ASN1EncodableVector();
+
+            if (privKey instanceof PKCS12BagAttributeCarrier)
+            {
+                PKCS12BagAttributeCarrier bagAttrs = (PKCS12BagAttributeCarrier)privKey;
+                //
+                // make sure we are using the local alias on store
+                //
+                DERBMPString nm = (DERBMPString)bagAttrs.getBagAttribute(pkcs_9_at_friendlyName);
+                if (nm == null || !nm.getString().equals(name))
+                {
+                    bagAttrs.setBagAttribute(pkcs_9_at_friendlyName, new DERBMPString(name));
+                }
+
+                //
+                // make sure we have a local key-id
+                //
+                if (bagAttrs.getBagAttribute(pkcs_9_at_localKeyId) == null)
+                {
+                    Certificate ct = engineGetCertificate(name);
+
+                    bagAttrs.setBagAttribute(pkcs_9_at_localKeyId, createSubjectKeyId(ct.getPublicKey()));
+                }
+
+                Enumeration e = bagAttrs.getBagAttributeKeys();
+
+                while (e.hasMoreElements())
+                {
+                    ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement();
+                    ASN1EncodableVector kSeq = new ASN1EncodableVector();
+
+                    kSeq.add(oid);
+                    kSeq.add(new DERSet(bagAttrs.getBagAttribute(oid)));
+
+                    attrSet = true;
+
+                    kName.add(new DERSequence(kSeq));
+                }
+            }
+
+            if (!attrSet)
+            {
+                //
+                // set a default friendly name (from the key id) and local id
+                //
+                ASN1EncodableVector kSeq = new ASN1EncodableVector();
+                Certificate ct = engineGetCertificate(name);
+
+                kSeq.add(pkcs_9_at_localKeyId);
+                kSeq.add(new DERSet(createSubjectKeyId(ct.getPublicKey())));
+
+                kName.add(new DERSequence(kSeq));
+
+                kSeq = new ASN1EncodableVector();
+
+                kSeq.add(pkcs_9_at_friendlyName);
+                kSeq.add(new DERSet(new DERBMPString(name)));
+
+                kName.add(new DERSequence(kSeq));
+            }
+
+            SafeBag kBag = new SafeBag(pkcs8ShroudedKeyBag, kInfo.toASN1Primitive(), new DERSet(kName));
+            keyS.add(kBag);
+        }
+
+        byte[] keySEncoded = new DERSequence(keyS).getEncoded(ASN1Encoding.DER);
+        BEROctetString keyString = new BEROctetString(keySEncoded);
+
+        //
+        // certificate processing
+        //
+        byte[] cSalt = new byte[SALT_SIZE];
+
+        random.nextBytes(cSalt);
+
+        ASN1EncodableVector certSeq = new ASN1EncodableVector();
+        PKCS12PBEParams cParams = new PKCS12PBEParams(cSalt, MIN_ITERATIONS);
+        AlgorithmIdentifier cAlgId = new AlgorithmIdentifier(certAlgorithm, cParams.toASN1Primitive());
+        Hashtable doneCerts = new Hashtable();
+
+        Enumeration cs = keys.keys();
+        while (cs.hasMoreElements())
+        {
+            try
+            {
+                String name = (String)cs.nextElement();
+                Certificate cert = engineGetCertificate(name);
+                boolean cAttrSet = false;
+                CertBag cBag = new CertBag(
+                    x509Certificate,
+                    new DEROctetString(cert.getEncoded()));
+                ASN1EncodableVector fName = new ASN1EncodableVector();
+
+                if (cert instanceof PKCS12BagAttributeCarrier)
+                {
+                    PKCS12BagAttributeCarrier bagAttrs = (PKCS12BagAttributeCarrier)cert;
+                    //
+                    // make sure we are using the local alias on store
+                    //
+                    DERBMPString nm = (DERBMPString)bagAttrs.getBagAttribute(pkcs_9_at_friendlyName);
+                    if (nm == null || !nm.getString().equals(name))
+                    {
+                        bagAttrs.setBagAttribute(pkcs_9_at_friendlyName, new DERBMPString(name));
+                    }
+
+                    //
+                    // make sure we have a local key-id
+                    //
+                    if (bagAttrs.getBagAttribute(pkcs_9_at_localKeyId) == null)
+                    {
+                        bagAttrs.setBagAttribute(pkcs_9_at_localKeyId, createSubjectKeyId(cert.getPublicKey()));
+                    }
+
+                    Enumeration e = bagAttrs.getBagAttributeKeys();
+
+                    while (e.hasMoreElements())
+                    {
+                        ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement();
+                        ASN1EncodableVector fSeq = new ASN1EncodableVector();
+
+                        fSeq.add(oid);
+                        fSeq.add(new DERSet(bagAttrs.getBagAttribute(oid)));
+                        fName.add(new DERSequence(fSeq));
+
+                        cAttrSet = true;
+                    }
+                }
+
+                if (!cAttrSet)
+                {
+                    ASN1EncodableVector fSeq = new ASN1EncodableVector();
+
+                    fSeq.add(pkcs_9_at_localKeyId);
+                    fSeq.add(new DERSet(createSubjectKeyId(cert.getPublicKey())));
+                    fName.add(new DERSequence(fSeq));
+
+                    fSeq = new ASN1EncodableVector();
+
+                    fSeq.add(pkcs_9_at_friendlyName);
+                    fSeq.add(new DERSet(new DERBMPString(name)));
+
+                    fName.add(new DERSequence(fSeq));
+                }
+
+                SafeBag sBag = new SafeBag(certBag, cBag.toASN1Primitive(), new DERSet(fName));
+
+                certSeq.add(sBag);
+
+                doneCerts.put(cert, cert);
+            }
+            catch (CertificateEncodingException e)
+            {
+                throw new IOException("Error encoding certificate: " + e.toString());
+            }
+        }
+
+        cs = certs.keys();
+        while (cs.hasMoreElements())
+        {
+            try
+            {
+                String certId = (String)cs.nextElement();
+                Certificate cert = (Certificate)certs.get(certId);
+                boolean cAttrSet = false;
+
+                if (keys.get(certId) != null)
+                {
+                    continue;
+                }
+
+                CertBag cBag = new CertBag(
+                    x509Certificate,
+                    new DEROctetString(cert.getEncoded()));
+                ASN1EncodableVector fName = new ASN1EncodableVector();
+
+                if (cert instanceof PKCS12BagAttributeCarrier)
+                {
+                    PKCS12BagAttributeCarrier bagAttrs = (PKCS12BagAttributeCarrier)cert;
+                    //
+                    // make sure we are using the local alias on store
+                    //
+                    DERBMPString nm = (DERBMPString)bagAttrs.getBagAttribute(pkcs_9_at_friendlyName);
+                    if (nm == null || !nm.getString().equals(certId))
+                    {
+                        bagAttrs.setBagAttribute(pkcs_9_at_friendlyName, new DERBMPString(certId));
+                    }
+
+                    Enumeration e = bagAttrs.getBagAttributeKeys();
+
+                    while (e.hasMoreElements())
+                    {
+                        ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement();
+
+                        // a certificate not immediately linked to a key doesn't require
+                        // a localKeyID and will confuse some PKCS12 implementations.
+                        //
+                        // If we find one, we'll prune it out.
+                        if (oid.equals(PKCSObjectIdentifiers.pkcs_9_at_localKeyId))
+                        {
+                            continue;
+                        }
+
+                        ASN1EncodableVector fSeq = new ASN1EncodableVector();
+
+                        fSeq.add(oid);
+                        fSeq.add(new DERSet(bagAttrs.getBagAttribute(oid)));
+                        fName.add(new DERSequence(fSeq));
+
+                        cAttrSet = true;
+                    }
+                }
+
+                if (!cAttrSet)
+                {
+                    ASN1EncodableVector fSeq = new ASN1EncodableVector();
+
+                    fSeq.add(pkcs_9_at_friendlyName);
+                    fSeq.add(new DERSet(new DERBMPString(certId)));
+
+                    fName.add(new DERSequence(fSeq));
+                }
+
+                SafeBag sBag = new SafeBag(certBag, cBag.toASN1Primitive(), new DERSet(fName));
+
+                certSeq.add(sBag);
+
+                doneCerts.put(cert, cert);
+            }
+            catch (CertificateEncodingException e)
+            {
+                throw new IOException("Error encoding certificate: " + e.toString());
+            }
+        }
+
+        Set usedSet = getUsedCertificateSet();
+
+        cs = chainCerts.keys();
+        while (cs.hasMoreElements())
+        {
+            try
+            {
+                CertId certId = (CertId)cs.nextElement();
+                Certificate cert = (Certificate)chainCerts.get(certId);
+
+                if (!usedSet.contains(cert))
+                {
+                    continue;
+                }
+
+                if (doneCerts.get(cert) != null)
+                {
+                    continue;
+                }
+
+                CertBag cBag = new CertBag(
+                    x509Certificate,
+                    new DEROctetString(cert.getEncoded()));
+                ASN1EncodableVector fName = new ASN1EncodableVector();
+
+                if (cert instanceof PKCS12BagAttributeCarrier)
+                {
+                    PKCS12BagAttributeCarrier bagAttrs = (PKCS12BagAttributeCarrier)cert;
+                    Enumeration e = bagAttrs.getBagAttributeKeys();
+
+                    while (e.hasMoreElements())
+                    {
+                        ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement();
+
+                        // a certificate not immediately linked to a key doesn't require
+                        // a localKeyID and will confuse some PKCS12 implementations.
+                        //
+                        // If we find one, we'll prune it out.
+                        if (oid.equals(PKCSObjectIdentifiers.pkcs_9_at_localKeyId))
+                        {
+                            continue;
+                        }
+
+                        ASN1EncodableVector fSeq = new ASN1EncodableVector();
+
+                        fSeq.add(oid);
+                        fSeq.add(new DERSet(bagAttrs.getBagAttribute(oid)));
+                        fName.add(new DERSequence(fSeq));
+                    }
+                }
+
+                SafeBag sBag = new SafeBag(certBag, cBag.toASN1Primitive(), new DERSet(fName));
+
+                certSeq.add(sBag);
+            }
+            catch (CertificateEncodingException e)
+            {
+                throw new IOException("Error encoding certificate: " + e.toString());
+            }
+        }
+
+        byte[] certSeqEncoded = new DERSequence(certSeq).getEncoded(ASN1Encoding.DER);
+        byte[] certBytes = cryptData(true, cAlgId, password, false, certSeqEncoded);
+        EncryptedData cInfo = new EncryptedData(data, cAlgId, new BEROctetString(certBytes));
+
+        ContentInfo[] info = new ContentInfo[]
+            {
+                new ContentInfo(data, keyString),
+                new ContentInfo(encryptedData, cInfo.toASN1Primitive())
+            };
+
+        AuthenticatedSafe auth = new AuthenticatedSafe(info);
+
+        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
+        DEROutputStream asn1Out;
+        if (useDEREncoding)
+        {
+            asn1Out = new DEROutputStream(bOut);
+        }
+        else
+        {
+            asn1Out = new BEROutputStream(bOut);
+        }
+
+        asn1Out.writeObject(auth);
+
+        byte[] pkg = bOut.toByteArray();
+
+        ContentInfo mainInfo = new ContentInfo(data, new BEROctetString(pkg));
+
+        //
+        // create the mac
+        //
+        byte[] mSalt = new byte[saltLength];
+
+        random.nextBytes(mSalt);
+
+        byte[] data = ((ASN1OctetString)mainInfo.getContent()).getOctets();
+
+        MacData mData;
+
+        try
+        {
+            byte[] res = calculatePbeMac(macAlgorithm.getAlgorithm(), mSalt, itCount, password, false, data);
+
+            DigestInfo dInfo = new DigestInfo(macAlgorithm, res);
+
+            mData = new MacData(dInfo, mSalt, itCount);
+        }
+        catch (Exception e)
+        {
+            throw new IOException("error constructing MAC: " + e.toString());
+        }
+
+        //
+        // output the Pfx
+        //
+        Pfx pfx = new Pfx(mainInfo, mData);
+
+        if (useDEREncoding)
+        {
+            asn1Out = new DEROutputStream(stream);
+        }
+        else
+        {
+            asn1Out = new BEROutputStream(stream);
+        }
+
+        asn1Out.writeObject(pfx);
+    }
+
+    private Set getUsedCertificateSet()
+    {
+        Set usedSet = new HashSet();
+
+        for (Enumeration en = keys.keys(); en.hasMoreElements();)
+        {
+            String alias = (String)en.nextElement();
+
+                Certificate[] certs = engineGetCertificateChain(alias);
+
+                for (int i = 0; i != certs.length; i++)
+                {
+                    usedSet.add(certs[i]);
+                }
+        }
+
+        for (Enumeration en = certs.keys(); en.hasMoreElements();)
+        {
+            String alias = (String)en.nextElement();
+
+            Certificate cert = engineGetCertificate(alias);
+
+            usedSet.add(cert);
+        }
+
+        return usedSet;
+    }
+
+    private byte[] calculatePbeMac(
+        ASN1ObjectIdentifier oid,
+        byte[] salt,
+        int itCount,
+        char[] password,
+        boolean wrongPkcs12Zero,
+        byte[] data)
+        throws Exception
+    {
+        PBEParameterSpec defParams = new PBEParameterSpec(salt, itCount);
+
+        Mac mac = helper.createMac(oid.getId());
+        mac.init(new PKCS12Key(password, wrongPkcs12Zero), defParams);
+        mac.update(data);
+
+        return mac.doFinal();
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class BCPKCS12KeyStore
+        extends PKCS12KeyStoreSpi
+    {
+        public BCPKCS12KeyStore()
+        {
+            // Android-changed: Use default provider for JCA algorithms instead of BC
+            // Was: super(new BCJcaJceHelper(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC);
+            super(new DefaultJcaJceHelper(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC);
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    public static class BCPKCS12KeyStore3DES
+        extends PKCS12KeyStoreSpi
+    {
+        public BCPKCS12KeyStore3DES()
+        {
+            super(new BCJcaJceHelper(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC);
+        }
+    }
+
+    public static class DefPKCS12KeyStore
+        extends PKCS12KeyStoreSpi
+    {
+        public DefPKCS12KeyStore()
+        {
+            super(new DefaultJcaJceHelper(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd40BitRC2_CBC);
+        }
+    }
+
+    public static class DefPKCS12KeyStore3DES
+        extends PKCS12KeyStoreSpi
+    {
+        public DefPKCS12KeyStore3DES()
+        {
+            super(new DefaultJcaJceHelper(), pbeWithSHAAnd3_KeyTripleDES_CBC, pbeWithSHAAnd3_KeyTripleDES_CBC);
+        }
+    }
+    */
+    // END android-removed
+
+    private static class IgnoresCaseHashtable
+    {
+        private Hashtable orig = new Hashtable();
+        private Hashtable keys = new Hashtable();
+
+        public void put(String key, Object value)
+        {
+            String lower = (key == null) ? null : Strings.toLowerCase(key);
+            String k = (String)keys.get(lower);
+            if (k != null)
+            {
+                orig.remove(k);
+            }
+
+            keys.put(lower, key);
+            orig.put(key, value);
+        }
+
+        public Enumeration keys()
+        {
+            return orig.keys();
+        }
+
+        public Object remove(String alias)
+        {
+            String k = (String)keys.remove(alias == null ? null : Strings.toLowerCase(alias));
+            if (k == null)
+            {
+                return null;
+            }
+
+            return orig.remove(k);
+        }
+
+        public Object get(String alias)
+        {
+            String k = (String)keys.get(alias == null ? null : Strings.toLowerCase(alias));
+            if (k == null)
+            {
+                return null;
+            }
+
+            return orig.get(k);
+        }
+
+        public Enumeration elements()
+        {
+            return orig.elements();
+        }
+    }
+
+    private static class DefaultSecretKeyProvider
+    {
+        private final Map KEY_SIZES;
+
+        DefaultSecretKeyProvider()
+        {
+            Map keySizes = new HashMap();
+
+            keySizes.put(new ASN1ObjectIdentifier("1.2.840.113533.7.66.10"), Integers.valueOf(128));
+
+            keySizes.put(PKCSObjectIdentifiers.des_EDE3_CBC, Integers.valueOf(192));
+
+            keySizes.put(NISTObjectIdentifiers.id_aes128_CBC, Integers.valueOf(128));
+            keySizes.put(NISTObjectIdentifiers.id_aes192_CBC, Integers.valueOf(192));
+            keySizes.put(NISTObjectIdentifiers.id_aes256_CBC, Integers.valueOf(256));
+
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            keySizes.put(NTTObjectIdentifiers.id_camellia128_cbc, Integers.valueOf(128));
+            keySizes.put(NTTObjectIdentifiers.id_camellia192_cbc, Integers.valueOf(192));
+            keySizes.put(NTTObjectIdentifiers.id_camellia256_cbc, Integers.valueOf(256));
+
+            keySizes.put(CryptoProObjectIdentifiers.gostR28147_gcfb, Integers.valueOf(256));
+            */
+            // END Android-removed: Unsupported algorithms
+
+            KEY_SIZES = Collections.unmodifiableMap(keySizes);
+        }
+
+        public int getKeySize(AlgorithmIdentifier algorithmIdentifier)
+        {
+            // TODO: not all ciphers/oid relationships are this simple.
+            Integer keySize = (Integer)KEY_SIZES.get(algorithmIdentifier.getAlgorithm());
+
+            if (keySize != null)
+            {
+                return keySize.intValue();
+            }
+
+            return -1;
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/AES.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/AES.java
new file mode 100644
index 0000000..604cd08
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/AES.java

@@ -0,0 +1,1155 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.symmetric;
+
+import java.io.IOException;
+// BEGIN Android-added: Needed for setting mode with GCM
+import java.security.NoSuchAlgorithmException;
+// END Android-added: Needed for setting mode with GCM
+import java.security.AlgorithmParameters;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.SecureRandom;
+import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.InvalidParameterSpecException;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.crypto.spec.IvParameterSpec;
+
+// BEGIN Android-added: Needed for setting padding with GCM
+import javax.crypto.NoSuchPaddingException;
+// END Android-added: Needed for setting padding with GCM
+import com.android.org.bouncycastle.asn1.bc.BCObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cms.CCMParameters;
+import com.android.org.bouncycastle.asn1.cms.GCMParameters;
+import com.android.org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.BlockCipher;
+import com.android.org.bouncycastle.crypto.BufferedBlockCipher;
+import com.android.org.bouncycastle.crypto.CipherKeyGenerator;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.DataLengthException;
+import com.android.org.bouncycastle.crypto.InvalidCipherTextException;
+import com.android.org.bouncycastle.crypto.Mac;
+import com.android.org.bouncycastle.crypto.engines.AESEngine;
+import com.android.org.bouncycastle.crypto.engines.AESWrapEngine;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.engines.AESWrapPadEngine;
+// import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
+// import org.bouncycastle.crypto.engines.RFC5649WrapEngine;
+// import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
+// import org.bouncycastle.crypto.macs.CMac;
+// import org.bouncycastle.crypto.macs.GMac;
+import com.android.org.bouncycastle.crypto.modes.CBCBlockCipher;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.modes.CCMBlockCipher;
+import com.android.org.bouncycastle.crypto.modes.CFBBlockCipher;
+import com.android.org.bouncycastle.crypto.modes.GCMBlockCipher;
+import com.android.org.bouncycastle.crypto.modes.OFBBlockCipher;
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseSecretKeyFactory;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory;
+import com.android.org.bouncycastle.jcajce.spec.AEADParameterSpec;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public final class AES
+{
+    private static final Map<String, String> generalAesAttributes = new HashMap<String, String>();
+
+    static
+    {
+        generalAesAttributes.put("SupportedKeyClasses", "javax.crypto.SecretKey");
+        generalAesAttributes.put("SupportedKeyFormats", "RAW");
+    }
+
+    private AES()
+    {
+    }
+    
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class ECB
+        extends BaseBlockCipher
+    {
+        public ECB()
+        {
+            super(new BlockCipherProvider()
+            {
+                public BlockCipher get()
+                {
+                    return new AESEngine();
+                }
+            });
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class CBC
+       extends BaseBlockCipher
+    {
+        public CBC()
+        {
+            super(new CBCBlockCipher(new AESEngine()), 128);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class CFB
+        extends BaseBlockCipher
+    {
+        public CFB()
+        {
+            super(new BufferedBlockCipher(new CFBBlockCipher(new AESEngine(), 128)), 128);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class OFB
+        extends BaseBlockCipher
+    {
+        public OFB()
+        {
+            super(new BufferedBlockCipher(new OFBBlockCipher(new AESEngine(), 128)), 128);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class GCM
+        extends BaseBlockCipher
+    {
+        public GCM()
+        {
+            super(new GCMBlockCipher(new AESEngine()));
+            // BEGIN Android-added: Set mode and padding due to name change (see note in Mappings)
+            try {
+                engineSetMode("GCM");
+                engineSetPadding("NoPadding");
+            } catch (NoSuchAlgorithmException | NoSuchPaddingException e) {
+                // this should not be possible
+                throw new RuntimeException("Could not set mode or padding for GCM mode", e);
+            }
+            // END Android-added: Set mode and padding due to name change (see note in Mappings)
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    static public class CCM
+        extends BaseBlockCipher
+    {
+        public CCM()
+        {
+            super(new CCMBlockCipher(new AESEngine()), false, 16);
+        }
+    }
+
+    public static class AESCMAC
+        extends BaseMac
+    {
+        public AESCMAC()
+        {
+            super(new CMac(new AESEngine()));
+        }
+    }
+
+    public static class AESGMAC
+        extends BaseMac
+    {
+        public AESGMAC()
+        {
+            super(new GMac(new GCMBlockCipher(new AESEngine())));
+        }
+    }
+
+    public static class AESCCMMAC
+        extends BaseMac
+    {
+        public AESCCMMAC()
+        {
+            super(new CCMMac());
+        }
+
+        private static class CCMMac
+            implements Mac
+        {
+            private final CCMBlockCipher ccm = new CCMBlockCipher(new AESEngine());
+
+            private int macLength = 8;
+
+            public void init(CipherParameters params)
+                throws IllegalArgumentException
+            {
+                ccm.init(true, params);
+
+                this.macLength = ccm.getMac().length;
+            }
+
+            public String getAlgorithmName()
+            {
+                return ccm.getAlgorithmName() + "Mac";
+            }
+
+            public int getMacSize()
+            {
+                return macLength;
+            }
+
+            public void update(byte in)
+                throws IllegalStateException
+            {
+                ccm.processAADByte(in);
+            }
+
+            public void update(byte[] in, int inOff, int len)
+                throws DataLengthException, IllegalStateException
+            {
+                ccm.processAADBytes(in, inOff, len);
+            }
+
+            public int doFinal(byte[] out, int outOff)
+                throws DataLengthException, IllegalStateException
+            {
+                try
+                {
+                    return ccm.doFinal(out, 0);
+                }
+                catch (InvalidCipherTextException e)
+                {
+                    throw new IllegalStateException("exception on doFinal(): " + e.toString());
+                }
+            }
+
+            public void reset()
+            {
+                ccm.reset();
+            }
+        }
+    }
+
+    static public class KeyFactory
+         extends BaseSecretKeyFactory
+    {
+        public KeyFactory()
+        {
+            super("AES", null);
+        }
+    }
+
+    public static class Poly1305
+        extends BaseMac
+    {
+        public Poly1305()
+        {
+            super(new org.bouncycastle.crypto.macs.Poly1305(new AESEngine()));
+        }
+    }
+
+    public static class Poly1305KeyGen
+        extends BaseKeyGenerator
+    {
+        public Poly1305KeyGen()
+        {
+            super("Poly1305-AES", 256, new Poly1305KeyGenerator());
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class Wrap
+        extends BaseWrapCipher
+    {
+        public Wrap()
+        {
+            super(new AESWrapEngine());
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    public static class WrapPad
+        extends BaseWrapCipher
+    {
+        public WrapPad()
+        {
+            super(new AESWrapPadEngine());
+        }
+    }
+
+    public static class RFC3211Wrap
+        extends BaseWrapCipher
+    {
+        public RFC3211Wrap()
+        {
+            super(new RFC3211WrapEngine(new AESEngine()), 16);
+        }
+    }
+
+    public static class RFC5649Wrap
+        extends BaseWrapCipher
+    {
+        public RFC5649Wrap()
+        {
+            super(new RFC5649WrapEngine(new AESEngine()));
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    /**
+     * PBEWithAES-CBC
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithAESCBC
+        extends BaseBlockCipher
+    {
+        public PBEWithAESCBC()
+        {
+            super(new CBCBlockCipher(new AESEngine()));
+        }
+    }
+
+    /**
+     * PBEWithSHA1AES-CBC
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHA1AESCBC128
+        extends BaseBlockCipher
+    {
+        public PBEWithSHA1AESCBC128()
+        {
+            super(new CBCBlockCipher(new AESEngine()), PKCS12, SHA1, 128, 16);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHA1AESCBC192
+        extends BaseBlockCipher
+    {
+        public PBEWithSHA1AESCBC192()
+        {
+            super(new CBCBlockCipher(new AESEngine()), PKCS12, SHA1, 192, 16);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHA1AESCBC256
+        extends BaseBlockCipher
+    {
+        public PBEWithSHA1AESCBC256()
+        {
+            super(new CBCBlockCipher(new AESEngine()), PKCS12, SHA1, 256, 16);
+        }
+    }
+
+    /**
+     * PBEWithSHA256AES-CBC
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHA256AESCBC128
+        extends BaseBlockCipher
+    {
+        public PBEWithSHA256AESCBC128()
+        {
+            super(new CBCBlockCipher(new AESEngine()), PKCS12, SHA256, 128, 16);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHA256AESCBC192
+        extends BaseBlockCipher
+    {
+        public PBEWithSHA256AESCBC192()
+        {
+            super(new CBCBlockCipher(new AESEngine()), PKCS12, SHA256, 192, 16);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHA256AESCBC256
+        extends BaseBlockCipher
+    {
+        public PBEWithSHA256AESCBC256()
+        {
+            super(new CBCBlockCipher(new AESEngine()), PKCS12, SHA256, 256, 16);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class KeyGen
+        extends BaseKeyGenerator
+    {
+        public KeyGen()
+        {
+            // Android-changed: Use 128-bit keys by default.
+            // Bouncy Castle defaults to 192-bit keys, which is the worst choice: worse security
+            // than 256-bit keys, slower than 128-bit keys, narrower support than either.
+            // Use 128-bit keys by default since they're faster and should still be plenty secure.
+            // this(192);
+            this(128);
+        }
+
+        public KeyGen(int keySize)
+        {
+            super("AES", keySize, new CipherKeyGenerator());
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    public static class KeyGen128
+        extends KeyGen
+    {
+        public KeyGen128()
+        {
+            super(128);
+        }
+    }
+
+    public static class KeyGen192
+        extends KeyGen
+    {
+        public KeyGen192()
+        {
+            super(192);
+        }
+    }
+
+    public static class KeyGen256
+        extends KeyGen
+    {
+        public KeyGen256()
+        {
+            super(256);
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+    
+    /**
+     * PBEWithSHA1And128BitAES-BC
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHAAnd128BitAESBC
+        extends PBESecretKeyFactory
+    {
+        public PBEWithSHAAnd128BitAESBC()
+        {
+            super("PBEWithSHA1And128BitAES-CBC-BC", null, true, PKCS12, SHA1, 128, 128);
+        }
+    }
+    
+    /**
+     * PBEWithSHA1And192BitAES-BC
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHAAnd192BitAESBC
+        extends PBESecretKeyFactory
+    {
+        public PBEWithSHAAnd192BitAESBC()
+        {
+            super("PBEWithSHA1And192BitAES-CBC-BC", null, true, PKCS12, SHA1, 192, 128);
+        }
+    }
+    
+    /**
+     * PBEWithSHA1And256BitAES-BC
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHAAnd256BitAESBC
+        extends PBESecretKeyFactory
+    {
+        public PBEWithSHAAnd256BitAESBC()
+        {
+            super("PBEWithSHA1And256BitAES-CBC-BC", null, true, PKCS12, SHA1, 256, 128);
+        }
+    }
+    
+    /**
+     * PBEWithSHA256And128BitAES-BC
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHA256And128BitAESBC
+        extends PBESecretKeyFactory
+    {
+        public PBEWithSHA256And128BitAESBC()
+        {
+            super("PBEWithSHA256And128BitAES-CBC-BC", null, true, PKCS12, SHA256, 128, 128);
+        }
+    }
+    
+    /**
+     * PBEWithSHA256And192BitAES-BC
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHA256And192BitAESBC
+        extends PBESecretKeyFactory
+    {
+        public PBEWithSHA256And192BitAESBC()
+        {
+            super("PBEWithSHA256And192BitAES-CBC-BC", null, true, PKCS12, SHA256, 192, 128);
+        }
+    }
+    
+    /**
+     * PBEWithSHA256And256BitAES-BC
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHA256And256BitAESBC
+        extends PBESecretKeyFactory
+    {
+        public PBEWithSHA256And256BitAESBC()
+        {
+            super("PBEWithSHA256And256BitAES-CBC-BC", null, true, PKCS12, SHA256, 256, 128);
+        }
+    }
+    
+    /**
+     * PBEWithMD5And128BitAES-OpenSSL
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithMD5And128BitAESCBCOpenSSL
+        extends PBESecretKeyFactory
+    {
+        public PBEWithMD5And128BitAESCBCOpenSSL()
+        {
+            super("PBEWithMD5And128BitAES-CBC-OpenSSL", null, true, OPENSSL, MD5, 128, 128);
+        }
+    }
+    
+    /**
+     * PBEWithMD5And192BitAES-OpenSSL
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithMD5And192BitAESCBCOpenSSL
+        extends PBESecretKeyFactory
+    {
+        public PBEWithMD5And192BitAESCBCOpenSSL()
+        {
+            super("PBEWithMD5And192BitAES-CBC-OpenSSL", null, true, OPENSSL, MD5, 192, 128);
+        }
+    }
+    
+    /**
+     * PBEWithMD5And256BitAES-OpenSSL
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithMD5And256BitAESCBCOpenSSL
+        extends PBESecretKeyFactory
+    {
+        public PBEWithMD5And256BitAESCBCOpenSSL()
+        {
+            super("PBEWithMD5And256BitAES-CBC-OpenSSL", null, true, OPENSSL, MD5, 256, 128);
+        }
+    }
+    
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    public static class AlgParamGen
+        extends BaseAlgorithmParameterGenerator
+    {
+        protected void engineInit(
+            AlgorithmParameterSpec genParamSpec,
+            SecureRandom random)
+            throws InvalidAlgorithmParameterException
+        {
+            throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation.");
+        }
+
+        protected AlgorithmParameters engineGenerateParameters()
+        {
+            byte[]  iv = new byte[16];
+
+            if (random == null)
+            {
+                random = new SecureRandom();
+            }
+
+            random.nextBytes(iv);
+
+            AlgorithmParameters params;
+
+            try
+            {
+                params = createParametersInstance("AES");
+                params.init(new IvParameterSpec(iv));
+            }
+            catch (Exception e)
+            {
+                throw new RuntimeException(e.getMessage());
+            }
+
+            return params;
+        }
+    }
+
+    public static class AlgParamGenCCM
+        extends BaseAlgorithmParameterGenerator
+    {
+        protected void engineInit(
+            AlgorithmParameterSpec genParamSpec,
+            SecureRandom random)
+            throws InvalidAlgorithmParameterException
+        {
+            // TODO: add support for GCMParameterSpec as a template.
+            throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation.");
+        }
+
+        protected AlgorithmParameters engineGenerateParameters()
+        {
+            byte[]  iv = new byte[12];
+
+            if (random == null)
+            {
+                random = new SecureRandom();
+            }
+
+            random.nextBytes(iv);
+
+            AlgorithmParameters params;
+
+            try
+            {
+                params = createParametersInstance("CCM");
+                params.init(new CCMParameters(iv, 12).getEncoded());
+            }
+            catch (Exception e)
+            {
+                throw new RuntimeException(e.getMessage());
+            }
+
+            return params;
+        }
+    }
+
+    public static class AlgParamGenGCM
+        extends BaseAlgorithmParameterGenerator
+    {
+        protected void engineInit(
+            AlgorithmParameterSpec genParamSpec,
+            SecureRandom random)
+            throws InvalidAlgorithmParameterException
+        {
+            // TODO: add support for GCMParameterSpec as a template.
+            throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for AES parameter generation.");
+        }
+
+        protected AlgorithmParameters engineGenerateParameters()
+        {
+            byte[]  nonce = new byte[12];
+
+            if (random == null)
+            {
+                random = new SecureRandom();
+            }
+
+            random.nextBytes(nonce);
+
+            AlgorithmParameters params;
+
+            try
+            {
+                params = createParametersInstance("GCM");
+                params.init(new GCMParameters(nonce, 16).getEncoded());
+            }
+            catch (Exception e)
+            {
+                throw new RuntimeException(e.getMessage());
+            }
+
+            return params;
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class AlgParams
+        extends IvAlgorithmParameters
+    {
+        protected String engineToString()
+        {
+            return "AES IV";
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class AlgParamsGCM
+        extends BaseAlgorithmParameters
+    {
+        private GCMParameters gcmParams;
+
+        protected void engineInit(AlgorithmParameterSpec paramSpec)
+            throws InvalidParameterSpecException
+        {
+            if (GcmSpecUtil.isGcmSpec(paramSpec))
+            {
+                gcmParams = GcmSpecUtil.extractGcmParameters(paramSpec);
+            }
+            else if (paramSpec instanceof AEADParameterSpec)
+            {
+                gcmParams = new GCMParameters(((AEADParameterSpec)paramSpec).getNonce(), ((AEADParameterSpec)paramSpec).getMacSizeInBits() / 8);
+            }
+            else
+            {
+                throw new InvalidParameterSpecException("AlgorithmParameterSpec class not recognized: " + paramSpec.getClass().getName());
+            }
+        }
+
+        protected void engineInit(byte[] params)
+            throws IOException
+        {
+            gcmParams = GCMParameters.getInstance(params);
+        }
+
+        protected void engineInit(byte[] params, String format)
+            throws IOException
+        {
+            if (!isASN1FormatString(format))
+            {
+                throw new IOException("unknown format specified");
+            }
+
+            gcmParams = GCMParameters.getInstance(params);
+        }
+
+        protected byte[] engineGetEncoded()
+            throws IOException
+        {
+            return gcmParams.getEncoded();
+        }
+
+        protected byte[] engineGetEncoded(String format)
+            throws IOException
+        {
+            if (!isASN1FormatString(format))
+            {
+                throw new IOException("unknown format specified");
+            }
+
+            return gcmParams.getEncoded();
+        }
+
+        protected String engineToString()
+        {
+            return "GCM";
+        }
+
+        protected AlgorithmParameterSpec localEngineGetParameterSpec(Class paramSpec)
+            throws InvalidParameterSpecException
+        {
+            if (paramSpec == AlgorithmParameterSpec.class || GcmSpecUtil.isGcmSpec(paramSpec))
+            {
+                if (GcmSpecUtil.gcmSpecExists())
+                {
+                    return GcmSpecUtil.extractGcmSpec(gcmParams.toASN1Primitive());
+                }
+                return new AEADParameterSpec(gcmParams.getNonce(), gcmParams.getIcvLen() * 8);
+            }
+            if (paramSpec == AEADParameterSpec.class)
+            {
+                return new AEADParameterSpec(gcmParams.getNonce(), gcmParams.getIcvLen() * 8);
+            }
+            if (paramSpec == IvParameterSpec.class)
+            {
+                return new IvParameterSpec(gcmParams.getNonce());
+            }
+
+            throw new InvalidParameterSpecException("AlgorithmParameterSpec not recognized: " + paramSpec.getName());
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    public static class AlgParamsCCM
+        extends BaseAlgorithmParameters
+    {
+        private CCMParameters ccmParams;
+
+        protected void engineInit(AlgorithmParameterSpec paramSpec)
+            throws InvalidParameterSpecException
+        {
+            if (GcmSpecUtil.isGcmSpec(paramSpec))
+            {
+                ccmParams = CCMParameters.getInstance(GcmSpecUtil.extractGcmParameters(paramSpec));
+            }
+            else if (paramSpec instanceof AEADParameterSpec)
+            {
+                ccmParams = new CCMParameters(((AEADParameterSpec)paramSpec).getNonce(), ((AEADParameterSpec)paramSpec).getMacSizeInBits() / 8);
+            }
+            else
+            {
+                throw new InvalidParameterSpecException("AlgorithmParameterSpec class not recognized: " + paramSpec.getClass().getName());
+            }
+        }
+
+        protected void engineInit(byte[] params)
+            throws IOException
+        {
+            ccmParams = CCMParameters.getInstance(params);
+        }
+
+        protected void engineInit(byte[] params, String format)
+            throws IOException
+        {
+            if (!isASN1FormatString(format))
+            {
+                throw new IOException("unknown format specified");
+            }
+
+            ccmParams = CCMParameters.getInstance(params);
+        }
+
+        protected byte[] engineGetEncoded()
+            throws IOException
+        {
+            return ccmParams.getEncoded();
+        }
+
+        protected byte[] engineGetEncoded(String format)
+            throws IOException
+        {
+            if (!isASN1FormatString(format))
+            {
+                throw new IOException("unknown format specified");
+            }
+
+            return ccmParams.getEncoded();
+        }
+
+        protected String engineToString()
+        {
+            return "CCM";
+        }
+
+        protected AlgorithmParameterSpec localEngineGetParameterSpec(Class paramSpec)
+            throws InvalidParameterSpecException
+        {
+            if (paramSpec == AlgorithmParameterSpec.class || GcmSpecUtil.isGcmSpec(paramSpec))
+            {
+                if (GcmSpecUtil.gcmSpecExists())
+                {
+                    return GcmSpecUtil.extractGcmSpec(ccmParams.toASN1Primitive());
+                }
+                return new AEADParameterSpec(ccmParams.getNonce(), ccmParams.getIcvLen() * 8);
+            }
+            if (paramSpec == AEADParameterSpec.class)
+            {
+                return new AEADParameterSpec(ccmParams.getNonce(), ccmParams.getIcvLen() * 8);
+            }
+            if (paramSpec == IvParameterSpec.class)
+            {
+                return new IvParameterSpec(ccmParams.getNonce());
+            }
+
+            throw new InvalidParameterSpecException("AlgorithmParameterSpec not recognized: " + paramSpec.getName());
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Mappings
+        extends SymmetricAlgorithmProvider
+    {
+        private static final String PREFIX = AES.class.getName();
+        
+        /**
+         * These three got introduced in some messages as a result of a typo in an
+         * early document. We don't produce anything using these OID values, but we'll
+         * read them.
+         */
+        private static final String wrongAES128 = "2.16.840.1.101.3.4.2";
+        private static final String wrongAES192 = "2.16.840.1.101.3.4.22";
+        private static final String wrongAES256 = "2.16.840.1.101.3.4.42";
+
+        public Mappings()
+        {
+        }
+
+        public void configure(ConfigurableProvider provider)
+        {
+            provider.addAlgorithm("AlgorithmParameters.AES", PREFIX + "$AlgParams");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + wrongAES128, "AES");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + wrongAES192, "AES");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + wrongAES256, "AES");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_CBC, "AES");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_CBC, "AES");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_CBC, "AES");
+
+            provider.addAlgorithm("AlgorithmParameters.GCM", PREFIX + "$AlgParamsGCM");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_GCM, "GCM");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_GCM, "GCM");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_GCM, "GCM");
+
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            provider.addAlgorithm("AlgorithmParameters.CCM", PREFIX + "$AlgParamsCCM");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes128_CCM, "CCM");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes192_CCM, "CCM");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + NISTObjectIdentifiers.id_aes256_CCM, "CCM");
+
+            provider.addAlgorithm("AlgorithmParameterGenerator.AES", PREFIX + "$AlgParamGen");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES128, "AES");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES192, "AES");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + wrongAES256, "AES");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CBC, "AES");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CBC, "AES");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CBC, "AES");
+            */
+            // END Android-removed: Unsupported algorithms
+
+            provider.addAttributes("Cipher.AES", generalAesAttributes);
+            provider.addAlgorithm("Cipher.AES", PREFIX + "$ECB");
+            provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES128, "AES");
+            provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES192, "AES");
+            provider.addAlgorithm("Alg.Alias.Cipher." + wrongAES256, "AES");
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$ECB");
+            provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$ECB");
+            provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$ECB");
+            provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$CBC");
+            provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$CBC");
+            provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$CBC");
+            provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$OFB");
+            provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$OFB");
+            provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$OFB");
+            provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$CFB");
+            provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$CFB");
+            provider.addAlgorithm("Cipher", NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$CFB");
+            */
+            // END Android-removed: Unsupported algorithms
+
+            provider.addAttributes("Cipher.AESWRAP", generalAesAttributes);
+            provider.addAlgorithm("Cipher.AESWRAP", PREFIX + "$Wrap");
+            provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes128_wrap, "AESWRAP");
+            provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes192_wrap, "AESWRAP");
+            provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes256_wrap, "AESWRAP");
+            provider.addAlgorithm("Alg.Alias.Cipher.AESKW", "AESWRAP");
+
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            provider.addAttributes("Cipher.AESWRAPPAD", generalAesAttributes);
+            provider.addAlgorithm("Cipher.AESWRAPPAD", PREFIX + "$WrapPad");
+            provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes128_wrap_pad, "AESWRAPPAD");
+            provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes192_wrap_pad, "AESWRAPPAD");
+            provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes256_wrap_pad, "AESWRAPPAD");
+            provider.addAlgorithm("Alg.Alias.Cipher.AESKWP", "AESWRAPPAD");
+
+            provider.addAlgorithm("Cipher.AESRFC3211WRAP", PREFIX + "$RFC3211Wrap");
+            provider.addAlgorithm("Cipher.AESRFC5649WRAP", PREFIX + "$RFC5649Wrap");
+
+            provider.addAlgorithm("AlgorithmParameterGenerator.CCM", PREFIX + "$AlgParamGenCCM");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_CCM, "CCM");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_CCM, "CCM");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_CCM, "CCM");
+
+            provider.addAttributes("Cipher.CCM", generalAesAttributes);
+            provider.addAlgorithm("Cipher.CCM", PREFIX + "$CCM");
+            provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes128_CCM, "CCM");
+            provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes192_CCM, "CCM");
+            provider.addAlgorithm("Alg.Alias.Cipher", NISTObjectIdentifiers.id_aes256_CCM, "CCM");
+
+            provider.addAlgorithm("AlgorithmParameterGenerator.GCM", PREFIX + "$AlgParamGenGCM");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes128_GCM, "GCM");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes192_GCM, "GCM");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + NISTObjectIdentifiers.id_aes256_GCM, "GCM");
+            */
+            // END Android-removed: Unsupported algorithms
+
+            // BEGIN Android-changed: Use standard name for AES/GCM/NOPADDING instead of "GCM"
+            provider.addAttributes("Cipher.AES/GCM/NOPADDING", generalAesAttributes);
+            provider.addAlgorithm("Cipher.AES/GCM/NOPADDING", PREFIX + "$GCM");
+            provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes128_GCM, "AES/GCM/NOPADDING");
+            provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes192_GCM, "AES/GCM/NOPADDING");
+            provider.addAlgorithm("Alg.Alias.Cipher." + NISTObjectIdentifiers.id_aes256_GCM, "AES/GCM/NOPADDING");
+            // END Android-changed: Use standard name for AES/GCM/NOPADDING instead of "GCM"
+
+            provider.addAlgorithm("KeyGenerator.AES", PREFIX + "$KeyGen");
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            provider.addAlgorithm("KeyGenerator." + wrongAES128, PREFIX + "$KeyGen128");
+            provider.addAlgorithm("KeyGenerator." + wrongAES192, PREFIX + "$KeyGen192");
+            provider.addAlgorithm("KeyGenerator." + wrongAES256, PREFIX + "$KeyGen256");
+            provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_ECB, PREFIX + "$KeyGen128");
+            provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_CBC, PREFIX + "$KeyGen128");
+            provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_OFB, PREFIX + "$KeyGen128");
+            provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_CFB, PREFIX + "$KeyGen128");
+            provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_ECB, PREFIX + "$KeyGen192");
+            provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_CBC, PREFIX + "$KeyGen192");
+            provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_OFB, PREFIX + "$KeyGen192");
+            provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_CFB, PREFIX + "$KeyGen192");
+            provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_ECB, PREFIX + "$KeyGen256");
+            provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_CBC, PREFIX + "$KeyGen256");
+            provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_OFB, PREFIX + "$KeyGen256");
+            provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_CFB, PREFIX + "$KeyGen256");
+            provider.addAlgorithm("KeyGenerator.AESWRAP", PREFIX + "$KeyGen");
+            provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_wrap, PREFIX + "$KeyGen128");
+            provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_wrap, PREFIX + "$KeyGen192");
+            provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_wrap, PREFIX + "$KeyGen256");
+            provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_GCM, PREFIX + "$KeyGen128");
+            provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_GCM, PREFIX + "$KeyGen192");
+            provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_GCM, PREFIX + "$KeyGen256");
+            provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_CCM, PREFIX + "$KeyGen128");
+            provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_CCM, PREFIX + "$KeyGen192");
+            provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_CCM, PREFIX + "$KeyGen256");
+            provider.addAlgorithm("KeyGenerator.AESWRAPPAD", PREFIX + "$KeyGen");
+            provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes128_wrap_pad, PREFIX + "$KeyGen128");
+            provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes192_wrap_pad, PREFIX + "$KeyGen192");
+            provider.addAlgorithm("KeyGenerator", NISTObjectIdentifiers.id_aes256_wrap_pad, PREFIX + "$KeyGen256");
+
+            provider.addAlgorithm("Mac.AESCMAC", PREFIX + "$AESCMAC");
+
+            provider.addAlgorithm("Mac.AESCCMMAC", PREFIX + "$AESCCMMAC");
+            provider.addAlgorithm("Alg.Alias.Mac." + NISTObjectIdentifiers.id_aes128_CCM.getId(), "AESCCMMAC");
+            provider.addAlgorithm("Alg.Alias.Mac." + NISTObjectIdentifiers.id_aes192_CCM.getId(), "AESCCMMAC");
+            provider.addAlgorithm("Alg.Alias.Mac." + NISTObjectIdentifiers.id_aes256_CCM.getId(), "AESCCMMAC");
+            */
+            // END Android-removed: Unsupported algorithms
+
+            provider.addAlgorithm("Alg.Alias.Cipher", BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes128_cbc, "PBEWITHSHAAND128BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher", BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes192_cbc, "PBEWITHSHAAND192BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher", BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes256_cbc, "PBEWITHSHAAND256BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher", BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes128_cbc, "PBEWITHSHA256AND128BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher", BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes192_cbc, "PBEWITHSHA256AND192BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher", BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes256_cbc, "PBEWITHSHA256AND256BITAES-CBC-BC");
+
+            provider.addAlgorithm("Cipher.PBEWITHSHAAND128BITAES-CBC-BC", PREFIX + "$PBEWithSHA1AESCBC128");
+            provider.addAlgorithm("Cipher.PBEWITHSHAAND192BITAES-CBC-BC", PREFIX + "$PBEWithSHA1AESCBC192");
+            provider.addAlgorithm("Cipher.PBEWITHSHAAND256BITAES-CBC-BC", PREFIX + "$PBEWithSHA1AESCBC256");
+            provider.addAlgorithm("Cipher.PBEWITHSHA256AND128BITAES-CBC-BC", PREFIX + "$PBEWithSHA256AESCBC128");
+            provider.addAlgorithm("Cipher.PBEWITHSHA256AND192BITAES-CBC-BC", PREFIX + "$PBEWithSHA256AESCBC192");
+            provider.addAlgorithm("Cipher.PBEWITHSHA256AND256BITAES-CBC-BC", PREFIX + "$PBEWithSHA256AESCBC256");
+            
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1AND128BITAES-CBC-BC","PBEWITHSHAAND128BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1AND192BITAES-CBC-BC","PBEWITHSHAAND192BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1AND256BITAES-CBC-BC","PBEWITHSHAAND256BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA-1AND128BITAES-CBC-BC","PBEWITHSHAAND128BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA-1AND192BITAES-CBC-BC","PBEWITHSHAAND192BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA-1AND256BITAES-CBC-BC","PBEWITHSHAAND256BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHAAND128BITAES-BC","PBEWITHSHAAND128BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHAAND192BITAES-BC", "PBEWITHSHAAND192BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHAAND256BITAES-BC", "PBEWITHSHAAND256BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1AND128BITAES-BC","PBEWITHSHAAND128BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1AND192BITAES-BC","PBEWITHSHAAND192BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1AND256BITAES-BC","PBEWITHSHAAND256BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA-1AND128BITAES-BC","PBEWITHSHAAND128BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA-1AND192BITAES-BC","PBEWITHSHAAND192BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA-1AND256BITAES-BC","PBEWITHSHAAND256BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA-256AND128BITAES-CBC-BC","PBEWITHSHA256AND128BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA-256AND192BITAES-CBC-BC","PBEWITHSHA256AND192BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA-256AND256BITAES-CBC-BC","PBEWITHSHA256AND256BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA256AND128BITAES-BC","PBEWITHSHA256AND128BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA256AND192BITAES-BC","PBEWITHSHA256AND192BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA256AND256BITAES-BC","PBEWITHSHA256AND256BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA-256AND128BITAES-BC","PBEWITHSHA256AND128BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA-256AND192BITAES-BC","PBEWITHSHA256AND192BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA-256AND256BITAES-BC","PBEWITHSHA256AND256BITAES-CBC-BC");
+
+            provider.addAlgorithm("Cipher.PBEWITHMD5AND128BITAES-CBC-OPENSSL", PREFIX + "$PBEWithAESCBC");
+            provider.addAlgorithm("Cipher.PBEWITHMD5AND192BITAES-CBC-OPENSSL", PREFIX + "$PBEWithAESCBC");
+            provider.addAlgorithm("Cipher.PBEWITHMD5AND256BITAES-CBC-OPENSSL", PREFIX + "$PBEWithAESCBC");
+
+            // BEGIN Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("SecretKeyFactory.AES", PREFIX + "$KeyFactory");
+            // provider.addAlgorithm("SecretKeyFactory", NISTObjectIdentifiers.aes, PREFIX + "$KeyFactory");
+            // END Android-removed: Unsupported algorithms
+
+            provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5AND128BITAES-CBC-OPENSSL", PREFIX + "$PBEWithMD5And128BitAESCBCOpenSSL");
+            provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5AND192BITAES-CBC-OPENSSL", PREFIX + "$PBEWithMD5And192BitAESCBCOpenSSL");
+            provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5AND256BITAES-CBC-OPENSSL", PREFIX + "$PBEWithMD5And256BitAESCBCOpenSSL");
+            
+            provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND128BITAES-CBC-BC", PREFIX + "$PBEWithSHAAnd128BitAESBC");
+            provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND192BITAES-CBC-BC", PREFIX + "$PBEWithSHAAnd192BitAESBC");
+            provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND256BITAES-CBC-BC", PREFIX + "$PBEWithSHAAnd256BitAESBC");
+            provider.addAlgorithm("SecretKeyFactory.PBEWITHSHA256AND128BITAES-CBC-BC", PREFIX + "$PBEWithSHA256And128BitAESBC");
+            provider.addAlgorithm("SecretKeyFactory.PBEWITHSHA256AND192BITAES-CBC-BC", PREFIX + "$PBEWithSHA256And192BitAESBC");
+            provider.addAlgorithm("SecretKeyFactory.PBEWITHSHA256AND256BITAES-CBC-BC", PREFIX + "$PBEWithSHA256And256BitAESBC");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1AND128BITAES-CBC-BC","PBEWITHSHAAND128BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1AND192BITAES-CBC-BC","PBEWITHSHAAND192BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1AND256BITAES-CBC-BC","PBEWITHSHAAND256BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA-1AND128BITAES-CBC-BC","PBEWITHSHAAND128BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA-1AND192BITAES-CBC-BC","PBEWITHSHAAND192BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA-1AND256BITAES-CBC-BC","PBEWITHSHAAND256BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA-256AND128BITAES-CBC-BC","PBEWITHSHA256AND128BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA-256AND192BITAES-CBC-BC","PBEWITHSHA256AND192BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA-256AND256BITAES-CBC-BC","PBEWITHSHA256AND256BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA-256AND128BITAES-BC","PBEWITHSHA256AND128BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA-256AND192BITAES-BC","PBEWITHSHA256AND192BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA-256AND256BITAES-BC","PBEWITHSHA256AND256BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory", BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes128_cbc, "PBEWITHSHAAND128BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory", BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes192_cbc, "PBEWITHSHAAND192BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory", BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes256_cbc, "PBEWITHSHAAND256BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory", BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes128_cbc, "PBEWITHSHA256AND128BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory", BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes192_cbc, "PBEWITHSHA256AND192BITAES-CBC-BC");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory", BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes256_cbc, "PBEWITHSHA256AND256BITAES-CBC-BC");
+            
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND128BITAES-CBC-BC", "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND192BITAES-CBC-BC", "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND256BITAES-CBC-BC", "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHA256AND128BITAES-CBC-BC", "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHA256AND192BITAES-CBC-BC", "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHA256AND256BITAES-CBC-BC", "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHA1AND128BITAES-CBC-BC","PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHA1AND192BITAES-CBC-BC","PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHA1AND256BITAES-CBC-BC","PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHA-1AND128BITAES-CBC-BC","PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHA-1AND192BITAES-CBC-BC","PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHA-1AND256BITAES-CBC-BC","PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHA-256AND128BITAES-CBC-BC","PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHA-256AND192BITAES-CBC-BC","PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHA-256AND256BITAES-CBC-BC","PKCS12PBE"); 
+            
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes128_cbc.getId(), "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes192_cbc.getId(), "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha1_pkcs12_aes256_cbc.getId(), "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes128_cbc.getId(), "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes192_cbc.getId(), "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + BCObjectIdentifiers.bc_pbe_sha256_pkcs12_aes256_cbc.getId(), "PKCS12PBE");
+
+            // BEGIN Android-removed: Unsupported algorithms
+            // addGMacAlgorithm(provider, "AES", PREFIX + "$AESGMAC", PREFIX + "$KeyGen128");
+            // addPoly1305Algorithm(provider, "AES", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen");
+            // END Android-removed: Unsupported algorithms
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/ARC4.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/ARC4.java
new file mode 100644
index 0000000..2df70a5
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/ARC4.java

@@ -0,0 +1,143 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.symmetric;
+
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.CipherKeyGenerator;
+import com.android.org.bouncycastle.crypto.engines.RC4Engine;
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseStreamCipher;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory;
+import com.android.org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public final class ARC4
+{
+    private ARC4()
+    {
+    }
+    
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Base
+        extends BaseStreamCipher
+    {
+        public Base()
+        {
+            super(new RC4Engine(), 0);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class KeyGen
+        extends BaseKeyGenerator
+    {
+        public KeyGen()
+        {
+            // Android-changed: Use ARC4 for algorithm name to match name used in provider
+            // super("RC4", 128, new CipherKeyGenerator());
+            super("ARC4", 128, new CipherKeyGenerator());
+        }
+    }
+
+    /**
+     * PBEWithSHAAnd128BitRC4
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHAAnd128BitKeyFactory
+        extends PBESecretKeyFactory
+    {
+        public PBEWithSHAAnd128BitKeyFactory()
+        {
+            super("PBEWithSHAAnd128BitRC4", PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC4, true, PKCS12, SHA1, 128, 0);
+        }
+    }
+
+    /**
+     * PBEWithSHAAnd40BitRC4
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHAAnd40BitKeyFactory
+        extends PBESecretKeyFactory
+    {
+        public PBEWithSHAAnd40BitKeyFactory()
+        {
+            super("PBEWithSHAAnd128BitRC4", PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC4, true, PKCS12, SHA1, 40, 0);
+        }
+    }
+
+
+    /**
+     * PBEWithSHAAnd128BitRC4
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHAAnd128Bit
+        extends BaseStreamCipher
+    {
+        public PBEWithSHAAnd128Bit()
+        {
+            super(new RC4Engine(), 0, 128, SHA1);
+        }
+    }
+
+    /**
+     * PBEWithSHAAnd40BitRC4
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHAAnd40Bit
+        extends BaseStreamCipher
+    {
+        public PBEWithSHAAnd40Bit()
+        {
+            super(new RC4Engine(), 0, 40, SHA1);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Mappings
+        extends AlgorithmProvider
+    {
+        private static final String PREFIX = ARC4.class.getName();
+
+        public Mappings()
+        {
+        }
+
+        public void configure(ConfigurableProvider provider)
+        {
+            provider.addAlgorithm("Cipher.ARC4", PREFIX + "$Base");
+            provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.rc4, "ARC4");
+            provider.addAlgorithm("Alg.Alias.Cipher.ARCFOUR", "ARC4");
+            provider.addAlgorithm("Alg.Alias.Cipher.RC4", "ARC4");
+            provider.addAlgorithm("KeyGenerator.ARC4", PREFIX + "$KeyGen");
+            provider.addAlgorithm("Alg.Alias.KeyGenerator.RC4", "ARC4");
+            provider.addAlgorithm("Alg.Alias.KeyGenerator.1.2.840.113549.3.4", "ARC4");
+            provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND128BITRC4", PREFIX + "$PBEWithSHAAnd128BitKeyFactory");
+            provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND40BITRC4", PREFIX + "$PBEWithSHAAnd40BitKeyFactory");
+
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC4, "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC4, "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND40BITRC4", "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND128BITRC4", "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDRC4", "PKCS12PBE");
+            provider.addAlgorithm("Cipher.PBEWITHSHAAND128BITRC4", PREFIX + "$PBEWithSHAAnd128Bit");
+            provider.addAlgorithm("Cipher.PBEWITHSHAAND40BITRC4", PREFIX + "$PBEWithSHAAnd40Bit");
+
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory", PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC4, "PBEWITHSHAAND128BITRC4");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory", PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC4, "PBEWITHSHAAND40BITRC4");
+
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1AND128BITRC4", "PBEWITHSHAAND128BITRC4");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1AND40BITRC4", "PBEWITHSHAAND40BITRC4");
+
+            provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC4, "PBEWITHSHAAND128BITRC4");
+            provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC4, "PBEWITHSHAAND40BITRC4");
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java
new file mode 100644
index 0000000..a97f8e2
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/Blowfish.java

@@ -0,0 +1,114 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.symmetric;
+
+import com.android.org.bouncycastle.asn1.misc.MiscObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.CipherKeyGenerator;
+import com.android.org.bouncycastle.crypto.engines.BlowfishEngine;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.macs.CMac;
+import com.android.org.bouncycastle.crypto.modes.CBCBlockCipher;
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
+import com.android.org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public final class Blowfish
+{
+    private Blowfish()
+    {
+    }
+    
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class ECB
+        extends BaseBlockCipher
+    {
+        public ECB()
+        {
+            super(new BlowfishEngine());
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class CBC
+        extends BaseBlockCipher
+    {
+        public CBC()
+        {
+            super(new CBCBlockCipher(new BlowfishEngine()), 64);
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    public static class CMAC
+        extends BaseMac
+    {
+        public CMAC()
+        {
+            super(new CMac(new BlowfishEngine()));
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class KeyGen
+        extends BaseKeyGenerator
+    {
+        public KeyGen()
+        {
+            super("Blowfish", 128, new CipherKeyGenerator());
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class AlgParams
+        extends IvAlgorithmParameters
+    {
+        protected String engineToString()
+        {
+            return "Blowfish IV";
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Mappings
+        extends AlgorithmProvider
+    {
+        private static final String PREFIX = Blowfish.class.getName();
+
+        public Mappings()
+        {
+        }
+
+        public void configure(ConfigurableProvider provider)
+        {
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("Mac.BLOWFISHCMAC", PREFIX + "$CMAC");
+            provider.addAlgorithm("Cipher.BLOWFISH", PREFIX + "$ECB");
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("Cipher", MiscObjectIdentifiers.cryptlib_algorithm_blowfish_CBC, PREFIX + "$CBC");
+            provider.addAlgorithm("KeyGenerator.BLOWFISH", PREFIX + "$KeyGen");
+            provider.addAlgorithm("Alg.Alias.KeyGenerator", MiscObjectIdentifiers.cryptlib_algorithm_blowfish_CBC, "BLOWFISH");
+            provider.addAlgorithm("AlgorithmParameters.BLOWFISH", PREFIX + "$AlgParams");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters", MiscObjectIdentifiers.cryptlib_algorithm_blowfish_CBC, "BLOWFISH");
+
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/DES.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/DES.java
new file mode 100644
index 0000000..ac0f734
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/DES.java

@@ -0,0 +1,589 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.symmetric;
+
+import java.security.AlgorithmParameters;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.SecureRandom;
+import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.KeySpec;
+
+import javax.crypto.SecretKey;
+import javax.crypto.spec.DESKeySpec;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.PBEKeySpec;
+import javax.crypto.spec.SecretKeySpec;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.CryptoServicesRegistrar;
+import com.android.org.bouncycastle.crypto.KeyGenerationParameters;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.PasswordConverter;
+import com.android.org.bouncycastle.crypto.engines.DESEngine;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
+import com.android.org.bouncycastle.crypto.generators.DESKeyGenerator;
+import com.android.org.bouncycastle.crypto.macs.CBCBlockCipherMac;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
+// import org.bouncycastle.crypto.macs.CMac;
+// import org.bouncycastle.crypto.macs.ISO9797Alg3Mac;
+import com.android.org.bouncycastle.crypto.modes.CBCBlockCipher;
+import com.android.org.bouncycastle.crypto.paddings.ISO7816d4Padding;
+import com.android.org.bouncycastle.crypto.params.DESParameters;
+import com.android.org.bouncycastle.crypto.params.KeyParameter;
+import com.android.org.bouncycastle.crypto.params.ParametersWithIV;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jcajce.PBKDF1Key;
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BCPBEKey;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseSecretKeyFactory;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.PBE;
+import com.android.org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public final class DES
+{
+    private DES()
+    {
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class ECB
+        extends BaseBlockCipher
+    {
+        public ECB()
+        {
+            super(new DESEngine());
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class CBC
+        extends BaseBlockCipher
+    {
+        public CBC()
+        {
+            super(new CBCBlockCipher(new DESEngine()), 64);
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    /**
+     * DES   CFB8
+     *
+    public static class DESCFB8
+        extends BaseMac
+    {
+        public DESCFB8()
+        {
+            super(new CFBBlockCipherMac(new DESEngine()));
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    /**
+     * DES64
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class DES64
+        extends BaseMac
+    {
+        public DES64()
+        {
+            super(new CBCBlockCipherMac(new DESEngine(), 64));
+        }
+    }
+
+    /**
+     * DES64with7816-4Padding
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class DES64with7816d4
+        extends BaseMac
+    {
+        public DES64with7816d4()
+        {
+            super(new CBCBlockCipherMac(new DESEngine(), 64, new ISO7816d4Padding()));
+        }
+    }
+    
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class CBCMAC
+        extends BaseMac
+    {
+        public CBCMAC()
+        {
+            super(new CBCBlockCipherMac(new DESEngine()));
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    static public class CMAC
+        extends BaseMac
+    {
+        public CMAC()
+        {
+            super(new CMac(new DESEngine()));
+        }
+    }
+
+    /**
+     * DES9797Alg3with7816-4Padding
+     *
+    public static class DES9797Alg3with7816d4
+        extends BaseMac
+    {
+        public DES9797Alg3with7816d4()
+        {
+            super(new ISO9797Alg3Mac(new DESEngine(), new ISO7816d4Padding()));
+        }
+    }
+
+    /**
+     * DES9797Alg3
+     *
+    public static class DES9797Alg3
+        extends BaseMac
+    {
+        public DES9797Alg3()
+        {
+            super(new ISO9797Alg3Mac(new DESEngine()));
+        }
+    }
+
+    public static class RFC3211
+        extends BaseWrapCipher
+    {
+        public RFC3211()
+        {
+            super(new RFC3211WrapEngine(new DESEngine()), 8);
+        }
+    }
+
+    public static class AlgParamGen
+        extends BaseAlgorithmParameterGenerator
+    {
+        protected void engineInit(
+            AlgorithmParameterSpec genParamSpec,
+            SecureRandom            random)
+            throws InvalidAlgorithmParameterException
+        {
+            throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation.");
+        }
+
+        protected AlgorithmParameters engineGenerateParameters()
+        {
+            byte[]  iv = new byte[8];
+
+            if (random == null)
+            {
+                random = CryptoServicesRegistrar.getSecureRandom();
+            }
+
+            random.nextBytes(iv);
+
+            AlgorithmParameters params;
+
+            try
+            {
+                params = createParametersInstance("DES");
+                params.init(new IvParameterSpec(iv));
+            }
+            catch (Exception e)
+            {
+                throw new RuntimeException(e.getMessage());
+            }
+
+            return params;
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+  /**
+     * DES - the default for this is to generate a key in
+     * a-b-a format that's 24 bytes long but has 16 bytes of
+     * key material (the first 8 bytes is repeated as the last
+     * 8 bytes). If you give it a size, you'll get just what you
+     * asked for.
+ * @hide This class is not part of the Android public SDK API
+     */
+    public static class KeyGenerator
+        extends BaseKeyGenerator
+    {
+        public KeyGenerator()
+        {
+            super("DES", 64, new DESKeyGenerator());
+        }
+
+        protected void engineInit(
+            int             keySize,
+            SecureRandom random)
+        {
+            super.engineInit(keySize, random);
+        }
+
+        protected SecretKey engineGenerateKey()
+        {
+            if (uninitialised)
+            {
+                engine.init(new KeyGenerationParameters(CryptoServicesRegistrar.getSecureRandom(), defaultKeySize));
+                uninitialised = false;
+            }
+
+            return new SecretKeySpec(engine.generateKey(), algName);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class KeyFactory
+        extends BaseSecretKeyFactory
+    {
+        public KeyFactory()
+        {
+            super("DES", null);
+        }
+
+        protected KeySpec engineGetKeySpec(
+            SecretKey key,
+            Class keySpec)
+        throws InvalidKeySpecException
+        {
+            if (keySpec == null)
+            {
+                throw new InvalidKeySpecException("keySpec parameter is null");
+            }
+            if (key == null)
+            {
+                throw new InvalidKeySpecException("key parameter is null");
+            }
+
+            if (SecretKeySpec.class.isAssignableFrom(keySpec))
+            {
+                return new SecretKeySpec(key.getEncoded(), algName);
+            }
+            else if (DESKeySpec.class.isAssignableFrom(keySpec))
+            {
+                byte[]  bytes = key.getEncoded();
+
+                try
+                {
+                    return new DESKeySpec(bytes);
+                }
+                catch (Exception e)
+                {
+                    throw new InvalidKeySpecException(e.toString());
+                }
+            }
+
+            throw new InvalidKeySpecException("Invalid KeySpec");
+        }
+
+        protected SecretKey engineGenerateSecret(
+            KeySpec keySpec)
+        throws InvalidKeySpecException
+        {
+            if (keySpec instanceof DESKeySpec)
+            {
+                DESKeySpec desKeySpec = (DESKeySpec)keySpec;
+                return new SecretKeySpec(desKeySpec.getKey(), "DES");
+            }
+
+            return super.engineGenerateSecret(keySpec);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class DESPBEKeyFactory
+        extends BaseSecretKeyFactory
+    {
+        private boolean forCipher;
+        private int     scheme;
+        private int     digest;
+        private int     keySize;
+        private int     ivSize;
+
+        public DESPBEKeyFactory(
+            String              algorithm,
+            ASN1ObjectIdentifier oid,
+            boolean             forCipher,
+            int                 scheme,
+            int                 digest,
+            int                 keySize,
+            int                 ivSize)
+        {
+            super(algorithm, oid);
+
+            this.forCipher = forCipher;
+            this.scheme = scheme;
+            this.digest = digest;
+            this.keySize = keySize;
+            this.ivSize = ivSize;
+        }
+
+        protected SecretKey engineGenerateSecret(
+            KeySpec keySpec)
+        throws InvalidKeySpecException
+        {
+            if (keySpec instanceof PBEKeySpec)
+            {
+                PBEKeySpec pbeSpec = (PBEKeySpec)keySpec;
+                CipherParameters param;
+
+                if (pbeSpec.getSalt() == null)
+                {
+                    // BEGIN Android-removed: Unsupported algorithms
+                    /*
+                    if (scheme == PKCS5S1 || scheme == PKCS5S1_UTF8)
+                    {
+                        return new PBKDF1Key(pbeSpec.getPassword(),
+                            scheme == PKCS5S1 ? PasswordConverter.ASCII : PasswordConverter.UTF8);
+                    }
+                    else
+                    {
+                    */
+                    // END Android-removed: Unsupported algorithms
+                        return new BCPBEKey(this.algName, this.algOid, scheme, digest, keySize, ivSize, pbeSpec, null);
+                    /*
+                    }
+                    */
+                }
+
+                if (forCipher)
+                {
+                    param = PBE.Util.makePBEParameters(pbeSpec, scheme, digest, keySize, ivSize);
+                }
+                else
+                {
+                    param = PBE.Util.makePBEMacParameters(pbeSpec, scheme, digest, keySize);
+                }
+
+                KeyParameter kParam;
+                if (param instanceof ParametersWithIV)
+                {
+                    kParam = (KeyParameter)((ParametersWithIV)param).getParameters();
+                }
+                else
+                {
+                    kParam = (KeyParameter)param;
+                }
+
+                DESParameters.setOddParity(kParam.getKey());
+
+                return new BCPBEKey(this.algName, this.algOid, scheme, digest, keySize, ivSize, pbeSpec, param);
+            }
+
+            throw new InvalidKeySpecException("Invalid KeySpec");
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    /**
+     * PBEWithMD2AndDES
+     *
+    static public class PBEWithMD2KeyFactory
+        extends DESPBEKeyFactory
+    {
+        public PBEWithMD2KeyFactory()
+        {
+            super("PBEwithMD2andDES", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, true, PKCS5S1, MD2, 64, 64);
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    /**
+     * PBEWithMD5AndDES
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithMD5KeyFactory
+        extends DESPBEKeyFactory
+    {
+        public PBEWithMD5KeyFactory()
+        {
+            super("PBEwithMD5andDES", PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, true, PKCS5S1, MD5, 64, 64);
+        }
+    }
+
+    /**
+     * PBEWithSHA1AndDES
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHA1KeyFactory
+        extends DESPBEKeyFactory
+    {
+        public PBEWithSHA1KeyFactory()
+        {
+            super("PBEwithSHA1andDES", PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, true, PKCS5S1, SHA1, 64, 64);
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    /**
+     * PBEWithMD2AndDES
+     *
+    static public class PBEWithMD2
+        extends BaseBlockCipher
+    {
+        public PBEWithMD2()
+        {
+            super(new CBCBlockCipher(new DESEngine()), PKCS5S1, MD2, 64, 8);
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    /**
+     * PBEWithMD5AndDES
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithMD5
+        extends BaseBlockCipher
+    {
+        public PBEWithMD5()
+        {
+            super(new CBCBlockCipher(new DESEngine()), PKCS5S1, MD5, 64, 8);
+        }
+    }
+
+    /**
+     * PBEWithSHA1AndDES
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHA1
+        extends BaseBlockCipher
+    {
+        public PBEWithSHA1()
+        {
+            super(new CBCBlockCipher(new DESEngine()), PKCS5S1, SHA1, 64, 8);
+        }
+    }
+    
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Mappings
+        extends AlgorithmProvider
+    {
+        private static final String PREFIX = DES.class.getName();
+        private static final String PACKAGE = "com.android.org.bouncycastle.jcajce.provider.symmetric"; // JDK 1.2
+
+        public Mappings()
+        {
+        }
+
+        public void configure(ConfigurableProvider provider)
+        {
+
+            provider.addAlgorithm("Cipher.DES", PREFIX + "$ECB");
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            provider.addAlgorithm("Cipher", OIWObjectIdentifiers.desCBC, PREFIX + "$CBC");
+
+            addAlias(provider, OIWObjectIdentifiers.desCBC, "DES");
+
+            provider.addAlgorithm("Cipher.DESRFC3211WRAP", PREFIX + "$RFC3211");
+            */
+            // END Android-removed: Unsupported algorithms
+
+            provider.addAlgorithm("KeyGenerator.DES", PREFIX + "$KeyGenerator");
+
+            provider.addAlgorithm("SecretKeyFactory.DES", PREFIX + "$KeyFactory");
+
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            provider.addAlgorithm("Mac.DESCMAC", PREFIX + "$CMAC");
+            provider.addAlgorithm("Mac.DESMAC", PREFIX + "$CBCMAC");
+            provider.addAlgorithm("Alg.Alias.Mac.DES", "DESMAC");
+
+            provider.addAlgorithm("Mac.DESMAC/CFB8", PREFIX + "$DESCFB8");
+            provider.addAlgorithm("Alg.Alias.Mac.DES/CFB8", "DESMAC/CFB8");
+
+            provider.addAlgorithm("Mac.DESMAC64", PREFIX + "$DES64");
+            provider.addAlgorithm("Alg.Alias.Mac.DES64", "DESMAC64");
+
+            provider.addAlgorithm("Mac.DESMAC64WITHISO7816-4PADDING", PREFIX + "$DES64with7816d4");
+            provider.addAlgorithm("Alg.Alias.Mac.DES64WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING");
+            provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1MACWITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING");
+            provider.addAlgorithm("Alg.Alias.Mac.DESISO9797ALG1WITHISO7816-4PADDING", "DESMAC64WITHISO7816-4PADDING");
+
+            provider.addAlgorithm("Mac.DESWITHISO9797", PREFIX + "$DES9797Alg3");
+            provider.addAlgorithm("Alg.Alias.Mac.DESISO9797MAC", "DESWITHISO9797");
+
+            provider.addAlgorithm("Mac.ISO9797ALG3MAC", PREFIX + "$DES9797Alg3");
+            provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3", "ISO9797ALG3MAC");
+            provider.addAlgorithm("Mac.ISO9797ALG3WITHISO7816-4PADDING", PREFIX + "$DES9797Alg3with7816d4");
+            provider.addAlgorithm("Alg.Alias.Mac.ISO9797ALG3MACWITHISO7816-4PADDING", "ISO9797ALG3WITHISO7816-4PADDING");
+            */
+            // END Android-removed: Unsupported algorithms
+
+            provider.addAlgorithm("AlgorithmParameters.DES", PACKAGE + ".util.IvAlgorithmParameters");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters", OIWObjectIdentifiers.desCBC, "DES");
+
+            // BEGIN Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("AlgorithmParameterGenerator.DES",  PREFIX + "$AlgParamGen");
+            // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + OIWObjectIdentifiers.desCBC, "DES");
+            //
+            // provider.addAlgorithm("Cipher.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2");
+            // END Android-removed: Unsupported algorithms
+            provider.addAlgorithm("Cipher.PBEWITHMD5ANDDES", PREFIX + "$PBEWithMD5");
+            provider.addAlgorithm("Cipher.PBEWITHSHA1ANDDES", PREFIX + "$PBEWithSHA1");
+            
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES");
+            provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES");
+            provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES");
+
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHMD5ANDDES-CBC", "PBEWITHMD5ANDDES");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1ANDDES-CBC", "PBEWITHSHA1ANDDES");
+
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDDES", PREFIX + "$PBEWithMD2KeyFactory");
+            provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5ANDDES", PREFIX + "$PBEWithMD5KeyFactory");
+            provider.addAlgorithm("SecretKeyFactory.PBEWITHSHA1ANDDES", PREFIX + "$PBEWithSHA1KeyFactory");
+
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDDES-CBC", "PBEWITHMD2ANDDES");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDDES-CBC", "PBEWITHMD5ANDDES");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDDES-CBC", "PBEWITHSHA1ANDDES");
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD2AndDES_CBC, "PBEWITHMD2ANDDES");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithMD5AndDES_CBC, "PBEWITHMD5ANDDES");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.pbeWithSHA1AndDES_CBC, "PBEWITHSHA1ANDDES");
+        }
+
+        private void addAlias(ConfigurableProvider provider, ASN1ObjectIdentifier oid, String name)
+        {
+            provider.addAlgorithm("Alg.Alias.KeyGenerator." + oid.getId(), name);
+            provider.addAlgorithm("Alg.Alias.KeyFactory." + oid.getId(), name);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/DESede.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/DESede.java
new file mode 100644
index 0000000..df1b354
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/DESede.java

@@ -0,0 +1,515 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.symmetric;
+
+// Android-removed: Unsupported algorithms
+// import java.security.AlgorithmParameters;
+// import java.security.InvalidAlgorithmParameterException;
+import java.security.SecureRandom;
+// Android-removed: Unsupported algorithms
+// import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.KeySpec;
+
+import javax.crypto.SecretKey;
+import javax.crypto.spec.DESedeKeySpec;
+// Android-removed: Unsupported algorithms
+// import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+
+import com.android.org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.CryptoServicesRegistrar;
+import com.android.org.bouncycastle.crypto.KeyGenerationParameters;
+import com.android.org.bouncycastle.crypto.engines.DESedeEngine;
+import com.android.org.bouncycastle.crypto.engines.DESedeWrapEngine;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.engines.RFC3211WrapEngine;
+import com.android.org.bouncycastle.crypto.generators.DESedeKeyGenerator;
+import com.android.org.bouncycastle.crypto.macs.CBCBlockCipherMac;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
+// import org.bouncycastle.crypto.macs.CMac;
+import com.android.org.bouncycastle.crypto.modes.CBCBlockCipher;
+import com.android.org.bouncycastle.crypto.paddings.ISO7816d4Padding;
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseSecretKeyFactory;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher;
+import com.android.org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public final class DESede
+{
+    private DESede()
+    {
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class ECB
+        extends BaseBlockCipher
+    {
+        public ECB()
+        {
+            super(new DESedeEngine());
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class CBC
+        extends BaseBlockCipher
+    {
+        public CBC()
+        {
+            super(new CBCBlockCipher(new DESedeEngine()), 64);
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    /**
+     * DESede   CFB8
+     *
+    public static class DESedeCFB8
+        extends BaseMac
+    {
+        public DESedeCFB8()
+        {
+            super(new CFBBlockCipherMac(new DESedeEngine()));
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    /**
+     * DESede64
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class DESede64
+        extends BaseMac
+    {
+        public DESede64()
+        {
+            super(new CBCBlockCipherMac(new DESedeEngine(), 64));
+        }
+    }
+
+    /**
+     * DESede64with7816-4Padding
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class DESede64with7816d4
+        extends BaseMac
+    {
+        public DESede64with7816d4()
+        {
+            super(new CBCBlockCipherMac(new DESedeEngine(), 64, new ISO7816d4Padding()));
+        }
+    }
+    
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class CBCMAC
+        extends BaseMac
+    {
+        public CBCMAC()
+        {
+            super(new CBCBlockCipherMac(new DESedeEngine()));
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    static public class CMAC
+        extends BaseMac
+    {
+        public CMAC()
+        {
+            super(new CMac(new DESedeEngine()));
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Wrap
+        extends BaseWrapCipher
+    {
+        public Wrap()
+        {
+            super(new DESedeWrapEngine());
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    public static class RFC3211
+        extends BaseWrapCipher
+    {
+        public RFC3211()
+        {
+            super(new RFC3211WrapEngine(new DESedeEngine()), 8);
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+  /**
+     * DESede - the default for this is to generate a key in
+     * a-b-a format that's 24 bytes long but has 16 bytes of
+     * key material (the first 8 bytes is repeated as the last
+     * 8 bytes). If you give it a size, you'll get just what you
+     * asked for.
+ * @hide This class is not part of the Android public SDK API
+     */
+    public static class KeyGenerator
+        extends BaseKeyGenerator
+    {
+        private boolean     keySizeSet = false;
+
+        public KeyGenerator()
+        {
+            super("DESede", 192, new DESedeKeyGenerator());
+        }
+
+        protected void engineInit(
+            int             keySize,
+            SecureRandom random)
+        {
+            super.engineInit(keySize, random);
+            keySizeSet = true;
+        }
+
+        protected SecretKey engineGenerateKey()
+        {
+            if (uninitialised)
+            {
+                engine.init(new KeyGenerationParameters(CryptoServicesRegistrar.getSecureRandom(), defaultKeySize));
+                uninitialised = false;
+            }
+
+            //
+            // if no key size has been defined generate a 24 byte key in
+            // the a-b-a format
+            //
+            if (!keySizeSet)
+            {
+                byte[]     k = engine.generateKey();
+
+                System.arraycopy(k, 0, k, 16, 8);
+
+                return new SecretKeySpec(k, algName);
+            }
+            else
+            {
+                return new SecretKeySpec(engine.generateKey(), algName);
+            }
+        }
+    }
+
+    /**
+     * generate a desEDE key in the a-b-c format.
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class KeyGenerator3
+        extends BaseKeyGenerator
+    {
+        public KeyGenerator3()
+        {
+            super("DESede3", 192, new DESedeKeyGenerator());
+        }
+    }
+
+    /**
+     * PBEWithSHAAnd3-KeyTripleDES-CBC
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHAAndDES3Key
+        extends BaseBlockCipher
+    {
+        public PBEWithSHAAndDES3Key()
+        {
+            super(new CBCBlockCipher(new DESedeEngine()), PKCS12, SHA1, 192, 8);
+        }
+    }
+
+    /**
+     * PBEWithSHAAnd2-KeyTripleDES-CBC
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHAAndDES2Key
+        extends BaseBlockCipher
+    {
+        public PBEWithSHAAndDES2Key()
+        {
+            super(new CBCBlockCipher(new DESedeEngine()), PKCS12, SHA1, 128, 8);
+        }
+    }
+
+    /**
+     * PBEWithSHAAnd3-KeyTripleDES-CBC
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHAAndDES3KeyFactory
+        extends DES.DESPBEKeyFactory
+    {
+        public PBEWithSHAAndDES3KeyFactory()
+        {
+            super("PBEwithSHAandDES3Key-CBC", PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, true, PKCS12, SHA1, 192, 64);
+        }
+    }
+
+    /**
+     * PBEWithSHAAnd2-KeyTripleDES-CBC
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHAAndDES2KeyFactory
+        extends DES.DESPBEKeyFactory
+    {
+        public PBEWithSHAAndDES2KeyFactory()
+        {
+            super("PBEwithSHAandDES2Key-CBC", PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC, true, PKCS12, SHA1, 128, 64);
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    public static class AlgParamGen
+        extends BaseAlgorithmParameterGenerator
+    {
+        protected void engineInit(
+            AlgorithmParameterSpec genParamSpec,
+            SecureRandom            random)
+            throws InvalidAlgorithmParameterException
+        {
+            throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for DES parameter generation.");
+        }
+
+        protected AlgorithmParameters engineGenerateParameters()
+        {
+            byte[]  iv = new byte[8];
+
+            if (random == null)
+            {
+                random = CryptoServicesRegistrar.getSecureRandom();
+            }
+
+            random.nextBytes(iv);
+
+            AlgorithmParameters params;
+
+            try
+            {
+                params = createParametersInstance("DES");
+                params.init(new IvParameterSpec(iv));
+            }
+            catch (Exception e)
+            {
+                throw new RuntimeException(e.getMessage());
+            }
+
+            return params;
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class KeyFactory
+        extends BaseSecretKeyFactory
+    {
+        public KeyFactory()
+        {
+            super("DESede", null);
+        }
+
+        protected KeySpec engineGetKeySpec(
+            SecretKey key,
+            Class keySpec)
+        throws InvalidKeySpecException
+        {
+            if (keySpec == null)
+            {
+                throw new InvalidKeySpecException("keySpec parameter is null");
+            }
+            if (key == null)
+            {
+                throw new InvalidKeySpecException("key parameter is null");
+            }
+
+            if (SecretKeySpec.class.isAssignableFrom(keySpec))
+            {
+                return new SecretKeySpec(key.getEncoded(), algName);
+            }
+            else if (DESedeKeySpec.class.isAssignableFrom(keySpec))
+            {
+                byte[]  bytes = key.getEncoded();
+
+                try
+                {
+                    if (bytes.length == 16)
+                    {
+                        byte[]  longKey = new byte[24];
+
+                        System.arraycopy(bytes, 0, longKey, 0, 16);
+                        System.arraycopy(bytes, 0, longKey, 16, 8);
+
+                        return new DESedeKeySpec(longKey);
+                    }
+                    else
+                    {
+                        return new DESedeKeySpec(bytes);
+                    }
+                }
+                catch (Exception e)
+                {
+                    throw new InvalidKeySpecException(e.toString());
+                }
+            }
+
+            throw new InvalidKeySpecException("Invalid KeySpec");
+        }
+
+        protected SecretKey engineGenerateSecret(
+            KeySpec keySpec)
+        throws InvalidKeySpecException
+        {
+            if (keySpec instanceof DESedeKeySpec)
+            {
+                DESedeKeySpec desKeySpec = (DESedeKeySpec)keySpec;
+                return new SecretKeySpec(desKeySpec.getKey(), "DESede");
+            }
+
+            return super.engineGenerateSecret(keySpec);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Mappings
+        extends AlgorithmProvider
+    {
+        private static final String PREFIX = DESede.class.getName();
+        private static final String PACKAGE = "com.android.org.bouncycastle.jcajce.provider.symmetric"; // JDK 1.2
+                
+        public Mappings()
+        {
+        }
+
+        public void configure(ConfigurableProvider provider)
+        {
+            provider.addAlgorithm("Cipher.DESEDE", PREFIX + "$ECB");
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$CBC");
+            provider.addAlgorithm("Cipher.DESEDEWRAP", PREFIX + "$Wrap");
+            // BEGIN Android-changed: Make alias of DESEDEWRAP rather than separate algorithm
+            provider.addAlgorithm("Alg.Alias.Cipher." + PKCSObjectIdentifiers.id_alg_CMS3DESwrap, "DESEDEWRAP");
+            // END Android-changed: Make alias of DESEDEWRAP rather than separate algorithm
+            // BEGIN Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("Cipher.DESEDERFC3211WRAP", PREFIX + "$RFC3211");
+            // provider.addAlgorithm("Alg.Alias.Cipher.DESEDERFC3217WRAP", "DESEDEWRAP");
+            // END Android-removed: Unsupported algorithms
+
+            provider.addAlgorithm("Alg.Alias.Cipher.TDEA", "DESEDE");
+            provider.addAlgorithm("Alg.Alias.Cipher.TDEAWRAP", "DESEDEWRAP");
+            provider.addAlgorithm("Alg.Alias.KeyGenerator.TDEA", "DESEDE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.TDEA", "DESEDE");
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator.TDEA", "DESEDE");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.TDEA", "DESEDE");
+
+            if (provider.hasAlgorithm("MessageDigest", "SHA-1"))
+            {
+                provider.addAlgorithm("Cipher.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES3Key");
+                // BEGIN Android-removed: Unsupported algorithms
+                // provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES3Key");
+                // provider.addAlgorithm("Cipher.OLDPBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$OldPBEWithSHAAndDES3Key");
+                // END Android-removed: Unsupported algorithms
+                provider.addAlgorithm("Cipher.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES2Key");
+                // Android-removed: Unsupported algorithms
+                // provider.addAlgorithm("Cipher.BROKENPBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$BrokePBEWithSHAAndDES2Key");
+                provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithSHAAnd3_KeyTripleDES_CBC, "PBEWITHSHAAND3-KEYTRIPLEDES-CBC");
+                provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithSHAAnd2_KeyTripleDES_CBC, "PBEWITHSHAAND2-KEYTRIPLEDES-CBC");
+                provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1ANDDESEDE", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC");
+                provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1AND3-KEYTRIPLEDES-CBC", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC");
+                provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1AND2-KEYTRIPLEDES-CBC", "PBEWITHSHAAND2-KEYTRIPLEDES-CBC");
+                provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHAAND3-KEYDESEDE-CBC", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC");
+                provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHAAND2-KEYDESEDE-CBC", "PBEWITHSHAAND2-KEYTRIPLEDES-CBC");
+                provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1AND3-KEYDESEDE-CBC", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC");
+                provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1AND2-KEYDESEDE-CBC", "PBEWITHSHAAND2-KEYTRIPLEDES-CBC");
+                provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1ANDDESEDE-CBC", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC");
+            }
+
+            provider.addAlgorithm("KeyGenerator.DESEDE", PREFIX + "$KeyGenerator");
+            // BEGIN Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("KeyGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, PREFIX + "$KeyGenerator3");
+            // provider.addAlgorithm("KeyGenerator.DESEDEWRAP", PREFIX + "$KeyGenerator");
+            // END Android-removed: Unsupported algorithms
+
+            provider.addAlgorithm("SecretKeyFactory.DESEDE", PREFIX + "$KeyFactory");
+
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            provider.addAlgorithm("SecretKeyFactory", OIWObjectIdentifiers.desEDE, PREFIX + "$KeyFactory");
+
+            provider.addAlgorithm("Mac.DESEDECMAC", PREFIX + "$CMAC");
+            provider.addAlgorithm("Mac.DESEDEMAC", PREFIX + "$CBCMAC");
+            provider.addAlgorithm("Alg.Alias.Mac.DESEDE", "DESEDEMAC");
+
+            provider.addAlgorithm("Mac.DESEDEMAC/CFB8", PREFIX + "$DESedeCFB8");
+            provider.addAlgorithm("Alg.Alias.Mac.DESEDE/CFB8", "DESEDEMAC/CFB8");
+
+            provider.addAlgorithm("Mac.DESEDEMAC64", PREFIX + "$DESede64");
+            provider.addAlgorithm("Alg.Alias.Mac.DESEDE64", "DESEDEMAC64");
+
+            provider.addAlgorithm("Mac.DESEDEMAC64WITHISO7816-4PADDING", PREFIX + "$DESede64with7816d4");
+            provider.addAlgorithm("Alg.Alias.Mac.DESEDE64WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING");
+            provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1MACWITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING");
+            provider.addAlgorithm("Alg.Alias.Mac.DESEDEISO9797ALG1WITHISO7816-4PADDING", "DESEDEMAC64WITHISO7816-4PADDING");
+            */
+            // END Android-removed: Unsupported algorithms
+
+            provider.addAlgorithm("AlgorithmParameters.DESEDE", PACKAGE + ".util.IvAlgorithmParameters");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE");
+
+            // BEGIN Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("AlgorithmParameterGenerator.DESEDE",  PREFIX + "$AlgParamGen");
+            // provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + PKCSObjectIdentifiers.des_EDE3_CBC, "DESEDE");
+            // END Android-removed: Unsupported algorithms
+
+            provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES3KeyFactory");
+            provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", PREFIX + "$PBEWithSHAAndDES2KeyFactory");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDDESEDE", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC");
+
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND3-KEYTRIPLEDES", "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND2-KEYTRIPLEDES", "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND3-KEYTRIPLEDES-CBC", "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND2-KEYTRIPLEDES-CBC", "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDDES3KEY-CBC", "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDDES2KEY-CBC", "PKCS12PBE");
+
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBE", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.3", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.4", "PBEWITHSHAAND2-KEYTRIPLEDES-CBC");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWithSHAAnd3KeyTripleDES", "PBEWITHSHAAND3-KEYTRIPLEDES-CBC");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.1.2.840.113549.1.12.1.3", "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.1.2.840.113549.1.12.1.4", "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWithSHAAnd3KeyTripleDES",  "PBEWITHSHAAND3-KEYTRIPLEDES-CBC");
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/GcmSpecUtil.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/GcmSpecUtil.java
new file mode 100644
index 0000000..a29228d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/GcmSpecUtil.java

@@ -0,0 +1,68 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.symmetric;
+
+import java.lang.reflect.Constructor;
+import java.lang.reflect.Method;
+import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.InvalidParameterSpecException;
+
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.cms.GCMParameters;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.ClassUtil;
+import com.android.org.bouncycastle.util.Integers;
+
+class GcmSpecUtil
+{
+    static final Class gcmSpecClass = ClassUtil.loadClass(GcmSpecUtil.class, "javax.crypto.spec.GCMParameterSpec");
+
+    static boolean gcmSpecExists()
+    {
+        return gcmSpecClass != null;
+    }
+
+    static boolean isGcmSpec(AlgorithmParameterSpec paramSpec)
+    {
+        return gcmSpecClass != null && gcmSpecClass.isInstance(paramSpec);
+    }
+
+    static boolean isGcmSpec(Class paramSpecClass)
+    {
+        return gcmSpecClass == paramSpecClass;
+    }
+
+    static AlgorithmParameterSpec extractGcmSpec(ASN1Primitive spec)
+        throws InvalidParameterSpecException
+    {
+        try
+        {
+            GCMParameters gcmParams = GCMParameters.getInstance(spec);
+            Constructor constructor = gcmSpecClass.getConstructor(new Class[]{Integer.TYPE, byte[].class});
+
+            return (AlgorithmParameterSpec)constructor.newInstance(new Object[] { Integers.valueOf(gcmParams.getIcvLen() * 8), gcmParams.getNonce() });
+        }
+        catch (NoSuchMethodException e)
+        {
+            throw new InvalidParameterSpecException("No constructor found!");   // should never happen
+        }
+        catch (Exception e)
+        {
+            throw new InvalidParameterSpecException("Construction failed: " + e.getMessage());   // should never happen
+        }
+    }
+
+    static GCMParameters extractGcmParameters(AlgorithmParameterSpec paramSpec)
+        throws InvalidParameterSpecException
+    {
+        try
+        {
+            Method tLen = gcmSpecClass.getDeclaredMethod("getTLen", new Class[0]);
+            Method iv= gcmSpecClass.getDeclaredMethod("getIV", new Class[0]);
+
+            return new GCMParameters((byte[])iv.invoke(paramSpec, new Object[0]), ((Integer)tLen.invoke(paramSpec, new Object[0])).intValue() / 8);
+        }
+        catch (Exception e)
+        {
+            throw new InvalidParameterSpecException("Cannot process GCMParameterSpec");
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java
new file mode 100644
index 0000000..766646e
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/PBEPBKDF2.java

@@ -0,0 +1,675 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.symmetric;
+
+import java.io.IOException;
+import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.InvalidParameterSpecException;
+import java.security.spec.KeySpec;
+import java.util.HashMap;
+import java.util.Map;
+
+import javax.crypto.SecretKey;
+import javax.crypto.spec.PBEKeySpec;
+import javax.crypto.spec.PBEParameterSpec;
+
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// import org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.PBKDF2Params;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+// Android-removed: Unneeded imports of files we don't include
+// import org.bouncycastle.crypto.PasswordConverter;
+// import org.bouncycastle.jcajce.PBKDF2Key;
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BCPBEKey;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseSecretKeyFactory;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.PBE;
+import com.android.org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
+import com.android.org.bouncycastle.jcajce.spec.PBKDF2KeySpec;
+import com.android.org.bouncycastle.util.Integers;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PBEPBKDF2
+{
+    private static final Map prfCodes = new HashMap();
+
+    static
+    {
+        // Android-removed: Unsupported algorithm
+        // prfCodes.put(CryptoProObjectIdentifiers.gostR3411Hmac, Integers.valueOf(PBE.GOST3411));
+        prfCodes.put(PKCSObjectIdentifiers.id_hmacWithSHA1, Integers.valueOf(PBE.SHA1));
+        prfCodes.put(PKCSObjectIdentifiers.id_hmacWithSHA256, Integers.valueOf(PBE.SHA256));
+        prfCodes.put(PKCSObjectIdentifiers.id_hmacWithSHA224, Integers.valueOf(PBE.SHA224));
+        prfCodes.put(PKCSObjectIdentifiers.id_hmacWithSHA384, Integers.valueOf(PBE.SHA384));
+        prfCodes.put(PKCSObjectIdentifiers.id_hmacWithSHA512, Integers.valueOf(PBE.SHA512));
+        // Android-remove: Unsupported algorithms
+        // prfCodes.put(NISTObjectIdentifiers.id_hmacWithSHA3_256, Integers.valueOf(PBE.SHA3_256));
+        // prfCodes.put(NISTObjectIdentifiers.id_hmacWithSHA3_224, Integers.valueOf(PBE.SHA3_224));
+        // prfCodes.put(NISTObjectIdentifiers.id_hmacWithSHA3_384, Integers.valueOf(PBE.SHA3_384));
+        // prfCodes.put(NISTObjectIdentifiers.id_hmacWithSHA3_512, Integers.valueOf(PBE.SHA3_512));
+    }
+
+    private PBEPBKDF2()
+    {
+
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    public static class AlgParams
+        extends BaseAlgorithmParameters
+    {
+        PBKDF2Params params;
+
+        protected byte[] engineGetEncoded()
+        {
+            try
+            {
+                return params.getEncoded(ASN1Encoding.DER);
+            }
+            catch (IOException e)
+            {
+                throw new RuntimeException("Oooops! " + e.toString());
+            }
+        }
+
+        protected byte[] engineGetEncoded(
+            String format)
+        {
+            if (this.isASN1FormatString(format))
+            {
+                return engineGetEncoded();
+            }
+
+            return null;
+        }
+
+        protected AlgorithmParameterSpec localEngineGetParameterSpec(
+            Class paramSpec)
+            throws InvalidParameterSpecException
+        {
+            if (paramSpec == PBEParameterSpec.class)
+            {
+                return new PBEParameterSpec(params.getSalt(),
+                    params.getIterationCount().intValue());
+            }
+
+            throw new InvalidParameterSpecException("unknown parameter spec passed to PBKDF2 PBE parameters object.");
+        }
+
+        protected void engineInit(
+            AlgorithmParameterSpec paramSpec)
+            throws InvalidParameterSpecException
+        {
+            if (!(paramSpec instanceof PBEParameterSpec))
+            {
+                throw new InvalidParameterSpecException("PBEParameterSpec required to initialise a PBKDF2 PBE parameters algorithm parameters object");
+            }
+
+            PBEParameterSpec pbeSpec = (PBEParameterSpec)paramSpec;
+
+            this.params = new PBKDF2Params(pbeSpec.getSalt(),
+                pbeSpec.getIterationCount());
+        }
+
+        protected void engineInit(
+            byte[] params)
+            throws IOException
+        {
+            this.params = PBKDF2Params.getInstance(ASN1Primitive.fromByteArray(params));
+        }
+
+        protected void engineInit(
+            byte[] params,
+            String format)
+            throws IOException
+        {
+            if (this.isASN1FormatString(format))
+            {
+                engineInit(params);
+                return;
+            }
+
+            throw new IOException("Unknown parameters format in PBKDF2 parameters object");
+        }
+
+        protected String engineToString()
+        {
+            return "PBKDF2 Parameters";
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class BasePBKDF2
+        extends BaseSecretKeyFactory
+    {
+        private int scheme;
+        // BEGIN Android-added: Allow to specify a key using only the password.
+        private int keySizeInBits;
+        private int ivSizeInBits;
+        // END Android-added: Allow to specify a key using only the password.
+        private int defaultDigest;
+
+        public BasePBKDF2(String name, int scheme)
+        {
+            this(name, scheme, SHA1);
+        }
+
+        // BEGIN Android-changed: Allow to specify a key using only the password.
+        // public BasePBKDF2(String name, int scheme, int defaultDigest)
+        private BasePBKDF2(
+                String name, int scheme, int digest, int keySizeInBits, int ivSizeInBits)
+        // END Android-changed: Allow to specify a key using only the password.
+        {
+            super(name, PKCSObjectIdentifiers.id_PBKDF2);
+
+            this.scheme = scheme;
+            // BEGIN Android-added: Support key-restricted versions.
+            this.keySizeInBits = keySizeInBits;
+            this.ivSizeInBits = ivSizeInBits;
+            // END Android-added: Support key-restricted versions.
+            this.defaultDigest = digest;
+        }
+
+        // BEGIN Android-added: Allow to specify a key using only the password.
+        private BasePBKDF2(String name, int scheme, int digest) {
+            this(name, scheme, digest, 0, 0);
+        }
+        // END Android-added: Allow to specify a key using only the password.
+
+        protected SecretKey engineGenerateSecret(
+            KeySpec keySpec)
+            throws InvalidKeySpecException
+        {
+            if (keySpec instanceof PBEKeySpec)
+            {
+                PBEKeySpec pbeSpec = (PBEKeySpec)keySpec;
+
+                // BEGIN Android-added: Allow to specify a key using only the password.
+                // The key will be generated later when other parameters are known.
+                if (pbeSpec.getSalt() == null
+                        && pbeSpec.getIterationCount() == 0
+                        && pbeSpec.getKeyLength() == 0
+                        && pbeSpec.getPassword().length > 0
+                        && keySizeInBits != 0) {
+                    return new BCPBEKey(
+                            this.algName, this.algOid, scheme, defaultDigest, keySizeInBits,
+                            ivSizeInBits, pbeSpec,
+                            // cipherParameters, to be generated when the PBE parameters are known.
+                            null);
+                }
+                // END Android-added: Allow to specify a key using only the password.
+
+                if (pbeSpec.getSalt() == null)
+                {
+                    // Android-changed: Throw an exception if the salt is missing
+                    // return new PBKDF2Key(((PBEKeySpec)keySpec).getPassword(),
+                    //     scheme == PKCS5S2 ? PasswordConverter.ASCII : PasswordConverter.UTF8);
+                    throw new InvalidKeySpecException("missing required salt");
+                }
+
+                if (pbeSpec.getIterationCount() <= 0)
+                {
+                    throw new InvalidKeySpecException("positive iteration count required: "
+                        + pbeSpec.getIterationCount());
+                }
+
+                if (pbeSpec.getKeyLength() <= 0)
+                {
+                    throw new InvalidKeySpecException("positive key length required: "
+                        + pbeSpec.getKeyLength());
+                }
+
+                if (pbeSpec.getPassword().length == 0)
+                {
+                    throw new IllegalArgumentException("password empty");
+                }
+
+                if (pbeSpec instanceof PBKDF2KeySpec)
+                {
+                    PBKDF2KeySpec spec = (PBKDF2KeySpec)pbeSpec;
+
+                    int digest = getDigestCode(spec.getPrf().getAlgorithm());
+                    int keySize = pbeSpec.getKeyLength();
+                    int ivSize = -1;    // JDK 1,2 and earlier does not understand simplified version.
+                    CipherParameters param = PBE.Util.makePBEMacParameters(pbeSpec, scheme, digest, keySize);
+
+                    return new BCPBEKey(this.algName, this.algOid, scheme, digest, keySize, ivSize, pbeSpec, param);
+                }
+                else
+                {
+                    int digest = defaultDigest;
+                    int keySize = pbeSpec.getKeyLength();
+                    int ivSize = -1;    // JDK 1,2 and earlier does not understand simplified version.
+                    CipherParameters param = PBE.Util.makePBEMacParameters(pbeSpec, scheme, digest, keySize);
+
+                    return new BCPBEKey(this.algName, this.algOid, scheme, digest, keySize, ivSize, pbeSpec, param);
+                }
+            }
+
+            throw new InvalidKeySpecException("Invalid KeySpec");
+        }
+
+
+        private int getDigestCode(ASN1ObjectIdentifier algorithm)
+            throws InvalidKeySpecException
+        {
+            Integer code = (Integer)prfCodes.get(algorithm);
+            if (code != null)
+            {
+                return code.intValue();
+            }
+            
+            throw new InvalidKeySpecException("Invalid KeySpec: unknown PRF algorithm " + algorithm);
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    public static class PBKDF2withUTF8
+        extends BasePBKDF2
+    {
+        public PBKDF2withUTF8()
+        {
+            super("PBKDF2", PKCS5S2_UTF8);
+        }
+    }
+
+    public static class PBKDF2withSHA224
+        extends BasePBKDF2
+    {
+        public PBKDF2withSHA224()
+        {
+            super("PBKDF2", PKCS5S2_UTF8, SHA224);
+        }
+    }
+
+    public static class PBKDF2withSHA256
+        extends BasePBKDF2
+    {
+        public PBKDF2withSHA256()
+        {
+            super("PBKDF2", PKCS5S2_UTF8, SHA256);
+        }
+    }
+
+    public static class PBKDF2withSHA384
+        extends BasePBKDF2
+    {
+        public PBKDF2withSHA384()
+        {
+            super("PBKDF2", PKCS5S2_UTF8, SHA384);
+        }
+    }
+
+    public static class PBKDF2withSHA512
+        extends BasePBKDF2
+    {
+        public PBKDF2withSHA512()
+        {
+            super("PBKDF2", PKCS5S2_UTF8, SHA512);
+        }
+    }
+
+    public static class PBKDF2withGOST3411
+        extends BasePBKDF2
+    {
+        public PBKDF2withGOST3411()
+        {
+            super("PBKDF2", PKCS5S2_UTF8, GOST3411);
+        }
+    }
+
+    public static class PBKDF2withSHA3_224
+        extends BasePBKDF2
+    {
+        public PBKDF2withSHA3_224()
+        {
+            super("PBKDF2", PKCS5S2_UTF8, SHA3_224);
+        }
+    }
+
+    public static class PBKDF2withSHA3_256
+        extends BasePBKDF2
+    {
+        public PBKDF2withSHA3_256()
+        {
+            super("PBKDF2", PKCS5S2_UTF8, SHA3_256);
+        }
+    }
+
+    public static class PBKDF2withSHA3_384
+        extends BasePBKDF2
+    {
+        public PBKDF2withSHA3_384()
+        {
+            super("PBKDF2", PKCS5S2_UTF8, SHA3_384);
+        }
+    }
+
+    public static class PBKDF2withSHA3_512
+        extends BasePBKDF2
+    {
+        public PBKDF2withSHA3_512()
+        {
+            super("PBKDF2", PKCS5S2_UTF8, SHA3_512);
+        }
+    }
+
+    public static class PBKDF2with8BIT
+        extends BasePBKDF2
+    {
+        public PBKDF2with8BIT()
+        {
+            super("PBKDF2", PKCS5S2);
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    // BEGIN Android-added: Android implementations of PBKDF2 algorithms.
+    // See note in Mappings below.
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class BasePBKDF2WithHmacSHA1 extends BasePBKDF2 {
+        public BasePBKDF2WithHmacSHA1(String name, int scheme)
+        {
+            super(name, scheme, SHA1);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PBKDF2WithHmacSHA1UTF8
+            extends BasePBKDF2WithHmacSHA1
+    {
+        public PBKDF2WithHmacSHA1UTF8()
+        {
+            super("PBKDF2WithHmacSHA1", PKCS5S2_UTF8);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PBKDF2WithHmacSHA18BIT
+            extends BasePBKDF2WithHmacSHA1
+    {
+        public PBKDF2WithHmacSHA18BIT()
+        {
+            super("PBKDF2WithHmacSHA1And8bit", PKCS5S2);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class BasePBKDF2WithHmacSHA224 extends BasePBKDF2 {
+        public BasePBKDF2WithHmacSHA224(String name, int scheme)
+        {
+            super(name, scheme, SHA224);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PBKDF2WithHmacSHA224UTF8
+            extends BasePBKDF2WithHmacSHA224
+    {
+        public PBKDF2WithHmacSHA224UTF8()
+        {
+            super("PBKDF2WithHmacSHA224", PKCS5S2_UTF8);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class BasePBKDF2WithHmacSHA256 extends BasePBKDF2 {
+        public BasePBKDF2WithHmacSHA256(String name, int scheme)
+        {
+            super(name, scheme, SHA256);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PBKDF2WithHmacSHA256UTF8
+            extends BasePBKDF2WithHmacSHA256
+    {
+        public PBKDF2WithHmacSHA256UTF8()
+        {
+            super("PBKDF2WithHmacSHA256", PKCS5S2_UTF8);
+        }
+    }
+
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class BasePBKDF2WithHmacSHA384 extends BasePBKDF2 {
+        public BasePBKDF2WithHmacSHA384(String name, int scheme)
+        {
+            super(name, scheme, SHA384);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PBKDF2WithHmacSHA384UTF8
+            extends BasePBKDF2WithHmacSHA384
+    {
+        public PBKDF2WithHmacSHA384UTF8()
+        {
+            super("PBKDF2WithHmacSHA384", PKCS5S2_UTF8);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class BasePBKDF2WithHmacSHA512 extends BasePBKDF2 {
+        public BasePBKDF2WithHmacSHA512(String name, int scheme)
+        {
+            super(name, scheme, SHA512);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PBKDF2WithHmacSHA512UTF8
+            extends BasePBKDF2WithHmacSHA512
+    {
+        public PBKDF2WithHmacSHA512UTF8()
+        {
+            super("PBKDF2WithHmacSHA512", PKCS5S2_UTF8);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PBEWithHmacSHA1AndAES_128
+            extends BasePBKDF2 {
+        public PBEWithHmacSHA1AndAES_128() {
+            super("PBEWithHmacSHA1AndAES_128", PKCS5S2_UTF8, SHA1, 128, 128);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PBEWithHmacSHA224AndAES_128
+            extends BasePBKDF2 {
+        public PBEWithHmacSHA224AndAES_128() {
+            super("PBEWithHmacSHA224AndAES_128", PKCS5S2_UTF8, SHA224, 128, 128);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PBEWithHmacSHA256AndAES_128
+            extends BasePBKDF2 {
+        public PBEWithHmacSHA256AndAES_128() {
+            super("PBEWithHmacSHA256AndAES_128", PKCS5S2_UTF8, SHA256, 128, 128);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PBEWithHmacSHA384AndAES_128
+            extends BasePBKDF2 {
+        public PBEWithHmacSHA384AndAES_128() {
+            super("PBEWithHmacSHA384AndAES_128", PKCS5S2_UTF8, SHA384, 128, 128);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PBEWithHmacSHA512AndAES_128
+            extends BasePBKDF2 {
+        public PBEWithHmacSHA512AndAES_128() {
+            super("PBEWithHmacSHA512AndAES_128", PKCS5S2_UTF8, SHA512, 128, 128);
+        }
+    }
+
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PBEWithHmacSHA1AndAES_256
+            extends BasePBKDF2 {
+        public PBEWithHmacSHA1AndAES_256() {
+            super("PBEWithHmacSHA1AndAES_256", PKCS5S2_UTF8, SHA1, 256, 128);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PBEWithHmacSHA224AndAES_256
+            extends BasePBKDF2 {
+        public PBEWithHmacSHA224AndAES_256() {
+            super("PBEWithHmacSHA224AndAES_256", PKCS5S2_UTF8, SHA224, 256, 128);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PBEWithHmacSHA256AndAES_256
+            extends BasePBKDF2 {
+        public PBEWithHmacSHA256AndAES_256() {
+            super("PBEWithHmacSHA256AndAES_256", PKCS5S2_UTF8, SHA256, 256, 128);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PBEWithHmacSHA384AndAES_256
+            extends BasePBKDF2 {
+        public PBEWithHmacSHA384AndAES_256() {
+            super("PBEWithHmacSHA384AndAES_256", PKCS5S2_UTF8, SHA384, 256, 128);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PBEWithHmacSHA512AndAES_256
+            extends BasePBKDF2 {
+        public PBEWithHmacSHA512AndAES_256() {
+            super("PBEWithHmacSHA512AndAES_256", PKCS5S2_UTF8, SHA512, 256, 128);
+        }
+    }
+    // END Android-added: Android implementations of PBKDF2 algorithms.
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Mappings
+        extends AlgorithmProvider
+    {
+        private static final String PREFIX = PBEPBKDF2.class.getName();
+
+        public Mappings()
+        {
+        }
+
+        public void configure(ConfigurableProvider provider)
+        {
+            // Android-note: Provided classes differ significantly from upstream.
+            // Before BC 1.56, this class was omitted in Android and the algorithms we desired
+            // were provided in org.bouncycastle.jcajce.provider.digest.SHA1.  During that
+            // time, Android added some additional versions of these algorithms for fixed key sizes.
+            // BC eventually consolidated the algorithms into this class.  As a result, when
+            // upgrading to BC 1.56, we added this class but replaced its contents with
+            // our versions.
+            // BEGIN Android-removed: Bouncy Castle versions of algorithms.
+            /*
+            provider.addAlgorithm("AlgorithmParameters.PBKDF2", PREFIX + "$AlgParams");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + PKCSObjectIdentifiers.id_PBKDF2, "PBKDF2");
+            provider.addAlgorithm("SecretKeyFactory.PBKDF2", PREFIX + "$PBKDF2withUTF8");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITHHMACSHA1", "PBKDF2");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITHHMACSHA1ANDUTF8", "PBKDF2");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory." + PKCSObjectIdentifiers.id_PBKDF2, "PBKDF2");
+            provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHASCII", PREFIX + "$PBKDF2with8BIT");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITH8BIT", "PBKDF2WITHASCII");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WITHHMACSHA1AND8BIT", "PBKDF2WITHASCII");
+            provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA224", PREFIX + "$PBKDF2withSHA224");
+            provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA256", PREFIX + "$PBKDF2withSHA256");
+            provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA384", PREFIX + "$PBKDF2withSHA384");
+            provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA512", PREFIX + "$PBKDF2withSHA512");
+            provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA3-224", PREFIX + "$PBKDF2withSHA3_224");
+            provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA3-256", PREFIX + "$PBKDF2withSHA3_256");
+            provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA3-384", PREFIX + "$PBKDF2withSHA3_384");
+            provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACSHA3-512", PREFIX + "$PBKDF2withSHA3_512");
+            provider.addAlgorithm("SecretKeyFactory.PBKDF2WITHHMACGOST3411", PREFIX + "$PBKDF2withGOST3411");
+            */
+            // END Android-removed: Bouncy Castle versions of algorithms.
+            // BEGIN Android-added: Android versions of algorithms.
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2WithHmacSHA1AndUTF8", "PBKDF2WithHmacSHA1");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2with8BIT", "PBKDF2WithHmacSHA1And8BIT");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBKDF2withASCII", "PBKDF2WithHmacSHA1And8BIT");
+            provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA1", PREFIX + "$PBKDF2WithHmacSHA1UTF8");
+            provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA224", PREFIX + "$PBKDF2WithHmacSHA224UTF8");
+            provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA256", PREFIX + "$PBKDF2WithHmacSHA256UTF8");
+            provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA384", PREFIX + "$PBKDF2WithHmacSHA384UTF8");
+            provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA512", PREFIX + "$PBKDF2WithHmacSHA512UTF8");
+            provider.addAlgorithm("SecretKeyFactory.PBEWithHmacSHA1AndAES_128", PREFIX + "$PBEWithHmacSHA1AndAES_128");
+            provider.addAlgorithm("SecretKeyFactory.PBEWithHmacSHA224AndAES_128", PREFIX + "$PBEWithHmacSHA224AndAES_128");
+            provider.addAlgorithm("SecretKeyFactory.PBEWithHmacSHA256AndAES_128", PREFIX + "$PBEWithHmacSHA256AndAES_128");
+            provider.addAlgorithm("SecretKeyFactory.PBEWithHmacSHA384AndAES_128", PREFIX + "$PBEWithHmacSHA384AndAES_128");
+            provider.addAlgorithm("SecretKeyFactory.PBEWithHmacSHA512AndAES_128", PREFIX + "$PBEWithHmacSHA512AndAES_128");
+            provider.addAlgorithm("SecretKeyFactory.PBEWithHmacSHA1AndAES_256", PREFIX + "$PBEWithHmacSHA1AndAES_256");
+            provider.addAlgorithm("SecretKeyFactory.PBEWithHmacSHA224AndAES_256", PREFIX + "$PBEWithHmacSHA224AndAES_256");
+            provider.addAlgorithm("SecretKeyFactory.PBEWithHmacSHA256AndAES_256", PREFIX + "$PBEWithHmacSHA256AndAES_256");
+            provider.addAlgorithm("SecretKeyFactory.PBEWithHmacSHA384AndAES_256", PREFIX + "$PBEWithHmacSHA384AndAES_256");
+            provider.addAlgorithm("SecretKeyFactory.PBEWithHmacSHA512AndAES_256", PREFIX + "$PBEWithHmacSHA512AndAES_256");
+            provider.addAlgorithm("SecretKeyFactory.PBKDF2WithHmacSHA1And8BIT", PREFIX + "$PBKDF2WithHmacSHA18BIT");
+            // END Android-added: Android versions of algorithms.
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/PBEPKCS12.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/PBEPKCS12.java
new file mode 100644
index 0000000..1cc9510
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/PBEPKCS12.java

@@ -0,0 +1,130 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.symmetric;
+
+import java.io.IOException;
+import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.InvalidParameterSpecException;
+
+import javax.crypto.spec.PBEParameterSpec;
+
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.pkcs.PKCS12PBEParams;
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters;
+import com.android.org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PBEPKCS12
+{
+    private PBEPKCS12()
+    {
+
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class AlgParams
+        extends BaseAlgorithmParameters
+    {
+        PKCS12PBEParams params;
+
+        protected byte[] engineGetEncoded()
+        {
+            try
+            {
+                return params.getEncoded(ASN1Encoding.DER);
+            }
+            catch (IOException e)
+            {
+                throw new RuntimeException("Oooops! " + e.toString());
+            }
+        }
+
+        protected byte[] engineGetEncoded(
+            String format)
+        {
+            if (this.isASN1FormatString(format))
+            {
+                return engineGetEncoded();
+            }
+
+            return null;
+        }
+
+        protected AlgorithmParameterSpec localEngineGetParameterSpec(
+            Class paramSpec)
+            throws InvalidParameterSpecException
+        {
+            if (paramSpec == PBEParameterSpec.class)
+            {
+                return new PBEParameterSpec(params.getIV(),
+                    params.getIterations().intValue());
+            }
+
+            throw new InvalidParameterSpecException("unknown parameter spec passed to PKCS12 PBE parameters object.");
+        }
+
+        protected void engineInit(
+            AlgorithmParameterSpec paramSpec)
+            throws InvalidParameterSpecException
+        {
+            if (!(paramSpec instanceof PBEParameterSpec))
+            {
+                throw new InvalidParameterSpecException("PBEParameterSpec required to initialise a PKCS12 PBE parameters algorithm parameters object");
+            }
+
+            PBEParameterSpec pbeSpec = (PBEParameterSpec)paramSpec;
+
+            this.params = new PKCS12PBEParams(pbeSpec.getSalt(),
+                pbeSpec.getIterationCount());
+        }
+
+        protected void engineInit(
+            byte[] params)
+            throws IOException
+        {
+            this.params = PKCS12PBEParams.getInstance(ASN1Primitive.fromByteArray(params));
+        }
+
+        protected void engineInit(
+            byte[] params,
+            String format)
+            throws IOException
+        {
+            if (this.isASN1FormatString(format))
+            {
+                engineInit(params);
+                return;
+            }
+
+            throw new IOException("Unknown parameters format in PKCS12 PBE parameters object");
+        }
+
+        protected String engineToString()
+        {
+            return "PKCS12 PBE Parameters";
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Mappings
+        extends AlgorithmProvider
+    {
+        private static final String PREFIX = PBEPKCS12.class.getName();
+
+        public Mappings()
+        {
+        }
+
+        public void configure(ConfigurableProvider provider)
+        {
+            provider.addAlgorithm("AlgorithmParameters.PKCS12PBE", PREFIX + "$AlgParams");
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/PBES2AlgorithmParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/PBES2AlgorithmParameters.java
new file mode 100644
index 0000000..0c71dab
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/PBES2AlgorithmParameters.java

@@ -0,0 +1,367 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+// BEGIN android-added
+// Based on org.bouncycastle.jcajce.provider.symmetric.PBEPKCS12
+
+package com.android.org.bouncycastle.jcajce.provider.symmetric;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DERNull;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.EncryptionScheme;
+import com.android.org.bouncycastle.asn1.pkcs.KeyDerivationFunc;
+import com.android.org.bouncycastle.asn1.pkcs.PBES2Parameters;
+import com.android.org.bouncycastle.asn1.pkcs.PBKDF2Params;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.PBE;
+import com.android.org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
+
+import java.io.IOException;
+import java.lang.reflect.Constructor;
+import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.InvalidParameterSpecException;
+import java.util.Enumeration;
+
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.PBEParameterSpec;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PBES2AlgorithmParameters
+{
+    private PBES2AlgorithmParameters()
+    {
+
+    }
+
+    private static abstract class BasePBEWithHmacAlgorithmParameters
+            extends BaseAlgorithmParameters
+    {
+        private final AlgorithmIdentifier kdf;
+        private final String kdfShortName;
+        private final int keySize;
+        private final ASN1ObjectIdentifier cipherAlgorithm;
+        private final String cipherAlgorithmShortName;
+
+        private PBES2Parameters params;
+
+        private BasePBEWithHmacAlgorithmParameters(
+                ASN1ObjectIdentifier kdf,
+                String kdfShortName,
+                int keySize,
+                ASN1ObjectIdentifier cipherAlgorithm,
+                String cipherAlgorithmShortName) {
+            this.kdf = new AlgorithmIdentifier(kdf, DERNull.INSTANCE);
+            this.kdfShortName = kdfShortName;
+            this.keySize = keySize;
+            this.cipherAlgorithm = cipherAlgorithm;
+            this.cipherAlgorithmShortName = cipherAlgorithmShortName;
+        }
+
+        protected byte[] engineGetEncoded()
+        {
+            try
+            {
+                return new DERSequence(new ASN1Encodable[] {
+                        PKCSObjectIdentifiers.id_PBES2,
+                        params
+                }).getEncoded();
+            }
+            catch (IOException e)
+            {
+                throw new RuntimeException("Unable to read PBES2 parameters: " + e.toString());
+            }
+        }
+
+        protected byte[] engineGetEncoded(
+                String format)
+        {
+            if (this.isASN1FormatString(format))
+            {
+                return engineGetEncoded();
+            }
+
+            return null;
+        }
+
+        protected AlgorithmParameterSpec localEngineGetParameterSpec(
+                Class parameterSpec)
+                throws InvalidParameterSpecException
+        {
+            if (parameterSpec == PBEParameterSpec.class)
+            {
+                PBKDF2Params pbeParamSpec =
+                        (PBKDF2Params) params.getKeyDerivationFunc().getParameters();
+                byte[] iv =  ((ASN1OctetString) params.getEncryptionScheme().getParameters())
+                        .getOctets();
+                return createPBEParameterSpec(pbeParamSpec.getSalt(),
+                        pbeParamSpec.getIterationCount().intValue(),
+                        iv);
+            }
+
+            throw new InvalidParameterSpecException(
+                    "unknown parameter spec passed to PBES2 parameters object.");
+        }
+
+        protected void engineInit(
+                AlgorithmParameterSpec paramSpec)
+                throws InvalidParameterSpecException
+        {
+            if (!(paramSpec instanceof PBEParameterSpec))
+            {
+                throw new InvalidParameterSpecException(
+                        "PBEParameterSpec required to initialise PBES2 algorithm parameters");
+            }
+
+            PBEParameterSpec pbeSpec = (PBEParameterSpec)paramSpec;
+
+            byte[] iv;
+
+            AlgorithmParameterSpec algorithmParameterSpec =
+                    PBE.Util.getParameterSpecFromPBEParameterSpec(pbeSpec);
+            if (algorithmParameterSpec instanceof IvParameterSpec) {
+                iv = ((IvParameterSpec) algorithmParameterSpec).getIV();
+            } else {
+                throw new IllegalArgumentException("Expecting an IV as a parameter");
+            }
+
+            this.params = new PBES2Parameters(
+                    new KeyDerivationFunc(
+                            PKCSObjectIdentifiers.id_PBKDF2,
+                            new PBKDF2Params(
+                                    pbeSpec.getSalt(), pbeSpec.getIterationCount(), keySize, kdf)),
+                    new EncryptionScheme(cipherAlgorithm, new DEROctetString(iv)));
+        }
+
+        protected void engineInit(
+                byte[] params)
+                throws IOException
+        {
+            // Dual of engineGetEncoded()
+            ASN1Sequence seq = ASN1Sequence.getInstance(ASN1Primitive.fromByteArray(params));
+            Enumeration seqObjects = seq.getObjects();
+            ASN1ObjectIdentifier id = (ASN1ObjectIdentifier) seqObjects.nextElement();
+            if (!id.getId().equals(PKCSObjectIdentifiers.id_PBES2.getId())) {
+                throw new IllegalArgumentException("Invalid PBES2 parameters");
+            }
+            this.params = PBES2Parameters.getInstance(seqObjects.nextElement());
+        }
+
+        protected void engineInit(
+                byte[] params,
+                String format)
+                throws IOException
+        {
+            if (this.isASN1FormatString(format))
+            {
+                engineInit(params);
+                return;
+            }
+
+            throw new IOException("Unknown parameters format in PBES2 parameters object");
+        }
+
+        protected String engineToString()
+        {
+            return "PBES2 " + kdfShortName + " " + cipherAlgorithmShortName + " Parameters";
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PBEWithHmacSHA1AES128AlgorithmParameters
+            extends BasePBEWithHmacAlgorithmParameters {
+        public PBEWithHmacSHA1AES128AlgorithmParameters() {
+            super(PKCSObjectIdentifiers.id_hmacWithSHA1,
+                    "HmacSHA1",
+                    16, /* keySize */
+                    NISTObjectIdentifiers.id_aes128_CBC,
+                    "AES128");
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PBEWithHmacSHA224AES128AlgorithmParameters
+            extends BasePBEWithHmacAlgorithmParameters {
+        public PBEWithHmacSHA224AES128AlgorithmParameters() {
+            super(PKCSObjectIdentifiers.id_hmacWithSHA224,
+                    "HmacSHA224",
+                    16, /* keySize */
+                    NISTObjectIdentifiers.id_aes128_CBC,
+                    "AES128");
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PBEWithHmacSHA256AES128AlgorithmParameters
+            extends BasePBEWithHmacAlgorithmParameters {
+        public PBEWithHmacSHA256AES128AlgorithmParameters() {
+            super(PKCSObjectIdentifiers.id_hmacWithSHA256,
+                    "HmacSHA256",
+                    16, /* keySize */
+                    NISTObjectIdentifiers.id_aes128_CBC,
+                    "AES128");
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PBEWithHmacSHA384AES128AlgorithmParameters
+            extends BasePBEWithHmacAlgorithmParameters {
+        public PBEWithHmacSHA384AES128AlgorithmParameters() {
+            super(PKCSObjectIdentifiers.id_hmacWithSHA384,
+                    "HmacSHA384",
+                    16, /* keySize */
+                    NISTObjectIdentifiers.id_aes128_CBC,
+                    "AES128");
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PBEWithHmacSHA512AES128AlgorithmParameters
+            extends BasePBEWithHmacAlgorithmParameters {
+        public PBEWithHmacSHA512AES128AlgorithmParameters() {
+            super(PKCSObjectIdentifiers.id_hmacWithSHA512,
+                    "HmacSHA512",
+                    16, /* keySize */
+                    NISTObjectIdentifiers.id_aes128_CBC,
+                    "AES128");
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PBEWithHmacSHA1AES256AlgorithmParameters
+            extends BasePBEWithHmacAlgorithmParameters {
+        public PBEWithHmacSHA1AES256AlgorithmParameters() {
+            super(PKCSObjectIdentifiers.id_hmacWithSHA1,
+                    "HmacSHA1",
+                    32, /* keySize */
+                    NISTObjectIdentifiers.id_aes256_CBC,
+                    "AES256");
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PBEWithHmacSHA224AES256AlgorithmParameters
+            extends BasePBEWithHmacAlgorithmParameters {
+        public PBEWithHmacSHA224AES256AlgorithmParameters() {
+            super(PKCSObjectIdentifiers.id_hmacWithSHA224,
+                    "HmacSHA224",
+                    32, /* keySize */
+                    NISTObjectIdentifiers.id_aes256_CBC,
+                    "AES256");
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PBEWithHmacSHA256AES256AlgorithmParameters
+            extends BasePBEWithHmacAlgorithmParameters {
+        public PBEWithHmacSHA256AES256AlgorithmParameters() {
+            super(PKCSObjectIdentifiers.id_hmacWithSHA256,
+                    "HmacSHA256",
+                    32, /* keySize */
+                    NISTObjectIdentifiers.id_aes256_CBC,
+                    "AES256");
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PBEWithHmacSHA384AES256AlgorithmParameters
+            extends BasePBEWithHmacAlgorithmParameters {
+        public PBEWithHmacSHA384AES256AlgorithmParameters() {
+            super(PKCSObjectIdentifiers.id_hmacWithSHA384,
+                    "HmacSHA384",
+                    32, /* keySize */
+                    NISTObjectIdentifiers.id_aes256_CBC,
+                    "AES256");
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class PBEWithHmacSHA512AES256AlgorithmParameters
+            extends BasePBEWithHmacAlgorithmParameters {
+        public PBEWithHmacSHA512AES256AlgorithmParameters() {
+            super(PKCSObjectIdentifiers.id_hmacWithSHA512,
+                    "HmacSHA512",
+                    32, /* keySize */
+                    NISTObjectIdentifiers.id_aes256_CBC,
+                    "AES256");
+        }
+    }
+
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Mappings
+            extends AlgorithmProvider
+    {
+        private static final String PREFIX = PBES2AlgorithmParameters.class.getName();
+
+        public Mappings()
+        {
+        }
+
+        public void configure(ConfigurableProvider provider)
+        {
+            int[] keySizes = { 128, 256 };
+            int[] shaVariants = { 1, 224, 256, 384, 512 };
+            for (int keySize : keySizes) {
+                for (int shaVariant : shaVariants) {
+                    provider.addAlgorithm(
+                            "AlgorithmParameters.PBEWithHmacSHA" + shaVariant + "AndAES_" + keySize,
+                            PREFIX + "$PBEWithHmacSHA" + shaVariant + "AES" + keySize
+                                    + "AlgorithmParameters");
+                }
+            }
+        }
+    }
+
+    /**
+     * Helper method to create a PBEParameterSpec with a parameter specification via reflection, as
+     * the constructor became available in Java 1.8 and Bouncycastle is at level 1.5.
+     */
+    private static PBEParameterSpec createPBEParameterSpec(
+            byte[] salt, int iterationCount, byte[] iv) {
+        try {
+            Class<PBEParameterSpec> pbeParameterSpecClass =
+                    (Class<PBEParameterSpec>) PBES2AlgorithmParameters.class.getClassLoader()
+                            .loadClass("javax.crypto.spec.PBEParameterSpec");
+            Constructor<PBEParameterSpec> constructor =
+                    pbeParameterSpecClass.getConstructor(new Class[]{
+                            byte[].class, int.class, AlgorithmParameterSpec.class });
+            return constructor.newInstance(salt, iterationCount, new IvParameterSpec(iv));
+        } catch (Exception e) {
+            throw new IllegalStateException(
+                    "Requested creation PBES2 parameters in an SDK that doesn't support them", e);
+        }
+    }
+}
+// END android-added
\ No newline at end of file

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/RC2.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/RC2.java
new file mode 100644
index 0000000..761766f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/RC2.java

@@ -0,0 +1,566 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.symmetric;
+
+import java.io.IOException;
+import java.security.AlgorithmParameters;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.SecureRandom;
+import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.InvalidParameterSpecException;
+
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.RC2ParameterSpec;
+
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.pkcs.RC2CBCParameter;
+// import org.bouncycastle.crypto.CipherKeyGenerator;
+import com.android.org.bouncycastle.crypto.CryptoServicesRegistrar;
+import com.android.org.bouncycastle.crypto.engines.RC2Engine;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.engines.RC2WrapEngine;
+// import org.bouncycastle.crypto.macs.CBCBlockCipherMac;
+// import org.bouncycastle.crypto.macs.CFBBlockCipherMac;
+import com.android.org.bouncycastle.crypto.modes.CBCBlockCipher;
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameterGenerator;
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseAlgorithmParameters;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseWrapCipher;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory;
+import com.android.org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public final class RC2
+{
+    private RC2()
+    {
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    /**
+     * RC2
+     *
+    static public class ECB
+        extends BaseBlockCipher
+    {
+        public ECB()
+        {
+            super(new RC2Engine());
+        }
+    }
+
+    /**
+     * RC2CBC
+     *
+    static public class CBC
+        extends BaseBlockCipher
+    {
+        public CBC()
+        {
+            super(new CBCBlockCipher(new RC2Engine()), 64);
+        }
+    }
+
+    public static class Wrap
+        extends BaseWrapCipher
+    {
+        public Wrap()
+        {
+            super(new RC2WrapEngine());
+        }
+    }
+
+    /**
+     * RC2
+     *
+    public static class CBCMAC
+        extends BaseMac
+    {
+        public CBCMAC()
+        {
+            super(new CBCBlockCipherMac(new RC2Engine()));
+        }
+    }
+
+    public static class CFB8MAC
+        extends BaseMac
+    {
+        public CFB8MAC()
+        {
+            super(new CFBBlockCipherMac(new RC2Engine()));
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    /**
+     * PBEWithSHA1AndRC2
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHA1KeyFactory
+        extends PBESecretKeyFactory
+    {
+        public PBEWithSHA1KeyFactory()
+        {
+            super("PBEwithSHA1andRC2", PKCSObjectIdentifiers.pbeWithSHA1AndRC2_CBC, true, PKCS5S1, SHA1, 64, 64);
+        }
+    }
+
+    /**
+     * PBEWithSHAAnd128BitRC2-CBC
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHAAnd128BitKeyFactory
+        extends PBESecretKeyFactory
+    {
+        public PBEWithSHAAnd128BitKeyFactory()
+        {
+            super("PBEwithSHAand128BitRC2-CBC", PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC2_CBC, true, PKCS12, SHA1, 128, 64);
+        }
+    }
+
+    /**
+     * PBEWithSHAAnd40BitRC2-CBC
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHAAnd40BitKeyFactory
+        extends PBESecretKeyFactory
+    {
+        public PBEWithSHAAnd40BitKeyFactory()
+        {
+            super("PBEwithSHAand40BitRC2-CBC", PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC2_CBC, true, PKCS12, SHA1, 40, 64);
+        }
+    }
+
+    /**
+     * PBEWithMD5AndRC2
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithMD5AndRC2
+        extends BaseBlockCipher
+    {
+        public PBEWithMD5AndRC2()
+        {
+            super(new CBCBlockCipher(new RC2Engine()), PKCS5S1, MD5, 64, 8);
+        }
+    }
+    
+    /**
+     * PBEWithSHA1AndRC2
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHA1AndRC2
+        extends BaseBlockCipher
+    {
+        public PBEWithSHA1AndRC2()
+        {
+            super(new CBCBlockCipher(new RC2Engine()), PKCS5S1, SHA1, 64, 8);
+        }
+    }
+
+    /**
+     * PBEWithSHAAnd128BitRC2-CBC
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHAAnd128BitRC2
+        extends BaseBlockCipher
+    {
+        public PBEWithSHAAnd128BitRC2()
+        {
+            super(new CBCBlockCipher(new RC2Engine()), PKCS12, SHA1, 128, 8);
+        }
+    }
+
+    /**
+     * PBEWithSHAAnd40BitRC2-CBC
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHAAnd40BitRC2
+        extends BaseBlockCipher
+    {
+        public PBEWithSHAAnd40BitRC2()
+        {
+            super(new CBCBlockCipher(new RC2Engine()), PKCS12, SHA1, 40, 8);
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    /**
+     * PBEWithMD2AndRC2
+     *
+    static public class PBEWithMD2KeyFactory
+        extends PBESecretKeyFactory
+    {
+        public PBEWithMD2KeyFactory()
+        {
+            super("PBEwithMD2andRC2", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, true, PKCS5S1, MD2, 64, 64);
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+   /**
+    * PBEWithMD5AndRC2
+ * @hide This class is not part of the Android public SDK API
+    */
+   static public class PBEWithMD5KeyFactory
+       extends PBESecretKeyFactory
+   {
+       public PBEWithMD5KeyFactory()
+       {
+           super("PBEwithMD5andRC2", PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, true, PKCS5S1, MD5, 64, 64);
+       }
+   }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    public static class AlgParamGen
+        extends BaseAlgorithmParameterGenerator
+    {
+        RC2ParameterSpec spec = null;
+
+        protected void engineInit(
+            AlgorithmParameterSpec genParamSpec,
+            SecureRandom random)
+            throws InvalidAlgorithmParameterException
+        {
+            if (genParamSpec instanceof RC2ParameterSpec)
+            {
+                spec = (RC2ParameterSpec)genParamSpec;
+                return;
+            }
+
+            throw new InvalidAlgorithmParameterException("No supported AlgorithmParameterSpec for RC2 parameter generation.");
+        }
+
+        protected AlgorithmParameters engineGenerateParameters()
+        {
+            AlgorithmParameters params;
+
+            if (spec == null)
+            {
+                byte[] iv = new byte[8];
+
+                if (random == null)
+                {
+                    random = CryptoServicesRegistrar.getSecureRandom();
+                }
+
+                random.nextBytes(iv);
+
+                try
+                {
+                    params = createParametersInstance("RC2");
+                    params.init(new IvParameterSpec(iv));
+                }
+                catch (Exception e)
+                {
+                    throw new RuntimeException(e.getMessage());
+                }
+            }
+            else
+            {
+                try
+                {
+                    params = createParametersInstance("RC2");
+                    params.init(spec);
+                }
+                catch (Exception e)
+                {
+                    throw new RuntimeException(e.getMessage());
+                }
+            }
+
+            return params;
+        }
+    }
+
+    public static class KeyGenerator
+        extends BaseKeyGenerator
+    {
+        public KeyGenerator()
+        {
+            super("RC2", 128, new CipherKeyGenerator());
+        }
+    }
+
+    public static class AlgParams
+        extends BaseAlgorithmParameters
+    {
+        private static final short[] table = {
+            0xbd, 0x56, 0xea, 0xf2, 0xa2, 0xf1, 0xac, 0x2a, 0xb0, 0x93, 0xd1, 0x9c, 0x1b, 0x33, 0xfd, 0xd0,
+            0x30, 0x04, 0xb6, 0xdc, 0x7d, 0xdf, 0x32, 0x4b, 0xf7, 0xcb, 0x45, 0x9b, 0x31, 0xbb, 0x21, 0x5a,
+            0x41, 0x9f, 0xe1, 0xd9, 0x4a, 0x4d, 0x9e, 0xda, 0xa0, 0x68, 0x2c, 0xc3, 0x27, 0x5f, 0x80, 0x36,
+            0x3e, 0xee, 0xfb, 0x95, 0x1a, 0xfe, 0xce, 0xa8, 0x34, 0xa9, 0x13, 0xf0, 0xa6, 0x3f, 0xd8, 0x0c,
+            0x78, 0x24, 0xaf, 0x23, 0x52, 0xc1, 0x67, 0x17, 0xf5, 0x66, 0x90, 0xe7, 0xe8, 0x07, 0xb8, 0x60,
+            0x48, 0xe6, 0x1e, 0x53, 0xf3, 0x92, 0xa4, 0x72, 0x8c, 0x08, 0x15, 0x6e, 0x86, 0x00, 0x84, 0xfa,
+            0xf4, 0x7f, 0x8a, 0x42, 0x19, 0xf6, 0xdb, 0xcd, 0x14, 0x8d, 0x50, 0x12, 0xba, 0x3c, 0x06, 0x4e,
+            0xec, 0xb3, 0x35, 0x11, 0xa1, 0x88, 0x8e, 0x2b, 0x94, 0x99, 0xb7, 0x71, 0x74, 0xd3, 0xe4, 0xbf,
+            0x3a, 0xde, 0x96, 0x0e, 0xbc, 0x0a, 0xed, 0x77, 0xfc, 0x37, 0x6b, 0x03, 0x79, 0x89, 0x62, 0xc6,
+            0xd7, 0xc0, 0xd2, 0x7c, 0x6a, 0x8b, 0x22, 0xa3, 0x5b, 0x05, 0x5d, 0x02, 0x75, 0xd5, 0x61, 0xe3,
+            0x18, 0x8f, 0x55, 0x51, 0xad, 0x1f, 0x0b, 0x5e, 0x85, 0xe5, 0xc2, 0x57, 0x63, 0xca, 0x3d, 0x6c,
+            0xb4, 0xc5, 0xcc, 0x70, 0xb2, 0x91, 0x59, 0x0d, 0x47, 0x20, 0xc8, 0x4f, 0x58, 0xe0, 0x01, 0xe2,
+            0x16, 0x38, 0xc4, 0x6f, 0x3b, 0x0f, 0x65, 0x46, 0xbe, 0x7e, 0x2d, 0x7b, 0x82, 0xf9, 0x40, 0xb5,
+            0x1d, 0x73, 0xf8, 0xeb, 0x26, 0xc7, 0x87, 0x97, 0x25, 0x54, 0xb1, 0x28, 0xaa, 0x98, 0x9d, 0xa5,
+            0x64, 0x6d, 0x7a, 0xd4, 0x10, 0x81, 0x44, 0xef, 0x49, 0xd6, 0xae, 0x2e, 0xdd, 0x76, 0x5c, 0x2f,
+            0xa7, 0x1c, 0xc9, 0x09, 0x69, 0x9a, 0x83, 0xcf, 0x29, 0x39, 0xb9, 0xe9, 0x4c, 0xff, 0x43, 0xab
+        };
+
+        private static final short[] ekb = {
+            0x5d, 0xbe, 0x9b, 0x8b, 0x11, 0x99, 0x6e, 0x4d, 0x59, 0xf3, 0x85, 0xa6, 0x3f, 0xb7, 0x83, 0xc5,
+            0xe4, 0x73, 0x6b, 0x3a, 0x68, 0x5a, 0xc0, 0x47, 0xa0, 0x64, 0x34, 0x0c, 0xf1, 0xd0, 0x52, 0xa5,
+            0xb9, 0x1e, 0x96, 0x43, 0x41, 0xd8, 0xd4, 0x2c, 0xdb, 0xf8, 0x07, 0x77, 0x2a, 0xca, 0xeb, 0xef,
+            0x10, 0x1c, 0x16, 0x0d, 0x38, 0x72, 0x2f, 0x89, 0xc1, 0xf9, 0x80, 0xc4, 0x6d, 0xae, 0x30, 0x3d,
+            0xce, 0x20, 0x63, 0xfe, 0xe6, 0x1a, 0xc7, 0xb8, 0x50, 0xe8, 0x24, 0x17, 0xfc, 0x25, 0x6f, 0xbb,
+            0x6a, 0xa3, 0x44, 0x53, 0xd9, 0xa2, 0x01, 0xab, 0xbc, 0xb6, 0x1f, 0x98, 0xee, 0x9a, 0xa7, 0x2d,
+            0x4f, 0x9e, 0x8e, 0xac, 0xe0, 0xc6, 0x49, 0x46, 0x29, 0xf4, 0x94, 0x8a, 0xaf, 0xe1, 0x5b, 0xc3,
+            0xb3, 0x7b, 0x57, 0xd1, 0x7c, 0x9c, 0xed, 0x87, 0x40, 0x8c, 0xe2, 0xcb, 0x93, 0x14, 0xc9, 0x61,
+            0x2e, 0xe5, 0xcc, 0xf6, 0x5e, 0xa8, 0x5c, 0xd6, 0x75, 0x8d, 0x62, 0x95, 0x58, 0x69, 0x76, 0xa1,
+            0x4a, 0xb5, 0x55, 0x09, 0x78, 0x33, 0x82, 0xd7, 0xdd, 0x79, 0xf5, 0x1b, 0x0b, 0xde, 0x26, 0x21,
+            0x28, 0x74, 0x04, 0x97, 0x56, 0xdf, 0x3c, 0xf0, 0x37, 0x39, 0xdc, 0xff, 0x06, 0xa4, 0xea, 0x42,
+            0x08, 0xda, 0xb4, 0x71, 0xb0, 0xcf, 0x12, 0x7a, 0x4e, 0xfa, 0x6c, 0x1d, 0x84, 0x00, 0xc8, 0x7f,
+            0x91, 0x45, 0xaa, 0x2b, 0xc2, 0xb1, 0x8f, 0xd5, 0xba, 0xf2, 0xad, 0x19, 0xb2, 0x67, 0x36, 0xf7,
+            0x0f, 0x0a, 0x92, 0x7d, 0xe3, 0x9d, 0xe9, 0x90, 0x3e, 0x23, 0x27, 0x66, 0x13, 0xec, 0x81, 0x15,
+            0xbd, 0x22, 0xbf, 0x9f, 0x7e, 0xa9, 0x51, 0x4b, 0x4c, 0xfb, 0x02, 0xd3, 0x70, 0x86, 0x31, 0xe7,
+            0x3b, 0x05, 0x03, 0x54, 0x60, 0x48, 0x65, 0x18, 0xd2, 0xcd, 0x5f, 0x32, 0x88, 0x0e, 0x35, 0xfd
+        };
+
+        private byte[] iv;
+        private int parameterVersion = 58;
+
+        protected byte[] engineGetEncoded()
+        {
+            return Arrays.clone(iv);
+        }
+
+        protected byte[] engineGetEncoded(
+            String format)
+            throws IOException
+        {
+            if (this.isASN1FormatString(format))
+            {
+                if (parameterVersion == -1)
+                {
+                    return new RC2CBCParameter(engineGetEncoded()).getEncoded();
+                }
+                else
+                {
+                    return new RC2CBCParameter(parameterVersion, engineGetEncoded()).getEncoded();
+                }
+            }
+
+            if (format.equals("RAW"))
+            {
+                return engineGetEncoded();
+            }
+
+            return null;
+        }
+
+        protected AlgorithmParameterSpec localEngineGetParameterSpec(
+            Class paramSpec)
+            throws InvalidParameterSpecException
+        {
+            if (paramSpec == RC2ParameterSpec.class || paramSpec == AlgorithmParameterSpec.class)
+            {
+                if (parameterVersion != -1)
+                {
+                    if (parameterVersion < 256)
+                    {
+                        return new RC2ParameterSpec(ekb[parameterVersion], iv);
+                    }
+                    else
+                    {
+                        return new RC2ParameterSpec(parameterVersion, iv);
+                    }
+                }
+            }
+
+            if (paramSpec == IvParameterSpec.class || paramSpec == AlgorithmParameterSpec.class)
+            {
+                return new IvParameterSpec(iv);
+            }
+
+            throw new InvalidParameterSpecException("unknown parameter spec passed to RC2 parameters object.");
+        }
+
+        protected void engineInit(
+            AlgorithmParameterSpec paramSpec)
+            throws InvalidParameterSpecException
+        {
+            if (paramSpec instanceof IvParameterSpec)
+            {
+                this.iv = ((IvParameterSpec)paramSpec).getIV();
+            }
+            else if (paramSpec instanceof RC2ParameterSpec)
+            {
+                int effKeyBits = ((RC2ParameterSpec)paramSpec).getEffectiveKeyBits();
+                if (effKeyBits != -1)
+                {
+                    if (effKeyBits < 256)
+                    {
+                        parameterVersion = table[effKeyBits];
+                    }
+                    else
+                    {
+                        parameterVersion = effKeyBits;
+                    }
+                }
+
+                this.iv = ((RC2ParameterSpec)paramSpec).getIV();
+            }
+            else
+            {
+                throw new InvalidParameterSpecException("IvParameterSpec or RC2ParameterSpec required to initialise a RC2 parameters algorithm parameters object");
+            }
+        }
+
+        protected void engineInit(
+            byte[] params)
+            throws IOException
+        {
+            this.iv = Arrays.clone(params);
+        }
+
+        protected void engineInit(
+            byte[] params,
+            String format)
+            throws IOException
+        {
+            if (this.isASN1FormatString(format))
+            {
+                RC2CBCParameter p = RC2CBCParameter.getInstance(ASN1Primitive.fromByteArray(params));
+
+                if (p.getRC2ParameterVersion() != null)
+                {
+                    parameterVersion = p.getRC2ParameterVersion().intValue();
+                }
+
+                iv = p.getIV();
+
+                return;
+            }
+
+            if (format.equals("RAW"))
+            {
+                engineInit(params);
+                return;
+            }
+
+            throw new IOException("Unknown parameters format in IV parameters object");
+        }
+
+        protected String engineToString()
+        {
+            return "RC2 Parameters";
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Mappings
+        extends AlgorithmProvider
+    {
+        private static final String PREFIX = RC2.class.getName();
+
+        public Mappings()
+        {
+        }
+
+        public void configure(ConfigurableProvider provider)
+        {
+
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            provider.addAlgorithm("AlgorithmParameterGenerator.RC2", PREFIX + "$AlgParamGen");
+            provider.addAlgorithm("AlgorithmParameterGenerator.1.2.840.113549.3.2", PREFIX + "$AlgParamGen");
+
+            provider.addAlgorithm("KeyGenerator.RC2", PREFIX + "$KeyGenerator");
+            provider.addAlgorithm("KeyGenerator.1.2.840.113549.3.2", PREFIX + "$KeyGenerator");
+
+            provider.addAlgorithm("AlgorithmParameters.RC2", PREFIX + "$AlgParams");
+            provider.addAlgorithm("AlgorithmParameters.1.2.840.113549.3.2", PREFIX + "$AlgParams");
+
+            provider.addAlgorithm("Cipher.RC2", PREFIX + "$ECB");
+            provider.addAlgorithm("Cipher.RC2WRAP", PREFIX + "$Wrap");
+            provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.id_alg_CMSRC2wrap, "RC2WRAP");
+            provider.addAlgorithm("Cipher", PKCSObjectIdentifiers.RC2_CBC, PREFIX + "$CBC");
+
+            provider.addAlgorithm("Mac.RC2MAC", PREFIX + "$CBCMAC");
+            provider.addAlgorithm("Alg.Alias.Mac.RC2", "RC2MAC");
+            provider.addAlgorithm("Mac.RC2MAC/CFB8", PREFIX + "$CFB8MAC");
+            provider.addAlgorithm("Alg.Alias.Mac.RC2/CFB8", "RC2MAC/CFB8");
+
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD2ANDRC2-CBC", "PBEWITHMD2ANDRC2");
+            */
+            // END Android-removed: Unsupported algorithms
+
+            // Android-note: All of the non-disabled algorithms in this class are necessary
+            // for KeyStore.PKCS12
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHMD5ANDRC2-CBC", "PBEWITHMD5ANDRC2");
+
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.PBEWITHSHA1ANDRC2-CBC", "PBEWITHSHA1ANDRC2");
+
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("Alg.Alias.SecretKeyFactory", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2");
+
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory", PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDRC2");
+
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory", PKCSObjectIdentifiers.pbeWithSHA1AndRC2_CBC, "PBEWITHSHA1ANDRC2");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.5", "PBEWITHSHAAND128BITRC2-CBC");
+            provider.addAlgorithm("Alg.Alias.SecretKeyFactory.1.2.840.113549.1.12.1.6", "PBEWITHSHAAND40BITRC2-CBC");
+
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("SecretKeyFactory.PBEWITHMD2ANDRC2", PREFIX + "$PBEWithMD2KeyFactory");
+            provider.addAlgorithm("SecretKeyFactory.PBEWITHMD5ANDRC2", PREFIX + "$PBEWithMD5KeyFactory");
+            provider.addAlgorithm("SecretKeyFactory.PBEWITHSHA1ANDRC2", PREFIX + "$PBEWithSHA1KeyFactory");
+
+            provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND128BITRC2-CBC", PREFIX + "$PBEWithSHAAnd128BitKeyFactory");
+            provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAAND40BITRC2-CBC", PREFIX + "$PBEWithSHAAnd40BitKeyFactory");
+
+            // Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithMD2AndRC2_CBC, "PBEWITHMD2ANDRC2");
+
+            provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithMD5AndRC2_CBC, "PBEWITHMD5ANDRC2");
+
+            provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithSHA1AndRC2_CBC, "PBEWITHSHA1ANDRC2");
+
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.1.2.840.113549.1.12.1.5", "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.1.2.840.113549.1.12.1.6", "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWithSHAAnd3KeyTripleDES", "PKCS12PBE");
+
+            provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithSHAAnd128BitRC2_CBC, "PBEWITHSHAAND128BITRC2-CBC");
+            provider.addAlgorithm("Alg.Alias.Cipher", PKCSObjectIdentifiers.pbeWithSHAAnd40BitRC2_CBC, "PBEWITHSHAAND40BITRC2-CBC");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1AND128BITRC2-CBC", "PBEWITHSHAAND128BITRC2-CBC");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1AND40BITRC2-CBC", "PBEWITHSHAAND40BITRC2-CBC");
+            provider.addAlgorithm("Cipher.PBEWITHSHA1ANDRC2", PREFIX + "$PBEWithSHA1AndRC2");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHAANDRC2-CBC", "PBEWITHSHA1ANDRC2");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHSHA1ANDRC2-CBC", "PBEWITHSHA1ANDRC2");
+
+            provider.addAlgorithm("Cipher.PBEWITHSHAAND128BITRC2-CBC", PREFIX + "$PBEWithSHAAnd128BitRC2");
+            provider.addAlgorithm("Cipher.PBEWITHSHAAND40BITRC2-CBC", PREFIX + "$PBEWithSHAAnd40BitRC2");
+            provider.addAlgorithm("Cipher.PBEWITHMD5ANDRC2", PREFIX + "$PBEWithMD5AndRC2");
+            provider.addAlgorithm("Alg.Alias.Cipher.PBEWITHMD5ANDRC2-CBC", "PBEWITHMD5ANDRC2");
+
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHA1ANDRC2", "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDRC2", "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHA1ANDRC2-CBC", "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND40BITRC2-CBC", "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAAND128BITRC2-CBC", "PKCS12PBE");
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java
new file mode 100644
index 0000000..d6da7df
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/SymmetricAlgorithmProvider.java

@@ -0,0 +1,52 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.symmetric;
+
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+import com.android.org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
+
+abstract class SymmetricAlgorithmProvider
+    extends AlgorithmProvider
+{
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    protected void addCMacAlgorithm(
+        ConfigurableProvider provider,
+        String algorithm,
+        String algorithmClassName,
+        String keyGeneratorClassName)
+    {
+        provider.addAlgorithm("Mac." + algorithm + "-CMAC", algorithmClassName);
+        provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "CMAC", algorithm + "-CMAC");
+
+        provider.addAlgorithm("KeyGenerator." + algorithm + "-CMAC", keyGeneratorClassName);
+        provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "CMAC",  algorithm + "-CMAC");
+    }
+
+    protected void addGMacAlgorithm(
+        ConfigurableProvider provider,
+        String algorithm,
+        String algorithmClassName,
+        String keyGeneratorClassName)
+    {
+        provider.addAlgorithm("Mac." + algorithm + "-GMAC", algorithmClassName);
+        provider.addAlgorithm("Alg.Alias.Mac." + algorithm + "GMAC", algorithm + "-GMAC");
+
+        provider.addAlgorithm("KeyGenerator." + algorithm + "-GMAC", keyGeneratorClassName);
+        provider.addAlgorithm("Alg.Alias.KeyGenerator." + algorithm + "GMAC",  algorithm + "-GMAC");
+    }
+
+    protected void addPoly1305Algorithm(ConfigurableProvider provider,
+                                        String algorithm,
+                                        String algorithmClassName,
+                                        String keyGeneratorClassName)
+    {
+        provider.addAlgorithm("Mac.POLY1305-" + algorithm, algorithmClassName);
+        provider.addAlgorithm("Alg.Alias.Mac.POLY1305" + algorithm, "POLY1305-" + algorithm);
+
+        provider.addAlgorithm("KeyGenerator.POLY1305-" + algorithm, keyGeneratorClassName);
+        provider.addAlgorithm("Alg.Alias.KeyGenerator.POLY1305" + algorithm, "POLY1305-" + algorithm);
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/Twofish.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/Twofish.java
new file mode 100644
index 0000000..b8f991f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/Twofish.java

@@ -0,0 +1,158 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.symmetric;
+
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.BlockCipher;
+// import org.bouncycastle.crypto.CipherKeyGenerator;
+import com.android.org.bouncycastle.crypto.engines.TwofishEngine;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.generators.Poly1305KeyGenerator;
+// import org.bouncycastle.crypto.macs.GMac;
+import com.android.org.bouncycastle.crypto.modes.CBCBlockCipher;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.modes.GCMBlockCipher;
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.BaseBlockCipher;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseKeyGenerator;
+// import org.bouncycastle.jcajce.provider.symmetric.util.BaseMac;
+// import org.bouncycastle.jcajce.provider.symmetric.util.BlockCipherProvider;
+// import org.bouncycastle.jcajce.provider.symmetric.util.IvAlgorithmParameters;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.PBESecretKeyFactory;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public final class Twofish
+{
+    private Twofish()
+    {
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    public static class ECB
+        extends BaseBlockCipher
+    {
+        public ECB()
+        {
+            super(new BlockCipherProvider()
+            {
+                public BlockCipher get()
+                {
+                    return new TwofishEngine();
+                }
+            });
+        }
+    }
+
+    public static class KeyGen
+        extends BaseKeyGenerator
+    {
+        public KeyGen()
+        {
+            super("Twofish", 256, new CipherKeyGenerator());
+        }
+    }
+
+    public static class GMAC
+        extends BaseMac
+    {
+        public GMAC()
+        {
+            super(new GMac(new GCMBlockCipher(new TwofishEngine())));
+        }
+    }
+
+    public static class Poly1305
+        extends BaseMac
+    {
+        public Poly1305()
+        {
+            super(new org.bouncycastle.crypto.macs.Poly1305(new TwofishEngine()));
+        }
+    }
+
+    public static class Poly1305KeyGen
+        extends BaseKeyGenerator
+    {
+        public Poly1305KeyGen()
+        {
+            super("Poly1305-Twofish", 256, new Poly1305KeyGenerator());
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    /**
+     * PBEWithSHAAndTwofish-CBC
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHAKeyFactory
+        extends PBESecretKeyFactory
+    {
+        public PBEWithSHAKeyFactory()
+        {
+            super("PBEwithSHAandTwofish-CBC", null, true, PKCS12, SHA1, 256, 128);
+        }
+    }
+
+    /**
+     * PBEWithSHAAndTwofish-CBC
+     * @hide This class is not part of the Android public SDK API
+     */
+    static public class PBEWithSHA
+        extends BaseBlockCipher
+    {
+        public PBEWithSHA()
+        {
+            super(new CBCBlockCipher(new TwofishEngine()), PKCS12, SHA1, 256, 16);
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    public static class AlgParams
+        extends IvAlgorithmParameters
+    {
+        protected String engineToString()
+        {
+            return "Twofish IV";
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Mappings
+        extends SymmetricAlgorithmProvider
+    {
+        private static final String PREFIX = Twofish.class.getName();
+
+        public Mappings()
+        {
+        }
+
+        public void configure(ConfigurableProvider provider)
+        {
+            // BEGIN Android-removed: Unsupported algorithms
+            // provider.addAlgorithm("Cipher.Twofish", PREFIX + "$ECB");
+            // provider.addAlgorithm("KeyGenerator.Twofish", PREFIX + "$KeyGen");
+            // provider.addAlgorithm("AlgorithmParameters.Twofish", PREFIX + "$AlgParams");
+            // END Android-removed: Unsupported algorithms
+
+            // Android-note: These algorithms are necessary for KeyStore.BouncyCastle
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH", "PKCS12PBE");
+            provider.addAlgorithm("Alg.Alias.AlgorithmParameters.PBEWITHSHAANDTWOFISH-CBC", "PKCS12PBE");
+            provider.addAlgorithm("Cipher.PBEWITHSHAANDTWOFISH-CBC",  PREFIX + "$PBEWithSHA");
+            provider.addAlgorithm("SecretKeyFactory.PBEWITHSHAANDTWOFISH-CBC", PREFIX + "$PBEWithSHAKeyFactory");
+
+            // BEGIN Android-removed: Unsupported algorithms
+            // addGMacAlgorithm(provider, "Twofish", PREFIX + "$GMAC", PREFIX + "$KeyGen");
+            // addPoly1305Algorithm(provider, "Twofish", PREFIX + "$Poly1305", PREFIX + "$Poly1305KeyGen");
+            // END Android-removed: Unsupported algorithms
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BCPBEKey.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BCPBEKey.java
new file mode 100644
index 0000000..980aad1
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BCPBEKey.java

@@ -0,0 +1,168 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.symmetric.util;
+
+import java.security.spec.KeySpec;
+
+import javax.crypto.interfaces.PBEKey;
+import javax.crypto.spec.PBEKeySpec;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.PBEParametersGenerator;
+import com.android.org.bouncycastle.crypto.params.KeyParameter;
+import com.android.org.bouncycastle.crypto.params.ParametersWithIV;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BCPBEKey
+    implements PBEKey
+{
+    String              algorithm;
+    ASN1ObjectIdentifier oid;
+    int                 type;
+    int                 digest;
+    int                 keySize;
+    int                 ivSize;
+    CipherParameters    param;
+    PBEKeySpec          pbeKeySpec;
+    boolean             tryWrong = false;
+
+    /**
+     * @param param
+     */
+    public BCPBEKey(
+        String algorithm,
+        ASN1ObjectIdentifier oid,
+        int type,
+        int digest,
+        int keySize,
+        int ivSize,
+        PBEKeySpec pbeKeySpec,
+        CipherParameters param)
+    {
+        this.algorithm = algorithm;
+        this.oid = oid;
+        this.type = type;
+        this.digest = digest;
+        this.keySize = keySize;
+        this.ivSize = ivSize;
+        this.pbeKeySpec = pbeKeySpec;
+        this.param = param;
+    }
+
+    public BCPBEKey(String algName,
+                    KeySpec pbeSpec, CipherParameters param)
+    {
+        this.algorithm = algName;
+        this.param = param;
+    }
+
+    public String getAlgorithm()
+    {
+        return algorithm;
+    }
+
+    public String getFormat()
+    {
+        return "RAW";
+    }
+
+    public byte[] getEncoded()
+    {
+        if (param != null)
+        {
+            KeyParameter    kParam;
+            
+            if (param instanceof ParametersWithIV)
+            {
+                kParam = (KeyParameter)((ParametersWithIV)param).getParameters();
+            }
+            else
+            {
+                kParam = (KeyParameter)param;
+            }
+            
+            return kParam.getKey();
+        }
+        else
+        {
+            if (type == PBE.PKCS12)
+            {
+                return PBEParametersGenerator.PKCS12PasswordToBytes(pbeKeySpec.getPassword());
+            }
+            else if (type == PBE.PKCS5S2_UTF8)
+            {
+                return PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(pbeKeySpec.getPassword());
+            }
+            else
+            {   
+                return PBEParametersGenerator.PKCS5PasswordToBytes(pbeKeySpec.getPassword());
+            }
+        }
+    }
+    
+    int getType()
+    {
+        return type;
+    }
+    
+    int getDigest()
+    {
+        return digest;
+    }
+    
+    int getKeySize()
+    {
+        return keySize;
+    }
+    
+    public int getIvSize()
+    {
+        return ivSize;
+    }
+    
+    public CipherParameters getParam()
+    {
+        return param;
+    }
+
+    /* (non-Javadoc)
+     * @see javax.crypto.interfaces.PBEKey#getPassword()
+     */
+    public char[] getPassword()
+    {
+        return pbeKeySpec.getPassword();
+    }
+
+    /* (non-Javadoc)
+     * @see javax.crypto.interfaces.PBEKey#getSalt()
+     */
+    public byte[] getSalt()
+    {
+        return pbeKeySpec.getSalt();
+    }
+
+    /* (non-Javadoc)
+     * @see javax.crypto.interfaces.PBEKey#getIterationCount()
+     */
+    public int getIterationCount()
+    {
+        return pbeKeySpec.getIterationCount();
+    }
+    
+    public ASN1ObjectIdentifier getOID()
+    {
+        return oid;
+    }
+    
+    public void setTryWrongPKCS12Zero(boolean tryWrong)
+    {
+        this.tryWrong = tryWrong; 
+    }
+    
+    boolean shouldTryWrongPKCS12()
+    {
+        return tryWrong;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseAlgorithmParameterGenerator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseAlgorithmParameterGenerator.java
new file mode 100644
index 0000000..74dfab2
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseAlgorithmParameterGenerator.java

@@ -0,0 +1,45 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.symmetric.util;
+
+import java.security.AlgorithmParameterGeneratorSpi;
+import java.security.AlgorithmParameters;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.SecureRandom;
+
+// Android-changed: Use default provider for JCA algorithms instead of BC
+// Was: import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+import com.android.org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
+import com.android.org.bouncycastle.jcajce.util.JcaJceHelper;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class BaseAlgorithmParameterGenerator
+    extends AlgorithmParameterGeneratorSpi
+{
+    // Android-changed: Use default provider for JCA algorithms instead of BC
+    // Was: private final JcaJceHelper helper = new BCJcaJceHelper();
+    private final JcaJceHelper helper = new DefaultJcaJceHelper();
+
+    protected SecureRandom  random;
+    protected int           strength = 1024;
+
+    public BaseAlgorithmParameterGenerator()
+    {
+    }
+
+    protected final AlgorithmParameters createParametersInstance(String algorithm)
+        throws NoSuchAlgorithmException, NoSuchProviderException
+    {
+        return helper.createAlgorithmParameters(algorithm);
+    }
+
+    protected void engineInit(
+        int             strength,
+        SecureRandom    random)
+    {
+        this.strength = strength;
+        this.random = random;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseAlgorithmParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseAlgorithmParameters.java
new file mode 100644
index 0000000..2258e4c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseAlgorithmParameters.java

@@ -0,0 +1,33 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.symmetric.util;
+
+import java.security.AlgorithmParametersSpi;
+import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.InvalidParameterSpecException;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class BaseAlgorithmParameters
+    extends AlgorithmParametersSpi
+{
+    protected boolean isASN1FormatString(String format)
+    {
+        return format == null || format.equals("ASN.1");
+    }
+
+    protected AlgorithmParameterSpec engineGetParameterSpec(
+        Class paramSpec)
+        throws InvalidParameterSpecException
+    {
+        if (paramSpec == null)
+        {
+            throw new NullPointerException("argument to getParameterSpec must not be null");
+        }
+
+        return localEngineGetParameterSpec(paramSpec);
+    }
+
+    protected abstract AlgorithmParameterSpec localEngineGetParameterSpec(Class paramSpec)
+        throws InvalidParameterSpecException;
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java
new file mode 100644
index 0000000..5c29fae
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseBlockCipher.java

@@ -0,0 +1,1499 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.symmetric.util;
+
+import java.lang.reflect.Constructor;
+import java.lang.reflect.Method;
+import java.nio.ByteBuffer;
+import java.security.AlgorithmParameters;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.InvalidParameterException;
+import java.security.Key;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.security.spec.AlgorithmParameterSpec;
+
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.SecretKey;
+import javax.crypto.ShortBufferException;
+import javax.crypto.interfaces.PBEKey;
+import javax.crypto.spec.IvParameterSpec;
+// BEGIN Android-added: Various key-handling modifications
+import javax.crypto.spec.PBEKeySpec;
+// END Android-added: Various key-handling modifications
+import javax.crypto.spec.PBEParameterSpec;
+// Android-removed: Unsupported algorithms
+// import javax.crypto.spec.RC2ParameterSpec;
+// import javax.crypto.spec.RC5ParameterSpec;
+
+import com.android.org.bouncycastle.asn1.cms.GCMParameters;
+import com.android.org.bouncycastle.crypto.BlockCipher;
+import com.android.org.bouncycastle.crypto.BufferedBlockCipher;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.CryptoServicesRegistrar;
+import com.android.org.bouncycastle.crypto.DataLengthException;
+import com.android.org.bouncycastle.crypto.InvalidCipherTextException;
+import com.android.org.bouncycastle.crypto.OutputLengthException;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.engines.DSTU7624Engine;
+import com.android.org.bouncycastle.crypto.modes.AEADBlockCipher;
+import com.android.org.bouncycastle.crypto.modes.CBCBlockCipher;
+import com.android.org.bouncycastle.crypto.modes.CCMBlockCipher;
+import com.android.org.bouncycastle.crypto.modes.CFBBlockCipher;
+import com.android.org.bouncycastle.crypto.modes.CTSBlockCipher;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.modes.EAXBlockCipher;
+// import org.bouncycastle.crypto.modes.GCFBBlockCipher;
+import com.android.org.bouncycastle.crypto.modes.GCMBlockCipher;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.modes.GOFBBlockCipher;
+// import org.bouncycastle.crypto.modes.KCCMBlockCipher;
+// import org.bouncycastle.crypto.modes.KCTRBlockCipher;
+// import org.bouncycastle.crypto.modes.KGCMBlockCipher;
+// import org.bouncycastle.crypto.modes.OCBBlockCipher;
+import com.android.org.bouncycastle.crypto.modes.OFBBlockCipher;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.modes.OpenPGPCFBBlockCipher;
+// import org.bouncycastle.crypto.modes.PGPCFBBlockCipher;
+import com.android.org.bouncycastle.crypto.modes.SICBlockCipher;
+import com.android.org.bouncycastle.crypto.paddings.BlockCipherPadding;
+import com.android.org.bouncycastle.crypto.paddings.ISO10126d2Padding;
+import com.android.org.bouncycastle.crypto.paddings.ISO7816d4Padding;
+import com.android.org.bouncycastle.crypto.paddings.PaddedBufferedBlockCipher;
+import com.android.org.bouncycastle.crypto.paddings.TBCPadding;
+import com.android.org.bouncycastle.crypto.paddings.X923Padding;
+import com.android.org.bouncycastle.crypto.paddings.ZeroBytePadding;
+import com.android.org.bouncycastle.crypto.params.AEADParameters;
+import com.android.org.bouncycastle.crypto.params.KeyParameter;
+import com.android.org.bouncycastle.crypto.params.ParametersWithIV;
+import com.android.org.bouncycastle.crypto.params.ParametersWithRandom;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.params.ParametersWithSBox;
+import com.android.org.bouncycastle.crypto.params.RC2Parameters;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.params.RC5Parameters;
+// import org.bouncycastle.jcajce.PBKDF1Key;
+// import org.bouncycastle.jcajce.PBKDF1KeyWithParameters;
+import com.android.org.bouncycastle.jcajce.PKCS12Key;
+import com.android.org.bouncycastle.jcajce.PKCS12KeyWithParameters;
+import com.android.org.bouncycastle.jcajce.spec.AEADParameterSpec;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jcajce.spec.GOST28147ParameterSpec;
+// import org.bouncycastle.jcajce.spec.RepeatedSecretKeySpec;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BaseBlockCipher
+    extends BaseWrapCipher
+    implements PBE
+{
+    private static final Class gcmSpecClass = ClassUtil.loadClass(BaseBlockCipher.class, "javax.crypto.spec.GCMParameterSpec");
+
+    //
+    // specs we can handle.
+    //
+    private Class[]                 availableSpecs =
+                                    {
+                                        // Android-removed: Unsupported algorithms
+                                        // RC2ParameterSpec.class,
+                                        // RC5ParameterSpec.class,
+                                        gcmSpecClass,
+                                        // Android-removed: Unsupported algorithms
+                                        // GOST28147ParameterSpec.class
+                                        IvParameterSpec.class,
+                                        PBEParameterSpec.class
+                                    };
+
+    private BlockCipher             baseEngine;
+    private BlockCipherProvider     engineProvider;
+    private GenericBlockCipher      cipher;
+    private ParametersWithIV        ivParam;
+    private AEADParameters          aeadParams;
+
+    private int keySizeInBits;
+    private int scheme = -1;
+    private int digest;
+
+    private int                     ivLength = 0;
+
+    private boolean                 padded;
+    private boolean                 fixedIv = true;
+    private PBEParameterSpec        pbeSpec = null;
+    private String                  pbeAlgorithm = null;
+
+    private String                  modeName = null;
+
+    protected BaseBlockCipher(
+        BlockCipher engine)
+    {
+        baseEngine = engine;
+
+        cipher = new BufferedGenericBlockCipher(engine);
+    }
+
+    protected BaseBlockCipher(
+        BlockCipher engine,
+        int scheme,
+        int digest,
+        int keySizeInBits,
+        int ivLength)
+    {
+        baseEngine = engine;
+
+        this.scheme = scheme;
+        this.digest = digest;
+        this.keySizeInBits = keySizeInBits;
+        this.ivLength = ivLength;
+
+        cipher = new BufferedGenericBlockCipher(engine);
+    }
+
+    protected BaseBlockCipher(
+        BlockCipherProvider provider)
+    {
+        baseEngine = provider.get();
+        engineProvider = provider;
+
+        cipher = new BufferedGenericBlockCipher(provider.get());
+    }
+
+    protected BaseBlockCipher(
+        AEADBlockCipher engine)
+    {
+        this.baseEngine = engine.getUnderlyingCipher();
+        this.ivLength = baseEngine.getBlockSize();
+        this.cipher = new AEADGenericBlockCipher(engine);
+    }
+
+    protected BaseBlockCipher(
+        AEADBlockCipher engine,
+        boolean fixedIv,
+        int ivLength)
+    {
+        this.baseEngine = engine.getUnderlyingCipher();
+        this.fixedIv = fixedIv;
+        this.ivLength = ivLength;
+        this.cipher = new AEADGenericBlockCipher(engine);
+    }
+
+    protected BaseBlockCipher(
+        com.android.org.bouncycastle.crypto.BlockCipher engine,
+        int ivLength)
+    {
+        this(engine, true, ivLength);
+    }
+
+    protected BaseBlockCipher(
+        com.android.org.bouncycastle.crypto.BlockCipher engine,
+        boolean fixedIv,
+        int ivLength)
+    {
+        baseEngine = engine;
+
+        this.fixedIv = fixedIv;
+        this.cipher = new BufferedGenericBlockCipher(engine);
+        this.ivLength = ivLength / 8;
+    }
+
+    protected BaseBlockCipher(
+        BufferedBlockCipher engine,
+        int ivLength)
+    {
+        this(engine, true, ivLength);
+    }
+
+    protected BaseBlockCipher(
+        BufferedBlockCipher engine,
+        boolean fixedIv,
+        int ivLength)
+    {
+        baseEngine = engine.getUnderlyingCipher();
+
+        this.cipher = new BufferedGenericBlockCipher(engine);
+        this.fixedIv = fixedIv;
+        this.ivLength = ivLength / 8;
+    }
+
+    protected int engineGetBlockSize()
+    {
+        return baseEngine.getBlockSize();
+    }
+
+    protected byte[] engineGetIV()
+    {
+        if (aeadParams != null)
+        {
+            return aeadParams.getNonce();
+        }
+
+        return (ivParam != null) ? ivParam.getIV() : null;
+    }
+
+    protected int engineGetKeySize(
+        Key     key)
+    {
+        return key.getEncoded().length * 8;
+    }
+
+    protected int engineGetOutputSize(
+        int     inputLen)
+    {
+        return cipher.getOutputSize(inputLen);
+    }
+
+    protected AlgorithmParameters engineGetParameters()
+    {
+        if (engineParams == null)
+        {
+            if (pbeSpec != null)
+            {
+                try
+                {
+                    engineParams = createParametersInstance(pbeAlgorithm);
+                    engineParams.init(pbeSpec);
+                }
+                catch (Exception e)
+                {
+                    return null;
+                }
+            }
+            else if (aeadParams != null)
+            {
+                try
+                {
+                    engineParams = createParametersInstance("GCM");
+                    engineParams.init(new GCMParameters(aeadParams.getNonce(), aeadParams.getMacSize() / 8).getEncoded());
+                }
+                catch (Exception e)
+                {
+                    throw new RuntimeException(e.toString());
+                }
+            }
+            else if (ivParam != null)
+            {
+                String  name = cipher.getUnderlyingCipher().getAlgorithmName();
+
+                if (name.indexOf('/') >= 0)
+                {
+                    name = name.substring(0, name.indexOf('/'));
+                }
+
+                try
+                {
+                    engineParams = createParametersInstance(name);
+                    engineParams.init(new IvParameterSpec(ivParam.getIV()));
+                }
+                catch (Exception e)
+                {
+                    throw new RuntimeException(e.toString());
+                }
+            }
+        }
+
+        return engineParams;
+    }
+
+    protected void engineSetMode(
+        String  mode)
+        throws NoSuchAlgorithmException
+    {
+        modeName = Strings.toUpperCase(mode);
+
+        if (modeName.equals("ECB"))
+        {
+            ivLength = 0;
+            cipher = new BufferedGenericBlockCipher(baseEngine);
+        }
+        else if (modeName.equals("CBC"))
+        {
+            ivLength = baseEngine.getBlockSize();
+            cipher = new BufferedGenericBlockCipher(
+                            new CBCBlockCipher(baseEngine));
+        }
+        else if (modeName.startsWith("OFB"))
+        {
+            ivLength = baseEngine.getBlockSize();
+            if (modeName.length() != 3)
+            {
+                int wordSize = Integer.parseInt(modeName.substring(3));
+
+                cipher = new BufferedGenericBlockCipher(
+                                new OFBBlockCipher(baseEngine, wordSize));
+            }
+            else
+            {
+                cipher = new BufferedGenericBlockCipher(
+                        new OFBBlockCipher(baseEngine, 8 * baseEngine.getBlockSize()));
+            }
+        }
+        else if (modeName.startsWith("CFB"))
+        {
+            ivLength = baseEngine.getBlockSize();
+            if (modeName.length() != 3)
+            {
+                int wordSize = Integer.parseInt(modeName.substring(3));
+
+                cipher = new BufferedGenericBlockCipher(
+                                new CFBBlockCipher(baseEngine, wordSize));
+            }
+            else
+            {
+                cipher = new BufferedGenericBlockCipher(
+                        new CFBBlockCipher(baseEngine, 8 * baseEngine.getBlockSize()));
+            }
+        }
+        // BEGIN Android-removed: Unsupported modes
+        /*
+        else if (modeName.startsWith("PGP"))
+        {
+            boolean inlineIV = modeName.equalsIgnoreCase("PGPCFBwithIV");
+
+            ivLength = baseEngine.getBlockSize();
+            cipher = new BufferedGenericBlockCipher(
+                new PGPCFBBlockCipher(baseEngine, inlineIV));
+        }
+        else if (modeName.equalsIgnoreCase("OpenPGPCFB"))
+        {
+            ivLength = 0;
+            cipher = new BufferedGenericBlockCipher(
+                new OpenPGPCFBBlockCipher(baseEngine));
+        }
+        else if (modeName.startsWith("SIC"))
+        {
+            ivLength = baseEngine.getBlockSize();
+            if (ivLength < 16)
+            {
+                throw new IllegalArgumentException("Warning: SIC-Mode can become a twotime-pad if the blocksize of the cipher is too small. Use a cipher with a block size of at least 128 bits (e.g. AES)");
+            }
+            fixedIv = false;
+            cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
+                        new SICBlockCipher(baseEngine)));
+        }
+        */
+        // END Android-removed: Unsupported modes
+        else if (modeName.startsWith("CTR"))
+        {
+            ivLength = baseEngine.getBlockSize();
+            fixedIv = false;
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            if (baseEngine instanceof DSTU7624Engine)
+            {
+                cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
+                                    new KCTRBlockCipher(baseEngine)));
+            }
+            else
+            {
+            */
+                cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
+                    new SICBlockCipher(baseEngine)));
+            /*
+            }
+            */
+        }
+        // BEGIN Android-removed: Unsupported modes
+        /*
+        else if (modeName.startsWith("GOFB"))
+        {
+            ivLength = baseEngine.getBlockSize();
+            cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
+                        new GOFBBlockCipher(baseEngine)));
+        }
+        else if (modeName.startsWith("GCFB"))
+        {
+            ivLength = baseEngine.getBlockSize();
+            cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(
+                        new GCFBBlockCipher(baseEngine)));
+        }
+        */
+        // END Android-removed: Unsupported modes
+        else if (modeName.startsWith("CTS"))
+        {
+            ivLength = baseEngine.getBlockSize();
+            cipher = new BufferedGenericBlockCipher(new CTSBlockCipher(new CBCBlockCipher(baseEngine)));
+        }
+        else if (modeName.startsWith("CCM"))
+        {
+            ivLength = 12; // CCM nonce 7..13 bytes
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            if (baseEngine instanceof DSTU7624Engine)
+            {
+                cipher = new AEADGenericBlockCipher(new KCCMBlockCipher(baseEngine));
+            }
+            else
+            {
+            */
+                cipher = new AEADGenericBlockCipher(new CCMBlockCipher(baseEngine));
+            /*
+            }
+            */
+        }
+        // BEGIN Android-removed: Unsupported modes
+        /*
+        else if (modeName.startsWith("OCB"))
+        {
+            if (engineProvider != null)
+            {
+                /*
+                 * RFC 7253 4.2. Nonce is a string of no more than 120 bits
+                 *
+                ivLength = 15;
+                cipher = new AEADGenericBlockCipher(new OCBBlockCipher(baseEngine, engineProvider.get()));
+            }
+            else
+            {
+                throw new NoSuchAlgorithmException("can't support mode " + mode);
+            }
+        }
+        else if (modeName.startsWith("EAX"))
+        {
+            ivLength = baseEngine.getBlockSize();
+            cipher = new AEADGenericBlockCipher(new EAXBlockCipher(baseEngine));
+        }
+        */
+        // END Android-removed: Unsupported modes
+        else if (modeName.startsWith("GCM"))
+        {
+            ivLength = baseEngine.getBlockSize();
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            if (baseEngine instanceof DSTU7624Engine)
+            {
+                cipher = new AEADGenericBlockCipher(new KGCMBlockCipher(baseEngine));
+            }
+            else
+            {
+            */
+                cipher = new AEADGenericBlockCipher(new GCMBlockCipher(baseEngine));
+            /*
+            }
+            */
+        }
+        else
+        {
+            throw new NoSuchAlgorithmException("can't support mode " + mode);
+        }
+    }
+
+    protected void engineSetPadding(
+        String  padding)
+    throws NoSuchPaddingException
+    {
+        String  paddingName = Strings.toUpperCase(padding);
+
+        if (paddingName.equals("NOPADDING"))
+        {
+            if (cipher.wrapOnNoPadding())
+            {
+                cipher = new BufferedGenericBlockCipher(new BufferedBlockCipher(cipher.getUnderlyingCipher()));
+            }
+        }
+        else if (paddingName.equals("WITHCTS") || paddingName.equals("CTSPADDING") || paddingName.equals("CS3PADDING"))
+        {
+            cipher = new BufferedGenericBlockCipher(new CTSBlockCipher(cipher.getUnderlyingCipher()));
+        }
+        else
+        {
+            padded = true;
+
+            if (isAEADModeName(modeName))
+            {
+                throw new NoSuchPaddingException("Only NoPadding can be used with AEAD modes.");
+            }
+            else if (paddingName.equals("PKCS5PADDING") || paddingName.equals("PKCS7PADDING"))
+            {
+                cipher = new BufferedGenericBlockCipher(cipher.getUnderlyingCipher());
+            }
+            else if (paddingName.equals("ZEROBYTEPADDING"))
+            {
+                cipher = new BufferedGenericBlockCipher(cipher.getUnderlyingCipher(), new ZeroBytePadding());
+            }
+            else if (paddingName.equals("ISO10126PADDING") || paddingName.equals("ISO10126-2PADDING"))
+            {
+                cipher = new BufferedGenericBlockCipher(cipher.getUnderlyingCipher(), new ISO10126d2Padding());
+            }
+            else if (paddingName.equals("X9.23PADDING") || paddingName.equals("X923PADDING"))
+            {
+                cipher = new BufferedGenericBlockCipher(cipher.getUnderlyingCipher(), new X923Padding());
+            }
+            else if (paddingName.equals("ISO7816-4PADDING") || paddingName.equals("ISO9797-1PADDING"))
+            {
+                cipher = new BufferedGenericBlockCipher(cipher.getUnderlyingCipher(), new ISO7816d4Padding());
+            }
+            else if (paddingName.equals("TBCPADDING"))
+            {
+                cipher = new BufferedGenericBlockCipher(cipher.getUnderlyingCipher(), new TBCPadding());
+            }
+            else
+            {
+                throw new NoSuchPaddingException("Padding " + padding + " unknown.");
+            }
+        }
+    }
+
+    // BEGIN Android-added: Handling missing IVs
+    private boolean isBCPBEKeyWithoutIV(Key key) {
+        return (key instanceof BCPBEKey) && !(((BCPBEKey)key).getParam() instanceof ParametersWithIV);
+    }
+    // END Android-added: Handling missing IVs
+
+    protected void engineInit(
+        int                     opmode,
+        Key                     key,
+        AlgorithmParameterSpec  params,
+        SecureRandom            random)
+        throws InvalidKeyException, InvalidAlgorithmParameterException
+    {
+        CipherParameters        param;
+
+        this.pbeSpec = null;
+        this.pbeAlgorithm = null;
+        this.engineParams = null;
+        this.aeadParams = null;
+
+        //
+        // basic key check
+        //
+        if (!(key instanceof SecretKey))
+        {
+            throw new InvalidKeyException("Key for algorithm " + ((key != null) ? key.getAlgorithm() : null) + " not suitable for symmetric enryption.");
+        }
+
+        //
+        // for RC5-64 we must have some default parameters
+        //
+        if (params == null && baseEngine.getAlgorithmName().startsWith("RC5-64"))
+        {
+            throw new InvalidAlgorithmParameterException("RC5 requires an RC5ParametersSpec to be passed in.");
+        }
+
+        //
+        // a note on iv's - if ivLength is zero the IV gets ignored (we don't use it).
+        //
+        // BEGIN Android-changed: Don't use PKCS12 with missing IV.
+        // If the key is a BCPBE one without an IV, ignore the fact that the scheme is PKCS12.
+        // if (scheme == PKCS12 || key instanceof PKCS12Key)
+        if ((scheme == PKCS12 || key instanceof PKCS12Key) && !isBCPBEKeyWithoutIV(key))
+        // END Android-changed: Don't use PKCS12 with missing IV.
+        {
+            SecretKey k;
+            try
+            {
+                k = (SecretKey)key;
+            }
+            catch (Exception e)
+            {
+                throw new InvalidKeyException("PKCS12 requires a SecretKey/PBEKey");
+            }
+
+            if (params instanceof  PBEParameterSpec)
+            {
+                pbeSpec = (PBEParameterSpec)params;
+            }
+
+            if (k instanceof PBEKey && pbeSpec == null)
+            {
+                PBEKey pbeKey = (PBEKey)k;
+                if (pbeKey.getSalt() == null)
+                {
+                    throw new InvalidAlgorithmParameterException("PBEKey requires parameters to specify salt");
+                }
+                pbeSpec = new PBEParameterSpec(pbeKey.getSalt(), pbeKey.getIterationCount());
+            }
+
+            if (pbeSpec == null && !(k instanceof PBEKey))
+            {
+                throw new InvalidKeyException("Algorithm requires a PBE key");
+            }
+
+            if (key instanceof BCPBEKey)
+            {
+                // PKCS#12 sets an IV, if we get a key that doesn't have ParametersWithIV we need to reject it. If the
+                // key has no parameters it means it's an old-school JCE PBE Key - we use getEncoded() on it.
+                CipherParameters pbeKeyParam = ((BCPBEKey)key).getParam();
+                if (pbeKeyParam instanceof ParametersWithIV)
+                {
+                    param = pbeKeyParam;
+                }
+                else if (pbeKeyParam == null)
+                {
+                    // BEGIN Android-changed: Unreachable code
+                    // See above for the Android change that makes this code unreachable.
+                    // param = PBE.Util.makePBEParameters(k.getEncoded(), PKCS12, digest, keySizeInBits, ivLength * 8, pbeSpec, cipher.getAlgorithmName());
+                    throw new AssertionError("Unreachable code");
+                    // END Android-changed: Unreachable code
+                }
+                else
+                {
+                    throw new InvalidKeyException("Algorithm requires a PBE key suitable for PKCS12");
+                }
+            }
+            else
+            {
+                param = PBE.Util.makePBEParameters(k.getEncoded(), PKCS12, digest, keySizeInBits, ivLength * 8, pbeSpec, cipher.getAlgorithmName());
+            }
+            if (param instanceof ParametersWithIV)
+            {
+                ivParam = (ParametersWithIV)param;
+            }
+        }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        else if (key instanceof PBKDF1Key)
+        {
+            PBKDF1Key k = (PBKDF1Key)key;
+
+            if (params instanceof PBEParameterSpec)
+            {
+                pbeSpec = (PBEParameterSpec)params;
+            }
+            if (k instanceof PBKDF1KeyWithParameters && pbeSpec == null)
+            {
+                pbeSpec = new PBEParameterSpec(((PBKDF1KeyWithParameters)k).getSalt(), ((PBKDF1KeyWithParameters)k).getIterationCount());
+            }
+
+            param = PBE.Util.makePBEParameters(k.getEncoded(), PKCS5S1, digest, keySizeInBits, ivLength * 8, pbeSpec, cipher.getAlgorithmName());
+            if (param instanceof ParametersWithIV)
+            {
+                ivParam = (ParametersWithIV)param;
+            }
+        }
+        */
+        // END Android-removed: Unsupported algorithms
+        else if (key instanceof BCPBEKey)
+        {
+            BCPBEKey k = (BCPBEKey)key;
+
+            if (k.getOID() != null)
+            {
+                pbeAlgorithm = k.getOID().getId();
+            }
+            else
+            {
+                pbeAlgorithm = k.getAlgorithm();
+            }
+
+            if (k.getParam() != null)
+            {
+                param = adjustParameters(params, k.getParam());
+            }
+            else if (params instanceof PBEParameterSpec)
+            {
+                pbeSpec = (PBEParameterSpec)params;
+                // BEGIN Android-added: Allow PBE keys with only passwords.
+                // At this point, k.getParam() == null, so the key hasn't been generated.  If
+                // the parameters have non-default values, recreate the BCPBEKey from algorithm
+                // parameters as to generate the key.
+                if ((pbeSpec.getSalt().length != 0) && (pbeSpec.getIterationCount() > 0)) {
+                    k = new BCPBEKey(k.getAlgorithm(), k.getOID(), k.getType(), k.getDigest(),
+                            k.getKeySize(), k.getIvSize(),
+                            new PBEKeySpec(
+                                    k.getPassword(), pbeSpec.getSalt(), pbeSpec.getIterationCount(),
+                                    k.getKeySize()),
+                            null /* CipherParameters */);
+                }
+                // END Android-added: Allow PBE keys with only passwords.
+                param = PBE.Util.makePBEParameters(k, params, cipher.getUnderlyingCipher().getAlgorithmName());
+            }
+            else
+            {
+                throw new InvalidAlgorithmParameterException("PBE requires PBE parameters to be set.");
+            }
+
+            if (param instanceof ParametersWithIV)
+            {
+                ivParam = (ParametersWithIV)param;
+            }
+        }
+        else if (key instanceof PBEKey)
+        {
+            PBEKey k = (PBEKey)key;
+            pbeSpec = (PBEParameterSpec)params;
+            if (k instanceof PKCS12KeyWithParameters && pbeSpec == null)
+            {
+                pbeSpec = new PBEParameterSpec(k.getSalt(), k.getIterationCount());
+            }
+
+            param = PBE.Util.makePBEParameters(k.getEncoded(), scheme, digest, keySizeInBits, ivLength * 8, pbeSpec, cipher.getAlgorithmName());
+            if (param instanceof ParametersWithIV)
+            {
+                ivParam = (ParametersWithIV)param;
+            }
+        }
+        // BEGIN Android-changed: Unsupported algorithm
+        // else if (!(key instanceof RepeatedSecretKeySpec))
+        else
+        // END Android-changed: Unsupported algorithms
+        {
+            if (scheme == PKCS5S1 || scheme == PKCS5S1_UTF8 || scheme == PKCS5S2 || scheme == PKCS5S2_UTF8)
+            {
+                throw new InvalidKeyException("Algorithm requires a PBE key");
+            }
+            param = new KeyParameter(key.getEncoded());
+        }
+        // BEGIN Android-removed: Unreachable
+        // else
+        // {
+        //    param = null;
+        // }
+        // END Android-removed: Unreachable
+
+        if (params instanceof AEADParameterSpec)
+        {
+            if (!isAEADModeName(modeName) && !(cipher instanceof AEADGenericBlockCipher))
+            {
+                throw new InvalidAlgorithmParameterException("AEADParameterSpec can only be used with AEAD modes.");
+            }
+
+            AEADParameterSpec aeadSpec = (AEADParameterSpec)params;
+
+            KeyParameter keyParam;
+            if (param instanceof ParametersWithIV)
+            {
+                keyParam = (KeyParameter)((ParametersWithIV)param).getParameters();
+            }
+            else
+            {
+                keyParam = (KeyParameter)param;
+            }
+            param = aeadParams = new AEADParameters(keyParam, aeadSpec.getMacSizeInBits(), aeadSpec.getNonce(), aeadSpec.getAssociatedData());
+        }
+        else if (params instanceof IvParameterSpec)
+        {
+            if (ivLength != 0)
+            {
+                IvParameterSpec p = (IvParameterSpec)params;
+
+                if (p.getIV().length != ivLength && !(cipher instanceof AEADGenericBlockCipher) && fixedIv)
+                {
+                    throw new InvalidAlgorithmParameterException("IV must be " + ivLength + " bytes long.");
+                }
+
+                if (param instanceof ParametersWithIV)
+                {
+                    param = new ParametersWithIV(((ParametersWithIV)param).getParameters(), p.getIV());
+                }
+                else
+                {
+                    param = new ParametersWithIV(param, p.getIV());
+                }
+                ivParam = (ParametersWithIV)param;
+            }
+            else
+            {
+                if (modeName != null && modeName.equals("ECB"))
+                {
+                    throw new InvalidAlgorithmParameterException("ECB mode does not use an IV");
+                }
+            }
+        }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        else if (params instanceof GOST28147ParameterSpec)
+        {
+            GOST28147ParameterSpec    gost28147Param = (GOST28147ParameterSpec)params;
+
+            param = new ParametersWithSBox(
+                       new KeyParameter(key.getEncoded()), ((GOST28147ParameterSpec)params).getSbox());
+
+            if (gost28147Param.getIV() != null && ivLength != 0)
+            {
+                if (param instanceof ParametersWithIV)
+                {
+                    param = new ParametersWithIV(((ParametersWithIV)param).getParameters(), gost28147Param.getIV());
+                }
+                else
+                {
+                    param = new ParametersWithIV(param, gost28147Param.getIV());
+                }
+                ivParam = (ParametersWithIV)param;
+            }
+        }
+        else if (params instanceof RC2ParameterSpec)
+        {
+            RC2ParameterSpec    rc2Param = (RC2ParameterSpec)params;
+
+            param = new RC2Parameters(key.getEncoded(), ((RC2ParameterSpec)params).getEffectiveKeyBits());
+
+            if (rc2Param.getIV() != null && ivLength != 0)
+            {
+                if (param instanceof ParametersWithIV)
+                {
+                    param = new ParametersWithIV(((ParametersWithIV)param).getParameters(), rc2Param.getIV());
+                }
+                else
+                {
+                    param = new ParametersWithIV(param, rc2Param.getIV());
+                }
+                ivParam = (ParametersWithIV)param;
+            }
+        }
+        else if (params instanceof RC5ParameterSpec)
+        {
+            RC5ParameterSpec    rc5Param = (RC5ParameterSpec)params;
+
+            param = new RC5Parameters(key.getEncoded(), ((RC5ParameterSpec)params).getRounds());
+            if (baseEngine.getAlgorithmName().startsWith("RC5"))
+            {
+                if (baseEngine.getAlgorithmName().equals("RC5-32"))
+                {
+                    if (rc5Param.getWordSize() != 32)
+                    {
+                        throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 32 not " + rc5Param.getWordSize() + ".");
+                    }
+                }
+                else if (baseEngine.getAlgorithmName().equals("RC5-64"))
+                {
+                    if (rc5Param.getWordSize() != 64)
+                    {
+                        throw new InvalidAlgorithmParameterException("RC5 already set up for a word size of 64 not " + rc5Param.getWordSize() + ".");
+                    }
+                }
+            }
+            else
+            {
+                throw new InvalidAlgorithmParameterException("RC5 parameters passed to a cipher that is not RC5.");
+            }
+            if ((rc5Param.getIV() != null) && (ivLength != 0))
+            {
+                if (param instanceof ParametersWithIV)
+                {
+                    param = new ParametersWithIV(((ParametersWithIV)param).getParameters(), rc5Param.getIV());
+                }
+                else
+                {
+                    param = new ParametersWithIV(param, rc5Param.getIV());
+                }
+                ivParam = (ParametersWithIV)param;
+            }
+        }
+        */
+        // END Android-removed: Unsupported algorithms
+        else if (gcmSpecClass != null && gcmSpecClass.isInstance(params))
+        {
+            if (!isAEADModeName(modeName) && !(cipher instanceof AEADGenericBlockCipher))
+            {
+                throw new InvalidAlgorithmParameterException("GCMParameterSpec can only be used with AEAD modes.");
+            }
+
+            try
+            {
+                Method tLen = gcmSpecClass.getDeclaredMethod("getTLen", new Class[0]);
+                Method iv= gcmSpecClass.getDeclaredMethod("getIV", new Class[0]);
+
+                KeyParameter keyParam;
+                if (param instanceof ParametersWithIV)
+                {
+                    keyParam = (KeyParameter)((ParametersWithIV)param).getParameters();
+                }
+                else
+                {
+                    keyParam = (KeyParameter)param;
+                }
+                param = aeadParams = new AEADParameters(keyParam, ((Integer)tLen.invoke(params, new Object[0])).intValue(), (byte[])iv.invoke(params, new Object[0]));
+            }
+            catch (Exception e)
+            {
+                throw new InvalidAlgorithmParameterException("Cannot process GCMParameterSpec.");
+            }
+        }
+        else if (params != null && !(params instanceof PBEParameterSpec))
+        {
+            throw new InvalidAlgorithmParameterException("unknown parameter type.");
+        }
+
+        if ((ivLength != 0) && !(param instanceof ParametersWithIV) && !(param instanceof AEADParameters))
+        {
+            SecureRandom    ivRandom = random;
+
+            if (ivRandom == null)
+            {
+                ivRandom = CryptoServicesRegistrar.getSecureRandom();
+            }
+
+            if ((opmode == Cipher.ENCRYPT_MODE) || (opmode == Cipher.WRAP_MODE))
+            {
+                byte[]  iv = new byte[ivLength];
+
+                // BEGIN Android-changed: For PBE keys with no IV, log and use IV of 0
+                // These keys were accepted in BC 1.52 (and treated as having an IV of 0) but
+                // rejected outright in BC 1.54 (even if an IV was passed in params).  We
+                // want the eventual state to be that an IV can be passed in params, but the key
+                // is rejected otherwise.  For now, log that these will be rejected in a future
+                // release.  See b/27995180 for historical details.
+                // ivRandom.nextBytes(iv);
+                if (!isBCPBEKeyWithoutIV(key)) {
+                    ivRandom.nextBytes(iv);
+                } else {
+                    // TODO(b/70275132): Change to rejecting these keys
+                    System.err.println(" ******** DEPRECATED FUNCTIONALITY ********");
+                    System.err.println(" * You have initialized a cipher with a PBE key with no IV and");
+                    System.err.println(" * have not provided an IV in the AlgorithmParameterSpec.  This");
+                    System.err.println(" * configuration is deprecated.  The cipher will be initialized");
+                    System.err.println(" * with an all-zero IV, but in a future release this call will");
+                    System.err.println(" * throw an exception.");
+                    new InvalidAlgorithmParameterException("No IV set when using PBE key")
+                            .printStackTrace(System.err);
+                }
+                // END Android-changed: For PBE keys with no IV, log and use IV of 0
+                param = new ParametersWithIV(param, iv);
+                ivParam = (ParametersWithIV)param;
+            }
+            else if (cipher.getUnderlyingCipher().getAlgorithmName().indexOf("PGPCFB") < 0)
+            {
+                // BEGIN Android-changed: For PBE keys with no IV, log and use IV of 0
+                // These keys were accepted in BC 1.52 (and treated as having an IV of 0) but
+                // rejected outright in BC 1.54 (even if an IV was passed in params).  We
+                // want the eventual state to be that an IV can be passed in params, but the key
+                // is rejected otherwise.  For now, log that these will be rejected in a future
+                // release.  See b/27995180 for historical details.
+                // throw new InvalidAlgorithmParameterException("no IV set when one expected");
+                if (!isBCPBEKeyWithoutIV(key)) {
+                    throw new InvalidAlgorithmParameterException("no IV set when one expected");
+                } else {
+                    // TODO(b/70275132): Change to rejecting these keys
+                    System.err.println(" ******** DEPRECATED FUNCTIONALITY ********");
+                    System.err.println(" * You have initialized a cipher with a PBE key with no IV and");
+                    System.err.println(" * have not provided an IV in the AlgorithmParameterSpec.  This");
+                    System.err.println(" * configuration is deprecated.  The cipher will be initialized");
+                    System.err.println(" * with an all-zero IV, but in a future release this call will");
+                    System.err.println(" * throw an exception.");
+                    new InvalidAlgorithmParameterException("No IV set when using PBE key")
+                            .printStackTrace(System.err);
+                    // Mimic behaviour in 1.52 by using an IV of 0's
+                    param = new ParametersWithIV(param, new byte[ivLength]);
+                    ivParam = (ParametersWithIV)param;
+                }
+                // END Android-changed: For PBE keys with no IV, log and use IV of 0
+            }
+        }
+
+
+
+        if (random != null && padded)
+        {
+            param = new ParametersWithRandom(param, random);
+        }
+
+        try
+        {
+            switch (opmode)
+            {
+            case Cipher.ENCRYPT_MODE:
+            case Cipher.WRAP_MODE:
+                cipher.init(true, param);
+                break;
+            case Cipher.DECRYPT_MODE:
+            case Cipher.UNWRAP_MODE:
+                cipher.init(false, param);
+                break;
+            default:
+                throw new InvalidParameterException("unknown opmode " + opmode + " passed");
+            }
+
+            if (cipher instanceof AEADGenericBlockCipher && aeadParams == null)
+            {
+                AEADBlockCipher aeadCipher = ((AEADGenericBlockCipher)cipher).cipher;
+
+                aeadParams = new AEADParameters((KeyParameter)ivParam.getParameters(), aeadCipher.getMac().length * 8, ivParam.getIV());
+            }
+        }
+        catch (final Exception e)
+        {
+            throw new InvalidKeyOrParametersException(e.getMessage(), e);
+        }
+    }
+
+    private CipherParameters adjustParameters(AlgorithmParameterSpec params, CipherParameters param)
+    {
+        CipherParameters key;
+
+        if (param instanceof ParametersWithIV)
+        {
+            key = ((ParametersWithIV)param).getParameters();
+            if (params instanceof IvParameterSpec)
+            {
+                IvParameterSpec iv = (IvParameterSpec)params;
+
+                ivParam = new ParametersWithIV(key, iv.getIV());
+                param = ivParam;
+            }
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            else if (params instanceof GOST28147ParameterSpec)
+            {
+                // need to pick up IV and SBox.
+                GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params;
+
+                param = new ParametersWithSBox(param, gost28147Param.getSbox());
+
+                if (gost28147Param.getIV() != null && ivLength != 0)
+                {
+                    ivParam = new ParametersWithIV(key, gost28147Param.getIV());
+                    param = ivParam;
+                }
+            }
+            */
+            // END Android-removed: Unsupported algorithms
+        }
+        else
+        {
+            if (params instanceof IvParameterSpec)
+            {
+                IvParameterSpec iv = (IvParameterSpec)params;
+
+                ivParam = new ParametersWithIV(param, iv.getIV());
+                param = ivParam;
+            }
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            else if (params instanceof GOST28147ParameterSpec)
+            {
+                // need to pick up IV and SBox.
+                GOST28147ParameterSpec gost28147Param = (GOST28147ParameterSpec)params;
+
+                param = new ParametersWithSBox(param, gost28147Param.getSbox());
+
+                if (gost28147Param.getIV() != null && ivLength != 0)
+                {
+                    param = new ParametersWithIV(param, gost28147Param.getIV());
+                }
+            }
+            */
+            // END Android-removed: Unsupported algorithms
+        }
+        return param;
+    }
+
+    protected void engineInit(
+        int                 opmode,
+        Key                 key,
+        AlgorithmParameters params,
+        SecureRandom        random) 
+    throws InvalidKeyException, InvalidAlgorithmParameterException
+    {
+        AlgorithmParameterSpec  paramSpec = null;
+
+        if (params != null)
+        {
+            for (int i = 0; i != availableSpecs.length; i++)
+            {
+                if (availableSpecs[i] == null)
+                {
+                    continue;
+                }
+
+                try
+                {
+                    paramSpec = params.getParameterSpec(availableSpecs[i]);
+                    break;
+                }
+                catch (Exception e)
+                {
+                    // try again if possible
+                }
+            }
+
+            if (paramSpec == null)
+            {
+                throw new InvalidAlgorithmParameterException("can't handle parameter " + params.toString());
+            }
+        }
+
+        engineInit(opmode, key, paramSpec, random);
+        
+        engineParams = params;
+    }
+
+    protected void engineInit(
+        int                 opmode,
+        Key                 key,
+        SecureRandom        random) 
+        throws InvalidKeyException
+    {
+        try
+        {
+            engineInit(opmode, key, (AlgorithmParameterSpec)null, random);
+        }
+        catch (InvalidAlgorithmParameterException e)
+        {
+            throw new InvalidKeyException(e.getMessage());
+        }
+    }
+
+    protected void engineUpdateAAD(byte[] input, int offset, int length)
+    {
+        cipher.updateAAD(input, offset, length);
+    }
+
+    protected void engineUpdateAAD(ByteBuffer bytebuffer)
+    {
+        int offset = bytebuffer.arrayOffset() + bytebuffer.position();
+        int length = bytebuffer.limit() - bytebuffer.position();
+        engineUpdateAAD(bytebuffer.array(), offset, length);
+    }
+
+    protected byte[] engineUpdate(
+        byte[]  input,
+        int     inputOffset,
+        int     inputLen) 
+    {
+        int     length = cipher.getUpdateOutputSize(inputLen);
+
+        if (length > 0)
+        {
+                byte[]  out = new byte[length];
+
+                int len = cipher.processBytes(input, inputOffset, inputLen, out, 0);
+
+                if (len == 0)
+                {
+                    return null;
+                }
+                else if (len != out.length)
+                {
+                    byte[]  tmp = new byte[len];
+
+                    System.arraycopy(out, 0, tmp, 0, len);
+
+                    return tmp;
+                }
+
+                return out;
+        }
+
+        cipher.processBytes(input, inputOffset, inputLen, null, 0);
+
+        return null;
+    }
+
+    protected int engineUpdate(
+        byte[]  input,
+        int     inputOffset,
+        int     inputLen,
+        byte[]  output,
+        int     outputOffset)
+        throws ShortBufferException
+    {
+        if (outputOffset + cipher.getUpdateOutputSize(inputLen) > output.length)
+        {
+            throw new ShortBufferException("output buffer too short for input.");
+        }
+
+        try
+        {
+            return cipher.processBytes(input, inputOffset, inputLen, output, outputOffset);
+        }
+        catch (DataLengthException e)
+        {
+            // should never occur
+            throw new IllegalStateException(e.toString());
+        }
+    }
+
+    protected byte[] engineDoFinal(
+        byte[]  input,
+        int     inputOffset,
+        int     inputLen) 
+        throws IllegalBlockSizeException, BadPaddingException
+    {
+        int     len = 0;
+        byte[]  tmp = new byte[engineGetOutputSize(inputLen)];
+
+        if (inputLen != 0)
+        {
+            len = cipher.processBytes(input, inputOffset, inputLen, tmp, 0);
+        }
+
+        try
+        {
+            len += cipher.doFinal(tmp, len);
+        }
+        catch (DataLengthException e)
+        {
+            throw new IllegalBlockSizeException(e.getMessage());
+        }
+
+        if (len == tmp.length)
+        {
+            return tmp;
+        }
+
+        byte[]  out = new byte[len];
+
+        System.arraycopy(tmp, 0, out, 0, len);
+
+        return out;
+    }
+
+    protected int engineDoFinal(
+        byte[]  input,
+        int     inputOffset,
+        int     inputLen,
+        byte[]  output,
+        int     outputOffset)
+        throws IllegalBlockSizeException, BadPaddingException, ShortBufferException
+    {
+        int     len = 0;
+
+        if (outputOffset + engineGetOutputSize(inputLen) > output.length)
+        {
+            throw new ShortBufferException("output buffer too short for input.");
+        }
+
+        try
+        {
+            if (inputLen != 0)
+            {
+                len = cipher.processBytes(input, inputOffset, inputLen, output, outputOffset);
+            }
+
+            return (len + cipher.doFinal(output, outputOffset + len));
+        }
+        catch (OutputLengthException e)
+        {
+            throw new IllegalBlockSizeException(e.getMessage());
+        }
+        catch (DataLengthException e)
+        {
+            throw new IllegalBlockSizeException(e.getMessage());
+        }
+    }
+
+    private boolean isAEADModeName(
+        String modeName)
+    {
+        // Android-changed: Unsupported modes
+        // return "CCM".equals(modeName) || "EAX".equals(modeName) || "GCM".equals(modeName) || "OCB".equals(modeName);
+        return "CCM".equals(modeName) || "GCM".equals(modeName);
+    }
+
+    /*
+     * The ciphers that inherit from us.
+     */
+
+    static private interface GenericBlockCipher
+    {
+        public void init(boolean forEncryption, CipherParameters params)
+            throws IllegalArgumentException;
+
+        public boolean wrapOnNoPadding();
+
+        public String getAlgorithmName();
+
+        public com.android.org.bouncycastle.crypto.BlockCipher getUnderlyingCipher();
+
+        public int getOutputSize(int len);
+
+        public int getUpdateOutputSize(int len);
+
+        public void updateAAD(byte[] input, int offset, int length);
+
+        public int processByte(byte in, byte[] out, int outOff)
+            throws DataLengthException;
+
+        public int processBytes(byte[] in, int inOff, int len, byte[] out, int outOff)
+            throws DataLengthException;
+
+        public int doFinal(byte[] out, int outOff)
+            throws IllegalStateException,
+            BadPaddingException;
+    }
+
+    private static class BufferedGenericBlockCipher
+        implements GenericBlockCipher
+    {
+        private BufferedBlockCipher cipher;
+
+        BufferedGenericBlockCipher(BufferedBlockCipher cipher)
+        {
+            this.cipher = cipher;
+        }
+
+        BufferedGenericBlockCipher(com.android.org.bouncycastle.crypto.BlockCipher cipher)
+        {
+            this.cipher = new PaddedBufferedBlockCipher(cipher);
+        }
+
+        BufferedGenericBlockCipher(com.android.org.bouncycastle.crypto.BlockCipher cipher, BlockCipherPadding padding)
+        {
+            this.cipher = new PaddedBufferedBlockCipher(cipher, padding);
+        }
+
+        public void init(boolean forEncryption, CipherParameters params)
+            throws IllegalArgumentException
+        {
+            cipher.init(forEncryption, params);
+        }
+
+        public boolean wrapOnNoPadding()
+        {
+            return !(cipher instanceof CTSBlockCipher);
+        }
+
+        public String getAlgorithmName()
+        {
+            return cipher.getUnderlyingCipher().getAlgorithmName();
+        }
+
+        public com.android.org.bouncycastle.crypto.BlockCipher getUnderlyingCipher()
+        {
+            return cipher.getUnderlyingCipher();
+        }
+
+        public int getOutputSize(int len)
+        {
+            return cipher.getOutputSize(len);
+        }
+
+        public int getUpdateOutputSize(int len)
+        {
+            return cipher.getUpdateOutputSize(len);
+        }
+
+        public void updateAAD(byte[] input, int offset, int length)
+        {
+            throw new UnsupportedOperationException("AAD is not supported in the current mode.");
+        }
+
+        public int processByte(byte in, byte[] out, int outOff) throws DataLengthException
+        {
+            return cipher.processByte(in, out, outOff);
+        }
+
+        public int processBytes(byte[] in, int inOff, int len, byte[] out, int outOff) throws DataLengthException
+        {
+            return cipher.processBytes(in, inOff, len, out, outOff);
+        }
+
+        public int doFinal(byte[] out, int outOff) throws IllegalStateException, BadPaddingException
+        {
+            try
+            {
+                return cipher.doFinal(out, outOff);
+            }
+            catch (InvalidCipherTextException e)
+            {
+                throw new BadPaddingException(e.getMessage());
+            }
+        }
+    }
+
+    private static class AEADGenericBlockCipher
+        implements GenericBlockCipher
+    {
+        private static final Constructor aeadBadTagConstructor;
+
+        static {
+            Class aeadBadTagClass = ClassUtil.loadClass(BaseBlockCipher.class, "javax.crypto.AEADBadTagException");
+            if (aeadBadTagClass != null)
+            {
+                aeadBadTagConstructor = findExceptionConstructor(aeadBadTagClass);
+            }
+            else
+            {
+                aeadBadTagConstructor = null;
+            }
+        }
+
+        private static Constructor findExceptionConstructor(Class clazz)
+        {
+            try
+            {
+                return clazz.getConstructor(new Class[]{String.class});
+            }
+            catch (Exception e)
+            {
+                return null;
+            }
+        }
+
+        private AEADBlockCipher cipher;
+
+        AEADGenericBlockCipher(AEADBlockCipher cipher)
+        {
+            this.cipher = cipher;
+        }
+
+        public void init(boolean forEncryption, CipherParameters params)
+            throws IllegalArgumentException
+        {
+            cipher.init(forEncryption, params);
+        }
+
+        public String getAlgorithmName()
+        {
+            return cipher.getUnderlyingCipher().getAlgorithmName();
+        }
+
+        public boolean wrapOnNoPadding()
+        {
+            return false;
+        }
+
+        public com.android.org.bouncycastle.crypto.BlockCipher getUnderlyingCipher()
+        {
+            return cipher.getUnderlyingCipher();
+        }
+
+        public int getOutputSize(int len)
+        {
+            return cipher.getOutputSize(len);
+        }
+
+        public int getUpdateOutputSize(int len)
+        {
+            return cipher.getUpdateOutputSize(len);
+        }
+
+        public void updateAAD(byte[] input, int offset, int length)
+        {
+            cipher.processAADBytes(input, offset, length);
+        }
+
+        public int processByte(byte in, byte[] out, int outOff) throws DataLengthException
+        {
+            return cipher.processByte(in, out, outOff);
+        }
+
+        public int processBytes(byte[] in, int inOff, int len, byte[] out, int outOff) throws DataLengthException
+        {
+            return cipher.processBytes(in, inOff, len, out, outOff);
+        }
+
+        public int doFinal(byte[] out, int outOff) throws IllegalStateException, BadPaddingException
+        {
+            try
+            {
+                return cipher.doFinal(out, outOff);
+            }
+            catch (InvalidCipherTextException e)
+            {
+                if (aeadBadTagConstructor != null)
+                {
+                    BadPaddingException aeadBadTag = null;
+                    try
+                    {
+                        aeadBadTag = (BadPaddingException)aeadBadTagConstructor
+                                .newInstance(new Object[]{e.getMessage()});
+                    }
+                    catch (Exception i)
+                    {
+                        // Shouldn't happen, but fall through to BadPaddingException
+                    }
+                    if (aeadBadTag != null)
+                    {
+                        throw aeadBadTag;
+                    }
+                }
+                throw new BadPaddingException(e.getMessage());
+            }
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseKeyGenerator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseKeyGenerator.java
new file mode 100644
index 0000000..9873fc2
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseKeyGenerator.java

@@ -0,0 +1,87 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.symmetric.util;
+
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidParameterException;
+import java.security.SecureRandom;
+import java.security.spec.AlgorithmParameterSpec;
+
+import javax.crypto.KeyGeneratorSpi;
+import javax.crypto.SecretKey;
+import javax.crypto.spec.SecretKeySpec;
+
+import com.android.org.bouncycastle.crypto.CipherKeyGenerator;
+import com.android.org.bouncycastle.crypto.CryptoServicesRegistrar;
+import com.android.org.bouncycastle.crypto.KeyGenerationParameters;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BaseKeyGenerator
+    extends KeyGeneratorSpi
+{
+    protected String                algName;
+    protected int                   keySize;
+    protected int                   defaultKeySize;
+    protected CipherKeyGenerator    engine;
+
+    protected boolean               uninitialised = true;
+
+    protected BaseKeyGenerator(
+        String algName,
+        int defaultKeySize,
+        CipherKeyGenerator engine)
+    {
+        this.algName = algName;
+        this.keySize = this.defaultKeySize = defaultKeySize;
+        this.engine = engine;
+    }
+
+    protected void engineInit(
+        AlgorithmParameterSpec  params,
+        SecureRandom            random)
+    throws InvalidAlgorithmParameterException
+    {
+        throw new InvalidAlgorithmParameterException("Not Implemented");
+    }
+
+    protected void engineInit(
+        SecureRandom    random)
+    {
+        if (random != null)
+        {
+            engine.init(new KeyGenerationParameters(random, defaultKeySize));
+            uninitialised = false;
+        }
+    }
+
+    protected void engineInit(
+        int             keySize,
+        SecureRandom    random)
+    {
+        try
+        {
+            if (random == null)
+            {
+                random = CryptoServicesRegistrar.getSecureRandom();
+            }
+            engine.init(new KeyGenerationParameters(random, keySize));
+            uninitialised = false;
+        }
+        catch (IllegalArgumentException e)
+        {
+            throw new InvalidParameterException(e.getMessage());
+        }
+    }
+
+    protected SecretKey engineGenerateKey()
+    {
+        if (uninitialised)
+        {
+            engine.init(new KeyGenerationParameters(CryptoServicesRegistrar.getSecureRandom(), defaultKeySize));
+            uninitialised = false;
+        }
+
+        return new SecretKeySpec(engine.generateKey(), algName);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java
new file mode 100644
index 0000000..00fd528
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseMac.java

@@ -0,0 +1,294 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.symmetric.util;
+
+import java.lang.reflect.Method;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.Key;
+import java.security.spec.AlgorithmParameterSpec;
+import java.util.Hashtable;
+import java.util.Iterator;
+import java.util.Map;
+
+import javax.crypto.MacSpi;
+import javax.crypto.SecretKey;
+import javax.crypto.interfaces.PBEKey;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.PBEParameterSpec;
+import javax.crypto.spec.RC2ParameterSpec;
+
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.Mac;
+import com.android.org.bouncycastle.crypto.macs.HMac;
+import com.android.org.bouncycastle.crypto.params.AEADParameters;
+import com.android.org.bouncycastle.crypto.params.KeyParameter;
+import com.android.org.bouncycastle.crypto.params.ParametersWithIV;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.params.RC2Parameters;
+// import org.bouncycastle.crypto.params.SkeinParameters;
+import com.android.org.bouncycastle.jcajce.PKCS12Key;
+import com.android.org.bouncycastle.jcajce.spec.AEADParameterSpec;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jcajce.spec.SkeinParameterSpec;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BaseMac
+    extends MacSpi implements PBE
+{
+    private static final Class gcmSpecClass = ClassUtil.loadClass(BaseMac.class, "javax.crypto.spec.GCMParameterSpec");
+
+    private Mac macEngine;
+
+    private int scheme = PKCS12;
+    private int pbeHash = SHA1;
+    private int keySize = 160;
+
+    protected BaseMac(
+        Mac macEngine)
+    {
+        this.macEngine = macEngine;
+    }
+
+    protected BaseMac(
+        Mac macEngine,
+        int scheme,
+        int pbeHash,
+        int keySize)
+    {
+        this.macEngine = macEngine;
+        this.scheme = scheme;
+        this.pbeHash = pbeHash;
+        this.keySize = keySize;
+    }
+
+    protected void engineInit(
+        Key                     key,
+        AlgorithmParameterSpec  params)
+        throws InvalidKeyException, InvalidAlgorithmParameterException
+    {
+        CipherParameters        param;
+
+        if (key == null)
+        {
+            throw new InvalidKeyException("key is null");
+        }
+
+        if (key instanceof PKCS12Key)
+        {
+            SecretKey k;
+            PBEParameterSpec pbeSpec;
+
+            try
+            {
+                k = (SecretKey)key;
+            }
+            catch (Exception e)
+            {
+                throw new InvalidKeyException("PKCS12 requires a SecretKey/PBEKey");
+            }
+
+            try
+            {
+                pbeSpec = (PBEParameterSpec)params;
+            }
+            catch (Exception e)
+            {
+                throw new InvalidAlgorithmParameterException("PKCS12 requires a PBEParameterSpec");
+            }
+
+            if (k instanceof PBEKey && pbeSpec == null)
+            {
+                pbeSpec = new PBEParameterSpec(((PBEKey)k).getSalt(), ((PBEKey)k).getIterationCount());
+            }
+
+            int digest = SHA1;
+            int keySize = 160;
+            // BEGIN Android-removed: Unsupported algorithms
+            // if (macEngine.getAlgorithmName().startsWith("GOST"))
+            // {
+            //     digest = GOST3411;
+            //     keySize = 256;
+            // }
+            // END Android-removed: Unsupported algorithms
+            // Android-changed: Adjust for missing if
+            // else if (macEngine instanceof HMac)
+            if (macEngine instanceof HMac)
+            {
+                if (!macEngine.getAlgorithmName().startsWith("SHA-1"))
+                {
+                    if (macEngine.getAlgorithmName().startsWith("SHA-224"))
+                    {
+                        digest = SHA224;
+                        keySize = 224;
+                    }
+                    else if (macEngine.getAlgorithmName().startsWith("SHA-256"))
+                    {
+                        digest = SHA256;
+                        keySize = 256;
+                    }
+                    else if (macEngine.getAlgorithmName().startsWith("SHA-384"))
+                    {
+                        digest = SHA384;
+                        keySize = 384;
+                    }
+                    else if (macEngine.getAlgorithmName().startsWith("SHA-512"))
+                    {
+                        digest = SHA512;
+                        keySize = 512;
+                    }
+                    // BEGIN Android-removed: Unsupported algorithms
+                    // else if (macEngine.getAlgorithmName().startsWith("RIPEMD160"))
+                    // {
+                    //     digest = RIPEMD160;
+                    //     keySize = 160;
+                    // }
+                    // END Android-removed: Unsupported algorithms
+                    else
+                    {
+                        throw new InvalidAlgorithmParameterException("no PKCS12 mapping for HMAC: " + macEngine.getAlgorithmName());
+                    }
+                }
+            }
+            // TODO: add correct handling for other digests
+            param = PBE.Util.makePBEMacParameters(k, PKCS12, digest, keySize, pbeSpec);
+        }
+        else if (key instanceof BCPBEKey)
+        {
+            BCPBEKey k = (BCPBEKey)key;
+
+            if (k.getParam() != null)
+            {
+                param = k.getParam();
+            }
+            else if (params instanceof PBEParameterSpec)
+            {
+                param = PBE.Util.makePBEMacParameters(k, params);
+            }
+            else
+            {
+                throw new InvalidAlgorithmParameterException("PBE requires PBE parameters to be set.");
+            }
+        }
+        else
+        {
+            if (params instanceof PBEParameterSpec)
+            {
+                throw new InvalidAlgorithmParameterException("inappropriate parameter type: " + params.getClass().getName());
+            }
+            param = new KeyParameter(key.getEncoded());
+        }
+
+        KeyParameter keyParam;
+        if (param instanceof ParametersWithIV)
+        {
+            keyParam = (KeyParameter)((ParametersWithIV)param).getParameters();
+        }
+        else
+        {
+            keyParam = (KeyParameter)param;
+        }
+
+        if (params instanceof AEADParameterSpec)
+        {
+            AEADParameterSpec aeadSpec = (AEADParameterSpec)params;
+
+            param = new AEADParameters(keyParam, aeadSpec.getMacSizeInBits(), aeadSpec.getNonce(), aeadSpec.getAssociatedData());
+        }
+        else if (params instanceof IvParameterSpec)
+        {
+            param = new ParametersWithIV(keyParam, ((IvParameterSpec)params).getIV());
+        }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        else if (params instanceof RC2ParameterSpec)
+        {
+            param = new ParametersWithIV(new RC2Parameters(keyParam.getKey(), ((RC2ParameterSpec)params).getEffectiveKeyBits()), ((RC2ParameterSpec)params).getIV());
+        }
+        else if (params instanceof SkeinParameterSpec)
+        {
+            param = new SkeinParameters.Builder(copyMap(((SkeinParameterSpec)params).getParameters())).setKey(keyParam.getKey()).build();
+        }
+        */
+        // END Android-removed: Unsupported algorithms
+        else if (params == null)
+        {
+            param = new KeyParameter(key.getEncoded());
+        }
+        else if (gcmSpecClass != null && gcmSpecClass.isAssignableFrom(params.getClass()))
+        {
+            try
+            {
+                Method tLen = gcmSpecClass.getDeclaredMethod("getTLen", new Class[0]);
+                Method iv= gcmSpecClass.getDeclaredMethod("getIV", new Class[0]);
+
+                param = new AEADParameters(keyParam, ((Integer)tLen.invoke(params, new Object[0])).intValue(), (byte[])iv.invoke(params, new Object[0]));
+            }
+            catch (Exception e)
+            {
+                throw new InvalidAlgorithmParameterException("Cannot process GCMParameterSpec.");
+            }
+        }
+        else if (!(params instanceof PBEParameterSpec))
+        {
+            throw new InvalidAlgorithmParameterException("unknown parameter type: " + params.getClass().getName());
+        }
+
+        try
+        {
+            macEngine.init(param);
+        }
+        catch (Exception e)
+        {
+            throw new InvalidAlgorithmParameterException("cannot initialize MAC: " + e.getMessage());
+        }
+    }
+
+    protected int engineGetMacLength() 
+    {
+        return macEngine.getMacSize();
+    }
+
+    protected void engineReset() 
+    {
+        macEngine.reset();
+    }
+
+    protected void engineUpdate(
+        byte    input) 
+    {
+        macEngine.update(input);
+    }
+
+    protected void engineUpdate(
+        byte[]  input,
+        int     offset,
+        int     len) 
+    {
+        macEngine.update(input, offset, len);
+    }
+
+    protected byte[] engineDoFinal() 
+    {
+        byte[]  out = new byte[engineGetMacLength()];
+
+        macEngine.doFinal(out, 0);
+
+        return out;
+    }
+
+    private static Hashtable copyMap(Map paramsMap)
+    {
+        Hashtable newTable = new Hashtable();
+
+        Iterator keys = paramsMap.keySet().iterator();
+        while (keys.hasNext())
+        {
+            Object key = keys.next();
+            newTable.put(key, paramsMap.get(key));
+        }
+
+        return newTable;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseSecretKeyFactory.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseSecretKeyFactory.java
new file mode 100644
index 0000000..6ce1eba
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseSecretKeyFactory.java

@@ -0,0 +1,97 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.symmetric.util;
+
+import java.lang.reflect.Constructor;
+import java.security.InvalidKeyException;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.KeySpec;
+
+import javax.crypto.SecretKey;
+import javax.crypto.SecretKeyFactorySpi;
+import javax.crypto.spec.SecretKeySpec;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BaseSecretKeyFactory
+    extends SecretKeyFactorySpi
+    implements PBE
+{
+    protected String                algName;
+    protected ASN1ObjectIdentifier   algOid;
+
+    protected BaseSecretKeyFactory(
+        String algName,
+        ASN1ObjectIdentifier algOid)
+    {
+        this.algName = algName;
+        this.algOid = algOid;
+    }
+
+    protected SecretKey engineGenerateSecret(
+        KeySpec keySpec)
+    throws InvalidKeySpecException
+    {
+        if (keySpec instanceof SecretKeySpec)
+        {
+            return new SecretKeySpec(((SecretKeySpec)keySpec).getEncoded(), algName);
+        }
+
+        throw new InvalidKeySpecException("Invalid KeySpec");
+    }
+
+    protected KeySpec engineGetKeySpec(
+        SecretKey key,
+        Class keySpec)
+    throws InvalidKeySpecException
+    {
+        if (keySpec == null)
+        {
+            throw new InvalidKeySpecException("keySpec parameter is null");
+        }
+        if (key == null)
+        {
+            throw new InvalidKeySpecException("key parameter is null");
+        }
+        
+        if (SecretKeySpec.class.isAssignableFrom(keySpec))
+        {
+            return new SecretKeySpec(key.getEncoded(), algName);
+        }
+
+        try
+        {
+            Class[] parameters = { byte[].class };
+
+            Constructor c = keySpec.getConstructor(parameters);
+            Object[]    p = new Object[1];
+
+            p[0] = key.getEncoded();
+
+            return (KeySpec)c.newInstance(p);
+        }
+        catch (Exception e)
+        {
+            throw new InvalidKeySpecException(e.toString());
+        }
+    }
+
+    protected SecretKey engineTranslateKey(
+        SecretKey key)
+    throws InvalidKeyException
+    {
+        if (key == null)
+        {
+            throw new InvalidKeyException("key parameter is null");
+        }
+        
+        if (!key.getAlgorithm().equalsIgnoreCase(algName))
+        {
+            throw new InvalidKeyException("Key not of type " + algName + ".");
+        }
+
+        return new SecretKeySpec(key.getEncoded(), algName);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java
new file mode 100644
index 0000000..e7e98dc
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseStreamCipher.java

@@ -0,0 +1,441 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.symmetric.util;
+
+import java.security.AlgorithmParameters;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.InvalidParameterException;
+import java.security.Key;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.security.spec.AlgorithmParameterSpec;
+
+import javax.crypto.Cipher;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.SecretKey;
+import javax.crypto.ShortBufferException;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.PBEParameterSpec;
+// Android-removed: Unsupported algorithms
+// import javax.crypto.spec.RC2ParameterSpec;
+// import javax.crypto.spec.RC5ParameterSpec;
+
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.CryptoServicesRegistrar;
+import com.android.org.bouncycastle.crypto.DataLengthException;
+import com.android.org.bouncycastle.crypto.StreamCipher;
+import com.android.org.bouncycastle.crypto.params.KeyParameter;
+import com.android.org.bouncycastle.crypto.params.ParametersWithIV;
+import com.android.org.bouncycastle.jcajce.PKCS12Key;
+import com.android.org.bouncycastle.jcajce.PKCS12KeyWithParameters;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BaseStreamCipher
+    extends BaseWrapCipher
+    implements PBE
+{
+    //
+    // specs we can handle.
+    //
+    private Class[]                 availableSpecs =
+                                    {
+                                        // Android-removed: Unsupported algorithms
+                                        // RC2ParameterSpec.class,
+                                        // RC5ParameterSpec.class,
+                                        IvParameterSpec.class,
+                                        PBEParameterSpec.class
+                                    };
+
+    private StreamCipher       cipher;
+    private int keySizeInBits;
+    private int digest;
+    private ParametersWithIV   ivParam;
+
+    private int                     ivLength = 0;
+
+    private PBEParameterSpec        pbeSpec = null;
+    private String                  pbeAlgorithm = null;
+
+    protected BaseStreamCipher(
+        StreamCipher engine,
+        int ivLength)
+    {
+        this(engine, ivLength, -1, -1);
+    }
+
+    protected BaseStreamCipher(
+        StreamCipher engine,
+        int ivLength,
+        int keySizeInBits,
+        int digest)
+    {
+        cipher = engine;
+        this.ivLength = ivLength;
+        this.keySizeInBits = keySizeInBits;
+        this.digest = digest;
+    }
+
+    protected int engineGetBlockSize()
+    {
+        return 0;
+    }
+
+    protected byte[] engineGetIV()
+    {
+        return (ivParam != null) ? ivParam.getIV() : null;
+    }
+
+    protected int engineGetKeySize(
+        Key     key)
+    {
+        return key.getEncoded().length * 8;
+    }
+
+    protected int engineGetOutputSize(
+        int     inputLen)
+    {
+        return inputLen;
+    }
+
+    protected AlgorithmParameters engineGetParameters()
+    {
+        if (engineParams == null)
+        {
+            if (pbeSpec != null)
+            {
+                try
+                {
+                    AlgorithmParameters engineParams = createParametersInstance(pbeAlgorithm);
+                    engineParams.init(pbeSpec);
+
+                    return engineParams;
+                }
+                catch (Exception e)
+                {
+                    return null;
+                }
+            }
+            else if (ivParam != null)
+            {
+                String  name = cipher.getAlgorithmName();
+
+                if (name.indexOf('/') >= 0)
+                {
+                    name = name.substring(0, name.indexOf('/'));
+                }
+                if (name.startsWith("ChaCha7539"))
+                {
+                    name = "ChaCha7539";
+                }
+                else if (name.startsWith("Grain"))
+                {
+                    name = "Grainv1";
+                }
+                else if (name.startsWith("HC"))
+                {
+                    int endIndex = name.indexOf('-');
+                    name = name.substring(0, endIndex) + name.substring(endIndex + 1);
+                }
+
+                try
+                {
+                    engineParams = createParametersInstance(name);
+                    engineParams.init(new IvParameterSpec(ivParam.getIV()));
+                }
+                catch (Exception e)
+                {
+                    throw new RuntimeException(e.toString());
+                }
+            }
+        }
+
+        return engineParams;
+    }
+
+    /**
+     * should never be called.
+     */
+    protected void engineSetMode(
+        String  mode)
+        throws NoSuchAlgorithmException
+    {
+        if (!(mode.equalsIgnoreCase("ECB") || mode.equals("NONE")))
+        {
+            throw new NoSuchAlgorithmException("can't support mode " + mode);
+        }
+    }
+
+    /**
+     * should never be called.
+     */
+    protected void engineSetPadding(
+        String  padding)
+    throws NoSuchPaddingException
+    {
+        if (!padding.equalsIgnoreCase("NoPadding"))
+        {
+            throw new NoSuchPaddingException("Padding " + padding + " unknown.");
+        }
+    }
+
+    protected void engineInit(
+        int                     opmode,
+        Key                     key,
+        AlgorithmParameterSpec  params,
+        SecureRandom            random)
+        throws InvalidKeyException, InvalidAlgorithmParameterException
+    {
+        CipherParameters        param;
+
+        this.pbeSpec = null;
+        this.pbeAlgorithm = null;
+
+        this.engineParams = null;
+
+        //
+        // basic key check
+        //
+        if (!(key instanceof SecretKey))
+        {
+            throw new InvalidKeyException("Key for algorithm " + key.getAlgorithm() + " not suitable for symmetric enryption.");
+        }
+
+        if (key instanceof PKCS12Key)
+        {
+            PKCS12Key k = (PKCS12Key)key;
+            pbeSpec = (PBEParameterSpec)params;
+            if (k instanceof PKCS12KeyWithParameters && pbeSpec == null)
+            {
+                pbeSpec = new PBEParameterSpec(((PKCS12KeyWithParameters)k).getSalt(), ((PKCS12KeyWithParameters)k).getIterationCount());
+            }
+
+            param = PBE.Util.makePBEParameters(k.getEncoded(), PKCS12, digest, keySizeInBits, ivLength * 8, pbeSpec, cipher.getAlgorithmName());
+        }
+        else if (key instanceof BCPBEKey)
+        {
+            BCPBEKey k = (BCPBEKey)key;
+
+            if (k.getOID() != null)
+            {
+                pbeAlgorithm = k.getOID().getId();
+            }
+            else
+            {
+                pbeAlgorithm = k.getAlgorithm();
+            }
+
+            if (k.getParam() != null)
+            {
+                param = k.getParam();
+                pbeSpec = new PBEParameterSpec(k.getSalt(), k.getIterationCount());
+            }
+            else if (params instanceof PBEParameterSpec)
+            {
+                param = PBE.Util.makePBEParameters(k, params, cipher.getAlgorithmName());
+                pbeSpec = (PBEParameterSpec)params;
+            }
+            else
+            {
+                throw new InvalidAlgorithmParameterException("PBE requires PBE parameters to be set.");
+            }
+            
+            if (k.getIvSize() != 0)
+            {
+                ivParam = (ParametersWithIV)param;
+            }
+        }
+        else if (params == null)
+        {
+            if (digest > 0)
+            {
+                throw new InvalidKeyException("Algorithm requires a PBE key");
+            }
+            param = new KeyParameter(key.getEncoded());
+        }
+        else if (params instanceof IvParameterSpec)
+        {
+            param = new ParametersWithIV(new KeyParameter(key.getEncoded()), ((IvParameterSpec)params).getIV());
+            ivParam = (ParametersWithIV)param;
+        }
+        else
+        {
+            throw new InvalidAlgorithmParameterException("unknown parameter type.");
+        }
+
+        if ((ivLength != 0) && !(param instanceof ParametersWithIV))
+        {
+            SecureRandom    ivRandom = random;
+
+            if (ivRandom == null)
+            {
+                ivRandom = CryptoServicesRegistrar.getSecureRandom();
+            }
+
+            if ((opmode == Cipher.ENCRYPT_MODE) || (opmode == Cipher.WRAP_MODE))
+            {
+                byte[]  iv = new byte[ivLength];
+
+                ivRandom.nextBytes(iv);
+                param = new ParametersWithIV(param, iv);
+                ivParam = (ParametersWithIV)param;
+            }
+            else
+            {
+                throw new InvalidAlgorithmParameterException("no IV set when one expected");
+            }
+        }
+
+        try
+        {
+            switch (opmode)
+            {
+            case Cipher.ENCRYPT_MODE:
+            case Cipher.WRAP_MODE:
+                cipher.init(true, param);
+                break;
+            case Cipher.DECRYPT_MODE:
+            case Cipher.UNWRAP_MODE:
+                cipher.init(false, param);
+                break;
+            default:
+                throw new InvalidParameterException("unknown opmode " + opmode + " passed");
+            }
+        }
+        catch (Exception e)
+        {
+            throw new InvalidKeyException(e.getMessage());
+        }
+    }
+
+    protected void engineInit(
+        int                 opmode,
+        Key                 key,
+        AlgorithmParameters params,
+        SecureRandom        random) 
+        throws InvalidKeyException, InvalidAlgorithmParameterException
+    {
+        AlgorithmParameterSpec  paramSpec = null;
+
+        if (params != null)
+        {
+            for (int i = 0; i != availableSpecs.length; i++)
+            {
+                try
+                {
+                    paramSpec = params.getParameterSpec(availableSpecs[i]);
+                    break;
+                }
+                catch (Exception e)
+                {
+                    continue;
+                }
+            }
+
+            if (paramSpec == null)
+            {
+                throw new InvalidAlgorithmParameterException("can't handle parameter " + params.toString());
+            }
+        }
+
+        engineInit(opmode, key, paramSpec, random);
+        engineParams = params;
+    }
+
+    protected void engineInit(
+        int                 opmode,
+        Key                 key,
+        SecureRandom        random) 
+        throws InvalidKeyException
+    {
+        try
+        {
+            engineInit(opmode, key, (AlgorithmParameterSpec)null, random);
+        }
+        catch (InvalidAlgorithmParameterException e)
+        {
+            throw new InvalidKeyException(e.getMessage());
+        }
+    }
+
+    protected byte[] engineUpdate(
+        byte[]  input,
+        int     inputOffset,
+        int     inputLen) 
+    {
+        byte[]  out = new byte[inputLen];
+
+        cipher.processBytes(input, inputOffset, inputLen, out, 0);
+
+        return out;
+    }
+
+    protected int engineUpdate(
+        byte[]  input,
+        int     inputOffset,
+        int     inputLen,
+        byte[]  output,
+        int     outputOffset) 
+        throws ShortBufferException 
+    {
+        if (outputOffset + inputLen > output.length)
+        {
+            throw new ShortBufferException("output buffer too short for input.");
+        }
+
+        try
+        {
+            cipher.processBytes(input, inputOffset, inputLen, output, outputOffset);
+
+            return inputLen;
+        }
+        catch (DataLengthException e)
+        {
+            // should never happen
+            throw new IllegalStateException(e.getMessage());
+        }
+    }
+
+    protected byte[] engineDoFinal(
+        byte[]  input,
+        int     inputOffset,
+        int     inputLen) 
+    {
+        if (inputLen != 0)
+        {
+            byte[] out = engineUpdate(input, inputOffset, inputLen);
+
+            cipher.reset();
+            
+            return out;
+        }
+
+        cipher.reset();
+        
+        return new byte[0];
+    }
+
+    protected int engineDoFinal(
+        byte[]  input,
+        int     inputOffset,
+        int     inputLen,
+        byte[]  output,
+        int     outputOffset)
+        throws ShortBufferException
+    {
+        if (outputOffset + inputLen > output.length)
+        {
+            throw new ShortBufferException("output buffer too short for input.");
+        }
+
+        if (inputLen != 0)
+        {
+            cipher.processBytes(input, inputOffset, inputLen, output, outputOffset);
+        }
+
+        cipher.reset();
+        
+        return inputLen;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java
new file mode 100644
index 0000000..b03b225
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BaseWrapCipher.java

@@ -0,0 +1,617 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.symmetric.util;
+
+import java.io.ByteArrayOutputStream;
+import java.security.AlgorithmParameters;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidKeyException;
+import java.security.InvalidParameterException;
+import java.security.Key;
+import java.security.KeyFactory;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.PrivateKey;
+import java.security.SecureRandom;
+import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.PKCS8EncodedKeySpec;
+import java.security.spec.X509EncodedKeySpec;
+
+import javax.crypto.BadPaddingException;
+import javax.crypto.Cipher;
+import javax.crypto.CipherSpi;
+import javax.crypto.IllegalBlockSizeException;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.ShortBufferException;
+import javax.crypto.spec.IvParameterSpec;
+import javax.crypto.spec.PBEParameterSpec;
+// Android-removed: Unsupported algorithms
+// import javax.crypto.spec.RC2ParameterSpec;
+// import javax.crypto.spec.RC5ParameterSpec;
+import javax.crypto.spec.SecretKeySpec;
+
+import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.InvalidCipherTextException;
+import com.android.org.bouncycastle.crypto.Wrapper;
+import com.android.org.bouncycastle.crypto.params.KeyParameter;
+import com.android.org.bouncycastle.crypto.params.ParametersWithIV;
+import com.android.org.bouncycastle.crypto.params.ParametersWithRandom;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.params.ParametersWithSBox;
+// import org.bouncycastle.crypto.params.ParametersWithUKM;
+// import org.bouncycastle.jcajce.spec.GOST28147WrapParameterSpec;
+// Android-changed: Use default provider for JCA algorithms instead of BC
+// Was: import org.bouncycastle.jcajce.util.BCJcaJceHelper;
+import com.android.org.bouncycastle.jcajce.util.DefaultJcaJceHelper;
+import com.android.org.bouncycastle.jcajce.util.JcaJceHelper;
+import com.android.org.bouncycastle.jce.provider.BouncyCastleProvider;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class BaseWrapCipher
+    extends CipherSpi
+    implements PBE
+{
+    //
+    // specs we can handle.
+    //
+    private Class[]                 availableSpecs =
+                                    {
+                                        // Android-removed: Unsupported algorithms
+                                        // GOST28147WrapParameterSpec.class,
+                                        PBEParameterSpec.class,
+                                        // Android-removed: Unsupported algorithms
+                                        // RC2ParameterSpec.class,
+                                        // RC5ParameterSpec.class
+                                        IvParameterSpec.class
+                                    };
+
+    protected int                     pbeType = PKCS12;
+    protected int                     pbeHash = SHA1;
+    protected int                     pbeKeySize;
+    protected int                     pbeIvSize;
+
+    protected AlgorithmParameters     engineParams = null;
+
+    protected Wrapper                 wrapEngine = null;
+
+    private int                       ivSize;
+    private byte[]                    iv;
+
+    private ErasableOutputStream wrapStream = null;
+    private boolean                   forWrapping;
+
+    // Android-changed: Use default provider for JCA algorithms instead of BC
+    // Was: private final JcaJceHelper helper = new BCJcaJceHelper();
+    private final JcaJceHelper helper = new DefaultJcaJceHelper();
+
+    protected BaseWrapCipher()
+    {
+    }
+
+    protected BaseWrapCipher(
+        Wrapper wrapEngine)
+    {
+        this(wrapEngine, 0);
+    }
+
+    protected BaseWrapCipher(
+        Wrapper wrapEngine,
+        int ivSize)
+    {
+        this.wrapEngine = wrapEngine;
+        this.ivSize = ivSize;
+    }
+
+    protected int engineGetBlockSize()
+    {
+        return 0;
+    }
+
+    protected byte[] engineGetIV()
+    {
+        return Arrays.clone(iv);
+    }
+
+    protected int engineGetKeySize(
+        Key     key)
+    {
+        return key.getEncoded().length * 8;
+    }
+
+    protected int engineGetOutputSize(
+        int     inputLen)
+    {
+        return -1;
+    }
+
+    protected AlgorithmParameters engineGetParameters()
+    {
+        if (engineParams == null)
+        {
+            if (iv != null)
+            {
+                String  name = wrapEngine.getAlgorithmName();
+
+                if (name.indexOf('/') >= 0)
+                {
+                    name = name.substring(0, name.indexOf('/'));
+                }
+
+                try
+                {
+                    engineParams = createParametersInstance(name);
+                    engineParams.init(new IvParameterSpec(iv));
+                }
+                catch (Exception e)
+                {
+                    throw new RuntimeException(e.toString());
+                }
+            }
+        }
+
+        return engineParams;
+    }
+
+    protected final AlgorithmParameters createParametersInstance(String algorithm)
+        throws NoSuchAlgorithmException, NoSuchProviderException
+    {
+        return helper.createAlgorithmParameters(algorithm);
+    }
+
+    protected void engineSetMode(
+        String  mode)
+        throws NoSuchAlgorithmException
+    {
+        throw new NoSuchAlgorithmException("can't support mode " + mode);
+    }
+
+    protected void engineSetPadding(
+        String  padding)
+    throws NoSuchPaddingException
+    {
+        throw new NoSuchPaddingException("Padding " + padding + " unknown.");
+    }
+
+    protected void engineInit(
+        int                     opmode,
+        Key                     key,
+        AlgorithmParameterSpec  params,
+        SecureRandom            random)
+    throws InvalidKeyException, InvalidAlgorithmParameterException
+    {
+        CipherParameters        param;
+
+        if (key instanceof BCPBEKey)
+        {
+            BCPBEKey k = (BCPBEKey)key;
+
+            if (params instanceof PBEParameterSpec)
+            {
+                param = PBE.Util.makePBEParameters(k, params, wrapEngine.getAlgorithmName());
+            }
+            else if (k.getParam() != null)
+            {
+                param = k.getParam();
+            }
+            else
+            {
+                throw new InvalidAlgorithmParameterException("PBE requires PBE parameters to be set.");
+            }
+        }
+        else
+        {
+            param = new KeyParameter(key.getEncoded());
+        }
+
+        if (params instanceof IvParameterSpec)
+        {
+            IvParameterSpec ivSpec = (IvParameterSpec)params;
+            this.iv = ivSpec.getIV();
+            param = new ParametersWithIV(param, iv);
+        }
+
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        if (params instanceof GOST28147WrapParameterSpec)
+        {
+            GOST28147WrapParameterSpec spec = (GOST28147WrapParameterSpec) params;
+
+            byte[] sBox = spec.getSBox();
+            if (sBox != null)
+            {
+                param = new ParametersWithSBox(param, sBox);
+            }
+            param = new ParametersWithUKM(param, spec.getUKM());
+        }
+        */
+        // END Android-removed: Unsupported algorithms
+
+        if (param instanceof KeyParameter && ivSize != 0)
+        {
+            if (opmode == Cipher.WRAP_MODE || opmode == Cipher.ENCRYPT_MODE)
+            {
+                iv = new byte[ivSize];
+                random.nextBytes(iv);
+                param = new ParametersWithIV(param, iv);
+            }
+        }
+
+        if (random != null)
+        {
+            param = new ParametersWithRandom(param, random);
+        }
+
+        try
+        {
+            switch (opmode)
+            {
+            case Cipher.WRAP_MODE:
+                wrapEngine.init(true, param);
+                this.wrapStream = null;
+                this.forWrapping = true;
+                break;
+            case Cipher.UNWRAP_MODE:
+                wrapEngine.init(false, param);
+                this.wrapStream = null;
+                this.forWrapping = false;
+                break;
+            case Cipher.ENCRYPT_MODE:
+                wrapEngine.init(true, param);
+                this.wrapStream = new ErasableOutputStream();
+                this.forWrapping = true;
+                break;
+            case Cipher.DECRYPT_MODE:
+                wrapEngine.init(false, param);
+                this.wrapStream = new ErasableOutputStream();
+                this.forWrapping = false;
+                break;
+            default:
+                throw new InvalidParameterException("Unknown mode parameter passed to init.");
+            }
+        }
+        catch (Exception e)
+        {
+            throw new InvalidKeyOrParametersException(e.getMessage(), e);
+        }
+    }
+
+    protected void engineInit(
+        int                 opmode,
+        Key                 key,
+        AlgorithmParameters params,
+        SecureRandom        random)
+    throws InvalidKeyException, InvalidAlgorithmParameterException
+    {
+        AlgorithmParameterSpec  paramSpec = null;
+
+        if (params != null)
+        {
+            for (int i = 0; i != availableSpecs.length; i++)
+            {
+                try
+                {
+                    paramSpec = params.getParameterSpec(availableSpecs[i]);
+                    break;
+                }
+                catch (Exception e)
+                {
+                    // try next spec
+                }
+            }
+
+            if (paramSpec == null)
+            {
+                throw new InvalidAlgorithmParameterException("can't handle parameter " + params.toString());
+            }
+        }
+
+        engineParams = params;
+        engineInit(opmode, key, paramSpec, random);
+    }
+
+    protected void engineInit(
+        int                 opmode,
+        Key                 key,
+        SecureRandom        random)
+        throws InvalidKeyException
+    {
+        try
+        {
+            engineInit(opmode, key, (AlgorithmParameterSpec)null, random);
+        }
+        catch (InvalidAlgorithmParameterException e)
+        {
+            throw new InvalidKeyOrParametersException(e.getMessage(), e);
+        }
+    }
+
+    protected byte[] engineUpdate(
+        byte[]  input,
+        int     inputOffset,
+        int     inputLen)
+    {
+        if (wrapStream == null)
+        {
+            throw new IllegalStateException("not supported in a wrapping mode");
+        }
+
+        wrapStream.write(input, inputOffset, inputLen);
+
+        return null;
+    }
+
+    protected int engineUpdate(
+        byte[]  input,
+        int     inputOffset,
+        int     inputLen,
+        byte[]  output,
+        int     outputOffset)
+        throws ShortBufferException
+    {
+        if (wrapStream == null)
+        {
+            throw new IllegalStateException("not supported in a wrapping mode");
+        }
+
+        wrapStream.write(input, inputOffset, inputLen);
+
+        return 0;
+    }
+
+    protected byte[] engineDoFinal(
+        byte[]  input,
+        int     inputOffset,
+        int     inputLen)
+        throws IllegalBlockSizeException, BadPaddingException
+    {
+        if (wrapStream == null)
+        {
+            throw new IllegalStateException("not supported in a wrapping mode");
+        }
+
+        wrapStream.write(input, inputOffset, inputLen);
+
+        try
+        {
+            if (forWrapping)
+            {
+                try
+                {
+                    return wrapEngine.wrap(wrapStream.getBuf(), 0, wrapStream.size());
+                }
+                catch (Exception e)
+                {
+                    throw new IllegalBlockSizeException(e.getMessage());
+                }
+            }
+            else
+            {
+                try
+                {
+                    return wrapEngine.unwrap(wrapStream.getBuf(), 0, wrapStream.size());
+                }
+                catch (InvalidCipherTextException e)
+                {
+                    throw new BadPaddingException(e.getMessage());
+                }
+            }
+        }
+        finally
+        {
+            wrapStream.erase();
+        }
+    }
+
+    protected int engineDoFinal(
+        byte[]  input,
+        int     inputOffset,
+        int     inputLen,
+        byte[]  output,
+        int     outputOffset)
+        throws IllegalBlockSizeException, BadPaddingException, ShortBufferException
+    {
+        if (wrapStream == null)
+        {
+            throw new IllegalStateException("not supported in a wrapping mode");
+        }
+
+        wrapStream.write(input, inputOffset, inputLen);
+
+        try
+        {
+            byte[] enc;
+
+            if (forWrapping)
+            {
+                try
+                {
+                    enc = wrapEngine.wrap(wrapStream.getBuf(), 0, wrapStream.size());
+                }
+                catch (Exception e)
+                {
+                    throw new IllegalBlockSizeException(e.getMessage());
+                }
+            }
+            else
+            {
+                try
+                {
+                    enc = wrapEngine.unwrap(wrapStream.getBuf(), 0, wrapStream.size());
+                }
+                catch (InvalidCipherTextException e)
+                {
+                    throw new BadPaddingException(e.getMessage());
+                }
+            }
+
+            if (outputOffset + enc.length > output.length)
+            {
+                throw new ShortBufferException("output buffer too short for input.");
+            }
+
+            System.arraycopy(enc, 0, output, outputOffset, enc.length);
+
+            return enc.length;
+        }
+        finally
+        {
+            wrapStream.erase();
+        }
+    }
+
+    protected byte[] engineWrap(
+        Key     key)
+    throws IllegalBlockSizeException, InvalidKeyException
+    {
+        byte[] encoded = key.getEncoded();
+        if (encoded == null)
+        {
+            throw new InvalidKeyException("Cannot wrap key, null encoding.");
+        }
+
+        try
+        {
+            if (wrapEngine == null)
+            {
+                return engineDoFinal(encoded, 0, encoded.length);
+            }
+            else
+            {
+                return wrapEngine.wrap(encoded, 0, encoded.length);
+            }
+        }
+        catch (BadPaddingException e)
+        {
+            throw new IllegalBlockSizeException(e.getMessage());
+        }
+    }
+
+    protected Key engineUnwrap(
+        byte[]  wrappedKey,
+        String  wrappedKeyAlgorithm,
+        int     wrappedKeyType)
+    throws InvalidKeyException, NoSuchAlgorithmException
+    {
+        byte[] encoded;
+        try
+        {
+            if (wrapEngine == null)
+            {
+                encoded = engineDoFinal(wrappedKey, 0, wrappedKey.length);
+            }
+            else
+            {
+                encoded = wrapEngine.unwrap(wrappedKey, 0, wrappedKey.length);
+            }
+        }
+        catch (InvalidCipherTextException e)
+        {
+            throw new InvalidKeyException(e.getMessage());
+        }
+        catch (BadPaddingException e)
+        {
+            throw new InvalidKeyException(e.getMessage());
+        }
+        catch (IllegalBlockSizeException e2)
+        {
+            throw new InvalidKeyException(e2.getMessage());
+        }
+
+        if (wrappedKeyType == Cipher.SECRET_KEY)
+        {
+            return new SecretKeySpec(encoded, wrappedKeyAlgorithm);
+        }
+        else if (wrappedKeyAlgorithm.equals("") && wrappedKeyType == Cipher.PRIVATE_KEY)
+        {
+            /*
+             * The caller doesn't know the algorithm as it is part of
+             * the encrypted data.
+             */
+            try
+            {
+                PrivateKeyInfo       in = PrivateKeyInfo.getInstance(encoded);
+
+                PrivateKey privKey = BouncyCastleProvider.getPrivateKey(in);
+
+                if (privKey != null)
+                {
+                    return privKey;
+                }
+                else
+                {
+                    throw new InvalidKeyException("algorithm " + in.getPrivateKeyAlgorithm().getAlgorithm() + " not supported");
+                }
+            }
+            catch (Exception e)
+            {
+                throw new InvalidKeyException("Invalid key encoding.");
+            }
+        }
+        else
+        {
+            try
+            {
+                KeyFactory kf = helper.createKeyFactory(wrappedKeyAlgorithm);
+
+                if (wrappedKeyType == Cipher.PUBLIC_KEY)
+                {
+                    return kf.generatePublic(new X509EncodedKeySpec(encoded));
+                }
+                else if (wrappedKeyType == Cipher.PRIVATE_KEY)
+                {
+                    return kf.generatePrivate(new PKCS8EncodedKeySpec(encoded));
+                }
+            }
+            catch (NoSuchProviderException e)
+            {
+                throw new InvalidKeyException("Unknown key type " + e.getMessage());
+            }
+            catch (InvalidKeySpecException e2)
+            {
+                throw new InvalidKeyException("Unknown key type " + e2.getMessage());
+            }
+
+            throw new InvalidKeyException("Unknown key type " + wrappedKeyType);
+        }
+    }
+
+    protected static final class ErasableOutputStream
+        extends ByteArrayOutputStream
+    {
+        public ErasableOutputStream()
+        {
+        }
+
+        public byte[] getBuf()
+        {
+            return buf;
+        }
+
+        public void erase()
+        {
+            Arrays.fill(this.buf, (byte)0);
+            reset();
+        }
+    }
+
+    protected static class InvalidKeyOrParametersException
+        extends InvalidKeyException
+    {
+        private final Throwable cause;
+
+        InvalidKeyOrParametersException(String msg, Throwable cause)
+        {
+             super(msg);
+            this.cause = cause;
+        }
+
+        public Throwable getCause()
+        {
+            return cause;
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BlockCipherProvider.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BlockCipherProvider.java
new file mode 100644
index 0000000..06a9451
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/BlockCipherProvider.java

@@ -0,0 +1,12 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.symmetric.util;
+
+import com.android.org.bouncycastle.crypto.BlockCipher;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface BlockCipherProvider
+{
+    BlockCipher get();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/ClassUtil.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/ClassUtil.java
new file mode 100644
index 0000000..c306ae7
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/ClassUtil.java

@@ -0,0 +1,49 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.symmetric.util;
+
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ClassUtil
+{
+    public static Class loadClass(Class sourceClass, final String className)
+    {
+        try
+        {
+            ClassLoader loader = sourceClass.getClassLoader();
+
+            if (loader != null)
+            {
+                return loader.loadClass(className);
+            }
+            else
+            {
+                return (Class)AccessController.doPrivileged(new PrivilegedAction()
+                {
+                    public Object run()
+                    {
+                        try
+                        {
+                            return Class.forName(className);
+                        }
+                        catch (Exception e)
+                        {
+                            // ignore - maybe log?
+                        }
+
+                        return null;
+                    }
+                });
+            }
+        }
+        catch (ClassNotFoundException e)
+        {
+            // ignore - maybe log?
+        }
+
+        return null;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/IvAlgorithmParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/IvAlgorithmParameters.java
new file mode 100644
index 0000000..4454c47
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/IvAlgorithmParameters.java

@@ -0,0 +1,122 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.symmetric.util;
+
+import java.io.IOException;
+import java.security.spec.AlgorithmParameterSpec;
+import java.security.spec.InvalidParameterSpecException;
+
+import javax.crypto.spec.IvParameterSpec;
+
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class IvAlgorithmParameters
+    extends BaseAlgorithmParameters
+{
+    private byte[] iv;
+
+    protected byte[] engineGetEncoded()
+        throws IOException
+    {
+        return engineGetEncoded("ASN.1");
+    }
+
+    protected byte[] engineGetEncoded(
+        String format)
+        throws IOException
+    {
+        if (isASN1FormatString(format))
+        {
+            return new DEROctetString(engineGetEncoded("RAW")).getEncoded();
+        }
+
+        if (format.equals("RAW"))
+        {
+            return Arrays.clone(iv);
+        }
+
+        return null;
+    }
+
+    protected AlgorithmParameterSpec localEngineGetParameterSpec(
+        Class paramSpec)
+        throws InvalidParameterSpecException
+    {
+        if (paramSpec == IvParameterSpec.class || paramSpec == AlgorithmParameterSpec.class)
+        {
+            return new IvParameterSpec(iv);
+        }
+
+        throw new InvalidParameterSpecException("unknown parameter spec passed to IV parameters object.");
+    }
+
+    protected void engineInit(
+        AlgorithmParameterSpec paramSpec)
+        throws InvalidParameterSpecException
+    {
+        if (!(paramSpec instanceof IvParameterSpec))
+        {
+            throw new InvalidParameterSpecException("IvParameterSpec required to initialise a IV parameters algorithm parameters object");
+        }
+
+        this.iv = ((IvParameterSpec)paramSpec).getIV();
+    }
+
+    protected void engineInit(
+        byte[] params)
+        throws IOException
+    {
+        //
+        // check that we don't have a DER encoded octet string
+        //
+        if ((params.length % 8) != 0
+            && params[0] == 0x04 && params[1] == params.length - 2)
+        {
+            ASN1OctetString oct = (ASN1OctetString)ASN1Primitive.fromByteArray(params);
+
+            params = oct.getOctets();
+        }
+
+        this.iv = Arrays.clone(params);
+    }
+
+    protected void engineInit(
+        byte[] params,
+        String format)
+        throws IOException
+    {
+        if (isASN1FormatString(format))
+        {
+            try
+            {
+                ASN1OctetString oct = (ASN1OctetString)ASN1Primitive.fromByteArray(params);
+
+                engineInit(oct.getOctets());
+            }
+            catch (Exception e)
+            {
+                throw new IOException("Exception decoding: " + e);
+            }
+
+            return;
+        }
+
+        if (format.equals("RAW"))
+        {
+            engineInit(params);
+            return;
+        }
+
+        throw new IOException("Unknown parameters format in IV parameters object");
+    }
+
+    protected String engineToString()
+    {
+        return "IV Parameters";
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java
new file mode 100644
index 0000000..e46a972
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/PBE.java

@@ -0,0 +1,541 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.symmetric.util;
+
+// BEGIN Android-added: Needed for compatibility helper
+import java.lang.reflect.Method;
+// END Android-added: Needed for compatibility helper
+import java.security.InvalidAlgorithmParameterException;
+import java.security.spec.AlgorithmParameterSpec;
+
+import javax.crypto.SecretKey;
+// BEGIN Android-added: Allow IVs specified in parameters.
+import javax.crypto.spec.IvParameterSpec;
+// END Android-added: Allow IVs specified in parameters.
+import javax.crypto.spec.PBEKeySpec;
+import javax.crypto.spec.PBEParameterSpec;
+
+import com.android.org.bouncycastle.crypto.CipherParameters;
+import com.android.org.bouncycastle.crypto.PBEParametersGenerator;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.crypto.digests.GOST3411Digest;
+// import org.bouncycastle.crypto.digests.MD2Digest;
+// import org.bouncycastle.crypto.digests.RIPEMD160Digest;
+// import org.bouncycastle.crypto.digests.TigerDigest;
+import com.android.org.bouncycastle.crypto.generators.OpenSSLPBEParametersGenerator;
+import com.android.org.bouncycastle.crypto.generators.PKCS12ParametersGenerator;
+import com.android.org.bouncycastle.crypto.generators.PKCS5S1ParametersGenerator;
+import com.android.org.bouncycastle.crypto.generators.PKCS5S2ParametersGenerator;
+import com.android.org.bouncycastle.crypto.params.DESParameters;
+import com.android.org.bouncycastle.crypto.params.KeyParameter;
+import com.android.org.bouncycastle.crypto.params.ParametersWithIV;
+// BEGIN Android-changed: Use Android digests
+// import org.bouncycastle.crypto.util.DigestFactory;
+import com.android.org.bouncycastle.crypto.digests.AndroidDigestFactory;
+// END Android-changed: Use Android digests
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface PBE
+{
+    //
+    // PBE Based encryption constants - by default we do PKCS12 with SHA-1
+    //
+    static final int        MD5          = 0;
+    static final int        SHA1         = 1;
+    // Android-removed: Unsupported algorithms
+    // static final int        RIPEMD160    = 2;
+    // static final int        TIGER        = 3;
+    static final int        SHA256       = 4;
+    // Android-removed: Unsupported algorithms
+    // static final int        MD2          = 5;
+    // static final int        GOST3411     = 6;
+    static final int        SHA224       = 7;
+    static final int        SHA384       = 8;
+    static final int        SHA512       = 9;
+    static final int        SHA3_224     = 10;
+    static final int        SHA3_256     = 11;
+    static final int        SHA3_384     = 12;
+    static final int        SHA3_512     = 13;
+
+    static final int        PKCS5S1      = 0;
+    static final int        PKCS5S2      = 1;
+    static final int        PKCS12       = 2;
+    static final int        OPENSSL      = 3;
+    static final int        PKCS5S1_UTF8 = 4;
+    static final int        PKCS5S2_UTF8 = 5;
+
+    /**
+     * uses the appropriate mixer to generate the key and IV if necessary.
+     */
+    static class Util
+    {
+        static private PBEParametersGenerator makePBEGenerator(
+            int                     type,
+            int                     hash)
+        {
+            PBEParametersGenerator  generator;
+    
+            if (type == PKCS5S1 || type == PKCS5S1_UTF8)
+            {
+                switch (hash)
+                {
+                // Android-removed: Unsupported algorithms
+                // case MD2:
+                //     generator = new PKCS5S1ParametersGenerator(new MD2Digest());
+                //     break;
+                case MD5:
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS5S1ParametersGenerator(DigestFactory.createMD5());
+                    generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getMD5());
+                    break;
+                case SHA1:
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS5S1ParametersGenerator(DigestFactory.createSHA1());
+                    generator = new PKCS5S1ParametersGenerator(AndroidDigestFactory.getSHA1());
+                    break;
+                default:
+                    throw new IllegalStateException("PKCS5 scheme 1 only supports MD2, MD5 and SHA1.");
+                }
+            }
+            else if (type == PKCS5S2 || type == PKCS5S2_UTF8)
+            {
+                switch (hash)
+                {
+                // Android-removed: Unsupported algorithms
+                // case MD2:
+                //     generator = new PKCS5S2ParametersGenerator(new MD2Digest());
+                //     break;
+                case MD5:
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS5S2ParametersGenerator(DigestFactory.createMD5());
+                    generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getMD5());
+                    break;
+                case SHA1:
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA1());
+                    generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA1());
+                    break;
+                // BEGIN Android-removed: Unsupported algorithms
+                /*
+                case RIPEMD160:
+                    generator = new PKCS5S2ParametersGenerator(new RIPEMD160Digest());
+                    break;
+                case TIGER:
+                    generator = new PKCS5S2ParametersGenerator(new TigerDigest());
+                    break;
+                */
+                // END Android-removed: Unsupported algorithms
+                case SHA256:
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA256());
+                    generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA256());
+                    break;
+                // Android-removed: Unsupported algorithms
+                // case GOST3411:
+                //     generator = new PKCS5S2ParametersGenerator(new GOST3411Digest());
+                //     break;
+                case SHA224:
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA224());
+                    generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA224());
+                    break;
+                case SHA384:
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA384());
+                    generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA384());
+                    break;
+                case SHA512:
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA512());
+                    generator = new PKCS5S2ParametersGenerator(AndroidDigestFactory.getSHA512());
+                    break;
+                // BEGIN Android-removed: Unsupported algorithms
+                /*
+                case SHA3_224:
+                    generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA3_224());
+                    break;
+                case SHA3_256:
+                     generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA3_256());
+                     break;
+                case SHA3_384:
+                    generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA3_384());
+                    break;
+                case SHA3_512:
+                    generator = new PKCS5S2ParametersGenerator(DigestFactory.createSHA3_512());
+                    break;
+                */
+                // END Android-removed: Unsupported algorithms
+                default:
+                    throw new IllegalStateException("unknown digest scheme for PBE PKCS5S2 encryption.");
+                }
+            }
+            else if (type == PKCS12)
+            {
+                switch (hash)
+                {
+                // Android-removed: Unsupported algorithms
+                // case MD2:
+                //     generator = new PKCS12ParametersGenerator(new MD2Digest());
+                //     break;
+                case MD5:
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS12ParametersGenerator(DigestFactory.createMD5());
+                    generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getMD5());
+                    break;
+                case SHA1:
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS12ParametersGenerator(DigestFactory.createSHA1());
+                    generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA1());
+                    break;
+                // BEGIN Android-removed: Unsupported algorithms
+                /*
+                case RIPEMD160:
+                    generator = new PKCS12ParametersGenerator(new RIPEMD160Digest());
+                    break;
+                case TIGER:
+                    generator = new PKCS12ParametersGenerator(new TigerDigest());
+                    break;
+                */
+                // END Android-removed: Unsupported algorithms
+                case SHA256:
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS12ParametersGenerator(DigestFactory.createSHA256());
+                    generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA256());
+                    break;
+                // Android-removed: Unsupported algorithms
+                // case GOST3411:
+                //     generator = new PKCS12ParametersGenerator(new GOST3411Digest());
+                //     break;
+                case SHA224:
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS12ParametersGenerator(DigestFactory.createSHA224());
+                    generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA224());
+                    break;
+                case SHA384:
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS12ParametersGenerator(DigestFactory.createSHA384());
+                    generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA384());
+                    break;
+                case SHA512:
+                    // Android-changed: Use Android digests
+                    // generator = new PKCS12ParametersGenerator(DigestFactory.createSHA512());
+                    generator = new PKCS12ParametersGenerator(AndroidDigestFactory.getSHA512());
+                    break;
+                default:
+                    throw new IllegalStateException("unknown digest scheme for PBE encryption.");
+                }
+            }
+            else
+            {
+                generator = new OpenSSLPBEParametersGenerator();
+            }
+    
+            return generator;
+        }
+
+        /**
+         * construct a key and iv (if necessary) suitable for use with a
+         * Cipher.
+         */
+        public static CipherParameters makePBEParameters(
+            byte[] pbeKey,
+            int scheme,
+            int digest,
+            int keySize,
+            int ivSize,
+            AlgorithmParameterSpec spec,
+            String targetAlgorithm)
+            throws InvalidAlgorithmParameterException
+        {
+            if ((spec == null) || !(spec instanceof PBEParameterSpec))
+            {
+                throw new InvalidAlgorithmParameterException("Need a PBEParameter spec with a PBE key.");
+            }
+
+            PBEParameterSpec        pbeParam = (PBEParameterSpec)spec;
+            PBEParametersGenerator  generator = makePBEGenerator(scheme, digest);
+            byte[]                  key = pbeKey;
+            CipherParameters        param;
+
+//            if (pbeKey.shouldTryWrongPKCS12())
+//            {
+//                key = new byte[2];
+//            }
+
+            generator.init(key, pbeParam.getSalt(), pbeParam.getIterationCount());
+
+            if (ivSize != 0)
+            {
+                param = generator.generateDerivedParameters(keySize, ivSize);
+                // BEGIN Android-added: Allow IVs specified in parameters.
+                // PKCS5S2 doesn't specify that the IV must be generated from the password. If the
+                // IV is passed as a parameter, use it.
+                AlgorithmParameterSpec parameterSpecFromPBEParameterSpec =
+                        getParameterSpecFromPBEParameterSpec(pbeParam);
+                if ((scheme == PKCS5S2 || scheme == PKCS5S2_UTF8)
+                        && parameterSpecFromPBEParameterSpec instanceof IvParameterSpec) {
+                    ParametersWithIV parametersWithIV = (ParametersWithIV) param;
+                    IvParameterSpec ivParameterSpec =
+                            (IvParameterSpec) parameterSpecFromPBEParameterSpec;
+                    param = new ParametersWithIV(
+                            (KeyParameter) parametersWithIV.getParameters(),
+                            ivParameterSpec.getIV());
+                }
+                // END Android-added: Allow IVs specified in parameters.
+            }
+            else
+            {
+                param = generator.generateDerivedParameters(keySize);
+            }
+
+            if (targetAlgorithm.startsWith("DES"))
+            {
+                if (param instanceof ParametersWithIV)
+                {
+                    KeyParameter    kParam = (KeyParameter)((ParametersWithIV)param).getParameters();
+
+                    DESParameters.setOddParity(kParam.getKey());
+                }
+                else
+                {
+                    KeyParameter    kParam = (KeyParameter)param;
+
+                    DESParameters.setOddParity(kParam.getKey());
+                }
+            }
+
+            return param;
+        }
+
+        /**
+         * construct a key and iv (if necessary) suitable for use with a 
+         * Cipher.
+         */
+        public static CipherParameters makePBEParameters(
+            BCPBEKey pbeKey,
+            AlgorithmParameterSpec spec,
+            String targetAlgorithm)
+        {
+            if ((spec == null) || !(spec instanceof PBEParameterSpec))
+            {
+                throw new IllegalArgumentException("Need a PBEParameter spec with a PBE key.");
+            }
+    
+            PBEParameterSpec        pbeParam = (PBEParameterSpec)spec;
+            PBEParametersGenerator  generator = makePBEGenerator(pbeKey.getType(), pbeKey.getDigest());
+            byte[]                  key = pbeKey.getEncoded();
+            CipherParameters        param;
+    
+            if (pbeKey.shouldTryWrongPKCS12())
+            {
+                key = new byte[2];
+            }
+            
+            generator.init(key, pbeParam.getSalt(), pbeParam.getIterationCount());
+
+            if (pbeKey.getIvSize() != 0)
+            {
+                param = generator.generateDerivedParameters(pbeKey.getKeySize(), pbeKey.getIvSize());
+                // BEGIN Android-added: Allow IVs specified in parameters.
+                // PKCS5S2 doesn't specify that the IV must be generated from the password. If the
+                // IV is passed as a parameter, use it.
+                AlgorithmParameterSpec parameterSpecFromPBEParameterSpec =
+                        getParameterSpecFromPBEParameterSpec(pbeParam);
+                if ((pbeKey.getType() == PKCS5S2 || pbeKey.getType() == PKCS5S2_UTF8)
+                        && parameterSpecFromPBEParameterSpec instanceof IvParameterSpec) {
+                    ParametersWithIV parametersWithIV = (ParametersWithIV) param;
+                    IvParameterSpec ivParameterSpec =
+                            (IvParameterSpec) parameterSpecFromPBEParameterSpec;
+                    param = new ParametersWithIV(
+                            (KeyParameter) parametersWithIV.getParameters(),
+                            ivParameterSpec.getIV());
+                }
+                // END Android-added: Allow IVs specified in parameters.
+            }
+            else
+            {
+                param = generator.generateDerivedParameters(pbeKey.getKeySize());
+            }
+
+            if (targetAlgorithm.startsWith("DES"))
+            {
+                if (param instanceof ParametersWithIV)
+                {
+                    KeyParameter    kParam = (KeyParameter)((ParametersWithIV)param).getParameters();
+
+                    DESParameters.setOddParity(kParam.getKey());
+                }
+                else
+                {
+                    KeyParameter    kParam = (KeyParameter)param;
+
+                    DESParameters.setOddParity(kParam.getKey());
+                }
+            }
+
+            return param;
+        }
+
+        /**
+         * generate a PBE based key suitable for a MAC algorithm, the
+         * key size is chosen according the MAC size, or the hashing algorithm,
+         * whichever is greater.
+         */
+        public static CipherParameters makePBEMacParameters(
+            BCPBEKey pbeKey,
+            AlgorithmParameterSpec spec)
+        {
+            if ((spec == null) || !(spec instanceof PBEParameterSpec))
+            {
+                throw new IllegalArgumentException("Need a PBEParameter spec with a PBE key.");
+            }
+    
+            PBEParameterSpec        pbeParam = (PBEParameterSpec)spec;
+            PBEParametersGenerator  generator = makePBEGenerator(pbeKey.getType(), pbeKey.getDigest());
+            byte[]                  key = pbeKey.getEncoded();
+            CipherParameters        param;
+            
+            generator.init(key, pbeParam.getSalt(), pbeParam.getIterationCount());
+
+            param = generator.generateDerivedMacParameters(pbeKey.getKeySize());
+
+            return param;
+        }
+
+        /**
+         * generate a PBE based key suitable for a MAC algorithm, the
+         * key size is chosen according the MAC size, or the hashing algorithm,
+         * whichever is greater.
+         */
+        public static CipherParameters makePBEMacParameters(
+            PBEKeySpec keySpec,
+            int type,
+            int hash,
+            int keySize)
+        {
+            PBEParametersGenerator  generator = makePBEGenerator(type, hash);
+            byte[]                  key;
+            CipherParameters        param;
+
+            key = convertPassword(type, keySpec);
+
+            generator.init(key, keySpec.getSalt(), keySpec.getIterationCount());
+
+            param = generator.generateDerivedMacParameters(keySize);
+
+            for (int i = 0; i != key.length; i++)
+            {
+                key[i] = 0;
+            }
+
+            return param;
+        }
+
+        /**
+         * construct a key and iv (if necessary) suitable for use with a 
+         * Cipher.
+         */
+        public static CipherParameters makePBEParameters(
+            PBEKeySpec keySpec,
+            int type,
+            int hash,
+            int keySize,
+            int ivSize)
+        {    
+            PBEParametersGenerator  generator = makePBEGenerator(type, hash);
+            byte[]                  key;
+            CipherParameters        param;
+
+            key = convertPassword(type, keySpec);
+
+            generator.init(key, keySpec.getSalt(), keySpec.getIterationCount());
+    
+            if (ivSize != 0)
+            {
+                param = generator.generateDerivedParameters(keySize, ivSize);
+            }
+            else
+            {
+                param = generator.generateDerivedParameters(keySize);
+            }
+    
+            for (int i = 0; i != key.length; i++)
+            {
+                key[i] = 0;
+            }
+    
+            return param;
+        }
+
+        /**
+         * generate a PBE based key suitable for a MAC algorithm, the
+         * key size is chosen according the MAC size, or the hashing algorithm,
+         * whichever is greater.
+         */
+        public static CipherParameters makePBEMacParameters(
+            SecretKey key,
+            int type,
+            int hash,
+            int keySize,
+            PBEParameterSpec pbeSpec)
+        {
+            PBEParametersGenerator  generator = makePBEGenerator(type, hash);
+            CipherParameters        param;
+    
+            byte[] keyBytes = key.getEncoded();
+            
+            generator.init(key.getEncoded(), pbeSpec.getSalt(), pbeSpec.getIterationCount());
+
+            param = generator.generateDerivedMacParameters(keySize);
+
+            for (int i = 0; i != keyBytes.length; i++)
+            {
+                keyBytes[i] = 0;
+            }
+    
+            return param;
+        }
+
+        // BEGIN Android-added: Add helper for 1.8 compatibility.
+        /**
+         * Invokes the method {@link PBEParameterSpec#getParameterSpec()} via reflection.
+         *
+         * Needed as the method was introduced in Java 1.8 and Bouncycastle level is 1.5.
+         *
+         * @return the parameter spec, or null if the method is not available.
+         */
+        public static AlgorithmParameterSpec getParameterSpecFromPBEParameterSpec(
+                PBEParameterSpec pbeParameterSpec) {
+            try {
+                Method getParameterSpecMethod = PBE.class.getClassLoader()
+                        .loadClass("javax.crypto.spec.PBEParameterSpec")
+                        .getMethod("getParameterSpec");
+                return (AlgorithmParameterSpec) getParameterSpecMethod.invoke(pbeParameterSpec);
+            } catch (Exception e) {
+                return null;
+            }
+        }
+        // END Android-added: Add helper for 1.8 compatibility.
+
+
+        private static byte[] convertPassword(int type, PBEKeySpec keySpec)
+        {
+            byte[] key;
+
+            if (type == PKCS12)
+            {
+                key = PBEParametersGenerator.PKCS12PasswordToBytes(keySpec.getPassword());
+            }
+            else if (type == PKCS5S2_UTF8 || type == PKCS5S1_UTF8)
+            {
+                key = PBEParametersGenerator.PKCS5PasswordToUTF8Bytes(keySpec.getPassword());
+            }
+            else
+            {
+                key = PBEParametersGenerator.PKCS5PasswordToBytes(keySpec.getPassword());
+            }
+            return key;
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/PBESecretKeyFactory.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/PBESecretKeyFactory.java
new file mode 100644
index 0000000..a66664b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/symmetric/util/PBESecretKeyFactory.java

@@ -0,0 +1,72 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.symmetric.util;
+
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.KeySpec;
+
+import javax.crypto.SecretKey;
+import javax.crypto.spec.PBEKeySpec;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.crypto.CipherParameters;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PBESecretKeyFactory
+    extends BaseSecretKeyFactory
+    implements PBE
+{
+    private boolean forCipher;
+    private int scheme;
+    private int digest;
+    private int keySize;
+    private int ivSize;
+
+    public PBESecretKeyFactory(
+        String algorithm,
+        ASN1ObjectIdentifier oid,
+        boolean forCipher,
+        int scheme,
+        int digest,
+        int keySize,
+        int ivSize)
+    {
+        super(algorithm, oid);
+
+        this.forCipher = forCipher;
+        this.scheme = scheme;
+        this.digest = digest;
+        this.keySize = keySize;
+        this.ivSize = ivSize;
+    }
+
+    protected SecretKey engineGenerateSecret(
+        KeySpec keySpec)
+        throws InvalidKeySpecException
+    {
+        if (keySpec instanceof PBEKeySpec)
+        {
+            PBEKeySpec pbeSpec = (PBEKeySpec)keySpec;
+            CipherParameters param;
+
+            if (pbeSpec.getSalt() == null)
+            {
+                return new BCPBEKey(this.algName, this.algOid, scheme, digest, keySize, ivSize, pbeSpec, null);
+            }
+
+            if (forCipher)
+            {
+                param = PBE.Util.makePBEParameters(pbeSpec, scheme, digest, keySize, ivSize);
+            }
+            else
+            {
+                param = PBE.Util.makePBEMacParameters(pbeSpec, scheme, digest, keySize);
+            }
+
+            return new BCPBEKey(this.algName, this.algOid, scheme, digest, keySize, ivSize, pbeSpec, param);
+        }
+
+        throw new InvalidKeySpecException("Invalid KeySpec");
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/util/AlgorithmProvider.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/util/AlgorithmProvider.java
new file mode 100644
index 0000000..e861a31
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/util/AlgorithmProvider.java

@@ -0,0 +1,12 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.util;
+
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class AlgorithmProvider
+{
+    public abstract void configure(ConfigurableProvider provider);
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/util/AsymmetricAlgorithmProvider.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/util/AsymmetricAlgorithmProvider.java
new file mode 100644
index 0000000..82b7984
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/util/AsymmetricAlgorithmProvider.java

@@ -0,0 +1,62 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.util;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class AsymmetricAlgorithmProvider
+    extends AlgorithmProvider
+{
+    protected void addSignatureAlgorithm(
+        ConfigurableProvider provider,
+        String algorithm,
+        String className,
+        ASN1ObjectIdentifier oid)
+    {
+        provider.addAlgorithm("Signature." + algorithm, className);
+        provider.addAlgorithm("Alg.Alias.Signature." + oid, algorithm);
+        provider.addAlgorithm("Alg.Alias.Signature.OID." + oid, algorithm);
+    }
+
+    protected void addSignatureAlgorithm(
+        ConfigurableProvider provider,
+        String digest,
+        String algorithm,
+        String className,
+        ASN1ObjectIdentifier oid)
+    {
+        String mainName = digest + "WITH" + algorithm;
+        String jdk11Variation1 = digest + "with" + algorithm;
+        String jdk11Variation2 = digest + "With" + algorithm;
+        String alias = digest + "/" + algorithm;
+
+        provider.addAlgorithm("Signature." + mainName, className);
+        provider.addAlgorithm("Alg.Alias.Signature." + jdk11Variation1, mainName);
+        provider.addAlgorithm("Alg.Alias.Signature." + jdk11Variation2, mainName);
+        provider.addAlgorithm("Alg.Alias.Signature." + alias, mainName);
+        provider.addAlgorithm("Alg.Alias.Signature." + oid, mainName);
+        provider.addAlgorithm("Alg.Alias.Signature.OID." + oid, mainName);
+    }
+
+    protected void registerOid(ConfigurableProvider provider, ASN1ObjectIdentifier oid, String name, AsymmetricKeyInfoConverter keyFactory)
+    {
+        provider.addAlgorithm("Alg.Alias.KeyFactory." + oid, name);
+        provider.addAlgorithm("Alg.Alias.KeyPairGenerator." + oid, name);
+
+        provider.addKeyInfoConverter(oid, keyFactory);
+    }
+
+    protected void registerOidAlgorithmParameters(ConfigurableProvider provider, ASN1ObjectIdentifier oid, String name)
+    {
+        provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + oid, name);
+    }
+
+    protected void registerOidAlgorithmParameterGenerator(ConfigurableProvider provider, ASN1ObjectIdentifier oid, String name)
+    {
+        provider.addAlgorithm("Alg.Alias.AlgorithmParameterGenerator." + oid, name);
+        provider.addAlgorithm("Alg.Alias.AlgorithmParameters." + oid, name);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/util/AsymmetricKeyInfoConverter.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/util/AsymmetricKeyInfoConverter.java
new file mode 100644
index 0000000..5d8e22b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/util/AsymmetricKeyInfoConverter.java

@@ -0,0 +1,21 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.util;
+
+import java.io.IOException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+
+import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface AsymmetricKeyInfoConverter
+{
+    PrivateKey generatePrivate(PrivateKeyInfo keyInfo)
+        throws IOException;
+
+    PublicKey generatePublic(SubjectPublicKeyInfo keyInfo)
+        throws IOException;
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/util/BadBlockException.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/util/BadBlockException.java
new file mode 100644
index 0000000..f8452c8
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/util/BadBlockException.java

@@ -0,0 +1,25 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.util;
+
+import javax.crypto.BadPaddingException;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BadBlockException
+    extends BadPaddingException
+{
+    private final Throwable cause;
+
+    public BadBlockException(String msg, Throwable cause)
+    {
+        super(msg);
+
+        this.cause = cause;
+    }
+
+    public Throwable getCause()
+    {
+        return cause;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/util/DigestFactory.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/util/DigestFactory.java
new file mode 100644
index 0000000..d30500a
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/util/DigestFactory.java

@@ -0,0 +1,238 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.util;
+
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.Digest;
+// BEGIN Android-added: Use Android digests
+import com.android.org.bouncycastle.crypto.digests.AndroidDigestFactory;
+// END Android-added: Use Android digests
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DigestFactory
+{
+    private static Set md5 = new HashSet();
+    private static Set sha1 = new HashSet();
+    private static Set sha224 = new HashSet();
+    private static Set sha256 = new HashSet();
+    private static Set sha384 = new HashSet();
+    private static Set sha512 = new HashSet();
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    private static Set sha512_224 = new HashSet();
+    private static Set sha512_256 = new HashSet();
+    private static Set sha3_224 = new HashSet();
+    private static Set sha3_256 = new HashSet();
+    private static Set sha3_384 = new HashSet();
+    private static Set sha3_512 = new HashSet();
+    */
+    // END Android-removed: Unsupported algorithms
+
+    private static Map oids = new HashMap();
+    
+    static
+    {
+        md5.add("MD5");
+        md5.add(PKCSObjectIdentifiers.md5.getId());
+        
+        sha1.add("SHA1");
+        sha1.add("SHA-1");
+        sha1.add(OIWObjectIdentifiers.idSHA1.getId());
+        
+        sha224.add("SHA224");
+        sha224.add("SHA-224");
+        sha224.add(NISTObjectIdentifiers.id_sha224.getId());
+        
+        sha256.add("SHA256");
+        sha256.add("SHA-256");
+        sha256.add(NISTObjectIdentifiers.id_sha256.getId());
+        
+        sha384.add("SHA384");
+        sha384.add("SHA-384");
+        sha384.add(NISTObjectIdentifiers.id_sha384.getId());
+        
+        sha512.add("SHA512");
+        sha512.add("SHA-512");
+        sha512.add(NISTObjectIdentifiers.id_sha512.getId()); 
+
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        sha512_224.add("SHA512(224)");
+        sha512_224.add("SHA-512(224)");
+        sha512_224.add(NISTObjectIdentifiers.id_sha512_224.getId());
+
+        sha512_256.add("SHA512(256)");
+        sha512_256.add("SHA-512(256)");
+        sha512_256.add(NISTObjectIdentifiers.id_sha512_256.getId());
+
+        sha3_224.add("SHA3-224");
+        sha3_224.add(NISTObjectIdentifiers.id_sha3_224.getId());
+
+        sha3_256.add("SHA3-256");
+        sha3_256.add(NISTObjectIdentifiers.id_sha3_256.getId());
+
+        sha3_384.add("SHA3-384");
+        sha3_384.add(NISTObjectIdentifiers.id_sha3_384.getId());
+
+        sha3_512.add("SHA3-512");
+        sha3_512.add(NISTObjectIdentifiers.id_sha3_512.getId());
+        */
+        // END Android-removed: Unsupported algorithms
+
+
+        oids.put("MD5", PKCSObjectIdentifiers.md5);
+        oids.put(PKCSObjectIdentifiers.md5.getId(), PKCSObjectIdentifiers.md5);
+        
+        oids.put("SHA1", OIWObjectIdentifiers.idSHA1);
+        oids.put("SHA-1", OIWObjectIdentifiers.idSHA1);
+        oids.put(OIWObjectIdentifiers.idSHA1.getId(), OIWObjectIdentifiers.idSHA1);
+        
+        oids.put("SHA224", NISTObjectIdentifiers.id_sha224);
+        oids.put("SHA-224", NISTObjectIdentifiers.id_sha224);
+        oids.put(NISTObjectIdentifiers.id_sha224.getId(), NISTObjectIdentifiers.id_sha224);
+        
+        oids.put("SHA256", NISTObjectIdentifiers.id_sha256);
+        oids.put("SHA-256", NISTObjectIdentifiers.id_sha256);
+        oids.put(NISTObjectIdentifiers.id_sha256.getId(), NISTObjectIdentifiers.id_sha256);
+        
+        oids.put("SHA384", NISTObjectIdentifiers.id_sha384);
+        oids.put("SHA-384", NISTObjectIdentifiers.id_sha384);
+        oids.put(NISTObjectIdentifiers.id_sha384.getId(), NISTObjectIdentifiers.id_sha384);
+        
+        oids.put("SHA512", NISTObjectIdentifiers.id_sha512);
+        oids.put("SHA-512", NISTObjectIdentifiers.id_sha512);
+        oids.put(NISTObjectIdentifiers.id_sha512.getId(), NISTObjectIdentifiers.id_sha512);
+
+        oids.put("SHA512(224)", NISTObjectIdentifiers.id_sha512_224);
+        oids.put("SHA-512(224)", NISTObjectIdentifiers.id_sha512_224);
+        oids.put(NISTObjectIdentifiers.id_sha512_224.getId(), NISTObjectIdentifiers.id_sha512_224);
+
+        oids.put("SHA512(256)", NISTObjectIdentifiers.id_sha512_256);
+        oids.put("SHA-512(256)", NISTObjectIdentifiers.id_sha512_256);
+        oids.put(NISTObjectIdentifiers.id_sha512_256.getId(), NISTObjectIdentifiers.id_sha512_256);
+
+        oids.put("SHA3-224", NISTObjectIdentifiers.id_sha3_224);
+        oids.put(NISTObjectIdentifiers.id_sha3_224.getId(), NISTObjectIdentifiers.id_sha3_224);
+
+        oids.put("SHA3-256", NISTObjectIdentifiers.id_sha3_256);
+        oids.put(NISTObjectIdentifiers.id_sha3_256.getId(), NISTObjectIdentifiers.id_sha3_256);
+
+        oids.put("SHA3-384", NISTObjectIdentifiers.id_sha3_384);
+        oids.put(NISTObjectIdentifiers.id_sha3_384.getId(), NISTObjectIdentifiers.id_sha3_384);
+
+        oids.put("SHA3-512", NISTObjectIdentifiers.id_sha3_512);
+        oids.put(NISTObjectIdentifiers.id_sha3_512.getId(), NISTObjectIdentifiers.id_sha3_512);
+    }
+    
+    public static Digest getDigest(
+        String digestName) 
+    {
+        digestName = Strings.toUpperCase(digestName);
+        
+        if (sha1.contains(digestName))
+        {
+            // Android-changed: Use Android digests
+            // return org.bouncycastle.crypto.util.DigestFactory.createSHA1();
+            return AndroidDigestFactory.getSHA1();
+        }
+        if (md5.contains(digestName))
+        {
+            // Android-changed: Use Android digests
+            // return org.bouncycastle.crypto.util.DigestFactory.createMD5();
+            return AndroidDigestFactory.getMD5();
+        }
+        if (sha224.contains(digestName))
+        {
+            // Android-changed: Use Android digests
+            // return org.bouncycastle.crypto.util.DigestFactory.createSHA224();
+            return AndroidDigestFactory.getSHA224();
+        }
+        if (sha256.contains(digestName))
+        {
+            // Android-changed: Use Android digests
+            // return org.bouncycastle.crypto.util.DigestFactory.createSHA256();
+            return AndroidDigestFactory.getSHA256();
+        }
+        if (sha384.contains(digestName))
+        {
+            // Android-changed: Use Android digests
+            // return org.bouncycastle.crypto.util.DigestFactory.createSHA384();
+            return AndroidDigestFactory.getSHA384();
+        }
+        if (sha512.contains(digestName))
+        {
+            // Android-changed: Use Android digests
+            // return org.bouncycastle.crypto.util.DigestFactory.createSHA512();
+            return AndroidDigestFactory.getSHA512();
+        }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        if (sha512_224.contains(digestName))
+        {
+            return org.bouncycastle.crypto.util.DigestFactory.createSHA512_224();
+        }
+        if (sha512_256.contains(digestName))
+        {
+            return org.bouncycastle.crypto.util.DigestFactory.createSHA512_256();
+        }
+
+        if (sha3_224.contains(digestName))
+        {
+            return org.bouncycastle.crypto.util.DigestFactory.createSHA3_224();
+        }
+        if (sha3_256.contains(digestName))
+        {
+            return org.bouncycastle.crypto.util.DigestFactory.createSHA3_256();
+        }
+        if (sha3_384.contains(digestName))
+        {
+            return org.bouncycastle.crypto.util.DigestFactory.createSHA3_384();
+        }
+        if (sha3_512.contains(digestName))
+        {
+            return org.bouncycastle.crypto.util.DigestFactory.createSHA3_512();
+        }
+        */
+        // END Android-removed: Unsupported algorithms
+
+        return null;
+    }
+    
+    public static boolean isSameDigest(
+        String digest1,
+        String digest2)
+    {
+        return (sha1.contains(digest1) && sha1.contains(digest2))
+            || (sha224.contains(digest1) && sha224.contains(digest2))
+            || (sha256.contains(digest1) && sha256.contains(digest2))
+            || (sha384.contains(digest1) && sha384.contains(digest2))
+            || (sha512.contains(digest1) && sha512.contains(digest2))
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            || (sha512_224.contains(digest1) && sha512_224.contains(digest2))
+            || (sha512_256.contains(digest1) && sha512_256.contains(digest2))
+            || (sha3_224.contains(digest1) && sha3_224.contains(digest2))
+            || (sha3_256.contains(digest1) && sha3_256.contains(digest2))
+            || (sha3_384.contains(digest1) && sha3_384.contains(digest2))
+            || (sha3_512.contains(digest1) && sha3_512.contains(digest2))
+            */
+            // END Android-removed: Unsupported algorithms
+            || (md5.contains(digest1) && md5.contains(digest2));
+    }
+    
+    public static ASN1ObjectIdentifier getOID(
+        String digestName)
+    {
+        return (ASN1ObjectIdentifier)oids.get(digestName);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/util/SecretKeyUtil.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/util/SecretKeyUtil.java
new file mode 100644
index 0000000..e4521fb
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/provider/util/SecretKeyUtil.java

@@ -0,0 +1,44 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.provider.util;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.ntt.NTTObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.util.Integers;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecretKeyUtil
+{
+    private static Map keySizes = new HashMap();
+
+    static
+    {
+        keySizes.put(PKCSObjectIdentifiers.des_EDE3_CBC.getId(), Integers.valueOf(192));
+
+        keySizes.put(NISTObjectIdentifiers.id_aes128_CBC, Integers.valueOf(128));
+        keySizes.put(NISTObjectIdentifiers.id_aes192_CBC, Integers.valueOf(192));
+        keySizes.put(NISTObjectIdentifiers.id_aes256_CBC, Integers.valueOf(256));
+
+        keySizes.put(NTTObjectIdentifiers.id_camellia128_cbc, Integers.valueOf(128));
+        keySizes.put(NTTObjectIdentifiers.id_camellia192_cbc, Integers.valueOf(192));
+        keySizes.put(NTTObjectIdentifiers.id_camellia256_cbc, Integers.valueOf(256));
+    }
+
+    public static int getKeySize(ASN1ObjectIdentifier oid)
+    {
+        Integer size = (Integer)keySizes.get(oid);
+
+        if (size != null)
+        {
+            return size.intValue();
+        }
+
+        return -1;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/spec/AEADParameterSpec.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/spec/AEADParameterSpec.java
new file mode 100644
index 0000000..0b61c1b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/spec/AEADParameterSpec.java

@@ -0,0 +1,75 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.spec;
+
+import javax.crypto.spec.IvParameterSpec;
+
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * ParameterSpec for AEAD modes which allows associated data to be added via an algorithm parameter spec.In normal
+ * circumstances you would only want to use this if you had to work with the pre-JDK1.7 Cipher class as associated
+ * data is ignored for the purposes of returning a Cipher's parameters.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class AEADParameterSpec
+    extends IvParameterSpec
+{
+    private final byte[] associatedData;
+    private final int macSizeInBits;
+
+    /**
+     * Base constructor.
+     *
+     * @param nonce nonce/iv to be used
+     * @param macSizeInBits macSize in bits
+     */
+    public AEADParameterSpec(byte[] nonce, int macSizeInBits)
+    {
+        this(nonce, macSizeInBits, null);
+    }
+
+    /**
+     * Base constructor with prepended associated data.
+     *
+     * @param nonce nonce/iv to be used
+     * @param macSizeInBits macSize in bits
+     * @param associatedData associated data to be prepended to the cipher stream.
+     */
+    public AEADParameterSpec(byte[] nonce, int macSizeInBits, byte[] associatedData)
+    {
+        super(nonce);
+
+        this.macSizeInBits = macSizeInBits;
+        this.associatedData = Arrays.clone(associatedData);
+    }
+
+    /**
+     * Return the size of the MAC associated with this parameter spec.
+     *
+     * @return the MAC size in bits.
+     */
+    public int getMacSizeInBits()
+    {
+        return macSizeInBits;
+    }
+
+    /**
+     * Return the associated data associated with this parameter spec.
+     *
+     * @return the associated data, null if there isn't any.
+     */
+    public byte[] getAssociatedData()
+    {
+        return Arrays.clone(associatedData);
+    }
+
+    /**
+     * Return the nonce (same as IV) associated with this parameter spec.
+     *
+     * @return the nonce/IV.
+     */
+    public byte[] getNonce()
+    {
+        return getIV();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/spec/DHDomainParameterSpec.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/spec/DHDomainParameterSpec.java
new file mode 100644
index 0000000..b36250f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/spec/DHDomainParameterSpec.java

@@ -0,0 +1,131 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.spec;
+
+import java.math.BigInteger;
+
+import javax.crypto.spec.DHParameterSpec;
+
+import com.android.org.bouncycastle.crypto.params.DHParameters;
+import com.android.org.bouncycastle.crypto.params.DHValidationParameters;
+
+/**
+ * Extension class for DHParameterSpec that wraps a DHDomainParameters object and provides the q domain parameter.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DHDomainParameterSpec
+    extends DHParameterSpec
+{
+    private final BigInteger q;
+    private final BigInteger j;
+    private final int m;
+
+    private DHValidationParameters validationParameters;
+
+    /**
+     * Base constructor - use the values in an existing set of domain parameters.
+     *
+     * @param domainParameters the Diffie-Hellman domain parameters to wrap.
+     */
+    public DHDomainParameterSpec(DHParameters domainParameters)
+    {
+        this(domainParameters.getP(), domainParameters.getQ(), domainParameters.getG(), domainParameters.getJ(), domainParameters.getM(), domainParameters.getL());
+        this.validationParameters = domainParameters.getValidationParameters();
+    }
+
+    /**
+     * Minimal constructor for parameters able to be used to verify a public key, or use with MQV.
+     *
+     * @param p the prime p defining the Galois field.
+     * @param g the generator of the multiplicative subgroup of order g.
+     * @param q specifies the prime factor of p - 1
+     */
+    public DHDomainParameterSpec(BigInteger p, BigInteger q, BigInteger g)
+    {
+        this(p, q, g, null, 0);
+    }
+
+    /**
+     * Minimal constructor for parameters able to be used to verify a public key, or use with MQV, and a private value length.
+     *
+     * @param p the prime p defining the Galois field.
+     * @param g the generator of the multiplicative subgroup of order g.
+     * @param q specifies the prime factor of p - 1
+     * @param l the maximum bit length for the private value.
+     */
+    public DHDomainParameterSpec(BigInteger p, BigInteger q, BigInteger g, int l)
+    {
+        this(p, q, g, null, l);
+    }
+
+    /**
+     * X9.42 parameters with private value length.
+     *
+     * @param p the prime p defining the Galois field.
+     * @param g the generator of the multiplicative subgroup of order g.
+     * @param q specifies the prime factor of p - 1
+     * @param j optionally specifies the value that satisfies the equation p = jq+1
+     * @param l the maximum bit length for the private value.
+     */
+    public DHDomainParameterSpec(BigInteger p, BigInteger q, BigInteger g, BigInteger j, int l)
+    {
+        this(p, q, g, j, 0, l);
+    }
+
+    /**
+     * Base constructor - the full domain parameter set.
+     *
+     * @param p the prime p defining the Galois field.
+     * @param g the generator of the multiplicative subgroup of order g.
+     * @param q specifies the prime factor of p - 1
+     * @param j optionally specifies the value that satisfies the equation p = jq+1
+     * @param m the minimum bit length for the private value.
+     * @param l the maximum bit length for the private value.
+     */
+    public DHDomainParameterSpec(BigInteger p, BigInteger q, BigInteger g, BigInteger j, int m, int l)
+    {
+        super(p, g, l);
+        this.q = q;
+        this.j = j;
+        this.m = m;
+    }
+
+    /**
+     * Return the Q value for the domain parameter set.
+     *
+     * @return the value Q.
+     */
+    public BigInteger getQ()
+    {
+        return q;
+    }
+
+    /**
+     * Return the J value for the domain parameter set if available.
+     *
+     * @return the value J, null otherwise.
+     */
+    public BigInteger getJ()
+    {
+        return j;
+    }
+
+    /**
+     * Return the minimum bitlength for a private value to be generated from these parameters, 0 if not set.
+     *
+     * @return minimum bitlength for private value.
+     */
+    public int getM()
+    {
+        return m;
+    }
+
+    /**
+     * Return the DHDomainParameters object we represent.
+     *
+     * @return the internal DHDomainParameters.
+     */
+    public DHParameters getDomainParameters()
+    {
+        return new DHParameters(getP(), getG(), q, m, getL(), j, validationParameters);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/spec/PBKDF2KeySpec.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/spec/PBKDF2KeySpec.java
new file mode 100644
index 0000000..444ad62
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/spec/PBKDF2KeySpec.java

@@ -0,0 +1,56 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.spec;
+
+import javax.crypto.spec.PBEKeySpec;
+
+import com.android.org.bouncycastle.asn1.DERNull;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+
+/**
+ * Extension of PBEKeySpec which takes into account the PRF algorithm setting available in PKCS#5 PBKDF2.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PBKDF2KeySpec
+    extends PBEKeySpec
+{
+    private static final AlgorithmIdentifier defaultPRF = new AlgorithmIdentifier(PKCSObjectIdentifiers.id_hmacWithSHA1, DERNull.INSTANCE);
+
+    private AlgorithmIdentifier prf;
+
+    /**
+     * Base constructor.
+     *
+     * @param password password to use as the seed of the PBE key generator.
+     * @param salt salt to use in the generator,
+     * @param iterationCount iteration count to use in the generator.
+     * @param keySize size of the key to be generated (in bits).
+     * @param prf identifier and parameters for the PRF algorithm to use.
+     */
+    public PBKDF2KeySpec(char[] password, byte[] salt, int iterationCount, int keySize, AlgorithmIdentifier prf)
+    {
+        super(password, salt, iterationCount, keySize);
+
+        this.prf = prf;
+    }
+
+    /**
+     * Return true if this spec is for the default PRF (HmacSHA1), false otherwise.
+     *
+     * @return true if this spec uses the default PRF, false otherwise.
+     */
+    public boolean isDefaultPrf()
+    {
+        return defaultPRF.equals(prf);
+    }
+
+    /**
+     * Return an AlgorithmIdentifier representing the PRF.
+     *
+     * @return the PRF's AlgorithmIdentifier.
+     */
+    public AlgorithmIdentifier getPrf()
+    {
+        return prf;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/spec/UserKeyingMaterialSpec.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/spec/UserKeyingMaterialSpec.java
new file mode 100644
index 0000000..36b9234
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/spec/UserKeyingMaterialSpec.java

@@ -0,0 +1,25 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.spec;
+
+import java.security.spec.AlgorithmParameterSpec;
+
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class UserKeyingMaterialSpec
+    implements AlgorithmParameterSpec
+{
+    private final byte[] userKeyingMaterial;
+
+    public UserKeyingMaterialSpec(byte[] userKeyingMaterial)
+    {
+        this.userKeyingMaterial = Arrays.clone(userKeyingMaterial);
+    }
+
+    public byte[] getUserKeyingMaterial()
+    {
+        return Arrays.clone(userKeyingMaterial);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/AlgorithmParametersUtils.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/AlgorithmParametersUtils.java
new file mode 100644
index 0000000..64ef0de
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/AlgorithmParametersUtils.java

@@ -0,0 +1,67 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.util;
+
+import java.io.IOException;
+import java.security.AlgorithmParameters;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+
+/**
+ * General JCA/JCE utility methods.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class AlgorithmParametersUtils
+{
+
+
+    private AlgorithmParametersUtils()
+    {
+
+    }
+
+    /**
+     * Extract an ASN.1 encodable from an AlgorithmParameters object.
+     *
+     * @param params the object to get the encoding used to create the return value.
+     * @return an ASN.1 object representing the primitives making up the params parameter.
+     * @throws IOException if an encoding cannot be extracted.
+     */
+    public static ASN1Encodable extractParameters(AlgorithmParameters params)
+        throws IOException
+    {
+        // we try ASN.1 explicitly first just in case and then role back to the default.
+        ASN1Encodable asn1Params;
+        try
+        {
+            asn1Params = ASN1Primitive.fromByteArray(params.getEncoded("ASN.1"));
+        }
+        catch (Exception ex)
+        {
+            asn1Params = ASN1Primitive.fromByteArray(params.getEncoded());
+        }
+
+        return asn1Params;
+    }
+
+    /**
+     * Load an AlgorithmParameters object with the passed in ASN.1 encodable - if possible.
+     *
+     * @param params the AlgorithmParameters object to be initialised.
+     * @param sParams the ASN.1 encodable to initialise params with.
+     * @throws IOException if the parameters cannot be initialised.
+     */
+    public static void loadParameters(AlgorithmParameters params, ASN1Encodable sParams)
+        throws IOException
+    {
+        // we try ASN.1 explicitly first just in case and then role back to the default.
+        try
+        {
+            params.init(sParams.toASN1Primitive().getEncoded(), "ASN.1");
+        }
+        catch (Exception ex)
+        {
+            params.init(sParams.toASN1Primitive().getEncoded());
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/BCJcaJceHelper.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/BCJcaJceHelper.java
new file mode 100644
index 0000000..f102521
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/BCJcaJceHelper.java

@@ -0,0 +1,40 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.util;
+
+import java.security.Provider;
+import java.security.Security;
+
+import com.android.org.bouncycastle.jce.provider.BouncyCastleProvider;
+
+/**
+ * A JCA/JCE helper that refers to the BC provider for all it's needs.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class BCJcaJceHelper
+    extends ProviderJcaJceHelper
+{
+    private static volatile Provider bcProvider;
+
+    private static synchronized Provider getBouncyCastleProvider()
+    {
+        if (Security.getProvider("BC") != null)
+        {
+            return Security.getProvider("BC");
+        }
+        else if (bcProvider != null)
+        {
+            return bcProvider;
+        }
+        else
+        {
+            bcProvider = new BouncyCastleProvider();
+
+            return bcProvider;
+        }
+    }
+
+    public BCJcaJceHelper()
+    {
+        super(getBouncyCastleProvider());
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/DefaultJcaJceHelper.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/DefaultJcaJceHelper.java
new file mode 100644
index 0000000..5e91663
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/DefaultJcaJceHelper.java

@@ -0,0 +1,108 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.util;
+
+import java.security.AlgorithmParameterGenerator;
+import java.security.AlgorithmParameters;
+import java.security.KeyFactory;
+import java.security.KeyPairGenerator;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.SecureRandom;
+import java.security.Signature;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+
+import javax.crypto.Cipher;
+import javax.crypto.KeyAgreement;
+import javax.crypto.KeyGenerator;
+import javax.crypto.Mac;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.SecretKeyFactory;
+
+/**
+ * {@link JcaJceHelper} that obtains all algorithms using the default JCA/JCE mechanism (i.e.
+ * without specifying a provider).
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DefaultJcaJceHelper
+    implements JcaJceHelper
+{
+    public Cipher createCipher(
+        String algorithm)
+        throws NoSuchAlgorithmException, NoSuchPaddingException
+    {
+        return Cipher.getInstance(algorithm);
+    }
+
+    public Mac createMac(String algorithm)
+        throws NoSuchAlgorithmException
+    {
+        return Mac.getInstance(algorithm);
+    }
+
+    public KeyAgreement createKeyAgreement(String algorithm)
+        throws NoSuchAlgorithmException
+    {
+        return KeyAgreement.getInstance(algorithm);
+    }
+
+    public AlgorithmParameterGenerator createAlgorithmParameterGenerator(String algorithm)
+        throws NoSuchAlgorithmException
+    {
+        return AlgorithmParameterGenerator.getInstance(algorithm);
+    }
+
+    public AlgorithmParameters createAlgorithmParameters(String algorithm)
+        throws NoSuchAlgorithmException
+    {
+        return AlgorithmParameters.getInstance(algorithm);
+    }
+
+    public KeyGenerator createKeyGenerator(String algorithm)
+        throws NoSuchAlgorithmException
+    {
+        return KeyGenerator.getInstance(algorithm);
+    }
+
+    public KeyFactory createKeyFactory(String algorithm)
+        throws NoSuchAlgorithmException
+    {
+        return KeyFactory.getInstance(algorithm);
+    }
+
+    public SecretKeyFactory createSecretKeyFactory(String algorithm)
+        throws NoSuchAlgorithmException
+    {
+        return SecretKeyFactory.getInstance(algorithm);
+    }
+
+    public KeyPairGenerator createKeyPairGenerator(String algorithm)
+        throws NoSuchAlgorithmException
+    {
+        return KeyPairGenerator.getInstance(algorithm);
+    }
+
+    public MessageDigest createDigest(String algorithm)
+        throws NoSuchAlgorithmException
+    {
+        return MessageDigest.getInstance(algorithm);
+    }
+
+    public Signature createSignature(String algorithm)
+        throws NoSuchAlgorithmException
+    {
+        return Signature.getInstance(algorithm);
+    }
+
+    public CertificateFactory createCertificateFactory(String algorithm)
+        throws CertificateException
+    {
+        return CertificateFactory.getInstance(algorithm);
+    }
+
+    public SecureRandom createSecureRandom(String algorithm)
+        throws NoSuchAlgorithmException
+    {
+        return SecureRandom.getInstance(algorithm);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/JcaJceHelper.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/JcaJceHelper.java
new file mode 100644
index 0000000..4a2e9af
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/JcaJceHelper.java

@@ -0,0 +1,68 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.util;
+
+import java.security.AlgorithmParameterGenerator;
+import java.security.AlgorithmParameters;
+import java.security.KeyFactory;
+import java.security.KeyPairGenerator;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.SecureRandom;
+import java.security.Signature;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+
+import javax.crypto.Cipher;
+import javax.crypto.KeyAgreement;
+import javax.crypto.KeyGenerator;
+import javax.crypto.Mac;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.SecretKeyFactory;
+
+/**
+ * Factory interface for instantiating JCA/JCE primitives.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface JcaJceHelper
+{
+    Cipher createCipher(
+        String algorithm)
+        throws NoSuchAlgorithmException, NoSuchPaddingException, NoSuchProviderException;
+
+    Mac createMac(String algorithm)
+        throws NoSuchAlgorithmException, NoSuchProviderException;
+
+    KeyAgreement createKeyAgreement(String algorithm)
+        throws NoSuchAlgorithmException, NoSuchProviderException;
+
+    AlgorithmParameterGenerator createAlgorithmParameterGenerator(String algorithm)
+        throws NoSuchAlgorithmException, NoSuchProviderException;
+
+    AlgorithmParameters createAlgorithmParameters(String algorithm)
+        throws NoSuchAlgorithmException, NoSuchProviderException;
+
+    KeyGenerator createKeyGenerator(String algorithm)
+        throws NoSuchAlgorithmException, NoSuchProviderException;
+
+    KeyFactory createKeyFactory(String algorithm)
+        throws NoSuchAlgorithmException, NoSuchProviderException;
+
+    SecretKeyFactory createSecretKeyFactory(String algorithm)
+           throws NoSuchAlgorithmException, NoSuchProviderException;
+
+    KeyPairGenerator createKeyPairGenerator(String algorithm)
+        throws NoSuchAlgorithmException, NoSuchProviderException;
+
+    MessageDigest createDigest(String algorithm)
+        throws NoSuchAlgorithmException, NoSuchProviderException;
+
+    Signature createSignature(String algorithm)
+        throws NoSuchAlgorithmException, NoSuchProviderException;
+
+    CertificateFactory createCertificateFactory(String algorithm)
+        throws NoSuchProviderException, CertificateException;
+
+    SecureRandom createSecureRandom(String algorithm)
+        throws NoSuchAlgorithmException, NoSuchProviderException;
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/JcaJceUtils.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/JcaJceUtils.java
new file mode 100644
index 0000000..9c489a5
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/JcaJceUtils.java

@@ -0,0 +1,135 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.util;
+
+import java.io.IOException;
+import java.security.AlgorithmParameters;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+
+/**
+ * General JCA/JCE utility methods.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class JcaJceUtils
+{
+    private JcaJceUtils()
+    {
+
+    }
+
+    /**
+     * Extract an ASN.1 encodable from an AlgorithmParameters object.
+     *
+     * @param params the object to get the encoding used to create the return value.
+     * @return an ASN.1 object representing the primitives making up the params parameter.
+     * @throws IOException if an encoding cannot be extracted.
+     * @deprecated use AlgorithmParametersUtils.extractParameters(AlgorithmParameters params)
+     */
+    public static ASN1Encodable extractParameters(AlgorithmParameters params)
+        throws IOException
+    {
+        // we try ASN.1 explicitly first just in case and then role back to the default.
+        ASN1Encodable asn1Params;
+        try
+        {
+            asn1Params = ASN1Primitive.fromByteArray(params.getEncoded("ASN.1"));
+        }
+        catch (Exception ex)
+        {
+            asn1Params = ASN1Primitive.fromByteArray(params.getEncoded());
+        }
+
+        return asn1Params;
+    }
+
+    /**
+     * Load an AlgorithmParameters object with the passed in ASN.1 encodable - if possible.
+     *
+     * @param params the AlgorithmParameters object to be initialised.
+     * @param sParams the ASN.1 encodable to initialise params with.
+     * @throws IOException if the parameters cannot be initialised.
+     * @deprecated use AlgorithmParametersUtils.loadParameters(AlgorithmParameters params, ASN1Encodable sParams)
+     */
+    public static void loadParameters(AlgorithmParameters params, ASN1Encodable sParams)
+        throws IOException
+    {
+        // we try ASN.1 explicitly first just in case and then role back to the default.
+        try
+        {
+            params.init(sParams.toASN1Primitive().getEncoded(), "ASN.1");
+        }
+        catch (Exception ex)
+        {
+            params.init(sParams.toASN1Primitive().getEncoded());
+        }
+    }
+
+    /**
+     * Attempt to find a standard JCA name for the digest represented by the past in OID.
+     *
+     * @param digestAlgOID the OID of the digest algorithm of interest.
+     * @return a string representing the standard name - the OID as a string if none available.
+     * @deprecated use MessageDigestUtils,getDigestName()
+     */
+    public static String getDigestAlgName(
+        ASN1ObjectIdentifier digestAlgOID)
+    {
+        if (PKCSObjectIdentifiers.md5.equals(digestAlgOID))
+        {
+            return "MD5";
+        }
+        else if (OIWObjectIdentifiers.idSHA1.equals(digestAlgOID))
+        {
+            return "SHA1";
+        }
+        else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID))
+        {
+            return "SHA224";
+        }
+        else if (NISTObjectIdentifiers.id_sha256.equals(digestAlgOID))
+        {
+            return "SHA256";
+        }
+        else if (NISTObjectIdentifiers.id_sha384.equals(digestAlgOID))
+        {
+            return "SHA384";
+        }
+        else if (NISTObjectIdentifiers.id_sha512.equals(digestAlgOID))
+        {
+            return "SHA512";
+        }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
+        {
+            return "RIPEMD128";
+        }
+        else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID))
+        {
+            return "RIPEMD160";
+        }
+        else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID))
+        {
+            return "RIPEMD256";
+        }
+        else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID))
+        {
+            return "GOST3411";
+        }
+        */
+        // END Android-removed: Unsupported algorithms
+        else
+        {
+            return digestAlgOID.getId();
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/MessageDigestUtils.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/MessageDigestUtils.java
new file mode 100644
index 0000000..05cfd6c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/MessageDigestUtils.java

@@ -0,0 +1,73 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.util;
+
+import java.util.HashMap;
+import java.util.Map;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// import org.bouncycastle.asn1.gm.GMObjectIdentifiers;
+// import org.bouncycastle.asn1.gnu.GNUObjectIdentifiers;
+// import org.bouncycastle.asn1.iso.ISOIECObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class MessageDigestUtils
+{
+    private static Map<ASN1ObjectIdentifier, String> digestOidMap = new HashMap<ASN1ObjectIdentifier, String>();
+
+    static
+    {
+        // BEGIN Android-removed: Unsupported algorithms
+        // digestOidMap.put(PKCSObjectIdentifiers.md2, "MD2");
+        // digestOidMap.put(PKCSObjectIdentifiers.md4, "MD4");
+        // END Android-removed: Unsupported algorithms
+        digestOidMap.put(PKCSObjectIdentifiers.md5, "MD5");
+        digestOidMap.put(OIWObjectIdentifiers.idSHA1, "SHA-1");
+        digestOidMap.put(NISTObjectIdentifiers.id_sha224, "SHA-224");
+        digestOidMap.put(NISTObjectIdentifiers.id_sha256, "SHA-256");
+        digestOidMap.put(NISTObjectIdentifiers.id_sha384, "SHA-384");
+        digestOidMap.put(NISTObjectIdentifiers.id_sha512, "SHA-512");
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        digestOidMap.put(TeleTrusTObjectIdentifiers.ripemd128, "RIPEMD-128");
+        digestOidMap.put(TeleTrusTObjectIdentifiers.ripemd160, "RIPEMD-160");
+        digestOidMap.put(TeleTrusTObjectIdentifiers.ripemd256, "RIPEMD-128");
+        digestOidMap.put(ISOIECObjectIdentifiers.ripemd128, "RIPEMD-128");
+        digestOidMap.put(ISOIECObjectIdentifiers.ripemd160, "RIPEMD-160");
+        digestOidMap.put(CryptoProObjectIdentifiers.gostR3411, "GOST3411");
+        digestOidMap.put(GNUObjectIdentifiers.Tiger_192, "Tiger");
+        digestOidMap.put(ISOIECObjectIdentifiers.whirlpool, "Whirlpool");
+        digestOidMap.put(NISTObjectIdentifiers.id_sha3_224, "SHA3-224");
+        digestOidMap.put(NISTObjectIdentifiers.id_sha3_256, "SHA3-256");
+        digestOidMap.put(NISTObjectIdentifiers.id_sha3_384, "SHA3-384");
+        digestOidMap.put(NISTObjectIdentifiers.id_sha3_512, "SHA3-512");
+        digestOidMap.put(GMObjectIdentifiers.sm3, "SM3");
+        */
+        // END Android-removed: Unsupported algorithms
+    }
+
+    /**
+     * Attempt to find a standard JCA name for the digest represented by the passed in OID.
+     *
+     * @param digestAlgOID the OID of the digest algorithm of interest.
+     * @return a string representing the standard name - the OID as a string if none available.
+     */
+    public static String getDigestName(ASN1ObjectIdentifier digestAlgOID)
+    {
+        String name = (String)digestOidMap.get(digestAlgOID);  // for pre 1.5 JDK
+        if (name != null)
+        {
+            return name;
+        }
+
+        return digestAlgOID.getId();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/NamedJcaJceHelper.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/NamedJcaJceHelper.java
new file mode 100644
index 0000000..cb60480
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/NamedJcaJceHelper.java

@@ -0,0 +1,115 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.util;
+
+import java.security.AlgorithmParameterGenerator;
+import java.security.AlgorithmParameters;
+import java.security.KeyFactory;
+import java.security.KeyPairGenerator;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.SecureRandom;
+import java.security.Signature;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+
+import javax.crypto.Cipher;
+import javax.crypto.KeyAgreement;
+import javax.crypto.KeyGenerator;
+import javax.crypto.Mac;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.SecretKeyFactory;
+
+/**
+ * {@link JcaJceHelper} that obtains all algorithms using a specific named provider.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class NamedJcaJceHelper
+    implements JcaJceHelper
+{
+    protected final String providerName;
+
+    public NamedJcaJceHelper(String providerName)
+    {
+        this.providerName = providerName;
+    }
+
+    public Cipher createCipher(
+        String algorithm)
+        throws NoSuchAlgorithmException, NoSuchPaddingException, NoSuchProviderException
+    {
+        return Cipher.getInstance(algorithm, providerName);
+    }
+
+    public Mac createMac(String algorithm)
+        throws NoSuchAlgorithmException, NoSuchProviderException
+    {
+        return Mac.getInstance(algorithm, providerName);
+    }
+
+    public KeyAgreement createKeyAgreement(String algorithm)
+        throws NoSuchAlgorithmException, NoSuchProviderException
+    {
+        return KeyAgreement.getInstance(algorithm, providerName);
+    }
+
+    public AlgorithmParameterGenerator createAlgorithmParameterGenerator(String algorithm)
+        throws NoSuchAlgorithmException, NoSuchProviderException
+    {
+        return AlgorithmParameterGenerator.getInstance(algorithm, providerName);
+    }
+
+    public AlgorithmParameters createAlgorithmParameters(String algorithm)
+        throws NoSuchAlgorithmException, NoSuchProviderException
+    {
+        return AlgorithmParameters.getInstance(algorithm, providerName);
+    }
+
+    public KeyGenerator createKeyGenerator(String algorithm)
+        throws NoSuchAlgorithmException, NoSuchProviderException
+    {
+        return KeyGenerator.getInstance(algorithm, providerName);
+    }
+
+    public KeyFactory createKeyFactory(String algorithm)
+        throws NoSuchAlgorithmException, NoSuchProviderException
+    {
+        return KeyFactory.getInstance(algorithm, providerName);
+    }
+
+    public SecretKeyFactory createSecretKeyFactory(String algorithm)
+        throws NoSuchAlgorithmException, NoSuchProviderException
+    {
+        return SecretKeyFactory.getInstance(algorithm, providerName);
+    }
+
+    public KeyPairGenerator createKeyPairGenerator(String algorithm)
+        throws NoSuchAlgorithmException, NoSuchProviderException
+    {
+        return KeyPairGenerator.getInstance(algorithm, providerName);
+    }
+
+    public MessageDigest createDigest(String algorithm)
+        throws NoSuchAlgorithmException, NoSuchProviderException
+    {
+        return MessageDigest.getInstance(algorithm, providerName);
+    }
+
+    public Signature createSignature(String algorithm)
+        throws NoSuchAlgorithmException, NoSuchProviderException
+    {
+        return Signature.getInstance(algorithm, providerName);
+    }
+
+    public CertificateFactory createCertificateFactory(String algorithm)
+        throws CertificateException, NoSuchProviderException
+    {
+        return CertificateFactory.getInstance(algorithm, providerName);
+    }
+
+    public SecureRandom createSecureRandom(String algorithm)
+        throws NoSuchAlgorithmException, NoSuchProviderException
+    {
+        return SecureRandom.getInstance(algorithm, providerName);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/ProviderJcaJceHelper.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/ProviderJcaJceHelper.java
new file mode 100644
index 0000000..2e54593
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jcajce/util/ProviderJcaJceHelper.java

@@ -0,0 +1,115 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jcajce.util;
+
+import java.security.AlgorithmParameterGenerator;
+import java.security.AlgorithmParameters;
+import java.security.KeyFactory;
+import java.security.KeyPairGenerator;
+import java.security.MessageDigest;
+import java.security.NoSuchAlgorithmException;
+import java.security.Provider;
+import java.security.SecureRandom;
+import java.security.Signature;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateFactory;
+
+import javax.crypto.Cipher;
+import javax.crypto.KeyAgreement;
+import javax.crypto.KeyGenerator;
+import javax.crypto.Mac;
+import javax.crypto.NoSuchPaddingException;
+import javax.crypto.SecretKeyFactory;
+
+/**
+ * {@link JcaJceHelper} that obtains all algorithms from a specific {@link Provider} instance.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ProviderJcaJceHelper
+    implements JcaJceHelper
+{
+    protected final Provider provider;
+
+    public ProviderJcaJceHelper(Provider provider)
+    {
+        this.provider = provider;
+    }
+
+    public Cipher createCipher(
+        String algorithm)
+        throws NoSuchAlgorithmException, NoSuchPaddingException
+    {
+        return Cipher.getInstance(algorithm, provider);
+    }
+
+    public Mac createMac(String algorithm)
+        throws NoSuchAlgorithmException
+    {
+        return Mac.getInstance(algorithm, provider);
+    }
+
+    public KeyAgreement createKeyAgreement(String algorithm)
+        throws NoSuchAlgorithmException
+    {
+        return KeyAgreement.getInstance(algorithm, provider);
+    }
+
+    public AlgorithmParameterGenerator createAlgorithmParameterGenerator(String algorithm)
+        throws NoSuchAlgorithmException
+    {
+        return AlgorithmParameterGenerator.getInstance(algorithm, provider);
+    }
+
+    public AlgorithmParameters createAlgorithmParameters(String algorithm)
+        throws NoSuchAlgorithmException
+    {
+        return AlgorithmParameters.getInstance(algorithm, provider);
+    }
+
+    public KeyGenerator createKeyGenerator(String algorithm)
+        throws NoSuchAlgorithmException
+    {
+        return KeyGenerator.getInstance(algorithm, provider);
+    }
+
+    public KeyFactory createKeyFactory(String algorithm)
+        throws NoSuchAlgorithmException
+    {
+        return KeyFactory.getInstance(algorithm, provider);
+    }
+
+    public SecretKeyFactory createSecretKeyFactory(String algorithm)
+        throws NoSuchAlgorithmException
+    {
+        return SecretKeyFactory.getInstance(algorithm, provider);
+    }
+
+    public KeyPairGenerator createKeyPairGenerator(String algorithm)
+        throws NoSuchAlgorithmException
+    {
+        return KeyPairGenerator.getInstance(algorithm, provider);
+    }
+
+    public MessageDigest createDigest(String algorithm)
+        throws NoSuchAlgorithmException
+    {
+        return MessageDigest.getInstance(algorithm, provider);
+    }
+
+    public Signature createSignature(String algorithm)
+        throws NoSuchAlgorithmException
+    {
+        return Signature.getInstance(algorithm, provider);
+    }
+
+    public CertificateFactory createCertificateFactory(String algorithm)
+        throws CertificateException
+    {
+        return CertificateFactory.getInstance(algorithm, provider);
+    }
+
+    public SecureRandom createSecureRandom(String algorithm)
+        throws NoSuchAlgorithmException
+    {
+        return SecureRandom.getInstance(algorithm, provider);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/ECNamedCurveTable.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/ECNamedCurveTable.java
new file mode 100644
index 0000000..6924428
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/ECNamedCurveTable.java

@@ -0,0 +1,78 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce;
+
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.x9.X9ECParameters;
+import com.android.org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
+
+/**
+ * a table of locally supported named curves.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ECNamedCurveTable
+{
+    /**
+     * return a parameter spec representing the passed in named
+     * curve. The routine returns null if the curve is not present.
+     * 
+     * @param name the name of the curve requested
+     * @return a parameter spec for the curve, null if it is not available.
+     */
+    public static ECNamedCurveParameterSpec getParameterSpec(
+        String  name)
+    {
+        X9ECParameters  ecP = com.android.org.bouncycastle.crypto.ec.CustomNamedCurves.getByName(name);
+        if (ecP == null)
+        {
+            try
+            {
+                ecP = com.android.org.bouncycastle.crypto.ec.CustomNamedCurves.getByOID(new ASN1ObjectIdentifier(name));
+            }
+            catch (IllegalArgumentException e)
+            {
+                // ignore - not an oid
+            }
+
+            if (ecP == null)
+            {
+                ecP = com.android.org.bouncycastle.asn1.x9.ECNamedCurveTable.getByName(name);
+                if (ecP == null)
+                {
+                    try
+                    {
+                        ecP = com.android.org.bouncycastle.asn1.x9.ECNamedCurveTable.getByOID(new ASN1ObjectIdentifier(name));
+                    }
+                    catch (IllegalArgumentException e)
+                    {
+                        // ignore - not an oid
+                    }
+                }
+            }
+        }
+
+        if (ecP == null)
+        {
+            return null;
+        }
+
+        return new ECNamedCurveParameterSpec(
+                                        name,
+                                        ecP.getCurve(),
+                                        ecP.getG(),
+                                        ecP.getN(),
+                                        ecP.getH(),
+                                        ecP.getSeed());
+    }
+
+    /**
+     * return an enumeration of the names of the available curves.
+     *
+     * @return an enumeration of the names of the available curves.
+     */
+    public static Enumeration getNames()
+    {
+        return com.android.org.bouncycastle.asn1.x9.ECNamedCurveTable.getNames();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/PKCS10CertificationRequest.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/PKCS10CertificationRequest.java
new file mode 100644
index 0000000..e0adfc5
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/PKCS10CertificationRequest.java

@@ -0,0 +1,660 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce;
+
+import java.io.IOException;
+import java.security.AlgorithmParameters;
+import java.security.GeneralSecurityException;
+import java.security.InvalidKeyException;
+import java.security.KeyFactory;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.Signature;
+import java.security.SignatureException;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.PSSParameterSpec;
+import java.security.spec.X509EncodedKeySpec;
+import java.util.HashSet;
+import java.util.Hashtable;
+import java.util.Set;
+
+import javax.security.auth.x500.X500Principal;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1InputStream;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1Set;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.DERNull;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.CertificationRequest;
+import com.android.org.bouncycastle.asn1.pkcs.CertificationRequestInfo;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.RSASSAPSSparams;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import com.android.org.bouncycastle.asn1.x509.X509Name;
+import com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
+import com.android.org.bouncycastle.jce.provider.BouncyCastleProvider;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * A class for verifying and creating PKCS10 Certification requests. 
+ * <pre>
+ * CertificationRequest ::= SEQUENCE {
+ *   certificationRequestInfo  CertificationRequestInfo,
+ *   signatureAlgorithm        AlgorithmIdentifier{{ SignatureAlgorithms }},
+ *   signature                 BIT STRING
+ * }
+ *
+ * CertificationRequestInfo ::= SEQUENCE {
+ *   version             INTEGER { v1(0) } (v1,...),
+ *   subject             Name,
+ *   subjectPKInfo   SubjectPublicKeyInfo{{ PKInfoAlgorithms }},
+ *   attributes          [0] Attributes{{ CRIAttributes }}
+ *  }
+ *
+ *  Attributes { ATTRIBUTE:IOSet } ::= SET OF Attribute{{ IOSet }}
+ *
+ *  Attribute { ATTRIBUTE:IOSet } ::= SEQUENCE {
+ *    type    ATTRIBUTE.&amp;id({IOSet}),
+ *    values  SET SIZE(1..MAX) OF ATTRIBUTE.&amp;Type({IOSet}{\@type})
+ *  }
+ * </pre>
+ * @deprecated use classes in org.bouncycastle.pkcs.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PKCS10CertificationRequest
+    extends CertificationRequest
+{
+    private static Hashtable            algorithms = new Hashtable();
+    private static Hashtable            params = new Hashtable();
+    private static Hashtable            keyAlgorithms = new Hashtable();
+    private static Hashtable            oids = new Hashtable();
+    private static Set                  noParams = new HashSet();
+
+    static
+    {
+        // Android-removed: Unsupported algorithms
+        // algorithms.put("MD2WITHRSAENCRYPTION", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"));
+        // algorithms.put("MD2WITHRSA", new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"));
+        // END Android-removed: Unsupported algorithms
+        algorithms.put("MD5WITHRSAENCRYPTION", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"));
+        algorithms.put("MD5WITHRSA", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"));
+        algorithms.put("RSAWITHMD5", new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"));
+        algorithms.put("SHA1WITHRSAENCRYPTION", new ASN1ObjectIdentifier("1.2.840.113549.1.1.5"));
+        algorithms.put("SHA1WITHRSA", new ASN1ObjectIdentifier("1.2.840.113549.1.1.5"));
+        algorithms.put("SHA224WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha224WithRSAEncryption);
+        algorithms.put("SHA224WITHRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption);
+        algorithms.put("SHA256WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha256WithRSAEncryption);
+        algorithms.put("SHA256WITHRSA", PKCSObjectIdentifiers.sha256WithRSAEncryption);
+        algorithms.put("SHA384WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha384WithRSAEncryption);
+        algorithms.put("SHA384WITHRSA", PKCSObjectIdentifiers.sha384WithRSAEncryption);
+        algorithms.put("SHA512WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha512WithRSAEncryption);
+        algorithms.put("SHA512WITHRSA", PKCSObjectIdentifiers.sha512WithRSAEncryption);
+        algorithms.put("SHA1WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
+        algorithms.put("SHA224WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
+        algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
+        algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
+        algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
+        algorithms.put("RSAWITHSHA1", new ASN1ObjectIdentifier("1.2.840.113549.1.1.5"));
+        // BEGIN Android-removed: Unsupported algorithms
+        // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
+        // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
+        // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
+        // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
+        // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
+        // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
+        // END Android-removed: Unsupported algorithms
+        algorithms.put("SHA1WITHDSA", new ASN1ObjectIdentifier("1.2.840.10040.4.3"));
+        algorithms.put("DSAWITHSHA1", new ASN1ObjectIdentifier("1.2.840.10040.4.3"));
+        algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224);
+        algorithms.put("SHA256WITHDSA", NISTObjectIdentifiers.dsa_with_sha256);
+        algorithms.put("SHA384WITHDSA", NISTObjectIdentifiers.dsa_with_sha384);
+        algorithms.put("SHA512WITHDSA", NISTObjectIdentifiers.dsa_with_sha512);
+        algorithms.put("SHA1WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA1);
+        algorithms.put("SHA224WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224);
+        algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256);
+        algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384);
+        algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512);
+        algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1);
+        // BEGIN Android-removed: Unsupported algorithms
+        // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
+        // algorithms.put("GOST3410WITHGOST3411", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
+        // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+        // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+        // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+        // END Android-removed: Unsupported algorithms
+
+        //
+        // reverse mappings
+        //
+        oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.5"), "SHA1WITHRSA");
+        oids.put(PKCSObjectIdentifiers.sha224WithRSAEncryption, "SHA224WITHRSA");
+        oids.put(PKCSObjectIdentifiers.sha256WithRSAEncryption, "SHA256WITHRSA");
+        oids.put(PKCSObjectIdentifiers.sha384WithRSAEncryption, "SHA384WITHRSA");
+        oids.put(PKCSObjectIdentifiers.sha512WithRSAEncryption, "SHA512WITHRSA");
+        // BEGIN Android-removed: Unsupported algorithms
+        // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94, "GOST3411WITHGOST3410");
+        // oids.put(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001, "GOST3411WITHECGOST3410");
+        // END Android-removed: Unsupported algorithms
+        
+        oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.4"), "MD5WITHRSA");
+        // BEGIN Android-removed: Unsupported algorithms
+        // oids.put(new ASN1ObjectIdentifier("1.2.840.113549.1.1.2"), "MD2WITHRSA");
+        // END Android-removed: Unsupported algorithms
+        oids.put(new ASN1ObjectIdentifier("1.2.840.10040.4.3"), "SHA1WITHDSA");
+        oids.put(X9ObjectIdentifiers.ecdsa_with_SHA1, "SHA1WITHECDSA");
+        oids.put(X9ObjectIdentifiers.ecdsa_with_SHA224, "SHA224WITHECDSA");
+        oids.put(X9ObjectIdentifiers.ecdsa_with_SHA256, "SHA256WITHECDSA");
+        oids.put(X9ObjectIdentifiers.ecdsa_with_SHA384, "SHA384WITHECDSA");
+        oids.put(X9ObjectIdentifiers.ecdsa_with_SHA512, "SHA512WITHECDSA");
+        oids.put(OIWObjectIdentifiers.sha1WithRSA, "SHA1WITHRSA");
+        oids.put(OIWObjectIdentifiers.dsaWithSHA1, "SHA1WITHDSA");
+        oids.put(NISTObjectIdentifiers.dsa_with_sha224, "SHA224WITHDSA");
+        oids.put(NISTObjectIdentifiers.dsa_with_sha256, "SHA256WITHDSA");
+        
+        //
+        // key types
+        //
+        keyAlgorithms.put(PKCSObjectIdentifiers.rsaEncryption, "RSA");
+        keyAlgorithms.put(X9ObjectIdentifiers.id_dsa, "DSA");
+        
+        //
+        // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field. 
+        // The parameters field SHALL be NULL for RSA based signature algorithms.
+        //
+        noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA1);
+        noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA224);
+        noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA256);
+        noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA384);
+        noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA512);
+        noParams.add(X9ObjectIdentifiers.id_dsa_with_sha1);
+        noParams.add(NISTObjectIdentifiers.dsa_with_sha224);
+        noParams.add(NISTObjectIdentifiers.dsa_with_sha256);
+
+        //
+        // RFC 4491
+        //
+        // BEGIN Android-removed: Unsupported algorithms
+        // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
+        // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+        // END Android-removed: Unsupported algorithms
+        //
+        // explicit params
+        //
+        AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE);
+        params.put("SHA1WITHRSAANDMGF1", creatPSSParams(sha1AlgId, 20));
+
+        AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, DERNull.INSTANCE);
+        params.put("SHA224WITHRSAANDMGF1", creatPSSParams(sha224AlgId, 28));
+
+        AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, DERNull.INSTANCE);
+        params.put("SHA256WITHRSAANDMGF1", creatPSSParams(sha256AlgId, 32));
+
+        AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha384, DERNull.INSTANCE);
+        params.put("SHA384WITHRSAANDMGF1", creatPSSParams(sha384AlgId, 48));
+
+        AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512, DERNull.INSTANCE);
+        params.put("SHA512WITHRSAANDMGF1", creatPSSParams(sha512AlgId, 64));
+    }
+
+    private static RSASSAPSSparams creatPSSParams(AlgorithmIdentifier hashAlgId, int saltSize)
+    {
+        return new RSASSAPSSparams(
+            hashAlgId,
+            new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, hashAlgId),
+            new ASN1Integer(saltSize),
+            new ASN1Integer(1));
+    }
+
+    private static ASN1Sequence toDERSequence(
+        byte[]  bytes)
+    {
+        try
+        {
+            ASN1InputStream         dIn = new ASN1InputStream(bytes);
+
+            return (ASN1Sequence)dIn.readObject();
+        }
+        catch (Exception e)
+        {
+            throw new IllegalArgumentException("badly encoded request");
+        }
+    }
+
+    /**
+     * construct a PKCS10 certification request from a DER encoded
+     * byte stream.
+     */
+    public PKCS10CertificationRequest(
+        byte[]  bytes)
+    {
+        super(toDERSequence(bytes));
+    }
+
+    public PKCS10CertificationRequest(
+        ASN1Sequence  sequence)
+    {
+        super(sequence);
+    }
+
+    /**
+     * create a PKCS10 certfication request using the BC provider.
+     */
+    public PKCS10CertificationRequest(
+        String              signatureAlgorithm,
+        X509Name            subject,
+        PublicKey           key,
+        ASN1Set             attributes,
+        PrivateKey          signingKey)
+        throws NoSuchAlgorithmException, NoSuchProviderException,
+                InvalidKeyException, SignatureException
+    {
+        this(signatureAlgorithm, subject, key, attributes, signingKey, BouncyCastleProvider.PROVIDER_NAME);
+    }
+
+    private static X509Name convertName(
+        X500Principal    name)
+    {
+        try
+        {
+            return new X509Principal(name.getEncoded());
+        }
+        catch (IOException e)
+        {
+            throw new IllegalArgumentException("can't convert name");
+        }
+    }
+    
+    /**
+     * create a PKCS10 certfication request using the BC provider.
+     */
+    public PKCS10CertificationRequest(
+        String              signatureAlgorithm,
+        X500Principal       subject,
+        PublicKey           key,
+        ASN1Set             attributes,
+        PrivateKey          signingKey)
+        throws NoSuchAlgorithmException, NoSuchProviderException,
+                InvalidKeyException, SignatureException
+    {
+        this(signatureAlgorithm, convertName(subject), key, attributes, signingKey, BouncyCastleProvider.PROVIDER_NAME);
+    }
+    
+    /**
+     * create a PKCS10 certfication request using the named provider.
+     */
+    public PKCS10CertificationRequest(
+        String              signatureAlgorithm,
+        X500Principal       subject,
+        PublicKey           key,
+        ASN1Set             attributes,
+        PrivateKey          signingKey,
+        String              provider)
+        throws NoSuchAlgorithmException, NoSuchProviderException,
+                InvalidKeyException, SignatureException
+    {
+        this(signatureAlgorithm, convertName(subject), key, attributes, signingKey, provider);
+    }
+    
+    /**
+     * create a PKCS10 certfication request using the named provider.
+     */
+    public PKCS10CertificationRequest(
+        String              signatureAlgorithm,
+        X509Name            subject,
+        PublicKey           key,
+        ASN1Set             attributes,
+        PrivateKey          signingKey,
+        String              provider)
+        throws NoSuchAlgorithmException, NoSuchProviderException,
+                InvalidKeyException, SignatureException
+    {
+        String algorithmName = Strings.toUpperCase(signatureAlgorithm);
+        ASN1ObjectIdentifier sigOID = (ASN1ObjectIdentifier)algorithms.get(algorithmName);
+
+        if (sigOID == null)
+        {
+            try
+            {
+                sigOID = new ASN1ObjectIdentifier(algorithmName);
+            }
+            catch (Exception e)
+            {
+                throw new IllegalArgumentException("Unknown signature type requested");
+            }
+        }
+
+        if (subject == null)
+        {
+            throw new IllegalArgumentException("subject must not be null");
+        }
+
+        if (key == null)
+        {
+            throw new IllegalArgumentException("public key must not be null");
+        }
+
+        if (noParams.contains(sigOID))
+        {
+            this.sigAlgId = new AlgorithmIdentifier(sigOID);
+        }
+        else if (params.containsKey(algorithmName))
+        {
+            this.sigAlgId = new AlgorithmIdentifier(sigOID, (ASN1Encodable)params.get(algorithmName));
+        }
+        else
+        {
+            this.sigAlgId = new AlgorithmIdentifier(sigOID, DERNull.INSTANCE);
+        }
+
+        try
+        {
+            ASN1Sequence seq = (ASN1Sequence)ASN1Primitive.fromByteArray(key.getEncoded());
+            this.reqInfo = new CertificationRequestInfo(subject, SubjectPublicKeyInfo.getInstance(seq), attributes);
+        }
+        catch (IOException e)
+        {
+            throw new IllegalArgumentException("can't encode public key");
+        }
+
+        Signature sig;
+        if (provider == null)
+        {
+            sig = Signature.getInstance(signatureAlgorithm);
+        }
+        else
+        {
+            sig = Signature.getInstance(signatureAlgorithm, provider);
+        }
+
+        sig.initSign(signingKey);
+
+        try
+        {
+            sig.update(reqInfo.getEncoded(ASN1Encoding.DER));
+        }
+        catch (Exception e)
+        {
+            throw new IllegalArgumentException("exception encoding TBS cert request - " + e);
+        }
+
+        this.sigBits = new DERBitString(sig.sign());
+    }
+
+    /**
+     * return the public key associated with the certification request -
+     * the public key is created using the BC provider.
+     */
+    public PublicKey getPublicKey()
+        throws NoSuchAlgorithmException, NoSuchProviderException, InvalidKeyException
+    {
+        return getPublicKey(BouncyCastleProvider.PROVIDER_NAME);
+    }
+
+    public PublicKey getPublicKey(
+        String  provider)
+        throws NoSuchAlgorithmException, NoSuchProviderException,
+                InvalidKeyException
+    {
+        SubjectPublicKeyInfo    subjectPKInfo = reqInfo.getSubjectPublicKeyInfo();
+
+        
+        try
+        {
+            X509EncodedKeySpec      xspec = new X509EncodedKeySpec(new DERBitString(subjectPKInfo).getOctets());
+            AlgorithmIdentifier     keyAlg = subjectPKInfo.getAlgorithm();
+            try
+            {
+                if (provider == null)
+                {
+                    return KeyFactory.getInstance(keyAlg.getAlgorithm().getId()).generatePublic(xspec);
+                }
+                else
+                {
+                    return KeyFactory.getInstance(keyAlg.getAlgorithm().getId(), provider).generatePublic(xspec);
+                }
+            }
+            catch (NoSuchAlgorithmException e)
+            {
+                //
+                // try an alternate
+                //
+                if (keyAlgorithms.get(keyAlg.getAlgorithm()) != null)
+                {
+                    String  keyAlgorithm = (String)keyAlgorithms.get(keyAlg.getAlgorithm());
+                    
+                    if (provider == null)
+                    {
+                        return KeyFactory.getInstance(keyAlgorithm).generatePublic(xspec);
+                    }
+                    else
+                    {
+                        return KeyFactory.getInstance(keyAlgorithm, provider).generatePublic(xspec);
+                    }
+                }
+                
+                throw e;
+            }
+        }
+        catch (InvalidKeySpecException e)
+        {
+            throw new InvalidKeyException("error decoding public key");
+        }
+        catch (IOException e)
+        {
+            throw new InvalidKeyException("error decoding public key");
+        }
+    }
+
+    /**
+     * verify the request using the BC provider.
+     */
+    public boolean verify()
+        throws NoSuchAlgorithmException, NoSuchProviderException,
+                InvalidKeyException, SignatureException
+    {
+        return verify(BouncyCastleProvider.PROVIDER_NAME);
+    }
+
+    /**
+     * verify the request using the passed in provider.
+     */
+    public boolean verify(
+        String provider)
+        throws NoSuchAlgorithmException, NoSuchProviderException,
+                InvalidKeyException, SignatureException
+    {
+        return verify(this.getPublicKey(provider), provider);
+    }
+
+    /**
+     * verify the request using the passed in public key and the provider..
+     */
+    public boolean verify(
+        PublicKey pubKey,
+        String provider)
+        throws NoSuchAlgorithmException, NoSuchProviderException,
+                InvalidKeyException, SignatureException
+    {
+        Signature   sig;
+
+        try
+        {
+            if (provider == null)
+            {
+                sig = Signature.getInstance(getSignatureName(sigAlgId));
+            }
+            else
+            {
+                sig = Signature.getInstance(getSignatureName(sigAlgId), provider);
+            }
+        }
+        catch (NoSuchAlgorithmException e)
+        {
+            //
+            // try an alternate
+            //
+            if (oids.get(sigAlgId.getAlgorithm()) != null)
+            {
+                String  signatureAlgorithm = (String)oids.get(sigAlgId.getAlgorithm());
+
+                if (provider == null)
+                {
+                    sig = Signature.getInstance(signatureAlgorithm);
+                }
+                else
+                {
+                    sig = Signature.getInstance(signatureAlgorithm, provider);
+                }
+            }
+            else
+            {
+                throw e;
+            }
+        }
+
+        setSignatureParameters(sig, sigAlgId.getParameters());
+        
+        sig.initVerify(pubKey);
+
+        try
+        {
+            sig.update(reqInfo.getEncoded(ASN1Encoding.DER));
+        }
+        catch (Exception e)
+        {
+            throw new SignatureException("exception encoding TBS cert request - " + e);
+        }
+
+        return sig.verify(sigBits.getOctets());
+    }
+
+    /**
+     * return a DER encoded byte array representing this object
+     */
+    public byte[] getEncoded()
+    {
+        try
+        {
+            return this.getEncoded(ASN1Encoding.DER);
+        }
+        catch (IOException e)
+        {
+            throw new RuntimeException(e.toString());
+        }
+    }
+
+    private void setSignatureParameters(
+        Signature signature,
+        ASN1Encodable params)
+        throws NoSuchAlgorithmException, SignatureException, InvalidKeyException
+    {
+        if (params != null && !DERNull.INSTANCE.equals(params))
+        {
+            AlgorithmParameters sigParams = AlgorithmParameters.getInstance(signature.getAlgorithm(), signature.getProvider());
+
+            try
+            {
+                sigParams.init(params.toASN1Primitive().getEncoded(ASN1Encoding.DER));
+            }
+            catch (IOException e)
+            {
+                throw new SignatureException("IOException decoding parameters: " + e.getMessage());
+            }
+
+            if (signature.getAlgorithm().endsWith("MGF1"))
+            {
+                try
+                {
+                    signature.setParameter(sigParams.getParameterSpec(PSSParameterSpec.class));
+                }
+                catch (GeneralSecurityException e)
+                {
+                    throw new SignatureException("Exception extracting parameters: " + e.getMessage());
+                }
+            }
+        }
+    }
+
+    static String getSignatureName(
+        AlgorithmIdentifier sigAlgId)
+    {
+        ASN1Encodable params = sigAlgId.getParameters();
+
+        if (params != null && !DERNull.INSTANCE.equals(params))
+        {
+            if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS))
+            {
+                RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params);
+                return getDigestAlgName(rsaParams.getHashAlgorithm().getAlgorithm()) + "withRSAandMGF1";
+            }
+        }
+
+        return sigAlgId.getAlgorithm().getId();
+    }
+
+    private static String getDigestAlgName(
+        ASN1ObjectIdentifier digestAlgOID)
+    {
+        if (PKCSObjectIdentifiers.md5.equals(digestAlgOID))
+        {
+            return "MD5";
+        }
+        else if (OIWObjectIdentifiers.idSHA1.equals(digestAlgOID))
+        {
+            return "SHA1";
+        }
+        else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID))
+        {
+            return "SHA224";
+        }
+        else if (NISTObjectIdentifiers.id_sha256.equals(digestAlgOID))
+        {
+            return "SHA256";
+        }
+        else if (NISTObjectIdentifiers.id_sha384.equals(digestAlgOID))
+        {
+            return "SHA384";
+        }
+        else if (NISTObjectIdentifiers.id_sha512.equals(digestAlgOID))
+        {
+            return "SHA512";
+        }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
+        {
+            return "RIPEMD128";
+        }
+        else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID))
+        {
+            return "RIPEMD160";
+        }
+        else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID))
+        {
+            return "RIPEMD256";
+        }
+        else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID))
+        {
+            return "GOST3411";
+        }
+        */
+        // END Android-removed: Unsupported algorithms
+        else
+        {
+            return digestAlgOID.getId();            
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/PrincipalUtil.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/PrincipalUtil.java
new file mode 100644
index 0000000..55a72e5
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/PrincipalUtil.java

@@ -0,0 +1,83 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce;
+
+import java.io.IOException;
+import java.security.cert.CRLException;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.X509CRL;
+import java.security.cert.X509Certificate;
+
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.x509.TBSCertList;
+import com.android.org.bouncycastle.asn1.x509.TBSCertificateStructure;
+import com.android.org.bouncycastle.asn1.x509.X509Name;
+
+/**
+ * a utility class that will extract X509Principal objects from X.509 certificates.
+ * <p>
+ * Use this in preference to trying to recreate a principal from a String, not all
+ * DNs are what they should be, so it's best to leave them encoded where they
+ * can be.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PrincipalUtil
+{
+    /**
+     * return the issuer of the given cert as an X509PrincipalObject.
+     */
+    public static X509Principal getIssuerX509Principal(
+        X509Certificate cert)
+        throws CertificateEncodingException
+    {
+        try
+        {
+            TBSCertificateStructure tbsCert = TBSCertificateStructure.getInstance(
+                    ASN1Primitive.fromByteArray(cert.getTBSCertificate()));
+
+            return new X509Principal(X509Name.getInstance(tbsCert.getIssuer()));
+        }
+        catch (IOException e)
+        {
+            throw new CertificateEncodingException(e.toString());
+        }
+    }
+
+    /**
+     * return the subject of the given cert as an X509PrincipalObject.
+     */
+    public static X509Principal getSubjectX509Principal(
+        X509Certificate cert)
+        throws CertificateEncodingException
+    {
+        try
+        {
+            TBSCertificateStructure tbsCert = TBSCertificateStructure.getInstance(
+                    ASN1Primitive.fromByteArray(cert.getTBSCertificate()));
+            return new X509Principal(X509Name.getInstance(tbsCert.getSubject()));
+        }
+        catch (IOException e)
+        {
+            throw new CertificateEncodingException(e.toString());
+        }
+    }
+    
+    /**
+     * return the issuer of the given CRL as an X509PrincipalObject.
+     */
+    public static X509Principal getIssuerX509Principal(
+        X509CRL crl)
+        throws CRLException
+    {
+        try
+        {
+            TBSCertList tbsCertList = TBSCertList.getInstance(
+                ASN1Primitive.fromByteArray(crl.getTBSCertList()));
+
+            return new X509Principal(X509Name.getInstance(tbsCertList.getIssuer()));
+        }
+        catch (IOException e)
+        {
+            throw new CRLException(e.toString());
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/X509Principal.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/X509Principal.java
new file mode 100644
index 0000000..49f22c4
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/X509Principal.java

@@ -0,0 +1,170 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce;
+
+import java.io.IOException;
+import java.security.Principal;
+import java.util.Hashtable;
+import java.util.Vector;
+
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1InputStream;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+import com.android.org.bouncycastle.asn1.x509.X509Name;
+
+/**
+ * a general extension of X509Name with a couple of extra methods and
+ * constructors.
+ * <p>
+ * Objects of this type can be created from certificates and CRLs using the
+ * PrincipalUtil class.
+ * </p>
+ * @see com.android.org.bouncycastle.jce.PrincipalUtil
+ * @deprecated use the X500Name class.
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public class X509Principal
+    extends X509Name
+    implements Principal
+{
+    private static ASN1Sequence readSequence(
+        ASN1InputStream aIn)
+        throws IOException
+    {
+        try
+        {
+            return ASN1Sequence.getInstance(aIn.readObject());
+        }
+        catch (IllegalArgumentException e)
+        {
+            throw new IOException("not an ASN.1 Sequence: " + e);
+        }
+    }
+
+    /**
+     * Constructor from an encoded byte array.
+     */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public X509Principal(
+        byte[]  bytes)
+        throws IOException
+    {
+        super(readSequence(new ASN1InputStream(bytes)));
+    }
+
+    /**
+     * Constructor from an X509Name object.
+     */
+    public X509Principal(
+        X509Name  name)
+    {
+        super((ASN1Sequence)name.toASN1Primitive());
+    }
+
+     /**
+     * Constructor from an X509Name object.
+     */
+    public X509Principal(
+        X500Name name)
+    {
+        super((ASN1Sequence)name.toASN1Primitive());
+    }
+
+    /**
+     * constructor from a table of attributes.
+     * <p>
+     * it's is assumed the table contains OID/String pairs.
+     */
+    public X509Principal(
+        Hashtable  attributes)
+    {
+        super(attributes);
+    }
+
+    /**
+     * constructor from a table of attributes and a vector giving the
+     * specific ordering required for encoding or conversion to a string.
+     * <p>
+     * it's is assumed the table contains OID/String pairs.
+     */
+    public X509Principal(
+        Vector      ordering,
+        Hashtable   attributes)
+    {
+        super(ordering, attributes);
+    }
+
+    /**
+     * constructor from a vector of attribute values and a vector of OIDs.
+     */
+    public X509Principal(
+        Vector      oids,
+        Vector      values)
+    {
+        super(oids, values);
+    }
+
+    /**
+     * takes an X509 dir name as a string of the format "C=AU,ST=Victoria", or
+     * some such, converting it into an ordered set of name attributes.
+     */
+    public X509Principal(
+        String  dirName)
+    {
+        super(dirName);
+    }
+
+    /**
+     * Takes an X509 dir name as a string of the format "C=AU,ST=Victoria", or
+     * some such, converting it into an ordered set of name attributes. If reverse
+     * is false the dir name will be encoded in the order of the (name, value) pairs 
+     * presented, otherwise the encoding will start with the last (name, value) pair
+     * and work back.
+     */
+    public X509Principal(
+        boolean reverse,
+        String  dirName)
+    {
+        super(reverse, dirName);
+    }
+
+    /**
+     * Takes an X509 dir name as a string of the format "C=AU, ST=Victoria", or
+     * some such, converting it into an ordered set of name attributes. lookUp 
+     * should provide a table of lookups, indexed by lowercase only strings and
+     * yielding a ASN1ObjectIdentifier, other than that OID. and numeric oids
+     * will be processed automatically.
+     * <p>
+     * If reverse is true, create the encoded version of the sequence starting
+     * from the last element in the string.
+     */
+    public X509Principal(
+        boolean     reverse,
+        Hashtable   lookUp,
+        String      dirName)
+    {
+        super(reverse, lookUp, dirName);
+    }
+
+    public String getName()
+    {
+        return this.toString();
+    }
+
+    /**
+     * return a DER encoded byte array representing this object
+     */
+    public byte[] getEncoded()
+    {
+        try
+        {
+            return this.getEncoded(ASN1Encoding.DER);
+        }
+        catch (IOException e)
+        {
+            throw new RuntimeException(e.toString());
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/exception/ExtCertPathBuilderException.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/exception/ExtCertPathBuilderException.java
new file mode 100644
index 0000000..ff98c51
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/exception/ExtCertPathBuilderException.java

@@ -0,0 +1,33 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.exception;
+
+import java.security.cert.CertPath;
+import java.security.cert.CertPathBuilderException;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ExtCertPathBuilderException
+    extends CertPathBuilderException
+    implements ExtException
+{
+    private Throwable cause;
+
+    public ExtCertPathBuilderException(String message, Throwable cause)
+    {
+        super(message);
+        this.cause = cause;
+    }
+
+    public ExtCertPathBuilderException(String msg, Throwable cause, 
+        CertPath certPath, int index)
+    {
+        super(msg, cause);
+        this.cause = cause;
+    }
+    
+    public Throwable getCause()
+    {
+        return cause;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/exception/ExtCertPathValidatorException.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/exception/ExtCertPathValidatorException.java
new file mode 100644
index 0000000..35d79dc
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/exception/ExtCertPathValidatorException.java

@@ -0,0 +1,34 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.exception;
+
+import java.security.cert.CertPath;
+import java.security.cert.CertPathValidatorException;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ExtCertPathValidatorException
+    extends CertPathValidatorException
+    implements ExtException
+{
+
+    private Throwable cause;
+
+    public ExtCertPathValidatorException(String message, Throwable cause)
+    {
+        super(message);
+        this.cause = cause;
+    }
+
+    public ExtCertPathValidatorException(String msg, Throwable cause, 
+        CertPath certPath, int index)
+    {
+        super(msg, cause, certPath, index);
+        this.cause = cause;
+    }
+    
+    public Throwable getCause()
+    {
+        return cause;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/exception/ExtException.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/exception/ExtException.java
new file mode 100644
index 0000000..97f3f87
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/exception/ExtException.java

@@ -0,0 +1,23 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.exception;
+
+/**
+ * 
+ * This is an extended exception. Java before version 1.4 did not offer the
+ * possibility the attach a cause to an exception. The cause of an exception is
+ * the <code>Throwable</code> object which was thrown and caused the
+ * exception. This interface must be implemented by all exceptions to accomplish
+ * this additional functionality.
+ * @hide This class is not part of the Android public SDK API
+ * 
+ */
+public interface ExtException
+{
+
+    /**
+     * Returns the cause of the exception.
+     * 
+     * @return The cause of the exception.
+     */
+    Throwable getCause();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/interfaces/BCKeyStore.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/interfaces/BCKeyStore.java
new file mode 100644
index 0000000..1b548d6
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/interfaces/BCKeyStore.java

@@ -0,0 +1,16 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.interfaces;
+
+import java.security.SecureRandom;
+
+/**
+ * all BC provider keystores implement this interface.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface BCKeyStore
+{
+    /**
+     * set the random source for the key store
+     */
+    public void setRandom(SecureRandom random);
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/interfaces/ECKey.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/interfaces/ECKey.java
new file mode 100644
index 0000000..ca3cbef
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/interfaces/ECKey.java

@@ -0,0 +1,17 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.interfaces;
+
+import com.android.org.bouncycastle.jce.spec.ECParameterSpec;
+
+/**
+ * generic interface for an Elliptic Curve Key.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface ECKey
+{
+    /**
+     * return a parameter specification representing the EC domain parameters
+     * for the key.
+     */
+    public ECParameterSpec getParameters();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/interfaces/ECPointEncoder.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/interfaces/ECPointEncoder.java
new file mode 100644
index 0000000..0bece7d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/interfaces/ECPointEncoder.java

@@ -0,0 +1,22 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.interfaces;
+
+/**
+ * All BC elliptic curve keys implement this interface. You need to
+ * cast the key to get access to it.
+ * <p>
+ * By default BC keys produce encodings without point compression,
+ * to turn this on call setPointFormat() with "COMPRESSED".
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface ECPointEncoder
+{
+    /**
+     * Set the formatting for encoding of points. If the String "UNCOMPRESSED" is passed
+     * in point compression will not be used. If the String "COMPRESSED" is passed point
+     * compression will be used. The default is "UNCOMPRESSED".
+     * 
+     * @param style the style to use.
+     */
+    public void setPointFormat(String style);
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/interfaces/ECPrivateKey.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/interfaces/ECPrivateKey.java
new file mode 100644
index 0000000..910b62c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/interfaces/ECPrivateKey.java

@@ -0,0 +1,18 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.interfaces;
+
+import java.math.BigInteger;
+import java.security.PrivateKey;
+
+/**
+ * interface for Elliptic Curve Private keys.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface ECPrivateKey
+    extends ECKey, PrivateKey
+{
+    /**
+     * return the private value D.
+     */
+    public BigInteger getD();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/interfaces/ECPublicKey.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/interfaces/ECPublicKey.java
new file mode 100644
index 0000000..f031ea1
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/interfaces/ECPublicKey.java

@@ -0,0 +1,19 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.interfaces;
+
+import java.security.PublicKey;
+
+import com.android.org.bouncycastle.math.ec.ECPoint;
+
+/**
+ * interface for elliptic curve public keys.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface ECPublicKey
+    extends ECKey, PublicKey
+{
+    /**
+     * return the public point Q
+     */
+    public ECPoint getQ();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/interfaces/PKCS12BagAttributeCarrier.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/interfaces/PKCS12BagAttributeCarrier.java
new file mode 100644
index 0000000..d05601a
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/interfaces/PKCS12BagAttributeCarrier.java

@@ -0,0 +1,23 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.interfaces;
+
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+
+/**
+ * allow us to set attributes on objects that can go into a PKCS12 store.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface PKCS12BagAttributeCarrier
+{
+    void setBagAttribute(
+        ASN1ObjectIdentifier oid,
+        ASN1Encodable attribute);
+
+    ASN1Encodable getBagAttribute(
+        ASN1ObjectIdentifier oid);
+
+    Enumeration getBagAttributeKeys();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/netscape/NetscapeCertRequest.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/netscape/NetscapeCertRequest.java
new file mode 100644
index 0000000..4f94334
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/netscape/NetscapeCertRequest.java

@@ -0,0 +1,303 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.netscape;
+
+import java.io.ByteArrayInputStream;
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.security.InvalidKeyException;
+import java.security.KeyFactory;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.SecureRandom;
+import java.security.Signature;
+import java.security.SignatureException;
+import java.security.spec.InvalidKeySpecException;
+import java.security.spec.X509EncodedKeySpec;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1InputStream;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.DERIA5String;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+
+/**
+ *
+ * 
+ * Handles NetScape certificate request (KEYGEN), these are constructed as:
+ * <pre>
+ *   SignedPublicKeyAndChallenge ::= SEQUENCE {
+ *     publicKeyAndChallenge    PublicKeyAndChallenge,
+ *     signatureAlgorithm       AlgorithmIdentifier,
+ *     signature                BIT STRING
+ *   }
+ * </pre>
+ *
+ * PublicKey's encoded-format has to be X.509.
+ * @hide This class is not part of the Android public SDK API
+ *
+ **/
+public class NetscapeCertRequest
+    extends ASN1Object
+{
+    AlgorithmIdentifier    sigAlg;
+    AlgorithmIdentifier    keyAlg;
+    byte        sigBits [];
+    String challenge;
+    DERBitString content;
+    PublicKey pubkey ;
+    
+    private static ASN1Sequence getReq(
+        byte[]  r)
+        throws IOException
+    {
+        ASN1InputStream aIn = new ASN1InputStream(new ByteArrayInputStream(r));
+
+        return ASN1Sequence.getInstance(aIn.readObject());
+    }
+
+    public NetscapeCertRequest(
+        byte[]  req)
+        throws IOException
+    {
+        this(getReq(req));
+    }
+
+    public NetscapeCertRequest (ASN1Sequence spkac)
+    {
+        try
+        {
+
+            //
+            // SignedPublicKeyAndChallenge ::= SEQUENCE {
+            //    publicKeyAndChallenge    PublicKeyAndChallenge,
+            //    signatureAlgorithm    AlgorithmIdentifier,
+            //    signature        BIT STRING
+            // }
+            //
+            if (spkac.size() != 3)
+            {
+                throw new IllegalArgumentException("invalid SPKAC (size):"
+                        + spkac.size());
+            }
+
+            sigAlg = AlgorithmIdentifier.getInstance(spkac.getObjectAt(1));
+            sigBits = ((DERBitString)spkac.getObjectAt(2)).getOctets();
+
+            //
+            // PublicKeyAndChallenge ::= SEQUENCE {
+            //    spki            SubjectPublicKeyInfo,
+            //    challenge        IA5STRING
+            // }
+            //
+            ASN1Sequence pkac = (ASN1Sequence)spkac.getObjectAt(0);
+
+            if (pkac.size() != 2)
+            {
+                throw new IllegalArgumentException("invalid PKAC (len): "
+                        + pkac.size());
+            }
+
+            challenge = ((DERIA5String)pkac.getObjectAt(1)).getString();
+
+            //this could be dangerous, as ASN.1 decoding/encoding
+            //could potentially alter the bytes
+            content = new DERBitString(pkac);
+
+            SubjectPublicKeyInfo pubkeyinfo = SubjectPublicKeyInfo.getInstance(pkac.getObjectAt(0));
+
+            X509EncodedKeySpec xspec = new X509EncodedKeySpec(new DERBitString(
+                    pubkeyinfo).getBytes());
+
+            keyAlg = pubkeyinfo.getAlgorithm();
+            pubkey = KeyFactory.getInstance(keyAlg.getAlgorithm().getId(), "BC")
+                    .generatePublic(xspec);
+
+        }
+        catch (Exception e)
+        {
+            throw new IllegalArgumentException(e.toString());
+        }
+    }
+
+    public NetscapeCertRequest(
+        String challenge,
+        AlgorithmIdentifier signing_alg,
+        PublicKey pub_key) throws NoSuchAlgorithmException,
+            InvalidKeySpecException, NoSuchProviderException
+    {
+
+        this.challenge = challenge;
+        sigAlg = signing_alg;
+        pubkey = pub_key;
+
+        ASN1EncodableVector content_der = new ASN1EncodableVector();
+        content_der.add(getKeySpec());
+        //content_der.add(new SubjectPublicKeyInfo(sigAlg, new RSAPublicKeyStructure(pubkey.getModulus(), pubkey.getPublicExponent()).getDERObject()));
+        content_der.add(new DERIA5String(challenge));
+
+        try
+        {
+            content = new DERBitString(new DERSequence(content_der));
+        }
+        catch (IOException e)
+        {
+            throw new InvalidKeySpecException("exception encoding key: " + e.toString());
+        }
+    }
+
+    public String getChallenge()
+    {
+        return challenge;
+    }
+
+    public void setChallenge(String value)
+    {
+        challenge = value;
+    }
+
+    public AlgorithmIdentifier getSigningAlgorithm()
+    {
+        return sigAlg;
+    }
+
+    public void setSigningAlgorithm(AlgorithmIdentifier value)
+    {
+        sigAlg = value;
+    }
+
+    public AlgorithmIdentifier getKeyAlgorithm()
+    {
+        return keyAlg;
+    }
+
+    public void setKeyAlgorithm(AlgorithmIdentifier value)
+    {
+        keyAlg = value;
+    }
+
+    public PublicKey getPublicKey()
+    {
+        return pubkey;
+    }
+
+    public void setPublicKey(PublicKey value)
+    {
+        pubkey = value;
+    }
+
+    public boolean verify(String challenge) throws NoSuchAlgorithmException,
+            InvalidKeyException, SignatureException, NoSuchProviderException
+    {
+        if (!challenge.equals(this.challenge))
+        {
+            return false;
+        }
+
+        //
+        // Verify the signature .. shows the response was generated
+        // by someone who knew the associated private key
+        //
+        Signature sig = Signature.getInstance(sigAlg.getAlgorithm().getId(),
+                "BC");
+        sig.initVerify(pubkey);
+        sig.update(content.getBytes());
+
+        return sig.verify(sigBits);
+    }
+
+    public void sign(PrivateKey priv_key) throws NoSuchAlgorithmException,
+            InvalidKeyException, SignatureException, NoSuchProviderException,
+            InvalidKeySpecException
+    {
+        sign(priv_key, null);
+    }
+
+    public void sign(PrivateKey priv_key, SecureRandom rand)
+            throws NoSuchAlgorithmException, InvalidKeyException,
+            SignatureException, NoSuchProviderException,
+            InvalidKeySpecException
+    {
+        Signature sig = Signature.getInstance(sigAlg.getAlgorithm().getId(),
+                "BC");
+
+        if (rand != null)
+        {
+            sig.initSign(priv_key, rand);
+        }
+        else
+        {
+            sig.initSign(priv_key);
+        }
+
+        ASN1EncodableVector pkac = new ASN1EncodableVector();
+
+        pkac.add(getKeySpec());
+        pkac.add(new DERIA5String(challenge));
+
+        try
+        {
+            sig.update(new DERSequence(pkac).getEncoded(ASN1Encoding.DER));
+        }
+        catch (IOException ioe)
+        {
+            throw new SignatureException(ioe.getMessage());
+        }
+
+        sigBits = sig.sign();
+    }
+
+    private ASN1Primitive getKeySpec() throws NoSuchAlgorithmException,
+            InvalidKeySpecException, NoSuchProviderException
+    {
+        ByteArrayOutputStream baos = new ByteArrayOutputStream();
+
+        ASN1Primitive obj = null;
+        try
+        {
+
+            baos.write(pubkey.getEncoded());
+            baos.close();
+
+            ASN1InputStream derin = new ASN1InputStream(
+                    new ByteArrayInputStream(baos.toByteArray()));
+
+            obj = derin.readObject();
+        }
+        catch (IOException ioe)
+        {
+            throw new InvalidKeySpecException(ioe.getMessage());
+        }
+        return obj;
+    }
+
+    public ASN1Primitive toASN1Primitive()
+    {
+        ASN1EncodableVector spkac = new ASN1EncodableVector();
+        ASN1EncodableVector pkac = new ASN1EncodableVector();
+
+        try
+        {
+            pkac.add(getKeySpec());
+        }
+        catch (Exception e)
+        {
+            //ignore
+        }
+
+        pkac.add(new DERIA5String(challenge));
+
+        spkac.add(new DERSequence(pkac));
+        spkac.add(sigAlg);
+        spkac.add(new DERBitString(sigBits));
+
+        return new DERSequence(spkac);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/AnnotatedException.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/AnnotatedException.java
new file mode 100644
index 0000000..c661c89
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/AnnotatedException.java

@@ -0,0 +1,36 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import com.android.org.bouncycastle.jce.exception.ExtException;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class AnnotatedException
+    extends Exception
+    implements ExtException
+{
+    private Throwable _underlyingException;
+
+    public AnnotatedException(String string, Throwable e)
+    {
+        super(string);
+
+        _underlyingException = e;
+    }
+
+    public AnnotatedException(String string)
+    {
+        this(string, null);
+    }
+
+    Throwable getUnderlyingException()
+    {
+        return _underlyingException;
+    }
+
+    public Throwable getCause()
+    {
+        return _underlyingException;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/BouncyCastleProvider.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/BouncyCastleProvider.java
new file mode 100644
index 0000000..585cab6
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/BouncyCastleProvider.java

@@ -0,0 +1,366 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import java.io.IOException;
+import java.security.AccessController;
+import java.security.PrivateKey;
+import java.security.PrivilegedAction;
+import java.security.Provider;
+import java.security.PublicKey;
+import java.util.HashMap;
+import java.util.Iterator;
+import java.util.Map;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+import com.android.org.bouncycastle.jcajce.provider.config.ProviderConfiguration;
+import com.android.org.bouncycastle.jcajce.provider.symmetric.util.ClassUtil;
+import com.android.org.bouncycastle.jcajce.provider.util.AlgorithmProvider;
+import com.android.org.bouncycastle.jcajce.provider.util.AsymmetricKeyInfoConverter;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.pqc.asn1.PQCObjectIdentifiers;
+// import org.bouncycastle.pqc.jcajce.provider.mceliece.McElieceCCA2KeyFactorySpi;
+// import org.bouncycastle.pqc.jcajce.provider.mceliece.McElieceKeyFactorySpi;
+// import org.bouncycastle.pqc.jcajce.provider.newhope.NHKeyFactorySpi;
+// import org.bouncycastle.pqc.jcajce.provider.qtesla.QTESLAKeyFactorySpi;
+// import org.bouncycastle.pqc.jcajce.provider.rainbow.RainbowKeyFactorySpi;
+// import org.bouncycastle.pqc.jcajce.provider.sphincs.Sphincs256KeyFactorySpi;
+// import org.bouncycastle.pqc.jcajce.provider.xmss.XMSSKeyFactorySpi;
+// import org.bouncycastle.pqc.jcajce.provider.xmss.XMSSMTKeyFactorySpi;
+
+/**
+ * To add the provider at runtime use:
+ * <pre>
+ * import java.security.Security;
+ * import org.bouncycastle.jce.provider.BouncyCastleProvider;
+ *
+ * Security.addProvider(new BouncyCastleProvider());
+ * </pre>
+ * The provider can also be configured as part of your environment via
+ * static registration by adding an entry to the java.security properties
+ * file (found in $JAVA_HOME/jre/lib/security/java.security, where
+ * $JAVA_HOME is the location of your JDK/JRE distribution). You'll find
+ * detailed instructions in the file but basically it comes down to adding
+ * a line:
+ * <pre>
+ * <code>
+ *    security.provider.&lt;n&gt;=org.bouncycastle.jce.provider.BouncyCastleProvider
+ * </code>
+ * </pre>
+ * Where &lt;n&gt; is the preference you want the provider at (1 being the
+ * most preferred).
+ * <p>Note: JCE algorithm names should be upper-case only so the case insensitive
+ * test for getInstance works.
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public final class BouncyCastleProvider extends Provider
+    implements ConfigurableProvider
+{
+    private static String info = "BouncyCastle Security Provider v1.61";
+
+    public static final String PROVIDER_NAME = "BC";
+
+    public static final ProviderConfiguration CONFIGURATION = new BouncyCastleProviderConfiguration();
+
+    private static final Map keyInfoConverters = new HashMap();
+
+    /*
+     * Configurable symmetric ciphers
+     */
+    private static final String SYMMETRIC_PACKAGE = "com.android.org.bouncycastle.jcajce.provider.symmetric.";
+
+    private static final String[] SYMMETRIC_GENERIC =
+    {
+        // Android-changed: Remove unsupported algorithms, add our own version of PBEv2 AlgParams
+        // "PBEPBKDF1", "PBEPBKDF2", "PBEPKCS12", "TLSKDF", "SCRYPT"
+        "PBEPBKDF2", "PBEPKCS12", "PBES2AlgorithmParameters"
+    };
+
+    private static final String[] SYMMETRIC_MACS =
+    {
+        // Android-removed: Unsupported algorithms
+        // "SipHash", "Poly1305"
+    };
+
+    private static final String[] SYMMETRIC_CIPHERS =
+    {
+        // Android-changed: Unsupported algorithms
+        // "AES", "ARC4", "ARIA", "Blowfish", "Camellia", "CAST5", "CAST6", "ChaCha", "DES", "DESede",
+        // "GOST28147", "Grainv1", "Grain128", "HC128", "HC256", "IDEA", "Noekeon", "RC2", "RC5",
+        // "RC6", "Rijndael", "Salsa20", "SEED", "Serpent", "Shacal2", "Skipjack", "SM4", "TEA", "Twofish", "Threefish",
+        // "VMPC", "VMPCKSA3", "XTEA", "XSalsa20", "OpenSSLPBKDF", "DSTU7624", "GOST3412_2015"
+        "AES", "ARC4", "Blowfish", "DES", "DESede", "RC2", "Twofish",
+    };
+
+     /*
+     * Configurable asymmetric ciphers
+     */
+    private static final String ASYMMETRIC_PACKAGE = "com.android.org.bouncycastle.jcajce.provider.asymmetric.";
+
+    // this one is required for GNU class path - it needs to be loaded first as the
+    // later ones configure it.
+    private static final String[] ASYMMETRIC_GENERIC =
+    {
+        // Android-changed: Unsupported algorithms
+        // "X509", "IES"
+        "X509"
+    };
+
+    private static final String[] ASYMMETRIC_CIPHERS =
+    {
+        // Android-changed: Unsupported algorithms
+        // "DSA", "DH", "EC", "RSA", "GOST", "ECGOST", "ElGamal", "DSTU4145", "GM", "EdEC"
+        "DSA", "DH", "EC", "RSA",
+    };
+
+    /*
+     * Configurable digests
+     */
+    private static final String DIGEST_PACKAGE = "com.android.org.bouncycastle.jcajce.provider.digest.";
+    private static final String[] DIGESTS =
+    {
+        // Android-changed: Unsupported algorithms
+        // "GOST3411", "Keccak", "MD2", "MD4", "MD5", "SHA1", "RIPEMD128", "RIPEMD160", "RIPEMD256", "RIPEMD320", "SHA224",
+        // "SHA256", "SHA384", "SHA512", "SHA3", "Skein", "SM3", "Tiger", "Whirlpool", "Blake2b", "Blake2s", "DSTU7564"
+        "MD5", "SHA1", "SHA224", "SHA256", "SHA384", "SHA512",
+    };
+
+    /*
+     * Configurable keystores
+     */
+    private static final String KEYSTORE_PACKAGE = "com.android.org.bouncycastle.jcajce.provider.keystore.";
+    private static final String[] KEYSTORES =
+    {
+        "BC", "BCFKS", "PKCS12"
+    };
+
+    // Android-removed: Unsupported algorithms
+    // /*
+    //  * Configurable secure random
+    //  */
+    // private static final String SECURE_RANDOM_PACKAGE = "org.bouncycastle.jcajce.provider.drbg.";
+    // private static final String[] SECURE_RANDOMS =
+    // {
+    //     "DRBG"
+    // };
+
+    /**
+     * Construct a new provider.  This should only be required when
+     * using runtime registration of the provider using the
+     * <code>Security.addProvider()</code> mechanism.
+     */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public BouncyCastleProvider()
+    {
+        super(PROVIDER_NAME, 1.61, info);
+
+        AccessController.doPrivileged(new PrivilegedAction()
+        {
+            public Object run()
+            {
+                setup();
+                return null;
+            }
+        });
+    }
+
+    private void setup()
+    {
+        loadAlgorithms(DIGEST_PACKAGE, DIGESTS);
+
+        loadAlgorithms(SYMMETRIC_PACKAGE, SYMMETRIC_GENERIC);
+
+        loadAlgorithms(SYMMETRIC_PACKAGE, SYMMETRIC_MACS);
+
+        loadAlgorithms(SYMMETRIC_PACKAGE, SYMMETRIC_CIPHERS);
+
+        loadAlgorithms(ASYMMETRIC_PACKAGE, ASYMMETRIC_GENERIC);
+
+        loadAlgorithms(ASYMMETRIC_PACKAGE, ASYMMETRIC_CIPHERS);
+
+        loadAlgorithms(KEYSTORE_PACKAGE, KEYSTORES);
+
+        // Android-removed: Unsupported algorithms
+        /*
+        loadAlgorithms(SECURE_RANDOM_PACKAGE, SECURE_RANDOMS);
+
+        loadPQCKeys();  // so we can handle certificates containing them.
+        //
+        // X509Store
+        //
+        put("X509Store.CERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertCollection");
+        put("X509Store.ATTRIBUTECERTIFICATE/COLLECTION", "org.bouncycastle.jce.provider.X509StoreAttrCertCollection");
+        put("X509Store.CRL/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCRLCollection");
+        put("X509Store.CERTIFICATEPAIR/COLLECTION", "org.bouncycastle.jce.provider.X509StoreCertPairCollection");
+
+        put("X509Store.CERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCerts");
+        put("X509Store.CRL/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCRLs");
+        put("X509Store.ATTRIBUTECERTIFICATE/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPAttrCerts");
+        put("X509Store.CERTIFICATEPAIR/LDAP", "org.bouncycastle.jce.provider.X509StoreLDAPCertPairs");
+        
+        //
+        // X509StreamParser
+        //
+        put("X509StreamParser.CERTIFICATE", "org.bouncycastle.jce.provider.X509CertParser");
+        put("X509StreamParser.ATTRIBUTECERTIFICATE", "org.bouncycastle.jce.provider.X509AttrCertParser");
+        put("X509StreamParser.CRL", "org.bouncycastle.jce.provider.X509CRLParser");
+        put("X509StreamParser.CERTIFICATEPAIR", "org.bouncycastle.jce.provider.X509CertPairParser");
+
+        //
+        // cipher engines
+        //
+        put("Cipher.BROKENPBEWITHMD5ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithMD5AndDES");
+
+        put("Cipher.BROKENPBEWITHSHA1ANDDES", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$BrokePBEWithSHA1AndDES");
+
+
+        put("Cipher.OLDPBEWITHSHAANDTWOFISH-CBC", "org.bouncycastle.jce.provider.BrokenJCEBlockCipher$OldPBEWithSHAAndTwofish");
+
+        // Certification Path API
+        put("CertPathValidator.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathValidatorSpi");
+        put("CertPathBuilder.RFC3281", "org.bouncycastle.jce.provider.PKIXAttrCertPathBuilderSpi");
+        put("CertPathValidator.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi");
+        put("CertPathBuilder.RFC3280", "org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi");
+        */
+        // END Android-removed: Unsupported algorithms
+        put("CertPathValidator.PKIX", "com.android.org.bouncycastle.jce.provider.PKIXCertPathValidatorSpi");
+        put("CertPathBuilder.PKIX", "com.android.org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi");
+        put("CertStore.Collection", "com.android.org.bouncycastle.jce.provider.CertStoreCollectionSpi");
+        // BEGIN Android-removed: Unsupported algorithms
+        // put("CertStore.LDAP", "org.bouncycastle.jce.provider.X509LDAPCertStoreSpi");
+        // put("CertStore.Multi", "org.bouncycastle.jce.provider.MultiCertStoreSpi");
+        // put("Alg.Alias.CertStore.X509LDAP", "LDAP");
+        // END Android-removed: Unsupported algorithms
+    }
+
+    private void loadAlgorithms(String packageName, String[] names)
+    {
+        for (int i = 0; i != names.length; i++)
+        {
+            Class clazz = ClassUtil.loadClass(BouncyCastleProvider.class, packageName + names[i] + "$Mappings");
+
+            if (clazz != null)
+            {
+                try
+                {
+                    ((AlgorithmProvider)clazz.newInstance()).configure(this);
+                }
+                catch (Exception e)
+                {   // this should never ever happen!!
+                    throw new InternalError("cannot create instance of "
+                        + packageName + names[i] + "$Mappings : " + e);
+                }
+            }
+        }
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    private void loadPQCKeys()
+    {
+        addKeyInfoConverter(PQCObjectIdentifiers.sphincs256, new Sphincs256KeyFactorySpi());
+        addKeyInfoConverter(PQCObjectIdentifiers.newHope, new NHKeyFactorySpi());
+        addKeyInfoConverter(PQCObjectIdentifiers.xmss, new XMSSKeyFactorySpi());
+        addKeyInfoConverter(PQCObjectIdentifiers.xmss_mt, new XMSSMTKeyFactorySpi());
+        addKeyInfoConverter(PQCObjectIdentifiers.mcEliece, new McElieceKeyFactorySpi());
+        addKeyInfoConverter(PQCObjectIdentifiers.mcElieceCca2, new McElieceCCA2KeyFactorySpi());
+        addKeyInfoConverter(PQCObjectIdentifiers.rainbow, new RainbowKeyFactorySpi());
+        addKeyInfoConverter(PQCObjectIdentifiers.qTESLA_I, new QTESLAKeyFactorySpi());
+        addKeyInfoConverter(PQCObjectIdentifiers.qTESLA_III_size, new QTESLAKeyFactorySpi());
+        addKeyInfoConverter(PQCObjectIdentifiers.qTESLA_III_speed, new QTESLAKeyFactorySpi());
+        addKeyInfoConverter(PQCObjectIdentifiers.qTESLA_p_I, new QTESLAKeyFactorySpi());
+        addKeyInfoConverter(PQCObjectIdentifiers.qTESLA_p_III, new QTESLAKeyFactorySpi());
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    public void setParameter(String parameterName, Object parameter)
+    {
+        synchronized (CONFIGURATION)
+        {
+            ((BouncyCastleProviderConfiguration)CONFIGURATION).setParameter(parameterName, parameter);
+        }
+    }
+
+    public boolean hasAlgorithm(String type, String name)
+    {
+        return containsKey(type + "." + name) || containsKey("Alg.Alias." + type + "." + name);
+    }
+
+    public void addAlgorithm(String key, String value)
+    {
+        if (containsKey(key))
+        {
+            throw new IllegalStateException("duplicate provider key (" + key + ") found");
+        }
+
+        put(key, value);
+    }
+
+    public void addAlgorithm(String type, ASN1ObjectIdentifier oid, String className)
+    {
+        addAlgorithm(type + "." + oid, className);
+        addAlgorithm(type + ".OID." + oid, className);
+    }
+
+    public void addKeyInfoConverter(ASN1ObjectIdentifier oid, AsymmetricKeyInfoConverter keyInfoConverter)
+    {
+        synchronized (keyInfoConverters)
+        {
+            keyInfoConverters.put(oid, keyInfoConverter);
+        }
+    }
+
+    public void addAttributes(String key, Map<String, String> attributeMap)
+    {
+        for (Iterator it = attributeMap.keySet().iterator(); it.hasNext();)
+        {
+            String attributeName = (String)it.next();
+            String attributeKey = key + " " + attributeName;
+            if (containsKey(attributeKey))
+            {
+                throw new IllegalStateException("duplicate provider attribute key (" + attributeKey + ") found");
+            }
+
+            put(attributeKey, attributeMap.get(attributeName));
+        }
+    }
+
+    private static AsymmetricKeyInfoConverter getAsymmetricKeyInfoConverter(ASN1ObjectIdentifier algorithm)
+    {
+        synchronized (keyInfoConverters)
+        {
+            return (AsymmetricKeyInfoConverter)keyInfoConverters.get(algorithm);
+        }
+    }
+
+    public static PublicKey getPublicKey(SubjectPublicKeyInfo publicKeyInfo)
+        throws IOException
+    {
+        AsymmetricKeyInfoConverter converter = getAsymmetricKeyInfoConverter(publicKeyInfo.getAlgorithm().getAlgorithm());
+
+        if (converter == null)
+        {
+            return null;
+        }
+
+        return converter.generatePublic(publicKeyInfo);
+    }
+
+    public static PrivateKey getPrivateKey(PrivateKeyInfo privateKeyInfo)
+        throws IOException
+    {
+        AsymmetricKeyInfoConverter converter = getAsymmetricKeyInfoConverter(privateKeyInfo.getPrivateKeyAlgorithm().getAlgorithm());
+
+        if (converter == null)
+        {
+            return null;
+        }
+
+        return converter.generatePrivate(privateKeyInfo);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/BouncyCastleProviderConfiguration.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/BouncyCastleProviderConfiguration.java
new file mode 100644
index 0000000..640cc47
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/BouncyCastleProviderConfiguration.java

@@ -0,0 +1,229 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import java.security.Permission;
+import java.security.spec.DSAParameterSpec;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+
+import javax.crypto.spec.DHParameterSpec;
+
+import com.android.org.bouncycastle.crypto.CryptoServicesRegistrar;
+import com.android.org.bouncycastle.crypto.params.DHParameters;
+import com.android.org.bouncycastle.crypto.params.DSAParameters;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
+import com.android.org.bouncycastle.jcajce.provider.config.ConfigurableProvider;
+import com.android.org.bouncycastle.jcajce.provider.config.ProviderConfiguration;
+import com.android.org.bouncycastle.jcajce.provider.config.ProviderConfigurationPermission;
+import com.android.org.bouncycastle.jcajce.spec.DHDomainParameterSpec;
+import com.android.org.bouncycastle.jce.spec.ECParameterSpec;
+
+class BouncyCastleProviderConfiguration
+    implements ProviderConfiguration
+{
+    private static Permission BC_EC_LOCAL_PERMISSION = new ProviderConfigurationPermission(
+        BouncyCastleProvider.PROVIDER_NAME, ConfigurableProvider.THREAD_LOCAL_EC_IMPLICITLY_CA);
+    private static Permission BC_EC_PERMISSION = new ProviderConfigurationPermission(
+        BouncyCastleProvider.PROVIDER_NAME, ConfigurableProvider.EC_IMPLICITLY_CA);
+    private static Permission BC_DH_LOCAL_PERMISSION = new ProviderConfigurationPermission(
+        BouncyCastleProvider.PROVIDER_NAME, ConfigurableProvider.THREAD_LOCAL_DH_DEFAULT_PARAMS);
+    private static Permission BC_DH_PERMISSION = new ProviderConfigurationPermission(
+        BouncyCastleProvider.PROVIDER_NAME, ConfigurableProvider.DH_DEFAULT_PARAMS);
+    private static Permission BC_EC_CURVE_PERMISSION = new ProviderConfigurationPermission(
+        BouncyCastleProvider.PROVIDER_NAME, ConfigurableProvider.ACCEPTABLE_EC_CURVES);
+    private static Permission BC_ADDITIONAL_EC_CURVE_PERMISSION = new ProviderConfigurationPermission(
+        BouncyCastleProvider.PROVIDER_NAME, ConfigurableProvider.ADDITIONAL_EC_PARAMETERS);
+
+    private ThreadLocal ecThreadSpec = new ThreadLocal();
+    private ThreadLocal dhThreadSpec = new ThreadLocal();
+
+    private volatile ECParameterSpec ecImplicitCaParams;
+    private volatile Object dhDefaultParams;
+    private volatile Set acceptableNamedCurves = new HashSet();
+    private volatile Map additionalECParameters = new HashMap();
+
+    void setParameter(String parameterName, Object parameter)
+    {
+        SecurityManager securityManager = System.getSecurityManager();
+
+        if (parameterName.equals(ConfigurableProvider.THREAD_LOCAL_EC_IMPLICITLY_CA))
+        {
+            ECParameterSpec curveSpec;
+
+            if (securityManager != null)
+            {
+                securityManager.checkPermission(BC_EC_LOCAL_PERMISSION);
+            }
+
+            if (parameter instanceof ECParameterSpec || parameter == null)
+            {
+                curveSpec = (ECParameterSpec)parameter;
+            }
+            else  // assume java.security.spec
+            {
+                curveSpec = EC5Util.convertSpec((java.security.spec.ECParameterSpec)parameter, false);
+            }
+
+            if (curveSpec == null)
+            {
+                ecThreadSpec.remove();
+            }
+            else
+            {
+                ecThreadSpec.set(curveSpec);
+            }
+        }
+        else if (parameterName.equals(ConfigurableProvider.EC_IMPLICITLY_CA))
+        {
+            if (securityManager != null)
+            {
+                securityManager.checkPermission(BC_EC_PERMISSION);
+            }
+
+            if (parameter instanceof ECParameterSpec || parameter == null)
+            {
+                ecImplicitCaParams = (ECParameterSpec)parameter;
+            }
+            else  // assume java.security.spec
+            {
+                ecImplicitCaParams = EC5Util.convertSpec((java.security.spec.ECParameterSpec)parameter, false);
+            }
+        }
+        else if (parameterName.equals(ConfigurableProvider.THREAD_LOCAL_DH_DEFAULT_PARAMS))
+        {
+            Object dhSpec;
+
+            if (securityManager != null)
+            {
+                securityManager.checkPermission(BC_DH_LOCAL_PERMISSION);
+            }
+
+            if (parameter instanceof DHParameterSpec || parameter instanceof DHParameterSpec[] || parameter == null)
+            {
+                dhSpec = parameter;
+            }
+            else
+            {
+                throw new IllegalArgumentException("not a valid DHParameterSpec");
+            }
+
+            if (dhSpec == null)
+            {
+                dhThreadSpec.remove();
+            }
+            else
+            {
+                dhThreadSpec.set(dhSpec);
+            }
+        }
+        else if (parameterName.equals(ConfigurableProvider.DH_DEFAULT_PARAMS))
+        {
+            if (securityManager != null)
+            {
+                securityManager.checkPermission(BC_DH_PERMISSION);
+            }
+
+            if (parameter instanceof DHParameterSpec || parameter instanceof DHParameterSpec[] || parameter == null)
+            {
+                dhDefaultParams = parameter;
+            }
+            else
+            {
+                throw new IllegalArgumentException("not a valid DHParameterSpec or DHParameterSpec[]");
+            }
+        }
+        else if (parameterName.equals(ConfigurableProvider.ACCEPTABLE_EC_CURVES))
+        {
+            if (securityManager != null)
+            {
+                securityManager.checkPermission(BC_EC_CURVE_PERMISSION);
+            }
+
+            this.acceptableNamedCurves = (Set)parameter;
+        }
+        else if (parameterName.equals(ConfigurableProvider.ADDITIONAL_EC_PARAMETERS))
+        {
+            if (securityManager != null)
+            {
+                securityManager.checkPermission(BC_ADDITIONAL_EC_CURVE_PERMISSION);
+            }
+
+            this.additionalECParameters = (Map)parameter;
+        }
+    }
+
+    public ECParameterSpec getEcImplicitlyCa()
+    {
+        ECParameterSpec spec = (ECParameterSpec)ecThreadSpec.get();
+
+        if (spec != null)
+        {
+            return spec;
+        }
+
+        return ecImplicitCaParams;
+    }
+
+    public DHParameterSpec getDHDefaultParameters(int keySize)
+    {
+        Object params = dhThreadSpec.get();
+        if (params == null)
+        {
+            params = dhDefaultParams;
+        }
+
+        if (params instanceof DHParameterSpec)
+        {
+            DHParameterSpec spec = (DHParameterSpec)params;
+
+            if (spec.getP().bitLength() == keySize)
+            {
+                return spec;
+            }
+        }
+        else if (params instanceof DHParameterSpec[])
+        {
+            DHParameterSpec[] specs = (DHParameterSpec[])params;
+
+            for (int i = 0; i != specs.length; i++)
+            {
+                if (specs[i].getP().bitLength() == keySize)
+                {
+                    return specs[i];
+                }
+            }
+        }
+
+        DHParameters dhParams = CryptoServicesRegistrar.getSizedProperty(CryptoServicesRegistrar.Property.DH_DEFAULT_PARAMS, keySize);
+        if (dhParams != null)
+        {
+            return new DHDomainParameterSpec(dhParams);
+        }
+
+        return null;
+    }
+
+    public DSAParameterSpec getDSADefaultParameters(int keySize)
+    {
+        DSAParameters dsaParams = CryptoServicesRegistrar.getSizedProperty(CryptoServicesRegistrar.Property.DSA_DEFAULT_PARAMS, keySize);
+        if (dsaParams != null)
+        {
+            return new DSAParameterSpec(dsaParams.getP(), dsaParams.getQ(), dsaParams.getG());
+        }
+
+        return null;
+    }
+
+    public Set getAcceptableNamedCurves()
+    {
+        return Collections.unmodifiableSet(acceptableNamedCurves);
+    }
+
+    public Map getAdditionalECParameters()
+    {
+        return Collections.unmodifiableMap(additionalECParameters);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/CertBlacklist.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/CertBlacklist.java
new file mode 100644
index 0000000..3a3d53e
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/CertBlacklist.java

@@ -0,0 +1,237 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+/*
+ * Copyright (C) 2012 The Android Open Source Project
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+package com.android.org.bouncycastle.jce.provider;
+
+import java.io.Closeable;
+import java.io.ByteArrayOutputStream;
+import java.io.FileNotFoundException;
+import java.io.IOException;
+import java.io.RandomAccessFile;
+import java.math.BigInteger;
+import java.security.PublicKey;
+import java.util.Arrays;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Set;
+import java.util.logging.Level;
+import java.util.logging.Logger;
+import com.android.org.bouncycastle.crypto.Digest;
+import com.android.org.bouncycastle.crypto.digests.AndroidDigestFactory;
+import com.android.org.bouncycastle.util.encoders.Hex;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class CertBlacklist {
+    private static final Logger logger = Logger.getLogger(CertBlacklist.class.getName());
+
+    // public for testing
+    public final Set<BigInteger> serialBlacklist;
+    public final Set<byte[]> pubkeyBlacklist;
+
+    public CertBlacklist() {
+        String androidData = System.getenv("ANDROID_DATA");
+        String blacklistRoot = androidData + "/misc/keychain/";
+        String defaultPubkeyBlacklistPath = blacklistRoot + "pubkey_blacklist.txt";
+        String defaultSerialBlacklistPath = blacklistRoot + "serial_blacklist.txt";
+
+        pubkeyBlacklist = readPublicKeyBlackList(defaultPubkeyBlacklistPath);
+        serialBlacklist = readSerialBlackList(defaultSerialBlacklistPath);
+    }
+
+    /** Test only interface, not for public use */
+    public CertBlacklist(String pubkeyBlacklistPath, String serialBlacklistPath) {
+        pubkeyBlacklist = readPublicKeyBlackList(pubkeyBlacklistPath);
+        serialBlacklist = readSerialBlackList(serialBlacklistPath);
+    }
+
+    private static boolean isHex(String value) {
+        try {
+            new BigInteger(value, 16);
+            return true;
+        } catch (NumberFormatException e) {
+            logger.log(Level.WARNING, "Could not parse hex value " + value, e);
+            return false;
+        }
+    }
+
+    private static boolean isPubkeyHash(String value) {
+        if (value.length() != 40) {
+            logger.log(Level.WARNING, "Invalid pubkey hash length: " + value.length());
+            return false;
+        }
+        return isHex(value);
+    }
+
+    private static String readBlacklist(String path) {
+        try {
+            return readFileAsString(path);
+        } catch (FileNotFoundException ignored) {
+        } catch (IOException e) {
+            logger.log(Level.WARNING, "Could not read blacklist", e);
+        }
+        return "";
+    }
+
+    // From IoUtils.readFileAsString
+    private static String readFileAsString(String path) throws IOException {
+        return readFileAsBytes(path).toString("UTF-8");
+    }
+
+    // Based on IoUtils.readFileAsBytes
+    private static ByteArrayOutputStream readFileAsBytes(String path) throws IOException {
+        RandomAccessFile f = null;
+        try {
+            f = new RandomAccessFile(path, "r");
+            ByteArrayOutputStream bytes = new ByteArrayOutputStream((int) f.length());
+            byte[] buffer = new byte[8192];
+            while (true) {
+                int byteCount = f.read(buffer);
+                if (byteCount == -1) {
+                    return bytes;
+                }
+                bytes.write(buffer, 0, byteCount);
+            }
+        } finally {
+            closeQuietly(f);
+        }
+    }
+
+    // Base on IoUtils.closeQuietly
+    private static void closeQuietly(Closeable closeable) {
+        if (closeable != null) {
+            try {
+                closeable.close();
+            } catch (RuntimeException rethrown) {
+                throw rethrown;
+            } catch (Exception ignored) {
+            }
+        }
+    }
+
+    private static final Set<BigInteger> readSerialBlackList(String path) {
+
+        /* Start out with a base set of known bad values.
+         *
+         * WARNING: Do not add short serials to this list!
+         *
+         * Since this currently doesn't compare the serial + issuer, you
+         * should only add serials that have enough entropy here. Short
+         * serials may inadvertently match a certificate that was issued
+         * not in compliance with the Baseline Requirements.
+         */
+        Set<BigInteger> bl = new HashSet<BigInteger>(Arrays.asList(
+            // From http://src.chromium.org/viewvc/chrome/trunk/src/net/base/x509_certificate.cc?revision=78748&view=markup
+            // Not a real certificate. For testing only.
+            new BigInteger("077a59bcd53459601ca6907267a6dd1c", 16),
+            new BigInteger("047ecbe9fca55f7bd09eae36e10cae1e", 16),
+            new BigInteger("d8f35f4eb7872b2dab0692e315382fb0", 16),
+            new BigInteger("b0b7133ed096f9b56fae91c874bd3ac0", 16),
+            new BigInteger("9239d5348f40d1695a745470e1f23f43", 16),
+            new BigInteger("e9028b9578e415dc1a710a2b88154447", 16),
+            new BigInteger("d7558fdaf5f1105bb213282b707729a3", 16),
+            new BigInteger("f5c86af36162f13a64f54f6dc9587c06", 16),
+            new BigInteger("392a434f0e07df1f8aa305de34e0c229", 16),
+            new BigInteger("3e75ced46b693021218830ae86a82a71", 16)
+        ));
+
+        // attempt to augment it with values taken from gservices
+        String serialBlacklist = readBlacklist(path);
+        if (!serialBlacklist.equals("")) {
+            for(String value : serialBlacklist.split(",")) {
+                try {
+                    bl.add(new BigInteger(value, 16));
+                } catch (NumberFormatException e) {
+                    logger.log(Level.WARNING, "Tried to blacklist invalid serial number " + value, e);
+                }
+            }
+        }
+
+        // whether that succeeds or fails, send it on its merry way
+        return Collections.unmodifiableSet(bl);
+    }
+
+    private static final Set<byte[]> readPublicKeyBlackList(String path) {
+
+        // start out with a base set of known bad values
+        Set<byte[]> bl = new HashSet<byte[]>(Arrays.asList(
+            // From http://src.chromium.org/viewvc/chrome/branches/782/src/net/base/x509_certificate.cc?r1=98750&r2=98749&pathrev=98750
+            // C=NL, O=DigiNotar, CN=DigiNotar Root CA/emailAddress=info@diginotar.nl
+            "410f36363258f30b347d12ce4863e433437806a8".getBytes(),
+            // Subject: CN=DigiNotar Cyber CA
+            // Issuer: CN=GTE CyberTrust Global Root
+            "ba3e7bd38cd7e1e6b9cd4c219962e59d7a2f4e37".getBytes(),
+            // Subject: CN=DigiNotar Services 1024 CA
+            // Issuer: CN=Entrust.net
+            "e23b8d105f87710a68d9248050ebefc627be4ca6".getBytes(),
+            // Subject: CN=DigiNotar PKIoverheid CA Organisatie - G2
+            // Issuer: CN=Staat der Nederlanden Organisatie CA - G2
+            "7b2e16bc39bcd72b456e9f055d1de615b74945db".getBytes(),
+            // Subject: CN=DigiNotar PKIoverheid CA Overheid en Bedrijven
+            // Issuer: CN=Staat der Nederlanden Overheid CA
+            "e8f91200c65cee16e039b9f883841661635f81c5".getBytes(),
+            // From http://src.chromium.org/viewvc/chrome?view=rev&revision=108479
+            // Subject: O=Digicert Sdn. Bhd.
+            // Issuer: CN=GTE CyberTrust Global Root
+            "0129bcd5b448ae8d2496d1c3e19723919088e152".getBytes(),
+            // Subject: CN=e-islem.kktcmerkezbankasi.org/emailAddress=ileti@kktcmerkezbankasi.org
+            // Issuer: CN=T\xC3\x9CRKTRUST Elektronik Sunucu Sertifikas\xC4\xB1 Hizmetleri
+            "5f3ab33d55007054bc5e3e5553cd8d8465d77c61".getBytes(),
+            // Subject: CN=*.EGO.GOV.TR 93
+            // Issuer: CN=T\xC3\x9CRKTRUST Elektronik Sunucu Sertifikas\xC4\xB1 Hizmetleri
+            "783333c9687df63377efceddd82efa9101913e8e".getBytes(),
+            // Subject: Subject: C=FR, O=DG Tr\xC3\xA9sor, CN=AC DG Tr\xC3\xA9sor SSL
+            // Issuer: C=FR, O=DGTPE, CN=AC DGTPE Signature Authentification
+            "3ecf4bbbe46096d514bb539bb913d77aa4ef31bf".getBytes()
+        ));
+
+        // attempt to augment it with values taken from gservices
+        String pubkeyBlacklist = readBlacklist(path);
+        if (!pubkeyBlacklist.equals("")) {
+            for (String value : pubkeyBlacklist.split(",")) {
+                value = value.trim();
+                if (isPubkeyHash(value)) {
+                    bl.add(value.getBytes());
+                } else {
+                    logger.log(Level.WARNING, "Tried to blacklist invalid pubkey " + value);
+                }
+            }
+        }
+
+        return bl;
+    }
+
+    public boolean isPublicKeyBlackListed(PublicKey publicKey) {
+        byte[] encoded = publicKey.getEncoded();
+        Digest digest = AndroidDigestFactory.getSHA1();
+        digest.update(encoded, 0, encoded.length);
+        byte[] out = new byte[digest.getDigestSize()];
+        digest.doFinal(out, 0);
+        for (byte[] blacklisted : pubkeyBlacklist) {
+            if (Arrays.equals(blacklisted, Hex.encode(out))) {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    public boolean isSerialNumberBlackListed(BigInteger serial) {
+        return serialBlacklist.contains(serial);
+    }
+
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java
new file mode 100644
index 0000000..2482661
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/CertPathValidatorUtilities.java

@@ -0,0 +1,1378 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.math.BigInteger;
+import java.security.GeneralSecurityException;
+import java.security.KeyFactory;
+import java.security.PublicKey;
+import java.security.cert.CRLException;
+import java.security.cert.CertPath;
+import java.security.cert.CertPathValidatorException;
+import java.security.cert.CertStore;
+import java.security.cert.CertStoreException;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateParsingException;
+import java.security.cert.PolicyQualifierInfo;
+import java.security.cert.TrustAnchor;
+import java.security.cert.X509CRL;
+import java.security.cert.X509CRLEntry;
+import java.security.cert.X509CRLSelector;
+import java.security.cert.X509CertSelector;
+import java.security.cert.X509Certificate;
+import java.security.interfaces.DSAParams;
+import java.security.interfaces.DSAPublicKey;
+import java.security.spec.DSAPublicKeySpec;
+import java.text.ParseException;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.Date;
+import java.util.Enumeration;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.LinkedHashSet;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+
+import javax.security.auth.x500.X500Principal;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Enumerated;
+import com.android.org.bouncycastle.asn1.ASN1GeneralizedTime;
+import com.android.org.bouncycastle.asn1.ASN1InputStream;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1OutputStream;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.isismtt.ISISMTTObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+import com.android.org.bouncycastle.asn1.x500.style.RFC4519Style;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
+import com.android.org.bouncycastle.asn1.x509.CRLDistPoint;
+import com.android.org.bouncycastle.asn1.x509.CRLReason;
+import com.android.org.bouncycastle.asn1.x509.DistributionPoint;
+import com.android.org.bouncycastle.asn1.x509.DistributionPointName;
+import com.android.org.bouncycastle.asn1.x509.Extension;
+import com.android.org.bouncycastle.asn1.x509.GeneralName;
+import com.android.org.bouncycastle.asn1.x509.GeneralNames;
+import com.android.org.bouncycastle.asn1.x509.PolicyInformation;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import com.android.org.bouncycastle.jcajce.PKIXCRLStore;
+import com.android.org.bouncycastle.jcajce.PKIXCRLStoreSelector;
+import com.android.org.bouncycastle.jcajce.PKIXCertStore;
+import com.android.org.bouncycastle.jcajce.PKIXCertStoreSelector;
+import com.android.org.bouncycastle.jcajce.PKIXExtendedParameters;
+import com.android.org.bouncycastle.jcajce.util.JcaJceHelper;
+import com.android.org.bouncycastle.jce.exception.ExtCertPathValidatorException;
+import com.android.org.bouncycastle.util.Selector;
+import com.android.org.bouncycastle.util.Store;
+import com.android.org.bouncycastle.util.StoreException;
+import com.android.org.bouncycastle.x509.X509AttributeCertificate;
+import com.android.org.bouncycastle.x509.extension.X509ExtensionUtil;
+
+class CertPathValidatorUtilities
+{
+    protected static final PKIXCRLUtil CRL_UTIL = new PKIXCRLUtil();
+
+    protected static final String CERTIFICATE_POLICIES = Extension.certificatePolicies.getId();
+    protected static final String BASIC_CONSTRAINTS = Extension.basicConstraints.getId();
+    protected static final String POLICY_MAPPINGS = Extension.policyMappings.getId();
+    protected static final String SUBJECT_ALTERNATIVE_NAME = Extension.subjectAlternativeName.getId();
+    protected static final String NAME_CONSTRAINTS = Extension.nameConstraints.getId();
+    protected static final String KEY_USAGE = Extension.keyUsage.getId();
+    protected static final String INHIBIT_ANY_POLICY = Extension.inhibitAnyPolicy.getId();
+    protected static final String ISSUING_DISTRIBUTION_POINT = Extension.issuingDistributionPoint.getId();
+    protected static final String DELTA_CRL_INDICATOR = Extension.deltaCRLIndicator.getId();
+    protected static final String POLICY_CONSTRAINTS = Extension.policyConstraints.getId();
+    protected static final String FRESHEST_CRL = Extension.freshestCRL.getId();
+    protected static final String CRL_DISTRIBUTION_POINTS = Extension.cRLDistributionPoints.getId();
+    protected static final String AUTHORITY_KEY_IDENTIFIER = Extension.authorityKeyIdentifier.getId();
+
+    protected static final String ANY_POLICY = "2.5.29.32.0";
+
+    protected static final String CRL_NUMBER = Extension.cRLNumber.getId();
+
+    /*
+    * key usage bits
+    */
+    protected static final int KEY_CERT_SIGN = 5;
+    protected static final int CRL_SIGN = 6;
+
+    protected static final String[] crlReasons = new String[]{
+        "unspecified",
+        "keyCompromise",
+        "cACompromise",
+        "affiliationChanged",
+        "superseded",
+        "cessationOfOperation",
+        "certificateHold",
+        "unknown",
+        "removeFromCRL",
+        "privilegeWithdrawn",
+        "aACompromise"};
+
+    /**
+     * Search the given Set of TrustAnchor's for one that is the
+     * issuer of the given X509 certificate. Uses the default provider
+     * for signature verification.
+     *
+     * @param cert         the X509 certificate
+     * @param trustAnchors a Set of TrustAnchor's
+     * @return the <code>TrustAnchor</code> object if found or
+     *         <code>null</code> if not.
+     * @throws AnnotatedException if a TrustAnchor was found but the signature verification
+     * on the given certificate has thrown an exception.
+     */
+    protected static TrustAnchor findTrustAnchor(
+        X509Certificate cert,
+        Set trustAnchors)
+        throws AnnotatedException
+    {
+        return findTrustAnchor(cert, trustAnchors, null);
+    }
+
+    /**
+     * Search the given Set of TrustAnchor's for one that is the
+     * issuer of the given X509 certificate. Uses the specified
+     * provider for signature verification, or the default provider
+     * if null.
+     *
+     * @param cert         the X509 certificate
+     * @param trustAnchors a Set of TrustAnchor's
+     * @param sigProvider  the provider to use for signature verification
+     * @return the <code>TrustAnchor</code> object if found or
+     *         <code>null</code> if not.
+     * @throws AnnotatedException if a TrustAnchor was found but the signature verification
+     * on the given certificate has thrown an exception.
+     */
+    protected static TrustAnchor findTrustAnchor(
+        X509Certificate cert,
+        Set trustAnchors,
+        String sigProvider)
+        throws AnnotatedException
+    {
+        TrustAnchor trust = null;
+        PublicKey trustPublicKey = null;
+        Exception invalidKeyEx = null;
+
+        X509CertSelector certSelectX509 = new X509CertSelector();
+        X500Name certIssuer = PrincipalUtils.getEncodedIssuerPrincipal(cert);
+
+        try
+        {
+            certSelectX509.setSubject(certIssuer.getEncoded());
+        }
+        catch (IOException ex)
+        {
+            throw new AnnotatedException("Cannot set subject search criteria for trust anchor.", ex);
+        }
+
+        Iterator iter = trustAnchors.iterator();
+        while (iter.hasNext() && trust == null)
+        {
+            trust = (TrustAnchor)iter.next();
+            if (trust.getTrustedCert() != null)
+            {
+                if (certSelectX509.match(trust.getTrustedCert()))
+                {
+                    trustPublicKey = trust.getTrustedCert().getPublicKey();
+                }
+                else
+                {
+                    trust = null;
+                }
+            }
+            else if (trust.getCAName() != null
+                && trust.getCAPublicKey() != null)
+            {
+                try
+                {
+                    X500Name caName = PrincipalUtils.getCA(trust);
+                    if (certIssuer.equals(caName))
+                    {
+                        trustPublicKey = trust.getCAPublicKey();
+                    }
+                    else
+                    {
+                        trust = null;
+                    }
+                }
+                catch (IllegalArgumentException ex)
+                {
+                    trust = null;
+                }
+            }
+            else
+            {
+                trust = null;
+            }
+
+            if (trustPublicKey != null)
+            {
+                try
+                {
+                    verifyX509Certificate(cert, trustPublicKey, sigProvider);
+                }
+                catch (Exception ex)
+                {
+                    invalidKeyEx = ex;
+                    trust = null;
+                    trustPublicKey = null;
+                }
+            }
+        }
+
+        if (trust == null && invalidKeyEx != null)
+        {
+            throw new AnnotatedException("TrustAnchor found but certificate validation failed.", invalidKeyEx);
+        }
+
+        return trust;
+    }
+
+    static boolean isIssuerTrustAnchor(
+        X509Certificate cert,
+        Set trustAnchors,
+        String sigProvider)
+        throws AnnotatedException
+    {
+        try
+        {
+            return findTrustAnchor(cert, trustAnchors, sigProvider) != null;
+        }
+        catch (Exception e)
+        {
+            return false;
+        }
+    }
+
+    static List<PKIXCertStore> getAdditionalStoresFromAltNames(
+        byte[] issuerAlternativeName,
+        Map<GeneralName, PKIXCertStore> altNameCertStoreMap)
+        throws CertificateParsingException
+    {
+        // if in the IssuerAltName extension an URI
+        // is given, add an additional X.509 store
+        if (issuerAlternativeName != null)
+        {
+            GeneralNames issuerAltName = GeneralNames.getInstance(ASN1OctetString.getInstance(issuerAlternativeName).getOctets());
+
+            GeneralName[] names = issuerAltName.getNames();
+            List<PKIXCertStore>  stores = new ArrayList<PKIXCertStore>();
+
+            for (int i = 0; i != names.length; i++)
+            {
+                GeneralName altName = names[i];
+
+                PKIXCertStore altStore = altNameCertStoreMap.get(altName);
+
+                if (altStore != null)
+                {
+                    stores.add(altStore);
+                }
+            }
+
+            return stores;
+        }
+        else
+        {
+            return Collections.EMPTY_LIST;
+        }
+    }
+
+    protected static Date getValidDate(PKIXExtendedParameters paramsPKIX)
+    {
+        Date validDate = paramsPKIX.getDate();
+
+        if (validDate == null)
+        {
+            validDate = new Date();
+        }
+
+        return validDate;
+    }
+
+    protected static boolean isSelfIssued(X509Certificate cert)
+    {
+        return cert.getSubjectDN().equals(cert.getIssuerDN());
+    }
+
+
+    /**
+     * Extract the value of the given extension, if it exists.
+     *
+     * @param ext The extension object.
+     * @param oid The object identifier to obtain.
+     * @throws AnnotatedException if the extension cannot be read.
+     */
+    protected static ASN1Primitive getExtensionValue(
+        java.security.cert.X509Extension ext,
+        String oid)
+        throws AnnotatedException
+    {
+        byte[] bytes = ext.getExtensionValue(oid);
+        if (bytes == null)
+        {
+            return null;
+        }
+
+        return getObject(oid, bytes);
+    }
+
+    private static ASN1Primitive getObject(
+        String oid,
+        byte[] ext)
+        throws AnnotatedException
+    {
+        try
+        {
+            ASN1InputStream aIn = new ASN1InputStream(ext);
+            ASN1OctetString octs = (ASN1OctetString)aIn.readObject();
+
+            aIn = new ASN1InputStream(octs.getOctets());
+            return aIn.readObject();
+        }
+        catch (Exception e)
+        {
+            throw new AnnotatedException("exception processing extension " + oid, e);
+        }
+    }
+
+    protected static AlgorithmIdentifier getAlgorithmIdentifier(
+        PublicKey key)
+        throws CertPathValidatorException
+    {
+        try
+        {
+            ASN1InputStream aIn = new ASN1InputStream(key.getEncoded());
+
+            SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(aIn.readObject());
+
+            return info.getAlgorithm();
+        }
+        catch (Exception e)
+        {
+            throw new ExtCertPathValidatorException("Subject public key cannot be decoded.", e);
+        }
+    }
+
+    // crl checking
+
+
+    //
+    // policy checking
+    // 
+
+    protected static final Set getQualifierSet(ASN1Sequence qualifiers)
+        throws CertPathValidatorException
+    {
+        Set pq = new HashSet();
+
+        if (qualifiers == null)
+        {
+            return pq;
+        }
+
+        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
+        ASN1OutputStream aOut = new ASN1OutputStream(bOut);
+
+        Enumeration e = qualifiers.getObjects();
+
+        while (e.hasMoreElements())
+        {
+            try
+            {
+                aOut.writeObject((ASN1Encodable)e.nextElement());
+
+                pq.add(new PolicyQualifierInfo(bOut.toByteArray()));
+            }
+            catch (IOException ex)
+            {
+                throw new ExtCertPathValidatorException("Policy qualifier info cannot be decoded.", ex);
+            }
+
+            bOut.reset();
+        }
+
+        return pq;
+    }
+
+    protected static PKIXPolicyNode removePolicyNode(
+        PKIXPolicyNode validPolicyTree,
+        List[] policyNodes,
+        PKIXPolicyNode _node)
+    {
+        PKIXPolicyNode _parent = (PKIXPolicyNode)_node.getParent();
+
+        if (validPolicyTree == null)
+        {
+            return null;
+        }
+
+        if (_parent == null)
+        {
+            for (int j = 0; j < policyNodes.length; j++)
+            {
+                policyNodes[j] = new ArrayList();
+            }
+
+            return null;
+        }
+        else
+        {
+            _parent.removeChild(_node);
+            removePolicyNodeRecurse(policyNodes, _node);
+
+            return validPolicyTree;
+        }
+    }
+
+    private static void removePolicyNodeRecurse(
+        List[] policyNodes,
+        PKIXPolicyNode _node)
+    {
+        policyNodes[_node.getDepth()].remove(_node);
+
+        if (_node.hasChildren())
+        {
+            Iterator _iter = _node.getChildren();
+            while (_iter.hasNext())
+            {
+                PKIXPolicyNode _child = (PKIXPolicyNode)_iter.next();
+                removePolicyNodeRecurse(policyNodes, _child);
+            }
+        }
+    }
+
+
+    protected static boolean processCertD1i(
+        int index,
+        List[] policyNodes,
+        ASN1ObjectIdentifier pOid,
+        Set pq)
+    {
+        List policyNodeVec = policyNodes[index - 1];
+
+        for (int j = 0; j < policyNodeVec.size(); j++)
+        {
+            PKIXPolicyNode node = (PKIXPolicyNode)policyNodeVec.get(j);
+            Set expectedPolicies = node.getExpectedPolicies();
+
+            if (expectedPolicies.contains(pOid.getId()))
+            {
+                Set childExpectedPolicies = new HashSet();
+                childExpectedPolicies.add(pOid.getId());
+
+                PKIXPolicyNode child = new PKIXPolicyNode(new ArrayList(),
+                    index,
+                    childExpectedPolicies,
+                    node,
+                    pq,
+                    pOid.getId(),
+                    false);
+                node.addChild(child);
+                policyNodes[index].add(child);
+
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    protected static void processCertD1ii(
+        int index,
+        List[] policyNodes,
+        ASN1ObjectIdentifier _poid,
+        Set _pq)
+    {
+        List policyNodeVec = policyNodes[index - 1];
+
+        for (int j = 0; j < policyNodeVec.size(); j++)
+        {
+            PKIXPolicyNode _node = (PKIXPolicyNode)policyNodeVec.get(j);
+
+            if (ANY_POLICY.equals(_node.getValidPolicy()))
+            {
+                Set _childExpectedPolicies = new HashSet();
+                _childExpectedPolicies.add(_poid.getId());
+
+                PKIXPolicyNode _child = new PKIXPolicyNode(new ArrayList(),
+                    index,
+                    _childExpectedPolicies,
+                    _node,
+                    _pq,
+                    _poid.getId(),
+                    false);
+                _node.addChild(_child);
+                policyNodes[index].add(_child);
+                return;
+            }
+        }
+    }
+
+    protected static void prepareNextCertB1(
+        int i,
+        List[] policyNodes,
+        String id_p,
+        Map m_idp,
+        X509Certificate cert
+    )
+        throws AnnotatedException, CertPathValidatorException
+    {
+        boolean idp_found = false;
+        Iterator nodes_i = policyNodes[i].iterator();
+        while (nodes_i.hasNext())
+        {
+            PKIXPolicyNode node = (PKIXPolicyNode)nodes_i.next();
+            if (node.getValidPolicy().equals(id_p))
+            {
+                idp_found = true;
+                node.expectedPolicies = (Set)m_idp.get(id_p);
+                break;
+            }
+        }
+
+        if (!idp_found)
+        {
+            nodes_i = policyNodes[i].iterator();
+            while (nodes_i.hasNext())
+            {
+                PKIXPolicyNode node = (PKIXPolicyNode)nodes_i.next();
+                if (ANY_POLICY.equals(node.getValidPolicy()))
+                {
+                    Set pq = null;
+                    ASN1Sequence policies = null;
+                    try
+                    {
+                        policies = DERSequence.getInstance(getExtensionValue(cert, CERTIFICATE_POLICIES));
+                    }
+                    catch (Exception e)
+                    {
+                        throw new AnnotatedException("Certificate policies cannot be decoded.", e);
+                    }
+                    Enumeration e = policies.getObjects();
+                    while (e.hasMoreElements())
+                    {
+                        PolicyInformation pinfo = null;
+
+                        try
+                        {
+                            pinfo = PolicyInformation.getInstance(e.nextElement());
+                        }
+                        catch (Exception ex)
+                        {
+                            throw new AnnotatedException("Policy information cannot be decoded.", ex);
+                        }
+                        if (ANY_POLICY.equals(pinfo.getPolicyIdentifier().getId()))
+                        {
+                            try
+                            {
+                                pq = getQualifierSet(pinfo.getPolicyQualifiers());
+                            }
+                            catch (CertPathValidatorException ex)
+                            {
+                                throw new ExtCertPathValidatorException(
+                                    "Policy qualifier info set could not be built.", ex);
+                            }
+                            break;
+                        }
+                    }
+                    boolean ci = false;
+                    if (cert.getCriticalExtensionOIDs() != null)
+                    {
+                        ci = cert.getCriticalExtensionOIDs().contains(CERTIFICATE_POLICIES);
+                    }
+
+                    PKIXPolicyNode p_node = (PKIXPolicyNode)node.getParent();
+                    if (ANY_POLICY.equals(p_node.getValidPolicy()))
+                    {
+                        PKIXPolicyNode c_node = new PKIXPolicyNode(
+                            new ArrayList(), i,
+                            (Set)m_idp.get(id_p),
+                            p_node, pq, id_p, ci);
+                        p_node.addChild(c_node);
+                        policyNodes[i].add(c_node);
+                    }
+                    break;
+                }
+            }
+        }
+    }
+
+    protected static PKIXPolicyNode prepareNextCertB2(
+        int i,
+        List[] policyNodes,
+        String id_p,
+        PKIXPolicyNode validPolicyTree)
+    {
+        Iterator nodes_i = policyNodes[i].iterator();
+        while (nodes_i.hasNext())
+        {
+            PKIXPolicyNode node = (PKIXPolicyNode)nodes_i.next();
+            if (node.getValidPolicy().equals(id_p))
+            {
+                PKIXPolicyNode p_node = (PKIXPolicyNode)node.getParent();
+                p_node.removeChild(node);
+                nodes_i.remove();
+                for (int k = (i - 1); k >= 0; k--)
+                {
+                    List nodes = policyNodes[k];
+                    for (int l = 0; l < nodes.size(); l++)
+                    {
+                        PKIXPolicyNode node2 = (PKIXPolicyNode)nodes.get(l);
+                        if (!node2.hasChildren())
+                        {
+                            validPolicyTree = removePolicyNode(validPolicyTree, policyNodes, node2);
+                            if (validPolicyTree == null)
+                            {
+                                break;
+                            }
+                        }
+                    }
+                }
+            }
+        }
+        return validPolicyTree;
+    }
+
+    protected static boolean isAnyPolicy(
+        Set policySet)
+    {
+        return policySet == null || policySet.contains(ANY_POLICY) || policySet.isEmpty();
+    }
+
+    /**
+     * Return a Collection of all certificates or attribute certificates found
+     * in the X509Store's that are matching the certSelect criteriums.
+     *
+     * @param certSelect a {@link Selector} object that will be used to select
+     *                   the certificates
+     * @param certStores a List containing only {@link Store} objects. These
+     *                   are used to search for certificates.
+     * @return a Collection of all found {@link X509Certificate}
+     *         May be empty but never <code>null</code>.
+     */
+    protected static Collection findCertificates(PKIXCertStoreSelector certSelect,
+                                                 List certStores)
+        throws AnnotatedException
+    {
+        Set certs = new LinkedHashSet();
+        Iterator iter = certStores.iterator();
+
+        while (iter.hasNext())
+        {
+            Object obj = iter.next();
+
+            // BEGIN Android-removed: Unknown reason
+            /*
+            if (obj instanceof Store)
+            {
+                Store certStore = (Store)obj;
+                try
+                {
+                    certs.addAll(certStore.getMatches(certSelect));
+                }
+                catch (StoreException e)
+                {
+                    throw new AnnotatedException(
+                            "Problem while picking certificates from X.509 store.", e);
+                }
+            }
+            else
+            */
+            // END Android-removed: Unknown reason
+            {
+                CertStore certStore = (CertStore)obj;
+
+                try
+                {
+                    certs.addAll(PKIXCertStoreSelector.getCertificates(certSelect, certStore));
+                }
+                catch (CertStoreException e)
+                {
+                    throw new AnnotatedException(
+                        "Problem while picking certificates from certificate store.",
+                        e);
+                }
+            }
+        }
+        return certs;
+    }
+
+    static List<PKIXCRLStore> getAdditionalStoresFromCRLDistributionPoint(CRLDistPoint crldp, Map<GeneralName, PKIXCRLStore> namedCRLStoreMap)
+        throws AnnotatedException
+    {
+        if (crldp != null)
+        {
+            DistributionPoint dps[] = null;
+            try
+            {
+                dps = crldp.getDistributionPoints();
+            }
+            catch (Exception e)
+            {
+                throw new AnnotatedException(
+                    "Distribution points could not be read.", e);
+            }
+            List<PKIXCRLStore> stores = new ArrayList<PKIXCRLStore>();
+
+            for (int i = 0; i < dps.length; i++)
+            {
+                DistributionPointName dpn = dps[i].getDistributionPoint();
+                // look for URIs in fullName
+                if (dpn != null)
+                {
+                    if (dpn.getType() == DistributionPointName.FULL_NAME)
+                    {
+                        GeneralName[] genNames = GeneralNames.getInstance(
+                            dpn.getName()).getNames();
+
+                        for (int j = 0; j < genNames.length; j++)
+                        {
+                            PKIXCRLStore store = namedCRLStoreMap.get(genNames[j]);
+                            if (store != null)
+                            {
+                                stores.add(store);
+                            }
+                        }
+                    }
+                }
+            }
+
+            return stores;
+        }
+        else
+        {
+            return Collections.EMPTY_LIST;
+        }
+    }
+
+    /**
+     * Add the CRL issuers from the cRLIssuer field of the distribution point or
+     * from the certificate if not given to the issuer criterion of the
+     * <code>selector</code>.
+     * <p>
+     * The <code>issuerPrincipals</code> are a collection with a single
+     * <code>X500Name</code> for <code>X509Certificate</code>s.
+     * </p>
+     * @param dp               The distribution point.
+     * @param issuerPrincipals The issuers of the certificate or attribute
+     *                         certificate which contains the distribution point.
+     * @param selector         The CRL selector.
+     * @throws AnnotatedException if an exception occurs while processing.
+     * @throws ClassCastException if <code>issuerPrincipals</code> does not
+     * contain only <code>X500Name</code>s.
+     */
+    protected static void getCRLIssuersFromDistributionPoint(
+        DistributionPoint dp,
+        Collection issuerPrincipals,
+        X509CRLSelector selector)
+        throws AnnotatedException
+    {
+        List issuers = new ArrayList();
+        // indirect CRL
+        if (dp.getCRLIssuer() != null)
+        {
+            GeneralName genNames[] = dp.getCRLIssuer().getNames();
+            // look for a DN
+            for (int j = 0; j < genNames.length; j++)
+            {
+                if (genNames[j].getTagNo() == GeneralName.directoryName)
+                {
+                    try
+                    {
+                        issuers.add(X500Name.getInstance(genNames[j].getName()
+                            .toASN1Primitive().getEncoded()));
+                    }
+                    catch (IOException e)
+                    {
+                        throw new AnnotatedException(
+                            "CRL issuer information from distribution point cannot be decoded.",
+                            e);
+                    }
+                }
+            }
+        }
+        else
+        {
+            /*
+             * certificate issuer is CRL issuer, distributionPoint field MUST be
+             * present.
+             */
+            if (dp.getDistributionPoint() == null)
+            {
+                throw new AnnotatedException(
+                    "CRL issuer is omitted from distribution point but no distributionPoint field present.");
+            }
+            // add and check issuer principals
+            for (Iterator it = issuerPrincipals.iterator(); it.hasNext(); )
+            {
+                issuers.add(it.next());
+            }
+        }
+        // TODO: is not found although this should correctly add the rel name. selector of Sun is buggy here or PKI test case is invalid
+        // distributionPoint
+//        if (dp.getDistributionPoint() != null)
+//        {
+//            // look for nameRelativeToCRLIssuer
+//            if (dp.getDistributionPoint().getType() == DistributionPointName.NAME_RELATIVE_TO_CRL_ISSUER)
+//            {
+//                // append fragment to issuer, only one
+//                // issuer can be there, if this is given
+//                if (issuers.size() != 1)
+//                {
+//                    throw new AnnotatedException(
+//                        "nameRelativeToCRLIssuer field is given but more than one CRL issuer is given.");
+//                }
+//                ASN1Encodable relName = dp.getDistributionPoint().getName();
+//                Iterator it = issuers.iterator();
+//                List issuersTemp = new ArrayList(issuers.size());
+//                while (it.hasNext())
+//                {
+//                    Enumeration e = null;
+//                    try
+//                    {
+//                        e = ASN1Sequence.getInstance(
+//                            new ASN1InputStream(((X500Principal) it.next())
+//                                .getEncoded()).readObject()).getObjects();
+//                    }
+//                    catch (IOException ex)
+//                    {
+//                        throw new AnnotatedException(
+//                            "Cannot decode CRL issuer information.", ex);
+//                    }
+//                    ASN1EncodableVector v = new ASN1EncodableVector();
+//                    while (e.hasMoreElements())
+//                    {
+//                        v.add((ASN1Encodable) e.nextElement());
+//                    }
+//                    v.add(relName);
+//                    issuersTemp.add(new X500Principal(new DERSequence(v)
+//                        .getDEREncoded()));
+//                }
+//                issuers.clear();
+//                issuers.addAll(issuersTemp);
+//            }
+//        }
+        Iterator it = issuers.iterator();
+        while (it.hasNext())
+        {
+            try
+            {
+                selector.addIssuerName(((X500Name)it.next()).getEncoded());
+            }
+            catch (IOException ex)
+            {
+                throw new AnnotatedException(
+                    "Cannot decode CRL issuer information.", ex);
+            }
+        }
+    }
+
+    private static BigInteger getSerialNumber(
+        Object cert)
+    {
+        return ((X509Certificate)cert).getSerialNumber();
+    }
+
+    protected static void getCertStatus(
+        Date validDate,
+        X509CRL crl,
+        Object cert,
+        CertStatus certStatus)
+        throws AnnotatedException
+    {
+        X509CRLEntry crl_entry = null;
+
+        boolean isIndirect;
+        try
+        {
+            isIndirect = X509CRLObject.isIndirectCRL(crl);
+        }
+        catch (CRLException exception)
+        {
+            throw new AnnotatedException("Failed check for indirect CRL.", exception);
+        }
+
+        if (isIndirect)
+        {
+            crl_entry = crl.getRevokedCertificate(getSerialNumber(cert));
+
+            if (crl_entry == null)
+            {
+                return;
+            }
+
+            X500Principal certificateIssuer = crl_entry.getCertificateIssuer();
+
+            X500Name certIssuer;
+            if (certificateIssuer == null)
+            {
+                certIssuer = PrincipalUtils.getIssuerPrincipal(crl);
+            }
+            else
+            {
+                certIssuer = X500Name.getInstance(certificateIssuer.getEncoded());
+            }
+
+            if (! PrincipalUtils.getEncodedIssuerPrincipal(cert).equals(certIssuer))
+            {
+                return;
+            }
+        }
+        else if (! PrincipalUtils.getEncodedIssuerPrincipal(cert).equals(PrincipalUtils.getIssuerPrincipal(crl)))
+        {
+            return;  // not for our issuer, ignore
+        }
+        else
+        {
+            crl_entry = crl.getRevokedCertificate(getSerialNumber(cert));
+
+            if (crl_entry == null)
+            {
+                return;
+            }
+        }
+
+        ASN1Enumerated reasonCode = null;
+        if (crl_entry.hasExtensions())
+        {
+            try
+            {
+                reasonCode = ASN1Enumerated
+                    .getInstance(CertPathValidatorUtilities
+                        .getExtensionValue(crl_entry,
+                            Extension.reasonCode.getId()));
+            }
+            catch (Exception e)
+            {
+                throw new AnnotatedException(
+                    "Reason code CRL entry extension could not be decoded.",
+                    e);
+            }
+        }
+
+        // for reason keyCompromise, caCompromise, aACompromise or
+        // unspecified
+        if (!(validDate.getTime() < crl_entry.getRevocationDate().getTime())
+            || reasonCode == null
+            || reasonCode.getValue().intValue() == 0
+            || reasonCode.getValue().intValue() == 1
+            || reasonCode.getValue().intValue() == 2
+            || reasonCode.getValue().intValue() == 8)
+        {
+
+            // (i) or (j) (1)
+            if (reasonCode != null)
+            {
+                certStatus.setCertStatus(reasonCode.getValue().intValue());
+            }
+            // (i) or (j) (2)
+            else
+            {
+                certStatus.setCertStatus(CRLReason.unspecified);
+            }
+            certStatus.setRevocationDate(crl_entry.getRevocationDate());
+        }
+    }
+
+    /**
+     * Fetches delta CRLs according to RFC 3280 section 5.2.4.
+     *
+     * @param validityDate The date for which the delta CRLs must be valid.
+     * @param completeCRL The complete CRL the delta CRL is for.
+     * @return A <code>Set</code> of <code>X509CRL</code>s with delta CRLs.
+     * @throws AnnotatedException if an exception occurs while picking the delta
+     * CRLs.
+     */
+    protected static Set getDeltaCRLs(Date validityDate,
+                                      X509CRL completeCRL, List<CertStore> certStores, List<PKIXCRLStore> pkixCrlStores)
+        throws AnnotatedException
+    {
+        X509CRLSelector baseDeltaSelect = new X509CRLSelector();
+        // 5.2.4 (a)
+        try
+        {
+            baseDeltaSelect.addIssuerName(PrincipalUtils.getIssuerPrincipal(completeCRL).getEncoded());
+        }
+        catch (IOException e)
+        {
+            throw new AnnotatedException("Cannot extract issuer from CRL.", e);
+        }
+
+
+
+        BigInteger completeCRLNumber = null;
+        try
+        {
+            ASN1Primitive derObject = CertPathValidatorUtilities.getExtensionValue(completeCRL,
+                CRL_NUMBER);
+            if (derObject != null)
+            {
+                completeCRLNumber = ASN1Integer.getInstance(derObject).getPositiveValue();
+            }
+        }
+        catch (Exception e)
+        {
+            throw new AnnotatedException(
+                "CRL number extension could not be extracted from CRL.", e);
+        }
+
+        // 5.2.4 (b)
+        byte[] idp = null;
+        try
+        {
+            idp = completeCRL.getExtensionValue(ISSUING_DISTRIBUTION_POINT);
+        }
+        catch (Exception e)
+        {
+            throw new AnnotatedException(
+                "Issuing distribution point extension value could not be read.",
+                e);
+        }
+
+        // 5.2.4 (d)
+
+        baseDeltaSelect.setMinCRLNumber(completeCRLNumber == null ? null : completeCRLNumber
+            .add(BigInteger.valueOf(1)));
+
+        PKIXCRLStoreSelector.Builder selBuilder = new PKIXCRLStoreSelector.Builder(baseDeltaSelect);
+
+        selBuilder.setIssuingDistributionPoint(idp);
+        selBuilder.setIssuingDistributionPointEnabled(true);
+
+        // 5.2.4 (c)
+        selBuilder.setMaxBaseCRLNumber(completeCRLNumber);
+
+        PKIXCRLStoreSelector deltaSelect = selBuilder.build();
+
+        // find delta CRLs
+        Set temp = CRL_UTIL.findCRLs(deltaSelect, validityDate, certStores, pkixCrlStores);
+
+        Set result = new HashSet();
+
+        for (Iterator it = temp.iterator(); it.hasNext(); )
+        {
+            X509CRL crl = (X509CRL)it.next();
+
+            if (isDeltaCRL(crl))
+            {
+                result.add(crl);
+            }
+        }
+
+        return result;
+    }
+
+    private static boolean isDeltaCRL(X509CRL crl)
+    {
+        Set critical = crl.getCriticalExtensionOIDs();
+
+        if (critical == null)
+        {
+            return false;
+        }
+
+        return critical.contains(RFC3280CertPathUtilities.DELTA_CRL_INDICATOR);
+    }
+
+    /**
+     * Fetches complete CRLs according to RFC 3280.
+     *
+     * @param dp          The distribution point for which the complete CRL
+     * @param cert        The <code>X509Certificate</code> for
+     *                    which the CRL should be searched.
+     * @param currentDate The date for which the delta CRLs must be valid.
+     * @param paramsPKIX  The extended PKIX parameters.
+     * @return A <code>Set</code> of <code>X509CRL</code>s with complete
+     *         CRLs.
+     * @throws AnnotatedException if an exception occurs while picking the CRLs
+     * or no CRLs are found.
+     */
+    protected static Set getCompleteCRLs(DistributionPoint dp, Object cert,
+                                         Date currentDate, PKIXExtendedParameters paramsPKIX)
+        throws AnnotatedException
+    {
+        X509CRLSelector baseCrlSelect = new X509CRLSelector();
+
+        try
+        {
+            Set issuers = new HashSet();
+
+            issuers.add(PrincipalUtils.getEncodedIssuerPrincipal(cert));
+
+            CertPathValidatorUtilities.getCRLIssuersFromDistributionPoint(dp, issuers, baseCrlSelect);
+        }
+        catch (AnnotatedException e)
+        {
+            throw new AnnotatedException(
+                "Could not get issuer information from distribution point.", e);
+        }
+
+        if (cert instanceof X509Certificate)
+        {
+            baseCrlSelect.setCertificateChecking((X509Certificate)cert);
+        }
+
+        PKIXCRLStoreSelector crlSelect = new PKIXCRLStoreSelector.Builder(baseCrlSelect).setCompleteCRLEnabled(true).build();
+
+        Date validityDate = currentDate;
+
+        if (paramsPKIX.getDate() != null)
+        {
+            validityDate = paramsPKIX.getDate();
+        }
+
+        Set crls = CRL_UTIL.findCRLs(crlSelect, validityDate, paramsPKIX.getCertStores(), paramsPKIX.getCRLStores());
+
+        checkCRLsNotEmpty(crls, cert);
+
+        return crls;
+    }
+
+    protected static Date getValidCertDateFromValidityModel(
+        PKIXExtendedParameters paramsPKIX, CertPath certPath, int index)
+        throws AnnotatedException
+    {
+        if (paramsPKIX.getValidityModel() == PKIXExtendedParameters.CHAIN_VALIDITY_MODEL)
+        {
+            // if end cert use given signing/encryption/... time
+            if (index <= 0)
+            {
+                return CertPathValidatorUtilities.getValidDate(paramsPKIX);
+                // else use time when previous cert was created
+            }
+            else
+            {
+                if (index - 1 == 0)
+                {
+                    ASN1GeneralizedTime dateOfCertgen = null;
+                    try
+                    {
+                        byte[] extBytes = ((X509Certificate)certPath.getCertificates().get(index - 1)).getExtensionValue(ISISMTTObjectIdentifiers.id_isismtt_at_dateOfCertGen.getId());
+                        if (extBytes != null)
+                        {
+                            dateOfCertgen = ASN1GeneralizedTime.getInstance(ASN1Primitive.fromByteArray(extBytes));
+                        }
+                    }
+                    catch (IOException e)
+                    {
+                        throw new AnnotatedException(
+                            "Date of cert gen extension could not be read.");
+                    }
+                    catch (IllegalArgumentException e)
+                    {
+                        throw new AnnotatedException(
+                            "Date of cert gen extension could not be read.");
+                    }
+                    if (dateOfCertgen != null)
+                    {
+                        try
+                        {
+                            return dateOfCertgen.getDate();
+                        }
+                        catch (ParseException e)
+                        {
+                            throw new AnnotatedException(
+                                "Date from date of cert gen extension could not be parsed.",
+                                e);
+                        }
+                    }
+                    return ((X509Certificate)certPath.getCertificates().get(
+                        index - 1)).getNotBefore();
+                }
+                else
+                {
+                    return ((X509Certificate)certPath.getCertificates().get(
+                        index - 1)).getNotBefore();
+                }
+            }
+        }
+        else
+        {
+            return getValidDate(paramsPKIX);
+        }
+    }
+
+    /**
+     * Return the next working key inheriting DSA parameters if necessary.
+     * <p>
+     * This methods inherits DSA parameters from the indexed certificate or
+     * previous certificates in the certificate chain to the returned
+     * <code>PublicKey</code>. The list is searched upwards, meaning the end
+     * certificate is at position 0 and previous certificates are following.
+     * </p>
+     * <p>
+     * If the indexed certificate does not contain a DSA key this method simply
+     * returns the public key. If the DSA key already contains DSA parameters
+     * the key is also only returned.
+     * </p>
+     *
+     * @param certs The certification path.
+     * @param index The index of the certificate which contains the public key
+     *              which should be extended with DSA parameters.
+     * @return The public key of the certificate in list position
+     *         <code>index</code> extended with DSA parameters if applicable.
+     * @throws AnnotatedException if DSA parameters cannot be inherited.
+     */
+    protected static PublicKey getNextWorkingKey(List certs, int index, JcaJceHelper helper)
+        throws CertPathValidatorException
+    {
+        Certificate cert = (Certificate)certs.get(index);
+        PublicKey pubKey = cert.getPublicKey();
+        if (!(pubKey instanceof DSAPublicKey))
+        {
+            return pubKey;
+        }
+        DSAPublicKey dsaPubKey = (DSAPublicKey)pubKey;
+        if (dsaPubKey.getParams() != null)
+        {
+            return dsaPubKey;
+        }
+        for (int i = index + 1; i < certs.size(); i++)
+        {
+            X509Certificate parentCert = (X509Certificate)certs.get(i);
+            pubKey = parentCert.getPublicKey();
+            if (!(pubKey instanceof DSAPublicKey))
+            {
+                throw new CertPathValidatorException(
+                    "DSA parameters cannot be inherited from previous certificate.");
+            }
+            DSAPublicKey prevDSAPubKey = (DSAPublicKey)pubKey;
+            if (prevDSAPubKey.getParams() == null)
+            {
+                continue;
+            }
+            DSAParams dsaParams = prevDSAPubKey.getParams();
+            DSAPublicKeySpec dsaPubKeySpec = new DSAPublicKeySpec(
+                dsaPubKey.getY(), dsaParams.getP(), dsaParams.getQ(), dsaParams.getG());
+            try
+            {
+                KeyFactory keyFactory = helper.createKeyFactory("DSA");
+                return keyFactory.generatePublic(dsaPubKeySpec);
+            }
+            catch (Exception exception)
+            {
+                throw new RuntimeException(exception.getMessage());
+            }
+        }
+        throw new CertPathValidatorException("DSA parameters cannot be inherited from previous certificate.");
+    }
+
+    /**
+     * Find the issuer certificates of a given certificate.
+     *
+     * @param cert       The certificate for which an issuer should be found.
+     * @return A <code>Collection</code> object containing the issuer
+     *         <code>X509Certificate</code>s. Never <code>null</code>.
+     * @throws AnnotatedException if an error occurs.
+     */
+    static Collection findIssuerCerts(
+        X509Certificate cert,
+        List<CertStore> certStores,
+        List<PKIXCertStore> pkixCertStores)
+        throws AnnotatedException
+    {
+        X509CertSelector selector = new X509CertSelector();
+
+        try
+        {
+            selector.setSubject(PrincipalUtils.getIssuerPrincipal(cert).getEncoded());
+        }
+        catch (IOException e)
+        {
+            throw new AnnotatedException(
+                           "Subject criteria for certificate selector to find issuer certificate could not be set.", e);
+        }
+
+        try
+        {
+            byte[] akiExtensionValue = cert.getExtensionValue(AUTHORITY_KEY_IDENTIFIER);
+            if (akiExtensionValue != null)
+            {
+                ASN1OctetString aki = ASN1OctetString.getInstance(akiExtensionValue);
+                byte[] authorityKeyIdentifier = AuthorityKeyIdentifier.getInstance(aki.getOctets()).getKeyIdentifier();
+                if (authorityKeyIdentifier != null)
+                {
+                    selector.setSubjectKeyIdentifier(new DEROctetString(authorityKeyIdentifier).getEncoded());
+                }
+            }
+        }
+        catch (Exception e)
+        {
+            // authority key identifier could not be retrieved from target cert, just search without it
+        }
+
+        PKIXCertStoreSelector certSelect = new PKIXCertStoreSelector.Builder(selector).build();
+        Set certs = new LinkedHashSet();
+
+        Iterator iter;
+
+        try
+        {
+            List matches = new ArrayList();
+
+            matches.addAll(CertPathValidatorUtilities.findCertificates(certSelect, certStores));
+            matches.addAll(CertPathValidatorUtilities.findCertificates(certSelect, pkixCertStores));
+
+            iter = matches.iterator();
+        }
+        catch (AnnotatedException e)
+        {
+            throw new AnnotatedException("Issuer certificate cannot be searched.", e);
+        }
+
+        X509Certificate issuer = null;
+        while (iter.hasNext())
+        {
+            issuer = (X509Certificate)iter.next();
+            // issuer cannot be verified because possible DSA inheritance
+            // parameters are missing
+            certs.add(issuer);
+        }
+        return certs;
+    }
+
+    protected static void verifyX509Certificate(X509Certificate cert, PublicKey publicKey,
+                                                String sigProvider)
+        throws GeneralSecurityException
+    {
+        if (sigProvider == null)
+        {
+            cert.verify(publicKey);
+        }
+        else
+        {
+            cert.verify(publicKey, sigProvider);
+        }
+    }
+
+    static void checkCRLsNotEmpty(Set crls, Object cert)
+        throws AnnotatedException
+    {
+        if (crls.isEmpty())
+        {
+            if (cert instanceof X509AttributeCertificate)
+            {
+                X509AttributeCertificate aCert = (X509AttributeCertificate)cert;
+
+                throw new AnnotatedException("No CRLs found for issuer \"" + aCert.getIssuer().getPrincipals()[0] + "\"");
+            }
+            else
+            {
+                X509Certificate xCert = (X509Certificate)cert;
+
+                throw new AnnotatedException("No CRLs found for issuer \"" + RFC4519Style.INSTANCE.toString(PrincipalUtils.getIssuerPrincipal(xCert)) + "\"");
+            }
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/CertStatus.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/CertStatus.java
new file mode 100644
index 0000000..f77d108
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/CertStatus.java

@@ -0,0 +1,47 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import java.util.Date;
+
+class CertStatus
+{
+    public static final int UNREVOKED = 11;
+
+    public static final int UNDETERMINED = 12;
+
+    int certStatus = UNREVOKED;
+
+    Date revocationDate = null;
+
+    /**
+     * @return Returns the revocationDate.
+     */
+    public Date getRevocationDate()
+    {
+        return revocationDate;
+    }
+
+    /**
+     * @param revocationDate The revocationDate to set.
+     */
+    public void setRevocationDate(Date revocationDate)
+    {
+        this.revocationDate = revocationDate;
+    }
+
+    /**
+     * @return Returns the certStatus.
+     */
+    public int getCertStatus()
+    {
+        return certStatus;
+    }
+
+    /**
+     * @param certStatus The certStatus to set.
+     */
+    public void setCertStatus(int certStatus)
+    {
+        this.certStatus = certStatus;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/CertStoreCollectionSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/CertStoreCollectionSpi.java
new file mode 100644
index 0000000..ed8856c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/CertStoreCollectionSpi.java

@@ -0,0 +1,108 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import java.security.InvalidAlgorithmParameterException;
+import java.security.cert.CRL;
+import java.security.cert.CRLSelector;
+import java.security.cert.CertSelector;
+import java.security.cert.CertStoreException;
+import java.security.cert.CertStoreParameters;
+import java.security.cert.CertStoreSpi;
+import java.security.cert.Certificate;
+import java.security.cert.CollectionCertStoreParameters;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Iterator;
+import java.util.List;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class CertStoreCollectionSpi extends CertStoreSpi
+{
+    private CollectionCertStoreParameters params;
+
+    public CertStoreCollectionSpi(CertStoreParameters params)
+        throws InvalidAlgorithmParameterException
+    {
+        super(params);
+
+        if (!(params instanceof CollectionCertStoreParameters))
+        {
+            throw new InvalidAlgorithmParameterException("com.android.org.bouncycastle.jce.provider.CertStoreCollectionSpi: parameter must be a CollectionCertStoreParameters object\n" +  params.toString());
+        }
+
+        this.params = (CollectionCertStoreParameters)params;
+    }
+
+    public Collection engineGetCertificates(
+        CertSelector selector)
+        throws CertStoreException 
+    {
+        List        col = new ArrayList();
+        Iterator    iter = params.getCollection().iterator();
+
+        if (selector == null)
+        {
+            while (iter.hasNext())
+            {
+                Object obj = iter.next();
+
+                if (obj instanceof Certificate)
+                {
+                    col.add(obj);
+                }
+            }
+        }
+        else
+        {
+            while (iter.hasNext())
+            {
+                Object obj = iter.next();
+
+                if ((obj instanceof Certificate) && selector.match((Certificate)obj))
+                {
+                    col.add(obj);
+                }
+            }
+        }
+        
+        return col;
+    }
+    
+
+    public Collection engineGetCRLs(
+        CRLSelector selector)
+        throws CertStoreException 
+    {
+        List        col = new ArrayList();
+        Iterator    iter = params.getCollection().iterator();
+
+        if (selector == null)
+        {
+            while (iter.hasNext())
+            {
+                Object obj = iter.next();
+
+                if (obj instanceof CRL)
+                {
+                    col.add(obj);
+                }
+            }
+        }
+        else
+        {
+            while (iter.hasNext())
+            {
+                Object obj = iter.next();
+
+                if ((obj instanceof CRL) && selector.match((CRL)obj))
+                {
+                    col.add(obj);
+                }
+            }
+        }
+        
+        return col;
+    }    
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/DHUtil.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/DHUtil.java
new file mode 100644
index 0000000..f253a00
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/DHUtil.java

@@ -0,0 +1,52 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import java.security.InvalidKeyException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+
+import javax.crypto.interfaces.DHPrivateKey;
+import javax.crypto.interfaces.DHPublicKey;
+
+import com.android.org.bouncycastle.crypto.params.AsymmetricKeyParameter;
+import com.android.org.bouncycastle.crypto.params.DHParameters;
+import com.android.org.bouncycastle.crypto.params.DHPrivateKeyParameters;
+import com.android.org.bouncycastle.crypto.params.DHPublicKeyParameters;
+
+/**
+ * utility class for converting jce/jca DH objects
+ * objects into their org.bouncycastle.crypto counterparts.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DHUtil
+{
+    static public AsymmetricKeyParameter generatePublicKeyParameter(
+        PublicKey    key)
+        throws InvalidKeyException
+    {
+        if (key instanceof DHPublicKey)
+        {
+            DHPublicKey    k = (DHPublicKey)key;
+
+            return new DHPublicKeyParameters(k.getY(),
+                new DHParameters(k.getParams().getP(), k.getParams().getG(), null, k.getParams().getL()));
+        }
+
+        throw new InvalidKeyException("can't identify DH public key.");
+    }
+
+    static public AsymmetricKeyParameter generatePrivateKeyParameter(
+        PrivateKey    key)
+        throws InvalidKeyException
+    {
+        if (key instanceof DHPrivateKey)
+        {
+            DHPrivateKey    k = (DHPrivateKey)key;
+
+            return new DHPrivateKeyParameters(k.getX(),
+                new DHParameters(k.getParams().getP(), k.getParams().getG(), null, k.getParams().getL()));
+        }
+                        
+        throw new InvalidKeyException("can't identify DH private key.");
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/ExtCRLException.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/ExtCRLException.java
new file mode 100644
index 0000000..c130176
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/ExtCRLException.java

@@ -0,0 +1,21 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import java.security.cert.CRLException;
+
+class ExtCRLException
+    extends CRLException
+{
+    Throwable cause;
+
+    ExtCRLException(String message, Throwable cause)
+    {
+        super(message);
+        this.cause = cause;
+    }
+
+    public Throwable getCause()
+    {
+        return cause;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/JCEDHPrivateKey.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/JCEDHPrivateKey.java
new file mode 100644
index 0000000..1c024a8
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/JCEDHPrivateKey.java

@@ -0,0 +1,191 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.math.BigInteger;
+import java.util.Enumeration;
+
+import javax.crypto.interfaces.DHPrivateKey;
+import javax.crypto.spec.DHParameterSpec;
+import javax.crypto.spec.DHPrivateKeySpec;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.pkcs.DHParameter;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x9.DHDomainParameters;
+import com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.params.DHPrivateKeyParameters;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl;
+import com.android.org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class JCEDHPrivateKey
+    implements DHPrivateKey, PKCS12BagAttributeCarrier
+{
+    static final long serialVersionUID = 311058815616901812L;
+    
+    BigInteger      x;
+
+    private DHParameterSpec dhSpec;
+    private PrivateKeyInfo  info;
+
+    private PKCS12BagAttributeCarrier attrCarrier = new PKCS12BagAttributeCarrierImpl();
+
+    protected JCEDHPrivateKey()
+    {
+    }
+
+    JCEDHPrivateKey(
+        DHPrivateKey    key)
+    {
+        this.x = key.getX();
+        this.dhSpec = key.getParams();
+    }
+
+    JCEDHPrivateKey(
+        DHPrivateKeySpec    spec)
+    {
+        this.x = spec.getX();
+        this.dhSpec = new DHParameterSpec(spec.getP(), spec.getG());
+    }
+
+    JCEDHPrivateKey(
+        PrivateKeyInfo  info)
+        throws IOException
+    {
+        ASN1Sequence    seq = ASN1Sequence.getInstance(info.getPrivateKeyAlgorithm().getParameters());
+        ASN1Integer      derX = ASN1Integer.getInstance(info.parsePrivateKey());
+        ASN1ObjectIdentifier id = info.getPrivateKeyAlgorithm().getAlgorithm();
+
+        this.info = info;
+        this.x = derX.getValue();
+
+        if (id.equals(PKCSObjectIdentifiers.dhKeyAgreement))
+        {
+            DHParameter params = DHParameter.getInstance(seq);
+
+            if (params.getL() != null)
+            {
+                this.dhSpec = new DHParameterSpec(params.getP(), params.getG(), params.getL().intValue());
+            }
+            else
+            {
+                this.dhSpec = new DHParameterSpec(params.getP(), params.getG());
+            }
+        }
+        else if (id.equals(X9ObjectIdentifiers.dhpublicnumber))
+        {
+            DHDomainParameters params = DHDomainParameters.getInstance(seq);
+
+            this.dhSpec = new DHParameterSpec(params.getP().getValue(), params.getG().getValue());
+        }
+        else
+        {
+            throw new IllegalArgumentException("unknown algorithm type: " + id);
+        }
+    }
+
+    JCEDHPrivateKey(
+        DHPrivateKeyParameters  params)
+    {
+        this.x = params.getX();
+        this.dhSpec = new DHParameterSpec(params.getParameters().getP(), params.getParameters().getG(), params.getParameters().getL());
+    }
+
+    public String getAlgorithm()
+    {
+        return "DH";
+    }
+
+    /**
+     * return the encoding format we produce in getEncoded().
+     *
+     * @return the string "PKCS#8"
+     */
+    public String getFormat()
+    {
+        return "PKCS#8";
+    }
+
+    /**
+     * Return a PKCS8 representation of the key. The sequence returned
+     * represents a full PrivateKeyInfo object.
+     *
+     * @return a PKCS8 representation of the key.
+     */
+    public byte[] getEncoded()
+    {
+        try
+        {
+            if (info != null)
+            {
+                return info.getEncoded(ASN1Encoding.DER);
+            }
+
+            PrivateKeyInfo          info = new PrivateKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.dhKeyAgreement, new DHParameter(dhSpec.getP(), dhSpec.getG(), dhSpec.getL())), new ASN1Integer(getX()));
+
+            return info.getEncoded(ASN1Encoding.DER);
+        }
+        catch (IOException e)
+        {
+            return null;
+        }
+    }
+
+    public DHParameterSpec getParams()
+    {
+        return dhSpec;
+    }
+
+    public BigInteger getX()
+    {
+        return x;
+    }
+
+    private void readObject(
+        ObjectInputStream   in)
+        throws IOException, ClassNotFoundException
+    {
+        x = (BigInteger)in.readObject();
+
+        this.dhSpec = new DHParameterSpec((BigInteger)in.readObject(), (BigInteger)in.readObject(), in.readInt());
+    }
+
+    private void writeObject(
+        ObjectOutputStream  out)
+        throws IOException
+    {
+        out.writeObject(this.getX());
+        out.writeObject(dhSpec.getP());
+        out.writeObject(dhSpec.getG());
+        out.writeInt(dhSpec.getL());
+    }
+
+    public void setBagAttribute(
+        ASN1ObjectIdentifier oid,
+        ASN1Encodable attribute)
+    {
+        attrCarrier.setBagAttribute(oid, attribute);
+    }
+
+    public ASN1Encodable getBagAttribute(
+        ASN1ObjectIdentifier oid)
+    {
+        return attrCarrier.getBagAttribute(oid);
+    }
+
+    public Enumeration getBagAttributeKeys()
+    {
+        return attrCarrier.getBagAttributeKeys();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/JCEDHPublicKey.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/JCEDHPublicKey.java
new file mode 100644
index 0000000..156ebba
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/JCEDHPublicKey.java

@@ -0,0 +1,182 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.math.BigInteger;
+
+import javax.crypto.interfaces.DHPublicKey;
+import javax.crypto.spec.DHParameterSpec;
+import javax.crypto.spec.DHPublicKeySpec;
+
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.pkcs.DHParameter;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import com.android.org.bouncycastle.asn1.x9.DHDomainParameters;
+import com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.params.DHPublicKeyParameters;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class JCEDHPublicKey
+    implements DHPublicKey
+{
+    static final long serialVersionUID = -216691575254424324L;
+    
+    private BigInteger              y;
+    private DHParameterSpec         dhSpec;
+    private SubjectPublicKeyInfo    info;
+    
+    JCEDHPublicKey(
+        DHPublicKeySpec    spec)
+    {
+        this.y = spec.getY();
+        this.dhSpec = new DHParameterSpec(spec.getP(), spec.getG());
+    }
+
+    JCEDHPublicKey(
+        DHPublicKey    key)
+    {
+        this.y = key.getY();
+        this.dhSpec = key.getParams();
+    }
+
+    JCEDHPublicKey(
+        DHPublicKeyParameters  params)
+    {
+        this.y = params.getY();
+        this.dhSpec = new DHParameterSpec(params.getParameters().getP(), params.getParameters().getG(), params.getParameters().getL());
+    }
+
+    JCEDHPublicKey(
+        BigInteger        y,
+        DHParameterSpec   dhSpec)
+    {
+        this.y = y;
+        this.dhSpec = dhSpec;
+    }
+
+    JCEDHPublicKey(
+        SubjectPublicKeyInfo    info)
+    {
+        this.info = info;
+
+        ASN1Integer              derY;
+        try
+        {
+            derY = (ASN1Integer)info.parsePublicKey();
+        }
+        catch (IOException e)
+        {
+            throw new IllegalArgumentException("invalid info structure in DH public key");
+        }
+
+        this.y = derY.getValue();
+
+        ASN1Sequence seq = ASN1Sequence.getInstance(info.getAlgorithmId().getParameters());
+        ASN1ObjectIdentifier id = info.getAlgorithmId().getAlgorithm();
+
+        // we need the PKCS check to handle older keys marked with the X9 oid.
+        if (id.equals(PKCSObjectIdentifiers.dhKeyAgreement) || isPKCSParam(seq))
+        {
+            DHParameter             params = DHParameter.getInstance(seq);
+
+            if (params.getL() != null)
+            {
+                this.dhSpec = new DHParameterSpec(params.getP(), params.getG(), params.getL().intValue());
+            }
+            else
+            {
+                this.dhSpec = new DHParameterSpec(params.getP(), params.getG());
+            }
+        }
+        else if (id.equals(X9ObjectIdentifiers.dhpublicnumber))
+        {
+            DHDomainParameters params = DHDomainParameters.getInstance(seq);
+
+            this.dhSpec = new DHParameterSpec(params.getP().getValue(), params.getG().getValue());
+        }
+        else
+        {
+            throw new IllegalArgumentException("unknown algorithm type: " + id);
+        }
+    }
+
+    public String getAlgorithm()
+    {
+        return "DH";
+    }
+
+    public String getFormat()
+    {
+        return "X.509";
+    }
+
+    public byte[] getEncoded()
+    {
+        if (info != null)
+        {
+            return KeyUtil.getEncodedSubjectPublicKeyInfo(info);
+        }
+
+        return KeyUtil.getEncodedSubjectPublicKeyInfo(new AlgorithmIdentifier(PKCSObjectIdentifiers.dhKeyAgreement, new DHParameter(dhSpec.getP(), dhSpec.getG(), dhSpec.getL())), new ASN1Integer(y));
+    }
+
+    public DHParameterSpec getParams()
+    {
+        return dhSpec;
+    }
+
+    public BigInteger getY()
+    {
+        return y;
+    }
+
+    private boolean isPKCSParam(ASN1Sequence seq)
+    {
+        if (seq.size() == 2)
+        {
+            return true;
+        }
+        
+        if (seq.size() > 3)
+        {
+            return false;
+        }
+
+        ASN1Integer l = ASN1Integer.getInstance(seq.getObjectAt(2));
+        ASN1Integer p = ASN1Integer.getInstance(seq.getObjectAt(0));
+
+        if (l.getValue().compareTo(BigInteger.valueOf(p.getValue().bitLength())) > 0)
+        {
+            return false;
+        }
+
+        return true;
+    }
+
+    private void readObject(
+        ObjectInputStream   in)
+        throws IOException, ClassNotFoundException
+    {
+        this.y = (BigInteger)in.readObject();
+        this.dhSpec = new DHParameterSpec((BigInteger)in.readObject(), (BigInteger)in.readObject(), in.readInt());
+    }
+
+    private void writeObject(
+        ObjectOutputStream  out)
+        throws IOException
+    {
+        out.writeObject(this.getY());
+        out.writeObject(dhSpec.getP());
+        out.writeObject(dhSpec.getG());
+        out.writeInt(dhSpec.getL());
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/JCEECPrivateKey.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/JCEECPrivateKey.java
new file mode 100644
index 0000000..711240c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/JCEECPrivateKey.java

@@ -0,0 +1,475 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.math.BigInteger;
+import java.security.interfaces.ECPrivateKey;
+import java.security.spec.ECParameterSpec;
+import java.security.spec.ECPoint;
+import java.security.spec.ECPrivateKeySpec;
+import java.security.spec.EllipticCurve;
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.DERNull;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
+import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import com.android.org.bouncycastle.asn1.sec.ECPrivateKeyStructure;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import com.android.org.bouncycastle.asn1.x9.X962Parameters;
+import com.android.org.bouncycastle.asn1.x9.X9ECParameters;
+import com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.params.ECDomainParameters;
+import com.android.org.bouncycastle.crypto.params.ECPrivateKeyParameters;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl;
+import com.android.org.bouncycastle.jce.interfaces.ECPointEncoder;
+import com.android.org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
+import com.android.org.bouncycastle.jce.spec.ECNamedCurveSpec;
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class JCEECPrivateKey
+    implements ECPrivateKey, com.android.org.bouncycastle.jce.interfaces.ECPrivateKey, PKCS12BagAttributeCarrier, ECPointEncoder
+{
+    private String          algorithm = "EC";
+    private BigInteger      d;
+    private ECParameterSpec ecSpec;
+    private boolean         withCompression;
+
+    private DERBitString publicKey;
+
+    private PKCS12BagAttributeCarrierImpl attrCarrier = new PKCS12BagAttributeCarrierImpl();
+
+    protected JCEECPrivateKey()
+    {
+    }
+
+    public JCEECPrivateKey(
+        ECPrivateKey    key)
+    {
+        this.d = key.getS();
+        this.algorithm = key.getAlgorithm();
+        this.ecSpec = key.getParams();
+    }
+
+    public JCEECPrivateKey(
+        String              algorithm,
+        com.android.org.bouncycastle.jce.spec.ECPrivateKeySpec     spec)
+    {
+        this.algorithm = algorithm;
+        this.d = spec.getD();
+
+        if (spec.getParams() != null) // can be null if implicitlyCA
+        {
+            ECCurve curve = spec.getParams().getCurve();
+            EllipticCurve ellipticCurve;
+
+            ellipticCurve = EC5Util.convertCurve(curve, spec.getParams().getSeed());
+
+            this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec.getParams());
+        }
+        else
+        {
+            this.ecSpec = null;
+        }
+    }
+
+
+    public JCEECPrivateKey(
+        String              algorithm,
+        ECPrivateKeySpec    spec)
+    {
+        this.algorithm = algorithm;
+        this.d = spec.getS();
+        this.ecSpec = spec.getParams();
+    }
+
+    public JCEECPrivateKey(
+        String             algorithm,
+        JCEECPrivateKey    key)
+    {
+        this.algorithm = algorithm;
+        this.d = key.d;
+        this.ecSpec = key.ecSpec;
+        this.withCompression = key.withCompression;
+        this.attrCarrier = key.attrCarrier;
+        this.publicKey = key.publicKey;
+    }
+
+    public JCEECPrivateKey(
+        String                  algorithm,
+        ECPrivateKeyParameters  params,
+        JCEECPublicKey          pubKey,
+        ECParameterSpec         spec)
+    {
+        this.algorithm = algorithm;
+        this.d = params.getD();
+
+        if (spec == null)
+        {
+            ECDomainParameters dp = params.getParameters();
+            EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed());
+
+            this.ecSpec = new ECParameterSpec(
+                ellipticCurve,
+                EC5Util.convertPoint(dp.getG()),
+                dp.getN(),
+                dp.getH().intValue());
+        }
+        else
+        {
+            this.ecSpec = spec;
+        }
+
+        publicKey = getPublicKeyDetails(pubKey);
+    }
+
+    public JCEECPrivateKey(
+        String                  algorithm,
+        ECPrivateKeyParameters  params,
+        JCEECPublicKey          pubKey,
+        com.android.org.bouncycastle.jce.spec.ECParameterSpec         spec)
+    {
+        this.algorithm = algorithm;
+        this.d = params.getD();
+
+        if (spec == null)
+        {
+            ECDomainParameters dp = params.getParameters();
+            EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed());
+
+            this.ecSpec = new ECParameterSpec(
+                ellipticCurve,
+                EC5Util.convertPoint(dp.getG()),
+                dp.getN(),
+                dp.getH().intValue());
+        }
+        else
+        {
+            EllipticCurve ellipticCurve = EC5Util.convertCurve(spec.getCurve(), spec.getSeed());
+            
+            this.ecSpec = new ECParameterSpec(
+                ellipticCurve,
+                EC5Util.convertPoint(spec.getG()),
+                spec.getN(),
+                spec.getH().intValue());
+        }
+
+        publicKey = getPublicKeyDetails(pubKey);
+    }
+
+    public JCEECPrivateKey(
+        String                  algorithm,
+        ECPrivateKeyParameters  params)
+    {
+        this.algorithm = algorithm;
+        this.d = params.getD();
+        this.ecSpec = null;
+    }
+
+    JCEECPrivateKey(
+        PrivateKeyInfo      info)
+        throws IOException
+    {
+        populateFromPrivKeyInfo(info);
+    }
+
+    private void populateFromPrivKeyInfo(PrivateKeyInfo info)
+        throws IOException
+    {
+        X962Parameters params = new X962Parameters((ASN1Primitive)info.getPrivateKeyAlgorithm().getParameters());
+
+        if (params.isNamedCurve())
+        {
+            ASN1ObjectIdentifier oid = ASN1ObjectIdentifier.getInstance(params.getParameters());
+            X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
+
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            if (ecP == null) // GOST Curve
+            {
+                ECDomainParameters gParam = ECGOST3410NamedCurves.getByOID(oid);
+                EllipticCurve ellipticCurve = EC5Util.convertCurve(gParam.getCurve(), gParam.getSeed());
+
+                ecSpec = new ECNamedCurveSpec(
+                    ECGOST3410NamedCurves.getName(oid),
+                    ellipticCurve,
+                    EC5Util.convertPoint(gParam.getG()),
+                    gParam.getN(),
+                    gParam.getH());
+            }
+            else
+            */
+            // END Android-removed: Unsupported algorithms
+            {
+                EllipticCurve ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
+
+                ecSpec = new ECNamedCurveSpec(
+                    ECUtil.getCurveName(oid),
+                    ellipticCurve,
+                    EC5Util.convertPoint(ecP.getG()),
+                    ecP.getN(),
+                    ecP.getH());
+            }
+        }
+        else if (params.isImplicitlyCA())
+        {
+            ecSpec = null;
+        }
+        else
+        {
+            X9ECParameters      ecP = X9ECParameters.getInstance(params.getParameters());
+            EllipticCurve       ellipticCurve = EC5Util.convertCurve(ecP.getCurve(), ecP.getSeed());
+
+            this.ecSpec = new ECParameterSpec(
+                ellipticCurve,
+                EC5Util.convertPoint(ecP.getG()),
+                ecP.getN(),
+                ecP.getH().intValue());
+        }
+
+        ASN1Encodable privKey = info.parsePrivateKey();
+        if (privKey instanceof ASN1Integer)
+        {
+            ASN1Integer          derD = ASN1Integer.getInstance(privKey);
+
+            this.d = derD.getValue();
+        }
+        else
+        {
+            ECPrivateKeyStructure ec = new ECPrivateKeyStructure((ASN1Sequence)privKey);
+
+            this.d = ec.getKey();
+            this.publicKey = ec.getPublicKey();
+        }
+    }
+
+    public String getAlgorithm()
+    {
+        return algorithm;
+    }
+
+    /**
+     * return the encoding format we produce in getEncoded().
+     *
+     * @return the string "PKCS#8"
+     */
+    public String getFormat()
+    {
+        return "PKCS#8";
+    }
+
+    /**
+     * Return a PKCS8 representation of the key. The sequence returned
+     * represents a full PrivateKeyInfo object.
+     *
+     * @return a PKCS8 representation of the key.
+     */
+    public byte[] getEncoded()
+    {
+        X962Parameters          params;
+
+        if (ecSpec instanceof ECNamedCurveSpec)
+        {
+            ASN1ObjectIdentifier curveOid = ECUtil.getNamedCurveOid(((ECNamedCurveSpec)ecSpec).getName());
+            if (curveOid == null)  // guess it's the OID
+            {
+                curveOid = new ASN1ObjectIdentifier(((ECNamedCurveSpec)ecSpec).getName());
+            }
+            params = new X962Parameters(curveOid);
+        }
+        else if (ecSpec == null)
+        {
+            params = new X962Parameters(DERNull.INSTANCE);
+        }
+        else
+        {
+            ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
+
+            X9ECParameters ecP = new X9ECParameters(
+                curve,
+                EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression),
+                ecSpec.getOrder(),
+                BigInteger.valueOf(ecSpec.getCofactor()),
+                ecSpec.getCurve().getSeed());
+
+            params = new X962Parameters(ecP);
+        }
+        
+        PrivateKeyInfo          info;
+        ECPrivateKeyStructure keyStructure;
+
+        if (publicKey != null)
+        {
+            keyStructure = new ECPrivateKeyStructure(this.getS(), publicKey, params);
+        }
+        else
+        {
+            keyStructure = new ECPrivateKeyStructure(this.getS(), params);
+        }
+
+        try
+        {
+            // BEGIN Android-removed: Unsupported algorithms
+            // if (algorithm.equals("ECGOST3410"))
+            // {
+            //     info = new PrivateKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params.toASN1Primitive()), keyStructure.toASN1Primitive());
+            // }
+            // else
+            // END Android-removed: Unsupported algorithms
+            {
+
+                info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params.toASN1Primitive()), keyStructure.toASN1Primitive());
+            }
+
+            return info.getEncoded(ASN1Encoding.DER);
+        }
+        catch (IOException e)
+        {
+            return null;
+        }
+    }
+
+    public ECParameterSpec getParams()
+    {
+        return ecSpec;
+    }
+
+    public com.android.org.bouncycastle.jce.spec.ECParameterSpec getParameters()
+    {
+        if (ecSpec == null)
+        {
+            return null;
+        }
+        
+        return EC5Util.convertSpec(ecSpec, withCompression);
+    }
+
+    com.android.org.bouncycastle.jce.spec.ECParameterSpec engineGetSpec()
+    {
+        if (ecSpec != null)
+        {
+            return EC5Util.convertSpec(ecSpec, withCompression);
+        }
+
+        return BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
+    }
+
+    public BigInteger getS()
+    {
+        return d;
+    }
+
+    public BigInteger getD()
+    {
+        return d;
+    }
+    
+    public void setBagAttribute(
+        ASN1ObjectIdentifier oid,
+        ASN1Encodable        attribute)
+    {
+        attrCarrier.setBagAttribute(oid, attribute);
+    }
+
+    public ASN1Encodable getBagAttribute(
+        ASN1ObjectIdentifier oid)
+    {
+        return attrCarrier.getBagAttribute(oid);
+    }
+
+    public Enumeration getBagAttributeKeys()
+    {
+        return attrCarrier.getBagAttributeKeys();
+    }
+
+    public void setPointFormat(String style)
+    {
+       withCompression = !("UNCOMPRESSED".equalsIgnoreCase(style));
+    }
+
+    public boolean equals(Object o)
+    {
+        if (!(o instanceof JCEECPrivateKey))
+        {
+            return false;
+        }
+
+        JCEECPrivateKey other = (JCEECPrivateKey)o;
+
+        return getD().equals(other.getD()) && (engineGetSpec().equals(other.engineGetSpec()));
+    }
+
+    public int hashCode()
+    {
+        return getD().hashCode() ^ engineGetSpec().hashCode();
+    }
+
+    public String toString()
+    {
+        StringBuffer    buf = new StringBuffer();
+        String          nl = Strings.lineSeparator();
+
+        buf.append("EC Private Key").append(nl);
+        buf.append("             S: ").append(this.d.toString(16)).append(nl);
+
+        return buf.toString();
+
+    }
+
+    private DERBitString getPublicKeyDetails(JCEECPublicKey   pub)
+    {
+        try
+        {
+            SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(pub.getEncoded()));
+
+            return info.getPublicKeyData();
+        }
+        catch (IOException e)
+        {   // should never happen
+            return null;
+        }
+    }
+
+    private void readObject(
+        ObjectInputStream in)
+        throws IOException, ClassNotFoundException
+    {
+        byte[] enc = (byte[])in.readObject();
+
+        populateFromPrivKeyInfo(PrivateKeyInfo.getInstance(ASN1Primitive.fromByteArray(enc)));
+
+        this.algorithm = (String)in.readObject();
+        this.withCompression = in.readBoolean();
+        this.attrCarrier = new PKCS12BagAttributeCarrierImpl();
+
+        attrCarrier.readObject(in);
+    }
+
+    private void writeObject(
+        ObjectOutputStream out)
+        throws IOException
+    {
+        out.writeObject(this.getEncoded());
+        out.writeObject(algorithm);
+        out.writeBoolean(withCompression);
+
+        attrCarrier.writeObject(out);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/JCEECPublicKey.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/JCEECPublicKey.java
new file mode 100644
index 0000000..15b07d1
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/JCEECPublicKey.java

@@ -0,0 +1,526 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.math.BigInteger;
+import java.security.interfaces.ECPublicKey;
+import java.security.spec.ECParameterSpec;
+import java.security.spec.ECPoint;
+import java.security.spec.ECPublicKeySpec;
+import java.security.spec.EllipticCurve;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.DERNull;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+// import org.bouncycastle.asn1.cryptopro.ECGOST3410NamedCurves;
+// import org.bouncycastle.asn1.cryptopro.GOST3410PublicKeyAlgParameters;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import com.android.org.bouncycastle.asn1.x9.X962Parameters;
+import com.android.org.bouncycastle.asn1.x9.X9ECParameters;
+import com.android.org.bouncycastle.asn1.x9.X9ECPoint;
+import com.android.org.bouncycastle.asn1.x9.X9IntegerConverter;
+import com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.params.ECDomainParameters;
+import com.android.org.bouncycastle.crypto.params.ECPublicKeyParameters;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.ECUtil;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.KeyUtil;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jce.ECGOST3410NamedCurveTable;
+import com.android.org.bouncycastle.jce.interfaces.ECPointEncoder;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.jce.spec.ECNamedCurveParameterSpec;
+import com.android.org.bouncycastle.jce.spec.ECNamedCurveSpec;
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.custom.sec.SecP256K1Point;
+import com.android.org.bouncycastle.math.ec.custom.sec.SecP256R1Point;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class JCEECPublicKey
+    implements ECPublicKey, com.android.org.bouncycastle.jce.interfaces.ECPublicKey, ECPointEncoder
+{
+    private String                  algorithm = "EC";
+    private com.android.org.bouncycastle.math.ec.ECPoint q;
+    private ECParameterSpec         ecSpec;
+    private boolean                 withCompression;
+    // Android-removed: Unsupported algorithms
+    // private GOST3410PublicKeyAlgParameters       gostParams;
+
+    public JCEECPublicKey(
+        String              algorithm,
+        JCEECPublicKey      key)
+    {
+        this.algorithm = algorithm;
+        this.q = key.q;
+        this.ecSpec = key.ecSpec;
+        this.withCompression = key.withCompression;
+        // Android-removed: Unsupported algorithms
+        // this.gostParams = key.gostParams;
+    }
+    
+    public JCEECPublicKey(
+        String              algorithm,
+        ECPublicKeySpec     spec)
+    {
+        this.algorithm = algorithm;
+        this.ecSpec = spec.getParams();
+        this.q = EC5Util.convertPoint(ecSpec, spec.getW(), false);
+    }
+
+    public JCEECPublicKey(
+        String              algorithm,
+        com.android.org.bouncycastle.jce.spec.ECPublicKeySpec     spec)
+    {
+        this.algorithm = algorithm;
+        this.q = spec.getQ();
+
+        if (spec.getParams() != null) // can be null if implictlyCa
+        {
+            ECCurve curve = spec.getParams().getCurve();
+            EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getParams().getSeed());
+
+            this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec.getParams());
+        }
+        else
+        {
+            if (q.getCurve() == null)
+            {
+                com.android.org.bouncycastle.jce.spec.ECParameterSpec s = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
+
+                q = s.getCurve().createPoint(q.getAffineXCoord().toBigInteger(), q.getAffineYCoord().toBigInteger(), false);
+            }               
+            this.ecSpec = null;
+        }
+    }
+    
+    public JCEECPublicKey(
+        String                  algorithm,
+        ECPublicKeyParameters   params,
+        ECParameterSpec         spec)
+    {
+        ECDomainParameters      dp = params.getParameters();
+
+        this.algorithm = algorithm;
+        this.q = params.getQ();
+
+        if (spec == null)
+        {
+            EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed());
+
+            this.ecSpec = createSpec(ellipticCurve, dp);
+        }
+        else
+        {
+            this.ecSpec = spec;
+        }
+    }
+
+    public JCEECPublicKey(
+        String                  algorithm,
+        ECPublicKeyParameters   params,
+        com.android.org.bouncycastle.jce.spec.ECParameterSpec         spec)
+    {
+        ECDomainParameters      dp = params.getParameters();
+
+        this.algorithm = algorithm;
+        this.q = params.getQ();
+
+        if (spec == null)
+        {
+            EllipticCurve ellipticCurve = EC5Util.convertCurve(dp.getCurve(), dp.getSeed());
+
+            this.ecSpec = createSpec(ellipticCurve, dp);
+        }
+        else
+        {
+            EllipticCurve ellipticCurve = EC5Util.convertCurve(spec.getCurve(), spec.getSeed());
+
+            this.ecSpec = EC5Util.convertSpec(ellipticCurve, spec);
+        }
+    }
+
+    /*
+     * called for implicitCA
+     */
+    public JCEECPublicKey(
+        String                  algorithm,
+        ECPublicKeyParameters   params)
+    {
+        this.algorithm = algorithm;
+        this.q = params.getQ();
+        this.ecSpec = null;
+    }
+
+    private ECParameterSpec createSpec(EllipticCurve ellipticCurve, ECDomainParameters dp)
+    {
+        return new ECParameterSpec(
+            ellipticCurve,
+            EC5Util.convertPoint(dp.getG()),
+            dp.getN(),
+            dp.getH().intValue());
+    }
+
+    public JCEECPublicKey(
+        ECPublicKey     key)
+    {
+        this.algorithm = key.getAlgorithm();
+        this.ecSpec = key.getParams();
+        this.q = EC5Util.convertPoint(this.ecSpec, key.getW(), false);
+    }
+
+    JCEECPublicKey(
+        SubjectPublicKeyInfo    info)
+    {
+        populateFromPubKeyInfo(info);
+    }
+
+    private void populateFromPubKeyInfo(SubjectPublicKeyInfo info)
+    {
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        if (info.getAlgorithmId().getAlgorithm().equals(CryptoProObjectIdentifiers.gostR3410_2001))
+        {
+            DERBitString bits = info.getPublicKeyData();
+            ASN1OctetString key;
+            this.algorithm = "ECGOST3410";
+
+            try
+            {
+                key = (ASN1OctetString) ASN1Primitive.fromByteArray(bits.getBytes());
+            }
+            catch (IOException ex)
+            {
+                throw new IllegalArgumentException("error recovering public key");
+            }
+
+            byte[] keyEnc = key.getOctets();
+
+            byte[] x9Encoding = new byte[65];
+            x9Encoding[0] = 0x04;
+            for (int i = 1; i <= 32; ++i)
+            {
+                x9Encoding[i     ] = keyEnc[32 - i];
+                x9Encoding[i + 32] = keyEnc[64 - i];
+            }
+
+            gostParams = new GOST3410PublicKeyAlgParameters((ASN1Sequence)info.getAlgorithmId().getParameters());
+
+            ECNamedCurveParameterSpec spec = ECGOST3410NamedCurveTable.getParameterSpec(ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()));
+
+            ECCurve curve = spec.getCurve();
+            EllipticCurve ellipticCurve = EC5Util.convertCurve(curve, spec.getSeed());
+
+            this.q = curve.decodePoint(x9Encoding);
+
+            ecSpec = new ECNamedCurveSpec(
+                ECGOST3410NamedCurves.getName(gostParams.getPublicKeyParamSet()),
+                ellipticCurve,
+                EC5Util.convertPoint(spec.getG()),
+                spec.getN(),
+                spec.getH());
+        }
+        else
+        */
+        // END Android-removed: Unsupported algorithms
+        {
+            X962Parameters params = new X962Parameters((ASN1Primitive)info.getAlgorithmId().getParameters());
+            ECCurve                 curve;
+            EllipticCurve           ellipticCurve;
+
+            if (params.isNamedCurve())
+            {
+                ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)params.getParameters();
+                X9ECParameters ecP = ECUtil.getNamedCurveByOid(oid);
+
+                curve = ecP.getCurve();
+                ellipticCurve = EC5Util.convertCurve(curve, ecP.getSeed());
+
+                ecSpec = new ECNamedCurveSpec(
+                    ECUtil.getCurveName(oid),
+                    ellipticCurve,
+                    EC5Util.convertPoint(ecP.getG()),
+                    ecP.getN(),
+                    ecP.getH());
+            }
+            else if (params.isImplicitlyCA())
+            {
+                ecSpec = null;
+                curve = BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa().getCurve();
+            }
+            else
+            {
+                X9ECParameters ecP = X9ECParameters.getInstance(params.getParameters());
+
+                curve = ecP.getCurve();
+                ellipticCurve = EC5Util.convertCurve(curve, ecP.getSeed());
+
+                this.ecSpec = new ECParameterSpec(
+                    ellipticCurve,
+                    EC5Util.convertPoint(ecP.getG()),
+                    ecP.getN(),
+                    ecP.getH().intValue());
+            }
+
+            DERBitString    bits = info.getPublicKeyData();
+            byte[]          data = bits.getBytes();
+            ASN1OctetString key = new DEROctetString(data);
+
+            //
+            // extra octet string - one of our old certs...
+            //
+            if (data[0] == 0x04 && data[1] == data.length - 2
+                && (data[2] == 0x02 || data[2] == 0x03))
+            {
+                int qLength = new X9IntegerConverter().getByteLength(curve);
+
+                if (qLength >= data.length - 3)
+                {
+                    try
+                    {
+                        key = (ASN1OctetString) ASN1Primitive.fromByteArray(data);
+                    }
+                    catch (IOException ex)
+                    {
+                        throw new IllegalArgumentException("error recovering public key");
+                    }
+                }
+            }
+            X9ECPoint derQ = new X9ECPoint(curve, key);
+
+            this.q = derQ.getPoint();
+        }
+    }
+
+    public String getAlgorithm()
+    {
+        return algorithm;
+    }
+
+    public String getFormat()
+    {
+        return "X.509";
+    }
+
+    public byte[] getEncoded()
+    {
+        ASN1Encodable        params;
+        SubjectPublicKeyInfo info;
+
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        if (algorithm.equals("ECGOST3410"))
+        {
+            if (gostParams != null)
+            {
+                params = gostParams;
+            }
+            else
+            {
+                if (ecSpec instanceof ECNamedCurveSpec)
+                {
+                    params = new GOST3410PublicKeyAlgParameters(
+                                   ECGOST3410NamedCurves.getOID(((ECNamedCurveSpec)ecSpec).getName()),
+                                   CryptoProObjectIdentifiers.gostR3411_94_CryptoProParamSet);
+                }
+                else
+                {   // strictly speaking this may not be applicable...
+                    ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
+
+                    X9ECParameters ecP = new X9ECParameters(
+                        curve,
+                        EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression),
+                        ecSpec.getOrder(),
+                        BigInteger.valueOf(ecSpec.getCofactor()),
+                        ecSpec.getCurve().getSeed());
+
+                    params = new X962Parameters(ecP);
+                }
+            }
+
+            BigInteger      bX = this.q.getAffineXCoord().toBigInteger();
+            BigInteger      bY = this.q.getAffineYCoord().toBigInteger();
+            byte[]          encKey = new byte[64];
+
+            extractBytes(encKey, 0, bX);
+            extractBytes(encKey, 32, bY);
+
+            try
+            {
+                info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(CryptoProObjectIdentifiers.gostR3410_2001, params), new DEROctetString(encKey));
+            }
+            catch (IOException e)
+            {
+                return null;
+            }
+        }
+        else
+        */
+        // END Android-removed: Unsupported algorithms
+        {
+            if (ecSpec instanceof ECNamedCurveSpec)
+            {
+                ASN1ObjectIdentifier curveOid = ECUtil.getNamedCurveOid(((ECNamedCurveSpec)ecSpec).getName());
+                if (curveOid == null)
+                {
+                    curveOid = new ASN1ObjectIdentifier(((ECNamedCurveSpec)ecSpec).getName());
+                }
+                params = new X962Parameters(curveOid);
+            }
+            else if (ecSpec == null)
+            {
+                params = new X962Parameters(DERNull.INSTANCE);
+            }
+            else
+            {
+                ECCurve curve = EC5Util.convertCurve(ecSpec.getCurve());
+
+                X9ECParameters ecP = new X9ECParameters(
+                    curve,
+                    EC5Util.convertPoint(curve, ecSpec.getGenerator(), withCompression),
+                    ecSpec.getOrder(),
+                    BigInteger.valueOf(ecSpec.getCofactor()),
+                    ecSpec.getCurve().getSeed());
+
+                params = new X962Parameters(ecP);
+            }
+
+            ECCurve curve = this.engineGetQ().getCurve();
+            ASN1OctetString p = (ASN1OctetString)
+                new X9ECPoint(curve.createPoint(this.getQ().getAffineXCoord().toBigInteger(), this.getQ().getAffineYCoord().toBigInteger(), withCompression)).toASN1Primitive();
+
+            info = new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_ecPublicKey, params), p.getOctets());
+        }
+
+        return KeyUtil.getEncodedSubjectPublicKeyInfo(info);
+    }
+
+    private void extractBytes(byte[] encKey, int offSet, BigInteger bI)
+    {
+        byte[] val = bI.toByteArray();
+        if (val.length < 32)
+        {
+            byte[] tmp = new byte[32];
+            System.arraycopy(val, 0, tmp, tmp.length - val.length, val.length);
+            val = tmp;
+        }
+
+        for (int i = 0; i != 32; i++)
+        {
+            encKey[offSet + i] = val[val.length - 1 - i];
+        }
+    }
+
+    public ECParameterSpec getParams()
+    {
+        return ecSpec;
+    }
+
+    public com.android.org.bouncycastle.jce.spec.ECParameterSpec getParameters()
+    {
+        if (ecSpec == null)     // implictlyCA
+        {
+            return null;
+        }
+
+        return EC5Util.convertSpec(ecSpec, withCompression);
+    }
+
+    public ECPoint getW()
+    {
+        return EC5Util.convertPoint(q);
+    }
+
+    public com.android.org.bouncycastle.math.ec.ECPoint getQ()
+    {
+        if (ecSpec == null)
+        {
+            return q.getDetachedPoint();
+        }
+
+        return q;
+    }
+
+    public com.android.org.bouncycastle.math.ec.ECPoint engineGetQ()
+    {
+        return q;
+    }
+
+    com.android.org.bouncycastle.jce.spec.ECParameterSpec engineGetSpec()
+    {
+        if (ecSpec != null)
+        {
+            return EC5Util.convertSpec(ecSpec, withCompression);
+        }
+
+        return BouncyCastleProvider.CONFIGURATION.getEcImplicitlyCa();
+    }
+
+    public String toString()
+    {
+        StringBuffer    buf = new StringBuffer();
+        String          nl = Strings.lineSeparator();
+
+        buf.append("EC Public Key").append(nl);
+        buf.append("            X: ").append(this.q.getAffineXCoord().toBigInteger().toString(16)).append(nl);
+        buf.append("            Y: ").append(this.q.getAffineYCoord().toBigInteger().toString(16)).append(nl);
+
+        return buf.toString();
+
+    }
+    
+    public void setPointFormat(String style)
+    {
+       withCompression = !("UNCOMPRESSED".equalsIgnoreCase(style));
+    }
+
+    public boolean equals(Object o)
+    {
+        if (!(o instanceof JCEECPublicKey))
+        {
+            return false;
+        }
+
+        JCEECPublicKey other = (JCEECPublicKey)o;
+
+        return engineGetQ().equals(other.engineGetQ()) && (engineGetSpec().equals(other.engineGetSpec()));
+    }
+
+    public int hashCode()
+    {
+        return engineGetQ().hashCode() ^ engineGetSpec().hashCode();
+    }
+
+    private void readObject(
+        ObjectInputStream in)
+        throws IOException, ClassNotFoundException
+    {
+        byte[] enc = (byte[])in.readObject();
+
+        populateFromPubKeyInfo(SubjectPublicKeyInfo.getInstance(ASN1Primitive.fromByteArray(enc)));
+
+        this.algorithm = (String)in.readObject();
+        this.withCompression = in.readBoolean();
+    }
+
+    private void writeObject(
+        ObjectOutputStream out)
+        throws IOException
+    {
+        out.writeObject(this.getEncoded());
+        out.writeObject(algorithm);
+        out.writeBoolean(withCompression);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/JDKDSAPrivateKey.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/JDKDSAPrivateKey.java
new file mode 100644
index 0000000..769928a
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/JDKDSAPrivateKey.java

@@ -0,0 +1,182 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.math.BigInteger;
+import java.security.interfaces.DSAParams;
+import java.security.interfaces.DSAPrivateKey;
+import java.security.spec.DSAParameterSpec;
+import java.security.spec.DSAPrivateKeySpec;
+import java.util.Enumeration;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x509.DSAParameter;
+import com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.params.DSAPrivateKeyParameters;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl;
+import com.android.org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class JDKDSAPrivateKey
+    implements DSAPrivateKey, PKCS12BagAttributeCarrier
+{
+    private static final long serialVersionUID = -4677259546958385734L;
+
+    BigInteger          x;
+    DSAParams           dsaSpec;
+
+    private PKCS12BagAttributeCarrierImpl   attrCarrier = new PKCS12BagAttributeCarrierImpl();
+
+    protected JDKDSAPrivateKey()
+    {
+    }
+
+    JDKDSAPrivateKey(
+        DSAPrivateKey    key)
+    {
+        this.x = key.getX();
+        this.dsaSpec = key.getParams();
+    }
+
+    JDKDSAPrivateKey(
+        DSAPrivateKeySpec    spec)
+    {
+        this.x = spec.getX();
+        this.dsaSpec = new DSAParameterSpec(spec.getP(), spec.getQ(), spec.getG());
+    }
+
+    JDKDSAPrivateKey(
+        PrivateKeyInfo  info)
+        throws IOException
+    {
+        DSAParameter    params = DSAParameter.getInstance(info.getPrivateKeyAlgorithm().getParameters());
+        ASN1Integer      derX = ASN1Integer.getInstance(info.parsePrivateKey());
+
+        this.x = derX.getValue();
+        this.dsaSpec = new DSAParameterSpec(params.getP(), params.getQ(), params.getG());
+    }
+
+    JDKDSAPrivateKey(
+        DSAPrivateKeyParameters  params)
+    {
+        this.x = params.getX();
+        this.dsaSpec = new DSAParameterSpec(params.getParameters().getP(), params.getParameters().getQ(), params.getParameters().getG());
+    }
+
+    public String getAlgorithm()
+    {
+        return "DSA";
+    }
+
+    /**
+     * return the encoding format we produce in getEncoded().
+     *
+     * @return the string "PKCS#8"
+     */
+    public String getFormat()
+    {
+        return "PKCS#8";
+    }
+
+    /**
+     * Return a PKCS8 representation of the key. The sequence returned
+     * represents a full PrivateKeyInfo object.
+     *
+     * @return a PKCS8 representation of the key.
+     */
+    public byte[] getEncoded()
+    {
+        try
+        {
+            PrivateKeyInfo          info = new PrivateKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa, new DSAParameter(dsaSpec.getP(), dsaSpec.getQ(), dsaSpec.getG())), new ASN1Integer(getX()));
+
+            return info.getEncoded(ASN1Encoding.DER);
+        }
+        catch (IOException e)
+        {
+            return null;
+        }
+    }
+
+    public DSAParams getParams()
+    {
+        return dsaSpec;
+    }
+
+    public BigInteger getX()
+    {
+        return x;
+    }
+
+    public boolean equals(
+        Object o)
+    {
+        if (!(o instanceof DSAPrivateKey))
+        {
+            return false;
+        }
+        
+        DSAPrivateKey other = (DSAPrivateKey)o;
+        
+        return this.getX().equals(other.getX()) 
+            && this.getParams().getG().equals(other.getParams().getG()) 
+            && this.getParams().getP().equals(other.getParams().getP()) 
+            && this.getParams().getQ().equals(other.getParams().getQ());
+    }
+
+    public int hashCode()
+    {
+        return this.getX().hashCode() ^ this.getParams().getG().hashCode()
+                ^ this.getParams().getP().hashCode() ^ this.getParams().getQ().hashCode();
+    }
+    
+    public void setBagAttribute(
+        ASN1ObjectIdentifier oid,
+        ASN1Encodable attribute)
+    {
+        attrCarrier.setBagAttribute(oid, attribute);
+    }
+
+    public ASN1Encodable getBagAttribute(
+        ASN1ObjectIdentifier oid)
+    {
+        return attrCarrier.getBagAttribute(oid);
+    }
+
+    public Enumeration getBagAttributeKeys()
+    {
+        return attrCarrier.getBagAttributeKeys();
+    }
+
+    private void readObject(
+        ObjectInputStream in)
+        throws IOException, ClassNotFoundException
+    {
+        this.x = (BigInteger)in.readObject();
+        this.dsaSpec = new DSAParameterSpec((BigInteger)in.readObject(), (BigInteger)in.readObject(), (BigInteger)in.readObject());
+        this.attrCarrier = new PKCS12BagAttributeCarrierImpl();
+        
+        attrCarrier.readObject(in);
+    }
+
+    private void writeObject(
+        ObjectOutputStream out)
+        throws IOException
+    {
+        out.writeObject(x);
+        out.writeObject(dsaSpec.getP());
+        out.writeObject(dsaSpec.getQ());
+        out.writeObject(dsaSpec.getG());
+
+        attrCarrier.writeObject(out);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/JDKDSAPublicKey.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/JDKDSAPublicKey.java
new file mode 100644
index 0000000..330ac63
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/JDKDSAPublicKey.java

@@ -0,0 +1,181 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import java.io.IOException;
+import java.io.ObjectInputStream;
+import java.io.ObjectOutputStream;
+import java.math.BigInteger;
+import java.security.interfaces.DSAParams;
+import java.security.interfaces.DSAPublicKey;
+import java.security.spec.DSAParameterSpec;
+import java.security.spec.DSAPublicKeySpec;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.DERNull;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x509.DSAParameter;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
+import com.android.org.bouncycastle.crypto.params.DSAPublicKeyParameters;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class JDKDSAPublicKey
+    implements DSAPublicKey
+{
+    private static final long serialVersionUID = 1752452449903495175L;
+
+    private BigInteger      y;
+    private DSAParams       dsaSpec;
+
+    JDKDSAPublicKey(
+        DSAPublicKeySpec    spec)
+    {
+        this.y = spec.getY();
+        this.dsaSpec = new DSAParameterSpec(spec.getP(), spec.getQ(), spec.getG());
+    }
+
+    JDKDSAPublicKey(
+        DSAPublicKey    key)
+    {
+        this.y = key.getY();
+        this.dsaSpec = key.getParams();
+    }
+
+    JDKDSAPublicKey(
+        DSAPublicKeyParameters  params)
+    {
+        this.y = params.getY();
+        this.dsaSpec = new DSAParameterSpec(params.getParameters().getP(), params.getParameters().getQ(), params.getParameters().getG());
+    }
+
+    JDKDSAPublicKey(
+        BigInteger        y,
+        DSAParameterSpec  dsaSpec)
+    {
+        this.y = y;
+        this.dsaSpec = dsaSpec;
+    }
+
+    JDKDSAPublicKey(
+        SubjectPublicKeyInfo    info)
+    {
+
+        ASN1Integer              derY;
+
+        try
+        {
+            derY = (ASN1Integer)info.parsePublicKey();
+        }
+        catch (IOException e)
+        {
+            throw new IllegalArgumentException("invalid info structure in DSA public key");
+        }
+
+        this.y = derY.getValue();
+
+        if (isNotNull(info.getAlgorithm().getParameters()))
+        {
+            DSAParameter params = DSAParameter.getInstance(info.getAlgorithm().getParameters());
+            
+            this.dsaSpec = new DSAParameterSpec(params.getP(), params.getQ(), params.getG());
+        }
+    }
+
+    private boolean isNotNull(ASN1Encodable parameters)
+    {
+        return parameters != null && !DERNull.INSTANCE.equals(parameters);
+    }
+
+    public String getAlgorithm()
+    {
+        return "DSA";
+    }
+
+    public String getFormat()
+    {
+        return "X.509";
+    }
+
+    public byte[] getEncoded()
+    {
+        try
+        {
+            if (dsaSpec == null)
+            {
+                return new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa), new ASN1Integer(y)).getEncoded(ASN1Encoding.DER);
+            }
+
+            return new SubjectPublicKeyInfo(new AlgorithmIdentifier(X9ObjectIdentifiers.id_dsa, new DSAParameter(dsaSpec.getP(), dsaSpec.getQ(), dsaSpec.getG())), new ASN1Integer(y)).getEncoded(ASN1Encoding.DER);
+        }
+        catch (IOException e)
+        {
+            return null;
+        }
+    }
+
+    public DSAParams getParams()
+    {
+        return dsaSpec;
+    }
+
+    public BigInteger getY()
+    {
+        return y;
+    }
+
+    public String toString()
+    {
+        StringBuffer    buf = new StringBuffer();
+        String          nl = Strings.lineSeparator();
+
+        buf.append("DSA Public Key").append(nl);
+        buf.append("            y: ").append(this.getY().toString(16)).append(nl);
+
+        return buf.toString();
+    }
+
+    public int hashCode()
+    {
+        return this.getY().hashCode() ^ this.getParams().getG().hashCode() 
+                ^ this.getParams().getP().hashCode() ^ this.getParams().getQ().hashCode();
+    }
+
+    public boolean equals(
+        Object o)
+    {
+        if (!(o instanceof DSAPublicKey))
+        {
+            return false;
+        }
+        
+        DSAPublicKey other = (DSAPublicKey)o;
+        
+        return this.getY().equals(other.getY()) 
+            && this.getParams().getG().equals(other.getParams().getG()) 
+            && this.getParams().getP().equals(other.getParams().getP()) 
+            && this.getParams().getQ().equals(other.getParams().getQ());
+    }
+
+    private void readObject(
+        ObjectInputStream in)
+        throws IOException, ClassNotFoundException
+    {
+        this.y = (BigInteger)in.readObject();
+        this.dsaSpec = new DSAParameterSpec((BigInteger)in.readObject(), (BigInteger)in.readObject(), (BigInteger)in.readObject());
+    }
+
+    private void writeObject(
+        ObjectOutputStream out)
+        throws IOException
+    {
+        out.writeObject(y);
+        out.writeObject(dsaSpec.getP());
+        out.writeObject(dsaSpec.getQ());
+        out.writeObject(dsaSpec.getG());
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/JDKPKCS12StoreParameter.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/JDKPKCS12StoreParameter.java
new file mode 100644
index 0000000..fa0c08b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/JDKPKCS12StoreParameter.java

@@ -0,0 +1,53 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import java.io.OutputStream;
+import java.security.KeyStore;
+import java.security.KeyStore.LoadStoreParameter;
+import java.security.KeyStore.ProtectionParameter;
+
+/**
+ * @deprecated use org.bouncycastle.jcajce.config.PKCS12StoreParameter
+ * @hide This class is not part of the Android public SDK API
+ */
+public class JDKPKCS12StoreParameter implements LoadStoreParameter
+{
+    private OutputStream outputStream;
+    private ProtectionParameter protectionParameter;
+    private boolean useDEREncoding;
+
+    public OutputStream getOutputStream()
+    {
+        return outputStream;
+    }
+
+    public ProtectionParameter getProtectionParameter()
+    {
+        return protectionParameter;
+    }
+
+    public boolean isUseDEREncoding()
+    {
+        return useDEREncoding;
+    }
+
+    public void setOutputStream(OutputStream outputStream)
+    {
+        this.outputStream = outputStream;
+    }
+
+    public void setPassword(char[] password)
+    {
+        this.protectionParameter = new KeyStore.PasswordProtection(password);
+    }
+
+    public void setProtectionParameter(ProtectionParameter protectionParameter)
+    {
+        this.protectionParameter = protectionParameter;
+    }
+
+    public void setUseDEREncoding(boolean useDEREncoding)
+    {
+        this.useDEREncoding = useDEREncoding;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/PEMUtil.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/PEMUtil.java
new file mode 100644
index 0000000..9a6d924
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/PEMUtil.java

@@ -0,0 +1,98 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import java.io.IOException;
+import java.io.InputStream;
+
+import com.android.org.bouncycastle.asn1.ASN1InputStream;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.util.encoders.Base64;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PEMUtil
+{
+    private final String _header1;
+    private final String _header2;
+    private final String _footer1;
+    private final String _footer2;
+
+    PEMUtil(
+        String type)
+    {
+        _header1 = "-----BEGIN " + type + "-----";
+        _header2 = "-----BEGIN X509 " + type + "-----";
+        _footer1 = "-----END " + type + "-----";
+        _footer2 = "-----END X509 " + type + "-----";
+    }
+
+    private String readLine(
+        InputStream in)
+        throws IOException
+    {
+        int             c;
+        StringBuffer    l = new StringBuffer();
+
+        do
+        {
+            while (((c = in.read()) != '\r') && c != '\n' && (c >= 0))
+            {
+                if (c == '\r')
+                {
+                    continue;
+                }
+
+                l.append((char)c);
+            }
+        }
+        while (c >= 0 && l.length() == 0);
+
+        if (c < 0)
+        {
+            return null;
+        }
+
+        return l.toString();
+    }
+
+    ASN1Sequence readPEMObject(
+        InputStream  in)
+        throws IOException
+    {
+        String          line;
+        StringBuffer    pemBuf = new StringBuffer();
+
+        while ((line = readLine(in)) != null)
+        {
+            if (line.startsWith(_header1) || line.startsWith(_header2))
+            {
+                break;
+            }
+        }
+
+        while ((line = readLine(in)) != null)
+        {
+            if (line.startsWith(_footer1) || line.startsWith(_footer2))
+            {
+                break;
+            }
+
+            pemBuf.append(line);
+        }
+
+        if (pemBuf.length() != 0)
+        {
+            ASN1Primitive o = new ASN1InputStream(Base64.decode(pemBuf.toString())).readObject();
+            if (!(o instanceof ASN1Sequence))
+            {
+                throw new IOException("malformed PEM data encountered");
+            }
+
+            return (ASN1Sequence)o;
+        }
+
+        return null;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/PKIXCRLUtil.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/PKIXCRLUtil.java
new file mode 100644
index 0000000..04fd194
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/PKIXCRLUtil.java

@@ -0,0 +1,134 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import java.security.cert.CertStore;
+import java.security.cert.CertStoreException;
+import java.security.cert.X509CRL;
+import java.security.cert.X509Certificate;
+import java.util.Collection;
+import java.util.Date;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Set;
+
+import com.android.org.bouncycastle.jcajce.PKIXCRLStore;
+import com.android.org.bouncycastle.jcajce.PKIXCRLStoreSelector;
+import com.android.org.bouncycastle.util.Store;
+import com.android.org.bouncycastle.util.StoreException;
+
+class PKIXCRLUtil
+{
+    public Set findCRLs(PKIXCRLStoreSelector crlselect, Date validityDate, List certStores, List pkixCrlStores)
+        throws AnnotatedException
+    {
+        Set initialSet = new HashSet();
+
+        // get complete CRL(s)
+        try
+        {
+            initialSet.addAll(findCRLs(crlselect, pkixCrlStores));
+            initialSet.addAll(findCRLs(crlselect, certStores));
+        }
+        catch (AnnotatedException e)
+        {
+            throw new AnnotatedException("Exception obtaining complete CRLs.", e);
+        }
+
+        Set finalSet = new HashSet();
+
+        // based on RFC 5280 6.3.3
+        for (Iterator it = initialSet.iterator(); it.hasNext();)
+        {
+            X509CRL crl = (X509CRL)it.next();
+
+            if (crl.getNextUpdate().after(validityDate))
+            {
+                X509Certificate cert = crlselect.getCertificateChecking();
+
+                if (cert != null)
+                {
+                    if (crl.getThisUpdate().before(cert.getNotAfter()))
+                    {
+                        finalSet.add(crl);
+                    }
+                }
+                else
+                {
+                    finalSet.add(crl);
+                }
+            }
+        }
+
+        return finalSet;
+    }
+
+    /**
+     * Return a Collection of all CRLs found in the X509Store's that are
+     * matching the crlSelect criteriums.
+     *
+     * @param crlSelect a {@link com.android.org.bouncycastle.jcajce.PKIXCRLStoreSelector} object that will be used
+     *            to select the CRLs
+     * @param crlStores a List containing only
+     *            {@link Store} objects.
+     *            These are used to search for CRLs
+     *
+     * @return a Collection of all found {@link java.security.cert.X509CRL X509CRL} objects. May be
+     *         empty but never <code>null</code>.
+     */
+    private final Collection findCRLs(PKIXCRLStoreSelector crlSelect,
+        List crlStores) throws AnnotatedException
+    {
+        Set crls = new HashSet();
+        Iterator iter = crlStores.iterator();
+
+        AnnotatedException lastException = null;
+        boolean foundValidStore = false;
+
+        while (iter.hasNext())
+        {
+            Object obj = iter.next();
+
+            // BEGIN Android-removed: Unknown reason
+            /*
+            if (obj instanceof Store)
+            {
+                Store store = (Store)obj;
+
+                try
+                {
+                    crls.addAll(store.getMatches(crlSelect));
+                    foundValidStore = true;
+                }
+                catch (StoreException e)
+                {
+                    lastException = new AnnotatedException(
+                        "Exception searching in X.509 CRL store.", e);
+                }
+            }
+            else
+            */
+            // END Android-removed: Unknown reason
+            {
+                CertStore store = (CertStore)obj;
+
+                try
+                {
+                    crls.addAll(PKIXCRLStoreSelector.getCRLs(crlSelect, store));
+                    foundValidStore = true;
+                }
+                catch (CertStoreException e)
+                {
+                    lastException = new AnnotatedException(
+                        "Exception searching in X.509 CRL store.", e);
+                }
+            }
+        }
+        if (!foundValidStore && lastException != null)
+        {
+            throw lastException;
+        }
+        return crls;
+    }
+
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/PKIXCertPathBuilderSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/PKIXCertPathBuilderSpi.java
new file mode 100644
index 0000000..1340c7b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/PKIXCertPathBuilderSpi.java

@@ -0,0 +1,282 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import java.security.InvalidAlgorithmParameterException;
+import java.security.cert.CertPath;
+import java.security.cert.CertPathBuilderException;
+import java.security.cert.CertPathBuilderResult;
+import java.security.cert.CertPathBuilderSpi;
+import java.security.cert.CertPathParameters;
+import java.security.cert.CertificateParsingException;
+import java.security.cert.PKIXBuilderParameters;
+import java.security.cert.PKIXCertPathBuilderResult;
+import java.security.cert.PKIXCertPathValidatorResult;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+
+import com.android.org.bouncycastle.asn1.x509.Extension;
+import com.android.org.bouncycastle.jcajce.PKIXCertStore;
+import com.android.org.bouncycastle.jcajce.PKIXCertStoreSelector;
+import com.android.org.bouncycastle.jcajce.PKIXExtendedBuilderParameters;
+import com.android.org.bouncycastle.jcajce.PKIXExtendedParameters;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.x509.CertificateFactory;
+import com.android.org.bouncycastle.jce.exception.ExtCertPathBuilderException;
+import com.android.org.bouncycastle.x509.ExtendedPKIXBuilderParameters;
+import com.android.org.bouncycastle.x509.ExtendedPKIXParameters;
+
+/**
+ * Implements the PKIX CertPathBuilding algorithm for BouncyCastle.
+ * 
+ * @see CertPathBuilderSpi
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PKIXCertPathBuilderSpi
+    extends CertPathBuilderSpi
+{
+    /**
+     * Build and validate a CertPath using the given parameter.
+     * 
+     * @param params PKIXBuilderParameters object containing all information to
+     *            build the CertPath
+     */
+    public CertPathBuilderResult engineBuild(CertPathParameters params)
+        throws CertPathBuilderException, InvalidAlgorithmParameterException
+    {
+        PKIXExtendedBuilderParameters paramsPKIX;
+        if (params instanceof PKIXBuilderParameters)
+        {
+            PKIXExtendedParameters.Builder paramsPKIXBldr = new PKIXExtendedParameters.Builder((PKIXBuilderParameters)params);
+            PKIXExtendedBuilderParameters.Builder paramsBldrPKIXBldr;
+
+            if (params instanceof ExtendedPKIXParameters)
+            {
+                ExtendedPKIXBuilderParameters extPKIX = (ExtendedPKIXBuilderParameters)params;
+
+                for (Iterator it = extPKIX.getAdditionalStores().iterator(); it.hasNext();)
+                {
+                     paramsPKIXBldr.addCertificateStore((PKIXCertStore)it.next());
+                }
+                paramsBldrPKIXBldr  = new PKIXExtendedBuilderParameters.Builder(paramsPKIXBldr.build());
+
+                paramsBldrPKIXBldr.addExcludedCerts(extPKIX.getExcludedCerts());
+                paramsBldrPKIXBldr.setMaxPathLength(extPKIX.getMaxPathLength());
+            }
+            else
+            {
+                paramsBldrPKIXBldr  = new PKIXExtendedBuilderParameters.Builder((PKIXBuilderParameters)params);
+            }
+
+            paramsPKIX = paramsBldrPKIXBldr.build();
+        }
+        else if (params instanceof PKIXExtendedBuilderParameters)
+        {
+            paramsPKIX = (PKIXExtendedBuilderParameters)params;
+        }
+        else
+        {
+            throw new InvalidAlgorithmParameterException(
+                "Parameters must be an instance of "
+                    + PKIXBuilderParameters.class.getName() + " or "
+                    + PKIXExtendedBuilderParameters.class.getName() + ".");
+        }
+
+        Collection targets;
+        Iterator targetIter;
+        List certPathList = new ArrayList();
+        X509Certificate cert;
+
+        // search target certificates
+
+        PKIXCertStoreSelector certSelect = paramsPKIX.getBaseParameters().getTargetConstraints();
+
+        try
+        {
+            targets = CertPathValidatorUtilities.findCertificates(certSelect, paramsPKIX.getBaseParameters().getCertificateStores());
+            targets.addAll(CertPathValidatorUtilities.findCertificates(certSelect, paramsPKIX.getBaseParameters().getCertStores()));
+        }
+        catch (AnnotatedException e)
+        {
+            throw new ExtCertPathBuilderException(
+                "Error finding target certificate.", e);
+        }
+
+        if (targets.isEmpty())
+        {
+
+            throw new CertPathBuilderException(
+                "No certificate found matching targetContraints.");
+        }
+
+        CertPathBuilderResult result = null;
+
+        // check all potential target certificates
+        targetIter = targets.iterator();
+        while (targetIter.hasNext() && result == null)
+        {
+            cert = (X509Certificate) targetIter.next();
+            result = build(cert, paramsPKIX, certPathList);
+        }
+
+        if (result == null && certPathException != null)
+        {
+            if (certPathException instanceof AnnotatedException)
+            {
+                throw new CertPathBuilderException(certPathException.getMessage(), certPathException.getCause());
+            }
+            throw new CertPathBuilderException(
+                "Possible certificate chain could not be validated.",
+                certPathException);
+        }
+
+        if (result == null && certPathException == null)
+        {
+            throw new CertPathBuilderException(
+                "Unable to find certificate chain.");
+        }
+
+        return result;
+    }
+
+    private Exception certPathException;
+
+    protected CertPathBuilderResult build(X509Certificate tbvCert,
+        PKIXExtendedBuilderParameters pkixParams, List tbvPath)
+    {
+        // If tbvCert is readily present in tbvPath, it indicates having run
+        // into a cycle in the
+        // PKI graph.
+        if (tbvPath.contains(tbvCert))
+        {
+            return null;
+        }
+        // step out, the certificate is not allowed to appear in a certification
+        // chain.
+        if (pkixParams.getExcludedCerts().contains(tbvCert))
+        {
+            return null;
+        }
+        // test if certificate path exceeds maximum length
+        if (pkixParams.getMaxPathLength() != -1)
+        {
+            if (tbvPath.size() - 1 > pkixParams.getMaxPathLength())
+            {
+                return null;
+            }
+        }
+
+        tbvPath.add(tbvCert);
+
+        CertificateFactory cFact;
+        PKIXCertPathValidatorSpi validator;
+        CertPathBuilderResult builderResult = null;
+
+        try
+        {
+            cFact = new CertificateFactory();
+            validator = new PKIXCertPathValidatorSpi();
+        }
+        catch (Exception e)
+        {
+            // cannot happen
+            throw new RuntimeException("Exception creating support classes.");
+        }
+
+        try
+        {
+            // check whether the issuer of <tbvCert> is a TrustAnchor
+            if (CertPathValidatorUtilities.isIssuerTrustAnchor(tbvCert, pkixParams.getBaseParameters().getTrustAnchors(),
+                pkixParams.getBaseParameters().getSigProvider()))
+            {
+                // exception message from possibly later tried certification
+                // chains
+                CertPath certPath = null;
+                PKIXCertPathValidatorResult result = null;
+                try
+                {
+                    certPath = cFact.engineGenerateCertPath(tbvPath);
+                }
+                catch (Exception e)
+                {
+                    throw new AnnotatedException(
+                        "Certification path could not be constructed from certificate list.",
+                        e);
+                }
+
+                try
+                {
+                    result = (PKIXCertPathValidatorResult) validator.engineValidate(
+                        certPath, pkixParams);
+                }
+                catch (Exception e)
+                {
+                    throw new AnnotatedException(
+                        "Certification path could not be validated.", e);
+                }
+
+                return new PKIXCertPathBuilderResult(certPath, result
+                    .getTrustAnchor(), result.getPolicyTree(), result
+                    .getPublicKey());
+
+            }
+            else
+            {
+                List stores = new ArrayList();
+
+
+                stores.addAll(pkixParams.getBaseParameters().getCertificateStores());
+
+                // add additional X.509 stores from locations in certificate
+                try
+                {
+                    stores.addAll(CertPathValidatorUtilities.getAdditionalStoresFromAltNames(
+                        tbvCert.getExtensionValue(Extension.issuerAlternativeName.getId()), pkixParams.getBaseParameters().getNamedCertificateStoreMap()));
+                }
+                catch (CertificateParsingException e)
+                {
+                    throw new AnnotatedException(
+                        "No additional X.509 stores can be added from certificate locations.",
+                        e);
+                }
+                Collection issuers = new HashSet();
+                // try to get the issuer certificate from one
+                // of the stores
+                try
+                {
+                    issuers.addAll(CertPathValidatorUtilities.findIssuerCerts(tbvCert, pkixParams.getBaseParameters().getCertStores(), stores));
+                }
+                catch (AnnotatedException e)
+                {
+                    throw new AnnotatedException(
+                        "Cannot find issuer certificate for certificate in certification path.",
+                        e);
+                }
+                if (issuers.isEmpty())
+                {
+                    throw new AnnotatedException(
+                        "No issuer certificate for certificate in certification path found.");
+                }
+                Iterator it = issuers.iterator();
+
+                while (it.hasNext() && builderResult == null)
+                {
+                    X509Certificate issuer = (X509Certificate) it.next();
+                    builderResult = build(issuer, pkixParams, tbvPath);
+                }
+            }
+        }
+        catch (AnnotatedException e)
+        {
+            certPathException = e;
+        }
+        if (builderResult == null)
+        {
+            tbvPath.remove(tbvCert);
+        }
+        return builderResult;
+    }
+
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java
new file mode 100644
index 0000000..f9491f7
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/PKIXCertPathValidatorSpi.java

@@ -0,0 +1,523 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import java.math.BigInteger;
+import java.security.InvalidAlgorithmParameterException;
+import java.security.PublicKey;
+import java.security.cert.CertPath;
+import java.security.cert.CertPathParameters;
+import java.security.cert.CertPathValidatorException;
+import java.security.cert.CertPathValidatorResult;
+import java.security.cert.CertPathValidatorSpi;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.PKIXCertPathChecker;
+import java.security.cert.PKIXCertPathValidatorResult;
+import java.security.cert.PKIXParameters;
+import java.security.cert.TrustAnchor;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Set;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x509.Extension;
+import com.android.org.bouncycastle.asn1.x509.TBSCertificate;
+import com.android.org.bouncycastle.jcajce.PKIXExtendedBuilderParameters;
+import com.android.org.bouncycastle.jcajce.PKIXExtendedParameters;
+import com.android.org.bouncycastle.jcajce.util.BCJcaJceHelper;
+import com.android.org.bouncycastle.jcajce.util.JcaJceHelper;
+import com.android.org.bouncycastle.jce.exception.ExtCertPathValidatorException;
+import com.android.org.bouncycastle.x509.ExtendedPKIXParameters;
+
+/**
+ * CertPathValidatorSpi implementation for X.509 Certificate validation � la RFC
+ * 3280.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PKIXCertPathValidatorSpi
+        extends CertPathValidatorSpi
+{
+    private final JcaJceHelper helper = new BCJcaJceHelper();
+
+    public PKIXCertPathValidatorSpi()
+    {
+    }
+    // BEGIN Android-added: Avoid loading blacklist during class init
+    private static class NoPreloadHolder {
+        private final static CertBlacklist blacklist = new CertBlacklist();
+    }
+    // END Android-added: Avoid loading blacklist during class init
+
+    public CertPathValidatorResult engineValidate(
+            CertPath certPath,
+            CertPathParameters params)
+            throws CertPathValidatorException,
+            InvalidAlgorithmParameterException
+    {
+        PKIXExtendedParameters paramsPKIX;
+        if (params instanceof PKIXParameters)
+        {
+            PKIXExtendedParameters.Builder paramsPKIXBldr = new PKIXExtendedParameters.Builder((PKIXParameters)params);
+
+            if (params instanceof ExtendedPKIXParameters)
+            {
+                ExtendedPKIXParameters extPKIX = (ExtendedPKIXParameters)params;
+
+                paramsPKIXBldr.setUseDeltasEnabled(extPKIX.isUseDeltasEnabled());
+                paramsPKIXBldr.setValidityModel(extPKIX.getValidityModel());
+            }
+
+            paramsPKIX = paramsPKIXBldr.build();
+        }
+        else if (params instanceof PKIXExtendedBuilderParameters)
+        {
+            paramsPKIX = ((PKIXExtendedBuilderParameters)params).getBaseParameters();
+        }
+        else if (params instanceof PKIXExtendedParameters)
+        {
+            paramsPKIX = (PKIXExtendedParameters)params;
+        }
+        else
+        {
+            throw new InvalidAlgorithmParameterException("Parameters must be a " + PKIXParameters.class.getName() + " instance.");
+        }
+
+        if (paramsPKIX.getTrustAnchors() == null)
+        {
+            throw new InvalidAlgorithmParameterException(
+                    "trustAnchors is null, this is not allowed for certification path validation.");
+        }
+
+        //
+        // 6.1.1 - inputs
+        //
+
+        //
+        // (a)
+        //
+        List certs = certPath.getCertificates();
+        int n = certs.size();
+
+        if (certs.isEmpty())
+        {
+            throw new CertPathValidatorException("Certification path is empty.", null, certPath, -1);
+        }
+        // BEGIN Android-added: Support blacklisting known-bad certs
+        {
+            X509Certificate cert = (X509Certificate) certs.get(0);
+
+            if (cert != null) {
+                BigInteger serial = cert.getSerialNumber();
+                if (NoPreloadHolder.blacklist.isSerialNumberBlackListed(serial)) {
+                    // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs
+                    String message = "Certificate revocation of serial 0x" + serial.toString(16);
+                    System.out.println(message);
+                    AnnotatedException e = new AnnotatedException(message);
+                    throw new CertPathValidatorException(e.getMessage(), e, certPath, 0);
+                }
+            }
+        }
+        // END Android-added: Support blacklisting known-bad certs
+
+        //
+        // (b)
+        //
+        // Date validDate = CertPathValidatorUtilities.getValidDate(paramsPKIX);
+
+        //
+        // (c)
+        //
+        Set userInitialPolicySet = paramsPKIX.getInitialPolicies();
+
+        //
+        // (d)
+        // 
+        TrustAnchor trust;
+        try
+        {
+            trust = CertPathValidatorUtilities.findTrustAnchor((X509Certificate) certs.get(certs.size() - 1),
+                    paramsPKIX.getTrustAnchors(), paramsPKIX.getSigProvider());
+
+            if (trust == null)
+            {
+                throw new CertPathValidatorException("Trust anchor for certification path not found.", null, certPath, -1);
+            }
+
+            checkCertificate(trust.getTrustedCert());
+        }
+        catch (AnnotatedException e)
+        {
+            throw new CertPathValidatorException(e.getMessage(), e.getUnderlyingException(), certPath, certs.size() - 1);
+        }
+
+        // RFC 5280 - CRLs must originate from the same trust anchor as the target certificate.
+        paramsPKIX = new PKIXExtendedParameters.Builder(paramsPKIX).setTrustAnchor(trust).build();
+
+        //
+        // (e), (f), (g) are part of the paramsPKIX object.
+        //
+        Iterator certIter;
+        int index = 0;
+        int i;
+        // Certificate for each interation of the validation loop
+        // Signature information for each iteration of the validation loop
+        //
+        // 6.1.2 - setup
+        //
+
+        //
+        // (a)
+        //
+        List[] policyNodes = new ArrayList[n + 1];
+        for (int j = 0; j < policyNodes.length; j++)
+        {
+            policyNodes[j] = new ArrayList();
+        }
+
+        Set policySet = new HashSet();
+
+        policySet.add(RFC3280CertPathUtilities.ANY_POLICY);
+
+        PKIXPolicyNode validPolicyTree = new PKIXPolicyNode(new ArrayList(), 0, policySet, null, new HashSet(),
+                RFC3280CertPathUtilities.ANY_POLICY, false);
+
+        policyNodes[0].add(validPolicyTree);
+
+        //
+        // (b) and (c)
+        //
+        PKIXNameConstraintValidator nameConstraintValidator = new PKIXNameConstraintValidator();
+
+        // (d)
+        //
+        int explicitPolicy;
+        Set acceptablePolicies = new HashSet();
+
+        if (paramsPKIX.isExplicitPolicyRequired())
+        {
+            explicitPolicy = 0;
+        }
+        else
+        {
+            explicitPolicy = n + 1;
+        }
+
+        //
+        // (e)
+        //
+        int inhibitAnyPolicy;
+
+        if (paramsPKIX.isAnyPolicyInhibited())
+        {
+            inhibitAnyPolicy = 0;
+        }
+        else
+        {
+            inhibitAnyPolicy = n + 1;
+        }
+
+        //
+        // (f)
+        //
+        int policyMapping;
+
+        if (paramsPKIX.isPolicyMappingInhibited())
+        {
+            policyMapping = 0;
+        }
+        else
+        {
+            policyMapping = n + 1;
+        }
+
+        //
+        // (g), (h), (i), (j)
+        //
+        PublicKey workingPublicKey;
+        X500Name workingIssuerName;
+
+        X509Certificate sign = trust.getTrustedCert();
+        try
+        {
+            if (sign != null)
+            {
+                workingIssuerName = PrincipalUtils.getSubjectPrincipal(sign);
+                workingPublicKey = sign.getPublicKey();
+            }
+            else
+            {
+                workingIssuerName = PrincipalUtils.getCA(trust);
+                workingPublicKey = trust.getCAPublicKey();
+            }
+        }
+        catch (IllegalArgumentException ex)
+        {
+            throw new ExtCertPathValidatorException("Subject of trust anchor could not be (re)encoded.", ex, certPath,
+                    -1);
+        }
+
+        AlgorithmIdentifier workingAlgId = null;
+        try
+        {
+            workingAlgId = CertPathValidatorUtilities.getAlgorithmIdentifier(workingPublicKey);
+        }
+        catch (CertPathValidatorException e)
+        {
+            throw new ExtCertPathValidatorException(
+                    "Algorithm identifier of public key of trust anchor could not be read.", e, certPath, -1);
+        }
+        ASN1ObjectIdentifier workingPublicKeyAlgorithm = workingAlgId.getAlgorithm();
+        ASN1Encodable workingPublicKeyParameters = workingAlgId.getParameters();
+
+        //
+        // (k)
+        //
+        int maxPathLength = n;
+
+        //
+        // 6.1.3
+        //
+
+        if (paramsPKIX.getTargetConstraints() != null
+                && !paramsPKIX.getTargetConstraints().match((X509Certificate) certs.get(0)))
+        {
+            throw new ExtCertPathValidatorException(
+                    "Target certificate in certification path does not match targetConstraints.", null, certPath, 0);
+        }
+
+        // 
+        // initialize CertPathChecker's
+        //
+        List pathCheckers = paramsPKIX.getCertPathCheckers();
+        certIter = pathCheckers.iterator();
+        while (certIter.hasNext())
+        {
+            ((PKIXCertPathChecker) certIter.next()).init(false);
+        }
+
+        X509Certificate cert = null;
+
+        for (index = certs.size() - 1; index >= 0; index--)
+        {
+            // BEGIN Android-added: Support blacklisting known-bad certs
+            if (NoPreloadHolder.blacklist.isPublicKeyBlackListed(workingPublicKey)) {
+                // emulate CRL exception message in RFC3280CertPathUtilities.checkCRLs
+                String message = "Certificate revocation of public key " + workingPublicKey;
+                System.out.println(message);
+                AnnotatedException e = new AnnotatedException(message);
+                throw new CertPathValidatorException(e.getMessage(), e, certPath, index);
+            }
+            // END Android-added: Support blacklisting known-bad certs
+            // try
+            // {
+            //
+            // i as defined in the algorithm description
+            //
+            i = n - index;
+
+            //
+            // set certificate to be checked in this round
+            // sign and workingPublicKey and workingIssuerName are set
+            // at the end of the for loop and initialized the
+            // first time from the TrustAnchor
+            //
+            cert = (X509Certificate) certs.get(index);
+            boolean verificationAlreadyPerformed = (index == certs.size() - 1);
+
+            try
+            {
+                checkCertificate(cert);
+            }
+            catch (AnnotatedException e)
+            {
+                throw new CertPathValidatorException(e.getMessage(), e.getUnderlyingException(), certPath, index);
+            }
+
+            //
+            // 6.1.3
+            //
+
+            RFC3280CertPathUtilities.processCertA(certPath, paramsPKIX, index, workingPublicKey,
+                verificationAlreadyPerformed, workingIssuerName, sign, helper);
+
+            RFC3280CertPathUtilities.processCertBC(certPath, index, nameConstraintValidator);
+
+            validPolicyTree = RFC3280CertPathUtilities.processCertD(certPath, index, acceptablePolicies,
+                    validPolicyTree, policyNodes, inhibitAnyPolicy);
+
+            validPolicyTree = RFC3280CertPathUtilities.processCertE(certPath, index, validPolicyTree);
+
+            RFC3280CertPathUtilities.processCertF(certPath, index, validPolicyTree, explicitPolicy);
+
+            //
+            // 6.1.4
+            //
+            if (i != n)
+            {
+                if (cert != null && cert.getVersion() == 1)
+                {
+                    // we've found the trust anchor at the top of the path, ignore and keep going
+                    if ((i == 1) && cert.equals(trust.getTrustedCert()))
+                    {
+                        continue;
+                    }
+                    throw new CertPathValidatorException("Version 1 certificates can't be used as CA ones.", null,
+                            certPath, index);
+                }
+
+                RFC3280CertPathUtilities.prepareNextCertA(certPath, index);
+
+                validPolicyTree = RFC3280CertPathUtilities.prepareCertB(certPath, index, policyNodes, validPolicyTree,
+                        policyMapping);
+
+                RFC3280CertPathUtilities.prepareNextCertG(certPath, index, nameConstraintValidator);
+
+                // (h)
+                explicitPolicy = RFC3280CertPathUtilities.prepareNextCertH1(certPath, index, explicitPolicy);
+                policyMapping = RFC3280CertPathUtilities.prepareNextCertH2(certPath, index, policyMapping);
+                inhibitAnyPolicy = RFC3280CertPathUtilities.prepareNextCertH3(certPath, index, inhibitAnyPolicy);
+
+                //
+                // (i)
+                //
+                explicitPolicy = RFC3280CertPathUtilities.prepareNextCertI1(certPath, index, explicitPolicy);
+                policyMapping = RFC3280CertPathUtilities.prepareNextCertI2(certPath, index, policyMapping);
+
+                // (j)
+                inhibitAnyPolicy = RFC3280CertPathUtilities.prepareNextCertJ(certPath, index, inhibitAnyPolicy);
+
+                // (k)
+                RFC3280CertPathUtilities.prepareNextCertK(certPath, index);
+
+                // (l)
+                maxPathLength = RFC3280CertPathUtilities.prepareNextCertL(certPath, index, maxPathLength);
+
+                // (m)
+                maxPathLength = RFC3280CertPathUtilities.prepareNextCertM(certPath, index, maxPathLength);
+
+                // (n)
+                RFC3280CertPathUtilities.prepareNextCertN(certPath, index);
+
+                Set criticalExtensions = cert.getCriticalExtensionOIDs();
+                if (criticalExtensions != null)
+                {
+                    criticalExtensions = new HashSet(criticalExtensions);
+
+                    // these extensions are handled by the algorithm
+                    criticalExtensions.remove(RFC3280CertPathUtilities.KEY_USAGE);
+                    criticalExtensions.remove(RFC3280CertPathUtilities.CERTIFICATE_POLICIES);
+                    criticalExtensions.remove(RFC3280CertPathUtilities.POLICY_MAPPINGS);
+                    criticalExtensions.remove(RFC3280CertPathUtilities.INHIBIT_ANY_POLICY);
+                    criticalExtensions.remove(RFC3280CertPathUtilities.ISSUING_DISTRIBUTION_POINT);
+                    criticalExtensions.remove(RFC3280CertPathUtilities.DELTA_CRL_INDICATOR);
+                    criticalExtensions.remove(RFC3280CertPathUtilities.POLICY_CONSTRAINTS);
+                    criticalExtensions.remove(RFC3280CertPathUtilities.BASIC_CONSTRAINTS);
+                    criticalExtensions.remove(RFC3280CertPathUtilities.SUBJECT_ALTERNATIVE_NAME);
+                    criticalExtensions.remove(RFC3280CertPathUtilities.NAME_CONSTRAINTS);
+                }
+                else
+                {
+                    criticalExtensions = new HashSet();
+                }
+
+                // (o)
+                RFC3280CertPathUtilities.prepareNextCertO(certPath, index, criticalExtensions, pathCheckers);
+                
+                // set signing certificate for next round
+                sign = cert;
+
+                // (c)
+                workingIssuerName = PrincipalUtils.getSubjectPrincipal(sign);
+
+                // (d)
+                try
+                {
+                    workingPublicKey = CertPathValidatorUtilities.getNextWorkingKey(certPath.getCertificates(), index, helper);
+                }
+                catch (CertPathValidatorException e)
+                {
+                    throw new CertPathValidatorException("Next working key could not be retrieved.", e, certPath, index);
+                }
+
+                workingAlgId = CertPathValidatorUtilities.getAlgorithmIdentifier(workingPublicKey);
+                // (f)
+                workingPublicKeyAlgorithm = workingAlgId.getAlgorithm();
+                // (e)
+                workingPublicKeyParameters = workingAlgId.getParameters();
+            }
+        }
+
+        //
+        // 6.1.5 Wrap-up procedure
+        //
+
+        explicitPolicy = RFC3280CertPathUtilities.wrapupCertA(explicitPolicy, cert);
+
+        explicitPolicy = RFC3280CertPathUtilities.wrapupCertB(certPath, index + 1, explicitPolicy);
+
+        //
+        // (c) (d) and (e) are already done
+        //
+
+        //
+        // (f)
+        //
+        Set criticalExtensions = cert.getCriticalExtensionOIDs();
+
+        if (criticalExtensions != null)
+        {
+            criticalExtensions = new HashSet(criticalExtensions);
+            // these extensions are handled by the algorithm
+            criticalExtensions.remove(RFC3280CertPathUtilities.KEY_USAGE);
+            criticalExtensions.remove(RFC3280CertPathUtilities.CERTIFICATE_POLICIES);
+            criticalExtensions.remove(RFC3280CertPathUtilities.POLICY_MAPPINGS);
+            criticalExtensions.remove(RFC3280CertPathUtilities.INHIBIT_ANY_POLICY);
+            criticalExtensions.remove(RFC3280CertPathUtilities.ISSUING_DISTRIBUTION_POINT);
+            criticalExtensions.remove(RFC3280CertPathUtilities.DELTA_CRL_INDICATOR);
+            criticalExtensions.remove(RFC3280CertPathUtilities.POLICY_CONSTRAINTS);
+            criticalExtensions.remove(RFC3280CertPathUtilities.BASIC_CONSTRAINTS);
+            criticalExtensions.remove(RFC3280CertPathUtilities.SUBJECT_ALTERNATIVE_NAME);
+            criticalExtensions.remove(RFC3280CertPathUtilities.NAME_CONSTRAINTS);
+            criticalExtensions.remove(RFC3280CertPathUtilities.CRL_DISTRIBUTION_POINTS);
+            criticalExtensions.remove(Extension.extendedKeyUsage.getId());
+        }
+        else
+        {
+            criticalExtensions = new HashSet();
+        }
+
+        RFC3280CertPathUtilities.wrapupCertF(certPath, index + 1, pathCheckers, criticalExtensions);
+
+        PKIXPolicyNode intersection = RFC3280CertPathUtilities.wrapupCertG(certPath, paramsPKIX, userInitialPolicySet,
+                index + 1, policyNodes, validPolicyTree, acceptablePolicies);
+
+        if ((explicitPolicy > 0) || (intersection != null))
+        {
+            return new PKIXCertPathValidatorResult(trust, intersection, cert.getPublicKey());
+        }
+
+        throw new CertPathValidatorException("Path processing failed on policy.", null, certPath, index);
+    }
+
+    static void checkCertificate(X509Certificate cert)
+        throws AnnotatedException
+    {
+        try
+        {
+            TBSCertificate.getInstance(cert.getTBSCertificate());
+        }
+        catch (CertificateEncodingException e)
+        {
+            throw new AnnotatedException("unable to process TBSCertificate", e);
+        }
+        catch (IllegalArgumentException e)
+        {
+            throw new AnnotatedException(e.getMessage());
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/PKIXNameConstraintValidator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/PKIXNameConstraintValidator.java
new file mode 100644
index 0000000..82550b7
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/PKIXNameConstraintValidator.java

@@ -0,0 +1,1935 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import java.util.Collection;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.Map;
+import java.util.Set;
+
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DERIA5String;
+import com.android.org.bouncycastle.asn1.x509.GeneralName;
+import com.android.org.bouncycastle.asn1.x509.GeneralSubtree;
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Integers;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PKIXNameConstraintValidator
+{
+    private Set excludedSubtreesDN = new HashSet();
+
+    private Set excludedSubtreesDNS = new HashSet();
+
+    private Set excludedSubtreesEmail = new HashSet();
+
+    private Set excludedSubtreesURI = new HashSet();
+
+    private Set excludedSubtreesIP = new HashSet();
+
+    private Set permittedSubtreesDN;
+
+    private Set permittedSubtreesDNS;
+
+    private Set permittedSubtreesEmail;
+
+    private Set permittedSubtreesURI;
+
+    private Set permittedSubtreesIP;
+
+    public PKIXNameConstraintValidator()
+    {
+    }
+
+    private static boolean withinDNSubtree(
+        ASN1Sequence dns,
+        ASN1Sequence subtree)
+    {
+        if (subtree.size() < 1)
+        {
+            return false;
+        }
+
+        if (subtree.size() > dns.size())
+        {
+            return false;
+        }
+
+        for (int j = subtree.size() - 1; j >= 0; j--)
+        {
+            if (!subtree.getObjectAt(j).equals(dns.getObjectAt(j)))
+            {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
+    public void checkPermittedDN(ASN1Sequence dns)
+        throws PKIXNameConstraintValidatorException
+    {
+        checkPermittedDN(permittedSubtreesDN, dns);
+    }
+
+    public void checkExcludedDN(ASN1Sequence dns)
+        throws PKIXNameConstraintValidatorException
+    {
+        checkExcludedDN(excludedSubtreesDN, dns);
+    }
+
+    private void checkPermittedDN(Set permitted, ASN1Sequence dns)
+        throws PKIXNameConstraintValidatorException
+    {
+        if (permitted == null)
+        {
+            return;
+        }
+
+        if (permitted.isEmpty() && dns.size() == 0)
+        {
+            return;
+        }
+        Iterator it = permitted.iterator();
+
+        while (it.hasNext())
+        {
+            ASN1Sequence subtree = (ASN1Sequence)it.next();
+
+            if (withinDNSubtree(dns, subtree))
+            {
+                return;
+            }
+        }
+
+        throw new PKIXNameConstraintValidatorException(
+            "Subject distinguished name is not from a permitted subtree");
+    }
+
+    private void checkExcludedDN(Set excluded, ASN1Sequence dns)
+        throws PKIXNameConstraintValidatorException
+    {
+        if (excluded.isEmpty())
+        {
+            return;
+        }
+
+        Iterator it = excluded.iterator();
+
+        while (it.hasNext())
+        {
+            ASN1Sequence subtree = (ASN1Sequence)it.next();
+
+            if (withinDNSubtree(dns, subtree))
+            {
+                throw new PKIXNameConstraintValidatorException(
+                    "Subject distinguished name is from an excluded subtree");
+            }
+        }
+    }
+
+    private Set intersectDN(Set permitted, Set dns)
+    {
+        Set intersect = new HashSet();
+        for (Iterator it = dns.iterator(); it.hasNext();)
+        {
+            ASN1Sequence dn = ASN1Sequence.getInstance(((GeneralSubtree)it
+                .next()).getBase().getName().toASN1Primitive());
+            if (permitted == null)
+            {
+                if (dn != null)
+                {
+                    intersect.add(dn);
+                }
+            }
+            else
+            {
+                Iterator _iter = permitted.iterator();
+                while (_iter.hasNext())
+                {
+                    ASN1Sequence subtree = (ASN1Sequence)_iter.next();
+
+                    if (withinDNSubtree(dn, subtree))
+                    {
+                        intersect.add(dn);
+                    }
+                    else if (withinDNSubtree(subtree, dn))
+                    {
+                        intersect.add(subtree);
+                    }
+                }
+            }
+        }
+        return intersect;
+    }
+
+    private Set unionDN(Set excluded, ASN1Sequence dn)
+    {
+        if (excluded.isEmpty())
+        {
+            if (dn == null)
+            {
+                return excluded;
+            }
+            excluded.add(dn);
+
+            return excluded;
+        }
+        else
+        {
+            Set intersect = new HashSet();
+
+            Iterator it = excluded.iterator();
+            while (it.hasNext())
+            {
+                ASN1Sequence subtree = (ASN1Sequence)it.next();
+
+                if (withinDNSubtree(dn, subtree))
+                {
+                    intersect.add(subtree);
+                }
+                else if (withinDNSubtree(subtree, dn))
+                {
+                    intersect.add(dn);
+                }
+                else
+                {
+                    intersect.add(subtree);
+                    intersect.add(dn);
+                }
+            }
+
+            return intersect;
+        }
+    }
+
+    private Set intersectEmail(Set permitted, Set emails)
+    {
+        Set intersect = new HashSet();
+        for (Iterator it = emails.iterator(); it.hasNext();)
+        {
+            String email = extractNameAsString(((GeneralSubtree)it.next())
+                .getBase());
+
+            if (permitted == null)
+            {
+                if (email != null)
+                {
+                    intersect.add(email);
+                }
+            }
+            else
+            {
+                Iterator it2 = permitted.iterator();
+                while (it2.hasNext())
+                {
+                    String _permitted = (String)it2.next();
+
+                    intersectEmail(email, _permitted, intersect);
+                }
+            }
+        }
+        return intersect;
+    }
+
+    private Set unionEmail(Set excluded, String email)
+    {
+        if (excluded.isEmpty())
+        {
+            if (email == null)
+            {
+                return excluded;
+            }
+            excluded.add(email);
+            return excluded;
+        }
+        else
+        {
+            Set union = new HashSet();
+
+            Iterator it = excluded.iterator();
+            while (it.hasNext())
+            {
+                String _excluded = (String)it.next();
+
+                unionEmail(_excluded, email, union);
+            }
+
+            return union;
+        }
+    }
+
+    /**
+     * Returns the intersection of the permitted IP ranges in
+     * <code>permitted</code> with <code>ip</code>.
+     *
+     * @param permitted A <code>Set</code> of permitted IP addresses with
+     *                  their subnet mask as byte arrays.
+     * @param ips       The IP address with its subnet mask.
+     * @return The <code>Set</code> of permitted IP ranges intersected with
+     *         <code>ip</code>.
+     */
+    private Set intersectIP(Set permitted, Set ips)
+    {
+        Set intersect = new HashSet();
+        for (Iterator it = ips.iterator(); it.hasNext();)
+        {
+            byte[] ip = ASN1OctetString.getInstance(
+                ((GeneralSubtree)it.next()).getBase().getName()).getOctets();
+            if (permitted == null)
+            {
+                if (ip != null)
+                {
+                    intersect.add(ip);
+                }
+            }
+            else
+            {
+                Iterator it2 = permitted.iterator();
+                while (it2.hasNext())
+                {
+                    byte[] _permitted = (byte[])it2.next();
+                    intersect.addAll(intersectIPRange(_permitted, ip));
+                }
+            }
+        }
+        return intersect;
+    }
+
+    /**
+     * Returns the union of the excluded IP ranges in <code>excluded</code>
+     * with <code>ip</code>.
+     *
+     * @param excluded A <code>Set</code> of excluded IP addresses with their
+     *                 subnet mask as byte arrays.
+     * @param ip       The IP address with its subnet mask.
+     * @return The <code>Set</code> of excluded IP ranges unified with
+     *         <code>ip</code> as byte arrays.
+     */
+    private Set unionIP(Set excluded, byte[] ip)
+    {
+        if (excluded.isEmpty())
+        {
+            if (ip == null)
+            {
+                return excluded;
+            }
+            excluded.add(ip);
+
+            return excluded;
+        }
+        else
+        {
+            Set union = new HashSet();
+
+            Iterator it = excluded.iterator();
+            while (it.hasNext())
+            {
+                byte[] _excluded = (byte[])it.next();
+                union.addAll(unionIPRange(_excluded, ip));
+            }
+
+            return union;
+        }
+    }
+
+    /**
+     * Calculates the union if two IP ranges.
+     *
+     * @param ipWithSubmask1 The first IP address with its subnet mask.
+     * @param ipWithSubmask2 The second IP address with its subnet mask.
+     * @return A <code>Set</code> with the union of both addresses.
+     */
+    private Set unionIPRange(byte[] ipWithSubmask1, byte[] ipWithSubmask2)
+    {
+        Set set = new HashSet();
+
+        // difficult, adding always all IPs is not wrong
+        if (Arrays.areEqual(ipWithSubmask1, ipWithSubmask2))
+        {
+            set.add(ipWithSubmask1);
+        }
+        else
+        {
+            set.add(ipWithSubmask1);
+            set.add(ipWithSubmask2);
+        }
+        return set;
+    }
+
+    /**
+     * Calculates the interesction if two IP ranges.
+     *
+     * @param ipWithSubmask1 The first IP address with its subnet mask.
+     * @param ipWithSubmask2 The second IP address with its subnet mask.
+     * @return A <code>Set</code> with the single IP address with its subnet
+     *         mask as a byte array or an empty <code>Set</code>.
+     */
+    private Set intersectIPRange(byte[] ipWithSubmask1, byte[] ipWithSubmask2)
+    {
+        if (ipWithSubmask1.length != ipWithSubmask2.length)
+        {
+            return Collections.EMPTY_SET;
+        }
+        byte[][] temp = extractIPsAndSubnetMasks(ipWithSubmask1, ipWithSubmask2);
+        byte ip1[] = temp[0];
+        byte subnetmask1[] = temp[1];
+        byte ip2[] = temp[2];
+        byte subnetmask2[] = temp[3];
+
+        byte minMax[][] = minMaxIPs(ip1, subnetmask1, ip2, subnetmask2);
+        byte[] min;
+        byte[] max;
+        max = min(minMax[1], minMax[3]);
+        min = max(minMax[0], minMax[2]);
+
+        // minimum IP address must be bigger than max
+        if (compareTo(min, max) == 1)
+        {
+            return Collections.EMPTY_SET;
+        }
+        // OR keeps all significant bits
+        byte[] ip = or(minMax[0], minMax[2]);
+        byte[] subnetmask = or(subnetmask1, subnetmask2);
+        return Collections.singleton(ipWithSubnetMask(ip, subnetmask));
+    }
+
+    /**
+     * Concatenates the IP address with its subnet mask.
+     *
+     * @param ip         The IP address.
+     * @param subnetMask Its subnet mask.
+     * @return The concatenated IP address with its subnet mask.
+     */
+    private byte[] ipWithSubnetMask(byte[] ip, byte[] subnetMask)
+    {
+        int ipLength = ip.length;
+        byte[] temp = new byte[ipLength * 2];
+        System.arraycopy(ip, 0, temp, 0, ipLength);
+        System.arraycopy(subnetMask, 0, temp, ipLength, ipLength);
+        return temp;
+    }
+
+    /**
+     * Splits the IP addresses and their subnet mask.
+     *
+     * @param ipWithSubmask1 The first IP address with the subnet mask.
+     * @param ipWithSubmask2 The second IP address with the subnet mask.
+     * @return An array with two elements. Each element contains the IP address
+     *         and the subnet mask in this order.
+     */
+    private byte[][] extractIPsAndSubnetMasks(
+        byte[] ipWithSubmask1,
+        byte[] ipWithSubmask2)
+    {
+        int ipLength = ipWithSubmask1.length / 2;
+        byte ip1[] = new byte[ipLength];
+        byte subnetmask1[] = new byte[ipLength];
+        System.arraycopy(ipWithSubmask1, 0, ip1, 0, ipLength);
+        System.arraycopy(ipWithSubmask1, ipLength, subnetmask1, 0, ipLength);
+
+        byte ip2[] = new byte[ipLength];
+        byte subnetmask2[] = new byte[ipLength];
+        System.arraycopy(ipWithSubmask2, 0, ip2, 0, ipLength);
+        System.arraycopy(ipWithSubmask2, ipLength, subnetmask2, 0, ipLength);
+        return new byte[][]
+            {ip1, subnetmask1, ip2, subnetmask2};
+    }
+
+    /**
+     * Based on the two IP addresses and their subnet masks the IP range is
+     * computed for each IP address - subnet mask pair and returned as the
+     * minimum IP address and the maximum address of the range.
+     *
+     * @param ip1         The first IP address.
+     * @param subnetmask1 The subnet mask of the first IP address.
+     * @param ip2         The second IP address.
+     * @param subnetmask2 The subnet mask of the second IP address.
+     * @return A array with two elements. The first/second element contains the
+     *         min and max IP address of the first/second IP address and its
+     *         subnet mask.
+     */
+    private byte[][] minMaxIPs(
+        byte[] ip1,
+        byte[] subnetmask1,
+        byte[] ip2,
+        byte[] subnetmask2)
+    {
+        int ipLength = ip1.length;
+        byte[] min1 = new byte[ipLength];
+        byte[] max1 = new byte[ipLength];
+
+        byte[] min2 = new byte[ipLength];
+        byte[] max2 = new byte[ipLength];
+
+        for (int i = 0; i < ipLength; i++)
+        {
+            min1[i] = (byte)(ip1[i] & subnetmask1[i]);
+            max1[i] = (byte)(ip1[i] & subnetmask1[i] | ~subnetmask1[i]);
+
+            min2[i] = (byte)(ip2[i] & subnetmask2[i]);
+            max2[i] = (byte)(ip2[i] & subnetmask2[i] | ~subnetmask2[i]);
+        }
+
+        return new byte[][]{min1, max1, min2, max2};
+    }
+
+    private void checkPermittedEmail(Set permitted, String email)
+        throws PKIXNameConstraintValidatorException
+    {
+        if (permitted == null)
+        {
+            return;
+        }
+
+        Iterator it = permitted.iterator();
+
+        while (it.hasNext())
+        {
+            String str = ((String)it.next());
+
+            if (emailIsConstrained(email, str))
+            {
+                return;
+            }
+        }
+
+        if (email.length() == 0 && permitted.size() == 0)
+        {
+            return;
+        }
+
+        throw new PKIXNameConstraintValidatorException(
+            "Subject email address is not from a permitted subtree.");
+    }
+
+    private void checkExcludedEmail(Set excluded, String email)
+        throws PKIXNameConstraintValidatorException
+    {
+        if (excluded.isEmpty())
+        {
+            return;
+        }
+
+        Iterator it = excluded.iterator();
+
+        while (it.hasNext())
+        {
+            String str = (String)it.next();
+
+            if (emailIsConstrained(email, str))
+            {
+                throw new PKIXNameConstraintValidatorException(
+                    "Email address is from an excluded subtree.");
+            }
+        }
+    }
+
+    /**
+     * Checks if the IP <code>ip</code> is included in the permitted set
+     * <code>permitted</code>.
+     *
+     * @param permitted A <code>Set</code> of permitted IP addresses with
+     *                  their subnet mask as byte arrays.
+     * @param ip        The IP address.
+     * @throws PKIXNameConstraintValidatorException
+     *          if the IP is not permitted.
+     */
+    private void checkPermittedIP(Set permitted, byte[] ip)
+        throws PKIXNameConstraintValidatorException
+    {
+        if (permitted == null)
+        {
+            return;
+        }
+
+        Iterator it = permitted.iterator();
+
+        while (it.hasNext())
+        {
+            byte[] ipWithSubnet = (byte[])it.next();
+
+            if (isIPConstrained(ip, ipWithSubnet))
+            {
+                return;
+            }
+        }
+        if (ip.length == 0 && permitted.size() == 0)
+        {
+            return;
+        }
+        throw new PKIXNameConstraintValidatorException(
+            "IP is not from a permitted subtree.");
+    }
+
+    /**
+     * Checks if the IP <code>ip</code> is included in the excluded set
+     * <code>excluded</code>.
+     *
+     * @param excluded A <code>Set</code> of excluded IP addresses with their
+     *                 subnet mask as byte arrays.
+     * @param ip       The IP address.
+     * @throws PKIXNameConstraintValidatorException
+     *          if the IP is excluded.
+     */
+    private void checkExcludedIP(Set excluded, byte[] ip)
+        throws PKIXNameConstraintValidatorException
+    {
+        if (excluded.isEmpty())
+        {
+            return;
+        }
+
+        Iterator it = excluded.iterator();
+
+        while (it.hasNext())
+        {
+            byte[] ipWithSubnet = (byte[])it.next();
+
+            if (isIPConstrained(ip, ipWithSubnet))
+            {
+                throw new PKIXNameConstraintValidatorException(
+                    "IP is from an excluded subtree.");
+            }
+        }
+    }
+
+    /**
+     * Checks if the IP address <code>ip</code> is constrained by
+     * <code>constraint</code>.
+     *
+     * @param ip         The IP address.
+     * @param constraint The constraint. This is an IP address concatenated with
+     *                   its subnetmask.
+     * @return <code>true</code> if constrained, <code>false</code>
+     *         otherwise.
+     */
+    private boolean isIPConstrained(byte ip[], byte[] constraint)
+    {
+        int ipLength = ip.length;
+
+        if (ipLength != (constraint.length / 2))
+        {
+            return false;
+        }
+
+        byte[] subnetMask = new byte[ipLength];
+        System.arraycopy(constraint, ipLength, subnetMask, 0, ipLength);
+
+        byte[] permittedSubnetAddress = new byte[ipLength];
+
+        byte[] ipSubnetAddress = new byte[ipLength];
+
+        // the resulting IP address by applying the subnet mask
+        for (int i = 0; i < ipLength; i++)
+        {
+            permittedSubnetAddress[i] = (byte)(constraint[i] & subnetMask[i]);
+            ipSubnetAddress[i] = (byte)(ip[i] & subnetMask[i]);
+        }
+
+        return Arrays.areEqual(permittedSubnetAddress, ipSubnetAddress);
+    }
+
+    private boolean emailIsConstrained(String email, String constraint)
+    {
+        String sub = email.substring(email.indexOf('@') + 1);
+        // a particular mailbox or @domain
+        if (constraint.indexOf('@') != -1)
+        {
+            if (email.equalsIgnoreCase(constraint))
+            {
+                return true;
+            }
+            if (sub.equalsIgnoreCase(constraint.substring(1)))
+            {
+                return true;
+            }
+        }
+        // on particular host
+        else if (!(constraint.charAt(0) == '.'))
+        {
+            if (sub.equalsIgnoreCase(constraint))
+            {
+                return true;
+            }
+        }
+        // address in sub domain
+        else if (withinDomain(sub, constraint))
+        {
+            return true;
+        }
+        return false;
+    }
+
+    private boolean withinDomain(String testDomain, String domain)
+    {
+        String tempDomain = domain;
+        if (tempDomain.startsWith("."))
+        {
+            tempDomain = tempDomain.substring(1);
+        }
+        String[] domainParts = Strings.split(tempDomain, '.');
+        String[] testDomainParts = Strings.split(testDomain, '.');
+        // must have at least one subdomain
+        if (testDomainParts.length <= domainParts.length)
+        {
+            return false;
+        }
+        int d = testDomainParts.length - domainParts.length;
+        for (int i = -1; i < domainParts.length; i++)
+        {
+            if (i == -1)
+            {
+                if (testDomainParts[i + d].equals(""))
+                {
+                    return false;
+                }
+            }
+            else if (!domainParts[i].equalsIgnoreCase(testDomainParts[i + d]))
+            {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    private void checkPermittedDNS(Set permitted, String dns)
+        throws PKIXNameConstraintValidatorException
+    {
+        if (permitted == null)
+        {
+            return;
+        }
+
+        Iterator it = permitted.iterator();
+
+        while (it.hasNext())
+        {
+            String str = ((String)it.next());
+
+            // is sub domain
+            if (withinDomain(dns, str) || dns.equalsIgnoreCase(str))
+            {
+                return;
+            }
+        }
+        if (dns.length() == 0 && permitted.size() == 0)
+        {
+            return;
+        }
+        throw new PKIXNameConstraintValidatorException(
+            "DNS is not from a permitted subtree.");
+    }
+
+    private void checkExcludedDNS(Set excluded, String dns)
+        throws PKIXNameConstraintValidatorException
+    {
+        if (excluded.isEmpty())
+        {
+            return;
+        }
+
+        Iterator it = excluded.iterator();
+
+        while (it.hasNext())
+        {
+            String str = ((String)it.next());
+
+            // is sub domain or the same
+            if (withinDomain(dns, str) || dns.equalsIgnoreCase(str))
+            {
+                throw new PKIXNameConstraintValidatorException(
+                    "DNS is from an excluded subtree.");
+            }
+        }
+    }
+
+    /**
+     * The common part of <code>email1</code> and <code>email2</code> is
+     * added to the union <code>union</code>. If <code>email1</code> and
+     * <code>email2</code> have nothing in common they are added both.
+     *
+     * @param email1 Email address constraint 1.
+     * @param email2 Email address constraint 2.
+     * @param union  The union.
+     */
+    private void unionEmail(String email1, String email2, Set union)
+    {
+        // email1 is a particular address
+        if (email1.indexOf('@') != -1)
+        {
+            String _sub = email1.substring(email1.indexOf('@') + 1);
+            // both are a particular mailbox
+            if (email2.indexOf('@') != -1)
+            {
+                if (email1.equalsIgnoreCase(email2))
+                {
+                    union.add(email1);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+            // email2 specifies a domain
+            else if (email2.startsWith("."))
+            {
+                if (withinDomain(_sub, email2))
+                {
+                    union.add(email2);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+            // email2 specifies a particular host
+            else
+            {
+                if (_sub.equalsIgnoreCase(email2))
+                {
+                    union.add(email2);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+        }
+        // email1 specifies a domain
+        else if (email1.startsWith("."))
+        {
+            if (email2.indexOf('@') != -1)
+            {
+                String _sub = email2.substring(email1.indexOf('@') + 1);
+                if (withinDomain(_sub, email1))
+                {
+                    union.add(email1);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+            // email2 specifies a domain
+            else if (email2.startsWith("."))
+            {
+                if (withinDomain(email1, email2)
+                    || email1.equalsIgnoreCase(email2))
+                {
+                    union.add(email2);
+                }
+                else if (withinDomain(email2, email1))
+                {
+                    union.add(email1);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+            else
+            {
+                if (withinDomain(email2, email1))
+                {
+                    union.add(email1);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+        }
+        // email specifies a host
+        else
+        {
+            if (email2.indexOf('@') != -1)
+            {
+                String _sub = email2.substring(email1.indexOf('@') + 1);
+                if (_sub.equalsIgnoreCase(email1))
+                {
+                    union.add(email1);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+            // email2 specifies a domain
+            else if (email2.startsWith("."))
+            {
+                if (withinDomain(email1, email2))
+                {
+                    union.add(email2);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+            // email2 specifies a particular host
+            else
+            {
+                if (email1.equalsIgnoreCase(email2))
+                {
+                    union.add(email1);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+        }
+    }
+
+    private void unionURI(String email1, String email2, Set union)
+    {
+        // email1 is a particular address
+        if (email1.indexOf('@') != -1)
+        {
+            String _sub = email1.substring(email1.indexOf('@') + 1);
+            // both are a particular mailbox
+            if (email2.indexOf('@') != -1)
+            {
+                if (email1.equalsIgnoreCase(email2))
+                {
+                    union.add(email1);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+            // email2 specifies a domain
+            else if (email2.startsWith("."))
+            {
+                if (withinDomain(_sub, email2))
+                {
+                    union.add(email2);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+            // email2 specifies a particular host
+            else
+            {
+                if (_sub.equalsIgnoreCase(email2))
+                {
+                    union.add(email2);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+        }
+        // email1 specifies a domain
+        else if (email1.startsWith("."))
+        {
+            if (email2.indexOf('@') != -1)
+            {
+                String _sub = email2.substring(email1.indexOf('@') + 1);
+                if (withinDomain(_sub, email1))
+                {
+                    union.add(email1);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+            // email2 specifies a domain
+            else if (email2.startsWith("."))
+            {
+                if (withinDomain(email1, email2)
+                    || email1.equalsIgnoreCase(email2))
+                {
+                    union.add(email2);
+                }
+                else if (withinDomain(email2, email1))
+                {
+                    union.add(email1);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+            else
+            {
+                if (withinDomain(email2, email1))
+                {
+                    union.add(email1);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+        }
+        // email specifies a host
+        else
+        {
+            if (email2.indexOf('@') != -1)
+            {
+                String _sub = email2.substring(email1.indexOf('@') + 1);
+                if (_sub.equalsIgnoreCase(email1))
+                {
+                    union.add(email1);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+            // email2 specifies a domain
+            else if (email2.startsWith("."))
+            {
+                if (withinDomain(email1, email2))
+                {
+                    union.add(email2);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+            // email2 specifies a particular host
+            else
+            {
+                if (email1.equalsIgnoreCase(email2))
+                {
+                    union.add(email1);
+                }
+                else
+                {
+                    union.add(email1);
+                    union.add(email2);
+                }
+            }
+        }
+    }
+
+    private Set intersectDNS(Set permitted, Set dnss)
+    {
+        Set intersect = new HashSet();
+        for (Iterator it = dnss.iterator(); it.hasNext();)
+        {
+            String dns = extractNameAsString(((GeneralSubtree)it.next())
+                .getBase());
+            if (permitted == null)
+            {
+                if (dns != null)
+                {
+                    intersect.add(dns);
+                }
+            }
+            else
+            {
+                Iterator _iter = permitted.iterator();
+                while (_iter.hasNext())
+                {
+                    String _permitted = (String)_iter.next();
+
+                    if (withinDomain(_permitted, dns))
+                    {
+                        intersect.add(_permitted);
+                    }
+                    else if (withinDomain(dns, _permitted))
+                    {
+                        intersect.add(dns);
+                    }
+                }
+            }
+        }
+
+        return intersect;
+    }
+
+    protected Set unionDNS(Set excluded, String dns)
+    {
+        if (excluded.isEmpty())
+        {
+            if (dns == null)
+            {
+                return excluded;
+            }
+            excluded.add(dns);
+
+            return excluded;
+        }
+        else
+        {
+            Set union = new HashSet();
+
+            Iterator _iter = excluded.iterator();
+            while (_iter.hasNext())
+            {
+                String _permitted = (String)_iter.next();
+
+                if (withinDomain(_permitted, dns))
+                {
+                    union.add(dns);
+                }
+                else if (withinDomain(dns, _permitted))
+                {
+                    union.add(_permitted);
+                }
+                else
+                {
+                    union.add(_permitted);
+                    union.add(dns);
+                }
+            }
+
+            return union;
+        }
+    }
+
+    /**
+     * The most restricting part from <code>email1</code> and
+     * <code>email2</code> is added to the intersection <code>intersect</code>.
+     *
+     * @param email1    Email address constraint 1.
+     * @param email2    Email address constraint 2.
+     * @param intersect The intersection.
+     */
+    private void intersectEmail(String email1, String email2, Set intersect)
+    {
+        // email1 is a particular address
+        if (email1.indexOf('@') != -1)
+        {
+            String _sub = email1.substring(email1.indexOf('@') + 1);
+            // both are a particular mailbox
+            if (email2.indexOf('@') != -1)
+            {
+                if (email1.equalsIgnoreCase(email2))
+                {
+                    intersect.add(email1);
+                }
+            }
+            // email2 specifies a domain
+            else if (email2.startsWith("."))
+            {
+                if (withinDomain(_sub, email2))
+                {
+                    intersect.add(email1);
+                }
+            }
+            // email2 specifies a particular host
+            else
+            {
+                if (_sub.equalsIgnoreCase(email2))
+                {
+                    intersect.add(email1);
+                }
+            }
+        }
+        // email specifies a domain
+        else if (email1.startsWith("."))
+        {
+            if (email2.indexOf('@') != -1)
+            {
+                String _sub = email2.substring(email1.indexOf('@') + 1);
+                if (withinDomain(_sub, email1))
+                {
+                    intersect.add(email2);
+                }
+            }
+            // email2 specifies a domain
+            else if (email2.startsWith("."))
+            {
+                if (withinDomain(email1, email2)
+                    || email1.equalsIgnoreCase(email2))
+                {
+                    intersect.add(email1);
+                }
+                else if (withinDomain(email2, email1))
+                {
+                    intersect.add(email2);
+                }
+            }
+            else
+            {
+                if (withinDomain(email2, email1))
+                {
+                    intersect.add(email2);
+                }
+            }
+        }
+        // email1 specifies a host
+        else
+        {
+            if (email2.indexOf('@') != -1)
+            {
+                String _sub = email2.substring(email2.indexOf('@') + 1);
+                if (_sub.equalsIgnoreCase(email1))
+                {
+                    intersect.add(email2);
+                }
+            }
+            // email2 specifies a domain
+            else if (email2.startsWith("."))
+            {
+                if (withinDomain(email1, email2))
+                {
+                    intersect.add(email1);
+                }
+            }
+            // email2 specifies a particular host
+            else
+            {
+                if (email1.equalsIgnoreCase(email2))
+                {
+                    intersect.add(email1);
+                }
+            }
+        }
+    }
+
+    private void checkExcludedURI(Set excluded, String uri)
+        throws PKIXNameConstraintValidatorException
+    {
+        if (excluded.isEmpty())
+        {
+            return;
+        }
+
+        Iterator it = excluded.iterator();
+
+        while (it.hasNext())
+        {
+            String str = ((String)it.next());
+
+            if (isUriConstrained(uri, str))
+            {
+                throw new PKIXNameConstraintValidatorException(
+                    "URI is from an excluded subtree.");
+            }
+        }
+    }
+
+    private Set intersectURI(Set permitted, Set uris)
+    {
+        Set intersect = new HashSet();
+        for (Iterator it = uris.iterator(); it.hasNext();)
+        {
+            String uri = extractNameAsString(((GeneralSubtree)it.next())
+                .getBase());
+            if (permitted == null)
+            {
+                if (uri != null)
+                {
+                    intersect.add(uri);
+                }
+            }
+            else
+            {
+                Iterator _iter = permitted.iterator();
+                while (_iter.hasNext())
+                {
+                    String _permitted = (String)_iter.next();
+                    intersectURI(_permitted, uri, intersect);
+                }
+            }
+        }
+        return intersect;
+    }
+
+    private Set unionURI(Set excluded, String uri)
+    {
+        if (excluded.isEmpty())
+        {
+            if (uri == null)
+            {
+                return excluded;
+            }
+            excluded.add(uri);
+
+            return excluded;
+        }
+        else
+        {
+            Set union = new HashSet();
+
+            Iterator _iter = excluded.iterator();
+            while (_iter.hasNext())
+            {
+                String _excluded = (String)_iter.next();
+
+                unionURI(_excluded, uri, union);
+            }
+
+            return union;
+        }
+    }
+
+    private void intersectURI(String email1, String email2, Set intersect)
+    {
+        // email1 is a particular address
+        if (email1.indexOf('@') != -1)
+        {
+            String _sub = email1.substring(email1.indexOf('@') + 1);
+            // both are a particular mailbox
+            if (email2.indexOf('@') != -1)
+            {
+                if (email1.equalsIgnoreCase(email2))
+                {
+                    intersect.add(email1);
+                }
+            }
+            // email2 specifies a domain
+            else if (email2.startsWith("."))
+            {
+                if (withinDomain(_sub, email2))
+                {
+                    intersect.add(email1);
+                }
+            }
+            // email2 specifies a particular host
+            else
+            {
+                if (_sub.equalsIgnoreCase(email2))
+                {
+                    intersect.add(email1);
+                }
+            }
+        }
+        // email specifies a domain
+        else if (email1.startsWith("."))
+        {
+            if (email2.indexOf('@') != -1)
+            {
+                String _sub = email2.substring(email1.indexOf('@') + 1);
+                if (withinDomain(_sub, email1))
+                {
+                    intersect.add(email2);
+                }
+            }
+            // email2 specifies a domain
+            else if (email2.startsWith("."))
+            {
+                if (withinDomain(email1, email2)
+                    || email1.equalsIgnoreCase(email2))
+                {
+                    intersect.add(email1);
+                }
+                else if (withinDomain(email2, email1))
+                {
+                    intersect.add(email2);
+                }
+            }
+            else
+            {
+                if (withinDomain(email2, email1))
+                {
+                    intersect.add(email2);
+                }
+            }
+        }
+        // email1 specifies a host
+        else
+        {
+            if (email2.indexOf('@') != -1)
+            {
+                String _sub = email2.substring(email2.indexOf('@') + 1);
+                if (_sub.equalsIgnoreCase(email1))
+                {
+                    intersect.add(email2);
+                }
+            }
+            // email2 specifies a domain
+            else if (email2.startsWith("."))
+            {
+                if (withinDomain(email1, email2))
+                {
+                    intersect.add(email1);
+                }
+            }
+            // email2 specifies a particular host
+            else
+            {
+                if (email1.equalsIgnoreCase(email2))
+                {
+                    intersect.add(email1);
+                }
+            }
+        }
+    }
+
+    private void checkPermittedURI(Set permitted, String uri)
+        throws PKIXNameConstraintValidatorException
+    {
+        if (permitted == null)
+        {
+            return;
+        }
+
+        Iterator it = permitted.iterator();
+
+        while (it.hasNext())
+        {
+            String str = ((String)it.next());
+
+            if (isUriConstrained(uri, str))
+            {
+                return;
+            }
+        }
+        if (uri.length() == 0 && permitted.size() == 0)
+        {
+            return;
+        }
+        throw new PKIXNameConstraintValidatorException(
+            "URI is not from a permitted subtree.");
+    }
+
+    private boolean isUriConstrained(String uri, String constraint)
+    {
+        String host = extractHostFromURL(uri);
+        // a host
+        if (!constraint.startsWith("."))
+        {
+            if (host.equalsIgnoreCase(constraint))
+            {
+                return true;
+            }
+        }
+
+        // in sub domain or domain
+        else if (withinDomain(host, constraint))
+        {
+            return true;
+        }
+
+        return false;
+    }
+
+    private static String extractHostFromURL(String url)
+    {
+        // see RFC 1738
+        // remove ':' after protocol, e.g. http:
+        String sub = url.substring(url.indexOf(':') + 1);
+        // extract host from Common Internet Scheme Syntax, e.g. http://
+        if (sub.indexOf("//") != -1)
+        {
+            sub = sub.substring(sub.indexOf("//") + 2);
+        }
+        // first remove port, e.g. http://test.com:21
+        if (sub.lastIndexOf(':') != -1)
+        {
+            sub = sub.substring(0, sub.lastIndexOf(':'));
+        }
+        // remove user and password, e.g. http://john:password@test.com
+        sub = sub.substring(sub.indexOf(':') + 1);
+        sub = sub.substring(sub.indexOf('@') + 1);
+        // remove local parts, e.g. http://test.com/bla
+        if (sub.indexOf('/') != -1)
+        {
+            sub = sub.substring(0, sub.indexOf('/'));
+        }
+        return sub;
+    }
+
+    /**
+     * Checks if the given GeneralName is in the permitted set.
+     *
+     * @param name The GeneralName
+     * @throws PKIXNameConstraintValidatorException
+     *          If the <code>name</code>
+     */
+    public void checkPermitted(GeneralName name)
+        throws PKIXNameConstraintValidatorException
+    {
+        switch (name.getTagNo())
+        {
+            case 1:
+                checkPermittedEmail(permittedSubtreesEmail,
+                    extractNameAsString(name));
+                break;
+            case 2:
+                checkPermittedDNS(permittedSubtreesDNS, DERIA5String.getInstance(
+                    name.getName()).getString());
+                break;
+            case 4:
+                checkPermittedDN(ASN1Sequence.getInstance(name.getName()
+                    .toASN1Primitive()));
+                break;
+            case 6:
+                checkPermittedURI(permittedSubtreesURI, DERIA5String.getInstance(
+                    name.getName()).getString());
+                break;
+            case 7:
+                byte[] ip = ASN1OctetString.getInstance(name.getName()).getOctets();
+
+                checkPermittedIP(permittedSubtreesIP, ip);
+        }
+    }
+
+    /**
+     * Check if the given GeneralName is contained in the excluded set.
+     *
+     * @param name The GeneralName.
+     * @throws PKIXNameConstraintValidatorException
+     *          If the <code>name</code> is
+     *          excluded.
+     */
+    public void checkExcluded(GeneralName name)
+        throws PKIXNameConstraintValidatorException
+    {
+        switch (name.getTagNo())
+        {
+            case 1:
+                checkExcludedEmail(excludedSubtreesEmail, extractNameAsString(name));
+                break;
+            case 2:
+                checkExcludedDNS(excludedSubtreesDNS, DERIA5String.getInstance(
+                    name.getName()).getString());
+                break;
+            case 4:
+                checkExcludedDN(ASN1Sequence.getInstance(name.getName()
+                    .toASN1Primitive()));
+                break;
+            case 6:
+                checkExcludedURI(excludedSubtreesURI, DERIA5String.getInstance(
+                    name.getName()).getString());
+                break;
+            case 7:
+                byte[] ip = ASN1OctetString.getInstance(name.getName()).getOctets();
+
+                checkExcludedIP(excludedSubtreesIP, ip);
+        }
+    }
+
+    public void intersectPermittedSubtree(GeneralSubtree permitted)
+    {
+        intersectPermittedSubtree(new GeneralSubtree[] { permitted });
+    }
+
+    /**
+     * Updates the permitted set of these name constraints with the intersection
+     * with the given subtree.
+     *
+     * @param permitted The permitted subtrees
+     */
+
+    public void intersectPermittedSubtree(GeneralSubtree[] permitted)
+    {
+        Map subtreesMap = new HashMap();
+
+        // group in sets in a map ordered by tag no.
+        for (int i = 0; i != permitted.length; i++)
+        {
+            GeneralSubtree subtree = permitted[i];
+            Integer tagNo = Integers.valueOf(subtree.getBase().getTagNo());
+            if (subtreesMap.get(tagNo) == null)
+            {
+                subtreesMap.put(tagNo, new HashSet());
+            }
+            ((Set)subtreesMap.get(tagNo)).add(subtree);
+        }
+
+        for (Iterator it = subtreesMap.entrySet().iterator(); it.hasNext();)
+        {
+            Map.Entry entry = (Map.Entry)it.next();
+
+            // go through all subtree groups
+            switch (((Integer)entry.getKey()).intValue())
+            {
+                case 1:
+                    permittedSubtreesEmail = intersectEmail(permittedSubtreesEmail,
+                        (Set)entry.getValue());
+                    break;
+                case 2:
+                    permittedSubtreesDNS = intersectDNS(permittedSubtreesDNS,
+                        (Set)entry.getValue());
+                    break;
+                case 4:
+                    permittedSubtreesDN = intersectDN(permittedSubtreesDN,
+                        (Set)entry.getValue());
+                    break;
+                case 6:
+                    permittedSubtreesURI = intersectURI(permittedSubtreesURI,
+                        (Set)entry.getValue());
+                    break;
+                case 7:
+                    permittedSubtreesIP = intersectIP(permittedSubtreesIP,
+                        (Set)entry.getValue());
+            }
+        }
+    }
+
+    private String extractNameAsString(GeneralName name)
+    {
+        return DERIA5String.getInstance(name.getName()).getString();
+    }
+
+    public void intersectEmptyPermittedSubtree(int nameType)
+    {
+        switch (nameType)
+        {
+        case 1:
+            permittedSubtreesEmail = new HashSet();
+            break;
+        case 2:
+            permittedSubtreesDNS = new HashSet();
+            break;
+        case 4:
+            permittedSubtreesDN = new HashSet();
+            break;
+        case 6:
+            permittedSubtreesURI = new HashSet();
+            break;
+        case 7:
+            permittedSubtreesIP = new HashSet();
+        }
+    }
+
+    /**
+     * Adds a subtree to the excluded set of these name constraints.
+     *
+     * @param subtree A subtree with an excluded GeneralName.
+     */
+    public void addExcludedSubtree(GeneralSubtree subtree)
+    {
+        GeneralName base = subtree.getBase();
+
+        switch (base.getTagNo())
+        {
+            case 1:
+                excludedSubtreesEmail = unionEmail(excludedSubtreesEmail,
+                    extractNameAsString(base));
+                break;
+            case 2:
+                excludedSubtreesDNS = unionDNS(excludedSubtreesDNS,
+                    extractNameAsString(base));
+                break;
+            case 4:
+                excludedSubtreesDN = unionDN(excludedSubtreesDN,
+                    (ASN1Sequence)base.getName().toASN1Primitive());
+                break;
+            case 6:
+                excludedSubtreesURI = unionURI(excludedSubtreesURI,
+                    extractNameAsString(base));
+                break;
+            case 7:
+                excludedSubtreesIP = unionIP(excludedSubtreesIP, ASN1OctetString
+                    .getInstance(base.getName()).getOctets());
+                break;
+        }
+    }
+
+    /**
+     * Returns the maximum IP address.
+     *
+     * @param ip1 The first IP address.
+     * @param ip2 The second IP address.
+     * @return The maximum IP address.
+     */
+    private static byte[] max(byte[] ip1, byte[] ip2)
+    {
+        for (int i = 0; i < ip1.length; i++)
+        {
+            if ((ip1[i] & 0xFFFF) > (ip2[i] & 0xFFFF))
+            {
+                return ip1;
+            }
+        }
+        return ip2;
+    }
+
+    /**
+     * Returns the minimum IP address.
+     *
+     * @param ip1 The first IP address.
+     * @param ip2 The second IP address.
+     * @return The minimum IP address.
+     */
+    private static byte[] min(byte[] ip1, byte[] ip2)
+    {
+        for (int i = 0; i < ip1.length; i++)
+        {
+            if ((ip1[i] & 0xFFFF) < (ip2[i] & 0xFFFF))
+            {
+                return ip1;
+            }
+        }
+        return ip2;
+    }
+
+    /**
+     * Compares IP address <code>ip1</code> with <code>ip2</code>. If ip1
+     * is equal to ip2 0 is returned. If ip1 is bigger 1 is returned, -1
+     * otherwise.
+     *
+     * @param ip1 The first IP address.
+     * @param ip2 The second IP address.
+     * @return 0 if ip1 is equal to ip2, 1 if ip1 is bigger, -1 otherwise.
+     */
+    private static int compareTo(byte[] ip1, byte[] ip2)
+    {
+        if (Arrays.areEqual(ip1, ip2))
+        {
+            return 0;
+        }
+        if (Arrays.areEqual(max(ip1, ip2), ip1))
+        {
+            return 1;
+        }
+        return -1;
+    }
+
+    /**
+     * Returns the logical OR of the IP addresses <code>ip1</code> and
+     * <code>ip2</code>.
+     *
+     * @param ip1 The first IP address.
+     * @param ip2 The second IP address.
+     * @return The OR of <code>ip1</code> and <code>ip2</code>.
+     */
+    private static byte[] or(byte[] ip1, byte[] ip2)
+    {
+        byte[] temp = new byte[ip1.length];
+        for (int i = 0; i < ip1.length; i++)
+        {
+            temp[i] = (byte)(ip1[i] | ip2[i]);
+        }
+        return temp;
+    }
+
+    public int hashCode()
+    {
+        return hashCollection(excludedSubtreesDN)
+            + hashCollection(excludedSubtreesDNS)
+            + hashCollection(excludedSubtreesEmail)
+            + hashCollection(excludedSubtreesIP)
+            + hashCollection(excludedSubtreesURI)
+            + hashCollection(permittedSubtreesDN)
+            + hashCollection(permittedSubtreesDNS)
+            + hashCollection(permittedSubtreesEmail)
+            + hashCollection(permittedSubtreesIP)
+            + hashCollection(permittedSubtreesURI);
+    }
+
+    private int hashCollection(Collection coll)
+    {
+        if (coll == null)
+        {
+            return 0;
+        }
+        int hash = 0;
+        Iterator it1 = coll.iterator();
+        while (it1.hasNext())
+        {
+            Object o = it1.next();
+            if (o instanceof byte[])
+            {
+                hash += Arrays.hashCode((byte[])o);
+            }
+            else
+            {
+                hash += o.hashCode();
+            }
+        }
+        return hash;
+    }
+
+    public boolean equals(Object o)
+    {
+        if (!(o instanceof PKIXNameConstraintValidator))
+        {
+            return false;
+        }
+        PKIXNameConstraintValidator constraintValidator = (PKIXNameConstraintValidator)o;
+        return collectionsAreEqual(constraintValidator.excludedSubtreesDN, excludedSubtreesDN)
+            && collectionsAreEqual(constraintValidator.excludedSubtreesDNS, excludedSubtreesDNS)
+            && collectionsAreEqual(constraintValidator.excludedSubtreesEmail, excludedSubtreesEmail)
+            && collectionsAreEqual(constraintValidator.excludedSubtreesIP, excludedSubtreesIP)
+            && collectionsAreEqual(constraintValidator.excludedSubtreesURI, excludedSubtreesURI)
+            && collectionsAreEqual(constraintValidator.permittedSubtreesDN, permittedSubtreesDN)
+            && collectionsAreEqual(constraintValidator.permittedSubtreesDNS, permittedSubtreesDNS)
+            && collectionsAreEqual(constraintValidator.permittedSubtreesEmail, permittedSubtreesEmail)
+            && collectionsAreEqual(constraintValidator.permittedSubtreesIP, permittedSubtreesIP)
+            && collectionsAreEqual(constraintValidator.permittedSubtreesURI, permittedSubtreesURI);
+    }
+
+    private boolean collectionsAreEqual(Collection coll1, Collection coll2)
+    {
+        if (coll1 == coll2)
+        {
+            return true;
+        }
+        if (coll1 == null || coll2 == null)
+        {
+            return false;
+        }
+        if (coll1.size() != coll2.size())
+        {
+            return false;
+        }
+        Iterator it1 = coll1.iterator();
+
+        while (it1.hasNext())
+        {
+            Object a = it1.next();
+            Iterator it2 = coll2.iterator();
+            boolean found = false;
+            while (it2.hasNext())
+            {
+                Object b = it2.next();
+                if (equals(a, b))
+                {
+                    found = true;
+                    break;
+                }
+            }
+            if (!found)
+            {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    private boolean equals(Object o1, Object o2)
+    {
+        if (o1 == o2)
+        {
+            return true;
+        }
+        if (o1 == null || o2 == null)
+        {
+            return false;
+        }
+        if (o1 instanceof byte[] && o2 instanceof byte[])
+        {
+            return Arrays.areEqual((byte[])o1, (byte[])o2);
+        }
+        else
+        {
+            return o1.equals(o2);
+        }
+    }
+
+    /**
+     * Stringifies an IPv4 or v6 address with subnet mask.
+     *
+     * @param ip The IP with subnet mask.
+     * @return The stringified IP address.
+     */
+    private String stringifyIP(byte[] ip)
+    {
+        String temp = "";
+        for (int i = 0; i < ip.length / 2; i++)
+        {
+            temp += Integer.toString(ip[i] & 0x00FF) + ".";
+        }
+        temp = temp.substring(0, temp.length() - 1);
+        temp += "/";
+        for (int i = ip.length / 2; i < ip.length; i++)
+        {
+            temp += Integer.toString(ip[i] & 0x00FF) + ".";
+        }
+        temp = temp.substring(0, temp.length() - 1);
+        return temp;
+    }
+
+    private String stringifyIPCollection(Set ips)
+    {
+        String temp = "";
+        temp += "[";
+        for (Iterator it = ips.iterator(); it.hasNext();)
+        {
+            temp += stringifyIP((byte[])it.next()) + ",";
+        }
+        if (temp.length() > 1)
+        {
+            temp = temp.substring(0, temp.length() - 1);
+        }
+        temp += "]";
+        return temp;
+    }
+
+    public String toString()
+    {
+        String temp = "";
+        temp += "permitted:\n";
+        if (permittedSubtreesDN != null)
+        {
+            temp += "DN:\n";
+            temp += permittedSubtreesDN.toString() + "\n";
+        }
+        if (permittedSubtreesDNS != null)
+        {
+            temp += "DNS:\n";
+            temp += permittedSubtreesDNS.toString() + "\n";
+        }
+        if (permittedSubtreesEmail != null)
+        {
+            temp += "Email:\n";
+            temp += permittedSubtreesEmail.toString() + "\n";
+        }
+        if (permittedSubtreesURI != null)
+        {
+            temp += "URI:\n";
+            temp += permittedSubtreesURI.toString() + "\n";
+        }
+        if (permittedSubtreesIP != null)
+        {
+            temp += "IP:\n";
+            temp += stringifyIPCollection(permittedSubtreesIP) + "\n";
+        }
+        temp += "excluded:\n";
+        if (!excludedSubtreesDN.isEmpty())
+        {
+            temp += "DN:\n";
+            temp += excludedSubtreesDN.toString() + "\n";
+        }
+        if (!excludedSubtreesDNS.isEmpty())
+        {
+            temp += "DNS:\n";
+            temp += excludedSubtreesDNS.toString() + "\n";
+        }
+        if (!excludedSubtreesEmail.isEmpty())
+        {
+            temp += "Email:\n";
+            temp += excludedSubtreesEmail.toString() + "\n";
+        }
+        if (!excludedSubtreesURI.isEmpty())
+        {
+            temp += "URI:\n";
+            temp += excludedSubtreesURI.toString() + "\n";
+        }
+        if (!excludedSubtreesIP.isEmpty())
+        {
+            temp += "IP:\n";
+            temp += stringifyIPCollection(excludedSubtreesIP) + "\n";
+        }
+        return temp;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/PKIXNameConstraintValidatorException.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/PKIXNameConstraintValidatorException.java
new file mode 100644
index 0000000..767767c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/PKIXNameConstraintValidatorException.java

@@ -0,0 +1,14 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PKIXNameConstraintValidatorException
+    extends Exception
+{
+    public PKIXNameConstraintValidatorException(String msg)
+    {
+        super(msg);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/PKIXPolicyNode.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/PKIXPolicyNode.java
new file mode 100644
index 0000000..76da2ba
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/PKIXPolicyNode.java

@@ -0,0 +1,177 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import java.security.cert.PolicyNode;
+import java.util.ArrayList;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Set;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PKIXPolicyNode
+    implements PolicyNode
+{
+    protected List       children;
+    protected int        depth;
+    protected Set        expectedPolicies;
+    protected PolicyNode parent;
+    protected Set        policyQualifiers;
+    protected String     validPolicy;
+    protected boolean    critical;
+    
+    /*  
+     *  
+     *  CONSTRUCTORS
+     *  
+     */ 
+    
+    public PKIXPolicyNode(
+        List       _children,
+        int        _depth,
+        Set        _expectedPolicies,
+        PolicyNode _parent,
+        Set        _policyQualifiers,
+        String     _validPolicy,
+        boolean    _critical)
+    {
+        children         = _children;
+        depth            = _depth;
+        expectedPolicies = _expectedPolicies;
+        parent           = _parent;
+        policyQualifiers = _policyQualifiers;
+        validPolicy      = _validPolicy;
+        critical         = _critical;
+    }
+    
+    public void addChild(
+        PKIXPolicyNode _child)
+    {
+        children.add(_child);
+        _child.setParent(this);
+    }
+    
+    public Iterator getChildren()
+    {
+        return children.iterator();
+    }
+    
+    public int getDepth()
+    {
+        return depth;
+    }
+    
+    public Set getExpectedPolicies()
+    {
+        return expectedPolicies;
+    }
+    
+    public PolicyNode getParent()
+    {
+        return parent;
+    }
+    
+    public Set getPolicyQualifiers()
+    {
+        return policyQualifiers;
+    }
+    
+    public String getValidPolicy()
+    {
+        return validPolicy;
+    }
+    
+    public boolean hasChildren()
+    {
+        return !children.isEmpty();
+    }
+    
+    public boolean isCritical()
+    {
+        return critical;
+    }
+    
+    public void removeChild(PKIXPolicyNode _child)
+    {
+        children.remove(_child);
+    }
+    
+    public void setCritical(boolean _critical)
+    {
+        critical = _critical;
+    }
+    
+    public void setParent(PKIXPolicyNode _parent)
+    {
+        parent = _parent;
+    }
+    
+    public String toString()
+    {
+        return toString("");
+    }
+    
+    public String toString(String _indent)
+    {
+        StringBuffer _buf = new StringBuffer();
+        _buf.append(_indent);
+        _buf.append(validPolicy);
+        _buf.append(" {\n");
+        
+        for(int i = 0; i < children.size(); i++)
+        {
+            _buf.append(((PKIXPolicyNode)children.get(i)).toString(_indent + "    "));
+        }
+        
+        _buf.append(_indent);
+        _buf.append("}\n");
+        return _buf.toString();
+    }
+    
+    public Object clone()
+    {
+        return copy();
+    }
+    
+    public PKIXPolicyNode copy()
+    {
+        Set     _expectedPolicies = new HashSet();
+        Iterator _iter = expectedPolicies.iterator();
+        while (_iter.hasNext())
+        {
+            _expectedPolicies.add(new String((String)_iter.next()));
+        }
+        
+        Set     _policyQualifiers = new HashSet();
+        _iter = policyQualifiers.iterator();
+        while (_iter.hasNext())
+        {
+            _policyQualifiers.add(new String((String)_iter.next()));
+        }
+        
+        PKIXPolicyNode _node = new PKIXPolicyNode(new ArrayList(),
+                                                  depth,
+                                                  _expectedPolicies,
+                                                  null,
+                                                  _policyQualifiers,
+                                                  new String(validPolicy),
+                                                  critical);
+        
+        _iter = children.iterator();
+        while (_iter.hasNext())
+        {
+            PKIXPolicyNode _child = ((PKIXPolicyNode)_iter.next()).copy();
+            _child.setParent(_node);
+            _node.addChild(_child);
+        }
+        
+        return _node;
+    }
+
+    public void setExpectedPolicies(Set expectedPolicies)
+    {
+        this.expectedPolicies = expectedPolicies;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/PrincipalUtils.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/PrincipalUtils.java
new file mode 100644
index 0000000..d4a7e46
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/PrincipalUtils.java

@@ -0,0 +1,54 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import java.security.cert.TrustAnchor;
+import java.security.cert.X509CRL;
+import java.security.cert.X509CRLEntry;
+import java.security.cert.X509Certificate;
+
+import javax.security.auth.x500.X500Principal;
+
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+import com.android.org.bouncycastle.x509.X509AttributeCertificate;
+
+class PrincipalUtils
+{
+    static X500Name getSubjectPrincipal(X509Certificate cert)
+    {
+        return X500Name.getInstance(cert.getSubjectX500Principal().getEncoded());
+    }
+
+    static X500Name getIssuerPrincipal(X509CRL crl)
+    {
+        return X500Name.getInstance(crl.getIssuerX500Principal().getEncoded());
+    }
+
+    static X500Name getIssuerPrincipal(X509Certificate cert)
+    {
+        return X500Name.getInstance(cert.getIssuerX500Principal().getEncoded());
+    }
+
+    static X500Name getCA(TrustAnchor trustAnchor)
+    {
+        return X500Name.getInstance(trustAnchor.getCA().getEncoded());
+    }
+
+    /**
+     * Returns the issuer of an attribute certificate or certificate.
+     *
+     * @param cert The attribute certificate or certificate.
+     * @return The issuer as <code>X500Principal</code>.
+     */
+    static X500Name getEncodedIssuerPrincipal(
+        Object cert)
+    {
+        if (cert instanceof X509Certificate)
+        {
+            return getIssuerPrincipal((X509Certificate)cert);
+        }
+        else
+        {
+            return X500Name.getInstance(((X500Principal)((X509AttributeCertificate)cert).getIssuer().getPrincipals()[0]).getEncoded());
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/RFC3280CertPathUtilities.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/RFC3280CertPathUtilities.java
new file mode 100644
index 0000000..8256c6d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/RFC3280CertPathUtilities.java

@@ -0,0 +1,2616 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import java.io.IOException;
+import java.math.BigInteger;
+import java.security.GeneralSecurityException;
+import java.security.PublicKey;
+import java.security.cert.CertPath;
+import java.security.cert.CertPathBuilderException;
+import java.security.cert.CertPathValidatorException;
+import java.security.cert.CertificateExpiredException;
+import java.security.cert.CertificateNotYetValidException;
+import java.security.cert.PKIXCertPathChecker;
+import java.security.cert.X509CRL;
+import java.security.cert.X509CRLSelector;
+import java.security.cert.X509CertSelector;
+import java.security.cert.X509Certificate;
+import java.security.cert.X509Extension;
+import java.text.SimpleDateFormat;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Date;
+import java.util.Enumeration;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Map;
+import java.util.Set;
+import java.util.TimeZone;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1InputStream;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1String;
+import com.android.org.bouncycastle.asn1.ASN1TaggedObject;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.x500.RDN;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+import com.android.org.bouncycastle.asn1.x500.style.BCStyle;
+import com.android.org.bouncycastle.asn1.x509.BasicConstraints;
+import com.android.org.bouncycastle.asn1.x509.CRLDistPoint;
+import com.android.org.bouncycastle.asn1.x509.CRLReason;
+import com.android.org.bouncycastle.asn1.x509.DistributionPoint;
+import com.android.org.bouncycastle.asn1.x509.DistributionPointName;
+import com.android.org.bouncycastle.asn1.x509.Extension;
+import com.android.org.bouncycastle.asn1.x509.GeneralName;
+import com.android.org.bouncycastle.asn1.x509.GeneralNames;
+import com.android.org.bouncycastle.asn1.x509.GeneralSubtree;
+import com.android.org.bouncycastle.asn1.x509.IssuingDistributionPoint;
+import com.android.org.bouncycastle.asn1.x509.NameConstraints;
+import com.android.org.bouncycastle.asn1.x509.PolicyInformation;
+import com.android.org.bouncycastle.jcajce.PKIXCRLStore;
+import com.android.org.bouncycastle.jcajce.PKIXCRLStoreSelector;
+import com.android.org.bouncycastle.jcajce.PKIXCertStoreSelector;
+import com.android.org.bouncycastle.jcajce.PKIXExtendedBuilderParameters;
+import com.android.org.bouncycastle.jcajce.PKIXExtendedParameters;
+import com.android.org.bouncycastle.jcajce.util.JcaJceHelper;
+import com.android.org.bouncycastle.jce.exception.ExtCertPathValidatorException;
+import com.android.org.bouncycastle.util.Arrays;
+
+class RFC3280CertPathUtilities
+{
+    private static final PKIXCRLUtil CRL_UTIL = new PKIXCRLUtil();
+
+    /**
+     * If the complete CRL includes an issuing distribution point (IDP) CRL
+     * extension check the following:
+     * <p>
+     * (i) If the distribution point name is present in the IDP CRL extension
+     * and the distribution field is present in the DP, then verify that one of
+     * the names in the IDP matches one of the names in the DP. If the
+     * distribution point name is present in the IDP CRL extension and the
+     * distribution field is omitted from the DP, then verify that one of the
+     * names in the IDP matches one of the names in the cRLIssuer field of the
+     * DP.
+     * </p>
+     * <p>
+     * (ii) If the onlyContainsUserCerts boolean is asserted in the IDP CRL
+     * extension, verify that the certificate does not include the basic
+     * constraints extension with the cA boolean asserted.
+     * </p>
+     * <p>
+     * (iii) If the onlyContainsCACerts boolean is asserted in the IDP CRL
+     * extension, verify that the certificate includes the basic constraints
+     * extension with the cA boolean asserted.
+     * </p>
+     * <p>
+     * (iv) Verify that the onlyContainsAttributeCerts boolean is not asserted.
+     * </p>
+     *
+     * @param dp   The distribution point.
+     * @param cert The certificate.
+     * @param crl  The CRL.
+     * @throws AnnotatedException if one of the conditions is not met or an error occurs.
+     */
+    protected static void processCRLB2(
+        DistributionPoint dp,
+        Object cert,
+        X509CRL crl)
+        throws AnnotatedException
+    {
+        IssuingDistributionPoint idp = null;
+        try
+        {
+            idp = IssuingDistributionPoint.getInstance(CertPathValidatorUtilities.getExtensionValue(crl,
+                RFC3280CertPathUtilities.ISSUING_DISTRIBUTION_POINT));
+        }
+        catch (Exception e)
+        {
+            throw new AnnotatedException("Issuing distribution point extension could not be decoded.", e);
+        }
+        // (b) (2) (i)
+        // distribution point name is present
+        if (idp != null)
+        {
+            if (idp.getDistributionPoint() != null)
+            {
+                // make list of names
+                DistributionPointName dpName = IssuingDistributionPoint.getInstance(idp).getDistributionPoint();
+                List names = new ArrayList();
+
+                if (dpName.getType() == DistributionPointName.FULL_NAME)
+                {
+                    GeneralName[] genNames = GeneralNames.getInstance(dpName.getName()).getNames();
+                    for (int j = 0; j < genNames.length; j++)
+                    {
+                        names.add(genNames[j]);
+                    }
+                }
+                if (dpName.getType() == DistributionPointName.NAME_RELATIVE_TO_CRL_ISSUER)
+                {
+                    ASN1EncodableVector vec = new ASN1EncodableVector();
+                    try
+                    {
+                        Enumeration e = ASN1Sequence.getInstance(PrincipalUtils.getIssuerPrincipal(crl)).getObjects();
+                        while (e.hasMoreElements())
+                        {
+                            vec.add((ASN1Encodable)e.nextElement());
+                        }
+                    }
+                    catch (Exception e)
+                    {
+                        throw new AnnotatedException("Could not read CRL issuer.", e);
+                    }
+                    vec.add(dpName.getName());
+                    names.add(new GeneralName(X500Name.getInstance(new DERSequence(vec))));
+                }
+                boolean matches = false;
+                // verify that one of the names in the IDP matches one
+                // of the names in the DP.
+                if (dp.getDistributionPoint() != null)
+                {
+                    dpName = dp.getDistributionPoint();
+                    GeneralName[] genNames = null;
+                    if (dpName.getType() == DistributionPointName.FULL_NAME)
+                    {
+                        genNames = GeneralNames.getInstance(dpName.getName()).getNames();
+                    }
+                    if (dpName.getType() == DistributionPointName.NAME_RELATIVE_TO_CRL_ISSUER)
+                    {
+                        if (dp.getCRLIssuer() != null)
+                        {
+                            genNames = dp.getCRLIssuer().getNames();
+                        }
+                        else
+                        {
+                            genNames = new GeneralName[1];
+                            try
+                            {
+                                genNames[0] = new GeneralName(X500Name.getInstance(PrincipalUtils
+                                    .getEncodedIssuerPrincipal(cert).getEncoded()));
+                            }
+                            catch (Exception e)
+                            {
+                                throw new AnnotatedException("Could not read certificate issuer.", e);
+                            }
+                        }
+                        for (int j = 0; j < genNames.length; j++)
+                        {
+                            Enumeration e = ASN1Sequence.getInstance(genNames[j].getName().toASN1Primitive()).getObjects();
+                            ASN1EncodableVector vec = new ASN1EncodableVector();
+                            while (e.hasMoreElements())
+                            {
+                                vec.add((ASN1Encodable)e.nextElement());
+                            }
+                            vec.add(dpName.getName());
+                            genNames[j] = new GeneralName(X500Name.getInstance(new DERSequence(vec)));
+                        }
+                    }
+                    if (genNames != null)
+                    {
+                        for (int j = 0; j < genNames.length; j++)
+                        {
+                            if (names.contains(genNames[j]))
+                            {
+                                matches = true;
+                                break;
+                            }
+                        }
+                    }
+                    if (!matches)
+                    {
+                        throw new AnnotatedException(
+                            "No match for certificate CRL issuing distribution point name to cRLIssuer CRL distribution point.");
+                    }
+                }
+                // verify that one of the names in
+                // the IDP matches one of the names in the cRLIssuer field of
+                // the DP
+                else
+                {
+                    if (dp.getCRLIssuer() == null)
+                    {
+                        throw new AnnotatedException("Either the cRLIssuer or the distributionPoint field must "
+                            + "be contained in DistributionPoint.");
+                    }
+                    GeneralName[] genNames = dp.getCRLIssuer().getNames();
+                    for (int j = 0; j < genNames.length; j++)
+                    {
+                        if (names.contains(genNames[j]))
+                        {
+                            matches = true;
+                            break;
+                        }
+                    }
+                    if (!matches)
+                    {
+                        throw new AnnotatedException(
+                            "No match for certificate CRL issuing distribution point name to cRLIssuer CRL distribution point.");
+                    }
+                }
+            }
+            BasicConstraints bc = null;
+            try
+            {
+                bc = BasicConstraints.getInstance(CertPathValidatorUtilities.getExtensionValue((X509Extension)cert,
+                    BASIC_CONSTRAINTS));
+            }
+            catch (Exception e)
+            {
+                throw new AnnotatedException("Basic constraints extension could not be decoded.", e);
+            }
+
+            if (cert instanceof X509Certificate)
+            {
+                // (b) (2) (ii)
+                if (idp.onlyContainsUserCerts() && (bc != null && bc.isCA()))
+                {
+                    throw new AnnotatedException("CA Cert CRL only contains user certificates.");
+                }
+
+                // (b) (2) (iii)
+                if (idp.onlyContainsCACerts() && (bc == null || !bc.isCA()))
+                {
+                    throw new AnnotatedException("End CRL only contains CA certificates.");
+                }
+            }
+
+            // (b) (2) (iv)
+            if (idp.onlyContainsAttributeCerts())
+            {
+                throw new AnnotatedException("onlyContainsAttributeCerts boolean is asserted.");
+            }
+        }
+    }
+
+    /**
+     * If the DP includes cRLIssuer, then verify that the issuer field in the
+     * complete CRL matches cRLIssuer in the DP and that the complete CRL
+     * contains an issuing distribution point extension with the indirectCRL
+     * boolean asserted. Otherwise, verify that the CRL issuer matches the
+     * certificate issuer.
+     *
+     * @param dp   The distribution point.
+     * @param cert The certificate ot attribute certificate.
+     * @param crl  The CRL for <code>cert</code>.
+     * @throws AnnotatedException if one of the above conditions does not apply or an error
+     *                            occurs.
+     */
+    protected static void processCRLB1(
+        DistributionPoint dp,
+        Object cert,
+        X509CRL crl)
+        throws AnnotatedException
+    {
+        ASN1Primitive idp = CertPathValidatorUtilities.getExtensionValue(crl, ISSUING_DISTRIBUTION_POINT);
+        boolean isIndirect = false;
+        if (idp != null)
+        {
+            if (IssuingDistributionPoint.getInstance(idp).isIndirectCRL())
+            {
+                isIndirect = true;
+            }
+        }
+        byte[] issuerBytes;
+
+        try
+        {
+            issuerBytes = PrincipalUtils.getIssuerPrincipal(crl).getEncoded();
+        }
+        catch (IOException e)
+        {
+            throw new AnnotatedException("Exception encoding CRL issuer: " + e.getMessage(), e);
+        }
+
+        boolean matchIssuer = false;
+        if (dp.getCRLIssuer() != null)
+        {
+            GeneralName genNames[] = dp.getCRLIssuer().getNames();
+            for (int j = 0; j < genNames.length; j++)
+            {
+                if (genNames[j].getTagNo() == GeneralName.directoryName)
+                {
+                    try
+                    {
+                        if (Arrays.areEqual(genNames[j].getName().toASN1Primitive().getEncoded(), issuerBytes))
+                        {
+                            matchIssuer = true;
+                        }
+                    }
+                    catch (IOException e)
+                    {
+                        throw new AnnotatedException(
+                            "CRL issuer information from distribution point cannot be decoded.", e);
+                    }
+                }
+            }
+            if (matchIssuer && !isIndirect)
+            {
+                throw new AnnotatedException("Distribution point contains cRLIssuer field but CRL is not indirect.");
+            }
+            if (!matchIssuer)
+            {
+                throw new AnnotatedException("CRL issuer of CRL does not match CRL issuer of distribution point.");
+            }
+        }
+        else
+        {
+            if (PrincipalUtils.getIssuerPrincipal(crl).equals(
+                PrincipalUtils.getEncodedIssuerPrincipal(cert)))
+            {
+                matchIssuer = true;
+            }
+        }
+        if (!matchIssuer)
+        {
+            throw new AnnotatedException("Cannot find matching CRL issuer for certificate.");
+        }
+    }
+
+    protected static ReasonsMask processCRLD(
+        X509CRL crl,
+        DistributionPoint dp)
+        throws AnnotatedException
+    {
+        IssuingDistributionPoint idp = null;
+        try
+        {
+            idp = IssuingDistributionPoint.getInstance(CertPathValidatorUtilities.getExtensionValue(crl,
+                RFC3280CertPathUtilities.ISSUING_DISTRIBUTION_POINT));
+        }
+        catch (Exception e)
+        {
+            throw new AnnotatedException("Issuing distribution point extension could not be decoded.", e);
+        }
+        // (d) (1)
+        if (idp != null && idp.getOnlySomeReasons() != null && dp.getReasons() != null)
+        {
+            return new ReasonsMask(dp.getReasons()).intersect(new ReasonsMask(idp.getOnlySomeReasons()));
+        }
+        // (d) (4)
+        if ((idp == null || idp.getOnlySomeReasons() == null) && dp.getReasons() == null)
+        {
+            return ReasonsMask.allReasons;
+        }
+        // (d) (2) and (d)(3)
+        return (dp.getReasons() == null
+            ? ReasonsMask.allReasons
+            : new ReasonsMask(dp.getReasons())).intersect(idp == null
+            ? ReasonsMask.allReasons
+            : new ReasonsMask(idp.getOnlySomeReasons()));
+
+    }
+
+    public static final String CERTIFICATE_POLICIES = Extension.certificatePolicies.getId();
+
+    public static final String POLICY_MAPPINGS = Extension.policyMappings.getId();
+
+    public static final String INHIBIT_ANY_POLICY = Extension.inhibitAnyPolicy.getId();
+
+    public static final String ISSUING_DISTRIBUTION_POINT = Extension.issuingDistributionPoint.getId();
+
+    public static final String FRESHEST_CRL = Extension.freshestCRL.getId();
+
+    public static final String DELTA_CRL_INDICATOR = Extension.deltaCRLIndicator.getId();
+
+    public static final String POLICY_CONSTRAINTS = Extension.policyConstraints.getId();
+
+    public static final String BASIC_CONSTRAINTS = Extension.basicConstraints.getId();
+
+    public static final String CRL_DISTRIBUTION_POINTS = Extension.cRLDistributionPoints.getId();
+
+    public static final String SUBJECT_ALTERNATIVE_NAME = Extension.subjectAlternativeName.getId();
+
+    public static final String NAME_CONSTRAINTS = Extension.nameConstraints.getId();
+
+    public static final String AUTHORITY_KEY_IDENTIFIER = Extension.authorityKeyIdentifier.getId();
+
+    public static final String KEY_USAGE = Extension.keyUsage.getId();
+
+    public static final String CRL_NUMBER = Extension.cRLNumber.getId();
+
+    public static final String ANY_POLICY = "2.5.29.32.0";
+
+    /*
+     * key usage bits
+     */
+    protected static final int KEY_CERT_SIGN = 5;
+
+    protected static final int CRL_SIGN = 6;
+
+    /**
+     * Obtain and validate the certification path for the complete CRL issuer.
+     * If a key usage extension is present in the CRL issuer's certificate,
+     * verify that the cRLSign bit is set.
+     *
+     * @param crl                CRL which contains revocation information for the certificate
+     *                           <code>cert</code>.
+     * @param cert               The attribute certificate or certificate to check if it is
+     *                           revoked.
+     * @param defaultCRLSignCert The issuer certificate of the certificate <code>cert</code>.
+     * @param defaultCRLSignKey  The public key of the issuer certificate
+     *                           <code>defaultCRLSignCert</code>.
+     * @param paramsPKIX         paramsPKIX PKIX parameters.
+     * @param certPathCerts      The certificates on the certification path.
+     * @return A <code>Set</code> with all keys of possible CRL issuer
+     *         certificates.
+     * @throws AnnotatedException if the CRL is not valid or the status cannot be checked or
+     *                            some error occurs.
+     */
+    protected static Set processCRLF(
+        X509CRL crl,
+        Object cert,
+        X509Certificate defaultCRLSignCert,
+        PublicKey defaultCRLSignKey,
+        PKIXExtendedParameters paramsPKIX,
+        List certPathCerts,
+        JcaJceHelper helper)
+        throws AnnotatedException
+    {
+        // (f)
+
+        // get issuer from CRL
+        X509CertSelector certSelector = new X509CertSelector();
+        try
+        {
+            byte[] issuerPrincipal = PrincipalUtils.getIssuerPrincipal(crl).getEncoded();
+            certSelector.setSubject(issuerPrincipal);
+        }
+        catch (IOException e)
+        {
+            throw new AnnotatedException(
+                "Subject criteria for certificate selector to find issuer certificate for CRL could not be set.", e);
+        }
+
+        PKIXCertStoreSelector selector = new PKIXCertStoreSelector.Builder(certSelector).build();
+
+        // get CRL signing certs
+        Collection coll;
+        try
+        {
+            coll = CertPathValidatorUtilities.findCertificates(selector, paramsPKIX.getCertificateStores());
+            coll.addAll(CertPathValidatorUtilities.findCertificates(selector, paramsPKIX.getCertStores()));
+        }
+        catch (AnnotatedException e)
+        {
+            throw new AnnotatedException("Issuer certificate for CRL cannot be searched.", e);
+        }
+
+        coll.add(defaultCRLSignCert);
+
+        Iterator cert_it = coll.iterator();
+
+        List validCerts = new ArrayList();
+        List validKeys = new ArrayList();
+
+        while (cert_it.hasNext())
+        {
+            X509Certificate signingCert = (X509Certificate)cert_it.next();
+
+            /*
+             * CA of the certificate, for which this CRL is checked, has also
+             * signed CRL, so skip the path validation, because is already done
+             */
+            if (signingCert.equals(defaultCRLSignCert))
+            {
+                validCerts.add(signingCert);
+                validKeys.add(defaultCRLSignKey);
+                continue;
+            }
+            try
+            {
+                PKIXCertPathBuilderSpi builder = new PKIXCertPathBuilderSpi();
+                X509CertSelector tmpCertSelector = new X509CertSelector();
+                tmpCertSelector.setCertificate(signingCert);
+
+                PKIXExtendedParameters.Builder paramsBuilder = new PKIXExtendedParameters.Builder(paramsPKIX)
+                    .setTargetConstraints(new PKIXCertStoreSelector.Builder(tmpCertSelector).build());
+
+                /*
+                 * if signingCert is placed not higher on the cert path a
+                 * dependency loop results. CRL for cert is checked, but
+                 * signingCert is needed for checking the CRL which is dependent
+                 * on checking cert because it is higher in the cert path and so
+                 * signing signingCert transitively. so, revocation is disabled,
+                 * forgery attacks of the CRL are detected in this outer loop
+                 * for all other it must be enabled to prevent forgery attacks
+                 */
+                if (certPathCerts.contains(signingCert))
+                {
+                    paramsBuilder.setRevocationEnabled(false);
+                }
+                else
+                {
+                    paramsBuilder.setRevocationEnabled(true);
+                }
+
+                PKIXExtendedBuilderParameters extParams = new PKIXExtendedBuilderParameters.Builder(paramsBuilder.build()).build();
+
+                List certs = builder.engineBuild(extParams).getCertPath().getCertificates();
+                validCerts.add(signingCert);
+                validKeys.add(CertPathValidatorUtilities.getNextWorkingKey(certs, 0, helper));
+            }
+            catch (CertPathBuilderException e)
+            {
+                throw new AnnotatedException("CertPath for CRL signer failed to validate.", e);
+            }
+            catch (CertPathValidatorException e)
+            {
+                throw new AnnotatedException("Public key of issuer certificate of CRL could not be retrieved.", e);
+            }
+            catch (Exception e)
+            {
+                throw new AnnotatedException(e.getMessage());
+            }
+        }
+
+        Set checkKeys = new HashSet();
+
+        AnnotatedException lastException = null;
+        for (int i = 0; i < validCerts.size(); i++)
+        {
+            X509Certificate signCert = (X509Certificate)validCerts.get(i);
+            boolean[] keyusage = signCert.getKeyUsage();
+
+            if (keyusage != null && (keyusage.length < 7 || !keyusage[CRL_SIGN]))
+            {
+                lastException = new AnnotatedException(
+                    "Issuer certificate key usage extension does not permit CRL signing.");
+            }
+            else
+            {
+                checkKeys.add(validKeys.get(i));
+            }
+        }
+
+        if (checkKeys.isEmpty() && lastException == null)
+        {
+            throw new AnnotatedException("Cannot find a valid issuer certificate.");
+        }
+        if (checkKeys.isEmpty() && lastException != null)
+        {
+            throw lastException;
+        }
+
+        return checkKeys;
+    }
+
+    protected static PublicKey processCRLG(
+        X509CRL crl,
+        Set keys)
+        throws AnnotatedException
+    {
+        Exception lastException = null;
+        for (Iterator it = keys.iterator(); it.hasNext();)
+        {
+            PublicKey key = (PublicKey)it.next();
+            try
+            {
+                crl.verify(key);
+                return key;
+            }
+            catch (Exception e)
+            {
+                lastException = e;
+            }
+        }
+        throw new AnnotatedException("Cannot verify CRL.", lastException);
+    }
+
+    protected static X509CRL processCRLH(
+        Set deltacrls,
+        PublicKey key)
+        throws AnnotatedException
+    {
+        Exception lastException = null;
+
+        for (Iterator it = deltacrls.iterator(); it.hasNext();)
+        {
+            X509CRL crl = (X509CRL)it.next();
+            try
+            {
+                crl.verify(key);
+                return crl;
+            }
+            catch (Exception e)
+            {
+                lastException = e;
+            }
+        }
+
+        if (lastException != null)
+        {
+            throw new AnnotatedException("Cannot verify delta CRL.", lastException);
+        }
+        return null;
+    }
+
+    protected static Set processCRLA1i(
+        Date currentDate,
+        PKIXExtendedParameters paramsPKIX,
+        X509Certificate cert,
+        X509CRL crl)
+        throws AnnotatedException
+    {
+        Set set = new HashSet();
+        if (paramsPKIX.isUseDeltasEnabled())
+        {
+            CRLDistPoint freshestCRL = null;
+            try
+            {
+                freshestCRL = CRLDistPoint
+                    .getInstance(CertPathValidatorUtilities.getExtensionValue(cert, FRESHEST_CRL));
+            }
+            catch (AnnotatedException e)
+            {
+                throw new AnnotatedException("Freshest CRL extension could not be decoded from certificate.", e);
+            }
+            if (freshestCRL == null)
+            {
+                try
+                {
+                    freshestCRL = CRLDistPoint.getInstance(CertPathValidatorUtilities.getExtensionValue(crl,
+                        FRESHEST_CRL));
+                }
+                catch (AnnotatedException e)
+                {
+                    throw new AnnotatedException("Freshest CRL extension could not be decoded from CRL.", e);
+                }
+            }
+            if (freshestCRL != null)
+            {
+                List crlStores = new ArrayList();
+
+                crlStores.addAll(paramsPKIX.getCRLStores());
+
+                try
+                {
+                    crlStores.addAll(CertPathValidatorUtilities.getAdditionalStoresFromCRLDistributionPoint(freshestCRL, paramsPKIX.getNamedCRLStoreMap()));
+                }
+                catch (AnnotatedException e)
+                {
+                    throw new AnnotatedException(
+                        "No new delta CRL locations could be added from Freshest CRL extension.", e);
+                }
+
+                // get delta CRL(s)
+                try
+                {
+                    set.addAll(CertPathValidatorUtilities.getDeltaCRLs(currentDate, crl, paramsPKIX.getCertStores(), crlStores));
+                }
+                catch (AnnotatedException e)
+                {
+                    throw new AnnotatedException("Exception obtaining delta CRLs.", e);
+                }
+            }
+        }
+        return set;
+    }
+
+    protected static Set[] processCRLA1ii(
+        Date currentDate,
+        PKIXExtendedParameters paramsPKIX,
+        X509Certificate cert,
+        X509CRL crl)
+        throws AnnotatedException
+    {
+        Set deltaSet = new HashSet();
+        X509CRLSelector crlselect = new X509CRLSelector();
+        crlselect.setCertificateChecking(cert);
+
+        try
+        {
+            crlselect.addIssuerName(PrincipalUtils.getIssuerPrincipal(crl).getEncoded());
+        }
+        catch (IOException e)
+        {
+            throw new AnnotatedException("Cannot extract issuer from CRL." + e, e);
+        }
+
+        PKIXCRLStoreSelector extSelect = new PKIXCRLStoreSelector.Builder(crlselect).setCompleteCRLEnabled(true).build();
+
+        Date validityDate = currentDate;
+
+        if (paramsPKIX.getDate() != null)
+        {
+            validityDate = paramsPKIX.getDate();
+        }
+
+        Set completeSet = CRL_UTIL.findCRLs(extSelect, validityDate, paramsPKIX.getCertStores(), paramsPKIX.getCRLStores());
+
+        if (paramsPKIX.isUseDeltasEnabled())
+        {
+            // get delta CRL(s)
+            try
+            {
+                deltaSet.addAll(CertPathValidatorUtilities.getDeltaCRLs(validityDate, crl, paramsPKIX.getCertStores(), paramsPKIX.getCRLStores()));
+            }
+            catch (AnnotatedException e)
+            {
+                throw new AnnotatedException("Exception obtaining delta CRLs.", e);
+            }
+        }
+        return new Set[]
+            {
+                completeSet,
+                deltaSet};
+    }
+
+
+
+    /**
+     * If use-deltas is set, verify the issuer and scope of the delta CRL.
+     *
+     * @param deltaCRL    The delta CRL.
+     * @param completeCRL The complete CRL.
+     * @param pkixParams  The PKIX paramaters.
+     * @throws AnnotatedException if an exception occurs.
+     */
+    protected static void processCRLC(
+        X509CRL deltaCRL,
+        X509CRL completeCRL,
+        PKIXExtendedParameters pkixParams)
+        throws AnnotatedException
+    {
+        if (deltaCRL == null)
+        {
+            return;
+        }
+        IssuingDistributionPoint completeidp = null;
+        try
+        {
+            completeidp = IssuingDistributionPoint.getInstance(CertPathValidatorUtilities.getExtensionValue(
+                completeCRL, RFC3280CertPathUtilities.ISSUING_DISTRIBUTION_POINT));
+        }
+        catch (Exception e)
+        {
+            throw new AnnotatedException("Issuing distribution point extension could not be decoded.", e);
+        }
+
+        if (pkixParams.isUseDeltasEnabled())
+        {
+            // (c) (1)
+            if (!PrincipalUtils.getIssuerPrincipal(deltaCRL).equals(PrincipalUtils.getIssuerPrincipal(completeCRL)))
+            {
+                throw new AnnotatedException("Complete CRL issuer does not match delta CRL issuer.");
+            }
+
+            // (c) (2)
+            IssuingDistributionPoint deltaidp = null;
+            try
+            {
+                deltaidp = IssuingDistributionPoint.getInstance(CertPathValidatorUtilities.getExtensionValue(
+                    deltaCRL, ISSUING_DISTRIBUTION_POINT));
+            }
+            catch (Exception e)
+            {
+                throw new AnnotatedException(
+                    "Issuing distribution point extension from delta CRL could not be decoded.", e);
+            }
+
+            boolean match = false;
+            if (completeidp == null)
+            {
+                if (deltaidp == null)
+                {
+                    match = true;
+                }
+            }
+            else
+            {
+                if (completeidp.equals(deltaidp))
+                {
+                    match = true;
+                }
+            }
+            if (!match)
+            {
+                throw new AnnotatedException(
+                    "Issuing distribution point extension from delta CRL and complete CRL does not match.");
+            }
+
+            // (c) (3)
+            ASN1Primitive completeKeyIdentifier = null;
+            try
+            {
+                completeKeyIdentifier = CertPathValidatorUtilities.getExtensionValue(
+                    completeCRL, AUTHORITY_KEY_IDENTIFIER);
+            }
+            catch (AnnotatedException e)
+            {
+                throw new AnnotatedException(
+                    "Authority key identifier extension could not be extracted from complete CRL.", e);
+            }
+
+            ASN1Primitive deltaKeyIdentifier = null;
+            try
+            {
+                deltaKeyIdentifier = CertPathValidatorUtilities.getExtensionValue(
+                    deltaCRL, AUTHORITY_KEY_IDENTIFIER);
+            }
+            catch (AnnotatedException e)
+            {
+                throw new AnnotatedException(
+                    "Authority key identifier extension could not be extracted from delta CRL.", e);
+            }
+
+            if (completeKeyIdentifier == null)
+            {
+                throw new AnnotatedException("CRL authority key identifier is null.");
+            }
+
+            if (deltaKeyIdentifier == null)
+            {
+                throw new AnnotatedException("Delta CRL authority key identifier is null.");
+            }
+
+            if (!completeKeyIdentifier.equals(deltaKeyIdentifier))
+            {
+                throw new AnnotatedException(
+                    "Delta CRL authority key identifier does not match complete CRL authority key identifier.");
+            }
+        }
+    }
+
+    protected static void processCRLI(
+        Date validDate,
+        X509CRL deltacrl,
+        Object cert,
+        CertStatus certStatus,
+        PKIXExtendedParameters pkixParams)
+        throws AnnotatedException
+    {
+        if (pkixParams.isUseDeltasEnabled() && deltacrl != null)
+        {
+            CertPathValidatorUtilities.getCertStatus(validDate, deltacrl, cert, certStatus);
+        }
+    }
+
+    protected static void processCRLJ(
+        Date validDate,
+        X509CRL completecrl,
+        Object cert,
+        CertStatus certStatus)
+        throws AnnotatedException
+    {
+        if (certStatus.getCertStatus() == CertStatus.UNREVOKED)
+        {
+            CertPathValidatorUtilities.getCertStatus(validDate, completecrl, cert, certStatus);
+        }
+    }
+
+    protected static PKIXPolicyNode prepareCertB(
+        CertPath certPath,
+        int index,
+        List[] policyNodes,
+        PKIXPolicyNode validPolicyTree,
+        int policyMapping)
+        throws CertPathValidatorException
+    {
+        List certs = certPath.getCertificates();
+        X509Certificate cert = (X509Certificate)certs.get(index);
+        int n = certs.size();
+        // i as defined in the algorithm description
+        int i = n - index;
+        // (b)
+        //
+        ASN1Sequence pm = null;
+        try
+        {
+            pm = DERSequence.getInstance(CertPathValidatorUtilities.getExtensionValue(cert,
+                RFC3280CertPathUtilities.POLICY_MAPPINGS));
+        }
+        catch (AnnotatedException ex)
+        {
+            throw new ExtCertPathValidatorException("Policy mappings extension could not be decoded.", ex, certPath,
+                index);
+        }
+        PKIXPolicyNode _validPolicyTree = validPolicyTree;
+        if (pm != null)
+        {
+            ASN1Sequence mappings = (ASN1Sequence)pm;
+            Map m_idp = new HashMap();
+            Set s_idp = new HashSet();
+
+            for (int j = 0; j < mappings.size(); j++)
+            {
+                ASN1Sequence mapping = (ASN1Sequence)mappings.getObjectAt(j);
+                String id_p = ((ASN1ObjectIdentifier)mapping.getObjectAt(0)).getId();
+                String sd_p = ((ASN1ObjectIdentifier)mapping.getObjectAt(1)).getId();
+                Set tmp;
+
+                if (!m_idp.containsKey(id_p))
+                {
+                    tmp = new HashSet();
+                    tmp.add(sd_p);
+                    m_idp.put(id_p, tmp);
+                    s_idp.add(id_p);
+                }
+                else
+                {
+                    tmp = (Set)m_idp.get(id_p);
+                    tmp.add(sd_p);
+                }
+            }
+
+            Iterator it_idp = s_idp.iterator();
+            while (it_idp.hasNext())
+            {
+                String id_p = (String)it_idp.next();
+
+                //
+                // (1)
+                //
+                if (policyMapping > 0)
+                {
+                    boolean idp_found = false;
+                    Iterator nodes_i = policyNodes[i].iterator();
+                    while (nodes_i.hasNext())
+                    {
+                        PKIXPolicyNode node = (PKIXPolicyNode)nodes_i.next();
+                        if (node.getValidPolicy().equals(id_p))
+                        {
+                            idp_found = true;
+                            node.expectedPolicies = (Set)m_idp.get(id_p);
+                            break;
+                        }
+                    }
+
+                    if (!idp_found)
+                    {
+                        nodes_i = policyNodes[i].iterator();
+                        while (nodes_i.hasNext())
+                        {
+                            PKIXPolicyNode node = (PKIXPolicyNode)nodes_i.next();
+                            if (RFC3280CertPathUtilities.ANY_POLICY.equals(node.getValidPolicy()))
+                            {
+                                Set pq = null;
+                                ASN1Sequence policies = null;
+                                try
+                                {
+                                    policies = (ASN1Sequence)CertPathValidatorUtilities.getExtensionValue(cert,
+                                        RFC3280CertPathUtilities.CERTIFICATE_POLICIES);
+                                }
+                                catch (AnnotatedException e)
+                                {
+                                    throw new ExtCertPathValidatorException(
+                                        "Certificate policies extension could not be decoded.", e, certPath, index);
+                                }
+                                Enumeration e = policies.getObjects();
+                                while (e.hasMoreElements())
+                                {
+                                    PolicyInformation pinfo = null;
+                                    try
+                                    {
+                                        pinfo = PolicyInformation.getInstance(e.nextElement());
+                                    }
+                                    catch (Exception ex)
+                                    {
+                                        throw new CertPathValidatorException(
+                                            "Policy information could not be decoded.", ex, certPath, index);
+                                    }
+                                    if (RFC3280CertPathUtilities.ANY_POLICY.equals(pinfo.getPolicyIdentifier().getId()))
+                                    {
+                                        try
+                                        {
+                                            pq = CertPathValidatorUtilities
+                                                .getQualifierSet(pinfo.getPolicyQualifiers());
+                                        }
+                                        catch (CertPathValidatorException ex)
+                                        {
+
+                                            throw new ExtCertPathValidatorException(
+                                                "Policy qualifier info set could not be decoded.", ex, certPath,
+                                                index);
+                                        }
+                                        break;
+                                    }
+                                }
+                                boolean ci = false;
+                                if (cert.getCriticalExtensionOIDs() != null)
+                                {
+                                    ci = cert.getCriticalExtensionOIDs().contains(
+                                        RFC3280CertPathUtilities.CERTIFICATE_POLICIES);
+                                }
+
+                                PKIXPolicyNode p_node = (PKIXPolicyNode)node.getParent();
+                                if (RFC3280CertPathUtilities.ANY_POLICY.equals(p_node.getValidPolicy()))
+                                {
+                                    PKIXPolicyNode c_node = new PKIXPolicyNode(new ArrayList(), i, (Set)m_idp
+                                        .get(id_p), p_node, pq, id_p, ci);
+                                    p_node.addChild(c_node);
+                                    policyNodes[i].add(c_node);
+                                }
+                                break;
+                            }
+                        }
+                    }
+
+                    //
+                    // (2)
+                    //
+                }
+                else if (policyMapping <= 0)
+                {
+                    Iterator nodes_i = policyNodes[i].iterator();
+                    while (nodes_i.hasNext())
+                    {
+                        PKIXPolicyNode node = (PKIXPolicyNode)nodes_i.next();
+                        if (node.getValidPolicy().equals(id_p))
+                        {
+                            PKIXPolicyNode p_node = (PKIXPolicyNode)node.getParent();
+                            p_node.removeChild(node);
+                            nodes_i.remove();
+                            for (int k = (i - 1); k >= 0; k--)
+                            {
+                                List nodes = policyNodes[k];
+                                for (int l = 0; l < nodes.size(); l++)
+                                {
+                                    PKIXPolicyNode node2 = (PKIXPolicyNode)nodes.get(l);
+                                    if (!node2.hasChildren())
+                                    {
+                                        _validPolicyTree = CertPathValidatorUtilities.removePolicyNode(
+                                            _validPolicyTree, policyNodes, node2);
+                                        if (_validPolicyTree == null)
+                                        {
+                                            break;
+                                        }
+                                    }
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+        }
+        return _validPolicyTree;
+    }
+
+    protected static void prepareNextCertA(
+        CertPath certPath,
+        int index)
+        throws CertPathValidatorException
+    {
+        List certs = certPath.getCertificates();
+        X509Certificate cert = (X509Certificate)certs.get(index);
+        //
+        //
+        // (a) check the policy mappings
+        //
+        ASN1Sequence pm = null;
+        try
+        {
+            pm = DERSequence.getInstance(CertPathValidatorUtilities.getExtensionValue(cert,
+                RFC3280CertPathUtilities.POLICY_MAPPINGS));
+        }
+        catch (AnnotatedException ex)
+        {
+            throw new ExtCertPathValidatorException("Policy mappings extension could not be decoded.", ex, certPath,
+                index);
+        }
+        if (pm != null)
+        {
+            ASN1Sequence mappings = pm;
+
+            for (int j = 0; j < mappings.size(); j++)
+            {
+                ASN1ObjectIdentifier issuerDomainPolicy = null;
+                ASN1ObjectIdentifier subjectDomainPolicy = null;
+                try
+                {
+                    ASN1Sequence mapping = DERSequence.getInstance(mappings.getObjectAt(j));
+
+                    issuerDomainPolicy = ASN1ObjectIdentifier.getInstance(mapping.getObjectAt(0));
+                    subjectDomainPolicy = ASN1ObjectIdentifier.getInstance(mapping.getObjectAt(1));
+                }
+                catch (Exception e)
+                {
+                    throw new ExtCertPathValidatorException("Policy mappings extension contents could not be decoded.",
+                        e, certPath, index);
+                }
+
+                if (RFC3280CertPathUtilities.ANY_POLICY.equals(issuerDomainPolicy.getId()))
+                {
+
+                    throw new CertPathValidatorException("IssuerDomainPolicy is anyPolicy", null, certPath, index);
+                }
+
+                if (RFC3280CertPathUtilities.ANY_POLICY.equals(subjectDomainPolicy.getId()))
+                {
+
+                    throw new CertPathValidatorException("SubjectDomainPolicy is anyPolicy,", null, certPath, index);
+                }
+            }
+        }
+    }
+
+    protected static void processCertF(
+        CertPath certPath,
+        int index,
+        PKIXPolicyNode validPolicyTree,
+        int explicitPolicy)
+        throws CertPathValidatorException
+    {
+        //
+        // (f)
+        //
+        if (explicitPolicy <= 0 && validPolicyTree == null)
+        {
+            throw new ExtCertPathValidatorException("No valid policy tree found when one expected.", null, certPath,
+                index);
+        }
+    }
+
+    protected static PKIXPolicyNode processCertE(
+        CertPath certPath,
+        int index,
+        PKIXPolicyNode validPolicyTree)
+        throws CertPathValidatorException
+    {
+        List certs = certPath.getCertificates();
+        X509Certificate cert = (X509Certificate)certs.get(index);
+        // 
+        // (e)
+        //
+        ASN1Sequence certPolicies = null;
+        try
+        {
+            certPolicies = DERSequence.getInstance(CertPathValidatorUtilities.getExtensionValue(cert,
+                RFC3280CertPathUtilities.CERTIFICATE_POLICIES));
+        }
+        catch (AnnotatedException e)
+        {
+            throw new ExtCertPathValidatorException("Could not read certificate policies extension from certificate.",
+                e, certPath, index);
+        }
+        if (certPolicies == null)
+        {
+            validPolicyTree = null;
+        }
+        return validPolicyTree;
+    }
+
+    protected static void processCertBC(
+        CertPath certPath,
+        int index,
+        PKIXNameConstraintValidator nameConstraintValidator)
+        throws CertPathValidatorException
+    {
+        List certs = certPath.getCertificates();
+        X509Certificate cert = (X509Certificate)certs.get(index);
+        int n = certs.size();
+        // i as defined in the algorithm description
+        int i = n - index;
+        //
+        // (b), (c) permitted and excluded subtree checking.
+        //
+        if (!(CertPathValidatorUtilities.isSelfIssued(cert) && (i < n)))
+        {
+            X500Name principal = PrincipalUtils.getSubjectPrincipal(cert);
+            ASN1Sequence dns;
+
+            try
+            {
+                dns = DERSequence.getInstance(principal.getEncoded());
+            }
+            catch (Exception e)
+            {
+                throw new CertPathValidatorException("Exception extracting subject name when checking subtrees.", e,
+                    certPath, index);
+            }
+
+            try
+            {
+                nameConstraintValidator.checkPermittedDN(dns);
+                nameConstraintValidator.checkExcludedDN(dns);
+            }
+            catch (PKIXNameConstraintValidatorException e)
+            {
+                throw new CertPathValidatorException("Subtree check for certificate subject failed.", e, certPath,
+                    index);
+            }
+
+            GeneralNames altName = null;
+            try
+            {
+                altName = GeneralNames.getInstance(CertPathValidatorUtilities.getExtensionValue(cert,
+                    RFC3280CertPathUtilities.SUBJECT_ALTERNATIVE_NAME));
+            }
+            catch (Exception e)
+            {
+                throw new CertPathValidatorException("Subject alternative name extension could not be decoded.", e,
+                    certPath, index);
+            }
+            RDN[] emails = X500Name.getInstance(dns).getRDNs(BCStyle.EmailAddress);
+            for (int eI = 0; eI != emails.length; eI++)
+            {
+                // TODO: this should take into account multi-valued RDNs
+                String email = ((ASN1String)emails[eI].getFirst().getValue()).getString();
+                GeneralName emailAsGeneralName = new GeneralName(GeneralName.rfc822Name, email);
+                try
+                {
+                    nameConstraintValidator.checkPermitted(emailAsGeneralName);
+                    nameConstraintValidator.checkExcluded(emailAsGeneralName);
+                }
+                catch (PKIXNameConstraintValidatorException ex)
+                {
+                    throw new CertPathValidatorException(
+                        "Subtree check for certificate subject alternative email failed.", ex, certPath, index);
+                }
+            }
+            if (altName != null)
+            {
+                GeneralName[] genNames = null;
+                try
+                {
+                    genNames = altName.getNames();
+                }
+                catch (Exception e)
+                {
+                    throw new CertPathValidatorException("Subject alternative name contents could not be decoded.", e,
+                        certPath, index);
+                }
+                for (int j = 0; j < genNames.length; j++)
+                {
+
+                    try
+                    {
+                        nameConstraintValidator.checkPermitted(genNames[j]);
+                        nameConstraintValidator.checkExcluded(genNames[j]);
+                    }
+                    catch (PKIXNameConstraintValidatorException e)
+                    {
+                        throw new CertPathValidatorException(
+                            "Subtree check for certificate subject alternative name failed.", e, certPath, index);
+                    }
+                }
+            }
+        }
+    }
+
+    protected static PKIXPolicyNode processCertD(
+        CertPath certPath,
+        int index,
+        Set acceptablePolicies,
+        PKIXPolicyNode validPolicyTree,
+        List[] policyNodes,
+        int inhibitAnyPolicy)
+        throws CertPathValidatorException
+    {
+        List certs = certPath.getCertificates();
+        X509Certificate cert = (X509Certificate)certs.get(index);
+        int n = certs.size();
+        // i as defined in the algorithm description
+        int i = n - index;
+        //
+        // (d) policy Information checking against initial policy and
+        // policy mapping
+        //
+        ASN1Sequence certPolicies = null;
+        try
+        {
+            certPolicies = DERSequence.getInstance(CertPathValidatorUtilities.getExtensionValue(cert,
+                RFC3280CertPathUtilities.CERTIFICATE_POLICIES));
+        }
+        catch (AnnotatedException e)
+        {
+            throw new ExtCertPathValidatorException("Could not read certificate policies extension from certificate.",
+                e, certPath, index);
+        }
+        if (certPolicies != null && validPolicyTree != null)
+        {
+            //
+            // (d) (1)
+            //
+            Enumeration e = certPolicies.getObjects();
+            Set pols = new HashSet();
+
+            while (e.hasMoreElements())
+            {
+                PolicyInformation pInfo = PolicyInformation.getInstance(e.nextElement());
+                ASN1ObjectIdentifier pOid = pInfo.getPolicyIdentifier();
+
+                pols.add(pOid.getId());
+
+                if (!RFC3280CertPathUtilities.ANY_POLICY.equals(pOid.getId()))
+                {
+                    Set pq = null;
+                    try
+                    {
+                        pq = CertPathValidatorUtilities.getQualifierSet(pInfo.getPolicyQualifiers());
+                    }
+                    catch (CertPathValidatorException ex)
+                    {
+                        throw new ExtCertPathValidatorException("Policy qualifier info set could not be build.", ex,
+                            certPath, index);
+                    }
+
+                    boolean match = CertPathValidatorUtilities.processCertD1i(i, policyNodes, pOid, pq);
+
+                    if (!match)
+                    {
+                        CertPathValidatorUtilities.processCertD1ii(i, policyNodes, pOid, pq);
+                    }
+                }
+            }
+
+            if (acceptablePolicies.isEmpty() || acceptablePolicies.contains(RFC3280CertPathUtilities.ANY_POLICY))
+            {
+                acceptablePolicies.clear();
+                acceptablePolicies.addAll(pols);
+            }
+            else
+            {
+                Iterator it = acceptablePolicies.iterator();
+                Set t1 = new HashSet();
+
+                while (it.hasNext())
+                {
+                    Object o = it.next();
+
+                    if (pols.contains(o))
+                    {
+                        t1.add(o);
+                    }
+                }
+                acceptablePolicies.clear();
+                acceptablePolicies.addAll(t1);
+            }
+
+            //
+            // (d) (2)
+            //
+            if ((inhibitAnyPolicy > 0) || ((i < n) && CertPathValidatorUtilities.isSelfIssued(cert)))
+            {
+                e = certPolicies.getObjects();
+
+                while (e.hasMoreElements())
+                {
+                    PolicyInformation pInfo = PolicyInformation.getInstance(e.nextElement());
+
+                    if (RFC3280CertPathUtilities.ANY_POLICY.equals(pInfo.getPolicyIdentifier().getId()))
+                    {
+                        Set _apq = CertPathValidatorUtilities.getQualifierSet(pInfo.getPolicyQualifiers());
+                        List _nodes = policyNodes[i - 1];
+
+                        for (int k = 0; k < _nodes.size(); k++)
+                        {
+                            PKIXPolicyNode _node = (PKIXPolicyNode)_nodes.get(k);
+
+                            Iterator _policySetIter = _node.getExpectedPolicies().iterator();
+                            while (_policySetIter.hasNext())
+                            {
+                                Object _tmp = _policySetIter.next();
+
+                                String _policy;
+                                if (_tmp instanceof String)
+                                {
+                                    _policy = (String)_tmp;
+                                }
+                                else if (_tmp instanceof ASN1ObjectIdentifier)
+                                {
+                                    _policy = ((ASN1ObjectIdentifier)_tmp).getId();
+                                }
+                                else
+                                {
+                                    continue;
+                                }
+
+                                boolean _found = false;
+                                Iterator _childrenIter = _node.getChildren();
+
+                                while (_childrenIter.hasNext())
+                                {
+                                    PKIXPolicyNode _child = (PKIXPolicyNode)_childrenIter.next();
+
+                                    if (_policy.equals(_child.getValidPolicy()))
+                                    {
+                                        _found = true;
+                                    }
+                                }
+
+                                if (!_found)
+                                {
+                                    Set _newChildExpectedPolicies = new HashSet();
+                                    _newChildExpectedPolicies.add(_policy);
+
+                                    PKIXPolicyNode _newChild = new PKIXPolicyNode(new ArrayList(), i,
+                                        _newChildExpectedPolicies, _node, _apq, _policy, false);
+                                    _node.addChild(_newChild);
+                                    policyNodes[i].add(_newChild);
+                                }
+                            }
+                        }
+                        break;
+                    }
+                }
+            }
+
+            PKIXPolicyNode _validPolicyTree = validPolicyTree;
+            //
+            // (d) (3)
+            //
+            for (int j = (i - 1); j >= 0; j--)
+            {
+                List nodes = policyNodes[j];
+
+                for (int k = 0; k < nodes.size(); k++)
+                {
+                    PKIXPolicyNode node = (PKIXPolicyNode)nodes.get(k);
+                    if (!node.hasChildren())
+                    {
+                        _validPolicyTree = CertPathValidatorUtilities.removePolicyNode(_validPolicyTree, policyNodes,
+                            node);
+                        if (_validPolicyTree == null)
+                        {
+                            break;
+                        }
+                    }
+                }
+            }
+
+            //
+            // d (4)
+            //
+            Set criticalExtensionOids = cert.getCriticalExtensionOIDs();
+
+            if (criticalExtensionOids != null)
+            {
+                boolean critical = criticalExtensionOids.contains(RFC3280CertPathUtilities.CERTIFICATE_POLICIES);
+
+                List nodes = policyNodes[i];
+                for (int j = 0; j < nodes.size(); j++)
+                {
+                    PKIXPolicyNode node = (PKIXPolicyNode)nodes.get(j);
+                    node.setCritical(critical);
+                }
+            }
+            return _validPolicyTree;
+        }
+        return null;
+    }
+
+    protected static void processCertA(
+        CertPath certPath,
+        PKIXExtendedParameters paramsPKIX,
+        int index,
+        PublicKey workingPublicKey,
+        boolean verificationAlreadyPerformed,
+        X500Name workingIssuerName,
+        X509Certificate sign,
+        JcaJceHelper helper)
+        throws ExtCertPathValidatorException
+    {
+        List certs = certPath.getCertificates();
+        X509Certificate cert = (X509Certificate)certs.get(index);
+        //
+        // (a) verify
+        //
+        if (!verificationAlreadyPerformed)
+        {
+            try
+            {
+                // (a) (1)
+                //
+                CertPathValidatorUtilities.verifyX509Certificate(cert, workingPublicKey,
+                    paramsPKIX.getSigProvider());
+            }
+            catch (GeneralSecurityException e)
+            {
+                throw new ExtCertPathValidatorException("Could not validate certificate signature.", e, certPath, index);
+            }
+        }
+
+        try
+        {
+            // (a) (2)
+            //
+            cert.checkValidity(CertPathValidatorUtilities
+                .getValidCertDateFromValidityModel(paramsPKIX, certPath, index));
+        }
+        catch (CertificateExpiredException e)
+        {
+            throw new ExtCertPathValidatorException("Could not validate certificate: " + e.getMessage(), e, certPath, index);
+        }
+        catch (CertificateNotYetValidException e)
+        {
+            throw new ExtCertPathValidatorException("Could not validate certificate: " + e.getMessage(), e, certPath, index);
+        }
+        catch (AnnotatedException e)
+        {
+            throw new ExtCertPathValidatorException("Could not validate time of certificate.", e, certPath, index);
+        }
+
+        //
+        // (a) (3)
+        //
+        if (paramsPKIX.isRevocationEnabled())
+        {
+            try
+            {
+                checkCRLs(paramsPKIX, cert, CertPathValidatorUtilities.getValidCertDateFromValidityModel(paramsPKIX,
+                    certPath, index), sign, workingPublicKey, certs, helper);
+            }
+            catch (AnnotatedException e)
+            {
+                Throwable cause = e;
+                if (null != e.getCause())
+                {
+                    cause = e.getCause();
+                }
+                throw new ExtCertPathValidatorException(e.getMessage(), cause, certPath, index);
+            }
+        }
+
+        //
+        // (a) (4) name chaining
+        //
+        if (!PrincipalUtils.getEncodedIssuerPrincipal(cert).equals(workingIssuerName))
+        {
+            throw new ExtCertPathValidatorException("IssuerName(" + PrincipalUtils.getEncodedIssuerPrincipal(cert)
+                + ") does not match SubjectName(" + workingIssuerName + ") of signing certificate.", null,
+                certPath, index);
+        }
+    }
+
+    protected static int prepareNextCertI1(
+        CertPath certPath,
+        int index,
+        int explicitPolicy)
+        throws CertPathValidatorException
+    {
+        List certs = certPath.getCertificates();
+        X509Certificate cert = (X509Certificate)certs.get(index);
+        //
+        // (i)
+        //
+        ASN1Sequence pc = null;
+        try
+        {
+            pc = DERSequence.getInstance(CertPathValidatorUtilities.getExtensionValue(cert,
+                RFC3280CertPathUtilities.POLICY_CONSTRAINTS));
+        }
+        catch (Exception e)
+        {
+            throw new ExtCertPathValidatorException("Policy constraints extension cannot be decoded.", e, certPath,
+                index);
+        }
+
+        int tmpInt;
+
+        if (pc != null)
+        {
+            Enumeration policyConstraints = pc.getObjects();
+
+            while (policyConstraints.hasMoreElements())
+            {
+                try
+                {
+
+                    ASN1TaggedObject constraint = ASN1TaggedObject.getInstance(policyConstraints.nextElement());
+                    if (constraint.getTagNo() == 0)
+                    {
+                        tmpInt = ASN1Integer.getInstance(constraint, false).getValue().intValue();
+                        if (tmpInt < explicitPolicy)
+                        {
+                            return tmpInt;
+                        }
+                        break;
+                    }
+                }
+                catch (IllegalArgumentException e)
+                {
+                    throw new ExtCertPathValidatorException("Policy constraints extension contents cannot be decoded.",
+                        e, certPath, index);
+                }
+            }
+        }
+        return explicitPolicy;
+    }
+
+    protected static int prepareNextCertI2(
+        CertPath certPath,
+        int index,
+        int policyMapping)
+        throws CertPathValidatorException
+    {
+        List certs = certPath.getCertificates();
+        X509Certificate cert = (X509Certificate)certs.get(index);
+        //
+        // (i)
+        //
+        ASN1Sequence pc = null;
+        try
+        {
+            pc = DERSequence.getInstance(CertPathValidatorUtilities.getExtensionValue(cert,
+                RFC3280CertPathUtilities.POLICY_CONSTRAINTS));
+        }
+        catch (Exception e)
+        {
+            throw new ExtCertPathValidatorException("Policy constraints extension cannot be decoded.", e, certPath,
+                index);
+        }
+
+        int tmpInt;
+
+        if (pc != null)
+        {
+            Enumeration policyConstraints = pc.getObjects();
+
+            while (policyConstraints.hasMoreElements())
+            {
+                try
+                {
+                    ASN1TaggedObject constraint = ASN1TaggedObject.getInstance(policyConstraints.nextElement());
+                    if (constraint.getTagNo() == 1)
+                    {
+                        tmpInt = ASN1Integer.getInstance(constraint, false).getValue().intValue();
+                        if (tmpInt < policyMapping)
+                        {
+                            return tmpInt;
+                        }
+                        break;
+                    }
+                }
+                catch (IllegalArgumentException e)
+                {
+                    throw new ExtCertPathValidatorException("Policy constraints extension contents cannot be decoded.",
+                        e, certPath, index);
+                }
+            }
+        }
+        return policyMapping;
+    }
+
+    protected static void prepareNextCertG(
+        CertPath certPath,
+        int index,
+        PKIXNameConstraintValidator nameConstraintValidator)
+        throws CertPathValidatorException
+    {
+        List certs = certPath.getCertificates();
+        X509Certificate cert = (X509Certificate)certs.get(index);
+        //
+        // (g) handle the name constraints extension
+        //
+        NameConstraints nc = null;
+        try
+        {
+            ASN1Sequence ncSeq = DERSequence.getInstance(CertPathValidatorUtilities.getExtensionValue(cert,
+                RFC3280CertPathUtilities.NAME_CONSTRAINTS));
+            if (ncSeq != null)
+            {
+                nc = NameConstraints.getInstance(ncSeq);
+            }
+        }
+        catch (Exception e)
+        {
+            throw new ExtCertPathValidatorException("Name constraints extension could not be decoded.", e, certPath,
+                index);
+        }
+        if (nc != null)
+        {
+
+            //
+            // (g) (1) permitted subtrees
+            //
+            GeneralSubtree[] permitted = nc.getPermittedSubtrees();
+            if (permitted != null)
+            {
+                try
+                {
+                    nameConstraintValidator.intersectPermittedSubtree(permitted);
+                }
+                catch (Exception ex)
+                {
+                    throw new ExtCertPathValidatorException(
+                        "Permitted subtrees cannot be build from name constraints extension.", ex, certPath, index);
+                }
+            }
+
+            //
+            // (g) (2) excluded subtrees
+            //
+            GeneralSubtree[] excluded = nc.getExcludedSubtrees();
+            if (excluded != null)
+            {
+                for (int i = 0; i != excluded.length; i++)
+                try
+                {
+                        nameConstraintValidator.addExcludedSubtree(excluded[i]);
+                }
+                catch (Exception ex)
+                {
+                    throw new ExtCertPathValidatorException(
+                        "Excluded subtrees cannot be build from name constraints extension.", ex, certPath, index);
+                }
+            }
+        }
+    }
+
+    /**
+     * Checks a distribution point for revocation information for the
+     * certificate <code>cert</code>.
+     *
+     * @param dp                 The distribution point to consider.
+     * @param paramsPKIX         PKIX parameters.
+     * @param cert               Certificate to check if it is revoked.
+     * @param validDate          The date when the certificate revocation status should be
+     *                           checked.
+     * @param defaultCRLSignCert The issuer certificate of the certificate <code>cert</code>.
+     * @param defaultCRLSignKey  The public key of the issuer certificate
+     *                           <code>defaultCRLSignCert</code>.
+     * @param certStatus         The current certificate revocation status.
+     * @param reasonMask         The reasons mask which is already checked.
+     * @param certPathCerts      The certificates of the certification path.
+     * @throws AnnotatedException if the certificate is revoked or the status cannot be checked
+     *                            or some error occurs.
+     */
+    private static void checkCRL(
+        DistributionPoint dp,
+        PKIXExtendedParameters paramsPKIX,
+        X509Certificate cert,
+        Date validDate,
+        X509Certificate defaultCRLSignCert,
+        PublicKey defaultCRLSignKey,
+        CertStatus certStatus,
+        ReasonsMask reasonMask,
+        List certPathCerts,
+        JcaJceHelper helper)
+        throws AnnotatedException
+    {
+        Date currentDate = new Date(System.currentTimeMillis());
+        if (validDate.getTime() > currentDate.getTime())
+        {
+            throw new AnnotatedException("Validation time is in future.");
+        }
+
+        // (a)
+        /*
+         * We always get timely valid CRLs, so there is no step (a) (1).
+         * "locally cached" CRLs are assumed to be in getStore(), additional
+         * CRLs must be enabled in the ExtendedPKIXParameters and are in
+         * getAdditionalStore()
+         */
+
+        Set crls = CertPathValidatorUtilities.getCompleteCRLs(dp, cert, currentDate, paramsPKIX);
+        boolean validCrlFound = false;
+        AnnotatedException lastException = null;
+        Iterator crl_iter = crls.iterator();
+
+        while (crl_iter.hasNext() && certStatus.getCertStatus() == CertStatus.UNREVOKED && !reasonMask.isAllReasons())
+        {
+            try
+            {
+                X509CRL crl = (X509CRL)crl_iter.next();
+
+                // (d)
+                ReasonsMask interimReasonsMask = RFC3280CertPathUtilities.processCRLD(crl, dp);
+
+                // (e)
+                /*
+                 * The reasons mask is updated at the end, so only valid CRLs
+                 * can update it. If this CRL does not contain new reasons it
+                 * must be ignored.
+                 */
+                if (!interimReasonsMask.hasNewReasons(reasonMask))
+                {
+                    continue;
+                }
+
+                // (f)
+                Set keys = RFC3280CertPathUtilities.processCRLF(crl, cert, defaultCRLSignCert, defaultCRLSignKey,
+                    paramsPKIX, certPathCerts, helper);
+                // (g)
+                PublicKey key = RFC3280CertPathUtilities.processCRLG(crl, keys);
+
+                X509CRL deltaCRL = null;
+
+                Date validityDate = currentDate;
+
+                if (paramsPKIX.getDate() != null)
+                {
+                    validityDate = paramsPKIX.getDate();
+                }
+
+                if (paramsPKIX.isUseDeltasEnabled())
+                {
+                    // get delta CRLs
+                    Set deltaCRLs = CertPathValidatorUtilities.getDeltaCRLs(validityDate, crl, paramsPKIX.getCertStores(), paramsPKIX.getCRLStores());
+                    // we only want one valid delta CRL
+                    // (h)
+                    deltaCRL = RFC3280CertPathUtilities.processCRLH(deltaCRLs, key);
+                }
+
+                /*
+                 * CRL must be be valid at the current time, not the validation
+                 * time. If a certificate is revoked with reason keyCompromise,
+                 * cACompromise, it can be used for forgery, also for the past.
+                 * This reason may not be contained in older CRLs.
+                 */
+
+                /*
+                 * in the chain model signatures stay valid also after the
+                 * certificate has been expired, so they do not have to be in
+                 * the CRL validity time
+                 */
+
+                if (paramsPKIX.getValidityModel() != PKIXExtendedParameters.CHAIN_VALIDITY_MODEL)
+                {
+                    /*
+                     * if a certificate has expired, but was revoked, it is not
+                     * more in the CRL, so it would be regarded as valid if the
+                     * first check is not done
+                     */
+                    if (cert.getNotAfter().getTime() < crl.getThisUpdate().getTime())
+                    {
+                        throw new AnnotatedException("No valid CRL for current time found.");
+                    }
+                }
+
+                RFC3280CertPathUtilities.processCRLB1(dp, cert, crl);
+
+                // (b) (2)
+                RFC3280CertPathUtilities.processCRLB2(dp, cert, crl);
+
+                // (c)
+                RFC3280CertPathUtilities.processCRLC(deltaCRL, crl, paramsPKIX);
+
+                // (i)
+                RFC3280CertPathUtilities.processCRLI(validDate, deltaCRL, cert, certStatus, paramsPKIX);
+
+                // (j)
+                RFC3280CertPathUtilities.processCRLJ(validDate, crl, cert, certStatus);
+
+                // (k)
+                if (certStatus.getCertStatus() == CRLReason.removeFromCRL)
+                {
+                    certStatus.setCertStatus(CertStatus.UNREVOKED);
+                }
+
+                // update reasons mask
+                reasonMask.addReasons(interimReasonsMask);
+
+                Set criticalExtensions = crl.getCriticalExtensionOIDs();
+                if (criticalExtensions != null)
+                {
+                    criticalExtensions = new HashSet(criticalExtensions);
+                    criticalExtensions.remove(Extension.issuingDistributionPoint.getId());
+                    criticalExtensions.remove(Extension.deltaCRLIndicator.getId());
+
+                    if (!criticalExtensions.isEmpty())
+                    {
+                        throw new AnnotatedException("CRL contains unsupported critical extensions.");
+                    }
+                }
+
+                if (deltaCRL != null)
+                {
+                    criticalExtensions = deltaCRL.getCriticalExtensionOIDs();
+                    if (criticalExtensions != null)
+                    {
+                        criticalExtensions = new HashSet(criticalExtensions);
+                        criticalExtensions.remove(Extension.issuingDistributionPoint.getId());
+                        criticalExtensions.remove(Extension.deltaCRLIndicator.getId());
+                        if (!criticalExtensions.isEmpty())
+                        {
+                            throw new AnnotatedException("Delta CRL contains unsupported critical extension.");
+                        }
+                    }
+                }
+
+                validCrlFound = true;
+            }
+            catch (AnnotatedException e)
+            {
+                lastException = e;
+            }
+        }
+        if (!validCrlFound)
+        {
+            throw lastException;
+        }
+    }
+
+    /**
+     * Checks a certificate if it is revoked.
+     *
+     * @param paramsPKIX       PKIX parameters.
+     * @param cert             Certificate to check if it is revoked.
+     * @param validDate        The date when the certificate revocation status should be
+     *                         checked.
+     * @param sign             The issuer certificate of the certificate <code>cert</code>.
+     * @param workingPublicKey The public key of the issuer certificate <code>sign</code>.
+     * @param certPathCerts    The certificates of the certification path.
+     * @throws AnnotatedException if the certificate is revoked or the status cannot be checked
+     *                            or some error occurs.
+     */
+    protected static void checkCRLs(
+        PKIXExtendedParameters paramsPKIX,
+        X509Certificate cert,
+        Date validDate,
+        X509Certificate sign,
+        PublicKey workingPublicKey,
+        List certPathCerts,
+        JcaJceHelper helper)
+        throws AnnotatedException
+    {
+        AnnotatedException lastException = null;
+        CRLDistPoint crldp = null;
+        try
+        {
+            crldp = CRLDistPoint.getInstance(CertPathValidatorUtilities.getExtensionValue(cert,
+                RFC3280CertPathUtilities.CRL_DISTRIBUTION_POINTS));
+        }
+        catch (Exception e)
+        {
+            throw new AnnotatedException("CRL distribution point extension could not be read.", e);
+        }
+
+        PKIXExtendedParameters.Builder paramsBldr = new PKIXExtendedParameters.Builder(paramsPKIX);
+        try
+        {
+            List extras = CertPathValidatorUtilities.getAdditionalStoresFromCRLDistributionPoint(crldp, paramsPKIX.getNamedCRLStoreMap());
+            for (Iterator it = extras.iterator(); it.hasNext();)
+            {
+                paramsBldr.addCRLStore((PKIXCRLStore)it.next());
+            }
+        }
+        catch (AnnotatedException e)
+        {
+            throw new AnnotatedException(
+                "No additional CRL locations could be decoded from CRL distribution point extension.", e);
+        }
+        CertStatus certStatus = new CertStatus();
+        ReasonsMask reasonsMask = new ReasonsMask();
+        PKIXExtendedParameters finalParams = paramsBldr.build();
+
+        boolean validCrlFound = false;
+        // for each distribution point
+        if (crldp != null)
+        {
+            DistributionPoint dps[] = null;
+            try
+            {
+                dps = crldp.getDistributionPoints();
+            }
+            catch (Exception e)
+            {
+                throw new AnnotatedException("Distribution points could not be read.", e);
+            }
+            if (dps != null)
+            {
+                for (int i = 0; i < dps.length && certStatus.getCertStatus() == CertStatus.UNREVOKED && !reasonsMask.isAllReasons(); i++)
+                {
+                    try
+                    {
+                        checkCRL(dps[i], finalParams, cert, validDate, sign, workingPublicKey, certStatus, reasonsMask, certPathCerts, helper);
+                        validCrlFound = true;
+                    }
+                    catch (AnnotatedException e)
+                    {
+                        lastException = e;
+                    }
+                }
+            }
+        }
+
+        /*
+         * If the revocation status has not been determined, repeat the process
+         * above with any available CRLs not specified in a distribution point
+         * but issued by the certificate issuer.
+         */
+
+        if (certStatus.getCertStatus() == CertStatus.UNREVOKED && !reasonsMask.isAllReasons())
+        {
+            try
+            {
+                /*
+                 * assume a DP with both the reasons and the cRLIssuer fields
+                 * omitted and a distribution point name of the certificate
+                 * issuer.
+                 */
+                ASN1Primitive issuer = null;
+                try
+                {
+                    issuer = new ASN1InputStream(PrincipalUtils.getEncodedIssuerPrincipal(cert).getEncoded())
+                        .readObject();
+                }
+                catch (Exception e)
+                {
+                    throw new AnnotatedException("Issuer from certificate for CRL could not be reencoded.", e);
+                }
+                DistributionPoint dp = new DistributionPoint(new DistributionPointName(0, new GeneralNames(
+                    new GeneralName(GeneralName.directoryName, issuer))), null, null);
+                PKIXExtendedParameters paramsPKIXClone = (PKIXExtendedParameters)paramsPKIX.clone();
+                checkCRL(dp, paramsPKIXClone, cert, validDate, sign, workingPublicKey, certStatus, reasonsMask,
+                    certPathCerts, helper);
+                validCrlFound = true;
+            }
+            catch (AnnotatedException e)
+            {
+                lastException = e;
+            }
+        }
+
+        if (!validCrlFound)
+        {
+            if (lastException instanceof AnnotatedException)
+            {
+                throw lastException;
+            }
+
+            throw new AnnotatedException("No valid CRL found.", lastException);
+        }
+        if (certStatus.getCertStatus() != CertStatus.UNREVOKED)
+        {
+            SimpleDateFormat df = new SimpleDateFormat("yyyy-MM-dd HH:mm:ss Z");
+            df.setTimeZone(TimeZone.getTimeZone("UTC"));
+            String message = "Certificate revocation after " + df.format(certStatus.getRevocationDate());
+            message += ", reason: " + crlReasons[certStatus.getCertStatus()];
+            throw new AnnotatedException(message);
+        }
+        if (!reasonsMask.isAllReasons() && certStatus.getCertStatus() == CertStatus.UNREVOKED)
+        {
+            certStatus.setCertStatus(CertStatus.UNDETERMINED);
+        }
+        if (certStatus.getCertStatus() == CertStatus.UNDETERMINED)
+        {
+            throw new AnnotatedException("Certificate status could not be determined.");
+        }
+    }
+
+    protected static int prepareNextCertJ(
+        CertPath certPath,
+        int index,
+        int inhibitAnyPolicy)
+        throws CertPathValidatorException
+    {
+        List certs = certPath.getCertificates();
+        X509Certificate cert = (X509Certificate)certs.get(index);
+        //
+        // (j)
+        //
+        ASN1Integer iap = null;
+        try
+        {
+            iap = ASN1Integer.getInstance(CertPathValidatorUtilities.getExtensionValue(cert,
+                RFC3280CertPathUtilities.INHIBIT_ANY_POLICY));
+        }
+        catch (Exception e)
+        {
+            throw new ExtCertPathValidatorException("Inhibit any-policy extension cannot be decoded.", e, certPath,
+                index);
+        }
+
+        if (iap != null)
+        {
+            int _inhibitAnyPolicy = iap.getValue().intValue();
+
+            if (_inhibitAnyPolicy < inhibitAnyPolicy)
+            {
+                return _inhibitAnyPolicy;
+            }
+        }
+        return inhibitAnyPolicy;
+    }
+
+    protected static void prepareNextCertK(
+        CertPath certPath,
+        int index)
+        throws CertPathValidatorException
+    {
+        List certs = certPath.getCertificates();
+        X509Certificate cert = (X509Certificate)certs.get(index);
+        //
+        // (k)
+        //
+        BasicConstraints bc = null;
+        try
+        {
+            bc = BasicConstraints.getInstance(CertPathValidatorUtilities.getExtensionValue(cert,
+                RFC3280CertPathUtilities.BASIC_CONSTRAINTS));
+        }
+        catch (Exception e)
+        {
+            throw new ExtCertPathValidatorException("Basic constraints extension cannot be decoded.", e, certPath,
+                index);
+        }
+        if (bc != null)
+        {
+            if (!(bc.isCA()))
+            {
+                throw new CertPathValidatorException("Not a CA certificate");
+            }
+        }
+        else
+        {
+            throw new CertPathValidatorException("Intermediate certificate lacks BasicConstraints");
+        }
+    }
+
+    protected static int prepareNextCertL(
+        CertPath certPath,
+        int index,
+        int maxPathLength)
+        throws CertPathValidatorException
+    {
+        List certs = certPath.getCertificates();
+        X509Certificate cert = (X509Certificate)certs.get(index);
+        //
+        // (l)
+        //
+        if (!CertPathValidatorUtilities.isSelfIssued(cert))
+        {
+            if (maxPathLength <= 0)
+            {
+                throw new ExtCertPathValidatorException("Max path length not greater than zero", null, certPath, index);
+            }
+
+            return maxPathLength - 1;
+        }
+        return maxPathLength;
+    }
+
+    protected static int prepareNextCertM(
+        CertPath certPath,
+        int index,
+        int maxPathLength)
+        throws CertPathValidatorException
+    {
+        List certs = certPath.getCertificates();
+        X509Certificate cert = (X509Certificate)certs.get(index);
+
+        //
+        // (m)
+        //
+        BasicConstraints bc = null;
+        try
+        {
+            bc = BasicConstraints.getInstance(CertPathValidatorUtilities.getExtensionValue(cert,
+                RFC3280CertPathUtilities.BASIC_CONSTRAINTS));
+        }
+        catch (Exception e)
+        {
+            throw new ExtCertPathValidatorException("Basic constraints extension cannot be decoded.", e, certPath,
+                index);
+        }
+        if (bc != null)
+        {
+            BigInteger _pathLengthConstraint = bc.getPathLenConstraint();
+
+            if (_pathLengthConstraint != null)
+            {
+                int _plc = _pathLengthConstraint.intValue();
+
+                if (_plc < maxPathLength)
+                {
+                    return _plc;
+                }
+            }
+        }
+        return maxPathLength;
+    }
+
+    protected static void prepareNextCertN(
+        CertPath certPath,
+        int index)
+        throws CertPathValidatorException
+    {
+        List certs = certPath.getCertificates();
+        X509Certificate cert = (X509Certificate)certs.get(index);
+
+        //
+        // (n)
+        //
+        boolean[] _usage = cert.getKeyUsage();
+
+        if ((_usage != null) && !_usage[RFC3280CertPathUtilities.KEY_CERT_SIGN])
+        {
+            throw new ExtCertPathValidatorException(
+                "Issuer certificate keyusage extension is critical and does not permit key signing.", null,
+                certPath, index);
+        }
+    }
+
+    protected static void prepareNextCertO(
+        CertPath certPath,
+        int index,
+        Set criticalExtensions,
+        List pathCheckers)
+        throws CertPathValidatorException
+    {
+        List certs = certPath.getCertificates();
+        X509Certificate cert = (X509Certificate)certs.get(index);
+        //
+        // (o)
+        //
+
+        Iterator tmpIter;
+        tmpIter = pathCheckers.iterator();
+        while (tmpIter.hasNext())
+        {
+            try
+            {
+                ((PKIXCertPathChecker)tmpIter.next()).check(cert, criticalExtensions);
+            }
+            catch (CertPathValidatorException e)
+            {
+                throw new CertPathValidatorException(e.getMessage(), e.getCause(), certPath, index);
+            }
+        }
+        if (!criticalExtensions.isEmpty())
+        {
+            throw new ExtCertPathValidatorException("Certificate has unsupported critical extension: " + criticalExtensions, null, certPath,
+                index);
+        }
+    }
+
+    protected static int prepareNextCertH1(
+        CertPath certPath,
+        int index,
+        int explicitPolicy)
+    {
+        List certs = certPath.getCertificates();
+        X509Certificate cert = (X509Certificate)certs.get(index);
+        //
+        // (h)
+        //
+        if (!CertPathValidatorUtilities.isSelfIssued(cert))
+        {
+            //
+            // (1)
+            //
+            if (explicitPolicy != 0)
+            {
+                return explicitPolicy - 1;
+            }
+        }
+        return explicitPolicy;
+    }
+
+    protected static int prepareNextCertH2(
+        CertPath certPath,
+        int index,
+        int policyMapping)
+    {
+        List certs = certPath.getCertificates();
+        X509Certificate cert = (X509Certificate)certs.get(index);
+        //
+        // (h)
+        //
+        if (!CertPathValidatorUtilities.isSelfIssued(cert))
+        {
+            //
+            // (2)
+            //
+            if (policyMapping != 0)
+            {
+                return policyMapping - 1;
+            }
+        }
+        return policyMapping;
+    }
+
+    protected static int prepareNextCertH3(
+        CertPath certPath,
+        int index,
+        int inhibitAnyPolicy)
+    {
+        List certs = certPath.getCertificates();
+        X509Certificate cert = (X509Certificate)certs.get(index);
+        //
+        // (h)
+        //
+        if (!CertPathValidatorUtilities.isSelfIssued(cert))
+        {
+            //
+            // (3)
+            //
+            if (inhibitAnyPolicy != 0)
+            {
+                return inhibitAnyPolicy - 1;
+            }
+        }
+        return inhibitAnyPolicy;
+    }
+
+    protected static final String[] crlReasons = new String[]
+        {
+            "unspecified",
+            "keyCompromise",
+            "cACompromise",
+            "affiliationChanged",
+            "superseded",
+            "cessationOfOperation",
+            "certificateHold",
+            "unknown",
+            "removeFromCRL",
+            "privilegeWithdrawn",
+            "aACompromise"};
+
+    protected static int wrapupCertA(
+        int explicitPolicy,
+        X509Certificate cert)
+    {
+        //
+        // (a)
+        //
+        if (!CertPathValidatorUtilities.isSelfIssued(cert) && (explicitPolicy != 0))
+        {
+            explicitPolicy--;
+        }
+        return explicitPolicy;
+    }
+
+    protected static int wrapupCertB(
+        CertPath certPath,
+        int index,
+        int explicitPolicy)
+        throws CertPathValidatorException
+    {
+        List certs = certPath.getCertificates();
+        X509Certificate cert = (X509Certificate)certs.get(index);
+        //
+        // (b)
+        //
+        int tmpInt;
+        ASN1Sequence pc = null;
+        try
+        {
+            pc = DERSequence.getInstance(CertPathValidatorUtilities.getExtensionValue(cert,
+                RFC3280CertPathUtilities.POLICY_CONSTRAINTS));
+        }
+        catch (AnnotatedException e)
+        {
+            throw new ExtCertPathValidatorException("Policy constraints could not be decoded.", e, certPath, index);
+        }
+        if (pc != null)
+        {
+            Enumeration policyConstraints = pc.getObjects();
+
+            while (policyConstraints.hasMoreElements())
+            {
+                ASN1TaggedObject constraint = (ASN1TaggedObject)policyConstraints.nextElement();
+                switch (constraint.getTagNo())
+                {
+                    case 0:
+                        try
+                        {
+                            tmpInt = ASN1Integer.getInstance(constraint, false).getValue().intValue();
+                        }
+                        catch (Exception e)
+                        {
+                            throw new ExtCertPathValidatorException(
+                                "Policy constraints requireExplicitPolicy field could not be decoded.", e, certPath,
+                                index);
+                        }
+                        if (tmpInt == 0)
+                        {
+                            return 0;
+                        }
+                        break;
+                }
+            }
+        }
+        return explicitPolicy;
+    }
+
+    protected static void wrapupCertF(
+        CertPath certPath,
+        int index,
+        List pathCheckers,
+        Set criticalExtensions)
+        throws CertPathValidatorException
+    {
+        List certs = certPath.getCertificates();
+        X509Certificate cert = (X509Certificate)certs.get(index);
+        Iterator tmpIter;
+        tmpIter = pathCheckers.iterator();
+        while (tmpIter.hasNext())
+        {
+            try
+            {
+                ((PKIXCertPathChecker)tmpIter.next()).check(cert, criticalExtensions);
+            }
+            catch (CertPathValidatorException e)
+            {
+                throw new ExtCertPathValidatorException(e.getMessage(), e, certPath, index);
+            }
+            catch (Exception e)
+            {
+                throw new CertPathValidatorException("Additional certificate path checker failed.", e, certPath, index);
+            }
+        }
+
+        if (!criticalExtensions.isEmpty())
+        {
+            throw new ExtCertPathValidatorException("Certificate has unsupported critical extension: " + criticalExtensions, null, certPath,
+                index);
+        }
+    }
+
+    protected static PKIXPolicyNode wrapupCertG(
+        CertPath certPath,
+        PKIXExtendedParameters paramsPKIX,
+        Set userInitialPolicySet,
+        int index,
+        List[] policyNodes,
+        PKIXPolicyNode validPolicyTree,
+        Set acceptablePolicies)
+        throws CertPathValidatorException
+    {
+        int n = certPath.getCertificates().size();
+        //
+        // (g)
+        //
+        PKIXPolicyNode intersection;
+
+        //
+        // (g) (i)
+        //
+        if (validPolicyTree == null)
+        {
+            if (paramsPKIX.isExplicitPolicyRequired())
+            {
+                throw new ExtCertPathValidatorException("Explicit policy requested but none available.", null,
+                    certPath, index);
+            }
+            intersection = null;
+        }
+        else if (CertPathValidatorUtilities.isAnyPolicy(userInitialPolicySet)) // (g)
+        // (ii)
+        {
+            if (paramsPKIX.isExplicitPolicyRequired())
+            {
+                if (acceptablePolicies.isEmpty())
+                {
+                    throw new ExtCertPathValidatorException("Explicit policy requested but none available.", null,
+                        certPath, index);
+                }
+                else
+                {
+                    Set _validPolicyNodeSet = new HashSet();
+
+                    for (int j = 0; j < policyNodes.length; j++)
+                    {
+                        List _nodeDepth = policyNodes[j];
+
+                        for (int k = 0; k < _nodeDepth.size(); k++)
+                        {
+                            PKIXPolicyNode _node = (PKIXPolicyNode)_nodeDepth.get(k);
+
+                            if (RFC3280CertPathUtilities.ANY_POLICY.equals(_node.getValidPolicy()))
+                            {
+                                Iterator _iter = _node.getChildren();
+                                while (_iter.hasNext())
+                                {
+                                    _validPolicyNodeSet.add(_iter.next());
+                                }
+                            }
+                        }
+                    }
+
+                    Iterator _vpnsIter = _validPolicyNodeSet.iterator();
+                    while (_vpnsIter.hasNext())
+                    {
+                        PKIXPolicyNode _node = (PKIXPolicyNode)_vpnsIter.next();
+                        String _validPolicy = _node.getValidPolicy();
+
+                        if (!acceptablePolicies.contains(_validPolicy))
+                        {
+                            // validPolicyTree =
+                            // removePolicyNode(validPolicyTree, policyNodes,
+                            // _node);
+                        }
+                    }
+                    if (validPolicyTree != null)
+                    {
+                        for (int j = (n - 1); j >= 0; j--)
+                        {
+                            List nodes = policyNodes[j];
+
+                            for (int k = 0; k < nodes.size(); k++)
+                            {
+                                PKIXPolicyNode node = (PKIXPolicyNode)nodes.get(k);
+                                if (!node.hasChildren())
+                                {
+                                    validPolicyTree = CertPathValidatorUtilities.removePolicyNode(validPolicyTree,
+                                        policyNodes, node);
+                                }
+                            }
+                        }
+                    }
+                }
+            }
+
+            intersection = validPolicyTree;
+        }
+        else
+        {
+            //
+            // (g) (iii)
+            //
+            // This implementation is not exactly same as the one described in
+            // RFC3280.
+            // However, as far as the validation result is concerned, both
+            // produce
+            // adequate result. The only difference is whether AnyPolicy is
+            // remain
+            // in the policy tree or not.
+            //
+            // (g) (iii) 1
+            //
+            Set _validPolicyNodeSet = new HashSet();
+
+            for (int j = 0; j < policyNodes.length; j++)
+            {
+                List _nodeDepth = policyNodes[j];
+
+                for (int k = 0; k < _nodeDepth.size(); k++)
+                {
+                    PKIXPolicyNode _node = (PKIXPolicyNode)_nodeDepth.get(k);
+
+                    if (RFC3280CertPathUtilities.ANY_POLICY.equals(_node.getValidPolicy()))
+                    {
+                        Iterator _iter = _node.getChildren();
+                        while (_iter.hasNext())
+                        {
+                            PKIXPolicyNode _c_node = (PKIXPolicyNode)_iter.next();
+                            if (!RFC3280CertPathUtilities.ANY_POLICY.equals(_c_node.getValidPolicy()))
+                            {
+                                _validPolicyNodeSet.add(_c_node);
+                            }
+                        }
+                    }
+                }
+            }
+
+            //
+            // (g) (iii) 2
+            //
+            Iterator _vpnsIter = _validPolicyNodeSet.iterator();
+            while (_vpnsIter.hasNext())
+            {
+                PKIXPolicyNode _node = (PKIXPolicyNode)_vpnsIter.next();
+                String _validPolicy = _node.getValidPolicy();
+
+                if (!userInitialPolicySet.contains(_validPolicy))
+                {
+                    validPolicyTree = CertPathValidatorUtilities.removePolicyNode(validPolicyTree, policyNodes, _node);
+                }
+            }
+
+            //
+            // (g) (iii) 4
+            //
+            if (validPolicyTree != null)
+            {
+                for (int j = (n - 1); j >= 0; j--)
+                {
+                    List nodes = policyNodes[j];
+
+                    for (int k = 0; k < nodes.size(); k++)
+                    {
+                        PKIXPolicyNode node = (PKIXPolicyNode)nodes.get(k);
+                        if (!node.hasChildren())
+                        {
+                            validPolicyTree = CertPathValidatorUtilities.removePolicyNode(validPolicyTree, policyNodes,
+                                node);
+                        }
+                    }
+                }
+            }
+
+            intersection = validPolicyTree;
+        }
+        return intersection;
+    }
+
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/ReasonsMask.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/ReasonsMask.java
new file mode 100644
index 0000000..cf953b7
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/ReasonsMask.java

@@ -0,0 +1,102 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import com.android.org.bouncycastle.asn1.x509.ReasonFlags;
+
+/**
+ * This class helps to handle CRL revocation reasons mask. Each CRL handles a
+ * certain set of revocation reasons.
+ */
+class ReasonsMask
+{
+    private int _reasons;
+
+    /**
+     * Constructs are reason mask with the reasons.
+     * 
+     * @param reasons The reasons.
+     */
+    ReasonsMask(ReasonFlags reasons)
+    {
+        _reasons = reasons.intValue();
+    }
+
+    private ReasonsMask(int reasons)
+    {
+        _reasons = reasons;
+    }
+
+    /**
+     * A reason mask with no reason.
+     * 
+     */
+    ReasonsMask()
+    {
+        this(0);
+    }
+
+    /**
+     * A mask with all revocation reasons.
+     */
+    static final ReasonsMask allReasons = new ReasonsMask(ReasonFlags.aACompromise
+            | ReasonFlags.affiliationChanged | ReasonFlags.cACompromise
+            | ReasonFlags.certificateHold | ReasonFlags.cessationOfOperation
+            | ReasonFlags.keyCompromise | ReasonFlags.privilegeWithdrawn
+            | ReasonFlags.unused | ReasonFlags.superseded);
+
+    /**
+     * Adds all reasons from the reasons mask to this mask.
+     * 
+     * @param mask The reasons mask to add.
+     */
+    void addReasons(ReasonsMask mask)
+    {
+        _reasons = _reasons | mask.getReasons();
+    }
+
+    /**
+     * Returns <code>true</code> if this reasons mask contains all possible
+     * reasons.
+     * 
+     * @return <code>true</code> if this reasons mask contains all possible
+     *         reasons.
+     */
+    boolean isAllReasons()
+    {
+        return _reasons == allReasons._reasons ? true : false;
+    }
+
+    /**
+     * Intersects this mask with the given reasons mask.
+     * 
+     * @param mask The mask to intersect with.
+     * @return The intersection of this and the given mask.
+     */
+    ReasonsMask intersect(ReasonsMask mask)
+    {
+        ReasonsMask _mask = new ReasonsMask();
+        _mask.addReasons(new ReasonsMask(_reasons & mask.getReasons()));
+        return _mask;
+    }
+
+    /**
+     * Returns <code>true</code> if the passed reasons mask has new reasons.
+     * 
+     * @param mask The reasons mask which should be tested for new reasons.
+     * @return <code>true</code> if the passed reasons mask has new reasons.
+     */
+    boolean hasNewReasons(ReasonsMask mask)
+    {
+        return ((_reasons | mask.getReasons() ^ _reasons) != 0);
+    }
+
+    /**
+     * Returns the reasons in this mask.
+     * 
+     * @return Returns the reasons.
+     */
+    int getReasons()
+    {
+        return _reasons;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/X509CRLEntryObject.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/X509CRLEntryObject.java
new file mode 100644
index 0000000..6fd0239
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/X509CRLEntryObject.java

@@ -0,0 +1,321 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import java.io.IOException;
+import java.math.BigInteger;
+import java.security.cert.CRLException;
+import java.security.cert.X509CRLEntry;
+import java.util.Date;
+import java.util.Enumeration;
+import java.util.HashSet;
+import java.util.Set;
+
+import javax.security.auth.x500.X500Principal;
+
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1Enumerated;
+import com.android.org.bouncycastle.asn1.ASN1InputStream;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.util.ASN1Dump;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+import com.android.org.bouncycastle.asn1.x509.CRLReason;
+import com.android.org.bouncycastle.asn1.x509.Extension;
+import com.android.org.bouncycastle.asn1.x509.Extensions;
+import com.android.org.bouncycastle.asn1.x509.GeneralName;
+import com.android.org.bouncycastle.asn1.x509.GeneralNames;
+import com.android.org.bouncycastle.asn1.x509.TBSCertList;
+import com.android.org.bouncycastle.asn1.x509.X509Extension;
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * The following extensions are listed in RFC 2459 as relevant to CRL Entries
+ * 
+ * ReasonCode Hode Instruction Code Invalidity Date Certificate Issuer
+ * (critical)
+ * @hide This class is not part of the Android public SDK API
+ */
+public class X509CRLEntryObject extends X509CRLEntry
+{
+    private TBSCertList.CRLEntry c;
+
+    private X500Name certificateIssuer;
+    private int           hashValue;
+    private boolean       isHashValueSet;
+
+    public X509CRLEntryObject(TBSCertList.CRLEntry c)
+    {
+        this.c = c;
+        this.certificateIssuer = null;
+    }
+
+    /**
+     * Constructor for CRLEntries of indirect CRLs. If <code>isIndirect</code>
+     * is <code>false</code> {@link #getCertificateIssuer()} will always
+     * return <code>null</code>, <code>previousCertificateIssuer</code> is
+     * ignored. If this <code>isIndirect</code> is specified and this CRLEntry
+     * has no certificate issuer CRL entry extension
+     * <code>previousCertificateIssuer</code> is returned by
+     * {@link #getCertificateIssuer()}.
+     * 
+     * @param c
+     *            TBSCertList.CRLEntry object.
+     * @param isIndirect
+     *            <code>true</code> if the corresponding CRL is a indirect
+     *            CRL.
+     * @param previousCertificateIssuer
+     *            Certificate issuer of the previous CRLEntry.
+     */
+    public X509CRLEntryObject(
+        TBSCertList.CRLEntry c,
+        boolean isIndirect,
+        X500Name previousCertificateIssuer)
+    {
+        this.c = c;
+        this.certificateIssuer = loadCertificateIssuer(isIndirect, previousCertificateIssuer);
+    }
+
+    /**
+     * Will return true if any extensions are present and marked as critical as
+     * we currently don't handle any extensions!
+     */
+    public boolean hasUnsupportedCriticalExtension()
+    {
+        Set extns = getCriticalExtensionOIDs();
+
+        return extns != null && !extns.isEmpty();
+    }
+
+    private X500Name loadCertificateIssuer(boolean isIndirect, X500Name previousCertificateIssuer)
+    {
+        if (!isIndirect)
+        {
+            return null;
+        }
+
+        Extension ext = getExtension(Extension.certificateIssuer);
+        if (ext == null)
+        {
+            return previousCertificateIssuer;
+        }
+
+        try
+        {
+            GeneralName[] names = GeneralNames.getInstance(ext.getParsedValue()).getNames();
+            for (int i = 0; i < names.length; i++)
+            {
+                if (names[i].getTagNo() == GeneralName.directoryName)
+                {
+                    return X500Name.getInstance(names[i].getName());
+                }
+            }
+            return null;
+        }
+        catch (Exception e)
+        {
+            return null;
+        }
+    }
+
+    public X500Principal getCertificateIssuer()
+    {
+        if (certificateIssuer == null)
+        {
+            return null;
+        }
+        try
+        {
+            return new X500Principal(certificateIssuer.getEncoded());
+        }
+        catch (IOException e)
+        {
+            return null;
+        }
+    }
+
+    private Set getExtensionOIDs(boolean critical)
+    {
+        Extensions extensions = c.getExtensions();
+
+        if (extensions != null)
+        {
+            Set set = new HashSet();
+            Enumeration e = extensions.oids();
+
+            while (e.hasMoreElements())
+            {
+                ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) e.nextElement();
+                Extension ext = extensions.getExtension(oid);
+
+                if (critical == ext.isCritical())
+                {
+                    set.add(oid.getId());
+                }
+            }
+
+            return set;
+        }
+
+        return null;
+    }
+
+    public Set getCriticalExtensionOIDs()
+    {
+        return getExtensionOIDs(true);
+    }
+
+    public Set getNonCriticalExtensionOIDs()
+    {
+        return getExtensionOIDs(false);
+    }
+
+    private Extension getExtension(ASN1ObjectIdentifier oid)
+    {
+        Extensions exts = c.getExtensions();
+
+        if (exts != null)
+        {
+            return exts.getExtension(oid);
+        }
+
+        return null;
+    }
+
+    public byte[] getExtensionValue(String oid)
+    {
+        Extension ext = getExtension(new ASN1ObjectIdentifier(oid));
+
+        if (ext != null)
+        {
+            try
+            {
+                return ext.getExtnValue().getEncoded();
+            }
+            catch (Exception e)
+            {
+                throw new RuntimeException("error encoding " + e.toString());
+            }
+        }
+
+        return null;
+    }
+
+    /**
+     * Cache the hashCode value - calculating it with the standard method.
+     * @return  calculated hashCode.
+     */
+    public int hashCode()
+    {
+        if (!isHashValueSet)
+        {
+            hashValue = super.hashCode();
+            isHashValueSet = true;
+        }
+
+        return hashValue;
+    }
+
+    public boolean equals(Object o)
+    {
+        if (o == this)
+        {
+            return true;
+        }
+
+        if (o instanceof X509CRLEntryObject)
+        {
+            X509CRLEntryObject other = (X509CRLEntryObject)o;
+
+            return this.c.equals(other.c);
+        }
+
+        return super.equals(this);
+    }
+
+    public byte[] getEncoded()
+        throws CRLException
+    {
+        try
+        {
+            return c.getEncoded(ASN1Encoding.DER);
+        }
+        catch (IOException e)
+        {
+            throw new CRLException(e.toString());
+        }
+    }
+
+    public BigInteger getSerialNumber()
+    {
+        return c.getUserCertificate().getValue();
+    }
+
+    public Date getRevocationDate()
+    {
+        return c.getRevocationDate().getDate();
+    }
+
+    public boolean hasExtensions()
+    {
+        return c.getExtensions() != null;
+    }
+
+    public String toString()
+    {
+        StringBuffer buf = new StringBuffer();
+        String nl = Strings.lineSeparator();
+
+        buf.append("      userCertificate: ").append(this.getSerialNumber()).append(nl);
+        buf.append("       revocationDate: ").append(this.getRevocationDate()).append(nl);
+        buf.append("       certificateIssuer: ").append(this.getCertificateIssuer()).append(nl);
+
+        Extensions extensions = c.getExtensions();
+
+        if (extensions != null)
+        {
+            Enumeration e = extensions.oids();
+            if (e.hasMoreElements())
+            {
+                buf.append("   crlEntryExtensions:").append(nl);
+
+                while (e.hasMoreElements())
+                {
+                    ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement();
+                    Extension ext = extensions.getExtension(oid);
+                    if (ext.getExtnValue() != null)
+                    {
+                        byte[]                  octs = ext.getExtnValue().getOctets();
+                        ASN1InputStream dIn = new ASN1InputStream(octs);
+                        buf.append("                       critical(").append(ext.isCritical()).append(") ");
+                        try
+                        {
+                            if (oid.equals(X509Extension.reasonCode))
+                            {
+                                buf.append(CRLReason.getInstance(ASN1Enumerated.getInstance(dIn.readObject()))).append(nl);
+                            }
+                            else if (oid.equals(X509Extension.certificateIssuer))
+                            {
+                                buf.append("Certificate issuer: ").append(GeneralNames.getInstance(dIn.readObject())).append(nl);
+                            }
+                            else 
+                            {
+                                buf.append(oid.getId());
+                                buf.append(" value = ").append(ASN1Dump.dumpAsString(dIn.readObject())).append(nl);
+                            }
+                        }
+                        catch (Exception ex)
+                        {
+                            buf.append(oid.getId());
+                            buf.append(" value = ").append("*****").append(nl);
+                        }
+                    }
+                    else
+                    {
+                        buf.append(nl);
+                    }
+                }
+            }
+        }
+
+        return buf.toString();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/X509CRLObject.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/X509CRLObject.java
new file mode 100644
index 0000000..20e2447
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/X509CRLObject.java

@@ -0,0 +1,666 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import java.io.IOException;
+import java.math.BigInteger;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.Principal;
+import java.security.Provider;
+import java.security.PublicKey;
+import java.security.Signature;
+import java.security.SignatureException;
+import java.security.cert.CRLException;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.X509CRL;
+import java.security.cert.X509CRLEntry;
+import java.security.cert.X509Certificate;
+import java.util.Collections;
+import java.util.Date;
+import java.util.Enumeration;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.Set;
+
+import javax.security.auth.x500.X500Principal;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1InputStream;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.util.ASN1Dump;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+import com.android.org.bouncycastle.asn1.x509.CRLDistPoint;
+import com.android.org.bouncycastle.asn1.x509.CRLNumber;
+import com.android.org.bouncycastle.asn1.x509.CertificateList;
+import com.android.org.bouncycastle.asn1.x509.Extension;
+import com.android.org.bouncycastle.asn1.x509.Extensions;
+import com.android.org.bouncycastle.asn1.x509.GeneralNames;
+import com.android.org.bouncycastle.asn1.x509.IssuingDistributionPoint;
+import com.android.org.bouncycastle.asn1.x509.TBSCertList;
+import com.android.org.bouncycastle.jce.X509Principal;
+import com.android.org.bouncycastle.util.Strings;
+import com.android.org.bouncycastle.util.encoders.Hex;
+
+/**
+ * The following extensions are listed in RFC 2459 as relevant to CRLs
+ *
+ * Authority Key Identifier
+ * Issuer Alternative Name
+ * CRL Number
+ * Delta CRL Indicator (critical)
+ * Issuing Distribution Point (critical)
+ * @deprecated Do not use this class directly - either use org.bouncycastle.cert (bcpkix) or CertificateFactory.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class X509CRLObject
+    extends X509CRL
+{
+    private CertificateList c;
+    private String sigAlgName;
+    private byte[] sigAlgParams;
+    private boolean isIndirect;
+    private boolean isHashCodeSet = false;
+    private int     hashCodeValue;
+
+    public static boolean isIndirectCRL(X509CRL crl)
+        throws CRLException
+    {
+        try
+        {
+            byte[] idp = crl.getExtensionValue(Extension.issuingDistributionPoint.getId());
+            return idp != null
+                && IssuingDistributionPoint.getInstance(ASN1OctetString.getInstance(idp).getOctets()).isIndirectCRL();
+        }
+        catch (Exception e)
+        {
+            throw new ExtCRLException(
+                    "Exception reading IssuingDistributionPoint", e);
+        }
+    }
+
+    public X509CRLObject(
+        CertificateList c)
+        throws CRLException
+    {
+        this.c = c;
+        
+        try
+        {
+            this.sigAlgName = X509SignatureUtil.getSignatureName(c.getSignatureAlgorithm());
+            
+            if (c.getSignatureAlgorithm().getParameters() != null)
+            {
+                this.sigAlgParams = ((ASN1Encodable)c.getSignatureAlgorithm().getParameters()).toASN1Primitive().getEncoded(ASN1Encoding.DER);
+            }
+            else
+            {
+                this.sigAlgParams = null;
+            }
+
+            this.isIndirect = isIndirectCRL(this);
+        }
+        catch (Exception e)
+        {
+            throw new CRLException("CRL contents invalid: " + e);
+        }
+    }
+
+    /**
+     * Will return true if any extensions are present and marked
+     * as critical as we currently dont handle any extensions!
+     */
+    public boolean hasUnsupportedCriticalExtension()
+    {
+        Set extns = getCriticalExtensionOIDs();
+
+        if (extns == null)
+        {
+            return false;
+        }
+
+        extns.remove(RFC3280CertPathUtilities.ISSUING_DISTRIBUTION_POINT);
+        extns.remove(RFC3280CertPathUtilities.DELTA_CRL_INDICATOR);
+
+        return !extns.isEmpty();
+    }
+
+    private Set getExtensionOIDs(boolean critical)
+    {
+        if (this.getVersion() == 2)
+        {
+            Extensions extensions = c.getTBSCertList().getExtensions();
+
+            if (extensions != null)
+            {
+                Set set = new HashSet();
+                Enumeration e = extensions.oids();
+
+                while (e.hasMoreElements())
+                {
+                    ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement();
+                    Extension ext = extensions.getExtension(oid);
+
+                    if (critical == ext.isCritical())
+                    {
+                        set.add(oid.getId());
+                    }
+                }
+
+                return set;
+            }
+        }
+
+        return null;
+    }
+
+    public Set getCriticalExtensionOIDs()
+    {
+        return getExtensionOIDs(true);
+    }
+
+    public Set getNonCriticalExtensionOIDs()
+    {
+        return getExtensionOIDs(false);
+    }
+
+    public byte[] getExtensionValue(String oid)
+    {
+        Extensions exts = c.getTBSCertList().getExtensions();
+
+        if (exts != null)
+        {
+            Extension ext = exts.getExtension(new ASN1ObjectIdentifier(oid));
+
+            if (ext != null)
+            {
+                try
+                {
+                    return ext.getExtnValue().getEncoded();
+                }
+                catch (Exception e)
+                {
+                    throw new IllegalStateException("error parsing " + e.toString());
+                }
+            }
+        }
+
+        return null;
+    }
+
+    public byte[] getEncoded()
+        throws CRLException
+    {
+        try
+        {
+            return c.getEncoded(ASN1Encoding.DER);
+        }
+        catch (IOException e)
+        {
+            throw new CRLException(e.toString());
+        }
+    }
+
+    public void verify(PublicKey key)
+        throws CRLException, NoSuchAlgorithmException,
+        InvalidKeyException, NoSuchProviderException, SignatureException
+    {
+        Signature sig;
+
+        try
+        {
+            sig = Signature.getInstance(getSigAlgName(), BouncyCastleProvider.PROVIDER_NAME);
+        }
+        catch (Exception e)
+        {
+            sig = Signature.getInstance(getSigAlgName());
+        }
+
+        doVerify(key, sig);
+    }
+
+    public void verify(PublicKey key, String sigProvider)
+        throws CRLException, NoSuchAlgorithmException,
+        InvalidKeyException, NoSuchProviderException, SignatureException
+    {
+        Signature sig;
+
+        if (sigProvider != null)
+        {
+            sig = Signature.getInstance(getSigAlgName(), sigProvider);
+        }
+        else
+        {
+            sig = Signature.getInstance(getSigAlgName());
+        }
+
+        doVerify(key, sig);
+    }
+
+    public void verify(PublicKey key, Provider sigProvider)
+        throws CRLException, NoSuchAlgorithmException,
+        InvalidKeyException, SignatureException
+    {
+        Signature sig;
+
+        if (sigProvider != null)
+        {
+            sig = Signature.getInstance(getSigAlgName(), sigProvider);
+        }
+        else
+        {
+            sig = Signature.getInstance(getSigAlgName());
+        }
+
+        doVerify(key, sig);
+    }
+
+    private void doVerify(PublicKey key, Signature sig)
+        throws CRLException, NoSuchAlgorithmException,
+        InvalidKeyException, SignatureException
+    {
+        if (!c.getSignatureAlgorithm().equals(c.getTBSCertList().getSignature()))
+        {
+            throw new CRLException("Signature algorithm on CertificateList does not match TBSCertList.");
+        }
+
+        sig.initVerify(key);
+        sig.update(this.getTBSCertList());
+
+        if (!sig.verify(this.getSignature()))
+        {
+            throw new SignatureException("CRL does not verify with supplied public key.");
+        }
+    }
+
+    public int getVersion()
+    {
+        return c.getVersionNumber();
+    }
+
+    public Principal getIssuerDN()
+    {
+        return new X509Principal(X500Name.getInstance(c.getIssuer().toASN1Primitive()));
+    }
+
+    public X500Principal getIssuerX500Principal()
+    {
+        try
+        {
+            return new X500Principal(c.getIssuer().getEncoded());
+        }
+        catch (IOException e)
+        {
+            throw new IllegalStateException("can't encode issuer DN");
+        }
+    }
+
+    public Date getThisUpdate()
+    {
+        return c.getThisUpdate().getDate();
+    }
+
+    public Date getNextUpdate()
+    {
+        if (c.getNextUpdate() != null)
+        {
+            return c.getNextUpdate().getDate();
+        }
+
+        return null;
+    }
+ 
+    private Set loadCRLEntries()
+    {
+        Set entrySet = new HashSet();
+        Enumeration certs = c.getRevokedCertificateEnumeration();
+
+        X500Name previousCertificateIssuer = null; // the issuer
+        while (certs.hasMoreElements())
+        {
+            TBSCertList.CRLEntry entry = (TBSCertList.CRLEntry)certs.nextElement();
+            X509CRLEntryObject crlEntry = new X509CRLEntryObject(entry, isIndirect, previousCertificateIssuer);
+            entrySet.add(crlEntry);
+            if (isIndirect && entry.hasExtensions())
+            {
+                Extension currentCaName = entry.getExtensions().getExtension(Extension.certificateIssuer);
+
+                if (currentCaName != null)
+                {
+                    previousCertificateIssuer = X500Name.getInstance(GeneralNames.getInstance(currentCaName.getParsedValue()).getNames()[0].getName());
+                }
+            }
+        }
+
+        return entrySet;
+    }
+
+    public X509CRLEntry getRevokedCertificate(BigInteger serialNumber)
+    {
+        Enumeration certs = c.getRevokedCertificateEnumeration();
+
+        X500Name previousCertificateIssuer = null; // the issuer
+        while (certs.hasMoreElements())
+        {
+            TBSCertList.CRLEntry entry = (TBSCertList.CRLEntry)certs.nextElement();
+
+            if (serialNumber.equals(entry.getUserCertificate().getValue()))
+            {
+                return new X509CRLEntryObject(entry, isIndirect, previousCertificateIssuer);
+            }
+
+            if (isIndirect && entry.hasExtensions())
+            {
+                Extension currentCaName = entry.getExtensions().getExtension(Extension.certificateIssuer);
+
+                if (currentCaName != null)
+                {
+                    previousCertificateIssuer = X500Name.getInstance(GeneralNames.getInstance(currentCaName.getParsedValue()).getNames()[0].getName());
+                }
+            }
+        }
+
+        return null;
+    }
+
+    public Set getRevokedCertificates()
+    {
+        Set entrySet = loadCRLEntries();
+
+        if (!entrySet.isEmpty())
+        {
+            return Collections.unmodifiableSet(entrySet);
+        }
+
+        return null;
+    }
+
+    public byte[] getTBSCertList()
+        throws CRLException
+    {
+        try
+        {
+            return c.getTBSCertList().getEncoded("DER");
+        }
+        catch (IOException e)
+        {
+            throw new CRLException(e.toString());
+        }
+    }
+
+    public byte[] getSignature()
+    {
+        return c.getSignature().getOctets();
+    }
+
+    public String getSigAlgName()
+    {
+        return sigAlgName;
+    }
+
+    public String getSigAlgOID()
+    {
+        return c.getSignatureAlgorithm().getAlgorithm().getId();
+    }
+
+    public byte[] getSigAlgParams()
+    {
+        if (sigAlgParams != null)
+        {
+            byte[] tmp = new byte[sigAlgParams.length];
+            
+            System.arraycopy(sigAlgParams, 0, tmp, 0, tmp.length);
+            
+            return tmp;
+        }
+        
+        return null;
+    }
+
+    /**
+     * Returns a string representation of this CRL.
+     *
+     * @return a string representation of this CRL.
+     */
+    public String toString()
+    {
+        StringBuffer buf = new StringBuffer();
+        String nl = Strings.lineSeparator();
+
+        buf.append("              Version: ").append(this.getVersion()).append(
+            nl);
+        buf.append("             IssuerDN: ").append(this.getIssuerDN())
+            .append(nl);
+        buf.append("          This update: ").append(this.getThisUpdate())
+            .append(nl);
+        buf.append("          Next update: ").append(this.getNextUpdate())
+            .append(nl);
+        buf.append("  Signature Algorithm: ").append(this.getSigAlgName())
+            .append(nl);
+
+        byte[] sig = this.getSignature();
+
+        buf.append("            Signature: ").append(
+            new String(Hex.encode(sig, 0, 20))).append(nl);
+        for (int i = 20; i < sig.length; i += 20)
+        {
+            if (i < sig.length - 20)
+            {
+                buf.append("                       ").append(
+                    new String(Hex.encode(sig, i, 20))).append(nl);
+            }
+            else
+            {
+                buf.append("                       ").append(
+                    new String(Hex.encode(sig, i, sig.length - i))).append(nl);
+            }
+        }
+
+        Extensions extensions = c.getTBSCertList().getExtensions();
+
+        if (extensions != null)
+        {
+            Enumeration e = extensions.oids();
+
+            if (e.hasMoreElements())
+            {
+                buf.append("           Extensions: ").append(nl);
+            }
+
+            while (e.hasMoreElements())
+            {
+                ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier) e.nextElement();
+                Extension ext = extensions.getExtension(oid);
+
+                if (ext.getExtnValue() != null)
+                {
+                    byte[] octs = ext.getExtnValue().getOctets();
+                    ASN1InputStream dIn = new ASN1InputStream(octs);
+                    buf.append("                       critical(").append(
+                        ext.isCritical()).append(") ");
+                    try
+                    {
+                        if (oid.equals(Extension.cRLNumber))
+                        {
+                            buf.append(
+                                new CRLNumber(ASN1Integer.getInstance(
+                                    dIn.readObject()).getPositiveValue()))
+                                .append(nl);
+                        }
+                        else if (oid.equals(Extension.deltaCRLIndicator))
+                        {
+                            buf.append(
+                                "Base CRL: "
+                                    + new CRLNumber(ASN1Integer.getInstance(
+                                        dIn.readObject()).getPositiveValue()))
+                                .append(nl);
+                        }
+                        else if (oid
+                            .equals(Extension.issuingDistributionPoint))
+                        {
+                            buf.append(
+                               IssuingDistributionPoint.getInstance(dIn.readObject())).append(nl);
+                        }
+                        else if (oid
+                            .equals(Extension.cRLDistributionPoints))
+                        {
+                            buf.append(
+                                CRLDistPoint.getInstance(dIn.readObject())).append(nl);
+                        }
+                        else if (oid.equals(Extension.freshestCRL))
+                        {
+                            buf.append(
+                                CRLDistPoint.getInstance(dIn.readObject())).append(nl);
+                        }
+                        else
+                        {
+                            buf.append(oid.getId());
+                            buf.append(" value = ").append(
+                                ASN1Dump.dumpAsString(dIn.readObject()))
+                                .append(nl);
+                        }
+                    }
+                    catch (Exception ex)
+                    {
+                        buf.append(oid.getId());
+                        buf.append(" value = ").append("*****").append(nl);
+                    }
+                }
+                else
+                {
+                    buf.append(nl);
+                }
+            }
+        }
+        Set set = getRevokedCertificates();
+        if (set != null)
+        {
+            Iterator it = set.iterator();
+            while (it.hasNext())
+            {
+                buf.append(it.next());
+                buf.append(nl);
+            }
+        }
+        return buf.toString();
+    }
+
+    /**
+     * Checks whether the given certificate is on this CRL.
+     *
+     * @param cert the certificate to check for.
+     * @return true if the given certificate is on this CRL,
+     * false otherwise.
+     */
+    public boolean isRevoked(Certificate cert)
+    {
+        if (!cert.getType().equals("X.509"))
+        {
+            throw new RuntimeException("X.509 CRL used with non X.509 Cert");
+        }
+
+        Enumeration certs = c.getRevokedCertificateEnumeration();
+
+        X500Name caName = c.getIssuer();
+
+        if (certs != null)
+        {
+            BigInteger serial = ((X509Certificate)cert).getSerialNumber();
+
+            while (certs.hasMoreElements())
+            {
+                TBSCertList.CRLEntry entry = TBSCertList.CRLEntry.getInstance(certs.nextElement());
+
+                if (isIndirect && entry.hasExtensions())
+                {
+                    Extension currentCaName = entry.getExtensions().getExtension(Extension.certificateIssuer);
+
+                    if (currentCaName != null)
+                    {
+                        caName = X500Name.getInstance(GeneralNames.getInstance(currentCaName.getParsedValue()).getNames()[0].getName());
+                    }
+                }
+
+                if (entry.getUserCertificate().getValue().equals(serial))
+                {
+                    X500Name issuer;
+
+                    if (cert instanceof  X509Certificate)
+                    {
+                        issuer = X500Name.getInstance(((X509Certificate)cert).getIssuerX500Principal().getEncoded());
+                    }
+                    else
+                    {
+                        try
+                        {
+                            issuer = com.android.org.bouncycastle.asn1.x509.Certificate.getInstance(cert.getEncoded()).getIssuer();
+                        }
+                        catch (CertificateEncodingException e)
+                        {
+                            throw new RuntimeException("Cannot process certificate");
+                        }
+                    }
+
+                    if (!caName.equals(issuer))
+                    {
+                        return false;
+                    }
+
+                    return true;
+                }
+            }
+        }
+
+        return false;
+    }
+
+    public boolean equals(Object other)
+    {
+        if (this == other)
+        {
+            return true;
+        }
+
+        if (!(other instanceof X509CRL))
+        {
+            return false;
+        }
+
+        if (other instanceof X509CRLObject)
+        {
+            X509CRLObject crlObject = (X509CRLObject)other;
+
+            if (isHashCodeSet)
+            {
+                boolean otherIsHashCodeSet = crlObject.isHashCodeSet;
+                if (otherIsHashCodeSet)
+                {
+                    if (crlObject.hashCodeValue != hashCodeValue)
+                    {
+                        return false;
+                    }
+                }
+            }
+
+            return this.c.equals(crlObject.c);
+        }
+
+        return super.equals(other);
+    }
+
+    public int hashCode()
+    {
+        if (!isHashCodeSet)
+        {
+            isHashCodeSet = true;
+            hashCodeValue = super.hashCode();
+        }
+
+        return hashCodeValue;
+    }
+}
+

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/X509CertificateObject.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/X509CertificateObject.java
new file mode 100644
index 0000000..f2ff6c3
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/X509CertificateObject.java

@@ -0,0 +1,954 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.math.BigInteger;
+import java.net.InetAddress;
+import java.net.UnknownHostException;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.Principal;
+import java.security.Provider;
+import java.security.PublicKey;
+import java.security.Security;
+import java.security.Signature;
+import java.security.SignatureException;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateExpiredException;
+import java.security.cert.CertificateNotYetValidException;
+import java.security.cert.CertificateParsingException;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.Date;
+import java.util.Enumeration;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+import javax.security.auth.x500.X500Principal;
+
+import com.android.org.bouncycastle.asn1.ASN1BitString;
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1InputStream;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1OutputStream;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.ASN1String;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.DERIA5String;
+import com.android.org.bouncycastle.asn1.DERNull;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+import com.android.org.bouncycastle.asn1.misc.MiscObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.misc.NetscapeCertType;
+import com.android.org.bouncycastle.asn1.misc.NetscapeRevocationURL;
+import com.android.org.bouncycastle.asn1.misc.VerisignCzagExtension;
+import com.android.org.bouncycastle.asn1.util.ASN1Dump;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+import com.android.org.bouncycastle.asn1.x500.style.RFC4519Style;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x509.BasicConstraints;
+import com.android.org.bouncycastle.asn1.x509.Extension;
+import com.android.org.bouncycastle.asn1.x509.Extensions;
+import com.android.org.bouncycastle.asn1.x509.GeneralName;
+import com.android.org.bouncycastle.asn1.x509.KeyUsage;
+// BEGIN Android-added: Unknown reason
+import com.android.org.bouncycastle.asn1.x509.X509Name;
+// END Android-added: Unknown reason
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.PKCS12BagAttributeCarrierImpl;
+import com.android.org.bouncycastle.jce.X509Principal;
+import com.android.org.bouncycastle.jce.interfaces.PKCS12BagAttributeCarrier;
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Integers;
+import com.android.org.bouncycastle.util.Strings;
+import com.android.org.bouncycastle.util.encoders.Hex;
+
+/**
+ * @deprecated Do not use this class directly - either use org.bouncycastle.cert (bcpkix) or CertificateFactory.
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public class X509CertificateObject
+    extends X509Certificate
+    implements PKCS12BagAttributeCarrier
+{
+    private com.android.org.bouncycastle.asn1.x509.Certificate    c;
+    private BasicConstraints            basicConstraints;
+    private boolean[]                   keyUsage;
+    private boolean                     hashValueSet;
+    private int                         hashValue;
+
+    private PKCS12BagAttributeCarrier   attrCarrier = new PKCS12BagAttributeCarrierImpl();
+
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public X509CertificateObject(
+        com.android.org.bouncycastle.asn1.x509.Certificate    c)
+        throws CertificateParsingException
+    {
+        this.c = c;
+
+        try
+        {
+            byte[]  bytes = this.getExtensionBytes("2.5.29.19");
+
+            if (bytes != null)
+            {
+                basicConstraints = BasicConstraints.getInstance(ASN1Primitive.fromByteArray(bytes));
+            }
+        }
+        catch (Exception e)
+        {
+            throw new CertificateParsingException("cannot construct BasicConstraints: " + e);
+        }
+
+        try
+        {
+            byte[] bytes = this.getExtensionBytes("2.5.29.15");
+            if (bytes != null)
+            {
+                ASN1BitString bits = DERBitString.getInstance(ASN1Primitive.fromByteArray(bytes));
+
+                bytes = bits.getBytes();
+                int length = (bytes.length * 8) - bits.getPadBits();
+
+                keyUsage = new boolean[(length < 9) ? 9 : length];
+
+                for (int i = 0; i != length; i++)
+                {
+                    keyUsage[i] = (bytes[i / 8] & (0x80 >>> (i % 8))) != 0;
+                }
+            }
+            else
+            {
+                keyUsage = null;
+            }
+        }
+        catch (Exception e)
+        {
+            throw new CertificateParsingException("cannot construct KeyUsage: " + e);
+        }
+    }
+
+    public void checkValidity()
+        throws CertificateExpiredException, CertificateNotYetValidException
+    {
+        this.checkValidity(new Date());
+    }
+
+    public void checkValidity(
+        Date    date)
+        throws CertificateExpiredException, CertificateNotYetValidException
+    {
+        if (date.getTime() > this.getNotAfter().getTime())  // for other VM compatibility
+        {
+            throw new CertificateExpiredException("certificate expired on " + c.getEndDate().getTime());
+        }
+
+        if (date.getTime() < this.getNotBefore().getTime())
+        {
+            throw new CertificateNotYetValidException("certificate not valid till " + c.getStartDate().getTime());
+        }
+    }
+
+    public int getVersion()
+    {
+        return c.getVersionNumber();
+    }
+
+    public BigInteger getSerialNumber()
+    {
+        return c.getSerialNumber().getValue();
+    }
+
+    public Principal getIssuerDN()
+    {
+        try
+        {
+            return new X509Principal(X500Name.getInstance(c.getIssuer().getEncoded()));
+        }
+        catch (IOException e)
+        {
+            return null;
+        }
+    }
+
+    public X500Principal getIssuerX500Principal()
+    {
+        try
+        {
+            ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
+            ASN1OutputStream        aOut = new ASN1OutputStream(bOut);
+
+            aOut.writeObject(c.getIssuer());
+
+            return new X500Principal(bOut.toByteArray());
+        }
+        catch (IOException e)
+        {
+            throw new IllegalStateException("can't encode issuer DN");
+        }
+    }
+
+    public Principal getSubjectDN()
+    {
+        return new X509Principal(X500Name.getInstance(c.getSubject().toASN1Primitive()));
+    }
+
+    public X500Principal getSubjectX500Principal()
+    {
+        try
+        {
+            ByteArrayOutputStream   bOut = new ByteArrayOutputStream();
+            ASN1OutputStream        aOut = new ASN1OutputStream(bOut);
+
+            aOut.writeObject(c.getSubject());
+
+            return new X500Principal(bOut.toByteArray());
+        }
+        catch (IOException e)
+        {
+            throw new IllegalStateException("can't encode issuer DN");
+        }
+    }
+
+    public Date getNotBefore()
+    {
+        return c.getStartDate().getDate();
+    }
+
+    public Date getNotAfter()
+    {
+        return c.getEndDate().getDate();
+    }
+
+    public byte[] getTBSCertificate()
+        throws CertificateEncodingException
+    {
+        try
+        {
+            return c.getTBSCertificate().getEncoded(ASN1Encoding.DER);
+        }
+        catch (IOException e)
+        {
+            throw new CertificateEncodingException(e.toString());
+        }
+    }
+
+    public byte[] getSignature()
+    {
+        return c.getSignature().getOctets();
+    }
+
+    /**
+     * return a more "meaningful" representation for the signature algorithm used in
+     * the certficate.
+     */
+    public String getSigAlgName()
+    {
+        Provider    prov = Security.getProvider(BouncyCastleProvider.PROVIDER_NAME);
+
+        if (prov != null)
+        {
+            String      algName = prov.getProperty("Alg.Alias.Signature." + this.getSigAlgOID());
+
+            if (algName != null)
+            {
+                return algName;
+            }
+        }
+
+        Provider[] provs = Security.getProviders();
+
+        //
+        // search every provider looking for a real algorithm
+        //
+        for (int i = 0; i != provs.length; i++)
+        {
+            String algName = provs[i].getProperty("Alg.Alias.Signature." + this.getSigAlgOID());
+            if (algName != null)
+            {
+                return algName;
+            }
+        }
+
+        return this.getSigAlgOID();
+    }
+
+    /**
+     * return the object identifier for the signature.
+     */
+    public String getSigAlgOID()
+    {
+        return c.getSignatureAlgorithm().getAlgorithm().getId();
+    }
+
+    /**
+     * return the signature parameters, or null if there aren't any.
+     */
+    public byte[] getSigAlgParams()
+    {
+        if (c.getSignatureAlgorithm().getParameters() != null)
+        {
+            try
+            {
+                return c.getSignatureAlgorithm().getParameters().toASN1Primitive().getEncoded(ASN1Encoding.DER);
+            }
+            catch (IOException e)
+            {
+                return null;
+            }
+        }
+        else
+        {
+            return null;
+        }
+    }
+
+    public boolean[] getIssuerUniqueID()
+    {
+        DERBitString    id = c.getTBSCertificate().getIssuerUniqueId();
+
+        if (id != null)
+        {
+            byte[]          bytes = id.getBytes();
+            boolean[]       boolId = new boolean[bytes.length * 8 - id.getPadBits()];
+
+            for (int i = 0; i != boolId.length; i++)
+            {
+                boolId[i] = (bytes[i / 8] & (0x80 >>> (i % 8))) != 0;
+            }
+
+            return boolId;
+        }
+            
+        return null;
+    }
+
+    public boolean[] getSubjectUniqueID()
+    {
+        DERBitString    id = c.getTBSCertificate().getSubjectUniqueId();
+
+        if (id != null)
+        {
+            byte[]          bytes = id.getBytes();
+            boolean[]       boolId = new boolean[bytes.length * 8 - id.getPadBits()];
+
+            for (int i = 0; i != boolId.length; i++)
+            {
+                boolId[i] = (bytes[i / 8] & (0x80 >>> (i % 8))) != 0;
+            }
+
+            return boolId;
+        }
+            
+        return null;
+    }
+
+    public boolean[] getKeyUsage()
+    {
+        return keyUsage;
+    }
+
+    public List getExtendedKeyUsage() 
+        throws CertificateParsingException
+    {
+        byte[]  bytes = this.getExtensionBytes("2.5.29.37");
+
+        if (bytes != null)
+        {
+            try
+            {
+                ASN1InputStream dIn = new ASN1InputStream(bytes);
+                ASN1Sequence    seq = (ASN1Sequence)dIn.readObject();
+                List            list = new ArrayList();
+
+                for (int i = 0; i != seq.size(); i++)
+                {
+                    list.add(((ASN1ObjectIdentifier)seq.getObjectAt(i)).getId());
+                }
+                
+                return Collections.unmodifiableList(list);
+            }
+            catch (Exception e)
+            {
+                throw new CertificateParsingException("error processing extended key usage extension");
+            }
+        }
+
+        return null;
+    }
+    
+    public int getBasicConstraints()
+    {
+        if (basicConstraints != null)
+        {
+            if (basicConstraints.isCA())
+            {
+                if (basicConstraints.getPathLenConstraint() == null)
+                {
+                    return Integer.MAX_VALUE;
+                }
+                else
+                {
+                    return basicConstraints.getPathLenConstraint().intValue();
+                }
+            }
+            else
+            {
+                return -1;
+            }
+        }
+
+        return -1;
+    }
+
+    public Collection getSubjectAlternativeNames()
+        throws CertificateParsingException
+    {
+        return getAlternativeNames(getExtensionBytes(Extension.subjectAlternativeName.getId()));
+    }
+
+    public Collection getIssuerAlternativeNames()
+        throws CertificateParsingException
+    {
+        return getAlternativeNames(getExtensionBytes(Extension.issuerAlternativeName.getId()));
+    }
+
+    public Set getCriticalExtensionOIDs() 
+    {
+        if (this.getVersion() == 3)
+        {
+            Set             set = new HashSet();
+            Extensions  extensions = c.getTBSCertificate().getExtensions();
+
+            if (extensions != null)
+            {
+                Enumeration     e = extensions.oids();
+
+                while (e.hasMoreElements())
+                {
+                    ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement();
+                    Extension       ext = extensions.getExtension(oid);
+
+                    if (ext.isCritical())
+                    {
+                        set.add(oid.getId());
+                    }
+                }
+
+                return set;
+            }
+        }
+
+        return null;
+    }
+
+    private byte[] getExtensionBytes(String oid)
+    {
+        Extensions exts = c.getTBSCertificate().getExtensions();
+
+        if (exts != null)
+        {
+            Extension   ext = exts.getExtension(new ASN1ObjectIdentifier(oid));
+            if (ext != null)
+            {
+                return ext.getExtnValue().getOctets();
+            }
+        }
+
+        return null;
+    }
+
+    public byte[] getExtensionValue(String oid) 
+    {
+        Extensions exts = c.getTBSCertificate().getExtensions();
+
+        if (exts != null)
+        {
+            Extension   ext = exts.getExtension(new ASN1ObjectIdentifier(oid));
+
+            if (ext != null)
+            {
+                try
+                {
+                    return ext.getExtnValue().getEncoded();
+                }
+                catch (Exception e)
+                {
+                    throw new IllegalStateException("error parsing " + e.toString());
+                }
+            }
+        }
+
+        return null;
+    }
+
+    public Set getNonCriticalExtensionOIDs() 
+    {
+        if (this.getVersion() == 3)
+        {
+            Set             set = new HashSet();
+            Extensions  extensions = c.getTBSCertificate().getExtensions();
+
+            if (extensions != null)
+            {
+                Enumeration     e = extensions.oids();
+
+                while (e.hasMoreElements())
+                {
+                    ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement();
+                    Extension       ext = extensions.getExtension(oid);
+
+                    if (!ext.isCritical())
+                    {
+                        set.add(oid.getId());
+                    }
+                }
+
+                return set;
+            }
+        }
+
+        return null;
+    }
+
+    public boolean hasUnsupportedCriticalExtension()
+    {
+        if (this.getVersion() == 3)
+        {
+            Extensions  extensions = c.getTBSCertificate().getExtensions();
+
+            if (extensions != null)
+            {
+                Enumeration     e = extensions.oids();
+
+                while (e.hasMoreElements())
+                {
+                    ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement();
+                    String              oidId = oid.getId();
+
+                    if (oidId.equals(RFC3280CertPathUtilities.KEY_USAGE)
+                     || oidId.equals(RFC3280CertPathUtilities.CERTIFICATE_POLICIES)
+                     || oidId.equals(RFC3280CertPathUtilities.POLICY_MAPPINGS)
+                     || oidId.equals(RFC3280CertPathUtilities.INHIBIT_ANY_POLICY)
+                     || oidId.equals(RFC3280CertPathUtilities.CRL_DISTRIBUTION_POINTS)
+                     || oidId.equals(RFC3280CertPathUtilities.ISSUING_DISTRIBUTION_POINT)
+                     || oidId.equals(RFC3280CertPathUtilities.DELTA_CRL_INDICATOR)
+                     || oidId.equals(RFC3280CertPathUtilities.POLICY_CONSTRAINTS)
+                     || oidId.equals(RFC3280CertPathUtilities.BASIC_CONSTRAINTS)
+                     || oidId.equals(RFC3280CertPathUtilities.SUBJECT_ALTERNATIVE_NAME)
+                     || oidId.equals(RFC3280CertPathUtilities.NAME_CONSTRAINTS))
+                    {
+                        continue;
+                    }
+
+                    Extension       ext = extensions.getExtension(oid);
+
+                    if (ext.isCritical())
+                    {
+                        return true;
+                    }
+                }
+            }
+        }
+
+        return false;
+    }
+
+    public PublicKey getPublicKey()
+    {
+        try
+        {
+            return BouncyCastleProvider.getPublicKey(c.getSubjectPublicKeyInfo());
+        }
+        catch (IOException e)
+        {
+            return null;   // should never happen...
+        }
+    }
+
+    // BEGIN Android-added: Cache encoded certificates
+    private byte[] encoded;
+    // END Android-added: Cache encoded certificates
+    public byte[] getEncoded()
+        throws CertificateEncodingException
+    {
+        try
+        {
+            // BEGIN Android-changed: Cache encoded certificates
+            if (encoded == null) {
+                encoded = c.getEncoded(ASN1Encoding.DER);
+            }
+            return encoded;
+            // END Android-changed: Cache encoded certificates
+        }
+        catch (IOException e)
+        {
+            throw new CertificateEncodingException(e.toString());
+        }
+    }
+
+    public boolean equals(
+        Object o)
+    {
+        if (o == this)
+        {
+            return true;
+        }
+
+        if (!(o instanceof Certificate))
+        {
+            return false;
+        }
+
+        Certificate other = (Certificate)o;
+
+        try
+        {
+            byte[] b1 = this.getEncoded();
+            byte[] b2 = other.getEncoded();
+
+            return Arrays.areEqual(b1, b2);
+        }
+        catch (CertificateEncodingException e)
+        {
+            return false;
+        }
+    }
+    
+    public synchronized int hashCode()
+    {
+        if (!hashValueSet)
+        {
+            hashValue = calculateHashCode();
+            hashValueSet = true;
+        }
+
+        return hashValue;
+    }
+    
+    private int calculateHashCode()
+    {
+        try
+        {
+            int hashCode = 0;
+            byte[] certData = this.getEncoded();
+            for (int i = 1; i < certData.length; i++)
+            {
+                 hashCode += certData[i] * i;
+            }
+            return hashCode;
+        }
+        catch (CertificateEncodingException e)
+        {
+            return 0;
+        }
+    }
+
+    public void setBagAttribute(
+        ASN1ObjectIdentifier oid,
+        ASN1Encodable        attribute)
+    {
+        attrCarrier.setBagAttribute(oid, attribute);
+    }
+
+    public ASN1Encodable getBagAttribute(
+        ASN1ObjectIdentifier oid)
+    {
+        return attrCarrier.getBagAttribute(oid);
+    }
+
+    public Enumeration getBagAttributeKeys()
+    {
+        return attrCarrier.getBagAttributeKeys();
+    }
+
+    public String toString()
+    {
+        StringBuffer    buf = new StringBuffer();
+        String          nl = Strings.lineSeparator();
+
+        buf.append("  [0]         Version: ").append(this.getVersion()).append(nl);
+        buf.append("         SerialNumber: ").append(this.getSerialNumber()).append(nl);
+        buf.append("             IssuerDN: ").append(this.getIssuerDN()).append(nl);
+        buf.append("           Start Date: ").append(this.getNotBefore()).append(nl);
+        buf.append("           Final Date: ").append(this.getNotAfter()).append(nl);
+        buf.append("            SubjectDN: ").append(this.getSubjectDN()).append(nl);
+        buf.append("           Public Key: ").append(this.getPublicKey()).append(nl);
+        buf.append("  Signature Algorithm: ").append(this.getSigAlgName()).append(nl);
+
+        byte[]  sig = this.getSignature();
+
+        buf.append("            Signature: ").append(new String(Hex.encode(sig, 0, 20))).append(nl);
+        for (int i = 20; i < sig.length; i += 20)
+        {
+            if (i < sig.length - 20)
+            {
+                buf.append("                       ").append(new String(Hex.encode(sig, i, 20))).append(nl);
+            }
+            else
+            {
+                buf.append("                       ").append(new String(Hex.encode(sig, i, sig.length - i))).append(nl);
+            }
+        }
+
+        Extensions extensions = c.getTBSCertificate().getExtensions();
+
+        if (extensions != null)
+        {
+            Enumeration     e = extensions.oids();
+
+            if (e.hasMoreElements())
+            {
+                buf.append("       Extensions: \n");
+            }
+
+            while (e.hasMoreElements())
+            {
+                ASN1ObjectIdentifier     oid = (ASN1ObjectIdentifier)e.nextElement();
+                Extension ext = extensions.getExtension(oid);
+
+                if (ext.getExtnValue() != null)
+                {
+                    byte[]                  octs = ext.getExtnValue().getOctets();
+                    ASN1InputStream         dIn = new ASN1InputStream(octs);
+                    buf.append("                       critical(").append(ext.isCritical()).append(") ");
+                    try
+                    {
+                        if (oid.equals(Extension.basicConstraints))
+                        {
+                            buf.append(BasicConstraints.getInstance(dIn.readObject())).append(nl);
+                        }
+                        else if (oid.equals(Extension.keyUsage))
+                        {
+                            buf.append(KeyUsage.getInstance(dIn.readObject())).append(nl);
+                        }
+                        else if (oid.equals(MiscObjectIdentifiers.netscapeCertType))
+                        {
+                            buf.append(new NetscapeCertType((DERBitString)dIn.readObject())).append(nl);
+                        }
+                        else if (oid.equals(MiscObjectIdentifiers.netscapeRevocationURL))
+                        {
+                            buf.append(new NetscapeRevocationURL((DERIA5String)dIn.readObject())).append(nl);
+                        }
+                        else if (oid.equals(MiscObjectIdentifiers.verisignCzagExtension))
+                        {
+                            buf.append(new VerisignCzagExtension((DERIA5String)dIn.readObject())).append(nl);
+                        }
+                        else 
+                        {
+                            buf.append(oid.getId());
+                            buf.append(" value = ").append(ASN1Dump.dumpAsString(dIn.readObject())).append(nl);
+                            //buf.append(" value = ").append("*****").append(nl);
+                        }
+                    }
+                    catch (Exception ex)
+                    {
+                        buf.append(oid.getId());
+                   //     buf.append(" value = ").append(new String(Hex.encode(ext.getExtnValue().getOctets()))).append(nl);
+                        buf.append(" value = ").append("*****").append(nl);
+                    }
+                }
+                else
+                {
+                    buf.append(nl);
+                }
+            }
+        }
+
+        return buf.toString();
+    }
+
+    public final void verify(
+        PublicKey   key)
+        throws CertificateException, NoSuchAlgorithmException,
+        InvalidKeyException, NoSuchProviderException, SignatureException
+    {
+        Signature   signature;
+        String      sigName = X509SignatureUtil.getSignatureName(c.getSignatureAlgorithm());
+        
+        try
+        {
+            signature = Signature.getInstance(sigName, BouncyCastleProvider.PROVIDER_NAME);
+        }
+        catch (Exception e)
+        {
+            signature = Signature.getInstance(sigName);
+        }
+        
+        checkSignature(key, signature);
+    }
+    
+    public final void verify(
+        PublicKey   key,
+        String      sigProvider)
+        throws CertificateException, NoSuchAlgorithmException,
+        InvalidKeyException, NoSuchProviderException, SignatureException
+    {
+        String sigName = X509SignatureUtil.getSignatureName(c.getSignatureAlgorithm());
+        Signature signature;
+
+        if (sigProvider != null)
+        {
+            signature = Signature.getInstance(sigName, sigProvider);
+        }
+        else
+        {
+            signature = Signature.getInstance(sigName);
+        }
+        
+        checkSignature(key, signature);
+    }
+
+    public final void verify(
+        PublicKey   key,
+        Provider    sigProvider)
+        throws CertificateException, NoSuchAlgorithmException,
+        InvalidKeyException, SignatureException
+    {
+        String sigName = X509SignatureUtil.getSignatureName(c.getSignatureAlgorithm());
+        Signature signature;
+
+        if (sigProvider != null)
+        {
+            signature = Signature.getInstance(sigName, sigProvider);
+        }
+        else
+        {
+            signature = Signature.getInstance(sigName);
+        }
+
+        checkSignature(key, signature);
+    }
+
+    private void checkSignature(
+        PublicKey key, 
+        Signature signature) 
+        throws CertificateException, NoSuchAlgorithmException, 
+            SignatureException, InvalidKeyException
+    {
+        if (!isAlgIdEqual(c.getSignatureAlgorithm(), c.getTBSCertificate().getSignature()))
+        {
+            throw new CertificateException("signature algorithm in TBS cert not same as outer cert");
+        }
+
+        ASN1Encodable params = c.getSignatureAlgorithm().getParameters();
+
+        // TODO This should go after the initVerify?
+        X509SignatureUtil.setSignatureParameters(signature, params);
+
+        signature.initVerify(key);
+
+        signature.update(this.getTBSCertificate());
+
+        if (!signature.verify(this.getSignature()))
+        {
+            throw new SignatureException("certificate does not verify with supplied key");
+        }
+    }
+
+    private boolean isAlgIdEqual(AlgorithmIdentifier id1, AlgorithmIdentifier id2)
+    {
+        if (!id1.getAlgorithm().equals(id2.getAlgorithm()))
+        {
+            return false;
+        }
+
+        if (id1.getParameters() == null)
+        {
+            if (id2.getParameters() != null && !id2.getParameters().equals(DERNull.INSTANCE))
+            {
+                return false;
+            }
+
+            return true;
+        }
+
+        if (id2.getParameters() == null)
+        {
+            if (id1.getParameters() != null && !id1.getParameters().equals(DERNull.INSTANCE))
+            {
+                return false;
+            }
+
+            return true;
+        }
+        
+        return id1.getParameters().equals(id2.getParameters());
+    }
+
+    private static Collection getAlternativeNames(byte[] extVal)
+        throws CertificateParsingException
+    {
+        if (extVal == null)
+        {
+            return null;
+        }
+        try
+        {
+            Collection temp = new ArrayList();
+            Enumeration it = ASN1Sequence.getInstance(extVal).getObjects();
+            while (it.hasMoreElements())
+            {
+                GeneralName genName = GeneralName.getInstance(it.nextElement());
+                List list = new ArrayList();
+                list.add(Integers.valueOf(genName.getTagNo()));
+                switch (genName.getTagNo())
+                {
+                case GeneralName.ediPartyName:
+                case GeneralName.x400Address:
+                case GeneralName.otherName:
+                    list.add(genName.getEncoded());
+                    break;
+                case GeneralName.directoryName:
+                    // BEGIN Android-changed: Unknown reason
+                    list.add(X509Name.getInstance(genName.getName()).toString(true, X509Name.DefaultSymbols));
+                    // END Android-changed: Unknown reason
+                    break;
+                case GeneralName.dNSName:
+                case GeneralName.rfc822Name:
+                case GeneralName.uniformResourceIdentifier:
+                    list.add(((ASN1String)genName.getName()).getString());
+                    break;
+                case GeneralName.registeredID:
+                    list.add(ASN1ObjectIdentifier.getInstance(genName.getName()).getId());
+                    break;
+                case GeneralName.iPAddress:
+                    byte[] addrBytes = DEROctetString.getInstance(genName.getName()).getOctets();
+                    final String addr;
+                    try
+                    {
+                        addr = InetAddress.getByAddress(addrBytes).getHostAddress();
+                    }
+                    catch (UnknownHostException e)
+                    {
+                        continue;
+                    }
+                    list.add(addr);
+                    break;
+                default:
+                    throw new IOException("Bad tag number: " + genName.getTagNo());
+                }
+
+                temp.add(Collections.unmodifiableList(list));
+            }
+            if (temp.size() == 0)
+            {
+                return null;
+            }
+            return Collections.unmodifiableCollection(temp);
+        }
+        catch (Exception e)
+        {
+            throw new CertificateParsingException(e.getMessage());
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/X509SignatureUtil.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/X509SignatureUtil.java
new file mode 100644
index 0000000..62014bc
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/provider/X509SignatureUtil.java

@@ -0,0 +1,148 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.provider;
+
+import java.io.IOException;
+import java.security.AlgorithmParameters;
+import java.security.GeneralSecurityException;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.Signature;
+import java.security.SignatureException;
+import java.security.spec.PSSParameterSpec;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Null;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DERNull;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.RSASSAPSSparams;
+import com.android.org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
+
+class X509SignatureUtil
+{
+    private static final ASN1Null       derNull = DERNull.INSTANCE;
+    
+    static void setSignatureParameters(
+        Signature signature,
+        ASN1Encodable params)
+        throws NoSuchAlgorithmException, SignatureException, InvalidKeyException
+    {
+        if (params != null && !derNull.equals(params))
+        {
+            AlgorithmParameters  sigParams = AlgorithmParameters.getInstance(signature.getAlgorithm(), signature.getProvider());
+            
+            try
+            {
+                sigParams.init(params.toASN1Primitive().getEncoded());
+            }
+            catch (IOException e)
+            {
+                throw new SignatureException("IOException decoding parameters: " + e.getMessage());
+            }
+            
+            if (signature.getAlgorithm().endsWith("MGF1"))
+            {
+                try
+                {
+                    signature.setParameter(sigParams.getParameterSpec(PSSParameterSpec.class));
+                }
+                catch (GeneralSecurityException e)
+                {
+                    throw new SignatureException("Exception extracting parameters: " + e.getMessage());
+                }
+            }
+        }
+    }
+    
+    static String getSignatureName(
+        AlgorithmIdentifier sigAlgId) 
+    {
+        ASN1Encodable params = sigAlgId.getParameters();
+        
+        if (params != null && !derNull.equals(params))
+        {
+            // BEGIN Android-removed: Unsupported algorithms
+            /*
+            if (sigAlgId.getAlgorithm().equals(PKCSObjectIdentifiers.id_RSASSA_PSS))
+            {
+                RSASSAPSSparams rsaParams = RSASSAPSSparams.getInstance(params);
+                
+                return getDigestAlgName(rsaParams.getHashAlgorithm().getAlgorithm()) + "withRSAandMGF1";
+            }
+            */
+            // END Android-removed: Unsupported algorithms
+            if (sigAlgId.getAlgorithm().equals(X9ObjectIdentifiers.ecdsa_with_SHA2))
+            {
+                ASN1Sequence ecDsaParams = ASN1Sequence.getInstance(params);
+                
+                return getDigestAlgName(ASN1ObjectIdentifier.getInstance(ecDsaParams.getObjectAt(0))) + "withECDSA";
+            }
+        }
+
+        return sigAlgId.getAlgorithm().getId();
+    }
+    
+    /**
+     * Return the digest algorithm using one of the standard JCA string
+     * representations rather the the algorithm identifier (if possible).
+     */
+    private static String getDigestAlgName(
+        ASN1ObjectIdentifier digestAlgOID)
+    {
+        if (PKCSObjectIdentifiers.md5.equals(digestAlgOID))
+        {
+            return "MD5";
+        }
+        else if (OIWObjectIdentifiers.idSHA1.equals(digestAlgOID))
+        {
+            return "SHA1";
+        }
+        else if (NISTObjectIdentifiers.id_sha224.equals(digestAlgOID))
+        {
+            return "SHA224";
+        }
+        else if (NISTObjectIdentifiers.id_sha256.equals(digestAlgOID))
+        {
+            return "SHA256";
+        }
+        else if (NISTObjectIdentifiers.id_sha384.equals(digestAlgOID))
+        {
+            return "SHA384";
+        }
+        else if (NISTObjectIdentifiers.id_sha512.equals(digestAlgOID))
+        {
+            return "SHA512";
+        }
+        // BEGIN Android-removed: Unsupported algorithms
+        /*
+        else if (TeleTrusTObjectIdentifiers.ripemd128.equals(digestAlgOID))
+        {
+            return "RIPEMD128";
+        }
+        else if (TeleTrusTObjectIdentifiers.ripemd160.equals(digestAlgOID))
+        {
+            return "RIPEMD160";
+        }
+        else if (TeleTrusTObjectIdentifiers.ripemd256.equals(digestAlgOID))
+        {
+            return "RIPEMD256";
+        }
+        else if (CryptoProObjectIdentifiers.gostR3411.equals(digestAlgOID))
+        {
+            return "GOST3411";
+        }
+        */
+        // END Android-removed: Unsupported algorithms
+        else
+        {
+            return digestAlgOID.getId();            
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/spec/ECKeySpec.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/spec/ECKeySpec.java
new file mode 100644
index 0000000..4fe7d10
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/spec/ECKeySpec.java

@@ -0,0 +1,28 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.spec;
+
+import java.security.spec.KeySpec;
+
+/**
+ * base class for an Elliptic Curve Key Spec
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ECKeySpec
+    implements KeySpec
+{
+    private ECParameterSpec     spec;
+
+    protected ECKeySpec(
+        ECParameterSpec spec)
+    {
+        this.spec = spec;
+    }
+
+    /**
+     * return the domain parameters for the curve
+     */
+    public ECParameterSpec getParams()
+    {
+        return spec;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/spec/ECNamedCurveGenParameterSpec.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/spec/ECNamedCurveGenParameterSpec.java
new file mode 100644
index 0000000..0144c4e
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/spec/ECNamedCurveGenParameterSpec.java

@@ -0,0 +1,30 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.spec;
+
+import java.security.spec.AlgorithmParameterSpec;
+
+/**
+ * Named curve generation spec
+ * <p>
+ * If you are using JDK 1.5 you should be looking at ECGenParameterSpec.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ECNamedCurveGenParameterSpec
+    implements AlgorithmParameterSpec
+{
+    private String  name;
+
+    public ECNamedCurveGenParameterSpec(
+        String name)
+    {
+        this.name = name;
+    }
+
+    /**
+     * return the name of the curve the EC domain parameters belong to.
+     */
+    public String getName()
+    {
+        return name;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/spec/ECNamedCurveParameterSpec.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/spec/ECNamedCurveParameterSpec.java
new file mode 100644
index 0000000..956910e
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/spec/ECNamedCurveParameterSpec.java

@@ -0,0 +1,64 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.spec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.ECPoint;
+
+/**
+ * specification signifying that the curve parameters can also be
+ * referred to by name.
+ * <p>
+ * If you are using JDK 1.5 you should be looking at {@link ECNamedCurveSpec}.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ECNamedCurveParameterSpec
+    extends ECParameterSpec
+{
+    private String  name;
+
+    public ECNamedCurveParameterSpec(
+        String      name,
+        ECCurve     curve,
+        ECPoint     G,
+        BigInteger  n)
+    {
+        super(curve, G, n);
+
+        this.name = name;
+    }
+
+    public ECNamedCurveParameterSpec(
+        String      name,
+        ECCurve     curve,
+        ECPoint     G,
+        BigInteger  n,
+        BigInteger  h)
+    {
+        super(curve, G, n, h);
+
+        this.name = name;
+    }
+
+    public ECNamedCurveParameterSpec(
+        String      name,
+        ECCurve     curve,
+        ECPoint     G,
+        BigInteger  n,
+        BigInteger  h,
+        byte[]      seed)
+    {
+        super(curve, G, n, h, seed);
+
+        this.name = name;
+    }
+
+    /**
+     * return the name of the curve the EC domain parameters belong to.
+     */
+    public String getName()
+    {
+        return name;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/spec/ECNamedCurveSpec.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/spec/ECNamedCurveSpec.java
new file mode 100644
index 0000000..62566fb
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/spec/ECNamedCurveSpec.java

@@ -0,0 +1,119 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.spec;
+
+import java.math.BigInteger;
+import java.security.spec.ECField;
+import java.security.spec.ECFieldF2m;
+import java.security.spec.ECFieldFp;
+import java.security.spec.ECPoint;
+import java.security.spec.EllipticCurve;
+
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.util.EC5Util;
+import com.android.org.bouncycastle.math.ec.ECAlgorithms;
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.field.FiniteField;
+import com.android.org.bouncycastle.math.field.Polynomial;
+import com.android.org.bouncycastle.math.field.PolynomialExtensionField;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * specification signifying that the curve parameters can also be
+ * referred to by name.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ECNamedCurveSpec
+    extends java.security.spec.ECParameterSpec
+{
+    private String  name;
+
+    private static EllipticCurve convertCurve(
+        ECCurve  curve,
+        byte[]   seed)
+    {
+        ECField field = convertField(curve.getField());
+        BigInteger a = curve.getA().toBigInteger(), b = curve.getB().toBigInteger();
+        return new EllipticCurve(field, a, b, seed);
+    }
+
+    private static ECField convertField(FiniteField field)
+    {
+        if (ECAlgorithms.isFpField(field))
+        {
+            return new ECFieldFp(field.getCharacteristic());
+        }
+        else //if (ECAlgorithms.isF2mField(curveField))
+        {
+            Polynomial poly = ((PolynomialExtensionField)field).getMinimalPolynomial();
+            int[] exponents = poly.getExponentsPresent();
+            int[] ks = Arrays.reverse(Arrays.copyOfRange(exponents, 1, exponents.length - 1));
+            return new ECFieldF2m(poly.getDegree(), ks);
+        }
+    }
+
+    public ECNamedCurveSpec(
+        String                              name,
+        ECCurve                             curve,
+        com.android.org.bouncycastle.math.ec.ECPoint    g,
+        BigInteger                          n)
+    {
+        super(convertCurve(curve, null), EC5Util.convertPoint(g), n, 1);
+
+        this.name = name;
+    }
+
+    public ECNamedCurveSpec(
+        String          name,
+        EllipticCurve   curve,
+        ECPoint         g,
+        BigInteger      n)
+    {
+        super(curve, g, n, 1);
+
+        this.name = name;
+    }
+    
+    public ECNamedCurveSpec(
+        String                              name,
+        ECCurve                             curve,
+        com.android.org.bouncycastle.math.ec.ECPoint    g,
+        BigInteger                          n,
+        BigInteger                          h)
+    {
+        super(convertCurve(curve, null), EC5Util.convertPoint(g), n, h.intValue());
+
+        this.name = name;
+    }
+
+    public ECNamedCurveSpec(
+        String          name,
+        EllipticCurve   curve,
+        ECPoint         g,
+        BigInteger      n,
+        BigInteger      h)
+    {
+        super(curve, g, n, h.intValue());
+
+        this.name = name;
+    }
+    
+    public ECNamedCurveSpec(
+        String                              name,
+        ECCurve                             curve,
+        com.android.org.bouncycastle.math.ec.ECPoint    g,
+        BigInteger                          n,
+        BigInteger                          h,
+        byte[]                              seed)
+    {
+        super(convertCurve(curve, seed), EC5Util.convertPoint(g), n, h.intValue());
+
+        this.name = name;
+    }
+
+    /**
+     * return the name of the curve the EC domain parameters belong to.
+     */
+    public String getName()
+    {
+        return name;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/spec/ECParameterSpec.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/spec/ECParameterSpec.java
new file mode 100644
index 0000000..5812f2f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/spec/ECParameterSpec.java

@@ -0,0 +1,123 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.spec;
+
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.ECPoint;
+
+import java.math.BigInteger;
+import java.security.spec.AlgorithmParameterSpec;
+
+/**
+ * basic domain parameters for an Elliptic Curve public or private key.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ECParameterSpec
+    implements AlgorithmParameterSpec
+{
+    private ECCurve     curve;
+    private byte[]      seed;
+    private ECPoint     G;
+    private BigInteger  n;
+    private BigInteger  h;
+
+    public ECParameterSpec(
+        ECCurve     curve,
+        ECPoint     G,
+        BigInteger  n)
+    {
+        this.curve = curve;
+        this.G = G.normalize();
+        this.n = n;
+        this.h = BigInteger.valueOf(1);
+        this.seed = null;
+    }
+
+    public ECParameterSpec(
+        ECCurve     curve,
+        ECPoint     G,
+        BigInteger  n,
+        BigInteger  h)
+    {
+        this.curve = curve;
+        this.G = G.normalize();
+        this.n = n;
+        this.h = h;
+        this.seed = null;
+    }
+
+    public ECParameterSpec(
+        ECCurve     curve,
+        ECPoint     G,
+        BigInteger  n,
+        BigInteger  h,
+        byte[]      seed)
+    {
+        this.curve = curve;
+        this.G = G.normalize();
+        this.n = n;
+        this.h = h;
+        this.seed = seed;
+    }
+
+    /**
+     * return the curve along which the base point lies.
+     * @return the curve
+     */
+    public ECCurve getCurve()
+    {
+        return curve;
+    }
+
+    /**
+     * return the base point we are using for these domain parameters.
+     * @return the base point.
+     */
+    public ECPoint getG()
+    {
+        return G;
+    }
+
+    /**
+     * return the order N of G
+     * @return the order
+     */
+    public BigInteger getN()
+    {
+        return n;
+    }
+
+    /**
+     * return the cofactor H to the order of G.
+     * @return the cofactor
+     */
+    public BigInteger getH()
+    {
+        return h;
+    }
+
+    /**
+     * return the seed used to generate this curve (if available).
+     * @return the random seed
+     */
+    public byte[] getSeed()
+    {
+        return seed;
+    }
+
+    public boolean equals(Object o)
+    {
+        if (!(o instanceof ECParameterSpec))
+        {
+            return false;
+        }
+
+        ECParameterSpec other = (ECParameterSpec)o;
+
+        return this.getCurve().equals(other.getCurve()) && this.getG().equals(other.getG());
+    }
+
+    public int hashCode()
+    {
+        return this.getCurve().hashCode() ^ this.getG().hashCode();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/spec/ECPrivateKeySpec.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/spec/ECPrivateKeySpec.java
new file mode 100644
index 0000000..4abae60
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/spec/ECPrivateKeySpec.java

@@ -0,0 +1,37 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.spec;
+
+import java.math.BigInteger;
+
+/**
+ * Elliptic Curve private key specification.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ECPrivateKeySpec
+    extends ECKeySpec
+{
+    private BigInteger    d;
+
+    /**
+     * base constructor
+     *
+     * @param d the private number for the key.
+     * @param spec the domain parameters for the curve being used.
+     */
+    public ECPrivateKeySpec(
+        BigInteger      d,
+        ECParameterSpec spec)
+    {
+        super(spec);
+
+        this.d = d;
+    }
+
+    /**
+     * return the private number D
+     */
+    public BigInteger getD()
+    {
+        return d;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/spec/ECPublicKeySpec.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/spec/ECPublicKeySpec.java
new file mode 100644
index 0000000..0b43c7e
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/jce/spec/ECPublicKeySpec.java

@@ -0,0 +1,44 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.jce.spec;
+
+import com.android.org.bouncycastle.math.ec.ECPoint;
+
+/**
+ * Elliptic Curve public key specification
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ECPublicKeySpec
+    extends ECKeySpec
+{
+    private ECPoint    q;
+
+    /**
+     * base constructor
+     *
+     * @param q the public point on the curve.
+     * @param spec the domain parameters for the curve.
+     */
+    public ECPublicKeySpec(
+        ECPoint         q,
+        ECParameterSpec spec)
+    {
+        super(spec);
+
+        if (q.getCurve() != null)
+        {
+            this.q = q.normalize();
+        }
+        else
+        {
+            this.q = q;
+        }
+    }
+
+    /**
+     * return the public point q
+     */
+    public ECPoint getQ()
+    {
+        return q;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/Primes.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/Primes.java
new file mode 100644
index 0000000..956688d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/Primes.java

@@ -0,0 +1,678 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math;
+
+import java.math.BigInteger;
+import java.security.SecureRandom;
+
+import com.android.org.bouncycastle.crypto.Digest;
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.BigIntegers;
+
+/**
+ * Utility methods for generating primes and testing for primality.
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class Primes
+{
+    public static final int SMALL_FACTOR_LIMIT = 211;
+
+    private static final BigInteger ONE = BigInteger.valueOf(1);
+    private static final BigInteger TWO = BigInteger.valueOf(2);
+    private static final BigInteger THREE = BigInteger.valueOf(3);
+
+    /**
+     * Used to return the output from the
+     * {@linkplain Primes#enhancedMRProbablePrimeTest(BigInteger, SecureRandom, int) Enhanced
+     * Miller-Rabin Probabilistic Primality Test}
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class MROutput
+    {
+        private static MROutput probablyPrime()
+        {
+            return new MROutput(false, null);
+        }
+
+        private static MROutput provablyCompositeWithFactor(BigInteger factor)
+        {
+            return new MROutput(true, factor);
+        }
+
+        private static MROutput provablyCompositeNotPrimePower()
+        {
+            return new MROutput(true, null);
+        }
+
+        private boolean provablyComposite;
+        private BigInteger factor;
+
+        private MROutput(boolean provablyComposite, BigInteger factor)
+        {
+            this.provablyComposite = provablyComposite;
+            this.factor = factor;
+        }
+
+        public BigInteger getFactor()
+        {
+            return factor;
+        }
+
+        public boolean isProvablyComposite()
+        {
+            return provablyComposite;
+        }
+
+        public boolean isNotPrimePower()
+        {
+            return provablyComposite && factor == null;
+        }
+    }
+
+    /**
+     * Used to return the output from the
+     * {@linkplain Primes#generateSTRandomPrime(Digest, int, byte[]) Shawe-Taylor Random_Prime
+     * Routine}
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class STOutput
+    {
+        private BigInteger prime;
+        private byte[] primeSeed;
+        private int primeGenCounter;
+
+        private STOutput(BigInteger prime, byte[] primeSeed, int primeGenCounter)
+        {
+            this.prime = prime;
+            this.primeSeed = primeSeed;
+            this.primeGenCounter = primeGenCounter;
+        }
+
+        public BigInteger getPrime()
+        {
+            return prime;
+        }
+
+        public byte[] getPrimeSeed()
+        {
+            return primeSeed;
+        }
+
+        public int getPrimeGenCounter()
+        {
+            return primeGenCounter;
+        }
+    }
+
+    /**
+     * FIPS 186-4 C.6 Shawe-Taylor Random_Prime Routine
+     *
+     * Construct a provable prime number using a hash function.
+     *
+     * @param hash
+     *            the {@link Digest} instance to use (as "Hash()"). Cannot be null.
+     * @param length
+     *            the length (in bits) of the prime to be generated. Must be at least 2.
+     * @param inputSeed
+     *            the seed to be used for the generation of the requested prime. Cannot be null or
+     *            empty.
+     * @return an {@link STOutput} instance containing the requested prime.
+     */
+    public static STOutput generateSTRandomPrime(Digest hash, int length, byte[] inputSeed)
+    {
+        if (hash == null)
+        {
+            throw new IllegalArgumentException("'hash' cannot be null");
+        }
+        if (length < 2)
+        {
+            throw new IllegalArgumentException("'length' must be >= 2");
+        }
+        if (inputSeed == null || inputSeed.length == 0)
+        {
+            throw new IllegalArgumentException("'inputSeed' cannot be null or empty");
+        }
+
+        return implSTRandomPrime(hash, length, Arrays.clone(inputSeed));
+    }
+
+    /**
+     * FIPS 186-4 C.3.2 Enhanced Miller-Rabin Probabilistic Primality Test
+     *
+     * Run several iterations of the Miller-Rabin algorithm with randomly-chosen bases. This is an
+     * alternative to {@link #isMRProbablePrime(BigInteger, SecureRandom, int)} that provides more
+     * information about a composite candidate, which may be useful when generating or validating
+     * RSA moduli.
+     *
+     * @param candidate
+     *            the {@link BigInteger} instance to test for primality.
+     * @param random
+     *            the source of randomness to use to choose bases.
+     * @param iterations
+     *            the number of randomly-chosen bases to perform the test for.
+     * @return an {@link MROutput} instance that can be further queried for details.
+     */
+    public static MROutput enhancedMRProbablePrimeTest(BigInteger candidate, SecureRandom random, int iterations)
+    {
+        checkCandidate(candidate, "candidate");
+
+        if (random == null)
+        {
+            throw new IllegalArgumentException("'random' cannot be null");
+        }
+        if (iterations < 1)
+        {
+            throw new IllegalArgumentException("'iterations' must be > 0");
+        }
+
+        if (candidate.bitLength() == 2)
+        {
+            return MROutput.probablyPrime();
+        }
+        if (!candidate.testBit(0))
+        {
+            return MROutput.provablyCompositeWithFactor(TWO);
+        }
+
+        BigInteger w = candidate;
+        BigInteger wSubOne = candidate.subtract(ONE);
+        BigInteger wSubTwo = candidate.subtract(TWO);
+
+        int a = wSubOne.getLowestSetBit();
+        BigInteger m = wSubOne.shiftRight(a);
+
+        for (int i = 0; i < iterations; ++i)
+        {
+            BigInteger b = BigIntegers.createRandomInRange(TWO, wSubTwo, random);
+            BigInteger g = b.gcd(w);
+
+            if (g.compareTo(ONE) > 0)
+            {
+                return MROutput.provablyCompositeWithFactor(g);
+            }
+
+            BigInteger z = b.modPow(m, w);
+
+            if (z.equals(ONE) || z.equals(wSubOne))
+            {
+                continue;
+            }
+
+            boolean primeToBase = false;
+
+            BigInteger x = z;
+            for (int j = 1; j < a; ++j)
+            {
+                z = z.modPow(TWO, w);
+
+                if (z.equals(wSubOne))
+                {
+                    primeToBase = true;
+                    break;
+                }
+
+                if (z.equals(ONE))
+                {
+                    break;
+                }
+
+                x = z;
+            }
+
+            if (!primeToBase)
+            {
+                if (!z.equals(ONE))
+                {
+                    x = z;
+                    z = z.modPow(TWO, w);
+
+                    if (!z.equals(ONE))
+                    {
+                        x = z;
+                    }
+                }
+
+                g = x.subtract(ONE).gcd(w);
+
+                if (g.compareTo(ONE) > 0)
+                {
+                    return MROutput.provablyCompositeWithFactor(g);
+                }
+
+                return MROutput.provablyCompositeNotPrimePower();
+            }
+        }
+
+        return MROutput.probablyPrime();
+    }
+
+    /**
+     * A fast check for small divisors, up to some implementation-specific limit.
+     *
+     * @param candidate
+     *            the {@link BigInteger} instance to test for division by small factors.
+     *
+     * @return <code>true</code> if the candidate is found to have any small factors,
+     *         <code>false</code> otherwise.
+     */
+    public static boolean hasAnySmallFactors(BigInteger candidate)
+    {
+        checkCandidate(candidate, "candidate");
+
+        return implHasAnySmallFactors(candidate);
+    }
+
+    /**
+     * FIPS 186-4 C.3.1 Miller-Rabin Probabilistic Primality Test
+     *
+     * Run several iterations of the Miller-Rabin algorithm with randomly-chosen bases.
+     *
+     * @param candidate
+     *            the {@link BigInteger} instance to test for primality.
+     * @param random
+     *            the source of randomness to use to choose bases.
+     * @param iterations
+     *            the number of randomly-chosen bases to perform the test for.
+     * @return <code>false</code> if any witness to compositeness is found amongst the chosen bases
+     *         (so <code>candidate</code> is definitely NOT prime), or else <code>true</code>
+     *         (indicating primality with some probability dependent on the number of iterations
+     *         that were performed).
+     */
+    public static boolean isMRProbablePrime(BigInteger candidate, SecureRandom random, int iterations)
+    {
+        checkCandidate(candidate, "candidate");
+
+        if (random == null)
+        {
+            throw new IllegalArgumentException("'random' cannot be null");
+        }
+        if (iterations < 1)
+        {
+            throw new IllegalArgumentException("'iterations' must be > 0");
+        }
+
+        if (candidate.bitLength() == 2)
+        {
+            return true;
+        }
+        if (!candidate.testBit(0))
+        {
+            return false;
+        }
+
+        BigInteger w = candidate;
+        BigInteger wSubOne = candidate.subtract(ONE);
+        BigInteger wSubTwo = candidate.subtract(TWO);
+
+        int a = wSubOne.getLowestSetBit();
+        BigInteger m = wSubOne.shiftRight(a);
+
+        for (int i = 0; i < iterations; ++i)
+        {
+            BigInteger b = BigIntegers.createRandomInRange(TWO, wSubTwo, random);
+
+            if (!implMRProbablePrimeToBase(w, wSubOne, m, a, b))
+            {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
+    /**
+     * FIPS 186-4 C.3.1 Miller-Rabin Probabilistic Primality Test (to a fixed base).
+     *
+     * Run a single iteration of the Miller-Rabin algorithm against the specified base.
+     *
+     * @param candidate
+     *            the {@link BigInteger} instance to test for primality.
+     * @param base
+     *            the base value to use for this iteration.
+     * @return <code>false</code> if the specified base is a witness to compositeness (so
+     *         <code>candidate</code> is definitely NOT prime), or else <code>true</code>.
+     */
+    public static boolean isMRProbablePrimeToBase(BigInteger candidate, BigInteger base)
+    {
+        checkCandidate(candidate, "candidate");
+        checkCandidate(base, "base");
+
+        if (base.compareTo(candidate.subtract(ONE)) >= 0)
+        {
+            throw new IllegalArgumentException("'base' must be < ('candidate' - 1)");
+        }
+
+        if (candidate.bitLength() == 2)
+        {
+            return true;
+        }
+
+        BigInteger w = candidate;
+        BigInteger wSubOne = candidate.subtract(ONE);
+
+        int a = wSubOne.getLowestSetBit();
+        BigInteger m = wSubOne.shiftRight(a);
+
+        return implMRProbablePrimeToBase(w, wSubOne, m, a, base);
+    }
+
+    private static void checkCandidate(BigInteger n, String name)
+    {
+        if (n == null || n.signum() < 1 || n.bitLength() < 2)
+        {
+            throw new IllegalArgumentException("'" + name + "' must be non-null and >= 2");
+        }
+    }
+
+    private static boolean implHasAnySmallFactors(BigInteger x)
+    {
+        /*
+         * Bundle trial divisors into ~32-bit moduli then use fast tests on the ~32-bit remainders.
+         */
+        int m = 2 * 3 * 5 * 7 * 11 * 13 * 17 * 19 * 23;
+        int r = x.mod(BigInteger.valueOf(m)).intValue();
+        if ((r % 2) == 0 || (r % 3) == 0 || (r % 5) == 0 || (r % 7) == 0 || (r % 11) == 0 || (r % 13) == 0
+            || (r % 17) == 0 || (r % 19) == 0 || (r % 23) == 0)
+        {
+            return true;
+        }
+
+        m = 29 * 31 * 37 * 41 * 43;
+        r = x.mod(BigInteger.valueOf(m)).intValue();
+        if ((r % 29) == 0 || (r % 31) == 0 || (r % 37) == 0 || (r % 41) == 0 || (r % 43) == 0)
+        {
+            return true;
+        }
+
+        m = 47 * 53 * 59 * 61 * 67;
+        r = x.mod(BigInteger.valueOf(m)).intValue();
+        if ((r % 47) == 0 || (r % 53) == 0 || (r % 59) == 0 || (r % 61) == 0 || (r % 67) == 0)
+        {
+            return true;
+        }
+
+        m = 71 * 73 * 79 * 83;
+        r = x.mod(BigInteger.valueOf(m)).intValue();
+        if ((r % 71) == 0 || (r % 73) == 0 || (r % 79) == 0 || (r % 83) == 0)
+        {
+            return true;
+        }
+
+        m = 89 * 97 * 101 * 103;
+        r = x.mod(BigInteger.valueOf(m)).intValue();
+        if ((r % 89) == 0 || (r % 97) == 0 || (r % 101) == 0 || (r % 103) == 0)
+        {
+            return true;
+        }
+
+        m = 107 * 109 * 113 * 127;
+        r = x.mod(BigInteger.valueOf(m)).intValue();
+        if ((r % 107) == 0 || (r % 109) == 0 || (r % 113) == 0 || (r % 127) == 0)
+        {
+            return true;
+        }
+
+        m = 131 * 137 * 139 * 149;
+        r = x.mod(BigInteger.valueOf(m)).intValue();
+        if ((r % 131) == 0 || (r % 137) == 0 || (r % 139) == 0 || (r % 149) == 0)
+        {
+            return true;
+        }
+
+        m = 151 * 157 * 163 * 167;
+        r = x.mod(BigInteger.valueOf(m)).intValue();
+        if ((r % 151) == 0 || (r % 157) == 0 || (r % 163) == 0 || (r % 167) == 0)
+        {
+            return true;
+        }
+
+        m = 173 * 179 * 181 * 191;
+        r = x.mod(BigInteger.valueOf(m)).intValue();
+        if ((r % 173) == 0 || (r % 179) == 0 || (r % 181) == 0 || (r % 191) == 0)
+        {
+            return true;
+        }
+
+        m = 193 * 197 * 199 * 211;
+        r = x.mod(BigInteger.valueOf(m)).intValue();
+        if ((r % 193) == 0 || (r % 197) == 0 || (r % 199) == 0 || (r % 211) == 0)
+        {
+            return true;
+        }
+
+        /*
+         * NOTE: Unit tests depend on SMALL_FACTOR_LIMIT matching the
+         * highest small factor tested here.
+         */
+        return false;
+    }
+
+    private static boolean implMRProbablePrimeToBase(BigInteger w, BigInteger wSubOne, BigInteger m, int a, BigInteger b)
+    {
+        BigInteger z = b.modPow(m, w);
+
+        if (z.equals(ONE) || z.equals(wSubOne))
+        {
+            return true;
+        }
+
+        boolean result = false;
+
+        for (int j = 1; j < a; ++j)
+        {
+            z = z.modPow(TWO, w);
+
+            if (z.equals(wSubOne))
+            {
+                result = true;
+                break;
+            }
+
+            if (z.equals(ONE))
+            {
+                return false;
+            }
+        }
+
+        return result;
+    }
+
+    private static STOutput implSTRandomPrime(Digest d, int length, byte[] primeSeed)
+    {
+        int dLen = d.getDigestSize();
+
+        if (length < 33)
+        {
+            int primeGenCounter = 0;
+
+            byte[] c0 = new byte[dLen];
+            byte[] c1 = new byte[dLen];
+
+            for (;;)
+            {
+                hash(d, primeSeed, c0, 0);
+                inc(primeSeed, 1);
+
+                hash(d, primeSeed, c1, 0);
+                inc(primeSeed, 1);
+
+                int c = extract32(c0) ^ extract32(c1);
+                c &= (-1 >>> (32 - length));
+                c |= (1 << (length - 1)) | 1;
+
+                ++primeGenCounter;
+
+                long c64 = c & 0xFFFFFFFFL;
+                if (isPrime32(c64))
+                {
+                    return new STOutput(BigInteger.valueOf(c64), primeSeed, primeGenCounter);
+                }
+
+                if (primeGenCounter > (4 * length))
+                {
+                    throw new IllegalStateException("Too many iterations in Shawe-Taylor Random_Prime Routine");
+                }
+            }
+        }
+
+        STOutput rec = implSTRandomPrime(d, (length + 3) / 2, primeSeed);
+
+        BigInteger c0 = rec.getPrime();
+        primeSeed = rec.getPrimeSeed();
+        int primeGenCounter = rec.getPrimeGenCounter();
+
+        int outlen = 8 * dLen;
+        int iterations = (length - 1) / outlen;
+
+        int oldCounter = primeGenCounter;
+
+        BigInteger x = hashGen(d, primeSeed, iterations + 1);
+        x = x.mod(ONE.shiftLeft(length - 1)).setBit(length - 1);
+
+        BigInteger c0x2 = c0.shiftLeft(1);
+        BigInteger tx2 = x.subtract(ONE).divide(c0x2).add(ONE).shiftLeft(1);
+        int dt = 0;
+
+        BigInteger c = tx2.multiply(c0).add(ONE);
+
+        /*
+         * TODO Since the candidate primes are generated by constant steps ('c0x2'), sieving could
+         * be used here in place of the 'hasAnySmallFactors' approach.
+         */
+        for (;;)
+        {
+            if (c.bitLength() > length)
+            {
+                tx2 = ONE.shiftLeft(length - 1).subtract(ONE).divide(c0x2).add(ONE).shiftLeft(1);
+                c = tx2.multiply(c0).add(ONE);
+            }
+
+            ++primeGenCounter;
+
+            /*
+             * This is an optimization of the original algorithm, using trial division to screen out
+             * many non-primes quickly.
+             * 
+             * NOTE: 'primeSeed' is still incremented as if we performed the full check!
+             */
+            if (!implHasAnySmallFactors(c))
+            {
+                BigInteger a = hashGen(d, primeSeed, iterations + 1);
+                a = a.mod(c.subtract(THREE)).add(TWO);
+
+                tx2 = tx2.add(BigInteger.valueOf(dt));
+                dt = 0;
+
+                BigInteger z = a.modPow(tx2, c);
+
+                if (c.gcd(z.subtract(ONE)).equals(ONE) && z.modPow(c0, c).equals(ONE))
+                {
+                    return new STOutput(c, primeSeed, primeGenCounter);
+                }
+            }
+            else
+            {
+                inc(primeSeed, iterations + 1);
+            }
+
+            if (primeGenCounter >= ((4 * length) + oldCounter))
+            {
+                throw new IllegalStateException("Too many iterations in Shawe-Taylor Random_Prime Routine");
+            }
+
+            dt += 2;
+            c = c.add(c0x2);
+        }
+    }
+
+    private static int extract32(byte[] bs)
+    {
+        int result = 0;
+
+        int count = Math.min(4, bs.length);
+        for (int i = 0; i < count; ++i)
+        {
+            int b = bs[bs.length - (i + 1)] & 0xFF;
+            result |= (b << (8 * i));
+        }
+
+        return result;
+    }
+
+    private static void hash(Digest d, byte[] input, byte[] output, int outPos)
+    {
+        d.update(input, 0, input.length);
+        d.doFinal(output, outPos);
+    }
+
+    private static BigInteger hashGen(Digest d, byte[] seed, int count)
+    {
+        int dLen = d.getDigestSize();
+        int pos = count * dLen;
+        byte[] buf = new byte[pos];
+        for (int i = 0; i < count; ++i)
+        {
+            pos -= dLen;
+            hash(d, seed, buf, pos);
+            inc(seed, 1);
+        }
+        return new BigInteger(1, buf);
+    }
+
+    private static void inc(byte[] seed, int c)
+    {
+        int pos = seed.length;
+        while (c > 0 && --pos >= 0)
+        {
+            c += (seed[pos] & 0xFF);
+            seed[pos] = (byte)c;
+            c >>>= 8;
+        }
+    }
+
+    private static boolean isPrime32(long x)
+    {
+        if (x >>> 32 != 0L)
+        {
+            throw new IllegalArgumentException("Size limit exceeded");
+        }
+
+        /*
+         * Use wheel factorization with 2, 3, 5 to select trial divisors.
+         */
+
+        if (x <= 5L)
+        {
+            return x == 2L || x == 3L || x == 5L;
+        }
+
+        if ((x & 1L) == 0L || (x % 3L) == 0L || (x % 5L) == 0L)
+        {
+            return false;
+        }
+
+        long[] ds = new long[]{ 1L, 7L, 11L, 13L, 17L, 19L, 23L, 29L };
+        long base = 0L;
+        for (int pos = 1;; pos = 0)
+        {
+            /*
+             * Trial division by wheel-selected divisors
+             */
+            while (pos < ds.length)
+            {
+                long d = base + ds[pos];
+                if (x % d == 0L)
+                {
+                    return x < 30L;
+                }
+                ++pos;
+            }
+
+            base += 30L;
+
+            if (base * base >= x)
+            {
+                return true;
+            }
+        }
+    }
+}
\ No newline at end of file

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/AbstractECMultiplier.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/AbstractECMultiplier.java
new file mode 100644
index 0000000..e5f1d8f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/AbstractECMultiplier.java

@@ -0,0 +1,35 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec;
+
+import java.math.BigInteger;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class AbstractECMultiplier implements ECMultiplier
+{
+    public ECPoint multiply(ECPoint p, BigInteger k)
+    {
+        int sign = k.signum();
+        if (sign == 0 || p.isInfinity())
+        {
+            return p.getCurve().getInfinity();
+        }
+
+        ECPoint positive = multiplyPositive(p, k.abs());
+        ECPoint result = sign > 0 ? positive : positive.negate();
+
+        /*
+         * Although the various multipliers ought not to produce invalid output under normal
+         * circumstances, a final check here is advised to guard against fault attacks.
+         */
+        return checkResult(result);
+    }
+
+    protected abstract ECPoint multiplyPositive(ECPoint p, BigInteger k);
+
+    protected ECPoint checkResult(ECPoint p)
+    {
+        return ECAlgorithms.implCheckResult(p);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ECAlgorithms.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ECAlgorithms.java
new file mode 100644
index 0000000..c04cf50
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ECAlgorithms.java

@@ -0,0 +1,515 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.ec.endo.ECEndomorphism;
+import com.android.org.bouncycastle.math.ec.endo.GLVEndomorphism;
+import com.android.org.bouncycastle.math.field.FiniteField;
+import com.android.org.bouncycastle.math.field.PolynomialExtensionField;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ECAlgorithms
+{
+    public static boolean isF2mCurve(ECCurve c)
+    {
+        return isF2mField(c.getField());
+    }
+
+    public static boolean isF2mField(FiniteField field)
+    {
+        return field.getDimension() > 1 && field.getCharacteristic().equals(ECConstants.TWO)
+            && field instanceof PolynomialExtensionField;
+    }
+
+    public static boolean isFpCurve(ECCurve c)
+    {
+        return isFpField(c.getField());
+    }
+
+    public static boolean isFpField(FiniteField field)
+    {
+        return field.getDimension() == 1;
+    }
+
+    public static ECPoint sumOfMultiplies(ECPoint[] ps, BigInteger[] ks)
+    {
+        if (ps == null || ks == null || ps.length != ks.length || ps.length < 1)
+        {
+            throw new IllegalArgumentException("point and scalar arrays should be non-null, and of equal, non-zero, length");
+        }
+
+        int count = ps.length;
+        switch (count)
+        {
+        case 1:
+            return ps[0].multiply(ks[0]);
+        case 2:
+            return sumOfTwoMultiplies(ps[0], ks[0], ps[1], ks[1]);
+        default:
+            break;
+        }
+
+        ECPoint p = ps[0];
+        ECCurve c = p.getCurve();
+
+        ECPoint[] imported = new ECPoint[count];
+        imported[0] = p;
+        for (int i = 1; i < count; ++i)
+        {
+            imported[i] = importPoint(c, ps[i]);
+        }
+
+        ECEndomorphism endomorphism = c.getEndomorphism();
+        if (endomorphism instanceof GLVEndomorphism)
+        {
+            return implCheckResult(implSumOfMultipliesGLV(imported, ks, (GLVEndomorphism)endomorphism));
+        }
+
+        return implCheckResult(implSumOfMultiplies(imported, ks));
+    }
+
+    public static ECPoint sumOfTwoMultiplies(ECPoint P, BigInteger a,
+        ECPoint Q, BigInteger b)
+    {
+        ECCurve cp = P.getCurve();
+        Q = importPoint(cp, Q);
+
+        // Point multiplication for Koblitz curves (using WTNAF) beats Shamir's trick
+        if (cp instanceof ECCurve.AbstractF2m)
+        {
+            ECCurve.AbstractF2m f2mCurve = (ECCurve.AbstractF2m)cp;
+            if (f2mCurve.isKoblitz())
+            {
+                return implCheckResult(P.multiply(a).add(Q.multiply(b)));
+            }
+        }
+
+        ECEndomorphism endomorphism = cp.getEndomorphism();
+        if (endomorphism instanceof GLVEndomorphism)
+        {
+            return implCheckResult(
+                implSumOfMultipliesGLV(new ECPoint[]{ P, Q }, new BigInteger[]{ a, b }, (GLVEndomorphism)endomorphism));
+        }
+
+        return implCheckResult(implShamirsTrickWNaf(P, a, Q, b));
+    }
+
+    /*
+     * "Shamir's Trick", originally due to E. G. Straus
+     * (Addition chains of vectors. American Mathematical Monthly,
+     * 71(7):806-808, Aug./Sept. 1964)
+     * <pre>
+     * Input: The points P, Q, scalar k = (km?, ... , k1, k0)
+     * and scalar l = (lm?, ... , l1, l0).
+     * Output: R = k * P + l * Q.
+     * 1: Z <- P + Q
+     * 2: R <- O
+     * 3: for i from m-1 down to 0 do
+     * 4:        R <- R + R        {point doubling}
+     * 5:        if (ki = 1) and (li = 0) then R <- R + P end if
+     * 6:        if (ki = 0) and (li = 1) then R <- R + Q end if
+     * 7:        if (ki = 1) and (li = 1) then R <- R + Z end if
+     * 8: end for
+     * 9: return R
+     * </pre>
+     */
+    public static ECPoint shamirsTrick(ECPoint P, BigInteger k,
+        ECPoint Q, BigInteger l)
+    {
+        ECCurve cp = P.getCurve();
+        Q = importPoint(cp, Q);
+
+        return implCheckResult(implShamirsTrickJsf(P, k, Q, l));
+    }
+
+    public static ECPoint importPoint(ECCurve c, ECPoint p)
+    {
+        ECCurve cp = p.getCurve();
+        if (!c.equals(cp))
+        {
+            throw new IllegalArgumentException("Point must be on the same curve");
+        }
+        return c.importPoint(p);
+    }
+
+    public static void montgomeryTrick(ECFieldElement[] zs, int off, int len)
+    {
+        montgomeryTrick(zs, off, len, null);
+    }
+
+    public static void montgomeryTrick(ECFieldElement[] zs, int off, int len, ECFieldElement scale)
+    {
+        /*
+         * Uses the "Montgomery Trick" to invert many field elements, with only a single actual
+         * field inversion. See e.g. the paper:
+         * "Fast Multi-scalar Multiplication Methods on Elliptic Curves with Precomputation Strategy Using Montgomery Trick"
+         * by Katsuyuki Okeya, Kouichi Sakurai.
+         */
+
+        ECFieldElement[] c = new ECFieldElement[len];
+        c[0] = zs[off];
+
+        int i = 0;
+        while (++i < len)
+        {
+            c[i] = c[i - 1].multiply(zs[off + i]);
+        }
+
+        --i;
+
+        if (scale != null)
+        {
+            c[i] = c[i].multiply(scale);
+        }
+
+        ECFieldElement u = c[i].invert();
+
+        while (i > 0)
+        {
+            int j = off + i--;
+            ECFieldElement tmp = zs[j];
+            zs[j] = c[i].multiply(u);
+            u = u.multiply(tmp);
+        }
+
+        zs[off] = u;
+    }
+
+    /**
+     * Simple shift-and-add multiplication. Serves as reference implementation
+     * to verify (possibly faster) implementations, and for very small scalars.
+     * 
+     * @param p
+     *            The point to multiply.
+     * @param k
+     *            The multiplier.
+     * @return The result of the point multiplication <code>kP</code>.
+     */
+    public static ECPoint referenceMultiply(ECPoint p, BigInteger k)
+    {
+        BigInteger x = k.abs();
+        ECPoint q = p.getCurve().getInfinity();
+        int t = x.bitLength();
+        if (t > 0)
+        {
+            if (x.testBit(0))
+            {
+                q = p;
+            }
+            for (int i = 1; i < t; i++)
+            {
+                p = p.twice();
+                if (x.testBit(i))
+                {
+                    q = q.add(p);
+                }
+            }
+        }
+        return k.signum() < 0 ? q.negate() : q;
+    }
+
+    public static ECPoint validatePoint(ECPoint p)
+    {
+        if (!p.isValid())
+        {
+            throw new IllegalStateException("Invalid point");
+        }
+
+        return p;
+    }
+
+    public static ECPoint cleanPoint(ECCurve c, ECPoint p)
+    {
+        ECCurve cp = p.getCurve();
+        if (!c.equals(cp))
+        {
+            throw new IllegalArgumentException("Point must be on the same curve");
+        }
+
+        return c.decodePoint(p.getEncoded(false));
+    }
+
+    static ECPoint implCheckResult(ECPoint p)
+    {
+        if (!p.isValidPartial())
+        {
+            throw new IllegalStateException("Invalid result");
+        }
+
+        return p;
+    }
+
+    static ECPoint implShamirsTrickJsf(ECPoint P, BigInteger k,
+        ECPoint Q, BigInteger l)
+    {
+        ECCurve curve = P.getCurve();
+        ECPoint infinity = curve.getInfinity();
+
+        // TODO conjugate co-Z addition (ZADDC) can return both of these
+        ECPoint PaddQ = P.add(Q);
+        ECPoint PsubQ = P.subtract(Q);
+
+        ECPoint[] points = new ECPoint[]{ Q, PsubQ, P, PaddQ };
+        curve.normalizeAll(points);
+
+        ECPoint[] table = new ECPoint[] {
+            points[3].negate(), points[2].negate(), points[1].negate(),
+            points[0].negate(), infinity, points[0],
+            points[1], points[2], points[3] };
+
+        byte[] jsf = WNafUtil.generateJSF(k, l);
+
+        ECPoint R = infinity;
+
+        int i = jsf.length;
+        while (--i >= 0)
+        {
+            int jsfi = jsf[i];
+
+            // NOTE: The shifting ensures the sign is extended correctly
+            int kDigit = ((jsfi << 24) >> 28), lDigit = ((jsfi << 28) >> 28);
+
+            int index = 4 + (kDigit * 3) + lDigit;
+            R = R.twicePlus(table[index]);
+        }
+
+        return R;
+    }
+
+    static ECPoint implShamirsTrickWNaf(ECPoint P, BigInteger k,
+        ECPoint Q, BigInteger l)
+    {
+        boolean negK = k.signum() < 0, negL = l.signum() < 0;
+
+        k = k.abs();
+        l = l.abs();
+
+        int widthP = Math.max(2, Math.min(16, WNafUtil.getWindowSize(k.bitLength())));
+        int widthQ = Math.max(2, Math.min(16, WNafUtil.getWindowSize(l.bitLength())));
+
+        WNafPreCompInfo infoP = WNafUtil.precompute(P, widthP, true);
+        WNafPreCompInfo infoQ = WNafUtil.precompute(Q, widthQ, true);
+
+        ECPoint[] preCompP = negK ? infoP.getPreCompNeg() : infoP.getPreComp();
+        ECPoint[] preCompQ = negL ? infoQ.getPreCompNeg() : infoQ.getPreComp();
+        ECPoint[] preCompNegP = negK ? infoP.getPreComp() : infoP.getPreCompNeg();
+        ECPoint[] preCompNegQ = negL ? infoQ.getPreComp() : infoQ.getPreCompNeg();
+
+        byte[] wnafP = WNafUtil.generateWindowNaf(widthP, k);
+        byte[] wnafQ = WNafUtil.generateWindowNaf(widthQ, l);
+
+        return implShamirsTrickWNaf(preCompP, preCompNegP, wnafP, preCompQ, preCompNegQ, wnafQ);
+    }
+
+    static ECPoint implShamirsTrickWNaf(ECPoint P, BigInteger k, ECPointMap pointMapQ, BigInteger l)
+    {
+        boolean negK = k.signum() < 0, negL = l.signum() < 0;
+
+        k = k.abs();
+        l = l.abs();
+
+        int width = Math.max(2, Math.min(16, WNafUtil.getWindowSize(Math.max(k.bitLength(), l.bitLength()))));
+
+        ECPoint Q = WNafUtil.mapPointWithPrecomp(P, width, true, pointMapQ);
+        WNafPreCompInfo infoP = WNafUtil.getWNafPreCompInfo(P);
+        WNafPreCompInfo infoQ = WNafUtil.getWNafPreCompInfo(Q);
+
+        ECPoint[] preCompP = negK ? infoP.getPreCompNeg() : infoP.getPreComp();
+        ECPoint[] preCompQ = negL ? infoQ.getPreCompNeg() : infoQ.getPreComp();
+        ECPoint[] preCompNegP = negK ? infoP.getPreComp() : infoP.getPreCompNeg();
+        ECPoint[] preCompNegQ = negL ? infoQ.getPreComp() : infoQ.getPreCompNeg();
+
+        byte[] wnafP = WNafUtil.generateWindowNaf(width, k);
+        byte[] wnafQ = WNafUtil.generateWindowNaf(width, l);
+
+        return implShamirsTrickWNaf(preCompP, preCompNegP, wnafP, preCompQ, preCompNegQ, wnafQ);
+    }
+
+    private static ECPoint implShamirsTrickWNaf(ECPoint[] preCompP, ECPoint[] preCompNegP, byte[] wnafP,
+        ECPoint[] preCompQ, ECPoint[] preCompNegQ, byte[] wnafQ)
+    {
+        int len = Math.max(wnafP.length, wnafQ.length);
+
+        ECCurve curve = preCompP[0].getCurve();
+        ECPoint infinity = curve.getInfinity();
+
+        ECPoint R = infinity;
+        int zeroes = 0;
+
+        for (int i = len - 1; i >= 0; --i)
+        {
+            int wiP = i < wnafP.length ? wnafP[i] : 0;
+            int wiQ = i < wnafQ.length ? wnafQ[i] : 0;
+
+            if ((wiP | wiQ) == 0)
+            {
+                ++zeroes;
+                continue;
+            }
+
+            ECPoint r = infinity;
+            if (wiP != 0)
+            {
+                int nP = Math.abs(wiP);
+                ECPoint[] tableP = wiP < 0 ? preCompNegP : preCompP;
+                r = r.add(tableP[nP >>> 1]);
+            }
+            if (wiQ != 0)
+            {
+                int nQ = Math.abs(wiQ);
+                ECPoint[] tableQ = wiQ < 0 ? preCompNegQ : preCompQ;
+                r = r.add(tableQ[nQ >>> 1]);
+            }
+
+            if (zeroes > 0)
+            {
+                R = R.timesPow2(zeroes);
+                zeroes = 0;
+            }
+
+            R = R.twicePlus(r);
+        }
+
+        if (zeroes > 0)
+        {
+            R = R.timesPow2(zeroes);
+        }
+
+        return R;
+    }
+
+    static ECPoint implSumOfMultiplies(ECPoint[] ps, BigInteger[] ks)
+    {
+        int count = ps.length;
+        boolean[] negs = new boolean[count];
+        WNafPreCompInfo[] infos = new WNafPreCompInfo[count];
+        byte[][] wnafs = new byte[count][];
+
+        for (int i = 0; i < count; ++i)
+        {
+            BigInteger ki = ks[i]; negs[i] = ki.signum() < 0; ki = ki.abs();
+
+            int width = Math.max(2, Math.min(16, WNafUtil.getWindowSize(ki.bitLength())));
+            infos[i] = WNafUtil.precompute(ps[i], width, true);
+            wnafs[i] = WNafUtil.generateWindowNaf(width, ki);
+        }
+
+        return implSumOfMultiplies(negs, infos, wnafs);
+    }
+
+    static ECPoint implSumOfMultipliesGLV(ECPoint[] ps, BigInteger[] ks, GLVEndomorphism glvEndomorphism)
+    {
+        BigInteger n = ps[0].getCurve().getOrder();
+
+        int len = ps.length;
+
+        BigInteger[] abs = new BigInteger[len << 1];
+        for (int i = 0, j = 0; i < len; ++i)
+        {
+            BigInteger[] ab = glvEndomorphism.decomposeScalar(ks[i].mod(n));
+            abs[j++] = ab[0];
+            abs[j++] = ab[1];
+        }
+
+        ECPointMap pointMap = glvEndomorphism.getPointMap();
+        if (glvEndomorphism.hasEfficientPointMap())
+        {
+            return ECAlgorithms.implSumOfMultiplies(ps, pointMap, abs);
+        }
+
+        ECPoint[] pqs = new ECPoint[len << 1];
+        for (int i = 0, j = 0; i < len; ++i)
+        {
+            ECPoint p = ps[i], q = pointMap.map(p);
+            pqs[j++] = p;
+            pqs[j++] = q;
+        }
+        
+        return ECAlgorithms.implSumOfMultiplies(pqs, abs);
+
+    }
+
+    static ECPoint implSumOfMultiplies(ECPoint[] ps, ECPointMap pointMap, BigInteger[] ks)
+    {
+        int halfCount = ps.length, fullCount = halfCount << 1;
+
+        boolean[] negs = new boolean[fullCount];
+        WNafPreCompInfo[] infos = new WNafPreCompInfo[fullCount];
+        byte[][] wnafs = new byte[fullCount][];
+
+        for (int i = 0; i < halfCount; ++i)
+        {
+            int j0 = i << 1, j1 = j0 + 1;
+
+            BigInteger kj0 = ks[j0]; negs[j0] = kj0.signum() < 0; kj0 = kj0.abs();
+            BigInteger kj1 = ks[j1]; negs[j1] = kj1.signum() < 0; kj1 = kj1.abs();
+
+            int width = Math.max(2, Math.min(16, WNafUtil.getWindowSize(Math.max(kj0.bitLength(), kj1.bitLength()))));
+
+            ECPoint P = ps[i], Q = WNafUtil.mapPointWithPrecomp(P, width, true, pointMap);
+            infos[j0] = WNafUtil.getWNafPreCompInfo(P);
+            infos[j1] = WNafUtil.getWNafPreCompInfo(Q);
+            wnafs[j0] = WNafUtil.generateWindowNaf(width, kj0);
+            wnafs[j1] = WNafUtil.generateWindowNaf(width, kj1);
+        }
+
+        return implSumOfMultiplies(negs, infos, wnafs);
+    }
+
+    private static ECPoint implSumOfMultiplies(boolean[] negs, WNafPreCompInfo[] infos, byte[][] wnafs)
+    {
+        int len = 0, count = wnafs.length;
+        for (int i = 0; i < count; ++i)
+        {
+            len = Math.max(len, wnafs[i].length);
+        }
+
+        ECCurve curve = infos[0].getPreComp()[0].getCurve();
+        ECPoint infinity = curve.getInfinity();
+
+        ECPoint R = infinity;
+        int zeroes = 0;
+
+        for (int i = len - 1; i >= 0; --i)
+        {
+            ECPoint r = infinity;
+
+            for (int j = 0; j < count; ++j)
+            {
+                byte[] wnaf = wnafs[j];
+                int wi = i < wnaf.length ? wnaf[i] : 0;
+                if (wi != 0)
+                {
+                    int n = Math.abs(wi);
+                    WNafPreCompInfo info = infos[j];
+                    ECPoint[] table = (wi < 0 == negs[j]) ? info.getPreComp() : info.getPreCompNeg();
+                    r = r.add(table[n >>> 1]);
+                }
+            }
+
+            if (r == infinity)
+            {
+                ++zeroes;
+                continue;
+            }
+
+            if (zeroes > 0)
+            {
+                R = R.timesPow2(zeroes);
+                zeroes = 0;
+            }
+
+            R = R.twicePlus(r);
+        }
+
+        if (zeroes > 0)
+        {
+            R = R.timesPow2(zeroes);
+        }
+
+        return R;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ECConstants.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ECConstants.java
new file mode 100644
index 0000000..f356aa7
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ECConstants.java

@@ -0,0 +1,17 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec;
+
+import java.math.BigInteger;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface ECConstants
+{
+    public static final BigInteger ZERO = BigInteger.valueOf(0);
+    public static final BigInteger ONE = BigInteger.valueOf(1);
+    public static final BigInteger TWO = BigInteger.valueOf(2);
+    public static final BigInteger THREE = BigInteger.valueOf(3);
+    public static final BigInteger FOUR = BigInteger.valueOf(4);
+    public static final BigInteger EIGHT = BigInteger.valueOf(8);
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ECCurve.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ECCurve.java
new file mode 100644
index 0000000..bc08801
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ECCurve.java

@@ -0,0 +1,1296 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec;
+
+import java.math.BigInteger;
+import java.util.Hashtable;
+import java.util.Random;
+
+import com.android.org.bouncycastle.math.ec.endo.ECEndomorphism;
+import com.android.org.bouncycastle.math.ec.endo.GLVEndomorphism;
+import com.android.org.bouncycastle.math.field.FiniteField;
+import com.android.org.bouncycastle.math.field.FiniteFields;
+import com.android.org.bouncycastle.math.raw.Nat;
+import com.android.org.bouncycastle.util.BigIntegers;
+import com.android.org.bouncycastle.util.Integers;
+
+/**
+ * base class for an elliptic curve
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class ECCurve
+{
+    public static final int COORD_AFFINE = 0;
+    public static final int COORD_HOMOGENEOUS = 1;
+    public static final int COORD_JACOBIAN = 2;
+    public static final int COORD_JACOBIAN_CHUDNOVSKY = 3;
+    public static final int COORD_JACOBIAN_MODIFIED = 4;
+    public static final int COORD_LAMBDA_AFFINE = 5;
+    public static final int COORD_LAMBDA_PROJECTIVE = 6;
+    public static final int COORD_SKEWED = 7;
+
+    public static int[] getAllCoordinateSystems()
+    {
+        return new int[]{ COORD_AFFINE, COORD_HOMOGENEOUS, COORD_JACOBIAN, COORD_JACOBIAN_CHUDNOVSKY,
+            COORD_JACOBIAN_MODIFIED, COORD_LAMBDA_AFFINE, COORD_LAMBDA_PROJECTIVE, COORD_SKEWED };
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public class Config
+    {
+        protected int coord;
+        protected ECEndomorphism endomorphism;
+        protected ECMultiplier multiplier;
+
+        Config(int coord, ECEndomorphism endomorphism, ECMultiplier multiplier)
+        {
+            this.coord = coord;
+            this.endomorphism = endomorphism;
+            this.multiplier = multiplier;
+        }
+
+        public Config setCoordinateSystem(int coord)
+        {
+            this.coord = coord;
+            return this;
+        }
+
+        public Config setEndomorphism(ECEndomorphism endomorphism)
+        {
+            this.endomorphism = endomorphism;
+            return this;
+        }
+
+        public Config setMultiplier(ECMultiplier multiplier)
+        {
+            this.multiplier = multiplier;
+            return this;
+        }
+
+        public ECCurve create()
+        {
+            if (!supportsCoordinateSystem(coord))
+            {
+                throw new IllegalStateException("unsupported coordinate system");
+            }
+
+            ECCurve c = cloneCurve();
+            if (c == ECCurve.this)
+            {
+                throw new IllegalStateException("implementation returned current curve");
+            }
+
+            // NOTE: Synchronization added to keep FindBugs™ happy
+            synchronized (c)
+            {
+                c.coord = coord;
+                c.endomorphism = endomorphism;
+                c.multiplier = multiplier;
+            }
+
+            return c;
+        }
+    }
+
+    protected FiniteField field;
+    protected ECFieldElement a, b;
+    protected BigInteger order, cofactor;
+
+    protected int coord = COORD_AFFINE;
+    protected ECEndomorphism endomorphism = null;
+    protected ECMultiplier multiplier = null;
+
+    protected ECCurve(FiniteField field)
+    {
+        this.field = field;
+    }
+
+    public abstract int getFieldSize();
+
+    public abstract ECFieldElement fromBigInteger(BigInteger x);
+
+    public abstract boolean isValidFieldElement(BigInteger x);
+
+    public synchronized Config configure()
+    {
+        return new Config(this.coord, this.endomorphism, this.multiplier);
+    }
+
+    public ECPoint validatePoint(BigInteger x, BigInteger y)
+    {
+        ECPoint p = createPoint(x, y);
+        if (!p.isValid())
+        {
+            throw new IllegalArgumentException("Invalid point coordinates");
+        }
+        return p;
+    }
+
+    /**
+     * @deprecated per-point compression property will be removed, use {@link #validatePoint(BigInteger, BigInteger)}
+     * and refer {@link ECPoint#getEncoded(boolean)}
+     */
+    public ECPoint validatePoint(BigInteger x, BigInteger y, boolean withCompression)
+    {
+        ECPoint p = createPoint(x, y, withCompression);
+        if (!p.isValid())
+        {
+            throw new IllegalArgumentException("Invalid point coordinates");
+        }
+        return p;
+    }
+
+    public ECPoint createPoint(BigInteger x, BigInteger y)
+    {
+        return createPoint(x, y, false);
+    }
+
+    /**
+     * @deprecated per-point compression property will be removed, use {@link #createPoint(BigInteger, BigInteger)}
+     * and refer {@link ECPoint#getEncoded(boolean)}
+     */
+    public ECPoint createPoint(BigInteger x, BigInteger y, boolean withCompression)
+    {
+        return createRawPoint(fromBigInteger(x), fromBigInteger(y), withCompression);
+    }
+
+    protected abstract ECCurve cloneCurve();
+
+    protected abstract ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression);
+
+    protected abstract ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression);
+
+    protected ECMultiplier createDefaultMultiplier()
+    {
+        if (endomorphism instanceof GLVEndomorphism)
+        {
+            return new GLVMultiplier(this, (GLVEndomorphism)endomorphism);
+        }
+
+        return new WNafL2RMultiplier();
+    }
+
+    public boolean supportsCoordinateSystem(int coord)
+    {
+        return coord == COORD_AFFINE;
+    }
+
+    public PreCompInfo getPreCompInfo(ECPoint point, String name)
+    {
+        checkPoint(point);
+
+        Hashtable table;
+        synchronized (point)
+        {
+            table = point.preCompTable;
+        }
+
+        if (null == table)
+        {
+            return null;
+        }
+
+        synchronized (table)
+        {
+            return (PreCompInfo)table.get(name);
+        }
+    }
+
+    /**
+     * Compute a <code>PreCompInfo</code> for a point on this curve, under a given name. Used by
+     * <code>ECMultiplier</code>s to save the precomputation for this <code>ECPoint</code> for use
+     * by subsequent multiplication.
+     * 
+     * @param point
+     *            The <code>ECPoint</code> to store precomputations for.
+     * @param name
+     *            A <code>String</code> used to index precomputations of different types.
+     * @param callback
+     *            Called to calculate the <code>PreCompInfo</code>.
+     */
+    public PreCompInfo precompute(ECPoint point, String name, PreCompCallback callback)
+    {
+        checkPoint(point);
+
+        Hashtable table;
+        synchronized (point)
+        {
+            table = point.preCompTable;
+            if (null == table)
+            {
+                point.preCompTable = table = new Hashtable(4);
+            }
+        }
+
+        synchronized (table)
+        {
+            PreCompInfo existing = (PreCompInfo)table.get(name);
+            PreCompInfo result = callback.precompute(existing);
+
+            if (result != existing)
+            {
+                table.put(name, result);
+            }
+
+            return result;
+        }
+    }
+
+    public ECPoint importPoint(ECPoint p)
+    {
+        if (this == p.getCurve())
+        {
+            return p;
+        }
+        if (p.isInfinity())
+        {
+            return getInfinity();
+        }
+
+        // TODO Default behaviour could be improved if the two curves have the same coordinate system by copying any Z coordinates.
+        p = p.normalize();
+
+        return createPoint(p.getXCoord().toBigInteger(), p.getYCoord().toBigInteger(), p.withCompression);
+    }
+
+    /**
+     * Normalization ensures that any projective coordinate is 1, and therefore that the x, y
+     * coordinates reflect those of the equivalent point in an affine coordinate system. Where more
+     * than one point is to be normalized, this method will generally be more efficient than
+     * normalizing each point separately.
+     * 
+     * @param points
+     *            An array of points that will be updated in place with their normalized versions,
+     *            where necessary
+     */
+    public void normalizeAll(ECPoint[] points)
+    {
+        normalizeAll(points, 0, points.length, null);
+    }
+
+    /**
+     * Normalization ensures that any projective coordinate is 1, and therefore that the x, y
+     * coordinates reflect those of the equivalent point in an affine coordinate system. Where more
+     * than one point is to be normalized, this method will generally be more efficient than
+     * normalizing each point separately. An (optional) z-scaling factor can be applied; effectively
+     * each z coordinate is scaled by this value prior to normalization (but only one
+     * actual multiplication is needed).
+     * 
+     * @param points
+     *            An array of points that will be updated in place with their normalized versions,
+     *            where necessary
+     * @param off
+     *            The start of the range of points to normalize
+     * @param len
+     *            The length of the range of points to normalize
+     * @param iso
+     *            The (optional) z-scaling factor - can be null
+     */
+    public void normalizeAll(ECPoint[] points, int off, int len, ECFieldElement iso)
+    {
+        checkPoints(points, off, len);
+
+        switch (this.getCoordinateSystem())
+        {
+        case ECCurve.COORD_AFFINE:
+        case ECCurve.COORD_LAMBDA_AFFINE:
+        {
+            if (iso != null)
+            {
+                throw new IllegalArgumentException("'iso' not valid for affine coordinates");
+            }
+            return;
+        }
+        }
+
+        /*
+         * Figure out which of the points actually need to be normalized
+         */
+        ECFieldElement[] zs = new ECFieldElement[len];
+        int[] indices = new int[len];
+        int count = 0;
+        for (int i = 0; i < len; ++i)
+        {
+            ECPoint p = points[off + i];
+            if (null != p && (iso != null || !p.isNormalized()))
+            {
+                zs[count] = p.getZCoord(0);
+                indices[count++] = off + i;
+            }
+        }
+
+        if (count == 0)
+        {
+            return;
+        }
+
+        ECAlgorithms.montgomeryTrick(zs, 0, count, iso);
+
+        for (int j = 0; j < count; ++j)
+        {
+            int index = indices[j];
+            points[index] = points[index].normalize(zs[j]);
+        }
+    }
+
+    public abstract ECPoint getInfinity();
+
+    public FiniteField getField()
+    {
+        return field;
+    }
+
+    public ECFieldElement getA()
+    {
+        return a;
+    }
+
+    public ECFieldElement getB()
+    {
+        return b;
+    }
+
+    public BigInteger getOrder()
+    {
+        return order;
+    }
+
+    public BigInteger getCofactor()
+    {
+        return cofactor;
+    }
+
+    public int getCoordinateSystem()
+    {
+        return coord;
+    }
+
+    protected abstract ECPoint decompressPoint(int yTilde, BigInteger X1);
+
+    public ECEndomorphism getEndomorphism()
+    {
+        return endomorphism;
+    }
+
+    /**
+     * Sets the default <code>ECMultiplier</code>, unless already set. 
+     */
+    public synchronized ECMultiplier getMultiplier()
+    {
+        if (this.multiplier == null)
+        {
+            this.multiplier = createDefaultMultiplier();
+        }
+        return this.multiplier;
+    }
+
+    /**
+     * Decode a point on this curve from its ASN.1 encoding. The different
+     * encodings are taken account of, including point compression for
+     * <code>F<sub>p</sub></code> (X9.62 s 4.2.1 pg 17).
+     * @return The decoded point.
+     */
+    public ECPoint decodePoint(byte[] encoded)
+    {
+        ECPoint p = null;
+        int expectedLength = (getFieldSize() + 7) / 8;
+
+        byte type = encoded[0];
+        switch (type)
+        {
+        case 0x00: // infinity
+        {
+            if (encoded.length != 1)
+            {
+                throw new IllegalArgumentException("Incorrect length for infinity encoding");
+            }
+
+            p = getInfinity();
+            break;
+        }
+        case 0x02: // compressed
+        case 0x03: // compressed
+        {
+            if (encoded.length != (expectedLength + 1))
+            {
+                throw new IllegalArgumentException("Incorrect length for compressed encoding");
+            }
+
+            int yTilde = type & 1;
+            BigInteger X = BigIntegers.fromUnsignedByteArray(encoded, 1, expectedLength);
+
+            p = decompressPoint(yTilde, X);
+            if (!p.implIsValid(true, true))
+            {
+                throw new IllegalArgumentException("Invalid point");
+            }
+
+            break;
+        }
+        case 0x04: // uncompressed
+        {
+            if (encoded.length != (2 * expectedLength + 1))
+            {
+                throw new IllegalArgumentException("Incorrect length for uncompressed encoding");
+            }
+
+            BigInteger X = BigIntegers.fromUnsignedByteArray(encoded, 1, expectedLength);
+            BigInteger Y = BigIntegers.fromUnsignedByteArray(encoded, 1 + expectedLength, expectedLength);
+
+            p = validatePoint(X, Y);
+            break;
+        }
+        case 0x06: // hybrid
+        case 0x07: // hybrid
+        {
+            if (encoded.length != (2 * expectedLength + 1))
+            {
+                throw new IllegalArgumentException("Incorrect length for hybrid encoding");
+            }
+
+            BigInteger X = BigIntegers.fromUnsignedByteArray(encoded, 1, expectedLength);
+            BigInteger Y = BigIntegers.fromUnsignedByteArray(encoded, 1 + expectedLength, expectedLength);
+
+            if (Y.testBit(0) != (type == 0x07))
+            {
+                throw new IllegalArgumentException("Inconsistent Y coordinate in hybrid encoding");
+            }
+
+            p = validatePoint(X, Y);
+            break;
+        }
+        default:
+            throw new IllegalArgumentException("Invalid point encoding 0x" + Integer.toString(type, 16));
+        }
+
+        if (type != 0x00 && p.isInfinity())
+        {
+            throw new IllegalArgumentException("Invalid infinity encoding");
+        }
+
+        return p;
+    }
+
+    /**
+     * Create a cache-safe lookup table for the specified sequence of points. All the points MUST
+     * belong to this {@link ECCurve} instance, and MUST already be normalized.
+     */
+    public ECLookupTable createCacheSafeLookupTable(final ECPoint[] points, int off, final int len)
+    {
+        final int FE_BYTES = (getFieldSize() + 7) >>> 3;
+
+        final byte[] table = new byte[len * FE_BYTES * 2];
+        {
+            int pos = 0;
+            for (int i = 0; i < len; ++i)
+            {
+                ECPoint p = points[off + i];
+                byte[] px = p.getRawXCoord().toBigInteger().toByteArray();
+                byte[] py = p.getRawYCoord().toBigInteger().toByteArray();
+
+                int pxStart = px.length > FE_BYTES ? 1 : 0, pxLen = px.length - pxStart;
+                int pyStart = py.length > FE_BYTES ? 1 : 0, pyLen = py.length - pyStart;
+
+                System.arraycopy(px, pxStart, table, pos + FE_BYTES - pxLen, pxLen); pos += FE_BYTES;
+                System.arraycopy(py, pyStart, table, pos + FE_BYTES - pyLen, pyLen); pos += FE_BYTES;
+            }
+        }
+
+        return new ECLookupTable()
+        {
+            public int getSize()
+            {
+                return len;
+            }
+
+            public ECPoint lookup(int index)
+            {
+                byte[] x = new byte[FE_BYTES], y = new byte[FE_BYTES];
+                int pos = 0;
+
+                for (int i = 0; i < len; ++i)
+                {
+                    int MASK = ((i ^ index) - 1) >> 31;
+
+                    for (int j = 0; j < FE_BYTES; ++j)
+                    {
+                        x[j] ^= table[pos + j] & MASK;
+                        y[j] ^= table[pos + FE_BYTES + j] & MASK;
+                    }
+
+                    pos += (FE_BYTES * 2);
+                }
+
+                return createRawPoint(fromBigInteger(new BigInteger(1, x)), fromBigInteger(new BigInteger(1, y)), false);
+            }
+        };
+    }
+
+    protected void checkPoint(ECPoint point)
+    {
+        if (null == point || (this != point.getCurve()))
+        {
+            throw new IllegalArgumentException("'point' must be non-null and on this curve");
+        }
+    }
+
+    protected void checkPoints(ECPoint[] points)
+    {
+        checkPoints(points, 0, points.length);
+    }
+
+    protected void checkPoints(ECPoint[] points, int off, int len)
+    {
+        if (points == null)
+        {
+            throw new IllegalArgumentException("'points' cannot be null");
+        }
+        if (off < 0 || len < 0 || (off > (points.length - len)))
+        {
+            throw new IllegalArgumentException("invalid range specified for 'points'");
+        }
+
+        for (int i = 0; i < len; ++i)
+        {
+            ECPoint point = points[off + i];
+            if (null != point && this != point.getCurve())
+            {
+                throw new IllegalArgumentException("'points' entries must be null or on this curve");
+            }
+        }
+    }
+
+    public boolean equals(ECCurve other)
+    {
+        return this == other
+            || (null != other
+                && getField().equals(other.getField())
+                && getA().toBigInteger().equals(other.getA().toBigInteger())
+                && getB().toBigInteger().equals(other.getB().toBigInteger()));
+    }
+
+    public boolean equals(Object obj) 
+    {
+        return this == obj || (obj instanceof ECCurve && equals((ECCurve)obj));
+    }
+
+    public int hashCode() 
+    {
+        return getField().hashCode()
+            ^ Integers.rotateLeft(getA().toBigInteger().hashCode(), 8)
+            ^ Integers.rotateLeft(getB().toBigInteger().hashCode(), 16);
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static abstract class AbstractFp extends ECCurve
+    {
+        protected AbstractFp(BigInteger q)
+        {
+            super(FiniteFields.getPrimeField(q));
+        }
+
+        public boolean isValidFieldElement(BigInteger x)
+        {
+            return x != null && x.signum() >= 0 && x.compareTo(this.getField().getCharacteristic()) < 0;
+        }
+
+        protected ECPoint decompressPoint(int yTilde, BigInteger X1)
+        {
+            ECFieldElement x = this.fromBigInteger(X1);
+            ECFieldElement rhs = x.square().add(this.a).multiply(x).add(this.b);
+            ECFieldElement y = rhs.sqrt();
+
+            /*
+             * If y is not a square, then we haven't got a point on the curve
+             */
+            if (y == null)
+            {
+                throw new IllegalArgumentException("Invalid point compression");
+            }
+
+            if (y.testBitZero() != (yTilde == 1))
+            {
+                // Use the other root
+                y = y.negate();
+            }
+
+            return this.createRawPoint(x, y, true);
+        }
+    }
+
+    /**
+     * Elliptic curve over Fp
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Fp extends AbstractFp
+    {
+        private static final int FP_DEFAULT_COORDS = ECCurve.COORD_JACOBIAN_MODIFIED;
+
+        BigInteger q, r;
+        ECPoint.Fp infinity;
+
+        /**
+         * @deprecated use constructor taking order/cofactor
+         */
+        public Fp(BigInteger q, BigInteger a, BigInteger b)
+        {
+            this(q, a, b, null, null);
+        }
+
+        public Fp(BigInteger q, BigInteger a, BigInteger b, BigInteger order, BigInteger cofactor)
+        {
+            super(q);
+
+            this.q = q;
+            this.r = ECFieldElement.Fp.calculateResidue(q);
+            this.infinity = new ECPoint.Fp(this, null, null, false);
+
+            this.a = fromBigInteger(a);
+            this.b = fromBigInteger(b);
+            this.order = order;
+            this.cofactor = cofactor;
+            this.coord = FP_DEFAULT_COORDS;
+        }
+
+        /**
+         * @deprecated use constructor taking order/cofactor
+         */
+        protected Fp(BigInteger q, BigInteger r, ECFieldElement a, ECFieldElement b)
+        {
+            this(q, r, a, b, null, null);
+        }
+
+        protected Fp(BigInteger q, BigInteger r, ECFieldElement a, ECFieldElement b, BigInteger order, BigInteger cofactor)
+        {
+            super(q);
+
+            this.q = q;
+            this.r = r;
+            this.infinity = new ECPoint.Fp(this, null, null, false);
+
+            this.a = a;
+            this.b = b;
+            this.order = order;
+            this.cofactor = cofactor;
+            this.coord = FP_DEFAULT_COORDS;
+        }
+
+        protected ECCurve cloneCurve()
+        {
+            return new Fp(this.q, this.r, this.a, this.b, this.order, this.cofactor);
+        }
+
+        public boolean supportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+            case ECCurve.COORD_AFFINE:
+            case ECCurve.COORD_HOMOGENEOUS:
+            case ECCurve.COORD_JACOBIAN:
+            case ECCurve.COORD_JACOBIAN_MODIFIED:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        public BigInteger getQ()
+        {
+            return q;
+        }
+
+        public int getFieldSize()
+        {
+            return q.bitLength();
+        }
+
+        public ECFieldElement fromBigInteger(BigInteger x)
+        {
+            return new ECFieldElement.Fp(this.q, this.r, x);
+        }
+
+        protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
+        {
+            return new ECPoint.Fp(this, x, y, withCompression);
+        }
+
+        protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
+        {
+            return new ECPoint.Fp(this, x, y, zs, withCompression);
+        }
+
+        public ECPoint importPoint(ECPoint p)
+        {
+            if (this != p.getCurve() && this.getCoordinateSystem() == ECCurve.COORD_JACOBIAN && !p.isInfinity())
+            {
+                switch (p.getCurve().getCoordinateSystem())
+                {
+                case ECCurve.COORD_JACOBIAN:
+                case ECCurve.COORD_JACOBIAN_CHUDNOVSKY:
+                case ECCurve.COORD_JACOBIAN_MODIFIED:
+                    return new ECPoint.Fp(this,
+                        fromBigInteger(p.x.toBigInteger()),
+                        fromBigInteger(p.y.toBigInteger()),
+                        new ECFieldElement[]{ fromBigInteger(p.zs[0].toBigInteger()) },
+                        p.withCompression);
+                default:
+                    break;
+                }
+            }
+
+            return super.importPoint(p);
+        }
+
+        public ECPoint getInfinity()
+        {
+            return infinity;
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static abstract class AbstractF2m extends ECCurve
+    {
+        public static BigInteger inverse(int m, int[] ks, BigInteger x)
+        {
+            return new LongArray(x).modInverse(m, ks).toBigInteger();
+        }
+
+        /**
+         * The auxiliary values <code>s<sub>0</sub></code> and
+         * <code>s<sub>1</sub></code> used for partial modular reduction for
+         * Koblitz curves.
+         */
+        private BigInteger[] si = null;
+
+        private static FiniteField buildField(int m, int k1, int k2, int k3)
+        {
+            if (k1 == 0)
+            {
+                throw new IllegalArgumentException("k1 must be > 0");
+            }
+
+            if (k2 == 0)
+            {
+                if (k3 != 0)
+                {
+                    throw new IllegalArgumentException("k3 must be 0 if k2 == 0");
+                }
+
+                return FiniteFields.getBinaryExtensionField(new int[]{ 0, k1, m });
+            }
+
+            if (k2 <= k1)
+            {
+                throw new IllegalArgumentException("k2 must be > k1");
+            }
+
+            if (k3 <= k2)
+            {
+                throw new IllegalArgumentException("k3 must be > k2");
+            }
+
+            return FiniteFields.getBinaryExtensionField(new int[]{ 0, k1, k2, k3, m });
+        }
+
+        protected AbstractF2m(int m, int k1, int k2, int k3)
+        {
+            super(buildField(m, k1, k2, k3));
+        }
+
+        public boolean isValidFieldElement(BigInteger x)
+        {
+            return x != null && x.signum() >= 0 && x.bitLength() <= this.getFieldSize();
+        }
+
+        public ECPoint createPoint(BigInteger x, BigInteger y, boolean withCompression)
+        {
+            ECFieldElement X = this.fromBigInteger(x), Y = this.fromBigInteger(y);
+
+            int coord = this.getCoordinateSystem();
+
+            switch (coord)
+            {
+            case ECCurve.COORD_LAMBDA_AFFINE:
+            case ECCurve.COORD_LAMBDA_PROJECTIVE:
+            {
+                if (X.isZero())
+                {
+                    if (!Y.square().equals(this.getB()))
+                    {
+                        throw new IllegalArgumentException();
+                    }
+                }
+                /*
+                 * NOTE: A division could be avoided using a projective result, except at present
+                 * callers will expect that the result is already normalized.
+                 */
+//                else if (coord == COORD_LAMBDA_PROJECTIVE)
+//                {
+//                    ECFieldElement Z = X;
+//                    X = X.square();
+//                    Y = Y.add(X);
+//                    return createRawPoint(X, Y, new ECFieldElement[]{ Z }, withCompression);
+//                }
+                else
+                {
+                    // Y becomes Lambda (X + Y/X) here
+                    Y = Y.divide(X).add(X);
+                }
+                break;
+            }
+            default:
+            {
+                break;
+            }
+            }
+
+            return this.createRawPoint(X, Y, withCompression);
+        }
+
+        /**
+         * Decompresses a compressed point P = (xp, yp) (X9.62 s 4.2.2).
+         * 
+         * @param yTilde
+         *            ~yp, an indication bit for the decompression of yp.
+         * @param X1
+         *            The field element xp.
+         * @return the decompressed point.
+         */
+        protected ECPoint decompressPoint(int yTilde, BigInteger X1)
+        {
+            ECFieldElement x = this.fromBigInteger(X1), y = null;
+            if (x.isZero())
+            {
+                y = this.getB().sqrt();
+            }
+            else
+            {
+                ECFieldElement beta = x.square().invert().multiply(this.getB()).add(this.getA()).add(x);
+                ECFieldElement z = solveQuadraticEquation(beta);
+                if (z != null)
+                {
+                    if (z.testBitZero() != (yTilde == 1))
+                    {
+                        z = z.addOne();
+                    }
+
+                    switch (this.getCoordinateSystem())
+                    {
+                    case ECCurve.COORD_LAMBDA_AFFINE:
+                    case ECCurve.COORD_LAMBDA_PROJECTIVE:
+                    {
+                        y = z.add(x);
+                        break;
+                    }
+                    default:
+                    {
+                        y = z.multiply(x);
+                        break;
+                    }
+                    }
+                }
+            }
+
+            if (y == null)
+            {
+                throw new IllegalArgumentException("Invalid point compression");
+            }
+
+            return this.createRawPoint(x, y, true);
+        }
+
+        /**
+         * Solves a quadratic equation <code>z<sup>2</sup> + z = beta</code>(X9.62
+         * D.1.6) The other solution is <code>z + 1</code>.
+         * 
+         * @param beta
+         *            The value to solve the quadratic equation for.
+         * @return the solution for <code>z<sup>2</sup> + z = beta</code> or
+         *         <code>null</code> if no solution exists.
+         */
+        protected ECFieldElement solveQuadraticEquation(ECFieldElement beta)
+        {
+            if (beta.isZero())
+            {
+                return beta;
+            }
+
+            ECFieldElement gamma, z, zeroElement = this.fromBigInteger(ECConstants.ZERO);
+
+            int m = this.getFieldSize();
+            Random rand = new Random();
+            do
+            {
+                ECFieldElement t = this.fromBigInteger(new BigInteger(m, rand));
+                z = zeroElement;
+                ECFieldElement w = beta;
+                for (int i = 1; i < m; i++)
+                {
+                    ECFieldElement w2 = w.square();
+                    z = z.square().add(w2.multiply(t));
+                    w = w2.add(beta);
+                }
+                if (!w.isZero())
+                {
+                    return null;
+                }
+                gamma = z.square().add(z);
+            }
+            while (gamma.isZero());
+
+            return z;
+        }
+
+        /**
+         * @return the auxiliary values <code>s<sub>0</sub></code> and
+         * <code>s<sub>1</sub></code> used for partial modular reduction for
+         * Koblitz curves.
+         */
+        synchronized BigInteger[] getSi()
+        {
+            if (si == null)
+            {
+                si = Tnaf.getSi(this);
+            }
+            return si;
+        }
+
+        /**
+         * Returns true if this is a Koblitz curve (ABC curve).
+         * @return true if this is a Koblitz curve (ABC curve), false otherwise
+         */
+        public boolean isKoblitz()
+        {
+            return this.order != null && this.cofactor != null && this.b.isOne() && (this.a.isZero() || this.a.isOne());
+        }
+    }
+
+    /**
+     * Elliptic curves over F2m. The Weierstrass equation is given by
+     * <code>y<sup>2</sup> + xy = x<sup>3</sup> + ax<sup>2</sup> + b</code>.
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class F2m extends AbstractF2m
+    {
+        private static final int F2M_DEFAULT_COORDS = ECCurve.COORD_LAMBDA_PROJECTIVE;
+
+        /**
+         * The exponent <code>m</code> of <code>F<sub>2<sup>m</sup></sub></code>.
+         */
+        private int m;  // can't be final - JDK 1.1
+
+        /**
+         * TPB: The integer <code>k</code> where <code>x<sup>m</sup> +
+         * x<sup>k</sup> + 1</code> represents the reduction polynomial
+         * <code>f(z)</code>.<br>
+         * PPB: The integer <code>k1</code> where <code>x<sup>m</sup> +
+         * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>.<br>
+         */
+        private int k1;  // can't be final - JDK 1.1
+
+        /**
+         * TPB: Always set to <code>0</code><br>
+         * PPB: The integer <code>k2</code> where <code>x<sup>m</sup> +
+         * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>.<br>
+         */
+        private int k2;  // can't be final - JDK 1.1
+
+        /**
+         * TPB: Always set to <code>0</code><br>
+         * PPB: The integer <code>k3</code> where <code>x<sup>m</sup> +
+         * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>.<br>
+         */
+        private int k3;  // can't be final - JDK 1.1
+        
+         /**
+         * The point at infinity on this curve.
+         */
+        private ECPoint.F2m infinity;  // can't be final - JDK 1.1
+
+        /**
+         * Constructor for Trinomial Polynomial Basis (TPB).
+         * @param m  The exponent <code>m</code> of
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         * @param k The integer <code>k</code> where <code>x<sup>m</sup> +
+         * x<sup>k</sup> + 1</code> represents the reduction
+         * polynomial <code>f(z)</code>.
+         * @param a The coefficient <code>a</code> in the Weierstrass equation
+         * for non-supersingular elliptic curves over
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         * @param b The coefficient <code>b</code> in the Weierstrass equation
+         * for non-supersingular elliptic curves over
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         * @deprecated use constructor taking order/cofactor
+         */
+        public F2m(
+            int m,
+            int k,
+            BigInteger a,
+            BigInteger b)
+        {
+            this(m, k, 0, 0, a, b, null, null);
+        }
+
+        /**
+         * Constructor for Trinomial Polynomial Basis (TPB).
+         * @param m  The exponent <code>m</code> of
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         * @param k The integer <code>k</code> where <code>x<sup>m</sup> +
+         * x<sup>k</sup> + 1</code> represents the reduction
+         * polynomial <code>f(z)</code>.
+         * @param a The coefficient <code>a</code> in the Weierstrass equation
+         * for non-supersingular elliptic curves over
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         * @param b The coefficient <code>b</code> in the Weierstrass equation
+         * for non-supersingular elliptic curves over
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         * @param order The order of the main subgroup of the elliptic curve.
+         * @param cofactor The cofactor of the elliptic curve, i.e.
+         * <code>#E<sub>a</sub>(F<sub>2<sup>m</sup></sub>) = h * n</code>.
+         */
+        public F2m(
+            int m, 
+            int k, 
+            BigInteger a, 
+            BigInteger b,
+            BigInteger order,
+            BigInteger cofactor)
+        {
+            this(m, k, 0, 0, a, b, order, cofactor);
+        }
+
+        /**
+         * Constructor for Pentanomial Polynomial Basis (PPB).
+         * @param m  The exponent <code>m</code> of
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         * @param k1 The integer <code>k1</code> where <code>x<sup>m</sup> +
+         * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>.
+         * @param k2 The integer <code>k2</code> where <code>x<sup>m</sup> +
+         * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>.
+         * @param k3 The integer <code>k3</code> where <code>x<sup>m</sup> +
+         * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>.
+         * @param a The coefficient <code>a</code> in the Weierstrass equation
+         * for non-supersingular elliptic curves over
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         * @param b The coefficient <code>b</code> in the Weierstrass equation
+         * for non-supersingular elliptic curves over
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         * @deprecated use constructor taking order/cofactor
+         */
+        public F2m(
+            int m,
+            int k1,
+            int k2,
+            int k3,
+            BigInteger a,
+            BigInteger b)
+        {
+            this(m, k1, k2, k3, a, b, null, null);
+        }
+
+        /**
+         * Constructor for Pentanomial Polynomial Basis (PPB).
+         * @param m  The exponent <code>m</code> of
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         * @param k1 The integer <code>k1</code> where <code>x<sup>m</sup> +
+         * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>.
+         * @param k2 The integer <code>k2</code> where <code>x<sup>m</sup> +
+         * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>.
+         * @param k3 The integer <code>k3</code> where <code>x<sup>m</sup> +
+         * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>.
+         * @param a The coefficient <code>a</code> in the Weierstrass equation
+         * for non-supersingular elliptic curves over
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         * @param b The coefficient <code>b</code> in the Weierstrass equation
+         * for non-supersingular elliptic curves over
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         * @param order The order of the main subgroup of the elliptic curve.
+         * @param cofactor The cofactor of the elliptic curve, i.e.
+         * <code>#E<sub>a</sub>(F<sub>2<sup>m</sup></sub>) = h * n</code>.
+         */
+        public F2m(
+            int m, 
+            int k1, 
+            int k2, 
+            int k3,
+            BigInteger a, 
+            BigInteger b,
+            BigInteger order,
+            BigInteger cofactor)
+        {
+            super(m, k1, k2, k3);
+
+            this.m = m;
+            this.k1 = k1;
+            this.k2 = k2;
+            this.k3 = k3;
+            this.order = order;
+            this.cofactor = cofactor;
+
+            this.infinity = new ECPoint.F2m(this, null, null, false);
+            this.a = fromBigInteger(a);
+            this.b = fromBigInteger(b);
+            this.coord = F2M_DEFAULT_COORDS;
+        }
+
+        protected F2m(int m, int k1, int k2, int k3, ECFieldElement a, ECFieldElement b, BigInteger order, BigInteger cofactor)
+        {
+            super(m, k1, k2, k3);
+
+            this.m = m;
+            this.k1 = k1;
+            this.k2 = k2;
+            this.k3 = k3;
+            this.order = order;
+            this.cofactor = cofactor;
+
+            this.infinity = new ECPoint.F2m(this, null, null, false);
+            this.a = a;
+            this.b = b;
+            this.coord = F2M_DEFAULT_COORDS;
+        }
+
+        protected ECCurve cloneCurve()
+        {
+            return new F2m(this.m, this.k1, this.k2, this.k3, this.a, this.b, this.order, this.cofactor);
+        }
+
+        public boolean supportsCoordinateSystem(int coord)
+        {
+            switch (coord)
+            {
+            case ECCurve.COORD_AFFINE:
+            case ECCurve.COORD_HOMOGENEOUS:
+            case ECCurve.COORD_LAMBDA_PROJECTIVE:
+                return true;
+            default:
+                return false;
+            }
+        }
+
+        protected ECMultiplier createDefaultMultiplier()
+        {
+            if (isKoblitz())
+            {
+                return new WTauNafMultiplier();
+            }
+
+            return super.createDefaultMultiplier();
+        }
+
+        public int getFieldSize()
+        {
+            return m;
+        }
+
+        public ECFieldElement fromBigInteger(BigInteger x)
+        {
+            return new ECFieldElement.F2m(this.m, this.k1, this.k2, this.k3, x);
+        }
+
+        protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
+        {
+            return new ECPoint.F2m(this, x, y, withCompression);
+        }
+
+        protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
+        {
+            return new ECPoint.F2m(this, x, y, zs, withCompression);
+        }
+
+        public ECPoint getInfinity()
+        {
+            return infinity;
+        }
+
+        public int getM()
+        {
+            return m;
+        }
+
+        /**
+         * Return true if curve uses a Trinomial basis.
+         * 
+         * @return true if curve Trinomial, false otherwise.
+         */
+        public boolean isTrinomial()
+        {
+            return k2 == 0 && k3 == 0;
+        }
+        
+        public int getK1()
+        {
+            return k1;
+        }
+
+        public int getK2()
+        {
+            return k2;
+        }
+
+        public int getK3()
+        {
+            return k3;
+        }
+
+        public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
+        {
+            final int FE_LONGS = (m + 63) >>> 6;
+            final int[] ks = isTrinomial() ? new int[]{ k1 } : new int[]{ k1, k2, k3 }; 
+
+            final long[] table = new long[len * FE_LONGS * 2];
+            {
+                int pos = 0;
+                for (int i = 0; i < len; ++i)
+                {
+                    ECPoint p = points[off + i];
+                    ((ECFieldElement.F2m)p.getRawXCoord()).x.copyTo(table, pos); pos += FE_LONGS;
+                    ((ECFieldElement.F2m)p.getRawYCoord()).x.copyTo(table, pos); pos += FE_LONGS;
+                }
+            }
+
+            return new ECLookupTable()
+            {
+                public int getSize()
+                {
+                    return len;
+                }
+
+                public ECPoint lookup(int index)
+                {
+                    long[] x = Nat.create64(FE_LONGS), y = Nat.create64(FE_LONGS);
+                    int pos = 0;
+
+                    for (int i = 0; i < len; ++i)
+                    {
+                        long MASK = ((i ^ index) - 1) >> 31;
+
+                        for (int j = 0; j < FE_LONGS; ++j)
+                        {
+                            x[j] ^= table[pos + j] & MASK;
+                            y[j] ^= table[pos + FE_LONGS + j] & MASK;
+                        }
+
+                        pos += (FE_LONGS * 2);
+                    }
+
+                    return createRawPoint(new ECFieldElement.F2m(m, ks, new LongArray(x)), new ECFieldElement.F2m(m, ks, new LongArray(y)), false);
+                }
+            };
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ECFieldElement.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ECFieldElement.java
new file mode 100644
index 0000000..4ef6a4a
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ECFieldElement.java

@@ -0,0 +1,931 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec;
+
+import java.math.BigInteger;
+import java.util.Random;
+
+import com.android.org.bouncycastle.math.raw.Mod;
+import com.android.org.bouncycastle.math.raw.Nat;
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.BigIntegers;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class ECFieldElement
+    implements ECConstants
+{
+    public abstract BigInteger     toBigInteger();
+    public abstract String         getFieldName();
+    public abstract int            getFieldSize();
+    public abstract ECFieldElement add(ECFieldElement b);
+    public abstract ECFieldElement addOne();
+    public abstract ECFieldElement subtract(ECFieldElement b);
+    public abstract ECFieldElement multiply(ECFieldElement b);
+    public abstract ECFieldElement divide(ECFieldElement b);
+    public abstract ECFieldElement negate();
+    public abstract ECFieldElement square();
+    public abstract ECFieldElement invert();
+    public abstract ECFieldElement sqrt();
+
+    public ECFieldElement()
+    {
+
+    }
+    
+    public int bitLength()
+    {
+        return toBigInteger().bitLength();
+    }
+
+    public boolean isOne()
+    {
+        return bitLength() == 1;
+    }
+
+    public boolean isZero()
+    {
+        return 0 == toBigInteger().signum();
+    }
+
+    public ECFieldElement multiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+    {
+        return multiply(b).subtract(x.multiply(y));
+    }
+
+    public ECFieldElement multiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+    {
+        return multiply(b).add(x.multiply(y));
+    }
+
+    public ECFieldElement squareMinusProduct(ECFieldElement x, ECFieldElement y)
+    {
+        return square().subtract(x.multiply(y));
+    }
+
+    public ECFieldElement squarePlusProduct(ECFieldElement x, ECFieldElement y)
+    {
+        return square().add(x.multiply(y));
+    }
+
+    public ECFieldElement squarePow(int pow)
+    {
+        ECFieldElement r = this;
+        for (int i = 0; i < pow; ++i)
+        {
+            r = r.square();
+        }
+        return r;
+    }
+
+    public boolean testBitZero()
+    {
+        return toBigInteger().testBit(0);
+    }
+
+    public String toString()
+    {
+        return this.toBigInteger().toString(16);
+    }
+
+    public byte[] getEncoded()
+    {
+        return BigIntegers.asUnsignedByteArray((getFieldSize() + 7) / 8, toBigInteger());
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static abstract class AbstractFp extends ECFieldElement
+    {
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Fp extends AbstractFp
+    {
+        BigInteger q, r, x;
+
+        static BigInteger calculateResidue(BigInteger p)
+        {
+            int bitLength = p.bitLength();
+            if (bitLength >= 96)
+            {
+                BigInteger firstWord = p.shiftRight(bitLength - 64);
+                if (firstWord.longValue() == -1L)
+                {
+                    return ONE.shiftLeft(bitLength).subtract(p);
+                }
+            }
+            return null;
+        }
+
+        /**
+         * @deprecated Use ECCurve.fromBigInteger to construct field elements
+         */
+        public Fp(BigInteger q, BigInteger x)
+        {
+            this(q, calculateResidue(q), x);
+        }
+
+        Fp(BigInteger q, BigInteger r, BigInteger x)
+        {
+            if (x == null || x.signum() < 0 || x.compareTo(q) >= 0)
+            {
+                throw new IllegalArgumentException("x value invalid in Fp field element");
+            }
+
+            this.q = q;
+            this.r = r;
+            this.x = x;
+        }
+
+        public BigInteger toBigInteger()
+        {
+            return x;
+        }
+
+        /**
+         * return the field name for this field.
+         *
+         * @return the string "Fp".
+         */
+        public String getFieldName()
+        {
+            return "Fp";
+        }
+
+        public int getFieldSize()
+        {
+            return q.bitLength();
+        }
+
+        public BigInteger getQ()
+        {
+            return q;
+        }
+
+        public ECFieldElement add(ECFieldElement b)
+        {
+            return new Fp(q, r, modAdd(x, b.toBigInteger()));
+        }
+
+        public ECFieldElement addOne()
+        {
+            BigInteger x2 = x.add(ECConstants.ONE);
+            if (x2.compareTo(q) == 0)
+            {
+                x2 = ECConstants.ZERO;
+            }
+            return new Fp(q, r, x2);
+        }
+
+        public ECFieldElement subtract(ECFieldElement b)
+        {
+            return new Fp(q, r, modSubtract(x, b.toBigInteger()));
+        }
+
+        public ECFieldElement multiply(ECFieldElement b)
+        {
+            return new Fp(q, r, modMult(x, b.toBigInteger()));
+        }
+
+        public ECFieldElement multiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            BigInteger ax = this.x, bx = b.toBigInteger(), xx = x.toBigInteger(), yx = y.toBigInteger();
+            BigInteger ab = ax.multiply(bx);
+            BigInteger xy = xx.multiply(yx);
+            return new Fp(q, r, modReduce(ab.subtract(xy)));
+        }
+
+        public ECFieldElement multiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            BigInteger ax = this.x, bx = b.toBigInteger(), xx = x.toBigInteger(), yx = y.toBigInteger();
+            BigInteger ab = ax.multiply(bx);
+            BigInteger xy = xx.multiply(yx);
+            return new Fp(q, r, modReduce(ab.add(xy)));
+        }
+
+        public ECFieldElement divide(ECFieldElement b)
+        {
+            return new Fp(q, r, modMult(x, modInverse(b.toBigInteger())));
+        }
+
+        public ECFieldElement negate()
+        {
+            return x.signum() == 0 ? this : new Fp(q, r, q.subtract(x));
+        }
+
+        public ECFieldElement square()
+        {
+            return new Fp(q, r, modMult(x, x));
+        }
+
+        public ECFieldElement squareMinusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            BigInteger ax = this.x, xx = x.toBigInteger(), yx = y.toBigInteger();
+            BigInteger aa = ax.multiply(ax);
+            BigInteger xy = xx.multiply(yx);
+            return new Fp(q, r, modReduce(aa.subtract(xy)));
+        }
+
+        public ECFieldElement squarePlusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            BigInteger ax = this.x, xx = x.toBigInteger(), yx = y.toBigInteger();
+            BigInteger aa = ax.multiply(ax);
+            BigInteger xy = xx.multiply(yx);
+            return new Fp(q, r, modReduce(aa.add(xy)));
+        }
+
+        public ECFieldElement invert()
+        {
+            // TODO Modular inversion can be faster for a (Generalized) Mersenne Prime.
+            return new Fp(q, r, modInverse(x));
+        }
+
+        // D.1.4 91
+        /**
+         * return a sqrt root - the routine verifies that the calculation
+         * returns the right value - if none exists it returns null.
+         */
+        public ECFieldElement sqrt()
+        {
+            if (this.isZero() || this.isOne()) // earlier JDK compatibility
+            {
+                return this;
+            }
+
+            if (!q.testBit(0))
+            {
+                throw new RuntimeException("not done yet");
+            }
+
+            // note: even though this class implements ECConstants don't be tempted to
+            // remove the explicit declaration, some J2ME environments don't cope.
+
+            if (q.testBit(1)) // q == 4m + 3
+            {
+                BigInteger e = q.shiftRight(2).add(ECConstants.ONE);
+                return checkSqrt(new Fp(q, r, x.modPow(e, q)));
+            }
+
+            if (q.testBit(2)) // q == 8m + 5
+            {
+                BigInteger t1 = x.modPow(q.shiftRight(3), q);
+                BigInteger t2 = modMult(t1, x);
+                BigInteger t3 = modMult(t2, t1);
+
+                if (t3.equals(ECConstants.ONE))
+                {
+                    return checkSqrt(new Fp(q, r, t2));
+                }
+
+                // TODO This is constant and could be precomputed
+                BigInteger t4 = ECConstants.TWO.modPow(q.shiftRight(2), q);
+
+                BigInteger y = modMult(t2, t4);
+
+                return checkSqrt(new Fp(q, r, y));
+            }
+
+            // q == 8m + 1
+
+            BigInteger legendreExponent = q.shiftRight(1);
+            if (!(x.modPow(legendreExponent, q).equals(ECConstants.ONE)))
+            {
+                return null;
+            }
+
+            BigInteger X = this.x;
+            BigInteger fourX = modDouble(modDouble(X));
+
+            BigInteger k = legendreExponent.add(ECConstants.ONE), qMinusOne = q.subtract(ECConstants.ONE);
+
+            BigInteger U, V;
+            Random rand = new Random();
+            do
+            {
+                BigInteger P;
+                do
+                {
+                    P = new BigInteger(q.bitLength(), rand);
+                }
+                while (P.compareTo(q) >= 0
+                    || !modReduce(P.multiply(P).subtract(fourX)).modPow(legendreExponent, q).equals(qMinusOne));
+
+                BigInteger[] result = lucasSequence(P, X, k);
+                U = result[0];
+                V = result[1];
+
+                if (modMult(V, V).equals(fourX))
+                {
+                    return new ECFieldElement.Fp(q, r, modHalfAbs(V));
+                }
+            }
+            while (U.equals(ECConstants.ONE) || U.equals(qMinusOne));
+
+            return null;
+        }
+
+        private ECFieldElement checkSqrt(ECFieldElement z)
+        {
+            return z.square().equals(this) ? z : null;
+        }
+
+        private BigInteger[] lucasSequence(
+            BigInteger  P,
+            BigInteger  Q,
+            BigInteger  k)
+        {
+            // TODO Research and apply "common-multiplicand multiplication here"
+
+            int n = k.bitLength();
+            int s = k.getLowestSetBit();
+
+            // assert k.testBit(s);
+
+            BigInteger Uh = ECConstants.ONE;
+            BigInteger Vl = ECConstants.TWO;
+            BigInteger Vh = P;
+            BigInteger Ql = ECConstants.ONE;
+            BigInteger Qh = ECConstants.ONE;
+
+            for (int j = n - 1; j >= s + 1; --j)
+            {
+                Ql = modMult(Ql, Qh);
+
+                if (k.testBit(j))
+                {
+                    Qh = modMult(Ql, Q);
+                    Uh = modMult(Uh, Vh);
+                    Vl = modReduce(Vh.multiply(Vl).subtract(P.multiply(Ql)));
+                    Vh = modReduce(Vh.multiply(Vh).subtract(Qh.shiftLeft(1)));
+                }
+                else
+                {
+                    Qh = Ql;
+                    Uh = modReduce(Uh.multiply(Vl).subtract(Ql));
+                    Vh = modReduce(Vh.multiply(Vl).subtract(P.multiply(Ql)));
+                    Vl = modReduce(Vl.multiply(Vl).subtract(Ql.shiftLeft(1)));
+                }
+            }
+
+            Ql = modMult(Ql, Qh);
+            Qh = modMult(Ql, Q);
+            Uh = modReduce(Uh.multiply(Vl).subtract(Ql));
+            Vl = modReduce(Vh.multiply(Vl).subtract(P.multiply(Ql)));
+            Ql = modMult(Ql, Qh);
+
+            for (int j = 1; j <= s; ++j)
+            {
+                Uh = modMult(Uh, Vl);
+                Vl = modReduce(Vl.multiply(Vl).subtract(Ql.shiftLeft(1)));
+                Ql = modMult(Ql, Ql);
+            }
+
+            return new BigInteger[]{ Uh, Vl };
+        }
+
+        protected BigInteger modAdd(BigInteger x1, BigInteger x2)
+        {
+            BigInteger x3 = x1.add(x2);
+            if (x3.compareTo(q) >= 0)
+            {
+                x3 = x3.subtract(q);
+            }
+            return x3;
+        }
+
+        protected BigInteger modDouble(BigInteger x)
+        {
+            BigInteger _2x = x.shiftLeft(1);
+            if (_2x.compareTo(q) >= 0)
+            {
+                _2x = _2x.subtract(q);
+            }
+            return _2x;
+        }
+
+        protected BigInteger modHalf(BigInteger x)
+        {
+            if (x.testBit(0))
+            {
+                x = q.add(x);
+            }
+            return x.shiftRight(1);
+        }
+
+        protected BigInteger modHalfAbs(BigInteger x)
+        {
+            if (x.testBit(0))
+            {
+                x = q.subtract(x);
+            }
+            return x.shiftRight(1);
+        }
+
+        protected BigInteger modInverse(BigInteger x)
+        {
+            int bits = getFieldSize();
+            int len = (bits + 31) >> 5;
+            int[] p = Nat.fromBigInteger(bits, q);
+            int[] n = Nat.fromBigInteger(bits, x);
+            int[] z = Nat.create(len);
+            Mod.invert(p, n, z);
+            return Nat.toBigInteger(len, z);
+        }
+
+        protected BigInteger modMult(BigInteger x1, BigInteger x2)
+        {
+            return modReduce(x1.multiply(x2));
+        }
+
+        protected BigInteger modReduce(BigInteger x)
+        {
+            if (r != null)
+            {
+                boolean negative = x.signum() < 0;
+                if (negative)
+                {
+                    x = x.abs();
+                }
+                int qLen = q.bitLength();
+                boolean rIsOne = r.equals(ECConstants.ONE);
+                while (x.bitLength() > (qLen + 1))
+                {
+                    BigInteger u = x.shiftRight(qLen);
+                    BigInteger v = x.subtract(u.shiftLeft(qLen));
+                    if (!rIsOne)
+                    {
+                        u = u.multiply(r);
+                    }
+                    x = u.add(v); 
+                }
+                while (x.compareTo(q) >= 0)
+                {
+                    x = x.subtract(q);
+                }
+                if (negative && x.signum() != 0)
+                {
+                    x = q.subtract(x);
+                }
+            }
+            else
+            {
+                x = x.mod(q);
+            }
+            return x;
+        }
+
+        protected BigInteger modSubtract(BigInteger x1, BigInteger x2)
+        {
+            BigInteger x3 = x1.subtract(x2);
+            if (x3.signum() < 0)
+            {
+                x3 = x3.add(q);
+            }
+            return x3;
+        }
+
+        public boolean equals(Object other)
+        {
+            if (other == this)
+            {
+                return true;
+            }
+
+            if (!(other instanceof ECFieldElement.Fp))
+            {
+                return false;
+            }
+            
+            ECFieldElement.Fp o = (ECFieldElement.Fp)other;
+            return q.equals(o.q) && x.equals(o.x);
+        }
+
+        public int hashCode()
+        {
+            return q.hashCode() ^ x.hashCode();
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static abstract class AbstractF2m extends ECFieldElement
+    {
+        public ECFieldElement halfTrace()
+        {
+            int m = this.getFieldSize();
+            if ((m & 1) == 0)
+            {
+                throw new IllegalStateException("Half-trace only defined for odd m");
+            }
+
+            ECFieldElement fe = this;
+            ECFieldElement ht = fe;
+            for (int i = 2; i < m; i += 2)
+            {
+                fe = fe.squarePow(2);
+                ht = ht.add(fe);
+            }
+
+            return ht;
+        }
+
+        public int trace()
+        {
+            int m = this.getFieldSize();
+            ECFieldElement fe = this;
+            ECFieldElement tr = fe;
+            for (int i = 1; i < m; ++i)
+            {
+                fe = fe.square();
+                tr = tr.add(fe);
+            }
+            if (tr.isZero())
+            {
+                return 0;
+            }
+            if (tr.isOne())
+            {
+                return 1;
+            }
+            throw new IllegalStateException("Internal error in trace calculation");
+        }
+    }
+
+    /**
+     * Class representing the Elements of the finite field
+     * <code>F<sub>2<sup>m</sup></sub></code> in polynomial basis (PB)
+     * representation. Both trinomial (TPB) and pentanomial (PPB) polynomial
+     * basis representations are supported. Gaussian normal basis (GNB)
+     * representation is not supported.
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class F2m extends AbstractF2m
+    {
+        /**
+         * Indicates gaussian normal basis representation (GNB). Number chosen
+         * according to X9.62. GNB is not implemented at present.
+         */
+        public static final int GNB = 1;
+
+        /**
+         * Indicates trinomial basis representation (TPB). Number chosen
+         * according to X9.62.
+         */
+        public static final int TPB = 2;
+
+        /**
+         * Indicates pentanomial basis representation (PPB). Number chosen
+         * according to X9.62.
+         */
+        public static final int PPB = 3;
+
+        /**
+         * TPB or PPB.
+         */
+        private int representation;
+
+        /**
+         * The exponent <code>m</code> of <code>F<sub>2<sup>m</sup></sub></code>.
+         */
+        private int m;
+
+        private int[] ks;
+
+        /**
+         * The <code>LongArray</code> holding the bits.
+         */
+        LongArray x;
+
+        /**
+         * Constructor for PPB.
+         * @param m  The exponent <code>m</code> of
+         * <code>F<sub>2<sup>m</sup></sub></code>.
+         * @param k1 The integer <code>k1</code> where <code>x<sup>m</sup> +
+         * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>.
+         * @param k2 The integer <code>k2</code> where <code>x<sup>m</sup> +
+         * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>.
+         * @param k3 The integer <code>k3</code> where <code>x<sup>m</sup> +
+         * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>.
+         * @param x The BigInteger representing the value of the field element.
+         * @deprecated Use ECCurve.fromBigInteger to construct field elements
+         */
+        public F2m(
+            int m, 
+            int k1, 
+            int k2, 
+            int k3,
+            BigInteger x)
+        {
+            if (x == null || x.signum() < 0 || x.bitLength() > m)
+            {
+                throw new IllegalArgumentException("x value invalid in F2m field element");
+            }
+
+            if ((k2 == 0) && (k3 == 0))
+            {
+                this.representation = TPB;
+                this.ks = new int[]{ k1 }; 
+            }
+            else
+            {
+                if (k2 >= k3)
+                {
+                    throw new IllegalArgumentException(
+                            "k2 must be smaller than k3");
+                }
+                if (k2 <= 0)
+                {
+                    throw new IllegalArgumentException(
+                            "k2 must be larger than 0");
+                }
+                this.representation = PPB;
+                this.ks = new int[]{ k1, k2, k3 }; 
+            }
+
+            this.m = m;
+            this.x = new LongArray(x);
+        }
+
+        F2m(int m, int[] ks, LongArray x)
+        {
+            this.m = m;
+            this.representation = (ks.length == 1) ? TPB : PPB;
+            this.ks = ks;
+            this.x = x;
+        }
+
+        public int bitLength()
+        {
+            return x.degree();
+        }
+
+        public boolean isOne()
+        {
+            return x.isOne();
+        }
+
+        public boolean isZero()
+        {
+            return x.isZero();
+        }
+
+        public boolean testBitZero()
+        {
+            return x.testBitZero();
+        }
+
+        public BigInteger toBigInteger()
+        {
+            return x.toBigInteger();
+        }
+
+        public String getFieldName()
+        {
+            return "F2m";
+        }
+
+        public int getFieldSize()
+        {
+            return m;
+        }
+
+        /**
+         * Checks, if the ECFieldElements <code>a</code> and <code>b</code>
+         * are elements of the same field <code>F<sub>2<sup>m</sup></sub></code>
+         * (having the same representation).
+         * @param a field element.
+         * @param b field element to be compared.
+         * @throws IllegalArgumentException if <code>a</code> and <code>b</code>
+         * are not elements of the same field
+         * <code>F<sub>2<sup>m</sup></sub></code> (having the same
+         * representation). 
+         */
+        public static void checkFieldElements(
+            ECFieldElement a,
+            ECFieldElement b)
+        {
+            if ((!(a instanceof F2m)) || (!(b instanceof F2m)))
+            {
+                throw new IllegalArgumentException("Field elements are not "
+                        + "both instances of ECFieldElement.F2m");
+            }
+
+            ECFieldElement.F2m aF2m = (ECFieldElement.F2m)a;
+            ECFieldElement.F2m bF2m = (ECFieldElement.F2m)b;
+
+            if (aF2m.representation != bF2m.representation)
+            {
+                // Should never occur
+                throw new IllegalArgumentException("One of the F2m field elements has incorrect representation");
+            }
+
+            if ((aF2m.m != bF2m.m) || !Arrays.areEqual(aF2m.ks, bF2m.ks))
+            {
+                throw new IllegalArgumentException("Field elements are not elements of the same field F2m");
+            }
+        }
+
+        public ECFieldElement add(final ECFieldElement b)
+        {
+            // No check performed here for performance reasons. Instead the
+            // elements involved are checked in ECPoint.F2m
+            // checkFieldElements(this, b);
+            LongArray iarrClone = (LongArray)this.x.clone();
+            F2m bF2m = (F2m)b;
+            iarrClone.addShiftedByWords(bF2m.x, 0);
+            return new F2m(m, ks, iarrClone);
+        }
+
+        public ECFieldElement addOne()
+        {
+            return new F2m(m, ks, x.addOne());
+        }
+
+        public ECFieldElement subtract(final ECFieldElement b)
+        {
+            // Addition and subtraction are the same in F2m
+            return add(b);
+        }
+
+        public ECFieldElement multiply(final ECFieldElement b)
+        {
+            // Right-to-left comb multiplication in the LongArray
+            // Input: Binary polynomials a(z) and b(z) of degree at most m-1
+            // Output: c(z) = a(z) * b(z) mod f(z)
+
+            // No check performed here for performance reasons. Instead the
+            // elements involved are checked in ECPoint.F2m
+            // checkFieldElements(this, b);
+            return new F2m(m, ks, x.modMultiply(((F2m)b).x, m, ks));
+        }
+
+        public ECFieldElement multiplyMinusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            return multiplyPlusProduct(b, x, y);
+        }
+
+        public ECFieldElement multiplyPlusProduct(ECFieldElement b, ECFieldElement x, ECFieldElement y)
+        {
+            LongArray ax = this.x, bx = ((F2m)b).x, xx = ((F2m)x).x, yx = ((F2m)y).x;
+
+            LongArray ab = ax.multiply(bx, m, ks);
+            LongArray xy = xx.multiply(yx, m, ks);
+
+            if (ab == ax || ab == bx)
+            {
+                ab = (LongArray)ab.clone();
+            }
+
+            ab.addShiftedByWords(xy, 0);
+            ab.reduce(m, ks);
+
+            return new F2m(m, ks, ab);
+        }
+
+        public ECFieldElement divide(final ECFieldElement b)
+        {
+            // There may be more efficient implementations
+            ECFieldElement bInv = b.invert();
+            return multiply(bInv);
+        }
+
+        public ECFieldElement negate()
+        {
+            // -x == x holds for all x in F2m
+            return this;
+        }
+
+        public ECFieldElement square()
+        {
+            return new F2m(m, ks, x.modSquare(m, ks));
+        }
+
+        public ECFieldElement squareMinusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            return squarePlusProduct(x, y);
+        }
+
+        public ECFieldElement squarePlusProduct(ECFieldElement x, ECFieldElement y)
+        {
+            LongArray ax = this.x, xx = ((F2m)x).x, yx = ((F2m)y).x;
+
+            LongArray aa = ax.square(m, ks);
+            LongArray xy = xx.multiply(yx, m, ks);
+
+            if (aa == ax)
+            {
+                aa = (LongArray)aa.clone();
+            }
+
+            aa.addShiftedByWords(xy, 0);
+            aa.reduce(m, ks);
+
+            return new F2m(m, ks, aa);
+        }
+
+        public ECFieldElement squarePow(int pow)
+        {
+            return pow < 1 ? this : new F2m(m, ks, x.modSquareN(pow, m, ks));
+        }
+
+        public ECFieldElement invert()
+        {
+            return new ECFieldElement.F2m(this.m, this.ks, this.x.modInverse(m, ks));
+        }
+
+        public ECFieldElement sqrt()
+        {
+            return (x.isZero() || x.isOne()) ? this : squarePow(m - 1);
+        }
+
+        /**
+         * @return the representation of the field
+         * <code>F<sub>2<sup>m</sup></sub></code>, either of
+         * TPB (trinomial
+         * basis representation) or
+         * PPB (pentanomial
+         * basis representation).
+         */
+        public int getRepresentation()
+        {
+            return this.representation;
+        }
+
+        /**
+         * @return the degree <code>m</code> of the reduction polynomial
+         * <code>f(z)</code>.
+         */
+        public int getM()
+        {
+            return this.m;
+        }
+
+        /**
+         * @return TPB: The integer <code>k</code> where <code>x<sup>m</sup> +
+         * x<sup>k</sup> + 1</code> represents the reduction polynomial
+         * <code>f(z)</code>.<br>
+         * PPB: The integer <code>k1</code> where <code>x<sup>m</sup> +
+         * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>.<br>
+         */
+        public int getK1()
+        {
+            return this.ks[0];
+        }
+
+        /**
+         * @return TPB: Always returns <code>0</code><br>
+         * PPB: The integer <code>k2</code> where <code>x<sup>m</sup> +
+         * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>.<br>
+         */
+        public int getK2()
+        {
+            return this.ks.length >= 2 ? this.ks[1] : 0;
+        }
+
+        /**
+         * @return TPB: Always set to <code>0</code><br>
+         * PPB: The integer <code>k3</code> where <code>x<sup>m</sup> +
+         * x<sup>k3</sup> + x<sup>k2</sup> + x<sup>k1</sup> + 1</code>
+         * represents the reduction polynomial <code>f(z)</code>.<br>
+         */
+        public int getK3()
+        {
+            return this.ks.length >= 3 ? this.ks[2] : 0;
+        }
+
+        public boolean equals(Object anObject)
+        {
+            if (anObject == this) 
+            {
+                return true;
+            }
+
+            if (!(anObject instanceof ECFieldElement.F2m)) 
+            {
+                return false;
+            }
+
+            ECFieldElement.F2m b = (ECFieldElement.F2m)anObject;
+            
+            return ((this.m == b.m)
+                && (this.representation == b.representation)
+                && Arrays.areEqual(this.ks, b.ks)
+                && (this.x.equals(b.x)));
+        }
+
+        public int hashCode()
+        {
+            return x.hashCode() ^ m ^ Arrays.hashCode(ks);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ECLookupTable.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ECLookupTable.java
new file mode 100644
index 0000000..bc9e505
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ECLookupTable.java

@@ -0,0 +1,11 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface ECLookupTable
+{
+    int getSize();
+    ECPoint lookup(int index);
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ECMultiplier.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ECMultiplier.java
new file mode 100644
index 0000000..a4ec8c5
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ECMultiplier.java

@@ -0,0 +1,21 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec;
+
+import java.math.BigInteger;
+
+/**
+ * Interface for classes encapsulating a point multiplication algorithm
+ * for <code>ECPoint</code>s.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface ECMultiplier
+{
+    /**
+     * Multiplies the <code>ECPoint p</code> by <code>k</code>, i.e.
+     * <code>p</code> is added <code>k</code> times to itself.
+     * @param p The <code>ECPoint</code> to be multiplied.
+     * @param k The factor by which <code>p</code> is multiplied.
+     * @return <code>p</code> multiplied by <code>k</code>.
+     */
+    ECPoint multiply(ECPoint p, BigInteger k);
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ECPoint.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ECPoint.java
new file mode 100644
index 0000000..5505f04
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ECPoint.java

@@ -0,0 +1,2144 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec;
+
+import java.math.BigInteger;
+import java.util.Hashtable;
+
+/**
+ * base class for points on elliptic curves.
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class ECPoint
+{
+    protected final static ECFieldElement[] EMPTY_ZS = new ECFieldElement[0];
+
+    protected static ECFieldElement[] getInitialZCoords(ECCurve curve)
+    {
+        // Cope with null curve, most commonly used by implicitlyCa
+        int coord = null == curve ? ECCurve.COORD_AFFINE : curve.getCoordinateSystem();
+
+        switch (coord)
+        {
+        case ECCurve.COORD_AFFINE:
+        case ECCurve.COORD_LAMBDA_AFFINE:
+            return EMPTY_ZS;
+        default:
+            break;
+        }
+
+        ECFieldElement one = curve.fromBigInteger(ECConstants.ONE);
+
+        switch (coord)
+        {
+        case ECCurve.COORD_HOMOGENEOUS:
+        case ECCurve.COORD_JACOBIAN:
+        case ECCurve.COORD_LAMBDA_PROJECTIVE:
+            return new ECFieldElement[]{ one };
+        case ECCurve.COORD_JACOBIAN_CHUDNOVSKY:
+            return new ECFieldElement[]{ one, one, one };
+        case ECCurve.COORD_JACOBIAN_MODIFIED:
+            return new ECFieldElement[]{ one, curve.getA() };
+        default:
+            throw new IllegalArgumentException("unknown coordinate system");
+        }
+    }
+
+    protected ECCurve curve;
+    protected ECFieldElement x;
+    protected ECFieldElement y;
+    protected ECFieldElement[] zs;
+
+    protected boolean withCompression;
+
+    // Hashtable is (String -> PreCompInfo)
+    protected Hashtable preCompTable = null;
+
+    protected ECPoint(ECCurve curve, ECFieldElement x, ECFieldElement y)
+    {
+        this(curve, x, y, getInitialZCoords(curve));
+    }
+
+    protected ECPoint(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs)
+    {
+        this.curve = curve;
+        this.x = x;
+        this.y = y;
+        this.zs = zs;
+    }
+
+    protected abstract boolean satisfiesCurveEquation();
+
+    protected boolean satisfiesOrder()
+    {
+        if (ECConstants.ONE.equals(curve.getCofactor()))
+        {
+            return true;
+        }
+
+        BigInteger n = curve.getOrder();
+
+        // TODO Require order to be available for all curves
+
+        return n == null || ECAlgorithms.referenceMultiply(this, n).isInfinity();
+    }
+
+    public final ECPoint getDetachedPoint()
+    {
+        return normalize().detach();
+    }
+
+    public ECCurve getCurve()
+    {
+        return curve;
+    }
+
+    protected abstract ECPoint detach();
+
+    protected int getCurveCoordinateSystem()
+    {
+        // Cope with null curve, most commonly used by implicitlyCa
+        return null == curve ? ECCurve.COORD_AFFINE : curve.getCoordinateSystem();
+    }
+
+    /**
+     * Returns the affine x-coordinate after checking that this point is normalized.
+     * 
+     * @return The affine x-coordinate of this point
+     * @throws IllegalStateException if the point is not normalized
+     */
+    public ECFieldElement getAffineXCoord()
+    {
+        checkNormalized();
+        return getXCoord();
+    }
+
+    /**
+     * Returns the affine y-coordinate after checking that this point is normalized
+     * 
+     * @return The affine y-coordinate of this point
+     * @throws IllegalStateException if the point is not normalized
+     */
+    public ECFieldElement getAffineYCoord()
+    {
+        checkNormalized();
+        return getYCoord();
+    }
+
+    /**
+     * Returns the x-coordinate.
+     * 
+     * Caution: depending on the curve's coordinate system, this may not be the same value as in an
+     * affine coordinate system; use normalize() to get a point where the coordinates have their
+     * affine values, or use getAffineXCoord() if you expect the point to already have been
+     * normalized.
+     * 
+     * @return the x-coordinate of this point
+     */
+    public ECFieldElement getXCoord()
+    {
+        return x;
+    }
+
+    /**
+     * Returns the y-coordinate.
+     * 
+     * Caution: depending on the curve's coordinate system, this may not be the same value as in an
+     * affine coordinate system; use normalize() to get a point where the coordinates have their
+     * affine values, or use getAffineYCoord() if you expect the point to already have been
+     * normalized.
+     * 
+     * @return the y-coordinate of this point
+     */
+    public ECFieldElement getYCoord()
+    {
+        return y;
+    }
+
+    public ECFieldElement getZCoord(int index)
+    {
+        return (index < 0 || index >= zs.length) ? null : zs[index];
+    }
+
+    public ECFieldElement[] getZCoords()
+    {
+        int zsLen = zs.length;
+        if (zsLen == 0)
+        {
+            return EMPTY_ZS;
+        }
+        ECFieldElement[] copy = new ECFieldElement[zsLen];
+        System.arraycopy(zs, 0, copy, 0, zsLen);
+        return copy;
+    }
+
+    public final ECFieldElement getRawXCoord()
+    {
+        return x;
+    }
+
+    public final ECFieldElement getRawYCoord()
+    {
+        return y;
+    }
+
+    protected final ECFieldElement[] getRawZCoords()
+    {
+        return zs;
+    }
+
+    protected void checkNormalized()
+    {
+        if (!isNormalized())
+        {
+            throw new IllegalStateException("point not in normal form");
+        }
+    }
+
+    public boolean isNormalized()
+    {
+        int coord = this.getCurveCoordinateSystem();
+
+        return coord == ECCurve.COORD_AFFINE
+            || coord == ECCurve.COORD_LAMBDA_AFFINE
+            || isInfinity()
+            || zs[0].isOne();
+    }
+
+    /**
+     * Normalization ensures that any projective coordinate is 1, and therefore that the x, y
+     * coordinates reflect those of the equivalent point in an affine coordinate system.
+     * 
+     * @return a new ECPoint instance representing the same point, but with normalized coordinates
+     */
+    public ECPoint normalize()
+    {
+        if (this.isInfinity())
+        {
+            return this;
+        }
+
+        switch (this.getCurveCoordinateSystem())
+        {
+        case ECCurve.COORD_AFFINE:
+        case ECCurve.COORD_LAMBDA_AFFINE:
+        {
+            return this;
+        }
+        default:
+        {
+            ECFieldElement Z1 = getZCoord(0);
+            if (Z1.isOne())
+            {
+                return this;
+            }
+
+            return normalize(Z1.invert());
+        }
+        }
+    }
+
+    ECPoint normalize(ECFieldElement zInv)
+    {
+        switch (this.getCurveCoordinateSystem())
+        {
+        case ECCurve.COORD_HOMOGENEOUS:
+        case ECCurve.COORD_LAMBDA_PROJECTIVE:
+        {
+            return createScaledPoint(zInv, zInv);
+        }
+        case ECCurve.COORD_JACOBIAN:
+        case ECCurve.COORD_JACOBIAN_CHUDNOVSKY:
+        case ECCurve.COORD_JACOBIAN_MODIFIED:
+        {
+            ECFieldElement zInv2 = zInv.square(), zInv3 = zInv2.multiply(zInv);
+            return createScaledPoint(zInv2, zInv3);
+        }
+        default:
+        {
+            throw new IllegalStateException("not a projective coordinate system");
+        }
+        }
+    }
+
+    protected ECPoint createScaledPoint(ECFieldElement sx, ECFieldElement sy)
+    {
+        return this.getCurve().createRawPoint(getRawXCoord().multiply(sx), getRawYCoord().multiply(sy), this.withCompression);
+    }
+
+    public boolean isInfinity()
+    {
+        return x == null || y == null || (zs.length > 0 && zs[0].isZero());
+    }
+
+    /**
+     * @deprecated per-point compression property will be removed, refer {@link #getEncoded(boolean)}
+     */
+    public boolean isCompressed()
+    {
+        return this.withCompression;
+    }
+
+    public boolean isValid()
+    {
+        return implIsValid(false, true);
+    }
+
+    boolean isValidPartial()
+    {
+        return implIsValid(false, false);
+    }
+
+    boolean implIsValid(final boolean decompressed, final boolean checkOrder)
+    {
+        if (isInfinity())
+        {
+            return true;
+        }
+
+        ValidityPrecompInfo validity = (ValidityPrecompInfo)getCurve().precompute(this, ValidityPrecompInfo.PRECOMP_NAME, new PreCompCallback()
+        {
+            public PreCompInfo precompute(PreCompInfo existing)
+            {
+                ValidityPrecompInfo info = (existing instanceof ValidityPrecompInfo) ? (ValidityPrecompInfo)existing : null;
+                if (info == null)
+                {
+                    info = new ValidityPrecompInfo();
+                }
+
+                if (info.hasFailed())
+                {
+                    return info;
+                }
+                if (!info.hasCurveEquationPassed())
+                {
+                    if (!decompressed && !satisfiesCurveEquation())
+                    {
+                        info.reportFailed();
+                        return info;
+                    }
+                    info.reportCurveEquationPassed();
+                }
+                if (checkOrder && !info.hasOrderPassed())
+                {
+                    if (!satisfiesOrder())
+                    {
+                        info.reportFailed();
+                        return info;
+                    }
+                    info.reportOrderPassed();
+                }
+                return info;
+            }
+        });
+
+        return !validity.hasFailed();
+    }
+
+    public ECPoint scaleX(ECFieldElement scale)
+    {
+        return isInfinity()
+            ?   this
+            :   getCurve().createRawPoint(getRawXCoord().multiply(scale), getRawYCoord(), getRawZCoords(), this.withCompression);
+    }
+
+    public ECPoint scaleY(ECFieldElement scale)
+    {
+        return isInfinity()
+            ?   this
+            :   getCurve().createRawPoint(getRawXCoord(), getRawYCoord().multiply(scale), getRawZCoords(), this.withCompression);
+    }
+
+    public boolean equals(ECPoint other)
+    {
+        if (null == other)
+        {
+            return false;
+        }
+
+        ECCurve c1 = this.getCurve(), c2 = other.getCurve();
+        boolean n1 = (null == c1), n2 = (null == c2);
+        boolean i1 = isInfinity(), i2 = other.isInfinity();
+
+        if (i1 || i2)
+        {
+            return (i1 && i2) && (n1 || n2 || c1.equals(c2));
+        }
+
+        ECPoint p1 = this, p2 = other;
+        if (n1 && n2)
+        {
+            // Points with null curve are in affine form, so already normalized
+        }
+        else if (n1)
+        {
+            p2 = p2.normalize();
+        }
+        else if (n2)
+        {
+            p1 = p1.normalize();
+        }
+        else if (!c1.equals(c2))
+        {
+            return false;
+        }
+        else
+        {
+            // TODO Consider just requiring already normalized, to avoid silent performance degradation
+
+            ECPoint[] points = new ECPoint[]{ this, c1.importPoint(p2) };
+
+            // TODO This is a little strong, really only requires coZNormalizeAll to get Zs equal
+            c1.normalizeAll(points);
+
+            p1 = points[0];
+            p2 = points[1];
+        }
+
+        return p1.getXCoord().equals(p2.getXCoord()) && p1.getYCoord().equals(p2.getYCoord());
+    }
+
+    public boolean equals(Object other)
+    {
+        if (other == this)
+        {
+            return true;
+        }
+
+        if (!(other instanceof ECPoint))
+        {
+            return false;
+        }
+
+        return equals((ECPoint)other);
+    }
+
+    public int hashCode()
+    {
+        ECCurve c = this.getCurve();
+        int hc = (null == c) ? 0 : ~c.hashCode();
+
+        if (!this.isInfinity())
+        {
+            // TODO Consider just requiring already normalized, to avoid silent performance degradation
+
+            ECPoint p = normalize();
+
+            hc ^= p.getXCoord().hashCode() * 17;
+            hc ^= p.getYCoord().hashCode() * 257;
+        }
+
+        return hc;
+    }
+
+    public String toString()
+    {
+        if (this.isInfinity())
+        {
+            return "INF";
+        }
+
+        StringBuffer sb = new StringBuffer();
+        sb.append('(');
+        sb.append(getRawXCoord());
+        sb.append(',');
+        sb.append(getRawYCoord());
+        for (int i = 0; i < zs.length; ++i)
+        {
+            sb.append(',');
+            sb.append(zs[i]);
+        }
+        sb.append(')');
+        return sb.toString();
+    }
+
+    /**
+     * @deprecated per-point compression property will be removed, refer {@link #getEncoded(boolean)}
+     * @return a byte encoding.
+     */
+    public byte[] getEncoded()
+    {
+        return getEncoded(this.withCompression);
+    }
+
+    /**
+     * Get an encoding of the point value, optionally in compressed format.
+     * 
+     * @param compressed whether to generate a compressed point encoding.
+     * @return the point encoding
+     */
+    public byte[] getEncoded(boolean compressed)
+    {
+        if (this.isInfinity())
+        {
+            return new byte[1];
+        }
+
+        ECPoint normed = normalize();
+
+        byte[] X = normed.getXCoord().getEncoded();
+
+        if (compressed)
+        {
+            byte[] PO = new byte[X.length + 1];
+            PO[0] = (byte)(normed.getCompressionYTilde() ? 0x03 : 0x02);
+            System.arraycopy(X, 0, PO, 1, X.length);
+            return PO;
+        }
+
+        byte[] Y = normed.getYCoord().getEncoded();
+
+        byte[] PO = new byte[X.length + Y.length + 1];
+        PO[0] = 0x04;
+        System.arraycopy(X, 0, PO, 1, X.length);
+        System.arraycopy(Y, 0, PO, X.length + 1, Y.length);
+        return PO;
+    }
+
+    protected abstract boolean getCompressionYTilde();
+
+    public abstract ECPoint add(ECPoint b);
+
+    public abstract ECPoint negate();
+
+    public abstract ECPoint subtract(ECPoint b);
+
+    public ECPoint timesPow2(int e)
+    {
+        if (e < 0)
+        {
+            throw new IllegalArgumentException("'e' cannot be negative");
+        }
+
+        ECPoint p = this;
+        while (--e >= 0)
+        {
+            p = p.twice();
+        }
+        return p;
+    }
+
+    public abstract ECPoint twice();
+
+    public ECPoint twicePlus(ECPoint b)
+    {
+        return twice().add(b);
+    }
+
+    public ECPoint threeTimes()
+    {
+        return twicePlus(this);
+    }
+
+    /**
+     * Multiplies this <code>ECPoint</code> by the given number.
+     * @param k The multiplicator.
+     * @return <code>k * this</code>.
+     */
+    public ECPoint multiply(BigInteger k)
+    {
+        return this.getCurve().getMultiplier().multiply(this, k);
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static abstract class AbstractFp extends ECPoint
+    {
+        protected AbstractFp(ECCurve curve, ECFieldElement x, ECFieldElement y)
+        {
+            super(curve, x, y);
+        }
+
+        protected AbstractFp(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs)
+        {
+            super(curve, x, y, zs);
+        }
+
+        protected boolean getCompressionYTilde()
+        {
+            return this.getAffineYCoord().testBitZero();
+        }
+
+        protected boolean satisfiesCurveEquation()
+        {
+            ECFieldElement X = this.x, Y = this.y, A = curve.getA(), B = curve.getB();
+            ECFieldElement lhs = Y.square();
+
+            switch (this.getCurveCoordinateSystem())
+            {
+            case ECCurve.COORD_AFFINE:
+                break;
+            case ECCurve.COORD_HOMOGENEOUS:
+            {
+                ECFieldElement Z = this.zs[0];
+                if (!Z.isOne())
+                {
+                    ECFieldElement Z2 = Z.square(), Z3 = Z.multiply(Z2);
+                    lhs = lhs.multiply(Z);
+                    A = A.multiply(Z2);
+                    B = B.multiply(Z3);
+                }
+                break;
+            }
+            case ECCurve.COORD_JACOBIAN:
+            case ECCurve.COORD_JACOBIAN_CHUDNOVSKY:
+            case ECCurve.COORD_JACOBIAN_MODIFIED:
+            {
+                ECFieldElement Z = this.zs[0];
+                if (!Z.isOne())
+                {
+                    ECFieldElement Z2 = Z.square(), Z4 = Z2.square(), Z6 = Z2.multiply(Z4);
+                    A = A.multiply(Z4);
+                    B = B.multiply(Z6);
+                }
+                break;
+            }
+            default:
+                throw new IllegalStateException("unsupported coordinate system");
+            }
+
+            ECFieldElement rhs = X.square().add(A).multiply(X).add(B);
+            return lhs.equals(rhs);
+        }
+
+        public ECPoint subtract(ECPoint b)
+        {
+            if (b.isInfinity())
+            {
+                return this;
+            }
+
+            // Add -b
+            return this.add(b.negate());
+        }
+    }
+
+    /**
+     * Elliptic curve points over Fp
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Fp extends AbstractFp
+    {
+        /**
+         * Create a point that encodes with or without point compression.
+         * 
+         * @param curve the curve to use
+         * @param x affine x co-ordinate
+         * @param y affine y co-ordinate
+         * @param withCompression if true encode with point compression
+         * 
+         * @deprecated per-point compression property will be removed, refer {@link #getEncoded(boolean)}
+         */
+        public Fp(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
+        {
+            super(curve, x, y);
+
+            if ((x == null) != (y == null))
+            {
+                throw new IllegalArgumentException("Exactly one of the field elements is null");
+            }
+
+            this.withCompression = withCompression;
+        }
+
+        Fp(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
+        {
+            super(curve, x, y, zs);
+
+            this.withCompression = withCompression;
+        }
+
+        protected ECPoint detach()
+        {
+            return new ECPoint.Fp(null, this.getAffineXCoord(), this.getAffineYCoord(), false);
+        }
+
+        public ECFieldElement getZCoord(int index)
+        {
+            if (index == 1 && ECCurve.COORD_JACOBIAN_MODIFIED == this.getCurveCoordinateSystem())
+            {
+                return getJacobianModifiedW();
+            }
+
+            return super.getZCoord(index);
+        }
+
+        // B.3 pg 62
+        public ECPoint add(ECPoint b)
+        {
+            if (this.isInfinity())
+            {
+                return b;
+            }
+            if (b.isInfinity())
+            {
+                return this;
+            }
+            if (this == b)
+            {
+                return twice();
+            }
+
+            ECCurve curve = this.getCurve();
+            int coord = curve.getCoordinateSystem();
+
+            ECFieldElement X1 = this.x, Y1 = this.y;
+            ECFieldElement X2 = b.x, Y2 = b.y;
+
+            switch (coord)
+            {
+            case ECCurve.COORD_AFFINE:
+            {
+                ECFieldElement dx = X2.subtract(X1), dy = Y2.subtract(Y1);
+
+                if (dx.isZero())
+                {
+                    if (dy.isZero())
+                    {
+                        // this == b, i.e. this must be doubled
+                        return twice();
+                    }
+
+                    // this == -b, i.e. the result is the point at infinity
+                    return curve.getInfinity();
+                }
+
+                ECFieldElement gamma = dy.divide(dx);
+                ECFieldElement X3 = gamma.square().subtract(X1).subtract(X2);
+                ECFieldElement Y3 = gamma.multiply(X1.subtract(X3)).subtract(Y1);
+
+                return new ECPoint.Fp(curve, X3, Y3, this.withCompression);
+            }
+
+            case ECCurve.COORD_HOMOGENEOUS:
+            {
+                ECFieldElement Z1 = this.zs[0];
+                ECFieldElement Z2 = b.zs[0];
+
+                boolean Z1IsOne = Z1.isOne();
+                boolean Z2IsOne = Z2.isOne();
+
+                ECFieldElement u1 = Z1IsOne ? Y2 : Y2.multiply(Z1);
+                ECFieldElement u2 = Z2IsOne ? Y1 : Y1.multiply(Z2);
+                ECFieldElement u = u1.subtract(u2);
+                ECFieldElement v1 = Z1IsOne ? X2 : X2.multiply(Z1);
+                ECFieldElement v2 = Z2IsOne ? X1 : X1.multiply(Z2);
+                ECFieldElement v = v1.subtract(v2);
+
+                // Check if b == this or b == -this
+                if (v.isZero())
+                {
+                    if (u.isZero())
+                    {
+                        // this == b, i.e. this must be doubled
+                        return this.twice();
+                    }
+
+                    // this == -b, i.e. the result is the point at infinity
+                    return curve.getInfinity();
+                }
+
+                // TODO Optimize for when w == 1
+                ECFieldElement w = Z1IsOne ? Z2 : Z2IsOne ? Z1 : Z1.multiply(Z2);
+                ECFieldElement vSquared = v.square();
+                ECFieldElement vCubed = vSquared.multiply(v);
+                ECFieldElement vSquaredV2 = vSquared.multiply(v2);
+                ECFieldElement A = u.square().multiply(w).subtract(vCubed).subtract(two(vSquaredV2));
+
+                ECFieldElement X3 = v.multiply(A);
+                ECFieldElement Y3 = vSquaredV2.subtract(A).multiplyMinusProduct(u, u2, vCubed);
+                ECFieldElement Z3 = vCubed.multiply(w);
+
+                return new ECPoint.Fp(curve, X3, Y3, new ECFieldElement[]{ Z3 }, this.withCompression);
+            }
+
+            case ECCurve.COORD_JACOBIAN:
+            case ECCurve.COORD_JACOBIAN_MODIFIED:
+            {
+                ECFieldElement Z1 = this.zs[0];
+                ECFieldElement Z2 = b.zs[0];
+
+                boolean Z1IsOne = Z1.isOne();
+
+                ECFieldElement X3, Y3, Z3, Z3Squared = null;
+
+                if (!Z1IsOne && Z1.equals(Z2))
+                {
+                    // TODO Make this available as public method coZAdd?
+
+                    ECFieldElement dx = X1.subtract(X2), dy = Y1.subtract(Y2);
+                    if (dx.isZero())
+                    {
+                        if (dy.isZero())
+                        {
+                            return twice();
+                        }
+                        return curve.getInfinity();
+                    }
+
+                    ECFieldElement C = dx.square();
+                    ECFieldElement W1 = X1.multiply(C), W2 = X2.multiply(C);
+                    ECFieldElement A1 = W1.subtract(W2).multiply(Y1);
+
+                    X3 = dy.square().subtract(W1).subtract(W2);
+                    Y3 = W1.subtract(X3).multiply(dy).subtract(A1);
+                    Z3 = dx;
+
+                    Z3 = Z3.multiply(Z1);
+                }
+                else
+                {
+                    ECFieldElement Z1Squared, U2, S2;
+                    if (Z1IsOne)
+                    {
+                        Z1Squared = Z1; U2 = X2; S2 = Y2;
+                    }
+                    else
+                    {
+                        Z1Squared = Z1.square();
+                        U2 = Z1Squared.multiply(X2);
+                        ECFieldElement Z1Cubed = Z1Squared.multiply(Z1);
+                        S2 = Z1Cubed.multiply(Y2);
+                    }
+
+                    boolean Z2IsOne = Z2.isOne();
+                    ECFieldElement Z2Squared, U1, S1;
+                    if (Z2IsOne)
+                    {
+                        Z2Squared = Z2; U1 = X1; S1 = Y1;
+                    }
+                    else
+                    {
+                        Z2Squared = Z2.square();
+                        U1 = Z2Squared.multiply(X1); 
+                        ECFieldElement Z2Cubed = Z2Squared.multiply(Z2);
+                        S1 = Z2Cubed.multiply(Y1);
+                    }
+
+                    ECFieldElement H = U1.subtract(U2);
+                    ECFieldElement R = S1.subtract(S2);
+    
+                    // Check if b == this or b == -this
+                    if (H.isZero())
+                    {
+                        if (R.isZero())
+                        {
+                            // this == b, i.e. this must be doubled
+                            return this.twice();
+                        }
+    
+                        // this == -b, i.e. the result is the point at infinity
+                        return curve.getInfinity();
+                    }
+    
+                    ECFieldElement HSquared = H.square();
+                    ECFieldElement G = HSquared.multiply(H);
+                    ECFieldElement V = HSquared.multiply(U1);
+    
+                    X3 = R.square().add(G).subtract(two(V));
+                    Y3 = V.subtract(X3).multiplyMinusProduct(R, G, S1);
+
+                    Z3 = H;
+                    if (!Z1IsOne)
+                    {
+                        Z3 = Z3.multiply(Z1);
+                    }
+                    if (!Z2IsOne)
+                    {
+                        Z3 = Z3.multiply(Z2);
+                    }
+    
+                    // Alternative calculation of Z3 using fast square
+    //                X3 = four(X3);
+    //                Y3 = eight(Y3);
+    //                Z3 = doubleProductFromSquares(Z1, Z2, Z1Squared, Z2Squared).multiply(H);
+                    
+                    if (Z3 == H)
+                    {
+                        Z3Squared = HSquared;
+                    }
+                }
+
+                ECFieldElement[] zs;
+                if (coord == ECCurve.COORD_JACOBIAN_MODIFIED)
+                {
+                    // TODO If the result will only be used in a subsequent addition, we don't need W3
+                    ECFieldElement W3 = calculateJacobianModifiedW(Z3, Z3Squared);
+
+                    zs = new ECFieldElement[]{ Z3, W3 };
+                }
+                else
+                {
+                    zs = new ECFieldElement[]{ Z3 };
+                }
+
+                return new ECPoint.Fp(curve, X3, Y3, zs, this.withCompression);
+            }
+
+            default:
+            {
+                throw new IllegalStateException("unsupported coordinate system");
+            }
+            }
+        }
+
+        // B.3 pg 62
+        public ECPoint twice()
+        {
+            if (this.isInfinity())
+            {
+                return this;
+            }
+
+            ECCurve curve = this.getCurve();
+
+            ECFieldElement Y1 = this.y;
+            if (Y1.isZero()) 
+            {
+                return curve.getInfinity();
+            }
+
+            int coord = curve.getCoordinateSystem();
+
+            ECFieldElement X1 = this.x;
+
+            switch (coord)
+            {
+            case ECCurve.COORD_AFFINE:
+            {
+                ECFieldElement X1Squared = X1.square();
+                ECFieldElement gamma = three(X1Squared).add(this.getCurve().getA()).divide(two(Y1));
+                ECFieldElement X3 = gamma.square().subtract(two(X1));
+                ECFieldElement Y3 = gamma.multiply(X1.subtract(X3)).subtract(Y1);
+    
+                return new ECPoint.Fp(curve, X3, Y3, this.withCompression);
+            }
+
+            case ECCurve.COORD_HOMOGENEOUS:
+            {
+                ECFieldElement Z1 = this.zs[0];
+
+                boolean Z1IsOne = Z1.isOne();
+
+                // TODO Optimize for small negative a4 and -3
+                ECFieldElement w = curve.getA();
+                if (!w.isZero() && !Z1IsOne)
+                {
+                    w = w.multiply(Z1.square());
+                }
+                w = w.add(three(X1.square()));
+                
+                ECFieldElement s = Z1IsOne ? Y1 : Y1.multiply(Z1);
+                ECFieldElement t = Z1IsOne ? Y1.square() : s.multiply(Y1);
+                ECFieldElement B = X1.multiply(t);
+                ECFieldElement _4B = four(B);
+                ECFieldElement h = w.square().subtract(two(_4B));
+
+                ECFieldElement _2s = two(s);
+                ECFieldElement X3 = h.multiply(_2s);
+                ECFieldElement _2t = two(t);
+                ECFieldElement Y3 = _4B.subtract(h).multiply(w).subtract(two(_2t.square()));
+                ECFieldElement _4sSquared = Z1IsOne ? two(_2t) : _2s.square();
+                ECFieldElement Z3 = two(_4sSquared).multiply(s);
+
+                return new ECPoint.Fp(curve, X3, Y3, new ECFieldElement[]{ Z3 }, this.withCompression);
+            }
+
+            case ECCurve.COORD_JACOBIAN:
+            {
+                ECFieldElement Z1 = this.zs[0];
+
+                boolean Z1IsOne = Z1.isOne();
+
+                ECFieldElement Y1Squared = Y1.square();
+                ECFieldElement T = Y1Squared.square();
+
+                ECFieldElement a4 = curve.getA();
+                ECFieldElement a4Neg = a4.negate();
+
+                ECFieldElement M, S;
+                if (a4Neg.toBigInteger().equals(BigInteger.valueOf(3)))
+                {
+                    ECFieldElement Z1Squared = Z1IsOne ? Z1 : Z1.square();
+                    M = three(X1.add(Z1Squared).multiply(X1.subtract(Z1Squared)));
+                    S = four(Y1Squared.multiply(X1));
+                }
+                else
+                {
+                    ECFieldElement X1Squared = X1.square();
+                    M = three(X1Squared);
+                    if (Z1IsOne)
+                    {
+                        M = M.add(a4);
+                    }
+                    else if (!a4.isZero())
+                    {
+                        ECFieldElement Z1Squared = Z1.square();
+                        ECFieldElement Z1Pow4 = Z1Squared.square();
+                        if (a4Neg.bitLength() < a4.bitLength())
+                        {
+                            M = M.subtract(Z1Pow4.multiply(a4Neg));
+                        }
+                        else
+                        {
+                            M = M.add(Z1Pow4.multiply(a4));
+                        }
+                    }
+//                  S = two(doubleProductFromSquares(X1, Y1Squared, X1Squared, T));
+                    S = four(X1.multiply(Y1Squared));
+                }
+
+                ECFieldElement X3 = M.square().subtract(two(S));
+                ECFieldElement Y3 = S.subtract(X3).multiply(M).subtract(eight(T));
+
+                ECFieldElement Z3 = two(Y1);
+                if (!Z1IsOne)
+                {
+                    Z3 = Z3.multiply(Z1);
+                }
+
+                // Alternative calculation of Z3 using fast square
+//                ECFieldElement Z3 = doubleProductFromSquares(Y1, Z1, Y1Squared, Z1Squared);
+
+                return new ECPoint.Fp(curve, X3, Y3, new ECFieldElement[]{ Z3 }, this.withCompression);
+            }
+
+            case ECCurve.COORD_JACOBIAN_MODIFIED:
+            {
+                return twiceJacobianModified(true);
+            }
+
+            default:
+            {
+                throw new IllegalStateException("unsupported coordinate system");
+            }
+            }
+        }
+
+        public ECPoint twicePlus(ECPoint b)
+        {
+            if (this == b)
+            {
+                return threeTimes();
+            }
+            if (this.isInfinity())
+            {
+                return b;
+            }
+            if (b.isInfinity())
+            {
+                return twice();
+            }
+
+            ECFieldElement Y1 = this.y;
+            if (Y1.isZero()) 
+            {
+                return b;
+            }
+
+            ECCurve curve = this.getCurve();
+            int coord = curve.getCoordinateSystem();
+
+            switch (coord)
+            {
+            case ECCurve.COORD_AFFINE:
+            {
+                ECFieldElement X1 = this.x;
+                ECFieldElement X2 = b.x, Y2 = b.y;
+
+                ECFieldElement dx = X2.subtract(X1), dy = Y2.subtract(Y1);
+
+                if (dx.isZero())
+                {
+                    if (dy.isZero())
+                    {
+                        // this == b i.e. the result is 3P
+                        return threeTimes();
+                    }
+
+                    // this == -b, i.e. the result is P
+                    return this;
+                }
+
+                /*
+                 * Optimized calculation of 2P + Q, as described in "Trading Inversions for
+                 * Multiplications in Elliptic Curve Cryptography", by Ciet, Joye, Lauter, Montgomery.
+                 */
+
+                ECFieldElement X = dx.square(), Y = dy.square();
+                ECFieldElement d = X.multiply(two(X1).add(X2)).subtract(Y);
+                if (d.isZero())
+                {
+                    return curve.getInfinity();
+                }
+
+                ECFieldElement D = d.multiply(dx);
+                ECFieldElement I = D.invert();
+                ECFieldElement L1 = d.multiply(I).multiply(dy);
+                ECFieldElement L2 = two(Y1).multiply(X).multiply(dx).multiply(I).subtract(L1);
+                ECFieldElement X4 = (L2.subtract(L1)).multiply(L1.add(L2)).add(X2);
+                ECFieldElement Y4 = (X1.subtract(X4)).multiply(L2).subtract(Y1);
+
+                return new ECPoint.Fp(curve, X4, Y4, this.withCompression);
+            }
+            case ECCurve.COORD_JACOBIAN_MODIFIED:
+            {
+                return twiceJacobianModified(false).add(b);
+            }
+            default:
+            {
+                return twice().add(b);
+            }
+            }
+        }
+
+        public ECPoint threeTimes()
+        {
+            if (this.isInfinity())
+            {
+                return this;
+            }
+
+            ECFieldElement Y1 = this.y;
+            if (Y1.isZero())
+            {
+                return this;
+            }
+
+            ECCurve curve = this.getCurve();
+            int coord = curve.getCoordinateSystem();
+
+            switch (coord)
+            {
+            case ECCurve.COORD_AFFINE:
+            {
+                ECFieldElement X1 = this.x;
+
+                ECFieldElement _2Y1 = two(Y1); 
+                ECFieldElement X = _2Y1.square();
+                ECFieldElement Z = three(X1.square()).add(this.getCurve().getA());
+                ECFieldElement Y = Z.square();
+
+                ECFieldElement d = three(X1).multiply(X).subtract(Y);
+                if (d.isZero())
+                {
+                    return this.getCurve().getInfinity();
+                }
+
+                ECFieldElement D = d.multiply(_2Y1); 
+                ECFieldElement I = D.invert();
+                ECFieldElement L1 = d.multiply(I).multiply(Z);
+                ECFieldElement L2 = X.square().multiply(I).subtract(L1);
+
+                ECFieldElement X4 = (L2.subtract(L1)).multiply(L1.add(L2)).add(X1);
+                ECFieldElement Y4 = (X1.subtract(X4)).multiply(L2).subtract(Y1); 
+                return new ECPoint.Fp(curve, X4, Y4, this.withCompression);
+            }
+            case ECCurve.COORD_JACOBIAN_MODIFIED:
+            {
+                return twiceJacobianModified(false).add(this);
+            }
+            default:
+            {
+                // NOTE: Be careful about recursions between twicePlus and threeTimes
+                return twice().add(this);
+            }
+            }
+        }
+
+        public ECPoint timesPow2(int e)
+        {
+            if (e < 0)
+            {
+                throw new IllegalArgumentException("'e' cannot be negative");
+            }
+            if (e == 0 || this.isInfinity())
+            {
+                return this;
+            }
+            if (e == 1)
+            {
+                return twice();
+            }
+
+            ECCurve curve = this.getCurve();
+
+            ECFieldElement Y1 = this.y;
+            if (Y1.isZero()) 
+            {
+                return curve.getInfinity();
+            }
+
+            int coord = curve.getCoordinateSystem();
+
+            ECFieldElement W1 = curve.getA();
+            ECFieldElement X1 = this.x;
+            ECFieldElement Z1 = this.zs.length < 1 ? curve.fromBigInteger(ECConstants.ONE) : this.zs[0];
+
+            if (!Z1.isOne())
+            {
+                switch (coord)
+                {
+                case ECCurve.COORD_AFFINE:
+                    break;
+                case ECCurve.COORD_HOMOGENEOUS:
+                    ECFieldElement Z1Sq = Z1.square();
+                    X1 = X1.multiply(Z1);
+                    Y1 = Y1.multiply(Z1Sq);
+                    W1 = calculateJacobianModifiedW(Z1, Z1Sq);
+                    break;
+                case ECCurve.COORD_JACOBIAN:
+                    W1 = calculateJacobianModifiedW(Z1, null);
+                    break;
+                case ECCurve.COORD_JACOBIAN_MODIFIED:
+                    W1 = getJacobianModifiedW();
+                    break;
+                default:
+                    throw new IllegalStateException("unsupported coordinate system");
+                }
+            }
+
+            for (int i = 0; i < e; ++i)
+            {
+                if (Y1.isZero()) 
+                {
+                    return curve.getInfinity();
+                }
+
+                ECFieldElement X1Squared = X1.square();
+                ECFieldElement M = three(X1Squared);
+                ECFieldElement _2Y1 = two(Y1);
+                ECFieldElement _2Y1Squared = _2Y1.multiply(Y1);
+                ECFieldElement S = two(X1.multiply(_2Y1Squared));
+                ECFieldElement _4T = _2Y1Squared.square();
+                ECFieldElement _8T = two(_4T);
+
+                if (!W1.isZero())
+                {
+                    M = M.add(W1);
+                    W1 = two(_8T.multiply(W1));
+                }
+
+                X1 = M.square().subtract(two(S));
+                Y1 = M.multiply(S.subtract(X1)).subtract(_8T);
+                Z1 = Z1.isOne() ? _2Y1 : _2Y1.multiply(Z1);
+            }
+
+            switch (coord)
+            {
+            case ECCurve.COORD_AFFINE:
+                ECFieldElement zInv = Z1.invert(), zInv2 = zInv.square(), zInv3 = zInv2.multiply(zInv);
+                return new Fp(curve, X1.multiply(zInv2), Y1.multiply(zInv3), this.withCompression);
+            case ECCurve.COORD_HOMOGENEOUS:
+                X1 = X1.multiply(Z1);
+                Z1 = Z1.multiply(Z1.square());
+                return new Fp(curve, X1, Y1, new ECFieldElement[]{ Z1 }, this.withCompression);
+            case ECCurve.COORD_JACOBIAN:
+                return new Fp(curve, X1, Y1, new ECFieldElement[]{ Z1 }, this.withCompression);
+            case ECCurve.COORD_JACOBIAN_MODIFIED:
+                return new Fp(curve, X1, Y1, new ECFieldElement[]{ Z1, W1 }, this.withCompression);
+            default:
+                throw new IllegalStateException("unsupported coordinate system");
+            }
+        }
+
+        protected ECFieldElement two(ECFieldElement x)
+        {
+            return x.add(x);
+        }
+
+        protected ECFieldElement three(ECFieldElement x)
+        {
+            return two(x).add(x);
+        }
+
+        protected ECFieldElement four(ECFieldElement x)
+        {
+            return two(two(x));
+        }
+
+        protected ECFieldElement eight(ECFieldElement x)
+        {
+            return four(two(x));
+        }
+
+        protected ECFieldElement doubleProductFromSquares(ECFieldElement a, ECFieldElement b,
+            ECFieldElement aSquared, ECFieldElement bSquared)
+        {
+            /*
+             * NOTE: If squaring in the field is faster than multiplication, then this is a quicker
+             * way to calculate 2.A.B, if A^2 and B^2 are already known.
+             */
+            return a.add(b).square().subtract(aSquared).subtract(bSquared);
+        }
+
+        public ECPoint negate()
+        {
+            if (this.isInfinity())
+            {
+                return this;
+            }
+
+            ECCurve curve = this.getCurve();
+            int coord = curve.getCoordinateSystem();
+
+            if (ECCurve.COORD_AFFINE != coord)
+            {
+                return new ECPoint.Fp(curve, this.x, this.y.negate(), this.zs, this.withCompression);
+            }
+
+            return new ECPoint.Fp(curve, this.x, this.y.negate(), this.withCompression);
+        }
+
+        protected ECFieldElement calculateJacobianModifiedW(ECFieldElement Z, ECFieldElement ZSquared)
+        {
+            ECFieldElement a4 = this.getCurve().getA();
+            if (a4.isZero() || Z.isOne())
+            {
+                return a4;
+            }
+
+            if (ZSquared == null)
+            {
+                ZSquared = Z.square();
+            }
+
+            ECFieldElement W = ZSquared.square();
+            ECFieldElement a4Neg = a4.negate();
+            if (a4Neg.bitLength() < a4.bitLength())
+            {
+                W = W.multiply(a4Neg).negate();
+            }
+            else
+            {
+                W = W.multiply(a4);
+            }
+            return W;
+        }
+
+        protected ECFieldElement getJacobianModifiedW()
+        {
+            ECFieldElement W = this.zs[1];
+            if (W == null)
+            {
+                // NOTE: Rarely, twicePlus will result in the need for a lazy W1 calculation here
+                this.zs[1] = W = calculateJacobianModifiedW(this.zs[0], null);
+            }
+            return W;
+        }
+
+        protected ECPoint.Fp twiceJacobianModified(boolean calculateW)
+        {
+            ECFieldElement X1 = this.x, Y1 = this.y, Z1 = this.zs[0], W1 = getJacobianModifiedW();
+
+            ECFieldElement X1Squared = X1.square();
+            ECFieldElement M = three(X1Squared).add(W1);
+            ECFieldElement _2Y1 = two(Y1);
+            ECFieldElement _2Y1Squared = _2Y1.multiply(Y1);
+            ECFieldElement S = two(X1.multiply(_2Y1Squared));
+            ECFieldElement X3 = M.square().subtract(two(S));
+            ECFieldElement _4T = _2Y1Squared.square();
+            ECFieldElement _8T = two(_4T);
+            ECFieldElement Y3 = M.multiply(S.subtract(X3)).subtract(_8T);
+            ECFieldElement W3 = calculateW ? two(_8T.multiply(W1)) : null;
+            ECFieldElement Z3 = Z1.isOne() ? _2Y1 : _2Y1.multiply(Z1);
+
+            return new ECPoint.Fp(this.getCurve(), X3, Y3, new ECFieldElement[]{ Z3, W3 }, this.withCompression);
+        }
+    }
+
+    /**
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static abstract class AbstractF2m extends ECPoint
+    {
+        protected AbstractF2m(ECCurve curve, ECFieldElement x, ECFieldElement y)
+        {
+            super(curve, x, y);
+        }
+
+        protected AbstractF2m(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs)
+        {
+            super(curve, x, y, zs);
+        }
+
+        protected boolean satisfiesCurveEquation()
+        {
+            ECCurve curve = this.getCurve();
+            ECFieldElement X = this.x, A = curve.getA(), B = curve.getB();
+            
+            int coord = curve.getCoordinateSystem();
+            if (coord == ECCurve.COORD_LAMBDA_PROJECTIVE)
+            {
+                ECFieldElement Z = this.zs[0];
+                boolean ZIsOne = Z.isOne();
+
+                if (X.isZero())
+                {
+                    // NOTE: For x == 0, we expect the affine-y instead of the lambda-y 
+                    ECFieldElement Y = this.y;
+                    ECFieldElement lhs = Y.square(), rhs = B;
+                    if (!ZIsOne)
+                    {
+                        rhs = rhs.multiply(Z.square());
+                    }
+                    return lhs.equals(rhs);
+                }
+
+                ECFieldElement L = this.y, X2 = X.square();
+                ECFieldElement lhs, rhs;
+                if (ZIsOne)
+                {
+                    lhs = L.square().add(L).add(A);
+                    rhs = X2.square().add(B);
+                }
+                else
+                {
+                    ECFieldElement Z2 = Z.square(), Z4 = Z2.square();
+                    lhs = L.add(Z).multiplyPlusProduct(L, A, Z2);
+                    // TODO If sqrt(b) is precomputed this can be simplified to a single square
+                    rhs = X2.squarePlusProduct(B, Z4);
+                }
+                lhs = lhs.multiply(X2);
+                return lhs.equals(rhs);
+            }
+
+            ECFieldElement Y = this.y;
+            ECFieldElement lhs = Y.add(X).multiply(Y);
+
+            switch (coord)
+            {
+            case ECCurve.COORD_AFFINE:
+                break;
+            case ECCurve.COORD_HOMOGENEOUS:
+            {
+                ECFieldElement Z = this.zs[0];
+                if (!Z.isOne())
+                {
+                    ECFieldElement Z2 = Z.square(), Z3 = Z.multiply(Z2);
+                    lhs = lhs.multiply(Z);
+                    A = A.multiply(Z);
+                    B = B.multiply(Z3);
+                }
+                break;
+            }
+            default:
+                throw new IllegalStateException("unsupported coordinate system");
+            }
+
+            ECFieldElement rhs = X.add(A).multiply(X.square()).add(B);
+            return lhs.equals(rhs);
+        }
+
+        protected boolean satisfiesOrder()
+        {
+            BigInteger cofactor = curve.getCofactor();
+            if (ECConstants.TWO.equals(cofactor))
+            {
+                /*
+                 *  Check that the trace of (X + A) is 0, then there exists a solution to L^2 + L = X + A,
+                 *  and so a halving is possible, so this point is the double of another.  
+                 */
+                ECPoint N = this.normalize();
+                ECFieldElement X = N.getAffineXCoord();
+                ECFieldElement rhs = X.add(curve.getA());
+                return ((ECFieldElement.AbstractF2m)rhs).trace() == 0;
+            }
+            if (ECConstants.FOUR.equals(cofactor))
+            {
+                /*
+                 * Solve L^2 + L = X + A to find the half of this point, if it exists (fail if not).
+                 * Generate both possibilities for the square of the half-point's x-coordinate (w),
+                 * and check if Tr(w + A) == 0 for at least one; then a second halving is possible
+                 * (see comments for cofactor 2 above), so this point is four times another.
+                 * 
+                 * Note: Tr(x^2) == Tr(x). 
+                 */
+                ECPoint N = this.normalize();
+                ECFieldElement X = N.getAffineXCoord();
+                ECFieldElement lambda = ((ECCurve.AbstractF2m)curve).solveQuadraticEquation(X.add(curve.getA()));
+                if (lambda == null)
+                {
+                    return false;
+                }
+                ECFieldElement w = X.multiply(lambda).add(N.getAffineYCoord()); 
+                ECFieldElement t = w.add(curve.getA());
+                return ((ECFieldElement.AbstractF2m)t).trace() == 0
+                    || ((ECFieldElement.AbstractF2m)(t.add(X))).trace() == 0;
+            }
+
+            return super.satisfiesOrder();
+        }
+
+        public ECPoint scaleX(ECFieldElement scale)
+        {
+            if (this.isInfinity())
+            {
+                return this;
+            }
+
+            int coord = this.getCurveCoordinateSystem();
+
+            switch (coord)
+            {
+            case ECCurve.COORD_LAMBDA_AFFINE:
+            {
+                // Y is actually Lambda (X + Y/X) here
+                ECFieldElement X = this.getRawXCoord(), L = this.getRawYCoord(); // earlier JDK
+
+                ECFieldElement X2 = X.multiply(scale);
+                ECFieldElement L2 = L.add(X).divide(scale).add(X2);
+
+                return this.getCurve().createRawPoint(X, L2, this.getRawZCoords(), this.withCompression); // earlier JDK
+            }
+            case ECCurve.COORD_LAMBDA_PROJECTIVE:
+            {
+                // Y is actually Lambda (X + Y/X) here
+                ECFieldElement X = this.getRawXCoord(), L = this.getRawYCoord(), Z = this.getRawZCoords()[0]; // earlier JDK
+
+                // We scale the Z coordinate also, to avoid an inversion
+                ECFieldElement X2 = X.multiply(scale.square());
+                ECFieldElement L2 = L.add(X).add(X2);
+                ECFieldElement Z2 = Z.multiply(scale);
+
+                return this.getCurve().createRawPoint(X2, L2, new ECFieldElement[]{ Z2 }, this.withCompression); // earlier JDK
+            }
+            default:
+            {
+                return super.scaleX(scale);
+            }
+            }
+        }
+
+        public ECPoint scaleY(ECFieldElement scale)
+        {
+            if (this.isInfinity())
+            {
+                return this;
+            }
+
+            int coord = this.getCurveCoordinateSystem();
+
+            switch (coord)
+            {
+            case ECCurve.COORD_LAMBDA_AFFINE:
+            case ECCurve.COORD_LAMBDA_PROJECTIVE:
+            {
+                ECFieldElement X = this.getRawXCoord(), L = this.getRawYCoord(); // earlier JDK
+
+                // Y is actually Lambda (X + Y/X) here
+                ECFieldElement L2 = L.add(X).multiply(scale).add(X);
+
+                return this.getCurve().createRawPoint(X, L2, this.getRawZCoords(), this.withCompression); // earlier JDK
+            }
+            default:
+            {
+                return super.scaleY(scale);
+            }
+            }
+        }
+
+        public ECPoint subtract(ECPoint b)
+        {
+            if (b.isInfinity())
+            {
+                return this;
+            }
+
+            // Add -b
+            return this.add(b.negate());
+        }
+
+        public ECPoint.AbstractF2m tau()
+        {
+            if (this.isInfinity())
+            {
+                return this;
+            }
+
+            ECCurve curve = this.getCurve();
+            int coord = curve.getCoordinateSystem();
+
+            ECFieldElement X1 = this.x;
+
+            switch (coord)
+            {
+            case ECCurve.COORD_AFFINE:
+            case ECCurve.COORD_LAMBDA_AFFINE:
+            {
+                ECFieldElement Y1 = this.y;
+                return (ECPoint.AbstractF2m)curve.createRawPoint(X1.square(), Y1.square(), this.withCompression);
+            }
+            case ECCurve.COORD_HOMOGENEOUS:
+            case ECCurve.COORD_LAMBDA_PROJECTIVE:
+            {
+                ECFieldElement Y1 = this.y, Z1 = this.zs[0];
+                return (ECPoint.AbstractF2m)curve.createRawPoint(X1.square(), Y1.square(),
+                    new ECFieldElement[]{ Z1.square() }, this.withCompression);
+            }
+            default:
+            {
+                throw new IllegalStateException("unsupported coordinate system");
+            }
+            }
+        }
+
+        public ECPoint.AbstractF2m tauPow(int pow)
+        {
+            if (this.isInfinity())
+            {
+                return this;
+            }
+
+            ECCurve curve = this.getCurve();
+            int coord = curve.getCoordinateSystem();
+
+            ECFieldElement X1 = this.x;
+
+            switch (coord)
+            {
+            case ECCurve.COORD_AFFINE:
+            case ECCurve.COORD_LAMBDA_AFFINE:
+            {
+                ECFieldElement Y1 = this.y;
+                return (ECPoint.AbstractF2m)curve.createRawPoint(X1.squarePow(pow), Y1.squarePow(pow), this.withCompression);
+            }
+            case ECCurve.COORD_HOMOGENEOUS:
+            case ECCurve.COORD_LAMBDA_PROJECTIVE:
+            {
+                ECFieldElement Y1 = this.y, Z1 = this.zs[0];
+                return (ECPoint.AbstractF2m)curve.createRawPoint(X1.squarePow(pow), Y1.squarePow(pow),
+                    new ECFieldElement[]{ Z1.squarePow(pow) }, this.withCompression);
+            }
+            default:
+            {
+                throw new IllegalStateException("unsupported coordinate system");
+            }
+            }
+        }
+    }
+
+    /**
+     * Elliptic curve points over F2m
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class F2m extends AbstractF2m
+    {
+        /**
+         * @param curve base curve
+         * @param x x point
+         * @param y y point
+         * @param withCompression true if encode with point compression.
+         * 
+         * @deprecated per-point compression property will be removed, refer {@link #getEncoded(boolean)}
+         */
+        public F2m(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
+        {
+            super(curve, x, y);
+
+            if ((x == null) != (y == null))
+            {
+                throw new IllegalArgumentException("Exactly one of the field elements is null");
+            }
+
+            if (x != null)
+            {
+                // Check if x and y are elements of the same field
+                ECFieldElement.F2m.checkFieldElements(this.x, this.y);
+
+                // Check if x and a are elements of the same field
+                if (curve != null)
+                {
+                    ECFieldElement.F2m.checkFieldElements(this.x, this.curve.getA());
+                }
+            }
+
+            this.withCompression = withCompression;
+
+//            checkCurveEquation();
+        }
+
+        F2m(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
+        {
+            super(curve, x, y, zs);
+
+            this.withCompression = withCompression;
+
+//            checkCurveEquation();
+        }
+
+        protected ECPoint detach()
+        {
+            return new ECPoint.F2m(null, this.getAffineXCoord(), this.getAffineYCoord(), false); // earlier JDK
+        }
+
+        public ECFieldElement getYCoord()
+        {
+            int coord = this.getCurveCoordinateSystem();
+
+            switch (coord)
+            {
+            case ECCurve.COORD_LAMBDA_AFFINE:
+            case ECCurve.COORD_LAMBDA_PROJECTIVE:
+            {
+                ECFieldElement X = x, L = y;
+
+                if (this.isInfinity() || X.isZero())
+                {
+                    return L;
+                }
+
+                // Y is actually Lambda (X + Y/X) here; convert to affine value on the fly
+                ECFieldElement Y = L.add(X).multiply(X);
+                if (ECCurve.COORD_LAMBDA_PROJECTIVE == coord)
+                {
+                    ECFieldElement Z = zs[0];
+                    if (!Z.isOne())
+                    {
+                        Y = Y.divide(Z);
+                    }
+                }
+                return Y;
+            }
+            default:
+            {
+                return y;
+            }
+            }
+        }
+
+        protected boolean getCompressionYTilde()
+        {
+            ECFieldElement X = this.getRawXCoord();
+            if (X.isZero())
+            {
+                return false;
+            }
+
+            ECFieldElement Y = this.getRawYCoord();
+
+            switch (this.getCurveCoordinateSystem())
+            {
+            case ECCurve.COORD_LAMBDA_AFFINE:
+            case ECCurve.COORD_LAMBDA_PROJECTIVE:
+            {
+                // Y is actually Lambda (X + Y/X) here
+                return Y.testBitZero() != X.testBitZero();
+            }
+            default:
+            {
+                return Y.divide(X).testBitZero();
+            }
+            }
+        }
+
+        public ECPoint add(ECPoint b)
+        {
+            if (this.isInfinity())
+            {
+                return b;
+            }
+            if (b.isInfinity())
+            {
+                return this;
+            }
+
+            ECCurve curve = this.getCurve();
+            int coord = curve.getCoordinateSystem();
+
+            ECFieldElement X1 = this.x;
+            ECFieldElement X2 = b.x;
+
+            switch (coord)
+            {
+            case ECCurve.COORD_AFFINE:
+            {
+                ECFieldElement Y1 = this.y;
+                ECFieldElement Y2 = b.y;
+
+                ECFieldElement dx = X1.add(X2), dy = Y1.add(Y2);
+                if (dx.isZero())
+                {
+                    if (dy.isZero())
+                    {
+                        return twice();
+                    }
+
+                    return curve.getInfinity();
+                }
+
+                ECFieldElement L = dy.divide(dx);
+
+                ECFieldElement X3 = L.square().add(L).add(dx).add(curve.getA());
+                ECFieldElement Y3 = L.multiply(X1.add(X3)).add(X3).add(Y1);
+
+                return new ECPoint.F2m(curve, X3, Y3, this.withCompression);
+            }
+            case ECCurve.COORD_HOMOGENEOUS:
+            {
+                ECFieldElement Y1 = this.y, Z1 = this.zs[0];
+                ECFieldElement Y2 = b.y, Z2 = b.zs[0];
+
+                boolean Z2IsOne = Z2.isOne();
+
+                ECFieldElement U1 = Z1.multiply(Y2);
+                ECFieldElement U2 = Z2IsOne ? Y1 : Y1.multiply(Z2);
+                ECFieldElement U = U1.add(U2);
+                ECFieldElement V1 = Z1.multiply(X2);
+                ECFieldElement V2 = Z2IsOne ? X1 : X1.multiply(Z2);
+                ECFieldElement V = V1.add(V2);
+
+                if (V.isZero())
+                {
+                    if (U.isZero())
+                    {
+                        return twice();
+                    }
+
+                    return curve.getInfinity();
+                }
+
+                ECFieldElement VSq = V.square();
+                ECFieldElement VCu = VSq.multiply(V);
+                ECFieldElement W = Z2IsOne ? Z1 : Z1.multiply(Z2);
+                ECFieldElement uv = U.add(V);
+                ECFieldElement A = uv.multiplyPlusProduct(U, VSq, curve.getA()).multiply(W).add(VCu);
+
+                ECFieldElement X3 = V.multiply(A);
+                ECFieldElement VSqZ2 = Z2IsOne ? VSq : VSq.multiply(Z2);
+                ECFieldElement Y3 = U.multiplyPlusProduct(X1, V, Y1).multiplyPlusProduct(VSqZ2, uv, A);
+                ECFieldElement Z3 = VCu.multiply(W);
+
+                return new ECPoint.F2m(curve, X3, Y3, new ECFieldElement[]{ Z3 }, this.withCompression);
+            }
+            case ECCurve.COORD_LAMBDA_PROJECTIVE:
+            {
+                if (X1.isZero())
+                {
+                    if (X2.isZero())
+                    {
+                        return curve.getInfinity();
+                    }
+
+                    return b.add(this);
+                }
+
+                ECFieldElement L1 = this.y, Z1 = this.zs[0];
+                ECFieldElement L2 = b.y, Z2 = b.zs[0];
+
+                boolean Z1IsOne = Z1.isOne();
+                ECFieldElement U2 = X2, S2 = L2;
+                if (!Z1IsOne)
+                {
+                    U2 = U2.multiply(Z1);
+                    S2 = S2.multiply(Z1);
+                }
+
+                boolean Z2IsOne = Z2.isOne();
+                ECFieldElement U1 = X1, S1 = L1;
+                if (!Z2IsOne)
+                {
+                    U1 = U1.multiply(Z2);
+                    S1 = S1.multiply(Z2);
+                }
+
+                ECFieldElement A = S1.add(S2);
+                ECFieldElement B = U1.add(U2);
+
+                if (B.isZero())
+                {
+                    if (A.isZero())
+                    {
+                        return twice();
+                    }
+
+                    return curve.getInfinity();
+                }
+
+                ECFieldElement X3, L3, Z3;
+                if (X2.isZero())
+                {
+                    // TODO This can probably be optimized quite a bit
+                    ECPoint p = this.normalize();
+                    X1 = p.getXCoord();
+                    ECFieldElement Y1 = p.getYCoord();
+
+                    ECFieldElement Y2 = L2;
+                    ECFieldElement L = Y1.add(Y2).divide(X1);
+
+                    X3 = L.square().add(L).add(X1).add(curve.getA());
+                    if (X3.isZero())
+                    {
+                        return new ECPoint.F2m(curve, X3, curve.getB().sqrt(), this.withCompression);
+                    }
+
+                    ECFieldElement Y3 = L.multiply(X1.add(X3)).add(X3).add(Y1);
+                    L3 = Y3.divide(X3).add(X3);
+                    Z3 = curve.fromBigInteger(ECConstants.ONE);
+                }
+                else
+                {
+                    B = B.square();
+    
+                    ECFieldElement AU1 = A.multiply(U1);
+                    ECFieldElement AU2 = A.multiply(U2);
+
+                    X3 = AU1.multiply(AU2);
+                    if (X3.isZero())
+                    {
+                        return new ECPoint.F2m(curve, X3, curve.getB().sqrt(), this.withCompression);
+                    }
+
+                    ECFieldElement ABZ2 = A.multiply(B);
+                    if (!Z2IsOne)
+                    {
+                        ABZ2 = ABZ2.multiply(Z2);
+                    }
+
+                    L3 = AU2.add(B).squarePlusProduct(ABZ2, L1.add(Z1));
+
+                    Z3 = ABZ2;
+                    if (!Z1IsOne)
+                    {
+                        Z3 = Z3.multiply(Z1);
+                    }
+                }
+
+                return new ECPoint.F2m(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
+            }
+            default:
+            {
+                throw new IllegalStateException("unsupported coordinate system");
+            }
+            }
+        }
+
+        public ECPoint twice()
+        {
+            if (this.isInfinity()) 
+            {
+                return this;
+            }
+
+            ECCurve curve = this.getCurve();
+
+            ECFieldElement X1 = this.x;
+            if (X1.isZero()) 
+            {
+                // A point with X == 0 is it's own additive inverse
+                return curve.getInfinity();
+            }
+
+            int coord = curve.getCoordinateSystem();
+
+            switch (coord)
+            {
+            case ECCurve.COORD_AFFINE:
+            {
+                ECFieldElement Y1 = this.y;
+
+                ECFieldElement L1 = Y1.divide(X1).add(X1);
+
+                ECFieldElement X3 = L1.square().add(L1).add(curve.getA());
+                ECFieldElement Y3 = X1.squarePlusProduct(X3, L1.addOne());
+
+                return new ECPoint.F2m(curve, X3, Y3, this.withCompression);
+            }
+            case ECCurve.COORD_HOMOGENEOUS:
+            {
+                ECFieldElement Y1 = this.y, Z1 = this.zs[0];
+
+                boolean Z1IsOne = Z1.isOne();
+                ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.multiply(Z1);
+                ECFieldElement Y1Z1 = Z1IsOne ? Y1 : Y1.multiply(Z1);
+
+                ECFieldElement X1Sq = X1.square();
+                ECFieldElement S = X1Sq.add(Y1Z1);
+                ECFieldElement V = X1Z1;
+                ECFieldElement vSquared = V.square();
+                ECFieldElement sv = S.add(V);
+                ECFieldElement h = sv.multiplyPlusProduct(S, vSquared, curve.getA());
+
+                ECFieldElement X3 = V.multiply(h);
+                ECFieldElement Y3 = X1Sq.square().multiplyPlusProduct(V, h, sv);
+                ECFieldElement Z3 = V.multiply(vSquared);    
+
+                return new ECPoint.F2m(curve, X3, Y3, new ECFieldElement[]{ Z3 }, this.withCompression);
+            }
+            case ECCurve.COORD_LAMBDA_PROJECTIVE:
+            {
+                ECFieldElement L1 = this.y, Z1 = this.zs[0];
+
+                boolean Z1IsOne = Z1.isOne();
+                ECFieldElement L1Z1 = Z1IsOne ? L1 : L1.multiply(Z1);
+                ECFieldElement Z1Sq = Z1IsOne ? Z1 : Z1.square();
+                ECFieldElement a = curve.getA();
+                ECFieldElement aZ1Sq = Z1IsOne ? a : a.multiply(Z1Sq);
+                ECFieldElement T = L1.square().add(L1Z1).add(aZ1Sq);
+                if (T.isZero())
+                {
+                    return new ECPoint.F2m(curve, T, curve.getB().sqrt(), withCompression);
+                }
+
+                ECFieldElement X3 = T.square();
+                ECFieldElement Z3 = Z1IsOne ? T : T.multiply(Z1Sq);
+
+                ECFieldElement b = curve.getB();
+                ECFieldElement L3;
+                if (b.bitLength() < (curve.getFieldSize() >> 1))
+                {
+                    ECFieldElement t1 = L1.add(X1).square();
+                    ECFieldElement t2;
+                    if (b.isOne())
+                    {
+                        t2 = aZ1Sq.add(Z1Sq).square();
+                    }
+                    else
+                    {
+                        // TODO Can be calculated with one square if we pre-compute sqrt(b)
+                        t2 = aZ1Sq.squarePlusProduct(b, Z1Sq.square());
+                    }
+                    L3 = t1.add(T).add(Z1Sq).multiply(t1).add(t2).add(X3);
+                    if (a.isZero())
+                    {
+                        L3 = L3.add(Z3);
+                    }
+                    else if (!a.isOne())
+                    {
+                        L3 = L3.add(a.addOne().multiply(Z3));
+                    }
+                }
+                else
+                {
+                    ECFieldElement X1Z1 = Z1IsOne ? X1 : X1.multiply(Z1);
+                    L3 = X1Z1.squarePlusProduct(T, L1Z1).add(X3).add(Z3);
+                }
+
+                return new ECPoint.F2m(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
+            }
+            default:
+            {
+                throw new IllegalStateException("unsupported coordinate system");
+            }
+            }
+        }
+
+        public ECPoint twicePlus(ECPoint b)
+        {
+            if (this.isInfinity()) 
+            {
+                return b;
+            }
+            if (b.isInfinity())
+            {
+                return twice();
+            }
+
+            ECCurve curve = this.getCurve();
+
+            ECFieldElement X1 = this.x;
+            if (X1.isZero()) 
+            {
+                // A point with X == 0 is it's own additive inverse
+                return b;
+            }
+
+            int coord = curve.getCoordinateSystem();
+
+            switch (coord)
+            {
+            case ECCurve.COORD_LAMBDA_PROJECTIVE:
+            {
+                // NOTE: twicePlus() only optimized for lambda-affine argument
+                ECFieldElement X2 = b.x, Z2 = b.zs[0];
+                if (X2.isZero() || !Z2.isOne())
+                {
+                    return twice().add(b);
+                }
+
+                ECFieldElement L1 = this.y, Z1 = this.zs[0];
+                ECFieldElement L2 = b.y;
+
+                ECFieldElement X1Sq = X1.square();
+                ECFieldElement L1Sq = L1.square();
+                ECFieldElement Z1Sq = Z1.square();
+                ECFieldElement L1Z1 = L1.multiply(Z1);
+
+                ECFieldElement T = curve.getA().multiply(Z1Sq).add(L1Sq).add(L1Z1);
+                ECFieldElement L2plus1 = L2.addOne();
+                ECFieldElement A = curve.getA().add(L2plus1).multiply(Z1Sq).add(L1Sq).multiplyPlusProduct(T, X1Sq, Z1Sq);
+                ECFieldElement X2Z1Sq = X2.multiply(Z1Sq);
+                ECFieldElement B = X2Z1Sq.add(T).square();
+
+                if (B.isZero())
+                {
+                    if (A.isZero())
+                    {
+                        return b.twice();
+                    }
+
+                    return curve.getInfinity();
+                }
+
+                if (A.isZero())
+                {
+                    return new ECPoint.F2m(curve, A, curve.getB().sqrt(), withCompression);
+                }
+
+                ECFieldElement X3 = A.square().multiply(X2Z1Sq);
+                ECFieldElement Z3 = A.multiply(B).multiply(Z1Sq);
+                ECFieldElement L3 = A.add(B).square().multiplyPlusProduct(T, L2plus1, Z3);
+
+                return new ECPoint.F2m(curve, X3, L3, new ECFieldElement[]{ Z3 }, this.withCompression);
+            }
+            default:
+            {
+                return twice().add(b);
+            }
+            }
+        }
+
+        public ECPoint negate()
+        {
+            if (this.isInfinity())
+            {
+                return this;
+            }
+
+            ECFieldElement X = this.x;
+            if (X.isZero())
+            {
+                return this;
+            }
+
+            switch (this.getCurveCoordinateSystem())
+            {
+            case ECCurve.COORD_AFFINE:
+            {
+                ECFieldElement Y = this.y;
+                return new ECPoint.F2m(curve, X, Y.add(X), this.withCompression);
+            }
+            case ECCurve.COORD_HOMOGENEOUS:
+            {
+                ECFieldElement Y = this.y, Z = this.zs[0];
+                return new ECPoint.F2m(curve, X, Y.add(X), new ECFieldElement[]{ Z }, this.withCompression);
+            }
+            case ECCurve.COORD_LAMBDA_AFFINE:
+            {
+                ECFieldElement L = this.y;
+                return new ECPoint.F2m(curve, X, L.addOne(), this.withCompression);
+            }
+            case ECCurve.COORD_LAMBDA_PROJECTIVE:
+            {
+                // L is actually Lambda (X + Y/X) here
+                ECFieldElement L = this.y, Z = this.zs[0];
+                return new ECPoint.F2m(curve, X, L.add(Z), new ECFieldElement[]{ Z }, this.withCompression);
+            }
+            default:
+            {
+                throw new IllegalStateException("unsupported coordinate system");
+            }
+            }
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ECPointMap.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ECPointMap.java
new file mode 100644
index 0000000..812405d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ECPointMap.java

@@ -0,0 +1,10 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface ECPointMap
+{
+    ECPoint map(ECPoint p);
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/FixedPointCombMultiplier.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/FixedPointCombMultiplier.java
new file mode 100644
index 0000000..9c59321
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/FixedPointCombMultiplier.java

@@ -0,0 +1,60 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.raw.Nat;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class FixedPointCombMultiplier extends AbstractECMultiplier
+{
+    protected ECPoint multiplyPositive(ECPoint p, BigInteger k)
+    {
+        ECCurve c = p.getCurve();
+        int size = FixedPointUtil.getCombSize(c);
+
+        if (k.bitLength() > size)
+        {
+            /*
+             * TODO The comb works best when the scalars are less than the (possibly unknown) order.
+             * Still, if we want to handle larger scalars, we could allow customization of the comb
+             * size, or alternatively we could deal with the 'extra' bits either by running the comb
+             * multiple times as necessary, or by using an alternative multiplier as prelude.
+             */
+            throw new IllegalStateException("fixed-point comb doesn't support scalars larger than the curve order");
+        }
+
+        FixedPointPreCompInfo info = FixedPointUtil.precompute(p);
+        ECLookupTable lookupTable = info.getLookupTable();
+        int width = info.getWidth();
+
+        int d = (size + width - 1) / width;
+
+        ECPoint R = c.getInfinity();
+
+        int fullComb = d * width;
+        int[] K = Nat.fromBigInteger(fullComb, k);
+
+        int top = fullComb - 1; 
+        for (int i = 0; i < d; ++i)
+        {
+            int secretIndex = 0;
+
+            for (int j = top - i; j >= 0; j -= d)
+            {
+                int secretBit = K[j >>> 5] >>> (j & 0x1F);
+                secretIndex ^= secretBit >>> 1;
+                secretIndex <<= 1;
+                secretIndex ^= secretBit;
+            }
+
+            ECPoint add = lookupTable.lookup(secretIndex);
+
+            R = R.twicePlus(add);
+        }
+
+        return R.add(info.getOffset());
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/FixedPointPreCompInfo.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/FixedPointPreCompInfo.java
new file mode 100644
index 0000000..476da0c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/FixedPointPreCompInfo.java

@@ -0,0 +1,53 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec;
+
+/**
+ * Class holding precomputation data for fixed-point multiplications.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class FixedPointPreCompInfo implements PreCompInfo
+{
+    protected ECPoint offset = null;
+
+    /**
+     * Lookup table for the precomputed {@link ECPoint}s used for a fixed point multiplication.
+     */
+    protected ECLookupTable lookupTable = null;
+
+    /**
+     * The width used for the precomputation. If a larger width precomputation
+     * is already available this may be larger than was requested, so calling
+     * code should refer to the actual width.
+     */
+    protected int width = -1;
+
+    public ECLookupTable getLookupTable()
+    {
+        return lookupTable;
+    }
+
+    public void setLookupTable(ECLookupTable lookupTable)
+    {
+        this.lookupTable = lookupTable;
+    }
+
+    public ECPoint getOffset()
+    {
+        return offset;
+    }
+
+    public void setOffset(ECPoint offset)
+    {
+        this.offset = offset;
+    }
+
+    public int getWidth()
+    {
+        return width;
+    }
+
+    public void setWidth(int width)
+    {
+        this.width = width;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/FixedPointUtil.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/FixedPointUtil.java
new file mode 100644
index 0000000..67d1e3d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/FixedPointUtil.java

@@ -0,0 +1,91 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec;
+
+import java.math.BigInteger;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class FixedPointUtil
+{
+    public static final String PRECOMP_NAME = "bc_fixed_point";
+
+    public static int getCombSize(ECCurve c)
+    {
+        BigInteger order = c.getOrder();
+        return order == null ? c.getFieldSize() + 1 : order.bitLength(); 
+    }
+
+    public static FixedPointPreCompInfo getFixedPointPreCompInfo(PreCompInfo preCompInfo)
+    {
+        return (preCompInfo instanceof FixedPointPreCompInfo) ? (FixedPointPreCompInfo)preCompInfo : null;
+    }
+
+    public static FixedPointPreCompInfo precompute(final ECPoint p)
+    {
+        final ECCurve c = p.getCurve();
+
+        return (FixedPointPreCompInfo)c.precompute(p, PRECOMP_NAME, new PreCompCallback()
+        {
+            public PreCompInfo precompute(PreCompInfo existing)
+            {
+                FixedPointPreCompInfo existingFP = (existing instanceof FixedPointPreCompInfo) ? (FixedPointPreCompInfo)existing : null;
+
+                int bits = getCombSize(c);
+                int minWidth = bits > 250 ? 6 : 5;
+                int n = 1 << minWidth;
+
+                if (checkExisting(existingFP, n))
+                {
+                    return existingFP;
+                }
+
+                int d = (bits + minWidth - 1) / minWidth;
+
+                ECPoint[] pow2Table = new ECPoint[minWidth + 1];
+                pow2Table[0] = p;
+                for (int i = 1; i < minWidth; ++i)
+                {
+                    pow2Table[i] = pow2Table[i - 1].timesPow2(d);
+                }
+
+                // This will be the 'offset' value 
+                pow2Table[minWidth] = pow2Table[0].subtract(pow2Table[1]);
+
+                c.normalizeAll(pow2Table);
+
+                ECPoint[] lookupTable = new ECPoint[n];
+                lookupTable[0] = pow2Table[0];
+
+                for (int bit = minWidth - 1; bit >= 0; --bit)
+                {
+                    ECPoint pow2 = pow2Table[bit];
+
+                    int step = 1 << bit;
+                    for (int i = step; i < n; i += (step << 1))
+                    {
+                        lookupTable[i] = lookupTable[i - step].add(pow2);
+                    }
+                }
+
+                c.normalizeAll(lookupTable);
+
+                FixedPointPreCompInfo result = new FixedPointPreCompInfo();
+                result.setLookupTable(c.createCacheSafeLookupTable(lookupTable, 0, lookupTable.length));
+                result.setOffset(pow2Table[minWidth]);
+                result.setWidth(minWidth);
+                return result;
+            }
+
+            private boolean checkExisting(FixedPointPreCompInfo existingFP, int n)
+            {
+                return existingFP != null && checkTable(existingFP.getLookupTable(), n);
+            }
+
+            private boolean checkTable(ECLookupTable table, int n)
+            {
+                return table != null && table.getSize() >= n;
+            }
+        });
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/GLVMultiplier.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/GLVMultiplier.java
new file mode 100644
index 0000000..9aa1fa8
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/GLVMultiplier.java

@@ -0,0 +1,46 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.ec.endo.GLVEndomorphism;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class GLVMultiplier extends AbstractECMultiplier
+{
+    protected final ECCurve curve;
+    protected final GLVEndomorphism glvEndomorphism;
+
+    public GLVMultiplier(ECCurve curve, GLVEndomorphism glvEndomorphism)
+    {
+        if (curve == null || curve.getOrder() == null)
+        {
+            throw new IllegalArgumentException("Need curve with known group order");
+        }
+
+        this.curve = curve;
+        this.glvEndomorphism = glvEndomorphism;
+    }
+
+    protected ECPoint multiplyPositive(ECPoint p, BigInteger k)
+    {
+        if (!curve.equals(p.getCurve()))
+        {
+            throw new IllegalStateException();
+        }
+
+        BigInteger n = p.getCurve().getOrder();
+        BigInteger[] ab = glvEndomorphism.decomposeScalar(k.mod(n));
+        BigInteger a = ab[0], b = ab[1];
+
+        ECPointMap pointMap = glvEndomorphism.getPointMap();
+        if (glvEndomorphism.hasEfficientPointMap())
+        {
+            return ECAlgorithms.implShamirsTrickWNaf(p, a, pointMap, b);
+        }
+
+        return ECAlgorithms.implShamirsTrickWNaf(p, a, pointMap.map(p), b);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/LongArray.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/LongArray.java
new file mode 100644
index 0000000..1820c7e
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/LongArray.java

@@ -0,0 +1,2203 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec;
+
+import com.android.org.bouncycastle.util.Arrays;
+
+import java.math.BigInteger;
+
+class LongArray implements Cloneable
+{
+//    private static long DEINTERLEAVE_MASK = 0x5555555555555555L;
+
+    /*
+     * This expands 8 bit indices into 16 bit contents (high bit 14), by inserting 0s between bits.
+     * In a binary field, this operation is the same as squaring an 8 bit number.
+     * 
+     * NOTE: All entries are positive so sign-extension is not an issue.
+     */
+    private static final short[] INTERLEAVE2_TABLE = new short[]
+    {
+        0x0000, 0x0001, 0x0004, 0x0005, 0x0010, 0x0011, 0x0014, 0x0015,
+        0x0040, 0x0041, 0x0044, 0x0045, 0x0050, 0x0051, 0x0054, 0x0055,
+        0x0100, 0x0101, 0x0104, 0x0105, 0x0110, 0x0111, 0x0114, 0x0115,
+        0x0140, 0x0141, 0x0144, 0x0145, 0x0150, 0x0151, 0x0154, 0x0155,
+        0x0400, 0x0401, 0x0404, 0x0405, 0x0410, 0x0411, 0x0414, 0x0415,
+        0x0440, 0x0441, 0x0444, 0x0445, 0x0450, 0x0451, 0x0454, 0x0455,
+        0x0500, 0x0501, 0x0504, 0x0505, 0x0510, 0x0511, 0x0514, 0x0515,
+        0x0540, 0x0541, 0x0544, 0x0545, 0x0550, 0x0551, 0x0554, 0x0555,
+        0x1000, 0x1001, 0x1004, 0x1005, 0x1010, 0x1011, 0x1014, 0x1015,
+        0x1040, 0x1041, 0x1044, 0x1045, 0x1050, 0x1051, 0x1054, 0x1055,
+        0x1100, 0x1101, 0x1104, 0x1105, 0x1110, 0x1111, 0x1114, 0x1115,
+        0x1140, 0x1141, 0x1144, 0x1145, 0x1150, 0x1151, 0x1154, 0x1155,
+        0x1400, 0x1401, 0x1404, 0x1405, 0x1410, 0x1411, 0x1414, 0x1415,
+        0x1440, 0x1441, 0x1444, 0x1445, 0x1450, 0x1451, 0x1454, 0x1455,
+        0x1500, 0x1501, 0x1504, 0x1505, 0x1510, 0x1511, 0x1514, 0x1515,
+        0x1540, 0x1541, 0x1544, 0x1545, 0x1550, 0x1551, 0x1554, 0x1555,
+        0x4000, 0x4001, 0x4004, 0x4005, 0x4010, 0x4011, 0x4014, 0x4015,
+        0x4040, 0x4041, 0x4044, 0x4045, 0x4050, 0x4051, 0x4054, 0x4055,
+        0x4100, 0x4101, 0x4104, 0x4105, 0x4110, 0x4111, 0x4114, 0x4115,
+        0x4140, 0x4141, 0x4144, 0x4145, 0x4150, 0x4151, 0x4154, 0x4155,
+        0x4400, 0x4401, 0x4404, 0x4405, 0x4410, 0x4411, 0x4414, 0x4415,
+        0x4440, 0x4441, 0x4444, 0x4445, 0x4450, 0x4451, 0x4454, 0x4455,
+        0x4500, 0x4501, 0x4504, 0x4505, 0x4510, 0x4511, 0x4514, 0x4515,
+        0x4540, 0x4541, 0x4544, 0x4545, 0x4550, 0x4551, 0x4554, 0x4555,
+        0x5000, 0x5001, 0x5004, 0x5005, 0x5010, 0x5011, 0x5014, 0x5015,
+        0x5040, 0x5041, 0x5044, 0x5045, 0x5050, 0x5051, 0x5054, 0x5055,
+        0x5100, 0x5101, 0x5104, 0x5105, 0x5110, 0x5111, 0x5114, 0x5115,
+        0x5140, 0x5141, 0x5144, 0x5145, 0x5150, 0x5151, 0x5154, 0x5155,
+        0x5400, 0x5401, 0x5404, 0x5405, 0x5410, 0x5411, 0x5414, 0x5415,
+        0x5440, 0x5441, 0x5444, 0x5445, 0x5450, 0x5451, 0x5454, 0x5455,
+        0x5500, 0x5501, 0x5504, 0x5505, 0x5510, 0x5511, 0x5514, 0x5515,
+        0x5540, 0x5541, 0x5544, 0x5545, 0x5550, 0x5551, 0x5554, 0x5555
+    };
+
+    /*
+     * This expands 7 bit indices into 21 bit contents (high bit 18), by inserting 0s between bits.
+     */
+    private static final int[] INTERLEAVE3_TABLE = new  int[]
+    {
+        0x00000, 0x00001, 0x00008, 0x00009, 0x00040, 0x00041, 0x00048, 0x00049,
+        0x00200, 0x00201, 0x00208, 0x00209, 0x00240, 0x00241, 0x00248, 0x00249,
+        0x01000, 0x01001, 0x01008, 0x01009, 0x01040, 0x01041, 0x01048, 0x01049,
+        0x01200, 0x01201, 0x01208, 0x01209, 0x01240, 0x01241, 0x01248, 0x01249,
+        0x08000, 0x08001, 0x08008, 0x08009, 0x08040, 0x08041, 0x08048, 0x08049,
+        0x08200, 0x08201, 0x08208, 0x08209, 0x08240, 0x08241, 0x08248, 0x08249,
+        0x09000, 0x09001, 0x09008, 0x09009, 0x09040, 0x09041, 0x09048, 0x09049,
+        0x09200, 0x09201, 0x09208, 0x09209, 0x09240, 0x09241, 0x09248, 0x09249,
+        0x40000, 0x40001, 0x40008, 0x40009, 0x40040, 0x40041, 0x40048, 0x40049,
+        0x40200, 0x40201, 0x40208, 0x40209, 0x40240, 0x40241, 0x40248, 0x40249,
+        0x41000, 0x41001, 0x41008, 0x41009, 0x41040, 0x41041, 0x41048, 0x41049,
+        0x41200, 0x41201, 0x41208, 0x41209, 0x41240, 0x41241, 0x41248, 0x41249,
+        0x48000, 0x48001, 0x48008, 0x48009, 0x48040, 0x48041, 0x48048, 0x48049,
+        0x48200, 0x48201, 0x48208, 0x48209, 0x48240, 0x48241, 0x48248, 0x48249,
+        0x49000, 0x49001, 0x49008, 0x49009, 0x49040, 0x49041, 0x49048, 0x49049,
+        0x49200, 0x49201, 0x49208, 0x49209, 0x49240, 0x49241, 0x49248, 0x49249
+    };
+
+    /*
+     * This expands 8 bit indices into 32 bit contents (high bit 28), by inserting 0s between bits.
+     */
+    private static final int[] INTERLEAVE4_TABLE = new int[]
+    {
+        0x00000000, 0x00000001, 0x00000010, 0x00000011, 0x00000100, 0x00000101, 0x00000110, 0x00000111,
+        0x00001000, 0x00001001, 0x00001010, 0x00001011, 0x00001100, 0x00001101, 0x00001110, 0x00001111,
+        0x00010000, 0x00010001, 0x00010010, 0x00010011, 0x00010100, 0x00010101, 0x00010110, 0x00010111,
+        0x00011000, 0x00011001, 0x00011010, 0x00011011, 0x00011100, 0x00011101, 0x00011110, 0x00011111,
+        0x00100000, 0x00100001, 0x00100010, 0x00100011, 0x00100100, 0x00100101, 0x00100110, 0x00100111,
+        0x00101000, 0x00101001, 0x00101010, 0x00101011, 0x00101100, 0x00101101, 0x00101110, 0x00101111,
+        0x00110000, 0x00110001, 0x00110010, 0x00110011, 0x00110100, 0x00110101, 0x00110110, 0x00110111,
+        0x00111000, 0x00111001, 0x00111010, 0x00111011, 0x00111100, 0x00111101, 0x00111110, 0x00111111,
+        0x01000000, 0x01000001, 0x01000010, 0x01000011, 0x01000100, 0x01000101, 0x01000110, 0x01000111,
+        0x01001000, 0x01001001, 0x01001010, 0x01001011, 0x01001100, 0x01001101, 0x01001110, 0x01001111,
+        0x01010000, 0x01010001, 0x01010010, 0x01010011, 0x01010100, 0x01010101, 0x01010110, 0x01010111,
+        0x01011000, 0x01011001, 0x01011010, 0x01011011, 0x01011100, 0x01011101, 0x01011110, 0x01011111,
+        0x01100000, 0x01100001, 0x01100010, 0x01100011, 0x01100100, 0x01100101, 0x01100110, 0x01100111,
+        0x01101000, 0x01101001, 0x01101010, 0x01101011, 0x01101100, 0x01101101, 0x01101110, 0x01101111,
+        0x01110000, 0x01110001, 0x01110010, 0x01110011, 0x01110100, 0x01110101, 0x01110110, 0x01110111,
+        0x01111000, 0x01111001, 0x01111010, 0x01111011, 0x01111100, 0x01111101, 0x01111110, 0x01111111,
+        0x10000000, 0x10000001, 0x10000010, 0x10000011, 0x10000100, 0x10000101, 0x10000110, 0x10000111,
+        0x10001000, 0x10001001, 0x10001010, 0x10001011, 0x10001100, 0x10001101, 0x10001110, 0x10001111,
+        0x10010000, 0x10010001, 0x10010010, 0x10010011, 0x10010100, 0x10010101, 0x10010110, 0x10010111,
+        0x10011000, 0x10011001, 0x10011010, 0x10011011, 0x10011100, 0x10011101, 0x10011110, 0x10011111,
+        0x10100000, 0x10100001, 0x10100010, 0x10100011, 0x10100100, 0x10100101, 0x10100110, 0x10100111,
+        0x10101000, 0x10101001, 0x10101010, 0x10101011, 0x10101100, 0x10101101, 0x10101110, 0x10101111,
+        0x10110000, 0x10110001, 0x10110010, 0x10110011, 0x10110100, 0x10110101, 0x10110110, 0x10110111,
+        0x10111000, 0x10111001, 0x10111010, 0x10111011, 0x10111100, 0x10111101, 0x10111110, 0x10111111,
+        0x11000000, 0x11000001, 0x11000010, 0x11000011, 0x11000100, 0x11000101, 0x11000110, 0x11000111,
+        0x11001000, 0x11001001, 0x11001010, 0x11001011, 0x11001100, 0x11001101, 0x11001110, 0x11001111,
+        0x11010000, 0x11010001, 0x11010010, 0x11010011, 0x11010100, 0x11010101, 0x11010110, 0x11010111,
+        0x11011000, 0x11011001, 0x11011010, 0x11011011, 0x11011100, 0x11011101, 0x11011110, 0x11011111,
+        0x11100000, 0x11100001, 0x11100010, 0x11100011, 0x11100100, 0x11100101, 0x11100110, 0x11100111,
+        0x11101000, 0x11101001, 0x11101010, 0x11101011, 0x11101100, 0x11101101, 0x11101110, 0x11101111,
+        0x11110000, 0x11110001, 0x11110010, 0x11110011, 0x11110100, 0x11110101, 0x11110110, 0x11110111,
+        0x11111000, 0x11111001, 0x11111010, 0x11111011, 0x11111100, 0x11111101, 0x11111110, 0x11111111
+    };
+
+    /*
+     * This expands 7 bit indices into 35 bit contents (high bit 30), by inserting 0s between bits.
+     */
+    private static final int[] INTERLEAVE5_TABLE = new int[] {
+        0x00000000, 0x00000001, 0x00000020, 0x00000021, 0x00000400, 0x00000401, 0x00000420, 0x00000421,
+        0x00008000, 0x00008001, 0x00008020, 0x00008021, 0x00008400, 0x00008401, 0x00008420, 0x00008421,
+        0x00100000, 0x00100001, 0x00100020, 0x00100021, 0x00100400, 0x00100401, 0x00100420, 0x00100421,
+        0x00108000, 0x00108001, 0x00108020, 0x00108021, 0x00108400, 0x00108401, 0x00108420, 0x00108421,
+        0x02000000, 0x02000001, 0x02000020, 0x02000021, 0x02000400, 0x02000401, 0x02000420, 0x02000421,
+        0x02008000, 0x02008001, 0x02008020, 0x02008021, 0x02008400, 0x02008401, 0x02008420, 0x02008421,
+        0x02100000, 0x02100001, 0x02100020, 0x02100021, 0x02100400, 0x02100401, 0x02100420, 0x02100421,
+        0x02108000, 0x02108001, 0x02108020, 0x02108021, 0x02108400, 0x02108401, 0x02108420, 0x02108421,
+        0x40000000, 0x40000001, 0x40000020, 0x40000021, 0x40000400, 0x40000401, 0x40000420, 0x40000421,
+        0x40008000, 0x40008001, 0x40008020, 0x40008021, 0x40008400, 0x40008401, 0x40008420, 0x40008421,
+        0x40100000, 0x40100001, 0x40100020, 0x40100021, 0x40100400, 0x40100401, 0x40100420, 0x40100421,
+        0x40108000, 0x40108001, 0x40108020, 0x40108021, 0x40108400, 0x40108401, 0x40108420, 0x40108421,
+        0x42000000, 0x42000001, 0x42000020, 0x42000021, 0x42000400, 0x42000401, 0x42000420, 0x42000421,
+        0x42008000, 0x42008001, 0x42008020, 0x42008021, 0x42008400, 0x42008401, 0x42008420, 0x42008421,
+        0x42100000, 0x42100001, 0x42100020, 0x42100021, 0x42100400, 0x42100401, 0x42100420, 0x42100421,
+        0x42108000, 0x42108001, 0x42108020, 0x42108021, 0x42108400, 0x42108401, 0x42108420, 0x42108421
+    };
+
+    /*
+     * This expands 9 bit indices into 63 bit (long) contents (high bit 56), by inserting 0s between bits.
+     */
+    private static final long[] INTERLEAVE7_TABLE = new long[]
+    {
+        0x0000000000000000L, 0x0000000000000001L, 0x0000000000000080L, 0x0000000000000081L,
+        0x0000000000004000L, 0x0000000000004001L, 0x0000000000004080L, 0x0000000000004081L,
+        0x0000000000200000L, 0x0000000000200001L, 0x0000000000200080L, 0x0000000000200081L,
+        0x0000000000204000L, 0x0000000000204001L, 0x0000000000204080L, 0x0000000000204081L,
+        0x0000000010000000L, 0x0000000010000001L, 0x0000000010000080L, 0x0000000010000081L,
+        0x0000000010004000L, 0x0000000010004001L, 0x0000000010004080L, 0x0000000010004081L,
+        0x0000000010200000L, 0x0000000010200001L, 0x0000000010200080L, 0x0000000010200081L,
+        0x0000000010204000L, 0x0000000010204001L, 0x0000000010204080L, 0x0000000010204081L,
+        0x0000000800000000L, 0x0000000800000001L, 0x0000000800000080L, 0x0000000800000081L,
+        0x0000000800004000L, 0x0000000800004001L, 0x0000000800004080L, 0x0000000800004081L,
+        0x0000000800200000L, 0x0000000800200001L, 0x0000000800200080L, 0x0000000800200081L,
+        0x0000000800204000L, 0x0000000800204001L, 0x0000000800204080L, 0x0000000800204081L,
+        0x0000000810000000L, 0x0000000810000001L, 0x0000000810000080L, 0x0000000810000081L,
+        0x0000000810004000L, 0x0000000810004001L, 0x0000000810004080L, 0x0000000810004081L,
+        0x0000000810200000L, 0x0000000810200001L, 0x0000000810200080L, 0x0000000810200081L,
+        0x0000000810204000L, 0x0000000810204001L, 0x0000000810204080L, 0x0000000810204081L,
+        0x0000040000000000L, 0x0000040000000001L, 0x0000040000000080L, 0x0000040000000081L,
+        0x0000040000004000L, 0x0000040000004001L, 0x0000040000004080L, 0x0000040000004081L,
+        0x0000040000200000L, 0x0000040000200001L, 0x0000040000200080L, 0x0000040000200081L,
+        0x0000040000204000L, 0x0000040000204001L, 0x0000040000204080L, 0x0000040000204081L,
+        0x0000040010000000L, 0x0000040010000001L, 0x0000040010000080L, 0x0000040010000081L,
+        0x0000040010004000L, 0x0000040010004001L, 0x0000040010004080L, 0x0000040010004081L,
+        0x0000040010200000L, 0x0000040010200001L, 0x0000040010200080L, 0x0000040010200081L,
+        0x0000040010204000L, 0x0000040010204001L, 0x0000040010204080L, 0x0000040010204081L,
+        0x0000040800000000L, 0x0000040800000001L, 0x0000040800000080L, 0x0000040800000081L,
+        0x0000040800004000L, 0x0000040800004001L, 0x0000040800004080L, 0x0000040800004081L,
+        0x0000040800200000L, 0x0000040800200001L, 0x0000040800200080L, 0x0000040800200081L,
+        0x0000040800204000L, 0x0000040800204001L, 0x0000040800204080L, 0x0000040800204081L,
+        0x0000040810000000L, 0x0000040810000001L, 0x0000040810000080L, 0x0000040810000081L,
+        0x0000040810004000L, 0x0000040810004001L, 0x0000040810004080L, 0x0000040810004081L,
+        0x0000040810200000L, 0x0000040810200001L, 0x0000040810200080L, 0x0000040810200081L,
+        0x0000040810204000L, 0x0000040810204001L, 0x0000040810204080L, 0x0000040810204081L,
+        0x0002000000000000L, 0x0002000000000001L, 0x0002000000000080L, 0x0002000000000081L,
+        0x0002000000004000L, 0x0002000000004001L, 0x0002000000004080L, 0x0002000000004081L,
+        0x0002000000200000L, 0x0002000000200001L, 0x0002000000200080L, 0x0002000000200081L,
+        0x0002000000204000L, 0x0002000000204001L, 0x0002000000204080L, 0x0002000000204081L,
+        0x0002000010000000L, 0x0002000010000001L, 0x0002000010000080L, 0x0002000010000081L,
+        0x0002000010004000L, 0x0002000010004001L, 0x0002000010004080L, 0x0002000010004081L,
+        0x0002000010200000L, 0x0002000010200001L, 0x0002000010200080L, 0x0002000010200081L,
+        0x0002000010204000L, 0x0002000010204001L, 0x0002000010204080L, 0x0002000010204081L,
+        0x0002000800000000L, 0x0002000800000001L, 0x0002000800000080L, 0x0002000800000081L,
+        0x0002000800004000L, 0x0002000800004001L, 0x0002000800004080L, 0x0002000800004081L,
+        0x0002000800200000L, 0x0002000800200001L, 0x0002000800200080L, 0x0002000800200081L,
+        0x0002000800204000L, 0x0002000800204001L, 0x0002000800204080L, 0x0002000800204081L,
+        0x0002000810000000L, 0x0002000810000001L, 0x0002000810000080L, 0x0002000810000081L,
+        0x0002000810004000L, 0x0002000810004001L, 0x0002000810004080L, 0x0002000810004081L,
+        0x0002000810200000L, 0x0002000810200001L, 0x0002000810200080L, 0x0002000810200081L,
+        0x0002000810204000L, 0x0002000810204001L, 0x0002000810204080L, 0x0002000810204081L,
+        0x0002040000000000L, 0x0002040000000001L, 0x0002040000000080L, 0x0002040000000081L,
+        0x0002040000004000L, 0x0002040000004001L, 0x0002040000004080L, 0x0002040000004081L,
+        0x0002040000200000L, 0x0002040000200001L, 0x0002040000200080L, 0x0002040000200081L,
+        0x0002040000204000L, 0x0002040000204001L, 0x0002040000204080L, 0x0002040000204081L,
+        0x0002040010000000L, 0x0002040010000001L, 0x0002040010000080L, 0x0002040010000081L,
+        0x0002040010004000L, 0x0002040010004001L, 0x0002040010004080L, 0x0002040010004081L,
+        0x0002040010200000L, 0x0002040010200001L, 0x0002040010200080L, 0x0002040010200081L,
+        0x0002040010204000L, 0x0002040010204001L, 0x0002040010204080L, 0x0002040010204081L,
+        0x0002040800000000L, 0x0002040800000001L, 0x0002040800000080L, 0x0002040800000081L,
+        0x0002040800004000L, 0x0002040800004001L, 0x0002040800004080L, 0x0002040800004081L,
+        0x0002040800200000L, 0x0002040800200001L, 0x0002040800200080L, 0x0002040800200081L,
+        0x0002040800204000L, 0x0002040800204001L, 0x0002040800204080L, 0x0002040800204081L,
+        0x0002040810000000L, 0x0002040810000001L, 0x0002040810000080L, 0x0002040810000081L,
+        0x0002040810004000L, 0x0002040810004001L, 0x0002040810004080L, 0x0002040810004081L,
+        0x0002040810200000L, 0x0002040810200001L, 0x0002040810200080L, 0x0002040810200081L,
+        0x0002040810204000L, 0x0002040810204001L, 0x0002040810204080L, 0x0002040810204081L,
+        0x0100000000000000L, 0x0100000000000001L, 0x0100000000000080L, 0x0100000000000081L,
+        0x0100000000004000L, 0x0100000000004001L, 0x0100000000004080L, 0x0100000000004081L,
+        0x0100000000200000L, 0x0100000000200001L, 0x0100000000200080L, 0x0100000000200081L,
+        0x0100000000204000L, 0x0100000000204001L, 0x0100000000204080L, 0x0100000000204081L,
+        0x0100000010000000L, 0x0100000010000001L, 0x0100000010000080L, 0x0100000010000081L,
+        0x0100000010004000L, 0x0100000010004001L, 0x0100000010004080L, 0x0100000010004081L,
+        0x0100000010200000L, 0x0100000010200001L, 0x0100000010200080L, 0x0100000010200081L,
+        0x0100000010204000L, 0x0100000010204001L, 0x0100000010204080L, 0x0100000010204081L,
+        0x0100000800000000L, 0x0100000800000001L, 0x0100000800000080L, 0x0100000800000081L,
+        0x0100000800004000L, 0x0100000800004001L, 0x0100000800004080L, 0x0100000800004081L,
+        0x0100000800200000L, 0x0100000800200001L, 0x0100000800200080L, 0x0100000800200081L,
+        0x0100000800204000L, 0x0100000800204001L, 0x0100000800204080L, 0x0100000800204081L,
+        0x0100000810000000L, 0x0100000810000001L, 0x0100000810000080L, 0x0100000810000081L,
+        0x0100000810004000L, 0x0100000810004001L, 0x0100000810004080L, 0x0100000810004081L,
+        0x0100000810200000L, 0x0100000810200001L, 0x0100000810200080L, 0x0100000810200081L,
+        0x0100000810204000L, 0x0100000810204001L, 0x0100000810204080L, 0x0100000810204081L,
+        0x0100040000000000L, 0x0100040000000001L, 0x0100040000000080L, 0x0100040000000081L,
+        0x0100040000004000L, 0x0100040000004001L, 0x0100040000004080L, 0x0100040000004081L,
+        0x0100040000200000L, 0x0100040000200001L, 0x0100040000200080L, 0x0100040000200081L,
+        0x0100040000204000L, 0x0100040000204001L, 0x0100040000204080L, 0x0100040000204081L,
+        0x0100040010000000L, 0x0100040010000001L, 0x0100040010000080L, 0x0100040010000081L,
+        0x0100040010004000L, 0x0100040010004001L, 0x0100040010004080L, 0x0100040010004081L,
+        0x0100040010200000L, 0x0100040010200001L, 0x0100040010200080L, 0x0100040010200081L,
+        0x0100040010204000L, 0x0100040010204001L, 0x0100040010204080L, 0x0100040010204081L,
+        0x0100040800000000L, 0x0100040800000001L, 0x0100040800000080L, 0x0100040800000081L,
+        0x0100040800004000L, 0x0100040800004001L, 0x0100040800004080L, 0x0100040800004081L,
+        0x0100040800200000L, 0x0100040800200001L, 0x0100040800200080L, 0x0100040800200081L,
+        0x0100040800204000L, 0x0100040800204001L, 0x0100040800204080L, 0x0100040800204081L,
+        0x0100040810000000L, 0x0100040810000001L, 0x0100040810000080L, 0x0100040810000081L,
+        0x0100040810004000L, 0x0100040810004001L, 0x0100040810004080L, 0x0100040810004081L,
+        0x0100040810200000L, 0x0100040810200001L, 0x0100040810200080L, 0x0100040810200081L,
+        0x0100040810204000L, 0x0100040810204001L, 0x0100040810204080L, 0x0100040810204081L,
+        0x0102000000000000L, 0x0102000000000001L, 0x0102000000000080L, 0x0102000000000081L,
+        0x0102000000004000L, 0x0102000000004001L, 0x0102000000004080L, 0x0102000000004081L,
+        0x0102000000200000L, 0x0102000000200001L, 0x0102000000200080L, 0x0102000000200081L,
+        0x0102000000204000L, 0x0102000000204001L, 0x0102000000204080L, 0x0102000000204081L,
+        0x0102000010000000L, 0x0102000010000001L, 0x0102000010000080L, 0x0102000010000081L,
+        0x0102000010004000L, 0x0102000010004001L, 0x0102000010004080L, 0x0102000010004081L,
+        0x0102000010200000L, 0x0102000010200001L, 0x0102000010200080L, 0x0102000010200081L,
+        0x0102000010204000L, 0x0102000010204001L, 0x0102000010204080L, 0x0102000010204081L,
+        0x0102000800000000L, 0x0102000800000001L, 0x0102000800000080L, 0x0102000800000081L,
+        0x0102000800004000L, 0x0102000800004001L, 0x0102000800004080L, 0x0102000800004081L,
+        0x0102000800200000L, 0x0102000800200001L, 0x0102000800200080L, 0x0102000800200081L,
+        0x0102000800204000L, 0x0102000800204001L, 0x0102000800204080L, 0x0102000800204081L,
+        0x0102000810000000L, 0x0102000810000001L, 0x0102000810000080L, 0x0102000810000081L,
+        0x0102000810004000L, 0x0102000810004001L, 0x0102000810004080L, 0x0102000810004081L,
+        0x0102000810200000L, 0x0102000810200001L, 0x0102000810200080L, 0x0102000810200081L,
+        0x0102000810204000L, 0x0102000810204001L, 0x0102000810204080L, 0x0102000810204081L,
+        0x0102040000000000L, 0x0102040000000001L, 0x0102040000000080L, 0x0102040000000081L,
+        0x0102040000004000L, 0x0102040000004001L, 0x0102040000004080L, 0x0102040000004081L,
+        0x0102040000200000L, 0x0102040000200001L, 0x0102040000200080L, 0x0102040000200081L,
+        0x0102040000204000L, 0x0102040000204001L, 0x0102040000204080L, 0x0102040000204081L,
+        0x0102040010000000L, 0x0102040010000001L, 0x0102040010000080L, 0x0102040010000081L,
+        0x0102040010004000L, 0x0102040010004001L, 0x0102040010004080L, 0x0102040010004081L,
+        0x0102040010200000L, 0x0102040010200001L, 0x0102040010200080L, 0x0102040010200081L,
+        0x0102040010204000L, 0x0102040010204001L, 0x0102040010204080L, 0x0102040010204081L,
+        0x0102040800000000L, 0x0102040800000001L, 0x0102040800000080L, 0x0102040800000081L,
+        0x0102040800004000L, 0x0102040800004001L, 0x0102040800004080L, 0x0102040800004081L,
+        0x0102040800200000L, 0x0102040800200001L, 0x0102040800200080L, 0x0102040800200081L,
+        0x0102040800204000L, 0x0102040800204001L, 0x0102040800204080L, 0x0102040800204081L,
+        0x0102040810000000L, 0x0102040810000001L, 0x0102040810000080L, 0x0102040810000081L,
+        0x0102040810004000L, 0x0102040810004001L, 0x0102040810004080L, 0x0102040810004081L,
+        0x0102040810200000L, 0x0102040810200001L, 0x0102040810200080L, 0x0102040810200081L,
+        0x0102040810204000L, 0x0102040810204001L, 0x0102040810204080L, 0x0102040810204081L
+    };
+
+    // For toString(); must have length 64
+    private static final String ZEROES = "0000000000000000000000000000000000000000000000000000000000000000";
+
+    final static byte[] bitLengths =
+    {
+        0, 1, 2, 2, 3, 3, 3, 3, 4, 4, 4, 4, 4, 4, 4, 4,
+        5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5, 5,
+        6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
+        6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6, 6,
+        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
+        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
+        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
+        7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7, 7,
+        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8,
+        8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8, 8
+    };
+
+    // TODO make m fixed for the LongArray, and hence compute T once and for all
+
+    private long[] m_ints;
+
+    public LongArray(int intLen)
+    {
+        m_ints = new long[intLen];
+    }
+
+    public LongArray(long[] ints)
+    {
+        m_ints = ints;
+    }
+
+    public LongArray(long[] ints, int off, int len)
+    {
+        if (off == 0 && len == ints.length)
+        {
+            m_ints = ints;
+        }
+        else
+        {
+            m_ints = new long[len];
+            System.arraycopy(ints, off, m_ints, 0, len);
+        }
+    }
+
+    public LongArray(BigInteger bigInt)
+    {
+        if (bigInt == null || bigInt.signum() < 0)
+        {
+            throw new IllegalArgumentException("invalid F2m field value");
+        }
+
+        if (bigInt.signum() == 0)
+        {
+            m_ints = new long[] { 0L };
+            return;
+        }
+
+        byte[] barr = bigInt.toByteArray();
+        int barrLen = barr.length;
+        int barrStart = 0;
+        if (barr[0] == 0)
+        {
+            // First byte is 0 to enforce highest (=sign) bit is zero.
+            // In this case ignore barr[0].
+            barrLen--;
+            barrStart = 1;
+        }
+        int intLen = (barrLen + 7) / 8;
+        m_ints = new long[intLen];
+
+        int iarrJ = intLen - 1;
+        int rem = barrLen % 8 + barrStart;
+        long temp = 0;
+        int barrI = barrStart;
+        if (barrStart < rem)
+        {
+            for (; barrI < rem; barrI++)
+            {
+                temp <<= 8;
+                int barrBarrI = barr[barrI] & 0xFF;
+                temp |= barrBarrI;
+            }
+            m_ints[iarrJ--] = temp;
+        }
+
+        for (; iarrJ >= 0; iarrJ--)
+        {
+            temp = 0;
+            for (int i = 0; i < 8; i++)
+            {
+                temp <<= 8;
+                int barrBarrI = barr[barrI++] & 0xFF;
+                temp |= barrBarrI;
+            }
+            m_ints[iarrJ] = temp;
+        }
+    }
+
+    void copyTo(long[] z, int zOff)
+    {
+        System.arraycopy(m_ints, 0, z, zOff, m_ints.length);
+    }
+
+    public boolean isOne()
+    {
+        long[] a = m_ints;
+        if (a[0] != 1L)
+        {
+            return false;
+        }
+        for (int i = 1; i < a.length; ++i)
+        {
+            if (a[i] != 0L)
+            {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    public boolean isZero()
+    {
+        long[] a = m_ints;
+        for (int i = 0; i < a.length; ++i)
+        {
+            if (a[i] != 0L)
+            {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    public int getUsedLength()
+    {
+        return getUsedLengthFrom(m_ints.length);
+    }
+
+    public int getUsedLengthFrom(int from)
+    {
+        long[] a = m_ints;
+        from = Math.min(from, a.length);
+
+        if (from < 1)
+        {
+            return 0;
+        }
+
+        // Check if first element will act as sentinel
+        if (a[0] != 0)
+        {
+            while (a[--from] == 0)
+            {
+            }
+            return from + 1;
+        }
+
+        do
+        {
+            if (a[--from] != 0)
+            {
+                return from + 1;
+            }
+        }
+        while (from > 0);
+
+        return 0;
+    }
+
+    public int degree()
+    {
+        int i = m_ints.length;
+        long w;
+        do
+        {
+            if (i == 0)
+            {
+                return 0;
+            }
+            w = m_ints[--i];
+        }
+        while (w == 0);
+
+        return (i << 6) + bitLength(w);
+    }
+
+    private int degreeFrom(int limit)
+    {
+        int i = (limit + 62) >>> 6;
+        long w;
+        do
+        {
+            if (i == 0)
+            {
+                return 0;
+            }
+            w = m_ints[--i];
+        }
+        while (w == 0);
+
+        return (i << 6) + bitLength(w);
+    }
+
+//    private int lowestCoefficient()
+//    {
+//        for (int i = 0; i < m_ints.length; ++i)
+//        {
+//            long mi = m_ints[i];
+//            if (mi != 0)
+//            {
+//                int j = 0;
+//                while ((mi & 0xFFL) == 0)
+//                {
+//                    j += 8;
+//                    mi >>>= 8;
+//                }
+//                while ((mi & 1L) == 0)
+//                {
+//                    ++j;
+//                    mi >>>= 1;
+//                }
+//                return (i << 6) + j;
+//            }
+//        }
+//        return -1;
+//    }
+
+    private static int bitLength(long w)
+    {
+        int u = (int)(w >>> 32), b;
+        if (u == 0)
+        {
+            u = (int)w;
+            b = 0;
+        }
+        else
+        {
+            b = 32;
+        }
+
+        int t = u >>> 16, k;
+        if (t == 0)
+        {
+            t = u >>> 8;
+            k = (t == 0) ? bitLengths[u] : 8 + bitLengths[t];
+        }
+        else
+        {
+            int v = t >>> 8;
+            k = (v == 0) ? 16 + bitLengths[t] : 24 + bitLengths[v];
+        }
+
+        return b + k;
+    }
+
+    private long[] resizedInts(int newLen)
+    {
+        long[] newInts = new long[newLen];
+        System.arraycopy(m_ints, 0, newInts, 0, Math.min(m_ints.length, newLen));
+        return newInts;
+    }
+
+    public BigInteger toBigInteger()
+    {
+        int usedLen = getUsedLength();
+        if (usedLen == 0)
+        {
+            return ECConstants.ZERO;
+        }
+
+        long highestInt = m_ints[usedLen - 1];
+        byte[] temp = new byte[8];
+        int barrI = 0;
+        boolean trailingZeroBytesDone = false;
+        for (int j = 7; j >= 0; j--)
+        {
+            byte thisByte = (byte)(highestInt >>> (8 * j));
+            if (trailingZeroBytesDone || (thisByte != 0))
+            {
+                trailingZeroBytesDone = true;
+                temp[barrI++] = thisByte;
+            }
+        }
+
+        int barrLen = 8 * (usedLen - 1) + barrI;
+        byte[] barr = new byte[barrLen];
+        for (int j = 0; j < barrI; j++)
+        {
+            barr[j] = temp[j];
+        }
+        // Highest value int is done now
+
+        for (int iarrJ = usedLen - 2; iarrJ >= 0; iarrJ--)
+        {
+            long mi = m_ints[iarrJ];
+            for (int j = 7; j >= 0; j--)
+            {
+                barr[barrI++] = (byte)(mi >>> (8 * j));
+            }
+        }
+        return new BigInteger(1, barr);
+    }
+
+//    private static long shiftUp(long[] x, int xOff, int count)
+//    {
+//        long prev = 0;
+//        for (int i = 0; i < count; ++i)
+//        {
+//            long next = x[xOff + i];
+//            x[xOff + i] = (next << 1) | prev;
+//            prev = next >>> 63;
+//        }
+//        return prev;
+//    }
+
+    private static long shiftUp(long[] x, int xOff, int count, int shift)
+    {
+        int shiftInv = 64 - shift;
+        long prev = 0;
+        for (int i = 0; i < count; ++i)
+        {
+            long next = x[xOff + i];
+            x[xOff + i] = (next << shift) | prev;
+            prev = next >>> shiftInv;
+        }
+        return prev;
+    }
+
+    private static long shiftUp(long[] x, int xOff, long[] z, int zOff, int count, int shift)
+    {
+        int shiftInv = 64 - shift;
+        long prev = 0;
+        for (int i = 0; i < count; ++i)
+        {
+            long next = x[xOff + i];
+            z[zOff + i] = (next << shift) | prev;
+            prev = next >>> shiftInv;
+        }
+        return prev;
+    }
+
+    public LongArray addOne()
+    {
+        if (m_ints.length == 0)
+        {
+            return new LongArray(new long[]{ 1L });
+        }
+
+        int resultLen = Math.max(1, getUsedLength());
+        long[] ints = resizedInts(resultLen);
+        ints[0] ^= 1L;
+        return new LongArray(ints);
+    }
+
+//    private void addShiftedByBits(LongArray other, int bits)
+//    {
+//        int words = bits >>> 6;
+//        int shift = bits & 0x3F;
+//
+//        if (shift == 0)
+//        {
+//            addShiftedByWords(other, words);
+//            return;
+//        }
+//
+//        int otherUsedLen = other.getUsedLength();
+//        if (otherUsedLen == 0)
+//        {
+//            return;
+//        }
+//
+//        int minLen = otherUsedLen + words + 1;
+//        if (minLen > m_ints.length)
+//        {
+//            m_ints = resizedInts(minLen);
+//        }
+//
+//        long carry = addShiftedByBits(m_ints, words, other.m_ints, 0, otherUsedLen, shift);
+//        m_ints[otherUsedLen + words] ^= carry;
+//    }
+
+    private void addShiftedByBitsSafe(LongArray other, int otherDegree, int bits)
+    {
+        int otherLen = (otherDegree + 63) >>> 6;
+
+        int words = bits >>> 6;
+        int shift = bits & 0x3F;
+
+        if (shift == 0)
+        {
+            add(m_ints, words, other.m_ints, 0, otherLen);
+            return;
+        }
+
+        long carry = addShiftedUp(m_ints, words, other.m_ints, 0, otherLen, shift);
+        if (carry != 0L)
+        {
+            m_ints[otherLen + words] ^= carry;
+        }
+    }
+
+    private static long addShiftedUp(long[] x, int xOff, long[] y, int yOff, int count, int shift)
+    {
+        int shiftInv = 64 - shift;
+        long prev = 0;
+        for (int i = 0; i < count; ++i)
+        {
+            long next = y[yOff + i];
+            x[xOff + i] ^= (next << shift) | prev;
+            prev = next >>> shiftInv;
+        }
+        return prev;
+    }
+
+    private static long addShiftedDown(long[] x, int xOff, long[] y, int yOff, int count, int shift)
+    {
+        int shiftInv = 64 - shift;
+        long prev = 0;
+        int i = count;
+        while (--i >= 0)
+        {
+            long next = y[yOff + i];
+            x[xOff + i] ^= (next >>> shift) | prev;
+            prev = next << shiftInv;
+        }
+        return prev;
+    }
+
+    public void addShiftedByWords(LongArray other, int words)
+    {
+        int otherUsedLen = other.getUsedLength();
+        if (otherUsedLen == 0)
+        {
+            return;
+        }
+
+        int minLen = otherUsedLen + words;
+        if (minLen > m_ints.length)
+        {
+            m_ints = resizedInts(minLen);
+        }
+
+        add(m_ints, words, other.m_ints, 0, otherUsedLen);
+    }
+
+    private static void add(long[] x, int xOff, long[] y, int yOff, int count)
+    {
+        for (int i = 0; i < count; ++i)
+        {
+            x[xOff + i] ^= y[yOff + i];
+        }
+    }
+
+    private static void add(long[] x, int xOff, long[] y, int yOff, long[] z, int zOff, int count)
+    {
+        for (int i = 0; i < count; ++i)
+        {
+            z[zOff + i] = x[xOff + i] ^ y[yOff + i];
+        }
+    }
+
+    private static void addBoth(long[] x, int xOff, long[] y1, int y1Off, long[] y2, int y2Off, int count)
+    {
+        for (int i = 0; i < count; ++i)
+        {
+            x[xOff + i] ^= y1[y1Off + i] ^ y2[y2Off + i];
+        }
+    }
+
+    private static void distribute(long[] x, int src, int dst1, int dst2, int count)
+    {
+        for (int i = 0; i < count; ++i)
+        {
+            long v = x[src + i];
+            x[dst1 + i] ^= v;
+            x[dst2 + i] ^= v;
+        }
+    }
+
+    public int getLength()
+    {
+        return m_ints.length;
+    }
+
+    private static void flipWord(long[] buf, int off, int bit, long word)
+    {
+        int n = off + (bit >>> 6);
+        int shift = bit & 0x3F;
+        if (shift == 0)
+        {
+            buf[n] ^= word;
+        }
+        else
+        {
+            buf[n] ^= word << shift;
+            word >>>= (64 - shift);
+            if (word != 0)
+            {
+                buf[++n] ^= word;
+            }
+        }
+    }
+
+//    private static long getWord(long[] buf, int off, int len, int bit)
+//    {
+//        int n = off + (bit >>> 6);
+//        int shift = bit & 0x3F;
+//        if (shift == 0)
+//        {
+//            return buf[n];
+//        }
+//        long result = buf[n] >>> shift;
+//        if (++n < len)
+//        {
+//            result |= buf[n] << (64 - shift);
+//        }
+//        return result;
+//    }
+
+    public boolean testBitZero()
+    {
+        return m_ints.length > 0 && (m_ints[0] & 1L) != 0;
+    }
+
+    private static boolean testBit(long[] buf, int off, int n)
+    {
+        // theInt = n / 64
+        int theInt = n >>> 6;
+        // theBit = n % 64
+        int theBit = n & 0x3F;
+        long tester = 1L << theBit;
+        return (buf[off + theInt] & tester) != 0;
+    }
+
+    private static void flipBit(long[] buf, int off, int n)
+    {
+        // theInt = n / 64
+        int theInt = n >>> 6;
+        // theBit = n % 64
+        int theBit = n & 0x3F;
+        long flipper = 1L << theBit;
+        buf[off + theInt] ^= flipper;
+    }
+
+//    private static void setBit(long[] buf, int off, int n)
+//    {
+//        // theInt = n / 64
+//        int theInt = n >>> 6;
+//        // theBit = n % 64
+//        int theBit = n & 0x3F;
+//        long setter = 1L << theBit;
+//        buf[off + theInt] |= setter;
+//    }
+//
+//    private static void clearBit(long[] buf, int off, int n)
+//    {
+//        // theInt = n / 64
+//        int theInt = n >>> 6;
+//        // theBit = n % 64
+//        int theBit = n & 0x3F;
+//        long setter = 1L << theBit;
+//        buf[off + theInt] &= ~setter;
+//    }
+
+    private static void multiplyWord(long a, long[] b, int bLen, long[] c, int cOff)
+    {
+        if ((a & 1L) != 0L)
+        {
+            add(c, cOff, b, 0, bLen);
+        }
+        int k = 1;
+        while ((a >>>= 1) != 0L)
+        {
+            if ((a & 1L) != 0L)
+            {
+                long carry = addShiftedUp(c, cOff, b, 0, bLen, k);
+                if (carry != 0L)
+                {
+                    c[cOff + bLen] ^= carry;
+                }
+            }
+            ++k;
+        }
+    }
+
+    public LongArray modMultiplyLD(LongArray other, int m, int[] ks)
+    {
+        /*
+         * Find out the degree of each argument and handle the zero cases
+         */
+        int aDeg = degree();
+        if (aDeg == 0)
+        {
+            return this;
+        }
+        int bDeg = other.degree();
+        if (bDeg == 0)
+        {
+            return other;
+        }
+
+        /*
+         * Swap if necessary so that A is the smaller argument
+         */
+        LongArray A = this, B = other;
+        if (aDeg > bDeg)
+        {
+            A = other; B = this;
+            int tmp = aDeg; aDeg = bDeg; bDeg = tmp;
+        }
+
+        /*
+         * Establish the word lengths of the arguments and result
+         */
+        int aLen = (aDeg + 63) >>> 6;
+        int bLen = (bDeg + 63) >>> 6;
+        int cLen = (aDeg + bDeg + 62) >>> 6;
+
+        if (aLen == 1)
+        {
+            long a0 = A.m_ints[0];
+            if (a0 == 1L)
+            {
+                return B;
+            }
+
+            /*
+             * Fast path for small A, with performance dependent only on the number of set bits
+             */
+            long[] c0 = new long[cLen];
+            multiplyWord(a0, B.m_ints, bLen, c0, 0);
+
+            /*
+             * Reduce the raw answer against the reduction coefficients
+             */
+            return reduceResult(c0, 0, cLen, m, ks);
+        }
+
+        /*
+         * Determine if B will get bigger during shifting
+         */
+        int bMax = (bDeg + 7 + 63) >>> 6;
+
+        /*
+         * Lookup table for the offset of each B in the tables
+         */
+        int[] ti = new int[16];
+
+        /*
+         * Precompute table of all 4-bit products of B
+         */
+        long[] T0 = new long[bMax << 4];
+        int tOff = bMax;
+        ti[1] = tOff;
+        System.arraycopy(B.m_ints, 0, T0, tOff, bLen);
+        for (int i = 2; i < 16; ++i)
+        {
+            ti[i] = (tOff += bMax);
+            if ((i & 1) == 0)
+            {
+                shiftUp(T0, tOff >>> 1, T0, tOff, bMax, 1);
+            }
+            else
+            {
+                add(T0, bMax, T0, tOff - bMax, T0, tOff, bMax);
+            }
+        }
+
+        /*
+         * Second table with all 4-bit products of B shifted 4 bits
+         */
+        long[] T1 = new long[T0.length];
+        shiftUp(T0, 0, T1, 0, T0.length, 4);
+//        shiftUp(T0, bMax, T1, bMax, tOff, 4);
+
+        long[] a = A.m_ints;
+        long[] c = new long[cLen];
+
+        int MASK = 0xF;
+
+        /*
+         * Lopez-Dahab algorithm
+         */
+
+        for (int k = 56; k >= 0; k -= 8)
+        {
+            for (int j = 1; j < aLen; j += 2)
+            {
+                int aVal = (int)(a[j] >>> k);
+                int u = aVal & MASK;
+                int v = (aVal >>> 4) & MASK;
+                addBoth(c, j - 1, T0, ti[u], T1, ti[v], bMax);
+            }
+            shiftUp(c, 0, cLen, 8);
+        }
+
+        for (int k = 56; k >= 0; k -= 8)
+        {
+            for (int j = 0; j < aLen; j += 2)
+            {
+                int aVal = (int)(a[j] >>> k);
+                int u = aVal & MASK;
+                int v = (aVal >>> 4) & MASK;
+                addBoth(c, j, T0, ti[u], T1, ti[v], bMax);
+            }
+            if (k > 0)
+            {
+                shiftUp(c, 0, cLen, 8);
+            }
+        }
+
+        /*
+         * Finally the raw answer is collected, reduce it against the reduction coefficients
+         */
+        return reduceResult(c, 0, cLen, m, ks);
+    }
+
+    public LongArray modMultiply(LongArray other, int m, int[] ks)
+    {
+        /*
+         * Find out the degree of each argument and handle the zero cases
+         */
+        int aDeg = degree();
+        if (aDeg == 0)
+        {
+            return this;
+        }
+        int bDeg = other.degree();
+        if (bDeg == 0)
+        {
+            return other;
+        }
+
+        /*
+         * Swap if necessary so that A is the smaller argument
+         */
+        LongArray A = this, B = other;
+        if (aDeg > bDeg)
+        {
+            A = other; B = this;
+            int tmp = aDeg; aDeg = bDeg; bDeg = tmp;
+        }
+
+        /*
+         * Establish the word lengths of the arguments and result
+         */
+        int aLen = (aDeg + 63) >>> 6;
+        int bLen = (bDeg + 63) >>> 6;
+        int cLen = (aDeg + bDeg + 62) >>> 6;
+
+        if (aLen == 1)
+        {
+            long a0 = A.m_ints[0];
+            if (a0 == 1L)
+            {
+                return B;
+            }
+
+            /*
+             * Fast path for small A, with performance dependent only on the number of set bits
+             */
+            long[] c0 = new long[cLen];
+            multiplyWord(a0, B.m_ints, bLen, c0, 0);
+
+            /*
+             * Reduce the raw answer against the reduction coefficients
+             */
+            return reduceResult(c0, 0, cLen, m, ks);
+        }
+
+        /*
+         * Determine if B will get bigger during shifting
+         */
+        int bMax = (bDeg + 7 + 63) >>> 6;
+
+        /*
+         * Lookup table for the offset of each B in the tables
+         */
+        int[] ti = new int[16];
+
+        /*
+         * Precompute table of all 4-bit products of B
+         */
+        long[] T0 = new long[bMax << 4];
+        int tOff = bMax;
+        ti[1] = tOff;
+        System.arraycopy(B.m_ints, 0, T0, tOff, bLen);
+        for (int i = 2; i < 16; ++i)
+        {
+            ti[i] = (tOff += bMax);
+            if ((i & 1) == 0)
+            {
+                shiftUp(T0, tOff >>> 1, T0, tOff, bMax, 1);
+            }
+            else
+            {
+                add(T0, bMax, T0, tOff - bMax, T0, tOff, bMax);
+            }
+        }
+
+        /*
+         * Second table with all 4-bit products of B shifted 4 bits
+         */
+        long[] T1 = new long[T0.length];
+        shiftUp(T0, 0, T1, 0, T0.length, 4);
+//        shiftUp(T0, bMax, T1, bMax, tOff, 4);
+
+        long[] a = A.m_ints;
+        long[] c = new long[cLen << 3];
+
+        int MASK = 0xF;
+
+        /*
+         * Lopez-Dahab (Modified) algorithm
+         */
+
+        for (int aPos = 0; aPos < aLen; ++aPos)
+        {
+            long aVal = a[aPos];
+            int cOff = aPos;
+            for (;;)
+            {
+                int u = (int)aVal & MASK;
+                aVal >>>= 4;
+                int v = (int)aVal & MASK;
+                addBoth(c, cOff, T0, ti[u], T1, ti[v], bMax);
+                aVal >>>= 4;
+                if (aVal == 0L)
+                {
+                    break;
+                }
+                cOff += cLen;
+            }
+        }
+
+        {
+            int cOff = c.length;
+            while ((cOff -= cLen) != 0)
+            {
+                addShiftedUp(c, cOff - cLen, c, cOff, cLen, 8);
+            }
+        }
+
+        /*
+         * Finally the raw answer is collected, reduce it against the reduction coefficients
+         */
+        return reduceResult(c, 0, cLen, m, ks);
+    }
+
+    public LongArray modMultiplyAlt(LongArray other, int m, int[] ks)
+    {
+        /*
+         * Find out the degree of each argument and handle the zero cases
+         */
+        int aDeg = degree();
+        if (aDeg == 0)
+        {
+            return this;
+        }
+        int bDeg = other.degree();
+        if (bDeg == 0)
+        {
+            return other;
+        }
+
+        /*
+         * Swap if necessary so that A is the smaller argument
+         */
+        LongArray A = this, B = other;
+        if (aDeg > bDeg)
+        {
+            A = other; B = this;
+            int tmp = aDeg; aDeg = bDeg; bDeg = tmp;
+        }
+
+        /*
+         * Establish the word lengths of the arguments and result
+         */
+        int aLen = (aDeg + 63) >>> 6;
+        int bLen = (bDeg + 63) >>> 6;
+        int cLen = (aDeg + bDeg + 62) >>> 6;
+
+        if (aLen == 1)
+        {
+            long a0 = A.m_ints[0];
+            if (a0 == 1L)
+            {
+                return B;
+            }
+
+            /*
+             * Fast path for small A, with performance dependent only on the number of set bits
+             */
+            long[] c0 = new long[cLen];
+            multiplyWord(a0, B.m_ints, bLen, c0, 0);
+
+            /*
+             * Reduce the raw answer against the reduction coefficients
+             */
+            return reduceResult(c0, 0, cLen, m, ks);
+        }
+
+        // NOTE: This works, but is slower than width 4 processing
+//        if (aLen == 2)
+//        {
+//            /*
+//             * Use common-multiplicand optimization to save ~1/4 of the adds
+//             */
+//            long a1 = A.m_ints[0], a2 = A.m_ints[1];
+//            long aa = a1 & a2; a1 ^= aa; a2 ^= aa;
+//
+//            long[] b = B.m_ints;
+//            long[] c = new long[cLen];
+//            multiplyWord(aa, b, bLen, c, 1);
+//            add(c, 0, c, 1, cLen - 1);
+//            multiplyWord(a1, b, bLen, c, 0);
+//            multiplyWord(a2, b, bLen, c, 1);
+//
+//            /*
+//             * Reduce the raw answer against the reduction coefficients
+//             */
+//            return reduceResult(c, 0, cLen, m, ks);
+//        }
+
+        /*
+         * Determine the parameters of the interleaved window algorithm: the 'width' in bits to
+         * process together, the number of evaluation 'positions' implied by that width, and the
+         * 'top' position at which the regular window algorithm stops.
+         */
+        int width, positions, top, banks;
+
+        // NOTE: width 4 is the fastest over the entire range of sizes used in current crypto 
+//        width = 1; positions = 64; top = 64; banks = 4;
+//        width = 2; positions = 32; top = 64; banks = 4;
+//        width = 3; positions = 21; top = 63; banks = 3;
+        width = 4; positions = 16; top = 64; banks = 8;
+//        width = 5; positions = 13; top = 65; banks = 7;
+//        width = 7; positions = 9; top = 63; banks = 9;
+//        width = 8; positions = 8; top = 64; banks = 8;
+
+        /*
+         * Determine if B will get bigger during shifting
+         */
+        int shifts = top < 64 ? positions : positions - 1;
+        int bMax = (bDeg + shifts + 63) >>> 6;
+
+        int bTotal = bMax * banks, stride = width * banks;
+
+        /*
+         * Create a single temporary buffer, with an offset table to find the positions of things in it 
+         */
+        int[] ci = new int[1 << width];
+        int cTotal = aLen;
+        {
+            ci[0] = cTotal;
+            cTotal += bTotal;
+            ci[1] = cTotal;
+            for (int i = 2; i < ci.length; ++i)
+            {
+                cTotal += cLen;
+                ci[i] = cTotal;
+            }
+            cTotal += cLen;
+        }
+        // NOTE: Provide a safe dump for "high zeroes" since we are adding 'bMax' and not 'bLen'
+        ++cTotal;
+
+        long[] c = new long[cTotal];
+
+        // Prepare A in interleaved form, according to the chosen width
+        interleave(A.m_ints, 0, c, 0, aLen, width);
+
+        // Make a working copy of B, since we will be shifting it
+        {
+            int bOff = aLen;
+            System.arraycopy(B.m_ints, 0, c, bOff, bLen);
+            for (int bank = 1; bank < banks; ++bank)
+            {
+                shiftUp(c, aLen, c, bOff += bMax, bMax, bank);
+            }
+        }
+
+        /*
+         * The main loop analyzes the interleaved windows in A, and for each non-zero window
+         * a single word-array XOR is performed to a carefully selected slice of 'c'. The loop is
+         * breadth-first, checking the lowest window in each word, then looping again for the
+         * next higher window position.
+         */
+        int MASK = (1 << width) - 1;
+
+        int k = 0;
+        for (;;)
+        {
+            int aPos = 0;
+            do
+            {
+                long aVal = c[aPos] >>> k;
+                int bank = 0, bOff = aLen;
+                for (;;)
+                {
+                    int index = (int)(aVal) & MASK;
+                    if (index != 0)
+                    {
+                        /*
+                         * Add to a 'c' buffer based on the bit-pattern of 'index'. Since A is in
+                         * interleaved form, the bits represent the current B shifted by 0, 'positions',
+                         * 'positions' * 2, ..., 'positions' * ('width' - 1)
+                         */
+                        add(c, aPos + ci[index], c, bOff, bMax);
+                    }
+                    if (++bank == banks)
+                    {
+                        break;
+                    }
+                    bOff += bMax;
+                    aVal >>>= width;
+                }
+            }
+            while (++aPos < aLen);
+
+            if ((k += stride) >= top)
+            {
+                if (k >= 64)
+                {
+                    break;
+                }
+
+                /*
+                 * Adjustment for window setups with top == 63, the final bit (if any) is processed
+                 * as the top-bit of a window
+                 */
+                k = 64 - width;
+                MASK &= MASK << (top - k);
+            }
+
+            /*
+             * After each position has been checked for all words of A, B is shifted up 1 place
+             */
+            shiftUp(c, aLen, bTotal, banks);
+        }
+
+        int ciPos = ci.length;
+        while (--ciPos > 1)
+        {
+            if ((ciPos & 1L) == 0L)
+            {
+                /*
+                 * For even numbers, shift contents and add to the half-position
+                 */
+                addShiftedUp(c, ci[ciPos >>> 1], c, ci[ciPos], cLen, positions);
+            }
+            else
+            {
+                /*
+                 * For odd numbers, 'distribute' contents to the result and the next-lowest position
+                 */
+                distribute(c, ci[ciPos], ci[ciPos - 1], ci[1], cLen);
+            }
+        }
+
+        /*
+         * Finally the raw answer is collected, reduce it against the reduction coefficients
+         */
+        return reduceResult(c, ci[1], cLen, m, ks);
+    }
+
+    public LongArray modReduce(int m, int[] ks)
+    {
+        long[] buf = Arrays.clone(m_ints);
+        int rLen = reduceInPlace(buf, 0, buf.length, m, ks);
+        return new LongArray(buf, 0, rLen);
+    }
+
+    public LongArray multiply(LongArray other, int m, int[] ks)
+    {
+        /*
+         * Find out the degree of each argument and handle the zero cases
+         */
+        int aDeg = degree();
+        if (aDeg == 0)
+        {
+            return this;
+        }
+        int bDeg = other.degree();
+        if (bDeg == 0)
+        {
+            return other;
+        }
+
+        /*
+         * Swap if necessary so that A is the smaller argument
+         */
+        LongArray A = this, B = other;
+        if (aDeg > bDeg)
+        {
+            A = other; B = this;
+            int tmp = aDeg; aDeg = bDeg; bDeg = tmp;
+        }
+
+        /*
+         * Establish the word lengths of the arguments and result
+         */
+        int aLen = (aDeg + 63) >>> 6;
+        int bLen = (bDeg + 63) >>> 6;
+        int cLen = (aDeg + bDeg + 62) >>> 6;
+
+        if (aLen == 1)
+        {
+            long a0 = A.m_ints[0];
+            if (a0 == 1L)
+            {
+                return B;
+            }
+
+            /*
+             * Fast path for small A, with performance dependent only on the number of set bits
+             */
+            long[] c0 = new long[cLen];
+            multiplyWord(a0, B.m_ints, bLen, c0, 0);
+
+            /*
+             * Reduce the raw answer against the reduction coefficients
+             */
+//            return reduceResult(c0, 0, cLen, m, ks);
+            return new LongArray(c0, 0, cLen);
+        }
+
+        /*
+         * Determine if B will get bigger during shifting
+         */
+        int bMax = (bDeg + 7 + 63) >>> 6;
+
+        /*
+         * Lookup table for the offset of each B in the tables
+         */
+        int[] ti = new int[16];
+
+        /*
+         * Precompute table of all 4-bit products of B
+         */
+        long[] T0 = new long[bMax << 4];
+        int tOff = bMax;
+        ti[1] = tOff;
+        System.arraycopy(B.m_ints, 0, T0, tOff, bLen);
+        for (int i = 2; i < 16; ++i)
+        {
+            ti[i] = (tOff += bMax);
+            if ((i & 1) == 0)
+            {
+                shiftUp(T0, tOff >>> 1, T0, tOff, bMax, 1);
+            }
+            else
+            {
+                add(T0, bMax, T0, tOff - bMax, T0, tOff, bMax);
+            }
+        }
+
+        /*
+         * Second table with all 4-bit products of B shifted 4 bits
+         */
+        long[] T1 = new long[T0.length];
+        shiftUp(T0, 0, T1, 0, T0.length, 4);
+//        shiftUp(T0, bMax, T1, bMax, tOff, 4);
+
+        long[] a = A.m_ints;
+        long[] c = new long[cLen << 3];
+
+        int MASK = 0xF;
+
+        /*
+         * Lopez-Dahab (Modified) algorithm
+         */
+
+        for (int aPos = 0; aPos < aLen; ++aPos)
+        {
+            long aVal = a[aPos];
+            int cOff = aPos;
+            for (;;)
+            {
+                int u = (int)aVal & MASK;
+                aVal >>>= 4;
+                int v = (int)aVal & MASK;
+                addBoth(c, cOff, T0, ti[u], T1, ti[v], bMax);
+                aVal >>>= 4;
+                if (aVal == 0L)
+                {
+                    break;
+                }
+                cOff += cLen;
+            }
+        }
+
+        {
+            int cOff = c.length;
+            while ((cOff -= cLen) != 0)
+            {
+                addShiftedUp(c, cOff - cLen, c, cOff, cLen, 8);
+            }
+        }
+
+        /*
+         * Finally the raw answer is collected, reduce it against the reduction coefficients
+         */
+//        return reduceResult(c, 0, cLen, m, ks);
+        return new LongArray(c, 0, cLen);
+    }
+
+    public void reduce(int m, int[] ks)
+    {
+        long[] buf = m_ints;
+        int rLen = reduceInPlace(buf, 0, buf.length, m, ks);
+        if (rLen < buf.length)
+        {
+            m_ints = new long[rLen];
+            System.arraycopy(buf, 0, m_ints, 0, rLen);
+        }
+    }
+
+    private static LongArray reduceResult(long[] buf, int off, int len, int m, int[] ks)
+    {
+        int rLen = reduceInPlace(buf, off, len, m, ks);
+        return new LongArray(buf, off, rLen);
+    }
+
+//    private static void deInterleave(long[] x, int xOff, long[] z, int zOff, int count, int rounds)
+//    {
+//        for (int i = 0; i < count; ++i)
+//        {
+//            z[zOff + i] = deInterleave(x[zOff + i], rounds);
+//        }
+//    }
+//
+//    private static long deInterleave(long x, int rounds)
+//    {
+//        while (--rounds >= 0)
+//        {
+//            x = deInterleave32(x & DEINTERLEAVE_MASK) | (deInterleave32((x >>> 1) & DEINTERLEAVE_MASK) << 32);
+//        }
+//        return x;
+//    }
+//
+//    private static long deInterleave32(long x)
+//    {
+//        x = (x | (x >>> 1)) & 0x3333333333333333L;
+//        x = (x | (x >>> 2)) & 0x0F0F0F0F0F0F0F0FL;
+//        x = (x | (x >>> 4)) & 0x00FF00FF00FF00FFL;
+//        x = (x | (x >>> 8)) & 0x0000FFFF0000FFFFL;
+//        x = (x | (x >>> 16)) & 0x00000000FFFFFFFFL;
+//        return x;
+//    }
+
+    private static int reduceInPlace(long[] buf, int off, int len, int m, int[] ks)
+    {
+        int mLen = (m + 63) >>> 6;
+        if (len < mLen)
+        {
+            return len;
+        }
+
+        int numBits = Math.min(len << 6, (m << 1) - 1); // TODO use actual degree?
+        int excessBits = (len << 6) - numBits;
+        while (excessBits >= 64)
+        {
+            --len;
+            excessBits -= 64;
+        }
+
+        int kLen = ks.length, kMax = ks[kLen - 1], kNext = kLen > 1 ? ks[kLen - 2] : 0;
+        int wordWiseLimit = Math.max(m, kMax + 64);
+        int vectorableWords = (excessBits + Math.min(numBits - wordWiseLimit, m - kNext)) >> 6;
+        if (vectorableWords > 1)
+        {
+            int vectorWiseWords = len - vectorableWords;
+            reduceVectorWise(buf, off, len, vectorWiseWords, m, ks);
+            while (len > vectorWiseWords)
+            {
+                buf[off + --len] = 0L;
+            }
+            numBits = vectorWiseWords << 6;
+        }
+
+        if (numBits > wordWiseLimit)
+        {
+            reduceWordWise(buf, off, len, wordWiseLimit, m, ks);
+            numBits = wordWiseLimit;
+        }
+
+        if (numBits > m)
+        {
+            reduceBitWise(buf, off, numBits, m, ks);
+        }
+
+        return mLen;
+    }
+
+    private static void reduceBitWise(long[] buf, int off, int bitlength, int m, int[] ks)
+    {
+        while (--bitlength >= m)
+        {
+            if (testBit(buf, off, bitlength))
+            {
+                reduceBit(buf, off, bitlength, m, ks);
+            }
+        }
+    }
+
+    private static void reduceBit(long[] buf, int off, int bit, int m, int[] ks)
+    {
+        flipBit(buf, off, bit);
+        int n = bit - m;
+        int j = ks.length;
+        while (--j >= 0)
+        {
+            flipBit(buf, off, ks[j] + n);
+        }
+        flipBit(buf, off, n);
+    }
+
+    private static void reduceWordWise(long[] buf, int off, int len, int toBit, int m, int[] ks)
+    {
+        int toPos = toBit >>> 6;
+
+        while (--len > toPos)
+        {
+            long word = buf[off + len];
+            if (word != 0)
+            {
+                buf[off + len] = 0;
+                reduceWord(buf, off, (len << 6), word, m, ks);
+            }
+        }
+
+        {
+            int partial = toBit & 0x3F;
+            long word = buf[off + toPos] >>> partial;
+            if (word != 0)
+            {
+                buf[off + toPos] ^= word << partial;
+                reduceWord(buf, off, toBit, word, m, ks);
+            }
+        }
+    }
+
+    private static void reduceWord(long[] buf, int off, int bit, long word, int m, int[] ks)
+    {
+        int offset = bit - m;
+        int j = ks.length;
+        while (--j >= 0)
+        {
+            flipWord(buf, off, offset + ks[j], word);
+        }
+        flipWord(buf, off, offset, word);
+    }
+
+    private static void reduceVectorWise(long[] buf, int off, int len, int words, int m, int[] ks)
+    {
+        /*
+         * NOTE: It's important we go from highest coefficient to lowest, because for the highest
+         * one (only) we allow the ranges to partially overlap, and therefore any changes must take
+         * effect for the subsequent lower coefficients.
+         */
+        int baseBit = (words << 6) - m;
+        int j = ks.length;
+        while (--j >= 0)
+        {
+            flipVector(buf, off, buf, off + words, len - words, baseBit + ks[j]);
+        }
+        flipVector(buf, off, buf, off + words, len - words, baseBit);
+    }
+
+    private static void flipVector(long[] x, int xOff, long[] y, int yOff, int yLen, int bits)
+    {
+        xOff += bits >>> 6;
+        bits &= 0x3F;
+
+        if (bits == 0)
+        {
+            add(x, xOff, y, yOff, yLen);
+        }
+        else
+        {
+            long carry = addShiftedDown(x, xOff + 1, y, yOff, yLen, 64 - bits);
+            x[xOff] ^= carry;
+        }
+    }
+
+    public LongArray modSquare(int m, int[] ks)
+    {
+        int len = getUsedLength();
+        if (len == 0)
+        {
+            return this;
+        }
+
+        int _2len = len << 1;
+        long[] r = new long[_2len];
+
+        int pos = 0;
+        while (pos < _2len)
+        {
+            long mi = m_ints[pos >>> 1];
+            r[pos++] = interleave2_32to64((int)mi);
+            r[pos++] = interleave2_32to64((int)(mi >>> 32));
+        }
+
+        return new LongArray(r, 0, reduceInPlace(r, 0, r.length, m, ks));
+    }
+
+    public LongArray modSquareN(int n, int m, int[] ks)
+    {
+        int len = getUsedLength();
+        if (len == 0)
+        {
+            return this;
+        }
+
+        int mLen = (m + 63) >>> 6;
+        long[] r = new long[mLen << 1];
+        System.arraycopy(m_ints, 0, r, 0, len);
+
+        while (--n >= 0)
+        {
+            squareInPlace(r, len, m, ks);
+            len = reduceInPlace(r, 0, r.length, m, ks);
+        }
+
+        return new LongArray(r, 0, len);
+    }
+
+    public LongArray square(int m, int[] ks)
+    {
+        int len = getUsedLength();
+        if (len == 0)
+        {
+            return this;
+        }
+
+        int _2len = len << 1;
+        long[] r = new long[_2len];
+
+        int pos = 0;
+        while (pos < _2len)
+        {
+            long mi = m_ints[pos >>> 1];
+            r[pos++] = interleave2_32to64((int)mi);
+            r[pos++] = interleave2_32to64((int)(mi >>> 32));
+        }
+
+        return new LongArray(r, 0, r.length);
+    }
+
+    private static void squareInPlace(long[] x, int xLen, int m, int[] ks)
+    {
+        int pos = xLen << 1;
+        while (--xLen >= 0)
+        {
+            long xVal = x[xLen];
+            x[--pos] = interleave2_32to64((int)(xVal >>> 32));
+            x[--pos] = interleave2_32to64((int)xVal);
+        }
+    }
+
+    private static void interleave(long[] x, int xOff, long[] z, int zOff, int count, int width)
+    {
+        switch (width)
+        {
+        case 3:
+            interleave3(x, xOff, z, zOff, count);
+            break;
+        case 5:
+            interleave5(x, xOff, z, zOff, count);
+            break;
+        case 7:
+            interleave7(x, xOff, z, zOff, count);
+            break;
+        default:
+            interleave2_n(x, xOff, z, zOff, count, bitLengths[width] - 1);
+            break;
+        }
+    }
+
+    private static void interleave3(long[] x, int xOff, long[] z, int zOff, int count)
+    {
+        for (int i = 0; i < count; ++i)
+        {
+            z[zOff + i] = interleave3(x[xOff + i]);
+        }
+    }
+
+    private static long interleave3(long x)
+    {
+        long z = x & (1L << 63);
+        return z
+            | interleave3_21to63((int)x & 0x1FFFFF)
+            | interleave3_21to63((int)(x >>> 21) & 0x1FFFFF) << 1
+            | interleave3_21to63((int)(x >>> 42) & 0x1FFFFF) << 2;
+
+//        int zPos = 0, wPos = 0, xPos = 0;
+//        for (;;)
+//        {
+//            z |= ((x >>> xPos) & 1L) << zPos;
+//            if (++zPos == 63)
+//            {
+//                String sz2 = Long.toBinaryString(z);
+//                return z;
+//            }
+//            if ((xPos += 21) >= 63)
+//            {
+//                xPos = ++wPos;
+//            }
+//        }
+    }
+
+    private static long interleave3_21to63(int x)
+    {
+        int r00 = INTERLEAVE3_TABLE[x & 0x7F];
+        int r21 = INTERLEAVE3_TABLE[(x >>> 7) & 0x7F];
+        int r42 = INTERLEAVE3_TABLE[x >>> 14];
+        return (r42 & 0xFFFFFFFFL) << 42 | (r21 & 0xFFFFFFFFL) << 21 | (r00 & 0xFFFFFFFFL);
+    }
+
+    private static void interleave5(long[] x, int xOff, long[] z, int zOff, int count)
+    {
+        for (int i = 0; i < count; ++i)
+        {
+            z[zOff + i] = interleave5(x[xOff + i]);
+        }
+    }
+
+    private static long interleave5(long x)
+    {
+        return interleave3_13to65((int)x & 0x1FFF)
+            | interleave3_13to65((int)(x >>> 13) & 0x1FFF) << 1
+            | interleave3_13to65((int)(x >>> 26) & 0x1FFF) << 2
+            | interleave3_13to65((int)(x >>> 39) & 0x1FFF) << 3
+            | interleave3_13to65((int)(x >>> 52) & 0x1FFF) << 4;
+
+//        long z = 0;
+//        int zPos = 0, wPos = 0, xPos = 0;
+//        for (;;)
+//        {
+//            z |= ((x >>> xPos) & 1L) << zPos;
+//            if (++zPos == 64)
+//            {
+//                return z;
+//            }
+//            if ((xPos += 13) >= 64)
+//            {
+//                xPos = ++wPos;
+//            }
+//        }
+    }
+
+    private static long interleave3_13to65(int x)
+    {
+        int r00 = INTERLEAVE5_TABLE[x & 0x7F];
+        int r35 = INTERLEAVE5_TABLE[x >>> 7];
+        return (r35 & 0xFFFFFFFFL) << 35 | (r00 & 0xFFFFFFFFL);
+    }
+
+    private static void interleave7(long[] x, int xOff, long[] z, int zOff, int count)
+    {
+        for (int i = 0; i < count; ++i)
+        {
+            z[zOff + i] = interleave7(x[xOff + i]);
+        }
+    }
+
+    private static long interleave7(long x)
+    {
+        long z = x & (1L << 63);
+        return z
+            | INTERLEAVE7_TABLE[(int)x & 0x1FF]
+            | INTERLEAVE7_TABLE[(int)(x >>> 9) & 0x1FF] << 1
+            | INTERLEAVE7_TABLE[(int)(x >>> 18) & 0x1FF] << 2
+            | INTERLEAVE7_TABLE[(int)(x >>> 27) & 0x1FF] << 3
+            | INTERLEAVE7_TABLE[(int)(x >>> 36) & 0x1FF] << 4
+            | INTERLEAVE7_TABLE[(int)(x >>> 45) & 0x1FF] << 5
+            | INTERLEAVE7_TABLE[(int)(x >>> 54) & 0x1FF] << 6;
+
+//        int zPos = 0, wPos = 0, xPos = 0;
+//        for (;;)
+//        {
+//            z |= ((x >>> xPos) & 1L) << zPos;
+//            if (++zPos == 63)
+//            {
+//                return z;
+//            }
+//            if ((xPos += 9) >= 63)
+//            {
+//                xPos = ++wPos;
+//            }
+//        }
+    }
+
+    private static void interleave2_n(long[] x, int xOff, long[] z, int zOff, int count, int rounds)
+    {
+        for (int i = 0; i < count; ++i)
+        {
+            z[zOff + i] = interleave2_n(x[xOff + i], rounds);
+        }
+    }
+
+    private static long interleave2_n(long x, int rounds)
+    {
+        while (rounds > 1)
+        {
+            rounds -= 2;
+            x = interleave4_16to64((int)x & 0xFFFF)
+                | interleave4_16to64((int)(x >>> 16) & 0xFFFF) << 1
+                | interleave4_16to64((int)(x >>> 32) & 0xFFFF) << 2
+                | interleave4_16to64((int)(x >>> 48) & 0xFFFF) << 3;
+        }
+        if (rounds > 0)
+        {
+            x = interleave2_32to64((int)x) | interleave2_32to64((int)(x >>> 32)) << 1;
+        }
+        return x;
+    }
+
+    private static long interleave4_16to64(int x)
+    {
+        int r00 = INTERLEAVE4_TABLE[x & 0xFF];
+        int r32 = INTERLEAVE4_TABLE[x >>> 8];
+        return (r32 & 0xFFFFFFFFL) << 32 | (r00 & 0xFFFFFFFFL);
+    }
+
+    private static long interleave2_32to64(int x)
+    {
+        int r00 = INTERLEAVE2_TABLE[x & 0xFF] | INTERLEAVE2_TABLE[(x >>> 8) & 0xFF] << 16;
+        int r32 = INTERLEAVE2_TABLE[(x >>> 16) & 0xFF] | INTERLEAVE2_TABLE[x >>> 24] << 16;
+        return (r32 & 0xFFFFFFFFL) << 32 | (r00 & 0xFFFFFFFFL);
+    }
+
+//    private static LongArray expItohTsujii2(LongArray B, int n, int m, int[] ks)
+//    {
+//        LongArray t1 = B, t3 = new LongArray(new long[]{ 1L });
+//        int scale = 1;
+//
+//        int numTerms = n;
+//        while (numTerms > 1)
+//        {
+//            if ((numTerms & 1) != 0)
+//            {
+//                t3 = t3.modMultiply(t1, m, ks);
+//                t1 = t1.modSquareN(scale, m, ks);
+//            }
+//
+//            LongArray t2 = t1.modSquareN(scale, m, ks);
+//            t1 = t1.modMultiply(t2, m, ks);
+//            numTerms >>>= 1; scale <<= 1;
+//        }
+//
+//        return t3.modMultiply(t1, m, ks);
+//    }
+//
+//    private static LongArray expItohTsujii23(LongArray B, int n, int m, int[] ks)
+//    {
+//        LongArray t1 = B, t3 = new LongArray(new long[]{ 1L });
+//        int scale = 1;
+//
+//        int numTerms = n;
+//        while (numTerms > 1)
+//        {
+//            boolean m03 = numTerms % 3 == 0;
+//            boolean m14 = !m03 && (numTerms & 1) != 0;
+//
+//            if (m14)
+//            {
+//                t3 = t3.modMultiply(t1, m, ks);
+//                t1 = t1.modSquareN(scale, m, ks);
+//            }
+//
+//            LongArray t2 = t1.modSquareN(scale, m, ks);
+//            t1 = t1.modMultiply(t2, m, ks);
+//
+//            if (m03)
+//            {
+//                t2 = t2.modSquareN(scale, m, ks);
+//                t1 = t1.modMultiply(t2, m, ks);
+//                numTerms /= 3; scale *= 3;
+//            }
+//            else
+//            {
+//                numTerms >>>= 1; scale <<= 1;
+//            }
+//        }
+//
+//        return t3.modMultiply(t1, m, ks);
+//    }
+//
+//    private static LongArray expItohTsujii235(LongArray B, int n, int m, int[] ks)
+//    {
+//        LongArray t1 = B, t4 = new LongArray(new long[]{ 1L });
+//        int scale = 1;
+//
+//        int numTerms = n;
+//        while (numTerms > 1)
+//        {
+//            if (numTerms % 5 == 0)
+//            {
+////                t1 = expItohTsujii23(t1, 5, m, ks);
+//
+//                LongArray t3 = t1;
+//                t1 = t1.modSquareN(scale, m, ks);
+//
+//                LongArray t2 = t1.modSquareN(scale, m, ks);
+//                t1 = t1.modMultiply(t2, m, ks);
+//                t2 = t1.modSquareN(scale << 1, m, ks);
+//                t1 = t1.modMultiply(t2, m, ks);
+//
+//                t1 = t1.modMultiply(t3, m, ks);
+//
+//                numTerms /= 5; scale *= 5;
+//                continue;
+//            }
+//
+//            boolean m03 = numTerms % 3 == 0;
+//            boolean m14 = !m03 && (numTerms & 1) != 0;
+//
+//            if (m14)
+//            {
+//                t4 = t4.modMultiply(t1, m, ks);
+//                t1 = t1.modSquareN(scale, m, ks);
+//            }
+//
+//            LongArray t2 = t1.modSquareN(scale, m, ks);
+//            t1 = t1.modMultiply(t2, m, ks);
+//
+//            if (m03)
+//            {
+//                t2 = t2.modSquareN(scale, m, ks);
+//                t1 = t1.modMultiply(t2, m, ks);
+//                numTerms /= 3; scale *= 3;
+//            }
+//            else
+//            {
+//                numTerms >>>= 1; scale <<= 1;
+//            }
+//        }
+//
+//        return t4.modMultiply(t1, m, ks);
+//    }
+
+    public LongArray modInverse(int m, int[] ks)
+    {
+        /*
+         * Fermat's Little Theorem
+         */
+//        LongArray A = this;
+//        LongArray B = A.modSquare(m, ks);
+//        LongArray R0 = B, R1 = B;
+//        for (int i = 2; i < m; ++i)
+//        {
+//            R1 = R1.modSquare(m, ks);
+//            R0 = R0.modMultiply(R1, m, ks);
+//        }
+//
+//        return R0;
+
+        /*
+         * Itoh-Tsujii
+         */
+//        LongArray B = modSquare(m, ks);
+//        switch (m)
+//        {
+//        case 409:
+//            return expItohTsujii23(B, m - 1, m, ks);
+//        case 571:
+//            return expItohTsujii235(B, m - 1, m, ks);
+//        case 163:
+//        case 233:
+//        case 283:
+//        default:
+//            return expItohTsujii2(B, m - 1, m, ks);
+//        }
+
+        /*
+         * Inversion in F2m using the extended Euclidean algorithm
+         * 
+         * Input: A nonzero polynomial a(z) of degree at most m-1
+         * Output: a(z)^(-1) mod f(z)
+         */
+        int uzDegree = degree();
+        if (uzDegree == 0)
+        {
+            throw new IllegalStateException();
+        }
+        if (uzDegree == 1)
+        {
+            return this;
+        }
+
+        // u(z) := a(z)
+        LongArray uz = (LongArray)clone();
+
+        int t = (m + 63) >>> 6;
+
+        // v(z) := f(z)
+        LongArray vz = new LongArray(t);
+        reduceBit(vz.m_ints, 0, m, m, ks);
+
+        // g1(z) := 1, g2(z) := 0
+        LongArray g1z = new LongArray(t);
+        g1z.m_ints[0] = 1L;
+        LongArray g2z = new LongArray(t);
+
+        int[] uvDeg = new int[]{ uzDegree, m + 1 };
+        LongArray[] uv = new LongArray[]{ uz, vz };
+
+        int[] ggDeg = new int[]{ 1, 0 };
+        LongArray[] gg = new LongArray[]{ g1z, g2z };
+
+        int b = 1;
+        int duv1 = uvDeg[b];
+        int dgg1 = ggDeg[b];
+        int j = duv1 - uvDeg[1 - b];
+
+        for (;;)
+        {
+            if (j < 0)
+            {
+                j = -j;
+                uvDeg[b] = duv1;
+                ggDeg[b] = dgg1;
+                b = 1 - b;
+                duv1 = uvDeg[b];
+                dgg1 = ggDeg[b];
+            }
+
+            uv[b].addShiftedByBitsSafe(uv[1 - b], uvDeg[1 - b], j);
+
+            int duv2 = uv[b].degreeFrom(duv1);
+            if (duv2 == 0)
+            {
+                return gg[1 - b];
+            }
+
+            {
+                int dgg2 = ggDeg[1 - b];
+                gg[b].addShiftedByBitsSafe(gg[1 - b], dgg2, j);
+                dgg2 += j;
+
+                if (dgg2 > dgg1)
+                {
+                    dgg1 = dgg2;
+                }
+                else if (dgg2 == dgg1)
+                {
+                    dgg1 = gg[b].degreeFrom(dgg1);
+                }
+            }
+
+            j += (duv2 - duv1);
+            duv1 = duv2;
+        }
+    }
+
+    public boolean equals(Object o)
+    {
+        if (!(o instanceof LongArray))
+        {
+            return false;
+        }
+        LongArray other = (LongArray) o;
+        int usedLen = getUsedLength();
+        if (other.getUsedLength() != usedLen)
+        {
+            return false;
+        }
+        for (int i = 0; i < usedLen; i++)
+        {
+            if (m_ints[i] != other.m_ints[i])
+            {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    public int hashCode()
+    {
+        int usedLen = getUsedLength();
+        int hash = 1;
+        for (int i = 0; i < usedLen; i++)
+        {
+            long mi = m_ints[i];
+            hash *= 31;
+            hash ^= (int)mi;
+            hash *= 31;
+            hash ^= (int)(mi >>> 32);
+        }
+        return hash;
+    }
+
+    public Object clone()
+    {
+        return new LongArray(Arrays.clone(m_ints));
+    }
+
+    public String toString()
+    {
+        int i = getUsedLength();
+        if (i == 0)
+        {
+            return "0";
+        }
+
+        StringBuffer sb = new StringBuffer(Long.toBinaryString(m_ints[--i]));
+        while (--i >= 0)
+        {
+            String s = Long.toBinaryString(m_ints[i]);
+
+            // Add leading zeroes, except for highest significant word
+            int len = s.length();
+            if (len < 64)
+            {
+                sb.append(ZEROES.substring(len));
+            }
+
+            sb.append(s);
+        }
+        return sb.toString();
+    }
+}
\ No newline at end of file

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/PreCompCallback.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/PreCompCallback.java
new file mode 100644
index 0000000..577f1ec
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/PreCompCallback.java

@@ -0,0 +1,10 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface PreCompCallback
+{
+    PreCompInfo precompute(PreCompInfo existing);
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/PreCompInfo.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/PreCompInfo.java
new file mode 100644
index 0000000..0d373b4
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/PreCompInfo.java

@@ -0,0 +1,12 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec;
+
+/**
+ * Interface for classes storing precomputation data for multiplication
+ * algorithms. Used as a Memento (see GOF patterns) by e.g. 
+ * <code>WNafL2RMultiplier</code>.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface PreCompInfo
+{
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ScaleXPointMap.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ScaleXPointMap.java
new file mode 100644
index 0000000..24a5103
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ScaleXPointMap.java

@@ -0,0 +1,20 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ScaleXPointMap implements ECPointMap
+{
+    protected final ECFieldElement scale;
+
+    public ScaleXPointMap(ECFieldElement scale)
+    {
+        this.scale = scale;
+    }
+
+    public ECPoint map(ECPoint p)
+    {
+        return p.scaleX(scale);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/SimpleBigDecimal.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/SimpleBigDecimal.java
new file mode 100644
index 0000000..3ff1c0e
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/SimpleBigDecimal.java

@@ -0,0 +1,248 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec;
+
+import java.math.BigInteger;
+
+/**
+ * Class representing a simple version of a big decimal. A
+ * <code>SimpleBigDecimal</code> is basically a
+ * {@link java.math.BigInteger BigInteger} with a few digits on the right of
+ * the decimal point. The number of (binary) digits on the right of the decimal
+ * point is called the <code>scale</code> of the <code>SimpleBigDecimal</code>.
+ * Unlike in {@link java.math.BigDecimal BigDecimal}, the scale is not adjusted
+ * automatically, but must be set manually. All <code>SimpleBigDecimal</code>s
+ * taking part in the same arithmetic operation must have equal scale. The
+ * result of a multiplication of two <code>SimpleBigDecimal</code>s returns a
+ * <code>SimpleBigDecimal</code> with double scale.
+ */
+class SimpleBigDecimal
+    //extends Number   // not in J2ME - add compatibility class?
+{
+    private static final long serialVersionUID = 1L;
+
+    private final BigInteger bigInt;
+    private final int scale;
+
+    /**
+     * Returns a <code>SimpleBigDecimal</code> representing the same numerical
+     * value as <code>value</code>.
+     * @param value The value of the <code>SimpleBigDecimal</code> to be
+     * created. 
+     * @param scale The scale of the <code>SimpleBigDecimal</code> to be
+     * created. 
+     * @return The such created <code>SimpleBigDecimal</code>.
+     */
+    public static SimpleBigDecimal getInstance(BigInteger value, int scale)
+    {
+        return new SimpleBigDecimal(value.shiftLeft(scale), scale);
+    }
+
+    /**
+     * Constructor for <code>SimpleBigDecimal</code>. The value of the
+     * constructed <code>SimpleBigDecimal</code> equals <code>bigInt / 
+     * 2<sup>scale</sup></code>.
+     * @param bigInt The <code>bigInt</code> value parameter.
+     * @param scale The scale of the constructed <code>SimpleBigDecimal</code>.
+     */
+    public SimpleBigDecimal(BigInteger bigInt, int scale)
+    {
+        if (scale < 0)
+        {
+            throw new IllegalArgumentException("scale may not be negative");
+        }
+
+        this.bigInt = bigInt;
+        this.scale = scale;
+    }
+
+    private void checkScale(SimpleBigDecimal b)
+    {
+        if (scale != b.scale)
+        {
+            throw new IllegalArgumentException("Only SimpleBigDecimal of " +
+                "same scale allowed in arithmetic operations");
+        }
+    }
+
+    public SimpleBigDecimal adjustScale(int newScale)
+    {
+        if (newScale < 0)
+        {
+            throw new IllegalArgumentException("scale may not be negative");
+        }
+
+        if (newScale == scale)
+        {
+            return this;
+        }
+
+        return new SimpleBigDecimal(bigInt.shiftLeft(newScale - scale),
+                newScale);
+    }
+
+    public SimpleBigDecimal add(SimpleBigDecimal b)
+    {
+        checkScale(b);
+        return new SimpleBigDecimal(bigInt.add(b.bigInt), scale);
+    }
+
+    public SimpleBigDecimal add(BigInteger b)
+    {
+        return new SimpleBigDecimal(bigInt.add(b.shiftLeft(scale)), scale);
+    }
+
+    public SimpleBigDecimal negate()
+    {
+        return new SimpleBigDecimal(bigInt.negate(), scale);
+    }
+
+    public SimpleBigDecimal subtract(SimpleBigDecimal b)
+    {
+        return add(b.negate());
+    }
+
+    public SimpleBigDecimal subtract(BigInteger b)
+    {
+        return new SimpleBigDecimal(bigInt.subtract(b.shiftLeft(scale)),
+                scale);
+    }
+
+    public SimpleBigDecimal multiply(SimpleBigDecimal b)
+    {
+        checkScale(b);
+        return new SimpleBigDecimal(bigInt.multiply(b.bigInt), scale + scale);
+    }
+
+    public SimpleBigDecimal multiply(BigInteger b)
+    {
+        return new SimpleBigDecimal(bigInt.multiply(b), scale);
+    }
+
+    public SimpleBigDecimal divide(SimpleBigDecimal b)
+    {
+        checkScale(b);
+        BigInteger dividend = bigInt.shiftLeft(scale);
+        return new SimpleBigDecimal(dividend.divide(b.bigInt), scale);
+    }
+
+    public SimpleBigDecimal divide(BigInteger b)
+    {
+        return new SimpleBigDecimal(bigInt.divide(b), scale);
+    }
+
+    public SimpleBigDecimal shiftLeft(int n)
+    {
+        return new SimpleBigDecimal(bigInt.shiftLeft(n), scale);
+    }
+
+    public int compareTo(SimpleBigDecimal val)
+    {
+        checkScale(val);
+        return bigInt.compareTo(val.bigInt);
+    }
+
+    public int compareTo(BigInteger val)
+    {
+        return bigInt.compareTo(val.shiftLeft(scale));
+    }
+
+    public BigInteger floor()
+    {
+        return bigInt.shiftRight(scale);
+    }
+
+    public BigInteger round()
+    {
+        SimpleBigDecimal oneHalf = new SimpleBigDecimal(ECConstants.ONE, 1);
+        return add(oneHalf.adjustScale(scale)).floor();
+    }
+
+    public int intValue()
+    {
+        return floor().intValue();
+    }
+    
+    public long longValue()
+    {
+        return floor().longValue();
+    }
+          /* NON-J2ME compliant.
+    public double doubleValue()
+    {
+        return Double.valueOf(toString()).doubleValue();
+    }
+
+    public float floatValue()
+    {
+        return Float.valueOf(toString()).floatValue();
+    }
+       */
+    public int getScale()
+    {
+        return scale;
+    }
+
+    public String toString()
+    {
+        if (scale == 0)
+        {
+            return bigInt.toString();
+        }
+
+        BigInteger floorBigInt = floor();
+        
+        BigInteger fract = bigInt.subtract(floorBigInt.shiftLeft(scale));
+        if (bigInt.signum() == -1)
+        {
+            fract = ECConstants.ONE.shiftLeft(scale).subtract(fract);
+        }
+
+        if ((floorBigInt.signum() == -1) && (!(fract.equals(ECConstants.ZERO))))
+        {
+            floorBigInt = floorBigInt.add(ECConstants.ONE);
+        }
+        String leftOfPoint = floorBigInt.toString();
+
+        char[] fractCharArr = new char[scale];
+        String fractStr = fract.toString(2);
+        int fractLen = fractStr.length();
+        int zeroes = scale - fractLen;
+        for (int i = 0; i < zeroes; i++)
+        {
+            fractCharArr[i] = '0';
+        }
+        for (int j = 0; j < fractLen; j++)
+        {
+            fractCharArr[zeroes + j] = fractStr.charAt(j);
+        }
+        String rightOfPoint = new String(fractCharArr);
+
+        StringBuffer sb = new StringBuffer(leftOfPoint);
+        sb.append(".");
+        sb.append(rightOfPoint);
+
+        return sb.toString();
+    }
+
+    public boolean equals(Object o)
+    {
+        if (this == o)
+        {
+            return true;
+        }
+
+        if (!(o instanceof SimpleBigDecimal))
+        {
+            return false;
+        }
+
+        SimpleBigDecimal other = (SimpleBigDecimal)o;
+        return ((bigInt.equals(other.bigInt)) && (scale == other.scale));
+    }
+
+    public int hashCode()
+    {
+        return bigInt.hashCode() ^ scale;
+    }
+
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/Tnaf.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/Tnaf.java
new file mode 100644
index 0000000..db41bfb
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/Tnaf.java

@@ -0,0 +1,850 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec;
+
+import java.math.BigInteger;
+
+/**
+ * Class holding methods for point multiplication based on the window
+ * &tau;-adic nonadjacent form (WTNAF). The algorithms are based on the
+ * paper "Improved Algorithms for Arithmetic on Anomalous Binary Curves"
+ * by Jerome A. Solinas. The paper first appeared in the Proceedings of
+ * Crypto 1997.
+ */
+class Tnaf
+{
+    private static final BigInteger MINUS_ONE = ECConstants.ONE.negate();
+    private static final BigInteger MINUS_TWO = ECConstants.TWO.negate();
+    private static final BigInteger MINUS_THREE = ECConstants.THREE.negate();
+
+    /**
+     * The window width of WTNAF. The standard value of 4 is slightly less
+     * than optimal for running time, but keeps space requirements for
+     * precomputation low. For typical curves, a value of 5 or 6 results in
+     * a better running time. When changing this value, the
+     * <code>&alpha;<sub>u</sub></code>'s must be computed differently, see
+     * e.g. "Guide to Elliptic Curve Cryptography", Darrel Hankerson,
+     * Alfred Menezes, Scott Vanstone, Springer-Verlag New York Inc., 2004,
+     * p. 121-122
+     */
+    public static final byte WIDTH = 4;
+
+    /**
+     * 2<sup>4</sup>
+     */
+    public static final byte POW_2_WIDTH = 16;
+
+    /**
+     * The <code>&alpha;<sub>u</sub></code>'s for <code>a=0</code> as an array
+     * of <code>ZTauElement</code>s.
+     */
+    public static final ZTauElement[] alpha0 = {
+        null,
+        new ZTauElement(ECConstants.ONE, ECConstants.ZERO), null,
+        new ZTauElement(MINUS_THREE, MINUS_ONE), null,
+        new ZTauElement(MINUS_ONE, MINUS_ONE), null,
+        new ZTauElement(ECConstants.ONE, MINUS_ONE), null
+    };
+
+    /**
+     * The <code>&alpha;<sub>u</sub></code>'s for <code>a=0</code> as an array
+     * of TNAFs.
+     */
+    public static final byte[][] alpha0Tnaf = {
+        null, {1}, null, {-1, 0, 1}, null, {1, 0, 1}, null, {-1, 0, 0, 1}
+    };
+
+    /**
+     * The <code>&alpha;<sub>u</sub></code>'s for <code>a=1</code> as an array
+     * of <code>ZTauElement</code>s.
+     */
+    public static final ZTauElement[] alpha1 = {null,
+        new ZTauElement(ECConstants.ONE, ECConstants.ZERO), null,
+        new ZTauElement(MINUS_THREE, ECConstants.ONE), null,
+        new ZTauElement(MINUS_ONE, ECConstants.ONE), null,
+        new ZTauElement(ECConstants.ONE, ECConstants.ONE), null
+    };
+
+    /**
+     * The <code>&alpha;<sub>u</sub></code>'s for <code>a=1</code> as an array
+     * of TNAFs.
+     */
+    public static final byte[][] alpha1Tnaf = {
+        null, {1}, null, {-1, 0, 1}, null, {1, 0, 1}, null, {-1, 0, 0, -1}
+    };
+
+    /**
+     * Computes the norm of an element <code>&lambda;</code> of
+     * <code><b>Z</b>[&tau;]</code>.
+     * @param mu The parameter <code>&mu;</code> of the elliptic curve.
+     * @param lambda The element <code>&lambda;</code> of
+     * <code><b>Z</b>[&tau;]</code>.
+     * @return The norm of <code>&lambda;</code>.
+     */
+    public static BigInteger norm(final byte mu, ZTauElement lambda)
+    {
+        BigInteger norm;
+
+        // s1 = u^2
+        BigInteger s1 = lambda.u.multiply(lambda.u);
+
+        // s2 = u * v
+        BigInteger s2 = lambda.u.multiply(lambda.v);
+
+        // s3 = 2 * v^2
+        BigInteger s3 = lambda.v.multiply(lambda.v).shiftLeft(1);
+
+        if (mu == 1)
+        {
+            norm = s1.add(s2).add(s3);
+        }
+        else if (mu == -1)
+        {
+            norm = s1.subtract(s2).add(s3);
+        }
+        else
+        {
+            throw new IllegalArgumentException("mu must be 1 or -1");
+        }
+
+        return norm;
+    }
+
+    /**
+     * Computes the norm of an element <code>&lambda;</code> of
+     * <code><b>R</b>[&tau;]</code>, where <code>&lambda; = u + v&tau;</code>
+     * and <code>u</code> and <code>u</code> are real numbers (elements of
+     * <code><b>R</b></code>). 
+     * @param mu The parameter <code>&mu;</code> of the elliptic curve.
+     * @param u The real part of the element <code>&lambda;</code> of
+     * <code><b>R</b>[&tau;]</code>.
+     * @param v The <code>&tau;</code>-adic part of the element
+     * <code>&lambda;</code> of <code><b>R</b>[&tau;]</code>.
+     * @return The norm of <code>&lambda;</code>.
+     */
+    public static SimpleBigDecimal norm(final byte mu, SimpleBigDecimal u,
+            SimpleBigDecimal v)
+    {
+        SimpleBigDecimal norm;
+
+        // s1 = u^2
+        SimpleBigDecimal s1 = u.multiply(u);
+
+        // s2 = u * v
+        SimpleBigDecimal s2 = u.multiply(v);
+
+        // s3 = 2 * v^2
+        SimpleBigDecimal s3 = v.multiply(v).shiftLeft(1);
+
+        if (mu == 1)
+        {
+            norm = s1.add(s2).add(s3);
+        }
+        else if (mu == -1)
+        {
+            norm = s1.subtract(s2).add(s3);
+        }
+        else
+        {
+            throw new IllegalArgumentException("mu must be 1 or -1");
+        }
+
+        return norm;
+    }
+
+    /**
+     * Rounds an element <code>&lambda;</code> of <code><b>R</b>[&tau;]</code>
+     * to an element of <code><b>Z</b>[&tau;]</code>, such that their difference
+     * has minimal norm. <code>&lambda;</code> is given as
+     * <code>&lambda; = &lambda;<sub>0</sub> + &lambda;<sub>1</sub>&tau;</code>.
+     * @param lambda0 The component <code>&lambda;<sub>0</sub></code>.
+     * @param lambda1 The component <code>&lambda;<sub>1</sub></code>.
+     * @param mu The parameter <code>&mu;</code> of the elliptic curve. Must
+     * equal 1 or -1.
+     * @return The rounded element of <code><b>Z</b>[&tau;]</code>.
+     * @throws IllegalArgumentException if <code>lambda0</code> and
+     * <code>lambda1</code> do not have same scale.
+     */
+    public static ZTauElement round(SimpleBigDecimal lambda0,
+            SimpleBigDecimal lambda1, byte mu)
+    {
+        int scale = lambda0.getScale();
+        if (lambda1.getScale() != scale)
+        {
+            throw new IllegalArgumentException("lambda0 and lambda1 do not " +
+                    "have same scale");
+        }
+
+        if (!((mu == 1) || (mu == -1)))
+        {
+            throw new IllegalArgumentException("mu must be 1 or -1");
+        }
+
+        BigInteger f0 = lambda0.round();
+        BigInteger f1 = lambda1.round();
+
+        SimpleBigDecimal eta0 = lambda0.subtract(f0);
+        SimpleBigDecimal eta1 = lambda1.subtract(f1);
+
+        // eta = 2*eta0 + mu*eta1
+        SimpleBigDecimal eta = eta0.add(eta0);
+        if (mu == 1)
+        {
+            eta = eta.add(eta1);
+        }
+        else
+        {
+            // mu == -1
+            eta = eta.subtract(eta1);
+        }
+
+        // check1 = eta0 - 3*mu*eta1
+        // check2 = eta0 + 4*mu*eta1
+        SimpleBigDecimal threeEta1 = eta1.add(eta1).add(eta1);
+        SimpleBigDecimal fourEta1 = threeEta1.add(eta1);
+        SimpleBigDecimal check1;
+        SimpleBigDecimal check2;
+        if (mu == 1)
+        {
+            check1 = eta0.subtract(threeEta1);
+            check2 = eta0.add(fourEta1);
+        }
+        else
+        {
+            // mu == -1
+            check1 = eta0.add(threeEta1);
+            check2 = eta0.subtract(fourEta1);
+        }
+
+        byte h0 = 0;
+        byte h1 = 0;
+
+        // if eta >= 1
+        if (eta.compareTo(ECConstants.ONE) >= 0)
+        {
+            if (check1.compareTo(MINUS_ONE) < 0)
+            {
+                h1 = mu;
+            }
+            else
+            {
+                h0 = 1;
+            }
+        }
+        else
+        {
+            // eta < 1
+            if (check2.compareTo(ECConstants.TWO) >= 0)
+            {
+                h1 = mu;
+            }
+        }
+
+        // if eta < -1
+        if (eta.compareTo(MINUS_ONE) < 0)
+        {
+            if (check1.compareTo(ECConstants.ONE) >= 0)
+            {
+                h1 = (byte)-mu;
+            }
+            else
+            {
+                h0 = -1;
+            }
+        }
+        else
+        {
+            // eta >= -1
+            if (check2.compareTo(MINUS_TWO) < 0)
+            {
+                h1 = (byte)-mu;
+            }
+        }
+
+        BigInteger q0 = f0.add(BigInteger.valueOf(h0));
+        BigInteger q1 = f1.add(BigInteger.valueOf(h1));
+        return new ZTauElement(q0, q1);
+    }
+
+    /**
+     * Approximate division by <code>n</code>. For an integer
+     * <code>k</code>, the value <code>&lambda; = s k / n</code> is
+     * computed to <code>c</code> bits of accuracy.
+     * @param k The parameter <code>k</code>.
+     * @param s The curve parameter <code>s<sub>0</sub></code> or
+     * <code>s<sub>1</sub></code>.
+     * @param vm The Lucas Sequence element <code>V<sub>m</sub></code>.
+     * @param a The parameter <code>a</code> of the elliptic curve.
+     * @param m The bit length of the finite field
+     * <code><b>F</b><sub>m</sub></code>.
+     * @param c The number of bits of accuracy, i.e. the scale of the returned
+     * <code>SimpleBigDecimal</code>.
+     * @return The value <code>&lambda; = s k / n</code> computed to
+     * <code>c</code> bits of accuracy.
+     */
+    public static SimpleBigDecimal approximateDivisionByN(BigInteger k,
+            BigInteger s, BigInteger vm, byte a, int m, int c)
+    {
+        int _k = (m + 5)/2 + c;
+        BigInteger ns = k.shiftRight(m - _k - 2 + a);
+
+        BigInteger gs = s.multiply(ns);
+
+        BigInteger hs = gs.shiftRight(m);
+
+        BigInteger js = vm.multiply(hs);
+
+        BigInteger gsPlusJs = gs.add(js);
+        BigInteger ls = gsPlusJs.shiftRight(_k-c);
+        if (gsPlusJs.testBit(_k-c-1))
+        {
+            // round up
+            ls = ls.add(ECConstants.ONE);
+        }
+
+        return new SimpleBigDecimal(ls, c);
+    }
+
+    /**
+     * Computes the <code>&tau;</code>-adic NAF (non-adjacent form) of an
+     * element <code>&lambda;</code> of <code><b>Z</b>[&tau;]</code>.
+     * @param mu The parameter <code>&mu;</code> of the elliptic curve.
+     * @param lambda The element <code>&lambda;</code> of
+     * <code><b>Z</b>[&tau;]</code>.
+     * @return The <code>&tau;</code>-adic NAF of <code>&lambda;</code>.
+     */
+    public static byte[] tauAdicNaf(byte mu, ZTauElement lambda)
+    {
+        if (!((mu == 1) || (mu == -1)))
+        {
+            throw new IllegalArgumentException("mu must be 1 or -1");
+        }
+        
+        BigInteger norm = norm(mu, lambda);
+
+        // Ceiling of log2 of the norm 
+        int log2Norm = norm.bitLength();
+
+        // If length(TNAF) > 30, then length(TNAF) < log2Norm + 3.52
+        int maxLength = log2Norm > 30 ? log2Norm + 4 : 34;
+
+        // The array holding the TNAF
+        byte[] u = new byte[maxLength];
+        int i = 0;
+
+        // The actual length of the TNAF
+        int length = 0;
+
+        BigInteger r0 = lambda.u;
+        BigInteger r1 = lambda.v;
+
+        while(!((r0.equals(ECConstants.ZERO)) && (r1.equals(ECConstants.ZERO))))
+        {
+            // If r0 is odd
+            if (r0.testBit(0))
+            {
+                u[i] = (byte) ECConstants.TWO.subtract((r0.subtract(r1.shiftLeft(1))).mod(ECConstants.FOUR)).intValue();
+
+                // r0 = r0 - u[i]
+                if (u[i] == 1)
+                {
+                    r0 = r0.clearBit(0);
+                }
+                else
+                {
+                    // u[i] == -1
+                    r0 = r0.add(ECConstants.ONE);
+                }
+                length = i;
+            }
+            else
+            {
+                u[i] = 0;
+            }
+
+            BigInteger t = r0;
+            BigInteger s = r0.shiftRight(1);
+            if (mu == 1)
+            {
+                r0 = r1.add(s);
+            }
+            else
+            {
+                // mu == -1
+                r0 = r1.subtract(s);
+            }
+
+            r1 = t.shiftRight(1).negate();
+            i++;
+        }
+
+        length++;
+
+        // Reduce the TNAF array to its actual length
+        byte[] tnaf = new byte[length];
+        System.arraycopy(u, 0, tnaf, 0, length);
+        return tnaf;
+    }
+
+    /**
+     * Applies the operation <code>&tau;()</code> to an
+     * <code>ECPoint.AbstractF2m</code>. 
+     * @param p The ECPoint.AbstractF2m to which <code>&tau;()</code> is applied.
+     * @return <code>&tau;(p)</code>
+     */
+    public static ECPoint.AbstractF2m tau(ECPoint.AbstractF2m p)
+    {
+        return p.tau();
+    }
+
+    /**
+     * Returns the parameter <code>&mu;</code> of the elliptic curve.
+     * @param curve The elliptic curve from which to obtain <code>&mu;</code>.
+     * The curve must be a Koblitz curve, i.e. <code>a</code> equals
+     * <code>0</code> or <code>1</code> and <code>b</code> equals
+     * <code>1</code>. 
+     * @return <code>&mu;</code> of the elliptic curve.
+     * @throws IllegalArgumentException if the given ECCurve is not a Koblitz
+     * curve.
+     */
+    public static byte getMu(ECCurve.AbstractF2m curve)
+    {
+        if (!curve.isKoblitz())
+        {
+            throw new IllegalArgumentException("No Koblitz curve (ABC), TNAF multiplication not possible");
+        }
+
+        if (curve.getA().isZero())
+        {
+            return -1;
+        }
+
+        return 1;
+    }
+
+    public static byte getMu(ECFieldElement curveA)
+    {
+        return (byte)(curveA.isZero() ? -1 : 1);
+    }
+
+    public static byte getMu(int curveA)
+    {
+        return (byte)(curveA == 0 ? -1 : 1);
+    }
+
+    /**
+     * Calculates the Lucas Sequence elements <code>U<sub>k-1</sub></code> and
+     * <code>U<sub>k</sub></code> or <code>V<sub>k-1</sub></code> and
+     * <code>V<sub>k</sub></code>.
+     * @param mu The parameter <code>&mu;</code> of the elliptic curve.
+     * @param k The index of the second element of the Lucas Sequence to be
+     * returned.
+     * @param doV If set to true, computes <code>V<sub>k-1</sub></code> and
+     * <code>V<sub>k</sub></code>, otherwise <code>U<sub>k-1</sub></code> and
+     * <code>U<sub>k</sub></code>.
+     * @return An array with 2 elements, containing <code>U<sub>k-1</sub></code>
+     * and <code>U<sub>k</sub></code> or <code>V<sub>k-1</sub></code>
+     * and <code>V<sub>k</sub></code>.
+     */
+    public static BigInteger[] getLucas(byte mu, int k, boolean doV)
+    {
+        if (!((mu == 1) || (mu == -1)))
+        {
+            throw new IllegalArgumentException("mu must be 1 or -1");
+        }
+
+        BigInteger u0;
+        BigInteger u1;
+        BigInteger u2;
+
+        if (doV)
+        {
+            u0 = ECConstants.TWO;
+            u1 = BigInteger.valueOf(mu);
+        }
+        else
+        {
+            u0 = ECConstants.ZERO;
+            u1 = ECConstants.ONE;
+        }
+
+        for (int i = 1; i < k; i++)
+        {
+            // u2 = mu*u1 - 2*u0;
+            BigInteger s = null;
+            if (mu == 1)
+            {
+                s = u1;
+            }
+            else
+            {
+                // mu == -1
+                s = u1.negate();
+            }
+            
+            u2 = s.subtract(u0.shiftLeft(1));
+            u0 = u1;
+            u1 = u2;
+//            System.out.println(i + ": " + u2);
+//            System.out.println();
+        }
+
+        BigInteger[] retVal = {u0, u1};
+        return retVal;
+    }
+
+    /**
+     * Computes the auxiliary value <code>t<sub>w</sub></code>. If the width is
+     * 4, then for <code>mu = 1</code>, <code>t<sub>w</sub> = 6</code> and for
+     * <code>mu = -1</code>, <code>t<sub>w</sub> = 10</code> 
+     * @param mu The parameter <code>&mu;</code> of the elliptic curve.
+     * @param w The window width of the WTNAF.
+     * @return the auxiliary value <code>t<sub>w</sub></code>
+     */
+    public static BigInteger getTw(byte mu, int w)
+    {
+        if (w == 4)
+        {
+            if (mu == 1)
+            {
+                return BigInteger.valueOf(6);
+            }
+            else
+            {
+                // mu == -1
+                return BigInteger.valueOf(10);
+            }
+        }
+        else
+        {
+            // For w <> 4, the values must be computed
+            BigInteger[] us = getLucas(mu, w, false);
+            BigInteger twoToW = ECConstants.ZERO.setBit(w);
+            BigInteger u1invert = us[1].modInverse(twoToW);
+            BigInteger tw;
+            tw = ECConstants.TWO.multiply(us[0]).multiply(u1invert).mod(twoToW);
+//            System.out.println("mu = " + mu);
+//            System.out.println("tw = " + tw);
+            return tw;
+        }
+    }
+
+    /**
+     * Computes the auxiliary values <code>s<sub>0</sub></code> and
+     * <code>s<sub>1</sub></code> used for partial modular reduction. 
+     * @param curve The elliptic curve for which to compute
+     * <code>s<sub>0</sub></code> and <code>s<sub>1</sub></code>.
+     * @throws IllegalArgumentException if <code>curve</code> is not a
+     * Koblitz curve (Anomalous Binary Curve, ABC).
+     */
+    public static BigInteger[] getSi(ECCurve.AbstractF2m curve)
+    {
+        if (!curve.isKoblitz())
+        {
+            throw new IllegalArgumentException("si is defined for Koblitz curves only");
+        }
+
+        int m = curve.getFieldSize();
+        int a = curve.getA().toBigInteger().intValue();
+        byte mu = getMu(a);
+        int shifts = getShiftsForCofactor(curve.getCofactor());
+        int index = m + 3 - a;
+        BigInteger[] ui = getLucas(mu, index, false);
+        if (mu == 1)
+        {
+            ui[0] = ui[0].negate();
+            ui[1] = ui[1].negate();
+        }
+
+        BigInteger dividend0 = ECConstants.ONE.add(ui[1]).shiftRight(shifts);
+        BigInteger dividend1 = ECConstants.ONE.add(ui[0]).shiftRight(shifts).negate();
+
+        return new BigInteger[] { dividend0, dividend1 };
+    }
+
+    public static BigInteger[] getSi(int fieldSize, int curveA, BigInteger cofactor)
+    {
+        byte mu = getMu(curveA);
+        int shifts = getShiftsForCofactor(cofactor);
+        int index = fieldSize + 3 - curveA;
+        BigInteger[] ui = getLucas(mu, index, false);
+        if (mu == 1)
+        {
+            ui[0] = ui[0].negate();
+            ui[1] = ui[1].negate();
+        }
+
+        BigInteger dividend0 = ECConstants.ONE.add(ui[1]).shiftRight(shifts);
+        BigInteger dividend1 = ECConstants.ONE.add(ui[0]).shiftRight(shifts).negate();
+
+        return new BigInteger[] { dividend0, dividend1 };
+    }
+
+    protected static int getShiftsForCofactor(BigInteger h)
+    {
+        if (h != null)
+        {
+            if (h.equals(ECConstants.TWO))
+            {
+                return 1;
+            }
+            if (h.equals(ECConstants.FOUR))
+            {
+                return 2;
+            }
+        }
+
+        throw new IllegalArgumentException("h (Cofactor) must be 2 or 4");
+    }
+
+    /**
+     * Partial modular reduction modulo
+     * <code>(&tau;<sup>m</sup> - 1)/(&tau; - 1)</code>.
+     * @param k The integer to be reduced.
+     * @param m The bitlength of the underlying finite field.
+     * @param a The parameter <code>a</code> of the elliptic curve.
+     * @param s The auxiliary values <code>s<sub>0</sub></code> and
+     * <code>s<sub>1</sub></code>.
+     * @param mu The parameter &mu; of the elliptic curve.
+     * @param c The precision (number of bits of accuracy) of the partial
+     * modular reduction.
+     * @return <code>&rho; := k partmod (&tau;<sup>m</sup> - 1)/(&tau; - 1)</code>
+     */
+    public static ZTauElement partModReduction(BigInteger k, int m, byte a,
+            BigInteger[] s, byte mu, byte c)
+    {
+        // d0 = s[0] + mu*s[1]; mu is either 1 or -1
+        BigInteger d0;
+        if (mu == 1)
+        {
+            d0 = s[0].add(s[1]);
+        }
+        else
+        {
+            d0 = s[0].subtract(s[1]);
+        }
+
+        BigInteger[] v = getLucas(mu, m, true);
+        BigInteger vm = v[1];
+
+        SimpleBigDecimal lambda0 = approximateDivisionByN(
+                k, s[0], vm, a, m, c);
+        
+        SimpleBigDecimal lambda1 = approximateDivisionByN(
+                k, s[1], vm, a, m, c);
+
+        ZTauElement q = round(lambda0, lambda1, mu);
+
+        // r0 = n - d0*q0 - 2*s1*q1
+        BigInteger r0 = k.subtract(d0.multiply(q.u)).subtract(
+                BigInteger.valueOf(2).multiply(s[1]).multiply(q.v));
+
+        // r1 = s1*q0 - s0*q1
+        BigInteger r1 = s[1].multiply(q.u).subtract(s[0].multiply(q.v));
+        
+        return new ZTauElement(r0, r1);
+    }
+
+    /**
+     * Multiplies a {@link com.android.org.bouncycastle.math.ec.ECPoint.AbstractF2m ECPoint.AbstractF2m}
+     * by a <code>BigInteger</code> using the reduced <code>&tau;</code>-adic
+     * NAF (RTNAF) method.
+     * @param p The ECPoint.AbstractF2m to multiply.
+     * @param k The <code>BigInteger</code> by which to multiply <code>p</code>.
+     * @return <code>k * p</code>
+     */
+    public static ECPoint.AbstractF2m multiplyRTnaf(ECPoint.AbstractF2m p, BigInteger k)
+    {
+        ECCurve.AbstractF2m curve = (ECCurve.AbstractF2m) p.getCurve();
+        int m = curve.getFieldSize();
+        int a = curve.getA().toBigInteger().intValue();
+        byte mu = getMu(a);
+        BigInteger[] s = curve.getSi();
+        ZTauElement rho = partModReduction(k, m, (byte)a, s, mu, (byte)10);
+
+        return multiplyTnaf(p, rho);
+    }
+
+    /**
+     * Multiplies a {@link com.android.org.bouncycastle.math.ec.ECPoint.AbstractF2m ECPoint.AbstractF2m}
+     * by an element <code>&lambda;</code> of <code><b>Z</b>[&tau;]</code>
+     * using the <code>&tau;</code>-adic NAF (TNAF) method.
+     * @param p The ECPoint.AbstractF2m to multiply.
+     * @param lambda The element <code>&lambda;</code> of
+     * <code><b>Z</b>[&tau;]</code>.
+     * @return <code>&lambda; * p</code>
+     */
+    public static ECPoint.AbstractF2m multiplyTnaf(ECPoint.AbstractF2m p, ZTauElement lambda)
+    {
+        ECCurve.AbstractF2m curve = (ECCurve.AbstractF2m)p.getCurve();
+        byte mu = getMu(curve.getA());
+        byte[] u = tauAdicNaf(mu, lambda);
+
+        ECPoint.AbstractF2m q = multiplyFromTnaf(p, u);
+
+        return q;
+    }
+
+    /**
+    * Multiplies a {@link com.android.org.bouncycastle.math.ec.ECPoint.AbstractF2m ECPoint.AbstractF2m}
+    * by an element <code>&lambda;</code> of <code><b>Z</b>[&tau;]</code>
+    * using the <code>&tau;</code>-adic NAF (TNAF) method, given the TNAF
+    * of <code>&lambda;</code>.
+    * @param p The ECPoint.AbstractF2m to multiply.
+    * @param u The the TNAF of <code>&lambda;</code>..
+    * @return <code>&lambda; * p</code>
+    */
+    public static ECPoint.AbstractF2m multiplyFromTnaf(ECPoint.AbstractF2m p, byte[] u)
+    {
+        ECCurve curve = p.getCurve();
+        ECPoint.AbstractF2m q = (ECPoint.AbstractF2m)curve.getInfinity();
+        ECPoint.AbstractF2m pNeg = (ECPoint.AbstractF2m)p.negate();
+        int tauCount = 0;
+        for (int i = u.length - 1; i >= 0; i--)
+        {
+            ++tauCount;
+            byte ui = u[i];
+            if (ui != 0)
+            {
+                q = q.tauPow(tauCount);
+                tauCount = 0;
+
+                ECPoint x = ui > 0 ? p : pNeg;
+                q = (ECPoint.AbstractF2m)q.add(x);
+            }
+        }
+        if (tauCount > 0)
+        {
+            q = q.tauPow(tauCount);
+        }
+        return q;
+    }
+
+    /**
+     * Computes the <code>[&tau;]</code>-adic window NAF of an element
+     * <code>&lambda;</code> of <code><b>Z</b>[&tau;]</code>.
+     * @param mu The parameter &mu; of the elliptic curve.
+     * @param lambda The element <code>&lambda;</code> of
+     * <code><b>Z</b>[&tau;]</code> of which to compute the
+     * <code>[&tau;]</code>-adic NAF.
+     * @param width The window width of the resulting WNAF.
+     * @param pow2w 2<sup>width</sup>.
+     * @param tw The auxiliary value <code>t<sub>w</sub></code>.
+     * @param alpha The <code>&alpha;<sub>u</sub></code>'s for the window width.
+     * @return The <code>[&tau;]</code>-adic window NAF of
+     * <code>&lambda;</code>.
+     */
+    public static byte[] tauAdicWNaf(byte mu, ZTauElement lambda,
+            byte width, BigInteger pow2w, BigInteger tw, ZTauElement[] alpha)
+    {
+        if (!((mu == 1) || (mu == -1)))
+        {
+            throw new IllegalArgumentException("mu must be 1 or -1");
+        }
+
+        BigInteger norm = norm(mu, lambda);
+
+        // Ceiling of log2 of the norm 
+        int log2Norm = norm.bitLength();
+
+        // If length(TNAF) > 30, then length(TNAF) < log2Norm + 3.52
+        int maxLength = log2Norm > 30 ? log2Norm + 4 + width : 34 + width;
+
+        // The array holding the TNAF
+        byte[] u = new byte[maxLength];
+
+        // 2^(width - 1)
+        BigInteger pow2wMin1 = pow2w.shiftRight(1);
+
+        // Split lambda into two BigIntegers to simplify calculations
+        BigInteger r0 = lambda.u;
+        BigInteger r1 = lambda.v;
+        int i = 0;
+
+        // while lambda <> (0, 0)
+        while (!((r0.equals(ECConstants.ZERO))&&(r1.equals(ECConstants.ZERO))))
+        {
+            // if r0 is odd
+            if (r0.testBit(0))
+            {
+                // uUnMod = r0 + r1*tw mod 2^width
+                BigInteger uUnMod
+                    = r0.add(r1.multiply(tw)).mod(pow2w);
+                
+                byte uLocal;
+                // if uUnMod >= 2^(width - 1)
+                if (uUnMod.compareTo(pow2wMin1) >= 0)
+                {
+                    uLocal = (byte) uUnMod.subtract(pow2w).intValue();
+                }
+                else
+                {
+                    uLocal = (byte) uUnMod.intValue();
+                }
+                // uLocal is now in [-2^(width-1), 2^(width-1)-1]
+
+                u[i] = uLocal;
+                boolean s = true;
+                if (uLocal < 0)
+                {
+                    s = false;
+                    uLocal = (byte)-uLocal;
+                }
+                // uLocal is now >= 0
+
+                if (s)
+                {
+                    r0 = r0.subtract(alpha[uLocal].u);
+                    r1 = r1.subtract(alpha[uLocal].v);
+                }
+                else
+                {
+                    r0 = r0.add(alpha[uLocal].u);
+                    r1 = r1.add(alpha[uLocal].v);
+                }
+            }
+            else
+            {
+                u[i] = 0;
+            }
+
+            BigInteger t = r0;
+
+            if (mu == 1)
+            {
+                r0 = r1.add(r0.shiftRight(1));
+            }
+            else
+            {
+                // mu == -1
+                r0 = r1.subtract(r0.shiftRight(1));
+            }
+            r1 = t.shiftRight(1).negate();
+            i++;
+        }
+        return u;
+    }
+
+    /**
+     * Does the precomputation for WTNAF multiplication.
+     * @param p The <code>ECPoint</code> for which to do the precomputation.
+     * @param a The parameter <code>a</code> of the elliptic curve.
+     * @return The precomputation array for <code>p</code>. 
+     */
+    public static ECPoint.AbstractF2m[] getPreComp(ECPoint.AbstractF2m p, byte a)
+    {
+        byte[][] alphaTnaf = (a == 0) ? Tnaf.alpha0Tnaf : Tnaf.alpha1Tnaf;
+
+        ECPoint.AbstractF2m[] pu = new ECPoint.AbstractF2m[(alphaTnaf.length + 1) >>> 1];
+        pu[0] = p;
+
+        int precompLen = alphaTnaf.length;
+        for (int i = 3; i < precompLen; i += 2)
+        {
+            pu[i >>> 1] = Tnaf.multiplyFromTnaf(p, alphaTnaf[i]);
+        }
+
+        p.getCurve().normalizeAll(pu);
+
+        return pu;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ValidityPrecompInfo.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ValidityPrecompInfo.java
new file mode 100644
index 0000000..e5dc373
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ValidityPrecompInfo.java

@@ -0,0 +1,41 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec;
+
+class ValidityPrecompInfo implements PreCompInfo
+{
+    static final String PRECOMP_NAME = "bc_validity";
+
+    private boolean failed = false;
+    private boolean curveEquationPassed = false;
+    private boolean orderPassed = false;
+
+    boolean hasFailed()
+    {
+        return failed;
+    }
+
+    void reportFailed()
+    {
+        failed = true;
+    }
+
+    boolean hasCurveEquationPassed()
+    {
+        return curveEquationPassed;
+    }
+
+    void reportCurveEquationPassed()
+    {
+        curveEquationPassed = true;
+    }
+
+    boolean hasOrderPassed()
+    {
+        return orderPassed;
+    }
+
+    void reportOrderPassed()
+    {
+        orderPassed = true;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/WNafL2RMultiplier.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/WNafL2RMultiplier.java
new file mode 100644
index 0000000..f6b67d1
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/WNafL2RMultiplier.java

@@ -0,0 +1,98 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec;
+
+import java.math.BigInteger;
+
+/**
+ * Class implementing the WNAF (Window Non-Adjacent Form) multiplication
+ * algorithm.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class WNafL2RMultiplier extends AbstractECMultiplier
+{
+    /**
+     * Multiplies <code>this</code> by an integer <code>k</code> using the
+     * Window NAF method.
+     * @param k The integer by which <code>this</code> is multiplied.
+     * @return A new <code>ECPoint</code> which equals <code>this</code>
+     * multiplied by <code>k</code>.
+     */
+    protected ECPoint multiplyPositive(ECPoint p, BigInteger k)
+    {
+        // Clamp the window width in the range [2, 16]
+        int width = Math.max(2, Math.min(16, getWindowSize(k.bitLength())));
+
+        WNafPreCompInfo wnafPreCompInfo = WNafUtil.precompute(p, width, true);
+        ECPoint[] preComp = wnafPreCompInfo.getPreComp();
+        ECPoint[] preCompNeg = wnafPreCompInfo.getPreCompNeg();
+
+        int[] wnaf = WNafUtil.generateCompactWindowNaf(width, k);
+
+        ECPoint R = p.getCurve().getInfinity();
+
+        int i = wnaf.length;
+
+        /*
+         * NOTE: We try to optimize the first window using the precomputed points to substitute an
+         * addition for 2 or more doublings.
+         */
+        if (i > 1)
+        {
+            int wi = wnaf[--i];
+            int digit = wi >> 16, zeroes = wi & 0xFFFF;
+
+            int n = Math.abs(digit);
+            ECPoint[] table = digit < 0 ? preCompNeg : preComp;
+
+            // Optimization can only be used for values in the lower half of the table
+            if ((n << 2) < (1 << width))
+            {
+                int highest = LongArray.bitLengths[n];
+
+                // TODO Get addition/doubling cost ratio from curve and compare to 'scale' to see if worth substituting?
+                int scale = width - highest;
+                int lowBits =  n ^ (1 << (highest - 1));
+
+                int i1 = ((1 << (width - 1)) - 1);
+                int i2 = (lowBits << scale) + 1;
+                R = table[i1 >>> 1].add(table[i2 >>> 1]);
+
+                zeroes -= scale;
+
+//              System.out.println("Optimized: 2^" + scale + " * " + n + " = " + i1 + " + " + i2);
+            }
+            else
+            {
+                R = table[n >>> 1];
+            }
+
+            R = R.timesPow2(zeroes);
+        }
+
+        while (i > 0)
+        {
+            int wi = wnaf[--i];
+            int digit = wi >> 16, zeroes = wi & 0xFFFF;
+
+            int n = Math.abs(digit);
+            ECPoint[] table = digit < 0 ? preCompNeg : preComp;
+            ECPoint r = table[n >>> 1];
+
+            R = R.twicePlus(r);
+            R = R.timesPow2(zeroes);
+        }
+
+        return R;
+    }
+
+    /**
+     * Determine window width to use for a scalar multiplication of the given size.
+     * 
+     * @param bits the bit-length of the scalar to multiply by
+     * @return the window size to use
+     */
+    protected int getWindowSize(int bits)
+    {
+        return WNafUtil.getWindowSize(bits);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/WNafPreCompInfo.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/WNafPreCompInfo.java
new file mode 100644
index 0000000..0895379
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/WNafPreCompInfo.java

@@ -0,0 +1,58 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec;
+
+/**
+ * Class holding precomputation data for the WNAF (Window Non-Adjacent Form)
+ * algorithm.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class WNafPreCompInfo implements PreCompInfo
+{
+    /**
+     * Array holding the precomputed <code>ECPoint</code>s used for a Window
+     * NAF multiplication.
+     */
+    protected ECPoint[] preComp = null;
+
+    /**
+     * Array holding the negations of the precomputed <code>ECPoint</code>s used
+     * for a Window NAF multiplication.
+     */
+    protected ECPoint[] preCompNeg = null;
+
+    /**
+     * Holds an <code>ECPoint</code> representing twice(this). Used for the
+     * Window NAF multiplication to create or extend the precomputed values.
+     */
+    protected ECPoint twice = null;
+
+    public ECPoint[] getPreComp()
+    {
+        return preComp;
+    }
+
+    public void setPreComp(ECPoint[] preComp)
+    {
+        this.preComp = preComp;
+    }
+
+    public ECPoint[] getPreCompNeg()
+    {
+        return preCompNeg;
+    }
+
+    public void setPreCompNeg(ECPoint[] preCompNeg)
+    {
+        this.preCompNeg = preCompNeg;
+    }
+
+    public ECPoint getTwice()
+    {
+        return twice;
+    }
+
+    public void setTwice(ECPoint twice)
+    {
+        this.twice = twice;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/WNafUtil.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/WNafUtil.java
new file mode 100644
index 0000000..018d149
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/WNafUtil.java

@@ -0,0 +1,575 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec;
+
+import java.math.BigInteger;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class WNafUtil
+{
+    public static final String PRECOMP_NAME = "bc_wnaf";
+
+    private static final int[] DEFAULT_WINDOW_SIZE_CUTOFFS = new int[]{ 13, 41, 121, 337, 897, 2305 };
+
+    private static final byte[] EMPTY_BYTES = new byte[0];
+    private static final int[] EMPTY_INTS = new int[0];
+    private static final ECPoint[] EMPTY_POINTS = new ECPoint[0];
+
+    public static int[] generateCompactNaf(BigInteger k)
+    {
+        if ((k.bitLength() >>> 16) != 0)
+        {
+            throw new IllegalArgumentException("'k' must have bitlength < 2^16");
+        }
+        if (k.signum() == 0)
+        {
+            return EMPTY_INTS;
+        }
+
+        BigInteger _3k = k.shiftLeft(1).add(k);
+
+        int bits = _3k.bitLength();
+        int[] naf = new int[bits >> 1];
+
+        BigInteger diff = _3k.xor(k);
+
+        int highBit = bits - 1, length = 0, zeroes = 0;
+        for (int i = 1; i < highBit; ++i)
+        {
+            if (!diff.testBit(i))
+            {
+                ++zeroes;
+                continue;
+            }
+
+            int digit  = k.testBit(i) ? -1 : 1;
+            naf[length++] = (digit << 16) | zeroes;
+            zeroes = 1;
+            ++i;
+        }
+
+        naf[length++] = (1 << 16) | zeroes;
+
+        if (naf.length > length)
+        {
+            naf = trim(naf, length);
+        }
+
+        return naf;
+    }
+
+    public static int[] generateCompactWindowNaf(int width, BigInteger k)
+    {
+        if (width == 2)
+        {
+            return generateCompactNaf(k);
+        }
+
+        if (width < 2 || width > 16)
+        {
+            throw new IllegalArgumentException("'width' must be in the range [2, 16]");
+        }
+        if ((k.bitLength() >>> 16) != 0)
+        {
+            throw new IllegalArgumentException("'k' must have bitlength < 2^16");
+        }
+        if (k.signum() == 0)
+        {
+            return EMPTY_INTS;
+        }
+
+        int[] wnaf = new int[k.bitLength() / width + 1];
+
+        // 2^width and a mask and sign bit set accordingly
+        int pow2 = 1 << width;
+        int mask = pow2 - 1;
+        int sign = pow2 >>> 1;
+
+        boolean carry = false;
+        int length = 0, pos = 0;
+
+        while (pos <= k.bitLength())
+        {
+            if (k.testBit(pos) == carry)
+            {
+                ++pos;
+                continue;
+            }
+
+            k = k.shiftRight(pos);
+
+            int digit = k.intValue() & mask;
+            if (carry)
+            {
+                ++digit;
+            }
+
+            carry = (digit & sign) != 0;
+            if (carry)
+            {
+                digit -= pow2;
+            }
+
+            int zeroes = length > 0 ? pos - 1 : pos;
+            wnaf[length++] = (digit << 16) | zeroes;
+            pos = width;
+        }
+
+        // Reduce the WNAF array to its actual length
+        if (wnaf.length > length)
+        {
+            wnaf = trim(wnaf, length);
+        }
+
+        return wnaf;
+    }
+
+    public static byte[] generateJSF(BigInteger g, BigInteger h)
+    {
+        int digits = Math.max(g.bitLength(), h.bitLength()) + 1;
+        byte[] jsf = new byte[digits];
+
+        BigInteger k0 = g, k1 = h;
+        int j = 0, d0 = 0, d1 = 0;
+
+        int offset = 0;
+        while ((d0 | d1) != 0 || k0.bitLength() > offset || k1.bitLength() > offset)
+        {
+            int n0 = ((k0.intValue() >>> offset) + d0) & 7, n1 = ((k1.intValue() >>> offset) + d1) & 7;
+
+            int u0 = n0 & 1;
+            if (u0 != 0)
+            {
+                u0 -= (n0 & 2);
+                if ((n0 + u0) == 4 && (n1 & 3) == 2)
+                {
+                    u0 = -u0;
+                }
+            }
+
+            int u1 = n1 & 1;
+            if (u1 != 0)
+            {
+                u1 -= (n1 & 2);
+                if ((n1 + u1) == 4 && (n0 & 3) == 2)
+                {
+                    u1 = -u1;
+                }
+            }
+
+            if ((d0 << 1) == 1 + u0)
+            {
+                d0 ^= 1;
+            }
+            if ((d1 << 1) == 1 + u1)
+            {
+                d1 ^= 1;
+            }
+
+            if (++offset == 30)
+            {
+                offset = 0;
+                k0 = k0.shiftRight(30);
+                k1 = k1.shiftRight(30);
+            }
+
+            jsf[j++] = (byte)((u0 << 4) | (u1 & 0xF));
+        }
+
+        // Reduce the JSF array to its actual length
+        if (jsf.length > j)
+        {
+            jsf = trim(jsf, j);
+        }
+
+        return jsf;
+    }
+
+    public static byte[] generateNaf(BigInteger k)
+    {
+        if (k.signum() == 0)
+        {
+            return EMPTY_BYTES;
+        }
+
+        BigInteger _3k = k.shiftLeft(1).add(k);
+
+        int digits = _3k.bitLength() - 1;
+        byte[] naf = new byte[digits];
+
+        BigInteger diff = _3k.xor(k);
+
+        for (int i = 1; i < digits; ++i)
+        {
+            if (diff.testBit(i))
+            {
+                naf[i - 1] = (byte)(k.testBit(i) ? -1 : 1);
+                ++i;
+            }
+        }
+
+        naf[digits - 1] = 1;
+
+        return naf;
+    }
+
+    /**
+     * Computes the Window NAF (non-adjacent Form) of an integer.
+     * @param width The width <code>w</code> of the Window NAF. The width is
+     * defined as the minimal number <code>w</code>, such that for any
+     * <code>w</code> consecutive digits in the resulting representation, at
+     * most one is non-zero.
+     * @param k The integer of which the Window NAF is computed.
+     * @return The Window NAF of the given width, such that the following holds:
+     * <code>k = &sum;<sub>i=0</sub><sup>l-1</sup> k<sub>i</sub>2<sup>i</sup>
+     * </code>, where the <code>k<sub>i</sub></code> denote the elements of the
+     * returned <code>byte[]</code>.
+     */
+    public static byte[] generateWindowNaf(int width, BigInteger k)
+    {
+        if (width == 2)
+        {
+            return generateNaf(k);
+        }
+
+        if (width < 2 || width > 8)
+        {
+            throw new IllegalArgumentException("'width' must be in the range [2, 8]");
+        }
+        if (k.signum() == 0)
+        {
+            return EMPTY_BYTES;
+        }
+
+        byte[] wnaf = new byte[k.bitLength() + 1];
+
+        // 2^width and a mask and sign bit set accordingly
+        int pow2 = 1 << width;
+        int mask = pow2 - 1;
+        int sign = pow2 >>> 1;
+
+        boolean carry = false;
+        int length = 0, pos = 0;
+
+        while (pos <= k.bitLength())
+        {
+            if (k.testBit(pos) == carry)
+            {
+                ++pos;
+                continue;
+            }
+
+            k = k.shiftRight(pos);
+
+            int digit = k.intValue() & mask;
+            if (carry)
+            {
+                ++digit;
+            }
+
+            carry = (digit & sign) != 0;
+            if (carry)
+            {
+                digit -= pow2;
+            }
+
+            length += (length > 0) ? pos - 1 : pos;
+            wnaf[length++] = (byte)digit;
+            pos = width;
+        }
+
+        // Reduce the WNAF array to its actual length
+        if (wnaf.length > length)
+        {
+            wnaf = trim(wnaf, length);
+        }
+        
+        return wnaf;
+    }
+
+    public static int getNafWeight(BigInteger k)
+    {
+        if (k.signum() == 0)
+        {
+            return 0;
+        }
+
+        BigInteger _3k = k.shiftLeft(1).add(k);
+        BigInteger diff = _3k.xor(k);
+
+        return diff.bitCount();
+    }
+
+    public static WNafPreCompInfo getWNafPreCompInfo(ECPoint p)
+    {
+        return getWNafPreCompInfo(p.getCurve().getPreCompInfo(p, PRECOMP_NAME));
+    }
+
+    public static WNafPreCompInfo getWNafPreCompInfo(PreCompInfo preCompInfo)
+    {
+        return (preCompInfo instanceof WNafPreCompInfo) ? (WNafPreCompInfo)preCompInfo : null;
+    }
+
+    /**
+     * Determine window width to use for a scalar multiplication of the given size.
+     * 
+     * @param bits the bit-length of the scalar to multiply by
+     * @return the window size to use
+     */
+    public static int getWindowSize(int bits)
+    {
+        return getWindowSize(bits, DEFAULT_WINDOW_SIZE_CUTOFFS);
+    }
+
+    /**
+     * Determine window width to use for a scalar multiplication of the given size.
+     * 
+     * @param bits the bit-length of the scalar to multiply by
+     * @param windowSizeCutoffs a monotonically increasing list of bit sizes at which to increment the window width
+     * @return the window size to use
+     */
+    public static int getWindowSize(int bits, int[] windowSizeCutoffs)
+    {
+        int w = 0;
+        for (; w < windowSizeCutoffs.length; ++w)
+        {
+            if (bits < windowSizeCutoffs[w])
+            {
+                break;
+            }
+        }
+        return w + 2;
+    }
+
+    public static ECPoint mapPointWithPrecomp(ECPoint p, final int width, final boolean includeNegated,
+        final ECPointMap pointMap)
+    {
+        final ECCurve c = p.getCurve();
+        final WNafPreCompInfo wnafPreCompP = precompute(p, width, includeNegated);
+
+        ECPoint q = pointMap.map(p);
+        c.precompute(q, PRECOMP_NAME, new PreCompCallback()
+        {
+            public PreCompInfo precompute(PreCompInfo existing)
+            {
+                WNafPreCompInfo result = new WNafPreCompInfo();
+
+                ECPoint twiceP = wnafPreCompP.getTwice();
+                if (twiceP != null)
+                {
+                    ECPoint twiceQ = pointMap.map(twiceP);
+                    result.setTwice(twiceQ);
+                }
+
+                ECPoint[] preCompP = wnafPreCompP.getPreComp();
+                ECPoint[] preCompQ = new ECPoint[preCompP.length];
+                for (int i = 0; i < preCompP.length; ++i)
+                {
+                    preCompQ[i] = pointMap.map(preCompP[i]);
+                }
+                result.setPreComp(preCompQ);
+
+                if (includeNegated)
+                {
+                    ECPoint[] preCompNegQ = new ECPoint[preCompQ.length];
+                    for (int i = 0; i < preCompNegQ.length; ++i)
+                    {
+                        preCompNegQ[i] = preCompQ[i].negate();
+                    }
+                    result.setPreCompNeg(preCompNegQ);
+                }
+
+                return result;
+            }
+        });
+
+        return q;
+    }
+
+    public static WNafPreCompInfo precompute(final ECPoint p, final int width, final boolean includeNegated)
+    {
+        final ECCurve c = p.getCurve();
+
+        return (WNafPreCompInfo)c.precompute(p, PRECOMP_NAME, new PreCompCallback()
+        {
+            public PreCompInfo precompute(PreCompInfo existing)
+            {
+                WNafPreCompInfo existingWNaf = (existing instanceof WNafPreCompInfo) ? (WNafPreCompInfo)existing : null;
+
+                int reqPreCompLen = 1 << Math.max(0, width - 2);
+
+                if (checkExisting(existingWNaf, reqPreCompLen, includeNegated))
+                {
+                    return existingWNaf;
+                }
+
+                ECPoint[] preComp = null, preCompNeg = null;
+                ECPoint twiceP = null;
+
+                if (existingWNaf != null)
+                {
+                    preComp = existingWNaf.getPreComp();
+                    preCompNeg = existingWNaf.getPreCompNeg();
+                    twiceP = existingWNaf.getTwice();
+                }
+
+                int iniPreCompLen = 0;
+                if (preComp == null)
+                {
+                    preComp = EMPTY_POINTS;
+                }
+                else
+                {
+                    iniPreCompLen = preComp.length;
+                }
+
+                if (iniPreCompLen < reqPreCompLen)
+                {
+                    preComp = resizeTable(preComp, reqPreCompLen);
+
+                    if (reqPreCompLen == 1)
+                    {
+                        preComp[0] = p.normalize();
+                    }
+                    else
+                    {
+                        int curPreCompLen = iniPreCompLen;
+                        if (curPreCompLen == 0)
+                        {
+                            preComp[0] = p;
+                            curPreCompLen = 1;
+                        }
+
+                        ECFieldElement iso = null;
+
+                        if (reqPreCompLen == 2)
+                        {
+                            preComp[1] = p.threeTimes();
+                        }
+                        else
+                        {
+                            ECPoint isoTwiceP = twiceP, last = preComp[curPreCompLen - 1];
+                            if (isoTwiceP == null)
+                            {
+                                isoTwiceP = preComp[0].twice();
+                                twiceP = isoTwiceP;
+
+                                /*
+                                 * For Fp curves with Jacobian projective coordinates, use a (quasi-)isomorphism
+                                 * where 'twiceP' is "affine", so that the subsequent additions are cheaper. This
+                                 * also requires scaling the initial point's X, Y coordinates, and reversing the
+                                 * isomorphism as part of the subsequent normalization.
+                                 * 
+                                 *  NOTE: The correctness of this optimization depends on:
+                                 *      1) additions do not use the curve's A, B coefficients.
+                                 *      2) no special cases (i.e. Q +/- Q) when calculating 1P, 3P, 5P, ...
+                                 */
+                                if (!twiceP.isInfinity() && ECAlgorithms.isFpCurve(c) && c.getFieldSize() >= 64)
+                                {
+                                    switch (c.getCoordinateSystem())
+                                    {
+                                    case ECCurve.COORD_JACOBIAN:
+                                    case ECCurve.COORD_JACOBIAN_CHUDNOVSKY:
+                                    case ECCurve.COORD_JACOBIAN_MODIFIED:
+                                    {
+                                        iso = twiceP.getZCoord(0);
+                                        isoTwiceP = c.createPoint(twiceP.getXCoord().toBigInteger(), twiceP.getYCoord()
+                                            .toBigInteger());
+
+                                        ECFieldElement iso2 = iso.square(), iso3 = iso2.multiply(iso);
+                                        last = last.scaleX(iso2).scaleY(iso3);
+
+                                        if (iniPreCompLen == 0)
+                                        {
+                                            preComp[0] = last;
+                                        }
+                                        break;
+                                    }
+                                    }
+                                }
+                            }
+
+                            while (curPreCompLen < reqPreCompLen)
+                            {
+                                /*
+                                 * Compute the new ECPoints for the precomputation array. The values 1, 3,
+                                 * 5, ..., 2^(width-1)-1 times p are computed
+                                 */
+                                preComp[curPreCompLen++] = last = last.add(isoTwiceP);
+                            }
+                        }
+
+                        /*
+                         * Having oft-used operands in affine form makes operations faster.
+                         */
+                        c.normalizeAll(preComp, iniPreCompLen, reqPreCompLen - iniPreCompLen, iso);
+                    }
+                }
+
+                if (includeNegated)
+                {
+                    int pos;
+                    if (preCompNeg == null)
+                    {
+                        pos = 0;
+                        preCompNeg = new ECPoint[reqPreCompLen]; 
+                    }
+                    else
+                    {
+                        pos = preCompNeg.length;
+                        if (pos < reqPreCompLen)
+                        {
+                            preCompNeg = resizeTable(preCompNeg, reqPreCompLen);
+                        }
+                    }
+
+                    while (pos < reqPreCompLen)
+                    {
+                        preCompNeg[pos] = preComp[pos].negate();
+                        ++pos;
+                    }
+                }
+
+                WNafPreCompInfo result = new WNafPreCompInfo();
+                result.setPreComp(preComp);
+                result.setPreCompNeg(preCompNeg);
+                result.setTwice(twiceP);
+                return result;
+            }
+
+            private boolean checkExisting(WNafPreCompInfo existingWNaf, int reqPreCompLen, boolean includeNegated)
+            {
+                return existingWNaf != null
+                    && checkTable(existingWNaf.getPreComp(), reqPreCompLen)
+                    && (!includeNegated || checkTable(existingWNaf.getPreCompNeg(), reqPreCompLen));
+            }
+
+            private boolean checkTable(ECPoint[] table, int reqLen)
+            {
+                return table != null && table.length >= reqLen;
+            }
+        });
+    }
+
+    private static byte[] trim(byte[] a, int length)
+    {
+        byte[] result = new byte[length];
+        System.arraycopy(a, 0, result, 0, result.length);
+        return result;
+    }
+
+    private static int[] trim(int[] a, int length)
+    {
+        int[] result = new int[length];
+        System.arraycopy(a, 0, result, 0, result.length);
+        return result;
+    }
+
+    private static ECPoint[] resizeTable(ECPoint[] a, int length)
+    {
+        ECPoint[] result = new ECPoint[length];
+        System.arraycopy(a, 0, result, 0, a.length);
+        return result;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/WTauNafMultiplier.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/WTauNafMultiplier.java
new file mode 100644
index 0000000..8ce3931
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/WTauNafMultiplier.java

@@ -0,0 +1,128 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec;
+
+import java.math.BigInteger;
+
+/**
+ * Class implementing the WTNAF (Window
+ * <code>&tau;</code>-adic Non-Adjacent Form) algorithm.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class WTauNafMultiplier extends AbstractECMultiplier
+{
+    // TODO Create WTauNafUtil class and move various functionality into it
+    static final String PRECOMP_NAME = "bc_wtnaf";
+
+    /**
+     * Multiplies a {@link com.android.org.bouncycastle.math.ec.ECPoint.AbstractF2m ECPoint.AbstractF2m}
+     * by <code>k</code> using the reduced <code>&tau;</code>-adic NAF (RTNAF)
+     * method.
+     * @param point The ECPoint.AbstractF2m to multiply.
+     * @param k The integer by which to multiply <code>k</code>.
+     * @return <code>p</code> multiplied by <code>k</code>.
+     */
+    protected ECPoint multiplyPositive(ECPoint point, BigInteger k)
+    {
+        if (!(point instanceof ECPoint.AbstractF2m))
+        {
+            throw new IllegalArgumentException("Only ECPoint.AbstractF2m can be " +
+                    "used in WTauNafMultiplier");
+        }
+
+        ECPoint.AbstractF2m p = (ECPoint.AbstractF2m)point;
+        ECCurve.AbstractF2m curve = (ECCurve.AbstractF2m)p.getCurve();
+        int m = curve.getFieldSize();
+        byte a = curve.getA().toBigInteger().byteValue();
+        byte mu = Tnaf.getMu(a);
+        BigInteger[] s = curve.getSi();
+
+        ZTauElement rho = Tnaf.partModReduction(k, m, a, s, mu, (byte)10);
+
+        return multiplyWTnaf(p, rho, a, mu);
+    }
+
+    /**
+     * Multiplies a {@link com.android.org.bouncycastle.math.ec.ECPoint.AbstractF2m ECPoint.AbstractF2m}
+     * by an element <code>&lambda;</code> of <code><b>Z</b>[&tau;]</code> using
+     * the <code>&tau;</code>-adic NAF (TNAF) method.
+     * @param p The ECPoint.AbstractF2m to multiply.
+     * @param lambda The element <code>&lambda;</code> of
+     * <code><b>Z</b>[&tau;]</code> of which to compute the
+     * <code>[&tau;]</code>-adic NAF.
+     * @return <code>p</code> multiplied by <code>&lambda;</code>.
+     */
+    private ECPoint.AbstractF2m multiplyWTnaf(ECPoint.AbstractF2m p, ZTauElement lambda, byte a, byte mu)
+    {
+        ZTauElement[] alpha = (a == 0) ? Tnaf.alpha0 : Tnaf.alpha1;
+
+        BigInteger tw = Tnaf.getTw(mu, Tnaf.WIDTH);
+
+        byte[]u = Tnaf.tauAdicWNaf(mu, lambda, Tnaf.WIDTH,
+            BigInteger.valueOf(Tnaf.POW_2_WIDTH), tw, alpha);
+
+        return multiplyFromWTnaf(p, u);
+    }
+
+    /**
+     * Multiplies a {@link com.android.org.bouncycastle.math.ec.ECPoint.AbstractF2m ECPoint.AbstractF2m}
+     * by an element <code>&lambda;</code> of <code><b>Z</b>[&tau;]</code>
+     * using the window <code>&tau;</code>-adic NAF (TNAF) method, given the
+     * WTNAF of <code>&lambda;</code>.
+     * @param p The ECPoint.AbstractF2m to multiply.
+     * @param u The the WTNAF of <code>&lambda;</code>..
+     * @return <code>&lambda; * p</code>
+     */
+    private static ECPoint.AbstractF2m multiplyFromWTnaf(final ECPoint.AbstractF2m p, byte[] u)
+    {
+        ECCurve.AbstractF2m curve = (ECCurve.AbstractF2m)p.getCurve();
+        final byte a = curve.getA().toBigInteger().byteValue();
+
+        WTauNafPreCompInfo preCompInfo = (WTauNafPreCompInfo)curve.precompute(p, PRECOMP_NAME, new PreCompCallback()
+        {
+            public PreCompInfo precompute(PreCompInfo existing)
+            {
+                if (existing instanceof WTauNafPreCompInfo)
+                {
+                    return existing;
+                }
+
+                WTauNafPreCompInfo result = new WTauNafPreCompInfo();
+                result.setPreComp(Tnaf.getPreComp(p, a));
+                return result;
+            }
+        });
+
+        ECPoint.AbstractF2m[] pu = preCompInfo.getPreComp();
+
+        // TODO Include negations in precomp (optionally) and use from here
+        ECPoint.AbstractF2m[] puNeg = new ECPoint.AbstractF2m[pu.length];
+        for (int i = 0; i < pu.length; ++i)
+        {
+            puNeg[i] = (ECPoint.AbstractF2m)pu[i].negate();
+        }
+
+
+        // q = infinity
+        ECPoint.AbstractF2m q = (ECPoint.AbstractF2m) p.getCurve().getInfinity();
+
+        int tauCount = 0;
+        for (int i = u.length - 1; i >= 0; i--)
+        {
+            ++tauCount;
+            int ui = u[i];
+            if (ui != 0)
+            {
+                q = q.tauPow(tauCount);
+                tauCount = 0;
+
+                ECPoint x = ui > 0 ? pu[ui >>> 1] : puNeg[(-ui) >>> 1];
+                q = (ECPoint.AbstractF2m)q.add(x);
+            }
+        }
+        if (tauCount > 0)
+        {
+            q = q.tauPow(tauCount);
+        }
+        return q;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/WTauNafPreCompInfo.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/WTauNafPreCompInfo.java
new file mode 100644
index 0000000..73e3c5e
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/WTauNafPreCompInfo.java

@@ -0,0 +1,26 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec;
+
+/**
+ * Class holding precomputation data for the WTNAF (Window
+ * <code>&tau;</code>-adic Non-Adjacent Form) algorithm.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class WTauNafPreCompInfo implements PreCompInfo
+{
+    /**
+     * Array holding the precomputed <code>ECPoint.AbstractF2m</code>s used for the
+     * WTNAF multiplication.
+     */
+    protected ECPoint.AbstractF2m[] preComp = null;
+
+    public ECPoint.AbstractF2m[] getPreComp()
+    {
+        return preComp;
+    }
+
+    public void setPreComp(ECPoint.AbstractF2m[] preComp)
+    {
+        this.preComp = preComp;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ZTauElement.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ZTauElement.java
new file mode 100644
index 0000000..481dcfa
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/ZTauElement.java

@@ -0,0 +1,38 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec;
+
+import java.math.BigInteger;
+
+/**
+ * Class representing an element of <code><b>Z</b>[&tau;]</code>. Let
+ * <code>&lambda;</code> be an element of <code><b>Z</b>[&tau;]</code>. Then
+ * <code>&lambda;</code> is given as <code>&lambda; = u + v&tau;</code>. The
+ * components <code>u</code> and <code>v</code> may be used directly, there
+ * are no accessor methods.
+ * Immutable class.
+ */
+class ZTauElement
+{
+    /**
+     * The &quot;real&quot; part of <code>&lambda;</code>.
+     */
+    public final BigInteger u;
+
+    /**
+     * The &quot;<code>&tau;</code>-adic&quot; part of <code>&lambda;</code>.
+     */
+    public final BigInteger v;
+
+    /**
+     * Constructor for an element <code>&lambda;</code> of
+     * <code><b>Z</b>[&tau;]</code>.
+     * @param u The &quot;real&quot; part of <code>&lambda;</code>.
+     * @param v The &quot;<code>&tau;</code>-adic&quot; part of
+     * <code>&lambda;</code>.
+     */
+    public ZTauElement(BigInteger u, BigInteger v)
+    {
+        this.u = u;
+        this.v = v;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP192K1Curve.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP192K1Curve.java
new file mode 100644
index 0000000..daffd90
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP192K1Curve.java

@@ -0,0 +1,130 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.ec.ECConstants;
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.ECFieldElement;
+import com.android.org.bouncycastle.math.ec.ECLookupTable;
+import com.android.org.bouncycastle.math.ec.ECPoint;
+import com.android.org.bouncycastle.math.raw.Nat192;
+import com.android.org.bouncycastle.util.encoders.Hex;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP192K1Curve extends ECCurve.AbstractFp
+{
+    public static final BigInteger q = new BigInteger(1,
+        Hex.decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFEE37"));
+
+    private static final int SecP192K1_DEFAULT_COORDS = COORD_JACOBIAN;
+
+    protected SecP192K1Point infinity;
+
+    public SecP192K1Curve()
+    {
+        super(q);
+
+        this.infinity = new SecP192K1Point(this, null, null);
+
+        this.a = fromBigInteger(ECConstants.ZERO);
+        this.b = fromBigInteger(BigInteger.valueOf(3));
+        this.order = new BigInteger(1, Hex.decode("FFFFFFFFFFFFFFFFFFFFFFFE26F2FC170F69466A74DEFD8D"));
+        this.cofactor = BigInteger.valueOf(1);
+
+        this.coord = SecP192K1_DEFAULT_COORDS;
+    }
+
+    protected ECCurve cloneCurve()
+    {
+        return new SecP192K1Curve();
+    }
+
+    public boolean supportsCoordinateSystem(int coord)
+    {
+        switch (coord)
+        {
+        case COORD_JACOBIAN:
+            return true;
+        default:
+            return false;
+        }
+    }
+
+    public BigInteger getQ()
+    {
+        return q;
+    }
+
+    public int getFieldSize()
+    {
+        return q.bitLength();
+    }
+
+    public ECFieldElement fromBigInteger(BigInteger x)
+    {
+        return new SecP192K1FieldElement(x);
+    }
+
+    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
+    {
+        return new SecP192K1Point(this, x, y, withCompression);
+    }
+
+    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
+    {
+        return new SecP192K1Point(this, x, y, zs, withCompression);
+    }
+
+    public ECPoint getInfinity()
+    {
+        return infinity;
+    }
+
+    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
+    {
+        final int FE_INTS = 6;
+
+        final int[] table = new int[len * FE_INTS * 2];
+        {
+            int pos = 0;
+            for (int i = 0; i < len; ++i)
+            {
+                ECPoint p = points[off + i];
+                Nat192.copy(((SecP192K1FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_INTS;
+                Nat192.copy(((SecP192K1FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_INTS;
+            }
+        }
+
+        return new ECLookupTable()
+        {
+            public int getSize()
+            {
+                return len;
+            }
+
+            public ECPoint lookup(int index)
+            {
+                int[] x = Nat192.create(), y = Nat192.create();
+                int pos = 0;
+
+                for (int i = 0; i < len; ++i)
+                {
+                    int MASK = ((i ^ index) - 1) >> 31;
+
+                    for (int j = 0; j < FE_INTS; ++j)
+                    {
+                        x[j] ^= table[pos + j] & MASK;
+                        y[j] ^= table[pos + FE_INTS + j] & MASK;
+                    }
+
+                    pos += (FE_INTS * 2);
+                }
+
+                return createRawPoint(new SecP192K1FieldElement(x), new SecP192K1FieldElement(y), false);
+            }
+        };
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP192K1Field.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP192K1Field.java
new file mode 100644
index 0000000..585259c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP192K1Field.java

@@ -0,0 +1,181 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.raw.Nat;
+import com.android.org.bouncycastle.math.raw.Nat192;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP192K1Field
+{
+    // 2^192 - 2^32 - 2^12 - 2^8 - 2^7 - 2^6 - 2^3 - 1
+    static final int[] P = new int[]{ 0xFFFFEE37, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF };
+    static final int[] PExt = new int[]{ 0x013C4FD1, 0x00002392, 0x00000001, 0x00000000, 0x00000000,
+        0x00000000, 0xFFFFDC6E, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF };
+    private static final int[] PExtInv = new int[]{ 0xFEC3B02F, 0xFFFFDC6D, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF,
+        0xFFFFFFFF, 0x00002391, 0x00000002 };
+    private static final int P5 = 0xFFFFFFFF;
+    private static final int PExt11 = 0xFFFFFFFF;
+    private static final int PInv33 = 0x11C9;
+
+    public static void add(int[] x, int[] y, int[] z)
+    {
+        int c = Nat192.add(x, y, z);
+        if (c != 0 || (z[5] == P5 && Nat192.gte(z, P)))
+        {
+            Nat.add33To(6, PInv33, z);
+        }
+    }
+
+    public static void addExt(int[] xx, int[] yy, int[] zz)
+    {
+        int c = Nat.add(12, xx, yy, zz);
+        if (c != 0 || (zz[11] == PExt11 && Nat.gte(12, zz, PExt)))
+        {
+            if (Nat.addTo(PExtInv.length, PExtInv, zz) != 0)
+            {
+                Nat.incAt(12, zz, PExtInv.length);
+            }
+        }
+    }
+
+    public static void addOne(int[] x, int[] z)
+    {
+        int c = Nat.inc(6, x, z);
+        if (c != 0 || (z[5] == P5 && Nat192.gte(z, P)))
+        {
+            Nat.add33To(6, PInv33, z);
+        }
+    }
+
+    public static int[] fromBigInteger(BigInteger x)
+    {
+        int[] z = Nat192.fromBigInteger(x);
+        if (z[5] == P5 && Nat192.gte(z, P))
+        {
+            Nat192.subFrom(P, z);
+        }
+        return z;
+    }
+
+    public static void half(int[] x, int[] z)
+    {
+        if ((x[0] & 1) == 0)
+        {
+            Nat.shiftDownBit(6, x, 0, z);
+        }
+        else
+        {
+            int c = Nat192.add(x, P, z);
+            Nat.shiftDownBit(6, z, c);
+        }
+    }
+
+    public static void multiply(int[] x, int[] y, int[] z)
+    {
+        int[] tt = Nat192.createExt();
+        Nat192.mul(x, y, tt);
+        reduce(tt, z);
+    }
+
+    public static void multiplyAddToExt(int[] x, int[] y, int[] zz)
+    {
+        int c = Nat192.mulAddTo(x, y, zz);
+        if (c != 0 || (zz[11] == PExt11 && Nat.gte(12, zz, PExt)))
+        {
+            if (Nat.addTo(PExtInv.length, PExtInv, zz) != 0)
+            {
+                Nat.incAt(12, zz, PExtInv.length);
+            }
+        }
+    }
+
+    public static void negate(int[] x, int[] z)
+    {
+        if (Nat192.isZero(x))
+        {
+            Nat192.zero(z);
+        }
+        else
+        {
+            Nat192.sub(P, x, z);
+        }
+    }
+
+    public static void reduce(int[] xx, int[] z)
+    {
+        long cc = Nat192.mul33Add(PInv33, xx, 6, xx, 0, z, 0);
+        int c = Nat192.mul33DWordAdd(PInv33, cc, z, 0);
+
+        // assert c == 0L || c == 1L;
+
+        if (c != 0 || (z[5] == P5 && Nat192.gte(z, P)))
+        {
+            Nat.add33To(6, PInv33, z);
+        }
+    }
+
+    public static void reduce32(int x, int[] z)
+    {
+        if ((x != 0 && Nat192.mul33WordAdd(PInv33, x, z, 0) != 0)
+            || (z[5] == P5 && Nat192.gte(z, P)))
+        {
+            Nat.add33To(6, PInv33, z);
+        }
+    }
+
+    public static void square(int[] x, int[] z)
+    {
+        int[] tt = Nat192.createExt();
+        Nat192.square(x, tt);
+        reduce(tt, z);
+    }
+
+    public static void squareN(int[] x, int n, int[] z)
+    {
+//        assert n > 0;
+
+        int[] tt = Nat192.createExt();
+        Nat192.square(x, tt);
+        reduce(tt, z);
+
+        while (--n > 0)
+        {
+            Nat192.square(z, tt);
+            reduce(tt, z);
+        }
+    }
+
+    public static void subtract(int[] x, int[] y, int[] z)
+    {
+        int c = Nat192.sub(x, y, z);
+        if (c != 0)
+        {
+            Nat.sub33From(6, PInv33, z);
+        }
+    }
+
+    public static void subtractExt(int[] xx, int[] yy, int[] zz)
+    {
+        int c = Nat.sub(12, xx, yy, zz);
+        if (c != 0)
+        {
+            if (Nat.subFrom(PExtInv.length, PExtInv, zz) != 0)
+            {
+                Nat.decAt(12, zz, PExtInv.length);
+            }
+        }
+    }
+
+    public static void twice(int[] x, int[] z)
+    {
+        int c = Nat.shiftUpBit(6, x, 0, z);
+        if (c != 0 || (z[5] == P5 && Nat192.gte(z, P)))
+        {
+            Nat.add33To(6, PInv33, z);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP192K1FieldElement.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP192K1FieldElement.java
new file mode 100644
index 0000000..e01c34d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP192K1FieldElement.java

@@ -0,0 +1,217 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.ec.ECFieldElement;
+import com.android.org.bouncycastle.math.raw.Mod;
+import com.android.org.bouncycastle.math.raw.Nat192;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP192K1FieldElement extends ECFieldElement.AbstractFp
+{
+    public static final BigInteger Q = SecP192K1Curve.q;
+
+    protected int[] x;
+
+    public SecP192K1FieldElement(BigInteger x)
+    {
+        if (x == null || x.signum() < 0 || x.compareTo(Q) >= 0)
+        {
+            throw new IllegalArgumentException("x value invalid for SecP192K1FieldElement");
+        }
+
+        this.x = SecP192K1Field.fromBigInteger(x);
+    }
+
+    public SecP192K1FieldElement()
+    {
+        this.x = Nat192.create();
+    }
+
+    protected SecP192K1FieldElement(int[] x)
+    {
+        this.x = x;
+    }
+
+    public boolean isZero()
+    {
+        return Nat192.isZero(x);
+    }
+
+    public boolean isOne()
+    {
+        return Nat192.isOne(x);
+    }
+
+    public boolean testBitZero()
+    {
+        return Nat192.getBit(x, 0) == 1;
+    }
+
+    public BigInteger toBigInteger()
+    {
+        return Nat192.toBigInteger(x);
+    }
+
+    public String getFieldName()
+    {
+        return "SecP192K1Field";
+    }
+
+    public int getFieldSize()
+    {
+        return Q.bitLength();
+    }
+
+    public ECFieldElement add(ECFieldElement b)
+    {
+        int[] z = Nat192.create();
+        SecP192K1Field.add(x, ((SecP192K1FieldElement)b).x, z);
+        return new SecP192K1FieldElement(z);
+    }
+
+    public ECFieldElement addOne()
+    {
+        int[] z = Nat192.create();
+        SecP192K1Field.addOne(x, z);
+        return new SecP192K1FieldElement(z);
+    }
+
+    public ECFieldElement subtract(ECFieldElement b)
+    {
+        int[] z = Nat192.create();
+        SecP192K1Field.subtract(x, ((SecP192K1FieldElement)b).x, z);
+        return new SecP192K1FieldElement(z);
+    }
+
+    public ECFieldElement multiply(ECFieldElement b)
+    {
+        int[] z = Nat192.create();
+        SecP192K1Field.multiply(x, ((SecP192K1FieldElement)b).x, z);
+        return new SecP192K1FieldElement(z);
+    }
+
+    public ECFieldElement divide(ECFieldElement b)
+    {
+//        return multiply(b.invert());
+        int[] z = Nat192.create();
+        Mod.invert(SecP192K1Field.P, ((SecP192K1FieldElement)b).x, z);
+        SecP192K1Field.multiply(z, x, z);
+        return new SecP192K1FieldElement(z);
+    }
+
+    public ECFieldElement negate()
+    {
+        int[] z = Nat192.create();
+        SecP192K1Field.negate(x, z);
+        return new SecP192K1FieldElement(z);
+    }
+
+    public ECFieldElement square()
+    {
+        int[] z = Nat192.create();
+        SecP192K1Field.square(x, z);
+        return new SecP192K1FieldElement(z);
+    }
+
+    public ECFieldElement invert()
+    {
+//        return new SecP192K1FieldElement(toBigInteger().modInverse(Q));
+        int[] z = Nat192.create();
+        Mod.invert(SecP192K1Field.P, x, z);
+        return new SecP192K1FieldElement(z);
+    }
+
+    /**
+     * return a sqrt root - the routine verifies that the calculation returns the right value - if
+     * none exists it returns null.
+     */
+    public ECFieldElement sqrt()
+    {
+        /*
+         * Raise this element to the exponent 2^190 - 2^30 - 2^10 - 2^6 - 2^5 - 2^4 - 2^1
+         *
+         * Breaking up the exponent's binary representation into "repunits", we get:
+         * { 159 1s } { 1 0s } { 19 1s } { 1 0s } { 3 1s } { 3 0s} { 3 1s } { 1 0s }
+         *
+         * Therefore we need an addition chain containing 3, 19, 159 (the lengths of the repunits)
+         * We use: 1, 2, [3], 6, 8, 16, [19], 35, 70, 140, [159]
+         */
+
+        int[] x1 = this.x;
+        if (Nat192.isZero(x1) || Nat192.isOne(x1))
+        {
+            return this;
+        }
+
+        int[] x2 = Nat192.create();
+        SecP192K1Field.square(x1, x2);
+        SecP192K1Field.multiply(x2, x1, x2);
+        int[] x3 = Nat192.create();
+        SecP192K1Field.square(x2, x3);
+        SecP192K1Field.multiply(x3, x1, x3);
+        int[] x6 = Nat192.create();
+        SecP192K1Field.squareN(x3, 3, x6);
+        SecP192K1Field.multiply(x6, x3, x6);
+        int[] x8 = x6;
+        SecP192K1Field.squareN(x6, 2, x8);
+        SecP192K1Field.multiply(x8, x2, x8);
+        int[] x16 = x2;
+        SecP192K1Field.squareN(x8, 8, x16);
+        SecP192K1Field.multiply(x16, x8, x16);
+        int[] x19 = x8;
+        SecP192K1Field.squareN(x16, 3, x19);
+        SecP192K1Field.multiply(x19, x3, x19);
+        int[] x35 = Nat192.create();
+        SecP192K1Field.squareN(x19, 16, x35);
+        SecP192K1Field.multiply(x35, x16, x35);
+        int[] x70 = x16;
+        SecP192K1Field.squareN(x35, 35, x70);
+        SecP192K1Field.multiply(x70, x35, x70);
+        int[] x140 = x35;
+        SecP192K1Field.squareN(x70, 70, x140);
+        SecP192K1Field.multiply(x140, x70, x140);
+        int[] x159 = x70;
+        SecP192K1Field.squareN(x140, 19, x159);
+        SecP192K1Field.multiply(x159, x19, x159);
+
+        int[] t1 = x159;
+        SecP192K1Field.squareN(t1, 20, t1);
+        SecP192K1Field.multiply(t1, x19, t1);
+        SecP192K1Field.squareN(t1, 4, t1);
+        SecP192K1Field.multiply(t1, x3, t1);
+        SecP192K1Field.squareN(t1, 6, t1);
+        SecP192K1Field.multiply(t1, x3, t1);
+        SecP192K1Field.square(t1, t1);
+
+        int[] t2 = x3;
+        SecP192K1Field.square(t1, t2);
+
+        return Nat192.eq(x1, t2) ? new SecP192K1FieldElement(t1) : null;
+    }
+
+    public boolean equals(Object other)
+    {
+        if (other == this)
+        {
+            return true;
+        }
+
+        if (!(other instanceof SecP192K1FieldElement))
+        {
+            return false;
+        }
+
+        SecP192K1FieldElement o = (SecP192K1FieldElement)other;
+        return Nat192.eq(x, o.x);
+    }
+
+    public int hashCode()
+    {
+        return Q.hashCode() ^ Arrays.hashCode(x, 0, 6);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP192K1Point.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP192K1Point.java
new file mode 100644
index 0000000..521b09f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP192K1Point.java

@@ -0,0 +1,302 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.ECFieldElement;
+import com.android.org.bouncycastle.math.ec.ECPoint;
+import com.android.org.bouncycastle.math.raw.Nat;
+import com.android.org.bouncycastle.math.raw.Nat192;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP192K1Point extends ECPoint.AbstractFp
+{
+    /**
+     * Create a point which encodes with point compression.
+     *
+     * @param curve
+     *            the curve to use
+     * @param x
+     *            affine x co-ordinate
+     * @param y
+     *            affine y co-ordinate
+     *
+     * @deprecated Use ECCurve.createPoint to construct points
+     */
+    public SecP192K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+    {
+        this(curve, x, y, false);
+    }
+
+    /**
+     * Create a point that encodes with or without point compresion.
+     *
+     * @param curve
+     *            the curve to use
+     * @param x
+     *            affine x co-ordinate
+     * @param y
+     *            affine y co-ordinate
+     * @param withCompression
+     *            if true encode with point compression
+     *
+     * @deprecated per-point compression property will be removed, refer
+     *             {@link #getEncoded(boolean)}
+     */
+    public SecP192K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
+    {
+        super(curve, x, y);
+
+        if ((x == null) != (y == null))
+        {
+            throw new IllegalArgumentException("Exactly one of the field elements is null");
+        }
+
+        this.withCompression = withCompression;
+    }
+
+    SecP192K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs,
+        boolean withCompression)
+    {
+        super(curve, x, y, zs);
+
+        this.withCompression = withCompression;
+    }
+
+    protected ECPoint detach()
+    {
+        return new SecP192K1Point(null, getAffineXCoord(), getAffineYCoord());
+    }
+
+    // B.3 pg 62
+    public ECPoint add(ECPoint b)
+    {
+        if (this.isInfinity())
+        {
+            return b;
+        }
+        if (b.isInfinity())
+        {
+            return this;
+        }
+        if (this == b)
+        {
+            return twice();
+        }
+
+        ECCurve curve = this.getCurve();
+
+        SecP192K1FieldElement X1 = (SecP192K1FieldElement)this.x, Y1 = (SecP192K1FieldElement)this.y;
+        SecP192K1FieldElement X2 = (SecP192K1FieldElement)b.getXCoord(), Y2 = (SecP192K1FieldElement)b.getYCoord();
+
+        SecP192K1FieldElement Z1 = (SecP192K1FieldElement)this.zs[0];
+        SecP192K1FieldElement Z2 = (SecP192K1FieldElement)b.getZCoord(0);
+
+        int c;
+        int[] tt1 = Nat192.createExt();
+        int[] t2 = Nat192.create();
+        int[] t3 = Nat192.create();
+        int[] t4 = Nat192.create();
+
+        boolean Z1IsOne = Z1.isOne();
+        int[] U2, S2;
+        if (Z1IsOne)
+        {
+            U2 = X2.x;
+            S2 = Y2.x;
+        }
+        else
+        {
+            S2 = t3;
+            SecP192K1Field.square(Z1.x, S2);
+
+            U2 = t2;
+            SecP192K1Field.multiply(S2, X2.x, U2);
+
+            SecP192K1Field.multiply(S2, Z1.x, S2);
+            SecP192K1Field.multiply(S2, Y2.x, S2);
+        }
+
+        boolean Z2IsOne = Z2.isOne();
+        int[] U1, S1;
+        if (Z2IsOne)
+        {
+            U1 = X1.x;
+            S1 = Y1.x;
+        }
+        else
+        {
+            S1 = t4;
+            SecP192K1Field.square(Z2.x, S1);
+
+            U1 = tt1;
+            SecP192K1Field.multiply(S1, X1.x, U1);
+
+            SecP192K1Field.multiply(S1, Z2.x, S1);
+            SecP192K1Field.multiply(S1, Y1.x, S1);
+        }
+
+        int[] H = Nat192.create();
+        SecP192K1Field.subtract(U1, U2, H);
+
+        int[] R = t2;
+        SecP192K1Field.subtract(S1, S2, R);
+
+        // Check if b == this or b == -this
+        if (Nat192.isZero(H))
+        {
+            if (Nat192.isZero(R))
+            {
+                // this == b, i.e. this must be doubled
+                return this.twice();
+            }
+
+            // this == -b, i.e. the result is the point at infinity
+            return curve.getInfinity();
+        }
+
+        int[] HSquared = t3;
+        SecP192K1Field.square(H, HSquared);
+
+        int[] G = Nat192.create();
+        SecP192K1Field.multiply(HSquared, H, G);
+
+        int[] V = t3;
+        SecP192K1Field.multiply(HSquared, U1, V);
+
+        SecP192K1Field.negate(G, G);
+        Nat192.mul(S1, G, tt1);
+
+        c = Nat192.addBothTo(V, V, G);
+        SecP192K1Field.reduce32(c, G);
+
+        SecP192K1FieldElement X3 = new SecP192K1FieldElement(t4);
+        SecP192K1Field.square(R, X3.x);
+        SecP192K1Field.subtract(X3.x, G, X3.x);
+
+        SecP192K1FieldElement Y3 = new SecP192K1FieldElement(G);
+        SecP192K1Field.subtract(V, X3.x, Y3.x);
+        SecP192K1Field.multiplyAddToExt(Y3.x, R, tt1);
+        SecP192K1Field.reduce(tt1, Y3.x);
+
+        SecP192K1FieldElement Z3 = new SecP192K1FieldElement(H);
+        if (!Z1IsOne)
+        {
+            SecP192K1Field.multiply(Z3.x, Z1.x, Z3.x);
+        }
+        if (!Z2IsOne)
+        {
+            SecP192K1Field.multiply(Z3.x, Z2.x, Z3.x);
+        }
+
+        ECFieldElement[] zs = new ECFieldElement[] { Z3 };
+
+        return new SecP192K1Point(curve, X3, Y3, zs, this.withCompression);
+    }
+
+    // B.3 pg 62
+    public ECPoint twice()
+    {
+        if (this.isInfinity())
+        {
+            return this;
+        }
+
+        ECCurve curve = this.getCurve();
+
+        SecP192K1FieldElement Y1 = (SecP192K1FieldElement)this.y;
+        if (Y1.isZero())
+        {
+            return curve.getInfinity();
+        }
+
+        SecP192K1FieldElement X1 = (SecP192K1FieldElement)this.x, Z1 = (SecP192K1FieldElement)this.zs[0];
+
+        int c;
+
+        int[] Y1Squared = Nat192.create();
+        SecP192K1Field.square(Y1.x, Y1Squared);
+
+        int[] T = Nat192.create();
+        SecP192K1Field.square(Y1Squared, T);
+
+        int[] M = Nat192.create();
+        SecP192K1Field.square(X1.x, M);
+        c = Nat192.addBothTo(M, M, M);
+        SecP192K1Field.reduce32(c, M);
+
+        int[] S = Y1Squared;
+        SecP192K1Field.multiply(Y1Squared, X1.x, S);
+        c = Nat.shiftUpBits(6, S, 2, 0);
+        SecP192K1Field.reduce32(c, S);
+
+        int[] t1 = Nat192.create();
+        c = Nat.shiftUpBits(6, T, 3, 0, t1);
+        SecP192K1Field.reduce32(c, t1);
+
+        SecP192K1FieldElement X3 = new SecP192K1FieldElement(T);
+        SecP192K1Field.square(M, X3.x);
+        SecP192K1Field.subtract(X3.x, S, X3.x);
+        SecP192K1Field.subtract(X3.x, S, X3.x);
+
+        SecP192K1FieldElement Y3 = new SecP192K1FieldElement(S);
+        SecP192K1Field.subtract(S, X3.x, Y3.x);
+        SecP192K1Field.multiply(Y3.x, M, Y3.x);
+        SecP192K1Field.subtract(Y3.x, t1, Y3.x);
+
+        SecP192K1FieldElement Z3 = new SecP192K1FieldElement(M);
+        SecP192K1Field.twice(Y1.x, Z3.x);
+        if (!Z1.isOne())
+        {
+            SecP192K1Field.multiply(Z3.x, Z1.x, Z3.x);
+        }
+
+        return new SecP192K1Point(curve, X3, Y3, new ECFieldElement[] { Z3 }, this.withCompression);
+    }
+
+    public ECPoint twicePlus(ECPoint b)
+    {
+        if (this == b)
+        {
+            return threeTimes();
+        }
+        if (this.isInfinity())
+        {
+            return b;
+        }
+        if (b.isInfinity())
+        {
+            return twice();
+        }
+
+        ECFieldElement Y1 = this.y;
+        if (Y1.isZero())
+        {
+            return b;
+        }
+
+        return twice().add(b);
+    }
+
+    public ECPoint threeTimes()
+    {
+        if (this.isInfinity() || this.y.isZero())
+        {
+            return this;
+        }
+
+        // NOTE: Be careful about recursions between twicePlus and threeTimes
+        return twice().add(this);
+    }
+
+    public ECPoint negate()
+    {
+        if (this.isInfinity())
+        {
+            return this;
+        }
+
+        return new SecP192K1Point(curve, this.x, this.y.negate(), this.zs, this.withCompression);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP192R1Curve.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP192R1Curve.java
new file mode 100644
index 0000000..ba69eed
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP192R1Curve.java

@@ -0,0 +1,131 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.ECFieldElement;
+import com.android.org.bouncycastle.math.ec.ECLookupTable;
+import com.android.org.bouncycastle.math.ec.ECPoint;
+import com.android.org.bouncycastle.math.raw.Nat192;
+import com.android.org.bouncycastle.util.encoders.Hex;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP192R1Curve extends ECCurve.AbstractFp
+{
+    public static final BigInteger q = new BigInteger(1,
+        Hex.decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFF"));
+
+    private static final int SecP192R1_DEFAULT_COORDS = COORD_JACOBIAN;
+
+    protected SecP192R1Point infinity;
+
+    public SecP192R1Curve()
+    {
+        super(q);
+
+        this.infinity = new SecP192R1Point(this, null, null);
+
+        this.a = fromBigInteger(new BigInteger(1,
+            Hex.decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFC")));
+        this.b = fromBigInteger(new BigInteger(1,
+            Hex.decode("64210519E59C80E70FA7E9AB72243049FEB8DEECC146B9B1")));
+        this.order = new BigInteger(1, Hex.decode("FFFFFFFFFFFFFFFFFFFFFFFF99DEF836146BC9B1B4D22831"));
+        this.cofactor = BigInteger.valueOf(1);
+
+        this.coord = SecP192R1_DEFAULT_COORDS;
+    }
+
+    protected ECCurve cloneCurve()
+    {
+        return new SecP192R1Curve();
+    }
+
+    public boolean supportsCoordinateSystem(int coord)
+    {
+        switch (coord)
+        {
+        case COORD_JACOBIAN:
+            return true;
+        default:
+            return false;
+        }
+    }
+
+    public BigInteger getQ()
+    {
+        return q;
+    }
+
+    public int getFieldSize()
+    {
+        return q.bitLength();
+    }
+
+    public ECFieldElement fromBigInteger(BigInteger x)
+    {
+        return new SecP192R1FieldElement(x);
+    }
+
+    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
+    {
+        return new SecP192R1Point(this, x, y, withCompression);
+    }
+
+    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
+    {
+        return new SecP192R1Point(this, x, y, zs, withCompression);
+    }
+
+    public ECPoint getInfinity()
+    {
+        return infinity;
+    }
+
+    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
+    {
+        final int FE_INTS = 6;
+
+        final int[] table = new int[len * FE_INTS * 2];
+        {
+            int pos = 0;
+            for (int i = 0; i < len; ++i)
+            {
+                ECPoint p = points[off + i];
+                Nat192.copy(((SecP192R1FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_INTS;
+                Nat192.copy(((SecP192R1FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_INTS;
+            }
+        }
+
+        return new ECLookupTable()
+        {
+            public int getSize()
+            {
+                return len;
+            }
+
+            public ECPoint lookup(int index)
+            {
+                int[] x = Nat192.create(), y = Nat192.create();
+                int pos = 0;
+
+                for (int i = 0; i < len; ++i)
+                {
+                    int MASK = ((i ^ index) - 1) >> 31;
+
+                    for (int j = 0; j < FE_INTS; ++j)
+                    {
+                        x[j] ^= table[pos + j] & MASK;
+                        y[j] ^= table[pos + FE_INTS + j] & MASK;
+                    }
+
+                    pos += (FE_INTS * 2);
+                }
+
+                return createRawPoint(new SecP192R1FieldElement(x), new SecP192R1FieldElement(y), false);
+            }
+        };
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP192R1Field.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP192R1Field.java
new file mode 100644
index 0000000..0efd6f6
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP192R1Field.java

@@ -0,0 +1,290 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.raw.Nat;
+import com.android.org.bouncycastle.math.raw.Nat192;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP192R1Field
+{
+    private static final long M = 0xFFFFFFFFL;
+
+    // 2^192 - 2^64 - 1
+    static final int[] P = new int[]{ 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF };
+    static final int[] PExt = new int[]{ 0x00000001, 0x00000000, 0x00000002, 0x00000000, 0x00000001,
+        0x00000000, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF };
+    private static final int[] PExtInv = new int[]{ 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFE,
+        0xFFFFFFFF, 0x00000001, 0x00000000, 0x00000002 };
+    private static final int P5 = 0xFFFFFFFF;
+    private static final int PExt11 = 0xFFFFFFFF;
+
+    public static void add(int[] x, int[] y, int[] z)
+    {
+        int c = Nat192.add(x, y, z);
+        if (c != 0 || (z[5] == P5 && Nat192.gte(z, P)))
+        {
+            addPInvTo(z);
+        }
+    }
+
+    public static void addExt(int[] xx, int[] yy, int[] zz)
+    {
+        int c = Nat.add(12, xx, yy, zz);
+        if (c != 0 || (zz[11] == PExt11 && Nat.gte(12, zz, PExt)))
+        {
+            if (Nat.addTo(PExtInv.length, PExtInv, zz) != 0)
+            {
+                Nat.incAt(12, zz, PExtInv.length);
+            }
+        }
+    }
+
+    public static void addOne(int[] x, int[] z)
+    {
+        int c = Nat.inc(6, x, z);
+        if (c != 0 || (z[5] == P5 && Nat192.gte(z, P)))
+        {
+            addPInvTo(z);
+        }
+    }
+
+    public static int[] fromBigInteger(BigInteger x)
+    {
+        int[] z = Nat192.fromBigInteger(x);
+        if (z[5] == P5 && Nat192.gte(z, P))
+        {
+            Nat192.subFrom(P, z);
+        }
+        return z;
+    }
+
+    public static void half(int[] x, int[] z)
+    {
+        if ((x[0] & 1) == 0)
+        {
+            Nat.shiftDownBit(6, x, 0, z);
+        }
+        else
+        {
+            int c = Nat192.add(x, P, z);
+            Nat.shiftDownBit(6, z, c);
+        }
+    }
+
+    public static void multiply(int[] x, int[] y, int[] z)
+    {
+        int[] tt = Nat192.createExt();
+        Nat192.mul(x, y, tt);
+        reduce(tt, z);
+    }
+
+    public static void multiplyAddToExt(int[] x, int[] y, int[] zz)
+    {
+        int c = Nat192.mulAddTo(x, y, zz);
+        if (c != 0 || (zz[11] == PExt11 && Nat.gte(12, zz, PExt)))
+        {
+            if (Nat.addTo(PExtInv.length, PExtInv, zz) != 0)
+            {
+                Nat.incAt(12, zz, PExtInv.length);
+            }
+        }
+    }
+
+    public static void negate(int[] x, int[] z)
+    {
+        if (Nat192.isZero(x))
+        {
+            Nat192.zero(z);
+        }
+        else
+        {
+            Nat192.sub(P, x, z);
+        }
+    }
+
+    public static void reduce(int[] xx, int[] z)
+    {
+        long xx06 = xx[6] & M, xx07 = xx[7] & M, xx08 = xx[8] & M;
+        long xx09 = xx[9] & M, xx10 = xx[10] & M, xx11 = xx[11] & M;
+
+        long t0 = xx06 + xx10;
+        long t1 = xx07 + xx11;
+
+        long cc = 0;
+        cc += (xx[0] & M) + t0;
+        int z0 = (int)cc;
+        cc >>= 32;
+        cc += (xx[1] & M) + t1;
+        z[1] = (int)cc;
+        cc >>= 32;
+
+        t0 += xx08;
+        t1 += xx09;
+
+        cc += (xx[2] & M) + t0;
+        long z2 = cc & M;
+        cc >>= 32;
+        cc += (xx[3] & M) + t1;
+        z[3] = (int)cc;
+        cc >>= 32;
+
+        t0 -= xx06;
+        t1 -= xx07;
+
+        cc += (xx[4] & M) + t0;
+        z[4] = (int)cc;
+        cc >>= 32;
+        cc += (xx[5] & M) + t1;
+        z[5] = (int)cc;
+        cc >>= 32;
+
+        z2 += cc;
+
+        cc += (z0 & M);
+        z[0] = (int)cc;
+        cc >>= 32;
+        if (cc != 0)
+        {
+            cc += (z[1] & M);
+            z[1] = (int)cc;
+            z2 += cc >> 32;
+        }
+        z[2] = (int)z2;
+        cc = z2 >> 32;
+
+//      assert cc == 0 || cc == 1;
+
+        if ((cc != 0 && Nat.incAt(6, z, 3) != 0)
+            || (z[5] == P5 && Nat192.gte(z, P)))
+        {
+            addPInvTo(z);
+        }
+    }
+
+    public static void reduce32(int x, int[] z)
+    {
+        long cc = 0;
+
+        if (x != 0)
+        {
+            long xx06 = x & M;
+
+            cc += (z[0] & M) + xx06;
+            z[0] = (int)cc;
+            cc >>= 32;
+            if (cc != 0)
+            {
+                cc += (z[1] & M);
+                z[1] = (int)cc;
+                cc >>= 32;
+            }
+            cc += (z[2] & M) + xx06;
+            z[2] = (int)cc;
+            cc >>= 32;
+
+//            assert cc == 0 || cc == 1;
+        }
+
+        if ((cc != 0 && Nat.incAt(6, z, 3) != 0)
+            || (z[5] == P5 && Nat192.gte(z, P)))
+        {
+            addPInvTo(z);
+        }
+    }
+
+    public static void square(int[] x, int[] z)
+    {
+        int[] tt = Nat192.createExt();
+        Nat192.square(x, tt);
+        reduce(tt, z);
+    }
+
+    public static void squareN(int[] x, int n, int[] z)
+    {
+//        assert n > 0;
+
+        int[] tt = Nat192.createExt();
+        Nat192.square(x, tt);
+        reduce(tt, z);
+
+        while (--n > 0)
+        {
+            Nat192.square(z, tt);
+            reduce(tt, z);
+        }
+    }
+
+    public static void subtract(int[] x, int[] y, int[] z)
+    {
+        int c = Nat192.sub(x, y, z);
+        if (c != 0)
+        {
+            subPInvFrom(z);
+        }
+    }
+
+    public static void subtractExt(int[] xx, int[] yy, int[] zz)
+    {
+        int c = Nat.sub(12, xx, yy, zz);
+        if (c != 0)
+        {
+            if (Nat.subFrom(PExtInv.length, PExtInv, zz) != 0)
+            {
+                Nat.decAt(12, zz, PExtInv.length);
+            }
+        }
+    }
+
+    public static void twice(int[] x, int[] z)
+    {
+        int c = Nat.shiftUpBit(6, x, 0, z);
+        if (c != 0 || (z[5] == P5 && Nat192.gte(z, P)))
+        {
+            addPInvTo(z);
+        }
+    }
+
+    private static void addPInvTo(int[] z)
+    {
+        long c = (z[0] & M) + 1;
+        z[0] = (int)c;
+        c >>= 32;
+        if (c != 0)
+        {
+            c += (z[1] & M);
+            z[1] = (int)c;
+            c >>= 32;
+        }
+        c += (z[2] & M) + 1;
+        z[2] = (int)c;
+        c >>= 32;
+        if (c != 0)
+        {
+            Nat.incAt(6, z, 3);
+        }
+    }
+
+    private static void subPInvFrom(int[] z)
+    {
+        long c = (z[0] & M) - 1;
+        z[0] = (int)c;
+        c >>= 32;
+        if (c != 0)
+        {
+            c += (z[1] & M);
+            z[1] = (int)c;
+            c >>= 32;
+        }
+        c += (z[2] & M) - 1;
+        z[2] = (int)c;
+        c >>= 32;
+        if (c != 0)
+        {
+            Nat.decAt(6, z, 3);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP192R1FieldElement.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP192R1FieldElement.java
new file mode 100644
index 0000000..d5c2b77
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP192R1FieldElement.java

@@ -0,0 +1,194 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.ec.ECFieldElement;
+import com.android.org.bouncycastle.math.raw.Mod;
+import com.android.org.bouncycastle.math.raw.Nat192;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP192R1FieldElement extends ECFieldElement.AbstractFp
+{
+    public static final BigInteger Q = SecP192R1Curve.q;
+
+    protected int[] x;
+
+    public SecP192R1FieldElement(BigInteger x)
+    {
+        if (x == null || x.signum() < 0 || x.compareTo(Q) >= 0)
+        {
+            throw new IllegalArgumentException("x value invalid for SecP192R1FieldElement");
+        }
+
+        this.x = SecP192R1Field.fromBigInteger(x);
+    }
+
+    public SecP192R1FieldElement()
+    {
+        this.x = Nat192.create();
+    }
+
+    protected SecP192R1FieldElement(int[] x)
+    {
+        this.x = x;
+    }
+
+    public boolean isZero()
+    {
+        return Nat192.isZero(x);
+    }
+
+    public boolean isOne()
+    {
+        return Nat192.isOne(x);
+    }
+
+    public boolean testBitZero()
+    {
+        return Nat192.getBit(x, 0) == 1;
+    }
+
+    public BigInteger toBigInteger()
+    {
+        return Nat192.toBigInteger(x);
+    }
+
+    public String getFieldName()
+    {
+        return "SecP192R1Field";
+    }
+
+    public int getFieldSize()
+    {
+        return Q.bitLength();
+    }
+
+    public ECFieldElement add(ECFieldElement b)
+    {
+        int[] z = Nat192.create();
+        SecP192R1Field.add(x, ((SecP192R1FieldElement)b).x, z);
+        return new SecP192R1FieldElement(z);
+    }
+
+    public ECFieldElement addOne()
+    {
+        int[] z = Nat192.create();
+        SecP192R1Field.addOne(x, z);
+        return new SecP192R1FieldElement(z);
+    }
+
+    public ECFieldElement subtract(ECFieldElement b)
+    {
+        int[] z = Nat192.create();
+        SecP192R1Field.subtract(x, ((SecP192R1FieldElement)b).x, z);
+        return new SecP192R1FieldElement(z);
+    }
+
+    public ECFieldElement multiply(ECFieldElement b)
+    {
+        int[] z = Nat192.create();
+        SecP192R1Field.multiply(x, ((SecP192R1FieldElement)b).x, z);
+        return new SecP192R1FieldElement(z);
+    }
+
+    public ECFieldElement divide(ECFieldElement b)
+    {
+//        return multiply(b.invert());
+        int[] z = Nat192.create();
+        Mod.invert(SecP192R1Field.P, ((SecP192R1FieldElement)b).x, z);
+        SecP192R1Field.multiply(z, x, z);
+        return new SecP192R1FieldElement(z);
+    }
+
+    public ECFieldElement negate()
+    {
+        int[] z = Nat192.create();
+        SecP192R1Field.negate(x, z);
+        return new SecP192R1FieldElement(z);
+    }
+
+    public ECFieldElement square()
+    {
+        int[] z = Nat192.create();
+        SecP192R1Field.square(x, z);
+        return new SecP192R1FieldElement(z);
+    }
+
+    public ECFieldElement invert()
+    {
+//        return new SecP192R1FieldElement(toBigInteger().modInverse(Q));
+        int[] z = Nat192.create();
+        Mod.invert(SecP192R1Field.P, x, z);
+        return new SecP192R1FieldElement(z);
+    }
+
+    // D.1.4 91
+    /**
+     * return a sqrt root - the routine verifies that the calculation returns the right value - if
+     * none exists it returns null.
+     */
+    public ECFieldElement sqrt()
+    {
+        // Raise this element to the exponent 2^190 - 2^62
+
+        int[] x1 = this.x;
+        if (Nat192.isZero(x1) || Nat192.isOne(x1))
+        {
+            return this;
+        }
+
+        int[] t1 = Nat192.create();
+        int[] t2 = Nat192.create();
+
+        SecP192R1Field.square(x1, t1);
+        SecP192R1Field.multiply(t1, x1, t1);
+
+        SecP192R1Field.squareN(t1, 2, t2);
+        SecP192R1Field.multiply(t2, t1, t2);
+
+        SecP192R1Field.squareN(t2, 4, t1);
+        SecP192R1Field.multiply(t1, t2, t1);
+
+        SecP192R1Field.squareN(t1, 8, t2);
+        SecP192R1Field.multiply(t2, t1, t2);
+
+        SecP192R1Field.squareN(t2, 16, t1);
+        SecP192R1Field.multiply(t1, t2, t1);
+
+        SecP192R1Field.squareN(t1, 32, t2);
+        SecP192R1Field.multiply(t2, t1, t2);
+
+        SecP192R1Field.squareN(t2, 64, t1);
+        SecP192R1Field.multiply(t1, t2, t1);
+
+        SecP192R1Field.squareN(t1, 62, t1);
+        SecP192R1Field.square(t1, t2);
+
+        return Nat192.eq(x1, t2) ? new SecP192R1FieldElement(t1) : null;
+    }
+
+    public boolean equals(Object other)
+    {
+        if (other == this)
+        {
+            return true;
+        }
+
+        if (!(other instanceof SecP192R1FieldElement))
+        {
+            return false;
+        }
+
+        SecP192R1FieldElement o = (SecP192R1FieldElement)other;
+        return Nat192.eq(x, o.x);
+    }
+
+    public int hashCode()
+    {
+        return Q.hashCode() ^ Arrays.hashCode(x, 0, 6);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP192R1Point.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP192R1Point.java
new file mode 100644
index 0000000..70e50c7
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP192R1Point.java

@@ -0,0 +1,314 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.ECFieldElement;
+import com.android.org.bouncycastle.math.ec.ECPoint;
+import com.android.org.bouncycastle.math.raw.Nat;
+import com.android.org.bouncycastle.math.raw.Nat192;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP192R1Point extends ECPoint.AbstractFp
+{
+    /**
+     * Create a point which encodes with point compression.
+     *
+     * @param curve
+     *            the curve to use
+     * @param x
+     *            affine x co-ordinate
+     * @param y
+     *            affine y co-ordinate
+     *
+     * @deprecated Use ECCurve.createPoint to construct points
+     */
+    public SecP192R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+    {
+        this(curve, x, y, false);
+    }
+
+    /**
+     * Create a point that encodes with or without point compresion.
+     *
+     * @param curve
+     *            the curve to use
+     * @param x
+     *            affine x co-ordinate
+     * @param y
+     *            affine y co-ordinate
+     * @param withCompression
+     *            if true encode with point compression
+     *
+     * @deprecated per-point compression property will be removed, refer
+     *             {@link #getEncoded(boolean)}
+     */
+    public SecP192R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
+    {
+        super(curve, x, y);
+
+        if ((x == null) != (y == null))
+        {
+            throw new IllegalArgumentException("Exactly one of the field elements is null");
+        }
+
+        this.withCompression = withCompression;
+    }
+
+    SecP192R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
+    {
+        super(curve, x, y, zs);
+
+        this.withCompression = withCompression;
+    }
+
+    protected ECPoint detach()
+    {
+        return new SecP192R1Point(null, getAffineXCoord(), getAffineYCoord());
+    }
+
+    // B.3 pg 62
+    public ECPoint add(ECPoint b)
+    {
+        if (this.isInfinity())
+        {
+            return b;
+        }
+        if (b.isInfinity())
+        {
+            return this;
+        }
+        if (this == b)
+        {
+            return twice();
+        }
+
+        ECCurve curve = this.getCurve();
+
+        SecP192R1FieldElement X1 = (SecP192R1FieldElement)this.x, Y1 = (SecP192R1FieldElement)this.y;
+        SecP192R1FieldElement X2 = (SecP192R1FieldElement)b.getXCoord(), Y2 = (SecP192R1FieldElement)b.getYCoord();
+
+        SecP192R1FieldElement Z1 = (SecP192R1FieldElement)this.zs[0];
+        SecP192R1FieldElement Z2 = (SecP192R1FieldElement)b.getZCoord(0);
+
+        int c;
+        int[] tt1 = Nat192.createExt();
+        int[] t2 = Nat192.create();
+        int[] t3 = Nat192.create();
+        int[] t4 = Nat192.create();
+
+        boolean Z1IsOne = Z1.isOne();
+        int[] U2, S2;
+        if (Z1IsOne)
+        {
+            U2 = X2.x;
+            S2 = Y2.x;
+        }
+        else
+        {
+            S2 = t3;
+            SecP192R1Field.square(Z1.x, S2);
+
+            U2 = t2;
+            SecP192R1Field.multiply(S2, X2.x, U2);
+
+            SecP192R1Field.multiply(S2, Z1.x, S2);
+            SecP192R1Field.multiply(S2, Y2.x, S2);
+        }
+
+        boolean Z2IsOne = Z2.isOne();
+        int[] U1, S1;
+        if (Z2IsOne)
+        {
+            U1 = X1.x;
+            S1 = Y1.x;
+        }
+        else
+        {
+            S1 = t4;
+            SecP192R1Field.square(Z2.x, S1);
+
+            U1 = tt1;
+            SecP192R1Field.multiply(S1, X1.x, U1);
+
+            SecP192R1Field.multiply(S1, Z2.x, S1);
+            SecP192R1Field.multiply(S1, Y1.x, S1);
+        }
+
+        int[] H = Nat192.create();
+        SecP192R1Field.subtract(U1, U2, H);
+
+        int[] R = t2;
+        SecP192R1Field.subtract(S1, S2, R);
+
+        // Check if b == this or b == -this
+        if (Nat192.isZero(H))
+        {
+            if (Nat192.isZero(R))
+            {
+                // this == b, i.e. this must be doubled
+                return this.twice();
+            }
+
+            // this == -b, i.e. the result is the point at infinity
+            return curve.getInfinity();
+        }
+
+        int[] HSquared = t3;
+        SecP192R1Field.square(H, HSquared);
+
+        int[] G = Nat192.create();
+        SecP192R1Field.multiply(HSquared, H, G);
+
+        int[] V = t3;
+        SecP192R1Field.multiply(HSquared, U1, V);
+
+        SecP192R1Field.negate(G, G);
+        Nat192.mul(S1, G, tt1);
+
+        c = Nat192.addBothTo(V, V, G);
+        SecP192R1Field.reduce32(c, G);
+
+        SecP192R1FieldElement X3 = new SecP192R1FieldElement(t4);
+        SecP192R1Field.square(R, X3.x);
+        SecP192R1Field.subtract(X3.x, G, X3.x);
+
+        SecP192R1FieldElement Y3 = new SecP192R1FieldElement(G);
+        SecP192R1Field.subtract(V, X3.x, Y3.x);
+        SecP192R1Field.multiplyAddToExt(Y3.x, R, tt1);
+        SecP192R1Field.reduce(tt1, Y3.x);
+
+        SecP192R1FieldElement Z3 = new SecP192R1FieldElement(H);
+        if (!Z1IsOne)
+        {
+            SecP192R1Field.multiply(Z3.x, Z1.x, Z3.x);
+        }
+        if (!Z2IsOne)
+        {
+            SecP192R1Field.multiply(Z3.x, Z2.x, Z3.x);
+        }
+
+        ECFieldElement[] zs = new ECFieldElement[]{ Z3 };
+
+        return new SecP192R1Point(curve, X3, Y3, zs, this.withCompression);
+    }
+
+    // B.3 pg 62
+    public ECPoint twice()
+    {
+        if (this.isInfinity())
+        {
+            return this;
+        }
+
+        ECCurve curve = this.getCurve();
+
+        SecP192R1FieldElement Y1 = (SecP192R1FieldElement)this.y;
+        if (Y1.isZero())
+        {
+            return curve.getInfinity();
+        }
+
+        SecP192R1FieldElement X1 = (SecP192R1FieldElement)this.x, Z1 = (SecP192R1FieldElement)this.zs[0];
+
+        int c;
+        int[] t1 = Nat192.create();
+        int[] t2 = Nat192.create();
+
+        int[] Y1Squared = Nat192.create();
+        SecP192R1Field.square(Y1.x, Y1Squared);
+
+        int[] T = Nat192.create();
+        SecP192R1Field.square(Y1Squared, T);
+
+        boolean Z1IsOne = Z1.isOne();
+
+        int[] Z1Squared = Z1.x;
+        if (!Z1IsOne)
+        {
+            Z1Squared = t2;
+            SecP192R1Field.square(Z1.x, Z1Squared);
+        }
+
+        SecP192R1Field.subtract(X1.x, Z1Squared, t1);
+
+        int[] M = t2;
+        SecP192R1Field.add(X1.x, Z1Squared, M);
+        SecP192R1Field.multiply(M, t1, M);
+        c = Nat192.addBothTo(M, M, M);
+        SecP192R1Field.reduce32(c, M);
+
+        int[] S = Y1Squared;
+        SecP192R1Field.multiply(Y1Squared, X1.x, S);
+        c = Nat.shiftUpBits(6, S, 2, 0);
+        SecP192R1Field.reduce32(c, S);
+
+        c = Nat.shiftUpBits(6, T, 3, 0, t1);
+        SecP192R1Field.reduce32(c, t1);
+
+        SecP192R1FieldElement X3 = new SecP192R1FieldElement(T);
+        SecP192R1Field.square(M, X3.x);
+        SecP192R1Field.subtract(X3.x, S, X3.x);
+        SecP192R1Field.subtract(X3.x, S, X3.x);
+
+        SecP192R1FieldElement Y3 = new SecP192R1FieldElement(S);
+        SecP192R1Field.subtract(S, X3.x, Y3.x);
+        SecP192R1Field.multiply(Y3.x, M, Y3.x);
+        SecP192R1Field.subtract(Y3.x, t1, Y3.x);
+
+        SecP192R1FieldElement Z3 = new SecP192R1FieldElement(M);
+        SecP192R1Field.twice(Y1.x, Z3.x);
+        if (!Z1IsOne)
+        {
+            SecP192R1Field.multiply(Z3.x, Z1.x, Z3.x);
+        }
+
+        return new SecP192R1Point(curve, X3, Y3, new ECFieldElement[]{ Z3 }, this.withCompression);
+    }
+
+    public ECPoint twicePlus(ECPoint b)
+    {
+        if (this == b)
+        {
+            return threeTimes();
+        }
+        if (this.isInfinity())
+        {
+            return b;
+        }
+        if (b.isInfinity())
+        {
+            return twice();
+        }
+
+        ECFieldElement Y1 = this.y;
+        if (Y1.isZero())
+        {
+            return b;
+        }
+
+        return twice().add(b);
+    }
+
+    public ECPoint threeTimes()
+    {
+        if (this.isInfinity() || this.y.isZero())
+        {
+            return this;
+        }
+
+        // NOTE: Be careful about recursions between twicePlus and threeTimes
+        return twice().add(this);
+    }
+
+    public ECPoint negate()
+    {
+        if (this.isInfinity())
+        {
+            return this;
+        }
+
+        return new SecP192R1Point(curve, this.x, this.y.negate(), this.zs, this.withCompression);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP224K1Curve.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP224K1Curve.java
new file mode 100644
index 0000000..fd6814f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP224K1Curve.java

@@ -0,0 +1,129 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.ec.ECConstants;
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.ECFieldElement;
+import com.android.org.bouncycastle.math.ec.ECLookupTable;
+import com.android.org.bouncycastle.math.ec.ECPoint;
+import com.android.org.bouncycastle.math.raw.Nat224;
+import com.android.org.bouncycastle.util.encoders.Hex;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP224K1Curve extends ECCurve.AbstractFp
+{
+    public static final BigInteger q = new BigInteger(1,
+        Hex.decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFE56D"));
+
+    private static final int SECP224K1_DEFAULT_COORDS = COORD_JACOBIAN;
+
+    protected SecP224K1Point infinity;
+
+    public SecP224K1Curve()
+    {
+        super(q);
+
+        this.infinity = new SecP224K1Point(this, null, null);
+
+        this.a = fromBigInteger(ECConstants.ZERO);
+        this.b = fromBigInteger(BigInteger.valueOf(5));
+        this.order = new BigInteger(1, Hex.decode("010000000000000000000000000001DCE8D2EC6184CAF0A971769FB1F7"));
+        this.cofactor = BigInteger.valueOf(1);
+        this.coord = SECP224K1_DEFAULT_COORDS;
+    }
+
+    protected ECCurve cloneCurve()
+    {
+        return new SecP224K1Curve();
+    }
+
+    public boolean supportsCoordinateSystem(int coord)
+    {
+        switch (coord)
+        {
+        case COORD_JACOBIAN:
+            return true;
+        default:
+            return false;
+        }
+    }
+
+    public BigInteger getQ()
+    {
+        return q;
+    }
+
+    public int getFieldSize()
+    {
+        return q.bitLength();
+    }
+
+    public ECFieldElement fromBigInteger(BigInteger x)
+    {
+        return new SecP224K1FieldElement(x);
+    }
+
+    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
+    {
+        return new SecP224K1Point(this, x, y, withCompression);
+    }
+
+    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
+    {
+        return new SecP224K1Point(this, x, y, zs, withCompression);
+    }
+
+    public ECPoint getInfinity()
+    {
+        return infinity;
+    }
+
+    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
+    {
+        final int FE_INTS = 7;
+
+        final int[] table = new int[len * FE_INTS * 2];
+        {
+            int pos = 0;
+            for (int i = 0; i < len; ++i)
+            {
+                ECPoint p = points[off + i];
+                Nat224.copy(((SecP224K1FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_INTS;
+                Nat224.copy(((SecP224K1FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_INTS;
+            }
+        }
+
+        return new ECLookupTable()
+        {
+            public int getSize()
+            {
+                return len;
+            }
+
+            public ECPoint lookup(int index)
+            {
+                int[] x = Nat224.create(), y = Nat224.create();
+                int pos = 0;
+
+                for (int i = 0; i < len; ++i)
+                {
+                    int MASK = ((i ^ index) - 1) >> 31;
+
+                    for (int j = 0; j < FE_INTS; ++j)
+                    {
+                        x[j] ^= table[pos + j] & MASK;
+                        y[j] ^= table[pos + FE_INTS + j] & MASK;
+                    }
+
+                    pos += (FE_INTS * 2);
+                }
+
+                return createRawPoint(new SecP224K1FieldElement(x), new SecP224K1FieldElement(y), false);
+            }
+        };
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP224K1Field.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP224K1Field.java
new file mode 100644
index 0000000..0b102d2
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP224K1Field.java

@@ -0,0 +1,182 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.raw.Nat;
+import com.android.org.bouncycastle.math.raw.Nat224;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP224K1Field
+{
+    // 2^224 - 2^32 - 2^12 - 2^11 - 2^9 - 2^7 - 2^4 - 2 - 1
+    static final int[] P = new int[]{ 0xFFFFE56D, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
+        0xFFFFFFFF };
+    static final int[] PExt = new int[]{ 0x02C23069, 0x00003526, 0x00000001, 0x00000000, 0x00000000,
+        0x00000000, 0x00000000, 0xFFFFCADA, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF };
+    private static final int[] PExtInv = new int[]{ 0xFD3DCF97, 0xFFFFCAD9, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF,
+        0xFFFFFFFF, 0xFFFFFFFF, 0x00003525, 0x00000002 };
+    private static final int P6 = 0xFFFFFFFF;
+    private static final int PExt13 = 0xFFFFFFFF;
+    private static final int PInv33 = 0x1A93;
+
+    public static void add(int[] x, int[] y, int[] z)
+    {
+        int c = Nat224.add(x, y, z);
+        if (c != 0 || (z[6] == P6 && Nat224.gte(z, P)))
+        {
+            Nat.add33To(7, PInv33, z);
+        }
+    }
+
+    public static void addExt(int[] xx, int[] yy, int[] zz)
+    {
+        int c = Nat.add(14, xx, yy, zz);
+        if (c != 0 || (zz[13] == PExt13 && Nat.gte(14, zz, PExt)))
+        {
+            if (Nat.addTo(PExtInv.length, PExtInv, zz) != 0)
+            {
+                Nat.incAt(14, zz, PExtInv.length);
+            }
+        }
+    }
+
+    public static void addOne(int[] x, int[] z)
+    {
+        int c = Nat.inc(7, x, z);
+        if (c != 0 || (z[6] == P6 && Nat224.gte(z, P)))
+        {
+            Nat.add33To(7, PInv33, z);
+        }
+    }
+
+    public static int[] fromBigInteger(BigInteger x)
+    {
+        int[] z = Nat224.fromBigInteger(x);
+        if (z[6] == P6 && Nat224.gte(z, P))
+        {
+            Nat.add33To(7, PInv33, z);
+        }
+        return z;
+    }
+
+    public static void half(int[] x, int[] z)
+    {
+        if ((x[0] & 1) == 0)
+        {
+            Nat.shiftDownBit(7, x, 0, z);
+        }
+        else
+        {
+            int c = Nat224.add(x, P, z);
+            Nat.shiftDownBit(7, z, c);
+        }
+    }
+
+    public static void multiply(int[] x, int[] y, int[] z)
+    {
+        int[] tt = Nat224.createExt();
+        Nat224.mul(x, y, tt);
+        reduce(tt, z);
+    }
+
+    public static void multiplyAddToExt(int[] x, int[] y, int[] zz)
+    {
+        int c = Nat224.mulAddTo(x, y, zz);
+        if (c != 0 || (zz[13] == PExt13 && Nat.gte(14, zz, PExt)))
+        {
+            if (Nat.addTo(PExtInv.length, PExtInv, zz) != 0)
+            {
+                Nat.incAt(14, zz, PExtInv.length);
+            }
+        }
+    }
+
+    public static void negate(int[] x, int[] z)
+    {
+        if (Nat224.isZero(x))
+        {
+            Nat224.zero(z);
+        }
+        else
+        {
+            Nat224.sub(P, x, z);
+        }
+    }
+
+    public static void reduce(int[] xx, int[] z)
+    {
+        long cc = Nat224.mul33Add(PInv33, xx, 7, xx, 0, z, 0);
+        int c = Nat224.mul33DWordAdd(PInv33, cc, z, 0);
+
+        // assert c == 0L || c == 1L;
+
+        if (c != 0 || (z[6] == P6 && Nat224.gte(z, P)))
+        {
+            Nat.add33To(7, PInv33, z);
+        }
+    }
+
+    public static void reduce32(int x, int[] z)
+    {
+        if ((x != 0 && Nat224.mul33WordAdd(PInv33, x, z, 0) != 0)
+            || (z[6] == P6 && Nat224.gte(z, P)))
+        {
+            Nat.add33To(7, PInv33, z);
+        }
+    }
+
+    public static void square(int[] x, int[] z)
+    {
+        int[] tt = Nat224.createExt();
+        Nat224.square(x, tt);
+        reduce(tt, z);
+    }
+
+    public static void squareN(int[] x, int n, int[] z)
+    {
+//        assert n > 0;
+
+        int[] tt = Nat224.createExt();
+        Nat224.square(x, tt);
+        reduce(tt, z);
+
+        while (--n > 0)
+        {
+            Nat224.square(z, tt);
+            reduce(tt, z);
+        }
+    }
+
+    public static void subtract(int[] x, int[] y, int[] z)
+    {
+        int c = Nat224.sub(x, y, z);
+        if (c != 0)
+        {
+            Nat.sub33From(7, PInv33, z);
+        }
+    }
+
+    public static void subtractExt(int[] xx, int[] yy, int[] zz)
+    {
+        int c = Nat.sub(14, xx, yy, zz);
+        if (c != 0)
+        {
+            if (Nat.subFrom(PExtInv.length, PExtInv, zz) != 0)
+            {
+                Nat.decAt(14, zz, PExtInv.length);
+            }
+        }
+    }
+
+    public static void twice(int[] x, int[] z)
+    {
+        int c = Nat.shiftUpBit(7, x, 0, z);
+        if (c != 0 || (z[6] == P6 && Nat224.gte(z, P)))
+        {
+            Nat.add33To(7, PInv33, z);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP224K1FieldElement.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP224K1FieldElement.java
new file mode 100644
index 0000000..966a766
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP224K1FieldElement.java

@@ -0,0 +1,247 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.ec.ECFieldElement;
+import com.android.org.bouncycastle.math.raw.Mod;
+import com.android.org.bouncycastle.math.raw.Nat224;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP224K1FieldElement extends ECFieldElement.AbstractFp
+{
+    public static final BigInteger Q = SecP224K1Curve.q;
+
+    // Calculated as ECConstants.TWO.modPow(Q.shiftRight(2), Q)
+    private static final int[] PRECOMP_POW2 = new int[]{ 0x33bfd202, 0xdcfad133, 0x2287624a, 0xc3811ba8,
+        0xa85558fc, 0x1eaef5d7, 0x8edf154c };
+
+    protected int[] x;
+
+    public SecP224K1FieldElement(BigInteger x)
+    {
+        if (x == null || x.signum() < 0 || x.compareTo(Q) >= 0)
+        {
+            throw new IllegalArgumentException("x value invalid for SecP224K1FieldElement");
+        }
+
+        this.x = SecP224K1Field.fromBigInteger(x);
+    }
+
+    public SecP224K1FieldElement()
+    {
+        this.x = Nat224.create();
+    }
+
+    protected SecP224K1FieldElement(int[] x)
+    {
+        this.x = x;
+    }
+
+    public boolean isZero()
+    {
+        return Nat224.isZero(x);
+    }
+
+    public boolean isOne()
+    {
+        return Nat224.isOne(x);
+    }
+
+    public boolean testBitZero()
+    {
+        return Nat224.getBit(x, 0) == 1;
+    }
+
+    public BigInteger toBigInteger()
+    {
+        return Nat224.toBigInteger(x);
+    }
+
+    public String getFieldName()
+    {
+        return "SecP224K1Field";
+    }
+
+    public int getFieldSize()
+    {
+        return Q.bitLength();
+    }
+
+    public ECFieldElement add(ECFieldElement b)
+    {
+        int[] z = Nat224.create();
+        SecP224K1Field.add(x, ((SecP224K1FieldElement)b).x, z);
+        return new SecP224K1FieldElement(z);
+    }
+
+    public ECFieldElement addOne()
+    {
+        int[] z = Nat224.create();
+        SecP224K1Field.addOne(x, z);
+        return new SecP224K1FieldElement(z);
+    }
+
+    public ECFieldElement subtract(ECFieldElement b)
+    {
+        int[] z = Nat224.create();
+        SecP224K1Field.subtract(x, ((SecP224K1FieldElement)b).x, z);
+        return new SecP224K1FieldElement(z);
+    }
+
+    public ECFieldElement multiply(ECFieldElement b)
+    {
+        int[] z = Nat224.create();
+        SecP224K1Field.multiply(x, ((SecP224K1FieldElement)b).x, z);
+        return new SecP224K1FieldElement(z);
+    }
+
+    public ECFieldElement divide(ECFieldElement b)
+    {
+//        return multiply(b.invert());
+        int[] z = Nat224.create();
+        Mod.invert(SecP224K1Field.P, ((SecP224K1FieldElement)b).x, z);
+        SecP224K1Field.multiply(z, x, z);
+        return new SecP224K1FieldElement(z);
+    }
+
+    public ECFieldElement negate()
+    {
+        int[] z = Nat224.create();
+        SecP224K1Field.negate(x, z);
+        return new SecP224K1FieldElement(z);
+    }
+
+    public ECFieldElement square()
+    {
+        int[] z = Nat224.create();
+        SecP224K1Field.square(x, z);
+        return new SecP224K1FieldElement(z);
+    }
+
+    public ECFieldElement invert()
+    {
+//        return new SecP224K1FieldElement(toBigInteger().modInverse(Q));
+        int[] z = Nat224.create();
+        Mod.invert(SecP224K1Field.P, x, z);
+        return new SecP224K1FieldElement(z);
+    }
+
+    // D.1.4 91
+    /**
+     * return a sqrt root - the routine verifies that the calculation returns the right value - if
+     * none exists it returns null.
+     */
+    public ECFieldElement sqrt()
+    {
+        /*
+         * Q == 8m + 5, so we use Pocklington's method for this case.
+         *
+         * First, raise this element to the exponent 2^221 - 2^29 - 2^9 - 2^8 - 2^6 - 2^4 - 2^1 (i.e. m + 1)
+         *
+         * Breaking up the exponent's binary representation into "repunits", we get:
+         * { 191 1s } { 1 0s } { 19 1s } { 2 0s } { 1 1s } { 1 0s} { 1 1s } { 1 0s} { 3 1s } { 1 0s}
+         *
+         * Therefore we need an addition chain containing 1, 3, 19, 191 (the lengths of the repunits)
+         * We use: [1], 2, [3], 4, 8, 11, [19], 23, 42, 84, 107, [191]
+         */
+
+        int[] x1 = this.x;
+        if (Nat224.isZero(x1) || Nat224.isOne(x1))
+        {
+            return this;
+        }
+
+        int[] x2 = Nat224.create();
+        SecP224K1Field.square(x1, x2);
+        SecP224K1Field.multiply(x2, x1, x2);
+        int[] x3 = x2;
+        SecP224K1Field.square(x2, x3);
+        SecP224K1Field.multiply(x3, x1, x3);
+        int[] x4 = Nat224.create();
+        SecP224K1Field.square(x3, x4);
+        SecP224K1Field.multiply(x4, x1, x4);
+        int[] x8 = Nat224.create();
+        SecP224K1Field.squareN(x4, 4, x8);
+        SecP224K1Field.multiply(x8, x4, x8);
+        int[] x11 = Nat224.create();
+        SecP224K1Field.squareN(x8, 3, x11);
+        SecP224K1Field.multiply(x11, x3, x11);
+        int[] x19 = x11;
+        SecP224K1Field.squareN(x11, 8, x19);
+        SecP224K1Field.multiply(x19, x8, x19);
+        int[] x23 = x8;
+        SecP224K1Field.squareN(x19, 4, x23);
+        SecP224K1Field.multiply(x23, x4, x23);
+        int[] x42 = x4;
+        SecP224K1Field.squareN(x23, 19, x42);
+        SecP224K1Field.multiply(x42, x19, x42);
+        int[] x84 = Nat224.create();
+        SecP224K1Field.squareN(x42, 42, x84);
+        SecP224K1Field.multiply(x84, x42, x84);
+        int[] x107 = x42;
+        SecP224K1Field.squareN(x84, 23, x107);
+        SecP224K1Field.multiply(x107, x23, x107);
+        int[] x191 = x23;
+        SecP224K1Field.squareN(x107, 84, x191);
+        SecP224K1Field.multiply(x191, x84, x191);
+
+        int[] t1 = x191;
+        SecP224K1Field.squareN(t1, 20, t1);
+        SecP224K1Field.multiply(t1, x19, t1);
+        SecP224K1Field.squareN(t1, 3, t1);
+        SecP224K1Field.multiply(t1, x1, t1);
+        SecP224K1Field.squareN(t1, 2, t1);
+        SecP224K1Field.multiply(t1, x1, t1);
+        SecP224K1Field.squareN(t1, 4, t1);
+        SecP224K1Field.multiply(t1, x3, t1);
+        SecP224K1Field.square(t1, t1);
+
+        int[] t2 = x84;
+        SecP224K1Field.square(t1, t2);
+
+        if (Nat224.eq(x1, t2))
+        {
+            return new SecP224K1FieldElement(t1);
+        }
+
+        /*
+         * If the first guess is incorrect, we multiply by a precomputed power of 2 to get the second guess,
+         * which is ((4x)^(m + 1))/2 mod Q
+         */
+        SecP224K1Field.multiply(t1, PRECOMP_POW2, t1);
+
+        SecP224K1Field.square(t1, t2);
+
+        if (Nat224.eq(x1, t2))
+        {
+            return new SecP224K1FieldElement(t1);
+        }
+
+        return null;
+    }
+
+    public boolean equals(Object other)
+    {
+        if (other == this)
+        {
+            return true;
+        }
+
+        if (!(other instanceof SecP224K1FieldElement))
+        {
+            return false;
+        }
+
+        SecP224K1FieldElement o = (SecP224K1FieldElement)other;
+        return Nat224.eq(x, o.x);
+    }
+
+    public int hashCode()
+    {
+        return Q.hashCode() ^ Arrays.hashCode(x, 0, 7);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP224K1Point.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP224K1Point.java
new file mode 100644
index 0000000..2b24c56
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP224K1Point.java

@@ -0,0 +1,302 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.ECFieldElement;
+import com.android.org.bouncycastle.math.ec.ECPoint;
+import com.android.org.bouncycastle.math.raw.Nat;
+import com.android.org.bouncycastle.math.raw.Nat224;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP224K1Point extends ECPoint.AbstractFp
+{
+    /**
+     * Create a point which encodes with point compression.
+     *
+     * @param curve
+     *            the curve to use
+     * @param x
+     *            affine x co-ordinate
+     * @param y
+     *            affine y co-ordinate
+     *
+     * @deprecated Use ECCurve.createPoint to construct points
+     */
+    public SecP224K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+    {
+        this(curve, x, y, false);
+    }
+
+    /**
+     * Create a point that encodes with or without point compresion.
+     *
+     * @param curve
+     *            the curve to use
+     * @param x
+     *            affine x co-ordinate
+     * @param y
+     *            affine y co-ordinate
+     * @param withCompression
+     *            if true encode with point compression
+     *
+     * @deprecated per-point compression property will be removed, refer
+     *             {@link #getEncoded(boolean)}
+     */
+    public SecP224K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
+    {
+        super(curve, x, y);
+
+        if ((x == null) != (y == null))
+        {
+            throw new IllegalArgumentException("Exactly one of the field elements is null");
+        }
+
+        this.withCompression = withCompression;
+    }
+
+    SecP224K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs,
+        boolean withCompression)
+    {
+        super(curve, x, y, zs);
+
+        this.withCompression = withCompression;
+    }
+
+    protected ECPoint detach()
+    {
+        return new SecP224K1Point(null, getAffineXCoord(), getAffineYCoord());
+    }
+
+    // B.3 pg 62
+    public ECPoint add(ECPoint b)
+    {
+        if (this.isInfinity())
+        {
+            return b;
+        }
+        if (b.isInfinity())
+        {
+            return this;
+        }
+        if (this == b)
+        {
+            return twice();
+        }
+
+        ECCurve curve = this.getCurve();
+
+        SecP224K1FieldElement X1 = (SecP224K1FieldElement)this.x, Y1 = (SecP224K1FieldElement)this.y;
+        SecP224K1FieldElement X2 = (SecP224K1FieldElement)b.getXCoord(), Y2 = (SecP224K1FieldElement)b.getYCoord();
+
+        SecP224K1FieldElement Z1 = (SecP224K1FieldElement)this.zs[0];
+        SecP224K1FieldElement Z2 = (SecP224K1FieldElement)b.getZCoord(0);
+
+        int c;
+        int[] tt1 = Nat224.createExt();
+        int[] t2 = Nat224.create();
+        int[] t3 = Nat224.create();
+        int[] t4 = Nat224.create();
+
+        boolean Z1IsOne = Z1.isOne();
+        int[] U2, S2;
+        if (Z1IsOne)
+        {
+            U2 = X2.x;
+            S2 = Y2.x;
+        }
+        else
+        {
+            S2 = t3;
+            SecP224K1Field.square(Z1.x, S2);
+
+            U2 = t2;
+            SecP224K1Field.multiply(S2, X2.x, U2);
+
+            SecP224K1Field.multiply(S2, Z1.x, S2);
+            SecP224K1Field.multiply(S2, Y2.x, S2);
+        }
+
+        boolean Z2IsOne = Z2.isOne();
+        int[] U1, S1;
+        if (Z2IsOne)
+        {
+            U1 = X1.x;
+            S1 = Y1.x;
+        }
+        else
+        {
+            S1 = t4;
+            SecP224K1Field.square(Z2.x, S1);
+
+            U1 = tt1;
+            SecP224K1Field.multiply(S1, X1.x, U1);
+
+            SecP224K1Field.multiply(S1, Z2.x, S1);
+            SecP224K1Field.multiply(S1, Y1.x, S1);
+        }
+
+        int[] H = Nat224.create();
+        SecP224K1Field.subtract(U1, U2, H);
+
+        int[] R = t2;
+        SecP224K1Field.subtract(S1, S2, R);
+
+        // Check if b == this or b == -this
+        if (Nat224.isZero(H))
+        {
+            if (Nat224.isZero(R))
+            {
+                // this == b, i.e. this must be doubled
+                return this.twice();
+            }
+
+            // this == -b, i.e. the result is the point at infinity
+            return curve.getInfinity();
+        }
+
+        int[] HSquared = t3;
+        SecP224K1Field.square(H, HSquared);
+
+        int[] G = Nat224.create();
+        SecP224K1Field.multiply(HSquared, H, G);
+
+        int[] V = t3;
+        SecP224K1Field.multiply(HSquared, U1, V);
+
+        SecP224K1Field.negate(G, G);
+        Nat224.mul(S1, G, tt1);
+
+        c = Nat224.addBothTo(V, V, G);
+        SecP224K1Field.reduce32(c, G);
+
+        SecP224K1FieldElement X3 = new SecP224K1FieldElement(t4);
+        SecP224K1Field.square(R, X3.x);
+        SecP224K1Field.subtract(X3.x, G, X3.x);
+
+        SecP224K1FieldElement Y3 = new SecP224K1FieldElement(G);
+        SecP224K1Field.subtract(V, X3.x, Y3.x);
+        SecP224K1Field.multiplyAddToExt(Y3.x, R, tt1);
+        SecP224K1Field.reduce(tt1, Y3.x);
+
+        SecP224K1FieldElement Z3 = new SecP224K1FieldElement(H);
+        if (!Z1IsOne)
+        {
+            SecP224K1Field.multiply(Z3.x, Z1.x, Z3.x);
+        }
+        if (!Z2IsOne)
+        {
+            SecP224K1Field.multiply(Z3.x, Z2.x, Z3.x);
+        }
+
+        ECFieldElement[] zs = new ECFieldElement[] { Z3 };
+
+        return new SecP224K1Point(curve, X3, Y3, zs, this.withCompression);
+    }
+
+    // B.3 pg 62
+    public ECPoint twice()
+    {
+        if (this.isInfinity())
+        {
+            return this;
+        }
+
+        ECCurve curve = this.getCurve();
+
+        SecP224K1FieldElement Y1 = (SecP224K1FieldElement)this.y;
+        if (Y1.isZero())
+        {
+            return curve.getInfinity();
+        }
+
+        SecP224K1FieldElement X1 = (SecP224K1FieldElement)this.x, Z1 = (SecP224K1FieldElement)this.zs[0];
+
+        int c;
+
+        int[] Y1Squared = Nat224.create();
+        SecP224K1Field.square(Y1.x, Y1Squared);
+
+        int[] T = Nat224.create();
+        SecP224K1Field.square(Y1Squared, T);
+
+        int[] M = Nat224.create();
+        SecP224K1Field.square(X1.x, M);
+        c = Nat224.addBothTo(M, M, M);
+        SecP224K1Field.reduce32(c, M);
+
+        int[] S = Y1Squared;
+        SecP224K1Field.multiply(Y1Squared, X1.x, S);
+        c = Nat.shiftUpBits(7, S, 2, 0);
+        SecP224K1Field.reduce32(c, S);
+
+        int[] t1 = Nat224.create();
+        c = Nat.shiftUpBits(7, T, 3, 0, t1);
+        SecP224K1Field.reduce32(c, t1);
+
+        SecP224K1FieldElement X3 = new SecP224K1FieldElement(T);
+        SecP224K1Field.square(M, X3.x);
+        SecP224K1Field.subtract(X3.x, S, X3.x);
+        SecP224K1Field.subtract(X3.x, S, X3.x);
+
+        SecP224K1FieldElement Y3 = new SecP224K1FieldElement(S);
+        SecP224K1Field.subtract(S, X3.x, Y3.x);
+        SecP224K1Field.multiply(Y3.x, M, Y3.x);
+        SecP224K1Field.subtract(Y3.x, t1, Y3.x);
+
+        SecP224K1FieldElement Z3 = new SecP224K1FieldElement(M);
+        SecP224K1Field.twice(Y1.x, Z3.x);
+        if (!Z1.isOne())
+        {
+            SecP224K1Field.multiply(Z3.x, Z1.x, Z3.x);
+        }
+
+        return new SecP224K1Point(curve, X3, Y3, new ECFieldElement[] { Z3 }, this.withCompression);
+    }
+
+    public ECPoint twicePlus(ECPoint b)
+    {
+        if (this == b)
+        {
+            return threeTimes();
+        }
+        if (this.isInfinity())
+        {
+            return b;
+        }
+        if (b.isInfinity())
+        {
+            return twice();
+        }
+
+        ECFieldElement Y1 = this.y;
+        if (Y1.isZero())
+        {
+            return b;
+        }
+
+        return twice().add(b);
+    }
+
+    public ECPoint threeTimes()
+    {
+        if (this.isInfinity() || this.y.isZero())
+        {
+            return this;
+        }
+
+        // NOTE: Be careful about recursions between twicePlus and threeTimes
+        return twice().add(this);
+    }
+
+    public ECPoint negate()
+    {
+        if (this.isInfinity())
+        {
+            return this;
+        }
+
+        return new SecP224K1Point(curve, this.x, this.y.negate(), this.zs, this.withCompression);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP224R1Curve.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP224R1Curve.java
new file mode 100644
index 0000000..c231ae7
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP224R1Curve.java

@@ -0,0 +1,131 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.ECFieldElement;
+import com.android.org.bouncycastle.math.ec.ECLookupTable;
+import com.android.org.bouncycastle.math.ec.ECPoint;
+import com.android.org.bouncycastle.math.raw.Nat224;
+import com.android.org.bouncycastle.util.encoders.Hex;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP224R1Curve extends ECCurve.AbstractFp
+{
+    public static final BigInteger q = new BigInteger(1,
+        Hex.decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF000000000000000000000001"));
+
+    private static final int SecP224R1_DEFAULT_COORDS = COORD_JACOBIAN;
+
+    protected SecP224R1Point infinity;
+
+    public SecP224R1Curve()
+    {
+        super(q);
+
+        this.infinity = new SecP224R1Point(this, null, null);
+
+        this.a = fromBigInteger(new BigInteger(1,
+            Hex.decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFFFFFFFFFFFFFFFFFE")));
+        this.b = fromBigInteger(new BigInteger(1,
+            Hex.decode("B4050A850C04B3ABF54132565044B0B7D7BFD8BA270B39432355FFB4")));
+        this.order = new BigInteger(1, Hex.decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFF16A2E0B8F03E13DD29455C5C2A3D"));
+        this.cofactor = BigInteger.valueOf(1);
+
+        this.coord = SecP224R1_DEFAULT_COORDS;
+    }
+
+    protected ECCurve cloneCurve()
+    {
+        return new SecP224R1Curve();
+    }
+
+    public boolean supportsCoordinateSystem(int coord)
+    {
+        switch (coord)
+        {
+        case COORD_JACOBIAN:
+            return true;
+        default:
+            return false;
+        }
+    }
+
+    public BigInteger getQ()
+    {
+        return q;
+    }
+
+    public int getFieldSize()
+    {
+        return q.bitLength();
+    }
+
+    public ECFieldElement fromBigInteger(BigInteger x)
+    {
+        return new SecP224R1FieldElement(x);
+    }
+
+    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
+    {
+        return new SecP224R1Point(this, x, y, withCompression);
+    }
+
+    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
+    {
+        return new SecP224R1Point(this, x, y, zs, withCompression);
+    }
+
+    public ECPoint getInfinity()
+    {
+        return infinity;
+    }
+
+    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
+    {
+        final int FE_INTS = 7;
+
+        final int[] table = new int[len * FE_INTS * 2];
+        {
+            int pos = 0;
+            for (int i = 0; i < len; ++i)
+            {
+                ECPoint p = points[off + i];
+                Nat224.copy(((SecP224R1FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_INTS;
+                Nat224.copy(((SecP224R1FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_INTS;
+            }
+        }
+
+        return new ECLookupTable()
+        {
+            public int getSize()
+            {
+                return len;
+            }
+
+            public ECPoint lookup(int index)
+            {
+                int[] x = Nat224.create(), y = Nat224.create();
+                int pos = 0;
+
+                for (int i = 0; i < len; ++i)
+                {
+                    int MASK = ((i ^ index) - 1) >> 31;
+
+                    for (int j = 0; j < FE_INTS; ++j)
+                    {
+                        x[j] ^= table[pos + j] & MASK;
+                        y[j] ^= table[pos + FE_INTS + j] & MASK;
+                    }
+
+                    pos += (FE_INTS * 2);
+                }
+
+                return createRawPoint(new SecP224R1FieldElement(x), new SecP224R1FieldElement(y), false);
+            }
+        };
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP224R1Field.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP224R1Field.java
new file mode 100644
index 0000000..c8d247e
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP224R1Field.java

@@ -0,0 +1,302 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.raw.Nat;
+import com.android.org.bouncycastle.math.raw.Nat224;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP224R1Field
+{
+    private static final long M = 0xFFFFFFFFL;
+
+    // 2^224 - 2^96 + 1
+    static final int[] P = new int[]{ 0x00000001, 0x00000000, 0x00000000, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF };
+    static final int[] PExt = new int[]{ 0x00000001, 0x00000000, 0x00000000, 0xFFFFFFFE, 0xFFFFFFFF,
+        0xFFFFFFFF, 0x00000000, 0x00000002, 0x00000000, 0x00000000, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF };
+    private static final int[] PExtInv = new int[]{ 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000001, 0x00000000,
+        0x00000000, 0xFFFFFFFF, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000001 };
+    private static final int P6 = 0xFFFFFFFF;
+    private static final int PExt13 = 0xFFFFFFFF;
+
+    public static void add(int[] x, int[] y, int[] z)
+    {
+        int c = Nat224.add(x, y, z);
+        if (c != 0 || (z[6] == P6 && Nat224.gte(z, P)))
+        {
+            addPInvTo(z);
+        }
+    }
+
+    public static void addExt(int[] xx, int[] yy, int[] zz)
+    {
+        int c = Nat.add(14, xx, yy, zz);
+        if (c != 0 || (zz[13] == PExt13 && Nat.gte(14, zz, PExt)))
+        {
+            if (Nat.addTo(PExtInv.length, PExtInv, zz) != 0)
+            {
+                Nat.incAt(14, zz, PExtInv.length);
+            }
+        }
+    }
+
+    public static void addOne(int[] x, int[] z)
+    {
+        int c = Nat.inc(7, x, z);
+        if (c != 0 || (z[6] == P6 && Nat224.gte(z, P)))
+        {
+            addPInvTo(z);
+        }
+    }
+
+    public static int[] fromBigInteger(BigInteger x)
+    {
+        int[] z = Nat224.fromBigInteger(x);
+        if (z[6] == P6 && Nat224.gte(z, P))
+        {
+            Nat224.subFrom(P, z);
+        }
+        return z;
+    }
+
+    public static void half(int[] x, int[] z)
+    {
+        if ((x[0] & 1) == 0)
+        {
+            Nat.shiftDownBit(7, x, 0, z);
+        }
+        else
+        {
+            int c = Nat224.add(x, P, z);
+            Nat.shiftDownBit(7, z, c);
+        }
+    }
+
+    public static void multiply(int[] x, int[] y, int[] z)
+    {
+        int[] tt = Nat224.createExt();
+        Nat224.mul(x, y, tt);
+        reduce(tt, z);
+    }
+
+    public static void multiplyAddToExt(int[] x, int[] y, int[] zz)
+    {
+        int c = Nat224.mulAddTo(x, y, zz);
+        if (c != 0 || (zz[13] == PExt13 && Nat.gte(14, zz, PExt)))
+        {
+            if (Nat.addTo(PExtInv.length, PExtInv, zz) != 0)
+            {
+                Nat.incAt(14, zz, PExtInv.length);
+            }
+        }
+    }
+
+    public static void negate(int[] x, int[] z)
+    {
+        if (Nat224.isZero(x))
+        {
+            Nat224.zero(z);
+        }
+        else
+        {
+            Nat224.sub(P, x, z);
+        }
+    }
+
+    public static void reduce(int[] xx, int[] z)
+    {
+        long xx10 = xx[10] & M, xx11 = xx[11] & M, xx12 = xx[12] & M, xx13 = xx[13] & M;
+
+        final long n = 1;
+
+        long t0 = (xx[7] & M) + xx11 - n;
+        long t1 = (xx[8] & M) + xx12;
+        long t2 = (xx[9] & M) + xx13;
+
+        long cc = 0;
+        cc += (xx[0] & M) - t0;
+        long z0 = cc & M;
+        cc >>= 32;
+        cc += (xx[1] & M) - t1;
+        z[1] = (int)cc;
+        cc >>= 32;
+        cc += (xx[2] & M) - t2;
+        z[2] = (int)cc;
+        cc >>= 32;
+        cc += (xx[3] & M) + t0 - xx10;
+        long z3 = cc & M;
+        cc >>= 32;
+        cc += (xx[4] & M) + t1 - xx11;
+        z[4] = (int)cc;
+        cc >>= 32;
+        cc += (xx[5] & M) + t2 - xx12;
+        z[5] = (int)cc;
+        cc >>= 32;
+        cc += (xx[6] & M) + xx10 - xx13;
+        z[6] = (int)cc;
+        cc >>= 32;
+        cc += n;
+
+//        assert cc >= 0;
+
+        z3 += cc;
+
+        z0 -= cc;
+        z[0] = (int)z0;
+        cc = z0 >> 32;
+        if (cc != 0)
+        {
+            cc += (z[1] & M);
+            z[1] = (int)cc;
+            cc >>= 32;
+            cc += (z[2] & M);
+            z[2] = (int)cc;
+            z3 += cc >> 32;
+        }
+        z[3] = (int)z3;
+        cc = z3 >> 32;
+
+//        assert cc == 0 || cc == 1;
+
+        if ((cc != 0 && Nat.incAt(7, z, 4) != 0)
+            || (z[6] == P6 && Nat224.gte(z, P)))
+        {
+            addPInvTo(z);
+        }
+    }
+
+    public static void reduce32(int x, int[] z)
+    {
+        long cc = 0;
+
+        if (x != 0)
+        {
+            long xx07 = x & M;
+
+            cc += (z[0] & M) - xx07;
+            z[0] = (int)cc;
+            cc >>= 32;
+            if (cc != 0)
+            {
+                cc += (z[1] & M);
+                z[1] = (int)cc;
+                cc >>= 32;
+                cc += (z[2] & M);
+                z[2] = (int)cc;
+                cc >>= 32;
+            }
+            cc += (z[3] & M) + xx07;
+            z[3] = (int)cc;
+            cc >>= 32;
+
+//            assert cc == 0 || cc == 1;
+        }
+
+        if ((cc != 0 && Nat.incAt(7, z, 4) != 0)
+            || (z[6] == P6 && Nat224.gte(z, P)))
+        {
+            addPInvTo(z);
+        }
+    }
+
+    public static void square(int[] x, int[] z)
+    {
+        int[] tt = Nat224.createExt();
+        Nat224.square(x, tt);
+        reduce(tt, z);
+    }
+
+    public static void squareN(int[] x, int n, int[] z)
+    {
+//        assert n > 0;
+
+        int[] tt = Nat224.createExt();
+        Nat224.square(x, tt);
+        reduce(tt, z);
+
+        while (--n > 0)
+        {
+            Nat224.square(z, tt);
+            reduce(tt, z);
+        }
+    }
+
+    public static void subtract(int[] x, int[] y, int[] z)
+    {
+        int c = Nat224.sub(x, y, z);
+        if (c != 0)
+        {
+            subPInvFrom(z);
+        }
+    }
+
+    public static void subtractExt(int[] xx, int[] yy, int[] zz)
+    {
+        int c = Nat.sub(14, xx, yy, zz);
+        if (c != 0)
+        {
+            if (Nat.subFrom(PExtInv.length, PExtInv, zz) != 0)
+            {
+                Nat.decAt(14, zz, PExtInv.length);
+            }
+        }
+    }
+
+    public static void twice(int[] x, int[] z)
+    {
+        int c = Nat.shiftUpBit(7, x, 0, z);
+        if (c != 0 || (z[6] == P6 && Nat224.gte(z, P)))
+        {
+            addPInvTo(z);
+        }
+    }
+
+    private static void addPInvTo(int[] z)
+    {
+        long c = (z[0] & M) - 1;
+        z[0] = (int)c;
+        c >>= 32;
+        if (c != 0)
+        {
+            c += (z[1] & M);
+            z[1] = (int)c;
+            c >>= 32;
+            c += (z[2] & M);
+            z[2] = (int)c;
+            c >>= 32;
+        }
+        c += (z[3] & M) + 1;
+        z[3] = (int)c;
+        c >>= 32;
+        if (c != 0)
+        {
+            Nat.incAt(7, z, 4);
+        }
+    }
+
+    private static void subPInvFrom(int[] z)
+    {
+        long c = (z[0] & M) + 1;
+        z[0] = (int)c;
+        c >>= 32;
+        if (c != 0)
+        {
+            c += (z[1] & M);
+            z[1] = (int)c;
+            c >>= 32;
+            c += (z[2] & M);
+            z[2] = (int)c;
+            c >>= 32;
+        }
+        c += (z[3] & M) - 1;
+        z[3] = (int)c;
+        c >>= 32;
+        if (c != 0)
+        {
+            Nat.decAt(7, z, 4);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP224R1FieldElement.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP224R1FieldElement.java
new file mode 100644
index 0000000..35b79db
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP224R1FieldElement.java

@@ -0,0 +1,277 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.ec.ECFieldElement;
+import com.android.org.bouncycastle.math.raw.Mod;
+import com.android.org.bouncycastle.math.raw.Nat;
+import com.android.org.bouncycastle.math.raw.Nat224;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP224R1FieldElement extends ECFieldElement.AbstractFp
+{
+    public static final BigInteger Q = SecP224R1Curve.q;
+
+    protected int[] x;
+
+    public SecP224R1FieldElement(BigInteger x)
+    {
+        if (x == null || x.signum() < 0 || x.compareTo(Q) >= 0)
+        {
+            throw new IllegalArgumentException("x value invalid for SecP224R1FieldElement");
+        }
+
+        this.x = SecP224R1Field.fromBigInteger(x);
+    }
+
+    public SecP224R1FieldElement()
+    {
+        this.x = Nat224.create();
+    }
+
+    protected SecP224R1FieldElement(int[] x)
+    {
+        this.x = x;
+    }
+
+    public boolean isZero()
+    {
+        return Nat224.isZero(x);
+    }
+
+    public boolean isOne()
+    {
+        return Nat224.isOne(x);
+    }
+
+    public boolean testBitZero()
+    {
+        return Nat224.getBit(x, 0) == 1;
+    }
+
+    public BigInteger toBigInteger()
+    {
+        return Nat224.toBigInteger(x);
+    }
+
+    public String getFieldName()
+    {
+        return "SecP224R1Field";
+    }
+
+    public int getFieldSize()
+    {
+        return Q.bitLength();
+    }
+
+    public ECFieldElement add(ECFieldElement b)
+    {
+        int[] z = Nat224.create();
+        SecP224R1Field.add(x, ((SecP224R1FieldElement)b).x, z);
+        return new SecP224R1FieldElement(z);
+    }
+
+    public ECFieldElement addOne()
+    {
+        int[] z = Nat224.create();
+        SecP224R1Field.addOne(x, z);
+        return new SecP224R1FieldElement(z);
+    }
+
+    public ECFieldElement subtract(ECFieldElement b)
+    {
+        int[] z = Nat224.create();
+        SecP224R1Field.subtract(x, ((SecP224R1FieldElement)b).x, z);
+        return new SecP224R1FieldElement(z);
+    }
+
+    public ECFieldElement multiply(ECFieldElement b)
+    {
+        int[] z = Nat224.create();
+        SecP224R1Field.multiply(x, ((SecP224R1FieldElement)b).x, z);
+        return new SecP224R1FieldElement(z);
+    }
+
+    public ECFieldElement divide(ECFieldElement b)
+    {
+//        return multiply(b.invert());
+        int[] z = Nat224.create();
+        Mod.invert(SecP224R1Field.P, ((SecP224R1FieldElement)b).x, z);
+        SecP224R1Field.multiply(z, x, z);
+        return new SecP224R1FieldElement(z);
+    }
+
+    public ECFieldElement negate()
+    {
+        int[] z = Nat224.create();
+        SecP224R1Field.negate(x, z);
+        return new SecP224R1FieldElement(z);
+    }
+
+    public ECFieldElement square()
+    {
+        int[] z = Nat224.create();
+        SecP224R1Field.square(x, z);
+        return new SecP224R1FieldElement(z);
+    }
+
+    public ECFieldElement invert()
+    {
+//        return new SecP224R1FieldElement(toBigInteger().modInverse(Q));
+        int[] z = Nat224.create();
+        Mod.invert(SecP224R1Field.P, x, z);
+        return new SecP224R1FieldElement(z);
+    }
+
+    /**
+     * return a sqrt root - the routine verifies that the calculation returns the right value - if
+     * none exists it returns null.
+     */
+    public ECFieldElement sqrt()
+    {
+        int[] c = this.x;
+        if (Nat224.isZero(c) || Nat224.isOne(c))
+        {
+            return this;
+        }
+
+        int[] nc = Nat224.create();
+        SecP224R1Field.negate(c, nc);
+
+        int[] r = Mod.random(SecP224R1Field.P);
+        int[] t = Nat224.create();
+
+        if (!isSquare(c))
+        {
+            return null;
+        }
+
+        while (!trySqrt(nc, r, t))
+        {
+            SecP224R1Field.addOne(r, r);
+        }
+
+        SecP224R1Field.square(t, r);
+
+        return Nat224.eq(c, r) ? new SecP224R1FieldElement(t) : null;
+    }
+
+    public boolean equals(Object other)
+    {
+        if (other == this)
+        {
+            return true;
+        }
+
+        if (!(other instanceof SecP224R1FieldElement))
+        {
+            return false;
+        }
+
+        SecP224R1FieldElement o = (SecP224R1FieldElement)other;
+        return Nat224.eq(x, o.x);
+    }
+
+    public int hashCode()
+    {
+        return Q.hashCode() ^ Arrays.hashCode(x, 0, 7);
+    }
+
+    private static boolean isSquare(int[] x)
+    {
+        int[] t1 = Nat224.create();
+        int[] t2 = Nat224.create();
+        Nat224.copy(x, t1);
+
+        for (int i = 0; i < 7; ++i)
+        {
+            Nat224.copy(t1, t2);
+            SecP224R1Field.squareN(t1, 1 << i, t1);
+            SecP224R1Field.multiply(t1, t2, t1);
+        }
+
+        SecP224R1Field.squareN(t1, 95, t1);
+        return Nat224.isOne(t1);
+    }
+
+    private static void RM(int[] nc, int[] d0, int[] e0, int[] d1, int[] e1, int[] f1, int[] t)
+    {
+        SecP224R1Field.multiply(e1, e0, t);
+        SecP224R1Field.multiply(t, nc, t);
+        SecP224R1Field.multiply(d1, d0, f1);
+        SecP224R1Field.add(f1, t, f1);
+        SecP224R1Field.multiply(d1, e0, t);
+        Nat224.copy(f1, d1);
+        SecP224R1Field.multiply(e1, d0, e1);
+        SecP224R1Field.add(e1, t, e1);
+        SecP224R1Field.square(e1, f1);
+        SecP224R1Field.multiply(f1, nc, f1);
+    }
+
+    private static void RP(int[] nc, int[] d1, int[] e1, int[] f1, int[] t)
+    {
+        Nat224.copy(nc, f1);
+
+        int[] d0 = Nat224.create();
+        int[] e0 = Nat224.create();
+
+        for (int i = 0; i < 7; ++i)
+        {
+            Nat224.copy(d1, d0);
+            Nat224.copy(e1, e0);
+
+            int j = 1 << i;
+            while (--j >= 0)
+            {
+                RS(d1, e1, f1, t);
+            }
+
+            RM(nc, d0, e0, d1, e1, f1, t);
+        }
+    }
+
+    private static void RS(int[] d, int[] e, int[] f, int[] t)
+    {
+        SecP224R1Field.multiply(e, d, e);
+        SecP224R1Field.twice(e, e);
+        SecP224R1Field.square(d, t);
+        SecP224R1Field.add(f, t, d);
+        SecP224R1Field.multiply(f, t, f);
+        int c = Nat.shiftUpBits(7, f, 2, 0);
+        SecP224R1Field.reduce32(c, f);
+    }
+
+    private static boolean trySqrt(int[] nc, int[] r, int[] t)
+    {
+        int[] d1 = Nat224.create();
+        Nat224.copy(r, d1);
+        int[] e1 = Nat224.create();
+        e1[0] = 1;
+        int[] f1 = Nat224.create();
+        RP(nc, d1, e1, f1, t);
+
+        int[] d0 = Nat224.create();
+        int[] e0 = Nat224.create();
+
+        for (int k = 1; k < 96; ++k)
+        {
+            Nat224.copy(d1, d0);
+            Nat224.copy(e1, e0);
+
+            RS(d1, e1, f1, t);
+
+            if (Nat224.isZero(d1))
+            {
+                Mod.invert(SecP224R1Field.P, e0, t);
+                SecP224R1Field.multiply(t, d0, t);
+                return true;
+            }
+        }
+
+        return false;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP224R1Point.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP224R1Point.java
new file mode 100644
index 0000000..ae83d36
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP224R1Point.java

@@ -0,0 +1,312 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.ECFieldElement;
+import com.android.org.bouncycastle.math.ec.ECPoint;
+import com.android.org.bouncycastle.math.raw.Nat;
+import com.android.org.bouncycastle.math.raw.Nat224;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP224R1Point extends ECPoint.AbstractFp
+{
+    /**
+     * Create a point which encodes with point compression.
+     *
+     * @param curve
+     *            the curve to use
+     * @param x
+     *            affine x co-ordinate
+     * @param y
+     *            affine y co-ordinate
+     *
+     * @deprecated Use ECCurve.createPoint to construct points
+     */
+    public SecP224R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+    {
+        this(curve, x, y, false);
+    }
+
+    /**
+     * Create a point that encodes with or without point compresion.
+     *
+     * @param curve
+     *            the curve to use
+     * @param x
+     *            affine x co-ordinate
+     * @param y
+     *            affine y co-ordinate
+     * @param withCompression
+     *            if true encode with point compression
+     *
+     * @deprecated per-point compression property will be removed, refer
+     *             {@link #getEncoded(boolean)}
+     */
+    public SecP224R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
+    {
+        super(curve, x, y);
+
+        if ((x == null) != (y == null))
+        {
+            throw new IllegalArgumentException("Exactly one of the field elements is null");
+        }
+
+        this.withCompression = withCompression;
+    }
+
+    SecP224R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
+    {
+        super(curve, x, y, zs);
+
+        this.withCompression = withCompression;
+    }
+
+    protected ECPoint detach()
+    {
+        return new SecP224R1Point(null, getAffineXCoord(), getAffineYCoord());
+    }
+
+    public ECPoint add(ECPoint b)
+    {
+        if (this.isInfinity())
+        {
+            return b;
+        }
+        if (b.isInfinity())
+        {
+            return this;
+        }
+        if (this == b)
+        {
+            return twice();
+        }
+
+        ECCurve curve = this.getCurve();
+
+        SecP224R1FieldElement X1 = (SecP224R1FieldElement)this.x, Y1 = (SecP224R1FieldElement)this.y;
+        SecP224R1FieldElement X2 = (SecP224R1FieldElement)b.getXCoord(), Y2 = (SecP224R1FieldElement)b.getYCoord();
+
+        SecP224R1FieldElement Z1 = (SecP224R1FieldElement)this.zs[0];
+        SecP224R1FieldElement Z2 = (SecP224R1FieldElement)b.getZCoord(0);
+
+        int c;
+        int[] tt1 = Nat224.createExt();
+        int[] t2 = Nat224.create();
+        int[] t3 = Nat224.create();
+        int[] t4 = Nat224.create();
+
+        boolean Z1IsOne = Z1.isOne();
+        int[] U2, S2;
+        if (Z1IsOne)
+        {
+            U2 = X2.x;
+            S2 = Y2.x;
+        }
+        else
+        {
+            S2 = t3;
+            SecP224R1Field.square(Z1.x, S2);
+
+            U2 = t2;
+            SecP224R1Field.multiply(S2, X2.x, U2);
+
+            SecP224R1Field.multiply(S2, Z1.x, S2);
+            SecP224R1Field.multiply(S2, Y2.x, S2);
+        }
+
+        boolean Z2IsOne = Z2.isOne();
+        int[] U1, S1;
+        if (Z2IsOne)
+        {
+            U1 = X1.x;
+            S1 = Y1.x;
+        }
+        else
+        {
+            S1 = t4;
+            SecP224R1Field.square(Z2.x, S1);
+
+            U1 = tt1;
+            SecP224R1Field.multiply(S1, X1.x, U1);
+
+            SecP224R1Field.multiply(S1, Z2.x, S1);
+            SecP224R1Field.multiply(S1, Y1.x, S1);
+        }
+
+        int[] H = Nat224.create();
+        SecP224R1Field.subtract(U1, U2, H);
+
+        int[] R = t2;
+        SecP224R1Field.subtract(S1, S2, R);
+
+        // Check if b == this or b == -this
+        if (Nat224.isZero(H))
+        {
+            if (Nat224.isZero(R))
+            {
+                // this == b, i.e. this must be doubled
+                return this.twice();
+            }
+
+            // this == -b, i.e. the result is the point at infinity
+            return curve.getInfinity();
+        }
+
+        int[] HSquared = t3;
+        SecP224R1Field.square(H, HSquared);
+
+        int[] G = Nat224.create();
+        SecP224R1Field.multiply(HSquared, H, G);
+
+        int[] V = t3;
+        SecP224R1Field.multiply(HSquared, U1, V);
+
+        SecP224R1Field.negate(G, G);
+        Nat224.mul(S1, G, tt1);
+
+        c = Nat224.addBothTo(V, V, G);
+        SecP224R1Field.reduce32(c, G);
+
+        SecP224R1FieldElement X3 = new SecP224R1FieldElement(t4);
+        SecP224R1Field.square(R, X3.x);
+        SecP224R1Field.subtract(X3.x, G, X3.x);
+
+        SecP224R1FieldElement Y3 = new SecP224R1FieldElement(G);
+        SecP224R1Field.subtract(V, X3.x, Y3.x);
+        SecP224R1Field.multiplyAddToExt(Y3.x, R, tt1);
+        SecP224R1Field.reduce(tt1, Y3.x);
+
+        SecP224R1FieldElement Z3 = new SecP224R1FieldElement(H);
+        if (!Z1IsOne)
+        {
+            SecP224R1Field.multiply(Z3.x, Z1.x, Z3.x);
+        }
+        if (!Z2IsOne)
+        {
+            SecP224R1Field.multiply(Z3.x, Z2.x, Z3.x);
+        }
+
+        ECFieldElement[] zs = new ECFieldElement[]{ Z3 };
+
+        return new SecP224R1Point(curve, X3, Y3, zs, this.withCompression);
+    }
+
+    public ECPoint twice()
+    {
+        if (this.isInfinity())
+        {
+            return this;
+        }
+
+        ECCurve curve = this.getCurve();
+
+        SecP224R1FieldElement Y1 = (SecP224R1FieldElement)this.y;
+        if (Y1.isZero())
+        {
+            return curve.getInfinity();
+        }
+
+        SecP224R1FieldElement X1 = (SecP224R1FieldElement)this.x, Z1 = (SecP224R1FieldElement)this.zs[0];
+
+        int c;
+        int[] t1 = Nat224.create();
+        int[] t2 = Nat224.create();
+
+        int[] Y1Squared = Nat224.create();
+        SecP224R1Field.square(Y1.x, Y1Squared);
+
+        int[] T = Nat224.create();
+        SecP224R1Field.square(Y1Squared, T);
+
+        boolean Z1IsOne = Z1.isOne();
+
+        int[] Z1Squared = Z1.x;
+        if (!Z1IsOne)
+        {
+            Z1Squared = t2;
+            SecP224R1Field.square(Z1.x, Z1Squared);
+        }
+
+        SecP224R1Field.subtract(X1.x, Z1Squared, t1);
+
+        int[] M = t2;
+        SecP224R1Field.add(X1.x, Z1Squared, M);
+        SecP224R1Field.multiply(M, t1, M);
+        c = Nat224.addBothTo(M, M, M);
+        SecP224R1Field.reduce32(c, M);
+
+        int[] S = Y1Squared;
+        SecP224R1Field.multiply(Y1Squared, X1.x, S);
+        c = Nat.shiftUpBits(7, S, 2, 0);
+        SecP224R1Field.reduce32(c, S);
+
+        c = Nat.shiftUpBits(7, T, 3, 0, t1);
+        SecP224R1Field.reduce32(c, t1);
+
+        SecP224R1FieldElement X3 = new SecP224R1FieldElement(T);
+        SecP224R1Field.square(M, X3.x);
+        SecP224R1Field.subtract(X3.x, S, X3.x);
+        SecP224R1Field.subtract(X3.x, S, X3.x);
+
+        SecP224R1FieldElement Y3 = new SecP224R1FieldElement(S);
+        SecP224R1Field.subtract(S, X3.x, Y3.x);
+        SecP224R1Field.multiply(Y3.x, M, Y3.x);
+        SecP224R1Field.subtract(Y3.x, t1, Y3.x);
+
+        SecP224R1FieldElement Z3 = new SecP224R1FieldElement(M);
+        SecP224R1Field.twice(Y1.x, Z3.x);
+        if (!Z1IsOne)
+        {
+            SecP224R1Field.multiply(Z3.x, Z1.x, Z3.x);
+        }
+
+        return new SecP224R1Point(curve, X3, Y3, new ECFieldElement[]{ Z3 }, this.withCompression);
+    }
+
+    public ECPoint twicePlus(ECPoint b)
+    {
+        if (this == b)
+        {
+            return threeTimes();
+        }
+        if (this.isInfinity())
+        {
+            return b;
+        }
+        if (b.isInfinity())
+        {
+            return twice();
+        }
+
+        ECFieldElement Y1 = this.y;
+        if (Y1.isZero())
+        {
+            return b;
+        }
+
+        return twice().add(b);
+    }
+
+    public ECPoint threeTimes()
+    {
+        if (this.isInfinity() || this.y.isZero())
+        {
+            return this;
+        }
+
+        // NOTE: Be careful about recursions between twicePlus and threeTimes
+        return twice().add(this);
+    }
+
+    public ECPoint negate()
+    {
+        if (this.isInfinity())
+        {
+            return this;
+        }
+
+        return new SecP224R1Point(curve, this.x, this.y.negate(), this.zs, this.withCompression);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP256K1Curve.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP256K1Curve.java
new file mode 100644
index 0000000..fd9f8b0
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP256K1Curve.java

@@ -0,0 +1,129 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.ec.ECConstants;
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.ECFieldElement;
+import com.android.org.bouncycastle.math.ec.ECLookupTable;
+import com.android.org.bouncycastle.math.ec.ECPoint;
+import com.android.org.bouncycastle.math.raw.Nat256;
+import com.android.org.bouncycastle.util.encoders.Hex;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP256K1Curve extends ECCurve.AbstractFp
+{
+    public static final BigInteger q = new BigInteger(1,
+        Hex.decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFC2F"));
+
+    private static final int SECP256K1_DEFAULT_COORDS = COORD_JACOBIAN;
+
+    protected SecP256K1Point infinity;
+
+    public SecP256K1Curve()
+    {
+        super(q);
+
+        this.infinity = new SecP256K1Point(this, null, null);
+
+        this.a = fromBigInteger(ECConstants.ZERO);
+        this.b = fromBigInteger(BigInteger.valueOf(7));
+        this.order = new BigInteger(1, Hex.decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEBAAEDCE6AF48A03BBFD25E8CD0364141"));
+        this.cofactor = BigInteger.valueOf(1);
+        this.coord = SECP256K1_DEFAULT_COORDS;
+    }
+
+    protected ECCurve cloneCurve()
+    {
+        return new SecP256K1Curve();
+    }
+
+    public boolean supportsCoordinateSystem(int coord)
+    {
+        switch (coord)
+        {
+        case COORD_JACOBIAN:
+            return true;
+        default:
+            return false;
+        }
+    }
+
+    public BigInteger getQ()
+    {
+        return q;
+    }
+
+    public int getFieldSize()
+    {
+        return q.bitLength();
+    }
+
+    public ECFieldElement fromBigInteger(BigInteger x)
+    {
+        return new SecP256K1FieldElement(x);
+    }
+
+    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
+    {
+        return new SecP256K1Point(this, x, y, withCompression);
+    }
+
+    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
+    {
+        return new SecP256K1Point(this, x, y, zs, withCompression);
+    }
+
+    public ECPoint getInfinity()
+    {
+        return infinity;
+    }
+
+    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
+    {
+        final int FE_INTS = 8;
+
+        final int[] table = new int[len * FE_INTS * 2];
+        {
+            int pos = 0;
+            for (int i = 0; i < len; ++i)
+            {
+                ECPoint p = points[off + i];
+                Nat256.copy(((SecP256K1FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_INTS;
+                Nat256.copy(((SecP256K1FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_INTS;
+            }
+        }
+
+        return new ECLookupTable()
+        {
+            public int getSize()
+            {
+                return len;
+            }
+
+            public ECPoint lookup(int index)
+            {
+                int[] x = Nat256.create(), y = Nat256.create();
+                int pos = 0;
+
+                for (int i = 0; i < len; ++i)
+                {
+                    int MASK = ((i ^ index) - 1) >> 31;
+
+                    for (int j = 0; j < FE_INTS; ++j)
+                    {
+                        x[j] ^= table[pos + j] & MASK;
+                        y[j] ^= table[pos + FE_INTS + j] & MASK;
+                    }
+
+                    pos += (FE_INTS * 2);
+                }
+
+                return createRawPoint(new SecP256K1FieldElement(x), new SecP256K1FieldElement(y), false);
+            }
+        };
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP256K1Field.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP256K1Field.java
new file mode 100644
index 0000000..c60248f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP256K1Field.java

@@ -0,0 +1,183 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.raw.Nat;
+import com.android.org.bouncycastle.math.raw.Nat256;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP256K1Field
+{
+    // 2^256 - 2^32 - 2^9 - 2^8 - 2^7 - 2^6 - 2^4 - 1
+    static final int[] P = new int[]{ 0xFFFFFC2F, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
+        0xFFFFFFFF, 0xFFFFFFFF };
+    static final int[] PExt = new int[]{ 0x000E90A1, 0x000007A2, 0x00000001, 0x00000000, 0x00000000,
+        0x00000000, 0x00000000, 0x00000000, 0xFFFFF85E, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
+        0xFFFFFFFF, 0xFFFFFFFF };
+    private static final int[] PExtInv = new int[]{ 0xFFF16F5F, 0xFFFFF85D, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF,
+        0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x000007A1, 0x00000002 };
+    private static final int P7 = 0xFFFFFFFF;
+    private static final int PExt15 = 0xFFFFFFFF;
+    private static final int PInv33 = 0x3D1;
+
+    public static void add(int[] x, int[] y, int[] z)
+    {
+        int c = Nat256.add(x, y, z);
+        if (c != 0 || (z[7] == P7 && Nat256.gte(z, P)))
+        {
+            Nat.add33To(8, PInv33, z);
+        }
+    }
+
+    public static void addExt(int[] xx, int[] yy, int[] zz)
+    {
+        int c = Nat.add(16, xx, yy, zz);
+        if (c != 0 || (zz[15] == PExt15 && Nat.gte(16, zz, PExt)))
+        {
+            if (Nat.addTo(PExtInv.length, PExtInv, zz) != 0)
+            {
+                Nat.incAt(16, zz, PExtInv.length);
+            }
+        }
+    }
+
+    public static void addOne(int[] x, int[] z)
+    {
+        int c = Nat.inc(8, x, z);
+        if (c != 0 || (z[7] == P7 && Nat256.gte(z, P)))
+        {
+            Nat.add33To(8, PInv33, z);
+        }
+    }
+
+    public static int[] fromBigInteger(BigInteger x)
+    {
+        int[] z = Nat256.fromBigInteger(x);
+        if (z[7] == P7 && Nat256.gte(z, P))
+        {
+            Nat256.subFrom(P, z);
+        }
+        return z;
+    }
+
+    public static void half(int[] x, int[] z)
+    {
+        if ((x[0] & 1) == 0)
+        {
+            Nat.shiftDownBit(8, x, 0, z);
+        }
+        else
+        {
+            int c = Nat256.add(x, P, z);
+            Nat.shiftDownBit(8, z, c);
+        }
+    }
+
+    public static void multiply(int[] x, int[] y, int[] z)
+    {
+        int[] tt = Nat256.createExt();
+        Nat256.mul(x, y, tt);
+        reduce(tt, z);
+    }
+
+    public static void multiplyAddToExt(int[] x, int[] y, int[] zz)
+    {
+        int c = Nat256.mulAddTo(x, y, zz);
+        if (c != 0 || (zz[15] == PExt15 && Nat.gte(16, zz, PExt)))
+        {
+            if (Nat.addTo(PExtInv.length, PExtInv, zz) != 0)
+            {
+                Nat.incAt(16, zz, PExtInv.length);
+            }
+        }
+    }
+
+    public static void negate(int[] x, int[] z)
+    {
+        if (Nat256.isZero(x))
+        {
+            Nat256.zero(z);
+        }
+        else
+        {
+            Nat256.sub(P, x, z);
+        }
+    }
+
+    public static void reduce(int[] xx, int[] z)
+    {
+        long cc = Nat256.mul33Add(PInv33, xx, 8, xx, 0, z, 0);
+        int c = Nat256.mul33DWordAdd(PInv33, cc, z, 0);
+
+        // assert c == 0L || c == 1L;
+
+        if (c != 0 || (z[7] == P7 && Nat256.gte(z, P)))
+        {
+            Nat.add33To(8, PInv33, z);
+        }
+    }
+
+    public static void reduce32(int x, int[] z)
+    {
+        if ((x != 0 && Nat256.mul33WordAdd(PInv33, x, z, 0) != 0)
+            || (z[7] == P7 && Nat256.gte(z, P)))
+        {
+            Nat.add33To(8, PInv33, z);
+        }
+    }
+
+    public static void square(int[] x, int[] z)
+    {
+        int[] tt = Nat256.createExt();
+        Nat256.square(x, tt);
+        reduce(tt, z);
+    }
+
+    public static void squareN(int[] x, int n, int[] z)
+    {
+//        assert n > 0;
+
+        int[] tt = Nat256.createExt();
+        Nat256.square(x, tt);
+        reduce(tt, z);
+
+        while (--n > 0)
+        {
+            Nat256.square(z, tt);
+            reduce(tt, z);
+        }
+    }
+
+    public static void subtract(int[] x, int[] y, int[] z)
+    {
+        int c = Nat256.sub(x, y, z);
+        if (c != 0)
+        {
+            Nat.sub33From(8, PInv33, z);
+        }
+    }
+
+    public static void subtractExt(int[] xx, int[] yy, int[] zz)
+    {
+        int c = Nat.sub(16, xx, yy, zz);
+        if (c != 0)
+        {
+            if (Nat.subFrom(PExtInv.length, PExtInv, zz) != 0)
+            {
+                Nat.decAt(16, zz, PExtInv.length);
+            }
+        }
+    }
+
+    public static void twice(int[] x, int[] z)
+    {
+        int c = Nat.shiftUpBit(8, x, 0, z);
+        if (c != 0 || (z[7] == P7 && Nat256.gte(z, P)))
+        {
+            Nat.add33To(8, PInv33, z);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP256K1FieldElement.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP256K1FieldElement.java
new file mode 100644
index 0000000..7d8f294
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP256K1FieldElement.java

@@ -0,0 +1,219 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.ec.ECFieldElement;
+import com.android.org.bouncycastle.math.raw.Mod;
+import com.android.org.bouncycastle.math.raw.Nat256;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP256K1FieldElement extends ECFieldElement.AbstractFp
+{
+    public static final BigInteger Q = SecP256K1Curve.q;
+
+    protected int[] x;
+
+    public SecP256K1FieldElement(BigInteger x)
+    {
+        if (x == null || x.signum() < 0 || x.compareTo(Q) >= 0)
+        {
+            throw new IllegalArgumentException("x value invalid for SecP256K1FieldElement");
+        }
+
+        this.x = SecP256K1Field.fromBigInteger(x);
+    }
+
+    public SecP256K1FieldElement()
+    {
+        this.x = Nat256.create();
+    }
+
+    protected SecP256K1FieldElement(int[] x)
+    {
+        this.x = x;
+    }
+
+    public boolean isZero()
+    {
+        return Nat256.isZero(x);
+    }
+
+    public boolean isOne()
+    {
+        return Nat256.isOne(x);
+    }
+
+    public boolean testBitZero()
+    {
+        return Nat256.getBit(x, 0) == 1;
+    }
+
+    public BigInteger toBigInteger()
+    {
+        return Nat256.toBigInteger(x);
+    }
+
+    public String getFieldName()
+    {
+        return "SecP256K1Field";
+    }
+
+    public int getFieldSize()
+    {
+        return Q.bitLength();
+    }
+
+    public ECFieldElement add(ECFieldElement b)
+    {
+        int[] z = Nat256.create();
+        SecP256K1Field.add(x, ((SecP256K1FieldElement)b).x, z);
+        return new SecP256K1FieldElement(z);
+    }
+
+    public ECFieldElement addOne()
+    {
+        int[] z = Nat256.create();
+        SecP256K1Field.addOne(x, z);
+        return new SecP256K1FieldElement(z);
+    }
+
+    public ECFieldElement subtract(ECFieldElement b)
+    {
+        int[] z = Nat256.create();
+        SecP256K1Field.subtract(x, ((SecP256K1FieldElement)b).x, z);
+        return new SecP256K1FieldElement(z);
+    }
+
+    public ECFieldElement multiply(ECFieldElement b)
+    {
+        int[] z = Nat256.create();
+        SecP256K1Field.multiply(x, ((SecP256K1FieldElement)b).x, z);
+        return new SecP256K1FieldElement(z);
+    }
+
+    public ECFieldElement divide(ECFieldElement b)
+    {
+//        return multiply(b.invert());
+        int[] z = Nat256.create();
+        Mod.invert(SecP256K1Field.P, ((SecP256K1FieldElement)b).x, z);
+        SecP256K1Field.multiply(z, x, z);
+        return new SecP256K1FieldElement(z);
+    }
+
+    public ECFieldElement negate()
+    {
+        int[] z = Nat256.create();
+        SecP256K1Field.negate(x, z);
+        return new SecP256K1FieldElement(z);
+    }
+
+    public ECFieldElement square()
+    {
+        int[] z = Nat256.create();
+        SecP256K1Field.square(x, z);
+        return new SecP256K1FieldElement(z);
+    }
+
+    public ECFieldElement invert()
+    {
+//        return new SecP256K1FieldElement(toBigInteger().modInverse(Q));
+        int[] z = Nat256.create();
+        Mod.invert(SecP256K1Field.P, x, z);
+        return new SecP256K1FieldElement(z);
+    }
+
+    // D.1.4 91
+    /**
+     * return a sqrt root - the routine verifies that the calculation returns the right value - if
+     * none exists it returns null.
+     */
+    public ECFieldElement sqrt()
+    {
+        /*
+         * Raise this element to the exponent 2^254 - 2^30 - 2^7 - 2^6 - 2^5 - 2^4 - 2^2
+         *
+         * Breaking up the exponent's binary representation into "repunits", we get:
+         * { 223 1s } { 1 0s } { 22 1s } { 4 0s } { 2 1s } { 2 0s}
+         *
+         * Therefore we need an addition chain containing 2, 22, 223 (the lengths of the repunits)
+         * We use: 1, [2], 3, 6, 9, 11, [22], 44, 88, 176, 220, [223]
+         */
+
+        int[] x1 = this.x;
+        if (Nat256.isZero(x1) || Nat256.isOne(x1))
+        {
+            return this;
+        }
+
+        int[] x2 = Nat256.create();
+        SecP256K1Field.square(x1, x2);
+        SecP256K1Field.multiply(x2, x1, x2);
+        int[] x3 = Nat256.create();
+        SecP256K1Field.square(x2, x3);
+        SecP256K1Field.multiply(x3, x1, x3);
+        int[] x6 = Nat256.create();
+        SecP256K1Field.squareN(x3, 3, x6);
+        SecP256K1Field.multiply(x6, x3, x6);
+        int[] x9 = x6;
+        SecP256K1Field.squareN(x6, 3, x9);
+        SecP256K1Field.multiply(x9, x3, x9);
+        int[] x11 = x9;
+        SecP256K1Field.squareN(x9, 2, x11);
+        SecP256K1Field.multiply(x11, x2, x11);
+        int[] x22 = Nat256.create();
+        SecP256K1Field.squareN(x11, 11, x22);
+        SecP256K1Field.multiply(x22, x11, x22);
+        int[] x44 = x11;
+        SecP256K1Field.squareN(x22, 22, x44);
+        SecP256K1Field.multiply(x44, x22, x44);
+        int[] x88 = Nat256.create();
+        SecP256K1Field.squareN(x44, 44, x88);
+        SecP256K1Field.multiply(x88, x44, x88);
+        int[] x176 = Nat256.create();
+        SecP256K1Field.squareN(x88, 88, x176);
+        SecP256K1Field.multiply(x176, x88, x176);
+        int[] x220 = x88;
+        SecP256K1Field.squareN(x176, 44, x220);
+        SecP256K1Field.multiply(x220, x44, x220);
+        int[] x223 = x44;
+        SecP256K1Field.squareN(x220, 3, x223);
+        SecP256K1Field.multiply(x223, x3, x223);
+
+        int[] t1 = x223;
+        SecP256K1Field.squareN(t1, 23, t1);
+        SecP256K1Field.multiply(t1, x22, t1);
+        SecP256K1Field.squareN(t1, 6, t1);
+        SecP256K1Field.multiply(t1, x2, t1);
+        SecP256K1Field.squareN(t1, 2, t1);
+
+        int[] t2 = x2;
+        SecP256K1Field.square(t1, t2);
+
+        return Nat256.eq(x1, t2) ? new SecP256K1FieldElement(t1) : null;
+    }
+
+    public boolean equals(Object other)
+    {
+        if (other == this)
+        {
+            return true;
+        }
+
+        if (!(other instanceof SecP256K1FieldElement))
+        {
+            return false;
+        }
+
+        SecP256K1FieldElement o = (SecP256K1FieldElement)other;
+        return Nat256.eq(x, o.x);
+    }
+
+    public int hashCode()
+    {
+        return Q.hashCode() ^ Arrays.hashCode(x, 0, 8);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP256K1Point.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP256K1Point.java
new file mode 100644
index 0000000..f08984d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP256K1Point.java

@@ -0,0 +1,302 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.ECFieldElement;
+import com.android.org.bouncycastle.math.ec.ECPoint;
+import com.android.org.bouncycastle.math.raw.Nat;
+import com.android.org.bouncycastle.math.raw.Nat256;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP256K1Point extends ECPoint.AbstractFp
+{
+    /**
+     * Create a point which encodes with point compression.
+     *
+     * @param curve
+     *            the curve to use
+     * @param x
+     *            affine x co-ordinate
+     * @param y
+     *            affine y co-ordinate
+     *
+     * @deprecated Use ECCurve.createPoint to construct points
+     */
+    public SecP256K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+    {
+        this(curve, x, y, false);
+    }
+
+    /**
+     * Create a point that encodes with or without point compresion.
+     *
+     * @param curve
+     *            the curve to use
+     * @param x
+     *            affine x co-ordinate
+     * @param y
+     *            affine y co-ordinate
+     * @param withCompression
+     *            if true encode with point compression
+     *
+     * @deprecated per-point compression property will be removed, refer
+     *             {@link #getEncoded(boolean)}
+     */
+    public SecP256K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
+    {
+        super(curve, x, y);
+
+        if ((x == null) != (y == null))
+        {
+            throw new IllegalArgumentException("Exactly one of the field elements is null");
+        }
+
+        this.withCompression = withCompression;
+    }
+
+    SecP256K1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs,
+        boolean withCompression)
+    {
+        super(curve, x, y, zs);
+
+        this.withCompression = withCompression;
+    }
+
+    protected ECPoint detach()
+    {
+        return new SecP256K1Point(null, getAffineXCoord(), getAffineYCoord());
+    }
+
+    // B.3 pg 62
+    public ECPoint add(ECPoint b)
+    {
+        if (this.isInfinity())
+        {
+            return b;
+        }
+        if (b.isInfinity())
+        {
+            return this;
+        }
+        if (this == b)
+        {
+            return twice();
+        }
+
+        ECCurve curve = this.getCurve();
+
+        SecP256K1FieldElement X1 = (SecP256K1FieldElement)this.x, Y1 = (SecP256K1FieldElement)this.y;
+        SecP256K1FieldElement X2 = (SecP256K1FieldElement)b.getXCoord(), Y2 = (SecP256K1FieldElement)b.getYCoord();
+
+        SecP256K1FieldElement Z1 = (SecP256K1FieldElement)this.zs[0];
+        SecP256K1FieldElement Z2 = (SecP256K1FieldElement)b.getZCoord(0);
+
+        int c;
+        int[] tt1 = Nat256.createExt();
+        int[] t2 = Nat256.create();
+        int[] t3 = Nat256.create();
+        int[] t4 = Nat256.create();
+
+        boolean Z1IsOne = Z1.isOne();
+        int[] U2, S2;
+        if (Z1IsOne)
+        {
+            U2 = X2.x;
+            S2 = Y2.x;
+        }
+        else
+        {
+            S2 = t3;
+            SecP256K1Field.square(Z1.x, S2);
+
+            U2 = t2;
+            SecP256K1Field.multiply(S2, X2.x, U2);
+
+            SecP256K1Field.multiply(S2, Z1.x, S2);
+            SecP256K1Field.multiply(S2, Y2.x, S2);
+        }
+
+        boolean Z2IsOne = Z2.isOne();
+        int[] U1, S1;
+        if (Z2IsOne)
+        {
+            U1 = X1.x;
+            S1 = Y1.x;
+        }
+        else
+        {
+            S1 = t4;
+            SecP256K1Field.square(Z2.x, S1);
+
+            U1 = tt1;
+            SecP256K1Field.multiply(S1, X1.x, U1);
+
+            SecP256K1Field.multiply(S1, Z2.x, S1);
+            SecP256K1Field.multiply(S1, Y1.x, S1);
+        }
+
+        int[] H = Nat256.create();
+        SecP256K1Field.subtract(U1, U2, H);
+
+        int[] R = t2;
+        SecP256K1Field.subtract(S1, S2, R);
+
+        // Check if b == this or b == -this
+        if (Nat256.isZero(H))
+        {
+            if (Nat256.isZero(R))
+            {
+                // this == b, i.e. this must be doubled
+                return this.twice();
+            }
+
+            // this == -b, i.e. the result is the point at infinity
+            return curve.getInfinity();
+        }
+
+        int[] HSquared = t3;
+        SecP256K1Field.square(H, HSquared);
+
+        int[] G = Nat256.create();
+        SecP256K1Field.multiply(HSquared, H, G);
+
+        int[] V = t3;
+        SecP256K1Field.multiply(HSquared, U1, V);
+
+        SecP256K1Field.negate(G, G);
+        Nat256.mul(S1, G, tt1);
+
+        c = Nat256.addBothTo(V, V, G);
+        SecP256K1Field.reduce32(c, G);
+
+        SecP256K1FieldElement X3 = new SecP256K1FieldElement(t4);
+        SecP256K1Field.square(R, X3.x);
+        SecP256K1Field.subtract(X3.x, G, X3.x);
+
+        SecP256K1FieldElement Y3 = new SecP256K1FieldElement(G);
+        SecP256K1Field.subtract(V, X3.x, Y3.x);
+        SecP256K1Field.multiplyAddToExt(Y3.x, R, tt1);
+        SecP256K1Field.reduce(tt1, Y3.x);
+
+        SecP256K1FieldElement Z3 = new SecP256K1FieldElement(H);
+        if (!Z1IsOne)
+        {
+            SecP256K1Field.multiply(Z3.x, Z1.x, Z3.x);
+        }
+        if (!Z2IsOne)
+        {
+            SecP256K1Field.multiply(Z3.x, Z2.x, Z3.x);
+        }
+
+        ECFieldElement[] zs = new ECFieldElement[] { Z3 };
+
+        return new SecP256K1Point(curve, X3, Y3, zs, this.withCompression);
+    }
+
+    // B.3 pg 62
+    public ECPoint twice()
+    {
+        if (this.isInfinity())
+        {
+            return this;
+        }
+
+        ECCurve curve = this.getCurve();
+
+        SecP256K1FieldElement Y1 = (SecP256K1FieldElement)this.y;
+        if (Y1.isZero())
+        {
+            return curve.getInfinity();
+        }
+
+        SecP256K1FieldElement X1 = (SecP256K1FieldElement)this.x, Z1 = (SecP256K1FieldElement)this.zs[0];
+
+        int c;
+
+        int[] Y1Squared = Nat256.create();
+        SecP256K1Field.square(Y1.x, Y1Squared);
+
+        int[] T = Nat256.create();
+        SecP256K1Field.square(Y1Squared, T);
+
+        int[] M = Nat256.create();
+        SecP256K1Field.square(X1.x, M);
+        c = Nat256.addBothTo(M, M, M);
+        SecP256K1Field.reduce32(c, M);
+
+        int[] S = Y1Squared;
+        SecP256K1Field.multiply(Y1Squared, X1.x, S);
+        c = Nat.shiftUpBits(8, S, 2, 0);
+        SecP256K1Field.reduce32(c, S);
+
+        int[] t1 = Nat256.create();
+        c = Nat.shiftUpBits(8, T, 3, 0, t1);
+        SecP256K1Field.reduce32(c, t1);
+
+        SecP256K1FieldElement X3 = new SecP256K1FieldElement(T);
+        SecP256K1Field.square(M, X3.x);
+        SecP256K1Field.subtract(X3.x, S, X3.x);
+        SecP256K1Field.subtract(X3.x, S, X3.x);
+
+        SecP256K1FieldElement Y3 = new SecP256K1FieldElement(S);
+        SecP256K1Field.subtract(S, X3.x, Y3.x);
+        SecP256K1Field.multiply(Y3.x, M, Y3.x);
+        SecP256K1Field.subtract(Y3.x, t1, Y3.x);
+
+        SecP256K1FieldElement Z3 = new SecP256K1FieldElement(M);
+        SecP256K1Field.twice(Y1.x, Z3.x);
+        if (!Z1.isOne())
+        {
+            SecP256K1Field.multiply(Z3.x, Z1.x, Z3.x);
+        }
+
+        return new SecP256K1Point(curve, X3, Y3, new ECFieldElement[] { Z3 }, this.withCompression);
+    }
+
+    public ECPoint twicePlus(ECPoint b)
+    {
+        if (this == b)
+        {
+            return threeTimes();
+        }
+        if (this.isInfinity())
+        {
+            return b;
+        }
+        if (b.isInfinity())
+        {
+            return twice();
+        }
+
+        ECFieldElement Y1 = this.y;
+        if (Y1.isZero())
+        {
+            return b;
+        }
+
+        return twice().add(b);
+    }
+
+    public ECPoint threeTimes()
+    {
+        if (this.isInfinity() || this.y.isZero())
+        {
+            return this;
+        }
+
+        // NOTE: Be careful about recursions between twicePlus and threeTimes
+        return twice().add(this);
+    }
+
+    public ECPoint negate()
+    {
+        if (this.isInfinity())
+        {
+            return this;
+        }
+
+        return new SecP256K1Point(curve, this.x, this.y.negate(), this.zs, this.withCompression);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP256R1Curve.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP256R1Curve.java
new file mode 100644
index 0000000..1cfc5dd
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP256R1Curve.java

@@ -0,0 +1,131 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.ECFieldElement;
+import com.android.org.bouncycastle.math.ec.ECLookupTable;
+import com.android.org.bouncycastle.math.ec.ECPoint;
+import com.android.org.bouncycastle.math.raw.Nat256;
+import com.android.org.bouncycastle.util.encoders.Hex;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP256R1Curve extends ECCurve.AbstractFp
+{
+    public static final BigInteger q = new BigInteger(1,
+        Hex.decode("FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFF"));
+
+    private static final int SecP256R1_DEFAULT_COORDS = COORD_JACOBIAN;
+
+    protected SecP256R1Point infinity;
+
+    public SecP256R1Curve()
+    {
+        super(q);
+
+        this.infinity = new SecP256R1Point(this, null, null);
+
+        this.a = fromBigInteger(new BigInteger(1,
+            Hex.decode("FFFFFFFF00000001000000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFC")));
+        this.b = fromBigInteger(new BigInteger(1,
+            Hex.decode("5AC635D8AA3A93E7B3EBBD55769886BC651D06B0CC53B0F63BCE3C3E27D2604B")));
+        this.order = new BigInteger(1, Hex.decode("FFFFFFFF00000000FFFFFFFFFFFFFFFFBCE6FAADA7179E84F3B9CAC2FC632551"));
+        this.cofactor = BigInteger.valueOf(1);
+
+        this.coord = SecP256R1_DEFAULT_COORDS;
+    }
+
+    protected ECCurve cloneCurve()
+    {
+        return new SecP256R1Curve();
+    }
+
+    public boolean supportsCoordinateSystem(int coord)
+    {
+        switch (coord)
+        {
+        case COORD_JACOBIAN:
+            return true;
+        default:
+            return false;
+        }
+    }
+
+    public BigInteger getQ()
+    {
+        return q;
+    }
+
+    public int getFieldSize()
+    {
+        return q.bitLength();
+    }
+
+    public ECFieldElement fromBigInteger(BigInteger x)
+    {
+        return new SecP256R1FieldElement(x);
+    }
+
+    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
+    {
+        return new SecP256R1Point(this, x, y, withCompression);
+    }
+
+    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
+    {
+        return new SecP256R1Point(this, x, y, zs, withCompression);
+    }
+
+    public ECPoint getInfinity()
+    {
+        return infinity;
+    }
+
+    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
+    {
+        final int FE_INTS = 8;
+
+        final int[] table = new int[len * FE_INTS * 2];
+        {
+            int pos = 0;
+            for (int i = 0; i < len; ++i)
+            {
+                ECPoint p = points[off + i];
+                Nat256.copy(((SecP256R1FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_INTS;
+                Nat256.copy(((SecP256R1FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_INTS;
+            }
+        }
+
+        return new ECLookupTable()
+        {
+            public int getSize()
+            {
+                return len;
+            }
+
+            public ECPoint lookup(int index)
+            {
+                int[] x = Nat256.create(), y = Nat256.create();
+                int pos = 0;
+
+                for (int i = 0; i < len; ++i)
+                {
+                    int MASK = ((i ^ index) - 1) >> 31;
+
+                    for (int j = 0; j < FE_INTS; ++j)
+                    {
+                        x[j] ^= table[pos + j] & MASK;
+                        y[j] ^= table[pos + FE_INTS + j] & MASK;
+                    }
+
+                    pos += (FE_INTS * 2);
+                }
+
+                return createRawPoint(new SecP256R1FieldElement(x), new SecP256R1FieldElement(y), false);
+            }
+        };
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP256R1Field.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP256R1Field.java
new file mode 100644
index 0000000..0c3405b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP256R1Field.java

@@ -0,0 +1,317 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.raw.Nat;
+import com.android.org.bouncycastle.math.raw.Nat256;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP256R1Field
+{
+    private static final long M = 0xFFFFFFFFL;
+
+    // 2^256 - 2^224 + 2^192 + 2^96 - 1
+    static final int[] P = new int[]{ 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000000, 0x00000000, 0x00000000,
+        0x00000001, 0xFFFFFFFF };
+    static final int[] PExt = new int[]{ 0x00000001, 0x00000000, 0x00000000, 0xFFFFFFFE, 0xFFFFFFFF,
+        0xFFFFFFFF, 0xFFFFFFFE, 0x00000001, 0xFFFFFFFE, 0x00000001, 0xFFFFFFFE, 0x00000001, 0x00000001, 0xFFFFFFFE,
+        0x00000002, 0xFFFFFFFE };
+    private static final int P7 = 0xFFFFFFFF;
+    private static final int PExt15s1 = 0xFFFFFFFE >>> 1;
+
+    public static void add(int[] x, int[] y, int[] z)
+    {
+        int c = Nat256.add(x, y, z);
+        if (c != 0 || (z[7] == P7 && Nat256.gte(z, P)))
+        {
+            addPInvTo(z);
+        }
+    }
+
+    public static void addExt(int[] xx, int[] yy, int[] zz)
+    {
+        int c = Nat.add(16, xx, yy, zz);
+        if (c != 0 || ((zz[15] >>> 1) >= PExt15s1 && Nat.gte(16, zz, PExt)))
+        {
+            Nat.subFrom(16, PExt, zz);
+        }
+    }
+
+    public static void addOne(int[] x, int[] z)
+    {
+        int c = Nat.inc(8, x, z);
+        if (c != 0 || (z[7] == P7 && Nat256.gte(z, P)))
+        {
+            addPInvTo(z);
+        }
+    }
+
+    public static int[] fromBigInteger(BigInteger x)
+    {
+        int[] z = Nat256.fromBigInteger(x);
+        if (z[7] == P7 && Nat256.gte(z, P))
+        {
+            Nat256.subFrom(P, z);
+        }
+        return z;
+    }
+
+    public static void half(int[] x, int[] z)
+    {
+        if ((x[0] & 1) == 0)
+        {
+            Nat.shiftDownBit(8, x, 0, z);
+        }
+        else
+        {
+            int c = Nat256.add(x, P, z);
+            Nat.shiftDownBit(8, z, c);
+        }
+    }
+
+    public static void multiply(int[] x, int[] y, int[] z)
+    {
+        int[] tt = Nat256.createExt();
+        Nat256.mul(x, y, tt);
+        reduce(tt, z);
+    }
+
+    public static void multiplyAddToExt(int[] x, int[] y, int[] zz)
+    {
+        int c = Nat256.mulAddTo(x, y, zz);
+        if (c != 0 || ((zz[15] >>> 1) >= PExt15s1 && Nat.gte(16, zz, PExt)))
+        {
+            Nat.subFrom(16, PExt, zz);
+        }
+    }
+
+    public static void negate(int[] x, int[] z)
+    {
+        if (Nat256.isZero(x))
+        {
+            Nat256.zero(z);
+        }
+        else
+        {
+            Nat256.sub(P, x, z);
+        }
+    }
+
+    public static void reduce(int[] xx, int[] z)
+    {
+        long xx08 = xx[8] & M, xx09 = xx[9] & M, xx10 = xx[10] & M, xx11 = xx[11] & M;
+        long xx12 = xx[12] & M, xx13 = xx[13] & M, xx14 = xx[14] & M, xx15 = xx[15] & M;
+
+        final long n = 6;
+
+        xx08 -= n;
+
+        long t0 = xx08 + xx09;
+        long t1 = xx09 + xx10;
+        long t2 = xx10 + xx11 - xx15;
+        long t3 = xx11 + xx12;
+        long t4 = xx12 + xx13;
+        long t5 = xx13 + xx14;
+        long t6 = xx14 + xx15;
+        long t7 = t5 - t0;
+
+        long cc = 0;
+        cc += (xx[0] & M) - t3 - t7;
+        z[0] = (int)cc;
+        cc >>= 32;
+        cc += (xx[1] & M) + t1 - t4 - t6;
+        z[1] = (int)cc;
+        cc >>= 32;
+        cc += (xx[2] & M) + t2 - t5;
+        z[2] = (int)cc;
+        cc >>= 32;
+        cc += (xx[3] & M) + (t3 << 1) + t7 - t6;
+        z[3] = (int)cc;
+        cc >>= 32;
+        cc += (xx[4] & M) + (t4 << 1) + xx14 - t1;
+        z[4] = (int)cc;
+        cc >>= 32;
+        cc += (xx[5] & M) + (t5 << 1) - t2;
+        z[5] = (int)cc;
+        cc >>= 32;
+        cc += (xx[6] & M) + (t6 << 1) + t7;
+        z[6] = (int)cc;
+        cc >>= 32;
+        cc += (xx[7] & M) + (xx15 << 1) + xx08 - t2 - t4;
+        z[7] = (int)cc;
+        cc >>= 32;
+        cc += n;
+
+//        assert cc >= 0;
+
+        reduce32((int)cc, z);
+    }
+
+    public static void reduce32(int x, int[] z)
+    {
+        long cc = 0;
+
+        if (x != 0)
+        {
+            long xx08 = x & M;
+
+            cc += (z[0] & M) + xx08;
+            z[0] = (int)cc;
+            cc >>= 32;
+            if (cc != 0)
+            {
+                cc += (z[1] & M);
+                z[1] = (int)cc;
+                cc >>= 32;
+                cc += (z[2] & M);
+                z[2] = (int)cc;
+                cc >>= 32;
+            }
+            cc += (z[3] & M) - xx08;
+            z[3] = (int)cc;
+            cc >>= 32;
+            if (cc != 0)
+            {
+                cc += (z[4] & M);
+                z[4] = (int)cc;
+                cc >>= 32;
+                cc += (z[5] & M);
+                z[5] = (int)cc;
+                cc >>= 32;
+            }
+            cc += (z[6] & M) - xx08;
+            z[6] = (int)cc;
+            cc >>= 32;
+            cc += (z[7] & M) + xx08;
+            z[7] = (int)cc;
+            cc >>= 32;
+
+//          assert cc == 0 || cc == 1;
+        }
+
+        if (cc != 0 || (z[7] == P7 && Nat256.gte(z, P)))
+        {
+            addPInvTo(z);
+        }
+    }
+
+    public static void square(int[] x, int[] z)
+    {
+        int[] tt = Nat256.createExt();
+        Nat256.square(x, tt);
+        reduce(tt, z);
+    }
+
+    public static void squareN(int[] x, int n, int[] z)
+    {
+//        assert n > 0;
+
+        int[] tt = Nat256.createExt();
+        Nat256.square(x, tt);
+        reduce(tt, z);
+
+        while (--n > 0)
+        {
+            Nat256.square(z, tt);
+            reduce(tt, z);
+        }
+    }
+
+    public static void subtract(int[] x, int[] y, int[] z)
+    {
+        int c = Nat256.sub(x, y, z);
+        if (c != 0)
+        {
+            subPInvFrom(z);
+        }
+    }
+
+    public static void subtractExt(int[] xx, int[] yy, int[] zz)
+    {
+        int c = Nat.sub(16, xx, yy, zz);
+        if (c != 0)
+        {
+            Nat.addTo(16, PExt, zz);
+        }
+    }
+
+    public static void twice(int[] x, int[] z)
+    {
+        int c = Nat.shiftUpBit(8, x, 0, z);
+        if (c != 0 || (z[7] == P7 && Nat256.gte(z, P)))
+        {
+            addPInvTo(z);
+        }
+    }
+
+    private static void addPInvTo(int[] z)
+    {
+        long c = (z[0] & M) + 1;
+        z[0] = (int)c;
+        c >>= 32;
+        if (c != 0)
+        {
+            c += (z[1] & M);
+            z[1] = (int)c;
+            c >>= 32;
+            c += (z[2] & M);
+            z[2] = (int)c;
+            c >>= 32;
+        }
+        c += (z[3] & M) - 1;
+        z[3] = (int)c;
+        c >>= 32;
+        if (c != 0)
+        {
+            c += (z[4] & M);
+            z[4] = (int)c;
+            c >>= 32;
+            c += (z[5] & M);
+            z[5] = (int)c;
+            c >>= 32;
+        }
+        c += (z[6] & M) - 1;
+        z[6] = (int)c;
+        c >>= 32;
+        c += (z[7] & M) + 1;
+        z[7] = (int)c;
+//        c >>= 32;
+    }
+
+    private static void subPInvFrom(int[] z)
+    {
+        long c = (z[0] & M) - 1;
+        z[0] = (int)c;
+        c >>= 32;
+        if (c != 0)
+        {
+            c += (z[1] & M);
+            z[1] = (int)c;
+            c >>= 32;
+            c += (z[2] & M);
+            z[2] = (int)c;
+            c >>= 32;
+        }
+        c += (z[3] & M) + 1;
+        z[3] = (int)c;
+        c >>= 32;
+        if (c != 0)
+        {
+            c += (z[4] & M);
+            z[4] = (int)c;
+            c >>= 32;
+            c += (z[5] & M);
+            z[5] = (int)c;
+            c >>= 32;
+        }
+        c += (z[6] & M) + 1;
+        z[6] = (int)c;
+        c >>= 32;
+        c += (z[7] & M) - 1;
+        z[7] = (int)c;
+//        c >>= 32;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP256R1FieldElement.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP256R1FieldElement.java
new file mode 100644
index 0000000..d43c0e1
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP256R1FieldElement.java

@@ -0,0 +1,193 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.ec.ECFieldElement;
+import com.android.org.bouncycastle.math.raw.Mod;
+import com.android.org.bouncycastle.math.raw.Nat256;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP256R1FieldElement extends ECFieldElement.AbstractFp
+{
+    public static final BigInteger Q = SecP256R1Curve.q;
+
+    protected int[] x;
+
+    public SecP256R1FieldElement(BigInteger x)
+    {
+        if (x == null || x.signum() < 0 || x.compareTo(Q) >= 0)
+        {
+            throw new IllegalArgumentException("x value invalid for SecP256R1FieldElement");
+        }
+
+        this.x = SecP256R1Field.fromBigInteger(x);
+    }
+
+    public SecP256R1FieldElement()
+    {
+        this.x = Nat256.create();
+    }
+
+    protected SecP256R1FieldElement(int[] x)
+    {
+        this.x = x;
+    }
+
+    public boolean isZero()
+    {
+        return Nat256.isZero(x);
+    }
+
+    public boolean isOne()
+    {
+        return Nat256.isOne(x);
+    }
+
+    public boolean testBitZero()
+    {
+        return Nat256.getBit(x, 0) == 1;
+    }
+
+    public BigInteger toBigInteger()
+    {
+        return Nat256.toBigInteger(x);
+    }
+
+    public String getFieldName()
+    {
+        return "SecP256R1Field";
+    }
+
+    public int getFieldSize()
+    {
+        return Q.bitLength();
+    }
+
+    public ECFieldElement add(ECFieldElement b)
+    {
+        int[] z = Nat256.create();
+        SecP256R1Field.add(x, ((SecP256R1FieldElement)b).x, z);
+        return new SecP256R1FieldElement(z);
+    }
+
+    public ECFieldElement addOne()
+    {
+        int[] z = Nat256.create();
+        SecP256R1Field.addOne(x, z);
+        return new SecP256R1FieldElement(z);
+    }
+
+    public ECFieldElement subtract(ECFieldElement b)
+    {
+        int[] z = Nat256.create();
+        SecP256R1Field.subtract(x, ((SecP256R1FieldElement)b).x, z);
+        return new SecP256R1FieldElement(z);
+    }
+
+    public ECFieldElement multiply(ECFieldElement b)
+    {
+        int[] z = Nat256.create();
+        SecP256R1Field.multiply(x, ((SecP256R1FieldElement)b).x, z);
+        return new SecP256R1FieldElement(z);
+    }
+
+    public ECFieldElement divide(ECFieldElement b)
+    {
+//        return multiply(b.invert());
+        int[] z = Nat256.create();
+        Mod.invert(SecP256R1Field.P, ((SecP256R1FieldElement)b).x, z);
+        SecP256R1Field.multiply(z, x, z);
+        return new SecP256R1FieldElement(z);
+    }
+
+    public ECFieldElement negate()
+    {
+        int[] z = Nat256.create();
+        SecP256R1Field.negate(x, z);
+        return new SecP256R1FieldElement(z);
+    }
+
+    public ECFieldElement square()
+    {
+        int[] z = Nat256.create();
+        SecP256R1Field.square(x, z);
+        return new SecP256R1FieldElement(z);
+    }
+
+    public ECFieldElement invert()
+    {
+//        return new SecP256R1FieldElement(toBigInteger().modInverse(Q));
+        int[] z = Nat256.create();
+        Mod.invert(SecP256R1Field.P, x, z);
+        return new SecP256R1FieldElement(z);
+    }
+
+    /**
+     * return a sqrt root - the routine verifies that the calculation returns the right value - if
+     * none exists it returns null.
+     */
+    public ECFieldElement sqrt()
+    {
+        // Raise this element to the exponent 2^254 - 2^222 + 2^190 + 2^94
+
+        int[] x1 = this.x;
+        if (Nat256.isZero(x1) || Nat256.isOne(x1))
+        {
+            return this;
+        }
+
+        int[] t1 = Nat256.create();
+        int[] t2 = Nat256.create();
+
+        SecP256R1Field.square(x1, t1);
+        SecP256R1Field.multiply(t1, x1, t1);
+
+        SecP256R1Field.squareN(t1, 2, t2);
+        SecP256R1Field.multiply(t2, t1, t2);
+
+        SecP256R1Field.squareN(t2, 4, t1);
+        SecP256R1Field.multiply(t1, t2, t1);
+
+        SecP256R1Field.squareN(t1, 8, t2);
+        SecP256R1Field.multiply(t2, t1, t2);
+
+        SecP256R1Field.squareN(t2, 16, t1);
+        SecP256R1Field.multiply(t1, t2, t1);
+
+        SecP256R1Field.squareN(t1, 32, t1);
+        SecP256R1Field.multiply(t1, x1, t1);
+
+        SecP256R1Field.squareN(t1, 96, t1);
+        SecP256R1Field.multiply(t1, x1, t1);
+
+        SecP256R1Field.squareN(t1, 94, t1);
+        SecP256R1Field.square(t1, t2);
+
+        return Nat256.eq(x1, t2) ? new SecP256R1FieldElement(t1) : null;
+    }
+
+    public boolean equals(Object other)
+    {
+        if (other == this)
+        {
+            return true;
+        }
+
+        if (!(other instanceof SecP256R1FieldElement))
+        {
+            return false;
+        }
+
+        SecP256R1FieldElement o = (SecP256R1FieldElement)other;
+        return Nat256.eq(x, o.x);
+    }
+
+    public int hashCode()
+    {
+        return Q.hashCode() ^ Arrays.hashCode(x, 0, 8);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP256R1Point.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP256R1Point.java
new file mode 100644
index 0000000..89e8083
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP256R1Point.java

@@ -0,0 +1,312 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.ECFieldElement;
+import com.android.org.bouncycastle.math.ec.ECPoint;
+import com.android.org.bouncycastle.math.raw.Nat;
+import com.android.org.bouncycastle.math.raw.Nat256;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP256R1Point extends ECPoint.AbstractFp
+{
+    /**
+     * Create a point which encodes with point compression.
+     *
+     * @param curve
+     *            the curve to use
+     * @param x
+     *            affine x co-ordinate
+     * @param y
+     *            affine y co-ordinate
+     *
+     * @deprecated Use ECCurve.createPoint to construct points
+     */
+    public SecP256R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+    {
+        this(curve, x, y, false);
+    }
+
+    /**
+     * Create a point that encodes with or without point compresion.
+     *
+     * @param curve
+     *            the curve to use
+     * @param x
+     *            affine x co-ordinate
+     * @param y
+     *            affine y co-ordinate
+     * @param withCompression
+     *            if true encode with point compression
+     *
+     * @deprecated per-point compression property will be removed, refer
+     *             {@link #getEncoded(boolean)}
+     */
+    public SecP256R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
+    {
+        super(curve, x, y);
+
+        if ((x == null) != (y == null))
+        {
+            throw new IllegalArgumentException("Exactly one of the field elements is null");
+        }
+
+        this.withCompression = withCompression;
+    }
+
+    SecP256R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
+    {
+        super(curve, x, y, zs);
+
+        this.withCompression = withCompression;
+    }
+
+    protected ECPoint detach()
+    {
+        return new SecP256R1Point(null, getAffineXCoord(), getAffineYCoord());
+    }
+
+    public ECPoint add(ECPoint b)
+    {
+        if (this.isInfinity())
+        {
+            return b;
+        }
+        if (b.isInfinity())
+        {
+            return this;
+        }
+        if (this == b)
+        {
+            return twice();
+        }
+
+        ECCurve curve = this.getCurve();
+
+        SecP256R1FieldElement X1 = (SecP256R1FieldElement)this.x, Y1 = (SecP256R1FieldElement)this.y;
+        SecP256R1FieldElement X2 = (SecP256R1FieldElement)b.getXCoord(), Y2 = (SecP256R1FieldElement)b.getYCoord();
+
+        SecP256R1FieldElement Z1 = (SecP256R1FieldElement)this.zs[0];
+        SecP256R1FieldElement Z2 = (SecP256R1FieldElement)b.getZCoord(0);
+
+        int c;
+        int[] tt1 = Nat256.createExt();
+        int[] t2 = Nat256.create();
+        int[] t3 = Nat256.create();
+        int[] t4 = Nat256.create();
+
+        boolean Z1IsOne = Z1.isOne();
+        int[] U2, S2;
+        if (Z1IsOne)
+        {
+            U2 = X2.x;
+            S2 = Y2.x;
+        }
+        else
+        {
+            S2 = t3;
+            SecP256R1Field.square(Z1.x, S2);
+
+            U2 = t2;
+            SecP256R1Field.multiply(S2, X2.x, U2);
+
+            SecP256R1Field.multiply(S2, Z1.x, S2);
+            SecP256R1Field.multiply(S2, Y2.x, S2);
+        }
+
+        boolean Z2IsOne = Z2.isOne();
+        int[] U1, S1;
+        if (Z2IsOne)
+        {
+            U1 = X1.x;
+            S1 = Y1.x;
+        }
+        else
+        {
+            S1 = t4;
+            SecP256R1Field.square(Z2.x, S1);
+
+            U1 = tt1;
+            SecP256R1Field.multiply(S1, X1.x, U1);
+
+            SecP256R1Field.multiply(S1, Z2.x, S1);
+            SecP256R1Field.multiply(S1, Y1.x, S1);
+        }
+
+        int[] H = Nat256.create();
+        SecP256R1Field.subtract(U1, U2, H);
+
+        int[] R = t2;
+        SecP256R1Field.subtract(S1, S2, R);
+
+        // Check if b == this or b == -this
+        if (Nat256.isZero(H))
+        {
+            if (Nat256.isZero(R))
+            {
+                // this == b, i.e. this must be doubled
+                return this.twice();
+            }
+
+            // this == -b, i.e. the result is the point at infinity
+            return curve.getInfinity();
+        }
+
+        int[] HSquared = t3;
+        SecP256R1Field.square(H, HSquared);
+
+        int[] G = Nat256.create();
+        SecP256R1Field.multiply(HSquared, H, G);
+
+        int[] V = t3;
+        SecP256R1Field.multiply(HSquared, U1, V);
+
+        SecP256R1Field.negate(G, G);
+        Nat256.mul(S1, G, tt1);
+
+        c = Nat256.addBothTo(V, V, G);
+        SecP256R1Field.reduce32(c, G);
+
+        SecP256R1FieldElement X3 = new SecP256R1FieldElement(t4);
+        SecP256R1Field.square(R, X3.x);
+        SecP256R1Field.subtract(X3.x, G, X3.x);
+
+        SecP256R1FieldElement Y3 = new SecP256R1FieldElement(G);
+        SecP256R1Field.subtract(V, X3.x, Y3.x);
+        SecP256R1Field.multiplyAddToExt(Y3.x, R, tt1);
+        SecP256R1Field.reduce(tt1, Y3.x);
+
+        SecP256R1FieldElement Z3 = new SecP256R1FieldElement(H);
+        if (!Z1IsOne)
+        {
+            SecP256R1Field.multiply(Z3.x, Z1.x, Z3.x);
+        }
+        if (!Z2IsOne)
+        {
+            SecP256R1Field.multiply(Z3.x, Z2.x, Z3.x);
+        }
+
+        ECFieldElement[] zs = new ECFieldElement[]{ Z3 };
+
+        return new SecP256R1Point(curve, X3, Y3, zs, this.withCompression);
+    }
+
+    public ECPoint twice()
+    {
+        if (this.isInfinity())
+        {
+            return this;
+        }
+
+        ECCurve curve = this.getCurve();
+
+        SecP256R1FieldElement Y1 = (SecP256R1FieldElement)this.y;
+        if (Y1.isZero())
+        {
+            return curve.getInfinity();
+        }
+
+        SecP256R1FieldElement X1 = (SecP256R1FieldElement)this.x, Z1 = (SecP256R1FieldElement)this.zs[0];
+
+        int c;
+        int[] t1 = Nat256.create();
+        int[] t2 = Nat256.create();
+
+        int[] Y1Squared = Nat256.create();
+        SecP256R1Field.square(Y1.x, Y1Squared);
+
+        int[] T = Nat256.create();
+        SecP256R1Field.square(Y1Squared, T);
+
+        boolean Z1IsOne = Z1.isOne();
+
+        int[] Z1Squared = Z1.x;
+        if (!Z1IsOne)
+        {
+            Z1Squared = t2;
+            SecP256R1Field.square(Z1.x, Z1Squared);
+        }
+
+        SecP256R1Field.subtract(X1.x, Z1Squared, t1);
+
+        int[] M = t2;
+        SecP256R1Field.add(X1.x, Z1Squared, M);
+        SecP256R1Field.multiply(M, t1, M);
+        c = Nat256.addBothTo(M, M, M);
+        SecP256R1Field.reduce32(c, M);
+
+        int[] S = Y1Squared;
+        SecP256R1Field.multiply(Y1Squared, X1.x, S);
+        c = Nat.shiftUpBits(8, S, 2, 0);
+        SecP256R1Field.reduce32(c, S);
+
+        c = Nat.shiftUpBits(8, T, 3, 0, t1);
+        SecP256R1Field.reduce32(c, t1);
+
+        SecP256R1FieldElement X3 = new SecP256R1FieldElement(T);
+        SecP256R1Field.square(M, X3.x);
+        SecP256R1Field.subtract(X3.x, S, X3.x);
+        SecP256R1Field.subtract(X3.x, S, X3.x);
+
+        SecP256R1FieldElement Y3 = new SecP256R1FieldElement(S);
+        SecP256R1Field.subtract(S, X3.x, Y3.x);
+        SecP256R1Field.multiply(Y3.x, M, Y3.x);
+        SecP256R1Field.subtract(Y3.x, t1, Y3.x);
+
+        SecP256R1FieldElement Z3 = new SecP256R1FieldElement(M);
+        SecP256R1Field.twice(Y1.x, Z3.x);
+        if (!Z1IsOne)
+        {
+            SecP256R1Field.multiply(Z3.x, Z1.x, Z3.x);
+        }
+
+        return new SecP256R1Point(curve, X3, Y3, new ECFieldElement[]{ Z3 }, this.withCompression);
+    }
+
+    public ECPoint twicePlus(ECPoint b)
+    {
+        if (this == b)
+        {
+            return threeTimes();
+        }
+        if (this.isInfinity())
+        {
+            return b;
+        }
+        if (b.isInfinity())
+        {
+            return twice();
+        }
+
+        ECFieldElement Y1 = this.y;
+        if (Y1.isZero())
+        {
+            return b;
+        }
+
+        return twice().add(b);
+    }
+
+    public ECPoint threeTimes()
+    {
+        if (this.isInfinity() || this.y.isZero())
+        {
+            return this;
+        }
+
+        // NOTE: Be careful about recursions between twicePlus and threeTimes
+        return twice().add(this);
+    }
+
+    public ECPoint negate()
+    {
+        if (this.isInfinity())
+        {
+            return this;
+        }
+
+        return new SecP256R1Point(curve, this.x, this.y.negate(), this.zs, this.withCompression);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP384R1Curve.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP384R1Curve.java
new file mode 100644
index 0000000..2125437
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP384R1Curve.java

@@ -0,0 +1,131 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.ECFieldElement;
+import com.android.org.bouncycastle.math.ec.ECLookupTable;
+import com.android.org.bouncycastle.math.ec.ECPoint;
+import com.android.org.bouncycastle.math.raw.Nat;
+import com.android.org.bouncycastle.util.encoders.Hex;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP384R1Curve extends ECCurve.AbstractFp
+{
+    public static final BigInteger q = new BigInteger(1,
+        Hex.decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFF"));
+
+    private static final int SecP384R1_DEFAULT_COORDS = COORD_JACOBIAN;
+
+    protected SecP384R1Point infinity;
+
+    public SecP384R1Curve()
+    {
+        super(q);
+
+        this.infinity = new SecP384R1Point(this, null, null);
+
+        this.a = fromBigInteger(new BigInteger(1,
+            Hex.decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFEFFFFFFFF0000000000000000FFFFFFFC")));
+        this.b = fromBigInteger(new BigInteger(1,
+            Hex.decode("B3312FA7E23EE7E4988E056BE3F82D19181D9C6EFE8141120314088F5013875AC656398D8A2ED19D2A85C8EDD3EC2AEF")));
+        this.order = new BigInteger(1, Hex.decode("FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC7634D81F4372DDF581A0DB248B0A77AECEC196ACCC52973"));
+        this.cofactor = BigInteger.valueOf(1);
+
+        this.coord = SecP384R1_DEFAULT_COORDS;
+    }
+
+    protected ECCurve cloneCurve()
+    {
+        return new SecP384R1Curve();
+    }
+
+    public boolean supportsCoordinateSystem(int coord)
+    {
+        switch (coord)
+        {
+        case COORD_JACOBIAN:
+            return true;
+        default:
+            return false;
+        }
+    }
+
+    public BigInteger getQ()
+    {
+        return q;
+    }
+
+    public int getFieldSize()
+    {
+        return q.bitLength();
+    }
+
+    public ECFieldElement fromBigInteger(BigInteger x)
+    {
+        return new SecP384R1FieldElement(x);
+    }
+
+    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
+    {
+        return new SecP384R1Point(this, x, y, withCompression);
+    }
+
+    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
+    {
+        return new SecP384R1Point(this, x, y, zs, withCompression);
+    }
+
+    public ECPoint getInfinity()
+    {
+        return infinity;
+    }
+
+    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
+    {
+        final int FE_INTS = 12;
+
+        final int[] table = new int[len * FE_INTS * 2];
+        {
+            int pos = 0;
+            for (int i = 0; i < len; ++i)
+            {
+                ECPoint p = points[off + i];
+                Nat.copy(FE_INTS, ((SecP384R1FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_INTS;
+                Nat.copy(FE_INTS, ((SecP384R1FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_INTS;
+            }
+        }
+
+        return new ECLookupTable()
+        {
+            public int getSize()
+            {
+                return len;
+            }
+
+            public ECPoint lookup(int index)
+            {
+                int[] x = Nat.create(FE_INTS), y = Nat.create(FE_INTS);
+                int pos = 0;
+
+                for (int i = 0; i < len; ++i)
+                {
+                    int MASK = ((i ^ index) - 1) >> 31;
+
+                    for (int j = 0; j < FE_INTS; ++j)
+                    {
+                        x[j] ^= table[pos + j] & MASK;
+                        y[j] ^= table[pos + FE_INTS + j] & MASK;
+                    }
+
+                    pos += (FE_INTS * 2);
+                }
+
+                return createRawPoint(new SecP384R1FieldElement(x), new SecP384R1FieldElement(y), false);
+            }
+        };
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP384R1Field.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP384R1Field.java
new file mode 100644
index 0000000..d632e03
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP384R1Field.java

@@ -0,0 +1,300 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.raw.Nat;
+import com.android.org.bouncycastle.math.raw.Nat384;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP384R1Field
+{
+    private static final long M = 0xFFFFFFFFL;
+
+    // 2^384 - 2^128 - 2^96 + 2^32 - 1
+    static final int[] P = new int[]{ 0xFFFFFFFF, 0x00000000, 0x00000000, 0xFFFFFFFF, 0xFFFFFFFE, 0xFFFFFFFF,
+        0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF };
+    static final int[] PExt = new int[]{ 0x00000001, 0xFFFFFFFE, 0x00000000, 0x00000002, 0x00000000, 0xFFFFFFFE,
+        0x00000000, 0x00000002, 0x00000001, 0x00000000, 0x00000000, 0x00000000, 0xFFFFFFFE, 0x00000001, 0x00000000,
+        0xFFFFFFFE, 0xFFFFFFFD, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF };
+    private static final int[] PExtInv = new int[]{ 0xFFFFFFFF, 0x00000001, 0xFFFFFFFF, 0xFFFFFFFD, 0xFFFFFFFF, 0x00000001,
+        0xFFFFFFFF, 0xFFFFFFFD, 0xFFFFFFFE, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x00000001, 0xFFFFFFFE, 0xFFFFFFFF,
+        0x00000001, 0x00000002 };
+    private static final int P11 = 0xFFFFFFFF;
+    private static final int PExt23 = 0xFFFFFFFF;
+
+    public static void add(int[] x, int[] y, int[] z)
+    {
+        int c = Nat.add(12, x, y, z);
+        if (c != 0 || (z[11] == P11 && Nat.gte(12, z, P)))
+        {
+            addPInvTo(z);
+        }
+    }
+
+    public static void addExt(int[] xx, int[] yy, int[] zz)
+    {
+        int c = Nat.add(24, xx, yy, zz);
+        if (c != 0 || (zz[23] == PExt23 && Nat.gte(24, zz, PExt)))
+        {
+            if (Nat.addTo(PExtInv.length, PExtInv, zz) != 0)
+            {
+                Nat.incAt(24, zz, PExtInv.length);
+            }
+        }
+    }
+
+    public static void addOne(int[] x, int[] z)
+    {
+        int c = Nat.inc(12, x, z);
+        if (c != 0 || (z[11] == P11 && Nat.gte(12, z, P)))
+        {
+            addPInvTo(z);
+        }
+    }
+
+    public static int[] fromBigInteger(BigInteger x)
+    {
+        int[] z = Nat.fromBigInteger(384, x);
+        if (z[11] == P11 && Nat.gte(12, z, P))
+        {
+            Nat.subFrom(12, P, z);
+        }
+        return z;
+    }
+
+    public static void half(int[] x, int[] z)
+    {
+        if ((x[0] & 1) == 0)
+        {
+            Nat.shiftDownBit(12, x, 0, z);
+        }
+        else
+        {
+            int c = Nat.add(12, x, P, z);
+            Nat.shiftDownBit(12, z, c);
+        }
+    }
+
+    public static void multiply(int[] x, int[] y, int[] z)
+    {
+        int[] tt = Nat.create(24);
+        Nat384.mul(x, y, tt);
+        reduce(tt, z);
+    }
+
+    public static void negate(int[] x, int[] z)
+    {
+        if (Nat.isZero(12, x))
+        {
+            Nat.zero(12, z);
+        }
+        else
+        {
+            Nat.sub(12, P, x, z);
+        }
+    }
+
+    public static void reduce(int[] xx, int[] z)
+    {
+        long xx16 = xx[16] & M, xx17 = xx[17] & M, xx18 = xx[18] & M, xx19 = xx[19] & M;
+        long xx20 = xx[20] & M, xx21 = xx[21] & M, xx22 = xx[22] & M, xx23 = xx[23] & M;
+
+        final long n = 1;
+
+        long t0 = (xx[12] & M) + xx20 - n;
+        long t1 = (xx[13] & M) + xx22;
+        long t2 = (xx[14] & M) + xx22 + xx23;
+        long t3 = (xx[15] & M) + xx23;
+        long t4 = xx17 + xx21;
+        long t5 = xx21 - xx23;
+        long t6 = xx22 - xx23;
+        long t7 = t0 + t5;
+
+        long cc = 0;
+        cc += (xx[0] & M) + t7;
+        z[0] = (int)cc;
+        cc >>= 32;
+        cc += (xx[1] & M) + xx23 - t0 + t1;
+        z[1] = (int)cc;
+        cc >>= 32;
+        cc += (xx[2] & M) - xx21 - t1 + t2;
+        z[2] = (int)cc;
+        cc >>= 32;
+        cc += (xx[3] & M) - t2 + t3 + t7;
+        z[3] = (int)cc;
+        cc >>= 32;
+        cc += (xx[4] & M) + xx16 + xx21 + t1 - t3 + t7;
+        z[4] = (int)cc;
+        cc >>= 32;
+        cc += (xx[5] & M) - xx16 + t1 + t2 + t4;
+        z[5] = (int)cc;
+        cc >>= 32;
+        cc += (xx[6] & M) + xx18 - xx17 + t2 + t3;
+        z[6] = (int)cc;
+        cc >>= 32;
+        cc += (xx[7] & M) + xx16 + xx19 - xx18 + t3;
+        z[7] = (int)cc;
+        cc >>= 32;
+        cc += (xx[8] & M) + xx16 + xx17 + xx20 - xx19;
+        z[8] = (int)cc;
+        cc >>= 32;
+        cc += (xx[9] & M) + xx18 - xx20 + t4;
+        z[9] = (int)cc;
+        cc >>= 32;
+        cc += (xx[10] & M) + xx18 + xx19 - t5 + t6;
+        z[10] = (int)cc;
+        cc >>= 32;
+        cc += (xx[11] & M) + xx19 + xx20 - t6;
+        z[11] = (int)cc;
+        cc >>= 32;
+        cc += n;
+
+//        assert cc >= 0;
+
+        reduce32((int)cc, z);
+    }
+
+    public static void reduce32(int x, int[] z)
+    {
+        long cc = 0;
+
+        if (x != 0)
+        {
+            long xx12 = x & M;
+
+            cc += (z[0] & M) + xx12;
+            z[0] = (int)cc;
+            cc >>= 32;
+            cc += (z[1] & M) - xx12;
+            z[1] = (int)cc;
+            cc >>= 32;
+            if (cc != 0)
+            {
+                cc += (z[2] & M);
+                z[2] = (int)cc;
+                cc >>= 32;
+            }
+            cc += (z[3] & M) + xx12;
+            z[3] = (int)cc;
+            cc >>= 32;
+            cc += (z[4] & M) + xx12;
+            z[4] = (int)cc;
+            cc >>= 32;
+
+//            assert cc == 0 || cc == 1;
+        }
+
+        if ((cc != 0 && Nat.incAt(12, z, 5) != 0)
+            || (z[11] == P11 && Nat.gte(12, z, P)))
+        {
+            addPInvTo(z);
+        }
+    }
+
+    public static void square(int[] x, int[] z)
+    {
+        int[] tt = Nat.create(24);
+        Nat384.square(x, tt);
+        reduce(tt, z);
+    }
+
+    public static void squareN(int[] x, int n, int[] z)
+    {
+//        assert n > 0;
+
+        int[] tt = Nat.create(24);
+        Nat384.square(x, tt);
+        reduce(tt, z);
+
+        while (--n > 0)
+        {
+            Nat384.square(z, tt);
+            reduce(tt, z);
+        }
+    }
+
+    public static void subtract(int[] x, int[] y, int[] z)
+    {
+        int c = Nat.sub(12, x, y, z);
+        if (c != 0)
+        {
+            subPInvFrom(z);
+        }
+    }
+
+    public static void subtractExt(int[] xx, int[] yy, int[] zz)
+    {
+        int c = Nat.sub(24, xx, yy, zz);
+        if (c != 0)
+        {
+            if (Nat.subFrom(PExtInv.length, PExtInv, zz) != 0)
+            {
+                Nat.decAt(24, zz, PExtInv.length);
+            }
+        }
+    }
+
+    public static void twice(int[] x, int[] z)
+    {
+        int c = Nat.shiftUpBit(12, x, 0, z);
+        if (c != 0 || (z[11] == P11 && Nat.gte(12, z, P)))
+        {
+            addPInvTo(z);
+        }
+    }
+
+    private static void addPInvTo(int[] z)
+    {
+        long c = (z[0] & M) + 1;
+        z[0] = (int)c;
+        c >>= 32;
+        c += (z[1] & M) - 1;
+        z[1] = (int)c;
+        c >>= 32;
+        if (c != 0)
+        {
+            c += (z[2] & M);
+            z[2] = (int)c;
+            c >>= 32;
+        }
+        c += (z[3] & M) + 1;
+        z[3] = (int)c;
+        c >>= 32;
+        c += (z[4] & M) + 1;
+        z[4] = (int)c;
+        c >>= 32;
+        if (c != 0)
+        {
+            Nat.incAt(12, z, 5);
+        }
+    }
+
+    private static void subPInvFrom(int[] z)
+    {
+        long c = (z[0] & M) - 1;
+        z[0] = (int)c;
+        c >>= 32;
+        c += (z[1] & M) + 1;
+        z[1] = (int)c;
+        c >>= 32;
+        if (c != 0)
+        {
+            c += (z[2] & M);
+            z[2] = (int)c;
+            c >>= 32;
+        }
+        c += (z[3] & M) - 1;
+        z[3] = (int)c;
+        c >>= 32;
+        c += (z[4] & M) - 1;
+        z[4] = (int)c;
+        c >>= 32;
+        if (c != 0)
+        {
+            Nat.decAt(12, z, 5);
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP384R1FieldElement.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP384R1FieldElement.java
new file mode 100644
index 0000000..fd5f8c1
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP384R1FieldElement.java

@@ -0,0 +1,215 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.ec.ECFieldElement;
+import com.android.org.bouncycastle.math.raw.Mod;
+import com.android.org.bouncycastle.math.raw.Nat;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP384R1FieldElement extends ECFieldElement.AbstractFp
+{
+    public static final BigInteger Q = SecP384R1Curve.q;
+
+    protected int[] x;
+
+    public SecP384R1FieldElement(BigInteger x)
+    {
+        if (x == null || x.signum() < 0 || x.compareTo(Q) >= 0)
+        {
+            throw new IllegalArgumentException("x value invalid for SecP384R1FieldElement");
+        }
+
+        this.x = SecP384R1Field.fromBigInteger(x);
+    }
+
+    public SecP384R1FieldElement()
+    {
+        this.x = Nat.create(12);
+    }
+
+    protected SecP384R1FieldElement(int[] x)
+    {
+        this.x = x;
+    }
+
+    public boolean isZero()
+    {
+        return Nat.isZero(12, x);
+    }
+
+    public boolean isOne()
+    {
+        return Nat.isOne(12, x);
+    }
+
+    public boolean testBitZero()
+    {
+        return Nat.getBit(x, 0) == 1;
+    }
+
+    public BigInteger toBigInteger()
+    {
+        return Nat.toBigInteger(12, x);
+    }
+
+    public String getFieldName()
+    {
+        return "SecP384R1Field";
+    }
+
+    public int getFieldSize()
+    {
+        return Q.bitLength();
+    }
+
+    public ECFieldElement add(ECFieldElement b)
+    {
+        int[] z = Nat.create(12);
+        SecP384R1Field.add(x, ((SecP384R1FieldElement)b).x, z);
+        return new SecP384R1FieldElement(z);
+    }
+
+    public ECFieldElement addOne()
+    {
+        int[] z = Nat.create(12);
+        SecP384R1Field.addOne(x, z);
+        return new SecP384R1FieldElement(z);
+    }
+
+    public ECFieldElement subtract(ECFieldElement b)
+    {
+        int[] z = Nat.create(12);
+        SecP384R1Field.subtract(x, ((SecP384R1FieldElement)b).x, z);
+        return new SecP384R1FieldElement(z);
+    }
+
+    public ECFieldElement multiply(ECFieldElement b)
+    {
+        int[] z = Nat.create(12);
+        SecP384R1Field.multiply(x, ((SecP384R1FieldElement)b).x, z);
+        return new SecP384R1FieldElement(z);
+    }
+
+    public ECFieldElement divide(ECFieldElement b)
+    {
+//        return multiply(b.invert());
+        int[] z = Nat.create(12);
+        Mod.invert(SecP384R1Field.P, ((SecP384R1FieldElement)b).x, z);
+        SecP384R1Field.multiply(z, x, z);
+        return new SecP384R1FieldElement(z);
+    }
+
+    public ECFieldElement negate()
+    {
+        int[] z = Nat.create(12);
+        SecP384R1Field.negate(x, z);
+        return new SecP384R1FieldElement(z);
+    }
+
+    public ECFieldElement square()
+    {
+        int[] z = Nat.create(12);
+        SecP384R1Field.square(x, z);
+        return new SecP384R1FieldElement(z);
+    }
+
+    public ECFieldElement invert()
+    {
+//        return new SecP384R1FieldElement(toBigInteger().modInverse(Q));
+        int[] z = Nat.create(12);
+        Mod.invert(SecP384R1Field.P, x, z);
+        return new SecP384R1FieldElement(z);
+    }
+
+    /**
+     * return a sqrt root - the routine verifies that the calculation returns the right value - if
+     * none exists it returns null.
+     */
+    public ECFieldElement sqrt()
+    {
+        // Raise this element to the exponent 2^382 - 2^126 - 2^94 + 2^30
+
+        int[] x1 = this.x;
+        if (Nat.isZero(12, x1) || Nat.isOne(12, x1))
+        {
+            return this;
+        }
+
+        int[] t1 = Nat.create(12);
+        int[] t2 = Nat.create(12);
+        int[] t3 = Nat.create(12);
+        int[] t4 = Nat.create(12);
+
+        SecP384R1Field.square(x1, t1);
+        SecP384R1Field.multiply(t1, x1, t1);
+
+        SecP384R1Field.squareN(t1, 2, t2);
+        SecP384R1Field.multiply(t2, t1, t2);
+
+        SecP384R1Field.square(t2, t2);
+        SecP384R1Field.multiply(t2, x1, t2);
+
+        SecP384R1Field.squareN(t2, 5, t3);
+        SecP384R1Field.multiply(t3, t2, t3);
+
+        SecP384R1Field.squareN(t3, 5, t4);
+        SecP384R1Field.multiply(t4, t2, t4);
+
+        SecP384R1Field.squareN(t4, 15, t2);
+        SecP384R1Field.multiply(t2, t4, t2);
+
+        SecP384R1Field.squareN(t2, 2, t3);
+        SecP384R1Field.multiply(t1, t3, t1);
+
+        SecP384R1Field.squareN(t3, 28, t3);
+        SecP384R1Field.multiply(t2, t3, t2);
+
+        SecP384R1Field.squareN(t2, 60, t3);
+        SecP384R1Field.multiply(t3, t2, t3);
+
+        int[] r = t2;
+
+        SecP384R1Field.squareN(t3, 120, r);
+        SecP384R1Field.multiply(r, t3, r);
+
+        SecP384R1Field.squareN(r, 15, r);
+        SecP384R1Field.multiply(r, t4, r);
+
+        SecP384R1Field.squareN(r, 33, r);
+        SecP384R1Field.multiply(r, t1, r);
+
+        SecP384R1Field.squareN(r, 64, r);
+        SecP384R1Field.multiply(r, x1, r);
+
+        SecP384R1Field.squareN(r, 30, t1);
+        SecP384R1Field.square(t1, t2);
+
+        return Nat.eq(12, x1, t2) ? new SecP384R1FieldElement(t1) : null;
+    }
+
+    public boolean equals(Object other)
+    {
+        if (other == this)
+        {
+            return true;
+        }
+
+        if (!(other instanceof SecP384R1FieldElement))
+        {
+            return false;
+        }
+
+        SecP384R1FieldElement o = (SecP384R1FieldElement)other;
+        return Nat.eq(12, x, o.x);
+    }
+
+    public int hashCode()
+    {
+        return Q.hashCode() ^ Arrays.hashCode(x, 0, 12);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP384R1Point.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP384R1Point.java
new file mode 100644
index 0000000..662a909
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP384R1Point.java

@@ -0,0 +1,313 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.ECFieldElement;
+import com.android.org.bouncycastle.math.ec.ECPoint;
+import com.android.org.bouncycastle.math.raw.Nat;
+import com.android.org.bouncycastle.math.raw.Nat384;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP384R1Point extends ECPoint.AbstractFp
+{
+    /**
+     * Create a point which encodes with point compression.
+     *
+     * @param curve
+     *            the curve to use
+     * @param x
+     *            affine x co-ordinate
+     * @param y
+     *            affine y co-ordinate
+     *
+     * @deprecated Use ECCurve.createPoint to construct points
+     */
+    public SecP384R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+    {
+        this(curve, x, y, false);
+    }
+
+    /**
+     * Create a point that encodes with or without point compresion.
+     *
+     * @param curve
+     *            the curve to use
+     * @param x
+     *            affine x co-ordinate
+     * @param y
+     *            affine y co-ordinate
+     * @param withCompression
+     *            if true encode with point compression
+     *
+     * @deprecated per-point compression property will be removed, refer
+     *             {@link #getEncoded(boolean)}
+     */
+    public SecP384R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
+    {
+        super(curve, x, y);
+
+        if ((x == null) != (y == null))
+        {
+            throw new IllegalArgumentException("Exactly one of the field elements is null");
+        }
+
+        this.withCompression = withCompression;
+    }
+
+    SecP384R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
+    {
+        super(curve, x, y, zs);
+
+        this.withCompression = withCompression;
+    }
+
+    protected ECPoint detach()
+    {
+        return new SecP384R1Point(null, getAffineXCoord(), getAffineYCoord());
+    }
+
+    public ECPoint add(ECPoint b)
+    {
+        if (this.isInfinity())
+        {
+            return b;
+        }
+        if (b.isInfinity())
+        {
+            return this;
+        }
+        if (this == b)
+        {
+            return twice();
+        }
+
+        ECCurve curve = this.getCurve();
+
+        SecP384R1FieldElement X1 = (SecP384R1FieldElement)this.x, Y1 = (SecP384R1FieldElement)this.y;
+        SecP384R1FieldElement X2 = (SecP384R1FieldElement)b.getXCoord(), Y2 = (SecP384R1FieldElement)b.getYCoord();
+
+        SecP384R1FieldElement Z1 = (SecP384R1FieldElement)this.zs[0];
+        SecP384R1FieldElement Z2 = (SecP384R1FieldElement)b.getZCoord(0);
+
+        int c;
+        int[] tt1 = Nat.create(24);
+        int[] tt2 = Nat.create(24);
+        int[] t3 = Nat.create(12);
+        int[] t4 = Nat.create(12);
+
+        boolean Z1IsOne = Z1.isOne();
+        int[] U2, S2;
+        if (Z1IsOne)
+        {
+            U2 = X2.x;
+            S2 = Y2.x;
+        }
+        else
+        {
+            S2 = t3;
+            SecP384R1Field.square(Z1.x, S2);
+
+            U2 = tt2;
+            SecP384R1Field.multiply(S2, X2.x, U2);
+
+            SecP384R1Field.multiply(S2, Z1.x, S2);
+            SecP384R1Field.multiply(S2, Y2.x, S2);
+        }
+
+        boolean Z2IsOne = Z2.isOne();
+        int[] U1, S1;
+        if (Z2IsOne)
+        {
+            U1 = X1.x;
+            S1 = Y1.x;
+        }
+        else
+        {
+            S1 = t4;
+            SecP384R1Field.square(Z2.x, S1);
+
+            U1 = tt1;
+            SecP384R1Field.multiply(S1, X1.x, U1);
+
+            SecP384R1Field.multiply(S1, Z2.x, S1);
+            SecP384R1Field.multiply(S1, Y1.x, S1);
+        }
+
+        int[] H = Nat.create(12);
+        SecP384R1Field.subtract(U1, U2, H);
+
+        int[] R = Nat.create(12);
+        SecP384R1Field.subtract(S1, S2, R);
+
+        // Check if b == this or b == -this
+        if (Nat.isZero(12, H))
+        {
+            if (Nat.isZero(12, R))
+            {
+                // this == b, i.e. this must be doubled
+                return this.twice();
+            }
+
+            // this == -b, i.e. the result is the point at infinity
+            return curve.getInfinity();
+        }
+
+        int[] HSquared = t3;
+        SecP384R1Field.square(H, HSquared);
+
+        int[] G = Nat.create(12);
+        SecP384R1Field.multiply(HSquared, H, G);
+
+        int[] V = t3;
+        SecP384R1Field.multiply(HSquared, U1, V);
+
+        SecP384R1Field.negate(G, G);
+        Nat384.mul(S1, G, tt1);
+
+        c = Nat.addBothTo(12, V, V, G);
+        SecP384R1Field.reduce32(c, G);
+
+        SecP384R1FieldElement X3 = new SecP384R1FieldElement(t4);
+        SecP384R1Field.square(R, X3.x);
+        SecP384R1Field.subtract(X3.x, G, X3.x);
+
+        SecP384R1FieldElement Y3 = new SecP384R1FieldElement(G);
+        SecP384R1Field.subtract(V, X3.x, Y3.x);
+        Nat384.mul(Y3.x, R, tt2);
+        SecP384R1Field.addExt(tt1, tt2, tt1);
+        SecP384R1Field.reduce(tt1, Y3.x);
+
+        SecP384R1FieldElement Z3 = new SecP384R1FieldElement(H);
+        if (!Z1IsOne)
+        {
+            SecP384R1Field.multiply(Z3.x, Z1.x, Z3.x);
+        }
+        if (!Z2IsOne)
+        {
+            SecP384R1Field.multiply(Z3.x, Z2.x, Z3.x);
+        }
+
+        ECFieldElement[] zs = new ECFieldElement[]{ Z3 };
+
+        return new SecP384R1Point(curve, X3, Y3, zs, this.withCompression);
+    }
+
+    public ECPoint twice()
+    {
+        if (this.isInfinity())
+        {
+            return this;
+        }
+
+        ECCurve curve = this.getCurve();
+
+        SecP384R1FieldElement Y1 = (SecP384R1FieldElement)this.y;
+        if (Y1.isZero())
+        {
+            return curve.getInfinity();
+        }
+
+        SecP384R1FieldElement X1 = (SecP384R1FieldElement)this.x, Z1 = (SecP384R1FieldElement)this.zs[0];
+
+        int c;
+        int[] t1 = Nat.create(12);
+        int[] t2 = Nat.create(12);
+
+        int[] Y1Squared = Nat.create(12);
+        SecP384R1Field.square(Y1.x, Y1Squared);
+
+        int[] T = Nat.create(12);
+        SecP384R1Field.square(Y1Squared, T);
+
+        boolean Z1IsOne = Z1.isOne();
+
+        int[] Z1Squared = Z1.x;
+        if (!Z1IsOne)
+        {
+            Z1Squared = t2;
+            SecP384R1Field.square(Z1.x, Z1Squared);
+        }
+
+        SecP384R1Field.subtract(X1.x, Z1Squared, t1);
+
+        int[] M = t2;
+        SecP384R1Field.add(X1.x, Z1Squared, M);
+        SecP384R1Field.multiply(M, t1, M);
+        c = Nat.addBothTo(12, M, M, M);
+        SecP384R1Field.reduce32(c, M);
+
+        int[] S = Y1Squared;
+        SecP384R1Field.multiply(Y1Squared, X1.x, S);
+        c = Nat.shiftUpBits(12, S, 2, 0);
+        SecP384R1Field.reduce32(c, S);
+
+        c = Nat.shiftUpBits(12, T, 3, 0, t1);
+        SecP384R1Field.reduce32(c, t1);
+
+        SecP384R1FieldElement X3 = new SecP384R1FieldElement(T);
+        SecP384R1Field.square(M, X3.x);
+        SecP384R1Field.subtract(X3.x, S, X3.x);
+        SecP384R1Field.subtract(X3.x, S, X3.x);
+
+        SecP384R1FieldElement Y3 = new SecP384R1FieldElement(S);
+        SecP384R1Field.subtract(S, X3.x, Y3.x);
+        SecP384R1Field.multiply(Y3.x, M, Y3.x);
+        SecP384R1Field.subtract(Y3.x, t1, Y3.x);
+
+        SecP384R1FieldElement Z3 = new SecP384R1FieldElement(M);
+        SecP384R1Field.twice(Y1.x, Z3.x);
+        if (!Z1IsOne)
+        {
+            SecP384R1Field.multiply(Z3.x, Z1.x, Z3.x);
+        }
+
+        return new SecP384R1Point(curve, X3, Y3, new ECFieldElement[]{ Z3 }, this.withCompression);
+    }
+
+    public ECPoint twicePlus(ECPoint b)
+    {
+        if (this == b)
+        {
+            return threeTimes();
+        }
+        if (this.isInfinity())
+        {
+            return b;
+        }
+        if (b.isInfinity())
+        {
+            return twice();
+        }
+
+        ECFieldElement Y1 = this.y;
+        if (Y1.isZero())
+        {
+            return b;
+        }
+
+        return twice().add(b);
+    }
+
+    public ECPoint threeTimes()
+    {
+        if (this.isInfinity() || this.y.isZero())
+        {
+            return this;
+        }
+
+        // NOTE: Be careful about recursions between twicePlus and threeTimes
+        return twice().add(this);
+    }
+
+    public ECPoint negate()
+    {
+        if (this.isInfinity())
+        {
+            return this;
+        }
+
+        return new SecP384R1Point(curve, this.x, this.y.negate(), this.zs, this.withCompression);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP521R1Curve.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP521R1Curve.java
new file mode 100644
index 0000000..a727578
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP521R1Curve.java

@@ -0,0 +1,131 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.ECFieldElement;
+import com.android.org.bouncycastle.math.ec.ECLookupTable;
+import com.android.org.bouncycastle.math.ec.ECPoint;
+import com.android.org.bouncycastle.math.raw.Nat;
+import com.android.org.bouncycastle.util.encoders.Hex;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP521R1Curve extends ECCurve.AbstractFp
+{
+    public static final BigInteger q = new BigInteger(1,
+        Hex.decode("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF"));
+
+    private static final int SecP521R1_DEFAULT_COORDS = COORD_JACOBIAN;
+
+    protected SecP521R1Point infinity;
+
+    public SecP521R1Curve()
+    {
+        super(q);
+
+        this.infinity = new SecP521R1Point(this, null, null);
+
+        this.a = fromBigInteger(new BigInteger(1,
+            Hex.decode("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC")));
+        this.b = fromBigInteger(new BigInteger(1,
+            Hex.decode("0051953EB9618E1C9A1F929A21A0B68540EEA2DA725B99B315F3B8B489918EF109E156193951EC7E937B1652C0BD3BB1BF073573DF883D2C34F1EF451FD46B503F00")));
+        this.order = new BigInteger(1, Hex.decode("01FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFA51868783BF2F966B7FCC0148F709A5D03BB5C9B8899C47AEBB6FB71E91386409"));
+        this.cofactor = BigInteger.valueOf(1);
+
+        this.coord = SecP521R1_DEFAULT_COORDS;
+    }
+
+    protected ECCurve cloneCurve()
+    {
+        return new SecP521R1Curve();
+    }
+
+    public boolean supportsCoordinateSystem(int coord)
+    {
+        switch (coord)
+        {
+        case COORD_JACOBIAN:
+            return true;
+        default:
+            return false;
+        }
+    }
+
+    public BigInteger getQ()
+    {
+        return q;
+    }
+
+    public int getFieldSize()
+    {
+        return q.bitLength();
+    }
+
+    public ECFieldElement fromBigInteger(BigInteger x)
+    {
+        return new SecP521R1FieldElement(x);
+    }
+
+    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, boolean withCompression)
+    {
+        return new SecP521R1Point(this, x, y, withCompression);
+    }
+
+    protected ECPoint createRawPoint(ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
+    {
+        return new SecP521R1Point(this, x, y, zs, withCompression);
+    }
+
+    public ECPoint getInfinity()
+    {
+        return infinity;
+    }
+
+    public ECLookupTable createCacheSafeLookupTable(ECPoint[] points, int off, final int len)
+    {
+        final int FE_INTS = 17;
+
+        final int[] table = new int[len * FE_INTS * 2];
+        {
+            int pos = 0;
+            for (int i = 0; i < len; ++i)
+            {
+                ECPoint p = points[off + i];
+                Nat.copy(FE_INTS, ((SecP521R1FieldElement)p.getRawXCoord()).x, 0, table, pos); pos += FE_INTS;
+                Nat.copy(FE_INTS, ((SecP521R1FieldElement)p.getRawYCoord()).x, 0, table, pos); pos += FE_INTS;
+            }
+        }
+
+        return new ECLookupTable()
+        {
+            public int getSize()
+            {
+                return len;
+            }
+
+            public ECPoint lookup(int index)
+            {
+                int[] x = Nat.create(FE_INTS), y = Nat.create(FE_INTS);
+                int pos = 0;
+
+                for (int i = 0; i < len; ++i)
+                {
+                    int MASK = ((i ^ index) - 1) >> 31;
+
+                    for (int j = 0; j < FE_INTS; ++j)
+                    {
+                        x[j] ^= table[pos + j] & MASK;
+                        y[j] ^= table[pos + FE_INTS + j] & MASK;
+                    }
+
+                    pos += (FE_INTS * 2);
+                }
+
+                return createRawPoint(new SecP521R1FieldElement(x), new SecP521R1FieldElement(y), false);
+            }
+        };
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP521R1Field.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP521R1Field.java
new file mode 100644
index 0000000..83cf10e
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP521R1Field.java

@@ -0,0 +1,160 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.raw.Nat;
+import com.android.org.bouncycastle.math.raw.Nat512;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP521R1Field
+{
+    // 2^521 - 1
+    static final int[] P = new int[]{ 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF,
+        0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0xFFFFFFFF, 0x1FF };
+    private static final int P16 = 0x1FF;
+
+    public static void add(int[] x, int[] y, int[] z)
+    {
+        int c = Nat.add(16, x, y, z) + x[16] + y[16];
+        if (c > P16 || (c == P16 && Nat.eq(16, z, P)))
+        {
+            c += Nat.inc(16, z);
+            c &= P16;
+        }
+        z[16] = c;
+    }
+
+    public static void addOne(int[] x, int[] z)
+    {
+        int c = Nat.inc(16, x, z) + x[16];
+        if (c > P16 || (c == P16 && Nat.eq(16, z, P)))
+        {
+            c += Nat.inc(16, z);
+            c &= P16;
+        }
+        z[16] = c;
+    }
+
+    public static int[] fromBigInteger(BigInteger x)
+    {
+        int[] z = Nat.fromBigInteger(521, x);
+        if (Nat.eq(17, z, P))
+        {
+            Nat.zero(17, z);
+        }
+        return z;
+    }
+
+    public static void half(int[] x, int[] z)
+    {
+        int x16 = x[16];
+        int c = Nat.shiftDownBit(16, x, x16, z);
+        z[16] = (x16 >>> 1) | (c >>> 23);
+    }
+
+    public static void multiply(int[] x, int[] y, int[] z)
+    {
+        int[] tt = Nat.create(33);
+        implMultiply(x, y, tt);
+        reduce(tt, z);
+    }
+
+    public static void negate(int[] x, int[] z)
+    {
+        if (Nat.isZero(17, x))
+        {
+            Nat.zero(17, z);
+        }
+        else
+        {
+            Nat.sub(17, P, x, z);
+        }
+    }
+
+    public static void reduce(int[] xx, int[] z)
+    {
+//        assert xx[32] >>> 18 == 0;
+
+        int xx32 = xx[32];
+        int c = Nat.shiftDownBits(16, xx, 16, 9, xx32, z, 0) >>> 23;
+        c += xx32 >>> 9;
+        c += Nat.addTo(16, xx, z);
+        if (c > P16 || (c == P16 && Nat.eq(16, z, P)))
+        {
+            c += Nat.inc(16, z);
+            c &= P16;
+        }
+        z[16] = c;
+    }
+
+    public static void reduce23(int[] z)
+    {
+        int z16 = z[16];
+        int c = Nat.addWordTo(16, z16 >>> 9, z) + (z16 & P16);
+        if (c > P16 || (c == P16 && Nat.eq(16, z, P)))
+        {
+            c += Nat.inc(16, z);
+            c &= P16;
+        }
+        z[16] = c;
+    }
+
+    public static void square(int[] x, int[] z)
+    {
+        int[] tt = Nat.create(33);
+        implSquare(x, tt);
+        reduce(tt, z);
+    }
+
+    public static void squareN(int[] x, int n, int[] z)
+    {
+//        assert n > 0;
+
+        int[] tt = Nat.create(33);
+        implSquare(x, tt);
+        reduce(tt, z);
+
+        while (--n > 0)
+        {
+            implSquare(z, tt);
+            reduce(tt, z);
+        }
+    }
+
+    public static void subtract(int[] x, int[] y, int[] z)
+    {
+        int c = Nat.sub(16, x, y, z) + x[16] - y[16];
+        if (c < 0)
+        {
+            c += Nat.dec(16, z);
+            c &= P16;
+        }
+        z[16] = c;
+    }
+
+    public static void twice(int[] x, int[] z)
+    {
+        int x16 = x[16];
+        int c = Nat.shiftUpBit(16, x, x16 << 23, z) | (x16 << 1);
+        z[16] = c & P16;
+    }
+
+    protected static void implMultiply(int[] x, int[] y, int[] zz)
+    {
+        Nat512.mul(x, y, zz);
+
+        int x16 = x[16], y16 = y[16];
+        zz[32] = Nat.mul31BothAdd(16, x16, y, y16, x, zz, 16) + (x16 * y16);
+    }
+
+    protected static void implSquare(int[] x, int[] zz)
+    {
+        Nat512.square(x, zz);
+
+        int x16 = x[16];
+        zz[32] = Nat.mulWordAddTo(16, x16 << 1, x, 0, zz, 16) + (x16 * x16);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP521R1FieldElement.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP521R1FieldElement.java
new file mode 100644
index 0000000..633692b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP521R1FieldElement.java

@@ -0,0 +1,173 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.ec.ECFieldElement;
+import com.android.org.bouncycastle.math.raw.Mod;
+import com.android.org.bouncycastle.math.raw.Nat;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP521R1FieldElement extends ECFieldElement.AbstractFp
+{
+    public static final BigInteger Q = SecP521R1Curve.q;
+
+    protected int[] x;
+
+    public SecP521R1FieldElement(BigInteger x)
+    {
+        if (x == null || x.signum() < 0 || x.compareTo(Q) >= 0)
+        {
+            throw new IllegalArgumentException("x value invalid for SecP521R1FieldElement");
+        }
+
+        this.x = SecP521R1Field.fromBigInteger(x);
+    }
+
+    public SecP521R1FieldElement()
+    {
+        this.x = Nat.create(17);
+    }
+
+    protected SecP521R1FieldElement(int[] x)
+    {
+        this.x = x;
+    }
+
+    public boolean isZero()
+    {
+        return Nat.isZero(17, x);
+    }
+
+    public boolean isOne()
+    {
+        return Nat.isOne(17, x);
+    }
+
+    public boolean testBitZero()
+    {
+        return Nat.getBit(x, 0) == 1;
+    }
+
+    public BigInteger toBigInteger()
+    {
+        return Nat.toBigInteger(17, x);
+    }
+
+    public String getFieldName()
+    {
+        return "SecP521R1Field";
+    }
+
+    public int getFieldSize()
+    {
+        return Q.bitLength();
+    }
+
+    public ECFieldElement add(ECFieldElement b)
+    {
+        int[] z = Nat.create(17);
+        SecP521R1Field.add(x, ((SecP521R1FieldElement)b).x, z);
+        return new SecP521R1FieldElement(z);
+    }
+
+    public ECFieldElement addOne()
+    {
+        int[] z = Nat.create(17);
+        SecP521R1Field.addOne(x, z);
+        return new SecP521R1FieldElement(z);
+    }
+
+    public ECFieldElement subtract(ECFieldElement b)
+    {
+        int[] z = Nat.create(17);
+        SecP521R1Field.subtract(x, ((SecP521R1FieldElement)b).x, z);
+        return new SecP521R1FieldElement(z);
+    }
+
+    public ECFieldElement multiply(ECFieldElement b)
+    {
+        int[] z = Nat.create(17);
+        SecP521R1Field.multiply(x, ((SecP521R1FieldElement)b).x, z);
+        return new SecP521R1FieldElement(z);
+    }
+
+    public ECFieldElement divide(ECFieldElement b)
+    {
+//        return multiply(b.invert());
+        int[] z = Nat.create(17);
+        Mod.invert(SecP521R1Field.P, ((SecP521R1FieldElement)b).x, z);
+        SecP521R1Field.multiply(z, x, z);
+        return new SecP521R1FieldElement(z);
+    }
+
+    public ECFieldElement negate()
+    {
+        int[] z = Nat.create(17);
+        SecP521R1Field.negate(x, z);
+        return new SecP521R1FieldElement(z);
+    }
+
+    public ECFieldElement square()
+    {
+        int[] z = Nat.create(17);
+        SecP521R1Field.square(x, z);
+        return new SecP521R1FieldElement(z);
+    }
+
+    public ECFieldElement invert()
+    {
+//        return new SecP521R1FieldElement(toBigInteger().modInverse(Q));
+        int[] z = Nat.create(17);
+        Mod.invert(SecP521R1Field.P, x, z);
+        return new SecP521R1FieldElement(z);
+    }
+
+    // D.1.4 91
+    /**
+     * return a sqrt root - the routine verifies that the calculation returns the right value - if
+     * none exists it returns null.
+     */
+    public ECFieldElement sqrt()
+    {
+        // Raise this element to the exponent 2^519
+
+        int[] x1 = this.x;
+        if (Nat.isZero(17, x1) || Nat.isOne(17, x1))
+        {
+            return this;
+        }
+
+        int[] t1 = Nat.create(17);
+        int[] t2 = Nat.create(17);
+
+        SecP521R1Field.squareN(x1, 519, t1);
+        SecP521R1Field.square(t1, t2);
+
+        return Nat.eq(17, x1, t2) ? new SecP521R1FieldElement(t1) : null;
+    }
+
+    public boolean equals(Object other)
+    {
+        if (other == this)
+        {
+            return true;
+        }
+
+        if (!(other instanceof SecP521R1FieldElement))
+        {
+            return false;
+        }
+
+        SecP521R1FieldElement o = (SecP521R1FieldElement)other;
+        return Nat.eq(17, x, o.x);
+    }
+
+    public int hashCode()
+    {
+        return Q.hashCode() ^ Arrays.hashCode(x, 0, 17);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP521R1Point.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP521R1Point.java
new file mode 100644
index 0000000..f36868c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/custom/sec/SecP521R1Point.java

@@ -0,0 +1,337 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.custom.sec;
+
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.ECFieldElement;
+import com.android.org.bouncycastle.math.ec.ECPoint;
+import com.android.org.bouncycastle.math.raw.Nat;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class SecP521R1Point extends ECPoint.AbstractFp
+{
+    /**
+     * Create a point which encodes with point compression.
+     *
+     * @param curve
+     *            the curve to use
+     * @param x
+     *            affine x co-ordinate
+     * @param y
+     *            affine y co-ordinate
+     *
+     * @deprecated Use ECCurve.createPoint to construct points
+     */
+    public SecP521R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y)
+    {
+        this(curve, x, y, false);
+    }
+
+    /**
+     * Create a point that encodes with or without point compresion.
+     *
+     * @param curve
+     *            the curve to use
+     * @param x
+     *            affine x co-ordinate
+     * @param y
+     *            affine y co-ordinate
+     * @param withCompression
+     *            if true encode with point compression
+     *
+     * @deprecated per-point compression property will be removed, refer
+     *             {@link #getEncoded(boolean)}
+     */
+    public SecP521R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, boolean withCompression)
+    {
+        super(curve, x, y);
+
+        if ((x == null) != (y == null))
+        {
+            throw new IllegalArgumentException("Exactly one of the field elements is null");
+        }
+
+        this.withCompression = withCompression;
+    }
+
+    SecP521R1Point(ECCurve curve, ECFieldElement x, ECFieldElement y, ECFieldElement[] zs, boolean withCompression)
+    {
+        super(curve, x, y, zs);
+
+        this.withCompression = withCompression;
+    }
+
+    protected ECPoint detach()
+    {
+        return new SecP521R1Point(null, getAffineXCoord(), getAffineYCoord());
+    }
+
+    public ECPoint add(ECPoint b)
+    {
+        if (this.isInfinity())
+        {
+            return b;
+        }
+        if (b.isInfinity())
+        {
+            return this;
+        }
+        if (this == b)
+        {
+            return twice();
+        }
+
+        ECCurve curve = this.getCurve();
+
+        SecP521R1FieldElement X1 = (SecP521R1FieldElement)this.x, Y1 = (SecP521R1FieldElement)this.y;
+        SecP521R1FieldElement X2 = (SecP521R1FieldElement)b.getXCoord(), Y2 = (SecP521R1FieldElement)b.getYCoord();
+
+        SecP521R1FieldElement Z1 = (SecP521R1FieldElement)this.zs[0];
+        SecP521R1FieldElement Z2 = (SecP521R1FieldElement)b.getZCoord(0);
+
+        int[] t1 = Nat.create(17);
+        int[] t2 = Nat.create(17);
+        int[] t3 = Nat.create(17);
+        int[] t4 = Nat.create(17);
+
+        boolean Z1IsOne = Z1.isOne();
+        int[] U2, S2;
+        if (Z1IsOne)
+        {
+            U2 = X2.x;
+            S2 = Y2.x;
+        }
+        else
+        {
+            S2 = t3;
+            SecP521R1Field.square(Z1.x, S2);
+
+            U2 = t2;
+            SecP521R1Field.multiply(S2, X2.x, U2);
+
+            SecP521R1Field.multiply(S2, Z1.x, S2);
+            SecP521R1Field.multiply(S2, Y2.x, S2);
+        }
+
+        boolean Z2IsOne = Z2.isOne();
+        int[] U1, S1;
+        if (Z2IsOne)
+        {
+            U1 = X1.x;
+            S1 = Y1.x;
+        }
+        else
+        {
+            S1 = t4;
+            SecP521R1Field.square(Z2.x, S1);
+
+            U1 = t1;
+            SecP521R1Field.multiply(S1, X1.x, U1);
+
+            SecP521R1Field.multiply(S1, Z2.x, S1);
+            SecP521R1Field.multiply(S1, Y1.x, S1);
+        }
+
+        int[] H = Nat.create(17);
+        SecP521R1Field.subtract(U1, U2, H);
+
+        int[] R = t2;
+        SecP521R1Field.subtract(S1, S2, R);
+
+        // Check if b == this or b == -this
+        if (Nat.isZero(17, H))
+        {
+            if (Nat.isZero(17, R))
+            {
+                // this == b, i.e. this must be doubled
+                return this.twice();
+            }
+
+            // this == -b, i.e. the result is the point at infinity
+            return curve.getInfinity();
+        }
+
+        int[] HSquared = t3;
+        SecP521R1Field.square(H, HSquared);
+
+        int[] G = Nat.create(17);
+        SecP521R1Field.multiply(HSquared, H, G);
+
+        int[] V = t3;
+        SecP521R1Field.multiply(HSquared, U1, V);
+
+        SecP521R1Field.multiply(S1, G, t1);
+
+        SecP521R1FieldElement X3 = new SecP521R1FieldElement(t4);
+        SecP521R1Field.square(R, X3.x);
+        SecP521R1Field.add(X3.x, G, X3.x);
+        SecP521R1Field.subtract(X3.x, V, X3.x);
+        SecP521R1Field.subtract(X3.x, V, X3.x);
+
+        SecP521R1FieldElement Y3 = new SecP521R1FieldElement(G);
+        SecP521R1Field.subtract(V, X3.x, Y3.x);
+        SecP521R1Field.multiply(Y3.x, R, t2);
+        SecP521R1Field.subtract(t2, t1, Y3.x);
+
+        SecP521R1FieldElement Z3 = new SecP521R1FieldElement(H);
+        if (!Z1IsOne)
+        {
+            SecP521R1Field.multiply(Z3.x, Z1.x, Z3.x);
+        }
+        if (!Z2IsOne)
+        {
+            SecP521R1Field.multiply(Z3.x, Z2.x, Z3.x);
+        }
+
+        ECFieldElement[] zs = new ECFieldElement[]{ Z3 };
+
+        return new SecP521R1Point(curve, X3, Y3, zs, this.withCompression);
+    }
+
+    public ECPoint twice()
+    {
+        if (this.isInfinity())
+        {
+            return this;
+        }
+
+        ECCurve curve = this.getCurve();
+
+        SecP521R1FieldElement Y1 = (SecP521R1FieldElement)this.y;
+        if (Y1.isZero())
+        {
+            return curve.getInfinity();
+        }
+
+        SecP521R1FieldElement X1 = (SecP521R1FieldElement)this.x, Z1 = (SecP521R1FieldElement)this.zs[0];
+
+        int[] t1 = Nat.create(17);
+        int[] t2 = Nat.create(17);
+
+        int[] Y1Squared = Nat.create(17);
+        SecP521R1Field.square(Y1.x, Y1Squared);
+
+        int[] T = Nat.create(17);
+        SecP521R1Field.square(Y1Squared, T);
+
+        boolean Z1IsOne = Z1.isOne();
+
+        int[] Z1Squared = Z1.x;
+        if (!Z1IsOne)
+        {
+            Z1Squared = t2;
+            SecP521R1Field.square(Z1.x, Z1Squared);
+        }
+
+        SecP521R1Field.subtract(X1.x, Z1Squared, t1);
+
+        int[] M = t2;
+        SecP521R1Field.add(X1.x, Z1Squared, M);
+        SecP521R1Field.multiply(M, t1, M);
+        Nat.addBothTo(17, M, M, M);
+        SecP521R1Field.reduce23(M);
+
+        int[] S = Y1Squared;
+        SecP521R1Field.multiply(Y1Squared, X1.x, S);
+        Nat.shiftUpBits(17, S, 2, 0);
+        SecP521R1Field.reduce23(S);
+
+        Nat.shiftUpBits(17, T, 3, 0, t1);
+        SecP521R1Field.reduce23(t1);
+
+        SecP521R1FieldElement X3 = new SecP521R1FieldElement(T);
+        SecP521R1Field.square(M, X3.x);
+        SecP521R1Field.subtract(X3.x, S, X3.x);
+        SecP521R1Field.subtract(X3.x, S, X3.x);
+
+        SecP521R1FieldElement Y3 = new SecP521R1FieldElement(S);
+        SecP521R1Field.subtract(S, X3.x, Y3.x);
+        SecP521R1Field.multiply(Y3.x, M, Y3.x);
+        SecP521R1Field.subtract(Y3.x, t1, Y3.x);
+
+        SecP521R1FieldElement Z3 = new SecP521R1FieldElement(M);
+        SecP521R1Field.twice(Y1.x, Z3.x);
+        if (!Z1IsOne)
+        {
+            SecP521R1Field.multiply(Z3.x, Z1.x, Z3.x);
+        }
+
+        return new SecP521R1Point(curve, X3, Y3, new ECFieldElement[]{ Z3 }, this.withCompression);
+    }
+
+    public ECPoint twicePlus(ECPoint b)
+    {
+        if (this == b)
+        {
+            return threeTimes();
+        }
+        if (this.isInfinity())
+        {
+            return b;
+        }
+        if (b.isInfinity())
+        {
+            return twice();
+        }
+
+        ECFieldElement Y1 = this.y;
+        if (Y1.isZero())
+        {
+            return b;
+        }
+
+        return twice().add(b);
+    }
+
+    public ECPoint threeTimes()
+    {
+        if (this.isInfinity() || this.y.isZero())
+        {
+            return this;
+        }
+
+        // NOTE: Be careful about recursions between twicePlus and threeTimes
+        return twice().add(this);
+    }
+
+    protected ECFieldElement two(ECFieldElement x)
+    {
+        return x.add(x);
+    }
+
+    protected ECFieldElement three(ECFieldElement x)
+    {
+        return two(x).add(x);
+    }
+
+    protected ECFieldElement four(ECFieldElement x)
+    {
+        return two(two(x));
+    }
+
+    protected ECFieldElement eight(ECFieldElement x)
+    {
+        return four(two(x));
+    }
+
+    protected ECFieldElement doubleProductFromSquares(ECFieldElement a, ECFieldElement b,
+        ECFieldElement aSquared, ECFieldElement bSquared)
+    {
+        /*
+         * NOTE: If squaring in the field is faster than multiplication, then this is a quicker
+         * way to calculate 2.A.B, if A^2 and B^2 are already known.
+         */
+        return a.add(b).square().subtract(aSquared).subtract(bSquared);
+    }
+
+    public ECPoint negate()
+    {
+        if (this.isInfinity())
+        {
+            return this;
+        }
+
+        return new SecP521R1Point(curve, this.x, this.y.negate(), this.zs, this.withCompression);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/endo/ECEndomorphism.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/endo/ECEndomorphism.java
new file mode 100644
index 0000000..72d9e91
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/endo/ECEndomorphism.java

@@ -0,0 +1,14 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.endo;
+
+import com.android.org.bouncycastle.math.ec.ECPointMap;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface ECEndomorphism
+{
+    ECPointMap getPointMap();
+
+    boolean hasEfficientPointMap();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/endo/GLVEndomorphism.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/endo/GLVEndomorphism.java
new file mode 100644
index 0000000..a203722
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/endo/GLVEndomorphism.java

@@ -0,0 +1,12 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.endo;
+
+import java.math.BigInteger;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface GLVEndomorphism extends ECEndomorphism
+{
+    BigInteger[] decomposeScalar(BigInteger k);
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/endo/GLVTypeBEndomorphism.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/endo/GLVTypeBEndomorphism.java
new file mode 100644
index 0000000..629f0dd
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/endo/GLVTypeBEndomorphism.java

@@ -0,0 +1,62 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.endo;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.math.ec.ECConstants;
+import com.android.org.bouncycastle.math.ec.ECCurve;
+import com.android.org.bouncycastle.math.ec.ECPointMap;
+import com.android.org.bouncycastle.math.ec.ScaleXPointMap;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class GLVTypeBEndomorphism implements GLVEndomorphism
+{
+    protected final ECCurve curve;
+    protected final GLVTypeBParameters parameters;
+    protected final ECPointMap pointMap;
+
+    public GLVTypeBEndomorphism(ECCurve curve, GLVTypeBParameters parameters)
+    {
+        this.curve = curve;
+        this.parameters = parameters;
+        this.pointMap = new ScaleXPointMap(curve.fromBigInteger(parameters.getBeta()));
+    }
+
+    public BigInteger[] decomposeScalar(BigInteger k)
+    {
+        int bits = parameters.getBits();
+        BigInteger b1 = calculateB(k, parameters.getG1(), bits);
+        BigInteger b2 = calculateB(k, parameters.getG2(), bits);
+
+        GLVTypeBParameters p = parameters;
+        BigInteger a = k.subtract((b1.multiply(p.getV1A())).add(b2.multiply(p.getV2A())));
+        BigInteger b = (b1.multiply(p.getV1B())).add(b2.multiply(p.getV2B())).negate();
+
+        return new BigInteger[]{ a, b };
+    }
+
+    public ECPointMap getPointMap()
+    {
+        return pointMap;
+    }
+
+    public boolean hasEfficientPointMap()
+    {
+        return true;
+    }
+
+    protected BigInteger calculateB(BigInteger k, BigInteger g, int t)
+    {
+        boolean negative = (g.signum() < 0);
+        BigInteger b = k.multiply(g.abs());
+        boolean extra = b.testBit(t - 1);
+        b = b.shiftRight(t);
+        if (extra)
+        {
+            b = b.add(ECConstants.ONE);
+        }
+        return negative ? b.negate() : b;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/endo/GLVTypeBParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/endo/GLVTypeBParameters.java
new file mode 100644
index 0000000..0c55813
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/ec/endo/GLVTypeBParameters.java

@@ -0,0 +1,102 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.ec.endo;
+
+import java.math.BigInteger;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class GLVTypeBParameters
+{
+    private static void checkVector(BigInteger[] v, String name)
+    {
+        if (v == null || v.length != 2 || v[0] == null || v[1] == null)
+        {
+            throw new IllegalArgumentException("'" + name + "' must consist of exactly 2 (non-null) values");
+        }
+    }
+
+    protected final BigInteger beta;
+    protected final BigInteger lambda;
+    protected final BigInteger v1A, v1B, v2A, v2B;
+    protected final BigInteger g1, g2;
+    protected final int bits;
+
+    public GLVTypeBParameters(BigInteger beta, BigInteger lambda, BigInteger[] v1, BigInteger[] v2, BigInteger g1,
+        BigInteger g2, int bits)
+    {
+        checkVector(v1, "v1");
+        checkVector(v2, "v2");
+
+        this.beta = beta;
+        this.lambda = lambda;
+        this.v1A = v1[0];
+        this.v1B = v1[1];
+        this.v2A = v2[0];
+        this.v2B = v2[1];
+        this.g1 = g1;
+        this.g2 = g2;
+        this.bits = bits;
+    }
+
+    public BigInteger getBeta()
+    {
+        return beta;
+    }
+
+    public BigInteger getLambda()
+    {
+        return lambda;
+    }
+
+    /**
+     * @deprecated Use {@link #getV1A()} and {@link #getV1B()} instead.
+     */
+    public BigInteger[] getV1()
+    {
+        return new BigInteger[]{ v1A, v1B };
+    }
+
+    public BigInteger getV1A()
+    {
+        return v1A;
+    }
+
+    public BigInteger getV1B()
+    {
+        return v1B;
+    }
+
+    /**
+     * @deprecated Use {@link #getV2A()} and {@link #getV2B()} instead.
+     */
+    public BigInteger[] getV2()
+    {
+        return new BigInteger[]{ v2A, v2B };
+    }
+
+    public BigInteger getV2A()
+    {
+        return v2A;
+    }
+
+    public BigInteger getV2B()
+    {
+        return v2B;
+    }
+
+    public BigInteger getG1()
+    {
+        return g1;
+    }
+
+    public BigInteger getG2()
+    {
+        return g2;
+    }
+    
+    public int getBits()
+    {
+        return bits;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/field/ExtensionField.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/field/ExtensionField.java
new file mode 100644
index 0000000..f11201d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/field/ExtensionField.java

@@ -0,0 +1,12 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.field;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface ExtensionField extends FiniteField
+{
+    FiniteField getSubfield();
+
+    int getDegree();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/field/FiniteField.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/field/FiniteField.java
new file mode 100644
index 0000000..9a682e4
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/field/FiniteField.java

@@ -0,0 +1,14 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.field;
+
+import java.math.BigInteger;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface FiniteField
+{
+    BigInteger getCharacteristic();
+
+    int getDimension();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/field/FiniteFields.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/field/FiniteFields.java
new file mode 100644
index 0000000..b9597e2
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/field/FiniteFields.java

@@ -0,0 +1,57 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.field;
+
+import java.math.BigInteger;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class FiniteFields
+{
+    static final FiniteField GF_2 = new PrimeField(BigInteger.valueOf(2));
+    static final FiniteField GF_3 = new PrimeField(BigInteger.valueOf(3));
+
+    public static PolynomialExtensionField getBinaryExtensionField(int[] exponents)
+    {
+        if (exponents[0] != 0)
+        {
+            throw new IllegalArgumentException("Irreducible polynomials in GF(2) must have constant term");
+        }
+        for (int i = 1; i < exponents.length; ++i)
+        {
+            if (exponents[i] <= exponents[i - 1])
+            {
+                throw new IllegalArgumentException("Polynomial exponents must be montonically increasing");
+            }
+        }
+
+        return new GenericPolynomialExtensionField(GF_2, new GF2Polynomial(exponents));
+    }
+
+//    public static PolynomialExtensionField getTernaryExtensionField(Term[] terms)
+//    {
+//        return new GenericPolynomialExtensionField(GF_3, new GF3Polynomial(terms));
+//    }
+
+    public static FiniteField getPrimeField(BigInteger characteristic)
+    {
+        int bitLength = characteristic.bitLength();
+        if (characteristic.signum() <= 0 || bitLength < 2)
+        {
+            throw new IllegalArgumentException("'characteristic' must be >= 2");
+        }
+
+        if (bitLength < 3)
+        {
+            switch (characteristic.intValue())
+            {
+            case 2:
+                return GF_2;
+            case 3:
+                return GF_3;
+            }
+        }
+
+        return new PrimeField(characteristic);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/field/GF2Polynomial.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/field/GF2Polynomial.java
new file mode 100644
index 0000000..fb51c64
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/field/GF2Polynomial.java

@@ -0,0 +1,43 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.field;
+
+import com.android.org.bouncycastle.util.Arrays;
+
+class GF2Polynomial implements Polynomial
+{
+    protected final int[] exponents;
+
+    GF2Polynomial(int[] exponents)
+    {
+        this.exponents = Arrays.clone(exponents);
+    }
+
+    public int getDegree()
+    {
+        return exponents[exponents.length - 1];
+    }
+
+    public int[] getExponentsPresent()
+    {
+        return Arrays.clone(exponents);
+    }
+
+    public boolean equals(Object obj)
+    {
+        if (this == obj)
+        {
+            return true;
+        }
+        if (!(obj instanceof GF2Polynomial))
+        {
+            return false;
+        }
+        GF2Polynomial other = (GF2Polynomial)obj;
+        return Arrays.areEqual(exponents, other.exponents);
+    }
+
+    public int hashCode()
+    {
+        return Arrays.hashCode(exponents);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/field/GenericPolynomialExtensionField.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/field/GenericPolynomialExtensionField.java
new file mode 100644
index 0000000..2c36bdb
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/field/GenericPolynomialExtensionField.java

@@ -0,0 +1,63 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.field;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.util.Integers;
+
+class GenericPolynomialExtensionField implements PolynomialExtensionField
+{
+    protected final FiniteField subfield;
+    protected final Polynomial minimalPolynomial;
+
+    GenericPolynomialExtensionField(FiniteField subfield, Polynomial polynomial)
+    {
+        this.subfield = subfield;
+        this.minimalPolynomial = polynomial;
+    }
+
+    public BigInteger getCharacteristic()
+    {
+        return subfield.getCharacteristic();
+    }
+
+    public int getDimension()
+    {
+        return subfield.getDimension() * minimalPolynomial.getDegree();
+    }
+
+    public FiniteField getSubfield()
+    {
+        return subfield;
+    }
+
+    public int getDegree()
+    {
+        return minimalPolynomial.getDegree();
+    }
+
+    public Polynomial getMinimalPolynomial()
+    {
+        return minimalPolynomial;
+    }
+
+    public boolean equals(Object obj)
+    {
+        if (this == obj)
+        {
+            return true;
+        }
+        if (!(obj instanceof GenericPolynomialExtensionField))
+        {
+            return false;
+        }
+        GenericPolynomialExtensionField other = (GenericPolynomialExtensionField)obj;
+        return subfield.equals(other.subfield) && minimalPolynomial.equals(other.minimalPolynomial);
+    }
+
+    public int hashCode()
+    {
+        return subfield.hashCode()
+            ^ Integers.rotateLeft(minimalPolynomial.hashCode(), 16);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/field/Polynomial.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/field/Polynomial.java
new file mode 100644
index 0000000..bc37c6b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/field/Polynomial.java

@@ -0,0 +1,16 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.field;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface Polynomial
+{
+    int getDegree();
+
+//    BigInteger[] getCoefficients();
+
+    int[] getExponentsPresent();
+
+//    Term[] getNonZeroTerms();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/field/PolynomialExtensionField.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/field/PolynomialExtensionField.java
new file mode 100644
index 0000000..c43cab8
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/field/PolynomialExtensionField.java

@@ -0,0 +1,10 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.field;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface PolynomialExtensionField extends ExtensionField
+{
+    Polynomial getMinimalPolynomial();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/field/PrimeField.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/field/PrimeField.java
new file mode 100644
index 0000000..62d428f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/field/PrimeField.java

@@ -0,0 +1,43 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.field;
+
+import java.math.BigInteger;
+
+class PrimeField implements FiniteField
+{
+    protected final BigInteger characteristic;
+
+    PrimeField(BigInteger characteristic)
+    {
+        this.characteristic = characteristic;
+    }
+
+    public BigInteger getCharacteristic()
+    {
+        return characteristic;
+    }
+
+    public int getDimension()
+    {
+        return 1;
+    }
+
+    public boolean equals(Object obj)
+    {
+        if (this == obj)
+        {
+            return true;
+        }
+        if (!(obj instanceof PrimeField))
+        {
+            return false;
+        }
+        PrimeField other = (PrimeField)obj;
+        return characteristic.equals(other.characteristic);
+    }
+
+    public int hashCode()
+    {
+        return characteristic.hashCode();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/raw/Interleave.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/raw/Interleave.java
new file mode 100644
index 0000000..dc6ab5d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/raw/Interleave.java

@@ -0,0 +1,181 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.raw;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class Interleave
+{
+    private static final long M32 = 0x55555555L;
+    private static final long M64 = 0x5555555555555555L;
+    private static final long M64R = 0xAAAAAAAAAAAAAAAAL;
+
+    /*
+     * This expands 8 bit indices into 16 bit contents (high bit 14), by inserting 0s between bits.
+     * In a binary field, this operation is the same as squaring an 8 bit number.
+     * 
+     * NOTE: All entries are positive so sign-extension is not an issue.
+     */
+//    private static final short[] INTERLEAVE2_TABLE = new short[]
+//    {
+//        0x0000, 0x0001, 0x0004, 0x0005, 0x0010, 0x0011, 0x0014, 0x0015,
+//        0x0040, 0x0041, 0x0044, 0x0045, 0x0050, 0x0051, 0x0054, 0x0055,
+//        0x0100, 0x0101, 0x0104, 0x0105, 0x0110, 0x0111, 0x0114, 0x0115,
+//        0x0140, 0x0141, 0x0144, 0x0145, 0x0150, 0x0151, 0x0154, 0x0155,
+//        0x0400, 0x0401, 0x0404, 0x0405, 0x0410, 0x0411, 0x0414, 0x0415,
+//        0x0440, 0x0441, 0x0444, 0x0445, 0x0450, 0x0451, 0x0454, 0x0455,
+//        0x0500, 0x0501, 0x0504, 0x0505, 0x0510, 0x0511, 0x0514, 0x0515,
+//        0x0540, 0x0541, 0x0544, 0x0545, 0x0550, 0x0551, 0x0554, 0x0555,
+//        0x1000, 0x1001, 0x1004, 0x1005, 0x1010, 0x1011, 0x1014, 0x1015,
+//        0x1040, 0x1041, 0x1044, 0x1045, 0x1050, 0x1051, 0x1054, 0x1055,
+//        0x1100, 0x1101, 0x1104, 0x1105, 0x1110, 0x1111, 0x1114, 0x1115,
+//        0x1140, 0x1141, 0x1144, 0x1145, 0x1150, 0x1151, 0x1154, 0x1155,
+//        0x1400, 0x1401, 0x1404, 0x1405, 0x1410, 0x1411, 0x1414, 0x1415,
+//        0x1440, 0x1441, 0x1444, 0x1445, 0x1450, 0x1451, 0x1454, 0x1455,
+//        0x1500, 0x1501, 0x1504, 0x1505, 0x1510, 0x1511, 0x1514, 0x1515,
+//        0x1540, 0x1541, 0x1544, 0x1545, 0x1550, 0x1551, 0x1554, 0x1555,
+//        0x4000, 0x4001, 0x4004, 0x4005, 0x4010, 0x4011, 0x4014, 0x4015,
+//        0x4040, 0x4041, 0x4044, 0x4045, 0x4050, 0x4051, 0x4054, 0x4055,
+//        0x4100, 0x4101, 0x4104, 0x4105, 0x4110, 0x4111, 0x4114, 0x4115,
+//        0x4140, 0x4141, 0x4144, 0x4145, 0x4150, 0x4151, 0x4154, 0x4155,
+//        0x4400, 0x4401, 0x4404, 0x4405, 0x4410, 0x4411, 0x4414, 0x4415,
+//        0x4440, 0x4441, 0x4444, 0x4445, 0x4450, 0x4451, 0x4454, 0x4455,
+//        0x4500, 0x4501, 0x4504, 0x4505, 0x4510, 0x4511, 0x4514, 0x4515,
+//        0x4540, 0x4541, 0x4544, 0x4545, 0x4550, 0x4551, 0x4554, 0x4555,
+//        0x5000, 0x5001, 0x5004, 0x5005, 0x5010, 0x5011, 0x5014, 0x5015,
+//        0x5040, 0x5041, 0x5044, 0x5045, 0x5050, 0x5051, 0x5054, 0x5055,
+//        0x5100, 0x5101, 0x5104, 0x5105, 0x5110, 0x5111, 0x5114, 0x5115,
+//        0x5140, 0x5141, 0x5144, 0x5145, 0x5150, 0x5151, 0x5154, 0x5155,
+//        0x5400, 0x5401, 0x5404, 0x5405, 0x5410, 0x5411, 0x5414, 0x5415,
+//        0x5440, 0x5441, 0x5444, 0x5445, 0x5450, 0x5451, 0x5454, 0x5455,
+//        0x5500, 0x5501, 0x5504, 0x5505, 0x5510, 0x5511, 0x5514, 0x5515,
+//        0x5540, 0x5541, 0x5544, 0x5545, 0x5550, 0x5551, 0x5554, 0x5555
+//    };
+
+    public static int expand8to16(int x)
+    {
+        x &= 0xFF;
+        x  = (x | (x << 4)) & 0x0F0F;
+        x  = (x | (x << 2)) & 0x3333;
+        x  = (x | (x << 1)) & 0x5555;
+        return x;
+    }
+
+    public static int expand16to32(int x)
+    {
+        x &= 0xFFFF;
+        x  = (x | (x << 8)) & 0x00FF00FF;
+        x  = (x | (x << 4)) & 0x0F0F0F0F;
+        x  = (x | (x << 2)) & 0x33333333;
+        x  = (x | (x << 1)) & 0x55555555;
+        return x;
+    }
+
+    public static long expand32to64(int x)
+    {
+        // "shuffle" low half to even bits and high half to odd bits
+        int t;
+        t = (x ^ (x >>>  8)) & 0x0000FF00; x ^= (t ^ (t <<  8));
+        t = (x ^ (x >>>  4)) & 0x00F000F0; x ^= (t ^ (t <<  4));
+        t = (x ^ (x >>>  2)) & 0x0C0C0C0C; x ^= (t ^ (t <<  2));
+        t = (x ^ (x >>>  1)) & 0x22222222; x ^= (t ^ (t <<  1));
+
+        return ((x >>> 1) & M32) << 32 | (x & M32);
+    }
+
+    public static void expand64To128(long x, long[] z, int zOff)
+    {
+        // "shuffle" low half to even bits and high half to odd bits
+        long t;
+        t = (x ^ (x >>> 16)) & 0x00000000FFFF0000L; x ^= (t ^ (t << 16));
+        t = (x ^ (x >>>  8)) & 0x0000FF000000FF00L; x ^= (t ^ (t <<  8));
+        t = (x ^ (x >>>  4)) & 0x00F000F000F000F0L; x ^= (t ^ (t <<  4));
+        t = (x ^ (x >>>  2)) & 0x0C0C0C0C0C0C0C0CL; x ^= (t ^ (t <<  2));
+        t = (x ^ (x >>>  1)) & 0x2222222222222222L; x ^= (t ^ (t <<  1));
+
+        z[zOff    ] = (x      ) & M64;
+        z[zOff + 1] = (x >>> 1) & M64;
+    }
+
+    public static void expand64To128Rev(long x, long[] z, int zOff)
+    {
+        // "shuffle" low half to even bits and high half to odd bits
+        long t;
+        t = (x ^ (x >>> 16)) & 0x00000000FFFF0000L; x ^= (t ^ (t << 16));
+        t = (x ^ (x >>>  8)) & 0x0000FF000000FF00L; x ^= (t ^ (t <<  8));
+        t = (x ^ (x >>>  4)) & 0x00F000F000F000F0L; x ^= (t ^ (t <<  4));
+        t = (x ^ (x >>>  2)) & 0x0C0C0C0C0C0C0C0CL; x ^= (t ^ (t <<  2));
+        t = (x ^ (x >>>  1)) & 0x2222222222222222L; x ^= (t ^ (t <<  1));
+
+        z[zOff    ] = (x     ) & M64R;
+        z[zOff + 1] = (x << 1) & M64R;
+    }
+
+    public static int shuffle(int x)
+    {
+        // "shuffle" low half to even bits and high half to odd bits
+        int t;
+        t = (x ^ (x >>>  8)) & 0x0000FF00; x ^= (t ^ (t <<  8));
+        t = (x ^ (x >>>  4)) & 0x00F000F0; x ^= (t ^ (t <<  4));
+        t = (x ^ (x >>>  2)) & 0x0C0C0C0C; x ^= (t ^ (t <<  2));
+        t = (x ^ (x >>>  1)) & 0x22222222; x ^= (t ^ (t <<  1));
+        return x;
+    }
+
+    public static long shuffle(long x)
+    {
+        // "shuffle" low half to even bits and high half to odd bits
+        long t;
+        t = (x ^ (x >>> 16)) & 0x00000000FFFF0000L; x ^= (t ^ (t << 16));
+        t = (x ^ (x >>>  8)) & 0x0000FF000000FF00L; x ^= (t ^ (t <<  8));
+        t = (x ^ (x >>>  4)) & 0x00F000F000F000F0L; x ^= (t ^ (t <<  4));
+        t = (x ^ (x >>>  2)) & 0x0C0C0C0C0C0C0C0CL; x ^= (t ^ (t <<  2));
+        t = (x ^ (x >>>  1)) & 0x2222222222222222L; x ^= (t ^ (t <<  1));
+        return x;
+    }
+
+    public static int shuffle2(int x)
+    {
+        // "shuffle" (twice) low half to even bits and high half to odd bits
+        int t;
+        t = (x ^ (x >>>  7)) & 0x00AA00AA; x ^= (t ^ (t <<  7));
+        t = (x ^ (x >>> 14)) & 0x0000CCCC; x ^= (t ^ (t << 14));
+        t = (x ^ (x >>>  4)) & 0x00F000F0; x ^= (t ^ (t <<  4));
+        t = (x ^ (x >>>  8)) & 0x0000FF00; x ^= (t ^ (t <<  8));
+        return x;
+    }
+
+    public static int unshuffle(int x)
+    {
+        // "unshuffle" even bits to low half and odd bits to high half
+        int t;
+        t = (x ^ (x >>>  1)) & 0x22222222; x ^= (t ^ (t <<  1));
+        t = (x ^ (x >>>  2)) & 0x0C0C0C0C; x ^= (t ^ (t <<  2));
+        t = (x ^ (x >>>  4)) & 0x00F000F0; x ^= (t ^ (t <<  4));
+        t = (x ^ (x >>>  8)) & 0x0000FF00; x ^= (t ^ (t <<  8));
+        return x;
+    }
+
+    public static long unshuffle(long x)
+    {
+        // "unshuffle" even bits to low half and odd bits to high half
+        long t;
+        t = (x ^ (x >>>  1)) & 0x2222222222222222L; x ^= (t ^ (t <<  1));
+        t = (x ^ (x >>>  2)) & 0x0C0C0C0C0C0C0C0CL; x ^= (t ^ (t <<  2));
+        t = (x ^ (x >>>  4)) & 0x00F000F000F000F0L; x ^= (t ^ (t <<  4));
+        t = (x ^ (x >>>  8)) & 0x0000FF000000FF00L; x ^= (t ^ (t <<  8));
+        t = (x ^ (x >>> 16)) & 0x00000000FFFF0000L; x ^= (t ^ (t << 16));
+        return x;
+    }
+
+    public static int unshuffle2(int x)
+    {
+        // "unshuffle" (twice) even bits to low half and odd bits to high half
+        int t;
+        t = (x ^ (x >>>  8)) & 0x0000FF00; x ^= (t ^ (t <<  8));
+        t = (x ^ (x >>>  4)) & 0x00F000F0; x ^= (t ^ (t <<  4));
+        t = (x ^ (x >>> 14)) & 0x0000CCCC; x ^= (t ^ (t << 14));
+        t = (x ^ (x >>>  7)) & 0x00AA00AA; x ^= (t ^ (t <<  7));
+        return x;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/raw/Mod.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/raw/Mod.java
new file mode 100644
index 0000000..7d0c48d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/raw/Mod.java

@@ -0,0 +1,203 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.raw;
+
+import java.util.Random;
+
+import com.android.org.bouncycastle.util.Pack;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class Mod
+{
+    public static int inverse32(int d)
+    {
+//        int x = d + (((d + 1) & 4) << 1);   // d.x == 1 mod 2**4
+        int x = d;                          // d.x == 1 mod 2**3
+        x *= 2 - d * x;                     // d.x == 1 mod 2**6
+        x *= 2 - d * x;                     // d.x == 1 mod 2**12
+        x *= 2 - d * x;                     // d.x == 1 mod 2**24
+        x *= 2 - d * x;                     // d.x == 1 mod 2**48
+//        assert d * x == 1;
+        return  x;
+    }
+
+    public static void invert(int[] p, int[] x, int[] z)
+    {
+        int len = p.length;
+        if (Nat.isZero(len, x))
+        {
+            throw new IllegalArgumentException("'x' cannot be 0");
+        }
+        if (Nat.isOne(len, x))
+        {
+            System.arraycopy(x, 0, z, 0, len);
+            return;
+        }
+
+        int[] u = Nat.copy(len, x);
+        int[] a = Nat.create(len);
+        a[0] = 1;
+        int ac = 0;
+
+        if ((u[0] & 1) == 0)
+        {
+            ac = inversionStep(p, u, len, a, ac);
+        }
+        if (Nat.isOne(len, u))
+        {
+            inversionResult(p, ac, a, z);
+            return;
+        }
+
+        int[] v = Nat.copy(len, p);
+        int[] b = Nat.create(len);
+        int bc = 0;
+
+        int uvLen = len;
+
+        for (;;)
+        {
+            while (u[uvLen - 1] == 0 && v[uvLen - 1] == 0)
+            {
+                --uvLen;
+            }
+
+            if (Nat.gte(uvLen, u, v))
+            {
+                Nat.subFrom(uvLen, v, u);
+//              assert (u[0] & 1) == 0;
+                ac += Nat.subFrom(len, b, a) - bc;
+                ac = inversionStep(p, u, uvLen, a, ac);
+                if (Nat.isOne(uvLen, u))
+                {
+                    inversionResult(p, ac, a, z);
+                    return;
+                }
+            }
+            else
+            {
+                Nat.subFrom(uvLen, u, v);
+//              assert (v[0] & 1) == 0;
+                bc += Nat.subFrom(len, a, b) - ac;
+                bc = inversionStep(p, v, uvLen, b, bc);
+                if (Nat.isOne(uvLen, v))
+                {
+                    inversionResult(p, bc, b, z);
+                    return;
+                }
+            }
+        }
+    }
+
+    public static int[] random(int[] p)
+    {
+        int len = p.length;
+        Random rand = new Random();
+        int[] s = Nat.create(len);
+
+        int m = p[len - 1];
+        m |= m >>> 1;
+        m |= m >>> 2;
+        m |= m >>> 4;
+        m |= m >>> 8;
+        m |= m >>> 16;
+
+        do
+        {
+            for (int i = 0; i != len; i++)
+            {
+                s[i] = rand.nextInt();
+            }
+            s[len - 1] &= m;
+        }
+        while (Nat.gte(len, s, p));
+
+        return s;
+    }
+
+    public static void add(int[] p, int[] x, int[] y, int[] z)
+    {
+        int len = p.length;
+        int c = Nat.add(len, x, y, z);
+        if (c != 0)
+        {
+            Nat.subFrom(len, p, z);
+        }
+    }
+
+    public static void subtract(int[] p, int[] x, int[] y, int[] z)
+    {
+        int len = p.length;
+        int c = Nat.sub(len, x, y, z);
+        if (c != 0)
+        {
+            Nat.addTo(len, p, z);
+        }
+    }
+
+    private static void inversionResult(int[] p, int ac, int[] a, int[] z)
+    {
+        if (ac < 0)
+        {
+            Nat.add(p.length, a, p, z);
+        }
+        else
+        {
+            System.arraycopy(a, 0, z, 0, p.length);
+        }
+    }
+
+    private static int inversionStep(int[] p, int[] u, int uLen, int[] x, int xc)
+    {
+        int len = p.length;
+        int count = 0;
+        while (u[0] == 0)
+        {
+            Nat.shiftDownWord(uLen, u, 0);
+            count += 32;
+        }
+
+        {
+            int zeroes = getTrailingZeroes(u[0]);
+            if (zeroes > 0)
+            {
+                Nat.shiftDownBits(uLen, u, zeroes, 0);
+                count += zeroes;
+            }
+        }
+
+        for (int i = 0; i < count; ++i)
+        {
+            if ((x[0] & 1) != 0)
+            {
+                if (xc < 0)
+                {
+                    xc += Nat.addTo(len, p, x);
+                }
+                else
+                {
+                    xc += Nat.subFrom(len, p, x);
+                }
+            }
+
+//            assert xc == 0 || xc == 1;
+            Nat.shiftDownBit(len, x, xc);
+        }
+        
+        return xc;
+    }
+
+    private static int getTrailingZeroes(int x)
+    {
+//        assert x != 0;
+
+        int count = 0;
+        while ((x & 1) == 0)
+        {
+            x >>>= 1;
+            ++count;
+        }
+        return count;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/raw/Nat.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/raw/Nat.java
new file mode 100644
index 0000000..61becdc
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/raw/Nat.java

@@ -0,0 +1,1153 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.raw;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.util.Pack;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class Nat
+{
+    private static final long M = 0xFFFFFFFFL;
+
+    public static int add(int len, int[] x, int[] y, int[] z)
+    {
+        long c = 0;
+        for (int i = 0; i < len; ++i)
+        {
+            c += (x[i] & M) + (y[i] & M);
+            z[i] = (int)c;
+            c >>>= 32;
+        }
+        return (int)c;
+    }
+
+    public static int add33At(int len, int x, int[] z, int zPos)
+    {
+        // assert zPos <= (len - 2);
+        long c = (z[zPos + 0] & M) + (x & M);
+        z[zPos + 0] = (int)c;
+        c >>>= 32;
+        c += (z[zPos + 1] & M) + 1L;
+        z[zPos + 1] = (int)c;
+        c >>>= 32;
+        return c == 0 ? 0 : incAt(len, z, zPos + 2);
+    }
+
+    public static int add33At(int len, int x, int[] z, int zOff, int zPos)
+    {
+        // assert zPos <= (len - 2);
+        long c = (z[zOff + zPos] & M) + (x & M);
+        z[zOff + zPos] = (int)c;
+        c >>>= 32;
+        c += (z[zOff + zPos + 1] & M) + 1L;
+        z[zOff + zPos + 1] = (int)c;
+        c >>>= 32;
+        return c == 0 ? 0 : incAt(len, z, zOff, zPos + 2);
+    }
+
+    public static int add33To(int len, int x, int[] z)
+    {
+        long c = (z[0] & M) + (x & M);
+        z[0] = (int)c;
+        c >>>= 32;
+        c += (z[1] & M) + 1L;
+        z[1] = (int)c;
+        c >>>= 32;
+        return c == 0 ? 0 : incAt(len, z, 2);
+    }
+
+    public static int add33To(int len, int x, int[] z, int zOff)
+    {
+        long c = (z[zOff + 0] & M) + (x & M);
+        z[zOff + 0] = (int)c;
+        c >>>= 32;
+        c += (z[zOff + 1] & M) + 1L;
+        z[zOff + 1] = (int)c;
+        c >>>= 32;
+        return c == 0 ? 0 : incAt(len, z, zOff, 2);
+    }
+
+    public static int addBothTo(int len, int[] x, int[] y, int[] z)
+    {
+        long c = 0;
+        for (int i = 0; i < len; ++i)
+        {
+            c += (x[i] & M) + (y[i] & M) + (z[i] & M);
+            z[i] = (int)c;
+            c >>>= 32;
+        }
+        return (int)c;
+    }
+
+    public static int addBothTo(int len, int[] x, int xOff, int[] y, int yOff, int[] z, int zOff)
+    {
+        long c = 0;
+        for (int i = 0; i < len; ++i)
+        {
+            c += (x[xOff + i] & M) + (y[yOff + i] & M) + (z[zOff + i] & M);
+            z[zOff + i] = (int)c;
+            c >>>= 32;
+        }
+        return (int)c;
+    }
+
+    public static int addDWordAt(int len, long x, int[] z, int zPos)
+    {
+        // assert zPos <= (len - 2);
+        long c = (z[zPos + 0] & M) + (x & M);
+        z[zPos + 0] = (int)c;
+        c >>>= 32;
+        c += (z[zPos + 1] & M) + (x >>> 32);
+        z[zPos + 1] = (int)c;
+        c >>>= 32;
+        return c == 0 ? 0 : incAt(len, z, zPos + 2);
+    }
+
+    public static int addDWordAt(int len, long x, int[] z, int zOff, int zPos)
+    {
+        // assert zPos <= (len - 2);
+        long c = (z[zOff + zPos] & M) + (x & M);
+        z[zOff + zPos] = (int)c;
+        c >>>= 32;
+        c += (z[zOff + zPos + 1] & M) + (x >>> 32);
+        z[zOff + zPos + 1] = (int)c;
+        c >>>= 32;
+        return c == 0 ? 0 : incAt(len, z, zOff, zPos + 2);
+    }
+
+    public static int addDWordTo(int len, long x, int[] z)
+    {
+        long c = (z[0] & M) + (x & M);
+        z[0] = (int)c;
+        c >>>= 32;
+        c += (z[1] & M) + (x >>> 32);
+        z[1] = (int)c;
+        c >>>= 32;
+        return c == 0 ? 0 : incAt(len, z, 2);
+    }
+
+    public static int addDWordTo(int len, long x, int[] z, int zOff)
+    {
+        long c = (z[zOff + 0] & M) + (x & M);
+        z[zOff + 0] = (int)c;
+        c >>>= 32;
+        c += (z[zOff + 1] & M) + (x >>> 32);
+        z[zOff + 1] = (int)c;
+        c >>>= 32;
+        return c == 0 ? 0 : incAt(len, z, zOff, 2);
+    }
+
+    public static int addTo(int len, int[] x, int[] z)
+    {
+        long c = 0;
+        for (int i = 0; i < len; ++i)
+        {
+            c += (x[i] & M) + (z[i] & M);
+            z[i] = (int)c;
+            c >>>= 32;
+        }
+        return (int)c;
+    }
+
+    public static int addTo(int len, int[] x, int xOff, int[] z, int zOff)
+    {
+        long c = 0;
+        for (int i = 0; i < len; ++i)
+        {
+            c += (x[xOff + i] & M) + (z[zOff + i] & M);
+            z[zOff + i] = (int)c;
+            c >>>= 32;
+        }
+        return (int)c;
+    }
+
+    public static int addWordAt(int len, int x, int[] z, int zPos)
+    {
+        // assert zPos <= (len - 1);
+        long c = (x & M) + (z[zPos] & M);
+        z[zPos] = (int)c;
+        c >>>= 32;
+        return c == 0 ? 0 : incAt(len, z, zPos + 1);
+    }
+
+    public static int addWordAt(int len, int x, int[] z, int zOff, int zPos)
+    {
+        // assert zPos <= (len - 1);
+        long c = (x & M) + (z[zOff + zPos] & M);
+        z[zOff + zPos] = (int)c;
+        c >>>= 32;
+        return c == 0 ? 0 : incAt(len, z, zOff, zPos + 1);
+    }
+
+    public static int addWordTo(int len, int x, int[] z)
+    {
+        long c = (x & M) + (z[0] & M);
+        z[0] = (int)c;
+        c >>>= 32;
+        return c == 0 ? 0 : incAt(len, z, 1);
+    }
+
+    public static int addWordTo(int len, int x, int[] z, int zOff)
+    {
+        long c = (x & M) + (z[zOff] & M);
+        z[zOff] = (int)c;
+        c >>>= 32;
+        return c == 0 ? 0 : incAt(len, z, zOff, 1);
+    }
+
+    public static int cadd(int len, int mask, int[] x, int[] y, int[] z)
+    {
+        long MASK = -(mask & 1) & M;
+        long c = 0;
+        for (int i = 0; i < len; ++i)
+        {
+            c += (x[i] & M) + (y[i] & MASK);
+            z[i] = (int)c;
+            c >>>= 32;
+        }
+        return (int)c;
+    }
+
+    public static void cmov(int len, int mask, int[] x, int xOff, int[] z, int zOff)
+    {
+        mask = -(mask & 1);
+
+        for (int i = 0; i < len; ++i)
+        {
+            int z_i = z[zOff + i], diff = z_i ^ x[xOff + i];
+            z_i ^= (diff & mask);
+            z[zOff + i] = z_i;
+        }
+
+//        final int half = 0x55555555, rest = half << (-mask);
+//
+//        for (int i = 0; i < len; ++i)
+//        {
+//            int z_i = z[zOff + i], diff = z_i ^ x[xOff + i];
+//            z_i ^= (diff & half);
+//            z_i ^= (diff & rest);
+//            z[zOff + i] = z_i;
+//        }
+    }
+
+    public static int[] copy(int len, int[] x)
+    {
+        int[] z = new int[len];
+        System.arraycopy(x, 0, z, 0, len);
+        return z;
+    }
+
+    public static void copy(int len, int[] x, int[] z)
+    {
+        System.arraycopy(x, 0, z, 0, len);
+    }
+
+    public static void copy(int len, int[] x, int xOff, int[] z, int zOff)
+    {
+        System.arraycopy(x, xOff, z, zOff, len);
+    }
+
+    public static int[] create(int len)
+    {
+        return new int[len];
+    }
+
+    public static long[] create64(int len)
+    {
+        return new long[len];
+    }
+
+    public static int csub(int len, int mask, int[] x, int[] y, int[] z)
+    {
+        long MASK = -(mask & 1) & M;
+        long c = 0;
+        for (int i = 0; i < len; ++i)
+        {
+            c += (x[i] & M) - (y[i] & MASK);
+            z[i] = (int)c;
+            c >>= 32;
+        }
+        return (int)c;
+    }
+
+    public static int dec(int len, int[] z)
+    {
+        for (int i = 0; i < len; ++i)
+        {
+            if (--z[i] != -1)
+            {
+                return 0;
+            }
+        }
+        return -1;
+    }
+
+    public static int dec(int len, int[] x, int[] z)
+    {
+        int i = 0;
+        while (i < len)
+        {
+            int c = x[i] - 1;
+            z[i] = c;
+            ++i;
+            if (c != -1)
+            {
+                while (i < len)
+                {
+                    z[i] = x[i];
+                    ++i;
+                }
+                return 0;
+            }
+        }
+        return -1;
+    }
+
+    public static int decAt(int len, int[] z, int zPos)
+    {
+        // assert zPos <= len;
+        for (int i = zPos; i < len; ++i)
+        {
+            if (--z[i] != -1)
+            {
+                return 0;
+            }
+        }
+        return -1;
+    }
+
+    public static int decAt(int len, int[] z, int zOff, int zPos)
+    {
+        // assert zPos <= len;
+        for (int i = zPos; i < len; ++i)
+        {
+            if (--z[zOff + i] != -1)
+            {
+                return 0;
+            }
+        }
+        return -1;
+    }
+
+    public static boolean eq(int len, int[] x, int[] y)
+    {
+        for (int i = len - 1; i >= 0; --i)
+        {
+            if (x[i] != y[i])
+            {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    public static int[] fromBigInteger(int bits, BigInteger x)
+    {
+        if (x.signum() < 0 || x.bitLength() > bits)
+        {
+            throw new IllegalArgumentException();
+        }
+
+        int len = (bits + 31) >> 5;
+        int[] z = create(len);
+        int i = 0;
+        while (x.signum() != 0)
+        {
+            z[i++] = x.intValue();
+            x = x.shiftRight(32);
+        }
+        return z;
+    }
+
+    public static int getBit(int[] x, int bit)
+    {
+        if (bit == 0)
+        {
+            return x[0] & 1;
+        }
+        int w = bit >> 5;
+        if (w < 0 || w >= x.length)
+        {
+            return 0;
+        }
+        int b = bit & 31;
+        return (x[w] >>> b) & 1;
+    }
+
+    public static boolean gte(int len, int[] x, int[] y)
+    {
+        for (int i = len - 1; i >= 0; --i)
+        {
+            int x_i = x[i] ^ Integer.MIN_VALUE;
+            int y_i = y[i] ^ Integer.MIN_VALUE;
+            if (x_i < y_i)
+                return false;
+            if (x_i > y_i)
+                return true;
+        }
+        return true;
+    }
+
+    public static int inc(int len, int[] z)
+    {
+        for (int i = 0; i < len; ++i)
+        {
+            if (++z[i] != 0)
+            {
+                return 0;
+            }
+        }
+        return 1;
+    }
+
+    public static int inc(int len, int[] x, int[] z)
+    {
+        int i = 0;
+        while (i < len)
+        {
+            int c = x[i] + 1;
+            z[i] = c;
+            ++i;
+            if (c != 0)
+            {
+                while (i < len)
+                {
+                    z[i] = x[i];
+                    ++i;
+                }
+                return 0;
+            }
+        }
+        return 1;
+    }
+
+    public static int incAt(int len, int[] z, int zPos)
+    {
+        // assert zPos <= len;
+        for (int i = zPos; i < len; ++i)
+        {
+            if (++z[i] != 0)
+            {
+                return 0;
+            }
+        }
+        return 1;
+    }
+
+    public static int incAt(int len, int[] z, int zOff, int zPos)
+    {
+        // assert zPos <= len;
+        for (int i = zPos; i < len; ++i)
+        {
+            if (++z[zOff + i] != 0)
+            {
+                return 0;
+            }
+        }
+        return 1;
+    }
+
+    public static boolean isOne(int len, int[] x)
+    {
+        if (x[0] != 1)
+        {
+            return false;
+        }
+        for (int i = 1; i < len; ++i)
+        {
+            if (x[i] != 0)
+            {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    public static boolean isZero(int len, int[] x)
+    {
+        for (int i = 0; i < len; ++i)
+        {
+            if (x[i] != 0)
+            {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    public static void mul(int len, int[] x, int[] y, int[] zz)
+    {
+        zz[len] = mulWord(len, x[0], y, zz);
+
+        for (int i = 1; i < len; ++i)
+        {
+            zz[i + len] = mulWordAddTo(len, x[i], y, 0, zz, i);
+        }
+    }
+
+    public static void mul(int len, int[] x, int xOff, int[] y, int yOff, int[] zz, int zzOff)
+    {
+        zz[zzOff + len] = mulWord(len, x[xOff], y, yOff, zz, zzOff);
+
+        for (int i = 1; i < len; ++i)
+        {
+            zz[zzOff + i + len] = mulWordAddTo(len, x[xOff + i], y, yOff, zz, zzOff + i);
+        }
+    }
+
+    public static void mul(int[] x, int xOff, int xLen, int[] y, int yOff, int yLen, int[] zz, int zzOff)
+    {
+        zz[zzOff + yLen] = mulWord(yLen, x[xOff], y, yOff, zz, zzOff);
+
+        for (int i = 1; i < xLen; ++i)
+        {
+            zz[zzOff + i + yLen] = mulWordAddTo(yLen, x[xOff + i], y, yOff, zz, zzOff + i);
+        }
+    }
+
+    public static int mulAddTo(int len, int[] x, int[] y, int[] zz)
+    {
+        long zc = 0;
+        for (int i = 0; i < len; ++i)
+        {
+            long c = mulWordAddTo(len, x[i], y, 0, zz, i) & M;
+            c += zc + (zz[i + len] & M);
+            zz[i + len] = (int)c;
+            zc = c >>> 32;
+        }
+        return (int)zc;
+    }
+
+    public static int mulAddTo(int len, int[] x, int xOff, int[] y, int yOff, int[] zz, int zzOff)
+    {
+        long zc = 0;
+        for (int i = 0; i < len; ++i)
+        {
+            long c = mulWordAddTo(len, x[xOff + i], y, yOff, zz, zzOff) & M;
+            c += zc + (zz[zzOff + len] & M);
+            zz[zzOff + len] = (int)c;
+            zc = c >>> 32;
+            ++zzOff;
+        }
+        return (int)zc;
+    }
+
+    public static int mul31BothAdd(int len, int a, int[] x, int b, int[] y, int[] z, int zOff)
+    {
+        long c = 0, aVal = a & M, bVal = b & M;
+        int i = 0;
+        do
+        {
+            c += aVal * (x[i] & M) + bVal * (y[i] & M) + (z[zOff + i] & M);
+            z[zOff + i] = (int)c;
+            c >>>= 32;
+        }
+        while (++i < len);
+        return (int)c;
+    }
+
+    public static int mulWord(int len, int x, int[] y, int[] z)
+    {
+        long c = 0, xVal = x & M;
+        int i = 0;
+        do
+        {
+            c += xVal * (y[i] & M);
+            z[i] = (int)c;
+            c >>>= 32;
+        }
+        while (++i < len);
+        return (int)c;
+    }
+
+    public static int mulWord(int len, int x, int[] y, int yOff, int[] z, int zOff)
+    {
+        long c = 0, xVal = x & M;
+        int i = 0;
+        do
+        {
+            c += xVal * (y[yOff + i] & M);
+            z[zOff + i] = (int)c;
+            c >>>= 32;
+        }
+        while (++i < len);
+        return (int)c;
+    }
+
+    public static int mulWordAddTo(int len, int x, int[] y, int yOff, int[] z, int zOff)
+    {
+        long c = 0, xVal = x & M;
+        int i = 0;
+        do
+        {
+            c += xVal * (y[yOff + i] & M) + (z[zOff + i] & M);
+            z[zOff + i] = (int)c;
+            c >>>= 32;
+        }
+        while (++i < len);
+        return (int)c;
+    }
+
+    public static int mulWordDwordAddAt(int len, int x, long y, int[] z, int zPos)
+    {
+        // assert zPos <= (len - 3);
+        long c = 0, xVal = x & M;
+        c += xVal * (y & M) + (z[zPos + 0] & M);
+        z[zPos + 0] = (int)c;
+        c >>>= 32;
+        c += xVal * (y >>> 32) + (z[zPos + 1] & M);
+        z[zPos + 1] = (int)c;
+        c >>>= 32;
+        c += (z[zPos + 2] & M);
+        z[zPos + 2] = (int)c;
+        c >>>= 32;
+        return c == 0 ? 0 : incAt(len, z, zPos + 3);
+    }
+
+    public static int shiftDownBit(int len, int[] z, int c)
+    {
+        int i = len;
+        while (--i >= 0)
+        {
+            int next = z[i];
+            z[i] = (next >>> 1) | (c << 31);
+            c = next;
+        }
+        return c << 31;
+    }
+
+    public static int shiftDownBit(int len, int[] z, int zOff, int c)
+    {
+        int i = len;
+        while (--i >= 0)
+        {
+            int next = z[zOff + i];
+            z[zOff + i] = (next >>> 1) | (c << 31);
+            c = next;
+        }
+        return c << 31;
+    }
+
+    public static int shiftDownBit(int len, int[] x, int c, int[] z)
+    {
+        int i = len;
+        while (--i >= 0)
+        {
+            int next = x[i];
+            z[i] = (next >>> 1) | (c << 31);
+            c = next;
+        }
+        return c << 31;
+    }
+
+    public static int shiftDownBit(int len, int[] x, int xOff, int c, int[] z, int zOff)
+    {
+        int i = len;
+        while (--i >= 0)
+        {
+            int next = x[xOff + i];
+            z[zOff + i] = (next >>> 1) | (c << 31);
+            c = next;
+        }
+        return c << 31;
+    }
+
+    public static int shiftDownBits(int len, int[] z, int bits, int c)
+    {
+//        assert bits > 0 && bits < 32;
+        int i = len;
+        while (--i >= 0)
+        {
+            int next = z[i];
+            z[i] = (next >>> bits) | (c << -bits);
+            c = next;
+        }
+        return c << -bits;
+    }
+
+    public static int shiftDownBits(int len, int[] z, int zOff, int bits, int c)
+    {
+//        assert bits > 0 && bits < 32;
+        int i = len;
+        while (--i >= 0)
+        {
+            int next = z[zOff + i];
+            z[zOff + i] = (next >>> bits) | (c << -bits);
+            c = next;
+        }
+        return c << -bits;
+    }
+
+    public static int shiftDownBits(int len, int[] x, int bits, int c, int[] z)
+    {
+//        assert bits > 0 && bits < 32;
+        int i = len;
+        while (--i >= 0)
+        {
+            int next = x[i];
+            z[i] = (next >>> bits) | (c << -bits);
+            c = next;
+        }
+        return c << -bits;
+    }
+
+    public static int shiftDownBits(int len, int[] x, int xOff, int bits, int c, int[] z, int zOff)
+    {
+//        assert bits > 0 && bits < 32;
+        int i = len;
+        while (--i >= 0)
+        {
+            int next = x[xOff + i];
+            z[zOff + i] = (next >>> bits) | (c << -bits);
+            c = next;
+        }
+        return c << -bits;
+    }
+
+    public static int shiftDownWord(int len, int[] z, int c)
+    {
+        int i = len;
+        while (--i >= 0)
+        {
+            int next = z[i];
+            z[i] = c;
+            c = next;
+        }
+        return c;
+    }
+
+    public static int shiftUpBit(int len, int[] z, int c)
+    {
+        for (int i = 0; i < len; ++i)
+        {
+            int next = z[i];
+            z[i] = (next << 1) | (c >>> 31);
+            c = next;
+        }
+        return c >>> 31;
+    }
+
+    public static int shiftUpBit(int len, int[] z, int zOff, int c)
+    {
+        for (int i = 0; i < len; ++i)
+        {
+            int next = z[zOff + i];
+            z[zOff + i] = (next << 1) | (c >>> 31);
+            c = next;
+        }
+        return c >>> 31;
+    }
+
+    public static int shiftUpBit(int len, int[] x, int c, int[] z)
+    {
+        for (int i = 0; i < len; ++i)
+        {
+            int next = x[i];
+            z[i] = (next << 1) | (c >>> 31);
+            c = next;
+        }
+        return c >>> 31;
+    }
+
+    public static int shiftUpBit(int len, int[] x, int xOff, int c, int[] z, int zOff)
+    {
+        for (int i = 0; i < len; ++i)
+        {
+            int next = x[xOff + i];
+            z[zOff + i] = (next << 1) | (c >>> 31);
+            c = next;
+        }
+        return c >>> 31;
+    }
+
+    public static long shiftUpBit64(int len, long[] x, int xOff, long c, long[] z, int zOff)
+    {
+        for (int i = 0; i < len; ++i)
+        {
+            long next = x[xOff + i];
+            z[zOff + i] = (next << 1) | (c >>> 63);
+            c = next;
+        }
+        return c >>> 63;
+    }
+
+    public static int shiftUpBits(int len, int[] z, int bits, int c)
+    {
+//        assert bits > 0 && bits < 32;
+        for (int i = 0; i < len; ++i)
+        {
+            int next = z[i];
+            z[i] = (next << bits) | (c >>> -bits);
+            c = next;
+        }
+        return c >>> -bits;
+    }
+
+    public static int shiftUpBits(int len, int[] z, int zOff, int bits, int c)
+    {
+//        assert bits > 0 && bits < 32;
+        for (int i = 0; i < len; ++i)
+        {
+            int next = z[zOff + i];
+            z[zOff + i] = (next << bits) | (c >>> -bits);
+            c = next;
+        }
+        return c >>> -bits;
+    }
+
+    public static long shiftUpBits64(int len, long[] z, int zOff, int bits, long c)
+    {
+//        assert bits > 0 && bits < 64;
+        for (int i = 0; i < len; ++i)
+        {
+            long next = z[zOff + i];
+            z[zOff + i] = (next << bits) | (c >>> -bits);
+            c = next;
+        }
+        return c >>> -bits;
+    }
+
+    public static int shiftUpBits(int len, int[] x, int bits, int c, int[] z)
+    {
+//        assert bits > 0 && bits < 32;
+        for (int i = 0; i < len; ++i)
+        {
+            int next = x[i];
+            z[i] = (next << bits) | (c >>> -bits);
+            c = next;
+        }
+        return c >>> -bits;
+    }
+
+    public static int shiftUpBits(int len, int[] x, int xOff, int bits, int c, int[] z, int zOff)
+    {
+//        assert bits > 0 && bits < 32;
+        for (int i = 0; i < len; ++i)
+        {
+            int next = x[xOff + i];
+            z[zOff + i] = (next << bits) | (c >>> -bits);
+            c = next;
+        }
+        return c >>> -bits;
+    }
+
+    public static long shiftUpBits64(int len, long[] x, int xOff, int bits, long c, long[] z, int zOff)
+    {
+//        assert bits > 0 && bits < 64;
+        for (int i = 0; i < len; ++i)
+        {
+            long next = x[xOff + i];
+            z[zOff + i] = (next << bits) | (c >>> -bits);
+            c = next;
+        }
+        return c >>> -bits;
+    }
+
+    public static void square(int len, int[] x, int[] zz)
+    {
+        int extLen = len << 1;
+        int c = 0;
+        int j = len, k = extLen;
+        do
+        {
+            long xVal = (x[--j] & M);
+            long p = xVal * xVal;
+            zz[--k] = (c << 31) | (int)(p >>> 33);
+            zz[--k] = (int)(p >>> 1);
+            c = (int)p;
+        }
+        while (j > 0);
+
+        for (int i = 1; i < len; ++i)
+        {
+            c = squareWordAdd(x, i, zz);
+            addWordAt(extLen, c, zz, i << 1);
+        }
+
+        shiftUpBit(extLen, zz, x[0] << 31);
+    }
+
+    public static void square(int len, int[] x, int xOff, int[] zz, int zzOff)
+    {
+        int extLen = len << 1;
+        int c = 0;
+        int j = len, k = extLen;
+        do
+        {
+            long xVal = (x[xOff + --j] & M);
+            long p = xVal * xVal;
+            zz[zzOff + --k] = (c << 31) | (int)(p >>> 33);
+            zz[zzOff + --k] = (int)(p >>> 1);
+            c = (int)p;
+        }
+        while (j > 0);
+
+        for (int i = 1; i < len; ++i)
+        {
+            c = squareWordAdd(x, xOff, i, zz, zzOff);
+            addWordAt(extLen, c, zz, zzOff, i << 1);
+        }
+
+        shiftUpBit(extLen, zz, zzOff, x[xOff] << 31);
+    }
+
+    public static int squareWordAdd(int[] x, int xPos, int[] z)
+    {
+        long c = 0, xVal = x[xPos] & M;
+        int i = 0;
+        do
+        {
+            c += xVal * (x[i] & M) + (z[xPos + i] & M);
+            z[xPos + i] = (int)c;
+            c >>>= 32;
+        }
+        while (++i < xPos);
+        return (int)c;
+    }
+
+    public static int squareWordAdd(int[] x, int xOff, int xPos, int[] z, int zOff)
+    {
+        long c = 0, xVal = x[xOff + xPos] & M;
+        int i = 0;
+        do
+        {
+            c += xVal * (x[xOff + i] & M) + (z[xPos + zOff] & M);
+            z[xPos + zOff] = (int)c;
+            c >>>= 32;
+            ++zOff;
+        }
+        while (++i < xPos);
+        return (int)c;
+    }
+
+    public static int sub(int len, int[] x, int[] y, int[] z)
+    {
+        long c = 0;
+        for (int i = 0; i < len; ++i)
+        {
+            c += (x[i] & M) - (y[i] & M);
+            z[i] = (int)c;
+            c >>= 32;
+        }
+        return (int)c;
+    }
+
+    public static int sub(int len, int[] x, int xOff, int[] y, int yOff, int[] z, int zOff)
+    {
+        long c = 0;
+        for (int i = 0; i < len; ++i)
+        {
+            c += (x[xOff + i] & M) - (y[yOff + i] & M);
+            z[zOff + i] = (int)c;
+            c >>= 32;
+        }
+        return (int)c;
+    }
+
+    public static int sub33At(int len, int x, int[] z, int zPos)
+    {
+        // assert zPos <= (len - 2);
+        long c = (z[zPos + 0] & M) - (x & M);
+        z[zPos + 0] = (int)c;
+        c >>= 32;
+        c += (z[zPos + 1] & M) - 1;
+        z[zPos + 1] = (int)c;
+        c >>= 32;
+        return c == 0 ? 0 : decAt(len, z, zPos + 2);
+    }
+
+    public static int sub33At(int len, int x, int[] z, int zOff, int zPos)
+    {
+        // assert zPos <= (len - 2);
+        long c = (z[zOff + zPos] & M) - (x & M);
+        z[zOff + zPos] = (int)c;
+        c >>= 32;
+        c += (z[zOff + zPos + 1] & M) - 1;
+        z[zOff + zPos + 1] = (int)c;
+        c >>= 32;
+        return c == 0 ? 0 : decAt(len, z, zOff, zPos + 2);
+    }
+
+    public static int sub33From(int len, int x, int[] z)
+    {
+        long c = (z[0] & M) - (x & M);
+        z[0] = (int)c;
+        c >>= 32;
+        c += (z[1] & M) - 1;
+        z[1] = (int)c;
+        c >>= 32;
+        return c == 0 ? 0 : decAt(len, z, 2);
+    }
+
+    public static int sub33From(int len, int x, int[] z, int zOff)
+    {
+        long c = (z[zOff + 0] & M) - (x & M);
+        z[zOff + 0] = (int)c;
+        c >>= 32;
+        c += (z[zOff + 1] & M) - 1;
+        z[zOff + 1] = (int)c;
+        c >>= 32;
+        return c == 0 ? 0 : decAt(len, z, zOff, 2);
+    }
+
+    public static int subBothFrom(int len, int[] x, int[] y, int[] z)
+    {
+        long c = 0;
+        for (int i = 0; i < len; ++i)
+        {
+            c += (z[i] & M) - (x[i] & M) - (y[i] & M);
+            z[i] = (int)c;
+            c >>= 32;
+        }
+        return (int)c;
+    }
+
+    public static int subBothFrom(int len, int[] x, int xOff, int[] y, int yOff, int[] z, int zOff)
+    {
+        long c = 0;
+        for (int i = 0; i < len; ++i)
+        {
+            c += (z[zOff + i] & M) - (x[xOff + i] & M) - (y[yOff + i] & M);
+            z[zOff + i] = (int)c;
+            c >>= 32;
+        }
+        return (int)c;
+    }
+
+    public static int subDWordAt(int len, long x, int[] z, int zPos)
+    {
+        // assert zPos <= (len - 2);
+        long c = (z[zPos + 0] & M) - (x & M);
+        z[zPos + 0] = (int)c;
+        c >>= 32;
+        c += (z[zPos + 1] & M) - (x >>> 32);
+        z[zPos + 1] = (int)c;
+        c >>= 32;
+        return c == 0 ? 0 : decAt(len, z, zPos + 2);
+    }
+
+    public static int subDWordAt(int len, long x, int[] z, int zOff, int zPos)
+    {
+        // assert zPos <= (len - 2);
+        long c = (z[zOff + zPos] & M) - (x & M);
+        z[zOff + zPos] = (int)c;
+        c >>= 32;
+        c += (z[zOff + zPos + 1] & M) - (x >>> 32);
+        z[zOff + zPos + 1] = (int)c;
+        c >>= 32;
+        return c == 0 ? 0 : decAt(len, z,  zOff, zPos + 2);
+    }
+
+    public static int subDWordFrom(int len, long x, int[] z)
+    {
+        long c = (z[0] & M) - (x & M);
+        z[0] = (int)c;
+        c >>= 32;
+        c += (z[1] & M) - (x >>> 32);
+        z[1] = (int)c;
+        c >>= 32;
+        return c == 0 ? 0 : decAt(len, z, 2);
+    }
+
+    public static int subDWordFrom(int len, long x, int[] z, int zOff)
+    {
+        long c = (z[zOff + 0] & M) - (x & M);
+        z[zOff + 0] = (int)c;
+        c >>= 32;
+        c += (z[zOff + 1] & M) - (x >>> 32);
+        z[zOff + 1] = (int)c;
+        c >>= 32;
+        return c == 0 ? 0 : decAt(len, z, zOff, 2);
+    }
+
+    public static int subFrom(int len, int[] x, int[] z)
+    {
+        long c = 0;
+        for (int i = 0; i < len; ++i)
+        {
+            c += (z[i] & M) - (x[i] & M);
+            z[i] = (int)c;
+            c >>= 32;
+        }
+        return (int)c;
+    }
+
+    public static int subFrom(int len, int[] x, int xOff, int[] z, int zOff)
+    {
+        long c = 0;
+        for (int i = 0; i < len; ++i)
+        {
+            c += (z[zOff + i] & M) - (x[xOff + i] & M);
+            z[zOff + i] = (int)c;
+            c >>= 32;
+        }
+        return (int)c;
+    }
+
+    public static int subWordAt(int len, int x, int[] z, int zPos)
+    {
+        // assert zPos <= (len - 1);
+        long c = (z[zPos] & M) - (x & M);
+        z[zPos] = (int)c;
+        c >>= 32;
+        return c == 0 ? 0 : decAt(len, z, zPos + 1);
+    }
+
+    public static int subWordAt(int len, int x, int[] z, int zOff, int zPos)
+    {
+        // assert zPos <= (len - 1);
+        long c = (z[zOff + zPos] & M) - (x & M);
+        z[zOff + zPos] = (int)c;
+        c >>= 32;
+        return c == 0 ? 0 : decAt(len, z, zOff, zPos + 1);
+    }
+
+    public static int subWordFrom(int len, int x, int[] z)
+    {
+        long c = (z[0] & M) - (x & M);
+        z[0] = (int)c;
+        c >>= 32;
+        return c == 0 ? 0 : decAt(len, z, 1);
+    }
+
+    public static int subWordFrom(int len, int x, int[] z, int zOff)
+    {
+        long c = (z[zOff + 0] & M) - (x & M);
+        z[zOff + 0] = (int)c;
+        c >>= 32;
+        return c == 0 ? 0 : decAt(len, z, zOff, 1);
+    }
+
+    public static BigInteger toBigInteger(int len, int[] x)
+    {
+        byte[] bs = new byte[len << 2];
+        for (int i = 0; i < len; ++i)
+        {
+            int x_i = x[i];
+            if (x_i != 0)
+            {
+                Pack.intToBigEndian(x_i, bs, (len - 1 - i) << 2);
+            }
+        }
+        return new BigInteger(1, bs);
+    }
+
+    public static void zero(int len, int[] z)
+    {
+        for (int i = 0; i < len; ++i)
+        {
+            z[i] = 0;
+        }
+    }
+
+    public static void zero64(int len, long[] z)
+    {
+        for (int i = 0; i < len; ++i)
+        {
+            z[i] = 0L;
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/raw/Nat192.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/raw/Nat192.java
new file mode 100644
index 0000000..5de04e7
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/raw/Nat192.java

@@ -0,0 +1,1077 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.raw;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.util.Pack;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class Nat192
+{
+    private static final long M = 0xFFFFFFFFL;
+
+    public static int add(int[] x, int[] y, int[] z)
+    {
+        long c = 0;
+        c += (x[0] & M) + (y[0] & M);
+        z[0] = (int)c;
+        c >>>= 32;
+        c += (x[1] & M) + (y[1] & M);
+        z[1] = (int)c;
+        c >>>= 32;
+        c += (x[2] & M) + (y[2] & M);
+        z[2] = (int)c;
+        c >>>= 32;
+        c += (x[3] & M) + (y[3] & M);
+        z[3] = (int)c;
+        c >>>= 32;
+        c += (x[4] & M) + (y[4] & M);
+        z[4] = (int)c;
+        c >>>= 32;
+        c += (x[5] & M) + (y[5] & M);
+        z[5] = (int)c;
+        c >>>= 32;
+        return (int)c;
+    }
+
+    public static int addBothTo(int[] x, int[] y, int[] z)
+    {
+        long c = 0;
+        c += (x[0] & M) + (y[0] & M) + (z[0] & M);
+        z[0] = (int)c;
+        c >>>= 32;
+        c += (x[1] & M) + (y[1] & M) + (z[1] & M);
+        z[1] = (int)c;
+        c >>>= 32;
+        c += (x[2] & M) + (y[2] & M) + (z[2] & M);
+        z[2] = (int)c;
+        c >>>= 32;
+        c += (x[3] & M) + (y[3] & M) + (z[3] & M);
+        z[3] = (int)c;
+        c >>>= 32;
+        c += (x[4] & M) + (y[4] & M) + (z[4] & M);
+        z[4] = (int)c;
+        c >>>= 32;
+        c += (x[5] & M) + (y[5] & M) + (z[5] & M);
+        z[5] = (int)c;
+        c >>>= 32;
+        return (int)c;
+    }
+
+    public static int addTo(int[] x, int[] z)
+    {
+        long c = 0;
+        c += (x[0] & M) + (z[0] & M);
+        z[0] = (int)c;
+        c >>>= 32;
+        c += (x[1] & M) + (z[1] & M);
+        z[1] = (int)c;
+        c >>>= 32;
+        c += (x[2] & M) + (z[2] & M);
+        z[2] = (int)c;
+        c >>>= 32;
+        c += (x[3] & M) + (z[3] & M);
+        z[3] = (int)c;
+        c >>>= 32;
+        c += (x[4] & M) + (z[4] & M);
+        z[4] = (int)c;
+        c >>>= 32;
+        c += (x[5] & M) + (z[5] & M);
+        z[5] = (int)c;
+        c >>>= 32;
+        return (int)c;
+    }
+
+    public static int addTo(int[] x, int xOff, int[] z, int zOff, int cIn)
+    {
+        long c = cIn & M;
+        c += (x[xOff + 0] & M) + (z[zOff + 0] & M);
+        z[zOff + 0] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 1] & M) + (z[zOff + 1] & M);
+        z[zOff + 1] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 2] & M) + (z[zOff + 2] & M);
+        z[zOff + 2] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 3] & M) + (z[zOff + 3] & M);
+        z[zOff + 3] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 4] & M) + (z[zOff + 4] & M);
+        z[zOff + 4] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 5] & M) + (z[zOff + 5] & M);
+        z[zOff + 5] = (int)c;
+        c >>>= 32;
+        return (int)c;
+    }
+
+    public static int addToEachOther(int[] u, int uOff, int[] v, int vOff)
+    {
+        long c = 0;
+        c += (u[uOff + 0] & M) + (v[vOff + 0] & M);
+        u[uOff + 0] = (int)c;
+        v[vOff + 0] = (int)c;
+        c >>>= 32;
+        c += (u[uOff + 1] & M) + (v[vOff + 1] & M);
+        u[uOff + 1] = (int)c;
+        v[vOff + 1] = (int)c;
+        c >>>= 32;
+        c += (u[uOff + 2] & M) + (v[vOff + 2] & M);
+        u[uOff + 2] = (int)c;
+        v[vOff + 2] = (int)c;
+        c >>>= 32;
+        c += (u[uOff + 3] & M) + (v[vOff + 3] & M);
+        u[uOff + 3] = (int)c;
+        v[vOff + 3] = (int)c;
+        c >>>= 32;
+        c += (u[uOff + 4] & M) + (v[vOff + 4] & M);
+        u[uOff + 4] = (int)c;
+        v[vOff + 4] = (int)c;
+        c >>>= 32;
+        c += (u[uOff + 5] & M) + (v[vOff + 5] & M);
+        u[uOff + 5] = (int)c;
+        v[vOff + 5] = (int)c;
+        c >>>= 32;
+        return (int)c;
+    }
+
+    public static void copy(int[] x, int[] z)
+    {
+        z[0] = x[0];
+        z[1] = x[1];
+        z[2] = x[2];
+        z[3] = x[3];
+        z[4] = x[4];
+        z[5] = x[5];
+    }
+
+    public static void copy(int[] x, int xOff, int[] z, int zOff)
+    {
+        z[zOff + 0] = x[xOff + 0];
+        z[zOff + 1] = x[xOff + 1];
+        z[zOff + 2] = x[xOff + 2];
+        z[zOff + 3] = x[xOff + 3];
+        z[zOff + 4] = x[xOff + 4];
+        z[zOff + 5] = x[xOff + 5];
+    }
+
+    public static void copy64(long[] x, long[] z)
+    {
+        z[0] = x[0];
+        z[1] = x[1];
+        z[2] = x[2];
+    }
+
+    public static void copy64(long[] x, int xOff, long[] z, int zOff)
+    {
+        z[zOff + 0] = x[xOff + 0];
+        z[zOff + 1] = x[xOff + 1];
+        z[zOff + 2] = x[xOff + 2];
+    }
+
+    public static int[] create()
+    {
+        return new int[6];
+    }
+
+    public static long[] create64()
+    {
+        return new long[3];
+    }
+
+    public static int[] createExt()
+    {
+        return new int[12];
+    }
+
+    public static long[] createExt64()
+    {
+        return new long[6];
+    }
+
+    public static boolean diff(int[] x, int xOff, int[] y, int yOff, int[] z, int zOff)
+    {
+        boolean pos = gte(x, xOff, y, yOff);
+        if (pos)
+        {
+            sub(x, xOff, y, yOff, z, zOff);
+        }
+        else
+        {
+            sub(y, yOff, x, xOff, z, zOff);
+        }
+        return pos;
+    }
+
+    public static boolean eq(int[] x, int[] y)
+    {
+        for (int i = 5; i >= 0; --i)
+        {
+            if (x[i] != y[i])
+            {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    public static boolean eq64(long[] x, long[] y)
+    {
+        for (int i = 2; i >= 0; --i)
+        {
+            if (x[i] != y[i])
+            {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    public static int[] fromBigInteger(BigInteger x)
+    {
+        if (x.signum() < 0 || x.bitLength() > 192)
+        {
+            throw new IllegalArgumentException();
+        }
+
+        int[] z = create();
+        int i = 0;
+        while (x.signum() != 0)
+        {
+            z[i++] = x.intValue();
+            x = x.shiftRight(32);
+        }
+        return z;
+    }
+
+    public static long[] fromBigInteger64(BigInteger x)
+    {
+        if (x.signum() < 0 || x.bitLength() > 192)
+        {
+            throw new IllegalArgumentException();
+        }
+
+        long[] z = create64();
+        int i = 0;
+        while (x.signum() != 0)
+        {
+            z[i++] = x.longValue();
+            x = x.shiftRight(64);
+        }
+        return z;
+    }
+
+    public static int getBit(int[] x, int bit)
+    {
+        if (bit == 0)
+        {
+            return x[0] & 1;
+        }
+        int w = bit >> 5;
+        if (w < 0 || w >= 6)
+        {
+            return 0;
+        }
+        int b = bit & 31;
+        return (x[w] >>> b) & 1;
+    }
+
+    public static boolean gte(int[] x, int[] y)
+    {
+        for (int i = 5; i >= 0; --i)
+        {
+            int x_i = x[i] ^ Integer.MIN_VALUE;
+            int y_i = y[i] ^ Integer.MIN_VALUE;
+            if (x_i < y_i)
+                return false;
+            if (x_i > y_i)
+                return true;
+        }
+        return true;
+    }
+
+    public static boolean gte(int[] x, int xOff, int[] y, int yOff)
+    {
+        for (int i = 5; i >= 0; --i)
+        {
+            int x_i = x[xOff + i] ^ Integer.MIN_VALUE;
+            int y_i = y[yOff + i] ^ Integer.MIN_VALUE;
+            if (x_i < y_i)
+                return false;
+            if (x_i > y_i)
+                return true;
+        }
+        return true;
+    }
+
+    public static boolean isOne(int[] x)
+    {
+        if (x[0] != 1)
+        {
+            return false;
+        }
+        for (int i = 1; i < 6; ++i)
+        {
+            if (x[i] != 0)
+            {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    public static boolean isOne64(long[] x)
+    {
+        if (x[0] != 1L)
+        {
+            return false;
+        }
+        for (int i = 1; i < 3; ++i)
+        {
+            if (x[i] != 0L)
+            {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    public static boolean isZero(int[] x)
+    {
+        for (int i = 0; i < 6; ++i)
+        {
+            if (x[i] != 0)
+            {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    public static boolean isZero64(long[] x)
+    {
+        for (int i = 0; i < 3; ++i)
+        {
+            if (x[i] != 0L)
+            {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    public static void mul(int[] x, int[] y, int[] zz)
+    {
+        long y_0 = y[0] & M;
+        long y_1 = y[1] & M;
+        long y_2 = y[2] & M;
+        long y_3 = y[3] & M;
+        long y_4 = y[4] & M;
+        long y_5 = y[5] & M;
+
+        {
+            long c = 0, x_0 = x[0] & M;
+            c += x_0 * y_0;
+            zz[0] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_1;
+            zz[1] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_2;
+            zz[2] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_3;
+            zz[3] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_4;
+            zz[4] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_5;
+            zz[5] = (int)c;
+            c >>>= 32;
+            zz[6] = (int)c;
+        }
+
+        for (int i = 1; i < 6; ++i)
+        {
+            long c = 0, x_i = x[i] & M;
+            c += x_i * y_0 + (zz[i + 0] & M);
+            zz[i + 0] = (int)c;
+            c >>>= 32;
+            c += x_i * y_1 + (zz[i + 1] & M);
+            zz[i + 1] = (int)c;
+            c >>>= 32;
+            c += x_i * y_2 + (zz[i + 2] & M);
+            zz[i + 2] = (int)c;
+            c >>>= 32;
+            c += x_i * y_3 + (zz[i + 3] & M);
+            zz[i + 3] = (int)c;
+            c >>>= 32;
+            c += x_i * y_4 + (zz[i + 4] & M);
+            zz[i + 4] = (int)c;
+            c >>>= 32;
+            c += x_i * y_5 + (zz[i + 5] & M);
+            zz[i + 5] = (int)c;
+            c >>>= 32;
+            zz[i + 6] = (int)c;
+        }
+    }
+
+    public static void mul(int[] x, int xOff, int[] y, int yOff, int[] zz, int zzOff)
+    {
+        long y_0 = y[yOff + 0] & M;
+        long y_1 = y[yOff + 1] & M;
+        long y_2 = y[yOff + 2] & M;
+        long y_3 = y[yOff + 3] & M;
+        long y_4 = y[yOff + 4] & M;
+        long y_5 = y[yOff + 5] & M;
+
+        {
+            long c = 0, x_0 = x[xOff + 0] & M;
+            c += x_0 * y_0;
+            zz[zzOff + 0] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_1;
+            zz[zzOff + 1] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_2;
+            zz[zzOff + 2] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_3;
+            zz[zzOff + 3] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_4;
+            zz[zzOff + 4] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_5;
+            zz[zzOff + 5] = (int)c;
+            c >>>= 32;
+            zz[zzOff + 6] = (int)c;
+        }
+
+        for (int i = 1; i < 6; ++i)
+        {
+            ++zzOff;
+            long c = 0, x_i = x[xOff + i] & M;
+            c += x_i * y_0 + (zz[zzOff + 0] & M);
+            zz[zzOff + 0] = (int)c;
+            c >>>= 32;
+            c += x_i * y_1 + (zz[zzOff + 1] & M);
+            zz[zzOff + 1] = (int)c;
+            c >>>= 32;
+            c += x_i * y_2 + (zz[zzOff + 2] & M);
+            zz[zzOff + 2] = (int)c;
+            c >>>= 32;
+            c += x_i * y_3 + (zz[zzOff + 3] & M);
+            zz[zzOff + 3] = (int)c;
+            c >>>= 32;
+            c += x_i * y_4 + (zz[zzOff + 4] & M);
+            zz[zzOff + 4] = (int)c;
+            c >>>= 32;
+            c += x_i * y_5 + (zz[zzOff + 5] & M);
+            zz[zzOff + 5] = (int)c;
+            c >>>= 32;
+            zz[zzOff + 6] = (int)c;
+        }
+    }
+
+    public static int mulAddTo(int[] x, int[] y, int[] zz)
+    {
+        long y_0 = y[0] & M;
+        long y_1 = y[1] & M;
+        long y_2 = y[2] & M;
+        long y_3 = y[3] & M;
+        long y_4 = y[4] & M;
+        long y_5 = y[5] & M;
+
+        long zc = 0;
+        for (int i = 0; i < 6; ++i)
+        {
+            long c = 0, x_i = x[i] & M;
+            c += x_i * y_0 + (zz[i + 0] & M);
+            zz[i + 0] = (int)c;
+            c >>>= 32;
+            c += x_i * y_1 + (zz[i + 1] & M);
+            zz[i + 1] = (int)c;
+            c >>>= 32;
+            c += x_i * y_2 + (zz[i + 2] & M);
+            zz[i + 2] = (int)c;
+            c >>>= 32;
+            c += x_i * y_3 + (zz[i + 3] & M);
+            zz[i + 3] = (int)c;
+            c >>>= 32;
+            c += x_i * y_4 + (zz[i + 4] & M);
+            zz[i + 4] = (int)c;
+            c >>>= 32;
+            c += x_i * y_5 + (zz[i + 5] & M);
+            zz[i + 5] = (int)c;
+            c >>>= 32;
+            c += zc + (zz[i + 6] & M);
+            zz[i + 6] = (int)c;
+            zc = c >>> 32;
+        }
+        return (int)zc;
+    }
+
+    public static int mulAddTo(int[] x, int xOff, int[] y, int yOff, int[] zz, int zzOff)
+    {
+        long y_0 = y[yOff + 0] & M;
+        long y_1 = y[yOff + 1] & M;
+        long y_2 = y[yOff + 2] & M;
+        long y_3 = y[yOff + 3] & M;
+        long y_4 = y[yOff + 4] & M;
+        long y_5 = y[yOff + 5] & M;
+
+        long zc = 0;
+        for (int i = 0; i < 6; ++i)
+        {
+            long c = 0, x_i = x[xOff + i] & M;
+            c += x_i * y_0 + (zz[zzOff + 0] & M);
+            zz[zzOff + 0] = (int)c;
+            c >>>= 32;
+            c += x_i * y_1 + (zz[zzOff + 1] & M);
+            zz[zzOff + 1] = (int)c;
+            c >>>= 32;
+            c += x_i * y_2 + (zz[zzOff + 2] & M);
+            zz[zzOff + 2] = (int)c;
+            c >>>= 32;
+            c += x_i * y_3 + (zz[zzOff + 3] & M);
+            zz[zzOff + 3] = (int)c;
+            c >>>= 32;
+            c += x_i * y_4 + (zz[zzOff + 4] & M);
+            zz[zzOff + 4] = (int)c;
+            c >>>= 32;
+            c += x_i * y_5 + (zz[zzOff + 5] & M);
+            zz[zzOff + 5] = (int)c;
+            c >>>= 32;
+            c += zc + (zz[zzOff + 6] & M);
+            zz[zzOff + 6] = (int)c;
+            zc = c >>> 32;
+            ++zzOff;
+        }
+        return (int)zc;
+    }
+
+    public static long mul33Add(int w, int[] x, int xOff, int[] y, int yOff, int[] z, int zOff)
+    {
+        // assert w >>> 31 == 0;
+
+        long c = 0, wVal = w & M;
+        long x0 = x[xOff + 0] & M;
+        c += wVal * x0 + (y[yOff + 0] & M);
+        z[zOff + 0] = (int)c;
+        c >>>= 32;
+        long x1 = x[xOff + 1] & M;
+        c += wVal * x1 + x0 + (y[yOff + 1] & M);
+        z[zOff + 1] = (int)c;
+        c >>>= 32;
+        long x2 = x[xOff + 2] & M;
+        c += wVal * x2 + x1 + (y[yOff + 2] & M);
+        z[zOff + 2] = (int)c;
+        c >>>= 32;
+        long x3 = x[xOff + 3] & M;
+        c += wVal * x3 + x2 + (y[yOff + 3] & M);
+        z[zOff + 3] = (int)c;
+        c >>>= 32;
+        long x4 = x[xOff + 4] & M;
+        c += wVal * x4 + x3 + (y[yOff + 4] & M);
+        z[zOff + 4] = (int)c;
+        c >>>= 32;
+        long x5 = x[xOff + 5] & M;
+        c += wVal * x5 + x4 + (y[yOff + 5] & M);
+        z[zOff + 5] = (int)c;
+        c >>>= 32;
+        c += x5;
+        return c;
+    }
+
+    public static int mulWordAddExt(int x, int[] yy, int yyOff, int[] zz, int zzOff)
+    {
+        // assert yyOff <= 6;
+        // assert zzOff <= 6;
+        long c = 0, xVal = x & M;
+        c += xVal * (yy[yyOff + 0] & M) + (zz[zzOff + 0] & M);
+        zz[zzOff + 0] = (int)c;
+        c >>>= 32;
+        c += xVal * (yy[yyOff + 1] & M) + (zz[zzOff + 1] & M);
+        zz[zzOff + 1] = (int)c;
+        c >>>= 32;
+        c += xVal * (yy[yyOff + 2] & M) + (zz[zzOff + 2] & M);
+        zz[zzOff + 2] = (int)c;
+        c >>>= 32;
+        c += xVal * (yy[yyOff + 3] & M) + (zz[zzOff + 3] & M);
+        zz[zzOff + 3] = (int)c;
+        c >>>= 32;
+        c += xVal * (yy[yyOff + 4] & M) + (zz[zzOff + 4] & M);
+        zz[zzOff + 4] = (int)c;
+        c >>>= 32;
+        c += xVal * (yy[yyOff + 5] & M) + (zz[zzOff + 5] & M);
+        zz[zzOff + 5] = (int)c;
+        c >>>= 32;
+        return (int)c;
+    }
+
+    public static int mul33DWordAdd(int x, long y, int[] z, int zOff)
+    {
+        // assert x >>> 31 == 0;
+        // assert zOff <= 2;
+
+        long c = 0, xVal = x & M;
+        long y00 = y & M;
+        c += xVal * y00 + (z[zOff + 0] & M);
+        z[zOff + 0] = (int)c;
+        c >>>= 32;
+        long y01 = y >>> 32;
+        c += xVal * y01 + y00 + (z[zOff + 1] & M);
+        z[zOff + 1] = (int)c;
+        c >>>= 32;
+        c += y01 + (z[zOff + 2] & M);
+        z[zOff + 2] = (int)c;
+        c >>>= 32;
+        c += (z[zOff + 3] & M);
+        z[zOff + 3] = (int)c;
+        c >>>= 32;
+        return c == 0 ? 0 : Nat.incAt(6, z, zOff, 4);
+    }
+
+    public static int mul33WordAdd(int x, int y, int[] z, int zOff)
+    {
+        // assert x >>> 31 == 0;
+        // assert zOff <= 3;
+
+        long c = 0, xVal = x & M, yVal = y & M;
+        c += yVal * xVal + (z[zOff + 0] & M);
+        z[zOff + 0] = (int)c;
+        c >>>= 32;
+        c += yVal + (z[zOff + 1] & M);
+        z[zOff + 1] = (int)c;
+        c >>>= 32;
+        c += (z[zOff + 2] & M);
+        z[zOff + 2] = (int)c;
+        c >>>= 32;
+        return c == 0 ? 0 : Nat.incAt(6, z, zOff, 3);
+    }
+
+    public static int mulWordDwordAdd(int x, long y, int[] z, int zOff)
+    {
+        // assert zOff <= 3;
+        long c = 0, xVal = x & M;
+        c += xVal * (y & M) + (z[zOff + 0] & M);
+        z[zOff + 0] = (int)c;
+        c >>>= 32;
+        c += xVal * (y >>> 32) + (z[zOff + 1] & M);
+        z[zOff + 1] = (int)c;
+        c >>>= 32;
+        c += (z[zOff + 2] & M);
+        z[zOff + 2] = (int)c;
+        c >>>= 32;
+        return c == 0 ? 0 : Nat.incAt(6, z, zOff, 3);
+    }
+
+    public static int mulWord(int x, int[] y, int[] z, int zOff)
+    {
+        long c = 0, xVal = x & M;
+        int i = 0;
+        do
+        {
+            c += xVal * (y[i] & M);
+            z[zOff + i] = (int)c;
+            c >>>= 32;
+        }
+        while (++i < 6);
+        return (int)c;
+    }
+
+    public static void square(int[] x, int[] zz)
+    {
+        long x_0 = x[0] & M;
+        long zz_1;
+
+        int c = 0, w;
+        {
+            int i = 5, j = 12;
+            do
+            {
+                long xVal = (x[i--] & M);
+                long p = xVal * xVal;
+                zz[--j] = (c << 31) | (int)(p >>> 33);
+                zz[--j] = (int)(p >>> 1);
+                c = (int)p;
+            }
+            while (i > 0);
+
+            {
+                long p = x_0 * x_0;
+                zz_1 = ((c << 31) & M) | (p >>> 33);
+                zz[0] = (int)p;
+                c = (int)(p >>> 32) & 1;
+            }
+        }
+
+        long x_1 = x[1] & M;
+        long zz_2 = zz[2] & M;
+
+        {
+            zz_1 += x_1 * x_0;
+            w = (int)zz_1;
+            zz[1] = (w << 1) | c;
+            c = w >>> 31;
+            zz_2 += zz_1 >>> 32;
+        }
+
+        long x_2 = x[2] & M;
+        long zz_3 = zz[3] & M;
+        long zz_4 = zz[4] & M;
+        {
+            zz_2 += x_2 * x_0;
+            w = (int)zz_2;
+            zz[2] = (w << 1) | c;
+            c = w >>> 31;
+            zz_3 += (zz_2 >>> 32) + x_2 * x_1;
+            zz_4 += zz_3 >>> 32;
+            zz_3 &= M;
+        }
+
+        long x_3 = x[3] & M;
+        long zz_5 = (zz[5] & M) + (zz_4 >>> 32); zz_4 &= M;
+        long zz_6 = (zz[6] & M) + (zz_5 >>> 32); zz_5 &= M;
+        {
+            zz_3 += x_3 * x_0;
+            w = (int)zz_3;
+            zz[3] = (w << 1) | c;
+            c = w >>> 31;
+            zz_4 += (zz_3 >>> 32) + x_3 * x_1;
+            zz_5 += (zz_4 >>> 32) + x_3 * x_2;
+            zz_4 &= M;
+            zz_6 += zz_5 >>> 32;
+            zz_5 &= M;
+        }
+
+        long x_4 = x[4] & M;
+        long zz_7 = (zz[7] & M) + (zz_6 >>> 32); zz_6 &= M;
+        long zz_8 = (zz[8] & M) + (zz_7 >>> 32); zz_7 &= M;
+        {
+            zz_4 += x_4 * x_0;
+            w = (int)zz_4;
+            zz[4] = (w << 1) | c;
+            c = w >>> 31;
+            zz_5 += (zz_4 >>> 32) + x_4 * x_1;
+            zz_6 += (zz_5 >>> 32) + x_4 * x_2;
+            zz_5 &= M;
+            zz_7 += (zz_6 >>> 32) + x_4 * x_3;
+            zz_6 &= M;
+            zz_8 += zz_7 >>> 32;
+            zz_7 &= M;
+        }
+
+        long x_5 = x[5] & M;
+        long zz_9 = (zz[9] & M) + (zz_8 >>> 32); zz_8 &= M;
+        long zz_10 = (zz[10] & M) + (zz_9 >>> 32); zz_9 &= M;
+        {
+            zz_5 += x_5 * x_0;
+            w = (int)zz_5;
+            zz[5] = (w << 1) | c;
+            c = w >>> 31;
+            zz_6 += (zz_5 >>> 32) + x_5 * x_1;
+            zz_7 += (zz_6 >>> 32) + x_5 * x_2;
+            zz_8 += (zz_7 >>> 32) + x_5 * x_3;
+            zz_9 += (zz_8 >>> 32) + x_5 * x_4;
+            zz_10 += zz_9 >>> 32;
+        }
+
+        w = (int)zz_6;
+        zz[6] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_7;
+        zz[7] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_8;
+        zz[8] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_9;
+        zz[9] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_10;
+        zz[10] = (w << 1) | c;
+        c = w >>> 31;
+        w = zz[11] + (int)(zz_10 >>> 32);
+        zz[11] = (w << 1) | c;
+    }
+
+    public static void square(int[] x, int xOff, int[] zz, int zzOff)
+    {
+        long x_0 = x[xOff + 0] & M;
+        long zz_1;
+
+        int c = 0, w;
+        {
+            int i = 5, j = 12;
+            do
+            {
+                long xVal = (x[xOff + i--] & M);
+                long p = xVal * xVal;
+                zz[zzOff + --j] = (c << 31) | (int)(p >>> 33);
+                zz[zzOff + --j] = (int)(p >>> 1);
+                c = (int)p;
+            }
+            while (i > 0);
+
+            {
+                long p = x_0 * x_0;
+                zz_1 = ((c << 31) & M) | (p >>> 33);
+                zz[zzOff + 0] = (int)p;
+                c = (int)(p >>> 32) & 1;
+            }
+        }
+
+        long x_1 = x[xOff + 1] & M;
+        long zz_2 = zz[zzOff + 2] & M;
+
+        {
+            zz_1 += x_1 * x_0;
+            w = (int)zz_1;
+            zz[zzOff + 1] = (w << 1) | c;
+            c = w >>> 31;
+            zz_2 += zz_1 >>> 32;
+        }
+
+        long x_2 = x[xOff + 2] & M;
+        long zz_3 = zz[zzOff + 3] & M;
+        long zz_4 = zz[zzOff + 4] & M;
+        {
+            zz_2 += x_2 * x_0;
+            w = (int)zz_2;
+            zz[zzOff + 2] = (w << 1) | c;
+            c = w >>> 31;
+            zz_3 += (zz_2 >>> 32) + x_2 * x_1;
+            zz_4 += zz_3 >>> 32;
+            zz_3 &= M;
+        }
+
+        long x_3 = x[xOff + 3] & M;
+        long zz_5 = (zz[zzOff + 5] & M) + (zz_4 >>> 32); zz_4 &= M;
+        long zz_6 = (zz[zzOff + 6] & M) + (zz_5 >>> 32); zz_5 &= M;
+        {
+            zz_3 += x_3 * x_0;
+            w = (int)zz_3;
+            zz[zzOff + 3] = (w << 1) | c;
+            c = w >>> 31;
+            zz_4 += (zz_3 >>> 32) + x_3 * x_1;
+            zz_5 += (zz_4 >>> 32) + x_3 * x_2;
+            zz_4 &= M;
+            zz_6 += zz_5 >>> 32;
+            zz_5 &= M;
+        }
+
+        long x_4 = x[xOff + 4] & M;
+        long zz_7 = (zz[zzOff + 7] & M) + (zz_6 >>> 32); zz_6 &= M;
+        long zz_8 = (zz[zzOff + 8] & M) + (zz_7 >>> 32); zz_7 &= M;
+        {
+            zz_4 += x_4 * x_0;
+            w = (int)zz_4;
+            zz[zzOff + 4] = (w << 1) | c;
+            c = w >>> 31;
+            zz_5 += (zz_4 >>> 32) + x_4 * x_1;
+            zz_6 += (zz_5 >>> 32) + x_4 * x_2;
+            zz_5 &= M;
+            zz_7 += (zz_6 >>> 32) + x_4 * x_3;
+            zz_6 &= M;
+            zz_8 += zz_7 >>> 32;
+            zz_7 &= M;
+        }
+
+        long x_5 = x[xOff + 5] & M;
+        long zz_9 = (zz[zzOff + 9] & M) + (zz_8 >>> 32); zz_8 &= M;
+        long zz_10 = (zz[zzOff + 10] & M) + (zz_9 >>> 32); zz_9 &= M;
+        {
+            zz_5 += x_5 * x_0;
+            w = (int)zz_5;
+            zz[zzOff + 5] = (w << 1) | c;
+            c = w >>> 31;
+            zz_6 += (zz_5 >>> 32) + x_5 * x_1;
+            zz_7 += (zz_6 >>> 32) + x_5 * x_2;
+            zz_8 += (zz_7 >>> 32) + x_5 * x_3;
+            zz_9 += (zz_8 >>> 32) + x_5 * x_4;
+            zz_10 += zz_9 >>> 32;
+        }
+
+        w = (int)zz_6;
+        zz[zzOff + 6] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_7;
+        zz[zzOff + 7] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_8;
+        zz[zzOff + 8] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_9;
+        zz[zzOff + 9] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_10;
+        zz[zzOff + 10] = (w << 1) | c;
+        c = w >>> 31;
+        w = zz[zzOff + 11] + (int)(zz_10 >>> 32);
+        zz[zzOff + 11] = (w << 1) | c;
+    }
+
+    public static int sub(int[] x, int[] y, int[] z)
+    {
+        long c = 0;
+        c += (x[0] & M) - (y[0] & M);
+        z[0] = (int)c;
+        c >>= 32;
+        c += (x[1] & M) - (y[1] & M);
+        z[1] = (int)c;
+        c >>= 32;
+        c += (x[2] & M) - (y[2] & M);
+        z[2] = (int)c;
+        c >>= 32;
+        c += (x[3] & M) - (y[3] & M);
+        z[3] = (int)c;
+        c >>= 32;
+        c += (x[4] & M) - (y[4] & M);
+        z[4] = (int)c;
+        c >>= 32;
+        c += (x[5] & M) - (y[5] & M);
+        z[5] = (int)c;
+        c >>= 32;
+        return (int)c;
+    }
+
+    public static int sub(int[] x, int xOff, int[] y, int yOff, int[] z, int zOff)
+    {
+        long c = 0;
+        c += (x[xOff + 0] & M) - (y[yOff + 0] & M);
+        z[zOff + 0] = (int)c;
+        c >>= 32;
+        c += (x[xOff + 1] & M) - (y[yOff + 1] & M);
+        z[zOff + 1] = (int)c;
+        c >>= 32;
+        c += (x[xOff + 2] & M) - (y[yOff + 2] & M);
+        z[zOff + 2] = (int)c;
+        c >>= 32;
+        c += (x[xOff + 3] & M) - (y[yOff + 3] & M);
+        z[zOff + 3] = (int)c;
+        c >>= 32;
+        c += (x[xOff + 4] & M) - (y[yOff + 4] & M);
+        z[zOff + 4] = (int)c;
+        c >>= 32;
+        c += (x[xOff + 5] & M) - (y[yOff + 5] & M);
+        z[zOff + 5] = (int)c;
+        c >>= 32;
+        return (int)c;
+    }
+
+    public static int subBothFrom(int[] x, int[] y, int[] z)
+    {
+        long c = 0;
+        c += (z[0] & M) - (x[0] & M) - (y[0] & M);
+        z[0] = (int)c;
+        c >>= 32;
+        c += (z[1] & M) - (x[1] & M) - (y[1] & M);
+        z[1] = (int)c;
+        c >>= 32;
+        c += (z[2] & M) - (x[2] & M) - (y[2] & M);
+        z[2] = (int)c;
+        c >>= 32;
+        c += (z[3] & M) - (x[3] & M) - (y[3] & M);
+        z[3] = (int)c;
+        c >>= 32;
+        c += (z[4] & M) - (x[4] & M) - (y[4] & M);
+        z[4] = (int)c;
+        c >>= 32;
+        c += (z[5] & M) - (x[5] & M) - (y[5] & M);
+        z[5] = (int)c;
+        c >>= 32;
+        return (int)c;
+    }
+
+    public static int subFrom(int[] x, int[] z)
+    {
+        long c = 0;
+        c += (z[0] & M) - (x[0] & M);
+        z[0] = (int)c;
+        c >>= 32;
+        c += (z[1] & M) - (x[1] & M);
+        z[1] = (int)c;
+        c >>= 32;
+        c += (z[2] & M) - (x[2] & M);
+        z[2] = (int)c;
+        c >>= 32;
+        c += (z[3] & M) - (x[3] & M);
+        z[3] = (int)c;
+        c >>= 32;
+        c += (z[4] & M) - (x[4] & M);
+        z[4] = (int)c;
+        c >>= 32;
+        c += (z[5] & M) - (x[5] & M);
+        z[5] = (int)c;
+        c >>= 32;
+        return (int)c;
+    }
+
+    public static int subFrom(int[] x, int xOff, int[] z, int zOff)
+    {
+        long c = 0;
+        c += (z[zOff + 0] & M) - (x[xOff + 0] & M);
+        z[zOff + 0] = (int)c;
+        c >>= 32;
+        c += (z[zOff + 1] & M) - (x[xOff + 1] & M);
+        z[zOff + 1] = (int)c;
+        c >>= 32;
+        c += (z[zOff + 2] & M) - (x[xOff + 2] & M);
+        z[zOff + 2] = (int)c;
+        c >>= 32;
+        c += (z[zOff + 3] & M) - (x[xOff + 3] & M);
+        z[zOff + 3] = (int)c;
+        c >>= 32;
+        c += (z[zOff + 4] & M) - (x[xOff + 4] & M);
+        z[zOff + 4] = (int)c;
+        c >>= 32;
+        c += (z[zOff + 5] & M) - (x[xOff + 5] & M);
+        z[zOff + 5] = (int)c;
+        c >>= 32;
+        return (int)c;
+    }
+
+    public static BigInteger toBigInteger(int[] x)
+    {
+        byte[] bs = new byte[24];
+        for (int i = 0; i < 6; ++i)
+        {
+            int x_i = x[i];
+            if (x_i != 0)
+            {
+                Pack.intToBigEndian(x_i, bs, (5 - i) << 2);
+            }
+        }
+        return new BigInteger(1, bs);
+    }
+
+    public static BigInteger toBigInteger64(long[] x)
+    {
+        byte[] bs = new byte[24];
+        for (int i = 0; i < 3; ++i)
+        {
+            long x_i = x[i];
+            if (x_i != 0L)
+            {
+                Pack.longToBigEndian(x_i, bs, (2 - i) << 3);
+            }
+        }
+        return new BigInteger(1, bs);
+    }
+
+    public static void zero(int[] z)
+    {
+        z[0] = 0;
+        z[1] = 0;
+        z[2] = 0;
+        z[3] = 0;
+        z[4] = 0;
+        z[5] = 0;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/raw/Nat224.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/raw/Nat224.java
new file mode 100644
index 0000000..f4f0ac8
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/raw/Nat224.java

@@ -0,0 +1,1197 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.raw;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.util.Pack;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class Nat224
+{
+    private static final long M = 0xFFFFFFFFL;
+
+    public static int add(int[] x, int[] y, int[] z)
+    {
+        long c = 0;
+        c += (x[0] & M) + (y[0] & M);
+        z[0] = (int)c;
+        c >>>= 32;
+        c += (x[1] & M) + (y[1] & M);
+        z[1] = (int)c;
+        c >>>= 32;
+        c += (x[2] & M) + (y[2] & M);
+        z[2] = (int)c;
+        c >>>= 32;
+        c += (x[3] & M) + (y[3] & M);
+        z[3] = (int)c;
+        c >>>= 32;
+        c += (x[4] & M) + (y[4] & M);
+        z[4] = (int)c;
+        c >>>= 32;
+        c += (x[5] & M) + (y[5] & M);
+        z[5] = (int)c;
+        c >>>= 32;
+        c += (x[6] & M) + (y[6] & M);
+        z[6] = (int)c;
+        c >>>= 32;
+        return (int)c;
+    }
+
+    public static int add(int[] x, int xOff, int[] y, int yOff, int[] z, int zOff)
+    {
+        long c = 0;
+        c += (x[xOff + 0] & M) + (y[yOff + 0] & M);
+        z[zOff + 0] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 1] & M) + (y[yOff + 1] & M);
+        z[zOff + 1] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 2] & M) + (y[yOff + 2] & M);
+        z[zOff + 2] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 3] & M) + (y[yOff + 3] & M);
+        z[zOff + 3] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 4] & M) + (y[yOff + 4] & M);
+        z[zOff + 4] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 5] & M) + (y[yOff + 5] & M);
+        z[zOff + 5] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 6] & M) + (y[yOff + 6] & M);
+        z[zOff + 6] = (int)c;
+        c >>>= 32;
+        return (int)c;
+    }
+
+    public static int addBothTo(int[] x, int[] y, int[] z)
+    {
+        long c = 0;
+        c += (x[0] & M) + (y[0] & M) + (z[0] & M);
+        z[0] = (int)c;
+        c >>>= 32;
+        c += (x[1] & M) + (y[1] & M) + (z[1] & M);
+        z[1] = (int)c;
+        c >>>= 32;
+        c += (x[2] & M) + (y[2] & M) + (z[2] & M);
+        z[2] = (int)c;
+        c >>>= 32;
+        c += (x[3] & M) + (y[3] & M) + (z[3] & M);
+        z[3] = (int)c;
+        c >>>= 32;
+        c += (x[4] & M) + (y[4] & M) + (z[4] & M);
+        z[4] = (int)c;
+        c >>>= 32;
+        c += (x[5] & M) + (y[5] & M) + (z[5] & M);
+        z[5] = (int)c;
+        c >>>= 32;
+        c += (x[6] & M) + (y[6] & M) + (z[6] & M);
+        z[6] = (int)c;
+        c >>>= 32;
+        return (int)c;
+    }
+
+    public static int addBothTo(int[] x, int xOff, int[] y, int yOff, int[] z, int zOff)
+    {
+        long c = 0;
+        c += (x[xOff + 0] & M) + (y[yOff + 0] & M) + (z[zOff + 0] & M);
+        z[zOff + 0] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 1] & M) + (y[yOff + 1] & M) + (z[zOff + 1] & M);
+        z[zOff + 1] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 2] & M) + (y[yOff + 2] & M) + (z[zOff + 2] & M);
+        z[zOff + 2] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 3] & M) + (y[yOff + 3] & M) + (z[zOff + 3] & M);
+        z[zOff + 3] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 4] & M) + (y[yOff + 4] & M) + (z[zOff + 4] & M);
+        z[zOff + 4] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 5] & M) + (y[yOff + 5] & M) + (z[zOff + 5] & M);
+        z[zOff + 5] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 6] & M) + (y[yOff + 6] & M) + (z[zOff + 6] & M);
+        z[zOff + 6] = (int)c;
+        c >>>= 32;
+        return (int)c;
+    }
+
+    public static int addTo(int[] x, int[] z)
+    {
+        long c = 0;
+        c += (x[0] & M) + (z[0] & M);
+        z[0] = (int)c;
+        c >>>= 32;
+        c += (x[1] & M) + (z[1] & M);
+        z[1] = (int)c;
+        c >>>= 32;
+        c += (x[2] & M) + (z[2] & M);
+        z[2] = (int)c;
+        c >>>= 32;
+        c += (x[3] & M) + (z[3] & M);
+        z[3] = (int)c;
+        c >>>= 32;
+        c += (x[4] & M) + (z[4] & M);
+        z[4] = (int)c;
+        c >>>= 32;
+        c += (x[5] & M) + (z[5] & M);
+        z[5] = (int)c;
+        c >>>= 32;
+        c += (x[6] & M) + (z[6] & M);
+        z[6] = (int)c;
+        c >>>= 32;
+        return (int)c;
+    }
+
+    public static int addTo(int[] x, int xOff, int[] z, int zOff, int cIn)
+    {
+        long c = cIn & M;
+        c += (x[xOff + 0] & M) + (z[zOff + 0] & M);
+        z[zOff + 0] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 1] & M) + (z[zOff + 1] & M);
+        z[zOff + 1] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 2] & M) + (z[zOff + 2] & M);
+        z[zOff + 2] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 3] & M) + (z[zOff + 3] & M);
+        z[zOff + 3] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 4] & M) + (z[zOff + 4] & M);
+        z[zOff + 4] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 5] & M) + (z[zOff + 5] & M);
+        z[zOff + 5] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 6] & M) + (z[zOff + 6] & M);
+        z[zOff + 6] = (int)c;
+        c >>>= 32;
+        return (int)c;
+    }
+
+    public static int addToEachOther(int[] u, int uOff, int[] v, int vOff)
+    {
+        long c = 0;
+        c += (u[uOff + 0] & M) + (v[vOff + 0] & M);
+        u[uOff + 0] = (int)c;
+        v[vOff + 0] = (int)c;
+        c >>>= 32;
+        c += (u[uOff + 1] & M) + (v[vOff + 1] & M);
+        u[uOff + 1] = (int)c;
+        v[vOff + 1] = (int)c;
+        c >>>= 32;
+        c += (u[uOff + 2] & M) + (v[vOff + 2] & M);
+        u[uOff + 2] = (int)c;
+        v[vOff + 2] = (int)c;
+        c >>>= 32;
+        c += (u[uOff + 3] & M) + (v[vOff + 3] & M);
+        u[uOff + 3] = (int)c;
+        v[vOff + 3] = (int)c;
+        c >>>= 32;
+        c += (u[uOff + 4] & M) + (v[vOff + 4] & M);
+        u[uOff + 4] = (int)c;
+        v[vOff + 4] = (int)c;
+        c >>>= 32;
+        c += (u[uOff + 5] & M) + (v[vOff + 5] & M);
+        u[uOff + 5] = (int)c;
+        v[vOff + 5] = (int)c;
+        c >>>= 32;
+        c += (u[uOff + 6] & M) + (v[vOff + 6] & M);
+        u[uOff + 6] = (int)c;
+        v[vOff + 6] = (int)c;
+        c >>>= 32;
+        return (int)c;
+    }
+
+    public static void copy(int[] x, int[] z)
+    {
+        z[0] = x[0];
+        z[1] = x[1];
+        z[2] = x[2];
+        z[3] = x[3];
+        z[4] = x[4];
+        z[5] = x[5];
+        z[6] = x[6];
+    }
+
+    public static void copy(int[] x, int xOff, int[] z, int zOff)
+    {
+        z[zOff + 0] = x[xOff + 0];
+        z[zOff + 1] = x[xOff + 1];
+        z[zOff + 2] = x[xOff + 2];
+        z[zOff + 3] = x[xOff + 3];
+        z[zOff + 4] = x[xOff + 4];
+        z[zOff + 5] = x[xOff + 5];
+        z[zOff + 6] = x[xOff + 6];
+    }
+
+    public static int[] create()
+    {
+        return new int[7];
+    }
+
+    public static int[] createExt()
+    {
+        return new int[14];
+    }
+
+    public static boolean diff(int[] x, int xOff, int[] y, int yOff, int[] z, int zOff)
+    {
+        boolean pos = gte(x, xOff, y, yOff);
+        if (pos)
+        {
+            sub(x, xOff, y, yOff, z, zOff);
+        }
+        else
+        {
+            sub(y, yOff, x, xOff, z, zOff);
+        }
+        return pos;
+    }
+
+    public static boolean eq(int[] x, int[] y)
+    {
+        for (int i = 6; i >= 0; --i)
+        {
+            if (x[i] != y[i])
+            {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    public static int[] fromBigInteger(BigInteger x)
+    {
+        if (x.signum() < 0 || x.bitLength() > 224)
+        {
+            throw new IllegalArgumentException();
+        }
+
+        int[] z = create();
+        int i = 0;
+        while (x.signum() != 0)
+        {
+            z[i++] = x.intValue();
+            x = x.shiftRight(32);
+        }
+        return z;
+    }
+
+    public static int getBit(int[] x, int bit)
+    {
+        if (bit == 0)
+        {
+            return x[0] & 1;
+        }
+        int w = bit >> 5;
+        if (w < 0 || w >= 7)
+        {
+            return 0;
+        }
+        int b = bit & 31;
+        return (x[w] >>> b) & 1;
+    }
+
+    public static boolean gte(int[] x, int[] y)
+    {
+        for (int i = 6; i >= 0; --i)
+        {
+            int x_i = x[i] ^ Integer.MIN_VALUE;
+            int y_i = y[i] ^ Integer.MIN_VALUE;
+            if (x_i < y_i)
+                return false;
+            if (x_i > y_i)
+                return true;
+        }
+        return true;
+    }
+
+    public static boolean gte(int[] x, int xOff, int[] y, int yOff)
+    {
+        for (int i = 6; i >= 0; --i)
+        {
+            int x_i = x[xOff + i] ^ Integer.MIN_VALUE;
+            int y_i = y[yOff + i] ^ Integer.MIN_VALUE;
+            if (x_i < y_i)
+                return false;
+            if (x_i > y_i)
+                return true;
+        }
+        return true;
+    }
+
+    public static boolean isOne(int[] x)
+    {
+        if (x[0] != 1)
+        {
+            return false;
+        }
+        for (int i = 1; i < 7; ++i)
+        {
+            if (x[i] != 0)
+            {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    public static boolean isZero(int[] x)
+    {
+        for (int i = 0; i < 7; ++i)
+        {
+            if (x[i] != 0)
+            {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    public static void mul(int[] x, int[] y, int[] zz)
+    {
+        long y_0 = y[0] & M;
+        long y_1 = y[1] & M;
+        long y_2 = y[2] & M;
+        long y_3 = y[3] & M;
+        long y_4 = y[4] & M;
+        long y_5 = y[5] & M;
+        long y_6 = y[6] & M;
+
+        {
+            long c = 0, x_0 = x[0] & M;
+            c += x_0 * y_0;
+            zz[0] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_1;
+            zz[1] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_2;
+            zz[2] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_3;
+            zz[3] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_4;
+            zz[4] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_5;
+            zz[5] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_6;
+            zz[6] = (int)c;
+            c >>>= 32;
+            zz[7] = (int)c;
+        }
+
+        for (int i = 1; i < 7; ++i)
+        {
+            long c = 0, x_i = x[i] & M;
+            c += x_i * y_0 + (zz[i + 0] & M);
+            zz[i + 0] = (int)c;
+            c >>>= 32;
+            c += x_i * y_1 + (zz[i + 1] & M);
+            zz[i + 1] = (int)c;
+            c >>>= 32;
+            c += x_i * y_2 + (zz[i + 2] & M);
+            zz[i + 2] = (int)c;
+            c >>>= 32;
+            c += x_i * y_3 + (zz[i + 3] & M);
+            zz[i + 3] = (int)c;
+            c >>>= 32;
+            c += x_i * y_4 + (zz[i + 4] & M);
+            zz[i + 4] = (int)c;
+            c >>>= 32;
+            c += x_i * y_5 + (zz[i + 5] & M);
+            zz[i + 5] = (int)c;
+            c >>>= 32;
+            c += x_i * y_6 + (zz[i + 6] & M);
+            zz[i + 6] = (int)c;
+            c >>>= 32;
+            zz[i + 7] = (int)c;
+        }
+    }
+
+    public static void mul(int[] x, int xOff, int[] y, int yOff, int[] zz, int zzOff)
+    {
+        long y_0 = y[yOff + 0] & M;
+        long y_1 = y[yOff + 1] & M;
+        long y_2 = y[yOff + 2] & M;
+        long y_3 = y[yOff + 3] & M;
+        long y_4 = y[yOff + 4] & M;
+        long y_5 = y[yOff + 5] & M;
+        long y_6 = y[yOff + 6] & M;
+
+        {
+            long c = 0, x_0 = x[xOff + 0] & M;
+            c += x_0 * y_0;
+            zz[zzOff + 0] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_1;
+            zz[zzOff + 1] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_2;
+            zz[zzOff + 2] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_3;
+            zz[zzOff + 3] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_4;
+            zz[zzOff + 4] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_5;
+            zz[zzOff + 5] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_6;
+            zz[zzOff + 6] = (int)c;
+            c >>>= 32;
+            zz[zzOff + 7] = (int)c;
+        }
+
+        for (int i = 1; i < 7; ++i)
+        {
+            ++zzOff;
+            long c = 0, x_i = x[xOff + i] & M;
+            c += x_i * y_0 + (zz[zzOff + 0] & M);
+            zz[zzOff + 0] = (int)c;
+            c >>>= 32;
+            c += x_i * y_1 + (zz[zzOff + 1] & M);
+            zz[zzOff + 1] = (int)c;
+            c >>>= 32;
+            c += x_i * y_2 + (zz[zzOff + 2] & M);
+            zz[zzOff + 2] = (int)c;
+            c >>>= 32;
+            c += x_i * y_3 + (zz[zzOff + 3] & M);
+            zz[zzOff + 3] = (int)c;
+            c >>>= 32;
+            c += x_i * y_4 + (zz[zzOff + 4] & M);
+            zz[zzOff + 4] = (int)c;
+            c >>>= 32;
+            c += x_i * y_5 + (zz[zzOff + 5] & M);
+            zz[zzOff + 5] = (int)c;
+            c >>>= 32;
+            c += x_i * y_6 + (zz[zzOff + 6] & M);
+            zz[zzOff + 6] = (int)c;
+            c >>>= 32;
+            zz[zzOff + 7] = (int)c;
+        }
+    }
+
+    public static int mulAddTo(int[] x, int[] y, int[] zz)
+    {
+        long y_0 = y[0] & M;
+        long y_1 = y[1] & M;
+        long y_2 = y[2] & M;
+        long y_3 = y[3] & M;
+        long y_4 = y[4] & M;
+        long y_5 = y[5] & M;
+        long y_6 = y[6] & M;
+
+        long zc = 0;
+        for (int i = 0; i < 7; ++i)
+        {
+            long c = 0, x_i = x[i] & M;
+            c += x_i * y_0 + (zz[i + 0] & M);
+            zz[i + 0] = (int)c;
+            c >>>= 32;
+            c += x_i * y_1 + (zz[i + 1] & M);
+            zz[i + 1] = (int)c;
+            c >>>= 32;
+            c += x_i * y_2 + (zz[i + 2] & M);
+            zz[i + 2] = (int)c;
+            c >>>= 32;
+            c += x_i * y_3 + (zz[i + 3] & M);
+            zz[i + 3] = (int)c;
+            c >>>= 32;
+            c += x_i * y_4 + (zz[i + 4] & M);
+            zz[i + 4] = (int)c;
+            c >>>= 32;
+            c += x_i * y_5 + (zz[i + 5] & M);
+            zz[i + 5] = (int)c;
+            c >>>= 32;
+            c += x_i * y_6 + (zz[i + 6] & M);
+            zz[i + 6] = (int)c;
+            c >>>= 32;
+            c += zc + (zz[i + 7] & M);
+            zz[i + 7] = (int)c;
+            zc = c >>> 32;
+        }
+        return (int)zc;
+    }
+
+    public static int mulAddTo(int[] x, int xOff, int[] y, int yOff, int[] zz, int zzOff)
+    {
+        long y_0 = y[yOff + 0] & M;
+        long y_1 = y[yOff + 1] & M;
+        long y_2 = y[yOff + 2] & M;
+        long y_3 = y[yOff + 3] & M;
+        long y_4 = y[yOff + 4] & M;
+        long y_5 = y[yOff + 5] & M;
+        long y_6 = y[yOff + 6] & M;
+
+        long zc = 0;
+        for (int i = 0; i < 7; ++i)
+        {
+            long c = 0, x_i = x[xOff + i] & M;
+            c += x_i * y_0 + (zz[zzOff + 0] & M);
+            zz[zzOff + 0] = (int)c;
+            c >>>= 32;
+            c += x_i * y_1 + (zz[zzOff + 1] & M);
+            zz[zzOff + 1] = (int)c;
+            c >>>= 32;
+            c += x_i * y_2 + (zz[zzOff + 2] & M);
+            zz[zzOff + 2] = (int)c;
+            c >>>= 32;
+            c += x_i * y_3 + (zz[zzOff + 3] & M);
+            zz[zzOff + 3] = (int)c;
+            c >>>= 32;
+            c += x_i * y_4 + (zz[zzOff + 4] & M);
+            zz[zzOff + 4] = (int)c;
+            c >>>= 32;
+            c += x_i * y_5 + (zz[zzOff + 5] & M);
+            zz[zzOff + 5] = (int)c;
+            c >>>= 32;
+            c += x_i * y_6 + (zz[zzOff + 6] & M);
+            zz[zzOff + 6] = (int)c;
+            c >>>= 32;
+            c += zc + (zz[zzOff + 7] & M);
+            zz[zzOff + 7] = (int)c;
+            zc = c >>> 32;
+            ++zzOff;
+        }
+        return (int)zc;
+    }
+
+    public static long mul33Add(int w, int[] x, int xOff, int[] y, int yOff, int[] z, int zOff)
+    {
+        // assert w >>> 31 == 0;
+
+        long c = 0, wVal = w & M;
+        long x0 = x[xOff + 0] & M;
+        c += wVal * x0 + (y[yOff + 0] & M);
+        z[zOff + 0] = (int)c;
+        c >>>= 32;
+        long x1 = x[xOff + 1] & M;
+        c += wVal * x1 + x0 + (y[yOff + 1] & M);
+        z[zOff + 1] = (int)c;
+        c >>>= 32;
+        long x2 = x[xOff + 2] & M;
+        c += wVal * x2 + x1 + (y[yOff + 2] & M);
+        z[zOff + 2] = (int)c;
+        c >>>= 32;
+        long x3 = x[xOff + 3] & M;
+        c += wVal * x3 + x2 + (y[yOff + 3] & M);
+        z[zOff + 3] = (int)c;
+        c >>>= 32;
+        long x4 = x[xOff + 4] & M;
+        c += wVal * x4 + x3 + (y[yOff + 4] & M);
+        z[zOff + 4] = (int)c;
+        c >>>= 32;
+        long x5 = x[xOff + 5] & M;
+        c += wVal * x5 + x4 + (y[yOff + 5] & M);
+        z[zOff + 5] = (int)c;
+        c >>>= 32;
+        long x6 = x[xOff + 6] & M;
+        c += wVal * x6 + x5 + (y[yOff + 6] & M);
+        z[zOff + 6] = (int)c;
+        c >>>= 32;
+        c += x6;
+        return c;
+    }
+
+    public static int mulByWord(int x, int[] z)
+    {
+        long c = 0, xVal = x & M;
+        c += xVal * (z[0] & M);
+        z[0] = (int)c;
+        c >>>= 32;
+        c += xVal * (z[1] & M);
+        z[1] = (int)c;
+        c >>>= 32;
+        c += xVal * (z[2] & M);
+        z[2] = (int)c;
+        c >>>= 32;
+        c += xVal * (z[3] & M);
+        z[3] = (int)c;
+        c >>>= 32;
+        c += xVal * (z[4] & M);
+        z[4] = (int)c;
+        c >>>= 32;
+        c += xVal * (z[5] & M);
+        z[5] = (int)c;
+        c >>>= 32;
+        c += xVal * (z[6] & M);
+        z[6] = (int)c;
+        c >>>= 32;
+        return (int)c;
+    }
+
+    public static int mulByWordAddTo(int x, int[] y, int[] z)
+    {
+        long c = 0, xVal = x & M;
+        c += xVal * (z[0] & M) + (y[0] & M);
+        z[0] = (int)c;
+        c >>>= 32;
+        c += xVal * (z[1] & M) + (y[1] & M);
+        z[1] = (int)c;
+        c >>>= 32;
+        c += xVal * (z[2] & M) + (y[2] & M);
+        z[2] = (int)c;
+        c >>>= 32;
+        c += xVal * (z[3] & M) + (y[3] & M);
+        z[3] = (int)c;
+        c >>>= 32;
+        c += xVal * (z[4] & M) + (y[4] & M);
+        z[4] = (int)c;
+        c >>>= 32;
+        c += xVal * (z[5] & M) + (y[5] & M);
+        z[5] = (int)c;
+        c >>>= 32;
+        c += xVal * (z[6] & M) + (y[6] & M);
+        z[6] = (int)c;
+        c >>>= 32;
+        return (int)c;
+    }
+
+    public static int mulWordAddTo(int x, int[] y, int yOff, int[] z, int zOff)
+    {
+        long c = 0, xVal = x & M;
+        c += xVal * (y[yOff + 0] & M) + (z[zOff + 0] & M);
+        z[zOff + 0] = (int)c;
+        c >>>= 32;
+        c += xVal * (y[yOff + 1] & M) + (z[zOff + 1] & M);
+        z[zOff + 1] = (int)c;
+        c >>>= 32;
+        c += xVal * (y[yOff + 2] & M) + (z[zOff + 2] & M);
+        z[zOff + 2] = (int)c;
+        c >>>= 32;
+        c += xVal * (y[yOff + 3] & M) + (z[zOff + 3] & M);
+        z[zOff + 3] = (int)c;
+        c >>>= 32;
+        c += xVal * (y[yOff + 4] & M) + (z[zOff + 4] & M);
+        z[zOff + 4] = (int)c;
+        c >>>= 32;
+        c += xVal * (y[yOff + 5] & M) + (z[zOff + 5] & M);
+        z[zOff + 5] = (int)c;
+        c >>>= 32;
+        c += xVal * (y[yOff + 6] & M) + (z[zOff + 6] & M);
+        z[zOff + 6] = (int)c;
+        c >>>= 32;
+        return (int)c;
+    }
+
+    public static int mul33DWordAdd(int x, long y, int[] z, int zOff)
+    {
+        // assert x >>> 31 == 0;
+        // assert zOff <= 3;
+
+        long c = 0, xVal = x & M;
+        long y00 = y & M;
+        c += xVal * y00 + (z[zOff + 0] & M);
+        z[zOff + 0] = (int)c;
+        c >>>= 32;
+        long y01 = y >>> 32;
+        c += xVal * y01 + y00 + (z[zOff + 1] & M);
+        z[zOff + 1] = (int)c;
+        c >>>= 32;
+        c += y01 + (z[zOff + 2] & M);
+        z[zOff + 2] = (int)c;
+        c >>>= 32;
+        c += (z[zOff + 3] & M);
+        z[zOff + 3] = (int)c;
+        c >>>= 32;
+        return c == 0 ? 0 : Nat.incAt(7, z, zOff, 4);
+    }
+
+    public static int mul33WordAdd(int x, int y, int[] z, int zOff)
+    {
+        // assert x >>> 31 == 0;
+        // assert zOff <= 4;
+
+        long c = 0, xVal = x & M, yVal = y & M;
+        c += yVal * xVal + (z[zOff + 0] & M);
+        z[zOff + 0] = (int)c;
+        c >>>= 32;
+        c += yVal + (z[zOff + 1] & M);
+        z[zOff + 1] = (int)c;
+        c >>>= 32;
+        c += (z[zOff + 2] & M);
+        z[zOff + 2] = (int)c;
+        c >>>= 32;
+        return c == 0 ? 0 : Nat.incAt(7, z, zOff, 3);
+    }
+
+    public static int mulWordDwordAdd(int x, long y, int[] z, int zOff)
+    {
+        // assert zOff <= 4;
+        long c = 0, xVal = x & M;
+        c += xVal * (y & M) + (z[zOff + 0] & M);
+        z[zOff + 0] = (int)c;
+        c >>>= 32;
+        c += xVal * (y >>> 32) + (z[zOff + 1] & M);
+        z[zOff + 1] = (int)c;
+        c >>>= 32;
+        c += (z[zOff + 2] & M);
+        z[zOff + 2] = (int)c;
+        c >>>= 32;
+        return c == 0 ? 0 : Nat.incAt(7, z, zOff, 3);
+    }
+
+    public static int mulWord(int x, int[] y, int[] z, int zOff)
+    {
+        long c = 0, xVal = x & M;
+        int i = 0;
+        do
+        {
+            c += xVal * (y[i] & M);
+            z[zOff + i] = (int)c;
+            c >>>= 32;
+        }
+        while (++i < 7);
+        return (int)c;
+    }
+
+    public static void square(int[] x, int[] zz)
+    {
+        long x_0 = x[0] & M;
+        long zz_1;
+
+        int c = 0, w;
+        {
+            int i = 6, j = 14;
+            do
+            {
+                long xVal = (x[i--] & M);
+                long p = xVal * xVal;
+                zz[--j] = (c << 31) | (int)(p >>> 33);
+                zz[--j] = (int)(p >>> 1);
+                c = (int)p;
+            }
+            while (i > 0);
+
+            {
+                long p = x_0 * x_0;
+                zz_1 = ((c << 31) & M) | (p >>> 33);
+                zz[0] = (int)p;
+                c = (int)(p >>> 32) & 1;
+            }
+        }
+
+        long x_1 = x[1] & M;
+        long zz_2 = zz[2] & M;
+
+        {
+            zz_1 += x_1 * x_0;
+            w = (int)zz_1;
+            zz[1] = (w << 1) | c;
+            c = w >>> 31;
+            zz_2 += zz_1 >>> 32;
+        }
+
+        long x_2 = x[2] & M;
+        long zz_3 = zz[3] & M;
+        long zz_4 = zz[4] & M;
+        {
+            zz_2 += x_2 * x_0;
+            w = (int)zz_2;
+            zz[2] = (w << 1) | c;
+            c = w >>> 31;
+            zz_3 += (zz_2 >>> 32) + x_2 * x_1;
+            zz_4 += zz_3 >>> 32;
+            zz_3 &= M;
+        }
+
+        long x_3 = x[3] & M;
+        long zz_5 = (zz[5] & M) + (zz_4 >>> 32); zz_4 &= M;
+        long zz_6 = (zz[6] & M) + (zz_5 >>> 32); zz_5 &= M;
+        {
+            zz_3 += x_3 * x_0;
+            w = (int)zz_3;
+            zz[3] = (w << 1) | c;
+            c = w >>> 31;
+            zz_4 += (zz_3 >>> 32) + x_3 * x_1;
+            zz_5 += (zz_4 >>> 32) + x_3 * x_2;
+            zz_4 &= M;
+            zz_6 += zz_5 >>> 32;
+            zz_5 &= M;
+        }
+
+        long x_4 = x[4] & M;
+        long zz_7 = (zz[7] & M) + (zz_6 >>> 32); zz_6 &= M;
+        long zz_8 = (zz[8] & M) + (zz_7 >>> 32); zz_7 &= M;
+        {
+            zz_4 += x_4 * x_0;
+            w = (int)zz_4;
+            zz[4] = (w << 1) | c;
+            c = w >>> 31;
+            zz_5 += (zz_4 >>> 32) + x_4 * x_1;
+            zz_6 += (zz_5 >>> 32) + x_4 * x_2;
+            zz_5 &= M;
+            zz_7 += (zz_6 >>> 32) + x_4 * x_3;
+            zz_6 &= M;
+            zz_8 += zz_7 >>> 32;
+            zz_7 &= M;
+        }
+
+        long x_5 = x[5] & M;
+        long zz_9 = (zz[9] & M) + (zz_8 >>> 32); zz_8 &= M;
+        long zz_10 = (zz[10] & M) + (zz_9 >>> 32); zz_9 &= M;
+        {
+            zz_5 += x_5 * x_0;
+            w = (int)zz_5;
+            zz[5] = (w << 1) | c;
+            c = w >>> 31;
+            zz_6 += (zz_5 >>> 32) + x_5 * x_1;
+            zz_7 += (zz_6 >>> 32) + x_5 * x_2;
+            zz_6 &= M;
+            zz_8 += (zz_7 >>> 32) + x_5 * x_3;
+            zz_7 &= M;
+            zz_9 += (zz_8 >>> 32) + x_5 * x_4;
+            zz_8 &= M;
+            zz_10 += zz_9 >>> 32;
+            zz_9 &= M;
+        }
+
+        long x_6 = x[6] & M;
+        long zz_11 = (zz[11] & M) + (zz_10 >>> 32); zz_10 &= M;
+        long zz_12 = (zz[12] & M) + (zz_11 >>> 32); zz_11 &= M;
+        {
+            zz_6 += x_6 * x_0;
+            w = (int)zz_6;
+            zz[6] = (w << 1) | c;
+            c = w >>> 31;
+            zz_7 += (zz_6 >>> 32) + x_6 * x_1;
+            zz_8 += (zz_7 >>> 32) + x_6 * x_2;
+            zz_9 += (zz_8 >>> 32) + x_6 * x_3;
+            zz_10 += (zz_9 >>> 32) + x_6 * x_4;
+            zz_11 += (zz_10 >>> 32) + x_6 * x_5;
+            zz_12 += zz_11 >>> 32;
+        }
+
+        w = (int)zz_7;
+        zz[7] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_8;
+        zz[8] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_9;
+        zz[9] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_10;
+        zz[10] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_11;
+        zz[11] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_12;
+        zz[12] = (w << 1) | c;
+        c = w >>> 31;
+        w = zz[13] + (int)(zz_12 >>> 32);
+        zz[13] = (w << 1) | c;
+    }
+
+    public static void square(int[] x, int xOff, int[] zz, int zzOff)
+    {
+        long x_0 = x[xOff + 0] & M;
+        long zz_1;
+
+        int c = 0, w;
+        {
+            int i = 6, j = 14;
+            do
+            {
+                long xVal = (x[xOff + i--] & M);
+                long p = xVal * xVal;
+                zz[zzOff + --j] = (c << 31) | (int)(p >>> 33);
+                zz[zzOff + --j] = (int)(p >>> 1);
+                c = (int)p;
+            }
+            while (i > 0);
+
+            {
+                long p = x_0 * x_0;
+                zz_1 = ((c << 31) & M) | (p >>> 33);
+                zz[zzOff + 0] = (int)p;
+                c = (int)(p >>> 32) & 1;
+            }
+        }
+
+        long x_1 = x[xOff + 1] & M;
+        long zz_2 = zz[zzOff + 2] & M;
+
+        {
+            zz_1 += x_1 * x_0;
+            w = (int)zz_1;
+            zz[zzOff + 1] = (w << 1) | c;
+            c = w >>> 31;
+            zz_2 += zz_1 >>> 32;
+        }
+
+        long x_2 = x[xOff + 2] & M;
+        long zz_3 = zz[zzOff + 3] & M;
+        long zz_4 = zz[zzOff + 4] & M;
+        {
+            zz_2 += x_2 * x_0;
+            w = (int)zz_2;
+            zz[zzOff + 2] = (w << 1) | c;
+            c = w >>> 31;
+            zz_3 += (zz_2 >>> 32) + x_2 * x_1;
+            zz_4 += zz_3 >>> 32;
+            zz_3 &= M;
+        }
+
+        long x_3 = x[xOff + 3] & M;
+        long zz_5 = (zz[zzOff + 5] & M) + (zz_4 >>> 32); zz_4 &= M;
+        long zz_6 = (zz[zzOff + 6] & M) + (zz_5 >>> 32); zz_5 &= M;
+        {
+            zz_3 += x_3 * x_0;
+            w = (int)zz_3;
+            zz[zzOff + 3] = (w << 1) | c;
+            c = w >>> 31;
+            zz_4 += (zz_3 >>> 32) + x_3 * x_1;
+            zz_5 += (zz_4 >>> 32) + x_3 * x_2;
+            zz_4 &= M;
+            zz_6 += zz_5 >>> 32;
+            zz_5 &= M;
+        }
+
+        long x_4 = x[xOff + 4] & M;
+        long zz_7 = (zz[zzOff + 7] & M) + (zz_6 >>> 32); zz_6 &= M;
+        long zz_8 = (zz[zzOff + 8] & M) + (zz_7 >>> 32); zz_7 &= M;
+        {
+            zz_4 += x_4 * x_0;
+            w = (int)zz_4;
+            zz[zzOff + 4] = (w << 1) | c;
+            c = w >>> 31;
+            zz_5 += (zz_4 >>> 32) + x_4 * x_1;
+            zz_6 += (zz_5 >>> 32) + x_4 * x_2;
+            zz_5 &= M;
+            zz_7 += (zz_6 >>> 32) + x_4 * x_3;
+            zz_6 &= M;
+            zz_8 += zz_7 >>> 32;
+            zz_7 &= M;
+        }
+
+        long x_5 = x[xOff + 5] & M;
+        long zz_9 = (zz[zzOff + 9] & M) + (zz_8 >>> 32); zz_8 &= M;
+        long zz_10 = (zz[zzOff + 10] & M) + (zz_9 >>> 32); zz_9 &= M;
+        {
+            zz_5 += x_5 * x_0;
+            w = (int)zz_5;
+            zz[zzOff + 5] = (w << 1) | c;
+            c = w >>> 31;
+            zz_6 += (zz_5 >>> 32) + x_5 * x_1;
+            zz_7 += (zz_6 >>> 32) + x_5 * x_2;
+            zz_6 &= M;
+            zz_8 += (zz_7 >>> 32) + x_5 * x_3;
+            zz_7 &= M;
+            zz_9 += (zz_8 >>> 32) + x_5 * x_4;
+            zz_8 &= M;
+            zz_10 += zz_9 >>> 32;
+            zz_9 &= M;
+        }
+
+        long x_6 = x[xOff + 6] & M;
+        long zz_11 = (zz[zzOff + 11] & M) + (zz_10 >>> 32); zz_10 &= M;
+        long zz_12 = (zz[zzOff + 12] & M) + (zz_11 >>> 32); zz_11 &= M;
+        {
+            zz_6 += x_6 * x_0;
+            w = (int)zz_6;
+            zz[zzOff + 6] = (w << 1) | c;
+            c = w >>> 31;
+            zz_7 += (zz_6 >>> 32) + x_6 * x_1;
+            zz_8 += (zz_7 >>> 32) + x_6 * x_2;
+            zz_9 += (zz_8 >>> 32) + x_6 * x_3;
+            zz_10 += (zz_9 >>> 32) + x_6 * x_4;
+            zz_11 += (zz_10 >>> 32) + x_6 * x_5;
+            zz_12 += zz_11 >>> 32;
+        }
+
+        w = (int)zz_7;
+        zz[zzOff + 7] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_8;
+        zz[zzOff + 8] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_9;
+        zz[zzOff + 9] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_10;
+        zz[zzOff + 10] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_11;
+        zz[zzOff + 11] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_12;
+        zz[zzOff + 12] = (w << 1) | c;
+        c = w >>> 31;
+        w = zz[zzOff + 13] + (int)(zz_12 >>> 32);
+        zz[zzOff + 13] = (w << 1) | c;
+    }
+
+    public static int sub(int[] x, int[] y, int[] z)
+    {
+        long c = 0;
+        c += (x[0] & M) - (y[0] & M);
+        z[0] = (int)c;
+        c >>= 32;
+        c += (x[1] & M) - (y[1] & M);
+        z[1] = (int)c;
+        c >>= 32;
+        c += (x[2] & M) - (y[2] & M);
+        z[2] = (int)c;
+        c >>= 32;
+        c += (x[3] & M) - (y[3] & M);
+        z[3] = (int)c;
+        c >>= 32;
+        c += (x[4] & M) - (y[4] & M);
+        z[4] = (int)c;
+        c >>= 32;
+        c += (x[5] & M) - (y[5] & M);
+        z[5] = (int)c;
+        c >>= 32;
+        c += (x[6] & M) - (y[6] & M);
+        z[6] = (int)c;
+        c >>= 32;
+        return (int)c;
+    }
+
+    public static int sub(int[] x, int xOff, int[] y, int yOff, int[] z, int zOff)
+    {
+        long c = 0;
+        c += (x[xOff + 0] & M) - (y[yOff + 0] & M);
+        z[zOff + 0] = (int)c;
+        c >>= 32;
+        c += (x[xOff + 1] & M) - (y[yOff + 1] & M);
+        z[zOff + 1] = (int)c;
+        c >>= 32;
+        c += (x[xOff + 2] & M) - (y[yOff + 2] & M);
+        z[zOff + 2] = (int)c;
+        c >>= 32;
+        c += (x[xOff + 3] & M) - (y[yOff + 3] & M);
+        z[zOff + 3] = (int)c;
+        c >>= 32;
+        c += (x[xOff + 4] & M) - (y[yOff + 4] & M);
+        z[zOff + 4] = (int)c;
+        c >>= 32;
+        c += (x[xOff + 5] & M) - (y[yOff + 5] & M);
+        z[zOff + 5] = (int)c;
+        c >>= 32;
+        c += (x[xOff + 6] & M) - (y[yOff + 6] & M);
+        z[zOff + 6] = (int)c;
+        c >>= 32;
+        return (int)c;
+    }
+
+    public static int subBothFrom(int[] x, int[] y, int[] z)
+    {
+        long c = 0;
+        c += (z[0] & M) - (x[0] & M) - (y[0] & M);
+        z[0] = (int)c;
+        c >>= 32;
+        c += (z[1] & M) - (x[1] & M) - (y[1] & M);
+        z[1] = (int)c;
+        c >>= 32;
+        c += (z[2] & M) - (x[2] & M) - (y[2] & M);
+        z[2] = (int)c;
+        c >>= 32;
+        c += (z[3] & M) - (x[3] & M) - (y[3] & M);
+        z[3] = (int)c;
+        c >>= 32;
+        c += (z[4] & M) - (x[4] & M) - (y[4] & M);
+        z[4] = (int)c;
+        c >>= 32;
+        c += (z[5] & M) - (x[5] & M) - (y[5] & M);
+        z[5] = (int)c;
+        c >>= 32;
+        c += (z[6] & M) - (x[6] & M) - (y[6] & M);
+        z[6] = (int)c;
+        c >>= 32;
+        return (int)c;
+    }
+
+    public static int subFrom(int[] x, int[] z)
+    {
+        long c = 0;
+        c += (z[0] & M) - (x[0] & M);
+        z[0] = (int)c;
+        c >>= 32;
+        c += (z[1] & M) - (x[1] & M);
+        z[1] = (int)c;
+        c >>= 32;
+        c += (z[2] & M) - (x[2] & M);
+        z[2] = (int)c;
+        c >>= 32;
+        c += (z[3] & M) - (x[3] & M);
+        z[3] = (int)c;
+        c >>= 32;
+        c += (z[4] & M) - (x[4] & M);
+        z[4] = (int)c;
+        c >>= 32;
+        c += (z[5] & M) - (x[5] & M);
+        z[5] = (int)c;
+        c >>= 32;
+        c += (z[6] & M) - (x[6] & M);
+        z[6] = (int)c;
+        c >>= 32;
+        return (int)c;
+    }
+
+    public static int subFrom(int[] x, int xOff, int[] z, int zOff)
+    {
+        long c = 0;
+        c += (z[zOff + 0] & M) - (x[xOff + 0] & M);
+        z[zOff + 0] = (int)c;
+        c >>= 32;
+        c += (z[zOff + 1] & M) - (x[xOff + 1] & M);
+        z[zOff + 1] = (int)c;
+        c >>= 32;
+        c += (z[zOff + 2] & M) - (x[xOff + 2] & M);
+        z[zOff + 2] = (int)c;
+        c >>= 32;
+        c += (z[zOff + 3] & M) - (x[xOff + 3] & M);
+        z[zOff + 3] = (int)c;
+        c >>= 32;
+        c += (z[zOff + 4] & M) - (x[xOff + 4] & M);
+        z[zOff + 4] = (int)c;
+        c >>= 32;
+        c += (z[zOff + 5] & M) - (x[xOff + 5] & M);
+        z[zOff + 5] = (int)c;
+        c >>= 32;
+        c += (z[zOff + 6] & M) - (x[xOff + 6] & M);
+        z[zOff + 6] = (int)c;
+        c >>= 32;
+        return (int)c;
+    }
+
+    public static BigInteger toBigInteger(int[] x)
+    {
+        byte[] bs = new byte[28];
+        for (int i = 0; i < 7; ++i)
+        {
+            int x_i = x[i];
+            if (x_i != 0)
+            {
+                Pack.intToBigEndian(x_i, bs, (6 - i) << 2);
+            }
+        }
+        return new BigInteger(1, bs);
+    }
+
+    public static void zero(int[] z)
+    {
+        z[0] = 0;
+        z[1] = 0;
+        z[2] = 0;
+        z[3] = 0;
+        z[4] = 0;
+        z[5] = 0;
+        z[6] = 0;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/raw/Nat256.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/raw/Nat256.java
new file mode 100644
index 0000000..fb946e3
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/raw/Nat256.java

@@ -0,0 +1,1419 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.raw;
+
+import java.math.BigInteger;
+
+import com.android.org.bouncycastle.util.Pack;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class Nat256
+{
+    private static final long M = 0xFFFFFFFFL;
+
+    public static int add(int[] x, int[] y, int[] z)
+    {
+        long c = 0;
+        c += (x[0] & M) + (y[0] & M);
+        z[0] = (int)c;
+        c >>>= 32;
+        c += (x[1] & M) + (y[1] & M);
+        z[1] = (int)c;
+        c >>>= 32;
+        c += (x[2] & M) + (y[2] & M);
+        z[2] = (int)c;
+        c >>>= 32;
+        c += (x[3] & M) + (y[3] & M);
+        z[3] = (int)c;
+        c >>>= 32;
+        c += (x[4] & M) + (y[4] & M);
+        z[4] = (int)c;
+        c >>>= 32;
+        c += (x[5] & M) + (y[5] & M);
+        z[5] = (int)c;
+        c >>>= 32;
+        c += (x[6] & M) + (y[6] & M);
+        z[6] = (int)c;
+        c >>>= 32;
+        c += (x[7] & M) + (y[7] & M);
+        z[7] = (int)c;
+        c >>>= 32;
+        return (int)c;
+    }
+
+    public static int add(int[] x, int xOff, int[] y, int yOff, int[] z, int zOff)
+    {
+        long c = 0;
+        c += (x[xOff + 0] & M) + (y[yOff + 0] & M);
+        z[zOff + 0] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 1] & M) + (y[yOff + 1] & M);
+        z[zOff + 1] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 2] & M) + (y[yOff + 2] & M);
+        z[zOff + 2] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 3] & M) + (y[yOff + 3] & M);
+        z[zOff + 3] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 4] & M) + (y[yOff + 4] & M);
+        z[zOff + 4] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 5] & M) + (y[yOff + 5] & M);
+        z[zOff + 5] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 6] & M) + (y[yOff + 6] & M);
+        z[zOff + 6] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 7] & M) + (y[yOff + 7] & M);
+        z[zOff + 7] = (int)c;
+        c >>>= 32;
+        return (int)c;
+    }
+
+    public static int addBothTo(int[] x, int[] y, int[] z)
+    {
+        long c = 0;
+        c += (x[0] & M) + (y[0] & M) + (z[0] & M);
+        z[0] = (int)c;
+        c >>>= 32;
+        c += (x[1] & M) + (y[1] & M) + (z[1] & M);
+        z[1] = (int)c;
+        c >>>= 32;
+        c += (x[2] & M) + (y[2] & M) + (z[2] & M);
+        z[2] = (int)c;
+        c >>>= 32;
+        c += (x[3] & M) + (y[3] & M) + (z[3] & M);
+        z[3] = (int)c;
+        c >>>= 32;
+        c += (x[4] & M) + (y[4] & M) + (z[4] & M);
+        z[4] = (int)c;
+        c >>>= 32;
+        c += (x[5] & M) + (y[5] & M) + (z[5] & M);
+        z[5] = (int)c;
+        c >>>= 32;
+        c += (x[6] & M) + (y[6] & M) + (z[6] & M);
+        z[6] = (int)c;
+        c >>>= 32;
+        c += (x[7] & M) + (y[7] & M) + (z[7] & M);
+        z[7] = (int)c;
+        c >>>= 32;
+        return (int)c;
+    }
+
+    public static int addBothTo(int[] x, int xOff, int[] y, int yOff, int[] z, int zOff)
+    {
+        long c = 0;
+        c += (x[xOff + 0] & M) + (y[yOff + 0] & M) + (z[zOff + 0] & M);
+        z[zOff + 0] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 1] & M) + (y[yOff + 1] & M) + (z[zOff + 1] & M);
+        z[zOff + 1] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 2] & M) + (y[yOff + 2] & M) + (z[zOff + 2] & M);
+        z[zOff + 2] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 3] & M) + (y[yOff + 3] & M) + (z[zOff + 3] & M);
+        z[zOff + 3] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 4] & M) + (y[yOff + 4] & M) + (z[zOff + 4] & M);
+        z[zOff + 4] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 5] & M) + (y[yOff + 5] & M) + (z[zOff + 5] & M);
+        z[zOff + 5] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 6] & M) + (y[yOff + 6] & M) + (z[zOff + 6] & M);
+        z[zOff + 6] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 7] & M) + (y[yOff + 7] & M) + (z[zOff + 7] & M);
+        z[zOff + 7] = (int)c;
+        c >>>= 32;
+        return (int)c;
+    }
+
+    public static int addTo(int[] x, int[] z)
+    {
+        long c = 0;
+        c += (x[0] & M) + (z[0] & M);
+        z[0] = (int)c;
+        c >>>= 32;
+        c += (x[1] & M) + (z[1] & M);
+        z[1] = (int)c;
+        c >>>= 32;
+        c += (x[2] & M) + (z[2] & M);
+        z[2] = (int)c;
+        c >>>= 32;
+        c += (x[3] & M) + (z[3] & M);
+        z[3] = (int)c;
+        c >>>= 32;
+        c += (x[4] & M) + (z[4] & M);
+        z[4] = (int)c;
+        c >>>= 32;
+        c += (x[5] & M) + (z[5] & M);
+        z[5] = (int)c;
+        c >>>= 32;
+        c += (x[6] & M) + (z[6] & M);
+        z[6] = (int)c;
+        c >>>= 32;
+        c += (x[7] & M) + (z[7] & M);
+        z[7] = (int)c;
+        c >>>= 32;
+        return (int)c;
+    }
+
+    public static int addTo(int[] x, int xOff, int[] z, int zOff, int cIn)
+    {
+        long c = cIn & M;
+        c += (x[xOff + 0] & M) + (z[zOff + 0] & M);
+        z[zOff + 0] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 1] & M) + (z[zOff + 1] & M);
+        z[zOff + 1] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 2] & M) + (z[zOff + 2] & M);
+        z[zOff + 2] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 3] & M) + (z[zOff + 3] & M);
+        z[zOff + 3] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 4] & M) + (z[zOff + 4] & M);
+        z[zOff + 4] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 5] & M) + (z[zOff + 5] & M);
+        z[zOff + 5] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 6] & M) + (z[zOff + 6] & M);
+        z[zOff + 6] = (int)c;
+        c >>>= 32;
+        c += (x[xOff + 7] & M) + (z[zOff + 7] & M);
+        z[zOff + 7] = (int)c;
+        c >>>= 32;
+        return (int)c;
+    }
+
+    public static int addToEachOther(int[] u, int uOff, int[] v, int vOff)
+    {
+        long c = 0;
+        c += (u[uOff + 0] & M) + (v[vOff + 0] & M);
+        u[uOff + 0] = (int)c;
+        v[vOff + 0] = (int)c;
+        c >>>= 32;
+        c += (u[uOff + 1] & M) + (v[vOff + 1] & M);
+        u[uOff + 1] = (int)c;
+        v[vOff + 1] = (int)c;
+        c >>>= 32;
+        c += (u[uOff + 2] & M) + (v[vOff + 2] & M);
+        u[uOff + 2] = (int)c;
+        v[vOff + 2] = (int)c;
+        c >>>= 32;
+        c += (u[uOff + 3] & M) + (v[vOff + 3] & M);
+        u[uOff + 3] = (int)c;
+        v[vOff + 3] = (int)c;
+        c >>>= 32;
+        c += (u[uOff + 4] & M) + (v[vOff + 4] & M);
+        u[uOff + 4] = (int)c;
+        v[vOff + 4] = (int)c;
+        c >>>= 32;
+        c += (u[uOff + 5] & M) + (v[vOff + 5] & M);
+        u[uOff + 5] = (int)c;
+        v[vOff + 5] = (int)c;
+        c >>>= 32;
+        c += (u[uOff + 6] & M) + (v[vOff + 6] & M);
+        u[uOff + 6] = (int)c;
+        v[vOff + 6] = (int)c;
+        c >>>= 32;
+        c += (u[uOff + 7] & M) + (v[vOff + 7] & M);
+        u[uOff + 7] = (int)c;
+        v[vOff + 7] = (int)c;
+        c >>>= 32;
+        return (int)c;
+    }
+
+    public static void copy(int[] x, int[] z)
+    {
+        z[0] = x[0];
+        z[1] = x[1];
+        z[2] = x[2];
+        z[3] = x[3];
+        z[4] = x[4];
+        z[5] = x[5];
+        z[6] = x[6];
+        z[7] = x[7];
+    }
+
+    public static void copy(int[] x, int xOff, int[] z, int zOff)
+    {
+        z[zOff + 0] = x[xOff + 0];
+        z[zOff + 1] = x[xOff + 1];
+        z[zOff + 2] = x[xOff + 2];
+        z[zOff + 3] = x[xOff + 3];
+        z[zOff + 4] = x[xOff + 4];
+        z[zOff + 5] = x[xOff + 5];
+        z[zOff + 6] = x[xOff + 6];
+        z[zOff + 7] = x[xOff + 7];
+    }
+
+    public static void copy64(long[] x, long[] z)
+    {
+        z[0] = x[0];
+        z[1] = x[1];
+        z[2] = x[2];
+        z[3] = x[3];
+    }
+
+    public static void copy64(long[] x, int xOff, long[] z, int zOff)
+    {
+        z[zOff + 0] = x[xOff + 0];
+        z[zOff + 1] = x[xOff + 1];
+        z[zOff + 2] = x[xOff + 2];
+        z[zOff + 3] = x[xOff + 3];
+    }
+
+    public static int[] create()
+    {
+        return new int[8];
+    }
+
+    public static long[] create64()
+    {
+        return new long[4];
+    }
+
+    public static int[] createExt()
+    {
+        return new int[16];
+    }
+
+    public static long[] createExt64()
+    {
+        return new long[8];
+    }
+
+    public static boolean diff(int[] x, int xOff, int[] y, int yOff, int[] z, int zOff)
+    {
+        boolean pos = gte(x, xOff, y, yOff);
+        if (pos)
+        {
+            sub(x, xOff, y, yOff, z, zOff);
+        }
+        else
+        {
+            sub(y, yOff, x, xOff, z, zOff);
+        }
+        return pos;
+    }
+
+    public static boolean eq(int[] x, int[] y)
+    {
+        for (int i = 7; i >= 0; --i)
+        {
+            if (x[i] != y[i])
+            {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    public static boolean eq64(long[] x, long[] y)
+    {
+        for (int i = 3; i >= 0; --i)
+        {
+            if (x[i] != y[i])
+            {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    public static int[] fromBigInteger(BigInteger x)
+    {
+        if (x.signum() < 0 || x.bitLength() > 256)
+        {
+            throw new IllegalArgumentException();
+        }
+
+        int[] z = create();
+        int i = 0;
+        while (x.signum() != 0)
+        {
+            z[i++] = x.intValue();
+            x = x.shiftRight(32);
+        }
+        return z;
+    }
+
+    public static long[] fromBigInteger64(BigInteger x)
+    {
+        if (x.signum() < 0 || x.bitLength() > 256)
+        {
+            throw new IllegalArgumentException();
+        }
+
+        long[] z = create64();
+        int i = 0;
+        while (x.signum() != 0)
+        {
+            z[i++] = x.longValue();
+            x = x.shiftRight(64);
+        }
+        return z;
+    }
+
+    public static int getBit(int[] x, int bit)
+    {
+        if (bit == 0)
+        {
+            return x[0] & 1;
+        }
+        if ((bit & 255) != bit)
+        {
+            return 0;
+        }
+        int w = bit >>> 5;
+        int b = bit & 31;
+        return (x[w] >>> b) & 1;
+    }
+
+    public static boolean gte(int[] x, int[] y)
+    {
+        for (int i = 7; i >= 0; --i)
+        {
+            int x_i = x[i] ^ Integer.MIN_VALUE;
+            int y_i = y[i] ^ Integer.MIN_VALUE;
+            if (x_i < y_i)
+                return false;
+            if (x_i > y_i)
+                return true;
+        }
+        return true;
+    }
+
+    public static boolean gte(int[] x, int xOff, int[] y, int yOff)
+    {
+        for (int i = 7; i >= 0; --i)
+        {
+            int x_i = x[xOff + i] ^ Integer.MIN_VALUE;
+            int y_i = y[yOff + i] ^ Integer.MIN_VALUE;
+            if (x_i < y_i)
+                return false;
+            if (x_i > y_i)
+                return true;
+        }
+        return true;
+    }
+
+    public static boolean isOne(int[] x)
+    {
+        if (x[0] != 1)
+        {
+            return false;
+        }
+        for (int i = 1; i < 8; ++i)
+        {
+            if (x[i] != 0)
+            {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    public static boolean isOne64(long[] x)
+    {
+        if (x[0] != 1L)
+        {
+            return false;
+        }
+        for (int i = 1; i < 4; ++i)
+        {
+            if (x[i] != 0L)
+            {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    public static boolean isZero(int[] x)
+    {
+        for (int i = 0; i < 8; ++i)
+        {
+            if (x[i] != 0)
+            {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    public static boolean isZero64(long[] x)
+    {
+        for (int i = 0; i < 4; ++i)
+        {
+            if (x[i] != 0L)
+            {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    public static void mul(int[] x, int[] y, int[] zz)
+    {
+        long y_0 = y[0] & M;
+        long y_1 = y[1] & M;
+        long y_2 = y[2] & M;
+        long y_3 = y[3] & M;
+        long y_4 = y[4] & M;
+        long y_5 = y[5] & M;
+        long y_6 = y[6] & M;
+        long y_7 = y[7] & M;
+
+        {
+            long c = 0, x_0 = x[0] & M;
+            c += x_0 * y_0;
+            zz[0] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_1;
+            zz[1] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_2;
+            zz[2] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_3;
+            zz[3] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_4;
+            zz[4] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_5;
+            zz[5] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_6;
+            zz[6] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_7;
+            zz[7] = (int)c;
+            c >>>= 32;
+            zz[8] = (int)c;
+        }
+
+        for (int i = 1; i < 8; ++i)
+        {
+            long c = 0, x_i = x[i] & M;
+            c += x_i * y_0 + (zz[i + 0] & M);
+            zz[i + 0] = (int)c;
+            c >>>= 32;
+            c += x_i * y_1 + (zz[i + 1] & M);
+            zz[i + 1] = (int)c;
+            c >>>= 32;
+            c += x_i * y_2 + (zz[i + 2] & M);
+            zz[i + 2] = (int)c;
+            c >>>= 32;
+            c += x_i * y_3 + (zz[i + 3] & M);
+            zz[i + 3] = (int)c;
+            c >>>= 32;
+            c += x_i * y_4 + (zz[i + 4] & M);
+            zz[i + 4] = (int)c;
+            c >>>= 32;
+            c += x_i * y_5 + (zz[i + 5] & M);
+            zz[i + 5] = (int)c;
+            c >>>= 32;
+            c += x_i * y_6 + (zz[i + 6] & M);
+            zz[i + 6] = (int)c;
+            c >>>= 32;
+            c += x_i * y_7 + (zz[i + 7] & M);
+            zz[i + 7] = (int)c;
+            c >>>= 32;
+            zz[i + 8] = (int)c;
+        }
+    }
+
+    public static void mul(int[] x, int xOff, int[] y, int yOff, int[] zz, int zzOff)
+    {
+        long y_0 = y[yOff + 0] & M;
+        long y_1 = y[yOff + 1] & M;
+        long y_2 = y[yOff + 2] & M;
+        long y_3 = y[yOff + 3] & M;
+        long y_4 = y[yOff + 4] & M;
+        long y_5 = y[yOff + 5] & M;
+        long y_6 = y[yOff + 6] & M;
+        long y_7 = y[yOff + 7] & M;
+
+        {
+            long c = 0, x_0 = x[xOff + 0] & M;
+            c += x_0 * y_0;
+            zz[zzOff + 0] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_1;
+            zz[zzOff + 1] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_2;
+            zz[zzOff + 2] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_3;
+            zz[zzOff + 3] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_4;
+            zz[zzOff + 4] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_5;
+            zz[zzOff + 5] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_6;
+            zz[zzOff + 6] = (int)c;
+            c >>>= 32;
+            c += x_0 * y_7;
+            zz[zzOff + 7] = (int)c;
+            c >>>= 32;
+            zz[zzOff + 8] = (int)c;
+        }
+
+        for (int i = 1; i < 8; ++i)
+        {
+            ++zzOff;
+            long c = 0, x_i = x[xOff + i] & M;
+            c += x_i * y_0 + (zz[zzOff + 0] & M);
+            zz[zzOff + 0] = (int)c;
+            c >>>= 32;
+            c += x_i * y_1 + (zz[zzOff + 1] & M);
+            zz[zzOff + 1] = (int)c;
+            c >>>= 32;
+            c += x_i * y_2 + (zz[zzOff + 2] & M);
+            zz[zzOff + 2] = (int)c;
+            c >>>= 32;
+            c += x_i * y_3 + (zz[zzOff + 3] & M);
+            zz[zzOff + 3] = (int)c;
+            c >>>= 32;
+            c += x_i * y_4 + (zz[zzOff + 4] & M);
+            zz[zzOff + 4] = (int)c;
+            c >>>= 32;
+            c += x_i * y_5 + (zz[zzOff + 5] & M);
+            zz[zzOff + 5] = (int)c;
+            c >>>= 32;
+            c += x_i * y_6 + (zz[zzOff + 6] & M);
+            zz[zzOff + 6] = (int)c;
+            c >>>= 32;
+            c += x_i * y_7 + (zz[zzOff + 7] & M);
+            zz[zzOff + 7] = (int)c;
+            c >>>= 32;
+            zz[zzOff + 8] = (int)c;
+        }
+    }
+
+    public static int mulAddTo(int[] x, int[] y, int[] zz)
+    {
+        long y_0 = y[0] & M;
+        long y_1 = y[1] & M;
+        long y_2 = y[2] & M;
+        long y_3 = y[3] & M;
+        long y_4 = y[4] & M;
+        long y_5 = y[5] & M;
+        long y_6 = y[6] & M;
+        long y_7 = y[7] & M;
+
+        long zc = 0;
+        for (int i = 0; i < 8; ++i)
+        {
+            long c = 0, x_i = x[i] & M;
+            c += x_i * y_0 + (zz[i + 0] & M);
+            zz[i + 0] = (int)c;
+            c >>>= 32;
+            c += x_i * y_1 + (zz[i + 1] & M);
+            zz[i + 1] = (int)c;
+            c >>>= 32;
+            c += x_i * y_2 + (zz[i + 2] & M);
+            zz[i + 2] = (int)c;
+            c >>>= 32;
+            c += x_i * y_3 + (zz[i + 3] & M);
+            zz[i + 3] = (int)c;
+            c >>>= 32;
+            c += x_i * y_4 + (zz[i + 4] & M);
+            zz[i + 4] = (int)c;
+            c >>>= 32;
+            c += x_i * y_5 + (zz[i + 5] & M);
+            zz[i + 5] = (int)c;
+            c >>>= 32;
+            c += x_i * y_6 + (zz[i + 6] & M);
+            zz[i + 6] = (int)c;
+            c >>>= 32;
+            c += x_i * y_7 + (zz[i + 7] & M);
+            zz[i + 7] = (int)c;
+            c >>>= 32;
+            c += zc + (zz[i + 8] & M);
+            zz[i + 8] = (int)c;
+            zc = c >>> 32;
+        }
+        return (int)zc;
+    }
+
+    public static int mulAddTo(int[] x, int xOff, int[] y, int yOff, int[] zz, int zzOff)
+    {
+        long y_0 = y[yOff + 0] & M;
+        long y_1 = y[yOff + 1] & M;
+        long y_2 = y[yOff + 2] & M;
+        long y_3 = y[yOff + 3] & M;
+        long y_4 = y[yOff + 4] & M;
+        long y_5 = y[yOff + 5] & M;
+        long y_6 = y[yOff + 6] & M;
+        long y_7 = y[yOff + 7] & M;
+
+        long zc = 0;
+        for (int i = 0; i < 8; ++i)
+        {
+            long c = 0, x_i = x[xOff + i] & M;
+            c += x_i * y_0 + (zz[zzOff + 0] & M);
+            zz[zzOff + 0] = (int)c;
+            c >>>= 32;
+            c += x_i * y_1 + (zz[zzOff + 1] & M);
+            zz[zzOff + 1] = (int)c;
+            c >>>= 32;
+            c += x_i * y_2 + (zz[zzOff + 2] & M);
+            zz[zzOff + 2] = (int)c;
+            c >>>= 32;
+            c += x_i * y_3 + (zz[zzOff + 3] & M);
+            zz[zzOff + 3] = (int)c;
+            c >>>= 32;
+            c += x_i * y_4 + (zz[zzOff + 4] & M);
+            zz[zzOff + 4] = (int)c;
+            c >>>= 32;
+            c += x_i * y_5 + (zz[zzOff + 5] & M);
+            zz[zzOff + 5] = (int)c;
+            c >>>= 32;
+            c += x_i * y_6 + (zz[zzOff + 6] & M);
+            zz[zzOff + 6] = (int)c;
+            c >>>= 32;
+            c += x_i * y_7 + (zz[zzOff + 7] & M);
+            zz[zzOff + 7] = (int)c;
+            c >>>= 32;
+            c += zc + (zz[zzOff + 8] & M);
+            zz[zzOff + 8] = (int)c;
+            zc = c >>> 32;
+            ++zzOff;
+        }
+        return (int)zc;
+    }
+
+    public static long mul33Add(int w, int[] x, int xOff, int[] y, int yOff, int[] z, int zOff)
+    {
+        // assert w >>> 31 == 0;
+
+        long c = 0, wVal = w & M;
+        long x0 = x[xOff + 0] & M;
+        c += wVal * x0 + (y[yOff + 0] & M);
+        z[zOff + 0] = (int)c;
+        c >>>= 32;
+        long x1 = x[xOff + 1] & M;
+        c += wVal * x1 + x0 + (y[yOff + 1] & M);
+        z[zOff + 1] = (int)c;
+        c >>>= 32;
+        long x2 = x[xOff + 2] & M;
+        c += wVal * x2 + x1 + (y[yOff + 2] & M);
+        z[zOff + 2] = (int)c;
+        c >>>= 32;
+        long x3 = x[xOff + 3] & M;
+        c += wVal * x3 + x2 + (y[yOff + 3] & M);
+        z[zOff + 3] = (int)c;
+        c >>>= 32;
+        long x4 = x[xOff + 4] & M;
+        c += wVal * x4 + x3 + (y[yOff + 4] & M);
+        z[zOff + 4] = (int)c;
+        c >>>= 32;
+        long x5 = x[xOff + 5] & M;
+        c += wVal * x5 + x4 + (y[yOff + 5] & M);
+        z[zOff + 5] = (int)c;
+        c >>>= 32;
+        long x6 = x[xOff + 6] & M;
+        c += wVal * x6 + x5 + (y[yOff + 6] & M);
+        z[zOff + 6] = (int)c;
+        c >>>= 32;
+        long x7 = x[xOff + 7] & M;
+        c += wVal * x7 + x6 + (y[yOff + 7] & M);
+        z[zOff + 7] = (int)c;
+        c >>>= 32;
+        c += x7;
+        return c;
+    }
+
+    public static int mulByWord(int x, int[] z)
+    {
+        long c = 0, xVal = x & M;
+        c += xVal * (z[0] & M);
+        z[0] = (int)c;
+        c >>>= 32;
+        c += xVal * (z[1] & M);
+        z[1] = (int)c;
+        c >>>= 32;
+        c += xVal * (z[2] & M);
+        z[2] = (int)c;
+        c >>>= 32;
+        c += xVal * (z[3] & M);
+        z[3] = (int)c;
+        c >>>= 32;
+        c += xVal * (z[4] & M);
+        z[4] = (int)c;
+        c >>>= 32;
+        c += xVal * (z[5] & M);
+        z[5] = (int)c;
+        c >>>= 32;
+        c += xVal * (z[6] & M);
+        z[6] = (int)c;
+        c >>>= 32;
+        c += xVal * (z[7] & M);
+        z[7] = (int)c;
+        c >>>= 32;
+        return (int)c;
+    }
+
+    public static int mulByWordAddTo(int x, int[] y, int[] z)
+    {
+        long c = 0, xVal = x & M;
+        c += xVal * (z[0] & M) + (y[0] & M);
+        z[0] = (int)c;
+        c >>>= 32;
+        c += xVal * (z[1] & M) + (y[1] & M);
+        z[1] = (int)c;
+        c >>>= 32;
+        c += xVal * (z[2] & M) + (y[2] & M);
+        z[2] = (int)c;
+        c >>>= 32;
+        c += xVal * (z[3] & M) + (y[3] & M);
+        z[3] = (int)c;
+        c >>>= 32;
+        c += xVal * (z[4] & M) + (y[4] & M);
+        z[4] = (int)c;
+        c >>>= 32;
+        c += xVal * (z[5] & M) + (y[5] & M);
+        z[5] = (int)c;
+        c >>>= 32;
+        c += xVal * (z[6] & M) + (y[6] & M);
+        z[6] = (int)c;
+        c >>>= 32;
+        c += xVal * (z[7] & M) + (y[7] & M);
+        z[7] = (int)c;
+        c >>>= 32;
+        return (int)c;
+    }
+
+    public static int mulWordAddTo(int x, int[] y, int yOff, int[] z, int zOff)
+    {
+        long c = 0, xVal = x & M;
+        c += xVal * (y[yOff + 0] & M) + (z[zOff + 0] & M);
+        z[zOff + 0] = (int)c;
+        c >>>= 32;
+        c += xVal * (y[yOff + 1] & M) + (z[zOff + 1] & M);
+        z[zOff + 1] = (int)c;
+        c >>>= 32;
+        c += xVal * (y[yOff + 2] & M) + (z[zOff + 2] & M);
+        z[zOff + 2] = (int)c;
+        c >>>= 32;
+        c += xVal * (y[yOff + 3] & M) + (z[zOff + 3] & M);
+        z[zOff + 3] = (int)c;
+        c >>>= 32;
+        c += xVal * (y[yOff + 4] & M) + (z[zOff + 4] & M);
+        z[zOff + 4] = (int)c;
+        c >>>= 32;
+        c += xVal * (y[yOff + 5] & M) + (z[zOff + 5] & M);
+        z[zOff + 5] = (int)c;
+        c >>>= 32;
+        c += xVal * (y[yOff + 6] & M) + (z[zOff + 6] & M);
+        z[zOff + 6] = (int)c;
+        c >>>= 32;
+        c += xVal * (y[yOff + 7] & M) + (z[zOff + 7] & M);
+        z[zOff + 7] = (int)c;
+        c >>>= 32;
+        return (int)c;
+    }
+
+    public static int mul33DWordAdd(int x, long y, int[] z, int zOff)
+    {
+        // assert x >>> 31 == 0;
+        // assert zOff <= 4;
+
+        long c = 0, xVal = x & M;
+        long y00 = y & M;
+        c += xVal * y00 + (z[zOff + 0] & M);
+        z[zOff + 0] = (int)c;
+        c >>>= 32;
+        long y01 = y >>> 32;
+        c += xVal * y01 + y00 + (z[zOff + 1] & M);
+        z[zOff + 1] = (int)c;
+        c >>>= 32;
+        c += y01 + (z[zOff + 2] & M);
+        z[zOff + 2] = (int)c;
+        c >>>= 32;
+        c += (z[zOff + 3] & M);
+        z[zOff + 3] = (int)c;
+        c >>>= 32;
+        return c == 0 ? 0 : Nat.incAt(8, z, zOff, 4);
+    }
+
+    public static int mul33WordAdd(int x, int y, int[] z, int zOff)
+    {
+        // assert x >>> 31 == 0;
+        // assert zOff <= 5;
+
+        long c = 0, xVal = x & M, yVal = y & M;
+        c += yVal * xVal + (z[zOff + 0] & M);
+        z[zOff + 0] = (int)c;
+        c >>>= 32;
+        c += yVal + (z[zOff + 1] & M);
+        z[zOff + 1] = (int)c;
+        c >>>= 32;
+        c += (z[zOff + 2] & M);
+        z[zOff + 2] = (int)c;
+        c >>>= 32;
+        return c == 0 ? 0 : Nat.incAt(8, z, zOff, 3);
+    }
+
+    public static int mulWordDwordAdd(int x, long y, int[] z, int zOff)
+    {
+        // assert zOff <= 5;
+        long c = 0, xVal = x & M;
+        c += xVal * (y & M) + (z[zOff + 0] & M);
+        z[zOff + 0] = (int)c;
+        c >>>= 32;
+        c += xVal * (y >>> 32) + (z[zOff + 1] & M);
+        z[zOff + 1] = (int)c;
+        c >>>= 32;
+        c += (z[zOff + 2] & M);
+        z[zOff + 2] = (int)c;
+        c >>>= 32;
+        return c == 0 ? 0 : Nat.incAt(8, z, zOff, 3);
+    }
+
+    public static int mulWord(int x, int[] y, int[] z, int zOff)
+    {
+        long c = 0, xVal = x & M;
+        int i = 0;
+        do
+        {
+            c += xVal * (y[i] & M);
+            z[zOff + i] = (int)c;
+            c >>>= 32;
+        }
+        while (++i < 8);
+        return (int)c;
+    }
+
+    public static void square(int[] x, int[] zz)
+    {
+        long x_0 = x[0] & M;
+        long zz_1;
+
+        int c = 0, w;
+        {
+            int i = 7, j = 16;
+            do
+            {
+                long xVal = (x[i--] & M);
+                long p = xVal * xVal;
+                zz[--j] = (c << 31) | (int)(p >>> 33);
+                zz[--j] = (int)(p >>> 1);
+                c = (int)p;
+            }
+            while (i > 0);
+
+            {
+                long p = x_0 * x_0;
+                zz_1 = ((c << 31) & M) | (p >>> 33);
+                zz[0] = (int)p;
+                c = (int)(p >>> 32) & 1;
+            }
+        }
+
+        long x_1 = x[1] & M;
+        long zz_2 = zz[2] & M;
+
+        {
+            zz_1 += x_1 * x_0;
+            w = (int)zz_1;
+            zz[1] = (w << 1) | c;
+            c = w >>> 31;
+            zz_2 += zz_1 >>> 32;
+        }
+
+        long x_2 = x[2] & M;
+        long zz_3 = zz[3] & M;
+        long zz_4 = zz[4] & M;
+        {
+            zz_2 += x_2 * x_0;
+            w = (int)zz_2;
+            zz[2] = (w << 1) | c;
+            c = w >>> 31;
+            zz_3 += (zz_2 >>> 32) + x_2 * x_1;
+            zz_4 += zz_3 >>> 32;
+            zz_3 &= M;
+        }
+
+        long x_3 = x[3] & M;
+        long zz_5 = (zz[5] & M) + (zz_4 >>> 32); zz_4 &= M;
+        long zz_6 = (zz[6] & M) + (zz_5 >>> 32); zz_5 &= M;
+        {
+            zz_3 += x_3 * x_0;
+            w = (int)zz_3;
+            zz[3] = (w << 1) | c;
+            c = w >>> 31;
+            zz_4 += (zz_3 >>> 32) + x_3 * x_1;
+            zz_5 += (zz_4 >>> 32) + x_3 * x_2;
+            zz_4 &= M;
+            zz_6 += zz_5 >>> 32;
+            zz_5 &= M;
+        }
+
+        long x_4 = x[4] & M;
+        long zz_7 = (zz[7] & M) + (zz_6 >>> 32); zz_6 &= M;
+        long zz_8 = (zz[8] & M) + (zz_7 >>> 32); zz_7 &= M;
+        {
+            zz_4 += x_4 * x_0;
+            w = (int)zz_4;
+            zz[4] = (w << 1) | c;
+            c = w >>> 31;
+            zz_5 += (zz_4 >>> 32) + x_4 * x_1;
+            zz_6 += (zz_5 >>> 32) + x_4 * x_2;
+            zz_5 &= M;
+            zz_7 += (zz_6 >>> 32) + x_4 * x_3;
+            zz_6 &= M;
+            zz_8 += zz_7 >>> 32;
+            zz_7 &= M;
+        }
+
+        long x_5 = x[5] & M;
+        long zz_9 = (zz[9] & M) + (zz_8 >>> 32); zz_8 &= M;
+        long zz_10 = (zz[10] & M) + (zz_9 >>> 32); zz_9 &= M;
+        {
+            zz_5 += x_5 * x_0;
+            w = (int)zz_5;
+            zz[5] = (w << 1) | c;
+            c = w >>> 31;
+            zz_6 += (zz_5 >>> 32) + x_5 * x_1;
+            zz_7 += (zz_6 >>> 32) + x_5 * x_2;
+            zz_6 &= M;
+            zz_8 += (zz_7 >>> 32) + x_5 * x_3;
+            zz_7 &= M;
+            zz_9 += (zz_8 >>> 32) + x_5 * x_4;
+            zz_8 &= M;
+            zz_10 += zz_9 >>> 32;
+            zz_9 &= M;
+        }
+
+        long x_6 = x[6] & M;
+        long zz_11 = (zz[11] & M) + (zz_10 >>> 32); zz_10 &= M;
+        long zz_12 = (zz[12] & M) + (zz_11 >>> 32); zz_11 &= M;
+        {
+            zz_6 += x_6 * x_0;
+            w = (int)zz_6;
+            zz[6] = (w << 1) | c;
+            c = w >>> 31;
+            zz_7 += (zz_6 >>> 32) + x_6 * x_1;
+            zz_8 += (zz_7 >>> 32) + x_6 * x_2;
+            zz_7 &= M;
+            zz_9 += (zz_8 >>> 32) + x_6 * x_3;
+            zz_8 &= M;
+            zz_10 += (zz_9 >>> 32) + x_6 * x_4;
+            zz_9 &= M;
+            zz_11 += (zz_10 >>> 32) + x_6 * x_5;
+            zz_10 &= M;
+            zz_12 += zz_11 >>> 32;
+            zz_11 &= M;
+        }
+
+        long x_7 = x[7] & M;
+        long zz_13 = (zz[13] & M) + (zz_12 >>> 32); zz_12 &= M;
+        long zz_14 = (zz[14] & M) + (zz_13 >>> 32); zz_13 &= M;
+        {
+            zz_7 += x_7 * x_0;
+            w = (int)zz_7;
+            zz[7] = (w << 1) | c;
+            c = w >>> 31;
+            zz_8 += (zz_7 >>> 32) + x_7 * x_1;
+            zz_9 += (zz_8 >>> 32) + x_7 * x_2;
+            zz_10 += (zz_9 >>> 32) + x_7 * x_3;
+            zz_11 += (zz_10 >>> 32) + x_7 * x_4;
+            zz_12 += (zz_11 >>> 32) + x_7 * x_5;
+            zz_13 += (zz_12 >>> 32) + x_7 * x_6;
+            zz_14 += zz_13 >>> 32;
+        }
+
+        w = (int)zz_8;
+        zz[8] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_9;
+        zz[9] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_10;
+        zz[10] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_11;
+        zz[11] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_12;
+        zz[12] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_13;
+        zz[13] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_14;
+        zz[14] = (w << 1) | c;
+        c = w >>> 31;
+        w = zz[15] + (int)(zz_14 >>> 32);
+        zz[15] = (w << 1) | c;
+    }
+
+    public static void square(int[] x, int xOff, int[] zz, int zzOff)
+    {
+        long x_0 = x[xOff + 0] & M;
+        long zz_1;
+
+        int c = 0, w;
+        {
+            int i = 7, j = 16;
+            do
+            {
+                long xVal = (x[xOff + i--] & M);
+                long p = xVal * xVal;
+                zz[zzOff + --j] = (c << 31) | (int)(p >>> 33);
+                zz[zzOff + --j] = (int)(p >>> 1);
+                c = (int)p;
+            }
+            while (i > 0);
+
+            {
+                long p = x_0 * x_0;
+                zz_1 = ((c << 31) & M) | (p >>> 33);
+                zz[zzOff + 0] = (int)p;
+                c = (int)(p >>> 32) & 1;
+            }
+        }
+
+        long x_1 = x[xOff + 1] & M;
+        long zz_2 = zz[zzOff + 2] & M;
+
+        {
+            zz_1 += x_1 * x_0;
+            w = (int)zz_1;
+            zz[zzOff + 1] = (w << 1) | c;
+            c = w >>> 31;
+            zz_2 += zz_1 >>> 32;
+        }
+
+        long x_2 = x[xOff + 2] & M;
+        long zz_3 = zz[zzOff + 3] & M;
+        long zz_4 = zz[zzOff + 4] & M;
+        {
+            zz_2 += x_2 * x_0;
+            w = (int)zz_2;
+            zz[zzOff + 2] = (w << 1) | c;
+            c = w >>> 31;
+            zz_3 += (zz_2 >>> 32) + x_2 * x_1;
+            zz_4 += zz_3 >>> 32;
+            zz_3 &= M;
+        }
+
+        long x_3 = x[xOff + 3] & M;
+        long zz_5 = (zz[zzOff + 5] & M) + (zz_4 >>> 32); zz_4 &= M;
+        long zz_6 = (zz[zzOff + 6] & M) + (zz_5 >>> 32); zz_5 &= M;
+        {
+            zz_3 += x_3 * x_0;
+            w = (int)zz_3;
+            zz[zzOff + 3] = (w << 1) | c;
+            c = w >>> 31;
+            zz_4 += (zz_3 >>> 32) + x_3 * x_1;
+            zz_5 += (zz_4 >>> 32) + x_3 * x_2;
+            zz_4 &= M;
+            zz_6 += zz_5 >>> 32;
+            zz_5 &= M;
+        }
+
+        long x_4 = x[xOff + 4] & M;
+        long zz_7 = (zz[zzOff + 7] & M) + (zz_6 >>> 32); zz_6 &= M;
+        long zz_8 = (zz[zzOff + 8] & M) + (zz_7 >>> 32); zz_7 &= M;
+        {
+            zz_4 += x_4 * x_0;
+            w = (int)zz_4;
+            zz[zzOff + 4] = (w << 1) | c;
+            c = w >>> 31;
+            zz_5 += (zz_4 >>> 32) + x_4 * x_1;
+            zz_6 += (zz_5 >>> 32) + x_4 * x_2;
+            zz_5 &= M;
+            zz_7 += (zz_6 >>> 32) + x_4 * x_3;
+            zz_6 &= M;
+            zz_8 += zz_7 >>> 32;
+            zz_7 &= M;
+        }
+
+        long x_5 = x[xOff + 5] & M;
+        long zz_9 = (zz[zzOff + 9] & M) + (zz_8 >>> 32); zz_8 &= M;
+        long zz_10 = (zz[zzOff + 10] & M) + (zz_9 >>> 32); zz_9 &= M;
+        {
+            zz_5 += x_5 * x_0;
+            w = (int)zz_5;
+            zz[zzOff + 5] = (w << 1) | c;
+            c = w >>> 31;
+            zz_6 += (zz_5 >>> 32) + x_5 * x_1;
+            zz_7 += (zz_6 >>> 32) + x_5 * x_2;
+            zz_6 &= M;
+            zz_8 += (zz_7 >>> 32) + x_5 * x_3;
+            zz_7 &= M;
+            zz_9 += (zz_8 >>> 32) + x_5 * x_4;
+            zz_8 &= M;
+            zz_10 += zz_9 >>> 32;
+            zz_9 &= M;
+        }
+
+        long x_6 = x[xOff + 6] & M;
+        long zz_11 = (zz[zzOff + 11] & M) + (zz_10 >>> 32); zz_10 &= M;
+        long zz_12 = (zz[zzOff + 12] & M) + (zz_11 >>> 32); zz_11 &= M;
+        {
+            zz_6 += x_6 * x_0;
+            w = (int)zz_6;
+            zz[zzOff + 6] = (w << 1) | c;
+            c = w >>> 31;
+            zz_7 += (zz_6 >>> 32) + x_6 * x_1;
+            zz_8 += (zz_7 >>> 32) + x_6 * x_2;
+            zz_7 &= M;
+            zz_9 += (zz_8 >>> 32) + x_6 * x_3;
+            zz_8 &= M;
+            zz_10 += (zz_9 >>> 32) + x_6 * x_4;
+            zz_9 &= M;
+            zz_11 += (zz_10 >>> 32) + x_6 * x_5;
+            zz_10 &= M;
+            zz_12 += zz_11 >>> 32;
+            zz_11 &= M;
+        }
+
+        long x_7 = x[xOff + 7] & M;
+        long zz_13 = (zz[zzOff + 13] & M) + (zz_12 >>> 32); zz_12 &= M;
+        long zz_14 = (zz[zzOff + 14] & M) + (zz_13 >>> 32); zz_13 &= M;
+        {
+            zz_7 += x_7 * x_0;
+            w = (int)zz_7;
+            zz[zzOff + 7] = (w << 1) | c;
+            c = w >>> 31;
+            zz_8 += (zz_7 >>> 32) + x_7 * x_1;
+            zz_9 += (zz_8 >>> 32) + x_7 * x_2;
+            zz_10 += (zz_9 >>> 32) + x_7 * x_3;
+            zz_11 += (zz_10 >>> 32) + x_7 * x_4;
+            zz_12 += (zz_11 >>> 32) + x_7 * x_5;
+            zz_13 += (zz_12 >>> 32) + x_7 * x_6;
+            zz_14 += zz_13 >>> 32;
+        }
+
+        w = (int)zz_8;
+        zz[zzOff + 8] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_9;
+        zz[zzOff + 9] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_10;
+        zz[zzOff + 10] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_11;
+        zz[zzOff + 11] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_12;
+        zz[zzOff + 12] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_13;
+        zz[zzOff + 13] = (w << 1) | c;
+        c = w >>> 31;
+        w = (int)zz_14;
+        zz[zzOff + 14] = (w << 1) | c;
+        c = w >>> 31;
+        w = zz[zzOff + 15] + (int)(zz_14 >>> 32);
+        zz[zzOff + 15] = (w << 1) | c;
+    }
+
+    public static int sub(int[] x, int[] y, int[] z)
+    {
+        long c = 0;
+        c += (x[0] & M) - (y[0] & M);
+        z[0] = (int)c;
+        c >>= 32;
+        c += (x[1] & M) - (y[1] & M);
+        z[1] = (int)c;
+        c >>= 32;
+        c += (x[2] & M) - (y[2] & M);
+        z[2] = (int)c;
+        c >>= 32;
+        c += (x[3] & M) - (y[3] & M);
+        z[3] = (int)c;
+        c >>= 32;
+        c += (x[4] & M) - (y[4] & M);
+        z[4] = (int)c;
+        c >>= 32;
+        c += (x[5] & M) - (y[5] & M);
+        z[5] = (int)c;
+        c >>= 32;
+        c += (x[6] & M) - (y[6] & M);
+        z[6] = (int)c;
+        c >>= 32;
+        c += (x[7] & M) - (y[7] & M);
+        z[7] = (int)c;
+        c >>= 32;
+        return (int)c;
+    }
+
+    public static int sub(int[] x, int xOff, int[] y, int yOff, int[] z, int zOff)
+    {
+        long c = 0;
+        c += (x[xOff + 0] & M) - (y[yOff + 0] & M);
+        z[zOff + 0] = (int)c;
+        c >>= 32;
+        c += (x[xOff + 1] & M) - (y[yOff + 1] & M);
+        z[zOff + 1] = (int)c;
+        c >>= 32;
+        c += (x[xOff + 2] & M) - (y[yOff + 2] & M);
+        z[zOff + 2] = (int)c;
+        c >>= 32;
+        c += (x[xOff + 3] & M) - (y[yOff + 3] & M);
+        z[zOff + 3] = (int)c;
+        c >>= 32;
+        c += (x[xOff + 4] & M) - (y[yOff + 4] & M);
+        z[zOff + 4] = (int)c;
+        c >>= 32;
+        c += (x[xOff + 5] & M) - (y[yOff + 5] & M);
+        z[zOff + 5] = (int)c;
+        c >>= 32;
+        c += (x[xOff + 6] & M) - (y[yOff + 6] & M);
+        z[zOff + 6] = (int)c;
+        c >>= 32;
+        c += (x[xOff + 7] & M) - (y[yOff + 7] & M);
+        z[zOff + 7] = (int)c;
+        c >>= 32;
+        return (int)c;
+    }
+
+    public static int subBothFrom(int[] x, int[] y, int[] z)
+    {
+        long c = 0;
+        c += (z[0] & M) - (x[0] & M) - (y[0] & M);
+        z[0] = (int)c;
+        c >>= 32;
+        c += (z[1] & M) - (x[1] & M) - (y[1] & M);
+        z[1] = (int)c;
+        c >>= 32;
+        c += (z[2] & M) - (x[2] & M) - (y[2] & M);
+        z[2] = (int)c;
+        c >>= 32;
+        c += (z[3] & M) - (x[3] & M) - (y[3] & M);
+        z[3] = (int)c;
+        c >>= 32;
+        c += (z[4] & M) - (x[4] & M) - (y[4] & M);
+        z[4] = (int)c;
+        c >>= 32;
+        c += (z[5] & M) - (x[5] & M) - (y[5] & M);
+        z[5] = (int)c;
+        c >>= 32;
+        c += (z[6] & M) - (x[6] & M) - (y[6] & M);
+        z[6] = (int)c;
+        c >>= 32;
+        c += (z[7] & M) - (x[7] & M) - (y[7] & M);
+        z[7] = (int)c;
+        c >>= 32;
+        return (int)c;
+    }
+
+    public static int subFrom(int[] x, int[] z)
+    {
+        long c = 0;
+        c += (z[0] & M) - (x[0] & M);
+        z[0] = (int)c;
+        c >>= 32;
+        c += (z[1] & M) - (x[1] & M);
+        z[1] = (int)c;
+        c >>= 32;
+        c += (z[2] & M) - (x[2] & M);
+        z[2] = (int)c;
+        c >>= 32;
+        c += (z[3] & M) - (x[3] & M);
+        z[3] = (int)c;
+        c >>= 32;
+        c += (z[4] & M) - (x[4] & M);
+        z[4] = (int)c;
+        c >>= 32;
+        c += (z[5] & M) - (x[5] & M);
+        z[5] = (int)c;
+        c >>= 32;
+        c += (z[6] & M) - (x[6] & M);
+        z[6] = (int)c;
+        c >>= 32;
+        c += (z[7] & M) - (x[7] & M);
+        z[7] = (int)c;
+        c >>= 32;
+        return (int)c;
+    }
+
+    public static int subFrom(int[] x, int xOff, int[] z, int zOff)
+    {
+        long c = 0;
+        c += (z[zOff + 0] & M) - (x[xOff + 0] & M);
+        z[zOff + 0] = (int)c;
+        c >>= 32;
+        c += (z[zOff + 1] & M) - (x[xOff + 1] & M);
+        z[zOff + 1] = (int)c;
+        c >>= 32;
+        c += (z[zOff + 2] & M) - (x[xOff + 2] & M);
+        z[zOff + 2] = (int)c;
+        c >>= 32;
+        c += (z[zOff + 3] & M) - (x[xOff + 3] & M);
+        z[zOff + 3] = (int)c;
+        c >>= 32;
+        c += (z[zOff + 4] & M) - (x[xOff + 4] & M);
+        z[zOff + 4] = (int)c;
+        c >>= 32;
+        c += (z[zOff + 5] & M) - (x[xOff + 5] & M);
+        z[zOff + 5] = (int)c;
+        c >>= 32;
+        c += (z[zOff + 6] & M) - (x[xOff + 6] & M);
+        z[zOff + 6] = (int)c;
+        c >>= 32;
+        c += (z[zOff + 7] & M) - (x[xOff + 7] & M);
+        z[zOff + 7] = (int)c;
+        c >>= 32;
+        return (int)c;
+    }
+
+    public static BigInteger toBigInteger(int[] x)
+    {
+        byte[] bs = new byte[32];
+        for (int i = 0; i < 8; ++i)
+        {
+            int x_i = x[i];
+            if (x_i != 0)
+            {
+                Pack.intToBigEndian(x_i, bs, (7 - i) << 2);
+            }
+        }
+        return new BigInteger(1, bs);
+    }
+
+    public static BigInteger toBigInteger64(long[] x)
+    {
+        byte[] bs = new byte[32];
+        for (int i = 0; i < 4; ++i)
+        {
+            long x_i = x[i];
+            if (x_i != 0L)
+            {
+                Pack.longToBigEndian(x_i, bs, (3 - i) << 3);
+            }
+        }
+        return new BigInteger(1, bs);
+    }
+
+    public static void zero(int[] z)
+    {
+        z[0] = 0;
+        z[1] = 0;
+        z[2] = 0;
+        z[3] = 0;
+        z[4] = 0;
+        z[5] = 0;
+        z[6] = 0;
+        z[7] = 0;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/raw/Nat384.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/raw/Nat384.java
new file mode 100644
index 0000000..1063544
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/raw/Nat384.java

@@ -0,0 +1,47 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.raw;
+
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class Nat384
+{
+    public static void mul(int[] x, int[] y, int[] zz)
+    {
+        Nat192.mul(x, y, zz);
+        Nat192.mul(x, 6, y, 6, zz, 12);
+
+        int c18 = Nat192.addToEachOther(zz, 6, zz, 12);
+        int c12 = c18 + Nat192.addTo(zz, 0, zz, 6, 0);
+        c18 += Nat192.addTo(zz, 18, zz, 12, c12);
+
+        int[] dx = Nat192.create(), dy = Nat192.create();
+        boolean neg = Nat192.diff(x, 6, x, 0, dx, 0) != Nat192.diff(y, 6, y, 0, dy, 0);
+
+        int[] tt = Nat192.createExt();
+        Nat192.mul(dx, dy, tt);
+
+        c18 += neg ? Nat.addTo(12, tt, 0, zz, 6) : Nat.subFrom(12, tt, 0, zz, 6);
+        Nat.addWordAt(24, c18, zz, 18); 
+    }
+
+    public static void square(int[] x, int[] zz)
+    {
+        Nat192.square(x, zz);
+        Nat192.square(x, 6, zz, 12);
+
+        int c18 = Nat192.addToEachOther(zz, 6, zz, 12);
+        int c12 = c18 + Nat192.addTo(zz, 0, zz, 6, 0);
+        c18 += Nat192.addTo(zz, 18, zz, 12, c12);
+
+        int[] dx = Nat192.create();
+        Nat192.diff(x, 6, x, 0, dx, 0);
+
+        int[] tt = Nat192.createExt();
+        Nat192.square(dx, tt);
+
+        c18 += Nat.subFrom(12, tt, 0, zz, 6);
+        Nat.addWordAt(24, c18, zz, 18); 
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/raw/Nat512.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/raw/Nat512.java
new file mode 100644
index 0000000..faa211c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/math/raw/Nat512.java

@@ -0,0 +1,47 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.math.raw;
+
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class Nat512
+{
+    public static void mul(int[] x, int[] y, int[] zz)
+    {
+        Nat256.mul(x, y, zz);
+        Nat256.mul(x, 8, y, 8, zz, 16);
+
+        int c24 = Nat256.addToEachOther(zz, 8, zz, 16);
+        int c16 = c24 + Nat256.addTo(zz, 0, zz, 8, 0);
+        c24 += Nat256.addTo(zz, 24, zz, 16, c16);
+
+        int[] dx = Nat256.create(), dy = Nat256.create();
+        boolean neg = Nat256.diff(x, 8, x, 0, dx, 0) != Nat256.diff(y, 8, y, 0, dy, 0);
+
+        int[] tt = Nat256.createExt();
+        Nat256.mul(dx, dy, tt);
+
+        c24 += neg ? Nat.addTo(16, tt, 0, zz, 8) : Nat.subFrom(16, tt, 0, zz, 8);
+        Nat.addWordAt(32, c24, zz, 24); 
+    }
+
+    public static void square(int[] x, int[] zz)
+    {
+        Nat256.square(x, zz);
+        Nat256.square(x, 8, zz, 16);
+
+        int c24 = Nat256.addToEachOther(zz, 8, zz, 16);
+        int c16 = c24 + Nat256.addTo(zz, 0, zz, 8, 0);
+        c24 += Nat256.addTo(zz, 24, zz, 16, c16);
+
+        int[] dx = Nat256.create();
+        Nat256.diff(x, 8, x, 0, dx, 0);
+
+        int[] tt = Nat256.createExt();
+        Nat256.square(dx, tt);
+
+        c24 += Nat.subFrom(16, tt, 0, zz, 8);
+        Nat.addWordAt(32, c24, zz, 24); 
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Arrays.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Arrays.java
new file mode 100644
index 0000000..b0b5783
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Arrays.java

@@ -0,0 +1,1297 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util;
+
+import java.math.BigInteger;
+import java.util.NoSuchElementException;
+
+/**
+ * General array utilities.
+ * @hide This class is not part of the Android public SDK API
+ */
+public final class Arrays
+{
+    private Arrays()
+    {
+        // static class, hide constructor
+    }
+
+    public static boolean areAllZeroes(byte[] buf, int off, int len)
+    {
+        int bits = 0;
+        for (int i = 0; i < len; ++i)
+        {
+            bits |= buf[off + i];
+        }
+        return bits == 0;
+    }
+
+    public static boolean areEqual(
+        boolean[]  a,
+        boolean[]  b)
+    {
+        if (a == b)
+        {
+            return true;
+        }
+
+        if (a == null || b == null)
+        {
+            return false;
+        }
+
+        if (a.length != b.length)
+        {
+            return false;
+        }
+
+        for (int i = 0; i != a.length; i++)
+        {
+            if (a[i] != b[i])
+            {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
+    public static boolean areEqual(
+        char[]  a,
+        char[]  b)
+    {
+        if (a == b)
+        {
+            return true;
+        }
+
+        if (a == null || b == null)
+        {
+            return false;
+        }
+
+        if (a.length != b.length)
+        {
+            return false;
+        }
+
+        for (int i = 0; i != a.length; i++)
+        {
+            if (a[i] != b[i])
+            {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
+    public static boolean areEqual(
+        byte[]  a,
+        byte[]  b)
+    {
+        if (a == b)
+        {
+            return true;
+        }
+
+        if (a == null || b == null)
+        {
+            return false;
+        }
+
+        if (a.length != b.length)
+        {
+            return false;
+        }
+
+        for (int i = 0; i != a.length; i++)
+        {
+            if (a[i] != b[i])
+            {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
+    public static boolean areEqual(
+        short[]  a,
+        short[]  b)
+    {
+        if (a == b)
+        {
+            return true;
+        }
+
+        if (a == null || b == null)
+        {
+            return false;
+        }
+
+        if (a.length != b.length)
+        {
+            return false;
+        }
+
+        for (int i = 0; i != a.length; i++)
+        {
+            if (a[i] != b[i])
+            {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
+    /**
+     * A constant time equals comparison - does not terminate early if
+     * test will fail. For best results always pass the expected value
+     * as the first parameter.
+     *
+     * @param expected first array
+     * @param supplied second array
+     * @return true if arrays equal, false otherwise.
+     */
+    public static boolean constantTimeAreEqual(
+        byte[]  expected,
+        byte[]  supplied)
+    {
+        if (expected == supplied)
+        {
+            return true;
+        }
+
+        if (expected == null || supplied == null)
+        {
+            return false;
+        }
+
+        if (expected.length != supplied.length)
+        {
+            return !Arrays.constantTimeAreEqual(expected, expected);
+        }
+
+        int nonEqual = 0;
+
+        for (int i = 0; i != expected.length; i++)
+        {
+            nonEqual |= (expected[i] ^ supplied[i]);
+        }
+
+        return nonEqual == 0;
+    }
+
+    public static boolean areEqual(
+        int[]  a,
+        int[]  b)
+    {
+        if (a == b)
+        {
+            return true;
+        }
+
+        if (a == null || b == null)
+        {
+            return false;
+        }
+
+        if (a.length != b.length)
+        {
+            return false;
+        }
+
+        for (int i = 0; i != a.length; i++)
+        {
+            if (a[i] != b[i])
+            {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
+    public static boolean areEqual(
+        long[]  a,
+        long[]  b)
+    {
+        if (a == b)
+        {
+            return true;
+        }
+
+        if (a == null || b == null)
+        {
+            return false;
+        }
+
+        if (a.length != b.length)
+        {
+            return false;
+        }
+
+        for (int i = 0; i != a.length; i++)
+        {
+            if (a[i] != b[i])
+            {
+                return false;
+            }
+        }
+
+        return true;
+    }
+
+    public static boolean areEqual(Object[] a, Object[] b)
+    {
+        if (a == b)
+        {
+            return true;
+        }
+        if (a == null || b == null)
+        {
+            return false;
+        }
+        if (a.length != b.length)
+        {
+            return false;
+        }
+        for (int i = 0; i != a.length; i++)
+        {
+            Object objA = a[i], objB = b[i];
+            if (objA == null)
+            {
+                if (objB != null)
+                {
+                    return false;
+                }
+            }
+            else if (!objA.equals(objB))
+            {
+                return false;
+            }
+        }
+        return true;
+    }
+
+    public static int compareUnsigned(byte[] a, byte[] b)
+    {
+        if (a == b)
+        {
+            return 0;
+        }
+        if (a == null)
+        {
+            return -1;
+        }
+        if (b == null)
+        {
+            return 1;
+        }
+        int minLen = Math.min(a.length, b.length);
+        for (int i = 0; i < minLen; ++i)
+        {
+            int aVal = a[i] & 0xFF, bVal = b[i] & 0xFF;
+            if (aVal < bVal)
+            {
+                return -1;
+            }
+            if (aVal > bVal)
+            {
+                return 1;
+            }
+        }
+        if (a.length < b.length)
+        {
+            return -1;
+        }
+        if (a.length > b.length)
+        {
+            return 1;
+        }
+        return 0;
+    }
+
+    public static boolean contains(short[] a, short n)
+    {
+        for (int i = 0; i < a.length; ++i)
+        {
+            if (a[i] == n)
+            {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    public static boolean contains(int[] a, int n)
+    {
+        for (int i = 0; i < a.length; ++i)
+        {
+            if (a[i] == n)
+            {
+                return true;
+            }
+        }
+        return false;
+    }
+
+    public static void fill(
+        byte[] array,
+        byte value)
+    {
+        for (int i = 0; i < array.length; i++)
+        {
+            array[i] = value;
+        }
+    }
+
+    public static void fill(
+        byte[] array,
+        int start,
+        int finish,
+        byte value)
+    {
+        for (int i = start; i < finish; i++)
+        {
+            array[i] = value;
+        }
+    }
+
+    public static void fill(
+        char[] array,
+        char value)
+    {
+        for (int i = 0; i < array.length; i++)
+        {
+            array[i] = value;
+        }
+    }
+
+    public static void fill(
+        long[] array,
+        long value)
+    {
+        for (int i = 0; i < array.length; i++)
+        {
+            array[i] = value;
+        }
+    }
+
+    public static void fill(
+        short[] array,
+        short value)
+    {
+        for (int i = 0; i < array.length; i++)
+        {
+            array[i] = value;
+        }
+    }
+
+    public static void fill(
+        int[] array,
+        int value)
+    {
+        for (int i = 0; i < array.length; i++)
+        {
+            array[i] = value;
+        }
+    }
+
+    public static void fill(
+        byte[] array,
+        int out,
+        byte value)
+    {
+        if(out < array.length)
+        {
+            for (int i = out; i < array.length; i++)
+            {
+                array[i] = value;
+            }
+        }
+    }
+
+    public static void fill(
+        int[] array,
+        int out,
+        int value)
+    {
+        if(out < array.length)
+        {
+            for (int i = out; i < array.length; i++)
+            {
+                array[i] = value;
+            }
+        }
+    }
+
+    public static void fill(
+        short[] array,
+        int out,
+        short value)
+    {
+        if(out < array.length)
+        {
+            for (int i = out; i < array.length; i++)
+            {
+                array[i] = value;
+            }
+        }
+    }
+
+    public static void fill(
+        long[] array,
+        int out,
+        long value)
+    {
+        if(out < array.length)
+        {
+            for (int i = out; i < array.length; i++)
+            {
+                array[i] = value;
+            }
+        }
+    }
+
+    public static int hashCode(byte[] data)
+    {
+        if (data == null)
+        {
+            return 0;
+        }
+
+        int i = data.length;
+        int hc = i + 1;
+
+        while (--i >= 0)
+        {
+            hc *= 257;
+            hc ^= data[i];
+        }
+
+        return hc;
+    }
+
+    public static int hashCode(byte[] data, int off, int len)
+    {
+        if (data == null)
+        {
+            return 0;
+        }
+
+        int i = len;
+        int hc = i + 1;
+
+        while (--i >= 0)
+        {
+            hc *= 257;
+            hc ^= data[off + i];
+        }
+
+        return hc;
+    }
+
+    public static int hashCode(char[] data)
+    {
+        if (data == null)
+        {
+            return 0;
+        }
+
+        int i = data.length;
+        int hc = i + 1;
+
+        while (--i >= 0)
+        {
+            hc *= 257;
+            hc ^= data[i];
+        }
+
+        return hc;
+    }
+
+    public static int hashCode(int[][] ints)
+    {
+        int hc = 0;
+
+        for (int i = 0; i != ints.length; i++)
+        {
+            hc = hc * 257 + hashCode(ints[i]);
+        }
+
+        return hc;
+    }
+
+    public static int hashCode(int[] data)
+    {
+        if (data == null)
+        {
+            return 0;
+        }
+
+        int i = data.length;
+        int hc = i + 1;
+
+        while (--i >= 0)
+        {
+            hc *= 257;
+            hc ^= data[i];
+        }
+
+        return hc;
+    }
+
+    public static int hashCode(int[] data, int off, int len)
+    {
+        if (data == null)
+        {
+            return 0;
+        }
+
+        int i = len;
+        int hc = i + 1;
+
+        while (--i >= 0)
+        {
+            hc *= 257;
+            hc ^= data[off + i];
+        }
+
+        return hc;
+    }
+
+    public static int hashCode(long[] data)
+    {
+        if (data == null)
+        {
+            return 0;
+        }
+
+        int i = data.length;
+        int hc = i + 1;
+
+        while (--i >= 0)
+        {
+            long di = data[i];
+            hc *= 257;
+            hc ^= (int)di;
+            hc *= 257;
+            hc ^= (int)(di >>> 32);
+        }
+
+        return hc;
+    }
+
+    public static int hashCode(long[] data, int off, int len)
+    {
+        if (data == null)
+        {
+            return 0;
+        }
+
+        int i = len;
+        int hc = i + 1;
+
+        while (--i >= 0)
+        {
+            long di = data[off + i];
+            hc *= 257;
+            hc ^= (int)di;
+            hc *= 257;
+            hc ^= (int)(di >>> 32);
+        }
+
+        return hc;
+    }
+
+    public static int hashCode(short[][][] shorts)
+    {
+        int hc = 0;
+
+        for (int i = 0; i != shorts.length; i++)
+        {
+            hc = hc * 257 + hashCode(shorts[i]);
+        }
+
+        return hc;
+    }
+
+    public static int hashCode(short[][] shorts)
+    {
+        int hc = 0;
+
+        for (int i = 0; i != shorts.length; i++)
+        {
+            hc = hc * 257 + hashCode(shorts[i]);
+        }
+
+        return hc;
+    }
+
+    public static int hashCode(short[] data)
+    {
+        if (data == null)
+        {
+            return 0;
+        }
+
+        int i = data.length;
+        int hc = i + 1;
+
+        while (--i >= 0)
+        {
+            hc *= 257;
+            hc ^= (data[i] & 0xff);
+        }
+
+        return hc;
+    }
+
+    public static int hashCode(Object[] data)
+    {
+        if (data == null)
+        {
+            return 0;
+        }
+
+        int i = data.length;
+        int hc = i + 1;
+
+        while (--i >= 0)
+        {
+            hc *= 257;
+            hc ^= data[i].hashCode();
+        }
+
+        return hc;
+    }
+
+    public static byte[] clone(byte[] data)
+    {
+        if (data == null)
+        {
+            return null;
+        }
+        byte[] copy = new byte[data.length];
+
+        System.arraycopy(data, 0, copy, 0, data.length);
+
+        return copy;
+    }
+
+    public static char[] clone(char[] data)
+    {
+        if (data == null)
+        {
+            return null;
+        }
+        char[] copy = new char[data.length];
+
+        System.arraycopy(data, 0, copy, 0, data.length);
+
+        return copy;
+    }
+
+    public static byte[] clone(byte[] data, byte[] existing)
+    {
+        if (data == null)
+        {
+            return null;
+        }
+        if ((existing == null) || (existing.length != data.length))
+        {
+            return clone(data);
+        }
+        System.arraycopy(data, 0, existing, 0, existing.length);
+        return existing;
+    }
+
+    public static byte[][] clone(byte[][] data)
+    {
+        if (data == null)
+        {
+            return null;
+        }
+
+        byte[][] copy = new byte[data.length][];
+
+        for (int i = 0; i != copy.length; i++)
+        {
+            copy[i] = clone(data[i]);
+        }
+
+        return copy;
+    }
+
+    public static byte[][][] clone(byte[][][] data)
+    {
+        if (data == null)
+        {
+            return null;
+        }
+
+        byte[][][] copy = new byte[data.length][][];
+
+        for (int i = 0; i != copy.length; i++)
+        {
+            copy[i] = clone(data[i]);
+        }
+
+        return copy;
+    }
+
+    public static int[] clone(int[] data)
+    {
+        if (data == null)
+        {
+            return null;
+        }
+        int[] copy = new int[data.length];
+
+        System.arraycopy(data, 0, copy, 0, data.length);
+
+        return copy;
+    }
+
+    public static long[] clone(long[] data)
+    {
+        if (data == null)
+        {
+            return null;
+        }
+        long[] copy = new long[data.length];
+
+        System.arraycopy(data, 0, copy, 0, data.length);
+
+        return copy;
+    }
+
+    public static long[] clone(long[] data, long[] existing)
+    {
+        if (data == null)
+        {
+            return null;
+        }
+        if ((existing == null) || (existing.length != data.length))
+        {
+            return clone(data);
+        }
+        System.arraycopy(data, 0, existing, 0, existing.length);
+        return existing;
+    }
+
+    public static short[] clone(short[] data)
+    {
+        if (data == null)
+        {
+            return null;
+        }
+        short[] copy = new short[data.length];
+
+        System.arraycopy(data, 0, copy, 0, data.length);
+
+        return copy;
+    }
+
+    public static BigInteger[] clone(BigInteger[] data)
+    {
+        if (data == null)
+        {
+            return null;
+        }
+        BigInteger[] copy = new BigInteger[data.length];
+
+        System.arraycopy(data, 0, copy, 0, data.length);
+
+        return copy;
+    }
+
+    public static byte[] copyOf(byte[] data, int newLength)
+    {
+        byte[] tmp = new byte[newLength];
+
+        if (newLength < data.length)
+        {
+            System.arraycopy(data, 0, tmp, 0, newLength);
+        }
+        else
+        {
+            System.arraycopy(data, 0, tmp, 0, data.length);
+        }
+
+        return tmp;
+    }
+
+    public static char[] copyOf(char[] data, int newLength)
+    {
+        char[] tmp = new char[newLength];
+
+        if (newLength < data.length)
+        {
+            System.arraycopy(data, 0, tmp, 0, newLength);
+        }
+        else
+        {
+            System.arraycopy(data, 0, tmp, 0, data.length);
+        }
+
+        return tmp;
+    }
+
+    public static int[] copyOf(int[] data, int newLength)
+    {
+        int[] tmp = new int[newLength];
+
+        if (newLength < data.length)
+        {
+            System.arraycopy(data, 0, tmp, 0, newLength);
+        }
+        else
+        {
+            System.arraycopy(data, 0, tmp, 0, data.length);
+        }
+
+        return tmp;
+    }
+
+    public static long[] copyOf(long[] data, int newLength)
+    {
+        long[] tmp = new long[newLength];
+
+        if (newLength < data.length)
+        {
+            System.arraycopy(data, 0, tmp, 0, newLength);
+        }
+        else
+        {
+            System.arraycopy(data, 0, tmp, 0, data.length);
+        }
+
+        return tmp;
+    }
+
+    public static BigInteger[] copyOf(BigInteger[] data, int newLength)
+    {
+        BigInteger[] tmp = new BigInteger[newLength];
+
+        if (newLength < data.length)
+        {
+            System.arraycopy(data, 0, tmp, 0, newLength);
+        }
+        else
+        {
+            System.arraycopy(data, 0, tmp, 0, data.length);
+        }
+
+        return tmp;
+    }
+
+    /**
+     * Make a copy of a range of bytes from the passed in data array. The range can
+     * extend beyond the end of the input array, in which case the return array will
+     * be padded with zeroes.
+     *
+     * @param data the array from which the data is to be copied.
+     * @param from the start index at which the copying should take place.
+     * @param to the final index of the range (exclusive).
+     *
+     * @return a new byte array containing the range given.
+     */
+    public static byte[] copyOfRange(byte[] data, int from, int to)
+    {
+        int newLength = getLength(from, to);
+
+        byte[] tmp = new byte[newLength];
+
+        if (data.length - from < newLength)
+        {
+            System.arraycopy(data, from, tmp, 0, data.length - from);
+        }
+        else
+        {
+            System.arraycopy(data, from, tmp, 0, newLength);
+        }
+
+        return tmp;
+    }
+
+    public static int[] copyOfRange(int[] data, int from, int to)
+    {
+        int newLength = getLength(from, to);
+
+        int[] tmp = new int[newLength];
+
+        if (data.length - from < newLength)
+        {
+            System.arraycopy(data, from, tmp, 0, data.length - from);
+        }
+        else
+        {
+            System.arraycopy(data, from, tmp, 0, newLength);
+        }
+
+        return tmp;
+    }
+
+    public static long[] copyOfRange(long[] data, int from, int to)
+    {
+        int newLength = getLength(from, to);
+
+        long[] tmp = new long[newLength];
+
+        if (data.length - from < newLength)
+        {
+            System.arraycopy(data, from, tmp, 0, data.length - from);
+        }
+        else
+        {
+            System.arraycopy(data, from, tmp, 0, newLength);
+        }
+
+        return tmp;
+    }
+
+    public static BigInteger[] copyOfRange(BigInteger[] data, int from, int to)
+    {
+        int newLength = getLength(from, to);
+
+        BigInteger[] tmp = new BigInteger[newLength];
+
+        if (data.length - from < newLength)
+        {
+            System.arraycopy(data, from, tmp, 0, data.length - from);
+        }
+        else
+        {
+            System.arraycopy(data, from, tmp, 0, newLength);
+        }
+
+        return tmp;
+    }
+
+    private static int getLength(int from, int to)
+    {
+        int newLength = to - from;
+        if (newLength < 0)
+        {
+            StringBuffer sb = new StringBuffer(from);
+            sb.append(" > ").append(to);
+            throw new IllegalArgumentException(sb.toString());
+        }
+        return newLength;
+    }
+
+    public static byte[] append(byte[] a, byte b)
+    {
+        if (a == null)
+        {
+            return new byte[]{ b };
+        }
+
+        int length = a.length;
+        byte[] result = new byte[length + 1];
+        System.arraycopy(a, 0, result, 0, length);
+        result[length] = b;
+        return result;
+    }
+
+    public static short[] append(short[] a, short b)
+    {
+        if (a == null)
+        {
+            return new short[]{ b };
+        }
+
+        int length = a.length;
+        short[] result = new short[length + 1];
+        System.arraycopy(a, 0, result, 0, length);
+        result[length] = b;
+        return result;
+    }
+
+    public static int[] append(int[] a, int b)
+    {
+        if (a == null)
+        {
+            return new int[]{ b };
+        }
+
+        int length = a.length;
+        int[] result = new int[length + 1];
+        System.arraycopy(a, 0, result, 0, length);
+        result[length] = b;
+        return result;
+    }
+
+    public static String[] append(String[] a, String b)
+    {
+        if (a == null)
+        {
+            return new String[]{ b };
+        }
+
+        int length = a.length;
+        String[] result = new String[length + 1];
+        System.arraycopy(a, 0, result, 0, length);
+        result[length] = b;
+        return result;
+    }
+
+
+
+    public static byte[] concatenate(byte[] a, byte[] b)
+    {
+        if (a != null && b != null)
+        {
+            byte[] rv = new byte[a.length + b.length];
+
+            System.arraycopy(a, 0, rv, 0, a.length);
+            System.arraycopy(b, 0, rv, a.length, b.length);
+
+            return rv;
+        }
+        else if (b != null)
+        {
+            return clone(b);
+        }
+        else
+        {
+            return clone(a);
+        }
+    }
+
+    public static byte[] concatenate(byte[] a, byte[] b, byte[] c)
+    {
+        if (a != null && b != null && c != null)
+        {
+            byte[] rv = new byte[a.length + b.length + c.length];
+
+            System.arraycopy(a, 0, rv, 0, a.length);
+            System.arraycopy(b, 0, rv, a.length, b.length);
+            System.arraycopy(c, 0, rv, a.length + b.length, c.length);
+
+            return rv;
+        }
+        else if (a == null)
+        {
+            return concatenate(b, c);
+        }
+        else if (b == null)
+        {
+            return concatenate(a, c);
+        }
+        else
+        {
+            return concatenate(a, b);
+        }
+    }
+
+    public static byte[] concatenate(byte[] a, byte[] b, byte[] c, byte[] d)
+    {
+        if (a != null && b != null && c != null && d != null)
+        {
+            byte[] rv = new byte[a.length + b.length + c.length + d.length];
+
+            System.arraycopy(a, 0, rv, 0, a.length);
+            System.arraycopy(b, 0, rv, a.length, b.length);
+            System.arraycopy(c, 0, rv, a.length + b.length, c.length);
+            System.arraycopy(d, 0, rv, a.length + b.length + c.length, d.length);
+
+            return rv;
+        }
+        else if (d == null)
+        {
+            return concatenate(a, b, c);
+        }
+        else if (c == null)
+        {
+            return concatenate(a, b, d);
+        }
+        else if (b == null)
+        {
+            return concatenate(a, c, d);
+        }
+        else
+        {
+            return concatenate(b, c, d);
+        }
+    }
+
+    public static byte[] concatenate(byte[][] arrays)
+    {
+        int size = 0;
+        for (int i = 0; i != arrays.length; i++)
+        {
+            size += arrays[i].length;
+        }
+
+        byte[] rv = new byte[size];
+
+        int offSet = 0;
+        for (int i = 0; i != arrays.length; i++)
+        {
+            System.arraycopy(arrays[i], 0, rv, offSet, arrays[i].length);
+            offSet += arrays[i].length;
+        }
+
+        return rv;
+    }
+
+    public static int[] concatenate(int[] a, int[] b)
+    {
+        if (a == null)
+        {
+            return clone(b);
+        }
+        if (b == null)
+        {
+            return clone(a);
+        }
+
+        int[] c = new int[a.length + b.length];
+        System.arraycopy(a, 0, c, 0, a.length);
+        System.arraycopy(b, 0, c, a.length, b.length);
+        return c;
+    }
+
+    public static byte[] prepend(byte[] a, byte b)
+    {
+        if (a == null)
+        {
+            return new byte[]{ b };
+        }
+
+        int length = a.length;
+        byte[] result = new byte[length + 1];
+        System.arraycopy(a, 0, result, 1, length);
+        result[0] = b;
+        return result;
+    }
+
+    public static short[] prepend(short[] a, short b)
+    {
+        if (a == null)
+        {
+            return new short[]{ b };
+        }
+
+        int length = a.length;
+        short[] result = new short[length + 1];
+        System.arraycopy(a, 0, result, 1, length);
+        result[0] = b;
+        return result;
+    }
+
+    public static int[] prepend(int[] a, int b)
+    {
+        if (a == null)
+        {
+            return new int[]{ b };
+        }
+
+        int length = a.length;
+        int[] result = new int[length + 1];
+        System.arraycopy(a, 0, result, 1, length);
+        result[0] = b;
+        return result;
+    }
+
+    public static byte[] reverse(byte[] a)
+    {
+        if (a == null)
+        {
+            return null;
+        }
+
+        int p1 = 0, p2 = a.length;
+        byte[] result = new byte[p2];
+
+        while (--p2 >= 0)
+        {
+            result[p2] = a[p1++];
+        }
+
+        return result;
+    }
+
+    public static int[] reverse(int[] a)
+    {
+        if (a == null)
+        {
+            return null;
+        }
+
+        int p1 = 0, p2 = a.length;
+        int[] result = new int[p2];
+
+        while (--p2 >= 0)
+        {
+            result[p2] = a[p1++];
+        }
+
+        return result;
+    }
+
+    /**
+     * Iterator backed by a specific array.
+     * @hide This class is not part of the Android public SDK API
+     */
+    public static class Iterator<T>
+        implements java.util.Iterator<T>
+    {
+        private final T[] dataArray;
+
+        private int position = 0;
+
+        /**
+         * Base constructor.
+         * <p>
+         * Note: the array is not cloned, changes to it will affect the values returned by next().
+         * </p>
+         *
+         * @param dataArray array backing the iterator.
+         */
+        public Iterator(T[] dataArray)
+        {
+            this.dataArray = dataArray;
+        }
+
+        public boolean hasNext()
+        {
+            return position < dataArray.length;
+        }
+
+        public T next()
+        {
+            if (position == dataArray.length)
+            {
+                throw new NoSuchElementException("Out of elements: " + position);
+            }
+
+            return dataArray[position++];
+        }
+
+        public void remove()
+        {
+            throw new UnsupportedOperationException("Cannot remove element from an Array.");
+        }
+    }
+
+    /**
+     * Fill input array by zeros
+     *
+     * @param array input array
+     */
+    public static void clear(byte[] array)
+    {
+        if (array != null)
+        {
+            for (int i = 0; i < array.length; i++)
+            {
+                array[i] = 0;
+            }
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/BigIntegers.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/BigIntegers.java
new file mode 100644
index 0000000..fe7dbb8
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/BigIntegers.java

@@ -0,0 +1,205 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util;
+
+import java.math.BigInteger;
+import java.security.SecureRandom;
+
+/**
+ * BigInteger utilities.
+ * @hide This class is not part of the Android public SDK API
+ */
+public final class BigIntegers
+{
+    public static final BigInteger ZERO = BigInteger.valueOf(0);
+    public static final BigInteger ONE = BigInteger.valueOf(1);
+
+    private static final BigInteger TWO = BigInteger.valueOf(2);
+    private static final BigInteger THREE = BigInteger.valueOf(3);
+
+    private static final int MAX_ITERATIONS = 1000;
+
+    /**
+     * Return the passed in value as an unsigned byte array.
+     * 
+     * @param value value to be converted.
+     * @return a byte array without a leading zero byte if present in the signed encoding.
+     */
+    public static byte[] asUnsignedByteArray(
+        BigInteger value)
+    {
+        byte[] bytes = value.toByteArray();
+        
+        if (bytes[0] == 0)
+        {
+            byte[] tmp = new byte[bytes.length - 1];
+            
+            System.arraycopy(bytes, 1, tmp, 0, tmp.length);
+            
+            return tmp;
+        }
+        
+        return bytes;
+    }
+
+    /**
+     * Return the passed in value as an unsigned byte array.
+     *
+     * @param value value to be converted.
+     * @return a byte array without a leading zero byte if present in the signed encoding.
+     */
+    public static byte[] asUnsignedByteArray(int length, BigInteger value)
+    {
+        byte[] bytes = value.toByteArray();
+        if (bytes.length == length)
+        {
+            return bytes;
+        }
+
+        int start = bytes[0] == 0 ? 1 : 0;
+        int count = bytes.length - start;
+
+        if (count > length)
+        {
+            throw new IllegalArgumentException("standard length exceeded for value");
+        }
+
+        byte[] tmp = new byte[length];
+        System.arraycopy(bytes, start, tmp, tmp.length - count, count);
+        return tmp;
+    }
+
+    /**
+     * Return a random BigInteger not less than 'min' and not greater than 'max'
+     * 
+     * @param min the least value that may be generated
+     * @param max the greatest value that may be generated
+     * @param random the source of randomness
+     * @return a random BigInteger value in the range [min,max]
+     */
+    public static BigInteger createRandomInRange(
+        BigInteger      min,
+        BigInteger      max,
+        SecureRandom    random)
+    {
+        int cmp = min.compareTo(max);
+        if (cmp >= 0)
+        {
+            if (cmp > 0)
+            {
+                throw new IllegalArgumentException("'min' may not be greater than 'max'");
+            }
+
+            return min;
+        }
+
+        if (min.bitLength() > max.bitLength() / 2)
+        {
+            return createRandomInRange(ZERO, max.subtract(min), random).add(min);
+        }
+
+        for (int i = 0; i < MAX_ITERATIONS; ++i)
+        {
+            BigInteger x = createRandomBigInteger(max.bitLength(), random);
+            if (x.compareTo(min) >= 0 && x.compareTo(max) <= 0)
+            {
+                return x;
+            }
+        }
+
+        // fall back to a faster (restricted) method
+        return createRandomBigInteger(max.subtract(min).bitLength() - 1, random).add(min);
+    }
+
+    public static BigInteger fromUnsignedByteArray(byte[] buf)
+    {
+        return new BigInteger(1, buf);
+    }
+
+    public static BigInteger fromUnsignedByteArray(byte[] buf, int off, int length)
+    {
+        byte[] mag = buf;
+        if (off != 0 || length != buf.length)
+        {
+            mag = new byte[length];
+            System.arraycopy(buf, off, mag, 0, length);
+        }
+        return new BigInteger(1, mag);
+    }
+
+    public static int getUnsignedByteLength(BigInteger n)
+    {
+        return (n.bitLength() + 7) / 8;
+    }
+
+    /**
+     * Return a positive BigInteger in the range of 0 to 2**bitLength - 1.
+     *
+     * @param bitLength maximum bit length for the generated BigInteger.
+     * @param random a source of randomness.
+     * @return a positive BigInteger
+     */
+    public static BigInteger createRandomBigInteger(int bitLength, SecureRandom random)
+    {
+        return new BigInteger(1, createRandom(bitLength, random));
+    }
+
+    /**
+     * Return a prime number candidate of the specified bit length.
+     *
+     * @param bitLength bit length for the generated BigInteger.
+     * @param random a source of randomness.
+     * @return a positive BigInteger of numBits length
+     */
+    public static BigInteger createRandomPrime(int bitLength, int certainty, SecureRandom random)
+    {
+        if (bitLength < 2)
+        {
+            throw new IllegalArgumentException("bitLength < 2");
+        }
+
+        BigInteger rv;
+
+        if (bitLength == 2)
+        {
+            return (random.nextInt() < 0) ? TWO : THREE;
+        }
+
+        do
+        {
+            byte[] base = createRandom(bitLength, random);
+
+            int xBits = 8 * base.length - bitLength;
+            byte lead = (byte)(1 << (7 - xBits));
+
+            // ensure top and bottom bit set
+            base[0] |= lead;
+            base[base.length - 1] |= 0x01;
+
+            rv = new BigInteger(1, base);
+        }
+        while (!rv.isProbablePrime(certainty));
+
+        return rv;
+    }
+
+    private static byte[] createRandom(int bitLength, SecureRandom random)
+        throws IllegalArgumentException
+    {
+        if (bitLength < 1)
+        {
+            throw new IllegalArgumentException("bitLength must be at least 1");
+        }
+
+        int nBytes = (bitLength + 7) / 8;
+
+        byte[] rv = new byte[nBytes];
+
+        random.nextBytes(rv);
+
+        // strip off any excess bits in the MSB
+        int xBits = 8 * nBytes - bitLength;
+        rv[0] &= (byte)(255 >>> xBits);
+
+        return rv;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/CollectionStore.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/CollectionStore.java
new file mode 100644
index 0000000..b48efd4
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/CollectionStore.java

@@ -0,0 +1,64 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util;
+
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Iterator;
+import java.util.List;
+
+/**
+ * A simple collection backed store.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class CollectionStore<T>
+    implements Store<T>, Iterable<T>
+{
+    private Collection<T> _local;
+
+    /**
+     * Basic constructor.
+     *
+     * @param collection - initial contents for the store, this is copied.
+     */
+    public CollectionStore(
+        Collection<T> collection)
+    {
+        _local = new ArrayList<T>(collection);
+    }
+
+    /**
+     * Return the matches in the collection for the passed in selector.
+     *
+     * @param selector the selector to match against.
+     * @return a possibly empty collection of matching objects.
+     */
+    public Collection<T> getMatches(Selector<T> selector)
+    {
+        if (selector == null)
+        {
+            return new ArrayList<T>(_local);
+        }
+        else
+        {
+            List<T> col = new ArrayList<T>();
+            Iterator<T> iter = _local.iterator();
+
+            while (iter.hasNext())
+            {
+                T obj = iter.next();
+
+                if (selector.match(obj))
+                {
+                    col.add(obj);
+                }
+            }
+
+            return col;
+        }
+    }
+
+    public Iterator<T> iterator()
+    {
+        return getMatches(null).iterator();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Encodable.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Encodable.java
new file mode 100644
index 0000000..3292555
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Encodable.java

@@ -0,0 +1,20 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util;
+
+import java.io.IOException;
+
+/**
+ * Interface implemented by objects that can be converted into byte arrays.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface Encodable
+{
+    /**
+     * Return a byte array representing the implementing object.
+     *
+     * @return a byte array representing the encoding.
+     * @throws java.io.IOException if an issue arises generation the encoding.
+     */
+    byte[] getEncoded()
+        throws IOException;
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Fingerprint.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Fingerprint.java
new file mode 100644
index 0000000..ee7502f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Fingerprint.java

@@ -0,0 +1,182 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util;
+
+// Android-changed: Use Android digests
+// import org.bouncycastle.crypto.digests.SHA512tDigest;
+// import org.bouncycastle.crypto.digests.SHAKEDigest;
+import com.android.org.bouncycastle.crypto.Digest;
+import com.android.org.bouncycastle.crypto.digests.AndroidDigestFactory;
+
+/**
+ * Basic 20 byte finger print class.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class Fingerprint
+{
+    private static char[] encodingTable =
+    {
+        '0', '1', '2', '3', '4', '5', '6', '7',
+        '8', '9', 'a', 'b', 'c', 'd', 'e', 'f'
+    };
+
+    private final byte[] fingerprint;
+
+    /**
+     * Base constructor - use SHAKE-256 (160 bits). This is the recommended one as it is also
+     * produced by the FIPS API.
+     *
+     * @param source original data to calculate the fingerprint from.
+     */
+    public Fingerprint(byte[] source)
+    {
+        this(source, 160);
+    }
+
+    /**
+     * Constructor with length - use SHAKE-256 (bitLength bits). This is the recommended one as it is also
+     * produced by the FIPS API.
+     *
+     * @param source original data to calculate the fingerprint from.
+     */
+    public Fingerprint(byte[] source, int bitLength)
+    {
+        this.fingerprint = calculateFingerprint(source, bitLength);
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /*
+    /**
+     * Base constructor - for backwards compatibility.
+     *
+     * @param source original data to calculate the fingerprint from.
+     * @param useSHA512t use the old SHA512/160 calculation.
+     * @deprecated use the SHAKE only version.
+     *
+    public Fingerprint(byte[] source, boolean useSHA512t)
+    {
+        if (useSHA512t)
+        {
+            this.fingerprint = calculateFingerprintSHA512_160(source);
+        }
+        else
+        {
+            this.fingerprint = calculateFingerprint(source);
+        }
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+
+    public byte[] getFingerprint()
+    {
+        return Arrays.clone(fingerprint);
+    }
+
+    public String toString()
+    {
+        StringBuffer sb = new StringBuffer();
+        for (int i = 0; i != fingerprint.length; i++)
+        {
+            if (i > 0)
+            {
+                sb.append(":");
+            }
+            sb.append(encodingTable[(fingerprint[i] >>> 4) & 0xf]);
+            sb.append(encodingTable[fingerprint[i] & 0x0f]);
+        }
+
+        return sb.toString();
+    }
+
+    public boolean equals(Object o)
+    {
+        if (o == this)
+        {
+            return true;
+        }
+        if (o instanceof Fingerprint)
+        {
+            return Arrays.areEqual(((Fingerprint)o).fingerprint, fingerprint);
+        }
+
+        return false;
+    }
+
+    public int hashCode()
+    {
+        return Arrays.hashCode(fingerprint);
+    }
+
+    /**
+     * Return a byte array containing a calculated fingerprint for the passed in input data.
+     * This calculation is compatible with the BC FIPS API.
+     *
+     * @param input data to base the fingerprint on.
+     * @return a byte array containing a 160 bit fingerprint.
+     */
+    public static byte[] calculateFingerprint(byte[] input)
+    {
+        return calculateFingerprint(input, 160);
+    }
+
+    /*
+    /**
+     * Return a byte array containing a calculated fingerprint for the passed in input data.
+     * This calculation is compatible with the BC FIPS API.
+     *
+     * @param input data to base the fingerprint on.
+     * @param bitLength bit length of finger print to be produced.
+     * @return a byte array containing a 20 byte fingerprint.
+     */
+    public static byte[] calculateFingerprint(byte[] input, int bitLength)
+    {
+        if (bitLength % 8 != 0)
+        {
+            throw new IllegalArgumentException("bitLength must be a multiple of 8");
+        }
+
+        // Android-changed: Use SHA-256 instead of SHAKE-256, since we don't support SHAKE
+        // SHAKEDigest digest = new SHAKEDigest(256);
+        Digest digest = AndroidDigestFactory.getSHA256();
+
+        digest.update(input, 0, input.length);
+
+        byte[] rv = new byte[bitLength / 8];
+
+        // Android-changed: Hash and truncate since SHA-256 doesn't support variable length output
+        //
+        // digest.doFinal(rv, 0, bitLength / 8);
+        byte[] untruncated = new byte[32];
+        digest.doFinal(untruncated, 0);
+        if ((bitLength / 8) >= 32) {
+            return untruncated;
+        }
+
+        System.arraycopy(untruncated, 0, rv, 0, rv.length);
+
+        return rv;
+    }
+
+    // BEGIN Android-removed: Unsupported algorithms
+    /**
+     * Return a byte array containing a calculated fingerprint for the passed in input data.
+     * The fingerprint is based on SHA512/160.
+     *
+     * @param input data to base the fingerprint on.
+     * @return a byte array containing a 20 byte fingerprint.
+     * @deprecated use the SHAKE based version.
+     *
+    public static byte[] calculateFingerprintSHA512_160(byte[] input)
+    {
+        SHA512tDigest digest = new SHA512tDigest(160);
+
+        digest.update(input, 0, input.length);
+
+        byte[] rv = new byte[digest.getDigestSize()];
+
+        digest.doFinal(rv, 0);
+
+        return rv;
+    }
+    */
+    // END Android-removed: Unsupported algorithms
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/IPAddress.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/IPAddress.java
new file mode 100644
index 0000000..b5f960c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/IPAddress.java

@@ -0,0 +1,193 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util;
+
+/**
+ * Utility methods for processing String objects containing IP addresses.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class IPAddress
+{
+    /**
+     * Validate the given IPv4 or IPv6 address.
+     *
+     * @param address the IP address as a String.
+     *
+     * @return true if a valid address, false otherwise
+     */
+    public static boolean isValid(
+        String address)
+    {
+        return isValidIPv4(address) || isValidIPv6(address);
+    }
+
+    /**
+     * Validate the given IPv4 or IPv6 address and netmask.
+     *
+     * @param address the IP address as a String.
+     *
+     * @return true if a valid address with netmask, false otherwise
+     */
+    public static boolean isValidWithNetMask(
+        String address)
+    {
+        return isValidIPv4WithNetmask(address) || isValidIPv6WithNetmask(address);
+    }
+
+    /**
+     * Validate the given IPv4 address.
+     * 
+     * @param address the IP address as a String.
+     *
+     * @return true if a valid IPv4 address, false otherwise
+     */
+    public static boolean isValidIPv4(
+        String address)
+    {
+        if (address.length() == 0)
+        {
+            return false;
+        }
+
+        int octet;
+        int octets = 0;
+        
+        String temp = address+".";
+
+        int pos;
+        int start = 0;
+        while (start < temp.length()
+            && (pos = temp.indexOf('.', start)) > start)
+        {
+            if (octets == 4)
+            {
+                return false;
+            }
+            try
+            {
+                octet = Integer.parseInt(temp.substring(start, pos));
+            }
+            catch (NumberFormatException ex)
+            {
+                return false;
+            }
+            if (octet < 0 || octet > 255)
+            {
+                return false;
+            }
+            start = pos + 1;
+            octets++;
+        }
+
+        return octets == 4;
+    }
+
+    public static boolean isValidIPv4WithNetmask(
+        String address)
+    {
+        int index = address.indexOf("/");
+        String mask = address.substring(index + 1);
+
+        return (index > 0) && isValidIPv4(address.substring(0, index))
+                           && (isValidIPv4(mask) || isMaskValue(mask, 32));
+    }
+
+    public static boolean isValidIPv6WithNetmask(
+        String address)
+    {
+        int index = address.indexOf("/");
+        String mask = address.substring(index + 1);
+
+        return (index > 0) && (isValidIPv6(address.substring(0, index))
+                           && (isValidIPv6(mask) || isMaskValue(mask, 128)));
+    }
+
+    private static boolean isMaskValue(String component, int size)
+    {
+        try
+        {
+            int value = Integer.parseInt(component);
+
+            return value >= 0 && value <= size;
+        }
+        catch (NumberFormatException e)
+        {
+            return false;
+        }
+    }
+
+    /**
+     * Validate the given IPv6 address.
+     *
+     * @param address the IP address as a String.
+     *
+     * @return true if a valid IPv6 address, false otherwise
+     */
+    public static boolean isValidIPv6(
+        String address)
+    {
+        if (address.length() == 0)
+        {
+            return false;
+        }
+
+        int octet;
+        int octets = 0;
+
+        String temp = address + ":";
+        boolean doubleColonFound = false;
+        int pos;
+        int start = 0;
+        while (start < temp.length()
+            && (pos = temp.indexOf(':', start)) >= start)
+        {
+            if (octets == 8)
+            {
+                return false;
+            }
+
+            if (start != pos)
+            {
+                String value = temp.substring(start, pos);
+
+                if (pos == (temp.length() - 1) && value.indexOf('.') > 0)
+                {
+                    if (!isValidIPv4(value))
+                    {
+                        return false;
+                    }
+
+                    octets++; // add an extra one as address covers 2 words.
+                }
+                else
+                {
+                    try
+                    {
+                        octet = Integer.parseInt(temp.substring(start, pos), 16);
+                    }
+                    catch (NumberFormatException ex)
+                    {
+                        return false;
+                    }
+                    if (octet < 0 || octet > 0xffff)
+                    {
+                        return false;
+                    }
+                }
+            }
+            else
+            {
+                if (pos != 1 && pos != temp.length() - 1 && doubleColonFound)
+                {
+                    return false;
+                }
+                doubleColonFound = true;
+            }
+            start = pos + 1;
+            octets++;
+        }
+
+        return octets == 8 || doubleColonFound;
+    }
+}
+
+

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Integers.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Integers.java
new file mode 100644
index 0000000..70e870d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Integers.java

@@ -0,0 +1,24 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util;
+
+/**
+ * Utility methods for ints.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class Integers
+{
+    public static int rotateLeft(int i, int distance)
+    {
+        return Integer.rotateLeft(i, distance);
+    }
+
+    public static int rotateRight(int i, int distance)
+    {
+        return Integer.rotateRight(i, distance);
+    }
+
+    public static Integer valueOf(int value)
+    {
+        return Integer.valueOf(value);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Iterable.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Iterable.java
new file mode 100644
index 0000000..9231f11
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Iterable.java

@@ -0,0 +1,20 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util;
+
+import java.util.Iterator;
+
+/**
+ * Utility class to allow use of Iterable feature in JDK 1.5+
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public interface Iterable<T>
+    extends java.lang.Iterable<T>
+{
+    /**
+     * Returns an iterator over a set of elements of type T.
+     *
+     * @return an Iterator.
+     */
+    Iterator<T> iterator();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Memoable.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Memoable.java
new file mode 100644
index 0000000..4c71b23
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Memoable.java

@@ -0,0 +1,29 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util;
+
+/**
+ * Interface for Memoable objects. Memoable objects allow the taking of a snapshot of their internal state
+ * via the copy() method and then reseting the object back to that state later using the reset() method.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface Memoable
+{
+    /**
+     * Produce a copy of this object with its configuration and in its current state.
+     * <p>
+     * The returned object may be used simply to store the state, or may be used as a similar object
+     * starting from the copied state.
+     */
+    Memoable copy();
+
+    /**
+     * Restore a copied object state into this object.
+     * <p>
+     * Implementations of this method <em>should</em> try to avoid or minimise memory allocation to perform the reset.
+     *
+     * @param other an object originally {@link #copy() copied} from an object of the same type as this instance.
+     * @throws ClassCastException if the provided object is not of the correct type.
+     * @throws MemoableResetException if the <b>other</b> parameter is in some other way invalid.
+     */
+    void reset(Memoable other);
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Pack.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Pack.java
new file mode 100644
index 0000000..d4f9db7
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Pack.java

@@ -0,0 +1,262 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util;
+
+/**
+ * Utility methods for converting byte arrays into ints and longs, and back again.
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class Pack
+{
+    public static short bigEndianToShort(byte[] bs, int off)
+    {
+        int n = (bs[  off] & 0xff) << 8;
+        n |= (bs[++off] & 0xff);
+        return (short)n;
+    }
+
+    public static int bigEndianToInt(byte[] bs, int off)
+    {
+        int n = bs[  off] << 24;
+        n |= (bs[++off] & 0xff) << 16;
+        n |= (bs[++off] & 0xff) << 8;
+        n |= (bs[++off] & 0xff);
+        return n;
+    }
+
+    public static void bigEndianToInt(byte[] bs, int off, int[] ns)
+    {
+        for (int i = 0; i < ns.length; ++i)
+        {
+            ns[i] = bigEndianToInt(bs, off);
+            off += 4;
+        }
+    }
+
+    public static byte[] intToBigEndian(int n)
+    {
+        byte[] bs = new byte[4];
+        intToBigEndian(n, bs, 0);
+        return bs;
+    }
+
+    public static void intToBigEndian(int n, byte[] bs, int off)
+    {
+        bs[  off] = (byte)(n >>> 24);
+        bs[++off] = (byte)(n >>> 16);
+        bs[++off] = (byte)(n >>>  8);
+        bs[++off] = (byte)(n       );
+    }
+
+    public static byte[] intToBigEndian(int[] ns)
+    {
+        byte[] bs = new byte[4 * ns.length];
+        intToBigEndian(ns, bs, 0);
+        return bs;
+    }
+
+    public static void intToBigEndian(int[] ns, byte[] bs, int off)
+    {
+        for (int i = 0; i < ns.length; ++i)
+        {
+            intToBigEndian(ns[i], bs, off);
+            off += 4;
+        }
+    }
+
+    public static long bigEndianToLong(byte[] bs, int off)
+    {
+        int hi = bigEndianToInt(bs, off);
+        int lo = bigEndianToInt(bs, off + 4);
+        return ((long)(hi & 0xffffffffL) << 32) | (long)(lo & 0xffffffffL);
+    }
+
+    public static void bigEndianToLong(byte[] bs, int off, long[] ns)
+    {
+        for (int i = 0; i < ns.length; ++i)
+        {
+            ns[i] = bigEndianToLong(bs, off);
+            off += 8;
+        }
+    }
+
+    public static byte[] longToBigEndian(long n)
+    {
+        byte[] bs = new byte[8];
+        longToBigEndian(n, bs, 0);
+        return bs;
+    }
+
+    public static void longToBigEndian(long n, byte[] bs, int off)
+    {
+        intToBigEndian((int)(n >>> 32), bs, off);
+        intToBigEndian((int)(n & 0xffffffffL), bs, off + 4);
+    }
+
+    public static byte[] longToBigEndian(long[] ns)
+    {
+        byte[] bs = new byte[8 * ns.length];
+        longToBigEndian(ns, bs, 0);
+        return bs;
+    }
+
+    public static void longToBigEndian(long[] ns, byte[] bs, int off)
+    {
+        for (int i = 0; i < ns.length; ++i)
+        {
+            longToBigEndian(ns[i], bs, off);
+            off += 8;
+        }
+    }
+
+    public static short littleEndianToShort(byte[] bs, int off)
+    {
+        int n = bs[  off] & 0xff;
+        n |= (bs[++off] & 0xff) << 8;
+        return (short)n;
+    }
+
+    public static int littleEndianToInt(byte[] bs, int off)
+    {
+        int n = bs[  off] & 0xff;
+        n |= (bs[++off] & 0xff) << 8;
+        n |= (bs[++off] & 0xff) << 16;
+        n |= bs[++off] << 24;
+        return n;
+    }
+
+    public static void littleEndianToInt(byte[] bs, int off, int[] ns)
+    {
+        for (int i = 0; i < ns.length; ++i)
+        {
+            ns[i] = littleEndianToInt(bs, off);
+            off += 4;
+        }
+    }
+
+    public static void littleEndianToInt(byte[] bs, int bOff, int[] ns, int nOff, int count)
+    {
+        for (int i = 0; i < count; ++i)
+        {
+            ns[nOff + i] = littleEndianToInt(bs, bOff);
+            bOff += 4;
+        }
+    }
+
+    public static int[] littleEndianToInt(byte[] bs, int off, int count)
+    {
+        int[] ns = new int[count];
+        for (int i = 0; i < ns.length; ++i)
+        {
+            ns[i] = littleEndianToInt(bs, off);
+            off += 4;
+        }
+        return ns;
+    }
+
+    public static byte[] shortToLittleEndian(short n)
+    {
+        byte[] bs = new byte[2];
+        shortToLittleEndian(n, bs, 0);
+        return bs;
+    }
+
+    public static void shortToLittleEndian(short n, byte[] bs, int off)
+    {
+        bs[  off] = (byte)(n       );
+        bs[++off] = (byte)(n >>>  8);
+    }
+
+    public static byte[] intToLittleEndian(int n)
+    {
+        byte[] bs = new byte[4];
+        intToLittleEndian(n, bs, 0);
+        return bs;
+    }
+
+    public static void intToLittleEndian(int n, byte[] bs, int off)
+    {
+        bs[  off] = (byte)(n       );
+        bs[++off] = (byte)(n >>>  8);
+        bs[++off] = (byte)(n >>> 16);
+        bs[++off] = (byte)(n >>> 24);
+    }
+
+    public static byte[] intToLittleEndian(int[] ns)
+    {
+        byte[] bs = new byte[4 * ns.length];
+        intToLittleEndian(ns, bs, 0);
+        return bs;
+    }
+
+    public static void intToLittleEndian(int[] ns, byte[] bs, int off)
+    {
+        for (int i = 0; i < ns.length; ++i)
+        {
+            intToLittleEndian(ns[i], bs, off);
+            off += 4;
+        }
+    }
+
+    public static long littleEndianToLong(byte[] bs, int off)
+    {
+        int lo = littleEndianToInt(bs, off);
+        int hi = littleEndianToInt(bs, off + 4);
+        return ((long)(hi & 0xffffffffL) << 32) | (long)(lo & 0xffffffffL);
+    }
+
+    public static void littleEndianToLong(byte[] bs, int off, long[] ns)
+    {
+        for (int i = 0; i < ns.length; ++i)
+        {
+            ns[i] = littleEndianToLong(bs, off);
+            off += 8;
+        }
+    }
+
+    public static void littleEndianToLong(byte[] bs, int bsOff, long[] ns, int nsOff, int nsLen)
+    {
+        for (int i = 0; i < nsLen; ++i)
+        {
+            ns[nsOff + i] = littleEndianToLong(bs, bsOff);
+            bsOff += 8;
+        }
+    }
+
+    public static byte[] longToLittleEndian(long n)
+    {
+        byte[] bs = new byte[8];
+        longToLittleEndian(n, bs, 0);
+        return bs;
+    }
+
+    public static void longToLittleEndian(long n, byte[] bs, int off)
+    {
+        intToLittleEndian((int)(n & 0xffffffffL), bs, off);
+        intToLittleEndian((int)(n >>> 32), bs, off + 4);
+    }
+
+    public static byte[] longToLittleEndian(long[] ns)
+    {
+        byte[] bs = new byte[8 * ns.length];
+        longToLittleEndian(ns, bs, 0);
+        return bs;
+    }
+
+    public static void longToLittleEndian(long[] ns, byte[] bs, int off)
+    {
+        for (int i = 0; i < ns.length; ++i)
+        {
+            longToLittleEndian(ns[i], bs, off);
+            off += 8;
+        }
+    }
+
+    public static void longToLittleEndian(long[] ns, int nsOff, int nsLen, byte[] bs, int bsOff)
+    {
+        for (int i = 0; i < nsLen; ++i)
+        {
+            longToLittleEndian(ns[nsOff + i], bs, bsOff);
+            bsOff += 8;
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Properties.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Properties.java
new file mode 100644
index 0000000..1fcbd38
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Properties.java

@@ -0,0 +1,153 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util;
+
+import java.math.BigInteger;
+import java.security.AccessControlException;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.util.Collections;
+import java.util.HashMap;
+import java.util.HashSet;
+import java.util.Map;
+import java.util.Set;
+import java.util.StringTokenizer;
+
+/**
+ * Utility method for accessing system properties.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class Properties
+{
+    private Properties()
+    {
+
+    }
+
+    private static final ThreadLocal threadProperties = new ThreadLocal();
+                          
+    /**
+     * Return whether a particular override has been set to true.
+     *
+     * @param propertyName the property name for the override.
+     * @return true if the property is set to "true", false otherwise.
+     */
+    public static boolean isOverrideSet(String propertyName)
+    {
+        try
+        {
+            String p = fetchProperty(propertyName);
+
+            if (p != null)
+            {
+                return "true".equals(Strings.toLowerCase(p));
+            }
+
+            return false;
+        }
+        catch (AccessControlException e)
+        {
+            return false;
+        }
+    }
+
+    /**
+     * Enable the specified override property for the current thread only.
+     *
+     * @param propertyName the property name for the override.
+     * @param enable true if the override should be enabled, false if it should be disabled.
+     * @return true if the override was already set, false otherwise.
+     */
+    public static boolean setThreadOverride(String propertyName, boolean enable)
+    {
+        boolean isSet = isOverrideSet(propertyName);
+
+        Map localProps = (Map)threadProperties.get();
+        if (localProps == null)
+        {
+            localProps = new HashMap();
+        }
+
+        localProps.put(propertyName, enable ? "true" : "false");
+
+        threadProperties.set(localProps);
+
+        return isSet;
+    }
+
+    /**
+     * Enable the specified override property in the current thread only.
+     *
+     * @param propertyName the property name for the override.
+     * @return true if the override set true in thread local, false otherwise.
+     */
+    public static boolean removeThreadOverride(String propertyName)
+    {
+        boolean isSet = isOverrideSet(propertyName);
+
+        Map localProps = (Map)threadProperties.get();
+        if (localProps == null)
+        {
+            return false;
+        }
+
+        localProps.remove(propertyName);
+
+        if (localProps.isEmpty())
+        {
+            threadProperties.remove();
+        }
+        else
+        {
+            threadProperties.set(localProps);
+        }
+
+        return isSet;
+    }
+
+    public static BigInteger asBigInteger(String propertyName)
+    {
+        String p = fetchProperty(propertyName);
+
+        if (p != null)
+        {
+            return new BigInteger(p);
+        }
+
+        return null;
+    }
+
+    public static Set<String> asKeySet(String propertyName)
+    {
+        Set<String> set = new HashSet<String>();
+
+        String p = fetchProperty(propertyName);
+
+        if (p != null)
+        {
+            StringTokenizer sTok = new StringTokenizer(p, ",");
+            while (sTok.hasMoreElements())
+            {
+                set.add(Strings.toLowerCase(sTok.nextToken()).trim());
+            }
+        }
+
+        return Collections.unmodifiableSet(set);
+    }
+
+    private static String fetchProperty(final String propertyName)
+    {
+        return (String)AccessController.doPrivileged(new PrivilegedAction()
+        {
+            public Object run()
+            {
+                Map localProps = (Map)threadProperties.get();
+                if (localProps != null)
+                {
+                    return localProps.get(propertyName);
+                }
+
+                return System.getProperty(propertyName);
+            }
+        });
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Selector.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Selector.java
new file mode 100644
index 0000000..7fd498f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Selector.java

@@ -0,0 +1,22 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util;
+
+/**
+ * Interface a selector from a store should conform to.
+ *
+ * @param <T> the type stored in the store.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface Selector<T>
+    extends Cloneable
+{
+    /**
+     * Match the passed in object, returning true if it would be selected by this selector, false otherwise.
+     *
+     * @param obj the object to be matched.
+     * @return true if the object is a match for this selector, false otherwise.
+     */
+    boolean match(T obj);
+
+    Object clone();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Store.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Store.java
new file mode 100644
index 0000000..0166507
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Store.java

@@ -0,0 +1,24 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util;
+
+import java.util.Collection;
+
+/**
+ * A generic interface describing a simple store of objects.
+ *
+ * @param <T> the object type stored.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface Store<T>
+{
+    /**
+     * Return a possibly empty collection of objects that match the criteria implemented
+     * in the passed in Selector.
+     *
+     * @param selector the selector defining the match criteria.
+     * @return a collection of matching objects, empty if none available.
+     * @throws StoreException if there is a failure during matching.
+     */
+    Collection<T> getMatches(Selector<T> selector)
+        throws StoreException;
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/StoreException.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/StoreException.java
new file mode 100644
index 0000000..61f7709
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/StoreException.java

@@ -0,0 +1,29 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util;
+
+/**
+ * Exception thrown if there's an issue doing a match in store.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class StoreException
+    extends RuntimeException
+{
+    private Throwable _e;
+
+    /**
+     * Basic Constructor.
+     *
+     * @param msg message to be associated with this exception.
+     * @param cause the throwable that caused this exception to be raised.
+     */
+    public StoreException(String msg, Throwable cause)
+    {
+        super(msg);
+        _e = cause;
+    }
+
+    public Throwable getCause()
+    {
+        return _e;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/StringList.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/StringList.java
new file mode 100644
index 0000000..0ad43ec
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/StringList.java

@@ -0,0 +1,44 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util;
+
+/**
+ * An interface defining a list of strings.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface StringList
+    extends Iterable<String>
+{
+    /**
+     * Add a String to the list.
+     *
+     * @param s the String to add.
+     * @return true
+     */
+    boolean add(String s);
+
+    /**
+     * Get the string at index index.
+     *
+     * @param index the index position of the String of interest.
+     * @return the String at position index.
+     */
+    String get(int index);
+
+    int size();
+
+    /**
+     * Return the contents of the list as an array.
+     *
+     * @return an array of String.
+     */
+    String[] toStringArray();
+
+    /**
+     * Return a section of the contents of the list. If the list is too short the array is filled with nulls.
+     *
+     * @param from the initial index of the range to be copied, inclusive
+     * @param to the final index of the range to be copied, exclusive.
+     * @return an array of length to - from
+     */
+    String[] toStringArray(int from, int to);
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Strings.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Strings.java
new file mode 100644
index 0000000..cf3b206
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/Strings.java

@@ -0,0 +1,347 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.OutputStream;
+import java.security.AccessController;
+import java.security.PrivilegedAction;
+import java.util.ArrayList;
+import java.util.Vector;
+
+import com.android.org.bouncycastle.util.encoders.UTF8;
+
+/**
+ * String utilities.
+ * @hide This class is not part of the Android public SDK API
+ */
+public final class Strings
+{
+    private static String LINE_SEPARATOR;
+
+    static
+    {
+        try
+        {
+            LINE_SEPARATOR = AccessController.doPrivileged(new PrivilegedAction<String>()
+            {
+                public String run()
+                {
+                    // the easy way
+                    return System.getProperty("line.separator");
+                }
+            });
+
+        }
+        catch (Exception e)
+        {
+            try
+            {
+                // the harder way
+                LINE_SEPARATOR = String.format("%n");
+            }
+            catch (Exception ef)
+            {
+                LINE_SEPARATOR = "\n";   // we're desperate use this...
+            }
+        }
+    }
+
+    public static String fromUTF8ByteArray(byte[] bytes)
+    {
+        char[] chars = new char[bytes.length];
+        int len = UTF8.transcodeToUTF16(bytes, chars);
+        if (len < 0)
+        {
+            throw new IllegalArgumentException("Invalid UTF-8 input");
+        }
+        return new String(chars, 0, len);
+    }
+
+    public static byte[] toUTF8ByteArray(String string)
+    {
+        return toUTF8ByteArray(string.toCharArray());
+    }
+
+    public static byte[] toUTF8ByteArray(char[] string)
+    {
+        ByteArrayOutputStream bOut = new ByteArrayOutputStream();
+
+        try
+        {
+            toUTF8ByteArray(string, bOut);
+        }
+        catch (IOException e)
+        {
+            throw new IllegalStateException("cannot encode string to byte array!");
+        }
+
+        return bOut.toByteArray();
+    }
+
+    public static void toUTF8ByteArray(char[] string, OutputStream sOut)
+        throws IOException
+    {
+        char[] c = string;
+        int i = 0;
+
+        while (i < c.length)
+        {
+            char ch = c[i];
+
+            if (ch < 0x0080)
+            {
+                sOut.write(ch);
+            }
+            else if (ch < 0x0800)
+            {
+                sOut.write(0xc0 | (ch >> 6));
+                sOut.write(0x80 | (ch & 0x3f));
+            }
+            // surrogate pair
+            else if (ch >= 0xD800 && ch <= 0xDFFF)
+            {
+                // in error - can only happen, if the Java String class has a
+                // bug.
+                if (i + 1 >= c.length)
+                {
+                    throw new IllegalStateException("invalid UTF-16 codepoint");
+                }
+                char W1 = ch;
+                ch = c[++i];
+                char W2 = ch;
+                // in error - can only happen, if the Java String class has a
+                // bug.
+                if (W1 > 0xDBFF)
+                {
+                    throw new IllegalStateException("invalid UTF-16 codepoint");
+                }
+                int codePoint = (((W1 & 0x03FF) << 10) | (W2 & 0x03FF)) + 0x10000;
+                sOut.write(0xf0 | (codePoint >> 18));
+                sOut.write(0x80 | ((codePoint >> 12) & 0x3F));
+                sOut.write(0x80 | ((codePoint >> 6) & 0x3F));
+                sOut.write(0x80 | (codePoint & 0x3F));
+            }
+            else
+            {
+                sOut.write(0xe0 | (ch >> 12));
+                sOut.write(0x80 | ((ch >> 6) & 0x3F));
+                sOut.write(0x80 | (ch & 0x3F));
+            }
+
+            i++;
+        }
+    }
+
+    /**
+     * A locale independent version of toUpperCase.
+     *
+     * @param string input to be converted
+     * @return a US Ascii uppercase version
+     */
+    public static String toUpperCase(String string)
+    {
+        boolean changed = false;
+        char[] chars = string.toCharArray();
+
+        for (int i = 0; i != chars.length; i++)
+        {
+            char ch = chars[i];
+            if ('a' <= ch && 'z' >= ch)
+            {
+                changed = true;
+                chars[i] = (char)(ch - 'a' + 'A');
+            }
+        }
+
+        if (changed)
+        {
+            return new String(chars);
+        }
+
+        return string;
+    }
+
+    /**
+     * A locale independent version of toLowerCase.
+     *
+     * @param string input to be converted
+     * @return a US ASCII lowercase version
+     */
+    public static String toLowerCase(String string)
+    {
+        boolean changed = false;
+        char[] chars = string.toCharArray();
+
+        for (int i = 0; i != chars.length; i++)
+        {
+            char ch = chars[i];
+            if ('A' <= ch && 'Z' >= ch)
+            {
+                changed = true;
+                chars[i] = (char)(ch - 'A' + 'a');
+            }
+        }
+
+        if (changed)
+        {
+            return new String(chars);
+        }
+
+        return string;
+    }
+
+    public static byte[] toByteArray(char[] chars)
+    {
+        byte[] bytes = new byte[chars.length];
+
+        for (int i = 0; i != bytes.length; i++)
+        {
+            bytes[i] = (byte)chars[i];
+        }
+
+        return bytes;
+    }
+
+
+    public static byte[] toByteArray(String string)
+    {
+        byte[] bytes = new byte[string.length()];
+
+        for (int i = 0; i != bytes.length; i++)
+        {
+            char ch = string.charAt(i);
+
+            bytes[i] = (byte)ch;
+        }
+
+        return bytes;
+    }
+
+    public static int toByteArray(String s, byte[] buf, int off)
+    {
+        int count = s.length();
+        for (int i = 0; i < count; ++i)
+        {
+            char c = s.charAt(i);
+            buf[off + i] = (byte)c;
+        }
+        return count;
+    }
+
+    /**
+     * Convert an array of 8 bit characters into a string.
+     *
+     * @param bytes 8 bit characters.
+     * @return resulting String.
+     */
+    public static String fromByteArray(byte[] bytes)
+    {
+        return new String(asCharArray(bytes));
+    }
+
+    /**
+     * Do a simple conversion of an array of 8 bit characters into a string.
+     *
+     * @param bytes 8 bit characters.
+     * @return resulting String.
+     */
+    public static char[] asCharArray(byte[] bytes)
+    {
+        char[] chars = new char[bytes.length];
+
+        for (int i = 0; i != chars.length; i++)
+        {
+            chars[i] = (char)(bytes[i] & 0xff);
+        }
+
+        return chars;
+    }
+
+    public static String[] split(String input, char delimiter)
+    {
+        Vector v = new Vector();
+        boolean moreTokens = true;
+        String subString;
+
+        while (moreTokens)
+        {
+            int tokenLocation = input.indexOf(delimiter);
+            if (tokenLocation > 0)
+            {
+                subString = input.substring(0, tokenLocation);
+                v.addElement(subString);
+                input = input.substring(tokenLocation + 1);
+            }
+            else
+            {
+                moreTokens = false;
+                v.addElement(input);
+            }
+        }
+
+        String[] res = new String[v.size()];
+
+        for (int i = 0; i != res.length; i++)
+        {
+            res[i] = (String)v.elementAt(i);
+        }
+        return res;
+    }
+
+    public static StringList newList()
+    {
+        return new StringListImpl();
+    }
+
+    public static String lineSeparator()
+    {
+        return LINE_SEPARATOR;
+    }
+
+    private static class StringListImpl
+        extends ArrayList<String>
+        implements StringList
+    {
+        public boolean add(String s)
+        {
+            return super.add(s);
+        }
+
+        public String set(int index, String element)
+        {
+            return super.set(index, element);
+        }
+
+        public void add(int index, String element)
+        {
+            super.add(index, element);
+        }
+
+        public String[] toStringArray()
+        {
+            String[] strs = new String[this.size()];
+
+            for (int i = 0; i != strs.length; i++)
+            {
+                strs[i] = this.get(i);
+            }
+
+            return strs;
+        }
+
+        public String[] toStringArray(int from, int to)
+        {
+            String[] strs = new String[to - from];
+
+            for (int i = from; i != this.size() && i != to; i++)
+            {
+                strs[i - from] = this.get(i);
+            }
+
+            return strs;
+        }
+    }
+
+
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/encoders/Base64.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/encoders/Base64.java
new file mode 100644
index 0000000..a685400
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/encoders/Base64.java

@@ -0,0 +1,177 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util.encoders;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.OutputStream;
+
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * Utility class for converting Base64 data to bytes and back again.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class Base64
+{
+    private static final Encoder encoder = new Base64Encoder();
+
+    public static String toBase64String(
+        byte[] data)
+    {
+        return toBase64String(data, 0, data.length);
+    }
+
+    public static String toBase64String(
+        byte[] data,
+        int off,
+        int length)
+    {
+        byte[] encoded = encode(data, off, length);
+        return Strings.fromByteArray(encoded);
+    }
+
+    /**
+     * encode the input data producing a base 64 encoded byte array.
+     *
+     * @return a byte array containing the base 64 encoded data.
+     */
+    public static byte[] encode(
+        byte[] data)
+    {
+        return encode(data, 0, data.length);
+    }
+
+    /**
+     * encode the input data producing a base 64 encoded byte array.
+     *
+     * @return a byte array containing the base 64 encoded data.
+     */
+    public static byte[] encode(
+        byte[] data,
+        int off,
+        int length)
+    {
+        int len = (length + 2) / 3 * 4;
+        ByteArrayOutputStream bOut = new ByteArrayOutputStream(len);
+
+        try
+        {
+            encoder.encode(data, off, length, bOut);
+        }
+        catch (Exception e)
+        {
+            throw new EncoderException("exception encoding base64 string: " + e.getMessage(), e);
+        }
+
+        return bOut.toByteArray();
+    }
+
+    /**
+     * Encode the byte data to base 64 writing it to the given output stream.
+     *
+     * @return the number of bytes produced.
+     */
+    public static int encode(
+        byte[] data,
+        OutputStream out)
+        throws IOException
+    {
+        return encoder.encode(data, 0, data.length, out);
+    }
+
+    /**
+     * Encode the byte data to base 64 writing it to the given output stream.
+     *
+     * @return the number of bytes produced.
+     */
+    public static int encode(
+        byte[] data,
+        int off,
+        int length,
+        OutputStream out)
+        throws IOException
+    {
+        return encoder.encode(data, off, length, out);
+    }
+
+    /**
+     * decode the base 64 encoded input data. It is assumed the input data is valid.
+     *
+     * @return a byte array representing the decoded data.
+     */
+    public static byte[] decode(
+        byte[] data)
+    {
+        int len = data.length / 4 * 3;
+        ByteArrayOutputStream bOut = new ByteArrayOutputStream(len);
+
+        try
+        {
+            encoder.decode(data, 0, data.length, bOut);
+        }
+        catch (Exception e)
+        {
+            throw new DecoderException("unable to decode base64 data: " + e.getMessage(), e);
+        }
+
+        return bOut.toByteArray();
+    }
+
+    /**
+     * decode the base 64 encoded String data - whitespace will be ignored.
+     *
+     * @return a byte array representing the decoded data.
+     */
+    public static byte[] decode(
+        String data)
+    {
+        int len = data.length() / 4 * 3;
+        ByteArrayOutputStream bOut = new ByteArrayOutputStream(len);
+
+        try
+        {
+            encoder.decode(data, bOut);
+        }
+        catch (Exception e)
+        {
+            throw new DecoderException("unable to decode base64 string: " + e.getMessage(), e);
+        }
+
+        return bOut.toByteArray();
+    }
+
+    /**
+     * decode the base 64 encoded String data writing it to the given output stream,
+     * whitespace characters will be ignored.
+     *
+     * @return the number of bytes produced.
+     */
+    public static int decode(
+        String data,
+        OutputStream out)
+        throws IOException
+    {
+        return encoder.decode(data, out);
+    }
+
+    /**
+     * Decode to an output stream;
+     *
+     * @param base64Data       The source data.
+     * @param start            Start position.
+     * @param length           the length.
+     * @param out The output stream to write to.
+     */
+    public static int decode(byte[] base64Data, int start, int length, OutputStream out)
+    {
+        try
+        {
+           return encoder.decode(base64Data, start, length, out);
+        }
+        catch (Exception e)
+        {
+            throw new DecoderException("unable to decode base64 data: " + e.getMessage(), e);
+        }
+
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/encoders/Base64Encoder.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/encoders/Base64Encoder.java
new file mode 100644
index 0000000..f5ed500
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/encoders/Base64Encoder.java

@@ -0,0 +1,380 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util.encoders;
+
+import java.io.IOException;
+import java.io.OutputStream;
+
+/**
+ * A streaming Base64 encoder.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class Base64Encoder
+    implements Encoder
+{
+    protected final byte[] encodingTable =
+    {
+        (byte)'A', (byte)'B', (byte)'C', (byte)'D', (byte)'E', (byte)'F', (byte)'G',
+        (byte)'H', (byte)'I', (byte)'J', (byte)'K', (byte)'L', (byte)'M', (byte)'N',
+        (byte)'O', (byte)'P', (byte)'Q', (byte)'R', (byte)'S', (byte)'T', (byte)'U',
+        (byte)'V', (byte)'W', (byte)'X', (byte)'Y', (byte)'Z',
+        (byte)'a', (byte)'b', (byte)'c', (byte)'d', (byte)'e', (byte)'f', (byte)'g',
+        (byte)'h', (byte)'i', (byte)'j', (byte)'k', (byte)'l', (byte)'m', (byte)'n',
+        (byte)'o', (byte)'p', (byte)'q', (byte)'r', (byte)'s', (byte)'t', (byte)'u',
+        (byte)'v',
+        (byte)'w', (byte)'x', (byte)'y', (byte)'z',
+        (byte)'0', (byte)'1', (byte)'2', (byte)'3', (byte)'4', (byte)'5', (byte)'6',
+        (byte)'7', (byte)'8', (byte)'9',
+        (byte)'+', (byte)'/'
+    };
+
+    protected byte    padding = (byte)'=';
+    
+    /*
+     * set up the decoding table.
+     */
+    protected final byte[] decodingTable = new byte[128];
+
+    protected void initialiseDecodingTable()
+    {
+        for (int i = 0; i < decodingTable.length; i++)
+        {
+            decodingTable[i] = (byte)0xff;
+        }
+        
+        for (int i = 0; i < encodingTable.length; i++)
+        {
+            decodingTable[encodingTable[i]] = (byte)i;
+        }
+    }
+    
+    public Base64Encoder()
+    {
+        initialiseDecodingTable();
+    }
+    
+    /**
+     * encode the input data producing a base 64 output stream.
+     *
+     * @return the number of bytes produced.
+     */
+    public int encode(
+        byte[]                data,
+        int                    off,
+        int                    length,
+        OutputStream    out) 
+        throws IOException
+    {
+        int modulus = length % 3;
+        int dataLength = (length - modulus);
+        int a1, a2, a3;
+        
+        for (int i = off; i < off + dataLength; i += 3)
+        {
+            a1 = data[i] & 0xff;
+            a2 = data[i + 1] & 0xff;
+            a3 = data[i + 2] & 0xff;
+
+            out.write(encodingTable[(a1 >>> 2) & 0x3f]);
+            out.write(encodingTable[((a1 << 4) | (a2 >>> 4)) & 0x3f]);
+            out.write(encodingTable[((a2 << 2) | (a3 >>> 6)) & 0x3f]);
+            out.write(encodingTable[a3 & 0x3f]);
+        }
+
+        /*
+         * process the tail end.
+         */
+        int    b1, b2, b3;
+        int    d1, d2;
+
+        switch (modulus)
+        {
+        case 0:        /* nothing left to do */
+            break;
+        case 1:
+            d1 = data[off + dataLength] & 0xff;
+            b1 = (d1 >>> 2) & 0x3f;
+            b2 = (d1 << 4) & 0x3f;
+
+            out.write(encodingTable[b1]);
+            out.write(encodingTable[b2]);
+            out.write(padding);
+            out.write(padding);
+            break;
+        case 2:
+            d1 = data[off + dataLength] & 0xff;
+            d2 = data[off + dataLength + 1] & 0xff;
+
+            b1 = (d1 >>> 2) & 0x3f;
+            b2 = ((d1 << 4) | (d2 >>> 4)) & 0x3f;
+            b3 = (d2 << 2) & 0x3f;
+
+            out.write(encodingTable[b1]);
+            out.write(encodingTable[b2]);
+            out.write(encodingTable[b3]);
+            out.write(padding);
+            break;
+        }
+
+        return (dataLength / 3) * 4 + ((modulus == 0) ? 0 : 4);
+    }
+
+    private boolean ignore(
+        char    c)
+    {
+        return (c == '\n' || c =='\r' || c == '\t' || c == ' ');
+    }
+    
+    /**
+     * decode the base 64 encoded byte data writing it to the given output stream,
+     * whitespace characters will be ignored.
+     *
+     * @return the number of bytes produced.
+     */
+    public int decode(
+        byte[]          data,
+        int             off,
+        int             length,
+        OutputStream    out)
+        throws IOException
+    {
+        byte    b1, b2, b3, b4;
+        int     outLen = 0;
+        
+        int     end = off + length;
+        
+        while (end > off)
+        {
+            if (!ignore((char)data[end - 1]))
+            {
+                break;
+            }
+            
+            end--;
+        }
+
+        // empty data!
+        if (end == 0)
+        {
+            return 0;
+        }
+        
+        int  i = 0;
+        int  finish = end;
+
+        while (finish > off && i != 4)
+        {
+            if (!ignore((char)data[finish - 1]))
+            {
+                i++;
+            }
+
+            finish--;
+        }
+
+        i = nextI(data, off, finish);
+
+        while (i < finish)
+        {
+            b1 = decodingTable[data[i++]];
+            
+            i = nextI(data, i, finish);
+            
+            b2 = decodingTable[data[i++]];
+            
+            i = nextI(data, i, finish);
+            
+            b3 = decodingTable[data[i++]];
+            
+            i = nextI(data, i, finish);
+            
+            b4 = decodingTable[data[i++]];
+
+            if ((b1 | b2 | b3 | b4) < 0)
+            {
+                throw new IOException("invalid characters encountered in base64 data");
+            }
+            
+            out.write((b1 << 2) | (b2 >> 4));
+            out.write((b2 << 4) | (b3 >> 2));
+            out.write((b3 << 6) | b4);
+            
+            outLen += 3;
+            
+            i = nextI(data, i, finish);
+        }
+
+        int e0 = nextI(data, i, end);
+        int e1 = nextI(data, e0 + 1, end);
+        int e2 = nextI(data, e1 + 1, end);
+        int e3 = nextI(data, e2 + 1, end);
+
+        outLen += decodeLastBlock(out, (char)data[e0], (char)data[e1], (char)data[e2], (char)data[e3]);
+
+        return outLen;
+    }
+
+    private int nextI(byte[] data, int i, int finish)
+    {
+        while ((i < finish) && ignore((char)data[i]))
+        {
+            i++;
+        }
+        return i;
+    }
+    
+    /**
+     * decode the base 64 encoded String data writing it to the given output stream,
+     * whitespace characters will be ignored.
+     *
+     * @return the number of bytes produced.
+     */
+    public int decode(
+        String          data,
+        OutputStream    out)
+        throws IOException
+    {
+        byte    b1, b2, b3, b4;
+        int     length = 0;
+        
+        int     end = data.length();
+        
+        while (end > 0)
+        {
+            if (!ignore(data.charAt(end - 1)))
+            {
+                break;
+            }
+            
+            end--;
+        }
+
+        // empty data!
+        if (end == 0)
+        {
+            return 0;
+        }
+        
+        int  i = 0;
+        int  finish = end;
+
+        while (finish > 0 && i != 4)
+        {
+            if (!ignore(data.charAt(finish - 1)))
+            {
+                i++;
+            }
+
+            finish--;
+        }
+        
+        i = nextI(data, 0, finish);
+        
+        while (i < finish)
+        {
+            b1 = decodingTable[data.charAt(i++)];
+            
+            i = nextI(data, i, finish);
+            
+            b2 = decodingTable[data.charAt(i++)];
+            
+            i = nextI(data, i, finish);
+            
+            b3 = decodingTable[data.charAt(i++)];
+            
+            i = nextI(data, i, finish);
+            
+            b4 = decodingTable[data.charAt(i++)];
+
+            if ((b1 | b2 | b3 | b4) < 0)
+            {
+                throw new IOException("invalid characters encountered in base64 data");
+            }
+               
+            out.write((b1 << 2) | (b2 >> 4));
+            out.write((b2 << 4) | (b3 >> 2));
+            out.write((b3 << 6) | b4);
+            
+            length += 3;
+            
+            i = nextI(data, i, finish);
+        }
+
+        int e0 = nextI(data, i, end);
+        int e1 = nextI(data, e0 + 1, end);
+        int e2 = nextI(data, e1 + 1, end);
+        int e3 = nextI(data, e2 + 1, end);
+
+        length += decodeLastBlock(out, data.charAt(e0), data.charAt(e1), data.charAt(e2), data.charAt(e3));
+        
+        return length;
+    }
+
+    private int decodeLastBlock(OutputStream out, char c1, char c2, char c3, char c4) 
+        throws IOException
+    {
+        byte    b1, b2, b3, b4;
+        
+        if (c3 == padding)
+        {
+            if (c4 != padding)
+            {
+                throw new IOException("invalid characters encountered at end of base64 data");
+            }
+            
+            b1 = decodingTable[c1];
+            b2 = decodingTable[c2];
+
+            if ((b1 | b2) < 0)
+            {
+                throw new IOException("invalid characters encountered at end of base64 data");
+            }
+
+            out.write((b1 << 2) | (b2 >> 4));
+            
+            return 1;
+        }
+        else if (c4 == padding)
+        {
+            b1 = decodingTable[c1];
+            b2 = decodingTable[c2];
+            b3 = decodingTable[c3];
+
+            if ((b1 | b2 | b3) < 0)
+            {
+                throw new IOException("invalid characters encountered at end of base64 data");
+            }
+            
+            out.write((b1 << 2) | (b2 >> 4));
+            out.write((b2 << 4) | (b3 >> 2));
+            
+            return 2;
+        }
+        else
+        {
+            b1 = decodingTable[c1];
+            b2 = decodingTable[c2];
+            b3 = decodingTable[c3];
+            b4 = decodingTable[c4];
+
+            if ((b1 | b2 | b3 | b4) < 0)
+            {
+                throw new IOException("invalid characters encountered at end of base64 data");
+            }
+            
+            out.write((b1 << 2) | (b2 >> 4));
+            out.write((b2 << 4) | (b3 >> 2));
+            out.write((b3 << 6) | b4);
+            
+            return 3;
+        } 
+    }
+
+    private int nextI(String data, int i, int finish)
+    {
+        while ((i < finish) && ignore(data.charAt(i)))
+        {
+            i++;
+        }
+        return i;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/encoders/DecoderException.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/encoders/DecoderException.java
new file mode 100644
index 0000000..4f8e8a2
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/encoders/DecoderException.java

@@ -0,0 +1,24 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util.encoders;
+
+/**
+ * Exception thrown if an attempt is made to decode invalid data, or some other failure occurs.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class DecoderException
+    extends IllegalStateException
+{
+    private Throwable cause;
+
+    DecoderException(String msg, Throwable cause)
+    {
+        super(msg);
+
+        this.cause = cause;
+    }
+
+    public Throwable getCause()
+    {
+        return cause;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/encoders/Encoder.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/encoders/Encoder.java
new file mode 100644
index 0000000..5c5dc1b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/encoders/Encoder.java

@@ -0,0 +1,19 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util.encoders;
+
+import java.io.IOException;
+import java.io.OutputStream;
+
+/**
+ * Encode and decode byte arrays (typically from binary to 7-bit ASCII 
+ * encodings).
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface Encoder
+{
+    int encode(byte[] data, int off, int length, OutputStream out) throws IOException;
+    
+    int decode(byte[] data, int off, int length, OutputStream out) throws IOException;
+
+    int decode(String data, OutputStream out) throws IOException;
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/encoders/EncoderException.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/encoders/EncoderException.java
new file mode 100644
index 0000000..b228738
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/encoders/EncoderException.java

@@ -0,0 +1,24 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util.encoders;
+
+/**
+ * Exception thrown if an attempt is made to encode invalid data, or some other failure occurs.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class EncoderException
+    extends IllegalStateException
+{
+    private Throwable cause;
+
+    EncoderException(String msg, Throwable cause)
+    {
+        super(msg);
+
+        this.cause = cause;
+    }
+
+    public Throwable getCause()
+    {
+        return cause;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/encoders/Hex.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/encoders/Hex.java
new file mode 100644
index 0000000..c6292a0
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/encoders/Hex.java

@@ -0,0 +1,153 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util.encoders;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.OutputStream;
+
+import com.android.org.bouncycastle.util.Strings;
+
+/**
+ * Utility class for converting hex data to bytes and back again.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class Hex
+{
+    private static final Encoder encoder = new HexEncoder();
+    
+    public static String toHexString(
+        byte[] data)
+    {
+        return toHexString(data, 0, data.length);
+    }
+
+    public static String toHexString(
+        byte[] data,
+        int    off,
+        int    length)
+    {
+        byte[] encoded = encode(data, off, length);
+        return Strings.fromByteArray(encoded);
+    }
+
+    /**
+     * encode the input data producing a Hex encoded byte array.
+     *
+     * @return a byte array containing the Hex encoded data.
+     */
+    public static byte[] encode(
+        byte[]    data)
+    {
+        return encode(data, 0, data.length);
+    }
+    
+    /**
+     * encode the input data producing a Hex encoded byte array.
+     *
+     * @return a byte array containing the Hex encoded data.
+     */
+    public static byte[] encode(
+        byte[]    data,
+        int       off,
+        int       length)
+    {
+        ByteArrayOutputStream    bOut = new ByteArrayOutputStream();
+        
+        try
+        {
+            encoder.encode(data, off, length, bOut);
+        }
+        catch (Exception e)
+        {
+            throw new EncoderException("exception encoding Hex string: " + e.getMessage(), e);
+        }
+        
+        return bOut.toByteArray();
+    }
+
+    /**
+     * Hex encode the byte data writing it to the given output stream.
+     *
+     * @return the number of bytes produced.
+     */
+    public static int encode(
+        byte[]         data,
+        OutputStream   out)
+        throws IOException
+    {
+        return encoder.encode(data, 0, data.length, out);
+    }
+    
+    /**
+     * Hex encode the byte data writing it to the given output stream.
+     *
+     * @return the number of bytes produced.
+     */
+    public static int encode(
+        byte[]         data,
+        int            off,
+        int            length,
+        OutputStream   out)
+        throws IOException
+    {
+        return encoder.encode(data, off, length, out);
+    }
+    
+    /**
+     * decode the Hex encoded input data. It is assumed the input data is valid.
+     *
+     * @return a byte array representing the decoded data.
+     */
+    public static byte[] decode(
+        byte[]    data)
+    {
+        ByteArrayOutputStream    bOut = new ByteArrayOutputStream();
+        
+        try
+        {
+            encoder.decode(data, 0, data.length, bOut);
+        }
+        catch (Exception e)
+        {
+            throw new DecoderException("exception decoding Hex data: " + e.getMessage(), e);
+        }
+        
+        return bOut.toByteArray();
+    }
+    
+    /**
+     * decode the Hex encoded String data - whitespace will be ignored.
+     *
+     * @return a byte array representing the decoded data.
+     */
+    public static byte[] decode(
+        String    data)
+    {
+        ByteArrayOutputStream    bOut = new ByteArrayOutputStream();
+        
+        try
+        {
+            encoder.decode(data, bOut);
+        }
+        catch (Exception e)
+        {
+            throw new DecoderException("exception decoding Hex string: " + e.getMessage(), e);
+        }
+        
+        return bOut.toByteArray();
+    }
+    
+    /**
+     * decode the Hex encoded String data writing it to the given output stream,
+     * whitespace characters will be ignored.
+     *
+     * @return the number of bytes produced.
+     */
+    public static int decode(
+        String          data,
+        OutputStream    out)
+        throws IOException
+    {
+        return encoder.decode(data, out);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/encoders/HexEncoder.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/encoders/HexEncoder.java
new file mode 100644
index 0000000..e40a2a1
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/encoders/HexEncoder.java

@@ -0,0 +1,192 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util.encoders;
+
+import java.io.IOException;
+import java.io.OutputStream;
+
+/**
+ * A streaming Hex encoder.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class HexEncoder
+    implements Encoder
+{
+    protected final byte[] encodingTable =
+    {
+        (byte)'0', (byte)'1', (byte)'2', (byte)'3', (byte)'4', (byte)'5', (byte)'6', (byte)'7',
+        (byte)'8', (byte)'9', (byte)'a', (byte)'b', (byte)'c', (byte)'d', (byte)'e', (byte)'f'
+    };
+
+    /*
+     * set up the decoding table.
+     */
+    protected final byte[] decodingTable = new byte[128];
+
+    protected void initialiseDecodingTable()
+    {
+        for (int i = 0; i < decodingTable.length; i++)
+        {
+            decodingTable[i] = (byte)0xff;
+        }
+
+        for (int i = 0; i < encodingTable.length; i++)
+        {
+            decodingTable[encodingTable[i]] = (byte)i;
+        }
+        
+        decodingTable['A'] = decodingTable['a'];
+        decodingTable['B'] = decodingTable['b'];
+        decodingTable['C'] = decodingTable['c'];
+        decodingTable['D'] = decodingTable['d'];
+        decodingTable['E'] = decodingTable['e'];
+        decodingTable['F'] = decodingTable['f'];
+    }
+    
+    public HexEncoder()
+    {
+        initialiseDecodingTable();
+    }
+    
+    /**
+     * encode the input data producing a Hex output stream.
+     *
+     * @return the number of bytes produced.
+     */
+    public int encode(
+        byte[]                data,
+        int                    off,
+        int                    length,
+        OutputStream    out) 
+        throws IOException
+    {        
+        for (int i = off; i < (off + length); i++)
+        {
+            int    v = data[i] & 0xff;
+
+            out.write(encodingTable[(v >>> 4)]);
+            out.write(encodingTable[v & 0xf]);
+        }
+
+        return length * 2;
+    }
+
+    private static boolean ignore(
+        char    c)
+    {
+        return c == '\n' || c =='\r' || c == '\t' || c == ' ';
+    }
+
+    /**
+     * decode the Hex encoded byte data writing it to the given output stream,
+     * whitespace characters will be ignored.
+     *
+     * @return the number of bytes produced.
+     */
+    public int decode(
+        byte[]          data,
+        int             off,
+        int             length,
+        OutputStream    out)
+        throws IOException
+    {
+        byte    b1, b2;
+        int     outLen = 0;
+        
+        int     end = off + length;
+        
+        while (end > off)
+        {
+            if (!ignore((char)data[end - 1]))
+            {
+                break;
+            }
+            
+            end--;
+        }
+        
+        int i = off;
+        while (i < end)
+        {
+            while (i < end && ignore((char)data[i]))
+            {
+                i++;
+            }
+            
+            b1 = decodingTable[data[i++]];
+            
+            while (i < end && ignore((char)data[i]))
+            {
+                i++;
+            }
+            
+            b2 = decodingTable[data[i++]];
+
+            if ((b1 | b2) < 0)
+            {
+                throw new IOException("invalid characters encountered in Hex data");
+            }
+
+            out.write((b1 << 4) | b2);
+            
+            outLen++;
+        }
+
+        return outLen;
+    }
+    
+    /**
+     * decode the Hex encoded String data writing it to the given output stream,
+     * whitespace characters will be ignored.
+     *
+     * @return the number of bytes produced.
+     */
+    public int decode(
+        String          data,
+        OutputStream    out)
+        throws IOException
+    {
+        byte    b1, b2;
+        int     length = 0;
+        
+        int     end = data.length();
+        
+        while (end > 0)
+        {
+            if (!ignore(data.charAt(end - 1)))
+            {
+                break;
+            }
+            
+            end--;
+        }
+        
+        int i = 0;
+        while (i < end)
+        {
+            while (i < end && ignore(data.charAt(i)))
+            {
+                i++;
+            }
+            
+            b1 = decodingTable[data.charAt(i++)];
+            
+            while (i < end && ignore(data.charAt(i)))
+            {
+                i++;
+            }
+            
+            b2 = decodingTable[data.charAt(i++)];
+
+            if ((b1 | b2) < 0)
+            {
+                throw new IOException("invalid characters encountered in Hex string");
+            }
+
+            out.write((b1 << 4) | b2);
+            
+            length++;
+        }
+
+        return length;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/encoders/UTF8.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/encoders/UTF8.java
new file mode 100644
index 0000000..78ced9c
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/encoders/UTF8.java

@@ -0,0 +1,158 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util.encoders;
+
+/**
+ * Utilities for working with UTF-8 encodings.
+ * 
+ * Decoding of UTF-8 is based on a presentation by Bob Steagall at CppCon2018 (see
+ * https://github.com/BobSteagall/CppCon2018). It uses a Deterministic Finite Automaton (DFA) to
+ * recognize and decode multi-byte code points.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class UTF8
+{
+    // Constants for the categorization of code units
+    private static final byte C_ILL = 0;            //- C0..C1, F5..FF  ILLEGAL octets that should never appear in a UTF-8 sequence
+    private static final byte C_CR1 = 1;            //- 80..8F          Continuation range 1
+    private static final byte C_CR2 = 2;            //- 90..9F          Continuation range 2
+    private static final byte C_CR3 = 3;            //- A0..BF          Continuation range 3
+    private static final byte C_L2A = 4;            //- C2..DF          Leading byte range A / 2-byte sequence
+    private static final byte C_L3A = 5;            //- E0              Leading byte range A / 3-byte sequence
+    private static final byte C_L3B = 6;            //- E1..EC, EE..EF  Leading byte range B / 3-byte sequence
+    private static final byte C_L3C = 7;            //- ED              Leading byte range C / 3-byte sequence
+    private static final byte C_L4A = 8;            //- F0              Leading byte range A / 4-byte sequence
+    private static final byte C_L4B = 9;            //- F1..F3          Leading byte range B / 4-byte sequence
+    private static final byte C_L4C = 10;           //- F4              Leading byte range C / 4-byte sequence
+//  private static final byte C_ASC = 11;           //- 00..7F          ASCII leading byte range
+
+    // Constants for the states of a DFA
+    private static final byte S_ERR = -2;           //- Error state
+    private static final byte S_END = -1;           //- End (or Accept) state
+    private static final byte S_CS1 = 0x00;         //- Continuation state 1
+    private static final byte S_CS2 = 0x10;         //- Continuation state 2
+    private static final byte S_CS3 = 0x20;         //- Continuation state 3
+    private static final byte S_P3A = 0x30;         //- Partial 3-byte sequence state A
+    private static final byte S_P3B = 0x40;         //- Partial 3-byte sequence state B
+    private static final byte S_P4A = 0x50;         //- Partial 4-byte sequence state A
+    private static final byte S_P4B = 0x60;         //- Partial 4-byte sequence state B
+
+    private static final short[] firstUnitTable = new short[128];
+    private static final byte[] transitionTable = new byte[S_P4B + 16];
+
+    private static void fill(byte[] table, int first, int last, byte b)
+    {
+        for (int i = first; i <= last; ++i)
+        {
+            table[i] = b;
+        }
+    }
+
+    static
+    {
+        byte[] categories = new byte[128];
+        fill(categories, 0x00, 0x0F, C_CR1);
+        fill(categories, 0x10, 0x1F, C_CR2);
+        fill(categories, 0x20, 0x3F, C_CR3);
+        fill(categories, 0x40, 0x41, C_ILL);
+        fill(categories, 0x42, 0x5F, C_L2A);
+        fill(categories, 0x60, 0x60, C_L3A);
+        fill(categories, 0x61, 0x6C, C_L3B);
+        fill(categories, 0x6D, 0x6D, C_L3C);
+        fill(categories, 0x6E, 0x6F, C_L3B);
+        fill(categories, 0x70, 0x70, C_L4A);
+        fill(categories, 0x71, 0x73, C_L4B);
+        fill(categories, 0x74, 0x74, C_L4C);
+        fill(categories, 0x75, 0x7F, C_ILL);
+
+        fill(transitionTable, 0, transitionTable.length - 1, S_ERR);
+        fill(transitionTable, S_CS1 + 0x8, S_CS1 + 0xB, S_END);
+        fill(transitionTable, S_CS2 + 0x8, S_CS2 + 0xB, S_CS1);
+        fill(transitionTable, S_CS3 + 0x8, S_CS3 + 0xB, S_CS2);
+        fill(transitionTable, S_P3A + 0xA, S_P3A + 0xB, S_CS1);
+        fill(transitionTable, S_P3B + 0x8, S_P3B + 0x9, S_CS1);
+        fill(transitionTable, S_P4A + 0x9, S_P4A + 0xB, S_CS2);
+        fill(transitionTable, S_P4B + 0x8, S_P4B + 0x8, S_CS2);
+
+        byte[] firstUnitMasks = { 0x00, 0x00, 0x00, 0x00, 0x1F, 0x0F, 0x0F, 0x0F, 0x07, 0x07, 0x07 };
+        byte[] firstUnitTransitions = { S_ERR, S_ERR, S_ERR, S_ERR, S_CS1, S_P3A, S_CS2, S_P3B, S_P4A, S_CS3, S_P4B };
+
+        for (int i = 0x00; i < 0x80; ++i)
+        {
+            byte category = categories[i];
+
+            int codePoint = i & firstUnitMasks[category];
+            byte state = firstUnitTransitions[category];
+
+            firstUnitTable[i] = (short)((codePoint << 8) | state);
+        }
+    }
+
+    /**
+     * Transcode a UTF-8 encoding into a UTF-16 representation. In the general case the output
+     * {@code utf16} array should be at least as long as the input {@code utf8} one to handle
+     * arbitrary inputs. The number of output UTF-16 code units is returned, or -1 if any errors are
+     * encountered (in which case an arbitrary amount of data may have been written into the output
+     * array). Errors that will be detected are malformed UTF-8, including incomplete, truncated or
+     * "overlong" encodings, and unmappable code points. In particular, no unmatched surrogates will
+     * be produced. An error will also result if {@code utf16} is found to be too small to store the
+     * complete output.
+     * 
+     * @param utf8
+     *            A non-null array containing a well-formed UTF-8 encoding.
+     * @param utf16
+     *            A non-null array, at least as long as the {@code utf8} array in order to ensure
+     *            the output will fit.
+     * @return The number of UTF-16 code units written to {@code utf16} (beginning from index 0), or
+     *         else -1 if the input was either malformed or encoded any unmappable characters, or if
+     *         the {@code utf16} is too small.
+     */
+    public static int transcodeToUTF16(byte[] utf8, char[] utf16)
+    {
+        int i = 0, j = 0;
+
+        while (i < utf8.length)
+        {
+            byte codeUnit = utf8[i++];
+            if (codeUnit >= 0)
+            {
+                if (j >= utf16.length) { return -1; }
+
+                utf16[j++] = (char)codeUnit;
+                continue;
+            }
+
+            short first = firstUnitTable[codeUnit & 0x7F];
+            int codePoint = first >>> 8;
+            byte state = (byte)first;
+
+            while (state >= 0)
+            {
+                if (i >= utf8.length) { return -1; }
+
+                codeUnit = utf8[i++];
+                codePoint = (codePoint << 6) | (codeUnit & 0x3F);
+                state = transitionTable[state + ((codeUnit & 0xFF) >>> 4)];
+            }
+
+            if (state == S_ERR) { return -1; }
+
+            if (codePoint <= 0xFFFF)
+            {
+                if (j >= utf16.length) { return -1; }
+
+                // Code points from U+D800 to U+DFFF are caught by the DFA
+                utf16[j++] = (char)codePoint;
+            }
+            else
+            {
+                if (j >= utf16.length - 1) { return -1; }
+
+                // Code points above U+10FFFF are caught by the DFA
+                utf16[j++] = (char)(0xD7C0 + (codePoint >>> 10));
+                utf16[j++] = (char)(0xDC00 | (codePoint & 0x3FF));
+            }
+        }
+
+        return j;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/SimpleOutputStream.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/SimpleOutputStream.java
new file mode 100644
index 0000000..6b9c18b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/SimpleOutputStream.java

@@ -0,0 +1,25 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util.io;
+
+import java.io.IOException;
+import java.io.OutputStream;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class SimpleOutputStream extends OutputStream
+{
+    public void close()
+    {
+    }
+
+    public void flush()
+    {
+    }
+
+    public void write(int b) throws IOException
+    {
+        byte[] buf = new byte[]{ (byte)b };
+        write(buf, 0, 1);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/StreamOverflowException.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/StreamOverflowException.java
new file mode 100644
index 0000000..bccc294
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/StreamOverflowException.java

@@ -0,0 +1,17 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util.io;
+
+import java.io.IOException;
+
+/**
+ * Exception thrown when too much data is written to an InputStream
+ * @hide This class is not part of the Android public SDK API
+ */
+public class StreamOverflowException
+    extends IOException
+{
+    public StreamOverflowException(String msg)
+    {
+        super(msg);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/Streams.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/Streams.java
new file mode 100644
index 0000000..5ab96d9
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/Streams.java

@@ -0,0 +1,153 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util.io;
+
+import java.io.ByteArrayOutputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+
+/**
+ * Utility methods to assist with stream processing.
+ * @hide This class is not part of the Android public SDK API
+ */
+public final class Streams
+{
+    private static int BUFFER_SIZE = 4096;
+
+    /**
+     * Read stream till EOF is encountered.
+     *
+     * @param inStr stream to be emptied.
+     * @throws IOException in case of underlying IOException.
+     */
+    public static void drain(InputStream inStr)
+        throws IOException
+    {
+        byte[] bs = new byte[BUFFER_SIZE];
+        while (inStr.read(bs, 0, bs.length) >= 0)
+        {
+        }
+    }
+
+    /**
+     * Read stream fully, returning contents in a byte array.
+     *
+     * @param inStr stream to be read.
+     * @return a byte array representing the contents of inStr.
+     * @throws IOException in case of underlying IOException.
+     */
+    public static byte[] readAll(InputStream inStr)
+        throws IOException
+    {
+        ByteArrayOutputStream buf = new ByteArrayOutputStream();
+        pipeAll(inStr, buf);
+        return buf.toByteArray();
+    }
+
+    /**
+     * Read from inStr up to a maximum number of bytes, throwing an exception if more the maximum amount
+     * of requested data is available.
+     *
+     * @param inStr stream to be read.
+     * @param limit maximum number of bytes that can be read.
+     * @return a byte array representing the contents of inStr.
+     * @throws IOException in case of underlying IOException, or if limit is reached on inStr still has data in it.
+     */
+    public static byte[] readAllLimited(InputStream inStr, int limit)
+        throws IOException
+    {
+        ByteArrayOutputStream buf = new ByteArrayOutputStream();
+        pipeAllLimited(inStr, limit, buf);
+        return buf.toByteArray();
+    }
+
+    /**
+     * Fully read in buf's length in data, or up to EOF, whichever occurs first,
+     *
+     * @param inStr the stream to be read.
+     * @param buf the buffer to be read into.
+     * @return the number of bytes read into the buffer.
+     * @throws IOException in case of underlying IOException.
+     */
+    public static int readFully(InputStream inStr, byte[] buf)
+        throws IOException
+    {
+        return readFully(inStr, buf, 0, buf.length);
+    }
+
+    /**
+     * Fully read in len's bytes of data into buf, or up to EOF, whichever occurs first,
+     *
+     * @param inStr the stream to be read.
+     * @param buf the buffer to be read into.
+     * @param off offset into buf to start putting bytes into.
+     * @param len  the number of bytes to be read.
+     * @return the number of bytes read into the buffer.
+     * @throws IOException in case of underlying IOException.
+     */
+    public static int readFully(InputStream inStr, byte[] buf, int off, int len)
+        throws IOException
+    {
+        int totalRead = 0;
+        while (totalRead < len)
+        {
+            int numRead = inStr.read(buf, off + totalRead, len - totalRead);
+            if (numRead < 0)
+            {
+                break;
+            }
+            totalRead += numRead;
+        }
+        return totalRead;
+    }
+
+    /**
+     * Write the full contents of inStr to the destination stream outStr.
+     *
+     * @param inStr source input stream.
+     * @param outStr destination output stream.
+     * @throws IOException in case of underlying IOException.
+     */
+    public static void pipeAll(InputStream inStr, OutputStream outStr)
+        throws IOException
+    {
+        byte[] bs = new byte[BUFFER_SIZE];
+        int numRead;
+        while ((numRead = inStr.read(bs, 0, bs.length)) >= 0)
+        {
+            outStr.write(bs, 0, numRead);
+        }
+    }
+
+    /**
+     * Write up to limit bytes of data from inStr to the destination stream outStr.
+     *
+     * @param inStr source input stream.
+     * @param limit the maximum number of bytes allowed to be read.
+     * @param outStr destination output stream.
+     * @throws IOException in case of underlying IOException, or if limit is reached on inStr still has data in it.
+     */
+    public static long pipeAllLimited(InputStream inStr, long limit, OutputStream outStr)
+        throws IOException
+    {
+        long total = 0;
+        byte[] bs = new byte[BUFFER_SIZE];
+        int numRead;
+        while ((numRead = inStr.read(bs, 0, bs.length)) >= 0)
+        {
+            if ((limit - total) < numRead)
+            {
+                throw new StreamOverflowException("Data Overflow");
+            }
+            total += numRead;
+            outStr.write(bs, 0, numRead);
+        }
+        return total;
+    }
+
+    public static void writeBufTo(ByteArrayOutputStream buf, OutputStream output)
+        throws IOException
+    {
+        buf.writeTo(output);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/TeeInputStream.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/TeeInputStream.java
new file mode 100644
index 0000000..2405ca4
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/TeeInputStream.java

@@ -0,0 +1,73 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util.io;
+
+import java.io.IOException;
+import java.io.InputStream;
+import java.io.OutputStream;
+
+/**
+ * An input stream which copies anything read through it to another stream.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class TeeInputStream
+    extends InputStream
+{
+    private final InputStream input;
+    private final OutputStream output;
+
+    /**
+     * Base constructor.
+     *
+     * @param input input stream to be wrapped.
+     * @param output output stream to copy any input read to.
+     */
+    public TeeInputStream(InputStream input, OutputStream output)
+    {
+        this.input = input;
+        this.output = output;
+    }
+
+    public int read(byte[] buf)
+        throws IOException
+    {
+        return read(buf, 0, buf.length);
+    }
+
+    public int read(byte[] buf, int off, int len)
+        throws IOException
+    {
+        int i = input.read(buf, off, len);
+
+        if (i > 0)
+        {
+            output.write(buf, off, i);
+        }
+
+        return i;
+    }
+
+    public int read()
+        throws IOException
+    {
+        int i = input.read();
+
+        if (i >= 0)
+        {
+            output.write(i);
+        }
+
+        return i;
+    }
+
+    public void close()
+        throws IOException
+    {
+        this.input.close();
+        this.output.close();
+    }
+
+    public OutputStream getOutputStream()
+    {
+        return output;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/TeeOutputStream.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/TeeOutputStream.java
new file mode 100644
index 0000000..ba9a8fa
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/TeeOutputStream.java

@@ -0,0 +1,64 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util.io;
+
+import java.io.IOException;
+import java.io.OutputStream;
+
+
+/**
+ * An output stream which copies anything written into it to another stream.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class TeeOutputStream
+    extends OutputStream
+{
+    private OutputStream output1;
+    private OutputStream output2;
+
+    /**
+     * Base constructor.
+     *
+     * @param output1 the output stream that is wrapped.
+     * @param output2 a secondary stream that anything written to output1 is also written to.
+     */
+    public TeeOutputStream(OutputStream output1, OutputStream output2)
+    {
+        this.output1 = output1;
+        this.output2 = output2;
+    }
+
+    public void write(byte[] buf)
+        throws IOException
+    {
+        this.output1.write(buf);
+        this.output2.write(buf);
+    }
+
+    public void write(byte[] buf, int off, int len)
+        throws IOException
+    {
+        this.output1.write(buf, off, len);
+        this.output2.write(buf, off, len);
+    }
+
+    public void write(int b)
+        throws IOException
+    {
+        this.output1.write(b);
+        this.output2.write(b);
+    }
+
+    public void flush()
+        throws IOException
+    {
+        this.output1.flush();
+        this.output2.flush();
+    }
+
+    public void close()
+        throws IOException
+    {
+        this.output1.close();
+        this.output2.close();
+    }
+}
\ No newline at end of file

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/pem/PemGenerationException.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/pem/PemGenerationException.java
new file mode 100644
index 0000000..6f507a3
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/pem/PemGenerationException.java

@@ -0,0 +1,30 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util.io.pem;
+
+import java.io.IOException;
+
+/**
+ * Exception thrown on failure to generate a PEM object.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PemGenerationException
+    extends IOException
+{
+    private Throwable cause;
+
+    public PemGenerationException(String message, Throwable cause)
+    {
+        super(message);
+        this.cause = cause;
+    }
+
+    public PemGenerationException(String message)
+    {
+        super(message);
+    }
+
+    public Throwable getCause()
+    {
+        return cause;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/pem/PemHeader.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/pem/PemHeader.java
new file mode 100644
index 0000000..2829673
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/pem/PemHeader.java

@@ -0,0 +1,77 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util.io.pem;
+
+/**
+ * Class representing a PEM header (name, value) pair.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class PemHeader
+{
+    private String name;
+    private String value;
+
+    /**
+     * Base constructor.
+     *
+     * @param name name of the header property.
+     * @param value value of the header property.
+     */
+    public PemHeader(String name, String value)
+    {
+        this.name = name;
+        this.value = value;
+    }
+
+    public String getName()
+    {
+        return name;
+    }
+
+    public String getValue()
+    {
+        return value;
+    }
+
+    public int hashCode()
+    {
+        return getHashCode(this.name) + 31 * getHashCode(this.value);    
+    }
+
+    public boolean equals(Object o)
+    {
+        if (!(o instanceof PemHeader))
+        {
+            return false;
+        }
+
+        PemHeader other = (PemHeader)o;
+
+        return other == this || (isEqual(this.name, other.name) && isEqual(this.value, other.value));
+    }
+
+    private int getHashCode(String s)
+    {
+        if (s == null)
+        {
+            return 1;
+        }
+
+        return s.hashCode();
+    }
+
+    private boolean isEqual(String s1, String s2)
+    {
+        if (s1 == s2)
+        {
+            return true;
+        }
+
+        if (s1 == null || s2 == null)
+        {
+            return false;
+        }
+
+        return s1.equals(s2);
+    }
+
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/pem/PemObject.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/pem/PemObject.java
new file mode 100644
index 0000000..97ac2fa
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/pem/PemObject.java

@@ -0,0 +1,70 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util.io.pem;
+
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.List;
+
+/**
+ * A generic PEM object - type, header properties, and byte content.
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public class PemObject
+    implements PemObjectGenerator
+{
+    private static final List EMPTY_LIST = Collections.unmodifiableList(new ArrayList());
+
+    private String type;
+    private List   headers;
+    private byte[] content;
+
+    /**
+     * Generic constructor for object without headers.
+     *
+     * @param type pem object type.
+     * @param content the binary content of the object.
+     */
+    @libcore.api.CorePlatformApi
+    public PemObject(String type, byte[] content)
+    {
+        this(type, EMPTY_LIST, content);
+    }
+
+    /**
+     * Generic constructor for object with headers.
+     *
+     * @param type pem object type.
+     * @param headers a list of PemHeader objects.
+     * @param content the binary content of the object.
+     */
+    public PemObject(String type, List headers, byte[] content)
+    {
+        this.type = type;
+        this.headers = Collections.unmodifiableList(headers);
+        this.content = content;
+    }
+
+    @libcore.api.CorePlatformApi
+    public String getType()
+    {
+        return type;
+    }
+
+    public List getHeaders()
+    {
+        return headers;
+    }
+
+    @libcore.api.CorePlatformApi
+    public byte[] getContent()
+    {
+        return content;
+    }
+
+    public PemObject generate()
+        throws PemGenerationException
+    {
+        return this;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/pem/PemObjectGenerator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/pem/PemObjectGenerator.java
new file mode 100644
index 0000000..3cbc442
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/pem/PemObjectGenerator.java

@@ -0,0 +1,19 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util.io.pem;
+
+/**
+ * Base interface for generators of PEM objects.
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public interface PemObjectGenerator
+{
+    /**
+     * Generate a PEM object.
+     *
+     * @return the generated object.
+     * @throws PemGenerationException on failure.
+     */
+    PemObject generate()
+        throws PemGenerationException;
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/pem/PemObjectParser.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/pem/PemObjectParser.java
new file mode 100644
index 0000000..e21322b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/pem/PemObjectParser.java

@@ -0,0 +1,21 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util.io.pem;
+
+import java.io.IOException;
+
+/**
+ * Base interface for parsers to convert PEM objects into specific objects.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface PemObjectParser
+{
+    /**
+     * Parse an object out of the PEM object passed in.
+     *
+     * @param obj the PEM object containing the details for the specific object.
+     * @return a specific object represented by the  PEM object.
+     * @throws IOException on a parsing error.
+     */
+    Object parseObject(PemObject obj)
+            throws IOException;
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/pem/PemReader.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/pem/PemReader.java
new file mode 100644
index 0000000..54ca2ef
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/pem/PemReader.java

@@ -0,0 +1,98 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util.io.pem;
+
+import java.io.BufferedReader;
+import java.io.IOException;
+import java.io.Reader;
+import java.util.ArrayList;
+import java.util.List;
+
+import com.android.org.bouncycastle.util.encoders.Base64;
+
+/**
+ * A generic PEM reader, based on the format outlined in RFC 1421
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public class PemReader
+    extends BufferedReader
+{
+    private static final String BEGIN = "-----BEGIN ";
+    private static final String END = "-----END ";
+
+    @libcore.api.CorePlatformApi
+    public PemReader(Reader reader)
+    {
+        super(reader);
+    }
+
+    /**
+     * Read the next PEM object as a blob of raw data with header information.
+     *
+     * @return the next object in the stream, null if no objects left.
+     * @throws IOException in case of a parse error.
+     */
+    @libcore.api.CorePlatformApi
+    public PemObject readPemObject()
+        throws IOException
+    {
+        String line = readLine();
+
+        while (line != null && !line.startsWith(BEGIN))
+        {
+            line = readLine();
+        }
+
+        if (line != null)
+        {
+            line = line.substring(BEGIN.length());
+            int index = line.indexOf('-');
+            String type = line.substring(0, index);
+
+            if (index > 0)
+            {
+                return loadObject(type);
+            }
+        }
+
+        return null;
+    }
+
+    private PemObject loadObject(String type)
+        throws IOException
+    {
+        String          line;
+        String          endMarker = END + type;
+        StringBuffer    buf = new StringBuffer();
+        List            headers = new ArrayList();
+
+        while ((line = readLine()) != null)
+        {
+            if (line.indexOf(":") >= 0)
+            {
+                int index = line.indexOf(':');
+                String hdr = line.substring(0, index);
+                String value = line.substring(index + 1).trim();
+
+                headers.add(new PemHeader(hdr, value));
+
+                continue;
+            }
+
+            if (line.indexOf(endMarker) != -1)
+            {
+                break;
+            }
+            
+            buf.append(line.trim());
+        }
+
+        if (line == null)
+        {
+            throw new IOException(endMarker + " not found");
+        }
+
+        return new PemObject(type, headers, Base64.decode(buf.toString()));
+    }
+
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/pem/PemWriter.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/pem/PemWriter.java
new file mode 100644
index 0000000..717434b
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/util/io/pem/PemWriter.java

@@ -0,0 +1,143 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.util.io.pem;
+
+import java.io.BufferedWriter;
+import java.io.IOException;
+import java.io.Writer;
+import java.util.Iterator;
+
+import com.android.org.bouncycastle.util.Strings;
+import com.android.org.bouncycastle.util.encoders.Base64;
+
+/**
+ * A generic PEM writer, based on RFC 1421
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public class PemWriter
+    extends BufferedWriter
+{
+    private static final int LINE_LENGTH = 64;
+
+    private final int nlLength;
+    private char[]  buf = new char[LINE_LENGTH];
+
+    /**
+     * Base constructor.
+     *
+     * @param out output stream to use.
+     */
+    @libcore.api.CorePlatformApi
+    public PemWriter(Writer out)
+    {
+        super(out);
+
+        String nl = Strings.lineSeparator();
+        if (nl != null)
+        {
+            nlLength = nl.length();
+        }
+        else
+        {
+            nlLength = 2;
+        }
+    }
+
+    /**
+     * Return the number of bytes or characters required to contain the
+     * passed in object if it is PEM encoded.
+     *
+     * @param obj pem object to be output
+     * @return an estimate of the number of bytes
+     */
+    public int getOutputSize(PemObject obj)
+    {
+        // BEGIN and END boundaries.
+        int size = (2 * (obj.getType().length() + 10 + nlLength)) + 6 + 4;
+
+        if (!obj.getHeaders().isEmpty())
+        {
+            for (Iterator it = obj.getHeaders().iterator(); it.hasNext();)
+            {
+                PemHeader hdr = (PemHeader)it.next();
+
+                size += hdr.getName().length() + ": ".length() + hdr.getValue().length() + nlLength;
+            }
+
+            size += nlLength;
+        }
+
+        // base64 encoding
+        int dataLen = ((obj.getContent().length + 2) / 3) * 4;
+        
+        size += dataLen + (((dataLen + LINE_LENGTH - 1) / LINE_LENGTH) * nlLength);
+
+        return size;
+    }
+    
+    @libcore.api.CorePlatformApi
+    public void writeObject(PemObjectGenerator objGen)
+        throws IOException
+    {
+        PemObject obj = objGen.generate();
+
+        writePreEncapsulationBoundary(obj.getType());
+
+        if (!obj.getHeaders().isEmpty())
+        {
+            for (Iterator it = obj.getHeaders().iterator(); it.hasNext();)
+            {
+                PemHeader hdr = (PemHeader)it.next();
+
+                this.write(hdr.getName());
+                this.write(": ");
+                this.write(hdr.getValue());
+                this.newLine();
+            }
+
+            this.newLine();
+        }
+        
+        writeEncoded(obj.getContent());
+        writePostEncapsulationBoundary(obj.getType());
+    }
+
+    private void writeEncoded(byte[] bytes)
+        throws IOException
+    {
+        bytes = Base64.encode(bytes);
+
+        for (int i = 0; i < bytes.length; i += buf.length)
+        {
+            int index = 0;
+
+            while (index != buf.length)
+            {
+                if ((i + index) >= bytes.length)
+                {
+                    break;
+                }
+                buf[index] = (char)bytes[i + index];
+                index++;
+            }
+            this.write(buf, 0, index);
+            this.newLine();
+        }
+    }
+
+    private void writePreEncapsulationBoundary(
+        String type)
+        throws IOException
+    {
+        this.write("-----BEGIN " + type + "-----");
+        this.newLine();
+    }
+
+    private void writePostEncapsulationBoundary(
+        String type)
+        throws IOException
+    {
+        this.write("-----END " + type + "-----");
+        this.newLine();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/AttributeCertificateHolder.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/AttributeCertificateHolder.java
new file mode 100644
index 0000000..784aea6
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/AttributeCertificateHolder.java

@@ -0,0 +1,422 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.x509;
+
+import java.io.IOException;
+import java.math.BigInteger;
+import java.security.MessageDigest;
+import java.security.Principal;
+import java.security.cert.CertSelector;
+import java.security.cert.Certificate;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.CertificateParsingException;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.security.auth.x500.X500Principal;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x509.GeneralName;
+import com.android.org.bouncycastle.asn1.x509.GeneralNames;
+import com.android.org.bouncycastle.asn1.x509.Holder;
+import com.android.org.bouncycastle.asn1.x509.IssuerSerial;
+import com.android.org.bouncycastle.asn1.x509.ObjectDigestInfo;
+import com.android.org.bouncycastle.jce.PrincipalUtil;
+import com.android.org.bouncycastle.jce.X509Principal;
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Selector;
+
+/**
+ * The Holder object.
+ * 
+ * <pre>
+ *          Holder ::= SEQUENCE {
+ *                baseCertificateID   [0] IssuerSerial OPTIONAL,
+ *                         -- the issuer and serial number of
+ *                         -- the holder's Public Key Certificate
+ *                entityName          [1] GeneralNames OPTIONAL,
+ *                         -- the name of the claimant or role
+ *                objectDigestInfo    [2] ObjectDigestInfo OPTIONAL
+ *                         -- used to directly authenticate the holder,
+ *                         -- for example, an executable
+ *          }
+ * </pre>
+ * @deprecated use org.bouncycastle.cert.AttributeCertificateHolder
+ * @hide This class is not part of the Android public SDK API
+ */
+public class AttributeCertificateHolder
+    implements CertSelector, Selector
+{
+    final Holder holder;
+
+    AttributeCertificateHolder(ASN1Sequence seq)
+    {
+        holder = Holder.getInstance(seq);
+    }
+
+    public AttributeCertificateHolder(X509Principal issuerName,
+        BigInteger serialNumber)
+    {
+        holder = new com.android.org.bouncycastle.asn1.x509.Holder(new IssuerSerial(
+            GeneralNames.getInstance(new DERSequence(new GeneralName(issuerName))),
+            new ASN1Integer(serialNumber)));
+    }
+
+    public AttributeCertificateHolder(X500Principal issuerName,
+        BigInteger serialNumber)
+    {
+        this(X509Util.convertPrincipal(issuerName), serialNumber);
+    }
+
+    public AttributeCertificateHolder(X509Certificate cert)
+        throws CertificateParsingException
+    {
+        X509Principal name;
+
+        try
+        {
+            name = PrincipalUtil.getIssuerX509Principal(cert);
+        }
+        catch (Exception e)
+        {
+            throw new CertificateParsingException(e.getMessage());
+        }
+
+        holder = new Holder(new IssuerSerial(generateGeneralNames(name),
+            new ASN1Integer(cert.getSerialNumber())));
+    }
+
+    public AttributeCertificateHolder(X509Principal principal)
+    {
+        holder = new Holder(generateGeneralNames(principal));
+    }
+
+    public AttributeCertificateHolder(X500Principal principal)
+    {
+        this(X509Util.convertPrincipal(principal));
+    }
+
+    /**
+     * Constructs a holder for v2 attribute certificates with a hash value for
+     * some type of object.
+     * <p>
+     * <code>digestedObjectType</code> can be one of the following:
+     * <ul>
+     * <li>0 - publicKey - A hash of the public key of the holder must be
+     * passed.
+     * <li>1 - publicKeyCert - A hash of the public key certificate of the
+     * holder must be passed.
+     * <li>2 - otherObjectDigest - A hash of some other object type must be
+     * passed. <code>otherObjectTypeID</code> must not be empty.
+     * </ul>
+     * <p>
+     * This cannot be used if a v1 attribute certificate is used.
+     * 
+     * @param digestedObjectType The digest object type.
+     * @param digestAlgorithm The algorithm identifier for the hash.
+     * @param otherObjectTypeID The object type ID if
+     *            <code>digestedObjectType</code> is
+     *            <code>otherObjectDigest</code>.
+     * @param objectDigest The hash value.
+     */
+    public AttributeCertificateHolder(int digestedObjectType,
+        String digestAlgorithm, String otherObjectTypeID, byte[] objectDigest)
+    {
+        holder = new Holder(new ObjectDigestInfo(digestedObjectType,
+            new ASN1ObjectIdentifier(otherObjectTypeID), new AlgorithmIdentifier(new ASN1ObjectIdentifier(digestAlgorithm)), Arrays
+                .clone(objectDigest)));
+    }
+
+    /**
+     * Returns the digest object type if an object digest info is used.
+     * <p>
+     * <ul>
+     * <li>0 - publicKey - A hash of the public key of the holder must be
+     * passed.
+     * <li>1 - publicKeyCert - A hash of the public key certificate of the
+     * holder must be passed.
+     * <li>2 - otherObjectDigest - A hash of some other object type must be
+     * passed. <code>otherObjectTypeID</code> must not be empty.
+     * </ul>
+     * 
+     * @return The digest object type or -1 if no object digest info is set.
+     */
+    public int getDigestedObjectType()
+    {
+        if (holder.getObjectDigestInfo() != null)
+        {
+            return holder.getObjectDigestInfo().getDigestedObjectType()
+                .getValue().intValue();
+        }
+        return -1;
+    }
+
+    /**
+     * Returns the other object type ID if an object digest info is used.
+     * 
+     * @return The other object type ID or <code>null</code> if no object
+     *         digest info is set.
+     */
+    public String getDigestAlgorithm()
+    {
+        if (holder.getObjectDigestInfo() != null)
+        {
+            return holder.getObjectDigestInfo().getDigestAlgorithm().getAlgorithm()
+                .getId();
+        }
+        return null;
+    }
+
+    /**
+     * Returns the hash if an object digest info is used.
+     * 
+     * @return The hash or <code>null</code> if no object digest info is set.
+     */
+    public byte[] getObjectDigest()
+    {
+        if (holder.getObjectDigestInfo() != null)
+        {
+            return holder.getObjectDigestInfo().getObjectDigest().getBytes();
+        }
+        return null;
+    }
+
+    /**
+     * Returns the digest algorithm ID if an object digest info is used.
+     * 
+     * @return The digest algorithm ID or <code>null</code> if no object
+     *         digest info is set.
+     */
+    public String getOtherObjectTypeID()
+    {
+        if (holder.getObjectDigestInfo() != null)
+        {
+            holder.getObjectDigestInfo().getOtherObjectTypeID().getId();
+        }
+        return null;
+    }
+
+    private GeneralNames generateGeneralNames(X509Principal principal)
+    {
+        return GeneralNames.getInstance(new DERSequence(new GeneralName(principal)));
+    }
+
+    private boolean matchesDN(X509Principal subject, GeneralNames targets)
+    {
+        GeneralName[] names = targets.getNames();
+
+        for (int i = 0; i != names.length; i++)
+        {
+            GeneralName gn = names[i];
+
+            if (gn.getTagNo() == GeneralName.directoryName)
+            {
+                try
+                {
+                    if (new X509Principal(((ASN1Encodable)gn.getName()).toASN1Primitive()
+                        .getEncoded()).equals(subject))
+                    {
+                        return true;
+                    }
+                }
+                catch (IOException e)
+                {
+                }
+            }
+        }
+
+        return false;
+    }
+
+    private Object[] getNames(GeneralName[] names)
+    {
+        List l = new ArrayList(names.length);
+
+        for (int i = 0; i != names.length; i++)
+        {
+            if (names[i].getTagNo() == GeneralName.directoryName)
+            {
+                try
+                {
+                    l.add(new X500Principal(
+                        ((ASN1Encodable)names[i].getName()).toASN1Primitive().getEncoded()));
+                }
+                catch (IOException e)
+                {
+                    throw new RuntimeException("badly formed Name object");
+                }
+            }
+        }
+
+        return l.toArray(new Object[l.size()]);
+    }
+
+    private Principal[] getPrincipals(GeneralNames names)
+    {
+        Object[] p = this.getNames(names.getNames());
+        List l = new ArrayList();
+
+        for (int i = 0; i != p.length; i++)
+        {
+            if (p[i] instanceof Principal)
+            {
+                l.add(p[i]);
+            }
+        }
+
+        return (Principal[])l.toArray(new Principal[l.size()]);
+    }
+
+    /**
+     * Return any principal objects inside the attribute certificate holder
+     * entity names field.
+     * 
+     * @return an array of Principal objects (usually X500Principal), null if no
+     *         entity names field is set.
+     */
+    public Principal[] getEntityNames()
+    {
+        if (holder.getEntityName() != null)
+        {
+            return getPrincipals(holder.getEntityName());
+        }
+
+        return null;
+    }
+
+    /**
+     * Return the principals associated with the issuer attached to this holder
+     * 
+     * @return an array of principals, null if no BaseCertificateID is set.
+     */
+    public Principal[] getIssuer()
+    {
+        if (holder.getBaseCertificateID() != null)
+        {
+            return getPrincipals(holder.getBaseCertificateID().getIssuer());
+        }
+
+        return null;
+    }
+
+    /**
+     * Return the serial number associated with the issuer attached to this
+     * holder.
+     * 
+     * @return the certificate serial number, null if no BaseCertificateID is
+     *         set.
+     */
+    public BigInteger getSerialNumber()
+    {
+        if (holder.getBaseCertificateID() != null)
+        {
+            return holder.getBaseCertificateID().getSerial().getValue();
+        }
+
+        return null;
+    }
+
+    public Object clone()
+    {
+        return new AttributeCertificateHolder((ASN1Sequence)holder
+            .toASN1Primitive());
+    }
+
+    public boolean match(Certificate cert)
+    {
+        if (!(cert instanceof X509Certificate))
+        {
+            return false;
+        }
+
+        X509Certificate x509Cert = (X509Certificate)cert;
+
+        try
+        {
+            if (holder.getBaseCertificateID() != null)
+            {
+                return holder.getBaseCertificateID().getSerial().getValue().equals(x509Cert.getSerialNumber())
+                    && matchesDN(PrincipalUtil.getIssuerX509Principal(x509Cert), holder.getBaseCertificateID().getIssuer());
+            }
+
+            if (holder.getEntityName() != null)
+            {
+                if (matchesDN(PrincipalUtil.getSubjectX509Principal(x509Cert),
+                    holder.getEntityName()))
+                {
+                    return true;
+                }
+            }
+            if (holder.getObjectDigestInfo() != null)
+            {
+                MessageDigest md = null;
+                try
+                {
+                    md = MessageDigest.getInstance(getDigestAlgorithm(), "BC");
+
+                }
+                catch (Exception e)
+                {
+                    return false;
+                }
+                switch (getDigestedObjectType())
+                {
+                case ObjectDigestInfo.publicKey:
+                    // TODO: DSA Dss-parms
+                    md.update(cert.getPublicKey().getEncoded());
+                    break;
+                case ObjectDigestInfo.publicKeyCert:
+                    md.update(cert.getEncoded());
+                    break;
+                }
+                if (!Arrays.areEqual(md.digest(), getObjectDigest()))
+                {
+                    return false;
+                }
+            }
+        }
+        catch (CertificateEncodingException e)
+        {
+            return false;
+        }
+
+        return false;
+    }
+
+    public boolean equals(Object obj)
+    {
+        if (obj == this)
+        {
+            return true;
+        }
+
+        if (!(obj instanceof AttributeCertificateHolder))
+        {
+            return false;
+        }
+
+        AttributeCertificateHolder other = (AttributeCertificateHolder)obj;
+
+        return this.holder.equals(other.holder);
+    }
+
+    public int hashCode()
+    {
+        return this.holder.hashCode();
+    }
+
+    public boolean match(Object obj)
+    {
+        if (!(obj instanceof X509Certificate))
+        {
+            return false;
+        }
+
+        return match((Certificate)obj);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/AttributeCertificateIssuer.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/AttributeCertificateIssuer.java
new file mode 100644
index 0000000..d3ae5aa
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/AttributeCertificateIssuer.java

@@ -0,0 +1,210 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.x509;
+
+import java.io.IOException;
+import java.security.Principal;
+import java.security.cert.CertSelector;
+import java.security.cert.Certificate;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.List;
+
+import javax.security.auth.x500.X500Principal;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.x509.AttCertIssuer;
+import com.android.org.bouncycastle.asn1.x509.GeneralName;
+import com.android.org.bouncycastle.asn1.x509.GeneralNames;
+import com.android.org.bouncycastle.asn1.x509.V2Form;
+import com.android.org.bouncycastle.jce.X509Principal;
+import com.android.org.bouncycastle.util.Selector;
+
+/**
+ * Carrying class for an attribute certificate issuer.
+ * @deprecated use org.bouncycastle.cert.AttributeCertificateIssuer
+ * @hide This class is not part of the Android public SDK API
+ */
+public class AttributeCertificateIssuer
+    implements CertSelector, Selector
+{
+    final ASN1Encodable form;
+
+    /**
+     * Set the issuer directly with the ASN.1 structure.
+     * 
+     * @param issuer The issuer
+     */
+    public AttributeCertificateIssuer(AttCertIssuer issuer)
+    {
+        form = issuer.getIssuer();
+    }
+
+    public AttributeCertificateIssuer(X500Principal principal)
+        throws IOException
+    {
+        this(new X509Principal(principal.getEncoded()));
+    }
+
+    public AttributeCertificateIssuer(X509Principal principal)
+    {
+        form = new V2Form(GeneralNames.getInstance(new DERSequence(new GeneralName(principal))));
+    }
+
+    private Object[] getNames()
+    {
+        GeneralNames name;
+
+        if (form instanceof V2Form)
+        {
+            name = ((V2Form)form).getIssuerName();
+        }
+        else
+        {
+            name = (GeneralNames)form;
+        }
+
+        GeneralName[] names = name.getNames();
+
+        List l = new ArrayList(names.length);
+
+        for (int i = 0; i != names.length; i++)
+        {
+            if (names[i].getTagNo() == GeneralName.directoryName)
+            {
+                try
+                {
+                    l.add(new X500Principal(
+                        ((ASN1Encodable)names[i].getName()).toASN1Primitive().getEncoded()));
+                }
+                catch (IOException e)
+                {
+                    throw new RuntimeException("badly formed Name object");
+                }
+            }
+        }
+
+        return l.toArray(new Object[l.size()]);
+    }
+
+    /**
+     * Return any principal objects inside the attribute certificate issuer
+     * object.
+     * 
+     * @return an array of Principal objects (usually X500Principal)
+     */
+    public Principal[] getPrincipals()
+    {
+        Object[] p = this.getNames();
+        List l = new ArrayList();
+
+        for (int i = 0; i != p.length; i++)
+        {
+            if (p[i] instanceof Principal)
+            {
+                l.add(p[i]);
+            }
+        }
+
+        return (Principal[])l.toArray(new Principal[l.size()]);
+    }
+
+    private boolean matchesDN(X500Principal subject, GeneralNames targets)
+    {
+        GeneralName[] names = targets.getNames();
+
+        for (int i = 0; i != names.length; i++)
+        {
+            GeneralName gn = names[i];
+
+            if (gn.getTagNo() == GeneralName.directoryName)
+            {
+                try
+                {
+                    if (new X500Principal(((ASN1Encodable)gn.getName()).toASN1Primitive().getEncoded()).equals(subject))
+                    {
+                        return true;
+                    }
+                }
+                catch (IOException e)
+                {
+                }
+            }
+        }
+
+        return false;
+    }
+
+    public Object clone()
+    {
+        return new AttributeCertificateIssuer(AttCertIssuer.getInstance(form));
+    }
+
+    public boolean match(Certificate cert)
+    {
+        if (!(cert instanceof X509Certificate))
+        {
+            return false;
+        }
+
+        X509Certificate x509Cert = (X509Certificate)cert;
+
+        if (form instanceof V2Form)
+        {
+            V2Form issuer = (V2Form)form;
+            if (issuer.getBaseCertificateID() != null)
+            {
+                return issuer.getBaseCertificateID().getSerial().getValue().equals(x509Cert.getSerialNumber())
+                    && matchesDN(x509Cert.getIssuerX500Principal(), issuer.getBaseCertificateID().getIssuer());
+            }
+
+            GeneralNames name = issuer.getIssuerName();
+            if (matchesDN(x509Cert.getSubjectX500Principal(), name))
+            {
+                return true;
+            }
+        }
+        else
+        {
+            GeneralNames name = (GeneralNames)form;
+            if (matchesDN(x509Cert.getSubjectX500Principal(), name))
+            {
+                return true;
+            }
+        }
+
+        return false;
+    }
+
+    public boolean equals(Object obj)
+    {
+        if (obj == this)
+        {
+            return true;
+        }
+
+        if (!(obj instanceof AttributeCertificateIssuer))
+        {
+            return false;
+        }
+
+        AttributeCertificateIssuer other = (AttributeCertificateIssuer)obj;
+
+        return this.form.equals(other.form);
+    }
+
+    public int hashCode()
+    {
+        return this.form.hashCode();
+    }
+
+    public boolean match(Object obj)
+    {
+        if (!(obj instanceof X509Certificate))
+        {
+            return false;
+        }
+
+        return match((Certificate)obj);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/ExtCertificateEncodingException.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/ExtCertificateEncodingException.java
new file mode 100644
index 0000000..27132de
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/ExtCertificateEncodingException.java

@@ -0,0 +1,21 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.x509;
+
+import java.security.cert.CertificateEncodingException;
+
+class ExtCertificateEncodingException
+    extends CertificateEncodingException
+{
+    Throwable cause;
+
+    ExtCertificateEncodingException(String message, Throwable cause)
+    {
+        super(message);
+        this.cause = cause;
+    }
+
+    public Throwable getCause()
+    {
+        return cause;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/ExtendedPKIXBuilderParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/ExtendedPKIXBuilderParameters.java
new file mode 100644
index 0000000..4071e3f
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/ExtendedPKIXBuilderParameters.java

@@ -0,0 +1,213 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.x509;
+
+import com.android.org.bouncycastle.util.Selector;
+
+import java.security.InvalidAlgorithmParameterException;
+import java.security.InvalidParameterException;
+import java.security.cert.PKIXBuilderParameters;
+import java.security.cert.PKIXParameters;
+import java.security.cert.TrustAnchor;
+import java.security.cert.X509CertSelector;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Set;
+
+/**
+ * This class contains extended parameters for PKIX certification path builders.
+ * 
+ * @see java.security.cert.PKIXBuilderParameters
+ * @see com.android.org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi
+ * @deprecated use PKIXExtendedBuilderParameters
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ExtendedPKIXBuilderParameters extends ExtendedPKIXParameters
+{
+
+    private int maxPathLength = 5;
+
+    private Set excludedCerts = Collections.EMPTY_SET;
+
+    /**
+     * Excluded certificates are not used for building a certification path.
+     * <p>
+     * The returned set is immutable.
+     * 
+     * @return Returns the excluded certificates.
+     */
+    public Set getExcludedCerts()
+    {
+        return Collections.unmodifiableSet(excludedCerts);
+    }
+
+    /**
+     * Sets the excluded certificates which are not used for building a
+     * certification path. If the <code>Set</code> is <code>null</code> an
+     * empty set is assumed.
+     * <p>
+     * The given set is cloned to protect it against subsequent modifications.
+     * 
+     * @param excludedCerts The excluded certificates to set.
+     */
+    public void setExcludedCerts(Set excludedCerts)
+    {
+        if (excludedCerts == null)
+        {
+            excludedCerts = Collections.EMPTY_SET;
+        }
+        else
+        {
+            this.excludedCerts = new HashSet(excludedCerts);
+        }
+    }
+
+    /**
+     * Creates an instance of <code>PKIXBuilderParameters</code> with the
+     * specified <code>Set</code> of most-trusted CAs. Each element of the set
+     * is a {@link TrustAnchor TrustAnchor}.
+     * 
+     * <p>
+     * Note that the <code>Set</code> is copied to protect against subsequent
+     * modifications.
+     * 
+     * @param trustAnchors a <code>Set</code> of <code>TrustAnchor</code>s
+     * @param targetConstraints a <code>Selector</code> specifying the
+     *            constraints on the target certificate or attribute
+     *            certificate.
+     * @throws InvalidAlgorithmParameterException if <code>trustAnchors</code>
+     *             is empty.
+     * @throws NullPointerException if <code>trustAnchors</code> is
+     *             <code>null</code>
+     * @throws ClassCastException if any of the elements of
+     *             <code>trustAnchors</code> is not of type
+     *             <code>java.security.cert.TrustAnchor</code>
+     */
+    public ExtendedPKIXBuilderParameters(Set trustAnchors,
+            Selector targetConstraints)
+            throws InvalidAlgorithmParameterException
+    {
+        super(trustAnchors);
+        setTargetConstraints(targetConstraints);
+    }
+
+    /**
+     * Sets the maximum number of intermediate non-self-issued certificates in a
+     * certification path. The PKIX <code>CertPathBuilder</code> must not
+     * build paths longer then this length.
+     * <p>
+     * A value of 0 implies that the path can only contain a single certificate.
+     * A value of -1 does not limit the length. The default length is 5.
+     * 
+     * <p>
+     * 
+     * The basic constraints extension of a CA certificate overrides this value
+     * if smaller.
+     * 
+     * @param maxPathLength the maximum number of non-self-issued intermediate
+     *            certificates in the certification path
+     * @throws InvalidParameterException if <code>maxPathLength</code> is set
+     *             to a value less than -1
+     * 
+     * @see com.android.org.bouncycastle.jce.provider.PKIXCertPathBuilderSpi
+     * @see #getMaxPathLength
+     */
+    public void setMaxPathLength(int maxPathLength)
+    {
+        if (maxPathLength < -1)
+        {
+            throw new InvalidParameterException("The maximum path "
+                    + "length parameter can not be less than -1.");
+        }
+        this.maxPathLength = maxPathLength;
+    }
+
+    /**
+     * Returns the value of the maximum number of intermediate non-self-issued
+     * certificates in the certification path.
+     * 
+     * @return the maximum number of non-self-issued intermediate certificates
+     *         in the certification path, or -1 if no limit exists.
+     * 
+     * @see #setMaxPathLength(int)
+     */
+    public int getMaxPathLength()
+    {
+        return maxPathLength;
+    }
+
+    /**
+     * Can alse handle <code>ExtendedPKIXBuilderParameters</code> and
+     * <code>PKIXBuilderParameters</code>.
+     * 
+     * @param params Parameters to set.
+     * @see com.android.org.bouncycastle.x509.ExtendedPKIXParameters#setParams(java.security.cert.PKIXParameters)
+     */
+    protected void setParams(PKIXParameters params)
+    {
+        super.setParams(params);
+        if (params instanceof ExtendedPKIXBuilderParameters)
+        {
+            ExtendedPKIXBuilderParameters _params = (ExtendedPKIXBuilderParameters) params;
+            maxPathLength = _params.maxPathLength;
+            excludedCerts = new HashSet(_params.excludedCerts);
+        }
+        if (params instanceof PKIXBuilderParameters)
+        {
+            PKIXBuilderParameters _params = (PKIXBuilderParameters) params;
+            maxPathLength = _params.getMaxPathLength();
+        }
+    }
+
+    /**
+     * Makes a copy of this <code>PKIXParameters</code> object. Changes to the
+     * copy will not affect the original and vice versa.
+     * 
+     * @return a copy of this <code>PKIXParameters</code> object
+     */
+    public Object clone()
+    {
+        ExtendedPKIXBuilderParameters params = null;
+        try
+        {
+            params = new ExtendedPKIXBuilderParameters(getTrustAnchors(),
+                    getTargetConstraints());
+        }
+        catch (Exception e)
+        {
+            // cannot happen
+            throw new RuntimeException(e.getMessage());
+        }
+        params.setParams(this);
+        return params;
+    }
+
+    /**
+     * Returns an instance of <code>ExtendedPKIXParameters</code> which can be
+     * safely casted to <code>ExtendedPKIXBuilderParameters</code>.
+     * <p>
+     * This method can be used to get a copy from other
+     * <code>PKIXBuilderParameters</code>, <code>PKIXParameters</code>,
+     * and <code>ExtendedPKIXParameters</code> instances.
+     * 
+     * @param pkixParams The PKIX parameters to create a copy of.
+     * @return An <code>ExtendedPKIXBuilderParameters</code> instance.
+     */
+    public static ExtendedPKIXParameters getInstance(PKIXParameters pkixParams)
+    {
+        ExtendedPKIXBuilderParameters params;
+        try
+        {
+            params = new ExtendedPKIXBuilderParameters(pkixParams
+                    .getTrustAnchors(), X509CertStoreSelector
+                    .getInstance((X509CertSelector) pkixParams
+                            .getTargetCertConstraints()));
+        }
+        catch (Exception e)
+        {
+            // cannot happen
+            throw new RuntimeException(e.getMessage());
+        }
+        params.setParams(pkixParams);
+        return params;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/ExtendedPKIXParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/ExtendedPKIXParameters.java
new file mode 100644
index 0000000..df6ce32
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/ExtendedPKIXParameters.java

@@ -0,0 +1,662 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.x509;
+
+import java.security.InvalidAlgorithmParameterException;
+import java.security.cert.CertSelector;
+import java.security.cert.CertStore;
+import java.security.cert.PKIXParameters;
+import java.security.cert.TrustAnchor;
+import java.security.cert.X509CertSelector;
+import java.util.ArrayList;
+import java.util.Collections;
+import java.util.HashSet;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Set;
+
+import com.android.org.bouncycastle.util.Selector;
+import com.android.org.bouncycastle.util.Store;
+
+/**
+ * This class extends the PKIXParameters with a validity model parameter.
+ *
+ * @deprecated use PKIXExtendedParameters
+ * @hide This class is not part of the Android public SDK API
+ */
+public class ExtendedPKIXParameters
+    extends PKIXParameters
+{
+
+    private List stores;
+
+    private Selector selector;
+
+    private boolean additionalLocationsEnabled;
+
+    private List additionalStores;
+
+    private Set trustedACIssuers;
+
+    private Set necessaryACAttributes;
+
+    private Set prohibitedACAttributes;
+
+    private Set attrCertCheckers;
+
+    /**
+     * Creates an instance of <code>PKIXParameters</code> with the specified
+     * <code>Set</code> of most-trusted CAs. Each element of the set is a
+     * {@link TrustAnchor TrustAnchor}.
+     * <p>
+     *     Note that the <code>Set</code>
+     * is copied to protect against subsequent modifications.
+     * </p>
+     * 
+     * @param trustAnchors a <code>Set</code> of <code>TrustAnchor</code>s
+     * @throws InvalidAlgorithmParameterException if the specified
+     *             <code>Set</code> is empty.
+     * @throws NullPointerException if the specified <code>Set</code> is
+     *             <code>null</code>
+     * @throws ClassCastException if any of the elements in the <code>Set</code>
+     *             is not of type <code>java.security.cert.TrustAnchor</code>
+     */
+    public ExtendedPKIXParameters(Set trustAnchors)
+        throws InvalidAlgorithmParameterException
+    {
+        super(trustAnchors);
+        stores = new ArrayList();
+        additionalStores = new ArrayList();
+        trustedACIssuers = new HashSet();
+        necessaryACAttributes = new HashSet();
+        prohibitedACAttributes = new HashSet();
+        attrCertCheckers = new HashSet();
+    }
+
+    /**
+     * Returns an instance with the parameters of a given
+     * <code>PKIXParameters</code> object.
+     * 
+     * @param pkixParams The given <code>PKIXParameters</code>
+     * @return an extended PKIX params object
+     */
+    public static ExtendedPKIXParameters getInstance(PKIXParameters pkixParams)
+    {
+        ExtendedPKIXParameters params;
+        try
+        {
+            params = new ExtendedPKIXParameters(pkixParams.getTrustAnchors());
+        }
+        catch (Exception e)
+        {
+            // cannot happen
+            throw new RuntimeException(e.getMessage());
+        }
+        params.setParams(pkixParams);
+        return params;
+    }
+
+    /**
+     * Method to support <code>clone()</code> under J2ME.
+     * <code>super.clone()</code> does not exist and fields are not copied.
+     * 
+     * @param params Parameters to set. If this are
+     *            <code>ExtendedPKIXParameters</code> they are copied to.
+     */
+    protected void setParams(PKIXParameters params)
+    {
+        setDate(params.getDate());
+        setCertPathCheckers(params.getCertPathCheckers());
+        setCertStores(params.getCertStores());
+        setAnyPolicyInhibited(params.isAnyPolicyInhibited());
+        setExplicitPolicyRequired(params.isExplicitPolicyRequired());
+        setPolicyMappingInhibited(params.isPolicyMappingInhibited());
+        setRevocationEnabled(params.isRevocationEnabled());
+        setInitialPolicies(params.getInitialPolicies());
+        setPolicyQualifiersRejected(params.getPolicyQualifiersRejected());
+        setSigProvider(params.getSigProvider());
+        setTargetCertConstraints(params.getTargetCertConstraints());
+        try
+        {
+            setTrustAnchors(params.getTrustAnchors());
+        }
+        catch (Exception e)
+        {
+            // cannot happen
+            throw new RuntimeException(e.getMessage());
+        }
+        if (params instanceof ExtendedPKIXParameters)
+        {
+            ExtendedPKIXParameters _params = (ExtendedPKIXParameters) params;
+            validityModel = _params.validityModel;
+            useDeltas = _params.useDeltas;
+            additionalLocationsEnabled = _params.additionalLocationsEnabled;
+            selector = _params.selector == null ? null
+                : (Selector) _params.selector.clone();
+            stores = new ArrayList(_params.stores);
+            additionalStores = new ArrayList(_params.additionalStores);
+            trustedACIssuers = new HashSet(_params.trustedACIssuers);
+            prohibitedACAttributes = new HashSet(_params.prohibitedACAttributes);
+            necessaryACAttributes = new HashSet(_params.necessaryACAttributes);
+            attrCertCheckers = new HashSet(_params.attrCertCheckers);
+        }
+    }
+
+    /**
+     * This is the default PKIX validity model. Actually there are two variants
+     * of this: The PKIX model and the modified PKIX model. The PKIX model
+     * verifies that all involved certificates must have been valid at the
+     * current time. The modified PKIX model verifies that all involved
+     * certificates were valid at the signing time. Both are indirectly choosen
+     * with the {@link PKIXParameters#setDate(java.util.Date)} method, so this
+     * methods sets the Date when <em>all</em> certificates must have been
+     * valid.
+     */
+    public static final int PKIX_VALIDITY_MODEL = 0;
+
+    /**
+     * This model uses the following validity model. Each certificate must have
+     * been valid at the moment where is was used. That means the end
+     * certificate must have been valid at the time the signature was done. The
+     * CA certificate which signed the end certificate must have been valid,
+     * when the end certificate was signed. The CA (or Root CA) certificate must
+     * have been valid, when the CA certificate was signed and so on. So the
+     * {@link PKIXParameters#setDate(java.util.Date)} method sets the time, when
+     * the <em>end certificate</em> must have been valid.
+     * <p>
+     * It is used e.g.
+     * in the German signature law.
+     * </p>
+     */
+    public static final int CHAIN_VALIDITY_MODEL = 1;
+
+    private int validityModel = PKIX_VALIDITY_MODEL;
+
+    private boolean useDeltas = false;
+
+    /**
+     * Defaults to <code>false</code>.
+     * 
+     * @return Returns if delta CRLs should be used.
+     */
+    public boolean isUseDeltasEnabled()
+    {
+        return useDeltas;
+    }
+
+    /**
+     * Sets if delta CRLs should be used for checking the revocation status.
+     * 
+     * @param useDeltas <code>true</code> if delta CRLs should be used.
+     */
+    public void setUseDeltasEnabled(boolean useDeltas)
+    {
+        this.useDeltas = useDeltas;
+    }
+
+    /**
+     * @return Returns the validity model.
+     * @see #CHAIN_VALIDITY_MODEL
+     * @see #PKIX_VALIDITY_MODEL
+     */
+    public int getValidityModel()
+    {
+        return validityModel;
+    }
+
+    /**
+     * Sets the Java CertStore to this extended PKIX parameters.
+     * 
+     * @throws ClassCastException if an element of <code>stores</code> is not
+     *             a <code>CertStore</code>.
+     */
+    public void setCertStores(List stores)
+    {
+        if (stores != null)
+        {
+            Iterator it = stores.iterator();
+            while (it.hasNext())
+            {
+                addCertStore((CertStore)it.next());
+            }
+        }
+    }
+
+    /**
+     * Sets the Bouncy Castle Stores for finding CRLs, certificates, attribute
+     * certificates or cross certificates.
+     * <p>
+     * The <code>List</code> is cloned.
+     * 
+     * @param stores A list of stores to use.
+     * @see #getStores
+     * @throws ClassCastException if an element of <code>stores</code> is not
+     *             a {@link Store}.
+     */
+    public void setStores(List stores)
+    {
+        if (stores == null)
+        {
+            this.stores = new ArrayList();
+        }
+        else
+        {
+            for (Iterator i = stores.iterator(); i.hasNext();)
+            {
+                if (!(i.next() instanceof Store))
+                {
+                    throw new ClassCastException(
+                        "All elements of list must be "
+                            + "of type com.android.org.bouncycastle.util.Store.");
+                }
+            }
+            this.stores = new ArrayList(stores);
+        }
+    }
+
+    /**
+     * Adds a Bouncy Castle {@link Store} to find CRLs, certificates, attribute
+     * certificates or cross certificates.
+     * <p>
+     * This method should be used to add local stores, like collection based
+     * X.509 stores, if available. Local stores should be considered first,
+     * before trying to use additional (remote) locations, because they do not
+     * need possible additional network traffic.
+     * <p>
+     * If <code>store</code> is <code>null</code> it is ignored.
+     * 
+     * @param store The store to add.
+     * @see #getStores
+     */
+    public void addStore(Store store)
+    {
+        if (store != null)
+        {
+            stores.add(store);
+        }
+    }
+
+    /**
+     * Adds an additional Bouncy Castle {@link Store} to find CRLs, certificates,
+     * attribute certificates or cross certificates.
+     * <p>
+     * You should not use this method. This method is used for adding additional
+     * X.509 stores, which are used to add (remote) locations, e.g. LDAP, found
+     * during X.509 object processing, e.g. in certificates or CRLs. This method
+     * is used in PKIX certification path processing.
+     * <p>
+     * If <code>store</code> is <code>null</code> it is ignored.
+     * 
+     * @param store The store to add.
+     * @see #getStores()
+     * @deprecated use addStore().
+     */
+    public void addAdditionalStore(Store store)
+    {
+        if (store != null)
+        {
+            additionalStores.add(store);
+        }
+    }
+
+    /**
+     * @deprecated
+     */
+    public void addAddionalStore(Store store)
+    {
+        addAdditionalStore(store);      
+    }
+
+    /**
+     * Returns an immutable <code>List</code> of additional Bouncy Castle
+     * <code>Store</code>s used for finding CRLs, certificates, attribute
+     * certificates or cross certificates.
+     * 
+     * @return an immutable <code>List</code> of additional Bouncy Castle
+     *         <code>Store</code>s. Never <code>null</code>.
+     * 
+     * @see #addAdditionalStore(Store)
+     */
+    public List getAdditionalStores()
+    {
+        return Collections.unmodifiableList(additionalStores);
+    }
+
+    /**
+     * Returns an immutable <code>List</code> of Bouncy Castle
+     * <code>Store</code>s used for finding CRLs, certificates, attribute
+     * certificates or cross certificates.
+     * 
+     * @return an immutable <code>List</code> of Bouncy Castle
+     *         <code>Store</code>s. Never <code>null</code>.
+     * 
+     * @see #setStores(List)
+     */
+    public List getStores()
+    {
+        return Collections.unmodifiableList(new ArrayList(stores));
+    }
+
+    /**
+     * @param validityModel The validity model to set.
+     * @see #CHAIN_VALIDITY_MODEL
+     * @see #PKIX_VALIDITY_MODEL
+     */
+    public void setValidityModel(int validityModel)
+    {
+        this.validityModel = validityModel;
+    }
+
+    public Object clone()
+    {
+        ExtendedPKIXParameters params;
+        try
+        {
+            params = new ExtendedPKIXParameters(getTrustAnchors());
+        }
+        catch (Exception e)
+        {
+            // cannot happen
+            throw new RuntimeException(e.getMessage());
+        }
+        params.setParams(this);
+        return params;
+    }
+
+    /**
+     * Returns if additional {@link X509Store}s for locations like LDAP found
+     * in certificates or CRLs should be used.
+     * 
+     * @return Returns <code>true</code> if additional stores are used.
+     */
+    public boolean isAdditionalLocationsEnabled()
+    {
+        return additionalLocationsEnabled;
+    }
+
+    /**
+     * Sets if additional {@link X509Store}s for locations like LDAP found in
+     * certificates or CRLs should be used.
+     * 
+     * @param enabled <code>true</code> if additional stores are used.
+     */
+    public void setAdditionalLocationsEnabled(boolean enabled)
+    {
+        additionalLocationsEnabled = enabled;
+    }
+
+    /**
+     * Returns the required constraints on the target certificate or attribute
+     * certificate. The constraints are returned as an instance of
+     * <code>Selector</code>. If <code>null</code>, no constraints are
+     * defined.
+     * 
+     * <p>
+     * The target certificate in a PKIX path may be a certificate or an
+     * attribute certificate.
+     * <p>
+     * Note that the <code>Selector</code> returned is cloned to protect
+     * against subsequent modifications.
+     * 
+     * @return a <code>Selector</code> specifying the constraints on the
+     *         target certificate or attribute certificate (or <code>null</code>)
+     * @see #setTargetConstraints
+     * @see X509CertStoreSelector
+     * @see X509AttributeCertStoreSelector
+     */
+    public Selector getTargetConstraints()
+    {
+        if (selector != null)
+        {
+            return (Selector) selector.clone();
+        }
+        else
+        {
+            return null;
+        }
+    }
+
+    /**
+     * Sets the required constraints on the target certificate or attribute
+     * certificate. The constraints are specified as an instance of
+     * <code>Selector</code>. If <code>null</code>, no constraints are
+     * defined.
+     * <p>
+     * The target certificate in a PKIX path may be a certificate or an
+     * attribute certificate.
+     * <p>
+     * Note that the <code>Selector</code> specified is cloned to protect
+     * against subsequent modifications.
+     * 
+     * @param selector a <code>Selector</code> specifying the constraints on
+     *            the target certificate or attribute certificate (or
+     *            <code>null</code>)
+     * @see #getTargetConstraints
+     * @see X509CertStoreSelector
+     * @see X509AttributeCertStoreSelector
+     */
+    public void setTargetConstraints(Selector selector)
+    {
+        if (selector != null)
+        {
+            this.selector = (Selector) selector.clone();
+        }
+        else
+        {
+            this.selector = null;
+        }
+    }
+
+    /**
+     * Sets the required constraints on the target certificate. The constraints
+     * are specified as an instance of <code>X509CertSelector</code>. If
+     * <code>null</code>, no constraints are defined.
+     * 
+     * <p>
+     * This method wraps the given <code>X509CertSelector</code> into a
+     * <code>X509CertStoreSelector</code>.
+     * <p>
+     * Note that the <code>X509CertSelector</code> specified is cloned to
+     * protect against subsequent modifications.
+     * 
+     * @param selector a <code>X509CertSelector</code> specifying the
+     *            constraints on the target certificate (or <code>null</code>)
+     * @see #getTargetCertConstraints
+     * @see X509CertStoreSelector
+     */
+    public void setTargetCertConstraints(CertSelector selector)
+    {
+        super.setTargetCertConstraints(selector);
+        if (selector != null)
+        {
+            this.selector = X509CertStoreSelector
+                .getInstance((X509CertSelector) selector);
+        }
+        else
+        {
+            this.selector = null;
+        }
+    }
+
+    /**
+     * Returns the trusted attribute certificate issuers. If attribute
+     * certificates is verified the trusted AC issuers must be set.
+     * <p>
+     * The returned <code>Set</code> consists of <code>TrustAnchor</code>s.
+     * <p>
+     * The returned <code>Set</code> is immutable. Never <code>null</code>
+     * 
+     * @return Returns an immutable set of the trusted AC issuers.
+     */
+    public Set getTrustedACIssuers()
+    {
+        return Collections.unmodifiableSet(trustedACIssuers);
+    }
+
+    /**
+     * Sets the trusted attribute certificate issuers. If attribute certificates
+     * is verified the trusted AC issuers must be set.
+     * <p>
+     * The <code>trustedACIssuers</code> must be a <code>Set</code> of
+     * <code>TrustAnchor</code>
+     * <p>
+     * The given set is cloned.
+     * 
+     * @param trustedACIssuers The trusted AC issuers to set. Is never
+     *            <code>null</code>.
+     * @throws ClassCastException if an element of <code>stores</code> is not
+     *             a <code>TrustAnchor</code>.
+     */
+    public void setTrustedACIssuers(Set trustedACIssuers)
+    {
+        if (trustedACIssuers == null)
+        {
+            this.trustedACIssuers.clear();
+            return;
+        }
+        for (Iterator it = trustedACIssuers.iterator(); it.hasNext();)
+        {
+            if (!(it.next() instanceof TrustAnchor))
+            {
+                throw new ClassCastException("All elements of set must be "
+                    + "of type " + TrustAnchor.class.getName() + ".");
+            }
+        }
+        this.trustedACIssuers.clear();
+        this.trustedACIssuers.addAll(trustedACIssuers);
+    }
+
+    /**
+     * Returns the neccessary attributes which must be contained in an attribute
+     * certificate.
+     * <p>
+     * The returned <code>Set</code> is immutable and contains
+     * <code>String</code>s with the OIDs.
+     * 
+     * @return Returns the necessary AC attributes.
+     */
+    public Set getNecessaryACAttributes()
+    {
+        return Collections.unmodifiableSet(necessaryACAttributes);
+    }
+
+    /**
+     * Sets the neccessary which must be contained in an attribute certificate.
+     * <p>
+     * The <code>Set</code> must contain <code>String</code>s with the
+     * OIDs.
+     * <p>
+     * The set is cloned.
+     * 
+     * @param necessaryACAttributes The necessary AC attributes to set.
+     * @throws ClassCastException if an element of
+     *             <code>necessaryACAttributes</code> is not a
+     *             <code>String</code>.
+     */
+    public void setNecessaryACAttributes(Set necessaryACAttributes)
+    {
+        if (necessaryACAttributes == null)
+        {
+            this.necessaryACAttributes.clear();
+            return;
+        }
+        for (Iterator it = necessaryACAttributes.iterator(); it.hasNext();)
+        {
+            if (!(it.next() instanceof String))
+            {
+                throw new ClassCastException("All elements of set must be "
+                    + "of type String.");
+            }
+        }
+        this.necessaryACAttributes.clear();
+        this.necessaryACAttributes.addAll(necessaryACAttributes);
+    }
+
+    /**
+     * Returns the attribute certificates which are not allowed.
+     * <p>
+     * The returned <code>Set</code> is immutable and contains
+     * <code>String</code>s with the OIDs.
+     * 
+     * @return Returns the prohibited AC attributes. Is never <code>null</code>.
+     */
+    public Set getProhibitedACAttributes()
+    {
+        return Collections.unmodifiableSet(prohibitedACAttributes);
+    }
+
+    /**
+     * Sets the attribute certificates which are not allowed.
+     * <p>
+     * The <code>Set</code> must contain <code>String</code>s with the
+     * OIDs.
+     * <p>
+     * The set is cloned.
+     * 
+     * @param prohibitedACAttributes The prohibited AC attributes to set.
+     * @throws ClassCastException if an element of
+     *             <code>prohibitedACAttributes</code> is not a
+     *             <code>String</code>.
+     */
+    public void setProhibitedACAttributes(Set prohibitedACAttributes)
+    {
+        if (prohibitedACAttributes == null)
+        {
+            this.prohibitedACAttributes.clear();
+            return;
+        }
+        for (Iterator it = prohibitedACAttributes.iterator(); it.hasNext();)
+        {
+            if (!(it.next() instanceof String))
+            {
+                throw new ClassCastException("All elements of set must be "
+                    + "of type String.");
+            }
+        }
+        this.prohibitedACAttributes.clear();
+        this.prohibitedACAttributes.addAll(prohibitedACAttributes);
+    }
+
+    /**
+     * Returns the attribute certificate checker. The returned set contains
+     * {@link PKIXAttrCertChecker}s and is immutable.
+     * 
+     * @return Returns the attribute certificate checker. Is never
+     *         <code>null</code>.
+     */
+    public Set getAttrCertCheckers()
+    {
+        return Collections.unmodifiableSet(attrCertCheckers);
+    }
+
+    /**
+     * Sets the attribute certificate checkers.
+     * <p>
+     * All elements in the <code>Set</code> must a {@link PKIXAttrCertChecker}.
+     * <p>
+     * The given set is cloned.
+     * 
+     * @param attrCertCheckers The attribute certificate checkers to set. Is
+     *            never <code>null</code>.
+     * @throws ClassCastException if an element of <code>attrCertCheckers</code>
+     *             is not a <code>PKIXAttrCertChecker</code>.
+     */
+    public void setAttrCertCheckers(Set attrCertCheckers)
+    {
+        if (attrCertCheckers == null)
+        {
+            this.attrCertCheckers.clear();
+            return;
+        }
+        for (Iterator it = attrCertCheckers.iterator(); it.hasNext();)
+        {
+            if (!(it.next() instanceof PKIXAttrCertChecker))
+            {
+                throw new ClassCastException("All elements of set must be "
+                    + "of type " + PKIXAttrCertChecker.class.getName() + ".");
+            }
+        }
+        this.attrCertCheckers.clear();
+        this.attrCertCheckers.addAll(attrCertCheckers);
+    }
+
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/NoSuchStoreException.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/NoSuchStoreException.java
new file mode 100644
index 0000000..521c56d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/NoSuchStoreException.java

@@ -0,0 +1,14 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.x509;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public class NoSuchStoreException
+    extends Exception
+{
+    public NoSuchStoreException(String message)
+    {
+        super(message);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/PKIXAttrCertChecker.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/PKIXAttrCertChecker.java
new file mode 100644
index 0000000..2a7a595
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/PKIXAttrCertChecker.java

@@ -0,0 +1,60 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.x509;
+
+import java.security.cert.CertPath;
+import java.security.cert.CertPathValidatorException;
+import java.util.Collection;
+import java.util.Set;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class PKIXAttrCertChecker
+    implements Cloneable
+{
+
+    /**
+     * Returns an immutable <code>Set</code> of X.509 attribute certificate
+     * extensions that this <code>PKIXAttrCertChecker</code> supports or
+     * <code>null</code> if no extensions are supported.
+     * <p>
+     * Each element of the set is a <code>String</code> representing the
+     * Object Identifier (OID) of the X.509 extension that is supported.
+     * <p>
+     * All X.509 attribute certificate extensions that a
+     * <code>PKIXAttrCertChecker</code> might possibly be able to process
+     * should be included in the set.
+     * 
+     * @return an immutable <code>Set</code> of X.509 extension OIDs (in
+     *         <code>String</code> format) supported by this
+     *         <code>PKIXAttrCertChecker</code>, or <code>null</code> if no
+     *         extensions are supported
+     */
+    public abstract Set getSupportedExtensions();
+
+    /**
+     * Performs checks on the specified attribute certificate. Every handled
+     * extension is rmeoved from the <code>unresolvedCritExts</code>
+     * collection.
+     * 
+     * @param attrCert The attribute certificate to be checked.
+     * @param certPath The certificate path which belongs to the attribute
+     *            certificate issuer public key certificate.
+     * @param holderCertPath The certificate path which belongs to the holder
+     *            certificate.
+     * @param unresolvedCritExts a <code>Collection</code> of OID strings
+     *            representing the current set of unresolved critical extensions
+     * @throws CertPathValidatorException if the specified attribute certificate
+     *             does not pass the check.
+     */
+    public abstract void check(X509AttributeCertificate attrCert, CertPath certPath,
+                                 CertPath holderCertPath, Collection unresolvedCritExts)
+        throws CertPathValidatorException;
+
+    /**
+     * Returns a clone of this object.
+     * 
+     * @return a copy of this <code>PKIXAttrCertChecker</code>
+     */
+    public abstract Object clone();
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509Attribute.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509Attribute.java
new file mode 100644
index 0000000..fba8516
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509Attribute.java

@@ -0,0 +1,82 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.x509;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Object;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1Set;
+import com.android.org.bouncycastle.asn1.DERSet;
+import com.android.org.bouncycastle.asn1.x509.Attribute;
+
+/**
+ * Class for carrying the values in an X.509 Attribute.
+ * @deprecated see X509CertificateHolder class in the PKIX package.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class X509Attribute
+    extends ASN1Object
+{
+    Attribute    attr;
+    
+    /**
+     * @param at an object representing an attribute.
+     */
+    X509Attribute(
+        ASN1Encodable   at)
+    {
+        this.attr = Attribute.getInstance(at);
+    }
+
+    /**
+     * Create an X.509 Attribute with the type given by the passed in oid and
+     * the value represented by an ASN.1 Set containing value.
+     * 
+     * @param oid type of the attribute
+     * @param value value object to go into the atribute's value set.
+     */
+    public X509Attribute(
+        String          oid,
+        ASN1Encodable   value)
+    {
+        this.attr = new Attribute(new ASN1ObjectIdentifier(oid), new DERSet(value));
+    }
+    
+    /**
+     * Create an X.59 Attribute with the type given by the passed in oid and the
+     * value represented by an ASN.1 Set containing the objects in value.
+     * 
+     * @param oid type of the attribute
+     * @param value vector of values to go in the attribute's value set.
+     */
+    public X509Attribute(
+        String              oid,
+        ASN1EncodableVector value)
+    {
+        this.attr = new Attribute(new ASN1ObjectIdentifier(oid), new DERSet(value));
+    }
+    
+    public String getOID()
+    {
+        return attr.getAttrType().getId();
+    }
+    
+    public ASN1Encodable[] getValues()
+    {
+        ASN1Set         s = attr.getAttrValues();
+        ASN1Encodable[] values = new ASN1Encodable[s.size()];
+        
+        for (int i = 0; i != s.size(); i++)
+        {
+            values[i] = (ASN1Encodable)s.getObjectAt(i);
+        }
+        
+        return values;
+    }
+    
+    public ASN1Primitive toASN1Primitive()
+    {
+        return attr.toASN1Primitive();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509AttributeCertificate.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509AttributeCertificate.java
new file mode 100644
index 0000000..d6ae34e
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509AttributeCertificate.java

@@ -0,0 +1,104 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.x509;
+
+import java.io.IOException;
+import java.math.BigInteger;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.PublicKey;
+import java.security.SignatureException;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateExpiredException;
+import java.security.cert.CertificateNotYetValidException;
+import java.security.cert.X509Extension;
+import java.util.Date;
+
+/**
+ * Interface for an X.509 Attribute Certificate.
+ * @deprecated use X509CertificateHolder class in the PKIX package.
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface X509AttributeCertificate
+    extends X509Extension
+{   
+    /**
+     * Return the version number for the certificate.
+     * 
+     * @return the version number.
+     */
+    public int getVersion();
+    
+    /**
+     * Return the serial number for the certificate.
+     * 
+     * @return the serial number.
+     */
+    public BigInteger getSerialNumber();
+    
+    /**
+     * Return the date before which the certificate is not valid.
+     * 
+     * @return the "not valid before" date.
+     */
+    public Date getNotBefore();
+    
+    /**
+     * Return the date after which the certificate is not valid.
+     * 
+     * @return the "not valid afer" date.
+     */
+    public Date getNotAfter();
+    
+    /**
+     * Return the holder of the certificate.
+     * 
+     * @return the holder.
+     */
+    public AttributeCertificateHolder getHolder();
+    
+    /**
+     * Return the issuer details for the certificate.
+     * 
+     * @return the issuer details.
+     */
+    public AttributeCertificateIssuer getIssuer();
+    
+    /**
+     * Return the attributes contained in the attribute block in the certificate.
+     * 
+     * @return an array of attributes.
+     */
+    public X509Attribute[] getAttributes();
+    
+    /**
+     * Return the attributes with the same type as the passed in oid.
+     * 
+     * @param oid the object identifier we wish to match.
+     * @return an array of matched attributes, null if there is no match.
+     */
+    public X509Attribute[] getAttributes(String oid);
+    
+    public boolean[] getIssuerUniqueID();
+    
+    public void checkValidity()
+        throws CertificateExpiredException, CertificateNotYetValidException;
+    
+    public void checkValidity(Date date)
+        throws CertificateExpiredException, CertificateNotYetValidException;
+    
+    public byte[] getSignature();
+    
+    public void verify(PublicKey key, String provider)
+            throws CertificateException, NoSuchAlgorithmException,
+            InvalidKeyException, NoSuchProviderException, SignatureException;
+    
+    /**
+     * Return an ASN.1 encoded byte array representing the attribute certificate.
+     * 
+     * @return an ASN.1 encoded byte array.
+     * @throws IOException if the certificate cannot be encoded.
+     */
+    public byte[] getEncoded()
+        throws IOException;
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509CRLStoreSelector.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509CRLStoreSelector.java
new file mode 100644
index 0000000..a004332
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509CRLStoreSelector.java

@@ -0,0 +1,332 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.x509;
+
+import java.io.IOException;
+import java.math.BigInteger;
+import java.security.cert.CRL;
+import java.security.cert.X509CRL;
+import java.security.cert.X509CRLSelector;
+
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.x509.Extension;
+import com.android.org.bouncycastle.util.Arrays;
+import com.android.org.bouncycastle.util.Selector;
+import com.android.org.bouncycastle.x509.extension.X509ExtensionUtil;
+
+/**
+ * This class is a Selector implementation for X.509 certificate revocation
+ * lists.
+ * 
+ * @see com.android.org.bouncycastle.util.Selector
+ * @see com.android.org.bouncycastle.x509.X509Store
+ * @see com.android.org.bouncycastle.jce.provider.X509StoreCRLCollection
+ * @hide This class is not part of the Android public SDK API
+ */
+public class X509CRLStoreSelector
+    extends X509CRLSelector
+    implements Selector
+{
+    private boolean deltaCRLIndicator = false;
+
+    private boolean completeCRLEnabled = false;
+
+    private BigInteger maxBaseCRLNumber = null;
+
+    private byte[] issuingDistributionPoint = null;
+
+    private boolean issuingDistributionPointEnabled = false;
+
+    private X509AttributeCertificate attrCertChecking;
+
+    /**
+     * Returns if the issuing distribution point criteria should be applied.
+     * Defaults to <code>false</code>.
+     * <p>
+     * You may also set the issuing distribution point criteria if not a missing
+     * issuing distribution point should be assumed.
+     * 
+     * @return Returns if the issuing distribution point check is enabled.
+     */
+    public boolean isIssuingDistributionPointEnabled()
+    {
+        return issuingDistributionPointEnabled;
+    }
+
+    /**
+     * Enables or disables the issuing distribution point check.
+     * 
+     * @param issuingDistributionPointEnabled <code>true</code> to enable the
+     *            issuing distribution point check.
+     */
+    public void setIssuingDistributionPointEnabled(
+        boolean issuingDistributionPointEnabled)
+    {
+        this.issuingDistributionPointEnabled = issuingDistributionPointEnabled;
+    }
+
+    /**
+     * Sets the attribute certificate being checked. This is not a criterion.
+     * Rather, it is optional information that may help a {@link X509Store} find
+     * CRLs that would be relevant when checking revocation for the specified
+     * attribute certificate. If <code>null</code> is specified, then no such
+     * optional information is provided.
+     * 
+     * @param attrCert the <code>X509AttributeCertificate</code> being checked (or
+     *            <code>null</code>)
+     * @see #getAttrCertificateChecking()
+     */
+    public void setAttrCertificateChecking(X509AttributeCertificate attrCert)
+    {
+        attrCertChecking = attrCert;
+    }
+
+    /**
+     * Returns the attribute certificate being checked.
+     * 
+     * @return Returns the attribute certificate being checked.
+     * @see #setAttrCertificateChecking(X509AttributeCertificate)
+     */
+    public X509AttributeCertificate getAttrCertificateChecking()
+    {
+        return attrCertChecking;
+    }
+
+    public boolean match(Object obj)
+    {
+        if (!(obj instanceof X509CRL))
+        {
+            return false;
+        }
+        X509CRL crl = (X509CRL)obj;
+        ASN1Integer dci = null;
+        try
+        {
+            byte[] bytes = crl
+                .getExtensionValue(Extension.deltaCRLIndicator.getId());
+            if (bytes != null)
+            {
+                dci = ASN1Integer.getInstance(X509ExtensionUtil
+                    .fromExtensionValue(bytes));
+            }
+        }
+        catch (Exception e)
+        {
+            return false;
+        }
+        if (isDeltaCRLIndicatorEnabled())
+        {
+            if (dci == null)
+            {
+                return false;
+            }
+        }
+        if (isCompleteCRLEnabled())
+        {
+            if (dci != null)
+            {
+                return false;
+            }
+        }
+        if (dci != null)
+        {
+
+            if (maxBaseCRLNumber != null)
+            {
+                if (dci.getPositiveValue().compareTo(maxBaseCRLNumber) == 1)
+                {
+                    return false;
+                }
+            }
+        }
+        if (issuingDistributionPointEnabled)
+        {
+            byte[] idp = crl
+                .getExtensionValue(Extension.issuingDistributionPoint
+                    .getId());
+            if (issuingDistributionPoint == null)
+            {
+                if (idp != null)
+                {
+                    return false;
+                }
+            }
+            else
+            {
+                if (!Arrays.areEqual(idp, issuingDistributionPoint))
+                {
+                    return false;
+                }
+            }
+
+        }
+        return super.match((X509CRL)obj);
+    }
+
+    public boolean match(CRL crl)
+    {
+        return match((Object)crl);
+    }
+
+    /**
+     * Returns if this selector must match CRLs with the delta CRL indicator
+     * extension set. Defaults to <code>false</code>.
+     * 
+     * @return Returns <code>true</code> if only CRLs with the delta CRL
+     *         indicator extension are selected.
+     */
+    public boolean isDeltaCRLIndicatorEnabled()
+    {
+        return deltaCRLIndicator;
+    }
+
+    /**
+     * If this is set to <code>true</code> the CRL reported contains the delta
+     * CRL indicator CRL extension.
+     * <p>
+     * {@link #setCompleteCRLEnabled(boolean)} and
+     * {@link #setDeltaCRLIndicatorEnabled(boolean)} excluded each other.
+     * 
+     * @param deltaCRLIndicator <code>true</code> if the delta CRL indicator
+     *            extension must be in the CRL.
+     */
+    public void setDeltaCRLIndicatorEnabled(boolean deltaCRLIndicator)
+    {
+        this.deltaCRLIndicator = deltaCRLIndicator;
+    }
+
+    /**
+     * Returns an instance of this from a <code>X509CRLSelector</code>.
+     * 
+     * @param selector A <code>X509CRLSelector</code> instance.
+     * @return An instance of an <code>X509CRLStoreSelector</code>.
+     * @exception IllegalArgumentException if selector is null or creation
+     *                fails.
+     */
+    public static X509CRLStoreSelector getInstance(X509CRLSelector selector)
+    {
+        if (selector == null)
+        {
+            throw new IllegalArgumentException(
+                "cannot create from null selector");
+        }
+        X509CRLStoreSelector cs = new X509CRLStoreSelector();
+        cs.setCertificateChecking(selector.getCertificateChecking());
+        cs.setDateAndTime(selector.getDateAndTime());
+        try
+        {
+            cs.setIssuerNames(selector.getIssuerNames());
+        }
+        catch (IOException e)
+        {
+            // cannot happen
+            throw new IllegalArgumentException(e.getMessage());
+        }
+        cs.setIssuers(selector.getIssuers());
+        cs.setMaxCRLNumber(selector.getMaxCRL());
+        cs.setMinCRLNumber(selector.getMinCRL());
+        return cs;
+    }
+    
+    public Object clone()
+    {
+        X509CRLStoreSelector sel = X509CRLStoreSelector.getInstance(this);
+        sel.deltaCRLIndicator = deltaCRLIndicator;
+        sel.completeCRLEnabled = completeCRLEnabled;
+        sel.maxBaseCRLNumber = maxBaseCRLNumber;
+        sel.attrCertChecking = attrCertChecking;
+        sel.issuingDistributionPointEnabled = issuingDistributionPointEnabled;
+        sel.issuingDistributionPoint = Arrays.clone(issuingDistributionPoint);
+        return sel;
+    }
+
+    /**
+     * If <code>true</code> only complete CRLs are returned. Defaults to
+     * <code>false</code>.
+     * 
+     * @return <code>true</code> if only complete CRLs are returned.
+     */
+    public boolean isCompleteCRLEnabled()
+    {
+        return completeCRLEnabled;
+    }
+
+    /**
+     * If set to <code>true</code> only complete CRLs are returned.
+     * <p>
+     * {@link #setCompleteCRLEnabled(boolean)} and
+     * {@link #setDeltaCRLIndicatorEnabled(boolean)} excluded each other.
+     * 
+     * @param completeCRLEnabled <code>true</code> if only complete CRLs
+     *            should be returned.
+     */
+    public void setCompleteCRLEnabled(boolean completeCRLEnabled)
+    {
+        this.completeCRLEnabled = completeCRLEnabled;
+    }
+
+    /**
+     * Get the maximum base CRL number. Defaults to <code>null</code>.
+     * 
+     * @return Returns the maximum base CRL number.
+     * @see #setMaxBaseCRLNumber(BigInteger)
+     */
+    public BigInteger getMaxBaseCRLNumber()
+    {
+        return maxBaseCRLNumber;
+    }
+
+    /**
+     * Sets the maximum base CRL number. Setting to <code>null</code> disables
+     * this cheack.
+     * <p>
+     * This is only meaningful for delta CRLs. Complete CRLs must have a CRL
+     * number which is greater or equal than the base number of the
+     * corresponding CRL.
+     * 
+     * @param maxBaseCRLNumber The maximum base CRL number to set.
+     */
+    public void setMaxBaseCRLNumber(BigInteger maxBaseCRLNumber)
+    {
+        this.maxBaseCRLNumber = maxBaseCRLNumber;
+    }
+
+    /**
+     * Returns the issuing distribution point. Defaults to <code>null</code>,
+     * which is a missing issuing distribution point extension.
+     * <p>
+     * The internal byte array is cloned before it is returned.
+     * <p>
+     * The criteria must be enable with
+     * {@link #setIssuingDistributionPointEnabled(boolean)}.
+     * 
+     * @return Returns the issuing distribution point.
+     * @see #setIssuingDistributionPoint(byte[])
+     */
+    public byte[] getIssuingDistributionPoint()
+    {
+        return Arrays.clone(issuingDistributionPoint);
+    }
+
+    /**
+     * Sets the issuing distribution point.
+     * <p>
+     * The issuing distribution point extension is a CRL extension which
+     * identifies the scope and the distribution point of a CRL. The scope
+     * contains among others information about revocation reasons contained in
+     * the CRL. Delta CRLs and complete CRLs must have matching issuing
+     * distribution points.
+     * <p>
+     * The byte array is cloned to protect against subsequent modifications.
+     * <p>
+     * You must also enable or disable this criteria with
+     * {@link #setIssuingDistributionPointEnabled(boolean)}.
+     * 
+     * @param issuingDistributionPoint The issuing distribution point to set.
+     *            This is the DER encoded OCTET STRING extension value.
+     * @see #getIssuingDistributionPoint()
+     */
+    public void setIssuingDistributionPoint(byte[] issuingDistributionPoint)
+    {
+        this.issuingDistributionPoint = Arrays.clone(issuingDistributionPoint);
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509CertStoreSelector.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509CertStoreSelector.java
new file mode 100644
index 0000000..67926b1
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509CertStoreSelector.java

@@ -0,0 +1,90 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.x509;
+
+import java.io.IOException;
+import java.security.cert.Certificate;
+import java.security.cert.X509CertSelector;
+import java.security.cert.X509Certificate;
+
+import com.android.org.bouncycastle.util.Selector;
+
+/**
+ * This class is a Selector implementation for X.509 certificates.
+ * 
+ * @see com.android.org.bouncycastle.util.Selector
+ * @see com.android.org.bouncycastle.x509.X509Store
+ * @see com.android.org.bouncycastle.jce.provider.X509StoreCertCollection
+ * @deprecated use the classes under org.bouncycastle.cert.selector
+ * @hide This class is not part of the Android public SDK API
+ */
+public class X509CertStoreSelector
+    extends X509CertSelector
+    implements Selector
+{
+    public boolean match(Object obj)
+    {
+        if (!(obj instanceof X509Certificate))
+        {
+            return false;
+        }
+
+        X509Certificate other = (X509Certificate)obj;
+
+        return super.match(other);
+    }
+
+    public boolean match(Certificate cert)
+    {
+        return match((Object)cert);
+    }
+
+    public Object clone()
+    {
+        X509CertStoreSelector selector = (X509CertStoreSelector)super.clone();
+
+        return selector;
+    }
+
+    /**
+     * Returns an instance of this from a <code>X509CertSelector</code>.
+     *
+     * @param selector A <code>X509CertSelector</code> instance.
+     * @return An instance of an <code>X509CertStoreSelector</code>.
+     * @exception IllegalArgumentException if selector is null or creation fails.
+     */
+    public static X509CertStoreSelector getInstance(X509CertSelector selector)
+    {
+        if (selector == null)
+        {
+            throw new IllegalArgumentException("cannot create from null selector");
+        }
+        X509CertStoreSelector cs = new X509CertStoreSelector();
+        cs.setAuthorityKeyIdentifier(selector.getAuthorityKeyIdentifier());
+        cs.setBasicConstraints(selector.getBasicConstraints());
+        cs.setCertificate(selector.getCertificate());
+        cs.setCertificateValid(selector.getCertificateValid());
+        cs.setMatchAllSubjectAltNames(selector.getMatchAllSubjectAltNames());
+        try
+        {
+            cs.setPathToNames(selector.getPathToNames());
+            cs.setExtendedKeyUsage(selector.getExtendedKeyUsage());
+            cs.setNameConstraints(selector.getNameConstraints());
+            cs.setPolicy(selector.getPolicy());
+            cs.setSubjectPublicKeyAlgID(selector.getSubjectPublicKeyAlgID());
+            cs.setSubjectAlternativeNames(selector.getSubjectAlternativeNames());
+        }
+        catch (IOException e)
+        {
+            throw new IllegalArgumentException("error in passed in selector: " + e);
+        }
+        cs.setIssuer(selector.getIssuer());
+        cs.setKeyUsage(selector.getKeyUsage());
+        cs.setPrivateKeyValid(selector.getPrivateKeyValid());
+        cs.setSerialNumber(selector.getSerialNumber());
+        cs.setSubject(selector.getSubject());
+        cs.setSubjectKeyIdentifier(selector.getSubjectKeyIdentifier());
+        cs.setSubjectPublicKey(selector.getSubjectPublicKey());
+        return cs;
+    }
+
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509CollectionStoreParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509CollectionStoreParameters.java
new file mode 100644
index 0000000..ad85cfc
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509CollectionStoreParameters.java

@@ -0,0 +1,72 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.x509;
+
+import java.util.ArrayList;
+import java.util.Collection;
+
+/**
+ * This class contains a collection for collection based <code>X509Store</code>s.
+ * 
+ * @see com.android.org.bouncycastle.x509.X509Store
+ * @hide This class is not part of the Android public SDK API
+ * 
+ */
+public class X509CollectionStoreParameters
+    implements X509StoreParameters
+{
+    private Collection collection;
+
+    /**
+     * Constructor.
+     * <p>
+     * The collection is copied.
+     * </p>
+     * 
+     * @param collection
+     *            The collection containing X.509 object types.
+     * @throws NullPointerException if <code>collection</code> is <code>null</code>.
+     */
+    public X509CollectionStoreParameters(Collection collection)
+    {
+        if (collection == null)
+        {
+            throw new NullPointerException("collection cannot be null");
+        }
+        this.collection = collection;
+    }
+
+    /**
+     * Returns a shallow clone. The returned contents are not copied, so adding
+     * or removing objects will effect this.
+     * 
+     * @return a shallow clone.
+     */
+    public Object clone()
+    {
+        return new X509CollectionStoreParameters(collection);
+    }
+    
+    /**
+     * Returns a copy of the <code>Collection</code>.
+     * 
+     * @return The <code>Collection</code>. Is never <code>null</code>.
+     */
+    public Collection getCollection()
+    {
+        return new ArrayList(collection);
+    }
+    
+    /**
+     * Returns a formatted string describing the parameters.
+     * 
+     * @return a formatted string describing the parameters
+     */
+    public String toString()
+    {
+        StringBuffer sb = new StringBuffer();
+        sb.append("X509CollectionStoreParameters: [\n");
+        sb.append("  collection: " + collection + "\n");
+        sb.append("]");
+        return sb.toString();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509StoreParameters.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509StoreParameters.java
new file mode 100644
index 0000000..ea18989
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509StoreParameters.java

@@ -0,0 +1,9 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.x509;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public interface X509StoreParameters
+{
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509StoreSpi.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509StoreSpi.java
new file mode 100644
index 0000000..0baf8eb
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509StoreSpi.java

@@ -0,0 +1,16 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.x509;
+
+import com.android.org.bouncycastle.util.Selector;
+
+import java.util.Collection;
+
+/**
+ * @hide This class is not part of the Android public SDK API
+ */
+public abstract class X509StoreSpi
+{
+    public abstract void engineInit(X509StoreParameters parameters);
+
+    public abstract Collection engineGetMatches(Selector selector);
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509Util.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509Util.java
new file mode 100644
index 0000000..4ea8522
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509Util.java

@@ -0,0 +1,423 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.x509;
+
+import java.io.IOException;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.PrivateKey;
+import java.security.Provider;
+import java.security.SecureRandom;
+import java.security.Security;
+import java.security.Signature;
+import java.security.SignatureException;
+import java.util.ArrayList;
+import java.util.Enumeration;
+import java.util.HashSet;
+import java.util.Hashtable;
+import java.util.Iterator;
+import java.util.List;
+import java.util.Set;
+
+import javax.security.auth.x500.X500Principal;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.DERNull;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.cryptopro.CryptoProObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.nist.NISTObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.oiw.OIWObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.pkcs.RSASSAPSSparams;
+// Android-removed: Unsupported algorithms
+// import org.bouncycastle.asn1.teletrust.TeleTrusTObjectIdentifiers;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers;
+import com.android.org.bouncycastle.jce.X509Principal;
+import com.android.org.bouncycastle.util.Strings;
+
+class X509Util
+{
+    private static Hashtable algorithms = new Hashtable();
+    private static Hashtable params = new Hashtable();
+    private static Set       noParams = new HashSet();
+    
+    static
+    {   
+        // BEGIN Android-removed: Unsupported algorithms
+        // algorithms.put("MD2WITHRSAENCRYPTION", PKCSObjectIdentifiers.md2WithRSAEncryption);
+        // algorithms.put("MD2WITHRSA", PKCSObjectIdentifiers.md2WithRSAEncryption);
+        // END Android-removed: Unsupported algorithms
+        algorithms.put("MD5WITHRSAENCRYPTION", PKCSObjectIdentifiers.md5WithRSAEncryption);
+        algorithms.put("MD5WITHRSA", PKCSObjectIdentifiers.md5WithRSAEncryption);
+        algorithms.put("SHA1WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha1WithRSAEncryption);
+        algorithms.put("SHA1WITHRSA", PKCSObjectIdentifiers.sha1WithRSAEncryption);
+        algorithms.put("SHA224WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha224WithRSAEncryption);
+        algorithms.put("SHA224WITHRSA", PKCSObjectIdentifiers.sha224WithRSAEncryption);
+        algorithms.put("SHA256WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha256WithRSAEncryption);
+        algorithms.put("SHA256WITHRSA", PKCSObjectIdentifiers.sha256WithRSAEncryption);
+        algorithms.put("SHA384WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha384WithRSAEncryption);
+        algorithms.put("SHA384WITHRSA", PKCSObjectIdentifiers.sha384WithRSAEncryption);
+        algorithms.put("SHA512WITHRSAENCRYPTION", PKCSObjectIdentifiers.sha512WithRSAEncryption);
+        algorithms.put("SHA512WITHRSA", PKCSObjectIdentifiers.sha512WithRSAEncryption);
+        algorithms.put("SHA1WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
+        algorithms.put("SHA224WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
+        algorithms.put("SHA256WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
+        algorithms.put("SHA384WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
+        algorithms.put("SHA512WITHRSAANDMGF1", PKCSObjectIdentifiers.id_RSASSA_PSS);
+        // BEGIN Android-removed: Unsupported algorithms
+        // algorithms.put("RIPEMD160WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
+        // algorithms.put("RIPEMD160WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd160);
+        // algorithms.put("RIPEMD128WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
+        // algorithms.put("RIPEMD128WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd128);
+        // algorithms.put("RIPEMD256WITHRSAENCRYPTION", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
+        // algorithms.put("RIPEMD256WITHRSA", TeleTrusTObjectIdentifiers.rsaSignatureWithripemd256);
+        // END Android-removed: Unsupported algorithms
+        algorithms.put("SHA1WITHDSA", X9ObjectIdentifiers.id_dsa_with_sha1);
+        algorithms.put("DSAWITHSHA1", X9ObjectIdentifiers.id_dsa_with_sha1);
+        algorithms.put("SHA224WITHDSA", NISTObjectIdentifiers.dsa_with_sha224);
+        algorithms.put("SHA256WITHDSA", NISTObjectIdentifiers.dsa_with_sha256);
+        algorithms.put("SHA384WITHDSA", NISTObjectIdentifiers.dsa_with_sha384);
+        algorithms.put("SHA512WITHDSA", NISTObjectIdentifiers.dsa_with_sha512);
+        algorithms.put("SHA1WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA1);
+        algorithms.put("ECDSAWITHSHA1", X9ObjectIdentifiers.ecdsa_with_SHA1);
+        algorithms.put("SHA224WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA224);
+        algorithms.put("SHA256WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA256);
+        algorithms.put("SHA384WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA384);
+        algorithms.put("SHA512WITHECDSA", X9ObjectIdentifiers.ecdsa_with_SHA512);
+        // BEGIN Android-removed: Unsupported algorithms
+        // algorithms.put("GOST3411WITHGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
+        // algorithms.put("GOST3411WITHGOST3410-94", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
+        // algorithms.put("GOST3411WITHECGOST3410", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+        // algorithms.put("GOST3411WITHECGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+        // algorithms.put("GOST3411WITHGOST3410-2001", CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+        // END Android-removed: Unsupported algorithms
+
+        //
+        // According to RFC 3279, the ASN.1 encoding SHALL (id-dsa-with-sha1) or MUST (ecdsa-with-SHA*) omit the parameters field. 
+        // The parameters field SHALL be NULL for RSA based signature algorithms.
+        //
+        noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA1);
+        noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA224);
+        noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA256);
+        noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA384);
+        noParams.add(X9ObjectIdentifiers.ecdsa_with_SHA512);
+        noParams.add(X9ObjectIdentifiers.id_dsa_with_sha1);
+        noParams.add(NISTObjectIdentifiers.dsa_with_sha224);
+        noParams.add(NISTObjectIdentifiers.dsa_with_sha256);
+        noParams.add(NISTObjectIdentifiers.dsa_with_sha384);
+        noParams.add(NISTObjectIdentifiers.dsa_with_sha512);
+        
+        //
+        // RFC 4491
+        //
+        // BEGIN Android-removed: Unsupported algorithms
+        // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_94);
+        // noParams.add(CryptoProObjectIdentifiers.gostR3411_94_with_gostR3410_2001);
+        // END Android-removed: Unsupported algorithms
+
+        //
+        // explicit params
+        //
+        AlgorithmIdentifier sha1AlgId = new AlgorithmIdentifier(OIWObjectIdentifiers.idSHA1, DERNull.INSTANCE);
+        params.put("SHA1WITHRSAANDMGF1", creatPSSParams(sha1AlgId, 20));
+
+        AlgorithmIdentifier sha224AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha224, DERNull.INSTANCE);
+        params.put("SHA224WITHRSAANDMGF1", creatPSSParams(sha224AlgId, 28));
+
+        AlgorithmIdentifier sha256AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha256, DERNull.INSTANCE);
+        params.put("SHA256WITHRSAANDMGF1", creatPSSParams(sha256AlgId, 32));
+
+        AlgorithmIdentifier sha384AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha384, DERNull.INSTANCE);
+        params.put("SHA384WITHRSAANDMGF1", creatPSSParams(sha384AlgId, 48));
+
+        AlgorithmIdentifier sha512AlgId = new AlgorithmIdentifier(NISTObjectIdentifiers.id_sha512, DERNull.INSTANCE);
+        params.put("SHA512WITHRSAANDMGF1", creatPSSParams(sha512AlgId, 64));
+    }
+
+    private static RSASSAPSSparams creatPSSParams(AlgorithmIdentifier hashAlgId, int saltSize)
+    {
+        return new RSASSAPSSparams(
+            hashAlgId,
+            new AlgorithmIdentifier(PKCSObjectIdentifiers.id_mgf1, hashAlgId),
+            new ASN1Integer(saltSize),
+            new ASN1Integer(1));
+    }
+
+    static ASN1ObjectIdentifier getAlgorithmOID(
+        String algorithmName)
+    {
+        algorithmName = Strings.toUpperCase(algorithmName);
+        
+        if (algorithms.containsKey(algorithmName))
+        {
+            return (ASN1ObjectIdentifier)algorithms.get(algorithmName);
+        }
+        
+        return new ASN1ObjectIdentifier(algorithmName);
+    }
+    
+    static AlgorithmIdentifier getSigAlgID(
+        ASN1ObjectIdentifier sigOid,
+        String              algorithmName)
+    {
+        if (noParams.contains(sigOid))
+        {
+            return new AlgorithmIdentifier(sigOid);
+        }
+
+        algorithmName = Strings.toUpperCase(algorithmName);
+
+        if (params.containsKey(algorithmName))
+        {
+            return new AlgorithmIdentifier(sigOid, (ASN1Encodable)params.get(algorithmName));
+        }
+        else
+        {
+            return new AlgorithmIdentifier(sigOid, DERNull.INSTANCE);
+        }
+    }
+    
+    static Iterator getAlgNames()
+    {
+        Enumeration e = algorithms.keys();
+        List        l = new ArrayList();
+        
+        while (e.hasMoreElements())
+        {
+            l.add(e.nextElement());
+        }
+        
+        return l.iterator();
+    }
+
+    static Signature getSignatureInstance(
+        String algorithm)
+        throws NoSuchAlgorithmException
+    {
+        return Signature.getInstance(algorithm);
+    }
+
+    static Signature getSignatureInstance(
+        String algorithm,
+        String provider)
+        throws NoSuchProviderException, NoSuchAlgorithmException
+    {
+        if (provider != null)
+        {
+            return Signature.getInstance(algorithm, provider);
+        }
+        else
+        {
+            return Signature.getInstance(algorithm);
+        }
+    }
+
+    static byte[] calculateSignature(
+        ASN1ObjectIdentifier sigOid,
+        String              sigName,
+        PrivateKey          key,
+        SecureRandom        random,
+        ASN1Encodable       object)
+        throws IOException, NoSuchAlgorithmException, InvalidKeyException, SignatureException
+    {
+        Signature sig;
+
+        if (sigOid == null)
+        {
+            throw new IllegalStateException("no signature algorithm specified");
+        }
+
+        sig = X509Util.getSignatureInstance(sigName);
+
+        if (random != null)
+        {
+            sig.initSign(key, random);
+        }
+        else
+        {
+            sig.initSign(key);
+        }
+
+        sig.update(object.toASN1Primitive().getEncoded(ASN1Encoding.DER));
+
+        return sig.sign();
+    }
+
+    static byte[] calculateSignature(
+        ASN1ObjectIdentifier sigOid,
+        String              sigName,
+        String              provider,
+        PrivateKey          key,
+        SecureRandom        random,
+        ASN1Encodable       object)
+        throws IOException, NoSuchProviderException, NoSuchAlgorithmException, InvalidKeyException, SignatureException
+    {
+        Signature sig;
+
+        if (sigOid == null)
+        {
+            throw new IllegalStateException("no signature algorithm specified");
+        }
+
+        sig = X509Util.getSignatureInstance(sigName, provider);
+
+        if (random != null)
+        {
+            sig.initSign(key, random);
+        }
+        else
+        {
+            sig.initSign(key);
+        }
+
+        sig.update(object.toASN1Primitive().getEncoded(ASN1Encoding.DER));
+
+        return sig.sign();
+    }
+
+    static X509Principal convertPrincipal(
+        X500Principal principal)
+    {
+        try
+        {
+            return new X509Principal(principal.getEncoded());
+        }
+        catch (IOException e)
+        {
+            throw new IllegalArgumentException("cannot convert principal");
+        }
+    }
+
+    static class Implementation
+    {
+        Object      engine;
+        Provider provider;
+
+        Implementation(
+            Object      engine,
+            Provider    provider)
+        {
+            this.engine = engine;
+            this.provider = provider;
+        }
+
+        Object getEngine()
+        {
+            return engine;
+        }
+
+        Provider getProvider()
+        {
+            return provider;
+        }
+    }
+
+    /**
+     * see if we can find an algorithm (or its alias and what it represents) in
+     * the property table for the given provider.
+     */
+    static Implementation getImplementation(
+        String      baseName,
+        String      algorithm,
+        Provider    prov)
+        throws NoSuchAlgorithmException
+    {
+        algorithm = Strings.toUpperCase(algorithm);
+
+        String      alias;
+
+        while ((alias = prov.getProperty("Alg.Alias." + baseName + "." + algorithm)) != null)
+        {
+            algorithm = alias;
+        }
+
+        String      className = prov.getProperty(baseName + "." + algorithm);
+
+        if (className != null)
+        {
+            try
+            {
+                Class       cls;
+                ClassLoader clsLoader = prov.getClass().getClassLoader();
+
+                if (clsLoader != null)
+                {
+                    cls = clsLoader.loadClass(className);
+                }
+                else
+                {
+                    cls = Class.forName(className);
+                }
+
+                return new Implementation(cls.newInstance(), prov);
+            }
+            catch (ClassNotFoundException e)
+            {
+                throw new IllegalStateException(
+                    "algorithm " + algorithm + " in provider " + prov.getName() + " but no class \"" + className + "\" found!");
+            }
+            catch (Exception e)
+            {
+                throw new IllegalStateException(
+                    "algorithm " + algorithm + " in provider " + prov.getName() + " but class \"" + className + "\" inaccessible!");
+            }
+        }
+
+        throw new NoSuchAlgorithmException("cannot find implementation " + algorithm + " for provider " + prov.getName());
+    }
+
+    /**
+     * return an implementation for a given algorithm/provider.
+     * If the provider is null, we grab the first avalaible who has the required algorithm.
+     */
+    static Implementation getImplementation(
+        String      baseName,
+        String      algorithm)
+        throws NoSuchAlgorithmException
+    {
+        Provider[] prov = Security.getProviders();
+
+        //
+        // search every provider looking for the algorithm we want.
+        //
+        for (int i = 0; i != prov.length; i++)
+        {
+            //
+            // try case insensitive
+            //
+            Implementation imp = getImplementation(baseName, Strings.toUpperCase(algorithm), prov[i]);
+            if (imp != null)
+            {
+                return imp;
+            }
+
+            try
+            {
+                imp = getImplementation(baseName, algorithm, prov[i]);
+            }
+            catch (NoSuchAlgorithmException e)
+            {
+                // continue
+            }
+        }
+
+        throw new NoSuchAlgorithmException("cannot find implementation " + algorithm);
+    }
+
+    static Provider getProvider(String provider)
+        throws NoSuchProviderException
+    {
+        Provider prov = Security.getProvider(provider);
+
+        if (prov == null)
+        {
+            throw new NoSuchProviderException("Provider " + provider + " not found");
+        }
+
+        return prov;
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509V1CertificateGenerator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509V1CertificateGenerator.java
new file mode 100644
index 0000000..2b5b831
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509V1CertificateGenerator.java

@@ -0,0 +1,381 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.x509;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.math.BigInteger;
+import java.security.GeneralSecurityException;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.SecureRandom;
+import java.security.SignatureException;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.X509Certificate;
+import java.util.Date;
+import java.util.Iterator;
+
+import javax.security.auth.x500.X500Principal;
+
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import com.android.org.bouncycastle.asn1.x509.TBSCertificate;
+import com.android.org.bouncycastle.asn1.x509.Time;
+import com.android.org.bouncycastle.asn1.x509.V1TBSCertificateGenerator;
+import com.android.org.bouncycastle.asn1.x509.X509Name;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.x509.CertificateFactory;
+import com.android.org.bouncycastle.jcajce.util.BCJcaJceHelper;
+import com.android.org.bouncycastle.jcajce.util.JcaJceHelper;
+import com.android.org.bouncycastle.jce.X509Principal;
+
+/**
+ * class to produce an X.509 Version 1 certificate.
+ * @deprecated use org.bouncycastle.cert.X509v1CertificateBuilder.
+ * @hide This class is not part of the Android public SDK API
+ */
+public class X509V1CertificateGenerator
+{
+    private final JcaJceHelper bcHelper = new BCJcaJceHelper(); // needed to force provider loading
+    private final CertificateFactory certificateFactory = new CertificateFactory();
+
+    private V1TBSCertificateGenerator   tbsGen;
+    private ASN1ObjectIdentifier         sigOID;
+    private AlgorithmIdentifier         sigAlgId;
+    private String                      signatureAlgorithm;
+
+    public X509V1CertificateGenerator()
+    {
+        tbsGen = new V1TBSCertificateGenerator();
+    }
+
+    /**
+     * reset the generator
+     */
+    public void reset()
+    {
+        tbsGen = new V1TBSCertificateGenerator();
+    }
+
+    /**
+     * set the serial number for the certificate.
+     */
+    public void setSerialNumber(
+        BigInteger      serialNumber)
+    {
+        if (serialNumber.compareTo(BigInteger.ZERO) <= 0)
+        {
+            throw new IllegalArgumentException("serial number must be a positive integer");
+        }
+        
+        tbsGen.setSerialNumber(new ASN1Integer(serialNumber));
+    }
+
+    /**
+     * Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the
+     * certificate.
+     */
+    public void setIssuerDN(
+        X500Principal   issuer)
+    {
+        try
+        {
+            tbsGen.setIssuer(new X509Principal(issuer.getEncoded()));
+        }
+        catch (IOException e)
+        {
+            throw new IllegalArgumentException("can't process principal: " + e);
+        }
+    }
+    
+    /**
+     * Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the
+     * certificate.
+     */
+    public void setIssuerDN(
+        X509Name   issuer)
+    {
+        tbsGen.setIssuer(issuer);
+    }
+
+    public void setNotBefore(
+        Date    date)
+    {
+        tbsGen.setStartDate(new Time(date));
+    }
+
+    public void setNotAfter(
+        Date    date)
+    {
+        tbsGen.setEndDate(new Time(date));
+    }
+
+    /**
+     * Set the subject distinguished name. The subject describes the entity associated with the public key.
+     */
+    public void setSubjectDN(
+        X500Principal   subject)
+    {
+        try
+        {
+            tbsGen.setSubject(new X509Principal(subject.getEncoded()));
+        }
+        catch (IOException e)
+        {
+            throw new IllegalArgumentException("can't process principal: " + e);
+        }
+    }
+    
+    /**
+     * Set the subject distinguished name. The subject describes the entity associated with the public key.
+     */
+    public void setSubjectDN(
+        X509Name   subject)
+    {
+        tbsGen.setSubject(subject);
+    }
+
+    public void setPublicKey(
+        PublicKey       key)
+    {
+        try
+        {
+            tbsGen.setSubjectPublicKeyInfo(SubjectPublicKeyInfo.getInstance(key.getEncoded()));
+        }
+        catch (Exception e)
+        {
+            throw new IllegalArgumentException("unable to process key - " + e.toString());
+        }
+    }
+
+    /**
+     * Set the signature algorithm. This can be either a name or an OID, names
+     * are treated as case insensitive.
+     * 
+     * @param signatureAlgorithm string representation of the algorithm name.
+     */
+    public void setSignatureAlgorithm(
+        String  signatureAlgorithm)
+    {
+        this.signatureAlgorithm = signatureAlgorithm;
+
+        try
+        {
+            sigOID = X509Util.getAlgorithmOID(signatureAlgorithm);
+        }
+        catch (Exception e)
+        {
+            throw new IllegalArgumentException("Unknown signature type requested");
+        }
+
+        sigAlgId = X509Util.getSigAlgID(sigOID, signatureAlgorithm);
+
+        tbsGen.setSignature(sigAlgId);
+    }
+
+    /**
+     * generate an X509 certificate, based on the current issuer and subject
+     * using the default provider "BC".
+     * @deprecated use generate(key, "BC")
+     */
+    public X509Certificate generateX509Certificate(
+        PrivateKey      key)
+        throws SecurityException, SignatureException, InvalidKeyException
+    {
+        try
+        {
+            return generateX509Certificate(key, "BC", null);
+        }
+        catch (NoSuchProviderException e)
+        {
+            throw new SecurityException("BC provider not installed!");
+        }
+    }
+
+    /**
+     * generate an X509 certificate, based on the current issuer and subject
+     * using the default provider "BC" and the passed in source of randomness
+     * @deprecated use generate(key, random, "BC")
+     */
+    public X509Certificate generateX509Certificate(
+        PrivateKey      key,
+        SecureRandom    random)
+        throws SecurityException, SignatureException, InvalidKeyException
+    {
+        try
+        {
+            return generateX509Certificate(key, "BC", random);
+        }
+        catch (NoSuchProviderException e)
+        {
+            throw new SecurityException("BC provider not installed!");
+        }
+    }
+
+    /**
+     * generate an X509 certificate, based on the current issuer and subject,
+     * using the passed in provider for the signing, and the passed in source
+     * of randomness (if required).
+     * @deprecated use generate()
+     */
+    public X509Certificate generateX509Certificate(
+        PrivateKey      key,
+        String          provider)
+        throws NoSuchProviderException, SecurityException, SignatureException, InvalidKeyException
+    {
+        return generateX509Certificate(key, provider, null);
+    }
+
+    /**
+     * generate an X509 certificate, based on the current issuer and subject,
+     * using the passed in provider for the signing, and the passed in source
+     * of randomness (if required).
+     * @deprecated use generate()
+     */
+    public X509Certificate generateX509Certificate(
+        PrivateKey      key,
+        String          provider,
+        SecureRandom    random)
+        throws NoSuchProviderException, SecurityException, SignatureException, InvalidKeyException
+    {
+        try
+        {
+            return generate(key, provider, random);
+        }
+        catch (NoSuchProviderException e)
+        {
+            throw e;
+        }
+        catch (SignatureException e)
+        {
+            throw e;
+        }
+        catch (InvalidKeyException e)
+        {
+            throw e;
+        }
+        catch (GeneralSecurityException e)
+        {
+            throw new SecurityException("exception: " + e);
+        }
+    }
+
+    /**
+     * generate an X509 certificate, based on the current issuer and subject
+     * using the default provider.
+     * <p>
+     * <b>Note:</b> this differs from the deprecated method in that the default provider is
+     * used - not "BC".
+     * </p>
+     */
+    public X509Certificate generate(
+        PrivateKey      key)
+        throws CertificateEncodingException, IllegalStateException, NoSuchAlgorithmException, SignatureException, InvalidKeyException
+    {
+        return generate(key, (SecureRandom)null);
+    }
+
+    /**
+     * generate an X509 certificate, based on the current issuer and subject
+     * using the default provider and the passed in source of randomness
+     * <p>
+     * <b>Note:</b> this differs from the deprecated method in that the default provider is
+     * used - not "BC".
+     * </p>
+     */
+    public X509Certificate generate(
+        PrivateKey      key,
+        SecureRandom    random)
+        throws CertificateEncodingException, IllegalStateException, NoSuchAlgorithmException, SignatureException, InvalidKeyException
+    {
+        TBSCertificate tbsCert = tbsGen.generateTBSCertificate();
+        byte[] signature;
+
+        try
+        {
+            signature = X509Util.calculateSignature(sigOID, signatureAlgorithm, key, random, tbsCert);
+        }
+        catch (IOException e)
+        {
+            throw new ExtCertificateEncodingException("exception encoding TBS cert", e);
+        }
+
+        return generateJcaObject(tbsCert, signature);
+    }
+
+    /**
+     * generate an X509 certificate, based on the current issuer and subject,
+     * using the passed in provider for the signing, and the passed in source
+     * of randomness (if required).
+     */
+    public X509Certificate generate(
+        PrivateKey      key,
+        String          provider)
+        throws CertificateEncodingException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException
+    {
+        return generate(key, provider, null);
+    }
+
+    /**
+     * generate an X509 certificate, based on the current issuer and subject,
+     * using the passed in provider for the signing, and the passed in source
+     * of randomness (if required).
+     */
+    public X509Certificate generate(
+        PrivateKey      key,
+        String          provider,
+        SecureRandom    random)
+        throws CertificateEncodingException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException
+    {
+        TBSCertificate tbsCert = tbsGen.generateTBSCertificate();
+        byte[] signature;
+
+        try
+        {
+            signature = X509Util.calculateSignature(sigOID, signatureAlgorithm, provider, key, random, tbsCert);
+        }
+        catch (IOException e)
+        {
+            throw new ExtCertificateEncodingException("exception encoding TBS cert", e);
+        }
+
+        return generateJcaObject(tbsCert, signature);
+    }
+
+    private X509Certificate generateJcaObject(TBSCertificate tbsCert, byte[] signature)
+        throws CertificateEncodingException
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(tbsCert);
+        v.add(sigAlgId);
+        v.add(new DERBitString(signature));
+
+        try
+        {
+            return (X509Certificate)certificateFactory.engineGenerateCertificate(
+                new ByteArrayInputStream(new DERSequence(v).getEncoded(ASN1Encoding.DER)));
+        }
+        catch (Exception e)
+        {
+            throw new ExtCertificateEncodingException("exception producing certificate object", e);
+        }
+    }
+
+    /**
+     * Return an iterator of the signature names supported by the generator.
+     * 
+     * @return an iterator containing recognised names.
+     */
+    public Iterator getSignatureAlgNames()
+    {
+        return X509Util.getAlgNames();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509V2AttributeCertificate.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509V2AttributeCertificate.java
new file mode 100644
index 0000000..770fa32
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509V2AttributeCertificate.java

@@ -0,0 +1,352 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.x509;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.io.InputStream;
+import java.math.BigInteger;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.PublicKey;
+import java.security.Signature;
+import java.security.SignatureException;
+import java.security.cert.CertificateException;
+import java.security.cert.CertificateExpiredException;
+import java.security.cert.CertificateNotYetValidException;
+import java.text.ParseException;
+import java.util.ArrayList;
+import java.util.Date;
+import java.util.Enumeration;
+import java.util.HashSet;
+import java.util.List;
+import java.util.Set;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1InputStream;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.x509.AttributeCertificate;
+import com.android.org.bouncycastle.asn1.x509.Extension;
+import com.android.org.bouncycastle.asn1.x509.Extensions;
+import com.android.org.bouncycastle.util.Arrays;
+
+/**
+ * An implementation of a version 2 X.509 Attribute Certificate.
+ * @deprecated use org.bouncycastle.cert.X509AttributeCertificateHolder
+ * @hide This class is not part of the Android public SDK API
+ */
+public class X509V2AttributeCertificate
+    implements X509AttributeCertificate
+{
+    private AttributeCertificate    cert;
+    private Date                    notBefore;
+    private Date                    notAfter;
+
+    private static AttributeCertificate getObject(InputStream in)
+        throws IOException
+    {
+        try
+        {
+            return AttributeCertificate.getInstance(new ASN1InputStream(in).readObject());
+        }
+        catch (IOException e)
+        {
+            throw e;
+        }
+        catch (Exception e)
+        {
+            throw new IOException("exception decoding certificate structure: " + e.toString());
+        }
+    }
+
+    public X509V2AttributeCertificate(
+        InputStream encIn)
+        throws IOException
+    {
+        this(getObject(encIn));
+    }
+    
+    public X509V2AttributeCertificate(
+        byte[]  encoded)
+        throws IOException
+    {
+        this(new ByteArrayInputStream(encoded));
+    }
+    
+    X509V2AttributeCertificate(
+        AttributeCertificate    cert)
+        throws IOException
+    {
+        this.cert = cert;
+        
+        try
+        {
+            this.notAfter = cert.getAcinfo().getAttrCertValidityPeriod().getNotAfterTime().getDate();
+            this.notBefore = cert.getAcinfo().getAttrCertValidityPeriod().getNotBeforeTime().getDate();
+        }
+        catch (ParseException e)
+        {
+            throw new IOException("invalid data structure in certificate!");
+        }
+    }
+    
+    public int getVersion()
+    {
+        return cert.getAcinfo().getVersion().getValue().intValue() + 1;
+    }
+    
+    public BigInteger getSerialNumber()
+    {
+        return cert.getAcinfo().getSerialNumber().getValue();
+    }
+    
+    public AttributeCertificateHolder getHolder()
+    {
+        return new AttributeCertificateHolder((ASN1Sequence)cert.getAcinfo().getHolder().toASN1Primitive());
+    }
+    
+    public AttributeCertificateIssuer getIssuer()
+    {
+        return new AttributeCertificateIssuer(cert.getAcinfo().getIssuer());
+    }
+    
+    public Date getNotBefore()
+    {
+        return notBefore;
+    }
+    
+    public Date getNotAfter()
+    {
+        return notAfter;
+    }
+    
+    public boolean[] getIssuerUniqueID()
+    {
+        DERBitString    id = cert.getAcinfo().getIssuerUniqueID();
+
+        if (id != null)
+        {
+            byte[]          bytes = id.getBytes();
+            boolean[]       boolId = new boolean[bytes.length * 8 - id.getPadBits()];
+
+            for (int i = 0; i != boolId.length; i++)
+            {
+                boolId[i] = (bytes[i / 8] & (0x80 >>> (i % 8))) != 0;
+            }
+
+            return boolId;
+        }
+            
+        return null;
+    }
+    
+    public void checkValidity() 
+        throws CertificateExpiredException, CertificateNotYetValidException
+    {
+        this.checkValidity(new Date());
+    }
+    
+    public void checkValidity(
+        Date    date)
+        throws CertificateExpiredException, CertificateNotYetValidException
+    {
+        if (date.after(this.getNotAfter()))
+        {
+            throw new CertificateExpiredException("certificate expired on " + this.getNotAfter());
+        }
+
+        if (date.before(this.getNotBefore()))
+        {
+            throw new CertificateNotYetValidException("certificate not valid till " + this.getNotBefore());
+        }
+    }
+    
+    public byte[] getSignature()
+    {
+        return cert.getSignatureValue().getOctets();
+    }
+    
+    public final void verify(
+            PublicKey   key,
+            String      provider)
+            throws CertificateException, NoSuchAlgorithmException,
+            InvalidKeyException, NoSuchProviderException, SignatureException
+    {
+        Signature   signature = null;
+
+        if (!cert.getSignatureAlgorithm().equals(cert.getAcinfo().getSignature()))
+        {
+            throw new CertificateException("Signature algorithm in certificate info not same as outer certificate");
+        }
+
+        signature = Signature.getInstance(cert.getSignatureAlgorithm().getAlgorithm().getId(), provider);
+
+        signature.initVerify(key);
+
+        try
+        {
+            signature.update(cert.getAcinfo().getEncoded());
+        }
+        catch (IOException e)
+        {
+            throw new SignatureException("Exception encoding certificate info object");
+        }
+
+        if (!signature.verify(this.getSignature()))
+        {
+            throw new InvalidKeyException("Public key presented not for certificate signature");
+        }
+    }
+    
+    public byte[] getEncoded()
+        throws IOException
+    {
+        return cert.getEncoded();
+    }
+
+    public byte[] getExtensionValue(String oid) 
+    {
+        Extensions extensions = cert.getAcinfo().getExtensions();
+
+        if (extensions != null)
+        {
+            Extension ext = extensions.getExtension(new ASN1ObjectIdentifier(oid));
+
+            if (ext != null)
+            {
+                try
+                {
+                    return ext.getExtnValue().getEncoded(ASN1Encoding.DER);
+                }
+                catch (Exception e)
+                {
+                    throw new RuntimeException("error encoding " + e.toString());
+                }
+            }
+        }
+
+        return null;
+    }
+
+    private Set getExtensionOIDs(
+        boolean critical) 
+    {
+        Extensions  extensions = cert.getAcinfo().getExtensions();
+
+        if (extensions != null)
+        {
+            Set             set = new HashSet();
+            Enumeration     e = extensions.oids();
+
+            while (e.hasMoreElements())
+            {
+                ASN1ObjectIdentifier oid = (ASN1ObjectIdentifier)e.nextElement();
+                Extension            ext = extensions.getExtension(oid);
+
+                if (ext.isCritical() == critical)
+                {
+                    set.add(oid.getId());
+                }
+            }
+
+            return set;
+        }
+
+        return null;
+    }
+    
+    public Set getNonCriticalExtensionOIDs() 
+    {
+        return getExtensionOIDs(false);
+    }
+
+    public Set getCriticalExtensionOIDs() 
+    {
+        return getExtensionOIDs(true);
+    }
+    
+    public boolean hasUnsupportedCriticalExtension()
+    {
+        Set  extensions = getCriticalExtensionOIDs();
+
+        return extensions != null && !extensions.isEmpty();
+    }
+
+    public X509Attribute[] getAttributes()
+    {
+        ASN1Sequence    seq = cert.getAcinfo().getAttributes();
+        X509Attribute[] attrs = new X509Attribute[seq.size()];
+        
+        for (int i = 0; i != seq.size(); i++)
+        {
+            attrs[i] = new X509Attribute((ASN1Encodable)seq.getObjectAt(i));
+        }
+        
+        return attrs;
+    }
+    
+    public X509Attribute[] getAttributes(String oid)
+    {
+        ASN1Sequence    seq = cert.getAcinfo().getAttributes();
+        List            list = new ArrayList();
+        
+        for (int i = 0; i != seq.size(); i++)
+        {
+            X509Attribute attr = new X509Attribute((ASN1Encodable)seq.getObjectAt(i));
+            if (attr.getOID().equals(oid))
+            {
+                list.add(attr);
+            }
+        }
+        
+        if (list.size() == 0)
+        {
+            return null;
+        }
+        
+        return (X509Attribute[])list.toArray(new X509Attribute[list.size()]);
+    }
+
+    public boolean equals(
+        Object o)
+    {
+        if (o == this)
+        {
+            return true;
+        }
+
+        if (!(o instanceof X509AttributeCertificate))
+        {
+            return false;
+        }
+
+        X509AttributeCertificate other = (X509AttributeCertificate)o;
+
+        try
+        {
+            byte[] b1 = this.getEncoded();
+            byte[] b2 = other.getEncoded();
+
+            return Arrays.areEqual(b1, b2);
+        }
+        catch (IOException e)
+        {
+            return false;
+        }
+    }
+
+    public int hashCode()
+    {
+        try
+        {
+            return Arrays.hashCode(this.getEncoded());
+        }
+        catch (IOException e)
+        {
+            return 0;
+        }
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509V3CertificateGenerator.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509V3CertificateGenerator.java
new file mode 100644
index 0000000..4ac8b9d
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/X509V3CertificateGenerator.java

@@ -0,0 +1,556 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.x509;
+
+import java.io.ByteArrayInputStream;
+import java.io.IOException;
+import java.math.BigInteger;
+import java.security.GeneralSecurityException;
+import java.security.InvalidKeyException;
+import java.security.NoSuchAlgorithmException;
+import java.security.NoSuchProviderException;
+import java.security.PrivateKey;
+import java.security.PublicKey;
+import java.security.SecureRandom;
+import java.security.SignatureException;
+import java.security.cert.CertificateEncodingException;
+import java.security.cert.CertificateParsingException;
+import java.security.cert.X509Certificate;
+import java.util.Date;
+import java.util.Iterator;
+
+import javax.security.auth.x500.X500Principal;
+
+import com.android.org.bouncycastle.asn1.ASN1Encodable;
+import com.android.org.bouncycastle.asn1.ASN1EncodableVector;
+import com.android.org.bouncycastle.asn1.ASN1Encoding;
+import com.android.org.bouncycastle.asn1.ASN1InputStream;
+import com.android.org.bouncycastle.asn1.ASN1Integer;
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.DERBitString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import com.android.org.bouncycastle.asn1.x509.TBSCertificate;
+import com.android.org.bouncycastle.asn1.x509.Time;
+import com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator;
+import com.android.org.bouncycastle.asn1.x509.X509ExtensionsGenerator;
+import com.android.org.bouncycastle.asn1.x509.X509Name;
+import com.android.org.bouncycastle.jcajce.provider.asymmetric.x509.CertificateFactory;
+import com.android.org.bouncycastle.jcajce.util.BCJcaJceHelper;
+import com.android.org.bouncycastle.jcajce.util.JcaJceHelper;
+import com.android.org.bouncycastle.jce.X509Principal;
+import com.android.org.bouncycastle.x509.extension.X509ExtensionUtil;
+
+/**
+ * class to produce an X.509 Version 3 certificate.
+ *  @deprecated use org.bouncycastle.cert.X509v3CertificateBuilder.
+ * @hide This class is not part of the Android public SDK API
+ */
+@libcore.api.CorePlatformApi
+public class X509V3CertificateGenerator
+{
+    private final JcaJceHelper bcHelper = new BCJcaJceHelper(); // needed to force provider loading
+    private final CertificateFactory certificateFactory = new CertificateFactory();
+
+    private V3TBSCertificateGenerator   tbsGen;
+    private ASN1ObjectIdentifier        sigOID;
+    private AlgorithmIdentifier         sigAlgId;
+    private String                      signatureAlgorithm;
+    private X509ExtensionsGenerator     extGenerator;
+
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public X509V3CertificateGenerator()
+    {
+        tbsGen = new V3TBSCertificateGenerator();
+        extGenerator = new X509ExtensionsGenerator();
+    }
+
+    /**
+     * reset the generator
+     */
+    public void reset()
+    {
+        tbsGen = new V3TBSCertificateGenerator();
+        extGenerator.reset();
+    }
+
+    /**
+     * set the serial number for the certificate.
+     */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public void setSerialNumber(
+        BigInteger      serialNumber)
+    {
+        if (serialNumber.compareTo(BigInteger.ZERO) <= 0)
+        {
+            throw new IllegalArgumentException("serial number must be a positive integer");
+        }
+        
+        tbsGen.setSerialNumber(new ASN1Integer(serialNumber));
+    }
+
+    /**
+     * Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the
+     * certificate.
+     */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public void setIssuerDN(
+        X500Principal   issuer)
+    {
+        try
+        {
+            tbsGen.setIssuer(new X509Principal(issuer.getEncoded()));
+        }
+        catch (IOException e)
+        {
+            throw new IllegalArgumentException("can't process principal: " + e);
+        }
+    }
+    
+    /**
+     * Set the issuer distinguished name - the issuer is the entity whose private key is used to sign the
+     * certificate.
+     */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    public void setIssuerDN(
+        X509Name   issuer)
+    {
+        tbsGen.setIssuer(issuer);
+    }
+
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public void setNotBefore(
+        Date    date)
+    {
+        tbsGen.setStartDate(new Time(date));
+    }
+
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public void setNotAfter(
+        Date    date)
+    {
+        tbsGen.setEndDate(new Time(date));
+    }
+
+    /**
+     * Set the subject distinguished name. The subject describes the entity associated with the public key.
+     */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public void setSubjectDN(
+        X500Principal   subject)
+    {
+        try
+        {
+            tbsGen.setSubject(new X509Principal(subject.getEncoded()));
+        }
+        catch (IOException e)
+        {
+            throw new IllegalArgumentException("can't process principal: " + e);
+        }
+    }
+    
+    /**
+     * Set the subject distinguished name. The subject describes the entity associated with the public key.
+     */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    public void setSubjectDN(
+        X509Name   subject)
+    {
+        tbsGen.setSubject(subject);
+    }
+
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public void setPublicKey(
+        PublicKey       key)
+        throws IllegalArgumentException
+    {
+        try
+        {
+            tbsGen.setSubjectPublicKeyInfo(
+                       SubjectPublicKeyInfo.getInstance(new ASN1InputStream(key.getEncoded()).readObject()));
+        }
+        catch (Exception e)
+        {
+            throw new IllegalArgumentException("unable to process key - " + e.toString());
+        }
+    }
+
+    /**
+     * Set the signature algorithm. This can be either a name or an OID, names
+     * are treated as case insensitive.
+     * 
+     * @param signatureAlgorithm string representation of the algorithm name.
+     */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public void setSignatureAlgorithm(
+        String  signatureAlgorithm)
+    {
+        this.signatureAlgorithm = signatureAlgorithm;
+
+        try
+        {
+            sigOID = X509Util.getAlgorithmOID(signatureAlgorithm);
+        }
+        catch (Exception e)
+        {
+            throw new IllegalArgumentException("Unknown signature type requested: " + signatureAlgorithm);
+        }
+
+        sigAlgId = X509Util.getSigAlgID(sigOID, signatureAlgorithm);
+
+        tbsGen.setSignature(sigAlgId);
+    }
+
+    /**
+     * Set the subject unique ID - note: it is very rare that it is correct to do this.
+     */
+    public void setSubjectUniqueID(boolean[] uniqueID)
+    {
+        tbsGen.setSubjectUniqueID(booleanToBitString(uniqueID));
+    }
+
+    /**
+     * Set the issuer unique ID - note: it is very rare that it is correct to do this.
+     */
+    public void setIssuerUniqueID(boolean[] uniqueID)
+    {
+        tbsGen.setIssuerUniqueID(booleanToBitString(uniqueID));
+    }
+
+    private DERBitString booleanToBitString(boolean[] id)
+    {
+        byte[] bytes = new byte[(id.length + 7) / 8];
+
+        for (int i = 0; i != id.length; i++)
+        {
+            bytes[i / 8] |= (id[i]) ? (1 << ((7 - (i % 8)))) : 0;
+        }
+
+        int pad = id.length % 8;
+
+        if (pad == 0)
+        {
+            return new DERBitString(bytes);
+        }
+        else
+        {
+            return new DERBitString(bytes, 8 - pad);
+        }
+    }
+    
+    /**
+     * add a given extension field for the standard extensions tag (tag 3)
+     */
+    public void addExtension(
+        String          oid,
+        boolean         critical,
+        ASN1Encodable    value)
+    {
+        this.addExtension(new ASN1ObjectIdentifier(oid), critical, value);
+    }
+
+    /**
+     * add a given extension field for the standard extensions tag (tag 3)
+     */
+    public void addExtension(
+        ASN1ObjectIdentifier oid,
+        boolean             critical,
+        ASN1Encodable        value)
+    {
+        extGenerator.addExtension(new ASN1ObjectIdentifier(oid.getId()), critical,  value);
+    }
+
+    /**
+     * add a given extension field for the standard extensions tag (tag 3)
+     * The value parameter becomes the contents of the octet string associated
+     * with the extension.
+     */
+    public void addExtension(
+        String          oid,
+        boolean         critical,
+        byte[]          value)
+    {
+        this.addExtension(new ASN1ObjectIdentifier(oid), critical, value);
+    }
+
+    /**
+     * add a given extension field for the standard extensions tag (tag 3)
+     */
+    public void addExtension(
+        ASN1ObjectIdentifier oid,
+        boolean             critical,
+        byte[]              value)
+    {
+        extGenerator.addExtension(new ASN1ObjectIdentifier(oid.getId()), critical, value);
+    }
+
+    /**
+     * add a given extension field for the standard extensions tag (tag 3)
+     * copying the extension value from another certificate.
+     * @throws CertificateParsingException if the extension cannot be extracted.
+     */
+    public void copyAndAddExtension(
+        String          oid,
+        boolean         critical,
+        X509Certificate cert) 
+        throws CertificateParsingException
+    {
+        byte[] extValue = cert.getExtensionValue(oid);
+        
+        if (extValue == null)
+        {
+            throw new CertificateParsingException("extension " + oid + " not present");
+        }
+        
+        try
+        {
+            ASN1Encodable value = X509ExtensionUtil.fromExtensionValue(extValue);
+    
+            this.addExtension(oid, critical, value);
+        }
+        catch (IOException e)
+        {
+            throw new CertificateParsingException(e.toString());
+        }
+    }
+
+    /**
+     * add a given extension field for the standard extensions tag (tag 3)
+     * copying the extension value from another certificate.
+     * @throws CertificateParsingException if the extension cannot be extracted.
+     */
+    public void copyAndAddExtension(
+        ASN1ObjectIdentifier oid,
+        boolean             critical,
+        X509Certificate     cert)
+        throws CertificateParsingException
+    {
+        this.copyAndAddExtension(oid.getId(), critical, cert);
+    }
+
+    /**
+     * generate an X509 certificate, based on the current issuer and subject
+     * using the default provider "BC".
+     * @deprecated use generate(key, "BC")
+     */
+    public X509Certificate generateX509Certificate(
+        PrivateKey      key)
+        throws SecurityException, SignatureException, InvalidKeyException
+    {
+        try
+        {
+            return generateX509Certificate(key, "BC", null);
+        }
+        catch (NoSuchProviderException e)
+        {
+            throw new SecurityException("BC provider not installed!");
+        }
+    }
+
+    /**
+     * generate an X509 certificate, based on the current issuer and subject
+     * using the default provider "BC", and the passed in source of randomness
+     * (if required).
+     * @deprecated use generate(key, random, "BC")
+     */
+    public X509Certificate generateX509Certificate(
+        PrivateKey      key,
+        SecureRandom    random)
+        throws SecurityException, SignatureException, InvalidKeyException
+    {
+        try
+        {
+            return generateX509Certificate(key, "BC", random);
+        }
+        catch (NoSuchProviderException e)
+        {
+            throw new SecurityException("BC provider not installed!");
+        }
+    }
+
+    /**
+     * generate an X509 certificate, based on the current issuer and subject,
+     * using the passed in provider for the signing.
+     * @deprecated use generate()
+     */
+    public X509Certificate generateX509Certificate(
+        PrivateKey      key,
+        String          provider)
+        throws NoSuchProviderException, SecurityException, SignatureException, InvalidKeyException
+    {
+        return generateX509Certificate(key, provider, null);
+    }
+
+    /**
+     * generate an X509 certificate, based on the current issuer and subject,
+     * using the passed in provider for the signing and the supplied source
+     * of randomness, if required.
+     * @deprecated use generate()
+     */
+    public X509Certificate generateX509Certificate(
+        PrivateKey      key,
+        String          provider,
+        SecureRandom    random)
+        throws NoSuchProviderException, SecurityException, SignatureException, InvalidKeyException
+    {
+        try
+        {
+            return generate(key, provider, random);
+        }
+        catch (NoSuchProviderException e)
+        {
+            throw e;
+        }
+        catch (SignatureException e)
+        {
+            throw e;
+        }
+        catch (InvalidKeyException e)
+        {
+            throw e;
+        }
+        catch (GeneralSecurityException e)
+        {
+            throw new SecurityException("exception: " + e);
+        }
+    }
+
+    /**
+     * generate an X509 certificate, based on the current issuer and subject
+     * using the default provider.
+     * <p>
+     * <b>Note:</b> this differs from the deprecated method in that the default provider is
+     * used - not "BC".
+     * </p>
+     */
+    @dalvik.annotation.compat.UnsupportedAppUsage
+    @libcore.api.CorePlatformApi
+    public X509Certificate generate(
+        PrivateKey      key)
+        throws CertificateEncodingException, IllegalStateException, NoSuchAlgorithmException, SignatureException, InvalidKeyException
+    {
+        return generate(key, (SecureRandom)null);
+    }
+
+    /**
+     * generate an X509 certificate, based on the current issuer and subject
+     * using the default provider, and the passed in source of randomness
+     * (if required).
+     * <p>
+     * <b>Note:</b> this differs from the deprecated method in that the default provider is
+     * used - not "BC".
+     * </p>
+     */
+    public X509Certificate generate(
+        PrivateKey      key,
+        SecureRandom    random)
+        throws CertificateEncodingException, IllegalStateException, NoSuchAlgorithmException, SignatureException, InvalidKeyException
+    {
+        TBSCertificate tbsCert = generateTbsCert();
+        byte[] signature;
+
+        try
+        {
+            signature = X509Util.calculateSignature(sigOID, signatureAlgorithm, key, random, tbsCert);
+        }
+        catch (IOException e)
+        {
+            throw new ExtCertificateEncodingException("exception encoding TBS cert", e);
+        }
+
+        try
+        {
+            return generateJcaObject(tbsCert, signature);
+        }
+        catch (Exception e)
+        {
+            throw new ExtCertificateEncodingException("exception producing certificate object", e);
+        }
+    }
+
+    /**
+     * generate an X509 certificate, based on the current issuer and subject,
+     * using the passed in provider for the signing.
+     */
+    public X509Certificate generate(
+        PrivateKey      key,
+        String          provider)
+        throws CertificateEncodingException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException
+    {
+        return generate(key, provider, null);
+    }
+
+    /**
+     * generate an X509 certificate, based on the current issuer and subject,
+     * using the passed in provider for the signing and the supplied source
+     * of randomness, if required.
+     */
+    public X509Certificate generate(
+        PrivateKey      key,
+        String          provider,
+        SecureRandom    random)
+        throws CertificateEncodingException, IllegalStateException, NoSuchProviderException, NoSuchAlgorithmException, SignatureException, InvalidKeyException
+    {
+        TBSCertificate tbsCert = generateTbsCert();
+        byte[] signature;
+
+        try
+        {
+            signature = X509Util.calculateSignature(sigOID, signatureAlgorithm, provider, key, random, tbsCert);
+        }
+        catch (IOException e)
+        {
+            throw new ExtCertificateEncodingException("exception encoding TBS cert", e);
+        }
+
+        try
+        {
+            return generateJcaObject(tbsCert, signature);
+        }
+        catch (Exception e)
+        {
+            throw new ExtCertificateEncodingException("exception producing certificate object", e);
+        }
+    }
+
+    private TBSCertificate generateTbsCert()
+    {
+        if (!extGenerator.isEmpty())
+        {
+            tbsGen.setExtensions(extGenerator.generate());
+        }
+
+        return tbsGen.generateTBSCertificate();
+    }
+
+    private X509Certificate generateJcaObject(TBSCertificate tbsCert, byte[] signature)
+        throws Exception
+    {
+        ASN1EncodableVector v = new ASN1EncodableVector();
+
+        v.add(tbsCert);
+        v.add(sigAlgId);
+        v.add(new DERBitString(signature));
+
+        return (X509Certificate)certificateFactory.engineGenerateCertificate(
+            new ByteArrayInputStream(new DERSequence(v).getEncoded(ASN1Encoding.DER)));
+    }
+
+    /**
+     * Return an iterator of the signature names supported by the generator.
+     * 
+     * @return an iterator containing recognised names.
+     */
+    public Iterator getSignatureAlgNames()
+    {
+        return X509Util.getAlgNames();
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/extension/AuthorityKeyIdentifierStructure.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/extension/AuthorityKeyIdentifierStructure.java
new file mode 100644
index 0000000..630818a
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/extension/AuthorityKeyIdentifierStructure.java

@@ -0,0 +1,149 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.x509.extension;
+
+import java.io.IOException;
+import java.security.InvalidKeyException;
+import java.security.PublicKey;
+import java.security.cert.CertificateParsingException;
+import java.security.cert.X509Certificate;
+
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Sequence;
+import com.android.org.bouncycastle.asn1.x509.AuthorityKeyIdentifier;
+import com.android.org.bouncycastle.asn1.x509.Extension;
+import com.android.org.bouncycastle.asn1.x509.GeneralName;
+import com.android.org.bouncycastle.asn1.x509.GeneralNames;
+import com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo;
+import com.android.org.bouncycastle.asn1.x509.X509Extension;
+import com.android.org.bouncycastle.jce.PrincipalUtil;
+
+/**
+ * A high level authority key identifier.
+ * @deprecated use JcaX509ExtensionUtils and AuthorityKeyIdentifier.getInstance()
+ * @hide This class is not part of the Android public SDK API
+ */
+public class AuthorityKeyIdentifierStructure
+    extends AuthorityKeyIdentifier
+{
+    /**
+     * Constructor which will take the byte[] returned from getExtensionValue()
+     * 
+     * @param encodedValue a DER octet encoded string with the extension structure in it.
+     * @throws IOException on parsing errors.
+     */
+    public AuthorityKeyIdentifierStructure(
+        byte[]  encodedValue)
+        throws IOException
+    {
+        super((ASN1Sequence)X509ExtensionUtil.fromExtensionValue(encodedValue));
+    }
+
+    /**
+     * Constructor which will take an extension
+     *
+     * @param extension a X509Extension object containing an AuthorityKeyIdentifier.
+     * @deprecated use constructor that takes Extension
+     */
+    public AuthorityKeyIdentifierStructure(
+        X509Extension extension)
+    {
+        super((ASN1Sequence)extension.getParsedValue());
+    }
+
+    /**
+     * Constructor which will take an extension
+     *
+     * @param extension a X509Extension object containing an AuthorityKeyIdentifier.
+     */
+    public AuthorityKeyIdentifierStructure(
+        Extension extension)
+    {
+        super((ASN1Sequence)extension.getParsedValue());
+    }
+
+    private static ASN1Sequence fromCertificate(
+        X509Certificate certificate)
+        throws CertificateParsingException
+    {
+        try
+        {
+            if (certificate.getVersion() != 3)
+            {
+                GeneralName          genName = new GeneralName(PrincipalUtil.getIssuerX509Principal(certificate));
+                SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(certificate.getPublicKey().getEncoded());
+                
+                return (ASN1Sequence)new AuthorityKeyIdentifier(
+                               info, new GeneralNames(genName), certificate.getSerialNumber()).toASN1Primitive();
+            }
+            else
+            {
+                GeneralName             genName = new GeneralName(PrincipalUtil.getIssuerX509Principal(certificate));
+                
+                byte[]                  ext = certificate.getExtensionValue(Extension.subjectKeyIdentifier.getId());
+                
+                if (ext != null)
+                {
+                    ASN1OctetString     str = (ASN1OctetString)X509ExtensionUtil.fromExtensionValue(ext);
+                
+                    return (ASN1Sequence)new AuthorityKeyIdentifier(
+                                    str.getOctets(), new GeneralNames(genName), certificate.getSerialNumber()).toASN1Primitive();
+                }
+                else
+                {
+                    SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(certificate.getPublicKey().getEncoded());
+                    
+                    return (ASN1Sequence)new AuthorityKeyIdentifier(
+                            info, new GeneralNames(genName), certificate.getSerialNumber()).toASN1Primitive();
+                }
+            }
+        }
+        catch (Exception e)
+        {
+            throw new CertificateParsingException("Exception extracting certificate details: " + e.toString());
+        }
+    }
+    
+    private static ASN1Sequence fromKey(
+        PublicKey pubKey)
+        throws InvalidKeyException
+    {
+        try
+        {
+            SubjectPublicKeyInfo info = SubjectPublicKeyInfo.getInstance(pubKey.getEncoded());
+        
+            return (ASN1Sequence)new AuthorityKeyIdentifier(info).toASN1Primitive();
+        }
+        catch (Exception e)
+        {
+            throw new InvalidKeyException("can't process key: " + e);
+        }
+    }
+    
+    /**
+     * Create an AuthorityKeyIdentifier using the passed in certificate's public
+     * key, issuer and serial number.
+     * 
+     * @param certificate the certificate providing the information.
+     * @throws CertificateParsingException if there is a problem processing the certificate
+     */
+    public AuthorityKeyIdentifierStructure(
+        X509Certificate certificate)
+        throws CertificateParsingException
+    {
+        super(fromCertificate(certificate));
+    }
+    
+    /**
+     * Create an AuthorityKeyIdentifier using just the hash of the 
+     * public key.
+     * 
+     * @param pubKey the key to generate the hash from.
+     * @throws InvalidKeyException if there is a problem using the key.
+     */
+    public AuthorityKeyIdentifierStructure(
+        PublicKey pubKey) 
+        throws InvalidKeyException
+    {
+        super(fromKey(pubKey));
+    }
+}

diff --git a/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/extension/X509ExtensionUtil.java b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/extension/X509ExtensionUtil.java
new file mode 100644
index 0000000..3bf42e4
--- /dev/null
+++ b/repackaged/bcprov/src/main/java/com/android/org/bouncycastle/x509/extension/X509ExtensionUtil.java

@@ -0,0 +1,115 @@
+/* GENERATED SOURCE. DO NOT MODIFY. */
+package com.android.org.bouncycastle.x509.extension;
+
+import java.io.IOException;
+import java.security.cert.CertificateParsingException;
+import java.security.cert.X509Certificate;
+import java.util.ArrayList;
+import java.util.Collection;
+import java.util.Collections;
+import java.util.Enumeration;
+import java.util.List;
+
+import com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier;
+import com.android.org.bouncycastle.asn1.ASN1OctetString;
+import com.android.org.bouncycastle.asn1.ASN1Primitive;
+import com.android.org.bouncycastle.asn1.ASN1String;
+import com.android.org.bouncycastle.asn1.DEROctetString;
+import com.android.org.bouncycastle.asn1.DERSequence;
+import com.android.org.bouncycastle.asn1.x500.X500Name;
+import com.android.org.bouncycastle.asn1.x509.Extension;
+import com.android.org.bouncycastle.asn1.x509.GeneralName;
+import com.android.org.bouncycastle.util.Integers;
+
+
+/**
+ * @deprecated use org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils
+ * @hide This class is not part of the Android public SDK API
+ */
+public class X509ExtensionUtil
+{
+    /**
+     * @deprecated use org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils.parseExtensionValue()
+     */
+    public static ASN1Primitive fromExtensionValue(
+        byte[]  encodedValue) 
+        throws IOException
+    {
+        ASN1OctetString octs = (ASN1OctetString)ASN1Primitive.fromByteArray(encodedValue);
+        
+        return ASN1Primitive.fromByteArray(octs.getOctets());
+    }
+
+    /**
+     * @deprecated use org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils.getIssuerAlternativeNames()
+     */
+    public static Collection getIssuerAlternativeNames(X509Certificate cert)
+            throws CertificateParsingException
+    {
+        byte[] extVal = cert.getExtensionValue(Extension.issuerAlternativeName.getId());
+
+        return getAlternativeNames(extVal);
+    }
+
+    /**
+     * @deprecated use org.bouncycastle.cert.jcajce.JcaX509ExtensionUtils.getSubjectAlternativeNames()
+     */
+    public static Collection getSubjectAlternativeNames(X509Certificate cert)
+            throws CertificateParsingException
+    {        
+        byte[] extVal = cert.getExtensionValue(Extension.subjectAlternativeName.getId());
+
+        return getAlternativeNames(extVal);
+    }
+
+    private static Collection getAlternativeNames(byte[] extVal)
+        throws CertificateParsingException
+    {
+        if (extVal == null)
+        {
+            return Collections.EMPTY_LIST;
+        }
+        try
+        {
+            Collection temp = new ArrayList();
+            Enumeration it = DERSequence.getInstance(fromExtensionValue(extVal)).getObjects();
+            while (it.hasMoreElements())
+            {
+                GeneralName genName = GeneralName.getInstance(it.nextElement());
+                List list = new ArrayList();
+                list.add(Integers.valueOf(genName.getTagNo()));
+                switch (genName.getTagNo())
+                {
+                case GeneralName.ediPartyName:
+                case GeneralName.x400Address:
+                case GeneralName.otherName:
+                    list.add(genName.getName().toASN1Primitive());
+                    break;
+                case GeneralName.directoryName:
+                    list.add(X500Name.getInstance(genName.getName()).toString());
+                    break;
+                case GeneralName.dNSName:
+                case GeneralName.rfc822Name:
+                case GeneralName.uniformResourceIdentifier:
+                    list.add(((ASN1String)genName.getName()).getString());
+                    break;
+                case GeneralName.registeredID:
+                    list.add(ASN1ObjectIdentifier.getInstance(genName.getName()).getId());
+                    break;
+                case GeneralName.iPAddress:
+                    list.add(DEROctetString.getInstance(genName.getName()).getOctets());
+                    break;
+                default:
+                    throw new IOException("Bad tag number: " + genName.getTagNo());
+                }
+
+                temp.add(list);
+            }
+            return Collections.unmodifiableCollection(temp);
+        }
+        catch (Exception e)
+        {
+            throw new CertificateParsingException(e.getMessage());
+        }
+    }
+}

diff --git a/srcgen/core-platform-api.txt b/srcgen/core-platform-api.txt
new file mode 100644
index 0000000..92025ea
--- /dev/null
+++ b/srcgen/core-platform-api.txt

@@ -0,0 +1,125 @@
+field:com.android.org.bouncycastle.asn1.DERNull#INSTANCE
+field:com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers#sha256WithRSAEncryption
+field:com.android.org.bouncycastle.asn1.x509.GeneralName#dNSName
+field:com.android.org.bouncycastle.asn1.x509.GeneralName#iPAddress
+field:com.android.org.bouncycastle.asn1.x509.GeneralName#otherName
+field:com.android.org.bouncycastle.asn1.x509.X509Name#CN
+field:com.android.org.bouncycastle.asn1.x509.X509Name#DefaultSymbols
+field:com.android.org.bouncycastle.asn1.x509.X509Name#O
+field:com.android.org.bouncycastle.asn1.x509.X509Name#OU
+field:com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers#ecdsa_with_SHA256
+method:com.android.org.bouncycastle.asn1.ASN1BitString#hashCode()
+method:com.android.org.bouncycastle.asn1.ASN1EncodableVector#add(ASN1Encodable)
+method:com.android.org.bouncycastle.asn1.ASN1EncodableVector#ASN1EncodableVector()
+method:com.android.org.bouncycastle.asn1.ASN1InputStream#ASN1InputStream(byte[])
+method:com.android.org.bouncycastle.asn1.ASN1InputStream#ASN1InputStream(InputStream)
+method:com.android.org.bouncycastle.asn1.ASN1InputStream#readObject()
+method:com.android.org.bouncycastle.asn1.ASN1Integer#ASN1Integer(BigInteger)
+method:com.android.org.bouncycastle.asn1.ASN1Null#hashCode()
+method:com.android.org.bouncycastle.asn1.ASN1Object#ASN1Object()
+method:com.android.org.bouncycastle.asn1.ASN1Object#getEncoded()
+method:com.android.org.bouncycastle.asn1.ASN1Object#getEncoded(String)
+method:com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier#ASN1ObjectIdentifier(String)
+method:com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier#getId()
+method:com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier#getInstance(Object)
+method:com.android.org.bouncycastle.asn1.ASN1OctetString#getOctets()
+method:com.android.org.bouncycastle.asn1.ASN1OctetString#hashCode()
+method:com.android.org.bouncycastle.asn1.ASN1Sequence#getObjectAt(int)
+method:com.android.org.bouncycastle.asn1.ASN1Sequence#hashCode()
+method:com.android.org.bouncycastle.asn1.ASN1Sequence#size()
+method:com.android.org.bouncycastle.asn1.ASN1TaggedObject#getObject()
+method:com.android.org.bouncycastle.asn1.ASN1TaggedObject#hashCode()
+method:com.android.org.bouncycastle.asn1.DERBitString#DERBitString(byte[])
+method:com.android.org.bouncycastle.asn1.DERInteger#DERInteger(long)
+method:com.android.org.bouncycastle.asn1.DEROctetString#DEROctetString(byte[])
+method:com.android.org.bouncycastle.asn1.DERSequence#DERSequence()
+method:com.android.org.bouncycastle.asn1.DERSequence#DERSequence(ASN1EncodableVector)
+method:com.android.org.bouncycastle.asn1.DERTaggedObject#DERTaggedObject(int,ASN1Encodable)
+method:com.android.org.bouncycastle.asn1.DERUTF8String#DERUTF8String(String)
+method:com.android.org.bouncycastle.asn1.DERUTF8String#getString()
+method:com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo#getInstance(Object)
+method:com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo#getPrivateKeyAlgorithm()
+method:com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier#AlgorithmIdentifier(ASN1ObjectIdentifier)
+method:com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier#AlgorithmIdentifier(ASN1ObjectIdentifier,ASN1Encodable)
+method:com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier#getAlgorithm()
+method:com.android.org.bouncycastle.asn1.x509.BasicConstraints#getInstance(Object)
+method:com.android.org.bouncycastle.asn1.x509.BasicConstraints#isCA()
+method:com.android.org.bouncycastle.asn1.x509.Certificate#getInstance(Object)
+method:com.android.org.bouncycastle.asn1.x509.GeneralName#GeneralName(int,ASN1Encodable)
+method:com.android.org.bouncycastle.asn1.x509.GeneralName#GeneralName(int,String)
+method:com.android.org.bouncycastle.asn1.x509.GeneralName#getTagNo()
+method:com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo#getInstance(Object)
+method:com.android.org.bouncycastle.asn1.x509.Time#Time(Date)
+method:com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator#generateTBSCertificate()
+method:com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator#setEndDate(Time)
+method:com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator#setIssuer(X509Name)
+method:com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator#setSerialNumber(ASN1Integer)
+method:com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator#setSignature(AlgorithmIdentifier)
+method:com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator#setStartDate(Time)
+method:com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator#setSubjectPublicKeyInfo(SubjectPublicKeyInfo)
+method:com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator#setSubject(X509Name)
+method:com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator#V3TBSCertificateGenerator()
+method:com.android.org.bouncycastle.asn1.x509.X509Name#getInstance(Object)
+method:com.android.org.bouncycastle.asn1.x509.X509Name#getOIDs()
+method:com.android.org.bouncycastle.asn1.x509.X509Name#getValues()
+method:com.android.org.bouncycastle.asn1.x509.X509Name#toString(boolean,Hashtable)
+method:com.android.org.bouncycastle.asn1.x509.X509Name#X509Name(String)
+method:com.android.org.bouncycastle.jce.provider.BouncyCastleProvider#BouncyCastleProvider()
+method:com.android.org.bouncycastle.jce.provider.X509CertificateObject#X509CertificateObject(com.android.org.bouncycastle.asn1.x509.Certificate)
+method:com.android.org.bouncycastle.jce.X509Principal#X509Principal(byte[])
+method:com.android.org.bouncycastle.util.io.pem.PemObject#getContent()
+method:com.android.org.bouncycastle.util.io.pem.PemObject#getType()
+method:com.android.org.bouncycastle.util.io.pem.PemObject#PemObject(String,byte[])
+method:com.android.org.bouncycastle.util.io.pem.PemReader#PemReader(Reader)
+method:com.android.org.bouncycastle.util.io.pem.PemReader#readPemObject()
+method:com.android.org.bouncycastle.util.io.pem.PemWriter#PemWriter(Writer)
+method:com.android.org.bouncycastle.util.io.pem.PemWriter#writeObject(PemObjectGenerator)
+method:com.android.org.bouncycastle.x509.X509V3CertificateGenerator#generate(PrivateKey)
+method:com.android.org.bouncycastle.x509.X509V3CertificateGenerator#setIssuerDN(X500Principal)
+method:com.android.org.bouncycastle.x509.X509V3CertificateGenerator#setNotAfter(Date)
+method:com.android.org.bouncycastle.x509.X509V3CertificateGenerator#setNotBefore(Date)
+method:com.android.org.bouncycastle.x509.X509V3CertificateGenerator#setPublicKey(PublicKey)
+method:com.android.org.bouncycastle.x509.X509V3CertificateGenerator#setSerialNumber(BigInteger)
+method:com.android.org.bouncycastle.x509.X509V3CertificateGenerator#setSignatureAlgorithm(String)
+method:com.android.org.bouncycastle.x509.X509V3CertificateGenerator#setSubjectDN(X500Principal)
+method:com.android.org.bouncycastle.x509.X509V3CertificateGenerator#X509V3CertificateGenerator()
+type:com.android.org.bouncycastle.asn1.ASN1BitString
+type:com.android.org.bouncycastle.asn1.ASN1Encodable
+type:com.android.org.bouncycastle.asn1.ASN1EncodableVector
+type:com.android.org.bouncycastle.asn1.ASN1InputStream
+type:com.android.org.bouncycastle.asn1.ASN1Integer
+type:com.android.org.bouncycastle.asn1.ASN1Null
+type:com.android.org.bouncycastle.asn1.ASN1Object
+type:com.android.org.bouncycastle.asn1.ASN1ObjectIdentifier
+type:com.android.org.bouncycastle.asn1.ASN1OctetString
+type:com.android.org.bouncycastle.asn1.ASN1Primitive
+type:com.android.org.bouncycastle.asn1.ASN1Sequence
+type:com.android.org.bouncycastle.asn1.ASN1TaggedObject
+type:com.android.org.bouncycastle.asn1.DERBitString
+type:com.android.org.bouncycastle.asn1.DERInteger
+type:com.android.org.bouncycastle.asn1.DERNull
+type:com.android.org.bouncycastle.asn1.DEROctetString
+type:com.android.org.bouncycastle.asn1.DERSequence
+type:com.android.org.bouncycastle.asn1.DERTaggedObject
+type:com.android.org.bouncycastle.asn1.DERUTF8String
+type:com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers
+type:com.android.org.bouncycastle.asn1.pkcs.PrivateKeyInfo
+type:com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier
+type:com.android.org.bouncycastle.asn1.x509.BasicConstraints
+type:com.android.org.bouncycastle.asn1.x509.Certificate
+type:com.android.org.bouncycastle.asn1.x509.GeneralName
+type:com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo
+type:com.android.org.bouncycastle.asn1.x509.TBSCertificate
+type:com.android.org.bouncycastle.asn1.x509.Time
+type:com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator
+type:com.android.org.bouncycastle.asn1.x509.X509Name
+type:com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers
+type:com.android.org.bouncycastle.jce.provider.BouncyCastleProvider
+type:com.android.org.bouncycastle.jce.provider.X509CertificateObject
+type:com.android.org.bouncycastle.jce.X509Principal
+type:com.android.org.bouncycastle.util.io.pem.PemObject
+type:com.android.org.bouncycastle.util.io.pem.PemObjectGenerator
+type:com.android.org.bouncycastle.util.io.pem.PemReader
+type:com.android.org.bouncycastle.util.io.pem.PemWriter
+type:com.android.org.bouncycastle.util.Iterable
+type:com.android.org.bouncycastle.x509.X509V3CertificateGenerator

diff --git a/srcgen/default-constructors.txt b/srcgen/default-constructors.txt
new file mode 100644
index 0000000..4748768
--- /dev/null
+++ b/srcgen/default-constructors.txt

@@ -0,0 +1 @@
+com.android.org.bouncycastle.asn1.ASN1Object

diff --git a/srcgen/generate_android_src.sh b/srcgen/generate_android_src.sh
new file mode 100755
index 0000000..5fcfd12
--- /dev/null
+++ b/srcgen/generate_android_src.sh

@@ -0,0 +1,58 @@
+#!/bin/bash
+# Copyright (C) 2018 The Android Open Source Project
+#
+# Licensed under the Apache License, Version 2.0 (the "License");
+# you may not use this file except in compliance with the License.
+# You may obtain a copy of the License at
+#
+#      http://www.apache.org/licenses/LICENSE-2.0
+#
+# Unless required by applicable law or agreed to in writing, software
+# distributed under the License is distributed on an "AS IS" BASIS,
+# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+# See the License for the specific language governing permissions and
+# limitations under the License.
+
+if [ -z "$ANDROID_BUILD_TOP" ]; then
+    echo "Missing environment variables. Did you run build/envsetup.sh and lunch?" 1>&2
+    exit 1
+fi
+
+CLASSPATH=${ANDROID_HOST_OUT}/framework/currysrc.jar
+BOUNCY_CASTLE_DIR=${ANDROID_BUILD_TOP}/external/bouncycastle
+
+cd ${ANDROID_BUILD_TOP}
+make -j15 currysrc
+
+CORE_PLATFORM_API_FILE=${BOUNCY_CASTLE_DIR}/srcgen/core-platform-api.txt
+UNSUPPORTED_APP_USAGE_FILE=${BOUNCY_CASTLE_DIR}/srcgen/unsupported-app-usage.json
+DEFAULT_CONSTRUCTORS_FILE=${BOUNCY_CASTLE_DIR}/srcgen/default-constructors.txt
+
+function do_transform() {
+  local SRC_IN_DIR=$1
+  local SRC_OUT_DIR=$2
+
+  if [ ! -d $SRC_OUT_DIR ]; then
+    echo ${SRC_OUT_DIR} does not exist >&2
+    exit 1
+  fi
+  rm -rf ${SRC_OUT_DIR}
+  mkdir -p ${SRC_OUT_DIR}
+
+  java -cp ${CLASSPATH} com.google.currysrc.aosp.RepackagingTransform \
+       --source-dir ${SRC_IN_DIR} \
+       --target-dir ${SRC_OUT_DIR} \
+       --package-transformation "org.bouncycastle:com.android.org.bouncycastle" \
+       --core-platform-api-file ${CORE_PLATFORM_API_FILE} \
+       --unsupported-app-usage-file ${UNSUPPORTED_APP_USAGE_FILE} \
+       --default-constructors ${DEFAULT_CONSTRUCTORS_FILE} \
+
+}
+
+REPACKAGED_DIR=${BOUNCY_CASTLE_DIR}/repackaged
+BCPROV_SRC_IN_DIR=${BOUNCY_CASTLE_DIR}/bcprov/src/main/java
+BCPROV_SRC_OUT_DIR=${REPACKAGED_DIR}/bcprov/src/main/java
+do_transform ${BCPROV_SRC_IN_DIR} ${BCPROV_SRC_OUT_DIR}
+
+# Remove some unused source files:
+rm -fr ${REPACKAGED_DIR}/bcprov/src/main/java/com/android/org/bouncycastle/asn1/ocsp/

diff --git a/srcgen/unsupported-app-usage.json b/srcgen/unsupported-app-usage.json
new file mode 100644
index 0000000..d30c351
--- /dev/null
+++ b/srcgen/unsupported-app-usage.json

@@ -0,0 +1,163 @@
+// See com.google.currysrc.aosp.Annotations.addUnsupportedAppUsage(Path) method for details on the
+// syntax.
+[
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.ASN1EncodableVector#ASN1EncodableVector()"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.ASN1EncodableVector#add(ASN1Encodable)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.ASN1InputStream#ASN1InputStream(InputStream)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.ASN1InputStream#ASN1InputStream(byte[])"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.ASN1InputStream#readObject()"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.ASN1Integer#ASN1Integer(BigInteger)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.DERBitString#DERBitString(byte[])"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.DEREncodableVector#DEREncodableVector()"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.DERInteger#DERInteger(long)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.DERInteger#DERInteger(BigInteger)"
+  },
+  {
+    "@location": "field:com.android.org.bouncycastle.asn1.DERNull#INSTANCE"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.DERObjectIdentifier#DERObjectIdentifier(String)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.DEROctetString#DEROctetString(byte[])"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.DEROutputStream#DEROutputStream(OutputStream)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.DERSequence#DERSequence()"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.DERSequence#DERSequence(ASN1EncodableVector)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.DERSet#DERSet(ASN1EncodableVector)"
+  },
+  {
+    "@location": "field:com.android.org.bouncycastle.asn1.pkcs.PKCSObjectIdentifiers#sha256WithRSAEncryption"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier#AlgorithmIdentifier(ASN1ObjectIdentifier)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.x509.AlgorithmIdentifier#AlgorithmIdentifier(ASN1ObjectIdentifier,ASN1Encodable)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.x509.Certificate#getInstance(Object)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.x509.DigestInfo#DigestInfo(AlgorithmIdentifier,byte[])"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.x509.SubjectPublicKeyInfo#getInstance(Object)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.x509.Time#Time(Date)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator#V3TBSCertificateGenerator()"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator#generateTBSCertificate()"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator#setEndDate(Time)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator#setIssuer(X509Name)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator#setSerialNumber(ASN1Integer)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator#setSignature(AlgorithmIdentifier)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator#setStartDate(Time)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator#setSubject(X509Name)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.x509.V3TBSCertificateGenerator#setSubjectPublicKeyInfo(SubjectPublicKeyInfo)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.x509.X509Name#X509Name(ASN1Sequence)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.x509.X509Name#X509Name(String)"
+  },
+  {
+    "@location": "field:com.android.org.bouncycastle.asn1.x509.X509Name#CN"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.x509.X509Name#getOIDs()"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.asn1.x509.X509Name#getValues()"
+  },
+  {
+    "@location": "field:com.android.org.bouncycastle.asn1.x9.X9ObjectIdentifiers#ecdsa_with_SHA256"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.jce.provider.BouncyCastleProvider#BouncyCastleProvider()"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.jce.provider.X509CertificateObject#X509CertificateObject(com.android.org.bouncycastle.asn1.x509.Certificate)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.jce.X509Principal#X509Principal(byte[])"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.x509.X509V3CertificateGenerator#X509V3CertificateGenerator()"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.x509.X509V3CertificateGenerator#generate(PrivateKey)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.x509.X509V3CertificateGenerator#setIssuerDN(X509Name)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.x509.X509V3CertificateGenerator#setIssuerDN(X500Principal)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.x509.X509V3CertificateGenerator#setNotAfter(Date)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.x509.X509V3CertificateGenerator#setNotBefore(Date)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.x509.X509V3CertificateGenerator#setPublicKey(PublicKey)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.x509.X509V3CertificateGenerator#setSerialNumber(BigInteger)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.x509.X509V3CertificateGenerator#setSignatureAlgorithm(String)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.x509.X509V3CertificateGenerator#setSubjectDN(X509Name)"
+  },
+  {
+    "@location": "method:com.android.org.bouncycastle.x509.X509V3CertificateGenerator#setSubjectDN(X500Principal)"
+  }
+]
commit	27254450f01adef5f4bb25a648d42eeacc14c438	[log] [tgz]
author	Adam Vartanian <flooey@google.com>	Thu Feb 14 14:42:19 2019 +0000
committer	Adam Vartanian <flooey@google.com>	Mon Feb 18 10:18:52 2019 +0000
tree	90eb8fa6c24a44780cc4c4be2d50555f955d29f4
parent	bdfb209e7c1139588c82722a809c46667775a314 [diff]
parent	1b335c5efbcf241b55345622fe9978047c3fdf9e [diff]